一、REHL8 WEB控制台管理系统
登录一台服务器有哪些方法:
本地登录、VNC、XSHELL、web控制台登录
1.1 什么是web控制台
web控制台是一个基于web的红帽企业版Linux8界面,用于管理和监控本地系统及位于网络环境中的linux服务器
RHEL的web控制台是交互式服务器管理界面,可以直接通过浏览器与真实的linux操作系统进行直接交互。
1.2 web控制台可以做什么
(1)监控基本系统功能,例如硬件信息,时间配置,性能配置等
(2)检查系统日志文件
(3)管理网络接口和配置防火墙
(4)管理虚拟机
(5)管理用户帐户
(6)监视和配置系统服务
(7)管理软件包
(8)配置SELinux
(9)更新软件
(10)访问终端
1.3 操作步骤
服务器开机,有网络,可以连接公网
先检查自己的服务器是否默认安装了这个服务 cockpit
[root@wentan ~]# yum list | grep cockpit
#RHEL8 默认已经安装了cocpit这个服务
cockpit.x86_64 185-2.el8 @anaconda
cockpit-bridge.x86_64 185-2.el8 @anaconda
cockpit-packagekit.noarch 184.1-1.el8 @AppStream
cockpit-storaged.noarch 184.1-1.el8 @AppStream
cockpit-system.noarch 185-2.el8 @anaconda
cockpit-ws.x86_64 185-2.el8 @anaconda
subscription-manager-cockpit.noarch 1.23.8-35.el8 @anaconda
cockpit.x86_64 251.1-1.el8 base
cockpit-bridge.x86_64 251.1-1.el8 base
cockpit-composer.noarch 31.1-1.el8 AppStream
cockpit-doc.noarch 251.1-1.el8 base
cockpit-machines.noarch 251.1-1.el8 AppStream
cockpit-packagekit.noarch 251.1-1.el8 AppStream
cockpit-pcp.x86_64 251.1-1.el8 AppStream
cockpit-podman.noarch 33-1.module_el8.5.0+890+6b136101 AppStream
cockpit-session-recording.noarch 7-2.el8 AppStream
cockpit-storaged.noarch 251.1-1.el8 AppStream
cockpit-system.noarch 251.1-1.el8 base
cockpit-ws.x86_64 251.1-1.el8 base
subscription-manager-cockpit.noarch 1.28.21-3.el8 base
#检查cockpit是否开机自动启动,发现cockpit.socket 是disable状态
[root@wentan ~]# systemctl list-unit-files | grep cockpit
cockpit-motd.service static
cockpit.service static
cockpit.socket disabled
#启动cockpit这个服务
[root@wentan ~]# systemctl start cockpit.socket
[root@wentan ~]# systemctl enable cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.
#启动cockpit.service服务
[root@wentan ~]# systemctl start cockpit.service
[root@wentan ~]# systemctl status cockpit.service
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static; vendor preset:>
Active: active (running) since Wed 2022-01-19 10:41:40 CST; 17s ago
Docs: man:cockpit-ws(8)
Process: 8226 ExecStartPre=/usr/sbin/remotectl certificate --ensure --user=root >
Main PID: 8230 (cockpit-ws)
Tasks: 2 (limit: 23861)
Memory: 2.8M
CGroup: /system.slice/cockpit.service
└─8230 /usr/libexec/cockpit-ws
防火墙策略:
可以关闭系统防火墙或者选择防火墙放行
RHEL8系统默认已经放行了cockpit服务
firewall-cmd --add-service=cockpit --permanent
