CentOS Linux release 7.9.2009 编译安装最新版HAProxy 2.8 LTS长期支持版,并创建Shell监听脚本

编译安装HAProxy 2.8 LTS版本,官方源码包下载地址:http://www.haproxy.org/download/

由于CentOS7 之前版本自带的lua版本比较低并不符合HAProxy要求的lua最低版本(5.3)的要求,因此需要编译安装较新版本的lua环境,然后才能编译安装HAProxy。

1、查看现有的lua版本,如果版本太旧需要先更新lua

lua -v 
Lua 5.1.4  Copyright (C) 1994-2008 Lua.org, PUC-Rio

2、安装基础命令及编译依赖环境

yum install gcc readline-devel

3、下载和编译lua-5.4.6

cd /usr/local/src
wget --no-check-certificate https://www.lua.org/ftp/lua-5.4.6.tar.gz
tar xvf lua-5.4.6.tar.gz

开始编译

cd  lua-5.4.6
make linux test

查看编译安装的版本
src/lua -v
Lua 5.4.6  Copyright (C) 1994-2023 Lua.org, PUC-Rio

把旧版本移走,换成新的版本
mv /usr/bin/lua /usr/bin/lua.old
cp /usr/local/src/lua-5.4.6/src/lua /usr/bin/lua

确认现在的版本
lua -v 
Lua 5.4.6  Copyright (C) 1994-2023 Lua.org, PUC-Rio

4、安装Haproxy

创建用户
useradd -r -s /sbin/nologin haproxy

5、安装依赖

yum -y install gcc openssl-devel pcre-devel systemd-devel

6、下载和编译

wget --no-check-certificate  https://www.haproxy.org/download/2.8/src/haproxy-2.8.9.tar.gz
tar xvf haproxy-2.8.9.tar.gz
cd haproxy-2.8.9/


make TARGET=linux-glibc USE_OPENSSL=1 USE_PCRE=1 USE_SYSTEMD=1 USE_LUA=1 LUA_INC=/usr/local/src/lua-5.4.6/src LUA_LIB=/usr/local/src/lua-5.4.6/src
make install PREFIX=/etc/haproxy

创建软连接
ln -s /etc/haproxy/sbin/haproxy /usr/bin/haproxy
www.zhangfangzhou.cn
查看版本
haproxy -v
HAProxy version 2.8.9-1842fd0 2024/04/05 - https://haproxy.org/
Status: long-term supported branch - will stop receiving fixes around Q2 2028.
Known bugs: http://www.haproxy.org/bugs/bugs-2.8.9.html
Running on: Linux 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64

7、创建配置文件

vi /etc/haproxy/haproxy.cfg
global
  maxconn 100000
  chroot /etc/haproxy
  stats socket /var/tmp/haproxy.sock mode 600 level admin
  user haproxy
  group haproxy
  daemon
  pidfile /var/tmp/haproxy.pid

defaults
  option http-keep-alive
  option forwardfor
  maxconn 100000
  mode http
  timeout connect 300000ms
  timeout client 300000ms
  timeout server 300000ms

listen stats
  mode http
  bind 0.0.0.0:3306
  stats enable
  log global
  stats uri /haproxy-status
  stats auth haadmin:Admin@2018..

listen db_port
  bind :3306
  mode tcp
  log global
  balance roundrobin
  option tcplog
  server db1 10.53.123.104:3306 check inter 3000 fall 2 rise 3
  server db2 10.53.123.105:3306 check inter 3000 fall 2 rise 3
  server db3 10.53.123.106:3306 check inter 3000 fall 2 rise 3


8、创建service服务

vi /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/bin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/bin/haproxy -Ws -f /etc/haproxy/haproxy.cfg
ExecReload=/bin/kill -USR2 $MAINPID
LimitNOFILE=100000

[Install]
WantedBy=multi-user.target

systemctl enable haproxy
systemctl start haproxy
9、设置监听脚本

vi ha_watchdog.sh
#!/bin/bash
#www.zhangfangzhou.cn
# 定义日志文件路径
LOG_FILE="/var/log/haproxy_watchdog.log"

# 定义 HAProxy 进程的名称
HAPROXY_PROCESS="haproxy"

# 检查 HAProxy 进程是否在运行
check_haproxy_process() {
    # 使用 pgrep 命令检查是否存在名为 haproxy 的进程
    pgrep -x $HAPROXY_PROCESS > /dev/null
}

# 启动 HAProxy 进程
start_haproxy() {
    echo "$(date +'%Y-%m-%d %H:%M:%S') - Starting HAProxy..." >> $LOG_FILE
    systemctl start haproxy
}

