Difference between revisions of "系统安装"
Jump to navigation
Jump to search
| (42 intermediate revisions by the same user not shown) | |||
| Line 15: | Line 15: | ||
==== '''linux命令集''' ==== | ==== '''linux命令集''' ==== | ||
===== 用户管理 ===== | ===== 用户管理 ===== | ||
| − | useradd -M -o -r -d /home/mysql -s /bin/bash -c "MySQL Server" -u 27 mysql | + | sudo useradd -M -o -r -d /home/mysql -s /bin/bash -c "MySQL Server" -u 27 mysql |
| + | sudo useradd -m -d /home2/openvpn -s /bin/bash -G jim openvpn | ||
| − | groupadd | + | groupadd |
| Line 170: | Line 171: | ||
==== OPENVPN ==== | ==== OPENVPN ==== | ||
===== misc ===== | ===== misc ===== | ||
| + | ssh -L 192.168.32.62:8096:127.0.0.1:8096 jim@34.173.120.252 | ||
| + | ssh -L 192.168.32.62:8092:127.0.0.1:8092 root@154.204.45.162 | ||
| + | |||
===== route ===== | ===== route ===== | ||
Local Route: | Local Route: | ||
| Line 273: | Line 277: | ||
--network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:10 \ | --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:10 \ | ||
--graphics vnc --accelerate --boot hd | --graphics vnc --accelerate --boot hd | ||
| + | |||
| + | Creat K8S With SYS and Data Disks: | ||
| + | sudo virt-install --name=BASE200.2.31.54.k8s --ram 32000 --vcpus=16 \ | ||
| + | --os-variant=ubuntu20.04 \ | ||
| + | --disk path=/home/jim/KVMs/BASE200.2.31.54.k8s.sys.img,format=raw \ | ||
| + | --disk path=/home/jim/KVMs/K8S.1.data.img,format=raw \ | ||
| + | --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:36 \ | ||
| + | --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:36 \ | ||
| + | --graphics vnc --accelerate --boot hd | ||
| + | |||
| + | |||
| + | ======= PassThrough USB ports: ======= | ||
| + | Host: | ||
| + | # lsusb | ||
| + | ... | ||
| + | Bus 002 Device 003: ID 18d1:4e11 Google Inc. Nexus One | ||
| + | #/usr/bin/qemu-kvm -m 1024 -name f15 -drive file=/images/f15.img,if=virtio -usb -device usb-host,hostbus=2,hostaddr=3 | ||
===== Maintain VM ===== | ===== Maintain VM ===== | ||
| Line 292: | Line 313: | ||
sudo apt install libguestfs-tools | sudo apt install libguestfs-tools | ||
sudo virt-edit -d BASE200.1.31.2.router /etc/profile.d/rc.local.sh | sudo virt-edit -d BASE200.1.31.2.router /etc/profile.d/rc.local.sh | ||
| + | |||
| + | ==== Kubernete Setup ==== | ||
| + | ===== VM setup ===== | ||
| + | |||
| + | sudo virt-install --name=BASE200.1.31.52.k8s.master --ram 4096 --vcpus=2 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.52.k8s.master.sys.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:34 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:34 --graphics vnc --accelerate --boot hd | ||
| + | |||
| + | qemu-img create -f raw K8S.node00.data.img 200G | ||
| + | qemu-img create -f raw K8S.node01.data.img 200G | ||
| + | |||
| + | sudo virt-install --name=BASE200.2.31.53.k8s.node00 --ram 8000 --vcpus=4 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.53.k8s.node00.sys.img,format=raw --disk path=/home/jim/KVMs/K8S.node00.data.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:35 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:35 --graphics vnc --accelerate --boot hd | ||
| + | sudo virt-install --name=BASE200.2.31.54.k8s.node01 --ram 8000 --vcpus=4 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.54.k8s.node01.sys.img,format=raw --disk path=/home/jim/KVMs/K8S.node01.data.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:36 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:36 --graphics vnc --accelerate --boot hd | ||
| + | |||
| + | |||
