IOIOX 文档中心

Appearance

Oracle Cloud

!> 本文教程均基于 CentOS 7.9 及 ARM Oracle Linux 7.9 系统,其他系统请自行查询相关命令

大纲

  • root 登录
  • 分区扩容
  • docker
  • yum
  • 卸载相关程序

服务器主分区扩容

Oracle Cloud 服务器默认情况下系统分区为 47GB, 如果创建时选择了更高的容量,默认系统分区依旧为 47GB, 按照以下命令可以将所有容量扩容至主系统分区

shell
fdisk -l
# 查看分区详情
LANG=en_US.UTF-8
sudo /usr/libexec/oci-growfs
# 按 y 确认

root 登录及密码登录

shell
# 默认情况下是以 opc 用户登录
ssh opc@xxx.xxx.xxx.xxx
sudo -i
# 切换至 root 帐号
passwd
# 创建 root 密码
vi /etc/ssh/sshd_config
# 修改 sshd_config
# 查找到 #PermitRootLogin yes 并去掉 # 号表示允许 root 帐号登录
# 查找到 #PasswordAuthentication yes 并去掉 # 号表示允许密码登录.
systemctl restart sshd
# esc :wq 保存后执行重启命令生效
# 此时 可以用 ssh root@xxx.xxx.xxx.xxx 通过密码直接登录 root 帐号

永久修改主机名

修改 Oracle 服务器的主机名,重启后会恢复创建实例时的名字.

shell
vi /etc/oci-hostname.conf
# 将 PRESERVE_HOSTINFO=0 改为 1
# 或者直接执行以下命令一键修改
sed -i '/PRESERVE_HOSTINFO=0/s/0/1/' /etc/oci-hostname.conf

# 执行以下命令永久修改主机名
hostnamectl set-hostname YOURNAME

Docker

X86 架构

shell
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo systemctl start docker
sudo systemctl enable docker
curl -L https://github.com/docker/compose/releases/download/v2.5.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

ARM 架构

?> 适用于 Oracle Linux 7 ARM 系统

shell
sudo yum install -y yum-utils
sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
curl -L https://github.com/docker/compose/releases/download/v2.5.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

docker daemon.json

?> 配置日志和 tag 变量用于 elastic 和 logstash

shell
cat >/etc/docker/daemon.json<<'EOF'
{
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "50m",
    "max-file": "3",
    "labels": "production_status",
    "env": "os,customer",
    "tag": "{{.Name}}"
  }
}
EOF

systemctl daemon-reload
systemctl restart docker
# 检查
cat >/etc/docker/daemon.json

Yum

修改 ARM 系统 yum 源

shell
cat >/etc/yum.repos.d/centos-extras.repo << 'EOF'
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=7&arch=$basearch&repo=extras&infra=$infra
gpgcheck=0
EOF

防火墙

由于 Oracle Cloud 有防火墙面板,可以完全关闭服务器防火墙,并使用 iptable 来管理.

shell
systemctl stop firewalld
systemctl disable firewalld
systemctl start iptables
systemctl status iptables
systemctl enable iptables
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F 
service iptables save

卸载相关程序

shell
yum remove osms-agent

systemctl stop rpcbind
systemctl stop rpcbind.socket
systemctl disable rpcbind
systemctl disable rpcbind.socket 

systemctl stop oracle-cloud-agent
systemctl disable oracle-cloud-agent
systemctl stop oracle-cloud-agent-updater
systemctl disable oracle-cloud-agent-updater
yum remove -y oracle-cloud-agent

BBR

X86 CentOS 7 BBRPlus

更新于 2022-05-19

shell
wget https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/bbrplus/centos/7/kernel-4.14.129-bbrplus.rpm
# 下载 BBR 内核
yum -y install kernel-4.14.129-bbrplus.rpm
# 安装内核
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
sudo awk -F\' '$1=="menuentry " {print i++ " : " $2}' /boot/efi/EFI/centos/grub.cfg
grub2-set-default 0
# 设置启动项
reboot
# 重启
uname -r
# 查看内核
wget -N --no-check-certificate "https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
# 选择 7 启用
./tcp.sh
# 在选择 10 优化并重启.

X86 CentOS 7 BBR ( 官方 5.3.13.1 内核 )

shell
wget http://repos.sea.lax-noc.com/elrepo/archive/kernel/el7/x86_64/RPMS/kernel-ml-5.3.13-1.el7.elrepo.x86_64.rpm && yum -y install kernel-ml-5.3.13-1.el7.elrepo.x86_64.rpm
# 禁用 yum update 内核
echo "exclude=kernel*">> /etc/yum.conf
rpm -qa | grep kernel
sudo grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
sudo awk -F\' '$1=="menuentry " {print i++ " : " $2}' /boot/efi/EFI/centos/grub.cfg
sudo grub2-set-default 0
# 设置启动项
reboot
# 重启
lsmod | grep bbr
sudo modprobe tcp_bbr
echo "tcp_bbr" | sudo tee --append /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" | sudo tee --append /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee --append /etc/sysctl.conf
sudo sysctl -p
reboot
# 检查 BBR
sysctl net.ipv4.tcp_available_congestion_control && \
sysctl net.ipv4.tcp_congestion_control && \
sysctl net.core.default_qdisc && \
lsmod | grep bbr
# 优化
wget -N --no-check-certificate "https://raw.githubusercontent.com/chiakge/Linux-NetSpeed/master/tcp.sh" && chmod +x tcp.sh && ./tcp.sh
# 选择 10 优化重启

ARM

目前并没有更方便的开启方式

shell
sudo modprobe tcp_bbr
echo "tcp_bbr" | sudo tee --append /etc/modules-load.d/modules.conf
echo "net.core.default_qdisc=fq" | sudo tee --append /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" | sudo tee --append /etc/sysctl.conf
sudo sysctl -p
reboot

Copyright © 2024 IOIOX