Centos同步网络时间方法(tcp和udp方式)
ntpdate只能用udp协议来同步时间,rdate支持用tcp协议或udp协议同步时间。
使用ntpdate更新时间
yum -y install ntpdate
/usr/sbin/ntpdate ntp1.aliyun.com
使用rdate更新时间
yum -y install rdate
查看时间rdate time-b.nist.gov
TCP方式更新(对时)服务器时间:rdate -s time-b.nist.gov或rdate -s time.nist.gov
UDP方式更新(对时)服务器时间:rdate -u time-b.nist.gov或rdate -u time.nist.gov
定时备份docker内的mysql数据库并传到远程ftp服务器附脚本
自从有了docker,也可以在此容器中使用mysql也很方便。不过备份数据库也是个麻烦事。不像原来那样备份。
以下的脚本功能是自动备份并传到远程ftp服务器,保留7天时间的文件。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | #!/bin/bash data_dir="/root/dbbackup" cd /root/dbbackup/ #localhost_mysql_1为docker所在的容器名,可以自行用docker ps进行查看自己mysql所在容器名 docker exec localhost_mysql_1 mysqldump -uroot -ppassword dbname > "$data_dir/dbname_`date +%Y%m%d`.sql" tar zcvf $data_dir/dbname_`date +%Y%m%d`.tar.gz $data_dir/dbname_`date +%Y%m%d`.sql #删除超过七天的备份文件 find $data_dir -mtime +7 -name 'dbname_[1-9].sql' -exec rm -rf {} \; find $data_dir -mtime +7 -name 'dbname_[1-9].tar.gz' -exec rm -rf {} \; #以下为自动登陆ftp并传文件 ftp -n -i 123.123.123.123 <<EOF user ftpname ftppassword binary lcd /www/wwwroot/ftp prompt mput dbname_`date +%Y%m%d`.tar.gz close bye ! EOF |
ubuntu /boot 满的解决方法
运行一段时间后我们经常会发现提示/boot满或是快满的问题,查了一下网上是提示这样清文件。希望对大家有一定帮助。
造成这一问题的主要原因是因为系统升级的时候会安装不同版本的 kernel,但是实际上使用的往往只有一个。因此,我们只需要把没有使用的 kernel 删除,就可以解决 /boot 空间占满的问题。
sudo apt autoremove –purge
具体操作
查看当前使用的 kernel
uname -r
>> Linux 4.10.0-42-generic
查看当前系统已经安装的 kernels
dpkg –list ‘linux-image*’ | grep ^ii
删除不需要的 kernel
#
sudo apt remove linux-image-
删除相关的包
sudo apt autoremove
最后更新以下 kernel 列表
sudo update-grup
接下来,我们在查看以下 /boot 的剩余容量
df -l
>>
文件系统 1K-块 已用 可用 已用% 挂载点
udev 3993976 0 3993976 0% /dev
tmpfs 803244 9748 793496 2% /run
/dev/sdc1 19553560 6811684 11725556 37% /
tmpfs 4016216 21364 3994852 1% /dev/shm
tmpfs 5120 4 5116 1% /run/lock
tmpfs 4016216 0 4016216 0% /sys/fs/cgroup
/dev/sdc6 182331 71528 97328 43% /boot
/dev/sdc7 87495992 10061048 72967284 13% /home
tmpfs 803244 80 803164 1% /run/user/1000
我们可以看到,我们的 /boot 的使用空间已经恢复正常,接下来我们可以正常使用 apt update 以及 apt upgrade 来升级我们的系统及软件了。
VPS性能一键测试脚本
服务器性能测试
命令如下:
中文版:
1 | wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench-CN.sh && bash ZBench-CN.sh |
英文版:
1 | wget -N --no-check-certificate https://raw.githubusercontent.com/FunctionClub/ZBench/master/ZBench.sh && bash ZBench.sh |
效果如下图所示:
CentOS 一键安装Cacti 1.2.3脚本
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 | #!/bin/bash echo "this script requires git" yum install -y git echo "This script will download all Cacti dependecies and download the chosen cacti version from the cacti github" echo "Dont forget to support cacti @ cacti.net!" echo "set selinux to disabled" setenforce 0 sed -i 's/enforcing/disabled/g' /etc/selinux/config /etc/selinux/config #Download chosen release echo "here are some of the current cacti release versions \n release/1.2.3 release/1.2.2 release/1.2.1 release/1.2.0 " echo "which release would you like to download ? Hit enter for latest" read version if [ "$version" == "" ] then git clone https://github.com/Cacti/cacti.git else yum install -y wget unzip wget https://github.com/Cacti/cacti/archive/release/$version.zip unzip $version mv cacti-release-$version cacti fi echo "will you be using the spine poller enter 1 for yes 2 for no" read answer if [ $answer == "1" ] then ##Download packages needed for spine yum install -y gcc mysql-devel net-snmp-devel autoconf automake libtool dos2unix help2man echo "downloading and compling spine" git clone https://github.com/Cacti/spine.git cd spine ./bootstrap ./configure make make install chown root:root /usr/local/spine/bin/spine chmod u+s /usr/local/spine/bin/spine cd .. else echo "spine dependecies will not be installed" fi echo "On Centos systems we need to enable EPEL repos" yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm -y yum install yum-utils -y yum-config-manager --enable remi-php72 echo "Downloading PHP modules needed for Cacti install" yum install -y rrdtool mariadb-server net-snmp-utils net-snmp snmpd php php-mysql php-snmp php-xml php-mbstring php-json php-gd php-gmp php-zip php-ldap php-mc php-posix ###Start services systemctl enable httpd systemctl enable mariadb systemctl start mariadb systemctl start httpd ####Open Port 80 and 443 on firewalld echo "Open http and https ports on firewalld" firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload ##Timezone settings needed for cacti echo "Enter your PHP time zone i.e America/Toronto Default is US/Central " read timezone if [ $timezone == "" ] then echo "date.timezone =" US/Central >> /etc/php.ini else echo "date.timezone =" $timezone >> /etc/php.ini fi echo "Where would you like to install cacti default location is /var/www/html hit enter for default location" read location if [$location = ""] then location="/var/www/html" mv cacti /var/www/html else mv cacti $location fi #Create cacti user and change permission of directory echo "Which user would you like to run Cacti under (Default is www-data) hit enter for default" read user if [$user = ""] then user="apache" echo "cacti will be run under apache" chown -R apache:apache $location/cacti else useradd $user chown -R $user:$user $location/cacti fi #assign permissions for cacti installation chown -R apache:apache $location/cacti/resource/snmp_queries/ chown -R apache:apache $location/cacti/resource/script_server/ chown -R apache:apache $location/cacti/resource/script_queries/ chown -R apache:apache $location/cacti/scripts/ chown -R apache:apache $location/cacti/cache/boost/ chown -R apache:apache $location/cacti/cache/mibcache/ chown -R apache:apache $location/cacti/cache/realtime/ chown -R apache:apache $location/cacti/cache/spikekill/ touch $location/cacti/log/cacti.log chmod 777 $location/cacti/log/cacti.log chown -R apache:apache $location/cacti/log/ cp $location/cacti/include/config.php.dist $location/cacti/include/config.php ##Create database echo "would you like to customize the database name and user ? hit enter for defaults" read customize if [[ $customize = "" ]] then mysql -uroot <<MYSQL_SCRIPT CREATE DATABASE cacti DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ; GRANT ALL PRIVILEGES ON cacti.* TO 'cacti'@'localhost' IDENTIFIED BY 'cacti'; ; GRANT SELECT ON mysql.time_zone_name TO cacti@localhost; USE mysql; ALTER DATABASE cacti CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; FLUSH PRIVILEGES; MYSQL_SCRIPT #pre populate cacti db mysql -u root cacti < $location/cacti/cacti.sql mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_default.*@$database_default = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_username.*@$database_username = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_password.*@$database_password = "cacti";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_port.*@$database_port = "3306";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' /var/www/html/cacti/include/config.php sed -i -e 's@^//$url_path@$url_path@g' /var/www/html/cacti/include/config.php echo "default database setup with following details" echo "database name cacti\n database username cacti\n database password cacti" else echo "enter db name" read customdbname echo "enter db user" read customdbuser echo "enter db password" read customdbpassword mysql -u root <<MYSQL_SCRIPT CREATE DATABASE $customdbname; GRANT ALL PRIVILEGES ON $customdbname.