Home A - Z
Page Index

An Otter Wiki

Commit 762ffc

2024-06-11 11:55:59 J4nis05: Added Notes for the M300 LB2
/dev/null .. fren/notes-m300-lb2.md
@@ 0,0 1,838 @@
+ # Notizen zur LB2 M 300
+
+ **Bind9 Config Dateien sind ganz unten aufgelistet**
+
+ ## A1: Docker Host
+ ### Festplattte Vorbereiten
+
+ * Verbindung via SSH von LP1 auf LS1 (192.168.70.21)
+
+ ```shell
+ ssh vmadmin@192.168.70.21
+ ```
+ ```shell
+ # Ordner für externe Disks vorbereiten
+ mkdir -p /data/docker
+ mkdir -p /data/www
+ ```
+
+ ```shell
+ # disks auflisten
+ lsblk
+ NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
+ sda 8:0 0 8G 0 disk
+ ├─sda1 8:1 0 1M 0 part
+ └─sda2 8:2 0 8G 0 part /
+ sdb 8:16 0 8G 0 disk
+ sr0 11:0 1 368K 0 rom
+ ```
+
+ * sda1 = ?
+ * sda2 = Root Disk
+ * sdb = Docker Disk
+ * sr0 = ?
+
+ ```shell
+ # Disk sdb Partitionieren
+ sudo fdisk /dev/sdb
+
+ # >n = neue Partition
+ # >p = Primary partion
+ # > Alles andere bei default werten lassen
+
+ # Output lsblk ist jetzt
+ sdb 8:16 0 8G 0 disk
+ └─sdb1 8:17 0 8G 0 part
+ ```
+
+ ```shell
+ # Partition formatieren
+ sudo mkfs.ext4 /dev/sdb1
+
+ # Output
+ mke2fs 1.46.5 (30-Dec-2021)
+ Discarding device blocks: done
+ Creating filesystem with 2096896 4k blocks and 524288 inodes
+ Filesystem UUID: 04273961-35c5-40a2-acfd-acd6c4cd1ad1
+ Superblock backups stored on blocks:
+ 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
+
+ Allocating group tables: done
+ Writing inode tables: done
+ Creating journal (16384 blocks): done
+ Writing superblocks and filesystem accounting information: done
+ ```
+
+ ```shell
+ # Disk Mounten
+ sudo blkid
+
+ # Output
+ /dev/sdb1: UUID="04273961-35c5-40a2-acfd-acd6c4cd1ad1" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="199eee41-01"
+
+ # in fstab mounten
+ sudo nano /etc/fstab
+
+ # Folgendes einfügen
+ UUID=04273961-35c5-40a2-acfd-acd6c4cd1ad1 /data/docker ext4 defaults 0 0
+
+ # Disk mounten
+ systemctl daemon-reload
+ sudo mount -a
+
+ # Mountpoint Testen
+ lsblk
+
+ NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
+ loop0 7:0 0 63.4M 1 loop /snap/core20/1974
+ loop1 7:1 0 63.9M 1 loop /snap/core20/2318
+ loop2 7:2 0 53.3M 1 loop /snap/snapd/19457
+ loop3 7:3 0 38.8M 1 loop /snap/snapd/21759
+ sda 8:0 0 8G 0 disk
+ ├─sda1 8:1 0 1M 0 part
+ └─sda2 8:2 0 8G 0 part /
+ sdb 8:16 0 8G 0 disk
+ └─sdb1 8:17 0 8G 0 part /data/docker
+ sr0 11:0 1 368K 0 rom
+ ```
+
+ ### Docker Installieren
+
+ ```shell
+ for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
+
+ # Add Docker's official GPG key:
+ sudo apt-get update
+ sudo apt-get install ca-certificates curl
+ sudo install -m 0755 -d /etc/apt/keyrings
+ sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
+ sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+ # Add the repository to Apt sources:
+ echo \
+ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
+ $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+ sudo apt-get update
+
+ sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+ ```
+
+ ```shell
+ # Docker Testen
+ sudo docker run hello-world
+ ```
+
+ ### Docker Test Skript ausführen
+ ```shell
+ docker info
+ Client: Docker Engine - Community
+ Version: 26.1.4
+ Context: default
+ Debug Mode: false
+ Plugins:
+ buildx: Docker Buildx (Docker Inc.)
