CentOS 7

오픈소스 비즈니스 컨설팅
이동: 둘러보기, 검색

CentOS 7을 정리 합니다.

CentOS 7 초기 설정

yum install net-tools                      #--- 네트워크 관련 도구 설치
yum install wget

Timezone 설정 (CentOS 7, Ubuntu)

mv /etc/localtime /etc/localtime_org
ln -s /usr/share/zoneinfo/Asia/Seoul /etc/localtime


Local 설정 (CentOS 7, Ubuntu)

localectl
localectl set-locale LANG=ko_KR.UTF-8


EPEL 설치

yum -y install epel-release
# yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-6.noarch.rpm
yum repolist

CentOS 7 IP 설정

  • cd /etc/sysconfig/network-scripts/
  • DHCP 설정
  • vi ifcfg-enp0s3
HWADDR="08:00:27:35:6D:C0"
TYPE="Ethernet"
BOOTPROTO="dhcp"
DEFROUTE="yes"
PEERDNS="yes"
PEERROUTES="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_FAILURE_FATAL="no"
NAME="enp0s3"
UUID="39ce656a-650a-4b42-b71f-c8ab731d9727"
ONBOOT="yes"
  • 고정 IP 설정
  • vi ifcfg-enp0s8
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=enp0s8
UUID=c33d268b-ba16-4c86-8acc-afead4413d68
ONBOOT=yes
HWADDR=08:00:27:16:F6:E4
IPADDR0=192.168.70.111
PREFIX0=24
GATEWAY0=192.168.70.1
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes

service network restart

  • 네트워크 관련 명령어 설치
yum install net-tools
  • CentOS 7 systemctl

방화벽 설정

  • firewall 설치
  • start, stop, enable, disable
yum install firewalld firewall-config

systemctl start firewalld.service
systemctl enable firewalld.service
  • 설정 파일
  • vi /etc/firewalld/zones/public.xml : Default Zone인 public의 설정 파일
  • /usr/lib/firewalld/services/~.xml
  • 방화벽 설정
firewall-cmd --help
firewall-cmd --state
firewall-cmd --get-active-zones
firewall-cmd --get-service
firewall-cmd --get-service --permanent

firewall-cmd --permanent --zone=public --add-port=9022/tcp       #--- public Zone에 port 추가
firewall-cmd --permanent --zone=public --add-port=8080-8081/tcp
firewall-cmd --permanent --zone=public --remove-port=8080-8081/tcp
firewall-cmd --reload
firewall-cmd --zone=public --list-ports

firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --permanent --zone=public --remove-service=https
firewall-cmd --reload
firewall-cmd --permanent --zone=public --list-services

#--- public zone에 eth1 인터페이스 추가
firewall-cmd --permanent --zone=public --change-interface=eth1
  • 참고 문헌

chrony 구성

Chrony

참고 문헌