vlt0204, NDC瓦特超了,十有八九是网卡烧了,然后导致主板电压过载。 前面板日志:VLT0204,登录idrac看到日志: The system board NDC PG voltage is outside of range. 悲剧了,可能是主板烧了 处理方法如下: 一、主板放电 1、关机 2、拔电源线 3、长按电源开关半分钟不放手 4、半分钟后放手,接回电源线开机看看 如果以上方法不行,就必须采用第二种方法: 二、最小化负载排错 1、拔掉电源2 2、拔掉CPU2 3、拔掉所有内存(只留1条或2条) 4、拔掉网卡 5、启动看看 R740的内存插法: R730的内存插法:
CentOS7更新内核 内核下载地址:https://elrepo.org/linux/kernel/el7/x86_64/RPMS/ 内核包有两种,ml主流,lt长期支持。 我们升级核心肯定是为了主流的功能,lt还升它做甚。 #升级: rpm -ivh https://elrepo.org/linux/kernel/el7/x86_64/RPMS/kernel-ml-6.1.0-1.el7.elrepo.x86_64.rpm #查看可用内核 awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg #初始化第一个为默认内核 grub2-set-default 0 #重新创建内核配置 grub2-mkconfig -o /boot/grub2/grub.cfg reboot #后续有需要再装,不需要搞开发就别装! #更新kernel-ml-headers rpm -ivh https://elrepo.org/linux/kernel/el7/x86_64/RPMS/kernel-ml-headers-6.1.0-1.el7.elrepo.x86_64.rpm #更新kernel-ml-devel rpm -ivh https://elrepo.org/linux/kernel/el7/x86_64/RPMS/kernel-ml-devel-6.1.0-1.el7.elrepo.x86_64.rpm
各种合规要求中都对用户策略有着要求,什么PCI啊,上市审计啊,都有着密码复杂程度的要求: CentOS 7 的用户密码策略: 修改vi /etc/pam.d/system-auth 其中有一行: password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= 后面加上: minlen=12 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 enforce_for_root 修改成为: password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= minlen=12 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 enforce_for_root 意思是: 密码长度12,须包含:一个小写字符,一个大写字符,一个数字,一个特殊字符,强制root也遵守此规则 参数全部解释如下: retry=3: This option will prompt the user 3 times before exiting and returning an error. minlen=12: This specifies that the password cannot be less than 12 characters. maxrepeat=3: This allows implies that only a maximum of 3 repeated characters can be included in the password. ucredit=-1: The option requires at least one uppercase character in the password. lcredit=-1: The option requires at least one lowercase character in the password. dcredit=-1: This implies that the password should have at last a numeric character. ocredit=-1: The option requires at least one special character included in the password. difok=3: This implies that only a maximum of 3 character changes in the new password should be present in the old password. reject_username: The option rejects a password if it consists of the username either in its normal way or in reverse. enforce_for_root: This ensures that the password policies are adhered to even if it’s the root user configuring the passwords.
一:介绍: DNSMasq主要用来解决内网DNS域名缓存、DHCP、网络启动和路由通告功能,我们主要是将DNSMasq作为内网DNS域名劫持使用 系统环境:centos7.6 需求:一个域名对应多个ip 主机ip:(内网主机172.18.30.1和172.18.30.2) 二:配置方法 1,添加如下配置到/etc/dnsmasq.conf addn-hosts=/etc/ty.ddky.local addn-hosts:如果要支持一个域名对应多个 IP,就必须用 addn-hosts 选项 2,/etc/ty.ddky.local 文件内容如下: 172.18.33.100 ty.ddky.local 172.18.33.104 ty.ddky.local 3,修改完成后重启 DNSMasq systemctl restart dnsmasq.service
网络工程师选择网络设备的监控工具是老牌的cacti,当然作为系统工程师的我,还是觉得librenms是个好选择,但是,librenms会对网络设备cpu造成比较大的压力。那还是遵从他的选择,最近网工报告说: 选择图形的时候时间Filter失效了。选择了以后图形无变化,崩溃,查了一下,都上古的玩意了。 修改方法: 修改graph_image.php unixtime = 1600000000,也就是到 2020-09-13 20:26:40。放大到 2600000000,也就是到2052-05-22 22:13:20,写这个php程序的人防越界,却没想到时间真的来到了这个节点。 注:Unix 时间戳是从1970年1月1日(UTC/GMT的午夜)开始所经过的秒数,不考虑闰秒。
线上服务器172.18.30.67 有4个网口 其中eno1和eno2是两个光纤万兆口,enp26s0f0和enp26s0f1是两个以太千兆网口。 eno2网卡在没做bonding的时候,通过NetworkManager的dhcp获得了地址。然后eno1和eno2做了bonding,但是eno2实际还在单独起作用,bonding后地址没去掉,导致有两个网关。路由表如下: [root@renhe-18-30-67 ~]# ip r default via 172.18.29.254 dev eno2 default via 172.18.31.254 dev br0.199 proto static metric 426 172.18.28.0/23 dev eno2 proto kernel scope link src 172.18.28.67 172.18.30.0/23 dev br0.199 proto kernel scope link src 172.18.30.67 metric 426 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 eno2是从dhcp获得了172.18.28.67的地址 ip a eno2: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST> mtu 1500 inet 172.18.28.67 netmask 255.255.254.0 broadcast 172.18.29.255 ether b4:05:5d:08:e0:d8 txqueuelen 1000 (Ethernet) RX packets 81768780 bytes 5398659503 (5.0 GiB) RX errors 0 dropped 7 overruns 0 frame 0 TX packets 10044620 bytes 467566304 (445.9 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 这种情况下,处理方法如下: ...
