首页 > 代码库 > ubuntu12.04运维备忘

ubuntu12.04运维备忘

  • sunyurun@agoravoice.io
  • 2015-1-14 22:00:23

ubuntu的运维技能更新太快,每半年一个发行版,就要每半年更新一次。这些知识在ubuntu14.04LTS面前就全都忘掉吧。

1. 粗暴解决ubuntu下dpkg错误

sudo rm -rf /var/lib/apt/*
sudo apt-get update
sudo apt-get -f install

2. 在发包的抖动与延时之间微调参数

net.ipv4.tcp_max_syn_backlog=4096  #1024 增加TCP SYN队列长度,使系统可以处理更多的并发连接
net.core.wmem_default = 2097152 #108544,系统套接字缓冲区
net.core.rmem_default = 2097152 #108544,系统套接字缓冲区
net.core.rmem_max=16777216   #131071,系统套接字缓冲区
net.core.wmem_max=16777216 #131071,系统套接字缓冲区
net.ipv4.tcp_rmem=4096 87380 16777216  #4096   87380   174760, TCP接收缓冲区
net.ipv4.tcp_wmem=4096 65536 16777216 #4096  16384   131072, TCP发送缓冲区
net.ipv4.tcp_mem = 786432 1048576 1572864 # Out of socket memory
net.ipv4.tcp_syncookies=1  #0,防SyncFlood攻击
net.ipv4.ip_local_port_range = 32768 61000 #用于向外连接的端口范围,这是默认值
net.ipv4.tcp_max_tw_buckets = 5000  #180000,同时保持TIME_WAIT套接字的最大数量

3. ubuntu自动找最快的源

在source.list的顶部增加下面4行:

deb mirror://mirrors.ubuntu.com/mirrors.txt precise main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-updates main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-backports main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-security main restricted universe multiverse

4. ubuntu安装最新redis

sudo apt-get -y install python-software-properties
sudo add-apt-repository -y ppa:rwky/redis
sudo apt-get -y update
sudo apt-get -y install redis-server

5. ubuntu安装最新mongodb

5.1 安装

http://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10     
echo ‘deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen‘ | sudo tee /etc/apt/sources.list.d/mongodb.list
sudo apt-get update
sudo apt-get install mongodb-org

5.2 phpdriver

http://php.net/manual/en/mongo.installation.php
https://github.com/joevallender/slim-php-mongo-rest

sudo apt-get install php-pear
sudo pecl install mongo
extension=mongo.so
sudo service apache2 restart

6. ubuntu安装最新nodejs

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:chris-lea/node.js
sudo apt-get update
sudo apt-get install python g++ make nodejs

7. ubuntu安装samba

apt-get install samba
smbpasswd -a u
vim /etc/samba/smb.conf
;homes
; writable = yes
service smbd restart

8. ssh/scp取消每次询问yes/no

/etc/ssh/ssh_config 中的
#  StrictHostKeyChecking ask 改成
StrictHostKeyChecking no 

9. ubuntu的路由表配置

9.1 增加路由匹配条目

sudo route add -net 目标IP netmask 255.255.255.0 gw 网关IP
# 注意目标IP的掩码要和netmask保持一致

9.2 查看路由表

sudo route -n

10. udp丢包检测工具

sudo apt-get install 2ping
2ping --listen --stats=5 -q # udp server
2ping -i 0.02 -s 80 -q      # udp client

11. tc调用netem做网络模拟

http://www.linuxfoundation.org/collaborate/workgroups/networking/netem

tc qdisc del dev eth1 root

11.1 原理

  • Netem 是 Linux 2.6 及以上内核版本提供的一个网络模拟功能模块。该功能模块可以用来在性能良好的局域网中,模拟出复杂的互联网传输性能,诸如低带宽、传输延迟、丢包等等情况

  • tc 是 Linux 系统中的一个工具,全名为traffic control。tc 可以用来控制 netem 的工作模式

11.2 发送延时

tc qdisc add dev eth0 root netem delay 100ms            # 延迟100毫秒
tc qdisc add dev eth0 root netem delay 100ms 20ms       # 延迟 100ms ± 10ms
tc qdisc add dev eth0 root netem delay 100ms loss 20%   # 30% 的包在100ms±10ms 70%保持100ms

11.3 发送丢包

tc qdisc add dev eth0 root netem loss 20%               # 随机丢包20%
tc qdisc add dev eth0 root netem loss 20% 40%           # 随机丢包20% 成功率为40%

11.4 发送重复

tc qdisc add dev eth0 root netem duplicate 1%

11.5 发送损坏

 tc qdisc add dev eth0 root netem corrupt 0.2%

11.6 发送乱序

# 有 25% 的数据包(50%相关)会被立即发送,其他的延迟 10 秒
tc qdisc change dev eth0 root netem delay 10ms reorder 25% 50% 

11.7 指定目标地址

tc qdisc add dev eth1 root handle 1: prio
tc qdisc add dev eth1 parent 1:1 handle 2: netem delay 500ms
tc filter add dev eth1 parent 1:0 protocol ip pref 55 handle ::55 u32 match ip dst 192.168.1.140 flowid 2:1

12. mysql常用运维

12.1 增加用户

CREATE USER ‘test‘@‘localhost‘ IDENTIFIED BY ‘test_password‘;
GRANT ALL PRIVILEGES ON *.*  TO ‘test‘@‘localhost‘;

12.2 改变用户密码

SET PASSWORD FOR ‘root‘@‘localhost‘ = PASSWORD("root_password");

12.3 创建新的mysql实例

#!/bin/bash
# script created by @everwanna

port=$2
name="mysql-$1"
data=http://www.mamicode.com/"/var/lib/$name">

12.4 登陆非默认实例

mysql -h127.0.0.1 -uroot -P4316 -ppassword

12.5 phpmyadmin支持多数据库实例

修改/var/lib/phpmyadmin/config.inc.php

$index = INDEX; // 下拉框的下标
$cfg[‘Servers‘][$index][‘verbose‘] = ‘default‘;
$cfg[‘Servers‘][$index][‘host‘] = ‘127.0.0.1‘;
$cfg[‘Servers‘][$index][‘port‘] = 3306;
$cfg[‘Servers‘][$index][‘socket‘] = ‘/var/run/mysqld/mysqld.sock‘;
$cfg[‘Servers‘][$index][‘connect_type‘] = ‘socket‘;
$cfg[‘Servers‘][$index][‘extension‘] = ‘mysqli‘;
$cfg[‘Servers‘][$index][‘auth_type‘] = ‘cookie‘;
$cfg[‘Servers‘][$index][‘user‘] = ‘root‘;
$cfg[‘Servers‘][$index][‘password‘] = ‘‘;

12.6 配置主从同步

@master:

sudo su
vim /etc/mysql/my.cnf
server-id               = 1
log-bin                 = mysql-bin
binlog_format           = mixed
expire_logs_days        = 10 
max_binlog_size         = 100M
binlog-do-db            = [dbname-you-wanna-sync]

service mysql restart
mysql -uroot -pagorabestvoip -h127.0.0.1 -P3306
GRANT REPLICATION SLAVE ON *.* TO ‘[remote username]‘@‘[master ip]‘ IDENTIFIED BY ‘[passwd]‘;
show master status\G

@slave:

sudo su
service mysql stop
vim /etc/mysql/my.cnf
server-id   =   [slave server id]
binlog-do-db =  [dbname-you-wanna-sync]

service mysql restart
mysql -uroot -pagorabestvoip -h127.0.0.1 -P3306
slave stop;
change master to master_host=‘[master ip]‘,master_port=[port],master_user=‘[remote username]‘, master_password=‘[passwd]‘,master_log_file=‘mysql-bin.000004‘,master_log_pos=107; 
start slave; 
show slave status\G;

