标签：workstation bricks gluster RHCA volume servere 题库 236 root

• 第1~5题
• 第6~8题
• 第9题
• 第10题
• 第11题
• 第12题 配置geo
• 第13题
• 第14题 snapshot
• 第15题 监控
• 参考

第1~5题

vgcreate vg_bricks /dev/vdb1
vcreate -L 19G -T vg_bricks/thinpool
for i in sec prod;do lvcreate -V 2G -T vg_bricks/thinpool -n $i;done
for i in sec prod;do mkfs.xfs -i size=512 /dev/vg_bricks/$i;done
mkdir -p /bricks/{sec,prod}
echo "UUID=xxx-xxx-xxx  /bricks/sec xfs defaults 0 0" >> /etc/fstab 
echo "UUID=xxx-xxx-xxx  /bricks/prod xfs defaults 0 0" >> /etc/fstab 
mount -a
mkdir /bricks/sec/secvol_n4
mkdir /bricks/prod/prodvol_n4
semanage fcontext -a -t glusterd_brick_t /bricks/sec/secvol_n4
semanage fcontext -a -t glusterd_brick_t /bricks/prod/prodvol_n4
restorecon -Rv /bricks/

第6~8题

# 创建replicate卷，2个节点且不加replica就是分布卷，加上replica就是复制卷，4个节点加上replica就是分布复制卷
                          replica 2
                              |
gluster volume create testvol  servera:/bricks/test/testvol_n1 serverb:/bricks/test/testvol_n2
gluster volume set testvol auth.ssl-allow 'servera.lab.example.com,serverb.lab.example.com,serverc.lab.example.com,serverd.lab.example.com,servere.lab.example.com,workstation.lab.example.com'
gluster volume set testvol client.ssl on
gluster volume set testvol server.ssl on
gluster volume set testvol auth.allow '172.25.250.*'
gluster volume start testvol

第9题

[root@server{a|b|c|d} ~]# firewall-cmd --permanent --add-service=nfs --add-service=rpc-bind
[root@server{a|b|c|d} ~]# firewall-cmd --reload
[root@workstation ~]# yum -y install glusterfs-fuse.x86_64
[root@workstation ~]# mkdir /var/lib/glusterd
[root@workstation ~]# touch /var/lib/glusterd/secure-access
[root@workstation ~]# mkdir /{test,secure,production}
[root@workstation ~]# vim /etc/fstab        ===> 下面的内容手写
servera:/testvol  /test glusterfs defaults 0 0
servera:/secvol   /secure  nfs defaults,vers=3,_netdev 0 0
servera:/prodvol  /production glusterfs defaults 0 0 

[root@workstation ~]# mount -a

第10题

[root@workstation ~]# vim /etc/fstab 
servera:/testvol /test glusterfs defaults,acl 0 0       ===> 添加acl项

[root@workstation ~]# umount /test && mount -a
[root@workstation ~]# groupadd admins
[root@workstation ~]# useradd suresh
[root@workstation ~]# useradd anita
[root@workstation ~]# mkdir /test/confidential
[root@workstation ~]# chown .admins /test/confidential
[root@workstation ~]# chmod -R o=- /test/confidential
[root@workstation ~]# setfacl -m u:suresh:rwX /test/confidential/
[root@workstation ~]# setfacl -m d:u:suresh:rwX /test/confidential/
[root@workstation ~]# setfacl -m u:anita:rX /test/confidential/
[root@workstation ~]# setfacl -m d:u:anita:rX /test/confidential/
[root@workstation ~]# crontab -e
@reboot /bin/bash /root/umount.sh

[root@workstation ~]# vim umount.sh
#!/bin/bash
/usr/bin/umount /test
/usr/bin/mount -a

第11题

[root@workstation ~]# mkdir /production/mp4 && chmod -R o+w /production/mp4

[root@servera ~]# gluster volume quota prodvol enable 
[root@servera ~]# gluster volume quota prodvol limit-usage /mp4 128MB

