新架构第1天

Q1、Ubuntu server18.04的安装，优化系统

1. 选择安装语言

   image.png

2. 选择第一项安装server

   image.png

3. 选择安装过程语言

   image.png

4. 选择地区

   image.png

5. 不进行键盘探测

   image.png

6. 选择美式键盘

   image.png

7. 确认键盘

   image.png

8. 设置主机名

   image.png

9. 新用户的全称

   image.png

10. 创建新用户的用户名

    image.png

11. 设置密码

    image.png

12. 确认密码

    image.png

13. 确实使用短密码

    image.png

14. 设置时区

    image.png

15. 手动分区

    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png
    image.png

16. 是否使用代理

    image.png

17. 安装过程

    image.png

18. 是否自动更新

    image.png

19. 选择安装组件

    image.png

20. 安装中

    image.png

21. 安装grub引导程序

    image.png

22. 安装完毕重启

    image.png

23. 登录界面

    image.png

ubuntu优化：

1、系统资源限制优化
liangjc@ubuntu-node:~$ sudo vim /etc/security/limits.conf
#root账户的资源软限制和硬限制
root soft core unlimited
root hard core unlimited
root soft nproc 1000000
root hard nproc 1000000
root soft nofile 1000000
root hard nofile 1000000
root soft memlock 32000
root hard memlock 32000
root soft msgqueue 8192000
root hard msgqueue 8192000

#其他账户的资源软限制和硬限制
* soft core unlimited
* hard core unlimited
* soft nproc 1000000
* hard nproc 1000000
* soft nofile 1000000
* hard nofile 1000000
* soft memlock 32000
* hard memlock 32000
* soft msgqueue 8192000
* hard msgqueue 8192000

2、内核参数优化
liangjc@ubuntu-node:~$ sudo vim /etc/sysctl.conf
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296

# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920

# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 1

net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001 65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2

liangjc@ubuntu-node:~$ sudo sysctl -p

Q2、ubuntu双网卡绑定bond0，双网卡桥接

liangjc@ubuntu-node:~$ cat /etc/netplan/01-netcfg.yaml
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
    eth1:
      dhcp4: no

  bonds:
    bond0:
      interfaces:
        - eth0
        - eth1
      parameters:
        mode: active-backup
        mii-monitor-interval: 100

  bridges:
    br0:        
      dhcp4: no
      addresses: [192.168.37.218/24]
      gateway4: 192.168.37.2
      nameservers:
        addresses: [192.168.37.2]
      interfaces:
        - bond0
        
liangjc@ubuntu-node:~$ sudo netplan apply
liangjc@ubuntu-node:~$ ifconfig 
bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST>  mtu 1500
        ether d6:5e:91:b5:bc:6d  txqueuelen 1000  (Ethernet)
        RX packets 142  bytes 15542 (15.5 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 118  bytes 13671 (13.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.37.218  netmask 255.255.255.0  broadcast 192.168.37.255
        inet6 fe80::1c37:cff:fee1:7300  prefixlen 64  scopeid 0x20<link>
        ether 1e:37:0c:e1:73:00  txqueuelen 1000  (Ethernet)
        RX packets 123  bytes 12023 (12.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 118  bytes 13533 (13.5 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether d6:5e:91:b5:bc:6d  txqueuelen 1000  (Ethernet)
        RX packets 489  bytes 169984 (169.9 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 166  bytes 16341 (16.3 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether d6:5e:91:b5:bc:6d  txqueuelen 1000  (Ethernet)
        RX packets 124  bytes 13799 (13.7 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 118  bytes 13671 (13.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0