Zone pilveserveri kasutamine: erinevus redaktsioonide vahel

Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
(Uus lehekülg: '===Sissejuhatus=== TODO ===Arvuti omadused=== TODO ===Kasulikud lisamaterjalid=== * TODO')
 
 
(ei näidata sama kasutaja 6 vahepealset redaktsiooni)
5. rida: 5. rida:
 
===Arvuti omadused===
  
===Arvuti omadused===
   
  +
====cloud-init====
TODO
  
  +
  +
<pre>
  +
root@gvn-78-91:~# lsscsi -s
  +
[0:0:0:0] cd/dvd QEMU QEMU DVD-ROM 2.5+ /dev/sr0 376kB
  +
  +
root@gvn-78-91:~# mount /dev/sr0 /mnt/sr0
  +
mount: /mnt/sr0: WARNING: source write-protected, mounted read-only.
  +
  +
root@gvn-78-91:~# df -h -T -t iso9660
  +
Filesystem Type Size Used Avail Use% Mounted on
  +
/dev/sr0 iso9660 368K 368K 0 100% /mnt/sr0
  +
  +
root@gvn-78-91:~# find /mnt/sr0/ -ls
  +
1792 2 dr-xr-xr-x 2 503 503 2048 Dec 30 15:55 /mnt/sr0/
  +
1799 1 -rw-r--r-- 1 503 503 19 Dec 30 15:55 /mnt/sr0/meta-data
  +
1804 1 -rw-r--r-- 1 503 503 133 Dec 30 15:55 /mnt/sr0/network-config
  +
1808 1 -rw-r--r-- 1 503 503 662 Dec 30 15:55 /mnt/sr0/user-data
  +
  +
root@gvn-78-91:~# cat /mnt/sr0/meta-data
  +
#cloud-config
  +
{ }
  +
  +
root@gvn-78-91:~# cat /mnt/sr0/network-config
  +
#cloud-config
  +
version: 2
  +
ethernets:
  +
eth0:
  +
addresses: [10.146.78.91/32]
  +
eth1:
  +
addresses: [10.146.78.91/32]
  +
  +
root@gvn-78-91:~# cat /mnt/sr0/user-data
  +
#cloud-config
  +
fqdn: gvn-78-91.tll07.zonevs.eu
  +
runcmd:
  +
- 'mkdir /home/debian/.ssh'
  +
- 'chmod 700 /home/debian/.ssh'
  +
- 'chown debian:debian /home/debian/.ssh'
  +
- 'touch /home/debian/.ssh/authorized_keys'
  +
- 'chmod 600 /home/debian/.ssh/authorized_keys'
  +
- 'chown debian:debian /home/debian/.ssh/authorized_keys'
  +
- 'echo root:`openssl rand -base64 42` | chpasswd'
  +
users:
  +
-
  +
name: debian
  +
sudo: 'ALL=(ALL) NOPASSWD:ALL'
  +
groups: sudo
  +
shell: /bin/bash
  +
ssh_authorized_keys: ['ssh-ed25519 xxx']
  +
package_upgrade: true
  +
package_update: true
  +
</pre>
  +
  +
====Misc====
  +
  +
unix sockets
  +
  +
<pre>
  +
root@gvn-78-91:~# netstat -lnpx
  +
Active UNIX domain sockets (only servers)
  +
Proto RefCnt Flags Type State I-Node PID/Program name Path
  +
unix 2 [ ACC ] STREAM LISTENING 3621 1/init /run/systemd/io.systemd.sysext
  +
unix 2 [ ACC ] STREAM LISTENING 10162 1018/systemd /run/user/1000/systemd/private
  +
unix 2 [ ACC ] STREAM LISTENING 10179 1018/systemd /run/user/1000/openssh_agent
  +
unix 2 [ ACC ] STREAM LISTENING 5808 679/systemd-network /run/systemd/netif/io.systemd.Network
  +
unix 2 [ ACC ] STREAM LISTENING 2383 1/init /run/systemd/private
  +
unix 2 [ ACC ] STREAM LISTENING 2384 1/init /run/systemd/userdb/io.systemd.DynamicUser
  +
unix 2 [ ACC ] STREAM LISTENING 2385 1/init /run/systemd/io.systemd.ManagedOOM
  +
unix 2 [ ACC ] STREAM LISTENING 2401 1/init /run/systemd/io.systemd.Credentials
  +
