最新信息 | Fencatn | 这里是Fencatn站点，欢迎！

ELK_DAY02_各类插件使用

发表于2018年10月22日由tim, arc

1 案例1：导入数据
1.1 问题

本案例要求批量导入数据：
批量导入数据并查看
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：导入数据

使用POST方式批量导入数据，数据格式为json，url 编码使用data-binary导入含有index配置的json文件
[root@room9pc01 ~]# scp /var/ftp/elk/*.gz 192.168.1.66:/root/
[root@kibana ~]# gzip -d logs.jsonl.gz
[root@kibana ~]# gzip -d accounts.json.gz
[root@kibana ~]# gzip -d shakespeare.json.gz
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/_bulk” \
–data-binary @shakespeare.json
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/xixi/haha/_bulk” \
–data-binary @accounts.json
//索引是xixi，类型是haha，必须导入索引和类型，没有索引，要加上
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/_bulk” \
–data-binary @logs.jsonl
2）使用GET查询结果
[root@kibana ~]# curl -XGET ‘http://192.168.1.61:9200/_mget?pretty’ -d ‘{
“docs”:[
{
“_index”:”shakespeare”,
“_type:”:”act”,
“_id”:0
},
{
“_index”:”shakespeare”,
“_type:”:”line”,
“_id”:0
},
{
“_index”:”xixi”,
“_type:”:”haha”,
“_id”:25
}
]
}’
{ //查询的结果
“docs” : [ {
“_index” : “shakespeare”,
“_type” : “act”,
“_id” : “0”,
“_version” : 1,
“found” : true,
“_source” : {
“line_id” : 1,
“play_name” : “Henry IV”,
“speech_number” : “”,
“line_number” : “”,
“speaker” : “”,
“text_entry” : “ACT I”
}
}, {
“_index” : “shakespeare”,
“_type” : “act”,
“_id” : “0”,
“_version” : 1,
“found” : true,
“_source” : {
“line_id” : 1,
“play_name” : “Henry IV”,
“speech_number” : “”,
“line_number” : “”,
“speaker” : “”,
“text_entry” : “ACT I”
}
}, {
“_index” : “xixi”,
“_type” : “haha”,
“_id” : “25”,
“_version” : 1,
“found” : true,
“_source” : {
“account_number” : 25,
“balance” : 40540,
“firstname” : “Virginia”,
“lastname” : “Ayala”,
“age” : 39,
“gender” : “F”,
“address” : “171 Putnam Avenue”,
“employer” : “Filodyne”,
“email” : “[email protected]”,
“city” : “Nicholson”,
“state” : “PA”
}
} ]
}
代码如下
第一步，导入数据，代码太长，不贴了
[root@kibana ~]# gzip -d logs.jsonl.gz
[root@kibana ~]# gzip -d accounts.json.gz
[root@kibana ~]# gzip -d shakespeare.json.gz
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/_bulk” \
–data-binary @shakespeare.json
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/xixi/haha/_bulk” \
–data-binary @accounts.json
//索引是xixi，类型是haha，必须导入索引和类型，没有索引，要加上
[root@kibana ~]# curl -X POST “http://192.168.1.61:9200/_bulk” \
–data-binary @logs.jsonl

第二步，使用GET查询结果
[root@kibana ~]# curl -XGET ‘http://192.168.1.61:9200/_mget?pretty’ -d ‘{
> “docs”:[
> {
> “_index”:”shakespeare”,
> “_type:”:”act”,
> “_id”:0
> },
> {
> “_index”:”shakespeare”,
> “_type:”:”line”,
> “_id”:0
> },
> {
> “_index”:”xixi”,
> “_type:”:”haha”,
> “_id”:25
> }
> ]
> }’
输出的查询结果如下
{
“docs” : [ {
“_index” : “shakespeare”,
“_type” : “act”,
“_id” : “0”,
“_version” : 1,
“found” : true,
“_source” : {
“line_id” : 1,
“play_name” : “Henry IV”,
“speech_number” : “”,
“line_number” : “”,
“speaker” : “”,
“text_entry” : “ACT I”
}
}, {
“_index” : “shakespeare”,
“_type” : “act”,
“_id” : “0”,
“_version” : 1,
“found” : true,
“_source” : {
“line_id” : 1,
“play_name” : “Henry IV”,
“speech_number” : “”,
“line_number” : “”,
“speaker” : “”,
“text_entry” : “ACT I”
}
}, {
“_index” : “xixi”,
“_type” : “haha”,
“_id” : “25”,
“_version” : 1,
“found” : true,
“_source” : {
“account_number” : 25,
“balance” : 40540,
“firstname” : “Virginia”,
“lastname” : “Ayala”,
“age” : 39,
“gender” : “F”,
“address” : “171 Putnam Avenue”,
“employer” : “Filodyne”,
“email” : “[email protected]”,
“city” : “Nicholson”,
“state” : “PA”
}
} ]
}

步骤二：使用kibana查看数据是否导入成功

1）数据导入以后查看logs是否导入成功，如图-1所示：
[root@se5 ~]# firefox http://192.168.1.65:9200/_plugin/head/

图-1
2）kibana导入数据，如图-2所示：
[root@kibana ~]# firefox http://192.168.1.66:5601

图-2
3）成功创建会有logstash-*，如图-3所示：
/
图-3
4）导入成功之后选择Discover，如图-4所示：

图-4
注意：这里没有数据的原因是导入日志的时间段不对，默认配置是最近15分钟，在这可以修改一下时间来显示
5）kibana修改时间，选择Lsat 15 miuntes，如图-5所示：

图-5
6）选择Absolute，如图-6所示：

图-6
7）选择时间2015-5-15到2015-5-22，如图-7所示：

图-7
8）查看结果，如图-8所示：

图-8
9）除了柱状图，Kibana还支持很多种展示方式，如图-9所示：

图-9
10）做一个饼图，选择Pie chart，如图-10所示：

图-10
11）选择from a new serach，如图-11所示：

图-11
12）选择Spilt Slices，如图-12所示：

图-12
13）选择Trems,Memary(也可以选择其他的，这个不固定)，如图-13所示：

图-13
14）结果，如图-14所示：

图-14
15）保存后可以在Dashboard查看，如图-15所示：

代码如下：
（没有太多代码，需要去网页上面去操作）

2 案例2：综合练习
2.1 问题

本案例要求：
练习插件
安装一台Apache服务并配置
使用filebeat收集Apache服务器的日志
使用grok处理filebeat发送过来的日志
存入elasticsearch
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：安装logstash

1）配置主机名，ip和yum源，配置/etc/hosts（请把se1-se5和kibana主机配置和logstash一样的/etc/hosts）
[root@logstash ~]# vim /etc/hosts
192.168.1.61 se1
192.168.1.62 se2
192.168.1.63 se3
192.168.1.64 se4
192.168.1.65 se5
192.168.1.66 kibana
192.168.1.67 logstash
2）安装java-1.8.0-openjdk和logstash
[root@logstash ~]# yum -y install java-1.8.0-openjdk
[root@logstash ~]# yum -y install logstash
[root@logstash ~]# java -version
openjdk version “1.8.0_131”
OpenJDK Runtime Environment (build 1.8.0_131-b12)
OpenJDK 64-Bit Server VM (build 25.131-b12, mixed mode)
[root@logstash ~]# touch /etc/logstash/logstash.conf
[root@logstash ~]# /opt/logstash/bin/logstash –version
logstash 2.3.4
[root@logstash ~]# /opt/logstash/bin/logstash-plugin list //查看插件
…
logstash-input-stdin //标准输入插件
logstash-output-stdout //标准输出插件
…
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
stdin{
}
}
filter{
}
output{
stdout{
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
//启动并测试
Settings: Default pipeline workers: 2
Pipeline main started
aa //logstash 配置从标准输入读取输入源,然后从标准输出输出到屏幕
2018-09-15T06:19:28.724Z logstash aa
备注：若不会写配置文件可以找帮助，插件文档的位置：
https://github.com/logstash-plugins
3）codec类插件
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
stdin{
codec => “json” //输入设置为编码json
}
}
filter{
}
output{
stdout{
codec => “rubydebug” //输出设置为rubydebug
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
Settings: Default pipeline workers: 2
Pipeline main started
{“a”:1}
{
“a” => 1,
“@version” => “1”,
“@timestamp” => “2018-09-15T06:34:14.538Z”,
“host” => “logstash”
}
4）file模块插件
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb” //记录读取文件的位置
start_position => “beginning” //配置第一次读取文件从什么地方开始
type => “testlog” //类型名称
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
[root@logstash ~]# touch /tmp/a.log
[root@logstash ~]# touch /var/tmp/b.log
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
另开一个终端：写入数据
[root@logstash ~]# echo a1 > /tmp/a.log
[root@logstash ~]# echo b1 > /var/tmp/b.log
之前终端查看：
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “a1”,
“@version” => “1”,
“@timestamp” => “2018-09-15T06:44:30.671Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “b1”,
“@version” => “1”,
“@timestamp” => “2018-09-15T06:45:04.725Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}

5）tcp、udp模块插件
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
//启动
另开一个终端查看，可以看到端口
[root@logstash tmp]# netstat -antup | grep 8888
tcp6 0 0 :::8888 :::* LISTEN 22191/java
[root@logstash tmp]# netstat -antup | grep 9999
udp6 0 0 :::9999 :::* 22191/java
在另一台主机上写一个脚本，发送数据，使启动的logstash可以接收到数据
[root@se5 ~]# vim tcp.sh
function sendmsg(){
if [[ “$1” == “tcp” ]];then
exec 9<>/dev/tcp/192.168.1.67/8888
else
exec 9<>/dev/udp/192.168.1.67/9999
fi
echo “$2” >&9
exec 9<&-
}
[root@se5 ~]# . tcp.sh //重新载入一下
[root@se5 ~]# sendmsg udp “is tcp test”
[root@se5 ~]# sendmsg udp “is tcp ss”
logstash主机查看结果
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “is tcp test\n”,
“@version” => “1”,
“@timestamp” => “2018-09-15T07:45:00.638Z”,
“type” => “udplog”,
“host” => “192.168.1.65”
}
{
“message” => “is tcp ss\n”,
“@version” => “1”,
“@timestamp” => “2018-09-15T07:45:08.897Z”,
“type” => “udplog”,
“host” => “192.168.1.65”
}
6）syslog插件练习
[root@logstash ~]# systemctl list-unit-files | grep syslog
rsyslog.service enabled
syslog.socket static
[root@logstash ~]# vim /etc/logstash/logstash.conf
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
另一个终端查看是否检测到514
[root@logstash ~]# netstat -antup | grep 514
tcp6 0 0 :::514 :::* LISTEN 22728/java
udp6 0 0 :::514 :::* 22728/java
另一台主机上面操作,本地写的日志本地可以查看
[root@se5 ~]# vim /etc/rsyslog.conf
local0.info /var/log/mylog //自己添加这一行
[root@se5 ~]# systemctl restart rsyslog //重启rsyslog
[root@se5 ~]# ll /var/log/mylog //提示没有那个文件或目录
ls: cannot access /var/log/mylog: No such file or directory
[root@se5 ~]# logger -p local0.info -t nsd “elk” //写日志
[root@se5 ~]# ll /var/log/mylog //再次查看，有文件
-rw——- 1 root root 29 Sep 15 16:23 /var/log/mylog
[root@se5 ~]# tail /var/log/mylog //可以查看到写的日志
Sep 15 16:23:25 se5 nsd: elk
[root@se5 ~]# tail /var/log/messages
//可以查看到写的日志，因为配置文件里有写以.info结尾的可以收到
…
Sep 15 16:23:25 se5 nsd: elk
把本地的日志发送给远程1.67
[root@se5 ~]# vim /etc/rsyslog.conf
local0.info @192.168.1.67:514
//写一个@或两个@@都可以，一个@代表udp，两个@@代表tcp
[root@se5 ~]# systemctl restart rsyslog
[root@se5 ~]# logger -p local0.info -t nds “001 elk”
[root@logstash bin]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
//检测到写的日志
{
“message” => “001 elk”,
“@version” => “1”,
“@timestamp” => “2018-09-05T09:15:47.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 134,
“timestamp” => “Jun 5 17:15:47”,
“logsource” => “kibana”,
“program” => “nds1801”,
“severity” => 6,
“facility” => 16,
“facility_label” => “local0”,
“severity_label” => “Informational”
}
rsyslog.conf配置向远程发送数据，远程登陆1.65的时侯，把登陆日志的信息（/var/log/secure）转发给logstash即1.67这台机器
[root@se5 ~]# vim /etc/rsyslog.conf
57 authpriv.* @@192.168.1.67:514
//57行的/var/log/secure改为@@192.168.1.67:514
[root@se5 ~]# systemctl restart rsyslog
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
//找一台主机登录1.65，logstash主机会有数据
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “Accepted password for root from 192.168.1.254 port 33780 ssh2\n”,
“@version” => “1”,
“@timestamp” => “2018-09-15T08:40:57.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 86,
“timestamp” => “Sep 15 16:40:57”,
“logsource” => “se5”,
“program” => “sshd”,
“pid” => “26133”,
“severity” => 6,
“facility” => 10,
“facility_label” => “security/authorization”,
“severity_label” => “Informational”
}
{
“message” => “pam_unix(sshd:session): session opened for user root by (uid=0)\n”,
“@version” => “1”,
“@timestamp” => “2018-09-15T08:40:57.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 86,
“timestamp” => “Sep 15 16:40:57”,
“logsource” => “se5”,
“program” => “sshd”,
“pid” => “26133”,
“severity” => 6,
“facility” => 10,
“facility_label” => “security/authorization”,
“severity_label” => “Informational”
7）filter grok插件
grok插件：
解析各种非结构化的日志数据插件
grok使用正则表达式把飞结构化的数据结构化
在分组匹配，正则表达式需要根据具体数据结构编写
虽然编写困难，但适用性极广
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
stdin{ codec => “json” }
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
grok{
match => [“message”, “(?<key>reg)”]
}
}
output{
stdout{
codec => “rubydebug”
}
}
[root@se5 ~]# yum -y install httpd
[root@se5 ~]# systemctl restart httpd
[root@se5 ~]# vim /var/log/httpd/access_log
192.168.1.254 – – [15/Sep/2018:18:25:46 +0800] “GET / HTTP/1.1” 403 4897 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0”
复制/var/log/httpd/access_log的日志到logstash下的/tmp/a.log
[root@logstash ~]# vim /tmp/a.log
192.168.1.254 – – [15/Sep/2018:18:25:46 +0800] “GET / HTTP/1.1” 403 4897 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0”
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
//出现message的日志，但是没有解析是什么意思
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “.168.1.254 – – [15/Sep/2018:18:25:46 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0\””,
“@version” => “1”,
“@timestamp” => “2018-09-15T10:26:51.335Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”,
“tags” => [
[0] “_grokparsefailure”
]
}
若要解决没有解析的问题，同样的方法把日志复制到/tmp/a.log，logstash.conf配置文件里面修改grok
查找正则宏路径
[root@logstash ~]# cd /opt/logstash/vendor/bundle/ \
jruby/1.9/gems/logstash-patterns-core-2.0.5/patterns/
[root@logstash ~]# vim grok-patterns //查找COMBINEDAPACHELOG
COMBINEDAPACHELOG %{COMMONAPACHELOG} %{QS:referrer} %{QS:agent}
[root@logstash ~]# vim /etc/logstash/logstash.conf
…
filter{
grok{
match => [“message”, “%{COMBINEDAPACHELOG}”]
}
}
…
解析出的结果
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “192.168.1.254 – – [15/Sep/2018:18:25:46 +0800] \”GET /noindex/css/open-sans.css HTTP/1.1\” 200 5081 \”http://192.168.1.65/\” \”Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0\””,
“@version” => “1”,
“@timestamp” => “2018-09-15T10:55:57.743Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”,
“clientip” => “192.168.1.254”,
“ident” => “-“,
“auth” => “-“,
“timestamp” => “15/Sep/2018:18:25:46 +0800”,
“verb” => “GET”,
“request” => “/noindex/css/open-sans.css”,
“httpversion” => “1.1”,
“response” => “200”,
“bytes” => “5081”,
“referrer” => “\”http://192.168.1.65/\””,
“agent” => “\”Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0\””
}
步骤二：安装Apache服务，用filebeat收集Apache服务器的日志，存入elasticsearch

1）在之前安装了Apache的主机上面安装filebeat
[root@se5 ~]# yum -y install filebeat
[root@se5 ~]# vim/etc/filebeat/filebeat.yml
paths:
– /var/log/httpd/access_log //日志的路径，短横线加空格代表yml格式
document_type: apachelog //文档类型
elasticsearch: //加上注释
hosts: [“localhost:9200”] //加上注释
logstash: //去掉注释
hosts: [“192.168.1.67:5044”] //去掉注释,logstash那台主机的ip
[root@se5 ~]# systemctl start filebeat
[root@logstash ~]# vim /etc/logstash/logstash.conf
input{
stdin{ codec => “json” }
beats{
port => 5044
}
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/dev/null”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
if [type] == “apachelog”{
grok{
match => [“message”, “%{COMBINEDAPACHELOG}”]
}}
}
output{
stdout{ codec => “rubydebug” }
if [type] == “filelog”{
elasticsearch {
hosts => [“192.168.1.61:9200”, “192.168.1.62:9200”]
index => “filelog”
flush_size => 2000
idle_flush_time => 10
}}
}
[root@logstash logstash]# /opt/logstash/bin/logstash \
-f /etc/logstash/logstash.conf
打开另一终端查看5044是否成功启动
[root@logstash ~]# netstat -antup | grep 5044
tcp6 0 0 :::5044 :::* LISTEN 23776/java
[root@se5 ~]# firefox 192.168.1.65 //ip为安装filebeat的那台机器
回到原来的终端，有数据
2）修改logstash.conf文件
[root@logstash logstash]# vim logstash.conf
…
output{
stdout{ codec => “rubydebug” }
if [type] == “apachelog”{
elasticsearch {
hosts => [“192.168.1.61:9200”, “192.168.1.62:9200”]
index => “apachelog”
flush_size => 2000
idle_flush_time => 10
}}
}
浏览器访问Elasticsearch，有apachelog，如图-16所示：

代码如下
HOSTS修改
现在NODE1上面改好HOSTS，然后全部同步过去
[root@se1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.61 se1
192.168.1.62 se2
192.168.1.63 se3
192.168.1.64 se4
192.168.1.65 se5
192.168.1.66 kibana
192.168.1.67 logstash
[root@se1 ~]#
[root@se1 ~]# for i in {62..67} ; do scp /etc/hosts 192.168.1.$i:/etc/hosts ; done
[email protected]’s password:
hosts 100% 285 613.5KB/s 00:00
[email protected]’s password:
hosts 100% 285 683.4KB/s 00:00
[email protected]’s password:
hosts 100% 285 292.7KB/s 00:00
[email protected]’s password:
hosts 100% 285 158.4KB/s 00:00
The authenticity of host ‘192.168.1.66 (192.168.1.66)’ can’t be established.
ECDSA key fingerprint is SHA256:9eETwPzeFux5NrrknGudd0gBIRJYNtFs2RefL2HtTvY.
ECDSA key fingerprint is MD5:0a:a0:3e:e0:4d:ea:fa:4b:b8:6b:c4:df:4e:cd:0d:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.66’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 285 5.0KB/s 00:00
The authenticity of host ‘192.168.1.67 (192.168.1.67)’ can’t be established.
ECDSA key fingerprint is SHA256:JbQOqJPIrX0AR2+zx/zH0l5PgTqG+/iI18msTH6TeYE.
ECDSA key fingerprint is MD5:88:61:43:fa:37:f4:ab:a4:bd:67:de:9d:51:81:94:13.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.67’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 285 421.1KB/s 00:00

到logstash机器上面去操作，安装基本的环境
[root@logstash ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.61 se1
192.168.1.62 se2
192.168.1.63 se3
192.168.1.64 se4
192.168.1.65 se5
192.168.1.66 kibana
192.168.1.67 logstash
[root@logstash ~]# yum install -y java-1.8.0-openjdk
已加载插件：fastestmirror
base | 3.6 kB 00:00:00
elk | 2.9 kB 00:00:00
extras | 3.4 kB 00:00:00
local_repo | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.cqu.edu.cn
* extras: mirrors.163.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 java-1.8.0-openjdk.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 java-1.8.0-openjdk-headless(x86-64) = 1:1.8.0.181-3.b13.el7_5，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 xorg-x11-fonts-Type1，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15(PNG15_0)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62(LIBJPEG_6.2)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 fontconfig(x86-64)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libgif.so.4()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXtst.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXrender.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXi.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXext.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXcomposite.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libX11.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在检查事务
—> 软件包 fontconfig.x86_64.0.2.10.95-11.el7 将被安装
–> 正在处理依赖关系 fontpackages-filesystem，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
–> 正在处理依赖关系 font(:lang=en)，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
—> 软件包 giflib.x86_64.0.4.1.6-9.el7 将被安装
–> 正在处理依赖关系 libSM.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
–> 正在处理依赖关系 libICE.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
—> 软件包 java-1.8.0-openjdk-headless.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 tzdata-java >= 2015d，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss-softokn(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 copy-jdk-configs >= 2.2，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 lksctp-tools(x86-64)，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 jpackage-utils，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
—> 软件包 libX11.x86_64.0.1.6.5-1.el7 将被安装
–> 正在处理依赖关系 libX11-common >= 1.6.5-1.el7，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
–> 正在处理依赖关系 libxcb.so.1()(64bit)，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
—> 软件包 libXcomposite.x86_64.0.0.4.4-4.1.el7 将被安装
—> 软件包 libXext.x86_64.0.1.3.3-3.el7 将被安装
—> 软件包 libXi.x86_64.0.1.7.9-1.el7 将被安装
—> 软件包 libXrender.x86_64.0.0.9.10-1.el7 将被安装
—> 软件包 libXtst.x86_64.0.1.2.3-1.el7 将被安装
—> 软件包 libjpeg-turbo.x86_64.0.1.2.90-5.el7 将被安装
—> 软件包 libpng.x86_64.2.1.5.13-7.el7_2 将被安装
—> 软件包 xorg-x11-fonts-Type1.noarch.0.7.5-9.el7 将被安装
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在检查事务
—> 软件包 copy-jdk-configs.noarch.0.3.3-10.el7_5 将被安装
—> 软件包 fontpackages-filesystem.noarch.0.1.44-8.el7 将被安装
—> 软件包 javapackages-tools.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-javapackages = 3.4.1-11.el7，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
–> 正在处理依赖关系 libxslt，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
—> 软件包 libICE.x86_64.0.1.0.9-9.el7 将被安装
—> 软件包 libSM.x86_64.0.1.2.2-2.el7 将被安装
—> 软件包 libX11-common.noarch.0.1.6.5-1.el7 将被安装
—> 软件包 libxcb.x86_64.0.1.12-1.el7 将被安装
–> 正在处理依赖关系 libXau.so.6()(64bit)，它被软件包 libxcb-1.12-1.el7.x86_64 需要
—> 软件包 lksctp-tools.x86_64.0.1.0.17-2.el7 将被安装
—> 软件包 nss.x86_64.0.3.28.4-8.el7 将被升级
–> 正在处理依赖关系 nss = 3.28.4-8.el7，它被软件包 nss-sysinit-3.28.4-8.el7.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) = 3.28.4-8.el7，它被软件包 nss-tools-3.28.4-8.el7.x86_64 需要
—> 软件包 nss.x86_64.0.3.36.0-7.el7_5 将被更新
–> 正在处理依赖关系 nss-util >= 3.36.0-1，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 nspr >= 4.19.0，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 libnssutil3.so(NSSUTIL_3.31)(64bit)，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
—> 软件包 nss-softokn.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn.x86_64.0.3.36.0-5.el7_5 将被更新
–> 正在处理依赖关系 nss-softokn-freebl(x86-64) >= 3.36.0-5.el7_5，它被软件包 nss-softokn-3.36.0-5.el7_5.x86_64 需要
—> 软件包 stix-fonts.noarch.0.1.1.0-5.el7 将被安装
—> 软件包 ttmkfdir.x86_64.0.3.0.9-42.el7 将被安装
—> 软件包 tzdata-java.noarch.0.2018e-3.el7 将被安装
—> 软件包 xorg-x11-font-utils.x86_64.1.7.5-20.el7 将被安装
–> 正在处理依赖关系 libfontenc.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在处理依赖关系 libXfont.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在检查事务
—> 软件包 libXau.x86_64.0.1.0.8-2.1.el7 将被安装
—> 软件包 libXfont.x86_64.0.1.5.2-1.el7 将被安装
—> 软件包 libfontenc.x86_64.0.1.1.3-3.el7 将被安装
—> 软件包 libxslt.x86_64.0.1.1.28-5.el7 将被安装
—> 软件包 nspr.x86_64.0.4.13.1-1.0.el7_3 将被升级
—> 软件包 nspr.x86_64.0.4.19.0-1.el7_5 将被更新
—> 软件包 nss-softokn-freebl.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn-freebl.x86_64.0.3.36.0-5.el7_5 将被更新
—> 软件包 nss-sysinit.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-sysinit.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-tools.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-tools.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-util.x86_64.0.3.28.4-3.el7 将被升级
—> 软件包 nss-util.x86_64.0.3.36.0-1.el7_5 将被更新
—> 软件包 python-javapackages.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-lxml，它被软件包 python-javapackages-3.4.1-11.el7.noarch 需要
–> 正在检查事务
—> 软件包 python-lxml.x86_64.0.3.2.1-4.el7 将被安装
–> 解决依赖关系完成

依赖关系解决

=====================================================================================================================
Package 架构版本源大小
=====================================================================================================================
正在安装:
java-1.8.0-openjdk x86_64 1:1.8.0.181-3.b13.el7_5 updates 250 k
为依赖而安装:
copy-jdk-configs noarch 3.3-10.el7_5 updates 21 k
fontconfig x86_64 2.10.95-11.el7 base 229 k
fontpackages-filesystem noarch 1.44-8.el7 base 9.9 k
giflib x86_64 4.1.6-9.el7 base 40 k
java-1.8.0-openjdk-headless x86_64 1:1.8.0.181-3.b13.el7_5 updates 32 M
javapackages-tools noarch 3.4.1-11.el7 base 73 k
libICE x86_64 1.0.9-9.el7 base 66 k
libSM x86_64 1.2.2-2.el7 base 39 k
libX11 x86_64 1.6.5-1.el7 base 606 k
libX11-common noarch 1.6.5-1.el7 base 164 k
libXau x86_64 1.0.8-2.1.el7 base 29 k
libXcomposite x86_64 0.4.4-4.1.el7 base 22 k
libXext x86_64 1.3.3-3.el7 base 39 k
libXfont x86_64 1.5.2-1.el7 base 152 k
libXi x86_64 1.7.9-1.el7 base 40 k
libXrender x86_64 0.9.10-1.el7 base 26 k
libXtst x86_64 1.2.3-1.el7 base 20 k
libfontenc x86_64 1.1.3-3.el7 base 31 k
libjpeg-turbo x86_64 1.2.90-5.el7 base 134 k
libpng x86_64 2:1.5.13-7.el7_2 base 213 k
libxcb x86_64 1.12-1.el7 base 211 k
libxslt x86_64 1.1.28-5.el7 base 242 k
lksctp-tools x86_64 1.0.17-2.el7 base 88 k
python-javapackages noarch 3.4.1-11.el7 base 31 k
python-lxml x86_64 3.2.1-4.el7 base 758 k
stix-fonts noarch 1.1.0-5.el7 base 1.3 M
ttmkfdir x86_64 3.0.9-42.el7 base 48 k
tzdata-java noarch 2018e-3.el7 updates 185 k
xorg-x11-font-utils x86_64 1:7.5-20.el7 base 87 k
xorg-x11-fonts-Type1 noarch 7.5-9.el7 base 521 k
为依赖而更新:
nspr x86_64 4.19.0-1.el7_5 updates 127 k
nss x86_64 3.36.0-7.el7_5 updates 835 k
nss-softokn x86_64 3.36.0-5.el7_5 updates 315 k
nss-softokn-freebl x86_64 3.36.0-5.el7_5 updates 222 k
nss-sysinit x86_64 3.36.0-7.el7_5 updates 62 k
nss-tools x86_64 3.36.0-7.el7_5 updates 515 k
nss-util x86_64 3.36.0-1.el7_5 updates 78 k

事务概要
=====================================================================================================================
安装 1 软件包 (+30 依赖软件包)
升级 ( 7 依赖软件包)

总下载量：39 M
Downloading packages:
Delta : tzdata-java-2018e-3.el7.noarch.rpm | 185 kB 00:00:01
———————————————————————————————————————
总计 4.7 MB/s | 39 MB 00:00:08
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : nspr-4.19.0-1.el7_5.x86_64 1/45
正在更新 : nss-util-3.36.0-1.el7_5.x86_64 2/45
正在安装 : libfontenc-1.1.3-3.el7.x86_64 3/45
正在安装 : libxslt-1.1.28-5.el7.x86_64 4/45
正在安装 : fontpackages-filesystem-1.44-8.el7.noarch 5/45
正在安装 : libjpeg-turbo-1.2.90-5.el7.x86_64 6/45
正在安装 : libICE-1.0.9-9.el7.x86_64 7/45
正在安装 : libSM-1.2.2-2.el7.x86_64 8/45
正在安装 : stix-fonts-1.1.0-5.el7.noarch 9/45
正在安装 : fontconfig-2.10.95-11.el7.x86_64 10/45
正在安装 : python-lxml-3.2.1-4.el7.x86_64 11/45
正在安装 : python-javapackages-3.4.1-11.el7.noarch 12/45
正在安装 : javapackages-tools-3.4.1-11.el7.noarch 13/45
正在安装 : libXfont-1.5.2-1.el7.x86_64 14/45
正在安装 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 15/45
正在更新 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 16/45
正在更新 : nss-softokn-3.36.0-5.el7_5.x86_64 17/45
正在更新 : nss-sysinit-3.36.0-7.el7_5.x86_64 18/45
正在更新 : nss-3.36.0-7.el7_5.x86_64 19/45
正在安装 : tzdata-java-2018e-3.el7.noarch 20/45
正在安装 : libXau-1.0.8-2.1.el7.x86_64 21/45
正在安装 : libxcb-1.12-1.el7.x86_64 22/45
正在安装 : libX11-common-1.6.5-1.el7.noarch 23/45
正在安装 : libX11-1.6.5-1.el7.x86_64 24/45
正在安装 : libXext-1.3.3-3.el7.x86_64 25/45
正在安装 : libXi-1.7.9-1.el7.x86_64 26/45
正在安装 : libXtst-1.2.3-1.el7.x86_64 27/45
正在安装 : giflib-4.1.6-9.el7.x86_64 28/45
正在安装 : libXrender-0.9.10-1.el7.x86_64 29/45
正在安装 : libXcomposite-0.4.4-4.1.el7.x86_64 30/45
正在安装 : lksctp-tools-1.0.17-2.el7.x86_64 31/45
正在安装 : copy-jdk-configs-3.3-10.el7_5.noarch 32/45
正在安装 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 33/45
正在安装 : ttmkfdir-3.0.9-42.el7.x86_64 34/45
正在安装 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 35/45
正在安装 : 2:libpng-1.5.13-7.el7_2.x86_64 36/45
正在安装 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 37/45
正在更新 : nss-tools-3.36.0-7.el7_5.x86_64 38/45
清理 : nss-tools-3.28.4-8.el7.x86_64 39/45
清理 : nss-sysinit-3.28.4-8.el7.x86_64 40/45
清理 : nss-3.28.4-8.el7.x86_64 41/45
清理 : nss-softokn-3.28.3-6.el7.x86_64 42/45
清理 : nss-util-3.28.4-3.el7.x86_64 43/45
清理 : nspr-4.13.1-1.0.el7_3.x86_64 44/45
清理 : nss-softokn-freebl-3.28.3-6.el7.x86_64 45/45
验证中 : libXext-1.3.3-3.el7.x86_64 1/45
验证中 : libX11-1.6.5-1.el7.x86_64 2/45
验证中 : libXi-1.7.9-1.el7.x86_64 3/45
验证中 : python-javapackages-3.4.1-11.el7.noarch 4/45
验证中 : libICE-1.0.9-9.el7.x86_64 5/45
验证中 : giflib-4.1.6-9.el7.x86_64 6/45
验证中 : libjpeg-turbo-1.2.90-5.el7.x86_64 7/45
验证中 : nspr-4.19.0-1.el7_5.x86_64 8/45
验证中 : libXrender-0.9.10-1.el7.x86_64 9/45
验证中 : libXfont-1.5.2-1.el7.x86_64 10/45
验证中 : python-lxml-3.2.1-4.el7.x86_64 11/45
验证中 : 2:libpng-1.5.13-7.el7_2.x86_64 12/45
验证中 : nss-3.36.0-7.el7_5.x86_64 13/45
验证中 : fontpackages-filesystem-1.44-8.el7.noarch 14/45
验证中 : ttmkfdir-3.0.9-42.el7.x86_64 15/45
验证中 : nss-util-3.36.0-1.el7_5.x86_64 16/45
验证中 : copy-jdk-configs-3.3-10.el7_5.noarch 17/45
验证中 : stix-fonts-1.1.0-5.el7.noarch 18/45
验证中 : libXcomposite-0.4.4-4.1.el7.x86_64 19/45
验证中 : libXtst-1.2.3-1.el7.x86_64 20/45
验证中 : lksctp-tools-1.0.17-2.el7.x86_64 21/45
验证中 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 22/45
验证中 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 23/45
验证中 : libxcb-1.12-1.el7.x86_64 24/45
验证中 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 25/45
验证中 : libxslt-1.1.28-5.el7.x86_64 26/45
验证中 : nss-tools-3.36.0-7.el7_5.x86_64 27/45
验证中 : javapackages-tools-3.4.1-11.el7.noarch 28/45
验证中 : libX11-common-1.6.5-1.el7.noarch 29/45
验证中 : nss-sysinit-3.36.0-7.el7_5.x86_64 30/45
验证中 : libXau-1.0.8-2.1.el7.x86_64 31/45
验证中 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 32/45
验证中 : libSM-1.2.2-2.el7.x86_64 33/45
验证中 : fontconfig-2.10.95-11.el7.x86_64 34/45
验证中 : tzdata-java-2018e-3.el7.noarch 35/45
验证中 : libfontenc-1.1.3-3.el7.x86_64 36/45
验证中 : nss-softokn-3.36.0-5.el7_5.x86_64 37/45
验证中 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 38/45
验证中 : nspr-4.13.1-1.0.el7_3.x86_64 39/45
验证中 : nss-softokn-3.28.3-6.el7.x86_64 40/45
验证中 : nss-util-3.28.4-3.el7.x86_64 41/45
验证中 : nss-softokn-freebl-3.28.3-6.el7.x86_64 42/45
验证中 : nss-3.28.4-8.el7.x86_64 43/45
验证中 : nss-sysinit-3.28.4-8.el7.x86_64 44/45
验证中 : nss-tools-3.28.4-8.el7.x86_64 45/45

已安装:
java-1.8.0-openjdk.x86_64 1:1.8.0.181-3.b13.el7_5

作为依赖被安装:
copy-jdk-configs.noarch 0:3.3-10.el7_5 fontconfig.x86_64 0:2.10.95-11.el7
fontpackages-filesystem.noarch 0:1.44-8.el7 giflib.x86_64 0:4.1.6-9.el7
java-1.8.0-openjdk-headless.x86_64 1:1.8.0.181-3.b13.el7_5 javapackages-tools.noarch 0:3.4.1-11.el7
libICE.x86_64 0:1.0.9-9.el7 libSM.x86_64 0:1.2.2-2.el7
libX11.x86_64 0:1.6.5-1.el7 libX11-common.noarch 0:1.6.5-1.el7
libXau.x86_64 0:1.0.8-2.1.el7 libXcomposite.x86_64 0:0.4.4-4.1.el7
libXext.x86_64 0:1.3.3-3.el7 libXfont.x86_64 0:1.5.2-1.el7
libXi.x86_64 0:1.7.9-1.el7 libXrender.x86_64 0:0.9.10-1.el7
libXtst.x86_64 0:1.2.3-1.el7 libfontenc.x86_64 0:1.1.3-3.el7
libjpeg-turbo.x86_64 0:1.2.90-5.el7 libpng.x86_64 2:1.5.13-7.el7_2
libxcb.x86_64 0:1.12-1.el7 libxslt.x86_64 0:1.1.28-5.el7
lksctp-tools.x86_64 0:1.0.17-2.el7 python-javapackages.noarch 0:3.4.1-11.el7
python-lxml.x86_64 0:3.2.1-4.el7 stix-fonts.noarch 0:1.1.0-5.el7
ttmkfdir.x86_64 0:3.0.9-42.el7 tzdata-java.noarch 0:2018e-3.el7
xorg-x11-font-utils.x86_64 1:7.5-20.el7 xorg-x11-fonts-Type1.noarch 0:7.5-9.el7

作为依赖被升级:
nspr.x86_64 0:4.19.0-1.el7_5 nss.x86_64 0:3.36.0-7.el7_5 nss-softokn.x86_64 0:3.36.0-5.el7_5
nss-softokn-freebl.x86_64 0:3.36.0-5.el7_5 nss-sysinit.x86_64 0:3.36.0-7.el7_5 nss-tools.x86_64 0:3.36.0-7.el7_5
nss-util.x86_64 0:3.36.0-1.el7_5

完毕！
[root@logstash ~]# yum install -y logstash
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cqu.edu.cn
* extras: mirrors.163.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 logstash.noarch.1.2.3.4-1 将被安装
–> 解决依赖关系完成

依赖关系解决

事务概要
=====================================================================================================================
安装 1 软件包

总下载量：77 M
安装大小：136 M
Downloading packages:
logstash-2.3.4-1.noarch.rpm | 77 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : 1:logstash-2.3.4-1.noarch 1/1
验证中 : 1:logstash-2.3.4-1.noarch 1/1

已安装:
logstash.noarch 1:2.3.4-1

完毕！
[root@logstash ~]# java -version
openjdk version “1.8.0_181”
OpenJDK Runtime Environment (build 1.8.0_181-b13)
OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)
[root@logstash ~]#
[root@logstash ~]# touch /etc/logstash/logstash.conf
[root@logstash ~]# /opt/logstash/bin/logstash –version
logstash 2.3.4
[root@logstash ~]# /opt/logstash/bin/logstash-plugin list
Ignoring ffi-1.9.13 because its extensions are not built. Try: gem pristine ffi –version 1.9.13
logstash-codec-collectd
logstash-codec-dots
logstash-codec-edn
logstash-codec-edn_lines
logstash-codec-es_bulk
logstash-codec-fluent
logstash-codec-graphite
logstash-codec-json
logstash-codec-json_lines
logstash-codec-line
logstash-codec-msgpack
logstash-codec-multiline
logstash-codec-netflow
logstash-codec-oldlogstashjson
logstash-codec-plain
logstash-codec-rubydebug
logstash-filter-anonymize
logstash-filter-checksum
logstash-filter-clone
logstash-filter-csv
logstash-filter-date
logstash-filter-dns
logstash-filter-drop
logstash-filter-fingerprint
logstash-filter-geoip
logstash-filter-grok
logstash-filter-json
logstash-filter-kv
logstash-filter-metrics
logstash-filter-multiline
logstash-filter-mutate
logstash-filter-ruby
logstash-filter-sleep
logstash-filter-split
logstash-filter-syslog_pri
logstash-filter-throttle
logstash-filter-urldecode
logstash-filter-useragent
logstash-filter-uuid
logstash-filter-xml
logstash-input-beats
logstash-input-couchdb_changes
logstash-input-elasticsearch
logstash-input-eventlog
logstash-input-exec
logstash-input-file
logstash-input-ganglia
logstash-input-gelf
logstash-input-generator
logstash-input-graphite
logstash-input-heartbeat
logstash-input-http
logstash-input-http_poller
logstash-input-imap
logstash-input-irc
logstash-input-jdbc
logstash-input-kafka
logstash-input-log4j
logstash-input-lumberjack
logstash-input-pipe
logstash-input-rabbitmq
logstash-input-redis
logstash-input-s3
logstash-input-snmptrap
logstash-input-sqs
logstash-input-stdin
logstash-input-syslog
logstash-input-tcp
logstash-input-twitter
logstash-input-udp
logstash-input-unix
logstash-input-xmpp
logstash-input-zeromq
logstash-output-cloudwatch
logstash-output-csv
logstash-output-elasticsearch
logstash-output-email
logstash-output-exec
logstash-output-file
logstash-output-ganglia
logstash-output-gelf
logstash-output-graphite
logstash-output-hipchat
logstash-output-http
logstash-output-irc
logstash-output-juggernaut
logstash-output-kafka
logstash-output-lumberjack
logstash-output-nagios
logstash-output-nagios_nsca
logstash-output-null
logstash-output-opentsdb
logstash-output-pagerduty
logstash-output-pipe
logstash-output-rabbitmq
logstash-output-redis
logstash-output-s3
logstash-output-sns
logstash-output-sqs
logstash-output-statsd
logstash-output-stdout
logstash-output-tcp
logstash-output-udp
logstash-output-xmpp
logstash-output-zeromq
logstash-patterns-core
[root@logstash ~]#
[root@logstash ~]#
[root@logstash ~]# /opt/logstash/bin/logstash-plugin list | grep std
Ignoring ffi-1.9.13 because its extensions are not built. Try: gem pristine ffi –version 1.9.13
logstash-input-stdin
logstash-output-stdout
[root@logstash ~]#
[root@logstash ~]#

配置配置文件
[root@logstash ~]# vim /etc/logstash/logstash.conf
[root@logstash ~]# cat /etc/logstash/logstash.conf
input{
stdin{
}
}
filter{
}
output{
stdout{
}
}
启动，测试一下，logstash 配置从标准输入读取输入源,然后从标准输出输出到屏幕
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/logstash.conf
Settings: Default pipeline workers: 2
Pipeline main started
aa
2018-10-21T08:29:43.307Z logstash aa
test
2018-10-21T08:30:10.145Z logstash test
备注：若不会写配置文件可以找帮助，插件文档的位置：
https://github.com/logstash-plugins

下面是各类插件的使用
注意，我起的名字和上面的案例不一样
1、CODEC类插件
[root@logstash ~]# vim /etc/logstash/codec.conf
//输入设置为编码json
//输出设置为rubydebug
[root@logstash ~]# cat /etc/logstash/codec.conf
input{
stdin{
codec => “json”
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/codec.conf
Settings: Default pipeline workers: 2
Pipeline main started
{“a”:1}
{
“a” => 1,
“@version” => “1”,
“@timestamp” => “2018-10-21T08:34:07.627Z”,
“host” => “logstash”
}
^CSIGINT received. Shutting down the agent. {:level=>:warn}
stopping pipeline {:id=>”main”}
Received shutdown signal, but pipeline is still waiting for in-flight events
to be processed. Sending another ^C will force quit Logstash, but this may cause
data loss. {:level=>:warn}

Pipeline main has been shutdown
[root@logstash ~]#

file模块插件
[root@logstash ~]# vim /etc/logstash/file.conf
[root@logstash ~]# touch /tmp/a.log
[root@logstash ~]# touch /var/tmp/b.log
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/file.conf

另外起一个终端去写点东西
[root@logstash ~]# echo a1 > /tmp/a.log
[root@logstash ~]# echo b1 > /var/tmp/b.log

回到刚才的终端查看一下
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/file.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “a1”,
“@version” => “1”,
“@timestamp” => “2018-10-21T08:56:55.540Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “b1”,
“@version” => “1”,
“@timestamp” => “2018-10-21T08:56:55.628Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}
^CSIGINT received. Shutting down the agent. {:level=>:warn}

注意，如果已经存在结果，即刚才写的 /var/lib/logstash/sincedb 那么是不会有输出的，需要删掉这个文件再来

TCP/UDP模块
现在logstash主机上写好配置文件，并启动
[root@logstash ~]# vim /etc/logstash/tcpudp.conf
[root@logstash ~]# cat /etc/logstash/tcpudp.conf
input{
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/tcpudp.conf
Settings: Default pipeline workers: 2
Pipeline main started

再开一个终端，可以看到端口已经起来了
[root@logstash ~]# netstat -antup | grep 8888
tcp6 0 0 :::8888 :::* LISTEN 1836/java
[root@logstash ~]# netstat -antup | grep 9999
udp6 0 0 :::9999 :::* 1836/java
[root@logstash ~]#

随便找个主机，写个脚本发点数据
[root@se5 ~]# vim tcp.sh
[root@se5 ~]#
[root@se5 ~]#
[root@se5 ~]# cat tcp.sh
function sendmsg(){
if [[ “$1” == “tcp” ]];then
exec 9<>/dev/tcp/192.168.1.67/8888
else
exec 9<>/dev/udp/192.168.1.67/9999
fi
echo “$2” >&9
exec 9<&-
}
[root@se5 ~]# . tcp.sh
[root@se5 ~]# sendmsg tcp “is tcp test”
[root@se5 ~]# sendmsg udp “is udp ssss”

再回到logstash主机，可以看到结果
Pipeline main started
{
“message” => “is tcp test”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:26:11.369Z”,
“host” => “192.168.1.65”,
“port” => 39894,
“type” => “tcplog”
}
{
“message” => “is udp ssss\n”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:26:27.501Z”,
“type” => “udplog”,
“host” => “192.168.1.65”

然后退出
}
^CSIGINT received. Shutting down the agent. {:level=>:warn}
stopping pipeline {:id=>”main”}
UDP listener died {:exception=>#<IOError: closed stream>, :backtrace=>[“org/jruby/RubyIO.java:3682:in `select'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:77:in `udp_listener'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:50:in `run'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:342:in `inputworker'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:336:in `start_input'”], :level=>:warn}
Pipeline main has been shutdown

syslog插件练习
1、写好配置文件并启动
（注意：刚才写的配置文件懒得删除了，将就看吧）
[root@logstash ~]# systemctl list-unit-files | grep syslog
rsyslog.service enabled
syslog.socket static
[root@logstash ~]# cat /etc/logstash/syslog.conf
input{
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
}
output{
stdout{
codec => “rubydebug”
}
}
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/syslog.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “a2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:49:00.756Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:49:00.997Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}

另外起一个终端，确认514端口已经起来
[root@logstash ~]# netstat -antup | grep 514
tcp6 0 0 :::514 :::* LISTEN 2024/java
udp6 0 0 :::514 :::* 2024/java
[root@logstash ~]#

关键的测试步骤，找台机器se5，把配置文件改下
//写一个@或两个@@都可以，一个@代表udp，两个@@代表tcp
[root@se5 ~]# vim /etc/rsyslog.conf
[root@se5 ~]# tail /etc/rsyslog.conf
#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)
#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
#$ActionQueueType LinkedList # run asynchronously
#$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
# ### end of the forwarding rule ###
#

local0.info @192.168.1.67:514

重启服务，然后写点东西发出去
[root@se5 ~]# systemctl restart rsyslog.service
[root@se5 ~]# logger -p local0.info -t nds “001 elk”

回到logstash确认一下，可以看到已经收到结果了，注意第1个和第2个是上面的实验
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/syslog.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “a2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:49:00.756Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:49:00.997Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “001 elk”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:53:03.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 134,
“timestamp” => “Oct 21 17:53:03”,
“logsource” => “se5”,
“program” => “nds”,
“severity” => 6,
“facility” => 16,
“facility_label” => “local0”,
“severity_label” => “Informational”
}

再搞一个实验，就是ES5登陆的时候，把验证过程也发过去给els主机去记录，先改配置文件
[root@se5 ~]# grep authpriv /etc/rsyslog.conf
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
#authpriv.* /var/log/secure
authpriv.* @@192.168.1.67:514
[root@se5 ~]# systemctl restart rsyslog.service

为了方便看实验结果，先清个屏测试一下
^CSIGINT received. Shutting down the agent. {:level=>:warn}
stopping pipeline {:id=>”main”}
Errno::EBADF: Bad file descriptor – Bad file descriptor
each at org/jruby/RubyIO.java:3542
tcp_receiver at /opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-2.0.5/lib/logstash/inputs/syslog.rb:173
tcp_listener at /opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-2.0.5/lib/logstash/inputs/syslog.rb:159
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/syslog.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:57:21.892Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}

重新启个终端，登陆65
[root@room9pc52 ~]# ssh 192.168.1.65
[email protected]’s password:
Last login: Sun Oct 21 10:13:00 2018 from 192.168.1.254
[root@se5 ~]#

回到logstash看一眼，你会看到信息已经来了
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/syslog.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-21T09:57:21.892Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “Accepted password for root from 192.168.1.254 port 48914 ssh2\n”,
“@version” => “1”,
“@timestamp” => “2018-10-22T01:20:07.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 86,
“timestamp” => “Oct 22 09:20:07”,
“logsource” => “se5”,
“program” => “sshd”,
“pid” => “2340”,
“severity” => 6,
“facility” => 10,
“facility_label” => “security/authorization”,
“severity_label” => “Informational”
}
{
“message” => “pam_unix(sshd:session): session opened for user root by (uid=0)\n”,
“@version” => “1”,
“@timestamp” => “2018-10-22T01:20:07.000Z”,
“type” => “syslog”,
“host” => “192.168.1.65”,
“priority” => 86,
“timestamp” => “Oct 22 09:20:07”,
“logsource” => “se5”,
“program” => “sshd”,
“pid” => “2340”,
“severity” => 6,
“facility” => 10,
“facility_label” => “security/authorization”,
“severity_label” => “Informational”
}

^CSIGINT received. Shutting down the agent. {:level=>:warn}
stopping pipeline {:id=>”main”}
UDP listener died {:exception=>#<IOError: closed stream>, :backtrace=>[“org/jruby/RubyIO.java:3682:in `select'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:77:in `udp_listener'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:50:in `run'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:342:in `inputworker'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:336:in `start_input'”], :level=>:warn}
Errno::EBADF: Bad file descriptor – Bad file descriptor
each at org/jruby/RubyIO.java:3542
tcp_receiver at /opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-2.0.5/lib/logstash/inputs/syslog.rb:173
tcp_listener at /opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-syslog-2.0.5/lib/logstash/inputs/syslog.rb:159

7）filter grok插件
grok插件：
解析各种非结构化的日志数据插件
grok使用正则表达式把飞结构化的数据结构化
在分组匹配，正则表达式需要根据具体数据结构编写
虽然编写困难，但适用性极广
先在logstash编写配置文件
[root@logstash ~]# vim /etc/logstash/grok.conf
[root@logstash ~]# cat /etc/logstash/grok.conf
input{
stdin{ codec => “json” }
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
grok{
match => [“message”, “(?<key>reg)”]
}
}
output{
stdout{
codec => “rubydebug”
}
}

然后在测试主机se5去装个APACHE，用真机访问一下，确认有日志
[root@se5 ~]# yum install -y httpd
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
elk | 2.9 kB 00:00:00
extras | 3.4 kB 00:00:00
local_repo | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
Resolving Dependencies
–> Running transaction check
—> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed
–> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64
–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64
–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64
–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64
–> Running transaction check
—> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed
—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
—> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed
—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7_4.1 base 103 k
apr-util x86_64 1.5.2-6.el7 base 92 k
httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k
mailcap noarch 2.1.41-2.el7 base 31 k

Transaction Summary
====================================================================================================================
Install 1 Package (+4 Dependent packages)

Total download size: 3.0 M
Installed size: 10 M
Downloading packages:
(1/5): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:00:00
(2/5): apr-1.4.8-3.el7_4.1.x86_64.rpm | 103 kB 00:00:00
(3/5): httpd-tools-2.4.6-80.el7.centos.1.x86_64.rpm | 90 kB 00:00:00
(4/5): httpd-2.4.6-80.el7.centos.1.x86_64.rpm | 2.7 MB 00:00:01
mailcap-2.1.41-2.el7.noarch.rp FAILED ==-] 443 B/s | 3.0 MB 00:00:51 ETA
http://mirrors.zju.edu.cn/centos/7.5.1804/os/x86_64/Packages/mailcap-2.1.41-2.el7.noarch.rpm: [Errno 12] Timeout on http://mirrors.zju.edu.cn/centos/7.5.1804/os/x86_64/Packages/mailcap-2.1.41-2.el7.noarch.rpm: (28, ‘Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds’)
Trying other mirror.
(5/5): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
——————————————————————————————————————–
Total 85 kB/s | 3.0 MB 00:00:36
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5
Installing : apr-util-1.5.2-6.el7.x86_64 2/5
Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5
Installing : mailcap-2.1.41-2.el7.noarch 4/5
Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5
Verifying : mailcap-2.1.41-2.el7.noarch 1/5
Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5
Verifying : apr-util-1.5.2-6.el7.x86_64 3/5
Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5
Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5

Installed:
httpd.x86_64 0:2.4.6-80.el7.centos.1

Dependency Installed:
apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-80.el7.centos.1
mailcap.noarch 0:2.1.41-2.el7

Complete!
[root@se5 ~]# systemctl restart httpd
[root@se5 ~]# vim /var/log/httpd/access_log
[root@se5 ~]# cat /var/log/httpd/access_log
192.168.1.254 – – [22/Oct/2018:10:07:23 +0800] “GET / HTTP/1.1” 403 4897 “-” “curl/7.29.0”

测试一下，先手动创建测试的文件，也就是把刚才在SE5查到的日志复制到logstash主机的测试目录下面，运行，并测试
[root@logstash ~]# vim /tmp/a.log
[root@logstash ~]# cat /tmp/a.log
192.168.1.254 – – [22/Oct/2018:10:07:23 +0800] “GET / HTTP/1.1” 403 4897 “-” “curl/7.29.0”
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/grok.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “.168.1.254 – – [22/Oct/2018:10:07:23 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”curl/7.29.0\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:18:54.916Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”,
“tags” => [
[0] “_grokparsefailure”
]
}
//出现message的日志，但是没有解析是什么意思

为了实现解析，根据消息的规律，我们匹配COMBINEDAPACHELOG这个关键词,先修改配置文件
[root@logstash ~]# vim /etc/logstash/grok.conf
[root@logstash ~]# cat /etc/logstash/grok.conf
input{
stdin{ codec => “json” }
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/var/lib/logstash/sincedb”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
grok{
match => [“message”, “%{COMBINEDAPACHELOG}”]
}
}
output{
stdout{
codec => “rubydebug”
}
}

然后重新启动一下，注意，之前说过，因为配置文件第一个file里面，写了解析结果路径，因为上面已经运行过了，所以要把之前的结果删除掉
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/grok.conf
Settings: Default pipeline workers: 2
Pipeline main started
^CSIGINT received. Shutting down the agent. {:level=>:warn}
stopping pipeline {:id=>”main”}
UDP listener died {:exception=>#<IOError: closed stream>, :backtrace=>[“org/jruby/RubyIO.java:3682:in `select'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:77:in `udp_listener'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-udp-2.0.5/lib/logstash/inputs/udp.rb:50:in `run'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:342:in `inputworker'”, “/opt/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.3.4-java/lib/logstash/pipeline.rb:336:in `start_input'”], :level=>:warn}
Received shutdown signal, but pipeline is still waiting for in-flight events
to be processed. Sending another ^C will force quit Logstash, but this may cause
data loss. {:level=>:warn}
^CSIGINT received. Terminating immediately.. {:level=>:fatal}

删除刚才出来的结果
[root@logstash ~]# rm -rf /var/lib/logstash/sincedb

再次运行一下，现在就有结果了，而且相比较上面的详细多了（忽略下面那个b2）
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/grok.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “192.168.1.254 – – [22/Oct/2018:10:07:23 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”curl/7.29.0\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:29:34.705Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”,
“clientip” => “192.168.1.254”,
“ident” => “-“,
“auth” => “-“,
“timestamp” => “22/Oct/2018:10:07:23 +0800”,
“verb” => “GET”,
“request” => “/”,
“httpversion” => “1.1”,
“response” => “403”,
“bytes” => “4897”,
“referrer” => “\”-\””,
“agent” => “\”curl/7.29.0\””
}
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:29:35.001Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”,
“tags” => [
[0] “_grokparsefailure”
]
}

步骤二，在apache主机上，安装filebeat手机apache服务器的日志，存入elasticsearch
[root@se5 ~]# yum install -y filebeat
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
Resolving Dependencies
–> Running transaction check
—> Package filebeat.x86_64 0:1.2.3-1 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

Transaction Summary
====================================================================================================================
Install 1 Package

Total download size: 3.9 M
Installed size: 13 M
Downloading packages:
filebeat-1.2.3-x86_64.rpm | 3.9 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : filebeat-1.2.3-1.x86_64 1/1
Verifying : filebeat-1.2.3-1.x86_64 1/1

Installed:
filebeat.x86_64 0:1.2.3-1

Complete!
[root@se5 ~]# vim /etc/filebeat/filebeat.yml

[root@se5 ~]# vim/etc/filebeat/filebeat.yml
paths:
– /var/log/httpd/access_log //日志的路径，短横线加空格代表yml格式
document_type: apachelog //文档类型
elasticsearch: //加上注释
hosts: [“localhost:9200”] //加上注释
logstash: //去掉注释
hosts: [“192.168.1.67:5044”] //去掉注释,logstash那台主机的ip

启动filebeat服务
[root@se5 ~]# systemctl start filebeat
[root@se5 ~]# systemctl status filebeat
● filebeat.service – filebeat
Loaded: loaded (/usr/lib/systemd/system/filebeat.service; disabled; vendor preset: disabled)
Active: active (running) since 一 2018-10-22 10:42:39 CST; 6ms ago
Docs: https://www.elastic.co/guide/en/beats/filebeat/current/index.html
Main PID: 2690 (filebeat)
CGroup: /system.slice/filebeat.service
└─2690 /usr/bin/filebeat -c /etc/filebeat/filebeat.yml

10月 22 10:42:39 se5 systemd[1]: Started filebeat.
10月 22 10:42:39 se5 systemd[1]: Starting filebeat…

注意，如果是以下提示，就只能等会再启动
[root@se5 ~]# systemctl status filebeat
● filebeat.service – filebeat
Loaded: loaded (/usr/lib/systemd/system/filebeat.service; disabled; vendor preset: disabled)
Active: failed (Result: start-limit) since 一 2018-10-22 10:41:05 CST; 1min 31s ago
Docs: https://www.elastic.co/guide/en/beats/filebeat/current/index.html
Process: 2651 ExecStart=/usr/bin/filebeat -c /etc/filebeat/filebeat.yml (code=exited, status=1/FAILURE)
Main PID: 2651 (code=exited, status=1/FAILURE)

10月 22 10:41:05 se5 systemd[1]: Unit filebeat.service entered failed state.
10月 22 10:41:05 se5 systemd[1]: filebeat.service failed.
10月 22 10:41:05 se5 systemd[1]: filebeat.service holdoff time over, scheduling restart.
10月 22 10:41:05 se5 systemd[1]: start request repeated too quickly for filebeat.service
10月 22 10:41:05 se5 systemd[1]: Failed to start filebeat.
10月 22 10:41:05 se5 systemd[1]: Unit filebeat.service entered failed state.
10月 22 10:41:05 se5 systemd[1]: filebeat.service failed.

