system-config-securitylevel //thay doi thiet lap Firewall
yum --enablerepo=centosplus upgrade php* //upgrade PHP
yum --enablerepo=centosplus upgrade mysql* //upgrade mysql
yum --enablerepo=centosplus install mysql-server-5*
yum --enablerepo=centosplus install mysql-server-5*
/etc/sysconfig/network-scripts //file config NIC
DEVICE=eth0:0
ONBOOT=yes
BOOTPROTO=static
BROADCAST=192.168.10.255
IPADDR=192.168.10.12
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
DEVICE=eth0:0
ONBOOT=yes
BOOTPROTO=static
BROADCAST=192.168.10.255
IPADDR=192.168.10.12
NETMASK=255.255.255.0
NETWORK=192.168.10.0
ONBOOT=yes
/etc/init.d/network restart // restart network service
/etc/sysconfig/network //file config network
NETWORKING=yes
HOSTNAME=my-hostname - Hostname is defined here and by command hostname
FORWARD_IPV4=true - True for NAT firewall gateways and linux routers.
False for everyone else - desktops and servers.
GATEWAY="XXX.XXX.XXX.YYY" - Used if your network is connected to another network or the internet.
Static IP configuration. Gateway not defined here for DHCP client.
NETWORKING=yes
HOSTNAME=my-hostname - Hostname is defined here and by command hostname
FORWARD_IPV4=true - True for NAT firewall gateways and linux routers.
False for everyone else - desktops and servers.
GATEWAY="XXX.XXX.XXX.YYY" - Used if your network is connected to another network or the internet.
Static IP configuration. Gateway not defined here for DHCP client.
hostname <new-host-name> //change new hostname
and edit: /etc/sysconfig/network
ifconfig eth1 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255
route add default gw XXX.XXX.XXX.XXX dev eth0
route add -net XXX.XXX.XXX.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX dev eth0
Trong Centos, neu add route default ma` khong ke`m theo netmask thi default netmask se la
255.255.255.255. Do do nen kem theo netmask khi add route defaut
route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.20.254.254..
route add default gw XXX.XXX.XXX.XXX dev eth0
route add -net XXX.XXX.XXX.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX dev eth0
Trong Centos, neu add route default ma` khong ke`m theo netmask thi default netmask se la
255.255.255.255. Do do nen kem theo netmask khi add route defaut
route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.20.254.254..
Using vmstat
r -- The average number of runnable kernel threads over whatever sampling interval you have chosen.
b -- The average number of kernel threads that are in the virtual memory waiting queue over your sampling interval. r should always be higher than b; if it is not, it usually means you have a CPU bottleneck.
fre -- The size of your memory free list. Do not worry so much if the amount is really small. More importantly, determine if there is any paging going on if this amount is small.
pi -- Pages paged in from paging space.
po -- Pages paged out to paging space.
CPU section:
us
sy
id
wa
b -- The average number of kernel threads that are in the virtual memory waiting queue over your sampling interval. r should always be higher than b; if it is not, it usually means you have a CPU bottleneck.
fre -- The size of your memory free list. Do not worry so much if the amount is really small. More importantly, determine if there is any paging going on if this amount is small.
pi -- Pages paged in from paging space.
po -- Pages paged out to paging space.
CPU section:
us
sy
id
wa
Let's look at the last section, which also comes up in most other CPU monitoring tools, albeit with different headings:
us -- user time
sy -- system time
id -- idle time
wa -- waiting on I/O
Clearly, this system has no bottleneck to speak of. How do you determine this? Let's look at the more important fields to analyze in the vmstat output. Even though this system is running AIX 5.3, you will not see the number of physical processors or the percentage of your consumed entitled capacity because it is not running in a micro-partitioned environment. If it were running in a micro-partitioned environment, you would see these additional fields, as vmstat was enhanced to work in a virtualized and micro-partitioned environment.
sy -- system time
id -- idle time
wa -- waiting on I/O
Clearly, this system has no bottleneck to speak of. How do you determine this? Let's look at the more important fields to analyze in the vmstat output. Even though this system is running AIX 5.3, you will not see the number of physical processors or the percentage of your consumed entitled capacity because it is not running in a micro-partitioned environment. If it were running in a micro-partitioned environment, you would see these additional fields, as vmstat was enhanced to work in a virtualized and micro-partitioned environment.
If your us and sys entries consistently average over 80 percent, you more than likely have a CPU bottleneck. If they add up to 100 percent, your system is really breathing heavy. If the numbers are small, but wa (waiting on I/O) is high (usually > then 30), this means there might be I/O problems on the system, which can cause the CPU not to work as hard as it could. If more time is spent in sy time rather then us time, this means your system is spending less time crunching numbers than actually processing kernel data. This is also not a good thing.
While the vmstat command is more commonly associated with memory, I have found that it is the quickest and most accurate way to determine what my bottleneck is.
So why did the user complain about the system? Because it really seemed like it was running slow to him. I was only able to get to the root cause after I determined there were no systems problems and his buddy in the adjoining cube had no issues to speak of. So I had him reboot his PC and everything came up clean afterwards. Apparently, something was running haywire on the PC client.
Khi trouble su co, quan trong nhat phai xem dau tien la CPU, disk, hardware ....sau do den log
#cd /var/log
#more messages
#cd /var/log
#more messages
full hard disk copy (backup entire hard disk)
dd if=/dev/hdx of=/dev/hdy
dd if=/dev/hdx of=/path/to/image
dd if=/dev/hdx | gzip > /path/to/image.gz
dd if=/dev/hdx of=/path/to/image
dd if=/dev/hdx | gzip > /path/to/image.gz
Restore Backup of hard disk copy
dd if=/path/to/image of=/dev/hdx
gzip -dc /path/to/image.gz | dd of=/dev/hdx
MBR backup
In order to backup only the first few bytes containing the MBR and the partition table you can use dd as well.
dd if=/dev/hdx of=/path/to/image count=1 bs=512
MBR restore
dd if=/path/to/image of=/dev/hdx
Add "count=1 bs=446" to exclude the partition table from being written to disk. You can manually restore the table.
// neu thu muc de chua file image la dia USB, ta phai xem lai format cua dia USB, boi vi
neu duoc format duoi FAT32 thi "FAT32 has a limit of 4GB on individual file size"
Xem http://en.wikipedia.org/wiki/File_Allocation_Table . Ta phai chuyen dinh dang cho no'
// neu thu muc de chua file image la dia USB, ta phai xem lai format cua dia USB, boi vi
neu duoc format duoi FAT32 thi "FAT32 has a limit of 4GB on individual file size"
Xem http://en.wikipedia.org/wiki/File_Allocation_Table . Ta phai chuyen dinh dang cho no'
Format dia theo dinh dang Ext3 cua linux
#mkfs.ext3 /dev/hda5
#mkdir /mnt/hda5
#mount -t ext3 /dev/hda5 /mnt/hda5
Creating a Partition
Warning : Do not attempt to create a partition on a device that is in use (boot into rescue
mode or unmount any partitions on the device and turn off any swap space on the device).
Warning : Do not attempt to create a partition on a device that is in use (boot into rescue
mode or unmount any partitions on the device and turn off any swap space on the device).
Start "parted", where /dev/hda is the device on which to create the partition:
#parted /dev/hda
#print // view current pattion
#print // view current pattion
#mkpart primary ext3 1024 2048 // Making the Partition with an ext3 file system from 1024
megabytes until 2048 megabytes on a hard drive
megabytes until 2048 megabytes on a hard drive
#/sbin/mkfs -t ext3 /dev/hdb3 //format
#e2label /dev/hdax /<name>
#e2label /dev/hdax /<name>
#vi /detc/fstab
LABEL=/<name> /<mount point> ext3 defaults 1 2
LABEL=/<name> /<mount point> ext3 defaults 1 2
Cai dat RAID 1 cho Linux:
Mot vai chu y :
1) Kernel cua Linux phai support RAID (kernel over 2.4.x is OK, neu < 2.4 thi phai ca`i patch)
2) Raid support phai duoc compile into kener (OK if you see /proc/mdstat exists)
3) If u'r using IDE for raid configure, u should install drives on different IDE ports (controllers)
Very Important
4) The partition that will be used for the raid-1 on the second disk should be about the
same size as first disk, it must be at least as large as the first disk's partition. If the
second disk's partition is larger, the extra space will not be used by raid-1 device.
1) Kernel cua Linux phai support RAID (kernel over 2.4.x is OK, neu < 2.4 thi phai ca`i patch)
2) Raid support phai duoc compile into kener (OK if you see /proc/mdstat exists)
3) If u'r using IDE for raid configure, u should install drives on different IDE ports (controllers)
Very Important
4) The partition that will be used for the raid-1 on the second disk should be about the
same size as first disk, it must be at least as large as the first disk's partition. If the
second disk's partition is larger, the extra space will not be used by raid-1 device.
Xem huong dan http://www.linuxjournal.com/article/5898
Mot vai thao tac quan tri:
#w //Show who is logged on and what they are doing.
#free //show RAM
#du -sh //show capacity of directory
#free //show RAM
#du -sh //show capacity of directory
Another way to show capacity of directory with GB
du -h / | grep ^[0-9.]*G // show all directory in / with GB
find / -type d -size +1G // find directory more than 1 GB
mount -t ext3 /dev/<drive's device name> /<home2 or some suitable directory> - Mount the drive
/var/log/messages - system messages
/secure - Logging by PAM of network access attempts
/dmesg - Log of system boot. Also see command dmesg
/boot.log - Log of system init process
/xferlog.1 - File transfer log
/lastlog - Requires the use of the lastlog command to examine contents
/maillog - log from sendmail daemon
//Mot so cau lenh monitor perfomance linux
w - Find Out Who Is Logged on And What They Are Doing (# w username)
uptime - Tell How Long The System Has Been Running (# uptime)
iostat - Average CPU Load, Disk Activity (# iostat)
sar - Collect and Report System Activity (# sar -n DEV | more)
mpstat - Multiprocessor Usage (# mpstat -P ALL)
pmap - Process Memory Usage(# pmap -d PID)
iptraf - Real-time Network Statistics
tcpdump - Detailed Network Traffic Analysis(# tcpdump -i eth1 'udp port 53')
strace - System Calls //http://www.cyberciti.biz/tips/linux-strace-command-examples.html
/Proc file system - Various Kernel Statistics ( # cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts)
Nagios - Server And Network Monitoring
(Tham khao http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html)
w - Find Out Who Is Logged on And What They Are Doing (# w username)
uptime - Tell How Long The System Has Been Running (# uptime)
iostat - Average CPU Load, Disk Activity (# iostat)
sar - Collect and Report System Activity (# sar -n DEV | more)
mpstat - Multiprocessor Usage (# mpstat -P ALL)
pmap - Process Memory Usage(# pmap -d PID)
iptraf - Real-time Network Statistics
tcpdump - Detailed Network Traffic Analysis(# tcpdump -i eth1 'udp port 53')
strace - System Calls //http://www.cyberciti.biz/tips/linux-strace-command-examples.html
/Proc file system - Various Kernel Statistics ( # cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts)
Nagios - Server And Network Monitoring
(Tham khao http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html)
# chkconfig telnet on
# service xinetd reload
Reloading configuration: [ OK ]
# /etc/init.d/vsftpd start
Starting vsftpd for vsftpd: [ OK ]
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Configure Telnet for root logins
# service xinetd reload
Reloading configuration: [ OK ]
# /etc/init.d/vsftpd start
Starting vsftpd for vsftpd: [ OK ]
# ln -s /etc/init.d/vsftpd /etc/rc3.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc4.d/S56vsftpd
# ln -s /etc/init.d/vsftpd /etc/rc5.d/S56vsftpd
Configure Telnet for root logins
Simply edit the file /etc/securetty and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
Edit the files /etc/vsftpd.ftpusers and /etc/vsftpd.user_list and remove the 'root' line from each file.
OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR
OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR
OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR-OR
Linux is configured to run the Telnet and FTP server, but by default, these services are not enabled. To enable these services, login to the server as the root userid and edit the files:
/etc/xinetd.d/telnet
/etc/xinetd.d/wu-ftpd
In both files, find the line for disable and change it from the value "yes" to "no".
/etc/xinetd.d/wu-ftpd
In both files, find the line for disable and change it from the value "yes" to "no".
After changing the above values, you will need to restart the xinetd deamon. As the root userid, type the following command:
% /etc/init.d/xinetd reload
Configure Telnet for root logins
Simply edit the file /etc/securetty and add the following to the end of the file:
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
This will allow up to 10 telnet sessions to the server as root.
Configure FTP for root logins
First edit the file /etc/ftpaccess and comment out the 'deny-uid' and 'deny-gid' lines.
Also, don't forget to remove the 'root' line from /etc/ftpusers
========================================================
How to MOUNT via network: vi du o day co 2 may A va B, may A co o dia /dev/VolGroup0/disk can mount sang may B
1- Start NFS: (tren may A)
/sbin/service nfs start
1- Start NFS: (tren may A)
/sbin/service nfs start
2- Mount dia do thanh thu muc (Thao tac tren may A)
A#mount /dev/VolGroup0/disk /tempdisk //mount o dia tren may A thanh thu muc /tempdisk
Tiep theo khai bao trong file /etc/exports
A#vi /etc/exports
/tempdisk 10.200.0.128/255.255.255.192(rw,sync,insecure,no_root_squash)
/tempdisk 116.193.64.0/255.255.255.0(ro,sync,insecure,no_root_squash)
// Cau lenh tren dung de share thu muc /tempdisk tren may A cho cac may trong vung mang nhu tren.
Tiep theo restart lai NFS
A#/sbin/service nfs restart
A#mount /dev/VolGroup0/disk /tempdisk //mount o dia tren may A thanh thu muc /tempdisk
Tiep theo khai bao trong file /etc/exports
A#vi /etc/exports
/tempdisk 10.200.0.128/255.255.255.192(rw,sync,insecure,no_root_squash)
/tempdisk 116.193.64.0/255.255.255.0(ro,sync,insecure,no_root_squash)
// Cau lenh tren dung de share thu muc /tempdisk tren may A cho cac may trong vung mang nhu tren.
Tiep theo restart lai NFS
A#/sbin/service nfs restart
3- Sang may B thuc hien cau lenh mount
B#mount -t nfs <IP may A>:/tempdisk /<thu muc mount point tren may B>
B#mount -t nfs <IP may A>:/tempdisk /<thu muc mount point tren may B>
======================================
multipath -l //show cac LUN tu SAN duoc map vao machine.
1) Plug in the flash drive into one of the USB ports on your computer.
2) Enter the following command:
# lsusb
This will list all usb devices on your system.
3) Go into your /dev directory and look for sdXX where XX is a leter and number ex: sda1.
Some distros will only make a dev for the devices you have and some will not. If there are a lot of sdXX's in there than just start with sda1 and try others if you have no luck.
4) Make a directory to mount your drive, eg. /mnt/usb.
5) Then mount the device:
mount -t vfat /dev/sda1 /mnt/usb
Some distros will only make a dev for the devices you have and some will not. If there are a lot of sdXX's in there than just start with sda1 and try others if you have no luck.
4) Make a directory to mount your drive, eg. /mnt/usb.
5) Then mount the device:
mount -t vfat /dev/sda1 /mnt/usb
create a temporary directory like /mnt/usb
plug your USB drive.
see the output of `dmesg`
if you see sda
then mkdir /dev/sda1 /mnt/usb
if you see sdb
then mkdir /dev/sdb1 /mnt/usb
and so on...
sorry forgot to paste the link
here it is
http://forums.dreamincode.net/showtopic9989.htm
http://forums.dreamincode.net/showtopic9989.htm
Khi Mount vùng LUN map tu SAN vào máy xen host, máy chu báo loi :
"mount: you must specify the filesystem type"
Luu ý là do vùng LUN này chua duoc dinh dang trong máy chu xen. Ðe có the mount duoc, ta phai dinh dang cho nó (khi dinh dang, toàn bo du lieu se bi mat):
mkfs.ext3 /dev/mapper/LUN_ID
Sau dó thuc hien lenh mount nhu bình thuong.
Su dung dd de backup full hardisk:
full hard disk copy
dd if=/dev/hdx of=/dev/hdy
dd if=/dev/hdx of=/path/to/image
dd if=/dev/hdx | gzip > /path/to/image.gz
dd if=/dev/hdx of=/path/to/image
dd if=/dev/hdx | gzip > /path/to/image.gz
Hdx could be hda, hdb etc. In the second example gzip is used to compress the image if it is really just a backup.
Restore Backup of hard disk copy
dd if=/path/to/image of=/dev/hdx
gzip -dc /path/to/image.gz | dd of=/dev/hdx
MBR backup
In order to backup only the first few bytes containing the MBR and the partition table you can use dd as well.
dd if=/dev/hdx of=/path/to/image count=1 bs=512
MBR restore
dd if=/path/to/image of=/dev/hdx
Add "count=1 bs=446" to exclude the partition table from being written to disk. You can manually restore the table.
Save static route:
ADDRESS0=10.10.10.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.0.1
ADDRESS1=172.16.1.0
NETMASK1=255.255.255.0
GATEWAY1=192.168.0.1
Subsequent static routes must be numbered sequentially, and must not skip any values. For example, ADDRESS0, ADDRESS1, ADDRESS2, and so on.
Below is an example of setting static routes to a different subnet, on a machine in the 192.168.0.0/24 subnet. The example machine has an eth0 interface in the 192.168.0.0/24 subnet, and an eth1 interface (10.10.10.1) in the 10.10.10.0/24 subnet:
ADDRESS0=10.10.10.0
NETMASK0=255.255.255.0
GATEWAY0=10.10.10.1
Configure share NFS on Centos:
# mkdir -p /nhuttest
# vi /etc/exports
edit the file with this:
/nhuttest *(rw,async,no_root_squash)
# exportfs -a
# vi /etc/sysconfig/nfs
Change some parameter as below:
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020
Reboot the services:
# service rpcbind start
# service nfs start
# chkconfig nfs on
# chkconfig rpcbind on
# reboot
On server we want to mount NFS share, just type:
# mount -t nfs <NFS share server>:/nhuttest <mount point>
Clear cache (or mem cached) or clear memory in Linux:
#sudo sh -c "sync; echo 3 > /proc/sys/vm/drop_caches"
//want to su to system user without type a password
sudo -u <user> -s
#sudo -u www-data -s
Monitor interface
iftop
IE: sudo iftop -i <interface_name> -f '<port port>'
#sudo iftop -i eth0 -f 'port 8080'
Scan and add new hard drive
echo "- - -" > /sys/class/scsi_host/host#/scan
Show port listening + user + name service
lsof -i:6080
Show linux version
lsb_release -a
Check ext format for disk:
file -s /dev/sda1
Search command:
grep -n '<search string>' <file> | cut -d<opeator for cut> -f <number>
ex: grep -n '^# Begin Extraction 1:$' KcsSetup.sh
766:# Begin Extraction 1:
grep -n '^# Begin Extraction 1:$' KcsSetup.sh | cut -d: -f 1
766
grep -n '^# Begin Extraction 1:$' KcsSetup.sh | cut -d: -f 2
# Begin Extraction 1
grep -n '^# Begin Extraction 1:$' KcsSetup.sh | cut -d# -f 1
766:
grep -n '^# Begin Extraction 1:$' KcsSetup.sh | cut -d' ' -f 1
766:#
No comments:
Post a Comment