know-how:master
Inhaltsverzeichnis
Anforderungen
- Das „master“ System dient Pannonia IT als Basis für diverse Virtualisierungen die mit „KVM“ durchgeführt werden und soll as simple as possible sein
- Virtualisierungshost für zB: fileserver / firewall / webserver / backup u.v.m.
Installation von Rescue System bei Hetzner für Root Server
- Achtung hier Debian 11 Scratchpad / kein UEFI sondern legacy bios
master setup base
root@rescue ~ # gdisk /dev/sda
GPT fdisk (gdisk) version 1.0.6
Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Warning: Partition table header claims that the size of partition table
entries is 16843009 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: not present
Creating new GPT entries in memory.
Command (? for help): ?
b back up GPT data to a file
c change a partition's name
d delete a partition
i show detailed information on a partition
l list known partition types
n add a new partition
o create a new empty GUID partition table (GPT)
p print the partition table
q quit without saving changes
r recovery and transformation options (experts only)
s sort partitions
t change a partition's type code
v verify disk
w write table to disk and exit
x extra functionality (experts only)
? print this menu
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}:
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sda.
The operation has completed successfully.
-----
root@rescue ~ # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6
Warning: Partition table header claims that the size of partition table
entries is 0 bytes, but this program supports only 128-byte entries.
Adjusting accordingly, but partition table may be garbage.
Caution: invalid main GPT header, but valid backup; regenerating main header
from backup!
Warning: Invalid CRC on main header data; loaded backup partition table.
Warning! One or more CRCs don't match. You should repair the disk!
Main header: ERROR
Backup header: OK
Main partition table: OK
Backup partition table: OK
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: damaged
Found invalid MBR and corrupt GPT. What do you want to do? (Using the
GPT MAY permit recovery of GPT data.)
1 - Use current GPT
2 - Create blank GPT
Your answer: 2
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-3907029134, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-3907029134, default = 3907029134) or {+-}size{KMGTP}: +150M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300):
Changed type of partition to 'Linux filesystem'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-3907029134, default = 309248) or {+-}size{KMGTP}:
Last sector (309248-3907029134, default = 3907029134) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
The operation has completed successfully
----
create RAID1
# mdadm --create /dev/md0 --level=raid1 --raid-devices=2 /dev/sda2 /dev/sdb2
---
create physical volume device for lvm
root@rescue ~ # pvcreate /dev/md0
Physical volume "/dev/md0" successfully created.
----
create volume group
root@rescue ~ # vgcreate master /dev/md0
Volume group "master" successfully created
----
create logical volume for root filesystem
root@rescue ~ # man lvcreate
root@rescue ~ # lvcreate -L 35G -n root master
Logical volume "root" created.
---
create ext4 filesystem for root Filesystem
root@rescue ~ # mkfs.ext4 /dev/mapper/master-root -L ROOT_FS
mke2fs 1.46.2 (28-Feb-2021)
Creating filesystem with 9175040 4k blocks and 2293760 inodes
Filesystem UUID: 100ea202-f3c5-4f02-8b0a-d59596af5f00
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624
Allocating group tables: done
Writing inode tables: done
Creating journal (65536 blocks): done
Writing superblocks and filesystem accounting information: done
--
mount ext4 filesystem on /mnt/tmp/
root@rescue ~ # mkdir /mnt/tmp
root@rescue ~ # mount /dev/mapper/master-root /mnt/tmp/
----
deboostrap a current debian system
root@rescue /mnt/tmp # debootstrap bullseye ./ http://deb.debian.org/debian
----
chroot into new environment
root@rescue /mnt/tmp # mount -t proc none proc/
root@rescue /mnt/tmp # mount -t sysfs none sys
root@rescue /mnt/tmp # mount -o bind /dev dev/
root@rescue /mnt/tmp # chroot ./ /bin/bash
---
install necessary packages mdadm / lvm2 for system to work
root@rescue:/# apt-get install mdadm lvm2 vim openssh-server man htop
---
erlaube temporär Root Login mit Passwort und setze ordentliches Passwort >20 Zeichen
root@rescue:/# vim /etc/ssh/sshd_config
root@rescue:/# passwd
New password:
Retype new password:
passwd: password updated successfully
root@rescue:/# grep -i PermitRoot /etc/ssh/sshd_config
PermitRootLogin yes
----
---
grub2 installieren zum booten der maschine
root@rescue:/# apt-get install grub2
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
grub-install: warning: this GPT partition label contains no BIOS Boot Partition; embedding won't be possible.
grub-install: error: embedding is not possible, but this is required for RAID and LVM install.
---
sda1 anpassen mach ma bios boot partition draus - ef02
root@rescue /mnt/tmp # gdisk /dev/sdb
GPT fdisk (gdisk) version 1.0.6
Partition table scan:
MBR: protective
BSD: not present
APM: not present
GPT: present
Found valid GPT with protective MBR; using GPT.
