Linux雲自動化運維第七課
Linux雲自動化運維第七課
第十單元 系統日誌
1、系統日誌默認分類前端
/var/log/messages ###系統服務及日誌,包括服務的信息,報錯等等node
/var/log/secure ###系統認證信息日誌python
/var/log/maillog ###系統郵件服務信息ios
/var/log/cron ###系統定時任務信息shell
/var/log/boot.log ###系統啓動信息vim
2、日誌管理服務rsyslogbash
1.rsyslog負責採集日誌和分類存放日誌服務器
2.rsyslog日誌分類session
vim /etc/rsyslog.conf ###主配置文件運維
服務.日誌級別 /存放文件
*.* /var/log/westos
systemctl restart rsyslog.service ###重啓日誌管理服務
eg:[root@localhost Desktop]# vim /etc/rsyslog.conf ###編輯日誌管理文件
###*.* /var/log/desktop ###添加該句,意思爲全部服務.全部級別的日誌存放在/var/log/desktop中
[root@localhost Desktop]# ll /var/log/desktop
ls: 沒法訪問/var/log/desktop: 沒有那個文件或目錄
[root@localhost Desktop]# systemctl restart rsyslog.service ###重啓日誌管理服務
[root@localhost Desktop]# ll /var/log/desktop
-rw-r--r--. 1 root root 496 Mar 28 21:17 /var/log/desktop
[root@localhost Desktop]# cat /var/log/desktop ###查看日誌文件
Mar 28 21:17:14 localhost rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="4324" x-info="http://www.rsyslog.com"] start
Mar 28 21:17:13 localhost rsyslogd-2307: warning: ~ action is deprecated, consider using the 'stop' statement instead [try http://www.rsyslog.com/e/2307 ]
Mar 28 21:17:13 localhost systemd: Stopping System Logging Service... ###記錄了剛纔的重啓日誌管理服務
Mar 28 21:17:13 localhost systemd: Starting System Logging Service...
Mar 28 21:17:14 localhost systemd: Started System Logging Service.
[root@localhost Desktop]# systemctl restart sshd.service ###重啓sshd服務
[root@localhost Desktop]# cat /var/log/desktop
Mar 28 21:17:14 localhost rsyslogd: [origin software="rsyslogd" swVersion="7.4.7" x-pid="4324" x-info="http://www.rsyslog.com"] start
Mar 28 21:17:13 localhost rsyslogd-2307: warning: ~ action is deprecated, consider using the 'stop' statement instead [try http://www.rsyslog.com/e/2307 ]
Mar 28 21:17:13 localhost systemd: Stopping System Logging Service...
Mar 28 21:17:13 localhost systemd: Starting System Logging Service...
Mar 28 21:17:14 localhost systemd: Started System Logging Service.
Mar 28 21:17:52 localhost systemd: Stopping OpenSSH server daemon... ###記錄sshd的重啓日誌
Mar 28 21:17:52 localhost sshd[3096]: Received signal 15; terminating.
Mar 28 21:17:52 localhost systemd: Starting OpenSSH server daemon...
Mar 28 21:17:52 localhost systemd: Started OpenSSH server daemon.
Mar 28 21:17:52 localhost sshd[4361]: Server listening on 0.0.0.0 port 22.
Mar 28 21:17:52 localhost sshd[4361]: Server listening on :: port 22.
3.格式
日誌設備(類型).(鏈接符號)日誌級別 日誌處理方式(action)
4.日誌設備(能夠理解爲日誌類型):
auth ###pam產生的日誌
authpriv ###ssh,ftp等登陸信息的驗證信息
cron ###時間任務相關
kern ###內核
lpr ###打印
mail ###郵件
mark(syslog)–rsyslog ###服務內部的信息,時間標識
news ###新聞組
user ###用戶程序產生的相關信息
uucp ###unix to unix copy, unix主機之間相關的通信
local 1~7 ###自定義的日誌設備
5.日誌級別
debug ###有調式信息的,日誌信息最多
info ###般信息的日誌,最經常使用
notice ###最具備重要性的普通條件的信息
warning ###警告級別
err ###錯誤級別,阻止某個功能或者模塊不能正常工做的信息
crit ###嚴重級別,阻止整個系統或者整個軟件不能正常工做的信息
alert ###須要馬上修改的信息
emerg ###內核崩潰等嚴重信息
none ###什麼都不記錄
ps:從上到下,級別從低到高,記錄的信息愈來愈少。詳細的能夠查看手冊: man 3 syslog
6.鏈接符號
.xxx: 表示大於等於xxx級別的信息
.=xxx:表示等於xxx級別的信息
.!xxx:表示在xxx以外的等級的信息
7.實例
1)記錄到普通文件或設備文件::
*.* /var/log/file.log ### 絕對路徑
*.* /dev/pts/0
測試:logger -p local3.info ‘KadeFor is testing the rsyslog and logger ‘ logger 命令用於產生日誌
2)發送給用戶(須要在線才能收到)
*.* root
*.* root,kadefor,up01 ### 使用,號分隔多個用戶
*.* * ### *號表示全部在線用戶
3)忽略,丟棄
local3.* ~ ### 忽略全部local3類型的全部級別的日誌
4)執行腳本::
local3.* ^/tmp/a.sh ### ^號後跟可執行腳本或程序的絕對路徑,日誌內容能夠做爲腳本的第一個參數,可用來觸發報警
8.日誌同步
1)systemctl stop firewalld ###關閉兩臺主機的火牆
2)配置日誌發送方
*.* @172.25.0.11 ###經過udp協議把日誌發送到11主機,@udp,@@tcp
3)配置日誌接受方
15 $ModLoad imudp ###日誌接收插件
16 $UDPServerRun 514 ###日誌接收插件使用端口
#netstat -anulpe | grep rsyslog
udp 0 0 0.0.0.0:514 0.0.0.0:* 0 122073 32654/rsyslogd
udp6 0 0 :::514 :::* 0 122074 32654/rsyslogd
4)測試
> /var/log/messages ###兩邊都做,日誌文件清空
logger test message ###日誌發送方
tail -f /var/log/message ###日誌接收方
eg:[root@localhost Desktop]# vim /etc/rsyslog.conf ###日誌接受方,文件配置
###$ModLoad imudp
###$UDPServerRun 514
[root@localhost Desktop]# systemctl stop firewalld.service ###關閉接受方主機的防火牆
[root@localhost Desktop]# systemctl restart rsyslog.service ###重啓接受方的日誌管理服務
[root@localhost Desktop]# tail -f /var/log/messages ###監控日誌變化
[root@localhost Desktop]# vim /etc/rsyslog.conf ###日誌發送方,文件配置
###*.* @172.25.254.242 ###經過udp協議把日誌發送到接受方主機,@udp,@@tcp
[root@localhost Desktop]# systemctl restart rsyslog.service ###重啓發送方的日誌管理服務
[root@localhost Desktop]# logger test message ###測試指令,看接受方日誌變化
9.日誌採集格式
$template WESTOS, "%timegenerated% %FROMHOST-IP% %syslogtag% %msg%\n"
%timegenerated% ###顯示日誌時間
%FROMHOST-IP% ###顯示主機ip
%syslogtag% ###日誌記錄目標
%msg% ###日誌內容
\n ###換行
$ActionfileDefaultTemplate WESTOS
*.info;mail.none;authpriv.none;cron.none /var/log/messages;<<WESTOS>>
eg:[root@localhost Desktop]# vim /etc/rsyslog.conf
###$template DESKTOP,"%timegenerated% %FROMHOST-IP% %syslogtag% %msg%\n" ###*.* /var/log/desktop;DESKTOP
[root@localhost Desktop]# systemctl restart rsyslog.service ###重啓日誌管理服務
[root@localhost Desktop]# >/var/log/desktop ###清空日誌記錄文件
[root@localhost Desktop]# cat /var/log/desktop
[root@localhost Desktop]# systemctl restart sshd.service ###重啓sshd服務
[root@localhost Desktop]# cat /var/log/desktop ###日誌記錄sshd重啓服務,並以rsyslog.conf文件中要求的格式輸出
Mar 28 21:31:33 127.0.0.1 systemd: Stopping OpenSSH server daemon...
Mar 28 21:31:33 127.0.0.1 sshd[4434]: Received signal 15; terminating.
Mar 28 21:31:33 127.0.0.1 systemd: Starting OpenSSH server daemon...
Mar 28 21:31:33 127.0.0.1 systemd: Started OpenSSH server daemon.
Mar 28 21:31:33 127.0.0.1 sshd[4582]: Server listening on 0.0.0.0 port 22.
Mar 28 21:31:33 127.0.0.1 sshd[4582]: Server listening on :: port 22.
###%時間戳% %主機ip% %日誌記錄目標% %日誌內容%
3、日誌分析工具journal
1.systemd-journal 進程名稱
journalctl ###直接執行,瀏覽系統日誌
-n 3 ###顯示最新3條
-p err ###顯示報錯
-f ###監控日誌
--since --until ###--since "[YYYY-MM-DD] [hh:mm:ss]" 從什麼時間到什麼時間的日誌
-o verbose ###顯示日誌可以使用的詳細進程參數,_SYSTEMD_UNIT=sshd.service服務名稱,_PID=1182進程pid
eg:[root@localhost Desktop]# journalctl ###瀏覽系統日誌
[root@localhost Desktop]# journalctl -n 3 ###顯示最新3條日誌
-- Logs begin at Tue 2017-03-28 21:00:51 EDT, end at Tue 2017-03-28 22:30:11 EDT. --
Mar 28 22:30:11 localhost dbus[526]: [system] Activating service name='org.freedesktop.PackageKit' (usin
Mar 28 22:30:11 localhost dbus-daemon[526]: dbus[526]: [system] Successfully activated service 'org.free
Mar 28 22:30:11 localhost dbus[526]: [system] Successfully activated service 'org.freedesktop.PackageKit
lines 1-4/4 (END)
[root@localhost Desktop]# journalctl -p err ###顯示報錯日誌
-- Logs begin at Tue 2017-03-28 21:00:51 EDT, end at Tue 2017-03-28 22:30:11 EDT. --
Mar 28 21:00:51 localhost kernel: Failed to access perfctr msr (MSR c1 is 0)
Mar 28 21:00:52 localhost rpcbind[171]: rpcbind terminating on signal. Restart with "rpcbind -w"
Mar 28 21:00:59 localhost smartd[518]: Problem creating device name scan list
Mar 28 21:00:59 localhost smartd[518]: In the system's table of devices NO devices found to scan
Mar 28 21:01:05 localhost systemd[1]: Failed to start LSB: Starts the Spacewalk Daemon.
