Home A - Z
Page Index

An Otter Wiki

Blame

762ffc J4nis05 2024-06-11 11:55:59 1 
# Notizen zur LB2 M 300
2
3
**Bind9 Config Dateien sind ganz unten aufgelistet**
4
5
## A1: Docker Host
6
### Festplattte Vorbereiten
7
8
* Verbindung via SSH von LP1 auf LS1 (192.168.70.21)
9
10
```shell
11
ssh vmadmin@192.168.70.21
12
```
13
```shell
14
# Ordner für externe Disks vorbereiten
15
mkdir -p /data/docker
16
mkdir -p /data/www
17
```
18
19
```shell
20
# disks auflisten
21
lsblk
22
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
23
sda 8:0 0 8G 0 disk
24
├─sda1 8:1 0 1M 0 part
25
└─sda2 8:2 0 8G 0 part /
26
sdb 8:16 0 8G 0 disk
27
sr0 11:0 1 368K 0 rom
28
```
29
30
* sda1 = ?
31
* sda2 = Root Disk
32
* sdb = Docker Disk
33
* sr0 = ?
34
35
```shell
36
# Disk sdb Partitionieren
37
sudo fdisk /dev/sdb
38
39
# >n = neue Partition
40
# >p = Primary partion
41
# > Alles andere bei default werten lassen
42
43
# Output lsblk ist jetzt
44
sdb 8:16 0 8G 0 disk
45
└─sdb1 8:17 0 8G 0 part
46
```
47
48
```shell
49
# Partition formatieren
50
sudo mkfs.ext4 /dev/sdb1
51
52
# Output
53
mke2fs 1.46.5 (30-Dec-2021)
54
Discarding device blocks: done
55
Creating filesystem with 2096896 4k blocks and 524288 inodes
56
Filesystem UUID: 04273961-35c5-40a2-acfd-acd6c4cd1ad1
57
Superblock backups stored on blocks:
58
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
59
60
Allocating group tables: done
61
Writing inode tables: done
62
Creating journal (16384 blocks): done
63
Writing superblocks and filesystem accounting information: done
64
```
65
66
```shell
67
# Disk Mounten
68
sudo blkid
69
70
# Output
71
/dev/sdb1: UUID="04273961-35c5-40a2-acfd-acd6c4cd1ad1" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="199eee41-01"
72
73
# in fstab mounten
74
sudo nano /etc/fstab
75
76
# Folgendes einfügen
77
UUID=04273961-35c5-40a2-acfd-acd6c4cd1ad1 /data/docker ext4 defaults 0 0
78
79
# Disk mounten
80
systemctl daemon-reload
81
sudo mount -a
82
83
# Mountpoint Testen
84
lsblk
85
86
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
87
loop0 7:0 0 63.4M 1 loop /snap/core20/1974
88
loop1 7:1 0 63.9M 1 loop /snap/core20/2318
89
loop2 7:2 0 53.3M 1 loop /snap/snapd/19457
90
loop3 7:3 0 38.8M 1 loop /snap/snapd/21759
91
sda 8:0 0 8G 0 disk
92
├─sda1 8:1 0 1M 0 part
93
└─sda2 8:2 0 8G 0 part /
94
sdb 8:16 0 8G 0 disk
95
└─sdb1 8:17 0 8G 0 part /data/docker
96
sr0 11:0 1 368K 0 rom
97
```
98
99
### Docker Installieren
100
101
```shell
102
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
103
104
# Add Docker's official GPG key:
105
sudo apt-get update
106
sudo apt-get install ca-certificates curl
107
sudo install -m 0755 -d /etc/apt/keyrings
108
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
109
sudo chmod a+r /etc/apt/keyrings/docker.asc
110
111
# Add the repository to Apt sources:
112
echo \
113
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
114
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
115
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
116
sudo apt-get update
117
118
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
119
```
120
121
```shell
122
# Docker Testen
123
sudo docker run hello-world
124
```
125
126
### Docker Test Skript ausführen
127
```shell
128
docker info
129
Client: Docker Engine - Community
130
Version: 26.1.4
131
Context: default
132
Debug Mode: false
133
Plugins:
134
buildx: Docker Buildx (Docker Inc.)