unix 2 [ ACC ] STREAM LISTENING 2404 1/init /run/systemd/journal/stdout
  +
unix 2 [ ACC ] SEQPACKET LISTENING 2406 1/init /run/udev/control
  +
unix 2 [ ACC ] STREAM LISTENING 6052 1/init /run/acpid.socket
  +
unix 2 [ ACC ] STREAM LISTENING 6061 1/init /run/dbus/system_bus_socket
  +
unix 2 [ ACC ] STREAM LISTENING 6072 1/init /run/ssh-unix-local/socket
  +
unix 2 [ ACC ] STREAM LISTENING 6074 1/init /run/systemd/io.systemd.Hostname
  +
unix 2 [ ACC ] STREAM LISTENING 2619 301/systemd-journal /run/systemd/journal/io.systemd.journal
  +
unix 2 [ ACC ] STREAM LISTENING 6076 1/init /run/uuidd/request
  +
unix 2 [ ACC ] STREAM LISTENING 3258 348/systemd-resolve /run/systemd/resolve/io.systemd.Resolve
  +
unix 2 [ ACC ] STREAM LISTENING 3259 348/systemd-resolve /run/systemd/resolve/io.systemd.Resolve.Monitor
  +
</pre>
  +
  +
d-bus
  +
  +
<pre>
  +
root@gvn-78-91:~# busctl list
  +
NAME PID PROCESS USER CONNECTION UNIT SESSION DESCRIPTION
  +
:1.0 348 systemd-resolve systemd-resolve :1.0 systemd-resolved.service - -
  +
:1.1 679 systemd-network systemd-network :1.1 systemd-networkd.service - -
  +
:1.14 1018 systemd debian :1.14 user@1000.service - -
  +
:1.2 1 systemd root :1.2 init.scope - -
  +
:1.23 2453 busctl root :1.23 session-1.scope 1 -
  +
:1.3 747 systemd-logind root :1.3 systemd-logind.service - -
  +
:1.5 741 networkd-dispat root :1.5 networkd-dispatcher.service - -
  +
:1.7 782 unattended-upgr root :1.7 unattended-upgrades.service - -
  +
io.netplan.Netplan - - - (activatable) - - -
  +
org.freedesktop.DBus 1 systemd root - init.scope - -
  +
org.freedesktop.PolicyKit1 - - - (activatable) - - -
  +
org.freedesktop.hostname1 - - - (activatable) - - -
  +
org.freedesktop.locale1 - - - (activatable) - - -
  +
org.freedesktop.login1 747 systemd-logind root :1.3 systemd-logind.service - -
  +
org.freedesktop.network1 679 systemd-network systemd-network :1.1 systemd-networkd.service - -
  +
org.freedesktop.resolve1 348 systemd-resolve systemd-resolve :1.0 systemd-resolved.service - -
  +
org.freedesktop.systemd1 1 systemd root :1.2 init.scope - -
  +
org.freedesktop.timedate1 - - - (activatable) - - -
  +
</pre>
  +
  +
tulemüür
  +
  +
<pre>
  +
root@gvn-78-91:~# ufw status numbered
  +
Status: active
  +
  +
To Action From
  +
-- ------ ----
  +
[ 1] 22/tcp ALLOW IN Anywhere
  +
[ 2] 80/tcp ALLOW IN Anywhere
  +
[ 3] 443/tcp ALLOW IN Anywhere
  +
[ 4] 22/tcp (v6) ALLOW IN Anywhere (v6)
  +
[ 5] 80/tcp (v6) ALLOW IN Anywhere (v6)
  +
[ 6] 443/tcp (v6) ALLOW IN Anywhere (v6)
  +
</pre>
  +
  +
ning
  +
  +
<pre>
  +
root@gvn-78-91:~# egrep -i ci-info /var/log/syslog
  +
2025-12-31T06:35:01.549140+00:00 gvn-78-91 cloud-init[382]: ci-info: ++++++++++++++++++++++++++++++++++++++++Net device info++++++++++++++++++++++++++++++++++++++++
  +
2025-12-31T06:35:01.549145+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
  +
