Mohan WebSite

2012 SERVER (64)
2016 windows (9)
AIX (13)
Amazon (40)
Ansibile (19)
Apache (135)
Asterisk (2)
cassandra (2)
Centos (230)
- ftp (5)
- IPTABLES (15)
- SFTP (1)
- swap (3)
Centos RHEL 7 (270)
centos8 (3)
chef (3)
cloud (2)
cluster (3)
Coherence (1)
DB2 (5)
DISK (25)
DNS (9)
Docker (31)
Eassy (11)
ELKS (1)
EXCHANGE (3)
Fedora (6)
GIT (3)
GOD (2)
Grub (1)
Hacking (10)
Hadoop (6)
health (2)
horoscope (23)
Hyper-V (10)
IIS (15)
JAVA (7)
JBOSS (32)
jenkins (1)
Kubernetes (9)
Ldap (5)
Linux (189)
Linux Commands (166)
Load balancer (5)
mariadb (14)
Mongodb (4)
MQ Server (24)
MYSQL (84)
Nagios (5)
NaturalOil (13)
Nginx (36)
Ngix (1)
openldap (1)
Openstack (6)
Oracle (35)
Perl (3)
Postfix (19)
Postgresql (1)
PowerShell (2)
Python (3)
qmail (36)
Redis (12)
RHCE (28)
SCALEIO (1)
Security on Centos (29)
Shell (64)
Solaris (58)
Sql Server 2012 (4)
squid (3)
SSH (10)
SSL (14)
Storage (1)
TIPS on Linux (28)
tomcat (62)
Ubuntu (1)
Uncategorized (30)
Veritas (2)
vfabric (1)
VMware (28)
Weblogic (38)
Websphere (71)
Windows (19)
Windows Software (2)
wordpress (1)
ZIMBRA (17)

Apache Cassandra Centos 7

Apache Cassandra is a NoSQL database intended for storing large amounts of data in a decentralized, highly available cluster.
Cassandra or Apache Cassandra is a distributed database system which manages large amounts of structured data across different commodity servers by providing highly available service with no point of failure.
NoSQL refers to a database with a data model other than the tabular relations used in relational databases such as MySQL, PostgreSQL, and Microsoft SQL.
The Apache Cassandra database is the right choice when you need scalability and high availability without compromising performance.

Cassandra is one the popular and robust distributed database management system. It is known for providing high availability with no single point of failure.
It has one of the awesome feature that is asynchronous replication between multiple nodes without requiring master nodes.
Cassandra is a reliable, clusterable, highly-scalable database capable of handling large quantities of data on commodity hardware.
If you have big data needs, and are looking for a proven open source solution that has received battle testing from many large companies, then Cassandra may be exactly what you’re looking for.

If you have a CentOS 7 server, this guide will get you up and running with a single Cassandra node.
It will use pre-packaged Cassandra distributions built for CentOS, making installation and upgrades a snap.
You can then build it out by performing additional installations on other servers, then clustering the resulting instances for higher scalability and reliability.

This article will guide you on how to install Apache Cassandra on CentOS 7 Server.

CentOS 7 Cassandra systemd service file

# /usr/lib/systemd/system/cassandra.service

[Unit]
Description=Cassandra
After=network.target

[Service]
PIDFile=/var/run/cassandra/cassandra.pid
User=cassandra
Group=cassandra
ExecStart=/usr/sbin/cassandra -f -p /var/run/cassandra/cassandra.pid
StandardOutput=journal
StandardError=journal
LimitNOFILE=100000
LimitMEMLOCK=infinity
LimitNPROC=32768
LimitAS=infinity
Restart=always

[Install]
WantedBy=multi-user.target

How To Install Cassandra on CentOS 7

Step 1: Install Java

First, you’ll follow a simple best practice: ensuring the list of available packages is up to date before installing anything new.

yum -y update

At this point, installing lsyncd is as simple as running just one command:

yum -y install java

tar -zxvf jdk-8u121-linux-x64.tar.gz

mv jdk-8u121-linux-x64.tar.gz /root/software/

vi /etc/profile.d/java.sh
# Uncomment the following line to set the JAVA_HOME variable a
#JAVA_HOME=/usr/lib/jvm/jre
export JAVA_HOME=/usr/java/jdk1.8.0_121
export JRE_HOME=/usr/java/jdk1.8.0_121/jre
export PATH=$PATH:/usr/java/jdk1.8.0_121/bin
export CLASSPATH=./:/usr/java/jdk1.8.0_121/lib:/usr/java/jdk1.8.0_121/jre/lib

source /etc/profile.d/java.sh
export
alternatives –config java
alternatives –install /usr/bin/java java /usr/java/jdk1.8.0_121/bin/java 5
alternatives –config java

Step #2: Add the DataStax Community Repository

vim /etc/yum.repos.d/datastax.repo

Add the following information to the file you’ve created, using i to insert:

[datastax]
name = DataStax Repo for Apache Cassandra
baseurl = http://rpm.datastax.com/community
enabled = 1
gpgcheck = 0

Step #3: Install Apache Cassandra 2

At this point, installing Cassandra is as simple as running just one command:

yum -y install dsc20

Step #4: Get Cassandra Running

Start-Up Cassandra

systemctl start cassandra

Check Cassandra Service Status

systemctl status cassandra

Enable Cassandra to Start at Boot

systemctl enable cassandra

Enter the Cassandra Command Line

cqlsh

With Cassandra installed, we must now start the daemon via systemd.
/etc/init.d/cassandra start

The systemd unit is now created. Use “systemctl start cassandra” to launch the new unit.

systemctl enable cassandra.service

While the database should be running, it is not yet configured to launch on boot. Let’s tell systemd that Cassandra should automatically launch whenever your system boots.

[root@cassandra ~] systemctl status cassandra

cassandra.service – SYSV: Starts and stops Cassandra
Loaded: loaded (/etc/rc.d/init.d/cassandra)
Active: active (exited) since Thu 2016-09-15 04:36:47 UTC; 14s ago
Docs: man:systemd-sysv-generator(8)
Process: 9413 ExecStart=/etc/rc.d/init.d/cassandra start (code=exited, status=0/SUCCESS)

Let’s ensure that Cassandra is running using this command.

[root@cassandra ~] cqlsh

Connected to Test Cluster at localhost:9160.
[cqlsh 4.1.1 | Cassandra 2.0.17 | CQL spec 3.1.1 | Thrift protocol 19.39.0]
Use HELP for help.
cqlsh>

assandra ships with a powerful command line utility, cqlsh. Launch it to perform various vital tasks with your database.

[root@rmohan.com ~] nodetool status

Datacenter: rmohan
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
— Address Load Tokens Owns (effective) Host ID Rack
UN 127.0.0.1 46.21 KB 256 100.0% 7dd2b7d9-404e-4a77-a36d-cc8f55168c0d rack1
[root@rmohan.com ~]#

Restart Cassandra

systemctl restart cassandra

Oracle ASM 12c on Linux

How to setup Oracle ASM 12c on Linux
Software used:-
1.VMWARE 10
2.Redhat enterprise linux 6.5(64 bit)
3.Oracle database 12C (64 bit)
4.Oracle Grid infrastructure 12c(64 bit)

What to Setup:-

1. Setup oracle grid infrastructure for standalone server “ASM”
2. Setup oracle Database

Update /etc/sysctl.conf
[root@server1]# vi /etc/sysctl.conf
Scroll to the bottom and add the following:

fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500
:wq

Run the following command to change the current kernel parameters.
/sbin/sysctl -p

Update /etc/security/limits.conf
[root@server1]# vi /etc/security/limits.conf
Scroll to the bottom and above the “# End of file” line, add:

oracle   soft   nofile    1024
oracle   hard   nofile    65536
oracle   soft   nproc    16384
oracle   hard   nproc    16384
oracle   soft   stack    10240
oracle   hard   stack    32768

:wq

Amend the “/etc/security/limits.d/90-nproc.conf” file as described below.
# Change this
* soft nproc 1024

# To this
* – soft nproc 16384

**IMPORTANT: Make sure selinux is disabled.

Packages required for oracle database installation:-

[root@server1] yum -y install binutils-2.17.50.0.6
[root@server1] yum -y install compat-libstdc++-33-3.2.3 (*)
[root@server1] yum -y install elfutils-libelf-0.125
[root@server1] yum -y install elfutils-libelf-devel-0.125 (*)
[root@server1] yum -y install gcc-4.1.2
[root@server1] yum -y install gcc-c++-4.1.2 (*)
[root@server1] yum -y install glibc-2.5-24
[root@server1] yum -y install glibc-common-2.5
[root@server1] yum -y install glibc-devel-2.5
[root@server1] yum -y install glibc-headers-2.5
[root@server1] yum -y install ksh-20060214 (*)
[root@server1] yum -y install libaio-0.3.106
[root@server1] yum -y install libaio-devel-0.3.106
[root@server1] yum -y install libgcc-4.1.2
[root@server1] yum -y install libgomp-4.1.2
[root@server1] yum -y install libstdc++-4.1.2
[root@server1] yum -y install libstdc++-devel-4.1.2
[root@server1] yum -y install make-3.81
[root@server1] yum -y install numactl-devel-0.9.8.i386 (*)
[root@server1] yum -y install sysstat-7.0.2 (*)

Check the kernel version:-
[root@server1 var]# uname -r
2.6.32-358.el6.x86_64

Now we would require to install the rpm’s required for asm installation
these are the packages required for asm.

