2023年6月25日 星期日

RHEL install EPEL

 


https://www.linuxtechi.com/install-epel-repo-on-rhel-system/

EPEL

dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm

dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm


list

dnf repository-packages epel list


 dnf --enablerepo="epel" install neofetch -y


2023年6月13日 星期二

VS code extensions

 

前端:

https://www.youtube.com/watch?v=CMfpGsVWdlg

1.  外觀主題 Material Theme 系列 

2.  格式化排版 Prettier

  control + ,  進入Settings     Text Editor -> Formating  右邊選擇 Format On Save




3.  顯示大括號區塊 Bracket Pair Colorizer 2  無用

4.  自動完成對應的tag Auto Rename Tag

5.  快速顯示CSS CSS Peek




2023年5月12日 星期五

Nagios Docker

 


壓縮nagios 原始檔案

-- nagios need file


tar --exclude="/usr/local/pnp4nagios/var/perfdata/*"  --exclude="/usr/local/nagios/var/archives/*" \

 -cvzf /home/mikeschsieh/DOCKER/NAGIOS/nagiosfull_20230512_v4.4.11.tar.gz  \

/usr/lib/systemd/system/nagios.service \

/usr/lib/systemd/system/xinetd.service \

/etc/xinetd.d/live \

/etc/init.d/npcd \

/etc/init.d/pnp_gearman_worker \

/usr/local/nagios  \

/usr/local/nagvis \

/usr/local/nrdp  \

/usr/local/pnp4nagios \

/etc/httpd/conf.d/nagvis.conf   \

/etc/httpd/conf.d/pnp4nagios.conf  \

/etc/httpd/conf.d/nagios.conf  



---

- entrypoint.sh


#!/bin/bash

echo "Starting PHP-FPM in background"
php-fpm -D

echo "Starting nagios"

/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
/usr/local/pnp4nagios/bin/npcd -d -f /usr/local/pnp4nagios/etc/npcd.cfg

echo "start httpd "
/usr/sbin/httpd -f /etc/httpd/conf/httpd.conf
/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid

bash



---

Dockerfile

FROM rockylinux:8.7.20230215


LABEL maintainer="MikeSCHsieh <cc.vbhsieh@gmail.com>"
LABEL maintainer="website : https://jeffwen0105.com/"
RUN yum install -y perl php httpd xinetd net-snmp-perl net-snmp-utils java \
net-snmp rrdtool perl-rrdtool perl-Time-HiRes php-gd php-xml net-tools \
php-json php-mbstring php-pdo graphviz
ENV TZ="Asia/Taipei"

# 更新系统并安装所需的软件包
RUN dnf update -y && \
dnf install -y tzdata && \
dnf clean all

# 将/etc/localtime链接到正确的时区文件
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone

RUN useradd -u 1001 nagios
RUN groupadd -g 1003 nagcmd

RUN usermod -a -G apache nagios
RUN usermod -a -G nagcmd nagios
RUN usermod -a -G nagcmd apache
RUN mkdir /run/php-fpm

COPY ./nagiosfull_20230508_v4.4.11.tar.gz  /tmp/nagiosfull.tar.gz
COPY ./php.ini  /etc/php.ini

RUN tar -C / -zxvf /tmp/nagiosfull.tar.gz


COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
CMD ["/usr/local/bin/entrypoint.sh"]

---
-  run.sh

docker run -i -t -d -p 80:80 -p 6557:6557 \
 -v /usr/local/nagios/libexec:/usr/local/nagios/libexec \
 -v /usr/local/nagios/etc/objects/config:/usr/local/nagios/etc/objects/config \
 -v /usr/local/nagios/etc/nagios.cfg:/usr/local/nagios/etc/nagios.cfg \
 -v /etc/hosts:/etc/hosts  \
 -v /usr/local/pnp4nagios/var/perfdata:/usr/local/pnp4nagios/var/perfdata  \
nagios



--
原始主機加入

~/.bash_profile
加入:


DN=/home/mikeschsieh/DOCKER/NAGIOS
alias RUN='sh $DN/run.sh'
alias cdNAGIOS='cd $DN'
alias BUILD='docker build -t nagios .'
alias PS='docker ps -a'

GETPID(){
PID=`docker ps | awk '{if(NR>1)print $1}'`
}

CMD(){
GETPID
docker exec -it $PID bash
}

RM(){
GETPID
docker rm -f $PID
}





2023年4月6日 星期四

LAB 主機設定



alias VINET='vi /etc/sysconfig/network-scripts/ifcfg-ens160 '


LAB(){

nmcli connection modify ens160 \

ipv4.addresses ${1}/24


hostnamectl set-hostname $2


}


2023年4月5日 星期三

vmrun

 

VMware Workstation vmrun script : 



rem START UP

rem set SERVERA="E:\VM\ansible\servera\servera.vmx"

rem %RUN% -T ws  start "%SERVERA%"


set RUN="C:\Program Files (x86)\VMware\VMware Workstation\vmrun.exe"

set SERVER0="E:\VM\ansible\workstation\workstation.vmx"

set SERVERA="E:\VM\ansible\servera\servera.vmx"

set SERVERB="E:\VM\ansible\serverb\serverb.vmx"

set SERVERC="E:\VM\ansible\serverc\serverc.vmx"

set SERVERD="E:\VM\serverd\serverd.vmx"



%RUN% -T ws  revertToSnapshot "%SERVER0%" "Snapshot 1"

%RUN% -T ws  start "%SERVER0%"


%RUN% -T ws  revertToSnapshot "%SERVERA%" "Snapshot 1"

%RUN% -T ws  start "%SERVERA%"


%RUN% -T ws  revertToSnapshot "%SERVERB%" "Snapshot 1"

%RUN% -T ws  start "%SERVERB%"


%RUN% -T ws  revertToSnapshot "%SERVERC%" "Snapshot 1"

%RUN% -T ws  start "%SERVERC%"


%RUN% -T ws  revertToSnapshot "%SERVERD%" "Snapshot 1"

%RUN% -T ws  start "%SERVERD%"


2023年3月28日 星期二

docker-compose.yml

docker-compose.yml


version: '2.2'

services:

  workstation:
    image: jeffwen0105/ansible_server:0.2
    hostname: workstation      
    privileged: true
    command: ['/sbin/init']
    volumes:
      - mydata:/home/student/playground
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.10   

  servera:
    image: jeffwen0105/ansible_server:0.2
    hostname: servera
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.11    

  serverb:
    image: jeffwen0105/ansible_server:0.2
    hostname: serverb
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.12    

  serverc:
    image: jeffwen0105/ansible_server:0.2
    hostname: serverc  
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.13

  serverd:
    image: jeffwen0105/ansible_server:0.2
    hostname: serverd
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.14

  servere:
    image: jeffwen0105/ansible_server:0.2
    hostname: servere
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.15

  serverf:
    image: jeffwen0105/ansible_server:0.2
    hostname: serverf
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.16

  serverg:
    image: jeffwen0105/ansible_server:0.2
    hostname: serverg
    privileged: true
    command: ['/sbin/init']
    extra_hosts:
      - "workstation.lab.example.com:10.10.10.10"
      - "servera.lab.example.com:10.10.10.11"
      - "serverb.lab.example.com:10.10.10.12"
      - "serverc.lab.example.com:10.10.10.13"
      - "serverd.lab.example.com:10.10.10.14"
      - "servere.lab.example.com:10.10.10.15"
      - "serverf.lab.example.com:10.10.10.16"
      - "serverg.lab.example.com:10.10.10.17"
    networks:
      ansible:
        ipv4_address: 10.10.10.17

networks:
  ansible:
    driver: bridge
    ipam:
      config:
        - subnet: 10.10.10.10/16
          gateway: 10.10.10.1

volumes:
  mydata:

2023年3月26日 星期日

自制LAB Docker image

 

Dockerfile 寫法

https://philipzheng.gitbook.io/docker_practice/dockerfile/instructions#user

藍色可換你想要用的OS,紅色為出處,下面有標記來源端

Dockerfile

FROM rockylinux:8.7.20230215


LABEL maintainer="MikeSCHsieh <cc.vbhsieh@gmail.com>"
LABEL maintainer="website : https://jeffwen0105.com/"
RUN yum install -y vim  net-tools telnet sudo passwd  openssh-* python3-dev* curl wget bash-completion openssl epel-release
RUN yum install ansible -y
RUN ssh-keygen -A
# RUN sed 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config > /etc/ssh/sshd_config
RUN echo  redhat | passwd  --stdin root
RUN useradd --create-home --shell /bin/bash  devops
RUN echo  redhat | passwd  --stdin devops
RUN echo 'devops ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
RUN ssh-keygen -q  -N  "" -f ~/.ssh/id_rsa
RUN cat ~/.ssh/id_rsa.pub >  ~/.ssh/authorized_keys
RUN useradd --create-home --shell /bin/bash  student
RUN echo  redhat | passwd  --stdin student
RUN echo 'student ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
USER devops
RUN ssh-keygen -q  -N  "" -f ~/.ssh/id_rsa
RUN cat ~/.ssh/id_rsa.pub >  ~/.ssh/authorized_keys
USER student
RUN ssh-keygen -q  -N  "" -f ~/.ssh/id_rsa
RUN cat ~/.ssh/id_rsa.pub >  ~/.ssh/authorized_keys  && mkdir -p ~/playground
RUN echo -e 'autocmd FileType yaml setlocal ai ts=2 sw=2 et\n:set cursorcolumn' > /home/student/.vimrc
COPY src/example.tar.gz  /tmp/.
COPY src/labs.tar.gz /tmp/.
RUN tar -C /home/student/playground/  -zxvf /tmp/example.tar.gz
RUN tar -C /home/student/playground/  -zxvf /tmp/labs.tar.gz
USER root
RUN echo -e  "Host * \n \tStrictHostKeyChecking no" >> /etc/ssh/ssh_config
RUN cat /home/student/.ssh/id_rsa.pub >>  /home/devops/.ssh/authorized_keys && cat /home/devops/.ssh/id_rsa.pub >>  /home/student/.ssh/authorized_keys
RUN chown -R student:student /home/student/ && chown -R devops:devops /home/devops
EXPOSE 22

# CMD ["/usr/sbin/sshd","-D"]


結合指令:

這個會比較大一點。

podman build -t test .    


buildah build -t test 

出處:

https://github.com/JeffWen0105/Ansible

RHEL install EPEL

  https://www.linuxtechi.com/install-epel-repo-on-rhel-system/ EPEL dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest...