概念
限制磁盘资源的使用,磁盘配额是系统对用户能使用磁盘资源的控制(或者说限制).在Linux中,磁盘配额可以对用户的空间使用情况,文件数量(实际上是inode的数量,文件数量是限制inode的结果)进行限制。如果超出此范围则用户能在往磁盘里写入数据。
针对成员、群组进行限制
限制wakamizu用户可用磁盘为2G,超过1G时告警;
wakamizu组可用磁盘为5G,超过2G时告警
1.确定为xfs文件系统且为独立分区
# df -hT /home/
Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-home xfs 66G 33M 66G 1% /home2.启动quota功能
# vim /etc/fstab
/dev/mapper/centos-home /home xfs defaults,usrquota,grpquota 0 0
# umount /home/
# mount -a
# mount | grep "home"
/dev/mapper/centos-home on /home type xfs (rw,relatime,seclabel,attr2,inode64,usrquota,prjquota)TIP:针对 quota 限制的项目主要有三项:
(1)usrquota:针对使用者帐号的设置
(2)grpquota:针对群组的设置
(3)prjquota:针对单一目录的设置,不可与 grpquota 同时存在
3.查看quota数据
xfs_quota -x -c "指令" [挂载点]参数
- -x :专家模式,后面使用 -c 的指令参数
- -c :后面加的是指令
- print :单纯的列出目前主机内的文件系统参数等数据
- df :与原本的 df 一样的功能,可以加上 -b (block) -i (inode) -h (加上单位) 等
- report:列出目前的 quota 项目,有 -ugr (user/group/project) 及 -bi 等数据
- -u:对用户进行操作
- -g:对组进行操作
- -p:对项目查看
- -a:查看所有可用分区的配额使用报告
- -b:查看磁盘容量
- -i:查看文件数
- state :说明目前支持 quota 的文件系统的信息,有没有起动相关项目等
# xfs_quota -x -c "print"
Filesystem Pathname
/ /dev/mapper/centos-root
/boot /dev/sda1
/home /dev/mapper/centos-home (uquota, gquota)
# xfs_quota -x -c "df -h" /home
Filesystem Size Used Avail Use% Pathname
/dev/mapper/centos-home
65.2G 32.2M 65.2G 0% /home
# xfs_quota -x -c "report -ubin" /home
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 0 0 00 [--------] 4 0 0 00 [--------]
Blocks 是容量限制
Inodes 是文件数量限制
soft/hard 为 0 则表示没有限制
# id wakamizu
uid=1000(wakamizu) gid=1000(wakamizu) groups=1000(wakamizu)
# xfs_quota -x -c "state"
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON #启用计算功能
Enforcement: ON #quota 管制的功能
Inode: #71 (2 blocks, 2 extents) #这四行说明的是有启动 user 的限制能力
Group quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents) #这四行说明的是有启动 group 的限制能力
Project quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents) #这上面四行说明的是 project 并未支持
Blocks grace time: [7 days] #以下则是grace time信息
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]
4.限制值设置
设置警告值(bsoft|isoft)/限制值(bhard|ihard)
xfs_quota -x -c "limit [-ug] b[soft|hard]=N i[soft|hard]=N name"参数
- -u:对用户进行操作
- -g:对组进行操作
- limit :实际限制的项目,可以针对 user/group 来限制,限制的项目有
- bsoft/bhard : block 的 soft/hard 限制值,可以加单位
- isoft/ihard : inode 的 soft/hard 限制值
- name : 就是用户/群组的名称
# xfs_quota -x -c "limit -u bsoft=1G bhard=2G wakamizu" /home
# xfs_quota -x -c "report -ubin" /home
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 1048576 2097152 00 [--------] 4 0 0 00 [--------]
# xfs_quota -x -c "limit -g bsoft=2G bhard=5G wakamizu" /home
# xfs_quota -x -c "report -gbin" /home
Group quota on /home (/dev/mapper/centos-home)
Blocks Inodes
Group ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#1000 12 2097152 5242880 00 [--------] 4 0 0 00 [--------]设置宽限时间
xfs_quota -x -c "timer [-ug] [-bir] Ndays"若超过grace time,soft值会变成hard值,对用户进行限制
# xfs_quota -x -c "timer -g -b 14days" /home
# xfs_quota -x -c "state" /home
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #71 (2 blocks, 2 extents)
Group quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents)
Project quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents)
Blocks grace time: [14 days]
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]测试
# su - wakamizu
$ dd if=/dev/zero of=test bs=1M count=1024
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 2.35625 s, 456 MB/s
$ ll -h
total 1.0G
-rw-rw-r--. 1 wakamizu wakamizu 1.0G Jul 8 15:46 test
$ exit
# xfs_quota -x -c 'report -ubh' /home/
User quota on /home (/dev/mapper/centos-home)
Blocks
User ID Used Soft Hard Warn/Grace
---------- ---------------------------------
root 0 0 0 00 [0 days]
wakamizu 1.0G 1G 2G 00 [13 days]
# su - wakamizu
$ dd if=/dev/zero of=test bs=1G count=3
dd: error writing ‘test’: Disk quota exceeded
2+0 records in
1+0 records out
2147090432 bytes (2.1 GB) copied, 6.49795 s, 330 MB/s
针对目录进行限制
1.启动quota
# umount /home/
# vim /etc/fstab
/dev/mapper/centos-home /home xfs defaults,usrquota,prjquota 0 0
# mount -a
# xfs_quota -x -c 'state'
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #71 (2 blocks, 2 extents)
Group quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #73 (2 blocks, 2 extents)
Project quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: ON
Inode: #73 (2 blocks, 2 extents) #关注这里,和之前的群组管理开关是相反的
Blocks grace time: [2 days]
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]2.初始化规范目录、专案名称和专案ID
# vim /etc/projects
27:/hone/wakamizu
# vim /etc/projid
wakamizuproject:27
# xfs_quota -x -c "project -s wakamizuproject" /home/
Setting up project wakamizuproject (path /home/wakamizu)...
