Diskussion:Maschine/nox: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Neuer Abschnitt →cbsd als Verwaltung für eine Instanz FreeBSD mit bhyve) |
|||
| Zeile 3: | Zeile 3: | ||
* <s>https://datacentersupport.lenovo.com/de/en/products/servers/system-x/system-x3550-m3/7944/downloads</s> | * <s>https://datacentersupport.lenovo.com/de/en/products/servers/system-x/system-x3550-m3/7944/downloads</s> | ||
* https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?parent=System%20x3550%20M3&product=ibm/systemx/7944&&platform=NONE&function=all | * https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?parent=System%20x3550%20M3&product=ibm/systemx/7944&&platform=NONE&function=all | ||
== cbsd als Verwaltung für eine Instanz FreeBSD mit bhyve == | |||
<pre> | |||
root@freebsd:/usr/home/administration # cat /etc/pkg/FreeBSD.conf | |||
# $FreeBSD: releng/11.2/etc/pkg/FreeBSD.conf 333474 2018-05-10 23:58:33Z gjb $ | |||
# | |||
# To disable this repository, instead of modifying or removing this file, | |||
# create a /usr/local/etc/pkg/repos/FreeBSD.conf file: | |||
# | |||
# mkdir -p /usr/local/etc/pkg/repos | |||
# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf | |||
# | |||
FreeBSD: { | |||
#### url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly", | |||
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", | |||
mirror_type: "srv", | |||
signature_type: "fingerprints", | |||
fingerprints: "/usr/share/keys/pkg", | |||
enabled: yes | |||
} | |||
root@freebsd:/usr/home/administration # pkg upg -y | |||
root@freebsd:/usr/home/administration # pkg ins -y ddate | |||
root@freebsd:/usr/home/administration # pkg ins -y cbsd | |||
root@freebsd:/usr/home/administration # zfs create zroot/usr/home/cbsd | |||
root@freebsd:/usr/home/administration # env workdir="/usr/home/cbsd" /usr/local/cbsd/sudoexec/initenv | |||
-------[CBSD v.12.0.2]------- | |||
This is install/upgrade scripts for CBSD. | |||
Don't forget to backup. | |||
----------------------------- | |||
Do you want prepare or upgrade hier environment for CBSD now? | |||
[yes(1) or no(0)] | |||
1 | |||
>>> Installing or upgrading | |||
[Stage 1: account & dir hier] | |||
* Check hier and permission... | |||
./.rssh missing (created) | |||
./.ssh missing (created) | |||
./.ssh/sockets missing (created) | |||
./basejail missing (created) | |||
./bin missing (created) | |||
./etc missing (created) | |||
./etc/defaults missing (created) | |||
./export missing (created) | |||
./ftmp missing (created) | |||
./import missing (created) | |||
./jailctl missing (created) | |||
./jails missing (created) | |||
./jails-data missing (created) | |||
./jails-fstab missing (created) | |||
./jails-rcconf missing (created) | |||
./jails-system missing (created) | |||
./job missing (created) | |||
./lib missing (created) | |||
./misc missing (created) | |||
./nodectl missing (created) | |||
./rc.d missing (created) | |||
./sbin missing (created) | |||
./share missing (created) | |||
./share/dialog missing (created) | |||
./share/helpers missing (created) | |||
./share/FreeBSD-jail-puppet-skel missing (created) | |||
./share/FreeBSD-jail-skel missing (created) | |||
./share/FreeBSD-jail-vnet-skel missing (created) | |||
./share/emulators missing (created) | |||
./src missing (created) | |||
./sudoexec missing (created) | |||
./system missing (created) | |||
./tmp missing (created) | |||
./tools missing (created) | |||
./var missing (created) | |||
./var/cron missing (created) | |||
./var/cron/tabs missing (created) | |||
./var/db missing (created) | |||
./var/log missing (created) | |||
./var/mail missing (created) | |||
./var/run missing (created) | |||
./var/spool missing (created) | |||
