Zobrazit příspěvky

1

Hardware / Domácí server na virtualizaci ESX/VMware

« kdy: 11. 10. 2015, 23:14:25 »

Ahojte,

planujem si poskladat domaci server, na ktorom by malo bezat cca 6 VM (samba, lamp, dns , dhcp , ntp, firewall , db, aplikacny server, proxy server, testovanie clasteringu+PXE, etc.). Konkretne sa bude jednat o ESX hypervisora. SSD disk bude sluzit ako systemovy a SATA disky budu v RAID5. Budem rad ak konstruktivne prispejete so svojim nazorom, ktory komponent by ste vymenili za iny a preco. Dodam este, ze ECC nieje pre mna dolezite, no na druhej strane by som sa snazil spotrebu (W) zminimalizovat co najviac, kedze bude bezat 24/7 (samozrejme budem hladat kompromis).

Zostava:
GIGABYTE B150-DS3H DDR3 https://www.alza.sk/gigabyte-b150-ds3h-ddr3-d2919735.htm
Intel Core i3-6100T https://www.alza.sk/intel-core-i3-6100t-d3041169.htm
Kingston 16 GB KIT DDR3 1600 MHz CL9 HyperX Savage Series https://www.alza.sk/kingston-16-gb-kit-ddr3-1600-mhz-cl9-hyperx-savage-series-d2147843.htm
Kingston HyperX FURY SSD 120GB https://www.alza.sk/kingston-hyperx-fury-ssd-120gb-d1636300.htm
3x - WD Red 1000GB 64MB cache https://www.alza.sk/wd-red-1000gb-64mb-cache-d342210.htm
Fortron FSP300-60HHN 85+ https://www.alza.sk/fortron-fsp300-60hhn-85-d2170296.htm
Cooler Master Elite 130 čierna https://www.alza.sk/cooler-master-elite-130-cierna-d470467.htm

Povodne som uvazoval aj o maticnej doske s integrovanym CPU ASROCK Q1900DC-ITX, ale cital som na forach, ze maju problem s instalaciou ESX-u, takze tato mozno odpadla.

Snad tato tema posluzi aj ostatnym pri buildovani domaceho servera, alebo aspon informativne

2

Studium a uplatnění / Plat v IT - Luxembursko

« kdy: 24. 09. 2015, 22:19:22 »

Ahojte. Som vo vyberovom konani pre jednu IT firmu, ktora sidli v Luxe. Jedna sa o poziciu senior linux admin, avsak nepoznam nikoho kto by pracoval v luxe a duplom v IT, takze neviem aky je mozny platovy range. Respektive min. - max. plat pre danu krajinu v danej pozicii. Ak by ste mali nejake znameho, alebo mate vy osobnu skusenost, budem rad za kazdu radu. To ake mam skills prosim nerieste, kedze aj tak by sa to nedalo presne definovat a zbytocne by vznikli komplexne diskusie mimo temu. Zaujma ma hlavne platovy rozsah, ktory je mozny a nasledne sa uz budem vediet zaradit.

Dakujem pekne

3

Server / DNS Forwarding server

« kdy: 30. 04. 2014, 18:32:33 »

Ahojte,
potreboval by som poradit. Dostal som sa totiz do slepej ulicky a posledne dni si lamem hlavu ako spojazdnit DNS server, ktory som nastavil vo virtualke ako forwarding.

