第三章:系统管理篇
# 26 | 网络管理
# 网络状态查看工具 net-tools
- ifconfig
- eth0 第一块网卡(网络接口)
- 你的第一个网络接口可能叫做下面的名字
- eno1 板载网卡
- ens33 PCI-E 网卡
- enp0s3 无法获取物理信息的 PCI-E 网卡
- CentOS 7 使用了一致性网络设备命名,以上都不匹配则使用 eth0
- route
- netstat
# 网络状态查看工具 iproute2
- ip
- ss
# 网络接口命名修改
- 网卡命名规则受 biosdevname 和 net.ifnames 两个参数影响
- 编辑
/etc/default/grub文件,增加biosdevname=0 net.ifnames=0 - 更新 grub
sudo grub2-mkconfig -0 /boot/grub2/grub.cfg - 重启
sudo reboot
| biosdevname | net.ifnames | 网卡名 | |
|---|---|---|---|
| 默认 | 0 | 1 | ens33 |
| 组合 1 | 1 | 0 | em1 |
| 组合 2 | 0 | 0 | eth0 |
# 27 | 查看网络配置
- 查看网卡物理连接情况
mii-tool eth0 - 查看网关
- 使用 -n 参数不解析主机名
route -n
- 使用 -n 参数不解析主机名
ubuntu@10-9-82-227:~$ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1452
inet 10.9.82.227 netmask 255.255.0.0 broadcast 10.9.255.255
inet6 fe80::5054:ff:fead:dd90 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:ad:dd:90 txqueuelen 1000 (Ethernet)
RX packets 59016468 bytes 20485044156 (20.4 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 69099666 bytes 14180615847 (14.1 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ubuntu@10-9-82-227:~$ mii-tool eth0
SIOCGMIIPHY on 'eth0' failed: Operation not permitted
ubuntu@10-9-82-227:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.9.0.1 0.0.0.0 UG 0 0 0 eth0
10.9.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
ubuntu@10-9-82-227:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.9.0.1 0.0.0.0 UG 0 0 0 eth0
10.9.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
ubuntu@10-9-82-227:~$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# 28 | 修改网络配置
- 网络配置命令
- ifconfig <接口> <IP 地址> [netmask 子网掩码]
- ifup <接口>
- ifdown <接口>
- 网关配置命令
- 添加网关
route add default gw <网关 ip>route add -host <指定 ip> gw <网关 ip>route add -net <指定网段> netmask <子网掩码> gw <网关 ip>
- 添加网关
- 网络命令集合:ip 命令
ip addr lsifconfigip link set dev eth0 upifup eth0ip addr add 10.0.0.1/24 dev eth1ifconfig eth1 10.0.0.1 netmask 255.255.255.0ip route add 10.0.0/24 via 192.168.0.1route add -net 10.0.0.0 netmask 255.255.255.0 gw 192.1.68.0.1
# 29 | 网络故障排除命令
ping用于检测当前主机和目标主机之间是否畅通traceroute用于检测当前主机和目标主机之间网络状况,追踪路由,辅助 pingmtr用于检测当前主机和目标主机之间网络状况,检查数据包是否丢失,辅助 pingnslookup用于查询 DNS 的记录,查询域名解析是否正常telnet用于测试映射端口或远程访问主机tcpdump用于对网络上的数据包进行截获分析netstat用于显示各种网络相关信息,如网络连接,路由表,接口状态,masquerade 连接,多播成员等等SS用于显示 socket 状态
ubuntu@10-9-82-227:~$ ping www.baidu.com
PING www.a.shifen.com (110.242.68.3) 56(84) bytes of data.
64 bytes from 110.242.68.3 (110.242.68.3): icmp_seq=1 ttl=49 time=9.59 ms
64 bytes from 110.242.68.3 (110.242.68.3): icmp_seq=2 ttl=49 time=9.46 ms
64 bytes from 110.242.68.3 (110.242.68.3): icmp_seq=3 ttl=49 time=9.51 ms
64 bytes from 110.242.68.3 (110.242.68.3): icmp_seq=4 ttl=49 time=9.35 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 9.349/9.477/9.593/0.087 ms
ubuntu@10-9-82-227:~$ traceroute -w 6 www.baidu.com
traceroute to www.baidu.com (220.181.38.149), 30 hops max, 60 byte packets
1 * * *
2 10.192.74.69 (10.192.74.69) 1.173 ms 1.169 ms 1.143 ms
3 * * 10.192.64.89 (10.192.64.89) 4.306 ms
4 10.192.64.54 (10.192.64.54) 1.668 ms 10.192.0.96 (10.192.0.96) 1.133 ms 10.192.0.204 (10.192.0.204) 1.463 ms
5 10.192.1.87 (10.192.1.87) 2.759 ms 2.175 ms 10.192.1.85 (10.192.1.85) 2.422 ms
6 * * *
7 220.181.0.33 (220.181.0.33) 2.471 ms 220.181.0.29 (220.181.0.29) 2.660 ms 2.921 ms
8 * * *
9 106.38.244.174 (106.38.244.174) 8.705 ms 220.181.17.18 (220.181.17.18) 3.134 ms 106.38.244.174 (106.38.244.174) 7.673 ms
10 * * *
11 * * *
12 * *^C
ubuntu@10-9-82-227:~$
ubuntu@10-9-82-227:~$ mtr
ubuntu@10-9-82-227:~$ nslookup www.baidu.com
Server: 10.42.255.1
Address: 10.42.255.1#53
Non-authoritative answer:
www.baidu.com canonical name = www.a.shifen.com.
Name: www.a.shifen.com
Address: 110.242.68.4
Name: www.a.shifen.com
Address: 110.242.68.3
ubuntu@10-9-82-227:~$ telnet www.baidu.com 80
Trying 220.181.38.149...
Connected to www.a.shifen.com.
Escape character is '^]'.
^]
telnet> Connection closed.
# -n 显示 ip 地址而不是域名, -w 指定保存位置
ubuntu@10-9-82-227:~$ sudo tcpdump -i any -n host 10.0.0.1 and port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
ubuntu@10-9-82-227:~$
# n显示 ip 而非域名,t仅以tcp方式显示截取内容,p显示端口对应进程,l仅列出有在 Listen (监听) 的服务
ubuntu@10-9-82-227:~$ netstat -ntpl
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:7890 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:888 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:39867 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6012 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN -
tcp6 0 0 :::21 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:6010 :::* LISTEN -
tcp6 0 0 ::1:6011 :::* LISTEN -
tcp6 0 0 ::1:6012 :::* LISTEN -
ubuntu@10-9-82-227:~
$ubuntu@10-9-82-227:~$ ss -ntpl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 511 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:7890 0.0.0.0:*
LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
LISTEN 0 9 0.0.0.0:21 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 511 0.0.0.0:888 0.0.0.0:*
LISTEN 0 10 127.0.0.1:25 0.0.0.0:*
LISTEN 0 128 127.0.0.1:6010 0.0.0.0:*
LISTEN 0 128 127.0.0.1:6011 0.0.0.0:*
LISTEN 0 4096 127.0.0.1:39867 0.0.0.0:*
LISTEN 0 128 127.0.0.1:6012 0.0.0.0:*
LISTEN 0 10 127.0.0.1:587 0.0.0.0:*
LISTEN 0 9 [::]:21 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::1]:6010 [::]:*
LISTEN 0 128 [::1]:6011 [::]:*
LISTEN 0 128 [::1]:6012 [::]:*
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# 30 | 网络管理和配置文件
- 网络服务管理,分为两种,分别为 SysV 和 systemd
service network start|stop|restartchkconfig -list networksystemctl list-unit-files NetworkManager.servicesystemctl start|stop|restart NetworkMangersystemctl enableldisable NetworkManger
- 网络配置文件
ifcfg-eth0/etc/hosts
- 修改主机名
- 临时修改
hostname c7.test11重启失效 - 永久修改
hostnamectl set-hostname c7.test11- 编辑
/etc/hosts文件添加127.0.0.1 c7.test11
- 临时修改
[jaime@172 ~]$ service network status
Configured devices:
lo eth0
Currently active devices:
lo eth0
[jaime@172 ~]$
[jaime@172 ~]$ sudo service network restart
Restarting network (via systemctl): [ OK ]
[jaime@172 ~]$ chkconfig --list network
Note: This output shows SysV services only and does not include native
systemd services. SysV configuration data might be overridden by native
systemd configuration.
If you want to list systemd services use 'systemctl list-unit-files'.
To see services enabled on particular target use
'systemctl list-dependencies [target]'.
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[jaime@172 ~]$ sudo systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-09-06 08:13:11 EST; 2h 2min ago
Docs: man:NetworkManager(8)
Main PID: 688 (NetworkManager)
CGroup: /system.slice/NetworkManager.service
├─ 688 /usr/sbin/NetworkManager --no-daemon
└─9840 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhc...
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9697] d...)
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9700] d...)
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9701] d...)
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9703] m...L
Mar 06 10:12:07 localhost.localdomain dhclient[9840]: bound to 172.27.145.27 -- renewa....
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9791] m...E
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9792] p...S
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9819] d....
Mar 06 10:12:07 localhost.localdomain NetworkManager[688]: <info> [1646579527.9823] m...L
Mar 06 10:12:08 localhost.localdomain NetworkManager[688]: <info> [1646579528.0004] p...)
Hint: Some lines were ellipsized, use -l to show in full.
[jaime@172 ~]$ sudo systemctl disable| enable NetworkManager^C
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# 31 | 软件包管理器的使用
- 包管理器是方便软件安装、卸载,解决软件依赖关系的重要工具
- CentOS、RedHat 使用 yum 包管理器,软件安装包格式为
.rpm - Debian、Ubuntu 使用 apt 包管理器,软件安装包格式为
.deb
- CentOS、RedHat 使用 yum 包管理器,软件安装包格式为
# 32 | 使用 rpm 命令安装软件包
- rpm 包格式
- vim-common-7.4.10-5.el7.x86_64.rpm 软件名称 软件版本 系统版本 平台
- rpm 命令常用参数
- -q 查询软件包
- -i 安装软件包
- -e 卸载软件包
- more 执行命令后分屏显示结果
- rpm 无法自动解决软件包依赖关系
➜ ~ tldr rpm
rpm
RPM Package Manager.
More information: https://rpm.org/.
- Show version of httpd package:
rpm -q httpd
- List versions of all matching packages:
rpm -qa 'mariadb*'
- Forcibly install a package regardless of currently installed versions:
rpm -U package_name.rpm --force
- Identify owner of a file and show version of the package:
rpm -qf /etc/postfix/main.cf
- List package-owned files:
rpm -ql kernel
- Show scriptlets from an RPM file:
rpm -qp --scripts package_name.rpm
- Show changed, missing and/or incorrectly installed files of matching packages:
rpm -Va 'php-*'
# 将光驱里的光盘文件做成 iso 镜像文件
➜ ~ dd if=/dev/sr0 of=/xxx/xx.iso
# 挂载光驱(光驱里的文件无法直接查看)
➜ ~ mount /dev/sr0 /mnt
# 查询所有包版本信息,结果分屏查看
➜ ~ rpm -qa | more
# 查看 vim-common 包版本
➜ ~ rpm -q vim-common
# 安装软件包
➜ ~ rpm -i xxxx.rpm
# 卸载软件包
➜ ~ rpm -e xxxx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44