yum源配置
1)本地yum源软件目录为/dvd
2)本地yum源仓库名字为wangluo
3)对仓库作说明:yum wangluo repo
4)对本地yum源软件不作检验
5)安装httpd软件
[root@student ~]# mkdir /dvd
[root@student ~]# mount /dev/cdrom /dvd //这是临时挂载,永久挂载在配置文件里把文件系统改为iso9660
[root@student ~]# rm -rf /etc/yum.repos.d/*
[root@student ~]# vim /etc/yum.repos.d/dvd.repo
[wangluo] //仓库标识 ,即仓库的名字 , 不能是中文 ,不能有空格等
name=yum wangluo repo //写的是仓库的描述信息
baseurl=file:///dvd // 指定 本地软件服务器的位置 为 /dvd
enabled=1 //表示本文件生效
gpgcheck=0 //不检查红帽签名信息
一、默认共享数据的目录:/var/ftp
ftp:文件共享
虚拟机server
[root@tdr ~]# nmtui //图形化界面配置ip
[root@tdr ~]# ifconfig //查看网卡ip
[root@tdr ~]# yum -y install vsftpd //安装ftp服务
[root@tdr ~]# systemctl restart vsftpd //重启ftp服务
[root@tdr ~]# systemctl enable vsftpd //开机自启动ftp服务
[root@tdr ~]# firefox //打开火狐浏览器 输入ftp://192.168.223.128 本机IP
[root@tdr ~]# touch /var/ftp/dts.txt //创建文件
[root@tdr ~]# firewall-cmd --set-default-zone=trusted //修改默认区域
[root@tdr ~]# firewall-cmd --get-default-zone //查看默认区域
虚拟机client
[root@localhost ~]# nmtui //图形化界面配置ip
[root@localhost ~]# ping 192.168.223.128 //ping虚拟机server的IP地址
[root@localhost ~]# firefox //打开火狐浏览器 输入ftp://192.168.223.128 服务器IP
注:
– public:仅允许访问本机的sshd、ping、dhcp服务
– trusted:允许任何访问
– block:阻塞任何来访请求(明确拒绝,有回应客户端)
– drop:丢弃任何来访的数据包(直接丢弃,没有回应客户端),节省服务器资源
二、独立web主机
[root@tdr ~]# yum -y install httpd //安装http
[root@tdr ~]# systemctl restart httpd //重启http
打开火狐,输入IP地址
[root@tdr ~]# cd 桌面
[root@tdr 桌面]# ls
[root@tdr 桌面]# unzip game-code.zip -d /var/www/html/
[root@tdr 桌面]# systemctl restart httpd //开启http服务
[root@tdr 桌面]# vim /etc/httpd/conf/httpd.conf //修改目录
DocumentRoot "/var/www/myweb" //修改html为myweb
[root@tdr 桌面]# mkdir /var/www/myweb //在/var/www/下创建myweb目录
[root@tdr 桌面]# systemctl restart httpd //重启http服务
[root@tdr 桌面]# echo wo shi myweb > /var/www/myweb/index.html
[root@tdr 桌面]# vim /etc/httpd/conf/httpd.conf //修改端口
Listen 8080 //修改端口号为8080,用浏览器访问时IP地址后加上8080
[root@tdr 桌面]# systemctl restart httpd //重启http服务
[root@tdr 桌面]# vim /etc/httpd/conf/httpd.conf //改回来
Listen 80
[root@tdr 桌面]# systemctl restart httpd
虚拟web主机
[root@tdr 桌面]# vim /etc/httpd/conf.d/nsd01.conf
<VirtualHost *:80> //开启虚拟主机,在所有IP地址上启用80端口
ServerName www.qqq.com //指定访问的域名
DocumentRoot /var/www/qq //指定网页文件路径
</VirtualHost>
<VirtualHost *:80>
ServerName www.tt.com
DocumentRoot /var/www/tt
</VirtualHost>
[root@tdr 桌面]# mkdir /var/www/qq //创建网页路径
[root@tdr 桌面]# mkdir /var/www/tt //创建网页路径
[root@tdr 桌面]# systemctl restart httpd //重启服务
[root@tdr ~]# systemctl status httpd.service //排错
[root@tdr 桌面]# unzip 胖子玛丽.zip
[root@tdr 桌面]# ls
game-code.zip
htm5公路赛车游戏源码_爱给网_aigei_com.zip
html╙╬╧╖б╢┼╓╫╙├░╧╒б╖╘┤┬ы-xiaopangzidamaoxian
html└р╦╞│м╝╢┬ъ└Ў╡─╙╬╧╖б╢┼╓╫╙├░╧╒б╖╘┤┬ы-╙╬╧╖╘┤┬ы-╦╪▓─╦╡├ў.txt
love.zip
░о╕°═°-╘┤┬ы-├т╖╤╧┬╘╪.txt
╘┤┬ы╦╪▓─├т╖╤╧┬╘╪.url
胖子玛丽.zip
消消乐游戏laya版本_爱给网_aigei_com.zip
[root@tdr 桌面]# cp -r html╙╬╧╖б╢┼╓╫╙├░╧╒б╖╘┤┬ы-xiaopangzidamaoxian/* /var/www/qq/
[root@tdr 桌面]# vim /etc/hosts
192.168.223.128 www.qqq.com www.tt.com
[root@tdr 桌面]# unzip love.zip
[root@tdr 桌面]# ls
game-code.zip