firewall-cmd --reload #重载以生效这个规则
最后RHEL系统的web控制台的地址为服务器ip地址的9090端口
192.168.253.128:9090 (服务器地址)
输入用户密码登录
二、日志系统 RSYSLOG
使用了日志消息类型和优先级来确定到底如何处理
日志系统的配置文件: /etc/rsyslog.conf
2.1 日志消息的类型:
| 类型 | 功能 |
|---|---|
| lpr | 打印相关的日志 |
| auth | 认证相关的日志 |
| user | 用户相关的日志 |
| cron | 计划任务相关的日志 |
| kern | 内核相关的日志 |
| 邮件相关的日志 | |
| daemon | 系统服务相关的日志 |
| authpri | 授权相关的日志 |
| security | 安全相关的日志 |
2.2 日志消息的优先级
从高到低 8个标准
| 关键字 | 优先级 | 内容 |
|---|---|---|
| none | 无 | 不记录任何信息 |
| EMERG | 级别 0 | 紧急,系统本身已经无法再运行必须马上拯救 |
| ALERT | 级别 1 | 警报,系统出现了重大错误必须马上处理的情况 |
| CRIT | 级别 2 | 严重,系统出现了严重的情况 |
| ERROR | 级别 3 | 错误,系统出现了错误的情况 |
| WARNING | 级别 4 | 警告,系统出现了需要警告的情况 |
| NOTICE | 级别 5 | 注意,系统出现了需要注意的情况 |
| INFO | 级别 6 | 信息,系统出现了一些情况 |
| DEBUG | 级别 7 | 调试,系统出现了程序或服务调试的情况 |
2.3 日志信息里的内容
(1)会记录日志发生的时间
(2)发送该日志消息的主机
(3)发送该日志消息的程序,哪个PID
(4)日志消息的主内容
三、ISCSI 实验
首先需要两台虚拟机,恢复初始化状态
一台命名为SAN-server 一台命名为SAN-client
安装yum 源,关闭防火墙,同时ISCSI需要额外安装一块硬盘
3.1 服务端配置
#服务端
[root@wentan ~]# hostnamectl set-hostname SAN-server
[root@wentan ~]# bash
#接下来需要安装ISCSI的工具
[root@SAN-server ~]# yum install -y targetcli
[root@SAN-server ~]# systemctl enable target
Created symlink /etc/systemd/system/multi-user.target.wants/target.service → /usr/lib/systemd/system/target.service.
[root@SAN-server ~]# systemctl start target
#分区选择一块共享给SAN客户
[root@SAN-server ~]# fdisk /dev/nvme0n2
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x31fc34c5.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1): 1
First sector (2048-41943039, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-41943039, default 41943039): +10G
Created a new partition 1 of type 'Linux' and of size 10 GiB.
Command (m for help): p
Disk /dev/nvme0n2: 20 GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x31fc34c5
Device Boot Start End Sectors Size Id Type
/dev/nvme0n2p1 2048 20973567 20971520 10G 83 Linux
Command (m for help): m
Help:
DOS (MBR)
a toggle a bootable flag
b edit nested BSD disklabel
c toggle the dos compatibility flag
Generic
d delete a partition
F list free unpartitioned space
l list known partition types
n add a new partition
p print the partition table
t change a partition type
v verify the partition table
i print information about a partition
Misc
m print this menu
u change display/entry units
x extra functionality (experts only)
