Foreman 구성 II
페이지 정보
작성자 꿈꾸는여행자 작성일 25-06-05 10:57 조회 1,046 댓글 0본문
안녕하세요.
꿈꾸는여행자입니다.
계속해서 Foreman 구성 내용에 대해서 진행하고자 합니다.
> 다음
1. Foreman 구성
- Foreman - Prerequisite 설정
목차
III. Foreman - Katello
0. Prerequisite
0.1. Configure hostname
0.2. Configure NTP time synchronization
0.3. SELinux 설정 확인
0.4. Docker 제거
상세 내역은 아래와 같습니다.
감사합니다.
> 아래
III. Foreman - Katello
0. Prerequisite
0.1. Configure hostname
You need a proper hostname configured for your machine that can be resolved to an IP address. Don’t use example.com. as domain for the hostname as shown in the example. Replace the hostname with one in your Infrastructure, as configured in your DNS server.
sudo hostnamectl set-hostname foreman.katello.lds.local
[root@localhost ~]# sudo hostnamectl set-hostname foreman.katello.lds.local
[root@localhost ~]#
Set IP address and DNS name in your /etc/hosts file. This is often important for environments without a working DNS server.
cp \
/etc/hosts \
/etc/hosts.orig
echo 192.168.50.79 foreman.katello.lds.local | sudo tee -a /etc/hosts
sudo vi /etc/hosts
…
192.168.50.78 foreman.lds.local
[root@localhost ~]# cp \
> /etc/hosts \
> /etc/hosts.orig
[root@localhost ~]# echo 192.168.50.79 foreman.katello.lds.local | sudo tee -a /etc/hosts
192.168.50.79 foreman.katello.lds.local
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.50.79 foreman.katello.lds.local
[root@localhost ~]#
Ensure that the command below shows the real IP address, not 127.0.1.1.
ping -c 2 $(hostname -f)
[root@localhost ~]# ping -c 2 $(hostname -f)
PING foreman.katello.lds.local (192.168.50.79) 56(84) bytes of data.
64 bytes from foreman.katello.lds.local (192.168.50.79): icmp_seq=1 ttl=64 time=0.311 ms
64 bytes from foreman.katello.lds.local (192.168.50.79): icmp_seq=2 ttl=64 time=0.123 ms
--- foreman.katello.lds.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1010ms
rtt min/avg/max/mdev = 0.123/0.217/0.311/0.094 ms
[root@localhost ~]#
The hostname configured can be confirmed if it returns a correct IP address using the Linux host command:
host foreman.katello.lds.local
[root@localhost ~]# host foreman.katello.lds.local
Host foreman.katello.lds.local not found: 3(NXDOMAIN)
[root@localhost ~]#
0.2. Configure NTP time synchronization
Install chrony package which an alternative NTP software package for CentOS and all other RHEL based Linux systems.
sudo dnf -y install chrony
[root@localhost ~]# sudo dnf -y install chrony
Last metadata expiration check: 0:07:33 ago on Tue 30 Jul 2024 01:29:12 PM KST.
Package chrony-4.5-1.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@localhost ~]#
After the package is installed set correct timezone. This will ensure correct time is set for your machine when you run synchronization command.
sudo timedatectl set-timezone Asia/Seoul
timedatectl
[root@localhost ~]# sudo timedatectl set-timezone Asia/Seoul
[root@localhost ~]# timedatectl
Local time: Tue 2024-07-30 13:39:12 KST
Universal time: Tue 2024-07-30 04:39:12 UTC
RTC time: Tue 2024-07-30 04:39:11
Time zone: Asia/Seoul (KST, +0900)
System clock synchronized: no
NTP service: inactive
RTC in local TZ: no
[root@localhost ~]#
Start and enable chronyd service using systemctl comamnd.
sudo systemctl enable --now chronyd
[root@localhost ~]# sudo systemctl enable --now chronyd
Created symlink /etc/systemd/system/multi-user.target.wants/chronyd.service → /usr/lib/systemd/system/chronyd.service.
[root@localhost ~]#
Sync time to get the correct date and time in your CentOS / RHEL system.
sudo chronyc sources
[root@localhost ~]# sudo chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* any.time.nl 2 6 17 34 -217us[-2746us] +/- 22ms
^- 121.174.142.82 3 6 17 34 -1159us[-1159us] +/- 54ms
[root@localhost ~]#
0.3. SELinux 설정 확인
* 현재 SELinux 상태 확인
* 먼저 현재 SELinux 상태를 확인합니다:
getenforce
setenforce 1
sestatus
* SELinux 모드 변경
* 위의 sed 명령어를 사용하여 설정 파일을 수정합니다:
* KVM 환경에서 SELinux 변경 적용 이후 reboot 작업시 오래 작업됨
sudo sed -i 's/^SELINUX=disabled/SELINUX=enforcing/' /etc/selinux/config
touch /.autorelabel
reboot
* 현재 SELinux 상태 확인
sestatus
[root@localhost ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
[root@localhost ~]#
0.4. Docker 제거
Foreman과 함께 Katello 플러그인을 사용할 경우, 기존 Docker 설치가 문제를 일으킬 수 있으므로 Docker를 제거하는 것이 좋습니다. 이는 특히 Podman이 필요한 경우에 해당됩니다.
sudo dnf remove docker docker-common docker-selinux docker-engine
[root@localhost ~]# sudo dnf remove docker docker-common docker-selinux docker-engine
일치하는 인수가 없습니다: docker
일치하는 인수가 없습니다: docker-common
일치하는 인수가 없습니다: docker-engine
종속성이 해결되었습니다.
==========================================================================================================
꾸러미 구조 버전 저장소 크기
==========================================================================================================
삭제 중:
container-selinux noarch 3:2.229.0-1.el9 @AppStream 67 k
종속 꾸러미지 제거:
flatpak-selinux noarch 1.12.8-1.el9 @AppStream 12 k
selinux-policy noarch 38.1.35-2.el9_4.0.1 @anaconda 25 k
selinux-policy-targeted noarch 38.1.35-2.el9_4.0.1 @anaconda 18 M
사용하지 않는 종속 꾸러미 제거:
rpm-plugin-selinux x86_64 4.16.1.3-29.el9 @anaconda 16 k
연결 요약
==========================================================================================================
삭제 5 꾸러미
사용 가능한 공간 : 18 M
진행할까요? [y/N]: y
연결 확인 실행 중
연결 확인에 성공했습니다.
연결 시험 실행 중
연결 시험에 성공했습니다.
연결 실행 중
준비 중 : 1/1
삭제 중 : container-selinux-3:2.229.0-1.el9.noarch 1/5
구현 중 : container-selinux-3:2.229.0-1.el9.noarch 1/5
삭제 중 : flatpak-selinux-1.12.8-1.el9.noarch 2/5
구현 중 : flatpak-selinux-1.12.8-1.el9.noarch 2/5
삭제 중 : rpm-plugin-selinux-4.16.1.3-29.el9.x86_64 3/5
구현 중 : selinux-policy-38.1.35-2.el9_4.0.1.noarch 4/5
삭제 중 : selinux-policy-38.1.35-2.el9_4.0.1.noarch 4/5
구현 중 : selinux-policy-38.1.35-2.el9_4.0.1.noarch 4/5
삭제 중 : selinux-policy-targeted-38.1.35-2.el9_4.0.1.noarch 5/5
구현 중 : selinux-policy-targeted-38.1.35-2.el9_4.0.1.noarch 5/5
확인 중 : container-selinux-3:2.229.0-1.el9.noarch 1/5
확인 중 : flatpak-selinux-1.12.8-1.el9.noarch 2/5
확인 중 : rpm-plugin-selinux-4.16.1.3-29.el9.x86_64 3/5
확인 중 : selinux-policy-38.1.35-2.el9_4.0.1.noarch 4/5
확인 중 : selinux-policy-targeted-38.1.35-2.el9_4.0.1.noarch 5/5
제거되었습니다:
container-selinux-3:2.229.0-1.el9.noarch flatpak-selinux-1.12.8-1.el9.noarch
rpm-plugin-selinux-4.16.1.3-29.el9.x86_64 selinux-policy-38.1.35-2.el9_4.0.1.noarch
selinux-policy-targeted-38.1.35-2.el9_4.0.1.noarch
완료되었습니다!
[root@localhost ~]#
댓글목록 0
등록된 댓글이 없습니다.