Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
настройка_стендов_слушателей

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
настройка_стендов_слушателей [2017/12/04 09:39]
val [Общие файлы конфигурации] 		настройка_стендов_слушателей [2020/04/14 09:25]
val [Ansible конфигурация]
Line 29: Line 29:
 </​code>​ </​code>​
  
-==== Ubuntu ====+==== Debian/Ubuntu ==== 
 + 
 +  * [[Настройка сети в Linux]]
  
 === Gate === === Gate ===
Line 131: Line 133:
 </​code>​ </​code>​
  
-===== Дополнительные материалы =====+===== Скрипты автоконфигурации ​===== 
 <​code>​ <​code>​
-cat gate.sh+# git clone http://​val.bmstu.ru/​unix/​conf.git 
 +</​code>​ 
 +==== gate.corpX.un ==== 
 +<​code>​ 
 +# cat net_gate.sh
 </​code><​code>​ </​code><​code>​
-rm /​etc/​udev/​rules.d/​70-persistent-net.rules+X=$1 
 + 
 +if test -z $X 
 +then 
 +        echo -n "enter X: " 
 +        read X 
 +fi
  
 cat > /etc/hosts <<EOF cat > /etc/hosts <<EOF
 127.0.0.1 ​              ​localhost 127.0.0.1 ​              ​localhost
  
-192.168.${1}.1 gate.corp${1}.un gate+192.168.$X.1 gate.corp$X.un gate
  
 172.16.1.254 ​          proxy 172.16.1.254 ​          proxy
Line 147: Line 160:
  
 cat > /​etc/​resolv.conf <<EOF cat > /​etc/​resolv.conf <<EOF
-search corp${1}.un+search corp$X.un
 nameserver 172.16.1.254 nameserver 172.16.1.254
 +#nameserver 192.168.$X.10
 EOF EOF
  
-echo gate.corp${1}.un > /​etc/​hostname+echo gate.corp$X.un > /​etc/​hostname
  
 cat > /​etc/​network/​interfaces <<EOF cat > /​etc/​network/​interfaces <<EOF
Line 159: Line 173:
 auto eth0 auto eth0
 iface eth0 inet static iface eth0 inet static
-        address 192.168.${1}.1+        address 192.168.$X.1
         netmask 255.255.255.0         netmask 255.255.255.0
  
 auto eth1 auto eth1
 iface eth1 inet static iface eth1 inet static
-        address 172.16.1.${1}+        address 172.16.1.$X
         netmask 255.255.255.0         netmask 255.255.255.0
         gateway 172.16.1.254         gateway 172.16.1.254
 +
 +#auto eth2
 +#iface eth2 inet static
 +#        address 192.168.$((100+$X)).1
 +#        netmask 255.255.255.0
 EOF EOF
  
-echo net.ipv4.ip_forward = 1 >> /​etc/​sysctl.conf+echo "net.ipv4.ip_forward = 1" ​>> /​etc/​sysctl.conf 
 + 
 +timedatectl set-timezone Europe/​Moscow 
 + 
 +echo Success 
 +exit 0 
 +</​code>​ 
 + 
 +==== server.corpX.un ==== 
 + 
 +<​code>​ 
 +# cat net_server.sh
 </​code><​code>​ </​code><​code>​
-cat server.sh +X=$1 
-</​code><​code>​ + 
-rm /​etc/​udev/​rules.d/​70-persistent-net.rules+if test -z $X 
 +then 
 +        echo -n "enter X: " 
 +        read X 
 +fi
  
 cat > /etc/hosts <<EOF cat > /etc/hosts <<EOF
 127.0.0.1 ​              ​localhost 127.0.0.1 ​              ​localhost
  
-192.168.${1}.10 server.corp${1}.un server+192.168.$X.10 server.corp$X.un server
  
 172.16.1.254 ​          proxy 172.16.1.254 ​          proxy
Line 185: Line 219:
  
 cat > /​etc/​resolv.conf <<EOF cat > /​etc/​resolv.conf <<EOF
-search corp${1}.un+search corp$X.un
 nameserver 172.16.1.254 nameserver 172.16.1.254
 +#nameserver 192.168.$X.10
 EOF EOF
  
