目录
1. 安装一个全新的虚拟机
- 在VMware中安装了一台Centos7系统虚拟机, 虚拟机系统主机名为 centos.mini.01
- 查看一下系统安装时间:
bash[root@centos ~]# rpm -q --qf '%{INSTALLTIME} (%{INSTALLTIME:date}) %{NAME}\n' basesystem
1715238891 (Thu 09 May 2024 03:14:51 PM CST) basesystem
2. 网络配置成静态IP,yum仓库修改到阿里云的yum源
修改阿里源
- 安装vim
bash[root@centos yum.repos.d]# yum install vim
- 切换目录到yum源仓库
bash[root@centos yum.repos.d]# cd /etc/yum.repos.d/
[root@centos yum.repos.d]# ls
CentOS-Base.repo CentOS-CR.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Media.repo CentOS-Sources.repo CentOS-Vault.repo
- 安装 wget
bash[root@centos yum.repos.d]# yum install wget
- 将系统源备份
bash[root@centos yum.repos.d]# mv *.repo back/
[root@centos yum.repos.d]# ls
back
- 前往阿里云CentOS 镜像
- 阿里云CentOS7yum源地址: CentOS 镜像
- 下载阿里云CentOS镜像源
bash[root@centos yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@centos yum.repos.d]# ls
back CentOS-Base.repo
- 清除并更新 YUM 缓存
bash[root@centos yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up list of fastest mirrors
[root@centos yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.cloud.aliyuncs.com
* extras: mirrors.cloud.aliyuncs.com
* updates: mirrors.cloud.aliyuncs.com
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/10): base/7/x86_64/group_gz | 153 kB 00:00:00
(2/10): base/7/x86_64/filelists_db | 7.2 MB 00:00:08
(3/10): extras/7/x86_64/filelists_db | 305 kB 00:00:00
(4/10): extras/7/x86_64/primary_db | 253 kB 00:00:00
(5/10): extras/7/x86_64/other_db | 154 kB 00:00:00
(6/10): base/7/x86_64/primary_db | 6.1 MB 00:00:09
(7/10): base/7/x86_64/other_db | 2.6 MB 00:00:03
(8/10): updates/7/x86_64/filelists_db | 14 MB 00:00:26
(9/10): updates/7/x86_64/other_db | 1.6 MB 00:00:04
(10/10): updates/7/x86_64/primary_db | 27 MB 00:00:43
Metadata Cache Created
修改静态IP
- 进入网络配置目录并查看当前网络状态
bash[root@centos ~]# cd /etc/sysconfig/network-scripts/
[root@centos network-scripts]# ls
ifcfg-ens33 ifdown-eth ifdown-post ifdown-Team ifup-aliases ifup-ipv6 ifup-post ifup-Team init.ipv6-global
ifcfg-lo ifdown-ippp ifdown-ppp ifdown-TeamPort ifup-bnep ifup-isdn ifup-ppp ifup-TeamPort network-functions
ifdown ifdown-ipv6 ifdown-routes ifdown-tunnel ifup-eth ifup-plip ifup-routes ifup-tunnel network-functions-ipv6
ifdown-bnep ifdown-isdn ifdown-sit ifup ifup-ippp ifup-plusb ifup-sit ifup-wireless
[root@centos network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:da:a6:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.12.128/24 brd 192.168.12.255 scope global noprefixroute dynamic ens33
valid_lft 1576sec preferred_lft 1576sec
inet6 fe80::2108:92a:618e:5960/64 scope link noprefixroute
valid_lft forever preferred_lft forever
- 查看ens33接口配置信息
bash[root@centos network-scripts]# vim ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="dhcp"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="b766b55c-6498-4c6c-99d4-c4a1c63d3869"
DEVICE="ens33"
ONBOOT="yes"
- 修改配置为静态ip
- 指定具体的静态 IP 地址、子网掩码和网关
- IP 地址设置为 192.168.12.128
- 子网掩码设置为 255.255.255.0
- 网关设置为 192.168.12.2
bashTYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="b766b55c-6498-4c6c-99d4-c4a1c63d3869"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.12.128"
NETMASK="255.255.255.0"
GATEWAY="192.168.12.2"
- 重启网络服务使修改生效
bash[root@centos network-scripts]# systemctl restart network
- 再次查看网络状态
bash[root@centos ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:da:a6:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.12.128/24 brd 192.168.12.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::2108:92a:618e:5960/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3. 安装nginx软件包,并将nginx服务设置开机自启动
- 源码安装nginx
- 下载下载源码文件并解压缩
bash[root@centos ~]# yum install nginx
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.cloud.aliyuncs.com
* extras: mirrors.cloud.aliyuncs.com
* updates: mirrors.cloud.aliyuncs.com
No package nginx available.
