50
CentOS7常用环境设置
一、云服务器ECS
地域:华东2
系统镜像:CentOS 7.3 64位
设置安全组,开放端口:80、3306、27017、21、22、3717、8888、5672、15672、25672
二、防火墙设置
1、 查看防火墙是否打开
firewall-cmd --state
2、 打开防火墙
systemctl start firewalld
3、 设置防火墙开机启动
systemctl enable firewalld
4、 添加端口
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
5、 查看开放端口状况
firewall-cmd --list-all
三、JDK安装
1、 验证系统内是否有可用jdk
直接运行java,若没有命令参数规范提示,则说明当前系统内没有jdk
2、 搜索yum里可用的jdk版本
yum search jdk
3、 安装最新可用jdk版本
yum install -y java-1.8.0-openjdk
4、 配置jdk系统环境变量
配置JAVA虚拟内存,修改/etc/java/java.conf,添加
JAVA_OPTS="-server -XX:PermSize:512M -XX:MaxPermSize=1024M"
修改/etc/java/java.conf,添加
JAVA_HOME=$JVM_ROOT/jre
四、安装熵服务
CentOS7系统内在启支tomcat时,Tomcat的SessionID是通过SHA1PRNG算法计算得到的,SHA1算法需要一个密钥,这个密钥在Tomcat启动的时候随机生成一个,生成是使用了Linux随机函数生成器/dev/random。
/dev/random会根据 噪音 产生随机数,如果噪音不够它就会阻塞。Linux是通过I/O,键盘终端、内存使用量、CPU利用率等方式来收集噪音的,如果噪音不够生成随机数的时候就会被阻塞。
解决办法:安装熵服务(若不安装该服务,则tomcat启动会特别慢)
1、 安装熵服务
yum install rng-tools
2、 启动熵服务
systemctl start rngd
3、 为熵服务添加随机启动
systemctl enable rngd.service
五、Tomcat安装
1、 下载tomcat9
wget https://mirror.bit.edu.cn/apache/tomcat/tomcat-9/v9.0.0.M4/bin/apache-tomcat-9.0.0.M4.tar.gz
2、 解压tomcat包
tar -zxvf apache-tomcat-9.0.0.M4.tar.gz
3、 将tomcat移动到usr目录下
mv apache-tomcat-9.0.0.M4 /usr/share/tomcat9
4、 创建快捷键
cd /root
ln -s /usr/share/tomcat9/ tomcat9
5、 创建/usr/lib/systemd/system/tomcat9.service文件
[Unit]
Description=Tomcat9
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
Environment='CATALINA_PID=/usr/share/tomcat9/bin/tomcat.pid'
Environment='CATALINA_HOME=/usr/share/tomcat9'
Environment='CATALINA_BASE=/usr/share/tomcat9/'
WorkingDirectory=/usr/share/tomcat9/
ExecStart=/usr/share/tomcat9/bin/startup.sh
ExecReload=
ExecStop=/usr/share/tomcat9/bin/shutdown.sh
PrivateTmp=true
[Install]
WantedBy=multi-user.target
6、 为tomcat9.service添加执行权限
chmod a+x /usr/lib/systemd/system/tomcat9.service
7、 为tomcat9.sh添加随机启动
systemctl enable mysqld.service
8、 修改端口与字符编码
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443"/>
修改为
<Connector port="80" maxHttpHeaderSize="8192" redirectPort="8443" enableLookups="false" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on" URIEncoding="UTF-8" compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/html,text/xml,text/javascript,text/css,text/plain"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
修改为
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8"/>
9、 Tomcat9服务
启动:systemctl start tomcat9.service
关闭:systemctl stop tomcat9.service
六、MySQL数据库(5.7版本)
1、 下载mysql的repo源
wget https://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
2、 安装rpm包
rpm -ivh mysql-community-release-el7-5.noarch.rpm
3、 安装mysql
yum install mysql-server
4、 启动mysql服务
systemctl start mysqld.service
5、 设置root密码
/usr/bin/mysqladmin -u root password ‘123456’
