https://liangweidonggood.github.io/tags/ubuntu/Recent content in Ubuntu on Liangweidong's blogHugo -- gohugo.iozh-cnFri, 15 Nov 2024 00:00:00 +0800https://liangweidonggood.github.io/p/ubuntu-fa-xing-ban-shi-zhan-2024/Fri, 15 Nov 2024 00:00:00 +0800https://liangweidonggood.github.io/p/ubuntu-fa-xing-ban-shi-zhan-2024/<img src="https://liangweidonggood.github.io/p/ubuntu-fa-xing-ban-shi-zhan-2024/image/cover.jpg" alt="Featured image of post Ubuntu 发行版实战：22.04 / 24.04 server 装机、换源、netplan、LVM、ufw 防火墙" /><h2 id="一为什么是-2024-年这一份">一、为什么是 2024 年这一份 </h2><p>2024 年这个时间点是 Ubuntu 的关键节点：</p> <ul> <li><strong>Ubuntu 22.04 LTS (Jammy Jellyfish)</strong> —— 2022-04 发布，2027-04 维护到期，<strong>2024 主力</strong></li> <li><strong>Ubuntu 24.04 LTS (Noble Numbat)</strong> —— 2024-04 发布，<strong>2027-04 起进入主流</strong></li> <li><strong>netplan</strong> 已成 Ubuntu 网络配置唯一方式（interfaces 退场）</li> <li><strong>systemd-resolved</strong> 是 DNS 解析默认</li> <li><strong>ufw</strong> 是 iptables 之上最常用的防火墙前端</li> <li><strong>Linux Mint 21.2 &ldquo;Victoria&rdquo;</strong>（2022）基于 Ubuntu 22.04 LTS，内核 5.15</li> </ul> <p>这一篇<strong>覆盖 Ubuntu 22.04 / 24.04 server 装机、U 盘制作、换源（清华 / 中科大 / 阿里云）、netplan 静态 IP、systemd-resolved DNS、ufw 防火墙、LVM on RAID10、Linux Mint 美化</strong>——Ubuntu 装机一站式手册。</p> <blockquote> <p><strong>阅读建议</strong>：本文按&quot;先看版本 → 选对应章节&quot;组织。22.04 与 24.04 大部分操作通用，差异点单独标注。</p> </blockquote> <h2 id="二ubuntu-2204-装机流程">二、Ubuntu 22.04 装机流程 </h2><h3 id="21-下载镜像">2.1 下载镜像 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 官方下载</span> </span></span><span class="line"><span class="cl">https://cn.ubuntu.com/download/server/step1 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 22.04.2 live-server-amd64.iso</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="22-u-盘制作工具">2.2 U 盘制作工具 </h3><table> <thead> <tr> <th>工具</th> <th>平台</th> <th>特点</th> </tr> </thead> <tbody> <tr> <td><strong>Rufus</strong></td> <td>Windows</td> <td>轻量、绿色版、首选</td> </tr> <tr> <td>imageUSB</td> <td>Windows</td> <td>老牌工具</td> </tr> <tr> <td>UltraISO</td> <td>Windows</td> <td>老牌但被 Rufus 取代</td> </tr> <tr> <td>balenaEtcher</td> <td>跨平台</td> <td>macOS / Linux 也用</td> </tr> </tbody> </table> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># Rufus 4.0 绿色版</span> </span></span><span class="line"><span class="cl">https://github.com/pbatard/rufus/releases/download/v4.0/rufus-4.0p.exe </span></span></code></pre></td></tr></table> </div> </div><h3 id="23-u-盘写入步骤">2.3 U 盘写入步骤 </h3><ol> <li>打开 Rufus</li> <li>选择下载的 ISO</li> <li>选择 U 盘</li> <li>默认设置（MBR / FAT32）即可</li> <li>点&quot;开始&quot;等完成</li> </ol> <blockquote> <p><strong>关于 UEFI vs Legacy</strong>：UEFI 模式建议选 GPT；Legacy 模式选 MBR。Rufus 默认是 MBR + BIOS，UEFI 需要手动改。</p> </blockquote> <h2 id="三换源清华--中科大--阿里云">三、换源：清华 / 中科大 / 阿里云 </h2><h3 id="31-清华源2204">3.1 清华源（22.04） </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 备份</span> </span></span><span class="line"><span class="cl">mv /etc/apt/sources.list /etc/apt/sources.listbak </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 写入清华源</span> </span></span><span class="line"><span class="cl">cat &gt; /etc/apt/sources.list &lt;&lt; <span class="s2">&#34;EOF&#34;</span> </span></span><span class="line"><span class="cl">deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse </span></span><span class="line"><span class="cl">EOF </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">apt update </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 还原</span> </span></span><span class="line"><span class="cl">mv /etc/apt/sources.listbak /etc/apt/sources.list </span></span></code></pre></td></tr></table> </div> </div><h3 id="32-中科大源">3.2 中科大源 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat &lt;&lt; <span class="s2">&#34;EOF&#34;</span> &gt; /etc/apt/sources.list </span></span><span class="line"><span class="cl">deb https://mirrors.ustc.edu.cn/ubuntu/ jammy main restricted universe multiverse </span></span><span class="line"><span class="cl">deb-src https://mirrors.ustc.edu.cn/ubuntu/ jammy main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.ustc.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse </span></span><span class="line"><span class="cl">deb-src https://mirrors.ustc.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.ustc.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse </span></span><span class="line"><span class="cl">deb-src https://mirrors.ustc.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.ustc.edu.cn/ubuntu/ jammy-security main restricted universe multiverse </span></span><span class="line"><span class="cl">deb-src https://mirrors.ustc.edu.cn/ubuntu/ jammy-security main restricted universe multiverse </span></span><span class="line"><span class="cl">deb https://mirrors.ustc.edu.cn/ubuntu/ jammy-proposed main restricted universe multiverse </span></span><span class="line"><span class="cl">deb-src https://mirrors.ustc.edu.cn/ubuntu/ jammy-proposed main restricted universe multiverse </span></span><span class="line"><span class="cl">EOF </span></span></code></pre></td></tr></table> </div> </div><h3 id="33-sed-一键替换">3.3 sed 一键替换 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 默认 cn.archive.ubuntu.com 替换为清华</span> </span></span><span class="line"><span class="cl">sed -i <span class="s1">&#39;s/http://cn.archive.ubuntu.com/https://mirrors.tuna.tsinghua.edu.cn/g&#39;</span> /etc/apt/sources.list </span></span></code></pre></td></tr></table> </div> </div><h2 id="四netplan-网络配置">四、netplan 网络配置 </h2><h3 id="41-静态-ip2204">4.1 静态 IP（22.04） </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">vim /etc/netplan/00-installer-config.yaml </span></span></code></pre></td></tr></table> </div> </div><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">network</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ethernets</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">eno1</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">addresses</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="m">192.168.10.127</span><span class="l">/24</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">routes</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">to</span><span class="p">:</span><span class="w"> </span><span class="l">default</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">via</span><span class="p">:</span><span class="w"> </span><span class="m">192.168.10.1</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">nameservers</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">addresses</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="m">211.138.24.66</span><span class="p">,</span><span class="w"> </span><span class="m">114.114.114.114</span><span class="p">,</span><span class="w"> </span><span class="m">192.168.10.1</span><span class="p">]</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">eno2</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">eno3</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">eno4</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="kc">true</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="m">2</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">netplan apply </span></span></code></pre></td></tr></table> </div> </div> <blockquote> <p><strong>YAML 严格缩进</strong>：netplan 对 YAML 缩进敏感，缩进错一个空格都可能报错。</p> </blockquote> <h3 id="42-改回-dhcp">4.2 改回 DHCP </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span><span class="lnt">7 </span><span class="lnt">8 </span><span class="lnt">9 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat &gt; /etc/netplan/00-installer-config.yaml &lt;&lt; <span class="s2">&#34;EOF&#34;</span> </span></span><span class="line"><span class="cl">network: </span></span><span class="line"><span class="cl"> ethernets: </span></span><span class="line"><span class="cl"> eno1: </span></span><span class="line"><span class="cl"> dhcp4: <span class="nb">true</span> </span></span><span class="line"><span class="cl"> version: <span class="m">2</span> </span></span><span class="line"><span class="cl">EOF </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">netplan apply </span></span></code></pre></td></tr></table> </div> </div><h2 id="五systemd-resolved-dns">五、systemd-resolved DNS </h2><h3 id="51-配置">5.1 配置 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">vim /etc/systemd/resolved.conf </span></span></code></pre></td></tr></table> </div> </div><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span><span class="lnt">7 </span><span class="lnt">8 </span><span class="lnt">9 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-ini" data-lang="ini"><span class="line"><span class="cl"><span class="k">[Resolve]</span> </span></span><span class="line"><span class="cl"><span class="c1"># Some examples of DNS servers which may be used for DNS= and FallbackDNS=:</span> </span></span><span class="line"><span class="cl"><span class="c1"># Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com ...</span> </span></span><span class="line"><span class="cl"><span class="c1"># Google: 8.8.8.8#dns.google 8.8.4.4#dns.google ...</span> </span></span><span class="line"><span class="cl"><span class="c1"># Quad9: 9.9.9.9#dns.quad9.net ...</span> </span></span><span class="line"><span class="cl"><span class="c1">#DNS=</span> </span></span><span class="line"><span class="cl"><span class="na">DNS</span><span class="o">=</span><span class="s">114.114.114.114</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="na">systemctl restart systemd-resolved</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="52-验证">5.2 验证 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">resolvectl status </span></span><span class="line"><span class="cl"><span class="c1"># 或</span> </span></span><span class="line"><span class="cl">cat /run/systemd/resolve/resolv.conf </span></span></code></pre></td></tr></table> </div> </div> <blockquote> <p><strong>关于 <code>/etc/resolv.conf</code></strong>：Ubuntu 17.10+ 的 <code>/etc/resolv.conf</code> 是软链接到 <code>/run/systemd/resolve/stub-resolv.conf</code>，<strong>手动修改 <code>/etc/resolv.conf</code> 重启后失效</strong>。正确做法是改 <code>/etc/systemd/resolved.conf</code>。</p> </blockquote> <h2 id="六ufw-防火墙">六、ufw 防火墙 </h2><h3 id="61-启用与默认策略">6.1 启用与默认策略 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 启用</span> </span></span><span class="line"><span class="cl">ufw <span class="nb">enable</span> </span></span><span class="line"><span class="cl"><span class="c1"># 默认拒绝入站</span> </span></span><span class="line"><span class="cl">ufw default deny </span></span></code></pre></td></tr></table> </div> </div><h3 id="62-查看规则">6.2 查看规则 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ufw status numbered </span></span></code></pre></td></tr></table> </div> </div><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-text" data-lang="text"><span class="line"><span class="cl">Status: active </span></span><span class="line"><span class="cl"> To Action From </span></span><span class="line"><span class="cl"> -- ------ ---- </span></span><span class="line"><span class="cl">[ 1] 22/tcp ALLOW IN Anywhere </span></span><span class="line"><span class="cl">[ 2] 80/tcp ALLOW IN Anywhere </span></span><span class="line"><span class="cl">[ 3] 443/tcp ALLOW IN Anywhere </span></span></code></pre></td></tr></table> </div> </div><h3 id="63-添加规则">6.3 添加规则 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 允许指定端口</span> </span></span><span class="line"><span class="cl">ufw allow <span class="m">22</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 允许指定服务</span> </span></span><span class="line"><span class="cl">ufw allow ssh </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 允许指定 IP</span> </span></span><span class="line"><span class="cl">ufw allow from 192.168.1.0/24 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 允许指定 IP + 端口</span> </span></span><span class="line"><span class="cl">ufw allow from 192.168.1.100 to any port <span class="m">3306</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="64-删除规则">6.4 删除规则 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 按编号删除</span> </span></span><span class="line"><span class="cl">ufw delete <span class="m">3</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 按规则删除</span> </span></span><span class="line"><span class="cl">ufw delete allow <span class="m">3690</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="65-禁用">6.5 禁用 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ufw disable </span></span></code></pre></td></tr></table> </div> </div><h2 id="七磁盘挂载到已有目录">七、磁盘挂载到已有目录 </h2><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 1. 查磁盘</span> </span></span><span class="line"><span class="cl">fdisk -l </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 2. 假设要把 /dev/sdb1 挂到 /home</span> </span></span><span class="line"><span class="cl"><span class="c1"># 如果 /home 已有内容，先备份</span> </span></span><span class="line"><span class="cl">cp -r /home /home.bak </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 3. 