Last active
January 8, 2024 22:55
-
-
Save ww898/318b8ea939cfad445e67cfd7494c5564 to your computer and use it in GitHub Desktop.
Setup Red Hut 9.1 s390x on LinuxONE OSS Community Cloud
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Required for .NET v7.0. See https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 | |
sudo update-crypto-policies --set DEFAULT:SHA1 | |
sudo yum upgrade -y | |
sudo yum clean packages -y | |
sudo yum install curl nano mc tmux git dotnet-sdk-6.0 dotnet-sdk-7.0 dotnet-sdk-8.0 java-17-openjdk nodejs | |
# No htop package in rhel.9, so install it from fedora.38 | |
curl -fLO https://rpmfind.net/linux/fedora-secondary/releases/38/Everything/s390x/os/Packages/h/htop-3.2.2-2.fc38.s390x.rpm | |
sudo rpm -i htop-3.2.2-2.fc38.s390x.rpm | |
# Install GitHub runner | |
sudo useradd builduser -m -s /usr/sbin/nologin | |
curl -fLO https://github.com/ChristopherHX/github-act-runner/releases/download/v0.6.7/binary-linux-s390x.tar.gz | |
sudo mkdir -p /opt/github-runner | |
cd /opt/github-runner | |
sudo tar xzvf ~/binary-linux-s390x.tar.gz | |
sudo chown -R root:root . | |
cd /home/builduser | |
/opt/github-runner/github-act-runner configure | |
sudo tee '/lib/systemd/system/github-runner.service' <<EOF | |
[Unit] | |
Description=GitHub Act Runner | |
After=network.target local-fs.target | |
[Service] | |
Type=simple | |
User=builduser | |
Group=builduser | |
WorkingDirectory=/home/builduser | |
ExecStart=/opt/github-runner/github-act-runner run | |
ExecStop=/bin/kill -HUP $MAINPID | |
RestartSec=120 | |
Restart=always | |
TasksMax=infinity | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
# Install node_exporter | |
sudo useradd monituser -M -s /usr/sbin/nologin | |
curl -fLO https://github.com/prometheus/node_exporter/releases/download/v1.7.0/node_exporter-1.7.0.linux-s390x.tar.gz | |
sudo mkdir -p /opt/node_exporter | |
cd /opt/node_exporter | |
sudo tar xzvf ~/node_exporter-1.7.0.linux-s390x.tar.gz | |
sudo mkdir -p /var/lib/node_exporter/textfile_collector | |
sudo chown monituser:monituser /var/lib/node_exporter/textfile_collector | |
sudo tee "/opt/node_exporter/node_exporter_options" <<EOF | |
ARGS="--collector.netclass.ignored-devices=^(lo|docker[0-9]|kube-ipvs0|dummy0|veth.+|br\-.+|cali\w{11})\$ \ | |
--collector.netdev.device-exclude=^(lo|docker[0-9]|kube-ipvs0|dummy0|veth.+|br\-.+|cali\w{11})\$ \ | |
--collector.filesystem.mount-points-exclude=^/(dev|sys|proc|host|etc|var/lib/kubelet|var/lib/docker/.+|home/.+|data/local-pv/.+|snap/.+)(\$|/) \ | |
--collector.filesystem.fs-types-exclude=^(aufs|autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|efivarfs|tmpfs|nsfs|fuse[.]lxcfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rootfs|rpc_pipefs|securityfs|squashfs|sysfs|tracefs)\$ \ | |
--collector.diskstats.ignored-devices=^(ram|loop|fd|(h|s|v|xv)d[a-z]|nvme[0-9]+n[0-9]+p|dm-|sr|nbd)[0-9]+\$ \ | |
--no-collector.bcache \ | |
--no-collector.infiniband \ | |
--no-collector.wifi \ | |
--no-collector.ipvs \ | |
--collector.textfile.directory \"/var/lib/node_exporter/textfile_collector\"" | |
EOF | |
sudo tee /lib/systemd/system/node_exporter.service <<EOF | |
[Unit] | |
Description=Node Exporter | |
After=network.target | |
[Service] | |
User=monituser | |
Group=monituser | |
EnvironmentFile=/opt/node_exporter/node_exporter_options | |
ExecStart=/opt/node_exporter/node_exporter \$ARGS | |
ExecReload=/bin/kill -HUP \$MAINPID | |
TimeoutStopSec=20s | |
SendSIGKILL=no | |
Restart=always | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
sudo systemctl daemon-reload | |
sudo systemctl enable node_exporter | |
sudo systemctl start node_exporter | |
sudo systemctl enable github-runner | |
sudo systemctl start github-runner | |
# Accept connections to node_exporter | |
echo "iptables -I INPUT 1 -s 217.110.28.18/32,54.228.10.171/32,54.155.149.0/32,54.73.219.83/32 -p tcp --dport 9100 -j ACCEPT" | sudo tee -a /etc/rc.local | |
iptables -I INPUT 1 -s 217.110.28.18/32,54.228.10.171/32,54.155.149.0/32,54.73.219.83/32 -p tcp --dport 9100 -j ACCEPT | |
# Append swapfile | |
sudo fallocate -l 4G /swapfile | |
sudo chmod 600 /swapfile | |
sudo mkswap /swapfile | |
sudo swapon /swapfile | |
echo "/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Done