OracleCloud的VPS问题汇总

By heiry on 2021-04-27 [ in 技术 ]

Oracle的云服务较之国内有很多便利,也没那么多套路,但新上手还是有很多不顺之处。

1.OracleCloud创建的主机,是不能自己配置公网IP的,也看不到绑定公网IP的网卡,只能看到一块ens3的默认网卡,绑定的是内网IP。

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
[root@instance-heiry ~]# [root@instance-heiry ~]# ifconfig -a
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9000
inet 10.0.0.86 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::17ff:fe00:7ee5 prefixlen 64 scopeid 0x20<link>
ether 02:00:17:00:7e:e5 txqueuelen 1000 (Ethernet)
RX packets 42717 bytes 79644892 (75.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 39782 bytes 17319192 (16.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@instance-heiry ~]# [root@instance-heiry ~]# ifconfig -a ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9000 inet 10.0.0.86 netmask 255.255.255.0 broadcast 10.0.0.255 inet6 fe80::17ff:fe00:7ee5 prefixlen 64 scopeid 0x20<link> ether 02:00:17:00:7e:e5 txqueuelen 1000 (Ethernet) RX packets 42717 bytes 79644892 (75.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 39782 bytes 17319192 (16.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@instance-heiry ~]# [root@instance-heiry ~]# ifconfig -a
ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 9000
        inet 10.0.0.86  netmask 255.255.255.0  broadcast 10.0.0.255
        inet6 fe80::17ff:fe00:7ee5  prefixlen 64  scopeid 0x20<link>
        ether 02:00:17:00:7e:e5  txqueuelen 1000  (Ethernet)
        RX packets 42717  bytes 79644892 (75.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 39782  bytes 17319192 (16.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2.默认以opc+key登录,root被禁用,每次SSH之后都要sudo -i 才能执行相应操作,非常麻烦,需要手动更改:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo -i
sudo passwd root
Changing password for user root.
New password:
sudo -i sudo passwd root Changing password for user root. New password:
sudo -i
sudo passwd root
Changing password for user root.
New password:
Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
#打开PasswordAuthentication及 PermitRootLogin功能
vim /etc/ssh/sshd_config
#把值设为yes,去掉注释
PasswordAuthentication yes
PermitRootLogin yes
#重启SSH服务
service sshd restart
#打开PasswordAuthentication及 PermitRootLogin功能 vim /etc/ssh/sshd_config #把值设为yes,去掉注释 PasswordAuthentication yes PermitRootLogin yes #重启SSH服务 service sshd restart
#打开PasswordAuthentication及 PermitRootLogin功能
vim /etc/ssh/sshd_config
#把值设为yes,去掉注释
PasswordAuthentication yes
PermitRootLogin yes
#重启SSH服务
service sshd restart

3.默认有security list 控制入站规则,除了在服务器设定开放端口外, security list 也需要设置Ingress Rules才能访问。

4.使用ubuntu 系统默认装 iptables-persistent,需要手动设置。centOS8下安装mysql8.0,出现莫名其妙的问题, security list开放了3306访问,服务器防火墙也开启了3306,mysql服务器权限都设置了,但是在启用服务器防火墙情况下,始终无法远程访问mysql服务器,如关闭,则可以访问。即使mysqld服务占用的3306/33060端口都开放,监听了所有IP,仍然无法访问。

发现3306端口只是在TCP6下监听,于是将

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
vim /etc/mysql/my.cnf
#加上参数
bind-address = 0.0.0.0
vim /etc/mysql/my.cnf #加上参数 bind-address = 0.0.0.0
vim /etc/mysql/my.cnf 
#加上参数
bind-address = 0.0.0.0

设置IPv4转发状态

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sysctl net.ipv4.ip_forward
vim /etc/sysctl.conf
#添加以下参数
net.ipv4.ip_forward = 1
sysctl net.ipv4.ip_forward vim /etc/sysctl.conf #添加以下参数 net.ipv4.ip_forward = 1
sysctl net.ipv4.ip_forward
vim /etc/sysctl.conf
#添加以下参数
net.ipv4.ip_forward = 1

发现,3306转到tcp下监听,可是打开防火墙,远程依然是被blocked状态。

 

 >>



© 2009-2024 MOSANG.NET DESIGNED BY HEIRY