運維工做中常常用到的一些知識總結（一）

在平常運維工做中，會有一些知識使用頻率較高，如下爲我的在工做中經常使用的一些操做，沒有作詳細的分類，排版比較凌亂。有須要的同窗們能夠參考，但願能有所幫助。

一、查看當前系統因此變量

sysctl -a

二、修改Centos7 網卡爲eth

install centos 7 按 tab鍵，增長：

net.ifnames=0 biosdevname=0

三、yum刪除軟件

yum erase $(rpm -qa|grep java)
yum erase $(rpm -qa|grep zabbix)

四、列行轉換

cat a.txt | xargs           # 列轉行
    cat a.txt | xargs           # 列轉行
    cat a.txt | xargs -n1       # 行轉列

五、du統計排除某文件夾

du -sh * --exclude=gfs

六、gitlab配置備份及按期刪除

gitlab-ctl start|stop|status|restart
59 23 * * * gitlab-rake gitlab:backup:create > /dev/null 2>&1
00 00 * * * /bin/bash /home/script/del_git_bak.sh > /dev/null 2>&1

[root@ok ~]# more /home/script/del_git_bak.sh

#!/bin/bash
git_dir=/var/opt/gitlab/backups/
find $git_dir -type f -mtime +6 -exec rm -f {} \;

七、查找已刪除但未釋放文件

lsof -n | grep deleted

八、docker容器系統初始化腳本

more /bin/load.sh

#!/bin/bash
ulimit -n 655350
source /data/env.conf

mkdir -p /data/nginx/conf.d
mkdir -p /data/log/nginx
mkdir -p /data/log/glusterfs
mkdir -p /opt/gfs

if [ ${IS_SINGLE} == 1 ]; then
        mount -t glusterfs gfs-master:datastore  /opt/gfs
else
        glusterfs -f /etc/glusterfs/datastore.vol --log-file=/data/log/glusterfs/glusterfs.log /opt/gfs
fi

九、docker容器啓動命令

docker run -itd  -v /data/nginx/NGINX:/data --restart=always --net=host --name=NGINX --privileged=true nginx:1.12 /bin/start.sh /bin/bash

十、計劃任務debug寫入具體文件：

crond debug >result.txt 2>&1

十一、glusterFS SLAVE建立示例：

docker run -itd --privileged=true -v /data/gfs/GFS:/data --restart=always --net=host --name=GFS --privileged=true gfs:0.7 /bin/start.sh /bin/bash
gluster volume create datastore replica 2 transport tcp master:/data/export slave:/data/export
gluster volume create datastore replica 2 transport tcp master:/data/export slave:/data/export force
gluster volume create datastore_1 replica 2 transport tcp gfs-master:/data/export_1 gfs-slave:/data/export_1 force
gluster volume start datastore_1

glusterfsd -f /etc/glusterfs/datastore.vol
glusterfs -f /etc/glusterfs/datastore.vol --log-file=/data/log/glusterfs/glusterfs.log /opt/emm
glusterfs -f /etc/glusterfs/datastore_1.vol --log-file=/data/log/glusterfs/glusterfs_1.log /data/gfs/GFS/export_1

[root@env5 glusterfs]# more /etc/glusterfs/datastore.vol

volume remote1
  type protocol/client
  option transport-type tcp
  option remote-host master
  option remote-subvolume /data/export
end-volume

volume remote2
  type protocol/client
  option transport-type tcp
  option remote-host slave
  option remote-subvolume /data/export
end-volume

volume replicate
  type cluster/replicate
  subvolumes remote1 remote2
end-volume

volume writebehind
  type performance/write-behind
  option window-size 1MB
  subvolumes replicate
end-volume

yum install -y glusterfs glusterfs-server glusterfs-fuse

十二、文件copy

CP不覆蓋現有文件：
cp -n 源 目地

cd /opt/tmp/xx

cp -R -n * /opt/IBM/pic/product/
cp -R -n * /opt/IBM/pic/product/  
cp -R -n * /opt/IBM/pic/product/
cp -R -n * /opt/IBM/pic/product/
cp -R -n * /opt/IBM/pic/product/

find ./ -mtime -22 -type d -name "117*"|awk -F/ '{ print $2 }'| uniq > 117.txt
tar -T 117.txt -zcvf /opt/zengliang/117.tar.gz

cp直接覆蓋：

\cp -r -f aa ../zhangsan/aa

1三、新增虛擬內存：

物理內存 交換分區（SWAP）
<= 4G 至少4G
4~16G 至少8G
16G~64G 至少16G
64G~256G 至少32G

SWAP增長：
一、查看 free -m
二、選擇合適的分區，建立適合的swap文件
dd if=/dev/zero of=/db/swapfile1 bs=1M count=8192
三、將生成的文件設置爲swap分區文件，命令：」mkswap /swap1/swapfile「 mkswap /db/swapfile1 swapon /db/swapfile1
四、激活新建立的swap分區,命令:」swapon /swap1/swapfile「
五、查看生效的swap分區大小，命令:」free -m「
六、設置開機啓動新建立的swap分區，編輯」/etc/fstab」配置文件，在文件末尾添加
」/swap1/swapfile swap swap defaults 0 0「

1四、排序

ll -rt 按時間排序
ll -Sh 按大小排序

1五、查看服務器硬件配置：

cat /proc/cpuinfo| grep "physical id"| sort| uniq| wc -l
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
cat /proc/cpuinfo| grep "cpu cores"| uniq
cat /proc/cpuinfo| grep "processor"| wc -l

1六、查看nginx日誌：

awk '{print $1}' 26.txt  | sort | uniq -c | sort -n -k 1 -r | head -n 100
awk '{print $11}' vm.txt  | sort | uniq -c | sort -n -k 1 -r | head -n 100

ps aux |grep -v USER | sort -nk +4 | tail

顯示消耗內存最多的10個運行中的進程，之內存使用量排序 cpu+3

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}' | sort -n -t 2

SYN_RECV # 正在等待處理的請求
ESTABLISHED # 正常數據傳輸狀態,既當前併發數
TIME_WAIT # 處理完畢，等待超時結束的請求
CLOSE_WAIT # 客戶端異常關閉,沒有完成4次揮手 如大量可能存在×××行爲

Active connections: 2 
server accepts handled requests
 6 6 25 
Reading: 0 Writing: 1 Waiting: 1

active connections – 活躍的鏈接數量
server accepts handled requests — 從nginx啓動到如今總共處理了11989個鏈接 , 成功建立11989次握手, 總共處理了11991個請求
reading — 讀取客戶端的鏈接數.
writing — 響應數據到客戶端的數量
waiting — 開啓 keep-alive 的狀況下,這個值等於 active – (reading+writing), 意思就是 Nginx 已經處理完正在等候下一次請求指令的駐留鏈接.

NGINX安裝參數：

--prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic'

1七、CentOS7網卡設置：

[root@master ~]# more /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
PEERDNS="yes"
PEERROUTES="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="fde08d92-9adf-4eb6-89c6-918445ebdf53"
DEVICE="ens33"
ONBOOT="yes"
IPADDR0=192.168.220.128
PREFIX0=24
GATEWAY0=192.168.220.2
DNS1=192.168.220.2

1八、VSFTP相關：

useradd virtual -d /mnt/mfs -s /bin/false
chown virtual:virtual /mnt/mfs -R

sed -i "s/anonymous_enable=YES/anonymous_enable=NO/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#anon_upload_enable=YES/anon_upload_enable=NO/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#anon_mkdir_write_enable=YES/anon_mkdir_write_enable=YES/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#chown_uploads=YES/chown_uploads=NO/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#async_abor_enable=YES/async_abor_enable=YES/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#ascii_upload_enable=YES/ascii_upload_enable=YES/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#ascii_download_enable=YES/ascii_download_enable=YES/g" '/etc/vsftpd/vsftpd.conf'
sed -i "s/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to FTP service./g" '/etc/vsftpd/vsftpd.conf'

echo -e "use_localtime=YES\nlisten_port=21\nchroot_local_user=YES\nidle_session_timeout=300
\ndata_connection_timeout=1\nguest_enable=YES\nguest_username=vsftpd
\nuser_config_dir=/etc/vsftpd/vconf\nvirtual_use_local_privs=YES
\npasv_min_port=10060\npasv_max_port=10090
\naccept_timeout=5\nconnect_timeout=1" >> /etc/vsftpd/vsftpd.conf

[root@ok vsftpd]# grep -Ev "#|^$" vsftpd.conf

anonymous_enable=YES
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
ascii_upload_enable=YES
ascii_download_enable=YES
listen=NO
listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=NO
tcp_wrappers=YES
guest_enable=YES
guest_username=virtual
user_config_dir=/etc/vsftpd/vsftpd_user_conf
[root@ok vsftpd]# pwd
/etc/vsftpd

[root@ok pam.d]# more vsftpd

#%PAM-1.0
auth required pam_userdb.so db=/etc/vsftpd/vsftpd_login
account required pam_userdb.so db=/etc/vsftpd/vsftpd_login

#session    optional     pam_keyinit.so    force revoke
#auth       required    pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed
#auth       required    pam_shells.so
#auth       include     password-auth
#account    include     password-auth
#session    required     pam_loginuid.so
#session    include     password-auth