114.114.114.114 这个DNS修改记录等待的生效时间非常的长,远远超出了TTL的时长,基本是你设置TTL时间的6倍。 这是上次我们割接得到的教训啊。我们要割接m.ddky.com的域名。 注:在修改m.ddky.com的记录前,已经把ddky.com的m.ddky.com的TTL改成了1分钟,正常的来说,第一轮1分钟内不更新,第二轮2分钟内也应该更新了。 看下图,在带外机上做的查询,查询的时候8.8.8.8和223.5.5.5都已经生效了,变成了帝联的地址。 06:06:57 做了查询,去掉小时,06:57定义为起始时间。 一直到 12:22 分还没有变过来,大概 13:00 变过来 起始 06:57 – 13:00 ,一共用了6分钟。而TTL是1分钟,所以基本是6倍时间。 往前推测5月25日的DNS割接,TTL是10分钟,6倍,就是60分钟,基本吻合。 如果想让DNS尽快生效,TTL改成10秒是极限了。
首先ssh到idrac去,直接会进入racadm的界面 我们以2022年最新的dell机器为例,老的机器显示的东西不一致 ssh 10.18.30.104 Password: racadm>> 注意,shell命令有自动补全功能,按两下tab键会自动补 做raid的全部命令都在storage的子命令下 一、首先拿到raid卡的名称: racadm>>storage get controllers RAID.Slot.1-1 AHCI.Embedded.2-1 AHCI.Embedded.1-1 RAID.Slot.1-1 是Raid卡控制器名称,下面两个是主板内置的,忽略。 二、然后拿到所有物理盘的名称: racadm>>storage get pdisks Disk.Bay.0:Enclosure.Internal.0-1:RAID.Slot.1-1 Disk.Bay.1:Enclosure.Internal.0-1:RAID.Slot.1-1 Disk.Bay.2:Enclosure.Internal.0-1:RAID.Slot.1-1 Disk.Bay.3:Enclosure.Internal.0-1:RAID.Slot.1-1 三、看看有没有已经做好的虚拟磁盘 racadm>>storage get vdisks 显示为空,那我们就可以放心大胆的去做了 四、划分RAID 根据级别不同,精简过的名令如下: racadm storage createvd:<控制器> -rl {r0|r1|r5|r6|r10|r50|r60} -pdkey:<磁盘组,用逗号分割> -rl — Sets the storage level. r0 — storage 0-Striping r1 — storage 1-Mirroring r5 — storage 5-Striping with Parity r6 — storage 6-Striping with Extra Parity r10 — storage 10-Spanned Striping with Mirroring r50 — storage 50-Spanned Striping with Parity r60 — storage 60-Spanned Striping with Extra Parity 给出例子: ...
这Megacli是操作磁盘Raid的常用软件,日常用的大多是dell家的机器,都是这软件,记录一下。 #!/bin/sh #/opt/MegaRAID/MegaCli/MegaCli64 -PDList -a0 /opt/MegaRAID/MegaCli/MegaCli64 -PDList -a0 | grep -A1 "Enclosure Device" # clear foreign disk #/opt/MegaRAID/MegaCli/MegaCli64 -cfgforeign -scan -a0 #/opt/MegaRAID/MegaCli/MegaCli64 -cfgforeign -clear -a0 # clear Firmware state #/opt/MegaRAID/MegaCli/MegaCli64 -PDList -a0 |grep 'Firmware state' #/opt/MegaRAID/MegaCli/MegaCli64 -PDMakeGood -Physdrv "[32:3]" -a0 # clear Firmware JBOD mode, first turn into unconfig mode, then MakeGood #/opt/MegaRAID/MegaCli/MegaCli64 -PDList -a0 |grep 'Firmware state' #/opt/MegaRAID/MegaCli/MegaCli64 -PDMakeGood -Physdrv [32:3] -force -a0 #/opt/MegaRAID/MegaCli/MegaCli64 AdpGetProp EnableJBOD -aALL #/opt/MegaRAID/MegaCli/MegaCli64 -AdpSetProp -EnableJBOD -1 -a0 #/opt/MegaRAID/MegaCli/MegaCli64 -PDMakeJBOD -PhysDrv[252:0] -a0 # create Raid0 #/opt/MegaRAID/MegaCli/MegaCli64 -CfgLdAdd -r0[252:3] -a0 # Get old Cache, ex: Virtual Drive(Target ID 02) #/opt/MegaRAID/MegaCli/MegaCli64 -GetPreservedCacheList -a0 # Clear cache, ex: Virtual Drive(Target ID 02) #/opt/MegaRAID/MegaCli/MegaCli64 -DiscardPreservedCache -L2 -a0 # create Raid1 #/opt/MegaRAID/MegaCli/MegaCli64 -CfgLdAdd -r1[252:4,252:5] -a0 # create Raid5 #/opt/MegaRAID/MegaCli/MegaCli64 -CfgLdAdd -r5[252:2,252:3,252:4,252:5] -a0 # create Raid10 #/opt/MegaRAID/MegaCli/MegaCli64 -CfgSpanAdd -r10 -Array0[32:4,32:5] -Array1[32:6,32:7] -a0 #delete raid #/opt/MegaRAID/MegaCli/MegaCli64 -CfgLdDel -L0 -a0 #Virtual