| + | virsh --connect qemu:///system start BASE200.1.31.52.k8s.master | ||
| + | |||
| + | sudo hostnamectl set-hostname k8s-master | ||
| + | sudo hostnamectl set-hostname k8s-node00 | ||
| + | sudo hostnamectl set-hostname k8s-node01 | ||
| + | |||
| + | ===== INSTALL ===== | ||
| + | |||
| + | ====== docker ====== | ||
| + | sudo apt update | ||
| + | sudo apt install docker.io | ||
| + | |||
| + | sudo tee /etc/docker/daemon.json << EOF | ||
| + | {-----BEGIN CERTIFICATE----- | ||
| + | EOF | ||
| + | |||
| + | sudo tee /etc/docker/daemon.json << EOF | ||
| + | { | ||
| + | "registry-mirrors": ["https://ffvpn.net", "https://lk8iycdu.mirror.aliyuncs.com"], | ||
| + | "exec-opts": ["native.cgroupdriver=systemd"], | ||
| + | "log-driver": "json-file", | ||
| + | "log-opts": { | ||
| + | "max-size": "100m" | ||
| + | }, | ||
| + | "storage-driver": "overlay2" | ||
| + | } | ||
| + | EOF | ||
| + | |||
| + | ====== docker-compose ====== | ||
| + | sudo apt install docker-compose-v2 | ||
| + | sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose | ||
| + | |||
| + | ====== Docker Pods setup ====== | ||
| + | |||
| + | $docker run -d \ | ||
| + | --name my-pod-infra \ # 基础容器名(模拟 Pod 名称) | ||
| + | -p 8080:80 \ # 主机端口 8080 映射到基础容器的 80 端口(后续实例可复用) | ||
| + | registry.k8s.io/pause:3.9 | ||
| + | |||
| + | ====== registry/mirror ====== | ||
| + | /etc/docker/certs.d/ffvpn.net/ca.crt <--- ubuntu160:/etc/letsencrypt/archive/ffvpn.net/cert23.pem | ||
| + | /etc/docker/daemon.json | ||
| + | "registry-mirrors": ["https://lk8iycdu.mirror.aliyuncs.com"], | ||
| + | |||
| + | docker exec -it my-pod-nginx-1 /bin/s | ||
| + | docker stop my-pod-infra my-pod-nginx-1 my-pod-nginx-2 | ||
| + | docker start my-pod-infra my-pod-nginx-1 my-pod-nginx-2 | ||
| + | docker rm -f my-pod-infra my-pod-nginx-1 my-pod-nginx-2 | ||
| + | |||
| + | sudo usermod -aG docker $USER | ||
| + | newgrp docker | ||
| + | |||
| + | [jim@k8s-master /etc/ssl/certs] | ||
| + | $sudo ln -s /home/jim/cert23.pem cert23.pem | ||
| + | |||
| + | |||
| + | [jim@ubuntu96 ~] | ||
| + | $sudo docker run -d --name registry -p 443:5000 -v /home/docker.mirror:/var/lib/registry -v /home/jim/register.cert/ffvpn.net:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/cert23.pem -e REGISTRY_HTTP_TLS_KEY=/certs/privkey23.pem lk8iycdu.mirror.aliyuncs.com/library/registry:2 | ||
| + | |||
| + | $sudo docker ps | ||
| + | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | ||
| + | 24f880e0771f lk8iycdu.mirror.aliyuncs.com/library/registry:2 "/entrypoint.sh /etc…" 4 days ago Up 23 hours 0.0.0.0:443->5000/tcp, :::443->5000/tcp registry | ||
| + | |||
| + | ====== image operations ====== | ||
| + | docker save -o myimages.tar image1:tag1 [image2:tag2] | ||
| + | sudo chown cloveropen:cloveropen myimages.tar | ||
| + | docker load -i myimage.tar | docker load < myimages.tar | ||
| + | |||
| + | ====== openvpn/macvlan ====== | ||
| + | sudo brctl stp br0 off | ||
| + | sudo sysctl -w net.ipv4.ip_forward=1 && sudo sysctl -p | ||
| + | sudo docker network create -d macvlan \ | ||
| + | --subnet=SUBNET \ | ||
| + | --gateway=GATEWAY \ | ||
| + | -o parent=PHY_IFACE \ | ||
| + | -o macvlan_mode=bridge # 显式指定 bridge 模式 | ||
| + | my-macvlan-net | ||
| + | |||
| + | ping to host net: | ||
| + | sudo ip link add macvlan-shim link br0 type macvlan mode bridge | ||
| + | sudo ip addr add 192.168.1.200/24 dev macvlan-shim | ||
| + | sudo ip link set macvlan-shim up | ||
| + | sudo ip route add 192.168.1.105/32 dev macvlan-shim # 容器 DHCP IP | ||
| + | |||
| + | ====== kuberlete ====== | ||