到logstash主机上面去修改配置文件，然后启动服务
[root@logstash ~]# cat /etc/logstash/filebeat.conf
input{
stdin{ codec => “json” }
beats{
port => 5044
}
file {
path => [ “/tmp/a.log”, “/var/tmp/b.log” ]
sincedb_path => “/dev/null”
start_position => “beginning”
type => “testlog”
}
tcp {
host => “0.0.0.0”
port => “8888”
type => “tcplog”
}
udp {
host => “0.0.0.0”
port => “9999”
type => “udplog”
}
syslog {
port => “514”
type => “syslog”
}
}
filter{
if [type] == “apachelog”{
grok{
match => [“message”, “%{COMBINEDAPACHELOG}”]
}}
}
output{
stdout{ codec => “rubydebug” }
if [type] == “filelog”{
elasticsearch {
hosts => [“192.168.1.61:9200”, “192.168.1.62:9200”]
index => “filelog”
flush_size => 2000
idle_flush_time => 10
}}
}
启动服务
[root@logstash ~]# /opt/logstash/bin/logstash -f /etc/logstash/filebeat.conf
Settings: Default pipeline workers: 2
Pipeline main started
{
“message” => “192.168.1.254 – – [22/Oct/2018:10:07:23 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”curl/7.29.0\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:44:24.922Z”,
“path” => “/tmp/a.log”,
“host” => “logstash”,
“type” => “testlog”
}
{
“message” => “b2”,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:44:26.320Z”,
“path” => “/var/tmp/b.log”,
“host” => “logstash”,
“type” => “testlog”
}
重启启个终端，确认5044端口已经启动成功
[root@logstash ~]# netstat -antup | grep 5044
tcp6 0 0 :::5044 :::* LISTEN 3177/java

测试，用curl和真机上的谷歌、火狐浏览器都试一下
[root@room9pc52 ~]# curl 192.168.1.65

回到原来的logstash主机，可以看到数据都过来了，我就随便贴几个
{
“message” => “192.168.1.254 – – [22/Oct/2018:10:48:26 +0800] \”GET /favicon.ico HTTP/1.1\” 404 209 \”http://192.168.1.65/\” \”Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:58:02.568Z”,
“fields” => nil,
“beat” => {
“hostname” => “se5”,
“name” => “se5”
},
“offset” => 2265,
“input_type” => “log”,
“count” => 1,
“source” => “/var/log/httpd/access_log”,
“type” => “apachelog”,
“host” => “se5”,
“tags” => [
[0] “beats_input_codec_plain_applied”
],
“clientip” => “192.168.1.254”,
“ident” => “-“,
“auth” => “-“,
“timestamp” => “22/Oct/2018:10:48:26 +0800”,
“verb” => “GET”,
“request” => “/favicon.ico”,
“httpversion” => “1.1”,
“response” => “404”,
“bytes” => “209”,
“referrer” => “\”http://192.168.1.65/\””,
“agent” => “\”Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36\””
}
{
“message” => “192.168.1.254 – – [22/Oct/2018:10:48:47 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”curl/7.29.0\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:58:02.568Z”,
“beat” => {
“hostname” => “se5”,
“name” => “se5”
},
“type” => “apachelog”,
“source” => “/var/log/httpd/access_log”,
“offset” => 2479,
“input_type” => “log”,
“count” => 1,
“fields” => nil,
“host” => “se5”,
“tags” => [
[0] “beats_input_codec_plain_applied”
],
“clientip” => “192.168.1.254”,
“ident” => “-“,
“auth” => “-“,
“timestamp” => “22/Oct/2018:10:48:47 +0800”,
“verb” => “GET”,
“request” => “/”,
“httpversion” => “1.1”,
“response” => “403”,
“bytes” => “4897”,
“referrer” => “\”-\””,
“agent” => “\”curl/7.29.0\””
}
{
“message” => “192.168.1.254 – – [22/Oct/2018:10:59:24 +0800] \”GET / HTTP/1.1\” 403 4897 \”-\” \”Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0\””,
“@version” => “1”,
“@timestamp” => “2018-10-22T02:59:27.572Z”,
“count” => 1,
“source” => “/var/log/httpd/access_log”,
“type” => “apachelog”,
“fields” => nil,
“beat” => {
“hostname” => “se5”,
“name” => “se5”
},
“offset” => 2570,
“input_type” => “log”,
“host” => “se5”,
“tags” => [
[0] “beats_input_codec_plain_applied”
],
“clientip” => “192.168.1.254”,
“ident” => “-“,
“auth” => “-“,
“timestamp” => “22/Oct/2018:10:59:24 +0800”,
“verb” => “GET”,
“request” => “/”,
“httpversion” => “1.1”,
“response” => “403”,
“bytes” => “4897”,
“referrer” => “\”-\””,
“agent” => “\”Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0\””
}

拓展以下，把刚才说的主是elasticsearch加上注释取消掉，然后elasticsearch就有数据了，去浏览器访问elasticsearch访问确认以下就可以看到
elasticsearch: //加上注释
hosts: [“localhost:9200”] //加上注释
实验到此结束

发表在 ELK | 标签为 ELK | 留下评论

ELK_Day01_基本安装和使用

发表于2018年10月22日由tim, arc

创建虚拟机，修改主机名，配置IP，搭建YUM源，详细的就不解释了，直接粘贴代码
创建虚拟机
[root@room9pc52 qemu]# sed ‘s/node/node61/’ node.xml > node61.xml
[root@room9pc52 qemu]# sed ‘s/node/node62/’ node.xml > node62.xml
[root@room9pc52 qemu]# sed ‘s/node/node63/’ node.xml > node63.xml
[root@room9pc52 qemu]# sed ‘s/node/node64/’ node.xml > node64.xml
[root@room9pc52 qemu]# sed ‘s/node/node65/’ node.xml > node65.xml
[root@room9pc52 qemu]# sed ‘s/node/node66/’ node.xml > node66.xml
[root@room9pc52 qemu]# sed ‘s/node/node67/’ node.xml > node67.xml
[root@room9pc52 qemu]#
[root@room9pc52 qemu]# cd /var/lib/libvirt/images/
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node61.qcow2
Formatting ‘node61.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node62.qcow2
Formatting ‘node62.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node63.qcow2
Formatting ‘node63.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node64.qcow2
Formatting ‘node64.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node65.qcow2
Formatting ‘node65.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node66.qcow2
Formatting ‘node66.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node67.qcow2
Formatting ‘node67.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]#
[root@room9pc52 images]# cd /etc/libvirt/qemu/
[root@room9pc52 qemu]# virsh define node61.xml
定义域 node61（从 node61.xml）

[root@room9pc52 qemu]# virsh define node62.xml
定义域 node62（从 node62.xml）

[root@room9pc52 qemu]# virsh define node63.xml
定义域 node63（从 node63.xml）

[root@room9pc52 qemu]# virsh define node64.xml
定义域 node64（从 node64.xml）

[root@room9pc52 qemu]# virsh define node65.xml
定义域 node65（从 node65.xml）

[root@room9pc52 qemu]# virsh define node66.xml
定义域 node66（从 node66.xml）

[root@room9pc52 qemu]# virsh define node67.xml
定义域 node67（从 node67.xml）

修改参数
[root@room9pc52 qemu]# virsh start node61
域 node61 已开始

[root@room9pc52 qemu]# virsh start node62
域 node62 已开始

[root@room9pc52 qemu]# virsh start node63
域 node63 已开始

[root@room9pc52 qemu]# virsh start node64
域 node64 已开始

[root@room9pc52 qemu]# virsh start node65
域 node65 已开始

[root@room9pc52 qemu]# virsh start node66
域 node66 已开始

[root@room9pc52 qemu]# virsh start node67
域 node67 已开始

真机制作YUM源
[root@room9pc52 elk 1]# ls
accounts.json.gz elk.tar
alog.gz filebeat-1.2.3-x86_64.rpm
bigdesk-master.zip kibana-4.5.2-1.x86_64.rpm
elasticsearch-2.3.4.rpm logs.jsonl.gz
elasticsearch-head-master.zip logstash-2.3.4-1.noarch.rpm
elasticsearch-kopf-master.zip NSD_ELK_01.pdf
elk_01(1).txt shakespeare.json.gz
[root@room9pc52 elk 1]# cp -r *.rpm /var/ftp/elk/
[root@room9pc52 elk 1]# ls /var/ftp/elk/
elasticsearch-2.3.4.rpm kibana-4.5.2-1.x86_64.rpm
filebeat-1.2.3-x86_64.rpm logstash-2.3.4-1.noarch.rpm
[root@room9pc52 elk 1]# createrepo /var/ftp/elk/
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 1 pkgs
Spawning worker 2 with 1 pkgs
Spawning worker 3 with 1 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@room9pc52 elk 1]# ls /var/ftp/elk/
elasticsearch-2.3.4.rpm kibana-4.5.2-1.x86_64.rpm repodata
filebeat-1.2.3-x86_64.rpm logstash-2.3.4-1.noarch.rpm
[root@room9pc52 elk 1]#

连接到node61去操作，其他机器不贴了，都是一样的
[root@room9pc52 qemu]# virsh console node61
连接到域 node61
换码符为 ^]

CentOS Linux 7 (Core)
Kernel 3.10.0-693.el7.x86_64 on an x86_64

localhost login: root
Password:
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
TYPE=Ethernet
IPADDR=192.168.1.61
PREFIX=24
GATEWAY=192.168.1.254
[root@localhost ~]# cat /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[elk]
name=elk
baseurl=”ftp://192.168.1.254/elk”
enabled=1
gpgcheck=0
[root@localhost ~]# yum repolist
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
elk | 2.9 kB 00:00
extras | 3.4 kB 00:00
local_repo | 3.6 kB 00:00
updates | 3.4 kB 00:00
(1/7): elk/primary_db | 12 kB 00:00
(2/7): local_repo/group_gz | 156 kB 00:00
(3/7): local_repo/primary_db | 5.7 MB 00:00
(4/7): extras/7/x86_64/primary_db | 204 kB 00:00
(5/7): base/7/x86_64/group_gz | 166 kB 00:00
(6/7): base/7/x86_64/primary_db | 5.9 MB 00:01
(7/7): updates/7/x86_64/primary_db | 6.0 MB 00:01
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
repo id repo name status
base/7/x86_64 CentOS-7 – Base 9,911
elk elk 4
extras/7/x86_64 CentOS-7 – Extras 432
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,561
repolist: 21,499

部署elasticsearch的第一个节点
安装JAVAJDK
[root@se1 ~]# yum install -y java-1.8.0-openjdk
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 java-1.8.0-openjdk.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 java-1.8.0-openjdk-headless(x86-64) = 1:1.8.0.181-3.b13.el7_5，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 xorg-x11-fonts-Type1，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15(PNG15_0)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62(LIBJPEG_6.2)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 fontconfig(x86-64)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libgif.so.4()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXtst.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXrender.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXi.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXext.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXcomposite.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libX11.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在检查事务
—> 软件包 fontconfig.x86_64.0.2.10.95-11.el7 将被安装
–> 正在处理依赖关系 fontpackages-filesystem，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
–> 正在处理依赖关系 font(:lang=en)，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
—> 软件包 giflib.x86_64.0.4.1.6-9.el7 将被安装
–> 正在处理依赖关系 libSM.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
–> 正在处理依赖关系 libICE.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
—> 软件包 java-1.8.0-openjdk-headless.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 tzdata-java >= 2015d，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss-softokn(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 copy-jdk-configs >= 2.2，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 lksctp-tools(x86-64)，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 jpackage-utils，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
—> 软件包 libX11.x86_64.0.1.6.5-1.el7 将被安装
–> 正在处理依赖关系 libX11-common >= 1.6.5-1.el7，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
–> 正在处理依赖关系 libxcb.so.1()(64bit)，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
—> 软件包 libXcomposite.x86_64.0.0.4.4-4.1.el7 将被安装
—> 软件包 libXext.x86_64.0.1.3.3-3.el7 将被安装
—> 软件包 libXi.x86_64.0.1.7.9-1.el7 将被安装
—> 软件包 libXrender.x86_64.0.0.9.10-1.el7 将被安装
—> 软件包 libXtst.x86_64.0.1.2.3-1.el7 将被安装
—> 软件包 libjpeg-turbo.x86_64.0.1.2.90-5.el7 将被安装
—> 软件包 libpng.x86_64.2.1.5.13-7.el7_2 将被安装
—> 软件包 xorg-x11-fonts-Type1.noarch.0.7.5-9.el7 将被安装
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在检查事务
—> 软件包 copy-jdk-configs.noarch.0.3.3-10.el7_5 将被安装
—> 软件包 fontpackages-filesystem.noarch.0.1.44-8.el7 将被安装
—> 软件包 javapackages-tools.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-javapackages = 3.4.1-11.el7，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
–> 正在处理依赖关系 libxslt，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
—> 软件包 libICE.x86_64.0.1.0.9-9.el7 将被安装
—> 软件包 libSM.x86_64.0.1.2.2-2.el7 将被安装
—> 软件包 libX11-common.noarch.0.1.6.5-1.el7 将被安装
—> 软件包 libxcb.x86_64.0.1.12-1.el7 将被安装
–> 正在处理依赖关系 libXau.so.6()(64bit)，它被软件包 libxcb-1.12-1.el7.x86_64 需要
—> 软件包 lksctp-tools.x86_64.0.1.0.17-2.el7 将被安装
—> 软件包 nss.x86_64.0.3.28.4-8.el7 将被升级
–> 正在处理依赖关系 nss = 3.28.4-8.el7，它被软件包 nss-sysinit-3.28.4-8.el7.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) = 3.28.4-8.el7，它被软件包 nss-tools-3.28.4-8.el7.x86_64 需要
—> 软件包 nss.x86_64.0.3.36.0-7.el7_5 将被更新
–> 正在处理依赖关系 nss-util >= 3.36.0-1，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 nspr >= 4.19.0，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 libnssutil3.so(NSSUTIL_3.31)(64bit)，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
—> 软件包 nss-softokn.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn.x86_64.0.3.36.0-5.el7_5 将被更新
–> 正在处理依赖关系 nss-softokn-freebl(x86-64) >= 3.36.0-5.el7_5，它被软件包 nss-softokn-3.36.0-5.el7_5.x86_64 需要
—> 软件包 stix-fonts.noarch.0.1.1.0-5.el7 将被安装
—> 软件包 ttmkfdir.x86_64.0.3.0.9-42.el7 将被安装
—> 软件包 tzdata-java.noarch.0.2018e-3.el7 将被安装
—> 软件包 xorg-x11-font-utils.x86_64.1.7.5-20.el7 将被安装
–> 正在处理依赖关系 libfontenc.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在处理依赖关系 libXfont.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在检查事务
—> 软件包 libXau.x86_64.0.1.0.8-2.1.el7 将被安装
—> 软件包 libXfont.x86_64.0.1.5.2-1.el7 将被安装
—> 软件包 libfontenc.x86_64.0.1.1.3-3.el7 将被安装
—> 软件包 libxslt.x86_64.0.1.1.28-5.el7 将被安装
—> 软件包 nspr.x86_64.0.4.13.1-1.0.el7_3 将被升级
—> 软件包 nspr.x86_64.0.4.19.0-1.el7_5 将被更新
—> 软件包 nss-softokn-freebl.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn-freebl.x86_64.0.3.36.0-5.el7_5 将被更新
—> 软件包 nss-sysinit.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-sysinit.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-tools.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-tools.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-util.x86_64.0.3.28.4-3.el7 将被升级
—> 软件包 nss-util.x86_64.0.3.36.0-1.el7_5 将被更新
—> 软件包 python-javapackages.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-lxml，它被软件包 python-javapackages-3.4.1-11.el7.noarch 需要
–> 正在检查事务
—> 软件包 python-lxml.x86_64.0.3.2.1-4.el7 将被安装
–> 解决依赖关系完成

依赖关系解决

事务概要
=====================================================================================================================
安装 1 软件包 (+30 依赖软件包)
升级 ( 7 依赖软件包)

总下载量：39 M
Downloading packages:
 : java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm | 32 MB 00:00:06
———————————————————————————————————————
总计 5.7 MB/s | 39 MB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : nspr-4.19.0-1.el7_5.x86_64 1/45
正在更新 : nss-util-3.36.0-1.el7_5.x86_64 2/45
正在安装 : libfontenc-1.1.3-3.el7.x86_64 3/45
正在安装 : libxslt-1.1.28-5.el7.x86_64 4/45
正在安装 : fontpackages-filesystem-1.44-8.el7.noarch 5/45
正在安装 : libjpeg-turbo-1.2.90-5.el7.x86_64 6/45
正在安装 : libICE-1.0.9-9.el7.x86_64 7/45
正在安装 : libSM-1.2.2-2.el7.x86_64 8/45
正在安装 : stix-fonts-1.1.0-5.el7.noarch 9/45
正在安装 : fontconfig-2.10.95-11.el7.x86_64 10/45
正在安装 : python-lxml-3.2.1-4.el7.x86_64 11/45
正在安装 : python-javapackages-3.4.1-11.el7.noarch 12/45
正在安装 : javapackages-tools-3.4.1-11.el7.noarch 13/45
正在安装 : libXfont-1.5.2-1.el7.x86_64 14/45
正在安装 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 15/45
正在更新 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 16/45
正在更新 : nss-softokn-3.36.0-5.el7_5.x86_64 17/45
正在更新 : nss-sysinit-3.36.0-7.el7_5.x86_64 18/45
正在更新 : nss-3.36.0-7.el7_5.x86_64 19/45
正在安装 : tzdata-java-2018e-3.el7.noarch 20/45
正在安装 : libXau-1.0.8-2.1.el7.x86_64 21/45
正在安装 : libxcb-1.12-1.el7.x86_64 22/45
正在安装 : libX11-common-1.6.5-1.el7.noarch 23/45
正在安装 : libX11-1.6.5-1.el7.x86_64 24/45
正在安装 : libXext-1.3.3-3.el7.x86_64 25/45
正在安装 : libXi-1.7.9-1.el7.x86_64 26/45
正在安装 : libXtst-1.2.3-1.el7.x86_64 27/45
正在安装 : giflib-4.1.6-9.el7.x86_64 28/45
正在安装 : libXrender-0.9.10-1.el7.x86_64 29/45
正在安装 : libXcomposite-0.4.4-4.1.el7.x86_64 30/45
正在安装 : lksctp-tools-1.0.17-2.el7.x86_64 31/45
正在安装 : copy-jdk-configs-3.3-10.el7_5.noarch 32/45
正在安装 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 33/45
正在安装 : ttmkfdir-3.0.9-42.el7.x86_64 34/45
正在安装 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 35/45
正在安装 : 2:libpng-1.5.13-7.el7_2.x86_64 36/45
正在安装 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 37/45
正在更新 : nss-tools-3.36.0-7.el7_5.x86_64 38/45
清理 : nss-tools-3.28.4-8.el7.x86_64 39/45
清理 : nss-sysinit-3.28.4-8.el7.x86_64 40/45
清理 : nss-3.28.4-8.el7.x86_64 41/45
清理 : nss-softokn-3.28.3-6.el7.x86_64 42/45
清理 : nss-util-3.28.4-3.el7.x86_64 43/45
清理 : nspr-4.13.1-1.0.el7_3.x86_64 44/45
清理 : nss-softokn-freebl-3.28.3-6.el7.x86_64 45/45
验证中 : libXext-1.3.3-3.el7.x86_64 1/45
验证中 : libX11-1.6.5-1.el7.x86_64 2/45
验证中 : libXi-1.7.9-1.el7.x86_64 3/45
验证中 : python-javapackages-3.4.1-11.el7.noarch 4/45
验证中 : libICE-1.0.9-9.el7.x86_64 5/45
验证中 : giflib-4.1.6-9.el7.x86_64 6/45
验证中 : libjpeg-turbo-1.2.90-5.el7.x86_64 7/45
验证中 : nspr-4.19.0-1.el7_5.x86_64 8/45
验证中 : libXrender-0.9.10-1.el7.x86_64 9/45
验证中 : libXfont-1.5.2-1.el7.x86_64 10/45
验证中 : python-lxml-3.2.1-4.el7.x86_64 11/45
验证中 : 2:libpng-1.5.13-7.el7_2.x86_64 12/45
验证中 : nss-3.36.0-7.el7_5.x86_64 13/45
验证中 : fontpackages-filesystem-1.44-8.el7.noarch 14/45
验证中 : ttmkfdir-3.0.9-42.el7.x86_64 15/45
验证中 : nss-util-3.36.0-1.el7_5.x86_64 16/45
验证中 : copy-jdk-configs-3.3-10.el7_5.noarch 17/45
验证中 : stix-fonts-1.1.0-5.el7.noarch 18/45
验证中 : libXcomposite-0.4.4-4.1.el7.x86_64 19/45
验证中 : libXtst-1.2.3-1.el7.x86_64 20/45
验证中 : lksctp-tools-1.0.17-2.el7.x86_64 21/45
验证中 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 22/45
验证中 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 23/45
验证中 : libxcb-1.12-1.el7.x86_64 24/45
验证中 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 25/45
验证中 : libxslt-1.1.28-5.el7.x86_64 26/45
验证中 : nss-tools-3.36.0-7.el7_5.x86_64 27/45
验证中 : javapackages-tools-3.4.1-11.el7.noarch 28/45
验证中 : libX11-common-1.6.5-1.el7.noarch 29/45
验证中 : nss-sysinit-3.36.0-7.el7_5.x86_64 30/45
验证中 : libXau-1.0.8-2.1.el7.x86_64 31/45
验证中 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 32/45
验证中 : libSM-1.2.2-2.el7.x86_64 33/45
验证中 : fontconfig-2.10.95-11.el7.x86_64 34/45
验证中 : tzdata-java-2018e-3.el7.noarch 35/45
验证中 : libfontenc-1.1.3-3.el7.x86_64 36/45
验证中 : nss-softokn-3.36.0-5.el7_5.x86_64 37/45
验证中 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 38/45
验证中 : nspr-4.13.1-1.0.el7_3.x86_64 39/45
验证中 : nss-softokn-3.28.3-6.el7.x86_64 40/45
验证中 : nss-util-3.28.4-3.el7.x86_64 41/45
验证中 : nss-softokn-freebl-3.28.3-6.el7.x86_64 42/45
验证中 : nss-3.28.4-8.el7.x86_64 43/45
验证中 : nss-sysinit-3.28.4-8.el7.x86_64 44/45
验证中 : nss-tools-3.28.4-8.el7.x86_64 45/45

已安装:
java-1.8.0-openjdk.x86_64 1:1.8.0.181-3.b13.el7_5

完毕！

验证一下JAVA的版本
[root@se1 ~]# java -version
openjdk version “1.8.0_181”
OpenJDK Runtime Environment (build 1.8.0_181-b13)
OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)

写一下本地HOSTS
[root@se1 ~]# vim /etc/hosts
[root@se1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.61 se1
192.168.1.62 se2
192.168.1.63 se3
192.168.1.64 se4
192.168.1.65 se5

确认SE状态为关闭
[root@se1 ~]# sestatus
SELinux status: disabled

开始安装elasticsearch
[root@se1 ~]# yum install -y elasticsearch
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 elasticsearch.noarch.0.2.3.4-1 将被安装
–> 解决依赖关系完成

依赖关系解决

事务概要
=====================================================================================================================
安装 1 软件包

总下载量：26 M
安装大小：29 M
Downloading packages:
elasticsearch-2.3.4.rpm | 26 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Creating elasticsearch group… OK
Creating elasticsearch user… OK
正在安装 : elasticsearch-2.3.4-1.noarch 1/1
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
验证中 : elasticsearch-2.3.4-1.noarch 1/1

已安装:
elasticsearch.noarch 0:2.3.4-1

完毕！

修改一下配置文件
[root@se1 ~]# grep -v “^#” /etc/elasticsearch/elasticsearch.yml | grep -v “^$”
cluster.name: myelk
node.name: se1
network.host: 0.0.0.0
discovery.zen.ping.unicast.hosts: [“se1”, “se2”, “se3”]

重启服务
[root@se1 ~]# systemctl restart elasticsearch.service
[root@se1 ~]# systemctl enable elasticsearch.service
Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
[root@se1 ~]# ss -antup | grep 9200
tcp LISTEN 0 50 :::9200 :::* users:((“java”,pid=1046,fd=110))
[root@se1 ~]#

网页上确认可以正常访问9200端口
[root@room9pc52 ~]# curl 192.168.1.61:9200
{
“name” : “se1”,
“cluster_name” : “myelk”,
“version” : {
“number” : “2.3.4”,
“build_hash” : “e455fd0c13dceca8dbbdbb1665d068ae55dabe3f”,
“build_timestamp” : “2016-06-30T11:24:31Z”,
“build_snapshot” : false,
“lucene_version” : “5.5.0”
},
“tagline” : “You Know, for Search”
}
[root@room9pc52 ~]#

同步61上面的配置文件hosts和elasticsearch.yml，注意，同步过去，不要忘记修改主机名，不然全是一样的
[root@se1 ~]# for i in {62..65} ; do scp /etc/hosts 192.168.1.$i:/etc/hosts ;done
The authenticity of host ‘192.168.1.62 (192.168.1.62)’ can’t be established.
ECDSA key fingerprint is SHA256:Y+OBT/LN+vb2rhuOvlMTWVF5/EJ3oBIdYjxjLB8OdaI.
ECDSA key fingerprint is MD5:07:e5:ec:41:7a:e4:ad:35:5b:6f:1b:59:d3:33:23:d3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.62’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 243 287.8KB/s 00:00
The authenticity of host ‘192.168.1.63 (192.168.1.63)’ can’t be established.
ECDSA key fingerprint is SHA256:JcEZ87RQms1R13tB0eGi8aD+ai+H9qYEYNDqOvnVICY.
ECDSA key fingerprint is MD5:05:32:3e:2d:80:3e:2d:a1:22:d9:42:d5:79:17:26:34.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.63’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 243 394.4KB/s 00:00
The authenticity of host ‘192.168.1.64 (192.168.1.64)’ can’t be established.
ECDSA key fingerprint is SHA256:8axSZjRuqYMzqz/3wNsmvnq0vFTbBLAS/cvNyJHYTKI.
ECDSA key fingerprint is MD5:53:df:64:6d:e5:9c:67:10:9c:6c:81:49:c0:d3:38:50.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.64’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 243 373.2KB/s 00:00
The authenticity of host ‘192.168.1.65 (192.168.1.65)’ can’t be established.
ECDSA key fingerprint is SHA256:pGdPEN/OM7aKiW7ACaGAyrUo2BhayinSMNytumuHiiE.
ECDSA key fingerprint is MD5:e6:75:8b:64:d1:da:4f:89:11:ff:91:4a:b1:f1:64:a1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.65’ (ECDSA) to the list of known hosts.
[email protected]’s password:
hosts 100% 243 245.9KB/s 00:00
[root@se1 ~]# for i in {62..65} ; do scp /etc/elasticsearch/elasticsearch.yml 192.168.1.$i:/etc/elasticsearch/elasticsearch.yml ;done
[email protected]’s password:
elasticsearch.yml 100% 3172 10.8MB/s 00:00
[email protected]’s password:
elasticsearch.yml 100% 3172 2.9MB/s 00:00
[email protected]’s password:
elasticsearch.yml 100% 3172 4.9MB/s 00:00
[email protected]’s password:
elasticsearch.yml 100% 3172 11.3MB/s 00:00
[root@se1 ~]#

按照se1\2\3\4\5的顺序重启服务，我把node2的操作贴一下，3、4、5是一样的
[root@room9pc52 ~]# ssh 192.168.1.62
The authenticity of host ‘192.168.1.62 (192.168.1.62)’ can’t be established.
ECDSA key fingerprint is SHA256:Y+OBT/LN+vb2rhuOvlMTWVF5/EJ3oBIdYjxjLB8OdaI.
ECDSA key fingerprint is MD5:07:e5:ec:41:7a:e4:ad:35:5b:6f:1b:59:d3:33:23:d3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.62’ (ECDSA) to the list of known hosts.
[email protected]’s password:
Last login: Sun Oct 21 09:23:59 2018
[root@se2 ~]#
[root@se2 ~]#
[root@se2 ~]#
[root@se2 ~]# yum install -y java-1.8.0-openjdk elasticsearch
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 elasticsearch.noarch.0.2.3.4-1 将被安装
—> 软件包 java-1.8.0-openjdk.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 java-1.8.0-openjdk-headless(x86-64) = 1:1.8.0.181-3.b13.el7_5，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 xorg-x11-fonts-Type1，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15(PNG15_0)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62(LIBJPEG_6.2)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so(SUNWprivate_1.1)(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 fontconfig(x86-64)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libpng15.so.15()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjvm.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjpeg.so.62()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libjava.so()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libgif.so.4()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXtst.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXrender.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXi.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXext.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libXcomposite.so.1()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 libX11.so.6()(64bit)，它被软件包 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在检查事务
—> 软件包 fontconfig.x86_64.0.2.10.95-11.el7 将被安装
–> 正在处理依赖关系 fontpackages-filesystem，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
–> 正在处理依赖关系 font(:lang=en)，它被软件包 fontconfig-2.10.95-11.el7.x86_64 需要
—> 软件包 giflib.x86_64.0.4.1.6-9.el7 将被安装
–> 正在处理依赖关系 libSM.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
–> 正在处理依赖关系 libICE.so.6()(64bit)，它被软件包 giflib-4.1.6-9.el7.x86_64 需要
—> 软件包 java-1.8.0-openjdk-headless.x86_64.1.1.8.0.181-3.b13.el7_5 将被安装
–> 正在处理依赖关系 tzdata-java >= 2015d，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss-softokn(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) >= 3.36.0，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 copy-jdk-configs >= 2.2，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 lksctp-tools(x86-64)，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
–> 正在处理依赖关系 jpackage-utils，它被软件包 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 需要
—> 软件包 libX11.x86_64.0.1.6.5-1.el7 将被安装
–> 正在处理依赖关系 libX11-common >= 1.6.5-1.el7，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
–> 正在处理依赖关系 libxcb.so.1()(64bit)，它被软件包 libX11-1.6.5-1.el7.x86_64 需要
—> 软件包 libXcomposite.x86_64.0.0.4.4-4.1.el7 将被安装
—> 软件包 libXext.x86_64.0.1.3.3-3.el7 将被安装
—> 软件包 libXi.x86_64.0.1.7.9-1.el7 将被安装
—> 软件包 libXrender.x86_64.0.0.9.10-1.el7 将被安装
—> 软件包 libXtst.x86_64.0.1.2.3-1.el7 将被安装
—> 软件包 libjpeg-turbo.x86_64.0.1.2.90-5.el7 将被安装
—> 软件包 libpng.x86_64.2.1.5.13-7.el7_2 将被安装
—> 软件包 xorg-x11-fonts-Type1.noarch.0.7.5-9.el7 将被安装
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 ttmkfdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在处理依赖关系 mkfontdir，它被软件包 xorg-x11-fonts-Type1-7.5-9.el7.noarch 需要
–> 正在检查事务
—> 软件包 copy-jdk-configs.noarch.0.3.3-10.el7_5 将被安装
—> 软件包 fontpackages-filesystem.noarch.0.1.44-8.el7 将被安装
—> 软件包 javapackages-tools.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-javapackages = 3.4.1-11.el7，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
–> 正在处理依赖关系 libxslt，它被软件包 javapackages-tools-3.4.1-11.el7.noarch 需要
—> 软件包 libICE.x86_64.0.1.0.9-9.el7 将被安装
—> 软件包 libSM.x86_64.0.1.2.2-2.el7 将被安装
—> 软件包 libX11-common.noarch.0.1.6.5-1.el7 将被安装
—> 软件包 libxcb.x86_64.0.1.12-1.el7 将被安装
–> 正在处理依赖关系 libXau.so.6()(64bit)，它被软件包 libxcb-1.12-1.el7.x86_64 需要
—> 软件包 lksctp-tools.x86_64.0.1.0.17-2.el7 将被安装
—> 软件包 nss.x86_64.0.3.28.4-8.el7 将被升级
–> 正在处理依赖关系 nss = 3.28.4-8.el7，它被软件包 nss-sysinit-3.28.4-8.el7.x86_64 需要
–> 正在处理依赖关系 nss(x86-64) = 3.28.4-8.el7，它被软件包 nss-tools-3.28.4-8.el7.x86_64 需要
—> 软件包 nss.x86_64.0.3.36.0-7.el7_5 将被更新
–> 正在处理依赖关系 nss-util >= 3.36.0-1，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 nspr >= 4.19.0，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
–> 正在处理依赖关系 libnssutil3.so(NSSUTIL_3.31)(64bit)，它被软件包 nss-3.36.0-7.el7_5.x86_64 需要
—> 软件包 nss-softokn.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn.x86_64.0.3.36.0-5.el7_5 将被更新
–> 正在处理依赖关系 nss-softokn-freebl(x86-64) >= 3.36.0-5.el7_5，它被软件包 nss-softokn-3.36.0-5.el7_5.x86_64 需要
—> 软件包 stix-fonts.noarch.0.1.1.0-5.el7 将被安装
—> 软件包 ttmkfdir.x86_64.0.3.0.9-42.el7 将被安装
—> 软件包 tzdata-java.noarch.0.2018e-3.el7 将被安装
—> 软件包 xorg-x11-font-utils.x86_64.1.7.5-20.el7 将被安装
–> 正在处理依赖关系 libfontenc.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在处理依赖关系 libXfont.so.1()(64bit)，它被软件包 1:xorg-x11-font-utils-7.5-20.el7.x86_64 需要
–> 正在检查事务
—> 软件包 libXau.x86_64.0.1.0.8-2.1.el7 将被安装
—> 软件包 libXfont.x86_64.0.1.5.2-1.el7 将被安装
—> 软件包 libfontenc.x86_64.0.1.1.3-3.el7 将被安装
—> 软件包 libxslt.x86_64.0.1.1.28-5.el7 将被安装
—> 软件包 nspr.x86_64.0.4.13.1-1.0.el7_3 将被升级
—> 软件包 nspr.x86_64.0.4.19.0-1.el7_5 将被更新
—> 软件包 nss-softokn-freebl.x86_64.0.3.28.3-6.el7 将被升级
—> 软件包 nss-softokn-freebl.x86_64.0.3.36.0-5.el7_5 将被更新
—> 软件包 nss-sysinit.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-sysinit.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-tools.x86_64.0.3.28.4-8.el7 将被升级
—> 软件包 nss-tools.x86_64.0.3.36.0-7.el7_5 将被更新
—> 软件包 nss-util.x86_64.0.3.28.4-3.el7 将被升级
—> 软件包 nss-util.x86_64.0.3.36.0-1.el7_5 将被更新
—> 软件包 python-javapackages.noarch.0.3.4.1-11.el7 将被安装
–> 正在处理依赖关系 python-lxml，它被软件包 python-javapackages-3.4.1-11.el7.noarch 需要
–> 正在检查事务
—> 软件包 python-lxml.x86_64.0.3.2.1-4.el7 将被安装
–> 解决依赖关系完成

依赖关系解决

=====================================================================================================================
Package 架构版本源大小
=====================================================================================================================
正在安装:
elasticsearch noarch 2.3.4-1 elk 26 M
java-1.8.0-openjdk x86_64 1:1.8.0.181-3.b13.el7_5 updates 250 k
为依赖而安装:
copy-jdk-configs noarch 3.3-10.el7_5 updates 21 k
fontconfig x86_64 2.10.95-11.el7 base 229 k
fontpackages-filesystem noarch 1.44-8.el7 base 9.9 k
giflib x86_64 4.1.6-9.el7 base 40 k
java-1.8.0-openjdk-headless x86_64 1:1.8.0.181-3.b13.el7_5 updates 32 M
javapackages-tools noarch 3.4.1-11.el7 base 73 k
libICE x86_64 1.0.9-9.el7 base 66 k
libSM x86_64 1.2.2-2.el7 base 39 k
libX11 x86_64 1.6.5-1.el7 base 606 k
libX11-common noarch 1.6.5-1.el7 base 164 k
libXau x86_64 1.0.8-2.1.el7 base 29 k
libXcomposite x86_64 0.4.4-4.1.el7 base 22 k
libXext x86_64 1.3.3-3.el7 base 39 k
libXfont x86_64 1.5.2-1.el7 base 152 k
libXi x86_64 1.7.9-1.el7 base 40 k
libXrender x86_64 0.9.10-1.el7 base 26 k
libXtst x86_64 1.2.3-1.el7 base 20 k
libfontenc x86_64 1.1.3-3.el7 base 31 k
libjpeg-turbo x86_64 1.2.90-5.el7 base 134 k
libpng x86_64 2:1.5.13-7.el7_2 base 213 k
libxcb x86_64 1.12-1.el7 base 211 k
libxslt x86_64 1.1.28-5.el7 base 242 k
lksctp-tools x86_64 1.0.17-2.el7 base 88 k
python-javapackages noarch 3.4.1-11.el7 base 31 k
python-lxml x86_64 3.2.1-4.el7 base 758 k
stix-fonts noarch 1.1.0-5.el7 base 1.3 M
ttmkfdir x86_64 3.0.9-42.el7 base 48 k
tzdata-java noarch 2018e-3.el7 updates 185 k
xorg-x11-font-utils x86_64 1:7.5-20.el7 base 87 k
xorg-x11-fonts-Type1 noarch 7.5-9.el7 base 521 k
为依赖而更新:
nspr x86_64 4.19.0-1.el7_5 updates 127 k
nss x86_64 3.36.0-7.el7_5 updates 835 k
nss-softokn x86_64 3.36.0-5.el7_5 updates 315 k
nss-softokn-freebl x86_64 3.36.0-5.el7_5 updates 222 k
nss-sysinit x86_64 3.36.0-7.el7_5 updates 62 k
nss-tools x86_64 3.36.0-7.el7_5 updates 515 k
nss-util x86_64 3.36.0-1.el7_5 updates 78 k

事务概要
=====================================================================================================================
安装 2 软件包 (+30 依赖软件包)
升级 ( 7 依赖软件包)

总下载量：66 M
Downloading packages:
Delta RPMs disabled bec : python-lxml-3.2.1-4.el7.x86_64.rpm | 758 kB 00:00:02
———————————————————————————————————————
总计 9.8 MB/s | 66 MB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : nspr-4.19.0-1.el7_5.x86_64 1/46
正在更新 : nss-util-3.36.0-1.el7_5.x86_64 2/46
正在安装 : libfontenc-1.1.3-3.el7.x86_64 3/46
正在安装 : libxslt-1.1.28-5.el7.x86_64 4/46
正在安装 : fontpackages-filesystem-1.44-8.el7.noarch 5/46
正在安装 : libjpeg-turbo-1.2.90-5.el7.x86_64 6/46
正在安装 : libICE-1.0.9-9.el7.x86_64 7/46
正在安装 : libSM-1.2.2-2.el7.x86_64 8/46
正在安装 : stix-fonts-1.1.0-5.el7.noarch 9/46
正在安装 : fontconfig-2.10.95-11.el7.x86_64 10/46
正在安装 : python-lxml-3.2.1-4.el7.x86_64 11/46
正在安装 : python-javapackages-3.4.1-11.el7.noarch 12/46
正在安装 : javapackages-tools-3.4.1-11.el7.noarch 13/46
正在安装 : libXfont-1.5.2-1.el7.x86_64 14/46
正在安装 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 15/46
正在更新 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 16/46
正在更新 : nss-softokn-3.36.0-5.el7_5.x86_64 17/46
正在更新 : nss-sysinit-3.36.0-7.el7_5.x86_64 18/46
正在更新 : nss-3.36.0-7.el7_5.x86_64 19/46
正在安装 : tzdata-java-2018e-3.el7.noarch 20/46
正在安装 : libXau-1.0.8-2.1.el7.x86_64 21/46
正在安装 : libxcb-1.12-1.el7.x86_64 22/46
正在安装 : libX11-common-1.6.5-1.el7.noarch 23/46
正在安装 : libX11-1.6.5-1.el7.x86_64 24/46
正在安装 : libXext-1.3.3-3.el7.x86_64 25/46
正在安装 : libXi-1.7.9-1.el7.x86_64 26/46
正在安装 : libXtst-1.2.3-1.el7.x86_64 27/46
正在安装 : giflib-4.1.6-9.el7.x86_64 28/46
正在安装 : libXrender-0.9.10-1.el7.x86_64 29/46
正在安装 : libXcomposite-0.4.4-4.1.el7.x86_64 30/46
正在安装 : lksctp-tools-1.0.17-2.el7.x86_64 31/46
正在安装 : copy-jdk-configs-3.3-10.el7_5.noarch 32/46
正在安装 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 33/46
正在安装 : ttmkfdir-3.0.9-42.el7.x86_64 34/46
正在安装 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 35/46
正在安装 : 2:libpng-1.5.13-7.el7_2.x86_64 36/46
正在安装 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 37/46
正在更新 : nss-tools-3.36.0-7.el7_5.x86_64 38/46
Creating elasticsearch group… OK
Creating elasticsearch user… OK
正在安装 : elasticsearch-2.3.4-1.noarch 39/46
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
清理 : nss-tools-3.28.4-8.el7.x86_64 40/46
清理 : nss-sysinit-3.28.4-8.el7.x86_64 41/46
清理 : nss-3.28.4-8.el7.x86_64 42/46
清理 : nss-softokn-3.28.3-6.el7.x86_64 43/46
清理 : nss-util-3.28.4-3.el7.x86_64 44/46
清理 : nspr-4.13.1-1.0.el7_3.x86_64 45/46
清理 : nss-softokn-freebl-3.28.3-6.el7.x86_64 46/46
验证中 : libXext-1.3.3-3.el7.x86_64 1/46
验证中 : libX11-1.6.5-1.el7.x86_64 2/46
验证中 : libXi-1.7.9-1.el7.x86_64 3/46
验证中 : python-javapackages-3.4.1-11.el7.noarch 4/46
验证中 : libICE-1.0.9-9.el7.x86_64 5/46
验证中 : giflib-4.1.6-9.el7.x86_64 6/46
验证中 : libjpeg-turbo-1.2.90-5.el7.x86_64 7/46
验证中 : nspr-4.19.0-1.el7_5.x86_64 8/46
验证中 : libXrender-0.9.10-1.el7.x86_64 9/46
验证中 : libXfont-1.5.2-1.el7.x86_64 10/46
验证中 : python-lxml-3.2.1-4.el7.x86_64 11/46
验证中 : 2:libpng-1.5.13-7.el7_2.x86_64 12/46
验证中 : nss-3.36.0-7.el7_5.x86_64 13/46
验证中 : fontpackages-filesystem-1.44-8.el7.noarch 14/46
验证中 : ttmkfdir-3.0.9-42.el7.x86_64 15/46
验证中 : nss-util-3.36.0-1.el7_5.x86_64 16/46
验证中 : copy-jdk-configs-3.3-10.el7_5.noarch 17/46
验证中 : stix-fonts-1.1.0-5.el7.noarch 18/46
验证中 : libXcomposite-0.4.4-4.1.el7.x86_64 19/46
验证中 : libXtst-1.2.3-1.el7.x86_64 20/46
验证中 : lksctp-tools-1.0.17-2.el7.x86_64 21/46
验证中 : 1:java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64 22/46
验证中 : 1:java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64 23/46
验证中 : libxcb-1.12-1.el7.x86_64 24/46
验证中 : xorg-x11-fonts-Type1-7.5-9.el7.noarch 25/46
验证中 : libxslt-1.1.28-5.el7.x86_64 26/46
验证中 : nss-tools-3.36.0-7.el7_5.x86_64 27/46
验证中 : javapackages-tools-3.4.1-11.el7.noarch 28/46
验证中 : elasticsearch-2.3.4-1.noarch 29/46
验证中 : libX11-common-1.6.5-1.el7.noarch 30/46
验证中 : nss-sysinit-3.36.0-7.el7_5.x86_64 31/46
验证中 : libXau-1.0.8-2.1.el7.x86_64 32/46
验证中 : nss-softokn-freebl-3.36.0-5.el7_5.x86_64 33/46
验证中 : libSM-1.2.2-2.el7.x86_64 34/46
验证中 : fontconfig-2.10.95-11.el7.x86_64 35/46
验证中 : tzdata-java-2018e-3.el7.noarch 36/46
验证中 : libfontenc-1.1.3-3.el7.x86_64 37/46
验证中 : nss-softokn-3.36.0-5.el7_5.x86_64 38/46
验证中 : 1:xorg-x11-font-utils-7.5-20.el7.x86_64 39/46
验证中 : nspr-4.13.1-1.0.el7_3.x86_64 40/46
验证中 : nss-softokn-3.28.3-6.el7.x86_64 41/46
验证中 : nss-util-3.28.4-3.el7.x86_64 42/46
验证中 : nss-softokn-freebl-3.28.3-6.el7.x86_64 43/46
验证中 : nss-3.28.4-8.el7.x86_64 44/46
验证中 : nss-sysinit-3.28.4-8.el7.x86_64 45/46
验证中 : nss-tools-3.28.4-8.el7.x86_64 46/46

已安装:
elasticsearch.noarch 0:2.3.4-1 java-1.8.0-openjdk.x86_64 1:1.8.0.181-3.b13.el7_5

完毕！
[root@se2 ~]# systemctl restart elasticsearch
[root@se2 ~]# systemctl enable elasticsearch
Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
[root@se2 ~]#
[root@se2 ~]#
[root@se2 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.61 se1
192.168.1.62 se2
192.168.1.63 se3
192.168.1.64 se4
192.168.1.65 se5
[root@se2 ~]# cat /etc/elasticsearch/elasticsearch.yml
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please see the documentation for further information on configuration options:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/setup-configuration.html>
#
# ———————————- Cluster ———————————–
#
# Use a descriptive name for your cluster:
#
cluster.name: myelk
#
# ———————————— Node ————————————
#
# Use a descriptive name for the node:
#
node.name: se2
#
# Add custom attributes to the node:
#
# node.rack: r1
#
# ———————————– Paths ————————————
#
# Path to directory where to store the data (separate multiple locations by comma):
#
# path.data: /path/to/data
#
# Path to log files:
#
# path.logs: /path/to/logs
#
# ———————————– Memory ———————————–
#
# Lock the memory on startup:
#
# bootstrap.mlockall: true
#
# Make sure that the `ES_HEAP_SIZE` environment variable is set to about half the memory
# available on the system and that the owner of the process is allowed to use this limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ———————————- Network ———————————–
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 0.0.0.0
#
# Set a custom port for HTTP:
#
# http.port: 9200
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-network.html>
#
# ——————————— Discovery ———————————-
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is [“127.0.0.1”, “[::1]”]
#
discovery.zen.ping.unicast.hosts: [“se1”, “se2”, “se3”]
#
# Prevent the “split brain” by configuring the majority of nodes (total number of nodes / 2 + 1):
#
# discovery.zen.minimum_master_nodes: 3
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery.html>
#
# ———————————- Gateway ———————————–
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
# gateway.recover_after_nodes: 3
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-gateway.html>
#
# ———————————- Various ———————————–
#
# Disable starting multiple nodes on a single system:
#
# node.max_local_storage_nodes: 1
#
# Require explicit names when deleting indices:
#
# action.destructive_requires_name: true
[root@se2 ~]#

访问测试集群状态
ES 集群验证：返回字段解析：
”status”: ”green“ 集群状态：绿色为正常、黄色表示有问题但不是很严重、红色表示严重故障
”number_of_nodes”： 5, 表示集群中节点的数量
[root@room9pc52 ~]# curl 192.168.1.61:9200/_cluster/health?pretty
{
“cluster_name” : “myelk”,
“status” : “green”,
“timed_out” : false,
“number_of_nodes” : 5,
“number_of_data_nodes” : 5,
“active_primary_shards” : 0,
“active_shards” : 0,
“relocating_shards” : 0,
“initializing_shards” : 0,
“unassigned_shards” : 0,
“delayed_unassigned_shards” : 0,
“number_of_pending_tasks” : 0,
“number_of_in_flight_fetch” : 0,
“task_max_waiting_in_queue_millis” : 0,
“active_shards_percent_as_number” : 100.0
}
[root@room9pc52 ~]#

3 案例3：练习curl命令
3.1 问题

本案例要求：
练习使用curl命令
理解GET POST
使用curl命令访问ES集群
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：curl命令的使用

http的请求方法：
常用方法 GET，POST，HEAD
其他方法 OPTIONS，PUT，DELETE，TRACE和CONNECT
ES常用：
PUT –增
DELETE –删
POST –改
GET –查
系统命令curl：
是一个利用URL规则在命令行下工作的文件传输工具,可以说是一款很强大的http命令行工具。它支持多种请求模式,自定义请求头等强大功能,是一款综合工具
curl 常用参数介绍：
-A 修改请求 agent
-X 设置请求方法
-i 显示返回头信息
1）索引的分片信息，如图-1所示：
[root@room9pc01 ~]# curl -X GET http://192.168.1.61:9200/_cat

图-1
2）显示health的详细信息，如图-2所示：
[root@room9pc01 ~]# curl -X GET http://192.168.1.62:9200/_cat/health?v

图-2
3）查看nodes的帮助，如图-3所示：
[root@room9pc01 ~]# curl -X GET http://192.168.1.61:9200/_cat/nodes?help

图-3

代码如下
查看索引分片信息
[root@room9pc52 ~]# curl -X GET http://192.168.1.61:9200/_cat
=^.^=
/_cat/allocation
/_cat/shards
/_cat/shards/{index}
/_cat/master
/_cat/nodes
/_cat/indices
/_cat/indices/{index}
/_cat/segments
/_cat/segments/{index}
/_cat/count
/_cat/count/{index}
/_cat/recovery
/_cat/recovery/{index}
/_cat/health
/_cat/pending_tasks
/_cat/aliases
/_cat/aliases/{alias}
/_cat/thread_pool
/_cat/plugins
/_cat/fielddata
/_cat/fielddata/{fields}
/_cat/nodeattrs
/_cat/repositories
/_cat/snapshots/{repository}
[root@room9pc52 ~]#

查看节点健康状态
[root@room9pc52 ~]# curl -X GET http://192.168.1.62:9200/_cat/health?v
epoch timestamp cluster status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1540090287 10:51:27 myelk green 5 5 0 0 0 0 0 0 – 100.0%

4 案例4：练习插件
4.1 问题

本案例要求：
在其中一台机器上部署插件
使用bigdesk查看集群状态
使用head创建index
使用kopf查看数据
4.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：部署插件

插件装在哪一台机器上，只能在哪台机器上使用（这里安装在se5机器上面）
1）使用远程 uri 路径可以直接安装
[root@se5 ~]# cd /usr/share/elasticsearch/bin
[root@se5 bin]# ./plugin install \
ftp://192.168.1.254/elk/elasticsearch-head-master.zip //安装head插件
[root@se5 bin]# ./plugin install \
ftp://192.168.1.254/elk/elasticsearch-kopf-master.zip //安装kopf插件
[root@se5 bin]# [root@se5 bin]# ./plugin install \
ftp://192.168.1.254/elk/bigdesk-master.zip
//安装bigdesk插件
[root@se5 bin]# ./plugin list //查看安装的插件
Installed plugins in /usr/share/elasticsearch/plugins:
– head
– kopf
– bigdesk
2）访问head插件，如图-4所示：
[root@room9pc01 ~]# firefox http://192.168.1.65:9200/_plugin/head

图-4
3）访问kopf插件，如图-5所示：
[root@room9pc01 ~]# http://192.168.1.65:9200/_plugin/kopf

图-5
4）访问bigdesk插件，如图-6所示：
[root@room9pc01 ~]# http://192.168.1.65:9200/_plugin/bigdesk

图-6
步骤二：使用head创建index

[root@se5 bin]# curl -X PUT “http://192.168.1.65:9200/index” -d ‘
> {
> “settings”:{
> “index”:{
> “number_of_shards”:5, //分片数
> “number_of_replicas”:1 //副本数
> }
> }
> }’
{“acknowledged”:true}
步骤三：使用kopf查看数据，如图-7所示：

代码如下，注意在哪台机器上面装插件，就只能在哪台机器上面去操作，这里安装在node5上面

现在真机上，把实验需要的插件，配置文件都放在FTP上面
[root@room9pc52 elk 1]# ls
accounts.json.gz elk.tar
alog.gz filebeat-1.2.3-x86_64.rpm
bigdesk-master.zip kibana-4.5.2-1.x86_64.rpm
elasticsearch-2.3.4.rpm logs.jsonl.gz
elasticsearch-head-master.zip logstash-2.3.4-1.noarch.rpm
elasticsearch-kopf-master.zip NSD_ELK_01.pdf
elk_01(1).txt shakespeare.json.gz
[root@room9pc52 elk 1]# cp *.gz /var/ftp/elk/
[root@room9pc52 elk 1]# cp *.zip /var/ftp/elk/
[root@room9pc52 elk 1]# ls /var/ftp/elk/
accounts.json.gz filebeat-1.2.3-x86_64.rpm
alog.gz kibana-4.5.2-1.x86_64.rpm
bigdesk-master.zip logs.jsonl.gz
elasticsearch-2.3.4.rpm logstash-2.3.4-1.noarch.rpm
elasticsearch-head-master.zip repodata
elasticsearch-kopf-master.zip shakespeare.json.gz
[root@room9pc52 elk 1]#

然后去node5上面去操作，安装插件，注意，本地安装也可以，但是要使用URL的形式，也就是file:///xxx 这种
[root@se5 ~]# cd /usr/share/elasticsearch/bin/
[root@se5 bin]# ./plugin install ftp://192.168.1.254/elk/elasticsearch-head-master.zip
-> Installing from ftp://192.168.1.254/elk/elasticsearch-head-master.zip…
Trying ftp://192.168.1.254/elk/elasticsearch-head-master.zip …
Downloading ………DONE
Verifying ftp://192.168.1.254/elk/elasticsearch-head-master.zip checksums if available …
Exception in thread “Thread-1” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
Exception in thread “Thread-2” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed head into /usr/share/elasticsearch/plugins/head
[root@se5 bin]# ./plugin install ftp://192.168.1.254/elk/elasticsearch-kopf-master.zip
-> Installing from ftp://192.168.1.254/elk/elasticsearch-kopf-master.zip…
Trying ftp://192.168.1.254/elk/elasticsearch-kopf-master.zip …
Downloading ………………….DONE
Verifying ftp://192.168.1.254/elk/elasticsearch-kopf-master.zip checksums if available …
Exception in thread “Thread-1” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
Exception in thread “Thread-2” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed kopf into /usr/share/elasticsearch/plugins/kopf
[root@se5 bin]# ./plugin install ftp://192.168.1.254/elk/bigdesk-master.zip
-> Installing from ftp://192.168.1.254/elk/bigdesk-master.zip…
Trying ftp://192.168.1.254/elk/bigdesk-master.zip …
Downloading …DONE
Verifying ftp://192.168.1.254/elk/bigdesk-master.zip checksums if available …
Exception in thread “Thread-1” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
Exception in thread “Thread-2” java.lang.IllegalStateException: Not connected
at sun.net.ftp.impl.FtpClient.issueCommand(FtpClient.java:523)
at sun.net.ftp.impl.FtpClient.issueCommandCheck(FtpClient.java:550)
at sun.net.ftp.impl.FtpClient.setType(FtpClient.java:1678)
at sun.net.ftp.FtpClient.setBinaryType(FtpClient.java:676)
at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:432)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.downloadFile(HttpDownloadHelper.java:417)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.get(HttpDownloadHelper.java:304)
at org.elasticsearch.common.http.client.HttpDownloadHelper$GetThread.run(HttpDownloadHelper.java:290)
NOTE: Unable to verify checksum for downloaded plugin (unable to find .sha1 or .md5 file to verify)
Installed bigdesk into /usr/share/elasticsearch/plugins/bigdesk
[root@se5 bin]# ./plugin list
Installed plugins in /usr/share/elasticsearch/plugins:
– head
– kopf
– bigdesk
[root@se5 bin]#

测试，去浏览器挨个访问插件试一试，不贴图了
http://192.168.1.65:9200/_plugin/head
http://192.168.1.65:9200/_plugin/kopf
http://192.168.1.65:9200/_plugin/bigdesk

[root@se5 bin]# curl -X PUT “http://192.168.1.65:9200/index” -d’
> {
> “settings”:{
> “index”:{
> “number_of_shards”:5,
> “number_of_replicas”:1
> }
> }
> }’
{“acknowledged”:true}[root@se5 bin]#

5 案例5：插入，增加，删除查询数据
5.1 问题

本案例要求：
使用curl命令连接使用ES数据库
使用PUT方法增加数据
使用POST修改数据
使用GET查询数据
使用DELETE删除数据
5.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：增加数据

[root@se5 ~]# locale
[root@se5 ~]# LANG=en_US.UTF-8 //设置编码
[root@se5 ~]# curl -X PUT “http://192.168.1.65:9200/taindex/teacher/1” -d ‘{
“职业”:”诗人”,
“名字”:”李白”,
“称号”:”诗仙”,
“年代”:”唐”
}’
{“_index”:”taindex”,”_type”:”teacher”,”_id”:”1″,”_version”:2,”_shards”:{“total”:2,”successful”:2,”failed”:0},”created”:false}
步骤二：修改数据

[root@se5 ~]# curl -X PUT “http://192.168.1.65:9200/taindex/teacher/1” -d ‘{
“doc”:{
“年代”: “唐代”
}
}’
{“_index”:”taindex”,”_type”:”teacher”,”_id”:”1″,”_version”:3,”_shards”:{“total”:2,”successful”:2,”failed”:0},”created”:false}
步骤三：查询数据

[root@se5 ~]# curl -X GET “http://192.168.1.65:9200/taindex/teacher/3?pretty”
{
“_index” : “taindex”,
“_type” : “teacher”,
“_id” : “3”,
“found” : false
}
步骤四：删除数据

[root@se5 ~]# curl -X DELETE “http://192.168.1.65:9200/taindex/teacher/3?pretty”
{
“found” : false,
“_index” : “taindex”,
“_type” : “teacher”,
“_id” : “3”,
“_version” : 1,
“_shards” : {
“total” : 2,
“successful” : 2,
“failed” : 0
}
}
步骤五：删除索引

[root@se5 bin]# curl -X DELETE http://192.168.1.65:9200/taindex/
//删除索引
{“acknowledged”:true}
[root@se5 bin]# curl -X DELETE http://192.168.1.65:9200/* //删除所有索引
{“acknowledged”:true}

代码如下
先设置好语言
查看语言
[root@se5 bin]# locale
LANG=zh_CN.UTF-8
LC_CTYPE=”zh_CN.UTF-8″
LC_NUMERIC=zh_CN.UTF-8
LC_TIME=zh_CN.UTF-8
LC_COLLATE=”zh_CN.UTF-8″
LC_MONETARY=zh_CN.UTF-8
LC_MESSAGES=”zh_CN.UTF-8″
LC_PAPER=zh_CN.UTF-8
LC_NAME=”zh_CN.UTF-8″
LC_ADDRESS=”zh_CN.UTF-8″
LC_TELEPHONE=”zh_CN.UTF-8″
LC_MEASUREMENT=zh_CN.UTF-8
LC_IDENTIFICATION=”zh_CN.UTF-8″
LC_ALL=

设置语言
[root@se5 bin]# LANG=en_US.UTF-8

再确认一下
[root@se5 bin]# locale
LANG=en_US.UTF-8
LC_CTYPE=”en_US.UTF-8″
LC_NUMERIC=zh_CN.UTF-8
LC_TIME=zh_CN.UTF-8
LC_COLLATE=”en_US.UTF-8″
LC_MONETARY=zh_CN.UTF-8
LC_MESSAGES=”en_US.UTF-8″
LC_PAPER=zh_CN.UTF-8
LC_NAME=”en_US.UTF-8″
LC_ADDRESS=”en_US.UTF-8″
LC_TELEPHONE=”en_US.UTF-8″
LC_MEASUREMENT=zh_CN.UTF-8
LC_IDENTIFICATION=”en_US.UTF-8″
LC_ALL=

步骤一、增加数据
[root@se5 bin]# curl -X PUT “http://192.168.1.65:9200/taindex/teacher/1” -d ‘{
> “职业”:”诗人”,
> “名字”:”李白”,
> “称号”:”诗仙”,
> “年代”:”唐”
> }’
{“_index”:”taindex”,”_type”:”teacher”,”_id”:”1″,”_version”:1,”_shards”:{“total”:2,”successful”:2,”failed”:0},”created”:true}[root@se5 bin]#

步骤二、修改数据
{“_index”:”taindex”,”_type”:”teacher”,”_id”:”1″,”_version”:1,”_shards”:{“total”:2,”successful”:2,”failed”:0},”created”:true}[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]#
[root@se5 bin]# curl -X POST “http://192.168.1.65:9200/taindex/teacher/1” -d ‘{
> “doc”:{
> “年代”:”唐代”
> }
> }’
{“_index”:”taindex”,”_type”:”teacher”,”_id”:”1″,”_version”:2,”_shards”:{“total”:2,”successful”:2,”failed”:0},”created”:false}[root@se5 bin]#

步骤三：查询数据
[root@se5 bin]# curl -X GET “http://192.168.1.65:9200/taindex/teacher/3?pretty”
{
“_index” : “taindex”,
“_type” : “teacher”,
“_id” : “3”,
“found” : false
}

步骤四：删除数据
[root@se5 bin]# curl -X DELETE “http://192.168.1.65:9200/taindex/teacher/3?pretty”
{
“found” : false,
“_index” : “taindex”,
“_type” : “teacher”,
“_id” : “3”,
“_version” : 1,
“_shards” : {
“total” : 2,
“successful” : 2,
“failed” : 0
}
}

步骤五：删除索引
[root@se5 bin]# curl -X DELETE http://192.168.1.65:9200/taindex/
{“acknowledged”:

删除所有的索引
[root@se5 bin]# curl -X DELETE http://192.168.1.65:9200/*
{“acknowledged”:true}

6 案例6：安装Kibana
6.1 问题

本案例要求：
安装Kibana
配置启动服务查看5601端口是否正常
通过web页面访问Kibana
6.2 步骤

实现此案例需要按照如下步骤进行
步骤一：安装kibana

1）在另一台主机，配置ip为192.168.1.66，配置yum源，更改主机名
2）安装kibana
[root@kibana ~]# yum -y install kibana
[root@kibana ~]# rpm -qc kibana
/opt/kibana/config/kibana.yml
[root@kibana ~]# vim /opt/kibana/config/kibana.yml
2 server.port: 5601
//若把端口改为80，可以成功启动kibana，但ss时没有端口，没有监听80端口，服务里面写死了，不能用80端口，只能是5601这个端口
5 server.host: “0.0.0.0” //服务器监听地址
15 elasticsearch.url: http://192.168.1.61:9200
//声明地址，从哪里查，集群里面随便选一个
23 kibana.index: “.kibana” //kibana自己创建的索引
26 kibana.defaultAppId: “discover” //打开kibana页面时，默认打开的页面discover
53 elasticsearch.pingTimeout: 1500 //ping检测超时时间
57 elasticsearch.requestTimeout: 30000 //请求超时
64 elasticsearch.startupTimeout: 5000 //启动超时
[root@kibana ~]# systemctl restart kibana
[root@kibana ~]# systemctl enable kibana
Created symlink from /etc/systemd/system/multi-user.target.wants/kibana.service to /usr/lib/systemd/system/kibana.service.
[root@kibana ~]# ss -antup | grep 5601 //查看监听端口
3）浏览器访问kibana，如图-8所示：
[root@kibana ~]# firefox 192.168.1.66:5601

图-8
4）点击Status，查看是否安装成功，全部是绿色的对钩,说明安装成功，如图-9所示：

图-9
5）用head插件访问会有.kibana的索引信息，如图-10所示：
[root@se5 ~]# firefox http://192.168.1.65:9200/_plugin/head/

代码如下
一，安装kibana
到66节点上去安装kibana
配置yum源
[root@kibana ~]# cat /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[elk]
name=elk
baseurl=”ftp://192.168.1.254/elk”
enabled=1
gpgcheck=0
[root@kibana ~]# yum repolist
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
源标识源名称状态
base/7/x86_64 CentOS-7 – Base 9,911
elk elk 4
extras/7/x86_64 CentOS-7 – Extras 432
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,561
repolist: 21,499
[root@kibana ~]#
[root@kibana ~]# yum install -y kibana
已加载插件：fastestmirror
elk | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 kibana.x86_64.0.4.5.2-1 将被安装
–> 解决依赖关系完成

依赖关系解决

事务概要
=====================================================================================================================
安装 1 软件包

总下载量：32 M
安装大小：119 M
Downloading packages:
kibana-4.5.2-1.x86_64.rpm | 32 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : kibana-4.5.2-1.x86_64 1/1
验证中 : kibana-4.5.2-1.x86_64 1/1

已安装:
kibana.x86_64 0:4.5.2-1

修改kibana的配置文件
完毕！
[root@kibana ~]# vim /opt/kibana/config/kibana.yml
[root@kibana ~]# grep -v “^#” /opt/kibana/config/kibana.yml | grep -v “^$”
server.port: 5601
server.host: “0.0.0.0”
elasticsearch.url: “http://192.168.1.61:9200”
kibana.index: “.kibana”
kibana.defaultAppId: “discover”
elasticsearch.pingTimeout: 1500
elasticsearch.requestTimeout: 30000
elasticsearch.startupTimeout: 5000

重启服务，并确认端口
[root@kibana ~]# systemctl restart kibana
[root@kibana ~]# systemctl enable kibana
Created symlink from /etc/systemd/system/multi-user.target.wants/kibana.service to /usr/lib/systemd/system/kibana.service.
[root@kibana ~]# ss -antup | grep 5601
tcp LISTEN 0 128 *:5601 *:* users:((“node”,pid=976,fd=11))
[root@kibana ~]#

浏览器访问确认安装成功
http://192.168.1.66:5601/
点击Status，查看是否安装成功，全部是绿色的对钩,说明安装成功

用head插件访问会有.kibana的索引信息
http://192.168.1.65:9200/_plugin/head/

发表在 ELK | 标签为 ELK | 留下评论

Ansible_Day02脚本（PLAYBOOK）

发表于2018年10月22日由tim, arc

Top
NSD ARCHITECTURE DAY02

练习1：playbook练习
案例2：变量练习
案例3：handlers练习
案例4：编写playbook
1 练习1：playbook练习
1.1 问题

本案例要求：
安装Apache并修改监听端口为8080
修改ServerName配置，执行apachectl -t命令不报错
设置默认主页hello world
启动服务并设开机自启
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：playbook的ping脚本检测

[root@ansible ansible]# vim ping.yml
—
– hosts: all
remote_user: root
tasks:
– ping:
[root@ansible ansible]# ansible-playbook ping.yml //输出结果
PLAY [all] *******************************************************************
TASK [Gathering Facts] *******************************************************
ok: [web1]
ok: [web2]
ok: [cache]
ok: [db1]
ok: [db2]
TASK [ping] ******************************************************************
ok: [db1]
ok: [web2]
ok: [cache]
ok: [web1]
ok: [db2]
PLAY RECAP *******************************************************************
cache : ok=2 changed=0 unreachable=0 failed=0
db1 : ok=2 changed=0 unreachable=0 failed=0
db2 : ok=2 changed=0 unreachable=0 failed=0
web1 : ok=2 changed=0 unreachable=0 failed=0
web2 : ok=2 changed=0 unreachable=0 failed=0
注意：如果检测的时候出错，会在当前的目录生成一个新的文件（以.retry结尾），可以去这个文件里面看是哪个主机的错
步骤二：用playbook安装Apache,修改端口，配置ServerName，修改主页，设置开机自启

[root@ansible ansible]# vim http.yml
—
– hosts: cache
remote_user: root
tasks:
– name: install one specific version of Apache
yum:
name: httpd //安装Apache
state: installed
– lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: ‘^Listen ‘
line: ‘Listen 8080’ //修改端口为8080
– replace:
path: /etc/httpd/conf/httpd.conf
regexp: ‘^#(ServerName).*’ //配置ServerName
replace: ‘\1 localhost’
– service:
name: httpd
enabled: yes //开机自启
state: restarted
– copy:
src: /root/index.html //修改主页，可以自己写个页面
dest: /var/www/html/index.html
[root@ansible ansible]# curl 192.168.1.56:8080
hello world
[root@ansible ansible]# ssh cache
Last login: Fri Sep 7 09:32:05 2018 from 192.168.1.51
[root@cache ~]# apachectl -t
Syntax OK
2 案例2：变量练习
2.1 问题

本案例要求熟悉playbook进阶：
练习使用user模块添加用户
练习使用变量简化task，让play通用性更强
练习使用过滤器
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：使用user模块添加用户，并修改密码

[root@ansible ansible]# vim user.yml
—
– hosts: cache
remote_user: root
vars:
username: xiaoming
tasks:
– name: create user “{{username}}”
user: group=wheel uid=1000 name={{username}}
– shell: echo 123456 | passwd –stdin xiaoming
– shell: chage -d 0 {{username}}
[root@ansible ansible]# ansible-playbook user.yml //执行结果
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [create user ” xiaoming “] ***********************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
PLAY RECAP ********************************************************************
cache : ok=4 changed=3 unreachable=0 failed=0
步骤二：变量过滤器，创建一个用户，设置密码

[root@ansible ansible]# vim user1.yml
—
– hosts: cache
remote_user: root
tasks:
– user:
name: lisi
group: root
password: “{{‘123456’ | password_hash(‘sha512’)}}”
– shell: chage -d 0 lisi
[root@ansible ansible]# ansible-playbook user1.yml
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [user] *******************************************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
PLAY RECAP ********************************************************************
cache : ok=3 changed=2 unreachable=0 failed=0
步骤三：定义一个变量创建用户

[root@ansible ansible]# vim user2.yml
—
– hosts: cache
remote_user: root
vars:
user: zhangs
tasks:
– user:
name: “{{user}}”
group: root
password: “{{‘123456’ | password_hash(‘sha512’)}}”
– shell: chage -d 0 “{{user}}”
[root@ansible ansible]# ansible-playbook user2.yml
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [user] *******************************************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
PLAY RECAP ********************************************************************
cache : ok=3 changed=2 unreachable=0 failed=0
3 案例3：handlers练习
3.1 问题

本案例要求：
安装Apache软件
配置文件，重新载入配置文件让服务生效
使用handlers来实现
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：error

playbook从上往下顺序执行，若报错，后面的命令不会在执行，若想解决有两种方法：
1）当返回值为假时，显示true： – shell: setenforce 0 || true
[root@ansible ansible]# vim user5.yml
—
– hosts: cache
remote_user: root
vars:
user: bb
tasks:
– shell: setenforce 0 || true
– user:
name: “{{user}}”
group: root
password: “{{‘123456’ | password_hash(‘sha512’)}}”
– shell: chage -d 0 “{{user}}”
[root@ansible ansible]# ansible-playbook user5.yml
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [command] ****************************************************************
changed: [cache]
TASK [user] *******************************************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
PLAY RECAP ********************************************************************
cache : ok=4 changed=3 unreachable=0 failed=0
2、忽略：ignoring_errors: True(推荐使用这个，会有报错信息，告诉你错误忽略，继续执行下面的命令)
[root@ansible ansible]# vim user6.yml
—
– hosts: cache
remote_user: root
vars:
user: bb
tasks:
– shell: setenforce 0
ignore_errors: True
– user:
name: “{{user}}”
group: root
password: “{{‘123456’ | password_hash(‘sha512’)}}”
– shell: chage -d 0 “{{user}}”
[root@ansible ansible]# ansible-playbook user6.yml
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [command] ****************************************************************
fatal: [cache]: FAILED! => {“changed”: true, “cmd”: “setenforce 0”, “delta”: “0:00:00.004198”, “end”: “2018-09-07 11:08:14.936959”, “msg”: “non-zero return code”, “rc”: 1, “start”: “2018-09-07 11:08:14.932761”, “stderr”: “setenforce: SELinux is disabled”, “stderr_lines”: [“setenforce: SELinux is disabled”], “stdout”: “”, “stdout_lines”: []}
…ignoring
TASK [user] *******************************************************************
changed: [cache]
TASK [command] ****************************************************************
changed: [cache]
PLAY RECAP ********************************************************************
cache : ok=4 changed=3 unreachable=0 failed=0
步骤二： handlers

关注的资源发生变化时采取的操作
1) 使用handlers来配置文件，重新载入配置文件让服务生效
[root@ansible ansible]# vim adhttp.yml
—
– hosts: cache
remote_user: root
tasks:
– copy:
src: /root/httpd.conf
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 0644
notify:
– restart httpd
handlers:
– name: restart httpd
service: name=httpd state=restarted
[root@ansible ansible]# ansible-playbook adhttp.yml
PLAY [cache] ******************************************************************
TASK [Gathering Facts] ********************************************************
ok: [cache]
TASK [copy] *******************************************************************
ok: [cache]
PLAY RECAP ********************************************************************
cache : ok=2 changed=0 unreachable=0 failed=0
[root@ansible ansible]# ssh cache apachectl -t
Syntax OK
[root@ansible ansible]# curl 192.168.1.56:8080
hello world
2）使用脚本调用变量更改服务
[root@ansible ansible]# vim adhttp2.yml
—
– hosts: cache
remote_user: root
vars:
server: httpd
tasks:
– copy:
src: /root/httpd.conf
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 0644
notify:
– restart “{{server}}”
handlers:
– name: restart “{{server}}”
service: name=httpd state=restarted
[root@ansible ansible]# ansible-playbook adhttp2.yml
PLAY [cache] ************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [cache]
TASK [copy] *************************************************************************************************************
ok: [cache]
PLAY RECAP **************************************************************************************************************
cache : ok=2 changed=0 unreachable=0 failed=0
[root@ansible ansible]#
4 案例4：编写playbook
4.1 问题

本案例要求：
把所有监听端口是8080的Apache服务全部停止
4.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：把监听端口是8080的Apache服务全部停止

[root@ansible ansible]# vim ad.yml
—
– hosts: cache
remote_user: root
tasks:
– shell: netstat -atunlp | awk ‘{print $4}’| awk ‘-F:’ ‘{print $2}’
register: result
– service:
name: httpd
state: stopped
[root@ansible ansible]# ansible-playbook ad.yml
PLAY [cache] ************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [cache]
TASK [command] **********************************************************************************************************
changed: [cache]
TASK [service] **********************************************************************************************************
changed: [cache]
PLAY RECAP **************************************************************************************************************
cache : ok=3 changed=2 unreachable=0 failed=0
步骤二：when条件判断

1）当系统负载超过0.7时，则关掉httpd
[root@ansible ansible]# vim when.yml
—
– hosts: cache
remote_user: root
tasks:
– shell: uptime | awk ‘{printf(“%.2f”,$(NF-2))}’
register: result
– service:
name: httpd
state: stopped
when: result.stdout|float > 0.7
[root@ansible ansible]# ansible-playbook when.yml
PLAY [cache] ************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [cache]
TASK [command] **********************************************************************************************************
changed: [cache]
TASK [service] **********************************************************************************************************
changed: [cache]
PLAY RECAP **************************************************************************************************************
cache : ok=3 changed=2 unreachable=0 failed=0
步骤三：with_items标准循环

1）为不同用户定义不同组
[root@ansible ansible]# vim add.yml
—
– hosts: web2
remote_user: root
tasks:
– user:
name: “{{item.name}}”
group: “{{item.group}}”
password: “{{‘123456’|password_hash(‘sha512′)}}”
with_items:
– {name: “aa”, group: “users”}
– {name: “bb”, group: “mail” }
– {name: “cc”, group: “wheel”}
– {name: “dd”, group: “root” }
[root@ansible ansible]# ansible-playbook add.yml
PLAY [web2] *************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [web2]
TASK [user] *************************************************************************************************************
changed: [web2] => (item={u’group’: u’users’, u’name’: u’aa’})
changed: [web2] => (item={u’group’: u’mail’, u’name’: u’bb’})
changed: [web2] => (item={u’group’: u’wheel’, u’name’: u’cc’})
changed: [web2] => (item={u’group’: u’root’, u’name’: u’dd’})
PLAY RECAP **************************************************************************************************************
web2 : ok=2 changed=1 unreachable=0 failed=0
2）嵌套循环，循环添加多用户
[root@ansible ansible]# vim add1.yml
—
– hosts: web2
remote_user: root
vars:
un: [a, b, c]
id: [1, 2, 3]
tasks:
– name: add users
shell: echo {{item}}
with_nested:
– “{{un}}”
– “{{id}}”
[root@ansible ansible]# ansible-playbook add1.yml
PLAY [web2] *************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [web2]
TASK [add users] ********************************************************************************************************
changed: [web2] => (item=[u’a’, 1])
changed: [web2] => (item=[u’a’, 2])
changed: [web2] => (item=[u’a’, 3])
changed: [web2] => (item=[u’b’, 1])
changed: [web2] => (item=[u’b’, 2])
changed: [web2] => (item=[u’b’, 3])
changed: [web2] => (item=[u’c’, 1])
changed: [web2] => (item=[u’c’, 2])
changed: [web2] => (item=[u’c’, 3])
PLAY RECAP **************************************************************************************************************
web2 : ok=2 changed=1 unreachable=0 failed=0
步骤四：tags给指定的任务定义一个调用标识

1）tags 样例
[root@ansible ansible]# vim adhttp.yml
—
– hosts: cache
remote_user: root
tasks:
– copy:
src: /root/httpd.conf
dest: /etc/httpd/conf/httpd.conf
owner: root
group: root
mode: 0644
tags: config_httpd
notify:
– restart httpd
handlers:
– name: restart httpd
service: name=httpd state=restarted
2）调用方式
[root@ansible ansible]# ansible-playbook adhttp.yml –tags=config_httpd
PLAY [cache] *****************************************************************
TASK [Gathering Facts] *******************************************************
ok: [cache]
TASK [copy] ******************************************************************
ok: [cache]
PLAY RECAP *******************************************************************
cache : ok=2 changed=0 unreachable=0 failed=0
3）include and roles
在编写playbook的时候随着项目越来越大，playbook越来越复杂。可以把一些play、task 或 handler放到其他文件中，通过包含进来是一个不错的选择
roles像是加强版的include，它可以引入一个项目的文件和目录
一般所需的目录层级有
vars：变量层
tasks：任务层
handlers：触发条件
files：文件
template：模板
default：默认，优先级最低
…
tasks:
– include: tasks/setup.yml
– include: tasks/users.yml user=plj
//users.yml 中可以通过{{ user }}来使用这些变量
handlers:
– include: handlers/handlers.yml
步骤五：debug检测

[root@ansible ansible]# ansible-playbook –syntax-check http.yml //检测语法
playbook: http.yml
[root@ansible ansible]# ansible-playbook -C http.yml //测试运行
[root@ansible ansible]# ansible-playbook http.yml –list-tasks
//显示要执行的工作
playbook: http.yml
play #1 (cache): cache TAGS: []
tasks:
install one specific version of Apache TAGS: []
lineinfile TAGS: []
replace TAGS: []
service TAGS: []
copy TAGS: []
[root@ansible ansible]# vim debug.yml
—
– hosts: cache
remote_user: root
tasks:
– shell: uptime |awk ‘{printf(“%f\n”,$(NF-2))}’
register: result
– shell: touch /tmp/isreboot
when: result.stdout|float > 0.5
– name: Show debug info
debug: var=result
[root@ansible ansible]# ansible-playbook debug.yml //运行
PLAY [cache] ************************************************************************************************************
TASK [Gathering Facts] **************************************************************************************************
ok: [cache]
TASK [command] **********************************************************************************************************
changed: [cache]
TASK [command] **********************************************************************************************************
skipping: [cache]
TASK [Show debug info] **************************************************************************************************
ok: [cache] => {
“result”: {
“changed”: true,
“cmd”: “uptime |awk ‘{printf(\”%f\\n\”,$(NF-2))}'”,
“delta”: “0:00:00.005905”,
“end”: “2018-09-07 12:57:51.371013”,
“failed”: false,
“rc”: 0,
“start”: “2018-09-07 12:57:51.365108”,
“stderr”: “”,
“stderr_lines”: [],
“stdout”: “0.000000”,
“stdout_lines”: [
“0.000000”
]
}
}
PLAY RECAP **************************************************************************************************************
cache : ok=3 changed=1 unreachable=0 failed=0

发表在 ansible | 标签为 ansible | 留下评论

Ansible_Day01基本安装和使用

发表于2018年10月22日由tim, arc

1 案例1：环境准备
1.1 问题

本案例要求准备ansible的基础环境：
启动6台虚拟机
禁用selinux和firewalld
编辑/etc/hosts
配置yum扩展源并在管理节点安装ansible
1.2 方案

此方案需要准备六台主机，1台管理主机，5台托管主机，以实现批量程序部署，批量运行命令等功能，具体要求如表-1所示：
表-1

1.3 步骤

实现此案例需要按照如下步骤进行。
步骤一：基础环境准备

1）启动6台虚拟机，由于已经讲过怎么创建，这里不再在案例里体现
2）真机配置yum仓库
[root@room9pc01 ~]# tar -xf ansible_soft.tar.xz
[root@room9pc01 ~]# cd ansible_soft/
[root@room9pc01 ansible_soft]# mkdir /var/ftp/ansible
[root@room9pc01 ansible_soft]# cp * /var/ftp/ansible
[root@room9pc01 ansible_soft]# createrepo /var/ftp/ansible
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 1 pkgs
Spawning worker 2 with 1 pkgs
Spawning worker 3 with 1 pkgs
Spawning worker 4 with 1 pkgs
Spawning worker 5 with 1 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
3）修改主机名（容易区分，6台机器都需要修改）这里以ansible主机为例子
[root@localhost ~]# echo ansible > /etc/hostname
[root@localhost ~]# hostname ansible
4）配置ip（6台机器都需要配置），这里以ansible主机为例子
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=192.168.1.51
PREFIX=24
GATEWAY=192.168.1.254
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.51 netmask 255.255.255.0 broadcast 192.168.1.255
ether 52:54:00:b2:69:9e txqueuelen 1000 (Ethernet)
RX packets 234 bytes 16379 (15.9 KiB)
RX errors 0 dropped 36 overruns 0 frame 0
TX packets 31 bytes 2618 (2.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
5）配置yum客户端，在管理节点ansible上面配置
[root@ansible ~]# vim /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[local]
name=local
baseurl=”ftp://192.168.1.254/ansible”
enabled=1
gpgcheck=0
[root@ansible ~]# yum clean all
[root@ansible ~]# yum repolist
[root@ansible ~]# yum -y install ansible
[root@ansible ~]# ansible –version
ansible 2.4.2.0 //显示版本说明安装成功
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]
6）请在6台主机上面配置/etc/hosts，这里以ansible主机为例子
[root@ansible ansible]# cat /etc/hosts
192.168.1.51 ansible
192.168.1.52 web1
192.168.1.53 web2
192.168.1.54 db1
192.168.1.55 db2
192.168.1.56 cache

6台机器名及IP的分配如下

ansible 192.168.1.51 管理主机
web1 192.168.1.52 托管主机
web2 192.168.1.53 托管主机
db1 192.168.1.54 托管主机
db2 192.168.1.55 托管主机
cache 192.168.1.56 托管主机

代码如下
把5台虚拟机先创建好，具体的代码就不贴了，就贴个步骤，本案例5台虚拟机改下名称就行了
[root@room9pc52 qemu]# sed ‘s/node/node51/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node51.xml
[root@room9pc52 qemu]# sed ‘s/node/node52/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node52.xml
[root@room9pc52 qemu]# sed ‘s/node/node53/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node53.xml
[root@room9pc52 qemu]# sed ‘s/node/node54/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node54.xml
[root@room9pc52 qemu]# sed ‘s/node/node55/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node55.xml
[root@room9pc52 ~]# cd /var/lib/libvirt/images/
[root@room9pc52 images]# pwd
/var/lib/libvirt/images

[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node51.img
Formatting ‘node51.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node52.img
Formatting ‘node52.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node53.img
Formatting ‘node53.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node54.img
Formatting ‘node54.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node55.img
Formatting ‘node55.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# ll -h node5*
-rw-r–r– 1 root root 193K 10月 19 10:03 node51.img
-rw-r–r– 1 root root 193K 10月 19 10:03 node52.img
-rw-r–r– 1 root root 193K 10月 19 10:03 node53.img
-rw-r–r– 1 root root 193K 10月 19 10:03 node54.img
-rw-r–r– 1 root root 193K 10月 19 10:03 node55.img

我刚才创建的前端镜像名叫*.img，但是模板里面是*.qcow2，所以模板要改一下
[root@room9pc52 images]# cd /etc/libvirt/qemu/
[root@room9pc52 qemu]# vim node51.xml
[root@room9pc52 qemu]# vim node52.xml
[root@room9pc52 qemu]# vim node53.xml
[root@room9pc52 qemu]# vim node54.xml
[root@room9pc52 qemu]# vim node55.xml
[root@room9pc52 qemu]# virsh define node51.xml
定义域 node51（从 node51.xml）

[root@room9pc52 qemu]# virsh define node52.xml
定义域 node52（从 node52.xml）

[root@room9pc52 qemu]# virsh define node53.xml
定义域 node53（从 node53.xml）

[root@room9pc52 qemu]# virsh define node54.xml
定义域 node54（从 node54.xml）

[root@room9pc52 qemu]# virsh define node55.xml
定义域 node55（从 node55.xml）

[root@room9pc52 qemu]#
[root@room9pc52 qemu]# virsh start node51
域 node51 已开始

[root@room9pc52 qemu]# virsh start node52
域 node52 已开始

[root@room9pc52 qemu]# virsh start node53
域 node53 已开始

[root@room9pc52 qemu]# virsh start node54
域 node54 已开始

[root@room9pc52 qemu]# virsh start node55
域 node55 已开始

在真机上配置好本地yum源
[root@room9pc52 ansible 1]# tar -xf ansible_soft.tar.xz
[root@room9pc52 ansible 1]# cd ansible_soft/
[root@room9pc52 ansible_soft]# ll -h
总用量 8.6M
-rw-r–r– 1 root root 7.6M 1月 30 2018 ansible-2.4.2.0-2.el7.noarch.rpm
-rw-r–r– 1 root root 39K 10月 25 2017 python2-jmespath-0.9.0-3.el7.noarch.rpm
-rw-r–r– 1 root root 116K 9月 22 2017 python-httplib2-0.9.2-1.el7.noarch.rpm
-rw-r–r– 1 root root 269K 4月 4 2018 python-paramiko-2.1.1-4.el7.noarch.rpm
-rw-r–r– 1 root root 489K 9月 8 2017 python-passlib-1.6.5-2.el7.noarch.rpm
-rw-r–r– 1 root root 22K 9月 8 2017 sshpass-1.06-2.el7.x86_64.rpm
[root@room9pc52 ansible_soft]# mkdir /var/ftp/ansible
[root@room9pc52 ansible_soft]# cp * /var/ftp/ansible
[root@room9pc52 ansible_soft]# createrepo /var/ftp/ansible
Spawning worker 0 with 2 pkgs
Spawning worker 1 with 2 pkgs
Spawning worker 2 with 1 pkgs
Spawning worker 3 with 1 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@room9pc52 ansible_soft]# ll /var/ftp/ansible
总用量 8732
-rw-r–r– 1 root root 7968876 10月 19 10:26 ansible-2.4.2.0-2.el7.noarch.rpm
-rw-r–r– 1 root root 39576 10月 19 10:26 python2-jmespath-0.9.0-3.el7.noarch.rpm
-rw-r–r– 1 root root 117968 10月 19 10:26 python-httplib2-0.9.2-1.el7.noarch.rpm
-rw-r–r– 1 root root 274640 10月 19 10:26 python-paramiko-2.1.1-4.el7.noarch.rpm
-rw-r–r– 1 root root 500108 10月 19 10:26 python-passlib-1.6.5-2.el7.noarch.rpm
drwxr-xr-x 2 root root 4096 10月 19 10:26 repodata
-rw-r–r– 1 root root 21896 10月 19 10:26 sshpass-1.06-2.el7.x86_64.rpm
[root@room9pc52 ansible_soft]#

（刚才少创建了1台虚拟机56，现在补上）
[root@room9pc52 qemu]# sed ‘s/node/node56/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/node56.xml
[root@room9pc52 qemu]# cd /var/lib/libvirt/images/
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node56.qcow2
Formatting ‘node56.qcow2′, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# cd /etc/libvirt/qemu/
[root@room9pc52 qemu]# virsh define node56.xml
定义域 node56（从 node56.xml）

[root@room9pc52 qemu]# virsh start node56
域 node56 已开始

挨个登陆虚拟机，配置主机名、YUM源、IP地址
以node51为例，其它主机也要配置
[root@localhost ~]# cat /etc/hostname
ansible
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
TYPE=Ethernet
BOOTPROTO=”static”
IPADDR=192.168.1.51
PREFIX=24
GATEWAY=192.168.1.254
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.51 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe3c:4de6 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:3c:4d:e6 txqueuelen 1000 (Ethernet)
RX packets 755 bytes 50490 (49.3 KiB)
RX errors 0 dropped 12 overruns 0 frame 0
TX packets 137 bytes 11204 (10.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
配置yum源
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo dvd.repo
[root@localhost yum.repos.d]# rm -rf dvd.repo
[root@localhost yum.repos.d]# cat local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[local]
name=local
baseurl=”ftp://192.168.1.254/ansible”
enabled=1
gpgcheck=0
[root@localhost yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base extras local local_repo updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
[root@localhost yum.repos.d]# yum repolist
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
local | 2.9 kB 00:00
local_repo | 3.6 kB 00:00
updates | 3.4 kB 00:00
(1/7): local/primary_db | 5.2 kB 00:00
(2/7): local_repo/group_gz | 156 kB 00:00
(3/7): local_repo/primary_db | 5.7 MB 00:00
(4/7): base/7/x86_64/group_gz | 166 kB 00:12
(5/7): extras/7/x86_64/primary_db | 204 kB 00:14
(6/7): updates/7/x86_64/primary_db | 6.0 MB 00:39
(7/7): base/7/x86_64/primary_db | 5.9 MB 00:59
Determining fastest mirrors
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.cn99.com
repo id repo name status
base/7/x86_64 CentOS-7 – Base 9,911
extras/7/x86_64 CentOS-7 – Extras 432
local local 6
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,561
repolist: 21,501

其他机器同样配置好yum源
[root@ansible ~]# for i in 52 53 54 55 56 ;do scp /etc/yum.repos.d/local.repo 192.168.1.$i:/etc/yum.repos.d/ ;done
local.repo 100% 180 109.7KB/s 00:00
local.repo 100% 180 86.1KB/s 00:00
local.repo 100% 180 92.8KB/s 00:00
local.repo 100% 180 91.8KB/s 00:00
local.repo 100% 180 112.7KB/s 00:00

安装ansible
[root@localhost yum.repos.d]# yum install -y ansible
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.cn99.com
Resolving Dependencies
–> Running transaction check
—> Package ansible.noarch 0:2.4.2.0-2.el7 will be installed
–> Processing Dependency: sshpass for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python2-jmespath for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-six for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-setuptools for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-passlib for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-paramiko for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-jinja2 for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-httplib2 for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: python-cryptography for package: ansible-2.4.2.0-2.el7.noarch
–> Processing Dependency: PyYAML for package: ansible-2.4.2.0-2.el7.noarch
–> Running transaction check
—> Package PyYAML.x86_64 0:3.10-11.el7 will be installed
–> Processing Dependency: libyaml-0.so.2()(64bit) for package: PyYAML-3.10-11.el7.x86_64
—> Package python-httplib2.noarch 0:0.9.2-1.el7 will be installed
—> Package python-jinja2.noarch 0:2.7.2-2.el7 will be installed
–> Processing Dependency: python-babel >= 0.8 for package: python-jinja2-2.7.2-2.el7.noarch
–> Processing Dependency: python-markupsafe for package: python-jinja2-2.7.2-2.el7.noarch
—> Package python-paramiko.noarch 0:2.1.1-4.el7 will be installed
–> Processing Dependency: python2-pyasn1 for package: python-paramiko-2.1.1-4.el7.noarch
—> Package python-passlib.noarch 0:1.6.5-2.el7 will be installed
—> Package python-setuptools.noarch 0:0.9.8-7.el7 will be installed
–> Processing Dependency: python-backports-ssl_match_hostname for package: python-setuptools-0.9.8-7.el7.noarch
—> Package python-six.noarch 0:1.9.0-2.el7 will be installed
—> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed
–> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64
–> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64
–> Processing Dependency: python-ipaddress for package: python2-cryptography-1.7.2-2.el7.x86_64
–> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64
—> Package python2-jmespath.noarch 0:0.9.0-3.el7 will be installed
—> Package sshpass.x86_64 0:1.06-2.el7 will be installed
–> Running transaction check
—> Package libyaml.x86_64 0:0.1.4-11.el7_0 will be installed
—> Package python-babel.noarch 0:0.9.6-8.el7 will be installed
—> Package python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7 will be installed
–> Processing Dependency: python-backports for package: python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch
—> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed
–> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64
—> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed
—> Package python-idna.noarch 0:2.4-1.el7 will be installed
—> Package python-ipaddress.noarch 0:1.0.16-2.el7 will be installed
—> Package python-markupsafe.x86_64 0:0.11-10.el7 will be installed
—> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed
–> Running transaction check
—> Package python-backports.x86_64 0:1.0-8.el7 will be installed
—> Package python-pycparser.noarch 0:2.14-1.el7 will be installed
–> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch
–> Running transaction check
—> Package python-ply.noarch 0:3.4-11.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
ansible noarch 2.4.2.0-2.el7 extras 7.6 M
Installing for dependencies:
PyYAML x86_64 3.10-11.el7 base 153 k
libyaml x86_64 0.1.4-11.el7_0 base 55 k
python-babel noarch 0.9.6-8.el7 base 1.4 M
python-backports x86_64 1.0-8.el7 base 5.8 k
python-backports-ssl_match_hostname noarch 3.5.0.1-1.el7 base 13 k
python-cffi x86_64 1.6.0-5.el7 base 218 k
python-enum34 noarch 1.0.4-1.el7 base 52 k
python-httplib2 noarch 0.9.2-1.el7 extras 115 k
python-idna noarch 2.4-1.el7 base 94 k
python-ipaddress noarch 1.0.16-2.el7 base 34 k
python-jinja2 noarch 2.7.2-2.el7 base 515 k
python-markupsafe x86_64 0.11-10.el7 base 25 k
python-paramiko noarch 2.1.1-4.el7 extras 268 k
python-passlib noarch 1.6.5-2.el7 extras 488 k
python-ply noarch 3.4-11.el7 base 123 k
python-pycparser noarch 2.14-1.el7 base 104 k
python-setuptools noarch 0.9.8-7.el7 base 397 k
python-six noarch 1.9.0-2.el7 base 29 k
python2-cryptography x86_64 1.7.2-2.el7 base 502 k
python2-jmespath noarch 0.9.0-3.el7 extras 39 k
python2-pyasn1 noarch 0.1.9-7.el7 base 100 k
sshpass x86_64 1.06-2.el7 extras 21 k

Transaction Summary
================================================================================
Install 1 Package (+22 Dependent packages)

Total download size: 1 : python-passlib-1.6.5-2.el7.noarch.rpm | 488 kB 00:02
——————————————————————————–
Total 2.7 MB/s | 12 MB 00:04
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/23
Installing : python-ipaddress-1.0.16-2.el7.noarch 2/23
Installing : python-six-1.9.0-2.el7.noarch 3/23
Installing : python-httplib2-0.9.2-1.el7.noarch 4/23
Installing : python-enum34-1.0.4-1.el7.noarch 5/23
Installing : libyaml-0.1.4-11.el7_0.x86_64 6/23
Installing : PyYAML-3.10-11.el7.x86_64 7/23
Installing : python-backports-1.0-8.el7.x86_64 8/23
Installing : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 9/23
Installing : python-setuptools-0.9.8-7.el7.noarch 10/23
Installing : python-babel-0.9.6-8.el7.noarch 11/23
Installing : python-passlib-1.6.5-2.el7.noarch 12/23
Installing : python-ply-3.4-11.el7.noarch 13/23
Installing : python-pycparser-2.14-1.el7.noarch 14/23
Installing : python-cffi-1.6.0-5.el7.x86_64 15/23
Installing : python-markupsafe-0.11-10.el7.x86_64 16/23
Installing : python-jinja2-2.7.2-2.el7.noarch 17/23
Installing : python-idna-2.4-1.el7.noarch 18/23
Installing : python2-cryptography-1.7.2-2.el7.x86_64 19/23
Installing : python-paramiko-2.1.1-4.el7.noarch 20/23
Installing : sshpass-1.06-2.el7.x86_64 21/23
Installing : python2-jmespath-0.9.0-3.el7.noarch 22/23
Installing : ansible-2.4.2.0-2.el7.noarch 23/23
Verifying : python-jinja2-2.7.2-2.el7.noarch 1/23
Verifying : python-backports-ssl_match_hostname-3.5.0.1-1.el7.noarch 2/23
Verifying : python2-jmespath-0.9.0-3.el7.noarch 3/23
Verifying : sshpass-1.06-2.el7.x86_64 4/23
Verifying : python-setuptools-0.9.8-7.el7.noarch 5/23
Verifying : python-six-1.9.0-2.el7.noarch 6/23
Verifying : python-idna-2.4-1.el7.noarch 7/23
Verifying : python-markupsafe-0.11-10.el7.x86_64 8/23
Verifying : python-ply-3.4-11.el7.noarch 9/23
Verifying : python-passlib-1.6.5-2.el7.noarch 10/23
Verifying : python-babel-0.9.6-8.el7.noarch 11/23
Verifying : python-paramiko-2.1.1-4.el7.noarch 12/23
Verifying : python-backports-1.0-8.el7.x86_64 13/23
Verifying : python-cffi-1.6.0-5.el7.x86_64 14/23
Verifying : python-pycparser-2.14-1.el7.noarch 15/23
Verifying : libyaml-0.1.4-11.el7_0.x86_64 16/23
Verifying : ansible-2.4.2.0-2.el7.noarch 17/23
Verifying : python-ipaddress-1.0.16-2.el7.noarch 18/23
Verifying : python-enum34-1.0.4-1.el7.noarch 19/23
Verifying : python-httplib2-0.9.2-1.el7.noarch 20/23
Verifying : python2-pyasn1-0.1.9-7.el7.noarch 21/23
Verifying : PyYAML-3.10-11.el7.x86_64 22/23
Verifying : python2-cryptography-1.7.2-2.el7.x86_64 23/23

Installed:
ansible.noarch 0:2.4.2.0-2.el7

Dependency Installed:
PyYAML.x86_64 0:3.10-11.el7
libyaml.x86_64 0:0.1.4-11.el7_0
python-babel.noarch 0:0.9.6-8.el7
python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7
python-cffi.x86_64 0:1.6.0-5.el7
python-enum34.noarch 0:1.0.4-1.el7
python-httplib2.noarch 0:0.9.2-1.el7
python-idna.noarch 0:2.4-1.el7
python-ipaddress.noarch 0:1.0.16-2.el7
python-jinja2.noarch 0:2.7.2-2.el7
python-markupsafe.x86_64 0:0.11-10.el7
python-paramiko.noarch 0:2.1.1-4.el7
python-passlib.noarch 0:1.6.5-2.el7
python-ply.noarch 0:3.4-11.el7
python-pycparser.noarch 0:2.14-1.el7
python-setuptools.noarch 0:0.9.8-7.el7
python-six.noarch 0:1.9.0-2.el7
python2-cryptography.x86_64 0:1.7.2-2.el7
python2-jmespath.noarch 0:0.9.0-3.el7
python2-pyasn1.noarch 0:0.1.9-7.el7
sshpass.x86_64 0:1.06-2.el7

Complete!
确认一下ansible安装完成
[root@localhost yum.repos.d]# ansible –version
ansible 2.4.2.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]

然后在6台主机上都配置hosts
[root@localhost yum.repos.d]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.51 ansible
192.168.1.52 web1
192.168.1.53 web2
192.168.1.54 db1
192.168.1.55 db2
192.168.1.56 cache

配置好免密登陆，6台主机都要做好
[root@cache ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:UpwSw0qKAn6BFYmxsLEQOECUF33ZMT/FVf2s3p+2kEE root@cache
The key’s randomart image is:
+—[RSA 2048]—-+
|@=*+=.o oo. ….+|
|*B.+…* oo .. .|
|=+.o..o + o E ..|
|o…. o o o|
|. . . S . . |
| . + |
| + . |
| o.o|
| .o+|
+—-[SHA256]—–+
[root@cache ~]#
[root@cache ~]#
[root@cache ~]# for i in 51 52 53 54 55 56;do ssh-copy-id 192.168.1.$i;done
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.51 (192.168.1.51)’ can’t be established.
ECDSA key fingerprint is SHA256:VukYDuqTUky93mbDoL/7WPAM6PvQ05R3xYae7JinddU.
ECDSA key fingerprint is MD5:6e:94:23:bf:32:01:47:72:a5:d4:5b:93:75:04:f5:f4.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.51’”
and check to make sure that only the key(s) you wanted were added.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.52 (192.168.1.52)’ can’t be established.
ECDSA key fingerprint is SHA256:aY08I9sIdWG6kBkovQIjmtpLw1/ZWh2Fl4VlLK3zCto.
ECDSA key fingerprint is MD5:96:40:4f:68:c5:8a:ee:dd:d9:38:99:03:51:ca:c7:34.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.52’”
and check to make sure that only the key(s) you wanted were added.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.53 (192.168.1.53)’ can’t be established.
ECDSA key fingerprint is SHA256:pHxO2IbX3qHtbvUkZylqOxgWiYFSJJZKbc3CziKNkqw.
ECDSA key fingerprint is MD5:81:61:15:83:6c:09:f4:41:e2:c5:01:00:fe:24:96:55.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.53’”
and check to make sure that only the key(s) you wanted were added.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.54 (192.168.1.54)’ can’t be established.
ECDSA key fingerprint is SHA256:6QMsdZy5v54ZwrVCnM0HmMs6GkisjYO15U0SapxPEMU.
ECDSA key fingerprint is MD5:96:ed:7d:76:28:43:b9:29:32:b2:b8:33:ad:22:b0:4a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.54’”
and check to make sure that only the key(s) you wanted were added.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.55 (192.168.1.55)’ can’t be established.
ECDSA key fingerprint is SHA256:/dd+4S4Nql02kVMpsFftbkUEKu0s8obXFPyLHIEmNOI.
ECDSA key fingerprint is MD5:26:0d:38:05:9f:73:3c:b7:33:7b:6b:9d:42:34:10:a0.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.55’”
and check to make sure that only the key(s) you wanted were added.

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.1.56 (192.168.1.56)’ can’t be established.
ECDSA key fingerprint is SHA256:I3NbgSWe/ruEhXCHgUAjVkvohx8Fss0nyjdKLrA+IgA.
ECDSA key fingerprint is MD5:cd:c7:4c:ba:d8:b8:2c:75:8d:88:2e:c3:11:7d:f3:3f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
[email protected]’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘192.168.1.56’”
and check to make sure that only the key(s) you wanted were added.

2 案例2：主机定义与分组：
2.1 问题

本案例要求：
熟悉ansible配置文件
定义主机，分组和子组练习
自定义文件，多配置路径练习
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：ansible.cfg配置文件

[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# ls
ansible.cfg hosts roles
[root@ansible ansible]# vim ansible.cfg
#inventory = /etc/ansible/hosts //指定分组文件路径，主机的分组文件hosts
[selinux] //组名称，selinux的相关选项在这个下面配置
…
[colors] //组名称，colors的相关选项在这个下面配置
…
步骤二：定义主机，分组和子组练习

1）静态主机的定义
[root@ansible ansible]# vim hosts
[web]
web1
web2
[db]
db[1:2] //1:2为db1到db2两台主机，1:20为db1到db20多台主机
[other]
cache
[root@ansible ansible]# ansible web –list-host //显示web组的主机
hosts (2):
web1
web2
[root@ansible ansible]# ansible db –list-host
hosts (2):
db1
db2
[root@ansible ansible]# ansible other –list-host
hosts (1):
cache
[root@ansible ansible]# ansible all –list-host //显示所有组的主机
hosts (5):
web1
web2
cache
db1
db2
2）直接测试
[root@ansible ansible]# ansible cache -m ping
//测试是否可以连接，若失败颜色为红色
cache | UNREACHABLE! => {
“changed”: false,
“msg”: “Failed to connect to the host via ssh: ssh: Could not resolve hostname cache: Name or service not known\r\n”,
“unreachable”: true
}
3）修改后测试
[root@ansible ansible]# vi hosts
[other]
cache ansible_ssh_user=”root” ansible_ssh_pass=”a”
[root@ansible ansible]# ansible other -m ping //测试成功，颜色为绿色
cache | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
4）不检测主机的sshkey，在第一次连接的时候不用输入yes
[root@ansible ansible]# vim ansible.cfg
61 host_key_checking = False
[root@ansible ansible]# vim hosts
[web]
web1
web2
[web:vars] //web组:变量(vars不改)，web组的多台机器共用一个用户名和密码
ansible_ssh_user=”root”
ansible_ssh_pass=”a”
[root@ansible ansible]# ansible web -m ping
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
步骤三：定义子组

[root@ansible ansible]# vi hosts
[app:children] //指定子分组(app可改:children不改)，web，db是提前分好的组
web
db
[app:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”a”
[root@ansible ansible]# ansible app –list-host //查看
hosts (4):
web1
web2
db1
db2
[root@ansible ansible]# ansible app -m ping //测试
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
步骤四：多路径练习

自定义的ansible文件只在当前路径生效
1）多路径
[root@ansible ~]# mkdir aaa
[root@ansible ~]# cd aaa/
[root@ansible aaa]# vim myhost
[app1]
web1
db1
[app2]
web2
db2
[app:children]
app1
app2
[other]
cache
[app:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”a”
[root@ansible aaa]# touch ansible.cfg
[root@ansible aaa]# grep -Ev “^#|^$” /etc/ansible/ansible.cfg
[defaults]
roles_path = /etc/ansible/roles:/usr/share/ansible/roles
host_key_checking = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]
[root@ansible aaa]# vim ansible.cfg
[defaults]
inventory = myhost
host_key_checking = False
2）测试结果
[root@ansible aaa]# ansible app1 -m ping
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible aaa]# ansible app -m ping
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible aaa]# ansible app –list-host
hosts (4):
web1
db1
web2
db2
[root@ansible aaa]# cd
[root@ansible ~]# ansible app1 –list-host //切换到别的目录，测试失败
[WARNING]: Could not match supplied host pattern, ignoring: app1
[WARNING]: No hosts matched, nothing to do
hosts (0):

代码如下
进入ansible配置目录，编写和查看配置文件
[root@ansible ~]# cd /etc/ansible/
[root@ansible ansible]# ls
ansible.cfg hosts roles
[root@ansible ansible]# vim ansible.cfg
[root@ansible ansible]# vim hosts

[web]
web1
web2

[db]
db[1:2]

[other]
cache

[root@ansible ansible]# ansible web –list-host
hosts (2):
web1
web2
[root@ansible ansible]# ansible db –list-host
hosts (2):
db1
db2
[root@ansible ansible]# ansible other –list-host
hosts (1):
cache
[root@ansible ansible]# ansible all –list-host
hosts (5):
web1
web2
cache
db1
db2

ping测试
分别ping一下cache 和 db1 主机
[root@ansible ansible]# ansible cache -m ping
The authenticity of host ‘cache (192.168.1.56)’ can’t be established.
ECDSA key fingerprint is SHA256:I3NbgSWe/ruEhXCHgUAjVkvohx8Fss0nyjdKLrA+IgA.
ECDSA key fingerprint is MD5:cd:c7:4c:ba:d8:b8:2c:75:8d:88:2e:c3:11:7d:f3:3f.
Are you sure you want to continue connecting (yes/no)? yes
cache | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible ansible]# ansible db1 -m ping
The authenticity of host ‘db1 (192.168.1.54)’ can’t be established.
ECDSA key fingerprint is SHA256:6QMsdZy5v54ZwrVCnM0HmMs6GkisjYO15U0SapxPEMU.
ECDSA key fingerprint is MD5:96:ed:7d:76:28:43:b9:29:32:b2:b8:33:ad:22:b0:4a.
Are you sure you want to continue connecting (yes/no)? yes
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible ansible]#

不检测主机的sshkey，第一次连接的时候不用输入yes
[root@ansible ansible]# vim ansible.cfg
61 host_key_checking = False

[root@ansible ansible]# grep -v “^#” hosts | grep -v “^$”
[web]
web1
web2
[web:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”123456″
[db]
db[1:2]
[other]
cache

重新测试一下，就不用输入密码也不用输入yes了
[root@ansible ansible]# ansible web -m ping
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible ansible]#

增加一个app组，然后测试一下
[root@ansible ansible]# grep -v “^#” hosts | grep -v “^$”
[web]
web1
web2
[web:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”123456″
[db]
db[1:2]
[other]
cache
[app:children]
web
db
[app:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”123456″
列出，并测试连通性
[root@ansible ansible]# ansible app –list-host
hosts (4):
web1
web2
db1
db2
[root@ansible ansible]# ansible app -m ping
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

换一个目录创建配置文件
[root@ansible ansible]# cd
[root@ansible ~]# mkdir aaa
[root@ansible ~]# cd aaa/
[root@ansible aaa]# vim myhost
[root@ansible aaa]# grep -v “^#” myhost | grep -v “^$”
[app1]
web1
db1
[app2]
web2
db2
[app:children]
app1
app2
[other]
cache
[app:vars]
ansible_ssh_user=”root”
ansible_ssh_pass=”123456″
先看一眼默认目录下的cfg配置文件是怎么写的
[root@ansible aaa]# grep -Ev “^#|^$” /etc/ansible/ansible.cfg
[defaults]
roles_path = /etc/ansible/roles:/usr/share/ansible/roles
host_key_checking = False
[inventory]
[privilege_escalation]
[paramiko_connection]
[ssh_connection]
[persistent_connection]
[accelerate]
[selinux]
[colors]
[diff]
[root@ansible aaa]#
[root@ansible aaa]# vim ansible.cfg
然后我们自己写一个
[root@ansible aaa]# cat ansible.cfg
[defaults]
inventory = myhost
host_key_checking = False

测试一下
[root@ansible aaa]# ansible app1 -m ping
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible aaa]# ansible app -m ping
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
[root@ansible aaa]# ansible app –list-host
hosts (4):
web1
db1
web2
db2
如果切换了目录就失败了，说明要在配置文件的目录下执行命令
[root@ansible aaa]# cd
[root@ansible ~]# ansible app1 –list-host
[WARNING]: Could not match supplied host pattern, ignoring: app1

[WARNING]: No hosts matched, nothing to do

hosts (0):

3 案例3：动态主机
3.1 问题

本案例要求：
脚本输出主机列表
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：脚本输出主机列表

[root@ansible ~]# cd aaa
[root@ansible aaa]# vim host.py
#!/usr/bin/python
import json
hostlist = {}
hostlist[“bb”] = [“192.168.1.52”, “192.168.1.53”]
hostlist[“192.168.1.54”] = {
“ansible_ssh_user”:”root”,”ansible_ssh_pass”:”pwd”
}
hostlist[“aa”] = {
“hosts” : [“192.168.1.55”, “192.168.1.56”],
“vars” : {
“ansible_ssh_user”:”root”,”ansible_ssh_pass”:”pwd”
}
}
print(json.dumps(hostlist))
[root@ansible aaa]# chmod 755 ./host.py
步骤二：脚本输出样例（这样写输出的结果有些乱）

[root@ansible aaa]# ./host.py
{“aa”: {“hosts”: [“192.168.1.55”, “192.168.1.56”], “vars”: {“ansible_ssh_user”: “root”, “ansible_ssh_pass”: “a”}}, “192.168.1.54”: {“ansible_ssh_user”: “root”, “ansible_ssh_pass”: “a”}, “bb”: [“192.168.1.52”, “192.168.1.53”]}
步骤三：可以用shell脚本输出

[root@ansible aaa]# vim my.sh
#!/bin/bash
echo ‘
{ “aa”: {
“hosts”:
[“192.168.1.55”, “192.168.1.56”],
“vars”: {
“ansible_ssh_user”: “root”,
“ansible_ssh_pass”: “a”}
},
}’
[root@ansible aaa]# chmod 755 my.sh
[root@ansible aaa]# ./my.sh
{ “aa”: {
“hosts”:
[“192.168.1.55”, “192.168.1.56”],
“vars”: {
“ansible_ssh_user”: “root”,
“ansible_ssh_pass”: “a”}
},
}
[root@ansible aaa]# vim ansible.cfg
[defaults]
inventory = my.sh
host_key_checking = False
[root@ansible aaa]# ansible aa -m ping
192.168.1.55 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.1.56 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
步骤二：批量执行

代码如下
1、用脚本输出主机列表
[root@ansible ~]# cd aaa/
[root@ansible aaa]# pwd
/root/aaa
[root@ansible aaa]# vim host.py
[root@ansible aaa]# cat host.py
#!/usr/bin/python
import json
hostlist = {}
hostlist[“bb”] = [“192.168.1.52”, “192.168.1.53”]
hostlist[“192.168.1.54”] = {
“ansible_ssh_user”:”root”,”ansible_ssh_pass”:”pwd”
}
hostlist[“aa”] = {
“hosts” : [“192.168.1.55”, “192.168.1.56”],
“vars” : {
“ansible_ssh_user”:”root”,”ansible_ssh_pass”:”pwd”
}
}
print(json.dumps(hostlist))

[root@ansible aaa]# chmod 755 ./host.py
[root@ansible aaa]# ll -h host.py
-rwxr-xr-x 1 root root 392 10月 20 09:26 host.py

2、用脚本输出主机列表，但是看不清，结果混乱
[root@ansible aaa]# ./host.py
{“aa”: {“hosts”: [“192.168.1.55”, “192.168.1.56”], “vars”: {“ansible_ssh_user”: “root”, “ansible_ssh_pass”: “pwd”}}, “192.168.1.54”: {“ansible_ssh_user”: “root”, “ansible_ssh_pass”: “pwd”}, “bb”: [“192.168.1.52”, “192.168.1.53”]}

3、也可以用脚本输出
注意我的主机的密码是123456，和上面的案例不一样
[root@ansible aaa]# vim my.sh

[root@ansible aaa]# cat my.sh
#!/bin/bash
echo ‘
{ “aa”: {
“hosts”:
[“192.168.1.55”, “192.168.1.56”],
“vars”: {
“ansible_ssh_user”: “root”,
“ansible_ssh_pass”: “123456”}
},
}’
[root@ansible aaa]# chmod 755 my.sh
[root@ansible aaa]# ./my.sh

{ “aa”: {
“hosts”:
[“192.168.1.55”, “192.168.1.56”],
“vars”: {
“ansible_ssh_user”: “root”,
“ansible_ssh_pass”: “123456”}
},
}
[root@ansible aaa]#
[root@ansible aaa]# vim ansible.cfg
[root@ansible aaa]# cat ansible.cfg
[defaults]
inventory = my.sh
host_key_checking = False
[root@ansible aaa]#

[root@ansible aaa]# ansible aa -m ping
192.168.1.56 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
192.168.1.55 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

步骤二、批量执行命令
先把主机配置文件改回去，不用脚本，用myhost
[root@ansible aaa]# cat ansible.cfg
[defaults]
inventory = myhost
host_key_checking = False
1、查看负载
[root@ansible aaa]# ansible app -m command -a ‘uptime’
db1 | SUCCESS | rc=0 >>
09:32:45 up 22:28, 2 users, load average: 0.00, 0.01, 0.05

web1 | SUCCESS | rc=0 >>
09:32:46 up 22:28, 2 users, load average: 0.00, 0.01, 0.05

db2 | SUCCESS | rc=0 >>
09:32:46 up 22:28, 2 users, load average: 0.00, 0.01, 0.05

web2 | SUCCESS | rc=0 >>
09:32:46 up 22:28, 2 users, load average: 0.04, 0.03, 0.05

[root@ansible aaa]#
2、查看时间
[root@ansible aaa]# ansible app -m command -a ‘date +%F\ %T’
db1 | SUCCESS | rc=0 >>
2018-10-20 09:34:10

db2 | SUCCESS | rc=0 >>
2018-10-20 09:34:10

web1 | SUCCESS | rc=0 >>
2018-10-20 09:34:10

web2 | SUCCESS | rc=0 >>
2018-10-20 09:34:10

[root@ansible aaa]#

批量部署密钥
先把之前的改动都改回去
[root@ansible aaa]# cd /root/.ssh/
[root@ansible .ssh]# vim /etc/ansible/hosts
[root@ansible .ssh]# grep -v “^#” /etc/ansible/hosts | grep -v “^$”
[web]
web1
web2
[db]
db[1:2]
[other]
cache

因为我之前做了免密，所以Ping都成功了，实际上是不成功的
[root@ansible .ssh]# ansible all -m ping
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
cache | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

部署密钥，并测试
[root@ansible .ssh]# ansible all -m authorized_keys -a “user=root exclusive=true manage_dir=true key=’$(< /root/.ssh/id_rsa.pub)'” -k
SSH password:

[root@ansible .ssh]# ansible all -m ping
web2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db2 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
cache | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
db1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}

5 案例5：练习模块
5.1 问题

本案例要求：
练习使用command , shell , raw, script模块
5.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：练习模块

ansible-doc //模块的手册，相当于man
ansible-doc -l //列出所有模块
ansible-doc 模块名 //查看指定模块的帮助信息
1）ping模块
[root@ansible .ssh]# ansible web1 -m ping
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
2）command模块
[root@ansible .ssh]# ansible web1 -m command -a ‘chdir=/tmp touch f1’ //创建成功
[root@web1 ~]# cd /tmp/
[root@web1 tmp]# ls //在web1上面查看
f1
3）shell模块
[root@ansible .ssh]# ansible web1 -m shell -a ‘chdir=/tmp touch f2’ //创建成功
[root@web1 ~]# cd /tmp/
[root@web1 tmp]# ls //在web1上面查看
f2
4）raw模块
[root@ansible .ssh]# ansible web1 -m raw -a ‘chdir=/tmp touch f3’
//文件可以创建，但无法切换目录，文件在用户家目录下生成
web1 | SUCCESS | rc=0 >>
Shared connection to web1 closed.
[root@web1 tmp]# cd /root/
[root@web1 ~]# ls //在web1上面查看
f3
5）script模块
对于太复杂的命令，可以写个脚本，然后用script模块执行
在web1主机上创建zhangsan3用户，修改zhangsan3的密码为123456，设置zhangsan3第一次登陆必须修改密码
用命令写：
[root@ansible .ssh]# ansible web1 -m shell -a ‘useradd zhangsan3’
[root@ansible .ssh]# ansible web1 -m shell -a ‘echo 123456 | passwd –stdin zhangsan3’
[root@ansible .ssh]# ssh -l zhangsan3 web1
zhangsan3@web1’s password: //输入zhangsan3的密码
[root@ansible .ssh]# ansible web1 -m shell -a ‘chage -d 0 zhangsan3’
[root@ansible .ssh]# ssh -l zhangsan3 web1
用脚本写，script模块执行：
[root@ansible .ssh]# vim user.sh
#!/bin/bash
useradd zhangsan3
echo 123456 | passwd –stdin zhangsan3
chage -d 0 zhangsan3
echo
[root@ansible .ssh]# ansible web1 -m script -a ‘./user.sh’
web1 | SUCCESS => {
“changed”: true,
“rc”: 0,
“stderr”: “Shared connection to web1 closed.\r\n”,
“stdout”: “Changing password for user zhangsan3.\r\npasswd: all authentication tokens updated successfully.\r\n\r\n”,
“stdout_lines”: [
“Changing password for user zhangsan3.”,
“passwd: all authentication tokens updated successfully.”,
“”
]
}
[root@ansible .ssh]# ssh -l lisi web1
lisi@web1’s password:
You are required to change your password immediately (root enforced)
Last login: Thu Sep 6 14:51:33 2018 from 192.168.1.51
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user lisi.
Changing password for lisi.
(current) UNIX password:

代码如下
查看模块和帮助文档
[root@ansible .ssh]# ansible-doc （后面接模块名，查看详细的帮助信息）
Usage: ansible-doc [-l|-s] [options] [-t <plugin type] [plugin]

plugin documentation tool

Options:
-a, –all **For internal testing only** Show documentation for
all plugins.
-h, –help show this help message and exit
-l, –list List available plugins
-M MODULE_PATH, –module-path=MODULE_PATH
prepend colon-separated path(s) to module library
(default=[u’/root/.ansible/plugins/modules’,
u’/usr/share/ansible/plugins/modules’])
-s, –snippet Show playbook snippet for specified plugin(s)
-t TYPE, –type=TYPE Choose which plugin type (defaults to “module”)
-v, –verbose verbose mode (-vvv for more, -vvvv to enable
connection debugging)
–version show program’s version number and exit

See man pages for Ansible CLI options or website for tutorials
https://docs.ansible.com
ERROR! Incorrect options passed
[root@ansible .ssh]# ansible-doc -l
a10_server Manage A10 Networks AX/SoftAX/Thunder/vThunder devices’ server obj…
a10_server_axapi3 Manage A10 Networks AX/SoftAX/Thunder/vThunder devices

1、使用PING模块
[root@ansible .ssh]# ansible web1 -m ping
web1 | SUCCESS => {
“changed”: false,
“ping”: “pong”
}
2、使用COMMAND模块
[root@ansible .ssh]# ansible web1 -m command -a ‘chdir=/tmp touch f1’
[WARNING]: Consider using file module with state=touch rather than running touch

web1 | SUCCESS | rc=0 >>

[root@ansible .ssh]# ssh web1
Last login: Sat Oct 20 11:23:16 2018 from 192.168.1.51
[root@web1 ~]# ll /tmp/
总用量 0
-rw-r–r– 1 root root 0 10月 20 11:23 f1
drwx—— 3 root root 17 10月 19 11:04 systemd-private-767695a249a54d18959ba8b304711521-chronyd.service-4NUlRQ
[root@web1 ~]#

3、使用SHELL模块
[root@ansible .ssh]# ansible web1 -m shell -a ‘chdir=/tmp touch f2’
[WARNING]: Consider using file module with state=touch rather than running touch

web1 | SUCCESS | rc=0 >>

[root@ansible .ssh]# ssh web1
Last login: Sat Oct 20 11:24:54 2018 from 192.168.1.51
[root@web1 ~]# ll /tmp/
总用量 0
-rw-r–r– 1 root root 0 10月 20 11:23 f1
-rw-r–r– 1 root root 0 10月 20 11:24 f2
drwx—— 3 root root 17 10月 19 11:04 systemd-private-767695a249a54d18959ba8b304711521-chronyd.service-4NUlRQ
[root@web1 ~]#

4、使用RAW模块，可以看到RAW不支持切换目录
[root@ansible ~]# ansible web1 -m raw -a ‘chdir=/tmp touch f3’
web1 | SUCCESS | rc=0 >>
Shared connection to web1 closed.

5、SCRIPT模块，达到创建用户zhangsan3，密码123456，然后开机马上修改密码，可以看到如果用SSH那要操作很多步
[root@ansible ~]# ssh web1
Last login: Sat Oct 20 11:48:01 2018 from 192.168.1.51
[root@web1 ~]# ls
f3 RPM-GPG-KEY-CentOS-7
[root@web1 ~]# ll /tmp/
总用量 0
-rw-r–r– 1 root root 0 10月 20 11:23 f1
-rw-r–r– 1 root root 0 10月 20 11:24 f2
drwx—— 3 root root 17 10月 19 11:04 systemd-private-767695a249a54d18959ba8b304711521-chronyd.service-4NUlRQ
[root@web1 ~]#

[root@ansible ~]# ansible web1 -m shell -a ‘useradd zhangsan3’
web1 | SUCCESS | rc=0 >>

[root@ansible ~]# ansible web1 -m shell -a ‘echo 123456 | passwd –stdin zhangsan3’
web1 | SUCCESS | rc=0 >>
更改用户 zhangsan3 的密码。
passwd：所有的身份验证令牌已经成功更新。

[root@ansible ~]# ssh -l zhangsan3 web1
zhangsan3@web1’s password:
[zhangsan3@web1 ~]$ exit
登出
Connection to web1 closed.
[root@ansible ~]# ansible web1 -m shell -a ‘chage -d 0 zhangsan3’
web1 | SUCCESS | rc=0 >>

You are required to change your password immediately (root enforced)
Last login: Sat Oct 20 11:53:59 2018 from 192.168.1.51
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user zhangsan3.
Changing password for zhangsan3.
(current) UNIX password:
New password:
BAD PASSWORD: The password is shorter than 8 characters
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Connection to web1 closed.

所以操作一下，用script模块，可以支持脚本

[root@ansible ~]# vim user.sh
[root@ansible ~]# cat user.sh
#!/bin/bash
useradd zhangsan4
echo 123456 | passwd –stdin zhangsan4
chage -d 0 zhangsan3
echo
[root@ansible ~]# ansible web1 -m script -a ‘./user.sh’
web1 | SUCCESS => {
“changed”: true,
“rc”: 0,
“stderr”: “Shared connection to web1 closed.\r\n”,
“stdout”: “更改用户 zhangsan4 的密码。\r\npasswd：所有的身份验证令牌已经成功更新。\r\n\r\n”,
“stdout_lines”: [
“更改用户 zhangsan4 的密码。”,
“passwd：所有的身份验证令牌已经成功更新。”,
“”
]
}

6 案例6：模块练习
6.1 问题

本案例要求：
使用copy模块同步数据
使用lineinfile模块编辑文件
使用replace模块修改文件
6.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：模块练习

1）使用copy模块同步数据
src：要复制到进程主机的文件在本地的地址,可以是绝对路径,也可以是相对路径。如果路径是一个目录,它将递归复制。在这种情况下,如果路径使用”/”来结尾,则只复制目录里的内容,如果没有使用”/”来结尾,则包含目录在内的整个内容全部复制,类似于rsync
dest：必选项。进程主机的绝对路径,如果源文件是一个目录,那么该路径也必须是个目录
backup：在覆盖之前将原文件备份,备份文件包含时间信息。有两个选项:yes|no
force：如果目标主机包含该文件,但内容不同,如果设置为yes,则强制覆盖,如果为no,则只有当目标主机的目标位置不存在该文件时,才复制。默认为yes
[root@ansible .ssh]# ansible all -m shell -a ‘cat /etc/resolv.conf’
//查看/etc/resolv.conf
cache | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localhost
db2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localhost
web1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localhost
web2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localhost
db1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localhost
[root@ansible .ssh]# vi /etc/resolv.conf
nameserver 172.40.1.10
[root@ansible .ssh]# ansible all -m copy -a ‘src=/etc/resolv.conf dest=/etc/resolv.conf’ //复制本机的resolv.conf到其他主机
[root@ansible .ssh]# ansible all -m shell -a ‘cat /etc/resolv.conf’
//查看有nameserver 172.40.1.10
[root@ansible ~]# mkdir aa
[root@ansible ~]# ansible all -m copy -a ‘src=/root/aa dest=/root/a.log’
//复制本机的目录/root/aa到其他机器的/root/a.log，复制目录只能少数批量执行同步
[root@ansible ~]# ansible all -m shell -a ‘ls -ld /root’
db2 | SUCCESS | rc=0 >>
dr-xr-x—. 4 root root 167 Sep 6 11:48 /root
web2 | SUCCESS | rc=0 >>
dr-xr-x—. 4 root root 167 Sep 6 11:48 /root
cache | SUCCESS | rc=0 >>
dr-xr-x—. 4 root root 177 Sep 6 14:35 /root
db1 | SUCCESS | rc=0 >>
dr-xr-x—. 4 root root 167 Sep 6 11:48 /root
web1 | SUCCESS | rc=0 >>
dr-xr-x—. 4 root root 177 Sep 6 14:35 /root
2）使用lineinfile模块编辑文件
以行为基础，整行修改(整行被替换掉)
[root@ansible ~]# ansible cache -m lineinfile \
-a ‘path=/etc/sysconfig/network-scripts/ifcfg-eth0 \
regexp=”^ONBOOT=” line=”ONBOOT=\”no\””‘
cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line replaced”
}
3）使用replace模块修改文件
修改文件的某一部分(替换一行中匹配的内容)，以正则表达式匹配为基础修改
[root@ansible ~]# ansible cache -m replace -a \
‘path=/etc/sysconfig/network-scripts/ifcfg-eth0 \
regexp=”^(ONBOOT=).*” replace=”\1\”yes\””‘
cache | SUCCESS => {
“changed”: true,
“msg”: “1 replacements made”
}

代码如下
1、使用COPY模块同步数据
先看一眼原来的数据
[root@ansible ~]# ansible all -m shell -a ‘cat /etc/resolv.conf’
web2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localdomain

cache | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localdomain

db2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localdomain

web1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localdomain

db1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 192.168.1.254
search localdomain
改一下配置文件
[root@ansible ~]# vim /etc/resolv.conf
[root@ansible ~]# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain
然后同步复制一下
[root@ansible ~]# ansible all -m copy -a ‘src=/etc/resolv.conf dest=/etc/resolv.conf’
web2 | SUCCESS => {
“changed”: true,
“checksum”: “434fa1d70ea9d1ecd5b8880199f8677a8d7f208c”,
“dest”: “/etc/resolv.conf”,
“gid”: 0,
“group”: “root”,
“md5sum”: “acbefc844e58cc09b7f80d342bef9805”,
“mode”: “0644”,
“owner”: “root”,
“size”: 85,
“src”: “/root/.ansible/tmp/ansible-tmp-1540015462.08-33163582311272/source”,
“state”: “file”,
“uid”: 0
}
db1 | SUCCESS => {
“changed”: true,
“checksum”: “434fa1d70ea9d1ecd5b8880199f8677a8d7f208c”,
“dest”: “/etc/resolv.conf”,
“gid”: 0,
“group”: “root”,
“md5sum”: “acbefc844e58cc09b7f80d342bef9805”,
“mode”: “0644”,
“owner”: “root”,
“size”: 85,
“src”: “/root/.ansible/tmp/ansible-tmp-1540015462.08-65291445031988/source”,
“state”: “file”,
“uid”: 0
}
db2 | SUCCESS => {
“changed”: true,
“checksum”: “434fa1d70ea9d1ecd5b8880199f8677a8d7f208c”,
“dest”: “/etc/resolv.conf”,
“gid”: 0,
“group”: “root”,
“md5sum”: “acbefc844e58cc09b7f80d342bef9805”,
“mode”: “0644”,
“owner”: “root”,
“size”: 85,
“src”: “/root/.ansible/tmp/ansible-tmp-1540015462.09-203084136213341/source”,
“state”: “file”,
“uid”: 0
}
web1 | SUCCESS => {
“changed”: true,
“checksum”: “434fa1d70ea9d1ecd5b8880199f8677a8d7f208c”,
“dest”: “/etc/resolv.conf”,
“gid”: 0,
“group”: “root”,
“md5sum”: “acbefc844e58cc09b7f80d342bef9805”,
“mode”: “0644”,
“owner”: “root”,
“size”: 85,
“src”: “/root/.ansible/tmp/ansible-tmp-1540015462.03-68166612195333/source”,
“state”: “file”,
“uid”: 0
}
cache | SUCCESS => {
“changed”: true,
“checksum”: “434fa1d70ea9d1ecd5b8880199f8677a8d7f208c”,
“dest”: “/etc/resolv.conf”,
“gid”: 0,
“group”: “root”,
“md5sum”: “acbefc844e58cc09b7f80d342bef9805”,
“mode”: “0644”,
“owner”: “root”,
“size”: 85,
“src”: “/root/.ansible/tmp/ansible-tmp-1540015462.06-47005818047152/source”,
“state”: “file”,
“uid”: 0
}
再看一下
[root@ansible ~]# ansible all -m shell -a ‘cat /etc/resolv.conf’
cache | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain

db1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain

web1 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain

web2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain

db2 | SUCCESS | rc=0 >>
; generated by /usr/sbin/dhclient-script
nameserver 176.204.0.227
search localdomain

复制本机的目录/root/aa到其他机器的/root/a.log，复制目录只能少数批量执行同步
[root@ansible ~]# ansible all -m copy -a ‘src=/root/aa dest=/root/a.log’
db2 | SUCCESS => {
“changed”: false,
“dest”: “/root/a.log/”,
“src”: “/root/aa”
}
web1 | SUCCESS => {
“changed”: false,
“dest”: “/root/a.log/”,
“src”: “/root/aa”
}
db1 | SUCCESS => {
“changed”: false,
“dest”: “/root/a.log/”,
“src”: “/root/aa”
}
cache | SUCCESS => {
“changed”: false,
“dest”: “/root/a.log/”,
“src”: “/root/aa”
}
web2 | SUCCESS => {
“changed”: false,
“dest”: “/root/a.log/”,
“src”: “/root/aa”
}

[root@ansible ~]# ansible all -m shell -a ‘ls -ld /root’
db2 | SUCCESS | rc=0 >>
dr-xr-x—. 6 root root 213 10月 20 09:15 /root

cache | SUCCESS | rc=0 >>
dr-xr-x—. 6 root root 213 10月 20 09:04 /root

db1 | SUCCESS | rc=0 >>
dr-xr-x—. 6 root root 235 10月 20 09:05 /root

web2 | SUCCESS | rc=0 >>
dr-xr-x—. 6 root root 213 10月 20 09:09 /root

web1 | SUCCESS | rc=0 >>
dr-xr-x—. 6 root root 223 10月 20 11:48 /root

[root@ansible ~]# ansible all -m shell -a ‘ls -lh /root’
cache | SUCCESS | rc=0 >>
总用量 4.0K
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

db2 | SUCCESS | rc=0 >>
总用量 4.0K
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

web2 | SUCCESS | rc=0 >>
总用量 4.0K
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

db1 | SUCCESS | rc=0 >>
总用量 12K
-rw——- 1 root root 1.7K 10月 19 11:08 \
-rw-r–r– 1 root root 390 10月 19 11:08 \.pub
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

web1 | SUCCESS | rc=0 >>
总用量 4.0K
-rw-r–r– 1 root root 0 10月 20 11:48 f3
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

2、使用lineinfile编辑文件
[root@ansible ~]# ansible cache -m lineinfile -a ‘path=/etc/sysconfig/network-scripts/ifcfg-eth0 regexp=”^ONBOOT=” line=”ONBOOT=\”no\””‘
cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line replaced”
}
确认一下，可以看到ONBOOT行已经更改
[root@ansible ~]# ansible cache -m shell -a ‘cat /etc/sysconfig/network-scripts/ifcfg-eth0’
cache | SUCCESS | rc=0 >>
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=”no”
IPV6INIT=no
TYPE=Ethernet
BOOTPROTO=”static”
IPADDR=192.168.1.56
PREFIX=24
GATEWAY=192.168.1.254

3、使用replace模块修改文件
[root@ansible ~]# ansible cache -m replace -a ‘path=/etc/sysconfig/network-scripts/ifcfg-eth0 regexp=”^(ONBOOT=).*” replace=”\1\”yes\””‘
cache | SUCCESS => {
“changed”: true,
“msg”: “1 replacements made”
}
确认一下，可以看到ONBOOT行又改回去了
[root@ansible ~]# ansible cache -m shell -a ‘cat /etc/sysconfig/network-scripts/ifcfg-eth0’cache | SUCCESS | rc=0 >>
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=”yes”
IPV6INIT=no
TYPE=Ethernet
BOOTPROTO=”static”
IPADDR=192.168.1.56
PREFIX=24
GATEWAY=192.168.1.254

7 案例7：综合练习
7.1 问题

本案例要求：
安装Apache并修改监听端口为8080
修改ServerName配置，执行apachectl -t命令不报错
设置默认主页hello world
启动服务并设开机自启
7.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：熟悉模块

1）yum模块
[root@ansible ~]# ansible other -m yum -a ‘name=”lrzsz” state=removed’
//lrzsz软件包名，removed=absent删除
[root@ansible ~]# ansible other -m yum -a ‘name=”lrzsz,lftp” state=installed’
//安装多个软件包，不写state默认为安装
2)service模块
[root@ansible ~]# ansible other -m service -a ‘name=”sshd” enabled=”yes” state=”started”‘ //sshd服务名，开机启动同时启动这个服务
3）setup模块
filter 过滤指定的关键字（可以过滤到我们需要的信息）
[root@ansible ~]# ansible cache -m setup -a ‘filter=os’
cache | SUCCESS => {
“ansible_facts”: {},
“changed”: false
}
[root@ansible ~]# ansible cache -m setup -a ‘filter=ansible_distribution’
cache | SUCCESS => {
“ansible_facts”: {
“ansible_distribution”: “CentOS”
},
“changed”: false
}
步骤二：安装Apache

1）安装Apache服务设置开机自启
[root@ansible ~]# ansible cache -m yum -a ‘name=httpd state=installed’
[root@ansible ~]# ansible cache -m service -a ‘name=httpd enabled=yes state=started’
2）修改端口号为8080
[root@ansible ~]# ssh cache
Last login: Thu Sep 6 15:30:33 2018 from 192.168.1.51
[root@cache ~]# cat /etc/httpd/conf/httpd.conf | grep Listen
Listen 80
[root@ansible ~]# ansible cache -m lineinfile -a ‘path=”/etc/httpd/conf/httpd.conf” regexp=”^Listen ” line=”Listen 8080″‘cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line replaced”
}
[root@ansible ~]# ssh cache
Listen 8080
步骤三：修改ServerName配置，执行apachectl -t命令不报错

1）没有修改之前
[root@cache ~]# apachectl -t //有报错
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 192.168.1.56. Set the ‘ServerName’ directive globally to suppress this message
Syntax OK
2）修改之后
[root@ansible ~]# ansible cache -m lineinfile -a ‘path=”/etc/httpd/conf/httpd.conf” regexp=”^ServerName ” line=”ServerName 0.0.0.0″‘
cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line added”
}
[root@ansible ~]# ssh cache
Last login: Thu Sep 6 15:36:08 2018 from 192.168.1.51
[root@cache ~]# apachectl -t
Syntax OK
步骤四：设置默认主页为hello world

[root@ansible ~]# ansible cache -m copy -a ‘src=/root/index.html dest=/var/www/html/index.html’ ///root/index.html这个页面可以自己写
cache | SUCCESS => {
“changed”: true,
“checksum”: “22596363b3de40b06f981fb85d82312e8c0ed511”,
“dest”: “/var/www/html/index.html”,
“gid”: 0,
“group”: “root”,
“md5sum”: “6f5902ac237024bdd0c176cb93063dc4”,
“mode”: “0644”,
“owner”: “root”,
“size”: 12,
“src”: “/root/.ansible/tmp/ansible-tmp-1536219767.29-30682157793478/source”,
“state”: “file”,
“uid”: 0
}

代码如下
1、YUM模块
把yum清理一下
[root@ansible ~]# ansible all -m shell -a ‘rm -rf /etc/yum.repos.d/dvd.repo’
[WARNING]: Consider using file module with state=absent rather than running rm

db1 | SUCCESS | rc=0 >>

web1 | SUCCESS | rc=0 >>

web2 | SUCCESS | rc=0 >>

cache | SUCCESS | rc=0 >>

db2 | SUCCESS | rc=0 >>

[root@ansible ~]# ansible all -m shell -a ‘ls -lh /etc/yum.repos.d/’
db1 | SUCCESS | rc=0 >>
总用量 32K
-rw-r–r–. 1 root root 1.7K 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3.8K 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 180 10月 19 11:16 local.repo

cache | SUCCESS | rc=0 >>
总用量 32K
-rw-r–r–. 1 root root 1.7K 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3.8K 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 180 10月 19 11:16 local.repo

db2 | SUCCESS | rc=0 >>
总用量 32K
-rw-r–r–. 1 root root 1.7K 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3.8K 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 180 10月 19 11:16 local.repo

web2 | SUCCESS | rc=0 >>
总用量 32K
-rw-r–r–. 1 root root 1.7K 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3.8K 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 180 10月 19 11:16 local.repo

web1 | SUCCESS | rc=0 >>
总用量 32K
-rw-r–r–. 1 root root 1.7K 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1.3K 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3.8K 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 180 10月 19 11:16 local.repo

[root@ansible ~]#

先安装一个lrzsz
[root@ansible ~]# ansible other -m yum -a ‘name=’lrzsz’ state=installed’
cache | SUCCESS => {
“changed”: true,
“msg”: “”,
“rc”: 0,
“results”: [
“Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.163.com\n * extras: mirrors.163.com\n * updates: mirrors.163.com\nResolving Dependencies\n–> Running transaction check\n—> Package lrzsz.x86_64 0:0.12.20-36.el7 will be installed\n–> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n lrzsz x86_64 0.12.20-36.el7 base 78 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package\n\nTotal download size: 78 k\nInstalled size: 181 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : lrzsz-0.12.20-36.el7.x86_64 1/1 \n Verifying : lrzsz-0.12.20-36.el7.x86_64 1/1 \n\nInstalled:\n lrzsz.x86_64 0:0.12.20-36.el7 \n\nComplete!\n”
]
}
然后卸载是一下
[root@ansible ~]# ansible other -m yum -a ‘name=’lrzsz’ state=removed’
cache | SUCCESS => {
“changed”: true,
“msg”: “”,
“rc”: 0,
“results”: [
“已加载插件：fastestmirror\n正在解决依赖关系\n–> 正在检查事务\n—> 软件包 lrzsz.x86_64.0.0.12.20-36.el7 将被删除\n–> 解决依赖关系完成\n\n依赖关系解决\n\n================================================================================\n Package 架构版本源大小\n================================================================================\n正在删除:\n lrzsz x86_64 0.12.20-36.el7 @base 181 k\n\n事务概要\n================================================================================\n移除 1 软件包\n\n安装大小：181 k\nDownloading packages:\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n 正在删除 : lrzsz-0.12.20-36.el7.x86_64 1/1 \n 验证中 : lrzsz-0.12.20-36.el7.x86_64 1/1 \n\n删除:\n lrzsz.x86_64 0:0.12.20-36.el7 \n\n完毕！\n”
]
}

2、service模块
[root@ansible ~]# ansible other -m service -a ‘name=”sshd” enabled=”yes” state=”started”‘
cache | SUCCESS => {
“changed”: false,
“enabled”: true,
“name”: “sshd”,
“state”: “started”,
“status”: {
“ActiveEnterTimestamp”: “五 2018-10-19 11:04:46 CST”,
“ActiveEnterTimestampMonotonic”: “7203799”,
“ActiveExitTimestampMonotonic”: “0”,
“ActiveState”: “active”,
“After”: “sshd-keygen.service system.slice network.target systemd-journald.socket basic.target”,
“AllowIsolate”: “no”,
“AmbientCapabilities”: “0”,
“AssertResult”: “yes”,
“AssertTimestamp”: “五 2018-10-19 11:04:46 CST”,
“AssertTimestampMonotonic”: “7185185”,
“Before”: “shutdown.target multi-user.target”,
“BlockIOAccounting”: “no”,
“BlockIOWeight”: “18446744073709551615”,
“CPUAccounting”: “no”,
“CPUQuotaPerSecUSec”: “infinity”,
“CPUSchedulingPolicy”: “0”,
“CPUSchedulingPriority”: “0”,
“CPUSchedulingResetOnFork”: “no”,
“CPUShares”: “18446744073709551615”,
“CanIsolate”: “no”,
“CanReload”: “yes”,
“CanStart”: “yes”,
“CanStop”: “yes”,
“CapabilityBoundingSet”: “18446744073709551615”,
“ConditionResult”: “yes”,
“ConditionTimestamp”: “五 2018-10-19 11:04:46 CST”,
“ConditionTimestampMonotonic”: “7185184”,
“ConflictedBy”: “sshd.socket”,
“Conflicts”: “shutdown.target”,
“ConsistsOf”: “sshd-keygen.service”,
“ControlGroup”: “/system.slice/sshd.service”,
“ControlPID”: “0”,
“DefaultDependencies”: “yes”,
“Delegate”: “no”,
“Description”: “OpenSSH server daemon”,
“DevicePolicy”: “auto”,
“Documentation”: “man:sshd(8) man:sshd_config(5)”,
“EnvironmentFile”: “/etc/sysconfig/sshd (ignore_errors=no)”,
“ExecMainCode”: “0”,
“ExecMainExitTimestampMonotonic”: “0”,
“ExecMainPID”: “697”,
“ExecMainStartTimestamp”: “五 2018-10-19 11:04:46 CST”,
“ExecMainStartTimestampMonotonic”: “7185992”,
“ExecMainStatus”: “0”,
“ExecReload”: “{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }”,
“ExecStart”: “{ path=/usr/sbin/sshd ; argv[]=/usr/sbin/sshd -D $OPTIONS ; ignore_errors=no ; start_time=[五 2018-10-19 11:04:46 CST] ; stop_time=[n/a] ; pid=697 ; code=(null) ; status=0/0 }”,
“FailureAction”: “none”,
“FileDescriptorStoreMax”: “0”,
“FragmentPath”: “/usr/lib/systemd/system/sshd.service”,
“GuessMainPID”: “yes”,
“IOScheduling”: “0”,
“Id”: “sshd.service”,
“IgnoreOnIsolate”: “no”,
“IgnoreOnSnapshot”: “no”,
“IgnoreSIGPIPE”: “yes”,
“InactiveEnterTimestampMonotonic”: “0”,
“InactiveExitTimestamp”: “五 2018-10-19 11:04:46 CST”,
“InactiveExitTimestampMonotonic”: “7186043”,
“JobTimeoutAction”: “none”,
“JobTimeoutUSec”: “0”,
“KillMode”: “process”,
“KillSignal”: “15”,
“LimitAS”: “18446744073709551615”,
“LimitCORE”: “18446744073709551615”,
“LimitCPU”: “18446744073709551615”,
“LimitDATA”: “18446744073709551615”,
“LimitFSIZE”: “18446744073709551615”,
“LimitLOCKS”: “18446744073709551615”,
“LimitMEMLOCK”: “65536”,
“LimitMSGQUEUE”: “819200”,
“LimitNICE”: “0”,
“LimitNOFILE”: “4096”,
“LimitNPROC”: “7923”,
“LimitRSS”: “18446744073709551615”,
“LimitRTPRIO”: “0”,
“LimitRTTIME”: “18446744073709551615”,
“LimitSIGPENDING”: “7923”,
“LimitSTACK”: “18446744073709551615”,
“LoadState”: “loaded”,
“MainPID”: “697”,
“MemoryAccounting”: “no”,
“MemoryCurrent”: “18446744073709551615”,
“MemoryLimit”: “18446744073709551615”,
“MountFlags”: “0”,
“Names”: “sshd.service”,
“NeedDaemonReload”: “no”,
“Nice”: “0”,
“NoNewPrivileges”: “no”,
“NonBlocking”: “no”,
“NotifyAccess”: “main”,
“OOMScoreAdjust”: “0”,
“OnFailureJobMode”: “replace”,
“PermissionsStartOnly”: “no”,
“PrivateDevices”: “no”,
“PrivateNetwork”: “no”,
“PrivateTmp”: “no”,
“ProtectHome”: “no”,
“ProtectSystem”: “no”,
“RefuseManualStart”: “no”,
“RefuseManualStop”: “no”,
“RemainAfterExit”: “no”,
“Requires”: “basic.target”,
“Restart”: “on-failure”,
“RestartUSec”: “42s”,
“Result”: “success”,
“RootDirectoryStartOnly”: “no”,
“RuntimeDirectoryMode”: “0755”,
“SameProcessGroup”: “no”,
“SecureBits”: “0”,
“SendSIGHUP”: “no”,
“SendSIGKILL”: “yes”,
“Slice”: “system.slice”,
“StandardError”: “inherit”,
“StandardInput”: “null”,
“StandardOutput”: “journal”,
“StartLimitAction”: “none”,
“StartLimitBurst”: “5”,
“StartLimitInterval”: “10000000”,
“StartupBlockIOWeight”: “18446744073709551615”,
“StartupCPUShares”: “18446744073709551615”,
“StatusErrno”: “0”,
“StopWhenUnneeded”: “no”,
“SubState”: “running”,
“SyslogLevelPrefix”: “yes”,
“SyslogPriority”: “30”,
“SystemCallErrorNumber”: “0”,
“TTYReset”: “no”,
“TTYVHangup”: “no”,
“TTYVTDisallocate”: “no”,
“TasksAccounting”: “no”,
“TasksCurrent”: “18446744073709551615”,
“TasksMax”: “18446744073709551615”,
“TimeoutStartUSec”: “1min 30s”,
“TimeoutStopUSec”: “1min 30s”,
“TimerSlackNSec”: “50000”,
“Transient”: “no”,
“Type”: “notify”,
“UMask”: “0022”,
“UnitFilePreset”: “enabled”,
“UnitFileState”: “enabled”,
“WantedBy”: “multi-user.target”,
“Wants”: “sshd-keygen.service system.slice”,
“WatchdogTimestamp”: “五 2018-10-19 11:04:46 CST”,
“WatchdogTimestampMonotonic”: “7203782”,
“WatchdogUSec”: “0”
}
}

