重慶分公司
重慶分公司
OS Version:1804
鏡像下載:http://cdimage.ubuntu.com/releases/
官方文檔:https://help.ubuntu.com/# cat /etc/hostname
hechunping# sed -i '/GRUB_CMDLINE_LINUX=/s/"$/net.ifnames=0 biosdevname=0"/' /etc/default/grub
# update-grub
Sourcing file `/etc/default/grub'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.15.0-55-generic
Found initrd image: /boot/initrd.img-4.15.0-55-generic
done
# reboot
# sed -i 's/ens33/eth0/' /etc/netplan/01-netcfg.yaml# 默認(rèn)情況下,ubuntu不允許root??遠(yuǎn)程ssh,如果有實(shí)際場(chǎng)景需要允許root??遠(yuǎn)程ssh,則需要設(shè)置root密碼,并且編輯/etc/ssh/sshd_config?件修改如下:
~$ sudo vim /etc/ssh/sshd_config
32 #PermitRootLogin prohibit-password #默認(rèn)為禁?登錄
33 PermitRootLogin yes #改為允許登錄
57 #PasswordAuthentication yes
58 PasswordAuthentication yes #打開密碼認(rèn)證,其實(shí)默認(rèn)就是允許通過密碼認(rèn)證登錄
~$ sudo su - root #切換到root??環(huán)境
~# passwd #設(shè)置密碼
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
~# systemctl restart sshd #重啟ssh服務(wù)并測(cè)試root??遠(yuǎn)程ssh連接官方文檔:https://netplan.io/
Ubuntu 從 17.10 開始,已放棄在 /etc/network/interfaces ?固定IP的配置,?是改成 netplan ?式,配置?件是:/etc/netplan/01-netcfg.yaml
# ubuntu 17.04及之前的靜態(tài)IP配置?式:
~# cat /etc/network/interfaces
root@hechunping:~# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto eth0 #?卡?啟動(dòng),寫??要配置IP的實(shí)際?卡名稱
iface eth0 inet static #配置靜態(tài)IP,寫??要配置IP的實(shí)際?卡名稱
address 172.18.3.12 #IP地址
netmask 255.255.0.0 #掩碼
gateway 172.18.0.1 #?關(guān)
dns-nameservers 223.6.6.6 #DNS
dns-nameservers 223.5.5.5
#重啟?絡(luò)服務(wù)
~# /etc/init.d/networking restart
~# systemctl restart networking.serviceroot@hechunping:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses: [192.168.7.132/24]
gateway4: 192.168.7.2
nameservers:
addresses: [223.6.6.6]
root@hechunping:~# netplan apply# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6]
eth2:
dhcp4: no
addresses: [192.168.7.34/24]
routes:
- to: 172.20.0.0/16
via: 192.168.7.2
# netplan apply# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
bridges:
br0:
dhcp4: no
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6]
interfaces:
- eth0
# netplan apply將br0和br1分別橋接到eth0和eth2。
# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth2:
dhcp4: no
bridges:
br0:
dhcp4: no
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6]
interfaces:
- eth0
br1:
dhcp4: no
addresses: [192.168.7.34/24]
routes:
- to: 172.20.0.0/16
via: 192.168.7.2
interfaces:
- eth2
root@hechunping:~# netplan apply需要提前安裝好bridge命令,兩塊網(wǎng)卡使用同一種網(wǎng)絡(luò)模式
# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth2:
dhcp4: no
bonds:
bond0:
interfaces:
- eth0
- eth2
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6,223.5.5.5]
parameters:
mode: active-backup
mii-monitor-interval: 100
# poweroff
# netplan apply?卡綁定?于提供?卡接?冗余以及?可?和端?聚合功能,橋接?卡再給需要橋接設(shè)備的服務(wù)使?。
# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth2:
dhcp4: no
bonds:
bond0:
interfaces:
- eth0
- eth2
parameters:
mode: active-backup
mii-monitor-interval: 100
bridges:
br0:
dhcp4: no
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6,223.5.5.5]
interfaces:
- bond0
# netplan apply多?絡(luò)情況下實(shí)現(xiàn)?卡綁定。這里使用橋接(eth0,eth2)和NAT(eth3,eth4)兩種網(wǎng)絡(luò)模式
# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth2:
dhcp4: no
eth3:
dhcp4: no
eth4:
dhcp4: no
bonds:
bond0:
interfaces:
- eth0
- eth2
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6,223.5.5.5]
parameters:
mode: active-backup
mii-monitor-interval: 100
bond1:
interfaces:
- eth3
- eth4
addresses: [192.168.7.34/24]
parameters:
mode: active-backup
mii-monitor-interval: 100
routes:
- to: 172.20.0.0/16
via: 192.168.7.2
# netplan apply# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
eth2:
dhcp4: no
eth3:
dhcp4: no
eth4:
dhcp4: no
bonds:
bond0:
interfaces:
- eth0
- eth2
parameters:
mode: active-backup
mii-monitor-interval: 100
bond1:
interfaces:
- eth3
- eth4
parameters:
mode: active-backup
mii-monitor-interval: 100
bridges:
br0:
dhcp4: no
addresses: [172.20.7.34/16]
gateway4: 172.20.0.1
nameservers:
addresses: [223.6.6.6,223.5.5.5]
interfaces:
- bond0
br1:
dhcp4: no
addresses: [192.168.7.34/24]
routes:
- to: 172.20.0.0/16
via: 192.168.7.2
interfaces:
- bond1
# netplan apply阿?云倉(cāng)庫(kù)地址:https://developer.aliyun.com/mirror
中科?:http://mirrors.ustc.edu.cn/help/ubuntu.html
清華?學(xué):https://mirror.tuna.tsinghua.edu.cn/help/ubuntu/
華為:https://mirrors.huaweicloud.com/
###### 清華源配置 ######
Ubuntu 的軟件源配置文件是 /etc/apt/sources.list。將系統(tǒng)自帶的該文件做個(gè)備份,將該文件替換為下面內(nèi)容,即可使用 TUNA 的軟件源鏡像。
