Linux 常用命令
从本机拷贝文件到远端机器:
scp jdk-6u37-linux-x64-rpm.bin root@192.168.72.102:/root
vi复制一行并粘贴:
1)把光标移动到要复制的行上
2)按yy
3)把光标移动到要复制的位置
4)按p
vi/vim后退(取消修改):按u
vi/vim添加新行:按A,然后回车
Mysql备份数据库:
mysqldump -u root -p密码 dbname >d:\test.sql
centOS7 firewall-cmd 端口转发:
# 允许防火墙伪装IP
firewall-cmd --add-masquerade
# 增加8393端口的映射到192.168.1.107的8393:
firewall-cmd --add-forward-port=port=8393:proto=tcp:toaddr=192.168.1.107:toport=8393 --permanent
# 增加8066端口的映射到192.168.1.105的8066:
firewall-cmd --add-forward-port=port=8066:proto=tcp:toaddr=192.168.1.105:toport=8066 --permanent
Mysql还原数据库:
先登录: mysql -uroot -p
再创建需要还原的数据库 create database 数据库名
切换到创建的数据库:use 数据库名
执行sql脚本:source 脚本.sql
linux 创建用户并设定主目录:
useradd -d /data/cdnlab cdnlab
设定用户的密码:
passwd cdnlab
启动axis2的webservice:
nohup sh /opt/axis2-1.6.0/bin/axis2server.sh &>/root/websvr.log &
centos 添加静态路由:
#比如我有双网卡,分别是192.168.68.7/24 10.0.101.88/24
因为搭建了个实验网,所以想让所有10.0.0.0/8 的路由都通过10.0.101.1转发,下面这样配置就可以了:
route add -net 10.0.0.0/8 gw 10.0.101.1
启动AXIS2服务器:
nohup sh axis2server.sh &>/var/logs/axis2.log &
删除mysql
yum remove mysql mysql-server mysql-libs mysql-server;
find / -name mysql 将找到的相关东西delete掉;
rpm -qa|grep mysql(查询出来的东东yum remove掉)
将某文件的指定行输出到新文件
cat crawler.log | tail -n +438856 | head -n 281208 > yuanling.gov.cn.log
意思是指从第438856行开始,连续显示 281208行数据,并且将结果重定向到yuanling.gov.cn.log
CentOS7 防火墙允许端口:
firewall-cmd --permanent --add-port=59999/tcp
firewall-cmd --reload
CentOS7 防火墙允许服务:
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
systemd新增自定义服务:
vim /usr/lib/systemd/system/ipsec.service
[Unit]
Description=ipsec - ipsec strongswan
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/ipsec start
ExecReload=/usr/local/sbin/ipsec restart
ExecStop=/usr/local/sbin/ipsec stop
[Install]
WantedBy=multi-user.target
保存后,设置文件权限:
chmod 754 /usr/lib/systemd/system/ipsec.service
允许开机自启动:
systemctl enable ipsec.service
启动服务:
systemctl start ipsec.service
fedora 25 增加开机自启动脚本:
1.修改 /usr/lib/systemd/system/rc-local.service
在末尾增加如下代码:
[Install]
WantedBy=multi-user.target
2.新建文件/etc/rc.d/rc.local
并输入下面的内容,下面是示例内容:
#!/bin/bash
#下面是你需要执行的脚本
/usr/bin/ssserver -c /etc/xxx.json -d start
3.保存并退出。
4.chmod +x /etc/rc.d/rc.local
5.systemctl enable rc-local.service
6. systemctl start rc-local.service
完毕。。
Linux 下安装pip:
wget https://bootstrap.pypa.io/get-pip.py
python get-pip.py
pip -V
CentOS 6 安装ncdu
sudo yum update nss
sudo rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
sudo yum -y install ncdu
#查看磁盘使用率
#图形界面
sudo ncdu /
#json格式
sudo ncdu / -o ncdu.log
#查看根目录
more ncdu.log |grep “asize”|sed ‘s/"/,/g’|awk -F , ‘{print $4,$8}’|sort -t “:” -k2 -rn|head -n 10
#配置免密登录
#配置相互免密登录
#controller1
ssh-keygen
#三次回车
#将密钥发送至其他机器上,每一次复制都要输入yes及当前用户的密码:
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub crawler1
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub crawler2
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub crawler3
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub master1
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub slave1
ssh-copy-id -i /home/nanjing/.ssh/id_rsa.pub slave2
#其他机器同样的操作,注意修改机器名即可。前提是host里有这些机器的hostname和ip的配置
CentOS 安装crontab
sudo yum install -y vixie-cron
sudo yum install -y crontabs
ncdu查看Linux服务器各目录占用磁盘大小情况
#为每台机器安装ncdu
sudo yum -y update nss
sudo rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
sudo yum -y install ncdu
#查看磁盘使用率
#图形界面
sudo ncdu /
#json格式
sudo ncdu / -o ncdu.log
#查看根目录
more ncdu.log |grep “asize”|sed ‘s/"/,/g’|awk -F , ‘{print $4,$8}’|sort -t “:” -k2 -rn|head -n 10
CentOS7 使用阿里云的epel源
yum remove epel-release
wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all && yum makecache
Linux下 没有vi命令的时候 cat编辑文件:
cat > test_hugedata.txt << EOF
