qemu 半虚拟化 + kvm 硬件虚拟化
libvirtd 应用与内核的交互 管理内核虚拟的
################安装父虚拟机#############
cd /etc/udev/
cd rules.d/
rm -fr 70-persistent-net.rules
cd /etc/sysconfig/network-scripts/
vi ifcfg-eth0 ##修改网卡配置文件
DEVICE=eth0
ONBOOT=yes
BOOTPROTO='static'
IPADDR=172.25.64.1
PREFIX=24
vi /etc/sysconfig/network ##修改主机名
/etc/init.d/network start ##开启服务 企业六版本里面服务全部在/etc/init.d/目录下面
ip addr show
cd /etc/sysconfig/network-scripts/
##重启服务
/etc/init.d/network restart
vi /etc/yum.repos.d/rhel-source.repo ##修改yum源
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.64.250/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
yum install vim openssh-clients lftp -y ##安装所需要的软件
yum clean all
cd
rm -fr * ##删除root家目录里面的文件
vi /etc/hosts ##加入本地解析
cd /etc/ssh/
rm -fr ssh_host_*
chkconfig iptables off ##关闭防火墙
iptables -L
vi /etc/sysconfig/selinux
SELINUX=disabled ##关闭selinux
poweroff
做完这些设定之后关闭虚拟机 不再打开
qemu-img create -f qcow2 -b test.qcow2 vm1 ##创建照片
qemu-img create -f qcow2 -b test.qcow2 vm2
qemu-img create -f qcow2 -b test.qcow2 vm3
##用照片安装vm1 vm2 vm3 三台子虚拟机
###############安装nginx#################
tar zxf nginx-1.12.0.tar.gz ##物理机把nginx-1.12.0.tar.gz发送到虚拟机 然后解压
cd nginx-1.12.0
vim nginx.h
#define nginx_version 1012000
#define NGINX_VERSION "1.12.0"
#define NGINX_VER "nginx" ##去掉NGINX_VERSION 这样编译后无法获取程序的版本号
cd auto/
cd cc/
vim gcc
# debug ##注释此行 去掉debug模式编译,编译后程序只有几百K
#CFLAGS="$CFLAGS -g"
./configure --help
./configure --prefix=/usr/local/lnmp/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio
yum install -y gcc ##源码安装解决不了依赖性 我们手动解决
yum install pcre-devel -y
yum install openssl-devel -y
make ##编译c文件为二进制文件
make install ##安装到指定目录
cd /usr/local/lnmp/
cd nginx/
cd conf/
ll nginx.conf
cd sbin/
ln -s /usr/local/lnmp/nginx/sbin/nginx /usr/local/sbin/ ##软连接到执行命令路径 这样我们就可以直接用nginx来控制nginx
which nginx
nginx -t ##测试配置文件格式是否正确
nginx
netstat -antlp | grep 80
curl -I localhost
cd /usr/local/lnmp/nginx/html/ ##nginx 发布目录
关闭虚拟机 加入一个cpu核心数
free -m ##查看内存
useradd -u 800 nginx ##创建用户
lscpu ##查看cpu参数
nginx -s reload ##重新加载nginx
nginx -t ##测试nginx
ps -aux ##查看进程
top ##按1查看全部cpu
sysctl -a | grep file ##查看最大可打开文件数 worker_connections 4096; ##这个数字不能大于最大可打开文件数
虚拟机root用户:
vim /etc/security/limits.conf
#
nginx - nproc 4096 ##修改普通用户ulimit -a查看的打开文件数 和最大用户进程
nginx - nofile 4096
[nginx@server1 ~]$ ulimit -a
open files (-n) 4096
max user processes (-u) 4096
修改配置文件:::
##############进程数####################
user nginx nginx; ##进程的用户和组
worker_processes 2; ##两个进程 首先在虚拟机中添加一个cpu
worker_cpu_affinity 01 10; ##将进程与cpu绑定起来
worker_connections 4096; ##
vim /usr/local/lnmp/nginx/conf/nginx.conf
###############虚拟主机##################
server {
listen 80;
server_name www.westos.org;
location /{
root /web1;
index index.html;
}
}
server {
listen 80; ##监听端口
server_name www.linux.org; ##服务访问名
location /{
root /web2; ##发布目录
index index.html; ##发布文件
}
}
##################https#################
vim nginx.conf
server {
listen 443 ssl;
server_name localhost;
ssl_certificate cert.pem;
ssl_certificate_key cert.pem;
nginx -t
cd /etc/pki
cd tls/
cd certs/
vim Makefile
make cert.pem
[root@server1 certs]# make cert.pem ##制作证书