# cd /etc/apt/
# cp -p sources.list sources.list.bak
# vim sources.list
# 默認(rèn)注釋了源碼鏡像以提高 apt update 速度,如有需要可自行取消注釋
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
# 預(yù)發(fā)布軟件源,不建議啟用
# deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
# apt update #更新本地軟件包列表索引,修改了apt倉(cāng)庫(kù)后必須執(zhí)?
###### 阿里源配置 ######
# sed -i 's/cn.archive.ubuntu/mirrors.aliyun/' /etc/apt/sources.list
# apt update #更新本地軟件包列表索引,修改了apt倉(cāng)庫(kù)后必須執(zhí)?apt list #apt列出倉(cāng)庫(kù)軟件包,等于yum list
apt search NAME #搜索安裝包
apt show apache2 #查看某個(gè)安裝包的詳細(xì)信息
apt install apache2 #在線安裝軟件包
apt remove apache2 #卸載單個(gè)軟件包但是保留配置?件
apt autoremove apache2 #刪除安裝包并解決依賴關(guān)系
apt update #更新本地軟件包列表索引,修改了apt倉(cāng)庫(kù)后必須執(zhí)?
apt purge apache2 #卸載單個(gè)軟件包刪除配置?件
apt upgrade #升級(jí)所有已安裝且可升級(jí)到新版本的軟件包
apt full-upgrade #升級(jí)整個(gè)系統(tǒng),必要時(shí)可以移除舊軟件包。
apt edit-sources #編輯source源?件
apt-cache madison nginx #查看倉(cāng)庫(kù)中軟件包有哪些版本可以安裝
apt install nginx=1.14.0-0ubuntu1.6 #安裝軟件包的時(shí)候指定安裝具體的版本rpm:RPM(Red Hat Package Manager),是基于Red hat的Linux Distribution的包管理系統(tǒng),同時(shí)也指rpm包本?,RPM?于rpm包的管理(諸如安裝、卸載、升級(jí)等)
"dpkg "是"Debian Packager "的簡(jiǎn)寫,為 "Debian"專?開發(fā)的套件管理系統(tǒng),?便軟件的安裝、更新及移除。所有源?“Debian”的“Linux ”發(fā)?版都使? “dpkg”,例如 “Ubuntu”、“Knoppix ”等。
dpkg -i gitlab-ce_11.9.8-ce.0_amd64.deb #安裝某個(gè)軟件包
dpkg -r gitlab-ce #刪除某個(gè)軟件包保留配置?件
dpkg -r -P gitlab-ce #刪除某個(gè)軟件包不保留配置?件
dpkg -I gitlab-ce_11.9.8-ce.0_amd64.deb #查看軟件包信息
dpkg -c gitlab-ce_11.9.8-ce.0_amd64.deb #查看軟件包內(nèi)的?件及?錄內(nèi)容
dpkg -l #列出本機(jī)已經(jīng)安裝的所有軟件# pwd
/usr/local/src
解壓?進(jìn)制?件并設(shè)置軟連接:
# tar xf jdk-8u212-linux-x64.tar.gz
# ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
配置環(huán)境變量:
# vim /etc/profile
export JAVA_HOME=/usr/local/jdk
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
export CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
重新導(dǎo)?環(huán)境變量并驗(yàn)證:
# source /etc/profile
# java -version
java version "1.8.0_212"
Java(TM) SE Runtime Environment (build 1.8.0_212-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.212-b10, mixed mode)# apt install openjdk-8-jdk# apt purge ufw lxd lxd-client lxcfs lxc-common
# apt install iproute2 ntpdate tcpdump telnet traceroute nfs-kernel-server nfs-common lrzsz tree openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev ntpdate tcpdump telnet traceroute gcc openssh-server lrzsz tree openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev ntpdate tcpdump telnet traceroute iotop unzip zip#cat /etc/security/limits.conf
#root賬?的資源軟限制和硬限制
root soft core unlimited
root hard core unlimited
root soft nproc 1000000
root hard nproc 1000000
root soft nofile 1000000
root hard nofile 1000000
root soft memlock 32000
root hard memlock 32000
root soft msgqueue 8192000
root hard msgqueue 8192000
#其他賬?的資源軟限制和硬限制
* soft core unlimited
* hard core unlimited
* soft nproc 1000000
* hard nproc 1000000
* soft nofile 1000000
* hard nofile 1000000
* soft memlock 32000
* hard memlock 32000
* soft msgqueue 8192000
* hard msgqueue 8192000# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920
# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15
# tcp conn reuse
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1
# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001 65000
# swap
vm.overcommit_memory = 0
vm.swappiness = 10
#net.ipv4.conf.eth2.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2