Mar 28 21:01:06 localhost libvirtd[1159]: libvirt version: 1.1.1, package: 29.el7 (Red Hat, Inc. <http:/
Mar 28 21:01:06 localhost libvirtd[1159]: Module /usr/lib64/libvirt/connection-driver/libvirt_driver_lxc
Mar 28 21:01:08 localhost systemd[1]: Failed to start /etc/rc.d/rc.local Compatibility.
Mar 28 21:38:20 localhost bluetoothd[2236]: Parsing /etc/bluetooth/input.conf failed: No such file or di
lines 1-10/10 (END)
[root@localhost Desktop]# journalctl -f
[root@localhost Desktop]# journalctl --since 22:31:49 ###顯示從22:31:49開始到此刻的日誌
-- Logs begin at Tue 2017-03-28 21:00:51 EDT, end at Tue 2017-03-28 22:31:49 EDT. --
Mar 28 22:31:49 localhost rhsmd[32534]: In order for Subscription Manager to provide your system with up
Mar 28 22:31:49 localhost run-parts(/etc/cron.daily)[32536]: finished rhsmd
Mar 28 22:31:49 localhost anacron[4700]: Job `cron.daily' terminated
lines 1-4/4 (END)
[root@localhost Desktop]# journalctl --until 21:00:52 ###顯示從系統開機到21:00:52的日誌
[root@localhost Desktop]# journalctl _PID=4353 ###顯示進程id爲4353的日誌
-- Logs begin at Tue 2017-03-28 21:00:51 EDT, end at Tue 2017-03-28 22:31:49 EDT. --
Mar 28 21:46:22 localhost sshd[4353]: Accepted password for root from 172.25.254.42 port 43317 ssh2
Mar 28 21:46:22 localhost sshd[4353]: pam_unix(sshd:session): session opened for user root by (uid=0)
[root@localhost Desktop]# journalctl _COMM=sshd ###顯示進程名稱爲sshd的日誌
-- Logs begin at Tue 2017-03-28 21:00:51 EDT, end at Tue 2017-03-28 22:31:49 EDT. --
Mar 28 21:01:06 localhost sshd[1201]: Server listening on 0.0.0.0 port 22.
Mar 28 21:01:06 localhost sshd[1201]: Server listening on :: port 22.
Mar 28 21:46:22 localhost sshd[4353]: Accepted password for root from 172.25.254.42 port 43317 ssh2
Mar 28 21:46:22 localhost sshd[4353]: pam_unix(sshd:session): session opened for user root by (uid=0)
Mar 28 22:22:11 localhost sshd[1201]: Received signal 15; terminating.
Mar 28 22:22:11 localhost sshd[4935]: Server listening on 0.0.0.0 port 22.
Mar 28 22:22:11 localhost sshd[4935]: Server listening on :: port 22.
2.對systemd-journald管理
###默認狀況下此程序會忽略重啓前的日誌信息,如不忽略:
mkdir /var/log/journal
chown root:systemd-journal /var/log/journal
chmod 2755 /var/log/journal
killall -1 systemd-journald
ls /var/log/journal/4513ad59a3b442ffa4b7ea88343fa55f
system.journal user-1000.journal
eg:[root@localhost Desktop]# mkdir /var/log/journal ###建立journal目錄
[root@localhost Desktop]# chown root.systemd-journal /var/log/journal ###全部人root用戶,全部組systemd-journal組
[root@localhost Desktop]# chmod 2755 /var/log/journal ###權限2755,文件全部人可讀可寫可執行,全部組和其它人可讀可執行
[root@localhost Desktop]# killall -1 systemd-journald ###生成日誌信息文件,類型data
[root@localhost Desktop]# ls /var/log/journal/
946cb0e817ea4adb916183df8c4fc817
[root@localhost Desktop]# ls /var/log/journal/946cb0e817ea4adb916183df8c4fc817
system.journal
4、時間同步
1.服務端
yum install chrony -y ###安裝服務
vim /etc/chrony.conf ###主配置文件
21 # Allow NTP client access from local network.
22 allow 172.25.0.0/24 ###容許誰去同步個人時間
27 # Serve time even if not synchronized to any NTP server.