–oracleasm
–oracleasm-support
–oracleasmlib
the last 2 packages can be found from the following link
http://www.oracle.com/technetwork/server-storage/linux/asmlib/rhel6-1940776.html

oracle kmod-oracleasm rpm download link for el6
http://public-yum.oracle.com/repo/OracleLinux/OL6/latest/x86_64/getPackage/kmod-oracleasm-2.0.6.rh1-2.el6.x86_64.rpm

[root@server3 ~]# rpm -Uvh oracleasm-support-2.1.8-1.el6.x86_64.rpm
[root@server3 ~]# rpm -Uvh kmod-oracleasm-2.0.6.rh1-2.el6.x86_64.rpm
[root@server3 ~]# rpm -Uvh oracleasmlib-2.0.4-1.el6.x86_64.rpm

Create groups:-
[root@server3 tmp]# groupadd -g 1000 oinstall
[root@server3 tmp]# groupadd -g 1200 dba
[root@server3 tmp]# useradd -g oinstall -G dba -d /home/oracle oracle

Create directory structures:-
[root@server3 u01]# mkdir -p /u01/app/oracle/product/12.1.0/grid
[root@server3 u01]# mkdir -p /u01/app/oracle/product/12.1.0/db_1

Assigning proper permission:-
[root@server3 u01]# chown -Rf oracle:oinstall /u01/
[root@server3 u01]# chmod -Rf 775 /u01/

Set up the oracle user environment
For oracle user:-
[root@server1 var]# su – oracle

[oracle@server1]#vi .bash_profile
#export PATH
# Oracle Settings
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
ORACLE_HOSTNAME=server3.soumya.com; export ORACLE_HOSTNAME
ORACLE_UNQNAME=orcl; export ORACLE_UNQNAME
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
GRID_HOME=/u01/app/oracle/product/12.1.0/grid; export GRID_HOME
DB_HOME=$ORACLE_BASE/product/12.1.0/db_1; export DB_HOME
ORACLE_HOME=$DB_HOME; export ORACLE_HOME
ORACLE_SID=orcl; export ORACLE_SID
ORACLE_TERM=xterm; export ORACLE_TERM
BASE_PATH=/usr/sbin:$PATH; export BASE_PATH
PATH=$ORACLE_HOME/bin:$BASE_PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib;
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATHH
if [ $USER = “oracle” ]; then
if [ $SHELL = “/bin/ksh” ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi

alias grid_env=’. /home/oracle/grid_env’
alias db_env=’. /home/oracle/db_env’

:wq(save & exit)

[oracle@server1 ~]$ . .bash_profile

Create a file called “/home/oracle/db_env” with the following contents :-

[oracle@server1 ~]$vi /home/oracle/db_env

ORACLE_SID=orcl; export ORACLE_SID
ORACLE_HOME=$DB_HOME; export ORACLE_HOME
PATH=$ORACLE_HOME/bin:$BASE_PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH

:wq(save & exit)

Create a file called “/home/oracle/grid_env” with the following contents:-

[oracle@server1 ~]$vi /home/oracle/gid_env
ORACLE_SID=+ASM; export ORACLE_SID
ORACLE_HOME=$GRID_HOME; export ORACLE_HOME
PATH=$ORACLE_HOME/bin:$BASE_PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH

:wq(save & exit)

[oracle@server1 ~]$ chmod 775 /home/oracle/db_env
[oracle@server1 ~]$ chmod 775 /home/oracle/grid_env

Now you will be able to switch environments between oracle and asm instance as follows.
[oracle@server3 ~]$ db_env
[oracle@server3 ~]$ echo $ORACLE_SID
orcl
[oracle@server3 ~]$ echo $ORACLE_HOME
/u01/app/oracle/product/12.1.0/db_1
[oracle@server3 ~]$ grid_env
[oracle@server3 ~]$ echo $ORACLE_HOME
/u01/app/oracle/product/12.1.0/grid
[oracle@server3 ~]$ echo $ORACLE_SID
+ASM

Now we will add 3 disks using vmware.
So open vmware workstation and go to settings and add hard disk from there,add 3 different disks size of atleast 10GB each.

[root@server1]# echo “- – -“> /sys/class/scsi_host/host0/scan

******
P.S. if the above command doesnt show the newly added disk try this
[root@server1]#grep mpt /sys/class/scsi_host/host?/proc_name
/sys/class/scsi_host/host2/proc_name:mptspi

then run this
[root@server1]# echo “- – -“> /sys/class/scsi_host/host2/scan
******

using the above command we can avoid rebooting the machine to mount the hard disks.

[root@server1 ~]# fdisk /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0xa4bd7fb9.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won’t be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-261, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-261, default 261):
Using default value 261

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

[root@server1 ~]# fdisk /dev/sdc
[root@server1 ~]# fdisk /dev/sdd

[root@server1 dev]# fdisk -l
Disk /dev/sda: 64.4 GB, 64424509440 bytes
255 heads, 63 sectors/track, 7832 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x0006f980

Device Boot      Start         End      Blocks   Id System
/dev/sda1               1        5737    46080000   83 Linux
/dev/sda2   *        5737        6885     9216000   83 Linux
/dev/sda3            6885        7458     4608000   83 Linux
/dev/sda4            7458        7833     3009536    5 Extended
/dev/sda5            7459        7731     2188288   82 Linux swap / Solaris
/dev/sda6            7731        7833      818176   83 Linux

Disk /dev/sdb: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x44ac96a0

Device Boot Start End Blocks Id System
/dev/sdb1 1 261 2096451 83 Linux

Disk /dev/sdc: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x004b1011

Device Boot Start End Blocks Id System
/dev/sdc1 1 261 2096451 83 Linux

Disk /dev/sdd: 2147 MB, 2147483648 bytes
255 heads, 63 sectors/track, 261 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xf5898159

Device Boot Start End Blocks Id System
/dev/sdd1 1 261 2096451 83 Linux

Give proper ownership and permissions to the new partition:-
chown -Rf oracle:oinstall /dev/sdb1
chown -Rf oracle:oinstall /dev/sdc1
chown -Rf oracle:oinstall /dev/sdd1

chmod -Rf 664 /dev/sdb1
chmod -Rf 664 /dev/sdc1
chmod -Rf 664 /dev/sdd1

Now configure ASM and create ASM disks:-

[root@server1 ~]# /etc/init.d/oracleasm configure
Configuring the Oracle ASM library driver.

This will configure the on-boot properties of the Oracle ASM library
driver. The following questions will determine whether the driver is
loaded on boot and what permissions it will have. The current values
will be shown in brackets (‘[]’). Hitting <ENTER> without typing an
answer will keep that current value. Ctrl-C will abort.

Default user to own the driver interface []: oracle
Default group to own the driver interface []: oinstall
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: y
Writing Oracle ASM library driver configuration: done
Initializing the Oracle ASMLib driver: [ OK ]
Scanning the system for Oracle ASMLib disks: [ OK ]

To create ASM disks:-
[root@server1 ~]#/etc/init.d/oracleasm createdisk VOL1 /dev/sdb1
[root@server1 ~]#/etc/init.d/oracleasm createdisk VOL2 /dev/sdc1
[root@server1 ~]#/etc/init.d/oracleasm createdisk VOL3 /dev/sdd1

Now we will install grid infrastructure software.
Give proper permission to the software folder.

[root@server1 ] chown -Rf oracle:oinstall /u01/linuxamd64_12102_grid_1of2.zip
root@server1 ] chown -Rf oracle:oinstall /u01/linuxamd64_12102_grid_2of2.zip

[root@server1 u01]# unzip linuxamd64_12102_grid_1of2.zip
[root@server1 u01]# unzip linuxamd64_12102_grid_2of2.zip
[root@server1 u01]#su – oracle
[oracle@server1 u01]$ cd grid/
[oracle@server1 grid]$ sh runInstaller

Select “install and configure grid infrastructure for a standalone server” -> Next -> select 3 Disks from candidate disk option rest option will be unchanged ->
select “use same password for these accounts ” and provide password -> specify os groups OSDBA-oinstall,
OSOPER-oinstall, OSASM-oinstall -> Select Install location “oracle base- /u01/app/oracle ” , “software location- /u01/app/oracle/product/12.1.0/grid” -> Next and
start the installation.> execute “/u01/app/oracle/product/12.1.0/grid/root.sh” script from root user from another terminal.

I got this error while installing grid infrastructure.To fix this steps are below:-
**INFO: Read: ORA-00845: MEMORY_TARGET not supported on this system

To increase the size
# mount -o remount,size=3G /dev/shm
Verify the size
# df -h
To make permanent changes to your file system update your fstab
# vi /etc/fstab
tmpfs /dev/shm tmpfs defaults,size=3G 0 0

[root@server1 u01]#

[grid@server3 app]$ sqlplus / as sysasm
SQL> select instance_name from v$instance;

INSTANCE_NAME
—————-
+ASM

Now we will setup oracle database .