135
Version: v0.14.1
136
Path: /usr/libexec/docker/cli-plugins/docker-buildx
137
compose: Docker Compose (Docker Inc.)
138
Version: v2.27.1
139
Path: /usr/libexec/docker/cli-plugins/docker-compose
140
141
Server:
142
Containers: 1
143
Running: 0
144
Paused: 0
145
Stopped: 1
146
Images: 1
147
Server Version: 26.1.4
148
Storage Driver: overlay2
149
Backing Filesystem: extfs
150
Supports d_type: true
151
Using metacopy: false
152
Native Overlay Diff: true
153
userxattr: false
154
Logging Driver: json-file
155
Cgroup Driver: systemd
156
Cgroup Version: 2
157
Plugins:
158
Volume: local
159
Network: bridge host ipvlan macvlan null overlay
160
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
161
Swarm: inactive
162
Runtimes: runc io.containerd.runc.v2
163
Default Runtime: runc
164
Init Binary: docker-init
165
containerd version: d2d58213f83a351ca8f528a95fbd145f5654e957
166
runc version: v1.1.12-0-g51d5e94
167
init version: de40ad0
168
Security Options:
169
apparmor
170
seccomp
171
Profile: builtin
172
cgroupns
173
Kernel Version: 5.15.0-72-generic
174
Operating System: Ubuntu 22.04.4 LTS
175
OSType: linux
176
Architecture: x86_64
177
CPUs: 1
178
Total Memory: 1.93GiB
179
Name: vmLS1.lb2.m300.smartlearn.ch
180
ID: cf3570a6-4923-4cd4-99ea-4bab6aa053ae
181
Docker Root Dir: /var/lib/docker
182
Debug Mode: false
183
Experimental: false
184
Insecure Registries:
185
127.0.0.0/8
186
Live Restore Enabled: false
187
188
docker ps
189
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
190
df
191
Filesystem 1K-blocks Used Available Use% Mounted on
192
tmpfs 202340 1128 201212 1% /run
193
/dev/sda2 8170952 2961948 4815376 39% /
194
tmpfs 1011688 0 1011688 0% /dev/shm
195
tmpfs 5120 0 5120 0% /run/lock
196
tmpfs 202336 4 202332 1% /run/user/1000
197
/dev/sdb1 8153564 24 7717780 1% /data/docker
198
cat /etc/fstab
199
# /etc/fstab: static file system information.
200
#
201
# Use 'blkid' to print the universally unique identifier for a
202
# device; this may be used with UUID= as a more robust way to name devices
203
# that works even if disks are added and removed. See fstab(5).
204
#
205
# <file system> <mount point> <type> <options> <dump> <pass>
206
# / was on /dev/sda2 during curtin installation
207
/dev/disk/by-uuid/7860ac43-69f7-45bf-bebd-e37600691499 / ext4 defaults 0 1
208
209
210
# Docker Data
211
UUID=04273961-35c5-40a2-acfd-acd6c4cd1ad1 /data/docker ext4 defaults 0 0
212
ls -laR /data |head -n 50
213
/data:
214
total 12
215
drwxr-xr-x 3 root root 4096 Jun 11 11:04 .
216
drwxr-xr-x 20 root root 4096 Jun 11 11:04 ..
217
drwxr-xr-x 3 root root 4096 Jun 11 11:00 docker
218
219
/data/docker:
220
total 24
221
drwxr-xr-x 3 root root 4096 Jun 11 11:00 .
222
drwxr-xr-x 3 root root 4096 Jun 11 11:04 ..
223
drwx------ 2 root root 16384 Jun 11 11:00 lost+found
224
225
/data/docker/lost+found:
226
total 20
227
drwx------ 2 root root 16384 Jun 11 11:00 .
228
drwxr-xr-x 3 root root 4096 Jun 11 11:00 ..
229
ls -laR /var/lib/docker |head -n 50
230
/var/lib/docker:
231
total 52
232
drwx--x--- 12 root root 4096 Jun 11 11:08 .
233
drwxr-xr-x 42 root root 4096 Jun 11 11:08 ..
234
drwx--x--x 4 root root 4096 Jun 11 11:08 buildkit
235
drwx--x--- 3 root root 4096 Jun 11 11:09 containers
236
-rw------- 1 root root 36 Jun 11 11:08 engine-id
237
drwx------ 3 root root 4096 Jun 11 11:08 image
238
drwxr-x--- 3 root root 4096 Jun 11 11:08 network
239
drwx--x--- 6 root root 4096 Jun 11 11:09 overlay2
240
drwx------ 4 root root 4096 Jun 11 11:08 plugins
241
drwx------ 2 root root 4096 Jun 11 11:08 runtimes
242
drwx------ 2 root root 4096 Jun 11 11:08 swarm
243
drwx------ 2 root root 4096 Jun 11 11:09 tmp
244
drwx-----x 2 root root 4096 Jun 11 11:08 volumes
245
246
/var/lib/docker/buildkit:
247
total 112
248
drwx--x--x 4 root root 4096 Jun 11 11:08 .
249
drwx--x--- 12 root root 4096 Jun 11 11:08 ..
250
-rw------- 1 root root 32768 Jun 11 11:08 cache.db
251
-rw-r--r-- 1 root root 16384 Jun 11 11:08 containerdmeta.db
252
drwxr-xr-x 3 root root 4096 Jun 11 11:08 content
253
drwx--x--x 2 root root 4096 Jun 11 11:08 executor
254
-rw------- 1 root root 32768 Jun 11 11:08 history.db
255
-rw------- 1 root root 16384 Jun 11 11:08 metadata_v2.db
256
-rw------- 1 root root 16384 Jun 11 11:08 snapshots.db
257
258
/var/lib/docker/buildkit/content:
259
total 12
260
drwxr-xr-x 3 root root 4096 Jun 11 11:08 .
261
drwx--x--x 4 root root 4096 Jun 11 11:08 ..
262
drwxr-xr-x 2 root root 4096 Jun 11 11:08 ingest
263
264
/var/lib/docker/buildkit/content/ingest:
265
total 8
266
drwxr-xr-x 2 root root 4096 Jun 11 11:08 .
267
drwxr-xr-x 3 root root 4096 Jun 11 11:08 ..
268
269
/var/lib/docker/buildkit/executor:
270
total 8
271
drwx--x--x 2 root root 4096 Jun 11 11:08 .
272
drwx--x--x 4 root root 4096 Jun 11 11:08 ..
273
274
/var/lib/docker/containers:
275
total 12
276
drwx--x--- 3 root root 4096 Jun 11 11:09 .
277
drwx--x--- 12 root root 4096 Jun 11 11:08 ..
278
drwx--x--- 4 root root 4096 Jun 11 11:09 04c92bcae4eccfb1ac57d1da261e3f442d9577119a63547c29a0ec411e2df806
279
```
280
281
---
282
283
## A2: DNS-Server
284
### Task
285
* DNS auf vmLS1
286
* Zone "lb2.m300.smartlearn.ch" erstellen
287
* Einträge zu Zone hinzufügen
288
* Firewall: 192.168.70.1 (DMZ), 192.168.150.1 (LAN)
289
* vmLS1: 192.168.70.21
290
* Reverse Zone für "192.168.70.0/24"
291
* PTR Record für Jede IP Adresse:
292
* Firewall: 192.168.70.1
293
* vmLS1: 192.168.70.21
294
* DNS Server auf LP1 und LS1 konfigurieren
295
* Interne und externe DNS Auflösung Testen
296
* Konfig mit `testen_dns` Befehl Testen
297
* Für Test Skript env Variable `$dnsip` updaten
298
* --> `echo 'export dnsip="192.168.70.21"' > ~/.bashrc && source ~/.bashrc`
299
* Config Dateien abgeben:
300
* `named.conf.local`
301
* `named.conf.options`
302
* Zonen Datei von `lb2.m300.smartlearn.ch`
303
304
305
### Installation und Konfiguration DNS
306
ssh verbindung besteht noch zu vmLS1
307
```shell
308
# Bind9 Installieren
309
sudo apt update
310
sudo apt install bind9 bind9utils bind9-doc -y
311
```
312
313
```shell
314
# Forward Zone
315
sudo nano /etc/bind/db.lb2.m300.smartlearn.ch
316
317
# Inhalt
318
$TTL 604800
319
@ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
320
2024010101 ; Serial
321
604800 ; Refresh
322
86400 ; Retry
323
2419200 ; Expire
324
604800 ) ; Negative Cache TTL
325
;
326
@ IN NS ns.lb2.m300.smartlearn.ch.
