##############################
##### unit4.管理系統存儲 #####
##############################
#########1.分區劃分##########
[root@localhost ~]# fdisk /dev/vdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x2f15e742.
Command (m for help): m ##幫助
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition ##刪除分區
g create a new empty GPT partition table
G create an IRIX (SGI) partition table
l list known partition types ##列出系統可用的分區類型
m print this menu
n add a new partition ##新建分區
o create a new empty DOS partition table
p print the partition table ##顯示分區
q quit without saving changes ##退出
s create a new empty Sun disklabel
t change a partition's system id ##修改分區功能id
u change display/entry units
v verify the partition table
w write table to disk and exit ##保存更改到分區表
x extra functionality (experts only)
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free) ##分區類型爲主分區
e extended ##分區類型爲擴展分區
Select (default p): p ##默認選p
Partition number (1-4, default 1): ##主分區id
First sector (2048-20971519, default 2048): ##此分區起始位置
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): +100M ##分區大小
Partition 1 of type Linux and of size 100 MiB is set
Command (m for help): p
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x2f15e742
Device Boot Start End Blocks Id System
/dev/vdb1 2048 206847 102400 83 Linux
Command (m for help): wq ##保存退出,如果按q表示放棄更改退出
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@localhost ~]# partprobe ##同步分區表(更新分區表)
[root@localhost ~]# cat /proc/partitions ##格式化
major minor #blocks name
253 0 10485760 vda
253 1 10484142 vda1
253 16 10485760 vdb
253 17 102400 vdb1
253 20 1 vdb4
注意:擴展分區的分區起始位置和分區大小都選擇建議選擇默認。
擴展分區的大小顯示爲1
###########2.磁盤分區格式化##########
[root@localhost ~]# blkid ##顯示可用的磁盤分區
/dev/vda1: UUID="9bf6b9f7-92ad-441b-848e-0257cbb883d1" TYPE="xfs"
[root@localhost ~]# mount /dev/vdb1 /mnt/ ##掛載分區
mount: /dev/vdb1 is write-protected, mounting read-only
mount: unknown filesystem type '(null)' ##該磁盤分區不可掛載,因爲文件系統無法識別
[root@localhost ~]# mkfs. ##按tab之後會顯示該系統可格式化的文件系統類型
mkfs.btrfs mkfs.ext2 mkfs.ext4 mkfs.minix mkfs.vfat
mkfs.cramfs mkfs.ext3 mkfs.fat mkfs.msdos mkfs.xfs
[root@localhost ~]# mkfs.xfs /dev/vdb1 ##linux一般選擇xfs文件系統
meta-data=/dev/vdb1 isize=256 agcount=4, agsize=6400 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=25600, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
注意:擴展分區不用修改文件系統
###########3.swap分區###########
[root@localhost ~]# vim /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed May 7 01:22:57 2014
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=9bf6b9f7-92ad-441b-848e-0257cbb883d1 / xfs defaults 1 1
/dev/vdb6 swap swap defaults 0 0
/dev/vdb5 /mnt xfs defaults 0 0
|| || || || || ||
設備名稱 掛載點 設備類型 掛載參數 是否備份 是否檢測
#########4.磁盤加密##########
1.磁盤加密
(1).創建一個磁盤
[root@desktop19 ~]# fdisk /dev/vdb
.... ##此過程參照第一小節
[root@desktop19 ~]# cat /proc/partitions
major minor #blocks name
253 0 10485760 vda
253 1 10484142 vda1
253 16 10485760 vdb
253 17 102400 vdb1
(2).加密
[root@desktop19 ~]# cryptsetup luksFormat /dev/vdb1
WARNING!