[oracle@server1 u01]$ cd /u01/database/
[oracle@server3 u01]$ sh runInstaller

select “Create & configure a database” -> Server Class -> Single instance database installation -> Advanced Installa -> Next ->Enterprise edition ->
Select “oracle base- /u01/app/oracle ” , “software location- /u01/app/oracle/product/12.1.0/db_1” -> select “general purpose” -> Global database
name- orcl , SID name – orcl -> Next -> select ” Oracle automatic storage management”-> Next ->Next ->Next-> select ” use same password for all accounts”->
Next -> Next -> Install

Done!!!…

grubby fatal error: unable to find a suitable template

grubby fatal error: unable to find a suitable template

Updating   : selinux-policy-3.7.19-292.el6_8.3.noarch                                                                                                             8/28
Updating   : selinux-policy-targeted-3.7.19-292.el6_8.3.noarch                                                                                                    9/28
Installing : kernel-2.6.32-642.15.1.el6.x86_64                                                                                                                   10/28
grubby fatal error: unable to find a suitable template
Updating   : ntp-4.2.6p5-10.el6.centos.2.x86_64                                                                                                                  11/28
Updating   : libtiff-3.9.4-21.el6_8.x86_64                                                                                                                       12/28
Updating   : kernel-headers-2.6.32-642.15.1.el6.x86_64                                                                                                           13/28
Updating   : tzdata-2017a-1.el6.noarch                                                                                                                           14/28
Cleanup    : kernel-2.6.32-573.26.1.el6.x86_64                                                                                                                   15/28
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/weak-updates failed: No such file or directory
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/modules.order failed: No such file or directory
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/modules.networking failed: No such file or directory
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/modules.modesetting failed: No such file or directory
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/modules.drm failed: No such file or directory
warning:    erase unlink of /lib/modules/2.6.32-573.26.1.el6.x86_64/modules.block failed: No such file or directory
Cleanup    : selinux-policy-targeted-3.7.19-292.el6_8.2.noarch

mv /boot/grub/grub.conf /boot/grub/bk_grub.conf
yum -y update && yum -y reinstall kernel

add in grub.conf 


title CentOS (2.6.32-431.el6.x86_64)
        root (hd0,0)
        kernel /boot/vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=c5f51db1-bfef-4480-868f-dc6049906512 rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /boot/initramfs-2.6.32-431.el6.x86_64.img
        
        
        
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-642.15.1.el6.x86_64)
        root (hd0,0)
        kernel /boot/vmlinuz-2.6.32-642.15.1.el6.x86_64 ro root=UUID=c5f51db1-bfef-4480-868f-dc6049906512 rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-642.15.1.el6.x86_64.img
title CentOS (2.6.32-573.3.1.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-573.3.1.el6.x86_64 ro root=/dev/mapper/vg_db2-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vg_db2/lv_swap rd_NO_MD rd_LVM_LV=vg_db2/lv_root SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-573.3.1.el6.x86_64.img
title CentOS (2.6.32-431.el6.x86_64)
        root (hd0,0)
        kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/vg_db2-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vg_db2/lv_swap rd_NO_MD rd_LVM_LV=vg_db2/lv_root SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
        initrd /initramfs-2.6.32-431.el6.x86_64.img


or

It is absolutely impossible to regenerate a grub.conf from scratch with any of the tools delivered by CentOS. My solution:

boot your system via Install-Disk or by grub command line prompt
create an empty new /boot/grub/grub.conf
add the next code snippet to your grub.conf

default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32-279.22.1.el6.x86_64)
  root (hd0,0)
  kernel /vmlinuz-2.6.32-279.22.1.el6.x86_64 ro root=/dev/sda3
  initrd /initramfs-2.6.32-279.22.1.el6.x86_64.img

N O T E:
I have a separated /boot partition on my systems. In standard configuration delivered by CentOS /boot and / will be on the same partition. In this case, the path to kernel and initrd will start with /boot/vmlinuz... and /boot/initramfs... . The root partition mostly will be root=/dev/sda1.

Try to boot your system with your manually built grub.conf. If anything works fine you can add new boot entries by CentOS’ tool grubby. For example:

root@host:~ $ grubby --add-kernel="/boot/vmlinuz-2.6.32-279.22.1.el6.x86_64"\
--initrd="/boot/initramfs-2.6.32-279.22.1.el6.x86_64.img"\
--title="CentOS (2.6.32-279.22.1.el6.x86_64)" --copy-default --make-default

The tool grubby will replace the /dev/sda? device file with the UUID string of the partition.
You can use the next line to generate an entry for each kernel image in /boot/:

for kernel in /boot/vmlinuz-*; do \
version=`echo $kernel | awk -F'vmlinuz-' '{print $NF}'`; \
grubby --add-kernel="/boot/vmlinuz-${version}" \
--initrd="/boot/initramfs-${version}.img" \
--title="CentOS (${version})" \
--copy-default --make-default; \
done

You should check the /etc/grub.conf for duplicate entries or maybe you will resort the boot order. Reboot your system to check if anything works fine again.


Issue

    When I install a kernel from RHN, I am getting the error: grubby fatal error: unable to find a suitable template

Raw

    [root@rhel5 ~]# rpm -vhi kernel-2.6.18-274.el5.x86_64.rpm 
    Preparing...                ########################################### [100%]
       1:kernel                 ########################################### [100%]
    grubby fatal error: unable to find a suitable template 

Resolution

    Several things can cause this error: One is when /boot is not currently mounted. Remounting /boot can properly install the kernel.

Raw

        [root@rhel5 ~]# rpm -e kernel-2.6.18-274.el5

If the above command fails because of installed dependencies, use it in the following form:
Raw

        [root@rhel5 ~]# rpm -e --nodeps kernel-2.6.18-274.el5

Afterwards, ensure /boot is mounted and proceed to reinstall the kernel:
Raw

        [root@rhel5 ~]# mount /boot
        [root@rhel5 ~]# rpm -ivh kernel-2.6.18-274.el5.x86_64.rpm 
        Preparing...                ########################################### [100%]
           1:kernel                 ########################################### [100%]
        [root@rhel5 ~]# 

If you don't have the RPM available, you can always use yum:
Raw

        [root@rhel5 ~]# yum install kernel

    This error can also happen when there are multiple filesystems with same label for the root device, and the root device is specified with LABEL= in grub.conf. In that case, change the label into an unique one, or use the device name or UUID= to specify the root device in grub.conf. To change the label on /dev/sdb2 to /root-1 for example:

Raw

# e2label /dev/sdb2 /root-1

    Another cause for this error can be a bad path to the initrd in grub.conf.

    If root device in your kernel line is invalid will also cause this message. To resolve this you can edit /boot/grub/grub.conf, changing the root entry in the most recent kernel entry to point to the correct root device.

Diagnostic Steps

    To check if you have multiple filesystems with the same label run the following command (uuid's simplified for clarity):

Raw

# blkid
$ cat sos_commands/filesys/blkid 
/dev/sda1: LABEL="/boot" UUID="aaaaa" TYPE="ext3" SEC_TYPE="ext2" 
/dev/sdb1: LABEL="/boot" UUID="aaaaa" TYPE="ext3" SEC_TYPE="ext2" 
/dev/sda2: LABEL="/" UUID="bbbbb" SEC_TYPE="ext2" TYPE="ext3" 
/dev/sdb2: LABEL="/" UUID="bbbbb" SEC_TYPE="ext2" TYPE="ext3" 

We can see above that there are 2 disks with the same label. Check to see if they have the same wwwid (these commands are for RHEL5. For RHEL6 you need to use scsi_id --whitelisted /dev/sd* instead.
Raw

# scsi_id -gus /block/sda
3600001234567
# scsi_id -gus /block/sdb
HITATCHI-abc123

The above clearly shows that they are different disks (i.e. not a multiple path to the same device).

DOCKER Testing

Obtaining the Docker image

First, get the basic Docker image. The Docker image is published on the Docker Hub Registry (https://hub.docker.com/).
You can search for published images with the docker search command. An example of searching the image of CentOS is here.

# docker search centos

INDEX       NAME                                      DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
docker.io   docker.io/centos                          The official build of CentOS.                   1842      [OK]
docker.io   docker.io/ansible/centos7-ansible         Ansible on Centos7                              63                   [OK]
docker.io   docker.io/jdeathe/centos-ssh              CentOS-6 6.7 x86_64 / EPEL/IUS Repos / Ope…   14                   [OK]
docker.io   docker.io/jdeathe/centos-ssh-apache-php   CentOS-6 6.7 x86_64 / Apache / PHP / PHP M…   11                   [OK]
docker.io   docker.io/million12/centos-supervisor     Base CentOS-7 with supervisord launcher, h…   9                    [OK]
docker.io   docker.io/blalor/centos                   Bare-bones base CentOS 6.5 image                8                    [OK]
docker.io   docker.io/nimmis/java-centos              This is docker images of CentOS 7 with dif…   7                    [OK]
docker.io   docker.io/torusware/speedus-centos        Always updated official CentOS docker imag…   7                    [OK]
docker.io   docker.io/consol/centos-xfce-vnc          Centos container with “headless” VNC sessi…   5                    [OK]
docker.io   docker.io/jdeathe/centos-ssh-mysql        CentOS-6 6.7 x86_64 / MySQL.                    4                    [OK]
docker.io   docker.io/nathonfowlie/centos-jre         Latest CentOS image with the JRE pre-insta…   3                    [OK]
docker.io   docker.io/centos/mariadb55-centos7                                                        2                    [OK]
docker.io   docker.io/nickistre/centos-lamp           LAMP on centos setup                            2                    [OK]
docker.io   docker.io/feduxorg/centos-postgresql      Centos Image with postgres                      1                    [OK]
docker.io   docker.io/layerworx/centos                CentOS container with etcd, etcdctl, confd…   1                    [OK]
docker.io   docker.io/lighthopper/orientdb-centos     A Dockerfile for creating an OrientDB imag…   1                    [OK]
docker.io   docker.io/nathonfowlie/centos-jira        JIRA running on the latest version of CentOS    1                    [OK]
docker.io   docker.io/softvisio/centos                Centos                                          1                    [OK]
docker.io   docker.io/yajo/centos-epel                CentOS with EPEL and fully updated              1                    [OK]
docker.io   docker.io/blacklabelops/centos            Blacklabelops Centos 7 base image without …   0                    [OK]
docker.io   docker.io/januswel/centos                 yum update-ed CentOS image                      0                    [OK]
docker.io   docker.io/jsmigel/centos-epel             Docker base image of CentOS w/ EPEL installed   0                    [OK]
docker.io   docker.io/lighthopper/openjdk-centos      A Dockerfile for creating an OpenJDK image…   0                    [OK]
docker.io   docker.io/pdericson/centos                Docker image for CentOS                         0                    [OK]
docker.io   docker.io/timhughes/centos                Centos with systemd installed and running       0                    [OK]

Various images are released to various people. What is displayed as “OK” in the OFFICIAL column is the official image of CentOS. Several applications that have been installed in advance have been released.
To download the Docker image, use the docker pull command. An example of execution when downloading the image of CentOS 7 is here.

