The static configuration ip is as follows:
server:
ip =172.25.x.10,gateway=172.25.x.254,dns1=172.25.254.254
desktop:
ip=172.25.x.11,gateway=172.25.x.254,dns1=172.25.254.254< br>Turn on the desktop and server host firewall;
desktop and server host selinux=enforcing;
The yum source of desktop and server is http://172.25.254.254/rhel7.0/x86_64/dvd
Ensure the following The operation will still take effect after the desktop and server hosts are restarted;
#1. The server host configures the mariadb service as follows:
– This service blocks all tcp/ip connections from the network and only supports local connections;
– Set the password fentiao for the database;
– Create a new database westosinfo, create a table hostinfo in the database;
– The hostinfo table contains fields ip and hostname, and insert 3 records into the table (write it yourself with
) ;
– Create user redhat can only view all tables in the westosinfo database but not modify;
– The authentication password of redhat user is redhat
#2. Configure link aggregation:
– On desktop and server The host is configured with a link, this link uses eth1 and eth2;
– this link can still work normally when an interface fails;
– this link serverx uses the ipv6 address 2014:ac18::10a/64 ;
– This link desktopx uses ipv6 address 2014:ac18::11b/64;
– This link is still maintained after the system restarts Normal status;
#3. The server host configures the dns service as follows:
– The domain managed by the dns built by the server host is “westos.org”;
– Realize the forward direction according to the correspondence between the IP and the domain name below Analysis and reverse analysis:
desktopx.westos.org
172.25.x.10 File: /home/kiosk/Desktop/rh254 review.md
Page 2 of 3
serverx.westos.org< br>172.25.x.11
The desktop host can execute the command dig serverx.westos.org @172.25.x.11;
Resolve to the corresponding ip according to the domain name
dig -x 172.25.0.11 @172.25. 0.11
According to ip reverse analysis to the corresponding domain name
//根
//根
#4. The server host configuration web service is as follows:
– Download http://172.25.254.254/ materials/station.html to the Apache default
release directory and renamed to index.html,
make sure http://serverx.example.com is accessible, and the log location is in logs/
default-vhost.log, The log format is
combined;
– Expand the web host site http://wwwx.example.com to create a virtual host, make sure to set the
default
publishing directory as /var/virtual, visit The content is “wwwx.example.com”, the log is stored in
logs/wwwX.example.com.log, and the log format is combined;
– Create a file named admin in the default publishing directory Directory, the content of the page to access the directory is
admin page, which realizes the realization of apache-based user authentication function, only admin users can log in and browse the page content through the
password fentiao;
– Realize dynamic web content, dynamic content The download address is http://172.25.254.254/
materials/script.wsgi,
Virtual host monitoring port: 8989, desktop host access http://
wsgi.example.com: 8989 to see the dynamic Webpage;
#5. server host Configure iSCSI service:
– Divide a 2G LVM partition on the vdb disk to create a logical volume group
iSCSI_vg and a 1G logical volume disk1_lv;
– Use disk1_lv as the backend of iSCSI The storage name is serverX.disk1;
– Define IQN as iqn.2017-06.com.example:serverX;
– Set ACL to allow initiator name to be
iqn.2017-06.com.example:desktopX
The client can connect. The program monitors port 3260 of 172.25.X.11; File: /home/kiosk/Desktop/rh254 review.md
Page 3 of 3
desktopX installs the client program, connects the iSCSI target resource of serverX to the local, use To create
a
xfs file system, and automatically mount it to /iscsidisk at boot.
Extend: Extend the shared device to 1.5G
#6. Configure SMB service:
– Create a share The directory is /smbshare, the share name is smbshare, and the working group is WESTOS. Members of the
marketing group can read and write this share, and those who do not belong to the marketing group can only read it.
– Create samba-only users brian and rob. The brian user belongs to the
marketing group and the user password is westos.
– Create the mount point /mnt/multiuser directory on desktopX, automatically mount it on boot
smbshare share on serverX, activate smb multi-user mount support.
#7. Configure the nfs service:
– serverx host shares the local directory /nfsshare;
– desktopX can read and write access to this share, and it will automatically mount to the /mnt/nfsshare directory
on boot;
#8. Configure postfix service on serverX and desktopX:
– Set the service to start automatically after booting, and the protective wall allows this service.
– Configure serverX as an empty mail client, only listen to the local loopback interface, and only allow the network segment of 127.0.0.0/8 to forward mails, and the mail domains sent from serverX will be renamed. Written as desktopX.example.com, all mails are forwarded to the host
smtpX.example.com (there is an MX record in DNS, pointing to desktopX),
mails are not stored locally.
– desktopX can receive mail from serverX.
1.yum install mariadb- server -y
systemctl start mariadb systemctl enable mariadbvim /etc/my.cnfskip-networking=1mysql_secure_installationmysql -uroot -pfentiaocreate database westosinfo;use westosinfo;create table hostinfo( ip varchar(15) not null, hostname varchar(15) not null); insert into hostinfo values(‘user1′,’111’); insert into hostinfo values(‘user2′,’222’); insert into hostinfo values(‘user3′,’333′) ;mysql -uroot -pfentiaocreate user redhat@localhost identified by’redhat’;grant select on westosinfo.* to redhat@localhost;2.nmcli connection add con-name team0 ifname team0 type team config'{“runner”:{“n ame”:”activebackup”}}’ ip6 18:ac18:;10a/64nmcli connection add con-name eth1 ifname eth1 type team-slave master team0nmcli connection add con-name eth2 ifname eth2 type team-slave master team03.yum install bind . -yvim /etc/namd.confcd / var / namedcp -p named.localhost westos.org.zonevim westos.org.zoneN SOA dns.westos.org root.westos.org (0;. serial 1D; refresh 1H; retry 1W; expire 3H); minimum NS dns.westos.org.dns A 172.25.18.10desktop18 A 172.25.18.10server18 A 172.25.18.11vim /etc/named.rfc1912.zoneszone “westos.org” IN {type master; file ” westos.org.zone”; allow-update {none;};};cp -p named.loopback westos.org.ptrvim westos.org.ptr$TTL 1D@ IN SOA dns.westos.org. root.westos .org (0; serial 1D; refresh 1H; retry 1W; expire 3H);. minimum NS dns.westos.orgdns A 172.25.18.1010 PTR desktop18.westos.org11 PTR server18.westos.orgvim /etc/named.rfc1912.zoneszone “18.25.172.in-addr.arpa” IN {type master; file “westos.org.ptr”; allow-update {none;};};systemctl restart namedfirewall-cmd –permanent –add-service=dnsfirewall -cmd –reload test terminal vim /etc/resolv.confnameserver 172.25.18.10dig server18.westos.org @172.25.18.10dig -x 172.25.18.11 @172.25.18.104.yum install httpd lftp -ysystemctl start httpdsystemctl enable httpdweget http: //172.25.254.254/materials/station.htmlmv station.html /var/www/html/index.htmlvim /etc/httpd/conf.d/vhost.conf