5月 2013

NFS リフェラルの管理 - Oracle Solaris 11.1 でのネットワークファイルシステムの管理
FedFS の管理 - Oracle Solaris 11.1 でのネットワークファイルシステムの管理
Features/FedFS - FedoraProject
FedFS Briefing - fedfs_fast10_bof.pdf

zone01(NSDBサーバ)

名前空間データベース(NSDB)の作成
/etc/openldap/slapd.conf の設定

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /usr/lib/fs/nfs/fedfs-11.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/openldap/run/slapd.pid
argsfile        /var/openldap/run/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/lib/openldap
# moduleload    back_bdb.la
# moduleload    back_hdb.la
# moduleload    back_ldap.la

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
suffix          "dc=nerv,dc=local"
rootdn          "cn=Manager,dc=nerv,dc=local"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          {SSHA}dbeeLzcFhwyolAS9LenMxj4fvSN8bXzQ
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/openldap/openldap-data
# Indices to maintain
index   objectClass     eq

rootpw の生成には slappasswd を使用する

# slappasswd
New password:
Re-enter new password:
{SSHA}dbeeLzcFhwyolAS9LenMxj4fvSN8bXzQ

LDAP Server の起動

# ls -la /var/openldap
total 8
drwxr-xr-x   2 root     bin            3 May 27 14:37 openldap-data
drwxr-xr-x   2 root     bin            2 Sep 20  2012 run
# chown -R openldap:openldap /var/openldap
# svcadm enable svc:/network/ldap/server:openldap_24
# svcs -l svc:/network/ldap/server:openldap_24
fmri         svc:/network/ldap/server:openldap_24
name         slapd - OpenLDAP LDAP server
enabled      true
state        online
next_state   none
state_time   May 27, 2013 03:34:07 PM JST
logfile      /var/svc/log/network-ldap-server:openldap_24.log
restarter    svc:/system/svc/restarter:default
contract_id  128
manifest     /lib/svc/manifest/network/ldap/ldap-olslapd.xml
dependency   require_all/error svc:/milestone/network:default (online)
dependency   require_all/none svc:/system/filesystem/local:default (online)

FedFS データの識別名を作成

# nsdb-update-nci -l localhost -r 389 -D cn=Manager -w solaris1 dc=nerv,dc=local
adding new entry "dc=nerv,dc=local"

NCE entry created
# ldapsearch -h localhost -x -b 'dc=nerv,dc=local' -s base '(objectclass=*)' '*' '+'
version: 1
dn: dc=nerv,dc=local
objectClass: top
objectClass: organization
objectClass: dcObject
objectClass: fedfsNsdbContainerInfo
o: nerv
dc: nerv
fedfsNcePrefix:
structuralObjectClass: organization
entryUUID: a0e043b2-5c40-1032-8e7f-ddb22a4c152a
creatorsName: cn=Manager,dc=nerv,dc=local
createTimestamp: 20130529001535Z
entryCSN: 20130529001535.724696Z#000000#000#000000
modifiersName: cn=Manager,dc=nerv,dc=local
modifyTimestamp: 20130529001535Z
entryDN: dc=nerv,dc=local
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

LDAP サーバーに定義された NSDB と NFS サーバーに定義された NSDB の間の接続エントリを作成
# nsdbparams update -D cn=Manager,dc=nerv,dc=local -w solaris1 zone01.nerv.local ここまでの NSDB の状態

# nsdbparams list
zone01.nerv.local:389
# nsdbparams show zone01.nerv.local
zone01.nerv.local:389
        default bind DN: cn=Manager,dc=nerv,dc=local
        default bind PW: solaris1
        default NCE: dc=nerv,dc=local
        sectype: FEDFS_SEC_NONE
# nsdbparams get
default nsdb: localhost
default port: 389

zone02(NFSサーバ)

nfs 共有設定(sol 11.1, zfs ver. 6)

# zfs set share=name=zone02nfs,path=/export/docs,prot=nfs,sec=sys,rw=*,public rpool/export/docs
name=zone02nfs,path=/export/docs,prot=nfs,public=true,sec=sys,rw=*
# zfs set sharenfs=on rpool/export/docs
# share
zone02nfs       /export/docs    nfs     public,sec=sys,rw

NSDB の接続エントリを作成
# nsdbparams update -D cn=Manager,dc=nerv,dc=local -w solaris1 zone01.nerv.local

zone03(NFSサーバ)

nfs 共有設定(sol 11.1, zfs ver. 6)

# zfs set share=name=zone03nfs,path=/export/share,prot=nfs,sec=sys,rw=*,public rpool/export/share
name=zone03nfs,path=/export/share,prot=nfs,public=true,sec=sys,rw=*
# zfs set sharenfs=on rpool/export/share
# share
zone03nfs       /export/share   nfs     public,sec=sys,rw

NSDB の接続エントリを作成
# nsdbparams update -D cn=Manager,dc=nerv,dc=local -w solaris1 zone01.nerv.local
NSDB の指定
# nsdbparams set zone01.nerv.local
再解析ポイントデーモンを起動する