# docker pull centos

Using default tag: latest
Trying to pull repository docker.io/library/centos … latest: Pulling from library/centos
47d44cb6f252: Pull complete
838c1c5c4f83: Pull complete
5764f0a31317: Pull complete
60e65a8e4030: Pull complete
library/centos:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:8072bc7c66c3d5b633c3fddfc2bf12d5b4c2623f7004d9eed6aae70e0e99fbd7
Status: Downloaded newer image for docker.io/centos:latest

As in this example, several images are downloaded in batches. You can check downloaded images as follows.

# docker images

REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
?docker.io/centos latest 60e65a8e4030 3 weeks ago 196.6 MB
?

The Docker image is specified by separating the repository and the tag with “:”. For example, the image of CentOS 7 in ? is used under the name docker.io / centos: latest.
Create Container

Invoking a container refers to starting a process on this image. Docker expands the specified image and uses it as a container file system set.
To create a container, use the docker run command. We use it in the following

docker run [<options>] <image> <command> [<arg>]

Specify the image to be used with the command to move on the image and its argument with and.

Here is the command to create a container named “centos7” that starts bash with the image docker.io /centos:latest.

# docker run -it –name centos7 docker.io/centos:latest /bin/bash

[root@b18de31e55ec /]#ls
anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var

In this example, docker run is appended with “-it” as an option. This is a designation of assigning TTY (terminal · console) in interactive mode.
You can execute the ls command etc. in the started container. Of course you can also use vi etc. to modify the file.
The container will only run while the started /bin/bash process is running. That is, the container stops when you exit this shell.

· Container stop

[root@b18de31e55ec /]# exit

If you want to return the operation to the original shell without stopping the container, you can exit the container’s TTY with Ctrl-P + Ctrl-q.
Reconnect to container

# docker attach centos7

[root@b18de31e55ec /]#

[root@b18de31e55ec /]# ls
anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var

To connect to a running container, execute the docker attach command with the container name as follows.

Confirming Container in Operation

To check the active container, use the docker ps command.

# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b18de31e55ec docker.io/centos:latest “/bin/bash” 9 minutes ago Up 9 minutes centos7

# docker ps -a
8cc776959b0f docker.io/centos:latest “/bin/bash” 5 seconds ago Exited (0) 1 seconds ago centos7a
b18de31e55ec docker.io/centos:latest “/bin/bash” 14 minutes ago Up 14 minutes centos7

Confirm container information

If you want to know the detailed state of the container of Docker, use docker inspect.
You can check the process specified when starting Docker, the resources allocated to the container, and so on.

# docker inspect centos7
[
{
“Id”: “b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a”,
“Created”: “2016-01-19T11:17:47.272087891Z”,
“Path”: “/bin/bash”,
“Args”: [],
“State”: {
“Running”: true,
“Paused”: false,
“Restarting”: false,
“OOMKilled”: false,
“Dead”: false,
“Pid”: 2563,
“ExitCode”: 0,
“Error”: “”,
“StartedAt”: “2016-01-19T11:17:47.685386072Z”,
“FinishedAt”: “0001-01-01T00:00:00Z”
},
“Image”: “60e65a8e4030022260a4f84166814b2683e1cdfc9725a9c262e90ba9c5ae2332”,
“NetworkSettings”: {
“Bridge”: “”,
“EndpointID”: “4aeb09fdcce86c3d8c76115f222657844dc4fa7ca0d56d8b997e6d1708d42717”,
“Gateway”: “172.17.42.1”,
“GlobalIPv6Address”: “”,
“GlobalIPv6PrefixLen”: 0,
“HairpinMode”: false,
“IPAddress”: “172.17.0.1”,
“IPPrefixLen”: 16,
“IPv6Gateway”: “”,
“LinkLocalIPv6Address”: “”,
“LinkLocalIPv6PrefixLen”: 0,
“MacAddress”: “02:42:ac:11:00:01”,
“NetworkID”: “b1d897f4c186fdaffcebd0ed10a57721ed871efad61bba223f74d362ddd47b31”,
“PortMapping”: null,
“Ports”: {},
“SandboxKey”: “/var/run/docker/netns/b18de31e55ec”,
“SecondaryIPAddresses”: null,
“SecondaryIPv6Addresses”: null
},
“ResolvConfPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/resolv.conf”,
“HostnamePath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/hostname”,
“HostsPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/hosts”,
“LogPath”: “/var/lib/docker/containers/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a/b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a-json.log”,
“Name”: “/centos7”,
“RestartCount”: 0,
“Driver”: “devicemapper”,
“ExecDriver”: “native-0.2”,
“MountLabel”: “”,
“ProcessLabel”: “”,
“AppArmorProfile”: “”,
“ExecIDs”: null,
“HostConfig”: {
“Binds”: null,
“ContainerIDFile”: “”,
“LxcConf”: [],
“Memory”: 0,
“MemorySwap”: 0,
“CpuShares”: 0,
“CpuPeriod”: 0,
“CpusetCpus”: “”,
“CpusetMems”: “”,
“CpuQuota”: 0,
“BlkioWeight”: 0,
“OomKillDisable”: false,
“MemorySwappiness”: -1,
“Privileged”: false,
“PortBindings”: {},
“Links”: null,
“PublishAllPorts”: false,
“Dns”: null,
“DnsSearch”: null,
“ExtraHosts”: null,
“VolumesFrom”: null,
“Devices”: [],
“NetworkMode”: “default”,
“IpcMode”: “”,
“PidMode”: “”,
“UTSMode”: “”,
“CapAdd”: null,
“CapDrop”: null,
“GroupAdd”: null,
“RestartPolicy”: {
“Name”: “no”,
“MaximumRetryCount”: 0
},
“SecurityOpt”: null,
“ReadonlyRootfs”: false,
“Ulimits”: null,
“LogConfig”: {
“Type”: “json-file”,
“Config”: {}
},
“CgroupParent”: “”,
“ConsoleSize”: [
0,
0
]
},
“GraphDriver”: {
“Name”: “devicemapper”,
“Data”: {
“DeviceId”: “7”,
“DeviceName”: “docker-253:1-67259332-b18de31e55ec5c02721193fab1d815f9b5fd3d32eebad4b86330b792a5ce2c0a”,
“DeviceSize”: “107374182400”
}
},
“Mounts”: [],
“Config”: {
“Hostname”: “b18de31e55ec”,
“Domainname”: “”,
“User”: “”,
“AttachStdin”: true,
“AttachStdout”: true,
“AttachStderr”: true,
“ExposedPorts”: null,
“PublishService”: “”,
“Tty”: true,
“OpenStdin”: true,
“StdinOnce”: true,
“Env”: null,
“Cmd”: [
“/bin/bash”
],
“Image”: “docker.io/centos:latest”,
“Volumes”: null,
“VolumeDriver”: “”,
“WorkingDir”: “”,
“Entrypoint”: null,
“NetworkDisabled”: false,
“MacAddress”: “”,
“OnBuild”: null,
“Labels”: {}
}
}
]

Container stopped

You can also stop running containers from the host side. Execute the following docker stop command with the container name specified.

# docker stop centos7
centos7

When this process is executed, TERM signal and KILL signal are sent to the container process. In other words, it will kill the container process.
Launch container

You can also move the suspended container again. Execute the docker start command with the container name as follows.

docker start centos7

centos7

Restart container

To restart a running container, use the docker restart command. When this command is executed, the process of the container is forcibly terminated and restarted.

# docker restart centos7
centos7

Container commit

Even if you edit a file in a container, deleting all the containers will delete the changes. However, you can store the state of the container as a new image.
Storage is done with the docker commit.
Docker commit saves the container in the specified local repository. Tags can also be specified. In addition, you can attach a creator with the -a option and a message with the -m option.
Here is an example of storing a container called centos7 in a repository named localrepo.

# docker commit -a Mohan Ramadoss -m “CentOS 7 test image” centos7 localrepo:test
32f79088593dc06e79c3fed9e0732ec7a35f179034e6faf3f4b11db906fee925

# docker images localrepo
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
localrepo test 32f79088593d 15 seconds ago 196.6 MB

Delete Container

To delete the container you created, use docker rm.
If you delete a container, all the files created inside the container will be destroyed, so you need to save it as a new image with docker commit beforehand if storage is necessary.

