VPS 配置
- 主机:vCPU x2, 512MB, 20GB
- 位置:阿里云,日本.东京
- OS: ubuntu24.20
原因:
这篇是操作过程的记录文章。
2 个月前, 在阿里云买了台 vps 。当时本想放到韩国,因为它离北京近。 但最便宜的这款没货。就选择了日本。
我不喜欢 Unix/Linux 还弄个 sudo,碍事。没办法,可用的就这些,内存只有0.5GB。 Ubuntu
拿到 VPS 阿里云 轻量应用服务器
删除 法语包 :p
rm -fr / # 别真做玩笑~
一、先升级软件包的数据库:
1. 更新可用软件包的数据库
:~$ sudo apt-get update
Get:1 http://mirrors.cloud.aliyuncs.com/ubuntu noble InRelease [256 kB]
2025-01-10 15:30:08 重新连接成功!
Welcome to Ubuntu 24.04 LTS (GNU/Linux 6.8.0-40-generic x86_64)
...
Welcome to Alibaba Cloud Elastic Compute Service !
Last login: Sat Jan 11 05:30:07 2025 from 2. 升级系统中所有已安装的软件包到最新版本
~$ sudo apt upgrade -y
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
python3-boto3 python3-botocore python3-dateutil python3-jmespath python3-packaging python3-s3transfer
...
User sessions running outdated binaries:
admin @ session #36: apt[8408], sshd[8342,8388]
admin @ user manager service: systemd[8263]
No VM guests are running outdated hypervisor (qemu) binaries on this host.
N: Some packages may have been kept back due to phasing.3. 安装 curl 和 git 这两个软件包 (如果已经安装,会进行升级)
~$ sudo apt install -y curl git
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
curl is already the newest version (8.5.0-2ubuntu10.6).
git is already the newest version (1:2.43.0-1ubuntu7.1).
git set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 4 not upgraded.小结:上图看到 apt 数据源是 aliyuncs.com
二、安装 tailscale
1. 安装指引:
2. 安装步骤:
选平台的 OS: Linux, 然后复制 “命令” 行,到 vpm console 里运行。 看到成功后,再运行:
"sudo tailscale up"
按提示,把上面的绿框,复制到浏览器去激活。
成功后,到控制台,就可以看到 vLan 中的设备, 见下图中的绿框, Linux 也会返回 "Success"
三、替换 apt 数据源
1. 原因:在更新系统时,报错
root@i---Z:~# sudo apt update && sudo apt upgrade -y
Last login: Fri Jan 17 09:06:30 2025 from 15.181.96.144
root@iZ6we8yqtf6a6ziq6lzoggZ:~# sudo apt update && sudo apt upgrade -y
Ign:1 http://mirrors.cloud.aliyuncs.com/ubuntu noble InRelease
Ign:2 https://pkgs.tailscale.com/stable/ubuntu noble InRelease
Ign:3 http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates InRelease
Ign:2 https://pkgs.tailscale.com/stable/ubuntu noble InRelease
Ign:4 http://mirrors.cloud.aliyuncs.com/ubuntu noble-backports InRelease
Ign:2 https://pkgs.tailscale.com/stable/ubuntu noble InRelease
Ign:5 http://mirrors.cloud.aliyuncs.com/ubuntu noble-security InRelease
Err:2 https://pkgs.tailscale.com/stable/ubuntu noble InRelease
Could not resolve 'pkgs.tailscale.com'
Ign:1 http://mirrors.cloud.aliyuncs.com/ubuntu noble InRelease
Ign:3 http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates InRelease
Ign:4 http://mirrors.cloud.aliyuncs.com/ubuntu noble-backports InRelease
Ign:5 http://mirrors.cloud.aliyuncs.com/ubuntu noble-security InRelease
Ign:1 http://mirrors.cloud.aliyuncs.com/ubuntu noble InRelease
0% [Working]在安装 Tailscale 后,遇到 DNS 解析问题
# ping google.com
ping: google.com: Name or service not known2. 修复 DNS
1) 查看 /etc/resolv.conf
cat /etc/resolv.conf
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search tailcd75d4.ts.net原本以为修改 nameserver 就可以,但不是这样。 从上面可以看到,配置文件中,Tailscale 添加的搜索域:search tailcd75d4.ts.net
不是常规的,来修改 resolv.conf
2) Tailscale 网络配置
检查 Tailscale 的状态
查看当前 DNS 配置
3)利用 netplan 配置系统 DNS
创建配置文件:
cat << EOF >> /etc/netplan/00-installer-config.yaml
network:
version: 2
ethernets:
eth0:
dhcp4: true
nameservers:
addresses: [223.5.5.5, 223.6.6.6]
EOF上面的地址是 阿里云 的DNS
应用配置:
# sudo netplan apply
(generate:190382): WARNING : 05:43:44.708: Permissions for /etc/netplan/00-installer-config.yaml are too open. Netplan configuration should NOT be accessible by others.
(process:190378): WARNING : 05:43:45.676: Permissions for /etc/netplan/00-installer-config.yaml are too open. Netplan configuration should NOT be accessible by others.
(process:190378): WARNING : 05:43:46.044: Permissions for /etc/netplan/00-installer-config.yaml are too open. Netplan configuration should NOT be accessible by others.这个报错是 netplan 配置文件权限太开放,要修改:文件权限、所有者
sudo chmod 600 /etc/netplan/00-installer-config.yaml
sudo chown root:root /etc/netplan/00-installer-config.yaml再次应用配置:
sudo netplan apply检查配置是否生效:
ping google.com 可以解析, DNS 问题算是解决。
4) 使用日本 apt 源
更新时,连不到 阿里云的镜像, 有问题,切换到日本的镜像源
a. cat /etc/apt/sources.list
root@---Z:~# cat /etc/apt/sources.list
## Note, this file is written by cloud-init on first boot of an instance
## modifications made here will not survive a re-bundle.
## if you wish to make changes you can:
## a.) add 'apt_preserve_sources_list: true' to /etc/cloud/cloud.cfg
## or do the same in user-data
## b.) add sources in /etc/apt/sources.list.d
## c.) make changes to template file /etc/cloud/templates/sources.list.tmpl
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble main restricted
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates main restricted
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble universe
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble universe
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates universe
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble multiverse
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble multiverse
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates multiverse
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-backports main restricted universe multiverse
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-backports main restricted universe multiverse
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-security main restricted
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-security main restricted
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-security universe
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-security universe
deb http://mirrors.cloud.aliyuncs.com/ubuntu noble-security multiverse
# deb-src http://mirrors.cloud.aliyuncs.com/ubuntu noble-security multiverse依据注释的方法:在 /etc/apt/sources.list.d/ 创建新的源文件,添加内容见下图:
b. 禁用阿里云
对源文件备份:
sudo mv /etc/apt/sources.list /etc/apt/sources.list.bak创建新的 sources.list
root@i----Z:~# cat /etc/apt/sources.list
deb http://jp.archive.ubuntu.com/ubuntu/ noble main restricted universe multiverse
deb http://jp.archive.ubuntu.com/ubuntu/ noble-updates main restricted universe multiverse
deb http://jp.archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu/ noble-security main restricted universe multiverse清除缓存并尝试更新
sudo apt clean
sudo apt update && sudo apt upgrade -y便宜没好货,等了几分钟没动
c. 改 systemd-resolved 配置 /etc/systemd/resolved.conf
# cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
DNS=8.8.8.8 8.8.8.4