+ Version: v0.14.1
+ Path: /usr/libexec/docker/cli-plugins/docker-buildx
+ compose: Docker Compose (Docker Inc.)
+ Version: v2.27.1
+ Path: /usr/libexec/docker/cli-plugins/docker-compose
+
+ Server:
+ Containers: 1
+ Running: 0
+ Paused: 0
+ Stopped: 1
+ Images: 1
+ Server Version: 26.1.4
+ Storage Driver: overlay2
+ Backing Filesystem: extfs
+ Supports d_type: true
+ Using metacopy: false
+ Native Overlay Diff: true
+ userxattr: false
+ Logging Driver: json-file
+ Cgroup Driver: systemd
+ Cgroup Version: 2
+ Plugins:
+ Volume: local
+ Network: bridge host ipvlan macvlan null overlay
+ Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
+ Swarm: inactive
+ Runtimes: runc io.containerd.runc.v2
+ Default Runtime: runc
+ Init Binary: docker-init
+ containerd version: d2d58213f83a351ca8f528a95fbd145f5654e957
+ runc version: v1.1.12-0-g51d5e94
+ init version: de40ad0
+ Security Options:
+ apparmor
+ seccomp
+ Profile: builtin
+ cgroupns
+ Kernel Version: 5.15.0-72-generic
+ Operating System: Ubuntu 22.04.4 LTS
+ OSType: linux
+ Architecture: x86_64
+ CPUs: 1
+ Total Memory: 1.93GiB
+ Name: vmLS1.lb2.m300.smartlearn.ch
+ ID: cf3570a6-4923-4cd4-99ea-4bab6aa053ae
+ Docker Root Dir: /var/lib/docker
+ Debug Mode: false
+ Experimental: false
+ Insecure Registries:
+ 127.0.0.0/8
+ Live Restore Enabled: false
+
+ docker ps
+ CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
+ df
+ Filesystem 1K-blocks Used Available Use% Mounted on
+ tmpfs 202340 1128 201212 1% /run
+ /dev/sda2 8170952 2961948 4815376 39% /
+ tmpfs 1011688 0 1011688 0% /dev/shm
+ tmpfs 5120 0 5120 0% /run/lock
+ tmpfs 202336 4 202332 1% /run/user/1000
+ /dev/sdb1 8153564 24 7717780 1% /data/docker
+ cat /etc/fstab
+ # /etc/fstab: static file system information.
+ #
+ # Use 'blkid' to print the universally unique identifier for a
+ # device; this may be used with UUID= as a more robust way to name devices
+ # that works even if disks are added and removed. See fstab(5).
+ #
+ # <file system> <mount point> <type> <options> <dump> <pass>
+ # / was on /dev/sda2 during curtin installation
+ /dev/disk/by-uuid/7860ac43-69f7-45bf-bebd-e37600691499 / ext4 defaults 0 1
+
+
+ # Docker Data
+ UUID=04273961-35c5-40a2-acfd-acd6c4cd1ad1 /data/docker ext4 defaults 0 0
+ ls -laR /data |head -n 50
+ /data:
+ total 12
+ drwxr-xr-x 3 root root 4096 Jun 11 11:04 .
+ drwxr-xr-x 20 root root 4096 Jun 11 11:04 ..
+ drwxr-xr-x 3 root root 4096 Jun 11 11:00 docker
+
+ /data/docker:
+ total 24
+ drwxr-xr-x 3 root root 4096 Jun 11 11:00 .
