|
Configure NIS Slave
2017/07/20 |
|
Configure NIS Slave Server to continue NIS service if NIS master server would be down.
+----------------------+ | +----------------------+ | [ NIS Server ] |10.0.0.30 | 10.0.0.31| [ NIS Client ] | | dlp.srv.world +----------+----------+ www.srv.world | | | | | | +----------------------+ | +----------------------+ +----------------------+ | | [ NIS node01 ] |10.0.0.51 | | node01.srv.world +----------+ | | +----------------------+ |
| [1] | |
| [2] | Install and Configure Ypserv on NIS Slave Server. |
|
[root@node01 ~]#
dnf -y install ypserv rpcbind
[root@node01 ~]#
vi /var/yp/securenets # create new (specify networks you allow to access) 255.0.0.0 127.0.0.0 255.255.255.0 10.0.0.0
[root@node01 ~]#
vi /etc/hosts # add NIS master and slave 10.0.0.30 dlp.srv.world dlp 10.0.0.51 node01.srv.world node01
[root@node01 ~]#
systemctl start rpcbind ypserv ypxfrd yppasswdd [root@node01 ~]# systemctl enable rpcbind ypserv ypxfrd yppasswdd
# sync with NIS master server [root@node01 ~]# /usr/lib64/yp/ypinit -s dlp.srv.world We will need a few minutes to copy the data from dlp.srv.world. Transferring group.bygid... Trying ypxfrd ... success ... ... At this point, make sure that /etc/passwd and /etc/group have been edited so that when the NIS is activated, the data bases you have just created will be used, instead of the /etc ASCII files. |
| [3] | If Firewalld is running, it needs to allow NIS services or ports. Some services listen different ports when they restart, so fix ports for them and allow them by Firewalld. |
|
[root@node01 ~]#
vi /etc/sysconfig/network # add to the end YPSERV_ARGS="-p 944" YPXFRD_ARGS="-p 945"
[root@node01 ~]#
vi /etc/sysconfig/yppasswdd # add like follows YPPASSWDD_ARGS=" --port 946 "
[root@node01 ~]#
[root@node01 ~]# systemctl restart rpcbind ypserv ypxfrd yppasswdd
firewall-cmd --add-service=rpc-bind --permanent [root@node01 ~]# firewall-cmd --add-port={944/tcp,944/udp,945/tcp,945/udp,946/udp} --permanent [root@node01 ~]# firewall-cmd --reload |
| [4] |
NIS master server is also required to be a NIS client.
Configure NIS master server as a NIS Client, refer to here.
|
| [5] | Configure on NIS master server for new NIS Slave. |
|
[root@dlp ~]#
vi /var/yp/Makefile # line 23: change NOPUSH= false
# update NIS database [root@dlp ~]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. dlp.srv.world is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: dlp.srv.world
# specify NIS slave next host to add: node01.srv.world next host to add: # Ctrl + D key The current list of NIS servers looks like this: dlp.srv.world node01.srv.worldIs this correct? [y/n: y] y We need a few minutes to build the databases... Building /var/yp/srv.world/ypservers... ... ... Now you can run ypinit -s dlp.srv.world on all node01 server. |
| [6] | Configure on NIS Client to bind NIS slave, too. |
|
[root@www ~]#
vi /etc/yp.conf # add slave server's setting to the end domain srv.world server dlp.srv.world
domain srv.world server node01.srv.world
systemctl restart ypbind
|