========
This will overwrite data on /dev/vdb1 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter passphrase: ##密碼必須是大於8位的字符數字組合
Verify passphrase:
[root@desktop19 ~]# mount /dev/vdb1 /mnt/
mount: unknown filesystem type 'crypto_LUKS' ##無法掛載,因爲無法識別該分區的文件系統
(3).打開鎖
[root@desktop19 ~]# cryptsetup open /dev/vdb1 tbr
Enter passphrase for /dev/vdb1:
[root@desktop19 ~]# ll /dev/mapper/
total 0
crw-------. 1 root root 10, 236 11月 5 20:58 control
lrwxrwxrwx. 1 root root 7 11月 5 21:27 tbr -> ../dm-0
(4).創建文件系統
[root@desktop19 ~]# mkfs.xfs /dev/mapper/tbr
meta-data=/dev/mapper/tbr isize=256 agcount=4, agsize=6272 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=25088, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
(5).掛載
[root@desktop19 ~]# mount /dev/mapper/tbr /mnt/
============這之後就可以在掛載好的/mnt/路徑下作操作了===========
(6).卸載
[root@desktop19 ~]# cryptsetup close tbr
device-mapper: remove ioctl on tbr failed: Device or resource busy
[root@desktop19 ~]# umount /dev/mapper/tbr
(7).關閉鎖
[root@desktop19 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3809024 6664876 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 84 942576 1% /dev/shm
tmpfs 942660 17092 925568 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
2.加密磁盤的永久掛載
[root@desktop19 ~]# df ##當前狀態/dev/mapper/tbr並未掛載到/mnt下
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3809024 6664876 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 84 942576 1% /dev/shm
tmpfs 942660 17092 925568 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
[root@desktop19 ~]# vim /etc/crypttab
tbr /dev/vdb1 /root/lukspsfile
|| || ||
解密後設備管理文件 設備 加密字符存放文件
[root@desktop19 ~]# vim /root/lukspsfile ##配置加密字符存放文件
tbr952q8 ##加密時用的密碼
[root@desktop19 ~]# chmod 600 /root/lukspsfile ##修改加密配置文件的權限爲只有root可rw
[root@desktop19 ~]# cryptsetup luksAddKey /dev/vdb1 /root/lukspsfile
Enter any passphrase:
##關聯磁盤,加密文件
[root@desktop19 ~]# vim /etc/fstab ##設置開機自動掛載
/dev/mapper/tbr /mnt xfs defaults 0 0
[root@desktop19 ~]# reboot ##重啓
[root@desktop19 ~]# df ##當重啓之後/dev/mapper/tbr就已經掛載到/mnt下了
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3808176 6665724 37% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 84 942576 1% /dev/shm
tmpfs 942660 17036 925624 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
/dev/mapper/tbr 96940 5176 91764 6% /mnt
3.加密清除
[root@desktop19 ~]# vim /etc/fstab ##刪除開機自動掛載的配置
/dev/mapper/tbr /mnt xfs defaults 0 0 ##刪除該行
[root@desktop19 ~]# > /etc/crypttab ##刪除
[root@desktop19 ~]# rm -fr /root/lukspsfile
[root@desktop19 ~]# umount /mnt/
[root@desktop19 ~]# cryptsetup close tbr
[root@desktop19 ~]# mkfs.xfs /dev/vdb1
mkfs.xfs: /dev/vdb1 appears to contain an existing filesystem (crypto_LUKS).
mkfs.xfs: Use the -f option to force overwrite.
[root@desktop19 ~]# mkfs.xfs /dev/vdb1 -f
meta-data=/dev/vdb1 isize=256 agcount=4, agsize=6400 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=25600, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
###########5.磁盤陣列############
軟raid====硬raid
raid 0 1 5
0:2塊磁盤同時存1份數據
1:2塊磁盤同時存兩份數據
5:0+1
1.創建磁盤陣列
監控命令:
[root@desktop19 ~]# watch -n 1 cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 vdb3[2](S) vdb2[1] vdb1[0] ##(S)-spare表示該設備閒置
102272 blocks super 1.2 [2/2] [UU]
(1).先創建3個磁盤,並依次將其id改爲fd
Command (m for help): t
Partition number (1-3, default 3): 1
1e Hidden W95 FAT1 80 Old Minix
Hex code (type L to list all codes): fd ##在L中查看id號是:fd Linux raid auto
Changed type of partition 'Linux' to 'Linux raid autodetect'
(2).創建磁盤陣列
[root@desktop19 ~]# mdadm -C /dev/md0 -a yes -l 1 -n 2 -x 1 /dev/vdb{1..3}
##-C 創建磁盤陣列 ##-a 如果文件不存在則自動創建 ##-l 磁盤陣列level(raid 0,1,5)
##-n 設備個數 ##-x 閒置設備個數
mdadm: Note: this array has metadata at the start and
may not be suitable as a boot device. If you plan to
store '/boot' on this device please ensure that
your boot-loader understands md/v1.x metadata, or use
--metadata=0.90
Continue creating array?
