50
CentOS7常用環境設置
一、雲服務器ECS
地域:華東2
係統鏡像:CentOS 7.3 64位
設置安全組,開放端口:80、3306、27017、21、22、3717、8888、5672、15672、25672
二、防火牆設置
1、 查看防火牆是否打開
firewall-cmd --state
2、 打開防火牆
systemctl start firewalld
3、 設置防火牆開機啟動
systemctl enable firewalld
4、 添加端口
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
5、 查看開放端口狀況
firewall-cmd --list-all
三、JDK安裝
1、 驗證係統內是否有可用jdk
直接運行java,若沒有命令參數規範提示,則說明當前係統內沒有jdk
2、 搜索yum裏可用的jdk版本
yum search jdk
3、 安裝最新可用jdk版本
yum install -y java-1.8.0-openjdk
4、 配置jdk係統環境變量
配置JAVA虛擬內存,修改/etc/java/java.conf,添加
JAVA_OPTS="-server -XX:PermSize:512M -XX:MaxPermSize=1024M"
修改/etc/java/java.conf,添加
JAVA_HOME=$JVM_ROOT/jre
四、安裝熵服務
CentOS7係統內在啟支tomcat時,Tomcat的SessionID是通過SHA1PRNG算法計算得到的,SHA1算法需要一個密鑰,這個密鑰在Tomcat啟動的時候隨機生成一個,生成是使用了Linux隨機函數生成器/dev/random。
/dev/random會根據 噪音 產生隨機數,如果噪音不夠它就會阻塞。Linux是通過I/O,鍵盤終端、內存使用量、CPU利用率等方式來收集噪音的,如果噪音不夠生成隨機數的時候就會被阻塞。
解決辦法:安裝熵服務(若不安裝該服務,則tomcat啟動會特別慢)
1、 安裝熵服務
yum install rng-tools
2、 啟動熵服務
systemctl start rngd
3、 為熵服務添加隨機啟動
systemctl enable rngd.service
五、Tomcat安裝
1、 下載tomcat9
wget https://mirror.bit.edu.cn/apache/tomcat/tomcat-9/v9.0.0.M4/bin/apache-tomcat-9.0.0.M4.tar.gz
2、 解壓tomcat包
tar -zxvf apache-tomcat-9.0.0.M4.tar.gz
3、 將tomcat移動到usr目錄下
mv apache-tomcat-9.0.0.M4 /usr/share/tomcat9
4、 創建快捷鍵
cd /root
ln -s /usr/share/tomcat9/ tomcat9
5、 創建/usr/lib/systemd/system/tomcat9.service文件
[Unit]
Description=Tomcat9
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
Environment='CATALINA_PID=/usr/share/tomcat9/bin/tomcat.pid'
Environment='CATALINA_HOME=/usr/share/tomcat9'
Environment='CATALINA_BASE=/usr/share/tomcat9/'
WorkingDirectory=/usr/share/tomcat9/
ExecStart=/usr/share/tomcat9/bin/startup.sh
ExecReload=
ExecStop=/usr/share/tomcat9/bin/shutdown.sh
PrivateTmp=true
[Install]
WantedBy=multi-user.target
6、 為tomcat9.service添加執行權限
chmod a+x /usr/lib/systemd/system/tomcat9.service
7、 為tomcat9.sh添加隨機啟動
systemctl enable mysqld.service
8、 修改端口與字符編碼
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443"/>
修改為
<Connector port="80" maxHttpHeaderSize="8192" redirectPort="8443" enableLookups="false" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on" URIEncoding="UTF-8" compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/html,text/xml,text/javascript,text/css,text/plain"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
修改為
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8"/>
9、 Tomcat9服務
啟動:systemctl start tomcat9.service
關閉:systemctl stop tomcat9.service
六、MySQL數據庫(5.7版本)
1、 下載mysql的repo源
wget https://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
2、 安裝rpm包
rpm -ivh mysql-community-release-el7-5.noarch.rpm
3、 安裝mysql
yum install mysql-server
4、 啟動mysql服務
systemctl start mysqld.service
5、 設置root密碼
/usr/bin/mysqladmin -u root password ‘123456’
6、 設置字符編碼
修改/etc/my.cnf文件,添加以下內容
