CentOs7

简介: http://www.sa-log.com/276.html  https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Using_the_Command_Line_Interface.

http://www.sa-log.com/276.html

 https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Using_the_Command_Line_Interface.html

 

关于命令和操作系统简单优化的步骤如下:

———————————-大家好,我是分割线,虽然我并不华丽———————————-

网络命令参考

ip  [选项]  操作对象{link|addr|route…}
# ip link show                  # 显示网络接口信息
# ip link set eth0 upi          # 开启网卡
# ip link set eth0 down         # 关闭网卡
# ip link set eth0 promisc on   # 开启网卡的混合模式
# ip link set eth0 promisc offi # 关闭网卡的混个模式
# ip link set eth0 txqueuelen 1200    # 设置网卡队列长度
# ip link set eth0 mtu 1400     # 设置网卡最大传输单元
# ip addr show                  # 显示网卡IP信息
# ip addr add 192.168.0.1/24 dev eth0 # 设置eth0网卡IP地址192.168.0.1
# ip addr del 192.168.0.1/24 dev eth0 # 删除eth0网卡IP地址

# ip route list                 # 查看路由信息
# ip route add 192.168.4.0/24  via  192.168.0.254 dev eth0 # 设置192.168.4.0网段的网关为192.168.0.254,数据走eth0接口
# ip route add default via  192.168.0.254  dev eth0    # 设置默认网关为192.168.0.254
# ip route del 192.168.4.0/24    # 删除192.168.4.0网段的网关
# ip route del default    # 删除默认路由

# 查看网络接口信息

[root@test ~]# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:e9:5d:7f brd ff:ff:ff:ff:ff:ff

# 查看网卡信息

[root@test ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:e9:5d:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.23.131/24 brd 192.168.23.255 scope global dynamic eno16777736
valid_lft 1383sec preferred_lft 1383sec
inet6 fe80::20c:29ff:fee9:5d7f/64 scope link
valid_lft forever preferred_lft forever

# 查看路由表

[root@test ~]# ip route list
default via 192.168.23.2 dev eno16777736  proto static  metric 100
192.168.23.0/24 dev eno16777736  proto kernel  scope link  src 192.168.23.131  metric 100

# 添加静态路由,因为路由已经存在了.就仅供参考吧

[root@test ~]# ip route add 192.168.23.0/24 via 192.168.23.2 dev eno16777736
RTNETLINK answers: File exists
[root@test ~]# ip route list
default via 192.168.23.2 dev eno16777736  proto static  metric 100
192.168.23.0/24 dev eno16777736  proto kernel  scope link  src 192.168.23.131
192.168.23.0/24 dev eno16777736  proto kernel  scope link  src 192.168.23.131  metric 100

# ip route 指令对路由的修改不能保存,重启就没了.把 ip route 添加到 /etc/rc.local 也没用.
# 永久静态路由需要写到 /etc/sysconfig/network-scripts/route-interface 文件中,比如添加两条静态路由:

[root@centos7 ~]echo "10.15.150.0/24 via 192.168.150.253 dev eno16777736" > /etc/sysconfig/network-scripts/route-eno16777736

# 系统自带的另外一个网络设置工具,详细命令请自行搜索.

[root@test ~]# nmcli
Usage: nmcli [OPTIONS] OBJECT { COMMAND | help }

OPTIONS
-t[erse]                                   terse output
-p[retty]                                  pretty output
-m[ode] tabular|multiline                  output mode
-f[ields] <field1,field2,...>|all|common   specify fields to output
-e[scape] yes|no                           escape columns separators in values
-n[ocheck]                                 don't check nmcli and NetworkManager versions
-a[sk]                                     ask for missing parameters
-w[ait] <seconds>                          set timeout waiting for finishing operations
-v[ersion]                                 show program version
-h[elp]                                    print this help

OBJECT
g[eneral]       NetworkManager's general status and operations
n[etworking]    overall networking control
r[adio]         NetworkManager radio switches
c[onnection]    NetworkManager's connections
d[evice]        devices managed by NetworkManager
a[gent]         NetworkManager secret agent or polkit agent

# 查看接口信息

[root@test ~]# nmcli con show
NAME         UUID                                  TYPE            DEVICE
eno16777736  10bb4ba5-df5f-4d06-8955-e7ba28f86508  802-3-ethernet  eno16777736