卸载（如果已挂）</span> </span></span><span class="line"><span class="cl">umount /home </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 4. 创建文件系统</span> </span></span><span class="line"><span class="cl">mkfs.ext4 /dev/sdb1 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 5. 挂载</span> </span></span><span class="line"><span class="cl">mount /dev/sdb1 /home </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 6. 还原内容</span> </span></span><span class="line"><span class="cl">cp -r /home.bak/* /home/ </span></span><span class="line"><span class="cl">chown -R &lt;原用户&gt;:&lt;原组&gt; /home/&lt;原用户&gt; </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 7. 写 fstab 永久挂载</span> </span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="s2">&#34;UUID=</span><span class="k">$(</span>blkid -s UUID -o value /dev/sdb1<span class="k">)</span><span class="s2"> /home ext4 defaults 0 2&#34;</span> &gt;&gt; /etc/fstab </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 8. 测试</span> </span></span><span class="line"><span class="cl">mount -a </span></span></code></pre></td></tr></table> </div> </div><h2 id="八ubuntu-2404-noble-numbat-装机全流程">八、Ubuntu 24.04 (Noble Numbat) 装机全流程 </h2><h3 id="81-raid10--lvm-分区方案">8.1 RAID10 + LVM 分区方案 </h3><p>服务器场景：4 块 40G 盘做 RAID10 + LVM</p> <table> <thead> <tr> <th>用途</th> <th>大小</th> <th>类型</th> </tr> </thead> <tbody> <tr> <td><code>/boot</code></td> <td>1G</td> <td>ext4</td> </tr> <tr> <td><code>/</code></td> <td>30G</td> <td>ext4</td> </tr> <tr> <td><code>/home</code></td> <td>48.9G</td> <td>ext4</td> </tr> </tbody> </table> <blockquote> <p><strong>可用空间计算</strong>：4 块 40G RAID10 可用 80G，分配：1G boot + 30G / + 48.9G /home ≈ 80G（留少量未分配）。</p> </blockquote> <h3 id="82-装机步骤">8.2 装机步骤 </h3><ol> <li><strong>启动安装器</strong>（VMware 中引导）</li> <li><strong>选择语言</strong>：English</li> <li><strong>选择键盘</strong>：English (US)</li> <li><strong>选择类型</strong>：Ubuntu Server (minimized)</li> <li><strong>配置网络</strong>： <ul> <li>选 eno1</li> <li>选 Edit IPv4</li> <li>选 Manual</li> <li>Subnet: <code>192.168.132.0/24</code></li> <li>Address: <code>192.168.132.139</code></li> <li>Gateway: <code>192.168.132.2</code></li> <li>Name servers: <code>192.168.132.2</code></li> <li>Search domains: <code>114.114.114.114</code></li> </ul> </li> <li><strong>配置代理</strong>：留空</li> <li><strong>配置源</strong>： <ul> <li>替换 <code>http://cn.archive.ubuntu.com/ubuntu/</code> 为 <code>https://mirrors.tuna.tsinghua.edu.cn/ubuntu/</code></li> </ul> </li> <li><strong>自定义分区</strong>： <ul> <li>选第一块盘 /dev/sda</li> <li>Use As Boot Device</li> <li>/dev/sda 留 unformatted</li> <li>/dev/sdb、sdc、sdd 同样 unformatted</li> </ul> </li> <li><strong>创建 RAID10</strong>：4 块盘全部加入</li> <li><strong>创建 LVM</strong>： <ul> <li>在 RAID10 上建 VG（vg0）</li> <li>建 LV：lv-0（1G 给 /boot）、lv-1（30G 给 /）、lv-2（48.9G 给 /home）</li> </ul> </li> <li><strong>格式化</strong>： <ul> <li>lv-0 → ext4 → /boot</li> <li>lv-1 → ext4 → /</li> <li>lv-2 → ext4 → /home</li> </ul> </li> <li><strong>配置用户</strong>：username/password</li> <li><strong>是否升级到 pro</strong>：选 Skip</li> <li><strong>安装 OpenSSH Server</strong>：勾选</li> <li><strong>可选软件</strong>：留空</li> <li><strong>开始安装</strong></li> <li><strong>重启</strong></li> </ol> <h3 id="83-装机后基本配置">8.3 装机后基本配置 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span><span class="lnt">26 </span><span class="lnt">27 </span><span class="lnt">28 </span><span class="lnt">29 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 1. 登录</span> </span></span><span class="line"><span class="cl"><span class="c1"># 用创建的用户登录</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 2. 启用 root</span> </span></span><span class="line"><span class="cl">sudo passwd root </span></span><span class="line"><span class="cl"><span class="c1"># 输入当前用户密码</span> </span></span><span class="line"><span class="cl"><span class="c1"># 输入新 root 密码</span> </span></span><span class="line"><span class="cl"><span class="c1"># 确认 root 密码</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 3. 切换到 root</span> </span></span><span class="line"><span class="cl">su </span></span><span class="line"><span class="cl"><span class="c1"># 输入 root 密码</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 4. 启动 root 远程 SSH</span> </span></span><span class="line"><span class="cl">sed -i <span class="s1">&#39;s/^#PermitRootLogin.*/PermitRootLogin yes/&#39;</span> /etc/ssh/sshd_config </span></span><span class="line"><span class="cl">systemctl restart ssh </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 5. 测试远程登录</span> </span></span><span class="line"><span class="cl"><span class="c1"># 用 ssh root@&lt;host&gt; 验证</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 6. 上传公钥开私钥登录</span> </span></span><span class="line"><span class="cl">curl https://&lt;your-internal-file-server&gt;/id_rsa.pub -o /root/id_rsa.pub --create-dirs </span></span><span class="line"><span class="cl">mkdir -p /root/.ssh <span class="o">&amp;&amp;</span> touch /root/.ssh/authorized_keys </span></span><span class="line"><span class="cl">cat /root/id_rsa.pub &gt;&gt; /root/.ssh/authorized_keys </span></span><span class="line"><span class="cl">rm -f /root/id_rsa.pub </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 7. 禁用密码登录</span> </span></span><span class="line"><span class="cl">sed -i <span class="s1">&#39;s/^#PasswordAuthentication.*/PasswordAuthentication no/&#39;</span> /etc/ssh/sshd_config </span></span><span class="line"><span class="cl">systemctl restart ssh </span></span></code></pre></td></tr></table> </div> </div><h3 id="84-装机后查磁盘">8.4 装机后查磁盘 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">lsblk </span></span><span class="line"><span class="cl"><span class="c1"># NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS</span> </span></span><span class="line"><span class="cl"><span class="c1"># sda 8:0 0 40G 0 disk</span> </span></span><span class="line"><span class="cl"><span class="c1"># ├─sda1 8:1 0 1M 0 part</span> </span></span><span class="line"><span class="cl"><span class="c1"># └─sda2 8:2 0 40G 0 part</span> </span></span><span class="line"><span class="cl"><span class="c1"># └─md0 9:0 0 79.9G 0 raid10</span> </span></span><span class="line"><span class="cl"><span class="c1"># ├─vg0-lv--0 252:0 0 1G 0 lvm /boot</span> </span></span><span class="line"><span class="cl"><span class="c1"># ├─vg0-lv--1 252:1 0 30G 0 lvm /</span> </span></span><span class="line"><span class="cl"><span class="c1"># └─vg0-lv--2 252:2 0 48.9G 0 lvm /home</span> </span></span><span class="line"><span class="cl"><span class="c1"># sdb 8:16 0 40G 0 disk</span> </span></span><span class="line"><span class="cl"><span class="c1"># └─sdb1 8:17 0 40G 0 part</span> </span></span><span class="line"><span class="cl"><span class="c1"># └─md0 9:0 0 79.9G 0 raid10</span> </span></span><span class="line"><span class="cl"><span class="c1"># ...