# 主循环
while true; do
    # 检查 HAProxy 进程是否在运行
    if ! check_haproxy_process; then
        # 如果进程不存在,则重新启动 HAProxy 并记录日志
        start_haproxy
    fi
    # 休眠一段时间后再次检查
    sleep 60
done


#设置开机启动
chmod +x ha_watchdog.sh

vi /etc/rc.local
nohup /root/ha_watchdog.sh &

CentOS6和CentOS7更高的内核 一键安装[lotServer] 锐速 Vicer

1.支持更高的Linux内核一键安装[lotServer] 锐速.
2.支持一键完全卸载[lotServer] 锐速 (此脚本安装的无残留).
3.不支持自动更换内核. CentOS6和CentOS7 一键更换内核,一键安装锐速[lotServer]
4.不支持OpenVZ.
所有内容均来自互联网.本人不负任何法律责任,仅供学习使用.
Update:2019.04.15

一键安装[lotServer] 锐速:
bash <(wget --no-check-certificate -qO- https://github.com/MoeClub/lotServer/raw/master/Install.sh) install

一键卸载[lotServer] 锐速:
bash <(wget --no-check-certificate -qO- https://github.com/MoeClub/lotServer/raw/master/Install.sh) uninstall

使用方法:
启动命令 /appex/bin/lotServer.sh start
停止加速 /appex/bin/lotServer.sh stop
状态查询 /appex/bin/lotServer.sh status
重新启动 /appex/bin/lotServer.sh restart

1.更新许可证(有效期为6个月)
wget -qO '/appex/etc/apx.lic' "https://api.moeclub.org/lotServer?ver=1&mac=00:00:00:00:00:00"
使用 ifconfig 查看网卡 mac 地址,替换 00:00:00:00:00:00 (当内核版本号小于等于 3.11.20.10 时, 请设置 ver=0)

2.使用KeyGen, 更新许可证(lic文件)(有效期到2099年)
git clone https://github.com/Tai7sy/LotServer_KeyGen
cd LotServer_KeyGen
php keygen.php 00:00:00:00:00:00 (使用 ifconfig 查看网卡 mac 地址,替换 00:00:00:00:00:00)
cp out.lic /appex/etc/apx.lic
状态查询 /appex/bin/lotServer.sh status

3.CentOS7启动自动运行lotServer
chmod +x /etc/rc.local
vi /etc/rc.local
添加su - root -c "/appex/bin/lotServer.sh start"

图为CentOS Linux release 7.5.1804 安装[lotServer] 锐速

使用 FRP 内网穿透| 适用于Linux Windows服务端

使用 FRP 内网穿透| 适用于Linux Windows服务端
1、很多情况下处于NAT网络环境中没有公网IP,这个时候可疑通过FRP服务器的转发进行内网穿透。frp内网穿透服务器搭建和frp使用方法。
本教程是使用TCP模式(连接内网Windows的远程桌面),frp客户端和frp服务端以Windows服务的方式在后台默默运行,还可以使用UDP、HTTP、HTTPS模式。
2、为什么不再使用ngork
ngork2.0不再开源

3、Linux服务端安装
wget --no-check-certificate https://raw.githubusercontent.com/clangcn/onekey-install-shell/master/frps/install-frps.sh -O ./install-frps.sh
chmod 700 ./install-frps.sh
./install-frps.sh install
或者手动安装
https://github.com/fatedier/frp/releases/download/v0.16.1/frp_0.16.1_linux_386.tar.gz
https://github.com/fatedier/frp/releases/download/v0.16.1/frp_0.16.1_linux_amd64.tar.gz
tar -zxvf frp_0.16.1_linux_amd64.tar.gz
mv frp_0.16.1_linux_amd64 frp
vi /etc/rc.local
su - root -c "/root/frp/frps -c /root/frp/frps.ini -L /root/frp/frps.log"

https://github.com/fatedier/frp/releases/download/v0.21.0/frp_0.21.0_linux_amd64.tar.gz
tar -zxvf frp_0.21.0_linux_amd64.tar.gz
mv frp_0.21.0_linux_amd64 frp
vi /etc/rc.local
su - root -c "/root/frp/frps -c /root/frp/frps.ini" #这样日志会在/root目录下

4、Windows服务端安装
https://github.com/fatedier/frp/releases
https://github.com/fatedier/frp/releases/download/v0.16.1/frp_0.16.1_windows_386.zip
https://github.com/fatedier/frp/releases/download/v0.16.1/frp_0.16.1_windows_amd64.zip
解压即可

