在主流云平台上高效使用 AlmaLinux 10
本教程详细介绍如何在 AWS、阿里云等主流云平台上部署和优化 AlmaLinux 10,包括实例配置、网络设置、存储优化和安全加固。
云平台概览
AlmaLinux 10 云平台支持状况
| 云平台 | 支持状态 | 镜像类型 | 推荐实例规格 | 特殊优化 |
|---|---|---|---|---|
| AWS | ✅ 官方支持 | AMI 镜像 | t3/m5/c5 系列 | EBS 优化 |
| 阿里云 | ✅ 社区镜像 | 自定义镜像 | ecs.g6/c6/r6 | ESSD 存储 |
| 腾讯云 | ✅ 社区支持 | 市场镜像 | S5/M5/C4 | 高性能云盘 |
| 华为云 | ✅ 社区支持 | 公共镜像 | s6/c6/m6 | SSD 云硬盘 |
| Google Cloud | ✅ 社区镜像 | Custom Image | n2/c2/m2 | SSD 持久磁盘 |
AWS 云平台部署
1. AWS EC2 实例创建
选择 AlmaLinux 10 AMI
bash
# 使用 AWS CLI 查找 AlmaLinux 10 镜像
aws ec2 describe-images \
--owners 679593333241 \
--filters "Name=name,Values=AlmaLinux OS 10*" \
--query 'Images[*].[ImageId,Name,CreationDate]' \
--output table
# 示例返回的 AMI ID (实际 ID 会有所不同)
# ami-0abcdef1234567890 AlmaLinux OS 10.0.20241120 x86_64创建 EC2 实例脚本
bash
#!/bin/bash
# 设置变量
AMI_ID="ami-0abcdef1234567890" # AlmaLinux 10 AMI ID
INSTANCE_TYPE="t3.medium"
KEY_NAME="my-key-pair"
SECURITY_GROUP="sg-0123456789abcdef0"
SUBNET_ID="subnet-0123456789abcdef0"
# 创建实例
aws ec2 run-instances \
--image-id $AMI_ID \
--count 1 \
--instance-type $INSTANCE_TYPE \
--key-name $KEY_NAME \
--security-group-ids $SECURITY_GROUP \
--subnet-id $SUBNET_ID \
--associate-public-ip-address \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=AlmaLinux-10-Server}]' \
--user-data file://user-data.sh用户数据脚本 (user-data.sh)
bash
#!/bin/bash
# 系统更新
dnf update -y
# 安装基础工具
dnf install -y \
vim wget curl git htop \
aws-cli cloud-init \
amazon-ssm-agent
# 启动 SSM Agent
systemctl enable --now amazon-ssm-agent
# 配置时区
timedatectl set-timezone Asia/Shanghai
# 优化系统性能
echo 'vm.swappiness=10' >> /etc/sysctl.conf
echo 'net.core.rmem_max=134217728' >> /etc/sysctl.conf
echo 'net.core.wmem_max=134217728' >> /etc/sysctl.conf
sysctl -p
# 配置自动安全更新
dnf install -y dnf-automatic
systemctl enable --now dnf-automatic.timer
# 创建应用目录
mkdir -p /opt/webapp
chown ec2-user:ec2-user /opt/webapp
# 记录部署信息
cat > /var/log/deployment.log << EOF
AlmaLinux 10 EC2 Instance Deployed
Date: $(date)
Instance ID: $(curl -s http://169.254.169.254/latest/meta-data/instance-id)
AMI ID: $(curl -s http://169.254.169.254/latest/meta-data/ami-id)
Instance Type: $(curl -s http://169.254.169.254/latest/meta-data/instance-type)
EOF2. AWS 存储优化
EBS 卷优化配置
bash
# 检查当前存储配置
lsblk
df -h
# 创建和附加额外的 EBS 卷
aws ec2 create-volume \
--size 100 \
--volume-type gp3 \
--iops 3000 \
--throughput 125 \
--availability-zone us-west-2a \
--tag-specifications 'ResourceType=volume,Tags=[{Key=Name,Value=Data-Volume}]'
# 附加卷到实例 (假设卷 ID 为 vol-0123456789abcdef0)
aws ec2 attach-volume \
--volume-id vol-0123456789abcdef0 \
--instance-id i-0123456789abcdef0 \
--device /dev/xvdf
# 在实例内格式化和挂载
sudo mkfs.xfs /dev/xvdf
sudo mkdir -p /data
echo '/dev/xvdf /data xfs defaults,noatime 0 2' >> /etc/fstab
sudo mount -aS3 集成配置
bash
# 安装 AWS CLI 和 S3 工具
dnf install -y awscli s3fs-fuse
# 配置 S3 访问 (使用 IAM 角色)
# 创建 S3 存储桶
aws s3 mb s3://my-almalinux-backup
# 配置自动备份脚本
cat > /usr/local/bin/backup-to-s3.sh << 'EOF'
#!/bin/bash
BACKUP_DIR="/backup"
S3_BUCKET="s3://my-almalinux-backup"
