您将如何远程擦除 linux 系统,以便在下次启动时它不会尝试从硬盘驱动器启动,而是更喜欢从网络启动?
我正在设置一个服务器将 pxe 引导的环境。我有一个工作示例,但是它将操作系统安装到驱动器。当我想运行另一个测试时,我需要走到机器旁,重新启动它,然后从活动磁盘启动并格式化驱动器。在下次启动时,它将再次尝试网络启动。
我能够通过 ssh 连接到机器,并尝试了以下方法:
两者都失败了,因为设备正在使用中。我试图卸载设备但没有运气。
有没有办法远程使机器无法启动,以便我可以更快地测试 pxe 配置?
我有一个绑定到 Active Directory 的 ubuntu 12.04 LTS 服务器。这是一个运行 gitlab 的 git 服务器。它使用 gitlab shell 而不是使用 gitolite
在日志中,我注意到每次“git”用户进行身份验证时,我都会在 /var/log/auth.log 中得到相同的 11 个错误
May 14 15:06:10 gitlab sshd[14775]: pam_unix(sshd:session): session opened for user git by (uid=0)
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: skel
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: =
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: /etc/skel/
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: mask=0077
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: skel
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: =
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: /etc/skel/
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: mask=0077
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: skel
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: =
May 14 15:06:10 gitlab sshd[14775]: pam_mkhomedir(sshd:session): unknown option: /etc/skel/
'git' 用户已经有一个主目录。
我对这个有点茫然。谷歌上的热门歌曲都没有说明这个问题。有没有人有任何想法?
更新
我对pam很陌生,这是我认为相关的配置文件
ls /etc/pam.d
atd chpasswd common-account common-password common-session-noninteractive login other polkit-1 samba su
chfn chsh common-auth common-session cron newusers passwd ppp sshd sudo
cat /etc/pam.d/common-session | grep -v '#'
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session optional pam_sss.so
session optional pam_mkhomedir.so skel = /etc/skel/ mask=0077
session optional pam_mkhomedir.so skel = /etc/skel/ mask=0077
session optional pam_mkhomedir.so skel = /etc/skel/ mask=0077
session optional pam_ck_connector.so nox11
cat /etc/pam.d/sshd | grep -v '#'
@include common-auth
account required pam_nologin.so
@include common-account
@include common-session
session required pam_limits.so
session required pam_env.so user_readenv=1 envfile=/etc/default/locale
@include common-password
我有一个通过 puppet 安装的 ruby on rails 应用程序(gitlab)。
测试系统上的一切都运行良好,但生产会产生一个关于 rake 的错误
Running /home/git/gitlab-shell/bin/check
Could not find rake-10.1.0 in any of the sources
Run bundle install to install missing gems.
这是完整的耙子检查:
root@gitlab:/home/git# sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
Checking Environment ...
Git configured for git user? ... yes
Has python2? ... yes
python2 is supported version? ... yes
Checking Environment ... Finished
Checking GitLab Shell ...
GitLab Shell version >= 1.7.1 ? ... OK (1.7.1)
Repo base directory exists? ... yes
Repo base directory is a symlink? ... no
Repo base owned by git:git? ... yes
Repo base access is drwxrws---? ... yes
update hook up-to-date? ... yes
update hooks in repos are links: ...
Could not find rake-10.1.0 in any of the sources
Run `bundle install` to install missing gems.
gitlab-shell self-check failed
Try fixing it:
Make sure GitLab is running;
Check the gitlab-shell configuration file:
sudo -u git -H editor /home/git/gitlab-shell/config.yml
Please fix the error above and rerun the checks.
Checking GitLab Shell ... Finished
Checking Sidekiq ...
Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking GitLab ...
Database config exists? ... yes
Database is SQLite ... no
All migrations up? ... yes
GitLab config exists? ... yes
GitLab config outdated? ... no
Log directory writable? ... yes
Tmp directory writable? ... yes
Init script exists? ... yes
Init script up-to-date? ... yes
projects have namespace: ...