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -utf8 -newkey rsa:2048 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 -set_serial 0 ; \
cat $PEM1 > cert.pem ; \
echo "" >> cert.pem ; \
cat $PEM2 >> cert.pem ; \
rm -f $PEM1 $PEM2
Generating a 2048 bit RSA private key
.................................................................+++
...+++
writing new private key to '/tmp/openssl.tSjazN'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:westos
Organizational Unit Name (eg, section) []:Linux
Common Name (eg, your name or your server's hostname) []:server1
Email Address []:root@localhost
mv cert.pem /usr/local/lnmp/nginx/conf/ ##将证书移动到配置文件中证书所在的路径
cd /usr/local/lnmp/nginx/conf/
nginx -t
nginx -s reload
################负载均衡和代理##################
##########server1#########
yum install httpd -y
把httpd的端口改为8080
把servername 172.25.0.1
vim nginx.conf
http { upstream westos{ ##负载均衡器名字
server 172.25.14.2:80; ##
server 172.25.14.3:80;
server 172.25.14.1:8080 backup;
}
server {
listen 80;
server_name www.westos.org;
rewrite ^(.*)http://www.linux.org$1 permanent;
}
server {
listen 80;
server_name www.linux.org;
location /{
proxy_pass http://westos;
}
}
}
#########server2##########
修改ip网络
修改主机名
yum install httpd -y
修改httpd配置文件中的servername 172.25.14.2
#########server3#####
和server2一样
for i in {1..10}; do curl www.linux.org;done
########### apache 和 nginx ##################
Yiyi+2494
#########mysql############
tar zxf mysql-boost-5.7.17.tar.gz
cd mysql-boost-5.7.17.tar.gz
cd mysql-5.7.17/
scp root@172.25.14.250:/root/cmake-2.8.12.2-4.el6.x86_64.rpm /root/
yum install -y cmake-2.8.12.2-4.el6.x86_64.rpm ##安装cmake
yum install cmake-2.8.12.2-4.el6.x86_64.rpm -y
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/lnmp/mysql
-DMYSQL_DATADIR=/usr/local/lnmp/mysql/data
-DMYSQL_UNIX_ADDR=/usr/local/lnmp/mysql/data/mysql.sock
-DWITH_MYISAM_STORAGE_ENGINE=1
-DWITH_PARTITION_STORAGE_ENGINE=1
-DENABLED_LOCAL_INFILE=1 -DDEFAULT_CHARSET=utf8
-DDEFAULT_COLLATION=utf8_general_ci
-DEXTRA_CHARSETS=all
-DWITH_BOOST=boost/boost_1_59_0/
cd mysql-5.7.17/
yum install gcc-c++ -y ##解决软件依赖性
yum install ncurses-devel -y
rm -f CMakeCache.txt
yum install bison -y
rm -f CMakeCache.txt
make ##编译
make install ##安装
cd mysql/
cd /etc/
cp my.cnf my.cnf.bak ##备份
cd /usr/local/lnmp/mysql/
cd support-files/
cp my-default.cnf /etc/my.cnf ##将文件覆盖/etc/my.cnf
vim mysql.server
cp mysql.server /etc/init.d/mysqld
ll /etc/init.d/mysqld
yum list mysql-server
useradd -u 27 -s /sbin/nologin mysql ##创建一个uid为27 没有shell的用户
groupmod -g 27 mysql
id mysql
chown mysql.mysql -R . ##修改/usr/local/lnmp/mysql的用户和组
cd bin/
vim ~/.bash_profile
:/usr/local/lnmp/mysql/bin
source ~/.bash_profile ##加载路径
echo $PATH
mysql_install_db --user=mysql --basedir=/usr/local/lnmp/mysql/ --datadir=/usr/local/lnmp/mysql/data
cd data/
mysqld --initialize ##初始化
cd data/
chown mysql.mysql * -R
/etc/init.d/mysqld start ##开启数据库
mysql -p
alter user root@localhost identified by '密码'; ##修改数据库密码
[root@server1 data]# mysql_secure_installation -p ##mysql的安全性设置
Enter password:
Securing the MySQL server deployment.
VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?
Press y|Y for Yes, any other key for No:
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) :
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y ##是否移除匿名用户
Success.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y ##是否禁止使用远程登陆
Success.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y ##是否移除测试库
- Dropping test database...
Success.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y ##是否重新加载权限
Success.
回去之后看 DQL DML DDL DCL
####################php###############
scp root@172.25.14.250:/root/php-5.6.20.tar.bz2 /root/
tar jxf php-5.6.20.tar.bz2
cd php-5.6.20
./configure --prefix=/usr/local/lnmp/php --with-config-file-path=/usr/local/lnmp/php/etc --with-mysql --with-mysqli --with-pdo-mysql --enable-mysqlnd --with-openssl --with-snmp --with-gd --with-zlib --with-curl --with-libxml-dir --with-png-dir --with-jpeg-dir --with-freetype-dir --with-pear --with-gettext --with-gmp --enable-inline-optimization --enable-soap --enable-ftp --enable-sockets --enable-mbstring --enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx --with-mcrypt --with-mhash
yum install libxml2-devel -y ##解决软件依赖性
yum install -y curl-devel
yum install /root/gd-devel-2.0.35-11.el6.x86_64.rpm -y
yum install gmp-devel -y
yum install libmcrypt-2.5.8-9.el6.x86_64.rpm libmcrypt-devel-2.5.8-9.el6.x86_64.rpm -y
yum install /root/libmcrypt-2.5.8-9.el6.x86_64.rpm /root/libmcrypt-devel-2.5.8-9.el6.x86_64.rpm -y
yum install net-snmp-devel -y
yum install /root/re2c-0.13.5-1.el6.x86_64.rpm -y
make ##编译
make install ##安装
cd /usr/local/lnmp/php/
cd etc/
cp php-fpm.conf.default php-fpm.conf
cd ..
cd
cd php-5.6.20
cp php.ini-production /usr/local/lnmp/php/etc/php.ini ##生产配置文件
cd /usr/local/lnmp/php/etc/
vim php.ini
925 date.timezone = Asia/Shanghai
1001 pdo_mysql.default_socket=/usr/local/lnmp/mysql/data/mysql.sock
1150 mysql.default_socket =/usr/local/lnmp/mysql/data/mysql.sock
1209 mysqli.default_socket =/usr/local/lnmp/mysql/data/mysql.sock
ll /usr/local/lnmp/mysql/data/mysql.sock
vim php-fpm.conf
25 pid = run/php-fpm.pid
cd
cd php-5.6.20
cd sapi/
cd fpm/
cp init.d.php-fpm /etc/init.d/php-fpm
chmod +x /etc/init.d/php-fpm
/etc/init.d/php-fpm start ##开启php
cd /usr/local/lnmp/nginx/
cd conf/
vim nginx.conf ##nginx和php的关联
71 location ~ \.php$ {
72 root html;
73 fastcgi_pass 127.0.0.1:9000; ##php的端口
74 fastcgi_index index.php;
75 #fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
76 include fastcgi.conf;
77 }
nginx -t
cat fastcgi.conf
nginx
nginx -s reload
cd ..
cd html/
vim index.php
<?php
phpinfo()
?>
######################用lnmp架构搭建论坛################
scp root@172.25.14.250:/root/Discuz_X3.2_SC_UTF8.zip /root/
yum install unzip -y ##安装unzip
unzip Discuz_X3.2_SC_UTF8.zip ##解压
mv upload/ /usr/local/lnmp/nginx/html/bbs
chmod 777 -R config/ data uc_client/ uc_server/
chmod 775 /usr/local/lnmp/mysql/data ##更改数据库数据权限
进行后台管理中心
cd /usr/local/lnmp/nginx/html/bbs/install
rm -fr index.php ##删除 为了防止二次安装