5、frp服务端配置文件,基本包含frps_full.ini全部的配置了
frps.ini
---------------------------------------------------------------------------------------------------
[common]
bind_addr = 0.0.0.0
bind_port = 5443
# udp port used for kcp protocol, it can be same with 'bind_port'
# if not set, kcp is disabled in frps
kcp_bind_port = 5443

# set dashboard_addr and dashboard_port to view dashboard of frps
# dashboard_addr's default value is same with bind_addr
# dashboard is available only if dashboard_port is set
dashboard_addr = 0.0.0.0
dashboard_port = 7500

# dashboard user and pwd for basic auth protect, if not set, both default value is admin
dashboard_user = admin
dashboard_pwd = admin

# assets_dir = ./static
vhost_http_port = 8080
vhost_https_port = 4443
log_file = ./frps.log
# debug, info, warn, error
log_level = info
log_max_days = 30

# privilege mode is the only supported mode since v0.10.0
privilege_token = hLzzySjVo1kMJgaz
# heartbeat configure, it's not recommended to modify the default value
# the default value of heartbeat_timeout is 90
# heartbeat_timeout = 90

# only allow frpc to bind ports you list, if you set nothing, there won't be any limit
#privilege_allow_ports = 1-65535
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 50

# authentication_timeout means the timeout interval (seconds) when the frpc connects frps
# if authentication_timeout is zero, the time is not verified, default is 900s
authentication_timeout = 900

# if subdomain_host is not empty, you can set subdomain when type is http or https in frpc's configure file
# when subdomain is test, the host used by routing is test.frps.com
subdomain_host = frps.com

# if tcp stream multiplexing is used, default is true
tcp_mux = true

服务端简洁配置
[common]
bind_addr = 0.0.0.0
bind_port = 55443
kcp_bind_port = 55443
log_file = ./frps.log
log_level = info
log_max_days = 30
privilege_token = hLzzySjVo1kMJgaz
max_pool_count = 50
tcp_mux = true
authentication_timeout = 900
#frp_0.21会出现下面的错误,FRP 客户端所在机器和 FRP 服务端所在机器的时间相差不能超过 15 分钟
login to server failed: authorization faile
2018/09/27 14:31:15 [W] [service.go:262] authorization failed
-------------------
6、Windows 启动frp服务器
frps.exe -c frps.ini
Windows快速添加通过防火墙规则
netsh advfirewall firewall add rule name="Open Port 5443" dir=in action=allow protocol=TCP localport=5443
netsh advfirewall firewall add rule name="Open Port 5443" dir=in action=allow protocol=TCP localport=6443
netsh advfirewall firewall add rule name="Open Port 4443" dir=in action=allow protocol=TCP localport=4443
netsh advfirewall firewall add rule name="Open Port 23689" dir=in action=allow protocol=TCP localport=23689
netsh advfirewall firewall add rule name="Open Port 8080" dir=in action=allow protocol=TCP localport=8080

Windows 开机自启动frp服务器
控制面板 ---> 管理工具 ---> 任务计划程序

或者运行框输入下面代码,添加启动项 #这样必须登录系统才开始运行服务
%programdata%\Microsoft\Windows\Start Menu\Programs\Startup
-------------------
7、linux 启动frp服务器
frps -c frps.ini

Linux 开机自启动frp服务器
vi /etc/rc.d/rc.local #centos7 chmod +x /etc/rc.d/rc.local
su - root -c "/root/frp/frps -c /root/frp/frps.ini"

vi /etc/rc.local
su - root -c "/root/frp/frps -c /root/frp/frps.ini"
iptables -I INPUT -p tcp -m multiport --dports 55443,55446,55448 -j ACCEPT;service iptables save;service iptables restart
---------------------------------------------------------------------------------------------------
8、客户端配置文件tcp_model
frps.ini
----------
[common]
server_addr = 122.114.xx.xx
server_port = 5443
log_file = ./frpc.log
log_level = info
log_max_days = 30
privilege_token = hLzzySjVo1kMJgaz
pool_count = 50
tcp_mux = true
login_fail_exit = true
protocol = tcp
[tcp_mode]
privilege_mode = true
type = tcp
local_ip = 127.0.0.1
local_port = 3389
remote_port = 23689

