分类目录归档:Linux

CentOS VM@Hyper-v磁盘扩容

GPT分区表下,CentOS标准配置,GPT信息分区在/dev/sda1,swap分区在/dev/sda2,root在/dev/sda3,思路是先新建一个分区,再合并进逻辑分区组里,原容量:16G,新容量:32G

  • 关闭虚拟机
  • 编辑磁盘,增加空间
  • 启动虚拟机
  • su到root(纯属懒癌发作不想打sudo)

fdisk /dev/sda

Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

GPT PMBR size mismatch (33554431 != 67108863) will be corrected by write.(已经识别到新的空间了)
The backup GPT table is not on the end of the device. This problem will be corrected by write.

  • n,4,一路回车,新建一个分区

Partition number (4-128, default 4):
First sector (33552384-67108830, default 33552384):
Last sector, +sectors or +size{K,M,G,T,P} (33552384-67108830, default 67108830):

Created a new partition 4 of type ‘Linux filesystem’ and of size 16 GiB.

    • t,4,8e,更改分区类型为LVM

Partition number (1-4, default 4): 4
Partition type (type L to list all types): 8e

Type of partition 4 is unchanged: Linux filesystem.

  • w保存分区表
  • fdisk -l看一下分区表对不对,应该是这样的:

Disk /dev/sda: 32 GiB, 34359738368 bytes, 67108864 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: gpt
Disk identifier: A73C227D-BC0B-4CF0-923C-F3152ABD71751

Device Start End Sectors Size Type
/dev/sda1 2048 1230847 1228800 600M EFI System
/dev/sda2 1230848 3327999 2097152 1G Linux filesystem
/dev/sda3 3328000 33552383 30224384 14.4G Linux LVM
/dev/sda4 33552384 67108830 33556447 16G Linux filesystem

Disk /dev/mapper/Name_of_VG-root: 12.8 GiB, 13753122816 bytes, 26861568 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/mapper/Name_of_VG-swap: 1.6 GiB, 1719664640 bytes, 3358720 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes

  • pvcreate /dev/sda4创建新分区

 Physical volume “/dev/sda4” successfully created.

  • vgdisplay 找一下分区组的名称

— Volume group —
VG Name Name_of_VG
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 2
Max PV 0
Cur PV 1
Act PV 1
VG Size 14.41 GiB
PE Size 4.00 MiB
Total PE 3689
Alloc PE / Size 3689 / 14.41 GiB
Free PE / Size 0 / 0
VG UUID W*****-******-*****

 

  • vgextend Name_of_VG /dev/sda4 扩展分区组

 Volume group “Name_of_VG” successfully extended

  • lvextend /dev/Name_of_VG/root /dev/sda4 扩展逻辑分区

Size of logical volume Name_of_VG/root changed from <12.81 GiB (3279 extents) to 28.80 GiB (7374 extents).
Logical volume cl/root successfully resized.

  • resize2fs /dev/Name_of_VG/root 按网上看到的文章, 这样写会报错:

resize2fs 1.45.6 (20-Mar-2020)
resize2fs: Bad magic number in super-block while trying to open /dev/cl/root
Couldn’t find valid filesystem superblock.

  • resize2fs /dev/mapper/Name_of_VG-root 也是报错:

resize2fs 1.45.6 (20-Mar-2020)
resize2fs: Bad magic number in super-block while trying to open /dev/mapper/cl-root
Couldn’t find valid filesystem superblock.

  • 最后又查了下,原来应该这样写:xfs_growfs -d /dev/Name_of_VG/root:

meta-data=/dev/mapper/Name_of_VG-root isize=512 agcount=4, agsize=839424 blks
= sectsz=4096 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=1, rmapbt=0
= reflink=1 bigtime=0 inobtcount=0
data = bsize=4096 blocks=3357696, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0, ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=4096 sunit=1 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
data blocks changed from 3357696 to 7550976

  • df -h看下,妥了

Filesystem Size Used Avail Use% Mounted on
devtmpfs 826M 0 826M 0% /dev
tmpfs 844M 84K 844M 1% /dev/shm
tmpfs 844M 17M 827M 2% /run
tmpfs 844M 0 844M 0% /sys/fs/cgroup
/dev/mapper/cl-root 29G 8.3G 21G 29% /
/dev/sda2 976M 297M 612M 33% /boot
/dev/sda1 599M 7.3M 592M 2% /boot/efi
tmpfs 169M 0 169M 0% /run/user/0

 

Reference:

https://airzerocloud.com/blog/post/extending-linux-disk-vmware-hyper-v-centosredhat-on-the-fly-live

https://samsig.dk/extending-gpt-lvm-disk-on-centos/

Mariadb配置文件挪窝了

改了/etc/my.cnf里datadir的位置,结果一点反映都没有,把新位置的整个dir删掉都能正常启动mariadb,很匪夷所思

结果是……

配置文件从/etc/my.cnf迁移到了/etc/my.cnf.d/mariadb-server.cnf

折腾了半天才发现问题

timedatectl

根据Ubuntu的说法:

ntpdate is considered deprecated in favor of timedatectl (or chrony) andthereby no more installed by default. timesyncd will generally do the rightthing keeping your time in sync, and chrony will help with more complexcases.

timedatectl 用起来非常简单,默认配置文档在/etc/systemd/timesyncd.conf

最简化内容:

[Time]
NTP=
FallbackNTP=pool.ntp.org
RootDistanceMaxSec=5
PollIntervalMinSec=32
PollIntervalMaxSec=2048

通常不需要做任何改动,如果要增加自定义的ntp服务器写在第一行,空格分隔

启用:

timedatectl set-ntp true

如果报错:Failed to set ntp: NTP not supported.
自己动手干掉已有的ntpd或者ntp再来,还是不行自己动手装chrony

查看状态:

timedatectl status

大概这样就是启用成功并同步成功了,据说需要一些时间

Local time: Fri 2019-06-14 14:28:52 CST
Universal time: Fri 2019-06-14 06:28:52 UTC
RTC time: n/a
Time zone: Asia/Shanghai (CST, +0800)
Network time on: yes
NTP synchronized: yes
RTC in local TZ: no

设置时区:

timedatectl set-timezone Asia/Shanghai

虽然似乎有点ZZ不正确的样子(从小到大都只知道北京时间),据说是因为:

The reason why Asia/Shanghai is used instead of Beijing is because Shanghai is the most populous location in the zone.

印象中以前折腾Ubuntu时候还有Asia/Chongqing,也被backzone了

Asia/Kashgar, Asia/Chongqing, and Asia/Harbin, are kept in the “backzone” file of the IANA timezone database for backward compatibility.

重启:systemctl restart systemd-timedated

Debian通过,Centos不知道为什么死活不同步,不管了

ref:

https://wiki.archlinux.org/index.php/Systemd-timesyncd

https://en.wikipedia.org/wiki/Tz_database

https://en.wikipedia.org/wiki/Time_in_China

 

搬家完毕

大概是因为5月35号要到了,突然IP就敏感了,找了一圈linode的东京区速度理想:

3.2 MB/s – 38.3 MB,共 100 MB,还剩 19 秒
大概就是这个概念
ping下来延迟70~80ms,碾压新加坡和美国不知道多少倍

用linode系统内的clone功能,直接把原来的vps整个搬走了,简单又暴力

Success
System Boot – My CentOS 7 Profile
Entered: 6 minutes 58 seconds ago – Took: 10 seconds
Success
Migrate Disk – CentOS 7 Disk from fremontXXXX.linode.com
Entered: 44 minutes 53 seconds ago – Took: 35 minutes, 19 seconds
100.0% done, 0:00 to go, 6.90 MB/s
Success
Migrate Disk – 512MB Swap Image from fremontXXXX.linode.com
Entered: 44 minutes 53 seconds ago – Took: 58 seconds
100.0% done, 0:00 to go, 9.40 MB/s
Success
Linode Initial Configuration
Entered: 45 minutes 46 seconds ago – Took: 0 seconds

用htaccess和http验证保护敏感目录

WordPress的wp-admin目录是个很明显的攻击点,加上一层http authentication可以在web server层面干掉绝大部分scripting bot/boy,特别是脚本工具,几乎都不支持http验证,因为实在是太罕见了,同时也可以多提供一个安全层,哪怕后面的程序用admin/12345都没关系

非常简单:

在需要保护的目录下,运行:

htpasswd -c name_of_password_file name_of_user,接下来输入两次密码,就会创建一个用户名/密码文件

为了提高安全性,再改个名:mv name_of_password_file #unable_to_download_name,加上#在文件名里可以有效阻止意外下载

在目录下新建.htaccess

内容如下:

AuthName “Login Required” #(可以写的更凶猛一点,随意发挥)
AuthType Basic
AuthUserFile /full/path/to/password/file #(刚才创建的用户名密码文件的完整路径)
AuthGroupFile /dev/null
require valid-user
Options -Indexes #(顺手禁止目录浏览)

 

保存,完工,下次访问目录就需要验证了