+ drwxr-xr-x 3 root root 4096 Jun 11 11:04 ..
+ drwx------ 2 root root 16384 Jun 11 11:00 lost+found
+
+ /data/docker/lost+found:
+ total 20
+ drwx------ 2 root root 16384 Jun 11 11:00 .
+ drwxr-xr-x 3 root root 4096 Jun 11 11:00 ..
+ ls -laR /var/lib/docker |head -n 50
+ /var/lib/docker:
+ total 52
+ drwx--x--- 12 root root 4096 Jun 11 11:08 .
+ drwxr-xr-x 42 root root 4096 Jun 11 11:08 ..
+ drwx--x--x 4 root root 4096 Jun 11 11:08 buildkit
+ drwx--x--- 3 root root 4096 Jun 11 11:09 containers
+ -rw------- 1 root root 36 Jun 11 11:08 engine-id
+ drwx------ 3 root root 4096 Jun 11 11:08 image
+ drwxr-x--- 3 root root 4096 Jun 11 11:08 network
+ drwx--x--- 6 root root 4096 Jun 11 11:09 overlay2
+ drwx------ 4 root root 4096 Jun 11 11:08 plugins
+ drwx------ 2 root root 4096 Jun 11 11:08 runtimes
+ drwx------ 2 root root 4096 Jun 11 11:08 swarm
+ drwx------ 2 root root 4096 Jun 11 11:09 tmp
+ drwx-----x 2 root root 4096 Jun 11 11:08 volumes
+
+ /var/lib/docker/buildkit:
+ total 112
+ drwx--x--x 4 root root 4096 Jun 11 11:08 .
+ drwx--x--- 12 root root 4096 Jun 11 11:08 ..
+ -rw------- 1 root root 32768 Jun 11 11:08 cache.db
+ -rw-r--r-- 1 root root 16384 Jun 11 11:08 containerdmeta.db
+ drwxr-xr-x 3 root root 4096 Jun 11 11:08 content
+ drwx--x--x 2 root root 4096 Jun 11 11:08 executor
+ -rw------- 1 root root 32768 Jun 11 11:08 history.db
+ -rw------- 1 root root 16384 Jun 11 11:08 metadata_v2.db
+ -rw------- 1 root root 16384 Jun 11 11:08 snapshots.db
+
+ /var/lib/docker/buildkit/content:
+ total 12
+ drwxr-xr-x 3 root root 4096 Jun 11 11:08 .
+ drwx--x--x 4 root root 4096 Jun 11 11:08 ..
+ drwxr-xr-x 2 root root 4096 Jun 11 11:08 ingest
+
+ /var/lib/docker/buildkit/content/ingest:
+ total 8
+ drwxr-xr-x 2 root root 4096 Jun 11 11:08 .
+ drwxr-xr-x 3 root root 4096 Jun 11 11:08 ..
+
+ /var/lib/docker/buildkit/executor:
+ total 8
+ drwx--x--x 2 root root 4096 Jun 11 11:08 .
+ drwx--x--x 4 root root 4096 Jun 11 11:08 ..
+
+ /var/lib/docker/containers:
+ total 12
+ drwx--x--- 3 root root 4096 Jun 11 11:09 .
+ drwx--x--- 12 root root 4096 Jun 11 11:08 ..
