一.概念
限制磁盘资源的使用,磁盘配额是系统对用户能使用磁盘资源的控制(或者说限制).在Linux中,磁盘配额可以对用户的空间使用情况,文件数量(实际上是inode的数量,文件数量是限制inode的结果)进行限制。如果超出此范围则用户能在往磁盘里写入数据。
二.配置模拟
针对成员、群组进行限制
限制wakamizu用户可用磁盘为2G,超过1G时告警;
wakamizu组可用磁盘为5G,超过2G时告警1.确定为xfs文件系统且为独立分区
1.确定为xfs文件系统且为独立分区
[[email protected] ~]# df -hT /home/
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-home xfs 66G 33M 66G 1% /home2.启动quota功能
[[email protected] ~]# vim /etc/fstab
/dev/mapper/centos-home /home xfs defaults,usrquota,grpquota 0 0
[[email protected] ~]# umount /home/
[[email protected] ~]# mount -a
[[email protected] ~]# mount | grep "home"
/dev/mapper/centos-home on /home type xfs (rw,relatime,seclabel,attr2,inode64,usrquota,prjquota)TIP:针对 quota 限制的项目主要有三项:
(1) uquota/usrquota/quota:针对使用者帐号的设置
(2)gquota/grpquota:针对群组的设置
(3)pquota/prjquota:针对单一目录的设置,但是不可与 grpquota 同时存在
3.查看quota数据
xfs_quota<查看quota数据>
xfs_quota -x -c "指令" [挂载点]
常用参数解释:
-x :专家模式,后续才能够加入 -c 的指令参数
-c :后面加的就是指令,这个小节我们先来谈谈数据回报的指令
指令:
print :单纯的列出目前主机内的文件系统参数等数据
df :与原本的 df 一样的功能,可以加上 -b (block) -i (inode) -h (加上单位) 等
report:列出目前的 quota 项目,有 -ugr (user/group/project) 及 -bi 等数据
state :说明目前支持 quota 的文件系统的信息,有没有起动相关项目等
[[email protected] ~]# xfs_quota -x -c "print"
Filesystem Pathname
/ /dev/mapper/centos-root
/boot /dev/sda1
/home /dev/mapper/centos-home (uquota, gquota)
[[email protected] ~]# xfs_quota -x -c "df -h" /home
Filesystem Size Used Avail Use% Pathname
/dev/mapper/centos-home
65.2G 32.2M 65.2G 0% /home
[[email protected] ~]# xfs_quota -x -c "report -ubin" /home
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 0 0 00 [--------] 4 0 0 00 [--------]
[[email protected] ~]# id wakamizu
uid=1000(wakamizu) gid=1000(wakamizu) groups=1000(wakamizu)
[[email protected] ~]# xfs_quota -x -c "state"
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON #启用计算功能
Enforcement: ON #quota 管制的功能
Inode: #71 (2 blocks, 2 extents) #这四行说明的是有启动 user 的限制能力
Group quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents) #这四行说明的是有启动 group 的限制能力
Project quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents) #这上面四行说明的是 project 并未支持
Blocks grace time: [7 days] #以下则是grace time信息
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]
4.限制值设置
修改告警值、最大使用值
xfs_quota -x -c "limit [-ug] b[soft|hard]=N i[soft|hard]=N name"
常用参数解释
limit :实际限制的项目,可以针对 user/group 来限制,限制的项目有
bsoft/bhard : block 的 soft/hard 限制值,可以加单位
isoft/ihard : inode 的 soft/hard 限制值
name : 就是用户/群组的名称
[[email protected] ~]# xfs_quota -x -c "limit -u bsoft=1G bhard=2G wakamizu" /home
[[email protected] ~]# xfs_quota -x -c "report -ubin" /home
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 1048576 2097152 00 [--------] 4 0 0 00 [--------]
[[email protected] ~]# xfs_quota -x -c "limit -g bsoft=2G bhard=5G wakamizu" /home
[[email protected] ~]# xfs_quota -x -c "report -gbin" /home
Group quota on /home (/dev/mapper/centos-home)
Blocks Inodes
Group ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 2097152 5242880 00 [--------] 4 0 0 00 [--------]修改宽限时间
xfs_quota -x -c "timer [-ug] [-bir] Ndays"
常用参数解释
用来设置 grace time 的项目喔,也是可以针对 user/group 以及 block/inode 设置
[[email protected] ~]# xfs_quota -x -c "timer -g -b 14days" /home
[[email protected] ~]# xfs_quota -x -c "state" /home
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #71 (2 blocks, 2 extents)
Group quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents)
Project quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents)
Blocks grace time: [14 days]