Spencer Owen / bar ... yes
Projects have satellites? ...
Spencer Owen / bar ... can't create, repository is empty
Redis version >= 2.0.0? ... yes
Your git bin path is "/usr/bin/git"
Git version >= 1.7.10 ? ... yes (1.8.4)
Checking GitLab ... Finished
步骤 'gitlab-shell check' 有效地运行以下命令。如果我手动运行该命令,一切都会过去。
root@gitlab:/home/git/gitlab# sudo -u git -H /home/git/gitlab-shell/bin/check
Check GitLab API access: OK
Check directories and files:
/home/git/repositories: OK
/home/git/.ssh/authorized_keys: OK
我已经验证 rake 实际上已安装
root@gitlab:/home/git/gitlab# gem install rake -v 10.1.0
root@gitlab:/home/git/gitlab# bundle install
root@gitlab:/home/git/gitlab# sudo -u git -H gem install rake -v 10.1.0
root@gitlab:/home/git/gitlab# sudo -u git -H bundle install
Ruby 安装了更新选项
root@gitlab:/home/git/gitlab# sudo -u git -H ruby --version
ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
root@gitlab:/home/git/gitlab# sudo -u git -H ls -l `which ruby`
lrwxrwxrwx 1 root root 22 Oct 8 20:26 /usr/bin/ruby -> /etc/alternatives/ruby
root@gitlab:/home/git/gitlab# sudo -u git -H gem --version
2.1.10
root@gitlab:/home/git/gitlab# sudo -u git -H ls -l `which gem`
lrwxrwxrwx 1 root root 21 Oct 10 20:50 /usr/bin/gem -> /etc/alternatives/gem
我已经尝试过下面提到的解决方案,以允许共享 gem
https://stackoverflow.com/questions/19284914/bundle-exec-fails-with-could-not-find-rake-10-1-0-in-any -of-the-sources
https://stackoverflow.com/questions/18978002/could-not-find-rake-with-bundle-exec
root@gitlab:/home/git/gitlab# cat /home/git/gitlab/.bundle/config
---
BUNDLE_FROZEN: '1'
BUNDLE_PATH: vendor/bundle
BUNDLE_WITHOUT: development:test:postgres
BUNDLE_DISABLE_SHARED_GEMS: '1'
我已经用尽了谷歌,所以我希望有更熟悉 ruby 的人提供任何解决该错误的想法。Could not find rake-10.1.0 in any of the sources
我在解决此问题时的所有笔记都位于此处
那里似乎有很多问题和指南,指导如何设置 nginx 以将 http 请求重定向到 https。许多已经过时,或者完全是错误的。
# MANAGED BY PUPPET
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;
}
# setup server with or without https depending on gitlab::gitlab_ssl variable
server {
listen *:80;
server_name gitlab.localdomain;
server_tokens off;
root /nowhere;
rewrite ^ https://$server_name$request_uri permanent;
}
server {
listen *:443 ssl default_server;
server_name gitlab.localdomain;
server_tokens off;
root /home/git/gitlab/public;
ssl on;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES:HIGH:!ADH:!MDF;
ssl_prefer_server_ciphers on;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# @gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html @gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab puma)
location @gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
每次配置更改后我都重新启动,但访问时仍然只看到“欢迎使用 nginx”页面http://192.168.33.10。而https://192.168.33.10完美地工作。
为什么nginx仍然不会将http请求重定向到https?
