(1)用Fedora Server’s netinst images隨身碟開機
(不理ACPI-BIOS ERROR訊息)
安裝隨身碟製作過程詳參:http://lfwiki.kmvs.km.edu.tw/lf/index.php?op=ViewArticle&articleId=471&blogId=70
(2)選Install Fedora 28
(3)安裝語言選「繁體中文(台灣)」
(4)安裝摘要:
(4-1)鍵盤配置:自選「中華民國(台灣)」
(4-2)語言支援:自選「繁體中文(台灣)」
(4-3)日期與時間:自選「亞洲/台北時區」
(4-4)網路與主機名稱:自動偵測到「enpos31f6乙太網路:IP:10.10.10.100,Gateway:10.10.10.254,DNS:10.10.10.254」
(4-5)安裝來源:自動找到「最近的鏡像站」
(4-6)軟體選擇:挑「最小安裝集」
(4-7)安裝目的地:挑「剛由win10分割區切一半出來」的/dev/sda4空間,並挑由安裝程式規畫安裝分區,動作進行如下:
刪sda4的ntfs檔案系統及分割區-->重建sda4的的分割區及ext4檔案系統-->新建sda6分割區及其上的LVM檔案系統-->新建lvmvg裝置,lvmlv裝置(SWAP)採swap格式-->新建lvmlv裝置及其上的xfs檔案系統。
(5)安裝下載323包RPM,約323MiB (用1024位元組計算的單位為 KiB、MiB、GiB、TiB)
(6)安裝中:給root密碼,並建立一個用戶
(7)安裝完成並重開機
(8)重開機後順利在文字模式用root登入系統並有網路可用,查詢系統相關資訊如下:
(8-1)列出作業系統資訊:
#uname -a
Linux localhost.localdomain 4.19.15-200.fc28.x86_64 #1 SMP Mon Jan 14 17:06:39 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
(8-2)列出所有的區塊設備(硬碟、隨身碟、…):
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931.5G 0 disk ├─sda1 8:1 0 260M 0 part /boot/efi ├─sda2 8:2 0 16M 0 part ├─sda3 8:3 0 300G 0 part ├─sda4 8:4 0 1G 0 part /boot ├─sda5 8:5 0 800M 0 part └─sda6 8:6 0 628.5G 0 part ├─fedora-root 253:0 0 15G 0 lvm / └─fedora-swap 253:1 0 7.8G 0 lvm [SWAP] sr0 11:0 1 1024M 0 rom
註1:EFI 是延伸韌體介面(Extensible Firmware Interface),用以支援隨身碟開機。
註2:sr0是SCSI裝置
(8-3)列出CPU資訊:架構(x86, x86_64...等等)、核心數、執行緒數、頻率和快取
# lscpu 架構: x86_64 CPU 作業模式: 32-bit, 64-bit Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 每核心執行緒數: 1 每通訊端核心數: 4 Socket(s): 1 NUMA 節點: 1 供應商識別號: GenuineIntel CPU 家族: 6 型號: 158 Model name: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz 製程: 9 CPU MHz: 1001.079 CPU max MHz: 3800.0000 CPU min MHz: 800.0000 BogoMIPS: 6816.00 虛擬: VT-x L1d 快取: 32K L1i 快取: 32K L2 快取: 256K L3 快取: 6144K NUMA node0 CPU(s): 0-3 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cm ov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop _tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt ts c_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase ts c_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp [root@localhost ~]#
註3:以 Least Significant Byte(LSB) 逐一儲存位元組者,稱為little-endian,x86_64採用以簡化硬体設計。
(8-4)列出所有的環境變數
# env LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.m4a=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.oga=01;36:*.opus=01;36:*.spx=01;36:*.xspf=01;36: SSH_CONNECTION=10.10.10.191 49256 10.10.10.100 22 LANG=zh_TW.UTF-8 HISTCONTROL=ignoredups HOSTNAME=localhost.localdomain XDG_SESSION_ID=5 USER=root SELINUX_ROLE_REQUESTED= PWD=/root HOME=/root SSH_CLIENT=10.10.10.191 49256 22 SELINUX_LEVEL_REQUESTED= SSH_TTY=/dev/pts/0 MAIL=/var/spool/mail/root TERM=xterm SHELL=/bin/bash SELINUX_USE_CURRENT_RANGE= SHLVL=1 LOGNAME=root DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/0/bus XDG_RUNTIME_DIR=/run/user/0 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin HISTSIZE=1000 LESSOPEN=||/usr/bin/lesspipe.sh %s _=/usr/bin/env
(9)設定網路:
(9-1)
[root@localhost ~]# sudo -i [root@localhost ~]# MY_HOSTNAME=sice.kmvs.km.edu.tw [root@localhost ~]# hostnamectl set-hostname $MY_HOSTNAME
[root@localhost ~]# MY_DNS1=168.95.1.1 [root@localhost ~]# MY_DNS2=168.95.192.1 [root@localhost ~]# MY_IP=10.10.10.100 [root@localhost ~]# MY_PREFIX=24 [root@localhost ~]# MY_GATEWAY=10.10.10.254
(9-2)
[root@localhost ~]# ip route show default default via 10.10.10.254 dev enp0s31f6 proto dhcp metric 100 [root@localhost ~]# ip route show default|awk '{print $5}' enp0s31f6 [root@localhost ~]# DEFAULT_DEV=$(ip route show default|awk '{print $5}')
[root@localhost ~]# nmcli d show $DEFAULT_DEV GENERAL.DEVICE: enp0s31f6 GENERAL.TYPE: ethernet GENERAL.HWADDR: B0:6E:BF:CB:C8:FB GENERAL.MTU: 1500 GENERAL.STATE: 100 (已連線) GENERAL.CONNECTION: enp0s31f6 GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1 WIRED-PROPERTIES.CARRIER: 開 IP4.ADDRESS[1]: 10.10.10.100/24 IP4.GATEWAY: 10.10.10.254 IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 10.10.10.254, mt = 100 IP4.ROUTE[2]: dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 100 IP4.DNS[1]: 10.10.10.254 IP6.ADDRESS[1]: fe80::5448:a273:f1ef:fb19/64 IP6.GATEWAY: -- IP6.ROUTE[1]: dst = ff00::/8, nh = ::, mt = 256, table=255 IP6.ROUTE[2]: dst = fe80::/64, nh = ::, mt = 256 IP6.ROUTE[3]: dst = fe80::/64, nh = ::, mt = 100
[root@localhost ~]# nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p' enp0s31f6
[root@localhost ~]# DEFAULT_CON=$(nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p')
(9-3)在預設連線上建立一個network bridge(br0)
[root@localhost ~]# nohup bash << END > nmcli con mod "$DEFAULT_CON" connection.id "$DEFAULT_DEV" > nmcli con mod "$DEFAULT_DEV" connection.interface-name "$DEFAULT_DEV" > nmcli con mod "$DEFAULT_DEV" ipv4.method disabled > nmcli con up "$DEFAULT_DEV" > nmcli con add con-name br0 ifname br0 type bridge > nmcli con mod br0 bridge.stp no > nmcli con mod br0 ipv4.dns $MY_DNS1 , $MY_DNS2 > nmcli con mod br0 ipv4.addresses $MY_IP/$MY_PREFIX > nmcli con mod br0 ipv4.gateway $MY_GATEWAY > nmcli con mod br0 ipv4.method manual > nmcli con up br0 > nmcli con add con-name br0-slave0 ifname "$DEFAULT_DEV" type bridge-slave master br0 > nmcli con up br0-slave0 > END
以上設定在預設連線上建立一個network bridge,以利日後可在伺服端執行虛擬機器。
bridge將二個區域網路整併成一個。
註4:nohup: 不理會HUP (hangup)訊號,讓目前的批次指令(script)進入背景中執行。
(10)安裝NFS網路檔案系統
ref:how-to-add-network-bridge-with-nmcli-networkmanager-on-linux/
[root@sice ~]# MY_HOSTNAME=sice.kmvs.km.edu.tw
[root@sice ~]# hostnamectl set-hostname $MY_HOSTNAME [root@sice ~]# MY_DNS1=163.25.20.1 [root@sice ~]# MY_DNS2=168.95.192.1 [root@sice ~]# MY_IP=10.10.10.100 [root@sice ~]# MY_PREFIX=24 [root@sice ~]# DEFAULT_DEV=$(ip route show default|awk '{print $5}') [root@sice ~]# DEFAULT_CON=$(nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p')
[root@sice ~]# nohup bash << END > nmcli con mod "$DEFAULT_CON" connection.id "$DEFAULT_DEV" > nmcli con mod "$DEFAULT_DEV" connection.interface-name "$DEFAULT_DEV" > nmcli con mod "$DEFAULT_DEV" ipv4.method disabled > nmcli con up "$DEFAULT_DEV" > nmcli con add con-name br0 ifname br0 type bridge > nmcli con mod br0 bridge.stp no > nmcli con mod br0 ipv4.dns $MY_DNS1,$MY_DNS2 > nmcli con mod br0 ipv4.addresses $MY_IP/$MY_PREFIX > nmcli con mod br0 ipv4.gateway $MY_GATEWAY > nmcli con mod br0 ipv4.method manual > nmcli con up br0 > nmcli con add con-name br0-slave0 ifname "$DEFAULT_DEV" type bridge-slave master br0 > nmcli con up br0-slave0 > END nohup: appending output to 'nohup.out'
[root@sice ~]# dnf install -y nfs-utils
:
已安裝: nfs-utils.x86_64 1:2.3.3-1.rc1.fc28 gssproxy.x86_64 0.8.0-4.fc28 keyutils.x86_64 1.5.10-6.fc28 libev.x86_64 4.24-6.fc28 libevent.x86_64 2.1.8-2.fc28 libverto-libev.x86_64 0.3.0-5.fc28 quota.x86_64 1:4.04-7.fc28 quota-nls.noarch 1:4.04-7.fc28 rpcbind.x86_64 0.2.4-10.rc3.fc28
完成!
(11)
[root@sice ~]# MY_SUBNET=10.10.10.0
[root@sice ~]# mkdir /export
[root@sice ~]# echo "/export -fsid=0,ro,sec=sys,root_squash $MY_SUBNET/$MY_PREFIX" > /etc/exports
(12)
[root@sice ~]# cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet" GRUB_DISABLE_RECOVERY="true" [root@sice ~]#
[root@sice ~]# sed -i '/GRUB_CMDLINE_LINUX/s/"$/ audit=0 selinux=0"/' /etc/default/grub
[root@sice ~]# cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet audit=0 selinux=0" GRUB_DISABLE_RECOVERY="true"
(13)
[root@sice ~]# grub2-mkconfig -o /boot/grub2/grub.cfg Generating grub configuration file ... Found linux image: /boot/vmlinuz-4.19.15-200.fc28.x86_64 Found initrd image: /boot/initramfs-4.19.15-200.fc28.x86_64.img Found linux image: /boot/vmlinuz-0-rescue-467ee3274b0447fe82e1fdc9afd8684b Found initrd image: /boot/initramfs-0-rescue-467ee3274b0447fe82e1fdc9afd8684b.img Found Windows Boot Manager on /dev/sda1@/EFI/Microsoft/Boot/bootmgfw.efi done
(14)
[root@sice ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
[root@sice ~]# cat /etc/sysconfig/selinux
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
(15) 讓nfs可通過防火牆
[root@sice ~]# firewall-cmd --add-service nfs success [root@sice ~]# firewall-cmd --runtime-to-permanent success [root@sice ~]# systemctl enable nfs-server.service Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service. [root@sice ~]# systemctl start nfs-server.service
[root@sice ~]# date 日 1月 20 16:05:45 CST 2019
REF:https://fedoramagazine.org/how-to-build-a-netboot-server-part-1/
|