* TO '$customdbuser'@'localhost' IDENTIFIED BY '$customdbpassword'; GRANT SELECT ON mysql.time_zone_name TO $customdbuser@localhost; ALTER DATABASE $customdbname CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; FLUSH PRIVILEGES; MYSQL_SCRIPT echo "Pre-populating cacti DB" mysql -u root $customdbname < $location/cacti/cacti.sql mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql sed -i -e 's@^$database_type.*@$database_type = "mysql";@g' $location/cacti/include/config.php sed -i -e 's@^$database_default.*@$database_default = '$customdbname'\;@g' $location/cacti/include/config.php sed -i -e 's@^$database_hostname.*@$database_hostname = "127.0.0.1";@g' $location/cacti/include/config.php sed -i -e 's@^$database_username.*@$database_username = '$customdbuser';@g' $location/cacti/include/config.php sed -i -e 's@^$database_password.*@$database_password = '$customdbpassword';@g' $location/cacti/include/config.php sed -i -e 's@^$database_port.*@$database_port = "3306";@g' "$location"/cacti/include/config.php sed -i -e 's@^$database_ssl.*@$database_ssl = "false";@g' "$location"/cacti/include/config.php sed -i -e 's@^//$url_path@$url_path@g' $location/cacti/include/config.php fi ###Adding recomended PHP settings sed -e 's/max_execution_time = 30/max_execution_time = 60/' -i /etc/php.ini sed -e 's/memory_limit = 128M/memory_limit = 400M/' -i /etc/php.ini echo "Applying recommended DB settings" echo " innodb_file_format = Barracuda character_set_client = utf8mb4 max_allowed_packet = 16777777 join_buffer_size = 32M innodb_file_per_table = ON innodb_large_prefix = 1 innodb_buffer_pool_size = 250M innodb_additional_mem_pool_size = 90M innodb_flush_log_at_trx_commit = 2 " >> /etc/my.cnf.d/server.cnf echo "this script can download the following plugins monitor,thold would you like to install them ? type yes to download hit enter to skip" read plugins if [ $plugins == "yes" ] then git clone https://github.com/Cacti/plugin_thold.git git clone https://github.com/Cacti/plugin_monitor.git mv plugin_thold thold mv plugin_monitor monitor chown -R $user:$user thold chown -R $user:$user monitor mv thold $location/cacti/plugins mv monitor $location/cacti/plugins else echo "plugins will not be installed" fi touch /etc/cron.d/$user echo "*/5 * * * * $user php $location/cacti/poller.php > /dev/null 2>&1" > /etc/cron.d/$user echo "refreshing services" systemctl restart httpd systemctl restart mariadb echo "Installation completed !" |
centos7 firewall-cmd
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | #删除端口规则 firewall-cmd --zone=public --remove-port=22/tcp --permanent #查看列表规则 firewall-cmd --zone=public --list-ports #开设端口 firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload systemctl enable firewalld systemctl restart firewalld #限制指定ip地址访问端口,例如ssh端口22 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="22" accept" #删除限制规则 firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.11.11" port protocol="tcp" port="11300" accept" #开通端口范围规则 firewall-cmd --permanent --add-port=1000-2000/tcp #添加指定网段对ssh所用的端口访问权限 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="112.112.112.0/24" port protocol="tcp" port="22" accept" #以上是一些实用新版本防火墙笔记,希望对大家有用 |
查看网线是否接上及mii-tool使用(转)
==================================Debian=======================================
1、发行版本
cat /etc/debian_version
5.0.2
2、内核
uname -r
2.6.18-6-amd64
3、机型
dmidecode -s system-product-name
PowerEdge R710
4、安装软件包
apt-get -y install net-tools
5、使用ip命令查看网络接口状态
1)ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: eth0:
link/ether 84:2b:2b:48:ab:12 brd ff:ff:ff:ff:ff:ff
3: eth1:
link/ether 84:2b:2b:48:ab:14 brd ff:ff:ff:ff:ff:ff
inet 192.168.35.133/24 brd 192.168.35.255 scope global eth1
4: eth2:
link/ether 84:2b:2b:48:ab:16 brd ff:ff:ff:ff:ff:ff
5: eth3:
link/ether 84:2b:2b:48:ab:18 brd ff:ff:ff:ff:ff:ff
查看结果是eth1已经有ip 但eth0还没有ip及网络接口也没有打开
2)参数说明
qdisc pfifo_fast #Priority queueing
qlen #默认接口传输队列的默认长度
mtu #最大传输单元
qdisc noop #表示网络接口还没有up状态