DATE=$(date +%Y%m%d_%H%M%S)
# 创建备份
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/system-backup-$DATE.tar.gz \
--exclude='/proc' --exclude='/tmp' --exclude='/dev' \
--exclude='/sys' --exclude='/backup' \
/etc /home /var/log
# 上传到 S3
aws s3 cp $BACKUP_DIR/system-backup-$DATE.tar.gz $S3_BUCKET/
# 清理本地备份 (保留最近 3 个)
ls -t $BACKUP_DIR/system-backup-*.tar.gz | tail -n +4 | xargs rm -f
# 清理 S3 旧备份 (保留最近 30 个)
aws s3 ls $S3_BUCKET/ --recursive | sort | head -n -30 | awk '{print $4}' | \
while read file; do
aws s3 rm $S3_BUCKET/$file
done
EOF
chmod +x /usr/local/bin/backup-to-s3.sh
# 添加定时任务
echo "0 2 * * * /usr/local/bin/backup-to-s3.sh" | crontab -3. AWS 网络和安全配置
CloudWatch 监控配置
bash
# 安装 CloudWatch Agent
wget https://s3.amazonaws.com/amazoncloudwatch-agent/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm
dnf install -y ./amazon-cloudwatch-agent.rpm
# 配置 CloudWatch Agent
cat > /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json << 'EOF'
{
"agent": {
"metrics_collection_interval": 60,
"run_as_user": "cwagent"
},
"metrics": {
"namespace": "AlmaLinux/EC2",
"metrics_collected": {
"cpu": {
"measurement": [
"cpu_usage_idle",
"cpu_usage_iowait",
"cpu_usage_user",
"cpu_usage_system"
],
"metrics_collection_interval": 60
},
"disk": {
"measurement": [
"used_percent"
],
"metrics_collection_interval": 60,
"resources": [
"*"
]
},
"diskio": {
"measurement": [
"io_time"
],
"metrics_collection_interval": 60,
"resources": [
"*"
]
},
"mem": {
"measurement": [
"mem_used_percent"
],
"metrics_collection_interval": 60
}
}
},
"logs": {
"logs_collected": {
"files": {
"collect_list": [
{
"file_path": "/var/log/messages",
"log_group_name": "/aws/ec2/almalinux/messages",
"log_stream_name": "{instance_id}"
},
{
"file_path": "/var/log/secure",
"log_group_name": "/aws/ec2/almalinux/secure",
"log_stream_name": "{instance_id}"
}
]
}
}
}
}
EOF
# 启动 CloudWatch Agent
systemctl enable --now amazon-cloudwatch-agentALB 负载均衡器配置
bash
# 创建应用负载均衡器
aws elbv2 create-load-balancer \
--name almalinux-alb \
--subnets subnet-0123456789abcdef0 subnet-0987654321fedcba0 \
--security-groups sg-0123456789abcdef0
# 创建目标组
aws elbv2 create-target-group \
--name almalinux-targets \
--protocol HTTP \
--port 80 \
--vpc-id vpc-0123456789abcdef0 \
--health-check-path /health
# 注册目标
aws elbv2 register-targets \
--target-group-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/almalinux-targets \
--targets Id=i-0123456789abcdef0,Port=80阿里云平台部署
1. 阿里云 ECS 实例创建
查找 AlmaLinux 镜像
bash
# 使用阿里云 CLI 查找镜像
aliyun ecs DescribeImages \
--RegionId cn-hangzhou \
--OSType linux \
--ImageName "AlmaLinux*" \
--PageSize 50创建 ECS 实例
bash
#!/bin/bash
# 创建实例
aliyun ecs CreateInstance \
--RegionId cn-hangzhou \
--ImageId almalinux_10_0_x64_20G_alibase_20241120.vhd \
--InstanceType ecs.c6.large \
--SecurityGroupId sg-bp1234567890abcdef \
--VSwitchId vsw-bp1234567890abcdef \
--InstanceName "AlmaLinux-10-Server" \
--Password "YourStrongPassword123!" \
--InternetMaxBandwidthOut 5 \
--SystemDiskCategory cloud_essd \