3、setup模块
filter过滤指定的关键字
[root@ansible ~]# ansible cache -m setup -a ‘filter=os’
cache | SUCCESS => {
“ansible_facts”: {},
“changed”: false
}
[root@ansible ~]# ansible cache -m setup -a ‘filter=ansible_distribution’
cache | SUCCESS => {
“ansible_facts”: {
“ansible_distribution”: “CentOS”
},
“changed”: false
}
[root@ansible ~]#

步骤2，安装Apache
[root@ansible ~]# ansible cache -m yum -a ‘name=httpd state=installed’
cache | SUCCESS => {
“changed”: true,
“msg”: “”,
“rc”: 0,
“results”: [
“Loaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirrors.163.com\n * extras: mirrors.163.com\n * updates: mirrors.163.com\nResolving Dependencies\n–> Running transaction check\n—> Package httpd.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n–> Processing Dependency: httpd-tools = 2.4.6-80.el7.centos.1 for package: httpd-2.4.6-80.el7.centos.1.x86_64\n–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-80.el7.centos.1.x86_64\n–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-80.el7.centos.1.x86_64\n–> Running transaction check\n—> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed\n—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n—> Package httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 will be installed\n—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n–> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n httpd x86_64 2.4.6-80.el7.centos.1 updates 2.7 M\nInstalling for dependencies:\n apr x86_64 1.4.8-3.el7_4.1 base 103 k\n apr-util x86_64 1.5.2-6.el7 base 92 k\n httpd-tools x86_64 2.4.6-80.el7.centos.1 updates 90 k\n mailcap noarch 2.1.41-2.el7 base 31 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+4 Dependent packages)\n\nTotal download size: 3.0 M\nInstalled size: 10 M\nDownloading packages:\n——————————————————————————–\nTotal 2.6 MB/s | 3.0 MB 00:01 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : apr-1.4.8-3.el7_4.1.x86_64 1/5 \n Installing : apr-util-1.5.2-6.el7.x86_64 2/5 \n Installing : httpd-tools-2.4.6-80.el7.centos.1.x86_64 3/5 \n Installing : mailcap-2.1.41-2.el7.noarch 4/5 \n Installing : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n Verifying : mailcap-2.1.41-2.el7.noarch 1/5 \n Verifying : httpd-tools-2.4.6-80.el7.centos.1.x86_64 2/5 \n Verifying : apr-util-1.5.2-6.el7.x86_64 3/5 \n Verifying : apr-1.4.8-3.el7_4.1.x86_64 4/5 \n Verifying : httpd-2.4.6-80.el7.centos.1.x86_64 5/5 \n\nInstalled:\n httpd.x86_64 0:2.4.6-80.el7.centos.1 \n\nDependency Installed:\n apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 \n httpd-tools.x86_64 0:2.4.6-80.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7 \n\nComplete!\n”
]
}

启动appache
[root@ansible ~]# ansible cache -m service -a ‘name=httpd enabled=yes state=started’
cache | SUCCESS => {
“changed”: true,
“enabled”: true,
“name”: “httpd”,
“state”: “started”,
“status”: {
“ActiveEnterTimestampMonotonic”: “0”,
“ActiveExitTimestampMonotonic”: “0”,
“ActiveState”: “inactive”,
“After”: “remote-fs.target nss-lookup.target basic.target tmp.mount systemd-journald.socket system.slice network.target -.mount”,
“AllowIsolate”: “no”,
“AmbientCapabilities”: “0”,
“AssertResult”: “no”,
“AssertTimestampMonotonic”: “0”,
“Before”: “shutdown.target”,
“BlockIOAccounting”: “no”,
“BlockIOWeight”: “18446744073709551615”,
“CPUAccounting”: “no”,
“CPUQuotaPerSecUSec”: “infinity”,
“CPUSchedulingPolicy”: “0”,
“CPUSchedulingPriority”: “0”,
“CPUSchedulingResetOnFork”: “no”,
“CPUShares”: “18446744073709551615”,
“CanIsolate”: “no”,
“CanReload”: “yes”,
“CanStart”: “yes”,
“CanStop”: “yes”,
“CapabilityBoundingSet”: “18446744073709551615”,
“ConditionResult”: “no”,
“ConditionTimestampMonotonic”: “0”,
“Conflicts”: “shutdown.target”,
“ControlPID”: “0”,
“DefaultDependencies”: “yes”,
“Delegate”: “no”,
“Description”: “The Apache HTTP Server”,
“DevicePolicy”: “auto”,
“Documentation”: “man:httpd(8) man:apachectl(8)”,
“EnvironmentFile”: “/etc/sysconfig/httpd (ignore_errors=no)”,
“ExecMainCode”: “0”,
“ExecMainExitTimestampMonotonic”: “0”,
“ExecMainPID”: “0”,
“ExecMainStartTimestampMonotonic”: “0”,
“ExecMainStatus”: “0”,
“ExecReload”: “{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -k graceful ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }”,
“ExecStart”: “{ path=/usr/sbin/httpd ; argv[]=/usr/sbin/httpd $OPTIONS -DFOREGROUND ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }”,
“ExecStop”: “{ path=/bin/kill ; argv[]=/bin/kill -WINCH ${MAINPID} ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }”,
“FailureAction”: “none”,
“FileDescriptorStoreMax”: “0”,
“FragmentPath”: “/usr/lib/systemd/system/httpd.service”,
“GuessMainPID”: “yes”,
“IOScheduling”: “0”,
“Id”: “httpd.service”,
“IgnoreOnIsolate”: “no”,
“IgnoreOnSnapshot”: “no”,
“IgnoreSIGPIPE”: “yes”,
“InactiveEnterTimestampMonotonic”: “0”,
“InactiveExitTimestampMonotonic”: “0”,
“JobTimeoutAction”: “none”,
“JobTimeoutUSec”: “0”,
“KillMode”: “control-group”,
“KillSignal”: “18”,
“LimitAS”: “18446744073709551615”,
“LimitCORE”: “18446744073709551615”,
“LimitCPU”: “18446744073709551615”,
“LimitDATA”: “18446744073709551615”,
“LimitFSIZE”: “18446744073709551615”,
“LimitLOCKS”: “18446744073709551615”,
“LimitMEMLOCK”: “65536”,
“LimitMSGQUEUE”: “819200”,
“LimitNICE”: “0”,
“LimitNOFILE”: “4096”,
“LimitNPROC”: “7923”,
“LimitRSS”: “18446744073709551615”,
“LimitRTPRIO”: “0”,
“LimitRTTIME”: “18446744073709551615”,
“LimitSIGPENDING”: “7923”,
“LimitSTACK”: “18446744073709551615”,
“LoadState”: “loaded”,
“MainPID”: “0”,
“MemoryAccounting”: “no”,
“MemoryCurrent”: “18446744073709551615”,
“MemoryLimit”: “18446744073709551615”,
“MountFlags”: “0”,
“Names”: “httpd.service”,
“NeedDaemonReload”: “no”,
“Nice”: “0”,
“NoNewPrivileges”: “no”,
“NonBlocking”: “no”,
“NotifyAccess”: “main”,
“OOMScoreAdjust”: “0”,
“OnFailureJobMode”: “replace”,
“PermissionsStartOnly”: “no”,
“PrivateDevices”: “no”,
“PrivateNetwork”: “no”,
“PrivateTmp”: “yes”,
“ProtectHome”: “no”,
“ProtectSystem”: “no”,
“RefuseManualStart”: “no”,
“RefuseManualStop”: “no”,
“RemainAfterExit”: “no”,
“Requires”: “basic.target -.mount”,
“RequiresMountsFor”: “/var/tmp”,
“Restart”: “no”,
“RestartUSec”: “100ms”,
“Result”: “success”,
“RootDirectoryStartOnly”: “no”,
“RuntimeDirectoryMode”: “0755”,
“SameProcessGroup”: “no”,
“SecureBits”: “0”,
“SendSIGHUP”: “no”,
“SendSIGKILL”: “yes”,
“Slice”: “system.slice”,
“StandardError”: “inherit”,
“StandardInput”: “null”,
“StandardOutput”: “journal”,
“StartLimitAction”: “none”,
“StartLimitBurst”: “5”,
“StartLimitInterval”: “10000000”,
“StartupBlockIOWeight”: “18446744073709551615”,
“StartupCPUShares”: “18446744073709551615”,
“StatusErrno”: “0”,
“StopWhenUnneeded”: “no”,
“SubState”: “dead”,
“SyslogLevelPrefix”: “yes”,
“SyslogPriority”: “30”,
“SystemCallErrorNumber”: “0”,
“TTYReset”: “no”,
“TTYVHangup”: “no”,
“TTYVTDisallocate”: “no”,
“TasksAccounting”: “no”,
“TasksCurrent”: “18446744073709551615”,
“TasksMax”: “18446744073709551615”,
“TimeoutStartUSec”: “1min 30s”,
“TimeoutStopUSec”: “1min 30s”,
“TimerSlackNSec”: “50000”,
“Transient”: “no”,
“Type”: “notify”,
“UMask”: “0022”,
“UnitFilePreset”: “disabled”,
“UnitFileState”: “disabled”,
“Wants”: “system.slice”,
“WatchdogTimestampMonotonic”: “0”,
“WatchdogUSec”: “0”
}
}
[root@ansible ~]#

2、修改端口号为8080
修改前看一眼
[root@ansible ~]# ansible cache -m shell -a ‘cat /etc/httpd/conf/httpd.conf | grep Listen’
cache | SUCCESS | rc=0 >>
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to
#Listen 12.34.56.78:80
Listen 80

更改端口
[root@ansible ~]# ansible cache -m lineinfile -a ‘path=”/etc/httpd/conf/httpd.conf” regexp=”^Listen ” line=”Listen 8080″‘
cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line added”
}

修改后确认
[root@ansible ~]# ansible cache -m shell -a ‘cat /etc/httpd/conf/httpd.conf | grep Listen’cache | SUCCESS | rc=0 >>
# Listen: Allows you to bind Apache to specific IP addresses and/or
# Change this to Listen on specific IP addresses as shown below to
#Listen 12.34.56.78:80
Listen 8080

登陆到cache可以发现apachectl检查不通过
[root@cache ~]# apachectl -t
AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 192.168.1.56. Set the ‘ServerName’ directive globally to suppress this message
Syntax OK

修改一下
[root@ansible ~]# ansible cache -m lineinfile -a ‘path=”/etc/httpd/conf/httpd.conf” regexp=”^ServerName ” line=”ServerName 0.0.0.0″‘
cache | SUCCESS => {
“backup”: “”,
“changed”: true,
“msg”: “line added”
}
[root@ansible ~]# ssh cache
Last login: Sat Oct 20 15:11:42 2018 from 192.168.1.51
[root@cache ~]# apachectl -t
Syntax OK

登陆到cache重启下服务
[root@cache ~]# systemctl restart httpd

重启服务并拷贝配置文件
[root@ansible ~]# ansible cache -m copy -a ‘src=/root/index.html dest=/var/www/html/index.html’
cache | SUCCESS => {
“changed”: true,
“checksum”: “22596363b3de40b06f981fb85d82312e8c0ed511”,
“dest”: “/var/www/html/index.html”,
“gid”: 0,
“group”: “root”,
“md5sum”: “6f5902ac237024bdd0c176cb93063dc4”,
“mode”: “0644”,
“owner”: “root”,
“size”: 12,
“src”: “/root/.ansible/tmp/ansible-tmp-1540019610.06-226153421523891/source”,
“state”: “file”,
“uid”: 0
}

测试一下网页
[root@ansible ~]# curl cache:8080
hello world

发表在 ansible | 标签为 ansible | 留下评论

Docker02-Docker简单使用

发表于2018年10月19日由toky, jim

1 案例1：制作自定义镜像
1.1 问题

本案例要求制作自定义镜像：
基于centos镜像使用commit创建新的镜像文件
基于centos镜像使用Dockerfile文件创建一个新的镜像文件
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：使用镜像启动容器

1）在该容器基础上修改yum源
[root@docker1 docker_images]# docker run -it centos
[root@8d07ecd7e345 /]# rm -rf /etc/yum.repos.d/*
[root@8d07ecd7e345 /]# vi /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/system
enabled=1
gpgcheck=0
[root@8d07ecd7e345 /]# yum clean all
[root@8d07ecd7e345 /]# yum repolist
2）安装测试软件
[root@8d07ecd7e345 /]# yum -y install net-tools iproute psmisc vim-enhanced
3）ifconfig查看
[root@8d07ecd7e345 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:3 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 2488 bytes 28317945 (27.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1858 bytes 130264 (127.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@8d07ecd7e345 /]# exit
exit

代码如下
[root@docker1 docker_images]# docker run -it centos
[root@2f357316ddca /]# rm -rf /etc/yum.repos.d/*
[root@2f357316ddca /]# vi /etc/yum.repos.d/dvd.repo
[root@2f357316ddca /]# yum clean all
Loaded plugins: fastestmirror, ovl
Cleaning repos: dvd
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
[root@2f357316ddca /]# yum repolist
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
dvd | 3.6 kB 00:00:00
(1/2): dvd/group_gz | 156 kB 00:00:00
(2/2): dvd/primary_db | 5.7 MB 00:00:00
repo id repo name status
dvd dvd 9591
repolist: 9591
[root@2f357316ddca /]# yum -y install net-tools iproute psmisc vim-enhanced
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
Resolving Dependencies
–> Running transaction check
—> Package iproute.x86_64 0:3.10.0-87.el7 will be installed
–> Processing Dependency: libmnl.so.0(LIBMNL_1.0)(64bit) for package: iproute-3.10.0-87.el7.x86_64
–> Processing Dependency: libxtables.so.10()(64bit) for package: iproute-3.10.0-87.el7.x86_64
–> Processing Dependency: libmnl.so.0()(64bit) for package: iproute-3.10.0-87.el7.x86_64
—> Package net-tools.x86_64 0:2.0-0.22.20131004git.el7 will be installed
—> Package psmisc.x86_64 0:22.20-15.el7 will be installed
—> Package vim-enhanced.x86_64 2:7.4.160-2.el7 will be installed
–> Processing Dependency: vim-common = 2:7.4.160-2.el7 for package: 2:vim-enhanced-7.4.160-2.el7.x86_64
–> Processing Dependency: which for package: 2:vim-enhanced-7.4.160-2.el7.x86_64
–> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 2:vim-enhanced-7.4.160-2.el7.x86_64
–> Processing Dependency: libperl.so()(64bit) for package: 2:vim-enhanced-7.4.160-2.el7.x86_64
–> Processing Dependency: libgpm.so.2()(64bit) for package: 2:vim-enhanced-7.4.160-2.el7.x86_64
–> Running transaction check
—> Package gpm-libs.x86_64 0:1.20.7-5.el7 will be installed
—> Package iptables.x86_64 0:1.4.21-18.0.1.el7.centos will be installed
–> Processing Dependency: libnfnetlink.so.0()(64bit) for package: iptables-1.4.21-18.0.1.el7.centos.x86_64
–> Processing Dependency: libnetfilter_conntrack.so.3()(64bit) for package: iptables-1.4.21-18.0.1.el7.centos.x86_64
—> Package libmnl.x86_64 0:1.0.3-7.el7 will be installed
—> Package perl.x86_64 4:5.16.3-292.el7 will be installed
–> Processing Dependency: perl(Socket) >= 1.3 for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Scalar::Util) >= 1.10 for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl-macros for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Time::Local) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Socket) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Scalar::Util) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Getopt::Long) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Temp) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec::Unix) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec::Functions) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Path) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Exporter) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Cwd) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Carp) for package: 4:perl-5.16.3-292.el7.x86_64
—> Package perl-libs.x86_64 4:5.16.3-292.el7 will be installed
—> Package vim-common.x86_64 2:7.4.160-2.el7 will be installed
–> Processing Dependency: vim-filesystem for package: 2:vim-common-7.4.160-2.el7.x86_64
—> Package which.x86_64 0:2.20-7.el7 will be installed
–> Running transaction check
—> Package libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3 will be installed
—> Package libnfnetlink.x86_64 0:1.0.1-4.el7 will be installed
—> Package perl-Carp.noarch 0:1.26-244.el7 will be installed
—> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed
—> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed
—> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed
—> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed
—> Package perl-Getopt-Long.noarch 0:2.40-2.el7 will be installed
–> Processing Dependency: perl(Pod::Usage) >= 1.14 for package: perl-Getopt-Long-2.40-2.el7.noarch
–> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-2.el7.noarch
—> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed
—> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed
–> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch
–> Processing Dependency: perl(Encode) for package: 1:perl-Pod-Simple-3.28-4.el7.noarch
—> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed
—> Package perl-Socket.x86_64 0:2.010-4.el7 will be installed
—> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed
—> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed
—> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed
—> Package perl-constant.noarch 0:1.27-2.el7 will be installed
—> Package perl-macros.x86_64 4:5.16.3-292.el7 will be installed
—> Package perl-threads.x86_64 0:1.87-4.el7 will be installed
—> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed
—> Package vim-filesystem.x86_64 2:7.4.160-2.el7 will be installed
–> Running transaction check
—> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed
—> Package perl-Pod-Escapes.noarch 1:1.04-292.el7 will be installed
—> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed
–> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch
–> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch
—> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed
–> Running transaction check
—> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed
–> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch
–> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch
–> Processing Dependency: groff-base for package: perl-Pod-Perldoc-3.20-4.el7.noarch
—> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed
–> Running transaction check
—> Package groff-base.x86_64 0:1.22.2-8.el7 will be installed
—> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed
—> Package perl-parent.noarch 1:0.225-244.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================
Package Arch Version Repository
Size
=============================================================================================
Installing:
iproute x86_64 3.10.0-87.el7 dvd 651 k
net-tools x86_64 2.0-0.22.20131004git.el7 dvd 305 k
psmisc x86_64 22.20-15.el7 dvd 141 k
vim-enhanced x86_64 2:7.4.160-2.el7 dvd 1.0 M
Installing for dependencies:
gpm-libs x86_64 1.20.7-5.el7 dvd 32 k
groff-base x86_64 1.22.2-8.el7 dvd 942 k
iptables x86_64 1.4.21-18.0.1.el7.centos dvd 428 k
libmnl x86_64 1.0.3-7.el7 dvd 23 k
libnetfilter_conntrack x86_64 1.0.6-1.el7_3 dvd 55 k
libnfnetlink x86_64 1.0.1-4.el7 dvd 26 k
perl x86_64 4:5.16.3-292.el7 dvd 8.0 M
perl-Carp noarch 1.26-244.el7 dvd 19 k
perl-Encode x86_64 2.51-7.el7 dvd 1.5 M
perl-Exporter noarch 5.68-3.el7 dvd 28 k
perl-File-Path noarch 2.09-2.el7 dvd 26 k
perl-File-Temp noarch 0.23.01-3.el7 dvd 56 k
perl-Filter x86_64 1.49-3.el7 dvd 76 k
perl-Getopt-Long noarch 2.40-2.el7 dvd 56 k
perl-HTTP-Tiny noarch 0.033-3.el7 dvd 38 k
perl-PathTools x86_64 3.40-5.el7 dvd 82 k
perl-Pod-Escapes noarch 1:1.04-292.el7 dvd 51 k
perl-Pod-Perldoc noarch 3.20-4.el7 dvd 87 k
perl-Pod-Simple noarch 1:3.28-4.el7 dvd 216 k
perl-Pod-Usage noarch 1.63-3.el7 dvd 27 k
perl-Scalar-List-Utils x86_64 1.27-248.el7 dvd 36 k
perl-Socket x86_64 2.010-4.el7 dvd 49 k
perl-Storable x86_64 2.45-3.el7 dvd 77 k
perl-Text-ParseWords noarch 3.29-4.el7 dvd 14 k
perl-Time-HiRes x86_64 4:1.9725-3.el7 dvd 45 k
perl-Time-Local noarch 1.2300-2.el7 dvd 24 k
perl-constant noarch 1.27-2.el7 dvd 19 k
perl-libs x86_64 4:5.16.3-292.el7 dvd 688 k
perl-macros x86_64 4:5.16.3-292.el7 dvd 43 k
perl-parent noarch 1:0.225-244.el7 dvd 12 k
perl-podlators noarch 2.5.1-3.el7 dvd 112 k
perl-threads x86_64 1.87-4.el7 dvd 49 k
perl-threads-shared x86_64 1.43-6.el7 dvd 39 k
vim-common x86_64 2:7.4.160-2.el7 dvd 5.9 M
vim-filesystem x86_64 2:7.4.160-2.el7 dvd 9.8 k
which x86_64 2.20-7.el7 dvd 41 k

Transaction Summary
=============================================================================================
Install 4 Packages (+36 Dependent packages)

Total download size: 21 M
Installed size: 67 M
Downloading packages: : which-2.20-7.el7.x86_64.rpm | 41 kB 00:00:00
———————————————————————————————
Total 21 MB/s | 21 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libnfnetlink-1.0.1-4.el7.x86_64 1/40
Installing : libmnl-1.0.3-7.el7.x86_64 2/40
Installing : libnetfilter_conntrack-1.0.6-1.el7_3.x86_64 3/40
Installing : iptables-1.4.21-18.0.1.el7.centos.x86_64 4/40
Installing : gpm-libs-1.20.7-5.el7.x86_64 5/40
Installing : groff-base-1.22.2-8.el7.x86_64 6/40
Installing : 1:perl-parent-0.225-244.el7.noarch 7/40
Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 8/40
Installing : perl-podlators-2.5.1-3.el7.noarch 9/40
Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 10/40
Installing : 1:perl-Pod-Escapes-1.04-292.el7.noarch 11/40
Installing : perl-Text-ParseWords-3.29-4.el7.noarch 12/40
Installing : perl-Encode-2.51-7.el7.x86_64 13/40
Installing : perl-Pod-Usage-1.63-3.el7.noarch 14/40
Installing : 4:perl-macros-5.16.3-292.el7.x86_64 15/40
Installing : 4:perl-libs-5.16.3-292.el7.x86_64 16/40
Installing : perl-Storable-2.45-3.el7.x86_64 17/40
Installing : perl-Exporter-5.68-3.el7.noarch 18/40
Installing : perl-constant-1.27-2.el7.noarch 19/40
Installing : perl-Time-Local-1.2300-2.el7.noarch 20/40
Installing : perl-Socket-2.010-4.el7.x86_64 21/40
Installing : perl-Carp-1.26-244.el7.noarch 22/40
Installing : perl-PathTools-3.40-5.el7.x86_64 23/40
Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 24/40
Installing : perl-File-Temp-0.23.01-3.el7.noarch 25/40
Installing : perl-File-Path-2.09-2.el7.noarch 26/40
Installing : perl-threads-shared-1.43-6.el7.x86_64 27/40
Installing : perl-threads-1.87-4.el7.x86_64 28/40
Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 29/40
Installing : perl-Filter-1.49-3.el7.x86_64 30/40
Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 31/40
Installing : perl-Getopt-Long-2.40-2.el7.noarch 32/40
Installing : 4:perl-5.16.3-292.el7.x86_64 33/40
Installing : which-2.20-7.el7.x86_64 34/40
install-info: No such file or directory for /usr/share/info/which.info.gz
Installing : 2:vim-filesystem-7.4.160-2.el7.x86_64 35/40
Installing : 2:vim-common-7.4.160-2.el7.x86_64 36/40
Installing : 2:vim-enhanced-7.4.160-2.el7.x86_64 37/40
Installing : iproute-3.10.0-87.el7.x86_64 38/40
Installing : psmisc-22.20-15.el7.x86_64 39/40
Installing : net-tools-2.0-0.22.20131004git.el7.x86_64 40/40
Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 1/40
Verifying : libmnl-1.0.3-7.el7.x86_64 2/40
Verifying : net-tools-2.0-0.22.20131004git.el7.x86_64 3/40
Verifying : perl-threads-shared-1.43-6.el7.x86_64 4/40
Verifying : perl-Storable-2.45-3.el7.x86_64 5/40
Verifying : 2:vim-filesystem-7.4.160-2.el7.x86_64 6/40
Verifying : perl-Exporter-5.68-3.el7.noarch 7/40
Verifying : perl-constant-1.27-2.el7.noarch 8/40
Verifying : perl-PathTools-3.40-5.el7.x86_64 9/40
Verifying : libnetfilter_conntrack-1.0.6-1.el7_3.x86_64 10/40
Verifying : 4:perl-macros-5.16.3-292.el7.x86_64 11/40
Verifying : 1:perl-parent-0.225-244.el7.noarch 12/40
Verifying : 4:perl-5.16.3-292.el7.x86_64 13/40
Verifying : iproute-3.10.0-87.el7.x86_64 14/40
Verifying : which-2.20-7.el7.x86_64 15/40
Verifying : groff-base-1.22.2-8.el7.x86_64 16/40
Verifying : perl-File-Temp-0.23.01-3.el7.noarch 17/40
Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 18/40
Verifying : perl-Time-Local-1.2300-2.el7.noarch 19/40
Verifying : gpm-libs-1.20.7-5.el7.x86_64 20/40
Verifying : 4:perl-libs-5.16.3-292.el7.x86_64 21/40
Verifying : psmisc-22.20-15.el7.x86_64 22/40
Verifying : perl-Socket-2.010-4.el7.x86_64 23/40
Verifying : perl-Carp-1.26-244.el7.noarch 24/40
Verifying : 2:vim-common-7.4.160-2.el7.x86_64 25/40
Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 26/40
Verifying : 1:perl-Pod-Escapes-1.04-292.el7.noarch 27/40
Verifying : perl-Pod-Usage-1.63-3.el7.noarch 28/40
Verifying : perl-Encode-2.51-7.el7.x86_64 29/40
Verifying : libnfnetlink-1.0.1-4.el7.x86_64 30/40
Verifying : perl-podlators-2.5.1-3.el7.noarch 31/40
Verifying : perl-Getopt-Long-2.40-2.el7.noarch 32/40
Verifying : 2:vim-enhanced-7.4.160-2.el7.x86_64 33/40
Verifying : perl-File-Path-2.09-2.el7.noarch 34/40
Verifying : perl-threads-1.87-4.el7.x86_64 35/40
Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 36/40
Verifying : perl-Filter-1.49-3.el7.x86_64 37/40
Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 38/40
Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 39/40
Verifying : iptables-1.4.21-18.0.1.el7.centos.x86_64 40/40

Installed:
iproute.x86_64 0:3.10.0-87.el7 net-tools.x86_64 0:2.0-0.22.20131004git.el7
psmisc.x86_64 0:22.20-15.el7 vim-enhanced.x86_64 2:7.4.160-2.el7

Dependency Installed:
gpm-libs.x86_64 0:1.20.7-5.el7 groff-base.x86_64 0:1.22.2-8.el7
iptables.x86_64 0:1.4.21-18.0.1.el7.centos libmnl.x86_64 0:1.0.3-7.el7
libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3 libnfnetlink.x86_64 0:1.0.1-4.el7
perl.x86_64 4:5.16.3-292.el7 perl-Carp.noarch 0:1.26-244.el7
perl-Encode.x86_64 0:2.51-7.el7 perl-Exporter.noarch 0:5.68-3.el7
perl-File-Path.noarch 0:2.09-2.el7 perl-File-Temp.noarch 0:0.23.01-3.el7
perl-Filter.x86_64 0:1.49-3.el7 perl-Getopt-Long.noarch 0:2.40-2.el7
perl-HTTP-Tiny.noarch 0:0.033-3.el7 perl-PathTools.x86_64 0:3.40-5.el7
perl-Pod-Escapes.noarch 1:1.04-292.el7 perl-Pod-Perldoc.noarch 0:3.20-4.el7
perl-Pod-Simple.noarch 1:3.28-4.el7 perl-Pod-Usage.noarch 0:1.63-3.el7
perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 perl-Socket.x86_64 0:2.010-4.el7
perl-Storable.x86_64 0:2.45-3.el7 perl-Text-ParseWords.noarch 0:3.29-4.el7
perl-Time-HiRes.x86_64 4:1.9725-3.el7 perl-Time-Local.noarch 0:1.2300-2.el7
perl-constant.noarch 0:1.27-2.el7 perl-libs.x86_64 4:5.16.3-292.el7
perl-macros.x86_64 4:5.16.3-292.el7 perl-parent.noarch 1:0.225-244.el7
perl-podlators.noarch 0:2.5.1-3.el7 perl-threads.x86_64 0:1.87-4.el7
perl-threads-shared.x86_64 0:1.43-6.el7 vim-common.x86_64 2:7.4.160-2.el7
vim-filesystem.x86_64 2:7.4.160-2.el7 which.x86_64 0:2.20-7.el7

Complete!
[root@2f357316ddca /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.5 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:5 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:05 txqueuelen 0 (Ethernet)
RX packets 1806 bytes 28258678 (26.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1465 bytes 103699 (101.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@2f357316ddca /]# exit
exit

步骤二：另存为另外一个镜像

1）创建新建镜像
[root@docker1 docker_images]# docker start 8d07ecd7e345
//可以简写为8d，要保证唯一性
8d07ecd7e345
[root@docker1 docker_images]# docker commit 8d07ecd7e345 myos:v1
sha256:ac3f9c2e8c7e13db183636821783f997890029d687b694f5ce590a473ad82c5f

3）验证新建镜像
[root@docker1 docker_images]# docker run -it myos:v1
[root@497c7b4664bf /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.6 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:6 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:06 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7 bytes 578 (578.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

代码如下
先回放一下，那个2f才是我们要操作的镜像
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2f357316ddca centos “/bin/bash” About an hour ago Exited (0) 5 minutes ago loving_bartik
3b89902c3001 nginx:latest “nginx -g ‘daemon off” 5 hours ago Up About an hour 80/tcp desperate_borg
3b0d94d4bacd centos:latest “/bin/bash” 5 hours ago Up 5 hours silly_pasteur
cdfe1b4ffcca centos “/bin/bash” 5 hours ago Up 5 hours nauseous_dijkstra
另存为一下镜像
[root@docker1 docker_images]# docker start 2f
2f
[root@docker1 docker_images]# docker commit 2f357316ddca myos:v1
sha256:c698fb4a59102b1068fa35e2db6822ace643a2e83318268bb877a71015206fca
[root@docker1 docker_images]#
确认一下，这个myos就是我们刚才创建的镜像
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos v1 c698fb4a5910 43 seconds ago 317.7 MB
nginx latest dbfc48660aeb 27 hours ago 109.1 MB
centos latest 75835a67d134 7 days ago 200.4 MB
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
然后验证一下，用这个镜像，启动一个容器
[root@docker1 docker_images]# docker run -it myos:v1
[root@029680fbd1b3 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.6 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:6 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:06 txqueuelen 0 (Ethernet)
RX packets 6 bytes 508 (508.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 508 (508.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@029680fbd1b3 /]# exit
exit
别搞晕了，注意看那个IMAGE的内容
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
029680fbd1b3 myos:v1 “/bin/bash” 44 seconds ago Exited (0) 32 seconds ago determined_einstein
2f357316ddca centos “/bin/bash” About an hour ago Up 3 minutes loving_bartik
3b89902c3001 nginx:latest “nginx -g ‘daemon off” 5 hours ago Up About an hour 80/tcp desperate_borg
3b0d94d4bacd centos:latest “/bin/bash” 5 hours ago Up 5 hours silly_pasteur
cdfe1b4ffcca centos “/bin/bash” 5 hours ago Up 5 hours nauseous_dijkstra

步骤三：使用Dockerfile文件创建一个新的镜像文件

Dockerfile语法格式：
– FROM:基础镜像
– MAINTAINER:镜像创建者信息(说明)
– EXPOSE:开放的端口
– ENV:设置环境变量
– ADD:复制文件到镜像
– RUN:制作镜像时执行的命令,可以有多个
– WORKDIR:定义容器默认工作目录
– CMD:容器启动时执行的命令,仅可以有一条CMD
1）创建一个Apache的镜像文件
[root@docker1 ~]# mkdir oo
[root@docker1 ~]# cd oo
[root@docker1 oo]# touch Dockerfile //Dockerfile文件第一个字母要大写
[root@docker1 oo]# cp /etc/yum.repos.d/local.repo ./
[root@docker1 oo]# vi Dockerfile
FROM myos:v1
RUN yum -y install httpd
ENV EnvironmentFile=/etc/sysconfig/httpd
WORKDIR /var/www/html/ //定义容器默认工作目录
RUN echo “test” > /var/www/html/index.html
EXPOSE 80 //设置开放端口号
CMD [“/usr/sbin/httpd”, “-DFOREGROUND”]
[root@docker1 oo]# docker build -t myos:http .
[root@docker1 oo]# docker run -d myos:http
d9a5402709b26b42cd304c77be442559a5329dc784ec4f6c90e4abac1c88e206
[root@docker1 oo]# docker inspect d9
[root@docker1 oo]# curl 172.17.0.7
test
代码如下
创建文件夹并写好脚本
[root@docker1 ~]# mkdir oo
[root@docker1 ~]# cd oo
[root@docker1 oo]# touch Dockerfile
[root@docker1 oo]# cp /etc/yum.repos.d/local.repo ./
[root@docker1 oo]# ls
Dockerfile local.repo
[root@docker1 oo]# vim Dockerfile
[root@docker1 oo]#
[root@docker1 oo]# cat Dockerfile
FROM myos:v1
RUN yum -y install httpd
ENV EnvironmentFile=/etc/sysconfig/httpd
WORKDIR /var/www/html/
RUN echo “test” > /var/www/html/index.html
EXPOSE 80
CMD [“/usr/sbin/httpd”, “-DFOREGROUND”]

开始创建镜像
[root@docker1 oo]# docker build -t myos:http .
Sending build context to Docker daemon 3.072 kB
Step 1 : FROM myos:v1
—> c698fb4a5910
Step 2 : RUN yum -y install httpd
—> Running in d9cb6e5bc8b4
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
Resolving Dependencies
–> Running transaction check
—> Package httpd.x86_64 0:2.4.6-67.el7.centos will be installed
–> Processing Dependency: httpd-tools = 2.4.6-67.el7.centos for package: httpd-2.4.6-67.el7.centos.x86_64
–> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-67.el7.centos.x86_64
–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-67.el7.centos.x86_64
–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-67.el7.centos.x86_64
–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-67.el7.centos.x86_64
–> Running transaction check
—> Package apr.x86_64 0:1.4.8-3.el7 will be installed
—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
—> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
—> Package httpd-tools.x86_64 0:2.4.6-67.el7.centos will be installed
—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-67.el7.centos dvd 2.7 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7 dvd 103 k
apr-util x86_64 1.5.2-6.el7 dvd 92 k
centos-logos noarch 70.0.6-3.el7.centos dvd 21 M
httpd-tools x86_64 2.4.6-67.el7.centos dvd 87 k
mailcap noarch 2.1.41-2.el7 dvd 31 k

Transaction Summary
================================================================================
Install 1 Package (+5 Dependent packages)

Total download size: 24 M
Installed size: 32 M
Downloading packages:
——————————————————————————–
Total 44 MB/s | 24 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64 1/6
Installing : apr-util-1.5.2-6.el7.x86_64 2/6
Installing : httpd-tools-2.4.6-67.el7.centos.x86_64 3/6
Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/6
Installing : mailcap-2.1.41-2.el7.noarch 5/6
Installing : httpd-2.4.6-67.el7.centos.x86_64 6/6
Verifying : apr-1.4.8-3.el7.x86_64 1/6
Verifying : httpd-2.4.6-67.el7.centos.x86_64 2/6
Verifying : mailcap-2.1.41-2.el7.noarch 3/6
Verifying : httpd-tools-2.4.6-67.el7.centos.x86_64 4/6
Verifying : apr-util-1.5.2-6.el7.x86_64 5/6
Verifying : centos-logos-70.0.6-3.el7.centos.noarch 6/6

Installed:
httpd.x86_64 0:2.4.6-67.el7.centos

Dependency Installed:
apr.x86_64 0:1.4.8-3.el7
apr-util.x86_64 0:1.5.2-6.el7
centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-67.el7.centos
mailcap.noarch 0:2.1.41-2.el7

Complete!
—> 30bb477046d6
Removing intermediate container d9cb6e5bc8b4
Step 3 : ENV EnvironmentFile /etc/sysconfig/httpd
—> Running in ef6e27bf5193
—> d25198228cb8
Removing intermediate container ef6e27bf5193
Step 4 : WORKDIR /var/www/html/
—> Running in 4e3789dea966
—> 0895ae11d5c3
Removing intermediate container 4e3789dea966
Step 5 : RUN echo “test” > /var/www/html/index.html
—> Running in b718560ff97b
—> 0f42aa31bc01
Removing intermediate container b718560ff97b
Step 6 : EXPOSE 80
—> Running in 87ccc22b5dc3
—> 5ebc4c2a949f
Removing intermediate container 87ccc22b5dc3
Step 7 : CMD /usr/sbin/httpd -DFOREGROUND
—> Running in 60817d264dd4
—> 5edae862ee2e
Removing intermediate container 60817d264dd4
Successfully built 5edae862ee2e

确认一下镜像，这个5e就是我们刚才创建的镜像
[root@docker1 oo]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
myos http 5edae862ee2e 25 seconds ago 373 MB
myos v1 c698fb4a5910 20 hours ago 317.7 MB
nginx latest dbfc48660aeb 2 days ago 109.1 MB
centos latest 75835a67d134 8 days ago 200.4 MB
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB

就用刚才创建的镜像启动一个容器，查一下IP，然后访问一下试试看
[root@docker1 oo]# docker run -d myos:http
0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c
[root@docker1 oo]# docker inspect 04
[
{
“Id”: “0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c”,
“Created”: “2018-10-18T06:27:47.825416388Z”,
“Path”: “/usr/sbin/httpd”,
“Args”: [
“-DFOREGROUND”
],
“State”: {
“Status”: “running”,
“Running”: true,
“Paused”: false,
“Restarting”: false,
“OOMKilled”: false,
“Dead”: false,
“Pid”: 1809,
“ExitCode”: 0,
“Error”: “”,
“StartedAt”: “2018-10-18T06:27:50.298713344Z”,
“FinishedAt”: “0001-01-01T00:00:00Z”
},
“Image”: “sha256:5edae862ee2e7b7fec4459ac1c61628f94245afd507924b03a49a6d9c7d53972”,
“ResolvConfPath”: “/var/lib/docker/containers/0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c/resolv.conf”,
“HostnamePath”: “/var/lib/docker/containers/0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c/hostname”,
“HostsPath”: “/var/lib/docker/containers/0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c/hosts”,
“LogPath”: “/var/lib/docker/containers/0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c/0471288b2f917b2b8b3daa1591fcda60345802b3b74fe94095e6f922075e615c-json.log”,
“Name”: “/romantic_keller”,
“RestartCount”: 0,
“Driver”: “devicemapper”,
“MountLabel”: “”,
“ProcessLabel”: “”,
“AppArmorProfile”: “”,
“ExecIDs”: null,
“HostConfig”: {
“Binds”: null,
“ContainerIDFile”: “”,
“LogConfig”: {
“Type”: “json-file”,
“Config”: {}
},
“NetworkMode”: “default”,
“PortBindings”: {},
“RestartPolicy”: {
“Name”: “no”,
“MaximumRetryCount”: 0
},
“AutoRemove”: false,
“VolumeDriver”: “”,
“VolumesFrom”: null,
“CapAdd”: null,
“CapDrop”: null,
“Dns”: [],
“DnsOptions”: [],
“DnsSearch”: [],
“ExtraHosts”: null,
“GroupAdd”: null,
“IpcMode”: “”,
“Cgroup”: “”,
“Links”: null,
“OomScoreAdj”: 0,
“PidMode”: “”,
“Privileged”: false,
“PublishAllPorts”: false,
“ReadonlyRootfs”: false,
“SecurityOpt”: null,
“UTSMode”: “”,
“UsernsMode”: “”,
“ShmSize”: 67108864,
“Runtime”: “runc”,
“ConsoleSize”: [
0,
0
],
“Isolation”: “”,
“CpuShares”: 0,
“Memory”: 0,
“CgroupParent”: “”,
“BlkioWeight”: 0,
“BlkioWeightDevice”: null,
“BlkioDeviceReadBps”: null,
“BlkioDeviceWriteBps”: null,
“BlkioDeviceReadIOps”: null,
“BlkioDeviceWriteIOps”: null,
“CpuPeriod”: 0,
“CpuQuota”: 0,
“CpusetCpus”: “”,
“CpusetMems”: “”,
“Devices”: [],
“DiskQuota”: 0,
“KernelMemory”: 0,
“MemoryReservation”: 0,
“MemorySwap”: 0,
“MemorySwappiness”: -1,
“OomKillDisable”: false,
“PidsLimit”: 0,
“Ulimits”: null,
“CpuCount”: 0,
“CpuPercent”: 0,
“IOMaximumIOps”: 0,
“IOMaximumBandwidth”: 0
},
“GraphDriver”: {
“Name”: “devicemapper”,
“Data”: {
“DeviceId”: “54”,
“DeviceName”: “docker-253:1-8388784-7037d86754d1db7a5ea60253acdac8720a1bc7c863038a108f6364bc6c5a9ef6”,
“DeviceSize”: “10737418240”
}
},
“Mounts”: [],
“Config”: {
“Hostname”: “0471288b2f91”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“ExposedPorts”: {
“80/tcp”: {}
},
“Tty”: false,
“OpenStdin”: false,
“StdinOnce”: false,
“Env”: [
“PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”,
“EnvironmentFile=/etc/sysconfig/httpd”
],
“Cmd”: [
“/usr/sbin/httpd”,
“-DFOREGROUND”
],
“Image”: “myos:http”,
“Volumes”: null,
“WorkingDir”: “/var/www/html”,
“Entrypoint”: null,
“OnBuild”: null,
“Labels”: {
“org.label-schema.build-date”: “20181006”,
“org.label-schema.license”: “GPLv2”,
“org.label-schema.name”: “CentOS Base Image”,
“org.label-schema.schema-version”: “1.0”,
“org.label-schema.vendor”: “CentOS”
}
},
“NetworkSettings”: {
“Bridge”: “”,
“SandboxID”: “4ee191b3751a70e318101433c293548c7594e999ae1ca21682547bf066f8271b”,
“HairpinMode”: false,
“LinkLocalIPv6Address”: “”,
“LinkLocalIPv6PrefixLen”: 0,
“Ports”: {
“80/tcp”: null
},
“SandboxKey”: “/var/run/docker/netns/4ee191b3751a”,
“SecondaryIPAddresses”: null,
“SecondaryIPv6Addresses”: null,
“EndpointID”: “862c4e78cdebfe61d13301c5e8a0b2284efffda30d7fb75be6300f03ad715671”,
“Gateway”: “172.17.0.1”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“IPAddress”: “172.17.0.2”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“MacAddress”: “02:42:ac:11:00:02”,
“Networks”: {
“bridge”: {
“IPAMConfig”: null,
“Links”: null,
“Aliases”: null,
“NetworkID”: “c2e04f7ae7d41b43aa29667622f9c35966cb253e507fbec1bdbd9bc3be3228d8”,
“EndpointID”: “862c4e78cdebfe61d13301c5e8a0b2284efffda30d7fb75be6300f03ad715671”,
“Gateway”: “172.17.0.1”,
“IPAddress”: “172.17.0.2”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“MacAddress”: “02:42:ac:11:00:02”
}
}
}
}
]
[root@docker1 oo]# curl 172.17.0.2
test

2 案例2：创建私有镜像仓库
2.1 问题

本案例要求创建私有的镜像仓库：
Docker主机：192.168.1.20
镜像仓库服务器：192.168.1.10
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：自定义私有仓库

1）定义一个私有仓库
[root@docker1 oo]# vim /etc/docker/daemon.json //不写这个文件会报错
{
“insecure-registries” : [“192.168.1.10:5000”] //使用私有仓库运行容器
}
[root@docker1 oo]# systemctl restart docker
[root@docker1 oo]# docker run -d -p 5000:5000 registry
273be3d1f3280b392cf382f4b74fea53aed58968122eff69fd016f638505ee0e
[root@docker1 oo]# curl 192.168.1.10:5000/v2/
{} //出现括号
[root@docker1 oo]# docker tag busybox:latest 192.168.1.10:5000/busybox:latest
//打标签
[root@docker1 oo]# docker push 192.168.1.10:5000/busybox:latest //上传
[root@docker1 oo]# docker tag myos:http 192.168.1.10:5000/myos:http
[root@docker1 oo]# docker push 192.168.1.10:5000/myos:http
2）在docker2上面启动
[root@docker2 ~]# scp 192.168.1.10:/etc/docker/daemon.json /etc/docker/
[root@docker2 ~]# systemctl restart docker
[root@docker2 ~]# docker images
[root@docker2 ~]# docker run -it 192.168.1.10:5000/myos:http /bin/bash
//直接启动
步骤二：查看私有仓库

1）查看里面有什么镜像
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/_catalog
{“repositories”:[“busybox”,”myos”]}
2）查看里面的镜像标签
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/busybox/tags/list
{“name”:”busybox”,”tags”:[“latest”]}
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/myos/tags/list
{“name”:”myos”,”tags”:[“http”]}

代码如下
1、先自定义一个仓库
先写脚本，不写报错
[root@docker1 oo]# vim /etc/docker/daemon.json
[root@docker1 oo]# cat /etc/docker/daemon.json
[root@docker1 oo]# cat /etc/docker/daemon.json
{
“insecure-registries” : [“192.168.1.10:5000”]
}
重启docker
[root@docker1 oo]# systemctl restart docker

[root@docker1 oo]# vim /etc/docker/daemon.json
[root@docker1 oo]# systemctl restart docker
[root@docker1 oo]# cat /etc/docker/daemon.json
{
“insecure-registries” : [“192.168.1.10:5000”]
}
[root@docker1 oo]# docker run -d -p 5000:5000 registry
7881a129be72783171cf5ac7cce4cf1c22b8f26d3fec0b3bd90139f400238a08
[root@docker1 oo]# ls
Dockerfile local.repo
注意，仓库已经建好了，只是没东西
[root@docker1 oo]# curl 192.168.1.10:5000/v2/
{}[root@docker1 oo]#
打标签，然后传上去
[root@docker1 oo]# docker tag busybox:latest 192.168.1.10:5000/busybox:latest
[root@docker1 oo]# docker push 192.168.1.10:5000/busybox:latest
The push refers to a repository [192.168.1.10:5000/busybox]
8a788232037e: Pushed
latest: digest: sha256:e6565c8273423e967c96b5178139e95bee4bd6564700948bb756921c916b4fbe size: 527
[root@docker1 oo]# docker tag myos:http 192.168.1.10:5000/myos:http
[root@docker1 oo]# docker push 192.168.1.10:5000/myos:http
The push refers to a repository [192.168.1.10:5000/myos]
e90149009e40: Pushed
37f5e846905c: Pushed
c46032f6b564: Pushed
f972d139738d: Pushed
http: digest: sha256:5967dd8c1b9daf34ddaf1cab6b6f8bb0b2edfb991dbce374560b650859e2030f size: 1160

去另外一台机器docker2上面去操作
[root@docker2 ~]# scp 192.168.1.10:/etc/docker/daemon.json /etc/docker/
daemon.json 100% 51 3.0KB/s 00:00
[root@docker2 ~]# systemctl restart docker
先看一下，没有镜像在docker2上面
[root@docker2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
直接在docker2上面启动，它会自己拉镜像
[root@docker2 ~]# docker run -it 192.168.1.10:5000/myos:http /bin/bash
Unable to find image ‘192.168.1.10:5000/myos:http’ locally
http: Pulling from myos

6b21e5259373: Pull complete
3e5e4d7c465a: Pull complete
39c9f23bd4f1: Pull complete
7ff73e8de70f: Pull complete
Digest: sha256:5967dd8c1b9daf34ddaf1cab6b6f8bb0b2edfb991dbce374560b650859e2030f
Status: Downloaded newer image for 192.168.1.10:5000/myos:http
[root@e727361efaf5 html]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 12 bytes 1016 (1016.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 508 (508.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@e727361efaf5 html]# exit
exit
现在看一下，有镜像了
[root@docker2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.1.10:5000/myos http 5edae862ee2e 17 minutes ago 373 MB
[root@docker2 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e727361efaf5 192.168.1.10:5000/myos:http “/bin/bash” 15 seconds ago Exited (0) 7 seconds ago agitated_ptolemy

回到docker1，看一下刚才拉的镜像文件
先看下仓库里面的镜像
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/_catalog
{“repositories”:[“busybox”,”myos”]}
看下镜像里面的标签
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/myos/tags/list
{“name”:”myos”,”tags”:[“http”]}
[root@docker1 oo]# curl http://192.168.1.10:5000/v2/busybox/tags/list
{“name”:”busybox”,”tags”:[“latest”]}
[root@docker1 oo]#

3 案例3：NFS共享存储
3.1 问题

本案例要求创建NFS共享，能映射到容器里：
服务器创建NFS共享存储，共享目录为/content，权限为rw
客户端挂载共享，并将共享目录映射到容器中
3.2 方案

本方案要求需要一台NFS服务器（NFS用真机代替），ip为192.168.1.254，一台客户端docker1主机，ip为192.168.1.10，一台户端docker2主机，ip为192.168.1.20，实现客户端挂载共享，并将共享目录映射到容器中，docker1更新文件时，docker2实现同步更新，方案如图-2所示：

图-2
3.3 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置NFS服务器
[root@room9pc01 ~]# yum -y install nfs-utils
[root@room9pc01 ~]# mkdir /content
[root@room9pc01 ~]# vim /etc/exports
/content *(rw，no_root_squash)
[root@room9pc01 ~]# systemctl restart nfs-server.service
[root@room9pc01 ~]# systemctl restart nfs-secure.service
[root@room9pc01 ~]# exportfs -rv
exporting *:/content
[root@room9pc01 ~]# chmod 777 /content
[root@room9pc01 ~]# echo 11 > /content/index.html
步骤二：配置客户端

[root@docker1 oo]# yum -y install nfs-utils
[root@docker1 oo]# systemctl restart nfs-server.service
[root@docker1 oo]# showmount -e 192.168.1.254
Export list for 192.168.1.254:
/content *
[root@docker1 ~]# mkdir /mnt/qq
[root@docker1 ~]# mount -t nfs 192.168.1.254:/content /mnt/qq
[root@docker1 ~]# ls /mnt/qq
index.html
[root@docker1 ~]# cat /mnt/qq/index.html
11
[root@docker1 ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it myos:http
224248f0df5d795457c43c2a7dad0b7e5ec86abdc3f31d577e72f7929f020e01
[root@docker1 ~]# curl 192.168.1.10
11
[root@docker2 ~]# yum -y install nfs-utils
[root@docker2 ~]# showmount -e 192.168.1.254
Export list for 192.168.1.254:
/content *
[root@docker2 ~]# mkdir /mnt/qq
[root@docker2 ~]# mount -t nfs 192.168.1.254:/content /mnt/qq
[root@docker2 ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it 192.168.1.10:5000/myos:http
00346dabec2c7a12958da4b7fee6551020249cdcb111ad6a1058352d2838742a
[root@docker2 ~]# curl 192.168.1.20
11
[root@docker1 ~]# touch /mnt/qq/a.sh
[root@docker1 ~]# echo 22 > /mnt/qq/index.html
[root@docker2 ~]#ls /mnt/qq/
a.sh index.html
[root@docker2 ~]# cat /mnt/qq/index.html
22

1、在真机上配置NFS服务器
[root@room9pc52 ~]# mkdir /content2
[root@room9pc52 ~]# cat /etc/exports
/content/ 172.25.254.0/24(ro)
/content2/ *(rw,no_root_squash)
[root@room9pc52 ~]# systemctl restart nfs-server
[root@room9pc52 ~]# systemctl restart nfs-secure
[root@room9pc52 ~]# exportfs -rv
exporting 172.25.254.0/24:/var/lib/libvirt/images/content
exporting *:/content2
[root@room9pc52 ~]# chmod 777 /content2
[root@room9pc52 ~]# echo 11 > /content2/index.html
[root@room9pc52 ~]# cat /content2/index.html
11

2、配置客户端
在docker1上面操作
先安装NFS组件
[root@docker1 oo]# yum install -y nfs-utils
已加载插件：fastestmirror
base | 3.6 kB 00:00:00
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
12: Timeout on http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock: (28, ‘Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds’)
extras | 3.4 kB 00:00:00
loca | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
updates/7/x86_64/primary_db | 6.0 MB 00:00:02
Loading mirror speeds from cached hostfile
* base: centos.ustc.edu.cn
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
正在解决依赖关系
–> 正在检查事务
—> 软件包 nfs-utils.x86_64.1.1.3.0-0.54.el7 将被安装
–> 正在处理依赖关系 libtirpc >= 0.2.4-0.7，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 gssproxy >= 0.7.0-3，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 rpcbind，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 quota，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libnfsidmap，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libevent，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 keyutils，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libtirpc.so.1()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libnfsidmap.so.0()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libevent-2.0.so.5()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在检查事务
—> 软件包 gssproxy.x86_64.0.0.7.0-17.el7 将被安装
–> 正在处理依赖关系 libini_config >= 1.3.1-28，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libverto-module-base，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libref_array.so.1(REF_ARRAY_0.1.1)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3(INI_CONFIG_1.2.0)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3(INI_CONFIG_1.1.0)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libref_array.so.1()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libcollection.so.2()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libbasicobjects.so.0()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
—> 软件包 keyutils.x86_64.0.1.5.8-3.el7 将被安装
—> 软件包 libevent.x86_64.0.2.0.21-4.el7 将被安装
—> 软件包 libnfsidmap.x86_64.0.0.25-19.el7 将被安装
—> 软件包 libtirpc.x86_64.0.0.2.4-0.10.el7 将被安装
—> 软件包 quota.x86_64.1.4.01-17.el7 将被安装
–> 正在处理依赖关系 quota-nls = 1:4.01-17.el7，它被软件包 1:quota-4.01-17.el7.x86_64 需要
–> 正在处理依赖关系 tcp_wrappers，它被软件包 1:quota-4.01-17.el7.x86_64 需要
—> 软件包 rpcbind.x86_64.0.0.2.0-44.el7 将被安装
–> 正在检查事务
—> 软件包 libbasicobjects.x86_64.0.0.1.1-29.el7 将被安装
—> 软件包 libcollection.x86_64.0.0.7.0-29.el7 将被安装
—> 软件包 libini_config.x86_64.0.1.3.1-29.el7 将被安装
–> 正在处理依赖关系 libpath_utils.so.1(PATH_UTILS_0.2.1)(64bit)，它被软件包 libini_config-1.3.1-29.el7.x86_64 需要
–> 正在处理依赖关系 libpath_utils.so.1()(64bit)，它被软件包 libini_config-1.3.1-29.el7.x86_64 需要
—> 软件包 libref_array.x86_64.0.0.1.5-29.el7 将被安装
—> 软件包 libverto-libevent.x86_64.0.0.2.5-4.el7 将被安装
—> 软件包 quota-nls.noarch.1.4.01-17.el7 将被安装
—> 软件包 tcp_wrappers.x86_64.0.7.6-77.el7 将被安装
–> 正在检查事务
—> 软件包 libpath_utils.x86_64.0.0.2.1-29.el7 将被安装
–> 处理 gssproxy-0.7.0-17.el7.x86_64 与 selinux-policy < 3.13.1-166.el7.noarch 的冲突
–> 正在使用新的信息重新解决依赖关系
–> 正在检查事务
—> 软件包 selinux-policy.noarch.0.3.13.1-166.el7 将被升级
–> 正在处理依赖关系 selinux-policy = 3.13.1-166.el7，它被软件包 selinux-policy-targeted-3.13.1-166.el7.noarch 需要
–> 正在处理依赖关系 selinux-policy = 3.13.1-166.el7，它被软件包 selinux-policy-targeted-3.13.1-166.el7.noarch 需要
—> 软件包 selinux-policy.noarch.0.3.13.1-192.el7_5.6 将被更新
–> 正在检查事务
—> 软件包 selinux-policy-targeted.noarch.0.3.13.1-166.el7 将被升级
—> 软件包 selinux-policy-targeted.noarch.0.3.13.1-192.el7_5.6 将被更新
–> 解决依赖关系完成

依赖关系解决

================================================================================================================================
Package 架构版本源大小
================================================================================================================================
正在安装:
nfs-utils x86_64 1:1.3.0-0.54.el7 base 407 k
正在更新:
selinux-policy noarch 3.13.1-192.el7_5.6 updates 453 k
为依赖而安装:
gssproxy x86_64 0.7.0-17.el7 base 108 k
keyutils x86_64 1.5.8-3.el7 base 54 k
libbasicobjects x86_64 0.1.1-29.el7 base 25 k
libcollection x86_64 0.7.0-29.el7 base 41 k
libevent x86_64 2.0.21-4.el7 base 214 k
libini_config x86_64 1.3.1-29.el7 base 63 k
libnfsidmap x86_64 0.25-19.el7 base 50 k
libpath_utils x86_64 0.2.1-29.el7 base 28 k
libref_array x86_64 0.1.5-29.el7 base 26 k
libtirpc x86_64 0.2.4-0.10.el7 base 88 k
libverto-libevent x86_64 0.2.5-4.el7 base 8.9 k
quota x86_64 1:4.01-17.el7 base 179 k
quota-nls noarch 1:4.01-17.el7 base 90 k
rpcbind x86_64 0.2.0-44.el7 base 59 k
tcp_wrappers x86_64 7.6-77.el7 base 78 k
为依赖而更新:
selinux-policy-targeted noarch 3.13.1-192.el7_5.6 updates 6.6 M

事务概要
================================================================================================================================
安装 1 软件包 (+15 依赖软件包)
升级 1 软件包 (+ 1 依赖软件包)

总下载量：8.5 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/18): keyutils-1.5.8-3.el7.x86_64.rpm | 54 kB 00:00:00
(2/18): gssproxy-0.7.0-17.el7.x86_64.rpm | 108 kB 00:00:01
(3/18): libbasicobjects-0.1.1-29.el7.x86_64.rpm | 25 kB 00:00:00
(4/18): libcollection-0.7.0-29.el7.x86_64.rpm | 41 kB 00:00:00
(5/18): libini_config-1.3.1-29.el7.x86_64.rpm | 63 kB 00:00:00
(6/18): libevent-2.0.21-4.el7.x86_64.rpm | 214 kB 00:00:00
(7/18): libnfsidmap-0.25-19.el7.x86_64.rpm | 50 kB 00:00:00
(8/18): libpath_utils-0.2.1-29.el7.x86_64.rpm | 28 kB 00:00:00
(9/18): libref_array-0.1.5-29.el7.x86_64.rpm | 26 kB 00:00:00
(10/18): libtirpc-0.2.4-0.10.el7.x86_64.rpm | 88 kB 00:00:00
(11/18): libverto-libevent-0.2.5-4.el7.x86_64.rpm | 8.9 kB 00:00:00
(12/18): nfs-utils-1.3.0-0.54.el7.x86_64.rpm | 407 kB 00:00:00
(13/18): quota-4.01-17.el7.x86_64.rpm | 179 kB 00:00:00
(14/18): quota-nls-4.01-17.el7.noarch.rpm | 90 kB 00:00:00
(15/18): rpcbind-0.2.0-44.el7.x86_64.rpm | 59 kB 00:00:00
(16/18): tcp_wrappers-7.6-77.el7.x86_64.rpm | 78 kB 00:00:00
(17/18): selinux-policy-3.13.1-192.el7_5.6.noarch.rpm | 453 kB 00:00:01
(18/18): selinux-policy-targeted-3.13.1-192.el7_5.6.noarch.rpm | 6.6 MB 00:00:02
——————————————————————————————————————————–
总计 1.6 MB/s | 8.5 MB 00:00:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : libbasicobjects-0.1.1-29.el7.x86_64 1/20
正在安装 : libref_array-0.1.5-29.el7.x86_64 2/20
正在安装 : libcollection-0.7.0-29.el7.x86_64 3/20
正在安装 : libevent-2.0.21-4.el7.x86_64 4/20
正在安装 : libtirpc-0.2.4-0.10.el7.x86_64 5/20
正在安装 : rpcbind-0.2.0-44.el7.x86_64 6/20
正在安装 : libverto-libevent-0.2.5-4.el7.x86_64 7/20
正在安装 : libpath_utils-0.2.1-29.el7.x86_64 8/20
正在安装 : libini_config-1.3.1-29.el7.x86_64 9/20
正在安装 : gssproxy-0.7.0-17.el7.x86_64 10/20
正在安装 : tcp_wrappers-7.6-77.el7.x86_64 11/20
正在安装 : keyutils-1.5.8-3.el7.x86_64 12/20
正在安装 : libnfsidmap-0.25-19.el7.x86_64 13/20
正在更新 : selinux-policy-3.13.1-192.el7_5.6.noarch 14/20
正在安装 : 1:quota-nls-4.01-17.el7.noarch 15/20
正在安装 : 1:quota-4.01-17.el7.x86_64 16/20
正在安装 : 1:nfs-utils-1.3.0-0.54.el7.x86_64 17/20
正在更新 : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 18/20
清理 : selinux-policy-targeted-3.13.1-166.el7.noarch 19/20
清理 : selinux-policy-3.13.1-166.el7.noarch 20/20
验证中 : 1:quota-nls-4.01-17.el7.noarch 1/20
验证中 : libini_config-1.3.1-29.el7.x86_64 2/20
验证中 : selinux-policy-3.13.1-192.el7_5.6.noarch 3/20
验证中 : libtirpc-0.2.4-0.10.el7.x86_64 4/20
验证中 : libnfsidmap-0.25-19.el7.x86_64 5/20
验证中 : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 6/20
验证中 : libevent-2.0.21-4.el7.x86_64 7/20
验证中 : keyutils-1.5.8-3.el7.x86_64 8/20
验证中 : libverto-libevent-0.2.5-4.el7.x86_64 9/20
验证中 : tcp_wrappers-7.6-77.el7.x86_64 10/20
验证中 : gssproxy-0.7.0-17.el7.x86_64 11/20
验证中 : libcollection-0.7.0-29.el7.x86_64 12/20
验证中 : rpcbind-0.2.0-44.el7.x86_64 13/20
验证中 : 1:nfs-utils-1.3.0-0.54.el7.x86_64 14/20
验证中 : libref_array-0.1.5-29.el7.x86_64 15/20
验证中 : 1:quota-4.01-17.el7.x86_64 16/20
验证中 : libpath_utils-0.2.1-29.el7.x86_64 17/20
验证中 : libbasicobjects-0.1.1-29.el7.x86_64 18/20
验证中 : selinux-policy-3.13.1-166.el7.noarch 19/20
验证中 : selinux-policy-targeted-3.13.1-166.el7.noarch 20/20

已安装:
nfs-utils.x86_64 1:1.3.0-0.54.el7

作为依赖被安装:
gssproxy.x86_64 0:0.7.0-17.el7 keyutils.x86_64 0:1.5.8-3.el7 libbasicobjects.x86_64 0:0.1.1-29.el7
libcollection.x86_64 0:0.7.0-29.el7 libevent.x86_64 0:2.0.21-4.el7 libini_config.x86_64 0:1.3.1-29.el7
libnfsidmap.x86_64 0:0.25-19.el7 libpath_utils.x86_64 0:0.2.1-29.el7 libref_array.x86_64 0:0.1.5-29.el7
libtirpc.x86_64 0:0.2.4-0.10.el7 libverto-libevent.x86_64 0:0.2.5-4.el7 quota.x86_64 1:4.01-17.el7
quota-nls.noarch 1:4.01-17.el7 rpcbind.x86_64 0:0.2.0-44.el7 tcp_wrappers.x86_64 0:7.6-77.el7

更新完毕:
selinux-policy.noarch 0:3.13.1-192.el7_5.6

作为依赖被升级:
selinux-policy-targeted.noarch 0:3.13.1-192.el7_5.6

完毕！

将真机上创建的/content2挂载到虚拟机
[root@docker1 oo]# systemctl restart nfs-server
[root@docker1 oo]# showmount -e 192.168.1.254
Export list for 192.168.1.254:
/content2 *
/var/lib/libvirt/images/content 172.25.254.0/24
[root@docker1 oo]# mkdir /mnt/qq
[root@docker1 oo]# mount -t nfs 192.168.1.254:/content2 /mnt/qq
[root@docker1 oo]# ls /mnt/qq
index.html
[root@docker1 oo]# cat /mnt/qq/index.html
11
[root@docker1 oo]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it 192.168.1.10:5000/myos:http
c51b61e6a923753beb31f2b710e4c17298f0e140372fa6568d575e7865d88f5b
[root@docker1 oo]# curl 192.168.1.10
11
[root@docker1 oo]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c51b61e6a923 192.168.1.10:5000/myos:http “/usr/sbin/httpd -DFO” 22 seconds ago Up 19 seconds 0.0.0.0:80->80/tcp mad_liskov
7881a129be72 registry “/entrypoint.sh /etc/” 2 hours ago Up 2 hours 0.0.0.0:5000->5000/tcp condescending_kirch
[root@docker1 oo]#

现在换到docker2上来操作
[root@docker2 ~]# yum install -y nfs-utils
已加载插件：fastestmirror
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
loca | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
updates/7/x86_64/primary_db | 6.0 MB 00:00:02
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.cn99.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 nfs-utils.x86_64.1.1.3.0-0.54.el7 将被安装
–> 正在处理依赖关系 libtirpc >= 0.2.4-0.7，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 gssproxy >= 0.7.0-3，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 rpcbind，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 quota，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libnfsidmap，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libevent，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 keyutils，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libtirpc.so.1()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libnfsidmap.so.0()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在处理依赖关系 libevent-2.0.so.5()(64bit)，它被软件包 1:nfs-utils-1.3.0-0.54.el7.x86_64 需要
–> 正在检查事务
—> 软件包 gssproxy.x86_64.0.0.7.0-17.el7 将被安装
–> 正在处理依赖关系 libini_config >= 1.3.1-28，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libverto-module-base，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libref_array.so.1(REF_ARRAY_0.1.1)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3(INI_CONFIG_1.2.0)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3(INI_CONFIG_1.1.0)(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libref_array.so.1()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libini_config.so.3()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libcollection.so.2()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
–> 正在处理依赖关系 libbasicobjects.so.0()(64bit)，它被软件包 gssproxy-0.7.0-17.el7.x86_64 需要
—> 软件包 keyutils.x86_64.0.1.5.8-3.el7 将被安装
—> 软件包 libevent.x86_64.0.2.0.21-4.el7 将被安装
—> 软件包 libnfsidmap.x86_64.0.0.25-19.el7 将被安装
—> 软件包 libtirpc.x86_64.0.0.2.4-0.10.el7 将被安装
—> 软件包 quota.x86_64.1.4.01-17.el7 将被安装
–> 正在处理依赖关系 quota-nls = 1:4.01-17.el7，它被软件包 1:quota-4.01-17.el7.x86_64 需要
–> 正在处理依赖关系 tcp_wrappers，它被软件包 1:quota-4.01-17.el7.x86_64 需要
—> 软件包 rpcbind.x86_64.0.0.2.0-44.el7 将被安装
–> 正在检查事务
—> 软件包 libbasicobjects.x86_64.0.0.1.1-29.el7 将被安装
—> 软件包 libcollection.x86_64.0.0.7.0-29.el7 将被安装
—> 软件包 libini_config.x86_64.0.1.3.1-29.el7 将被安装
–> 正在处理依赖关系 libpath_utils.so.1(PATH_UTILS_0.2.1)(64bit)，它被软件包 libini_config-1.3.1-29.el7.x86_64 需要
–> 正在处理依赖关系 libpath_utils.so.1()(64bit)，它被软件包 libini_config-1.3.1-29.el7.x86_64 需要
—> 软件包 libref_array.x86_64.0.0.1.5-29.el7 将被安装
—> 软件包 libverto-libevent.x86_64.0.0.2.5-4.el7 将被安装
—> 软件包 quota-nls.noarch.1.4.01-17.el7 将被安装
—> 软件包 tcp_wrappers.x86_64.0.7.6-77.el7 将被安装
–> 正在检查事务
—> 软件包 libpath_utils.x86_64.0.0.2.1-29.el7 将被安装
–> 处理 gssproxy-0.7.0-17.el7.x86_64 与 selinux-policy < 3.13.1-166.el7.noarch 的冲突
–> 正在使用新的信息重新解决依赖关系
–> 正在检查事务
—> 软件包 selinux-policy.noarch.0.3.13.1-166.el7 将被升级
–> 正在处理依赖关系 selinux-policy = 3.13.1-166.el7，它被软件包 selinux-policy-targeted-3.13.1-166.el7.noarch 需要
–> 正在处理依赖关系 selinux-policy = 3.13.1-166.el7，它被软件包 selinux-policy-targeted-3.13.1-166.el7.noarch 需要
—> 软件包 selinux-policy.noarch.0.3.13.1-192.el7_5.6 将被更新
–> 正在检查事务
—> 软件包 selinux-policy-targeted.noarch.0.3.13.1-166.el7 将被升级
—> 软件包 selinux-policy-targeted.noarch.0.3.13.1-192.el7_5.6 将被更新
–> 解决依赖关系完成

依赖关系解决

总下载量：8.5 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/18): keyutils-1.5.8-3.el7.x86_64.rpm | 54 kB 00:00:00
(2/18): gssproxy-0.7.0-17.el7.x86_64.rpm | 108 kB 00:00:00
(3/18): libbasicobjects-0.1.1-29.el7.x86_64.rpm | 25 kB 00:00:00
(4/18): libcollection-0.7.0-29.el7.x86_64.rpm | 41 kB 00:00:00
(5/18): libini_config-1.3.1-29.el7.x86_64.rpm | 63 kB 00:00:00
(6/18): libevent-2.0.21-4.el7.x86_64.rpm | 214 kB 00:00:00
(7/18): libnfsidmap-0.25-19.el7.x86_64.rpm | 50 kB 00:00:00
(8/18): libpath_utils-0.2.1-29.el7.x86_64.rpm | 28 kB 00:00:00
(9/18): libref_array-0.1.5-29.el7.x86_64.rpm | 26 kB 00:00:00
(10/18): libtirpc-0.2.4-0.10.el7.x86_64.rpm | 88 kB 00:00:00
(11/18): libverto-libevent-0.2.5-4.el7.x86_64.rpm | 8.9 kB 00:00:00
(12/18): nfs-utils-1.3.0-0.54.el7.x86_64.rpm | 407 kB 00:00:00
(13/18): quota-4.01-17.el7.x86_64.rpm | 179 kB 00:00:00
(14/18): quota-nls-4.01-17.el7.noarch.rpm | 90 kB 00:00:00
(15/18): rpcbind-0.2.0-44.el7.x86_64.rpm | 59 kB 00:00:00
(16/18): tcp_wrappers-7.6-77.el7.x86_64.rpm | 78 kB 00:00:00
(17/18): selinux-policy-3.13.1-192.el7_5.6.noarch.rpm | 453 kB 00:00:01
(18/18): selinux-policy-targeted-3.13.1-192.el7_5.6.noarch.rpm | 6.6 MB 00:00:02
——————————————————————————————————————————–
总计 1.6 MB/s | 8.5 MB 00:00:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : libbasicobjects-0.1.1-29.el7.x86_64 1/20
正在安装 : libref_array-0.1.5-29.el7.x86_64 2/20
正在安装 : libcollection-0.7.0-29.el7.x86_64 3/20
正在安装 : libevent-2.0.21-4.el7.x86_64 4/20
正在安装 : libtirpc-0.2.4-0.10.el7.x86_64 5/20
正在安装 : rpcbind-0.2.0-44.el7.x86_64 6/20
正在安装 : libverto-libevent-0.2.5-4.el7.x86_64 7/20
正在安装 : libpath_utils-0.2.1-29.el7.x86_64 8/20
正在安装 : libini_config-1.3.1-29.el7.x86_64 9/20
正在安装 : gssproxy-0.7.0-17.el7.x86_64 10/20
正在安装 : tcp_wrappers-7.6-77.el7.x86_64 11/20
正在安装 : keyutils-1.5.8-3.el7.x86_64 12/20
正在安装 : libnfsidmap-0.25-19.el7.x86_64 13/20
正在更新 : selinux-policy-3.13.1-192.el7_5.6.noarch 14/20
正在安装 : 1:quota-nls-4.01-17.el7.noarch 15/20
正在安装 : 1:quota-4.01-17.el7.x86_64 16/20
正在安装 : 1:nfs-utils-1.3.0-0.54.el7.x86_64 17/20
正在更新 : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 18/20
清理 : selinux-policy-targeted-3.13.1-166.el7.noarch 19/20
清理 : selinux-policy-3.13.1-166.el7.noarch 20/20
验证中 : 1:quota-nls-4.01-17.el7.noarch 1/20
验证中 : libini_config-1.3.1-29.el7.x86_64 2/20
验证中 : selinux-policy-3.13.1-192.el7_5.6.noarch 3/20
验证中 : libtirpc-0.2.4-0.10.el7.x86_64 4/20
验证中 : libnfsidmap-0.25-19.el7.x86_64 5/20
验证中 : selinux-policy-targeted-3.13.1-192.el7_5.6.noarch 6/20
验证中 : libevent-2.0.21-4.el7.x86_64 7/20
验证中 : keyutils-1.5.8-3.el7.x86_64 8/20
验证中 : libverto-libevent-0.2.5-4.el7.x86_64 9/20
验证中 : tcp_wrappers-7.6-77.el7.x86_64 10/20
验证中 : gssproxy-0.7.0-17.el7.x86_64 11/20
验证中 : libcollection-0.7.0-29.el7.x86_64 12/20
验证中 : rpcbind-0.2.0-44.el7.x86_64 13/20
验证中 : 1:nfs-utils-1.3.0-0.54.el7.x86_64 14/20
验证中 : libref_array-0.1.5-29.el7.x86_64 15/20
验证中 : 1:quota-4.01-17.el7.x86_64 16/20
验证中 : libpath_utils-0.2.1-29.el7.x86_64 17/20
验证中 : libbasicobjects-0.1.1-29.el7.x86_64 18/20
验证中 : selinux-policy-3.13.1-166.el7.noarch 19/20
验证中 : selinux-policy-targeted-3.13.1-166.el7.noarch 20/20

已安装:
nfs-utils.x86_64 1:1.3.0-0.54.el7

更新完毕:
selinux-policy.noarch 0:3.13.1-192.el7_5.6

作为依赖被升级:
selinux-policy-targeted.noarch 0:3.13.1-192.el7_5.6

完毕！
挂载并创建容器
[root@docker2 ~]# showmount -e 192.168.1.254
Export list for 192.168.1.254:
/content2 *
/var/lib/libvirt/images/content 172.25.254.0/24
[root@docker2 ~]# mkdir /mnt/qq
[root@docker2 ~]# mount -t nfs 192.168.1.254:/content2 /mnt/qq
[root@docker2 ~]# ll /mnt/qq
总用量 4
-rw-r–r– 1 root root 3 10月 18 16:13 index.html
[root@docker2 ~]# cat /mnt/qq/index.html
11
[root@docker2 ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it 192.168.1.10:5000/myos:http
4914bb905d07dc51f679af0a1da0ee2a13633d9720e34f77d01d7c4f0a864976
[root@docker2 ~]# curl 192.168.1.20
11
[root@docker2 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4914bb905d07 192.168.1.10:5000/myos:http “/usr/sbin/httpd -DFO” 49 seconds ago Up 46 seconds 0.0.0.0:80->80/tcp boring_davinci

关键的地方来了，NFS全两个容器共享的
在docker1上面，修改挂载的内容
[root@docker1 oo]# touch /mnt/qq/a.sh
[root@docker1 oo]# echo 22 >/mnt/qq/index.html
[root@docker1 oo]# curl 192.168.1.10
22
来到docker2，可以看到，也已经被修改了，因为共享的是一块盘
[root@docker2 ~]# ls /mnt/qq
a.sh index.html
[root@docker2 ~]# cat /mnt/qq/index.html
22
[root@docker2 ~]# curl 192.168.1.20
22

4 案例4：创建自定义网桥
4.1 问题

本案例要求：
创建网桥设备docker01
设定网段为172.30.0.0/16
启动nginx容器，nginx容器桥接docker01设备
映射真实机8080端口与容器的80端口
4.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：新建Docker网络模型

1）新建docker1网络模型
[root@docker1 ~]# docker network create –subnet=172.30.0.0/16 docker01
c9cf26f911ef2dccb1fd1f670a6c51491e72b49133246f6428dd732c44109462
[root@docker1 ~]# docker network list
NETWORK ID NAME DRIVER SCOPE
bc189673f959 bridge bridge local
6622752788ea docker01 bridge local
53bf43bdd584 host host local
ac52d3151ba8 none null local
[root@docker1 ~]# ip a s
[root@docker1 ~]# docker network inspect docker01
[
{
“Name”: “docker01”,
“Id”: “c9cf26f911ef2dccb1fd1f670a6c51491e72b49133246f6428dd732c44109462”,
“Scope”: “local”,
“Driver”: “bridge”,
“EnableIPv6”: false,
“IPAM”: {
“Driver”: “default”,
“Options”: {},
“Config”: [
{
“Subnet”: “172.30.0.0/16”
}
]
},
“Internal”: false,
“Containers”: {},
“Options”: {},
“Labels”: {}
}
]
2）使用自定义网桥启动容器
[root@docker1 ~]# docker run –network=docker01 -id nginx
3）端口映射
[root@docker1 ~]# docker run -p 8080:80 -id nginx
e523b386f9d6194e53d0a5b6b8f5ab4984d062896bab10639e41aef657cb2a53
[root@docker1 ~]# curl 192.168.1.10:8080
步骤二：扩展实验

1）新建一个网络模型docker02
[root@docker1 ~]# docker network create –driver bridge docker02
//新建一个名为docker02的网络模型
5496835bd3f53ac220ce3d8be71ce6afc919674711ab3f94e6263b9492c7d2cc
[root@docker1 ~]# ifconfig
//但是在用ifconfig命令查看的时候，显示的名字并不是docker02，而是br-5496835bd3f5
br-5496835bd3f5: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:89:6a:a2:72 txqueuelen 0 (Ethernet)
RX packets 8 bytes 496 (496.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 496 (496.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker1 ~]# docker network list //查看显示docker02（查看加粗字样）
NETWORK ID NAME DRIVER SCOPE
bc189673f959 bridge bridge local
5496835bd3f5 docker02 bridge local
53bf43bdd584 host host local
ac52d3151ba8 none null local
2）若要解决使用ifconfig命令可以看到docker02的问题，可以执行以下几步命令
[root@docker1 ~]# docker network list //查看docker0的NETWORK ID（加粗字样）
NETWORK ID NAME DRIVER SCOPE
bc189673f959 bridge bridge local
5496835bd3f5 docker02 bridge local
53bf43bdd584 host host local
ac52d3151ba8 none null local
3）查看16dc92e55023的信息，如图-3所示：
[root@docker2 ~]# docker network inspect bc189673f959

图-3
4）查看图片的倒数第六行有”com.docker.network.bridge.name”: “docker0″字样
5）把刚刚创建的docker02网桥删掉
[root@docker1 ~]# docker network rm docker02 //删除docker02
docker02
[root@docker1 ~]# docker network create \
docker02 -o com.docker.network.bridge.name=docker02
//创建docker02网桥
648bd5da03606d5a1a395c098662b5f820b9400c6878e2582a7ce754c8c05a3a
[root@docker1 ~]# ifconfig //ifconfig查看有docker02
docker02: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:94:27:a0:43 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
6）若想在创建docker03的时候自定义网段（之前已经创建过docker01和02，这里用docker03），执行以下命令
[root@docker1 ~]# docker network create docker03 –subnet=172.30.0.0/16 -o com.docker.network.bridge.name=docker03
f003aa1c0fa20c81e4f73c12dcc79262f1f1d67589d7440175ea01dc0be4d03c
[root@docker1 ~]# ifconfig //ifconfig查看，显示的是自己定义的网段
docker03: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.30.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:27:9b:95:b3 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

代码如下
先创建一个docker01网桥，网段设置为172.30.0.0/16
[root@docker1 oo]# docker network create –subnet=172.30.0.0/16 docker01
2e0cf6d4339563626f532ec13e15c6305f69cb1cb4dd8154812caaf17a083f99
[root@docker1 oo]# docker network list
NETWORK ID NAME DRIVER SCOPE
f4e72bc4fa54 bridge bridge local
2e0cf6d43395 docker01 bridge local
6a011995dd07 host host local
ab00cd5184a5 none null local
[root@docker1 oo]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:c2:e0:da brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fec2:e0da/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:21:3e:ef:66 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:21ff:fe3e:ef66/64 scope link
valid_lft forever preferred_lft forever
11: veth0dbf9c6@if10: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether da:d3:ae:80:a2:a7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::d8d3:aeff:fe80:a2a7/64 scope link
valid_lft forever preferred_lft forever
15: vethaca4ee2@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP
link/ether a6:5f:ce:40:07:8d brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::a45f:ceff:fe40:78d/64 scope link
valid_lft forever preferred_lft forever
16: br-2e0cf6d43395: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:9f:87:55:03 brd ff:ff:ff:ff:ff:ff
inet 172.30.0.1/16 scope global br-2e0cf6d43395
valid_lft forever preferred_lft forever
[root@docker1 oo]#
[root@docker1 oo]# docker network inspect docker01
[
{
“Name”: “docker01”,
“Id”: “2e0cf6d4339563626f532ec13e15c6305f69cb1cb4dd8154812caaf17a083f99”,
“Scope”: “local”,
“Driver”: “bridge”,
“EnableIPv6”: false,
“IPAM”: {
“Driver”: “default”,
“Options”: {},
“Config”: [
{
“Subnet”: “172.30.0.0/16”
}
]
},
“Internal”: false,
“Containers”: {},
“Options”: {},
“Labels”: {}
}
]

使用刚才自定义的网桥创建一个容器
[root@docker1 oo]# docker run –network=docker01 -id nginx
12aaca174ba86a662ddb7422acaa885c5e4d9abe5fe00d5d1a07d4b7d85c1671

再创建一个容器（跟上面的容器没有任何关系！），但是着一个做一个端口映射
[root@docker1 oo]# docker run -p 8080:80 -id nginx
e02fdcb6bacb5a097a7f44a852d5c328b61d004a8e3d897949753f2eb5473d36
访问一下试试看
[root@docker1 oo]# curl 192.168.1.10:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href=”http://nginx.org/”>nginx.org</a>.<br/>
Commercial support is available at
<a href=”http://nginx.com/”>nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

拓展实验
[root@docker1 oo]# docker network create –driver bridge docker02
24b74c4ccfebfcb55e5b6dd15ff323a2623a756699ed7d5d6338c22aad7a7272
[root@docker1 oo]# ifconfig
br-24b74c4ccfeb: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:f6:3a:dc:4c txqueuelen 0 (Ethernet)
RX packets 25565 bytes 42485271 (40.5 MiB)
RX errors 0 dropped 19 overruns 0 frame 0
TX packets 15633 bytes 146315270 (139.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

br-2e0cf6d43395: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.30.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:9fff:fe87:5503 prefixlen 64 scopeid 0x20<link>
ether 02:42:9f:87:55:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1296 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:21ff:fe3e:ef66 prefixlen 64 scopeid 0x20<link>
ether 02:42:21:3e:ef:66 txqueuelen 0 (Ethernet)
RX packets 14045 bytes 145641611 (138.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 18775 bytes 172406369 (164.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fec2:e0da prefixlen 64 scopeid 0x20<link>
ether 52:54:00:c2:e0:da txqueuelen 1000 (Ethernet)
RX packets 25565 bytes 42485271 (40.5 MiB)
RX errors 0 dropped 19 overruns 0 frame 0
TX packets 15633 bytes 146315270 (139.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 2 bytes 196 (196.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2 bytes 196 (196.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

veth0dbf9c6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::d8d3:aeff:fe80:a2a7 prefixlen 64 scopeid 0x20<link>
ether da:d3:ae:80:a2:a7 txqueuelen 0 (Ethernet)
RX packets 13272 bytes 145783958 (139.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 17694 bytes 146814855 (140.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

veth5622b41: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::b408:27ff:fe07:5ffa prefixlen 64 scopeid 0x20<link>
ether b6:08:27:07:5f:fa txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1296 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

vethaca4ee2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::a45f:ceff:fe40:78d prefixlen 64 scopeid 0x20<link>
ether a6:5f:ce:40:07:8d txqueuelen 0 (Ethernet)
RX packets 20 bytes 1844 (1.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 34 bytes 2508 (2.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

vethf1388a5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::54cf:61ff:fe1d:b94 prefixlen 64 scopeid 0x20<link>
ether 56:cf:61:1d:0b:94 txqueuelen 0 (Ethernet)
RX packets 15 bytes 1920 (1.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 17 bytes 1283 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
##################################################
注意细节，虽然创建的是docker02，但是显示的名称是ID号24b74
[root@docker1 oo]# docker network create –driver bridge docker02
24b74c4ccfebfcb55e5b6dd15ff323a2623a756699ed7d5d6338c22aad7a7272
[root@docker1 oo]# ifconfig
br-24b74c4ccfeb: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:f6:3a:dc:4c txqueuelen 0 (Ethernet)
RX packets 25565 bytes 42485271 (40.5 MiB)
RX errors 0 dropped 19 overruns 0 frame 0
TX packets 15633 bytes 146315270 (139.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

那如何解决这个问题，那就要在创建网桥时指定名称
[root@docker1 oo]# docker network list
NETWORK ID NAME DRIVER SCOPE
f4e72bc4fa54 bridge bridge local
2e0cf6d43395 docker01 bridge local
24b74c4ccfeb docker02 bridge local
6a011995dd07 host host local
ab00cd5184a5 none null local

[root@docker1 oo]# docker network list
NETWORK ID NAME DRIVER SCOPE
f4e72bc4fa54 bridge bridge local
2e0cf6d43395 docker01 bridge local
24b74c4ccfeb docker02 bridge local
6a011995dd07 host host local
ab00cd5184a5 none null local
[root@docker1 oo]#
[root@docker1 oo]# docker network inspect 24b
[
{
“Name”: “docker02”,
“Id”: “24b74c4ccfebfcb55e5b6dd15ff323a2623a756699ed7d5d6338c22aad7a7272”,
“Scope”: “local”,
“Driver”: “bridge”,
“EnableIPv6”: false,
“IPAM”: {
“Driver”: “default”,
“Options”: {},
“Config”: [
{
“Subnet”: “172.18.0.0/16”,
“Gateway”: “172.18.0.1/16”
}
]
},
“Internal”: false,
“Containers”: {},
“Options”: {},
“Labels”: {}
}
]
删除原来的网桥
[root@docker1 oo]# docker network rm docker02
docker02
重新创建的时候指定名称为docker02
[root@docker1 oo]# docker network create docker02 -o com.docker.network.bridge.name=docker02
100619b52f2d3ebb9f6982ffcf9289a610300c46bcdf460c77d2356c7dc7d013
[root@docker1 oo]# ifconfig
br-2e0cf6d43395: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.30.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:9fff:fe87:5503 prefixlen 64 scopeid 0x20<link>
ether 02:42:9f:87:55:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1296 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

docker02: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:ed:81:39:9e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

同样，再次查看一下
[root@docker1 oo]# docker network create docker03 –subnet=172.70.0.0/16 -o com.docker.network.bridge.name=docker03
676c05910a3ff4b0849c394dfdfe4a2ea026c270b91d8e0961e45a66e9730914
[root@docker1 oo]# ifconfig docker03
docker03: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.70.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:c3:4b:f4:31 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

发表在 Docker | 标签为 docker | 留下评论

Docker01-安装部署Docker

发表于2018年10月19日由toky, jim

1 案例1：安装Docker
1.1 问题

本案例要求配置yum源并安装Docker：
准备两台虚拟机，IP为192.168.1.10和192.168.1.20
安装docker-engine 和 docker-engine-selinux
关闭防火墙
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置yum源

1）配置第三方yum源（真机操作）
[root@room9pc01 ~]# mkdir /var/ftp/docker
[root@room9pc01 ~]# mv docker-engine-* /var/ftp/docker
[root@room9pc01 ~]# ls /var/ftp/docker
docker-engine-1.12.1-1.el7.centos.x86_64.rpm
docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm
[root@room9pc01 ~]# createrepo /var/ftp/docker/
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 1 pkgs
Spawning worker 2 with 0 pkgs
Spawning worker 3 with 0 pkgs
Spawning worker 4 with 0 pkgs
Spawning worker 5 with 0 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
2）配置IP（虚拟机配置静态ip）docker1和docker2主机同样操作
[root@localhost ~]# echo docker1 > /etc/hostname
[root@localhost ~]# hostname docker1
[root@localhost ~]# echo docker2 > /etc/hostname
[root@localhost ~]# hostname docker2
[root@docker1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=”192.168.1.10″
PREFIX=24
GATEWAY=192.168.1.254
[root@docker1 ~]# systemctl restart network
[root@docker2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=”192.168.1.20″
PREFIX=24
GATEWAY=192.168.1.254
[root@docker1 ~]# systemctl restart network
3）配置yum客户端（docker1和docker2主机同样操作）
[root@docker1 ~]# vim /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[loca]
name=local
baseurl=”ftp://192.168.1.254/docker”
enabled=1
gpgcheck=0

[root@docker2 ~]# vim /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[loca]
name=local
baseurl=”ftp://192.168.1.254/docker”
enabled=1
gpgcheck=0
4）安装docker（docker1和docker2主机同样操作）
[root@docker1 ~]# yum -y install docker-engine
[root@docker1 ~]# systemctl restart docker
[root@docker1 ~]# systemctl enable docker
[root@docker1 ~]# ifconfig //有docker0说明环境部署完成
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:3e:e7:3f:6e txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker2 ~]# docker version //查看版本

[root@docker2 ~]# yum -y install docker-engine
[root@docker2 ~]# systemctl restart docker
[root@docker2 ~]# systemctl enable docker
[root@docker2 ~]# ifconfig //有docker0说明环境部署完成
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:53:82:b9:d4 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@docker2 ~]# docker version //查看版本

代码如下
准备好软件包，然后创建个FTP目录，拷贝过去
[root@room9pc52 ~]# mkdir /var/ftp/docker

[root@room9pc52 docker 1]# ll
总用量 271692
-rwxrwxrwx 1 root root 4168 7月 13 01:01 docker_01.txt
-rwxrwxrwx 1 root root 19917380 7月 13 01:01 docker-engine-1.12.1-1.el7.centos.x86_64.rpm
-rwxrwxrwx 1 root root 28860 7月 13 01:01 docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm
-rwxrwxrwx 1 root root 258246973 7月 13 01:02 docker_images.zip

[root@room9pc52 docker 1]# cp docker-engine-* /var/ftp/docker/

[root@room9pc52 docker 1]# ll /var/ftp/docker/
总用量 19484
-rwxr-xr-x 1 root root 19917380 10月 16 10:56 docker-engine-1.12.1-1.el7.centos.x86_64.rpm
-rwxr-xr-x 1 root root 28860 10月 16 10:56 docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm

配置yum源
[root@room9pc52 docker 1]# cd /var/ftp/docker/
[root@room9pc52 docker]# ls
docker-engine-1.12.1-1.el7.centos.x86_64.rpm
docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm
[root@room9pc52 docker]# createrepo /var/ftp/docker/
Spawning worker 0 with 1 pkgs
Spawning worker 1 with 1 pkgs
Spawning worker 2 with 0 pkgs
Spawning worker 3 with 0 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@room9pc52 docker]# ls
docker-engine-1.12.1-1.el7.centos.x86_64.rpm repodata
docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm

准备2台虚拟机，直接模版克隆就行了，改下IP，主机名，配置YUM源，具体按如下操作
创建2台虚拟机，前端镜像名为docker1.img和docker2.img
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 docker1.img
Formatting ‘docker1.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img info docker1.img
image: docker1.img
file format: qcow2
virtual size: 16G (17179869184 bytes)
disk size: 196K
cluster_size: 65536
backing file: node.qcow2
Format specific information:
compat: 1.1
lazy refcounts: false
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 docker2.img
Formatting ‘docker2.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img info docker2.img
image: docker2.img
file format: qcow2
virtual size: 16G (17179869184 bytes)
disk size: 196K
cluster_size: 65536
backing file: node.qcow2
Format specific information:
compat: 1.1
lazy refcounts: false

编辑xml文件，注意内存稍微给大一点，我都给的4G
[root@room9pc52 images]# cd /etc/libvirt/qemu/
[root@room9pc52 qemu]# sed ‘s/node/docker1/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/docker1.xml
[root@room9pc52 qemu]# vim docker1.xml
[root@room9pc52 qemu]# sed ‘s/node/docker2/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemu/docker2.xml
[root@room9pc52 qemu]# vim docker2.xml

此处就贴1个xml文件，另一个大同小异，名字改一下就行了
[root@room9pc52 qemu]# cat docker1.xml
<!–
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit docker1
or other application using the libvirt API.
–>

<domain type=’kvm’>
<name>docker1</name>
<memory unit=’KiB’>4096000</memory>
<currentMemory unit=’KiB’>4096000</currentMemory>
<vcpu placement=’static’>2</vcpu>
<os>
<type arch=’x86_64′ machine=’pc-i440fx-rhel7.0.0′>hvm</type>
<boot dev=’hd’/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode=’custom’ match=’exact’ check=’partial’>
<model fallback=’allow’>Skylake-Client-IBRS</model>
</cpu>
<clock offset=’utc’>
<timer name=’rtc’ tickpolicy=’catchup’/>
<timer name=’pit’ tickpolicy=’delay’/>
<timer name=’hpet’ present=’no’/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled=’no’/>
<suspend-to-disk enabled=’no’/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type=’file’ device=’disk’>
<driver name=’qemu’ type=’qcow2’/>
<source file=’/var/lib/libvirt/images/docker1.img’/>
<target dev=’vda’ bus=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x07′ function=’0x0’/>
</disk>
<controller type=’usb’ index=’0′ model=’ich9-ehci1′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x7’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci1′>
<master startport=’0’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x0′ multifunction=’on’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci2′>
<master startport=’2’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x1’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci3′>
<master startport=’4’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x2’/>
</controller>
<controller type=’pci’ index=’0′ model=’pci-root’/>
<controller type=’virtio-serial’ index=’0′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x0’/>
</controller>
<interface type=’network’>
<source network=’vbr’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x03′ function=’0x0’/>
</interface>
<serial type=’pty’>
<target type=’isa-serial’ port=’0′>
<model name=’isa-serial’/>
</target>
</serial>
<console type=’pty’>
<target type=’serial’ port=’0’/>
</console>
<channel type=’unix’>
<target type=’virtio’ name=’org.qemu.guest_agent.0’/>
<address type=’virtio-serial’ controller=’0′ bus=’0′ port=’1’/>
</channel>
<channel type=’spicevmc’>
<target type=’virtio’ name=’com.redhat.spice.0’/>
<address type=’virtio-serial’ controller=’0′ bus=’0′ port=’2’/>
</channel>
<input type=’tablet’ bus=’usb’>
<address type=’usb’ bus=’0′ port=’1’/>
</input>
<input type=’mouse’ bus=’ps2’/>
<input type=’keyboard’ bus=’ps2’/>
<graphics type=’spice’ autoport=’yes’>
<listen type=’address’/>
<image compression=’off’/>
</graphics>
<sound model=’ich6′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x04′ function=’0x0’/>
</sound>
<video>
<model type=’qxl’ ram=’65536′ vram=’65536′ vgamem=’16384′ heads=’1′ primary=’yes’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x02′ function=’0x0’/>
</video>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’2’/>
</redirdev>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’3’/>
</redirdev>
<memballoon model=’virtio’>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x08′ function=’0x0’/>
</memballoon>
</devices>
</domain>

virsh console分别连上去，开始准备docker环境
1）配置虚拟IP和主机名
docker1主机
[root@localhost ~]# cat /etc/hostname
docker1

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
TYPE=Ethernet
IPADDR=”192.168.1.10″
PREFIX=”24″
GATEWAY=”192.168.1.254″

[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fec2:e0da prefixlen 64 scopeid 0x20<link>
ether 52:54:00:c2:e0:da txqueuelen 1000 (Ethernet)
RX packets 217 bytes 16965 (16.5 KiB)
RX errors 0 dropped 11 overruns 0 frame 0
TX packets 67 bytes 5639 (5.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

docker2主机
[root@room9pc52 qemu]# virsh console docker2
连接到域 docker2
换码符为 ^]

CentOS Linux 7 (Core)
Kernel 3.10.0-693.el7.x86_64 on an x86_64

localhost login: root
Password:
[root@localhost ~]# echo docker2 > /etc/hostname
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=”static”
TYPE=Ethernet
IPADDR=”192.168.1.20″
PREFIX=”24″
GATEWAY=”192.168.1.254″
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.20 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe26:5133 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:26:51:33 txqueuelen 1000 (Ethernet)
RX packets 599 bytes 38926 (38.0 KiB)
RX errors 0 dropped 9 overruns 0 frame 0
TX packets 119 bytes 9791 (9.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

为了方便下面的演示，把2台虚拟机都重启一下

配置YUM源（把自带的YUM源删掉）
(注意，第一个系统源要导入密钥，但是我们做模板机的时候已经导入了，所以就不做了)
DOCKER1
[root@docker1 ~]# cd /etc/yum.repos.d/
[root@docker1 yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo dvd.repo
[root@docker1 yum.repos.d]# rm -rf dvd.repo
[root@docker1 yum.repos.d]# vim /etc/yum.repos.d/local.repo
[root@docker1 yum.repos.d]# cat /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[loca]
name=local
baseurl=”ftp://192.168.1.254/docker”
enabled=1
gpgcheck=0
[root@docker1 yum.repos.d]# yum repolist
已加载插件：fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
loca | 2.9 kB 00:00
local_repo | 3.6 kB 00:00
updates | 3.4 kB 00:00
(1/7): loca/primary_db | 3.4 kB 00:00
(2/7): local_repo/group_gz | 156 kB 00:00
(3/7): local_repo/primary_db | 5.7 MB 00:00
(4/7): base/7/x86_64/group_gz | 166 kB 00:00
(5/7): extras/7/x86_64/primary_db | 204 kB 00:00
(6/7): base/7/x86_64/primary_db | 5.9 MB 00:01
(7/7): updates/7/x86_64/primary_db | 6.0 MB 00:13
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
源标识源名称状态
base/7/x86_64 CentOS-7 – Base 9,911
extras/7/x86_64 CentOS-7 – Extras 432
loca local 2
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,551
repolist: 21,487

DOCKER2
[root@docker2 yum.repos.d]# yum repolist
已加载插件：fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
loca | 2.9 kB 00:00
local_repo | 3.6 kB 00:00
updates | 3.4 kB 00:00
(1/4): base/7/x86_64/group_gz | 166 kB 00:00
(2/4): extras/7/x86_64/primary_db | 204 kB 00:00
(3/4): base/7/x86_64/primary_db | 5.9 MB 00:01
(4/4): updates/7/x86_64/primary_db | 6.0 MB 00:12
Determining fastest mirrors
* base: mirrors.163.com
* extras: mirrors.cn99.com
* updates: mirrors.163.com
源标识源名称状态
base/7/x86_64 CentOS-7 – Base 9,911
extras/7/x86_64 CentOS-7 – Extras 432
loca local 2
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,551
repolist: 21,487

安装DOCKER（2台虚拟机都要安装）
[root@docker1 ~]# yum install -y docker-engine
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
正在解决依赖关系
–> 正在检查事务
—> 软件包 docker-engine.x86_64.0.1.12.1-1.el7.centos 将被安装
–> 正在处理依赖关系 docker-engine-selinux >= 1.12.1-1.el7.centos，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在处理依赖关系 libcgroup，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在处理依赖关系 libltdl.so.7()(64bit)，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在检查事务
—> 软件包 docker-engine-selinux.noarch.0.1.12.1-1.el7.centos 将被安装
–> 正在处理依赖关系 policycoreutils-python，它被软件包 docker-engine-selinux-1.12.1-1.el7.centos.noarch 需要
—> 软件包 libcgroup.x86_64.0.0.41-15.el7 将被安装
—> 软件包 libtool-ltdl.x86_64.0.2.4.2-22.el7_3 将被安装
–> 正在检查事务
—> 软件包 policycoreutils-python.x86_64.0.2.5-22.el7 将被安装
–> 正在处理依赖关系 policycoreutils = 2.5-22.el7，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 setools-libs >= 3.3.8-2，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libsemanage-python >= 2.5-9，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 audit-libs-python >= 2.1.3-4，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 python-IPy，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1(VERS_1.4)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1(VERS_1.2)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libapol.so.4(VERS_4.0)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 checkpolicy，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1()(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libapol.so.4()(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在检查事务
—> 软件包 audit-libs-python.x86_64.0.2.8.1-3.el7_5.1 将被安装
–> 正在处理依赖关系 audit-libs(x86-64) = 2.8.1-3.el7_5.1，它被软件包 audit-libs-python-2.8.1-3.el7_5.1.x86_64 需要
—> 软件包 checkpolicy.x86_64.0.2.5-6.el7 将被安装
—> 软件包 libsemanage-python.x86_64.0.2.5-11.el7 将被安装
–> 正在处理依赖关系 libsemanage = 2.5-11.el7，它被软件包 libsemanage-python-2.5-11.el7.x86_64 需要
—> 软件包 policycoreutils.x86_64.0.2.5-17.1.el7 将被升级
—> 软件包 policycoreutils.x86_64.0.2.5-22.el7 将被更新
–> 正在处理依赖关系 libsepol >= 2.5-8，它被软件包 policycoreutils-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libselinux-utils >= 2.5-12，它被软件包 policycoreutils-2.5-22.el7.x86_64 需要
—> 软件包 python-IPy.noarch.0.0.75-6.el7 将被安装
—> 软件包 setools-libs.x86_64.0.3.3.8-2.el7 将被安装
–> 正在处理依赖关系 libselinux >= 2.5-12，它被软件包 setools-libs-3.3.8-2.el7.x86_64 需要
–> 正在检查事务
—> 软件包 audit-libs.x86_64.0.2.7.6-3.el7 将被升级
–> 正在处理依赖关系 audit-libs(x86-64) = 2.7.6-3.el7，它被软件包 audit-2.7.6-3.el7.x86_64 需要
—> 软件包 audit-libs.x86_64.0.2.8.1-3.el7_5.1 将被更新
—> 软件包 libselinux.x86_64.0.2.5-11.el7 将被升级
–> 正在处理依赖关系 libselinux(x86-64) = 2.5-11.el7，它被软件包 libselinux-python-2.5-11.el7.x86_64 需要
—> 软件包 libselinux.x86_64.0.2.5-12.el7 将被更新
—> 软件包 libselinux-utils.x86_64.0.2.5-11.el7 将被升级
—> 软件包 libselinux-utils.x86_64.0.2.5-12.el7 将被更新
—> 软件包 libsemanage.x86_64.0.2.5-8.el7 将被升级
—> 软件包 libsemanage.x86_64.0.2.5-11.el7 将被更新
—> 软件包 libsepol.x86_64.0.2.5-6.el7 将被升级
—> 软件包 libsepol.x86_64.0.2.5-8.1.el7 将被更新
–> 正在检查事务
—> 软件包 audit.x86_64.0.2.7.6-3.el7 将被升级
—> 软件包 audit.x86_64.0.2.8.1-3.el7_5.1 将被更新
—> 软件包 libselinux-python.x86_64.0.2.5-11.el7 将被升级
—> 软件包 libselinux-python.x86_64.0.2.5-12.el7 将被更新
–> 解决依赖关系完成

依赖关系解决

================================================================================
Package 架构版本源大小
================================================================================
正在安装:
docker-engine x86_64 1.12.1-1.el7.centos loca 19 M
为依赖而安装:
audit-libs-python x86_64 2.8.1-3.el7_5.1 updates 75 k
checkpolicy x86_64 2.5-6.el7 base 294 k
docker-engine-selinux noarch 1.12.1-1.el7.centos loca 28 k
libcgroup x86_64 0.41-15.el7 base 65 k
libsemanage-python x86_64 2.5-11.el7 base 112 k
libtool-ltdl x86_64 2.4.2-22.el7_3 base 49 k
policycoreutils-python x86_64 2.5-22.el7 base 454 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-2.el7 base 619 k
为依赖而更新:
audit x86_64 2.8.1-3.el7_5.1 updates 247 k
audit-libs x86_64 2.8.1-3.el7_5.1 updates 99 k
libselinux x86_64 2.5-12.el7 base 162 k
libselinux-python x86_64 2.5-12.el7 base 235 k
libselinux-utils x86_64 2.5-12.el7 base 151 k
libsemanage x86_64 2.5-11.el7 base 150 k
libsepol x86_64 2.5-8.1.el7 base 297 k
policycoreutils x86_64 2.5-22.el7 base 867 k

事务概要
================================================================================
安装 1 软件包 (+9 依赖软件包)
升级 ( 8 依赖软件包)

总下载量：23 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/18): docker-engine-1.12.1-1.el7.centos.x86_64.rpm | 19 MB 00:00
(2/18): docker-engine-selinux-1.12.1-1.el7.centos.noarch.r | 28 kB 00:00
(3/18): audit-libs-2.8.1-3.el7_5.1.x86_64.rpm | 99 kB 00:00
(4/18): audit-2.8.1-3.el7_5.1.x86_64.rpm | 247 kB 00:00
(5/18): checkpolicy-2.5-6.el7.x86_64.rpm | 294 kB 00:00
(6/18): libcgroup-0.41-15.el7.x86_64.rpm | 65 kB 00:00
(7/18): libselinux-2.5-12.el7.x86_64.rpm | 162 kB 00:00
(8/18): libselinux-utils-2.5-12.el7.x86_64.rpm | 151 kB 00:00
(9/18): libsemanage-2.5-11.el7.x86_64.rpm | 150 kB 00:00
(10/18): libselinux-python-2.5-12.el7.x86_64.rpm | 235 kB 00:00
(11/18): libsemanage-python-2.5-11.el7.x86_64.rpm | 112 kB 00:00
(12/18): libsepol-2.5-8.1.el7.x86_64.rpm | 297 kB 00:00
(13/18): libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm | 49 kB 00:00
(14/18): policycoreutils-2.5-22.el7.x86_64.rpm | 867 kB 00:00
(15/18): policycoreutils-python-2.5-22.el7.x86_64.rpm | 454 kB 00:00
(16/18): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00
(17/18): setools-libs-3.3.8-2.el7.x86_64.rpm | 619 kB 00:00
(18/18): audit-libs-python-2.8.1-3.el7_5.1.x86_64.rpm | 75 kB 00:01
——————————————————————————–
总计 15 MB/s | 23 MB 00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : libsepol-2.5-8.1.el7.x86_64 1/26
正在更新 : libselinux-2.5-12.el7.x86_64 2/26
正在更新 : audit-libs-2.8.1-3.el7_5.1.x86_64 3/26
正在更新 : libsemanage-2.5-11.el7.x86_64 4/26
正在更新 : libselinux-utils-2.5-12.el7.x86_64 5/26
正在更新 : policycoreutils-2.5-22.el7.x86_64 6/26
正在安装 : libcgroup-0.41-15.el7.x86_64 7/26
正在安装 : libsemanage-python-2.5-11.el7.x86_64 8/26
正在安装 : audit-libs-python-2.8.1-3.el7_5.1.x86_64 9/26
正在更新 : libselinux-python-2.5-12.el7.x86_64 10/26
正在安装 : setools-libs-3.3.8-2.el7.x86_64 11/26
正在安装 : checkpolicy-2.5-6.el7.x86_64 12/26
正在安装 : libtool-ltdl-2.4.2-22.el7_3.x86_64 13/26
正在安装 : python-IPy-0.75-6.el7.noarch 14/26
正在安装 : policycoreutils-python-2.5-22.el7.x86_64 15/26
正在安装 : docker-engine-selinux-1.12.1-1.el7.centos.noarch 16/26
setsebool: SELinux is disabled.
Re-declaration of type docker_t
Failed to create node
Bad type declaration at /etc/selinux/targeted/tmp/modules/400/docker/cil:1
/usr/sbin/semodule: Failed!
正在安装 : docker-engine-1.12.1-1.el7.centos.x86_64 17/26
正在更新 : audit-2.8.1-3.el7_5.1.x86_64 18/26
清理 : policycoreutils-2.5-17.1.el7.x86_64 19/26
清理 : libsemanage-2.5-8.el7.x86_64 20/26
清理 : libselinux-utils-2.5-11.el7.x86_64 21/26
清理 : audit-2.7.6-3.el7.x86_64 22/26
清理 : libselinux-python-2.5-11.el7.x86_64 23/26
清理 : libselinux-2.5-11.el7.x86_64 24/26
清理 : libsepol-2.5-6.el7.x86_64 25/26
清理 : audit-libs-2.7.6-3.el7.x86_64 26/26
验证中 : docker-engine-selinux-1.12.1-1.el7.centos.noarch 1/26
验证中 : docker-engine-1.12.1-1.el7.centos.x86_64 2/26
验证中 : libsemanage-2.5-11.el7.x86_64 3/26
验证中 : libselinux-python-2.5-12.el7.x86_64 4/26
验证中 : setools-libs-3.3.8-2.el7.x86_64 5/26
验证中 : audit-libs-python-2.8.1-3.el7_5.1.x86_64 6/26
验证中 : libsemanage-python-2.5-11.el7.x86_64 7/26
验证中 : policycoreutils-2.5-22.el7.x86_64 8/26
验证中 : audit-2.8.1-3.el7_5.1.x86_64 9/26
验证中 : policycoreutils-python-2.5-22.el7.x86_64 10/26
验证中 : python-IPy-0.75-6.el7.noarch 11/26
验证中 : libtool-ltdl-2.4.2-22.el7_3.x86_64 12/26
验证中 : libcgroup-0.41-15.el7.x86_64 13/26
验证中 : audit-libs-2.8.1-3.el7_5.1.x86_64 14/26
验证中 : libsepol-2.5-8.1.el7.x86_64 15/26
验证中 : libselinux-2.5-12.el7.x86_64 16/26
验证中 : libselinux-utils-2.5-12.el7.x86_64 17/26
验证中 : checkpolicy-2.5-6.el7.x86_64 18/26
验证中 : libselinux-utils-2.5-11.el7.x86_64 19/26
验证中 : libselinux-2.5-11.el7.x86_64 20/26
验证中 : audit-libs-2.7.6-3.el7.x86_64 21/26
验证中 : audit-2.7.6-3.el7.x86_64 22/26
验证中 : libsepol-2.5-6.el7.x86_64 23/26
验证中 : libsemanage-2.5-8.el7.x86_64 24/26
验证中 : libselinux-python-2.5-11.el7.x86_64 25/26
验证中 : policycoreutils-2.5-17.1.el7.x86_64 26/26

已安装:
docker-engine.x86_64 0:1.12.1-1.el7.centos

作为依赖被安装:
audit-libs-python.x86_64 0:2.8.1-3.el7_5.1
checkpolicy.x86_64 0:2.5-6.el7
docker-engine-selinux.noarch 0:1.12.1-1.el7.centos
libcgroup.x86_64 0:0.41-15.el7
libsemanage-python.x86_64 0:2.5-11.el7
libtool-ltdl.x86_64 0:2.4.2-22.el7_3
policycoreutils-python.x86_64 0:2.5-22.el7
python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-2.el7

作为依赖被升级:
audit.x86_64 0:2.8.1-3.el7_5.1 audit-libs.x86_64 0:2.8.1-3.el7_5.1
libselinux.x86_64 0:2.5-12.el7 libselinux-python.x86_64 0:2.5-12.el7
libselinux-utils.x86_64 0:2.5-12.el7 libsemanage.x86_64 0:2.5-11.el7
libsepol.x86_64 0:2.5-8.1.el7 policycoreutils.x86_64 0:2.5-22.el7

完毕！
[root@docker1 ~]# systemctl restart docker
[root@docker1 ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

验证，能够看到docker0网卡说明一切正常
[root@docker1 ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:b2:94:cf:75 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@docker1 ~]# docker version
Client:
Version: 1.12.1
API version: 1.24
Go version: go1.6.3
Git commit: 23cf638
Built:
OS/Arch: linux/amd64

Server:
Version: 1.12.1
API version: 1.24
Go version: go1.6.3
Git commit: 23cf638
Built:
OS/Arch: linux/amd64

第二台虚拟机
[root@docker2 ~]# yum install -y docker-engine
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.cn99.com
* updates: mirrors.163.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 docker-engine.x86_64.0.1.12.1-1.el7.centos 将被安装
–> 正在处理依赖关系 docker-engine-selinux >= 1.12.1-1.el7.centos，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在处理依赖关系 libcgroup，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在处理依赖关系 libltdl.so.7()(64bit)，它被软件包 docker-engine-1.12.1-1.el7.centos.x86_64 需要
–> 正在检查事务
—> 软件包 docker-engine-selinux.noarch.0.1.12.1-1.el7.centos 将被安装
–> 正在处理依赖关系 policycoreutils-python，它被软件包 docker-engine-selinux-1.12.1-1.el7.centos.noarch 需要
—> 软件包 libcgroup.x86_64.0.0.41-15.el7 将被安装
—> 软件包 libtool-ltdl.x86_64.0.2.4.2-22.el7_3 将被安装
–> 正在检查事务
—> 软件包 policycoreutils-python.x86_64.0.2.5-22.el7 将被安装
–> 正在处理依赖关系 policycoreutils = 2.5-22.el7，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 setools-libs >= 3.3.8-2，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libsemanage-python >= 2.5-9，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 audit-libs-python >= 2.1.3-4，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 python-IPy，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1(VERS_1.4)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1(VERS_1.2)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libapol.so.4(VERS_4.0)(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 checkpolicy，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libqpol.so.1()(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libapol.so.4()(64bit)，它被软件包 policycoreutils-python-2.5-22.el7.x86_64 需要
–> 正在检查事务
—> 软件包 audit-libs-python.x86_64.0.2.8.1-3.el7_5.1 将被安装
–> 正在处理依赖关系 audit-libs(x86-64) = 2.8.1-3.el7_5.1，它被软件包 audit-libs-python-2.8.1-3.el7_5.1.x86_64 需要
—> 软件包 checkpolicy.x86_64.0.2.5-6.el7 将被安装
—> 软件包 libsemanage-python.x86_64.0.2.5-11.el7 将被安装
–> 正在处理依赖关系 libsemanage = 2.5-11.el7，它被软件包 libsemanage-python-2.5-11.el7.x86_64 需要
—> 软件包 policycoreutils.x86_64.0.2.5-17.1.el7 将被升级
—> 软件包 policycoreutils.x86_64.0.2.5-22.el7 将被更新
–> 正在处理依赖关系 libsepol >= 2.5-8，它被软件包 policycoreutils-2.5-22.el7.x86_64 需要
–> 正在处理依赖关系 libselinux-utils >= 2.5-12，它被软件包 policycoreutils-2.5-22.el7.x86_64 需要
—> 软件包 python-IPy.noarch.0.0.75-6.el7 将被安装
—> 软件包 setools-libs.x86_64.0.3.3.8-2.el7 将被安装
–> 正在处理依赖关系 libselinux >= 2.5-12，它被软件包 setools-libs-3.3.8-2.el7.x86_64 需要
–> 正在检查事务
—> 软件包 audit-libs.x86_64.0.2.7.6-3.el7 将被升级
–> 正在处理依赖关系 audit-libs(x86-64) = 2.7.6-3.el7，它被软件包 audit-2.7.6-3.el7.x86_64 需要
—> 软件包 audit-libs.x86_64.0.2.8.1-3.el7_5.1 将被更新
—> 软件包 libselinux.x86_64.0.2.5-11.el7 将被升级
–> 正在处理依赖关系 libselinux(x86-64) = 2.5-11.el7，它被软件包 libselinux-python-2.5-11.el7.x86_64 需要
—> 软件包 libselinux.x86_64.0.2.5-12.el7 将被更新
—> 软件包 libselinux-utils.x86_64.0.2.5-11.el7 将被升级
—> 软件包 libselinux-utils.x86_64.0.2.5-12.el7 将被更新
—> 软件包 libsemanage.x86_64.0.2.5-8.el7 将被升级
—> 软件包 libsemanage.x86_64.0.2.5-11.el7 将被更新
—> 软件包 libsepol.x86_64.0.2.5-6.el7 将被升级
—> 软件包 libsepol.x86_64.0.2.5-8.1.el7 将被更新
–> 正在检查事务
—> 软件包 audit.x86_64.0.2.7.6-3.el7 将被升级
—> 软件包 audit.x86_64.0.2.8.1-3.el7_5.1 将被更新
—> 软件包 libselinux-python.x86_64.0.2.5-11.el7 将被升级
—> 软件包 libselinux-python.x86_64.0.2.5-12.el7 将被更新
–> 解决依赖关系完成

依赖关系解决

======================================================================================================
Package 架构版本源大小
======================================================================================================
正在安装:
docker-engine x86_64 1.12.1-1.el7.centos loca 19 M
为依赖而安装:
audit-libs-python x86_64 2.8.1-3.el7_5.1 updates 75 k
checkpolicy x86_64 2.5-6.el7 base 294 k
docker-engine-selinux noarch 1.12.1-1.el7.centos loca 28 k
libcgroup x86_64 0.41-15.el7 base 65 k
libsemanage-python x86_64 2.5-11.el7 base 112 k
libtool-ltdl x86_64 2.4.2-22.el7_3 base 49 k
policycoreutils-python x86_64 2.5-22.el7 base 454 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-2.el7 base 619 k
为依赖而更新:
audit x86_64 2.8.1-3.el7_5.1 updates 247 k
audit-libs x86_64 2.8.1-3.el7_5.1 updates 99 k
libselinux x86_64 2.5-12.el7 base 162 k
libselinux-python x86_64 2.5-12.el7 base 235 k
libselinux-utils x86_64 2.5-12.el7 base 151 k
libsemanage x86_64 2.5-11.el7 base 150 k
libsepol x86_64 2.5-8.1.el7 base 297 k
policycoreutils x86_64 2.5-22.el7 base 867 k

事务概要
======================================================================================================
安装 1 软件包 (+9 依赖软件包)
升级 ( 8 依赖软件包)

总下载量：23 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/18): docker-engine-1.12.1-1.el7.centos.x86_64.rpm | 19 MB 00:00:00
(2/18): docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm | 28 kB 00:00:00
(3/18): audit-libs-2.8.1-3.el7_5.1.x86_64.rpm | 99 kB 00:00:00
(4/18): audit-2.8.1-3.el7_5.1.x86_64.rpm | 247 kB 00:00:00
(5/18): audit-libs-python-2.8.1-3.el7_5.1.x86_64.rpm | 75 kB 00:00:00
(6/18): libcgroup-0.41-15.el7.x86_64.rpm | 65 kB 00:00:00
(7/18): checkpolicy-2.5-6.el7.x86_64.rpm | 294 kB 00:00:00
(8/18): libselinux-python-2.5-12.el7.x86_64.rpm | 235 kB 00:00:00
(9/18): libselinux-2.5-12.el7.x86_64.rpm | 162 kB 00:00:00
(10/18): libselinux-utils-2.5-12.el7.x86_64.rpm | 151 kB 00:00:00
(11/18): libsemanage-2.5-11.el7.x86_64.rpm | 150 kB 00:00:00
(12/18): libsemanage-python-2.5-11.el7.x86_64.rpm | 112 kB 00:00:00
(13/18): libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm | 49 kB 00:00:00
(14/18): libsepol-2.5-8.1.el7.x86_64.rpm | 297 kB 00:00:00
(15/18): policycoreutils-2.5-22.el7.x86_64.rpm | 867 kB 00:00:00
(16/18): policycoreutils-python-2.5-22.el7.x86_64.rpm | 454 kB 00:00:00
(17/18): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00:00
(18/18): setools-libs-3.3.8-2.el7.x86_64.rpm | 619 kB 00:00:00
——————————————————————————————————
总计 11 MB/s | 23 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : libsepol-2.5-8.1.el7.x86_64 1/26
正在更新 : libselinux-2.5-12.el7.x86_64 2/26
正在更新 : audit-libs-2.8.1-3.el7_5.1.x86_64 3/26
正在更新 : libsemanage-2.5-11.el7.x86_64 4/26
正在更新 : libselinux-utils-2.5-12.el7.x86_64 5/26
正在更新 : policycoreutils-2.5-22.el7.x86_64 6/26
正在安装 : libcgroup-0.41-15.el7.x86_64 7/26
正在安装 : libsemanage-python-2.5-11.el7.x86_64 8/26
正在安装 : audit-libs-python-2.8.1-3.el7_5.1.x86_64 9/26
正在更新 : libselinux-python-2.5-12.el7.x86_64 10/26
正在安装 : setools-libs-3.3.8-2.el7.x86_64 11/26
正在安装 : checkpolicy-2.5-6.el7.x86_64 12/26
正在安装 : libtool-ltdl-2.4.2-22.el7_3.x86_64 13/26
正在安装 : python-IPy-0.75-6.el7.noarch 14/26
正在安装 : policycoreutils-python-2.5-22.el7.x86_64 15/26
正在安装 : docker-engine-selinux-1.12.1-1.el7.centos.noarch 16/26
setsebool: SELinux is disabled.
Re-declaration of type docker_t
Failed to create node
Bad type declaration at /etc/selinux/targeted/tmp/modules/400/docker/cil:1
/usr/sbin/semodule: Failed!
正在安装 : docker-engine-1.12.1-1.el7.centos.x86_64 17/26
正在更新 : audit-2.8.1-3.el7_5.1.x86_64 18/26
清理 : policycoreutils-2.5-17.1.el7.x86_64 19/26
清理 : libsemanage-2.5-8.el7.x86_64 20/26
清理 : libselinux-utils-2.5-11.el7.x86_64 21/26
清理 : audit-2.7.6-3.el7.x86_64 22/26
清理 : libselinux-python-2.5-11.el7.x86_64 23/26
清理 : libselinux-2.5-11.el7.x86_64 24/26
清理 : libsepol-2.5-6.el7.x86_64 25/26
清理 : audit-libs-2.7.6-3.el7.x86_64 26/26
验证中 : docker-engine-selinux-1.12.1-1.el7.centos.noarch 1/26
验证中 : docker-engine-1.12.1-1.el7.centos.x86_64 2/26
验证中 : libsemanage-2.5-11.el7.x86_64 3/26
验证中 : libselinux-python-2.5-12.el7.x86_64 4/26
验证中 : setools-libs-3.3.8-2.el7.x86_64 5/26
验证中 : audit-libs-python-2.8.1-3.el7_5.1.x86_64 6/26
验证中 : libsemanage-python-2.5-11.el7.x86_64 7/26
验证中 : policycoreutils-2.5-22.el7.x86_64 8/26
验证中 : audit-2.8.1-3.el7_5.1.x86_64 9/26
验证中 : policycoreutils-python-2.5-22.el7.x86_64 10/26
验证中 : python-IPy-0.75-6.el7.noarch 11/26
验证中 : libtool-ltdl-2.4.2-22.el7_3.x86_64 12/26
验证中 : libcgroup-0.41-15.el7.x86_64 13/26
验证中 : audit-libs-2.8.1-3.el7_5.1.x86_64 14/26
验证中 : libsepol-2.5-8.1.el7.x86_64 15/26
验证中 : libselinux-2.5-12.el7.x86_64 16/26
验证中 : libselinux-utils-2.5-12.el7.x86_64 17/26
验证中 : checkpolicy-2.5-6.el7.x86_64 18/26
验证中 : libselinux-utils-2.5-11.el7.x86_64 19/26
验证中 : libselinux-2.5-11.el7.x86_64 20/26
验证中 : audit-libs-2.7.6-3.el7.x86_64 21/26
验证中 : audit-2.7.6-3.el7.x86_64 22/26
验证中 : libsepol-2.5-6.el7.x86_64 23/26
验证中 : libsemanage-2.5-8.el7.x86_64 24/26
验证中 : libselinux-python-2.5-11.el7.x86_64 25/26
验证中 : policycoreutils-2.5-17.1.el7.x86_64 26/26

已安装:
docker-engine.x86_64 0:1.12.1-1.el7.centos

作为依赖被安装:
audit-libs-python.x86_64 0:2.8.1-3.el7_5.1 checkpolicy.x86_64 0:2.5-6.el7
docker-engine-selinux.noarch 0:1.12.1-1.el7.centos libcgroup.x86_64 0:0.41-15.el7
libsemanage-python.x86_64 0:2.5-11.el7 libtool-ltdl.x86_64 0:2.4.2-22.el7_3
policycoreutils-python.x86_64 0:2.5-22.el7 python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-2.el7

完毕！
[root@docker2 ~]# systemctl restart docker
[root@docker2 ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@docker2 ~]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:28:ff:5c:c9 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@docker2 ~]# docker version
Client:
Version: 1.12.1
API version: 1.24
Go version: go1.6.3
Git commit: 23cf638
Built:
OS/Arch: linux/amd64

Server:
Version: 1.12.1
API version: 1.24
Go version: go1.6.3
Git commit: 23cf638
Built:
OS/Arch: linux/amd64

2 案例2：镜像基本操作
2.1 问题

本案例要求熟悉镜像的基本操作：
导入镜像
导出镜像
启动镜像
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：docker镜像

1）下载镜像
[root@docker1 ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
8c5a7da1afbc: Pull complete
Digest: sha256:cb63aa0641a885f54de20f61d152187419e8f6b159ed11a251a09d115fdff9bd
Status: Downloaded newer image for busybox:latest
2）上传镜像
[root@docker1 ~]# docker push busybox
3）查看镜像
[root@docker1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest e1ddd7948a1c 4 weeks ago 1.163 MB
4）查找busybox镜像
[root@docker1 ~]# docker search busybox
5）导出busybox镜像为busybox.tar
[root@docker1 ~]# docker save busybox:latest >busybox.tar
[root@docker1 ~]# ls
busybox.tar
6）导入镜像
[root@docker1 ~]# scp busybox.tar 192.168.1.20:/root
[root@docker2 ~]# ls
busybox.tar
[root@docker2 ~]# docker load <busybox.tar
f9d9e4e6e2f0: Loading layer [==================================================>] 1.378 MB/1.378 MB
Loaded image: busybox:latest[=> ] 32.77 kB/1.378 MB
[root@docker2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest e1ddd7948a1c 4 weeks ago 1.163 MB
7）删除镜像
[root@docker2 ~]# docker rmi busybox
Untagged: busybox:latest
Deleted: sha256:e1ddd7948a1c31709a23cc5b7dfe96e55fc364f90e1cebcde0773a1b5a30dcda
Deleted: sha256:f9d9e4e6e2f0689cd752390e14ade48b0ec6f2a488a05af5ab2f9ccaf54c299d
步骤二：一次性导入多个镜像
[root@docker1 ~]# yum -y install unzip
[root@docker1 ~]# unzip docker_images.zip
Archive: docker_images.zip
creating: docker_images/
inflating: docker_images/nginx.tar
inflating: docker_images/redis.tar
inflating: docker_images/centos.tar
inflating: docker_images/registry.tar
inflating: docker_images/ubuntu.tar
[root@docker1 ~]# ls
busybox.tar docker_images docker_images.zip eip
[root@docker1 ~]# cd docker_images
[root@docker1 docker_images]# ls
centos.tar nginx.tar redis.tar registry.tar ubuntu.tar
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest e1ddd7948a1c 4 weeks ago 1.163 MB
[root@docker1 docker_images]# for i in *; do docker load <$i; done
步骤三：启动镜像

1）启动centos镜像生成一个容器
启动镜像时若不知道后面的命令加什么:
1、可以猜（如：/bin/bash、/bin/sh）
2、可以不加后面的命令，默认启动
[root@docker1 docker_images]# docker run -it centos /bin/bash
[root@7a652fc72a9f /]# ls /
anaconda-post.log bin dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@7a652fc72a9f /]# cd /etc/yum.repos.d/
[root@7a652fc72a9f yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo
CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo
[root@7a652fc72a9f yum.repos.d]# rm -rf C*
[root@7a652fc72a9f yum.repos.d]# ls
[root@7a652fc72a9f yum.repos.d]#vi dvd.repo //在容器里面配置一个yum源
[local]
name=local
baseurl=ftp://192.168.1.254/system
enable=1
gpgcheck=0
[root@7a652fc72a9f yum.repos.d]# yum -y install net-tools //安装软件
[root@7a652fc72a9f yum.repos.d]# exit
exit

代码如下
下载镜像
[root@docker1 ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
90e01955edcd: Pull complete
Digest: sha256:2a03a6059f21e150ae84b0973863609494aad70f0a80eaeb64bddd8d92465812
Status: Downloaded newer image for busybox:latest

上传镜像
[root@docker1 ~]# docker push busybox
The push refers to a repository [docker.io/library/busybox]
8a788232037e: Layer already exists
unauthorized: authentication required

查看镜像
[root@docker1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 13 days ago 1.154 MB

查找busybox镜像
[root@docker1 ~]# docker search busybox
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
busybox Busybox base image. 1380 [OK]
progrium/busybox 68 [OK]
hypriot/rpi-busybox-httpd Raspberry Pi compatible Docker Image with … 44
radial/busyboxplus Full-chain, Internet enabled, busybox made… 20 [OK]
hypriot/armhf-busybox Busybox base image for ARM. 9
arm32v7/busybox Busybox base image. 6
yauritux/busybox-curl Busybox with CURL 4
armhf/busybox Busybox base image. 4
prom/busybox Prometheus Busybox Docker base images 2 [OK]
p7ppc64/busybox Busybox base image for ppc64. 2
odise/busybox-curl 2 [OK]
armel/busybox Busybox base image. 2
s390x/busybox Busybox base image. 2
onsi/grace-busybox 2
i386/busybox Busybox base image. 2
aarch64/busybox Busybox base image. 2
sequenceiq/busybox 2 [OK]
arm64v8/busybox Busybox base image. 1
ppc64le/busybox Busybox base image. 1
spotify/busybox Spotify fork of https://hub.docker.com/_/b… 1
amd64/busybox Busybox base image. 0
trollin/busybox 0
ggtools/busybox-ubuntu Busybox ubuntu version with extra goodies 0 [OK]
cfgarden/garden-busybox 0
concourse/busyboxplus 0
[root@docker1 ~]#

导出busybox镜像为busybox.tar
[root@docker1 ~]# docker save busybox:latest > busybox.tar
[root@docker1 ~]# ls
busybox.tar RPM-GPG-KEY-CentOS-7
[root@docker1 ~]# ll -h
总用量 1.4M
-rw-r–r– 1 root root 1.4M 10月 16 15:03 busybox.tar
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

导入busybox镜像
把上面保存的镜像传给DOCKER2虚拟机
[root@docker1 ~]# scp busybox.tar 192.168.1.20:/root
The authenticity of host ‘192.168.1.20 (192.168.1.20)’ can’t be established.
ECDSA key fingerprint is SHA256:J7RGnsjDzAzWQXirPkg41IuH/Yqeu8/0Wd/RC7EOLvM.
ECDSA key fingerprint is MD5:4c:19:01:4f:77:32:04:27:c7:68:9a:7c:83:92:4d:39.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.1.20’ (ECDSA) to the list of known hosts.
[email protected]’s password:
busybox.tar

到另外一台虚拟机上面去操作
[root@docker2 ~]# ll -h
总用量 1.4M
-rw-r–r– 1 root root 1.4M 10月 16 15:08 busybox.tar
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7

[root@docker2 ~]# docker load < busybox.tar
8a788232037e: Loading layer 1.37 MB/1.37 MB
Loaded image: busybox:latest
[root@docker2 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 13 days ago 1.154 MB

删除镜像
[root@docker2 ~]# docker rmi busybox
Untagged: busybox:latest
Deleted: sha256:59788edf1f3e78cd0ebe6ce1446e9d10788225db3dedcfd1a59f764bad2b2690
Deleted: sha256:8a788232037eaf17794408ff3df6b922a1aedf9ef8de36afdae3ed0b0381907b
[root@docker2 ~]#

一次性导入多个镜像
先把真机上事先准备好的多个镜像传到虚拟机上面
[root@room9pc52 cloud 4]# ll
总用量 104624
drwxrwxrwx 2 root root 4096 8月 11 21:37 docker 1
-rwxrwxrwx 1 root root 633921 7月 13 00:53 NSD_CLOUD_04.pdf
-rwxrwxrwx 1 root root 106493440 7月 13 00:53 small.img
[root@room9pc52 cloud 4]# cd docker\ 1/
[root@room9pc52 docker 1]# ll
总用量 271692
-rwxrwxrwx 1 root root 4168 7月 13 01:01 docker_01.txt
-rwxrwxrwx 1 root root 19917380 7月 13 01:01 docker-engine-1.12.1-1.el7.centos.x86_64.rpm
-rwxrwxrwx 1 root root 28860 7月 13 01:01 docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm
-rwxrwxrwx 1 root root 258246973 7月 13 01:02 docker_images.zip
[root@room9pc52 docker 1]# scp docker_images.zip 192.168.1.10:/root
[email protected]’s password:
docker_images.zip

DOCKER1上面，先安装解压软件
[root@docker1 ~]# yum install -y unzip
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: centos.ustc.edu.cn
正在解决依赖关系
–> 正在检查事务
—> 软件包 unzip.x86_64.0.6.0-19.el7 将被安装
–> 解决依赖关系完成

依赖关系解决

事务概要
======================================================================================================
安装 1 软件包

总下载量：170 k
安装大小：365 k
Downloading packages:
unzip-6.0-19.el7.x86_64.rpm | 170 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : unzip-6.0-19.el7.x86_64 1/1
验证中 : unzip-6.0-19.el7.x86_64 1/1

已安装:
unzip.x86_64 0:6.0-19.el7

完毕！

解压，然后进去看一眼

[root@docker1 ~]# ll -h
总用量 248M
-rw-r–r– 1 root root 1.4M 10月 16 15:03 busybox.tar
-rwxr-xr-x 1 root root 247M 10月 16 15:15 docker_images.zip
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7
[root@docker1 ~]# unzip docker_images.zip
Archive: docker_images.zip
creating: docker_images/
inflating: docker_images/nginx.tar
inflating: docker_images/redis.tar
inflating: docker_images/centos.tar
inflating: docker_images/registry.tar
inflating: docker_images/ubuntu.tar
[root@docker1 ~]# ll -h
总用量 248M
-rw-r–r– 1 root root 1.4M 10月 16 15:03 busybox.tar
drwxr-xr-x 2 root root 96 5月 16 20:33 docker_images
-rwxr-xr-x 1 root root 247M 10月 16 15:15 docker_images.zip
-rw-r–r–. 1 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7
[root@docker1 ~]# cd docker_images/
[root@docker1 docker_images]# ls
centos.tar nginx.tar redis.tar registry.tar ubuntu.tar
[root@docker1 docker_images]#
[root@docker1 docker_images]# ll -h
总用量 672M
-rw-r–r– 1 root root 198M 5月 16 20:28 centos.tar
-rw-r–r– 1 root root 181M 10月 19 2016 nginx.tar
-rw-r–r– 1 root root 181M 10月 19 2016 redis.tar
-rw-r–r– 1 root root 35M 5月 16 20:28 registry.tar
-rw-r–r– 1 root root 79M 5月 16 20:33 ubuntu.tar

开始导入镜像，然后查看确认
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 13 days ago 1.154 MB
[root@docker1 docker_images]# for i in * ; do docker load < $i ; done
43e653f84b79: Loading layer 207.2 MB/207.2 MB
Loaded image: centos:latest
142a601d9793: Loading layer 128.9 MB/128.9 MB
40e298e9673a: Loading layer 60.57 MB/60.57 MB
8d8bfe3cd5e4: Loading layer 3.584 kB/3.584 kB
Loaded image: nginx:latest
1cc8aacad4a1: Loading layer 344.6 kB/344.6 kB
40ef78f2da08: Loading layer 41.21 MB/41.21 MB
652c8a715c4f: Loading layer 2.703 MB/2.703 MB
fa4e25f53e04: Loading layer 16.46 MB/16.46 MB
c215f3ad270b: Loading layer 1.536 kB/1.536 kB
644be81b61f9: Loading layer 3.584 kB/3.584 kB
Loaded image: redis:latest
e53f74215d12: Loading layer 5.06 MB/5.06 MB
febf19f93653: Loading layer 7.894 MB/7.894 MB
59e80739ed3f: Loading layer 22.79 MB/22.79 MB
621c2399d41a: Loading layer 3.584 kB/3.584 kB
9113493eaae1: Loading layer 2.048 kB/2.048 kB
Loaded image: registry:latest
65bdd50ee76a: Loading layer 82.09 MB/82.09 MB
ec75999a0cb1: Loading layer 15.87 kB/15.87 kB
67885e448177: Loading layer 8.192 kB/8.192 kB
8db5f072feec: Loading layer 5.632 kB/5.632 kB
059ad60bcacf: Loading layer 3.072 kB/3.072 kB
Loaded image: ubuntu:latest
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 13 days ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
nginx latest a5311a310510 2 years ago 181.4 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB

启动镜像，进去看一下
[root@docker1 docker_images]# docker run -it centos /bin/bash
[root@700bd88a787b /]# ls /
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
[root@700bd88a787b /]# cd /etc/yum.repos.d/
[root@700bd88a787b yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo
CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo
[root@700bd88a787b yum.repos.d]# rm -rf *
[root@700bd88a787b yum.repos.d]# ls
[root@700bd88a787b yum.repos.d]# vi dvd.repo
[root@700bd88a787b yum.repos.d]# cat dvd.repo
[local]
name=local
baseurl=ftp://192.168.1.254/system
enable=1
gpgcheck=0

可以看到，常用的网络命令都没有，所以装一个
[root@700bd88a787b yum.repos.d]# ifconfig
bash: ifconfig: command not found
[root@700bd88a787b yum.repos.d]# ip a s
bash: ip: command not found

[root@700bd88a787b yum.repos.d]# yum repolist
Loaded plugins: fastestmirror, ovl
local | 3.6 kB 00:00:00
(1/2): local/group_gz | 156 kB 00:00:00
(2/2): local/primary_db | 5.7 MB 00:00:00
Determining fastest mirrors
repo id repo name status
local local 9591
repolist: 9591
[root@700bd88a787b yum.repos.d]# yum -y install net-tools
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
Resolving Dependencies
–> Running transaction check
—> Package net-tools.x86_64 0:2.0-0.22.20131004git.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================
Package Arch Version Repository Size
======================================================================================================
Installing:
net-tools x86_64 2.0-0.22.20131004git.el7 local 305 k

Transaction Summary
======================================================================================================
Install 1 Package

Total download size: 305 k
Installed size: 917 k
Downloading packages:
net-tools-2.0-0.22.20131004git.el7.x86_64.rpm | 305 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : net-tools-2.0-0.22.20131004git.el7.x86_64 1/1
Verifying : net-tools-2.0-0.22.20131004git.el7.x86_64 1/1

Installed:
net-tools.x86_64 0:2.0-0.22.20131004git.el7

Complete!