htm5公路赛车游戏源码_爱给网_aigei_com.zip
html╙╬╧╖б╢┼╓╫╙├░╧╒б╖╘┤┬ы-xiaopangzidamaoxian
html└р╦╞│м╝╢┬ъ└Ў╡─╙╬╧╖б╢┼╓╫╙├░╧╒б╖╘┤┬ы-╙╬╧╖╘┤┬ы-╦╪▓─╦╡├ў.txt
love
love.zip
__MACOSX
░о╕°═°-╘┤┬ы-├т╖╤╧┬╘╪.txt
╘┤┬ы╦╪▓─├т╖╤╧┬╘╪.url
胖子玛丽.zip
消消乐游戏laya版本_爱给网_aigei_com.zip
三、快速构建LAMP网站平台
[root@localhost ~]# yum -y install httpd mariadb-server mariadb php php-mysql //安装这些软件包ls
[root@localhost ~]# systemctl restart httpd mariadb //启动服务
[root@localhost ~]# vim /var/www/html/test1.php //编辑测试网页
<?php
phpinfo();
?>
http://192.168.223.128/test1.php //进入火狐打开
安装Discuz!论坛
[root@localhost ~]# cd 桌面
[root@localhost 桌面]# unzip Discuz_X3.4_SC_UTF8.zip //解压
[root@localhost 桌面]# cp -r upload/* /var/www/html //复制
[root@localhost 桌面]# systemctl restart httpd //重启
打开火狐,输入i
[root@localhost 桌面]# chown -R apache /var/www/html //用递归方法将目录的权限改为apache
[root@localhost 桌面]# setenforce 0 //关闭SELinux保护机制
[root@localhost 桌面]# getenforce 确认结果
打开火狐,刷新
四、DNS域名解析
作用:正向解析、反向解析
1.安装软件包
[root@svr7 ~]# yum -y install bind-chroot bind #bind是域名服务包,bind-chroot 是提供虚拟根支持
2.修改主配置文件
[root@svr7 ~]# vim /etc/named.conf //删除修改到只剩//后面的东西以及下面
options {
directory "/var/named";
};
zone "tedu.cn" IN {
type master;
file "tedu.cn.zone";
};
[root@svr7 ~]# named-checkconf /etc/named.conf //检查配置文件是否错误(正确时没有任何提示)
[root@tdr ~]# cd /var/named/
[root@tdr named]# cp -p named.localhost tedu.cn.zone //-p表示权限不变
[root@svr7 named]# vim tedu.cn.zone
[root@localhost named]# cat tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS tdr
tdr A 192.168.223.128
www A 1.1.1.1
iii A 2.2.2.2
[root@localhost named]# systemctl restart named //重启
客户端
[root@localhost ~]# echo nameserver 192.168.223.128 > /etc/resolv.conf
[root@localhost ~]# nslookup www.tedu.cn
泛域名解析
[root@tdr ~]# systemctl disable firewalld //开机不自启防火墙
[root@localhost ~]# cat /var/named/baidu.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
baidu.com. NS tdr
tdr A 192.168.223.129
www A 192.168.223.128
* A 5.6.7.8
[root@localhost ~]# systemctl restart named //重启named
有规律的泛域名解析
[root@localhost ~]# vim /var/named/baidu.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
baidu.com. NS tdr
tdr A 192.168.223.129
www A 192.168.223.128
* A 5.6.7.8
$GENERATE 1-100 pc$ A 192.168.223.$
[root@localhost ~]# systemctl restart named
客户端测试
[root@tdr ~]# nslookup pc1.baidu.com
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: pc1.baidu.com
Address: 192.168.223.1
[root@tdr ~]# nslookup pc100.baidu.com
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: pc100.baidu.com
Address: 192.168.223.100
解析记录的别名
[root@localhost ~]# vim /var/named/baidu.com.zone //编写地址库文件
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
baidu.com. NS tdr
tdr A 192.168.223.129
www A 192.168.223.128
* A 5.6.7.8
$GENERATE 1-100 pc$ A 192.168.223.$
tangdaer CNAME www
[root@localhost ~]# systemctl restart named
客户端测试
[root@tdr ~]# nslookup tangdaer.baidu.com
Server: 192.168.223.129
Address: 192.168.223.129#53
tangdaer.baidu.com canonical name = www.baidu.com.