+ drwx--x--- 4 root root 4096 Jun 11 11:09 04c92bcae4eccfb1ac57d1da261e3f442d9577119a63547c29a0ec411e2df806
+ ```
+
+ ---
+
+ ## A2: DNS-Server
+ ### Task
+ * DNS auf vmLS1
+ * Zone "lb2.m300.smartlearn.ch" erstellen
+ * Einträge zu Zone hinzufügen
+ * Firewall: 192.168.70.1 (DMZ), 192.168.150.1 (LAN)
+ * vmLS1: 192.168.70.21
+ * Reverse Zone für "192.168.70.0/24"
+ * PTR Record für Jede IP Adresse:
+ * Firewall: 192.168.70.1
+ * vmLS1: 192.168.70.21
+ * DNS Server auf LP1 und LS1 konfigurieren
+ * Interne und externe DNS Auflösung Testen
+ * Konfig mit `testen_dns` Befehl Testen
+ * Für Test Skript env Variable `$dnsip` updaten
+ * --> `echo 'export dnsip="192.168.70.21"' > ~/.bashrc && source ~/.bashrc`
+ * Config Dateien abgeben:
+ * `named.conf.local`
+ * `named.conf.options`
+ * Zonen Datei von `lb2.m300.smartlearn.ch`
+
+
+ ### Installation und Konfiguration DNS
+ ssh verbindung besteht noch zu vmLS1
+ ```shell
+ # Bind9 Installieren
+ sudo apt update
+ sudo apt install bind9 bind9utils bind9-doc -y
+ ```
+
+ ```shell
+ # Forward Zone
+ sudo nano /etc/bind/db.lb2.m300.smartlearn.ch
+
+ # Inhalt
+ $TTL 604800
+ @ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
+ 2024010101 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+ ;
+ @ IN NS ns.lb2.m300.smartlearn.ch.
+
+ ns IN A 192.168.70.21
+ www IN A 192.168.70.21
+ vmls1 IN A 192.168.70.21
+ applikation IN A 192.168.70.21
+ vmlf1 IN A 192.168.70.1
+ ```
+
+ ```shell
+ # Zonenbeschreibung
+ sudo nano /etc/bind/named.conf.local
+
+ # Inhalt
+ zone "lb2.m300.smartlearn.ch" {
+ type master;
+ file "/etc/bind/db.lb2.m300.smartlearn.ch";
+ };
+ ```
+
+ ```shell
+ # DNS Restart & Testen
+ sudo systemctl restart bind9
+
+ dig @localhost firewall-dmz.lb2.m300.smartlearn.ch
+ dig @localhost firewall-lan.lb2.m300.smartlearn.ch
+ dig @localhost vmls1.lb2.m300.smartlearn.ch
+ ```
+
+ ```shell
+ # Reverse Zone
+ sudo nano /etc/bind/db.192.168.70
+
+ # Inhalt
+ $TTL 604800
+ @ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
+ 2024010101 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+ ;
+ @ IN NS ns.lb2.m300.smartlearn.ch.
+
+ 1 IN PTR vmlf1.lb2.m300.smartlearn.ch.
+ 21 IN PTR vmls1.lb2.m300.smartlearn.ch.
+ 22 IN PTR vmws1.lb2.m300.smartlearn.ch.
+ ```
+
+ ```shell
+ # Zonenbeschreibung
+ sudo nano /etc/bind/named.conf.local
+
+ # Inhalt
+ zone "lb2.m300.smartlearn.ch" {
+ type master;
+ file "/etc/bind/db.lb2.m300.smartlearn.ch";
+ };
+
+ zone "70.168.192.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.192.168.70";
+ };
+ ```
+
+ ```shell
+ # DNS Restart & Testen
+ sudo systemctl restart bind9
+
+ dig @localhost -x 192.168.70.1
+ dig @localhost -x 192.168.70.21
+ ```
+
+ ```shell
+ # Externe Auflösung aktivieren
+ sudo nano /etc/bind/named.conf.options
+
+ # Inhalt
+ options {
+ directory "/var/cache/bind";
+
+ // Forwarders to public DNS servers
+ forwarders {
+ 1.1.1.1;
+ 1.1.0.1;
+ };
+
+ // Allow recursive queries
+ allow-recursion { any; };