粘贴要输入的文字,然后回车,然后输入EOF结束。
centos7修改系统时区后 jdk不生效的解决方法:
timedatectl set-timezone Asia/Shanghai
Centos7修改机器名
hostnamectl set-hostname yourHostName
然后修改 /etc/hosts
#CentOS7 disable selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
#CentOS7 set ntp
yum install -y ntp
# 配置NTP 所有机器: 先修改时区: vim /etc/profile 再最后添加一行 输入: TZ='Asia/Shanghai'; export TZ 保存退出 source /etc/profile vim /etc/ntp.conf neo4j1: 修改 server 配置为对应的server地址(内网部署的时候请配置为内网的ntp server) 输入: server 120.25.108.11 iburst server 182.92.12.11 iburst #外部时间server不可用时,以本地时间作为时间服务 server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 #允许本地局域网连接,网段根据需求更改 restrict 192.168.137.0 mask 255.255.255.0 nomodify notrap neo4j2: 输入: server neo4j1 # 外部时间server不可用时,以本地时间作为时间服务 server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 neo4j1: ntpdate -u 120.25.108.11 所有机器: sudo systemctl start ntpd sudo systemctl enable ntpd hwclock --systohc 使得 neo4j1 节点同步上游服务器, neo4j2 节点同步 neo4j1服务器。 检查ntp状态; ntpq -p 停止 chronyd 服务 systemctl stop chronyd.service systemctl disable chronyd.service
以CentOS6为例
修改最大句柄数
sudo vim /etc/security/limits.conf,增加:
* soft nofile 1024000 * hard nofile 1048576 * soft nproc 1024000 * hard nproc unlimited * soft memlock unlimited * hard memlock unlimited
以CentOS7为例
修改最大句柄数
修改服务器配置(仔细检查各项配置,如果已经存在,则只需要修改为下面的值即可):
vim /etc/systemd/system.conf
查找并修改下列两行的值:
DefaultLimitNOFILE=1024000
DefaultLimitNPROC=1024000
vim /etc/security/limits.conf
在文件中添加:
root soft fsize unlimited
root hard fsize unlimited
root soft cpu unlimited
root hard cpu unlimited
root soft as unlimited
root hard as unlimited
root soft nofile 1024000
root hard nofile 1024000
root soft nproc 1024000
root hard nproc 1024000
vim /etc/security/limits.d/20-nproc.conf
* soft nproc 1024000
root soft nproc unlimited
centos 升级内核
1. 载入公钥
[root@server-1 ~]# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
2. 升级安装ELRepo
[root@server-1 ~]#yum install https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
3. 载入elrepo-kernel元数据
[root@server-1 ~]# yum --disablerepo=\* --enablerepo=elrepo-kernel repolist
4. 查看可用的rpm包
9. 查看当前实际启动顺序
[root@server-1 ~]# grub2-editenv list
saved_entry=CentOS Linux (3.10.0-957.5.1.el7.x86_64) 7 (Core)
10. 设置默认启动
[root@server-1 ~]# grub2-set-default 'CentOS Linux (4.20.12-1.el7.elrepo.x86_64) 7 (Core)'
[root@server-1 ~]# grub2-editenv list
saved_entry=CentOS Linux (4.20.12-1.el7.elrepo.x86_64) 7 (Core)
或者直接设置数值
[root@server-1 ~]# grub2-set-default 0 // 0代表当前第一行,也就是上面的4.20.12版本那一行内容
[root@server-1 ~]# grub2-editenv list
saved_entry=0
11. 重启并检查
[root@server-1 ~]# reboot
[root@server-1 ~]# uname -r
centos7开启bbr
sudo sysctl net.ipv4.tcp_available_congestion_control
echo 'net.core.default_qdisc=fq' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv4.tcp_congestion_control=bbr' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
sudo sysctl net.ipv4.tcp_available_congestion_control
sudo sysctl -n net.ipv4.tcp_congestion_control
lsmod | grep bbr
CentOS6 yum源失效的解决办法:
阿里云:
mkdir -p /etc/yum.repos.d/repo_backup
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/repo_backup
vim /etc/yum.repos.d/CentOS-Base.repo
[base] name=CentOS-6.5 - Base - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos-vault/6.5/os/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos-vault/RPM-GPG-KEY-CentOS-6 [updates] name=CentOS-6.5 - Updates - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos-vault/6.5/updates/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos-vault/RPM-GPG-KEY-CentOS-6 [extras] name=CentOS-6.5 - Extras - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos-vault/6.5/extras/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos-vault/RPM-GPG-KEY-CentOS-6 [centosplus] name=CentOS-6.5 - Plus - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos-vault/6.5/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirrors.aliyun.com/centos-vault/RPM-GPG-KEY-CentOS-6 [contrib] name=CentOS-6.5 - Contrib - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos-vault/6.5/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://mirrors.aliyun.com/centos-vault/RPM-GPG-KEY-CentOS-6
