linux实战案例-2
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了linux实战案例-2相关的知识,希望对你有一定的参考价值。
1、描述centos6系统开机启动流程;
POST --> Bootsequence(Bios) --> bootloader(MBR)--> kernel(ramdisk) --> rootfs(只读) --> /sbin/init --> (/etc/inittab) --> 设置默认运行级别 (id:3:initdefault:) --> 运行系统初始化脚本、完成系统初始化(si::sysinit:/etc/rc.d/rc.sysinit) --> 关闭和启动对应级别写需要关闭的服务(l#:#:wait:/etc/rc.d/rc #) --> 设置登录终端(tty1:2345:respawn:/usr/sbin/mingetty tty1)
该部分已总结:http://armolee.blog.51cto.com/6288560/1737958
2、描述/etc/rc.d/sysinit脚本功能;
(1) 设置主机名
(2) 设置欢迎信息
(3) 激活udev和selinux
(4) 挂载/etc/fstab文件中定义的文件系统
(5) 检测根文件系统,并以读写方式重新挂载根文件系统(内核挂载为只读模式,此处需重新挂载)
(6) 设置系统时钟
(7) 激活swap设备
(8) 根据/etc/sysctl.conf文件设置内核参数
(9) 激活lvm及software raid设备
(10) 加载额外设备的驱动程序
(11) 清理操作
3、总结文本处理工具sed及awk的用法;(必须附带示例)
sed:http://armolee.blog.51cto.com/6288560/1740641
awk:http://armolee.blog.51cto.com/6288560/1740942
4、写一个脚本,生成10个随机数,并按从小到大进行排序(要求至少使用2中方法);
(1)
#! /bin/bash for ((i=1;i<=10;i++)) do echo "$RANDOM" done | sort -n
(2)
#!/bin/bash
declare -i i
for (( i=0 ; i<10 ; i++ ))
do
armo[i]=$RANDOM
done
for (( i=0 ; i<${#armo[@]} ; i++ ))
do
for (( j=${#armo[@]} - 1 ; j>i ; j-- ))
do
#echo $j
if [[ ${armo[j]} -lt ${armo[j-1]} ]]
then
t=${armo[j]}
armo[j]=${armo[j-1]}
armo[j-1]=$t
fi
done
done
for (( i=0 ; i<10 ; i++ ))
do
echo ${armo[i]}
done5、在每周二的凌晨1点5分执行脚本/data/get_username.sh,并将脚本的输出至/tmp/get_username.log日志文件中;
5 1 ? * 2 ./data/get_username.sh > /tmp/get_username.log
6、写一个脚本:如果某路径不存在,则将其创建为目录;否则显示其存在,并显示内容类型;
#!/bin/sh echo "please input a dir" read armo if [ -d $armo ] then echo "this dir is exist" else mkdir $armo echo "the $armo is created" fi
7、写一个脚本,打印9X9乘法表;
#! /bin/bash
declare-i i=1
#! /bin/bash
#
#
declare -i j=1
until [ $j -gt 9 ]; do
until [ $i -gt $j ]; do
echo -n -e "${i}X${j}=$[$i*$j]\t"
let i++
done
echo
let i=1
let j++
done8、描述dns的工作流程,以及完整搭建一套dns主从服务器,相关域名和ip可自行设定。
1、切换至root用户
2、两台服务器分布安装bind
yum install bind
3、对比两台服务器bind版本
4、修改主配置文件信息,建议将主配置文件备份后在进行修改。
cp /etc/named.conf /etc/named.conf.bak
vi /etc/named.conf
options {
listen-on port 53 { 127.0.0.1; }; //只监听本机53端口
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; }; //只允许本机递归查询
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
}; 默认只监听本机的53端口,若要提供服务,最少应增加一个外网地址53端口的监听,并允许所有用户进行递归查询。并且注释所有的dnssec。
vi /etc/named.conf
options {
listen-on port 53 { 192.168.0.15; 127.0.0.1; }; //增加监听地址,此处添加本机外网地址即可
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; }; //允许所有
recursion yes;
// dnssec-enable yes;
// dnssec-validation yes;
// dnssec-lookaside auto;
/* Path to ISC DLV key */
// bindkeys-file "/etc/named.iscdlv.key";
//
// managed-keys-directory "/var/named/dynamic";
};5、查看本服务器53端口的监听情况
[[email protected] ~]# ss -tunlp | grep :53 udp UNCONN 0 0 192.168.0.15:53 *:* users:(("named",4387,513)) udp UNCONN 0 0 127.0.0.1:53 *:* users:(("named",4387,512)) udp UNCONN 0 0 ::1:53 :::* users:(("named",4387,514)) tcp LISTEN 0 3 ::1:53 :::* users:(("named",4387,22)) tcp LISTEN 0 3 192.168.0.15:53 *:* users:(("named",4387,21)) tcp LISTEN 0 3 127.0.0.1:53 *:* users:(("named",4387,20))
以上操作针对主从两台服务器配置相同。
6、主DNS服务器配置:
定义区域:
[[email protected] ~]# cat /etc/named.rfc1912.zones zone "armo.com" IN { type master; file "armo.com.zone"; }; //正向区域 zone "0.168.192.in-addr.arpa" IN { type master; file "192.168.0.zone"; }; //反向区域
定义区域解析库文件:
[[email protected] ~]# cat /var/named/armo.com.zone $TTL 1d @ IN SOA ns1.armo.com. admin.armo.com( 2016020301 1H 5M 7D 1D) IN NS ns1.armo.com. IN NS ns2.armo.com. IN MX 10 mx1.armo.com. IN MX 20 mx2.armo.com. ns1 IN A 192.168.0.1 ns2 IN A 192.168.0.17 mx1 IN A 192.168.0.4 mx2 IN A 192.168.0.1 www IN A 192.168.0.17 //正向解析库文件 [[email protected] ~]# cat /var/named/192.168.0.zone $TTL 1d $ORIGIN 0.168.192.in-addr.arpa. @ IN SOA ns1.armo.com. admin.armo.com.( 2016020301 1H 5M 7D 1D) IN NS ns1.armo.com. IN NS ns2.armo.com. 1 IN PTR ns1.armo.com. 17 IN PTR www.armo.com. 4 IN PTR mx1.armo.com. 1 IN PTR mx2.armo.com. 17 IN PTR ns2.armo.com. //反向解析库文件
检查是否有语法错误
name-checkconf //检查主配置文件是否有语法错误 named-checkzone "armo.com" /var/named/armo.com.zone //检查区域配置文件
更改文件权限及属组
[[email protected] named]# chmod 640 armo.com.zone [[email protected] named]# chown :named armo.com.zone //正向 [[email protected] named]# chmod 640 192.168.0.zone [[email protected] named]# chown :named 192.168.0.zone //反向
测试主DNS服务器解析:
[[email protected] ~]# dig -t A www.armo.com @192.168.0.15 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> -t A www.armo.com @192.168.0.15 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52591 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.armo.com. IN A ;; ANSWER SECTION: www.armo.com. 86400 IN A 192.168.0.17 ;; AUTHORITY SECTION: armo.com. 86400 IN NS ns2.armo.com. armo.com. 86400 IN NS ns1.armo.com. ;; ADDITIONAL SECTION: ns1.armo.com. 86400 IN A 192.168.0.1 ns2.armo.com. 86400 IN A 192.168.0.17 ;; Query time: 2 msec ;; SERVER: 192.168.0.15#53(192.168.0.15) ;; WHEN: Wed Feb 3 06:01:38 2016 ;; MSG SIZE rcvd: 114 //正向 [[email protected] ~]# dig -x 192.168.0.4 @192.168.216.231 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> -x 192.168.0.4 @192.168.216.231 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63940 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;4.0.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 4.0.168.192.in-addr.arpa. 86400 IN PTR localhost. ;; Query time: 29 msec ;; SERVER: 192.168.216.231#53(192.168.216.231) ;; WHEN: Wed Feb 3 06:03:42 2016 ;; MSG SIZE rcvd: 65 //反向
7、从DNS服务器配置
测试与主DNS服务器的区域传送
[[email protected] ~]# dig -t axfr armo.com @192.168.0.15 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6 <<>> -t axfr armo.com @192.168.0.15 ;; global options: +cmd armo.com. 86400 IN SOA ns1.armo.com. admin.armo.com.armo.com. 2016020301 3600 300 604800 86400 armo.com. 86400 IN NS ns1.armo.com. armo.com. 86400 IN NS ns2.armo.com. armo.com. 86400 IN MX 10 mx1.armo.com. armo.com. 86400 IN MX 20 mx2.armo.com. mx1.armo.com. 86400 IN A 192.168.0.4 mx2.armo.com. 86400 IN A 192.168.0.1 ns1.armo.com. 86400 IN A 192.168.0.1 ns2.armo.com. 86400 IN A 192.168.0.17 www.armo.com. 86400 IN A 192.168.0.17 armo.com. 86400 IN SOA ns1.armo.com. admin.armo.com.armo.com. 2016020301 3600 300 604800 86400 ;; Query time: 21 msec ;; SERVER: 192.168.0.15#53(192.168.0.15) ;; WHEN: Wed Feb 3 06:04:40 2016 ;; XFR size: 11 records (messages 1, bytes 273)
定义区域
[[email protected] ~]# cat /etc/named.rfc1912.zones zone "armo.com" IN { type slave; masters {192.168.0.15;}; file "slave/armo.com.zone"; }
启动服务
service named start
查看同步信息
[[email protected] ~]# tail /var/log/messages Feb 3 06:20:42 localhost named[15085]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 Feb 3 06:20:42 localhost named[15085]: zone localhost.localdomain/IN: loaded serial 0 Feb 3 06:20:42 localhost named[15085]: zone localhost/IN: loaded serial 0 Feb 3 06:20:42 localhost named[15085]: managed-keys-zone ./IN: loaded serial 2 Feb 3 06:20:42 localhost named[15085]: running Feb 3 06:20:42 localhost named[15085]: zone armo.com/IN: Transfer started. Feb 3 06:20:42 localhost named[15085]: transfer of ‘armo.com/IN‘ from 192.168.0.15#53: connected using 192.168.0.17#43758 Feb 3 06:20:42 localhost named[15085]: zone armo.com/IN: transferred serial 2016020301 Feb 3 06:20:42 localhost named[15085]: transfer of ‘armo.com/IN‘ from 192.168.0.15#53: Transfer completed: 1 messages, 11 records, 273 bytes, 0.001 secs (273000 bytes/sec) Feb 3 06:20:42 localhost named[15085]: zone armo.com/IN: sending notifies (serial 2016020301) [[email protected] ~]# cat /var/named/slaves/armo.com.zone $ORIGIN . $TTL 86400 ; 1 day armo.com IN SOA ns1.armo.com. admin.armo.com.armo.com. ( 2016020301 ; serial 3600 ; refresh (1 hour) 300 ; retry (5 minutes) 604800 ; expire (1 week) 86400 ; minimum (1 day) ) NS ns1.armo.com. NS ns2.armo.com. MX 10 mx1.armo.com. MX 20 mx2.armo.com. $ORIGIN armo.com. mx1 A 192.168.0.4 mx2 A 192.168.0.1 ns1 A 192.168.0.1 ns2 A 192.168.0.17 www A 192.168.0.17 [[email protected] ~]#
至此DNS主从服务器建设完毕。
本文出自 “机智少年普朗克” 博客,谢绝转载!
以上是关于linux实战案例-2的主要内容,如果未能解决你的问题,请参考以下文章
linux实战应用案例: 777 权限表示什么,各数字又是什么含义?