CentOS7 服务器部署(自用)
1. centos7初始化
1.1 查看本机ip
$ ifconfig
如果提示command not found
$ yum update
$ yum install net-tools
1.2 安装一些系统工具及初始化
$ yum -y install binutils compat-libstdc++-33 compat-libstdc++-33.i686 elfutils-libelf elfutils-libelf-devel gcc gcc-c++ glibc glibc.i686 glibc-common glibc-devel glibc-devel.i686 glibc-headers ksh libaio libaio.i686 libaio-devel libaio-devel.i686 libgcc libgcc.i686 libstdc++ libstdc++.i686 libstdc++-devel make cmake sysstat ncurses-devel wget vim zip unzip tcpdump
修改系统默认的最大文件打开数
$ vi /etc/security/limits.conf
加入下面一行
* - nofile 65536
* soft nproc 4096
root soft nproc unlimited
1.3 配置访问黑白名单
注:所有源码文件上传至/app/src目录
2. 数据库安装
2.1 Mysql-5.7.25
wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql-community-server
#编辑/ect/my.cnf
systemctl start mysqld
grep "password" /var/log/mysqld.log
#登录
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'new password';
mysql> use mysql;
mysql> select host,user FROM user WHERE user='root';
mysql> update user set host= '%' WHERE user ='root';
mysql> flush privileges;
编译源码方式安装MySQL数据库
2.1.1 安装boost库
安装5.7版本的mysql一定要安装1.59.0版本的boost库
上传boost至/app/src目录
$ tar -zxvf boost_1_59_0.tar.gz
$ cp -a /app/src/boost_1_59_0 /usr/local/boost
2.1.2 安装mysql
上传mysql源码包至/app/src
2.1.2 新建mysql用户、组及目录
$ groupadd mysql ---新建一个msyql组
$ useradd -r -g mysql mysql ---新建msyql用户禁止登录shell
$ mkdir /usr/local/mysql ---创建目录
$ mkdir /app/mysql ---数据仓库目录
$ mkdir /app/mysql/data ---数据仓库目录
$ mkdir /app/mysql/log ---数据日志目录
$ chown -R mysql /app/mysql ---更改mysql目录所有者为mysql
2.1.4 编译安装mysql
对mysql进行cmake
$ cd /app/src
$ tar -xzvf mysql-5.7.25.tar.gz
$ cd mysql-5.7.25
$ cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/app/mysql/data/ -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 -DWITH_BOOST=/usr/local/boost
各参数说明如下:
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql ---mysql的安装目录
-DMYSQL_DATADIR=/app/mysql/data/ ---数据库目录
-DDEFAULT_CHARSET=utf8 ---字符集支持
-DDEFAULT_COLLATION=utf8_general_ci ---字符集支持
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock ---指定mysql.sock位置
-DWITH_INNOBASE_STORAGE_ENGINE=1 ---添加INNOBASE不加建表时报错
-DWITH_ARCHIVE_STORAGE_ENGINE=1 ---添加ARCHIVE不加建表时报错
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 ---添加BLACKHOLE不加建表时报错
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 ---添加PERFSCHEMA不加建表时报错
$ make ---开始编译
$ make install ---编译安装
$ make clean ---如果出错后重新运行,需要删除CMakeCache.txt
$ rm -f CMakeCache.txt
2.1.5 设置权限并初始化MySQL系统授权表
$ cd /usr/local
$ chown -R mysql:mysql mysql/
$ cd /usr/local/mysql
---初始化,生成一个随机密码(有可能是空)
$ bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/app/mysql/data
2.1.6 创建配置文件,启动Mysql
$ mv /etc/my.cnf /etc/my.cnf.bak ---将默认生成my.cnf改名或删除否则启动服务会报错
$ vim /etc/my.cnf ---^5.7.18不再提供my-default.cnf
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html
# *** DO NOT EDIT THIS FILE. It's a template which will be copied to the
# *** default location during install, and will be replaced if you
# *** upgrade to a newer version of MySQL.
[mysqld]