327
328
ns IN A 192.168.70.21
329
www IN A 192.168.70.21
330
vmls1 IN A 192.168.70.21
331
applikation IN A 192.168.70.21
332
vmlf1 IN A 192.168.70.1
333
```
334
335
```shell
336
# Zonenbeschreibung
337
sudo nano /etc/bind/named.conf.local
338
339
# Inhalt
340
zone "lb2.m300.smartlearn.ch" {
341
type master;
342
file "/etc/bind/db.lb2.m300.smartlearn.ch";
343
};
344
```
345
346
```shell
347
# DNS Restart & Testen
348
sudo systemctl restart bind9
349
350
dig @localhost firewall-dmz.lb2.m300.smartlearn.ch
351
dig @localhost firewall-lan.lb2.m300.smartlearn.ch
352
dig @localhost vmls1.lb2.m300.smartlearn.ch
353
```
354
355
```shell
356
# Reverse Zone
357
sudo nano /etc/bind/db.192.168.70
358
359
# Inhalt
360
$TTL 604800
361
@ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
362
2024010101 ; Serial
363
604800 ; Refresh
364
86400 ; Retry
365
2419200 ; Expire
366
604800 ) ; Negative Cache TTL
367
;
368
@ IN NS ns.lb2.m300.smartlearn.ch.
369
370
1 IN PTR vmlf1.lb2.m300.smartlearn.ch.
371
21 IN PTR vmls1.lb2.m300.smartlearn.ch.
372
22 IN PTR vmws1.lb2.m300.smartlearn.ch.
373
```
374
375
```shell
376
# Zonenbeschreibung
377
sudo nano /etc/bind/named.conf.local
378
379
# Inhalt
380
zone "lb2.m300.smartlearn.ch" {
381
type master;
382
file "/etc/bind/db.lb2.m300.smartlearn.ch";
383
};
384
385
zone "70.168.192.in-addr.arpa" {
386
type master;
387
file "/etc/bind/db.192.168.70";
388
};
389
```
390
391
```shell
392
# DNS Restart & Testen
393
sudo systemctl restart bind9
394
395
dig @localhost -x 192.168.70.1
396
dig @localhost -x 192.168.70.21
397
```
398
399
```shell
400
# Externe Auflösung aktivieren
401
sudo nano /etc/bind/named.conf.options
402
403
# Inhalt
404
options {
405
directory "/var/cache/bind";
406
407
// Forwarders to public DNS servers
408
forwarders {
409
1.1.1.1;
410
1.1.0.1;
411
};
412
413
// Allow recursive queries
414
allow-recursion { any; };
415
416
// If you want to restrict recursive queries to your internal network only:
417
// allow-recursion { 192.168.0.0/16; };
418
419
dnssec-validation auto;
420
421
auth-nxdomain no; # conform to RFC1035
422
listen-on-v6 { any; };
423
};
424
```
425
426
```shell
427
# DNS Restart & Testen
428
sudo systemctl restart bind9
429
430
dig @localhost google.com
431
```
432
433
### DNS auf Server und Client Konfigurieren
434
```shell
435
# Server
436
sudo nano /etc/netplan/00-eth0.yaml
437
438
# Inhalt
439
network:
440
version: 2
441
renderer: networkd
442
ethernets:
443
eth0:
444
addresses: [ 192.168.70.21/24 ]
445
dhcp4: false
446
routes:
447
- to: default
448
via: 192.168.70.1
449
nameservers:
450
addresses: [ 192.168.70.21 ]
451
search: [ lb2.m300.smartlearn.ch ]
452
453
# Änderungen übernehmen
454
sudo netplan apply
455
```
456
457
```shell
458
# Client
459
sudo nano /etc/netplan/00-eth0.yaml
460
461
# Inhalt
462
network:
463
version: 2
464
renderer: NetworkManager
465
ethernets:
466
eth0:
467
dhcp4: yes
468
routes:
469
- to: default
470
via: 192.168.150.1
471
nameservers:
472
addresses: [ 192.168.70.21 ]
473
search: [ lb2.m300.smartlearn.ch ]
474
475
# Änderungen übernehmen
476
sudo netplan apply
477
478
# resolf.conf noch diese Zeile
479
nameserver 192.168.70.21
480
```
481
482
### DNS Konfig von vmLP1 aus Testen
483
```shell
484
# $> testen_dns
485
486
nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21
487
Server: 192.168.70.21
488
Address: 192.168.70.21#53
489
490
Name: vmlf1.lb2.m300.smartlearn.ch
491
Address: 192.168.70.1
492
493
nslookup www.lb2.m300.smartlearn.ch 192.168.70.21
494
Server: 192.168.70.21
495
Address: 192.168.70.21#53
496
497
Name: www.lb2.m300.smartlearn.ch
498
Address: 192.168.70.21
499
500
nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21
501
Server: 192.168.70.21
502
Address: 192.168.70.21#53
503
504
Name: applikation.lb2.m300.smartlearn.ch
505
Address: 192.168.70.21
506
507
nslookup 192.168.70.22 192.168.70.21
508
22.70.168.192.in-addr.arpa name = vmws1.lb2.m300.smartlearn.ch.
509
510
nslookup www.gibb.ch 192.168.70.21
511
Server: 192.168.70.21
512
Address: 192.168.70.21#53
513
514
Non-authoritative answer:
515
Name: www.gibb.ch
516
Address: 194.124.129.15
517
518
nslookup vmls1.lb2.m300.smartlearn.ch
519
Server: 192.168.70.21
520
Address: 192.168.70.21#53
521
522
Name: vmls1.lb2.m300.smartlearn.ch
523
Address: 192.168.70.21
524
525
nslookup www
526
Server: 192.168.70.21
527
Address: 192.168.70.21#53
528
529
** server can't find www: NXDOMAIN
530
```
531
532
---
533
534
## A3: Applikation - Wordpress
535
* Wordpress auf dem Server
536
537
### Apps installieren und Wordpress vorbereiten
538
```shell
539
sudo apt update
540
sudo apt install apache2 mysql-server php libapache2-mod-php php-mysql
541
542
cd /tmp
543
wget https://wordpress.org/latest.tar.gz
544
tar -xzvf latest.tar.gz
545
546
sudo mv /tmp/wordpress/* /var/www/html/
547
548
sudo cp /var/www/html/wp-config-sample.php /var/www/html/wp-config.php
549
sudo chown -R www-data:www-data /var/www/html/
550
```
551
552
### Mysql db vorbereiten
553
554
```shell
555
sudo mysql_secure_installation
556
```
557
558
```shell
559
sudo mysql -u root -p
560
CREATE DATABASE wordpress;
561
CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';
562
GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpressuser'@'localhost';
563
FLUSH PRIVILEGES;
564
EXIT;
565
```
566
567
### WP Konfig anpassen
568
```shell
569
sudo nano /var/www/html/wp-config.php
570
```
571
572
```php
573
define('DB_NAME', 'wordpress');
574
define('DB_USER', 'wordpressuser');
575
define('DB_PASSWORD', 'password');
576
define('DB_HOST', 'localhost');
577
```
578
579
### Apache vorbereiten
580
581
```shell
582
sudo systemctl restart apache2
583
sudo nano /etc/apache2/sites-available/applikation.lb2.m300.smartlearn.ch.conf
584
```
585
586
```conf
587
<VirtualHost *:80>
588
ServerAdmin admin@example.com
589
DocumentRoot /var/www/html/
590
ServerName applikation.lb2.m300.smartlearn.ch
591
592
<Directory /var/www/html/>
593
Options FollowSymLinks