Error: Nothing to do
[root@centos ~]# wget https://nginx.org/download/nginx-1.24.0.tar.gz
--2024-05-09 19:57:17-- https://nginx.org/download/nginx-1.24.0.tar.gz
Resolving nginx.org (nginx.org)... 198.18.0.87
Connecting to nginx.org (nginx.org)|198.18.0.87|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1112471 (1.1M) [application/octet-stream]
Saving to: ‘nginx-1.24.0.tar.gz’
100%[======================================================================================================================>] 1,112,471 676KB/s in 1.6s
2024-05-09 19:57:20 (676 KB/s) - ‘nginx-1.24.0.tar.gz’ saved [1112471/1112471]
[root@centos ~]# ls
anaconda-ks.cfg nginx-1.24.0.tar.gz
[root@centos ~]# tar -xzf nginx-1.24.0.tar.gz
[root@centos ~]# ls
anaconda-ks.cfg nginx-1.24.0 nginx-1.24.0.tar.gz
- 安装依赖
bashyum install gcc yum install pcre pcre-devel yum install zlib zlib-devel
- 配置(未指定安装目录, 安装至默认位置 </usr/local/nginx>)
bash[root@centos ~]# cd nginx-1.24.0/
[root@centos nginx-1.24.0]# ./configure
- 编译
bash[root@centos nginx-1.24.0]# make
- 安装
bash[root@centos nginx-1.24.0]# make install
- 检查是否安装成功
bash[root@centos nginx-1.24.0]# cd /usr/local/nginx/
[root@centos nginx]# ls
conf html logs sbin
[root@centos nginx]# cd sbin/
[root@centos sbin]# ./nginx
[root@centos sbin]# iptables -F
- 启动成功
- 创建.server 系统服务
bash[root@centos sbin]# vim /etc/systemd/system/nginx.service
# [Unit]
[Unit]
# 服务简单描述
Description=The nginx HTTP and reverse proxy server
# 服务启动 target 代表网络可用
After=network.target
# [Service]
[Service]
# 启动 Nginx 进程
ExecStart=/usr/local/nginx/sbin/nginx
# 停止服务
ExecStop=/bin/kill -s QUIT $MAINPID
# [Install]
[Install]
WantedBy=multi-user.target
- 重新加载systemd的配置
bash[root@centos sbin]# systemctl daemon-reload
- 设置Nginx为开机启动
bash[root@centos sbin]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /etc/systemd/system/nginx.service.
4. 现在测试团队: qa,开发团队 每个组两个人,名字自取。 需要使用你这台虚拟机,请为他们创建用户并规划各用户的工作目录.
