搜索vps结果-伟大的郭大侠的博客

Hyper-V常用命令

2012-01-17 00:06:55

Powershell的Hyper-V模块以及说明文档都可以在以下网址下载:
http://pshyperv.codeplex.com/releases/view/38769
详细的命令说明都在名为PSHyperv-R2.pdf的文档中。
在没有安装powershell模块之前是不能使用powershell命令来管理Hyper-V的，
1.Start-VM 虚拟机开机
Start-VM -VM 虚拟机名 -Server 服务器名 -Wait -Force
-VM        指定要启动的虚拟机名称
-Server    指定虚拟机所在物理服务器，留空的话默认为"."，即本机。
-Wait      指定等待该项任务完成后再运行下面的命令，一般在连续做操作时用到
-Force     虚拟机开机时不会进一步弹出选项，因此该参数对于Start-VM好像没有什么作用
如果按顺序写参数值的话，前面的"-VM"、"-Server"等参数名可以省略。
示例:
Start-VM testvps    给testvps开机
Start-VM testvps -Wait ; Stop-VM testvps -Force 先给testvps开机再给testvps关机，这里必须用-Wait
否则第二条命令会报错，结果只开不关

2.Stop-VM 虚拟机关机（相当于直接按服务器关机按钮）
Stop-VM -VM 虚拟机名 -Server 服务器名 -Wait -Force
-Force     虚拟机关机时，会进一步弹出选项"是否确实要执行此操作?"。加该参数后不会现提示，直接选择默认值[Y]
其余参数与Start-VM类似。
示例:
Stop-VM testvps    给testvps关机，运行后会弹出提示，按Y后继续
Stop-VM testvps -Force    直接给testvps关机，不弹出提示
Start-VM testvps -Wait -Force ; Stop-VM testvps 先给testvps关机再给testvps开机，这里必须用-Wait，否则第二条命令会报错，结果只关不开
Get-VM -Running | Stop-VM -Wait    逐个停止服务器上所有运行中的

3.Invoke-VMShutdown 虚拟机关闭（关闭虚拟机中的Windows系统后再关机。该命令在Powershell V1版本中的命令名称为Shutdown-VM，两者等价）
Shutdown-VM -VM 虚拟机名 -Server 服务器名 -Wait -Force
参数与Stop-VM类似。
如果Hyper-V没有登录进本地桌面的话，不能使用该命令关闭。
示例:
Shutdown-VM testvps -Force 给testvps关闭系统关机，不弹出提示

4.Save-VM 虚拟机保存（保存虚拟机的当前状态。该命令在Powershell V1版本中的命令名称为Suspend-VM，两者等价）
Save-VM -VM 虚拟机名 -Server 服务器名 -Wait -Force
参数和使用与Start-VM和Stop-VM类似。
示例:
Save-VM testvps 将testvps保存状态

5.Export-VM 导出虚拟机
Export-VM -VM 虚拟机名 -Path 导出的路径 -Server 服务器名 -CopyState -Wait -Preserve -Force
-Path             指定虚拟机导出到的位置
-CopyState        该参数很重要，加了该参数时，导出完整的虚拟机信息，相当于管理界面中使用导出。如果不加只导出配置文件。
-Preserve         由于导出的配置文件在导入后即消失，加该参数可以创建一个importFiles.zip文件来保存该配置文件。
其余参数与Start-VM类似。
示例:
Export-VM testvps F:\vmbak -CopyState    导出虚拟机到F:\vmbak目录下

6.Get-VM 获得虚拟机对象，以便做其他操作
Get-VM -Name 虚拟机名 -Server 服务器名 -Suspended -Running -Stopped
-Name        虚拟机名称，用户按名称获得对应虚拟机对象。如果想要选择所有虚拟机，可以用"%"号或"*"号通配符
-Server      指定虚拟机所在物理服务器，留空的话默认为"."，即本机。
-Suspended   只获得处于"已保存"状态的虚拟机
-Running     只获得处于"正在运行"状态的虚拟机
-Stopped     只获得处于"关闭"状态的虚拟机
示例:
save-vm (get-vm -Running ) -force   将所有运行状态的虚拟机保存
start-vm (get-vm -Suspended)        将所有保存状态的虚拟机恢复运行

7.Get-VMMemory 查看虚拟机内存信息
Get-VMMemory -VM 虚拟机名 -Server 服务器名
示例:
Get-VMMemory 显示所有虚拟机的内存信息

8.Get-VMCPUCount 查看虚拟机CPU设置信息

9.Get-VMDisk 查看虚拟机硬盘信息

-----------------------------------------

更多Hyper-V补充命令参考：http://zhidao.zgsj.com/article/4/2011530113300.shtml

本文由中国数据（www.zgsj.com）原创,转载请保留此处
本文地址：http://zhidao.zgsj.com/article/4/2011530113013.shtml

在 CentOS 6 环境中配置 nginx + php-fpm + mysql

2011-12-08 19:03:55

yum -y install wget --noplugins
wget freevps.us/downloads/nginx-centos-6.sh -O - | bash

注意安装完成后 php-fpm 默认跑在 apache 用户上。

安装完成后，如果你需要的 PHP 扩展未安装，可输入如下命令查询：

yum list | grep ^php*

找到了扩展的名字，就可以直接安装了：

# 以 php memcache 扩展为例
yum install -y php-pecl-memcached

此外还遇到的问题是 DOMDocument 找不到，直接 yum 安装 php-xml：

yum install -y php-xml

所有扩展 yum 安装完成后都需要重新启动 / 载入 php-fpm。
贴下内容来看看（非最新版本，请直接下载 .sh 文件）：

#!/bin/bash

##################
# disable apache #
##################
service httpd stop 
chkconfig httpd off
service xinetd stop
chkconfig xinetd off
service saslauthd stop
chkconfig saslauthd off
service sendmail stop
chkconfig sendmail off
service postfix stop
chkconfig postfix off

#Optimize yum on OpenVZ
if [ -e "/proc/user_beancounters" ]
then
  sed -i 's/plugins=1/plugins=0/' /etc/yum.conf
fi

#remove all current PHP and MySQL, will reinstall later. Also, remove apache 
yum -y remove httpd php mysql rsyslog sendmail postfix

###################
# Add a few repos #
###################
# install the Atomic repo for php and nginx (may use epel for nginx depending on version)
wget -q -O - http://www.atomicorp.com/installers/atomic | sh

# RPMForge for nginx dependencies
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm

#EPEL for syslog-ng and nginx (may use atomic for nginx depending on version)
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm

################################
# Install PHP, NGINX and MySQL #
################################
#yum install GeoIP libGeoIP.so.1 --enablerepo=repoforge
yum -y install mysql-server php-fpm php-mysql php-gd nginx nano exim syslog-ng

#################
# install MySQL #
#################
#yum -y install mysql-server
cat > /etc/my.cnf <<END
[mysqld]
default-storage-engine = myisam
key_buffer = 8M
query_cache_size = 8M
query_cache_limit = 4M
max_connections=25
thread_cache=1
skip-innodb 
query_cache_min_res_unit=0
tmp_table_size = 4M
max_heap_table_size = 4M
table_cache=256
concurrent_insert=2 
END
echo  Do not worry if you see a error stopping MySQL or NGINX
/etc/init.d/mysqld stop
/etc/init.d/mysqld start

####################
# Set up NGINX PHP #
####################
cat > /etc/nginx/php <<END
index index.php index.html index.htm;

location ~ \.php$ {

   include fastcgi_params;
    fastcgi_intercept_errors on;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
  try_files \$uri =404;
    fastcgi_pass 127.0.0.1:9000;
    error_page 404 /404page.html; #makes nginx return it's default 404 
#	page instead of a blank page

} 
END

cat > /etc/nginx/nginx.conf <<END
user              nginx nginx;
worker_processes  2;

error_log         logs/error.log;

pid               logs/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    client_max_body_size 64M;
    sendfile        on;
    tcp_nopush      on;

    keepalive_timeout  3;

    gzip  on;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_types      text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    server_tokens off;

    include /etc/nginx/conf.d/*;
} 
END
rm /etc/nginx/conf.d/*
cat > /etc/nginx/conf.d/default.conf <<END
server {
    listen 80 default;
    server_name _;
    root /var/www/html;
    include php;

  } 
END
mkdir /usr/share/nginx/logs/
service nginx restart
chkconfig nginx on
chkconfig mysqld on

cat > /etc/php-fpm.d/www.conf <<END
; Start a new pool named 'www'.
[www]

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses on a
;                            specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1:9000

; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: -1
;listen.backlog = -1

; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
listen.allowed_clients = 127.0.0.1

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions. 
; Default Values: user and group are set as the running user
;                 mode is set to 0666
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0666

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = apache
; RPM: Keep a group allowed to write in log dir.
group = apache

; Choose how the process manager will control the number of child processes.
; Possible Values:
;   static  - a fixed number (pm.max_children) of child processes;
;   dynamic - the number of child processes are set dynamically based on the
;             following directives:
;             pm.max_children      - the maximum number of children that can
;                                    be alive at the same time.
;             pm.start_servers     - the number of children created on startup.
;             pm.min_spare_servers - the minimum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is less than this
;                                    number then some children will be created.
;             pm.max_spare_servers - the maximum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is greater than this
;                                    number then some children will be killed.
; Note: This value is mandatory.
pm = dynamic

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes to be created when pm is set to 'dynamic'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to either 'static' or 'dynamic'
; Note: This value is mandatory.
pm.max_children = 5

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 1

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. By default, the status page shows the following
; information:
;   accepted conn    - the number of request accepted by the pool;
;   pool             - the name of the pool;
;   process manager  - static or dynamic;
;   idle processes   - the number of idle processes;
;   active processes - the number of active processes;
;   total processes  - the number of idle + active processes.
; The values of 'idle processes', 'active processes' and 'total processes' are
; updated each second. The value of 'accepted conn' is updated in real time.
; Example output:
;   accepted conn:   12073
;   pool:             www
;   process manager:  static
;   idle processes:   35
;   active processes: 65
;   total processes:  100
; By default the status page output is formatted as text/plain. Passing either
; 'html' or 'json' as a query string will return the corresponding output
; syntax. Example:
;   http://www.foo.bar/status
;   http://www.foo.bar/status?json
;   http://www.foo.bar/status?html
; Note: The value must start with a leading slash (/). The value can be
;       anything, but it may not be a good idea to use the .php extension or it
;       may conflict with a real PHP file.
; Default Value: not set 
;pm.status_path = /status

; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
;       anything, but it may not be a good idea to use the .php extension or it
;       may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping

; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong

; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_terminate_timeout = 0

; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0

; The log file for slow requests
; Default Value: /var/log/php-fpm.log.slow
;slowlog = /var/log/php-fpm.log.slow

; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: chrooting is a great security feature and should be used whenever 
;       possible. However, all PHP paths will be relative to the chroot
;       (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot = 

; Chdir to this directory at the start. This value must be an absolute path.
; Default Value: current directory or / when chroot
;chdir = /var/www

; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Default Value: no
;catch_workers_output = yes

; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp

; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
;   php_value/php_flag             - you can set classic ini defines which can
;                                    be overwritten from PHP call 'ini_set'. 
;   php_admin_value/php_admin_flag - these directives won't be overwritten by
;                                     PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.

; Default Value: nothing is defined by default except the values in php.ini and
;                specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
php_admin_value[upload_max_filesize] = 32M
END

mkdir /var/www
mkdir /var/www/html/
useradd apache
service php-fpm start
chkconfig php-fpm on
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
service iptables save

wget freevps.us/downloads/setup-vhost.sh -O /bin/setup-vhost
chmod 755 /bin/setup-vhost
echo "alias nano='nano -w'" >> ~/.bashrc
clear
echo Installation done.
echo to create a vhost, run
echo setup-vhost example.com
echo do not include the www. subdomain.

VPS里优化CentOS 5.x">128M小内存VPS里优化CentOS 5.x

2011-04-14 00:14:56

PS：这篇优化总结不错，适合于小内存的VPS服务器。

CentOS 是免费的，并且有着 RHEL 的稳定，因此深受各大 hosting 服务商支持，几乎所有 Linux VPS 都支持 CentOS。

一般来说如果 VPS 配置较高我会选 CentOS，配置低的话就选 Debian，当然这是个人偏好，大多数 Linux VPS 服务商也会提供 Gentoo，不过每次安装程序，升级都要编译会消耗很多资源，耗时，而且性能没有明显提高，不推荐给配置低的 VPS。

VPS 服务商一般给的操作系统版本都是最小安装版本，或者优化过的版本。每个VPS服务商提供的版本都可能不同，安装 CentOS 的系统最低要求至少 64MB 内存（纯文字界面），1GB 硬盘空间。

安装和升级系统

1、登录 VPS 安装 CentOS 5。

2、安装完毕后马上升级整个系统。

yum update

有了一个干净的系统以后，剩下来就是加强和优化 Linux。

删除不必要的软件包，服务，用户，文件等

3、删除不需要的软件包。

yum remove Deployment_Guide-en-US finger cups-libs cups
bluez-libs desktop-file-utils ppp rp-pppoe wireless-tools irda-utils
nfs-utils nfs-utils-lib rdate fetchmail eject ksh mkbootdisk mtools
syslinux tcsh startup-notification talk apmd rmt dump setserial portmap yp-tools
ypbind

rpm -qa (列出所有安装了的包)
rpm -e package (删除某个包)
rpm -qi package (查询某个包)
rpm -qf command (根据程序查询包的名字)
rpm -ql package (查询某个包所有的安装文件)

4、删除一些不安全的软件包，并且用相应安全的软件替代，如: ssh/sftp/scp 替代 telnet, rsh, ftp, rcp
注意系统需要一个默认的 MAT，删除 Sendmail MAT 之前必须先安装一个，如: Postfix。

yum remove telnet rsh ftp rcp
yum install postfix
yum remove sendmail
/sbin/chkconfig postfix off

5、停掉并且删除一些不需要的 xinetd 服务。

/sbin/service xinetd stop; /sbin/chkconfig xinetd off
rm -rf /etc/xinetd.d

6、禁止一些 /etc/init.d/ 下面不需要的服务，更多信息请参考 “Understanding your (Red Hat Enterprise Linux) daemons, by Len DiMaggio”。

/sbin/chkconfig --list

for a in acpid anacron apmd atd autofs bluetooth cpuspeed cups gpm
hidd ip6tables irqbalance messagebus microcode_ctl netfs nfs nfslock
pcscd portmap readahead_early readahead_later rpcgssd rpcidmapd
sendmail smartd xinetd yum-updatesd; do /sbin/chkconfig $a off; done

7、重启系统后，检查一下正在运行中的服务，看看是不是都是必须的。

netstat -an | grep LISTEN
netstat -atunp

8、为了安全起见，删除一些不需要的用户。

cp /etc/passwd /etc/passwd.sav
cp /etc/group /etc/group.sav
for a in adm lp sync news uucp operator games gopher mailnull nscd rpc;
do /usr/sbin/userdel $a -f; done
for a in lp news uucp games gopher users floopy nscd rpc rpcuser nfsnobody;
do /usr/sbin/groupdel $a -f; done

加固和优化系统

9、打开防火墙。

system-config-securitylevel-tui

10、检查和禁止全局可写的 SUID 文件。

find / -perm +4000 -user root -type f -print
find / -perm +2000 -group root -type f -print
chmod u-s /full/path/to/filename
chmod g-s /full/path/to/filename

11、只允许 root 在一个 terminal 上登录，如: tty1。

vi /etc/securetty

12、避免其他用户按 Ctrl+Alt+Del 重启。

vi /etc/inittab

注释掉
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now

13、/etc/security/console.apps/ 下面有 root 用户登录 console 后可以运行的程序，全部删除。
rm -f /etc/security/console.apps/*

14、删除一些登录信息。

vi /etc/issue (warning at login prompt)
vi /etc/motd (warning after successful login)

15、只运行一个 virtual terminal，如果是 VPS 的话，自己不可能物理登录终端，可以全部禁止掉。

vi /etc/inittab
# Run gettys in standard runlevels
#1:2345:respawn:/sbin/mingetty tty1
#2:2345:respawn:/sbin/mingetty tty2
...

16、加固 SSH 安全。

vi /etc/ssh/sshd_config
Port 2222
Protocol 2
PermitRootLogin no
PermitEmptyPasswords no
X11Forwarding no
UsePAM no
UseDNS no
AllowUsers vpsee
Banner /etc/issue

17、安装 Bastille 软件包帮助加固。

rpm -Uvh perl-Curses-1.15-1.el5.rf.i386.rpm
rpm -ivh Bastille-3.0.9-1.0.noarch.rpm
/usr/sbin/bastille -c

18、优化 Linux 内核。

vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_redirects = 0

定制 Linux 内核

19、定制，编译，安装 Linux 内核。

yum install rpm-build ncurses ncurses-devel
rpm -ivh kernel-2.6.18-8.1.1.el5.data-original.rpm
cd /usr/data-original/redhat/SPECS
rpmbuild -bp --target i686 kernel-2.6.spec
cd /usr/data-original/redhat/BUILD/kernel-2.6.18/linux-2.6.18.i686
sed -i 's/EXTRAVERSION = -prep/EXTRAVERSION = -8.1.1.custom.el5/' Makefile
make menuconfig
make rpm
cd /usr/data-original/redhat/RPMS/i686
rpm -ivh kernel-2.6.18prep-1.rpm
/sbin/mkinitrd /boot/initrd-2.6.18-prep.img 2.6.18-prep (2.6.18-prep -> /lib/modules)
vi /boot/grub/menu.1st

20、修改 iptables，只允许 ssh，http 和 https 端口打开。

/sbin/iptables -F
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A OUTPUT -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 443 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
/sbin/iptables -A INPUT -j REJECT
/sbin/iptables -A FORWARD -j REJECT

然后查看一下 iptables：

iptables -L