# 安装最小化系统后添加必要组件
sudo apt update && sudo apt upgrade -y
sudo apt install -y build-essential git curl wget vim net-tools
# 编辑网络配置文件(根据发行版不同路径可能不同)
sudo vim /etc/netplan/01-netcfg.yaml
# 示例配置
network:
version: 2
ethernet:
eth0:
dhcp4: no
addresses: [192.168.1.100/24]
gateway4: 192.168.1.1
nameservers:
addresses: [8.8.8.8, 8.8.4.4]
# 安装ufw
sudo apt install -y ufw
# 基本规则
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 1883/tcp # MQTT
sudo ufw allow 8883/tcp # MQTT over SSL
sudo ufw enable
# 通用开发工具
sudo apt install -y python3-pip python3-venv cmake automake libtool
# 物联网相关
sudo apt install -y mosquitto mosquitto-clients # MQTT broker
sudo apt install -y redis-server # 轻量级数据库
# 安装Docker
curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER
# 安装Docker Compose
sudo apt install -y docker-compose-plugin
# 安装kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
# 安装KubeEdge
curl -L https://github.com/kubeedge/kubeedge/releases/download/v1.12.0/keadm-v1.12.0-linux-amd64.tar.gz | tar -xz
sudo cp keadm-v1.12.0-linux-amd64/keadm /usr/local/bin/
# 使用Docker Compose安装
git clone https://github.com/edgexfoundry/edgex-compose.git
cd edgex-compose
git checkout main
docker compose -f docker-compose-no-secty.yml up -d
# 安装Eclipse Mosquitto
sudo apt install -y mosquitto mosquitto-clients
# 配置Mosquitto
sudo vim /etc/mosquitto/mosquitto.conf
# 添加以下内容
listener 1883
allow_anonymous true
# 安装libcoap
sudo apt install -y libcoap2 libcoap2-dev
# 或从源码安装
git clone https://github.com/obgm/libcoap.git
cd libcoap
./autogen.sh
./configure --with-openssl
make
sudo make install
# 安装必要库
sudo apt install -y python3-gpiozero python3-rpi.gpio
# 或使用WiringPi
git clone https://github.com/WiringPi/WiringPi
cd WiringPi
./build
# 添加用户到dialout组访问串口
sudo usermod -a -G dialout $USER
# 创建udev规则
sudo vim /etc/udev/rules.d/99-usb-serial.rules
# 添加以下内容(示例)
SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", GROUP="dialout", MODE="0666"
# 禁用root SSH登录
sudo sed -i 's/PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
# 更改SSH端口
sudo sed -i 's/#Port 22/Port 2222/' /etc/ssh/sshd_config
# 重启SSH服务
sudo systemctl restart sshd
# 安装fail2ban防止暴力破解
sudo apt install -y fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
# 设置自动安全更新
sudo apt install -y unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades
# 安装Prometheus Node Exporter
wget https://github.com/prometheus/node_exporter/releases/download/v1.3.1/node_exporter-1.3.1.linux-amd64.tar.gz
tar xvfz node_exporter-*.tar.gz
cd node_exporter-*
./node_exporter &
# 安装logrotate
sudo apt install -y logrotate
# 配置自定义日志轮转
sudo vim /etc/logrotate.d/myapp
# 示例配置
/var/log/myapp/*.log {
daily
missingok
rotate 7
compress
delaycompress
notifempty
create 0640 root adm
sharedscripts
postrotate
/usr/bin/systemctl restart myapp >/dev/null
endscript
}
# 编辑sysctl.conf
sudo vim /etc/sysctl.conf
# 添加以下优化参数
net.core.rmem_max=4194304
net.core.wmem_max=4194304
net.ipv4.tcp_keepalive_time=600
net.ipv4.tcp_keepalive_intvl=60
net.ipv4.tcp_keepalive_probes=3
# 应用更改
sudo sysctl -p
# 禁用不必要的服务
sudo systemctl disable bluetooth.service
sudo systemctl disable avahi-daemon.service
sudo systemctl disable cups.service
# 安装ARM交叉编译工具链
sudo apt install -y gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf
# 或者安装更完整的工具链
wget https://developer.arm.com/-/media/Files/downloads/gnu-a/10.3-2021.07/binrel/gcc-arm-10.3-2021.07-x86_64-arm-none-linux-gnueabihf.tar.xz
tar xf gcc-arm-10.3-2021.07-x86_64-arm-none-linux-gnueabihf.tar.xz
# 示例Dockerfile
FROM ubuntu:22.04
RUN apt update && apt install -y \
build-essential \
git \
cmake \
python3 \
python3-pip \
&& rm -rf /var/lib/apt/lists/*
RUN pip3 install paho-mqtt requests
通过以上配置,您的Linux系统将具备完整的边缘网关和物联网网关开发能力,支持从设备接入到边缘计算的全套功能开发。