Name: www.baidu.com
Address: 192.168.223.128
五、主从DNS架构
1.主DNS服务器
[root@svr7 /]# vim /etc/named.conf
options {
directory "/var/named";
allow-transfer { 192.168.223.130; }; #指定从服务器
};
[root@localhost ~]# vim /var/named/tdr.com.zone //编写地址库文件
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tdr.com. NS tdr
tdr.com. NS tds #声明从服务器
tdr A 192.168.223.129
tds A 192.168.223.130 #解析
www A 192.168.223.131
[root@localhost ~]# systemctl restart named
[root@localhost ~]# systemctl stop firewalld
2.从DNS服务器
[root@localhost ~]# vim /etc/named.conf //修改主配置文件
zone "tdr.com" IN {
type slave;
file "/var/named/slaves/tdr.com.slave";
masters { 192.168.223.129; }; #指定主DNS服务器位置
};
[root@localhost ~]# systemctl restart named
[root@localhost ~]# systemctl stop firewalld
3.测试机测试`
[root@localhost ~]# nslookup www.tdr.com 192.168.223.129 #指定DNS测试
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: www.tdr.com
Address: 192.168.223.131
[root@localhost ~]# nslookup www.tdr.com 192.168.223.130
Server: 192.168.223.130
Address: 192.168.223.130#53
Name: www.tdr.com
Address: 192.168.223.131
主从数据同步
主DNS:
[root@localhost ~]# vim /var/named/tdr.com.zone //编写地址库文件
$TTL 1D
@ IN SOA @ rname.invalid. (
1 ; serial //改为比原先大的版本号
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tdr.com. NS tdr
tdr.com. NS tds
tdr A 192.168.223.129
tds A 192.168.223.130
www A 1.2.3.4 //修改
[root@localhost ~]# systemctl restart named
客户端:
[root@localhost ~]# nslookup www.tdr.com 192.168.223.129
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: www.tdr.com
Address: 1.2.3.4 //主同步
[root@localhost ~]# nslookup www.tdr.com 192.168.223.130
Server: 192.168.223.130
Address: 192.168.223.130#53
Name: www.tdr.com
Address: 1.2.3.4 //从也同步
主从DNS服务器同步数据
1.修改数据必定是在主DNS服务器上完成
2.必须修改数据版本号,必须往大的方向修改
地址库文件内容(/var/named/tdr.com.zone):
2019122401 ; serial #数据版本号由10个数字组成
1D ; refresh #每隔1天,主从会进行同步数据
1H ; retry #重试时间间隔,每隔1个小时
1W ; expire #失效时间,1个星期
3H ) ; minimum #无效记录的缓存时间,3个小时
六、DNS分离解析
dns:
[root@localhost ~]# vim /etc/named.conf //修改主配置文件
options {
directory "/var/named";
allow-transfer { 192.168.223.130; };
};
view "tdr" { //#视图1设置分类名称 视图前面的优先级大于后面的 即view分类,客户端匹配由上及下进行匹配, 匹配及停止
match-clients { 192.168.223.131; }; //#匹配客户端来源
zone "baidu.com" IN {
type master;
file "baidu.com.zone"; //#解析结果192.168.223.128
};
};
view "tds" { //视图2
match-clients { any; }; //来源任何客户端
zone "baidu.com" IN {
type master;
file "baidu.com.other"; //解析结果为1.2.3.4
};
};
[root@localhost ~]# cd /var/named/
[root@localhost named]# vim baidu.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
baidu.com. NS tdr
tdr A 192.168.223.129
www A 192.168.223.128 //
[root@localhost named]# cp -p baidu.com.zone baidu.com.other
[root@localhost named]# vim baidu.com.other
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
baidu.com. NS tdr
tdr A 192.168.223.129
www A 1.2.3.4 /
[root@localhost named]# systemctl restart named
客户机1测试
[root@localhost ~]# echo nameserver 192.168.223.129 > /etc/resolv.conf //手工dns
[root@localhost ~]# nslookup www.baidu.com
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: www.baidu.com
Address: 192.168.223.128 //匹配视图tdr
客户机2测试
[root@localhost ~]# echo nameserver 192.168.223.129 > /etc/resolv.conf
[root@localhost ~]# nslookup www.baidu.com
Server: 192.168.223.129
Address: 192.168.223.129#53
Name: www.baidu.com
Address: 1.2.3.4 //匹配视图tds
多区域的分离解析 不同域名的分离解析
[root@localhost named]# cat /etc/named.conf
view "tdr" {
match-clients { 192.168.223.131; };
zone "baidu.com" IN {
type master;
file "baidu.com.zone";
};
zone "126.com" IN {
type master;
file "126.com.zone";
};
};
view "tds" {
match-clients { any; };
zone "baidu.com" IN {
type master;
file "baidu.com.other";
};
zone "126.com" IN {
type master;
file "126.com.other";
};
};
[root@localhost named]# cp -p baidu.com.zone 126.com.zone
[root@localhost named]# cp -p baidu.com.other 126.com.other
[root@localhost named]# vim 126.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
126.com. NS tdr
tdr A 192.168.223.129
www A 1.1.1.1
[root@localhost named]# vim 126.com.other
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
126.com. NS tdr
tdr A 192.168.223.129
www A 2.2.2.2
[root@localhost named]# systemctl restart named
测试客户机1,2
[root@localhost ~]# nslookup www.126.com 192.168.223.129
第一次作业(web服务器项目实战):
dns:
[root@tdr ~]# vim /etc/named.conf
options {
directory "/var/named";
};
view "tdr"{
match-clients { 192.168.223.131; };
zone "qq.com" IN {
type master;
file "qq.com.zone";
};
zone "163.com" IN {
type master;
file "163.com.zone";
};
};
view "tds"{
match-clients { any; };
zone "qq.com" IN {
type master;
file "qq.com.other";
};
zone "163.com" IN {
type master;
file "163.com.other";
};
};
[root@tdr ~]# cd /var/named
[root@tdr ~ named]# cp -p named.localhost qq.com.zone
[root@tdr ~ named]# cp -p named.localhost 163.com.zone
[root@tdr ~ named]# cp -p qq.com.zone qq.com.other
[root@tdr ~ named]# cp -p 163.com.zone 163.com.other
[root@tdr ~]# vim /var/named/qq.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
qq.com. NS tdr
tdr A 192.168.223.128
www A 192.168.223.133
[root@tdr ~]# vim /var/named/qq.com.other
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
qq.com. NS tdr
tdr A 192.168.223.128
www A 192.168.223.134
[root@tdr ~]# vim /var/named/163.com.other
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
163.com. NS tdr
tdr A 192.168.223.128
www A 192.168.223.134
[root@tdr ~]# vim /var/named/163.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
163.com. NS tdr
tdr A 192.168.223.128
www A 192.168.223.133
[root@tdr ~]# systemctl stop firewalld
[root@tdr ~]# systemctl restart named
web1:
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# cat /etc/httpd/conf.d/nsd01.conf
<VirtualHost *:80>
ServerName www.163.com
DocumentRoot /var/www/163
</VirtualHost>
<VirtualHost *:80>
ServerName www.qq.com
DocumentRoot /var/www/qq
</VirtualHost>
[root@localhost ~]# mkdir /var/www/qq /var/www/163
[root@localhost ~]# echo qq > /var/www/qq/index.html
[root@localhost ~]# echo 163 > /var/www/163/index.html
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# echo nameserver 192.168.223.128 > /etc/resolv.conf
web2:
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# cat /etc/httpd/conf.d/nsd01.conf
<VirtualHost *:80>
ServerName www.163.com
DocumentRoot /var/www/163
</VirtualHost>
<VirtualHost *:80>
ServerName www.qq.com
DocumentRoot /var/www/qq
</VirtualHost>
[root@localhost ~]# mkdir /var/www/qq /var/www/163
[root@localhost ~]# echo qq2 > /var/www/qq/index.html
[root@localhost ~]# echo 1632 > /var/www/163/index.html
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# echo nameserver 192.168.223.128 > /etc/resolv.conf
测试客户机1:
[root@localhost ~]# echo nameserver 192.168.223.128 > /etc/resolv.conf
[root@localhost ~]# curl www.qq.com
qq
[root@localhost ~]# curl www.163.com
163
测试客户机2:
[root@localhost ~]# echo nameserver 192.168.223.128 > /etc/resolv.conf
[root@localhost ~]# curl www.qq.com
qq2
[root@localhost ~]# curl www.163.com
1632
七、缓存DNS服务器
//作用:缓存解析记录,加快解析
通过内存记录解析结果
[root@localhost ~]# vim /etc/named.conf
options {
directory "/var/named";
forwarders { 192.168.223.128; };
};
[root@localhost ~]# systemctl restart named
[root@localhost ~]# systemctl stop firewalld
客户端测试:
[root@localhost ~]# nslookup www.qq.com 192.168.223.133
Server: 192.168.223.133
Address: 192.168.223.133#53
Non-authoritative answer: //非权威解答
Name: www.qq.com
Address: 192.168.223.134
八、PXE
搭建dhcp:
[root@localhost ~]# yum -y install dhcp
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf //修改主配置文件
:r /usr/share/doc/dhcp*/dhcpd.conf.example #在末行模式下,将文件读取进来
subnet 192.168.223.0 netmask 255.255.255.0 { #分配网段
range 192.168.223.100 192.168.223.200; #分配IP地址范围
option domain-name-servers 192.168.223.1; #DNS服务器地址
option routers 192.168.223.254; #分配的网关地址
default-lease-time 600; #IP地址默认租约时间
max-lease-time 7200; #IP地址最大租约时间
}
[root@localhost ~]# systemctl restart dhcpd
客户端测试:
[root@pc207 ~]# dhclient -r #临时释放IP地址
[root@pc207 ~]# ifconfig | head -2
[root@pc207 ~]# dhclient -d #临时获取IP地址
[root@pc207 ~]# ifconfig | head -2
PXE网络装机:
需要哪些服务组件?