验证登录远程桌面122.114.xx.xx:23689

[ssh]
# tcp | udp | http | https | stcp | xtcp, default is tcp
type = tcp
local_ip = 127.0.0.1
local_port = 22
# true or false, if true, messages between frps and frpc will be encrypted, default is false
use_encryption = false
# if true, message will be compressed
use_compression = false
# remote port listen by frps
remote_port = 6001
# frps will load balancing connections for proxies in same group
group = test_group
# group should have same group key
group_key = 123456
--------------
9、客户端配置文件http_model
[common]
server_addr = 122.114.xx.xx
server_port = 5443
log_file = ./frpc.log
log_level = info
log_max_days = 30
privilege_token = hLzzySjVo1kMJgaz
pool_count = 50
tcp_mux = true
login_fail_exit = true
protocol = http
[web]
type = http
local_ip = 127.0.0.1
local_port = 80
use_encryption = false
use_compression = false
subdomain = frp.asuhu.com
-------------------
启动客户端
frpc.exe -c frpc.ini

华为Quidway S3300系列交换机,配置管理IP,清除console密码,配置telent和http密码

华为Quidway S3300系列交换机,配置管理IP,清除console密码,配置telent和http密码
华为Quidway S3300系列交换机清除console密码
1、使用console数据线加USB转串口线链接到console口
2、在重启交换机的时候,连续按Ctrl+B,进入BOOTROM memu (Press Ctrl+B to enter BOOTROM memu)
3、输入密码,如果没修改过的话,可能是huawei或者Admin@huawei.com
4、选择7 Cler password for console user,然后按1启动

华为Quidway S3300系列交换机配置管理IP
#system-view //进入系统视图
#interface vlanif 1 //进入vlan1接口视图
#ip address 192.168.0.2 255.255.255.0 //配置接口的IP地址
#display vlan 1

华为Quidway S3300系列交换机配置telent和http密码
1、输入console密码进入交换机界面
2、添加用户和密码
#aaa
#local-user admin password cipher huawei //admin的密码设置为huawei
#local-user h3c password cipher huawei //添加用户h3c,密码设置为huawei
#local-user admin privilege level 3 //设置账号级别,3为最高
#local-user h3c privilege level 3 //设置账号级别,3为最高 或者local-user h3c level 3
#local-user service-type telnet //设置本地账户服务类型是telnet
#quit
#user-interface vty 0 4
#authentication-mode aaa //设置登录用户的验证方式为aaa
#protocal bind telnet //绑定telnet协议
#protocal bind ssh

华为Quidway S3300系列交换机创建页面web网管账号
#system-view //进入系统视图
#http server enable //使能http服务
#aaa //进入aaa视图
#local-user huawei password cipher huawei //添加用户huawei,密码设置为huawei
#local-user huawei service-type http //huawei的访问类型为http
#q //返回系统视图
#www.zhangfangzhou.cn

Linux环境下更新DELL PowerEdge R710 BIOS版本

Linux环境下更新DELL PowerEdge R710 BIOS版本
更新BIOS帮助保持DELL PowerEdge R710系统软件最新并与其它系统模块(固件,BIOS,驱动程序和软件)兼容的功能增强或更改。

升级BIOS需谨慎,R710使用CentOS7.3升级BIOS,有一次导致了内核崩溃。

http://www.dell.com/support/home/cn/zh/cnbsd1/product-support/servicetag/7MT4S2X/
http://www.dell.com/support/home/cn/zh/cnbsd1/product-support/servicetag/7mt4s2x/drivers

Windows 版本 https://downloads.dell.com/FOLDER01631935M/1/R710_BIOS_4HKX2_WN64_6.4.0.EXE
Linux 版本 https://downloads.dell.com/FOLDER01631932M/1/R710_BIOS_4HKX2_LN_6.4.0.BIN

Windows 版本下载完毕直接点击exe进行升级
Linux 版本下载完毕后
chmod +x R710_BIOS_4HKX2_LN_6.4.0.BIN
./R710_BIOS_4HKX2_LN_6.4.0.BIN
输入y
确认重启输入y

登录进入dell的IDRAC(Integrated Dell Remote Access Controller 6),查看BIOS版本
或者进入linux系统输入dmidecode | more,查看bios的版本号

Dell PowerEdge R710用ghost for linux (g4l)备份linux系统

Dell PowerEdge R710用ghost for linux (g4l)备份linux系统
g4l原理是利用dd命令备份硬盘分区信息及存有数据的扇区,空闲的扇区并不被保存。

1、下载https://sourceforge.net/projects/g4l/或者https://sourceforge.net/projects/g4l/files/
2、进入dell的IDRAC(Integrated Dell Remote Access Controller 6),选中控制要/介质,点击配置,虚拟介质的状态选择附加,应用。
3、打开虚拟控制台,添加镜像,点击映射。
4、默认启动,到输入界面输入g41,回车。
5、选择RAW Mode(可以备份/还原任何文件系统,支持本地和网络克隆)。
接下来选择本地还是网络克隆,我这儿选择网络克隆
Network use:将镜像文件备份到ftp服务器上,还原也从ftp服务器还原
Local use:可以通过samb共享或者ssh备份到其他机子上
Click ‘n’ Clone:硬盘对刻(目标硬盘容量一定要不小于要备份的硬盘容量)