28 local stratum 10 ###不去同步任何人的時間,時間同步服務器級別
systemctl restart chronyd
systemctl stop firewalld
eg:[root@localhost ~]# date 032911052017.20 ###修改系統時間
Wed Mar 29 11:05:20 EDT 2017
[root@localhost ~]# clock -w ###將系統時間同步到硬件
[root@localhost ~]# date
Wed Mar 29 11:06:09 EDT 2017
[root@localhost ~]# clock -s ###將硬件時間同步到系統
[root@localhost ~]# date
Wed Mar 29 11:06:25 EDT 2017
[root@localhost ~]# vim /etc/chrony.conf ###主配置文件
###allow 172.25.254.0/24 ###容許172.25.254.0網段的ip同步
###local stratum 10
[root@localhost ~]# systemctl restart chronyd.service ###重啓chronyd服務
[root@localhost ~]# systemctl status firewalld.service ###查看防火牆狀態
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Tue 2017-03-28 22:50:15 EDT; 12h ago ###運行中
Main PID: 475 (firewalld)
CGroup: /system.slice/firewalld.service
└─475 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Mar 28 22:50:15 localhost systemd[1]: Started firewalld - dynamic firewall daemon.
[root@localhost ~]# systemctl stop firewalld.service ###關閉防火牆
[root@localhost ~]# systemctl status firewalld.service
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: inactive (dead) since Wed 2017-03-29 11:10:30 EDT; 1s ago ###stop
Process: 475 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 475 (code=exited, status=0/SUCCESS)
Mar 28 22:50:15 localhost systemd[1]: Started firewalld - dynamic firewall daemon.
Mar 29 11:10:30 localhost systemd[1]: Stopping firewalld - dynamic firewall daemon...
Mar 29 11:10:30 localhost systemd[1]: Stopped firewalld - dynamic firewall daemon.
2.客戶端
vim /etc/chrony.conf
3 server 0.rhel.pool.ntp.org iburst
4 server 1.rhel.pool.ntp.org iburst====> server ntpserverip iburst
5 server 2.rhel.pool.ntp.org iburst====>
6 server 3.rhel.pool.ntp.org iburst
systemctl restart chronyd
eg:[root@localhost Desktop]# date
Tue Mar 28 22:56:08 EDT 2017
[root@localhost Desktop]# vim /etc/chrony.conf ###客戶端配置文件
###server 172.25.254.242 iburst ###同步172.25.254.242主機上的時間
[root@localhost Desktop]# systemctl restart chronyd.service ###重啓chronyd服務
3.測試:
eg:[root@localhost Desktop]# chronyc sources -v ###查看狀態
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| / xxxx = adjusted offset,
|| Log2(Polling interval) -. | yyyy = measured offset,
|| \ | zzzz = estimated error.
|| | |
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 172.25.254.242 10 6 7 52 +1540ns[-43177s] +/- 1829us
[root@localhost Desktop]# date ###同步時間成功
Wed Mar 29 11:11:35 EDT 2017
5、timedatectl命令
timedatectl status ###顯示當前時間信息
set-time ###設定當前時間
set-timezone ###設定當前時區
set-local-rtc 0|1 ###設定是否使用utc時間
eg:[root@localhost ~]# date
Wed Mar 29 11:37:16 EDT 2017
[root@localhost ~]# timedatectl status ###顯示當前時間信息
Local time: Wed 2017-03-29 11:37:35 EDT ###當地時間
Universal time: Wed 2017-03-29 15:37:35 UTC ###倫敦時間
RTC time: Wed 2017-03-29 15:37:35
Timezone: America/New_York (EDT, -0400) ###當前時區美國紐約,比倫敦早四小時
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: yes
Last DST change: DST began at
Sun 2017-03-12 01:59:59 EST
Sun 2017-03-12 03:00:00 EDT
Next DST change: DST ends (the clock jumps one hour backwards) at
Sun 2017-11-05 01:59:59 EDT
Sun 2017-11-05 01:00:00 EST
[root@localhost ~]# timedatectl list-timezones ###顯示可設置時區列表
[root@localhost ~]# timedatectl set-timezone Asia/Shanghai ###設定當前時區爲中國上海
[root@localhost ~]# timedatectl status
Local time: Wed 2017-03-29 23:40:58 CST
Universal time: Wed 2017-03-29 15:40:58 UTC
RTC time: Wed 2017-03-29 15:40:58
Timezone: Asia/Shanghai (CST, +0800) ###已修改成中國上海,比倫敦晚八小時
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
[root@localhost ~]# date
Wed Mar 29 23:41:12 CST 2017
[root@localhost ~]# timedatectl set-time "2017-03-29 11:42:50" ###設定當前時間爲"2017-03-29 11:42:50"
[root@localhost ~]# date
Wed Mar 29 11:42:52 CST 2017 ###設定成功
[root@localhost ~]# timedatectl status
Local time: Wed 2017-03-29 11:43:06 CST
Universal time: Wed 2017-03-29 03:43:06 UTC
RTC time: Wed 2017-03-29 03:43:07
Timezone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
[root@localhost ~]# timedatectl set-local-rtc 0 ###使用倫敦時間
[root@localhost ~]# vim /etc/adjtime
[root@localhost ~]# date
Wed Mar 29 11:47:00 CST 2017
[root@localhost ~]# timedatectl set-local-rtc 1 ###使用當地時間
[root@localhost ~]# vim /etc/adjtime
第十五單元 系統虛擬機管理
1、安裝
編寫的shell文件:
#!/bin/bash ###命令運行環境的指定
virt-install \ ###安裝虛擬機
--name $1 \ ###虛擬機名稱指定,$1表示腳本後的第一串字符
--memory 1000 \ ###內存
--file /var/lib/libvirt/images/$1.img \ ###硬盤文件
--file-size 8 \ ###硬盤文件大小
--cdrom /var/ftp/pub/iso/rhel-server-7.1-x86_64-dvd.iso & ###安裝源指定
eg:[root@foundation42 mnt]# vim vm_create.sh ###建立安裝shell
### 1 #!/bin/bash
### 2 virt-install \
### 3 --name $1 \
### 4 --memory 1024 \
### 5 --file /var/lib/libvirt/images/$1.qcow2 \
### 6 --file-size 8 \
### 7 --cdrom /home/kiosk/Desktop/rhel-server-7.2-x86_64-dvd.iso &
[root@foundation42 mnt]# ./vm_create.sh virgo ###執行安裝虛擬機
[root@foundation42 mnt]#
開始安裝......