epel:
阿里云:
wget --no-check-certificate https://mirrors.aliyun.com/epel-archive/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
rm -rf /etc/yum.repos.d/epel.repo
wget --no-check-certificate -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-archive-6.repo
yum -y update wget
#install epel vault source #wget https://archives.fedoraproject.org/pub/archive/epel/6/x86_64/epel-release-6-8.noarch.rpm #rpm -ivh epel-release-6-8.noarch.rpm yum --disablerepo=epel -y update ca-certificates yum clean all yum makecache
官方:
epel.repo:
[epel] name=Extra Packages for Enterprise Linux 6 - $basearch baseurl=https://archives.fedoraproject.org/pub/archive/epel/6/$basearch #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 [epel-debuginfo] name=Extra Packages for Enterprise Linux 6 - $basearch - Debug #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 gpgcheck=1 [epel-source] name=Extra Packages for Enterprise Linux 6 - $basearch - Source #baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 gpgcheck=1
禁用base,新建CentOS-Vault.repo:
# CentOS-Vault.repo # # CentOS Vault holds packages from previous releases within the same CentOS Version # these are packages obsoleted by the current release and should usually not # be used in production #----------------- [C6.0-base] name=CentOS-6.0 - Base baseurl=http://vault.centos.org/6.0/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.0-updates] name=CentOS-6.0 - Updates baseurl=http://vault.centos.org/6.0/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.0-extras] name=CentOS-6.0 - Extras baseurl=http://vault.centos.org/6.0/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.0-contrib] name=CentOS-6.0 - Contrib baseurl=http://vault.centos.org/6.0/contrib/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.0-centosplus] name=CentOS-6.0 - CentOSPlus baseurl=http://vault.centos.org/6.0/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 #----------------- [C6.1-base] name=CentOS-6.1 - Base baseurl=http://vault.centos.org/6.1/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.1-updates] name=CentOS-6.1 - Updates baseurl=http://vault.centos.org/6.1/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.1-extras] name=CentOS-6.1 - Extras baseurl=http://vault.centos.org/6.1/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.1-contrib] name=CentOS-6.1 - Contrib baseurl=http://vault.centos.org/6.1/contrib/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.1-centosplus] name=CentOS-6.1 - CentOSPlus baseurl=http://vault.centos.org/6.1/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 #----------------- [C6.2-base] name=CentOS-6.2 - Base baseurl=http://vault.centos.org/6.2/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.2-updates] name=CentOS-6.2 - Updates baseurl=http://vault.centos.org/6.2/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.2-extras] name=CentOS-6.2 - Extras baseurl=http://vault.centos.org/6.2/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.2-contrib] name=CentOS-6.2 - Contrib baseurl=http://vault.centos.org/6.2/contrib/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.2-centosplus] name=CentOS-6.2 - CentOSPlus baseurl=http://vault.centos.org/6.2/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 #----------------- [C6.3-base] name=CentOS-6.3 - Base baseurl=http://vault.centos.org/6.3/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.3-updates] name=CentOS-6.3 - Updates baseurl=http://vault.centos.org/6.3/updates/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.3-extras] name=CentOS-6.3 - Extras baseurl=http://vault.centos.org/6.3/extras/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.3-contrib] name=CentOS-6.3 - Contrib baseurl=http://vault.centos.org/6.3/contrib/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0 [C6.3-centosplus] name=CentOS-6.3 - CentOSPlus baseurl=http://vault.centos.org/6.3/centosplus/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 enabled=0
yum --disablerepo=epel -y update ca-certificates
yum clean all
yum makecache
如果遇到ssl错误,则将epel.repoo中的https换成http,然后 yum install ca-certificates yum update curl 即可,可以选择将http修改回https。
centos6 修改机器名:
vi /etc/sysconfig/network
重启
查看linux系统网卡绑定的CPU:
mpstat -P ALL 1
输出中查明:里面的 %irq 一列即说明了CPU忙于处理中断的时间占比
CentOS6.x查看CPU,可以参看以下命令来查看
1.查看CPU型号
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c
2.查看物理CPU的个数
cat /proc/cpuinfo |grep "physical id"|sort |uniq|wc -l
3.查看逻辑CPU的个数
cat /proc/cpuinfo |grep "processor"|wc -l
4.查看CPU是几核
cat /proc/cpuinfo |grep "cores"|uniq
lscpu
CENTOS 编译安装tcpdump:
yum -y install gcc make cmake flex bison
然后去下载源代码后编译安装:http://www.tcpdump.org/#latest-release
./configure
make && make install
tcpdump监控所有的80、443端口流量
tcpdump.4.99.1 'tcp port 80 or 443 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' -w http_88.26_20210727_001.pcap
查看进程打开的句柄数:
lsof -n|awk '{print $2}'|sort|uniq -c|sort -nr|more
centos7 设置nto与腾讯云服务器同步
vim /etc/ntp.conf :
注释掉原来的时间服务器,增加下列配置:
disable monitor server ntp.tencent.com iburst
server ntp1.tencent.com iburst
server ntp2.tencent.com iburst
server ntp3.tencent.com iburst
server ntp4.tencent.com iburst
server ntp5.tencent.com iburst
Linux 查看网卡型号
lspci | grep -i ethernet
制作openwrt镜像文件前整理磁盘,减少镜像文件大小
cd / touch tmpfile dd if=/dev/zero of=/tmpfile rm -f /tmpfile
禁止CentOS7 自动更新并清空缓存
systemctl stop packagekit systemctl mask packagekit yum remove PackageKit* yum clean all
CentOS7 测试硬盘速度
#先进入到对应的硬盘的挂载点 #不等落盘 dd if=/dev/zero of=test bs=8k count=256k conv=fdatasync rm -r test #等落盘 dd if=/dev/zero of=test bs=64k count=4k oflag=dsync rm -r test
tcpdump抓包DNS请求:
tcpdump -i enp0s3 -nt -s 500 port domain -w dns.pcap
CentOS7 设置grub2修改引导项的密码
1.登录服务器,设置grub2的修改密码: grub2-setpassword 提示输入密码,回车后,再输入一遍并回车 2.重启服务器,在grub2选择系统内核菜单时按c或者e键(根据版本不同,按键也不一样),测试是否需要输入密码,测试输入正确的密码后才能进入编辑界面
CentOS7安装debuginfo:
vim /etc/yum.repos.d/CentOS-Debug.repo #Debug Info [debug] name=CentOS-$releasever - DebugInfo baseurl=http://linuxsoft.cern.ch/centos-debuginfo/$releasever/$basearch/ gpgcheck=0 enabled=1 protect=1 priority=1 yum clean all yum makecache yum --nogpgcheck --enablerepo=debug install glibc-debuginfo
清空hadoop节点日志:
du -h /var/log/ rm -f /var/log/ambari-agent/* rm -f /var/log/hadoop/hdfs/* rm -f /var/log/hadoop-yarn/yarn/* rm -f /var/log/zookeeper/* rm -f /var/log/solr/* rm -f /var/log/hbase/* du -h /var/log/
ubuntu 20.4 vnc连接失败的解决办法:
通过 apt 命令安装 dconf-editor 程序。 apt install dconf-editor dconf 类似于 windows 内的注册表编辑器,而dconf-editor 是 dconf 的一个图形化操作程序。 在命令行中输入 dconf-editor ,进入/org/gnome/desktop/remote-access/vnc-passwd 目录,将 require-encryption 选项设置为 false。
ubuntu 20.04 允许root远程登录的办法:
sudo vim /etc/ssh/sshd_config #找到: PermitRootLogin prohibie-password #替换成: PermitRootLogin yes #修改root的密码 sudo passwd root #输入两边密码即可
CentOS7中允许docker登录自签名的HTTPS的Harbor的方法:
To add an insecure docker registry, add the file /etc/docker/daemon.json with the following content: { "insecure-registries" : [ "hostname.cloudapp.net:5000" ] } and then restart docker.