# docker rm -f centos7
centos7

docker rm -f cents7

Containerization of application environment and disclosure of services

Docker can manage images with a much smaller size than virtual machines such as KVM. Therefore, you can save the execution environment of the application, applications and contents together as a Docker image, and can also perform version management and so on.
We will explain containerization of the application environment and disclosure of the service using an example of building a WWW server and contents environment on the Docker container.

In addition, we will create it in the following procedure.
(1) Create a container to be the source of the WWW server
(2) Set up the WWW server
(3) Placing WWW contents
(4) Save the image (Containerized)
(5) Create a new container with the saved image and check the operation
(6) Publication of container service

In future examples of execution there are things to run on containers and things to run on hosts. Because it is confusing, specify what you should run on the host side (on the host) and what you should do on the container are (on the container).

(1) Create a container to be the source of the WWW server

First, create a container that will be the source of the WWW server. Launch / bin / bash using the official image of centos7. At this time, share the volume to pass the WWW contents from the host. Share the directory containing the WWW contents (/ home / admin / html in this case)

# docker run -it –name webserver-devel –volume=/home/admin/html:/mnt centos:7 /bin/bash

Unable to find image ‘centos:7’ locally
Trying to pull repository docker.io/library/centos … 7: Pulling from library/centos
f5079557f135: Pull complete
42c2aa730369: Pull complete
0e0217391d41: Pull complete
47d44cb6f252: Already exists
library/centos:7: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:8dcd2ec6183f3f4a94d4f9552ce76091624760edefcaa39a9e04441f9e2ad9f6
Status: Downloaded newer image for docker.io/centos:7

Explanation about mounting the host volume

We are mounting the host’s volume (/home/admin/html) to /mnt of the container using the -volume option. Mounting the host volume can be used for the following applications.

Passing files from the host to the container
Sharing files among containers
Storing Container Data

Files created with containers are deleted when the container is deleted, but if you change the file in the mounted area, it will be reflected on the host side as it is.

(2) Set up the WWW server

Install the WWW server in the created container.

[root@168f748a722c /]# yum install httpd
Loaded plugins: fastestmirror, ovl
base                                                                                                               | 3.6 kB 00:00:00
extras                                                                                                             | 3.4 kB 00:00:00
updates                                                                                                            | 3.4 kB 00:00:00
(1/4): base/7/x86_64/group_gz                                                                                      | 155 kB 00:00:00
(2/4): extras/7/x86_64/primary_db                                                                                  | 101 kB 00:00:00
(3/4): base/7/x86_64/primary_db                                                                                    | 5.3 MB 00:00:00
(4/4): updates/7/x86_64/primary_db                                                                                 | 3.1 MB 00:00:06
Determining fastest mirrors
* base: ftp.iij.ad.jp
* extras: ftp.iij.ad.jp
* updates: ftp.iij.ad.jp
Resolving Dependencies
–> Running transaction check
—> Package httpd.x86_64 0:2.4.6-40.el7.centos will be installed
–> Processing Dependency: httpd-tools = 2.4.6-40.el7.centos for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.x86_64
–> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.x86_64
–> Running transaction check
—> Package apr.x86_64 0:1.4.8-3.el7 will be installed
—> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
—> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
—> Package httpd-tools.x86_64 0:2.4.6-40.el7.centos will be installed
—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================================
Package                           Arch                        Version                                    Repository                 Size
==========================================================================================================================================
Installing:
httpd                             x86_64                      2.4.6-40.el7.centos                        base                      2.7 M
Installing for dependencies:
apr                               x86_64                      1.4.8-3.el7                                base                      103 k
apr-util                          x86_64                      1.5.2-6.el7                                base                       92 k
centos-logos                      noarch                      70.0.6-3.el7.centos                        base                       21 M
httpd-tools                       x86_64                      2.4.6-40.el7.centos                        base                       82 k
mailcap                           noarch                      2.1.41-2.el7                               base                       31 k

Total download size: 24 M
Installed size: 31 M
Is this ok [y/d/N]: y
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
(1/6): apr-util-1.5.2-6.el7.x86_64.rpm                                                                             | 92 kB 00:00:00
(2/6): apr-1.4.8-3.el7.x86_64.rpm                                                                                  | 103 kB 00:00:00
(3/6): httpd-2.4.6-40.el7.centos.x86_64.rpm                                                                        | 2.7 MB 00:00:00
(4/6): httpd-tools-2.4.6-40.el7.centos.x86_64.rpm                                                                  | 82 kB 00:00:00
(5/6): mailcap-2.1.41-2.el7.noarch.rpm                                                                             | 31 kB 00:00:00
(6/6): centos-logos-70.0.6-3.el7.centos.noarch.rpm                                                                 | 21 MB 00:00:02
——————————————————————————————————————————————
Total                                                                                                     7.7 MB/s | 24 MB 00:00:03
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid     : “CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>”
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@CentOS)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64                                                                                                 1/6
Installing : apr-util-1.5.2-6.el7.x86_64                                                                                            2/6
Installing : httpd-tools-2.4.6-40.el7.centos.x86_64                                                                                 3/6
Installing : centos-logos-70.0.6-3.el7.centos.noarch                                                                                4/6
Installing : mailcap-2.1.41-2.el7.noarch                                                                                            5/6
Installing : httpd-2.4.6-40.el7.centos.x86_64                                                                                       6/6
Verifying : httpd-2.4.6-40.el7.centos.x86_64                                                                                       1/6
Verifying : httpd-tools-2.4.6-40.el7.centos.x86_64                                                                                 2/6
Verifying : apr-1.4.8-3.el7.x86_64                                                                                                 3/6
Verifying : mailcap-2.1.41-2.el7.noarch                                                                                            4/6
Verifying : apr-util-1.5.2-6.el7.x86_64                                                                                            5/6
Verifying : centos-logos-70.0.6-3.el7.centos.noarch                                                                                6/6

Installed:
httpd.x86_64 0:2.4.6-40.el7.centos

Dependency Installed:
apr.x86_64 0:1.4.8-3.el7 apr-util.x86_64 0:1.5.2-6.el7 centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-40.el7.centos mailcap.noarch 0:2.1.41-2.el7

Complete!

[root@168f748a722c /]# cp -a /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf_org
[root@168f748a722c /]# vi /etc/httpd/conf/httpd.conf

3) Placing WWW contents

Place the WWW contents in the Docker container. Copy the file from the host volume mounted at / mnt. However, it is impossible to access the file with the limitation of SELinux under normal conditions.
(This can also be said to prevent containers from adversely affecting hosts). Therefore, we first change the content text temporarily on the host side.

# chcon -R system_u:object_r:docker_var_lib_t:s0 /home/admin/html

# vi /home/admin/html/index.html
test

Copy it to the appropriate directory in the Docker container.

[root@168f748a722c]# cp -rp /mnt/* /var/www/html/

restorecon -R /home/admin/html

(4) Save the image (Containerized)

When the setting of the WWW server is finished and the contents are placed, the container is stopped and docker commit is executed on the host side to save the image of the container.

[root@168f748a722c]# exit

# docker commit -a Mohan -m “CentOS 7 webserver” webserver-devel localrepo:webserver-1
3e8ac2d724a929d2696a796ac6a9a06e90cfe847bc106f93c11ff6bfa874fc52

# docker rm webserver-devel
webserver-devel

(5) Create a new container with the saved image and check the operation.

Using the saved image, create a container for the WWW server for operation check.
In this container, start up the WWW server (/usr/sbin/httpd).

# docker rm webserver-devel
webserver-devel

# docker run -d –name webserver –expose=80 localrepo:webserver-1 /usr/sbin/httpd -D FOREGROUND
09a84be4de6be2a33831a338ebd780cf1c582be3c999aa8b1ee8ea928da31665

The WWW server should now be running on the container. In this state, access the 80 port of the container from the host and check the operation.

· IP address survey
The IP address assigned to the container can be checked with docker inspect.

# docker inspect webserver | grep -i addres

“IPAddress”: “172.17.0.4”,

# ping 172.17.0.4
PING 172.17.0.4 (172.17.0.4) 56(84) bytes of data.
64 bytes from 172.17.0.4: icmp_seq=1 ttl=64 time=0.098 ms
64 bytes from 172.17.0.4: icmp_seq=2 ttl=64 time=0.196 ms
^C
— 172.17.0.4 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.098/0.147/0.196/0.049 ms

# nmap 172.17.0.4
Starting Nmap 6.40 ( http://nmap.org ) at 2016-02-23 10:31 JST
Nmap scan report for 172.17.0.4
Host is up (0.0000090s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
80/tcp open http

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

(6) Publication of container service

If there is no problem by checking the operation, you can publish the container service to the outside. We will terminate the container once and delete it.

# docker rm -f webserver
webserver

Next, create a container of an official WWW server. At this time, connect the port of the host and the port of the container with -publish.
By doing this, you can connect to the WWW server of the container from the outside through host port 80.

# docker run -d –name webserver –expose=80 –publish 80:80 localrepo:webserver-1 /usr/sbin/httpd -D FOREGROUND
9daf1f23ca7cf7c2fcbf9c571f7b714f7e1b3b29948dc16cb5983823a5c5f19c

Summary

What did you think?