# svcadm enable svc:/system/filesystem/reparse
# svcs -l reparse
fmri         svc:/system/filesystem/reparse:default
name         Reparse Point daemon
enabled      true
state        online
next_state   none
state_time   May 28, 2013 10:20:19 AM JST
logfile      /var/svc/log/system-filesystem-reparse:default.log
restarter    svc:/system/svc/restarter:default
contract_id  154
manifest     /lib/svc/manifest/network/shares/reparsed.xml
dependency   require_any/error svc:/milestone/network (online)
dependency   require_all/refresh svc:/milestone/name-services (online)
dependency   require_all/error svc:/system/filesystem/minimal (online)

FedFS リフェラルの作成
zone02 の/export/docs を zone03 の/export/share/docs として配置する

# share
zone03nfs       /export/share   nfs     public,sec=sys,rw
# nfsref -t nfs-fedfs add /export/share/docs zone02.nerv.local:/export/docs
Created reparse point /export/share/docs
# ls -l /export/share
total 4
drwxr-xr-x   2 root     root           3  6月  2日  03:13 data
lrwxrwxrwx   1 root     root          81  5月 30日  11:05 docs -> @{REPARSE@{nfs-fedfs:zone01.nerv.local 389 58855610-c8cd-11e2-a758-820820bb17db}}

zone04(NFSクライアント)

nfs をマウントする(sol 11.1, zfs ver. 6)

# mount -F nfs zone03.nerv.local:/export/share /mnt
# ls -l /mnt
total 4
drwxr-xr-x   2 root     root           3  6月  2日  03:13 data
dr-xr-xr-x   1 root     root           1  6月  2日  03:22 docs
# cd /mnt/docs
# ls -l
total 7
-rw-r--r--   1 root     root        2750  5月 30日  10:16 file02

NSDB の状態

# nsdb-nces
Host: zone01.nerv.local:389
  namingContext 'dc=nerv,dc=local' is a FedFS NCE, DIT starts at ''
# nsdb-list
NSDB: zone01.nerv.local:389, dc=nerv,dc=local
  FSN UUID: 58855610-c8cd-11e2-a758-820820bb17db
    FSL UUID: 5889fdfa-c8cd-11e2-a759-020820bb17db = zone02.nerv.local:/export/docs
# nsdb-resolve-fsn 58855610-c8cd-11e2-a758-820820bb17db
For FSN UUID 58855610-c8cd-11e2-a758-820820bb17db
  FSL UUID: 5889fdfa-c8cd-11e2-a759-020820bb17db
    Location: zone02.nerv.local:/export/docs

CompoundJS
Crash Course to CompoundJS
もともとはRailwayJSという名前だったみたいだ。

npm を使ってCompoundJSをダウンロード＆インストール
# npm install compound -g
アプリ作成

# compound init compound-blog
create  compound-blog
create  compound-blog/app/
create  compound-blog/app/assets/
create  compound-blog/app/assets/coffeescripts/
create  compound-blog/app/assets/stylesheets/
create  compound-blog/app/models/
create  compound-blog/app/controllers/
create  compound-blog/app/observers/
create  compound-blog/app/helpers/
create  compound-blog/app/views/
create  compound-blog/app/views/layouts/
create  compound-blog/db/
create  compound-blog/db/seeds/
create  compound-blog/db/seeds/development/
    :
    :

依存モジュールのインストール

# cd compound-blog; npm install
npm http GET https://registry.npmjs.org/ejs-ext
npm http GET https://registry.npmjs.org/co-assets-compiler
npm http GET https://registry.npmjs.org/express
npm http GET https://registry.npmjs.org/nodeunit
npm http GET https://registry.npmjs.org/sinon
npm http GET https://registry.npmjs.org/supertest
npm http GET https://registry.npmjs.org/coffee-script
npm http GET https://registry.npmjs.org/mocha
npm http GET https://registry.npmjs.org/semicov
npm http GET https://registry.npmjs.org/stylus
    :
    :

Generatorを使ってappの機能を作成

# compound generate crud post title content
exists  app/
exists  app/controllers/
exists  app/helpers/
exists  app/views/
create  app/views/posts/
exists  app/views/layouts
create  test/
create  test/controllers/
create  app/controllers/posts_controller.js
exists  app/
exists  app/models/
create  app/models/post.js
patch   db/schema.js
create  app/views/layouts/posts_layout.ejs
create  app/views/posts/_form.ejs
create  app/views/posts/show.ejs
create  app/views/posts/new.ejs
create  app/views/posts/edit.ejs
create  app/views/posts/index.ejs
create  app/helpers/posts.js
create  test/controllers/posts_controller.test.js
create  test/init.js
patch   config/routes.js

起動！

# compound server 3000
Compound server listening on 0.0.0.0:3000 within development environment

なんか出た。ルーティングをしろとあるので、してみる。
config/routes.js

exports.routes = function (map) {
    map.resources('posts');
    map.get('/', 'posts#index');
    // Generic routes. Add all your routes below this line
    // feel free to remove generic routes
    map.all(':controller/:action');
    map.all(':controller/:action/:id');
};

しかし何も変わらない。なぜに。仕方ないので直接 posts#index にアクセス。