CentOS配置静态IP

VirtualBox里安装CentOS,配置静态IP

(1)CentOS 6,修改/etc/sysconfig/network-scripts/ifcfg-eth0文件:

......
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.9
NETMASK=255.255.255.0
GATEWAY=192.168.1.1

(2)CentOS 7,修改/etc/sysconfig/network-scripts/ifcfg-enp0s3文件:

......
BOOTPROTO="static"
ONBOOT="yes"
IPADDR="192.168.1.5"
NETMASK="255.255.255.0"
GATEWAY="192.168.1.1"
DNS1="192.168.1.1"
DNS2="8.8.8.8"

 

在RHEL系统上使用“subscription-manager”注册和激活“subscription”

RHEL系统中注册和使用subscription是两个过程:

NOTE: With Red Hat Subscription-Manager, registration and utilization of a subscription is actually a two-part process. First register a system, then apply a subscription.

可以使用下面命令一次完成两个过程:

# subscription-manager register --username <username> --password <password> --auto-attach

在我的RHEL 7.2系统上执行上述命令:

# subscription-manager register --username=xxxx --password=xxxx --auto-attach
Registering to: subscription.rhn.redhat.com:443/subscription
The system has been registered with ID: 333486bb-xxxxxx

Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status:       Subscribed

然后检查状态:

# subscription-manager list

+-------------------------------------------+
    Installed Product Status
+-------------------------------------------+
Product Name:   Red Hat Enterprise Linux Server
Product ID:     69
Version:        7.2
Arch:           x86_64
Status:         Subscribed
Status Details:
Starts:         06/29/2015
Ends:           06/28/2016

接下来就可以使用“yum install”,“yum update”等命令安装和更新软件了,非常方便。

参考资料:
How to Register and Enable Red Hat Subscription, Repositories and Updates for RHEL 7.0 Server
How to register and subscribe a system to the Red Hat Customer Portal using Red Hat Subscription-Manager
RHEL : Register Subscription

 

使用LXC初体验

我使用的OSCentOS 7.1,需要安装lxclxc-templates。安装后的模板在/usr/share/lxc/templates目录下:

# ls
lxc-alpine    lxc-archlinux  lxc-centos  lxc-debian    lxc-fedora  lxc-openmandriva  lxc-oracle  lxc-sshd    lxc-ubuntu-cloud
lxc-altlinux  lxc-busybox    lxc-cirros  lxc-download  lxc-gentoo  lxc-opensuse      lxc-plamo   lxc-ubuntu

接下来以CentOS为模板创建一个container

lxc-create -t centos --name cn-centos

临时的root密码存在/var/lib/lxc/cn-01/tmp_root_pass

# cat /var/lib/lxc/cn-centos/tmp_root_pass
Root-cn-centos-EXb6bB

启动container

# lxc-start -n cn-centos

停止container

# lxc-stop -n cn-centos

参考资料:
Setup Linux Containers Using LXC On Ubuntu 15.04

 

“devel”包是什么?

RHEL上安装package时,经常看到同样名字的package有两个:分别是带和不带devel后缀的。例如:

elfutils-libelf.x86_64 : Library to read and write ELF files
elfutils-libelf-devel.x86_64 : Development support for libelf

两者区别是:不带devel后缀的package,通常只包含能让程序运行的动态库和配置文件。而带devel后缀的package,则包含使用这个package开发程序的所有的必需文件。比如头文件,等等。有时devel package还包含静态库。

参考资料:
What are *-devel packages?

 

在RHEL系统上配置iso文件为yum源

RHEL不能联网时,可以配置安装RHELiso文件为yum源:

(1)挂载iso文件(以RHEL 7.0例):

mount RHEL-7.0-20140507.0-Server-x86_64-dvd1.iso /mnt/iso

(2)在/etc/yum.repos.d文件夹下创建一个RHEL.repo文件:

[RHEL]
name=rhel7server
baseurl=file:///mnt/iso/
enable=1
gpcheck=1
gpgkey=file:///mnt/iso/RPM-GPG-KEY-redhat-release 

P.S. iso文件只提供了一些必须的package。如果要安装的package不在iso中,就要配置相应版本的提供可选packageyum源:

# cat /etc/yum.repos.d/RHEL_OPTIONAL.repo
[RHELOPT]
name=rhel7serveropt
baseurl=http://xxxxxx.net/x86_64/RedHat/EL7/GA/Server-optional/x86_64/os/
enable=1
gpcheck=0 

另外,配置debuginfo packageyum源:

# cat /etc/yum.repos.d/DEBUG.repo
[RHEL_DEBUG]
name=rhel7server_debug
baseurl=http://xxxxxx.net/x86_64/RedHat/EL7/GA/Server/debug/tree/

docker笔记(3)—— selinux导致docker工作不正常

最近几天在研究docker备份文件(操作系统是RHEL7docker版本是1.5.0)。仿照docker文档,执行如下命令:

[root@localhost data]#docker create -v /dbdata --name dbdata training/postgres /bin/true
[root@localhost data]#docker run -d --volumes-from dbdata --name db1 training/postgres
[root@localhost data]# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
tar: /backup/backup.tar: Cannot open: Permission denied
tar: Error is not recoverable: exiting now

看到Permission denied这个提示,自然首先怀疑用户没有写权限的问题。检查一下当前目录的权限:

[root@localhost data]# ls -alt
total 4
drwxrwxrwx.  2 root root    6 May  7 21:33 .
drwxrwx-w-. 15 root root 4096 May  7 21:33 ..

应该是没问题的。经过在stackoverflow上的一番讨论,得到的建议是有可能是selinux捣的鬼。查看了一下selinux状态:

[root@localhost root]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

果断把模式改为permissive:

[root@localhost data]# setenforce 0
[root@localhost data]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

马上工作正常:

[root@localhost data]# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
tar: Removing leading `/' from member names
/dbdata/

因为时间原因,没有往下深究。总之,在使用docker时,要留意一下selinux,有可能会引起很奇怪的问题。

更新:

最近又碰到这个问题,可以参考这篇总结

参考资料:
(1)Why does docker prompt “Permission denied” when backing up the data volume?
(2)How to disable SELinux without restart?
(3)Quick-Tip: Turning off or disabling SELinux

docker笔记(1)—— RHEL 7.0安装docker

官方RHEL 7.0安装docker的文档在这里。由于这个需要用户注册,所以在这里我介绍另一种方法:使用CentOSdocker rpm包。

(1)CentOS的软件包在这里:http://cbs.centos.org/repos/virt7-testing/x86_64/os/,你可以配置到yum源(软件仓库)的配置文件里,类似这样:

[centos-extra]
name=centos extra
baseurl=http://cbs.centos.org/repos/virt7-testing/x86_64/os/
enabled=1
gpgcheck=0

(2)运行“yum install docker”命令。

(3)安装成功后,运行“docker version”命令:

[root@localhost yum.repos.d]# docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.3.3
Git commit (client): a8a31ef/1.5.0
OS/Arch (client): linux/amd64
FATA[0000] Get http:///var/run/docker.sock/v1.17/version: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?

可以看到有“FATA[0000]......”提示,原因是没有启动docker daemon程序,使用“service docker start”可以启动docker程序。再次执行“docker version”命令:

[root@localhost bin]# docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.3.3
Git commit (client): a8a31ef/1.5.0
OS/Arch (client): linux/amd64
Server version: 1.5.0
Server API version: 1.17
Go version (server): go1.3.3
Git commit (server): a8a31ef/1.5.0

可以看到“FATA[0000]......”提示没有了。

(4)接下来的步骤可参考这里