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
# These are commonly set, remove the # and set as required.
# basedir = .....
# datadir = .....
# port = .....
# server_id = .....
# socket = .....
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
max_allowed_packet = 100M
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
plugin-load = validate_password.so
validate_password_policy = 1
validate-password = FORCE_PLUS_PERMANENT
validate_password_check_user_name = ON
max_connect_errors = 10
log_bin = ON
server-id = 123
log-bin = /app/mysql/log/mysql-bin
$ /usr/local/mysql/bin/mysqld_safe --user=mysql & ---后台启动mysql
2.1.7 配置Mysql自动启动
$ cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld ---复制启动文件
$ chmod 755 /etc/init.d/mysqld ---增加执行权限
$ chkconfig mysqld on
$ systemctl start mysqld ---启动mysql服务
$ systemctl restart mysqld ---重启mysql
$ systemctl stop mysqld ---停止mysql服务
2.1.8 配置Mysql系统环境变量
$ vi /etc/profile
---文件在最后添加如下两行
PATH=/usr/local/mysql/bin:$PATH
export PATH
---重新载入环境变量
$ source /etc/profile
2.1.9 访问MySQL数据库
$ mysql -uroot -p ---连接mysql,输入初始化时生成的随机密码
mysql>alter user 'root'@'localhost' identified by '123456'; ---修改root新密码
mysql>quit; ---退出也可用exit;
$ myslq -uroot -p123456 ---重新登录时输入新的密码回车
2.1.10 添加用户
登录MySQL,添加用户,并赋予root权限
mysql> grant all privileges on *.* to 'root'@'10.6.0.71' identified by '123456';
mysql> flush privileges;
2.2 Redis-5.0.5
2.2.1 安装Redis
$ cd /app/src
$ wget http://download.redis.io/releases/redis-5.0.5.tar.gz
$ tar -zxvf redis-5.0.5.tar.gz
$ cd redis-5.0.5
$ make && make install
$ cd /usr/local/bin
$ ls
---查看是否有redis-server redis-cli,若没有则执行如下两行命令
$ cp /app/src/redis-5.0.5/src/redis-server /usr/local/bin
$ cp /app/src/redis-5.0.5/src/redis-cli /usr/local/bin
2.2.2 配置Redis
$ mkdir /etc/redis
$ cp /app/src/redis-5.0.5/redis.conf /etc/redis/redis.conf
$ vi /etc/redis/redis.conf
输入i进入编辑模式编辑redis.conf
-
更改daemonize=yes ,允许后台运行redis服务
-
#requirepass foobared去掉注释,foobared改为自己的密码,我在这里改为123,requirepass 123
-
bind 127.0.0.1,修改为bind 0.0.0.0,允许外部网络连接
esc进入命令模式输入:wq保存
命令模式下输入/关键字可快速查找关键字n切换至下一个匹配的关键字
2.2.3 配置自启动
$ vi /etc/init.d/redis
输入一下内容
#!/bin/sh
#chkconfig: 2345 10 90
#description: Start and Stop redis
PATH=/usr/local/bin:/sbin:/usr/bin:/bin
REDISPORT=6379
EXEC=/usr/local/bin/redis-server
REDIS_CLI=/usr/local/bin/redis-cli
PIDFILE=/var/run/redis_6379.pid
CONF="/etc/redis/redis.conf"
case "$1" in
start)
if [ -f $PIDFILE ]
then
echo "$PIDFILE exists, process is already running or crashed."
else
echo "Starting Redis server..."
$EXEC $CONF
fi
if [ "$?"="0" ]
then
echo "Redis is running..."
fi
;;
stop)
if [ ! -f $PIDFILE ]
then
echo "$PIDFILE exists, process is not running."
else
PID=(cat $PIDFILE)
echo "Stopping..."
