樹心幽徑

« 20190118製作Fedora Server’s netinst images隨身碟(一個16GB的USB隨身碟才175元)成功 | Main | 20190120在Fedora 28 Netboot server 裝NFS並建立NetBoot Image »

20190119用Fedora Server’s netinst images透過網路安裝Fedora 28 server最小集及NFS4網路檔案系統
2019/01/20,07:44

(1)用Fedora Server’s netinst images隨身碟開機

(不理ACPI-BIOS ERROR訊息)

安裝隨身碟製作過程詳參:http://oldwww.kmvs.km.edu.tw/lf/index.php?op=ViewArticle&articleId=471&blogId=70

(2)選Install Fedora 28

(3)安裝語言選「繁體中文(台灣)」

(4)安裝摘要:

(4-1)鍵盤配置:自選「中華民國(台灣)」

(4-2)語言支援:自選「繁體中文(台灣)」

(4-3)日期與時間:自選「亞洲/台北時區」

(4-4)網路與主機名稱:自動偵測到「enpos31f6乙太網路:IP:10.10.10.100,Gateway:10.10.10.254,DNS:10.10.10.254」

(4-5)安裝來源:自動找到「最近的鏡像站」

(4-6)軟體選擇:挑「最小安裝集」

(4-7)安裝目的地:挑「剛由win10分割區切一半出來」的/dev/sda4空間,並挑由安裝程式規畫安裝分區,動作進行如下:

刪sda4的ntfs檔案系統及分割區-->重建sda4的的分割區及ext4檔案系統-->新建sda6分割區及其上的LVM檔案系統-->新建lvmvg裝置,lvmlv裝置(SWAP)採swap格式-->新建lvmlv裝置及其上的xfs檔案系統。

(5)安裝下載323包RPM,約323MiB (用1024位元組計算的單位為 KiB、MiB、GiB、TiB)

(6)安裝中:給root密碼,並建立一個用戶

(7)安裝完成並重開機

(8)重開機後順利在文字模式用root登入系統並有網路可用,查詢系統相關資訊如下:

(8-1)列出作業系統資訊:

#uname -a

 Linux localhost.localdomain 4.19.15-200.fc28.x86_64 #1 SMP Mon Jan 14 17:06:39 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

(8-2)列出所有的區塊設備(硬碟、隨身碟、…):

# lsblk

NAME            MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT

sda               8:0    0 931.5G  0 disk
├─sda1            8:1    0   260M  0 part /boot/efi
├─sda2            8:2    0    16M  0 part
├─sda3            8:3    0   300G  0 part
├─sda4            8:4    0     1G  0 part /boot
├─sda5            8:5    0   800M  0 part
└─sda6            8:6    0 628.5G  0 part
  ├─fedora-root 253:0    0    15G  0 lvm  /
  └─fedora-swap 253:1    0   7.8G  0 lvm  [SWAP]
sr0              11:0    1  1024M  0 rom

1EFI延伸韌體介面(Extensible Firmware Interface),用以支援隨身碟開機。

2:sr0是SCSI裝置

(8-3)列出CPU資訊:架構(x86, x86_64...等等)、核心數、執行緒數、頻率和快取

# lscpu
架構:               x86_64
CPU 作業模式:       32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              4
On-line CPU(s) list: 0-3
每核心執行緒數:     1
每通訊端核心數:     4
Socket(s):           1
NUMA 節點:          1
供應商識別號:       GenuineIntel
CPU 家族:           6
型號:               158
Model name:          Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
製程:               9
CPU MHz:            1001.079
CPU max MHz:         3800.0000
CPU min MHz:         800.0000
BogoMIPS:            6816.00
虛擬:               VT-x
L1d 快取:           32K
L1i 快取:           32K
L2 快取:            256K
L3 快取:            6144K
NUMA node0 CPU(s):  0-3
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cm                                             ov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb                                              rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop                                             _tsc cpuid aperfmperf tsc_known_freq pni pclmulqdq dtes64 monitor ds_cpl vmx smx                                              est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt ts                                             c_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault                                              epb invpcid_single pti tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase ts                                             c_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm mpx rdseed adx smap clflushopt                                              intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify                                              hwp_act_window hwp_epp
[root@localhost ~]#