– DHCP服务,分配IP地址、定位引导程序
– TFTP服务,提供引导程序下载
– HTTP服务,提供yum安装源
1.配置DHCP服务器,添加网络装机的配置
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
subnet 192.168.223.0 netmask 255.255.255.0 {
range 192.168.223.200 192.168.223.250;
option domain-name-servers 192.168.223.1;
option routers 192.168.223.254;
default-lease-time 600;
max-lease-time 7200;
next-server 192.168.223.1; //指定下一个服务器(PXE)地址(本机ip)
filename "pxelinux.0"; //#指定网卡引导文件名称
}
[root@localhost ~]# systemctl restart dhcpd
2.配置tftp:
启用tftp服务端
[root@localhost ~]# yum -y install tftp-server //安装软件包tftp-server
[root@localhost ~]# systemctl restart tftp
[root@localhost ~]# ss -antlup | grep 69 //部署引导文件pxelinux.0文件
udp UNCONN 0 0 :::69 :::* users:(("in.tftpd",pid=3636,fd=0),("systemd",pid=1,fd=23))
[root@localhost ~]# yum provides */pxelinux.0 //#查询那个软件产生该文件
[root@localhost ~]# yum -y install syslinux
[root@localhost ~]# rpm -ql syslinux | grep pxelinux.0 //#查询安装清单
[root@localhost ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/ //部署引导文件pxelinux.0文件
[root@localhost ~]# ls /var/lib/tftpboot/
pxelinux.0
[root@localhost ~]# mkdir /var/lib/tftpboot/pxelinux.cfg
[root@localhost ~]# cp /mnt/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default #部署菜单文件并改名
3.部署引导文件 //部署图形模块(vesamenu.c32)与背景图片(splash.png),部署启动内核(vmlinuz)与驱动程序(initrd.img)
[root@localhost ~]# cp /mnt/isolinux/vesamenu.c32 /var/lib/tftpboot/
[root@localhost ~]# cp /mnt/isolinux/splash.png /var/lib/tftpboot/
[root@localhost ~]# cp /mnt/isolinux/vmlinuz /var/lib/tftpboot/
[root@localhost ~]# cp /mnt/isolinux/initrd.img /var/lib/tftpboot/
[root@localhost ~]# ls /var/lib/tftpboot/
initrd.img pxelinux.0 pxelinux.cfg splash.png vesamenu.c32 vmlinu
修改菜单文件:
[root@localhost ~]# vim /var/lib/tftpboot/pxelinux.cfg/default
default vesamenu.c32 //#默认加载图形模块
timeout 600 // #默认读秒时间 1/10
menu background splash.png //#背景图片
menu title TDQ // #标题显示
label linux
menu label ^Install CentOS 7 //#菜单显示的内容
menu default //#添加这一行,读秒结束后默认选择 Install CentOS 7
kernel vmlinuz //#加载内核
append initrd=initrd.img //#加载驱动程序
之后的都删除
测试:
新建一台虚拟机,采用PXE网络引导安装,可以看到引导页面即可 //必须与服务器是同一种网络适配器
4.http:实现全自动化安装
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mkdir /var/www/html/dvd
[root@localhost ~]# mount /dev/cdrom /var/www/html/dvd //将光驱挂载在共享文件中
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# yum -y install system-config-kickstart //图形工具system-config-kickstart进行生成应答文件
[root@localhost ~]# system-config-kickstart //#运行
点击 "软件包选择(Package Selection)" 查看是否可以进行选择(不可以进行选择)
需要Yum仓库的支持:指向光盘的内容仓库,标识必须为[development]
[root@localhost ~]# vim /etc/yum.repos.d/dvd.repo //#只将仓库标识改为
[development] //修改为development
name=fjh
baseurl=file:///mnt
gpgcheck=0
[root@localhost ~]# system-config-kickstart //#再次运行
[root@localhost ~]# cp /root/ks.cfg /var/www/html/ //共享应答文件
[root@localhost ~]# vim /var/lib/tftpboot/pxelinux.cfg/default //修改菜单文件指定应答文件的位置
label linux
menu label ^Install CentOS 7
menu default
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.223.1/ks.cfg //#指定应答文件位置
[root@localhost ~]# systemctl restart dhcpd //重启dhcp
[root@localhost ~]# systemctl restart tftp //重启tftp
[root@localhost ~]# systemctl restart httpd //重启http
[root@localhost ~]# systemctl stop firewalld //关闭防火墙
九、 rsync基本使用
rsync同步操作
• 命令用法
– rsync [选项...] 源目录 目标目录
• 同步与复制的差异
– 复制:完全拷贝源到目标
– 同步:增量拷贝,只传输变化过的数据
• rsync操作选项
– -n:测试同步过程,不做实际修改
– --delete:删除目标文件夹内多余的文档
– -a:归档模式,相当于-rlptgoD
– -v:显示详细操作信息
– -z:传输过程中启用压缩/解压
• 本地同步
– rsync [选项...] 本地目录1 本地目录2 //同步整个文件夹
– rsync [选项...] 本地目录1/ 本地目录2 //只同步目录下的数据
[root@localhost ~]# mkdir /tdr /tds
[root@localhost ~]# cp /etc/passwd /tdr
[root@localhost ~]# cp /etc/redhat-release /tdr
[root@localhost ~]# cp /etc/shadow /tdr
[root@localhost ~]# ls /tdr
passwd redhat-release shadow
同步tdr目录里面的数据到tds目录
