新服务器の周辺
之前写了一篇配置ssh的ssh登录服务器,就只是讲了ssh配置部分,但是还有其他的一些细节没有讲,下面就一步步展开,用一个新装好的ubuntu server16.04作为例子。
1.检查时间
①date查看服务器时间是否正确
②配置时区 dpkg-reconfigure tzdata,可以写进去/etc/timezone,再看看时间,如果不对的话可以用date -s 校正
③配置ntp服务器
sudo apt-get install ntp ntpdate
1.ntp是一个守护进程,配置文件是/etc/ntp.conf,下面是我的配置,配置好以后sudo service ntp restart重启一下服务就好了
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst
server 202.120.2.101 prefer #上海交大网络中心
server 202.112.10.60 #北京邮电大学
server cn.ntp.org.cn
# Use Ubuntu's ntp server as a fallback.
#pool ntp.ubuntu.com
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery limited
restrict -6 default kod notrap nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Needed for adding pool entries
restrict source notrap nomodify noquery
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
#Changes recquired to use pps synchonisation as explained in documentation:
#http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#AEN3918
#server 127.127.8.1 mode 135 prefer # Meinberg GPS167 with PPS
#fudge 127.127.8.1 time1 0.0042 # relative to PPS for my hardware
#server 127.127.22.1 # ATOM(PPS)
#fudge 127.127.22.1 flag3 1 # enable PPS API
2.如果想直接马上同步时间则是用ntpdate
#同步上海交大ntp服务器ip
ntpdate 202.120.2.101
ntpdate命令是要在ntp进程退出的情况下执行,如果执行上述命令出错,那么请先关闭ntp进程
2.语系
1.locale查看现在的语系
2.locale -a 查看所有可用语系
2.重新设定语系(zh_CN.UTF-8,或者en_US.utf8)
sudo dpkg-reconfigure locales
5.24更新:搞vagrant+docker时候遇到这个问题,可能会引起中文显示错误
-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
解决:
sudo apt-get update && sudo apt-get install locales
sudo dpkg-reconfigure locales
# dpkg-reconfigure locales过程中选择en_US.UTF-8
3.配置ssh
不废话了,看这篇专门的==>ssh登录服务器
4.检查dns解析服务器配置
ping 一下一些比如百度的一些大网站(不太可能挂掉的),如果不能正常ping通的话,请检查vim /etc/resolv.conf 是否正确配置,不然如果这里域名解析出问题,下面用apt安装和更新软件也会出问题的
5.一些服务器必备软件
之前有写过当Kali Rolling作为笔记本唯一一个系统,这个是桌面版的推荐软件,而服务器的话就不需要太多杂七杂八的软件
①配置更新源/etc/apt/sources.list[服务器和桌面版的好像用同一个源都可以]
deb http://mirrors.ustc.edu.cn/ubuntu/ xenial main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-security main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-proposed main restricted universe multiverse
deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial main restricted universe multiverse
deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-security main restricted universe multiverse
deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse
deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-proposed main restricted universe multiverse
deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse
deb https://apt.dockerproject.org/repo/ ubuntu-xenial main
# deb-src https://apt.dockerproject.org/repo/ ubuntu-xenial main
②更新列表,这个可能需要比较久的时间
sudo apt-get update
③安装vim来修改一些系统配置文件是很方便的,而对于一些需要长时间运行的进程而言,tmux也是十分必要的,比如等下的upgrade和dist-upgrade升级软件和系统就非常耗时,因为往往你所下载就算是官方的镜像,离现在最新的软件版本还是有段距离,所以vim和tmux是每个服务器必备的!
sudo apt-get install vim tmux
④更新已经下载软件和系统(最好先打开tmux,关于tmux的使用,建议花点时间到网上学学,后面会很方便的)
sudo apt-get -y upgrade && sudo apt-get -y dist-upgrade
⑤之后再安装你要的软件,比如LAMP,比如JavaEE的一些软件,再比如python,python-pip还有一些框架,这里就根据不同需求有了分化,就不一一展开了
6.针对云服务器
18.3.10更新
因为现在主流的云服务器的都是采用虚拟化技术,但是有些虚拟化技术会导致超售比如openvz,而KVM和Xen和Hyper-V(windows)这些则不会,所以我们就想知道,究竟我们买的服务器是哪种,就算在购买服务器的web界面可能在购买的时候会显示是哪种虚拟化技术,但是怎么测试是否就是它所说的那样呢
我们可以利用virt-what,apt或者用yum下载后用root用户运行后就可以直接告诉我们究竟是哪种,就我现在用vultr和google cloud platform而言,两者都测试结果是KVM,vultr是明白说了KVM,但是谷歌云主机我找了半天才找到他的虚拟化技术是,所以为了节省时间或者提高准确率,对于新的不知道虚拟化技术的服务器,都可以下载virt-what来诊断究竟是哪种虚拟化技术
P.s.谷歌云主机真的很快,选择的是asia-east1-a节点直接走台湾~