$REDIS_CLI -a "$2" -p $REDISPORT SHUTDOWN
while [ -x $PIDFILE ]
do
echo "Waiting for Redis to shutdown..."
sleep 1
done
echo "Redis stopped"
fi
;;
restart|force-reload)
${0} stop
${0} start
;;
*)
echo "Usage: /etc/init.d/redis {start|stop|restart|force-reload}" >&2
exit 1
esac
配置自启动
$ chmod 755 /etc/init.d/redis
$ chkconfig redis on
启动或停止redis
$ service redis start
$ service redis stop 123
测试redis
$ redis-cli -a 123
-----------------------------------------
127.0.0.1:6379> set foo bar
OK
127.0.0.1:6379> get foo
"bar"
127.0.0.1:6379> quit
2.3 SQL Server安装
下载 Microsoft SQL Server Red Hat 存储库配置文件
$ curl -o /etc/yum.repos.d/mssql-server.repo https://packages.microsoft.com/config/rhel/7/mssql-server-2017.repo
安装SQL Server
$ yum install -y mssql-server
$ /opt/mssql/bin/mssql-conf setup
按照提示设置SA用户密码,并选择对应的版本(通常是2,Developer),选择语言(10,中文简体)
安装完成后自动启动,查看是否启动
$ systemctl status mssql-server
2.4 Oracl 11g安装
2.4.1安装环境
oracle软件版本:
linux.x64_11gR2_database_1of2.zip
linux.x64_11gR2_database_2of2.zip
创建目录
$ mkdir -p /app/oracle/product/11.2.0/db_1
$ chmod 775 -R /app
$ chown oracle:oinstall -R /app/oracle
上传安装包到/app/oracle/app/,解压安装包,解压完成后,会在目录下出现一个database的目录,大概2.3G大小
$ unzip linux.x64_11gR2_database_1of2.zip
$ unzip linux.x64_11gR2_database_2of2.zip
安装环境
$ yum -y install binutils compat-libcap1 compat-libstdc++-33 compat-libstdc++-33*.i686 elfutils-libelf-devel gcc gcc-c++ glibc*.i686 glibc glibc-devel glibc-devel*.i686 ksh libgcc*.i686 libgcc libstdc++ libstdc++*.i686 libstdc++-devel libstdc++-devel*.i686 libaio libaio*.i686 libaio-devel libaio-devel*.i686 make sysstat unixODBC unixODBC*.i686 unixODBC-devel unixODBC-devel*.i686 libXp xrdp gpm* xorg-x11-drv-evdev
增加虚拟内存(以8G内存为例)
$ dd if=/dev/zero of=/swapadd bs=1024 count=8388608
$ mkswap /swapadd
$ swapon /swapadd
$ vim /etc/fastab
$ 在末尾追加以下内容
/swapadd swap swap default 0 0
查看和修改主机名
$ 查看主机名信息
$ hostnamectl status
$ 同时修改所有三个主机名:静态、瞬态和灵活主机名为oradb
$ hostnamectl set-hostname oradb
修改hosts文件
$ vim /etc/hosts
$ 加入以下内容
127.0.0.1 oradb
关闭Selinux
$ sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
$ setenforce 0
修改 /etc/sysctl.conf,增加如下内容后,执行sysctl -p
kernel.shmmni = 4096
kernel.shmmax = 4398046511104
kernel.shmall = 1073741824
kernel.sem = 250 32000 100 128
fs.aio-max-nr = 1048576
fs.file-max = 6815744
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048586
$ sysctl -p
2.4.2 用户和环境变量
新增用户组、用户
$ groupadd oinstall && groupadd dba && useradd -g oinstall -G dba oracle
$ chown oracle:oinstall -R /app/oracle
$ chmod 755 -R /app/oracle
修改/etc/profile
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
fi
修改oracle用户环境变量(切换至oracle用户)
$ su oracle
$ vim ~/.bash_profile
$ 加入以下内容
export TMP=/tmp #安装oracle软件过程中使用的临时文件目录
export TMPDIR=$TMP #安装oracle软件过程中使用的临时文件目录
export ORACLE_BASE=/app/oracle #Oracle的BASE目录,所有关于Oracle的文件全部存放在这个目录中
export ORACLE_HOME=/app/oracle/product/11.2.0/db_1 #安装Oracle软件存放的目录
export ORACLE_SID=orcl #将要创建的数据库实例的名字
export ORACLE_TERM=xterm #安装的时候指定终端的定义资源文件xterm表示窗口方式,rt100表示终端调试模式
export PATH=/usr/sbin:$PATH
export PATH=$ORACLE_HOME/bin:$PATH #SHELL可执行文件的搜索路径
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib #库文件的搜索路径