我也尝试过以下配置
listen *:80;
server_name <%= @fqdn %>;
#root /nowhere;
#rewrite ^ https://$server_name$request_uri? permanent;
#rewrite ^ https://$server_name$request_uri permanent;
#return 301 https://$server_name$request_uri;
#return 301 http://$server_name$request_uri;
#return 301 http://192.168.33.10$request_uri;
return 301 http://$host$request_uri;
日志
tailf /var/log/nginx/access.log
192.168.33.1 - - [22/Oct/2013:03:41:39 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0"
192.168.33.1 - - [22/Oct/2013:03:44:43 +0000] "GET / HTTP/1.1" 200 133 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0"
tailf /var/log/nginx/gitlab_error.lob
2013/10/22 02:29:14 [crit] 27226#0: *1 connect() to unix:/home/git/gitlab/tmp/sockets/gitlab.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.33.1, server: gitlab.localdomain, request: "GET / HTTP/1.1", upstream: "http://unix:/home/git/gitlab/tmp/sockets/gitlab.socket:/", host: "192.168.33.10"
资源
https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
如何使 nginx 重定向
如何在 nginx 中强制或重定向到 SSL?
nginx ssl 重定向
Nginx & Https 重定向
https://www.tinywp.in/301-redirect-wordpress/
如何在 nginx 中强制或重定向到 SSL?
我需要在 ubuntu 12.04 服务器上安装 puppet 3.2.0 或更高版本以及 ruby 2.0.0-p247。
没有ruby 1.8就没有办法安装puppet吗?
我的大部分经验来自 CentOS,所以我可能会遗漏一些简单的 apt。
我的设置:
确保没有红宝石存在
root@gitlab:~# which ruby
root@gitlab:~# ruby --version
The program 'ruby' can be found in the following packages:
* ruby1.8
* ruby1.9.1
Try: apt-get install <selected package>
从官方 ppa 安装 puppet
root@gitlab:~# cat /etc/apt/sources.list.d/puppetlabs.list
deb http://apt.puppetlabs.com precise main
deb-src http://apt.puppetlabs.com precise main
deb http://apt.puppetlabs.com precise dependencies
deb-src http://apt.puppetlabs.com precise dependencies
最新版puppet在apt中列出
root@gitlab:~# apt-cache policy puppet|head
puppet:
Installed: (none)
Candidate: 3.3.0-1puppetlabs1
Version table:
3.3.0-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.4-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.3-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
安装 puppet 3.3.0 会自动带来 ruby 1.8。
root@gitlab:~# apt-get install puppet-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
augeas-lenses debconf-utils facter hiera libaugeas-ruby libaugeas-ruby1.8 libaugeas0 libjson-ruby libruby libruby1.8
libshadow-ruby1.8 ruby ruby-json ruby-rgen ruby1.8 virt-what
Suggested packages:
augeas-doc augeas-tools ruby-selinux libselinux-ruby1.8 librrd-ruby1.9.1 librrd-ruby1.8 ri ruby-dev ruby1.8-examples ri1.8
The following NEW packages will be installed:
augeas-lenses debconf-utils facter hiera libaugeas-ruby libaugeas-ruby1.8 libaugeas0 libjson-ruby libruby libruby1.8
libshadow-ruby1.8 puppet-common ruby ruby-json ruby-rgen ruby1.8 virt-what
0 upgraded, 17 newly installed, 0 to remove and 92 not upgraded.
Need to get 3,664 kB of archives.
After this operation, 14.1 MB of additional disk space will be used.
Do you want to continue [Y/n]?
木偶版
root@gitlab:/tmp/ruby-2.0.0-p247# puppet --version
3.3.0
红宝石版本
root@gitlab:/tmp/ruby-2.0.0-p247# ruby --version
ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]
(请注意,ruby 是通过更新选项自动安装的)
root@gitlab:/tmp/ruby-2.0.0-p247# ll `which ruby`
lrwxrwxrwx 1 root root 22 Sep 18 02:57 /usr/bin/ruby -> /etc/alternatives/ruby*
root@gitlab:/tmp/ruby-2.0.0-p247# update-alternatives --list ruby
/usr/bin/ruby1.8
然后我从源代码将 ruby 2.0 安装到它自己的目录中
./configure --prefix=/usr/bin/ruby2.0
然后用 update-alternatives 注册 ruby 2.0
update-alternatives --install /usr/bin/ruby ruby /usr/bin/ruby2.0/bin/ruby 10
通过 update-alternatives 切换到 ruby 2.0
root@gitlab:/tmp/ruby-2.0.0-p247# update-alternatives --set ruby /usr/bin/ruby2.0/bin/ruby
update-alternatives: using /usr/bin/ruby2.0/bin/ruby to provide /usr/bin/ruby (ruby) in manual mode.
