南山草舍

0%

发表于

Ceph 常用命令大全

Ceph 是一个开源的分布式存储系统,支持对象存储、块设备(RBD)和文件系统(CephFS)。以下是一份常用命令清单,适用于日常运维、监控和排错。

阅读全文 »

发表于 分类于

一键升级Openssh脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/bin/bash

##yum源配置
mv /etc/yum.repos.d  /etc/yum.repos.d.bak
echo "1.yum源已备份"

mkdir /etc/yum.repos.d
cd /etc/yum.repos.d
touch CentOS-Base.repo
#如果有内网yum源,可以使用以下注释配置
#echo "[centos]
#name=CentOS
#baseurl=http://x.x.x.x/CentOS7-2207
#gpgcheck=0
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#enabled=1" >> /etc/yum.repos.d/CentOS-Base.repo
#使用在线yum源
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache
yum -y update 
echo "2.仓库源已更新"

##升级包下载
yum -y install wget
cd /opt
wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz
wget https://ftp.openssl.org/source/openssl-3.2.0.tar.gz

##openssl升级
cd /opt
cp /usr/bin/openssl /usr/bin/openssl.old 
cp /usr/include /usr/include.old  
tar -zxvf openssl-3.2.0.tar.gz  
cd openssl-3.2.0 
yum -y install perl-IPC-Cmd 
if [ $? -eq 0 ]; then
    echo "3.openssl组件已完成安装"
else
    echo "3.openssl组件安装失败,程序终止"
    exit 1
fi


./config --prefix=/usr  --shared  
make && make install  
sslversion=$(openssl version -a) 
echo "4.openssl升级完毕,当前版本为$sslversion"

##openssh旧版本卸载
echo y | yum remove openssh
if [ $? -eq 0 ]; then
    echo "5.openssh旧版本卸载完成"
else
    echo "5.openssh旧版本卸载失败,程序终止"
    exit 1
fi

##openssh组件安装
yum -y install gcc make perl zlib zlib-devel pam pam-devel
if [ $? -eq 0 ]; then
    echo "6.openssh组件已完成安装"
else
    echo "6.openssh组件安装失败,程序终止"
    exit 1
fi

##openssh新版本安装
cd /opt
tar -zxvf openssh-9.6p1.tar.gz
cd openssh-9.6p1
cp /etc/ssh /etc/ssh.old
echo "7.ssh 配置已备份"
./configure --prefix=/usr/local/openssh --with-zlib=/usr/local/zlib --with-ssl-dir=/usr/local/ssl
make && make install
sed -i '32s/^#//' /usr/local/openssh/etc/sshd_config
sed -i 's/prohibit-password/yes/' /usr/local/openssh/etc/sshd_config
cp contrib/redhat/sshd.init   /etc/init.d/sshd 
chkconfig --add sshd
cp /usr/local/openssh/etc/sshd_config  /etc/ssh/sshd_config 
cp /usr/local/openssh/sbin/sshd  /usr/sbin/sshd   
cp /usr/local/openssh/bin/*  /usr/bin/   
cp /usr/local/openssh/etc/ssh_host_ecdsa_key.pub  /etc/ssh/ssh_host_ecdsa_key.pub 
systemctl daemon-reload 
systemctl restart sshd && systemctl enable sshd
sshversion=$(ssh -V 2>&1)
echo "8.openssh已升级,当前版本为$sshversion"
echo  "9.升级完成,请手动进行验证结果"

发表于

安装dvd+rw-tools工具

要格式化/擦除DVD + RW磁盘,我们需要dvd+rw-tools工具 。 如果尚未安装,请安装:

1
2
yum install dvd+rw-tools
yum install cdrecord

格式化光盘

在将DVD + RW插入刻录机后,可以使用dvd+rw-format工具格式化/擦除DVD + RW(实际上无需显式地将其清空)/ DVD-RW磁盘:

1
dvd+rw-format -force /dev/sr0

使用cdrecord擦除DVD-RW磁盘的命令(由wodim提供):

1
cdrecord dev=/dev/sr0 blank=fast

LINUX下光盘的常见操作

刻录光盘语法:growisofs -dvd-compat -speed=<刻录速度> -Z <设备名>=<镜像路径>

1
2
3
4
5
6
7
8
9
10
growisofs -dvd-compat -Z /dev/dvdwriter=/opt/CentOS-5.3-x86_64-bin-DVD.iso

#刻录ISO文件
growisofs -dvd-compat -Z /dev/sr0=/path/to/image.iso   
#初次刻录(非ISO文件)
growisofs -Z /dev/sr0 -R -J /some/files    
#往已有的DVD盘上添加文件
growisofs -M /dev/sr0 -R -J /more/files   
#给DVD盘封口(一般用不着)
growisofs -M /dev/sr0=/dev/zero

发表于

报错信息

部署Springboot 人人框架时候,访问验证码看到返回状态码为200,但是页面无法正常显示,查看后台日志,发现报错如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2023-10-23T13:15:56.314+08:00 ERROR 26705 --- [nio-8082-exec-1] c.l.c.log.exception.RenExceptionHandler  : Handler dispatch failed: java.lang.InternalError: java.lang.reflect.InvocationTargetException

jakarta.servlet.ServletException: Handler dispatch failed: java.lang.InternalError: java.lang.reflect.InvocationTargetException
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1096)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:974)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1011)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:903)
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:564)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:885)
	at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:658)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:205)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:110)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:174)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:149)
	at org.springframework.security.web.FilterChainProxy.lambda$doFilterInternal$3(FilterChainProxy.java:231)
	at org.springframework.security.web.ObservationFilterChainDecorator$FilterObservation$SimpleFilterObservation.lambda$wrap$1(ObservationFilterChainDecorator.java:479)
	……
阅读全文 »

发表于 分类于

定义

参考:https://kubernetes.io/zh-cn/docs/concepts/workloads/controllers/deployment/

创建

vim nginx-deployment.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx-deployment
  template:
    metadata:
      name: nginx-deployment
      labels:
        app: nginx-deployment
    spec:
      containers:
        - name: nginx-deployment
          image: registry.cn-hangzhou.aliyuncs.com/alxq/nginx:stable-alpine3.17 
          imagePullPolicy: IfNotPresent
      restartPolicy: Always
1
kubectl apply -f nginx-deployment.yml
阅读全文 »

发表于 分类于

故障现象

在Vmware Workstation中安装了Zstack环境,在初始化添加物理机环节报错

1
shell command[sudo PYTHONPATH=/usr/local/zstack/ansible/files/zstacklib timeout 1800 python2 /usr/local/zstack/ansible/kvm.py -i /usr/local/zstack/ansible/hosts --private-key /usr/local/zstack/apache-tomcat-8.5.57/webapps/zstack/WEB-INF/classes/ansible/rsaKeys/id_rsa -e '{ "init": "true", "chrony_servers": "192.168.111.128", "trusted_host": "192.168.111.128", "remote_port": "22", "update_packages": "true", "host_uuid": "e308280cbfd540938d1229e59f932c05", "zstack_root": "/var/lib/zstack", "remote_user": "root", "hostname": "192-168-111-128.zstack.org", "pkg_kvmagent": "kvmagent-4.4.0.tar.gz", "post_url": "http://192.168.111.128:8080/zstack/kvm/ansiblelog/e308280cbfd540938d1229e59f932c05\n", "remote_pass": "*****", "host": "192.168.111.128", "pip_url": "http://192.168.111.128:8080/zstack/static/pypi/simple", "zstack_repo": "\"zstack-mn,qemu-kvm-ev-mn\"", "yum_server": "192.168.111.128:8080", "pkg_zstacklib": "zstacklib-4.4.0.tar.gz" }'] failed ret code: 1 stderr: ERROR: [ HOST: 192.168.111.128 ] ERROR: change kernel module kvm_amd status to present failed error: modprobe: ERROR: could not insert 'kvm_amd': Operation not supported stdout:
阅读全文 »

发表于 更新于 分类于

标签

标签(Labels)是附加到Kubernetes对象(比如 Pod)上的键值对。标签旨在用于指定对用户有意义且相关的对象标识属性。标签可以在创建时附加到对象,随后可以随时添加和修改。每个对象都可以定义一组键(Key)/ 值(Value)标签,但是每个键(Key)对于给定对象必须是唯一的。

标签作用:就是用来给k8s中对象起别名,有了别名可以过滤和筛选

语法

标签由键值对组成,其有效标签值:

  • 最多为63个字符(可以为空)
  • 除非标签值为空,必须以字母数字字符([a-z0-9A-Z])开头和结尾
  • 包含破折号(-)、下划线(_)、点(、)和字母或数字

查看所有node节点标签

1
2
3
4
5
6
7
[root@k8s-master01 ~]# kubectl get nodes --show-labels
NAME           STATUS   ROLES           AGE     VERSION   LABELS
k8s-master01   Ready    control-plane   6d17h   v1.26.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-master01,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers=
k8s-master02   Ready    control-plane   6d17h   v1.26.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-master02,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers=
k8s-master03   Ready    control-plane   6d17h   v1.26.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-master03,kubernetes.io/os=linux,node-role.kubernetes.io/control-plane=,node.kubernetes.io/exclude-from-external-load-balancers=
k8s-node01     Ready    <none>          6d17h   v1.26.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-node01,kubernetes.io/os=linux
k8s-node02     Ready    <none>          6d17h   v1.26.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=k8s-node02,kubernetes.io/os=linux

标签操作命令格式kubectl label nodes <nodename> label_name=label_value

阅读全文 »

发表于 更新于 分类于

配置k8s命令tab补全并设置别名

1
2
3
4
5
6
7
8
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
# 设置kubectl别名为k
echo "alias k=kubectl" >> ~/.bashrc
#这句不加的话用kubectl可以使用Tab键自动补全,但是别名k不能使用Tab键自动补全
echo "complete -F __start_kubectl k >> ~/.bashrc

source ~/.bashrc

输入“k ge[tab] no[tab]”效果如下

1
2
3
4
5
6
7
[root@k8s-master01 ~]# k get nodes
NAME           STATUS   ROLES           AGE     VERSION
k8s-master01   Ready    control-plane   5d15h   v1.26.3
k8s-master02   Ready    control-plane   5d15h   v1.26.3
k8s-master03   Ready    control-plane   5d15h   v1.26.3
k8s-node01     Ready    <none>          5d15h   v1.26.3
k8s-node02     Ready    <none>          5d15h   v1.26.3