export CLASSPATH=$ORACLE_HOME/jre:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib #java的class文件执行搜索的bin路径
export EDITOR=vim #在oracle操作环境下嵌入使用的文本编辑工具
export NLS_LANG=AMERICAN_AMERICA.UTF8 #oracle用户这个客户端所识别的字符集
export NLS_DATE_FORMAT='YYYY-MM-DD HH24:MI:SS' #oracle用户这个客户端所识别的时间显式格式
$ source ~/.bash_profile
2.4.3 安装
配置应答文件
$ cat db_install.rsp | grep -v "#"|grep -v "^$"
$ 应答文件参考设置如下
oracle.install.responseFileVersion=/oracle/install/rspfmt_dbinstall_response_schema_v11_2_0
oracle.install.option=INSTALL_DB_SWONLY
ORACLE_HOSTNAME=oradb
UNIX_GROUP_NAME=oinstall
INVENTORY_LOCATION=/app/oracle/oraInventory
SELECTED_LANGUAGES=en,zh_CN
ORACLE_HOME=/app/oracle/product/11.2.0/db_1
ORACLE_BASE=/app/oracle
oracle.install.db.InstallEdition=EE
oracle.install.db.isCustomInstall=false
oracle.install.db.customComponents=oracle.server:11.2.0.1.0,oracle.sysman.ccr:10.2.7.0.0,oracle.xdk:11.2.0.1.0,oracle.rdbms.oci:11.2.0.1.0,oracle.network:11.2.0.1.0,oracle.network.listener:11.2.0.1.0,oracle.rdbms:11.2.0.1.0,oracle.options:11.2.0.1.0,oracle.rdbms.partitioning:11.2.0.1.0,oracle.oraolap:11.2.0.1.0,oracle.rdbms.dm:11.2.0.1.0,oracle.rdbms.dv:11.2.0.1.0,orcle.rdbms.lbac:11.2.0.1.0,oracle.rdbms.rat:11.2.0.1.0
oracle.install.db.DBA_GROUP=dba
oracle.install.db.OPER_GROUP=oinstall
oracle.install.db.CLUSTER_NODES=
oracle.install.db.config.starterdb.type=GENERAL_PURPOSE
oracle.install.db.config.starterdb.globalDBName=ora11g
oracle.install.db.config.starterdb.SID=ORCL
oracle.install.db.config.starterdb.characterSet=AL32UTF8
oracle.install.db.config.starterdb.memoryOption=true
oracle.install.db.config.starterdb.memoryLimit=512
oracle.install.db.config.starterdb.installExampleSchemas=false
oracle.install.db.config.starterdb.enableSecuritySettings=true
oracle.install.db.config.starterdb.password.ALL=oracle
oracle.install.db.config.starterdb.password.SYS=
oracle.install.db.config.starterdb.password.SYSTEM=
oracle.install.db.config.starterdb.password.SYSMAN=
oracle.install.db.config.starterdb.password.DBSNMP=
oracle.install.db.config.starterdb.control=DB_CONTROL
oracle.install.db.config.starterdb.gridcontrol.gridControlServiceURL=
oracle.install.db.config.starterdb.dbcontrol.enableEmailNotification=false
oracle.install.db.config.starterdb.dbcontrol.emailAddress=
oracle.install.db.config.starterdb.dbcontrol.SMTPServer=
oracle.install.db.config.starterdb.automatedBackup.enable=false
oracle.install.db.config.starterdb.automatedBackup.osuid=
oracle.install.db.config.starterdb.automatedBackup.ospwd=
oracle.install.db.config.starterdb.storageType=FILE_SYSTEM_STORAGE
oracle.install.db.config.starterdb.fileSystemStorage.dataLocation=
oracle.install.db.config.starterdb.fileSystemStorage.recoveryLocation=
oracle.install.db.config.asm.diskGroup=
oracle.install.db.config.asm.ASMSNMPPassword=
MYORACLESUPPORT_USERNAME=
MYORACLESUPPORT_PASSWORD=
SECURITY_UPDATES_VIA_MYORACLESUPPORT=
DECLINE_SECURITY_UPDATES=true
PROXY_HOST=
PROXY_PORT=
PROXY_USER=
PROXY_PWD=
安装数据库软件
$ su oracl
$ /app/database/runInstaller -silent -force -ignorePrereq -responseFile /app/database/response/db_install.rsp
开始安装,等待5分钟左右出现以下信息
the following configuration scripts need to be executed as the "root" user.