查看IP
[root@700bd88a787b yum.repos.d]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 362 bytes 6525262 (6.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 276 bytes 19443 (18.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@700bd88a787b yum.repos.d]#
[root@700bd88a787b yum.repos.d]# exit
exit
退出来看虚拟机1的docker0网桥，可以看到这是个docker0网桥就是内部镜像使用的网桥
[root@docker1 docker_images]# ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:b2ff:fe94:cf75 prefixlen 64 scopeid 0x20<link>
ether 02:42:b2:94:cf:75 txqueuelen 0 (Ethernet)
RX packets 276 bytes 15579 (15.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 354 bytes 6524614 (6.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

3 案例3：镜像与容器常用指令
3.1 问题

本案例要求掌握镜像与容器的常用命令：
镜像常用指令练习
容器常用指令练习
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：镜像常用命令

1）查看后台运行的容器
[root@docker1 ~]# docker run -d nginx //启动nginx的镜像
[root@docker1 ~]# docker ps //查看后台运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
56ec8154f8e0 nginx:latest “nginx -g ‘daemon off” 17 minutes ago Up 12 minutes 80/tcp, 443/tcp zen_darwin
2）只显示容器ID
[root@docker1 docker_images]# docker ps -q
56ec8154f8e0
85c6b0b62235
f7ee40a87af5
3）显示所有的容器,包括没有启动的
[root@docker1 docker_images]# docker ps -a
4）显示所有的容器ID
[root@docker1 docker_images]# docker ps -qa
56ec8154f8e0
2b68c3960737
85c6b0b62235
f7ee40a87af5
b261be571648
fb2fb8c3d7a8
5）查看centos镜像历史（制作过程），如图-2所示：
[root@docker1 docker_images]# docker history centos

图-2
7）删除镜像，启动容器时删除镜像会失败，先删除容器,再删除镜像
格式：docker rmi 镜像名
[root@docker1 docker_images]# docker rmi nginx //nginx为镜像名
Error response from daemon: conflict: unable to remove repository reference “nginx” (must force) – container 4f83871aa42e is using its referenced image a5311a310510 //删除时报错
[root@docker1 docker_images]# docker stop 4f
4f
[root@docker1 docker_images]# docker rm 4f
4f
[root@docker1 docker_images]# docker rmi nginx //成功删除
Untagged: nginx:latest
Deleted: sha256:d1fd7d86a8257f3404f92c4474fb3353076883062d64a09232d95d940627459d
Deleted: sha256:4d765aea84ce4f56bd623e4fd38dec996a259af3418e2466d0e2067ed0ae8aa6
Deleted: sha256:5d385be69c9c4ce5538e12e6e677727ebf19ca0afaff6f035d8043b5e413003a
Deleted: sha256:adb712878b60bd7ed8ce661c91eb3ac30f41b67bfafed321395863051596a8e9
Deleted: sha256:55a50a618c1b76f784b0b68a0b3d70db93b353fb03227ea6bd87f794cad92917
Deleted: sha256:e53f74215d12318372e4412d0f0eb3908e17db25c6185f670db49aef5271f91f
8）修改镜像的名称和标签,默认标签为latest
[root@docker1 docker_images]# docker tag centos:latest cen:v1
9）查看镜像的底层信息，如图-3所示：
[root@docker1 docker_images]# docker inspect centos

代码如下
1）查看并启动镜像
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
nginx latest a5311a310510 2 years ago 181.4 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
[root@docker1 docker_images]# docker run -d nginx
ebe2c559597be71252e683753a41aa4ed07ac15c054c707d5dd3b5e3e64f0b19
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebe2c559597b nginx “nginx -g ‘daemon off” 6 seconds ago Up 3 seconds 80/tcp, 443/tcp boring_lamarr
或者也可以只显示容器的ID
[root@docker1 docker_images]# docker ps -q
ebe2c559597b

2)显示所有的容器，包括没有启动的
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebe2c559597b nginx “nginx -g ‘daemon off” About a minute ago Up About a minute 80/tcp, 443/tcp boring_lamarr
700bd88a787b centos “/bin/bash” 19 hours ago Exited (0) 19 hours ago lonely_dubinsky
或者只查看容器的ID
[root@docker1 docker_images]# docker ps -qa
ebe2c559597b
700bd88a787b

3)查看容器的制作过程
[root@docker1 docker_images]# docker history centos
IMAGE CREATED CREATED BY SIZE COMMENT
e934aafc2206 6 months ago /bin/sh -c #(nop) CMD [“/bin/bash”] 0 B
<missing> 6 months ago /bin/sh -c #(nop) LABEL org.label-schema.sch 0 B
<missing> 6 months ago /bin/sh -c #(nop) ADD file:f755805244a649ecca 198.6 MB

4)删除镜像，要先删除该镜像启动的容器，再删除镜像
先查一下nginx的ID，前两位是eb
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebe2c559597b nginx “nginx -g ‘daemon off” 3 minutes ago Up 3 minutes 80/tcp, 443/tcp boring_lamarr
[root@docker1 docker_images]#
直接删除是失败的
[root@docker1 docker_images]# docker rmi nginx
Error response from daemon: conflict: unable to remove repository reference “nginx” (must force) – container ebe2c559597b is using its referenced image a5311a310510
先把容器eb停止并删除
[root@docker1 docker_images]# docker stop eb
eb
[root@docker1 docker_images]# docker rm eb
eb
再删除镜像nginx就可以成功了
[root@docker1 docker_images]# docker rmi nginx
Untagged: nginx:latest
Deleted: sha256:a5311a310510e5eaff3cfbb22b65d9ce11ddc15e266833909551334d48491921
Deleted: sha256:793457e70277c832d031ab9923a2820215fb247379880a4d93c17f64812bc531
Deleted: sha256:5a26610d59c221d133ad969ef3dcedd17a360df70d00e377d5b01c50f55bfa71

5)修改镜像名和标签，默认所有的标签的latest
我们把centos latest修改成 cen v1
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
[root@docker1 docker_images]# docker tag centos:latest cen:v1
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
cen v1 e934aafc2206 6 months ago 198.6 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB

查看镜像的底层信息
[root@docker1 docker_images]# docker inspect centos
[
{
“Id”: “sha256:e934aafc22064b7322c0250f1e32e5ce93b2d19b356f4537f5864bd102e8531f”,
“RepoTags”: [
“cen:v1”,
“centos:latest”
],
“RepoDigests”: [],
“Parent”: “”,
“Comment”: “”,
“Created”: “2018-04-06T21:01:51.215822656Z”,
“Container”: “20e7cee1d3f15879fb54cb361e2ceb3b4cd260f90e51202feec140f1aa9d8527”,
“ContainerConfig”: {
“Hostname”: “20e7cee1d3f1”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“Tty”: false,
“OpenStdin”: false,
“StdinOnce”: false,
“Env”: [
“PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”
],
“Cmd”: [
“/bin/sh”,
“-c”,
“#(nop) “,
“CMD [\”/bin/bash\”]”
],
“ArgsEscaped”: true,
“Image”: “sha256:33993dd9c7556016a6f54c12969e07640d6737cdfe9b98391ad38e9a5f6c4217”,
“Volumes”: null,
“WorkingDir”: “”,
“Entrypoint”: null,
“OnBuild”: null,
“Labels”: {
“org.label-schema.schema-version”: “= 1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20180402”
}
},
“DockerVersion”: “17.06.2-ce”,
“Author”: “”,
“Config”: {
“Hostname”: “”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: false,
“AttachStdout”: false,
“AttachStderr”: false,
“Tty”: false,
“OpenStdin”: false,
“StdinOnce”: false,
“Env”: [
“PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin”
],
“Cmd”: [
“/bin/bash”
],
“ArgsEscaped”: true,
“Image”: “sha256:33993dd9c7556016a6f54c12969e07640d6737cdfe9b98391ad38e9a5f6c4217”,
“Volumes”: null,
“WorkingDir”: “”,
“Entrypoint”: null,
“OnBuild”: null,
“Labels”: {
“org.label-schema.schema-version”: “= 1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20180402”
}
},
“Architecture”: “amd64”,
“Os”: “linux”,
“Size”: 198611378,
“VirtualSize”: 198611378,
“GraphDriver”: {
“Name”: “devicemapper”,
“Data”: {
“DeviceId”: “3”,
“DeviceName”: “docker-253:1-8388784-dc23f9921beb8944d203bb7973c15a45d0acb2bac97b0b4c68ad71c10cdd6c2d”,
“DeviceSize”: “10737418240”
}
},
“RootFS”: {
“Type”: “layers”,
“Layers”: [
“sha256:43e653f84b79ba52711b0f726ff5a7fd1162ae9df4be76ca1de8370b8bbf9bb0”
]
}
}
]

改名后删除镜像
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
cen v1 e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
[root@docker1 docker_images]# docker tag cen:v1 centos:latest
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
cen v1 e934aafc2206 6 months ago 198.6 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
删掉刚才改的名的镜像
[root@docker1 docker_images]# docker rmi cen:v1
Untagged: cen:v1
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
centos latest e934aafc2206 6 months ago 198.6 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB
直接删除镜像centos是删除不掉的，因为有容器了，所以要先删除容器，再删除镜像
[root@docker1 docker_images]# docker rmi centos
Error response from daemon: conflict: unable to remove repository reference “centos” (must force) – container 700bd88a787b is using its referenced image e934aafc2206
[root@docker1 docker_images]#
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
700bd88a787b centos “/bin/bash” 19 hours ago Exited (0) 19 hours ago lonely_dubinsky
[root@docker1 docker_images]# docker rm 70
70
[root@docker1 docker_images]# docker rmi centos
Untagged: centos:latest
Deleted: sha256:e934aafc22064b7322c0250f1e32e5ce93b2d19b356f4537f5864bd102e8531f
Deleted: sha256:43e653f84b79ba52711b0f726ff5a7fd1162ae9df4be76ca1de8370b8bbf9bb0
可以看到，现在干净了，什么都没有了
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB

如果没有镜像，直接运行，docker会去仓库去下载
[root@docker1 docker_images]# docker run -it centos
Unable to find image ‘centos:latest’ locally
latest: Pulling from library/centos
aeb7866da422: Pull complete
Digest: sha256:67dad89757a55bfdfabec8abd0e22f8c7c12a1856514726470228063ed86593b
Status: Downloaded newer image for centos:latest
[root@ae3e9822ac24 /]# exit
exit
[root@docker1 docker_images]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 75835a67d134 7 days ago 200.4 MB
busybox latest 59788edf1f3e 2 weeks ago 1.154 MB
ubuntu latest 452a96d81c30 5 months ago 79.62 MB
registry latest d1fd7d86a825 9 months ago 33.26 MB
redis latest 1aa84b1b434e 2 years ago 182.8 MB

步骤二：容器命令

1）关闭容器
命令：docker stop 容器ID
[root@docker1 docker_images]# docker stop 0f //0f为容器ID
0f
2）启动容器
[root@docker1 docker_images]# docker start 0f
0f
3）重启容器
[root@docker1 docker_images]# docker restart 0f
0f
4）删除容器
运行中删除不掉，先关闭容器
[root@docker1 docker_images]# docker rm 0f //删除失败
Error response from daemon: You cannot remove a running container 0f63706692e15134a8f07655a992771b312b8eb01554fc37e1a39b03b28dd05c. Stop the container before attempting removal or use -f
[root@docker1 docker_images]# docker stop 0f //关闭容器
0f
[root@docker1 docker_images]# docker rm 0f //删除成功
0f
[root@docker1 docker_images]#
5）连接容器attach|exec
[root@docker1 docker_images]# docker attach 0f
[root@docker1 docker_images]# docker ps //容器关闭
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker1 docker_images]# docker exec -it 0f /bin/bash
[root@docker1 docker_images]# docker ps //容器不会关闭
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b3c50284a1c centos:v1 “/bin/bash” 15 minutes ago Up 15 minutes tiny_lamarr
[root@docker1 docker_images]# docker top f7 //查看容器进程列表
[root@localhost ~]# docker run -itd centos:latest
[root@0b3c50284a1c /]# ps
PID TTY TIME CMD
1 ? 00:00:00 bash
13 ? 00:00:00 ps
[root@docker1 docker_images]# docker exec -it 85 /bin/bash
root@85c6b0b62235:/# sleep 50 &
[1] 9
root@85c6b0b62235:/# exit
exit
[root@docker1 docker_images]#docker top 85
UID PID PPID C STIME TTY TIME CMD
root 2744 2729 0 18:01 pts/4 00:00:00 /bin/bash
6）过滤查看mac和ip地址
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.MacAddress}}’ 4f
02:42:ac:11:00:03
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ 4f
172.17.0.3
7）修改nginx的显示内容
[root@docker1 docker_images]# docker run -it nginx:latest

[root@docker1 docker_images]# docker exec -it 56 /bin/bash
root@56ec8154f8e0:/# nginx -T /usr/share/nginx/html/
nginx: invalid option: “/usr/share/nginx/html/” //查找并显示结果
root@56ec8154f8e0:/# echo aaa > /usr/share/nginx/html/index.html
//修改主页显示的内容
root@56ec8154f8e0:/# nginx -T
root@56ec8154f8e0:/# cat /usr/share/nginx/html/index.html
aaa
8）过滤查看nginx的ip地址
[root@docker1 ~]# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ 56
172.17.0.5
[root@docker1 ~]# curl 172.17.0.5
aaa

代码如下
查看容器
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae3e9822ac24 centos “/bin/bash” 31 minutes ago Exited (127) 4 minutes ago big_almeida
关闭容器
[root@docker1 docker_images]# docker stop ae
ae
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker1 docker_images]#
启动容器
[root@docker1 docker_images]# docker start ae
ae
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae3e9822ac24 centos “/bin/bash” 32 minutes ago Up 8 seconds big_almeida
重启容器
[root@docker1 docker_images]# docker restart ae
ae
删除容器
[root@docker1 docker_images]# docker stop ae
ae
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae3e9822ac24 centos “/bin/bash” 35 minutes ago Exited (137) 5 seconds ago big_almeida
[root@docker1 docker_images]# docker rm ae
ae
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

连接容器 attach | exex
[root@docker1 docker_images]# docker run -it centos
[root@cdfe1b4ffcca /]# ls
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
[root@cdfe1b4ffcca /]# exit
exit

退出后，启动容器，然后连接
[root@docker1 docker_images]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cdfe1b4ffcca centos “/bin/bash” About a minute ago Exited (0) 40 seconds ago nauseous_dijkstra
[root@docker1 docker_images]# docker attach cd
You cannot attach to a stopped container, start it first
[root@docker1 docker_images]# docker start cd
cd
用attach连接
[root@docker1 docker_images]# docker attach cd
[root@cdfe1b4ffcca /]# exit
exit
退出就没了
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

用exec连接
[root@docker1 docker_images]# docker start cd
cd
[root@docker1 docker_images]# docker exec -it cd /bin/bash
[root@cdfe1b4ffcca /]# exit
exit
退出后容器不会关闭，这个就是区别
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cdfe1b4ffcca centos “/bin/bash” 3 minutes ago Up 20 seconds nauseous_dijkstra

查看容器的进程列表，看清楚IDH号
[root@docker1 docker_images]# docker top cd
UID PID PPID C STIME TTY TIME CMD
root 12570 12556 0 11:45 pts/1 00:00:00 /bin/bash
[root@docker1 docker_images]# docker run -itd centos:latest
3b0d94d4bacdd169013410b0734ef20b876bced7d8fea4137618e4f45f6af82c
[root@docker1 docker_images]# ps
PID TTY TIME CMD
802 pts/0 00:00:00 bash
12725 pts/0 00:00:00 ps
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3b0d94d4bacd centos:latest “/bin/bash” 55 seconds ago Up 52 seconds silly_pasteur
cdfe1b4ffcca centos “/bin/bash” 7 minutes ago Up 3 minutes nauseous_dijkstra
[root@docker1 docker_images]# docker exec -it 3b /bin/bash
[root@3b0d94d4bacd /]# sleep 50&
[1] 25
[root@3b0d94d4bacd /]# exit
exit
[root@docker1 docker_images]# docker top 3b
UID PID PPID C STIME TTY TIME CMD
root 12702 12688 0 11:47 pts/2 00:00:00 /bin/bash

查看MAC和IP地址
[root@docker1 docker_images]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3b0d94d4bacd centos:latest “/bin/bash” 4 minutes ago Up 4 minutes silly_pasteur
cdfe1b4ffcca centos “/bin/bash” 10 minutes ago Up 6 minutes nauseous_dijkstra
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.MacAddress}}’ 3b
02:42:ac:11:00:03
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.MacAddress}}’ cd
02:42:ac:11:00:02
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ 3b
172.17.0.3
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ cd
172.17.0.2
[root@docker1 docker_images]#

修改nginx的显示内容
[root@docker1 docker_images]# docker run -it nginx:latest
Unable to find image ‘nginx:latest’ locally
latest: Pulling from library/nginx

f17d81b4b692: Pull complete
d5c237920c39: Pull complete
a381f92f36de: Pull complete
Digest: sha256:b73f527d86e3461fd652f62cf47e7b375196063bbbd503e853af5be16597cb2e
Status: Downloaded newer image for nginx:latest
[root@docker1 docker_images]#

[root@docker1 docker_images]# docker start 3b
Error response from daemon: Multiple IDs found with provided prefix: 3b89902c3001651dae3e3bf1d8a0667d530d9854f55a1a4de87aed0844776a4d
Error: failed to start containers: 3b
[root@docker1 docker_images]# docker start 3b8
3b8
[root@docker1 docker_images]# docker exec -it 3b8 /bin/bash
root@3b89902c3001:/# nginx -T /usr/share/nginx/html/
nginx: invalid option: “/usr/share/nginx/html/”
root@3b89902c3001:/# echo aaa > /usr/share/nginx/html/index.html
root@3b89902c3001:/# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:

user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘;

access_log /var/log/nginx/access.log main;

sendfile on;
#tcp_nopush on;

keepalive_timeout 65;

#gzip on;

include /etc/nginx/conf.d/*.conf;
}

# configuration file /etc/nginx/mime.types:

types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;

text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;

image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;

font/woff woff;
font/woff2 woff2;

application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;

application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;

audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;

video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

# configuration file /etc/nginx/conf.d/default.conf:
server {
listen 80;
server_name localhost;

#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;

location / {
root /usr/share/nginx/html;
index index.html index.htm;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#
#location ~ /\.ht {
# deny all;
#}
}

root@3b89902c3001:/# nginx -T /usr/share/nginx/html/
nginx: invalid option: “/usr/share/nginx/html/”
root@3b89902c3001:/# nginx -T /usr/share/nginx/html/
50x.html index.html
root@3b89902c3001:/# nginx -T /usr/share/nginx/html/index.html
nginx: invalid option: “/usr/share/nginx/html/index.html”
root@3b89902c3001:/# cat /usr/share/nginx/html/index.html
aaa

8）过滤查看nginx的ip地址
测试确认一下
[root@docker1 docker_images]# docker inspect -f ‘{{.NetworkSettings.IPAddress}}’ 3b8
172.17.0.4
[root@docker1 docker_images]# curl 172.17.0.4
aaa

发表在 Docker | 标签为 docker | 留下评论

Openstack安装额外的计算节点

发表于2018年10月19日由toky, jim

案例：安装额外计算节点
主机聚合
可用域名称主机可用
internal
openstack.tedu.cn (服务已运行)
True
nova
openstack.tedu.cn (服务已运行)
True
问题
本案例要求安装额外的计算节点：
添加两块网卡，均能与第一个节点通信
能够准确地进行DNS解析
配置yum仓库
安装计算节点
步骤

实现此案例需要按照如下步骤进行。
步骤一：安装计算节点

备注：day02的案例里面在安装openstack时，nova.tedu.cn已经配置过网卡，DNS解析，yum源，这里不再赘述，不会的可以看day02的案例
1）更改answer.ini文件
[root@openstack ~]# vi answer.ini //在openstack.tedu.cn上面操作
CONFIG_COMPUTE_HOSTS=192.168.1.1,192.168.1.2
CONFIG_NETWORK_HOSTS=192.168.1.1,192.168.1.2
[root@openstack ~]# packstack –answer-file answer.ini
**** Installation completed successfully ******
2）这时浏览器访问时不出现页面，15-horizon_vhost.conf文件被还原，需要重新修改这个文件
[root@openstack ~]# cd /etc/httpd/conf.d/
[root@openstack conf.d]# vi 15-horizon_vhost.conf
35 WSGIProcessGroup apache
36 WSGIApplicationGroup %{GLOBAL} //添加这一行
[root@openstack conf.d]# apachectl graceful //重新载入配置文件
3）浏览器访问，出现页面
[root@openstack conf.d]# firefox 192.168.1.1
[root@localhost conf.d]# cd
[root@localhost ~]# ls
answer.ini keystonerc_admin
[root@openstack ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD=1bb4c987345c45ba
安装后的节点状态

代码如下
1）首先改一下应答文件
97 # List the servers on which to install the Compute service.
98 CONFIG_COMPUTE_HOSTS=192.168.1.1,192.168.1.2
99
100 # List of servers on which to install the network service such as
101 # Compute networking (nova network) or OpenStack Networking (neutron).
102 CONFIG_NETWORK_HOSTS=192.168.1.1,192.168.1.2

2)开始一键安装
[root@openstack ~(keystone_admin)]# packstack –answer-file answer.ini
Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20181016-095916-_OcJbv/openstack-setup.log

Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts’ details [ DONE ]
Preparing pre-install entries [ DONE ]
Installing time synchronization via NTP [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron LBaaS Agent entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing MongoDB entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.1.1_controller.pp
192.168.1.1_controller.pp: [ DONE ]
Applying 192.168.1.2_network.pp
Applying 192.168.1.1_network.pp
192.168.1.1_network.pp: [ DONE ]
192.168.1.2_network.pp: [ DONE ]
Applying 192.168.1.2_compute.pp
Applying 192.168.1.1_compute.pp
192.168.1.1_compute.pp: [ DONE ]
192.168.1.2_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]

**** Installation completed successfully ******

Additional information:
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.1.1. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.1.1/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20181016-095916-_OcJbv/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20181016-095916-_OcJbv/manifests

3）网页肯定是打不开的，老规矩改httpd软件
WSGIProcessGroup apache
WSGIApplicationGroup %{GLOBAL}
[root@openstack conf.d(keystone_admin)]# apachectl graceful

4)再访问一次就可以了
[root@openstack conf.d(keystone_admin)]# cd
[root@openstack ~(keystone_admin)]# ls
answer.ini keystonerc_admin RPM-GPG-KEY-CentOS-7
[root@openstack ~(keystone_admin)]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD=2e0f052c918943e3
export OS_AUTH_URL=http://192.168.1.1:5000/v2.0
export PS1='[\u@\h \W(keystone_admin)]\$ ‘

export OS_TENANT_NAME=admin
export OS_REGION_NAME=RegionOne

5)看一下管理员-主机聚合，可以看到两个虚拟机都加进去了

可用域
筛选
可用域名称主机可用
internal
openstack.tedu.cn (服务已运行)
True
nova
nova.tedu.cn (服务已运行)
openstack.tedu.cn (服务已运行)
True

发表在 OpenStack | 标签为 openstack | 留下评论

OpenStack一键式安装

发表于2018年10月16日由toky, jim

今天的内容延续昨天openstack环境准备
今天需要把真机，虚拟机1和虚拟机2全部准备完毕

1 案例1：配置yum仓库
1.1 问题

本案例要求把三个镜像配置yum源：
CentOS7-1708光盘内容作为仓库源
配置 RHEL7-extars内容加入仓库源
RHEL7OSP-10光盘中包含多个目录，每个目录都是仓库源（可以使用脚本生成）
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置 yum仓库

警告：仅yum配置的第一个源（系统源）为gpgcheck=1需要导入公钥，其他的都是gpgcheck=0，否则安装会报错
[root@room9pc01 ~]# mkdir /var/ftp/system
[root@room9pc01 ~]# mkdir /var/ftp/extras
[root@room9pc01 ~]# mkdir /var/ftp/HEL7OSP
[root@room9pc01 ~]# vim /etc/fstab
/iso/RHEL7OSP-10.iso /var/ftp/HEL7OSP iso9660 defaults 0 0
/iso/CentOS7-1708.iso /var/ftp/system iso9660 defaults 0 0
/iso/RHEL7-extras.iso /var/ftp/extras iso9660 defaults 0 0
[root@room9pc01 ~]# mount –a
mount: /dev/loop0 is write-protected, mounting read-only
mount: /dev/loop1 is write-protected, mounting read-only
mount: /dev/loop2 is write-protected, mounting read-only
[root@room9pc01 ~]# vim /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[local_extras]
name=extras
baseurl=”ftp://192.168.1.254/extras”
enabled=1
gpgcheck=0
[1local_devtools-rpms]
name=devtools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-devtools-rpms”
enabled=1
gpgcheck=0
[2local_optools-rpms]
name=optools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-optools-rpms”
enabled=1
gpgcheck=0
[3local_rpms]
name=rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-rpms”
enabled=1
gpgcheck=0
[4local_tools-rpms]
name=tools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-tools-rpms”
enabled=1
gpgcheck=0
[5local_mon-rpms]
name=mon-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-mon-rpms”
enabled=1
gpgcheck=0
[6local_osd-rpms]
name=osd-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-osd-rpms”
enabled=1
gpgcheck=0
[7local_rhceph-2-tools-rpms]
name=rhceph-2-tools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-tools-rpms”
enabled=1
gpgcheck=0
[8local_agent-rpms]
name=agent-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-agent-rpms”
enabled=1
gpgcheck=0
[9local_installer-rpms]
name=installer-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-installer-rpms”
enabled=1
gpgcheck=0
[10local_rhscon-2-main-rpms]
name=rhscon-2-main-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-main-rpms”
enabled=1
gpgcheck=0

代码如下
[root@room9pc52 ~]# cat /etc/fstab
[root@room9pc52 ~]# mkdir /var/ftp/system
[root@room9pc52 ~]# mkdir /var/ftp/extras
[root@room9pc52 ~]# mkdir /var/ftp/HEL7OSP
[root@room9pc52 ~]# vim /etc/fstab

#
# /etc/fstab
# Created by anaconda on Thu Mar 8 09:45:35 2018
#
# Accessible filesystems, by reference, are maintained under ‘/dev/disk’
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=2c4538c2-7763-4c33-90c4-cfc0e20bb8c9 / ext4 defaults 1 1
UUID=42cf258f-160a-4054-a352-945929f3cc87 /var/lib/libvirt/images ext4 defaults 1 2
/var/lib/libvirt/images/iso/rhel-server-7.4-x86_64-dvd.iso /var/ftp/rhel7 iso9660 defaults 0 0
#/var/lib/libvirt/images/iso/CentOS-7-x86_64-Everything-1708.iso /var/ftp/centos iso9660 defaults 0 0
/var/lib/libvirt/images/iso/rhcs2.0-rhosp9-20161113-x86_64.iso /var/ftp/ceph iso9660 defaults 0 0
/var/lib/libvirt/images/iso/RHEL7OSP-10.iso /var/ftp/HEL7OSP iso9660 defaults 0 0
/var/lib/libvirt/images/iso/CentOS-7-x86_64-Everything-1708.iso /var/ftp/system iso9660 defaults 0 0
/var/lib/libvirt/images/iso/RHEL7-extras.iso /var/ftp/extras iso9660 defaults 0 0
（这里注意一下，我本身已经写过centos了，为了不和system冲突，所以还是还是把centos暂时注释掉）

[root@room9pc52 ~]# mount -a
mount: /dev/loop0 写保护，将以只读方式挂载
mount: /dev/loop1 写保护，将以只读方式挂载
mount: /dev/loop2 写保护，将以只读方式挂载
mount: /dev/loop3 写保护，将以只读方式挂载
mount: /dev/loop4 写保护，将以只读方式挂载
[root@room9pc52 ~]# df -h
文件系统容量已用可用已用% 挂载点
/dev/sda2 118G 47G 66G 42% /
devtmpfs 7.7G 0 7.7G 0% /dev
tmpfs 7.7G 21M 7.7G 1% /dev/shm
tmpfs 7.7G 10M 7.7G 1% /run
tmpfs 7.7G 0 7.7G 0% /sys/fs/cgroup
/dev/sda1 197G 77G 111G 41% /var/lib/libvirt/images
tmpfs 1.6G 56K 1.6G 1% /run/user/0
/dev/loop0 3.8G 3.8G 0 100% /var/ftp/rhel7
/dev/loop1 936M 936M 0 100% /var/ftp/ceph
/dev/loop2 3.0G 3.0G 0 100% /var/ftp/HEL7OSP
/dev/loop3 8.1G 8.1G 0 100% /var/ftp/system
/dev/loop4 169M 169M 0 100% /var/ftp/extras

编辑yum源，注意，只有第一个centos-everyting需要gpgcheck=1，其余都要为0，否则报错，同时真机要导入密钥
[root@room9pc52 ~]# cat /etc/yum.repos.d/local.repo
[local_repo]
name=CentOS-$releasever – Base
baseurl=”ftp://192.168.1.254/system”
enabled=1
gpgcheck=1
[local_extras]
name=extras
baseurl=”ftp://192.168.1.254/extras”
enabled=1
gpgcheck=0
[1local_devtools-rpms]
name=devtools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-devtools-rpms”
enabled=1
gpgcheck=0
[2local_optools-rpms]
name=optools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-optools-rpms”
enabled=1
gpgcheck=0
[3local_rpms]
name=rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-rpms”
enabled=1
gpgcheck=0
[4local_tools-rpms]
name=tools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-openstack-10-tools-rpms”
enabled=1
gpgcheck=0
[5local_mon-rpms]
name=mon-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-mon-rpms”
enabled=1
gpgcheck=0
[6local_osd-rpms]
name=osd-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-osd-rpms”
enabled=1
gpgcheck=0
[7local_rhceph-2-tools-rpms]
name=rhceph-2-tools-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhceph-2-tools-rpms”
enabled=1
gpgcheck=0
[8local_agent-rpms]
name=agent-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-agent-rpms”
enabled=1
gpgcheck=0
[9local_installer-rpms]
name=installer-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-installer-rpms”
enabled=1
gpgcheck=0
[10local_rhscon-2-main-rpms]
name=rhscon-2-main-rpms
baseurl=”ftp://192.168.1.254/HEL7OSP/rhel-7-server-rhscon-2-main-rpms”
enabled=1
gpgcheck=0

真机也要导入密钥，同时注释掉原来的centos源
[root@room9pc52 ~]# cp /var/ftp/system/RPM-GPG-KEY-CentOS-7 ./
[root@room9pc52 ~]# ll
-rw-r–r– 1 root root 1690 10月 15 16:13 RPM-GPG-KEY-CentOS-7

[root@room9pc52 ~]# rpm –import RPM-GPG-KEY-CentOS-7

把原来写的dvd.repo删除掉
[root@room9pc52 yum.repos.d]# ll
总用量 68
-rwxr-xr-x 1 root root 347 8月 12 17:17 cent7.repo
-rw-r–r– 1 root root 1664 8月 13 22:34 CentOS-Base.repo
-rw-r–r– 1 root root 1309 8月 13 22:34 CentOS-CR.repo
-rw-r–r– 1 root root 649 8月 13 22:34 CentOS-Debuginfo.repo
-rw-r–r– 1 root root 314 8月 13 22:34 CentOS-fasttrack.repo
-rw-r–r– 1 root root 630 8月 13 22:34 CentOS-Media.repo
-rw-r–r– 1 root root 1331 8月 13 22:34 CentOS-Sources.repo
-rw-r–r– 1 root root 4768 8月 13 22:34 CentOS-Vault.repo
-rw-r–r– 1 root root 270 10月 12 09:17 ceph.repo
-rw-r–r– 1 root root 71 10月 15 11:04 dvd.repo
-rwxr-xr-x 1 root root 951 8月 12 11:25 epel.repo
-rwxr-xr-x 1 root root 1050 8月 12 11:13 epel-testing.repo
-rw-r–r– 1 root root 1524 10月 15 16:10 local.repo
-r–r–r– 1 root root 114 7月 11 2017 packagekit-media.repo
-rw-r–r– 1 root root 229 8月 4 07:49 teamviewer.repo
-rwxr-xr-x 1 root root 229 8月 12 11:21 teamviewer.repo.rpmorig
[root@room9pc52 yum.repos.d]# rm -rf dvd.repo
[root@room9pc52 yum.repos.d]# ll
总用量 64
-rwxr-xr-x 1 root root 347 8月 12 17:17 cent7.repo
-rw-r–r– 1 root root 1664 8月 13 22:34 CentOS-Base.repo
-rw-r–r– 1 root root 1309 8月 13 22:34 CentOS-CR.repo
-rw-r–r– 1 root root 649 8月 13 22:34 CentOS-Debuginfo.repo
-rw-r–r– 1 root root 314 8月 13 22:34 CentOS-fasttrack.repo
-rw-r–r– 1 root root 630 8月 13 22:34 CentOS-Media.repo
-rw-r–r– 1 root root 1331 8月 13 22:34 CentOS-Sources.repo
-rw-r–r– 1 root root 4768 8月 13 22:34 CentOS-Vault.repo
-rw-r–r– 1 root root 270 10月 12 09:17 ceph.repo
-rwxr-xr-x 1 root root 951 8月 12 11:25 epel.repo
-rwxr-xr-x 1 root root 1050 8月 12 11:13 epel-testing.repo
-rw-r–r– 1 root root 1524 10月 15 16:10 local.repo
-r–r–r– 1 root root 114 7月 11 2017 packagekit-media.repo
-rw-r–r– 1 root root 229 8月 4 07:49 teamviewer.repo
-rwxr-xr-x 1 root root 229 8月 12 11:21 teamviewer.repo.rpmorig

创建yum缓存，正常情况下应该一切正常
[root@room9pc52 yum.repos.d]# yum repolist
已加载插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
10local_rhscon-2-main-rpms | 2.9 kB 00:00:00
1local_devtools-rpms | 2.9 kB 00:00:00
2local_optools-rpms | 2.9 kB 00:00:00
3local_rpms | 2.9 kB 00:00:00
4local_tools-rpms | 2.9 kB 00:00:00
5local_mon-rpms | 2.9 kB 00:00:00
6local_osd-rpms | 2.9 kB 00:00:00
7local_rhceph-2-tools-rpms | 2.9 kB 00:00:00
8local_agent-rpms | 2.9 kB 00:00:00
9local_installer-rpms | 2.9 kB 00:00:00
local_extras | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
(1/13): 1local_devtools-rpms/primary_db | 3.7 kB 00:00:00
(2/13): 5local_mon-rpms/primary_db | 37 kB 00:00:00
(3/13): 6local_osd-rpms/primary_db | 29 kB 00:00:00
(4/13): 10local_rhscon-2-main-rpms/primary_db | 21 kB 00:00:00
(5/13): 7local_rhceph-2-tools-rpms/primary_db | 30 kB 00:00:00
(6/13): 8local_agent-rpms/primary_db | 13 kB 00:00:00
(7/13): 9local_installer-rpms/primary_db | 44 kB 00:00:00
(8/13): local_extras/primary_db | 43 kB 00:00:00
(9/13): 2local_optools-rpms/primary_db | 41 kB 00:00:00
(10/13): 3local_rpms/primary_db | 318 kB 00:00:00
(11/13): local_repo/group_gz | 156 kB 00:00:00
(12/13): 4local_tools-rpms/primary_db | 35 kB 00:00:00
(13/13): local_repo/primary_db | 5.7 MB 00:00:00
源标识源名称状态
10local_rhscon-2-main-rpms rhscon-2-main-rpms 29
1local_devtools-rpms devtools-rpms 3
2local_optools-rpms optools-rpms 99
3local_rpms rpms 680
4local_tools-rpms tools-rpms 84
5local_mon-rpms mon-rpms 41
6local_osd-rpms osd-rpms 28
7local_rhceph-2-tools-rpms rhceph-2-tools-rpms 35
8local_agent-rpms agent-rpms 19
9local_installer-rpms installer-rpms 46
base/7/x86_64 CentOS-7 – Base 9,911
*epel/x86_64 Extra Packages for Enterprise Linux 7 – x86_64 12,731
extras/7/x86_64 CentOS-7 – Extras 432
librehat-shadowsocks/x86_64 Copr repo for shadowsocks owned by librehat 54
local_extras extras 76
local_repo CentOS-7 – Base 9,591
mon mon 41
osd osd 28
teamviewer/x86_64 TeamViewer – x86_64 18
tools tools 33
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 35,522

2 案例2：配置DNS服务器：
2.1 问题

本案例要求掌握DNS服务器的配置：
允许DNS服务器为所有的客户端提供服务
解析域名openstack.tedu.cn
解析域名nova.tedu.cn
2.2 方案

此实验的整体方案需要三台机器，openstack作为主节点，nova作为额外节点，真机做为DNS和NTP的服务器(这里不再在表-1中体现，在真机上面直接配置即可)，提供域名解析和时间同步服务，具体情况如表-1所示：
表-1

2.3 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置DNS（真机操作）

[root@room9pc01 ~]# yum -y install bind bind-chroot
[root@room9pc01 ~]# vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.3; }; //修改ip
allow-query { any; }; //允许所有
recursion yes;
forwarders { 172.40.1.10; }; //转发dns,真机的服务器地址
dnssec-enable no;
dnssec-validation no;
};
[root@room9pc01 ~]# systemctl restart named

步骤一：两台虚拟机配置静态ip

注意：两台主机同样操作，改一下ip即可（以openstack.tedu.cn为例）
[root@localhost ~]# echo openstack.tedu.cn > /etc/hostname
[root@localhost ~]# hostname openstack.tedu.cn //另外一台主机改名为nova.tedu.cn
[root@openstack ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=”192.168.1.1″
PREFIX=24
GATEWAY=192.168.1.254
[root@openstack ~]# systemctl restart network
步骤三：域名解析

[root@openstack ~]# vim /etc/hosts //在openstack.tedu.cn和nova.tedu.cn主机上面操作
192.168.1.1 openstack.tedu.cn
192.168.1.2 nova.tedu.cn

代码如下：
注意，我们不在真机上操作，去虚拟机上去操作，重新创建一台虚拟机，同时把IP改为192.168.1.3，内存给1G就可以了
传建前端盘node3.img
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 node3.img
Formatting ‘node3.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img info node3.img
image: node3.img
file format: qcow2
virtual size: 16G (17179869184 bytes)
disk size: 196K
cluster_size: 65536
backing file: node.qcow2
Format specific information:
compat: 1.1
lazy refcounts: false
创建xml文件
[root@room9pc52 images]# sed ‘s/node/node3/’ /etc/libvirt/qemu/node.xml > /etc/libvirt/qemunode3.xml
[root@room9pc52 images]#
[root@room9pc52 images]# vim /etc/libvirt/qemunode3.xml
[root@room9pc52 images]# cat /etc/libvirt/qemunode3.xml
<!–
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit node3
or other application using the libvirt API.
–>

<domain type=’kvm’>
<name>node3</name>
<memory unit=’KiB’>1024000</memory>
<currentMemory unit=’KiB’>1024000</currentMemory>
<vcpu placement=’static’>2</vcpu>
<os>
<type arch=’x86_64′ machine=’pc-i440fx-rhel7.0.0′>hvm</type>
<boot dev=’hd’/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode=’custom’ match=’exact’ check=’partial’>
<model fallback=’allow’>Skylake-Client-IBRS</model>
</cpu>
<clock offset=’utc’>
<timer name=’rtc’ tickpolicy=’catchup’/>
<timer name=’pit’ tickpolicy=’delay’/>
<timer name=’hpet’ present=’no’/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled=’no’/>
<suspend-to-disk enabled=’no’/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type=’file’ device=’disk’>
<driver name=’qemu’ type=’qcow2’/>
<source file=’/var/lib/libvirt/images/node3.img’/>
<target dev=’vda’ bus=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x07′ function=’0x0’/>
</disk>
<controller type=’usb’ index=’0′ model=’ich9-ehci1′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x7’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci1′>
<master startport=’0’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x0′ multifunction=’on’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci2′>
<master startport=’2’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x1’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci3′>
<master startport=’4’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x2’/>
</controller>
<controller type=’pci’ index=’0′ model=’pci-root’/>
<controller type=’virtio-serial’ index=’0′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x0’/>
</controller>
<interface type=’network’>
<source network=’vbr’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x03′ function=’0x0’/>
</interface>
<interface type=’bridge’>
<source bridge=’private1’/>
<model type=’virtio’/>
</interface>
<serial type=’pty’>
<target type=’isa-serial’ port=’0′>
<model name=’isa-serial’/>
</target>
</serial>
<console type=’pty’>
<target type=’serial’ port=’0’/>
</console>
<channel type=’unix’>
<target type=’virtio’ name=’org.qemu.guest_agent.0’/>
<address type=’virtio-serial’ controller=’0′ bus=’0′ port=’1’/>
</channel>
<channel type=’spicevmc’>
<target type=’virtio’ name=’com.redhat.spice.0’/>
<address type=’virtio-serial’ controller=’0′ bus=’0′ port=’2’/>
</channel>
<input type=’tablet’ bus=’usb’>
<address type=’usb’ bus=’0′ port=’1’/>
</input>
<input type=’mouse’ bus=’ps2’/>
<input type=’keyboard’ bus=’ps2’/>
<graphics type=’spice’ autoport=’yes’>
<listen type=’address’/>
<image compression=’off’/>
</graphics>
<sound model=’ich6′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x04′ function=’0x0’/>
</sound>
<video>
<model type=’qxl’ ram=’65536′ vram=’65536′ vgamem=’16384′ heads=’1′ primary=’yes’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x02′ function=’0x0’/>
</video>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’2’/>
</redirdev>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’3’/>
</redirdev>
<memballoon model=’virtio’>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x08′ function=’0x0’/>
</memballoon>
</devices>
</domain>

定义，并启动虚拟机
[root@room9pc52 images]# virsh define /etc/libvirt/qemunode3.xml
定义域 node3（从 /etc/libvirt/qemunode3.xml）

[root@room9pc52 images]# virsh start node3
域 node3 已开始

[root@room9pc52 images]# virsh console node3
连接到域 node3
换码符为 ^]

[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu

更改YUM源、配置IP为192.168.1.3
[root@localhost ~]# cat /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/system
enabled=1
gpgcheck=1
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
TYPE=Ethernet
IPADDR=”192.168.1.3″
PREFIX=”24″
GATEWAY=”192.168.1.254″
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.3 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe1b:6be9 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:1b:6b:e9 txqueuelen 1000 (Ethernet)
RX packets 142 bytes 9882 (9.6 KiB)
RX errors 0 dropped 9 overruns 0 frame 0
TX packets 66 bytes 5746 (5.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@localhost ~]# yum repolist
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
dvd | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/6): dvd/group_gz | 156 kB 00:00
(2/6): dvd/primary_db | 5.7 MB 00:00
(3/6): extras/7/x86_64/primary_db | 204 kB 00:00
(4/6): base/7/x86_64/group_gz | 166 kB 00:01
(5/6): updates/7/x86_64/primary_db | 6.0 MB 00:02
(6/6): base/7/x86_64/primary_db | 5.9 MB 00:02
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.163.com
* updates: mirrors.163.com
repo id repo name status
base/7/x86_64 CentOS-7 – Base 9,911
dvd dvd 9,591
extras/7/x86_64 CentOS-7 – Extras 432
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 21,477

开始安装DNS
(注意，以下步骤都在真机上面去操作)

[root@room9pc52 images]# cat /etc/named.conf
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator’s Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
listen-on port 53 { 192.168.1.254; };
listen-on port 53 { 192.168.4.254; };
//listen-on-v6 port 53 { ::1; };
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
memstatistics-file “/var/named/data/named_mem_stats.txt”;
allow-query { any; };

/*
– If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
– If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
– If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
forwarders { 176.202.0.227; };
dnssec-enable no;
dnssec-validation no;

/* Path to ISC DLV key */
bindkeys-file “/etc/named.iscdlv.key”;

managed-keys-directory “/var/named/dynamic”;

pid-file “/run/named/named.pid”;
session-keyfile “/run/named/session.key”;
};

logging {
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};

zone “.” IN {
type hint;
file “named.ca”;
};

include “/etc/named.rfc1912.zones”;
include “/etc/named.root.key”;

[root@room9pc52 images]# systemctl restart named

验证DNS，去3台虚拟机都去试一试，可以看到都可以了
虚拟机1
[root@openstack ~]# ping www.baidu.com
PING www.a.shifen.com (180.97.33.107) 56(84) bytes of data.
64 bytes from 180.97.33.107 (180.97.33.107): icmp_seq=1 ttl=53 time=39.0 ms
64 bytes from 180.97.33.107 (180.97.33.107): icmp_seq=2 ttl=53 time=39.1 ms
^C
— www.a.shifen.com ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 39.071/39.095/39.119/0.024 ms

虚拟机2
[root@localhost ~]# ping www.baidu.com
PING www.a.shifen.com (180.97.33.108) 56(84) bytes of data.
64 bytes from 180.97.33.108 (180.97.33.108): icmp_seq=1 ttl=53 time=35.6 ms
64 bytes from 180.97.33.108 (180.97.33.108): icmp_seq=2 ttl=53 time=63.1 ms
^C
— www.a.shifen.com ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 35.642/49.414/63.186/13.772 ms

虚拟机3
[root@dns ~]# ping www.baidu.com
PING www.a.shifen.com (180.97.33.107) 56(84) bytes of data.
64 bytes from 180.97.33.107 (180.97.33.107): icmp_seq=1 ttl=53 time=39.6 ms
64 bytes from 180.97.33.107 (180.97.33.107): icmp_seq=2 ttl=53 time=40.9 ms
^C
— www.a.shifen.com ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 39.628/40.283/40.938/0.655 ms

第二步：两台虚拟机都配置静态IP和主机名，按照以下的要求
虚拟机1 openstack.tedu.cn 192.168.1.1
虚拟机2 nova.tedu.cn 192.168.1.2
已经配置好了，这里配置主机名
虚拟机1
[root@openstack ~]# hostnamectl set-hostname openstack.tedu.cn
[root@openstack ~]# exit
登出
Connection to 192.168.1.1 closed.
[root@room9pc52 images]# ssh 192.168.1.1
[email protected]’s password:
Last login: Mon Oct 15 16:36:37 2018 from 192.168.1.254

虚拟机2
[root@localhost ~]# hostnamectl set-hostname nova.tedu.cn
[root@localhost ~]# exit
登出
Connection to 192.168.1.2 closed.
[root@room9pc52 images]# ssh 192.168.1.2
[email protected]’s password:
Last login: Mon Oct 15 16:36:45 2018 from 192.168.1.254

第三步，修改本地HOSTS，添加域名解析
虚拟机1
[root@nova ~]# vim /etc/hosts
[root@nova ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.1 openstack.tedu.cn
192.168.1.2 nova.tedu.cn

虚拟机2
[root@nova ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.1 openstack.tedu.cn
192.168.1.2 nova.tedu.cn

测试确认以下，可以相互PING通
[root@openstack ~]# ping nova.tedu.cn
PING nova.tedu.cn (192.168.1.2) 56(84) bytes of data.
64 bytes from nova.tedu.cn (192.168.1.2): icmp_seq=1 ttl=64 time=0.433 ms
64 bytes from nova.tedu.cn (192.168.1.2): icmp_seq=2 ttl=64 time=0.592 ms
^C
— nova.tedu.cn ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.433/0.512/0.592/0.082 ms
[root@openstack ~]#

[root@nova ~]# ping openstack.tedu.cn
PING openstack.tedu.cn (192.168.1.1) 56(84) bytes of data.
64 bytes from openstack.tedu.cn (192.168.1.1): icmp_seq=1 ttl=64 time=0.428 ms
^C
— openstack.tedu.cn ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.428/0.428/0.428/0.000 ms

3 案例3：配置NTP服务器
3.1 问题

本案例要求配置NTP时间同步服务器：
将NTP服务与DNS服务部署在同一台主机上
确认NTP服务器的时区是东八区
确认NTP服务器的时间准确
计划安装openstack的服务器与NTP服务器进行时间校正
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置NTP时间同步（真机操作）

[root@room9pc01 ~]# yum -y install chrony
[root@room9pc01 ~]# vim /etc/chrony.conf
server ntp1.aliyun.com iburst
bindacqaddress 0.0.0.0
allow 0/0 //允许所有人使用我的时间服务器
cmdallow 127.0.0.1 //控制指令
[root@room9pc01 ~]# systemctl restart chronyd
[root@room9pc01 ~]# netstat -antup | grep chronyd
udp 0 0 0.0.0.0:123 0.0.0.0:* 23036/chronyd
udp 0 0 127.0.0.1:323 0.0.0.0:* 23036/chronyd
[root@room9pc01 ~]# chronyc sources -v //出现*号代表NTP时间可用
^* 120.25.115.20 2 6 17 62 -753us[-7003us] +/- 24ms

代码如下
安装软件包
[root@room9pc52 images]# yum install -y chrony
已加载插件：fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
软件包 chrony-3.2-2.el7.x86_64 已安装并且是最新版本
无须任何处理
配置配置文件，服务端
[root@room9pc52 images]# vim /etc/chrony.conf
[root@room9pc52 images]# grep -v “^#” /etc/chrony.conf | grep -v “^$”
server ntp1.aliyun.com iburst
bindacqaddress 0.0.0.0
allow 0/0
cmdallow 127.0.0.1
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony

重启服务，并确认结果
[root@room9pc52 images]# systemctl restart chronyd
[root@room9pc52 images]# chronyc sources -v
210 Number of sources = 1

.– Source mode ‘^’ = server, ‘=’ = peer, ‘#’ = local clock.
/ .- Source state ‘*’ = current synced, ‘+’ = combined , ‘-‘ = not combined,
| / ‘?’ = unreachable, ‘x’ = time may be in error, ‘~’ = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) –. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 120.25.115.20 2 6 17 2 -468us[-2309us] +/- 19ms
[root@room9pc52 images]#

虚拟机上操作
OPENSTACK节点
[root@openstack ~]# vim /etc/chrony.conf
[root@openstack ~]# grep -v “^#” /etc/chrony.conf | grep -v “^$”
server 192.168.1.254 iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
[root@openstack ~]# systemctl restart chronyd
[root@openstack ~]# chronyc sources -v
210 Number of sources = 1

NOVA节点
[root@nova ~]# vim /etc/chrony.conf
[root@nova ~]# systemctl restart chronyd
[root@nova ~]# chronyc sources -v
210 Number of sources = 1

4 案例4：环境准备
4.1 问题

本案例要求准备基础环境，为安装openstack做准备：
准备openstack的基础环境
4.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：准备基础环境

1）配置yum源
备注：只有系统源的gpgcheck=1，其他的都是gpgcheck=0）
[root@room9pc01 ~]# scp /etc/yum.repos.d/local.repo \
192.168.1.1:/etc/yum.repos.d/ //拷贝给openstack.tedu.cn这台主机
[root@room9pc01 ~]# scp /etc/yum.repos.d/local.repo \
192.168.1.2:/etc/yum.repos.d/ //拷贝给nova.tedu.cn这台主机
步骤二：配置ip

备注：配置eth0为公共网络，网络地址192.168.1.0/24（已经配置过）
配置eth1为隧道接口，网络地址192.168.2.0/24
1）给openstack.tedu.cn主机添加eth1网卡
[root@room9pc01 networks]# virsh -c qemu:///system attach-interface openstack bridge private2 –model virtio
Interface attached successfully //添加成功
[root@openstack ~]# cd /etc/sysconfig/network-scripts
[root@openstack network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@openstack network-scripts]# vim ifcfg-eth1
# Generated by dracut initrd
DEVICE=”eth1″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=”192.168.2.1″
PREFIX=24
GATEWAY=192.168.1.254
[root@openstack network-scripts]# systemctl restart network
2）给nova.tedu.cn主机添加eth1网卡
[root@room9pc01 networks]# virsh -c qemu:///system attach-interface nova bridge private2 –model virtio
Interface attached successfully //添加成功
[root@nova ~]# cd /etc/sysconfig/network-scripts
[root@nova network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@nova network-scripts]# vim ifcfg-eth1
# Generated by dracut initrd
DEVICE=”eth1″
ONBOOT=”yes”
IPV6INIT=”no”
IPV4_FAILURE_FATAL=”no”
NM_CONTROLLED=”no”
TYPE=”Ethernet”
BOOTPROTO=”static”
IPADDR=”192.168.2.2″
PREFIX=24
GATEWAY=192.168.1.254
[root@openstack network-scripts]# systemctl restart network
3）配置卷组（openstack主机上面操作）
[root@room9pc01 images]# qemu-img create -f qcow2 disk.img 50G
Formatting ‘disk.img’, fmt=qcow2 size=53687091200 encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc01 networks]# virsh -c qemu:///system attach-disk openstack \
/var/lib/libvirt/images/disk.img vdb –subdriver qcow2 –sourcetype file
Disk attached successfully //添加成功
[root@openstack ~]# yum install lvm2
[root@openstack ~]# pvcreate /dev/vdb
[root@openstack ~]# vgcreate cinder-volumes /dev/vdb
4）安装openstack的依赖包（openstack.tedu.cn和nova.tedu.cn主机上面
[root@openstack ~]# yum install -y qemu-kvm libvirt-client libvirt-daemon libvirt-daemon-driver-qemu python-setuptools
[root@nova ~]# yum install -y qemu-kvm libvirt-client libvirt-daemon libvirt-daemon-driver-qemu python-setuptools

代码如下：
1、配置YUM源，再说一遍，只有第一个system也就是那个centos的源需要gpgcheck=0
[root@room9pc52 images]# scp /etc/yum.repos.d/local.repo 192.168.1.1:/etc/yum.repos.d/
[email protected]’s password:
local.repo 100% 1524 2.5MB/s 00:00
[root@room9pc52 images]# scp /etc/yum.repos.d/local.repo 192.168.1.2:/etc/yum.repos.d/
[email protected]’s password:
local.repo 100% 1524 1.9MB/s 00:00
[root@room9pc52 images]#

openstack节点确认
[root@openstack yum.repos.d]# yum repolist
已加载插件：fastestmirror
10local_rhscon-2-main-rpms | 2.9 kB 00:00:00
1local_devtools-rpms | 2.9 kB 00:00:00
2local_optools-rpms | 2.9 kB 00:00:00
3local_rpms | 2.9 kB 00:00:00
4local_tools-rpms | 2.9 kB 00:00:00
5local_mon-rpms | 2.9 kB 00:00:00
6local_osd-rpms | 2.9 kB 00:00:00
7local_rhceph-2-tools-rpms | 2.9 kB 00:00:00
8local_agent-rpms | 2.9 kB 00:00:00
9local_installer-rpms | 2.9 kB 00:00:00
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
local_extras | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
http://mirrors.cqu.edu.cn/CentOS/7.5.1804/updates/x86_64/repodata/repomd.xml: [Errno 12] Timeout on http://mirrors.cqu.edu.cn/CentOS/7.5.1804/updates/x86_64/repodata/repomd.xml: (28, ‘Connection timed out after 30001 milliseconds’)
正在尝试其它镜像。
updates | 3.4 kB 00:00:00
(1/17): 10local_rhscon-2-main-rpms/primary_db | 21 kB 00:00:00
(2/17): 1local_devtools-rpms/primary_db | 3.7 kB 00:00:00
(3/17): 5local_mon-rpms/primary_db | 37 kB 00:00:00
(4/17): 2local_optools-rpms/primary_db | 41 kB 00:00:00
(5/17): 6local_osd-rpms/primary_db | 29 kB 00:00:00
(6/17): 3local_rpms/primary_db | 318 kB 00:00:00
(7/17): 4local_tools-rpms/primary_db | 35 kB 00:00:00
(8/17): 8local_agent-rpms/primary_db | 13 kB 00:00:00
(9/17): 7local_rhceph-2-tools-rpms/primary_db | 30 kB 00:00:00
(10/17): local_extras/primary_db | 43 kB 00:00:00
(11/17): 9local_installer-rpms/primary_db | 44 kB 00:00:00
(12/17): local_repo/group_gz | 156 kB 00:00:00
(13/17): local_repo/primary_db | 5.7 MB 00:00:00
(14/17): extras/7/x86_64/primary_db | 204 kB 00:00:00
(15/17): base/7/x86_64/group_gz | 166 kB 00:00:01
(16/17): updates/7/x86_64/primary_db | 6.0 MB 00:00:01
(17/17): base/7/x86_64/primary_db | 5.9 MB 00:00:01
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
源标识源名称状态
10local_rhscon-2-main-rpms rhscon-2-main-rpms 29
1local_devtools-rpms devtools-rpms 3
2local_optools-rpms optools-rpms 99
3local_rpms rpms 680
4local_tools-rpms tools-rpms 84
5local_mon-rpms mon-rpms 41
6local_osd-rpms osd-rpms 28
7local_rhceph-2-tools-rpms rhceph-2-tools-rpms 35
8local_agent-rpms agent-rpms 19
9local_installer-rpms installer-rpms 46
base/7/x86_64 CentOS-7 – Base 9,911
extras/7/x86_64 CentOS-7 – Extras 432
local_extras extras 76
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 22,617

nova节点
[root@nova ~]# ll /etc/yum.repos.d/
总用量 32
-rw-r–r–. 1 root root 1664 8月 30 2017 CentOS-Base.repo
-rw-r–r–. 1 root root 1309 8月 30 2017 CentOS-CR.repo
-rw-r–r–. 1 root root 649 8月 30 2017 CentOS-Debuginfo.repo
-rw-r–r–. 1 root root 314 8月 30 2017 CentOS-fasttrack.repo
-rw-r–r–. 1 root root 630 8月 30 2017 CentOS-Media.repo
-rw-r–r–. 1 root root 1331 8月 30 2017 CentOS-Sources.repo
-rw-r–r–. 1 root root 3830 8月 30 2017 CentOS-Vault.repo
-rw-r–r– 1 root root 1524 10月 15 17:13 local.repo
[root@nova ~]# yum repolist
已加载插件：fastestmirror
10local_rhscon-2-main-rpms | 2.9 kB 00:00:00
1local_devtools-rpms | 2.9 kB 00:00:00
2local_optools-rpms | 2.9 kB 00:00:00
3local_rpms | 2.9 kB 00:00:00
4local_tools-rpms | 2.9 kB 00:00:00
5local_mon-rpms | 2.9 kB 00:00:00
6local_osd-rpms | 2.9 kB 00:00:00
7local_rhceph-2-tools-rpms | 2.9 kB 00:00:00
8local_agent-rpms | 2.9 kB 00:00:00
9local_installer-rpms | 2.9 kB 00:00:00
base | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
local_extras | 2.9 kB 00:00:00
local_repo | 3.6 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/17): 10local_rhscon-2-main-rpms/primary_db | 21 kB 00:00:00
(2/17): 2local_optools-rpms/primary_db | 41 kB 00:00:00
(3/17): 1local_devtools-rpms/primary_db | 3.7 kB 00:00:00
(4/17): 5local_mon-rpms/primary_db | 37 kB 00:00:00
(5/17): 6local_osd-rpms/primary_db | 29 kB 00:00:00
(6/17): 7local_rhceph-2-tools-rpms/primary_db | 30 kB 00:00:00
(7/17): 8local_agent-rpms/primary_db | 13 kB 00:00:00
(8/17): 4local_tools-rpms/primary_db | 35 kB 00:00:00
(9/17): 3local_rpms/primary_db | 318 kB 00:00:00
(10/17): 9local_installer-rpms/primary_db | 44 kB 00:00:00
(11/17): local_extras/primary_db | 43 kB 00:00:00
(12/17): local_repo/group_gz | 156 kB 00:00:00
(13/17): local_repo/primary_db | 5.7 MB 00:00:00
(14/17): extras/7/x86_64/primary_db | 204 kB 00:00:00
(15/17): base/7/x86_64/primary_db | 5.9 MB 00:00:01
(16/17): base/7/x86_64/group_gz | 166 kB 00:00:01
(17/17): updates/7/x86_64/primary_db | 6.0 MB 00:00:01
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
源标识源名称状态
10local_rhscon-2-main-rpms rhscon-2-main-rpms 29
1local_devtools-rpms devtools-rpms 3
2local_optools-rpms optools-rpms 99
3local_rpms rpms 680
4local_tools-rpms tools-rpms 84
5local_mon-rpms mon-rpms 41
6local_osd-rpms osd-rpms 28
7local_rhceph-2-tools-rpms rhceph-2-tools-rpms 35
8local_agent-rpms agent-rpms 19
9local_installer-rpms installer-rpms 46
base/7/x86_64 CentOS-7 – Base 9,911
extras/7/x86_64 CentOS-7 – Extras 432
local_extras extras 76
local_repo CentOS-7 – Base 9,591
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 22,617

配置2台虚拟机的IP地址
[root@openstack network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@openstack network-scripts]# vim ifcfg-eth1
[root@openstack network-scripts]# systemctl restart network

[root@openstack network-scripts]# cat ifcfg-eth1
# Generated by dracut initrd
DEVICE=”eth1″
NAME=”eth1″
ONBOOT=yes
IPV6INIT=no
TYPE=Ethernet
BOOTPROTO=”static”
IPADDR=”192.168.4.1″
PREFIX=”24″
GATEWAY=”192.168.4.254″
[root@openstack network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe6e:9202 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:6e:92:02 txqueuelen 1000 (Ethernet)
RX packets 16766 bytes 20783335 (19.8 MiB)
RX errors 0 dropped 3935 overruns 0 frame 0
TX packets 8759 bytes 763048 (745.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255
inet6 fe80::5054:ff:fe3b:717d prefixlen 64 scopeid 0x20<link>
ether 52:54:00:3b:71:7d txqueuelen 1000 (Ethernet)
RX packets 1649 bytes 86880 (84.8 KiB)
RX errors 0 dropped 1579 overruns 0 frame 0
TX packets 59 bytes 3750 (3.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 7 bytes 784 (784.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7 bytes 784 (784.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

NOVA节点
[root@nova ~]# cd /etc/sysconfig/network-scripts/
[root@nova network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@nova network-scripts]# vim ifcfg-eth1
[root@nova network-scripts]# systemctl restart network
[root@nova network-scripts]# cat ifcfg-eth1
# Generated by dracut initrd
DEVICE=”eth1″
NAME=”eth1″
ONBOOT=yes
IPV6INIT=no
TYPE=Ethernet
BOOTPROTO=”static”
IPADDR=”192.168.4.2″
PREFIX=”24″
GATEWAY=”192.168.1.254″
[root@nova network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe50:6852 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:50:68:52 txqueuelen 1000 (Ethernet)
RX packets 15736 bytes 20715008 (19.7 MiB)
RX errors 0 dropped 3965 overruns 0 frame 0
TX packets 9061 bytes 782271 (763.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.4.2 netmask 255.255.255.0 broadcast 192.168.4.255
inet6 fe80::5054:ff:feb7:2a06 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:b7:2a:06 txqueuelen 1000 (Ethernet)
RX packets 1589 bytes 83626 (81.6 KiB)
RX errors 0 dropped 1529 overruns 0 frame 0
TX packets 58 bytes 3820 (3.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 6 bytes 560 (560.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 560 (560.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

测试一下，相互能够PING通
[root@openstack network-scripts]# ping 192.168.4.254
PING 192.168.4.254 (192.168.4.254) 56(84) bytes of data.
64 bytes from 192.168.4.254: icmp_seq=1 ttl=64 time=0.456 ms
^C
— 192.168.4.254 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.456/0.456/0.456/0.000 ms
[root@openstack network-scripts]# ping 192.168.4.2
PING 192.168.4.2 (192.168.4.2) 56(84) bytes of data.
64 bytes from 192.168.4.2: icmp_seq=1 ttl=64 time=0.554 ms
64 bytes from 192.168.4.2: icmp_seq=2 ttl=64 time=0.522 ms
^C
— 192.168.4.2 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.522/0.538/0.554/0.016 ms

[root@nova network-scripts]# ping 192.168.4.254
PING 192.168.4.254 (192.168.4.254) 56(84) bytes of data.
64 bytes from 192.168.4.254: icmp_seq=1 ttl=64 time=0.345 ms
64 bytes from 192.168.4.254: icmp_seq=2 ttl=64 time=0.255 ms
^C
— 192.168.4.254 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.255/0.300/0.345/0.045 ms
[root@nova network-scripts]# ping 192.168.4.1
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=64 time=0.469 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=64 time=0.646 ms
^C
— 192.168.4.1 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.469/0.557/0.646/0.091 ms

配置卷组
OPENSTACK节点上创建cinder-volumes卷组
[root@openstack ~]# yum install -y lvm2
已加载插件：fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
正在解决依赖关系
–> 正在检查事务
—> 软件包 lvm2.x86_64.7.2.02.177-4.el7 将被安装
–> 正在处理依赖关系 lvm2-libs = 7:2.02.177-4.el7，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 device-mapper-persistent-data >= 0.7.0-0.1.rc6，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 liblvm2app.so.2.2(Base)(64bit)，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 libdevmapper.so.1.02(DM_1_02_141)(64bit)，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 libdevmapper-event.so.1.02(Base)(64bit)，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 liblvm2app.so.2.2()(64bit)，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在处理依赖关系 libdevmapper-event.so.1.02()(64bit)，它被软件包 7:lvm2-2.02.177-4.el7.x86_64 需要
–> 正在检查事务
—> 软件包 device-mapper-event-libs.x86_64.7.1.02.146-4.el7 将被安装
—> 软件包 device-mapper-libs.x86_64.7.1.02.140-8.el7 将被升级
–> 正在处理依赖关系 device-mapper-libs = 7:1.02.140-8.el7，它被软件包 7:device-mapper-1.02.140-8.el7.x86_64 需要
—> 软件包 device-mapper-libs.x86_64.7.1.02.146-4.el7 将被更新
—> 软件包 device-mapper-persistent-data.x86_64.0.0.7.3-3.el7 将被安装
–> 正在处理依赖关系 libaio.so.1(LIBAIO_0.4)(64bit)，它被软件包 device-mapper-persistent-data-0.7.3-3.el7.x86_64 需要
–> 正在处理依赖关系 libaio.so.1(LIBAIO_0.1)(64bit)，它被软件包 device-mapper-persistent-data-0.7.3-3.el7.x86_64 需要
–> 正在处理依赖关系 libaio.so.1()(64bit)，它被软件包 device-mapper-persistent-data-0.7.3-3.el7.x86_64 需要
—> 软件包 lvm2-libs.x86_64.7.2.02.177-4.el7 将被安装
–> 正在处理依赖关系 device-mapper-event = 7:1.02.146-4.el7，它被软件包 7:lvm2-libs-2.02.177-4.el7.x86_64 需要
–> 正在检查事务
—> 软件包 device-mapper.x86_64.7.1.02.140-8.el7 将被升级
—> 软件包 device-mapper.x86_64.7.1.02.146-4.el7 将被更新
—> 软件包 device-mapper-event.x86_64.7.1.02.146-4.el7 将被安装
—> 软件包 libaio.x86_64.0.0.3.109-13.el7 将被安装
–> 解决依赖关系完成

依赖关系解决

===========================================================================================
Package 架构版本源大小
===========================================================================================
正在安装:
lvm2 x86_64 7:2.02.177-4.el7 base 1.3 M
为依赖而安装:
device-mapper-event x86_64 7:1.02.146-4.el7 base 185 k
device-mapper-event-libs x86_64 7:1.02.146-4.el7 base 184 k
device-mapper-persistent-data x86_64 0.7.3-3.el7 base 405 k
libaio x86_64 0.3.109-13.el7 base 24 k
lvm2-libs x86_64 7:2.02.177-4.el7 base 1.0 M
为依赖而更新:
device-mapper x86_64 7:1.02.146-4.el7 base 289 k
device-mapper-libs x86_64 7:1.02.146-4.el7 base 316 k

事务概要
===========================================================================================
安装 1 软件包 (+5 依赖软件包)
升级 ( 2 依赖软件包)

总下载量：3.7 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/8): device-mapper-event-1.02.146-4.el7.x86_64.rpm | 185 kB 00:00:00
(2/8): device-mapper-event-libs-1.02.146-4.el7.x86_64.rpm | 184 kB 00:00:00
(3/8): device-mapper-1.02.146-4.el7.x86_64.rpm | 289 kB 00:00:00
(4/8): device-mapper-libs-1.02.146-4.el7.x86_64.rpm | 316 kB 00:00:00
(5/8): libaio-0.3.109-13.el7.x86_64.rpm | 24 kB 00:00:00
(6/8): device-mapper-persistent-data-0.7.3-3.el7.x86_64.rpm | 405 kB 00:00:00
(7/8): lvm2-2.02.177-4.el7.x86_64.rpm | 1.3 MB 00:00:00
(8/8): lvm2-libs-2.02.177-4.el7.x86_64.rpm | 1.0 MB 00:00:00
——————————————————————————————-
总计 3.3 MB/s | 3.7 MB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在更新 : 7:device-mapper-libs-1.02.146-4.el7.x86_64 1/10
正在更新 : 7:device-mapper-1.02.146-4.el7.x86_64 2/10
正在安装 : 7:device-mapper-event-libs-1.02.146-4.el7.x86_64 3/10
正在安装 : 7:device-mapper-event-1.02.146-4.el7.x86_64 4/10
正在安装 : 7:lvm2-libs-2.02.177-4.el7.x86_64 5/10
正在安装 : libaio-0.3.109-13.el7.x86_64 6/10
正在安装 : device-mapper-persistent-data-0.7.3-3.el7.x86_64 7/10
正在安装 : 7:lvm2-2.02.177-4.el7.x86_64 8/10
Created symlink from /etc/systemd/system/sysinit.target.wants/lvm2-lvmpolld.socket to /usr/lib/systemd/system/lvm2-lvmpolld.socket.
清理 : 7:device-mapper-libs-1.02.140-8.el7.x86_64 9/10
清理 : 7:device-mapper-1.02.140-8.el7.x86_64 10/10
验证中 : device-mapper-persistent-data-0.7.3-3.el7.x86_64 1/10
验证中 : libaio-0.3.109-13.el7.x86_64 2/10
验证中 : 7:device-mapper-1.02.146-4.el7.x86_64 3/10
验证中 : 7:device-mapper-event-1.02.146-4.el7.x86_64 4/10
验证中 : 7:device-mapper-event-libs-1.02.146-4.el7.x86_64 5/10
验证中 : 7:lvm2-libs-2.02.177-4.el7.x86_64 6/10
验证中 : 7:lvm2-2.02.177-4.el7.x86_64 7/10
验证中 : 7:device-mapper-libs-1.02.146-4.el7.x86_64 8/10
验证中 : 7:device-mapper-1.02.140-8.el7.x86_64 9/10
验证中 : 7:device-mapper-libs-1.02.140-8.el7.x86_64 10/10

已安装:
lvm2.x86_64 7:2.02.177-4.el7

作为依赖被安装:
device-mapper-event.x86_64 7:1.02.146-4.el7
device-mapper-event-libs.x86_64 7:1.02.146-4.el7
device-mapper-persistent-data.x86_64 0:0.7.3-3.el7
libaio.x86_64 0:0.3.109-13.el7
lvm2-libs.x86_64 7:2.02.177-4.el7

作为依赖被升级:
device-mapper.x86_64 7:1.02.146-4.el7 device-mapper-libs.x86_64 7:1.02.146-4.el7

完毕！
[root@openstack ~]#
[root@openstack ~]#
[root@openstack ~]# pvcreate /dev/vdb
Physical volume “/dev/vdb” successfully created.
[root@openstack ~]# vgcreate cinder-volumes /dev/vdb
Volume group “cinder-volumes” successfully created
[root@openstack ~]# vgs
VG #PV #LV #SN Attr VSize VFree
cinder-volumes 1 0 0 wz–n- <20.00g <20.00g

安装依赖包
openstak和nova上面都要安装依赖包
yum install -y qemu-kvm libvirt-client libvirt-daemon libvirt-daemon-driver-qemu python-setuptools

已安装:
libvirt-client.x86_64 0:3.9.0-14.el7_5.8
libvirt-daemon.x86_64 0:3.9.0-14.el7_5.8
libvirt-daemon-driver-qemu.x86_64 0:3.9.0-14.el7_5.8
python-setuptools.noarch 0:0.9.8-7.el7
qemu-kvm-rhev.x86_64 10:2.6.0-28.el7_3.6

作为依赖被安装:
autogen-libopts.x86_64 0:5.18-5.el7
avahi-libs.x86_64 0:0.6.31-19.el7
boost-iostreams.x86_64 0:1.53.0-27.el7
boost-random.x86_64 0:1.53.0-27.el7
boost-system.x86_64 0:1.53.0-27.el7
boost-thread.x86_64 0:1.53.0-27.el7
bzip2.x86_64 0:1.0.6-13.el7
celt051.x86_64 0:0.5.1.3-8.el7
cyrus-sasl.x86_64 0:2.1.26-23.el7
cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7
dnsmasq.x86_64 0:2.76-5.el7
flac-libs.x86_64 0:1.3.0-5.el7_1
glusterfs.x86_64 0:3.8.4-54.15.el7.centos
glusterfs-api.x86_64 0:3.8.4-54.15.el7.centos
glusterfs-client-xlators.x86_64 0:3.8.4-54.15.el7.centos
glusterfs-libs.x86_64 0:3.8.4-54.15.el7.centos
gnutls-dane.x86_64 0:3.3.26-9.el7
gnutls-utils.x86_64 0:3.3.26-9.el7
gperftools-libs.x86_64 0:2.6.1-1.el7
gsm.x86_64 0:1.0.13-11.el7
gssproxy.x86_64 0:0.7.0-17.el7
ipxe-roms-qemu.noarch 0:20170123-1.git4e85b27.el7_4.1
keyutils.x86_64 0:1.5.8-3.el7
libICE.x86_64 0:1.0.9-9.el7
libSM.x86_64 0:1.2.2-2.el7
libX11.x86_64 0:1.6.5-1.el7
libX11-common.noarch 0:1.6.5-1.el7
libXau.x86_64 0:1.0.8-2.1.el7
libXext.x86_64 0:1.3.3-3.el7
libXi.x86_64 0:1.7.9-1.el7
libXtst.x86_64 0:1.2.3-1.el7
libaio.x86_64 0:0.3.109-13.el7
libasyncns.x86_64 0:0.8-7.el7
libbasicobjects.x86_64 0:0.1.1-29.el7
libcacard.x86_64 40:2.5.2-2.el7
libcgroup.x86_64 0:0.41-15.el7
libcollection.x86_64 0:0.7.0-29.el7
libevent.x86_64 0:2.0.21-4.el7
libibverbs.x86_64 0:15-7.el7_5
libini_config.x86_64 0:1.3.1-29.el7
libiscsi.x86_64 0:1.9.0-7.el7
libjpeg-turbo.x86_64 0:1.2.90-5.el7
libnfsidmap.x86_64 0:0.25-19.el7
libogg.x86_64 2:1.3.0-7.el7
libpath_utils.x86_64 0:0.2.1-29.el7
libpcap.x86_64 14:1.5.3-11.el7
libpng.x86_64 2:1.5.13-7.el7_2
librados2.x86_64 1:10.2.3-17.el7cp
librbd1.x86_64 1:10.2.3-17.el7cp
librdmacm.x86_64 0:15-7.el7_5
libref_array.x86_64 0:0.1.5-29.el7
libsndfile.x86_64 0:1.0.25-10.el7
libtirpc.x86_64 0:0.2.4-0.10.el7
libusbx.x86_64 0:1.0.21-1.el7
libverto-libevent.x86_64 0:0.2.5-4.el7
libvirt-daemon-driver-network.x86_64 0:3.9.0-14.el7_5.8
libvirt-daemon-driver-storage-core.x86_64 0:3.9.0-14.el7_5.8
libvirt-libs.x86_64 0:3.9.0-14.el7_5.8
libvorbis.x86_64 1:1.3.3-8.el7.1
libxcb.x86_64 0:1.12-1.el7
lttng-ust.x86_64 0:2.4.1-1.el7cp
lz4.x86_64 0:1.7.5-2.el7
lzop.x86_64 0:1.03-10.el7
nfs-utils.x86_64 1:1.3.0-0.54.el7
nmap-ncat.x86_64 2:6.40-13.el7
numad.x86_64 0:0.5-18.20150602git.el7
opus.x86_64 0:1.0.2-6.el7
pciutils.x86_64 0:3.5.1-3.el7
pixman.x86_64 0:0.34.0-1.el7
pulseaudio-libs.x86_64 0:10.0-5.el7
python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7
python-ipaddress.noarch 0:1.0.16-2.el7
qemu-img-rhev.x86_64 10:2.6.0-28.el7_3.6
qemu-kvm-common-rhev.x86_64 10:2.6.0-28.el7_3.6
quota.x86_64 1:4.01-17.el7
quota-nls.noarch 1:4.01-17.el7
radvd.x86_64 0:1.9.2-9.el7_5.4
rdma-core.x86_64 0:15-7.el7_5
rpcbind.x86_64 0:0.2.0-44.el7
seabios-bin.noarch 0:1.11.0-2.el7
seavgabios-bin.noarch 0:1.11.0-2.el7
sgabios-bin.noarch 1:0.20110622svn-4.el7
spice-server.x86_64 0:0.14.0-2.el7_5.5
tcp_wrappers.x86_64 0:7.6-77.el7
unbound-libs.x86_64 0:1.6.6-1.el7
usbredir.x86_64 0:0.7.1-3.el7
userspace-rcu.x86_64 0:0.7.9-2.el7rhgs
yajl.x86_64 0:2.0.4-4.el7

更新完毕:
selinux-policy.noarch 0:3.13.1-192.el7_5.6

作为依赖被升级:
cyrus-sasl-lib.x86_64 0:2.1.26-23.el7
dbus.x86_64 1:1.10.24-7.el7
dbus-libs.x86_64 1:1.10.24-7.el7
libselinux.x86_64 0:2.5-12.el7
libselinux-python.x86_64 0:2.5-12.el7
libselinux-utils.x86_64 0:2.5-12.el7
libsepol.x86_64 0:2.5-8.1.el7
pciutils-libs.x86_64 0:3.5.1-3.el7
policycoreutils.x86_64 0:2.5-22.el7
selinux-policy-targeted.noarch 0:3.13.1-192.el7_5.6

完毕！

安装packstack
已安装:
openstack-packstack.noarch 0:9.0.0-3.el7ost

作为依赖被安装:
PyYAML.x86_64 0:3.10-11.el7
augeas-libs.x86_64 0:1.4.0-5.el7_5.1
facter.x86_64 1:2.4.4-4.el7
hiera.noarch 0:1.3.4-1.el7
jbigkit-libs.x86_64 0:2.0-11.el7
libselinux-ruby.x86_64 0:2.5-12.el7
libtiff.x86_64 0:4.0.3-27.el7_3
libwebp.x86_64 0:0.3.0-7.el7
libyaml.x86_64 0:0.1.4-11.el7_0
openstack-packstack-puppet.noarch 0:9.0.0-3.el7ost
puppet.noarch 0:3.8.7-2.el7
puppet-aodh.noarch 0:9.5.0-1.el7ost
puppet-apache.noarch 0:1.10.0-2.05a0aacgit.el7ost
puppet-ceilometer.noarch 0:9.5.0-1.el7ost
puppet-certmonger.noarch 0:1.1.1-1.1157a7egit.el7ost
puppet-cinder.noarch 0:9.5.0-1.el7ost
puppet-concat.noarch 0:2.2.0-2.ba64361git.el7ost
puppet-corosync.noarch 0:5.0.0-1.f3ada25git.el7ost
puppet-firewall.noarch 0:1.8.1-2.e70157egit.el7ost
puppet-glance.noarch 0:9.5.0-2.el7ost
puppet-gnocchi.noarch 0:9.5.0-1.el7ost
puppet-heat.noarch 0:9.5.0-1.el7ost
puppet-horizon.noarch 0:9.5.0-1.el7ost
puppet-inifile.noarch 0:1.6.0-2.el7ost
puppet-ironic.noarch 0:9.5.0-1.el7ost
puppet-keystone.noarch 0:9.5.0-1.el7ost
puppet-manila.noarch 0:9.5.0-1.el7ost
puppet-memcached.noarch 0:2.8.1-1.bfa64e0git.el7ost
puppet-mongodb.noarch 0:0.16.0-1.el7ost
puppet-mysql.noarch 0:3.10.0-1.el7ost
puppet-neutron.noarch 0:9.5.0-1.el7ost
puppet-nova.noarch 0:9.5.0-2.el7ost
puppet-nssdb.noarch 0:1.0.1-1.el7ost
puppet-openstack_extras.noarch 0:9.5.0-1.el7ost
puppet-openstacklib.noarch 0:9.5.0-1.el7ost
puppet-oslo.noarch 0:9.5.0-1.el7ost
puppet-rabbitmq.noarch 0:5.6.0-1.057a013git.el7ost
puppet-redis.noarch 0:1.2.3-2.el7ost
puppet-remote.noarch 0:0.0.1-1.el7ost
puppet-rsync.noarch 0:0.4.0-1.8cc3c6fgit.el7ost
puppet-sahara.noarch 0:9.5.0-1.el7ost
puppet-ssh.noarch 0:2.9.1-1.el7ost
puppet-staging.noarch 0:1.0.4-1.b466d93git.el7ost
puppet-stdlib.noarch 0:4.13.1-3.f2492eegit.el7ost
puppet-swift.noarch 0:9.5.0-1.el7ost
puppet-sysctl.noarch 0:0.0.11-1.el7ost
puppet-tempest.noarch 0:9.4.0-1.el7ost
puppet-trove.noarch 0:9.5.0-1.el7ost
puppet-vcsrepo.noarch 0:1.4.0-2.cd6c3bcgit.el7ost
puppet-vswitch.noarch 0:5.4.0-1.el7ost
puppet-xinetd.noarch 0:2.0.0-2.f9d6e18git.el7ost
pyOpenSSL.noarch 0:0.15.1-1.el7ost
python-cffi.x86_64 0:1.6.0-5.el7
python-docutils.noarch 0:0.12-0.2.20140510svn7747.el7ost
python-enum34.noarch 0:1.0.4-1.el7
python-idna.noarch 0:2.4-1.el7
python-netaddr.noarch 0:0.7.18-1.el7ost
python-pbr.noarch 0:1.10.0-1.el7ost
python-pillow.x86_64 0:2.0.0-19.gitd1c6db8.el7
python-ply.noarch 0:3.4-11.el7
python-pycparser.noarch 0:2.14-1.el7
python-six.noarch 0:1.9.0-2.el7
python2-cryptography.x86_64 0:1.7.2-2.el7
python2-pyasn1.noarch 0:0.1.9-7.el7
ruby.x86_64 0:2.0.0.648-33.el7_4
ruby-augeas.x86_64 0:0.5.0-1.el7
ruby-irb.noarch 0:2.0.0.648-33.el7_4
ruby-libs.x86_64 0:2.0.0.648-33.el7_4
ruby-shadow.x86_64 0:1.4.1-22.el7
rubygem-bigdecimal.x86_64 0:1.2.0-33.el7_4
rubygem-io-console.x86_64 0:0.4.2-33.el7_4
rubygem-json.x86_64 0:1.7.7-33.el7_4
rubygem-psych.x86_64 0:2.0.0-33.el7_4
rubygem-rdoc.noarch 0:4.0.0-33.el7_4
rubygems.noarch 0:2.0.14.1-33.el7_4

完毕！

安装openstack
[root@openstack ~]# yum install -y openstack-packstack
[root@openstack ~]# packstack –gen-answer-file answer.ini
//answer.ini与answer.txt是一样的，只是用vim打开answer.ini文件有颜色
Packstack changed given value to required value /root/.ssh/id_rsa.pub
[root@openstack ~]# vim answer.ini
11 CONFIG_DEFAULT_PASSWORD=redhat //密码
42 CONFIG_SWIFT_INSTALL=n
75 CONFIG_NTP_SERVERS=192.168.1.3 //时间服务器的地址
554 CONFIG_CINDER_VOLUMES_CREATE=n //创建卷,已经手动创建过了
840 CONFIG_NEUTRON_ML2_TYPE_DRIVERS=flat,vxlan //驱动类型
876 CONFIG_NEUTRON_ML2_VXLAN_GROUP=239.1.1.5
//设置组播地址,最后一个随意不能为0和255,其他固定
910 CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-ex //物理网桥的名称
921 CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:eth0
//br-ex桥的名称与eth0连接，管理eth0,网桥与哪个物理网卡连接
936 CONFIG_NEUTRON_OVS_TUNNEL_IF=eth1
1179 CONFIG_PROVISION_DEMO=n //DEMO是否测试
[root@openstack ~]# packstack –answer-file=answer.ini
**** Installation completed successfully ****** //出现这个为成功

[root@openstack ~]# packstack –answer-file=answer.ini
Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20181015-184938-5g98kf/openstack-setup.log

Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts’ details [ DONE ]
Preparing pre-install entries [ DONE ]
Installing time synchronization via NTP [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron LBaaS Agent entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing MongoDB entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.1.1_controller.pp
192.168.1.1_controller.pp: [ DONE ]
Applying 192.168.1.1_network.pp
192.168.1.1_network.pp: [ DONE ]
Applying 192.168.1.1_compute.pp
192.168.1.1_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]

**** Installation completed successfully ******

Additional information:
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.1.1. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.1.1/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20181015-184938-5g98kf/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20181015-184938-5g98kf/manifests

6 案例6：网络管理
6.1 问题

本案例要求运用OVS完成以下配置：
查看外部OVS网桥及其端口
验证OVS配置
6.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：查看外部OVS网桥

1）查看br-ex网桥配置（br-ex为OVS网桥设备）
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex
ONBOOT=”yes”
NM_CONTROLLED=”no”
IPADDR=”192.168.1.1″
PREFIX=24
GATEWAY=192.168.1.254
DEVICE=br-ex
NAME=br-ex
DEVICETYPE=ovs
OVSBOOTPROTO=”static”
TYPE=OVSBridge
2）查看eth0网卡配置（该网卡为OVS网桥的接口）
[root@nova ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
ONBOOT=yes
BOOTPROTO=none
3）验证OVS配置
[root@nova ~]# ovs-vsctl show
Bridge br-ex
Controller “tcp:127.0.0.1:6633”
is_connected: true
fail_mode: secure
Port br-ex
Interface br-ex
type: internal
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
Port “eth0”
Interface “eth0”
ovs_version: “2.5.0”

查看是否多出来一个br-ex网桥，同时，eth0也发生了变化
[root@openstack ~]# ifconfig
br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5c41:b0ff:fee4:9747 prefixlen 64 scopeid 0x20<link>
ether 5e:41:b0:e4:97:47 txqueuelen 1000 (Ethernet)
RX packets 13106 bytes 19703671 (18.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11124 bytes 920054 (898.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::5054:ff:fe6e:9202 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:6e:92:02 txqueuelen 1000 (Ethernet)
RX packets 51163 bytes 202216431 (192.8 MiB)
RX errors 0 dropped 6677 overruns 0 frame 0
TX packets 36048 bytes 3566633 (3.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.4.1 netmask 255.255.255.0 broadcast 192.168.4.255
inet6 fe80::5054:ff:fe3b:717d prefixlen 64 scopeid 0x20<link>
ether 52:54:00:3b:71:7d txqueuelen 1000 (Ethernet)
RX packets 111913 bytes 169743598 (161.8 MiB)
RX errors 0 dropped 4324 overruns 0 frame 0
TX packets 87235 bytes 7099466 (6.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 94162 bytes 18139708 (17.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 94162 bytes 18139708 (17.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex
ONBOOT=yes
IPADDR=”192.168.1.1″
PREFIX=”24″
GATEWAY=”192.168.1.254″
DEVICE=br-ex
NAME=br-ex
DEVICETYPE=ovs
OVSBOOTPROTO=
TYPE=OVSBridge
[root@openstack ~]#
[root@openstack ~]#
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth
cat: /etc/sysconfig/network-scripts/ifcfg-eth: 没有那个文件或目录
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
ONBOOT=yes
BOOTPROTO=none

验证OVS配置
[root@openstack ~]# ovs-vsctl show
07aae1f6-4e1a-4567-aa77-5c878975055f
Manager “ptcp:6640:127.0.0.1”
is_connected: true
Bridge br-int
Controller “tcp:127.0.0.1:6633”
is_connected: true
fail_mode: secure
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Port br-int
Interface br-int
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Bridge br-ex
Controller “tcp:127.0.0.1:6633”
is_connected: true
fail_mode: secure
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
Port “eth0”
Interface “eth0”
Port br-ex
Interface br-ex
type: internal
Bridge br-tun
Controller “tcp:127.0.0.1:6633”
is_connected: true
fail_mode: secure
Port br-tun
Interface br-tun
type: internal
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
ovs_version: “2.5.0”

7 案例7：管理项目
7.1 问题

本案例要求通过Horizon完成以下操作：
创建名为myproject的项目
查看项目信息
更新vcpu配额为30
删除myproject
7.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：浏览器访问openstack

1）浏览器访问
[root@openstack conf.d]# firefox 192.168.1.1 //访问失败
2）需要改配置文件并重新加载
[root@openstack ~]# cd /etc/httpd/conf.d/
[root@openstack conf.d]# vi 15-horizon_vhost.conf
35 WSGIProcessGroup apache
36 WSGIApplicationGroup %{GLOBAL} //添加这一行
[root@openstack conf.d]# apachectl graceful //重新载入配置文件
3）浏览器访问，出现页面，如图-6所示：

代码如下
[root@openstack ~]# vim /etc/httpd/conf.d/15-horizon_vhost.conf
[root@openstack ~]#
[root@openstack ~]# apachectl graceful
[root@openstack ~]# cat /etc/httpd/conf.d/15-horizon_vhost.conf
# ************************************
# Vhost template in module puppetlabs-apache
# Managed by Puppet
# ************************************

<VirtualHost *:80>
ServerName openstack.tedu.cn

## Vhost docroot
DocumentRoot “/var/www/”
## Alias declarations for resources outside the DocumentRoot
Alias /dashboard/static “/usr/share/openstack-dashboard/static”

## Directories, there should at least be a declaration for /var/www/

<Directory “/var/www/”>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>

## Logging
ErrorLog “/var/log/httpd/horizon_error.log”
ServerSignature Off
CustomLog “/var/log/httpd/horizon_access.log” combined

## RedirectMatch rules
RedirectMatch permanent ^/$ /dashboard

## Server aliases
ServerAlias 192.168.1.1
ServerAlias openstack.tedu.cn
ServerAlias localhost
WSGIDaemonProcess apache group=apache processes=3 threads=10 user=apache
WSGIProcessGroup apache
WSGIApplicationGroup %{GLOBAL}
WSGIScriptAlias /dashboard “/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi”
</VirtualHost>

3）查看默认用户名和密码
[root@openstack conf.d]# cd
[root@openstack ~]# ls
answer.ini keystonerc_admin //keystonerc_admin生成的文件，里面有用户名和密码
[root@openstack ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin //用户名
export OS_PASSWORD=1bb4c987345c45ba //密码
export OS_AUTH_URL=http://192.168.1.1:5000/v2.0
export PS1='[\u@\h \W(keystone_admin)]\$ ‘
export OS_TENANT_NAME=admin
export OS_REGION_NAME=RegionOne

代码如下
[root@openstack ~]# ls
answer.ini keystonerc_admin RPM-GPG-KEY-CentOS-7
[root@openstack ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD=2e0f052c918943e3
export OS_AUTH_URL=http://192.168.1.1:5000/v2.0
export PS1='[\u@\h \W(keystone_admin)]\$ ‘

export OS_TENANT_NAME=admin
export OS_REGION_NAME=RegionOne

4）在火狐浏览器中输入用户名和密码
具体自己去网页去看

（这个时候，刷新一下网页，可以看到多了一个项目myproject）

删除项目
[root@openstack ~(keystone_admin)]# openstack project delete myproject
（刷新网页试下，项目myproject已经删除）

今天的实验到此结束

发表在 OpenStack | 标签为 openstack | 留下评论

KVM基本操作（OpenStack前期准备）

发表于2018年10月16日由toky, jim

1 案例1：virsh基本管理操作
先粘贴一下virsh命令，后面需要用
[root@room9pc52 images]# virsh –help

virsh [options]… [<command_string>]
virsh [options]… <command> [args…]

options:
-c | –connect=URI hypervisor connection URI
-d | –debug=NUM debug level [0-4]
-e | –escape <char> set escape sequence for console
-h | –help this help
-k | –keepalive-interval=NUM
keepalive interval in seconds, 0 for disable
-K | –keepalive-count=NUM
number of possible missed keepalive messages
-l | –log=FILE output logging to file
-q | –quiet quiet mode
-r | –readonly connect readonly
-t | –timing print timing information
-v short version
-V long version
–version[=TYPE] version, TYPE is short or long (default short)
commands (non interactive mode):

Domain Management (help keyword ‘domain’)
attach-device 从一个XML文件附加装置
attach-disk 附加磁盘设备
attach-interface 获得网络界面
autostart 自动开始一个域
blkdeviotune 设定或者查询块设备 I/O 调节参数。
blkiotune 获取或者数值 blkio 参数
blockcommit 启动块提交操作。
blockcopy 启动块复制操作。
blockjob 管理活跃块操作
blockpull 使用其后端映像填充磁盘。
blockresize 创新定义域块设备大小
change-media 更改 CD 介质或者软盘驱动器
console 连接到客户会话
cpu-baseline 计算基线 CPU
cpu-compare 使用 XML 文件中描述的 CPU 与主机 CPU 进行对比
cpu-stats 显示域 cpu 统计数据
create 从一个 XML 文件创建一个域
define 从一个 XML 文件定义（但不开始）一个域
desc 显示或者设定域描述或者标题
destroy 销毁（停止）域
detach-device 从一个 XML 文件分离设备
detach-disk 分离磁盘设备
detach-interface 分离网络界面
domdisplay 域显示连接 URI
domfsfreeze Freeze domain’s mounted filesystems.
domfsthaw Thaw domain’s mounted filesystems.
domfsinfo Get information of domain’s mounted filesystems.
domfstrim 在域挂载的文件系统中调用 fstrim。
domhostname 输出域主机名
domid 把一个域名或 UUID 转换为域 id
domif-setlink 设定虚拟接口的链接状态
domiftune 获取/设定虚拟接口参数
domjobabort 忽略活跃域任务
domjobinfo 域任务信息
domname 将域 id 或 UUID 转换为域名
domrename rename a domain
dompmsuspend 使用电源管理功能挂起域
dompmwakeup 从 pmsuspended 状态唤醒域
domuuid 把一个域名或 id 转换为域 UUID
domxml-from-native 将原始配置转换为域 XML
domxml-to-native 将域 XML 转换为原始配置
dump 把一个域的内核 dump 到一个文件中以方便分析
dumpxml XML 中的域信息
edit 编辑某个域的 XML 配置
event Domain Events
inject-nmi 在虚拟机中输入 NMI
iothreadinfo view domain IOThreads
iothreadpin control domain IOThread affinity
iothreadadd add an IOThread to the guest domain
iothreaddel delete an IOThread from the guest domain
send-key 向虚拟机发送序列号
send-process-signal 向进程发送信号
lxc-enter-namespace LXC 虚拟机进入名称空间
managedsave 管理域状态的保存
managedsave-remove 删除域的管理保存
managedsave-edit edit XML for a domain’s managed save state file
managedsave-dumpxml Domain information of managed save state file in XML
managedsave-define redefine the XML for a domain’s managed save state file
memtune 获取或者数值内存参数
perf Get or set perf event
metadata show or set domain’s custom XML metadata
migrate 将域迁移到另一个主机中
migrate-setmaxdowntime 设定最大可耐受故障时间
migrate-getmaxdowntime get maximum tolerable downtime
migrate-compcache 获取/设定压缩缓存大小
migrate-setspeed 设定迁移带宽的最大值
migrate-getspeed 获取最长迁移带宽
migrate-postcopy Switch running migration from pre-copy to post-copy
numatune 获取或者数值 numa 参数
qemu-attach QEMU 附加
qemu-monitor-command QEMU 监控程序命令
qemu-monitor-event QEMU Monitor Events
qemu-agent-command QEMU 虚拟机代理命令
reboot 重新启动一个域
reset 重新设定域
restore 从一个存在一个文件中的状态恢复一个域
resume 重新恢复一个域
save 把一个域的状态保存到一个文件
save-image-define 为域的保存状态文件重新定义 XML
save-image-dumpxml 在 XML 中保存状态域信息
save-image-edit 为域保存状态文件编辑 XML
schedinfo 显示/设置日程安排变量
screenshot 提取当前域控制台快照并保存到文件中
set-lifecycle-action change lifecycle actions
set-user-password set the user password inside the domain
setmaxmem 改变最大内存限制值
setmem 改变内存的分配
setvcpus 改变虚拟 CPU 的号
shutdown 关闭一个域
start 开始一个（以前定义的）非活跃的域
suspend 挂起一个域
ttyconsole tty 控制台
undefine 取消定义一个域
update-device 从 XML 文件中关系设备
vcpucount 域 vcpu 计数
vcpuinfo 详细的域 vcpu 信息
vcpupin 控制或者查询域 vcpu 亲和性
emulatorpin 控制火车查询域模拟器亲和性
vncdisplay vnc 显示
guestvcpus query or modify state of vcpu in the guest (via agent)
setvcpu attach/detach vcpu or groups of threads
domblkthreshold set the threshold for block-threshold event for a given block device or it’s backing chain element

Domain Monitoring (help keyword ‘monitor’)
domblkerror 在块设备中显示错误
domblkinfo 域块设备大小信息
domblklist 列出所有域块
domblkstat 获得域设备块状态
domcontrol 域控制接口状态
domif-getlink 获取虚拟接口链接状态
domifaddr Get network interfaces’ addresses for a running domain
domiflist 列出所有域虚拟接口
domifstat 获得域网络接口状态
dominfo 域信息
dommemstat 获取域的内存统计
domstate 域状态
domstats get statistics about one or multiple domains
domtime domain time
list 列出域

Host and Hypervisor (help keyword ‘host’)
allocpages Manipulate pages pool size
capabilities 性能
cpu-models CPU models
domcapabilities domain capabilities
freecell NUMA可用内存
freepages NUMA free pages
hostname 打印管理程序主机名
maxvcpus 连接 vcpu 最大值
node-memory-tune 获取或者设定节点内存参数
nodecpumap 节点 cpu 映射
nodecpustats 输出节点的 cpu 状统计数据。
nodeinfo 节点信息
nodememstats 输出节点的内存状统计数据。
nodesuspend 在给定时间段挂起主机节点
sysinfo 输出 hypervisor sysinfo
uri 打印管理程序典型的URI
version 显示版本

Interface (help keyword ‘interface’)
iface-begin 生成当前接口设置快照，可在今后用于提交 (iface-commit) 或者恢复 (iface-rollback)
iface-bridge 生成桥接设备并为其附加一个现有网络设备
iface-commit 提交 iface-begin 后的更改并释放恢复点
iface-define define an inactive persistent physical host interface or modify an existing persistent one from an XML file
iface-destroy 删除物理主机接口（启用它请执行 “if-down”）
iface-dumpxml XML 中的接口信息
iface-edit 为物理主机界面编辑 XML 配置
iface-list 物理主机接口列表
iface-mac 将接口名称转换为接口 MAC 地址
iface-name 将接口 MAC 地址转换为接口名称
iface-rollback 恢复到之前保存的使用 iface-begin 生成的更改
iface-start 启动物理主机接口（启用它请执行 “if-up”）
iface-unbridge 分离其辅助设备后取消定义桥接设备
iface-undefine 取消定义物理主机接口（从配置中删除）

Network Filter (help keyword ‘filter’)
nwfilter-define 使用 XML 文件定义或者更新网络过滤器
nwfilter-dumpxml XML 中的网络过滤器信息
nwfilter-edit 为网络过滤器编辑 XML 配置
nwfilter-list 列出网络过滤器
nwfilter-undefine 取消定义网络过滤器

Networking (help keyword ‘network’)
net-autostart 自动开始网络
net-create 从一个 XML 文件创建一个网络
net-define define an inactive persistent virtual network or modify an existing persistent one from an XML file
net-destroy 销毁（停止）网络
net-dhcp-leases print lease info for a given network
net-dumpxml XML 中的网络信息
net-edit 为网络编辑 XML 配置
net-event Network Events
net-info 网络信息
net-list 列出网络
net-name 把一个网络UUID 转换为网络名
net-start 开始一个(以前定义的)不活跃的网络
net-undefine undefine a persistent network
net-update 更新现有网络配置的部分
net-uuid 把一个网络名转换为网络UUID

Node Device (help keyword ‘nodedev’)
nodedev-create 根据节点中的 XML 文件定义生成设备
nodedev-destroy 销毁（停止）节点中的设备
nodedev-detach 将节点设备与其设备驱动程序分离
nodedev-dumpxml XML 中的节点设备详情
nodedev-list 这台主机中中的枚举设备
nodedev-reattach 重新将节点设备附加到他的设备驱动程序中
nodedev-reset 重置节点设备
nodedev-event Node Device Events

Secret (help keyword ‘secret’)
secret-define 定义或者修改 XML 中的 secret
secret-dumpxml XML 中的 secret 属性
secret-event Secret Events
secret-get-value secret 值输出
secret-list 列出 secret
secret-set-value 设定 secret 值
secret-undefine 取消定义 secret

Snapshot (help keyword ‘snapshot’)
snapshot-create 使用 XML 生成快照
snapshot-create-as 使用一组参数生成快照
snapshot-current 获取或者设定当前快照
snapshot-delete 删除域快照
snapshot-dumpxml 为域快照转储 XML
snapshot-edit 编辑快照 XML
snapshot-info 快照信息
snapshot-list 为域列出快照
snapshot-parent 获取快照的上级快照名称
snapshot-revert 将域转换为快照

Storage Pool (help keyword ‘pool’)
find-storage-pool-sources-as 找到潜在存储池源
find-storage-pool-sources 发现潜在存储池源
pool-autostart 自动启动某个池
pool-build 建立池
pool-create-as 从一组变量中创建一个池
pool-create 从一个 XML 文件中创建一个池
pool-define-as 在一组变量中定义池
pool-define define an inactive persistent storage pool or modify an existing persistent one from an XML file
pool-delete 删除池
pool-destroy 销毁（删除）池
pool-dumpxml XML 中的池信息
pool-edit 为存储池编辑 XML 配置
pool-info 存储池信息
pool-list 列出池
pool-name 将池 UUID 转换为池名称
pool-refresh 刷新池
pool-start 启动一个（以前定义的）非活跃的池
pool-undefine 取消定义一个不活跃的池
pool-uuid 把一个池名称转换为池 UUID
pool-event Storage Pool Events

Storage Volume (help keyword ‘volume’)
vol-clone 克隆卷。
vol-create-as 从一组变量中创建卷
vol-create 从一个 XML 文件创建一个卷
vol-create-from 生成卷，使用另一个卷作为输入。
vol-delete 删除卷
vol-download 将卷内容下载到文件中
vol-dumpxml XML 中的卷信息
vol-info 存储卷信息
vol-key 为给定密钥或者路径返回卷密钥
vol-list 列出卷
vol-name 为给定密钥或者路径返回卷名
vol-path 为给定密钥或者路径返回卷路径
vol-pool 为给定密钥或者路径返回存储池
vol-resize 创新定义卷大小
vol-upload 将文件内容上传到卷中
vol-wipe 擦除卷

Virsh itself (help keyword ‘virsh’)
cd 更改当前目录
echo echo 参数
exit 退出这个非交互式终端
help 打印帮助
pwd 输出当前目录
quit 退出这个非交互式终端
connect 连接（重新连接）到 hypervisor

(指定 help <group> 获取组中命令的详情)

(使用 –help <command> 来获得这个命令的详细信息)

1.1 问题

本案例要求熟悉virsh的基本操作，可以熟练运用：
列出当前正在运行的虚拟机
查看虚拟机的信息
管理虚拟机
设置虚拟机开机自动运行
1.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：virsh基本操作

1）列出当前正在运行的虚拟机
[root@room9pc01 ~]# virsh list
Id Name State
—————————————————-
1 node1 running
2）查看虚拟机的信息
[root@room9pc01 ~]# virsh dominfo node1 //查看node1的信息
Id: 1
Name: node1
UUID: 20e15d2f-ea30-4aa3-96dc-91aab6283b10
OS Type: hvm
State: running
CPU(s): 2
CPU time: 92.8s
Max memory: 2048000 KiB
Used memory: 2048000 KiB
Persistent: yes
Autostart: disable
Managed save: no
Security model: none
Security DOI: 0
步骤二：管理虚拟机

1）启动虚拟机
[root@room9pc01 ~]# virsh start node1
2）重启虚拟机
[root@room9pc01 ~]# virsh reboot node1
3）强制关闭虚拟机
[root@room9pc01 ~]# virsh destroy node1
4）设置虚拟机开机自动运行
[root@room9pc01 ~]# virsh autostart node1

(以上步骤太简单，不贴代码了)

2 案例2：qemu-img基本操作管理
2.1 问题

本案例要求：
创建一个新的镜像盘文件
使用后端模板文件创建一个新的镜像盘文件
查看镜像盘文件的信息
2.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：创建一个新的镜像盘文件

qemu-img命令格式：qemu-img 命令参数块文件名称大小
[root@room9pc01 ~]# qemu-img create -f qcow2 disk.img 50G //qcow2为创建的格式
Formatting ‘disk.img’, fmt=qcow2 size=53687091200 encryption=off cluster_size=65536 lazy_refcounts=off
2）使用后端模板文件创建一个新的镜像盘文件
备注：-b使用后端模板文件
[root@room9pc01 ~]# qemu-img create -b disk.img -f qcow2 disk1.img
Formatting ‘disk1.img’, fmt=qcow2 size=53687091200 backing_file=’disk.img’ encryption=off cluster_size=65536 lazy_refcounts=off
3）使用后端模板文件创建一个16G的镜像盘文件
[root@room9pc01 ~]# qemu-img create -b disk.img -f qcow2 disk2.img 16G
Formatting ‘disk1.img’, fmt=qcow2 size=53687091200 backing_file=’disk.img’ encryption=off cluster_size=65536 lazy_refcounts=off

代码如下
[root@room9pc52 images]# pwd
/var/lib/libvirt/images
[root@room9pc52 images]# qemu-img create -f qcow2 disk.img 50G
Formatting ‘disk.img’, fmt=qcow2 size=53687091200 encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img create -b disk.img -f qcow2 disk1.img
Formatting ‘disk1.img’, fmt=qcow2 size=53687091200 backing_file=’disk.img’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]#
[root@room9pc52 images]# qemu-img create -b disk.img -f qcow2 disk2.img 16G
Formatting ‘disk2.img’, fmt=qcow2 size=17179869184 backing_file=’disk.img’ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]#
[root@room9pc52 images]# ll -h disk*
-rw-r–r– 1 root root 193K 10月 15 09:23 disk1.img
-rw-r–r– 1 root root 193K 10月 15 09:24 disk2.img
-rw-r–r– 1 root root 193K 10月 15 09:23 disk.img
[root@room9pc52 images]#

步骤二：查看镜像文件的信息

代码如下
[root@room9pc52 images]# qemu-img info disk1.img
image: disk1.img
file format: qcow2
virtual size: 50G (53687091200 bytes)
disk size: 196K
cluster_size: 65536
backing file: disk.img
Format specific information:
compat: 1.1
lazy refcounts: false
[root@room9pc52 images]#

3 案例3：创建一个虚拟网络
3.1 问题

创建一个虚拟网络，为之后的自定义安装虚拟机做准备：
创建一个名为vbr的虚拟网络
设置vbr的ip为192.168.1.254
配置vbr虚拟网络的dhcp分配地址范围100-200
启动vbr虚拟网络并用ifconfig验证
设置vbr虚拟网络开机自启动
3.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：创建一个名为vbr的虚拟网络

[root@room9pc01 ~]# vim /etc/libvirt/qemu/networks/vbr.xml
<network>
<name>vbr</name> //vbr为虚拟网络的名字
<bridge name=”vbr”/>
<forward mode=”nat”/>
<ip address=”192.168.1.254″ netmask=”255.255.255.0″> //ip为192.168.1.254
<dhcp>
<range start=”192.168.1.100″ end=”192.168.1.200″/> //ip范围是100-200
</dhcp>
</ip>
</network>

步骤二：启动vbr虚拟网络并用ifconfig验证

[root@room9pc01 ~]# virsh net-define vbr //定义vbr虚拟网络
[root@room9pc01 ~]# virsh net-start vbr //启动vbr虚拟网络
[root@room9pc01 ~]# ifconfig //igconfig验证
vbr: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.254 netmask 255.255.255.0 broadcast 192.168.1.255
ether 52:54:00:b7:1c:10 txqueuelen 1000 (Ethernet)
RX packets 2460 bytes 176958 (172.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1948 bytes 532542 (520.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
步骤三：设置vbr虚拟网络开机自启动

[root@room9pc01 ~]# virsh net-autostart vbr

代码如下
做之前先确认一下虚拟网络列表
[root@room9pc52 images]# virsh net-list
名称状态自动开始持久
———————————————————-
private1 活动是是
private2 活动是是
public1 活动是是
public2 活动是是
rhce 活动是是
然后再编辑下网桥
[root@room9pc52 images]# cat /etc/libvirt/qemu/networks/vbr.xml
<network>
<name>vbr</name>
<bridge name=”vbr”/>
<forward mode=”nat”/>
<ip address=”192.168.1.254″ netmask=”255.255.255.0″>
<dhcp>
<range start=”192.168.1.100″ end=”192.168.1.200″/>
</dhcp>
</ip>
</network>
开始定义网桥
[root@room9pc52 images]# virsh net-define /etc/libvirt/qemu/networks/vbr.xml
从 vbr定义网络/etc/libvirt/qemu/networks/vbr.xml

[root@room9pc52 images]# virsh net-list
名称状态自动开始持久
———————————————————-
private1 活动是是
private2 活动是是
public1 活动是是
public2 活动是是
rhce 活动是是
开始启用网桥
[root@room9pc52 images]# virsh net-start vbr
网络 vbr 已开始

[root@room9pc52 images]# virsh net-list
名称状态自动开始持久
———————————————————-
private1 活动是是
private2 活动是是
public1 活动是是
public2 活动是是
rhce 活动是是
vbr 活动否是

[root@room9pc52 images]# virsh net-autostart vbr
网络vbr标记为自动启动

[root@room9pc52 images]# virsh net-list
名称状态自动开始持久
———————————————————-
private1 活动是是
private2 活动是是
public1 活动是是
public2 活动是是
rhce 活动是是
vbr 活动是是

验证一下是否成功
[root@room9pc52 images]# ifconfig vbr
vbr: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.1.254 netmask 255.255.255.0 broadcast 192.168.1.255
ether 52:54:00:7b:cd:51 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

4 案例4：xml管理
4.1 问题

熟悉xml文件，并对虚拟机的配置进行调整：
导出一个虚拟机的xml配置文件
编辑xml文件
重新定义虚拟机
删除此虚拟机
4.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：导出虚拟机xml的配置文件

1）查看xml配置文件
[root@room9pc01 ~]# cd /etc/libvirt/qemu/
[root@room9pc01 qemu]# virsh dumpxml node1
[root@room9pc01 qemu]# virsh dumpxml node1 > node.xml
//导出虚拟机node1的配置文件为node.xml
[root@room9pc01 qemu]# ls
node.xml
virsh命令： virsh edit 虚拟机名
备注：可以修改name，memory，disk、network等字段
[root@room9pc01 qemu]# virsh edit node1
<domain type=’kvm’>
<name>node1</name> //node1为虚拟机的名称，可以随意修改
<uuid>76d5dc2c-5eef-4e30-8b6c-e58851814f84</uuid> //uuid可以去掉
<memory unit=’KiB’>2048000</memory> //内存大小可以调整
<currentMemory unit=’KiB’>2048000</currentMemory>
<disk type=’file’ device=’disk’>
<source file=’/var/lib/libvirt/images/rhel7.2.qcow2’/> //后端盘路径
.. ..
<interface type=’network’>
<mac address=’52:54:00:91:52:e4’/>
//mac地址和带有address字样的全部去掉
.. ..
步骤二：重新定义虚拟机

1）重新定义虚拟机
[root@room9pc01 qemu]# virsh define node1.xml
2）取消定义的虚拟机
[root@room9pc01 qemu]# virsh undefine node1

代码如下
[root@room9pc52 qemu]# pwd
/etc/libvirt/qemu
[root@room9pc52 qemu]# ll
总用量 100
-rw——- 1 root root 4775 10月 11 18:20 a10-clone.xml
-rw——- 1 root root 4757 10月 11 09:22 a10.xml
-rw——- 1 root root 5609 10月 11 18:21 a11-clone.xml
-rw——- 1 root root 5573 10月 11 11:04 a11.xml
-rw——- 1 root root 5609 10月 11 18:24 a12-clone.xml
-rw——- 1 root root 5573 10月 11 11:05 a12.xml
-rw——- 1 root root 5609 10月 11 18:26 a13-clone.xml
-rw——- 1 root root 5573 10月 11 11:05 a13.xml
-rw——- 1 root root 5023 10月 12 12:01 a15.xml
-rw——- 1 root root 4757 10月 12 10:33 a15.xml.bak
-rw——- 1 root root 4757 10月 12 15:43 a16.xml
-rw——- 1 root root 4754 10月 12 14:21 a4.xml
drwx—— 3 root root 4096 10月 15 10:14 networks
[root@room9pc52 qemu]#
[root@room9pc52 qemu]# virsh dumpxml a10
<domain type=’kvm’>
<name>a10</name>
<uuid>8ac40bc4-6b97-48cd-b8f8-380210b03bf1</uuid>
<memory unit=’KiB’>1048576</memory>
<currentMemory unit=’KiB’>1048576</currentMemory>
<vcpu placement=’static’>1</vcpu>
<os>
<type arch=’x86_64′ machine=’pc-i440fx-rhel7.0.0′>hvm</type>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode=’host-model’ check=’partial’>
<model fallback=’allow’/>
</cpu>
<clock offset=’utc’>
<timer name=’rtc’ tickpolicy=’catchup’/>
<timer name=’pit’ tickpolicy=’delay’/>
<timer name=’hpet’ present=’no’/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<pm>
<suspend-to-mem enabled=’no’/>
<suspend-to-disk enabled=’no’/>
</pm>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type=’file’ device=’disk’>
<driver name=’qemu’ type=’qcow2’/>
<source file=’/var/lib/libvirt/images/a10.img’/>
<target dev=’vda’ bus=’virtio’/>
<boot order=’1’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x07′ function=’0x0’/>
</disk>
<disk type=’file’ device=’cdrom’>
<driver name=’qemu’ type=’raw’/>
<target dev=’hda’ bus=’ide’/>
<readonly/>
<address type=’drive’ controller=’0′ bus=’0′ target=’0′ unit=’0’/>
</disk>
<controller type=’usb’ index=’0′ model=’ich9-ehci1′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x7’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci1′>
<master startport=’0’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x0′ multifunction=’on’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci2′>
<master startport=’2’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x1’/>
</controller>
<controller type=’usb’ index=’0′ model=’ich9-uhci3′>
<master startport=’4’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x06′ function=’0x2’/>
</controller>
<controller type=’pci’ index=’0′ model=’pci-root’/>
<controller type=’ide’ index=’0′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x01′ function=’0x1’/>
</controller>
<controller type=’virtio-serial’ index=’0′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x05′ function=’0x0’/>
</controller>
<interface type=’network’>
<mac address=’52:54:00:de:22:5b’/>
<source network=’private1’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x03′ function=’0x0’/>
</interface>
<interface type=’network’>
<mac address=’52:54:00:4d:17:10’/>
<source network=’private2’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x09′ function=’0x0’/>
</interface>
<interface type=’network’>
<mac address=’52:54:00:61:0f:1d’/>
<source network=’public1’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x0a’ function=’0x0’/>
</interface>
<interface type=’network’>
<mac address=’52:54:00:93:54:3d’/>
<source network=’public2’/>
<model type=’virtio’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x0b’ function=’0x0’/>
</interface>
<serial type=’pty’>
<target type=’isa-serial’ port=’0′>
<model name=’isa-serial’/>
</target>
</serial>
<console type=’pty’>
<target type=’serial’ port=’0’/>
</console>
<input type=’tablet’ bus=’usb’>
<address type=’usb’ bus=’0′ port=’1’/>
</input>
<input type=’mouse’ bus=’ps2’/>
<input type=’keyboard’ bus=’ps2’/>
<graphics type=’spice’ autoport=’yes’>
<listen type=’address’/>
<image compression=’off’/>
</graphics>
<sound model=’ich6′>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x04′ function=’0x0’/>
</sound>
<video>
<model type=’qxl’ ram=’65536′ vram=’65536′ vgamem=’16384′ heads=’1′ primary=’yes’/>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x02′ function=’0x0’/>
</video>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’2’/>
</redirdev>
<redirdev bus=’usb’ type=’spicevmc’>
<address type=’usb’ bus=’0′ port=’3’/>
</redirdev>
<memballoon model=’virtio’>
<address type=’pci’ domain=’0x0000′ bus=’0x00′ slot=’0x08′ function=’0x0’/>
</memballoon>
</devices>
</domain>

[root@room9pc52 qemu]# virsh dumpxml a10 > node.xml
[root@room9pc52 qemu]# ll node.xml

修改一下node.xml，后段盘img处不要动，把name，内存改了，MAC删掉，这里我把内存改为4G，进去验证一下
[root@room9pc52 qemu]# vim node.xml
[root@room9pc52 qemu]# virsh define node.xml
定义域 node（从 node.xml）
[root@room9pc52 qemu]# virsh start node
域 node 已开始

步骤二：重新定义虚拟机

1）重新定义虚拟机
[root@room9pc01 qemu]# virsh define node1.xml
2）取消定义的虚拟机
[root@room9pc01 qemu]# virsh undefine node1
[root@room9pc52 ~]# virsh destroy node
域 node 被删除
[root@room9pc52 ~]# virsh undefine node
域 node 已经被取消定义
[root@room9pc52 ~]# virsh list –all
Id 名称状态
—————————————————-
– a10 关闭
– a10-clone 关闭
– a11 关闭
– a11-clone 关闭
– a12 关闭
– a12-clone 关闭
– a13 关闭
– a13-clone 关闭
– a15 关闭
– a16 关闭
– a4 关闭

5 案例5：安装虚拟机
5.1 问题

本案例要求可以成功安装一个自定义虚拟机：
配置一个网络yum，并安装一个虚拟机
制作一个虚拟机模板，包括配置yum，网卡等
5.2 步骤

实现此案例需要按照如下步骤进行。
步骤一：配置网络yum源

[root@room9pc01 ~]# yum -y install vsftpd
[root@room9pc01 ~]# vim /etc/vsftpd/vsftpd.conf
listen=YES
listen_ipv6=NO
[root@room9pc01 ~]# systemctl restart vsftpd
[root@room9pc01 ~]# mkdir /var/ftp/centos
[root@room9pc01 ~]# mount /iso/CentOS-7-x86_64-DVD-1708.iso /var/ftp/centos/
mount: /dev/loop1 写保护，将以只读方式挂载
[root@room9pc01 ~]# vim /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/centos
enabled=1
gpgcheck=0
[root@room9pc01 ~]# yum clean all
[root@room9pc01 ~]# yum repolist
[root@room9pc01 ~]# cd /var/lib/libvirt/images/
[root@room9pc01 images]# qemu-img create -f qcow2 node.qcow2 16G
Formatting ‘node.qcow2’,fmt=qcow2 size=17179869184 encryption=off cluster_size=65536 lazy_refcounts=off
步骤二：安装一个虚拟机
[root@room9pc01 images]# virt-manager //真机操作，启动virt-manager
(具体要求：最小化安装，选择存储为上面创建的node，或者自己创建，网桥也要选择上面创建的vbr，分区手动创建根下16G)
步骤三：制作一个虚拟机模板

1）禁用selinux
[root@localhost ~]# vim /etc/selinux/config
SELINUX=disabled
2）卸载防火墙与NetworkManager
[root@localhost ~]# yum -y remove NetworkManager-* firewalld-* python-firewall
3）配置yum源
[root@localhost ~]# vim /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/centos
enabled=1
gpgcheck=0
[root@localhost ~]# yum clean all
[root@localhost ~]# yum repolist
4）导入公钥
注意：把/etc/yum.repos.d/dvd.repo的gpgcheck=0改成gpgcheck=1
[root@localhost ~]# lftp 192.168.1.254
lftp 192.168.4.254:~> cd centos
lftp 192.168.4.254:/centos> get RPM-GPG-KEY-CentOs-7
lftp 192.168.4.254:/centos> exit
[root@localhost ~]# rpm –import RPM-GPG-KEY-CentOs-7
[root@localhost ~]# yum -y install net-tools vim-enhanced bridge-utils psmisc
5）配置网卡
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=”eth0″
ONBOOT=”yes”
IPV6INIT=”no”
TYPE=”Ethernet”
BOOTPROTO =”dhcp”
[root@localhost ~]# systemctl restart network
6）禁用空路由
[root@localhost ~]# vim /etc/sysconfig/network
NOZEROCONF=”yes”
7）添加console配置
[root@localhost ~]# vim /etc/default/grub
GRUB_CMDLINE_LINUX=”biosdevname=0 net.ifnames=0 console=ttyS0,115200n8″
GRUB_DISABLE_LINUX_UUID=”true”
GRUB_ENABLE_LINUX_LABEL=”true”
8）重新生成grub.cfg
[root@localhost ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
9）安装扩展分区软件
[root@localhost ~]# yum install -y cloud-utils-growpart
10）第一次开机自动扩容
[root@localhost ~]# /usr/bin/growpart /dev/vda 1
[root@localhost ~]# /usr/sbin/xfs_growfs /
11）关闭虚拟机后执行信息清理工作
[root@room9pc01 ~]# virt-sysprep -d centos7.0
//真机上面操作，centos7.0为虚拟机名称

代码如下：
先配置好yum源，把everyting添加上
[root@room9pc52 images]# cat /etc/fstab

#
# /etc/fstab
# Created by anaconda on Thu Mar 8 09:45:35 2018
#
# Accessible filesystems, by reference, are maintained under ‘/dev/disk’
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=2c4538c2-7763-4c33-90c4-cfc0e20bb8c9 / ext4 defaults 1 1
UUID=42cf258f-160a-4054-a352-945929f3cc87 /var/lib/libvirt/images ext4 defaults 1 2
/var/lib/libvirt/images/iso/rhel-server-7.4-x86_64-dvd.iso /var/ftp/rhel7 iso9660 defaults 0 0
/var/lib/libvirt/images/iso/CentOS-7-x86_64-Everything-1708.iso /var/ftp/centos iso9660 defaults 0 0
[root@room9pc52 images]# mount -a
mount: /dev/loop1 写保护，将以只读方式挂载
[root@room9pc52 images]# ll /var/ftp/centos/
总用量 1586
-rw-rw-r– 3 root root 14 9月 5 2017 CentOS_BuildTag
drwxr-xr-x 3 root root 2048 9月 5 2017 EFI
-rw-rw-r– 3 root root 227 8月 30 2017 EULA
-rw-rw-r– 3 root root 18009 12月 10 2015 GPL
drwxr-xr-x 3 root root 2048 9月 6 2017 images
drwxr-xr-x 2 root root 2048 9月 5 2017 isolinux
drwxr-xr-x 2 root root 2048 9月 5 2017 LiveOS
drwxrwxr-x 2 root root 1585152 9月 6 2017 Packages
drwxrwxr-x 2 root root 4096 9月 6 2017 repodata
-rw-rw-r– 3 root root 1690 12月 10 2015 RPM-GPG-KEY-CentOS-7
-rw-rw-r– 3 root root 1690 12月 10 2015 RPM-GPG-KEY-CentOS-Testing-7
-r–r–r– 1 root root 2883 9月 6 2017 TRANS.TBL

编写yum源
[root@room9pc52 images]# cat /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/centos
enabled=1
gpgcheck=0

[root@room9pc52 images]# yum clean all
已加载插件：fastestmirror, langpacks
正在清理软件源： InstallMedia base dvd epel extras librehat-shadowsocks mon osd teamviewer tools updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
[root@room9pc52 images]# yum repolist
已加载插件：fastestmirror, langpacks
Determining fastest mirrors
epel/x86_64/metalink | 7.5 kB 00:00:00
* base: mirrors.aliyun.com
* epel: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.6 kB 00:00:00
dvd | 3.6 kB 00:00:00
epel | 3.2 kB 00:00:00
extras | 3.4 kB 00:00:00
librehat-shadowsocks | 3.0 kB 00:00:00
mon | 4.1 kB 00:00:00
osd | 4.1 kB 00:00:00
teamviewer | 2.5 kB 00:00:00
tools | 3.8 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/17): dvd/group_gz | 156 kB 00:00:00
(2/17): dvd/primary_db | 5.7 MB 00:00:00
(3/17): base/7/x86_64/group_gz | 166 kB 00:00:01
(4/17): epel/x86_64/group_gz | 88 kB 00:00:02
(5/17): epel/x86_64/updateinfo | 950 kB 00:00:02
(6/17): mon/group_gz | 489 B 00:00:00
(7/17): mon/primary_db | 40 kB 00:00:00
(8/17): osd/group_gz | 447 B 00:00:00
(9/17): osd/primary_db | 31 kB 00:00:00
(10/17): extras/7/x86_64/primary_db | 204 kB 00:00:01
(11/17): tools/group_gz | 459 B 00:00:00
(12/17): tools/primary_db | 31 kB 00:00:00
(13/17): teamviewer/x86_64/primary_db | 31 kB 00:00:01
(14/17): librehat-shadowsocks/x86_64/primary_db | 23 kB 00:00:02
(15/17): epel/x86_64/primary | 3.6 MB 00:00:13
(16/17): base/7/x86_64/primary_db | 5.9 MB 00:00:30
(17/17): updates/7/x86_64/primary_db | 6.0 MB 00:00:30
epel 12731/12731
源标识源名称状态
base/7/x86_64 CentOS-7 – Base 9,911
dvd dvd 9,591
*epel/x86_64 Extra Packages for Enterprise Linux 7 – x86_64 12,731
extras/7/x86_64 CentOS-7 – Extras 432
librehat-shadowsocks/x86_64 Copr repo for shadowsocks owned by librehat 54
mon mon 41
osd osd 28
teamviewer/x86_64 TeamViewer – x86_64 18
tools tools 33
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 34,382

创建后端存储node.qcow2
[root@room9pc52 images]# cd /var/lib/libvirt/images/
[root@room9pc52 images]# pwd
/var/lib/libvirt/images
[root@room9pc52 images]# qemu-img create -f qcow2 node.qcow2 16G
Formatting ‘node.qcow2’, fmt=qcow2 size=17179869184 encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img info node.qcow2
image: node.qcow2
file format: qcow2
virtual size: 16G (17179869184 bytes)
disk size: 196K
cluster_size: 65536
Format specific information:
compat: 1.1
lazy refcounts: false

开始安装虚拟机，注意，虚拟机名字就是node，安装方式选择网络安装，地址就是刚才做好的ftp://192.168.4.254/centos，存储选择刚才撞见的node.qcow2，CPU选择2个，内存2G，网桥选择vbr，最小化安装，分区格式standard Partition标准分区，位置选择根下16G。关闭dump
(注意，安装完成之后，console是连接不上去的，需要修改grub，为了方便演示，我已经进入虚拟机事先配好了grub)
[root@room9pc52 images]# virsh console node
连接到域 node
换码符为 ^]

[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 3.10.0-693.el7.x86_64 ([email protected]) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) ) #1 SMP Tue Aug 22 21:09:27 UTC 2017
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=a46fa5f6-ee65-4168-b7a0-9a7757d2ce06 ro biosdevname=0 net.ifnames=0 console=ttyS0,115200n8
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007fff6fff] usable
[ 0.000000] BIOS-e820: [mem 0x000000007fff7000-0x000000007fffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 2.4 present.
[ 0.000000] Hypervisor detected: KVM
[ 0.000000] e820: last_pfn = 0x7fff7 max_arch_pfn = 0x400000000
[ 0.000000] x86 PAT enabled: cpu 0, old 0x7040600070406, new 0x7010600070106
[ 0.000000] found SMP MP-table at [mem 0x000f6360-0x000f636f] mapped at [ffff8800000f6360]
[ 0.000000] RAMDISK: [mem 0x35cc3000-0x36e59fff]
[ 0.000000] Early table checksum verification disabled
[ 0.000000] ACPI: RSDP 00000000000f6190 00014 (v00 BOCHS )
[ 0.000000] ACPI: RSDT 000000007ffffb40 00030 (v01 BOCHS BXPCRSDT 00000001 BXPC 00000001)
[ 0.000000] ACPI: FACP 000000007ffff177 00074 (v01 BOCHS BXPCFACP 00000001 BXPC 00000001)
[ 0.000000] ACPI: DSDT 000000007fffe040 01137 (v01 BOCHS BXPCDSDT 00000001 BXPC 00000001)
[ 0.000000] ACPI: FACS 000000007fffe000 00040
[ 0.000000] ACPI: SSDT 000000007ffff1eb 008D5 (v01 BOCHS BXPCSSDT 00000001 BXPC 00000001)
[ 0.000000] ACPI: APIC 000000007ffffac0 00080 (v01 BOCHS BXPCAPIC 00000001 BXPC 00000001)
[ 0.000000] No NUMA configuration found
[ 0.000000] Faking a node at [mem 0x0000000000000000-0x000000007fff6fff]
[ 0.000000] NODE_DATA(0) allocated [mem 0x7ffd0000-0x7fff6fff]
[ 0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
[ 0.000000] kvm-clock: cpu 0, msr 0:7ff80001, primary cpu clock
[ 0.000000] kvm-clock: using sched offset of 492571115117 cycles
[ 0.000000] Zone ranges:
[ 0.000000] DMA [mem 0x00001000-0x00ffffff]
[ 0.000000] DMA32 [mem 0x01000000-0xffffffff]
[ 0.000000] Normal empty
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x00001000-0x0009efff]
[ 0.000000] node 0: [mem 0x00100000-0x7fff6fff]
[ 0.000000] Initmem setup node 0 [mem 0x00001000-0x7fff6fff]
[ 0.000000] ACPI: PM-Timer IO Port: 0x608
[ 0.000000] ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled)
[ 0.000000] ACPI: LAPIC (acpi_id[0x01] lapic_id[0x01] enabled)
[ 0.000000] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[ 0.000000] ACPI: IOAPIC (id[0x00] address[0xfec00000] gsi_base[0])
[ 0.000000] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
[ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[ 0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[ 0.000000] Using ACPI (MADT) for SMP configuration information
[ 0.000000] smpboot: Allowing 2 CPUs, 0 hotplug CPUs
[ 0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[ 0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000effff]
[ 0.000000] PM: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[ 0.000000] e820: [mem 0x80000000-0xfeffbfff] available for PCI devices
[ 0.000000] Booting paravirtualized kernel on KVM
[ 0.000000] setup_percpu: NR_CPUS:5120 nr_cpumask_bits:2 nr_cpu_ids:2 nr_node_ids:1
[ 0.000000] PERCPU: Embedded 33 pages/cpu @ffff88007fc00000 s97048 r8192 d29928 u1048576
[ 0.000000] KVM setup async PF for cpu 0
[ 0.000000] kvm-stealtime: cpu 0, msr 7fc0f440
[ 0.000000] PV qspinlock hash table entries: 256 (order: 0, 4096 bytes)
[ 0.000000] Built 1 zonelists in Node order, mobility grouping on. Total pages: 515968
[ 0.000000] Policy zone: DMA32
[ 0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-693.el7.x86_64 root=UUID=a46fa5f6-ee65-4168-b7a0-9a7757d2ce06 ro biosdevname=0 net.ifnames=0 console=ttyS0,115200n8
[ 0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[ 0.000000] x86/fpu: xstate_offset[2]: 0240, xstate_sizes[2]: 0100
[ 0.000000] x86/fpu: xstate_offset[3]: 03c0, xstate_sizes[3]: 0040
[ 0.000000] x86/fpu: xstate_offset[4]: 0400, xstate_sizes[4]: 0040
[ 0.000000] xsave: enabled xstate_bv 0x1f, cntxt size 0x440 using standard form
[ 0.000000] Memory: 2028520k/2097116k available (6886k kernel code, 392k absent, 68204k reserved, 4545k data, 1764k init)
[ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=2, Nodes=1
[ 0.000000] Hierarchical RCU implementation.
[ 0.000000] RCU restricting CPUs from NR_CPUS=5120 to nr_cpu_ids=2.
[ 0.000000] NR_IRQS:327936 nr_irqs:440 0
[ 0.000000] Console: colour VGA+ 80×25
[ 0.000000] console [ttyS0] enabled
[ 0.000000] allocated 8388608 bytes of page_cgroup
[ 0.000000] please try ‘cgroup_disable=memory’ option if you don’t want memory cgroups
[ 0.000000] tsc: Detected 3191.998 MHz processor
[ 0.149070] Calibrating delay loop (skipped) preset value.. 6383.99 BogoMIPS (lpj=3191998)
[ 0.150593] pid_max: default: 32768 minimum: 301
[ 0.151456] Security Framework initialized
[ 0.152266] SELinux: Initializing.
[ 0.152910] Yama: becoming mindful.
[ 0.153746] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes)
[ 0.155531] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes)
[ 0.157111] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes)
[ 0.158333] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes)
[ 0.159751] Initializing cgroup subsys memory
[ 0.160561] Initializing cgroup subsys devices
[ 0.161374] Initializing cgroup subsys freezer
[ 0.162190] Initializing cgroup subsys net_cls
[ 0.162992] Initializing cgroup subsys blkio
[ 0.163763] Initializing cgroup subsys perf_event
[ 0.164621] Initializing cgroup subsys hugetlb
[ 0.165477] Initializing cgroup subsys pids
[ 0.166246] Initializing cgroup subsys net_prio
[ 0.168100] mce: CPU supports 10 MCE banks
[ 0.168887] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[ 0.169848] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0
[ 0.170806] tlb_flushall_shift: 6
[ 0.172693] Freeing SMP alternatives: 24k freed
[ 0.179357] ACPI: Core revision 20130517
[ 0.181315] ACPI: All ACPI Tables successfully acquired
[ 0.182400] ftrace: allocating 26584 entries in 104 pages
[ 0.216205] smpboot: Max logical packages: 2
[ 0.217503] Enabling x2apic
[ 0.218040] Enabled x2apic
[ 0.218863] Switched APIC routing to physical x2apic.
[ 0.221416] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[ 0.222966] smpboot: CPU0: Intel Core Processor (Skylake, IBRS) (fam: 06, model: 5e, stepping: 03)
[ 0.224779] Performance Events: unsupported p6 CPU model 94 no PMU driver, software events only.
[ 0.226327] KVM setup paravirtual spinlock
[ 0.228169] smpboot: Booting Node 0, Processors #1 OK
[ 0.229402] kvm-clock: cpu 1, msr 0:7ff80041, secondary cpu clock
[ 0.251541] Brought up 2 CPUs
[ 0.251544] KVM setup async PF for cpu 1
[ 0.251547] kvm-stealtime: cpu 1, msr 7fd0f440
[ 0.253707] smpboot: Total of 2 processors activated (12767.99 BogoMIPS)
[ 0.255973] devtmpfs: initialized
[ 0.258117] EVM: security.selinux
[ 0.258723] EVM: security.ima
[ 0.259268] EVM: security.capability
[ 0.261043] atomic64 test passed for x86-64 platform with CX8 and with SSE
[ 0.262338] pinctrl core: initialized pinctrl subsystem
[ 0.263366] RTC time: 3:35:18, date: 10/15/18
[ 0.264217] NET: Registered protocol family 16
[ 0.265196] ACPI: bus type PCI registered
[ 0.265918] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[ 0.267181] PCI: Using configuration type 1 for base access
[ 0.271640] ACPI: Added _OSI(Module Device)
[ 0.273433] ACPI: Added _OSI(Processor Device)
[ 0.274532] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 0.275492] ACPI: Added _OSI(Processor Aggregator Device)
[ 0.282056] ACPI: Interpreter enabled
[ 0.282936] ACPI: (supports S0 S5)
[ 0.283546] ACPI: Using IOAPIC for interrupt routing
[ 0.284450] PCI: Using host bridge windows from ACPI; if necessary, use “pci=nocrs” and report a bug
[ 0.288189] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[ 0.289648] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI]
[ 0.290890] acpi PNP0A03:00: _OSC failed (AE_NOT_FOUND); disabling ASPM
[ 0.292120] acpi PNP0A03:00: fail to add MMCONFIG information, can’t access extended PCI configuration space under this bridge.
[ 0.294411] acpiphp: Slot [3] registered
[ 0.295137] acpiphp: Slot [4] registered
[ 0.295877] acpiphp: Slot [6] registered
[ 0.296647] acpiphp: Slot [7] registered
[ 0.297377] acpiphp: Slot [8] registered
[ 0.298100] acpiphp: Slot [9] registered
[ 0.298827] acpiphp: Slot [10] registered
[ 0.299559] acpiphp: Slot [11] registered
[ 0.300299] acpiphp: Slot [12] registered
[ 0.301035] acpiphp: Slot [13] registered
[ 0.301775] acpiphp: Slot [14] registered
[ 0.302515] acpiphp: Slot [15] registered
[ 0.303262] acpiphp: Slot [16] registered
[ 0.304011] acpiphp: Slot [17] registered
[ 0.304807] acpiphp: Slot [18] registered
[ 0.305691] acpiphp: Slot [19] registered
[ 0.306501] acpiphp: Slot [20] registered
[ 0.307346] acpiphp: Slot [21] registered
[ 0.308152] acpiphp: Slot [22] registered
[ 0.308890] acpiphp: Slot [23] registered
[ 0.309629] acpiphp: Slot [24] registered
[ 0.310366] acpiphp: Slot [25] registered
[ 0.311110] acpiphp: Slot [26] registered
[ 0.311848] acpiphp: Slot [27] registered
[ 0.312585] acpiphp: Slot [28] registered
[ 0.313322] acpiphp: Slot [29] registered
[ 0.314063] acpiphp: Slot [30] registered
[ 0.314800] acpiphp: Slot [31] registered
[ 0.315496] PCI host bridge to bus 0000:00
[ 0.316107] pci_bus 0000:00: root bus resource [bus 00-ff]
[ 0.316895] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
[ 0.318116] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
[ 0.319302] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 0.320604] pci_bus 0000:00: root bus resource [mem 0x80000000-0xfebfffff window]
[ 0.333098] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
[ 0.334359] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
[ 0.335379] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
[ 0.336754] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
[ 0.339030] pci 0000:00:01.3: quirk: [io 0x0600-0x063f] claimed by PIIX4 ACPI
[ 0.340374] pci 0000:00:01.3: quirk: [io 0x0700-0x070f] claimed by PIIX4 SMB
[ 0.506339] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 *10 11)
[ 0.507700] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
[ 0.508915] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
[ 0.510096] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 10 *11)
[ 0.511238] ACPI: PCI Interrupt Link [LNKS] (IRQs *9)
[ 0.512583] ACPI: Enabled 16 GPEs in block 00 to 0F
[ 0.513610] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
[ 0.515043] vgaarb: loaded
[ 0.515530] vgaarb: bridge control possible 0000:00:02.0
[ 0.516526] SCSI subsystem initialized
[ 0.517222] ACPI: bus type USB registered
[ 0.517957] usbcore: registered new interface driver usbfs
[ 0.518996] usbcore: registered new interface driver hub
[ 0.520103] usbcore: registered new device driver usb
[ 0.521148] PCI: Using ACPI for IRQ routing
[ 0.522586] NetLabel: Initializing
[ 0.523225] NetLabel: domain hash size = 128
[ 0.524013] NetLabel: protocols = UNLABELED CIPSOv4
[ 0.524916] NetLabel: unlabeled traffic allowed by default
[ 0.526027] amd_nb: Cannot enumerate AMD northbridges
[ 0.526960] Switched to clocksource kvm-clock
[ 0.532328] pnp: PnP ACPI init
[ 0.533011] ACPI: bus type PNP registered
[ 0.534203] pnp: PnP ACPI: found 5 devices
[ 0.535046] ACPI: bus type PNP unregistered
[ 0.542194] NET: Registered protocol family 2
[ 0.543295] TCP established hash table entries: 16384 (order: 5, 131072 bytes)
[ 0.544619] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)
[ 0.545814] TCP: Hash tables configured (established 16384 bind 16384)
[ 0.546984] TCP: reno registered
[ 0.547563] UDP hash table entries: 1024 (order: 3, 32768 bytes)
[ 0.548635] UDP-Lite hash table entries: 1024 (order: 3, 32768 bytes)
[ 0.549809] NET: Registered protocol family 1
[ 0.550603] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[ 0.551670] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[ 0.552712] pci 0000:00:01.0: Activating ISA DMA hang workarounds
[ 0.554113] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
[ 0.556240] ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 11
[ 0.558325] ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 11
[ 0.560193] ACPI: PCI Interrupt Link [LNKD] enabled at IRQ 10
[ 0.561816] Unpacking initramfs…
[ 0.734719] Freeing initrd memory: 18012k freed
[ 0.738602] sha1_ssse3: Using AVX optimized SHA-1 implementation
[ 0.740177] sha256_ssse3: Using AVX2 optimized SHA-256 implementation
[ 0.741543] futex hash table entries: 512 (order: 3, 32768 bytes)
[ 0.742641] Initialise system trusted keyring
[ 0.743431] audit: initializing netlink socket (disabled)
[ 0.744397] type=2000 audit(1539574519.159:1): initialized
[ 0.767740] HugeTLB registered 2 MB page size, pre-allocated 0 pages
[ 0.769953] zpool: loaded
[ 0.770518] zbud: loaded
[ 0.771196] VFS: Disk quotas dquot_6.5.2
[ 0.772211] Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[ 0.773586] msgmni has been set to 3997
[ 0.774332] Key type big_key registered
[ 0.775568] NET: Registered protocol family 38
[ 0.776373] Key type asymmetric registered
[ 0.777140] Asymmetric key parser ‘x509’ registered
[ 0.778035] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 250)
[ 0.779384] io scheduler noop registered
[ 0.780097] io scheduler deadline registered (default)
[ 0.781040] io scheduler cfq registered
[ 0.781813] pci_hotplug: PCI Hot Plug PCI Core version: 0.5
[ 0.782810] pciehp: PCI Express Hot Plug Controller Driver version: 0.4
[ 0.784085] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[ 0.785403] ACPI: Power Button [PWRF]
[ 0.786211] GHES: HEST is not enabled!
[ 0.786951] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[ 0.810919] 00:04: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
[ 0.812646] Non-volatile memory driver v1.3
[ 0.813451] Linux agpgart interface v0.103
[ 0.814335] crash memory driver: version 1.1
[ 0.815150] rdac: device handler registered
[ 0.815945] hp_sw: device handler registered
[ 0.816712] emc: device handler registered
[ 0.817447] alua: device handler registered
[ 0.818226] libphy: Fixed MDIO Bus: probed
[ 0.819020] ehci_hcd: USB 2.0 ‘Enhanced’ Host Controller (EHCI) Driver
[ 0.820190] ehci-pci: EHCI PCI platform driver
[ 0.821584] ehci-pci 0000:00:05.7: EHCI Host Controller
[ 0.822573] ehci-pci 0000:00:05.7: new USB bus registered, assigned bus number 1
[ 0.824094] ehci-pci 0000:00:05.7: irq 10, io mem 0xfc057000
[ 0.831068] ehci-pci 0000:00:05.7: USB 2.0 started, EHCI 1.00
[ 0.832280] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002
[ 0.833638] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.834913] usb usb1: Product: EHCI Host Controller
[ 0.835776] usb usb1: Manufacturer: Linux 3.10.0-693.el7.x86_64 ehci_hcd
[ 0.836961] usb usb1: SerialNumber: 0000:00:05.7
[ 0.838187] hub 1-0:1.0: USB hub found
[ 0.839017] hub 1-0:1.0: 6 ports detected
[ 0.839921] ohci_hcd: USB 1.1 ‘Open’ Host Controller (OHCI) Driver
[ 0.840831] ohci-pci: OHCI PCI platform driver
[ 0.841488] uhci_hcd: USB Universal Host Controller Interface driver
[ 0.843232] uhci_hcd 0000:00:05.0: UHCI Host Controller
[ 0.844405] uhci_hcd 0000:00:05.0: new USB bus registered, assigned bus number 2
[ 0.845735] uhci_hcd 0000:00:05.0: detected 2 ports
[ 0.846662] uhci_hcd 0000:00:05.0: irq 10, io base 0x0000c080
[ 0.847748] usb usb2: New USB device found, idVendor=1d6b, idProduct=0001
[ 0.848994] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.850109] usb usb2: Product: UHCI Host Controller
[ 0.851034] usb usb2: Manufacturer: Linux 3.10.0-693.el7.x86_64 uhci_hcd
[ 0.852240] usb usb2: SerialNumber: 0000:00:05.0
[ 0.853196] hub 2-0:1.0: USB hub found
[ 0.853889] hub 2-0:1.0: 2 ports detected
[ 0.855535] uhci_hcd 0000:00:05.1: UHCI Host Controller
[ 0.856736] uhci_hcd 0000:00:05.1: new USB bus registered, assigned bus number 3
[ 0.858482] uhci_hcd 0000:00:05.1: detected 2 ports
[ 0.859669] uhci_hcd 0000:00:05.1: irq 11, io base 0x0000c0a0
[ 0.860743] usb usb3: New USB device found, idVendor=1d6b, idProduct=0001
[ 0.862033] usb usb3: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.863381] usb usb3: Product: UHCI Host Controller
[ 0.864349] usb usb3: Manufacturer: Linux 3.10.0-693.el7.x86_64 uhci_hcd
[ 0.865628] usb usb3: SerialNumber: 0000:00:05.1
[ 0.866617] hub 3-0:1.0: USB hub found
[ 0.867319] hub 3-0:1.0: 2 ports detected
[ 0.869095] uhci_hcd 0000:00:05.2: UHCI Host Controller
[ 0.870305] uhci_hcd 0000:00:05.2: new USB bus registered, assigned bus number 4
[ 0.871739] uhci_hcd 0000:00:05.2: detected 2 ports
[ 0.873001] uhci_hcd 0000:00:05.2: irq 11, io base 0x0000c0c0
[ 0.874140] usb usb4: New USB device found, idVendor=1d6b, idProduct=0001
[ 0.875376] usb usb4: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 0.876736] usb usb4: Product: UHCI Host Controller
[ 0.877676] usb usb4: Manufacturer: Linux 3.10.0-693.el7.x86_64 uhci_hcd
[ 0.878927] usb usb4: SerialNumber: 0000:00:05.2
[ 0.879938] hub 4-0:1.0: USB hub found
[ 0.880674] hub 4-0:1.0: 2 ports detected
[ 0.881539] usbcore: registered new interface driver usbserial
[ 0.882626] usbcore: registered new interface driver usbserial_generic
[ 0.883836] usbserial: USB Serial support registered for generic
[ 0.884837] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[ 0.887320] serio: i8042 KBD port at 0x60,0x64 irq 1
[ 0.888321] serio: i8042 AUX port at 0x60,0x64 irq 12
[ 0.889426] mousedev: PS/2 mouse device common for all mice
[ 0.891384] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[ 0.893682] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input2
[ 0.895380] rtc_cmos 00:00: RTC can wake from S4
[ 0.896578] input: VirtualPS/2 VMware VMMouse as /devices/platform/i8042/serio1/input/input3
[ 0.896796] rtc_cmos 00:00: rtc core: registered rtc_cmos as rtc0
[ 0.897062] rtc_cmos 00:00: alarms up to one day, 114 bytes nvram
[ 0.897109] cpuidle: using governor menu
[ 0.897180] hidraw: raw HID events driver (C) Jiri Kosina
[ 0.897258] usbcore: registered new interface driver usbhid
[ 0.897259] usbhid: USB HID core driver
[ 0.897287] drop_monitor: Initializing network drop monitor service
[ 0.897341] TCP: cubic registered
[ 0.897345] Initializing XFRM netlink socket
[ 0.897412] NET: Registered protocol family 10
[ 0.898281] NET: Registered protocol family 17
[ 0.899315] microcode: CPU0 sig=0x506e3, pf=0x1, revision=0x1
[ 0.899320] microcode: CPU1 sig=0x506e3, pf=0x1, revision=0x1
[ 0.899337] microcode: Microcode Update Driver: v2.01 <[email protected]>, Peter Oruba
[ 0.899402] Loading compiled-in X.509 certificates
[ 0.899417] Loaded X.509 cert ‘CentOS Linux kpatch signing key: ea0413152cde1d98ebdca3fe6f0230904c9ef717’
[ 0.899426] Loaded X.509 cert ‘CentOS Linux Driver update signing key: 7f421ee0ab69461574bb358861dbe77762a4201b’
[ 0.899736] Loaded X.509 cert ‘CentOS Linux kernel signing key: da187dca7dbe53ab05bd13bd0c4e21f422b6a49c’
[ 0.899749] registered taskstats version 1
[ 0.904743] Key type trusted registered
[ 0.906406] Key type encrypted registered
[ 0.907597] IMA: No TPM chip found, activating TPM-bypass!
[ 0.908094] Magic number: 6:496:563
[ 0.908102] platform Fixed MDIO bus.0: hash matches
[ 0.908883] rtc_cmos 00:00: setting system clock to 2018-10-15 03:35:19 UTC (1539574519)

[ 0.927181] Freeing unused kernel memory: 1764k freed

[ 0.930751] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.933380] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.934654] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.936702] systemd[1]: systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
[ 0.940193] systemd[1]: Detected virtualization kvm.
[ 0.941201] systemd[1]: Detected architecture x86-64.
[ 0.942168] systemd[1]: Running in initial RAM disk.

Welcome to CentOS Linux 7 (Core) dracut-033-502.el7 (Initramfs)!

[ 0.944585] systemd[1]: Set hostname to <localhost.localdomain>.
[ 0.971052] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.972579] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.973754] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.975059] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.976775] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.978116] random: systemd: uninitialized urandom read (16 bytes read)
[ 0.979478] random: systemd: uninitialized urandom read (16 bytes read)
[ OK ] Reached target Swap.
[ 0.985571] systemd[1]: Reached target Swap.
[ 0.986473] systemd[1]: Starting Swap.
[ OK ] Reached target Timers.
[ 0.988568] systemd[1]: Reached target Timers.
[ 0.989516] systemd[1]: Starting Timers.
[ OK ] Created slice Root Slice.
[ 0.991574] systemd[1]: Created slice Root Slice.
[ 0.992471] systemd[1]: Starting Root Slice.
[ OK ] Listening on Journal Socket.
[ 0.994380] systemd[1]: Listening on Journal Socket.
[ 0.995285] systemd[1]: Starting Journal Socket.
[ OK ] Reached target Local File Systems.
[ 0.997415] systemd[1]: Reached target Local File Systems.
[ 0.998426] systemd[1]: Starting Local File Systems.
[ OK ] Listening on udev Control Socket.
[ 1.000617] systemd[1]: Listening on udev Control Socket.
[ 1.001591] systemd[1]: Starting udev Control Socket.
[ OK ] Created slice System Slice.
[ 1.003705] systemd[1]: Created slice System Slice.
[ 1.004629] systemd[1]: Starting System Slice.
[ 1.005764] systemd[1]: Starting Journal Service…
Starting Journal Service…
[ 1.007899] systemd[1]: Starting Setup Virtual Console…
Starting Setup Virtual Console…
[ 1.010274] systemd[1]: Starting Create list of required static device nodes for the current kernel…
Starting Create list of required st… nodes for the current kernel…
[ OK ] Reached target Slices.
[ 1.014390] systemd[1]: Reached target Slices.
[ 1.015239] systemd[1]: Starting Slices.
[ 1.018132] systemd[1]: Starting dracut cmdline hook…
Starting dracut cmdline hook…
[ OK ] Listening on udev Kernel Socket.
[ 1.021442] systemd[1]: Listening on udev Kernel Socket.
[ 1.022741] systemd[1]: Starting udev Kernel Socket.
[ OK ] Reached target Sockets.
[ 1.025093] systemd[1]: Reached target Sockets.
[ 1.025912] systemd[1]: Starting Sockets.
[ 1.027047] systemd[1]: Starting Apply Kernel Variables…
Starting Apply Kernel Variables…
[ OK ] Started Journal Service.
[ 1.030753] systemd[1]: Started Journal Service.
[ OK ] Started Create list of required sta…ce nodes for the current kernel.
[ OK ] Started dracut cmdline hook.
[ OK ] Started Apply Kernel Variables.
Starting dracut pre-udev hook…
[ 1.102135] random: fast init done
Starting Create Static Device Nodes in /dev…
[ OK ] Started Create Static Device Nodes in /dev.
[ OK ] Started dracut pre-udev hook.
Starting udev Kernel Device Manager…
[ OK ] Started udev Kernel Device Manager.
[ 1.143145] usb 1-1: new high-speed USB device number 2 using ehci-pci
Starting udev Coldplug all Devices…
Mounting Configuration File System…
[ OK ] Mounted Configuration File System.
[ OK ] Started udev Coldplug all Devices.
Starting dracut initqueue hook…
[ 1.186680] virtio-pci 0000:00:03.0: virtio_pci: leaving for legacy driver
[ 1.205602] virtio-pci 0000:00:06.0: virtio_pci: leaving for legacy driver
[ 1.207697] FDC 0 is a S82078B
[ 1.214614] virtio-pci 0000:00:07.0: virtio_pci: leaving for legacy driver
[ 1.225515] virtio-pci 0000:00:08.0: virtio_pci: leaving for legacy driver
[ OK ] Started Setup Virtual Console.
Starting Show Plymouth Boot Screen…
[ OK ] Reached target System Initialization.
[ 1.314581] scsi host0: ata_piix
[ 1.315739] scsi host1: ata_piix
[ 1.316420] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc120 irq 14
[ 1.317898] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc128 irq 15
[ 1.329425] vda: vda1
[ 1.329740] [drm] Initialized
[ OK ] Started Show Plymouth Boot Screen.
[ 1.350436] [drm] Device Version 0.0
[ 1.350437] [drm] Compression level 0 log level 0
[ 1.350438] [drm] Currently using mode #0, list at 0x488
[ 1.350438] [drm] 12286 io pages at offset 0x1000000
[ 1.350439] [drm] 16777216 byte draw area at offset 0x0
[ 1.350439] [drm] RAM header offset: 0x3ffe000
[ 1.350440] [drm] rom modes offset 0x488 for 128 modes
[ 1.350483] [TTM] Zone kernel: Available graphics memory: 1024160 kiB
[ 1.350483] [TTM] Initializing pool allocator
[ 1.350485] [TTM] Initializing DMA pool allocator
[ 1.350490] [drm] qxl: 16M of VRAM memory size
[ 1.350490] [drm] qxl: 63M of IO pages memory ready (VRAM domain)
[ 1.350490] [drm] qxl: 64M of Surface memory size
[ OK ] Found device /dev/disk/by-uuid/a46fa5f6-ee65-4168-b7a0-9a7757d2ce06.
[ 1.353578] [drm] main mem slot 1 [f4000000,3ffe000]
[ 1.353579] [drm] surface mem slot 2 [f8000000,4000000]
[ 1.353580] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).
[ 1.353580] [drm] No driver support for vblank timestamp query.
[ 1.353938] [drm] fb mappable at 0xF4000000, size 3145728
[ 1.353939] [drm] fb: depth 24, pitch 4096, width 1024, height 768
[ 1.377192] fbcon: qxldrmfb (fb0) is primary device
[ 1.394042] usb 1-1: New USB device found, idVendor=0627, idProduct=0001
[ 1.394044] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=5
[ 1.394045] usb 1-1: Product: QEMU USB Tablet
[ 1.394046] usb 1-1: Manufacturer: QEMU
[ 1.394047] usb 1-1: SerialNumber: 42
[ 1.395864] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:05.7/usb1/1-1/1-1:1.0/input/input4
[ 1.396079] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 Pointer [QEMU QEMU USB Tablet] on usb-0000:00:05.7-1/input0
[ 1.397275] Console: switching to colour frame buffer device 128×48
[ 1.403759] qxl 0000:00:02.0: fb0: qxldrmfb frame buffer device
[ 1.411280] [drm] Initialized qxl 0.1.0 20120117 for 0000:00:02.0 on minor 0
Starting File System Check on /dev/…6-ee65-4168-b7a0-9a7757d2ce06…
[ OK ] Reached target Paths.
[ OK ] Reached target Basic System.
[ OK ] Started File System Check on /dev/d…5f6-ee65-4168-b7a0-9a7757d2ce06.
[ OK ] Started dracut initqueue hook.
[ OK ] Reached target Remote File Systems (Pre).
[ OK ] Reached target Remote File Systems.
Mounting /sysroot…
[ 1.566179] SGI XFS with ACLs, security attributes, no debug enabled
[ 1.569844] XFS (vda1): Mounting V5 Filesystem
[ 1.635013] XFS (vda1): Ending clean mount
[ OK ] Mounted /sysroot.
[ OK ] Reached target Initrd Root File System.
Starting Reload Configuration from the Real Root…
[ OK ] Started Reload Configuration from the Real Root.
[ OK ] Reached target Initrd File Systems.
[ OK ] Reached target Initrd Default Target.
Starting dracut pre-pivot and cleanup hook…
[ OK ] Started dracut pre-pivot and cleanup hook.
Starting Cleaning Up and Shutting Down Daemons…
[ OK ] Stopped target Timers.
Starting Plymouth switch root service…
[ OK ] Stopped Cleaning Up and Shutting Down Daemons.
[ OK ] Stopped dracut pre-pivot and cleanup hook.
Stopping dracut pre-pivot and cleanup hook…
[ OK ] Stopped target Remote File Systems.
[ OK ] Stopped target Remote File Systems (Pre).
[ OK ] Stopped dracut initqueue hook.
Stopping dracut initqueue hook…
[ OK ] Stopped target Initrd Default Target.
[ OK ] Stopped target Basic System.
[ OK ] Stopped target System Initialization.
Stopping udev Kernel Device Manager…
[ OK ] Stopped target Local File Systems.
[ OK ] Stopped Apply Kernel Variables.
Stopping Apply Kernel Variables…
[ OK ] Stopped target Swap.
[ OK ] Stopped udev Coldplug all Devices.
Stopping udev Coldplug all Devices…
[ OK ] Stopped target Slices.
[ OK ] Stopped target Sockets.
[ OK ] Stopped target Paths.
[ OK ] Started Plymouth switch root service.
[ OK ] Stopped udev Kernel Device Manager.
[ OK ] Stopped dracut pre-udev hook.
Stopping dracut pre-udev hook…
[ OK ] Stopped dracut cmdline hook.
Stopping dracut cmdline hook…
[ OK ] Stopped Create Static Device Nodes in /dev.
Stopping Create Static Device Nodes in /dev…
[ OK ] Stopped Create list of required sta…ce nodes for the current kernel.
Stopping Create list of required st… nodes for the current kernel…
[ OK ] Closed udev Kernel Socket.
[ OK ] Closed udev Control Socket.
Starting Cleanup udevd DB…
[ OK ] Started Cleanup udevd DB.
[ OK ] Reached target Switch Root.
Starting Switch Root…
[ 1.955565] systemd-journald[91]: Received SIGTERM from PID 1 (n/a).
[ 1.970641] type=1404 audit(1539574520.561:2): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295
[ 2.192440] type=1403 audit(1539574520.783:3): policy loaded auid=4294967295 ses=4294967295
[ 2.197396] systemd[1]: Successfully loaded SELinux policy in 226.663ms.
[ 2.212294] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 2.213395] systemd[1]: Inserted module ‘ip_tables’
[ 2.232274] systemd[1]: Relabelled /dev and /run in 16.698ms.

Welcome to CentOS Linux 7 (Core)!

[ OK ] Stopped Switch Root.
[ OK ] Stopped Journal Service.
Starting Journal Service…
Starting Create list of required st… nodes for the current kernel…
[ OK ] Listening on udev Kernel Socket.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Created slice system-getty.slice.
[ OK ] Reached target Swap.
[ OK ] Listening on /dev/initctl Compatibility Named Pipe.
[ OK ] Created slice User and Session Slice.
[ OK ] Created slice system-selinux\x2dpol…grate\x2dlocal\x2dchanges.slice.
Mounting Huge Pages File System…
[ OK ] Reached target Slices.
[ OK ] Reached target Remote File Systems.
[ OK ] Reached target Encrypted Volumes.
[ OK ] Created slice system-serial\x2dgetty.slice.
[ OK ] Listening on udev Control Socket.
Mounting POSIX Message Queue File System…
[ OK ] Stopped target Switch Root.
[ OK ] Stopped target Initrd Root File System.
[ OK ] Stopped target Initrd File Systems.
[ OK ] Set up automount Arbitrary Executab…ats File System Automount Point.
Mounting Debug File System…
[ OK ] Stopped File System Check on Root Device.
Stopping File System Check on Root Device…
Starting Remount Root and Kernel File Systems…
Starting Apply Kernel Variables…
[ OK ] Started Journal Service.
[ OK ] Started Create list of required sta…ce nodes for the current kernel.
Starting Create Static Device Nodes in /dev…
[ OK ] Mounted Debug File System.
[ OK ] Mounted POSIX Message Queue File System.
[ OK ] Mounted Huge Pages File System.
[ OK ] Started Apply Kernel Variables.
[ OK ] Started Remount Root and Kernel File Systems.
Starting udev Coldplug all Devices…
Starting Load/Save Random Seed…
Starting Flush Journal to Persistent Storage…
Starting Configure read-only root support…
[ 2.366203] systemd-journald[343]: Received request to flush runtime journal from PID 1
[ OK ] Started Flush Journal to Persistent Storage.
[ OK ] Started Create Static Device Nodes in /dev.
Starting udev Kernel Device Manager…
[ OK ] Reached target Local File Systems (Pre).
[ OK ] Started Load/Save Random Seed.
[ OK ] Started udev Coldplug all Devices.
[ OK ] Started udev Kernel Device Manager.
[ OK ] Started Configure read-only root support.
[ OK ] Reached target Local File Systems.
Starting Tell Plymouth To Write Out Runtime Data…
Starting Import network configuration from initramfs…
[ 2.471361] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[ 2.477247] input: PC Speaker as /devices/platform/pcspkr/input/input5
[ OK ] Started Tell Plymouth To Write Out Runtime Data.
[ OK ] Found device /dev/ttyS0.
[ 2.544927] ppdev: user-space parallel port driver
[ 2.546467] AES CTR mode by8 optimization enabled
[ 2.577198] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[ OK ] Started Import network configuration from initramfs.
Starting Create Volatile Files and Directories…
[ 2.626302] alg: No test for crc32 (crc32-pclmul)
[ 2.634861] snd_hda_codec_generic hdaudioC0D0: autoconfig for Generic: line_outs=1 (0x3/0x0/0x0/0x0/0x0) type:line
[ 2.637118] snd_hda_codec_generic hdaudioC0D0: speaker_outs=0 (0x0/0x0/0x0/0x0/0x0)
[ 2.639013] snd_hda_codec_generic hdaudioC0D0: hp_outs=0 (0x0/0x0/0x0/0x0/0x0)
[ 2.641532] snd_hda_codec_generic hdaudioC0D0: mono: mono_out=0x0
[ 2.642694] snd_hda_codec_generic hdaudioC0D0: inputs:
[ 2.644237] snd_hda_codec_generic hdaudioC0D0: Line=0x5
[ OK ] Reached target Sound Card.
[ OK ] Started Create Volatile Files and Directories.
Starting Security Auditing Service…
[ 2.696140] type=1305 audit(1539574521.287:4): audit_pid=464 old=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
[ OK ] Started Security Auditing Service.
Starting Update UTMP about System Boot/Shutdown…
[ OK ] Started Update UTMP about System Boot/Shutdown.
[ OK ] Reached target System Initialization.
[ OK ] Listening on D-Bus System Message Bus Socket.
[ OK ] Reached target Sockets.
[ OK ] Reached target Paths.
[ OK ] Reached target Timers.
[ OK ] Reached target Basic System.
[ OK ] Started irqbalance daemon.
Starting irqbalance daemon…
[ OK ] Started QEMU Guest Agent.
Starting QEMU Guest Agent…
Starting Dump dmesg to /var/log/dmesg…
[ OK ] Started D-Bus System Message Bus.
Starting D-Bus System Message Bus…
Starting Authorization Manager…
Starting System Logging Service…
Starting Permit User Sessions…
Starting Login Service…
Starting NTP client/server…
[ OK ] Started Dump dmesg to /var/log/dmesg.
[ OK ] Started Permit User Sessions.
[ OK ] Started Command Scheduler.
Starting Command Scheduler…
Starting Terminate Plymouth Boot Screen…
Starting Wait for Plymouth Boot Screen to Quit…
[ OK ] Started System Logging Service.
[ OK ] Started Login Service.
[ OK ] Started Authorization Manager.
[ 3.502498] ip6_tables: (C) 2000-2006 Netfilter Core Team
[ 3.547923] Ebtables v2.0 registered
[ 3.594100] random: crng init done
[ 3.595116] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 3.742735] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 3.817087] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
[ 3.836567] Netfilter messages via NETLINK v0.30.
[ 3.841981] ip_set: protocol 6

CentOS Linux 7 (Core)
Kernel 3.10.0-693.el7.x86_64 on an x86_64

localhost login: root
Password:
Last login: Mon Oct 15 11:34:29 on tty1

步骤三：制作一个虚拟机模板

代码如下
1、关闭selinux
[root@localhost ~]# cat /etc/selinux/config | grep -v “^#”
SELINUX=disabled
SELINUXTYPE=targeted
2、配置yum源
[root@localhost ~]# cat /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/centos
enabled=1
gpgcheck=0
[root@localhost ~]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base dvd extras updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
[root@localhost ~]# yum repolist
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
dvd | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/6): dvd/primary_db | 5.7 MB 00:00
(2/6): dvd/group_gz | 156 kB 00:00
(3/6): extras/7/x86_64/primary_db | 204 kB 00:00
(4/6): base/7/x86_64/group_gz | 166 kB 00:01
(5/6): updates/7/x86_64/primary_db | 6.0 MB 00:04
(6/6): base/7/x86_64/primary_db | 5.9 MB 00:06
Determining fastest mirrors
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.njupt.edu.cn
repo id repo name status
base/7/x86_64 CentOS-7 – Base 9,911
dvd dvd 9,591
extras/7/x86_64 CentOS-7 – Extras 432
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 21,477
3、卸载防火墙和NetworkManager
[root@localhost ~]# yum remove NetworkManager-* firewalld-* python-firewall
Loaded plugins: fastestmirror
Resolving Dependencies
–> Running transaction check
—> Package NetworkManager.x86_64 1:1.8.0-9.el7 will be erased
—> Package NetworkManager-libnm.x86_64 1:1.8.0-9.el7 will be erased
—> Package NetworkManager-team.x86_64 1:1.8.0-9.el7 will be erased
—> Package NetworkManager-tui.x86_64 1:1.8.0-9.el7 will be erased
—> Package NetworkManager-wifi.x86_64 1:1.8.0-9.el7 will be erased
—> Package firewalld.noarch 0:0.4.4.4-6.el7 will be erased
—> Package firewalld-filesystem.noarch 0:0.4.4.4-6.el7 will be erased
—> Package python-firewall.noarch 0:0.4.4.4-6.el7 will be erased
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Removing:
NetworkManager x86_64 1:1.8.0-9.el7 @anaconda 4.7 M
NetworkManager-libnm x86_64 1:1.8.0-9.el7 @anaconda 5.6 M
NetworkManager-team x86_64 1:1.8.0-9.el7 @anaconda 53 k
NetworkManager-tui x86_64 1:1.8.0-9.el7 @anaconda 240 k
NetworkManager-wifi x86_64 1:1.8.0-9.el7 @anaconda 144 k
firewalld noarch 0.4.4.4-6.el7 @anaconda 1.8 M
firewalld-filesystem noarch 0.4.4.4-6.el7 @anaconda 239
python-firewall noarch 0.4.4.4-6.el7 @anaconda 1.8 M

Transaction Summary
================================================================================
Remove 8 Packages

Installed size: 14 M
Is this ok [y/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
[ 415.117483] Ebtables v2.0 unregistered
Erasing : firewalld-0.4.4.4-6.el7.noarch 1/8
Erasing : 1:NetworkManager-tui-1.8.0-9.el7.x86_64 2/8
Erasing : 1:NetworkManager-team-1.8.0-9.el7.x86_64 3/8
Erasing : 1:NetworkManager-wifi-1.8.0-9.el7.x86_64 4/8
Erasing : firewalld-filesystem-0.4.4.4-6.el7.noarch 5/8
Erasing : python-firewall-0.4.4.4-6.el7.noarch 6/8
Erasing : 1:NetworkManager-1.8.0-9.el7.x86_64 7/8
Erasing : 1:NetworkManager-libnm-1.8.0-9.el7.x86_64 8/8
Verifying : 1:NetworkManager-wifi-1.8.0-9.el7.x86_64 1/8
Verifying : firewalld-0.4.4.4-6.el7.noarch 2/8
Verifying : 1:NetworkManager-1.8.0-9.el7.x86_64 3/8
Verifying : 1:NetworkManager-libnm-1.8.0-9.el7.x86_64 4/8
Verifying : 1:NetworkManager-team-1.8.0-9.el7.x86_64 5/8
Verifying : python-firewall-0.4.4.4-6.el7.noarch 6/8
Verifying : 1:NetworkManager-tui-1.8.0-9.el7.x86_64 7/8
Verifying : firewalld-filesystem-0.4.4.4-6.el7.noarch 8/8

Removed:
NetworkManager.x86_64 1:1.8.0-9.el7
NetworkManager-libnm.x86_64 1:1.8.0-9.el7
NetworkManager-team.x86_64 1:1.8.0-9.el7
NetworkManager-tui.x86_64 1:1.8.0-9.el7
NetworkManager-wifi.x86_64 1:1.8.0-9.el7
firewalld.noarch 0:0.4.4.4-6.el7
firewalld-filesystem.noarch 0:0.4.4.4-6.el7
python-firewall.noarch 0:0.4.4.4-6.el7

Complete!

4、导入公钥
[root@localhost ~]# yum install -y lftp
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.njupt.edu.cn
Resolving Dependencies
–> Running transaction check
—> Package lftp.x86_64 0:4.4.8-8.el7_3.2 will be installed
–> Processing Dependency: libgnutls.so.28(GNUTLS_1_4)(64bit) for package: lftp-4.4.8-8.el7_3.2.x86_64
–> Processing Dependency: libgnutls.so.28()(64bit) for package: lftp-4.4.8-8.el7_3.2.x86_64
–> Running transaction check
—> Package gnutls.x86_64 0:3.3.26-9.el7 will be installed
–> Processing Dependency: trousers >= 0.3.11.2 for package: gnutls-3.3.26-9.el7.x86_64
–> Processing Dependency: libnettle.so.4()(64bit) for package: gnutls-3.3.26-9.el7.x86_64
–> Processing Dependency: libhogweed.so.2()(64bit) for package: gnutls-3.3.26-9.el7.x86_64
–> Running transaction check
—> Package nettle.x86_64 0:2.7.1-8.el7 will be installed
—> Package trousers.x86_64 0:0.3.14-2.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
lftp x86_64 4.4.8-8.el7_3.2 base 751 k
Installing for dependencies:
gnutls x86_64 3.3.26-9.el7 base 677 k
nettle x86_64 2.7.1-8.el7 base 327 k
trousers x86_64 0.3.14-2.el7 base 289 k

Transaction Summary
================================================================================
Install 1 Package (+3 Dependent packages)

Total download size: 2.0 M
Installed size: 5.9 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/lftp-4.4.8-8.el7_3.2.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for lftp-4.4.8-8.el7_3.2.x86_64.rpm is not installed
(1/4): lftp-4.4.8-8.el7_3.2.x86_64.rpm | 751 kB 00:00
(2/4): trousers-0.3.14-2.el7.x86_64.rpm | 289 kB 00:00
(3/4): gnutls-3.3.26-9.el7.x86_64.rpm | 677 kB 00:01
(4/4): nettle-2.7.1-8.el7.x86_64.rpm | 327 kB 00:01
——————————————————————————–
Total 1.6 MB/s | 2.0 MB 00:01
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : “CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>”
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-4.1708.el7.centos.x86_64 (@anaconda)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : nettle-2.7.1-8.el7.x86_64 1/4
Installing : trousers-0.3.14-2.el7.x86_64 2/4
Installing : gnutls-3.3.26-9.el7.x86_64 3/4
Installing : lftp-4.4.8-8.el7_3.2.x86_64 4/4
Verifying : trousers-0.3.14-2.el7.x86_64 1/4
Verifying : lftp-4.4.8-8.el7_3.2.x86_64 2/4
Verifying : gnutls-3.3.26-9.el7.x86_64 3/4
Verifying : nettle-2.7.1-8.el7.x86_64 4/4

Installed:
lftp.x86_64 0:4.4.8-8.el7_3.2

Dependency Installed:
gnutls.x86_64 0:3.3.26-9.el7 nettle.x86_64 0:2.7.1-8.el7
trousers.x86_64 0:0.3.14-2.el7

Complete!
启用公钥
[root@localhost ~]# cat /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=ftp://192.168.1.254/centos
enabled=1
gpgcheck=1
安装一些必备的软件
vim，net-tools等 tab命令补齐
yum -y install bash-completion

因为console模式下会串行，为了方便演示，这里分2次安装软件
[root@localhost ~]# yum install -y net-tools vim-enhanced bridge-utils psmisc
Loaded plugins: fastestmirror
dvd | 3.6 kB 00:00
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.njupt.edu.cn
Resolving Dependencies
–> Running transaction check
—> Package bridge-utils.x86_64 0:1.5-9.el7 will be installed
—> Package net-tools.x86_64 0:2.0-0.22.20131004git.el7 will be installed
—> Package psmisc.x86_64 0:22.20-15.el7 will be installed
—> Package vim-enhanced.x86_64 2:7.4.160-4.el7 will be installed
–> Processing Dependency: vim-common = 2:7.4.160-4.el7 for package: 2:vim-enhanced-7.4.160-4.el7.x86_64
–> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 2:vim-enhanced-7.4.160-4.el7.x86_64
–> Processing Dependency: libperl.so()(64bit) for package: 2:vim-enhanced-7.4.160-4.el7.x86_64
–> Processing Dependency: libgpm.so.2()(64bit) for package: 2:vim-enhanced-7.4.160-4.el7.x86_64
–> Running transaction check
—> Package gpm-libs.x86_64 0:1.20.7-5.el7 will be installed
—> Package perl.x86_64 4:5.16.3-292.el7 will be installed
–> Processing Dependency: perl(Socket) >= 1.3 for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Scalar::Util) >= 1.10 for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl-macros for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Time::Local) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Socket) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Scalar::Util) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Getopt::Long) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Temp) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec::Unix) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec::Functions) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Spec) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(File::Path) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Exporter) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Cwd) for package: 4:perl-5.16.3-292.el7.x86_64
–> Processing Dependency: perl(Carp) for package: 4:perl-5.16.3-292.el7.x86_64
—> Package perl-libs.x86_64 4:5.16.3-292.el7 will be installed
—> Package vim-common.x86_64 2:7.4.160-4.el7 will be installed
–> Processing Dependency: vim-filesystem for package: 2:vim-common-7.4.160-4.el7.x86_64
–> Running transaction check
—> Package perl-Carp.noarch 0:1.26-244.el7 will be installed
—> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed
—> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed
—> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed
—> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed
—> Package perl-Getopt-Long.noarch 0:2.40-3.el7 will be installed
–> Processing Dependency: perl(Pod::Usage) >= 1.14 for package: perl-Getopt-Long-2.40-3.el7.noarch
–> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-3.el7.noarch
—> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed
—> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed
–> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch
–> Processing Dependency: perl(Encode) for package: 1:perl-Pod-Simple-3.28-4.el7.noarch
—> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed
—> Package perl-Socket.x86_64 0:2.010-4.el7 will be installed
—> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed
—> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed
—> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed
—> Package perl-constant.noarch 0:1.27-2.el7 will be installed
—> Package perl-macros.x86_64 4:5.16.3-292.el7 will be installed
—> Package perl-threads.x86_64 0:1.87-4.el7 will be installed
—> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed
—> Package vim-filesystem.x86_64 2:7.4.160-4.el7 will be installed
–> Running transaction check
—> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed
—> Package perl-Pod-Escapes.noarch 1:1.04-292.el7 will be installed
—> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed
–> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch
–> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch
—> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed
–> Running transaction check
—> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed
–> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch
–> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch
—> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed
–> Running transaction check
—> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed
—> Package perl-parent.noarch 1:0.225-244.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
bridge-utils x86_64 1.5-9.el7 base 32 k
net-tools x86_64 2.0-0.22.20131004git.el7 base 305 k
psmisc x86_64 22.20-15.el7 base 141 k
vim-enhanced x86_64 2:7.4.160-4.el7 base 1.0 M
Installing for dependencies:
gpm-libs x86_64 1.20.7-5.el7 base 32 k
perl x86_64 4:5.16.3-292.el7 base 8.0 M
perl-Carp noarch 1.26-244.el7 base 19 k
perl-Encode x86_64 2.51-7.el7 base 1.5 M
perl-Exporter noarch 5.68-3.el7 base 28 k
perl-File-Path noarch 2.09-2.el7 base 26 k
perl-File-Temp noarch 0.23.01-3.el7 base 56 k
perl-Filter x86_64 1.49-3.el7 base 76 k
perl-Getopt-Long noarch 2.40-3.el7 base 56 k
perl-HTTP-Tiny noarch 0.033-3.el7 base 38 k
perl-PathTools x86_64 3.40-5.el7 base 82 k
perl-Pod-Escapes noarch 1:1.04-292.el7 base 51 k
perl-Pod-Perldoc noarch 3.20-4.el7 base 87 k
perl-Pod-Simple noarch 1:3.28-4.el7 base 216 k
perl-Pod-Usage noarch 1.63-3.el7 base 27 k
perl-Scalar-List-Utils x86_64 1.27-248.el7 base 36 k
perl-Socket x86_64 2.010-4.el7 base 49 k
perl-Storable x86_64 2.45-3.el7 base 77 k
perl-Text-ParseWords noarch 3.29-4.el7 base 14 k
perl-Time-HiRes x86_64 4:1.9725-3.el7 base 45 k
perl-Time-Local noarch 1.2300-2.el7 base 24 k
perl-constant noarch 1.27-2.el7 base 19 k
perl-libs x86_64 4:5.16.3-292.el7 base 688 k
perl-macros x86_64 4:5.16.3-292.el7 base 43 k
perl-parent noarch 1:0.225-244.el7 base 12 k
perl-podlators noarch 2.5.1-3.el7 base 112 k
perl-threads x86_64 1.87-4.el7 base 49 k
perl-threads-shared x86_64 1.43-6.el7 base 39 k
vim-common x86_64 2:7.4.160-4.el7 base 5.9 M
vim-filesystem x86_64 2:7.4.160-4.el7 base 10 k

Transaction Summary
================================================================================
Install 4 Packages (+30 Dependent packages)

Total download size: 19 M
Installed size: 61 M
Downloading packages: : vim-common-7.4.160-4.el7.x86_64.rpm | 5.9 MB 00:09
——————————————————————————–
Total 1.5 MB/s | 19 MB 00:12
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 1:perl-parent-0.225-244.el7.noarch 1/34
Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 2/34
Installing : perl-podlators-2.5.1-3.el7.noarch 3/34
Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 4/34
Installing : 1:perl-Pod-Escapes-1.04-292.el7.noarch 5/34
Installing : perl-Text-ParseWords-3.29-4.el7.noarch 6/34
Installing : perl-Encode-2.51-7.el7.x86_64 7/34
Installing : perl-Pod-Usage-1.63-3.el7.noarch 8/34
Installing : 4:perl-macros-5.16.3-292.el7.x86_64 9/34
Installing : 4:perl-libs-5.16.3-292.el7.x86_64 10/34
Installing : perl-Storable-2.45-3.el7.x86_64 11/34
Installing : perl-Exporter-5.68-3.el7.noarch 12/34
Installing : perl-constant-1.27-2.el7.noarch 13/34
Installing : perl-Time-Local-1.2300-2.el7.noarch 14/34
Installing : perl-Socket-2.010-4.el7.x86_64 15/34
Installing : perl-Carp-1.26-244.el7.noarch 16/34
Installing : perl-PathTools-3.40-5.el7.x86_64 17/34
Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 18/34
Installing : perl-File-Temp-0.23.01-3.el7.noarch 19/34
Installing : perl-File-Path-2.09-2.el7.noarch 20/34
Installing : perl-threads-shared-1.43-6.el7.x86_64 21/34
Installing : perl-threads-1.87-4.el7.x86_64 22/34
Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 23/34
Installing : perl-Filter-1.49-3.el7.x86_64 24/34
Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 25/34
Installing : perl-Getopt-Long-2.40-3.el7.noarch 26/34
Installing : 4:perl-5.16.3-292.el7.x86_64 27/34
Installing : 2:vim-filesystem-7.4.160-4.el7.x86_64 28/34
Installing : 2:vim-common-7.4.160-4.el7.x86_64 29/34
Installing : gpm-libs-1.20.7-5.el7.x86_64 30/34
Installing : 2:vim-enhanced-7.4.160-4.el7.x86_64 31/34
Installing : bridge-utils-1.5-9.el7.x86_64 32/34
Installing : psmisc-22.20-15.el7.x86_64 33/34
Installing : net-tools-2.0-0.22.20131004git.el7.x86_64 34/34
Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 1/34
Verifying : net-tools-2.0-0.22.20131004git.el7.x86_64 2/34
Verifying : perl-threads-shared-1.43-6.el7.x86_64 3/34
Verifying : perl-Storable-2.45-3.el7.x86_64 4/34
Verifying : perl-Exporter-5.68-3.el7.noarch 5/34
Verifying : perl-constant-1.27-2.el7.noarch 6/34
Verifying : perl-PathTools-3.40-5.el7.x86_64 7/34
Verifying : 4:perl-macros-5.16.3-292.el7.x86_64 8/34
Verifying : 1:perl-parent-0.225-244.el7.noarch 9/34
Verifying : 4:perl-5.16.3-292.el7.x86_64 10/34
Verifying : perl-File-Temp-0.23.01-3.el7.noarch 11/34
Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 12/34
Verifying : perl-Time-Local-1.2300-2.el7.noarch 13/34
Verifying : gpm-libs-1.20.7-5.el7.x86_64 14/34
Verifying : 4:perl-libs-5.16.3-292.el7.x86_64 15/34
Verifying : psmisc-22.20-15.el7.x86_64 16/34
Verifying : perl-Socket-2.010-4.el7.x86_64 17/34
Verifying : perl-Carp-1.26-244.el7.noarch 18/34
Verifying : 2:vim-enhanced-7.4.160-4.el7.x86_64 19/34
Verifying : bridge-utils-1.5-9.el7.x86_64 20/34
Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 21/34
Verifying : 1:perl-Pod-Escapes-1.04-292.el7.noarch 22/34
Verifying : 2:vim-filesystem-7.4.160-4.el7.x86_64 23/34
Verifying : perl-Pod-Usage-1.63-3.el7.noarch 24/34
Verifying : perl-Encode-2.51-7.el7.x86_64 25/34
Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 26/34
Verifying : perl-podlators-2.5.1-3.el7.noarch 27/34
Verifying : perl-File-Path-2.09-2.el7.noarch 28/34
Verifying : perl-threads-1.87-4.el7.x86_64 29/34
Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 30/34
Verifying : perl-Filter-1.49-3.el7.x86_64 31/34
Verifying : perl-Getopt-Long-2.40-3.el7.noarch 32/34
Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 33/34
Verifying : 2:vim-common-7.4.160-4.el7.x86_64 34/34

Installed:
bridge-utils.x86_64 0:1.5-9.el7 net-tools.x86_64 0:2.0-0.22.20131004git.el7
psmisc.x86_64 0:22.20-15.el7 vim-enhanced.x86_64 2:7.4.160-4.el7

Dependency Installed:
gpm-libs.x86_64 0:1.20.7-5.el7
perl.x86_64 4:5.16.3-292.el7
perl-Carp.noarch 0:1.26-244.el7
perl-Encode.x86_64 0:2.51-7.el7
perl-Exporter.noarch 0:5.68-3.el7
perl-File-Path.noarch 0:2.09-2.el7
perl-File-Temp.noarch 0:0.23.01-3.el7
perl-Filter.x86_64 0:1.49-3.el7
perl-Getopt-Long.noarch 0:2.40-3.el7
perl-HTTP-Tiny.noarch 0:0.033-3.el7
perl-PathTools.x86_64 0:3.40-5.el7
perl-Pod-Escapes.noarch 1:1.04-292.el7
perl-Pod-Perldoc.noarch 0:3.20-4.el7
perl-Pod-Simple.noarch 1:3.28-4.el7
perl-Pod-Usage.noarch 0:1.63-3.el7
perl-Scalar-List-Utils.x86_64 0:1.27-248.el7
perl-Socket.x86_64 0:2.010-4.el7
perl-Storable.x86_64 0:2.45-3.el7
perl-Text-ParseWords.noarch 0:3.29-4.el7
perl-Time-HiRes.x86_64 4:1.9725-3.el7
perl-Time-Local.noarch 0:1.2300-2.el7
perl-constant.noarch 0:1.27-2.el7
perl-libs.x86_64 4:5.16.3-292.el7
perl-macros.x86_64 4:5.16.3-292.el7
perl-parent.noarch 1:0.225-244.el7
perl-podlators.noarch 0:2.5.1-3.el7
perl-threads.x86_64 0:1.87-4.el7
perl-threads-shared.x86_64 0:1.43-6.el7
vim-common.x86_64 2:7.4.160-4.el7
vim-filesystem.x86_64 2:7.4.160-4.el7

Complete!
[root@localhost ~]# yum -y install bash-completion
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.njupt.edu.cn
Resolving Dependencies
–> Running transaction check
—> Package bash-completion.noarch 1:2.1-6.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

Transaction Summary
================================================================================
Install 1 Package

Total download size: 85 k
Installed size: 259 k
Downloading packages:
bash-completion-2.1-6.el7.noarch.rpm | 85 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 1:bash-completion-2.1-6.el7.noarch 1/1
Verifying : 1:bash-completion-2.1-6.el7.noarch 1/1

Installed:
bash-completion.noarch 1:2.1-6.el7

Complete!

5、配置网卡，并重启
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=”eth0″
NAME=”eth0″
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=dhcp
TYPE=Ethernet
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.186 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fe2d:db21 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:2d:db:21 txqueuelen 1000 (Ethernet)
RX packets 22543 bytes 42457499 (40.4 MiB)
RX errors 0 dropped 2 overruns 0 frame 0
TX packets 20781 bytes 1851296 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

6、禁用空路由
[root@localhost ~]# cat /etc/sysconfig/network
# Created by anaconda
NOZEROCONF=”yes”
[root@localhost ~]#

7、添加console配置
[root@localhost ~]# cat /etc/sysconfig/network
# Created by anaconda
NOZEROCONF=”yes”
[root@localhost ~]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT=”console”
GRUB_CMDLINE_LINUX=”biosdevname=0 net.ifnames=0 console=ttyS0,115200n8″
GRUB_DISABLE_RECOVERY=”true”
GRUB_disabLE_LINUX_UUID=”true”
GRUB_ENABLE_LINUX_LABEL=”true”
(注意，这里添加的是
GRUB_CMDLINE_LINUX=”biosdevname=0 net.ifnames=0 console=ttyS0,115200n8″
GRUB_DISABLE_LINUX_UUID=”true”
GRUB_ENABLE_LINUX_LABEL=”true”)

8、重新生成grub.cfg
[root@localhost ~]# grub2-mkconfig -o /boot/grub2/grub.cfg

9、安装扩展分区软件
[root@localhost ~]# yum install -y cloud-utils-growpart
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.njupt.edu.cn
Resolving Dependencies
–> Running transaction check
—> Package cloud-utils-growpart.noarch 0:0.29-2.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

Transaction Summary
================================================================================
Install 1 Package

Total download size: 26 k
Installed size: 61 k
Downloading packages:
cloud-utils-growpart-0.29-2.el7.noarch.rpm | 26 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : cloud-utils-growpart-0.29-2.el7.noarch 1/1
Verifying : cloud-utils-growpart-0.29-2.el7.noarch 1/1

Installed:
cloud-utils-growpart.noarch 0:0.29-2.el7

Complete!

10、第一次开机自动扩容

11、修改fstab
注意，模板机的fstab不能使用uuid，这样创建新的虚拟机时就不能正常使用了。
[root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 253:0 0 16G 0 disk
└─vda1 253:1 0 16G 0 part /
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/vda1 16G 1.2G 15G 8% /
devtmpfs 991M 0 991M 0% /dev
tmpfs 1001M 0 1001M 0% /dev/shm
tmpfs 1001M 8.5M 992M 1% /run
tmpfs 1001M 0 1001M 0% /sys/fs/cgroup
tmpfs 201M 0 201M 0% /run/user/0
[root@localhost ~]# blkid
/dev/vda1: UUID=”a46fa5f6-ee65-4168-b7a0-9a7757d2ce06″ TYPE=”xfs”

[root@localhost ~]# grep -v “^$” /etc/fstab | grep -v “^#”
/dev/vda1 / xfs defaults 0 0

12、开机自动扩容
[root@localhost ~]# /usr/bin/growpart /dev/vda 1
NOCHANGE: partition 1 could only be grown by -33 [fudge=2048]
[root@localhost ~]# /usr/sbin/xfs_growfs /
meta-data=/dev/vda1 isize=512 agcount=4, agsize=1048512 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0 spinodes=0
data = bsize=4096 blocks=4194048, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0

13、关闭虚拟机执行清理工作
[root@localhost ~]# poweroff
[ OK ] Started Show Plymouth Power Off Screen.
[ OK ] Stopped LSB: Bring up/down networking.
[ OK ] Stopped target Basic System.
[ OK ] Stopped target Paths.
[ OK ] Stopped target Slices.
[ OK ] Removed slice User and Session Slice.
[ OK ] Stopped target Sockets.
[ OK ] Closed D-Bus System Message Bus Socket.
[ OK ] Stopped target System Initialization.
[ OK ] Stopped target Swap.
[ OK ] Stopped Apply Kernel Variables.
Stopping Apply Kernel Variables…
Stopping Update UTMP about System Boot/Shutdown…
Stopping Load/Save Random Seed…
[ OK ] Stopped target Encrypted Volumes.
[ OK ] Stopped Setup Virtual Console.
Stopping Setup Virtual Console…
[ OK ] Stopped target Network (Pre).
[ OK ] Stopped Load/Save Random Seed.
[ OK ] Stopped Update UTMP about System Boot/Shutdown.
Stopping Security Auditing Service…
[ 2142.939256] type=1305 audit(1539576661.561:189): audit_pid=0 old=464 auid=4294967295 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=1
[ 2142.943908] type=1130 audit(1539576661.566:190): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=auditd comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ 2142.947722] type=1131 audit(1539576661.571:191): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=auditd comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ OK ] Stopped Security Auditing Service.
[ 2142.952756] type=1130 audit(1539576661.576:192): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=systemd-tmpfiles-setup comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ 2142.956717] type=1131 audit(1539576661.580:193): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=systemd-tmpfiles-setup comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ OK ] Stopped Create Volatile Files and Directories.
[ 2142.961833] type=1130 audit(1539576661.584:194): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=rhel-import-state comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ 2142.965569] type=1131 audit(1539576661.588:195): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=rhel-import-state comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
Stopping Create Volatile Files and Directories…
[ OK [ 2142.970612] type=1130 audit(1539576661.593:196): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=rhel-readonly comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
] Stopped Import[ 2142.975183] type=1131 audit(1539576661.599:197): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=rhel-readonly comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
network configuration from initramfs.
Stopping Import network configuration from initramfs…
[ OK ] Stopped target Local File Systems.
[ OK ] Stopped Configure read-only root support.
Stopping Configure read-only root support…
Unmounting /run/user/0…
[ 2142.992429] type=1130 audit(1539576661.615:198): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=’unit=systemd-remount-fs comm=”systemd” exe=”/usr/lib/systemd/systemd” hostname=? addr=? terminal=? res=success’
[ OK ] Unmounted /run/user/0.
[ OK ] Reached target Unmount All Filesystems.
[ OK ] Stopped target Local File Systems (Pre).
[ OK ] Stopped Remount Root and Kernel File Systems.
Stopping Remount Root and Kernel File Systems…
[ OK ] Stopped Create Static Device Nodes in /dev.
Stopping Create Static Device Nodes in /dev…
[ OK ] Reached target Shutdown.
[ 2143.023670] systemd-shutdown[1]: Sending SIGTERM to remaining processes…
[ 2143.045659] systemd-journald[343]: Received SIGTERM from PID 1 (systemd-shutdow).
[ 2143.155674] systemd-shutdown[1]: Sending SIGKILL to remaining processes…
[ 2143.168088] systemd-shutdown[1]: Unmounting file systems.
[ 2143.503252] systemd-shutdown[1]: All filesystems unmounted.
[ 2143.507173] systemd-shutdown[1]: Deactivating swaps.
[ 2143.510583] systemd-shutdown[1]: All swaps deactivated.
[ 2143.514078] systemd-shutdown[1]: Detaching loop devices.
[ 2143.521666] systemd-shutdown[1]: All loop devices detached.
[ 2143.525449] systemd-shutdown[1]: Detaching DM devices.
[ 2143.529146] systemd-shutdown[1]: All DM devices detached.
[ 2143.538088] systemd-shutdown[1]: Powering off.
[ 2143.551403] ACPI: Preparing to enter system sleep state S5
[ 2143.555394] Power down.

先设置语言，然后执行清理工作
[root@room9pc52 images]# LANG=en_US.UTF-8
[root@room9pc52 images]# virt-sysprep -d node
[ 0.0] Examining the guest …
[ 41.2] Performing “abrt-data” …
[ 41.2] Performing “backup-files” …
[ 41.8] Performing “bash-history” …
[ 41.8] Performing “blkid-tab” …
[ 41.8] Performing “crash-data” …
[ 41.8] Performing “cron-spool” …
[ 41.9] Performing “dhcp-client-state” …
[ 41.9] Performing “dhcp-server-state” …
[ 41.9] Performing “dovecot-data” …
[ 41.9] Performing “logfiles” …
[ 41.9] Performing “machine-id” …
[ 41.9] Performing “mail-spool” …
[ 41.9] Performing “net-hostname” …
[ 41.9] Performing “net-hwaddr” …
[ 41.9] Performing “pacct-log” …
[ 41.9] Performing “package-manager-cache” …
[ 41.9] Performing “pam-data” …
[ 41.9] Performing “passwd-backups” …
[ 41.9] Performing “puppet-data-log” …
[ 41.9] Performing “rh-subscription-manager” …
[ 41.9] Performing “rhn-systemid” …
[ 41.9] Performing “rpm-db” …
[ 41.9] Performing “samba-db-log” …
[ 41.9] Performing “script” …
[ 41.9] Performing “smolt-uuid” …
[ 41.9] Performing “ssh-hostkeys” …
[ 41.9] Performing “ssh-userdir” …
[ 41.9] Performing “sssd-db-log” …
[ 41.9] Performing “tmp-files” …
[ 42.0] Performing “udev-persistent-net” …
[ 42.0] Performing “utmp” …
[ 42.0] Performing “yum-uuid” …
[ 42.0] Performing “customize” …
[ 42.0] Setting a random seed
[ 42.0] Setting the machine ID in /etc/machine-id
[ 42.7] Performing “lvm-uuids” …

6 案例6：离线访问虚拟机问题
本案例要求可以离线访问虚拟机：
利用xml文件生成一个新的虚拟机
利用guestmount实现离线访问虚拟机
6.1 步骤

实现此案例需要按照如下步骤进行。
步骤一：用xml生成一个新的虚拟机

[root@room9pc01 ~]# cd /etc/libvirt/qemu/
[root@room9pc01 qemu]# cp centos7.0.xml local.xml
[root@room9pc01 qemu]# vim local.xml
<domain type=’kvm’>
<name>local</name> //修改名字
<memory unit=’KiB’>2048000</memory> //修改内存
<currentMemory unit=’KiB’>2048000</currentMemory>
…
<source file=’/var/lib/libvirt/images/local.img’/> //img文件位置
注意：除这些外还要把mac地址删掉，带address字样的全部删除
[root@room9pc01 ~]# cd /var/lib/libvirt/images/
[root@room9pc01 images]# qemu-img create –b node.qcow2 –f qcow2 local.img
[root@room9pc01 images]# virsh define /etc/libvirt/qemu/local.xml
[root@room9pc01 images]# virsh start local
[root@room9pc01 images]# virsh console local
步骤二：guestmount实现离线访问

基本用法：guestmount -a 虚拟机磁盘路径 -i /挂载点
-a：指定虚拟磁盘
-i：挂载点
[root@room9pc01 ~]# mkdir /mnt/kdisk
[root@room9pc01 ~]# guestmount -a node1.qcow2 -i /mnt/kdisk
[root@room9pc01 ~]# cd /mnt/kdisk
[root@room9pc01 kdisk]# ls
bin home media opt sbin tmp
boot lib misc proc selinux usr

代码如下
先修改好一个xml文件，命名这个虚拟机为local
[root@room9pc52 qemu]# pwd
/etc/libvirt/qemu
[root@room9pc52 qemu]# cp node.xml local.xml
[root@room9pc52 qemu]# vim local.xml
[root@room9pc52 qemu]#
[root@room9pc52 qemu]# head -30 local.xml
<!–
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit node
or other application using the libvirt API.
–>

<domain type=’kvm’>
<name>local</name>
<memory unit=’KiB’>1024000</memory>
<currentMemory unit=’KiB’>1024000</currentMemory>
<vcpu placement=’static’>1</vcpu>
<os>
<type arch=’x86_64′ machine=’pc-i440fx-rhel7.0.0′>hvm</type>
<boot dev=’hd’/>
</os>
<features>
<acpi/>
<apic/>
</features>
<cpu mode=’custom’ match=’exact’ check=’partial’>
<model fallback=’allow’>Skylake-Client-IBRS</model>
</cpu>
<clock offset=’utc’>
<timer name=’rtc’ tickpolicy=’catchup’/>
<timer name=’pit’ tickpolicy=’delay’/>
<timer name=’hpet’ present=’no’/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
[root@room9pc52 qemu]#

同时根据上创建的后端盘node.qcow2创建一个前端盘local.img
[root@room9pc52 qemu]# cd /var/lib/libvirt/images/
[root@room9pc52 images]# qemu-img create -b node.qcow2 -f qcow2 local.img
Formatting ‘local.img’, fmt=qcow2 size=17179869184 backing_file=’node.qcow2′ encryption=off cluster_size=65536 lazy_refcounts=off
[root@room9pc52 images]# qemu-img info local.img
image: local.img
file format: qcow2
virtual size: 16G (17179869184 bytes)
disk size: 196K
cluster_size: 65536
backing file: node.qcow2
Format specific information:
compat: 1.1
lazy refcounts: false

定义一下刚才创建的虚拟机local
[root@room9pc52 images]# virsh define /etc/libvirt/qemu/local.xml
Domain local defined from /etc/libvirt/qemu/local.xml

[root@room9pc52 images]# virsh start local
Domain local started

[root@room9pc52 images]# virsh console local
Connected to domain local
Escape character is ^]

CentOS Linux 7 (Core)
Kernel 3.10.0-693.el7.x86_64 on an x86_64

验证下功能，内存、YUM、IP等等
localhost login: root
Password:
[root@localhost ~]# free -m
total used free shared buff/cache available
Mem: 968 72 805 12 90 769
Swap: 0 0 0
[root@localhost ~]# yum in
info install
[root@localhost ~]# yum repolist
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
dvd | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/6): dvd/group_gz | 156 kB 00:00
(2/6): dvd/primary_db | 5.7 MB 00:00
[ 49.728625] random: crng init done ] 0.0 B/s | 5.9 MB –:– ETA
(3/6): extras/7/x86_64/primary_db | 204 kB 00:00
(4/6): base/7/x86_64/primary_db | 5.9 MB 00:01
(5/6): updates/7/x86_64/primary_db | 6.0 MB 00:15
(6/6): base/7/x86_64/group_gz | 166 kB 00:15
Determining fastest mirrors
* base: mirrors.shu.edu.cn
* extras: mirrors.163.com
* updates: mirrors.163.com
repo id repo name status
base/7/x86_64 CentOS-7 – Base 9,911
dvd dvd 9,591
extras/7/x86_64 CentOS-7 – Extras 432
updates/7/x86_64 CentOS-7 – Updates 1,543
repolist: 21,477
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.197 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5054:ff:fed8:8dfd prefixlen 64 scopeid 0x20<link>
ether 52:54:00:d8:8d:fd txqueuelen 1000 (Ethernet)
RX packets 7469 bytes 19510956 (18.6 MiB)
RX errors 0 dropped 4 overruns 0 frame 0
TX packets 5394 bytes 384858 (375.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

步骤二：guestmount实现离线访问

代码如下
先挂载并写入一个测试文件
[root@room9pc52 images]# mkdir /mnt/kdisk
[root@room9pc52 images]# guestmount -a /var/lib/libvirt/images/local.img -i /mnt/kdisk/
[root@room9pc52 images]# cd /mnt/kdisk/
[root@room9pc52 kdisk]# pwd
/mnt/kdisk
[root@room9pc52 kdisk]# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
[root@room9pc52 kdisk]# cd root/
[root@room9pc52 root]# ls
RPM-GPG-KEY-CentOS-7
[root@room9pc52 root]# echo “test” > test.txt
[root@room9pc52 root]# cat test.txt
test
写完之后，退出目录，卸载目录
[root@room9pc52 root]# cd
[root@room9pc52 ~]# pwd
/root
[root@room9pc52 ~]# umount /mnt/kdisk/

重启验证一下刚才的测试是否正常
[root@room9pc52 ~]# virsh start local
Domain local started

[root@room9pc52 ~]# virsh console local
Connected to domain local
Escape character is ^]
0xffff window]
[ 0.276599] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 0.277976] pci_bus 0000:00: root bus resource [mem 0x3e800000-0xfebfffff window]
[ 0.290031] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
[ 0.291472] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
[ 0.292864] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
[ 0.294563] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
##################################################
CentOS Linux 7 (Core)
Kernel 3.10.0-693.el7.x86_64 on an x86_64

localhost login: root
Password:
Last login: Mon Oct 15 14:05:24 on ttyS0
[root@localhost ~]# ls
RPM-GPG-KEY-CentOS-7 test.txt
[root@localhost ~]# cat test.txt
test

今天的实验到此结束

发表在 kvm, OpenStack | 标签为 kvm, openstack | 留下评论

创建ceph存储时常见问题汇总

发表于2018年10月15日由lin

背景

OS：Ubuntu 16.04
修改了osd的一些配置，修改后，需要重启osd服务才能生效。第一次重启后，配置立刻生效。再改了一些配置，重启osd服务后，配置却不再生效了。ps命令查看进程，发现osd进程都没有启动。

分析

osd进程未启动，第一直觉就是配置出错，osd进程启动后又挂掉。于是，进入/var/log/ceph目录，查看ceph-osd.0.log，发现日志末尾只有关闭进程的相关日志，并没有osd启动的信息。再查看该日志的时间，时间就是关闭服务时的时间。换句话说，第二次重启服务后，osd没有启动。既然没有启动，那就不是osd本身的问题，而是和重启服务的命令systemctl restart ceph-osd.target相关了。
先检查下osd服务的状态。

$ systemctl status ceph-osd.target

● ceph-osd.target – ceph target allowing to start/stop all [email protected] instances at once
Loaded: loaded (/lib/systemd/system/ceph-osd.target; enabled; vendor preset: enabled)
Active: inactive (dead) since Sun 2017-03-05 16:52:04 CST; 3s ago

果然，服务是inactvice的。再查看服务相关的日志：

$ journalctl -xe

Mar 05 14:21:43 node3 systemd[1]: [email protected]: Start request repeated too quickly.
Mar 05 14:21:43 node3 systemd[1]: Failed to start Ceph object storage daemon.

果然是服务启动失败，并且给出的原因是启动请求太快。这很可能和osd服务的配置有关，打开osd服务配置文件/etc/systemd/system/ceph-osd.target.wants/[email protected]，发现有服务器启动间隔的限制，并且限制时间为30分钟，难怪第一次启动服务成功，而第二次就失败了。
$ vi /etc/systemd/system/ceph-osd.target.wants/[email protected]

StartLimitInterval=30min

解决方案

注释掉服务配置文件的启动间隔限制，并且重新加载服务配置。

$ systemctl daemon-reload
再重启osd服务，并检查osd服务的状态。

$ systemctl restart ceph-osd.target
$ systemctl status ceph-osd.target
● ceph-osd.target – ceph target allowing to start/stop all [email protected] instances at once
Loaded: loaded (/lib/systemd/system/ceph-osd.target; enabled; vendor preset: enabled)
Active: active since Sun 2017-03-05 16:47:53 CST; 5s ago

Mar 05 16:47:53 node2 systemd[1]: Reached target ceph target allowing to start/stop all [email protected] instances at once.

服务状态变为active，问题解决。

发表在 ceph | 标签为 ceph | 留下评论

Fencatn

ELK_DAY02_各类插件使用

ELK_Day01_基本安装和使用

Ansible_Day02脚本（PLAYBOOK）

Ansible_Day01基本安装和使用

Docker02-Docker简单使用

Docker01-安装部署Docker

Openstack安装额外的计算节点

OpenStack一键式安装

KVM基本操作（OpenStack前期准备）

创建ceph存储时常见问题汇总

查找内容

分类

近期文章

归档

页面

点击

2025 年 5 月
一	二	三	四	五	六	日
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31