Linux Ops Tips

Overview

这个帖子是一些使用Linux（Based on Debian）时的小技巧集合，不定期更新。有些内容可能其他Linux Distro也可以用。

裸机安装相关

移除不使用的kernel

查看当前kernel

uname -a

以下是一个示例

1 2	root@debian:~# uname -a Linux debian 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.37-1 (2023-07-03) x86_64 GNU/Linux

可以发现目前正在使用的时6.1.37-1的kernel，随后查看所有的kernel

1	dpkg --list \| grep linux-image

以下是一个示例

root@debian:~# dpkg --list | grep linux-image
rc  linux-image-5.10.0-23-amd64  5.10.179-1                     amd64        Linux 5.10 for 64-bit PCs (signed)
ii  linux-image-5.10.0-8-amd64   5.10.46-5                      amd64        Linux 5.10 for 64-bit PCs (signed)
ii  linux-image-6.1.0-10-amd64   6.1.37-1                       amd64        Linux 6.1 for 64-bit PCs (signed)
ii  linux-image-amd64            6.1.37-1                       amd64        Linux for 64-bit PCs (meta-package)

那么linux-image-5.10.0-23-amd64和linux-image-5.10.0-8-amd64是未被使用可以卸载的kernel,
直接执行apt remove即可，如下

root@debian:~# apt remove linux-image-5.10.0*
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'linux-image-5.10.0-23-amd64' for glob 'linux-image-5.10.0*'
Note, selecting 'linux-image-5.10.0-8-amd64-unsigned' for glob 'linux-image-5.10.0*'
Note, selecting 'linux-image-5.10.0-8-amd64' for glob 'linux-image-5.10.0*'
Note, selecting 'linux-image-5.10.0-23-amd64-unsigned' for glob 'linux-image-5.10.0*'
Package 'linux-image-5.10.0-23-amd64-unsigned' is not installed, so not removed
Package 'linux-image-5.10.0-8-amd64-unsigned' is not installed, so not removed
Package 'linux-image-5.10.0-23-amd64' is not installed, so not removed
The following packages will be REMOVED:
  linux-image-5.10.0-8-amd64
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
After this operation, 302 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 36690 files and directories currently installed.)
Removing linux-image-5.10.0-8-amd64 (5.10.46-5) ...
I: /vmlinuz.old is now a symlink to boot/vmlinuz-6.1.0-10-amd64
I: /initrd.img.old is now a symlink to boot/initrd.img-6.1.0-10-amd64
/etc/kernel/postrm.d/initramfs-tools:
update-initramfs: Deleting /boot/initrd.img-5.10.0-8-amd64
/etc/kernel/postrm.d/zz-update-grub:
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-6.1.0-10-amd64
Found initrd image: /boot/initrd.img-6.1.0-10-amd64
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
done

安装Docker

替换了download.docker.com成mirrors.ustc.edu.cn/docker-ce加速下载

sudo apt-get update
sudo apt-get install ca-certificates curl gnupg -y
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \
  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.ustc.edu.cn/docker-ce/linux/debian \
  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

不需要额外安装，直接docker compose就可使用docker-compose
随后安装一个ctop用来查看docker容器的资源使用情况

1 2	sudo wget https://github.com/bcicen/ctop/releases/download/v0.7.7/ctop-0.7.7-linux-amd64 -O /usr/local/bin/ctop sudo chmod +x /usr/local/bin/ctop

下载比较慢就是用ghproxy加速一下，即：

1	sudo wget https://ghproxy.com/https://github.com/bcicen/ctop/releases/download/v0.7.7/ctop-0.7.7-linux-amd64 -O /usr/local/bin/ctop

Docker 相关

Grafana + Prometheus + Node Exporter

version: '3.8'

networks:
  monitoring:
    driver: bridge

volumes:
  prometheus_data: 
    driver: local
    driver_opts:
      type: none
      o: bind
      device: /opt/prometheus

  grafana_data:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: /opt/grafana

services:
  grafana:
    image: grafana/grafana-oss:latest
    container_name: grafana
    volumes:
      - grafana_data/data:/var/lib/grafana
      - grafana_data/provisioning:/etc/grafana/provisioning
    environment:
      - GF_SECURITY_ADMIN_USER=${ADMIN_USER}
      - GF_SECURITY_ADMIN_PASSWORD=${ADMIN_PASSWORD}
      - GF_USERS_ALLOW_SIGN_UP=false
    restart: unless-stopped
    ports:
      - "33281:3000"
    networks:
      - monitoring

local_exporter:
    image: prom/node-exporter:latest
    container_name: node-exporter
    restart: unless-stopped
    volumes:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /:/rootfs:ro
    command:
      - '--path.procfs=/host/proc'
      - '--path.rootfs=/rootfs'
      - '--path.sysfs=/host/sys'
      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
    ports:
      - "9100:9100"
    networks:
      - monitoring

  prometheus:
    image: prom/prometheus:latest
    user: root
    container_name: prometheus
    restart: unless-stopped
    volumes:
      - prometheus_data/prometheus.yml:/etc/prometheus/prometheus.yml
      - prometheus_data/data:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--web.console.libraries=/etc/prometheus/console_libraries'
      - '--web.console.templates=/etc/prometheus/consoles'
      - '--storage.tsdb.retention.time=168h'
      - '--web.enable-lifecycle'
    ports:
      - "19090:9090"
    networks:
      - monitoring

同目录下创建以下两个文件，修改user_here及password_here
.env

1 2	ADMIN_USER=user_here ADMIN_PASSWORD=password_here

prometheus.yml

global:
  scrape_interval:     15s
  external_labels:
      monitor: 'docker-host-alpha'

scrape_configs:
  - job_name: 'node_exporter'
    scrape_interval: 5s
    static_configs:
      - targets: ['node-exporter:9100']

  - job_name: 'prometheus'
    scrape_interval: 10s
    static_configs:
      - targets: ['localhost:9090']

一些常用命令

ss

# 统计当前连接
ss -s
# 查看TCP和UDP的连接及正在监听的sockets
ss -nultp

一些组合使用的命令

# 统计文件个数
ls | wc -l
# 显示以:分割的第一段, 以下示例将会显示test_field_1
echo "test_field_1:test_field_2"| cut -d: -f1