-echo server.corp${1}.un > /​etc/​hostname+echo server.corp$X.un > /​etc/​hostname
  
 cat > /​etc/​network/​interfaces <<EOF cat > /​etc/​network/​interfaces <<EOF
Line 197: Line 232:
 auto eth0 auto eth0
 iface eth0 inet static iface eth0 inet static
-        address 192.168.${1}.10+        address 192.168.$X.10
         netmask 255.255.255.0         netmask 255.255.255.0
-        gateway 192.168.${1}.1+        gateway 192.168.$X.1
 EOF EOF
 +
 +timedatectl set-timezone Europe/​Moscow
 +
 +echo Success
 +exit 0
 +</​code>​
 +
 +==== dhcp ====
 +
 +<​code>​
 +# cat dhcp.sh
 +</​code><​code>​
 +X=$1
 +
 +if test -z $X
 +then
 +        echo -n "enter X: "
 +        read X
 +fi
 +
 +apt update
 +apt install -y isc-dhcp-server
 +
 +echo '​INTERFACES="​eth0"'​ > /​etc/​default/​isc-dhcp-server
 +echo '#​INTERFACES="​eth0 eth2"'​ >> /​etc/​default/​isc-dhcp-server
 +
 +cat > /​etc/​dhcp/​dhcpd.conf <<EOF
 +ddns-update-style none;
 +
 +default-lease-time 600;
 +max-lease-time 7200;
 +
 +option domain-name "​corp$X.un";​
 +option domain-name-servers 192.168.$X.10;​
 +
 +#### For provisioning ####
 +#option tftp-server-name code 66 = string; # RFC 2132
 +#option tftp-server-address code 150 = ip-address; # RFC 5859
 +#option tftp-server-name "​server.corp$X.un";​
 +#option tftp-server-address 192.168.$X.10;​
 +
 +
 +shared-network LAN1 {
 +  subnet 192.168.$X.0 netmask 255.255.255.0 {
 +    range 192.168.$X.101 192.168.$X.199;​
 +    option routers 192.168.$X.1;​
 +  }
 +}
 +
 +#​shared-network LAN2 {
 +#  subnet 192.168.$((100 + $X)).0 netmask 255.255.255.0 {
 +#    range 192.168.$((100 + $X)).101 192.168.$((100 + $X)).199;
 +#    option routers 192.168.$((100 + $X)).1;
 +#  }
 +#}
 +
 +
 +EOF
 +
 +dhcpd -t && service isc-dhcp-server start
 +
 +echo Success
 +exit 0
 +</​code>​
 +
 +==== dns ====
 +
 +<​code>​
 +# cat dns.sh
 +</​code><​code>​
 +X=$1
 +
 +if test -z $X
 +then
 +        echo -n "enter X: "
 +        read X
 +fi
 +
 +apt update
 +apt install -y bind9 dnsutils
 +
 +cat > /​etc/​bind/​named.conf <<EOF
 +options {
 +        directory "/​var/​cache/​bind";​
 +
 +        allow-recursion { any; };
 +
 +        forwarders {
 +                172.16.1.254;​
 +        };
 +        empty-zones-enable no;
 +};
 +
 +view "​inside"​ {
 +        match-clients {
 +//            192.168.$X/​24;​
 +//            127/8;
 +              0/0;
 +        };
 +        zone "​corp$X.un"​ {
 +                type master;
 +                file "/​etc/​bind/​corp$X.un";​
 +        };
 +};
 +
 +view "​outside"​ {
 +        zone "​corp$X.un"​ {
 +                type master;
 +                file "/​etc/​bind/​corp$X.un.out";​
 +        };
 +};
 +EOF
 +
 +cat > /​etc/​bind/​corp$X.un <<EOF
 +\$TTL      3h
 +@         ​SOA ​    ns root.ns ​ 1 1d 12h 1w 3h
 +          NS      ns
 +
 +          A       ​192.168.$X.10
 +          MX 1    server
 +
 +ns        A       ​192.168.$X.10
 +gate      A       ​192.168.$X.1
 +server ​   A       ​192.168.$X.10
 +
 +;​_sip._udp ​          ​SRV ​    0 0 5060 server