#!/bin/sh
#Root scripts to run
/app/oracle/oraInventory/orainstRoot.sh
/app/oracle/product/11.2.0/db_1/root.sh
To execute the configuration scripts:
1. Open a terminal window
2. Log in as "root"
3. Run the scripts
4. Return to this window and hit "Enter" key to continue
Successfully Setup Software.
在root用户下执行上面2个脚本
$ /app/oracle/oraInventory/orainstRoot.sh
$ /app/oracle/product/11.2.0/db_1/root.sh
安装监听
$ /app/oracle/product/11.2.0/db_1/bin/netca /silent /responseFile /app/database/response/netca.rsp
启动监听、查看监听状态
若不是在oracle用户下,需要切换
$ su - oracle
$ lsnrctl start
$ lsnrctl status
静默dbca建立数据库
$ vim /app/database/response/dbca.rsp
$ 设置以下内容
GDBNAME = "orcl.oradb" #78行,全局数据库名字 sid+hostname
SID = "orcl" #149行
CHARACTERSET = "AL32UTF8" #415行,编码
NATIONALCHARACTERSET= "UTF8" #425行
$ 开始安装
$ /app/oracle/product/11.2.0/db_1/bin/dbca -silent -responseFile /app/database/response/dbca.rsp
安装完成后启动数据库(一般会自动启动)
若不是在oracle用户下,需要切换
$ su - oracle
$ sqlplus / as sysdba
SQL> startup
SQL> select INSTANCE_NAME,VERSION from v$instance;
至此oracle11g安装完成,可通过软件连接,连接信息如下
服务名:orcl.oradb
SID:orcl
用户名:sys
3. 语言环境安装
3.1 jdk
3.1.1 安装
上传jdk至/app/src目录
$ cd /app/src
$ tar -xzvf jdk-8u201-linux-x64.tar.gz
$ mkdir /usr/java
$ cp -a jdk1.8.0_201 /usr/java/jdk1.8
3.1.2 设环境变量
$ vi /etc/profile
---编辑profile文件,在最后增加以下内容
#set java environment
export JAVA_HOME=/usr/java/jdk1.8
export JRE_HOME=${JAVA_HOME}/jre
export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
export PATH=${JAVA_HOME}/bin:$PATH
---wq保存退出
$ source /etc/profile ---执行命令让环境变量生效
$ java -version ---成功输出java版本,表明jdk安装成功
3.2 php
3.2.1 安装依赖包
$ yum install libxml2 libxml2-devel openssl openssl-devel bzip2 bzip2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel gmp gmp-devel libmcrypt libmcrypt-devel readline readline-devel libxslt libxslt-deve
3.2.2 yum安装
$ rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
$ yum -y install php73 php73-cli php73-common php73-devel php73-embedded php73-fpm php73-gd php73-mbstring php73-mysqlnd php73-opcache php73-pdo php73-xml php73-php-pecl-redis5.x86_64 php73-php-json.x86_64 php73-pear.noarch
$ pecl install redis
3.2.3 启动php-fpm
$ systemctl enable php-fpm
$ systemctl start php-fpm
4. 服务器安装
4.1 Tomcat
4.1.1 安装
上传tomcat至/app/src目录
$ cd /app/src
$ mkdir /app/webserver ---创建应用服务器目录
$ mkdir /app/website ---创建站点文件目录
$ unzip apache-tomcat-7.0.47.zip
$ cd apache-tomcat-7.0.47/bin
$ chmod 755 *.sh
$ ./startup.sh ---启动
$ ./shutdown.sh ---关闭
4.1.2 自启动
$ vim /etc/init.d/tomcat
主要tomcat路径
CATALINA_HOME="/app/webserver/tomcat"
#!/bin/bash
#
# kenny kenny.zhou@tom.com
# /etc/rc.d/init.d/tomcat
# init script for tomcat precesses
#
# processname: tomcat
# description: tomcat is a j2se server
# chkconfig: 2345 86 16
# description: Start up the Tomcat servlet engine.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ]; then
. /etc/rc.d/init.d/functions
else
echo -e "/atomcat: unable to locate functions lib. Cannot continue."
exit -1
fi
RETVAL=$?
