搜索到
9
篇与
的结果
-
配置一台YUM源服务器 先下载好镜像下面这个是阿里的镜像站,可以自己选择版本https://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/?spm=a2c6h.25603864.0.0.18a9f5adJSpgfw1.测试环境准备两台CentOS7.9操作系统的服务器或虚拟机,host01作为服务端,host02作为客户端,要确保客户端必须可以访问到服务端; 准备好CentOS7.9的ISO文件:CentOS-7-x86_64-DVD-2009.iso 关闭防火墙和SELinux,开启防火墙的情况下需要开放80端口,因为下面我使用web软件对外提供服务。2.测试场景测试过程中分为以下两种情况: (1)仅将ISO文件中的安装包上传到服务器中; (2)需要自定义软件包,比如将ISO文件中的安装包和自己下载的软件包一起放在YUM源服务器中; 两种情况也可以理解成一种,实际上它们都是rpm包。3.前提条件需要在服务端安装web服务,这里使用Apache,也可以使用Nginx;安装Apache:yum install httpd -y如果服务端不能访问外面,需要先配置本地YUM源,本地YUM源的方法见本文末尾。启动服务:systemctl start httpd当然服务端不强制使用web服务,也可以使用ftp服务。4.仅使用ISO文件中的安装包这个需求是最简单的,因为ISO文件中自带软件包索引文件,不需要额外创建。4.1挂载ISO文件挂载ISO文件后,可以看到以下目录及文件:重点是Packages和repodata两个目录,KEY文件可以不使用。基本Packages包含所有软件包,repodata包含软件包的索引文件。4.2拷贝ISO中的软件包到服务端创建目录:mkdir /var/www/html/CentOS7.9拷贝文件:cp -a /mnt/Packages /var/www/html/CentOS7.9 cp -a /mnt/repodata /var/www/html/CentOS7.9http://192.168.110.51/CentOS7.9/4.3配置客户端测试[root@localhost yum.repos.d]# cat /etc/yum.repos.d/local.repo [Local_YUM] name=Local_YUM baseurl=http://192.168.110.51/CentOS7.9 enable=1 gpgcheck=0 [root@localhost yum.repos.d]# yum makecache 已加载插件:fastestmirrorLoading mirror speeds from cached hostfileLocal_YUM | 3.6 kB 00:00:00 Local_YUM/group_gz FAILED http://192.168.110.51/CentOS7.9/repodata/a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301-c7-x86_64-comps.xml.gz: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。To address this issue please refer to the below wiki article https://wiki.centos.org/yum-errorsIf above article doesn't help to resolve this issue please use https://bugs.centos.org/.Local_YUM/primary_db FAILED http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/filelists_db FAILED http://192.168.110.51/CentOS7.9/repodata/60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/other_db FAILED http://192.168.110.51/CentOS7.9/repodata/9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/primary_db FAILED http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/other_db FAILED http://192.168.110.51/CentOS7.9/repodata/9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。Local_YUM/filelists_db FAILED http://192.168.110.51/CentOS7.9/repodata/60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found 正在尝试其它镜像。 One of the configured repositories failed (Local_YUM), and yum doesn't have enough cached data to continue. At this point the only safe thing yum can do is fail. There are a few ways to work "fix" this: 1. Contact the upstream for the repository and get them to fix the problem. 2. Reconfigure the baseurl/etc. for the repository, to point to a working upstream. This is most often useful if you are using a newer distribution release than is supported by the repository (and the packages for the previous distribution release still work). 3. Run the command with the repository temporarily disabled yum --disablerepo=Local_YUM ... 