6、 设置字符编码
修改/etc/my.cnf文件,添加以下内容
[client]
default-character-set=utf8mb4
[mysqld]
lower_case_table_names=1
character-set-server=utf8mb4
default-storage-engin=INNODB
7、 设置mysql随服务器启动
systemctl enable mysqld.service
8、 mysql服务
启动:systemctl start mysqld.service
重启:systemctl restart mysqld.service
关闭:systemctl stop mysqld.service
9、 删除无用mysql用户
进入mysql:mysql -u root –p
use mysql;
delete from user where user = “”;
10、 添加一个数据库用户,并限制只能在外网访问
create user 'testUser'@'%' identified by '123456';
11、 创建数据库,并将权限分配给用户
create database ankopipeline;
grant all on ankopipeline.* to 'testUser'@'%';
flush privileges;
12、 添加对外端口访问
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
七、MongoDB数据库
1、 添加文件/etc/yum.repos.d/mongodb-org-3.4.repo,文件内容如下
[mongodb-org-3.4]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc
2、 通过yum安装mongodb
yum install -y mongodb-org
3、 设置mongo随服务器启动
systemctl enable mongod.service
4、 mongo服务
启动:systemctl start mongod.service
重启:systemctl restart mongod.service
关闭:systemctl stop mongod.service
5、 去除IP绑定(mongoDB默认限制只能本机使用)
编辑/etc/mongod.conf
将bindIp设置注释掉
6、 添加对外端口访问
firewall-cmd --zone=public --add-port=27017/tcp --permanent
firewall-cmd --reload
备注:
mongoDB默认密码加密用的是SCRAM-SHA-1,但在验证时用的是MONGODB-CR;需要将修改schema版本。
use admin
var schema = db.system.version.findOne({"_id" : "authSchema"})
schema.currentVersion = 3
db.system.version.save(schema)
7、 添加数据库
use ankopipeline;
db.item.insert({"name":"test"}); 为数据库添加数据(没有任何数据的数据库,不会被显示出来)
8、 创建用户
db.dropUser("tony");
db.createUser({user:"tony",pwd:"tony123",roles:[{role:"dbAdmin",db:"ankopipeline"}]});
注意,要在ankopipeline数据库下执行该指令
八、安装RabbitMQ
1、 创建一般用户rabbitmq,运行rabbitmq
useradd rabbitmq
2、 设置主机名
echo rabbit1 > /etc/hostname
3、 安装依赖包
yum -y install make gcc gcc-c++ m4 ncurses-devel openssl-devel unixODBC-devel
4、 下载源码
wget https://erlang.org/download/otp_src_19.3.tar.gz
wget https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.9/rabbitmq-server-generic-unix-3.6.9.tar.xz
5、 安装Erlang(RabbitMQ是用Erlang开发的)
tar xzf otp_src_19.3.tar.gz
cd otp_src_19.3
./configure --prefix=/usr/local/erlang --enable-shared-zlib --with-ssl --enable-threads --enable-smp-support --enable-kernel-poll --enable-hipe --without-javac
make && make install
注意Erlang安装目录,前后设置要一致
6、 解压rabbitmq
tar xvJf rabbitmq-server-generic-unix-3.6.9.tar.xz
mv rabbitmq_server-3.6.9 /usr/share/rabbitmq
7、 rabbitmq环境变量配置
sed -i 's@^ERL_DIR=.*@ERL_DIR=/usr/local/erlang/bin/@' /usr/share/rabbitmq/sbin/rabbitmq-defaults
sed -i 's@^LOG_BASE=.*@LOG_BASE=/usr/share/rabbitmq/var/log/rabbitmq@' /usr/share/rabbitmq/sbin/rabbitmq-defaults
mkdir -p /usr/share/rabbitmq/var/{lib,log}/rabbitmq
8、 RabbitMQ读写插件
wget https://pkgs.fedoraproject.org/cgit/rpms/rabbitmq-server.git/plain/rabbitmq-script-wrapper