# 在CentOS7下面,也有tui的命令
# nmtui 命令要小心.在编辑的时候千万别禁用了网卡.不然就惨了. 一定小心

# CentOS7重启网卡的命令如下

systemctl restart network.service

# 在CentOS7里面,默认是没有network命令的,可以用如下命令来添加network服务 用于重启网卡

yum install NetworkManager

———————————-大家好,我是分割线,虽然我并不华丽———————————-

服务的控制

CentOS 7 已经切换到 systemd,系统指令也有所变化.之前用于启动、重启、停止各种服务的 service 作为向后兼容的指令还能使用,但是将来可能会消失.同时,chkconfig 也改成了 systemctl 了.这里列举了一些常用的对应于 service 和 chkconfig 的新的 systemctl 指令.
在目前的 CentOS 7(或 RHEL 7)系统中,依然可以使用 service 指令.例如,

[root@localhost ~]# service network restart
Restarting network (via systemctl):                        [  OK  ]

[root@localhost ~]# service httpd restart
Redirecting to /bin/systemctl restart  httpd.service

[root@localhost ~]# service sshd restart
Redirecting to /bin/systemctl restart  sshd.service

但是系统会自动重定向该指令到新的指令 /bin/systemctl 来执行,并给出提示.

启动服务:

systemctl start httpd

停止服务:

systemctl stop httpd

重启服务(先停止,后启动):

systemctl restart httpd

重新加载(使用新的配置文件):

systemctl reload httpd

显示服务状态:

systemctl status httpd

与此同时,之前用于设定系统启动时自动运行某服务的指令 chkconfig 也改了,还是用 systemctl.

chkconfig service on
改成了,
systemctl enable httpd

扫描改动过的服务

systemctl daemon-reload
chkconfig service off
改成了,
systemctl disable httpd

检查服务状态的

chkconfig service
改成了,
systemctl is-enabled httpd

列举出所有服务的指令,

chkconfig –list
改成了,
systemctl list-unit-files --type=service

以前能指定服务 runlevel 的 –levels 也没有了.慢慢适应吧.

———————————-大家好,我是分割线,虽然我并不华丽———————————-

# 修改CentOS7网卡名称的方法如下.
# 关于CentOS7网卡名称的详细介绍,请看文章底部.

# 首先,让我们来禁用该可预测命名规则.对于这一点,你可以在启动时传递”net.ifnames=0″的内核参数.这是通过编辑/etc/default/grub并加入”net.ifnames=0″到GRUBCMDLINELINUX变量来实现的.
# 还可以在 GRUB_CMDLINE_LINUX 加入ipv6.disable=1 用于关闭ipv6
# 操作步骤如下

[root@test ~]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet net.ifnames=0"
GRUB_DISABLE_RECOVERY="true"
[root@test ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-229.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-229.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-be58931139f24432a5795998159371f9
Found initrd image: /boot/initramfs-0-rescue-be58931139f24432a5795998159371f9.img
done

# 编辑 /etc/udev/rules.d/70-persistent-net.rules 文件 内容如下

[root@test ~]# cat /etc/udev/rules.d/70-persistent-ipoib.rules
# This is a sample udev rules file that demonstrates how to get udev to
# set the name of IPoIB interfaces to whatever you wish.  There is a
# 16 character limit on network device names though, so don't go too nuts
#
# Important items to note: ATTR{type}=="32" is IPoIB interfaces, and the
# ATTR{address} match must start with ?* and only reference the last 8
# bytes of the address or else the address might not match on any given
# start of the IPoIB stack
#
# Note: as of rhel7, udev is case sensitive on the address field match
# and all addresses need to be in lower case.
#
# ACTION=="add", SUBSYSTEM=="net", DRIVERS=="?*", ATTR{type}=="32", ATTR{address}=="?*00:02:c9:03:00:31:78:f2", NAME="mlx4_ib3"
ACTION=="add", SUBSYSTEM=="net", DRIVERS=="?*", ATTR{type}=="32", ATTR{address}=="?*00:02:c9:03:00:31:78:f2", NAME="eth0"