* write directory id: jaildatadir | |||
* write directory id: jailsysdir | |||
* write directory id: jailrcconfdir | |||
* write directory id: dbdir | |||
[Stage 2: build tools] | |||
Shall i add cbsd user into /usr/local/etc/sudoers.d/cbsd_sudoers sudo file to obtain root privileges for the most cbsd commands? | |||
[yes(1) or no(0)] | |||
1 | |||
[Stage 3: local settings] | |||
Shall i modify the /etc/rc.conf to sets cbsd_workdir="/usr/home/cbsd"?: | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: cbsd_workdir: -> /usr/home/cbsd | |||
[Stage 4: update default skel resolv.conf] | |||
[Stage 5: refreshing inventory] | |||
nodename: Short form nodename for this host e.g. like hostname. Warning: this operation will recreate the ssh keys in /usr/home/cbsd/.ssh dir: freebsd.box.sr100038.stura.htw-dresden.de | |||
Empty inventory database created: /usr/home/cbsd/var/db/inv.freebsd.box.sr100038.stura.htw-dresden.de.sqlite | |||
nodeip: Node management IPv4 or IPv6 address (used for node interconnection), e.g: 141.56.51.175 | |||
jnameserver: Jails default DNS name-server (for jails resolv.conf), e.g.: 8.8.8.8,8.8.4.4 | |||
141.56.1.1,141.56.1.2 | |||
nodeippool: Jail pool IP address range (networks for jails) | |||
Hint: use space as delimiter for multiple networks, e.g.: 10.0.0.0/16 141.56.51.175/24 | |||
nat_enable: Enable NAT for RFC1918 networks? | |||
[yes(1) or no(0)] | |||
1 | |||
Which NAT framework do you want to use: [pf] | |||
(type FW name, eg pf,ipfw,ipfilter, 'disable' or '0' to CBSD NAT, "exit" for break) | |||
Set IP address or NIC as the aliasing NAT address or interface, e.g: 141.56.51.175 | |||
Do you want to modify /boot/loader.conf to set pf_load=YES ? | |||
[yes(1) or no(0)] | |||
1 | |||
/boot/loader.conf: pf_load: -> YES | |||
fbsdrepo: Use official FreeBSD repository? When no (0) repository of CBSD is preferred (usefull for stable=1) for fetching base/kernel? | |||
[yes(1) or no(0)] | |||
1 | |||
zfsfeat: You are running on a ZFS-based system. Enable ZFS feature? | |||
[yes(1) or no(0)] | |||
1 | |||
parallel: Parallel mode stop/start ? | |||
(0 - no parallel or positive value (in seconds) as timeout for next parallel sequence) e.g: 5 | |||
stable: Use STABLE branch instead of RELEASE by default ? Attention: only CBSD repository have binary base for STABLE branch ? | |||
(STABLE_X instead of RELEASE_X_Y branch for base/kernel will be used), e.g.: 0 (use release) | |||
sqlreplica: Enable sqlite3 replication to remote nodes ? | |||
(0 - no replica, 1 - try to replicate all local events to remote nodes) e.g: 1 | |||
statsd_bhyve_enable: Configure CBSD statsd services for collect RACCT bhyve statistics? ? | |||
(EXPERIMENTAL FEATURE)? e.g: 0 | |||
statsd_jail_enable: Configure CBSD statsd services for collect RACCT jail statistics? ? | |||
(EXPERIMENTAL FEATURE)? e.g: 0 | |||
1 | |||
statsd_hoster_enable: Configure CBSD statsd services for collect RACCT hoster statistics? ? | |||
(EXPERIMENTAL FEATURE)? e.g: 0 | |||
1 | |||
[Stage 6: authentication keys] | |||
Generating public/private rsa key pair. | |||
Your identification has been saved in /usr/home/cbsd/.ssh/8c1c96c6e2539cf7e8e47ecc35df6b32.id_rsa. | |||
Your public key has been saved in /usr/home/cbsd/.ssh/8c1c96c6e2539cf7e8e47ecc35df6b32.id_rsa.pub. | |||
The key fingerprint is: | |||
SHA256:GYfU+wY4iNaI9w9ilmbe4TAVq+Mtwv0fuuiTp7dUDck root@freebsd.box.sr100038.stura.htw-dresden.de | |||
The key's randomart image is: | |||
+---[RSA 2048]----+ | |||
| .. | | |||
| .o o. | | |||
| . + +E... | | |||
| . = = o*o | | |||
| o = S..o | | |||
| % +. o | | |||
| . O X.+. . | | |||
| o Bo*... | | |||
| o+B=+. | | |||
+----[SHA256]-----+ | |||
[Stage 7: modules] | |||
