专业自考

相关证书

CentOS8 RHCSA (redhat EX200)

CentOS8 RHCE (redhat EX294)

Protel99SE

附RHCSA新题 podman 试题

基本信息:

注册服务器 registry.network9.example.com
访问注册服务器 用户名 admin 密码registrxxx
servera
容器管理用户为eldorado(以考试要求为准,如果没有则需要创建)

一、 容器开机自启

1.1 安装容器相关软件

1
# yum module install container-tools -y

1.2 登录注册镜像服务器(账号以考试环境为准)

注意,这里是考试环境时,因使用的是内网的服务,因此需要登录认证

1
2
3
4
# 如果用户不存在
# useradd eldorado
# su - eldorado
# podman login registry.network9.example.com

1.3 使用syslog镜像创建一个名为logserver的容器

1.3.1 将其配置为systemd服务的形式运行,仅面向eldorado用户

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# su - eldorado 
# podman search syslog
# 注我这里使用的公网镜像,大家在考试时应该使用用 search 命令找到 syslog 的本地源镜像
# podman pull docker.io/rsyslog/syslog_appliance_alpine

#podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/rsyslog/syslog_appliance_alpine latest 93bb7d1f5f5a 2 years ago 14.6 MB
#podman create --name logserver 93bb7d1f5f5a
0a11b239e011f76f1374ff961c85d7fa50516385d33539c3e3797cfca6a35cf0
# 以上操作即对应创建一个名为logserver的容器
#podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0a11b239e011 docker.io/rsyslog/syslog_appliance_alpine:latest rsyslog 59 seconds ago Created logserver
# mkdir ~/.config/systemd/user/
#podman generate systemd --name logserver --files
/home/eldorado/.config/systemd/user/container-logserver.service
#ls
container-logserver.service
# vim container-logserver.service
将WantedBy=muti-user.target 改为 WantedBy=default.target # 这里对应redhat8的环境做的修改、考试环境
# 以上操作创建对应的服务 service
ssh eldorado@xxx.xx.xxx.xxx
#systemctl --user daemon-reload
#systemctl --user restart container-logserver.service
#systemctl --user enable container-logserver.service
#podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0a11b239e011 docker.io/rsyslog/syslog_appliance_alpine:latest rsyslog 18 minutes ago Up 23 seconds ago logserver
#
#

注: systemctl 重载需要eldorado这个普通用户ssh登录 我这里没有别的好的方法,大家的话,提醒我一下、

接下来还要确保退出登录后能开启服务

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#loginctl enable-linger
#loginctl show-user eldorado
UID=1004
GID=1004
Name=eldorado
Timestamp=Tue 2021-03-09 10:15:41 CST
TimestampMonotonic=10240923766357
RuntimePath=/run/user/1004
Service=user@1004.service
Slice=user-1004.slice
Display=1820
State=active
Sessions=1820
IdleHint=no
IdleSinceHint=0
IdleSinceHintMonotonic=0
Linger=yes

到此第一大题完成

二、容器持久化存储、通过以下方式拓展上一个任务服务

2.1 配置主机系统日志以在系统重新引导后保留其数据,并重新启动日志服务

2.2 将主机 /var/log/journal 目录及任何目录中的任何*.journal文件复制到目录 /home/eldorado/container-journal中