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0加了 GOOGLE DNS IP, 去掉注释 DNSStubListener=yes
重启 systemd-resolved:
sudo systemctl restart systemd-resolved检查是否生效
root@i----Z:~# resolvectl status
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 8.8.8.8
DNS Servers: 8.8.8.8 8.8.8.4
Link 2 (eth0)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 223.5.5.5
DNS Servers: 223.5.5.5 223.6.6.6 100.100.2.136 100.100.2.138
Link 3 (tailscale0)
Current Scopes: DNS
Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 100.100.100.100
DNS Servers: 100.100.100.100
DNS Domain: tailcd75d4.ts.net ~0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa ~100.100.in-addr.arpa ~101.100.in-addr.arpa ~102.100.in-addr.arpa ~103.100.in-addr.arpa ~104.100.in-addr.arpa ~105.100.in-addr.arpa ~106.100.in-addr.arpa ~107.100.in-addr.arpa
~108.100.in-addr.arpa ~109.100.in-addr.arpa ~110.100.in-addr.arpa ~111.100.in-addr.arpa ~112.100.in-addr.arpa ~113.100.in-addr.arpa ~114.100.in-addr.arpa ~115.100.in-addr.arpa ~116.100.in-addr.arpa ~117.100.in-addr.arpa
~118.100.in-addr.arpa ~119.100.in-addr.arpa ~120.100.in-addr.arpa ~121.100.in-addr.arpa ~122.100.in-addr.arpa ~123.100.in-addr.arpa ~124.100.in-addr.arpa ~125.100.in-addr.arpa ~126.100.in-addr.arpa ~127.100.in-addr.arpa
~64.100.in-addr.arpa ~65.100.in-addr.arpa ~66.100.in-addr.arpa ~67.100.in-addr.arpa ~68.100.in-addr.arpa ~69.100.in-addr.arpa ~70.100.in-addr.arpa ~71.100.in-addr.arpa ~72.100.in-addr.arpa ~73.100.in-addr.arpa ~74.100.in-addr.arpa
~75.100.in-addr.arpa ~76.100.in-addr.arpa ~77.100.in-addr.arpa ~78.100.in-addr.arpa ~79.100.in-addr.arpa ~80.100.in-addr.arpa ~81.100.in-addr.arpa ~82.100.in-addr.arpa ~83.100.in-addr.arpa ~84.100.in-addr.arpa ~85.100.in-addr.arpa
~86.100.in-addr.arpa ~87.100.in-addr.arpa ~88.100.in-addr.arpa ~89.100.in-addr.arpa ~90.100.in-addr.arpa ~91.100.in-addr.arpa ~92.100.in-addr.arpa ~93.100.in-addr.arpa ~94.100.in-addr.arpa ~95.100.in-addr.arpa ~96.100.in-addr.arpa
~97.100.in-addr.arpa ~98.100.in-addr.arpa ~99.100.in-addr.arpa ~ts.net再次尝试更新 apt
root@i----Z:~# ^C
root@i----Z:~# sudo apt update && sudo apt upgrade -y
Hit:1 http://jp.archive.ubuntu.com/ubuntu noble InRelease
Hit:2 http://security.ubuntu.com/ubuntu noble-security InRelease
Get:3 http://jp.archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Hit:4 http://jp.archive.ubuntu.com/ubuntu noble-backports InRelease
Get:5 https://pkgs.tailscale.com/stable/ubuntu noble InRelease
0% [Working] 已经正常, 但 iostat 输出进一步证实了 I/O 瓶颈是系统缓慢的罪魁祸首。重启 vps
再升做了一遍, 清除缓存,安装 apt。 这次完成了。
npacking rsync (3.2.7-1ubuntu1.2) over (3.2.7-1ubuntu1) ...
Setting up rsync (3.2.7-1ubuntu1.2) ...
rsync.service is a disabled or a static unit not running, not starting it.
Processing triggers for man-db (2.12.0-4build2) ...
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
N: Some packages may have been kept back due to phasing.
root@i------Z:~#
root@i-------Z:~# sudo apt update && sudo apt upgrade -y现在这台 vps 的 DNS, APT 源不现使用 阿里云。