Ubuntu系统部署后优化-网络配置
Ubuntu系统配置调整
前期准备
#更改主机名,重启后不变
hostnamectl set-hostname Zabbix-Server01
#更改主机名,重启后变回从前
hostname Zabbix-Server01
#手动主机重命名(改名之后需要重启)
vim /etc/hostname
#再把/etc/hosts下127.0.0.1的名称改成hostname的名称(此步骤其实不用操作,重启后即可根据hostname变化)
vim /etc/hosts最小化安装后,root没有密码,基础组件没有
#首先应该设置root密码
sudo passwd root
#安装vim
sudo apt-get install vim
#查看磁盘空间
df -h
fdisk -l
#查看端口号
ss -tulpn | grep 8080
#查看端口号2
netstat -tulpn | grep 8080
#查看进程号
ps -ef | grep mysql
1、修改ip地址
关于NetworkManager停用并启用systemd-networkd的方法:相关阅读
#首先,运行以下命令以禁用NetworkManager
sudo systemctl stop NetworkManager
sudo systemctl disable NetworkManager
sudo systemctl mask NetworkManager
#接下来,启动并启用systemd-networkd:
sudo systemctl unmask systemd-networkd.service
sudo systemctl enable systemd-networkd.service
sudo systemctl start systemd-networkd.service遇到问题的时候,需要使用systemctl mask来禁用服务:相关阅读
修改IP的配置文件
sudo vi/etc/netplan/00-installer-config.yam我们第一次打开时看到的是这样的:
#This is the network config written by 'subiquity'
network:
ethernets:
ens33:
dhcp4: true
version: 2然后按i输入以下内容。设置为静态IP,以及IP地址,dns,网关
network:
version: 2
ethernets:
ens33:
dhcp4: no
addresses: [10.0.0.2/24]
gateway4: 10.0.0.1
nameservers:
addresses: [123.150.150.150,219.150.32.132]如果你遇到高版本的systemd-networkd服务,还会遇到如下报错:
“gateway4 has been deprecated, use default routes instead. See the 'Default routes' section of the documentation for more details.”
翻译:“gateway4”已经被弃用,请改用默认路由。有关详细信息,请参阅文档的“默认路由”部分。
这时,你就要用routes语法了,如下:(0.0.0.0/0还可以替换成default写法也是正确的)
# This is the network config written by 'subiquity'
network:
ethernets:
ens160:
dhcp4: no
addresses: [10.10.8.201/24]
routes:
- to: 0.0.0.0/0
via: 10.10.8.254
nameservers:
addresses: [123.150.150.150,219.150.32.132]
version: 2还可以编写多个网卡例如:配置eno1和eno2
如果你有两块网卡(例如eno1和eno2),并且希望在这两个网口中设置不同的静态IP地址,并且各自拥有默认路由,您需要在Netplan配置中分别为它们配置静态地址和路由。不过,通常一个系统只会有一个默认路由以避免路由冲突。如果您确实需要两块网卡都有出站流量的能力,可以为每块网卡配置特定的路由,但只有一个会被视为默认路由。这里,我将展示如何为两块网卡配置静态IP,并为其中一个网口设置默认路由,另一个网卡只能添加特定的路由规则(非默认路由,网络里叫做明细路由)。
假设让eno1处理常规互联网流量(默认路由),而eno2用于特定网络或备份路径,可以这样配置:
network:
version: 2
renderer: networkd
ethernets:
eno1:
dhcp4: no
addresses: [10.10.8.10/24]
gateway4: 10.10.8.1 # 设置eno1为默认路由
nameservers:
addresses: [8.8.8.8, 8.8.4.4]
eno2:
dhcp4: no
addresses: [192.168.1.10/24]
routes:
- to: 192.168.2.0/24 # 为eno2添加特定网络路由
via: 192.168.1.1 # 假设这是通往特定网络的下一跳
nameservers:
addresses: [8.8.8.8, 8.8.4.4]在这个配置中,eno1配置了默认路由,处理所有未指定的出站流量。而eno2则配置了一个特定的路由规则,用于到达192.168.2.0/24这个网络。请注意,除非有特殊需求,否则通常只设置一个默认路由以避免路由混乱。
如果你需要配置多个明细路由,你需要这样写
eno2:
dhcp4: no
addresses: [192.168.1.10/24]
routes:
- to: 192.168.2.0/24 # 第一条路由规则
via: 192.168.1.1 # 对应第一条路由的目的网络下一跳地址
- to: 192.168.3.0/24 # 第二条路由规则
via: 192.168.1.1 # 对应第二条路由的目的网络下一跳地址
nameservers:
addresses: [8.8.8.8, 8.8.4.4]网卡修改成功后,应用网络配置
sudo netplan apply
systemctl restart systemd-networkd.service
2、修改时区
sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date -R3、配置ssh登录
#安装ssh服务器
sudo apt install openssh-server
#修改ssh的配置文件
vi /etc/ssh/sshd_config
把这个
#PermitRootLogin prohibit-password
修改成
PermitRootLogin yes
重启ssh
systemctl restart ssh.service4、更换阿里源以 Ubuntu 22.04版本为例
备份配置文件后,直接编辑vim /etc/apt/sources.list,
cp /etc/apt/sources.list{,.bak}
vim /etc/apt/sources.list把内容替换如下:
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb https://mirrors.aliyun.com/ubuntu/ jammy main restricted
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb https://mirrors.aliyun.com/ubuntu/ jammy universe
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy universe
deb https://mirrors.aliyun.com/ubuntu/ jammy-updates universe
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb https://mirrors.aliyun.com/ubuntu/ jammy multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy multiverse
deb https://mirrors.aliyun.com/ubuntu/ jammy-updates multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security main restricted
deb http://security.ubuntu.com/ubuntu/ jammy-security universe
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security universe
deb http://security.ubuntu.com/ubuntu/ jammy-security multiverse
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security multiverse配置完成后,wq保存、执行更新,更新后重启
sudo apt update && sudo apt upgrade -y
reboot4、系统优化
#修改文件描述符和进程数
sudo sed -i '/^# End of file/,$d' /etc/security/limits.conf
sudo sh -c "cat >> /etc/security/limits.conf <<EOF
# End of file
root - nproc 512000
* - nproc 512000
root - nofile 512000
* - nofile 512000
EOF"
#软件源替换成阿里云的写法
sudo sed -i.bak 's/http:\/\/.*.ubuntu.com/http:\/\/mirrors.aliyun.com/g' /etc/apt/sources.list
#更新
sudo apt update && sudo apt upgrade -y
#重启
reboot
