First understanding of the difference between centos7 and centos6 (kernel, commands, etc.)
Differences and features between CentOS7.2 and CentOS6
The boot of the Linux operating system first starts from the BIOS, and then enters the boot loader, which loads the kernel and initializes the kernel. The last step of kernel initialization is to start the init process with pid 1. This process is the first process of the system. It is responsible for spawning all other user processes. init exists as a daemon process and is the ancestor of all other processes. The init process is very unique and can complete tasks that other processes cannot.
Sysvinit is the system V style init system. Sysvinit uses the term runlevel to define "subscribed operating mode". Sysvinit checks whether there is an entry of'initdefault' in the'/etc/inittab' file. This tells the init system whether there is a default operating mode. Sysvinit uses scripts, file naming rules and soft links to implement different runlevels, and serially start various processes and services.
Systemd is the latest initialization system (init) in the Linux system. Its main design goal is to overcome the inherent shortcomings of sysvinit and improve the system startup speed. systemd and ubuntu's upstart are competitors and are expected to replace UpStart. Systemd's goal is to start as few processes as possible, and to start as many processes in parallel as possible.
The difference in file system, Centos6.x generally uses the ext3\ext4 file system format, while centos7 uses the xfs format by default:
EXT3 supports the largest 16TB file system and the largest 2TB file, Ext4 supports respectively
1 EB (1,048,576TB, 1EB=1024PB, 1PB=1024TB) file system, and 16TB files. Ext3 currently only supports 32,000 subdirectories, while Ext4 supports an unlimited number of subdirectories.
EXT4 is the fourth-generation extended file system (English: Fourth EXtended filesystem, abbreviated as ext4) is the log file system under the Linux system, and is the successor version of the ext3 file system.
The file system capacity of Ext4 reaches 1EB, and the capacity of a single file reaches 16TB, which is a very large number. For general desktops and servers, this may not be important, but for users of large disk arrays, it is very important; (disk structure due to Ext4's inode number limit (32 digits)) About 4 billion files, and the single file size of Ext4 can only support up to 16T (4K block size))
XFS is a 64-bit file system that supports a single file system of up to 8EB minus 1 byte. The actual deployment depends on the maximum block limit of the host operating system. For a 32-bit Linux system, the file and file system size will be limited to 16TB.
2.4 Linux network configuration management
Familiar with the commonly used commands and Linux permissions, then how do you get the Linux system online? What are the commands for managing linux server network?
The Linux server default network card configuration file is under /etc/sysconfig/network-scripts/. The name is generally: ifcfg-eth0 ifcfg-eth1, eth0 represents the first network card, eth1 represents the second network card, and so on. Generally DELL R720 comes standard with 4 gigabit network cards.
First know the difference between centos7 and centos6
| Command | centos6 | centos7 | Remarks |
|---|---|---|---|
| ifconfig | Yes | Yum install -ynet-tools | |
| rouet | Yes | Yum install -ynet-tools | |
| ntpd service and ntpdate command | Yes | Yum install ntp ntpdate | |
| cat /etc/issue | has a version number | no information, can only view cat /etc/redhat-release | |
| setup | can change the network configuration | setup removes the firewall and network configuration, and installs the yum install NetworkManager-tui -ynmtui command to replace the network configuration in the setup | |
| Time zone and time settings | /etc/sysconfig/clock and other files | timedatectl set-timezone Asia/Shanghaitimedatectl status | |
| Language and other settings | locale -a | localectl status | |
| Service Management | chkconfig/etc/init.d/Service | systemctl | |