Processed 1 (/etc/projects and cmdline) paths for project wakamizuproject with recursion depth infinite (-1).
# xfs_quota -x -c "print" /home/
Filesystem Pathname
/home /dev/mapper/centos-home (uquota, pquota)
/home/wakamizu /dev/mapper/centos-home (project 27, wakamizuproject)
# xfs_quota -x -c "report -rbin" /home/
User quota on /home (/dev/mapper/centos-home)
Blocks Inodes Realtime Blocks
User ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace Used Soft Hard Warn/Grace
---------- -------------------------------------------------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------] 0 0 0 00 [--------]
#1000 1048592 1048576 2097152 00 [1 day] 6 0 0 00 [--------] 0 0 0 00 [--------]
Project quota on /home (/dev/mapper/centos-home)
Blocks Inodes Realtime Blocks
Project ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace Used Soft Hard Warn/Grace
---------- -------------------------------------------------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------] 0 0 0 00 [--------]
#27 1048592 0 0 00 [--------] 6 0 0 00 [--------] 0 0 0 00 [--------]3.限制值设置
# xfs_quota -x -c "limit -p bsoft=2G bhard=5G wakamizuproject" /home
# xfs_quota -x -c "report -pbin" /home/
Project quota on /home (/dev/mapper/centos-home)
Blocks Inodes
Project ID Used Soft Hard Warn/Grace Used Soft Hard Warn/ Grace
---------- -------------------------------------------------- --------------------------------------------------
#0 0 0 0 00 [--------] 3 0 0 00 [--------]
#27 1048592 2097152 5242880 00 [--------] 6 0 0 00 [--------]测试
# cd /home/wakamizu
# dd if=/dev/zero of=test bs=1G count=6
dd: error writing ‘test’: No space left on device
5+0 records in
4+0 records out
5368119296 bytes (5.4 GB) copied, 13.4178 s, 400 MB/s
连root都可被限制
关闭/启动quota功能
xfs_quota -x -c "disable/enable/off/remove -up" /home参数
- disable:暂时取消quota限制
- enable:回复quota限制
- off:完全关闭quota限制,需要重新开启只能重新挂载分区
- remove:在off的状态下执行,移除quota限制
实例
临时关闭
# xfs_quota -x -c "disable -up" /home
# xfs_quota -x -c "state"
User quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: OFF #状态变成 OFF
Inode: #67 (2 blocks, 2 extents)
Group quota state on /home (/dev/mapper/centos-home)
Accounting: OFF
Enforcement: OFF
Inode: #68 (2 blocks, 2 extents)
Project quota state on /home (/dev/mapper/centos-home)
Accounting: ON
Enforcement: OFF #状态变成 OFF
Inode: #68 (2 blocks, 2 extents)
Blocks grace time: [7 days]
Inodes grace time: [7 days]
Realtime Blocks grace time: [7 days]
完全关闭
# xfs_quota -x -c "off -up" /home
后者的关闭命令重新启动不能用"enable -up",而是要重新挂载分区
去除限制设置
# xfs_quota -x -c "off -up" /home
# xfs_quota -x -c "remove -p" /home/
# umount /home
# mount -a
# xfs_quota -x -c "report " /home/
User quota on /home (/dev/mapper/centos-home)
Blocks
User ID Used Soft Hard Warn/Grace
---------- --------------------------------------------------
root 5242304 0 0 00 [--------]
wakamizu 16 1048576 2097152 00 [--------]
Project quota on /home (/dev/mapper/centos-home)
Blocks
Project ID Used Soft Hard Warn/Grace
---------- --------------------------------------------------
#0 0 0 0 00 [--------]
wakamizuproject 5242320 0 0 00 [--------]