</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="85-fstab-验证">8.5 fstab 验证 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat /etc/fstab </span></span><span class="line"><span class="cl"><span class="c1"># /etc/fstab: static file system information.</span> </span></span><span class="line"><span class="cl"><span class="c1">#</span> </span></span><span class="line"><span class="cl"><span class="c1"># &lt;file system&gt; &lt;mount point&gt; &lt;type&gt; &lt;options&gt; &lt;dump&gt; &lt;pass&gt;</span> </span></span><span class="line"><span class="cl"><span class="c1"># / was on /dev/vg0/lv-1 during curtin installation</span> </span></span><span class="line"><span class="cl">/dev/disk/by-id/dm-uuid-LVM-... / ext4 defaults <span class="m">0</span> <span class="m">1</span> </span></span></code></pre></td></tr></table> </div> </div> <blockquote> <p><strong>关于 <code>/dev/disk/by-id/dm-uuid-LVM-...</code></strong>：24.04 用 <code>/dev/disk/by-id/</code> 路径而不是传统的 <code>/dev/vg0/lv-1</code>，这是 curiin 安装器做的&quot;稳定路径&quot;映射，避免 LV 顺序变化时挂错。</p> </blockquote> <h2 id="九linux-mint-212-victoria-美化">九、Linux Mint 21.2 &ldquo;Victoria&rdquo; 美化 </h2><p>Linux Mint 21.2 &ldquo;Victoria&rdquo;（2022 年发布）底层仍是 <strong>Ubuntu 22.04 LTS</strong>，内核采用 <strong>Linux 5.15</strong>。</p> <h3 id="91-安装">9.1 安装 </h3><ol> <li>选择兼容性安装</li> <li>进入桌面点击安装</li> <li>选择中文简体</li> <li>安装解码器</li> <li>键盘布局默认 Chinese</li> <li>分区自动</li> <li>等待安装</li> <li>重启完成</li> </ol> <h3 id="92-windows-11-迁移验证">9.2 Windows 11 迁移验证 </h3><p>常用软件列表：Chrome、VSCode、Office、Notion、QQ、微信等。</p> <h3 id="93-美化">9.3 美化 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 1. 安装 plank（仿 macOS 的 dock）</span> </span></span><span class="line"><span class="cl">sudo apt install -y plank </span></span><span class="line"><span class="cl"><span class="c1"># 开机自启动</span> </span></span><span class="line"><span class="cl">sudo ln -s /usr/share/applications/plank.desktop /etc/xdg/autostart/ </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 2. 添加 dock 图标</span> </span></span><span class="line"><span class="cl">vim ~/.config/plank/dock1/launchers/firefox.dockitem </span></span><span class="line"><span class="cl"><span class="c1"># [PlankDockItemPreferences]</span> </span></span><span class="line"><span class="cl"><span class="c1"># Launcher=file:///usr/share/applications/firefox.desktop</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 3. 装 Numix 主题（圆角图标）</span> </span></span><span class="line"><span class="cl">sudo add-apt-repository ppa:numix/ppa </span></span><span class="line"><span class="cl">sudo apt update </span></span><span class="line"><span class="cl">sudo apt install numix-icon-theme-circle </span></span></code></pre></td></tr></table> </div> </div><h2 id="十ubuntu-装机常见问题">十、Ubuntu 装机常见问题 </h2><h3 id="101-apt-get-update-报-gpg-错">10.1 apt-get update 报 GPG 错 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">W: GPG error: ... NO_PUBKEY 648ACFD622F3D138 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 解决：换 HTTPS 源</span> </span></span><span class="line"><span class="cl">apt install apt-transport-https ca-certificates </span></span></code></pre></td></tr></table> </div> </div><h3 id="102-中文乱码--locale-设置">10.2 中文乱码 / locale 设置 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 生成 zh_CN.UTF-8</span> </span></span><span class="line"><span class="cl">locale-gen zh_CN.UTF-8 </span></span><span class="line"><span class="cl">update-locale <span class="nv">LANG</span><span class="o">=</span>zh_CN.UTF-8 </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 立即生效</span> </span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">LANG</span><span class="o">=</span>zh_CN.UTF-8 </span></span></code></pre></td></tr></table> </div> </div><h3 id="103-安装-ssh-后-root-登录被拒">10.3 安装 SSH 后 root 登录被拒 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 检查 sshd_config</span> </span></span><span class="line"><span class="cl">grep -i <span class="s2">&#34;PermitRootLogin\|PasswordAuthentication&#34;</span> /etc/ssh/sshd_config </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># 启用 root</span> </span></span><span class="line"><span class="cl">sed -i <span class="s1">&#39;s/^#PermitRootLogin.*/PermitRootLogin yes/&#39;</span> /etc/ssh/sshd_config </span></span><span class="line"><span class="cl">systemctl restart ssh </span></span></code></pre></td></tr></table> </div> </div><h2 id="十一前置知识--下一步">十一、前置知识 / 下一步 </h2><ul> <li>想看 Debian 9/10/11 装机 → 翻本系列《Debian 家族发行版全指南》</li> <li>想看 LVM 详细操作 → 翻本系列《Linux 磁盘与 LVM 深度实践》</li> <li>想看 netplan 高级配置（VLAN、bridge、bond）→ 翻独立文章</li> <li>想看 ufw 高级配置（rate limit、IPv6）→ 翻独立文章</li> <li>想看 Deepin 桌面 + Wine → 翻本系列《Deepin 与 Kali 发行版实战》</li> </ul> <h2 id="十二参考资源">十二、参考资源 </h2><ul> <li>Ubuntu Server Guide：<a class="link" href="https://ubuntu.com/server/docs" target="_blank" rel="noopener" >https://ubuntu.com/server/docs</a></li> <li>Ubuntu 24.04 Release Notes：<a class="link" href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/" target="_blank" rel="noopener" >https://discourse.ubuntu.com/t/noble-numbat-release-notes/</a></li> <li>netplan 官方：<a class="link" href="https://netplan.io/" target="_blank" rel="noopener" >https://netplan.io/</a></li> <li>UFW 官方 wiki：<a class="link" href="https://wiki.ubuntu.com/UncomplicatedFirewall" target="_blank" rel="noopener" >https://wiki.ubuntu.com/UncomplicatedFirewall</a></li> <li>Linux Mint 官方：<a class="link" href="https://linuxmint.com/" target="_blank" rel="noopener" >https://linuxmint.com/</a></li> <li>Rufus 官方：<a class="link" href="https://rufus.ie/zh/" target="_blank" rel="noopener" >https://rufus.ie/zh/</a></li> <li>清华源 Ubuntu：<a class="link" href="https://mirrors.tuna.tsinghua.edu.cn/ubuntu/" target="_blank" rel="noopener" >https://mirrors.tuna.tsinghua.edu.cn/ubuntu/</a></li> <li>中科大源 Ubuntu：<a class="link" href="https://mirrors.ustc.edu.cn/ubuntu/" target="_blank" rel="noopener" >https://mirrors.ustc.edu.cn/ubuntu/</a></li> </ul> <hr> <h2 id="2024-视角写于-2024-11半年后-ubuntu-24042-lts-已成实战稳定版">2024+ 视角：写于 2024-11，半年后 Ubuntu 24.04.2 LTS 已成&quot;实战稳定版&quot; </h2><p>本文写于 <strong>2024-11-15</strong>——半年后（2025 年中）Ubuntu 24.04 已发布 <strong>24.04.2</strong>（2025-02）LTS 更新。</p> <h3 id="一ubuntu-2404-lts-半年回顾2024-11--2025-05">一、Ubuntu 24.04 LTS 半年回顾（2024-11 → 2025-05） </h3><ul> <li><strong>Ubuntu 24.04.1 LTS</strong>（2024-08）：首个点版本，<strong>大量 bug 修复</strong>。</li> <li><strong>Ubuntu 24.04.2 LTS</strong>（2025-02）：第二个点版本，<strong>硬件 enablement kernel</strong>（5.15 → 6.8 HWE）。</li> <li><strong>Ubuntu 24.10</strong>（2024-10 发布，<strong>非 LTS</strong>）：半年版，体验 Gnome 47。</li> <li><strong>Ubuntu 25.04</strong>（2025-04 发布，<strong>非 LTS</strong>）：半年版。</li> <li><strong>LTS 长期支持</strong>： <ul> <li>标准支持：<strong>到 2029-04</strong>（5 年）</li> <li><strong>Ubuntu Pro / ESM</strong>：<strong>到 2034-04</strong>（10 年）</li> </ul> </li> </ul> <h3 id="二ubuntu-2404-lts-装机后的坑">二、Ubuntu 24.04 LTS 装机后的&quot;坑&quot; </h3><p>2024-11 装机半年后，<strong>最常见的&quot;踩坑&quot;</strong>：</p> <ul> <li><strong>netplan + NetworkManager 双管理器冲突</strong>——必须<strong>只用一个</strong>。</li> <li><strong>IPv6 PD 默认开启</strong>但<strong>默认防火墙没放行</strong>——<strong>手动配置</strong>： <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ufw allow in proto ipv6 </span></span></code></pre></td></tr></table> </div> </div></li> <li><strong>snap store 服务</strong>（<code>snapd</code>）开机很慢——可以禁掉： <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">systemctl disable --now snapd.service snapd.socket snapd.seeded.service </span></span><span class="line"><span class="cl">apt purge snapd </span></span></code></pre></td></tr></table> </div> </div></li> <li><strong>systemd-resolved 与 resolvconf 冲突</strong>——<code>apt purge resolvconf</code>。</li> </ul> <h3 id="三ubuntu-2404--ai-生态">三、Ubuntu 24.04 + AI 生态 </h3><ul> <li><strong>Ubuntu 24.04 起</strong> 官方支持 <strong>NVIDIA AI Workbench</strong>。</li> <li><strong>Snap 商店</strong> 集成 LLM 工具（Ollama / LM Studio）。</li> <li><strong>Python 3.12</strong> + <strong>CUDA 12.x</strong> + <strong>PyTorch 2.4</strong> 是 2024 AI 训练首选环境。</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 2024 AI 开发环境</span> </span></span><span class="line"><span class="cl">sudo apt install -y python3.12 python3.12-venv </span></span><span class="line"><span class="cl">curl -fsSL https://ollama.com/install.sh <span class="p">|</span> sh </span></span><span class="line"><span class="cl">ollama pull llama3.1:8b </span></span><span class="line"><span class="cl"><span class="c1"># 本地 LLM 跑通</span> </span></span><span class="line"><span class="cl">ollama run llama3.1:8b </span></span></code></pre></td></tr></table> </div> </div><h3 id="四linux-mint-22-wilma-2024-发布">四、Linux Mint 22 (Wilma) 2024 发布 </h3><ul> <li><strong>Linux Mint 22 &ldquo;Wilma&rdquo;</strong>（2024-08 发布）：基于 <strong>Ubuntu 24.04 LTS</strong>。</li> <li><strong>Cinnamon 6.2</strong> 桌面（Linux Mint 招牌）。</li> <li><strong>Linux Mint Edge</strong>（基于 Debian 13 testing，<strong>滚动版</strong>）。</li> </ul> <h3 id="五ubuntu-pro-2024-变化">五、Ubuntu Pro 2024 变化 </h3><ul> <li><strong>Ubuntu Pro</strong>（2023 起<strong>个人免费</strong> 5 台机器）： <ul> <li><strong>10 年安全更新</strong>（LTS 5 年 + ESM 5 年）</li> <li><strong>CIS hardening</strong>、<strong>FIPS 140-2</strong>、<strong>Livepatch</strong></li> <li>覆盖 apt 仓库<strong>额外 5 年</strong>（23,000+ 包）</li> </ul> </li> <li><strong>个人 Pro</strong>：免费 5 台机器（2023-09 起）。</li> <li><strong>企业 Pro</strong>：付费，含 Landscape、Ansible、Support。</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 启用 Ubuntu Pro</span> </span></span><span class="line"><span class="cl">sudo pro attach </span></span><span class="line"><span class="cl">sudo pro <span class="nb">enable</span> livepatch </span></span><span class="line"><span class="cl">sudo pro <span class="nb">enable</span> esm-apps esm-infra </span></span></code></pre></td></tr></table> </div> </div><h3 id="六netplan-0106-新特性2404">六、Netplan 0.106+ 新特性（24.04） </h3><ul> <li><strong>Netplan 0.106</strong>（2024 起）： <ul> <li><strong>Open vSwitch</strong> 支持</li> <li><strong>TC（traffic control）</strong> 配置</li> <li><strong>VRF</strong>（Virtual Routing and Forwarding）</li> </ul> </li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="c"># netplan VRF 配置</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="nt">network</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="m">2</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">vrfs</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">vrf-red</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">table</span><span class="p">:</span><span class="w"> </span><span class="m">1000</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">interfaces</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="l">eno1]</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ethernets</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">eno1</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">dhcp4</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="w"> </span></span></span></code></pre></td></tr></table> </div> </div><h3 id="七ufw-2024-增强">七、UFW 2024 增强 </h3><ul> <li><strong>UFW 0.36+</strong>（2024）：<strong><code>ufw app</code></strong> 命令管理应用配置。</li> <li><strong><code>ufw limit</code></strong> 限速（防爆破）：</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 限制 SSH 速率（防爆破）</span> </span></span><span class="line"><span class="cl">ufw limit 22/tcp comment <span class="s2">&#34;SSH 速率限制&#34;</span> </span></span><span class="line"><span class="cl"><span class="c1"># 默认每 30 秒 6 次连接</span> </span></span></code></pre></td></tr></table> </div> </div><ul> <li><strong><code>ufw route</code></strong> 路由规则（高级用法）：</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 允许从 10.0.0.0/8 到 192.168.1.100:3306</span> </span></span><span class="line"><span class="cl">ufw route allow from 10.0.0.0/8 to 192.168.1.100 port <span class="m">3306</span> proto tcp </span></span></code></pre></td></tr></table> </div> </div><h3 id="八ubuntu-server-2404-的云原生姿势">八、Ubuntu Server 24.04 的&quot;云原生&quot;姿势 </h3><ul> <li><strong>2024 起</strong> Ubuntu Server <strong>默认安装 multipass + LXD</strong>（K8s / 容器）。</li> <li><strong>LXD 5.21+</strong>（2024 LTS）：<strong>支持 GPU 直通</strong>（AI 训练 / 推理）。</li> <li><strong>Multipass 1.14+</strong>：<strong>云镜像本地跑</strong>（VM-based 容器）。</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># LXD 起 GPU 容器</span> </span></span><span class="line"><span class="cl">lxc launch ubuntu:24.04 ai-vm --vm -c limits.cpu<span class="o">=</span><span class="m">4</span> -c limits.memory<span class="o">=</span>8GiB --gpu </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># Multipass 起 K8s 集群</span> </span></span><span class="line"><span class="cl">multipass launch --name k8s-1 --cpus <span class="m">4</span> --memory 8G --disk 50G </span></span></code></pre></td></tr></table> </div> </div><h3 id="九apt-27-的-deb822-格式">九、apt 2.7+ 的 DEB822 格式 </h3><ul> <li><strong>apt 2.7+</strong>（Ubuntu 24.04）：<strong>支持 DEB822 格式</strong>（<code>.sources</code> 文件）—— 比传统 <code>.list</code> 更结构化。</li> </ul> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span><span class="lnt">6 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># /etc/apt/sources.list.d/ubuntu.sources</span> </span></span><span class="line"><span class="cl">Types: deb </span></span><span class="line"><span class="cl">URIs: https://mirrors.tuna.tsinghua.edu.cn/ubuntu </span></span><span class="line"><span class="cl">Suites: noble noble-updates noble-security </span></span><span class="line"><span class="cl">Components: main restricted universe multiverse </span></span><span class="line"><span class="cl">Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg </span></span></code></pre></td></tr></table> </div> </div><ul> <li><strong>优势</strong>：<strong>支持多个签名 key</strong>、<strong>更清晰的注释</strong>、<strong>snap 集成更顺</strong>。</li> </ul> <h3 id="十ubuntu-2404-与-snap-的恩怨">十、Ubuntu 24.04 与 snap 的&quot;恩怨&quot; </h3><ul> <li><strong>2024 视角</strong>：snap 在 Ubuntu Server 24.04 仍是<strong>默认</strong>——<code>snap install</code> 装 chromium、code、spotify。</li> <li><strong>争议</strong>： <ul> <li>snap 应用启动慢（10+ 秒）</li> <li>snap 占用磁盘大（多版本共存）</li> <li>不能完全卸载 snap（<code>apt purge snapd</code> 后部分应用受影响）</li> </ul> </li> <li><strong>替代</strong>： <ul> <li>用 <strong><code>apt</code></strong> 装（chromium <code>chromium-browser</code>）</li> <li>用 <strong>Flatpak</strong>（跨发行版）</li> <li>用 <strong>AppImage</strong>（单文件可执行）</li> </ul> </li> </ul> <h3 id="十一ubuntu-2404-lts-装机经验教训半年汇总">十一、Ubuntu 24.04 LTS 装机&quot;经验教训&quot;半年汇总 </h3><ul> <li> <p><strong>装好后必做</strong>：</p> <ol> <li><strong><code>apt update &amp;&amp; apt upgrade -y</code></strong>（首次 24.04.0 → 24.04.2）</li> <li><strong>配时区 / NTP</strong>：<code>timedatectl set-timezone Asia/Shanghai</code></li> <li><strong>禁用 snap</strong>（如果不想要）</li> <li><strong>配 sshd</strong>：禁止 root 密码登录、强制 ed25519</li> <li><strong>配 ufw</strong>：放行 22 + 必要端口</li> <li><strong>装 fail2ban</strong>：防 SSH 爆破</li> </ol> </li> <li> <p><strong>2024 推荐装机方式</strong>：</p> <ul> <li><strong>云厂商</strong>：直接用云市场镜像（Ubuntu 24.04 LTS + 云厂商优化）</li> <li><strong>本地</strong>：Ventoy + Ubuntu 24.04 ISO + manual 分区（LVM on LUKS）</li> </ul> </li> </ul>https://liangweidonggood.github.io/p/vmware-yu-xu-ni-hua/Sat, 15 Aug 2015 00:00:00 +0800https://liangweidonggood.github.io/p/vmware-yu-xu-ni-hua/<img src="https://liangweidonggood.github.io/p/vmware-yu-xu-ni-hua/image/cover.jpg" alt="Featured image of post VMware 与虚拟化实战：Windows 下的多系统工作站" /><h2 id="一vmware-在-2015-的地位">一、VMware 在 2015 的地位 </h2><p>2015 年的桌面虚拟化市场，<strong>VMware Workstation 是不二之选</strong>——VirtualBox 还偏玩家、Hyper-V Server Core 体验不佳、Parallels Mac only。<strong>VMware 12（2015-08 发布）</strong> 带来 Windows 10 完整支持、DirectX 10 / OpenGL 3.3 加速。本文整理 VMware 全套实战。</p> <blockquote> <p><strong>阅读建议</strong>：本文面向<strong>开发者 + 渗透测试 + 多系统用户</strong>，重点在<strong>网络调优 + 多系统安装</strong>。</p> </blockquote> <h2 id="二vmware-版本选型">二、VMware 版本选型 </h2><table> <thead> <tr> <th>版本</th> <th>价格</th> <th>适合</th> </tr> </thead> <tbody> <tr> <td><strong>VMware Workstation Player</strong></td> <td>个人免费</td> <td>已有镜像 / 只用开</td> </tr> <tr> <td><strong>VMware Workstation Pro</strong></td> <td>商业付费</td> <td>完整功能（快照、克隆、Teams）</td> </tr> <tr> <td><strong>VMware Fusion</strong></td> <td>Mac 商业付费</td> <td>macOS</td> </tr> <tr> <td><strong>ESXi</strong></td> <td>企业授权</td> <td>服务器裸金属</td> </tr> </tbody> </table> <p><strong>2015 时代</strong>：</p> <ul> <li>Workstation 12 Pro：<strong>商业付费 $249</strong></li> <li>旧版 11/10：<strong>大量&quot;个人授权&quot;流传</strong>（<strong>不推荐</strong>）</li> <li>替代品：<strong>VirtualBox 5.x</strong>（<strong>免费开源</strong>）</li> </ul> <h2 id="三安装与初始配置">三、安装与初始配置 </h2><h3 id="31-安装">3.1 安装 </h3><p>官方 <code>https://www.vmware.com/products/workstation-pro.html</code>：</p> <ul> <li>双击安装包 → 接受许可</li> <li>勾选 <code>Enhanced Keyboard Driver</code>（<strong>Linux 虚拟机推荐</strong>）</li> <li>勾选 <code>Add VMware to system PATH</code></li> <li><strong>首次启动要许可证密钥</strong></li> </ul> <h3 id="32-关键配置">3.2 关键配置 </h3><p><code>Edit → Preferences</code>：</p> <table> <thead> <tr> <th>配置</th> <th>推荐</th> </tr> </thead> <tbody> <tr> <td><code>Memory</code> → <code>Fit all virtual machine memory into reserved host RAM</code></td> <td>勾选（<strong>预留内存</strong>）</td> </tr> <tr> <td><code>Priority</code> → <code>High</code></td> <td>抓取输入更跟手</td> </tr> <tr> <td><code>Display</code> → <code>Autofit</code></td> <td>客户机自动适应窗口</td> </tr> <tr> <td><code>Devices</code> → <code>Enable drag and drop</code></td> <td>双向拖放</td> </tr> </tbody> </table> <h3 id="33-17x-时代的演进">3.3 17.x 时代的演进 </h3><ul> <li>VMware 17（2022）：<strong>TPM 2.0 + Secure Boot</strong> 强制（<strong>Win 11 需要</strong>）</li> <li>16/15：<strong>Windows 11 装不上</strong>（缺 TPM）</li> <li>兼容 Win 11：<strong>Workstation 17+ 模拟 TPM</strong></li> </ul> <h2 id="四网络类型详解">四、网络类型详解 </h2><p>VMware Workstation 提供<strong>三种网络模式</strong>：</p> <h3 id="41-bridged桥接">4.1 Bridged（桥接） </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">虚拟机 = 物理网段的一台独立设备 </span></span><span class="line"><span class="cl">VM IP = 同网段独立 IP（DHCP / 静态） </span></span></code></pre></td></tr></table> </div> </div><p><strong>适用</strong>：</p> <ul> <li>服务器多网卡环境</li> <li>虚拟机需要对外提供服务（如 Web/SSH）</li> <li><strong>多台虚拟机互访</strong></li> </ul> <p><strong>配置</strong>：<code>虚拟机设置 → Network Adapter → Bridged</code>，选具体物理网卡。</p> <h3 id="42-nat地址转换">4.2 NAT（地址转换） </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">VM → VMnet8 (NAT) → 物理网卡 → 外网 </span></span><span class="line"><span class="cl">VM 默认从 VMware DHCP (10.0.0.0/24) 拿 IP </span></span></code></pre></td></tr></table> </div> </div><p><strong>适用</strong>：</p> <ul> <li><strong>默认选项</strong>（<strong>新手友好</strong>）</li> <li>虚拟机<strong>只需上网</strong>，不需要被外面访问</li> <li>笔记本在不同 Wi-Fi 间切换也能用</li> </ul> <p><strong>配置</strong>：<code>虚拟机设置 → Network Adapter → NAT</code>。