注意上面链接下载不到rabbitmq-script-wrapper文件,文件内容如下
#!/bin/sh
## The contents of this file are subject to the Mozilla Public License
## Version 1.1 (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License
## at https://www.mozilla.org/MPL/
##
## Software distributed under the License is distributed on an "AS IS"
## basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
## the License for the specific language governing rights and
## limitations under the License.
##
## The Original Code is RabbitMQ.
##
## The Initial Developer of the Original Code is GoPivotal, Inc.
## Copyright (c) 2007-2015 Pivotal Software, Inc. All rights reserved.
##
SED_OPT="-E"
if [ $(uname -s) = "Linux" ]; then
SED_OPT="-r"
fi
for arg in "$@" ; do
# Wrap each arg in single quotes and wrap single quotes in double quotes, so that they're passed through cleanly.
arg=`printf %s "$arg" | sed $SED_OPT -e "s/'/'\"'\"'/g"`
CMDLINE="${CMDLINE} '${arg}'"
done
cd /usr/share/rabbitmq/var/lib/rabbitmq
SCRIPT=`basename $0`
if [ `id -u` = `id -u rabbitmq` -a "$SCRIPT" = "rabbitmq-server" ] ; then
RABBITMQ_ENV=/usr/share/rabbitmq/sbin/rabbitmq-env
RABBITMQ_SCRIPTS_DIR=$(dirname "$RABBITMQ_ENV")
. "$RABBITMQ_ENV"
exec /usr/share/rabbitmq/sbin/rabbitmq-server "$@"
elif [ `id -u` = `id -u rabbitmq` -o "$SCRIPT" = "rabbitmq-plugins" ] ; then
if [ -f $PWD/.erlang.cookie ] ; then
export HOME=.
fi
exec /usr/share/rabbitmq/sbin/${SCRIPT} "$@"
elif [ `id -u` = 0 ] ; then
su rabbitmq -s /bin/sh -c "/usr/share/rabbitmq/sbin/${SCRIPT} ${CMDLINE}"
else
/usr/share/rabbitmq/sbin/${SCRIPT}
echo
echo "Only root or rabbitmq should run ${SCRIPT}"
echo
exit 1
fi
sed -i 's@cd /var/lib/rabbitmq@cd /usr/share/rabbitmq/var/lib/rabbitmq@g' rabbitmq-script-wrapper #更改rabbitmq数据存储目录
sed -i 's@/usr/lib/rabbitmq/bin/@/usr/share/rabbitmq/sbin/@g' rabbitmq-script-wrapper
chmod +x rabbitmq-script-wrapper
cp rabbitmq-script-wrapper /usr/sbin/rabbitmqctl
cp rabbitmq-script-wrapper /usr/sbin/rabbitmq-server
cp rabbitmq-script-wrapper /usr/sbin/rabbitmq-plugins
chown -R rabbitmq.rabbitmq /usr/share/rabbitmq/var
9、 rabbitmq日志割接
新建文件/etc/logrotate.d/rabbitmq-server
内容如下
/usr/share/rabbitmq/var/log/rabbitmq/*.log {
weekly
missingok
rotate 20
compress
delaycompress
notifempty
sharedscripts
postrotate
/sbin/service rabbitmq-server rotate-logs > /dev/null
endscript
}
10、 rabbitmq启动脚本
新建文件/etc/init.d/rabbitmq-server
#!/bin/sh
#
# rabbitmq-server RabbitMQ broker
#
# chkconfig: - 80 05
# description: Enable AMQP service provided by RabbitMQ
#
### BEGIN INIT INFO
# Provides: rabbitmq-server
# Required-Start: $remote_fs $network
# Required-Stop: $remote_fs $network
# Description: RabbitMQ broker
# Short-Description: Enable AMQP service provided by RabbitMQ broker
### END INIT INFO
# Source function library.
. /etc/init.d/functions
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/erlang/bin
NAME=rabbitmq-server
DAEMON=/usr/sbin/${NAME}
CONTROL=/usr/sbin/rabbitmqctl
DESC=rabbitmq-server
USER=rabbitmq
ROTATE_SUFFIX=
INIT_LOG_DIR=/usr/share/rabbitmq/var/log/rabbitmq
PID_FILE=/var/run/rabbitmq/pid
START_PROG="daemon"
LOCK_FILE=/var/lock/subsys/$NAME
test -x $DAEMON || exit 0
test -x $CONTROL || exit 0
RETVAL=0
set -e
[ -f /etc/default/${NAME} ] && . /etc/default/${NAME}
[ -f /etc/sysconfig/${NAME} ] && . /etc/sysconfig/${NAME}
ensure_pid_dir () {
PID_DIR=`dirname ${PID_FILE}`
if [ ! -d ${PID_DIR} ] ; then
mkdir -p ${PID_DIR}
chown -R ${USER}:${USER} ${PID_DIR}
chmod 755 ${PID_DIR}
fi
}
remove_pid () {
rm -f ${PID_FILE}
rmdir `dirname ${PID_FILE}` || :
}
start_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
echo RabbitMQ is currently running
else
RETVAL=0
# RABBIT_NOFILES_LIMIT from /etc/sysconfig/rabbitmq-server is not handled
# automatically
if [ "$RABBITMQ_NOFILES_LIMIT" ]; then
ulimit -n $RABBITMQ_NOFILES_LIMIT
fi
ensure_pid_dir
set +e
RABBITMQ_PID_FILE=$PID_FILE $START_PROG $DAEMON \
> "${INIT_LOG_DIR}/startup_log" \
2> "${INIT_LOG_DIR}/startup_err" \
0<&- &
$CONTROL wait $PID_FILE >/dev/null 2>&1
RETVAL=$?