CATALINA_HOME="/app/webserver/tomcat"
case "$1" in
start)
if [ -f $CATALINA_HOME/bin/startup.sh ];
then
echo $"Starting Tomcat"
$CATALINA_HOME/bin/startup.sh
fi
;;
stop)
if [ -f $CATALINA_HOME/bin/shutdown.sh ];
then
echo $"Stopping Tomcat"
$CATALINA_HOME/bin/shutdown.sh
fi
;;
*)
echo $"Usage: $0 {start|stop}"
exit 1
;;
esac
exit $RETVAL
$ chmod 755 /etc/init.d/tomcat
$ chkconfig tomcat on
$ service tomcat start
$ service tomcat stop
在tomcat/bin/catalina.sh文件中加入以下语句
export JAVA_HOME=/usr/java/jdk1.8
export CATALINA_HOME=/app/webserver/tomcat
export CATALINA_BASE=/app/webserver/tomcat
export CATALINA_TMPDIR=/app/webserver/tomcat/temp
4.2 Nginx-1.16.0
4.2.1 安装PCRE库
PCRE用于提供编译环境的函数库,上传pcre源码包至/app/src目录下
$ cd /app/src
$ tar -zxvf pcre-8.43.tar.gz
$ cd pcre-8.43
$ ./configure
$ make && make install
4.2.2 安装zlib库
上传zlib源码包至/app/src目录下
$ cd /app/src
$ tar -zxvf zlib-1.2.11.tar.gz
$ cd zlib-1.2.11
$ ./configure
$ make && make install
4.2.3 安装ssl
上传openssl源码包至/app/src目录下
$ cd /app/src
$ tar -zxvf openssl-1.1.1g.tar.gz
$ cd openssl-1.1.1g
$ ./config
$ make && make install
4.2.4 安装nginx
上传nginx源码包至/app/src目录下
$ cd /app/src
$ tar -zxvf nginx-1.17.0.tar.gz
$ cd nginx-1.17.0
$ ./configure --sbin-path=/usr/local/nginx/nginx --conf-path=/usr/local/nginx/nginx.conf --pid-path=/usr/local/nginx/nginx.pid --with-http_ssl_module --with-pcre=/app/src/pcre-8.43 --with-zlib=/app/src/zlib-1.2.11 --with-openssl=/app/src/openssl-1.1.1g
$ make && make install
4.2.5 修改nginx.conf,让nginx支持php
$ vi /usr/local/nginx/nginx.conf
---编辑nginx.conf文件
---在http server index 后添加index.php
---在http server中添加如下代码
location ~ .php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
创建php文件测试
\$ vi /usr/local/nginx/html/index.php
添加如下代码
<?php
phpinfo();
?>
浏览器访问该服务器id,本机测试为http://IP地址,如果能正常访问,则配置成功
4.2.6 配置nginx开机启动
$ vi /etc/init.d/nginx
#! /bin/bash
#chkconfig: - 85 15
PATH=/usr/local/nginx
DESC="nginx daemon"
NAME=nginx
DAEMON=$PATH/$NAME
CONFIGFILE=$PATH/$NAME.conf
PIDFILE=$PATH/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
set -e
[ -x "$DAEMON" ] || exit 0
do_start() {
$DAEMON -c $CONFIGFILE || echo -n "nginx already running"
}
do_stop() {
$DAEMON -s stop || echo -n "nginx not running"
}
do_reload() {
$DAEMON -s reload || echo -n "nginx can't reload"
}
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
do_start
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
do_stop
echo "."
