#20230403(web03, dns)

eeapbh·2023년 4월 3일

MZC

목록 보기

19/61

web03

webshare 다운받고 실행 했음

Downloads 폴더 공유 추가 해주고 환경설정

web03 :80 은 쓰고있으니까 firewall 들가서 webshare 8080으로 바꿔줌

NGW

ssh 폴더에 id_rsa, id_rsa.pub 업로드 함

ssh-copy-id -i .ssh/id_rsa root@10.18.0.100
ssh-copy-id -i .ssh/id_rsa bong@10.18.0.101 # 우분투는 다름

# web03 윈도우는 키로 안들가고 원격접속으로 들어갔음
chmod 400 .ssh/id_rsa
yum install -y bash-completion
yum install -y httpd

포트 열려있는거 확인

ss -ant

web02

sudo su -root
sudo su - root
exit

sudo apt update
sudo apt install -y nginx

nginx 깔면 포트가 자동으로 열림??

web01

firewall-cmd --permanent --add-service=http
firewall-cmd --reload
firewall-cmd --list-all

http 서비스 추가 된거 확인가능

vi /var/www/html/index.html

# :43 가서 web01로 바꿔줌

세팅을 다했는데 외부에서 안들어가진다? -> 방화벽 확인하자

web02

nginx 의 index.html파일은 어디에 있을까? -> find 명령어 ㄱ

sudo find / -name index.html
sudo cat /var/www/html/index.nginx-debian.html

wget http://10.18.0.102:8080/Downloads/aws.tar

sudo tar xvf aws.tar -C /var/www/html/index.nginx-debian.html

이거하면 이제 10.18.0.101로 접속하면 css 적용해진걸로 들어가짐

sudo vi /var/www/html/index.html

# :43 가서 web02로 바꿔줌

web01

yum install -y samba
mkdir -p /var/samba/share
chmod 777 /var/samba/share
adduser kosa
passwd kosa
smbpasswd -a kosa

vi /etc/samba/smb.conf
# [print$] 스크립트 밑에다가 추가
[share]
        comment = Share Directory
        path = /var/samba/share
        browserable = yes
        writable = yes
        valid users = kosa
        create mask = 0777
        directory mask = 0777


systemctl enable --now smb nmb
systemctl restart smb nmb
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload
firewall-cmd --list-all

web03

검색 -> \10.18.0.100 접속 -> kosa/kosa

samba 폴더에 aws.tar를 복사해본다. 그리고 web01에 가서 확인해보자

web01

ls /var/samba/share

aws.tar 공유된거 확인가능

web02

sudo apt install smbclient -y
smbclient //10.18.0.100/share -U kosa

exit로 나오고

이제 nfs ㄱㄱㄱ

sudo apt update
sudo apt install nfs-common nfs-kernel-server portmap -y
sudo mkdir /share && cd $_
sudo touch test.txt

sudo vi /etc/exports
/share 10.18.0.0/24(rw,sync)

$ sudo chmod 707 /share
systemctl restart nfs-server
exportfs -v

web01

rpm -qa | grep nfs-utils
yum install -y nfs-utils
showmount -e 10.18.0.101
mkdir share
mount -t nfs 10.18.0.101:/share share
df -h
vi /etc/fstab
10.18.0.101:/share /root/share nfs defaults 0 0

https://continuetochallenge.tistory.com/135

web03

-> nfs-client 설치 완료

this pc -> computer -> 네트워크 드라이브

win10(강의실 로컬컴터)

제어판 -> 프로그램 및 기능 -> windows 기능 켜기/끄기
nfs 싹다 선택

ESXI

NGW

ssh-copy-id -i .ssh/id_rsa root@10.18.0.103

ns (NGW탭하나 복제)

ssh -i .ssh/id_rsa root@10.18.0.103
hostnamectl set-hostname ns
yum install -y bash-completion

yum -y install bind bind-chroot bind-utils

vi /etc/named.conf

options {
        listen-on port 53 { 127.0.0.1; 192.168.0/21; 10.18.0/24; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        recursing-file  "/var/named/data/named.recursing";
        secroots-file   "/var/named/data/named.secroots";
        allow-query     { localhost; 192.168.0/21; 10.18.0/24; };
        forwarders { 8.8.8.8; 8.8.4.4; };