Continue creating array? (y/n) y
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md0 started.
[root@desktop19 ~]# mkfs.xfs /dev/md0
meta-data=/dev/md0 isize=256 agcount=4, agsize=6392 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=25568, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime = none extsz=4096 blocks=0, rtextents=0
[root@desktop19 ~]# mount /dev/md0 /mnt/
2.刪除磁盤陣列
(1).破壞md0中的vdb1,2--->刪除md0中的vdb1,2---->注意:剩下最後一個vdb3只能用(2)之後的步驟來刪除了
[root@desktop19 ~]# mdadm -f /dev/md0 /dev/vdb1 ##-f(faulty) 破壞md0的vdb1
[root@desktop19 ~]# mdadm -D /dev/md0 ##-D 顯示md0的使用情況
/dev/md0:
Version : 1.2
Creation Time : Sat Nov 5 22:59:22 2016
Raid Level : raid1
Array Size : 102272 (99.89 MiB 104.73 MB)
Used Dev Size : 102272 (99.89 MiB 104.73 MB)
Raid Devices : 2
Total Devices : 3
Persistence : Superblock is persistent
Update Time : Sat Nov 5 23:32:37 2016
State : clean
Active Devices : 2
Working Devices : 2
Failed Devices : 1
Spare Devices : 0
Name : desktop19.example.com:0 (local to host desktop19.example.com)
UUID : 111646c2:8aa85c7a:c5f0b2c6:23a93cdc
Events : 36
Number Major Minor RaidDevice State
2 253 19 0 active sync /dev/vdb3
1 253 18 1 active sync /dev/vdb2
0 253 17 - faulty /dev/vdb1
[root@desktop19 ~]# mdadm -r /dev/md0 /dev/vdb1 ##-r(remove) 刪除md0中的vdb1
[root@desktop19 ~]# mdadm -D /dev/md0
Number Major Minor RaidDevice State
2 253 19 0 active sync /dev/vdb3
1 253 18 1 active sync /dev/vdb2
(補充:
[root@desktop19 ~]# mdadm -a /dev/md0 /dev/vdb1 ##-a(add) 添加vdb1到md0
[root@desktop19 ~]# mdadm -D /dev/md0
Number Major Minor RaidDevice State
2 253 19 0 active sync /dev/vdb3
1 253 18 1 active sync /dev/vdb2
3 253 17 - spare /dev/vdb1
)
[root@desktop19 ~]# mdadm -f /dev/md0 /dev/vdb3
mdadm: set device faulty failed for /dev/vdb3: Device or resource busy
##當破壞到vdb3的時候報錯,只能使用以下步驟來繼續刪除
(2).卸載md0
[root@desktop19 ~]# umount /mnt/
(3).停止磁盤陣列md0
[root@desktop19 ~]# mdadm -S /dev/md0
mdadm: stopped /dev/md0
(4).依次刪除磁盤陣列所用的磁盤
[root@desktop19 ~]# fdisk /dev/vdb
Command (m for help): d ##刪除分區
Partition number (1-3, default 3):
Command (m for help): p ##顯示該磁盤分區
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x27721115
Device Boot Start End Blocks Id System
Command (m for help): wq ##保存退出
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@desktop19 ~]# partprobe ##注意:做完之後不要忘記同步分區表
###########6.配額#############
超出的限額會在7天后清除。
注意:配額是針對於分區的,只在該分區裏生效。是該用戶在該分區下的限額。