第12题 配置geo

[root@servere ~]# firewall-cmd --permanent --add-service=glusterfs 
[root@servere ~]# firewall-cmd --reload 
[root@servere ~]# curl ftp://workstation.lab.example.com/pub/servere.pem -o /etc/ssl/glusterfs.pem
[root@servere ~]# curl ftp://workstation.lab.example.com/pub/servere.key -o /etc/ssl/glusterfs.key
[root@servere ~]# curl ftp://workstation.lab.example.com/pub/glusterfs.ca -o /etc/ssl/glusterfs.ca
[root@servere ~]# openssl dhparam -out /etc/ssl/dhparam.pem 2048
[root@servere ~]# fdisk /dev/vdb
[root@servere ~]# partprobe 
[root@servere ~]# pvcreate /dev/vdb1
[root@servere ~]# vgcreate vg_bricks /dev/vdb1
[root@servere ~]# lvcreate -L 19G -T vg_bricks/thinpool
[root@servere ~]# lvcreate -V 6G -T vg_bricks/thinpool -n testcopy      ===>这里需要把容量改大点
==================== 扩容 ====================
lvextend -L 8G /dev/vg_bricks/testcopy
[root@servere ~]# xfs_growfs /dev/vg_bricks/testcopy
==============================================
[root@servere ~]# mkfs.xfs -i size=512 /dev/vg_bricks/testcopy
[root@servere ~]# mkdir -p /bricks/testcopy
[root@servere ~]# echo "UUID=xxx-xxx-xxx /bricks/testcopy xfs defaults 0 0" >> /etc/fstab
[root@servere ~]# mount -a
[root@servere ~]# mkdir /bricks/testcopy/brick    ===>名字没规定可以随便
[root@servere ~]# semanage fcontext -a -t glusterd_brick_t /bricks/testcopy/brick
[root@servere ~]# restorecon -Rv /bricks/
[root@servere ~]# gluster volume create testcopy servere:/bricks/testcopy/brick
[root@servere ~]# gluster volume set testcopy auth.ssl-allow 'servera.lab.example.com,serverb.lab.example.com,serverc.lab.example.com,serverd.lab.example.com,servere.lab.example.com,workstation.lab.example.com'
[root@servere ~]# gluster volume set testcopy client.ssl on
[root@servere ~]# gluster volume set testcopy server.ssl on
[root@servere ~]# gluster volume set testcopy auth.allow '172.25.250.*'
[root@servere ~]# gluster volume start testcopy

[root@workstation ~]# umount /test/

[root@servera ~]# gluster volume stop testvol
[root@servera ~]# gluster volume start testvol 

[root@workstation ~]# mount -a

[root@servere ~]# systemctl stop glusterd && pkill glusterfs
[root@servere ~]# touch /var/lib/glusterd/secure-access
[root@servere ~]# systemctl start glusterd
[root@servere ~]# groupadd repgrp && useradd -G repgrp georep
[root@servere ~]# echo "redhat" | passwd --stdin georep
[root@servere ~]# mkdir -m 0711 /var/mountbroker-root
[root@servere ~]# semanage fcontext -a -e /home /var/mountbroker-root
[root@servere ~]# restorecon -Rv /var/mountbroker-root


[root@servere ~]# cat /etc/glusterfs/glusterd.vol    ===> 手动添加以下项
    option geo-repilcation-log-group repgrp
    option rpc-auth-allow-insecure on
    option mountbroker-geo-replication.georep testcopy
    option mountbroker-root /var/mountbroker-root

[root@servere ~]# chmod -R 770 /var/lib/glusterd/geo-replication/
[root@servere ~]# chmod -R 770 /var/log/glusterfs/geo-replication-slaves/
[root@servere ~]# chown -R .repgrp /var/lib/glusterd/geo-replication/
[root@servere ~]# chown -R .repgrp /var/log/glusterfs/geo-replication-slaves/

[root@servere ~]# systemctl restart glusterd
[root@servere ~]# gluster volume stop testcopy
[root@servere ~]# gluster volume start testcopy 

[root@servera ~]# ssh-keygen
[root@servera ~]# ssh-copy-id georep@servere
[root@servera ~]# gluster system:: execute gsec_create    ===> 生成公钥
[root@servera ~]# gluster volume geo-replication testvol georep@servere::testcopy create push-pem   ===> 推公钥

[root@servere ~]# /usr/libexec/glusterfs/set_geo_rep_pem_keys.sh georep testvol testcopy

[root@servera ~]# gluster volume geo-replication testvol georep@servere::testcopy start
[root@servera ~]# gluster volume geo-replication testvol georep@servere::testcopy status