Script
I load disk layout from sfdisk script file
O dump disk layout to sfdisk script file
Save & Exit
w write table to disk and exit
q quit without saving changes
Create a new label
g create a new empty GPT partition table
G create a new empty SGI (IRIX) partition table
o create a new empty DOS partition table
s create a new empty Sun partition table
Command (m for help): t
Selected partition 1
Hex code (type L to list all codes): l
0 Empty 24 NEC DOS 81 Minix / old Lin bf Solaris
1 FAT12 27 Hidden NTFS Win 82 Linux swap / So c1 DRDOS/sec (FAT-
2 XENIX root 39 Plan 9 83 Linux c4 DRDOS/sec (FAT-
3 XENIX usr 3c PartitionMagic 84 OS/2 hidden or c6 DRDOS/sec (FAT-
4 FAT16 <32M 40 Venix 80286 85 Linux extended c7 Syrinx
5 Extended 41 PPC PReP Boot 86 NTFS volume set da Non-FS data
6 FAT16 42 SFS 87 NTFS volume set db CP/M / CTOS / .
7 HPFS/NTFS/exFAT 4d QNX4.x 88 Linux plaintext de Dell Utility
8 AIX 4e QNX4.x 2nd part 8e Linux LVM df BootIt
9 AIX bootable 4f QNX4.x 3rd part 93 Amoeba e1 DOS access
a OS/2 Boot Manag 50 OnTrack DM 94 Amoeba BBT e3 DOS R/O
b W95 FAT32 51 OnTrack DM6 Aux 9f BSD/OS e4 SpeedStor
c W95 FAT32 (LBA) 52 CP/M a0 IBM Thinkpad hi ea Rufus alignment
e W95 FAT16 (LBA) 53 OnTrack DM6 Aux a5 FreeBSD eb BeOS fs
f W95 Ext'd (LBA) 54 OnTrackDM6 a6 OpenBSD ee GPT
10 OPUS 55 EZ-Drive a7 NeXTSTEP ef EFI (FAT-12/16/
11 Hidden FAT12 56 Golden Bow a8 Darwin UFS f0 Linux/PA-RISC b
12 Compaq diagnost 5c Priam Edisk a9 NetBSD f1 SpeedStor
14 Hidden FAT16 <3 61 SpeedStor ab Darwin boot f4 SpeedStor
16 Hidden FAT16 63 GNU HURD or Sys af HFS / HFS+ f2 DOS secondary
17 Hidden HPFS/NTF 64 Novell Netware b7 BSDI fs fb VMware VMFS
18 AST SmartSleep 65 Novell Netware b8 BSDI swap fc VMware VMKCORE
1b Hidden W95 FAT3 70 DiskSecure Mult bb Boot Wizard hid fd Linux raid auto
1c Hidden W95 FAT3 75 PC/IX bc Acronis FAT32 L fe LANstep
1e Hidden W95 FAT1 80 Old Minix be Solaris boot ff BBT
Hex code (type L to list all codes): 8e
Changed type of partition 'Linux' to 'Linux LVM'.
Command (m for help): p
Disk /dev/nvme0n2: 20 GiB, 21474836480 bytes, 41943040 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x31fc34c5
Device Boot Start End Sectors Size Id Type
/dev/nvme0n2p1 2048 20973567 20971520 10G 8e Linux LVM
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
[root@SAN-server ~]# pvcreate /dev/nvme0n2p1
Physical volume "/dev/nvme0n2p1" successfully created.
[root@SAN-server ~]# vgcreate iscsi_vg /dev/nvme0n2p1
Volume group "iscsi_vg" successfully created
[root@SAN-server ~]# lvcreate -n iscsi_store -l 100%VG iscsi_vg
Logical volume "iscsi_store" created.
#接下来通过targetcli 工具来做SAN网络共享
[root@SAN-server ~]# targetcli
Warning: Could not load preferences file /root/.targetcli/prefs.bin.
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> backstores/block create name=iscsi_store dev=/dev/iscsi_vg/iscsi_store
Created block storage object iscsi_store using /dev/iscsi_vg/iscsi_store.
/> iscsi/ create iqn.2022-01.com.example:iscsi.server
Created target iqn.2022-01.com.example:iscsi.server.
Created TPG 1.
Global pref auto_add_default_portal=true
Created default portal listening on all IPs (0.0.0.0), port 3260.
/> cd iscsi/iqn.2022-01.com.example:iscsi.server/
/iscsi/iqn.20...:iscsi.server> cd tpg1/
/iscsi/iqn.20...i.server/tpg1> luns/ create /backstores/block/iscsi_store
Created LUN 0.
/iscsi/iqn.20...i.server/tpg1> acls/ create iqn.2022-01.com.example:iscsi.client
Created Node ACL for iqn.2022-01.com.example:iscsi.client
Created mapped LUN 0.
/iscsi/iqn.20...i.server/tpg1> portals/ create 192.168.253.128 3260
Using default IP port 3260
Could not create NetworkPortal in configFS
/iscsi/iqn.20...i.server/tpg1> set attribute authentication=0
Parameter authentication is now '0'.
/iscsi/iqn.20...i.server/tpg1> set attribute generate_node_acls=0
Parameter generate_node_acls is now '0'.
/iscsi/iqn.20...i.server/tpg1> cd ..
/iscsi/iqn.20...:iscsi.server> cd ..
/iscsi> cd ..
/> saveconfig
Configuration saved to /etc/target/saveconfig.json
/> exit
Global pref auto_save_on_exit=true
Last 10 configs saved in /etc/target/backup/.
Configuration saved to /etc/target/saveconfig.json
[root@SAN-server ~]# targetcli
targetcli shell version 2.1.53
Copyright 2011-2013 by Datera, Inc and others.
For help on commands, type 'help'.
/> ls
o- / ........................................................................ [...]
o- backstores ............................................................. [...]