==== Sys Conf ==== | ==== Sys Conf ==== | ||
| + | ===== disk manage ===== | ||
| + | vgs | ||
| + | lvs | ||
| + | vgdisplay -v ubuntu-vg | ||
| + | lvdisplay -v /dev/ubuntu-vg/ubuntu-lv | ||
| + | |||
| + | lvremove /dev/ubuntu-vg/lvol0 | ||
| + | lvcreate -l 100 ubuntu-vg -n lv-0 | ||
| + | lvextend -l +1000 /dev/ubuntu-vg/lv-0 | ||
| + | |||
| + | mkfs -t ext4 /dev/ubuntu-vg/lv-0 | ||
| + | |||
===== g4u ===== | ===== g4u ===== | ||
iptables -t nat -A PREROUTING -p tcp --dport 22022 -j REDIRECT --to-ports 22022 | iptables -t nat -A PREROUTING -p tcp --dport 22022 -j REDIRECT --to-ports 22022 | ||
| Line 334: | Line 465: | ||
iptables -F TRAFFIC_IN | iptables -F TRAFFIC_IN | ||
iptables -F TRAFFIC_OUT | iptables -F TRAFFIC_OUT | ||
| + | |||
| + | ==== Win10 WSL ==== | ||
| + | Windows 10 version 2004 and higher (Build 19041 and higher) or Windows 11 | ||
| + | Win + R: winver | ||
| + | wsl -l -o | ||
| + | wsl --set-default-version <Version#>, replacing <Version#> with either 1 or 2. | ||
| + | wsl --setdefault <DistributionName> | ||
| + | wsl --install -d Ubuntu-18.04 | ||
| + | |||
| + | |||
| + | diskpart | ||
| + | >select vdisk file=C:\Users\gsw94\AppData\Local\Packages\CanonicalGroupLimited.UbuntuonWindows_79rhkp1fndgsc\LocalState\ext4.vhdx | ||
| + | >compact vdisk | ||
| + | >exit | ||
| + | |||
| + | wsl --list | ||
| + | wsl -l -v | ||
| + | wsl --list --online | ||
| + | wsl --terminate Ubuntu-18.04 | ||
| + | |||
| + | wsl --export Ubuntu-18.04 D:\Users\Ubuntu-18.04.tar | ||
| + | wsl --unregister Ubuntu-18.04 | ||
| + | wsl --import Ubuntu-18.04 D:\Users\Ubuntu-18.04 D:\Users\Ubuntu-18.04.tar | ||
| + | |||
| + | /etc/wsl.conf: | ||
| + | [automount] | ||
| + | enabled = true | ||
| + | root = /mnt/ | ||
| + | options = "metadata,uid=1000,gid=1000,umask=22,fmask=11" | ||
| + | mountFsTab = false | ||
| + | [user] | ||
| + | default = jim | ||
| + | |||
| + | meld crash issue: | ||
| + | sudo apt install gnome-icon-theme | ||
| + | |||
| + | sz rz: | ||
| + | zssh user@host | ||
| + | Ctrl+space to entery file transfer mode | ||
| + | 1. sz file -> Ctrl + Space -> rz | ||
| + | 2. Ctrl + Space -> sz file ( file will autoly rz by remote host ) | ||
| + | 3. Ctrl + Space -> suspend ( enter local shell ) | ||
==== PeiRate Formula ==== | ==== PeiRate Formula ==== | ||
| Line 341: | Line 514: | ||
Fr: fee rate, 10% | Fr: fee rate, 10% | ||
| − | Pi = Sum( | + | Pi = Sum(Wn)/Wi; |
| − | Pj = Sum( | + | Pj = Sum(Wn)/Wj; |
| − | Pk = Sum( | + | Pk = Sum(Wn)/Wk; |
PUi = (Pi - 1) * (1 - Fr) + 1 | PUi = (Pi - 1) * (1 - Fr) + 1 | ||
PUi = Pi * (1 - Fr) | PUi = Pi * (1 - Fr) | ||
| − | + | '''zcjc_order''': | |
| − | + | * usr_id | |
| − | + | * zcjc_id | |
| − | + | * pei_rate = PUi | |
| − | + | * peihaoN (order_num) 1~1000 | |
| − | + | * price 100 coins/peihao | |
| + | * pei_sum = pei_rate * peihaoN * price | ||
| + | ---- | ||
| + | '''zcjc_Sub''': | ||
| + | * peihaoN += order.peihaoN | ||
| + | * pei_sum += Pi * peihaoN * price | ||
| + | * peihaoN_stored = @ > order.peihaoN ? -= peihaoN : All: peihaoN_stored += Wj; | ||
| + | * peisum_stored = @ > pei_sum_i ? -= pei_sum_i : ~peisum_stored += pei_sum_i | ||
| + | * Pi = peisum_stored -= pei_sum_i ? Pi * ( 1 - 10%) : | ||
| + | * PiHigh = Pi * (1 + (pei_sum0 * (1 - Fr) - peisum_i)/peisum_stored) | ||
| + | * weight += Wi * (Pio - Pi)/Pio | ||
| + | |||
| + | ==== Kubnet ==== | ||
| + | kubectl get pods -A -o wide | ||
| + | kubectl cp /root/frr2-c1/ldpd.conf frr2-0:/etc/frr/ -n frr2 | ||
| + | kubectl exec -it frr2-0 /bin/bash -n frr2 | ||
| + | |||
| + | ==== ZCJC operations ==== | ||
| + | ds zci init | ||
| + | ds zci update | ||
| + | ds zci fstart (act_finit and act_start, special for zci 5(sh000)) | ||
| + | ds zci fupdate (act_fupdate act_done) | ||
| + | ds zci start | ||
| + | |||
| + | ds zci fstart 5 | ||
| + | ds zci update 5 zci_playerB_points 3030 | ||
| + | ds zci fupdate 5 3030 | ||
| + | |||
| + | |||
| + | |||
| + | ds zci fupdate 5 playB_points (playB_points is sh000 end points and update sh000 win_id acoording to playB_points) | ||
==== Wiki Demos ==== | ==== Wiki Demos ==== | ||
Latest revision as of 17:05, 13 February 2026
Contents
安装apache
- Change the www-data path from /var/www to /home/www
- Change the mysql database from /var/lib/mysql to /home/mysql
- $sudo vim /etc/mysql/my.cnf
- datadir = /home/mysql
- $sudo vim /etc/apparmor.d/usr.sbin.mysqld
- add two lines:
- /home/mysql/ r,
- /home/mysql/** rwk,
- $sudo /etc/init.d/mysql restart
pxe安装系统
linux命令集
用户管理
sudo useradd -M -o -r -d /home/mysql -s /bin/bash -c "MySQL Server" -u 27 mysql sudo useradd -m -d /home2/openvpn -s /bin/bash -G jim openvpn
groupadd
- sudo usermod -e 2014-04-21 user01
- sudo usermod -e 2014-04-21 user01
- sudo usermod -s /bin/false user01
- sudo useradd -d /home/user -G users -c "ssh Users"i -M user01
ssh命令用法
ssh -l root -R 2290:127.0.0.1:22 192.208.183.206 scp -r -P 2290 ~/Music jim@127.0.0.1:~/music/
#ssh -MNf -l root -R 8080:127.0.0.1:80 yellowjim.com #ssh-keygen -t rsa -C "<your UPI> <your email address>" #ssh-copy-id root@yellowjim.com
#alias sshL='nohup plink -N -v jim@192.168.1.82 -L 8080:127.0.0.1:8080 -pw 666666 2>&1 ssh.log &' #iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/24 -j SNAT --to 135.251.9.67 #iptables -t nat -D POSTROUTING -s 192.168.2.0/24 -j SNAT --to 135.251.9.67
ramfs用法
在Linux中可以将一部分内存mount为分区来使用,通常称之为RamDisk,分为:Ramdisk, ramfs, tmpfs.
1.Ramdisk
在编译内核时须将Device Drivers -->> Block devices -->> Ramdisk support 支持选上,它下面还有两个选项:第一个设定Ramdisk个数,默认16个;第二个是设定Ramdisk的大小,默认是4096k。
首先查看一下可用的RamDisk,使用ls /dev/ram*
然后对/dev/ram0 创建文件系统,运行mke2fs /dev/ram0
最后挂载 /dev/ram0,运行mount /dev/ram /mnt/test
2.ramfs
Ramfs顾名思义是内存文件系统,它处于虚拟文件系统(VFS)层,而不像ramdisk那样基于虚拟在内存中的其他文件系统(ex2fs)。
因而,它无需格式化,可以创建多个,只要内存足够,在创建时可以指定其最大能使用的内存大小。
在编译内核时须将File systems -->> pseudo filesystems -->> Virtual memory file system support支持选上。 # mount -t ramfs none /testRAM
缺省情况下,Ramfs被限制最多可使用内存大小的一半。可以通过maxsize(以kbyte为单位)选项来改变。 # mount -t ramfs none /testRAM -o maxsize=2000 (创建了一个限定最大使用内存为2M的ramdisk)
3.Tmpfs
是一个虚拟内存文件系统,它不同于传统的用块设备形式来实现的Ramdisk,也不同于针对物理内存的Ramfs。
Tmpfs可以使用物理内存,也可以使用交换分区。在Linux内核中,虚拟内存资源由物理内存(RAM)和交换分区组成,这些资源是由内核中的虚拟内存子系统来负责分配和管理。
Tmpfs向虚拟内存子系统请求页来存储文件,它同Linux的其它请求页的部分一样,不知道分配给自己的页是在内存中还是在交换分区中。同Ramfs一样,其大小也不是固定的,而是随着所需要的空间而动态的增减。
在编译内核时须将File systems -->> pseudo filesystems -->> Virtual memory file system support支持选上。
# mkdir -p /mnt/tmpfs
# mount tmpfs /mnt/tmpfs -t tmpfs
同样可以在加载时指定tmpfs文件系统大小的最大限制: # mount tmpfs /mnt/tmpfs -t tmpfs -o size=32m
autossh
root@iZ23wubte21Z:~# cat .alias alias autossh_90='export AUTOSSH_POLL=20 && autossh -M 22094 -f -qTnN -L 121.41.110.99:80:192.168.1.90:80 -p 22090 jim@localhost' alias fw0='iptables -P INPUT DROP && iptables -A INPUT -i eth1 -p tcp --dport 80 -j ACCEPT && iptables -A INPUT -i eth1 -p tcp --dport 22022 -j ACCEPT && iptables -A INPUT -i lo -j ACCEPT && iptables -A INPUT -i eth1 -p tcp -s 110.75.102.62 -j ACCEPT'
root@yellowjim90:~# cat .alias alias autossh_22='export AUTOSSH_POLL=20 && autossh -M 22092 -f -qTnN -R 22090:192.168.1.90:22 -p 22022 root@gold4y.com'
3322.org