# 测试
[root@workstation ~]# echo "123456" > /test/a.txt

[root@servere ~]# ll /bricks/testcopy/brick/
-rw-r--r--. 2 root root   7 5月  16 09:25 a.txt

第13题

[root@server{a|b|c|d} ~]# lvcreate -V 2G -T vg_bricks/thinpool -n tier
[root@server{a|b|c|d} ~]# mkfs.xfs -i size=512 /dev/vg_bricks/tier
[root@server{a|b|c|d} ~]# mkdir /bricks/tier
[root@server{a|b|c|d} ~]# blkid
[root@server{a|b|c|d}]# echo "UUID=xxx-xxx-xxx  /bricks/tier xfs defaults 0 0" >> /etc/fstab 
[root@server{a|b|c|d}]# mount -a
[root@servera ~]# mkdir /bricks/tier/tiervol_n1
[root@serverb ~]# mkdir /bricks/tier/tiervol_n2
[root@serverc ~]# mkdir /bricks/tier/tiervol_n3
[root@serverd ~]# mkdir /bricks/tier/tiervol_n4
[root@server{a|b|c|d} ~]# semanage fcontext -a -t glusterd_brick_t /bricks/tier/tiervol_n{1..4}
[root@server{a|b|c|d} ~]# restorecon -Rv /bricks/tier
# 创建冷区
[root@servera ~]# gluster volume create tiervol replica 2 serverc:/bricks/tier/tiervol_n3 serverd:/bricks/tier/tiervol_n4
[root@servera ~]# gluster volume start tiervol
# 创建热区
[root@servera ~]# gluster volume tier tiervol attach servera:/bricks/tier/tiervol_n1 serverb:/bricks/tier/tiervol_n2 force      ===> 这里可不加force
[root@servera ~]# gluster volume info tiervol 
Volume Name: tiervol
Type: Tier
Volume ID: 8c9044a2-f3b3-469b-ba91-ac3d32747081
Status: Started
Number of Bricks: 4
Transport-type: tcp
Hot Tier :					====> 热区
Hot Tier Type : Distribute			====> 热区类型
Number of Bricks: 2
Brick1: serverb:/bricks/tier/tiervol_n2
Brick2: servera:/bricks/tier/tiervol_n1
Cold Tier:                       		====> 冷区
Cold Tier Type : Replicate			====> 冷区类型
Number of Bricks: 1 x 2 = 2
Brick3: serverc:/bricks/tier/tiervol_n3
Brick4: serverd:/bricks/tier/tiervol_n4
Options Reconfigured:
cluster.tier-mode: cache
features.ctr-enabled: on
performance.readdir-ahead: on

第14题 snapshot

# 题意
对secvol做快照，快照名snap-secvol,不带timestamp
# 解题
[root@servera ~]# gluster snapshot create snap-secvol secvol no-timestamp
[root@servera ~]# gluster snapshot activate snap-secvol

第15题 监控

# 题意
纳管servera~serverd主机
该集群名称为gluster-test
修改通知邮件到本地monitor的邮箱

# 实验中需要自己做，考试时不用做该步
[root@manager ~]# curl http://materials.example.com/rhgs-rhel6.repo -o /etc/yum.repos.d/rhgs-rhel6.repo
[root@manager ~]# yum -y install nagios-server-addons

# 解题
[root@manager ~]# vim /etc/nagios/objects/commands.cfg
..../Time: $LONGDATETIME$\n $NOTIFICATIONCOMMENT\n" | /bin/mail -s...     ===> 手动添加$NOTIFICATIONCOMMENT\n，加2次


[root@server{a|b|c|d} ~]# vim /etc/nagios/nrpe.cfg
allowed_hosts=127.0.0.1,manager.lab.example.com


[root@server{a|b|c|d} ~]# firewall-cmd --add-port=5666/tcp --permanent 
[root@server{a|b|c|d} ~]# firewall-cmd --reload
[root@server{a|b|c|d} ~]# systemctl restart nrpe

# 创建集群
[root@manager ~]# configure-gluster-nagios -c gluster-test -H servera.lab.example.com
Are you sure, you want to commit the changes? (Yes, No) [Yes]:     ===> 回车
Enter Nagios server address [manager.lab.example.com]:             ===> 回车
Do you want to restart Nagios to start monitoring newly discovered entities? (Yes, No) [Yes]:   ===> 回车