        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view "internal" {
        zone "." IN {
                type hint;
                file "named.ca";
        };

        include "/etc/named.rfc1912.zones";
        include "/var/named/bonghyeon.shop.zones"; # 호스팅 영역 생성
};

vi /var/named/bonghyeon.shop.zones

zone "bonghyeon.shop" IN {
        type master;
        file "bonghyeon.shop.db";
        allow-update { none; };
};

zone "0.18.10.in-addr.arpa" IN {
        type master;
        file "0.18.10.in-addr.arpa.db";
        allow-update { none; };
};

vi /var/named/bonghyeon.shop.db


$TTL    86400
@       IN      SOA     bonghyeon.shop.   root.bonghyeon.shop.(
                        2022041401 ; Serial
                        3h         ; Refresh
                        1h         ; Retry
                        1w         ; Expire
                        1h )       ; Minimum

        IN      NS      ns.bonghyeon.shop.
        IN      MX 10   ns.bonghyeon.shop.
ns      IN      A       10.18.0.103
web01   IN      A       10.18.0.100
web02   IN      A       10.18.0.101
web03	IN		A		10.18.0.102

vi /var/named/0.18.10.in-addr.arpa.db

$TTL	86400
@	IN	SOA	bonghyeon.shop.	root.bonghyeon.shop.(
			2022041401 ; Serial
			3h         ; Refresh
			1h         ; Retry
			1w         ; Expire
                        1h )       ; Minimum

	IN	NS	ns.bonghyeon.shop.
103	IN	PTR	ns.bonghyeon.shop.
100	IN	PTR	web01.bonghyeon.shop.
101	IN	PTR	web02.bonghyeon.shop.
102	IN	PTR	web03.bonghyeon.shop

systemctl enable --now named
firewall-cmd --permanent --add-service=dns
firewall-cmd --reload

NGW

ngw는 수동으로 해줘야한다.

vi /etc/dhcp/dhcpd.conf

option domain-name-servers 10.18.0.103,  8.8.8.8, 8.8.4.4; # ns ip 맨앞에 추가

systemctl restart dhcpd

vi /etc/sysconfig/network-scripts/ifcfg-ens192
DNS1=10.18.0.103 # 추가해줌

systemctl restart network
systemctl restart NetworkManager

ping 확인, DNS 확인

web01, ns

systemctl restart NetworkManager
cat /etc/resolv.conf

-> DNS 확인

web02

우분투는 다름

sudo systemctl restart networking
cat /etc/resolv.conf

web03

powershell 키고

ipconfig /renew
ipconfig /all

크롬 켜서 도메인네임으로 다 들어가보고 잘뜨는지 확인한다

ns

간단한 mariadb 설치 방법

yum install -y mariadb-server
systemctl enable --now mariadb
mysql_secure_installation

systemctl restart mariadb
mysql -u root -p
CREATE USER 'kosa'@'%' IDENTIFIED BY 'kosa0220'; # % :로컬뿐만아니라 리모트에서도 db에 접속할수있게
CREATE DATABASE IF NOT EXISTS wordpress;
GRANT ALL PRIVILEGES ON wordpress.* TO 'kosa'@'%';
quit

firewall-cmd --permanent --add-service=mysql
firewall-cmd --reload

web01

비번 kosa0220

yum install -y mysql
mysql -h ns.bonghyeon.shop -u kosa -p

web02

ubuntu는 명령어가 다르다

sudo apt update
sudo apt install -y mysql-client
mysql -h ns.bonghyeon.shop -u kosa -p

HAproxy

NGW

yum install -y haproxy

vi /etc/haproxy/haproxy.cfg

global
    daemon

defaults
    mode               http

frontend  http-in
    bind *:80
    acl firefox hdr_sub(User-Agent) Firefox
    acl chrome hdr_sub(User-Agent) Chrome
    default_backend    backend_servers
    use_backend bk_firefox if firefox
    use_backend bk_trident if Chrome

backend backend_servers
    balance            roundrobin
#    cookie  SVID insert indirect nocache maxlife 10s
    server             web01 10.18.0.100:80 cookie w1 check
    server             web02 10.18.0.101:80 cookie w2 check
    server             web03 10.18.0.103:80 cookie w3 check

backend bk_firefox
    server             web01 web01.bonghyeon.shop:80
backend bk_chrome
    server             web02 web02.bonghyeon.shop:80

eeapbh

이전 포스트

#20230331(ESXi NGW, WEB01, WEB02)

다음 포스트

#20230403(web03, dns)

MZC

web03

NGW

포트 열려있는거 확인

web02

web01

web02

web01

web03

web01

web02

web01

web03

win10(강의실 로컬컴터)

ESXI

NGW

ns (NGW탭하나 복제)

NGW

web01, ns

web02

web03

ns

web01

web02

HAproxy

NGW

#20230331(ESXi NGW, WEB01, WEB02)

#20230404(Haproxy, Openstack)

0개의 댓글