+
+ // If you want to restrict recursive queries to your internal network only:
+ // allow-recursion { 192.168.0.0/16; };
+
+ dnssec-validation auto;
+
+ auth-nxdomain no; # conform to RFC1035
+ listen-on-v6 { any; };
+ };
+ ```
+
+ ```shell
+ # DNS Restart & Testen
+ sudo systemctl restart bind9
+
+ dig @localhost google.com
+ ```
+
+ ### DNS auf Server und Client Konfigurieren
+ ```shell
+ # Server
+ sudo nano /etc/netplan/00-eth0.yaml
+
+ # Inhalt
+ network:
+ version: 2
+ renderer: networkd
+ ethernets:
+ eth0:
+ addresses: [ 192.168.70.21/24 ]
+ dhcp4: false
+ routes:
+ - to: default
+ via: 192.168.70.1
+ nameservers:
+ addresses: [ 192.168.70.21 ]
+ search: [ lb2.m300.smartlearn.ch ]
+
+ # Änderungen übernehmen
+ sudo netplan apply
+ ```
+
+ ```shell
+ # Client
+ sudo nano /etc/netplan/00-eth0.yaml
+
+ # Inhalt
+ network:
+ version: 2
+ renderer: NetworkManager
+ ethernets:
+ eth0:
+ dhcp4: yes
+ routes:
+ - to: default
+ via: 192.168.150.1
+ nameservers:
+ addresses: [ 192.168.70.21 ]
+ search: [ lb2.m300.smartlearn.ch ]
+
+ # Änderungen übernehmen
+ sudo netplan apply
+
+ # resolf.conf noch diese Zeile
+ nameserver 192.168.70.21
+ ```
+
+ ### DNS Konfig von vmLP1 aus Testen
+ ```shell
+ # $> testen_dns
+
+ nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ Name: vmlf1.lb2.m300.smartlearn.ch
+ Address: 192.168.70.1
+
+ nslookup www.lb2.m300.smartlearn.ch 192.168.70.21
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ Name: www.lb2.m300.smartlearn.ch
+ Address: 192.168.70.21
+
+ nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ Name: applikation.lb2.m300.smartlearn.ch
+ Address: 192.168.70.21
+
+ nslookup 192.168.70.22 192.168.70.21
+ 22.70.168.192.in-addr.arpa name = vmws1.lb2.m300.smartlearn.ch.
+
+ nslookup www.gibb.ch 192.168.70.21
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ Non-authoritative answer:
+ Name: www.gibb.ch
+ Address: 194.124.129.15
+
+ nslookup vmls1.lb2.m300.smartlearn.ch
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ Name: vmls1.lb2.m300.smartlearn.ch
+ Address: 192.168.70.21
+
+ nslookup www
+ Server: 192.168.70.21
+ Address: 192.168.70.21#53
+
+ ** server can't find www: NXDOMAIN
+ ```
+
+ ---
+
+ ## A3: Applikation - Wordpress
+ * Wordpress auf dem Server
+
+ ### Apps installieren und Wordpress vorbereiten
+ ```shell
+ sudo apt update
+ sudo apt install apache2 mysql-server php libapache2-mod-php php-mysql
+
+ cd /tmp
+ wget https://wordpress.org/latest.tar.gz
+ tar -xzvf latest.tar.gz
+
+ sudo mv /tmp/wordpress/* /var/www/html/
+
+ sudo cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
+ sudo chown -R www-data:www-data /var/www/html/
+ ```
+
+ ### Mysql db vorbereiten
+
+ ```shell
+ sudo mysql_secure_installation
+ ```
+
+ ```shell
+ sudo mysql -u root -p
+ CREATE DATABASE wordpress;
+ CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
+ GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpressuser'@'localhost';
+ FLUSH PRIVILEGES;
+ EXIT;
