Linux服务器应用了解007

一、Web服务部署1. LNMP环境搭建1.1 环境准备图# 更新系统 sudo apt update sudo apt upgrade -y # 安装必要工具 sudo apt install -y curl wget git vim1.2 Nginx安装与配置图# 安装Nginx sudo apt install -y nginx # 启动并设置开机自启 sudo systemctl start nginx sudo systemctl enable nginx # 验证安装 sudo nginx -t1.3 MySQL安装与配置图# 安装MySQL sudo apt install -y mysql-server # 安全初始化 sudo mysql_secure_installation # 登录MySQL sudo mysql -u root -p # 创建数据库和用户 CREATE DATABASE wordpress; CREATE USER wpuserlocalhost IDENTIFIED BY password; GRANT ALL PRIVILEGES ON wordpress.* TO wpuserlocalhost; FLUSH PRIVILEGES;1.4 PHP安装与配置图# 安装PHP及相关扩展 sudo apt install -y php php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-zip # 配置PHP-FPM sudo sed -i s/user www-data/user nginx/g /etc/php/*/fpm/pool.d/www.conf sudo sed -i s/group www-data/group nginx/g /etc/php/*/fpm/pool.d/www.conf # 启动PHP-FPM sudo systemctl start php*-fpm sudo systemctl enable php*-fpm1.5 Nginx虚拟主机配置图server { listen 80; server_name example.com www.example.com; root /var/www/html; index index.php index.html; location / { try_files $uri $uri/ /index.php?$args; } location ~ \.php$ { fastcgi_pass unix:/var/run/php/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location ~ /\.ht { deny all; } }二、容器化技术1. Docker基础操作1.1 Docker安装图# 卸载旧版本 sudo apt remove -y docker docker-engine docker.io containerd runc # 安装依赖 sudo apt update sudo apt install -y apt-transport-https ca-certificates curl gnupg lsb-release # 添加Docker官方GPG密钥 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg # 添加Docker仓库 echo deb [archamd64 signed-by/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable | sudo tee /etc/apt/sources.list.d/docker.list /dev/null # 安装Docker引擎 sudo apt update sudo apt install -y docker-ce docker-ce-cli containerd.io # 验证安装 sudo docker --version sudo docker run hello-world1.2 Docker基本概念●镜像(Image)只读模板包含运行容器所需的所有文件和配置●容器(Container)镜像的运行实例●仓库(Registry)存储和分发镜像的服务1.3 常用命令图# 镜像操作 docker images # 查看本地镜像 docker pull nginx:latest # 拉取镜像 docker build -t myapp:v1 . # 构建镜像 docker rmi image_id # 删除镜像 # 容器操作 docker run -d -p 80:80 nginx # 运行容器 docker ps # 查看运行中的容器 docker stop container_id # 停止容器 docker start container_id # 启动容器 docker rm container_id # 删除容器 # 日志和进入容器 docker logs container_id # 查看容器日志 docker exec -it container_id bash # 进入容器2. Docker Compose2.1 安装Docker Compose图sudo curl -L https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose sudo chmod x /usr/local/bin/docker-compose docker-compose --version2.2 docker-compose.yml示例图version: 3.8 services: web: image: nginx:latest ports: - 80:80 volumes: - ./html:/usr/share/nginx/html depends_on: - app app: image: php:7.4-fpm volumes: - ./code:/var/www/html depends_on: - db db: image: mysql:5.7 environment: MYSQL_ROOT_PASSWORD: rootpassword MYSQL_DATABASE: myapp MYSQL_USER: user MYSQL_PASSWORD: password ports: - 3306:3306 volumes: - db_data:/var/lib/mysql volumes: db_data:2.3 Docker Compose命令图docker-compose up -d # 启动服务 docker-compose down # 停止并删除服务 docker-compose ps # 查看服务状态 docker-compose logs # 查看日志 docker-compose build # 构建镜像三、云原生实践1. 云平台Linux实例部署1.1 AWS EC2实例创建1. 登录AWS控制台2. 选择EC2服务3. 启动实例4. 选择Amazon Linux 2或Ubuntu AMI5. 配置实例类型推荐t3.medium及以上6. 配置安全组开放22、80、443端口7. 创建密钥对并下载1.2 连接EC2实例图# 修改密钥文件权限 chmod 400 my-key-pair.pem # SSH连接 ssh -i my-key-pair.pem ec2-userec2-xx-xx-xx-xx.compute-1.amazonaws.com2. Kubernetes集群配置2.1 Minikube本地集群开发测试图# 安装kubectl curl -LO https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl chmod x kubectl sudo mv kubectl /usr/local/bin/ # 安装Minikube curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 chmod x minikube sudo mv minikube /usr/local/bin/ # 启动集群 minikube start kubectl get nodes2.2 生产环境Kubernetes部署图# 安装kubeadm、kubelet、kubectl sudo apt update sudo apt install -y apt-transport-https ca-certificates curl curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg echo deb [signed-by/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt update sudo apt install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl2.3 Kubernetes基本概念●Pod最小部署单元包含一个或多个容器●Service为Pod提供稳定的网络访问●Deployment管理Pod的声明式更新●Namespace逻辑隔离的虚拟集群2.4 常用kubectl命令图kubectl get pods # 查看Pod kubectl get services # 查看服务 kubectl get deployments # 查看部署 kubectl get nodes # 查看节点 kubectl describe pod pod_name # 查看Pod详细信息 kubectl logs pod_name # 查看Pod日志 kubectl exec -it pod_name bash # 进入Pod四、内核分析与调优1. Linux内核架构1.1 内核主要子系统●进程调度CFS调度器公平分配CPU时间●内存管理虚拟内存、分页机制、内存回收●文件系统VFS抽象层支持多种文件系统●网络协议栈TCP/IP实现网络设备驱动●设备驱动硬件抽象层设备文件操作1.2 内核模块管理图lsmod # 列出已加载模块 modprobe module_name # 加载模块 modprobe -r module_name # 卸载模块 insmod /path/to/module.ko # 手动加载模块 rmmod module_name # 手动卸载模块2. 系统性能分析2.1 性能监控工具图# CPU监控 top htop vmstat 1 # 内存监控 free -h cat /proc/meminfo # 磁盘I/O监控 iostat -x 1 iotop # 网络监控 netstat -tuln ss -tuln iftop # 综合监控 sar -u 1 5 # CPU使用率 sar -r 1 5 # 内存使用 sar -d 1 5 # 磁盘I/O2.2 性能分析工具图# 进程性能分析 pidstat 1 # 系统调用跟踪 strace -p process_id # 函数级性能分析 perf top perf record -g command perf report3. 内核参数调优3.1 网络参数优化图# 临时修改 sudo sysctl -w net.core.somaxconn65535 sudo sysctl -w net.ipv4.tcp_max_connections65535 # 永久修改/etc/sysctl.conf net.core.somaxconn 65535 net.ipv4.tcp_max_connections 65535 net.core.netdev_max_backlog 5000 net.ipv4.tcp_tw_reuse 1 net.ipv4.tcp_fin_timeout 303.2 文件系统优化图# 挂载选项优化 # /etc/fstab /dev/sda1 / ext4 defaults,noatime,discard 0 1 # 文件描述符限制 echo * soft nofile 65535 | sudo tee -a /etc/security/limits.conf echo * hard nofile 65535 | sudo tee -a /etc/security/limits.conf3.3 内存管理优化图# 虚拟内存参数 vm.swappiness 10 vm.vfs_cache_pressure 50 vm.dirty_ratio 15 vm.dirty_background_ratio 5五、大数据与AI平台1. 大数据平台搭建1.1 Hadoop集群部署图# 安装Java sudo apt install -y openjdk-8-jdk # 下载Hadoop wget https://archive.apache.org/dist/hadoop/core/hadoop-3.3.4/hadoop-3.3.4.tar.gz tar -xzvf hadoop-3.3.4.tar.gz sudo mv hadoop-3.3.4 /usr/local/hadoop # 配置环境变量~/.bashrc export HADOOP_HOME/usr/local/hadoop export PATH$PATH:$HADOOP_HOME/bin:$HADOOP_HOME/sbin export JAVA_HOME/usr/lib/jvm/java-8-openjdk-amd64 # 配置Hadoop # core-site.xml configuration property namefs.defaultFS/name valuehdfs://localhost:9000/value /property /configuration # hdfs-site.xml configuration property namedfs.replication/name value1/value /property property namedfs.namenode.name.dir/name value/usr/local/hadoop/data/namenode/value /property property namedfs.datanode.data.dir/name value/usr/local/hadoop/data/datanode/value /property /configuration # mapred-site.xml configuration property namemapreduce.framework.name/name valueyarn/value /property /configuration # yarn-site.xml configuration property nameyarn.nodemanager.aux-services/name valuemapreduce_shuffle/value /property /configuration # 启动Hadoop hdfs namenode -format start-dfs.sh start-yarn.sh1.2 Spark部署图# 下载Spark wget https://archive.apache.org/dist/spark/spark-3.3.0/spark-3.3.0-bin-hadoop3.tgz tar -xzvf spark-3.3.0-bin-hadoop3.tgz sudo mv spark-3.3.0-bin-hadoop3 /usr/local/spark # 配置环境变量 export SPARK_HOME/usr/local/spark export PATH$PATH:$SPARK_HOME/bin # 启动Spark $SPARK_HOME/sbin/start-master.sh $SPARK_HOME/sbin/start-worker.sh spark://localhost:70772. AI框架部署2.1 TensorFlow环境搭建图# 创建虚拟环境 python3 -m venv tf_env source tf_env/bin/activate # 升级pip pip install --upgrade pip # 安装TensorFlow pip install tensorflow # 验证安装 python -c import tensorflow as tf; print(tf.__version__)2.2 PyTorch环境搭建图# 安装PyTorchCPU版本 pip install torch torchvision torchaudio # 安装PyTorchGPU版本CUDA 11.7 pip install torch torchvision torchaudio --index-url https://download.pytorch.org/whl/cu117 # 验证安装 python -c import torch; print(torch.__version__); print(torch.cuda.is_available())2.3 Jupyter Notebook配置图# 安装Jupyter pip install jupyter # 生成配置文件 jupyter notebook --generate-config # 设置密码 jupyter notebook password # 启动Jupyter jupyter notebook --ip0.0.0.0 --port8888 --no-browser --allow-root六、生产环境最佳实践1. 监控与告警●Prometheus监控系统和时间序列数据库●Grafana可视化监控数据●Alertmanager告警管理2. 日志管理●ELK StackElasticsearch、Logstash、Kibana●Fluentd统一日志收集器●Loki轻量级日志聚合系统3. 配置管理●Ansible自动化配置管理●Terraform基础设施即代码●Chef/Puppet配置管理工具4. 安全加固●Fail2ban防止暴力破解●ClamAV病毒扫描●OSSEC主机入侵检测系统总结Linux服务器应用与高级主题涉及多个技术层面从基础的Web服务部署到复杂的云原生架构每个环节都需要深入理解和实践。通过掌握这些技术1.Web服务部署是基础LNMP环境搭建是每个运维工程师必备技能2.容器化技术是现代应用部署的核心Docker和Docker Compose是入门必备3.云原生实践代表了技术发展趋势Kubernetes是容器编排的事实标准4.内核分析与调优是性能优化的关键需要深入理解Linux内核机制5.大数据与AI平台是新兴技术领域Hadoop、Spark、TensorFlow等框架应用广泛