;;
reload|graceful)
echo -n "Reloading $DESC configuration..."
do_reload
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
do_stop
do_start
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|reload|restart}" >&2
exit 3
;;
esac
exit 0
设置权限,启动nginx
$ chmod 755 /etc/init.d/nginx
$ chkconfig nginx on
$ systemctl start nginx ---启动
$ systemctl restart nginx ---重启
$ systemctl stop nginx ---关闭
5. 文件同步安装
例如,要将服务器A的文件,同步到服务器B
5.1 待同步服务器A
5.1.1 安装rsync
上传rsync至/app/src目录下
$ cd /app/src
$ tar -zxvf rsync-3.1.3.tar.gz
$ cd rsync-3.1.3
$ ./configure --prefix=/usr/local/rsync --disable-ipv6 --disable-iconv
$ make && make install
5.1.2 配置rsync
$ vi /etc/rsyncd.conf
-----------------------------------------------------------
uid=root
gid=root
use chroot=yes
max connections=10
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
[cjsw-cms]
path = /app/websites/cjsw-cms
hosts allow = 10.6.0.218
ignore errors
read only = no
write only = no
5.1.3 配置rsync自启动
启动rsync
$ /usr/local/rsync/bin/rsync --daemon
设置rsync开机启动
$ vi /etc/init.d/rsyncd
#!/bin/bash
#
# rsyncd This shell script takes care of starting and stopping standalone rsync.
#
# chkconfig: - 99 50
# description: rsync is a file transport daemon
# processname: rsync
# config: /etc/rsyncd.conf
# Source function library
. /etc/rc.d/init.d/functions
RETVAL=0
prog="rsync"
PPATH="/usr/local/rsync/bin/"
# Your rsync config file path
CFILE="/etc/rsyncd.conf"
OPTIONS="--daemon -4 --config $CFILE"
start() {
# Start daemons.
[ -x $PPATH$prog ] || { echo "FATAL: No such programme"; exit 4; }
[ -f $CFILE ] || { echo "FATAL: config file does not exist"; exit 6; }
echo -n $"Starting $prog: "
daemon $PPATH$prog $OPTIONS
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Shutting down $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