Pokusim sa objasnit o co ide co najpresnejsie a co najzrozumitelnejsie. Ak budete mat voci hocicomu nejake vyhrady, prosim, kludne ich napiste. Budem len rad ak budem moct nieco zlepsit

Vo vmware-ku som si nainstaloval 3 (Test1, Test2 a Test3 server) guest systemy s OS openSuSE. Test1 ma sluzit ako DNS forwarding server pre lokalne servre test2 a test3. Siet je vo vmware nastavena nasledovne:
Test1: ma dve sietove karty. Jedna je "Bridged" aby mohla komunikovat so svetom. Druha je nastavena ako "host-only" aby mohol komunikovat v lokalnej sieti so servermi test2 a test3.
Test2: ma iba jednu sietovu kartu a to "host-only"
Test3: ma tak isto iba jednu sietovu kartu "host-only"

-malo by to fungovat tak, ze ak test 2 alebo 3 sa budu dotazovat tak kontaktuju test1, ktory sa spoji s mojim routerom a ten nasledne odpovie test1. Dalej sa uz iba podava informacia naspat ku test2 alebo 3.

NASTAVENIA SERVEROV:

----------------------

TEST1 server:

test1:/etc # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4a:54:89 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.102/24 brd 192.168.0.255 scope global eth0
inet6 fe80::20c:29ff:fe4a:5489/64 scope link
valid_lft forever preferred_lft forever
4: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4a:54:93 brd ff:ff:ff:ff:ff:ff
inet 192.168.136.131/24 brd 192.168.136.255 scope global eth1
inet6 fe80::20c:29ff:fe4a:5493/64 scope link
valid_lft forever preferred_lft forever

test1:/etc # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.136.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

-komentare som vymazal. Jedine co som zmenil je, ze som odkomentoval "forwarders" cast a doplnil IP routera a google DNS server.
test1:/etc #less /etc/named.conf
options {
directory "/var/lib/named";
managed-keys-directory "/var/lib/named/dyn/";

dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";

forwarders { 192.168.0.1; 8.8.4.4; };

# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.

forward only;

#listen-on port 53 { 127.0.0.1; };

listen-on-v6 { any; };

#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;

#allow-query { 127.0.0.1; };

notify no;

disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
};

zone "." in {
type hint;
file "root.hint";
};

zone "localhost" in {
type master;
file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "127.0.0.zone";
};

# Include the meta include file generated by createNamedConfInclude. This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named

include "/etc/named.conf.include";

test1:/etc # service named status
named.service - LSB: Domain Name System (DNS) server, named
Loaded: loaded (/etc/init.d/named)
Active: active (running) since Wed, 2014-04-30 00:39:08 CEST; 17h ago
Process: 50973 ExecStop=/etc/init.d/named stop (code=exited, status=0/SUCCESS)
Process: 50993 ExecStart=/etc/init.d/named start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/named.service
└ 51032 /usr/sbin/named -t /var/lib/named -u named

Apr 30 00:39:08 test1 named[51032]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.a...ial 42
Apr 30 00:39:08 test1 named[51032]: zone localhost/IN: loaded serial 42
Apr 30 00:39:08 test1 named[51032]: all zones loaded
Apr 30 00:39:08 test1 named[50993]: ..done
Apr 30 00:39:08 test1 systemd[1]: Started LSB: Domain Name System (DNS) server, named.
Apr 30 00:39:08 test1 named[51032]: running
Apr 30 10:15:55 test1 named[51032]: listening on IPv4 interface eth0, 192.168.0.102#53
Apr 30 13:15:55 test1 named[51032]: listening on IPv4 interface eth1, 192.168.176.129#53
Apr 30 13:15:55 test1 named[51032]: no longer listening on 192.168.0.100#53
Apr 30 13:15:55 test1 named[51032]: no longer listening on 192.168.10.132#53

test1:/etc # rcSuSEfirewall2 status
SuSEfirewall2.service - SuSEfirewall2 phase 2
Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; enabled)
Active: inactive (dead) since Wed, 2014-04-30 00:07:34 CEST; 17h ago
Process: 49957 ExecStop=/usr/sbin/SuSEfirewall2 systemd_stop (code=exited, status=0/SUCCESS)
Process: 14691 ExecStart=/usr/sbin/SuSEfirewall2 boot_setup (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/SuSEfirewall2.service

