所有文章

F5利用irule强行植入cookie

F5-Bigip利用irule强行给请求植入Cookie的方法。 irule有两种做法可以让链接重定向 HTTP::redirect "http://redirect.domain.com[HTTP::uri]" 或者: HTTP::respond 302 Location "http://redirect.domain.com[HTTP::uri]" "locale" $cookie 我们可以利用第二种方法来强行塞进cookie when HTTP_REQUEST { if {[HTTP::host] equals “find.domain.com” and [HTTP::path] equals “/” } { set local_cookie [HTTP::cookie value lg_locale] set cookie [format "locale=%s; path=/; domain=%s" $local_cookie "<cookiedomain>"] HTTP::respond 302 Location “http://redirect.domain.com[HTTP::uri]” “Set-Cookie” $cookie } } 结果:

2023年7月27日

F5利用irule防爬虫

F5-Bigip利用irule防止爬虫的一法。 爬虫的请求: GET /cms/rest.htm?method=ddky.cms.search.recommend.h5.o2o&pageNo=1&pageSize=6&shopId=201790&ordertypeId=0&suite=1&searchType=o2o&searchPanel=1&wd=%E6%B4%9B%E4%B8%81%E6%96%B0&lat=22.520712193695&lng=113.9233553732&city=%E6%B7%B1%E5%9C%B3%E5%B8%82&type=90&unique=05685D2A5DAB8ABBD2E5E5B26E0C960F&versionName=5.7.5&plat=H5&platform=H5&t=2020-12-15%2014%3A19%3A11&v=1.0&sign=A6BD136BC1B6F91E5C7DD5A0DA03DD79&callback=jsonp1 里面的t值是时间,t=2020-12-15%2014%3A19%3A11 但是有个问题,这个值一直不变了,那我们就利用这一点。如果T值跟当前时间对比,是3分钟前的,那就封! F5的irule,直接return的是白名单: when HTTP_REQUEST { set t [URI::decode [URI::query [HTTP::uri] t]] set before [clock scan "180 seconds ago" ] if { [IP::addr [IP::client_addr] equals 124.206.168.0/255.255.255.224]} { return} if { [IP::addr [IP::client_addr] equals 61.135.14.96/255.255.255.240]} { return} if { [IP::addr [IP::client_addr] equals 114.251.7.112/255.255.255.240]} { return} if { [string tolower [HTTP::uri]] contains "/cms/"} { if {$before > [clock scan $t]} { drop } } }

2023年7月27日

绝版的elasticflow的安装

elasticflow 是个流量分析工具,通过对各种flow流量的抓取,分析数据,可以清晰的看到局域网中的流量。 网管的必备啊。首先要把sflow流量给发过来。(这里172.18.31.23是服务器端) sflow collector 2 ip 172.18.31.23 description flow-server 拉取源代码: git clone https://github.com/robcowart/elastiflow 启动集群 docker-compose up -d 这样整个数据会被清空,需要重新生成一遍,先把kibana的数据文件拉回来 wget https://raw.githubusercontent.com/robcowart/elastiflow/master/kibana/elastiflow.kibana.7.8.x.ndjson 然后登录http://172.18.31.23:5601 先到配置,导入 导入对象,选择elastiflow.kibana.7.8.x.ndjson文件上传 导入成功,导入了300多个对象 然后配置索引,应该不用配,直接选一个做default 这样就ok了,去dashboard的overview就能看到东西了 然后去修改一下shard策略,省得索引报黄色 PUT /_template/elastiflow-3.5.3 { "index_patterns": "*", "settings": { "number_of_shards": 1 } } PUT /_template/index_defaults { "index_patterns": "*", "settings": { "number_of_shards": 1 } } PUT /_template/elastiflow-3.5.3 { "index_patterns": "elastiflow-3.5.3-*", "settings": { "number_of_shards": 1 } } 查看一下: curl -s -X GET 'http://localhost:9200/_cat/indices?v' curl -s -X GET 'http://localhost:9200/_template'| jq

2023年7月24日

如何在容器内安装字体文件

pod 容器内要用中文雅黑字体生成 jpg 图片,没办法,只能把字体给装进去 首先进入容器,确定容器的基底是什么,是yum、apt或者apk 通常都是用apk最小化安装的,这样做法如下: apk update apk add --update ttf-dejavu fontconfig rm -rf /var/cache/apk/* mkdir /usr/share/fonts/chinese cp /usr/local/jre1.8.0_201/lib/fonts/simsun.ttc /usr/share/fonts/chinese mkfontscale && mkfontdir && fc-cache 这样就搞定了,当然这只是临时的。 要想长久就得修改Dockerfile,把文件拷进容器,然后同样得执行命令即可。

