foreword
It has been 2 days since a new version of the CentOS operating system was released, namely, CentOS 8. And so far there are quite a few articles on the Internet on how something is done in it, so I decided to fill this gap. At what I will tell not only about how to install this pair of programs, but also about how I generally see the installation of Linux in a virtual environment in the modern world for typical tasks, including partitioning disks and so on.
But in the beginning, I want to briefly talk about why it is worth switching to this version from all the previous ones, and there are already two reasons for this:
- php7! In the previous version of CentOS, "Orthodox" php5.4 was installed ...
Okay, if a little more seriously, then a lot of packages jumped over several versions in a crowd. We (fans of redhat-like OS) have finally entered, if not into the future, then at least into the present. And Ubuntu supporters won't laugh at us anymore and point their fingers at us, well... at least for a while ;).
- Switching from yum to dnf The main difference is that it is now officially supported to work with several versions of packages at once. Right in the eight, this has never come in handy for me, but it sounds promising.
Create a virtual machine
Hypervisors are different and I have no goal to sharpen the reader for a specific one, I will talk about general principles.
Memory
First… To install a CentOS system starting from 7 for sure, but in my opinion it was like that in 6 as well (“but this is not accurate”), you need minimum 2 GB of RAM. Therefore, I advise you to give as much as a start.
But if anything, after installation, the amount of memory can be reduced. At 1 GB, the bare system works quite fine, I checked.
Диск
For a normal installation, you should create a virtual disk with a capacity of 20-30 GB. That's enough for the system. And a second disk for data. It can be added both at the stage of creating a virtual machine, and after. I usually add later.
Processor
On one core, a bare system does not slow down. And since the resources are freely scalable, I don’t see the point in giving more at the installation stage (unless you perfectly know the requirements and are too lazy to go into the configurator once again)
The rest can usually be left as default.
Actually installation
So… Let’s launch the installer… Personally, I’ve been installing such services only in the form of virtual machines for a long time, so I won’t describe all the distribution records on a USB flash drive there — I just mount the ISO as a CD in my favorite hypervisor, download and let’s go.
The basic installation is quite typical, I will dwell only on a few points.
Source selection
Since the release of the eighth version, the mirror from Yandex has been lying for days. Well, that is, it periodically rises, and then again starts to show an error. I am sure that the matter is in the excessive load on the service. Therefore, to indicate the source personally, instead of entering the usual address, I had to go , select a mirror there that I like and manually enter the address in the installer window. It is important to remember here that you need to specify the path to the folder where the directory is located. repodata. For example, .
Disk partitioning
This question is rather religious in my opinion. Each administrator has his own position on this matter. But I will still share my point of view on the question.
Yes, in principle, you can allocate the whole place under the root and it will work, most often even quite well. Why, then, fence a garden with different sections? - In my opinion, there are 2 main reasons for this: quotas and portability.
For example, if something went wrong and there were errors on the main data partition, you want to be able to boot the system anyway and take resuscitation measures. Therefore, I personally allocate a separate partition under /boot. There lies the kernel and bootloader. Usually 500 megabytes is enough, but in rare cases more may be required, and given that we are already accustomed to measuring space in terabytes, I allocate 2GB for this section. And here it is important that it cannot be done by lvm.
Next comes the root of the system. For a normal installation, I have never needed more than 4 GB per system, but during scheduled events, I often use the / tmp directory to unpack distributions, and I see no reason to allocate it to a separate partition - in modern systems it is cleaned automatically, so it is not filled . So under the root I allocate 8GB.
Swap ... By and large, there is little practical use for it. If you started using swap on your server, today in the real world it only means that the server needs to add more RAM. Otherwise, problems with performance are guaranteed (or some program "flows" memory). Therefore, this section is needed only for diagnostics. Therefore, 2 GB is a great number. Yes, regardless of how much memory is on the server. Yes, I read all those articles where it is written about the ratio of memory to swap ... IMHO, they are outdated. In 10 years of practice, this has never come in handy for me. 15 years ago I used them, yes.
Whether to allocate / home to a separate section IMHO, everyone can decide for himself. If someone actively uses this directory on the server, it is better to select it. If no one - there is no need.
Next, /var. In my opinion, it must be singled out. For starters, you can limit yourself to a figure of 4 GB, and then how it goes. And yes, by "how it goes" I mean that
- Firstly, you can always mount another drive in the /var subdirectory (which I will show with an example later)
- Secondly, we have lvm - you can always add it. And you usually have to add it when too many logs start to pour in there. But I have never been able to predict this figure in advance, so I start with 2 GB, and then look.
Unallocated space will remain free in the volume group, it can always be used later.
LVM
All partitions other than /boot makes sense to do in LVM. Yes, including swap. Yes, according to all the advice, swap should be at the beginning of the disk, and in the case of LVM, its location cannot be determined in principle. But as I wrote above, your system should not use swap at all. So it doesn't matter where it is. Well, we are not living in 95, honestly!
Further, in LVM there are several basic entities that you need to be able to live with:
- physical volume
- volume group
- logical volume
Physical volumes are combined into groups, while each physical volume can be in only one group, and a group can be located on several physical volumes at once.
And the logical volumes are each in the same group.
But ... We, damn it, are again in the 21st century in the yard. And the servers are virtual. It makes no sense to apply to them the same mechanisms that were applied to physical ones. And for virtual it is important to have data separately from the system! This is very important, in particular, for the ability to quickly switch data to another virtual machine (for example, when switching to a new OS) and in general for all sorts of useful goodies (separate backups by partitions using the hypervisor, for example). Therefore, one volume group is used for the system and another one is necessarily used for data! This logical separation helps a lot in life!
If you created only one virtual hard disk when creating a virtual machine, this is where the configuration ends. And if there are two, then just do not mark the second one yet.
We start the installation.
post-installation
So, the freshly installed system finally booted up. The first thing to check is the internet.
ping ya.ru
Is there an answer? - Great, press Ctrl-C.
If not, go set up the network, there is no life without it, but my article is not about that.
Now, if we are not yet under the root, we go under the root, for dialing a the number of commands with sudo personally broke me (and may paranoid admins forgive me):
sudo -iNow, first of all, we collect
dnf -y updateAnd if you are reading this article in 2019, most likely nothing will happen, but it was worth a try.
Now let's configure the remaining disk
Let's say we had an xvda partition with the system, then the data disk will be xvdb. OK.
Most advice will begin with "Run fdisk and create a partition..."
So here it is wrong!
I'll say it again, because it's important! In this case, to work with LVM, which occupies one whole virtual disk, it is harmful to create partitions on it! Every word in this sentence matters. If we work without LVM, we must. If we have a system and data on the disk, we need it. If for some reason we need to leave half of the disk empty, we also need to. But usually all these assumptions are purely theoretical. Because if we decide to add places to an existing partition, then it will be easiest to do it with this configuration. And convenience in administration outweighs a lot of things so much that we purposefully go to this configuration.
And the convenience is that if you want to expand the data partition, you simply add spaces to the virtual partition, then expand the group with vgextend and that's it! In rare cases, you may need something else, but at least not have to expand the logical volume at the beginning, which is already nice. Otherwise, to expand this very volume, it is recommended to first delete the existing one, and then create a new one on top ... Which does not look very nice and cannot be done live, and the expansion according to the scenario I indicated can be carried out “on the fly” without even unmounting the partition.
In total, we create a physical volume, then a volume group that includes it, and then a partition for our server:
pvcreate /dev/xvdb
vgcreate data /dev/xvdb
lvcreate -n www -L40G data
mke2fs -t ext4 /dev/mapper/data-www
Here, instead of the capital letter “L” (and the size in GB), you can specify a small one and then instead of the absolute size, specify a relative one, for example, to use half of the currently free space in the volume group, you must specify “-l + 50% FREE”
And the last command formats the partition in the ext4 file system (which so far, in my experience, shows the greatest stability in case everything breaks, so I prefer it).
Now we mount the partition in the right place. To do this, add the correct line to /etc/fstab:
/dev/mapper/data-www /var/www ext4 defaults 1 2And we are recruiting
mount /var/wwwIf an error pops up - sound the alarm! Because that means we have a bug in /etc/fstab. And that the next reboot we will have very big problems. The system may not boot at all, which is often very sad for cloud services. And therefore it is necessary either to urgently correct the last added line, or to delete it altogether! That is why we did not write the mount command manually - then we would not have received such an excellent opportunity to check the config right away.
Now we actually put everything we wanted and open ports for the web:
dnf groupinstall "Development Tools"
dnf -y install httpd @nodejs @redis php
firewall-cmd --add-service http --permanent
firewall-cmd --add-service https --permanent
If you wish, you can also put the database here, but personally I try to keep it separate from the web server. Although keeping her around is faster, yes. The speed of virtual network adapters is usually in the gigabit region, and when running on the same machine, accesses occur almost instantly. But it's less safe. Who is more important here.
Now we add a parameter to the configuration file (we create a new, modern CentOS ideology is like this)
echo "vm.overcommit_memory = 1"> /etc/sysctl.d/98-sysctl.conf
We reboot the server.
In the comments, I was scolded for the advice to turn off SeLinux, so I will correct myself and write about the fact that after that you must not forget to configure SeLinux.
Actually, profit! 🙂
Source: habr.com