Drive: 0 (Target Id: 0) # check Raid #/opt/MegaRAID/MegaCli/MegaCli64 -LDInfo -Lall -aALL #RAID 1 #RAID Level : Primary-1, Secondary-0, RAID Level Qualifier-0 #RAID 5 #RAID Level : Primary-5, Secondary-0, RAID Level Qualifier-3 # check Raid disks #/opt/MegaRAID/MegaCli/MegaCli64 -LdPdInfo -aAll | egrep "^Adapter|^Number of Virtual|^Virtual Drive:|^Name|^Enclosure Device ID:|^Slot Number:" # GPT part #parted -s /dev/sde mklabel gpt mkpart primary 0% 100% # check disk rebuild progress #/opt/MegaRAID/MegaCli/MegaCli64 -PDRbld -ShowProg -physdrv[32:1] -aALL #Rebuild Progress on Device at Enclosure 32, Slot 1 Completed 7% in 3 Minutes. # Force rebuild #/opt/MegaRAID/MegaCli/MegaCli64 -PDRbld -Start -physdrv[32:1] -a0 # OR #/opt/MegaRAID/MegaCli/MegaCli64 -pdlocate -start -physdrv[32:1] -a0 #Start rebuild, first clean the foreign configuration and then make the device hot spare (only if the above command failed) #/opt/MegaRAID/MegaCli/MegaCli64 -CfgForeign -Clear -aALL #set global hostspare #/opt/MegaRAID/MegaCli/MegaCli64 -PDHSP -Set -PhysDrv [32:1] -a0 #If you need to unset/remove a global hotspare: #/opt/MegaRAID/MegaCli/MegaCli64 -PDHSP -Rmv -PhysDrv [32:1] -aN #downgrade raid6 --> raid5 ,and more space now can be used # -L0 virtual disk 0 # /opt/MegaRAID/MegaCli/MegaCli64 -LDRecon -Start -r5 -L0 -a0 # echo 1 > /sys/block/sda/device/rescan #Add disk to a raid5 #/opt/MegaRAID/MegaCli/MegaCli64 -LDRecon -Start -r5 -Add -PhysDrv[32:3] -L0 -a #Configure WriteThrough or WriteBack #/opt/MegaRAID/MegaCli/MegaCli64 -LDSetProp -WT -Immediate -Lall -aAll #/opt/MegaRAID/MegaCli/MegaCli64 -LDSetProp -WB -Immediate -Lall -aAll #/opt/MegaRAID/MegaCli/MegaCli64 -PDList -aALL |grep "Inquiry Data:" #Inquiry Data: SEAGATE ST600MP0005 VS08S7M04B0C #Inquiry Data: SEAGATE ST600MP0005 VS08S7M04AFD #Inquiry Data: SEAGATE ST600MP0005 VS08S7M04JAY #Inquiry Data: SEAGATE ST600MP0005 VS08S7M04AAG #/opt/MegaRAID/MegaCli/MegaCli64 -PDList -aALL | grep "Drive Temperature" #Drive Temperature :36C (96.80 F) #Drive Temperature :35C (95.00 F)
这一篇正规的DBA看到肯定会呲之以鼻,但对于没有用过oracle的系统运维来说,就是必须知道的事情了。 公司的 Oracle 实例有两台数据库,定时用rman备份,但是没有自动清理机制 ,过一阵子磁盘就会超过 80% 告警,需要手动清理,烦不胜烦。 凡是要手动做三次的事情必须自动化处理,启荣大师如是说,照办就是。 cat del_log.sh #!/bin/bash source /home/oracle/.bash_profile rman target / << EOF delete noprompt archivelog until time 'sysdate-7'; exit; EOF 很简单吧。上面引用的 .bash_profile 内容如下: # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/.local/bin:$HOME/bin export PATH export ORACLE_BASE=/data/u01/app/oracle export ORACLE_HOME=/data/u01/app/oracle/product/18.3.0/dbhome_1 export ORACLE_SID=oradb export PATH=/usr/sbin:$PATH export PATH=$ORACLE_HOME/bin:$PATH:/usr/local/bin export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib:$ORACLE_HOME/rdbms/lib export CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib export NLS_DATE_FORMAT='yyyy/mm/dd hh24:mi:ss' export EDITOR=vi umask 022 这个 del_log.sh 的脚本放进 oracle 用户的 crontab 里执行就好 ...