If you actually start using Docker, you can think of it as a test environment. It is to make the best use of Docker’s taste while suppressing risk. It is possible to easily return to the original environment by first constructing the setting necessary for testing and saving it as a Docker image.

And as a next step, we recommend using Docker for development environment. As errors do not occur depending on the environment, for example, if an external company is added to the development team, as long as the development environment can be distributed as a state (container) that can be distributed, the time to get development to start It should be saved.

As a final step, it may be possible to use WEB service etc. as the actual environment introduced this time. You can take advantage of the light operation, you can restore every environment when you need it again by imaging the container and saving it when the publication period is over.

Given these advantages, it should be worth considering the introduction of Docker, so I’d appreciate it if you touch Docker with reference to this article.

Well then.
It will be successful if the contents are displayed by accessing with the browser. (192.168.0.3 is the IP address of the host OS.)

Docker Centos 7

nginx?HTTPS

vim /etc/default/docker

OPTIONS=”–insecure-registry 192.168.1.9:5000″

docker-images 10.0.0.5 docker
10.0.0.6 docker

[root@docker-images ~]# cat /etc/RedHat-release
CentOS Linux release 7.2.1511 (Core)
[root@docker-images ~]# uname -r
3.10.0-327.el7.x86_64
[root@docker-images ~]# uname -m
x86_64
[root@docker-images ~]# uname -a
Linux docker-images 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@docker-images ~]#

1?selinux

[root@docker-images ~]# systemctl stop firewalld
[root@docker-images ~]# systemctl disable firewalld
[root@docker-images ~]# setenforce 0
[root@docker-images ~]# getenforce
Permissive
[root@docker-images ~]#

2?docker

yum install docker
[root@docker-images ~]# systemctl enable docker
[root@docker-images ~]# systemctl start docker

3?registry

[root@docker-images ~]# docker pull registry
[root@docker-images ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/registry latest 047218491f8c 10 days ago 33.17 MB
[root@docker-images ~]#

4?Based on private warehouse mirroring to run containers

[root@docker-images ~]# docker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry docker.io/registry
# The default repository is created in / tmp / registry and the repository location is specified with the -v parameter
1e8b1a03013ee66034b40aee1820000a2ccf026a3b1e43606f3e4007b2a9d455
[root@docker-images ~]#
[root@docker-images ~]# docker ps #View the running container
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e8b1a03013e docker.io/registry “/entrypoint.sh /etc/” 35 seconds ago Up 32 seconds 0.0.0.0:5000->5000/tcp goofy_mcnulty
[root@docker-images ~]#

5?access to private warehouses

[root@docker-images ~]# curl 127.0.0.1:5000/v2
<a href=”/v2/”>Moved Permanently</a>.
[root@docker-images ~]#
# Description registry deployment is successful

6?Mark the base image as a mirror

[root@docker-images ~]# docker search docker.io/Fedora/ssh|grep docker.io/fedora/ssh
docker.io docker.io/fedora/ssh                                                                        20                  [OK]
[root@docker-images ~]# docker pull docker.io/fedora/ssh    #Download the image
[root@docker-images ~]# docker images
REPOSITORY            TAG                IMAGE ID            CREATED            SIZE
docker.io/registry    latest              047218491f8c        10 days ago        33.17 MB
docker.io/fedora/ssh latest              ad6a3ff29626        4 weeks ago        396.7 MB
[root@docker-images ~]# docker tag docker.io/fedora/ssh 127.0.0.1:5000/ssh    #Tagged
[root@docker-images ~]# docker images
REPOSITORY            TAG                IMAGE ID            CREATED            SIZE
docker.io/registry    latest              047218491f8c        10 days ago        33.17 MB
127.0.0.1:5000/ssh    latest              ad6a3ff29626        4 weeks ago        396.7 MB
docker.io/fedora/ssh latest              ad6a3ff29626        4 weeks ago        396.7 MB
[root@docker-images ~]#
[root@docker-images ~]# vim /etc/sysconfig/docker
OPTIONS=”–selinux-enabled –insecure-registry 10.0.0.5:5000″    #Customize the private warehouse URL
[root@docker-images ~]# systemctl restart docker

7???????????

[root@docker-images ~]# docker start 1e8 #Open the local library
1e8
[root@docker-images ~]# docker ps
CONTAINER ID        IMAGE                COMMAND                  CREATED            STATUS              PORTS                    NAMES
1e8b1a03013e        docker.io/registry “/entrypoint.sh /etc/” 4 hours ago        Up 3 seconds        0.0.0.0:5000->5000/tcp goofy_mcnulty
[root@docker-images ~]#
[root@docker-images ~]# docker push 127.0.0.1:5000/ssh    #Upload a library with a good label
The push refers to a repository [127.0.0.1:5000/ssh]
482d621bda33: Pushed
510f15c27a8b: Pushed
e4f86288aaf7: Pushed
latest: digest: sha256:5ad5aec14bb7aa63fdcea1772db6ab5b5de99b0a023d234e61f5aa8c9435e8ff size: 948
[root@docker-images ~]#

8, view has been uploaded a good mirror

[root@docker-images ~]# curl 10.0.0.5:5000/v2/_catalog
{“repositories”:[“ssh”]}
[root@docker-images ~]#

?????????????

http://10.0.0.5:5000/v2/_catalog

9?View the image that has been uploaded in the browser

[root@centos7 ~]# vim /etc/sysconfig/docker #Add private warehouse address
OPTIONS=”–selinux-enabled –insecure-registry 10.0.0.5:5000″

[root@centos7 ~]# systemctl restart docker
[root@centos7 ~]# docker pull 10.0.0.5:5000/ssh

You can see that you can download the mirror to prove that the private warehouse to create a success

[root@centos7 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.0.0.5:5000/ssh latest ad6a3ff29626 4 weeks ago 396.7 MB
[root@centos7 ~]#

Then run a centos7 container through your own private library

1?From another database to send a centos image pushed to the private library server

[root@docker-images ~]# ls
anaconda-ks.cfg centos.tar
[root@docker-images ~]# docker load < centos.tar    # Import the image into the docker
34e7b85d83e4: Loading layer [==================================================>] 199.9 MB/199.9 MB
Loaded image: docker.io/centos:latest                                          ] 557.1 kB/199.9 MB
[root@docker-images ~]# docker images
REPOSITORY            TAG                IMAGE ID            CREATED            SIZE
docker.io/registry    latest              047218491f8c        10 days ago        33.17 MB
127.0.0.1:5000/ssh    latest              ad6a3ff29626        4 weeks ago        396.7 MB
docker.io/fedora/ssh latest              ad6a3ff29626        4 weeks ago        396.7 MB
docker.io/centos      latest              67591570dd29        12 weeks ago        191.8 MB
[root@docker-images ~]#

2?Once again marked with their own label

[root@docker-images ~]# docker tag docker.io/centos:latest 10.0.0.5:5000/lcentos
# In order to distinguish the front, I will centos do other markup
[root@docker-images ~]# docker images
REPOSITORY              TAG                IMAGE ID            CREATED            SIZE
docker.io/registry      latest              047218491f8c        10 days ago        33.17 MB
127.0.0.1:5000/ssh      latest              ad6a3ff29626        4 weeks ago        396.7 MB
docker.io/fedora/ssh    latest              ad6a3ff29626        4 weeks ago        396.7 MB
docker.io/centos        latest              67591570dd29        12 weeks ago        191.8 MB
10.0.0.5:5000/lcentos latest              67591570dd29        12 weeks ago        191.8 MB
[root@docker-images ~]#

3?Upload a good mirror to your own private library

[root@docker-images ~]# docker push 10.0.0.5:5000/lcentos

4?View the uploaded image

[root@docker-images ~]# curl http://10.0.0.5:5000/v2/_catalog
{“repositories”:[“lcentos”,”ssh”]}
[root@docker-images ~]#

Browser view

5?Once again to prepare the environment for the test machine above pull

[root@centos7 ~]# docker pull 10.0.0.5:5000/lcentos
[root@centos7 ~]# docker images
REPOSITORY              TAG                IMAGE ID            CREATED            SIZE
10.0.0.5:5000/ssh      latest              ad6a3ff29626        4 weeks ago        396.7 MB
10.0.0.5:5000/lcentos latest              67591570dd29        12 weeks ago        191.8 MB
[root@centos7 ~]#

6?Create and run a container

[root@centos7 ~]# docker run -d -it –privileged=false -p 80:80 –name abccentos 10.0.0.5:5000/lcentos /bin/bash
15b9f42b3d63846085664139bff0c041f614bc2b717787686d23785d98b37160
[root@centos7 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
15b9f42b3d63 10.0.0.5:5000/lcentos “/bin/bash” 16 seconds ago Up 13 seconds 0.0.0.0:80->80/tcp abccentos
[root@centos7 ~]#

7?Into the container view, you can see the version of centos and other information

[root@centos7 ~]# docker attach 15b9f42b3d63
[root@15b9f42b3d63 /]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@15b9f42b3d63 /]# uname -r
3.10.0-327.el7.x86_64
[root@15b9f42b3d63 /]# uname -a
Linux 15b9f42b3d63 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@15b9f42b3d63 /]#

sshd debug

1. To run sshd in debug mode as a one time instance without affecting other users:

    # /usr/sbin/sshd -ddd -D -p (port) 2>&1 | awk '{ print strftime("%T: "), $0; fflush(); }' | tee sshd.log

2. On the client end run add -p (port) to the ssh command line

    # ssh -p (port)

1. Open the `/etc/ssh/sshd_config` file in a text editor

    # vim /etc/ssh/sshd_config

2. Add the following line and save the file

    LogLevel DEBUG3

3. Restart SSHD

    # service sshd restar

Disable Password Authentication for SSH

How to Disable Password Authentication for SSH

Once you have SSH Keys configured, you can add some extra security to your server by disabling password authentication for SSH. (Note that if you do lose your private key, this will make the server inaccessible and you will need to contact HostGator to have this re-enabled.)