[root@ok pam.d]# pwd
/etc/pam.d

[root@ok vsftpd]# more vusers.list

ftpuser
123456

[root@ok vsftpd]# cd vsftpd_user_conf/
[root@ok vsftpd_user_conf]# ls
ftpuser
[root@ok vsftpd_user_conf]# more ftpuser

local_root=/usr/share/nginx/html
write_enable=YES
virtual_use_local_privs=YES

db_load -T -t hash -f /etc/vsftpd/vusers.list /etc/vsftpd/vsftpd_login.db

參考：
http://yuanbin.blog.51cto.com/363003/129071/

1九、grep：

grep -A 5 能夠顯示匹配內容以及後面的5行內容
grep -B 5 能夠顯示匹配內容以及前面的5行內容
grep -C 5 能夠顯示匹配內容以及先後面的5行內容

find / -size +200M -exec ls -lh {} \;

/etc/my.conf 文件屬於哪一個包 (package) :

rpm -qf /etc/my.conf

20、SAMBA:

yum -y install samba samba-client
mkdir /home/share
chmod 777 /home/share/
cd /etc/samba/
cp smb.conf smb.conf_bak
more smb.conf

[global]
        workgroup = WORKGROUP
        security = user

        passdb backend = tdbsam

        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes

[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = root
        create mask = 0664
        directory mask = 0775

[work]
        path = /home/share
        writable = yes
        validuser = smbuser
        browseable = yes

useradd -s /sbin/nologin smbuser
smbpasswd -a smbuser
systemctl restart smb nmb

2一、IPTABLES：

iptables -t nat -A OUTPUT -d 172.16.170.55 -j DNAT --to 172.16.170.168

將對55的訪問定向到168

2二、安裝xenserver tool：

點擊XenServer Tools not install，而後而後選擇 Install XenServer Tools。
mount /dev/xvdd /mnt
/mnt/Linux/install.sh

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

2三、2960交換機開啓snmp：

Switch(config)#snmp-server community public ro
Switch(config)#snmp-server enable traps

2四、免密：

在A上的命令:
#ssh-keygen -t rsa (連續三次回車,即在本地生成了公鑰和私鑰,不設置密碼)
#ssh root@192.168.1.198 "mkdir .ssh;chmod 0700 .ssh" (須要輸入密碼， 注:必須將.ssh的權限設爲700)
#scp ~/.ssh/id_rsa.pub root@192.168.1.198:.ssh/id_rsa.pub (須要輸入密碼)

在B上的命令:
#touch /root/.ssh/authorized_keys (若是已經存在這個文件, 跳過這條)
#chmod 600 ~/.ssh/authorized_keys (# 注意： 必須將~/.ssh/authorized_keys的權限改成600, 該文件用於保存ssh客戶端生成的公鑰，能夠修改服務器的ssh服務端配置文件/etc/ssh/sshd_config來指定其餘文件名）
#cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys (將id_rsa.pub的內容追加到 authorized_keys 中, 注意不要用 > ，不然會清空原有的內容，使其餘人沒法使用原有的密鑰登陸)

回到A機器:
#ssh root@192.168.1.198 (不須要密碼, 登陸成功)

2五、私有云服務器擴展磁盤空間：

fdisk /dev/sda
[root@localhost dir]# fdisk /dev/sdc #給新加硬分區

WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
         switch off the mode (command 'c') and change display units to
         sectors (command 'u').

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (1307-2610, default 1307):
Using default value 1307
Last cylinder, +cylinders or +size{K,M,G} (1307-2610, default 2610): +5G

Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 8e
Changed system type of partition 2 to 8e (Linux LVM)

Command (m for help): p

Disk /dev/sdc: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xe4571f5c

   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1               1        1306    10490413+  8e  Linux LVM  
/dev/sdc2            1307        1960     5253255   8e  Linux LVM    ##新建的分區/dev/sdc2，將用於LVM擴容

w

partprobe

lvextend -L 190G /dev/centos/root
[root@localhost dir]# pvcreate /dev/sdc2 #將分區/dev/sdc2建立爲物理卷
Physical volume "/dev/sdc2" successfully created
[root@localhost dir]# vgextend vg_server1 /dev/sdc2 #將物理卷/dev/sdc2 加入卷組vg_server1
Volume group "vg_server1" successfully extended
[root@localhost dir]# lvextend -L +5G /dev/vg_server1/vg_server1_lvm1 /dev/sdc2 #擴容/dev/vg_server1/vg_server1_lvm1邏輯卷，其中-L指定大小
#+5G 容量增長5G ,若是沒有」+「 表示擴展到多少
Size of logical volume vg_server1/vg_server1_lvm1 changed from 15.00 GiB (3840 extents) to 20.00 GiB (5120 extents).
Logical volume vg_server1_lvm1 successfully resized

