第十六週作業

1、搭建DHCP服務，爲局域網內用戶提供10.1.1.0/24網段的IP，且租約期默認爲48小時

```答：
dhcpser]# yum –y install dhcp
dhcpser]# cat /etc/dhcp/dhcpd.conf
option domain-name "WLdhcp";
option domain-name-servers 192.168.1.90;

default-lease-time 172800;
max-lease-time 172800;

·# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;

option routers 192.168.21.1;

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.20 192.168.1.30;
option routers 192.168.91.1;
filename "pxelinux.0";
next-server 192.168.1.90;
}


### 2、在上述實驗基礎上，實現DHCP中繼
``` 環境準備
dhcp-server：Centos7、192.168.100.10 安裝dhcp服務
dhcp-relay：Centos7、eth0:192.168.100.25、eth1:10.1.1.1 安裝dhcp服務
dhcp-client：Centos6，通過dhclient -d 查看獲取IP地址狀態
dhcp-server 配置
網卡配置：
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens32
UUID=db2dbbd8-a363-4249-a3cf-7d2a42de81f2
DEVICE=ens32
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
GATEWAY=192.168.100.254   #指向dhcp-relay服務器eth0
PREFIX=24

dhcp服務配置：
option domain-name "peaoguo.com";
option domain-name-servers 192.168.0.1;

default-lease-time 43200;
max-lease-time 86400;

log-facility local7;

subnet 192.168.100.0  netmask 255.255.255.0 {
        range 192.168.100.100 192.168.100.120;
        option routers 192.168.100.254;
}

subnet 10.1.1.0  netmask 255.255.255.0 {
        range 10.1.1.100 10.1.1.254;
        option routers 10.1.1.1;
}

啓動dhcp服務
system start dhcpd
dhcp-relay服務器配置
eth0網卡配置：
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=f570d8a2-908c-4b0b-9d1c-38524549e0d4
DEVICE=ens34
ONBOOT=yes
PROXY_METHOD=none
BROWSER_ONLY=no
IPADDR=192.168.100.254       
PREFIX=24
GATEWAY=192.168.100.10  #指向dhcp服務器IP地址

eth1網卡配置：

TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens35
UUID=0f082b61-0afd-4294-a62a-313e2f5b394e
DEVICE=ens35
ONBOOT=yes
PROXY_METHOD=none
BROWSER_ONLY=no
IPADDR=10.1.1.1   #指向dhcp地址池默認網關
PREFIX=24

dhcrelay配置
[root@node1 ~]# dhcrelay 192.168.100.10
Dropped all unnecessary capabilities.
Internet Systems Consortium DHCP Relay Agent 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/ens35/00:50:56:84:33:f0
Sending on   LPF/ens35/00:50:56:84:33:f0
Listening on LPF/ens34/00:50:56:84:0f:10
Sending on   LPF/ens34/00:50:56:84:0f:10
Listening on LPF/ens32/00:50:56:84:34:a6
Sending on   LPF/ens32/00:50:56:84:34:a6
Sending on   Socket/fallback

[root@node1 ~]# ss -tunlp |grep dhcrelay
udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4092551,fd=7))
udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4091950,fd=7))
udp    UNCONN     0      0         *:67                    *:*                   users:(("dhcrelay",pid=4090021,fd=7))

3、藉助Ansible Playbook自動化搭建LNMP環境（可藉助yum）

``` 注意事項：
1、web端防火牆需要禁用
2、php-fpm配置www.conf時要把本地監聽地址放開、拒絕地址列表註釋掉
3、index.php語法要正確
~ansible]# yum –y install ansible
~ansible]# cat /etc/ansible/hosts
[ns]
192.168.1.89

[dbs]
192.168.1.90

[php]
192.168.1.91

直接回車，在本地主機生成一對兒密鑰；
~ansible]# ssh-keygen -t rsa -P ''
將祕鑰發送到客戶端
~ansible]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
~ansible]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]
~ansible]# ssh-copy-id -i .ssh/id_rsa.pub [email protected]

~ansible]# cat /tmp/as.yaml

hosts: ns
remote_user: root
tasks:
- name: reponginx
  copy: src=/tmp/nginx.repo dest=/etc/yum.repos.d/nginx.repo
- name: f5
  shell: yum makecache
- name: installnginx
  yum: name=nginx state=present
- name: nginxconf
  copy: src=/tmp/nginxwl.conf dest=/etc/nginx/conf.d/wlnginx.conf
- name: startnginx
  service: name=nginx state=started
- name: stopfirewall
  service: name=firewalld state=stopped
hosts: dbs
remote_user: root
tasks:
- name: install mariadb
  yum: name={{ item }} state=present
  with_items:
  - mariadb
  - mariadb-server
- name: copy dbconf
  copy: src=/tmp/mariadb-server.conf dest=/etc/my.cnf.d/server.cnf
- name: start mariadb
  service: name=mariadb state=started
- name: stopfire
  service: name=firewalld state=stopped
hosts: php
remote_user: root
tasks:
- name: firewalldstop
  service: name=firewalld state=stopped
- name: install php
  yum: name={{ item }} state=present
  with_items:
  - php
  - php-devel
  - php-xml
  - php-fpm
  - php-mbstring
- name: php-conf
  copy: src=/tmp/www.conf dest=/etc/php-fpm.d/www.conf
- name: startphp
  service: name=php-fpm state=started
- name: mkdir
  shell: mkdir -p /usr/share/nginx/html
- name: ceateindex
  copy: src=/tmp/index.php dest=/usr/share/nginx/html/index.php
  執行即可
```
### 4、採用Ansible Role方式自動化搭建LNMP
```
  創建目錄結構
  mkdir -pv {nginx,php,mariadb,wordpress}/{tasks,vars,templates,files,meta,defaults}
  nginx角色編排
  編排nginx角色tasks
  cd /etc/ansible/roles/nginx/tasks
  vim main.yml
  - name: install nginx
    yum: name=nginx state=latest
    when: ansible_os_family == "RedHat"
  - name: copy config
    copy: src=nginx.conf dest=/etc/nginx/nginx.conf
    notify: restart nginx
  - name: start
    service: name=nginx state=started enabled=yes

編排觸發重啓
cd /etc/ansible/roles/nginx/handlers
vim main.yml

name: restart nginx
service: name=nginx state=restarted

準備nginx.conf配置文件
cd /etc/ansible/roles/nginx/files
cp /etc/nginx/nginx.conf .
php角色編排
cd /etc/ansible/roles/php/tasks
vim main.yml

name: install php
yum: name={{ item }} state=present
with_items:
- php-fpm
- php-mysql
name: start php
service: name=php-fmp state=started enabled=yes

mariadb角色編排
cd /etc/ansible/roles/mariadb/tasks
vim main.yml

name: install mariadb-server
yum: name=mariadb-server
name: start service
service: name=mariadb state=started enabled=yes
name: create wordress databases
mysql_db: login_user=root name=wordpress
name: mariadb conf
mysql_user: login_user=root name=wordpress host=localhost password='wordpress' priv='wordpress.*:ALL' state=present
tags: db

wordpress角色編排

cd /etc/ansible/roles/wordpress/tasks
vim main.yml

name: mkdir
file: path=/data state=directory mode=0755
name: uncompress
unarchive: src=/etc/ansible/playbook/wordpress-5.0.3-zh_CN.tar.gz dest=/data/
tags: up
name: wordpress config
copy: src=/etc/ansible/playbook/wp-config.php dest=/data/wordpress/
tags: cpwp

準備WordPress安裝文件
cd /etc/ansible/roles/wordpress/files
cp /root/wordpress-5.0.3-zh_CN.tar.gz .
playbook編寫

name: install nginx
hosts: LNMP
remote_user: root
roles:
- nginx
- php
- mariadb
- wordpress
  playbook語法測試
  [root@localhost ansible]# ansible-playbook --syntax-check lnmp.yaml
  playbook: lnmp.yaml
  [root@localhost ansible]#
  運行
  [root@localhost ansible]# ansible-playbook lnmp.yaml

第十六週作業

1、搭建DHCP服務，爲局域網內用戶提供10.1.1.0/24網段的IP，且租約期默認爲48小時

3、藉助Ansible Playbook自動化搭建LNMP環境（可藉助yum）

第十七週作業

第十六週作業

第十五週作業

第十四周作業

第十三週作業

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結