From 9f2fc3f3d3305b9f13ad4658208019a488dc05ce Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zolt=C3=A1n=20Felleg?= Date: Tue, 5 Nov 2019 14:56:36 +0100 Subject: [PATCH] Added vhost1.usr and vhost2.usr. --- .hgignore | 2 +- sources/vhost1.usr/01_setupnetworking.sh | 129 ++++++++++++++++++++ sources/vhost1.usr/99_setupsystem.sh | 19 +++ sources/vhost1.usr/etc/lxc.conf | 1 + sources/vhost1.usr/etc/sysctl.d/01-lxc.conf | 8 ++ sources/vhost2.usr/01_setupnetworking.sh | 129 ++++++++++++++++++++ sources/vhost2.usr/99_setupsystem.sh | 19 +++ sources/vhost2.usr/etc/lxc.conf | 1 + sources/vhost2.usr/etc/sysctl.d/01-lxc.conf | 8 ++ 9 files changed, 315 insertions(+), 1 deletion(-) create mode 100755 sources/vhost1.usr/01_setupnetworking.sh create mode 100755 sources/vhost1.usr/99_setupsystem.sh create mode 100644 sources/vhost1.usr/etc/lxc.conf create mode 100644 sources/vhost1.usr/etc/sysctl.d/01-lxc.conf create mode 100755 sources/vhost2.usr/01_setupnetworking.sh create mode 100755 sources/vhost2.usr/99_setupsystem.sh create mode 100644 sources/vhost2.usr/etc/lxc.conf create mode 100644 sources/vhost2.usr/etc/sysctl.d/01-lxc.conf diff --git a/.hgignore b/.hgignore index 70adf6f..e4f648b 100644 --- a/.hgignore +++ b/.hgignore @@ -1,4 +1,4 @@ -style: regexp +syntax: regexp ^backups/ ^containers/ ^filesystems/ diff --git a/sources/vhost1.usr/01_setupnetworking.sh b/sources/vhost1.usr/01_setupnetworking.sh new file mode 100755 index 0000000..40eb506 --- /dev/null +++ b/sources/vhost1.usr/01_setupnetworking.sh @@ -0,0 +1,129 @@ +#!/bin/sh +set -x + +# network interfaces are: +# eno1: port 1 of sysplanar NetXtreme II, used for internal bond +# eno2: port 2 of sysplanar NetXtreme II, used for external bond +# eno3: port 3 of sysplanar NetXtreme II, used for internal bond +# eno4: port 4 of sysplanar NetXtreme II, used for external bond +# ens2f0: port 0 of PCIe NetXtreme, unused +# ens2f1: port 1 of PCIe NetXtreme, unused +# ens2f2: port 2 of PCIe NetXtreme, unused +# ens2f3: port 3 of PCIe NetXtreme, unused +# enp0s29f0u2: IMM + + +INTERNAL_BOND_NAME=bondi +INTERNAL_BOND_DEVICE=${INTERNAL_BOND_NAME}-dev +INTERNAL_BOND_SLAVE_1_NAME=${INTERNAL_BOND_NAME}-slave-1 +INTERNAL_BOND_SLAVE_1_DEVICE=eno1 +INTERNAL_BOND_SLAVE_2_NAME=${INTERNAL_BOND_NAME}-slave-2 +INTERNAL_BOND_SLAVE_2_DEVICE=eno3 + +INTERNAL_BRIDGE_NAME=bri +INTERNAL_BRIDGE_DEVICE=${INTERNAL_BRIDGE_NAME}-dev + +HOST_ONLY_BRIDGE_NAME=brh +HOST_ONLY_BRIDGE_DEVICE=${HOST_ONLY_BRIDGE_NAME}-dev + +EXTERNAL_BOND_NAME=bonde +EXTERNAL_BOND_DEVICE=${EXTERNAL_BOND_NAME}-dev +EXTERNAL_BOND_SLAVE_1_NAME=${EXTERNAL_BOND_NAME}-slave-1 +EXTERNAL_BOND_SLAVE_1_DEVICE=eno2 +EXTERNAL_BOND_SLAVE_2_NAME=${EXTERNAL_BOND_NAME}-slave-2 +EXTERNAL_BOND_SLAVE_2_DEVICE=eno4 + + +nmcli connection delete $INTERNAL_BRIDGE_NAME +nmcli connection delete $INTERNAL_BOND_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_1_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_1_DEVICE +nmcli connection delete $INTERNAL_BOND_SLAVE_2_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_2_DEVICE +nmcli connection delete $HOST_ONLY_BRIDGE_NAME +nmcli connection delete $EXTERNAL_BOND_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_1_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_1_DEVICE +nmcli connection delete $EXTERNAL_BOND_SLAVE_2_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_2_DEVICE + + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BRIDGE_NAME \ + connection.interface-name $INTERNAL_BRIDGE_DEVICE \ + connection.type bridge \ + ipv4.addresses "10.228.93.1/16" \ + ipv4.dns "10.228.109.104, 10.228.109.253" \ + ipv4.dns-search "usr.user.hu" \ + ipv4.gateway "10.228.109.254" \ + ipv4.method "manual" \ + ipv6.method "ignore" \ + bridge.stp no \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_NAME \ + connection.interface-name $INTERNAL_BOND_DEVICE \ + connection.type bond \ + connection.master $INTERNAL_BRIDGE_DEVICE \ + connection.slave-type bridge \ + bond.options "mode=balance-xor,miimon=100" \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_SLAVE_1_NAME \ + connection.interface-name $INTERNAL_BOND_SLAVE_1_DEVICE \ + connection.master $INTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_SLAVE_2_NAME \ + connection.interface-name $INTERNAL_BOND_SLAVE_2_DEVICE \ + connection.master $INTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $HOST_ONLY_BRIDGE_NAME \ + connection.interface-name $HOST_ONLY_BRIDGE_DEVICE \ + connection.type bridge \ + ipv4.method "disabled" \ + ipv6.method "ignore" \ + bridge.stp no \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_NAME \ + connection.interface-name $EXTERNAL_BOND_DEVICE \ + connection.type bond \ + bond.options "mode=balance-xor,miimon=100" \ + ipv4.method "disabled" \ + ipv6.method "ignore" \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_SLAVE_1_NAME \ + connection.interface-name $EXTERNAL_BOND_SLAVE_1_DEVICE \ + connection.master $EXTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_SLAVE_2_NAME \ + connection.interface-name $EXTERNAL_BOND_SLAVE_2_DEVICE \ + connection.master $EXTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes diff --git a/sources/vhost1.usr/99_setupsystem.sh b/sources/vhost1.usr/99_setupsystem.sh new file mode 100755 index 0000000..08c9b24 --- /dev/null +++ b/sources/vhost1.usr/99_setupsystem.sh @@ -0,0 +1,19 @@ +#!/bin/sh + + +hostnamectl set-hostname vhost1.usr.user.hu +timedatectl set-timezone Europe/Budapest + +dnf install chrony logrotate lxc lxc-templates mercurial rsyslog screen vim-enhanced wget + +systemctl disable firewalld.service + +systemctl enable logrotate.timer +systemctl enable lxc.service +systemctl enable rsyslog.service + +systemctl start logrotate.timer +systemctl start lxc.service +systemctl start rsyslog.service + +systemctl stop firewalld.service diff --git a/sources/vhost1.usr/etc/lxc.conf b/sources/vhost1.usr/etc/lxc.conf new file mode 100644 index 0000000..48f7ddf --- /dev/null +++ b/sources/vhost1.usr/etc/lxc.conf @@ -0,0 +1 @@ +lxc.lxcpath = /lxc/containers diff --git a/sources/vhost1.usr/etc/sysctl.d/01-lxc.conf b/sources/vhost1.usr/etc/sysctl.d/01-lxc.conf new file mode 100644 index 0000000..77fcb19 --- /dev/null +++ b/sources/vhost1.usr/etc/sysctl.d/01-lxc.conf @@ -0,0 +1,8 @@ +#fs.inotify.max_queued_events = 16384 +# This is the default. + +fs.inotify.max_user_instances = 1024 +# The default is 128. + +#fs.inotify.max_user_watches = 8192 +# This is the default. diff --git a/sources/vhost2.usr/01_setupnetworking.sh b/sources/vhost2.usr/01_setupnetworking.sh new file mode 100755 index 0000000..15f8436 --- /dev/null +++ b/sources/vhost2.usr/01_setupnetworking.sh @@ -0,0 +1,129 @@ +#!/bin/sh +set -x + +# network interfaces are: +# eno1: port 1 of sysplanar NetXtreme II, used for internal bond +# eno2: port 2 of sysplanar NetXtreme II, used for external bond +# eno3: port 3 of sysplanar NetXtreme II, used for internal bond +# eno4: port 4 of sysplanar NetXtreme II, used for external bond +# ens2f0: port 0 of PCIe NetXtreme, unused +# ens2f1: port 1 of PCIe NetXtreme, unused +# ens2f2: port 2 of PCIe NetXtreme, unused +# ens2f3: port 3 of PCIe NetXtreme, unused +# enp0s29f0u2: IMM + + +INTERNAL_BOND_NAME=bondi +INTERNAL_BOND_DEVICE=${INTERNAL_BOND_NAME}-dev +INTERNAL_BOND_SLAVE_1_NAME=${INTERNAL_BOND_NAME}-slave-1 +INTERNAL_BOND_SLAVE_1_DEVICE=eno1 +INTERNAL_BOND_SLAVE_2_NAME=${INTERNAL_BOND_NAME}-slave-2 +INTERNAL_BOND_SLAVE_2_DEVICE=eno3 + +INTERNAL_BRIDGE_NAME=bri +INTERNAL_BRIDGE_DEVICE=${INTERNAL_BRIDGE_NAME}-dev + +HOST_ONLY_BRIDGE_NAME=brh +HOST_ONLY_BRIDGE_DEVICE=${HOST_ONLY_BRIDGE_NAME}-dev + +EXTERNAL_BOND_NAME=bonde +EXTERNAL_BOND_DEVICE=${EXTERNAL_BOND_NAME}-dev +EXTERNAL_BOND_SLAVE_1_NAME=${EXTERNAL_BOND_NAME}-slave-1 +EXTERNAL_BOND_SLAVE_1_DEVICE=eno2 +EXTERNAL_BOND_SLAVE_2_NAME=${EXTERNAL_BOND_NAME}-slave-2 +EXTERNAL_BOND_SLAVE_2_DEVICE=eno4 + + +nmcli connection delete $INTERNAL_BRIDGE_NAME +nmcli connection delete $INTERNAL_BOND_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_1_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_1_DEVICE +nmcli connection delete $INTERNAL_BOND_SLAVE_2_NAME +nmcli connection delete $INTERNAL_BOND_SLAVE_2_DEVICE +nmcli connection delete $HOST_ONLY_BRIDGE_NAME +nmcli connection delete $EXTERNAL_BOND_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_1_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_1_DEVICE +nmcli connection delete $EXTERNAL_BOND_SLAVE_2_NAME +nmcli connection delete $EXTERNAL_BOND_SLAVE_2_DEVICE + + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BRIDGE_NAME \ + connection.interface-name $INTERNAL_BRIDGE_DEVICE \ + connection.type bridge \ + ipv4.addresses "10.228.93.2/16" \ + ipv4.dns "10.228.109.104, 10.228.109.253" \ + ipv4.dns-search "usr.user.hu" \ + ipv4.gateway "10.228.109.254" \ + ipv4.method "manual" \ + ipv6.method "ignore" \ + bridge.stp no \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_NAME \ + connection.interface-name $INTERNAL_BOND_DEVICE \ + connection.type bond \ + connection.master $INTERNAL_BRIDGE_DEVICE \ + connection.slave-type bridge \ + bond.options "mode=balance-xor,miimon=100" \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_SLAVE_1_NAME \ + connection.interface-name $INTERNAL_BOND_SLAVE_1_DEVICE \ + connection.master $INTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $INTERNAL_BOND_SLAVE_2_NAME \ + connection.interface-name $INTERNAL_BOND_SLAVE_2_DEVICE \ + connection.master $INTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $HOST_ONLY_BRIDGE_NAME \ + connection.interface-name $HOST_ONLY_BRIDGE_DEVICE \ + connection.type bridge \ + ipv4.method "disabled" \ + ipv6.method "ignore" \ + bridge.stp no \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_NAME \ + connection.interface-name $EXTERNAL_BOND_DEVICE \ + connection.type bond \ + bond.options "mode=balance-xor,miimon=100" \ + ipv4.method "disabled" \ + ipv6.method "ignore" \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_SLAVE_1_NAME \ + connection.interface-name $EXTERNAL_BOND_SLAVE_1_DEVICE \ + connection.master $EXTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes + +nmcli connection add \ + connection.autoconnect yes \ + connection.id $EXTERNAL_BOND_SLAVE_2_NAME \ + connection.interface-name $EXTERNAL_BOND_SLAVE_2_DEVICE \ + connection.master $EXTERNAL_BOND_DEVICE \ + connection.slave-type bond \ + connection.type 802-3-ethernet \ + save yes diff --git a/sources/vhost2.usr/99_setupsystem.sh b/sources/vhost2.usr/99_setupsystem.sh new file mode 100755 index 0000000..b959988 --- /dev/null +++ b/sources/vhost2.usr/99_setupsystem.sh @@ -0,0 +1,19 @@ +#!/bin/sh + + +hostnamectl set-hostname vhost2.usr.user.hu +timedatectl set-timezone Europe/Budapest + +dnf install chrony logrotate lxc lxc-templates mercurial rsyslog screen vim-enhanced wget + +systemctl disable firewalld.service + +systemctl enable logrotate.timer +systemctl enable lxc.service +systemctl enable rsyslog.service + +systemctl start logrotate.timer +systemctl start lxc.service +systemctl start rsyslog.service + +systemctl stop firewalld.service diff --git a/sources/vhost2.usr/etc/lxc.conf b/sources/vhost2.usr/etc/lxc.conf new file mode 100644 index 0000000..48f7ddf --- /dev/null +++ b/sources/vhost2.usr/etc/lxc.conf @@ -0,0 +1 @@ +lxc.lxcpath = /lxc/containers diff --git a/sources/vhost2.usr/etc/sysctl.d/01-lxc.conf b/sources/vhost2.usr/etc/sysctl.d/01-lxc.conf new file mode 100644 index 0000000..77fcb19 --- /dev/null +++ b/sources/vhost2.usr/etc/sysctl.d/01-lxc.conf @@ -0,0 +1,8 @@ +#fs.inotify.max_queued_events = 16384 +# This is the default. + +fs.inotify.max_user_instances = 1024 +# The default is 128. + +#fs.inotify.max_user_watches = 8192 +# This is the default. -- 2.54.0