[root@localhost ~]# rsync -av /tdr /tds //区别:会直接同步nsd20整个目录
[root@localhost ~]# ls /tds
tdr
[root@localhost ~]# rm -rf /tds/tdr
[root@localhost ~]# rsync -av /tdr/ /tds //区别:只同步目录下面的数据
[root@localhost ~]# ls /tds
passwd redhat-release shadow
只同步新增的group文件
[root@localhost ~]# cp /etc/group /tdr/
[root@localhost ~]# rsync -av /tdr/ /tds
[root@localhost ~]# ls /tdr
group passwd redhat-release shadow
[root@localhost ~]# ls /tds //只同步新增的group文件
group passwd redhat-release shadow
更改文件内容进行同步
[root@localhost ~]# echo tt > /tdr/passwd
[root@localhost ~]# cat /tdr/passwd //里面变成tt了
tt
[root@localhost ~]# cat /tds/passwd //里面还是原来的文件
[root@localhost ~]# rsync -av /tdr/ /tds //使用rsync
[root@localhost ~]# cat /tds/passwd //里面也变成tt了
tt
使 目标和源 目录的数据保持一致 在tdr目录里面创建1.txt,测试同步删除
[root@localhost ~]# touch /tdr/1.txt //在
[root@localhost ~]# ls /tdr
[root@localhost ~]# rsync -av --delete /tds/ /tdr
rsync+SSH同步
• 远程同步
– rsync [选项...] 本地目录/ user@host:远程目录 //将本地文件同步到远程主机
– rsync [选项...] user@host:远程目录 本地目录/ //将远程文件同步到本地目录
同步本地的/tds目录到200主机的/opt下
[root@localhost ~]# rsync -av --delete /tds/ root@192.168.223.200:/opt/ //需要密码
[root@localhost ~]# ssh 192.168.223.200 //登录到200主机,需要密码
[root@c ~]#exit //登出
[root@localhost ~]# ssh-keygen //一直回车
[root@localhost ~]# ssh-copy-id 192.168.223.200
[root@localhost ~]# ssh 192.168.223.200 //不需要密码
[root@c ~]#
inotify实时同步与rsync结合:
inotifywait监控:
• 基本用法
– inotifywait [选项] 目标文件夹
• 常用命令选项
– -m:持续监控 (捕获一个事件后不退出)
– -r:递归监控、包括子目录及文件
– -q:减少屏幕输出信息
– -e:指定监视的 modify、move、create、delete、attrib 等事件类别,不写-e全部监控
[root@localhost ~]# cd 桌面
[root@localhost 桌面]# cd tools
[root@localhost tools]# ls
[root@localhost tools]# tar -xf inotify-tools-3.13.tar.gz //tar解包,释放源代码至指定目录
[root@localhost tools]# ls
[root@localhost tools]# yum -y install make gcc //安装make与gcc,开发工具
[root@localhost tools]# cd inotify-tools-3.13/
[root@localhost inotify-tools-3.13]# ./configure //./configure 配置,指定安装目录/功能模块等选项
[root@localhost inotify-tools-3.13]# make //make 编译,生成可执行的二进制程序文件
[root@localhost inotify-tools-3.13]# make install //make install 安装,将编译好的文件复制到安装目录
[root@localhost inotify-tools-3.13]# ls /usr/local/bin/inotifywait //确认监控程序的生成
[root@localhost inotify-tools-3.13]# inotifywait -rmq /tdr //开启监控,客户端测试,然后退出监控
[root@localhost inotify-tools-3.13]# vim /root/rsync.sh //同步脚本书写,inotify与rsync的结合
#!/bin/bash
while inotifywait -rq /tdr
do
rsync --delete -avz /tdr/ root@192.168.223.200:/opt
done
[root@localhost inotify-tools-3.13]# bash /root/rsync.sh //开启脚本
更改脚本,使可以同步,但不显示监控内容
[root@localhost ~]# vim /root/rsync.sh //
#!/bin/bash
while inotifywait -rqq /tdr //-rq后面多加一个q
do
rsync --delete -a /tdr/ root@192.168.223.200:/opt //-avz变成-a
done
[root@localhost ~]# bash /root/rsync.sh //开启脚本
[root@localhost ~]# touch /tdr/120.txt //打开另一终端,写一个文件
[root@c ~]# ls /opt //客户端查看是否同步
120.txt 122.txt 3.txt 4.txt 6.txt passwd redhat-release shadow //同步成功
[root@localhost ~]# /root/rsync.sh & //放入后台运行
十、电子邮件通信
服务器构建DNS:
[root@localhost ~]# yum -y install bind
[root@localhost ~]# vim /etc/named.conf
options {
directory "/var/named";
};
zone "example.com" IN {
type master;
file "example.com.zone";
};
[root@localhost ~]# cd /var/named/
[root@localhost named]# cp -p named.localhost example.com.zone
[root@localhost named]# vim example.com.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
example.com. NS tdr
example.com. MX 10 mail //#MX邮件交换记录,10为第几台邮件服务器,数字越小优先级越高,mali,邮件交换(收发)主要由mail负责
tdr A 192.168.223.1
mail A 192.168.223.200 //#指定mail是谁
[root@localhost named]# systemctl restart named //重启服务
[root@localhost named]# systemctl stop firewalld.service
客户机验证:
[root@c ~]# echo nameserver 192.168.223.1 > /etc/resolv.conf //手工指定dns
[root@c ~]# host -t MX example.com //#查看在example.com域中邮件服务器是谁
example.com mail is handled by 10 mail.example.com.
[root@c ~]# host mail.example.com //#查看mail.example.com的IP是谁
mail.example.com has address 192.168.223.200
客户机pc200构建邮件服务器:
[root@c ~]# echo nameserver 192.168.223.1 > /etc/resolv.conf //手工指定dns
[root@c ~]# rpm -q postfix
[root@c ~]# vim /etc/postfix/main.cf
99 myorigin = example.com #默认补全的域名后缀
116 inet_interfaces = all #监听接口,本机所有网卡都提供邮件功能
164 mydestination = example.com #判定为本域邮件的依据
[root@c ~]# systemctl restart postfix
• 创建本地用户tgy和gf用于测试
[root@c ~]# useradd tgy
[root@c ~]# useradd gf
• mail 发信操作: mail -s '邮件标题' -r 发件人 收件人
[root@c ~]# mail -s "shen shi si xiang" -r tgy gf
hahaxixi #邮件内容
. #输入点结束,退出
EOT
• mail 收信操作:mail [-u 用户名]
[root@c ~]# mail -u gf
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/tgy": 1 message 1 new
>N 1 gf@example.com Fri Jul 24 13:17 18/548 "test01"
& 1 #输入编号1
Message 1:
…
& exit #退出
非交互式发送邮件:
echo 邮件内容 | mail -s '邮件标题' -r 发件人 收件人
[root@c ~]# echo baby | mail -s "xiao ke ai" -r tgy gf
[root@c ~]# mail -u gf
十一、虚拟化技术
[root@c ~]# qemu-img create -f raw disk1.img 20G //普通格式磁盘
Formatting 'disk1.img', fmt=raw size=21474836480
[root@c ~]# qemu-img create -f qcow2 disk2.img 20G //cow格式磁盘
Formatting 'disk2.img', fmt=qcow2 size=21474836480 encryption=off cluster_size=65536 lazy_refcounts=off
[root@c ~]# ls -lh //验证
-rw-r--r--. 1 root root 20G 11月 20 08:30 disk1.img
-rw-r--r--. 1 root root 193K 11月 20 08:32 disk2.img
虚拟化技术
root@ecs ~]#cp /etc/libvirt/qemu/networks/default.xml /etc/libvirt/qemu/networks/vbr.xml
[root@ecs ~]# vim /etc/libvirt/qemu/networks/vbr.xml
<network>
<name>vbr</name>
<forward mode='nat'/>
<bridge name='vbr' stp='on' delay='0'/>
<ip address='192.168.100.254' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.100.128' end='192.168.100.200'/>
</dhcp>
</ip>
</network>
# 创建网桥
[root@ecs ~]# virsh net-define /etc/libvirt/qemu/networks/vbr.xml
Network vbr defined from /etc/libvirt/qemu/networks/vbr.xml
# 设置开机自启动
[root@ecs ~]# virsh net-autostart vbr
Network vbr marked as autostarted
# 启动网桥
[root@ecs ~]# virsh net-start vbr
Network default started
# 验证状态
[root@ecs ~]# virsh net-list --all
Name State Autostart Persistent
-----------------------------------------
vbr active yes yes
[root@ecs ~]# ifconfig vbr # 验证
# 上传 cirros.qcow2 到 ecs:/var/lib/libvirt/images/
[root@c ~]# cd 桌面
[root@c 桌面]# ls
cirros.qcow2 node_base.xml
[root@c 桌面]# cp cirros.qcow2 /var/lib/libvirt/images/
[root@c 桌面]# cd /var/lib/libvirt/images/
[root@c images]# qemu-img create -f qcow2 -b cirros.qcow2 vmhost.img 20G
[root@c images]# qemu-img info vmhost.img #查看信息
[root@c ~]# cd 桌面
[root@c 桌面]# cp node_base.xml /etc/libvirt/qemu/vmhost.xml
[root@c 桌面]# vim /etc/libvirt/qemu/vmhost.xml
02: <name>vmhost</name>
03: <memory unit='KB'>1048576</memory>
04: <currentMemory unit='KB'>1048576</currentMemory>
05: <vcpu placement='static'>2</vcpu>
26: <source file='/var/lib/libvirt/images/vmhost.img'/> //磁盘文件
30: <source bridge='vbr'/>
[root@c 桌面]# virsh define /etc/libvirt/qemu/vmhost.xml //创建
[root@c 桌面]# virsh list --all //列出虚拟机
[root@c 桌面]# virsh net-start vbr //启动网桥
[root@c 桌面]# virsh start vmhost //开启虚拟机
[root@c 桌面]# virsh console vmhost //两次回车
退出使用 ctrl + ]
十二、集群
web1:
[root@c ~]# yum -y install httpd
[root@c ~]# echo 1 > /var/www/html/index.html
[root@c ~]# systemctl restart httpd
[root@c ~]# iptables -F
[root@c ~]# setenforce 0
[root@c ~]# nmtui //设置网关192.168.2.128
[root@c ~]# yum -y install httpd
[root@c ~]# echo 2 > /var/www/html/index.html
[root@c ~]# systemctl restart httpd
[root@c ~]# iptables -F
[root@c ~]# setenforce 0
[root@c ~]# nmtui //设置网关192.168.2.128
配置LVS调度器
[root@c ~]# yum -y install ipvsadm
创建虚拟服务器
-A 添加虚拟服务器
-t 设置群集地址(VIP,Virtual IP) tcp/udp
-s 指定负载调度算法(rr|wrr|Ic|w|c|sh...)
[root@c ~]# ipvsadm -A -t 192.168.4.128:80 -s rr //#rr为轮询算法
[root@c ~]# ipvsadm -Ln //#查看集群规则
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.4.128:80 rr
添加real server
添加、删除服务器节点
-a 添加真实服务器
-d 删除真实服务器
-r 指定真实服务器(Real Server)的地址
-m 使用NAT模式;-g、-i分别对应DR、TUN模式
-w 为节点服务器设置权重,默认为1
[root@c ~]# ipvsadm -a -t 192.168.4.128:80 -r 192.168.2.129:80 -m //必须要加-m,否则默认是-g DR模式
[root@c ~]# ipvsadm -a -t 192.168.4.128:80 -r 192.168.2.130:80 -m
算法使用的是轮询,给服务器加了权重也不会查看,加权轮询(wrr),加权最小连接(wlc)的时候才会查看
[root@c ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.4.128:80 rr
-> 192.168.2.129:80 Masq 1 0 0
-> 192.168.2.130:80 Masq 1 0 0
[root@c ~]# systemctl stop firewalld
[root@c ~]# setenforce 0
Lvs开启路由转发
[root@c ~]# vim /etc/sysctl.conf //修改配置文件,设置永久规则
net.ipv4.ip_forward = 1
lvs测试:
[root@c ~]# curl 192.168.4.128
1
[root@c ~]# curl 192.168.4.128
2
LVS-DR集群:
调度器:
[root@c ~]# cp /etc/sysconfig/network-scripts/ifcfg-ens33{,:0} //开启虚拟接口
或[root@c ~]# cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33:0
[root@c ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33:0
TYPE=Ethernet
BOOTPROTO=none
NAME=ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.4.15
PREFIX=24
[root@c ~]# ifconfig //会有ens33:0的ip
[root@c ~]# ipvsadm -A -t 192.168.4.15:80 -s rr
[root@c ~]# ipvsadm -a -t 192.168.4.15:80 -r 192.168.4.100
[root@c ~]# ipvsadm -a -t 192.168.4.15:80 -r 192.168.4.200
[root@c ~]# systemctl stop firewalld.service
[root@c ~]# setenforce 0
[root@c ~]# systemctl restart network
web1:
给web1伪装VIP地址
[root@web1 ~]# cp /etc/sysconfig/network-scripts/ifcfg-lo{,:0}
[root@web1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.4.15 #ip地址
NETMASK=255.255.255.255 #子网掩码,强制4个255
NETWORK=192.168.4.15 #网络位
BROADCAST=192.168.4.15 #广播地址
ONBOOT=yes #开机启动
NAME=lo:0
此时还不能重启网络,因为会产生地址冲突,需要修改内核参数
[root@web1 ~]# vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
#当有arp广播问谁是192.168.4.15时,本机忽略改ARP广播,不做任何回应,
#本机不要向外宣告自己的lo回环地址是192.168.4.15
[root@web1 ~]# sysctl -p #使配置生效
[root@web1 ~]# systemctl restart network
[root@web1 ~]# systemctl restart httpd
[root@web1 ~]# systemctl stop firewalld.service
[root@web1 ~]# setenforce 0
web2:
与wb1相同
找一台别的电脑测试:
[root@tdr ~]# curl 192.168.4.15
2
[root@tdr ~]# curl 192.168.4.15
1