一、web服务器
1、创建磁盘
[root@localhost ~]# fdisk -l
Disk /dev/sda: 42.9 GB, 42949672960 bytes, 83886080 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk label type: dosDisk identifier: 0x00091554Device Boot Start End Blocks Id System
/dev/sda1 * 2048 1026047 512000 83 Linux/dev/sda2 1026048 83886079 41430016 8e Linux LVMDisk /dev/sdb: 21.5 GB, 21474836480 bytes, 41943040 sectors
Units = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/sdc: 21.5 GB, 21474836480 bytes, 41943040 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/sdd: 21.5 GB, 21474836480 bytes, 41943040 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/mapper/centos-root: 40.2 GB, 40227569664 bytes, 78569472 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes Disk /dev/mapper/centos-swap: 2147 MB, 2147483648 bytes, 4194304 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes [root@localhost ~]# fdisk /dev/sdbWelcome to fdisk (util-linux 2.23.2).Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x8f8e5a63.Command (m for help): n
Partition type: p primary (0 primary, 0 extended, 4 free) e extendedSelect (default p): pPartition number (1-4, default 1): First sector (2048-41943039, default 2048): Using default value 2048Last sector, +sectors or +size{K,M,G} (2048-41943039, default 41943039): Using default value 41943039Partition 1 of type Linux and of size 20 GiB is setCommand (m for help): w
The partition table has been altered!Calling ioctl() to re-read partition table.
Syncing disks.[root@localhost ~]# fdisk /dev/sdcWelcome to fdisk (util-linux 2.23.2).Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0xf373c35d.Command (m for help): n
Partition type: p primary (0 primary, 0 extended, 4 free) e extendedSelect (default p): pPartition number (1-4, default 1): First sector (2048-41943039, default 2048): Using default value 2048Last sector, +sectors or +size{K,M,G} (2048-41943039, default 41943039): Using default value 41943039Partition 1 of type Linux and of size 20 GiB is setCommand (m for help): w
The partition table has been altered!Calling ioctl() to re-read partition table.
Syncing disks.[root@localhost ~]# fdisk /dev/sddWelcome to fdisk (util-linux 2.23.2).Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0xc466a0fe.Command (m for help): n
Partition type: p primary (0 primary, 0 extended, 4 free) e extendedSelect (default p): pPartition number (1-4, default 1): First sector (2048-41943039, default 2048): Using default value 2048Last sector, +sectors or +size{K,M,G} (2048-41943039, default 41943039): Using default value 41943039Partition 1 of type Linux and of size 20 GiB is setCommand (m for help): w
The partition table has been altered!Calling ioctl() to re-read partition table.
Syncing disks.[root@localhost ~]# partprobe /dev/sdb[root@localhost ~]# partprobe /dev/sdc[root@localhost ~]# partprobe /dev/sdd2、安装软Riad工具mdadm,创建ride5
[root@localhost ~]# yum -y install mdadm #安装md5dm
[root@localhost ~]# mdadm -C /dev/md5 -l 5 -n 3 /dev/sdb1 /dev/sdc1 /dev/sdd1 #创建ride5mdadm: Defaulting to version 1.2 metadatamdadm: array /dev/md5 started.3、建立逻辑卷,格式化
[root@localhost ~]# pvcreate -y /dev/md5 #创建物理卷
Physical volume "/dev/md5" successfully created[root@localhost ~]# vgcreate -y myvg /dev/md5 #创建卷组 Volume group "myvg" successfully created[root@localhost ~]# lvcreate -y -L 35G -n mylv myvg #创建逻辑卷 Logical volume "mylv" created.[root@localhost ~]# mkfs.xfs /dev/myvg/mylv #格式化卷组log stripe unit (524288 bytes) is too large (maximum is 256KiB)log stripe unit adjusted to 32KiBmeta-data=/dev/myvg/mylv isize=256 agcount=16, agsize=573312 blks = sectsz=512 attr=2, projid32bit=1 = crc=0 finobt=0data = bsize=4096 blocks=9172992, imaxpct=25 = sunit=128 swidth=256 blksnaming =version 2 bsize=4096 ascii-ci=0 ftype=0log =internal log bsize=4096 blocks=4480, version=2 = sectsz=512 sunit=8 blks, lazy-count=1realtime =none extsz=4096 blocks=0, rtextents=04、安装httpd
[root@localhost ~]# yum -y install gcc gcc-c++ make #安装编译软件
已加载插件:fastestmirrorLoading mirror speeds from cached hostfile软件包 gcc-4.8.3-9.el7.x86_64 已安装并且是最新版本软件包 gcc-c++-4.8.3-9.el7.x86_64 已安装并且是最新版本软件包 1:make-3.82-21.el7.x86_64 已安装并且是最新版本无须任何处理[root@localhost ~]# cd /usr/src/httpd-2.2.17/
[root@localhost httpd-2.2.17]#./configure --prefix=/usr/local/httpd #指定安装位置[root@localhost httpd-2.2.17]# make && make install #编译安装[root@localhost ~]# vim /usr/local/httpd/conf/httpd.conf #修改配置文件[root@localhost ~]# /usr/local/httpd/bin/apachectl start #开启服务httpd (pid 3915) already running5、挂载硬盘开启配额
[root@localhost ~]# echo "/dev/myvg/mylv /usr/local/httpd/htdocs/ xfs defaults,usrquota 0 0" >> /etc/fstab #修改配置文件
[root@localhost ~]# tail -1 /etc/fstab /dev/myvg/mylv /usr/local/httpd/htdocs/ xfs defaults,usrquota 0 0[root@localhost ~]# mount -a #挂载[root@localhost ~]# mount | tail -1/dev/mapper/myvg-mylv on /usr/local/httpd/htdocs type xfs (rw,relatime,seclabel,attr2,inode64,sunit=1024,swidth=2048,usrquota)6、配额并测试
配额
[root@localhost ~]# useradd web #创建web用户[root@localhost ~]# yum -y install quota #安装配额工具[root@localhost ~]# /usr/sbin/quotacheck -auvg quotacheck: Skipping /dev/mapper/myvg-mylv [/usr/local/httpd/htdocs]quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option.==================[root@localhost ~]# quotaon -auvg[root@localhost ~]# edquota -u webDisk quotas for user web (uid 1000):
Filesystem blocks soft hard inodes soft hard /dev/mapper/myvg-mylv 0 80000 100000 0 80 100[root@localhost ~]# su web
[web@localhost htdocs]$ dd if=/dev/zero of=/usr/local/httpd/htdocs/aa bs=1M count=101dd: error writing ‘/usr/local/httpd/htdocs/aa’: Disk quota exceeded98+0 records in97+0 records out102400000 bytes (102 MB) copied, 1.2308 s, 83.2 MB/s[web@localhost htdocs]$ touch {1..102}touch: cannot touch ‘101’: Disk quota exceededtouch: cannot touch ‘102’: Disk quota exceeded[web@localhost htdocs]$ ls1 11 14 17 2 22 25 28 30 33 36 39 41 44 47 5 52 55 58 60 63 66 69 71 74 77 8 82 85 88 90 93 96 9910 12 15 18 20 23 26 29 31 34 37 4 42 45 48 50 53 56 59 61 64 67 7 72 75 78 80 83 86 89 91 94 97 index.html100 13 16 19 21 24 27 3 32 35 38 40 43 46 49 51 54 57 6 62 65 68 70 73 76 79 81 84 87 9 92 95 987、创建网页文件
[root@localhost ~]# cd /usr/local/httpd/htdocs/
[root@localhost htdocs]# vim index.htmlwangbaoxin haohaohaohao8、开启80端口并测试
[root@localhost ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
success
二、主DNS服务器配置
[root@ns1 ~]# vim /etc/resolv.conf
# Generated by NetworkManagernameserver 192.168.148.111nameserver 192.168.148.112
~ [root@ns1 ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.148.111 ns1.study.com.192.168.148.112 ns2.study.com.[root@localhost ~]# yum -y install bind
主配置文件[root@localhost ~]# vim /etc/named.conf options { directory "/var/named"; allow-query { any; }; forwarders { 114.114.114.114; };recursion yes;
};zone "study.com" IN {
type master; file "study.com.zone"; allow-transfer { 192.168.148.112; };};zone "148.168.192.in-addr.arpa" IN {
type master; file "192.168.148.arpa"; allow-transfer { 192.168.148.112; };};zone "." IN {
type hint; file "named.ca";};正向配置文件
[root@ns1 ~]# vim /var/named/study.com.zone $TTL 1D@ IN SOA study.com. mail.study.com. ( 20190817 3H 20M 1W 1D)IN NS ns1.study.com.
IN NS ns2.study.com. IN MX 10 mail.study.com.ns1 IN A 192.168.148.111ns2 IN A 192.168.148.112www IN A 192.168.148.113反向配置文件[root@ns1 ~]# vim /var/named/192.168.148.arpa $TTL 1D@ IN SOA study.com. mail.study.com. ( 20190817 3H 20M 1W 1D)IN NS ns1.study.com.
IN NS ns2.study.com. IN MX 10 mail.study.com.111 IN PTR ns1.study.com.112 IN PTR ns2.study.com.113 IN PTR www.study.com.权限
[root@ns1 ~]# chown :named /var/named/study.com.zone /var/named/192.168.148.arpa [root@ns1 ~]# ll /var/named/总用量 24-rw-r--r--. 1 root named 251 8月 15 00:01 192.168.148.arpadrwxrwx---. 2 named named 6 3月 6 2015 datadrwxrwx---. 2 named named 6 3月 6 2015 dynamic-rw-r-----. 1 root named 2076 1月 28 2013 named.ca-rw-r-----. 1 root named 152 12月 15 2009 named.empty-rw-r-----. 1 root named 152 6月 21 2007 named.localhost-rw-r-----. 1 root named 168 12月 15 2009 named.loopbackdrwxrwx---. 2 named named 6 3月 6 2015 slaves-rw-r--r--. 1 root named 248 8月 14 23:58 study.com.zone验证
[root@ns1 ~]# named-checkconf /etc/named.conf [root@ns1 ~]# named-checkzone study.com /var/named/study.com.zone zone study.com/IN: study.com/MX 'mail.study.com' has no address records (A or AAAA)zone study.com/IN: loaded serial 20190817OK[root@ns1 ~]# named-checkzone 148.168.192.in-addr.arpa /var/named/192.168.148.arpa zone 148.168.192.in-addr.arpa/IN: loaded serial 20190817OK开启对应防火墙端口
[root@ns1 ~]# firewall-cmd --zone=public --add-port=53/tcp --permanentsuccess[root@ns1 ~]# firewall-cmd --zone=public --add-port=53/udp --permanentsuccess开启服务[root@ns1 ~]# systemctl restart firewalld[root@ns1 ~]# systemctl restart named三、从DNS服务器配置
从DNS服务器
[root@ns2 ~]# vim /etc/resolv.conf# Generated by NetworkManager
nameserver 192.168.148.111
nameserver 192.168.148.112
[root@ns2 ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6192.168.148.111 ns1.study.com.192.168.148.112 ns2.study.com.-----[root@localhost ~]# scp 192.168.148.111:/etc/named.conf /etc/named.confroot@192.168.148.111's password: named.conf 100% 388 0.4KB/s 00:00 [root@ns2 ~]# vim /etc/named.confoptions {
directory "/var/named";};zone "study.com" IN {
type slave; file "slaves/study.com.zone"; masters { 192.168.148.111; };};zone "148.168.192.in-addr.arpa" IN {
type slave; file "dlaves/192.168.148.arpa"; masters { 192.168.148.111; };};----------------[root@ns2 ~]# /sbin/iptables -I INPUT -p tcp --dport 53 -j ACCEPT[root@ns2 ~]# /sbin/iptables -I INPUT -p udp --dport 53 -j ACCEPT[root@ns2 ~]# /etc/init.d/iptables saveiptables:将防火墙规则保存到 /etc/sysconfig/iptables: [确定][root@ns2 ~]# /etc/init.d/iptables restart iptables:将链设置为政策 ACCEPT:filter [确定]iptables:清除防火墙规则: [确定]iptables:正在卸载模块: [确定]iptables:应用防火墙规则: [确定][root@ns2 ~]# [root@ns2 ~]# /etc/init.d/named restart 停止 named: [确定]启动 named: [确定]四、测试机测试
[root@ceshi ~]# nslookup www.study.com
Server: 192.168.148.111Address: 192.168.148.111#53Name: www.study.com
Address: 192.168.148.113[root@ceshi ~]# nslookup ns1.study.com
Server: 192.168.148.111Address: 192.168.148.111#53Name: ns1.study.com
Address: 192.168.148.111[root@ceshi ~]# nslookup 192.168.148.111
Server: 192.168.148.111Address: 192.168.148.111#53111.148.168.192.in-addr.arpa name = ns1.study.com.
[root@ceshi ~]# nslookup www.jd.com
Server: 192.168.148.111Address: 192.168.148.111#53Non-authoritative answer:
www.jd.com canonical name = www.jd.com.gslb.qianxun.com.www.jd.com.gslb.qianxun.com canonical name = www.jdcdn.com.Name: www.jdcdn.comAddress: 150.138.120.1[root@ceshi ~]# nslookup www.study.com 192.168.148.112
Server: 192.168.148.112Address: 192.168.148.112#53Name: www.study.com
Address: 192.168.148.113[root@ceshi ~]# nslookup ns1.study.com 192.168.148.112
Server: 192.168.148.112Address: 192.168.148.112#53Name: ns1.study.com
Address: 192.168.148.111[root@ceshi ~]# nslookup 192.168.148.111 192.168.148.112
Server: 192.168.148.112Address: 192.168.148.112#53111.148.168.192.in-addr.arpa name = ns1.study.com.
[root@ceshi ~]# lynx www.study.com
[root@ceshi ~]# lynx www.jd.com