--SystemDiskSize 40 \
--UserData $(base64 -w 0 user-data.sh)
# 启动实例
aliyun ecs StartInstance --InstanceId i-bp1234567890abcdef阿里云用户数据脚本
bash
#!/bin/bash
# 配置阿里云镜像源
cat > /etc/yum.repos.d/aliyun.repo << 'EOF'
[aliyun-os]
name=Aliyun OS
baseurl=https://mirrors.aliyun.com/almalinux/10/BaseOS/x86_64/os/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/almalinux/RPM-GPG-KEY-AlmaLinux
[aliyun-appstream]
name=Aliyun AppStream
baseurl=https://mirrors.aliyun.com/almalinux/10/AppStream/x86_64/os/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/almalinux/RPM-GPG-KEY-AlmaLinux
EOF
# 系统更新
dnf clean all
dnf update -y
# 安装阿里云工具
dnf install -y \
aliyun-cli \
cloud-init \
ecs-util
# 配置 NTP 同步
dnf install -y chrony
cat > /etc/chrony.conf << 'EOF'
server ntp.aliyun.com iburst
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
EOF
systemctl enable --now chronyd
# 优化网络性能
echo 'net.core.rmem_default = 262144' >> /etc/sysctl.conf
echo 'net.core.rmem_max = 16777216' >> /etc/sysctl.conf
echo 'net.core.wmem_default = 262144' >> /etc/sysctl.conf
echo 'net.core.wmem_max = 16777216' >> /etc/sysctl.conf
sysctl -p2. 阿里云存储优化
ESSD 云盘配置
bash
# 创建数据盘
aliyun ecs CreateDisk \
--RegionId cn-hangzhou \
--ZoneId cn-hangzhou-h \
--DiskName "data-disk" \
--Size 200 \
--DiskCategory cloud_essd \
--PerformanceLevel PL1
# 挂载数据盘
aliyun ecs AttachDisk \
--InstanceId i-bp1234567890abcdef \
--DiskId d-bp1234567890abcdef
# 在实例内配置数据盘
fdisk /dev/vdb << EOF
n
p
1
w
EOF
mkfs.xfs /dev/vdb1
mkdir -p /data
echo '/dev/vdb1 /data xfs defaults,noatime,norelatime 0 2' >> /etc/fstab
mount -aOSS 对象存储集成
bash
# 安装 ossutil
wget https://gosspublic.alicdn.com/ossutil/1.7.15/ossutil64
chmod +x ossutil64
mv ossutil64 /usr/local/bin/ossutil
# 配置 OSS 访问 (使用 RAM 角色)
ossutil config -e oss-cn-hangzhou.aliyuncs.com -i your-access-key -k your-secret-key
# 创建备份脚本
cat > /usr/local/bin/backup-to-oss.sh << 'EOF'
#!/bin/bash
BACKUP_DIR="/backup"
OSS_BUCKET="oss://my-almalinux-backup"
DATE=$(date +%Y%m%d_%H%M%S)
# 创建备份
mkdir -p $BACKUP_DIR
tar -czf $BACKUP_DIR/system-backup-$DATE.tar.gz \
--exclude='/proc' --exclude='/tmp' --exclude='/dev' \
--exclude='/sys' --exclude='/backup' \
/etc /home /var/log
# 上传到 OSS
ossutil cp $BACKUP_DIR/system-backup-$DATE.tar.gz $OSS_BUCKET/
# 清理本地备份 (保留最近 3 个)
ls -t $BACKUP_DIR/system-backup-*.tar.gz | tail -n +4 | xargs rm -f
EOF
chmod +x /usr/local/bin/backup-to-oss.sh
echo "0 3 * * * /usr/local/bin/backup-to-oss.sh" | crontab -3. 阿里云监控和安全
云监控配置
bash
# 安装云监控插件
wget https://cms-agent-${region}.oss-${region}.aliyuncs.com/cms-go-agent/2.1.55/cms-go-agent.linux-amd64.tar.gz
tar -xzf cms-go-agent.linux-amd64.tar.gz
./cms-go-agent/install.sh
# 配置自定义监控
cat > /usr/local/bin/custom-metrics.sh << 'EOF'
#!/bin/bash
# 获取磁盘使用率
DISK_USAGE=$(df / | tail -1 | awk '{print $5}' | sed 's/%//')
# 获取内存使用率
MEM_USAGE=$(free | grep Mem | awk '{printf "%.2f", $3/$2 * 100.0}')
# 发送到云监控
aliyun cms PutCustomMetric \
--RegionId cn-hangzhou \
--MetricData.1.MetricName disk_usage \
--MetricData.1.Value $DISK_USAGE \