正在分配 'virgo.qcow2' | 8.0 GB 00:00:00
建立域...... | 0 B 00:00:00
(virt-viewer:8808): GSpice-WARNING **: PulseAudio context failed 拒絕鏈接
(virt-viewer:8808): GSpice-WARNING **: pa_context_connect() failed: 拒絕鏈接
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:8808): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
域安裝仍在進行。您能夠從新鏈接
到控制檯以便完成安裝進程。
^C
2、管理
virt-manager ###開啓圖形管理工具
virt-viewer vmname ###顯示虛擬機,vmname表示虛擬機名稱
virsh list ###列出正在運行的vm
virsh list --all ###列出全部vm
virsh start vmname ###運行指定vm
virsh shutdown vmname ###正常關閉指定vm
virsh destroy vmname ###強行結束指定vm
virsh create vmname.xml ###臨時恢復指定vm,vmname表示前端管理文件
virsh define vmname.xml ###永久恢復vm
virsh undefine vmname ###刪除vm的前端管理,不會刪除存儲
eg:[root@foundation42 mnt]# virt-manager ###開啓圖形管理工具
[root@foundation42 mnt]# virsh start kzvirgo ###運行kzvirgo虛擬機
域 kzvirgo 已開始
[root@foundation42 mnt]# virsh list ###列出正在運行的虛擬機
Id 名稱 狀態
----------------------------------------------------
6 kzvirgo running
[root@foundation42 mnt]# virsh list --all ###列出全部的虛擬機
Id 名稱 狀態
----------------------------------------------------
6 kzvirgo running
- desktop 關閉
- server 關閉
- virgo 關閉
[root@foundation42 mnt]# virt-viewer kzvirgo ###顯示kzvirgo虛擬機
(virt-viewer:6849): GSpice-WARNING **: PulseAudio context failed 拒絕鏈接
(virt-viewer:6849): GSpice-WARNING **: pa_context_connect() failed: 拒絕鏈接
(virt-viewer:6849): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
^C
[root@foundation42 mnt]# virsh shutdown kzvirgo ###正常關閉虛擬機
域 kzvirgo 被關閉
[root@foundation42 mnt]# virsh list
Id 名稱 狀態
----------------------------------------------------
[root@foundation42 mnt]# virsh start kzvirgo
域 kzvirgo 已開始
[root@foundation42 mnt]# virsh destroy kzvirgo ###強行關閉虛擬機
域 kzvirgo 被刪除
[root@foundation42 mnt]# virsh undefine kzvirgo ###刪除kzvirgo虛擬機
域 kzvirgo 已經被取消定義
3、虛擬機快照
qemu-img create -f qcow2 -b vm2.qcow2 node1.qcow2
編寫的shell文件:
!/bin/bash
virsh destroy $1 &> /dev/null
virsh undefine $1 &> /dev/null
qemu-img create -f qcow2 -b /var/lib/libvirt/images/$1.qcow2 /var/lib/libvirt/images/$2.qcow2 &> /dev/null
virt-install \
--name $2 \
--ram 1000 \
--disk /var/lib/libvirt/images/$2.qcow2 \
--import &> /dev/null &
eg:圖形完成虛擬機快照
[root@foundation42 images]# ls
rh124-desktop-vda.ovl rh124-desktop-vdb.qcow2 rh124-server-vda.qcow2 rh124-server.xml
rh124-desktop-vda.qcow2 rh124-desktop.xml rh124-server-vdb.ovl westosred.qcow2
rh124-desktop-vdb.ovl rh124-server-vda.ovl rh124-server-vdb.qcow2
[root@foundation42 images]# qemu-img create -f qcow2 -b westosred.qcow2 westosredkz.qcow2 ###快照
Formatting 'westosredkz.qcow2', fmt=qcow2 size=9663676416 backing_file='westosred.qcow2' encryption=off cluster_size=65536 lazy_refcounts=off
[root@foundation42 images]# ls ###快照文件westosredkz.qcow2生成
rh124-desktop-vda.ovl rh124-desktop-vdb.qcow2 rh124-server-vda.qcow2 rh124-server.xml
rh124-desktop-vda.qcow2 rh124-desktop.xml rh124-server-vdb.ovl westosredkz.qcow2
rh124-desktop-vdb.ovl rh124-server-vda.ovl rh124-server-vdb.qcow2 westosred.qcow2
###進入虛擬系統管理器,建立新的虛擬機-->導入現有(e)磁盤映像-->選擇現有路徑/var/lib/libvirt/images/westosredkz.qcow2-->前進-->名稱westosredkz-->完成