up #设备处于运行状态,能接收和发送数据包
down #设备处于关闭状态,不能接收和发送数据包
qdisc mq #Multiqueue
6、如果没打开eth0网络接口的话使用mii-tool命令后结果是这样的
mii-tool
SIOCGMIIPHY on ‘eth0′ failed: Resource temporarily unavailable
eth1: negotiated 1000baseT-FD flow-control, link ok
SIOCGMIIPHY on ‘eth2′ failed: Resource temporarily unavailable
SIOCGMIIPHY on ‘eth3′ failed: Resource temporarily unavailable
7、使用ifconfig命令打开eth0网络接口
ifconfig eth0 up
8、再次使用mii-tool命令查看网线是否连接,这次看到显示eth0是no link状态 判定网线没接上
eth0: no link
eth1: negotiated 1000baseT-FD flow-control, link ok
eth2: no link
eth3: no link
9、找idc工程师让他们接上网线
==================================Centos=======================================
1、发行版本
cat /etc/redhat-release
CentOS release 6.5 (Final)
2、内核
uname -r
2.6.32-431.el6.x86_64
3、机型
dmidecode -s system-product-name
PowerEdge R610
4、安装软件包
yum -y install net-tools
5、使用ip命令查看网络接口状态
ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
link/ether 00:22:19:63:97:5e brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/24 brd 111.222.333.444 scope global eth0
inet6 fe80::222:19ff:fe63:975e/64 scope link
valid_lft forever preferred_lft forever
3: eth1:
link/ether 00:22:19:63:97:60 brd ff:ff:ff:ff:ff:ff
inet 10.18.22.190/24 brd 10.18.22.255 scope global eth1
inet6 fe80::222:19ff:fe63:9760/64 scope link
valid_lft forever preferred_lft forever
4: eth2:
link/ether 00:22:19:63:97:62 brd ff:ff:ff:ff:ff:ff
inet 111.222.333.444/25 brd 111.222.333.444 scope global eth2
inet6 fe80::222:19ff:fe63:9762/64 scope link
valid_lft forever preferred_lft forever
5: em4:
link/ether 00:22:19:63:97:64 brd ff:ff:ff:ff:ff:ff
6、如果没打开em4网络接口的话使用mii-tool命令后结果是这样的
mii-tool em4
SIOCGMIIPHY on ‘em4′ failed: Resource temporarily unavailable
7、使用ifconfig命令打开eth0网络接口
ifconfig em4 up
8、找idc工程师让他们接上网线后查看
mii-tool em4
em4: negotiated 100baseTx-FD flow-control, link ok
参考文章
http://events.linuxfoundation.org/sites/events/files/slides/Linux_traffic_control.pdf
CentOS7使用firewalld打开关闭防火墙与端口
1、firewalld的基本使用
启动: systemctl start firewalld
关闭: systemctl stop firewalld
查看状态: systemctl status firewalld
开机禁用 : systemctl disable firewalld
开机启用 : systemctl enable firewalld
2.systemctl是CentOS7的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体。
启动一个服务:systemctl start firewalld.service
关闭一个服务:systemctl stop firewalld.service
重启一个服务:systemctl restart firewalld.service
显示一个服务的状态:systemctl status firewalld.service
在开机时启用一个服务:systemctl enable firewalld.service
在开机时禁用一个服务:systemctl disable firewalld.service
查看服务是否开机启动:systemctl is-enabled firewalld.service
查看已启动的服务列表:systemctl list-unit-files|grep enabled
查看启动失败的服务列表:systemctl –failed
3.配置firewalld-cmd
查看版本: firewall-cmd –version
查看帮助: firewall-cmd –help
显示状态: firewall-cmd –state
查看所有打开的端口: firewall-cmd –zone=public –list-ports
更新防火墙规则: firewall-cmd –reload
查看区域信息: firewall-cmd –get-active-zones
查看指定接口所属区域: firewall-cmd –get-zone-of-interface=eth0
拒绝所有包:firewall-cmd –panic-on
取消拒绝状态: firewall-cmd –panic-off
查看是否拒绝: firewall-cmd –query-panic
那怎么开启一个端口呢
添加
firewall-cmd –zone=public –add-port=80/tcp –permanent (–permanent永久生效,没有此参数重启后失效)
重新载入
firewall-cmd –reload
查看
firewall-cmd –zone= public –query-port=80/tcp
删除
firewall-cmd –zone= public –remove-port=80/tcp –permanent
centos7重新调整分区大小
cenos 7 最小化安装完成后,分区是自动的。默认都会很多分到home目录,这很不合理。建议一般大家都分给/目录,也就是根目录。这样比较方便。
查看磁盘的空间大小: df -h
备份/home : cp -r /home/ homebak/
卸载 /home : umount /home
如果出现 home 存在进程,使用 fuser -m -v -i -k /home 终止 home 下的进程,最后使用 umount /home 卸载 /home
删除/home所在的lv : lvremove /dev/mapper/centos-home
扩展/root所在的lv,增加4430G : lvextend -L +4430G /dev/mapper/centos-root
扩展/root文件系统 : xfs_growfs /dev/mapper/centos-root
重新创建home lv : lvcreate -L 167G -n home centos
重新创建home lv 分区的大小,根据 vgdisplay 中的free PE 的大小确定
创建文件系统: mkfs.xfs /dev/centos/home
挂载 home: mount /dev/centos/home /home
重新调整大小后,/home 下的东西将丢失,注意做好备份。。。