--MetricData.1.Unit Percent
aliyun cms PutCustomMetric \
--RegionId cn-hangzhou \
--MetricData.1.MetricName memory_usage \
--MetricData.1.Value $MEM_USAGE \
--MetricData.1.Unit Percent
EOF
chmod +x /usr/local/bin/custom-metrics.sh
echo "*/5 * * * * /usr/local/bin/custom-metrics.sh" | crontab -SLB 负载均衡配置
bash
# 创建负载均衡实例
aliyun slb CreateLoadBalancer \
--RegionId cn-hangzhou \
--LoadBalancerName "almalinux-slb" \
--VpcId vpc-bp1234567890abcdef \
--VSwitchId vsw-bp1234567890abcdef \
--LoadBalancerSpec slb.s3.small
# 添加后端服务器
aliyun slb AddBackendServers \
--LoadBalancerId lb-bp1234567890abcdef \
--BackendServers '[{"ServerId":"i-bp1234567890abcdef","Weight":100}]'
# 创建监听器
aliyun slb CreateLoadBalancerHTTPListener \
--LoadBalancerId lb-bp1234567890abcdef \
--ListenerPort 80 \
--BackendServerPort 80 \
--Bandwidth 5 \
--HealthCheck on \
--HealthCheckURI /health跨云平台最佳实践
1. 统一监控和日志
Prometheus + Grafana 部署
bash
# 安装 Prometheus
useradd --no-create-home --shell /bin/false prometheus
mkdir -p /etc/prometheus /var/lib/prometheus
chown prometheus:prometheus /etc/prometheus /var/lib/prometheus
wget https://github.com/prometheus/prometheus/releases/download/v2.45.0/prometheus-2.45.0.linux-amd64.tar.gz
tar -xzf prometheus-2.45.0.linux-amd64.tar.gz
cp prometheus-2.45.0.linux-amd64/prometheus /usr/local/bin/
cp prometheus-2.45.0.linux-amd64/promtool /usr/local/bin/
chown prometheus:prometheus /usr/local/bin/prometheus /usr/local/bin/promtool
# 配置 Prometheus
cat > /etc/prometheus/prometheus.yml << 'EOF'
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'node-exporter'
static_configs:
- targets: ['localhost:9100']
- job_name: 'almalinux-servers'
static_configs:
- targets: ['server1:9100', 'server2:9100']
EOF
# 创建 systemd 服务
cat > /etc/systemd/system/prometheus.service << 'EOF'
[Unit]
Description=Prometheus
Wants=network-online.target
After=network-online.target
[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/prometheus \
--config.file /etc/prometheus/prometheus.yml \
--storage.tsdb.path /var/lib/prometheus/ \
--web.console.templates=/etc/prometheus/consoles \
--web.console.libraries=/etc/prometheus/console_libraries \
--web.listen-address=0.0.0.0:9090 \
--web.enable-lifecycle
[Install]
WantedBy=multi-user.target
EOF
systemctl enable --now prometheusELK 日志集中化
bash
# 安装 Elasticsearch
dnf install -y java-11-openjdk
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.10.0-x86_64.rpm
dnf install -y ./elasticsearch-8.10.0-x86_64.rpm
# 配置 Elasticsearch
cat > /etc/elasticsearch/elasticsearch.yml << 'EOF'
cluster.name: almalinux-logs
node.name: node-1
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
http.port: 9200
discovery.type: single-node
xpack.security.enabled: false
EOF
systemctl enable --now elasticsearch
# 安装 Logstash
dnf install -y ./logstash-8.10.0-x86_64.rpm
cat > /etc/logstash/conf.d/almalinux.conf << 'EOF'
input {
beats {
port => 5044
}
}
filter {
if [fields][log_type] == "syslog" {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:timestamp} %{IPORHOST:host} %{DATA:program}: %{GREEDYDATA:message}" }
