- sunyurun@agoravoice.io
- 2015-1-14 22:00:23
ubuntu的运维技能更新太快,每半年一个发行版,就要每半年更新一次。这些知识在ubuntu14.04LTS面前就全都忘掉吧。
1. 粗暴解决ubuntu下dpkg错误
sudo rm -rf /var/lib/apt/*
sudo apt-get update
sudo apt-get -f install
2. 在发包的抖动与延时之间微调参数
net.ipv4.tcp_max_syn_backlog=4096 #1024 增加TCP SYN队列长度,使系统可以处理更多的并发连接
net.core.wmem_default = 2097152 #108544,系统套接字缓冲区
net.core.rmem_default = 2097152 #108544,系统套接字缓冲区
net.core.rmem_max=16777216 #131071,系统套接字缓冲区
net.core.wmem_max=16777216 #131071,系统套接字缓冲区
net.ipv4.tcp_rmem=4096 87380 16777216 #4096 87380 174760, TCP接收缓冲区
net.ipv4.tcp_wmem=4096 65536 16777216 #4096 16384 131072, TCP发送缓冲区
net.ipv4.tcp_mem = 786432 1048576 1572864 # Out of socket memory
net.ipv4.tcp_syncookies=1 #0,防SyncFlood攻击
net.ipv4.ip_local_port_range = 32768 61000 #用于向外连接的端口范围,这是默认值
net.ipv4.tcp_max_tw_buckets = 5000 #180000,同时保持TIME_WAIT套接字的最大数量
3. ubuntu自动找最快的源
在source.list的顶部增加下面4行:
deb mirror://mirrors.ubuntu.com/mirrors.txt precise main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-updates main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-backports main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-security main restricted universe multiverse
4. ubuntu安装最新redis
sudo apt-get -y install python-software-properties
sudo add-apt-repository -y ppa:rwky/redis
sudo apt-get -y update
sudo apt-get -y install redis-server
5. ubuntu安装最新mongodb
5.1 安装
http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
sudo apt-get update
sudo apt-get install mongodb-org
5.2 phpdriver
http://php.net/manual/en/mongo.installation.php
https://github.com/joevallender/slim-php-mongo-rest
sudo apt-get install php-pear
sudo pecl install mongo
extension=mongo.so
sudo service apache2 restart
6. ubuntu安装最新nodejs
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:chris-lea/node.js
sudo apt-get update
sudo apt-get install python g++ make nodejs
7. ubuntu安装samba
apt-get install samba
smbpasswd -a u
vim /etc/samba/smb.conf
;homes
; writable = yes
service smbd restart
8. ssh/scp取消每次询问yes/no
/etc/ssh/ssh_config 中的
# StrictHostKeyChecking ask 改成
StrictHostKeyChecking no
9. ubuntu的路由表配置
9.1 增加路由匹配条目
sudo route add -net 目标IP netmask 255.255.255.0 gw 网关IP
# 注意目标IP的掩码要和netmask保持一致
9.2 查看路由表
sudo route -n
10. udp丢包检测工具
sudo apt-get install 2ping
2ping --listen --stats=5 -q # udp server
2ping -i 0.02 -s 80 -q # udp client
11. tc调用netem做网络模拟
http://www.linuxfoundation.org/collaborate/workgroups/networking/netem
tc qdisc del dev eth1 root
11.1 原理
-
Netem 是 Linux 2.6 及以上内核版本提供的一个网络模拟功能模块。该功能模块可以用来在性能良好的局域网中,模拟出复杂的互联网传输性能,诸如低带宽、传输延迟、丢包等等情况
-
tc 是 Linux 系统中的一个工具,全名为traffic control。tc 可以用来控制 netem 的工作模式
11.2 发送延时
tc qdisc add dev eth0 root netem delay 100ms # 延迟100毫秒
tc qdisc add dev eth0 root netem delay 100ms 20ms # 延迟 100ms ± 10ms
tc qdisc add dev eth0 root netem delay 100ms loss 20% # 30% 的包在100ms±10ms 70%保持100ms
11.3 发送丢包
tc qdisc add dev eth0 root netem loss 20% # 随机丢包20%
tc qdisc add dev eth0 root netem loss 20% 40% # 随机丢包20% 成功率为40%
11.4 发送重复
tc qdisc add dev eth0 root netem duplicate 1%
11.5 发送损坏
tc qdisc add dev eth0 root netem corrupt 0.2%