Apr 29 19:50:22 test1 systemd[1]: Starting SuSEfirewall2 phase 2...
Apr 29 19:50:22 test1 systemd[1]: Started SuSEfirewall2 phase 2.
Apr 29 19:50:22 test1 SuSEfirewall2[14712]: using default zone 'ext' for interface eth1
Apr 29 19:50:22 test1 SuSEfirewall2[14800]: Firewall rules successfully set
Apr 30 00:07:34 test1 SuSEfirewall2[49975]: Firewall rules unloaded.
Apr 30 00:07:34 test1 systemd[1]: Stopped SuSEfirewall2 phase 2.

test1:/etc # cat /etc/resolv.conf | grep -v ^#
search home.com
nameserver 127.0.0.1

-------------------------------
TEST2 server:

test2:~ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d3:ff:6e brd ff:ff:ff:ff:ff:ff
inet 192.168.136.128/24 brd 192.168.136.255 scope global eth0
inet6 fe80::20c:29ff:fed3:ff6e/64 scope link
valid_lft forever preferred_lft forever

test2:~ # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
192.168.136.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

test2:~ # cat /etc/resolv.conf | grep -v ^#
search home.com
nameserver 192.168.136.131

test2:~ # rcSuSEfirewall2 status
SuSEfirewall2.service - SuSEfirewall2 phase 2
Loaded: loaded (/usr/lib/systemd/system/SuSEfirewall2.service; enabled)
Active: inactive (dead) since Wed, 2014-04-30 00:12:19 CEST; 17h ago
Process: 33440 ExecStop=/usr/sbin/SuSEfirewall2 systemd_stop (code=exited, status=0/SUCCESS)
Process: 2437 ExecStart=/usr/sbin/SuSEfirewall2 boot_setup (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/SuSEfirewall2.service

Apr 29 18:09:20 test2 systemd[1]: Starting SuSEfirewall2 phase 2...
Apr 29 18:09:20 test2 systemd[1]: Started SuSEfirewall2 phase 2.
Apr 29 18:09:20 test2 SuSEfirewall2[2443]: Setting up rules from /etc/sysconfig/SuSEfirewall2 ...
Apr 29 18:09:23 test2 SuSEfirewall2[2545]: Firewall rules successfully set
Apr 30 00:12:19 test2 systemd[1]: Stopping SuSEfirewall2 phase 2...
Apr 30 00:12:19 test2 SuSEfirewall2[33458]: Firewall rules unloaded.
Apr 30 00:12:19 test2 systemd[1]: Stopped SuSEfirewall2 phase 2.

TEST3 je nastaveny tak isto ako aj TEST2.

PROBLEM:

Ak skusim pingnut hocico na teset2 alebo 3 vypise mi to:
test2:~ # ping www.google.com
connect: Network is unreachable

Na test1 avsak funguje vsetko ako ma:
test1:/etc # ping -c 3 www.google.com
PING www.google.com (173.194.70.99) 56(84) bytes of data.
64 bytes from fa-in-f99.1e100.net (173.194.70.99): icmp_seq=1 ttl=44 time=20.0 ms
64 bytes from fa-in-f99.1e100.net (173.194.70.99): icmp_seq=2 ttl=44 time=19.9 ms
64 bytes from fa-in-f99.1e100.net (173.194.70.99): icmp_seq=3 ttl=44 time=19.8 ms

--- www.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 19.886/19.957/20.067/0.181 ms

Test1 ide pingnut zo servera test2:
test2:~ # ping -c 3 192.168.136.131
PING 192.168.136.131 (192.168.136.131) 56(84) bytes of data.
64 bytes from 192.168.136.131: icmp_seq=1 ttl=64 time=0.626 ms
64 bytes from 192.168.136.131: icmp_seq=2 ttl=64 time=0.335 ms
64 bytes from 192.168.136.131: icmp_seq=3 ttl=64 time=0.265 ms

--- 192.168.136.131 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.265/0.408/0.626/0.158 ms

Dakujem pekne za kazdu jednu radu