账号设置 HP-UX FreeBSD Solaris (SPARC)
密码文件 /etc/passwd
/tcb/files/auth/r/root /etc/passwd
/etc/master.passwd /etc/passwd
/etc/shadow
组文件 /etc/group
/etc/logingroup /etc/group /etc/group
允许最大用户ID 2147483647 65535 2147483647
允许远程登录的用户文件设置 /etc/securetty
{console} /etc/ttys
{secure} /etc/default/login
{CONSOLE=/dev/console}
Nobody的UID -2 65534 60001 &65534(nobody4)
Nobody的GID -2(nogroup) 65534 60002 &65534(nogroup)
找回ROOT密码 >boot
Interact with IPL ? Y
ISL>hpux -iS
passwd root ok boot -s
passwd root boot cdrom -s
mkdir /tmp/a
mount /dev/c0t0d0s0 /tmp/a
vi /tmp/a/etc/shadow
创建新用户 useradd adduser Useradd
删除用户 userdel rmuser Userdel
列出用户 logins Logins
修改用户账号 usermod Usermod
账号设置 AIX Linux( RedHat )
密码文件 /etc/passwd
/etc/security/passwd /etc/passwd
/etc/shadow
组文件 /etc/group
/etc/security/group /etc/group
允许最大用户ID 4294967295 65535
允许远程登录的用户文件设置 /etc/security/user
{rlogin=true} /etc/securetty
{ttyp1}
Nobody的UID 4294967294 99
Nobody的GID 4294967294 99
找回ROOT密码 Boot from CD/Tape
Installation/Maintenance
Start Limited Shell
getrootfs hdisk0
vi /etc/security/passwd {lilo}
control-x
linux S
passwd root
{grub}
c
kernel vmlinuz-2.4.9-13 single ro root=/dev/hda8
initrd /initrd-2.4.9-13.img
boot
passwd root
创建新用户 mkuser Useradd
删除用户 rmuser Userdel
列出用户 lsuser -f ALL
修改用户账号 chuser -a usermod
主流服务器UNIX *** 作系统目录结构对比
Directory Mappings AIX FreeBSD HP-UX
Root filesystem / {/dev/hd4} / {/dev/ad0s1a} / {/dev/vg00/lvol1}
Home Directory /home {/dev/hd1} /home {/dev/vg00/lvol4}
/tmp {/dev/hd3} /tmp {/dev/vg00/lvol6}
/usr {/dev/hd2} /usr {/dev/ad0s1f} /usr {/dev/vg00/lvol7}
/var {/dev/hd9var} /var {/dev/ad0s1e} /var {/dev/vg00/lvol8}
Sample configuration files - /usr/newconfig
Directory Mappings Linux( RedHat ) Solaris Tru64
Root filesystem / {/dev/sda1} / {/dev/vx/dsk/rootvol} /{/dev/rz0a}
Home Directory /export/home {dev/vx/dsk/home}
/tmp {dev/vx/dsk/swapvol}
/usr /usr {/dev/rz0g}
/var
Sample configuration files
主流服务器UNIX *** 作系统常用命令
General Commands AIX FreeBSD HP-UX Linux(RedHat) Solaris Tru64
Unique host ID Hostid uname -i hostid hostid hostid
Administrator Smit Sam linuxconf admintool netconfig
Performance monitor Topas(有过top)
monitor top Top
glance Top top top
System activity reporter Sar sa Sar sar
Virtual Memory statistics Vmstat vmstat vmstat vmstat vmstat vmstat
I/O statistics Iostat iostat iostat iostat iostat
Error logs alog -o -t boot
errpt dmesg dmesg Dmesg dmesg uerf -R -o full
Physical RAM 1M TB4TB 64GB{>2.3.24} 16TB 4TB
Shared Memory 64K TB8TB sysctl kernel.shmmax
Process Data Space 384K TB4TB 900 MB
Swap device /dev/hd6 /dev/ad0s1b /dev/vg00/lvol2 /dev/sda2 /dev/vx/dsk/swapvol /dev/rz0b
Swap file type /etc/swapspaces swap swap partition type 82 swap raw
Display swap size lsps –a swapinfo swapinfo -a Free swap -l swapon -s
Activate Swap swapon -a swapon -a swapon -a swapon -a swap -a swapon -a
主流服务器UNIX *** 作系统打印机、TCP/IP设置
Printers AIX FreeBSD HP-UX
Printer Queues /etc/qconfig /var/spool/print /etc/lp/interface/*
Stop LP stopsrc -s lpd lpshut
Start LP startsrc -s lpd Lpd lpsched
Submit print jobs enq
lp
lpr
qprt Lp lp
LP statistics enq -A
lpq
lpstat
qchk Lpq lpstat
Remove print jobs cancel
lprm
qcan
enq –x Cancel
lprm cancel
Add printer queue smit mkpq lpadmin -p pq
Remove Printer Q smit rmpq lpadmin -x pq
Make default Prt export LPDEST="pq" lpadmin -d pq
TCP/IP AIX FreeBSD HP-UX
Network IP configuration lsattr -E -l inet0 /etc/rc.conf /etc/rc.config.d/netconf
Hosts IP addresses /etc/hosts /etc/hosts /etc/hosts
Name service switch /etc/netsvc.conf /etc/host.conf /etc/nsswitch.conf
Network parameters no –a Sysctl ndd -h
Routing daemon Gated Routed gated
NIC Configurations ifconfig –a ifconfig -a lanscan -v
Secondary IP Addr ifconfig en0 alias IP ifconfig xl0 alias IP ifconfig lan0:1 IP
(solaris also)
Login prompt HERALD @
/etc/security/login.cfg telnetd –b /etc/issue
Increase the # of pseudo-terminals odmget -q "attribute=num and uniquetype=pty/pty/pty" PdAt | sed "s/0-64/0-512/" |
odmchange -q "attribute=num and uniquetype=pty/pty/pty" -o PdAt
chdev -l pty0 -anum=256 -P
reboot rebuild your kernel with these new values NPTY=#
NSTRPY=#
reboot
insf -d ptys -n #
insf -d ptym -n #
insf -d pts -s # -e -v
Maximum # of ptys 512 {MAXUSERS}
Remote Shell Remsh
rsh Rsh remsh
YP/NIS service binder /usr/lib/netsvc/yp/ypbind /usr/sbin/ypbind /usr/lib/netsvc/yp/ypbind
主流服务器UNIX *** 作系统打印机、TCP/IP设置 续
Printers Linux (Redhat) Solaris (SPARC) Tru64
Printer Queues /var/spool/lpd/lp/* /etc/lp/interfaces/* /usr/spool/lpd
Stop LP /etc/init.d/lpd stop /usr/lib/lp/lpshut /sbin/init.d/lpd stop
Start LP /etc/init.d/lpd start /usr/lib/lp/lpsched /sbin/init.d/lpd start
Submit print jobs Lpr Lp
lpr Lp
lpr
LP statistics Lpq Lpstat Lpstat
Remove print jobs Lprm Cancel
lprm cancel
lprm
Add printer queue Printtool lpadmin -p pq Lprsetup
Remove Printer Q lpadmin -x pq Lprsetup
Make default Prt lpadmin -d pq export PRINTER="lp"
TCP/IP Linux( RedHat ) Solaris (SPARC) Tru64
Network IP configuration /etc/sysconfig/network-scripts/ /etc/hostname.*
/etc/inet/*
/etc/defaultrouter /etc/rc.config
Hosts IP addresses /etc/hosts /etc/inet/hosts /etc/hosts
Name service switch /etc/nsswitch.conf /etc/nsswitch.conf /etc/svc.conf
Network parameters sysctl -a | grep net Ndd /dev/[tcp|ip] ?
Routing daemon routed in.routed routed
NIC Configurations ifconfig -a ifconfig –a ifconfig -a
Secondary IP Addr modprobe ip_alias
ifconfig eth0:1 IP ifconfig hme0:1 IP up ifconfig ln0 alias
Login prompt /etc/issue BANNER @
/etc/default/telnetd /etc/issue
Increase the # of pseudo-terminals cd /dev
./MAKEDEV -v pty {/etc/system}
set pt_cnt = # {SYSV}
set npty = # {BSD}
{/etc/iu.ap}
ptsl 0 # ldterm ttcompat
halt
boot –r cd /dev
./MAKEDEV PTY_1
Maximum # of ptys 256 176 {BSD}
3000 {SYSV} 8192
Remote Shell rsh Rsh rsh
YP/NIS service binder /sbin/ypbind /usr/lib/netsvc/yp/ypbind /usr/sbin/ypbin
主流服务器UNIX *** 作系统系统文件
System Files AIX FreeBSD HP-UX
NFS exported /etc/exports /etc/exports /etc/exports
NFS Client mounted directories /etc/xtab /etc/xtab
Max File System 128 GB 128 GB
Max File Size 64 GB 128 GB
Max # File Descriptors 64 K 60~ K
System Files Linux (RedHat) Solaris Tru64
NFS exported /etc/exports /etc/dfs/dfstab
/etc/dfs/sharetab /etc/exports
NFS Client mounted directories /var/lib/nfs/xtab /etc/rmtab /var/adm/mountdtab
Max File System 2 TB 1 TB
8000 TB {vxfs} 128 GB {<= 3.2G}
512 GB {>= 4.0}
16 TB {advfs}
Max File Size 2 GB{512B block size}
8192 GB {8KB block size} 1 TB
2 GB {=<2.5.1} 128 GB {<= 3.2G}
512 GB {>= 4.0}
16 TB {advfs}
Max # File Descriptors sysctl fs.file-max 64 K 64 K
主流服务器UNIX *** 作系统磁盘与逻辑卷命令
DISK/LVM Commands AIX FreeBSD HP-UX
Filesystem table /etc/filesystems /etc/fstab /etc/fstab
Free disk blocks df -k df -k Bdf
Device listing lsdev -C /sbin/ioscan
Disk information bootinfo -s hdisk# fdisk -v ad0 diskinfo /dev/rdsk/c#t#d#
Disk Label lspv -l hdisk# disklabel ad0 pvdisplay -v /dev/dsk/C#t#d#
LVM Concepts Partition sub disk logical extents
Volume Volume logical volume
Plex
Volume group volume group
Journal Filesystem type jfs Vxfs
Default volume group /dev/rootvg /dev/vg00
Display volume group lsvg -l rootvg vgdisplay -v vg00
Modify physical volume chpv Pvchange
Prepare physical disk mkdev -c disk -l hdisk# pvcreate
List physical volume lspv vinum ld pvdisplay
Remove disk from volume group reducevg vgreduce
Move logical volumes to another physical volumes migratepv vinum move -f drive object pvmove
Create volume group mkvg vgcreate
Remove volume group vgremove
Volume group availability chvg
varyonvg
varyoffvg vgchange
Restore volume group vgcfgrestore
Exports volume group exportvg vgexport
Imports volume group importvg vgimport
Volume group listing lsvg Vgscan 是一样的么?
Change logical volume characteristics chlv lvchange
List logical volume lslv vinum lv lvdisplay
Make logical volume mklv lvcreate
Extend logical volume extendlv lvextend
Reduce logical volume AIX reduce LV Lvreduce 如何用?
Remove logical volume rmlv vinum rm vol lvremove
Prepare boot volumes bootlist -m normal lvlnboot
Remove boot volumes lvrmboot
Extend File system chfs -a size=# /mt extendfs /dev/vg00/lvol8
fsadm -F vxfs -b {LE * 1024} /mt
Reduce/Split mirrors rmlvcopy lvsplit
Merge mirrors lvmerge
Create mirrors mklv -c 2 vinum mirror drive lvcreate -m 1
Add mirrors mklvcopy lv 2lvextend -m 1
Create striped volumes mklv -u 3 -S 64K vinum stripe drive lvcreate -i 3 -I 64
System recovery tape mksysb -i /dev/rmt0 /opt/ignite/bin/make_recovery
Backup savevg -i rootvg vinum saveconfig fbackup
Restore restvgfrecover
主流服务器UNIX *** 作系统磁盘与逻辑卷命令 续
DISK/LVM Commands Linux (RedHat) Solaris (SPARC) Tru64
Filesystem table /etc/fstab /etc/vfstab /etc/fstab
Free disk blocks df -k df –k df -k
Device listing cat /proc/devices Sysdef
Disk information cat /proc/scsi/scsi0/sda/model format -d c#t#d#
format>current
format>inquiry file /dev/rrz0c
Disk Label fdisk -l Prtvtoc disklabel -p rz0
LVM Concepts logical extents sub disk sub disk
logical volume Volume Volume
Plex Plex
volume group disk group disk group
Journal Filesystem type ext2 居然是jfs的? Vxfs Advfs 居然是jfs的?
Default volume group /dev/vx/dsk/rootdg
居然有 vg? /dev/vol/rootdg
居然有 vg?
Display volume group vgdisplay -v vxprint -l -g rootdg volprint -l -g rootdg
Modify physical volume pvchange
Prepare physical disk pvcreate vxdiskadd voldiskadd
List physical volume pvdisplay vxprint -dl volprint -dl
Remove disk from volume group vgreduce vxdg rmdisk voldg rmdisk
Move logical volumes to another physical volumes pvmove vxassist move volassist move
Create volume group vgcreate vxdg init voldg init
Remove volume group vgremove
Volume group availability vgchange
Restore volume group vgcfgrestore
Exports volume group vgexport vxdg deport voldg deport
Imports volume group vgimport vxdg import voldg import
Volume group listing vgscan
Change logical volume characteristics lvchange vxedit set voledit set
List logical volume lvdisplay vxprint -vl volprint -vl
Make logical volume lvcreate vxassist make volassist make
Extend logical volume lvextend vxassist growto volassist growto
Reduce logical volume lvreduce vxassist shrinkto volassist shrinkto
Remove logical volume lvremove vxedit rm voledit -g rootdg -rf rm vol1
Prepare boot volumes lilo vxbootsetup
Remove boot volumes
Extend File system resize2fs vxva
mkfs -M
Reduce/Split mirrors lvsplit
Merge mirrors lvmerge
Create mirrors vxassist mirror volassist make vol 100mb mirror=true
Add mirrors
Create striped volumes lvcreate -i 3 -I 64 vxassist make vol 100mb layout=raid5 volassist make vol 100mb layout=stripe
System recovery tape /usr/sys/bin/btcreate
Backup tar cvf /dev/rst0 / ufsdump vdump
Restore tar xvf /dev/rst0
这一列对不对? ufsrestore vrestore
主流服务器UNIX *** 作系统安装与卸载
Software AIX FreeBSD HP-UX
Install Software installp -a pkg_add swinstall
Uninstall software installp -u pkg_delete swremove
List installed software lslpp -L all pkg_info -a swlist
Verify installed software lppchk -v swlist -l fileset -a state
List all files lslpp -f fileset pkg_info -L package swlist -l file fileset
List installed patches instfix -i swlist -l patch
what /stand/vmunix
Package owner lslpp -w path swlist -l file | grep path
SW Directory /usr/lpp /var/db/pkg /var/adm/sw/
Software Linux (RedHat) Solaris (SPARC) Tru64
Install Software rpm -i package pkgadd setld -l
Uninstall software rpm -e package pkgrm setld -d
List installed software rpm -qa pkginfo setld -i
Verify installed software rpm -V package pkginfo -i
pkginfo -p setld -v
List all files rpm -ql package pkgchk -l package setld -i package
List installed patches patchadd -p dupatch -track -type patch
Package owner rpm -qf file pkgchk -l -p path
SW Directory /var/lib/rpm /var/sadm /var/adm/smlogs
主流服务器UNIX *** 作系统技术支持信息
Links AIX HP-UX Linux (RedHat)
FAQ AIX-FAQ
HP-UX FAQ 这个和我知道的一个? LINUX FAQ
Online Manual AIX 4.3 Books
HP-UX 11.00 Collection
Linux Documentation Project
Technical Support RS/6000 TechSupport
IT Resource Center
Red Hat support
Phone Number 1-800-CALL-AIX 1-800-633-3600 1-888-REDHAT1
Free Software Bull
HP-UX Ports
Linux Software Map
Certification www.ibm.com
education.hp.com
RHCE
Links FreeBSD Solaris (SPARC) Tru64
FAQ FreeBSD FAQ
Solaris 2 FAQ
Tru64 FAQ
Online Manual FreeBSD Hand Book
Solaris 7 Documentation
Tru64 Documents
Technical Support SunSolve
Alpha Systems Support
Phone Number 1-800-USA-4SUN
Free Software FreeBSD Primary Site
Sun Freeware
Tru64 Demos, Shareware &Freeware
Certification suned.sun.com
ASE Information
主流服务器UNIX *** 作系统其它命令
MISC AIX FreeBSD HP-UX
Startup script /etc/rc /etc/rc /sbin/rc
Kernel /usr/lib/boot/unix_up /kernel /stand/vmunix
Kernel Parameters lsattr -E -l sys0 sysctl -a sysdef kmtune kmsystem
Reconfigure the kernel
chdev -l sys0 -a cd /sys/i386/conf
vi KERNEL
config KERNEL
cd ../../compile\
/KERNEL
make depend
make
make install cd /stand/build\
/usr/lbin/sysadm\
/system_prep -v -s system
vi system
mk_kernel -s system
cd /stand
mv system system.prev
mv vmunix vmunix.prev
mv dlkm dlkm.prev
mv /stand/build\
/system system
kmupdate /stand/build\
/vmunix_test
List modules genkex kldstat kmadmin –s
Load module kldload kmadmin –L
Unload module kldunload kmadmin –U
Initialize system install_assist /stand/sysinstall set_parms initial
Physical RAM bootinfo -r sysctl hw.physmem grep -i Physical\ /var/adm/syslog\
/syslog.log
Kernel Bits bootinfo -k getconf KERNEL_BITS
Crash utility Crash crash Adb
Trace System Calls Syscalls truss tusc
Machine model uname -m
bootinfo -m uname -m model
uname -m
OS Level Oslevel uname -r uname -r
Run Level who –r who -r
Core dump files /var/adm/ras /var/adm/crash
Boot single user Key on service mode/F4
Boot from CD/Tape
Select Maintenance
Limited function Shell ok boot –s >boot
Interact with IPL ? Y
ISL>hpux -iS
Maintenance mode ok boot –as >boot
Interact with IPL ? Y
ISL>hpux -lm
Interrupt Key control-B
Return to console Co
Timezone Management /etc/environment
/etc/profile /etc/localtime /etc/TIMEZONE
NTP Daemon
如何用它? /etc/ntp.conf
startsrc -s xntpd /etc/rc.conf {xntpd enable="YES"}
/etc/rc.network /etc/rc.config.d\
/netdaemons
/sbin/init.d/xntpd
主流服务器UNIX *** 作系统其它命令 续
MISC Linux (RedHat) Solaris (SPARC) Tru64
Startup script /etc/rc.d/rc /sbin/init.d /sbin/init.d
Kernel /boot/vmlinuz /kernel/genunix /vmunix
Kernel Parameters sysctl -a sysdef –I sysconfig dxkerneltuner
Reconfigure the kernel cd /usr/src/linux
make mrproper
make menuconfig
make depcleanbzImageinstall
make modules
make modules_install
cp arch/i386/boot/bzImage /boot/vmlinuz
mkinitrd /boot/initrd-2.4.img 2.4
vi /etc/lilo.conf
lilo vi /etc/system
reboot doconfig
List modules lsmod modinfo
Load module insmod modload
Unload module rmmod modunload
Initialize system netconf sys-unconfig netsetup
Physical RAM free prtconf uerf | grep memory
Kernel Bits getconf WORD_BIT isainfo -kv 64
Crash utility lcrash
crash kdbx
Trace System Calls strace truss trace
Machine model uname -m uname -imp uname -p
OS Level uname -r uname -r sizer -v
Run Level runlevel who -r who -r
Core dump files /var/crash/`uname -n`
Boot single user {lilo}
control-x
linux S
{grub}
c
kernel vmlinuz-2.4.9-13 single ro root=/dev/hda8
initrd /initrd-2.4.9-13.img
boot ok boot -s >>>boot -fl s
Maintenance mode ok boot -as
Interrupt Key Stop-A control-P
Return to console ok go
Timezone Management /etc/sysconfig/clock /etc/TIMEZONE
/etc/default/init /etc/svid3_tz
timezone
NTP Daemon /etc/ntp.conf
/etc/rc.d/init.d/xntpd /etc/inet/ntp.conf
/etc/init.d/xntpd rcmgr set XNTPD_CONF YES
/sbin/init.d/xntpd
主流服务器UNIX *** 作系统设备管理
Devices AIX FreeBSD HP-UX
Devices /dev /dev /dev
Install devices for attached peripherals cfgmgr –v /dev/MAKEDEV insf -e
Remove device rmdev –l rmsf
Device drivers Lscfg lsdev
CPU lsdev -Cc processor sysctl hw.model ioscan -fnC processor
List Terminal lsdev -Cc tty ioscan -fnC tty
Diagnostics Diag pciconf -l Stm
Whole Disk /dev/hdisk# /dev/ad0s1c /dev/dsk/c#t#d0
CDROM /dev/cd0 /dev/acd0c /dev/dsk/c#t2d0
CDROM file type Cdrfs cd9660 Cdfs
Rewinding tape drive /dev/rmt0 /dev/rwt0d /dev/rmt/0m
Floppy drive /dev/rfd0 /dev/fd0 -
Non-rewinding tape drive /dev/rmt0.1 /dev/nrwt0d /dev/rmt/0mn
Devices Linux (RedHat) Solaris (SPARC) Tru64
Devices /dev /devices /dev
Install devices for attached peripherals /dev/MAKEDEV drvconfig
devlinks
disks
tapes
ports scu scan edt
scsimgr -scan_all
Remove device rem_drv
Device drivers prtconf -D
CPU cat /proc/cpuinfo psrinfo -v psrinfo -v
List Terminal pmadm -l
Diagnostics /usr/platform/`uname -m`/
sbin/prtdiag
ok test-all
/opt/SUNWvts/bin/sunvts
Whole Disk /dev/sda /dev/c#t#d0s2 /dev/rz0c
CDROM /dev/cdrom /dev/dsk/c#t6d0s2 /dev/rz3c
CDROM file type iso9660 hsfs cdfs
Rewinding tape drive /dev/rst0 {c 9 0} /dev/rmt/0 /dev/rmt0
Floppy drive /dev/fd0 /dev/diskette /dev/fd0c
Non-rewinding tape drive /dev/nrst0 {c 9 128} /dev/rmt/0n /dev/nrmt0
你是说安装的文件多大?还是安装好后有多大?你是做服务器用还是PC上用?许多发行版的DVD都挺大,一般都4个G左右,但安装好后能有多大要取决于你安装什么样的环境,如果是最小化安装,安装完后可能不到200兆。如果是普通的桌面版现在应该有几个G吧,有的发行版默认你自己搭积木式的搭建系统,这个就不好说了。像Gentoo和ArchLinux安装好后,几乎没有人是一样的,有相同的那就真是纯属巧合了。总的来说Linux的自由度太大了,从最极端的一切都自己编译到最流行的别人封包好的桌面环境都有。
(1)Linux系统的第一个进程(pid=1)为init:Linux *** 作系统的启动首先从 BIOS 开始,接下来进入 boot loader,由 bootloader 载入内核,进行内核初始化。内核初始化的最后一步就是启动 pid 为 1 的 init 进程。这个进程是系统的第一个进程。它负责产生其他所有用户进程。
(2)init进程是所有进程的祖先,不可以kill(也kill不掉)
init 以守护进程方式存在,是所有其他进程的祖先。init 进程非常独特,能够完成其他进程无法完成的任务。Init 系统能够定义、管理和控制 init 进程的行为。它负责组织和运行许多独立的或相关的始化工作(因此被称为 init 系统),从而让计算机系统进入某种用户预订的运行模式。
(3)大多数linux发行版的init系统是和systemV相兼容的,被称为sysvinit
sysvinit 就是 system V 风格的 init 系统,顾名思义,它源于 System V 系列 UNIX。它提供了比 BSD 风格 init 系统更高的灵活性。是已经风行了几十年的 UNIX init 系统,一直被各类 Linux 发行版所采用。
(1)CentOS 5
(2)CentOS 6
(1)优点
sysVinit运行非常良好,概念简单清晰,它主要依赖于shell脚本。
(2)缺点
按照一定的顺序执行-->启动太慢、很容易夯(hang)住,fstab与nfs挂载问题
说明:CentOS6采用了Upstart技术代替sysvinit进行引导,Upstart对rc.sysinit脚本做了大量的优化,缩短了系统初始化时的启动时间,但是CentOS6为了简便管理员的 *** 作,Upstart的很多特性并没有凸显或者直接不支持,因此在CentOS6中的服务启动脚本还是以原来的sysv的形式提供的,
(1)CentOS6
(2)Ubuntu14
说明:systemd技术的设计目标是克服sysvinit固有的缺点,提高系统的启动速度,和sysvinit兼容,降低迁移成本,
做主要的优点:并行启动
(1)RedHat 7/CentOS 7
(2)Ubuntu 15
方法1(在装系统时修改):
在安装系统的时候配置,修改内核选项:net.ifnames=0 biosdevname=0
方法2(装系统时忘记修改,装系统后修改):
(1)编辑网卡
# cd /etc/sysconfig/network-scripts/#mvifcfg-ens160 ifcfg-eth0 #mvifcfg-ens192 ifcfg-eth1 # vim ifcfg-eth0 TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=eth0 #网卡名称改为eth0 DEVICE=eth0 #设备名称改为eth0 ONBOOT=yes IPADDR=xxx.xxx.x.xx PREFIX=24GATEWAY=xxx.xxx.x.x DNS1=xxx.xxx.x.x IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_PRIVACY=no 注:删掉网卡内的UUID=176582f7-d198-4e4f-aab0-34ab10d17247 通用唯一识别码和HWADDR=00:0c:29:a5:3f:39MAC地址 这两行。 所有网卡都需要修改
(2)编辑grub文件
[root@localhost network-scripts]#cp-a /etc/sysconfig/grub /etc/sysconfig/grub.bak #备份文件 [root@localhost network-scripts]# vim /etc/sysconfig/grub GRUB_TIMEOUT=5GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=trueGRUB_TERMINAL_OUTPUT="console"GRUB_CMDLINE_LINUX="crashkernel=autonet.ifnames=0 biosdevname=0rhgb quiet"#这行添加net.ifnames=0biosdevname=0GRUB_DISABLE_RECOVERY="true"
(3)生成启动菜单
[root@localhost network-scripts]# grub2-mkconfig -o /boot/grub2/grub.cfg Generating grub configurationfile... Found linux image:/boot/vmlinuz-3.10.0-514.el7.x86_64 Found initrd image:/boot/initramfs-3.10.0-514.el7.x86_64.img Found linux image:/boot/vmlinuz-0-rescue-7d9a96ac2162427d937e06ede5350e9e Found initrd image:/boot/initramfs-0-rescue-7d9a96ac2162427d937e06ede5350e9e.imgdone
然后重启服务器:reboot,重启服务器后查看网卡信息,
再安装 *** 作系统的时候使用的最小化安装,有很多包没有安装,使用时发现好多命令没有如{vim、wget、tree...等},下面就安装命令,可以根据需求自行调整。
yum-yinstallwgetnet-tools screen lsof tcpdump nc mtr openssl-devel vim bash-completion lrzsz nmap telnet tree ntpdate iptables-services
rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
需要开机自启动的脚本或者配置,可以放在/etc/rc.local里,但是发现并没有执行,下面我们看一下原因。