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#vim /etc/systemd/journald.conf
[Journal]
Storage=persistent
# 保存退出
ls /var/log/journal/*
system@00000000000000000000000000000000-0000000000000bec-0005af4114098548.journal
system@00000000000000000000000000000000-0000000000000ef3-0005b3c0221f66c5.journal
system@00000000000000000000000000000000-0000000000006a26-0005b6248df36ec1.journal
system@00000000000000000000000000000000-000000000000de5f-0005b888da440d24.journal
system.journal
user-1000@ffa11b1936c844ef96a7652505ddb05d-00000000000016ff-0005b3cd890694ff.journal
user-1000@ffa11b1936c844ef96a7652505ddb05d-0000000000007ed6-0005b6a0d75eac16.journal
user-1000@ffa11b1936c844ef96a7652505ddb05d-000000000000de89-0005b88975fd72aa.journal
user-1000.journal
user-1001@fb2886e039314322917ff8498f262183-0000000000007372-0005b66773016ad2.journal
user-1001.journal
user-1002@5b1a3209b66d47e49efc62e69caa878d-000000000000a559-0005b76dda054828.journal
user-1002@5b1a3209b66d47e49efc62e69caa878d-000000000000ded7-0005b889a0dfccc8.journal
user-1002.journal
user-1003.journal
user-1004.journal
# 查看有日志已经记录进来
#mkdir /home/eldorado/container-journal
#cp -a /var/log/journal/*/*.journal /home/eldorado/container-journal/
#ls -l /home/eldorado/container-journal/
总用量 270336
-rw-r-----+ 1 root systemd-journal 8388608 11月 10 20:51 system@00000000000000000000000000000000-0000000000000bec-0005af4114098548.journal
-rw-r-----+ 1 root systemd-journal 33554432 12月 11 07:25 system@00000000000000000000000000000000-0000000000000ef3-0005b3c0221f66c5.journal
-rw-r-----+ 1 root systemd-journal 33554432 1月 10 18:00 system@00000000000000000000000000000000-0000000000006a26-0005b6248df36ec1.journal
-rw-r-----+ 1 root systemd-journal 41943040 2月 10 04:25 system@00000000000000000000000000000000-000000000000de5f-0005b888da440d24.journal
-rw-r-----+ 1 root systemd-journal 58720256 3月 9 10:30 system.journal
-rw-r-----+ 1 root systemd-journal 8388608 11月 16 20:04 user-1000@ffa11b1936c844ef96a7652505ddb05d-00000000000016ff-0005b3cd890694ff.journal
-rw-r-----+ 1 root systemd-journal 8388608 1月 10 17:58 user-1000@ffa11b1936c844ef96a7652505ddb05d-0000000000007ed6-0005b6a0d75eac16.journal
-rw-r-----+ 1 root systemd-journal 8388608 2月 9 15:40 user-1000@ffa11b1936c844ef96a7652505ddb05d-000000000000de89-0005b88975fd72aa.journal
-rw-r-----+ 1 root systemd-journal 8388608 3月 4 10:41 user-1000.journal
-rw-r-----+ 1 root systemd-journal 8388608 12月 17 22:02 user-1001@fb2886e039314322917ff8498f262183-0000000000007372-0005b66773016ad2.journal
-rw-r-----+ 1 root systemd-journal 8388608 2月 10 04:35 user-1001.journal
-rw-r-----+ 1 root systemd-journal 8388608 1月 3 14:05 user-1002@5b1a3209b66d47e49efc62e69caa878d-000000000000a559-0005b76dda054828.journal
-rw-r-----+ 1 root systemd-journal 16777216 2月 9 18:01 user-1002@5b1a3209b66d47e49efc62e69caa878d-000000000000ded7-0005b889a0dfccc8.journal
-rw-r-----+ 1 root systemd-journal 8388608 3月 3 17:43 user-1002.journal
-rw-r-----+ 1 root systemd-journal 8388608 3月 7 15:42 user-1003.journal
-rw-r-----+ 1 root systemd-journal 8388608 3月 9 10:19 user-1004.journal
# [asjin root 10:30:43] [二 3月 09] ~
# chown eldorado:eldorado /home/eldorado/container-journal/ -R

重新启动容器,这里要注意需要删除上一题中启动的容器和服务

2.3 将服务器配置应用启动时自动将目录 /home/eldorado/container-journal/ 目录到容器中的/var/log/journal下面

1
2
3
4
#podman  rm -f -a
0a11b239e011f76f1374ff961c85d7fa50516385d33539c3e3797cfca6a35cf0
#cd ~/.config/systemd/user/
#rm -rf *
1
2
3
4
5
6
7
8
9
10
11
12
13
#podman create --name logserver -v /home/eldorado/container-journal/:/var/log/journal:z 93bb7d1f5f5a
#podman generate systemd --name logserver --files
/home/eldorado/.config/systemd/user/container-logserver.service
# vim container-logserver.service
将WantedBy=muti-user.target 改为 WantedBy=default.target # 这里对应redhat8的环境做的修改、考试环境
#systemctl --user daemon-reload
#podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
68f250a6ee0d docker.io/rsyslog/syslog_appliance_alpine:latest rsyslog 3 minutes ago Up 9 seconds ago logserver
#systemctl --user start container-logserver.service
#systemctl --user enable container-logserver.service
Created symlink /home/eldorado/.config/systemd/user/multi-user.target.wants/container-logserver.service → /home/eldorado/.config/systemd/user/container-logserver.service.
Created symlink /home/eldorado/.config/systemd/user/default.target.wants/container-logserver.service → /home/eldorado/.config/systemd/user/container-logserver.service.

至此第二大题完成

补充: 关于Storage=persistent 的参数说明

  • persistent 表示优先保存到磁盘上,也就是优先保存在/var/log/journal

评论