[root@foundation42 images]# virsh destroy generic ###強行結束vm-generic
域 generic 被刪除
[root@foundation42 images]# virsh undefine generic ###刪除generic的前端管理
域 generic 已經被取消定義
[root@foundation42 images]# rm -fr westosredkz.qcow2 ###刪除快照文件
[root@foundation42 images]# ls
rh124-desktop-vda.ovl rh124-desktop-vdb.qcow2 rh124-server-vda.qcow2 rh124-server.xml
rh124-desktop-vda.qcow2 rh124-desktop.xml rh124-server-vdb.ovl westosred.qcow2
rh124-desktop-vdb.ovl rh124-server-vda.ovl rh124-server-vdb.qcow2
eg:從u盤拷貝*xml,*qcow2文件完成虛擬機安裝
[root@foundation42 qemu]# scp root@172.25.254.41:/etc/libvirt/qemu/westos.xml /mnt/
The authenticity of host '172.25.254.41 (172.25.254.41)' can't be established.
ECDSA key fingerprint is 0a:3f:c1:93:d3:8e:1c:70:c5:61:f6:4a:e6:db:10:87.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.254.41' (ECDSA) to the list of known hosts.
root@172.25.254.41's password:
westos.xml 100% 4259 4.2KB/s 00:00 ###拷貝*.xml文件
[root@foundation42 qemu]# cd /var/lib/libvirt/images/
[root@foundation42 images]# ls
rh124-desktop-vda.ovl rh124-desktop-vdb.qcow2 rh124-server-vda.qcow2 rh124-server.xml
rh124-desktop-vda.qcow2 rh124-desktop.xml rh124-server-vdb.ovl westosred.qcow2
rh124-desktop-vdb.ovl rh124-server-vda.ovl rh124-server-vdb.qcow2
[root@foundation42 images]# scp root@172.25.254.41:/var/lib/libvirt/images/westos.qcow2 /mnt/
root@172.25.254.41's password:
westos.qcow2 100% 9218MB 11.0MB/s 14:02 ###拷貝*.qcow2文件
[root@foundation42 mnt]# ls
westos.qcow2 westos.xml
[root@foundation42 mnt]# virsh create westos.xml ###臨時恢復指定vm
錯誤:從 westos.xml 建立域失敗
錯誤:Cannot access storage file '/var/lib/libvirt/images/westos.qcow2' (as uid:107, gid:107): 沒有那個文件或目錄
[root@foundation42 mnt]# mv westos.qcow2 /var/lib/libvirt/images/ ###將硬盤文件移動到指定目錄
[root@foundation42 mnt]# ls /var/lib/libvirt/images/
rh124-desktop-vda.ovl rh124-desktop-vdb.qcow2 rh124-server-vda.qcow2 rh124-server.xml
rh124-desktop-vda.qcow2 rh124-desktop.xml rh124-server-vdb.ovl westos.qcow2
rh124-desktop-vdb.ovl rh124-server-vda.ovl rh124-server-vdb.qcow2 westosred.qcow2
[root@foundation42 mnt]# virsh define westos.xml ###永久恢復vm
定義域 westos(從 westos.xml)
[root@foundation42 mnt]# virt-manager ###打開vm圖形管理,設定配置
[root@foundation42 mnt]# virsh start westos ###開啓westos虛擬機
域 westos 已開始
[root@foundation42 mnt]# virsh destroy westos ###強行關閉westos虛擬機
錯誤:刪除域 westos 失敗
錯誤:所需操做無效:域沒有在運行
[root@foundation42 qemu]# virsh undefine westos ###刪除westos的前端管理
[root@foundation42 mnt]# rm -fr /var/lib/libvirt/images/westos.qcow2 ###刪除硬盤文件
eg:利用shell文件安裝虛擬機
[root@foundation42 ~]# vim isocreat.sh ###編寫虛擬機配置命令
####!/bin/bash ###命令運行環境的指定
###virt-install \ ###安裝虛擬機
###--name $* \ ###虛擬機名稱指定,$*表明命令後跟自定義名稱
###--memory 1024 \ ###內存
###--vcpus 2 \ ###cpu指定2個
###--file /var/lib/libvirt/images/$*.qcow2 \ ###硬盤文件
###--file-size 8 \ ###硬盤文件大小
###--cdrom /var/ftp/pub/iso/rhel-server-7.1-x86_64-dvd.iso & ###安裝源指定
[root@foundation42 ~]# chmod +x isocreat.sh ###可執行
[root@foundation42 ~]# ./isocreat.sh redred ###執行shell文件,虛擬機名稱自定義爲redred
[root@foundation42 ~]#
開始安裝......