11.6 发送乱序
# 有 25% 的数据包(50%相关)会被立即发送,其他的延迟 10 秒
tc qdisc change dev eth0 root netem delay 10ms reorder 25% 50%
11.7 指定目标地址
tc qdisc add dev eth1 root handle 1: prio
tc qdisc add dev eth1 parent 1:1 handle 2: netem delay 500ms
tc filter add dev eth1 parent 1:0 protocol ip pref 55 handle ::55 u32 match ip dst 192.168.1.140 flowid 2:1
12. mysql常用运维
12.1 增加用户
CREATE USER 'test'@'localhost' IDENTIFIED BY 'test_password';
GRANT ALL PRIVILEGES ON *.* TO 'test'@'localhost';
12.2 改变用户密码
SET PASSWORD FOR 'root'@'localhost' = PASSWORD("root_password");
12.3 创建新的mysql实例
#!/bin/bash
# script created by @everwanna
port=$2
name="mysql-$1"
data="/var/lib/$name"
log="/var/log/mysql/$name"
config="/etc/mysql/$name.cnf"
pidname="mysqld-$1.pid"
pid="/var/run/mysqld/mysqld-$1.pid"
sockname="mysqld-$1.sock"
sock="/var/run/mysqld/mysqld-$1.sock"
runpid="/run/mysqld/mysqld-$1.pid"
runsock="/run/mysqld/mysqld-$1.sock"
# data
sudo mkdir $data
sudo chown -R mysql $data
# log
sudo mkdir $log
sudo chown -R mysql $log
# config
sudo cp /etc/mysql/my.cnf $config
sudo sed -i "s/= 3306/= $port/g" $config
sudo sed -i "s/mysqld.sock/$sockname/g" $config
sudo sed -i "s/mysqld.pid/$pidname/g" $config
sudo sed -i "s/\/var\/lib\/mysql/\/var\/lib\/$name/g" $config
sudo sed -i "s/\/var\/log\/mysql/\/var\/log\/mysql\/$name/g" $config
# apparmor
echo "" | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$data/ r," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$data/** rwk," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$pid rw," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$sock w," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$runpid rw," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
echo "$runsock w," | sudo tee -a /etc/apparmor.d/local/usr.sbin.mysqld
sudo service apparmor reload
sudo mysql_install_db --user=mysql --basedir=/usr --datadir=$data --defaults-file=$config
sudo -b mysqld_safe --defaults-file=$config --user=mysql
echo "PLEASE ADD THE FOLLOWING LINE INTO /etc/rc.local"
echo "sudo -b mysqld_safe --defaults-file=$config --user=mysql"
12.4 登陆非默认实例
mysql -h127.0.0.1 -uroot -P4316 -ppassword
12.5 phpmyadmin支持多数据库实例
修改/var/lib/phpmyadmin/config.inc.php
:
$index = INDEX; // 下拉框的下标
$cfg['Servers'][$index]['verbose'] = 'default';
$cfg['Servers'][$index]['host'] = '127.0.0.1';
$cfg['Servers'][$index]['port'] = 3306;
$cfg['Servers'][$index]['socket'] = '/var/run/mysqld/mysqld.sock';
$cfg['Servers'][$index]['connect_type'] = 'socket';
$cfg['Servers'][$index]['extension'] = 'mysqli';
$cfg['Servers'][$index]['auth_type'] = 'cookie';
$cfg['Servers'][$index]['user'] = 'root';
$cfg['Servers'][$index]['password'] = '';
12.6 配置主从同步
@master:
sudo su
vim /etc/mysql/my.cnf
server-id = 1
log-bin = mysql-bin
binlog_format = mixed
expire_logs_days = 10
max_binlog_size = 100M
binlog-do-db = [dbname-you-wanna-sync]
service mysql restart
mysql -uroot -pagorabestvoip -h127.0.0.1 -P3306
GRANT REPLICATION SLAVE ON *.* TO '[remote username]'@'[master ip]' IDENTIFIED BY '[passwd]';
show master status\G
@slave:
sudo su
service mysql stop
