1. 系统启动管理
Linux系统的启动过程包括BIOS/UEFI初始化、引导加载、内核启动和系统初始化等阶段。更多学习教程www.fgedu.net.cn
# systemctl list-unit-files –type=service | grep enabled
# 配置GRUB引导
# vi /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT=”console”
GRUB_CMDLINE_LINUX=”crashkernel=auto rd.lvm.lv=ol/root rd.lvm.lv=ol/swap rhgb quiet”
GRUB_DISABLE_RECOVERY=”true”
# 更新GRUB配置
# grub2-mkconfig -o /boot/grub2/grub.cfg
# 查看启动日志
# journalctl -b
# 分析启动时间
# systemd-analyze
Startup finished in 1.564s (kernel) + 3.245s (initrd) + 10.321s (userspace) = 15.130s
# 查看启动过程中的服务
# systemd-analyze blame
5.234s network.service
2.156s firewalld.service
1.876s sshd.service
# 查看启动依赖图
# systemd-analyze plot > boot.svg
2. systemd服务管理
systemd是现代Linux系统的初始化系统和服务管理器,负责管理系统服务的启动和运行。学习交流加群风哥微信: itpux-com
# systemctl status sshd
● sshd.service – OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2026-03-30 10:00:00 CST; 1h ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1234 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 1234 (sshd)
Tasks: 1
CGroup: /system.slice/sshd.service
└─1234 /usr/sbin/sshd -D
# 启动服务
# systemctl start sshd
# 停止服务
# systemctl stop sshd
# 重启服务
# systemctl restart sshd
# 启用服务(开机自启)
# systemctl enable sshd
# 禁用服务
# systemctl disable sshd
# 查看服务依赖
# systemctl list-dependencies sshd
# 创建自定义服务
# vi /etc/systemd/system/myapp.service
[Unit]
Description=My Application
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/myapp
Restart=always
[Install]
WantedBy=multi-user.target
# 重新加载服务配置
# systemctl daemon-reload
# systemctl start myapp.service
3. 网络高级配置
网络配置是Linux系统管理的重要组成部分,需要正确配置网络接口、路由和防火墙等。
# ip addr
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0:
link/ether 00:50:56:8b:12:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
# 配置网络接口
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=550e8400-e29b-41d4-a716-446655440000
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=8.8.4.4
# 重启网络服务
# systemctl restart network
# 查看路由表
# ip route
default via 192.168.1.1 dev eth0 proto static metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100 metric 100
# 添加静态路由
# ip route add 10.0.0.0/8 via 192.168.1.254 dev eth0
# 配置网络命名空间
# ip netns add test
# ip link add veth0 type veth peer name veth1
# ip link set veth1 netns test
# ip addr add 10.0.0.1/24 dev veth0
# ip netns exec test ip addr add 10.0.0.2/24 dev veth1
# ip link set veth0 up
# ip netns exec test ip link set veth1 up
4. 存储管理与LVM
存储管理是Linux系统管理的重要组成部分,包括磁盘分区、文件系统管理和LVM逻辑卷管理等。学习交流加群风哥QQ113257174
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 500G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 499G 0 part
├─ol-root 253:0 0 50G 0 lvm /
├─ol-swap 253:1 0 32G 0 lvm [SWAP]
└─ol-home 253:2 0 417G 0 lvm /home
# 分区管理
# fdisk /dev/sdb
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1): 1
First sector (2048-209715199, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-209715199, default 209715199): +100G
Command (m for help): w
The partition table has been altered!
# 创建物理卷
# pvcreate /dev/sdb1
Physical volume “/dev/sdb1” successfully created.
# 创建卷组
# vgcreate vgdata /dev/sdb1
Volume group “vgdata” successfully created
# 创建逻辑卷
# lvcreate -L 50G -n lvdata vgdata
Logical volume “lvdata” created.
# 格式化逻辑卷
# mkfs.xfs /dev/vgdata/lvdata
# 挂载逻辑卷
# mkdir /data
# mount /dev/vgdata/lvdata /data
# 添加到/etc/fstab
# vi /etc/fstab
/dev/mapper/vgdata-lvdata /data xfs defaults 0 0
# 扩展逻辑卷
# lvextend -L +50G /dev/vgdata/lvdata
# xfs_growfs /dev/vgdata/lvdata
5. 安全管理与SELinux
安全管理是Linux系统管理的重要组成部分,包括用户权限管理、防火墙配置和SELinux配置等。更多学习教程公众号风哥教程itpux_com
# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Memory protection checking: actual (secure)
Max kernel policy version: 31
# 临时修改SELinux模式
# setenforce 0 # 改为permissive模式
# setenforce 1 # 改为enforcing模式
# 永久修改SELinux模式
# vi /etc/selinux/config
SELINUX=enforcing
# 管理SELinux上下文
# ls -Z /var/www/html
-rw-r–r–. root root system_u:object_r:httpd_sys_content_t:s0 index.html
# 修改SELinux上下文
# chcon -t httpd_sys_content_t /var/www/html/file.html
# 查看SELinux布尔值
# getsebool -a | grep httpd
httpd_anon_write –> off
httpd_builtin_scripting –> on
httpd_can_check_spam –> off
# 修改SELinux布尔值
# setsebool -P httpd_can_network_connect on
# 查看SELinux日志
# ausearch -m AVC,USER_AVC -ts recent
6. 系统监控与性能分析
系统监控是Linux系统管理的重要组成部分,可以及时发现和解决系统问题。
# top
top – 10:30:00 up 10 days, 2:00, 2 users, load average: 0.50, 0.60, 0.70
Tasks: 200 total, 1 running, 199 sleeping, 0 stopped, 0 zombie
%Cpu(s): 5.0 us, 2.0 sy, 0.0 ni, 92.5 id, 0.5 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 63972.4 total, 60123.4 free, 1536.0 used, 2313.0 buff/cache
MiB Swap: 32768.0 total, 32768.0 free, 0.0 used. 62345.6 avail Mem
# 查看系统资源使用情况
# sar -u 1 5
Linux 5.4.17-2136.302.7.2.el7uek.x86_64 (fgedu.net.cn) 2026-03-30 _x86_64_ (32 CPU)
10:30:00 AM CPU %user %nice %system %iowait %steal %idle
10:30:01 AM all 5.00 0.00 2.00 0.50 0.00 92.50
10:30:02 AM all 5.20 0.00 2.10 0.40 0.00 92.30
10:30:03 AM all 4.80 0.00 1.90 0.60 0.00 92.70
10:30:04 AM all 5.10 0.00 2.00 0.50 0.00 92.40
10:30:05 AM all 4.90 0.00 1.95 0.55 0.00 92.60
# 监控磁盘I/O
# iostat -x 1 5
# 监控网络流量
# netstat -tuln
# 查看进程占用资源
# ps aux –sort=-%cpu | head -10
# 监控系统日志
# journalctl -f
# 安装和配置Prometheus
# wget https://github.com/prometheus/prometheus/releases/download/v2.30.3/prometheus-2.30.3.linux-amd64.tar.gz
# tar -xzf prometheus-2.30.3.linux-amd64.tar.gz
# cd prometheus-2.30.3.linux-amd64
# ./prometheus –config.file=prometheus.yml
7. 自动化脚本与工具
自动化脚本可以提高系统管理的效率,减少人工操作的错误。author:www.itpux.com
# 系统备份脚本
#!/bin/bash
# 定义变量
BACKUP_DIR=”/backup”
DATE=$(date +”%Y-%m-%d”)
SERVER_NAME=$(hostname)
# 创建备份目录
mkdir -p $BACKUP_DIR/$DATE
# 备份重要文件
tar -czf $BACKUP_DIR/$DATE/etc_backup.tar.gz /etc
tar -czf $BACKUP_DIR/$DATE/home_backup.tar.gz /home
# 备份数据库
if [ -f /usr/bin/mysql ]; then
mysqldump -u root -p –all-databases > $BACKUP_DIR/$DATE/mysql_backup.sql
fi
# 清理过期备份
find $BACKUP_DIR -type d -mtime +7 -exec rm -rf {} \;
echo “Backup completed successfully!”
# 系统检查脚本
#!/bin/bash
echo “=== System Check Report ===”
echo “Date: $(date)”
echo “Hostname: $(hostname)”
echo “”
echo “=== Disk Usage ===”
df -h
echo “”
echo “=== Memory Usage ===”
free -h
echo “”
echo “=== CPU Usage ===”
top -b -n 1 | head -20
echo “”
echo “=== Network Status ===”
ip addr
echo “”
echo “=== System Load ===”
uptime
# 批量管理脚本
#!/bin/bash
# 服务器列表
SERVERS=(“server01” “server02” “server03”)
# 执行命令
for server in “${SERVERS[@]}”; do
echo “=== $server ===”
ssh $server “$1”
done
8. 容器管理与Docker
容器技术是现代应用部署的重要方式,Docker是最流行的容器平台之一。
# yum install -y docker
# systemctl start docker
# systemctl enable docker
# 查看Docker状态
# docker info
# 拉取镜像
# docker pull nginx
# docker pull mysql:5.7
# 运行容器
# docker run -d –name nginx -p 80:80 nginx
# docker run -d –name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=P@ssw0rd mysql:5.7
# 查看容器状态
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1234567890ab nginx “/docker-entrypoint.…” 5 minutes ago Up 5 minutes 0.0.0.0:80->80/tcp nginx
234567890abc mysql:5.7 “docker-entrypoint.s…” 10 minutes ago Up 10 minutes 0.0.0.0:3306->3306/tcp mysql
# 进入容器
# docker exec -it nginx bash
# 查看容器日志
# docker logs nginx
# 停止容器
# docker stop nginx
# 启动容器
# docker start nginx
# 构建自定义镜像
# vi Dockerfile
FROM centos:7
RUN yum install -y httpd
COPY index.html /var/www/html/
EXPOSE 80
CMD [“/usr/sbin/httpd”, “-D”, “FOREGROUND”]
# 构建镜像
# docker build -t myhttpd .
# 运行自定义镜像
# docker run -d –name myhttpd -p 8080:80 myhttpd
9. 系统升级与迁移
系统升级和迁移是Linux系统管理的重要任务,需要谨慎操作以确保系统的稳定性。
# yum update -y
# 系统升级
# yum upgrade -y
# 升级到新版本
# yum install -y centos-release-stream
# dnf system-upgrade download –releasever=8
# dnf system-upgrade reboot
# 系统备份
# tar -czf /backup/system_backup.tar.gz /etc /home /var/www
# 系统迁移
# 使用rsync进行文件同步
# rsync -avz –progress /source/ user@destination:/destination/
# 迁移系统到新硬盘
# 1. 分区新硬盘
# fdisk /dev/sdb
# 2. 创建文件系统
# mkfs.xfs /dev/sdb1
# 3. 挂载新硬盘
# mount /dev/sdb1 /mnt
# 4. 同步系统文件
# rsync -avz –exclude=/proc –exclude=/sys –exclude=/dev –exclude=/tmp –exclude=/mnt / /mnt/
# 5. 配置启动
# grub2-install /dev/sdb
# chroot /mnt
# grub2-mkconfig -o /boot/grub2/grub.cfg
# exit
# 6. 修改/etc/fstab
# vi /mnt/etc/fstab
/dev/sdb1 / xfs defaults 0 0
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