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]测试(创建1G的空文件,查看宽限时间是否开始倒数)
[[email protected] ~]# su - wakamizu
[[email protected] ~]$ dd if=/dev/zero of=test bs=1M count=1024
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 2.35625 s, 456 MB/s
[[email protected] ~]$ ll -h
total 1.0G
-rw-rw-r--. 1 wakamizu wakamizu 1.0G Jul 8 15:46 test
[[email protected] ~]$ exit
logout
[[email protected] ~]# xfs_quota -x -c 'report -ubh' /home/
User quota on /home (/dev/mapper/centos-home)
Blocks
User ID Used Soft Hard Warn/Grace
---------- ---------------------------------
root 0 0 0 00 [0 days]
wakamizu 1.0G 1G 2G 00 [13 days]针对目录进行限制
1.启动quota
[[email protected] ~]# umount /home/
[[email protected] ~]# xfs_quota -x -c 'report -ubh' /home/
xfs_quota: cannot setup path for mount /home/: No such device or address
[[email protected] ~]# vim /etc/fstab
/dev/mapper/centos-home /home xfs defaults,usrquota,prjquota 0 0
[[email protected] ~]# mount -a
[[email protected] ~]# xfs_quota -x -c 'state'
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #71 (2 blocks, 2 extents)
Group quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents)
Project quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents) #关注这里,和之前的群组管理开关是相反的
Blocks grace time: [2 days]
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]2.初始化规范目录、专案名称和专案ID
[[email protected] ~]# vim /etc/projects
27:/hone/wakamizu
[[email protected] ~]# vim /etc/projid
wakamizuproject:27
[email protected] ~]# xfs_quota -x -c "project -s wakamizuproject" /home/
Setting up project wakamizuproject (path /home/wakamizu)...
Processed 1 (/etc/projects and cmdline) paths for project wakamizuproject with recursion depth infinite (-1).
[[email protected] ~]# xfs_quota -x -c "print" /home/
Filesystem Pathname
/home /dev/mapper/centos-home (uquota, pquota)
/home/wakamizu /dev/mapper/centos-home (project 27, wakamizuproject)
[[email protected] ~]# xfs_quota -x -c "report -rbin" /home/
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes Realtime Blocks
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace Used Soft Hard Warn/Grace
---------- -------------------------------------------------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------] 0 0 0 00 [--------]
#1000 1048592 1048576 2097152 00 [1 day] 6 0 0 00 [--------] 0 0 0 00 [--------]
Project quota on /home (/dev/mapper/centos-home)
Blocks Inodes Realtime Blocks
Project ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace Used Soft Hard Warn/Grace
---------- -------------------------------------------------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------] 0 0 0 00 [--------]
#27 1048592 0 0 00 [--------] 6 0 0 00 [--------] 0 0 0 00 [--------]3.限制值设置
[[email protected] ~]# xfs_quota -x -c "limit -p bsoft=2G bhard=5G wakamizuproject" /home
[[email protected] ~]# xfs_quota -x -c "report -pbin" /home/
Project quota on /home (/dev/mapper/centos-home)
Blocks Inodes
Project ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#27 1048592 2097152 5242880 00 [--------] 6 0 0 00 [--------]测试
[[email protected] wakamizu]# dd if=/dev/zero of=test bs=1M count=2048
dd: error writing ‘test’: No space left on device
1024+0 records in
1023+0 records out
1073676288 bytes (1.1 GB) copied, 2.22323 s, 483 MB/s连root都可被限制
关闭/启动quota功能
xfs_quota -x -c "disable/enable/off/remove -up" /home
常用参数解释
disable:暂时取消quota限制
enable:回复quota限制
off:完全关闭quota限制,需要重新开启只能重新挂载分区
remove:在off的状态下执行,移除quota限制
Reference URL:《鸟哥的linux私房菜》