[client]
default-character-set=utf8mb4
[mysqld]
lower_case_table_names=1
character-set-server=utf8mb4
default-storage-engin=INNODB
7、 設置mysql隨服務器啟動
systemctl enable mysqld.service
8、 mysql服務
啟動:systemctl start mysqld.service
重啟:systemctl restart mysqld.service
關閉:systemctl stop mysqld.service
9、 刪除無用mysql用戶
進入mysql:mysql -u root –p
use mysql;
delete from user where user = “”;
10、 添加一個數據庫用戶,並限製隻能在外網訪問
create user 'testUser'@'%' identified by '123456';
11、 創建數據庫,並將權限分配給用戶
create database ankopipeline;
grant all on ankopipeline.* to 'testUser'@'%';
flush privileges;
12、 添加對外端口訪問
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
七、MongoDB數據庫
1、 添加文件/etc/yum.repos.d/mongodb-org-3.4.repo,文件內容如下
[mongodb-org-3.4]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.4/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.4.asc
2、 通過yum安裝mongodb
yum install -y mongodb-org
3、 設置mongo隨服務器啟動
systemctl enable mongod.service
4、 mongo服務
啟動:systemctl start mongod.service
重啟:systemctl restart mongod.service
關閉:systemctl stop mongod.service
5、 去除IP綁定(mongoDB默認限製隻能本機使用)
編輯/etc/mongod.conf
將bindIp設置注釋掉
6、 添加對外端口訪問
firewall-cmd --zone=public --add-port=27017/tcp --permanent
firewall-cmd --reload
備注:
mongoDB默認密碼加密用的是SCRAM-SHA-1,但在驗證時用的是MONGODB-CR;需要將修改schema版本。
use admin
var schema = db.system.version.findOne({"_id" : "authSchema"})
schema.currentVersion = 3
db.system.version.save(schema)
7、 添加數據庫
use ankopipeline;
db.item.insert({"name":"test"}); 為數據庫添加數據(沒有任何數據的數據庫,不會被顯示出來)
8、 創建用戶
db.dropUser("tony");
db.createUser({user:"tony",pwd:"tony123",roles:[{role:"dbAdmin",db:"ankopipeline"}]});
注意,要在ankopipeline數據庫下執行該指令
八、安裝RabbitMQ
1、 創建一般用戶rabbitmq,運行rabbitmq
useradd rabbitmq
2、 設置主機名
echo rabbit1 > /etc/hostname
3、 安裝依賴包
yum -y install make gcc gcc-c++ m4 ncurses-devel openssl-devel unixODBC-devel
4、 下載源碼
wget https://erlang.org/download/otp_src_19.3.tar.gz
wget https://www.rabbitmq.com/releases/rabbitmq-server/v3.6.9/rabbitmq-server-generic-unix-3.6.9.tar.xz
5、 安裝Erlang(RabbitMQ是用Erlang開發的)
tar xzf otp_src_19.3.tar.gz
cd otp_src_19.3
./configure --prefix=/usr/local/erlang --enable-shared-zlib --with-ssl --enable-threads --enable-smp-support --enable-kernel-poll --enable-hipe --without-javac
make && make install
注意Erlang安裝目錄,前後設置要一致
6、 解壓rabbitmq
tar xvJf rabbitmq-server-generic-unix-3.6.9.tar.xz
mv rabbitmq_server-3.6.9 /usr/share/rabbitmq
7、 rabbitmq環境變量配置
sed -i 's@^ERL_DIR=.*@ERL_DIR=/usr/local/erlang/bin/@' /usr/share/rabbitmq/sbin/rabbitmq-defaults
sed -i 's@^LOG_BASE=.*@LOG_BASE=/usr/share/rabbitmq/var/log/rabbitmq@' /usr/share/rabbitmq/sbin/rabbitmq-defaults
mkdir -p /usr/share/rabbitmq/var/{lib,log}/rabbitmq
8、 RabbitMQ讀寫插件
wget https://pkgs.fedoraproject.org/cgit/rpms/rabbitmq-server.git/plain/rabbitmq-script-wrapper
注意上麵鏈接下載不到rabbitmq-script-wrapper文件,文件內容如下
#!/bin/sh
## The contents of this file are subject to the Mozilla Public License
## Version 1.1 (the "License"); you may not use this file except in
## compliance with the License. You may obtain a copy of the License
## at https://www.mozilla.org/MPL/
##
## Software distributed under the License is distributed on an "AS IS"
## basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
## the License for the specific language governing rights and
## limitations under the License.
##
## The Original Code is RabbitMQ.
##
## The Initial Developer of the Original Code is GoPivotal, Inc.
## Copyright (c) 2007-2015 Pivotal Software, Inc. All rights reserved.
##
SED_OPT="-E"
if [ $(uname -s) = "Linux" ]; then
SED_OPT="-r"
fi
for arg in "$@" ; do
# Wrap each arg in single quotes and wrap single quotes in double quotes, so that they're passed through cleanly.
arg=`printf %s "$arg" | sed $SED_OPT -e "s/'/'\"'\"'/g"`
CMDLINE="${CMDLINE} '${arg}'"
done
cd /usr/share/rabbitmq/var/lib/rabbitmq
SCRIPT=`basename $0`
if [ `id -u` = `id -u rabbitmq` -a "$SCRIPT" = "rabbitmq-server" ] ; then
RABBITMQ_ENV=/usr/share/rabbitmq/sbin/rabbitmq-env
RABBITMQ_SCRIPTS_DIR=$(dirname "$RABBITMQ_ENV")
. "$RABBITMQ_ENV"
exec /usr/share/rabbitmq/sbin/rabbitmq-server "$@"
elif [ `id -u` = `id -u rabbitmq` -o "$SCRIPT" = "rabbitmq-plugins" ] ; then
if [ -f $PWD/.erlang.cookie ] ; then
export HOME=.
fi
exec /usr/share/rabbitmq/sbin/${SCRIPT} "$@"
elif [ `id -u` = 0 ] ; then
su rabbitmq -s /bin/sh -c "/usr/share/rabbitmq/sbin/${SCRIPT} ${CMDLINE}"
else
/usr/share/rabbitmq/sbin/${SCRIPT}
echo
echo "Only root or rabbitmq should run ${SCRIPT}"
echo
exit 1
fi
sed -i 's@cd /var/lib/rabbitmq@cd /usr/share/rabbitmq/var/lib/rabbitmq@g' rabbitmq-script-wrapper #更改rabbitmq數據存儲目錄
sed -i 's@/usr/lib/rabbitmq/bin/@/usr/share/rabbitmq/sbin/@g' rabbitmq-script-wrapper
chmod +x rabbitmq-script-wrapper
cp rabbitmq-script-wrapper /usr/sbin/rabbitmqctl
cp rabbitmq-script-wrapper /usr/sbin/rabbitmq-server
cp rabbitmq-script-wrapper /usr/sbin/rabbitmq-plugins
chown -R rabbitmq.rabbitmq /usr/share/rabbitmq/var
9、 rabbitmq日誌割接
新建文件/etc/logrotate.d/rabbitmq-server
內容如下
/usr/share/rabbitmq/var/log/rabbitmq/*.log {
weekly
missingok
rotate 20
compress
delaycompress
notifempty
sharedscripts
postrotate
/sbin/service rabbitmq-server rotate-logs > /dev/null
endscript
}
10、 rabbitmq啟動腳本
新建文件/etc/init.d/rabbitmq-server
#!/bin/sh
#
# rabbitmq-server RabbitMQ broker
#
# chkconfig: - 80 05
# description: Enable AMQP service provided by RabbitMQ
#
### BEGIN INIT INFO
# Provides: rabbitmq-server
# Required-Start: $remote_fs $network
# Required-Stop: $remote_fs $network
# Description: RabbitMQ broker
# Short-Description: Enable AMQP service provided by RabbitMQ broker
### END INIT INFO
# Source function library.
. /etc/init.d/functions
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/erlang/bin
NAME=rabbitmq-server
DAEMON=/usr/sbin/${NAME}
CONTROL=/usr/sbin/rabbitmqctl
DESC=rabbitmq-server
USER=rabbitmq
ROTATE_SUFFIX=
INIT_LOG_DIR=/usr/share/rabbitmq/var/log/rabbitmq
PID_FILE=/var/run/rabbitmq/pid
START_PROG="daemon"
LOCK_FILE=/var/lock/subsys/$NAME
test -x $DAEMON || exit 0
test -x $CONTROL || exit 0
RETVAL=0
set -e
[ -f /etc/default/${NAME} ] && . /etc/default/${NAME}
[ -f /etc/sysconfig/${NAME} ] && . /etc/sysconfig/${NAME}
ensure_pid_dir () {
PID_DIR=`dirname ${PID_FILE}`
if [ ! -d ${PID_DIR} ] ; then
mkdir -p ${PID_DIR}
chown -R ${USER}:${USER} ${PID_DIR}
chmod 755 ${PID_DIR}
fi
}
remove_pid () {
rm -f ${PID_FILE}
rmdir `dirname ${PID_FILE}` || :
}
start_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
echo RabbitMQ is currently running
else
RETVAL=0
# RABBIT_NOFILES_LIMIT from /etc/sysconfig/rabbitmq-server is not handled
# automatically
if [ "$RABBITMQ_NOFILES_LIMIT" ]; then
ulimit -n $RABBITMQ_NOFILES_LIMIT
fi
ensure_pid_dir
set +e
RABBITMQ_PID_FILE=$PID_FILE $START_PROG $DAEMON \
> "${INIT_LOG_DIR}/startup_log" \
2> "${INIT_LOG_DIR}/startup_err" \
0<&- &
$CONTROL wait $PID_FILE >/dev/null 2>&1
RETVAL=$?
