1. AlmaLinux概述与环境规划
AlmaLinux是一个开源、社区驱动的Linux发行版,旨在替代CentOS Linux。它是RHEL(Red Hat Enterprise Linux)的二进制兼容分支,由CloudLinux团队开发和维护。更多学习教程www.fgedu.net.cn
1.1 AlmaLinux版本说明
AlmaLinux目前主要版本包括AlmaLinux 8.x和AlmaLinux 9.x系列,分别对应RHEL 8和RHEL 9。本教程以AlmaLinux 9.4为例进行详细讲解。
# cat /etc/almalinux-release
AlmaLinux release 9.4 (Seafoam Ocelot)
# 查看内核版本
# uname -r
5.14.0-427.13.1.el9_4.x86_64
# 查看系统架构
# arch
x86_64
1.2 环境规划
本次安装环境规划如下:
IP地址:192.168.1.51
网关:192.168.1.1
DNS:192.168.1.1
磁盘分区:
/boot/efi 1024MB (EFI系统分区)
/boot 2048MB (引导分区)
/ 100GB (根分区)
/data 500GB (数据分区)
/backup 300GB (备份分区)
swap 32GB (交换分区)
2. 硬件环境要求与检查
在安装AlmaLinux之前,需要对服务器硬件环境进行全面检查。学习交流加群风哥微信: itpux-com
2.1 最低硬件要求
CPU:2核心
内存:2GB
磁盘:20GB
推荐配置(生产环境):
CPU:8核心以上
内存:32GB以上
磁盘:500GB以上(根据业务需求)
网络:千兆网卡
2.2 硬件检查命令
# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
CPU(s): 32
Thread(s) per core: 2
Core(s) per socket: 16
Socket(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 85
Model name: Intel(R) Xeon(R) Gold 6248R CPU @ 3.00GHz
Stepping: 7
CPU MHz: 3000.000
CPU max MHz: 4000.0000
CPU min MHz: 1200.0000
BogoMIPS: 6000.00
# 检查内存信息
# free -h
total used free shared buff/cache available
Mem: 62Gi 2.1Gi 58Gi 8.5Mi 1.8Gi 59Gi
Swap: 31Gi 0B 31Gi
# 检查磁盘信息
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 500G 0 disk
├─sda1 8:1 0 1G 0 part /boot/efi
├─sda2 8:2 0 2G 0 part /boot
├─sda3 8:3 0 100G 0 part /
├─sda4 8:4 0 500G 0 part /data
├─sda5 8:5 0 300G 0 part /backup
└─sda6 8:6 0 32G 0 part [SWAP]
# 检查磁盘分区
# fdisk -l
Disk /dev/sda: 500 GiB, 536870912000 bytes, 1048576000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
3. AlmaLinux系统安装步骤
本节详细介绍AlmaLinux 9.4的安装过程,包括图形化安装和命令行安装两种方式。学习交流加群风哥QQ113257174
3.1 下载AlmaLinux镜像
# wget https://mirrors.almalinux.org/isos/x86_64/AlmaLinux-9.4-x86_64-dvd.iso
# 或使用国内镜像加速
# wget https://mirrors.tuna.tsinghua.edu.cn/almalinux/9.4/isos/x86_64/AlmaLinux-9.4-x86_64-dvd.iso
# 验证ISO文件完整性
# sha256sum AlmaLinux-9.4-x86_64-dvd.iso
8f763b5c5719d7f5b5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5c5 AlmaLinux-9.4-x86_64-dvd.iso
3.2 创建安装介质
# dd if=AlmaLinux-9.4-x86_64-dvd.iso of=/dev/sdb bs=4M status=progress && sync
# 输出示例:
1048576000 bytes (1.0 GB, 1000 MiB) copied, 120 s, 8.7 MB/s
250000+0 records in
250000+0 records out
3.3 图形化安装步骤
图形化创建数据库步骤:
步骤1:启动安装程序 – 选择”Install AlmaLinux 9.4″ – 按Enter键
步骤2:选择安装语言 – 选择”中文(简体)”或”English” – 点击”继续”
步骤3:配置安装目标 – 选择安装磁盘 – 选择”自定义”分区方案
步骤4:配置网络和主机名 – 启用网卡 – 设置主机名为fgedudb01.fgedu.net.cn
步骤5:配置用户设置 – 设置root密码 – 创建普通用户
步骤6:开始安装 – 点击”开始安装”按钮 – 等待安装完成
3.4 自动化安装(Kickstart)
# vi /root/ks.cfg
# AlmaLinux 9 Kickstart配置文件内容
#version=RHEL9
# System language
lang zh_CN.UTF-8
# Keyboard layout
keyboard us
# Network information
network –bootproto=static –device=eth0 –gateway=192.168.1.1 –ip=192.168.1.51 –nameserver=192.168.1.1 –netmask=255.255.255.0 –hostname=fgedudb01.fgedu.net.cn
# Root password
rootpw –plaintext Fgedu@2026
# System timezone
timezone Asia/Shanghai –isUtc
# Bootloader configuration
bootloader –append=”rhgb quiet” –location=mbr –boot-drive=sda
# Partition clearing information
clearpart –all –initlabel –drives=sda
# Disk partitioning information
part /boot/efi –fstype=”efi” –size=1024
part /boot –fstype=”xfs” –size=2048
part pv.01 –size=1 –grow
volgroup vg_system pv.01
logvol / –fstype=”xfs” –name=lv_root –vgname=vg_system –size=102400
logvol /data –fstype=”xfs” –name=lv_data –vgname=vg_system –size=512000
logvol /backup –fstype=”xfs” –name=lv_backup –vgname=vg_system –size=307200
logvol swap –fstype=”swap” –name=lv_swap –vgname=vg_system –size=32768
# Installation source
url –url=”https://mirrors.almalinux.org/9.4/BaseOS/x86_64/os/”
# Packages
%packages
@^minimal-environment
vim-enhanced
net-tools
wget
curl
bash-completion
%end
4. 网络配置与优化
网络配置是系统安装后的重要环节,需要根据实际环境进行合理配置。更多学习教程公众号风哥教程itpux_com
4.1 配置网络接口
# ip addr show
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0:
link/ether 00:0c:29:12:34:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.51/24 brd 192.168.1.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# 配置静态IP地址
# nmcli connection modify eth0 ipv4.addresses 192.168.1.51/24
# nmcli connection modify eth0 ipv4.gateway 192.168.1.1
# nmcli connection modify eth0 ipv4.dns “192.168.1.1,8.8.8.8”
# nmcli connection modify eth0 ipv4.method manual
# nmcli connection up eth0
# 输出示例:
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1)
4.2 配置主机名和DNS
# hostnamectl set-hostname fgedudb01.fgedu.net.cn
# 验证主机名
# hostnamectl
Static hostname: fgedudb01.fgedu.net.cn
Icon name: computer-server
Chassis: server
Machine ID: 1234567890abcdef1234567890abcdef
Boot ID: abcdef1234567890abcdef1234567890
Operating System: AlmaLinux 9.4 (Seafoam Ocelot)
CPE OS Name: cpe:/o:almalinux:almalinux:9::baseos
Kernel: Linux 5.14.0-427.13.1.el9_4.x86_64
Architecture: x86-64
# 配置DNS解析
# vi /etc/resolv.conf
nameserver 192.168.1.1
nameserver 8.8.8.8
search fgedu.net.cn
# 配置hosts文件
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.51 fgedudb01.fgedu.net.cn fgedudb01
4.3 网络性能优化
# ethtool -S eth0 | head -20
NIC statistics:
rx_packets: 12345678
tx_packets: 8765432
rx_bytes: 12345678901
tx_bytes: 8765432109
rx_broadcast: 12345
tx_broadcast: 6789
rx_multicast: 4567
tx_multicast: 1234
# 配置网卡队列数
# ethtool -L eth0 combined 8
# 配置网卡缓冲区
# ethtool -G eth0 rx 4096 tx 4096
# 开启网卡硬件校验
# ethtool -K eth0 tx on rx on
# 查看网卡支持的功能
# ethtool -k eth0 | head -20
Features for eth0:
rx-checksumming: on
tx-checksumming: on
tx-checksum-ipv4: on
tx-checksum-ip-generic: off [fixed]
tx-checksum-ipv6: on
scatter-gather: on
tx-scatter-gather: on
5. 内核参数配置
内核参数对系统性能和稳定性至关重要,需要根据实际应用场景进行优化配置。from:www.itpux.com
5.1 配置sysctl参数
# vi /etc/sysctl.conf
# 添加以下内核参数
# 文件描述符限制
fs.file-max = 6815744
fs.aio-max-nr = 1048576
# 共享内存参数
kernel.shmmax = 34359738368
kernel.shmall = 8388608
kernel.shmmni = 4096
# 信号量参数
kernel.sem = 250 32000 100 128
# 网络参数
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
# 内存参数
vm.swappiness = 10
vm.dirty_background_ratio = 5
vm.dirty_ratio = 10
vm.overcommit_memory = 2
vm.overcommit_ratio = 80
# sysctl -p
# 输出示例:
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmmax = 34359738368
kernel.shmall = 8388608
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
vm.swappiness = 10
vm.dirty_background_ratio = 5
vm.dirty_ratio = 10
# 验证参数设置
# sysctl -a | grep kernel.sem
kernel.sem = 250 32000 100 128
# sysctl -a | grep fs.file-max
fs.file-max = 6815744
5.2 配置大内存页
# grep Huge /proc/meminfo
AnonHugePages: 0 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB
# 禁用透明大内存页
# cat /sys/kernel/mm/transparent_hugepage/enabled
[always] madvise never
# 编辑GRUB配置
# vi /etc/default/grub
GRUB_CMDLINE_LINUX=”rhgb quiet transparent_hugepage=never numa=off”
# 重新生成GRUB配置
# grub2-mkconfig -o /boot/grub2/grub.cfg
# 输出示例:
Generating grub configuration file …
Found linux image: /boot/vmlinuz-5.14.0-427.13.1.el9_4.x86_64
Found initrd image: /boot/initramfs-5.14.0-427.13.1.el9_4.x86_64.img
done
# 配置大内存页数量(假设需要20GB大内存页)
# echo 10240 > /proc/sys/vm/nr_hugepages
# 永久配置
# vi /etc/sysctl.conf
vm.nr_hugepages = 10240
# 验证大内存页配置
# grep HugePages /proc/meminfo
HugePages_Total: 10240
HugePages_Free: 10240
HugePages_Rsvd: 0
HugePages_Surp: 0
5.3 配置用户资源限制
# vi /etc/security/limits.conf
# 添加以下内容
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
* soft stack 10240
* hard stack 32768
* soft memlock unlimited
* hard memlock unlimited
# 配置systemd限制
# vi /etc/systemd/system.conf
DefaultLimitNOFILE=65535
DefaultLimitNPROC=65535
# 验证配置
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 63498
max locked memory (kbytes, -l) unlimited
max memory size (kbytes, -m) unlimited
open files (-n) 65535
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 10240
cpu time (seconds, -t) unlimited
max user processes (-u) 65535
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
6. 存储配置与优化
存储配置直接影响系统性能,需要根据业务需求进行合理规划。更多学习教程www.fgedu.net.cn
6.1 磁盘分区管理
# fdisk -l
Disk /dev/sda: 500 GiB, 536870912000 bytes, 1048576000 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
# 查看LVM信息
# pvs
PV VG Fmt Attr PSize PFree
/dev/sda3 vg_system lvm2 a– <100.00g 0
/dev/sda4 vg_data lvm2 a-- <500.00g 0
# vgs
VG #PV #LV #SN Attr VSize VFree
vg_data 1 1 0 wz--n- <500.00g 0
vg_system 1 4 0 wz--n- <100.00g 0
# lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
lv_root vg_system -wi-ao---- 100.00g
lv_swap vg_system -wi-ao---- 32.00g
lv_data vg_data -wi-ao---- 500.00g
lv_backup vg_system -wi-ao---- 300.00g
# 创建新逻辑卷
# lvcreate -L 100G -n lv_opt vg_system
Logical volume "lv_opt" created.
# 格式化为XFS文件系统
# mkfs.xfs /dev/vg_system/lv_opt
meta-data=/dev/vg_system/lv_opt isize=512 agcount=4, agsize=6553600 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=26214400, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=12800, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
# 挂载文件系统
# mkdir /opt/data
# mount /dev/vg_system/lv_opt /opt/data
# 配置开机自动挂载
# vi /etc/fstab
/dev/vg_system/lv_opt /opt/data xfs defaults 0 0
6.2 文件系统优化
# xfs_info /data
meta-data=/dev/mapper/vg_data-lv_data isize=512 agcount=4, agsize=32768000 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=131072000, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=64000, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
# 挂载选项优化
# vi /etc/fstab
/dev/vg_data/lv_data /data xfs defaults,noatime,nodiratime,allocsize=64m 0 0
# 重新挂载
# mount -o remount /data
# 配置磁盘调度算法
# cat /sys/block/sda/queue/scheduler
[mq-deadline] none
# 对于SSD磁盘,建议使用none或mq-deadline
# echo none > /sys/block/sda/queue/scheduler
# 永久配置
# vi /etc/udev/rules.d/60-scheduler.rules
ACTION==”add|change”, KERNEL==”sda”, ATTR{queue/scheduler}=”none”
6.3 配置TMPFS
# df -h /dev/shm
Filesystem Size Used Avail Use% Mounted on
tmpfs 32G 0 32G 0% /dev/shm
# 配置TMPFS大小(建议设置为物理内存的50%-75%)
# vi /etc/fstab
tmpfs /dev/shm tmpfs defaults,size=48g 0 0
# 重新挂载TMPFS
# mount -o remount /dev/shm
# 验证配置
# df -h /dev/shm
Filesystem Size Used Avail Use% Mounted on
tmpfs 48G 0 48G 0% /dev/shm
7. 安全配置与防火墙
安全配置是系统管理的重要环节,需要合理配置防火墙和SELinux。学习交流加群风哥微信: itpux-com
7.1 配置防火墙
# systemctl status firewalld
● firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2026-04-04 10:00:00 CST; 1h ago
Docs: man:firewalld(1)
Main PID: 1234 (firewalld)
Tasks: 2 (limit: 63498)
Memory: 38.5M
CPU: 1.234s
CGroup: /system.slice/firewalld.service
└─1234 /usr/bin/python3 -s /usr/sbin/firewalld –nofork –nopid
# 查看当前防火墙规则
# firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
# 开放常用端口
# firewall-cmd –permanent –add-port=22/tcp
# firewall-cmd –permanent –add-port=80/tcp
# firewall-cmd –permanent –add-port=443/tcp
# firewall-cmd –permanent –add-port=1521/tcp
# firewall-cmd –permanent –add-port=3306/tcp
# 重新加载防火墙
# firewall-cmd –reload
success
# 验证端口开放
# firewall-cmd –list-ports
22/tcp 80/tcp 443/tcp 1521/tcp 3306/tcp
7.2 配置SELinux
# getenforce
Enforcing
# 查看SELinux详细信息
# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 33
# 临时关闭SELinux
# setenforce 0
# 永久关闭SELinux
# vi /etc/selinux/config
SELINUX=disabled
# 或设置为Permissive模式(仅记录不阻止)
SELINUX=permissive
# 需要重启系统使配置生效
# reboot
7.3 SSH安全配置
# vi /etc/ssh/sshd_config
# 禁用root登录
PermitRootLogin no
# 修改默认端口
Port 2222
# 禁用密码认证(建议使用密钥认证)
PasswordAuthentication no
# 限制登录用户
AllowUsers fgedu@192.168.1.0/24
# 配置登录超时
ClientAliveInterval 300
ClientAliveCountMax 2
# 重启SSH服务
# systemctl restart sshd
# 验证SSH配置
# sshd -t
8. 系统升级与迁移
系统升级和迁移是运维工作中的重要环节,需要谨慎操作。学习交流加群风哥QQ113257174
8.1 系统更新
# dnf check-update
# 更新所有软件包
# dnf update -y
# 输出示例:
Last metadata expiration check: 0:01:23 ago on Mon Apr 4 10:00:00 2026.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Upgrading:
kernel x86_64 5.14.0-427.20.1.el9_4 baseos 2.1 M
kernel-core x86_64 5.14.0-427.20.1.el9_4 baseos 15 M
kernel-modules x86_64 5.14.0-427.20.1.el9_4 baseos 35 M
systemd x86_64 252-23.el9_4 baseos 4.0 M
Transaction Summary
================================================================================
Upgrade 4 Packages
Total download size: 56 M
Downloading Packages:
(1/4): kernel-5.14.0-427.20.1.el9_4.x86_64.rpm 2.1 MB/s | 2.1 MB 00:01
…
Complete!
# 查看已安装的内核
# rpm -q kernel
kernel-5.14.0-427.13.1.el9_4.x86_64
kernel-5.14.0-427.20.1.el9_4.x86_64
# 清理旧内核(保留最近2个)
# dnf remove –oldinstallonly –setopt installonly_limit=2
8.2 从CentOS迁移到AlmaLinux
# curl -O https://raw.githubusercontent.com/AlmaLinux/almalinux-deploy/master/almalinux-deploy.sh
# 添加执行权限
# chmod +x almalinux-deploy.sh
# 运行迁移脚本
# ./almalinux-deploy.sh
# 输出示例:
Check root privileges OK
Check centos-8.x86_64 is supported OK
Download RPM-GPG-KEY-AlmaLinux OK
Import RPM-GPG-KEY-AlmaLinux to RPM DB OK
Download almalinux-release package OK
Verify almalinux-release package OK
…
Migration to AlmaLinux is completed
# 验证迁移结果
# cat /etc/almalinux-release
AlmaLinux release 9.4 (Seafoam Ocelot)
# 重启系统
# reboot
8.3 系统版本升级
# 安装升级工具
# dnf install -y leapp-upgrade
# 下载升级数据
# leapp preupgrade –target 9.4
# 查看升级报告
# cat /var/log/leapp/leapp-report.txt
# 执行升级
# leapp upgrade –target 9.4
# 重启进入升级过程
# reboot
# 验证升级结果
# cat /etc/almalinux-release
AlmaLinux release 9.4 (Seafoam Ocelot)
9. 生产环境实战案例
本节通过实际案例展示AlmaLinux在生产环境中的完整配置过程。更多学习教程公众号风哥教程itpux_com
9.1 案例:数据库服务器完整配置
主机名:fgedudb01.fgedu.net.cn
IP地址:192.168.1.51
内存:64GB
磁盘:500GB SSD
用途:Oracle数据库服务器
# 1. 配置主机名
# hostnamectl set-hostname fgedudb01.fgedu.net.cn
# 2. 配置网络
# nmcli connection modify eth0 ipv4.addresses 192.168.1.51/24
# nmcli connection modify eth0 ipv4.gateway 192.168.1.1
# nmcli connection modify eth0 ipv4.dns “192.168.1.1,8.8.8.8”
# nmcli connection modify eth0 ipv4.method manual
# nmcli connection up eth0
# 3. 配置内核参数
# cat > /etc/sysctl.d/99-oracle.conf << EOF
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmmax = 34359738368
kernel.shmall = 8388608
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
vm.swappiness = 10
vm.dirty_background_ratio = 5
vm.dirty_ratio = 10
vm.nr_hugepages = 20480
EOF
# sysctl -p /etc/sysctl.d/99-oracle.conf
# 4. 配置用户限制
# cat > /etc/security/limits.d/99-oracle.conf << EOF
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
oracle soft stack 10240
oracle hard stack 32768
oracle soft memlock 3145728
oracle hard memlock 3145728
EOF
# 5. 禁用透明大内存页和NUMA
# vi /etc/default/grub
GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never numa=off"
# grub2-mkconfig -o /boot/grub2/grub.cfg
# 6. 配置防火墙
# firewall-cmd --permanent --add-port=1521/tcp
# firewall-cmd --reload
# 7. 安装必要软件包
# dnf install -y oracle-database-preinstall-19c
# 8. 创建目录结构
# mkdir -p /data/oracle/app/oracle
# mkdir -p /backup/oracle
# chown -R oracle:oinstall /data/oracle
# chown -R oracle:oinstall /backup/oracle
# 9. 验证配置
# sysctl -a | grep -E "shmmax|shmall|sem"
kernel.sem = 250 32000 100 128
kernel.shmall = 8388608
kernel.shmmax = 34359738368
# grep HugePages /proc/meminfo
HugePages_Total: 20480
HugePages_Free: 20480
HugePages_Rsvd: 0
HugePages_Surp: 0
9.2 案例:Web服务器完整配置
主机名:fgeduweb01.fgedu.net.cn
IP地址:192.168.1.52
内存:16GB
磁盘:200GB SSD
用途:Nginx Web服务器
# 1. 安装Nginx
# dnf install -y nginx
# 2. 配置Nginx
# vi /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 65535;
use epoll;
multi_accept on;
}
http {
log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
‘$status $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
# 3. 启动Nginx
# systemctl enable nginx
# systemctl start nginx
# 4. 配置防火墙
# firewall-cmd –permanent –add-service=http
# firewall-cmd –permanent –add-service=https
# firewall-cmd –reload
# 5. 验证服务状态
# systemctl status nginx
● nginx.service – The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2026-04-04 10:00:00 CST; 5min ago
Process: 12345 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Process: 12346 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Main PID: 12347 (nginx)
Tasks: 3 (limit: 63498)
Memory: 5.2M
CPU: 50ms
CGroup: /system.slice/nginx.service
├─12347 “nginx: master process /usr/sbin/nginx”
├─12348 “nginx: worker process”
└─12349 “nginx: worker process”
# 6. 测试访问
# curl -I http://localhost
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 04 Apr 2026 02:00:00 GMT
Content-Type: text/html
Content-Length: 3510
Last-Modified: Mon, 04 Apr 2026 01:00:00 GMT
Connection: keep-alive
ETag: “66666666-6b6”
Accept-Ranges: bytes
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
联系我们
在线咨询:
微信号:itpux-com
工作日:9:30-18:30,节假日休息
