[3.磁盘加密]

1.磁盘加密

fdisk /dev/vdb

partprobe

cryptsetup luksFormat /dev/vdb1      **加密/dev/vdb1磁盘

cryptsetup open /dev/vdb1 redhat     **开启磁盘

mkfs.xfs /dev/mapper/redhat          **格式化

mount /dev/mapper/redhat /mnt/       **将/dev/mapper/redhat挂载到/mnt

umount /mnt/                         **卸载

cryptsetup close redhat              **关闭redhat

wKioL1gkJBmjW9xQAAFdgDNIw3Y896.png-wh_50

 

2.加密磁盘永久挂载

vim /etc/crypttab                    **加密配置文件

[root@localhost ~]# cat /etc/crypttab

redaht           /dev/vdb1       /root/lukspsfile

解密后设备管理文件    设备              加密字符 

wKiom1gkJBjzvpJUAAAiKLhhkdc715.png-wh_50

     

vim /root/lukspsfile                 **加密密码配置

[root@localhost ~]# cat /root/lukspsfile

kile2583

 

chmod 600 /root/lukspsfile

cryptsetup luksAddKey /dev/vdb1 /root/lukspsfile  **将/root/lukspsfile中的密码应用到/dev/vdb1磁盘上

 

vim /etc/fstab            **设置开机启动的配置

[root@localhost ~]# cat /etc/fstab

/dev/mapper/redhat  /mnt   xfs   defaults    0 0

reboot                    **重启

[root@localhost mnt]# df  **查看是否永久挂载

Filesystem         1K-blocks    Used Available Use% Mounted on

/dev/vda1           10473900 3124648   7349252  30% /

devtmpfs              927072       0    927072   0% /dev

tmpfs                 942660     140    942520   1% /dev/shm

tmpfs                 942660   17024    925636   2% /run

tmpfs                 942660       0    942660   0% /sys/fs/cgroup

/dev/mapper/redhat   1043116   32932   1010184   4% /mnt

 

 

3.加密清除

vim /etc/fstab

> /etc/crypttab            **清空/etc/crypttab文件信息

rm -rf /root/lukspsfile    **删除/root/lukspsfile

umount /mnt/               **卸载

cryptsetup close redhat    **关闭磁盘

mkfs.xfs /dev/vdb1 -f      **强制格式化

  

4.磁盘列阵

fdisk /dev/vdb     **创建3个分区(fd)

   Device Boot      Start         End      Blocks   Id  System

/dev/vdb1            2048     2099199     1048576   fd  Linux raid autodetect

/dev/vdb2         2099200     4196351     1048576   fd  Linux raid autodetect

/dev/vdb3         4196352     6293503     1048576   fd  Linux raid auto

partprobe          **磁盘同步

cat /proc/partitions

ll /dev/md0

mdadm -C /dev/md0 -a yes -l 1 -n 2 -x 1 /dev/vdb{1..3}

mkfs.xfs /dev/md0

mount /dev/md0 /mnt

 

mdadm -f /dev/md0 /dev/vdb1    **破坏磁盘

mdadm -r /dev/md0 /dev/vdb1    **删除磁盘(若正使用中需先卸载在删除)

mdadm -a /dev/md0 /dev/vdb1    **添加新磁盘

mdadm -D /dev/md0              **查看正运行磁盘

mdadm -f /dev/md0 /dev/vdb1

mdadm -f /dev/md0 /dev/vdb2

mdadm -r /dev/md0 /dev/vdb1

mdadm -r /dev/md0 /dev/vdb2

 

umount /mnt/

[root@localhost mnt]# df

Filesystem     1K-blocks    Used Available Use% Mounted on

/dev/vda1       10473900 3124776   7349124  30% /

devtmpfs          927072       0    927072   0% /dev

tmpfs             942660     140    942520   1% /dev/shm

tmpfs             942660   17092    925568   2% /run

tmpfs             942660       0    942660   0% /sys/fs/cgroup

 

mdadm -S /dev/md0

然后要取消直接删除vdb1 vdb2 vdb3

 wKiom1gkJBqDEpqAAAC2-CyHzjw071.png-wh_50

watch -n 1 cat /proc/mdstat    **监控命令

 

[5.配额]

mount -o usrquota /dev/vdb1 /pub/

quotaon -uv /dev/vdb1

 wKiom1gkJBuz5cQMAAB6r29OEIk181.png-wh_50

su - student

dd if=/dev/zero of=/pub/file bs=1M count=500

 wKioL1gkJBvwrG0OAACfBe2u4pg236.png-wh_50

 

 

{1.lvm}

[1.lvm建立]

1.划分物理分区并把分区id修改为8e

pvs|pvdisplay

vgs|vgdisplay

lvs|lvdisplay

 

watch -n 1 'echo "=== pvinfo ===";pvs;echo "=== vginfo ===";vgs;echo "=== lvinfo ===";lvs'

 

pvcreate /dev/vdb1

vgcreate  westos /dev/vdb1

lvcreate -L 100M -n lv0 westos

 mkfs.xfs /dev/westos/lv0

mount /dev/westos/lv0  /mnt/

磁盘不够用,再增加一块:

lvextend -L 200 /dev/westos/lv0

mkfs.xfs /dev/westos/lv0

pvcreate /dev/vdb2

vgcreate  westos /dev/vdb1

lvcreate -L 600M -n lv0 westos

xfs_growfs /dev/westos/lv0