LVM 逻辑卷管理与磁盘配额
目录
1. 添加磁盘
虚拟机关机状态添加
启动查看磁盘
fdisk -l
未识别执行以下命令:其实这条命令会重新扫描scsi主机并更新信息,在不关机的情况下让系统识别新加的磁盘。
echo "- - -" > /sys/class/scsi_host/host0/scan
再次查看
[root@c7-1 ~]#fdisk -l
磁盘 /dev/sda:107.4 GB, 107374182400 字节,209715200 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
磁盘标签类型:dos
磁盘标识符:0x000aaa47
设备 Boot Start End Blocks Id System
/dev/sda1 * 2048 2099199 1048576 83 Linux
/dev/sda2 2099200 106956799 52428800 83 Linux
/dev/sda3 106956800 115345407 4194304 82 Linux swap / Solaris
/dev/sda4 115345408 209715199 47184896 5 Extended
/dev/sda5 115347456 207622143 46137344 83 Linux
磁盘 /dev/sdb:53.7 GB, 53687091200 字节,104857600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
2. 对 /dev/sdb 进行快速分区
echo -e "n\np\n1\n\n\nt\n1\n8e\nw\n" |fdisk /dev/sdb
partprobe /dev/sdb
# ------------------------------------------------------
[root@c7-1 ~]#fdisk -l
......
磁盘 /dev/sdb:53.7 GB, 53687091200 字节,104857600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
磁盘标签类型:dos
磁盘标识符:0x117f3034
设备 Boot Start End Blocks Id System
/dev/sdb1 2048 104857599 52427776 1 FAT12
3. 使用 sdb1 创建 pv
pvcreate /dev/sdb1
#----------------------------------
[root@c7-1 ~]#pvscan
PV /dev/sdb1 lvm2 [<50.00 GiB]
Total: 1 [<50.00 GiB] / in use: 0 [0 ] / in no VG: 1 [<50.00 GiB]
4. 使用 PV sdb1 创建 VG
vgcreate zcm /dev/sdb1
#------------------------------------
[root@c7-1 ~]#vgs
VG #PV #LV #SN Attr VSize VFree
zcm 1 0 0 wz--n- <50.00g <50.00g
[root@c7-1 ~]#vgdisplay
--- Volume group ---
VG Name zcm
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size <50.00 GiB
PE Size 4.00 MiB
Total PE 12799
Alloc PE / Size 0 / 0
Free PE / Size 12799 / <50.00 GiB
VG UUID 9KSu1l-Syr4-QB0a-zoDN-qMrA-90mo-jBymo5
5. 使用 VG zcm 创建 LV
lvcreate -L [逻辑卷大小] -n [逻辑卷名] [卷组名]
lvcreate -L 20G -n zcm9 zcm
# --------------------------------
[root@c7-1 ~]#lvcreate -L 20G -n zcm9 zcm
Logical volume "zcm9" created.
[root@c7-1 ~]#lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
zcm9 zcm -wi-a----- 20.00g
[root@c7-1 ~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 50G 0 part /
├─sda3 8:3 0 4G 0 part [SWAP]
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 44G 0 part /data
sdb 8:16 0 50G 0 disk
└─sdb1 8:17 0 50G 0 part
└─zcm-zcm9 253:0 0 20G 0 lvm
sr0 11:0 1 4.4G 0 rom
6. 格式化文件系统
[root@c7-1 ~]#ll /dev/mapper/zcm-zcm9
lrwxrwxrwx 1 root root 7 7月 25 20:53 /dev/mapper/zcm-zcm9 -> ../dm-0
[root@c7-1 ~]#mkfs.xfs /dev/mapper/zcm-zcm9
meta-data=/dev/mapper/zcm-zcm9 isize=512 agcount=4, agsize=1310720 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=5242880, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
7. 创建目录并挂载
[root@c7-1 ~]#mkdir /nfsdata
[root@c7-1 ~]#mount /dev/mapper/zcm-zcm9 /nfsdata/
[root@c7-1 ~]#df -h
文件系统 容量 已用 可用 已用% 挂载点
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 13M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda2 50G 6.6G 44G 14% /
/dev/sda5 44G 40M 44G 1% /data
/dev/sda1 1014M 179M 836M 18% /boot
tmpfs 378M 12K 378M 1% /run/user/42
tmpfs 378M 0 378M 0% /run/user/0
/dev/mapper/zcm-zcm9 20G 33M 20G 1% /nfsdata
写进 /etc/fstab
[root@c7-1 ~]#umount /nfsdata/
[root@c7-1 ~]#echo "/dev/mapper/zcm-zcm9 /nfsdata xfs defaults,usrquota,grpquota 0 0" >> /etc/fstab
[root@c7-1 ~]#mount -a
8. 扩展挂载目录
lvextend -L +20G /dev/mapper/zcm-zcm9 # 扩展 20G
lvextend -l +100%FREE /dev/mapper/zcm-zcm9 # 扩展剩余所有
# --------------------------------------------------------
[root@c7-1 ~]#lvextend -L +20G /dev/mapper/zcm-zcm9
Size of logical volume zcm/zcm9 changed from 20.00 GiB (5120 extents) to 40.00 GiB (10240 extents).
Logical volume zcm/zcm9 successfully resized.
[root@c7-1 ~]#lvextend -l +100%FREE /dev/mapper/zcm-zcm9
Size of logical volume zcm/zcm9 changed from 40.00 GiB (10240 extents) to <50.00 GiB (12799 extents).
Logical volume zcm/zcm9 successfully resized.
查看是否生效:此时应该还没有生效
[root@c7-1 ~]#lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 50G 0 part /
├─sda3 8:3 0 4G 0 part [SWAP]
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 44G 0 part /data
sdb 8:16 0 50G 0 disk
└─sdb1 8:17 0 50G 0 part
└─zcm-zcm9 253:0 0 50G 0 lvm /nfsdata
sr0 11:0 1 4.4G 0 rom
[root@c7-1 ~]#df -h
文件系统 容量 已用 可用 已用% 挂载点
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 13M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda2 50G 6.6G 44G 14% /
/dev/sda5 44G 40M 44G 1% /data
/dev/sda1 1014M 179M 836M 18% /boot
tmpfs 378M 12K 378M 1% /run/user/42
tmpfs 378M 0 378M 0% /run/user/0
/dev/mapper/zcm-zcm9 20G 33M 20G 1% /nfsdata
使其生效
# xfs 文件系统
[root@c7-1 ~]#xfs_growfs /dev/mapper/zcm-zcm9
meta-data=/dev/mapper/zcm-zcm9 isize=512 agcount=4, agsize=1310720 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0 spinodes=0
data = bsize=4096 blocks=5242880, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
data blocks changed from 5242880 to 13106176
[root@c7-1 ~]#df -h
文件系统 容量 已用 可用 已用% 挂载点
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 13M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda2 50G 6.6G 44G 14% /
/dev/sda5 44G 40M 44G 1% /data
/dev/sda1 1014M 179M 836M 18% /boot
tmpfs 378M 12K 378M 1% /run/user/42
tmpfs 378M 0 378M 0% /run/user/0
/dev/mapper/zcm-zcm9 50G 33M 50G 1% /nfsdata
9. 设置磁盘配额
创建用户,针对用户对文件目录设置配额。
yum -y install xfsprogs quota
useradd gby
echo "123456" |passwd --stdin gby
xfs_quota -x -c 'limit -u bsoft=80M bhard=100M isoft=8 ihard=10 gby' /nfsdata/ # 报错重启机器
xfs_quota -x -c 'report -aibh'
#-----------------------------------
[root@c7-1 ~]#xfs_quota -x -c 'report -aibh'
User quota on /nfsdata (/dev/mapper/zcm-zcm9)
Blocks Inodes
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/Grace
---------- --------------------------------- ---------------------------------
root 0 0 0 00 [------] 3 0 0 00 [------]
gby 0 80M 100M 00 [------] 0 8 10 00 [------]
Group quota on /nfsdata (/dev/mapper/zcm-zcm9)
Blocks Inodes
Group ID Used Soft Hard Warn/Grace Used Soft Hard Warn/Grace
---------- --------------------------------- ---------------------------------
root 0 0 0 00 [------] 3 0 0 00 [------]
验证
chmod 777 /nfsdata
su - gby
cd /nfsdata
dd if=/dev/zero of=/nfsdata/test.txt bs=10M count=12 #超出磁盘配额,只复制了100M
touch {1..6}.txt #不能创建,超出磁盘限额
10. 容器和宿主机通过 nfs 共享目录
宿主机配置 nfs server
yum -y install nfs-utils rpcbind
mkdir /nfsdata
chmod 777 /nfsdata
cat >> /etc/exports << EOF
#/nfsdata 192.168.10.0/24(rw,sync,no_root_squash)
/nfsdata *(rw,sync,insecure,no_subtree_check,no_root_squash)
EOF
systemctl start rpcbind && systemctl enable rpcbind
systemctl start nfs && systemctl enable nfs
exportfs -rv
showmount -e
运行一个容器:注意 docker version 查看版本,太低了不行。
[root@c7-1 /data]#cat start.sh
#!/bin/bash
/usr/local/openresty/nginx/sbin/nginx
[root@c7-1 /data]#cat Dockerfile
FROM centos:centos7
MAINTAINER zc
ENV TIME_ZOME=Asia/Shanghai
WORKDIR /usr/local/openresty
RUN yum -y install readline-devel pcre-devel openssl-devel zlib-devel gcc gcc-c++ perl make kernel-headers kernel-devel curl wget postgresql-devel nfs-utils rpcbind &> /dev/null && \
wget https://openresty.org/download/openresty-1.21.4.1.tar.gz &> /dev/null && \
tar zxvf openresty-1.21.4.1.tar.gz &> /dev/null && \
cd openresty-1.21.4.1/ &> /dev/null && \
./configure &> /dev/null && \
make -j 4 &> /dev/null && make install &> /dev/null && \
ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/sbin/ &> /dev/null && \
mkdir /nfs-client &> /dev/null
ENV PATH=/usr/local/openresty/nginx/sbin:$PATH
ENV export PATH
EXPOSE 80
RUN echo "daemon off;">>/usr/local/openresty/nginx/conf/nginx.conf
workdir /
ADD start.sh /start.sh
RUN chmod 755 /start.sh
CMD ["/start.sh"]
特权模式运行容器,不然无法挂载
[root@c7-1 ~]#docker run -itd --name openresty_test -p 2000:80 --privileged openresty:v1
93f086ef6408929329705ea1939e32ae3440fb5f5656bfedec620396cbf8eb0f
[root@c7-1 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a81b92d0577 openresty:1.21.4.1 "/start.sh" 5 seconds ago Up 3 seconds 0.0.0.0:2000->80/tcp openresty_test
容器内配置 nfs client
docker exec -it openresty_test bash
yum -y install nfs-utils rpcbind
cd
/usr/sbin/rpcbind
showmount -e 192.168.10.20
mkdir /nfs_open
mount -t nfs 192.168.10.20:/nfsdata /nfs_open
df -Th | grep nfs
运行时指定挂载,不需要 nfs
docker run --privileged=true -itd -p 3500:80 --name openresty_test-03 --mount type=bind,source=/data/zc,target=/data/zc openresty:20220726 /bin/bash
容器内查看
[root@205cee907a90 zc]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 50G 6.8G 44G 14% /
tmpfs 64M 0 64M 0% /dev
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
shm 64M 0 64M 0% /dev/shm
/dev/sda5 44G 33M 44G 1% /data/zc
11. 如何给已经运行的 docker 容器提权
特权模式下的 root 相对于宿主机才是真 root,普通模式的下的 root 相对于宿主机是伪root,相当于一个普通用户。
方案1:
容器创建运行时使用 privileged=true 参数
方案2:
已存在容器开启特权 privileged 模式
#cd /var/lib/docker/containers/<Contrainer Id>/
#docker stop <Container ID>
#vim hostconfig.json
修改"Privileged":false =>"Privileged":true
保存配置文件
#systemctl restart docker
#docker start <Container ID>
#验证
mkdir /home/test
mkdir /home/test2
mount -o bind /home/test /home/test2 #特权模式会成功,普通模式会失败
示例
[root@c7-1 ~]#docker run -itd --name openresty_v1 -p 2000:80 openresty:v1
5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980
[root@c7-1 ~]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a12c032a563 openresty:v1 "/start.sh" 5 seconds ago Up 4 seconds 0.0.0.0:2000->80/tcp, :::2000->80/tcp openresty_v1
[root@c7-1 ~]#docker exec -it openresty_v1 bash
[root@5a12c032a563 /]# ls
anaconda-post.log dev home lib64 mnt opt root sbin start.sh tmp var
bin etc lib media nfs-client proc run srv sys usr
[root@5a12c032a563 /]# showmount -e 192.168.10.20
Export list for 192.168.10.20:
/nfsdata *
[root@5a12c032a563 /]# /usr/sbin/rpcbind
[root@5a12c032a563 /]# ps -ef | grep rpcbind
rpc 25 0 0 11:43 ? 00:00:00 /usr/sbin/rpcbind
root 27 9 0 11:43 pts/1 00:00:00 grep --color=auto rpcbind
[root@5a12c032a563 /]# mount -t nfs 192.168.10.20:/nfsdata /nfs-client/
mount.nfs: Operation not permitted
[root@5a12c032a563 /]# exit
exit
[root@c7-1 ~]#cd /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980/
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#docker stop 5a12c032a563
5a12c032a563
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#vim hostconfig.json
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#cat hostconfig.json | grep -o '"Privileged":true'
"Privileged":true
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#systemctl restart docker
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#docker start 5a12c032a563
5a12c032a563
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#cd
[root@c7-1 /var/lib/docker/containers/5a12c032a5630b6b75f4b078a2166716926e58f8c9eddc8843e1e1848f829980]#docker exec -it openresty_v1 bash
[root@5a12c032a563 /]# ls
anaconda-post.log bin dev etc home lib lib64 media mnt nfs-client opt proc root run sbin srv start.sh sys tmp usr var
[root@5a12c032a563 /]# ps -ef | grep rpcbind
root 24 8 0 12:06 pts/1 00:00:00 grep --color=auto rpcbind
[root@5a12c032a563 /]# /usr/sbin/rpcbind
[root@5a12c032a563 /]# ps -ef | grep rpcbind
rpc 26 0 1 12:06 ? 00:00:00 /usr/sbin/rpcbind
root 28 8 0 12:06 pts/1 00:00:00 grep --color=auto rpcbind
[root@5a12c032a563 /]# mount -t nfs 192.168.10.20:/nfsdata /nfs-client/
[root@5a12c032a563 /]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 50G 7.0G 43G 14% /
tmpfs 64M 0 64M 0% /dev
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
shm 64M 0 64M 0% /dev/shm
/dev/sda2 50G 7.0G 43G 14% /etc/hosts
tmpfs 1.9G 0 1.9G 0% /proc/asound
tmpfs 1.9G 0 1.9G 0% /proc/acpi
tmpfs 1.9G 0 1.9G 0% /proc/scsi
tmpfs 1.9G 0 1.9G 0% /sys/firmware
192.168.10.20:/nfsdata 50G 7.0G 43G 14% /nfs-client