</p> <h3 id="43-host-only仅主机">4.3 Host-only（仅主机） </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-fallback" data-lang="fallback"><span class="line"><span class="cl">VM = VMnet1 (Host-only) 隔离网段 </span></span><span class="line"><span class="cl">VM 只能跟 Host 通信，不能上外网 </span></span></code></pre></td></tr></table> </div> </div><p><strong>适用</strong>：</p> <ul> <li>内网测试（<strong>不污染真实网络</strong>）</li> <li>模拟 DMZ 区</li> <li>学习网络协议</li> </ul> <p><strong>配置</strong>：<code>虚拟机设置 → Network Adapter → Host-only</code>。</p> <h3 id="44-自定义网络">4.4 自定义网络 </h3><p><code>Edit → Virtual Network Editor</code>：</p> <ul> <li>添加 VMnet2 / VMnet3（<strong>可设任意网段</strong>）</li> <li>NAT 模式：可改网关 IP、DHCP 范围</li> <li><strong>生产中常用 VMnet2 做隔离实验</strong></li> </ul> <h3 id="45-三种模式速查">4.5 三种模式速查 </h3><table> <thead> <tr> <th>维度</th> <th>Bridged</th> <th>NAT</th> <th>Host-only</th> </tr> </thead> <tbody> <tr> <td>上外网</td> <td>✓</td> <td>✓</td> <td>✗</td> </tr> <tr> <td>主机访问</td> <td>✓</td> <td>✓</td> <td>✓</td> </tr> <tr> <td>局域网其他主机访问</td> <td>✓</td> <td>✗</td> <td>✗</td> </tr> <tr> <td>隔离性</td> <td>差</td> <td>中</td> <td>强</td> </tr> <tr> <td>性能</td> <td>优</td> <td>良</td> <td>良</td> </tr> </tbody> </table> <h2 id="五磁盘与-io-类型">五、磁盘与 IO 类型 </h2><h3 id="51-磁盘类型">5.1 磁盘类型 </h3><table> <thead> <tr> <th>模式</th> <th>特性</th> </tr> </thead> <tbody> <tr> <td><code>IDE</code></td> <td><strong>老旧模式</strong>，XP/2003 必需</td> </tr> <tr> <td><code>SCSI</code></td> <td>默认推荐</td> </tr> <tr> <td><code>SATA</code></td> <td>Win 7+ 客户机</td> </tr> <tr> <td><code>NVMe</code></td> <td>Win 10+ 客户机（<strong>性能最佳</strong>）</td> </tr> </tbody> </table> <p><strong>2015 推荐</strong>：Linux 客户机 <code>SCSI</code>，Win 10+ 客户机 <code>NVMe</code>。</p> <h3 id="52-磁盘分配">5.2 磁盘分配 </h3><ul> <li><strong><code>Allocate all disk space now</code></strong>：<strong>预分配</strong>（<strong>性能好但占空间</strong>）</li> <li><strong><code>Split virtual disk into 2GB files</code></strong>：<strong>分卷</strong>（<strong>移动硬盘友好</strong>）</li> <li><strong><code>Store virtual disk as a single file</code></strong>：<strong>单文件</strong>（<strong>性能好</strong>）</li> </ul> <p><strong>实战建议</strong>：</p> <ul> <li><strong>SSD 上</strong>：单文件 + 预分配（<strong>性能最佳</strong>）</li> <li><strong>机械硬盘</strong>：分卷 + 精简（<strong>空间灵活</strong>）</li> <li><strong>移动 U 盘</strong>：分卷（<strong>FAT32 文件系统最大 4GB 限制</strong>）</li> </ul> <h3 id="53-磁盘-io-性能调优">5.3 磁盘 IO 性能调优 </h3><p><code>虚拟机设置 → Hard Disk → Advanced</code>：</p> <ul> <li><strong><code>Independent</code> 模式</strong>： <ul> <li><code>Independent-Non-persistent</code>：每次重启丢失更改（<strong>测试场景</strong>）</li> <li><code>Independent-Persistent</code>：独立 IO（<strong>性能好</strong>）</li> </ul> </li> <li><strong><code>Disk mode</code> 磁盘模式</strong>： <ul> <li><code>Default</code>：跟随快照</li> <li><code>Independent-Normal</code>：<strong>避免快照影响 IO</strong></li> </ul> </li> </ul> <h3 id="54-io-控制器">5.4 IO 控制器 </h3><table> <thead> <tr> <th>控制器</th> <th>性能</th> <th>客户机</th> </tr> </thead> <tbody> <tr> <td><code>BusLogic</code></td> <td>差</td> <td>Win XP</td> </tr> <tr> <td><code>LSI Logic</code></td> <td>中</td> <td>通用</td> </tr> <tr> <td><code>LSI Logic SAS</code></td> <td>良</td> <td>Win 7+</td> </tr> <tr> <td><code>Paravirtualized SCSI (PVSCSI)</code></td> <td><strong>最佳</strong></td> <td>Linux 优化</td> </tr> <tr> <td><code>NVMe</code></td> <td>最佳</td> <td>Win 10+</td> </tr> </tbody> </table> <p><strong>Linux + 数据库场景</strong>推荐 <code>PVSCSI</code>。</p> <h2 id="六内存与-cpu-调优">六、内存与 CPU 调优 </h2><h3 id="61-内存分配原则">6.1 内存分配原则 </h3><ul> <li><strong>总内存 = 物理内存的 50%-80%</strong>（<strong>别榨干 Host</strong>）</li> <li><strong>预留 4 GB 给 Host OS</strong></li> <li><strong>Linux 客户机</strong>：<code>MemAvailable</code> 至少 1 GB 留给内核</li> <li><strong>Win 10 客户机</strong>：至少 4 GB</li> </ul> <h3 id="62-cpu-配置">6.2 CPU 配置 </h3><ul> <li><strong><code>Number of processors</code></strong> × <strong><code>Number of cores per processor</code></strong> = 总核数</li> <li><strong>超线程</strong>：VMware 12+ 自动支持</li> <li><strong>虚拟化引擎</strong>：<code>Edit → Preferences → Processors</code>： <ul> <li><strong><code>Virtualize Intel VT-x / AMD-V</code></strong>：<strong>勾选</strong>（<strong>必需</strong>）</li> <li><strong><code>Virtualize CPU performance counters</code></strong>：性能分析用</li> <li><strong><code>Accelerate 3D graphics</code></strong>：3D 加速（<strong>游戏 / CAD 必需</strong>）</li> </ul> </li> </ul> <h2 id="七快照与克隆">七、快照与克隆 </h2><h3 id="71-快照snapshot">7.1 快照（Snapshot） </h3><ul> <li><strong>拍摄快照</strong>：保存当前状态（<strong>含内存</strong>）</li> <li><strong>恢复到快照</strong>：一键回滚</li> <li><strong>快照链</strong>：每次拍摄都创建 delta 文件，<strong>避免长时间累积</strong></li> </ul> <p><strong>实战</strong>：装系统 → 拍快照&quot;干净系统&quot; → 装软件 → 拍快照&quot;配置完成&quot;。</p> <h3 id="72-克隆clone">7.2 克隆（Clone） </h3><ul> <li><strong><code>Current State</code></strong>：当前状态</li> <li><strong><code>Existing Snapshot</code></strong>：从指定快照克隆</li> <li><strong><code>Full Clone</code></strong>：<strong>完全独立</strong>（<strong>耗空间</strong>）</li> <li><strong><code>Linked Clone</code></strong>：<strong>依赖父磁盘</strong>（<strong>省空间</strong>）</li> </ul> <p><strong>实战</strong>：</p> <ul> <li><code>Full Clone</code>：测试多版本</li> <li><code>Linked Clone</code>：批量部署多台客户机</li> </ul> <h2 id="八hyper-v-与-vmware-共存">八、Hyper-V 与 VMware 共存 </h2><h3 id="81-核心冲突">8.1 核心冲突 </h3><p><strong>VMware 和 Hyper-V 都是 Hypervisor</strong>——<strong>同一台机器只能启用一个</strong>（除非用 WSL 2 / Credential Guard）。</p> <h3 id="82-解决方案">8.2 解决方案 </h3><p><strong>方案 1：关闭 Hyper-V</strong></p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-powershell" data-lang="powershell"><span class="line"><span class="cl"><span class="c"># 管理员 PowerShell</span> </span></span><span class="line"><span class="cl"><span class="n">bcdedit</span> <span class="p">/</span><span class="nb">set </span><span class="n">hypervisorlaunchtype</span> <span class="n">off</span> </span></span><span class="line"><span class="cl"><span class="c"># 重启</span> </span></span></code></pre></td></tr></table> </div> </div><p><strong>方案 2：用 WSL 2 替代 Hyper-V</strong></p> <p>Windows 11 默认开启 WSL 2，<strong>基于 Hyper-V 架构</strong>。<strong>VMware 17+ 支持 Hyper-V 模式</strong>（<strong>&ldquo;VMware Workstation uses Windows Hypervisor Platform&rdquo;</strong>）：</p> <p><code>Edit → Preferences → Compatibility</code> → 勾选 <code>Use Windows Hypervisor Platform</code>。