set -e
case "$RETVAL" in
0)
echo SUCCESS
if [ -n "$LOCK_FILE" ] ; then
touch $LOCK_FILE
fi
;;
*)
remove_pid
echo FAILED - check ${INIT_LOG_DIR}/startup_\{log, _err\}
RETVAL=1
;;
esac
fi
}
stop_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
set +e
$CONTROL stop ${PID_FILE} > ${INIT_LOG_DIR}/shutdown_log 2> ${INIT_LOG_DIR}/shutdown_err
RETVAL=$?
set -e
if [ $RETVAL = 0 ] ; then
remove_pid
if [ -n "$LOCK_FILE" ] ; then
rm -f $LOCK_FILE
fi
else
echo FAILED - check ${INIT_LOG_DIR}/shutdown_log, _err
fi
else
echo RabbitMQ is not running
RETVAL=0
fi
}
status_rabbitmq() {
set +e
if [ "$1" != "quiet" ] ; then
$CONTROL status 2>&1
else
$CONTROL status > /dev/null 2>&1
fi
if [ $? != 0 ] ; then
RETVAL=3
fi
set -e
}
rotate_logs_rabbitmq() {
set +e
$CONTROL rotate_logs ${ROTATE_SUFFIX}
if [ $? != 0 ] ; then
RETVAL=1
fi
set -e
}
restart_running_rabbitmq () {
status_rabbitmq quiet
if [ $RETVAL = 0 ] ; then
restart_rabbitmq
else
echo RabbitMQ is not runnning
RETVAL=0
fi
}
restart_rabbitmq() {
stop_rabbitmq
start_rabbitmq
}
case "$1" in
start)
echo -n "Starting $DESC: "
start_rabbitmq
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
stop_rabbitmq
echo "$NAME."
;;
status)
status_rabbitmq
;;
rotate-logs)
echo -n "Rotating log files for $DESC: "
rotate_logs_rabbitmq
;;
force-reload|reload|restart)
echo -n "Restarting $DESC: "
restart_rabbitmq
echo "$NAME."
;;
try-restart)
echo -n "Restarting $DESC: "
restart_running_rabbitmq
echo "$NAME."
;;
*)
echo "Usage: $0 {start|stop|status|rotate-logs|restart|condrestart|try-restart|reload|force-reload}" >&2
RETVAL=1
;;
esac
exit $RETVAL
11、 添加RabbitMQ-Server執行權限,並設置自啟動
hmod +x /etc/init.d/rabbitmq-server
chkconfig --add rabbitmq-server
chkconfig rabbitmq-server on
12、 修改rabbitmq.config
新建文件/usr/share/rabbitmq/etc/rabbitmq/rabbitmq.config
內容如下(注意:default_user,default_pass,loopback_users)(注意末尾點號)
[
{rabbit, [
{tcp_listeners,[5672]},
{tcp_listen_options, [binary, {packet,raw},
{reuseaddr,true},
{backlog,128},
{nodelay,true},
{exit_on_close,false},
{keepalive,true}]},
{default_vhost, <<"/">>},
{default_user, <<"guest">>},
{default_pass, <<"guest">>},
{loopback_users, ["guest"]},
{default_permissions, [<<".*">>, <<".*">>, <<".*">>]}
]}
].
13、 將Erlang路徑添加到PATH中
vi /usr/sbin/rabbitmq-server
添加
export PAHT=$PATH:/usr/local/erlang/bin
14、 開啟rabbitmq manager
vi /usr/share/rabbitmq/etc/rabbitmq/enabled_plugins
內容如下(注意末尾點號)
[rabbitmq_management].
15、 啟動rabbitmq
service rabbitmq-server start
13、 添加對外端口訪問
firewall-cmd --zone=public --add-port=5672/tcp --permanent
firewall-cmd --zone=public --add-port=15672/tcp --permanent
firewall-cmd --zone=public --add-port=25672/tcp --permanent
firewall-cmd --reload
16、 進入管理頁麵
瀏覽器訪問https://公網IP:15672
用戶名和密碼,是在第12步設置的default_user和default_pass
最後更新:2017-08-20 12:02:23