[root@manager ~]# vim /etc/nagios/gluster/gluster-contacts.cfg
define contact {
       contact_name                  redhat			# 联系人名字
       alias                         redhat			# 联系人别名
       email                         root@manager.lab.example.com      # 要通知到的邮箱
       service_notification_period   24x7
       service_notification_options  w,u,c,r,f,s
       service_notification_commands notify-service-by-email
       host_notification_period      24x7
       host_notification_options     d,u,r,f,s
       host_notification_commands    notify-host-by-email
}

[root@manager ~]# vim /etc/nagios/gluster/gluster-templates.cfg
define host{
   name                         gluster-generic-host
   use                          linux-server
   notifications_enabled        1
   notification_period          24x7
   notification_interval        120
   notification_options         d,u,r,f,s
   register                     0
   contacts                     +snmp,redhat             ===> 添加redhat
}
....
	....
define service {
   name                         gluster-service
   use                          generic-service
   notifications_enabled       1
   notification_period          24x7
   notification_options         w,u,c,r,f,s
   notification_interval        120
   register                     0
   contacts                     +snmp,redhat             ===> 添加redhat
....
	....


# 检查配置文件是否有错误
[root@manager ~]# nagios -v /etc/nagios/nagios.cfg

[root@manager ~]# service nagios restart
[root@manager ~]# service sendmail restart

# 测试邮件
[root@manager ~]# echo "test123" | mail -s test root@manager.lab.example.com
[root@manager ~]# mail
Heirloom Mail version 12.4 7/29/08.  Type ? for help.
"/var/spool/mail/root": 1 message 1 new
>N  1 root                  Mon May 16 11:20  20/813   "test"         ===> 能收到邮件