+ ```
+
+ ### WP Konfig anpassen
+ ```shell
+ sudo nano /var/www/html/wp-config.php
+ ```
+
+ ```php
+ define('DB_NAME', 'wordpress');
+ define('DB_USER', 'wordpressuser');
+ define('DB_PASSWORD', 'password');
+ define('DB_HOST', 'localhost');
+ ```
+
+ ### Apache vorbereiten
+
+ ```shell
+ sudo systemctl restart apache2
+ sudo nano /etc/apache2/sites-available/applikation.lb2.m300.smartlearn.ch.conf
+ ```
+
+ ```conf
+ <VirtualHost *:80>
+ ServerAdmin admin@example.com
+ DocumentRoot /var/www/html/
+ ServerName applikation.lb2.m300.smartlearn.ch
+
+ <Directory /var/www/html/>
+ Options FollowSymLinks
+ AllowOverride All
+ Require all granted
+ </Directory>
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+ </VirtualHost>
+ ```
+
+ ### Webseite aktivieren
+ ```shell
+ sudo a2ensite applikation.lb2.m300.smartlearn.ch.conf
+ sudo a2enmod rewrite
+ sudo systemctl restart apache2
+ ```
+
+ ---
+
+ ## A4: Web Inhalt
+ ### Task:
+ * HTTP-Dienst auf vmLS1 installieren
+ * Download Link für Webseite: https://smartlearn.gibb.ch/media/e8a8e4d47dd0cc3a6796ab.gz
+ * Entpacken mit `tar -xvzf www.lb2.ch.tar.gz`
+ * Folgende URl für Web Dienst: http://www.lb2.m300.smartlearn.ch
+ * Apache Site-Konfigurationsdatei soll den Namen "www.lb2.conf" haben
+ * Zweite Hardisk formatieren und unter /data/www mounten
+ * Lösung Dokumentieren und Screenshot einfügen
+
+ ### Disk Formatieren
+ ```shell
+ # Disk sdc Partitionieren
+ sudo fdisk /dev/sdc
+
+ # >n = neue Partition
+ # >p = Primary partion
+ # > Alles andere bei default werten lassen
+
+ # Output lsblk ist jetzt
+ sda 8:16 0 8G 0 disk
+ └─sda1 8:17 0 8G 0 part
+
+ # Partition formatieren und Mounten
+ sudo mkfs.ext4 /dev/sda1
+ sudo nano /etc/fstab
+
+ # Inhalt
+ UUID=825c1d3f-6846-4429-959d-4e29f5ff3873 /data/www ext4 defaults 0 0
+
+ systemctl daemon-reload
+ sudo mount -a
+ ```
+
+ ### Webseite
+ * Auf vmLS1
+
+ ```shell
+ cd /tmp
+ wget https://smartlearn.gibb.ch/media/e8a8e4d47dd0cc3a6796ab.gz
+ tar -xvzf e8a8e4d47dd0cc3a6796ab.gz
+ mv /tmp/www/* /data/www/
+ ```
+
+ ### Apache
+ ```shell
+ sudo nano /etc/apache2/sites-available/www.lb2.conf
+ ```
+
+ ```conf
+ <VirtualHost *:80>
+ ServerAdmin admin@example.com
+ ServerName www.lb2.m300.smartlearn.ch
+ DocumentRoot /data/www
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+ </VirtualHost>
+ ```
+
+ * Aktivieren
+ ```shell
+ sudo a2ensite www.lb2.conf
+ sudo systemctl restart apache2
+ ```
+
+ ---
+
+ ## Zusatz: Option C - login mit ssh keys
+
+ ```shell
+ # auf lp1
+ ssh-keygen
+ ssh-copy-id vmadmin@192.168.70.21
+
+ # testen mit
+ touch test
+ scp test vmadmin@192.168.70.21
+ ```
+
+ ---
+
+ ## Test Skripts
+ ### Testen Docker
+
+ * /usr/local/bin/testen_docker
+
+ ```shell
+ #!/bin/bash
+ bold=$(tput bold)
+ normal=$(tput sgr0)
+ echo -e "${bold}docker info${normal}"
+ docker info
+ echo -e "${bold}docker ps${normal}"
+ docker ps
+ echo -e "${bold}df${normal}"
+ df
+ echo -e "${bold}cat /etc/fstab${normal}"