# call the function we defined
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
exit 2
esac
exit $RETVAL
$ chmod 755 /etc/init.d/rsyncd
$ chkconfig rsyncd on
$ systemctl start rsyncd ---启动
$ systemctl stop rsyncd ---关闭
5.2 同步源服务器B
5.2.1 安装rsync
上传rsync至/app/src目录下
$ cd /app/src
$ tar -zxvf rsync-3.1.3.tar.gz
$ cd rsync-3.1.3
$ ./configure --prefix=/usr/local/rsync --disable-ipv6 --disable-iconv
$ make && make install
被同步方rsync为client不需要配置rsyncd.conf,建立一个空的/etc/rsyncd.conf文件即可
5.2.2 安装lsyncd
上传lsyncd至/app/src目录下
$ yum install lua lua-devel lua-static pkgconfig gcc asciidoc
$ cd /app/src
$ tar -zxvf lsyncd-release-2.2.3.tar.gz
$ cd lsyncd-release-2.2.3
$ cmake -DCMAKE_INSTALL_PREFIX=/usr/local/lsyncd
$ make && make install
$ mkdir /var/log/lsyncd ---创建日志目录
5.2.3 配置lsyncd
$ vi /etc/lsyncd.lua
settings {
logfile="/var/log/lsyncd/lsyncd.log",
statusFile="/var/log/lsyncd/lsyncd.status",
maxDelays=1,
maxProcesses=6,
statusInterval=20
}
sync {
default.rsync,
source = "/app/websites/gdsw-cms/upload/1",
target = "10.6.61.60::gdsw-www",
exclude="/WEB-INF**",
rsync = {
binary = "/usr/local/rsync/bin/rsync",
archive = true,
compress = true,
whole_file = false
}
}
注:exclude中的/对应的是source目录而不是系统的根目录
测试运行lsyncd
$ lsyncd /etc/lsyncd.lua
查看lsyncd运行
$ tail -200f /var/log/lsyncd/lsyncd.log
5.2.4 配置lsyncd自启动
$ vi /etc/init.d/lsyncd
#!/bin/bash
#
# lsyncd: Starts the lsync Daemon
#
# chkconfig: 345 99 90
# description:Lsyncd uses rsync to synchronize local directories with a remote
# machine running rsyncd. Lsyncd watches multiple directories
# trees through inotify. The first step after adding the watches
# is to, rsync all directories with the remote host, and then sync
# single file buy collecting the inotify events.
# processname: lsyncd
. /etc/rc.d/init.d/functions
lsyncd="/usr/local/lsyncd/bin/lsyncd"
lockfile="/var/lock/subsys/lsyncd"
pidfile="/var/run/lsyncd.pid"
prog="lsyncd"
RETVAL=0
start() {
if [ -f $lockfile ]; then
echo -n $"$prog is already running: "
echo
else
echo -n $"Starting $prog: "
daemon "$lsyncd /etc/lsyncd.lua"
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch $lockfile
return $RETVAL
fi
}
stop() {
echo -n $"Stopping $prog: "
killproc $lsyncd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f $lockfile
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
status $lsyncd
;;
*)
echo "Usage: lsyncd {start|stop|restart|status}"
exit 1
esac
exit $?
$ chmod 775 /etc/init.d/lsyncd
$ chkconfig lsyncd on
$ systemctl start lsyncd ---启动
$ systemctl stop lsyncd ---关闭
6.建设SVN服务器
6.1 安装svn
$ sudo yum install subversion
$ which svnserve
/bin/svnserve
$ svnserve --version
subversion默认以/var/svn作为数据根目录,可以通过/etc/sysconfig/svnserve修改这个默认位置。
将根目录修改到/app/svn下。
6.2 建立版本库
使用svnadmin建立版本库report1
$ svnadmin create /app/svn/report1
6.3 配置版本库
配置版本库需要修改板块库下的三个配置文件,说明如下
路径/app/svn/report1/conf
authz 负责账号权限的管理,控制账号是否读写权限
passwd 负责账号和密码的用户名单管理
svnserve.conf svn服务器配置文件
修改passwd
# 格式:用户名 = 密码
修改authz
[groups]
team = harry,sally
test = joe
[repoWeb:/]
* = r
@team = rw
@test = r
# 以上表明有组team、test分别包含不同的用户,对于具体路径repoWeb:/,两个组具有不同权限
# team具有读写权限,test具有读权限
修改svnserve.conf
[general]
anon-access = none #控制非鉴权用户访问版本库的权限
auth-access = write #控制鉴权用户访问版本库的权限
password-db = passwd #指定用户名口令文件名
authz-db = authz #指定权限配置文件名
realm = spring-hello-world #指定版本库的认证域,即在登录时提示的认证域名称
6.4 启动SVN
手动启动
$ systemctl start svnserve
$ netstat -apn|grep svn
# 查看启动后端口为3690
# 重启
$ systemctl restart svnserve
# 停止
$ systemctl stop svnserve
# 状态
$ systemctl status svnserve
添加自启动
$ systemctl enable svnserve
7. 设置防火墙
如果是云服务器(阿里云,腾讯云等)还需要考虑云服务器自身的网络安全策略,否则端口可能依然无法使用
启动防火墙
$ systemctl start firewalld
$ systemctl stop firewalld
$ systemctl restart firewalld
查看所有开放的端口
firewall-cmd --zone=public --list-ports
开放常规端口(centos7),--permanent永久生效,不加则重启后生效
$ firewall-cmd --zone=public --add-port=80/tcp --permanent
$ firewall-cmd --zone=public --add-port=22/tcp --permanent
$ firewall-cmd --zone=public --add-port=8080/tcp --permanent
$ firewall-cmd --zone=public --add-port=3306/tcp --permanent
$ firewall-cmd --zone=public --add-port=1521/tcp --permanent
$ firewall-cmd --zone=public --add-port=1433/tcp --permanent
$ firewall-cmd --zone=public --add-port=6379/tcp --permanent
$ firewall-cmd --zone=public --add-port=873/tcp --permanent
$ firewall-cmd --zone=public --add-port=3690/tcp --permanent
如若还想开放8080,3306,6379,873等端口号可按上述方法添加,添加完成之后执行
$ firewall-cmd --reload