2025-12-31T06:35:01.549148+00:00 gvn-78-91 cloud-init[382]: ci-info: | Device | Up | Address | Mask | Scope | Hw-Address |
  +
2025-12-31T06:35:01.549151+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
  +
2025-12-31T06:35:01.549153+00:00 gvn-78-91 cloud-init[382]: ci-info: | eth0 | True | 10.146.78.91 | 255.255.255.255 | global | 20:43:69:1d:35:00 |
  +
2025-12-31T06:35:01.549156+00:00 gvn-78-91 cloud-init[382]: ci-info: | eth0 | True | fe80::2243:69ff:fe1d:3500/64 | . | link | 20:43:69:1d:35:00 |
  +
2025-12-31T06:35:01.549159+00:00 gvn-78-91 cloud-init[382]: ci-info: | eth1 | True | 10.146.78.91 | 255.255.255.255 | global | 20:43:69:1d:35:01 |
  +
2025-12-31T06:35:01.549164+00:00 gvn-78-91 cloud-init[382]: ci-info: | eth1 | True | fe80::2243:69ff:fe1d:3501/64 | . | link | 20:43:69:1d:35:01 |
  +
2025-12-31T06:35:01.549167+00:00 gvn-78-91 cloud-init[382]: ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | host | . |
  +
2025-12-31T06:35:01.549170+00:00 gvn-78-91 cloud-init[382]: ci-info: | lo | True | ::1/128 | . | host | . |
  +
2025-12-31T06:35:01.549173+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
  +
2025-12-31T06:35:01.549176+00:00 gvn-78-91 cloud-init[382]: ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++
  +
2025-12-31T06:35:01.549181+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+
  +
2025-12-31T06:35:01.549184+00:00 gvn-78-91 cloud-init[382]: ci-info: | Route | Destination | Gateway | Interface | Flags |
  +
2025-12-31T06:35:01.549186+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+
  +
2025-12-31T06:35:01.549189+00:00 gvn-78-91 cloud-init[382]: ci-info: | 0 | fe80::/64 | :: | eth0 | U |
  +
2025-12-31T06:35:01.549192+00:00 gvn-78-91 cloud-init[382]: ci-info: | 1 | fe80::/64 | :: | eth1 | U |
  +
2025-12-31T06:35:01.549195+00:00 gvn-78-91 cloud-init[382]: ci-info: | 3 | local | :: | eth0 | U |
  +
2025-12-31T06:35:01.549200+00:00 gvn-78-91 cloud-init[382]: ci-info: | 4 | local | :: | eth1 | U |
  +
2025-12-31T06:35:01.549203+00:00 gvn-78-91 cloud-init[382]: ci-info: | 5 | multicast | :: | eth0 | U |
  +
2025-12-31T06:35:01.549206+00:00 gvn-78-91 cloud-init[382]: ci-info: | 6 | multicast | :: | eth1 | U |
  +
2025-12-31T06:35:01.549209+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+
  +
  +
root@gvn-78-91:~# cat /etc/netplan/50-cloud-init.yaml
  +
network:
  +
version: 2
  +
ethernets:
  +
eth0:
  +
addresses:
  +
- "10.146.78.91/32"
  +
eth1:
  +
addresses:
  +
- "10.146.78.91/32"
  +
</pre>
  +
  +
kellaaeg
  +
  +
<pre>
  +
root@gvn-78-91:~# timedatectl
  +
Local time: Wed 2025-12-31 07:30:29 UTC
  +
Universal time: Wed 2025-12-31 07:30:29 UTC
  +
RTC time: Wed 2025-12-31 07:30:30
  +
Time zone: UTC (UTC, +0000)
  +
System clock synchronized: yes
  +
NTP service: active
  +
RTC in local TZ: no
  +
  +
  +
root@gvn-78-91:~# timedatectl set-timezone Europe/Tallinn
  +
</pre>
   
 
===Kasulikud lisamaterjalid===
  
===Kasulikud lisamaterjalid===

Viimane redaktsioon: 31. detsember 2025, kell 09:55

Sissejuhatus

TODO

Arvuti omadused

cloud-init

root@gvn-78-91:~# lsscsi -s
[0:0:0:0]    cd/dvd  QEMU     QEMU DVD-ROM     2.5+  /dev/sr0    376kB

root@gvn-78-91:~# mount /dev/sr0 /mnt/sr0
mount: /mnt/sr0: WARNING: source write-protected, mounted read-only.

root@gvn-78-91:~# df -h -T -t iso9660
Filesystem     Type     Size  Used Avail Use% Mounted on
/dev/sr0       iso9660  368K  368K     0 100% /mnt/sr0

root@gvn-78-91:~# find /mnt/sr0/ -ls
     1792      2 dr-xr-xr-x   2 503      503          2048 Dec 30 15:55 /mnt/sr0/
     1799      1 -rw-r--r--   1 503      503            19 Dec 30 15:55 /mnt/sr0/meta-data
     1804      1 -rw-r--r--   1 503      503           133 Dec 30 15:55 /mnt/sr0/network-config
     1808      1 -rw-r--r--   1 503      503           662 Dec 30 15:55 /mnt/sr0/user-data

root@gvn-78-91:~# cat /mnt/sr0/meta-data
#cloud-config
{  }

root@gvn-78-91:~# cat /mnt/sr0/network-config
#cloud-config
version: 2
ethernets:
    eth0:
        addresses: [10.146.78.91/32]
    eth1:
        addresses: [10.146.78.91/32]

root@gvn-78-91:~# cat /mnt/sr0/user-data
#cloud-config
fqdn: gvn-78-91.tll07.zonevs.eu
runcmd:
    - 'mkdir /home/debian/.ssh'
    - 'chmod 700 /home/debian/.ssh'
    - 'chown debian:debian /home/debian/.ssh'
    - 'touch /home/debian/.ssh/authorized_keys'
    - 'chmod 600 /home/debian/.ssh/authorized_keys'
    - 'chown debian:debian /home/debian/.ssh/authorized_keys'
    - 'echo root:`openssl rand -base64 42` | chpasswd'
users:
    -
        name: debian
        sudo: 'ALL=(ALL) NOPASSWD:ALL'
        groups: sudo
        shell: /bin/bash
        ssh_authorized_keys: ['ssh-ed25519 xxx']
package_upgrade: true
package_update: true

Misc

unix sockets 

root@gvn-78-91:~# netstat -lnpx
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   PID/Program name     Path
unix  2      [ ACC ]     STREAM     LISTENING     3621     1/init               /run/systemd/io.systemd.sysext
unix  2      [ ACC ]     STREAM     LISTENING     10162    1018/systemd         /run/user/1000/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     10179    1018/systemd         /run/user/1000/openssh_agent
unix  2      [ ACC ]     STREAM     LISTENING     5808     679/systemd-network  /run/systemd/netif/io.systemd.Network
unix  2      [ ACC ]     STREAM     LISTENING     2383     1/init               /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     2384     1/init               /run/systemd/userdb/io.systemd.DynamicUser
unix  2      [ ACC ]     STREAM     LISTENING     2385     1/init               /run/systemd/io.systemd.ManagedOOM
unix  2      [ ACC ]     STREAM     LISTENING     2401     1/init               /run/systemd/io.systemd.Credentials
unix  2      [ ACC ]     STREAM     LISTENING     2404     1/init               /run/systemd/journal/stdout
unix  2      [ ACC ]     SEQPACKET  LISTENING     2406     1/init               /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     6052     1/init               /run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     6061     1/init               /run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     6072     1/init               /run/ssh-unix-local/socket
unix  2      [ ACC ]     STREAM     LISTENING     6074     1/init               /run/systemd/io.systemd.Hostname
unix  2      [ ACC ]     STREAM     LISTENING     2619     301/systemd-journal  /run/systemd/journal/io.systemd.journal
unix  2      [ ACC ]     STREAM     LISTENING     6076     1/init               /run/uuidd/request
unix  2      [ ACC ]     STREAM     LISTENING     3258     348/systemd-resolve  /run/systemd/resolve/io.systemd.Resolve
unix  2      [ ACC ]     STREAM     LISTENING     3259     348/systemd-resolve  /run/systemd/resolve/io.systemd.Resolve.Monitor

d-bus 

root@gvn-78-91:~# busctl list
NAME                        PID PROCESS         USER            CONNECTION    UNIT                        SESSION DESCRIPTION
:1.0                        348 systemd-resolve systemd-resolve :1.0          systemd-resolved.service    -       -
:1.1                        679 systemd-network systemd-network :1.1          systemd-networkd.service    -       -
:1.14                      1018 systemd         debian          :1.14         user@1000.service           -       -
:1.2                          1 systemd         root            :1.2          init.scope                  -       -
:1.23                      2453 busctl          root            :1.23         session-1.scope             1       -
:1.3                        747 systemd-logind  root            :1.3          systemd-logind.service      -       -
:1.5                        741 networkd-dispat root            :1.5          networkd-dispatcher.service -       -
:1.7                        782 unattended-upgr root            :1.7          unattended-upgrades.service -       -
io.netplan.Netplan            - -               -               (activatable) -                           -       -
org.freedesktop.DBus          1 systemd         root            -             init.scope                  -       -
org.freedesktop.PolicyKit1    - -               -               (activatable) -                           -       -
org.freedesktop.hostname1     - -               -               (activatable) -                           -       -
org.freedesktop.locale1       - -               -               (activatable) -                           -       -
org.freedesktop.login1      747 systemd-logind  root            :1.3          systemd-logind.service      -       -
org.freedesktop.network1    679 systemd-network systemd-network :1.1          systemd-networkd.service    -       -
org.freedesktop.resolve1    348 systemd-resolve systemd-resolve :1.0          systemd-resolved.service    -       -
org.freedesktop.systemd1      1 systemd         root            :1.2          init.scope                  -       -
org.freedesktop.timedate1     - -               -               (activatable) -                           -       -

tulemüür 

root@gvn-78-91:~# ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere
[ 2] 80/tcp                     ALLOW IN    Anywhere
[ 3] 443/tcp                    ALLOW IN    Anywhere
[ 4] 22/tcp (v6)                ALLOW IN    Anywhere (v6)
[ 5] 80/tcp (v6)                ALLOW IN    Anywhere (v6)
[ 6] 443/tcp (v6)               ALLOW IN    Anywhere (v6)