# ll /etc/rc.local lrwxrwxrwx1root root13Jan523:31/etc/rc.local ->rc.d/rc.local #发现是个软连接文件 #ls-l /etc/rc.d/rc.local-rw-r--r--1root root473Oct2011:07/etc/rc.d/rc.local #问题在这里,没有执行权限 #chmod+x /etc/rc.d/rc.local #添加执行权限 #ls-l /etc/rc.d/rc.local-rwxr-xr-x1root root473Oct2011:07/etc/rc.d/rc.local 注:这样添加在rc.local里的开机自启动配置就可以执行了。
linux系统下都有一个默认的超级管理员root,ssh服务的默认端口是22,圈内都知道,那么接下来我们可以修改一下我们的默认端口和禁止root用户远程登录,初步提高一下服务器的安全
1、首先修改ssh的默认端口 #sed-i"s#\#Port 22#Port 53226#g"/etc/ssh/sshd_config #端口可以改成1-65535之间任意端口,建议改成较大的端口,因为一万以内的端口常用的服务有占用,防止冲突(需要注意的是:这个端口要记住,否则连接不上服务器)2、禁止root用户远程登陆 a):添加一个普通用户并设置密码(注:这一步必须执行,否则将造成远程连接不上服务器) # useradd xxx #添加xxx用户 #echo"pass"|passwd--stdin xxx #给xxx用户设置密码为pass b):修改ssh服务配置文件并撑起服务 #sed-i's/#PermitRootLogin yes/PermitRootLogin no/'/etc/ssh/sshd_config # systemctl restart sshd
此时断开当前连接或者新开一个连接就会发现使用root用户连接不上服务器了,莫慌,使用xxx用户连接然后切换到root用户即可
SELinux(Security-Enhanced Linux) 是美国国家安全局(NSA)对于强制访问控制的实现,说白了就是安全机制,当然如果会配置的话建议配置更好,这里就介绍一下如何关闭吧,哈哈哈。
#sed-i.bak's#SELINUX=enforcing#SELINUX=disabled#g'/etc/selinux/config #修改配置文件需要重启服务器配置才会生效,如何立即生效那? # setenforce0#关闭SELinux立即生效,重启服务器后配置失效。
防火墙,不解释,内网服务建议关掉,对外开放的服务器需要配置规则,这里先关掉,关于防火墙配置规则等待后续更新。
# systemctl stop firewalld #临时关闭 # systemctl disable firewalld #永久关闭
装机后主机名默认为localhost,这里个人想更改自己的主机名,在不搭建内网DNS的情况,能通过主机名找到本机的IP地址。
# hostnamectl set-hostnameweb01 #设置主机名为web01,这样设置连配置文件里都修改了
# echo "192.168.6.6 web01" >>/etc/hosts #192.168.6.6为本机IP
如果是云服务器,这步优化基本都被作了,如果是物理机需要执行此步
#sed-i.bak's@#UseDNS yes@UseDNS no@gs@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g'/etc/ssh/sshd_config # systemctl restart sshd
说明:GSSAPIAuthentication参数是用于Kerberos验证的,而对于绝大多数人来说,不可能使用这种验证机制的,所以要注意把他们停掉。然后重启服务会发现远程连接速度有明显提升
设置服务器字符集,国际通用utf-8,根据自身业务来定
# localectl status #查看当前字符集 System Locale: LANG=en_US.UTF-8VC Keymap: us X11 Layout: us # localectl set-locale LANG=zh_CN.UTF-8#修改字符集为zh_CN.UTF-8,命令行和配置文件都生效 #cat/etc/locale.conf #查看配置文件 LANG=zh_CN.UTF-8
CentOS 7.2系统默认最大打开文件限制为1024,每建立一个TCP连接既浪费一个限制(这里不细讲,后续会更新详细说明),为了提升服务器性能,所以我们要增加打开文件的最大限制
# ulimit -n #默认大小1024#echo"* soft nofile 65536">>/etc/security/limits.conf #xi修改最大限制为65535 #echo"* hard nofile 65536">>/etc/security/limits.conf
时间同步,这里不多说了,向OpenStack的所有节点的时间不一致会导致创建不了虚拟机,也会有其他的问题,不多说,我们生产上所有服务器时间都是同步的。
# yuninstall-y ntpdate #前面已经装过了 # ntpdate ntp1.aliyun.com #这里同步的是aliyun的时间,公司内部建议自己搭建时间服务器(减少流量、广播等),然后加入crontab即可,内网时间服务器等待后续更新。
TCP断开连接时会有一个等待时间为2msl(60秒)对应的状态为TIME_WAIT,如果业务并发较大的话会有很多的TIME_WAIT状态(详细等待后续更新),如何来解决那?
#cat/proc/sys/net/ipv4/tcp_timestamps #时间戳,默认是开启的 #cat/proc/sys/net/ipv4/tcp_tw_reuse # 连接复用,tcp_timestamps是开启的状态下是可以开启的,1为开启,默认是关闭的状态。 #cat/proc/sys/net/ipv4/tcp_tw_recycle #socket快速回收,net网络状态下不可以开启,负载均衡上不可以打开,读者根据自身情况开启或关闭,默认为关闭状态。
好了,服务器优化就介绍到这里,以上优化不分先后顺序!!
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)