13. php允许上传大文件

sudo vim /etc/php5/apache2/php.ini
upload_max_filesize = 50M
post_max_size = 50M

sudo vim /etc/apache2/envvars

14. bash常用命令

获取文件最后修改时间戳

stat -c %Y vs.exe

获取本地IP

ifconfig | awk -F: ‘/inet addr/&& !($2 ~ /127\.0\.0\.1/){gsub(/ .*/, "", $2); print $2}‘

列出10条最高频度的命令

history | awk ‘{a[$2]++}END{for(i in a){print a[i] " " i}}‘ | sort -rn | head

进程启动准确时间

for pid in $(pgrep exe); do echo -n "${pid} " ; ps -p ${pid} -o lstart | grep -v "START" ; done

15. ubuntu x64安装32位运行时

sudo apt-get install ia32-libs

16. ubuntu内核自动更新导致/boot分区变大

http://askubuntu.com/questions/89710/how-do-i-free-up-more-space-in-boot

uname -r                            # 查看正在使用的内核
dpkg -l linux-image-\* | grep ^ii   # 列出所有内核
sudo apt-get -y purge               # 删除内核:后边指定内核版本

一键删除不用内核:

dpkg -l linux-{image,headers}-"[0-9]*" | awk ‘/^ii/{ print $2}‘ | grep -v -e `uname -r | cut -f1,2 -d"-"` | grep -e ‘[0-9]‘ | xargs sudo apt-get -y purge

17. C++快捷方式

17.1 copy vector to stringstream

std::copy(sentence.begin(), sentence.end(), std::ostream_iterator<std::string>(ss,"\n"));

17.2 transform map.key to vector

std::vector<uint32_t> vec;
std::transform(users.begin(), users.end(), std::back_inserter(vec), [&](
    const std::map<uint32_t, user_info_ptr>::value_type& x) {
     return x.first;
});

17.3 ifstream to string

ifstream ifs("file.txt");
stringstream ss;
ss << ifs.rdbuf();

17.4 lambda参数类型的自动识别

 #define _A(container) decltype(*std::begin(container))
std::for_each(ints.begin(), ints.end(), [](_A(ints)& val){ val = 7; });

18. ubuntu配置coredump永久生效

vim /etc/security/limits.conf
*       hard    core    unlimited
*       soft    core    unlimited
*       soft    nofile  65500
*       hard    nofile  65500

sudo sed "s/enabled=1/enabled=0/" -i /etc/default/apport
grep enabled /etc/default/apport
sudo echo "kernel.core_pattern=/tmp/core-%e-%t-%p-%u" | sudo tee /etc/sysctl.d/core-pattern.conf
sudo service procps start

19. ubuntu自动时钟同步

sudo apt-get install ntpd

20. ubuntu配置dns

echo ‘nameserver 8.8.8.8‘ | sudo tee /etc/resolvconf/resolv.conf.d/base
sudo service resolvconf restart
cat /etc/resolv.conf

21. ubuntu禁用密码登陆

sed "s/$password_enabled/PasswordAuthentication no/" /etc/ssh/sshd_config > sshd_config
sudo mv -v sshd_config /etc/ssh/sshd_config
sudo service ssh reload

22. ubuntu使用rsyslog

22.1 安装

sudo apt-get install -y rsyslog

22.2 分文件

$template FormatWithPRI,"%$NOW% %TIMESTAMP:8:15% %syslogseverity-text% %syslogtag%%msg:::drop-last-lf%\n"

if $programname == ‘demo.exe‘ then /var/log/demo.log;FormatWithPRI
if $programname == ‘demo.exe‘ then ~

22.3 按级别过滤

if $syslogseverity == ‘7‘ then ~

22.4 log rotate

/var/log/demo.log
{
    rotate 100
    copytruncate
    dateext
    minsize 1M
    daily
    missingok
    notifempty
    delaycompress
    compress
    postrotate
        reload rsyslog >/dev/null 2>&1 || true
    endscript
}

ubuntu12.04运维备忘