1. 操作系统

  • centos6.5
  • centos7


2. 日常维护命令

2.1 软件管理使用 yum/rpm 命令(管理 mlocate 的示例)

# 查看操作系统版本,查看软件包版本
rpm -qi centos-release

# 查看软件文件安装的位置信息
rpm -ql mlocate

# 安装软件
yum install mlocate

# 搜索软件包
yum search mlocate

# 卸载软件
yum erase mlocate

# 列出安装的软件
yum list

# 列出已经安装的软件包
yum list installed

2.2 安全相关

# 安全更新
yum --security upgrade

# 防火墙
## 关闭防火墙
systemctl stop firewalld

## 启动防火墙
systemctl start firewalld

## 配置防火墙策略
vi /etc/sysconfig/iptables


# selinux 配置
## 查看状态
sestatus
## 输出
## SELinux status:                 enabled
## SELinuxfs mount:                /selinux
## Current mode:                   enforcing
## Mode from config file:          enforcing
## Policy version:                 21
## Policy from config file:        targeted

## 设置模式
setenforce 0

## 修改配置
vi /etc/sysconfig/selinux

2.3 服务启动停止

  • centos7 使用 systemctl 管理系统服务
  • centos6.5 使用 /etc/init.d/ 启动停止服务
## systemctl 常用命令(管理 haproxy 服务的示例)
systemctl status haproxy # 查看服务状态
systemctl start haproxy # 启动服务
systemctl stop haproxy # 停止服务


3. 常用系统性能查看命令

  • cpu
  • 内存
  • 磁盘
  • 网络

3.1 cpu

# cpu,内存,进程信息
top

# 功能更强的系统资源查看工具
htop

3.2 内存

free -mh

3.4 磁盘

# 检查硬盘使用情况
df -ah

# 查看磁盘设备信息
lsblk

# 安装磁盘检查工具
yum install sysstat

# 检查磁盘使用情况
iostat -x 2

3.4 网络

# 查看网络连接
ss -antp
netstat -antp

# 查看网卡实时流量
yum install nload
# 使用
nload

# 另一个带宽查看工具
yum install iftop
# 使用
iftop

# 安装常用的网络工具(可选,包含 dig, nslookup, arp, ifconfig, route, mtr, ethtool)
yum install net-tools ethtools mtr bin-utils

3.5 网络测速

# 安装 iperf3
yum install iperf3

# 服务端启动 iperf3
(py3env) [root@cdn-ngx-59 update_service]# iperf3 -s -p 3333
-----------------------------------------------------------
Server listening on 3333
-----------------------------------------------------------
Accepted connection from 10.77.77.52, port 53601
[  5] local 10.77.77.59 port 3333 connected to 10.77.77.52 port 53602
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-1.00   sec  2.06 GBytes  17.7 Gbits/sec
[  5]   1.00-2.00   sec  1021 MBytes  8.56 Gbits/sec
[  5]   2.00-3.00   sec  1.77 GBytes  15.2 Gbits/sec
[  5]   3.00-4.00   sec  1.02 GBytes  8.78 Gbits/sec
[  5]   4.00-5.00   sec  2.34 GBytes  20.1 Gbits/sec
[  5]   5.00-6.00   sec  1.04 GBytes  8.98 Gbits/sec
[  5]   6.00-7.00   sec  2.50 GBytes  21.5 Gbits/sec
[  5]   7.00-8.00   sec  1.18 GBytes  10.1 Gbits/sec
[  5]   8.00-9.00   sec  2.57 GBytes  22.1 Gbits/sec
[  5]   9.00-10.00  sec  1.17 GBytes  10.0 Gbits/sec
[  5]  10.00-10.04  sec  29.3 MBytes  6.46 Gbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-10.04  sec  0.00 Bytes  0.00 bits/sec                  sender
[  5]   0.00-10.04  sec  16.7 GBytes  14.3 Gbits/sec                  receiver
-----------------------------------------------------------
Server listening on 3333