594
AllowOverride All
595
Require all granted
596
</Directory>
597
598
ErrorLog ${APACHE_LOG_DIR}/error.log
599
CustomLog ${APACHE_LOG_DIR}/access.log combined
600
</VirtualHost>
601
```
602
603
### Webseite aktivieren
604
```shell
605
sudo a2ensite applikation.lb2.m300.smartlearn.ch.conf
606
sudo a2enmod rewrite
607
sudo systemctl restart apache2
608
```
609
610
---
611
612
## A4: Web Inhalt
613
### Task:
614
* HTTP-Dienst auf vmLS1 installieren
615
* Download Link für Webseite: https://smartlearn.gibb.ch/media/e8a8e4d47dd0cc3a6796ab.gz
616
* Entpacken mit `tar -xvzf www.lb2.ch.tar.gz`
617
* Folgende URl für Web Dienst: http://www.lb2.m300.smartlearn.ch
618
* Apache Site-Konfigurationsdatei soll den Namen "www.lb2.conf" haben
619
* Zweite Hardisk formatieren und unter /data/www mounten
620
* Lösung Dokumentieren und Screenshot einfügen
621
622
### Disk Formatieren
623
```shell
624
# Disk sdc Partitionieren
625
sudo fdisk /dev/sdc
626
627
# >n = neue Partition
628
# >p = Primary partion
629
# > Alles andere bei default werten lassen
630
631
# Output lsblk ist jetzt
632
sda 8:16 0 8G 0 disk
633
└─sda1 8:17 0 8G 0 part
634
635
# Partition formatieren und Mounten
636
sudo mkfs.ext4 /dev/sda1
637
sudo nano /etc/fstab
638
639
# Inhalt
640
UUID=825c1d3f-6846-4429-959d-4e29f5ff3873 /data/www ext4 defaults 0 0
641
642
systemctl daemon-reload
643
sudo mount -a
644
```
645
646
### Webseite
647
* Auf vmLS1
648
649
```shell
650
cd /tmp
651
wget https://smartlearn.gibb.ch/media/e8a8e4d47dd0cc3a6796ab.gz
652
tar -xvzf e8a8e4d47dd0cc3a6796ab.gz
653
mv /tmp/www/* /data/www/
654
```
655
656
### Apache
657
```shell
658
sudo nano /etc/apache2/sites-available/www.lb2.conf
659
```
660
661
```conf
662
<VirtualHost *:80>
663
ServerAdmin admin@example.com
664
ServerName www.lb2.m300.smartlearn.ch
665
DocumentRoot /data/www
666
ErrorLog ${APACHE_LOG_DIR}/error.log
667
CustomLog ${APACHE_LOG_DIR}/access.log combined
668
</VirtualHost>
669
```
670
671
* Aktivieren
672
```shell
673
sudo a2ensite www.lb2.conf
674
sudo systemctl restart apache2
675
```
676
677
---
678
679
## Zusatz: Option C - login mit ssh keys
680
681
```shell
682
# auf lp1
683
ssh-keygen
684
ssh-copy-id vmadmin@192.168.70.21
685
686
# testen mit
687
touch test
688
scp test vmadmin@192.168.70.21
689
```
690
691
---
692
693
## Test Skripts
694
### Testen Docker
695
696
* /usr/local/bin/testen_docker
697
698
```shell
699
#!/bin/bash
700
bold=$(tput bold)
701
normal=$(tput sgr0)
702
echo -e "${bold}docker info${normal}"
703
docker info
704
echo -e "${bold}docker ps${normal}"
705
docker ps
706
echo -e "${bold}df${normal}"
707
df
708
echo -e "${bold}cat /etc/fstab${normal}"
709
cat /etc/fstab
710
echo -e "${bold}ls -laR /data |head -n 50${normal}"
711
ls -laR /data |head -n 50
712
echo -e "${bold}ls -laR /var/lib/docker |head -n 50${normal}"
713
ls -laR /var/lib/docker |head -n 50
714
```
715
716
### Testen DNS
717
718
* /usr/local/bin/testen_dns
719
720
```shell
721
#!/bin/bash
