浅谈Ubuntu Server系统基础配置
1️⃣ 官方说明文档
- https://help.ubuntu.com/
2️⃣ 更改主机名
- 主机名修改规范
地区-机房简称-虚拟机or物理机-业务名称-IP地址后两位-域名 - 范例
bj-magedu-v-study-234-157.bokebi.cn
# 修改配置文件
vim /etc/hostname
# 命令修改
hostnamectl set-hostname name
3️⃣ 更改网卡名称为eth*:
如果没有在安装系统之前传递内核参数将⽹卡名称更改为eth*,则可以在安装系统之后使⽤以下⽅式修改:
# 修改配置文件参数
~$ sudo vim /etc/default/grub
GRUB_DEFAULT=0
GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=2
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0"
# 重新生成引导文件
~$ sudo update-grub
Sourcing file `/etc/default/grub'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.15.0-55-generic
Found initrd image: /boot/initrd.img-4.15.0-55-generic
done
# 重启机器
~$ sudo reboot
4️⃣ 配置root远程登录
默认情况下,ubuntu不允许root⽤⼾远程ssh,如果有实际场景需要允许root⽤⼾远程ssh,则需要设置root密码,并且编辑/etc/ssh/sshd_config⽂件修改如下
~$ sudo vim /etc/ssh/sshd_config
32 #PermitRootLogin prohibit-password #默认为禁⽌登录
33 PermitRootLogin yes #改为允许登录
57 #PasswordAuthentication yes
58 PasswordAuthentication yes #打开密码认证,其实默认就是允许通过密码认证登录
~$ sudo su - root #切换到root⽤⼾环境
~# passwd #设置密码
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
~# systemctl restart sshd #重启ssh服务并测试root⽤⼾远程ssh连接
5️⃣ Ubuntu 18.04网络配置
- 官方文档:https://netplan.io/
- 以下静态路由表生效必须是内核开启forward转发功能
net.ipv4.ip_forward = 1
▶1 ubuntu 17.04及之前的静态IP配置方式
- Ubuntu 从 17.10 开始,已放弃在 /etc/network/interfaces ⾥固定IP的配置,⽽是改成 netplan ⽅式,
- 配置⽂件是:
/etc/netplan/01-netcfg.yaml - ubuntu 17.04及之前的静态IP配置⽅式
~# cat /etc/network/interfaces
root@magedu:~# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
auto eth0 #⽹卡⾃启动,写⾃⼰要配置IP的实际⽹卡名称
iface eth0 inet static #配置静态IP,写⾃⼰要配置IP的实际⽹卡名称
address 172.18.3.12 #IP地址
netmask 255.255.0.0 #掩码
gateway 172.18.0.1 #⽹关
dns-nameservers 223.6.6.6 #DNS
dns-nameservers 223.5.5.5
#重启⽹络服务
~# /etc/init.d/networking restart
~# systemctl restart networking.service
▶2 ubuntu 18.04 单网卡静态IP地址
root@ubuntu1804-31:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.31/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
# 生效配置文件
sudo netplan apply
▶3 ubuntu 18.04配置多网卡静态IP以及静态路由
- 增加一块网卡
- 不增加静态路由,由系统自动生成
root@ubuntu1804-37:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
eth1:
dhcp4: no
dhcp6: no
addresses: [192.168.39.37/24]
gateway4: 192.168.39.1
nameservers:
addresses: [180.76.76.76]
# 配置测试从eth1发出请求报文
ifconfig eth0 down
root@ubuntu1804-37:~# ping -c3 www.baidu.com
PING www.a.shifen.com (61.135.169.121) 56(84) bytes of data.
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=1 ttl=128 time=3.80 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=2 ttl=128 time=4.87 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=3 ttl=128 time=4.06 ms
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 3.803/4.246/4.871/0.454 ms
- 使用一个网关,一个DNS,配置静态路由表
root@ubuntu1804-37:~# cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
eth1:
dhcp4: no
dhcp6: no
addresses: [192.168.39.37/24]
routes:
- to: 172.20.0.0/16
via: 192.168.39.1 # 192网关使用配置静态路由从172这个网关出去
- to: 192.168.39.0/24
via: 192.168.39.1 # 192网段的报文从这个网关地址出去.
# 配置结果测试
root@ubuntu1804-37:~# ping -c3 www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
From 172.20.3.69 (172.20.3.69): icmp_seq=1 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=1 ttl=56 time=5.48 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=2 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=2 ttl=56 time=4.70 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=3 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=3 ttl=56 time=3.49 ms
# Network(New nexthop: _gateway (172.20.0.1)) 重定向到路由下一跳网关地址
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 3.496/4.559/5.481/0.818 ms
▶4 ubuntu 18.04的单网卡桥接配置
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
bridges:
br0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
interfaces:
- eth0
# 使配置文件生效
netplan apply
- 测试效果
root@ubuntu1804-37:~# ping -c3 www.baidu.com
PING www.a.shifen.com (61.135.169.121) 56(84) bytes of data.