| o- block ................................................. [Storage Objects: 1]
| | o- iscsi_store ... [/dev/iscsi_vg/iscsi_store (10.0GiB) write-thru activated]
| | o- alua .................................................. [ALUA Groups: 1]
| | o- default_tg_pt_gp ...................... [ALUA state: Active/optimized]
| o- fileio ................................................ [Storage Objects: 0]
| o- pscsi ................................................. [Storage Objects: 0]
| o- ramdisk ............................................... [Storage Objects: 0]
o- iscsi ........................................................... [Targets: 1]
| o- iqn.2022-01.com.example:iscsi.server ............................. [TPGs: 1]
| o- tpg1 .............................................. [no-gen-acls, no-auth]
| o- acls ......................................................... [ACLs: 1]
| | o- iqn.2022-01.com.example:iscsi.client ................ [Mapped LUNs: 1]
| | o- mapped_lun0 .......................... [lun0 block/iscsi_store (rw)]
| o- luns ......................................................... [LUNs: 1]
| | o- lun0 [block/iscsi_store (/dev/iscsi_vg/iscsi_store) (default_tg_pt_gp)]
| o- portals ................................................... [Portals: 1]
| o- 0.0.0.0:3260 .................................................... [OK]
o- loopback ........................................................ [Targets: 0]
/> exit
3.2 客户端配置
#客户端
[root@wentan ~]# hostnamectl set-hostname SAN-client
[root@wentan ~]# bash
#安装iscsi看客户端初始化工具
[root@SAN-client ~]# yum install -y iscsi-initiator-utils
[root@SAN-client ~]# vim /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2022-01.com.example:iscsi.client
#接下来允许iscsi服务,开启iscsi服务
[root@SAN-client ~]# systemctl enable iscsi iscsid.service
Created symlink /etc/systemd/system/remote-fs.target.wants/iscsi.service → /usr/lib/systemd/system/iscsi.service.
Created symlink /etc/systemd/system/multi-user.target.wants/iscsid.service → /usr/lib/systemd/system/iscsid.service.
[root@SAN-client ~]# systemctl start iscsi iscsid.service
#接下来通过iscsi的发现机制 来发现对方ip地址是否有共享给我的存储
[root@SAN-client ~]# iscsiadm -m discovery -t st -p 192.168.253.128
192.168.253.128:3260,1 iqn.2022-01.com.example:iscsi.server
#选择自动的挂上SAN
[root@SAN-client ~]# iscsiadm -m node -l
Logging in to [iface: default, target: iqn.2022-01.com.example:iscsi.server, portal: 192.168.253.128,3260]
Login to [iface: default, target: iqn.2022-01.com.example:iscsi.server, portal: 192.168.253.128,3260] successful.
#接下来发现这块设备,发现名字为sda 大小为10G
[root@SAN-client ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10G 0 disk
sr0 11:0 1 1024M 0 rom
nvme0n1 259:0 0 25G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
└─nvme0n1p2 259:2 0 24G 0 part
├─rhel-root 253:0 0 22G 0 lvm /
└─rhel-swap 253:1 0 2G 0 lvm [SWAP]
#我们需要对这块硬盘做分区
[root@SAN-client ~]# fdisk /dev/sda
Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS disklabel with disk identifier 0x80e3c182.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1): 1
First sector (2048-20963327, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-20963327, default 20963327): +5G
Created a new partition 1 of type 'Linux' and of size 5 GiB.
Command (m for help): p
Disk /dev/sda: 10 GiB, 10733223936 bytes, 20963328 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 1048576 bytes
Disklabel type: dos
Disk identifier: 0x80e3c182