 +
 +;​_xmpp-client._tcp ​  ​SRV ​    0 0 5222 server
 +
 +;​_kerberos._udp ​     SRV     01 00 88 server
 +;​_kerberos._tcp ​     SRV     01 00 88 server
 +;​_kerberos ​          ​TXT ​    ​CORP$X.UN
 +EOF
 +
 +cat > /​etc/​bind/​corp$X.un.out <<EOF
 +\$TTL      3h
 +@         ​SOA ​    ns root.ns ​ 1 1d 12h 1w 3h
 +          NS      ns
 +
 +ns        A       ​172.16.1.$X
 +gate      A       ​172.16.1.$X
 +server ​   A       ​172.16.1.$X
 +
 +;​_sip._udp ​          ​SRV ​    00 00 6050 server
 +EOF
 +
 +named-checkconf -z && service bind9 restart
 +
 +echo Success
 +exit 0
 +</​code>​
 +
 +===== Ansible конфигурация =====
 +
 +<​code>​
 +# git clone http://​val.bmstu.ru/​unix/​conf.git
 +</​code>​
 +
 +<​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host.yml
 +</​code><​code>​
 +- name: Network config for hosts
 +  hosts: corp
 +  strategy: free
 +  roles:
 +    - host
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​tasks/​main.yml
 +</​code><​code>​
 +- name: Create hosts file
 +  template: src=hosts.j2 dest=/​etc/​hosts
 +
 +- name: Create resolv.conf file
 +  template: src=resolv.conf.j2 dest=/​etc/​resolv.conf
 +
 +- name: Create hostname file
 +  template: src=hostname.j2 dest=/​etc/​hostname
 +
 +- name: Create interfaces file
 +  template: src=interfaces.j2 dest=/​etc/​network/​interfaces
 +
 +#- name: Restart system
 +#  command: shutdown -r +1
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​vars/​main.yml
 +</​code><​code>​
 +hostname: server
 +#hostname: mail
 +base_domain_prefix:​ corp
 +base_domain_suffix:​ un
 +base_net: 172.16.1
 +gateway_octet:​ 254
 +dns_ip: 172.16.1.254
 +X: "{{ ansible_eth0.ipv4.address.split('​.'​)[3] }}"
 +#X: "{{ ansible_eth0.ipv4.address.split('​.'​)[3] | int - 100 }}"
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​templates/​hosts.j2
 +</​code><​code>​
 +127.0.0.1 localhost
 +
 +{{ ansible_eth0.ipv4.address }} {{ hostname }}.{{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }} {{ hostname }}
 +
 +{{ base_net }}.254 rep
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​templates/​resolv.conf.j2
 +</​code><​code>​
 +search {{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }}
 +nameserver {{ dns_ip }}
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​templates/​hostname.j2
 +</​code><​code>​
 +{{ hostname }}.{{ base_domain_prefix }}{{ X }}.{{ base_domain_suffix }}
 +</​code><​code>​
 +server.isp.un:​~/​ansible/​roles#​ cat host/​templates/​interfaces.j2
 +</​code><​code>​
 +auto lo
 +iface lo inet loopback
 +
 +auto eth0
 +iface eth0 inet static
 +        address {{ ansible_eth0.ipv4.address }}
 +        netmask 255.255.255.0
 +        gateway {{ base_net }}.{{ gateway_octet }}
 +</​code><​code>​
 +root@server:​~/​ansible/​roles#​ ansible-playbook host.yml
 +
 +или
 +
 +root@server:​~#​ ansible-playbook ansible/​roles/​host.yml
 </​code>​ </​code>​
настройка_стендов_слушателей.txt · Last modified: 2020/08/22 15:00 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki