存档

文章标签 ‘Linux’

centos 下查看本机公网IP

2019年11月6日 没有评论

centos 下查看本机公网IP

1
curl ifconfig.me
分类: Linux, 解决方案 标签: ,

Centos同步网络时间方法(tcp和udp方式)

2019年8月7日 没有评论

ntpdate只能用udp协议来同步时间,rdate支持用tcp协议或udp协议同步时间。

使用ntpdate更新时间

yum -y install ntpdate

/usr/sbin/ntpdate ntp1.aliyun.com

使用rdate更新时间

yum -y install rdate

查看时间rdate time-b.nist.gov

TCP方式更新(对时)服务器时间:rdate -s time-b.nist.gov或rdate -s time.nist.gov

UDP方式更新(对时)服务器时间:rdate -u time-b.nist.gov或rdate -u time.nist.gov

定时备份docker内的mysql数据库并传到远程ftp服务器附脚本

2019年7月2日 没有评论

自从有了docker,也可以在此容器中使用mysql也很方便。不过备份数据库也是个麻烦事。不像原来那样备份。
以下的脚本功能是自动备份并传到远程ftp服务器,保留7天时间的文件。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#!/bin/bash
data_dir="/root/dbbackup"
cd /root/dbbackup/
#localhost_mysql_1为docker所在的容器名,可以自行用docker ps进行查看自己mysql所在容器名
docker exec localhost_mysql_1 mysqldump -uroot -ppassword dbname > "$data_dir/dbname_`date +%Y%m%d`.sql"
tar zcvf $data_dir/dbname_`date +%Y%m%d`.tar.gz $data_dir/dbname_`date +%Y%m%d`.sql
#删除超过七天的备份文件
find $data_dir -mtime +7 -name 'dbname_[1-9].sql' -exec rm -rf {} \;
find $data_dir -mtime +7 -name 'dbname_[1-9].tar.gz' -exec rm -rf {} \;
#以下为自动登陆ftp并传文件
ftp -n -i 123.123.123.123 <<EOF
user ftpname ftppassword
binary
lcd /www/wwwroot/ftp
prompt
mput dbname_`date +%Y%m%d`.tar.gz
close
bye !
EOF

ubuntu /boot 满的解决方法

2019年6月22日 没有评论

运行一段时间后我们经常会发现提示/boot满或是快满的问题,查了一下网上是提示这样清文件。希望对大家有一定帮助。
造成这一问题的主要原因是因为系统升级的时候会安装不同版本的 kernel,但是实际上使用的往往只有一个。因此,我们只需要把没有使用的 kernel 删除,就可以解决 /boot 空间占满的问题。

sudo apt autoremove –purge

具体操作

查看当前使用的 kernel

uname -r
>> Linux 4.10.0-42-generic
查看当前系统已经安装的 kernels

dpkg –list ‘linux-image*’ | grep ^ii
删除不需要的 kernel

# 需要删除的 kernel 版本号
sudo apt remove linux-image-
删除相关的包

sudo apt autoremove

最后更新以下 kernel 列表

sudo update-grup
接下来,我们在查看以下 /boot 的剩余容量

df -l
>>
文件系统 1K-块 已用 可用 已用% 挂载点
udev 3993976 0 3993976 0% /dev
tmpfs 803244 9748 793496 2% /run
/dev/sdc1 19553560 6811684 11725556 37% /
tmpfs 4016216 21364 3994852 1% /dev/shm
tmpfs 5120 4 5116 1% /run/lock
tmpfs 4016216 0 4016216 0% /sys/fs/cgroup
/dev/sdc6 182331 71528 97328 43% /boot
/dev/sdc7 87495992 10061048 72967284 13% /home
tmpfs 803244 80 803164 1% /run/user/1000

