考試總結

#1. server 主機配置 mariadb 服務如下:

- 該服務阻斷所有來自網絡的 tcp/ip 連接,僅支持本地連接;

- 給數據庫設置密碼 fentiao ;

- 新建數據庫 westosinfo ,該數據庫中創建表 hostinfo ;

- hostinfo 表包含的字段爲 ip 和 hostname ,表中插入 3 條記錄(自己隨便寫);

- 創建用戶 redhat 對 westosinfo 數據庫的所有表只能查看不能修改;

- redhat 用戶的認證密碼爲 redhat

server:

    8  yum install mariadb-server -y

    9  systemctl start mariadb 

   10  vim /etc/my.cnf

   11  systemctl start mariadb 

   12  mysql_secure_installation

       (1)Enter current password for root (enter for none):[Enter]

       (2)Set root password? [Y/n] Y ####給數據庫設置密碼 fentiao 

           New password:                ###輸入新密碼

           Re-enter new password:       ###確認密碼

       (3)Remove anonymous users? [Y/n] Y

       (4)Disallow root login remotely? [Y/n] Y

       (5)Remove test database and access to it? [Y/n] Y

       (6)Reload privilege tables now? [Y/n] Y 

   13  mysql -uroot -p 

MariaDB [(none)]> create database westosinfo;  新建數據庫 westosinfo

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> show databases;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| mysql              |

| performance_schema |

| westosinfo         |

+--------------------+

4 rows in set (0.00 sec)

MariaDB [(none)]> use westosinfo;

MariaDB [westosinfo]> create table hostinfo( 

    -> ip varchar(15) not null,

    -> hostname varchar(15) not null );

Query OK, 0 rows affected (0.06 sec) 數據庫中創建表 hostinfo

- hostinfo 表包含的字段爲 ip 和 hostname ,表中插入 3 條記錄(自己隨便寫)

MariaDB [westosinfo]> insert into hostinfo values ('172.25.254.244','server');

Query OK, 1 row affected (0.06 sec)

MariaDB [westosinfo]> insert into hostinfo values ('172.25.254.144','desktop');

Query OK, 1 row affected (0.03 sec)

MariaDB [westosinfo]> insert into hostinfo values ('172.25.254.44','localhost');

Query OK, 1 row affected (0.36 sec)

MariaDB [westosinfo]>  select * from hostinfo

    -> ;

+----------------+-----------+

| ip             | hostname  |

+----------------+-----------+

| 172.25.254.244 | server    |

| 172.25.254.144 | desktop   |

| 172.25.254.44  | localhost |

+----------------+-----------+

 創建用戶 redhat 對 westosinfo 數據庫的所有表只能查看不能修改;

- redhat 用戶的認證密碼爲 redhat

MariaDB [(none)]> create user [email protected] identified by ' redhat';

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant select on westosinfo.hostinfo to [email protected]；

    -> ;

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> select User,Host from mysql.user;

+--------+--------------+

| User   | Host         |

+--------+--------------+

| redhat | %            |

| root   | 127.0.0.1    |

| root   | ::1          |

| redhat | localhost    |

| root   | localhost    |

| redhat | localhost；  |

+--------+--------------+

14 useradd  redhat

15 mysql -uredhat -predhat 

#2. 配置鏈路聚合:

- 在 desktop 與 server 主機配置一鏈路,此鏈路使用 eth1 和 eth2;

- 此鏈路在一個接口失效時仍能正常工作;

- 此鏈路 serverx 使用 ipv6 地址 2014:ac18::10a/64;

- 此鏈路 desktopx 使用 ipv6 地址 2014:ac18::11b/64;

- 此鏈路在系統重啓之後仍然保持正常狀態;

server:

 nmcli connection add con-name team0 ifname team0 type team config '{"runner":{"name":"activebackup"}}' ip6 X:ac18::10a/64

 ####添加team 運行模式爲主備

nmcli connection add con-name eth2 ifname eth2type team-slave master team0  ####給team添加網卡eth0

nmcli connection add con-name eth1 ifname eth1 type team-slave master team0   ###給team添加網卡eth1

做之前必須要有兩塊及以上網卡。重置虛擬機.用命令nm-connection-editor刪除eth0原有IP。

desktop:

nmcli connection add con-name team0 ifname team0 type team config '{"runner":{"name":"activebackup"}}' ip6 X:ac18::11b/64;