root@gitlab:/tmp/ruby-2.0.0-p247# ruby --version
ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-linux]
我已经这样做了好几次,只要which ruby指向除 1.8 以外的任何 ruby 版本,puppet 都会返回以下错误:
root@gitlab:/tmp/ruby-2.0.0-p247# puppet --version
/usr/bin/ruby2.0/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require': cannot load such file -- puppet/util/command_line (LoadError)
from /usr/bin/ruby2.0/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:45:in `require'
from /usr/bin/puppet:3:in `<main>'
如何使用 ruby 2.0 安装 puppet?
Puppet 3.3 与 ruby 2.0 兼容,因为它在puppet 的网站上列出
其他资源
http://projects.puppetlabs.com/issues/18494
RVM 似乎比我需要的复杂得多。此外,常见问题解答说不要将它与 sudo 一起使用,或者以我必须做的 root 身份运行它。
https://rvm.io/
http://rvm.io/support/faq
https://stackoverflow.com/questions/1892877/how-do-i-make-ruby-1-9-the-default-ruby-on-ubuntu
Ubuntu 12.04 LTS 服务器木偶 3.1.1
根据 puppet 文档,安装 puppet 的最佳方法是设置一个包。
http://docs.puppetlabs.com/guides/puppetlabs_package_repositories.html#for-debian-and-ubuntu
因此对于 ubuntu 12.04,您将运行以下命令:
$ wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
$ sudo dpkg -i puppetlabs-release-precise.deb
$ sudo apt-get update
我不明白为什么即使在运行这些命令并进行 apt-get upgrade 之后,puppet 仍然是 3.1.1 版本(而不是更新的 3.3.x)。
我几乎完全使用 CentOS 服务器,而且我对 Debian 不是很熟悉。
查看http://apt.puppetlabs.com/pool/precise/main/p/的内容显示 .deb 文件最后一次更新是在 2013 年 9 月 12 日,这应该意味着该文件是最新的。[] puppet_3.3.0-1puppetlabs1_all.deb 2013 年 9 月 12 日 16:37 9.4K
更新 我忘了提,我已经运行了 apt-get upgrade
root@gitlab:/tmp# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
linux-headers-generic-lts-quantal linux-image-generic-lts-quantal
0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.
root@gitlab:/tmp# apt-get upgrade puppet
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
linux-headers-generic-lts-quantal linux-image-generic-lts-quantal
0 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.
更新2
木偶 3.1.1。最初是作为我正在运行的 vagrant box 的一部分安装的
root@gitlab:~# cat /etc/apt/sources.list.d/puppetlabs.list
# Puppetlabs products
deb http://apt.puppetlabs.com precise main
deb-src http://apt.puppetlabs.com precise main
# Puppetlabs dependencies
deb http://apt.puppetlabs.com precise dependencies
deb-src http://apt.puppetlabs.com precise dependencies
root@gitlab:~# puppet --version
3.1.1
更新3
root@gitlab:~# apt-cache policy puppet
puppet:
Installed: (none)
Candidate: 3.3.0-1puppetlabs1
Version table:
3.3.0-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.4-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.3-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.2-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.1-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.1.1-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
.... truncated for readability
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.11-1ubuntu2.4 0
500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
2.7.11-1ubuntu2 0
500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
2.7.11-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.6.18-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.6.14-1puppetlabs1 0
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
root@gitlab:~# puppet --version
3.1.1
您将如何使用 facter 和 puppet 来确定操作系统是运行 Cent 6.x 还是 Cent 5.x ?