我们可以看到,我们的 /boot 的使用空间已经恢复正常,接下来我们可以正常使用 apt update 以及 apt upgrade 来升级我们的系统及软件了。

分类: 编程实践 标签: ,

VPS性能一键测试脚本

2019年6月10日 没有评论

服务器性能测试

命令如下:
中文版:

1
wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench-CN.sh &amp;&amp; bash ZBench-CN.sh

英文版:

1
wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench.sh &amp;&amp; bash ZBench.sh

效果如下图所示:

 

分类: Linux 标签: ,

CentOS 一键安装Cacti 1.2.3脚本

2019年5月19日 没有评论
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
#!/bin/bash
 
echo "this script requires git"
yum install -y git 
 
echo "This script will download all Cacti dependecies and download the chosen cacti version from the cacti github"
echo "Dont forget to support cacti @ cacti.net!"
 
echo "set selinux to disabled"
setenforce 0 
sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config
 
#Download chosen release
echo "here are some of the current cacti release versions \n
release/1.2.3
release/1.2.2
release/1.2.1
release/1.2.0
"
 
echo  "which release would you like to download ? Hit enter for latest"
read version
 
if  [ "$version" == "" ]
then
git clone https://github.com/Cacti/cacti.git
 
else 
yum install -y wget unzip
wget https://github.com/Cacti/cacti/archive/release/$version.zip
unzip $version 
mv cacti-release-$version cacti
fi
 
echo "will you be using the spine poller enter 1 for yes 2 for no"
read answer
if [ $answer == "1" ]
then
##Download packages needed for spine
yum install -y gcc mysql-devel net-snmp-devel autoconf automake libtool dos2unix help2man
echo "downloading and compling spine"
git clone https://github.com/Cacti/spine.git
cd spine
./bootstrap
./configure
make
make install
chown root:root /usr/local/spine/bin/spine
chmod u+s /usr/local/spine/bin/spine
cd ..
 
else
echo "spine dependecies  will not be installed"
fi
 
echo "On Centos systems we need to enable EPEL repos"
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y
yum install yum-utils -y
yum-config-manager --enable remi-php72
 
echo "Downloading PHP modules needed for Cacti install"
 
yum install  -y rrdtool mariadb-server net-snmp-utils net-snmp  snmpd php php-mysql  php-snmp php-xml php-mbstring php-json php-gd php-gmp php-zip php-ldap php-mc php-posix 
 
###Start services 
 
systemctl enable httpd
systemctl enable mariadb
systemctl start mariadb
systemctl start httpd
 
####Open Port 80 and 443 on firewalld
 
echo "Open http and https ports on firewalld"
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
 
##Timezone settings needed for cacti
echo "Enter your PHP time zone i.e America/Toronto  Default is US/Central "
read timezone
if [ $timezone == "" ] 
then
 
echo "date.timezone =" US/Central >> /etc/php.ini
else
 
echo "date.timezone =" $timezone >> /etc/php.ini
 
fi  
 
echo "Where would you like to install cacti default location is /var/www/html hit enter for default location"
read location
if [$location = ""]
then
 
location="/var/www/html"
 
mv cacti /var/www/html
else
mv cacti $location
fi
 
#Create cacti user and change permission of directory
echo "Which user would you like to run Cacti under (Default is www-data) hit enter for default"
read user
if [$user = ""]
then 
user="apache"
echo  "cacti will be run under apache"
chown -R  apache:apache $location/cacti
else 
useradd $user
chown -R $user:$user $location/cacti
fi
 
#assign permissions for cacti installation
 
chown -R apache:apache $location/cacti/resource/snmp_queries/          
chown -R apache:apache $location/cacti/resource/script_server/
chown -R apache:apache $location/cacti/resource/script_queries/
chown -R apache:apache $location/cacti/scripts/
chown -R apache:apache $location/cacti/cache/boost/
chown -R apache:apache $location/cacti/cache/mibcache/
chown -R apache:apache $location/cacti/cache/realtime/
chown -R apache:apache $location/cacti/cache/spikekill/
touch $location/cacti/log/cacti.log
chmod 777 $location/cacti/log/cacti.log
chown -R apache:apache   $location/cacti/log/
cp $location/cacti/include/config.php.dist $location/cacti/include/config.php
 
##Create database 
echo "would you like to customize the database name and user ? hit enter for defaults"
read customize
 
if [[ $customize = "" ]] 
then
 
mysql -uroot <<MYSQL_SCRIPT
CREATE DATABASE cacti DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ;
GRANT ALL PRIVILEGES ON cacti.* TO 'cacti'@'localhost' IDENTIFIED BY 'cacti'; ;
GRANT SELECT ON mysql.time_zone_name TO cacti@localhost;
USE mysql;
ALTER DATABASE cacti CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
FLUSH PRIVILEGES;
MYSQL_SCRIPT
 
#pre populate cacti db
mysql -u root  cacti < $location/cacti/cacti.sql
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root  mysql
 
sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_default.*@$database_default = "cacti";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_username.*@$database_username = "cacti";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_password.*@$database_password = "cacti";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_port.*@$database_port = "3306";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' /var/www/html/cacti/include/config.php
sed -i -e 's@^//$url_path@$url_path@g' /var/www/html/cacti/include/config.php
 
echo "default database setup with following details"
echo "database name cacti\n
database username cacti\n
database password cacti"
 
else
 
echo "enter db name"
read customdbname
echo "enter db user"
read customdbuser
echo "enter db password"
read customdbpassword
 
mysql -u root <<MYSQL_SCRIPT
CREATE DATABASE $customdbname;
GRANT ALL PRIVILEGES ON $customdbname.* TO '$customdbuser'@'localhost' IDENTIFIED BY '$customdbpassword';
GRANT SELECT ON mysql.time_zone_name TO $customdbuser@localhost;
ALTER DATABASE $customdbname CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
FLUSH PRIVILEGES;
MYSQL_SCRIPT
 
echo "Pre-populating cacti DB"
mysql -u root  $customdbname < $location/cacti/cacti.sql
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root  mysql
 
sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' $location/cacti/include/config.php
sed -i -e 's@^$database_default.*@$database_default = '$customdbname'\;@g' $location/cacti/include/config.php
sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' $location/cacti/include/config.php
sed -i -e 's@^$database_username.*@$database_username = '$customdbuser';@g' $location/cacti/include/config.php
sed -i -e 's@^$database_password.*@$database_password = '$customdbpassword';@g' $location/cacti/include/config.php
sed -i -e 's@^$database_port.*@$database_port = "3306";@g' "$location"/cacti/include/config.php
sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' "$location"/cacti/include/config.php
sed -i -e 's@^//$url_path@$url_path@g' $location/cacti/include/config.php
 
fi
 
###Adding recomended PHP settings 
sed -e 's/max_execution_time = 30/max_execution_time = 60/' -i /etc/php.ini
sed -e 's/memory_limit = 128M/memory_limit = 400M/' -i /etc/php.ini
 
echo "Applying recommended DB settings"
echo "
innodb_file_format = Barracuda
character_set_client = utf8mb4
max_allowed_packet = 16777777
join_buffer_size = 32M
innodb_file_per_table = ON
innodb_large_prefix = 1
innodb_buffer_pool_size = 250M
innodb_additional_mem_pool_size = 90M
innodb_flush_log_at_trx_commit = 2
" >> /etc/my.cnf.d/server.cnf
 
echo "this script can download the following plugins monitor,thold would you like to install them  ?
type yes to download hit enter to skip"
read plugins
 if [ $plugins == "yes" ]
  then
   git clone https://github.com/Cacti/plugin_thold.git
    git clone https://github.com/Cacti/plugin_monitor.git
mv plugin_thold thold
  mv plugin_monitor monitor
   chown -R $user:$user thold
    chown -R $user:$user monitor
     mv thold $location/cacti/plugins
      mv monitor $location/cacti/plugins
else
 echo "plugins will not be installed"
fi
 
touch /etc/cron.d/$user
echo "*/5 * * * * $user php $location/cacti/poller.php > /dev/null 2>&1" > /etc/cron.d/$user 
 
echo "refreshing services"
systemctl restart httpd
systemctl restart mariadb
 
echo "Installation completed !"
分类: Linux, 编程实践 标签: , ,

centos7 firewall-cmd

2019年4月4日 没有评论
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#删除端口规则
firewall-cmd --zone=public --remove-port=22/tcp --permanent
 
#查看列表规则
firewall-cmd --zone=public --list-ports
 
#开设端口
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
 
firewall-cmd --reload
systemctl enable firewalld
systemctl restart firewalld
 
#限制指定ip地址访问端口,例如ssh端口22
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="22" accept"
 
#删除限制规则
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="11300" accept"
 
#开通端口范围规则
firewall-cmd --permanent --add-port=1000-2000/tcp
 
#添加指定网段对ssh所用的端口访问权限
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="112.112.112.0/24" port protocol="tcp" port="22" accept"
 
#以上是一些实用新版本防火墙笔记,希望对大家有用

查看网线是否接上及mii-tool使用(转)

2019年3月26日 没有评论

==================================Debian=======================================
1、发行版本
cat /etc/debian_version
5.0.2

2、内核
uname -r
2.6.18-6-amd64

3、机型
dmidecode -s system-product-name
PowerEdge R710

4、安装软件包
apt-get -y install net-tools

5、使用ip命令查看网络接口状态
1)ip a
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 84:2b:2b:48:ab:12 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 84:2b:2b:48:ab:14 brd ff:ff:ff:ff:ff:ff
inet 192.168.35.133/24 brd 192.168.35.255 scope global eth1
4: eth2: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 84:2b:2b:48:ab:16 brd ff:ff:ff:ff:ff:ff
5: eth3: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 84:2b:2b:48:ab:18 brd ff:ff:ff:ff:ff:ff
查看结果是eth1已经有ip 但eth0还没有ip及网络接口也没有打开

2)参数说明
qdisc pfifo_fast #Priority queueing
qlen #默认接口传输队列的默认长度
mtu #最大传输单元
qdisc noop #表示网络接口还没有up状态
up #设备处于运行状态,能接收和发送数据包
down #设备处于关闭状态,不能接收和发送数据包
qdisc mq #Multiqueue

6、如果没打开eth0网络接口的话使用mii-tool命令后结果是这样的
mii-tool
SIOCGMIIPHY on ‘eth0′ failed: Resource temporarily unavailable
eth1: negotiated 1000baseT-FD flow-control, link ok
SIOCGMIIPHY on ‘eth2′ failed: Resource temporarily unavailable
SIOCGMIIPHY on ‘eth3′ failed: Resource temporarily unavailable

7、使用ifconfig命令打开eth0网络接口
ifconfig eth0 up

8、再次使用mii-tool命令查看网线是否连接,这次看到显示eth0是no link状态 判定网线没接上
eth0: no link
eth1: negotiated 1000baseT-FD flow-control, link ok
eth2: no link
eth3: no link

9、找idc工程师让他们接上网线

==================================Centos=======================================
1、发行版本
cat /etc/redhat-release
CentOS release 6.5 (Final)

2、内核
uname -r
2.6.32-431.el6.x86_64

3、机型
dmidecode -s system-product-name
PowerEdge R610

4、安装软件包
yum -y install net-tools

5、使用ip命令查看网络接口状态
ip a
1: lo: mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:22:19:63:97:5e brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/24 brd 111.222.333.444 scope global eth0
inet6 fe80::222:19ff:fe63:975e/64 scope link
valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:22:19:63:97:60 brd ff:ff:ff:ff:ff:ff
inet 10.18.22.190/24 brd 10.18.22.255 scope global eth1
inet6 fe80::222:19ff:fe63:9760/64 scope link
valid_lft forever preferred_lft forever
4: eth2: mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:22:19:63:97:62 brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/25 brd 111.222.333.444 scope global eth2
inet6 fe80::222:19ff:fe63:9762/64 scope link
valid_lft forever preferred_lft forever
5: em4: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 00:22:19:63:97:64 brd ff:ff:ff:ff:ff:ff