crontab -e /bin/date | sed 'N;s/\n/ :/' >> /var/log/3322.org && /usr/bin/wget -q -O- 'http://yellowjim:666666@members.3322.org/dyndns/update?system=dyndns&hostname=yellowjim.3322.org' >> /var/log/3322
00,10,20,30,40,50 * * * * /bin/date | /usr/bin/tr '\n' ' ' >> /var/log/3322.org && /usr/bin/wget -q -O- 'http://yellowjim:666666@members.3322.org/dyndns/update?system=dyndns&hostname=yellowjim.3322.org' >> /var/log/3322.org
PHP安装
zlib1g libpng
apt-get install php5-gd
dpkg -S file——这个文件属于哪个已安装软件包。 dpkg -L package——列出软件包中的所有文件。 dpkg -L openssh-server
apt-get install apt-file apt-file update apt-file search filename apt-file search filename | grep /bin/
PHP5 mcrypt
#mcrypt is not used anymore apt-get install php5-mcrypt libmcrypt4 libmcrypt-dev #mcrypt not used in php7.3.0, alternative way applied and OK.
//sudo ln -s /etc/php5/conf.d/mcrypt.ini /etc/php5/mods-available sudo php5enmod mcrypt sudo service apache2 restart
20.04 apache-php
sudo apt-get install -y apache2 sudo apt-get install -y php sudo apt-get install -y php-gd sudo apt-get install -y php-mysqli sudo apt-get install -y php-redis sudo apt install -y php-curl sudo apt install -y php-xml sudo apt install -y php-mbstring
GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.10.%' IDENTIFIED BY "xxx"; GRANT ALL PRIVILEGES ON wiki2020.* TO 'wiki'@'192.168.10.%' IDENTIFIED BY "xxx";
sudo apt install mercurial
cron
cron命令
crontab -l crontab -e service cron restart
cron设置
* * * * * cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron1.txt * * * * * sleep 10; cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron2.txt #* * * * * sleep 20; cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron3.txt #* * * * * sleep 30; cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron4.txt #* * * * * sleep 40; cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron5.txt #* * * * * sleep 50; cd /home/www/testDanbing && /usr/bin/php /home/www/testDanbing/do_opmisc.php >>/home/www/testDanbing/cron6.txt
Easy RSA
basic
. ./vars 1850 ./clean-all 1851 ./build-ca 1852 ./build-key-server server 1855 ./build-key client01 1856 ./build-key client02 1857 ./build-key client03 1858 ./build-key client04 1859 ./build-key client05 1860 ./build-key client06 1861 ./build-key client07 1862 ./build-key client08 1863 ./build-key client09 1864 ./build-key client10 1865 ./build-key client00
/usr/share/doc/openvpn/examples/sample-config-files
OPENVPN
misc
ssh -L 192.168.32.62:8096:127.0.0.1:8096 jim@34.173.120.252 ssh -L 192.168.32.62:8092:127.0.0.1:8092 root@154.204.45.162
route
Local Route: route 192.168.28.0 255.255.252.0 10.8.1.1 vpn_gateway route 192.168.28.0 255.255.252.0 10.8.1.1 net_gateway Remote Route: push "route 192.168.28.0 255.255.252.0 10.8.1.1 vpn_gateway"
./revoke-full client1 crl-verify crl.pem
KVM Install
Prepare
sudo apt-get update sudo apt-get install -y linux-tools-$(uname -r) egrep 'vmx|svm' /proc/cpuinfo
vim /etc/sysctl.conf net.ipv4.ip_forward = 1 /sbin/sysctl -p
vim /etc/sysconfig/network-scripts/ifcfg-br0
DEVICE=br0 TYPE=Bridge ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=static IPADDR=172.16.57.24 NETMASK=255.255.255.0 GATEWAY=172.16.57.1 DNS1=202.96.209.133
vim /etc/sysconfig/network-scripts/ifcfg-em1 DEVICE=em1 TYPE=Ethernet ONBOOT=yes BRIDGE=br0 NM_CONTROLLED=yes
/etc/libvirt/qemu.conf vnc_listen = "0.0.0.0"
Install Software
yum -y install kvm python-virtinst libvirt bridge-utils virt-manager qemu-kvm-tools virt-viewer virt-v2v libguestfs-tools-c
sudo apt-get install -y qemu-kvm bridge-utils virt-manager virt-viewer
sudo apt-get install -y kvm python-virtinst libvirt bridge-utils virt-manager qemu-kvm-tools virt-viewer virt-v2v libguestfs-tools-c
Create VM
VM basic
virt-install --name=tomcat_01 --ram 8192 --vcpus=2 / --disk path=/var/lib/libvirt/images/tomcat_01.img,size=20,format=raw,bus=virtio / --cdrom /var/iso/CentOS-6.7-x86_64-minimal.iso --network bridge=br0,model=virtio / --vnc --accelerate --autostart
--name 给虚拟机起个名字 --ram 分配给虚拟机的内存,单位MB --vcpus 分配给虚拟机的cpu个数 --cdrom 指定安装文件的全路径 --disk 指定虚拟机img文件路径,如果虚拟机使用lvm分区,这里就指向到lvm的分区就行 size 虚拟机文件大小,单位GB bus 虚拟机磁盘使用的总线类型,为了使虚拟机达到好的性能,这里使用virtio cache 虚拟机磁盘的cache类型 --network bridge 指定桥接网卡 model 网卡模式,这里也是使用性能更好的virtio --graphics 图形参数 --boot hd | cdrom --autostart
ps aux | grep qemu | grep tomcat_01
virt-install --name=tomcat_01 --ram 2048 --vcpus=2 --disk path=/home/jim/KVMs/kvm_sql100/sys.img,size=20,format=raw,bus=virtio --disk path=/home/jim/KVMs/kvm_sql100/data.img,size=80,format=raw,bus=virtio --cdrom /home/jim/KVMs/ubuntu-18.04.5-live-server-amd64.iso --network bridge=br0,model=virtio --vnc --accelerate --force --autostart
qemu-img create -f raw SQL100.1.sys.img 40G qemu-img create -f raw SQL100.1.data.img 80G
VM 96/100
Creat With SYS Disk only: sudo virt-install --name=BASE200.1 --ram 2048 --vcpus=2 \ --os-variant=ubuntu20.04 \ --disk path=/home/store/KVMs/BASE200.1.sys.img,format=raw \ --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:10 \ --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:10 \ --graphics vnc --accelerate --boot hd
Creat With SYS and Data Disks: virt-install --name=BASE200.2 --ram 2048 --vcpus=2 \ --os-variant=ubuntu20.04 \ --disk path=/home/store/KVMs/BASE200.2.sys.img,format=raw \ --disk path=/home/store/KVMs/BASE200.2.data.img,format=raw \ --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:10 \ --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:10 \ --graphics vnc --accelerate --boot hd
Creat K8S With SYS and Data Disks: sudo virt-install --name=BASE200.2.31.54.k8s --ram 32000 --vcpus=16 \ --os-variant=ubuntu20.04 \ --disk path=/home/jim/KVMs/BASE200.2.31.54.k8s.sys.img,format=raw \ --disk path=/home/jim/KVMs/K8S.1.data.img,format=raw \ --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:36 \ --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:36 \ --graphics vnc --accelerate --boot hd
======= PassThrough USB ports: ======= Host: # lsusb ... Bus 002 Device 003: ID 18d1:4e11 Google Inc. Nexus One #/usr/bin/qemu-kvm -m 1024 -name f15 -drive file=/images/f15.img,if=virtio -usb -device usb-host,hostbus=2,hostaddr=3
Maintain VM
virsh dumpxml tomcat_01 > tomcat_01.xml 将最新的虚拟机配置重定向到其配置文件中 virsh define tomcat_01.xml
qemu-img create -f raw test_add.img 100G 创建一块100G的磁盘 virsh attach-disk tomcat_01 /var/lib/libvirt/images/test_add.img vdb --cache none 动态添加磁盘 virsh attach-interface BASE200.1 --type bridge --source virbr1 --model rtl8139 --config virsh attach-interface BASE200.1 --type bridge --source virbr1 --model virtio --config
virt-clone --connect qemu:///system --original=SQL100.1 --name=BASE --file=/home/jim/KVMs/base.sys.img
sudo apt install libosinfo-bin osinfo-query os You can restart your domain by running: virsh --connect qemu:///system start BASE200.1.31.82
sudo apt install libguestfs-tools sudo virt-edit -d BASE200.1.31.2.router /etc/profile.d/rc.local.sh
Kubernete Setup
VM setup
sudo virt-install --name=BASE200.1.31.52.k8s.master --ram 4096 --vcpus=2 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.52.k8s.master.sys.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:34 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:34 --graphics vnc --accelerate --boot hd
qemu-img create -f raw K8S.node00.data.img 200G qemu-img create -f raw K8S.node01.data.img 200G
sudo virt-install --name=BASE200.2.31.53.k8s.node00 --ram 8000 --vcpus=4 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.53.k8s.node00.sys.img,format=raw --disk path=/home/jim/KVMs/K8S.node00.data.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:35 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:35 --graphics vnc --accelerate --boot hd sudo virt-install --name=BASE200.2.31.54.k8s.node01 --ram 8000 --vcpus=4 --os-variant=ubuntu20.04 --disk path=/home/jim/KVMs/BASE200.2.31.54.k8s.node01.sys.img,format=raw --disk path=/home/jim/KVMs/K8S.node01.data.img,format=raw --network bridge=virbr0,model=virtio,mac=52:54:00:c0:1f:36 --network bridge=virbr1,model=virtio,mac=52:54:00:c0:0a:36 --graphics vnc --accelerate --boot hd
virsh --connect qemu:///system start BASE200.1.31.52.k8s.master
sudo hostnamectl set-hostname k8s-master sudo hostnamectl set-hostname k8s-node00 sudo hostnamectl set-hostname k8s-node01
INSTALL
docker
sudo apt update sudo apt install docker.io
sudo tee /etc/docker/daemon.json << EOF
{-----BEGIN CERTIFICATE-----
EOF
sudo tee /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://ffvpn.net", "https://lk8iycdu.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
docker-compose
sudo apt install docker-compose-v2 sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
Docker Pods setup
$docker run -d \ --name my-pod-infra \ # 基础容器名(模拟 Pod 名称) -p 8080:80 \ # 主机端口 8080 映射到基础容器的 80 端口(后续实例可复用) registry.k8s.io/pause:3.9
registry/mirror
/etc/docker/certs.d/ffvpn.net/ca.crt <--- ubuntu160:/etc/letsencrypt/archive/ffvpn.net/cert23.pem /etc/docker/daemon.json "registry-mirrors": ["https://lk8iycdu.mirror.aliyuncs.com"],
docker exec -it my-pod-nginx-1 /bin/s docker stop my-pod-infra my-pod-nginx-1 my-pod-nginx-2 docker start my-pod-infra my-pod-nginx-1 my-pod-nginx-2 docker rm -f my-pod-infra my-pod-nginx-1 my-pod-nginx-2
sudo usermod -aG docker $USER newgrp docker
[jim@k8s-master /etc/ssl/certs] $sudo ln -s /home/jim/cert23.pem cert23.pem
[jim@ubuntu96 ~] $sudo docker run -d --name registry -p 443:5000 -v /home/docker.mirror:/var/lib/registry -v /home/jim/register.cert/ffvpn.net:/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/cert23.pem -e REGISTRY_HTTP_TLS_KEY=/certs/privkey23.pem lk8iycdu.mirror.aliyuncs.com/library/registry:2
$sudo docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 24f880e0771f lk8iycdu.mirror.aliyuncs.com/library/registry:2 "/entrypoint.sh /etc…" 4 days ago Up 23 hours 0.0.0.0:443->5000/tcp, :::443->5000/tcp registry
image operations
docker save -o myimages.tar image1:tag1 [image2:tag2] sudo chown cloveropen:cloveropen myimages.tar docker load -i myimage.tar | docker load < myimages.tar
openvpn/macvlan
sudo brctl stp br0 off sudo sysctl -w net.ipv4.ip_forward=1 && sudo sysctl -p sudo docker network create -d macvlan \ --subnet=SUBNET \ --gateway=GATEWAY \ -o parent=PHY_IFACE \ -o macvlan_mode=bridge # 显式指定 bridge 模式 my-macvlan-net
ping to host net: sudo ip link add macvlan-shim link br0 type macvlan mode bridge sudo ip addr add 192.168.1.200/24 dev macvlan-shim sudo ip link set macvlan-shim up sudo ip route add 192.168.1.105/32 dev macvlan-shim # 容器 DHCP IP
kuberlete
Sys Conf
disk manage
vgs lvs vgdisplay -v ubuntu-vg lvdisplay -v /dev/ubuntu-vg/ubuntu-lv
lvremove /dev/ubuntu-vg/lvol0 lvcreate -l 100 ubuntu-vg -n lv-0 lvextend -l +1000 /dev/ubuntu-vg/lv-0 mkfs -t ext4 /dev/ubuntu-vg/lv-0
g4u
iptables -t nat -A PREROUTING -p tcp --dport 22022 -j REDIRECT --to-ports 22022 iptables -t nat -A PREROUTING -p tcp --dport 8082 -j REDIRECT --to-ports 8082 iptables -t nat -A PREROUTING -p tcp -d 172.16.7.175 -j DNAT --to 10.8.0.2 iptables -t nat -I POSTROUTING -p tcp -s 10.8.0.2 -j SNAT --to 172.16.7.175
31.96
export AUTOSSH_POLL=20 && autossh -M 23180 -f -qTnN -R 22622:127.0.0.1:22 -p 22022 root@gold4y.com iptables -t nat -A PREROUTING -p tcp --dport 22096 -j REDIRECT --to-ports 22
ip rule add from 10.8.0.2 table 1 ip route add default via 10.8.0.1 table 1
31.80
ip route add 10.8.1.2/32 via 192.168.31.96
Jenkins
192.168.31.91: jim:6
sudo vi /etc/systemd/logind.conf #HandleLidSwitch=suspend HandleLidSwitch=ignore sudo restart systemd-logind
Disk pm
sudo dd if=/dev/mapper/ubuntu--vg-ubuntu--lv of=/dev/null bs=4M count=1024
20.04 rc.local
$ sudo vim /lib/systemd/system/rc-local.service
IPTABLES STATISTICS
iptables -N TRAFFIC_IN iptables -N TRAFFIC_OUT iptables -I FORWARD -i tun5 -j TRAFFIC_IN iptables -I FORWARD -o tun5 -j TRAFFIC_OUT iptables -A TRAFFIC_IN --src 10.8.5.6 iptables -A TRAFFIC_OUT --dst 10.8.5.6 iptables -L -nv iptables -F TRAFFIC_IN iptables -F TRAFFIC_OUT
Win10 WSL
Windows 10 version 2004 and higher (Build 19041 and higher) or Windows 11 Win + R: winver wsl -l -o wsl --set-default-version <Version#>, replacing <Version#> with either 1 or 2. wsl --setdefault <DistributionName> wsl --install -d Ubuntu-18.04
diskpart >select vdisk file=C:\Users\gsw94\AppData\Local\Packages\CanonicalGroupLimited.UbuntuonWindows_79rhkp1fndgsc\LocalState\ext4.vhdx >compact vdisk >exit
wsl --list wsl -l -v wsl --list --online wsl --terminate Ubuntu-18.04
wsl --export Ubuntu-18.04 D:\Users\Ubuntu-18.04.tar wsl --unregister Ubuntu-18.04 wsl --import Ubuntu-18.04 D:\Users\Ubuntu-18.04 D:\Users\Ubuntu-18.04.tar
/etc/wsl.conf: [automount] enabled = true root = /mnt/ options = "metadata,uid=1000,gid=1000,umask=22,fmask=11" mountFsTab = false [user] default = jim
meld crash issue: sudo apt install gnome-icon-theme
sz rz: zssh user@host Ctrl+space to entery file transfer mode 1. sz file -> Ctrl + Space -> rz 2. Ctrl + Space -> sz file ( file will autoly rz by remote host ) 3. Ctrl + Space -> suspend ( enter local shell )
PeiRate Formula
P : pei rate W : weight Fr: fee rate, 10% Pi = Sum(Wn)/Wi; Pj = Sum(Wn)/Wj; Pk = Sum(Wn)/Wk;
PUi = (Pi - 1) * (1 - Fr) + 1 PUi = Pi * (1 - Fr)
zcjc_order:
- usr_id
- zcjc_id
- pei_rate = PUi
- peihaoN (order_num) 1~1000
- price 100 coins/peihao
- pei_sum = pei_rate * peihaoN * price
zcjc_Sub:
- peihaoN += order.peihaoN
- pei_sum += Pi * peihaoN * price
- peihaoN_stored = @ > order.peihaoN ? -= peihaoN : All: peihaoN_stored += Wj;
- peisum_stored = @ > pei_sum_i ? -= pei_sum_i : ~peisum_stored += pei_sum_i
- Pi = peisum_stored -= pei_sum_i ? Pi * ( 1 - 10%) :
- PiHigh = Pi * (1 + (pei_sum0 * (1 - Fr) - peisum_i)/peisum_stored)
- weight += Wi * (Pio - Pi)/Pio
Kubnet
kubectl get pods -A -o wide kubectl cp /root/frr2-c1/ldpd.conf frr2-0:/etc/frr/ -n frr2 kubectl exec -it frr2-0 /bin/bash -n frr2
ZCJC operations
ds zci init ds zci update ds zci fstart (act_finit and act_start, special for zci 5(sh000)) ds zci fupdate (act_fupdate act_done) ds zci start ds zci fstart 5 ds zci update 5 zci_playerB_points 3030 ds zci fupdate 5 3030
ds zci fupdate 5 playB_points (playB_points is sh000 end points and update sh000 win_id acoording to playB_points)
Wiki Demos
- abcd
- efgh
| 姓名 | 性别 | 年龄 |
| jim | M | 30 |
mediawiki-1.22.5/skins/common/shared.css
| 姓名A | 性别A | 年龄A |
| jim | M | 30 |
Hello World.