Installing module pkg.d cmd: pkg | |||
Installing module bsdconf.d cmd: tzsetup | |||
Installing module bsdconf.d cmd: ssh | |||
Installing module bsdconf.d cmd: ftp | |||
Installing module bsdconf.d cmd: adduser | |||
Installing module bsdconf.d cmd: passwd | |||
Installing module bsdconf.d cmd: service | |||
Installing module bsdconf.d cmd: sysrc | |||
Installing module bsdconf.d cmd: userlist | |||
Installing module bsdconf.d cmd: grouplist | |||
Installing module bsdconf.d cmd: adduser-tui | |||
Installing module bsdconf.d cmd: pw | |||
Installing module zfsinstall.d cmd: zfsinstall | |||
[Stage 9: cleanup] | |||
* Remove obsolete files... | |||
Configure RSYNC services for jail migration? | |||
[yes(1) or no(0)] | |||
1 | |||
Shall i modify the /etc/rc.conf to sets cbsdrsyncd_enable="YES" | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: cbsdrsyncd_enable: -> YES | |||
Do you want to modify /etc/rc.conf to set the cbsdrsyncd_flags="--config=/usr/home/cbsd/etc/rsyncd.conf" ? | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: cbsdrsyncd_flags: -> --config=/usr/home/cbsd/etc/rsyncd.conf | |||
/usr/local/etc/rc.d/cbsdrsyncd: required_files: -> | |||
Starting cbsdrsyncd. | |||
Do you want to enable RACCT feature for resource accounting? | |||
[yes(1) or no(0)] | |||
1 | |||
Shall i modify the /etc/rc.conf to sets cbsdd_enable=YES ? | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: cbsdd_enable: -> YES | |||
Shall i modify the /etc/rc.conf to sets rcshutdown_timeout="900"? | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: rcshutdown_timeout: 90 -> 900 | |||
Shall i modify default SSH daemon port from 22 to 22222 on this host via /etc/rc.conf and sshd_flags="-oPort=22222" which is default for cbsd? | |||
[yes(1) or no(0)] | |||
1 | |||
/etc/rc.conf: sshd_flags: -> -oPort=22222 | |||
[Stage X: upgrading] | |||
* Insert default topology into vm_cpu_topology table | |||
* Insert small1 group into vmpackage table | |||
>>> Done | |||
First CBSD initialization complete. | |||
Now your can run: | |||
service cbsdd start | |||
to run CBSD services. | |||
For change initenv settings in next time, use: | |||
cbsd initenv-tui | |||
Also don't forget to execute: | |||
cbsd initenv | |||
every time when you upgrade CBSD version. | |||
</pre> | |||
Version vom 5. Dezember 2018, 22:17 Uhr
firmware foo
https://datacentersupport.lenovo.com/de/en/products/servers/system-x/system-x3550-m3/7944/downloads- https://www-945.ibm.com/support/fixcentral/systemx/selectFixes?parent=System%20x3550%20M3&product=ibm/systemx/7944&&platform=NONE&function=all
cbsd als Verwaltung für eine Instanz FreeBSD mit bhyve
root@freebsd:/usr/home/administration # cat /etc/pkg/FreeBSD.conf
# $FreeBSD: releng/11.2/etc/pkg/FreeBSD.conf 333474 2018-05-10 23:58:33Z gjb $
#
# To disable this repository, instead of modifying or removing this file,
# create a /usr/local/etc/pkg/repos/FreeBSD.conf file:
#
# mkdir -p /usr/local/etc/pkg/repos
# echo "FreeBSD: { enabled: no }" > /usr/local/etc/pkg/repos/FreeBSD.conf
#
FreeBSD: {
#### url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly",
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
mirror_type: "srv",
signature_type: "fingerprints",
fingerprints: "/usr/share/keys/pkg",
enabled: yes
}
root@freebsd:/usr/home/administration # pkg upg -y
root@freebsd:/usr/home/administration # pkg ins -y ddate
root@freebsd:/usr/home/administration # pkg ins -y cbsd
root@freebsd:/usr/home/administration # zfs create zroot/usr/home/cbsd
root@freebsd:/usr/home/administration # env workdir="/usr/home/cbsd" /usr/local/cbsd/sudoexec/initenv
-------[CBSD v.12.0.2]-------
This is install/upgrade scripts for CBSD.