A:配置克隆传输要用的网卡
B:本机IP(如无DHCP服务器可以手工设置)
D:配置FTP服务器IP
E:配置FTP用户名和密码
F:配置备份生成的镜像名字
G:选择备份镜像压缩格式,也可以选择压缩,不压缩的可以用DiskGenius直接打开备份的虚拟磁盘文件
H:配置完选择此项进行备份
I:配置完选择此项进行还原
M:备份MBR和分区表
P:配置镜像文件在服务器上的存放目录img文件

6、择要备份的硬盘或分区。
7、接下来开始备份等待结束。
8、img文件夹要实现存在,且有读写权限。

CentOS6和CentOS7 一键更换内核,一键安装锐速[lotServer]

CentOS6和CentOS7 一键更换内核,一键安装锐速[lotServer][serverSpeeder ]

CentOS6和CentOS7 一键更换内核,完成后会重启
wget --no-check-certificate https://www.zhangfangzhou.cn/sh/ruisu.sh
bash ruisu.sh


手动更换内核
CentOS6更换内核
rpm -ivh http://file.asuhu.com/kernel/kernel-firmware-2.6.32-504.3.3.el6.noarch.rpm
rpm -ivh http://file.asuhu.com/kernel/kernel-2.6.32-504.3.3.el6.x86_64.rpm --force

查看内核版本
cat /boot/grub/grub.conf | awk '$1=="title" {print i++ " : " $NF}'
0 : (2.6.32-504.3.3.el6.x86_64)
1 : (2.6.32-642.13.1.el6.x86_64)

确认内核版本
cat /boot/grub/grub.conf | awk '$1=="title" {print i++ " : " $NF}'|grep '2.6.32-504'|awk '{print $1}'

设置启动的内核
vi /boot/grub/grub.conf
default=0

重启
reboot

确认内核版本
uname -r
2.6.32-504.3.3.el6.x86_64


CentOS7更换内核
rpm -ivh http://file.asuhu.com/kernel/kernel-3.10.0-229.1.2.el7.x86_64.rpm --force

查看内核
awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
0 : CentOS Linux 7 Rescue 1f0eb10f866e4eeea5ec2c016d383869 (3.10.0-229.1.2.el7.x86_64)
1 : CentOS Linux (3.10.0-229.1.2.el7.x86_64) 7 (Core)
2 : CentOS Linux (3.10.0-514.2.2.el7.x86_64) 7 (Core)
3 : CentOS Linux (0-rescue-98f15324ee1542fdaf9b60c933ff0e2c) 7 (Core)

设置启动的内核
grub2-set-default `awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg | grep '(3.10.0-229.1.2.el7.x86_64) 7 (Core)'|awk '{print $1}'`
grub2-editenv list #查看确认
reboot 重启


CentOS6和7 更换内核完成一键安装锐速[lotServer]

wget --no-check-certificate -O appex.sh https://raw.githubusercontent.com/0oVicero0/serverSpeeder_Install/master/appex.sh && chmod +x appex.sh && bash appex.sh install

安装完成后检测是否启用
lsmod |grep appex

卸载
wget --no-check-certificate -O appex.sh https://raw.githubusercontent.com/0oVicero0/serverSpeeder_Install/master/appex.sh && chmod +x appex.sh && bash appex.sh uninstall

使用此脚本安装时如遇许可证错误,可尝试使用此命令更新许可证
bash /appex/bin/serverSpeeder.sh renewLic


VPS推荐
搬瓦工/bandwagonhost – $18/年 KVM 1核 512M 10G 500G 1Gbps 六机房
https://blog.asuhu.com/bandwagonhost.aspx

Ruijie 10G Ethernet Switch with PoE (S2910C-48GT2XS-HP-E)

switch0

switch1
C315#show version
System description : Ruijie 10G Ethernet Switch with PoE (S2910C-48GT2XS-HP-E) By Ruijie Networks
System start time : 2016-06-17 11:06:19
System uptime : 0:00:18:58
System hardware version : 1.01
System software version : S2910_RGOS 11.4(1)B1
System patch number : NA
System serial number : G1J90L5000711
System boot version : 1.2.12
Module information:
Slot 0 : S2910C-48GT2XS-HP-E
Cpu 0:
Hardware version : 1.01
System start time : 2016-06-17 11:06:19
Boot version : 1.2.12
Software version : S2910_RGOS 11.4(1)B1
Serial number : G1J90L5000711