- RPMパッケージdrbd82およびkmod-drbd82-xenをインストールする。
- ファイアウォール設定で、DRBDの通信、TCPポート7788~7799を許可する。
logging --host=192.168.55.32 --level=debug install url --url http://Repository.LocalDomain/centos/5/os/i386 lang en_US.UTF-8 keyboard jp106 network --device eth0 --bootproto dhcp --hostname=localhost.localdomain rootpw --iscrypted $1$NG4SU1bL$I8FOJo.81cUrO6Xj4dau41 firewall --enabled --ssh --port=snmp:udp authconfig --enableshadow --enablemd5 selinux --permissive timezone Asia/Tokyo bootloader --location=mbr --driveorder=xvda --append="console=xvc0" services --enabled=ntpd,oddjobd,snmpd --disabled=acpid,apmd,avahi-daemon,bluetooth,cpuspeed,cups,gpm,hidd,lm_sensors,mdmonitor,microcode_ctl,nfslock,pcscd,smartd,xfs,yum-updatesd clearpart --all --drives=xvda --initlabel part /boot --fstype ext3 --size=100 --ondisk=xvda part pv.2 --size=0 --grow --ondisk=xvda volgroup VolGroup00 --pesize=32768 pv.2 logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=272 --grow --maxsize=544 logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow repo --name=base --baseurl=http://Repository.LocalDomain/centos/5/os/i386/ repo --name=updates --baseurl=http://Repository.LocalDomain/centos/5/updates/i386/ repo --name=addons --baseurl=http://Repository.LocalDomain/centos/5/addons/i386/ repo --name=extras --baseurl=http://Repository.LocalDomain/centos/5/extras/i386/ reboot %packages @admin-tools @base @cluster-storage @clustering @core @emacs @mail-server @network-server @ruby @server-cfg @system-tools @text-internet @web-server -smartmontools -OpenIPMI* -squid -samba-* -system-config-samba lynx tftp kernel-xen kmod-gfs-xen -kernel -kmod-gfs -kmod-gnbd -NetworkManager -bluez-utils device-mapper-multipath -irda-utils -pcmciautils net-snmp-utils net-snmp-libs net-snmp iscsi-initiator-utils -apmd -acpid drbd82 kmod-drbd82-xen -kmod-drbd82 %post --log=/mnt/sysimage/root/install-post.log ### network echo 'NOZEROCONF=yes' >> /etc/sysconfig/network /bin/cp -p /etc/sysconfig/network-scripts/ifcfg-eth0 /tmp/ifcfg-eth0 /bin/sed 's/^HWADDR=/#HWADDR=/' < /tmp/ifcfg-eth0 > /etc/sysconfig/network-scripts/ifcfg-eth0 /bin/egrep -v '^#' /etc/sysconfig/network-scripts/ifcfg-eth0 | /bin/sed 's/eth0/eth1/' > /etc/sysconfig/network-scripts/ifcfg-eth1 /bin/egrep -v '^#' /etc/sysconfig/network-scripts/ifcfg-eth0 | /bin/sed 's/eth0/eth2/' > /etc/sysconfig/network-scripts/ifcfg-eth2 /sbin/restorecon /etc/sysconfig/network-scripts/ifcfg-eth[12] ### logrotate /bin/cat > /etc/logrotate.d/00local.conf <<EOL rotate 20 compress start 100 EOL /sbin/restorecon /etc/logrotate.d/00local.conf ### yum update from the local repository /bin/cp -p /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.dist /bin/sed 's/mirrorlist=/#mirrorlist=/ s/#baseurl=/baseurl=/ s/mirror.centos.org/Repository.LocalDomain/' < /etc/yum.repos.d/CentOS-Base.repo.dist > /etc/yum.repos.d/CentOS-Base.repo ### For Cluster ##### /etc/cluster/fence_xvm.key /usr/bin/base64 -di > /etc/cluster/fence_xvm.key <<EOL Atf+JoYSVwnPqBR8vnbG68EaY/Y4sr570YywcWXUcsZD6BwQAMA0x62YIMSlHArX60JzvNeh95x7 <<略>> EN00EFaiso4dDtVaX2RYJf30RExW4E312yu+XwoXjrES0uLIK33p0HToOXUX3RjsCqYuM7ulE5iD EOL /bin/chmod 600 /etc/cluster/fence_xvm.key ##### iptables /bin/cp -p /etc/sysconfig/iptables /etc/sysconfig/iptables.dist /bin/cat > /etc/sysconfig/iptables <<EOL *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 7788:7799 -i eth1 -s 192.168.56.0/24 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 7788:7799 -i eth2 -s 192.168.57.0/24 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -s 192.168.55.0/24 -i eth0 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT EOL ### sshd /bin/cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.dist /bin/sed 