# 在foundation0上使用网页上登录到nagios
https://manager.lab.example.com/nagios

User Name: nagiosadmin
Password: nagiosadmin

参考

[root@servera ~]# gluster
gluster> help
volume info [all|<VOLNAME>] - list information of all volumes
volume create <NEW-VOLNAME> [stripe <COUNT>] [replica <COUNT> [arbiter <COUNT>]] [disperse [<COUNT>]] [disperse-data <COUNT>] [redundancy <COUNT>] [transport <tcp|rdma|tcp,rdma>] <NEW-BRICK>?<vg_name>... [force] - create a new volume of specified type with mentioned bricks
volume delete <VOLNAME> - delete volume specified by <VOLNAME>
volume start <VOLNAME> [force] - start volume specified by <VOLNAME>
volume stop <VOLNAME> [force] - stop volume specified by <VOLNAME>
volume tier <VOLNAME> status
volume tier <VOLNAME> start [force]
volume tier <VOLNAME> attach [<replica COUNT>] <NEW-BRICK>...
volume tier <VOLNAME> detach <start|stop|status|commit|[force]>
 - Tier translator specific operations.
volume attach-tier <VOLNAME> [<replica COUNT>] <NEW-BRICK>... - NOTE: this is old syntax, will be depreciated in next release. Please use gluster volume tier <vol> attach [<replica COUNT>] <NEW-BRICK>...
volume detach-tier <VOLNAME>  <start|stop|status|commit|force> - NOTE: this is old syntax, will be depreciated in next release. Please use gluster volume tier <vol> detach {start|stop|commit} [force]
volume add-brick <VOLNAME> [<stripe|replica> <COUNT>] <NEW-BRICK> ... [force] - add brick to volume <VOLNAME>
volume remove-brick <VOLNAME> [replica <COUNT>] <BRICK> ... <start|stop|status|commit|force> - remove brick from volume <VOLNAME>
volume rebalance <VOLNAME> {{fix-layout start} | {start [force]|stop|status}} - rebalance operations
volume replace-brick <VOLNAME> <SOURCE-BRICK> <NEW-BRICK> {commit force} - replace-brick operations
volume set <VOLNAME> <KEY> <VALUE> - set options for volume <VOLNAME>
volume help - display help for the volume command
volume log <VOLNAME> rotate [BRICK] - rotate the log file for corresponding volume/brick
volume log rotate <VOLNAME> [BRICK] - rotate the log file for corresponding volume/brick NOTE: This is an old syntax, will be deprecated from next release.
volume sync <HOSTNAME> [all|<VOLNAME>] - sync the volume information from a peer
volume reset <VOLNAME> [option] [force] - reset all the reconfigured options
volume geo-replication [<VOLNAME>] [<SLAVE-URL>] {create [[ssh-port n] [[no-verify]|[push-pem]]] [force]|start [force]|stop [force]|pause [force]|resume [force]|config|status [detail]|delete} [options...] - Geo-sync operations
volume profile <VOLNAME> {start|info [peek|incremental [peek]|cumulative|clear]|stop} [nfs] - volume profile operations
volume quota <VOLNAME> {enable|disable|list [<path> ...]| list-objects [<path> ...] | remove <path>| remove-objects <path> | default-soft-limit <percent>} |
volume quota <VOLNAME> {limit-usage <path> <size> [<percent>]} |
volume quota <VOLNAME> {limit-objects <path> <number> [<percent>]} |
volume quota <VOLNAME> {alert-time|soft-timeout|hard-timeout} {<time>} - quota translator specific operations
volume inode-quota <VOLNAME> enable - quota translator specific operations
volume top <VOLNAME> {open|read|write|opendir|readdir|clear} [nfs|brick <brick>] [list-cnt <value>] |
volume top <VOLNAME> {read-perf|write-perf} [bs <size> count <count>] [brick <brick>] [list-cnt <value>] - volume top operations
volume status [all | <VOLNAME> [nfs|shd|<BRICK>|quotad]] [detail|clients|mem|inode|fd|callpool|tasks] - display status of all or specified volume(s)/brick
volume heal <VOLNAME> [enable | disable | full |statistics [heal-count [replica <HOSTNAME:BRICKNAME>]] |info [healed | heal-failed | split-brain] |split-brain {bigger-file <FILE> |source-brick <HOSTNAME:BRICKNAME> [<FILE>]}] - self-heal commands on volume specified by <VOLNAME>
volume statedump <VOLNAME> [nfs|quotad] [all|mem|iobuf|callpool|priv|fd|inode|history]... - perform statedump on bricks
volume list - list all volumes in cluster
volume clear-locks <VOLNAME> <path> kind {blocked|granted|all}{inode [range]|entry [basename]|posix [range]} - Clear locks held on path
volume barrier <VOLNAME> {enable|disable} - Barrier/unbarrier file operations on a volume
volume get <VOLNAME> <key|all> - Get the value of the all options or given option for volume <VOLNAME>
volume bitrot <VOLNAME> {enable|disable} |
volume bitrot <volname> scrub-throttle {lazy|normal|aggressive} |
volume bitrot <volname> scrub-frequency {hourly|daily|weekly|biweekly|monthly} |
volume bitrot <volname> scrub {pause|resume|status} - Bitrot translator specific operation. For more information about bitrot command type  'man gluster'
peer probe { <HOSTNAME> | <IP-address> } - probe peer specified by <HOSTNAME>
peer detach { <HOSTNAME> | <IP-address> } [force] - detach peer specified by <HOSTNAME>
peer status - list status of peers
peer help - Help command for peer 
pool list - list all the nodes in the pool (including localhost)
quit - quit
help - display command options
exit - exit
snapshot help - display help for snapshot commands
snapshot create <snapname> <volname> [no-timestamp] [description <description>] [force] - Snapshot Create.
snapshot clone <clonename> <snapname> - Snapshot Clone.
snapshot restore <snapname> - Snapshot Restore.
snapshot status [(snapname | volume <volname>)] - Snapshot Status.
snapshot info [(snapname | volume <volname>)] - Snapshot Info.
snapshot list [volname] - Snapshot List.
snapshot config [volname] ([snap-max-hard-limit <count>] [snap-max-soft-limit <percent>]) | ([auto-delete <enable|disable>])| ([activate-on-create <enable|disable>]) - Snapshot Config.
snapshot delete (all | snapname | volume <volname>) - Snapshot Delete.
snapshot activate <snapname> [force] - Activate snapshot volume.
snapshot deactivate <snapname> - Deactivate snapshot volume.
global help - list global commands
nfs-ganesha {enable| disable}  - Enable/disable NFS-Ganesha support

标签：workstation,bricks,gluster,RHCA,volume,servere,题库,236,root
来源： https://www.cnblogs.com/smlile-you-me/p/16285691.html

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。