# etcd {"level":"warn","ts":"2023-10-05T02:16:52.853273Z","caller":"embed/config.go:673","msg":"Running http and grpc server on single port. This is not recommended for production."} {"level":"info","ts":"2023-10-05T02:16:52.853914Z","caller":"etcdmain/etcd.go:73","msg":"Running: ","args":["etcd"]} {"level":"warn","ts":"2023-10-05T02:16:52.853947Z","caller":"etcdmain/etcd.go:105","msg":"'data-dir' was empty; using default","data-dir":"default.etcd"} {"level":"warn","ts":"2023-10-05T02:16:52.853994Z","caller":"embed/config.go:673","msg":"Running http and grpc server on single port. This is not recommended for production."} {"level":"info","ts":"2023-10-05T02:16:52.854009Z","caller":"embed/etcd.go:127","msg":"configuring peer listeners","listen-peer-urls":["http://localhost:2380"]} ...
常用管理命令
etcd
查看版本信息
# etcd --version etcd Version: 3.5.3 Git SHA: 0452feec7 Go Version: go1.16.15 Go OS/Arch: linux/amd64
$ ctr image ls REF TYPE DIGEST SIZE PLATFORMS LABELS docker.io/library/nginx:alpine application/vnd.docker.distribution.manifest.list.v2+json sha256:455c39afebd4d98ef26dd70284aa86e6810b0485af5f4f222b19b89758cabf1e 9.8 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x -
将镜像挂载到本地目录
$ ctr image mount docker.io/library/nginx:alpine /mnt $ ls /mnt bin docker-entrypoint.d etc lib mnt proc run srv tmp var dev docker-entrypoint.sh home media opt root sbin sys usr
NAME: rancher LAST DEPLOYED: Wed Oct 12 10:22:25 2022 NAMESPACE: cattle-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: Rancher Server has been installed.
NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued, Containers are started and the Ingress rule comes up.
Check out our docs at https://rancher.com/docs/
If you provided your own bootstrap password during installation, browse to https://rancher.my.com to get started.
If this is the first time you installed Rancher, get started by running this command and clicking the URL it generates:
WARN EACCES user “root” does not have permission to access the dev dir “/root/.node-gyp/11.15.0” ERR! stack Error: EACCES: permission denied, mkdir ‘node_modules/sqlite3/.node-gyp’
$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/testuser/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/testuser/.ssh/id_rsa. Your public key has been saved in /home/testuser/.ssh/id_rsa.pub. The key fingerprint is: SHA256:Lzvl8GbOQETBVcTf8lf0Qk9KUQAESs9h8wARud+iQrk testuser@k8s-uat-master1.148962587001 The key's randomart image is: +---[RSA 2048]----+ | .BBB*=.o+.| | oo= =. o o| | o.o .+ *.| | .. = =| | .S. . +.| | o...+ . o| | . .o*.. .| | E o== | | ..=o | +----[SHA256]-----+
$ ssh-copy-id -p 30000 testuser@172.31.30.115 /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/testuser/.ssh/id_rsa.pub" The authenticity of host '[172.31.30.115]:30000 ([172.31.30.115]:30000)' can't be established. ECDSA key fingerprint is SHA256:vKD5th2QpWYv/hmt+180BsENDHWNcJdKiEBOH06h/K8. ECDSA key fingerprint is MD5:bf:8c:b9:e6:31:92:1f:a9:b6:7b:8f:50:d7:10:9e:fd. Are you sure you want to continue connecting (yes/no)? yes /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keystestuser@172.31.30.115's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p '30000' 'testuser@172.31.30.115'" and check to make sure that only the key(s) you wanted were added.
在本地服务器上面验证可以免密登陆到目标服务器。
如果要配置双向免密,将以上步骤反过来操作一遍即可
常见配置
登录服务器,经常遇见以下提示信息,说明有主机一直在尝试暴力破解用户名密码
There were 696 failed login attempts since the last successful login.
# cat /etc/sudoers.d/90-cloud-init-users # Created by cloud-init v. 19.4 on Mon, 31 Oct 2022 07:58:58 +0000 # User rules for centos centos ALL=(ALL) NOPASSWD:ALL