 ####添加team 運行模式爲主備

nmcli connection add con-name eth2 ifname eth2type team-slave master team0  ####給team添加網卡eth0

nmcli connection add con-name eth1 ifname eth1 type team-slave master team0   ###給team添加網卡eth1

3. server 主機配置 dns 服務如下:

- server 主機搭建的 dns 管理的域爲"westos.org";

- 根據下面 ip 與域名的對應關係實現正向解析和反向解析:

desktopx.westos.org 172.25.x.10

serverx.westos.org 172.25.x.11

desktop 主機可執行命令 dig serverx.westos.org @172.25.x.11; //根據域名解析到 對

應的 ip

dig -x 172.25.0.11 @172.25.0.11

//根據 ip 反解析到對應的域名

[[email protected] ~]# yum install bind.x86_64 -y

[[email protected] ~]# systemctl stop firewalld  ###關閉火牆

[[email protected] ~]# systemctl start named  ###開啓服務

[[email protected] ~]# vim /etc/named.conf #編輯配置文件

options {                             ##全局設定

        listen-on port 53 { any; };  ##監聽本地53端口

        listen-on-v6 port 53 { ::1; }; ##關閉ipv6選項 

        directory       "/var/named";

        dump-file       "/var/named/data/cache_dump.db";

        statistics-file "/var/named/data/named_stats.txt";

        memstatistics-file "/var/named/data/named_mem_stats.txt";

        allow-query     { any; };  ##允許與本地直連的網絡使用

[[email protected] ~]# systemctl start named    ###開啓服務

正向：

[[email protected] ~]# cd /var/named

[[email protected] named]# pwd

/var/named

[[email protected] named]# ls

data     named.ca     named.localhost  slaves

dynamic  named.empty  named.loopback

[[email protected] named]# cp -p named.localhost westos.com.zone

##用模板生成用模板生成dns配置配置文件

[[email protected] named]# vim westos.com.zone

[[email protected] named]# vim /etc/named.rfc1912.zones 

zone "westos.com" IN {    #指定要維護的域名

        type master;

        file "westos.com.zone"; ##指定A記錄文件名

        allow-update { none; };  ##沒有允許更新用戶

};

[[email protected] named]# systemctl restart named   ###重啓服務

客戶端

    3  vim /etc/resolv.conf  #編輯配置文件

    4  dig dns.westos.com  ##查詢

    5  dig www.westos.com

二 反向解析

服務器

 58  vim /etc/named.rfc1912.zones

       48 zone "254.25.172.in-addr.arpa" IN {

       49         type master;

       50         file "westos.com.ptr";

       51         allow-update { none; };

       52 };

 59  cp -p named.loopback westos.com.ptr

 60  vim westos.com.ptr

     $TTL 1D

      @       IN SOA  dns.westos.com. root.westos.com. (

                                        0       ; serial

                                        1D      ; refresh

                                        1H      ; retry

                                        1W      ; expire

                                        3H )    ; minimum

             NS      dns.westos.com.

     dns     A       172.25.254.244

     111     PTR     www.westos.com

 61  systemctl restart named

yum install bind -y
vim /etc/namd.conf
cd /var/named
cp -p named.localhost westos.org.zone
vim westos.org.zone
N SOA   dns.westos.org. root.westos.org. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
               NS       dns.westos.org.
dns            A        172.25.18.10
desktop18      A        172.25.18.10
server18       A        172.25.18.11
vim /etc/named.rfc1912.zones
zone "westos.org" IN {
      type master;
      file "westos.org.zone";
      allow-update { none;};
};
cp -p named.loopback westos.org.ptr
vim westos.org.ptr
$TTL 1D
@       IN SOA  dns.westos.org. root.westos.org. (
                                        0       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      dns.westos.org
dns             A       172.25.18.10
10    PTR     desktop18.westos.org
11    PTR     server18.westos.org
vim /etc/named.rfc1912.zones
zone "18.25.172.in-addr.arpa" IN {
       type master;
       file "westos.org.ptr";
       allow-update { none;};
};
systemctl restart named
firewall-cmd  --permanent --add-service=dns
firewall-cmd --reload
測試端
vim /etc/resolv.conf
nameserver 172.25.18.10
dig server18.westos.org @172.25.18.10
dig -x 172.25.18.11 @172.25.18.10

#4. server 主機配置 web 服務如下:

- 下載 http://172.25.254.254/materials/station.html 到 apache 默認發佈目錄並重命名爲

index.html,

確保 http://serverx.example.com 可訪問,日誌位置在 logs/default-vhost.log ,日誌格

式爲 combined;

- 拓展 web 主機站點 http://wwwx.example.com 創建一虛擬主機,確保設定默認

發佈目錄爲 /var/virtual ,訪問內容爲 "wwwx.example.com" ,日誌存儲在

logs/wwwX.example.com.log ,日誌格式爲 combined;

- 在默認發佈目錄下創建一個名爲 admin 的目錄,訪問該目錄的頁面內容爲

admin page ,實現 apache 基於用戶認證功能的實現,只有 admin 用戶可通過

密碼 fentiao 登陸瀏覽頁面內容;

- 實現動態 web 內容,動態內容下載地址爲 http://172.25.254.254/materials/script.wsgi,

虛擬主機監聽端口:8989,desktop 主機訪問 http://wsgi.example.com:8989 可看動態

網頁;

yum install httpd lftp -y

systemctl start httpd

systemctl enable httpd

weget http://172.25.254.254/materials/station.html

mv station.html /var/www/html/index.html

vim /etc/httpd/conf.d/vhost.conf

<Virtualhost _default_:80>

     DocumentRoot "/var/www/html"

     ServerName server18.example.com

     Cusomlog "logs/default-vhost.log" combinded

</Virtualhost>

<Virtualhost *:80>

        ServerName "www18.example.com"

        DocumentRoot "/var/virtual"

        Customlog "logs/www18.example.com.log" combined

</Virtualhost>

<Directory "/var/virtual">

        Require all granted

</Directory>

<Directory "/var/www/html/admin">

   AuthUserfile "/etc/httpd/passwd"

   AuthName "show passwd add username

   AuthType basic

   Require user admin

</Directory>

systemctl start httpd

systemctl enable httpd

weget http://172.25.254.254/materials/station.html

mv station.html /var/www/html/index.html

vim /etc/httpd/conf.d/vhost.conf

<Virtualhost _default_:80>

     DocumentRoot "/var/www/html"

     ServerName server18.example.com

     Cusomlog "logs/default-vhost.log" combinded

</Virtualhost>

<Virtualhost *:80>

        ServerName "www18.example.com"

        DocumentRoot "/var/virtual"

        Customlog "logs/www18.example.com.log" combined

</Virtualhost>

<Directory "/var/virtual">

        Require all granted

</Directory>

<Directory "/var/www/html/admin">

   AuthUserfile "/etc/httpd/passwd"

   AuthName "show passwd add username

   AuthType basic

   Require user admin

</Directory>

<VirtualHost *:8989>

   WSGIScriptAlias /    /var/www/cgi-bin/script.wsgi

   ServerName wsgi.example.com

</VirtualHost>

Listen 8989

mkdir /var/virtual

semanage fcontext -a -t httpd_sys_content_t '/var/virtual(/.*)?'

restorecon RvvF /var/virtual

echo www18.example.com > /var/virtual/index.html

mkdir /var/www/html/admin

echo 'admin page' > /var/www/html/admin/index.conf

htpasswd -cm /etc/httpd/passwd admin

vim /etc/httpd/conf.d/vhost.conf

<Virtualhost _default_:80>

     DocumentRoot "/var/www/html"

     ServerName server18.example.com

     Cusomlog "logs/default-vhost.log" combinded

</Virtualhost>

<Virtualhost *:80>

        ServerName "www18.example.com"

        DocumentRoot "/var/virtual"

        Customlog "logs/www18.example.com.log" combined

</Virtualhost>

<Directory "/var/virtual">

        Require all granted

</Directory>

<Directory "/var/www/html/admin">

   AuthUserfile "/etc/httpd/passwd"

   AuthName "show passwd add username

   AuthType basic

   Require user admin

</Directory>

<VirtualHost *:8989>

   WSGIScriptAlias /    /var/www/cgi-bin/script.wsgi

   ServerName wsgi.example.com

</VirtualHost>

Listen 8989

mkdir /var/virtual

semanage fcontext -a -t httpd_sys_content_t '/var/virtual(/.*)?'

restorecon RvvF /var/virtual

echo www18.example.com > /var/virtual/index.html

mkdir /var/www/html/admin

echo 'admin page' > /var/www/html/admin/index.conf

htpasswd -cm /etc/httpd/passwd admin

yum install mod_wsgi.x86_64 -y

   AuthUserfile "/etc/httpd/passwd"

   AuthName "show passwd add username

   AuthType basic

   Require user admin