}
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
index => "almalinux-logs-%{+YYYY.MM.dd}"
}
}
EOF
systemctl enable --now logstash
# 安装 Filebeat
dnf install -y ./filebeat-8.10.0-x86_64.rpm
cat > /etc/filebeat/filebeat.yml << 'EOF'
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/messages
- /var/log/secure
fields:
log_type: syslog
output.logstash:
hosts: ["localhost:5044"]
processors:
- add_host_metadata:
when.not.contains.tags: forwarded
EOF
systemctl enable --now filebeat2. 自动化部署
Terraform 多云部署
hcl
# main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
alicloud = {
source = "aliyun/alicloud"
version = "~> 1.200"
}
}
}
# AWS Provider
provider "aws" {
region = var.aws_region
}
# Alicloud Provider
provider "alicloud" {
region = var.alicloud_region
}
# AWS EC2 Instance
resource "aws_instance" "almalinux_aws" {
ami = var.aws_ami_id
instance_type = var.aws_instance_type
key_name = var.aws_key_name
vpc_security_group_ids = [aws_security_group.almalinux_sg.id]
subnet_id = var.aws_subnet_id
user_data = file("${path.module}/user-data.sh")
tags = {
Name = "AlmaLinux-AWS"
Environment = var.environment
}
}
# Alicloud ECS Instance
resource "alicloud_instance" "almalinux_alicloud" {
image_id = var.alicloud_image_id
instance_type = var.alicloud_instance_type
security_groups = [alicloud_security_group.almalinux_sg.id]
vswitch_id = var.alicloud_vswitch_id
user_data = file("${path.module}/user-data.sh")
tags = {
Name = "AlmaLinux-Alicloud"
Environment = var.environment
}
}Ansible 自动化配置
yaml
# playbook.yml
---
- name: Configure AlmaLinux servers across clouds
hosts: all
become: yes
vars:
packages:
- vim
- wget
- curl
- htop
- git
tasks:
- name: Update system packages
dnf:
name: "*"
state: latest
- name: Install required packages
dnf:
name: "{{ packages }}"
state: present
- name: Configure timezone
timezone:
name: Asia/Shanghai
- name: Setup firewall rules
firewalld:
service: "{{ item }}"
permanent: yes
state: enabled
immediate: yes
loop:
- ssh
- http
- https
- name: Configure automatic security updates
dnf:
name: dnf-automatic
state: present
- name: Enable automatic updates
systemd:
name: dnf-automatic.timer
enabled: yes
state: started
- name: Configure backup script
template:
src: backup.sh.j2
dest: /usr/local/bin/backup.sh
mode: '0755'
- name: Setup backup cron job
cron:
name: "Daily backup"
minute: "0"
hour: "2"
job: "/usr/local/bin/backup.sh"3. 成本优化策略
AWS 成本优化
bash
# Spot 实例使用脚本
cat > /usr/local/bin/spot-price-check.sh << 'EOF'
#!/bin/bash
INSTANCE_TYPE="t3.medium"
AZ="us-west-2a"
# 获取当前 Spot 价格
SPOT_PRICE=$(aws ec2 describe-spot-price-history \
--instance-types $INSTANCE_TYPE \
--availability-zone $AZ \
--product-descriptions "Linux/UNIX" \
--max-items 1 \
--query 'SpotPriceHistory[0].SpotPrice' \
--output text)
echo "Current Spot Price for $INSTANCE_TYPE in $AZ: $SPOT_PRICE"
# 如果价格合适,创建 Spot 实例
if (( $(echo "$SPOT_PRICE < 0.05" | bc -l) )); then
echo "Price is good, creating Spot instance..."