facter operatingsystemrelease
6.4
我只关心主要版本(6)
我曾考虑过使用 awk,但必须有一种更好的方法,对“木偶清单”更友好。
#This works, but is ugly trying to use this in a puppet manifest
facter operatingsystemrelease |awk -F. '{print $1}'
6
更新:
看起来新版本的facter有一些关于主要版本的附加信息,这些信息不在我的版本中。我的初始配置需要假设因素已过时。
facter --version
1.6.4
puppet --version
2.7.20
我尝试使用以下命令搜索可能显示主要版本的任何其他事实
facter |grep 6
用户在其主目录中有 2 个 vagrant 项目。Mac 操作系统 10.8
第一个 vagrant 实例是几个月前创建的,当时用户运行的是旧版本 (1.1.x),第二个实例是使用 1.2.2 版本创建的。(因此 vagrant 文件语法略有不同)
问题是第一个实例(较旧的实例)启动,并在用户使用端口转发导航到 localhost:8080 时成功显示 apache 欢迎页面。http://docs.vagrantup.com/v2/networking/forwarded_ports.html
第二个实例不显示 apache 欢迎页面。
Vagrant::Config.run do |config|
config.vm.box = "lucid32"
config.vm.provision :shell, :path => "bootstrap.sh"
config.vm.network :bridged
config.vm.forward_port 80, 8080
end
Vagrant.configure("2") do |config|
config.vm.box = "lucid32"
config.vm.network :forwarded_port, guest: 80, host: 8080
config.vm.network :public_network
config.vm.provision :puppet do |puppet|
puppet.manifests_path = "manifests"
puppet.manifest_file = "init.pp"
config.vm.hostname = 'salesforce'
end
end
我已经验证了以下内容:
两个实例都安装并运行了 apache2
我能够运行 curl localhost:8080 并检索 apache 测试页面的 html
我一次只运行 1 个实例以避免与端口 8080 冲突
两个实例都绑定到同一个网卡
什么可能会阻止端口转发在较新的 vagrant 实例上工作?
一个公寓大楼有光纤互联网,但在上个月遇到了延迟问题。
租户经常遇到超时和损坏的网页。当前的解决方法是刷新网页六次,直到它正确加载。
症状是:
可以使用哪些其他诊断工具来识别问题?ISP 说一切正常。
traceroute 显示第 9 跳有巨大的延迟(几秒)。
traceroute google.com
traceroute: Warning: google.com has multiple addresses; using 74.125.224.168
traceroute to google.com (74.125.224.168), 64 hops max, 52 byte packets
1 10.90.4.1 (10.90.4.1) 3.086 ms 0.738 ms 0.683 ms
2 69.169.148.1.provo.static.broadweavenetworks.net (69.169.148.1) 0.907 ms 1.135 ms 0.893 ms
3 10.8.201.41 (10.8.201.41) 1.040 ms 1.552 ms 11.494 ms
4 97.75.190.142 (97.75.190.142) 1.343 ms 1.347 ms 0.946 ms
5 97.75.190.137 (97.75.190.137) 1.290 ms 1.609 ms 1.202 ms
6 97.75.191.66 (97.75.191.66) 2.463 ms 2.146 ms 2.161 ms
7 97.75.191.54 (97.75.191.54) 2.406 ms 2.281 ms 2.616 ms
8 te-9-3.car1.saltlakecity1.level3.net (4.53.40.105) 3.014 ms 2.330 ms 2.241 ms
9 * * *
10 ae-61-61.csw1.losangeles1.level3.net (4.69.137.2) 15.805 ms
ae-91-91.csw4.losangeles1.level3.net (4.69.137.14) 15.441 ms 15.160 ms
11 * ae-1-60.edge1.losangeles9.level3.net (4.69.144.10) 17.204 ms 15.983 ms
12 google-inc.edge1.losangeles9.level3.net (4.53.228.6) 92.445 ms 82.679 ms 107.813 ms
13 64.233.174.238 (64.233.174.238) 21.234 ms 21.016 ms 21.321 ms
14 72.14.236.11 (72.14.236.11) 21.577 ms 21.630 ms 21.568 ms
15 lax02s01-in-f8.1e100.net (74.125.224.168) 20.798 ms 20.687 ms 20.666 ms
影响大多数网页(google、apple.com、facebook.com 等)
(第 9、17 和 18 行都需要很长时间)。
traceroute beachbody.com
traceroute to beachbody.com (66.208.81.68), 64 hops max, 52 byte packets
1 10.90.4.1 (10.90.4.1) 1.038 ms 0.830 ms 0.767 ms
2 69.169.148.1.provo.static.broadweavenetworks.net (69.169.148.1) 0.988 ms 0.934 ms 0.928 ms
3 10.8.201.41 (10.8.201.41) 1.357 ms 1.375 ms 1.500 ms
4 10.8.101.5 (10.8.101.5) 1.405 ms 1.579 ms 1.115 ms
5 eth_3-3_prv02-rt02.veracitynetworks.com (97.75.190.166) 10.601 ms 1.563 ms 1.754 ms
6 97.75.191.66 (97.75.191.66) 2.857 ms 13.554 ms 2.833 ms
7 97.75.191.54 (97.75.191.54) 2.760 ms 2.394 ms 4.350 ms
8 te-9-3.car1.saltlakecity1.level3.net (4.53.40.105) 2.352 ms 2.311 ms 2.340 ms
9 * * *
10 ae-61-61.csw1.losangeles1.level3.net (4.69.137.2) 29.086 ms
ae-71-71.csw2.losangeles1.level3.net (4.69.137.6) 28.958 ms
ae-91-91.csw4.losangeles1.level3.net (4.69.137.14) 28.863 ms
11 ae-82-82.ebr2.losangeles1.level3.net (4.69.137.25) 28.075 ms
ae-72-72.ebr2.losangeles1.level3.net (4.69.137.21) 28.508 ms
ae-62-62.ebr2.losangeles1.level3.net (4.69.137.17) 29.029 ms
12 ae-6-6.ebr2.sanjose5.level3.net (4.69.148.202) 28.672 ms 28.586 ms 28.223 ms
13 ae-2-2.ebr2.sanjose1.level3.net (4.69.148.142) 28.426 ms 28.341 ms 29.611 ms
14 ae-4-4.car2.sacramento1.level3.net (4.69.132.157) 28.834 ms 29.236 ms 29.231 ms
15 ragingwire.car2.sacramento1.level3.net (4.53.202.22) 29.339 ms 29.406 ms 29.584 ms
16 resisp-74-221-224-49.smf.ragingwire.net (74.221.224.49) 26.096 ms 25.930 ms 26.575 ms
17 * 204.212.188.26 (204.212.188.26) 28.459 ms !X *
18 204.212.188.26 (204.212.188.26) 25.650 ms !X * 26.197 ms !X
更新 1
这是同一台笔记本电脑的跟踪路由,但网络位置不同(已清理)。
beachbody.com 在位置 1 有 95% 的时间失败。beachbody.com 在位置 2 有 100% 的时间成功。
traceroute beachbody.com
traceroute to beachbody.com (66.208.81.68), 64 hops max, 52 byte packets
1 foo.acme (y.y.y.y) 1.716 ms 13.343 ms 6.139 ms
2 x.x.x.x (x.x.x.x) 74.524 ms 158.532 ms 6.721 ms
3 tg9-2.cr01.slkcutxd.integra.net (209.63.98.37) 33.225 ms 24.794 ms 24.587 ms
4 * be4.sc01.sntdcabl.integra.net (209.63.82.166) 32.474 ms 36.895 ms
5 be1.br02.plalca01.integra.net (209.63.100.118) 24.120 ms 22.298 ms 22.176 ms
6 peer-02.palo.twtelecom.net (198.32.175.111) 21.401 ms 22.576 ms 21.492 ms
7 oak1-ar1-xe-0-1-0-0.us.twtelecom.net (206.222.120.214) 23.042 ms 22.441 ms 48.562 ms
8 74.202.6.2 (74.202.6.2) 29.358 ms 32.253 ms 30.283 ms
9 204.212.188.26 (204.212.188.26) 25.949 ms !X 30.199 ms !X *
Update 2
进一步调查显示这只影响 Mac 用户!