722
bold=$(tput bold)
723
normal=$(tput sgr0)
724
echo -e "${bold}nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
725
nslookup vmlf1.lb2.m300.smartlearn.ch 192.168.70.21
726
echo -e "${bold}nslookup www.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
727
nslookup www.lb2.m300.smartlearn.ch 192.168.70.21
728
echo -e "${bold}nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21${normal}"
729
nslookup applikation.lb2.m300.smartlearn.ch 192.168.70.21
730
echo -e "${bold}nslookup 192.168.70.22 192.168.70.21${normal}"
731
nslookup 192.168.70.22 192.168.70.21
732
echo -e "${bold}nslookup www.gibb.ch 192.168.70.21${normal}"
733
nslookup www.gibb.ch 192.168.70.21
734
735
echo -e "${bold}nslookup vmls1.lb2.m300.smartlearn.ch${normal}"
736
nslookup vmls1.lb2.m300.smartlearn.ch
737
echo -e "${bold}nslookup www${normal}"
738
nslookup www
739
```
740
741
---
742
743
## Bind9 Konfigurationsdateien
744
### Forward Zone `db.lb2.m300.smartlearn.ch`
745
746
```
747
#/etc/bind/db.lb2.m300.smartlearn.ch
748
749
$TTL 604800
750
@ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
751
2024010101 ; Serial
752
604800 ; Refresh
753
86400 ; Retry
754
2419200 ; Expire
755
604800 ) ; Negative Cache TTL
756
;
757
@ IN NS ns.lb2.m300.smartlearn.ch.
758
759
ns IN A 192.168.70.21
760
www IN A 192.168.70.21
761
vmls1 IN A 192.168.70.21
762
applikation IN A 192.168.70.21
763
vmlf1 IN A 192.168.70.1
764
```
765
766
767
### Reverse Zone `db.192.168.70`
768
769
```
770
#/etc/bind/db.192.168.70
771
772
TTL 604800
773
@ IN SOA ns.lb2.m300.smartlearn.ch. root.lb2.m300.smartlearn.ch. (
774
2024010101 ; Serial
775
604800 ; Refresh
776
86400 ; Retry
777
2419200 ; Expire
778
604800 ) ; Negative Cache TTL
779
;
780
@ IN NS ns.lb2.m300.smartlearn.ch.
781
782
1 IN PTR vmlf1.lb2.m300.smartlearn.ch.
783
21 IN PTR vmls1.lb2.m300.smartlearn.ch.
784
22 IN PTR vmws1.lb2.m300.smartlearn.ch.
785
```
786
787
788
### Bind9 Konfiguration `named.conf.local`
789
790
```
791
#/etc/bind/named.conf.local
792
793
//
794
// Do any local configuration here
795
//
796
797
// Consider adding the 1918 zones here, if they are not used in your
798
// organization
799
//include "/etc/bind/zones.rfc1918";
800
801
zone "lb2.m300.smartlearn.ch" {
802
type master;
803
file "/etc/bind/db.lb2.m300.smartlearn.ch";
804
};
805
806
zone "70.168.192.in-addr.arpa" {
807
type master;
808
file "/etc/bind/db.192.168.70";
809
};
810
```
811
812
813
### Bind9 Optionen `named.conf.options`
814
815
```
816
#/etc/bind/named.conf.options
817
818
options {
819
directory "/var/cache/bind";
820
821
// Forwarders to public DNS servers
822
forwarders {
823
1.1.1.1;
824
1.1.0.1;
825
};
826
827
// Allow recursive queries
828
allow-recursion { any; };
829
830
// If you want to restrict recursive queries to your internal network only:
831
// allow-recursion { 192.168.0.0/16; };
832
833
dnssec-validation auto;
834
835
auth-nxdomain no; # conform to RFC1035
836
listen-on-v6 { any; };
837
};
838
```