To disable this setting, you can do the following:

nano /etc/ssh/sshd_config

In this file, set the following settings to the following values. If these settings are already in the file, set them to “no” rather than add new lines.

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Once this is done, restart the SSH daemon to apply the settings.

/etc/init.d/sshd restart

active directory ssh authentication

Here is my configs and setups: /etc/nsswitch.conf

passwd:     compat winbind

shadow:     compat winbind

group:      compat winbind


#hosts:     db files nisplus nis dns

hosts:      files dns

bootparams: nisplus [NOTFOUND=return] files

ethers:     files

netmasks:   files

networks:   files

protocols:  files

rpc:        files

services:   files

netgroup:   files

publickey:  nisplus

automount:  files

aliases:    files nisplus

/etc/pam.d/system-auth (generated via the “setup” ncurses wizard)

#%PAM-1.0

# This file is auto-generated.

# User changes will be destroyed the next time authconfig is run.

auth        required      pam_env.so

auth        sufficient    pam_unix.so nullok try_first_pass

auth        requisite     pam_succeed_if.so uid >= 500 quiet

auth        sufficient    pam_krb5.so use_first_pass

auth        sufficient    pam_winbind.so use_first_pass

auth        required      pam_deny.so


account     required      pam_unix.so broken_shadow

account     sufficient    pam_succeed_if.so uid < 500 quiet

account     [default=bad success=ok user_unknown=ignore] pam_krb5.so

account     [default=bad success=ok user_unknown=ignore] pam_winbind.so

account     required      pam_permit.so


password    requisite     pam_cracklib.so try_first_pass retry=3

password    sufficient    pam_unix.so md5 shadow nullok try_first_pass use_authtok

password    sufficient    pam_krb5.so use_authtok

password    sufficient    pam_winbind.so use_authtok

password    required      pam_deny.so


session     optional      pam_keyinit.so revoke

session     required      pam_limits.so

session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid

session     required      pam_unix.so

session     optional      pam_krb5.so

/etc/ssh/sshd_config

Protocol 2

SyslogFacility AUTHPRIV

PasswordAuthentication yes


# Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

ChallengeResponseAuthentication no


# Kerberos options

KerberosAuthentication yes

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

#KerberosGetAFSToken no


# GSSAPI options

#GSSAPIAuthentication no

GSSAPIAuthentication yes

#GSSAPICleanupCredentials yes

GSSAPICleanupCredentials yes


UsePAM yes


# Accept locale-related environment variables

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES

AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT

AcceptEnv LC_IDENTIFICATION LC_ALL

X11Forwarding yes


Subsystem       sftp    /usr/libexec/openssh/sftp-server

tomcat 32 bit Could not reserve enough space for 1048576KB object heap

Commons Daemon procrun stdout initialized

Error occurred during initialization of VM

Could not reserve enough space for 1048576KB object heap

Here is how to fix it: Go to Start->Control Panel->System->Advanced(tab)->Environment Variables->System

Variables->New:
Variable name: _JAVA_OPTIONS
Variable value: -Xmx512M

Variable name: Path
Variable value: ;C:\Program Files\Java\jre6\bin;F:\JDK\bin;

Change this to your appropriate path.

How to use inotify-tools to trigger scripts on filesystem events

my last example of Bash if statements we created a backup script which would run “rsync” as per the time set in a cron.

But wouldn’t it be nice if we could run our “rsync” script only if there was a change to the files in our directory instead of running a cron every hour despite no change? With inotify-tools you can do just that.

What is inotify-tools?
Inotify tools are a set of command line programs based on inotify a Linux kernel (2.6.13 or later) feature which can be used to monitor filesystem events.

Installing inotify-tools

Software versions :

inotify-tools.x86_64 3.14-1.el6
CentOS 6.5
Linux kernel 2.6.32-042stab085.20

#Add the epel repo
[db1@rmohan.com ~]$ rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
#Install inotify-tools
[db1@rmohan.com ~]$ yum install inotify-tools

Inotify-tools has two commands

Inotifywait
This command simply blocks for inotify events, making it appropriate for use in shell scripts. It can watch any set of files and directories, and can recursively watch entire directory trees.

inotifywatch
inotifywatch collects filesystem usage statistics and outputs counts of each inotify event.

We will use inotifywait, since we do not need statistics.

inotifywait syntax

inotifywait filename

inotifywait example

[db1@rmohan.com ~]$ inotifywait /tmp
Setting up watches.
Watches established.
/tmp/ MODIFY test

As you can see in the above example an event (in this case a “modify action” was performed on a file named “test” inside /tmp) triggered the output.

Now “inotifywait” by default checks for all events including if a file was opened but not written to, Since we only want “rsync” to trigger on change events like when a file is modified, we will need to specify the “-e” flag along with the list of events we want to be notified about.

[db1@rmohan.com ~]$ inotifywait -m -r -e \ modify,attrib,close_write,move,create,delete /tmp
Setting up watches. Beware: since -r was given, this may take a while!
Watches established.
/tmp/ MODIFY a
/tmp/ CLOSE_WRITE,CLOSE a

The -m flag is for continuous monitoring as by default inotifywait will exit on the first event and -r means recursively or check through sub-directories as well.

List of inotifywait events
access
A watched file or a file within a watched directory was read from.
modify
A watched file or a file within a watched directory was written to.
attrib
The metadata of a watched file or a file within a watched directory was modified. This includes timestamps, file permissions, extended attributes etc.
close_write
A watched file or a file within a watched directory was closed, after being opened in writeable mode. This does not necessarily imply the file was written to.
close_nowrite
A watched file or a file within a watched directory was closed, after being opened in read-only mode.
close
A watched file or a file within a watched directory was closed, regardless of how it was opened. Note that this is actually implemented simply by listening for both close_write and close_nowrite, hence all close events received will be output as one of these, not CLOSE.
open
A watched file or a file within a watched directory was opened.
moved_to
A file or directory was moved into a watched directory. This event occurs even if the file is simply moved from and to the same directory.
moved_from
A file or directory was moved from a watched directory. This event occurs even if the file is simply moved from and to the same directory.
move
A file or directory was moved from or to a watched directory. Note that this is actually implemented simply by listening for both moved_to and moved_from, hence all close events received will be output as one or both of these, not MOVE.
move_self
A watched file or directory was moved. After this event, the file or directory is no longer being watched.
create
A file or directory was created within a watched directory.
delete
A file or directory within a watched directory was deleted.
delete_self
A watched file or directory was deleted. After this event the file or directory is no longer being watched. Note that this event can occur even if it is not explicitly being listened for.
unmount
The filesystem on which a watched file or directory resides was unmounted. After this event the file or directory is no longer being watched. Note that this event can occur even if it is not explicitly being listened to.

Now let’s use inotifywait with our script.

[db1@rmohan.com~]$ vim inotify-example
while true #run indefinitely
do
inotifywait -r -e modify,attrib,close_write,move,create,delete /dir && /bin/bash backup-script
done

Since we want to continuously monitor changes, we use an infinite while loop and the Logic “&&” operator will ensure that our backup script is only triggered on a successful completion of the inotifywait event

[db2@rmohan.com]$bash inotify-example
+ true
+ inotifywait -r -e modify,attrib,close_write,move,create,delete /
Setting up watches. Beware: since -r was given, this may take a while!
Watches established.
/dir DELETE a
+ /bin/bash backup-script
+ rsync -avz -e “ssh ” /path/to/yourfile user@backupserver.com:/backup/ 2> \ /tmp/error.txt
+ mail -s “backup complete” user@youremail.com
+ echo “backup for $(date) “
+ true
+ inotifywait -r -e modify,attrib,close_write,move,create,delete /dir
Setting up watches. Beware: since -r was given, this may take a while!