/sbin/resize2fs /dev/centos/root
lvextend 

xfs_growfs /dev/centos/root
df -hT

fdisk /dev/sda 
partprobe

pvcreate /dev/sda3
vgextend centos /dev/sda3
lvextend -L +595G /dev/centos/root /dev/sda3
xfs_growfs /dev/centos/root 
df -h

/sbin/resize2fs /dev/centos/root 
lvextend

2六、阿里雲服務器擴展磁盤空間：

fdisk /dev/vdb 
Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 2

Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 8e
Changed system type of partition 2 to 8e (Linux LVM)

Command (m for help): p
w
partprobe

pvcreate /dev/vdb1
vgcreate elk /dev/vdb1
lvcreate -l 100%FREE -n lv_data elk
mkdir /data
mkfs -t ext4 /dev/elk/lv_data 
mount /dev/elk/lv_data /data/
df -h

more /etc/fstab
/dev/elk/lv_data /data ext4 defaults 1 1

擴容：
建立pv ,經過pvcreate命令將磁盤/dev/sdb建立爲一個系統PV
#pvcreate /dev/sdb
將 PV /dev/sdb添加到卷組vg_openstack中。參考下圖中標記的數據可知，磁盤已經添加到vg_openstack，並且卷組的空間增長了50G
#vgextend vg_openstack /dev/sdb
爲/soft 添加30G的空間。圖中標記的位置給出了/soft的大小，以及/soft的lv名稱爲 /dev/vg_openstack/LogVol04
#lvextend -L +30G -n /dev/vg_openstack/LogVol04
邏輯卷擴展後並不會立刻生效，須要使用「resize2fs」命令從新加載邏輯卷的大小,圖中可知，/soft已經添加30G空間
#resize2fs /dev/vg_openstack/LogVol04

yum -y install lvm2 docker

阿里雲新增：

fdisk -l
cd /var/lib/
mv docker/ docker_bak
fdisk /dev/vdb
n
t
8e
w
partprobe 
pvcreate /dev/vdb1 
vgcreate vg-docker /dev/vdb1
lvcreate -L 50G -n dockerdata vg-docker
lvcreate -L 5G -n metadata vg-docker
lvcreate -l 100%FREE -n data vg-docker
lvdisplay

mkdir /data
mkfs -t ext4 /dev/vg-docker/data
mount /dev/vg-docker/data  /data
vim /etc/fstab 
/dev/vg-docker/data /data                                         ext4    defaults        1 1

cd /etc/sysconfig/
cp docker docker_bak
systemctl start docker
systemctl enable docker
systemctl status docker
docker info

2七、redis：

http://blog.csdn.net/github_26672553/article/details/69568259
dbfilename "dump.rdb"
dir "/data"
requirepass ok

/usr/local/redis/bin/redis-server /usr/local/redis/conf/6379.conf

/usr/local/bin/redis-server /etc/redis.conf &
/usr/local/bin/redis-cli -h localhost -p 6379 -a ok shutdown
/usr/local/bin/redis-cli -p 6380 -a ok

2八、JDK：

http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
rpm -ivh jdk1.8
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
yum install jenkins

Build Timestamp Plugin
Copy Artifact Plugin
GitHub Organization Folder Plugin
Javadoc Plugin
Maven Integration plugin
promoted builds plugin
Publish Over SSH
Role-based Authorization Strategy

2九、confluence:

申請試用oakzhong@ok.com.cn

30、jira:

yum install http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm -y
yum clean all
yum install Percona-Server-server-56 -y

or:

wget -c https://www.percona.com/downloads/Percona-Server-5.6/Percona-Server-5.6.36-82.0/binary/redhat/7/x86_64/Percona-Server-5.6.36-82.0-r58e846a-el7-x86_64-bundle.tar

CREATE DATABASE jiradb CHARACTER SET utf8 COLLATE utf8_bin;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,INDEX on <JIRADB>.* TO '<USERNAME>'@'<JIRA_SERVER_HOSTNAME>' IDENTIFIED BY '<PASSWORD>';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,INDEX on jiradb.* TO 'jira'@'127.0.0.1' IDENTIFIED BY 'jiradb';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,INDEX on jiradb.* TO 'jira'@'localhost' IDENTIFIED BY 'jiradb';

flush privileges;

SHOW GRANTS FOR <USERNAME>@<JIRA_SERVER_HOSTNAME>;

[mysqld]
...
default-storage-engine=INNODB
...

[mysqld]
...
max_allowed_packet=256M
...

// remove this if it exists
sql_mode = NO_AUTO_VALUE_ON_ZERO

https://dev.mysql.com/downloads/connector/j/
mysql-connector-java-5.1.42.jar

/opt/atlassian/jira/atlassian-jira/WEB-INF/lib