| python | 2.6 | 2.7 | |
| kernel | 2.6 | 3.10 | |
| Network card | eth0 | has become a predictable naming rule | |
| File system | ext4 | xfs | |
| dig nslookup command | Yes | Yum install bind-utils -y | |
| Hostname | cat /etc/sysconfig/network | cat /etc/hostname | |
| Service management and control | sysvinit | systemsystemctl is the most important tool. It integrates the functions of service and chkconfig. | |
| Firewall | iptables | replaced by firewalld | |
| Startup level | /etc/inittab | Not in use | |
| Boot execution file /etc/rc.local | Can place the script file to be executed at boot | By default, this file does not have execution permission. It is officially recommended not to use this file (write your own service), but you can add +x to continue using it. | |
| Kernel parameter configuration file | /etc/sysctl.conf | /usr/lib/sysctl.d/00-system.conf and /etc/sysctl.d/ |
|
| init shutdown restart command | init 0 shutdown | init 0 shutdown | no change |
| Switch level | Switch back to single-user mode init 0 | init 0systemctl emergencysystemctl isolate runlevel1.target | Be careful, don’t try this, single-user mode can only be connected with a terminal, not ssh |
Basic management tools for the installation system:
yum install tree net-tools bind-utils tree sysstat vim-en* lrzsz NetworkManager-tui ntp ntpdate iftop tcpdump telnet traceroute -y
Centos7 will find the network card name of ens330, how to change it to eth0
Reference: http://jingyan.baidu.com/album/7f41ecec1b022e593d095c1e.html?picindex=5
vim /etc/sysconfig/network-scripts/ifcfg-ens33
cd /etc/sysconfig/network-scripts/
mv ifcfg-ens33 ifcfg-eth0
Disable this predictable naming rule and disable the firmware to discover the network card name. /etc/default/grub and add "net.ifnames=0 biosdevname=0"
vim /etc/default/grub
Run the command grub2-mkconfig -o /boot/grub2/grub.cfg to regenerate the GRUB configuration and update the kernel parameters.
grub2-mkconfig -o /boot/grub2/grub.cfg #grug2-mkconfig is a command only used by centos, not in 6.
reboot
The system is optimized
One: Close ipv6 provided by sshd
vim /etc/ssh/sshd_config
# AddressFamily any
AddressFamily inet
Note: (inet is ipv4 only; inet6 is ipv6 only)
Two: turn off fireproof and setlinux
systemctl stop firewalld
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g'/etc/selinux/config
Note: You can study the reason why centos6 is replaced by firewalld in centos7.
firewalld should be an advanced version of iptable (but the two provided write rule management commands are iptables)
FirewallD provides a dynamic firewall management tool that supports network/firewall zones to define network links and interface security levels. It supports IPv4, IPv6 firewall settings and Ethernet bridging, and has runtime configuration and permanent configuration options. It also supports interfaces that allow services or applications to directly add firewall rules. The previous system-config-firewall/lokkit firewall model was static, and each modification required a complete restart of the firewall. This process includes the unloading of the kernel netfilter firewall module and the loading of the modules required for the new configuration. The uninstallation of the module will destroy the state firewall and established connections.
In contrast, the firewall daemon dynamically manages the firewall, and changes can be applied without restarting the entire firewall. Therefore, there is no need to reload all kernel firewall modules. However, to use the firewall daemon, all changes to the firewall must be implemented through the daemon to ensure that the state in the daemon is consistent with the firewall in the kernel. In addition, the firewall daemon cannot parse the firewall rules added by the ip*tables and ebtables command line tools.
The daemon provides information about the currently activated firewall settings through D-BUS, and also accepts changes made using PolicyKit authentication through D-BUS.
By default, iptables is not installed. If you are used to using iptables, you can turn off firewalld and replace it with iptables.
Install iptable service
# yum -y install iptables-services
If you want to save firewall rules, use the following command
# iptables-save > iptables-rules.txt
These rules can be added to the /etc/sysconfig/iptables file, but I often modify these rules according to my preferences
systemctl enable iptables
systemctl enable ip6tables
Stop firewalld
systemctl stop firewalld
Disable firewalld
systemctl disable firewalld
Open iptable service
systemctl start iptables
systemctl start ip6tables
Four: About network services
Old network script (service) and ifcfg file
Starting with Centos7, the network is managed by the NetworkManager service. Compared to the old /etc/init.d/network script, NetworkManager is a dynamic and event-driven network management service. The old /etc/init.d/network and ifup, ifdown, etc. still exist, but are in a standby state, that is, when NetworkManager is running, in most cases these scripts will call NetworkManager to complete network configuration tasks; when NetworkManager is not running, these scripts Just manage the network in accordance with the old tradition.
have to be aware of is:
1 ) Systemctl disable NetworkManager.service is not recommended
2 ) Because the old network script is not compatible with the new configuration item name IPADDR0/PREFIX0/GATEWAY0 in the ifcfg-* file
3 ) Unless the 0 at the back is removed, the network card cannot be started after booting
Command difference between CentOS 6 and CentOS 7
(1) Desktop system
[ CentOS6] GNOME 2.x
[ CentOS7] GNOME 3.x(GNOME Shell)
(2) File system
[ CentOS6] ext4
[ CentOS7] xfs
(3) Kernel version
[ CentOS6] 2.6.x-x
[ CentOS7] 3.10.x-x
(4) Boot loader
[ CentOS6] GRUB Legacy (+efibootmgr)
[ CentOS7] GRUB2
(5) Firewall
[ CentOS6] iptables
[ CentOS7] firewalld
(6) Default database
[ CentOS6] MySQL
[ CentOS7] MariaDB
(7) File structure
[ CentOS6] /bin, /sbin, /lib, and /lib64 under /
[ CentOS7] /bin, /sbin, /lib, and /lib64 moved to /usr
(8) CPU name
[ CentOS6] /etc/sysconfig/network
[ CentOS7] /etc/hostname
(9) Time synchronization [CentOS6] ntp ntpq -p
[ CentOS7] chrony chronyc sources
(10) Change the time
[ CentOS6]
$ vim /etc/sysconfig/clock
ZONE=”Asia/Tokyo”
UTC=fales
$ sudo ln -s /usr/share/zoneinfo/Asia/Tokyo /etc/localtime
[ CentOS7] timedatectlset−timezoneAsia/Tokyo timedatectl status
vim /etc/sysconfig/i18n LANG=”ja_JP.utf8″ /etc/sysconfig/i18n locale
[ CentOS7] localectlset−localeLANG=jaJP.utf8 localectl status
(12) Service related
1 ) Start stop [CentOS6] serviceservicenamestart service service_name stop
[ CentOS7] systemctlstartservicename systemctl stop service_name
Self-starting
[ CentOS6]
$ chkconfig service_name on/off
[ CentOS7] systemctlenableservicename systemctl disable service_name
Service overview
[ CentOS6]
$ chkconfig –list
[ CentOS7] systemctllist−unit−files systemctl –type service
Forced stop
[ CentOS6]
$ kill -9
[ CentOS7]
$ systemctl kill –signal=9 sshd
(13) The internet
1 ) Network information [CentOS6] netstat netstat -I
[ CentOS7] ipn ip -s l
2 ) IP address MAC address
[ CentOS6]
$ ifconfig -a
[ CentOS7]
$ ip address show
3 ) Route [CentOS6] route−n route -A inet6 -n
[ CentOS7] iprouteshow ip -6 route show
(14) Restart shutdown
1 )shut down
[ CentOS6]
$ shutdown -h now
[ CentOS7] poweroff systemctl poweroff
2 ) Restart [CentOS6] reboot shutdown -r now
[ CentOS7] reboot systemctl reboot
3 ) Single user mode
[ CentOS6]
$ init S
[ CentOS7]
$ systemctl rescue
4 ) Startup mode
[ CentOS6]
[ GUICUI]
$ vim /etc/inittab
id:3:initdefault:
[ CUIGUI]
$ startx
systemctl isolate graphical.target default systemctl set−defaultgraphical.target systemctl set-default multi-user.target current
Recommended Posts