</p> <h3 id="83-三个-hypervisor-的对比">8.3 三个 Hypervisor 的对比 </h3><table> <thead> <tr> <th>工具</th> <th>类型</th> <th>适合</th> </tr> </thead> <tbody> <tr> <td><strong>VMware</strong></td> <td>Type 2</td> <td>全功能商业</td> </tr> <tr> <td><strong>VirtualBox</strong></td> <td>Type 2</td> <td>免费开源</td> </tr> <tr> <td><strong>Hyper-V</strong></td> <td>Type 1</td> <td>Windows 原生</td> </tr> <tr> <td><strong>KVM</strong></td> <td>Type 1</td> <td>Linux 原生</td> </tr> <tr> <td><strong>WSL 2</strong></td> <td>Type 1</td> <td>Windows 上的 Linux 容器</td> </tr> </tbody> </table> <h2 id="九kali-linux-实战">九、Kali Linux 实战 </h2><h3 id="91-安装">9.1 安装 </h3><ol> <li>镜像：<code>https://www.kali.org/get-kali/</code></li> <li><code>虚拟机 → 新建 → 典型</code>： <ul> <li><strong>客户机操作系统</strong>：Linux / Debian 10.x 64-bit</li> <li><strong>磁盘</strong>：50 GB（<strong>Kali 装工具后 30GB 起</strong>）</li> </ul> </li> <li>启动 → 图形安装</li> </ol> <h3 id="92-网络配置">9.2 网络配置 </h3><p><strong>关键点</strong>：</p> <ul> <li>NAT 模式（<strong>默认</strong>）：自动获取 IP</li> <li><strong>SSH 服务默认关闭</strong>：要先 <code>systemctl start ssh</code></li> <li><strong>root 密码默认空</strong>：<code>sudo passwd root</code> 改</li> </ul> <h3 id="93-工具集">9.3 工具集 </h3><p>Kali 内置 600+ 渗透测试工具：</p> <table> <thead> <tr> <th>类别</th> <th>工具</th> </tr> </thead> <tbody> <tr> <td>信息收集</td> <td>nmap, maltego, recon-ng</td> </tr> <tr> <td>漏洞扫描</td> <td>OpenVAS, Nikto</td> </tr> <tr> <td>无线</td> <td>aircrack-ng, wifite</td> </tr> <tr> <td>密码</td> <td>hashcat, john</td> </tr> <tr> <td>Web</td> <td>Burp Suite, sqlmap, OWASP ZAP</td> </tr> <tr> <td>逆向</td> <td>gdb, radare2</td> </tr> </tbody> </table> <h2 id="十ubuntu-2204-实战">十、Ubuntu 22.04 实战 </h2><h3 id="101-安装">10.1 安装 </h3><ol> <li>镜像：<code>https://releases.ubuntu.com/22.04/</code></li> <li>典型安装： <ul> <li><strong>客户机操作系统</strong>：Linux / Ubuntu 64-bit</li> <li><strong>磁盘</strong>：30 GB</li> <li><strong>内存</strong>：4 GB 起</li> </ul> </li> <li>启动 → 选择 <code>Try or Install Ubuntu</code></li> </ol> <h3 id="102-open-vm-tools">10.2 open-vm-tools </h3><p><strong>VMware 推荐</strong>用 <code>open-vm-tools</code>（<strong>开源</strong>）而非 <code>vmware-tools</code>（<strong>闭源</strong>）：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">sudo apt update </span></span><span class="line"><span class="cl">sudo apt install -y open-vm-tools open-vm-tools-desktop </span></span><span class="line"><span class="cl">sudo reboot </span></span></code></pre></td></tr></table> </div> </div><h3 id="103-共享文件夹">10.3 共享文件夹 </h3><p><code>虚拟机设置 → Options → Shared Folders</code>：</p> <ul> <li><code>Always Enabled</code>：<strong>总是启用</strong></li> <li><code>Map as a network drive in Windows guests</code>：<strong>自动挂载</strong></li> <li>添加：<code>D:\share</code> → <code>/mnt/hgfs/share</code></li> </ul> <p><strong>手动挂载</strong>：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">sudo vmhgfs-fuse .host:/ /mnt/hgfs -o allow_other </span></span></code></pre></td></tr></table> </div> </div><h3 id="104-共享剪贴板">10.4 共享剪贴板 </h3><p><code>虚拟机设置 → Options → Guest Isolation</code>：</p> <ul> <li>☑ <code>Enable copy and paste</code></li> <li>☑ <code>Enable drag and drop</code></li> </ul> <h2 id="十一android-x86-实战">十一、Android-x86 实战 </h2><h3 id="111-镜像">11.1 镜像 </h3><p><code>https://www.android-x86.org/download</code>。<strong>版本</strong>：</p> <ul> <li>9.0 r2（<strong>稳定</strong>）</li> <li>11.0 r2</li> <li>13.0 r2</li> </ul> <h3 id="112-客户机配置">11.2 客户机配置 </h3><ul> <li><strong>操作系统</strong>：Linux 2.6.x kernel</li> <li><strong>内存</strong>：2 GB</li> <li><strong>磁盘</strong>：20 GB</li> <li><strong>网络</strong>：NAT</li> </ul> <h3 id="113-安装">11.3 安装 </h3><ol> <li>启动镜像 → <code>Installation - Install Android-x86 to harddisk</code></li> <li><code>Create/Modify partitions</code> → <code>New</code> → <code>Primary</code> → <code>Bootable</code> → <code>Write</code> → <code>Quit</code></li> <li>选择 <code>sda1</code> → <code>ext4</code></li> <li><code>Install GRUB</code> + <code>Install EFI GRUB</code>（<strong>引导</strong>）</li> <li>安装 → 启动</li> </ol> <h3 id="114-启动后配置">11.4 启动后配置 </h3><ul> <li><strong>Wi-Fi</strong> 跳过（<strong>虚拟机没 Wi-Fi</strong>）</li> <li><strong>语言</strong> 选 <code>简体中文</code></li> <li><strong>App 安装</strong>：装应用宝 / 酷安</li> </ul> <h3 id="115-快捷键">11.5 快捷键 </h3><table> <thead> <tr> <th>快捷键</th> <th>作用</th> </tr> </thead> <tbody> <tr> <td><code>Ctrl + I</code></td> <td>侧边栏</td> </tr> <tr> <td><code>Ctrl + Esc</code></td> <td>后台应用</td> </tr> <tr> <td><code>Ctrl + H</code></td> <td>主屏幕</td> </tr> <tr> <td><code>Ctrl + Q</code></td> <td>退出</td> </tr> <tr> <td><code>F2</code></td> <td>截图</td> </tr> </tbody> </table> <h2 id="十二openwrt-软路由x86-架构">十二、OpenWrt 软路由（x86 架构） </h2><h3 id="121-定位">12.1 定位 </h3><p><strong>OpenWrt x86 通用版</strong> 装到 VMware，做软路由：</p> <ul> <li>网络拓扑：物理网卡 → OpenWrt 虚机 → 内部 VMnet</li> <li>用 iKuaiOS、ROS 也行</li> </ul> <h3 id="122-优势">12.2 优势 </h3><ul> <li><strong>多 WAN 接入</strong></li> <li><strong>广告过滤（AdGuardHome）</strong></li> <li><strong>科学上网</strong></li> <li><strong>DNS 分流</strong></li> </ul> <h2 id="十三常见问题">十三、常见问题 </h2><h3 id="131-虚拟机启动黑屏">13.1 虚拟机启动黑屏 </h3><p><code>Edit → Virtual Network Editor → Restore Defaults</code></p> <h3 id="132-客户机时间漂移">13.2 客户机时间漂移 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 主机时间同步客户机</span> </span></span><span class="line"><span class="cl">vmware-toolbox-cmd timesync <span class="nb">enable</span> </span></span></code></pre></td></tr></table> </div> </div><h3 id="133-客户机分辨率固定-1024768">13.3 客户机分辨率固定 1024×768 </h3><div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># 装好 open-vm-tools 后</span> </span></span><span class="line"><span class="cl">sudo systemctl restart vmtoolsd </span></span></code></pre></td></tr></table> </div> </div><h3 id="134-客户机不能上外网">13.4 客户机不能上外网 </h3><ul> <li>NAT 模式：检查 VMware NAT Service 是否启动</li> <li>桥接模式：检查宿主网卡是否禁用 / 被防火墙拦</li> <li>客户机 DNS：<code>/etc/resolv.conf</code> 配 <code>nameserver 8.8.8.8</code></li> </ul> <h3 id="135-桥接模式下虚拟机拿不到-ip">13.5 桥接模式下虚拟机拿不到 IP </h3><p>物理网卡禁用 / 驱动异常 / Wi-Fi 桥接失败（<strong>Wi-Fi 默认不能桥接</strong>）。<strong>改 NAT 模式</strong>或换有线网卡。</p> <h3 id="136-客户机占用-100-cpu">13.6 客户机占用 100% CPU </h3><ul> <li>关闭 3D 加速</li> <li>关闭 Hyper-V（<strong>如果开了 WSL 2</strong>）</li> <li>升级 VMware 到最新版</li> </ul> <h2 id="十四下一步">十四、下一步 </h2><ul> <li>想看 Linux 调优：<strong>[2014-09-15 Linux 通用命令速查]</strong></li> <li>想看 Docker 虚拟化：<strong>[2022-08-15 Docker 安装与基础]</strong></li> <li>想看 K8s 集群：<strong>k8s 章节</strong></li> </ul> <blockquote> <p><strong>本文写于 2015 年，回看当时</strong>：VMware 12 Pro 还在卖 $249，<strong>2022 年 VMware 17 个人免费</strong>（<strong>从商业转身&quot;开发者友好&quot;</strong>）；Hyper-V 一直被吐槽体验差，<strong>直到 WSL 2 才扳回一城</strong>；VirtualBox 至今仍是 Oracle 旗下最被低估的产品——<strong>桌面虚拟化 10 年格局基本没变，但价格战打完了</strong>。</p> </blockquote>