set -e
case "$RETVAL" in
0)
echo SUCCESS
if [ -n "$LOCK_FILE" ] ; then
touch $LOCK_FILE
fi
;;
*)
remove_pid
echo FAILED - check ${INIT_LOG_DIR}/startup_\{log, _err\}
RETVAL=1
;;
esac
fi
}
stop_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
set +e
$CONTROL stop ${PID_FILE} > ${INIT_LOG_DIR}/shutdown_log 2> ${INIT_LOG_DIR}/shutdown_err
RETVAL=$?
set -e
if [ $RETVAL = 0 ] ; then
remove_pid
if [ -n "$LOCK_FILE" ] ; then
rm -f $LOCK_FILE
fi
else
echo FAILED - check ${INIT_LOG_DIR}/shutdown_log, _err
fi
else
echo RabbitMQ is not running
RETVAL=0
fi
}
status_rabbitmq() {
set +e
if [ "$1" != "quiet" ] ; then
$CONTROL status 2>&1
else
$CONTROL status > /dev/null 2>&1
fi
if [ $? != 0 ] ; then
RETVAL=3
fi
set -e
}
rotate_logs_rabbitmq() {
set +e
$CONTROL rotate_logs ${ROTATE_SUFFIX}
if [ $? != 0 ] ; then
RETVAL=1
fi
set -e
}
restart_running_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
restart_rabbitmq
else
echo RabbitMQ is not runnning
RETVAL=0
fi
}
restart_rabbitmq() {
stop_rabbitmq
start_rabbitmq
}
case "$1" in
start)
echo -n "Starting $DESC: "
start_rabbitmq
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
stop_rabbitmq
echo "$NAME."
;;
status)
status_rabbitmq
;;
rotate-logs)
echo -n "Rotating log files for $DESC: "
rotate_logs_rabbitmq
;;
force-reload|reload|restart)
echo -n "Restarting $DESC: "
restart_rabbitmq
echo "$NAME."
;;
try-restart)
echo -n "Restarting $DESC: "
restart_running_rabbitmq
echo "$NAME."
;;
*)
echo "Usage: $0 {start|stop|status|rotate-logs|restart|condrestart|try-restart|reload|force-reload}" >&2
RETVAL=1
;;
esac
exit $RETVAL
11、 添加RabbitMQ-Server执行权限,并设置自启动
hmod +x /etc/init.d/rabbitmq-server
chkconfig --add rabbitmq-server
chkconfig rabbitmq-server on
12、 修改rabbitmq.config
新建文件/usr/share/rabbitmq/etc/rabbitmq/rabbitmq.config
内容如下(注意:default_user,default_pass,loopback_users)(注意末尾点号)
[
{rabbit, [
{tcp_listeners,[5672]},
{tcp_listen_options, [binary, {packet,raw},
{reuseaddr,true},
{backlog,128},
{nodelay,true},
{exit_on_close,false},
{keepalive,true}]},
{default_vhost, <<"/">>},
{default_user, <<"guest">>},
{default_pass, <<"guest">>},
{loopback_users, ["guest"]},
{default_permissions, [<<".*">>, <<".*">>, <<".*">>]}
]}
].
13、 将Erlang路径添加到PATH中
vi /usr/sbin/rabbitmq-server
添加
export PAHT=$PATH:/usr/local/erlang/bin
14、 开启rabbitmq manager
vi /usr/share/rabbitmq/etc/rabbitmq/enabled_plugins
内容如下(注意末尾点号)
[rabbitmq_management].
15、 启动rabbitmq
service rabbitmq-server start
13、 添加对外端口访问
firewall-cmd --zone=public --add-port=5672/tcp --permanent
firewall-cmd --zone=public --add-port=15672/tcp --permanent
firewall-cmd --zone=public --add-port=25672/tcp --permanent
firewall-cmd --reload
16、 进入管理页面
浏览器访问https://公网IP:15672
用户名和密码,是在第12步设置的default_user和default_pass
最后更新:2017-08-20 12:02:23