Ubuntu1804(Server 版) 安装及使用
1 系统安装操作步骤
OS Version:1804
镜像下载: http://cdimage.ubuntu.com/releases/
1.1 选择安装语言:
1.2 安装界面选择第一项进行系统安装
1.3 选择安装过程中使用的语言, 也是系统安装完后使用的默认语言
1.4 选择地区, 这里先选择最后一项 other, 然后回车再选择 Asia, 最后选择 China
1.5 选择语言环境
1.6 键盘布局检查, 选择 NO
1.7 选择美式键盘
1.8 确认使用美式键盘
1.9 配置主机名
1.10 创建一个普通用户和为其设置密码
1.11 确认时区
1.12 选择磁盘分区的方法, 这里选手动分区
1.13 选择磁盘
1.14 确认对磁盘分区
1.15 对磁盘分区
1.16 创建新分区
1.17 指定分区大小, 这里将磁盘的全部大小划分给该分区
1.18 选择分区类型, 这里选主分区
1.19 分区完成
1.20 完成分区并写入数据
1.21 确认写入磁盘
1.22 是否使用代理, 这里不填
1.23 是否自动更新, 这里选择默认, 不自动更新
1.24 选择安装组件, 选择对应需要安装的组件, 然后按空格键, 这里选择 OpenSSH Server
1.25 将 GRUB 引导加载程序安装到主引导记录
1.26 完成安装, 确认重启服务器
1.27 登录系统
2 系统基础配置
官方文档: https://help.ubuntu.com/
2.1 更改主机名# cat /etc/hostname
hechunping
2.2 更改网卡名称为 eth*# sed -i '/GRUB_CMDLINE_LINUX=/s/"$/net.ifnames=0 biosdevname=0"/' /etc/default/grub
# update-grub
Sourcingfile`/etc/default/grub'
Generating grub configuration file ...
Found Linux image: /boot/vmlinuz-4.15.0-55-generic
Found initrd image: /boot/initrd.img-4.15.0-55-generic
done
# reboot
# sed -i 's/ens33/eth0/' /etc/netplan/01-netcfg.YAML
2.3 配置 root 远程登录# 默认情况下, Ubuntu 不允许 root?? 远程 SSH, 如果有实际场景需要允许 root?? 远程 SSH, 则需要设置 root 密码, 并且编辑 / etc/SSH/sshd_config? 件修改如下:
~$ sudo VIM/etc/SSH/sshd_config
32#PermitRootLogin prohibit-password #默认为禁? 登录
33PermitRootLoginyes#改为允许登录
57#PasswordAuthentication yes
58PasswordAuthenticationyes#打开密码认证, 其实默认就是允许通过密码认证登录
~$ sudo su-root#切换到 root?? 环境
~#passwd#设置密码
EnternewUNIX password:
RetypenewUNIX password:
passwd:password updated successfully
~#systemctl restart sshd#重启 SSH 服务并测试 root?? 远程 SSH 连接
2.4 网络配置
官方文档: https://netplan.io/
Ubuntu 从 17.10 开始, 已放弃在 /etc/network/interfaces ? 固定 IP 的配置,? 是改成 netplan ? 式, 配置? 件是:/etc/netplan/01-netcfg.YAML# Ubuntu 17.04 及之前的静态 IP 配置? 式:
~#cat/etc/network/interfaces
[emailprotected]:~#cat/etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
autolo
iface lo.NET loopback
autoeth0#? 卡? 启动, 写?? 要配置 IP 的实际? 卡名称
iface eth0.NETstatic#配置静态 IP, 写?? 要配置 IP 的实际? 卡名称
address172.18.3.12#IP 地址
netmask255.255.0.0#掩码
gateway172.18.0.1#? 关
dns-nameservers223.6.6.6#DNS
dns-nameservers223.5.5.5
# 重启? 络服务
~#/etc/init.d/networking restart
~#systemctl restart networking.service
2.4.1 单网卡静态 IP 地址[emailprotected]:~#cat/etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
addresses:[192.168.7.132/24]
gateway4:192.168.7.2
nameservers:
addresses:[223.6.6.6]
[emailprotected]:~#netplan apply
2.4.2 配置多网卡静态 IP# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6]
eth1:
dhcp4:no
addresses:[192.168.7.34/24]
routes:
-to:172.20.0.0/16
via:192.168.7.2
# netplan apply
2.4.3 单网卡桥接# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
bridges:
br0:
dhcp4:no
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6]
interfaces:
-eth0
# netplan apply
2.4.4 多网卡桥接
将 br0 和 br1 分别桥接到 eth0 和 eth1.# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
eth1:
dhcp4:no
bridges:
br0:
dhcp4:no
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6]
interfaces:
-eth0
br1:
dhcp4:no
addresses:[192.168.7.34/24]
routes:
-to:172.20.0.0/16
via:192.168.7.2
interfaces:
-eth1
[emailprotected]:~#netplan apply
2.4.5 双网卡绑定
需要提前安装好 bridge 命令, 两块网卡使用同一种网络模式# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
eth1:
dhcp4:no
bonds:
bond0:
interfaces:
-eth0
-eth1
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6,223.5.5.5]
parameters:
mode:active-backup
mii-monitor-interval:100
# poweroff
# netplan apply
2.4.6 双网卡绑定 + 桥接
? 卡绑定? 于提供? 卡接? 冗余以及? 可? 和端? 聚合功能, 桥接? 卡再给需要桥接设备的服务使?.# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
eth1:
dhcp4:no
bonds:
bond0:
interfaces:
-eth0
-eth1
parameters:
mode:active-backup
mii-monitor-interval:100
bridges:
br0:
dhcp4:no
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6,223.5.5.5]
interfaces:
-bond0
# netplan apply
2.4.7 内外多网卡绑定
多? 络情况下实现? 卡绑定. 这里使用桥接 (eth0,eth1) 和 NAT(eth2,eth3)两种网络模式# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
eth1:
dhcp4:no
eth2:
dhcp4:no
eth3:
dhcp4:no
bonds:
bond0:
interfaces:
-eth0
-eth1
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6,223.5.5.5]
parameters:
mode:active-backup
mii-monitor-interval:100
bond1:
interfaces:
-eth2
-eth3
addresses:[192.168.7.34/24]
parameters:
mode:active-backup
mii-monitor-interval:100
routes:
-to:172.20.0.0/16
via:192.168.7.2
# netplan apply
2.4.8 内外多网卡绑定 + 桥接# cat /etc/netplan/01-netcfg.YAML
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version:2
renderer:networkd
ethernets:
eth0:
dhcp4:no
eth1:
dhcp4:no
eth2:
dhcp4:no
eth3:
dhcp4:no
bonds:
bond0:
interfaces:
-eth0
-eth1
parameters:
mode:active-backup
mii-monitor-interval:100
bond1:
interfaces:
-eth2
-eth3
parameters:
mode:active-backup
mii-monitor-interval:100
bridges:
br0:
dhcp4:no
addresses:[172.20.7.34/16]
gateway4:172.20.0.1
nameservers:
addresses:[223.6.6.6,223.5.5.5]
interfaces:
-bond0
br1:
dhcp4:no
addresses:[192.168.7.34/24]
routes:
-to:172.20.0.0/16
via:192.168.7.2
interfaces:
-bond1
# netplan apply
3 软件包管理
3.1 修改软件仓库地址
阿? 云仓库地址: https://developer.aliyun.com/mirror
中科?:http://mirrors.ustc.edu.cn/help/ubuntu.html
清华? 学: https://mirror.tuna.tsinghua.edu.cn/help/ubuntu/
华为: https://mirrors.huaweicloud.com/
###### 清华源配置 ######
Ubuntu 的软件源配置文件是 /etc/apt/sources.list. 将系统自带的该文件做个备份, 将该文件替换为下面内容, 即可使用 TUNA 的软件源镜像.# cd /etc/apt/
# cp -p sources.list sources.list.bak
# VIM sources.list
# 默认注释了源码镜像以提高 apt update 速度, 如有需要可自行取消注释
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
# 预发布软件源, 不建议启用
# deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
# deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
# apt update #更新本地软件包列表索引, 修改了 apt 仓库后必须执?
###### 阿里源配置 ######
# sed -i 's/cn.archive.ubuntu/mirrors.aliyun/' /etc/apt/sources.list
# apt update #更新本地软件包列表索引, 修改了 apt 仓库后必须执?
3.2 apt 工具使用apt list#apt 列出仓库软件包, 等于 yum list
apt search NAME#搜索安装包
apt show apache2#查看某个安装包的详细信息
apt install apache2#在线安装软件包
aptremoveapache2#卸载单个软件包但是保留配置? 件
apt autoremove apache2#删除安装包并解决依赖关系
apt update#更新本地软件包列表索引, 修改了 apt 仓库后必须执?
apt purge apache2#卸载单个软件包删除配置? 件
apt upgrade#升级所有已安装且可升级到新版本的软件包
apt full-upgrade#升级整个系统, 必要时可以移除旧软件包.
apt edit-sources#编辑 source 源? 件
apt-cache madison nginx#查看仓库中软件包有哪些版本可以安装
apt install nginx=1.14.0-0ubuntu1.6#安装软件包的时候指定安装具体的版本
3.3 dpkg 安装包管理
rpm:RPM(Red Hat Package Manager), 是基于 Red hat 的 Linux Distribution 的包管理系统, 同时也指 rpm 包本?,RPM? 于 rpm 包的管理(诸如安装, 卸载, 升级等)
"dpkg" 是 "Debian Packager" 的简写, 为 "Debian" 专? 开发的套件管理系统,? 便软件的安装, 更新及移除. 所有源?"Debian" 的 "Linux" 发? 版都使? "dpkg", 例如 "Ubuntu","Knoppix" 等.dpkg-iGitLab-ce_11.9.8-ce.0_amd64.deb#安装某个软件包
dpkg-rGitLab-ce#删除某个软件包保留配置? 件
dpkg-r-PGitLab-ce#删除某个软件包不保留配置? 件
dpkg-IGitLab-ce_11.9.8-ce.0_amd64.deb#查看软件包信息
dpkg-cGitLab-ce_11.9.8-ce.0_amd64.deb#查看软件包内的? 件及? 录内容
dpkg-l#列出本机已经安装的所有软件
3.4 设置 oracle JDK 环境# pwd
/usr/local/src
解压? 进制? 件并设置软连接:# tar xf jdk-8u212-Linux-x64.tar.gz
# ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
配置环境变量:# VIM /etc/profile
exportJAVA_HOME=/usr/local/jdk
exportPATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
exportCLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
重新导? 环境变量并验证:# source /etc/profile
# java -version
java version"1.8.0_212"
Java(TM)SERuntimeEnvironment(build1.8.0_212-b10)
JavaHotSpot(TM)64-BitServerVM(build25.212-b10,mixed mode)
3.5 安装 OpenJDK
# apt install openjdk-8-jdk
3.6 安装常? 系统命令# apt purge ufw lxd lxd-client lxcfs lxc-common
# apt install iproute2 ntpdate tcpdump telnet traceroute nfs-kernel-server nfs-common lrzsz tree openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev ntpdate tcpdump telnet traceroute gcc openssh-server lrzsz tree openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev ntpdate tcpdump telnet traceroute iotop unzip zip
3.7 系统资源限制优化#cat /etc/security/limits.conf
#root 账? 的资源软限制和硬限制
root soft core unlimited
root hard core unlimited
root soft nproc1000000
root hard nproc1000000
root soft nofile1000000
root hard nofile1000000
root soft memlock32000
root hard memlock32000
root soft msgqueue8192000
root hard msgqueue8192000
# 其他账? 的资源软限制和硬限制
*soft core unlimited
*hard core unlimited
*soft nproc1000000
*hard nproc1000000
*soft nofile1000000
*hard nofile1000000
*soft memlock32000
*hard memlock32000
*soft msgqueue8192000
*hard msgqueue8192000
3.8e 内核参数优化# Controls source route verification
net.ipv4.conf.default.rp_filter=1
net.ipv4.ip_nonlocal_bind=1
net.ipv4.ip_forward=1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route=0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq=0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid=1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies=1
# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables=0
net.bridge.bridge-nf-call-iptables=0
net.bridge.bridge-nf-call-arptables=0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb=65536
# # Controls the maximum size of a message, in bytes
kernel.msgmax=65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax=68719476736
# # Controls the maximum number of shared memory segments, in pages
kernel.shmall=4294967296
# TCP kernel paramater
net.ipv4.tcp_mem=78643210485761572864
net.ipv4.tcp_rmem=4096873804194304
net.ipv4.tcp_wmem=4096163844194304
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_sack=1
# socket buffer
net.core.wmem_default=8388608
net.core.rmem_default=8388608
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.core.netdev_max_backlog=262144
net.core.somaxconn=20480
net.core.optmem_max=81920
# TCP conn
net.ipv4.tcp_max_syn_backlog=262144
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_retries1=3
net.ipv4.tcp_retries2=15
# tcp conn reuse
net.ipv4.tcp_timestamps=0
net.ipv4.tcp_tw_reuse=0
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=1
net.ipv4.tcp_max_tw_buckets=20000
net.ipv4.tcp_max_orphans=3276800
net.ipv4.tcp_synack_retries=1
net.ipv4.tcp_syncookies=1
# keepalive conn
net.ipv4.tcp_keepalive_time=300
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=3
net.ipv4.ip_local_port_range=1000165000
# swap
vm.overcommit_memory=0
vm.swappiness=10
#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2
Ubuntu1804(Server 版)安装及使用
来源: http://www.bubuko.com/infodetail-3355286.html