註3:以 Least Significant Byte(LSB) 逐一儲存位元組者,稱為little-endian,x86_64採用以簡化硬体設計。

(8-4)列出所有的環境變數

# env
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.m4a=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.oga=01;36:*.opus=01;36:*.spx=01;36:*.xspf=01;36:
SSH_CONNECTION=10.10.10.191 49256 10.10.10.100 22
LANG=zh_TW.UTF-8
HISTCONTROL=ignoredups
HOSTNAME=localhost.localdomain
XDG_SESSION_ID=5
USER=root
SELINUX_ROLE_REQUESTED=
PWD=/root
HOME=/root
SSH_CLIENT=10.10.10.191 49256 22
SELINUX_LEVEL_REQUESTED=
SSH_TTY=/dev/pts/0
MAIL=/var/spool/mail/root
TERM=xterm
SHELL=/bin/bash
SELINUX_USE_CURRENT_RANGE=
SHLVL=1
LOGNAME=root
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/0/bus
XDG_RUNTIME_DIR=/run/user/0
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
HISTSIZE=1000
LESSOPEN=||/usr/bin/lesspipe.sh %s
_=/usr/bin/env

(9)設定網路:

(9-1)

[root@localhost ~]# sudo -i    
[root@localhost ~]# MY_HOSTNAME=sice.kmvs.km.edu.tw
[root@localhost ~]# hostnamectl set-hostname $MY_HOSTNAME

[root@localhost ~]# MY_DNS1=168.95.1.1
[root@localhost ~]# MY_DNS2=168.95.192.1
[root@localhost ~]# MY_IP=10.10.10.100
[root@localhost ~]# MY_PREFIX=24
[root@localhost ~]# MY_GATEWAY=10.10.10.254

(9-2)

[root@localhost ~]# ip route show default
default via 10.10.10.254 dev enp0s31f6 proto dhcp metric 100
[root@localhost ~]# ip route show default|awk '{print $5}'
enp0s31f6
[root@localhost ~]# DEFAULT_DEV=$(ip route show default|awk '{print $5}')

[root@localhost ~]# nmcli d show $DEFAULT_DEV
GENERAL.DEVICE:                         enp0s31f6
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         B0:6E:BF:CB:C8:FB
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (已連線)
GENERAL.CONNECTION:                     enp0s31f6
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER:               開
IP4.ADDRESS[1]:                         10.10.10.100/24
IP4.GATEWAY:                            10.10.10.254
IP4.ROUTE[1]:                           dst = 0.0.0.0/0, nh = 10.10.10.254, mt = 100
IP4.ROUTE[2]:                           dst = 10.10.10.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]:                             10.10.10.254
IP6.ADDRESS[1]:                         fe80::5448:a273:f1ef:fb19/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = ff00::/8, nh = ::, mt = 256, table=255
IP6.ROUTE[2]:                           dst = fe80::/64, nh = ::, mt = 256
IP6.ROUTE[3]:                           dst = fe80::/64, nh = ::, mt = 100

 

[root@localhost ~]# nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p'
enp0s31f6

 

[root@localhost ~]# DEFAULT_CON=$(nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p')

(9-3)在預設連線上建立一個network bridge(br0)

[root@localhost ~]# nohup bash << END
> nmcli con mod "$DEFAULT_CON" connection.id "$DEFAULT_DEV"
> nmcli con mod "$DEFAULT_DEV" connection.interface-name "$DEFAULT_DEV"
> nmcli con mod "$DEFAULT_DEV" ipv4.method disabled
> nmcli con up "$DEFAULT_DEV"
> nmcli con add con-name br0 ifname br0 type bridge
> nmcli con mod br0 bridge.stp no
> nmcli con mod br0 ipv4.dns $MY_DNS1 , $MY_DNS2
> nmcli con mod br0 ipv4.addresses $MY_IP/$MY_PREFIX
> nmcli con mod br0 ipv4.gateway $MY_GATEWAY
> nmcli con mod br0 ipv4.method manual
> nmcli con up br0
> nmcli con add con-name br0-slave0 ifname "$DEFAULT_DEV" type bridge-slave master br0
> nmcli con up br0-slave0
> END

以上設定在預設連線上建立一個network bridge,以利日後可在伺服端執行虛擬機器。

bridge將二個區域網路整併成一個。

 

4nohup: 不理會HUP (hangup)訊號,讓目前的批次指令(script)進入背景中執行。

 