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=1 ttl=56 time=3.72 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=2 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=2 ttl=56 time=4.54 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=3 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=3 ttl=56 time=3.55 ms
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2008ms
rtt min/avg/max/mdev = 3.556/3.942/4.548/0.439 ms
▶4 ubuntu 18.04的多网卡桥接配置
- ubuntu 18.04多⽹卡的桥接配置,将br0和br1分别桥接到eth0和eth1。
- bridges配置跟网卡模式没有关系
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
eth1:
dhcp4: no
dhcp6: no
bridges:
br0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
interfaces:
- eth0
bridges:
br1:
dhcp4: no
dhcp6: no
addresses: [192.168.39.37/24]
routes:
- to: 172.20.0.0/16
via: 192.168.39.1
- to: 192.168.39.0/24
via: 192.168.39.1
interfaces:
- eth1
▶5 双网卡绑定Bond模式
七种bond模式说明:
- 第⼀种模式:mod=0,即:(balance-rr) Round-robin policy(平衡抡循环策略)
特点:- 传输数据包顺序是依次传输(即:第1个包⾛eth0,下⼀个包就⾛eth1….⼀直循环下去,直到最后⼀个传输完毕),
- 此模式提供负载平衡和容错能⼒。
- 第⼆种模式:mod=1,即: (active-backup) Active-backup policy(主-备份策略)
特点:- 只有⼀个设备处于活动状态,当⼀个宕掉另⼀个⻢上由备份转换为主设备。
- mac地址是外部可⻅得,从外⾯看来,bond的MAC地址是唯⼀的,以避免switch(交换机)发⽣混乱。
- 此模式只提供了容错能⼒;由此可⻅此算法的优点是可以提供⾼⽹络连接的可⽤性,
- 但是它的资源利⽤率较低,只有⼀个接⼝处于⼯作状态,在有 N 个⽹络接⼝的情况
下,资源利⽤率为1/N。
- 第三种模式:mod=2,即:(balance-xor) XOR policy(平衡策略)
特点:- 基于指定的传输HASH策略传输数据包。缺省的策略是:(源MAC地址 XOR ⽬标MAC地址) % slave数量。
- 其他的传输策略可以通过
xmit_hash_policy选项指定, - 此模式提供负载平衡和容错能⼒。
- 第四种模式:mod=3,即:broadcast(⼴播策略)
特点:在每个slave接⼝上传输每个数据包,此模式提供了容错能⼒。 - 第五种模式:mod=4,即:(802.3ad) IEEE 802.3adDynamic link aggregation(IEEE 802.3ad 动态链接聚合)
特点:- 创建⼀个聚合组,它们共享同样的速率和双⼯设定。
- 根据802.3ad规范将多个slave⼯作在同⼀个激活的聚合体下。
- 必要条件:
条件1:ethtool⽀持获取每个slave的速率和双⼯设定。
条件2:switch(交换机)⽀持IEEE 802.3ad Dynamic link aggregation。
条件3:⼤多数switch(交换机)需要经过特定配置才能⽀持802.3ad模式。
- 第六种模式:mod=5,即:(balance-tlb) Adaptive transmit load balancing(适配器传输负载均衡)
特点:- 不需要任何特别的switch(交换机)⽀持的通道bonding。
- 在每个slave上根据当前的负载(根据速度计算)分配外出流量。如果正在接受数据的slave出故障了,另⼀个slave接管失败的slave的MAC地址。
- 该模式的必要条件:
ethtool⽀持获取每个slave的速率
- 第七种模式:mod=6,即:(balance-alb) Adaptive load balancing(适配器适应性负载均衡)
特点:- 该模式包含了balance-tlb模式,同时加上针对IPV4流量的接收负载均衡(receive load balance,rlb)
- ⽽且不需要任何switch(交换机)的⽀持。
▶6 ubuntu 18.04的双网卡绑定配置
- 两块物理网卡必须是同一种模式
- 需要提前安装好bridge命令
sudo apt install bridge
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
eth1:
dhcp4: no
dhcp6: no
bonds:
bond0:
interfaces:
- eth0
- eth1
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
parameters:
mode: active-backup
mii-monitor-interval: 100
# 配置生效
netplan apply
reboot
- 测试效果
root@ubuntu1804-37:~# ping -c3 www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=1 ttl=56 time=3.09 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=2 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=2 ttl=56 time=3.93 ms
From 172.20.3.69 (172.20.3.69): icmp_seq=3 Redirect Network(New nexthop: _gateway (172.20.0.1))
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=3 ttl=56 time=7.09 ms
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 3.092/4.705/7.093/1.724 ms
- 查看bond0状态
root@ubuntu1804-37:~# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup) # 模式
Primary Slave: None
Currently Active Slave: eth1 # 备份链路网卡
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:a8
Slave queue ID: 0
Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:9e
Slave queue ID: 0
▶7 ubuntu 18.04的双网卡绑定+桥接
- 网卡绑定⽤于提供⽹卡接⼝冗余以及⾼可⽤和端⼝聚合功能,
- 桥接网卡再给需要桥接设备的服务使⽤
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
eth1:
dhcp4: no
dhcp6: no
bonds:
bond0:
interfaces:
- eth0
- eth1
parameters:
mode: active-backup
mii-monitor-interval: 100
bridges:
br0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
interfaces:
- bond0
# 配置生效
reboot
▶8 ubuntu 18.04的内外多⽹卡绑定
- 多⽹络情况下实现⽹卡绑定
- 使用四块网卡,分别主机模式以及bridge模式
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
eth1:
dhcp4: no
dhcp6: no
eth2:
dhcp4: no
dhcp6: no
eth3:
dhcp4: no
dhcp6: no
bonds:
bond0:
interfaces:
- eth0
- eth1
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
parameters:
mode: active-backup
mii-monitor-interval: 100
bond1:
interfaces:
- eth2
- eth3
addresses: [192.168.39.37/24]
parameters:
mode: active-backup
mii-monitor-interval: 100
routes:
- to: 172.20.0.0/16
via: 192.168.39.1
- to: 192.168.39.0/24
via: 192.168.39.1
# 配置生效
reboot
- 查看bond状态
# 查看bond0状态
root@ubuntu1804-37:~# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:a8
Slave queue ID: 0
Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:9e
Slave queue ID: 0
# 查看bond1状态
root@ubuntu1804-37:~# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth3
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
Slave Interface: eth3
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:b2
Slave queue ID: 0
Slave Interface: eth2
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 00:0c:29:ce:0b:bc
Slave queue ID: 0
▶9 ubuntu 18.04的内外多⽹卡绑定+桥接
vim /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
dhcp6: no
eth1:
dhcp4: no
dhcp6: no
eth2:
dhcp4: no
dhcp6: no
eth3:
dhcp4: no
dhcp6: no
bonds:
bond0:
interfaces:
- eth0
- eth1
parameters:
mode: active-backup
mii-monitor-interval: 100
bond1:
interfaces:
- eth2
- eth3
parameters:
mode: active-backup
mii-monitor-interval: 100
bridges:
br0:
dhcp4: no
dhcp6: no
addresses: [172.20.54.37/16]
gateway4: 172.20.0.1
nameservers:
addresses: [180.76.76.76]
interfaces:
- bond0
br1:
dhcp4: no
dhcp6: no
addresses: [192.168.39.37/24]
interfaces:
- bond1
routes:
- to: 172.20.0.0/16
via: 192.168.39.1
- to: 192.168.39.0/24
via: 192.168.39.1
# 配置生效
reboot
6️⃣ Ubuntu软件包管理
- 修改软件仓库:
阿⾥云仓库地址:https://opsx.alibaba.com/
中科⼤:http://mirrors.ustc.edu.cn/help/ubuntu.html
清华⼤学:https://mirror.tuna.tsinghua.edu.cn/help/ubuntu/
华为:https://mirrors.huaweicloud.com/ - apt/apt-get常用参数说明
apt list #apt列出仓库软件包,等于yum list
apt search NAME #搜索安装包
apt show apache2 #查看某个安装包的详细信息
apt install apache2 #在线安装软件包
apt remove apache2 #卸载单个软件包但是保留配置⽂件
apt autoremove apache2 #删除安装包并解决依赖关系
apt update #更新本地软件包列表索引,修改了apt仓库后必须执⾏
apt purge apache2 #卸载单个软件包删除配置⽂件
apt upgrade #升级所有已安装且可升级到新版本的软件包
apt full-upgrade #升级整个系统,必要时可以移除旧软件包。
apt edit-sources #编辑source源⽂件
apt-cache madison nginx #查看仓库中软件包有哪些版本可以安装
apt install nginx=1.14.0-0ubuntu1.6 #安装软件包的时候指定安装具体的版本
扫一扫
1441
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