# 重启操作系统.
# 剩下的操作,就和CentOS6一样了.记得修改/etc/sysconfig/network-scripts相关文件

———————————-大家好,我是分割线,虽然我并不华丽———————————-

# 如果还想使用 ifconfig 等网络命令,可以使用yum来安装

yum install net-tools

# 安装系统常用的软件包

yum -y install strace sysstat gcc gcc-c++ make lrzsz ntp iptraf openssl-devel libtool-ltdl unixODBC ncurses-devel bind-utils unzip \
pcre-devel libevent-devel vim-common vim-enhanced e4fsprogs OpenIPMI OpenIPMI-tools perl-devel telnet lftp dos2unix wget traceroute

# 把vim加入到环境变量

echo alias vi='vim' >> /etc/bashrc

# 添加lib目录到 共享库

echo "/usr/local/lib/" >> /etc/ld.so.conf

# 修改记录格式

echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile

# 修改记录条数

sed -i "s/HISTSIZE=1000/HISTSIZE=999999999/" /etc/profile

# 关闭ssh的反解

echo 'UseDNS no' >> /etc/ssh/sshd_config

# 优化ulimit

echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.conf

echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.d/20-nproc.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.d/20-nproc.conf

# 优化内核参数

echo "#-------------insert-------------" >> /etc/sysctl.conf
echo "net.core.netdev_max_backlog = 32768" >> /etc/sysctl.conf
echo "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo "net.core.somaxconn = 32768" >> /etc/sysctl.conf
echo "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo "net.ipv4.ip_local_port_range = 5000    65000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_syn_backlog = 65536" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syn_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf

/sbin/sysctl -p

# 关闭系统不需要的服务

systemctl disable auditd.service
systemctl disable irqbalance.service
systemctl disable lvm2-monitor.service
systemctl disable postfix.service

———————————-大家好,我是分割线,虽然我并不华丽———————————-

在CentOS7,我想将分配的网络接口名更改为别的名字.有什么合适的方法来来重命名CentOS或RHEL7的网络接口?
传统上,Linux的网络接口被枚举为eth[0123...],但这些名称并不一定符合实际的硬件插槽,PCI位置,USB接口数量等,这引入了一个不 可预知的命名问题(例如,由于不确定的设备探测行为),这可能会导致不同的网络配置错误(例如,由无意的接口改名引起的禁止接口或者防火墙旁路).基于 MAC地址的udev规则在虚拟化的环境中并不有用,这里的MAC地址如端口数量一样无常.
CentOS/RHEL6引入了一致和可预测的网络设备命名网络接口的方法.这些特性可以唯一地确定网络接口的名称以使定位和区分设备更容易,并且在这样 一种方式下,无论是否重启机器、过了多少时间、或者改变硬件,其名字都是持久不变的.然而,这种命名规则并不是默认在CentOS/RHEL6上开启.

从CentOS/RHEL7起,这种可预见的命名规则变成了默认.根据这一规则,接口名称被自动基于固件,拓扑结构和位置信息来确定.现在,即使添加或移除网络设备,接口名称仍然保持固定,而无需重新枚举,和坏掉的硬件可以无缝替换.

* 基于接口类型的两个字母前缀:
*   en -- 以太网
*   sl -- 串行线路IP (slip)
*   wl -- wlan
*   ww -- wwan
*
* 名字类型:
*   b<number>                             -- BCMA总线和新书
*   ccw<name>                             -- CCW总线组名
*   o<index>                              -- 车载设备的索引号
*   s<slot>[f<function>][d<dev_port>]     -- 热插拔插槽索引号
*   x<MAC>                                -- MAC 地址
*   [P<domain>]p<bus>s<slot>[f<function>][d<dev_port>]
*                                         -- PCI 位置
*   [P<domain>]p<bus>s<slot>[f<function>][u<port>][..]1[i<interface>]
*                                         -- USB端口号链

新的命名方案的一个小的缺点是接口名称相比传统名称有点难以阅读.例如,你可能会发现像enp0s3名字.再者,你再也无法来控制接口名了.
如果由于某种原因,你喜欢旧的方式,并希望能够选择任意名称分配给Cent

目录
相关文章
|
Linux Shell 网络安全
CentOS这些情况你一定遇到过
CentOS这些情况你一定遇到过
|
存储 监控 关系型数据库
centos 8.2 指南(2)
centos 8.2 指南(2)
centos 8.2 指南(2)
|
存储 Java Linux
centos 8.2 指南(1)
centos 8.2 指南(1)
|
消息中间件 Oracle NoSQL
对centos的了解
对centos的了解
|
JavaScript Linux
|
JavaScript Linux 前端开发
|
开发工具