4. Disable the repository permanently, so yum won't use it by default. Yum will then just ignore the repository until you permanently enable it again or use --enablerepo for temporary usage: yum-config-manager --disable Local_YUM or subscription-manager repos --disable=Local_YUM 5. Configure the failing repository to be skipped, if it is unavailable. Note that yum will try to contact the repo. when it runs most commands, so will have to try and fail each time (and thus. yum will be be much slower). If it is a very temporary problem though, this is often a nice compromise: yum-config-manager --save --setopt=Local_YUM.skip_if_unavailable=truefailure: repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2 from Local_YUM: [Errno 256] No more mirrors to try.http://192.168.110.51/CentOS7.9/repodata/0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2: [Errno 14] HTTP Error 404 - Not Found如果报错的话repodata的元数据有问题,这问题是没有后缀手动生成了后缀。mv a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301 a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301-c7-x86_64-comps.xml.gz mv 0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1 0e82d111931e402316702696ae4178e65673dc0f9c23a2bb012d192cb2625ea1-primary.sqlite.bz2 mv 60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da 60aa4673bf5fa63d1a7a640ef407b8e48fe5b3337720d844a29a53fec130d6da-filelists.sqlite.bz2 mv 9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53 9d6292fa12fd9ca472fafa8c0b348c3e1f139681aa066d41dc53b3563bcd1f53-other.sqlite.bz2另一种方式是使用createrepo重新生成元数据:createrepo /path/to/your/local/repo4.3.1 配置YUM文件将原有的配置文件删除,新建一个:rm -rf /etc/yum.repos.d/* touch /etc/yum.repos.d/local.repo #注意文件名必须以repo结尾vi /etc/yum.repos.d/local.repo [Local_YUM] name=Local_YUM baseurl=http://192.168.110.51/CentOS7.9 enable=1 gpgcheck=04.3.2 更新YUM缓存yum clean all yum makecache4.3.3 安装软件包安装一个系统中未安装的软件包,这里以wget软件为例:rpm -qa | grep wget #查看wget软件包是否安装 yum install wget -y #安装wget5.添加自定义安装包到YUM服务器中5.1准备软件包比如需要安装数据库:MariaDB-server-10.11.7,此时YUM服务器是不存在这些软件包的,先把软件包上传到服务器中,如:MariaDB-server目录中包含了MariaDB-server-10.11.7和MariaDB-client-10.11.7所需要的依赖包,但只有rpm包还不能使用,需要为它们创建索引文件。5.2创建索引创建索引需要使用createrepo命令,默认情况下未安装该命令,安装createrepo:yum install createrepo -y比如说安装MariaDB先去官网将其复制并粘贴到 /etc/yum.repos.d 下的文件中(建议将文件命名为 MariaDB.repo 或类似名称)。 # MariaDB 11.4 CentOS repository list - created 2024-07-15 08:20 UTC # https://mariadb.org/download/ [mariadb] name = MariaDB # rpm.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details. # baseurl = https://rpm.mariadb.org/11.4/centos/$releasever/$basearch baseurl = https://mirror.rackspace.com/mariadb/yum/11.4/centos/$releasever/$basearch module_hotfixes = 1 # gpgkey = https://rpm.mariadb.org/RPM-GPG-KEY-MariaDB gpgkey = https://mirror.rackspace.com/mariadb/yum/RPM-GPG-KEY-MariaDB gpgcheck = 1sudo yum --downloadonly --downloaddir=/root/abc install MariaDB-server MariaDB-client 可以把安装包和依赖包缓存起来并且指定路径创建索引信息:createrepo -v /var/www/html/MariaDB-server因为之前配置ISO文件中的软件包不包含MariaDB 10.11.7版本,所以还无法安装成功。5.3.1配置YUM文件touch /etc/yum.repos.d/mariadb.repo vi /etc/yum.repos.d/mariadb.repo [Mariadb_YUM] name=Mariadb_YUM baseurl=http://192.168.110.51/MariaDB-server enable=1 gpgcheck=05.3.2更新YUM缓存yum install MariaDB-server-11.4.2 MariaDB-client-11.4.2已经可以安装成功了。6.总结至此,我们已经拥有一台在内网可以使用的YUM服务器了;以上也可以将所有rpm软件包放在同一个目录中,使用createrepo命令创建索引,以上为了区分配置了两个目录;重点操作:在客户端配置YUM文件中的baseurl时,路径为repodata目录所在的目录,比如repodata目录在MariaDB-server中,则写成:baseurl=http://192.168.110.51/MariaDB-server附录:(1)挂载ISO文件如果使用的是VMWare虚拟机管理工具,把iso文件挂载到光驱中,然后挂载,比如将镜像到mnt目录下:mount /dev/cdrom /mnt如果是其他方式,可以将iso文件上传到操作系统中,其后挂载:mount -o loop CentOS-7-x86_64-DVD-1810.iso /mnt(2)移除/备份系统当前YUM文件备份当前系统中的YUM源配置文件:mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak(3)创建并配置YUM文件vim /etc/yum.repos.d/localyum.repo增加内容如下:[CentOS7.6] name=CentOS7.6 Local YUMbaseurl=file:///mnt gpgcheck=0 enabled=1参数说明: 参数说明: [CentOS7.6] #名称,需自定义,确保在YUM配置文件中唯一 name=CentOS7.6 Local YUM #描述信息 baseurl=file:///mnt #设置 yum 源目录为mnt,根据挂载的目录而定 gpgcheck=0 #检查GPG-KEY,0为不检查,1为检查 enabled=1 #是否用该yum源,0为禁用,1为使用更新软件包索引:yum clean all yum makecache -
rockylinux 9.3详细安装drbd+keepalived drbd参考上一篇博客先明确主服务器的keepalivde的配置drbd关闭时执行的脚本 keepalivde关闭时执行的脚本 故障恢复主服务器自动抢回vip的脚本 脚本记得给执行权限从服务器的keepalivde的配置主服务器失效后,从服务器自动挂载,并且成为主服务器,vip也会跟随过来。 原主服务器正常后,主服务器自动降为从服务器,并且取消挂载,vip也会自动转移走。两台主机操作drbdadm status #确定drbd正常工作 dnf install -y keepalivedalpha节点操作/etc/keepalived/keepalived.conf! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id DRBD_HA_MASTER } vrrp_script chk_drbd { script "/etc/keepalived/check_drbd.sh" interval 5 } vrrp_instance VI_1 { state MASTER interface ens160 virtual_router_id 51 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_drbd } notify_stop /etc/keepalived/notify_stop.sh ### keepalived服务关闭执行的脚本 notify_master /etc/keepalived/notify_master.sh ### 重新拿回 master 的脚本 virtual_ipaddress { 192.168.110.88 ### vip 请选择一个没有在占用的IP地址 } }通过上面的配置文件,这里需要编写三个脚本,如下:/etc/keepalived/check_drbd.sh#!/bin/bash # Author:hukey systemctl is-active --quiet drbd if [ $? -ne 0 ]; then systemctl start drbd if [ $? -ne 0 ]; then umount /mnt drbdadm secondary drbd0 systemctl stop keepalived fi fi/etc/keepalived/notify_stop.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_stop------\n" >> /etc/keepalived/logs/notify_stop.log umount /mnt drbdadm secondary drbd0 /usr/sbin/fuser -k /mnt &>> /etc/keepalived/logs/notify_stop.log /bin/umount /mnt &>> /etc/keepalived/logs/notify_stop.log echo -e "\n" >> /etc/keepalived/logs/notify_stop.log/etc/keepalived/notify_master.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_master------\n" >> /etc/keepalived/logs/notify_master.log systemctl start drbd &>> /etc/keepalived/logs/notify_master.log for (( i=1; i <=3; i++)) do drbdadm status | egrep -q 'Primary' if [ $? -ne 0 ]; then mount /mnt drbdadm primary drbd0 /bin/mount /dev/drbd0 /mnt &>> /etc/keepalived/logs/notify_master.log break else sleep 3 fi done echo -e "\n" >> /etc/keepalived/logs/notify_master.脚本所需目录和命令yum install -y psmisc mkdir -pv /etc/keepalived/logs------------------------alpha节点操作完毕------------------------bravo节点操作/etc/keepalived/keepalived.conf! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id DRBD_HA_BACKUP } vrrp_instance VI_1 { state BACKUP interface ens160 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } notify_master /etc/keepalived/notify_master.sh notify_backup /etc/keepalived/notify_backup.sh virtual_ipaddress { 192.168.110.88 } }/etc/keepalived/notify_master.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_master------\n" >> /etc/keepalived/logs/notify_master.log systemctl start drbd &>> /etc/keepalived/logs/notify_master.log for (( i=1; i <=3; i++)) do drbdadm status | egrep -q 'Primary' if [ $? -ne 0 ]; then drbdadm primary drbd0 mount /dev/drbd0 /mnt /bin/mount /dev/drbd0 /mnt &>> /etc/keepalived/logs/notify_master.log break else sleep 3 fi done echo -e "\n" >> /etc/keepalived/logs/notify_master.log/etc/keepalived/notify_backup.sh#!/bin/bash # Author:hukey time=`date "+%F %H:%M:%S"` echo -e "$time ------notify_backup------\n" &>> /etc/keepalived/logs/notify_backup.log umount /mnt drbdadm secondary drbd0 /usr/sbin/fuser -k /data &>> /etc/keepalived/logs/notify_backup.log /bin/umount /dev/drbd0 &>> /etc/keepalived/logs/notify_backup.log echo $time echo -e "\n" &>> /etc/keepalived/logs/notify_backup.log启动服务 两台主机操作#开机自启 systemctl enable drbd keepalived systemctl restart drbd keepalived启动后查看 alpha 节点 VIP 和 目录是否挂载:注意: 如果发现 vip 或者 drbd 没有挂载,检查一下配置文件是否有问题。测试1.关闭 alpha 节点 keepalived 服务systemctl stop keepalived2.查看 bravo 节点是否升级为主节点3.alpha开启节点 keepalived 服务 bravo 节点关闭keepalived 服务如果vip会自动漂移和会自动挂载就说明成功了还有一个可以测试的,主服务器systemctl stop drbd,五秒后使用systemctl status drbd查看,如果已经启动说明脚本基本没问题。最后drbd+keepalived就完成了,还可以加上nfs。nfs比较简单就不写了。。。
-
rockylinux 9.3详细安装drbd 提前准备好1.主机名提前改好 hostnamectl set-hostname #改主机名字 2.硬盘提前准备好可以用lvs以后方便扩容 fdisk /dev/ #你的硬盘 3.时间要更新好,防火墙关闭 setenforce 0 systemctl stop firewalld iptables -t filter -F开始安装sudo dnf update sudo dnf install https://www.elrepo.org/elrepo-release-9.el9.elrepo.noarch.rpm -y sudo dnf install drbd drbd-utils -y sudo dnf install epel-release -y sudo dnf install kmod-drbd9x -y dnf search drbd #查询drbd安装包加载内核[root@alpha ~]# sudo modprobe drbd [root@alpha ~]# lsmod | grep drbd drbd 983040 0 libcrc32c 16384 5 nf_conntrack,nf_nat,nf_tables,xfs,drbd配置 DRBD 资源文件,确保配置中的节点 IP 地址和磁盘设备路径正确。[root@alpha ~]# cat /etc/drbd.d/drbd0.res resource drbd0 { disk /dev/nvme0n2p1; #要根据自己配置改 device /dev/drbd0; meta-disk internal; on alpha { address 192.168.110.204:7789; #要根据自己配置改 } on bravo { address 192.168.110.201:7789; #要根据自己配置改 } }[root@alpha ~]# cat /etc/drbd.d/global_common.conf global { usage-count no; } common { net { protocol C; } }创建 DRBD 资源元数据在两个节点上执行以下命令来创建 DRBD 资源元数据:sudo drbdadm create-md r0启动系统服务systemctl start drbd#开始 systemctl enable drbd#开机自启在alpha上操作,启动设备并使其成为主节点drbdadm up drbd0 drbdadm primary drbd0如果启用主节点命令失败需要使用以下命令drbdadm primary drbd0 --force在bravo上操作,启动设备drbdadm up drbd0查看同步进程drbdadm status sudo drbdadm -- --overwrite-data-of-peer primary drbd0 #重要这步如果状态不正常就开始同步 drbdadm primary --force drbd0 #强制同步 drbdadm primary drbd0 #切换成主服务器 期间可以看到同步的状态格式化DRBD设备并挂载 【alpha 操作】mkfs.ext4 /dev/drbd0 mkdir -pv /mnt mount /dev/drbd0 /mnt touch /mnt/test/file{1..10}卸载文件系统并切换为备节点umount /mnt drbdadm secondary drbd0在bravo上执行以下命令确认文件drbdadm primary drbd0 mount /dev/drbd0 /mnt ls -l /mnt total 0 -rw-r--r--. 1 root root 0 Jun 10 09:43 file1 -rw-r--r--. 1 root root 0 Jun 10 09:43 file2 -rw-r--r--. 1 root root 0 Jun 10 09:43 file3
-
简单的SSH代理如何实现 需求场景 如上图所示只有 主机A 可以访问 目标主机, 主机B 或者其他外来主机都是无法访问目标主机的,而 主机B 是可以访问 主机A 的造成这种问题的原因有很多中,例如 防火墙设置了策略现在无法对目标主机的防火墙做策略更改,那要如何实现 主机B 对 目标主机 的ssh远程登录呢解决办法 做ssh代理,通过主机A,访问目标主机配置前提各个主机都需要安装openssh的客户端主机B需要配置基于key的免密访问主机A主机B配置 # 生成密钥 ssh-keygen # copy公钥给主机A的admin用户 ssh-copy-id admin@10.0.0.2ssh 方面的配置在当前用户下的 .ssh 目录下创建 config 文件vim .ssh/config # 下面两个IP都是目标主机的IP Host 192.168.1.2 HostName 192.168.1.2 # user也是目标主机的user User root # 端口是目标主机的端口 Port 22 # 下面是通过主机A的admin用户代理ssh命令 ProxyCommand ssh -q admin@10.0.0.2 -W [%h]:%p多个IP就配置多组就好了然后尝试使用ssh连接目标主机,就可以正常访问了
