[3.磁盘加密]
1.磁盘加密
fdisk /dev/vdb
partprobe
cryptsetup luksFormat /dev/vdb1 **加密/dev/vdb1磁盘
cryptsetup open /dev/vdb1 redhat **开启磁盘
mkfs.xfs /dev/mapper/redhat **格式化
mount /dev/mapper/redhat /mnt/ **将/dev/mapper/redhat挂载到/mnt
umount /mnt/ **卸载
cryptsetup close redhat **关闭redhat
2.加密磁盘永久挂载
vim /etc/crypttab **加密配置文件
[root@localhost ~]# cat /etc/crypttab
redaht /dev/vdb1 /root/lukspsfile
解密后设备管理文件 设备 加密字符
vim /root/lukspsfile **加密密码配置
[root@localhost ~]# cat /root/lukspsfile
kile2583
chmod 600 /root/lukspsfile
cryptsetup luksAddKey /dev/vdb1 /root/lukspsfile **将/root/lukspsfile中的密码应用到/dev/vdb1磁盘上
vim /etc/fstab **设置开机启动的配置
[root@localhost ~]# cat /etc/fstab
/dev/mapper/redhat /mnt xfs defaults 0 0
reboot **重启
[root@localhost mnt]# df **查看是否永久挂载
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3124648 7349252 30% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17024 925636 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
/dev/mapper/redhat 1043116 32932 1010184 4% /mnt
3.加密清除
vim /etc/fstab
> /etc/crypttab **清空/etc/crypttab文件信息
rm -rf /root/lukspsfile **删除/root/lukspsfile
umount /mnt/ **卸载
cryptsetup close redhat **关闭磁盘
mkfs.xfs /dev/vdb1 -f **强制格式化
4.磁盘列阵
fdisk /dev/vdb **创建3个分区(fd)
Device Boot Start End Blocks Id System
/dev/vdb1 2048 2099199 1048576 fd Linux raid autodetect
/dev/vdb2 2099200 4196351 1048576 fd Linux raid autodetect
/dev/vdb3 4196352 6293503 1048576 fd Linux raid auto
partprobe **磁盘同步
cat /proc/partitions
ll /dev/md0
mdadm -C /dev/md0 -a yes -l 1 -n 2 -x 1 /dev/vdb{1..3}
mkfs.xfs /dev/md0
mount /dev/md0 /mnt
mdadm -f /dev/md0 /dev/vdb1 **破坏磁盘
mdadm -r /dev/md0 /dev/vdb1 **删除磁盘(若正使用中需先卸载在删除)
mdadm -a /dev/md0 /dev/vdb1 **添加新磁盘
mdadm -D /dev/md0 **查看正运行磁盘
mdadm -f /dev/md0 /dev/vdb1
mdadm -f /dev/md0 /dev/vdb2
mdadm -r /dev/md0 /dev/vdb1
mdadm -r /dev/md0 /dev/vdb2
umount /mnt/
[root@localhost mnt]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3124776 7349124 30% /
devtmpfs 927072 0 927072 0% /dev
tmpfs 942660 140 942520 1% /dev/shm
tmpfs 942660 17092 925568 2% /run
tmpfs 942660 0 942660 0% /sys/fs/cgroup
mdadm -S /dev/md0
然后要取消直接删除vdb1 vdb2 vdb3
watch -n 1 cat /proc/mdstat **监控命令
[5.配额]
mount -o usrquota /dev/vdb1 /pub/
quotaon -uv /dev/vdb1
su - student
dd if=/dev/zero of=/pub/file bs=1M count=500
{1.lvm}
[1.lvm建立]
1.划分物理分区并把分区id修改为8e
pvs|pvdisplay
vgs|vgdisplay
lvs|lvdisplay
watch -n 1 'echo "=== pvinfo ===";pvs;echo "=== vginfo ===";vgs;echo "=== lvinfo ===";lvs'
pvcreate /dev/vdb1
vgcreate westos /dev/vdb1
lvcreate -L 100M -n lv0 westos
mkfs.xfs /dev/westos/lv0
mount /dev/westos/lv0 /mnt/
磁盘不够用,再增加一块:
lvextend -L 200 /dev/westos/lv0
mkfs.xfs /dev/westos/lv0
pvcreate /dev/vdb2
vgcreate westos /dev/vdb1
lvcreate -L 600M -n lv0 westos
xfs_growfs /dev/westos/lv0