+ cat /etc/fstab
+ echo -e "${bold}ls -laR /data |head -n 50${normal}"
+ ls -laR /data |head -n 50
+ echo -e "${bold}ls -laR /var/lib/docker |head -n 50${normal}"
+ ls -laR /var/lib/docker |head -n 50
+ ```
+
+ ### Testen DNS
+
+ * /usr/local/bin/testen_dns
+
+ ```shell
+ #!/bin/bash
+ bold=$(tput bold)
+ normal=$(tput sgr0)
+ echo -e "${bold}nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
+ nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21
+ echo -e "${bold}nslookup www.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
+ nslookup www.lb2.m300.smartlearn.ch 192.168.70.21
+ echo -e "${bold}nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
+ nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21
+ echo -e "${bold}nslookup 192.168.70.22 192.168.70.21${normal}"
+ nslookup 192.168.70.22 192.168.70.21
+ echo -e "${bold}nslookup www.gibb.ch 192.168.70.21${normal}"
+ nslookup www.gibb.ch 192.168.70.21
+
+ echo -e "${bold}nslookup vmls1.lb2.m300.smartlearn.ch${normal}"
+ nslookup vmls1.lb2.m300.smartlearn.ch
+ echo -e "${bold}nslookup www${normal}"
+ nslookup www
+ ```
+
+ ---
+
+ ## Bind9 Konfigurationsdateien
+ ### Forward Zone `db.lb2.m300.smartlearn.ch`
+
+ ```
+ #/etc/bind/db.lb2.m300.smartlearn.ch
+
+ $TTL 604800
+ @ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
+ 2024010101 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+ ;
+ @ IN NS ns.lb2.m300.smartlearn.ch.
+
+ ns IN A 192.168.70.21
+ www IN A 192.168.70.21
+ vmls1 IN A 192.168.70.21
+ applikation IN A 192.168.70.21
+ vmlf1 IN A 192.168.70.1
+ ```
+
+
+ ### Reverse Zone `db.192.168.70`
+
+ ```
+ #/etc/bind/db.192.168.70
+
+ TTL 604800
+ @ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
+ 2024010101 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+ ;
+ @ IN NS ns.lb2.m300.smartlearn.ch.
+
+ 1 IN PTR vmlf1.lb2.m300.smartlearn.ch.
+ 21 IN PTR vmls1.lb2.m300.smartlearn.ch.
+ 22 IN PTR vmws1.lb2.m300.smartlearn.ch.
+ ```
+
+
+ ### Bind9 Konfiguration `named.conf.local`
+
+ ```
+ #/etc/bind/named.conf.local
+
+ //
+ // Do any local configuration here
+ //
+
+ // Consider adding the 1918 zones here, if they are not used in your
+ // organization
+ //include "/etc/bind/zones.rfc1918";
+
+ zone "lb2.m300.smartlearn.ch" {
+ type master;
+ file "/etc/bind/db.lb2.m300.smartlearn.ch";
+ };
+
+ zone "70.168.192.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.192.168.70";
+ };
+ ```
+
+
+ ### Bind9 Optionen `named.conf.options`
+
+ ```
+ #/etc/bind/named.conf.options
+
+ options {
+ directory "/var/cache/bind";
+
+ // Forwarders to public DNS servers
+ forwarders {
+ 1.1.1.1;
+ 1.1.0.1;
+ };
+
+ // Allow recursive queries
+ allow-recursion { any; };
+
+ // If you want to restrict recursive queries to your internal network only:
+ // allow-recursion { 192.168.0.0/16; };
+
+ dnssec-validation auto;
+
+ auth-nxdomain no; # conform to RFC1035
+ listen-on-v6 { any; };
+ };
+ ```
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9