's/^PasswordAuthentication yes/PasswordAuthentication no/' < /etc/ssh/sshd_config.dist > /etc/ssh/sshd_config /bin/mkdir ~root/.ssh /bin/chmod 600 ~root/.ssh /bin/cat > ~root/.ssh/authorized_keys2 <<EOL ssh-dss AAAA<<略>> EOL /bin/chmod 644 ~root/.ssh/authorized_keys2 ### Mail ##### /etc/mail/sendmail.cf /usr/bin/patch /etc/mail/sendmail.mc <<EOL 26c26 < dnl define(\`SMART_HOST', \`smtp.your.provider')dnl --- > define(\`SMART_HOST', \`SmtpServer.LocalDomain')dnl EOL (cd /etc/mail; /usr/bin/make sendmail.cf) ##### /etc/aliases /usr/bin/patch /etc/aliases <<EOL 96c96 < #root: marc --- > root: root@LocalDomain EOL /usr/bin/newaliases ### SNMP /bin/cat > /etc/snmp/snmpd.conf <<EOL com2sec localhost localhost COMMUNITY_STRING com2sec localnet 192.168.55.0/24 COMMUNITY_STRING group gOpLocalhost v1 localhost group gOpLocalhost v2c localhost group gOpLocalnet v1 localnet group gOpLocalnet v2c localnet view all included .1 view systemview included REDHAT-CLUSTER-MIB:RedHatCluster access gOpLocalhost "" any noauth exact all none all access gOpLocalnet "" any noauth exact all none all syslocation Unknown syscontact root@LocalDomain disk / 100000 load 10 # for cluster dlmod RedHatCluster /usr/lib/cluster-snmp/libClusterMonitorSnmp.so EOL /bin/cat > /etc/snmp/snmp.conf <<EOL mibs +REDHAT-MIB:REDHAT-CLUSTER-MIB EOL ### NTP on Xen DomU /bin/cat >> /etc/sysctl.conf <<EOL # For ntpd on Xen DomU. xen.independent_wallclock = 1 EOL ### cron /bin/cp -p /etc/crontab /etc/crontab.dist /bin/sed 's/^\(..\) 4 /\1 5 /' < /etc/crontab.dist > /etc/crontab ### grub /bin/cp -p /boot/grub/grub.conf /boot/grub/grub.conf.dist /bin/sed 's/ rhgb quiet//' < /boot/grub/grub.conf.dist > /boot/grub/grub.conf ### /etc/bashrc /bin/cp -p /etc/bashrc /etc/bashrc.dist /bin/sed 's/xterm\*)/xterm*|vt100*)/' < /etc/bashrc.dist > /etc/bashrcこの設定を元に、Xen DomU dc0を作成する。
# virt-install --name=dc0 --ram=256 --file=/dev/VolGroupXX/LogVolDc0 --mac='00:16:3e:1d:91:00' --bridge=br4000 --nographics --location='http://Repository.LocalDomain/centos/5/os/i386' --extra-args='ks=http://Repository.LocalDomain/centos/conf/DomU-DRBD-ks.cfg'DomU dc0のインストールが完了したら、LV(logical volume, 論理ボリューム)
/dev/VolGroupXX/LogVolDc0
を元にDomU dc[23]用のLVをスナップショットLVとして作成する(『XenとLVM・その3・スナップショットLVの利用』参照)。# lvcreate --snapshot --size=1G --name=LogVolDc2 /dev/VolGroupXX/LogVolDc0 Logical volume "LogVolDc2" created # lvcreate --snapshot --size=1G --name=LogVolDc3 /dev/VolGroupXX/LogVolDc0 Logical volume "LogVolDc3" created #続いて、dc[23]に
/dev/xvdb
としてエクスポートするためのLVを作成する。# lvcreate --size=4G --name=LogVolR0-2 /dev/VolGroupXX Logical volume "LogVolR0-2" created # lvcreate --size=4G --name=LogVolR0-3 /dev/VolGroupXX Logical volume "LogVolR0-3" created #DomU dc2の設定ファイル
/etc/xen/dc2
は以下の通り。name = "dc2" uuid = "3cc1d59c-b2b1-42a6-b31a-35be18db188d" maxmem = 512 memory = 256 vcpus = 1 bootloader = "/usr/bin/pygrub" on_poweroff = "destroy" on_reboot = "restart" on_crash = "restart" vfb = [ ] disk = [ "phy:/dev/VolGroupXX/LogVolDc2,xvda,w", "phy:/dev/VolGroupXX/LogVolR0-2,xvdb,w" ] vif = [ "mac=00:16:3e:1d:91:02,bridge=br4000", "mac=00:16:3e:1d:92:02,bridge=br4001", "mac=00:16:3e:1d:93:02,bridge=br4002" ]DomU dc2を起動する。
# xm create -c dc2 <<略>> INIT: version 2.86 booting Welcome to CentOS release 5.2 (Final) Press 'I' to enter interactive startup. <<略>> Starting DRBD resources: no resources defined! no resources defined! [ ]no resources defined! . no resources defined! no resources defined! [ OK ] <<略>> CentOS release 5.2 (Final) Kernel 2.6.18-92.1.6.el5xen on an i686 dc2.LocalDomain login:DRBDの設定を行っていないため、その旨警告メッセージが表示されている。DomU dc3についても同様に作業する。
『その0・概要』『その1・Xen環境の準備』『その2・DRBD設定前の確認』『その3・drbd.confの設定』『その4・DRBDの初期化』『その5・初期同期』『その6・ベンチマーク』
0 件のコメント:
コメントを投稿