正在分配 'redred.qcow2' | 8.0 GB 00:00:00
建立域...... | 0 B 00:00:00
(virt-viewer:25952): GSpice-WARNING **: PulseAudio context failed 拒絕鏈接
(virt-viewer:25952): GSpice-WARNING **: pa_context_connect() failed: 拒絕鏈接
(virt-viewer:25952): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:25952): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:25952): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
建立域完成。
正在重啓虛擬機。 ###安裝成功
eg:利用shell,建立快照,並實現reset
[root@foundation42 mnt]# vim vm_kz.sh ###建立快照腳本
### 1 #!/bin/bash
### 2 qemu-img create -f qcow2 -b /var/lib/libvirt/images/$1.qcow2 /var/lib/libvirt/images/$2.qcow2
### 3 virt-install \
### 4 --name $2 \
### 5 --memory 1024 \
### 6 --file /var/lib/libvirt/images/$2.qcow2 \
### 7 --import &
[root@foundation42 mnt]# ./vm_kz.sh virgo kzvirgo ###執行shell腳本,建立快照kzvirgo
Formatting '/var/lib/libvirt/images/kzvirgo.qcow2', fmt=qcow2 size=9663676416 backing_file='/var/lib/libvirt/images/virgo.qcow2' encryption=off cluster_size=65536 lazy_refcounts=off
[root@foundation42 mnt]#
開始安裝......
建立域...... | 0 B 00:00:00
(virt-viewer:5901): GSpice-WARNING **: PulseAudio context failed 拒絕鏈接
(virt-viewer:5901): GSpice-WARNING **: pa_context_connect() failed: 拒絕鏈接
(virt-viewer:5901): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:5901): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:5901): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:5901): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
^C
[root@foundation42 mnt]# vim vm_reset.sh ###建立reset腳本
### 1 #!/bin/bash
### 2 virsh destroy $1
### 3 virsh undefine $1
### 4 rm -fr /var/lib/libvirt/images/$1.qcow2
### 5 qemu-img create -f qcow2 -b /var/lib/libvirt/images/$2.qcow2 /var/lib/libvirt/images /$1.qcow2
### 6 virt-install \
### 7 --name $1 \
### 8 --memory 1024 \
### 9 --file /var/lib/libvirt/images/$1.qcow2 \
### 10 --import &
[root@foundation42 mnt]# ./vm_reset.sh kzvirgo virgo ###執行reset腳本
域 kzvirgo 被刪除
建立域完成。
可運行如下命令重啓您的域:
virsh --connect qemu:///system start kzvirgo
域 kzvirgo 已經被取消定義
Formatting '/var/lib/libvirt/images/kzvirgo.qcow2', fmt=qcow2 size=9663676416 backing_file='/var/lib/libvirt/images/virgo.qcow2' encryption=off cluster_size=65536 lazy_refcounts=off
[root@foundation42 mnt]#
開始安裝......
建立域...... | 0 B 00:00:00
(virt-viewer:6180): GSpice-WARNING **: PulseAudio context failed 拒絕鏈接
(virt-viewer:6180): GSpice-WARNING **: pa_context_connect() failed: 拒絕鏈接
(virt-viewer:6180): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:6180): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
(virt-viewer:6180): GSpice-WARNING **: Error calling 'org.gnome.SessionManager.Inhibit': GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.gnome.SessionManager was not provided by any .service files
建立域完成。
可運行如下命令重啓您的域:
virsh --connect qemu:///system start kzvirgo
^C
[root@foundation42 mnt]#
unit7-做業
1.在文件/usr/share/mime/packages/freedesktop.org.xml
中查找全部包含 ich 的行,
將找出的行按照前後順序拷貝到/root/lines 文件中,
/root/lines 文件不包含空格,而且其中行的內容是源文件/usr/share/mime/packages/freedesktop.org.xml 原始行的準確副
本
[root@localhost ~]# cat /usr/share/mime/packages/freedesktop.org.xml |grep ich|tee /root/lines
[root@localhost home]# cat /usr/share/mime/packages/freedesktop.org.xml |grep ich &>/root/lines
[root@localhost home]# grep ich /usr/share/mime/packages/freedesktop.org.xml >/root/lines
:%s/^\ *//g
2.在/home 目錄中建立目錄 materials, 配置該目錄的所屬組爲
sysadms, 要求隸屬於 sysadms 組當中的成員對該目錄有讀寫權限,在
sysadms 目錄當中建立的文件或者文件夾, 其所屬組也自動繼承
sysadms 的所屬組
[root@localhost home]# mkdir /home/materials
[root@localhost home]# ls -ld /home/materials
drwxr-xr-x. 2 root root 6 Mar 30 02:04 /home/materials
