BIOS

R420提供了比一般操作系统更加丰富的BIOS,操作也变得复杂,核心工具为Dell Lifecycle Controller(简称DLC)。

根据开机提示,按F2可进入DLC,按F11可以进入Boot Manager等,因为开机很慢所以肯定来得及按,按完以后界面有明确提示。

除了上下左右以外,tab是控制光标位置的重要快捷键,而且界面不会提示。

其BIOS的语言选项中有简体中文的版本,可以根据需要选用。

继续阅读

CentOS

在崩溃地部署了n台服务器后终于大彻大悟…… 我特么早应该整一个这样的脚本…… 于是一台新服务器被我重置了又更新重置了又更新,测出了一下的东西^<^ # CentOS

set -e;
echo -e "请尽可能避免在有业务的机器上使用,避免影响已有业务;\n"
read -p "这个脚本只能给阿里云的CensOS7系统使用,是否继续?(y/n):" goon
if [ ! $goon == "y" ]; then
    exit 0
fi

read -p "设置hostname:" myhostname
if [[ ${myhostname} == "" ]];then
   echo "请不要设置为空的hostname";
else
   hostname ${myhostname};
fi

read -p "设置Docker镜像加速地址:" mirror

# ssh
sudo ssh-keygen
touch ~/.ssh/authorized_keys

sudo rpm –import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
sudo rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum install -y https://centos7.iuscommunity.org/ius-release.rpm
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache

# 基础配置
sudo yum update -y
sudo yum upgrade -y

# 安装常用工具
sudo yum install -y git vim lrzsz htop zsh sudo autojump-zsh python-pip psmisc lsof pass bzip2 linux-firmware perl python36u python36u-devel python36u-pip

# ZSH配置
chsh -s /bin/zsh
wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | sh
echo '[[ -s ~/.autojump/etc/profile.d/autojump.sh ]] && . ~/.autojump/etc/profile.d/autojump.sh' >> ~/.zshrc
sed -i 's/plugins=(git)/plugins=(git autojump extract)/' ~/.zshrc
sed -i 's/ZSH_THEME="robbyrussell"/ZSH_THEME="back"/' ~/.zshrc

cat <<-'EOF' >> ~/.oh-my-zsh/custom/themes/back.zsh-theme
local ret_status="%(?:%{$fg_bold[green]%}➜ :%{$fg_bold[red]%}➜ )"
PROMPT='${ret_status}%{$fg[yellow]%}[%M]%{$reset_color%}%{$fg[cyan]%}%c%{$reset_color%} $(git_prompt_info)'

ZSH_THEME_GIT_PROMPT_PREFIX="%{$fg_bold[blue]%}git:(%{$fg[red]%}"
ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%} "
ZSH_THEME_GIT_PROMPT_DIRTY="%{$fg[blue]%}) %{$fg[yellow]%}✗"
ZSH_THEME_GIT_PROMPT_CLEAN="%{$fg[blue]%})"
EOF

wget https://github.com/bcicen/ctop/releases/download/v0.7.2/ctop-0.7.2-linux-amd64 -O /usr/local/bin/ctop
chmod +x /usr/local/bin/ctop

cd /usr/bin;
mv pip pip.bak
ln -s pip3.6 pip
cd ~;

# 安装docker
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装 Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
# Step 4: 开启Docker服务
sudo systemctl start docker

# 开始配置
sudo mkdir -p /etc/docker
## 这段有点恶心但没找到好方法
sudo cat <<-'EOF' > /etc/docker/daemon.json
{
    "registry-mirrors": [
EOF

sudo echo "        \"${mirror}\"" >> /etc/docker/daemon.json

sudo cat <<-'EOF' >> /etc/docker/daemon.json
    ],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver":"overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

sudo cat <<-'EOF' >> /etc/sysctl.conf
# fix docker warning
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
EOF

# 优化网络服务

sudo cat <<-'EOF' >> /etc/security/limits.conf
* soft nofile 100000
* hard nofile 100000
root soft nofile 100000
root hard nofile 100000
* soft core unlimited
* hard core unlimited
root soft core unlimited
root hard core unlimited
EOF

sudo cat <<-'EOF' >> /etc/sysctl.conf
# network improve
net.unix.max_dgram_qlen = 128
net.ipv4.tcp_mem = 98304 131072 229376
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_rmem = 4096 87380 4194304
net.core.somaxconn = 4096
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
kernel.msgmnb = 4194304
kernel.msgmni = 128
kernel.msgmax = 8192
kernel.core_pattern = /data/core_files/core-%e-%p-%t
net.ipv4.tcp_max_syn_backlog = 8192
net.core.netdev_max_backlog = 1024
net.ipv4.ip_local_port_range = 20000 65535
net.ipv4.tcp_fin_timeout = 30

fx.file-max=100000
EOF

# 限制权限
chown root:root /etc/passwd /etc/shadow /etc/group /etc/gshadow
chmod 0644 /etc/group
chmod 0644 /etc/passwd
chmod 0400 /etc/shadow
chmod 0400 /etc/gshadow

sudo systemctl daemon-reload
sudo systemctl enable docker
sudo systemctl restart docker

# 随机内存地址
sysctl -w kernel.randomize_va_space=2

# 设置server端的ssh心跳帧
sudo cat <<-'EOF' >> /etc/ssh/sshd_config
ClientAliveInterval 30
ClientAliveCountMax 2
LogLevel INFO
Protocol 2
MaxAuthTries 4
Port 10022
EOF

# 安装docker-compose
sudo mkdir -p ~/.pip
sudo cat <<-'EOF' > ~/.pip/pip.conf
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF

sudo pip install --upgrade pip
sudo pip uninstall urllib3 chardet requests
sudo pip install requests
sudo pip install docker-compose

# 常用别名
cat <<-'EOF' >> /root/.oh-my-zsh/custom/alias.zsh
alias 'pt'='pstree -ap|grep '
alias 'vi'='vim'
alias 'la'='ls -lah'
alias 'net'='netstat -nalp'
alias 'docker-rm-none'='docker images|grep "<none>"|awk '\''{print $3}'\''|xargs docker rmi -f'
EOF

# VIM配置
cat <<-'EOF' >> /etc/vimrc
set paste
set showmode
set encoding=utf-8
set t_Co=256
filetype indent on
set autoindent
set tabstop=2
set shiftwidth=2
set ruler
EOF

# 最后处理
sudo yum update -y
sudo yum upgrade -y
sudo yum autoremove -y

# 重启
read -p "是否立即重启计算机?(y/n):" goon
if [ $goon == "y" ]; then
    sudo reboot
fi

意外收到阿里云容器服务的溪恒的回复和详细说明,感谢,并附录在文章末尾。

想试用一下阿里云的容器服务,结果要求内核是3.18+,然后整出一堆事情,都跟内核有关。

我现在使用的几个服务器都是CentOS,没辙,之前升级php7的时候Ubuntu14给我留下的印象实在太渣了,这也促使我后来转投CentOS……

然后这次轮到了CentOS,果然坑是踩不完的,首先查看了自己的操作系统内核是3.10+,显然是不够的,然后阿里云容器的文档又说推荐CentOS或者Ubuntu的操作系统,因为阿里云对这两个系统进行了严格的验证巴拉巴拉,于是乎考虑是那台租了两年多的老服务器操作系统版本太旧了,于是执行了停机操作,并查看能不能升级系统盘,当然,我只是打算看看现在可选的操作系统有没有新的版本,并没有真的升级系统

于是坑出现了,重新启动服务器的时候,服务器无法启动,最后提交工单才解决……

继续阅读

CentOS 7的服务systemctl脚本存放在:/usr/lib/systemd/,有系统(system)和用户(user)之分,像需要开机不登陆就能运行的程序,还是存在系统服务里吧,即:/usr/lib/systemd/system目录下
每一个服务以.service结尾,一般会分为3部分:[Unit]、[Service]和[Install]

继续阅读