Device Boot Start End Sectors Size Id Type
/dev/sda1 2048 10487807 10485760 5G 83 Linux
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
#把分区做成文件系统 ext4格式
[root@SAN-client ~]# mkfs.ext4 /dev/sda1
mke2fs 1.44.3 (10-July-2018)
Creating filesystem with 1310720 4k blocks and 327680 inodes
Filesystem UUID: ac62797b-da6c-4bf3-a09b-7808b6081ebf
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736
Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
#编辑自动挂载列表
[root@SAN-client ~]# vim /etc/fstab
/dev/sda1 /SAN ext4 defaults 0 0
[root@SAN-client ~]# mkdir /SAN
[root@SAN-client ~]# mount -a
[root@SAN-client ~]# df -hT
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs tmpfs 1.9G 10M 1.9G 1% /run
tmpfs tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/rhel-root xfs 22G 4.2G 18G 19% /
/dev/nvme0n1p1 xfs 1014M 169M 846M 17% /boot
tmpfs tmpfs 376M 16K 376M 1% /run/user/42
tmpfs tmpfs 376M 4.6M 372M 2% /run/user/1000
tmpfs tmpfs 376M 4.0K 376M 1% /run/user/0
/dev/sda1 ext4 4.9G 20M 4.6G 1% /SAN
#到这里就全都成功了
四、归档和(解)压缩
归档和压缩的区别
归档就是把多个文件归到一起,他不是压缩,并不能压缩大小
4.1 归档
tar -cvf 归档文件夹名 归档文件1 归档文件2
tar -cvf txt 123.txt 12.txt
解档:tar -xvf 文档名
4.2 压缩
gzip bzip两种压缩方法
Gzip:压缩速度快 压缩效率高 tar -zvcf
Bzip:压缩速率慢 压缩比例高 节省空间 tar -jvcf
[root@SAN-server dwt]# tar -zvcf gd.tar.gz test.pdf 222.txt 321.txt
test.pdf
222.txt
321.txt
[root@SAN-server dwt]# tar -jvcf gd.tar.bz test.pdf 222.txt 321.txt
test.pdf
222.txt
321.txt
[root@SAN-server dwt]# ll
total 7796
-rw-r--r--. 1 root root 13 Jan 15 11:23 222.txt
-rwxrw-r-x+ 1 root wentan 240 Jan 11 11:43 321.txt
drwxr-xr-x. 2 root root 6 Jan 11 11:04 back
drwxr-xr-x. 2 root root 22 Jan 8 15:21 etc
-rw-r--r--. 1 root root 2642757 Jan 19 16:00 gd.tar.bz
-rw-r--r--. 1 root root 2631479 Jan 19 15:59 gd.tar.gz
drwxr-xr-x. 2 root root 6 Jan 19 15:54 test
-rw-r--r--. 1 root root 2692317 Jan 19 15:51 test.pdf
4.3 解压缩
Gzip: tar -zvxf 压缩包名
Bzip: tar -jvxf 压缩包名
[root@SAN-server dwt]# ll
total 5156
drwxr-xr-x. 2 root root 6 Jan 11 11:04 back
drwxr-xr-x. 2 root root 22 Jan 8 15:21 etc
-rw-r--r--. 1 root root 2642757 Jan 19 16:00 gd.tar.bz
-rw-r--r--. 1 root root 2631479 Jan 19 15:59 gd.tar.gz
drwxr-xr-x. 2 root root 6 Jan 19 15:54 test
[root@SAN-server dwt]# tar -zvxf gd.tar.gz
test.pdf
222.txt
321.txt
[root@SAN-server dwt]# ll
total 7796
-rw-r--r--. 1 root root 13 Jan 15 11:23 222.txt
-rwxrw-r-x. 1 root wentan 240 Jan 11 11:43 321.txt
drwxr-xr-x. 2 root root 6 Jan 11 11:04 back
drwxr-xr-x. 2 root root 22 Jan 8 15:21 etc
-rw-r--r--. 1 root root 2642757 Jan 19 16:00 gd.tar.bz
-rw-r--r--. 1 root root 2631479 Jan 19 15:59 gd.tar.gz
drwxr-xr-x. 2 root root 6 Jan 19 15:54 test
-rw-r--r--. 1 root root 2692317 Jan 19 15:51 test.pdf
不管是压缩还是归档都是:
压缩命令+ 压缩后文件包的名+ 需要压缩的文件(可以好多个)
建议GZIP文件是以tar.gz结尾
BZIP文件是以tar.bz结尾
五、Linux内核
内核就是操作系统的核心部分
5.1 redhat内核的功能:
1.系统初始化:检测硬件资源并启动系统
2.进程调度 : 决定进程什么时候运行,以及运行多久
3.内存管理: 给运行的进程分配内存
4.安全:支持权限,支持selinux ,支持防火墙 支持iptables
5.支持标准网络,文件系统
具体可以参考kernel-doc
5.2 内核的组成
多个内核版本可以共存的
内核的组成如下
/boot/vmlinuz-4.18.0-80.el8.x86_64 启动时用到的内核
/boot/initramfs-4.18.0-80.el8.x86_64.img 启动时提供必要模块的内核
/lib/modules/版本/内核模块
5.3 虚拟的文件系统/proc
进程信息 /proc/PID(数字)
cpu信息 /proc/cpuinfo
内存资料 /proc/meminfo
磁盘信息 /proc/partition
5.4 sysctl 配置内核参数
当前生效的内核配置参数都在 /pro/sys/
内核参数配置文件 /etc/sysctl.conf 系统启动时读取的参数
sysctl -a 显示所有的内核模块
一定要结合grep来使用
5.5 内核模块
内核模块: /lib/modules/内核版本
内核模块的相关命令:
lsmod 查看内核已经加载的模块
modinfo 模块名 查看这个模块的详细信息
视频讲解在微信公众号
问渠清源回复关键词视频即可观看