[root@localhost home]# chgrp sysadms /home/materials
chgrp: 無效的組:"sysadms"
[root@localhost home]# groupadd sysadms
[root@localhost home]# chgrp sysadms /home/materials
[root@localhost home]# ls -ld /home/materials
drwxr-xr-x. 2 root sysadms 6 Mar 30 02:04 /home/materials
[root@localhost home]# chmod 2760 /home/materials
[root@localhost home]# ls -ld /home/materials
drwxrwS---. 2 root sysadms 6 Mar 30 02:04 /home/materials
[root@localhost home]#
4.查看80天之前的日期,重定向到文件/mnt/datafile,而後查看80天之後的日期,
追加到文件/mnt/datafile;
[root@localhost home]# date -d -80day >/mnt/datafile
[root@localhost home]# date -d +80day >>/mnt/datafile
5.用戶與用戶組操做
- 建立用戶組phone,指定gid爲888,下面新建用戶均屬於phone用戶組;
[root@localhost home]# groupadd -g 888 phone
- 建立用戶mi,設置uid=1800,shell類型爲/bin/sh;
- 建立用戶iphone,設置uid=1801,用戶描述爲「User iphone「;
- 建立用戶huawei,設置用戶描述爲「華爲」,用戶家目錄爲/huawei;
**因業務須要,執行如下操做:
- 修改用戶mi的uid爲1700,shell另外類型爲/sbin/nologin;
- 修改用戶iphone的用戶描述爲「蘋果手機」;
- 修改用戶huawei的用戶家目錄爲/home/huawei;
[root@localhost home]# groupadd -g 888 phone
[root@localhost home]# useradd -g 888 -u 1800 -s /bin/sh mi
[root@localhost home]# useradd -g 888 -u 1801 -c "User iphone" iphone
[root@localhost home]# useradd -g 888 -c "華爲" -d /huawei huawei
[root@localhost home]# usermod -u 1700 -s /sbin/nologin mi
[root@localhost home]# usermod -c "蘋果手機" iphone
[root@localhost home]# usermod -d /home/huawei huawei
6. 設置ssh服務器端,不容許經過密碼認證進行遠程鏈接;
[root@localhost home]# vim /etc/ssh/sshd_config
78 PasswordAuthentication no
[root@localhost home]# systemctl restart sshd.service
7.實現你的虛擬機和你的真機時間同步
真機
[root@foundation42 ~]# vim /etc/chrony.conf
22 # Allow NTP client access from local network.
23 allow 172.25.254.142
24
25 # Listen for commands only on localhost.
26 bindcmdaddress 127.0.0.1
27 bindcmdaddress ::1
28
29 # Serve time even if not synchronized to any NTP server.
30 local stratum 10
[root@foundation42 ~]# systemctl restart chronyd.service
[root@foundation42 ~]# systemctl stop firewalld
虛擬機
[root@localhost home]# vim /etc/chrony.conf
7 server 172.25.254.42 iburst
[root@localhost home]# systemctl restart chronyd.service
[root@localhost home]# date
Thu Mar 30 03:10:10 EDT 2017
[root@localhost home]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| / xxxx = adjusted offset,
|| Log2(Polling interval) -. | yyyy = measured offset,
|| \ | zzzz = estimated error.
|| | |
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 172.25.254.42 10 6 17 60 -29ns[ +11us] +/- 114us
[root@localhost home]# date
Thu Nov 23 22:26:00 EST 2017
8.將你主機上的全部日誌信息同步到真機上;
真機
[root@foundation42 ~]# systemctl stop firewalld.service
[root@foundation42 ~]# vim /etc/rsyslog.conf
14 # Provides UDP syslog reception
15 $ModLoad imudp
16 $UDPServerRun 514
[root@foundation42 ~]# systemctl restart rsyslog.service
[root@foundation42 ~]# tail -f /var/log/messages
虛擬機
[root@localhost home]# systemctl stop firewalld.service
[root@localhost home]# vim /etc/rsyslog.conf
*.* @172.25.254.42
[root@localhost home]# systemctl restart rsyslog.service
[root@localhost home]# logger test
- 1. Linux雲自動化運維第四課
- 2. Linux自動化運維部署+運維
- 3. Linux自動化運維—anisble
- 4. Linux自動化運維
- 5. linux自動化運維--ansible
- 6. 自動化運維自學第一天
- 7. 自動化運維
- 8. 混合雲自動化運維平臺
- 9. 國美雲運維自動化實踐
- 10. Linux學習總結(七十三)自動化運維之saltstack
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • Spring自動裝配Bean - Spring教程
- • SpringBoot中properties文件不能自動提示解決方法
- • IntelliJ IDEA中SpringBoot properties文件不能自動提示問題解決
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. Linux雲自動化運維第四課
- 2. Linux自動化運維部署+運維
- 3. Linux自動化運維—anisble
- 4. Linux自動化運維
- 5. linux自動化運維--ansible
- 6. 自動化運維自學第一天
- 7. 自動化運維
- 8. 混合雲自動化運維平臺
- 9. 國美雲運維自動化實踐
- 10. Linux學習總結(七十三)自動化運維之saltstack