2023年7月6日

2023年获得的证书

2023年上半年经过努力,又考了3张证书,下半年继续努力奋斗……

2023年6月30日

Yapi集成进freeIPA进行统一认证

Freeipa接入Yapi. vi my-api/config.json ... "ldapLogin": { "enable": true, "server": "ldap://ldap.bybon.cn", "baseDn": "uid=manager,cn=users,cn=accounts,dc=bybon,dc=cn", "bindPassword": "xxxxxxxx", "searchDn": "cn=users,cn=accounts,dc=bybon,dc=cn", "searchStandard": "mail", "emailPostfix": "@bybon.cn", "emailKey": "mail", "usernameKey": "displayName" } 这里需要修改一下,vi my-yapi/vendors/server/controllers/user.js 理由如下,登录的时候,yapi的逻辑是先判断用户邮件,把邮件中的用户名摘出来,然后加上配置中的邮件域。 这个逻辑在ldap中就不对了,改成如下格式,这样直接输入ldap用户名就可以登录了 /** * ldap登录 * @interface /user/login_by_ldap * @method * @category user * @foldnumber 10 * @param {String} email email名称,不能为空 * @param {String} password 密码,不能为空 * @returns {Object} * */ async getLdapAuth(ctx) { try { const { email, password } = ctx.request.body; //no const username = email.split(/\@/g)[0]; //1 const { info: ldapInfo } = await ldap.ldapQuery(email, password); //2 const emailPrefix = email.split(/\@/g)[0]; //3 const emailPostfix = yapi.WEBCONFIG.ldapLogin.emailPostfix; //zrr const emailPrefix = email.split(/\@/g)[0]; const emailPostfix = yapi.WEBCONFIG.ldapLogin.emailPostfix; const { info: ldapInfo } = await ldap.ldapQuery( (emailPostfix ? emailPrefix + emailPostfix : email),password); //zrr const emailParams = ldapInfo[yapi.WEBCONFIG.ldapLogin.emailKey || 'mail'] || (emailPostfix ? emailPrefix + emailPostfix : email); const username = ldapInfo[yapi.WEBCONFIG.ldapLogin.usernameKey] || emailPrefix;

