Docker Compose安装

两进制安装:

sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) \
-o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
$ docker-compose --version
docker-compose version 1.21.2, build a133471

pip安装:

pip install docker-compose

在CentOS 7上安装Docker CE

安装所需的包:

yum install -y yum-utils device-mapper-persistent-data lvm2

安装docker的repo:

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

安装docker ce:

yum install docker-ce

启动docker:

systemctl start docker

验证docker:

docker run hello-world

配置docker国内镜像:
编辑/etc/docker/daemon.json,添加以下一行

{
  "registry-mirrors": ["https://registry.docker-cn.com"]
}

重新启动docker:

systemctl restart docker

如要安装指定的旧版本则需要使用rpm安装,比如安装17.03.2.ce版本

yum remove -y docker-ce container-selinux
rm -rf /var/lib/docker
curl -O https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/Packages/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm
curl -O https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/Packages/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm
rpm -Uvh docker-ce*17.03.2.ce*.rpm

使用stunnel连接squid

安装stunnel及squid等
yum install stunnel squid openssl openssl-devel -y

配置并启用squid服务
systemctl enable squid
systemctl start squid

创建stunnel配置文件
cp /usr/share/doc/stunnel-4.56/stunnel.conf-sample /etc/stunnel/stunnel.conf
vi /etc/stunnel/stunnel.conf
在Service definitions处加入
[squid]
accept = 8888
connect = 127.0.0.1:3128
cert = /etc/stunnel/stunnel.pem

创建stunnel密钥
openssl genrsa -out key.pem 2048
openssl req -new -x509 -key key.pem -out cert.pem -days 3650
cat key.pem cert.pem >> /etc/stunnel/stunnel.pem

创建stunnel运行目录
mkdir /var/run/stunnel
chown nobody:nobody /var/run/stunnel

创建stunnel启动脚本
vi /etc/systemd/system/stunnel.service
; systemd script for stunnel. Please put this file in
; /etc/systemd/system/stunnel.service or /usr/lib/systemd/system/stunnel.service
[Unit]
Description=SSL tunnel for network daemons
After=syslog.target
[Service]
ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf
ExecStop=kill -9 $(pgrep stunnel)
ExecStatus=pgrep stunnel
Type=forking
[Install]
WantedBy=multi-user.target

配置并启用stunnel服务
systemctl enable stunnel
systemctl start stunnel

下载stunnel客户端
https://www.stunnel.org/downloads.html

修改客户端stunnel.conf配置,在Service definitions处加入
[squid]
client = yes
accept = 127.0.0.1:8080
connect = X.X.X.X:8888
cert = stunnel.pem

NetScaler VPX与VMware ESXi Patch 201410001兼容问题

在更新了ESXi550-201410001 (Build 2143827)或ESXi510-201410001 (Build 219751)补丁后,NetScaler VPX网卡工作不正常,表现为性能低下,无法登录GUI,ping丢失。

目前的解决方案如下:

  1. 登录VPX
  2. > shell
  3. root@ns# cd /flash/boot
  4. root@ns# vi loader.conf.local
    添加hw.em.txd=512
  5. root@ns# reboot

http://support.citrix.com/article/CTX200278

RHEL6与RHEL7的变化(转)

System and command changes between RHEL 6 and RHEL 7

Between RHEL6 and RHEL7 there are a number of changes to tools, commands, and workflows. Changes that are likely to affect common administrative tasks are listed here:

  • Anaconda RHEL installer completely redesigned1
  • Legacy GRUB boot loader replaced by GRUB22
  • Procedure for bypassing root password prompt at boot completely different3
  • SysV init system and all related tools replaced by systemd4
  • ext4 replaced by xfs as default filesystem type5
  • Directories /bin, /sbin, /lib and /lib64 are now all under the /usr directory6
  • Network interfaces have a new naming scheme based on physical device location (e.g., eth0 might become enp0s3)7
  • ntpd replaced by chronyd as the default network time protocol daemon8
  • GNOME2 replaced by GNOME3 as default desktop environment9
  • System registration and subscription now handled exclusively with Red Hat Subscription Management (RHSM)10
  • MySQL replaced by Mariadb11
  • tgtd replaced by targetcli12
  • High Availability Add-On: RGManager removed as resource-management option (in favor of Pacemaker); all CMAN features merged into Corosync (qdiskd replaced by votequorum plugin); all tools unified into pcs13
  • ifconfig and route commands are further deprecated in favor of ip
  • netstat further deprecated in favor of ss
  • System user UID range extended from 0-499 to 0-999
  • locate no longer available by default; (available as mlocate package)
  • nc (netcat) replaced by nmap-ncat

See footnotes for additional detail about these changes.

继续阅读

CentOS 7 (RHEL 7)服务管理命令的变化

CentOS 7 (RHEL 7)带来了新的服务管理命令,为了保持兼容原有的命令仍可以使用,以下是新旧命令的对照。

启动、停止、重启、重载、检查服务:
6: service httpd start|stop|restart|reload|status
7: systemctl start|stop|restart|reload|status httpd.service

允许、禁止服务自启动:
6: chkconfig httpd on|off
7: system enable|disable httpd.service

列出服务:
6: chkconfig –list
7: systemctl list-unit-files –type=service 或 ls /etc/systemd/system/*.wants/

添加服务:
6: chkconfig httpd –add
7: systemctl daemon-reload

使用PowerCLI批量修改虚拟机内存

由于要修改一批VDI机器的内存,数量比较多,就拿出了PowerCLI来进行批量修改,命令如下:

Connect-VIServer -Server vcenter.test.local -User admin -Password password

$VMs = Get-Cluster “Cluster” | Get-VM | Where { $_.Name -like “vdi-*” }

ForEach ($VM in $VMs) { Set-VM $VM -MemoryMB 2176 -Confirm:$False }

VMware vSphere 6.0 新特性预览

VMware可能在今年10月发布新版本的VMware vSphere虚拟化软件,版本号为6.0,以下是在6.0版本里可能增加的特性:

  1. 支持新的硬件、新的操作系统。加入了对OpenStack云的支持。客户机操作系统可能会增加FreeBSD 10.0、Chrome OS等。
  2. 增加了系统的最大配置:单个虚拟机最大支持128个vCPU和4TB内存,单ESX最多支持480个物理CPU、12TB内存、64TB存储、1000个虚拟机。并且虚拟机的图像性能得到提升。
  3. 增强了存储的可用性:支持VSAN、vVol、vFlash,并且vSphere Replication和SRM都得到增强。
  4. 支持NFSv4.1,并且支持Kerberos验证。
  5. vMotion增强:vMotion可以跨vCenter Server、跨vSwitch间进行,支持长距离(大于100毫秒延迟的网络)的vMotion。
  6. 支持多处理器的Fault Tolerance(SMP-FT):目前(5.x)的FT版本仅支持单vCPU的虚拟机,新版本可以支持4 vCPU的FT,将大大提高FT的实用性。
  7. 跨站点的内容库:使多个站点间的ISO镜像、虚拟机模板等管理简单化,保持各站点文件的统一性。

VMware vSphere产品升级顺序

vsphere-update-sequence

产品的缩写名对应如下:

vCloud Director (VCD)
vShield Manager (VSM)
Horizon View
vCenter Server
vSphere Replication (VR)
vCenter Site Recovery Manager (SRM)
vCenter Operations Manager (vCOPS)
vSphere Data Protection (VDP)
vSphere Storage Appliance (VSA)
ESXi
vShield Edge
vShield App
vShield Endpoint