HackMD - Collaborative Markdown Knowledge Base

CentOS Linux系統基本設定 = = = = = = = = = = = = = = = = = = = 安裝過程注意移除 /home 掛載點 = = = = = = = = = = = = = = = = = = = 如果有需要圖型化界面，最後再 yum groupinstall "GNOME Desktop" = = = = = = = = = = = = = = = = = = = 如果有需要開機就進入到圖型化界面 systemctl set-default graphical.target = = = = = = = = = = = = = = = = = = = 兩張網卡bonding範例 = = = = = = = = = = = = = = = = = = = vi /ifcfg-p2p1 TYPE=Ethernet BOOTPROTO=none USERCTL=no DEVICE=p2p1 ONBOOT=yes MASTER=bond0 SLAVE=yes vi /ifcfg-p2p2 TYPE=Ethernet BOOTPROTO=none USERCTL=no DEVICE=p2p2 ONBOOT=yes MASTER=bond0 SLAVE=yes vi /ifcfg-bond0 TYPE=Bonding BOOTPROTO=none USERCTL=no DEVICE=bond0 ONBOOT=yes IPADDR=140.110.142.80 NETMASK=255.255.255.0 #GATEWAY=140.110.142.254 NM_CONTROLLED=no BONDING_MASTER=no BONDING_OPTS="mode=4 miimon=100" = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 掛載光碟機指令 mount -t iso9660 -o ro /dev/cdrom /mnt/cdrom = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 設定主機名稱 hostnamectl set-hostname HostName 或 vi /etc/hostname = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 取消Selinux vi /etc/selinux/config SELINUX=disabled = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 設定網卡 /etc/sysconfig/network-scripts TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.120.123 NETMASK=255.255.255.0 GATEWAY=192.168.120.254 ONBOOT=yes = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 設定DNS vi /etc/resolv.conf nameserver 140.110.16.1 nameserver 140.110.4.1 nameserver 8.8.8.8 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 關於系統帳號三主要檔案 /etc/passwd /etc/shadow /etc/group = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 關閉 firewald、NetworkManager systemctl status firewalld systemctl stop firewalld systemctl disable firewalld systemctl status NetworkManager systemctl stop NetworkManager systemctl disable NetworkManager 啟用 iptables、network systemctl status iptables systemctl start iptables systemctl enable iptables systemctl status network systemctl start network systemctl enable network = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 新增/移除主機對照表 vi /etc/hosts 註解 ### ELK ### 192.168.120.121 elk01 192.168.120.123 grafana01 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 設定用戶有sudo權限 vi /etc/sudoers root ALL=(ALL) ALL 1103899 ALL=(ALL) NOPASSWD:ALL = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 設定 iptables vi /etc/sysconfig/iptables :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -s 0.0.0.0/24 -j DROP -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -s 140.110.142.0/24 -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -s 140.110.101.0/24 -j DROP -A RH-Firewall-1-INPUT -s 140.110.0.0/16 -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 系統免密碼登入首先輸入指令來產生 key ssh-keygen 輸入指令以下指令 (將 username 與 server_host 換成自己的帳號與伺服器IP或host，而 your_key_path 換成自己的剛剛產生的key位置) ssh-copy-id -i your_key_path username@server_host = = = = = = = = = = = = = = = = = = =