know-how:master
Inhaltsverzeichnis
Anforderungen
- Das „master“ System dient Pannonia IT als Basis für diverse Virtualisierungen die mit „KVM“ durchgeführt werden und soll as simple as possible sein
- Virtualisierungshost für zB: fileserver / firewall / webserver / backup u.v.m.
Installation von Rescue System bei Hetzner für Root Server
- Achtung hier Debian 11 Scratchpad / kein UEFI sondern legacy bios
master setup base
root@rescue ~ # gdisk /dev/sda
GPT fdisk (gdisk) version 1.0.6
Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Warning: Partition table header claims that the size of partition table
entries is 16843009 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: not present
Creating new GPT entries in memory.
Command (? for help): ?
b back up GPT data to a file
c change a partition's name
d delete a partition
i show detailed information on a partition
l list known partition types
n add a new partition
o create a new empty GUID partition table (GPT)
p print the partition table
q quit without saving changes
r recovery and transformation options (experts only)
s sort partitions
t change a partition's type code
v verify disk
w write table to disk and exit
x extra functionality (experts only)
? print this menu
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}:
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.
-----
root@rescue ~ # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6
Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Caution: invalid main GPT header, but valid backup; regenerating main header
from backup!
Warning: Invalid CRC on main header data; loaded backup partition table.
Warning! One or more CRCs don't match. You should repair the disk!
Main header: ERROR
Backup header: OK
Main partition table: OK
Backup partition table: OK
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: damaged
Found invalid MBR and corrupt GPT. What do you want to do? (Using the
GPT MAY permit recovery of GPT data.)
1 - Use current GPT
2 - Create blank GPT
Your answer: 2
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}:
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
The operation has completed successfully
----
create RAID1
# mdadm --create /dev/md0 --level=raid1 --raid-devices=2 /dev/sda2 /dev/sdb2
---
create physical volume device for lvm
root@rescue ~ # pvcreate /dev/md0
Physical volume "/dev/md0" successfully created.
----
create volume group
root@rescue ~ # vgcreate master /dev/md0
Volume group "master" successfully created
----
create logical volume for root filesystem
root@rescue ~ # man lvcreate
root@rescue ~ # lvcreate -L 35G -n root master
Logical volume "root" created.
---
create ext4 filesystem for root Filesystem
root@rescue ~ # mkfs.ext4 /dev/mapper/master-root -L ROOT_FS
mke2fs 1.46.2 (28-Feb-2021)
Creating filesystem with 9175040 4k blocks and 2293760 inodes
Filesystem UUID: 100ea202-f3c5-4f02-8b0a-d59596af5f00
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624
Allocating group tables: done
Writing inode tables: done
Creating journal (65536 blocks): done
Writing superblocks and filesystem accounting information: done
--
mount ext4 filesystem on /mnt/tmp/
root@rescue ~ # mkdir /mnt/tmp
root@rescue ~ # mount /dev/mapper/master-root /mnt/tmp/
----
deboostrap a current debian system
root@rescue /mnt/tmp # debootstrap bullseye ./ http://deb.debian.org/debian
----
chroot into new environment
root@rescue /mnt/tmp # mount -t proc none proc/
root@rescue /mnt/tmp # mount -t sysfs none sys
root@rescue /mnt/tmp # mount -o bind /dev dev/
root@rescue /mnt/tmp # chroot ./ /bin/bash
---
install necessary packages mdadm / lvm2 for system to work
root@rescue:/# apt-get install mdadm lvm2 vim openssh-server man htop
---
erlaube temporär Root Login mit Passwort und setze ordentliches Passwort >20 Zeichen
root@rescue:/# vim /etc/ssh/sshd_config
root@rescue:/# passwd
New password:
Retype new password:
passwd: password updated successfully
root@rescue:/# grep -i PermitRoot /etc/ssh/sshd_config
PermitRootLogin yes
----
---
grub2 installieren zum booten der maschine
root@rescue:/# apt-get install grub2
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
grub-install: warning: this GPT partition label contains no BIOS Boot Partition; embedding won't be possible.
grub-install: error: embedding is not possible, but this is required for RAID and LVM install.
---
sda1 anpassen mach ma bios boot partition draus - ef02
root@rescue /mnt/tmp # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6
Partition table scan:
MBR: protective
BSD: not present
APM: not present
GPT: present
Found valid GPT with protective MBR; using GPT.
Command (? for help): ?
b back up GPT data to a file
c change a partition's name
d delete a partition
i show detailed information on a partition
l list known partition types
n add a new partition
o create a new empty GUID partition table (GPT)
p print the partition table
q quit without saving changes
r recovery and transformation options (experts only)
s sort partitions
t change a partition's type code
v verify disk
w write table to disk and exit
x extra functionality (experts only)
? print this menu
Command (? for help): t
Partition number (1-2): 1
Current type is EF01 (MBR partition scheme)
Hex code or GUID (L to show codes, Enter = EF01): ef02
Changed type of partition to 'BIOS boot partition'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot or after you
run partprobe(8) or kpartx(8)
The operation has completed successfully
...
so muss es aussehen wenn von mbr / bios legacy gebootet wird
root@rescue /mnt/tmp # chroot ./ /bin/bash
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
Installation finished. No error reported.
root@master:/# grub-install /dev/sdb
Installing for i386-pc platform.
Installation finished. No error reported
---
raid1 infos vom hostsystem ins chroot
root@master:/# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
---
Kernel Installation
apt-get install linux-image-amd64
---
Netzwerk konfigurieren damit die MAschine auch korrekte IP Infos bekommt beim booten e.g.
/etc/default/grub
..
GRUB_CMDLINE_LINUX="net.ifnames=0"
...
update-grub2
...
--
Warning wegen fehlender Firmware sources (in dem Fall realtek Netzwerkkarte) anpassen non-free hinzufügen
root@master:~# cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main non-free
deb http://security.debian.org/debian-security bullseye-security main non-free
deb http://ftp.de.debian.org/debian bullseye-updates main non-free
root@master:~# apt-get install firmware-realtek
root@master:~# update-initramfs -k all -u
---
root@master:/# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address IP
netmask NETMASK
gateway GATEWAY
-----
fstab für root partition konfigurieren
root@master:/# cat /etc/fstab
# UNCONFIGURED FSTAB FOR BASE SYSTEM
LABEL=ROOT_FS / ext4 errors=remount-ro 0 1
---
check ob ich bereits booten kann
root@master /mnt # cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 sdb2[1] sda2[0]
1953227840 blocks super 1.2 [2/2] [UU]
[=====>...............] resync = 29.2% (571644672/1953227840) finish=157.0min speed=146638K/sec
bitmap: 11/15 pages [44KB], 65536KB chunk
unused devices: <none>
reboot
--
ja geht :)
Installation von USB Stick (dvd iso)
- Die folgende Installation wurde mit 2x M.2 Crucial 500GB (https://www.amazon.de/-/en/dp/B0B25LQQPC?ref=ppx_yo2ov_dt_b_product_details&th=1) und dieser Firewall Appliance (https://www.amazon.de/-/en/dp/B0B53MKZBX?psc=1&ref=ppx_yo2ov_dt_b_product_details , https://www.amazon.de/-/en/dp/B08C4WV6FT?psc=1&ref=ppx_yo2ov_dt_b_product_details) durchgeführt.
- Basissystem: Debian 12 Bookworm :)
preseed erstellen für die Automatisierung der Installationsfragen
know-how/master.txt · Zuletzt geändert: 2024/02/26 10:32 von cc