6、如果没打开em4网络接口的话使用mii-tool命令后结果是这样的
mii-tool em4
SIOCGMIIPHY on ‘em4′ failed: Resource temporarily unavailable

7、使用ifconfig命令打开eth0网络接口
ifconfig em4 up

8、找idc工程师让他们接上网线后查看
mii-tool em4
em4: negotiated 100baseTx-FD flow-control, link ok

参考文章

http://events.linuxfoundation.org/sites/events/files/slides/Linux_traffic_control.pdf

分类: 解决方案 标签: ,

CentOS7使用firewalld打开关闭防火墙与端口

2019年3月10日 没有评论

1、firewalld的基本使用
启动: systemctl start firewalld
关闭: systemctl stop firewalld
查看状态: systemctl status firewalld
开机禁用 : systemctl disable firewalld
开机启用 : systemctl enable firewalld

2.systemctl是CentOS7的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体。
启动一个服务:systemctl start firewalld.service
关闭一个服务:systemctl stop firewalld.service
重启一个服务:systemctl restart firewalld.service
显示一个服务的状态:systemctl status firewalld.service
在开机时启用一个服务:systemctl enable firewalld.service
在开机时禁用一个服务:systemctl disable firewalld.service
查看服务是否开机启动:systemctl is-enabled firewalld.service
查看已启动的服务列表:systemctl list-unit-files|grep enabled
查看启动失败的服务列表:systemctl –failed

3.配置firewalld-cmd

查看版本: firewall-cmd –version
查看帮助: firewall-cmd –help
显示状态: firewall-cmd –state
查看所有打开的端口: firewall-cmd –zone=public –list-ports
更新防火墙规则: firewall-cmd –reload
查看区域信息: firewall-cmd –get-active-zones
查看指定接口所属区域: firewall-cmd –get-zone-of-interface=eth0
拒绝所有包:firewall-cmd –panic-on
取消拒绝状态: firewall-cmd –panic-off
查看是否拒绝: firewall-cmd –query-panic

那怎么开启一个端口呢
添加
firewall-cmd –zone=public –add-port=80/tcp –permanent (–permanent永久生效,没有此参数重启后失效)
重新载入
firewall-cmd –reload
查看
firewall-cmd –zone= public –query-port=80/tcp
删除
firewall-cmd –zone= public –remove-port=80/tcp –permanent

分类: Linux 标签: , ,

centos7重新调整分区大小

2019年1月14日 没有评论

cenos 7 最小化安装完成后,分区是自动的。默认都会很多分到home目录,这很不合理。建议一般大家都分给/目录,也就是根目录。这样比较方便。

查看磁盘的空间大小: df -h

备份/home : cp -r /home/ homebak/
卸载​ /home : umount /home

如果出现 home 存在进程,使用 fuser -m -v -i -k /home 终止 home 下的进程,最后使用 umount /home 卸载 /home
删除/home所在的lv : lvremove /dev/mapper/centos-home

扩展/root所在的lv,增加4430G : lvextend -L +4430G /dev/mapper/centos-root
扩展/root文件系统 : xfs_growfs /dev/mapper/centos-root

重新创建home lv : lvcreate -L 167G -n home centos

重新创建home lv 分区的大小,根据 vgdisplay 中的free PE 的大小确定
创建文件系统: mkfs.xfs /dev/centos/home
挂载 home: mount /dev/centos/home /home

重新调整大小后,/home 下的东西将丢失,注意做好备份。。。

分类: 解决方案 标签: ,