网络配置
ubuntu 18.04网络配置较之前版本有较大改动,它弃用了/etc/networks/interface配置,真正的网络配置是在/etc/netplan/xxx.yaml中生效
查看当前系统网口连结状态,使用
ip a
查看对应网口,如果状态不是down而是up,则选择改网口进行配置
编辑/etc/netplan/xxx.yaml
#注意,如果每个配置后面有内容,则:号后面需加一个空格,再加入自己的配置项
network:
version: 2
rendderer: NetworkManager
ethernets:
enp24s0f0: #以上都不用修改,这里为我们确认的up状态的网口
dhcp4: no #如果我们想要自动分配ip,则更改为yes,并且后面都不用配置。这里设置为no,表示ip是静态手动分配的,需进行后续配置
addresses: [10.192.55.178/24] #这里配置ip地址
gateway4: 10.192.55.254 #配置网关
配置外网域名访问 (前提是开通外网权限)
编辑/etc/resolv.conf
#增加如下配置
nameserver 114.114.114.114 #电信免费提供的DNS服务器
nameserver 8.8.8.8 #谷歌提供的免费dns公众服务器
nameserver 118.118.118.55 #四川雅安电信的公众服务器
编辑/etc/systemd/resolved.conf修改文件,将DNS前的#符号去掉,再加上DNS服务器地址
[resolve]
DNS=114.114.114.114
DNS=118.118.118.55
DNS=8.8.8.8
保存退出后执行/etc/init.d/networking force-reload 重新加载网络相关的配置文件,使DNS配置生效
验证如下:
ping 114.114.114.114能够ping通,如果无法ping通,则外网权限未开
ping www.baidi.com能够ping通。如果无法ping通,则检查配置文件是否填写正确
配置软件源(使用国内源)
备份当前源mv /etc/apt/source.lit /etc/apt/source.list-bak
编辑vi /etc/apt/source.list
插入如下内容,总共提供了四个源(阿里,网易,中科,清华),可以只选择一个源
#阿里源
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
#中科源
deb https://mirrors.ustc.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src https://mirrors.ustc.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
#网易源
deb http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.163.com/ubuntu/ bionic-backports main restricted universe multiverse
#清华源
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-poposed main restricted universe multiverse
更新当前源sudo apt-get update即可
配置远程ssh访问
检测当前系统是否有sshd进程存在
ps -ef|grep ssh查看是否存在sshd进程,如果存在,则可以直接ssh访问当前设备。如果不存在则执行如下步骤
安装ssh软件
sudo apt-get install -y openssh-server
再次检查是否进程sshd存在,存在则可以继续访问
ssh 主机名如果能够正常访问,则表示当前设备已经支持ssh访问
设置ssh本机免密登录,执行如下
ssh-keygen
cd ~/.ssh
cat .ssh/id_rsa.pub >> .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
重启ssh服务,我们输入: /etc/init.d/ssh restart
验证是否成功:
ssh 主机名 即可不需要密码成功登录
设置hostname
hostnamectl set-hostname node1
hostnamectl set-hostname node2
hostnamectl set-hostname node3
修改/etc/hosts文件
192.168.113.3 node1
192.168.113.4 node2
192.168.113.5 node3
设置ssh免密登录
ssh-keygen 一路回车
ssh-copy-id node{1,2,3}
验证一下
ssh node2
有3台虚拟机:
192.168.178.137 bigdata-cdh01.ibeifeng.com
192.168.178.138 bigdata-cdh02.ibeifeng.com
192.168.178.139 bigdata-cdh03.ibeifeng.com
以 bigdata-cdh01.ibeifeng.com 主机做操作:
用root用户登录;
运行命令:ssh-keygen -t rsa,一直按回车直到结束;生成密码对;
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ee:4e:12:b5:f1:e3:92:ed:b8:f3:78:76:a0:11:30:0f root@bigdata-cdh01.ibeifeng.com
The key’s randomart image is:
±-[ RSA 2048]----+
| |
| E |
| =o |
| .o+ |
| . S.o |
| o.+… |
| . =oo. |
| +o=o . |
| .**o. |
±----------------+
进入生成的 ~/.ssh 目录;可以看到有2个文件;
id_rsa.pub 是公钥,可以发送到其他机子,用于加密;
id_rsa 是私钥,只能保存在本机,用于解密;
# cd ~/.ssh
id_rsa id_rsa.pub
把公钥追加到 authorized_keys 文件
# cat id_rsa.pub >> authorized_keys
测试能不能免密登陆到本机;
可以看到第一次有警告;第二次就可以免密登录;
# ssh bigdata-cdh01.ibeifeng.com
The authenticity of host ‘bigdata-cdh01.ibeifeng.com (192.168.178.137)’ can’t be established.
RSA key fingerprint is bd:4f:95:ba:38:b6:97:b7:5a:95:d2:76:41:07:cb:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘bigdata-cdh01.ibeifeng.com,192.168.178.137’ (RSA) to the list of known hosts.
Last login: Tue Dec 3 10:46:04 2019 from 192.168.178.1
# exit
logout
Connection to bigdata-cdh01.ibeifeng.com closed
# ssh bigdata-cdh01.ibeifeng.com
Last login: Tue Dec 3 12:54:49 2019 from bigdata-cdh01.ibeifeng.com
# exit
logout
Connection to bigdata-cdh01.ibeifeng.com closed.
同时在 bigdata-cdh02.ibeifeng.com 和 bigdata-cdh03.ibeifeng.com 做以上操作;
分别把bigdata-cdh02.ibeifeng.com 和 bigdata-cdh03.ibeifeng.com 的公钥发送到 bigdata-cdh01.ibeifeng.com 的 authorized_keys中,
# cat ~/.ssh/id_rsa.pub | ssh bigdata-cdh01.ibeifeng.com 'cat >> ~/.ssh/authorized_keys'
此时,bigdata-cdh01.ibeifeng.com 的 authorized_keys中 同时有 bigdata-cdh01、bigdata-cdh02 和 bigdata-cdh03 的 公钥,可以免密码登录 bigdata-cdh01、bigdata-cdh02 和 bigdata-cdh03;
把bigdata-cdh01.ibeifeng.com中的 authorized_keys 发送到 bigdata-cdh02 和 bigdata-cdh03 的 ~/.ssh/ 目录下;
使得 bigdata-cdh02 和 bigdata-cdh03 都有三台主机的公钥;这样,三台主机都互相拥有对方的公钥,可以相互免密登录;
# scp -r authorized_keys root@bigdata-cdh02.ibeifeng.com:~/.ssh/