本帖最后由 tinylion 于 2020-10-17 15:37 编辑
内核:5.6.2
版本:centos7
系统见:https://www.right.com.cn/forum/thread-4010849-1-1.html
通用的优化方法:https://wsgzao.github.io/post/centos/
https://www.jianshu.com/p/f9ea135af86a 含ntp时间同步,集群要首先设置
本帖是小狮子自我学习的经验,不愿多废话
将以最简单的方式分享个人经验
1. ./install-aml.sh过程中
出现
tar: var/spool/postfix/private/verify: socket ignored
tar: var/spool/postfix/private/proxywrite: socket ignored
结论:无碍
解释:https://serverfault.com/questions/525805/getting-errors-while-making-backup-of-whole-centos-with-tar
尝试:systemctl stop postfix
systemctl disable postfix
实际环境中不推荐这样做。用下面的较好,因为Crontab依托Postfix。 | #service postfix stop #chkconfig postfix off |
2. 禁用ipv6
参考:https://www.jianshu.com/p/225d040d0b66
nano /etc/sysctl.conf
net.ipv6.conf.all.disable_ipv6 =1
net.ipv6.conf.default.disable_ipv6 =1
sysctl -p
3. 安装cockpit
参考:https://www.linuxtechi.com/install-use-cockpit-tool-centos8-rhel8/(一直对selinux修改成permissive心有余悸,感觉这是个大bug,未来很多服务会因为selinux的原因开机启动不了)
开机有错提示无法侦听cockpit端口:
systemctl disable cockpit.socket
chmod +x /etc/rc.local
nano /etc/rc.local
systemctl enable cockpit.socket
4. 开启cockpit的9090端口
参考:https://blog.csdn.net/CodeWarrior_/article/details/79570086
查看是否运行中:systemctl status cockpit.socket
5. 开机过程出现:Failed to start Crash recovery kernel arming.
暂未解决,用 systemctl disable kdump.service 先移除了或
service kdump stop
chkconfig kdump off参考:https://sunsea.im/centos-close-kdump-increase-ram.html
6.开机过程出现:
SELinux: Permission watch_sb in class fifo_file not defined in policy.
SELinux: Permission watch_with_perm in class fifo_file not defined in policy.
SELinux: Permission watch_reads in class fifo_file not defined in policy.
SELinux: Class xdp_socket not defined in policy.
因后面还出现提示:SELinux: the above unknown classes and permissions will be allowed 所以未处理
7.安装docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh --mirror Aliyun
设置自己的阿里docker源
sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://7cqxx78g.mirror.aliyuncs.com"] } EOF
systemctl enable docker
reboot
docker info
8. 设置为中国时区
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
cp: overwrite ‘/etc/localtime’? y
设置主机名
hostnamectl set-hostname master
hostname
nano /etc/hosts
127.0.0.1 localhost master
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
参考:https://blog.csdn.net/Post_Yuan/article/details/78603212
开机有一行红字提示的错误!但也不影响网络联通,先不管它了!
failed to start lsb bring up/down networking
https://access.redhat.com/discussions/2213791
可能原因:
Same here but checking other posts it's caused because NetworkManager starts before the interface is ready. I I've been reading it does not affect the network unit, however it messes my wireless connection don't know how or why
[root@centos78 ~]# systemctl status network
● network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 1970-01-01 08:00:11 CST; 50 years 8 months ago
Docs: man:systemd-sysv-generator(8)
Process: 558 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=6)
Jan 01 08:00:11 centos78 systemd[1]: Starting LSB: Bring up/down networking...
Jan 01 08:00:11 centos78 systemd[1]: network.service: control process exited, code=exited status=6
Jan 01 08:00:11 centos78 systemd[1]: Failed to start LSB: Bring up/down networking.
Jan 01 08:00:11 centos78 systemd[1]: Unit network.service entered failed state.
Jan 01 08:00:11 centos78 systemd[1]: network.service failed.