要求1:一个团队内的成员可以相互查看成员的文件,可以在成员工作目录下创建和修改文件,但 不能删除别人的文件。不同团队之间只能看,不能新建,不能修改不能删除
要求2:控制两个团队的工作目录大小,每个团队的工作目录最大空间为2G
创建用户和目录并设置相应权限
-
创建用户和组:
- 创建两个组
bash[root@centos ~]# groupadd qa [root@centos ~]# groupadd dev- 创建四个用户并将他们添加到相应的组
bash[root@centos ~]# useradd -m -g qa qa1 [root@centos ~]# useradd -m -g qa qa2 [root@centos ~]# useradd -m -g dev dev1 [root@centos ~]# useradd -m -g dev dev2 -
创建工作目录
- 在虚拟机上添加磁盘
bash[root@centos ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 10G 0 disk ├─sda1 8:1 0 800M 0 part /boot └─sda2 8:2 0 9.2G 0 part ├─centos-root 253:0 0 7.2G 0 lvm / └─centos-swap 253:1 0 2G 0 lvm [SWAP] sdb 8:16 0 5G 0 disk sr0 11:0 1 918M 0 romsdb即为添加的硬盘
- 创建工作目录work并添加相对应组的工作目录
bash[root@centos ~]# mkdir /work [root@centos ~]# ls anaconda-ks.cfg nginx-1.24.0 nginx-1.24.0.tar.gz [root@centos ~]# ls / bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var work [root@centos ~]# mkdir /work/qa /work/dev [root@centos ~]# ls anaconda-ks.cfg nginx-1.24.0 nginx-1.24.0.tar.gz [root@centos ~]# ls /work/ dev qa-
将磁盘sdb分区并挂载到dev 和 qa 目录下
- 分出各2G的磁盘空间并且格式化磁盘
bash[root@centos ~]# fdisk /dev/sdb Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0x211169d9. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): p Partition number (1-4, default 1): 1 First sector (2048-10485759, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-10485759, default 10485759): +2G Partition 1 of type Linux and of size 2 GiB is set Command (m for help): n Partition type: p primary (1 primary, 0 extended, 3 free) e extended Select (default p): p Partition number (2-4, default 2): 2 First sector (4196352-10485759, default 4196352): Using default value 4196352 Last sector, +sectors or +size{K,M,G} (4196352-10485759, default 10485759): +2G Partition 2 of type Linux and of size 2 GiB is set Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. [root@centos ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 10G 0 disk ├─sda1 8:1 0 800M 0 part /boot └─sda2 8:2 0 9.2G 0 part ├─centos-root 253:0 0 7.2G 0 lvm / └─centos-swap 253:1 0 2G 0 lvm [SWAP] sdb 8:16 0 5G 0 disk ├─sdb1 8:17 0 2G 0 part └─sdb2 8:18 0 2G 0 part sr0 11:0 1 918M 0 rom [root@centos ~]# mkfs.ext4 /dev/sdb1 mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 131072 inodes, 524288 blocks 26214 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=536870912 16 block groups 32768 blocks per group, 32768 fragments per group 8192 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912 Allocating group tables: done Writing inode tables: done Creating journal (16384 blocks): done Writing superblocks and filesystem accounting information: done [root@centos ~]# mkfs.ext4 /dev/sdb2 mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 131072 inodes, 524288 blocks 26214 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=536870912 16 block groups 32768 blocks per group, 32768 fragments per group 8192 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912 Allocating group tables: done Writing inode tables: done Creating journal (16384 blocks): done Writing superblocks and filesystem accounting information: done- 挂载磁盘到dev 和 qa 目录