与 Veracity 的第二次电话确认异常高比例的 Mac 用户报告了 iTunes 问题。3 级技术人员不知道是什么原因造成的。
同时更新
2 台计算机上 wireshark 中的 3 个捕获事件
Mac(有问题)
http://cl.ly/0o1D2r0K1s2s
Filter = "ip.dst==e3570.b.akamaiedge.net"
Windows(问题不影响 Windows 电脑)
http://cl.ly/3v3e1s2M1W27
Filer = "ip.dst==e3570.b.akamaiedge.net"
Ctrl + F "beachbody"
我不知道为什么源/目的地是 ip.dst==e3570.b.akamaiedge.net 而不是“beachbody.com”或 66.208.81.68(沙滩身体网站 ip)
使用傀儡清单,你如何确保官方的 cent 'base' repo 存在。
添加内部美分回购的示例
http://seriousbirder.com/blogs/how-to-create-a-puppet-yum-repo-module/
debian 系统示例
每个用户每天创建和销毁 15 个以上的虚拟机。VM 在公司内部的 OpenStack 云中创建。
每当一个新的虚拟机被分配一个之前已经分发过的 IP 地址时,用户就会得到可怕的主机密钥验证失败错误。known_hosts这是因为 ssh 密钥与用户文件中的 IP 地址不匹配。
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xxxxxxxxxxx
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending key in /home/user/.ssh/known_hosts:4
RSA host key for domain.com has changed and you have requested strict checking.
Host key verification failed.
我能看到的两个解决方案是:
ssh-keygen -RipAddress-(用户已经厌倦了这个解决方案,从那以后每天都会多次遇到它)有什么方法可以防止此错误消息,同时保持安全?也许只关闭特定子网的安全检查?
按照 5.1 说明安装 gitlab
https://github.com/gitlabhq/gitlabhq/blob/master/doc/install/installation.md
当我运行命令来测试安装时,出现错误“Git configured for user? ... no”
root@gitlab:/home/git/gitlab# sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
Checking Environment ...
Git configured for git user? ... no
Try fixing it:
sudo -u git -H git config --global user.name "GitLab"
sudo -u git -H git config --global user.email "gitlab@gitlab.ac"
For more information see:
doc/install/installation.md in section "GitLab"
Please fix the error above and rerun the checks.
Has python2? ... yes
python2 is supported version? ... yes
说明中没有任何一点说要为 git 用户设置 user.name 和 user.email。我可以安全地忽略此警告,还是应该偏离说明进行设置?
您可以像这样将参数传递给 puppet .....
class foo ($install_version) }
#checkout git branch depending on $install_version
}
如果没有传入 $install_version,如何设置 $install_version 的默认值?
理想情况下,清单将检出所需的 git 分支,但如果未指定分支,它将检出主分支。
http://docs.puppetlabs.com/guides/parameterized_classes.html
您如何创建一个“使用”人偶锻造厂模块之一的人偶清单?
class foo {
include puppetlabs-git (<- this doesn't work)
#https://forge.puppetlabs.com/puppetlabs/git
package {'openssl-devel':
ensure => latest,
}
#package {'git': (<- commented out because it seems like there is a better way using puppet forge)
# ensure => installed,
#}
}
class {'foo': }