vim /etc/mysql/my.cnf
server-id = [slave server id]
binlog-do-db = [dbname-you-wanna-sync]
service mysql restart
mysql -uroot -pagorabestvoip -h127.0.0.1 -P3306
slave stop;
change master to master_host='[master ip]',master_port=[port],master_user='[remote username]', master_password='[passwd]',master_log_file='mysql-bin.000004',master_log_pos=107;
start slave;
show slave status\G;
13. php允许上传大文件
sudo vim /etc/php5/apache2/php.ini
upload_max_filesize = 50M
post_max_size = 50M
sudo vim /etc/apache2/envvars
14. bash常用命令
获取文件最后修改时间戳
stat -c %Y vs.exe
获取本地IP
ifconfig | awk -F: '/inet addr/&& !($2 ~ /127\.0\.0\.1/){gsub(/ .*/, "", $2); print $2}'
列出10条最高频度的命令
history | awk '{a[$2]++}END{for(i in a){print a[i] " " i}}' | sort -rn | head
进程启动准确时间
for pid in $(pgrep exe); do echo -n "${pid} " ; ps -p ${pid} -o lstart | grep -v "START" ; done
15. ubuntu x64安装32位运行时
sudo apt-get install ia32-libs
16. ubuntu内核自动更新导致/boot分区变大
http://askubuntu.com/questions/89710/how-do-i-free-up-more-space-in-boot
uname -r # 查看正在使用的内核
dpkg -l linux-image-\* | grep ^ii # 列出所有内核
sudo apt-get -y purge # 删除内核:后边指定内核版本
一键删除不用内核:
dpkg -l linux-{image,headers}-"[0-9]*" | awk '/^ii/{ print $2}' | grep -v -e `uname -r | cut -f1,2 -d"-"` | grep -e '[0-9]' | xargs sudo apt-get -y purge
17. C++快捷方式
17.1 copy vector to stringstream
std::copy(sentence.begin(), sentence.end(), std::ostream_iterator<std::string>(ss,"\n"));
17.2 transform map.key to vector
std::vector<uint32_t> vec;
std::transform(users.begin(), users.end(), std::back_inserter(vec), [&](
const std::map<uint32_t, user_info_ptr>::value_type& x) {
return x.first;
});
17.3 ifstream to string
ifstream ifs("file.txt");
stringstream ss;
ss << ifs.rdbuf();
17.4 lambda参数类型的自动识别
#define _A(container) decltype(*std::begin(container))
std::for_each(ints.begin(), ints.end(), [](_A(ints)& val){ val = 7; });
18. ubuntu配置coredump永久生效
vim /etc/security/limits.conf
* hard core unlimited
* soft core unlimited
* soft nofile 65500
* hard nofile 65500
sudo sed "s/enabled=1/enabled=0/" -i /etc/default/apport
grep enabled /etc/default/apport
sudo echo "kernel.core_pattern=/tmp/core-%e-%t-%p-%u" | sudo tee /etc/sysctl.d/core-pattern.conf
sudo service procps start
19. ubuntu自动时钟同步
sudo apt-get install ntpd
20. ubuntu配置dns
echo 'nameserver 8.8.8.8' | sudo tee /etc/resolvconf/resolv.conf.d/base
sudo service resolvconf restart
cat /etc/resolv.conf
21. ubuntu禁用密码登陆
sed "s/$password_enabled/PasswordAuthentication no/" /etc/ssh/sshd_config > sshd_config
sudo mv -v sshd_config /etc/ssh/sshd_config
sudo service ssh reload
22. ubuntu使用rsyslog
22.1 安装
sudo apt-get install -y rsyslog
22.2 分文件
$template FormatWithPRI,"%$NOW% %TIMESTAMP:8:15% %syslogseverity-text% %syslogtag%%msg:::drop-last-lf%\n"
if $programname == 'demo.exe' then /var/log/demo.log;FormatWithPRI
if $programname == 'demo.exe' then ~
22.3 按级别过滤
if $syslogseverity == '7' then ~
22.4 log rotate
/var/log/demo.log
{
rotate 100
copytruncate
dateext
minsize 1M
daily
missingok
notifempty
delaycompress
compress
postrotate
reload rsyslog >/dev/null 2>&1 || true
endscript
}