DHCP,DNS,FTP,HTTP综合服务架设

安装另一块20G硬盘，建立逻辑卷，使FTP的家目录容量足够大：

[root@server1 ~]# fdisk /dev/sdb

n,p,1,回车，回车，t,8e,p,w

[root@server1 ~]# pvcreate /dev/sdb1

dev_is_mpath: failed to get device for 8:17

Writing physical volume data to disk "/dev/sdb1"

Physical volume "/dev/sdb1" successfully created

[root@server1 ~]# pvscan

PV/dev/sda5VG vg_ftplvm2 [5.84 GB / 0free]

PV/dev/sdb1lvm2[19.99 GB]

Total: 2 [25.84 GB] / in use: 1 [5.84 GB] / in no VG: 1 [19.99 GB]

[root@server1 ~]# vgextend vg_ftp /dev/sdb1

Volume group "vg_ftp" successfully extended

[root@server1 ~]# vgdisplay

---Volume group ---

VGNamevg_ftp

System ID

Formatlvm2

Metadata Areas2

Metadata Sequence No3

VGAccessread/write

VGStatusresizable

MAXLV0

CurLV1

Open LV1

MaxPV0

CurPV2

ActPV2

VGSize25.81 GB

PESize32.00 MB

Total PE826

Alloc PE / Size187 / 5.84GB

FreePE / Size639 / 19.97 GB

VGUUID3nTwDI-zR1y-SEeN-6S3A-KpPC-S0Hb-MsC1CP

[root@server1 ~]# lvextend -L 25G/dev/vg_ftp/lv_ftp

Extending logical volume lv_ftp to 25.00 GB

Logical volume lv_ftp successfully resized

[root@server1 ~]# lvscan

ACTIVE'/dev/vg_ftp/lv_ftp' [25.00 GB] inherit

[root@server1 ~]# resize2fs/dev/vg_ftp/lv_ftp

[root@server1 ~]# mount -o remount/dev/vg_ftp/lv_ftp

[root@server1 ~]# df -hT /var/ftp/

文件系统类型容量已用可用已用% 挂载点

/dev/mapper/vg_ftp-lv_ftp

ext325G4.6G19G20% /var/ftp

[root@server1 ~]# vim/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

BOOTPROTO=static

BROADCAST=192.168.10.255

HWADDR= 00:0C:29:30:A6:53

IPADDR=192.168.10.254

IPV6INIT=yes

IPV6_AUTOCONF=yes

NETMASK=255.255.255.0

NETWORK=192.168.10.0

ONBOOT=yes

[root@server1 ~]# service network restart

[root@server1 ~]# ifconfig eth0

eth0Link encap:EthernetHWaddr00:0C:29:30:A6:53

inet addr:192.168.10.254Bcast:192.168.10.255Mask:255.255.255.0

建立FTP家目录下的yum源文件，和CentOs5.10光盘镜像：

[root@server1 ~]# mkdir -p/var//ftp/pub/OS/5.10

[root@server1 ~]# mkdir -p/var/ftp/pub/Redhat/5.9

[root@server1 ~]# mkdir /var/ftp/pub/repo

[root@server1 ~]# cp -r /misc/cd/var/ftp/pub/OS/5.10/

[root@server1 ~]# cp -p CentOS-Base.repo cent.repo

[root@server1 yum.repos.d]# mkdir date

[root@server1 yum.repos.d]# mv Cent* date

[root@server1 yum.repos.d]# vim cent.repo

[Centos]

name=CentOS

baseurl=ftp://192.168.10.254/pub/OS/Cent/5.10/cd

enabled=1

gpgcheck=0

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

[root@server1 ~]# cp -p/etc/yum.repos.d/cent.repo /var/ftp/pub/repo/

安装FTP服务：

[root@server1 ~]# rpm -q vsftpd

vsftpd-2.0.5-28.el5

[root@server1 ~]# service vsftpd status

vsftpd (pid 3954) 正在运行...

[root@server1 ~]# yum -y install dhcp

Installed:

dhcp.x86_64 12:3.0.5-33.el5_9

Complete!

[root@server1 ~]# vim /etc/dhcpd.conf

ddns-update-style interim;

subnet 192.168.10.0 netmask 255.255.255.0 {

option routers192.168.10.1;

option subnet-mask255.255.255.0;

option domain-name-servers192.168.10.254;

range dynamic-bootp 192.168.10.8 192.168.10.200;

default-lease-time 21600;

max-lease-time 43200;

host ns {

hardware ethernet12:34:56:78:AB:CD;

fixed-address 207.175.42.254;

}

}

[root@server1 ~]# service dhcpd restart

启动 dhcpd：[确定]

[root@server1 ~]# chkconfig dhcpd on

用dhcp为一台客户机分配IP地址，并用Rsync从该设备拷贝Redhat镜像与YUM源配置文件：

[root@server1 ~]# rsyncroot@192.168.10.200:/misc/cd /var/ftp/pub/Redhat/5.9/

The authenticity of host '192.168.10.200(192.168.10.200)' can't be established.

RSA key fingerprint is59:e7:33:bf:3c:23:05:68:b4:0c:19:00:78:58:75:de.

Are you sure you want to continueconnecting (yes/no)? yes

Warning: Permanently added '192.168.10.200'(RSA) to the list of known hosts.

root@192.168.10.200's password:

[root@server1 ~]# ls/var/ftp/pub/Redhat/5.9/cd/

ClusterREADME-te.htmlRELEASE-NOTES-U9-en.html

ClusterStorageREADME-zh_CN.htmlRELEASE-NOTES-U9-es.html

EULAREADME-zh_TW.htmlRELEASE-NOTES-U9-fr.html

eula.en_USRELEASE-NOTES-as.htmlRELEASE-NOTES-U9-gu.html

GPLRELEASE-NOTES-bn.htmlRELEASE-NOTES-U9-hi.html

p_w_picpathsRELEAS

[root@server1 ~]# rsyncroot@192.168.10.200:/etc/yum.repos.d/redhat.repo /var/ftp/pub/repo/

root@192.168.10.200's password:

[root@server1 ~]# ls /var/ftp/pub/repo/

cent.repolocal.reporedhat.repo

安装，配置DNS及NTP服务：

[root@server1 ~]# yum -y install bind-9*bind-ch* cach*

Installed:

bind.x86_64 30:9.3.6-20.P1.el5_8.6

bind-chroot.x86_64 30:9.3.6-20.P1.el5_8.6

caching-nameserver.x86_64 30:9.3.6-20.P1.el5_8.6

Complete!

root@server1 ~]# cd /var/named/chroot/etc/

[root@server1 etc]# cp -pnamed.caching-nameserver.conf named.conf

[root@server1 etc]# vim named.conf

listen-on port 53 { 192.168.10.200; };

:%s/localhost/any/gc

[root@server1 etc]# named-checkconfnamed.conf

[root@server1 etc]# vim named.rfc1912.zones

:21,25y -- p

:%s/localhost/tarena.com/gc

[root@server1 etc]# named-checkconfnamed.rfc1912.zones

[root@server1 etc]# cd ..

[root@server1 chroot]# cd var/named/

[root@server1 named]# cp -p named.localtarena.com.zone

[root@server1 named]# vim tarena.com.zone

$TTL86400

@INSOAtarena.com. root.tarena.com.(

2014030601 ; Serial

28800; Refresh

14400; Retry

3600000; Expire

86400); Minimum

INNSdns1.tarena.com.

dns1INA192.168.10.254

wwwINA192.168.10.199

mailINA192.168.10.200

[root@server1 named]# named-checkzonetarena.com tarena.com.zone

zone tarena.com/IN: loaded serial2014030601

OK

[root@server1 named]# service named restart

停止 named：[确定]

启动 named：[确定]

[root@server1 named]# chkconfig named on

[root@server1 named]# vim /etc/resolv.conf

nameserver 192.168.10.254

[root@server1 named]# rpm -q ntp

ntp-4.2.2p1-15.el5.centos.1

[root@server1named]# vim /etc/ntp.conf

restrict 192.168.10.0 netmask 255.255.255.0kod nomodify notrap nopeer noquery

[root@server1 named]# service ntpd start

启动 ntpd：[确定]

[root@server1 named]# chkconfig ntpd on

[root@server1 named]# ntpstat

unsynchronised

time server re-starting

polling server every 64 s

[root@server1 named]# ntpstat

synchronised to local net at stratum 11

time correct to within 949 ms

polling server every 64 s

验证：把ip为…199的客户机时间更改后，与NTP服务器同步时间：

[root@localhost ~]# date 021311222014

2014年 02月 13日星期四 11:22:00 CST

[root@localhost ~]# ntpdate 192.168.10.254

6Mar 20:16:32 ntpdate[10768]: step time server 192.168.10.254 offset1846459.480499 sec

[root@localhost ~]# date

2014年 03月 06日星期四 20:16:50 CST

并把该主机改名为www.tarena.com,安装配置HTTPD服务：

[root@localhost ~]# vim /etc/hosts

192.168.10.199www.tarena.comwww

[root@localhost ~]# service network restart

正在关闭接口 eth0：[确定]

关闭环回接口：[确定]

弹出环回接口：[确定]

弹出界面 eth0：

正在决定 eth0 的 IP 信息...完成

[root@localhost ~]# hostname

www.tarena.com

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# ls

rhel-debuginfo.repo

[root@localhost yum.repos.d]#

wgetftp://192.168.10.254/pub/repo/redhat.repo/etc/yum.repos.d/

[root@localhost yum.repos.d]# ls

redhat.reporhel-debuginfo.repo

[root@localhost ~]# yum -y install httpdhttpd-manual httpd-devel

Installing: httpd-devel16/17

Installing: httpd-devel17/17

rhel-server/productid| 1.7 kB00:00

Installed:

httpd.x86_64 0:2.2.3-74.el5

Complete!

[root@www tools]# service httpd restart

停止 httpd：[确定]

启动 httpd：[确定]

[root@www tools]# chkconfig httpd on

[root@www tools]# netstat -anpt | grephttpd

tcp00 :::80:::*LISTEN12019/httpd

修改缺省主页：

[root@www ~]# vim/etc/httpd/conf/httpd.conf

391 ServerName www.tarena.com

392 DirectoryIndex index.html index.php

[root@www ~]# vim /var/www/html/index.html

<h1> My Web-site .</h1>

[root@www ~]# service httpd restart

停止 httpd：[确定]

启动 httpd：[确定]

[root@www ~]# firefox &

在网页地址栏：输入本机http://192.168.10.199/或输入www.tarena.com

返回显示：My Web-site .

访问控制：

控制IP或网段：

[root@www ~]# vim/etc/httpd/conf/httpd.conf

1013 <Directory"/var/www/html">

1014Options None

1015AllowOverride None

1016Order allow,deny

1017 Deny from 192.168.10.200

1018Allow from all

1019 </Directory>

重启阿帕奇服务后，ip200的机器无法访问网页的缺省页！

2控制用户授权：

[root@www ~]# mkdir /var/www/html/authdir

[root@www ~]# vim/var/www/html/authdir/index.html

<h1> TOP Secret.</h1>

新建用户tom密码123

[root@www ~]# htpasswd -c/etc/httpd/auth.ulist tom

New password: 输入123

Re-type new password: 输入123

Adding password for user tom

[root@www ~]# vim/etc/httpd/conf/httpd.conf

<Directory"/var/www/html/authdir">

AuthName "Ni Xu Yao Mima"

AuthType basic

AuthUserFile/etc/httpd/auth.ulist

Require valid-user

</Directory>

重启服务：网页上输入http://192.168.10.199/authdir

提示输入用户名和密码：不输入显示：Authorization Required

输入后正常显示！

网站访问量分析工具：（awstats ）

[root@www ~]# rsyncroot@192.168.10.254:/tmp/awstats-7.1.tar.gz /tmp/

root@192.168.10.254's password:

[root@www ~]# ls /tmp/

awstats-7.1.tar.gz

[root@www ~]# tar zxvf/tmp/awstats-7.1.tar.gz -C /usr/local/

[root@www ~]# cd /usr/local/

[root@www local]# ls

awstats-7.1etcincludelib64sbinsrc

[root@www local]# mv awstats-7.1/ awstats

[root@www local]# cd awstats/tools/

[root@www tools]# ./awstats_configure.pl

> /etc/httpd/conf/httpd.conf

file (required if first install) [y/N] ? y

> www.tarena.com回车回车回车

[root@www tools]# vim/etc/awstats/awstats.www.tarena.com.conf

51LogFile="/var/log/httpd/access_log"要分析的日志文件

203 DirData="/var/lib/awstats"默认的工组目录

[root@www tools]# mkdir /var/lib/awstats创建默认工作目录

在web页面地址栏输入http://www.tarena.com/awstats/awstats.pl?config=www.tarena.com

可以浏览awstats工具了，但是是空的，需要手动更新：

[root@www tools]# ./awstats_updateall.plnow

再次登陆就有数据了；访问地址太繁琐了，需要简化，执行网页跳转

[root@www tools]# vim/data/web/www/aw-www.html

<html> <head>

<meta http-equiv=refreshcontent="0;

url=http://www.tarena.com/awstats/awstats.pl?config=www.tarena.com">

</head>

<body> </body> </html>

在web地址栏：www.tarena.com/aw-www.html就可以登陆AW工具界面了

把手动更新加到计划任务：

[root@www tools]# crontab -e

5/* * * * */var/local/awstats/tools/awstats_updateall.pl

虚拟主机：对域名

[root@server1 named]# vim tarena.com.zone

wwwINA192.168.10.199

bbsINA192.168.10.199

[root@www conf.d]# mkdir -p/data/web/{www.bbs}

[root@www conf.d]# cd /data/web/www

[root@www www]# vim index.html

<h1> This is WWW site !!! </h1>

[root@www www]# cd ../bbs

[root@www bbs]# vim index.html

<h1> This is BBS Web !! </h1>

[root@www bbs]# cd /etc/httpd/conf.d/

[root@www conf.d]# vim vh.conf

NameVirtualHost 192.168.10.199:80

<VirtualHost 192.168.10.199:80>

DocumentRoot /data/web/www

ServerName www.tarena.com

ErrorLog logs/www.tarena.com-error_log

CustomLog logs/www.tarena.com-access_log common

</VirtualHost>

<VirtualHost 192.168.10.199:80>

DocumentRoot /data/web/bbs

ServerName bbs.tarena.com

ErrorLog logs/bbs.tarena.com-error_log

CustomLog logs/bbs.tarena.com-access_log common

</VirtualHost>

[root@www conf.d]# service httpd restart

缓存DNS服务器：安装软件

[root@localhost etc]# vim named.conf

options {

listen-on port 53 {192.168.10.200; };

listen-on-v6 port 53 { ::1; };

directory"/var/named";

dump-file"/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

forwarders {192.168.10.254;} ;

[root@localhost etc]# vim /etc/resolv.conf

nameserver 192.168.10.200

[root@localhost etc]# service named restart