1. NetBSD概述与环境规划
NetBSD是一个免费、安全的类UNIX操作系统,以其出色的可移植性而闻名。NetBSD可以在从嵌入式设备到大型服务器的各种硬件平台上运行,是真正的跨平台操作系统。更多学习教程www.fgedu.net.cn
1.1 NetBSD版本说明
NetBSD采用定期发布模式,主要版本每年发布一次。本教程以NetBSD 10.0为例进行详细讲解。
# uname -a
NetBSD fgedudb01.fgedu.net.cn 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 28 10:00:00 UTC 2024 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
# 查看系统详细信息
# sysctl kern.version
kern.version = NetBSD 10.0 (GENERIC)
# 查看系统架构
# uname -m
amd64
1.2 环境规划
本次安装环境规划如下:
IP地址:192.168.1.51
网关:192.168.1.1
DNS:192.168.1.1
磁盘分区:
/ 50GB (根分区)
/home 100GB (用户主目录)
/data 500GB (数据分区)
/backup 300GB (备份分区)
swap 32GB (交换分区)
1.3 NetBSD特点
1. 可移植性:支持超过50种硬件平台
2. 代码清洁:注重代码质量和可读性
3. 兼容性:支持多种二进制模拟
4. 网络功能:完整的TCP/IP协议栈
5. 安全特性:内置安全机制
6. pkgsrc:跨平台包管理系统
2. 硬件环境要求与检查
在安装NetBSD之前,需要对服务器硬件环境进行全面检查。学习交流加群风哥微信: itpux-com
2.1 最低硬件要求
CPU:32位或64位处理器
内存:64MB
磁盘:1GB
推荐配置(生产环境):
CPU:8核心以上
内存:16GB以上
磁盘:500GB以上
网络:千兆网卡
2.2 硬件检查命令
# sysctl hw.model hw.ncpu hw.physmem
hw.model = Intel(R) Xeon(R) Gold 6248R CPU @ 3.00GHz
hw.ncpu = 32
hw.physmem = 67108864512
# 检查内存信息
# sysctl hw.usermem
hw.usermem = 65000000000
# 查看内存使用情况
# top -n | head -10
Memory: 62G Act, 2G Inact, 58G Free, 500M Wired, 32G Swap
PID USERNAME PRI NICE SIZE RES STATE TIME CPU COMMAND
1 root 10 0 656K 832K sleep/1 0:00 0.00% init
1234 root 10 0 1024K 1536K sleep/0 0:00 0.00% sshd
# 检查磁盘信息
# sysctl hw.disknames
hw.disknames = sd0 sd1
# 查看磁盘分区
# fdisk sd0
Disk: sd0
geometry: 60801/255/63 [976773168 Sectors]
Offset: 0 Signature: 0x0
Starting Ending LBA Info:
#: id C H S – C H S [ start: size ]
——————————————————————————-
0: 00 0 0 0 – 0 0 0 [ 0: 0 ] unused
1: 00 0 0 0 – 0 0 0 [ 0: 0 ] unused
2: 00 0 0 0 – 0 0 0 [ 0: 0 ] unused
*3: A9 0 1 1 – 60800 254 63 [ 64: 976768002 ] NetBSD
# 查看磁盘标签
# disklabel sd0
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: Virtual disk
duid: 1234567890abcdef
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 60801
total sectors: 976773168
16 partitions:
# size offset type
a 104857600 64 4.2BSD
b 33554432 104857664 swap
d 209715200 138412096 4.2BSD
e 524288000 348127296 4.2BSD
f 314572800 872415296 4.2BSD
# 检查网络接口
# ifconfig
re0: flags=8863
address: 00:0c:29:12:34:56
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.1.51 netmask 0xffffff00 broadcast 192.168.1.255
lo0: flags=8049
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
3. NetBSD系统安装步骤
本节详细介绍NetBSD 10.0的安装过程。学习交流加群风哥QQ113257174
3.1 下载NetBSD镜像
# wget https://cdn.netbsd.org/pub/NetBSD/NetBSD-10.0/amd64/NetBSD-10.0-amd64.iso
# 或使用国内镜像加速
# wget https://mirrors.tuna.tsinghua.edu.cn/netbsd/NetBSD-10.0/amd64/NetBSD-10.0-amd64.iso
# 验证ISO文件完整性
# sha256sum NetBSD-10.0-amd64.iso
abc123def456… NetBSD-10.0-amd64.iso
3.2 创建安装介质
# dd if=NetBSD-10.0-amd64.iso of=/dev/sdX bs=4M status=progress && sync
# 输出示例:
524288000 bytes (500 MB, 476 MiB) copied, 60 s, 8.7 MB/s
125+0 records in
125+0 records out
3.3 安装步骤
NetBSD安装程序是文本模式的交互式安装程序:
步骤1:启动安装程序 – 选择”Install NetBSD” – 按Enter键
步骤2:选择键盘布局 – 选择默认布局
步骤3:设置主机名 – 输入”fgedudb01″
步骤4:配置网络接口 – 选择网络接口并配置IP地址
步骤5:选择时区 – 选择”Asia/Shanghai”
步骤6:设置root密码 – 输入并确认密码
步骤7:磁盘分区 – 选择”Use entire disk”或”Custom”
步骤8:选择安装组件 – 选择需要的组件
步骤9:配置用户 – 创建普通用户
步骤10:完成安装 – 等待安装完成后重启
3.4 自动化安装配置文件
# vi install.cfg
# 添加以下内容
HOSTNAME=fgedudb01.fgedu.net.cn
IFCONFIG_RE0=”inet 192.168.1.51 netmask 255.255.255.0″
DEFROUTE=192.168.1.1
DNS_SERVER=192.168.1.1
TIMEZONE=Asia/Shanghai
ROOT_PW=$2b$12$encrypted_password_here
USER=admin
USER_PW=$2b$12$encrypted_password_here
DISK=sd0
PARTITION_STYLE=MBR
PARTITIONS=”/:50G swap:32G /home:100G /data:500G /backup:300G”
SETS=”base etc comp games man misc modules tests text xbase xcomp xetc xfont xserver”
# 使用自动应答文件安装
# sysinst -f install.cfg
3.5 初始系统配置
NetBSD 10.0 (GENERIC) #0: Thu Mar 28 10:00:00 UTC 2024
Welcome to NetBSD!
fgedudb01 login: root
Password:
# 更新系统
# sysupgrade -r
# 输出示例:
Checking for updates…
Fetching updates…
Installing updates…
System updated successfully.
# 更新软件包
# pkgin update
# 输出示例:
Reading local summary…
Processing local summary…
Reading remote summary…
Processing remote summary…
Database updated.
# 升级软件包
# pkgin upgrade
# 输出示例:
Calculating dependencies…
The following packages will be updated:
package1-1.2.3 -> package1-1.2.4
package2-4.5.6 -> package2-4.5.7
Proceed? [Y/n] y
Downloading packages…
Installing packages…
4. 网络配置与优化
网络配置是系统安装后的重要环节,NetBSD提供了完善的网络功能。更多学习教程公众号风哥教程itpux_com
4.1 配置网络接口
# ifconfig -a
# 配置静态IP地址
# vi /etc/ifconfig.re0
# 添加以下配置
inet 192.168.1.51 netmask 255.255.255.0 media autoselect
# 配置默认网关
# vi /etc/mygate
192.168.1.1
# 配置DNS
# vi /etc/resolv.conf
nameserver 192.168.1.1
nameserver 8.8.8.8
search fgedu.net.cn
# 启动网络接口
# /etc/rc.d/network restart
# 输出示例:
Stopping network.
Starting network.
re0: flags=8863
address: 00:0c:29:12:34:56
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 192.168.1.51 netmask 0xffffff00 broadcast 192.168.1.255
4.2 配置主机名
# hostname fgedudb01.fgedu.net.cn
# 永久配置
# vi /etc/myname
fgedudb01.fgedu.net.cn
# 配置hosts文件
# vi /etc/hosts
127.0.0.1 localhost
::1 localhost
192.168.1.51 fgedudb01.fgedu.net.cn fgedudb01
# 验证主机名
# hostname
fgedudb01.fgedu.net.cn
4.3 网络性能优化
# sysctl net.inet.tcp.sendspace net.inet.tcp.recvspace
net.inet.tcp.sendspace = 32768
net.inet.tcp.recvspace = 65536
# 增加TCP缓冲区
# sysctl -w net.inet.tcp.sendspace=262144
net.inet.tcp.sendspace: 32768 -> 262144
# sysctl -w net.inet.tcp.recvspace=262144
net.inet.tcp.recvspace: 65536 -> 262144
# 查看TCP队列长度
# sysctl net.inet.tcp.synqueued
net.inet.tcp.synqueued = 1024
# 增加TCP队列长度
# sysctl -w net.inet.tcp.synqueued=4096
# 永久配置
# vi /etc/sysctl.conf
net.inet.tcp.sendspace=262144
net.inet.tcp.recvspace=262144
net.inet.tcp.synqueued=4096
net.inet.tcp.ackqueued=4096
5. 内核参数配置
内核参数对系统性能和稳定性至关重要,NetBSD的内核参数配置相对简单。from:www.itpux.com
5.1 配置sysctl参数
# vi /etc/sysctl.conf
# 添加以下内核参数
# 文件描述符限制
kern.maxfiles=6815744
kern.maxfilesperproc=3276800
# 共享内存参数
kern.ipc.shmmax=34359738368
kern.ipc.shmall=8388608
kern.ipc.shmmni=4096
kern.ipc.shmseg=1024
# 信号量参数
kern.ipc.semmni=1024
kern.ipc.semmns=65536
kern.ipc.semmnu=1024
kern.ipc.semmsl=256
kern.ipc.semopm=128
# 网络参数
net.inet.tcp.sendspace=262144
net.inet.tcp.recvspace=262144
net.inet.udp.recvspace=262144
net.inet.ip.maxqueue=5000
# 安全参数
kern.nosuidcoredump=2
# sysctl -f /etc/sysctl.conf
# 输出示例:
kern.maxfiles: 6815744
kern.maxfilesperproc: 3276800
kern.ipc.shmmax: 34359738368
kern.ipc.shmall: 8388608
…
# 验证参数设置
# sysctl kern.maxfiles
kern.maxfiles = 6815744
# sysctl kern.ipc.shmmax
kern.ipc.shmmax = 34359738368
5.2 配置用户资源限制
# ulimit -a
time(cpu-seconds) unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 1572864
stack(kbytes) 8192
lockedmem(kbytes) 994944
memory(kbytes) 3979776
nofiles(descriptors) 1280
processes 256
# 编辑登录类配置
# vi /etc/login.conf
# 修改default登录类
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R7/bin /usr/pkg/bin /usr/pkg/sbin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=8G:\
:datasize-cur=4G:\
:maxproc-max=512:\
:maxproc-cur=256:\
:openfiles-cur=65535:\
:openfiles-max=65535:\
:stacksize-cur=64M:\
:tc=default-auth:
# 重建登录类数据库
# cap_mkdb /etc/login.conf
# 验证配置
# ulimit -n
65535
6. 存储配置与优化
存储配置直接影响系统性能,NetBSD使用FFS文件系统作为默认文件系统。更多学习教程www.fgedu.net.cn
6.1 磁盘分区管理
# disklabel sd0
# 输出示例:
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: Virtual disk
duid: 1234567890abcdef
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 60801
total sectors: 976773168
16 partitions:
# size offset type
a 104857600 64 4.2BSD # /
b 33554432 104857664 swap # swap
d 209715200 138412096 4.2BSD # /home
e 524288000 348127296 4.2BSD # /data
f 314572800 872415296 4.2BSD # /backup
# 创建新分区
# fdisk -i sd1
# 输出示例:
Do you want to initialize the MBR? [n] y
Writing MBR at offset 0.
# 创建磁盘标签
# disklabel -E sd1
# 输出示例:
Initial label editor (enter ‘?’ for help at any prompt)
sd1> a a
offset: [0]
size: [976773168] *
FS type: [4.2BSD]
sd1*> w
sd1> q
No label changes.
# 格式化文件系统
# newfs /dev/rsd1a
# 输出示例:
/dev/rsd1a: 476940.0MB in 976773168 sectors of 512 bytes
244 cylinder groups of 1953.38MB, 125016 blocks, 250016 inodes each
super-block backups (for fsck -b #) at:
32, 4002080, 8004128, 12006176, 16008224, 20010272, 24012320, 28014368,
…
# 挂载文件系统
# mkdir /data2
# mount /dev/sd1a /data2
# 配置开机自动挂载
# vi /etc/fstab
/dev/sd1a /data2 ffs rw,noatime 0 2
6.2 RAID配置
# raidctl -C /etc/raid0.conf raid0
# RAID配置文件
# vi /etc/raid0.conf
START array
1 2 0
START disks
/dev/sd1a
/dev/sd2a
START layout
128 1 1 0
START queue
fifo 100
# 初始化RAID
# raidctl -I 123456 raid0
# raidctl -iv raid0
# 输出示例:
Initiating rebuild on raid0
Rebuild initiated on raid0
# 查看RAID状态
# raidctl -s raid0
# 输出示例:
Components:
/dev/sd1a: optimal
/dev/sd2a: optimal
No spares.
Parity status: clean
Rebuild status: 100% completed
6.3 文件系统优化
# dumpfs / | head -20
magic 19540130 (FFSv2)
time Thu Mar 28 10:00:00 2024
sblkno 32
cblkno 40
iblkno 48
dblkno 56
sbsize 2048
cgsize 2048
ncg 244
size 104857600
blocks 102400000
bsize 16384
fsize 2048
frag 8
shift 14
fsbtodb 3
minfree 5%
maxbpg 1024
# 查看文件系统使用情况
# df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/sd0a 48.8G 2.5G 44.0G 5% /
/dev/sd0d 97.7G 1.0G 91.5G 1% /home
/dev/sd0e 244.1G 10.0G 221.5G 4% /data
/dev/sd0f 146.5G 5.0G 133.8G 4% /backup
# 查看磁盘I/O性能
# iostat 1 5
tin tout us ni sy in
0 0 2.5 0.0 1.2 0.1
0 0 2.0 0.0 1.0 0.1
0 0 2.2 0.0 1.1 0.1
0 0 2.1 0.0 1.0 0.1
0 0 2.3 0.0 1.2 0.1
7. 安全配置与防火墙
安全配置是生产环境的重要环节,NetBSD提供了多种安全机制。学习交流加群风哥微信: itpux-com
7.1 配置NPF防火墙
# vi /etc/rc.conf
npf=YES
# 创建NPF规则文件
# vi /etc/npf.conf
# 添加以下规则
# 定义变量
$ext_if = “re0”
$tcp_services = { 22, 80, 443, 3306, 5432 }
$udp_services = { 53 }
# 默认策略
set bpf.jit off
set bpf.optimize on
# 规范化数据包
procedure “norm” {
normalize: “random-id”, “min-ttl” 64, “max-mss” 1432
}
# 过滤规则
group default {
pass final on lo0 all
block in final on $ext_if all
pass out final on $ext_if all
pass in final on $ext_if proto tcp from any to any port 22
pass in final on $ext_if proto tcp from any to any port { 80, 443 }
pass in final on $ext_if proto tcp from 192.168.1.0/24 to any port { 3306, 5432 }
pass in final on $ext_if proto udp from any to any port 53
pass in final on $ext_if inet proto icmp all icmp-type echoreq
}
# 启动NPF
# /etc/rc.d/npf restart
# 检查NPF状态
# npfctl show
# 输出示例:
# filtering: active
# config:
$ext_if = “re0”
$tcp_services = { 22, 80, 443, 3306, 5432 }
…
7.2 配置SSH安全
# vi /etc/ssh/sshd_config
# 修改以下配置
Port 22
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
PermitEmptyPasswords no
MaxAuthTries 3
ClientAliveInterval 300
ClientAliveCountMax 2
AllowUsers admin@192.168.1.0/24
# 重启SSH服务
# /etc/rc.d/sshd restart
# 输出示例:
Stopping sshd.
Starting sshd.
# 验证SSH配置
# sshd -t
# 查看SSH服务状态
# /etc/rc.d/sshd status
sshd is running as pid 12345.
7.3 配置系统安全
# vi /etc/rc.conf
securelevel=1
# 安全级别说明:
# -1: 永久不安全模式
# 0: 不安全模式(默认)
# 1: 安全模式(不能清除文件标志等)
# 2: 高度安全模式
# 配置文件标志
# 设置不可变标志
# chflags schg /etc/rc.conf
# chflags schg /etc/npf.conf
# 查看文件标志
# ls -lo /etc/rc.conf
-rw-r–r– 1 root wheel schg 1234 Mar 28 10:00 /etc/rc.conf
# 清除文件标志
# chflags noschg /etc/rc.conf
8. 系统升级与迁移
系统升级和迁移是运维工作中的重要环节,NetBSD提供了便捷的升级工具。更多学习教程公众号风哥教程itpux_com
8.1 系统版本升级
# sysupgrade -r
# 输出示例:
Checking for updates…
Fetching updates from https://cdn.netbsd.org/pub/NetBSD/NetBSD-10.0/amd64/
Downloading kernel…
Downloading base sets…
Installing updates…
System upgraded successfully.
Reboot to complete the upgrade.
# 跨版本升级
# sysupgrade -r -s 10.1
# 输出示例:
Checking for updates…
Fetching updates from https://cdn.netbsd.org/pub/NetBSD/NetBSD-10.1/amd64/
Downloading kernel…
Downloading base sets…
Installing updates…
Running etcupdate to merge configuration files…
System upgraded successfully.
Reboot to complete the upgrade.
# 重启后完成升级
# reboot
# 升级后清理
# etcupdate
# postinstall fix
8.2 软件包升级
# pkgin update
# 输出示例:
Reading local summary…
Processing local summary…
Reading remote summary…
Processing remote summary…
Database updated.
# 升级所有软件包
# pkgin upgrade
# 输出示例:
Calculating dependencies…
The following packages will be updated:
package1-1.2.3 -> package1-1.2.4
package2-4.5.6 -> package2-4.5.7
Proceed? [Y/n] y
Downloading packages…
Installing packages…
# 安装新软件包
# pkgin install nginx
# 输出示例:
Calculating dependencies…
The following packages will be installed:
nginx-1.24.0
Proceed? [Y/n] y
Downloading nginx-1.24.0…
Installing nginx-1.24.0…
# 查看已安装软件包
# pkgin list
# 输出示例:
nginx-1.24.0 high performance HTTP server
curl-8.6.0 get files from FTP, HTTP or Gopher servers
vim-9.1.0 vi clone, many additional features
8.3 系统迁移
# 在源系统备份
# dump -0uan -f – / | gzip > /backup/root.dump.gz
# 输出示例:
DUMP: Date of this level 0 dump: Thu Mar 28 10:00:00 2024
DUMP: Dumping /dev/rsd0a (/) to standard output
DUMP: mapping (Pass I) [regular files]
DUMP: mapping (Pass II) [directories]
DUMP: estimated 102400 tape blocks.
DUMP: dumping (Pass III) [directories]
DUMP: dumping (Pass IV) [regular files]
DUMP: DUMP: 102400 tape blocks
DUMP: finished in 60 seconds, throughput 1706 KBytes/sec
# 在目标系统恢复
# cd /target
# gzcat /backup/root.dump.gz | restore -rf –
# 使用rsync迁移数据
# pkgin install rsync
# rsync -avz –progress /data/ target-server:/data/
# 输出示例:
sending incremental file list
./
file1.txt
file2.txt
dir1/
dir1/file3.txt
sent 1.5G bytes received 12.3K bytes 25.6M bytes/sec
total size is 50.0G speedup is 33.33
9. 生产环境实战案例
本节提供一个完整的生产环境配置案例,帮助读者更好地理解NetBSD的实际应用。from:www.itpux.com
9.1 数据库服务器配置案例
主机名:fgedudb01.fgedu.net.cn
IP地址:192.168.1.51
内存:32GB
磁盘:500GB
用途:PostgreSQL数据库服务器
# 1. 配置内核参数
# vi /etc/sysctl.conf
kern.maxfiles=6815744
kern.maxfilesperproc=3276800
kern.ipc.shmmax=17179869184
kern.ipc.shmall=4194304
kern.ipc.semmni=1024
kern.ipc.semmns=65536
# 使配置生效
# sysctl -f /etc/sysctl.conf
# 2. 配置用户资源限制
# vi /etc/login.conf
postgres:\
:datasize-max=16G:\
:datasize-cur=8G:\
:openfiles-cur=65535:\
:openfiles-max=65535:\
:maxproc-max=512:\
:maxproc-cur=256:\
:tc=default:
# 重建登录类数据库
# cap_mkdb /etc/login.conf
# 3. 安装PostgreSQL
# pkgin install postgresql16-server
# 输出示例:
Calculating dependencies…
The following packages will be installed:
postgresql16-server-16.2
Proceed? [Y/n] y
Downloading postgresql16-server-16.2…
Installing postgresql16-server-16.2…
# 4. 初始化数据库
# su – postgres
$ initdb -D /var/pgdata
# 输出示例:
The files belonging to this database system will be owned by user “postgres”.
This user must also own the server process.
The database cluster will be initialized with locale “C”.
The default text search configuration will be set to “english”.
Data page checksums are disabled.
creating directory /var/pgdata … ok
creating subdirectories … ok
selecting dynamic shared memory implementation … posix
selecting default max_connections … 100
selecting default shared_buffers … 128MB
selecting default time zone … Asia/Shanghai
creating configuration files … ok
running bootstrap script … ok
performing post-bootstrap initialization … ok
syncing data to disk … ok
# 5. 启动PostgreSQL服务
# cp /usr/pkg/share/examples/rc.d/postgresql /etc/rc.d/
# echo “postgresql=YES” >> /etc/rc.conf
# /etc/rc.d/postgresql start
# 输出示例:
postgresql starting.
2024-03-28 10:00:00.000 CST [12345] LOG: starting PostgreSQL 16.2 on x86_64–netbsd
2024-03-28 10:00:00.000 CST [12345] LOG: listening on IPv4 address “127.0.0.1”, port 5432
2024-03-28 10:00:00.000 CST [12345] LOG: database system is ready to accept connections
# 6. 配置NPF防火墙
# vi /etc/npf.conf
pass in final on $ext_if proto tcp from 192.168.1.0/24 to any port 5432
# 重载NPF规则
# npfctl reload
9.2 Web服务器配置案例
主机名:fgeduweb01.fgedu.net.cn
IP地址:192.168.1.52
内存:16GB
磁盘:200GB
用途:Nginx Web服务器
# 1. 安装Nginx
# pkgin install nginx
# 输出示例:
Calculating dependencies…
The following packages will be installed:
nginx-1.24.0
Proceed? [Y/n] y
Downloading nginx-1.24.0…
Installing nginx-1.24.0…
# 2. 配置Nginx
# vi /usr/pkg/etc/nginx/nginx.conf
# 添加以下配置
worker_processes auto;
worker_rlimit_nofile 65535;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root /usr/pkg/share/nginx/html;
index index.html index.htm;
}
}
}
# 3. 启动Nginx服务
# cp /usr/pkg/share/examples/rc.d/nginx /etc/rc.d/
# echo “nginx=YES” >> /etc/rc.conf
# /etc/rc.d/nginx start
# 输出示例:
nginx starting.
# 4. 配置NPF防火墙
# vi /etc/npf.conf
pass in final on $ext_if proto tcp from any to any port { 80, 443 }
# 重载NPF规则
# npfctl reload
9.3 系统监控配置
# pkgin install node_exporter
# 输出示例:
Calculating dependencies…
The following packages will be installed:
node_exporter-1.7.0
Proceed? [Y/n] y
Downloading node_exporter-1.7.0…
Installing node_exporter-1.7.0…
# 配置node_exporter
# cp /usr/pkg/share/examples/rc.d/node_exporter /etc/rc.d/
# echo “node_exporter=YES” >> /etc/rc.conf
# /etc/rc.d/node_exporter start
# 输出示例:
node_exporter starting.
# 查看系统性能
# top -n | head -15
Memory: 30G Act, 2G Inact, 28G Free, 500M Wired, 32G Swap
PID USERNAME PRI NICE SIZE RES STATE TIME CPU COMMAND
1 root 10 0 656K 832K sleep/1 0:00 0.00% init
1234 root 10 0 1024K 1536K sleep/0 0:00 0.00% sshd
5678 nginx 2 0 1280K 1792K sleep/0 0:00 0.00% nginx
# 查看系统日志
# tail -f /var/log/messages
Mar 28 10:00:00 fgedudb01 sshd[1234]: Accepted publickey for admin from 192.168.1.100 port 54321 ssh2
Mar 28 10:05:00 fgedudb01 postfix/smtp[5678]: connect to mail.example.com[192.168.1.200]:25: Connection refused
9.4 系统备份配置
# mkdir -p /backup/{system,database}
# 创建系统备份脚本
# vi /backup/system_backup.sh
#!/bin/sh
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR=”/backup/system”
# 备份系统配置
tar -czf ${BACKUP_DIR}/etc_${DATE}.tar.gz /etc
# 备份已安装软件包列表
pkgin list > ${BACKUP_DIR}/packages_${DATE}.txt
# 备份用户信息
tar -czf ${BACKUP_DIR}/home_${DATE}.tar.gz /home
# 使用dump备份根文件系统
dump -0uan -f ${BACKUP_DIR}/root_${DATE}.dump /
# 清理30天前的备份
find ${BACKUP_DIR} -type f -mtime +30 -delete
echo “System backup completed at $(date)”
# 设置脚本权限
# chmod +x /backup/system_backup.sh
# 配置定时任务
# crontab -e
0 2 * * * /backup/system_backup.sh >> /var/log/backup.log 2>&1
# 验证定时任务
# crontab -l
0 2 * * * /backup/system_backup.sh >> /var/log/backup.log 2>&1
# 手动执行备份测试
# /backup/system_backup.sh
# 输出示例:
DUMP: Date of this level 0 dump: Thu Mar 28 02:00:00 2024
DUMP: Dumping /dev/rsd0a (/) to /backup/system/root_20260404_020000.dump
DUMP: mapping (Pass I) [regular files]
DUMP: mapping (Pass II) [directories]
DUMP: estimated 102400 tape blocks.
DUMP: dumping (Pass III) [directories]
DUMP: dumping (Pass IV) [regular files]
DUMP: DUMP: 102400 tape blocks
DUMP: finished in 60 seconds, throughput 1706 KBytes/sec
System backup completed at Thu Mar 28 02:05:00 CST 2024
# 验证备份文件
# ls -lh /backup/system/
total 5.2M
-rw-r–r– 1 root root 1.2M Mar 28 02:00 etc_20260404_020000.tar.gz
-rw-r–r– 1 root root 12K Mar 28 02:00 packages_20260404_020000.txt
-rw-r–r– 1 root root 4.0M Mar 28 02:00 home_20260404_020000.tar.gz
-rw-r–r– 1 root root 50M Mar 28 02:05 root_20260404_020000.dump
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
联系我们
在线咨询:
微信号:itpux-com
工作日:9:30-18:30,节假日休息