启动后,可以执行下面语句重启一下NetworkManager即可!可考虑加在 rc.local 开机启动里实现。
nano /etc/rc.local
sleep 3
systemctl stop NetworkManager
sleep 3
systemctl start NetworkManager
[root@centos78 ~]# systemctl stop NetworkManager
[root@centos78 ~]# systemctl start NetworkManager
[root@centos78 ~]# service NetworkManager status
Redirecting to /bin/systemctl status NetworkManager.service
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2020-09-17 10:32:13 CST; 50s ago
Docs: man:NetworkManager(8)
Main PID: 908 (NetworkManager)
Tasks: 4
Memory: 5.7M
CGroup: /system.slice/NetworkManager.service
├─908 /usr/sbin/NetworkManager --no-daemon
└─921 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-eth0.pid -lf /var/lib/NetworkManager/dhclient-5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03...
Sep 17 10:32:14 centos78 dhclient[921]: bound to 192.168.1.163 -- renewal in 16987 seconds.
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1035] device (eth0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'assume')
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1092] device (eth0): state change: ip-check -> secondaries (reason 'none', sys-iface-state: 'assume')
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1116] device (eth0): state change: secondaries -> activated (reason 'none', sys-iface-state: 'assume')
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1142] manager: NetworkManager state is now CONNECTED_LOCAL
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1251] manager: NetworkManager state is now CONNECTED_SITE
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1258] policy: set 'eth0' (eth0) as default for IPv4 routing and DNS
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1342] device (eth0): Activation: successful, device activated.
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1375] manager: NetworkManager state is now CONNECTED_GLOBAL
Sep 17 10:32:14 centos78 NetworkManager[908]: <info> [1600309934.1401] manager: startup complete
解决上述错误:
systemctl disable network.service
解决开机IPMI红色错误提示:
systemctl disable ipmi.service
systemctl disable ipmievd.service
常用命令
系统:
# uname -a # 查看内核/操作系统/CPU信息
# cat /etc/issue
# cat /etc/redhat-release # 查看操作系统版本
# cat /proc/cpuinfo # 查看CPU信息
# hostname # 查看计算机名
# lspci -tv # 列出所有PCI设备
# lsusb -tv # 列出所有USB设备
# lsmod # 列出加载的内核模块
# env # 查看环境变量
资源:
# free -m # 查看内存使用量和交换区使用量
# df -h # 查看各分区使用情况
# du -sh <目录名> # 查看指定目录的大小
# grep MemTotal /proc/meminfo # 查看内存总量
# grep MemFree /proc/meminfo # 查看空闲内存量
# uptime # 查看系统运行时间、用户数、负载
# cat /proc/loadavg # 查看系统负载
磁盘和分区:
# mount | column -t # 查看挂接的分区状态
# fdisk -l # 查看所有分区
# swapon -s # 查看所有交换分区
# hdparm -i /dev/hda # 查看磁盘参数(仅适用于IDE设备)
# dmesg | grep IDE # 查看启动时IDE设备检测状况
网络:
# ifconfig # 查看所有网络接口的属性
# iptables -L # 查看防火墙设置
# route -n # 查看路由表
# netstat -lntp # 查看所有监听端口
# netstat -antp # 查看所有已经建立的连接
# netstat -s # 查看网络统计信息
进程:
# ps -ef # 查看所有进程
# top # 实时显示进程状态(另一篇文章里面有详细的介绍)
用户:
# w # 查看活动用户
# id <用户名> # 查看指定用户信息
# last # 查看用户登录日志
# cut -d: -f1 /etc/passwd # 查看系统所有用户
# cut -d: -f1 /etc/group # 查看系统所有组
# crontab -l # 查看当前用户的计划任务
服务:
# chkconfig –list # 列出所有系统服务
# chkconfig –list | grep on # 列出所有启动的系统服务
程序:
# rpm -qa # 查看所有安装的软件包
安装inxi查看硬件信息
安装inxi
yum install epel-release
yum install inxi
|