(10)安裝NFS網路檔案系統

ref:how-to-add-network-bridge-with-nmcli-networkmanager-on-linux/

[root@sice ~]# MY_HOSTNAME=sice.kmvs.km.edu.tw

[root@sice ~]#  hostnamectl set-hostname $MY_HOSTNAME
[root@sice ~]# MY_DNS1=163.25.20.1
[root@sice ~]# MY_DNS2=168.95.192.1
[root@sice ~]#  MY_IP=10.10.10.100
[root@sice ~]#  MY_PREFIX=24
[root@sice ~]#  DEFAULT_DEV=$(ip route show default|awk '{print $5}')
[root@sice ~]#  DEFAULT_CON=$(nmcli d show $DEFAULT_DEV | sed -n '/^GENERAL.CONNECTION:/s!.*:\s*!! p')


[root@sice ~]#  nohup bash << END
> nmcli con mod "$DEFAULT_CON" connection.id "$DEFAULT_DEV"
> nmcli con mod "$DEFAULT_DEV" connection.interface-name "$DEFAULT_DEV"
> nmcli con mod "$DEFAULT_DEV" ipv4.method disabled
> nmcli con up "$DEFAULT_DEV"
> nmcli con add con-name br0 ifname br0 type bridge
> nmcli con mod br0 bridge.stp no
> nmcli con mod br0 ipv4.dns $MY_DNS1,$MY_DNS2
> nmcli con mod br0 ipv4.addresses $MY_IP/$MY_PREFIX
> nmcli con mod br0 ipv4.gateway $MY_GATEWAY
> nmcli con mod br0 ipv4.method manual
> nmcli con up br0
> nmcli con add con-name br0-slave0 ifname "$DEFAULT_DEV" type bridge-slave master br0
> nmcli con up br0-slave0
> END
nohup: appending output to 'nohup.out'

 

[root@sice ~]# dnf install -y nfs-utils

:

已安裝:
  nfs-utils.x86_64 1:2.3.3-1.rc1.fc28     gssproxy.x86_64 0.8.0-4.fc28
  keyutils.x86_64 1.5.10-6.fc28           libev.x86_64 4.24-6.fc28
  libevent.x86_64 2.1.8-2.fc28            libverto-libev.x86_64 0.3.0-5.fc28
  quota.x86_64 1:4.04-7.fc28              quota-nls.noarch 1:4.04-7.fc28
  rpcbind.x86_64 0.2.4-10.rc3.fc28

完成!


(11)

[root@sice ~]# MY_SUBNET=10.10.10.0

[root@sice ~]# mkdir /export

[root@sice ~]# echo "/export -fsid=0,ro,sec=sys,root_squash $MY_SUBNET/$MY_PREFIX" > /etc/exports

(12)

[root@sice ~]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet"
GRUB_DISABLE_RECOVERY="true"
[root@sice ~]#

[root@sice ~]# sed -i  '/GRUB_CMDLINE_LINUX/s/"$/ audit=0 selinux=0"/' /etc/default/grub

[root@sice ~]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="resume=/dev/mapper/fedora-swap rd.lvm.lv=fedora/root rd.lvm.lv=fedora/swap rhgb quiet audit=0 selinux=0"
GRUB_DISABLE_RECOVERY="true"

(13)

[root@sice ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.19.15-200.fc28.x86_64
Found initrd image: /boot/initramfs-4.19.15-200.fc28.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-467ee3274b0447fe82e1fdc9afd8684b
Found initrd image: /boot/initramfs-0-rescue-467ee3274b0447fe82e1fdc9afd8684b.img
Found Windows Boot Manager on /dev/sda1@/EFI/Microsoft/Boot/bootmgfw.efi
done

(14)

[root@sice ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux


[root@sice ~]# cat /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


(15) 讓nfs可通過防火牆

[root@sice ~]# firewall-cmd --add-service nfs
success
[root@sice ~]# firewall-cmd --runtime-to-permanent
success
[root@sice ~]# systemctl enable nfs-server.service
Created symlink /etc/systemd/system/multi-user.target.wants/nfs-server.service → /usr/lib/systemd/system/nfs-server.service.
[root@sice ~]# systemctl start nfs-server.service

[root@sice ~]# date
日  1月 20 16:05:45 CST 2019

 

REF:https://fedoramagazine.org/how-to-build-a-netboot-server-part-1/

 

迴響

 
Accessible and Valid XHTML 1.0 Strict and CSS Powered by LifeType