Don't forget to backup.
-----------------------------
Do you want prepare or upgrade hier environment for CBSD now?
[yes(1) or no(0)]
1
>>> Installing or upgrading
[Stage 1: account & dir hier]
* Check hier and permission...
./.rssh missing (created)
./.ssh missing (created)
./.ssh/sockets missing (created)
./basejail missing (created)
./bin missing (created)
./etc missing (created)
./etc/defaults missing (created)
./export missing (created)
./ftmp missing (created)
./import missing (created)
./jailctl missing (created)
./jails missing (created)
./jails-data missing (created)
./jails-fstab missing (created)
./jails-rcconf missing (created)
./jails-system missing (created)
./job missing (created)
./lib missing (created)
./misc missing (created)
./nodectl missing (created)
./rc.d missing (created)
./sbin missing (created)
./share missing (created)
./share/dialog missing (created)
./share/helpers missing (created)
./share/FreeBSD-jail-puppet-skel missing (created)
./share/FreeBSD-jail-skel missing (created)
./share/FreeBSD-jail-vnet-skel missing (created)
./share/emulators missing (created)
./src missing (created)
./sudoexec missing (created)
./system missing (created)
./tmp missing (created)
./tools missing (created)
./var missing (created)
./var/cron missing (created)
./var/cron/tabs missing (created)
./var/db missing (created)
./var/log missing (created)
./var/mail missing (created)
./var/run missing (created)
./var/spool missing (created)
* write directory id: jaildatadir
* write directory id: jailsysdir
* write directory id: jailrcconfdir
* write directory id: dbdir
[Stage 2: build tools]
Shall i add cbsd user into /usr/local/etc/sudoers.d/cbsd_sudoers sudo file to obtain root privileges for the most cbsd commands?
[yes(1) or no(0)]
1
[Stage 3: local settings]
Shall i modify the /etc/rc.conf to sets cbsd_workdir="/usr/home/cbsd"?:
[yes(1) or no(0)]
1
/etc/rc.conf: cbsd_workdir: -> /usr/home/cbsd
[Stage 4: update default skel resolv.conf]
[Stage 5: refreshing inventory]
nodename: Short form nodename for this host e.g. like hostname. Warning: this operation will recreate the ssh keys in /usr/home/cbsd/.ssh dir: freebsd.box.sr100038.stura.htw-dresden.de
Empty inventory database created: /usr/home/cbsd/var/db/inv.freebsd.box.sr100038.stura.htw-dresden.de.sqlite
nodeip: Node management IPv4 or IPv6 address (used for node interconnection), e.g: 141.56.51.175
jnameserver: Jails default DNS name-server (for jails resolv.conf), e.g.: 8.8.8.8,8.8.4.4
141.56.1.1,141.56.1.2
nodeippool: Jail pool IP address range (networks for jails)
Hint: use space as delimiter for multiple networks, e.g.: 10.0.0.0/16 141.56.51.175/24
nat_enable: Enable NAT for RFC1918 networks?
[yes(1) or no(0)]
1
Which NAT framework do you want to use: [pf]
(type FW name, eg pf,ipfw,ipfilter, 'disable' or '0' to CBSD NAT, "exit" for break)
Set IP address or NIC as the aliasing NAT address or interface, e.g: 141.56.51.175
Do you want to modify /boot/loader.conf to set pf_load=YES ?
[yes(1) or no(0)]
1
/boot/loader.conf: pf_load: -> YES
fbsdrepo: Use official FreeBSD repository? When no (0) repository of CBSD is preferred (usefull for stable=1) for fetching base/kernel?
[yes(1) or no(0)]
1
zfsfeat: You are running on a ZFS-based system. Enable ZFS feature?
[yes(1) or no(0)]
1
parallel: Parallel mode stop/start ?
(0 - no parallel or positive value (in seconds) as timeout for next parallel sequence) e.g: 5
stable: Use STABLE branch instead of RELEASE by default ? Attention: only CBSD repository have binary base for STABLE branch ?
(STABLE_X instead of RELEASE_X_Y branch for base/kernel will be used), e.g.: 0 (use release)
sqlreplica: Enable sqlite3 replication to remote nodes ?
(0 - no replica, 1 - try to replicate all local events to remote nodes) e.g: 1
statsd_bhyve_enable: Configure CBSD statsd services for collect RACCT bhyve statistics? ?
(EXPERIMENTAL FEATURE)? e.g: 0
statsd_jail_enable: Configure CBSD statsd services for collect RACCT jail statistics? ?
(EXPERIMENTAL FEATURE)? e.g: 0
1
statsd_hoster_enable: Configure CBSD statsd services for collect RACCT hoster statistics? ?
(EXPERIMENTAL FEATURE)? e.g: 0
1
[Stage 6: authentication keys]
Generating public/private rsa key pair.
Your identification has been saved in /usr/home/cbsd/.ssh/8c1c96c6e2539cf7e8e47ecc35df6b32.id_rsa.
Your public key has been saved in /usr/home/cbsd/.ssh/8c1c96c6e2539cf7e8e47ecc35df6b32.id_rsa.pub.
The key fingerprint is:
SHA256:GYfU+wY4iNaI9w9ilmbe4TAVq+Mtwv0fuuiTp7dUDck root@freebsd.box.sr100038.stura.htw-dresden.de
The key's randomart image is:
+---[RSA 2048]----+
| .. |
| .o o. |
| . + +E... |
| . = = o*o |
| o = S..o |
| % +. o |
| . O X.+. . |
| o Bo*... |
| o+B=+. |
+----[SHA256]-----+
[Stage 7: modules]
Installing module pkg.d cmd: pkg
Installing module bsdconf.d cmd: tzsetup
Installing module bsdconf.d cmd: ssh
Installing module bsdconf.d cmd: ftp
Installing module bsdconf.d cmd: adduser
Installing module bsdconf.d cmd: passwd
Installing module bsdconf.d cmd: service
Installing module bsdconf.d cmd: sysrc
Installing module bsdconf.d cmd: userlist
Installing module bsdconf.d cmd: grouplist
Installing module bsdconf.d cmd: adduser-tui
Installing module bsdconf.d cmd: pw
Installing module zfsinstall.d cmd: zfsinstall
[Stage 9: cleanup]
* Remove obsolete files...
Configure RSYNC services for jail migration?
[yes(1) or no(0)]
1
Shall i modify the /etc/rc.conf to sets cbsdrsyncd_enable="YES"
[yes(1) or no(0)]
1
/etc/rc.conf: cbsdrsyncd_enable: -> YES
Do you want to modify /etc/rc.conf to set the cbsdrsyncd_flags="--config=/usr/home/cbsd/etc/rsyncd.conf" ?
[yes(1) or no(0)]
1
/etc/rc.conf: cbsdrsyncd_flags: -> --config=/usr/home/cbsd/etc/rsyncd.conf
/usr/local/etc/rc.d/cbsdrsyncd: required_files: ->
Starting cbsdrsyncd.
Do you want to enable RACCT feature for resource accounting?
[yes(1) or no(0)]
1
Shall i modify the /etc/rc.conf to sets cbsdd_enable=YES ?
[yes(1) or no(0)]
1
/etc/rc.conf: cbsdd_enable: -> YES
Shall i modify the /etc/rc.conf to sets rcshutdown_timeout="900"?
[yes(1) or no(0)]
1
/etc/rc.conf: rcshutdown_timeout: 90 -> 900
Shall i modify default SSH daemon port from 22 to 22222 on this host via /etc/rc.conf and sshd_flags="-oPort=22222" which is default for cbsd?
[yes(1) or no(0)]
1
/etc/rc.conf: sshd_flags: -> -oPort=22222
[Stage X: upgrading]
* Insert default topology into vm_cpu_topology table
* Insert small1 group into vmpackage table
>>> Done
First CBSD initialization complete.
Now your can run:
service cbsdd start
to run CBSD services.
For change initenv settings in next time, use:
cbsd initenv-tui
Also don't forget to execute:
cbsd initenv
every time when you upgrade CBSD version.