aws ec2 request-spot-instances \
--spot-price $SPOT_PRICE \
--launch-specification "{
\"ImageId\":\"ami-0abcdef1234567890\",
\"InstanceType\":\"$INSTANCE_TYPE\",
\"KeyName\":\"my-key-pair\",
\"SecurityGroupIds\":[\"sg-0123456789abcdef0\"],
\"SubnetId\":\"subnet-0123456789abcdef0\"
}"
fi
EOF
chmod +x /usr/local/bin/spot-price-check.sh阿里云成本优化
bash
# 抢占式实例监控脚本
cat > /usr/local/bin/preemptible-monitor.sh << 'EOF'
#!/bin/bash
# 检查实例释放通知
if curl -s --max-time 3 http://100.100.100.200/latest/meta-data/instance/spot/termination-time; then
echo "$(date): Preemptible instance will be released soon" >> /var/log/preemptible.log
# 执行数据备份
/usr/local/bin/backup-to-oss.sh
# 发送通知 (可以集成钉钉、邮件等)
echo "Instance will be terminated" | mail -s "Preemptible Alert" [email protected]
fi
EOF
chmod +x /usr/local/bin/preemptible-monitor.sh
echo "*/1 * * * * /usr/local/bin/preemptible-monitor.sh" | crontab -性能调优
1. 网络性能优化
TCP 调优配置
bash
# 网络性能调优
cat >> /etc/sysctl.conf << 'EOF'
# TCP 优化
net.core.rmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_default = 262144
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.tcp_congestion_control = bbr
net.core.default_qdisc = fq
# 连接数优化
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.ip_local_port_range = 1024 65535
# 快速回收 TIME_WAIT 连接
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 30
EOF
sysctl -p2. 存储性能优化
文件系统调优
bash
# XFS 文件系统优化
mount -o remount,noatime,nodiratime /
echo "/dev/xvda1 / xfs defaults,noatime,nodiratime 0 1" >> /etc/fstab
# I/O 调度器优化
echo mq-deadline > /sys/block/xvda/queue/scheduler
# 永久化 I/O 调度器设置
cat > /etc/udev/rules.d/60-io-scheduler.rules << 'EOF'
# Set I/O scheduler for NVMe devices
ACTION=="add|change", KERNEL=="nvme[0-9]*", ATTR{queue/scheduler}="none"
# Set I/O scheduler for SSD devices
ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="mq-deadline"
# Set I/O scheduler for HDD devices
ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="1", ATTR{queue/scheduler}="bfq"
EOF故障排查和监控
常见问题解决
云平台特定问题
bash
# AWS 元数据服务访问问题
curl -s http://169.254.169.254/latest/meta-data/instance-id
# 如果无法访问,检查安全组和路由表
# 阿里云元数据服务
curl -s http://100.100.100.200/latest/meta-data/instance-id
# 网络连通性测试
ping -c 4 8.8.8.8
traceroute 8.8.8.8
mtr --report --report-cycles 10 8.8.8.8
# DNS 解析测试
nslookup google.com
dig @8.8.8.8 google.com性能问题诊断
bash
# 系统负载监控
uptime
top
htop
iotop
iftop
# 磁盘性能测试
fio --name=random-write --ioengine=posixaio --rw=randwrite --bs=4k --size=4g --numjobs=1 --iodepth=1 --runtime=60 --time_based --end_fsync=1
# 网络性能测试
iperf3 -s # 服务器端
iperf3 -c server_ip -t 30 # 客户端测试总结: 在主流云平台上部署 AlmaLinux 10 需要考虑平台特性、成本优化和性能调优。通过合理的配置和监控,可以在保证性能的同时最大化成本效益。建议根据实际业务需求选择合适的实例规格和存储类型,并建立完善的监控和备份机制。
相关文档: