document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-28 23:20:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2020-06-03 15:43:48 +08:00
commit 30a04fcbdc
5 changed files with 799 additions and 238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

227
published/20200511 Modify a disk image to create a Raspberry Pi-based homelab.md Normal file
View File

@ -0,0 +1,227 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12277-1.html)
[#]: subject: (Modify a disk image to create a Raspberry Pi-based homelab)
[#]: via: (https://opensource.com/article/20/5/disk-image-raspberry-pi)
[#]: author: (Chris Collins https://opensource.com/users/clcollins)
修改磁盘镜像来创建基于树莓派的家庭实验室
======
> 使用树莓派或其它单板机创建一个“家庭私有云”。
![](https://img.linux.net.cn/data/attachment/album/202006/03/123435csm7ys7mkbw7ggjy.jpg)
构建一个[家庭实验室][2]可以是一个有趣的方式,可以让你学习的新概念和实验新技术时还能自娱自乐。得益于以 [树莓派][3] 为首的单板计算机SBC的流行在舒适的家里就可以轻松构建一个多计算机实验室。比起试图在主流的云服务商建立的相同配置创建一个“家庭私有云”以花更少的钱来体验到云原生技术也是一个极好的方法。
这篇文章阐述如何修改树莓派或其它的单板机的磁盘镜像,预配置主机的 SSH并禁用首次启动时强制竞选交互配置的服务。这是一个让你的设备“即启动即运行”的极好方法类似于云端实例。之后你可以使用自动化的流程通过 SSH 连接来进行更专业和更深入的配置。
此外, 当向你的实验室添加更多的树莓派时,修改磁盘镜像可以来让你只需要将该镜像写到一个 SD 卡、放入树莓派中就可以了!
![Multiple Raspberry Pi computers, a switch, and a power bank][4]
### 解压缩和挂载镜像
对于这个项目,你需要修改一个服务器磁盘镜像。在测试期间,我使用 [Fedora Server 31 ARM][5]。在你下载该磁盘镜像并[验证其校验和][6]之后,你需要将其解压缩并挂载其到宿主机的文件系统的某个位置上,以便你可以根据需要修改它。
你可以使用 [xz][7] 命令通过 `--decompress` 参数来解压缩 Fedora 服务器镜像:
```
xz --decompress Fedora-Server-armhfp-X-y.z-sda.raw.xz
```
这会留下一个解压缩后的原始磁盘镜像(它会自动地替换 `.xz` 压缩文件。这个原始磁盘镜像就像它听起来的那样一个包含格式化后安装好的磁盘上的所有数据的文件。这包含分区信息、启动分区、root 分区以及其它分区。你需要挂载你打算在其中进行修改的分区,但是要做到这一点,你需要知道磁盘镜像中的分区起始位置和扇区大小,这样你才可以挂载该文件正确的扇区。
幸运的是,你可以在一个磁盘镜像上使用 [fdisk][8] 命令,就像在实际磁盘上使用一样容易。使用 `--list``-l` 参数来查看分区的列表和其信息:
```
# 使用 fdisk 来列出原始镜像文件的分区:
$ fdisk -l Fedora-Server-armhfp-31-1.9-sda.raw
Disk Fedora-Server-armhfp-X-y.z-sda.raw: 3.2 GiB, 3242196992 bytes, 6332416 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xdaad9f57
Device                               Boot   Start     End Sectors  Size Id Type
Fedora-Server-armhfp-X-y.z-sda.raw1         8192  163839  155648   76M  c W95 F
Fedora-Server-armhfp-X-y.z-sda.raw2 *     163840 1163263  999424  488M 83 Linux
Fedora-Server-armhfp-X-y.z-sda.raw3      1163264 6047743 4884480  2.3G 83 Linux
```
你需要的所有信息都可在上面的输出中获得。第 3 行表示扇区大小包括逻辑和物理的512 字节 / 512 字节。
设备列表显示的是原始磁盘镜像中的分区。第一个,`Fedora-Server-armhfp-X-y.z-sda.raw1` 毫无疑问是引导程序分区,因为它是第一个,很小(仅仅 76MB而且类型被标识为 `c`,即 W95 FAT32LBA这是一个从 SD 卡启动的 FAT32 分区。
第二个分区也不是非常大,只有 488MB。这个分区是一个 Linux 原生类型分区Id 83它可能是包含内核和 [initramfs][9] 的 Linux 启动分区。
第三个分区可能是你需要的东西:它有 2.3GB 大小,所以在它其中应该有发行版的主要部分,并且它是一个 Linux 原生分区类型,这也是在预料之中的。这个分区应该包含了你需要修改的分区和数据。
第三个分区从扇区 1163264 开始(在 `fdisk` 的输出中被显示为 `Start` 列),所以你的挂载偏移量是 `595591168`计算方法是将扇区大小512乘以起始扇区1163264`512 * 1163264`)。这意味着你需要以偏移量 `595591168` 挂载该文件,才能挂载到正确位置。
装备了这些信息,现在你可以将第三个分区挂载到你的家目录中了:
```
$ mkdir ~/mnt
$ sudo mount -o loop,offset=595591168 Fedora-Server-armhfp-X-y.z-sda.raw ~/mnt
$ ls ~/mnt
```
### 直接在磁盘镜像中作业
在磁盘镜像被解压缩和被挂载到宿主机上的一个位置后,就可以修改镜像以符合你的需求。在我看来,对镜像进行更改的最简单的方法是使用 `chroot` 来将你会话的工作根目录更改为挂载镜像的工作根目录。不过,有点棘手。
在你改变了根目录后,你的会话将使用新的根目录下的二进制文件。除非你是在一个 ARM 系统做这些所有的操作,否则解压缩后的磁盘镜像的架构将与你正在使用的宿主机系统不同。即使在 chroot 环境中,宿主机系统也无法使用一个不同架构的二进制文件。至少,不能在本机使用。
幸运的是这里有一个解决方案qemu-user-static。来自 [Debian Wiki][10] 的说明:
> “[qemu-user-static] 提供了用户模式的仿真二进制文件是静态构建的。在这个模式中QEMU 可以在一个 CPU 上启动为另一个 CPU 编译的 Linux 进程 …… 如果安装了 binfmt-support 软件包qemu-user-static 软件包会注册提供的仿真器可以处理的二进制文件格式,以便其能够直接运行其他架构的二进制文件。”
这正是你需要在 chroot 环境中非本地架构中工作所需的。如果宿主机系统是 Fedora使用 DNF 来安装 `qemu-user-static` 软件包,并重新启动 `systemd-binfmt.service`
```
# 使用 DNF 启用非本地的 arch chroot 环境,添加新的二进制文件格式信息
# 输出镜像了精简
$ dnf install qemu-user-static
$ systemctl restart systemd-binfmt.service
```
使用这种方法,你一个能够更改根目录到挂载的磁盘镜像,运行 `uname` 命令来验证一切都在正常:
```
sudo chroot ~/mnt/ /usr/bin/uname -a -r
Linux marvin 5.5.16-200.fc31.x86_64 #1 SMP Wed Apr 8 16:43:33 UTC 2020 armv7l armv7l armv7l GNU/Linux
```
在 chroot 环境中运行 `uname` 将在输出中显示 `armv7l`,这个原始磁盘镜像的架构, 而不是宿主机的架构。一切如预期,可以继续修改镜像了。
### 修改磁盘镜像
现在你可以直接切换到这个基于 ARM 的磁盘镜像中,并在该环境中工作了,你可以对镜像自身镜像修改了。你需要设置该镜像,以便它能够启动并可立即访问,而不需要在树莓派上做任何额外的设置。为此,你需要安装并启用 sshdOpenSSH 守护进程),并为 SSH 访问添加授权密码。
为了使其表现得更像一个云环境,实现在家里建立私有云的梦想,添加一个本地用户,给予该用户 `sudo` 权限,并(为了像云端的重度用户一样)允许该用户无需密码就可以使用 `sudo`
所以,你将做的事情是:
* 安装并启用 SSHDSSHD 已经在 Fedora ARM 镜像中安装并启用,但是你可能需要为你发行版手动执行这些工作)
* 设置一个本地用户
* 允许本地用户来使用 `sudo`(无需密码,可选)
* 添加授权密钥
* 允许 root 使用授权密码镜像 SSH可选
我使用 GitHub 功能,它允许你上传你的 SSH 公钥,并在 [https://github.com/<your_github_username>.keys][11] 处可访问。我发现这是一种很方便的分发公钥的方法,不过我生性多疑,我总是检查下载的密钥是否与我预期的匹配。如果你不想使用这种方法,你可以从你宿主机中复制你公钥到 chroot 环境中,或者你可以将公钥托管在你控制的 Web 服务器上以便使用相同的工作流。
要开始修改磁盘镜像,再次切换根目录到挂载的磁盘镜像中,这次启动一个 shell以便可以运行多个命令
```
# 为了简洁起见,省略了这些命令的输出(如果有的话)
$ sudo chroot ~/mnt /bin/bash
# 安装 openssh-server ,并启用它 (在 Fedora 上已经完成)
$ dnf install -y openssh-server
$ systemctl enable sshd.service
# 允许 root 使用授权密码访问 SSH
$ mkdir /root/.ssh
# 下载或者另外添加授权密码文件,你的公共密码
# 将 URL 替换为你自己公共密码的路径
$ curl <https://github.com/clcollins.keys> -o /root/.ssh/authorized_keys
$ chmod 700 /root/.ssh
$ chmod 600 /root/.ssh/authorized_keys
# 添加一个本地用户,并放置他们到 wheel 组中
# 将组和用户更改为您想要的一切
useradd -g chris -G wheel -m -u 1000 chris
# 下载并添加你的授权密码
# 像你上面所做的那样更改 home 目录和URL
mkdir /home/chris/.ssh
curl <https://github.com/clcollins.keys> -o /home/chris/.ssh/authorized_keys
chmod 700 /home/chris/.ssh
chmod 600 /home/chris/.ssh/authorized_keys
chown -R chris.chris /home/chris/.ssh/
# 允许 wheel 组( 使用你的本地用户) 不需要使用密码来使用 suso
echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-nopasswd
```
这就是树莓派或其它单板机在首次启动时需要完成设置 SSH 的全部工作。不过每个发行版都有自己的特点。例如Raspbian 已经包含一个本地用户:`pi`,并且不使用 `wheel` 组。因此对于 Raspbian 来说,最好使用现有用户,或者删除 `pi` 用户,并使用另一个用户来替换它。
在 Fedora ARM 的情况下,镜像会在首次引导启动时提示你完成设置。这会破坏你在上面所做的修改的目的,尤其是在设置完成之前,它会完全阻止启动。你的目标是使树莓派的功能类似于私有云的基础设施的一部分一样运行,而这个工作流程包括在主机启动时通过 SSH 远程设置主机。 禁用初始化设置,它由 `initial-setup.service` 控制:
```
# 对多用户和图形目标禁用 initial-setup.service
unlink /etc/systemd/system/multi-user.target.wants/initial-setup.service
unlink /etc/systemd/system/graphical.target.wants/initial-setup.service
```
当你在 chroot 环境时,你可以对你系统做任何你想做的其它更改,或者就放在那里,在第一次启动后,按照云原生的工作流通过 SSH 进行配置。
### 重新压缩并安装修改后的镜像
完成了这些更改后,剩下的就是重新压缩磁盘镜像,并将其安装其到你的树莓派的 SD 卡上。
确保退出 chroot 环境,然后卸载磁盘镜像:
```
$ sudo umount ~/mnt/
```
就像最初解压缩镜像一样,你可以再次使用 `xz` 命令来压缩镜像。通过使用 `--keep` 参数,`xz` 将保留原始的镜像,而不是清理掉它。虽然这会占用更多的磁盘空间,但保留下来的未压缩镜像将允许你对正在处理的镜像进行增量更改,而不需要每次都对其进行解压缩。这对于在测试和调整镜像时节省时间是非常好的。
```
# 压缩压缩磁盘镜像为一个 .xz 文件,但保留原始磁盘镜像
xz --compress Fedora-Server-armhfp-31-1.9-sda.raw --keep
```
压缩过程将花费一些时间,所以趁着这个时间站起来,舒展身体,让你的血液再次流动。
在压缩完成后,可以将新的、已修改过的磁盘镜像复制到 SD 卡上,以便与树莓派一起使用。标准的 `dd` 方法将镜像放置到 SD 卡上也很好用,但是我喜欢使用 Fedora 的 `arm-image-installer`,因为它因为它在处理未经编辑的镜像时提供了一些选项。它对编辑过的镜像也很好用,并且比 `dd` 命令更友好一些。
确保检查 SD 卡在哪个磁盘驱动器上,并用 `--media` 参数使用它:
```
# 使用 arm-image-installer 来复制已修改的磁盘镜像到 SD 卡上
arm-image-installer --image=Fedora-Server-armhfp-X-y.z-sda.raw.xz --target=rpi3 --media=/dev/sdc --norootpass --resizefs -y
```
现在,你已经为树莓派或其它单板机准备好了一个新的、已修改的 Fedora Server ARM 镜像,准备好启动并立即 SSH 到你的修改镜像中。这种方法也可以用来做其它的修改,并且你也可以使用其它发行版的原始磁盘镜像,如果你更喜欢它们,而不是 Fedora 的话。这是一个开始构建家庭实验室私有云的良好基础。在以后的文章中,我将指导你使用云技术和自动化建立一个家庭实验室。
### 延伸阅读
为了学习如何做这篇文章中的事情,我做了很多研究。以下是我找到的两个对学习如何定制磁盘映像和使用非原生架构最有帮助的资料。它们对我从“不知道自己在做什么”到“我能够完成它!”非常有帮助。
* [如何修改你的自定义 Linux 发行版的原始磁盘镜像][12]
* [使用 DNF 维基][13]
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/5/disk-image-raspberry-pi
作者:[Chris Collins][a]
选题:[lujun9972][b]
译者:[robsean](https://github.com/robsean)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/clcollins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/science_experiment_beaker_lab.png?itok=plKWRhlU (Science lab with beakers)
[2]: https://opensource.com/article/19/3/home-lab
[3]: https://opensource.com/resources/raspberry-pi
[4]: https://opensource.com/sites/default/files/uploads/raspberrypi_homelab.jpg (Multiple Raspberry Pi computers, a switch, and a power bank)
[5]: https://arm.fedoraproject.org/
[6]: https://arm.fedoraproject.org/verify.html
[7]: https://tukaani.org/xz/
[8]: https://en.wikipedia.org/wiki/Fdisk
[9]: https://wiki.debian.org/initramfs
[10]: https://wiki.debian.org/RaspberryPi/qemu-user-static
[11]: https://github.com/%3Cyour_github_username%3E.keys
[12]: https://www.linux.com/news/how-modify-raw-disk-image-your-custom-linux-distro/
[13]: https://wiki.mageia.org/en/Using_DNF#Setting_up_a_container_for_a_non-native_architectur

72
sources/news/20200602 Edge investments, data navigators, and more industry trends.md Normal file
View File

@ -0,0 +1,72 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Edge investments, data navigators, and more industry trends)
[#]: via: (https://opensource.com/article/20/6/open-source-industry-trends)
[#]: author: (Tim Hildred https://opensource.com/users/thildred)
Edge investments, data navigators, and more industry trends
======
A weekly look at open source community and industry trends.
![Person standing in front of a giant computer screen with numbers, data][1]
As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.
## [Call to Participate: 1H 2020 CNCF Cloud Native Survey][2]
> The information gathered from the survey is used by CNCF to better understand the current cloud native ecosystem. It can be used by the community as a data point to consider as they develop their cloud native strategies. Help out CNCF and the community by filling out the [survey][3]! The results will be open sourced and shared on [GitHub][4] as well as a report in the June time frame. To see last years results, read the [2019 survey report][5].
**The impact**: The CNCF has a lot going on; help them prioritize your priorities.
## [Where are edge computing investments going?][6]
> We are seeing five main pools of capital flowing into edge computing:
>
> 1. Earlier stage and higher risk VCs and private equity (PE);
> 2. Later stage and lower risk infrastructure funds;
> 3. Public cloud providers looking to exploit the assets of telecoms operators (and others);
> 4. Tech companies carving out a role in edge computing as a new opportunity or to support their existing business;
> 5. Telecoms operators themselves looking to build positions beyond basic infrastructure.
>
**The impact**: It is still early days in edge computing; early enough to get your wildly impraticle open source edge startup funded from one of these pools.
## [The New Stack Context: Is Kubernetes the New App Server?][7]
> Most enterprise OpenStack vendors focused on sort of a public cloud competition path, if you will. However, I think because of that deeply rooted in infrastructure focus, most of those vendors didnt acknowledge the value of the platform services that the public cloud offered,” She said. “Theres something I heard once, where everybody thinks that their layer in the stack is where the hard problems are. That every layer above them is easy. If youre deeply entrenched in infrastructure thinking, you dont appreciate the ways in which that ecosystem is developing above you.
**The impact**: That right there is why there is so much talk about the importance of empathy in software product development.
## [Happy Developers: Navigators of the data age][8]
> Data is not the new gold or oil, its the new oxygen. Every part of the modern business needs it, ranging from sales to marketing to product, all the way through security, data-science, and of course to engineering itself. However, the pursuit and effort to obtain data is not about blindly collecting, as opposed to what some vendors of big-data solutions might be claiming. Data is about quality before quantity. Each voyage is about getting to the right data at the right time and how to derive the right products from it. You dont want to drown in data, you want to swim in it. As historian Yuval Noah Harari put it in his bestselling book [Homo Deus: A History of Tomorrow][9]: “In ancient times having power meant having access to data. Today having power means knowing what to ignore.”
**The impact**: In the short term this is true, but only as far as it enables surviving in the longer term to the point where the blindly collected mass data becomes retroactively scrutable. Collect it all, ignore what you don't need right now, and return to the rest later when you know more and have more resources.
_I hope you enjoyed this list and come back next week for more open source community, market, and industry trends._
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/6/open-source-industry-trends
作者:[Tim Hildred][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/thildred
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/data_metrics_analytics_desktop_laptop.png?itok=9QXd7AUr (Person standing in front of a giant computer screen with numbers, data)
[2]: https://www.cncf.io/blog/2020/05/14/call-to-participate-1h-2020-cncf-cloud-native-survey/
[3]: https://www.surveymonkey.com/r/GG26PL5
[4]: https://github.com/cncf/surveys
[5]: https://www.cncf.io/wp-content/uploads/2020/03/CNCF_Survey_Report.pdf
[6]: https://data-economy.com/where-are-edge-computing-investments-going/
[7]: https://thenewstack.io/the-new-stack-context-is-kubernetes-the-new-app-server/
[8]: https://www.cncf.io/blog/2020/05/18/happy-developers-navigators-of-the-data-age/
[9]: https://www.goodreads.com/work/quotes/45087110

356
sources/tech/20200602 Control your computer time and date with systemd.md Normal file
View File

@ -0,0 +1,356 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Control your computer time and date with systemd)
[#]: via: (https://opensource.com/article/20/6/time-date-systemd)
[#]: author: (David Both https://opensource.com/users/dboth)
Control your computer time and date with systemd
======
Keep your computer time in sync with NTP, Chrony, and systemd-timesyncd.
![Alarm clocks with different time][1]
Most people are concerned with time. We get up in time to perform our morning rituals and commute to work (a short trip for many of us these days), take a break for lunch, meet a project deadline, celebrate birthdays and holidays, catch a plane, and so much more.
Some of us are even _obsessed_ with time. My watch is solar-powered and obtains the exact time from the [National Institute of Standards and Technology][2] (NIST) in Fort Collins, Colorado, via the [WWVB][3] time signal radio station located there. The time signals are synced to the atomic clock, also located in Fort Collins. My Fitbit syncs up to my phone, which is synced to a [Network Time Protocol][4] (NTP) server, which is ultimately synced to the atomic clock.
### Why time is important to computers
There are many reasons our devices and computers need the exact time. For example, in banking, stock markets, and other financial businesses, transactions must be maintained in the proper order, and exact time sequences are critical for that.
Our phones, tablets, cars, GPS systems, and computers all require precise time and date settings. I want the clock on my computer desktop to be correct, so I can count on my local calendar application to pop up reminders at the correct time. The correct time also ensures SystemV cron jobs and systemd timers trigger at the correct time.
The correct time is also important for logging, so it is a bit easier to locate specific log entries based on the time. For one example, I once worked in DevOps (it was not called that at the time) for the State of North Carolina email system. We used to process more than 20 million emails per day. Following the trail of email through a series of servers or determining the exact sequence of events by using log files on geographically dispersed hosts can be much easier when the computers in question keep exact times.
### Multiple times
Linux hosts have two times to consider: system time and RTC time. RTC stands for real-time clock, which is a fancy and not particularly accurate name for the system hardware clock.
The hardware clock runs continuously, even when the computer is turned off, by using a battery on the system motherboard. The RTC's primary function is to keep the time when a connection to a time server is not available. In the dark ages of personal computers, there was no internet to connect to a time server, so the only time a computer had available was the internal clock. Operating systems had to rely on the RTC at boot time, and the user had to manually set the system time using the hardware BIOS configuration interface to ensure it was correct.
The hardware clock does not understand the concept of time zones; only the time is stored in the RTC, not the time zone nor an offset from UTC (Universal Coordinated Time, which is also known as GMT, or Greenwich Mean Time). You can set the RTC with a tool I will explore later in this article.
The system time is the time known by the operating system. It is the time you see on the GUI clock on your desktop, in the output from the `date` command, in timestamps for logs, and in file access, modify, and change times.
The [`rtc` man page][5] contains a more complete discussion of the RTC and system clocks and RTC's functionality.
### What about NTP?
Computers worldwide use the NTP (Network Time Protocol) to synchronize their time with internet standard reference clocks through a hierarchy of NTP servers. The primary time servers are at stratum 1, and they are connected directly to various national time services at stratum 0 via satellite, radio, or even modems over phone lines. The time services at stratum 0 may be an atomic clock, a radio receiver that is tuned to the signals broadcast by an atomic clock, or a GPS receiver using the highly accurate clock signals broadcast by GPS satellites.
To prevent time requests from time servers or clients lower in the hierarchy (i.e., with a higher stratum number) from overwhelming the primary reference servers, several thousand public NTP stratum 2 servers are open and available for all to use. Many organizations and users (including me) with large numbers of hosts that need an NTP server choose to set up their own time servers, so only one local host accesses the stratum 2 or 3 time servers. Then they configure the remaining hosts in the network to use the local time server. In the case of my home network, that is a stratum 3 server.
### NTP implementation options
The original NTP implementation is **ntpd**, and it has been joined by two newer ones, **chronyd** and **systemd-timesyncd**. All three keep the local host's time synchronized with an NTP time server. The systemd-timesyncd service is not as robust as chronyd, but it is sufficient for most purposes. It can perform large time jumps if the RTC is far out of sync, and it can adjust the system time gradually to stay in sync with the NTP server if the local system time drifts a bit. The systemd-timesync service cannot be used as a time server.
[Chrony][6] is an NTP implementation containing two programs: the chronyd daemon and a command-line interface called chronyc. As I explained in a [previous article][7], Chrony has some features that make it the best choice for many environments, chiefly:
* Chrony can synchronize to the time server much faster than the old ntpd service. This is good for laptops or desktops that do not run constantly.
* It can compensate for fluctuating clock frequencies, such as when a host hibernates or enters sleep mode, or when the clock speed varies due to frequency stepping that slows clock speeds when loads are low.
* It handles intermittent network connections and bandwidth saturation.
* It adjusts for network delays and latency.
* After the initial time sync, Chrony never stops the clock. This ensures stable and consistent time intervals for many system services and applications.
* Chrony can work even without a network connection. In this case, the local host or server can be updated manually.
* Chrony can act as an NTP server.
Just to be clear, NTP is a protocol that is implemented on a Linux host using either Chrony or the systemd-timesyncd.service.
The NTP, Chrony, and systemd-timesyncd RPM packages are available in standard Fedora repositories. The systemd-udev RPM is a rule-based device node and kernel event manager that is installed by default with Fedora but not enabled.
You can install all three and switch between them, but that is a pain and not worth the trouble. Modern releases of Fedora, CentOS, and RHEL have moved from NTP to Chrony as their default timekeeping implementation, and they also install systemd-timesyncd. I find that Chrony works well, provides a better interface than the NTP service, presents much more information, and increases control, which are all advantages for the sysadmin.
### Disable other NTP services
It's possible an NTP service is already running on your host. If so, you need to disable it before switching to something else. I have been using chronyd, so I used the following commands to stop and disable it. Run the appropriate commands for whatever NTP daemon you are using on your host:
```
[root@testvm1 ~]# systemctl disable chronyd ; systemctl stop chronyd
Removed /etc/systemd/system/multi-user.target.wants/chronyd.service.
[root@testvm1 ~]#
```
Verify that it is both stopped and disabled:
```
[root@testvm1 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
     Loaded: loaded (/usr/lib/systemd/system/chronyd.service; disabled; vendor preset: enabled)
     Active: inactive (dead)
       Docs: man:chronyd(8)
             man:chrony.conf(5)
[root@testvm1 ~]#
```
### Check the status before starting
The systemd timesync's status indicates whether systemd has initiated an NTP service. Because you have not yet started systemd NTP, the `timesync-status` command returns no data:
```
[root@testvm1 ~]# timedatectl timesync-status
Failed to query server: Could not activate remote peer.
```
But a straight `status` request provides some important information. For example, the `timedatectl` command without an argument or options implies the `status` subcommand as default:
```
[root@testvm1 ~]# timedatectl status
           Local time: Fri 2020-05-15 08:43:10 EDT  
           Universal time: Fri 2020-05-15 12:43:10 UTC  
                 RTC time: Fri 2020-05-15 08:43:08      
                Time zone: America/New_York (EDT, -0400)
System clock synchronized: no                          
              NTP service: inactive                    
          RTC in local TZ: yes                    
Warning: The system is configured to read the RTC time in the local time zone.
         This mode cannot be fully supported. It will create various problems
         with time zone changes and daylight saving time adjustments. The RTC
         time is never updated, it relies on external facilities to maintain it.
         If at all possible, use RTC in UTC by calling
         'timedatectl set-local-rtc 0'.
[root@testvm1 ~]#
```
This returns the local time for your host, the UTC time, and the RTC time. It shows that the system time is set to the `America/New_York` time zone (`TZ`), the RTC is set to the time in the local time zone, and the NTP service is not active. The RTC time has started to drift a bit from the system time. This is normal with systems whose clocks have not been synchronized. The amount of drift on a host depends upon the amount of time since the system was last synced and the speed of the drift per unit of time.
There is also a warning message about using local time for the RTC—this relates to time-zone changes and daylight saving time adjustments. If the computer is off when changes need to be made, the RTC time will not change. This is not an issue in servers or other hosts that are powered on 24/7. Also, any service that provides NTP time synchronization will ensure the host is set to the proper time early in the startup process, so it will be correct before it is fully up and running.
### Set the time zone
Usually, you set a computer's time zone during the installation procedure and never need to change it. However, there are times it is necessary to change the time zone, and there are a couple of tools to help. Linux uses time-zone files to define the local time zone in use by the host. These binary files are located in the `/usr/share/zoneinfo` directory. The default for my time zone is defined by the link `/etc/localtime -> ../usr/share/zoneinfo/America/New_York`. But you don't need to know that to change the time zone.
But you do need to know the official time-zone name for your location. Say you want to change the time zone to Los Angeles:
```
[root@testvm2 ~]# timedatectl list-timezones | column
&lt;SNIP&gt;
America/La_Paz                  Europe/Budapest
America/Lima                    Europe/Chisinau
America/Los_Angeles             Europe/Copenhagen
America/Maceio                  Europe/Dublin
America/Managua                 Europe/Gibraltar
America/Manaus                  Europe/Helsinki
&lt;SNIP&gt;
```
Now you can set the time zone. I used the `date` command to verify the change, but you could also use `timedatectl`:
```
[root@testvm2 ~]# date
Tue 19 May 2020 04:47:49 PM EDT
[root@testvm2 ~]# timedatectl set-timezone America/Los_Angeles
[root@testvm2 ~]# date
Tue 19 May 2020 01:48:23 PM PDT
[root@testvm2 ~]#
```
You can now change your host's time zone back to your local one.
### systemd-timesyncd
The systemd timesync daemon provides an NTP implementation that is easy to manage within a systemd context. It is installed by default in Fedora and Ubuntu and started by default in Ubuntu but not in Fedora. I am unsure about other distros; you can check yours with:
```
`[root@testvm1 ~]# systemctl status systemd-timesyncd`
```
### Configure systemd-timesyncd
The configuration file for systemd-timesyncd is `/etc/systemd/timesyncd.conf`. It is a simple file with fewer options included than the older NTP service and chronyd. Here are the complete contents of the default version of this file on my Fedora VM:
```
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See timesyncd.conf(5) for details.
[Time]
#NTP=
#FallbackNTP=0.fedora.pool.ntp.org 1.fedora.pool.ntp.org 2.fedora.pool.ntp.org 3.fedora.pool.ntp.org
#RootDistanceMaxSec=5
#PollIntervalMinSec=32
#PollIntervalMaxSec=2048
```
The only section it contains besides comments is `[Time]`, and all the lines are commented out. These are the default values and do not need to be changed or uncommented (unless you have some reason to do so). If you do not have a specific NTP time server defined in the `NTP=` line, Fedora's default is to fall back on the Fedora pool of time servers. I like to add the time server on my network to this line:
```
`NTP=myntpserver`
```
### Start timesync
Starting and enabling systemd-timesyncd is just like any other service:
```
[root@testvm2 ~]# systemctl enable systemd-timesyncd.service
Created symlink /etc/systemd/system/dbus-org.freedesktop.timesync1.service → /usr/lib/systemd/system/systemd-timesyncd.service.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service → /usr/lib/systemd/system/systemd-timesyncd.service.
[root@testvm2 ~]# systemctl start systemd-timesyncd.service
[root@testvm2 ~]#
```
### Set the hardware clock
Here's what one of my systems looked like after starting timesyncd:
```
[root@testvm2 systemd]# timedatectl
               Local time: Sat 2020-05-16 14:34:54 EDT  
           Universal time: Sat 2020-05-16 18:34:54 UTC  
                 RTC time: Sat 2020-05-16 14:34:53      
                Time zone: America/New_York (EDT, -0400)
System clock synchronized: yes                          
              NTP service: active                      
          RTC in local TZ: no    
```
The RTC time is around a second off from local time (EDT), and the discrepancy grows by a couple more seconds over the next few days. Because RTC does not have the concept of time zones, the `timedatectl` command must do a comparison to determine which time zone is a match. If the RTC time does not match local time exactly, it is not considered to be in the local time zone.
In search of a bit more information, I checked the status of systemd-timesync.service and found:
```
[root@testvm2 systemd]# systemctl status systemd-timesyncd.service
● systemd-timesyncd.service - Network Time Synchronization
     Loaded: loaded (/usr/lib/systemd/system/systemd-timesyncd.service; enabled; vendor preset: disabled)
     Active: active (running) since Sat 2020-05-16 13:56:53 EDT; 18h ago
       Docs: man:systemd-timesyncd.service(8)
   Main PID: 822 (systemd-timesyn)
     Status: "Initial synchronization to time server 163.237.218.19:123 (2.fedora.pool.ntp.org)."
      Tasks: 2 (limit: 10365)
     Memory: 2.8M
        CPU: 476ms
     CGroup: /system.slice/systemd-timesyncd.service
             └─822 /usr/lib/systemd/systemd-timesyncd
May 16 09:57:24 testvm2.both.org systemd[1]: Starting Network Time Synchronization...
May 16 09:57:24 testvm2.both.org systemd-timesyncd[822]: System clock time unset or jumped backwards, restoring from recorded timestamp: Sat 2020-05-16 13:56:53 EDT
May 16 13:56:53 testvm2.both.org systemd[1]: Started Network Time Synchronization.
May 16 13:57:56 testvm2.both.org systemd-timesyncd[822]: Initial synchronization to time server 163.237.218.19:123 (2.fedora.pool.ntp.org).
[root@testvm2 systemd]#
```
Notice the log message that says the system clock time was unset or jumped backward. The timesync service sets the system time from a timestamp. Timestamps are maintained by the timesync daemon and are created at each successful time synchronization.
The `timedatectl` command does not have the ability to set the value of the hardware clock from the system clock; it can only set the time and date from a value entered on the command line. However, you can set the RTC to the same value as the system time by using the `hwclock` command:
```
[root@testvm2 ~]# /sbin/hwclock --systohc --localtime
[root@testvm2 ~]# timedatectl
               Local time: Mon 2020-05-18 13:56:46 EDT  
           Universal time: Mon 2020-05-18 17:56:46 UTC  
                 RTC time: Mon 2020-05-18 13:56:46      
                Time zone: America/New_York (EDT, -0400)
System clock synchronized: yes                          
              NTP service: active                      
          RTC in local TZ: yes
```
The `--localtime` option ensures that the hardware clock is set to local time, not UTC.
### Do you really need RTC?
Any NTP implementation will set the system clock during the startup sequence, so is RTC necessary? Not really, so long as you have a network connection to a time server. However, many systems do not have full-time access to a network connection, so the hardware clock is useful so that Linux can read it and set the system time. This is a better solution than having to set the time by hand, even if it might drift away from the actual time.
### Summary
This article explored the use of some systemd tools for managing date, time, and time zones. The systemd-timesyncd tool provides a decent NTP client that can keep time on a local host synchronized with an NTP server. However, systemd-timesyncd does not provide a server service, so if you need an NTP server on your network, you must use something else, such as Chrony, to act as a server.
I prefer to have a single implementation for any service in my network, so I use Chrony. If you do not need a local NTP server, or if you do not mind dealing with Chrony for the server and systemd-timesyncd for the client and you do not need Chrony's additional capabilities, then systemd-timesyncd is a serviceable choice for an NTP client.
There is another point I want to make: You do not have to use systemd tools for NTP implementation. You can use the old ntpd or Chrony or some other NTP implementation. systemd is composed of a large number of services; many of them are optional, so they can be disabled and something else used in its place. It is not the huge, monolithic monster that some make it out to be. It is OK to not like systemd or parts of it, but you should make an informed decision.
I don't dislike systemd's implementation of NTP, but I much prefer Chrony because it meets my needs better. And that is what Linux is all about.
### Resources
There is a great deal of information about systemd available on the internet, but much is terse, obtuse, or even misleading. In addition to the resources mentioned in this article, the following webpages offer more detailed and reliable information about systemd startup.
* The Fedora Project has a good, practical [guide to systemd][8]. It has pretty much everything you need to know in order to configure, manage, and maintain a Fedora computer using systemd.
* The Fedora Project also has a good [cheat sheet][9] that cross-references the old SystemV commands to comparable systemd ones.
* For detailed technical information about systemd and the reasons for creating it, check out [Freedesktop.org][10]'s [description of systemd][11].
* [Linux.com][12]'s "More systemd fun" offers more advanced systemd [information and tips][13].
There is also a series of deeply technical articles for Linux sysadmins by Lennart Poettering, the designer and primary developer of systemd. These articles were written between April 2010 and September 2011, but they are just as relevant now as they were then. Much of everything else good that has been written about systemd and its ecosystem is based on these papers.
* [Rethinking PID 1][14]
* [systemd for Administrators, Part I][15]
* [systemd for Administrators, Part II][16]
* [systemd for Administrators, Part III][17]
* [systemd for Administrators, Part IV][18]
* [systemd for Administrators, Part V][19]
* [systemd for Administrators, Part VI][20]
* [systemd for Administrators, Part VII][21]
* [systemd for Administrators, Part VIII][22]
* [systemd for Administrators, Part IX][23]
* [systemd for Administrators, Part X][24]
* [systemd for Administrators, Part XI][25]
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/6/time-date-systemd
作者:[David Both][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/dboth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/clocks_time.png?itok=_ID09GDk (Alarm clocks with different time)
[2]: https://en.wikipedia.org/wiki/National_Institute_of_Standards_and_Technology
[3]: https://en.wikipedia.org/wiki/WWVB
[4]: https://en.wikipedia.org/wiki/Network_Time_Protocol
[5]: https://linux.die.net/man/4/rtc
[6]: https://chrony.tuxfamily.org/
[7]: https://opensource.com/article/18/12/manage-ntp-chrony
[8]: https://docs.fedoraproject.org/en-US/quick-docs/understanding-and-administering-systemd/index.html
[9]: https://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet
[10]: http://Freedesktop.org
[11]: http://www.freedesktop.org/wiki/Software/systemd
[12]: http://Linux.com
[13]: https://www.linux.com/training-tutorials/more-systemd-fun-blame-game-and-stopping-services-prejudice/
[14]: http://0pointer.de/blog/projects/systemd.html
[15]: http://0pointer.de/blog/projects/systemd-for-admins-1.html
[16]: http://0pointer.de/blog/projects/systemd-for-admins-2.html
[17]: http://0pointer.de/blog/projects/systemd-for-admins-3.html
[18]: http://0pointer.de/blog/projects/systemd-for-admins-4.html
[19]: http://0pointer.de/blog/projects/three-levels-of-off.html
[20]: http://0pointer.de/blog/projects/changing-roots
[21]: http://0pointer.de/blog/projects/blame-game.html
[22]: http://0pointer.de/blog/projects/the-new-configuration-files.html
[23]: http://0pointer.de/blog/projects/on-etc-sysinit.html
[24]: http://0pointer.de/blog/projects/instances.html
[25]: http://0pointer.de/blog/projects/inetd.html

144
sources/tech/20200602 Using pandas to plot data in Python.md Normal file
View File

@ -0,0 +1,144 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Using pandas to plot data in Python)
[#]: via: (https://opensource.com/article/20/6/pandas-python)
[#]: author: (Shaun Taylor-Morgan https://opensource.com/users/shaun-taylor-morgan)
Using pandas to plot data in Python
======
Pandas is a hugely popular Python data manipulation library. Learn how
to use its API to plot data.
![Two pandas sitting in bamboo][1]
In this series of articles on Python-based plotting libraries, we're going to have a conceptual look at plots using pandas, the hugely popular Python data manipulation library. Pandas is a standard tool in Python for scalably transforming data, and it has also become a popular way to [import and export from CSV and Excel formats][2].
On top of all that, it also contains a very nice plotting API. This is extremely convenient—you already have your data in a pandas DataFrame, so why not use the same library to plot it?
In this series, we'll be making the same multi-bar plot in each library so we can compare how they work. The data we'll use is UK election results from 1966 to 2020:
![Matplotlib UK election results][3]
### Data that plots itself
Before we go further, note that you may need to tune your Python environment to get this code to run, including the following. 
* Running a recent version of Python (instructions for [Linux][4], [Mac][5], and [Windows][6])
* Verify you're running a version of Python that works with these libraries
The data is available online and can be imported using pandas:
```
import pandas as pd
df = pd.read_csv('<https://anvil.works/blog/img/plotting-in-python/uk-election-results.csv>')
```
Now we're ready to go. We've seen some impressively simple APIs in this series of articles, but pandas has to take the crown.
To plot a bar plot with a group for each party and `year` on the x-axis, I simply need to do this:
```
import matplotlib.pyplot as plt
   
ax = df.plot.bar(x='year')
   
plt.show()
```
Four lines—definitely the tersest multi-bar plot we've created in this series.
Im using my data in [wide form][7], meaning theres one column per political party:
```
        year  conservative  labour  liberal  others
0       1966           253     364       12       1
1       1970           330     287        6       7
2   Feb 1974           297     301       14      18
..       ...           ...     ...      ...     ...
12      2015           330     232        8      80
13      2017           317     262       12      59
14      2019           365     202       11      72
```
This means pandas automatically knows how I want my bars grouped, and if I wanted them grouped differently, pandas makes it easy to [restructure my DataFrame][8].
As with [Seaborn][9], pandas' plotting feature is an abstraction on top of Matplotlib, which is why you call Matplotlib's `plt.show()` function to actually produce the plot.
Here's what it looks like:
![pandas unstyled data plot][10]
Looks great, especially considering how easy it was! Let's style it to look just like the [Matplotlib][11] example.
#### Styling it
We can easily tweak the styling by accessing the underlying Matplotlib methods.
Firstly, we can color our bars by passing a Matplotlib colormap into the plotting function:
```
from matplotlib.colors import ListedColormap
cmap = ListedColormap(['#0343df', '#e50000', '#ffff14', '#929591'])
ax = df.plot.bar(x='year', colormap=cmap)
```
And we can set up axis labels and titles using the return value of the plotting function—it's simply a [Matplotlib `Axis` object][12].
```
ax.set_xlabel(None)
ax.set_ylabel('Seats')
ax.set_title('UK election results')
```
Here's what it looks like now:
![pandas styled plot][13]
That's pretty much identical to the Matplotlib version shown above but in 8 lines of code rather than 16! My inner [code golfer][14] is very pleased.
### Abstractions must be escapable
As with Seaborn, the ability to drop down and access Matplotlib APIs to do the detailed tweaking was really helpful. This is a great example of giving an abstraction [escape hatches][15] to make it powerful as well as simple.
* * *
_This article is based on [How to make plots using Pandas][16] on Anvil's blog and is reused with permission._
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/6/pandas-python
作者:[Shaun Taylor-Morgan][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/shaun-taylor-morgan
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/panda.png?itok=0lJlct7O (Two pandas sitting in bamboo)
[2]: https://anvil.works/docs/data-tables/csv-and-excel
[3]: https://opensource.com/sites/default/files/uploads/matplotlib_2.png (Matplotlib UK election results)
[4]: https://opensource.com/article/20/4/install-python-linux
[5]: https://opensource.com/article/19/5/python-3-default-mac
[6]: https://opensource.com/article/19/8/how-install-python-windows
[7]: https://anvil.works/blog/tidy-data
[8]: https://anvil.works/blog/tidy-data#converting-between-long-and-wide-data-in-pandas
[9]: https://anvil.works/blog/plotting-in-seaborn
[10]: https://opensource.com/sites/default/files/uploads/pandas-unstyled.png (pandas unstyled data plot)
[11]: https://opensource.com/article/20/5/matplotlib-python
[12]: https://matplotlib.org/api/axis_api.html#axis-objects
[13]: https://opensource.com/sites/default/files/uploads/pandas_3.png (pandas styled plot)
[14]: https://en.wikipedia.org/wiki/Code_golf
[15]: https://anvil.works/blog/escape-hatches-and-ejector-seats
[16]: https://anvil.works/blog/plotting-in-pandas

238
translated/tech/20200511 Modify a disk image to create a Raspberry Pi-based homelab.md
View File

@ -1,238 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Modify a disk image to create a Raspberry Pi-based homelab)
[#]: via: (https://opensource.com/article/20/5/disk-image-raspberry-pi)
[#]: author: (Chris Collins https://opensource.com/users/clcollins)
修改一个磁盘镜像来创建一个基于树莓派的家庭实验室
======
使用树莓派或其它单板机创建一个 "家庭私有云" 。
![Science lab with beakers][1]
构建一个 [家庭实验室][2] 可以是一个有趣的方式,以试验你自己正在学习的新概念和试用这些新的技术。归因于单板计算机 (SBC) 的流行,以 [树莓派][3] 为首,在舒适的家里构建一个多计算机实验室比以往任何时候都要容易。考虑到比尝试复制主要云提供商的相同设置花更少的钱来接触本地云技术,创建一个 "家庭私有云" 也是一个极好的方法。
这篇文章阐述如何为一个树莓派或其它的单板机修改磁盘镜像,为 SSH (secure shell) 预配置主机,以及禁用在第一个启动时,强制进行交互配置的服务。这是一个让你的设备 "启动和运行" 的极好方法,类似于云实例。稍后,你可以通过 SSH 连接使用自动化的进程来进行更专业和更深入的配置。
此外, 当你向你的实验室添加更多的树莓派时,通过修改磁盘镜像来让你只需要写该镜像到一个 SD 卡中,将其放入树莓派中,去尝试吧!
![Multiple Raspberry Pi computers, a switch, and a power bank][4]
### 解压缩和挂载镜像
对于这个项目,你需要修改一个服务器磁盘镜像。在测试期间,我使用 [Fedora Server 31 ARM][5] 。在你心中磁盘镜像和 [验证它的校验和][6] 后,你需要解压缩并挂载其到主机电脑的文件系统的一个位置上,以便你可以根据需要修改它。
你可以使用 **[xz][7]** 命令来解压缩 Fedora 服务器镜像,通过使用 **\--decompress** 参数:
```
`xz --decompress Fedora-Server-armhfp-X-y.z-sda.raw.xz`
```
这会留下一个原始的,解压缩后的磁盘镜像 (它会自动地替换 **.xz** 压缩文件)。这个原始磁盘镜像就像它听起来的那样一种文件包含格式化和安装的磁盘上的所有数据。这包含分区信息启动分区root 分区,以及任何其它的分区。你需要挂载你打算在其中工作位置的分区,但是要做到这一点,你需要磁盘镜像分区开始的信息以及在磁盘扇面上的大小,如此,你才可以挂载文件到正确的扇区.
很幸运,你可以在一个磁盘镜像上使用 [**fdisk**][8] 命令,就像在实际磁盘上使用一样容易。使用 **\--list** 或 **-l** 参数来查看分区的列表和其信息:
```
# 使用 fdisk 来列出原始文件的分区:
$ fdisk -l Fedora-Server-armhfp-31-1.9-sda.raw
Disk Fedora-Server-armhfp-X-y.z-sda.raw: 3.2 GiB, 3242196992 bytes, 6332416 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xdaad9f57
Device                               Boot   Start     End Sectors  Size Id Type
Fedora-Server-armhfp-X-y.z-sda.raw1         8192  163839  155648   76M  c W95 F
Fedora-Server-armhfp-X-y.z-sda.raw2 *     163840 1163263  999424  488M 83 Linux
Fedora-Server-armhfp-X-y.z-sda.raw3      1163264 6047743 4884480  2.3G 83 Linux
```
你需要的所有信息都可在上面的输出中获得。行 3 标示:逻辑和物理的扇面大小是:(512 字节/ 512 字节)。
驱动器列表显示在原始镜像中的分区。第一个, **Fedora-Server-armhfp-X-y.z-sda.raw1** 是毫无疑问的可引导启动分区,因为它是第一个,小的 (仅仅 76MB),类型 W95 FAT32 (LBA), 如被发现为 Id "c," 一个从 SD 卡启动的 FAT32 分区。
第二个分区也不是非常大,仅仅 488MB 。这个分区是一个 Linux 原生类型分区 (Id 83) ,并且它可能包含内核和 [initramfs][9] 的 Linux 启动分区。
第三分区可能是你需要的东西:它有 2.3GB 大小,所以在它其中应该有发行版的主要部分 ,并且它是一个 Linux 原生分区类型,这是可预料的。这应该包含你需要修改的分区和数据。
第三个分区从扇面 1163264 开始 (在 **fdisk** 中输出被显示为 "Start" 列),所以你的挂载偏移量是 **595591168**通过将扇面大小512乘以起始扇面1163264(例如, **512 * 1163264**)来计算。这意味着你需要将偏移量为 595591168 的文件挂载到挂载点的正确位置。
武装这些信息(看我在这里做了什么?),现在你可以将第三个分区装载到你的目录中:
```
$ mkdir ~/mnt
$ sudo mount -o loop,offset=595591168 Fedora-Server-armhfp-X-y.z-sda.raw ~/mnt
$ ls ~/mnt
```
### 直接在磁盘镜像中作业
在磁盘镜像被解压缩和被挂载到主机上的一个位置后,是时候来开始修改镜像以符合你的需求。在我看来,对镜像进行更改的最简单的方法是使用 **chroot** 来将你会话的工作 root 目录更改为已挂载镜像的工作 root 目录。不过,有点棘手。
在你更改到 root 用户后,你的会话将从新的 root 目录使用二进制文件。除非你是从一个 ARM 系统做这些所有的操作,解压缩的磁盘镜像的体系结构将与你正在使用的主机系统不同。即使在 **chroot** 中,主机系统也不能使用具有一个不同体系结构的二进制文件。至少,不能原始使用。
幸运的是,这里有一个解决方案: **qemu-user-static**。来自 [Debian Wiki][10]:
> "[qemu-user-static] 提供静态构建的用户模式模拟二进制文件。在这个模式中QEMU 可以在一个 CPU 上启动为另一个 CPU 编译的 Linux 进程… 如果支持 binfmt 的软件包被安装qemu-user-static 软件包将注册供模拟器可以处理的二进制文件格式,以便其能够直接运行外部的二进制文件。"
这完全是你需要在 chroot 中非原生体系结构中去做的工作。如果 host 系统是 Fedora ,使用 DNF 来安装 **qemu-user-static** 软件包,并重新启动 **systemd-binfmt.service**
```
# 使用 DNF 启用非原生的 arch chroot ,添加新的二进制文件格式信息
# 为了简洁而控制输出
$ dnf install qemu-user-static
$ systemctl restart systemd-binfmt.service
```
使用这种方法,你一个能够更改 root 到挂载的磁盘镜像,运行 **uname** 命令来验证一切都在工作:
```
sudo chroot ~/mnt/ /usr/bin/uname -a -r
Linux marvin 5.5.16-200.fc31.x86_64 #1 SMP Wed Apr 8 16:43:33 UTC 2020 armv7l armv7l armv7l GNU/Linux
```
从更改后的 root 中运行 **uname** 将在输出中显示 **armv7l** — 原始磁盘镜像的体系结构 — 而不是主机的体系结构。一起如期而至,你可以继续更改镜像。
### 修改磁盘镜像
现在你可以直接更改基于 ARM 的磁盘镜像,并在该环境中工作,你可以开始更改镜像自身。你想设置镜像,以便它能够可引导启动和立即被访问,而不需要直接在树莓派上做任何额外的设置。为此,你需要安装并启用 sshd ( OpenSSH 守护进程 ),并为 SSH 访问添加授权密码。
为了让这更像一个云环境,为了在家里实现私有云的梦想,添加一个本地用户,给予该用户 **sudo** 权限,并 ( 像云中的重量级人物一样 ) 允许该用户不需要密码来使用 **sudo**
所以,你将做的工作列表是:
* 安装并启用 SSHD ( SSHD 在 Fedora ARM 镜像中已经被安装被启用,但是你需要为你发行版手动执行这些工作 )
* 设置一个本地用户
* 允许本地用户来使用 sudo ( 不需要密码,可选 )
* 添加授权密码
* 允许 root 使用授权密码访问 SSH ( 可选 )
我使用 GitHub 功能,允许你上传你的公共 SSH 密码,并使它们在 **[https://github.com/<your_github_username>.keys][11]** 处可获得。我发现这是一种分发公共密码的方便方法,不过我生性多疑,我总是检查下载的密钥是否符合我的期望。如果你不想使用这种方法,你可以从你主机中复制你公共密码到 **chroot** 目录中,或者你可以将密码托管在你控制的 web 服务器上以便使用相同的工作流。
为开始修改磁盘镜像,再次 **chroot** 到挂载的磁盘镜像中,这次启动一个 shell ,以便可以运行多个命令:
```
# 为了简洁起见,省略了这些命令的输出(如果有的话)
$ sudo chroot ~/mnt /bin/bash
# 安装 openssh-server ,并启用它 (在 Fedora 上已经完成)
$ dnf install -y openssh-server
$ systemctl enable sshd.service
# 允许 root 使用授权密码访问 SSH
$ mkdir /root/.ssh
# 下载或者另外添加授权密码文件,你的公共密码
# 将 URL 替换为你自己公共密码的路径
$ curl <https://github.com/clcollins.keys> -o /root/.ssh/authorized_keys
$ chmod 700 /root/.ssh
$ chmod 600 /root/.ssh/authorized_keys
# 添加一个本地用户,并放置他们到 wheel 组中
# 将组和用户更改为您想要的一切
useradd -g chris -G wheel -m -u 1000 chris
# 下载并添加你的授权密码
# 像你上面所做的那样更改 home 目录和URL
mkdir /home/chris/.ssh
curl <https://github.com/clcollins.keys> -o /home/chris/.ssh/authorized_keys
chmod 700 /home/chris/.ssh
chmod 600 /home/chris/.ssh/authorized_keys
chown -R chris.chris /home/chris/.ssh/
# 允许 wheel 组( 使用你的本地用户) 不需要使用密码来使用 suso
echo "%wheel ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/91-wheel-nopasswd
```
这就是树莓派或其它单板机在第一次启动时需要完成设置 SSH 的全部工作。不过,每个发行版都有自己的特点.例如Rasbian 已经包含一个本地用户:**pi** ,并且不使用 **wheel** 组。因此对于 Raspbian 来说,最好使用现有用户,或者删除 **pi** 用户,并使用另一个用户来替换它。
在 Fedora ARM 的情况下,镜像会在第一次引导启动时提示你来完成安装。这会破坏你在上面所做的更改的目的,特别是,它会完全阻止启动,直到安装完成。你的目标是使树莓派的功能类似于私有云的基础设施的一部分,并且该工作流包括设置主机通过 SSH 远程启动。禁用初始化设置,由 **initial-setup.service** 控制安装服务:
```
# 对多用户和图形目标禁用 initial-setup.service
unlink /etc/systemd/system/multi-user.target.wants/initial-setup.service
unlink /etc/systemd/system/graphical.target.wants/initial-setup.service
```
当你在更改的 root 目录中时,你可以对你系统做任何你想做的其它更改,或者在第一次启动后,只需将其留在那里,并通过 SSH 配置的云本机工作流。
### 重新压缩并安装修改后的镜像
随着对你的系统的这些更改的完成,剩下是所有工作就是:重新压缩磁盘镜像和安装其到你的树莓派的 SD 卡上。
确保退出 chroot ,然后卸载磁盘镜像:
```
`$ sudo umount ~/mnt/`
```
就像最初解压缩镜像一样,你可以再次使用 **xz** 命令来压缩镜像。通过使用 **\--keep** 参数,**xz** 将保留原始的镜像,而不是清理掉它。虽然这会占用更多的磁盘空间,但保留下来的未压缩镜像将允许你对正在使用的镜像进行增量更改,而不需要每次都对其进行解压缩。在测试和根据你的喜好调整镜像时将非常节省时间:
```
# 压缩压缩磁盘镜像为一个 .xz 文件,但保留原始磁盘镜像
xz --compress Fedora-Server-armhfp-31-1.9-sda.raw --keep
```
压缩过程将花费一些时间,所以趁着这个时间站起来,舒展身体,让你的血液再次流动。
在压缩完成后,可以将新的、已修改过的磁盘镜像复制到 SD 卡上,以便与树莓派一起使用。标准的 **dd** 方法来放置镜像到 SD 卡上工作完好,但是我喜欢使用 Fedora **arm-image-installer** ,因为它因为它在处理未经编辑的镜像时提供了选项。它对编辑镜像也工作得极好,并且比 **dd** 命令更友好一些。
确保检查 SD 卡在哪个磁盘驱动器上,并将磁盘驱动器使用于 **\--media** 参数:
```
# 使用 arm-image-installer 来复制已修改的磁盘镜像到 SD 卡上
arm-image-installer --image=Fedora-Server-armhfp-X-y.z-sda.raw.xz --target=rpi3 --media=/dev/sdc --norootpass --resizefs -y
```
现在,你已经为树莓派后其它的单板机准备好了一个新的,已修改的 Fedora Server ARM 镜像,准备好启动并立即 SSH 到你的修改镜像中。这种方法也可以用来制作其它的更改,并且你也可以使用其它发行版的原始磁盘镜像,如果你更喜欢它们,而不是 Fedora 的话。这是一个开始构建家庭实验室私有云的良好基础。在以后的文章中,我将指导您使用云技术和自动化建立一个家庭实验室。
### 进一步阅读
很多研究都是为了学习如何做这篇文章中的事情。我在下面列出我找到的最有用的两个资源:学习如何自定义磁盘映像和使用非本机体系结构。它们从“我不知道我正在做什么,到我能够完成它!"非常有帮助。
* [如何修改你的自定义 Linux 发行版的原始磁盘镜像][12]
* [使用 DNF 维基][13]
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/5/disk-image-raspberry-pi
作者:[Chris Collins][a]
选题:[lujun9972][b]
译者:[robsean](https://github.com/robsean)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/clcollins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/science_experiment_beaker_lab.png?itok=plKWRhlU (Science lab with beakers)
[2]: https://opensource.com/article/19/3/home-lab
[3]: https://opensource.com/resources/raspberry-pi
[4]: https://opensource.com/sites/default/files/uploads/raspberrypi_homelab.jpg (Multiple Raspberry Pi computers, a switch, and a power bank)
[5]: https://arm.fedoraproject.org/
[6]: https://arm.fedoraproject.org/verify.html
[7]: https://tukaani.org/xz/
[8]: https://en.wikipedia.org/wiki/Fdisk
[9]: https://wiki.debian.org/initramfs
[10]: https://wiki.debian.org/RaspberryPi/qemu-user-static
[11]: https://github.com/%3Cyour_github_username%3E.keys
[12]: https://www.linux.com/news/how-modify-raw-disk-image-your-custom-linux-distro/
[13]: https://wiki.mageia.org/en/Using_DNF#Setting_up_a_container_for_a_non-native_architectur