ning 

root@gvn-78-91:~# egrep -i ci-info /var/log/syslog
2025-12-31T06:35:01.549140+00:00 gvn-78-91 cloud-init[382]: ci-info: ++++++++++++++++++++++++++++++++++++++++Net device info++++++++++++++++++++++++++++++++++++++++
2025-12-31T06:35:01.549145+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
2025-12-31T06:35:01.549148+00:00 gvn-78-91 cloud-init[382]: ci-info: | Device |  Up  |           Address            |       Mask      | Scope  |     Hw-Address    |
2025-12-31T06:35:01.549151+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
2025-12-31T06:35:01.549153+00:00 gvn-78-91 cloud-init[382]: ci-info: |  eth0  | True |        10.146.78.91          | 255.255.255.255 | global | 20:43:69:1d:35:00 |
2025-12-31T06:35:01.549156+00:00 gvn-78-91 cloud-init[382]: ci-info: |  eth0  | True | fe80::2243:69ff:fe1d:3500/64 |        .        |  link  | 20:43:69:1d:35:00 |
2025-12-31T06:35:01.549159+00:00 gvn-78-91 cloud-init[382]: ci-info: |  eth1  | True |        10.146.78.91          | 255.255.255.255 | global | 20:43:69:1d:35:01 |
2025-12-31T06:35:01.549164+00:00 gvn-78-91 cloud-init[382]: ci-info: |  eth1  | True | fe80::2243:69ff:fe1d:3501/64 |        .        |  link  | 20:43:69:1d:35:01 |
2025-12-31T06:35:01.549167+00:00 gvn-78-91 cloud-init[382]: ci-info: |   lo   | True |          127.0.0.1           |    255.0.0.0    |  host  |         .         |
2025-12-31T06:35:01.549170+00:00 gvn-78-91 cloud-init[382]: ci-info: |   lo   | True |           ::1/128            |        .        |  host  |         .         |
2025-12-31T06:35:01.549173+00:00 gvn-78-91 cloud-init[382]: ci-info: +--------+------+------------------------------+-----------------+--------+-------------------+
2025-12-31T06:35:01.549176+00:00 gvn-78-91 cloud-init[382]: ci-info: +++++++++++++++++++Route IPv6 info+++++++++++++++++++
2025-12-31T06:35:01.549181+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+
2025-12-31T06:35:01.549184+00:00 gvn-78-91 cloud-init[382]: ci-info: | Route | Destination | Gateway | Interface | Flags |
2025-12-31T06:35:01.549186+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+
2025-12-31T06:35:01.549189+00:00 gvn-78-91 cloud-init[382]: ci-info: |   0   |  fe80::/64  |    ::   |    eth0   |   U   |
2025-12-31T06:35:01.549192+00:00 gvn-78-91 cloud-init[382]: ci-info: |   1   |  fe80::/64  |    ::   |    eth1   |   U   |
2025-12-31T06:35:01.549195+00:00 gvn-78-91 cloud-init[382]: ci-info: |   3   |    local    |    ::   |    eth0   |   U   |
2025-12-31T06:35:01.549200+00:00 gvn-78-91 cloud-init[382]: ci-info: |   4   |    local    |    ::   |    eth1   |   U   |
2025-12-31T06:35:01.549203+00:00 gvn-78-91 cloud-init[382]: ci-info: |   5   |  multicast  |    ::   |    eth0   |   U   |
2025-12-31T06:35:01.549206+00:00 gvn-78-91 cloud-init[382]: ci-info: |   6   |  multicast  |    ::   |    eth1   |   U   |
2025-12-31T06:35:01.549209+00:00 gvn-78-91 cloud-init[382]: ci-info: +-------+-------------+---------+-----------+-------+

root@gvn-78-91:~# cat /etc/netplan/50-cloud-init.yaml
network:
  version: 2
  ethernets:
    eth0:
      addresses:
      - "10.146.78.91/32"
    eth1:
      addresses:
      - "10.146.78.91/32"

kellaaeg 

root@gvn-78-91:~# timedatectl
               Local time: Wed 2025-12-31 07:30:29 UTC
           Universal time: Wed 2025-12-31 07:30:29 UTC
                 RTC time: Wed 2025-12-31 07:30:30
                Time zone: UTC (UTC, +0000)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no


root@gvn-78-91:~# timedatectl set-timezone Europe/Tallinn

Kasulikud lisamaterjalid

  • TODO
Pärit leheküljelt "https://www.auul.pri.ee/wiki/index.php?title=Zone_pilveserveri_kasutamine&oldid=2829"