About rsync + inotify-tools real-time synchronization mode
Introduce the synchronization mode

On the left is the original, the general rsync cs architecture (client & server) synchronization mode, the data source server to install rsync server, unified control by the server can transfer the contents of the data, such as permissions, directories, the number of files, Is rsync client, that is, it seems that the data from the source server to the backup server.
On the right is coupled with the inotify-tools synchronization mode, in the data source server to install rsync client, the backup source server to install rsync server, but also by the unified control of the transmission of data content, but here is the data source server as client side , Because the initiation of the transmission is rsync client, so it seems to be the data from the source server to the backup server.
From the logical cs architecture c and s into the opposite position, but the transmission mode is still from s to c.
The data source server ip is tentatively scheduled as 192.168.1.112 and the data backup server ip is tentatively designated as 192.168.1.111
I need to do the synchronization directory is /app/www/uploads, both the source server and the backup server, and the same path,
the same permissions (permissions consistent is very important, because the synchronization data related to permissions,
and because I am not using root To synchronize, so to ensure that the transfer of both sides of the authority is writable or readable Caixing)
The operating system is centos 6.8 x64

Loaded plugins: security
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package inotify-tools.i686 0:3.14-1.el6 will be installed
—> Package rsync.i686 0:3.0.6-9.el6_4.1 will be updated
—> Package rsync.i686 0:3.0.6-12.el6 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================================================================================================
Package Arch Version RepositorySize
=============================================================================================================================================================================================================================================
Installing:
inotify-tools i686 3.14-1.el6epel 45 k
Updating:
rsync i686 3.0.6-12.el6 base 329 k

Transaction Summary
=============================================================================================================================================================================================================================================
Install 1 Package(s)
Upgrade 1 Package(s)

Total download size: 375 k
Downloading Packages:
(1/2): inotify-tools-3.14-1.el6.i686.rpm | 45 kB 00:00
(2/2): rsync-3.0.6-12.el6.i686.rpm| 329 kB 00:00
———————————————————————————————————————————————————————————————————————————————
Total509 kB/s | 375 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : rsync-3.0.6-12.el6.i686 1/3
Installing : inotify-tools-3.14-1.el6.i686 2/3
Cleanup: rsync-3.0.6-9.el6_4.1.i6863/3
Verifying : inotify-tools-3.14-1.el6.i686 1/3
Verifying : rsync-3.0.6-12.el6.i686 2/3
Verifying : rsync-3.0.6-9.el6_4.1.i6863/3

Installed:
inotify-tools.i686 0:3.14-1.el6

Updated:
rsync.i686 0:3.0.6-12.el6

Complete!

mkdir /app/rsync

vi /app/rsync/rsync_do.sh

#!/bin/bash

src=’/app/www/Uploads/’
passwordfile=’/app/rsync/rsync.passwd’
user=’www’
host=’192.168.1.111′
rsync_module=’uploads’

/usr/bin/inotifywait -mrq –timefmt ‘%d/%m/%y %H:%M’ –format ‘%T %w %f’ -e modify,delete,create,attrib ${src} | while read DATE TIME DIR file
do
/usr/bin/rsync -vzrtopg –delete –progress ${src} ${user}@${host}::${rsync_module} –password-file=${passwordfile}

echo “${file} was rsynced at ${DATE}_${TIME} in ${DIR}” >> /var/log/rsync.log 2>&1
done

1.inotifywait is the initify command tool

2.rsync src directory need to pay attention, the source directory is the same as rsync, for the folder is to distinguish between / and no /

3. Need to pay attention to rsync synchronization module name to match

4.inotifywait command can listen to the operation, the output information, and is always output, so with the read together, the output of the inotifywait through the capture of the variables forced to record the synchronization log output to /var/log/rsync.log

5. – delete parameters need attention, this will delete the source directory does not have anything, so in the absence of a good test and test before the script can not temporarily add this parameter

6. rsync in the script parsed out is /usr/bin/rsync -vzrtopg –delete –progress /app/www/uploads/ www@$192.168.1.111 :: uploads –password-file = /app/rsync/rsync.passwd, synchronous directory is /app/www/uploads/, use www this user to synchronize, the target server is 192.168.1.111, rsync module is uploads, so that the source server / app / www / uploads / All the data (uploads directory itself)
to the backup server /app/www/uploads/, there are delete parameters, keep the source and backup consistent.

/app/rsync/rsync.passwd

echo “123456” > /app/rsync/rsync.passwd

nohup /app/rsync/rsync_do.sh &

yum install rsync

mkdir /etc/rsyncd

mkdir /app/rsync

vi /app/rsync/rsync.conf

uid = root
gid = root
use chroot = no
max connections = 3
timeout = 800
pid file = /var/run/rsyncd.pid
lockfile = /var/run/rsyncd.lock
log file = /var/log/rsyncd.log
[uploads]
path = /app/www/Uploads
ignore errors = yes
hosts allow = 10.111.111.112
hosts deny = *
read only = no
write only = no
list = yes
uid = www
gid = www
auth users = www
secrets file = /app/rsync/rsync.passwd

echo “www:123456” > /app/rsync/rsync.passwd

chmod 600 /app/rsync/rsync.passwd

rsync –daemon –config=/app/rsync/rsync.conf

1.rsync

Compared with the traditional cp, tar backup method, rsync has the advantages of high security, fast backup, support incremental backup, etc., through rsync can solve the real-time requirements of the data backup requirements, such as regular backup file server data to Remote server, the local disk to do regular data mirroring, with the application of the scale of the system continues to expand, the data security and reliability also made better requirements, rsync in the high-end business system has gradually exposed a lot In addition, rsync synchronization data, you need to scan all the files after the comparison, the difference transmission. If the number of files reaches the level of millions or even tens of millions, scanning all the files will be very time-consuming. And is changing is often a very small part of it, which is very inefficient way. Second, rsync can not be real-time to monitor, synchronize data, although it can trigger the process through the linux daemon synchronization, but the trigger action will have two time difference, which led to the server and client data may be inconsistent, Completely recover data when a failure is applied. Based on the above reasons, rsync + inotify combination appeared!

2.inotify

Inotify is a powerful, fine-grained, asynchronous file system event monitoring mechanism, the Linux kernel from 2.6.13, joined the Inotify support, through Inotify can monitor the file system to add, delete, modify, move and other subtle Event, the use of the kernel interface, third-party software can monitor the file system under the various changes in the file, and inotify-tools is such a third-party software. In the above section, we talked about, rsync can achieve the trigger file synchronization, but through the crontab daemon way to trigger the synchronization of data and actual data will be different, and inotify can monitor the file system changes, when the file There is any change, it triggers rsync synchronization, so just to solve the real-time synchronization of data problems.

3.rsync.conf configuration explanation

uid = root # rsync server
gid = root # rsync server
use chroot = no #chroot
max connections = 3 #rsync
timeout = 800   #
pid file = /var/run/rsyncd.pid #
lockfile = /var/run/rsyncd.lock
log file = /var/log/rsyncd.log #
[uploads]   #rsync
path = /app/www/Uploads #
ignore errors = yes #
hosts allow = 192.168.1.112    #
hosts deny = * #
read only = no #
write only = no #
list = yes #
uid = www   #
gid = www   #
auth users = www
secrets file = /app/rsync/rsync.passwd #

a) rsync -av –progress <src-dir>/ <dst-dir> *** (/) ***
b) rsync -av –progress <src-dir> <dst-dir>
c) rsync -avu –progress –delete <src-dir>/ <dst-dir>
d) rsync -av –progress –temp-dir=/tmp <src-dir>/ <dst-dir>

Synchronize all files in the src-dir directory to the dst-dir directory
B) Synchronize all files in the src-dir directory to the dst-dir / src-dir directory
C) to src-dir directory content to the dst-dir directory under the difference update, add / update to add the replacement, there is a reduction of its deletion
D) than a) more – temp-dir = / tmp, that is, specify / tmp for the temporary swap area, so as to avoid the target directory space is not enough to cause the file can not sync errors.

Corresponding to the above six command formats, rsync has six different modes of operation:
1) copy the local file. This mode of operation is started when neither SRC nor DES path information contains a single colon “:” delimiter. Such as: rsync-a / data / backup
2) use a remote shell program (such as rsh, ssh) to achieve the contents of the local machine copy to the remote machine. This mode is started when the DST path address contains a single colon “:” delimiter. Such as: rsync -avz * .c foo: src
3) use a remote shell program (such as rsh, ssh) to achieve the contents of the remote machine to copy to the local machine. This mode is started when the SRC address path contains a single colon “:” delimiter. Such as: rsync -avz foo: src / bar / data
4) Copy files from the remote rsync server to the local machine. This mode is started when the SRC path information contains a “::” delimiter. Such as: rsync-av root@172.16.78.192 :: www / databack
5) Copy files from the local machine to the remote rsync server. This mode is started when the DST path information contains a “::” delimiter. Such as: rsync -av / databack root@172.16.78.192 :: www
6) List of remote machine files. This is similar to rsync transmission, but as long as the command can be omitted in the local machine information. Such as: rsync -v rsync: //172.16.78.192/www

-m, –monitor
-r, –recursive
-e <event>, –event <event>
Listen for specific event(s) only. The events which can be listened for are listed in the EVENTS section. This option can be specified more than once. If omitted, all events are listened for.
-q, –quiet
If specified once, the program will be less verbose. Specifically, it will not state when it has completed establishing all inotify watches.
–timefmt <fmt>
Set a time format string as accepted by strftime(3) for use with the ‘%T’ conversion in the –format option.
–format <fmt>
Output in a user-specified format, using printf-like syntax. The event strings output are limited to around 4000 characters and will be truncated to this length. The following conversions are supported:
%w
This will be replaced with the name of the Watched file on which an event occurred.
%f
When an event occurs within a directory, this will be replaced with the name of the File which caused the event to occur. Otherwise, this will be replaced with an empty string.
%e
Replaced with the Event(s) which occurred, comma-separated.
%Xe
Replaced with the Event(s) which occurred, separated by whichever character is in the place of ‘X’.
%T
Replaced with the current Time in the format specified by the –timefmt option, which should be a format string suitable for passing to strftime(3).

Recent Posts

Pages

Categories

Archives

Recent Comments

Categories

Apache Cassandra Centos 7

Oracle ASM 12c on Linux

grubby fatal error: unable to find a suitable template

DOCKER Testing

Docker Centos 7

sshd debug

Disable Password Authentication for SSH

How to Disable Password Authentication for SSH

active directory ssh authentication

tomcat 32 bit Could not reserve enough space for 1048576KB object heap

How to use inotify-tools to trigger scripts on filesystem events

PRODUCTS