在VirtualBox里安装CentOS,配置静态IP:
(1)CentOS 6,修改/etc/sysconfig/network-scripts/ifcfg-eth0文件:
......
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.1.9
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
(2)CentOS 7,修改/etc/sysconfig/network-scripts/ifcfg-enp0s3文件:
......
BOOTPROTO="static"
ONBOOT="yes"
IPADDR="192.168.1.5"
NETMASK="255.255.255.0"
GATEWAY="192.168.1.1"
DNS1="192.168.1.1"
DNS2="8.8.8.8"
在RHEL系统中注册和使用subscription是两个过程:
NOTE: With Red Hat Subscription-Manager, registration and utilization of a subscription is actually a two-part process. First register a system, then apply a subscription.
可以使用下面命令一次完成两个过程:
# subscription-manager register --username <username> --password <password> --auto-attach
在我的RHEL 7.2系统上执行上述命令:
# subscription-manager register --username=xxxx --password=xxxx --auto-attach
Registering to: subscription.rhn.redhat.com:443/subscription
The system has been registered with ID: 333486bb-xxxxxx
Installed Product Current Status:
Product Name: Red Hat Enterprise Linux Server
Status: Subscribed
然后检查状态:
# subscription-manager list
+-------------------------------------------+
Installed Product Status
+-------------------------------------------+
Product Name: Red Hat Enterprise Linux Server
Product ID: 69
Version: 7.2
Arch: x86_64
Status: Subscribed
Status Details:
Starts: 06/29/2015
Ends: 06/28/2016
接下来就可以使用“yum install”,“yum update”等命令安装和更新软件了,非常方便。
参考资料:
How to Register and Enable Red Hat Subscription, Repositories and Updates for RHEL 7.0 Server;
How to register and subscribe a system to the Red Hat Customer Portal using Red Hat Subscription-Manager;
RHEL : Register Subscription。
我使用的OS是CentOS 7.1,需要安装lxc和lxc-templates。安装后的模板在/usr/share/lxc/templates目录下:
# ls
lxc-alpine lxc-archlinux lxc-centos lxc-debian lxc-fedora lxc-openmandriva lxc-oracle lxc-sshd lxc-ubuntu-cloud
lxc-altlinux lxc-busybox lxc-cirros lxc-download lxc-gentoo lxc-opensuse lxc-plamo lxc-ubuntu
接下来以CentOS为模板创建一个container:
lxc-create -t centos --name cn-centos
临时的root密码存在/var/lib/lxc/cn-01/tmp_root_pass:
# cat /var/lib/lxc/cn-centos/tmp_root_pass
Root-cn-centos-EXb6bB
启动container:
# lxc-start -n cn-centos
停止container:
# lxc-stop -n cn-centos
在RHEL上安装package时,经常看到同样名字的package有两个:分别是带和不带devel后缀的。例如:
elfutils-libelf.x86_64 : Library to read and write ELF files
elfutils-libelf-devel.x86_64 : Development support for libelf
两者区别是:不带devel后缀的package,通常只包含能让程序运行的动态库和配置文件。而带devel后缀的package,则包含使用这个package开发程序的所有的必需文件。比如头文件,等等。有时devel package还包含静态库。
参考资料:
What are *-devel packages?。
当RHEL不能联网时,可以配置安装RHEL的iso文件为yum源:
(1)挂载iso文件(以RHEL 7.0为例):
mount RHEL-7.0-20140507.0-Server-x86_64-dvd1.iso /mnt/iso
(2)在/etc/yum.repos.d文件夹下创建一个RHEL.repo文件:
[RHEL]
name=rhel7server
baseurl=file:///mnt/iso/
enable=1
gpcheck=1
gpgkey=file:///mnt/iso/RPM-GPG-KEY-redhat-release P.S. iso文件只提供了一些必须的package。如果要安装的package不在iso中,就要配置相应版本的提供可选package的yum源:
# cat /etc/yum.repos.d/RHEL_OPTIONAL.repo
[RHELOPT]
name=rhel7serveropt
baseurl=http://xxxxxx.net/x86_64/RedHat/EL7/GA/Server-optional/x86_64/os/
enable=1
gpcheck=0 另外,配置debuginfo package的yum源:
# cat /etc/yum.repos.d/DEBUG.repo
[RHEL_DEBUG]
name=rhel7server_debug
baseurl=http://xxxxxx.net/x86_64/RedHat/EL7/GA/Server/debug/tree/在RHEL 7.0系统上,如果挂载RHEL 7.1的光盘,安装RPM包,会报以下错误:
[root@root Packages]# rpm -ivh xxxx.x86_64.rpm
error: xxxx.x86_64.rpm: not an rpm package (or package manifest):
当挂载RHEL 7.0的光盘后,一切安装正常。
最近几天在研究docker备份文件(操作系统是RHEL7,docker版本是1.5.0)。仿照docker文档,执行如下命令:
[root@localhost data]#docker create -v /dbdata --name dbdata training/postgres /bin/true
[root@localhost data]#docker run -d --volumes-from dbdata --name db1 training/postgres
[root@localhost data]# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
tar: /backup/backup.tar: Cannot open: Permission denied
tar: Error is not recoverable: exiting now
看到Permission denied这个提示,自然首先怀疑用户没有写权限的问题。检查一下当前目录的权限:
[root@localhost data]# ls -alt
total 4
drwxrwxrwx. 2 root root 6 May 7 21:33 .
drwxrwx-w-. 15 root root 4096 May 7 21:33 ..
应该是没问题的。经过在stackoverflow上的一番讨论,得到的建议是有可能是selinux捣的鬼。查看了一下selinux状态:
[root@localhost root]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
果断把模式改为permissive:
[root@localhost data]# setenforce 0
[root@localhost data]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: permissive
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28
马上工作正常:
[root@localhost data]# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
tar: Removing leading `/' from member names
/dbdata/
因为时间原因,没有往下深究。总之,在使用docker时,要留意一下selinux,有可能会引起很奇怪的问题。
更新:
最近又碰到这个问题,可以参考这篇总结。
参考资料:
(1)Why does docker prompt “Permission denied” when backing up the data volume?;
(2)How to disable SELinux without restart?;
(3)Quick-Tip: Turning off or disabling SELinux。
官方RHEL 7.0安装docker的文档在这里。由于这个需要用户注册,所以在这里我介绍另一种方法:使用CentOS的docker rpm包。
(1)CentOS的软件包在这里:http://cbs.centos.org/repos/virt7-testing/x86_64/os/,你可以配置到yum源(软件仓库)的配置文件里,类似这样:
[centos-extra]
name=centos extra
baseurl=http://cbs.centos.org/repos/virt7-testing/x86_64/os/
enabled=1
gpgcheck=0
(2)运行“yum install docker”命令。
(3)安装成功后,运行“docker version”命令:
[root@localhost yum.repos.d]# docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.3.3
Git commit (client): a8a31ef/1.5.0
OS/Arch (client): linux/amd64
FATA[0000] Get http:///var/run/docker.sock/v1.17/version: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
可以看到有“FATA[0000]......”提示,原因是没有启动docker daemon程序,使用“service docker start”可以启动docker程序。再次执行“docker version”命令:
[root@localhost bin]# docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.3.3
Git commit (client): a8a31ef/1.5.0
OS/Arch (client): linux/amd64
Server version: 1.5.0
Server API version: 1.17
Go version (server): go1.3.3
Git commit (server): a8a31ef/1.5.0
可以看到“FATA[0000]......”提示没有了。
(4)接下来的步骤可参考这里。