Command (? for help): ?
b back up GPT data to a file
c change a partition's name
d delete a partition
i show detailed information on a partition
l list known partition types
n add a new partition
o create a new empty GUID partition table (GPT)
p print the partition table
q quit without saving changes
r recovery and transformation options (experts only)
s sort partitions
t change a partition's type code
v verify disk
w write table to disk and exit
x extra functionality (experts only)
? print this menu
Command (? for help): t
Partition number (1-2): 1
Current type is EF01 (MBR partition scheme)
Hex code or GUID (L to show codes, Enter = EF01): ef02
Changed type of partition to 'BIOS boot partition'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/sdb.
Warning: The kernel is still using the old partition table.
The new table will be used at the next reboot or after you
run partprobe(8) or kpartx(8)
The operation has completed successfully
...
so muss es aussehen wenn von mbr / bios legacy gebootet wird
root@rescue /mnt/tmp # chroot ./ /bin/bash
root@master:/# grub-install /dev/sda
Installing for i386-pc platform.
Installation finished. No error reported.
root@master:/# grub-install /dev/sdb
Installing for i386-pc platform.
Installation finished. No error reported
---
raid1 infos vom hostsystem ins chroot
root@master:/# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
---
Kernel Installation
apt-get install linux-image-amd64
---
Netzwerk konfigurieren damit die MAschine auch korrekte IP Infos bekommt beim booten e.g.
/etc/default/grub
..
GRUB_CMDLINE_LINUX="net.ifnames=0"
...
update-grub2
...
--
Warning wegen fehlender Firmware sources (in dem Fall realtek Netzwerkkarte) anpassen non-free hinzufügen
root@master:~# cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main non-free
deb http://security.debian.org/debian-security bullseye-security main non-free
deb http://ftp.de.debian.org/debian bullseye-updates main non-free
root@master:~# apt-get install firmware-realtek
root@master:~# update-initramfs -k all -u
---
root@master:/# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address IP
netmask NETMASK
gateway GATEWAY
-----
fstab für root partition konfigurieren
root@master:/# cat /etc/fstab
# UNCONFIGURED FSTAB FOR BASE SYSTEM
LABEL=ROOT_FS / ext4 errors=remount-ro 0 1
---
check ob ich bereits booten kann
root@master /mnt # cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 sdb2[1] sda2[0]
1953227840 blocks super 1.2 [2/2] [UU]
[=====>...............] resync = 29.2% (571644672/1953227840) finish=157.0min speed=146638K/sec
bitmap: 11/15 pages [44KB], 65536KB chunk
unused devices: <none>
reboot
--
ja geht :)
Installation und Migration von "master" nach Rescue System bei Hetzner für Root Server
- keep it as simple and needed as possible :)
GPT Partitions / + MBR infos for grub2
root@rescue ~ # gdisk /dev/nvme0n1
GPT fdisk (gdisk) version 1.0.9
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: not present
Creating new GPT entries in memory.
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-1875384974, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-1875384974, default = 1875384319) or {+-}size{KMGTP}: +15M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): ef02
Changed type of partition to 'BIOS boot partition'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-1875384974, default = 32768) or {+-}size{KMGTP}:
Last sector (32768-1875384974, default = 1875384319) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/nvme0n1.
The operation has completed successfully.
root@rescue ~ # gdisk /dev/nvme1n1
GPT fdisk (gdisk) version 1.0.9
Partition table scan:
MBR: not present
BSD: not present
APM: not present
GPT: not present
Creating new GPT entries in memory.
Command (? for help): p
Disk /dev/nvme1n1: 1875385008 sectors, 894.3 GiB
Model: SAMSUNG MZQLB960HAJR-00007
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): 243689F2-6345-4BE3-B0C6-D536022B86E7
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 1875384974
Partitions will be aligned on 2048-sector boundaries
Total free space is 1875384941 sectors (894.3 GiB)
Number Start (sector) End (sector) Size Code Name
Command (? for help): n
Partition number (1-128, default 1):
First sector (34-1875384974, default = 2048) or {+-}size{KMGTP}:
Last sector (2048-1875384974, default = 1875384319) or {+-}size{KMGTP}: +15M
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): ef02
Changed type of partition to 'BIOS boot partition'
Command (? for help): n
Partition number (2-128, default 2):
First sector (34-1875384974, default = 32768) or {+-}size{KMGTP}:
Last sector (32768-1875384974, default = 1875384319) or {+-}size{KMGTP}:
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): fd00
Changed type of partition to 'Linux RAID'
Command (? for help): w
Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!
Do you want to proceed? (Y/N): y
OK; writing new GUID partition table (GPT) to /dev/nvme1n1.
The operation has completed successfully.
root@rescue ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 3.4G 1 loop
nvme0n1 259:0 0 894.3G 0 disk
├─nvme0n1p1 259:4 0 15M 0 part
└─nvme0n1p2 259:5 0 894.2G 0 part
nvme1n1 259:1 0 894.3G 0 disk
├─nvme1n1p1 259:6 0 15M 0 part
└─nvme1n1p2 259:7 0 894.2G 0 part
----
Software RAID1
root@rescue ~ # mdadm --create /dev/md0 --level=raid1 --raid-devices=2 /dev/nvme1n1p2 /dev/nvme0n1p2
mdadm: Note: this array has metadata at the start and
may not be suitable as a boot device. If you plan to
store '/boot' on this device please ensure that
your boot-loader understands md/v1.x metadata, or use
--metadata=0.90
Continue creating array? y
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md0 started.
root@rescue ~ # cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 nvme0n1p2[1] nvme1n1p2[0]
937543680 blocks super 1.2 [2/2] [UU]
[>....................] resync = 1.0% (9927488/937543680) finish=75.4min speed=205019K/sec
bitmap: 7/7 pages [28KB], 65536KB chunk
unused devices: <none>
-----
Physical Volume for LVM
root@rescue ~ # pvcreate /dev/md0
Physical volume "/dev/md0" successfully created.
----
Volume Group consisting of /dev/md0
root@rescue ~ # vgcreate master /dev/md0
Volume group "master" successfully created
---
Create root and var logical volumes
root@rescue ~ # lvcreate -L 85G -n root master
Logical volume "root" created.
root@rescue ~ # lvcreate -L 50G -n var master
Logical volume "var" created
-----
Create Snapshot for root and var on other machine:
root@master:~# lvcreate -L 20G -s -n root_snapshot_consistent /dev/master/root
Logical volume "root_snapshot_consistent" created.
root@master:~# lvs
root_snapshot_consistent master swi-a-s--- 20.00g root 0.01
root@master:~# lvcreate -L 20G -s -n var_snapshot_consistent /dev/master/var
Logical volume "var_snapshot_consistent" created.
root@master:~# lvs | grep -i var
var master owi-aos--- 50.00g
var_snapshot_consistent master swi-a-s--- 20.00g var 0.01
---
Move Snapshot to new machine from the running old machine:
root@master:~# dd if=/dev/master/root_snapshot_consistent bs=4M | ssh root@IP_SERVER_NEW "cat > /dev/master/root"
root@master:~# dd if=/dev/master/var_snapshot_consistent bs=4M | ssh root@IP_SERVER_NEW "cat > /dev/master/var"
session mit screen in den hintergrund d.h. eigene screen sitzung für beide befehle
dd fragen wie es mit dem Kopieren aussieht
root@master:~# kill -USR1 1746535
root@master:~# screen -r 1746289.pts-2.master
..
11431+0 records in
11430+0 records out
47940894720 bytes (48 GB, 45 GiB) copied, 562.821 s, 85.2 MB/s
strg +A -> strg +D (detach)
Remove snapshots when done:
root@master:~# lvremove -q -f /dev/master/var_snapshot_consistent
Logical volume "var_snapshot_consistent" successfully removed
root@master:~# lvremove -q -f /dev/master/root_snapshot_consistent
Logical volume "root_snapshot_consistent" successfully removed
----------
mounten auf dem rescue system
root@rescue /mnt # mount /dev/master/root /mnt/root/
root@rescue /mnt # mount /dev/master/var /mnt/root/var/
root@rescue /mnt/root # mount -t sysfs none sys/
root@rescue /mnt/root # mount -o bind /dev dev/
root@rescue /mnt/root # mount -o bind /dev/pts/ dev/pts/
root@rescue /mnt/root # mount -o bind /run/ run/
root@rescue /mnt/root # mount -t proc none proc/
Netzwerk Konfiguration anpassen
LVM Konfiguration anpassen (root@rescue:/etc/lvm/backup# vgscan - schreibt in /etc/lvm/backup/master )
MDADM erneut erstellen und schreiben (root@rescue:/# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf)
grub erneut installieren (root@rescue:/etc/lvm/backup# grub-install /dev/nvme0n1 / root@rescue:/etc/lvm/backup# grub-install /dev/nvme1n1 )
storage neu ( root@rescue:/# mkfs.btrfs -f -L STORAGE_FS -m dup /dev/master/storage)
initramfs neu schreiben (root@rescue:/etc/lvm/backup# update-initramfs -k all -u)
Passwort neu setzen (done)
reboot und hü :)
Installation von USB Stick (dvd iso)
- Die folgende Installation wurde mit 2x M.2 Crucial 500GB (https://www.amazon.de/-/en/dp/B0B25LQQPC?ref=ppx_yo2ov_dt_b_product_details&th=1) und dieser Firewall Appliance (https://www.amazon.de/-/en/dp/B0B53MKZBX?psc=1&ref=ppx_yo2ov_dt_b_product_details , https://www.amazon.de/-/en/dp/B08C4WV6FT?psc=1&ref=ppx_yo2ov_dt_b_product_details) durchgeführt.
- Basissystem: Debian 12 Bookworm :)
preseed erstellen für die Automatisierung der Installationsfragen
know-how/master.txt · Zuletzt geändert: 2025/06/23 14:12 von cc