RHEL
常用操作
系统更新
bash
sudo dnf clean all && sudo dnf makecache && sudo dnf update
sudo yum clean all && sudo yum makecache && sudo yum updatesudo dnf clean all && sudo dnf makecache && sudo dnf update
sudo yum clean all && sudo yum makecache && sudo yum update查看系统信息
bash
# 查看CentOS版本
cat /etc/centos-release
# 查看AlmaLinux版本
cat /etc/almalinux-release
# 查看RockyLinux版本
cat /etc/rocky-release# 查看CentOS版本
cat /etc/centos-release
# 查看AlmaLinux版本
cat /etc/almalinux-release
# 查看RockyLinux版本
cat /etc/rocky-release机器名
bash
# 查看当前机器名
hostnamectl
# 修改机器名
sudo hostnamectl set-hostname host.aaa.com# 查看当前机器名
hostnamectl
# 修改机器名
sudo hostnamectl set-hostname host.aaa.comSELinux
查看当前状态
bash
getenforcegetenforce临时关闭
bash
setenforce 0setenforce 0永久关闭
bash
sudo sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/configsudo sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config手工关闭
bash
vi /etc/selinux/configvi /etc/selinux/configbash
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted防火墙
常用命令
bash
# 查看版本
firewall-cmd --version
# 重启防火墙
firewall-cmd --reload
# 显示状态
firewall-cmd --state
# 查看所有打开的端口
firewall-cmd --zone=public --list-ports
# 查看区域信息
firewall-cmd --get-active-zones
# 查看指定接口所属区域
firewall-cmd --get-zone-of-interface=eth0
# 拒绝所有包
firewall-cmd --panic-on
# 取消拒绝状态
firewall-cmd --panic-off
# 查看是否拒绝
firewall-cmd --query-panic
# 查看端口状态
firewall-cmd --zone=public --query-port=80/tcp
firewall-cmd --zone=public --query-port=443/tcp# 查看版本
firewall-cmd --version
# 重启防火墙
firewall-cmd --reload
# 显示状态
firewall-cmd --state
# 查看所有打开的端口
firewall-cmd --zone=public --list-ports
# 查看区域信息
firewall-cmd --get-active-zones
# 查看指定接口所属区域
firewall-cmd --get-zone-of-interface=eth0
# 拒绝所有包
firewall-cmd --panic-on
# 取消拒绝状态
firewall-cmd --panic-off
# 查看是否拒绝
firewall-cmd --query-panic
# 查看端口状态
firewall-cmd --zone=public --query-port=80/tcp
firewall-cmd --zone=public --query-port=443/tcp系统服务
bash
# 查看防火墙状态
systemctl enable firewalld
# 查看防火墙状态
systemctl status firewalld
# 启动防火墙
systemctl start firewalld
# 启动防火墙
systemctl restart firewalld
# 关闭防火墙
systemctl stop firewalld# 查看防火墙状态
systemctl enable firewalld
# 查看防火墙状态
systemctl status firewalld
# 启动防火墙
systemctl start firewalld
# 启动防火墙
systemctl restart firewalld
# 关闭防火墙
systemctl stop firewalld开启常见端口
bash
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=81/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=8000/tcp
firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --permanent --zone=public --add-port=8081/tcp
firewall-cmd --permanent --zone=public --add-port=8180/tcp
firewall-cmd --permanent --zone=public --add-port=8181/tcp
# MySQL
firewall-cmd --permanent --zone=public --add-port=3306/tcp
firewall-cmd --permanent --zone=public --add-port=3308/tcp
# RabbitMQ
firewall-cmd --permanent --zone=public --add-port=5672/tcp
firewall-cmd --permanent --zone=public --add-port=15672/tcp
# Redis
firewall-cmd --permanent --zone=public --add-port=6379/tcp
# MongoDB
firewall-cmd --permanent --zone=public --add-port=27017/tcp
# Elasticsearch
firewall-cmd --permanent --zone=public --add-port=9200/tcp
firewall-cmd --permanent --zone=public --add-port=9300/tcp
# Kibana
firewall-cmd --permanent --zone=public --add-port=5601/tcp
# Logstash
firewall-cmd --permanent --zone=public --add-port=5044/tcp
# APM Server
firewall-cmd --permanent --zone=public --add-port=8200/tcp
# LibreOffice Online
firewall-cmd --permanent --zone=public --add-port=9980/tcp
firewall-cmd --permanent --zone=public --add-port=9981/tcp
# OnlyOffice Document Server
firewall-cmd --permanent --zone=public --add-port=9880/tcp
firewall-cmd --permanent --zone=public --add-port=9881/tcp
# OnlyOffice Community Server
firewall-cmd --permanent --zone=public --add-port=9780/tcp
firewall-cmd --permanent --zone=public --add-port=9781/tcp
#
firewall-cmd --permanent --zone=public --add-port=62772/tcpfirewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=81/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=8000/tcp
firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --permanent --zone=public --add-port=8081/tcp
firewall-cmd --permanent --zone=public --add-port=8180/tcp
firewall-cmd --permanent --zone=public --add-port=8181/tcp
# MySQL
firewall-cmd --permanent --zone=public --add-port=3306/tcp
firewall-cmd --permanent --zone=public --add-port=3308/tcp
# RabbitMQ
firewall-cmd --permanent --zone=public --add-port=5672/tcp
firewall-cmd --permanent --zone=public --add-port=15672/tcp
# Redis
firewall-cmd --permanent --zone=public --add-port=6379/tcp
# MongoDB
firewall-cmd --permanent --zone=public --add-port=27017/tcp
# Elasticsearch
firewall-cmd --permanent --zone=public --add-port=9200/tcp
firewall-cmd --permanent --zone=public --add-port=9300/tcp
# Kibana
firewall-cmd --permanent --zone=public --add-port=5601/tcp
# Logstash
firewall-cmd --permanent --zone=public --add-port=5044/tcp
# APM Server
firewall-cmd --permanent --zone=public --add-port=8200/tcp
# LibreOffice Online
firewall-cmd --permanent --zone=public --add-port=9980/tcp
firewall-cmd --permanent --zone=public --add-port=9981/tcp
# OnlyOffice Document Server
firewall-cmd --permanent --zone=public --add-port=9880/tcp
firewall-cmd --permanent --zone=public --add-port=9881/tcp
# OnlyOffice Community Server
firewall-cmd --permanent --zone=public --add-port=9780/tcp
firewall-cmd --permanent --zone=public --add-port=9781/tcp
#
firewall-cmd --permanent --zone=public --add-port=62772/tcp关闭端口
bash
firewall-cmd --permanent --zone=public --remove-port=80/tcp
firewall-cmd --permanent --zone=public --remove-port=3306/tcp
firewall-cmd --permanent --zone=public --remove-port=6379/tcpfirewall-cmd --permanent --zone=public --remove-port=80/tcp
firewall-cmd --permanent --zone=public --remove-port=3306/tcp
firewall-cmd --permanent --zone=public --remove-port=6379/tcp系统缓存占用高
新建脚本
bash
#
mkdir -p /data/app/tools
#
touch /data/app/tools/clear-cache.sh
#
vi /data/app/tools/clear-cache.sh
#
chmod a+x /data/app/tools/clear-cache.sh#
mkdir -p /data/app/tools
#
touch /data/app/tools/clear-cache.sh
#
vi /data/app/tools/clear-cache.sh
#
chmod a+x /data/app/tools/clear-cache.sh内容如下
bash
#!/bin/bash
Mem=$(free -m | awk 'NR==2' | awk '{print $4}')
if [ $Mem -gt 1024 ];
then
echo "Service memory capacity is normal!" > /dev/null
else
sync
echo "1" > /proc/sys/vm/drop_caches
echo "2" > /proc/sys/vm/drop_caches
echo "3" > /proc/sys/vm/drop_caches
sync
fi#!/bin/bash
Mem=$(free -m | awk 'NR==2' | awk '{print $4}')
if [ $Mem -gt 1024 ];
then
echo "Service memory capacity is normal!" > /dev/null
else
sync
echo "1" > /proc/sys/vm/drop_caches
echo "2" > /proc/sys/vm/drop_caches
echo "3" > /proc/sys/vm/drop_caches
sync
fi新建定时任务
bash
crontab -ecrontab -e# clear cache
*/30 * * * * /data/app/tools/clear-cache.sh# clear cache
*/30 * * * * /data/app/tools/clear-cache.shHCache
安装
bash
wget https://silenceshell-1255345740.cos.ap-shanghai.myqcloud.com/hcache
chmod +x hcache
mv hcache /usr/local/bin/wget https://silenceshell-1255345740.cos.ap-shanghai.myqcloud.com/hcache
chmod +x hcache
mv hcache /usr/local/bin/使用
bash
# 查看使用缓存最多的前10个进程
hcache -top 10
# 查看进程缓存使用
hcache -pid 1397# 查看使用缓存最多的前10个进程
hcache -top 10
# 查看进程缓存使用
hcache -pid 1397磁盘性能测试
安装
bash
yum install fio -yyum install fio -y随机读
bash
fio -filename=test.file -direct=1 -iodepth 1 -thread -rw=randread -ioengine=psync -bs=16k -size=10G -numjobs=10 -runtime=60 -group_reporting -name=testfio -filename=test.file -direct=1 -iodepth 1 -thread -rw=randread -ioengine=psync -bs=16k -size=10G -numjobs=10 -runtime=60 -group_reporting -name=test随机写
bash
fio -filename=test.file -direct=1 -iodepth 1 -thread -rw=randwrite -ioengine=psync -bs=16k -size=10G -numjobs=10 -runtime=60 -group_reporting -name=testfio -filename=test.file -direct=1 -iodepth 1 -thread -rw=randwrite -ioengine=psync -bs=16k -size=10G -numjobs=10 -runtime=60 -group_reporting -name=test系统 IO
# 安装
yum install -y sysstat
#
iostat -x 1 10
iostat -x 1
# 查找IO进程
#
yum install -y iotop
#
iotop# 安装
yum install -y sysstat
#
iostat -x 1 10
iostat -x 1
# 查找IO进程
#
yum install -y iotop
#
iotop