# 客户端启动 iperf3
[root@localhost ~]# iperf3 -c 10.77.77.59 -p 3333
Connecting to host 10.77.77.59, port 3333
[  4] local 10.77.77.52 port 53602 connected to 10.77.77.59 port 3333
[ ID] Interval           Transfer     Bandwidth       Retr  Cwnd
[  4]   0.00-1.00   sec  2.18 GBytes  18.7 Gbits/sec    0   1.75 MBytes
[  4]   1.00-2.00   sec   932 MBytes  7.82 Gbits/sec    0   1.75 MBytes
[  4]   2.00-3.00   sec  1.83 GBytes  15.7 Gbits/sec    0   1.75 MBytes
[  4]   3.00-4.00   sec   985 MBytes  8.26 Gbits/sec    0   1.75 MBytes
[  4]   4.00-5.00   sec  2.41 GBytes  20.7 Gbits/sec    0   2.04 MBytes
[  4]   5.00-6.00   sec  1001 MBytes  8.40 Gbits/sec    0   2.04 MBytes
[  4]   6.00-7.00   sec  2.60 GBytes  22.3 Gbits/sec    0   2.04 MBytes
[  4]   7.00-8.00   sec  1.08 GBytes  9.30 Gbits/sec    0   2.04 MBytes
[  4]   8.00-9.00   sec  2.66 GBytes  22.9 Gbits/sec    0   2.13 MBytes
[  4]   9.00-10.00  sec  1.07 GBytes  9.22 Gbits/sec    0   2.13 MBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec  16.7 GBytes  14.3 Gbits/sec    0             sender
[  4]   0.00-10.00  sec  16.7 GBytes  14.3 Gbits/sec                  receiver

iperf Done.

3.6 压力测试工具

# ApacheBench(ab) 压力测试
yum install httpd-tools

[root@localhost ~]# ab -n 1000000 -c 100  http://10.77.77.59/
This is ApacheBench, Version 2.3 <$Revision: 1604373 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking 10.77.77.59 (be patient)
Completed 100000 requests
Completed 200000 requests
Completed 300000 requests
Completed 400000 requests
Completed 500000 requests
Completed 600000 requests
Completed 700000 requests
Completed 800000 requests
Completed 900000 requests
Completed 1000000 requests
Finished 1000000 requests


Server Software:        openresty/1.11.2.3
Server Hostname:        10.77.77.59
Server Port:            80

Document Path:          /
Document Length:        11 bytes

Concurrency Level:      100
Time taken for tests:   299.403 seconds
Complete requests:      1000000
Failed requests:        0
Total transferred:      159000000 bytes
HTML transferred:       11000000 bytes
Requests per second:    3339.98 [#/sec] (mean)
Time per request:       29.940 [ms] (mean)
Time per request:       0.299 [ms] (mean, across all concurrent requests)
Transfer rate:          518.61 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        1   23 139.8      4    7018
Processing:     0    7  26.5      4    3011
Waiting:        0    7  26.5      3    3010
Total:          2   30 142.7      8    7022

Percentage of the requests served within a certain time (ms)
  50%      8
  66%      9
  75%     10
  80%     11
  90%     17
  95%     22
  98%    220
  99%   1007
 100%   7022 (longest request)


4. 线上常用的服务程序

  • haproxy/nginx slb负载均衡
  • mysql 数据库
  • elk 日志收集(待完善)
  • zabbix 监控(待完善)

4.1 haproxy 安装使用

# 安装服务
yum install haproxy

# 启动
systemctl start haproxy
# 重启
systemctl restart haproxy
# 重新载入配置文件
systemctl reload haproxy

# 编辑配置文件
vi /etc/haproxy/haproxy.cfg

4.2 mysql 数据库安装使用

# 安装
## 先下载 mysql 源仓库配置文件,安装配置
wget mysql57-community-release-el7-8.noarch.rpm
yum install mysql57-community-release-el7-8.noarch.rpm

## 安装 mysql
yum install mysql-community-server

## 启动 mysql
systemctl start mysqld

## mysql 安装完成之后,在 /var/log/mysqld.log 文件中给 root 生成了一个临时密码
## 通过下面的方式找到 root 临时密码,然后登录 mysql 临时密码
grep 'temporary password' /var/log/mysqld.log

## 修改强密码验证策略(测试环境不需要强密码)
validate_password_policy=0
vi /etc/my.cnf

## 登陆数据库,修改临时密码
shell> mysql -uroot -p
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY '33';
right