在ubuntu中:
和Centos一样,我的内容:
{
"insecure-registries" : [ "harbor.nl.com:443","harbor.nl.com" ]
}
tcpdump 抓指定来源IP的数据包:
tcpdump net 192.168.168.0/24 -w file.pcap
MySQL、MariaDB没有执行复杂SQL但是却占用CPU100%的问题的解决:
vim /etc/my.cnf 增加:
[mysqld]
thread_handling=pool-of-threads
重启即可。
CentOS7中立即同步时间:
ntpdate -u ntp服务器IP
MacOS 中手动禁止访问某些IP地址:
下面的示例,允许1.1.1.1和1.1.1.2,但是禁止访问1.1.1.3-1.1.1.254
sudo vim /etc/pf.conf
输入:
table <goodguys> { 1.1.1.0/24, !1.1.1.1, !1.1.1.2 }
block drop from any to <goodguys>
sudo pfctl -evf /etc/pf.conf
windows系统中定时监控并启动java程序并指定默认编码为utf-8的方法:
将run.bat创建快捷方式后放入,所有程序,开始,启动文件夹中并设置开机自动登录administrator会自动启动。
run.bat:
@echo off rem 定义需监控程序的进程名和程序路径,可根据需要进行修改 set keyStr=myapp set batFile=myapp.bat title 进程监控 cls echo. echo 进程监控开始…… echo. rem 定义循环体 :startjc rem 从进程列表中查找指定进程 rem 查找监控的进程是否在进程列表里 jps|findstr /i %keyStr% >nul rem 变量errorlevel的值等于0表示查找到进程,否则没有查找到进程 if %errorlevel%==0 ( echo ^>%date:~0,10% %time:~0,8% 程序正在运行…… )else ( echo ^>%date:~0,10% %time:~0,8% 没有发现程序进程 echo ^>%date:~0,10% %time:~0,8% 正在重新启动程序 start "%keyStr%" %batFile% && echo ^>%date:~0,10% %time:~0,8% 启动程序成功 ) rem 设置超时等待,类似sleep timeout /T 180 /NOBREAK goto startjc echo on
myapp.bat:
@echo off chcp 65001 > nul :: 设置窗口大小 mode con: cols=196 lines=96 set "AppName=myApp.jar" java -Dfile.encoding=utf-8 -Dspring.profiles.active=prod -Duser.timezone=Asia/Shanghai -Xms512M -Xmx2048M -XX:PermSize=256M -XX:MaxPermSize=512M -XX:+HeapDumpOnOutOfMemoryError -XX:+PrintGCDateStamps -XX:+PrintGCDetails -XX:NewRatio=1 -XX:SurvivorRatio=30 -XX:+UseParallelGC -XX:+UseParallelOldGC -jar target\%AppName% endlocal
CentOS 6,7安装Oracle jdk 1.8:
上传 jdk-8u181-linux-x64.rpm
rpm -Uvh jdk-8u181-linux-x64.rpm
然后:
vim /etc/profile
在文件最后增加下面的行:
export JAVA_HOME=/usr/java/jdk1.8.0_181-amd64 export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar export PATH=$PATH:$JAVA_HOME/bin
CentOS7安装Neo4J 4.x
rpm --import https://debian.neo4j.com/neotechnology.gpg.key cat <<EOF> /etc/yum.repos.d/neo4j.repo [neo4j] name=Neo4j Yum Repo baseurl=https://yum.neo4j.com/stable/4.4 enabled=1 gpgcheck=1 EOF
sudo yum install neo4j
允许监听所有的ip:
vim /etc/neo4j/neo4j.conf +71
取消该行的注释
dbms.default_listen_address=0.0.0.0
允许开机自启动:
systemctl enable neo4j
vim /usr/lib/systemd/system/neo4j.service +11
设置neo4j的专用jdk,将该行修改为:
Environment="NEO4J_CONF=/etc/neo4j" "NEO4J_HOME=/var/lib/neo4j" "JAVA_HOME=/usr/lib/jvm/java-11-openjdk-11.0.21.0.9-1.el7_9.x86_64"
保存后,重启neo4j:
systemctl daemon-reload
systemctl restart neo4j
systemctl status neo4j
添加防火墙:
firewall-cmd --permanent --add-port=7474/tcp
firewall-cmd --permanent --add-port=7687/tcp
firewall-cmd --reload
修改neo4j-admin:
vim /usr/bin/neo4j-admin
在最后一行的最前面增加:
JAVA_HOME="/usr/lib/jvm/java-11-openjdk-11.0.21.0.9-1.el7_9.x86_64"
使得最后一行变为:
JAVA_HOME="/usr/lib/jvm/java-11-openjdk-11.0.21.0.9-1.el7_9.x86_64" NEO4J_HOME="${NEO4J_HOME:-/var/lib/neo4j}" NEO4J_CONF="${NEO4J_CONF:-/etc/neo4j}" exec "${SCRIPT_PATH}" "$@"
还原数据库:
neo4j-admin load --from=/root/data.dump --database=zhuangbei --force
win10中 git 设置只代理某些地址的办法:
git config --global http.https://github.com.proxy socks5://127.0.0.1:10808 git config --global http.https://huggingface.co.proxy socks5://127.0.0.1:10808
ubuntu 查看 glibc 版本:
strings /lib/x86_64-linux-gnu/libc.so.6 | grep GLIBC_
ubuntu 18.04 + nvidia tesla v100s 安装 cuda 12.1.1 和 pytorch
安装cuda12.1.1:
下载:
wget https://developer.download.nvidia.com/compute/cuda/12.1.1/local_installers/cuda_12.1.1_530.30.02_linux.run
执行安装程序:
sudo sh cuda_12.1.1_530.30.02_linux.run
配置环境变量:
vim /etc/profile
#在最后面增加:
#cuda
export PATH=/usr/local/cuda-12.1/bin${PATH:+:${PATH}}
export LD_LIBRARY_PATH=/usr/local/cuda-12.1/lib64${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}
使环境变量生效:
source /etc/profile
测试:
nvidia-smi
返回:
Sat Dec 2 08:08:31 2023
+---------------------------------------------------------------------------------------+
| NVIDIA-SMI 530.30.02 Driver Version: 530.30.02 CUDA Version: 12.1 |
|-----------------------------------------+----------------------+----------------------+
| GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC |
| Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. |
| | | MIG M. |
|=========================================+======================+======================|
| 0 Tesla V100S-PCIE-32GB Off| 00000000:00:0C.0 Off | 0 |
| N/A 27C P0 38W / 250W| 0MiB / 32768MiB | 0% Default |
| | | N/A |
+-----------------------------------------+----------------------+----------------------+
| 1 Tesla V100S-PCIE-32GB Off| 00000000:00:0D.0 Off | 0 |
| N/A 26C P0 35W / 250W| 0MiB / 32768MiB | 0% Default |
| | | N/A |
+-----------------------------------------+----------------------+----------------------+
| 2 Tesla V100S-PCIE-32GB Off| 00000000:00:0E.0 Off | 0 |
| N/A 24C P0 36W / 250W| 0MiB / 32768MiB | 0% Default |
| | | N/A |
+-----------------------------------------+----------------------+----------------------+
| 3 Tesla V100S-PCIE-32GB Off| 00000000:00:0F.0 Off | 0 |
| N/A 25C P0 36W / 250W| 0MiB / 32768MiB | 5% Default |
| | | N/A |
+-----------------------------------------+----------------------+----------------------+
+---------------------------------------------------------------------------------------+
| Processes: |
| GPU GI CI PID Type Process name GPU Memory |
| ID ID Usage |
|=======================================================================================|
| No running processes found |
+---------------------------------------------------------------------------------------+
conda 安装 pytorch :
conda install pytorch torchvision torchaudio pytorch-cuda=12.1 -c pytorch -c nvidia
ubuntu 18.04离线安装 docker 和 docker-compose
上传所有文件 dpkg -i containerd.io_1.6.21-1_amd64.deb dpkg -i docker-ce-cli_24.0.2-1~ubuntu.18.04~bionic_amd64.deb dpkg -i docker-ce_24.0.2-1~ubuntu.18.04~bionic_amd64.deb dpkg -i docker-compose-plugin_2.6.0~ubuntu-bionic_amd64.deb sudo systemctl start docker sudo systemctl enable docker chmod +x docker-compose-linux-x86_64 mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose 验证: docker version docker-compose version
ubuntu 安装 nvidia docker runtime:
curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list && sudo apt-get update sudo apt-get install -y nvidia-container-toolkit sudo nvidia-ctk runtime configure --runtime=docker vim /etc/docker/daemon.json
编写启动脚本,运行langchain-chatchat,适用于需要激活conda的虚拟环境后再启动项目的情况:
#!/bin/bash # change work dir cd /root/chatchat/Langchain-Chatchat /root/anaconda3/bin/conda init bash # activate conda env source /root/anaconda3/bin/activate chatchat # run Python script and redirect output to log file. # run in docker: #python /root/chatchat/Langchain-Chatchat/openai_api.py #run in shell: python /root/chatchat/Langchain-Chatchat/startup.py -a >> /root/chatchat/Langchain-Chatchat/chatchat.log 2>&1 & disown
RuntimeError: CUDA error: uncorrectable ECC error encountered 时查看GPU ECC状态的方法:
nvidia-smi -q -d ECC
安装conda后,如果没有设置自动配置base环境,可以设置环境变量:
vim ~/.bashrc
# >>> conda initialize >>> # !! Contents within this block are managed by 'conda init' !! __conda_setup="$('/root/anaconda3/bin/conda' 'shell.bash' 'hook' 2> /dev/null)" if [ $? -eq 0 ]; then eval "$__conda_setup" else if [ -f "/root/anaconda3/etc/profile.d/conda.sh" ]; then . "/root/anaconda3/etc/profile.d/conda.sh" else export PATH="/root/anaconda3/bin:$PATH" fi fi unset __conda_setup # <<< conda initialize <<<
source vim ~/.bashrc
可以重启后观察是否自动生效。
server 2019 远程桌面连接数限制:
先要修改组策略:
-
打开“组策略管理编辑器”(Group Policy Management Editor)。可以通过运行
gpedit.msc命令打开。 -
导航到如下路径:
- 计算机配置 (Computer Configuration)
- 管理模板 (Administrative Templates)
- Windows 组件 (Windows Components)
- 远程桌面服务 (Remote Desktop Services)
- 远程桌面会话主机 (Remote Desktop Session Host)
- 连接 (Connections)
-
在右侧找到并双击“限制连接的数量”(Limit number of connections)策略设置。
-
选择“已启用”(Enabled),并在下面的“TS允许的最大连接数”(Maximum connections allowed) 设置框中输入你想要的最大连接数(例如,如果需要超过默认的2个连接,可以设置为更大的数字)。
-
应用更改,并等待组策略刷新生效(可以通过运行命令
gpupdate /force来强制立即更新)。
网页中点击下一步,选择 Server 2019 远程桌面服务每设备客户端访问许可证,协议号码可以填写6565792 , 4954438 , 6879321或者5296992,数量可以填写任意:
CDH5 测试集群HDFS读写性能 的方法(预先备份需要缩减的分区的数据,此处以/home目录为例,操作过程大概率会导致分区无法挂载,慎重。):
创建目录: hadoop fs -mkdir /testdfsio 测试写: hadoop jar /opt/cloudera/parcels/CDH/lib/hadoop-mapreduce/hadoop-mapreduce-client-jobclient-*-tests.jar TestDFSIO \ -write -nrFiles 5 -fileSize 1000 -bufferSize 64 \ -resFile /tmp/testdfsio_results_write.txt 测试读: hadoop jar /opt/cloudera/parcels/CDH/lib/hadoop-mapreduce/hadoop-mapreduce-client-jobclient-*-tests.jar TestDFSIO \ -read -nrFiles 5 -fileSize 1000 \ -resFile /tmp/testdfsio_results_read.txt
CentOS7 中从逻辑卷 /dev/centos/home 挂载的 /home 目录 缩减2G空间并创建新的逻辑卷的方法:
1. 检查当前的LVM情况 vgdisplay centos lvdisplay /dev/centos/home 2. 缩减现有逻辑卷 lvreduce -L -2G /dev/centos/home xfs_growfs /dev/centos/home # 对于ext4文件系统;ext4,请使用 resize2fs 3. 创建新的逻辑卷 lvcreate -n lvm_neo4j -L 2G centos 4. 格式化新的逻辑卷 mkfs.xfs /dev/centos/lvm_neo4j # ext4,请使用 mkfs.ext4 5. 创建挂载点并挂载新逻辑卷 mkdir /lvm_neo4j mount /dev/centos/lvm_neo4j /lvm_neo4j 6. 配置开机自动挂载 echo "/dev/centos/lvm_neo4j /lvm_neo4j xfs defaults 0 0" >> /etc/fstab 7. 检查配置 mount -a df -hT 请确保在执行这些命令前,/dev/centos/home 逻辑卷确实有足够的未分配空间来进行缩减,并且在缩减之前已经备份了重要数据。另外,根据系统实际情况,可能需要调整分区大小和文件系统类型等参数。 mkfs.xfs -f /dev/centos/home
reboot
如果出现 无法启动操作系统的情况,则默认会进入救援模式,输入密码后,执行:
mkfs.xfs -f /dev/centos/home
reboot
再次检查分区挂载情况 df -hT
在CentOS7中下载需要离线安装的软件包:
yumdownloader --resolve gfs2-utils.x86_64
麒麟V10 删除备份分区,扩展、增加根目录的容量:
1.先查看备份分区大小,这里查到是29.1G [root@ky10-16-72 ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 100G 0 disk ├─sda1 8:1 0 200M 0 part /boot/efi ├─sda2 8:2 0 1G 0 part /boot └─sda3 8:3 0 98.8G 0 part ├─klas-root 252:0 0 59.7G 0 lvm / ├─klas-swap 252:1 0 10G 0 lvm [SWAP] └─klas-backup 252:2 0 29.1G 0 lvm sr0 11:0 1 4G 0 rom /run/media/root/Kylin-Server-10 2.然后从逻辑卷中删除此逻辑卷:/dev/mapper/klas-backup [root@ky10-16-72 ~]# lvremove /dev/mapper/klas-backup Do you really want to remove active logical volume klas/backup? [y/n]: y Logical volume "backup" successfully removed 3.扩展根分区逻辑卷 /dev/mapper/klas-root [root@ky10-16-72 ~]# lvextend -L +29.1G /dev/mapper/klas-root Rounding size to boundary between physical extents: 29.10 GiB. Size of logical volume klas/root changed from <59.67 GiB (15275 extents) to <88.77 GiB (22725 extents). Logical volume klas/root successfully resized. 4.扩容根分区 / [root@ky10-16-72 ~]# xfs_growfs / meta-data=/dev/mapper/klas-root isize=512 agcount=4, agsize=3910400 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=1, sparse=1, rmapbt=0 = reflink=0 data = bsize=4096 blocks=15641600, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0, ftype=1 log =internal log bsize=4096 blocks=7637, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 data blocks changed from 15641600 to 23270400 5.验证 [root@ky10-16-72 ~]# df -Th 文件系统 类型 容量 已用 可用 已用% 挂载点 devtmpfs devtmpfs 32G 0 32G 0% /dev tmpfs tmpfs 32G 256K 32G 1% /dev/shm tmpfs tmpfs 32G 21M 32G 1% /run tmpfs tmpfs 32G 0 32G 0% /sys/fs/cgroup /dev/mapper/klas-root xfs 89G 8.0G 81G 9% / tmpfs tmpfs 32G 192K 32G 1% /tmp /dev/sda2 xfs 1014M 350M 665M 35% /boot /dev/sda1 vfat 200M 5.8M 195M 3% /boot/efi tmpfs tmpfs 6.4G 704K 6.4G 1% /run/user/0 /dev/sr0 iso9660 4.0G 4.0G 0 100% /run/media/root/Kylin-Server-10
CentOS7 查看SSH登录失败最多的IP,倒序排列:
sudo grep "Failed password" /var/log/secure | awk '{print $(NF-3)}' | sort | uniq -c | sort -nr
ubuntu中查看SSH登录失败最多的IP,倒序排列:
sudo grep "Failed password" /var/log/auth.log | awk '{print $(NF-3)}' | sort | uniq -c | sort -nr
CentOS7 安装 fail2ban 屏蔽SSH暴力破解:
yum install fail2ban -y cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local vi /etc/fail2ban/jail.local 忽略你自己的网段: ignoreip = 127.0.0.1/8 ::1 你自己的网段/24
systemctl enable fail2ban
systemctl start fail2ban
fail2ban-client ping
tail -f /var/log/fail2ban.log
////////////////////////////////
////////Sixi. Let it be.../////
//////////////////////////////
