1、配置網絡設置
1、配置yum倉庫
[root@node1 yum.repos.d]# cat *repo
[AppStream]
name=AppStream
baseurl=http://foundation0.ilt.example.com/dvd/AppStream
enabled=1
gpgcheck=0
[BaseOS]
name=BaseOS
baseurl=http://foundation0.ilt.example.com/dvd/BaseOS
enabled=1
gpgcheck=0
[root@node1 yum.repos.d]# yum repolist
repo id repo name
AppStream AppStream
BaseOS BaseOS
1、配置SELinux
[root@node1 yum.repos.d]# man semanager port|grep http
[root@node1 yum.repos.d]# semanage port -a -t http_port_t -p tcp 82
[root@node1 yum.repos.d]# restorecon -Rv /var/www/html/
[root@node1 yum.repos.d]# systemctl enable httpd
1、用戶及組管理
[root@node1 yum.repos.d]# groupadd sysmgrs
[root@node1 yum.repos.d]# useradd natasha -G sysmgrs
[root@node1 yum.repos.d]# useradd harry -G sysmgrs
[root@node1 yum.repos.d]# useradd -s /sbin/nogin sarah
[root@node1 yum.repos.d]# echo "flectrag"|passwd --stdin natasha
1、計划任務cron
[root@node1 yum.repos.d]# crontab -e -u natasha
*/2 * * * * logger "EX200 in progress"
[root@node1 etc]# tail -f /var/log/cron
1、目錄權限設置
[root@node1 etc]# mkdir -p /home/managers
[root@node1 etc]# chgrp sysmgrs /home/managers
[root@node1 etc]# chmod 2770 /home/managers
1、配置ntp
[root@node1 etc]# yum install -y chrony
[root@node1 etc]# cat /etc/chro*
#server 3.rhel.pool.ntp.org iburst
server materials.example.com iburst
[root@node1 etc]# systemctl restart chronyd
[root@node1 etc]# systemctl enable chronyd
配置 autofs
[root@node1 ~]# yum install autofs -y
[root@node1 ~]# cat /etc/auto.master
/misc /etc/auto.misc
/rhome /etc/auto.rhome
[root@node1 ~]# cat /etc/auto.rhome
remoteuser1 -rw,sync 172.25.254.254:/rhome/remoteuser1
[root@node1 ~]# systemctl enable autofs
[root@node1 ~]# systemctl restart autofa
[root@node1 rhome]# su - remoteuser1
配置 /var/tmp/fstab 權限
[root@node1 rhome]# cp /etc/fstab /var/tmp/fstab
[root@node1 rhome]# serfacl -m u:harry:- /var/tmp/fstab
[root@node1 rhome]# setfacl -m u:harry:- /var/tmp/fstab
配置用戶帳戶
[root@node1 etc]# useradd manalo -u 3533
[root@node1 etc]# echo "flectrag"|passwd --stdin manalo
查找文件
[root@node1 etc]# mkdir /root/findfiles
[root@node1 etc]# find / -user jacques -exec cp -a {} /root/findfiles/ \;
查找字符串
[root@node1 etc]# grep ng /usr/share/xml/iso-codes/iso_639_3.xml > /root/list
創建存檔
[root@node1 etc]# tar -zcvf /root/backup.tar.gz /usr/local
配置容器使其自動啟動
利用注冊服務器上的 rsyslog 鏡像,創建一個名為 logserver 的容器
面向 wallah 用戶,配置一個 systemd 服務
該服務命名為 container-logserver ,並在系統重啟時自動啟動,無需干預
為容器配置持久存儲
通過以下方式擴展上一個任務的服務
配置主機系統的 journald 日志以在系統重啟后保留數據,並重新啟動日志記錄服務
將主機 /var/log/journal目錄下任何以 *.journal 的文件復制到 /home/wallah/container_logfile 中
將服務配置為在啟動時自動將 /home/wallah/container_logfile 掛載到容器中的 /var/log/journal 下
十六、創建shell腳本
在/usr/bin目錄下創建一個repwis腳本,查找/usr目錄下小於10M並且組id不為root的文件,把查到的文件結果拷貝到/root/myfiles文件夾內
[root@node1 rhome]# cat /usr/bin/repwis
#!/usr/bin/bash
for i in `cat /etc/group|awk -F':' '{print $3}'`
do
if [ 0 != ${i} ];then
find /usr -size -10M -gid ${i} -exec cp -a {} /root/myfiles \;
fi
done
一、重置root密碼
按下e進行編輯
增加,然后ctrl+x
改密碼但是現在的根是以只讀的方式掛載,需要以讀寫的方式重新掛載根(sysroot是當前根目錄)-----autorelabel的作用是告訴selinux重新打標簽
[root@node2 yum.repos.d]# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
vo myvol -wi-ao---- 184.00m
swap vgroup -wi-ao---- 256.00m
[root@node2 yum.repos.d]# lvextend -L 230M /dev/myvol/vo
[root@node2 yum.repos.d]# resize2fs /dev/myvol/vo
[root@node2 yum.repos.d]# df -h
[root@node2 ~]# lsblk
[root@node2 ~]# fdisk vdb
[root@node2 ~]# mkswap /dev/vdb3
Setting up swapspace version 1, size = 756 MiB (792719360 bytes)
no label, UUID=56b4627f-c9c5-432b-b9a5-0e0c5c15bf62
[root@node2 ~]# cat /etc/fstab
UUID=56b4627f-c9c5-432b-b9a5-0e0c5c15bf62 swap swap defaults 0 0
[root@node2 ~]# swapon -a
[root@node2 ~]# swapon -s
創建vg
[root@node2 ~]# fdisk /dev/vdb
[root@node2 ~]# vgcreate -s 16M qagroup /dev/vdb4
Physical volume "/dev/vdb4" successfully created.
Volume group "qagroup" successfully created
創建lv
[root@node2 ~]# lvcreate -l 10 -n qa qagroup
[root@node2 ~]# lvscan
ACTIVE '/dev/qagroup/qa' [160.00 MiB] inherit
創建文件系統
[root@node2 ~]# mkfs.ext3 /dev/qagroup/qa
[root@node2 ~]# cat /etc/fstab
/dev/qagroup/qa /mnt/qa ext3 defaults 0 0
[root@node2 ~]# mkdir -p /mnt/qa
[root@node2 ~]# mount -a
[root@node2 ~]# yum install -y tuned
[root@node2 ~]# systemctl enable tuned
[root@node2 ~]# systemctl restart tuned
[root@node2 ~]# tuned-adm list
[root@node2 ~]# tuned-adm profile throughput-performance
[greg@control ansible]$ sudo yum install -y rhel-system-roles
roles_path = /home/greg/ansible/roles:/usr/share/ansible/roles
[greg@control ansible]$ cp -rf /usr/share/doc/rhel-system-roles/timesync/example-timesync-playbook.yml timesync.yml
[greg@control roles]$ ansible-galaxy install -r requirements.yml -p .
- downloading role from http://materials/haproxy.tar
- extracting balancer to /home/greg/ansible/roles/balancer
- balancer was installed successfully
- downloading role from http://materials/phpinfo.tar
- extracting phpinfo to /home/greg/ansible/roles/phpinfo
- phpinfo was installed successfully
[greg@control roles]$ cat requirements.yml
---
- src: http://materials/haproxy.tar
name: balancer
- src: http://materials/phpinfo.tar
name: phpinfo
[greg@control roles]$ ansible-galaxy init apache
# tasks file for apache
- name: start service httpd
service:
name: httpd
state: started
enabled: yes
- name: open firewall port
firewalld:
service: http
permanent: yes
state: enabled
# immediate: yes
- name: template file
template:
src: index.html.j2
dest: /var/www/html/index.html
index.html.j2 main.yml
[greg@control tasks]$ cat *j2
Welcome to {{ ansible_fqdn }} on {{ ansible_default_ipv4.address }}
[greg@control ansible]$ cat roles.yml
---
- name: use role balancer
hosts: balancers
roles:
- balancer
- name: user apache and phpinfo
hosts: webservers
roles:
- apache
- phpinfo