bash[root@centos ~]# blkid /dev/sdb1 /dev/sdb1: UUID="81a3f9d2-4dcd-4bb4-9dcb-69c403826b11" TYPE="ext4" [root@centos ~]# blkid /dev/sdb2 /dev/sdb2: UUID="a1873ce6-a57b-4d3c-81f7-6bf993c50e24" TYPE="ext4" [root@centos ~]#vim /etc/fstab # # /etc/fstab # Created by anaconda on Thu May 9 15:14:44 2024 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=9ec0e373-96a7-4794-a982-e5fe2cfedc93 /boot xfs defaults 0 0 /dev/mapper/centos-swap swap swap defaults 0 0 UUID=81a3f9d2-4dcd-4bb4-9dcb-69c403826b11 /work/dev ext4 defaults 0 0 UUID=a1873ce6-a57b-4d3c-81f7-6bf993c50e24 /work/qa ext4 defaults 0 0 [root@centos ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 7.3G 1.7G 5.6G 23% / devtmpfs 475M 0 475M 0% /dev tmpfs 487M 0 487M 0% /dev/shm tmpfs 487M 7.7M 479M 2% /run tmpfs 487M 0 487M 0% /sys/fs/cgroup /dev/sda1 797M 133M 665M 17% /boot tmpfs 98M 0 98M 0% /run/user/0 /dev/sdb1 2.0G 6.0M 1.8G 1% /work/dev /dev/sdb2 2.0G 6.0M 1.8G 1% /work/qa
-
设置相关目录权限
bash[root@centos ~]# chown -R :qa /work/qa [root@centos ~]# chown -R :dev /work/dev [root@centos ~]# chmod 2775 /work/qa [root@centos ~]# chmod 2775 /work/dev [root@centos ~]# ll -d /work/ drwxr-xr-x. 4 root root 27 May 11 10:18 /work/ [root@centos ~]# ll -d /work/qa/ drwxrwsr-x. 3 root qa 4096 May 11 10:24 /work/qa/ [root@centos ~]# ll -d /work/dev drwxrwsr-x. 3 root dev 4096 May 11 10:24 /work/dev2 是一个特殊的权限,称为 "setgid"。当 setgid 设置在一个目录上时,该目录下创建的所有文件和子目录都会继承该目录的组ID,而不是创建文件的用户的组ID。如果一个 qa 组的用户在 /work/qa 目录下创建一个文件,那么这个文件的组就会被设置为 qa。
-
设置用户的主目录
bash[root@centos ~]# usermod -d /work/qa qa1
[root@centos ~]# usermod -d /work/qa qa2
[root@centos ~]# usermod -d /work/dev dev1
[root@centos ~]# usermod -d /work/dev dev2
- 查看一下用户信息
bash[root@centos ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
qa1:x:1000:1000::/work/qa:/bin/bash
qa2:x:1001:1000::/work/qa:/bin/bash
dev1:x:1002:1001::/work/dev:/bin/bash
dev2:x:1003:1001::/work/dev:/bin/bash
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
- 设置 umask 使组内的成员可以读取和写入文件,但不能删除其他人的文件
bash[root@centos ~]# echo "umask 002" >> /home/qa1/.bashrc
[root@centos ~]# echo "umask 002" >> /home/qa2/.bashrc
[root@centos ~]# echo "umask 002" >> /home/dev1/.bashrc
[root@centos ~]# echo "umask 002" >> /home/dev2/.bashrc
设置新创建文件的默认权限为 664(即 -rw-rw-r--); 使组内的成员可以读取和写入文件,但不能删除其他人的文件。
限制工作目录最大空间为2G
- 安装quota工具
bash[root@centos ~]# yum install quota
- 文件系统添加 usrquota 和 grpquota 选项
bash[root@centos ~]# vim /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu May 9 15:14:44 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=9ec0e373-96a7-4794-a982-e5fe2cfedc93 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
UUID=81a3f9d2-4dcd-4bb4-9dcb-69c403826b11 /work/dev ext4 defaults,usrquota,grpquota 0 0
UUID=a1873ce6-a57b-4d3c-81f7-6bf993c50e24 /work/qa ext4 defaults,usrquota,grpquota 0 0
- 重新挂载文件系统
bash[root@centos ~]# mount -o remount /work/dev
[root@centos ~]# mount -o remount /work/qa
- 创建配额文件并启用
bash[root@centos ~]# quotacheck -cug /work/dev
[root@centos ~]# quotacheck -cug /work/qa
[root@centos ~]# quotaon /work/dev
[root@centos ~]# quotaon /work/qa
- 设置配额
bash[root@centos ~]# setquota -u -F vfsv0 qa1 0 2097152 0 0 /work/qa
[root@centos ~]# setquota -u -F vfsv0 qa2 0 2097152 0 0 /work/qa
[root@centos ~]# setquota -u -F vfsv0 dev1 0 2097152 0 0 /work/dev
[root@centos ~]# setquota -u -F vfsv0 dev2 0 2097152 0 0 /work/dev
5. 将qa团队的工作目录扩容一个G
- 将sdb剩余空间分区并格式化
bash[root@centos ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Command (m for help): n
Partition type:
p primary (2 primary, 0 extended, 2 free)
e extended
Select (default p): p
Partition number (3,4, default 3): 3
First sector (8390656-10485759, default 8390656):
Using default value 8390656
Last sector, +sectors or +size{K,M,G} (8390656-10485759, default 10485759):
Using default value 10485759
Partition 3 of type Linux and of size 1023 MiB is set
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table. The new table will be used at
the next reboot or after you run partprobe(8) or kpartx(8)
Syncing disks.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) Syncing disks. 这里报了一个警告, 显示分区表仍然使用旧的, 所以我重启了虚拟机
bash[root@centos ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10G 0 disk
├─sda1 8:1 0 800M 0 part /boot
└─sda2 8:2 0 9.2G 0 part
├─centos-root 253:0 0 7.2G 0 lvm /
└─centos-swap 253:1 0 2G 0 lvm [SWAP]
sdb 8:16 0 5G 0 disk
├─sdb1 8:17 0 2G 0 part /work/dev
├─sdb2 8:18 0 2G 0 part /work/qa
└─sdb3 8:19 0 1023M 0 part
sr0 11:0 1 918M 0 rom
[root@centos ~]# mkfs.ext4 /dev/sdb3
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
65536 inodes, 261888 blocks
13094 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=268435456
8 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Allocating group tables: done
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
-
扩容qa
- 卸载 /work/qa
bash[root@centos ~]# umount /work/qa- 创建物理卷(PV)
bash[root@centos ~]# umount /work/qa umount: /work/qa: not mounted [root@centos ~]# pvcreate /dev/sdb2 /dev/sdb3 WARNING: ext4 signature detected on /dev/sdb2 at offset 1080. Wipe it? [y/n]: y Wiping ext4 signature on /dev/sdb2. WARNING: ext4 signature detected on /dev/sdb3 at offset 1080. Wipe it? [y/n]: y Wiping ext4 signature on /dev/sdb3. Physical volume "/dev/sdb2" successfully created. Physical volume "/dev/sdb3" successfully created.- 创建卷组(VG)
bash[root@centos ~]# vgcreate myvg /dev/sdb2 /dev/sdb3 Volume group "myvg" successfully created- 创建卷组(VG)
bash[root@centos ~]# vgcreate myvg /dev/sdb2 /dev/sdb3 Volume group "myvg" successfully created- 创建逻辑卷(LV)
bash[root@centos ~]# lvcreate -l 100%FREE -n mylv myvg Logical volume "mylv" created.- 创建文件系统
bash[root@centos ~]# mkfs.ext4 /dev/myvg/mylv mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 196224 inodes, 784384 blocks 39219 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=803209216 24 block groups 32768 blocks per group, 32768 fragments per group 8176 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912 Allocating group tables: done Writing inode tables: done Creating journal (16384 blocks): done Writing superblocks and filesystem accounting information: done- 挂载新的逻辑卷
bash[root@centos ~]# mount /dev/myvg/mylv /work/qa [root@centos ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 7.3G 1.7G 5.6G 23% / devtmpfs 475M 0 475M 0% /dev tmpfs 487M 0 487M 0% /dev/shm tmpfs 487M 7.7M 479M 2% /run tmpfs 487M 0 487M 0% /sys/fs/cgroup /dev/sda1 797M 133M 665M 17% /boot /dev/sdb1 2.0G 6.1M 1.8G 1% /work/dev tmpfs 98M 0 98M 0% /run/user/0 /dev/mapper/myvg-mylv 2.9G 9.0M 2.8G 1% /work/qa- 修改/etc/fstab使其持久化挂载
bash[root@centos ~]# blkid /dev/sr0: UUID="2018-11-25-21-21-31-00" LABEL="CentOS 7 x86_64" TYPE="iso9660" PTTYPE="dos" /dev/sda1: UUID="9ec0e373-96a7-4794-a982-e5fe2cfedc93" TYPE="xfs" /dev/sda2: UUID="zShiw4-IKGp-CksW-6S0b-1vMe-z26x-pa6PSk" TYPE="LVM2_member" /dev/sdb1: UUID="81a3f9d2-4dcd-4bb4-9dcb-69c403826b11" TYPE="ext4" /dev/sdb2: UUID="1Yr766-N36O-ei1u-tWBK-dFLA-GpXW-ms9AYc" TYPE="LVM2_member" /dev/sdb3: UUID="oigB4b-FiWz-Y6U5-MYvd-jnZT-Crge-g5HUSc" TYPE="LVM2_member" /dev/mapper/centos-root: UUID="d6863ac6-9d82-4943-b03a-7434a4d932c8" TYPE="xfs" /dev/mapper/centos-swap: UUID="a663a52b-cdf1-40a9-9146-9d15786c7e18" TYPE="swap" /dev/mapper/myvg-mylv: UUID="dbce570c-b817-4db4-abea-59488c2623f4" TYPE="ext4" [root@centos ~]# vim /etc/fstab # # /etc/fstab # Created by anaconda on Thu May 9 15:14:44 2024 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=9ec0e373-96a7-4794-a982-e5fe2cfedc93 /boot xfs defaults 0 0 /dev/mapper/centos-swap swap swap defaults 0 0 UUID=81a3f9d2-4dcd-4bb4-9dcb-69c403826b11 /work/dev ext4 defaults,usrquota,grpquota 0 0 UUID=dbce570c-b817-4db4-abea-59488c2623f4 /work/qa ext4 defaults,usrquota,grpquota 0 0 [root@centos ~]# mount -a [root@centos ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 7.3G 1.7G 5.6G 23% / devtmpfs 475M 0 475M 0% /dev tmpfs 487M 0 487M 0% /dev/shm tmpfs 487M 7.7M 479M 2% /run tmpfs 487M 0 487M 0% /sys/fs/cgroup /dev/sda1 797M 133M 665M 17% /boot /dev/sdb1 2.0G 6.1M 1.8G 1% /work/dev tmpfs 98M 0 98M 0% /run/user/0 /dev/mapper/myvg-mylv 2.9G 9.0M 2.8G 1% /work/qa
6. 现在有一个ip地址114.114.114.114 首先从你这台虚拟机测试一下到这个ip通不通。假设不通,可能有哪些原因?每一个可能原因都需要给出测试和验证的方法
- 测试本虚拟机是否可以ping通
bash[root@centos ~]# ping 114.114.114.114
PING 114.114.114.114 (114.114.114.114) 56(84) bytes of data.
64 bytes from 114.114.114.114: icmp_seq=1 ttl=128 time=1.68 ms
64 bytes from 114.114.114.114: icmp_seq=2 ttl=128 time=0.742 ms
64 bytes from 114.114.114.114: icmp_seq=3 ttl=128 time=0.499 ms
64 bytes from 114.114.114.114: icmp_seq=4 ttl=128 time=0.472 ms
^C64 bytes from 114.114.114.114: icmp_seq=5 ttl=128 time=0.599 ms
64 bytes from 114.114.114.114: icmp_seq=6 ttl=128 time=0.736 ms
^C
--- 114.114.114.114 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5005ms
rtt min/avg/max/mdev = 0.472/0.789/1.688/0.415 ms
可以ping通
- 假设ping不通的原因
- 首先检查虚拟机网络服务是否启动
bash[root@centos network-scripts]# systemctl status network
● network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: active (exited) since Fri 2024-05-10 19:23:27 CST; 4min 57s ago
Docs: man:systemd-sysv-generator(8)
Process: 8247 ExecStop=/etc/rc.d/init.d/network stop (code=exited, status=0/SUCCESS)
Process: 8398 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)
May 10 19:23:26 centos.mini.01 systemd[1]: Stopped LSB: Bring up/down networking.
May 10 19:23:26 centos.mini.01 systemd[1]: Starting LSB: Bring up/down networking...
May 10 19:23:26 centos.mini.01 network[8398]: Bringing up loopback interface: [ OK ]
May 10 19:23:27 centos.mini.01 network[8398]: Bringing up interface ens33: Connection successfully activated (D-Bus active path: /org/freedesktop/N...ection/3)
May 10 19:23:27 centos.mini.01 network[8398]: [ OK ]
May 10 19:23:27 centos.mini.01 systemd[1]: Started LSB: Bring up/down networking.
Hint: Some lines were ellipsized, use -l to show in full.
输出显示网络服务启动正常并且活跃
- 114.114.114.114 服务器自身问题
几乎不太可能, 114.114.114.114是国内DNS服务器IP地址, 几乎不会出现问题
测试方法: 使用本机或其他电脑ping一下
powershellPS C:\Users\30372> ping 114.114.114.114 正在 Ping 114.114.114.114 具有 32 字节的数据: 来自 114.114.114.114 的回复: 字节=32 时间<1ms TTL=64 来自 114.114.114.114 的回复: 字节=32 时间=7ms TTL=64 来自 114.114.114.114 的回复: 字节=32 时间<1ms TTL=64 来自 114.114.114.114 的回复: 字节=32 时间<1ms TTL=64 114.114.114.114 的 Ping 统计信息: 数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失), 往返行程的估计时间(以毫秒为单位): 最短 = 0ms,最长 = 7ms,平均 = 1ms
可以ping通, 说明114.114.114.114服务器没有问题
或者可以使用虚拟机ping其它DNS服务器IP地址例如 阿里AliDNS 223.6.6.6 如果能够ping通说明114.114.114.114服务器或者相关出现了故障, 如果ping不通则可能是本机系统网络或者VMware虚拟机出现了问题
- Linux虚拟机静态IP配置错误
bash[root@centos ~]# cd /etc/sysconfig/network-scripts/
[root@centos network-scripts]# vim ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="b766b55c-6498-4c6c-99d4-c4a1c63d3869"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.12.128"
NETMASK="255.255.255.0"
GATEWAY="192.168.12.2"
测试方法: 修改IP地址、子网掩码和网关,重启网络服务, 使其生效,再次尝试是否ping通
-
如果检查IP配置没有问题, 则是否产生了IP占用的情况
我在做第2题时就出现了这个情况😅, 配置的静态网关IP(192.168.12.1)和VMware 网卡IP相冲突, 导致无法ping通114.114.114.114
测试方法: 仍然是修改IP地址、子网掩码和网关,重启网络服务, 使其生效,再次尝试是否ping通 -
网络防火墙或安全组规则 检查及测试方法: 使用
iptables -L命令查看虚拟机的防火墙规则
还可以使用systemctl stop firewalld关闭防火墙再次尝试ping 114.114.114.114 -
路由问题:虚拟机可能无法找到到该IP地址的路由。 可以使用
route -n命令来查看路由表, 也可以可以运行traceroute 114.114.114.114命令来查看到该IP地址的路由路径 -
虚拟机网络模式选择问题 VMware 虚拟机支持三种网络连接模式:
-
桥接模式(Bridged):虚拟机将直接连接到物理网络,就像它是网络上的另一台独立的计算机一样。它将拥有自己的 IP 地址,并可以与网络上的其他设备进行直接通信。这种模式通常用于需要完全访问网络资源的虚拟机。
-
NAT模式(Network Address Translation):虚拟机将通过主机的网络适配器与网络进行通信。虚拟机的所有网络流量将通过主机的 IP 地址进行路由。这种模式通常用于需要访问互联网但不需要与本地网络上的其他设备直接通信的虚拟机。
-
主机模式(Host-only):虚拟机只能与主机进行通信。它不能访问主机的网络或互联网。这种模式通常用于需要隔离的虚拟机,例如进行安全测试的虚拟机。
-
由于网络模式设置不正确。例如,如果你的虚拟机设置为主机模式,它将无法访问互联网。如果你的虚拟机设置为NAT模式,它可能无法直接与本地网络上的其他设备进行通信。你可能需要根据你的网络需求来选择正确的网络模式。
- VMware虚拟机网络设置问题 可以尝试重置VMware网络模式设置
7. 在你刚刚这台主机上添加到目标网络 180.149.153.0/24 的路由,网关IP为,172.32.0.1 。并查看路由表,看下是否生效,如果没有生效,为什么?
bash[root@centos network-scripts]# ip route
default via 192.168.12.2 dev ens33 proto static metric 100
192.168.12.0/24 dev ens33 proto kernel scope link src 192.168.12.128 metric 100
[root@centos network-scripts]# ip route add 180.149.153.0/24 via 172.32.0.1
RTNETLINK answers: Network is unreachable
-
显示网络不可达 查看本虚拟机路由表, 可以看到当前主机只有到 192.168.12.0/24 网络的路由, 网关 172.32.0.1 并不在这个网络内, 所以显示网络不可达
-
解决方法
- 添加新的 IP 地址
bash[root@centos network-scripts]# ip addr add 172.32.0.2/24 dev ens33
- 查看 IP 地址信息
bash[root@centos network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:da:a6:0b brd ff:ff:ff:ff:ff:ff
inet 192.168.12.128/24 brd 192.168.12.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 172.32.0.2/24 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::2108:92a:618e:5960/64 scope link noprefixroute
valid_lft forever preferred_lft forever
发现 inet 172.32.0.2/24 scope global ens33新 IP 地址 172.32.0.2/24 已经成功地添加到了 ens33 网络接口上
- 再次添加
bash[root@centos network-scripts]# ip route add 180.149.153.0/24 via 172.32.0.1
- 查看路由表
bash[root@centos network-scripts]# ip route
default via 192.168.12.2 dev ens33 proto static metric 100
172.32.0.0/24 dev ens33 proto kernel scope link src 172.32.0.2
180.149.153.0/24 via 172.32.0.1 dev ens33
192.168.12.0/24 dev ens33 proto kernel scope link src 192.168.12.128 metric 100
添加成功
8. 下面是本机的路由表
我本机的IP地址ens33为192.168.10.11,ens37为172.16.0.11,请问本机访问 192.168.10.250 要走路由吗,如果走是应该命中哪一条路由。发送给192.168.10.250 的数据包的源IP和目标IP分别是多少,10.250的回复报文的源IP和目标IP是多少,走哪一个网卡发送那如果向172.16.39.18 发送数据,要走路由吗,如果走是应该命中哪一条路由。发送的数据包的目标MAC地址是谁的?源IP和目的IP是多少?172.16.39.18 的回复报文里的源IP和目的IP是多少。
bash[root@nebulalinux03 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.10.2 0.0.0.0 UG 100 0 0 ens33
172.16.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens37
172.16.39.16 172.16.0.1 255.255.255.192 UG 0 0 0 ens33
172.16.39.16 172.16.0.1 255.255.255.240 UG 0 0 0 ens37
192.168.10.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
- 本机访问
192.168.10.250不需要走路由, 它们在同一个子网中(192.168.10.0/24)。根据路由表,所有目标地址在192.168.10.0/24的数据包都会通过ens33网卡直接发送。 - 发送给
192.168.10.250的数据包的源IP是192.168.10.11(ens33的IP),目标IP是192.168.10.250。 192.168.10.250回复的数据包的源IP是192.168.10.250,目标IP是192.168.10.11,通过ens33网卡发送。
访问 172.16.39.18:
- 这个地址不在本地网络上,所以需要走路由。
- 根据路由表,这个地址应该匹配
172.16.39.16/26这条路由规则(172.16.39.16是网络地址,255.255.255.192是子网掩码,所以这个网络包括172.16.39.16到172.16.39.63的地址)。 - 发往
172.16.39.18的数据包的源 IP 应该是192.168.10.11,目标 IP 是172.16.39.18。目标 MAC 地址是下一跳网关172.16.0.1的 MAC 地址。 172.16.39.18回复的报文的源 IP 是172.16.39.18,目标 IP 是192.168.10.11。- 这些数据包应该通过
ens33网卡发送。
9. 现在星云科技新租了学校,两个教室,A教室有130个座位,B教室有300个座位。先聘请你作为管理员。需要你来规划一下网络地址,要求两个教室不能在一个广播域内。请写出划分的ip地址段,每个教室里分配的ip地址范围
-
对于 A 教室,我们需要至少 130 个 IP 地址。考虑到网络地址和广播地址,我们需要至少 132 个地址,所以我们需要一个子网掩码至少为 /25 的子网(7位主机地址, 2 ^ 7 = 128)。我们可以选择 192.168.1.0/25,这个子网的 IP 地址范围是 192.168.1.0 到 192.168.1.127。
-
对于 B 教室,我们需要至少 300 个 IP 地址。考虑到网络地址和广播地址,我们需要至少 302 个地址,所以我们需要一个子网掩码至少为 /23 的子网。我们可以选择 192.168.2.0/23 (9 位主机地址, 2 ^ 9 = 512),这个子网的 IP 地址范围是 192.168.2.0 到 192.168.3.255。
如果对你有用的话,可以打赏哦
打赏
本文作者:GYC
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
目录