2023年4月12日

Dell得Idrac临时license

新公司的dell服务器idrac居然没有license,无法远程,找了dell要了一个临时license给装上,其实装好系统就不会太用到了,记录一下,以后备用。 <?xml version="1.0"?> <!--Copyright (c) 2010-2011 Dell Inc. All Rights Reserved.--> <lns:LicenseClass xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:lns="http://www.dell.com/2011/12G/licensing"> <lns:LicenseData> <lns:Schema lns:Vendor="Dell" lns:ID="iDRAC" lns:maxDepth="255" lns:SchemaVersion="2.0"/> <lns:TransferableLicense>false</lns:TransferableLicense> <lns:UTCdateSold>2011-09-20T16:10:37Z</lns:UTCdateSold> <lns:EntitlementID>56r8irR7fV5w3MIxlJUFL9Ph_Lori_Matthews</lns:EntitlementID> <lns:DeviceClass lns:ID="iDRAC"/> <lns:ProductDescription> <lns:lang_en>iDRAC7 Enterprise Evaluation License</lns:lang_en> <lns:lang_es>iDRAC7 Enterprise Evaluation License</lns:lang_es> <lns:lang_fr>iDRAC7 Enterprise Evaluation License</lns:lang_fr> <lns:lang_de>iDRAC7 Enterprise Evaluation License</lns:lang_de> <lns:lang_it>iDRAC7 Enterprise Evaluation License</lns:lang_it> <lns:lang_ja>iDRAC7 Enterprise Evaluation License</lns:lang_ja> <lns:lang_zh>iDRAC7 Enterprise Evaluation License</lns:lang_zh> </lns:ProductDescription> <lns:LicenseTerm> <lns:Evaluation lns:Duration="P30D"/> </lns:LicenseTerm> <lns:DeviceInfo lns:ID="1" lns:VendorID="0x1912" lns:DeviceID="0x0011"/> <lns:Feature lns:ID="1" lns:Description="License Management" lns:Enabled="true"/> <lns:Feature lns:ID="2" lns:Description="RACADM" lns:Enabled="true"/> <lns:Feature lns:ID="3" lns:Description="WSMAN" lns:Enabled="true"/> <lns:Feature lns:ID="4" lns:Description="SNMP" lns:Enabled="true"/> <lns:Feature lns:ID="5" lns:Description="Auto Discovery" lns:Enabled="true"/> <lns:Feature lns:ID="6" lns:Description="USC Firmware Update" lns:Enabled="true"/> <lns:Feature lns:ID="7" lns:Description="Update Package" lns:Enabled="true"/> <lns:Feature lns:ID="8" lns:Description="USC Operating System Deployment" lns:Enabled="true"/> <lns:Feature lns:ID="9" lns:Description="USC Device Configuration" lns:Enabled="true"/> <lns:Feature lns:ID="10" lns:Description="USC Diagnostics" lns:Enabled="true"/> <lns:Feature lns:ID="11" lns:Description="Power Budget" lns:Enabled="true"/> <lns:Feature lns:ID="12" lns:Description="Power Monitoring" lns:Enabled="true"/> <lns:Feature lns:ID="13" lns:Description="Virtual Media" lns:Enabled="true"/> <lns:Feature lns:ID="14" lns:Description="Telnet" lns:Enabled="true"/> <lns:Feature lns:ID="15" lns:Description="SMASH CLP" lns:Enabled="true"/> <lns:Feature lns:ID="16" lns:Description="IPv6" lns:Enabled="true"/> <lns:Feature lns:ID="17" lns:Description="Dynamic DNS" lns:Enabled="true"/> <lns:Feature lns:ID="18" lns:Description="Dedicated NIC" lns:Enabled="true"/> <lns:Feature lns:ID="19" lns:Description="Directory Services" lns:Enabled="true"/> <lns:Feature lns:ID="20" lns:Description="Two-Factor Authentication" lns:Enabled="true"/> <lns:Feature lns:ID="21" lns:Description="Single Sign-On" lns:Enabled="true"/> <lns:Feature lns:ID="22" lns:Description="PK Authentication" lns:Enabled="true"/> <lns:Feature lns:ID="23" lns:Description="Crash Screen Capture" lns:Enabled="true"/> <lns:Feature lns:ID="24" lns:Description="Crash Video Capture" lns:Enabled="true"/> <lns:Feature lns:ID="25" lns:Description="Boot Capture" lns:Enabled="true"/> <lns:Feature lns:ID="26" lns:Description="Virtual Console" lns:Enabled="true"/> <lns:Feature lns:ID="27" lns:Description="Virtual Flash Partitions" lns:Enabled="true"/> <lns:Feature lns:ID="28" lns:Description="Console Collaboration" lns:Enabled="true"/> <lns:Feature lns:ID="29" lns:Description="Device Monitoring" lns:Enabled="true"/> <lns:Feature lns:ID="30" lns:Description="Remote Inventory" lns:Enabled="true"/> <lns:Feature lns:ID="31" lns:Description="Storage Monitoring" lns:Enabled="true"/> <lns:Feature lns:ID="32" lns:Description="Remote Firmware Update" lns:Enabled="true"/> <lns:Feature lns:ID="33" lns:Description="Remote Firmware Configuration" lns:Enabled="true"/> <lns:Feature lns:ID="34" lns:Description="Remote Inventory Export" lns:Enabled="true"/> <lns:Feature lns:ID="35" lns:Description="Remote Operating System Deployment" lns:Enabled="true"/> <lns:Feature lns:ID="36" lns:Description="Backup and Restore" lns:Enabled="true"/> <lns:Feature lns:ID="37" lns:Description="Part Replacement" lns:Enabled="true"/> <lns:Feature lns:ID="38" lns:Description="SSH" lns:Enabled="true"/> <lns:Feature lns:ID="39" lns:Description="Remote File Share" lns:Enabled="true"/> <lns:Feature lns:ID="40" lns:Description="Virtual Folders" lns:Enabled="true"/> <lns:Feature lns:ID="41" lns:Description="Web GUI" lns:Enabled="true"/> <lns:Feature lns:ID="42" lns:Description="Network Time Protocol" lns:Enabled="true"/> <lns:Feature lns:ID="43" lns:Description="Email Alerts" lns:Enabled="true"/> <lns:Feature lns:ID="44" lns:Description="Security Lockout" lns:Enabled="true"/> <lns:Feature lns:ID="45" lns:Description="Remote Syslog" lns:Enabled="true"/> <lns:Feature lns:ID="253" lns:Description="Integrated Dell Remote Access Controller 7 Enterprise" lns:Enabled="true"/> </lns:LicenseData> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI=""> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue>DrtnjP0vUsyT+18jazjmiaGrvc0=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>Qg4Omx1ZGrVllUPbg/X25aJxK5qlNCF/G04NLwXhbmpqoplSRkCCUgb+6TvVz9b3 Ut7sSa/WjA0mv+mbcqIENTAnpveIkIOQPR3mdjCBwX2cLYieV9nOIGobxqHU7o97 QjbSAkmTHcRo0PI6mP8tc7Od4WNWMZ48rrUBeOrVOr1EZeptPUbeaSofy4nvlzbC pcpzZLbjAITT157r9KiFe9joG2hCEClrQPO0ScXHgKXrAWrQE9wX7e2De4uCvJwI hGWpJzDQNJJZbsWhDoZJn/59G/KRjzxIHIzIpUt1XPPIGHl5yMXDaRFcIMES0RuJ SWZS8tt9E001Fr/8/jQNgA==</dsig:SignatureValue> <dsig:KeyInfo> <dsig:X509Data> <dsig:X509Certificate>MIIDTjCCAjagAwIBAgIBATANBgkqhkiG9w0BAQUFADBRMRMwEQYDVQQKEwpEZWxs LCBJbmMuMSEwHwYDVQQLExhFbWJlZGRlZCBMaWNlbnNlIE1hbmFnZXIxFzAVBgNV BAMTDkNBIENlcnRpZmljYXRlMB4XDTEwMDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1 OVowVjETMBEGA1UEChMKRGVsbCwgSW5jLjEhMB8GA1UECxMYRW1iZWRkZWQgTGlj ZW5zZSBNYW5hZ2VyMRwwGgYDVQQDExNTaWduaW5nIENlcnRpZmljYXRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbRo2DZtkjxl5YtqD5ePYdzrWbkU YQJwVaWYe1tE7ZAdou5TLTsjPnaa1cLcPTexn+cq8YjukIVwkwJP7yJ5GkrYGUnf 0Q6unWWgwcgTStlpflz31e8AbxXqNYZEFvEktojYS0kAfiYES+H02GUU5PtV7B9Y BbtZEowU2DPuqRGG1FF8mAsp1vojcbQGx+nS2Of47oQJRrJlh28COXyf2w/+IRAz RmeYin+9pisfrT9fmlUtxa7sAAV/KZFRx8ED31YiktXgI/u/PNnHlchiCMaL6pzA HMBf115O7A2y6IZ9sXUHvH8V9QnDkWT1XHMn8GCW8HXOA5zA232OxiaRmQIDAQAB oywwKjAJBgNVHRMEAjAAMB0GA1UdDgQWBBQAoZ7yMjDHMAFtmmmO/zyz3BJ6hjAN BgkqhkiG9w0BAQUFAAOCAQEAHHgoOg57S+lAEejahdBE1HMwe6BF3b9bzUMCynn9 7buXa3cnRFO3H3674WKU6nBjv4nkT3qMyXwgi7MvXcu69msK4eM6QA8XeC7G1rD+ 2bb/ENR9R9Zo0BWLym/ij8uUA/BzX8hnbzWxN82+FMdY9WD4fJAJwJ5ZPEbU1Vfy 7wOWosHgDPXjeAhlhkxDQi6vlRTJdfED6tBY7iGD4AQXfzrHzAZpZlIvKbM2c54B 65wMSlqfEWMBDhT5qcwGCq82hmi7/sCtu9Z20g2s9F0fp4XlGX8L7l0hCa46zjay 37GffYsScEDFg/DmkIpcXnGzyx8l1msLzpj8Gt4zHhPlgA==</dsig:X509Certificate> </dsig:X509Data> </dsig:KeyInfo> </dsig:Signature></lns:LicenseClass> 文件下载:iDRAC7_Ent_Trial.xml ...

2023年4月6日

利用graphviz描述语言绘图

graphviz是很强烈的描述语言绘图工具 安装: apt install graphviz 或 yum install graphviz 生成png dot -Tpng hn.gv -o hn.png vi hg.gv digraph MyGraph { compound = true margin="0,0" ranksep = 1 nodesep = 1 rankdir=LR {rank=same;防火墙;日志审计} subgraph cluster_app { label="海南应用" rankdir=LR margin = 10 {rank=same;app01;app02} app01 [label="app01\n内网:192.168.0.10"] app02 [label="app02\n内网:192.168.0.11"] storage01 [label="storage01\n内网:192.168.0.30"] subgraph cluster_db { style = dotted label="数据库主/备" {rank=same;db02;db01} db01 [label="db01\n内网:192.168.0.20"] db02 [label="db02\n内网:192.168.0.21"] db01 -> db02 [dir=both] } app01 -> db01 [splines=true,lhead=cluster_db] app02 -> db01 [splines=true,lhead=cluster_db] app01 -> storage01 app02 -> storage01 } ​ ...

2023年4月3日

TrueNAS系统如何增加新硬盘

之前公司世纪互联和无锡的TureNAS现有硬盘都是38块,满配是60块,所以都需要扩容,扩满再增加22块。 TrueNAS的Raid是使用的RaidZ3,基于ZFS的,最多允许3块盘坏 首先会建立zpool,然后在zpool里面增加vdev,注意,vdev一旦增加,不可更改。 我们这里就犯了第一个错误,所有vdev的磁盘数量最好相等,所以第一次应该先增加30块盘,然后第二次再增加30块,这样两个vdev就是均衡的 现在我们这种状况,第一个vdev是38块,第二个vdev是22块,不对等了,会警告 具体添加步骤如下: 首先浪潮工程师到现场加盘,盘必须做好清除信息,用以下命令通过 dd if=/dev/zero of=/dev/da59 bs=1M count=32 然后插好盘后,必须重启Trunas,才能正常认出盘来,不能热插拔(很奇怪) Storage –> Pools –> 点击齿轮 –> Add Vdevs 然后选中所有左边的Available Disks,移到右边的Data VDevs 然后看最下面会立刻出红色警告,提示两个vdev的disks不对等 点击ADD VDEVS,会弹窗警告,选中Confirm,然后点Continue 会继续弹出一个警告窗,这回就明晰了,旧的数据不会破坏,然后继续选中Confirm,然后点ADD VDEVS 然后就会开始初始化硬盘 最后查看zpool,看到有两个RAIDZ3,就加好了

2023年3月31日

dell服务器idrac常用操作脚本

收录一下 dell 服务器 idrac 操作常用脚本 显示Raid卡硬盘 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm raid get controllers sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm raid get vdisks sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm raid get pdisks 清理Foreign磁盘状态 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm storage clearconfig:RAID.Integrated.1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm jobqueue create RAID.Integrated.1-1 -s TIME_NOW --realtime 删除vdisk sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.5.14 racadm raid deletevd:Disk.Virtual.0:RAID.Integrated.1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm jobqueue create RAID.Integrated.1-1 -s TIME_NOW --realtime 建立Raid0 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm raid createvd:RAID.Integrated.1-1 -rl r0 -wp wb -rp ra -name raid_0 -pdkey:Disk.Bay.0:Enclosure.Internal.0-1:RAID.Integrated.1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm jobqueue create RAID.Integrated.1-1 -s TIME_NOW --realtime 建立Raid5 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm raid createvd:RAID.Integrated.1-1 -rl r5 -wp wb -rp ra -name raid_5 -pdkey:Disk.Bay.1:Enclosure.Internal.0-1:RAID.Integrated.1-1,Disk.Bay.2:Enclosure.Internal.0-1:RAID.Integrated.1-1,Disk.Bay.3:Enclosure.Internal.0-1:RAID.Integrated.1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm jobqueue create RAID.Integrated.1-1 -s TIME_NOW --realtime 重启服务器 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm serveraction hardreset 设置硬盘第一启动,禁止F1/F2等待 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set BIOS.biosbootsettings.BootSeq HardDisk.List.1-1,NIC.Integrated.1-1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set BIOS.MiscSettings.ErrPrompt Disabled sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.5.16 racadm jobqueue create BIOS.Setup.1-1 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm serveraction hardreset 设置vnc sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.vncserver.enable Enabled sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.vncserver.Password calvin 设置idrac其他用户 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm config -g cfgUserAdmin -o cfgUserAdminUserName -i 4 newuser sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 4 123456 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm config -g cfgUserAdmin -o cfgUserAdminPrivilege -i 4 0x000001ff sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm config -g cfgUserAdmin -o cfgUserAdminEnable -i 4 1 改掉密码 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm config -g cfgUserAdmin -o cfgUserAdminPassword -i 4 987654 NTP的设置 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.ipv4static.dns1 8.8.8.8 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp1 0.asia.pool.ntp.org sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp2 1.asia.pool.ntp.org sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp3 2.asia.pool.ntp.org sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp1 129.250.35.250 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp2 180.211.88.50 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.ntp3 202.112.29.82 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.NTPEnable Enabled sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.NTPConfigGroup.NTPMaxDist 16 sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set idrac.time.timezone Japan 修改网卡启动为Legacy PXE sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm get nic.nicconfig.1 | grep Legacy sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm set nic.nicconfig.1.legacybootproto PXE sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm get nic.nicconfig.1 | grep Legacy sshpass -p "calvin" ssh -oLogLevel=ERROR -oStrictHostKeyChecking=no root@10.224.$1 racadm jobqueue create NIC.Integrated.1-1-1 ipmitool -I lanplus -H $ip -U root -P calvin chassis power reset

2023年3月31日