查看linux版本信息:cat /proc/version
查看linux的ip地址:ip addr show
跟随kong官网,找到对应版本安装:https://konghq.com/install/
依赖:
- gcc sudo yum install -y pcre pcre-devel
- pcre sudo yum install -y pcre pcre-devel
- zlib sudo yum install -y zlib zlib-devel
- openssl sudo yum install -y openssl openssl-devel
- postgresql10
- epel-release yum -y install epel-release
1. 安装Kong
官网下载解压
下载:
https://konghq.com/install/,选择操作系统
sudo yum install epel-release
sudo yum install kong-0.10.3.*.noarch.rpm(下载的包所在路径及包名) --nogpgcheck
2. 安装PostgreSQL 9.5
切换到root用户: su -
2.1 添加RPM
可以试试在浏览器输入 https://download.postgresql.org/pub 看会发现什么.
rpm -Uvh https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm
2.2 安装PostgreSQL
yum install -y postgresql10-server postgresql10
2.3 初始化数据库
/usr/pgsql-10/bin/postgresql-10-setup initdb
2.4 设置开机启动 systemctl enable postgresql-10.service
2.5 启动服务 systemctl start postgresql-10.service
2.6 查看版本 psql --version
2.7 修改用户名和密码
su -postgres
psql -U postgres
alter user postgres with password 'xxx' (插入用户名为postgres的用户密码xxx)
\q
2.8 开启远程访问
vi /var/lib/pgsql/10/data/postgresql.conf
添加(或修改)listen_addresses = 'localhost' 为 listen_addresses='*'
2.9 信任远程连接
vi /var/lib/pgsql/10/data/pg_hba.conf
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/0 trust
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
2.10 重启服务 systemctl restart postgresql-10.service (退出exit)
启动命令:
systemctl start postgresql-10
3. 授权Kong数据库(增加role和database)
//grant all privileges on database kong to kong;
su - postgres << EOF
psql << XOF
CREATE USER kong; CREATE DATABASE kong OWNER kong;
XOF
EOF
//
登录命令为:
psql -U kong -d kong -h 127.0.0.1 -p 5432 (退出为\q)
4. 导入Kong数据
kong migrations up
5. 启动kong
告诉你的Linux允许进程绑定到非本地地址。只需添加以下行的/etc/sysctl.conf 文件:
net.ipv4.ip_nonlocal_bind=1
重新加载sysctl.conf的: sysctl -p /etc/sysctl.conf
kongstart
-----------------------------------------------------
linux防火墙报错:Unit iptables.service failed to load: No such file or directory.
CentOS7中执行
service iptables start/stop
会报错Failed to start iptables.service: Unit iptables.service failed to load: No such file or directory.
在CentOS 7或RHEL 7或Fedora中防火墙由firewalld来管理,
如果要添加范围例外端口 如 1000-2000
语法命令如下:启用区域端口和协议组合
firewall-cmd [--zone=<zone>] --add-port=<port>[-<port>]/<protocol> [--timeout=<seconds>]
此举将启用端口和协议的组合。端口可以是一个单独的端口 <port> 或者是一个端口范围 <port>-<port> 。协议可以是 tcp 或 udp。
实际命令如下:
添加
firewall-cmd --zone=public --add-port=80/tcp --permanent (--permanent永久生效,没有此参数重启后失效)
firewall-cmd --zone=public --add-port=1000-2000/tcp --permanent
重新载入
firewall-cmd --reload
查看
firewall-cmd --zone=public --query-port=80/tcp
删除
firewall-cmd --zone=public --remove-port=80/tcp --permanent
当然你可以还原传统的管理方式。
执行一下命令:
systemctl stop firewalld
systemctl mask firewalld
并且安装iptables-services:
yum install iptables-services
设置开机启动:
systemctl enable iptables
systemctl stop iptables
systemctl start iptables
systemctl restart iptables
systemctl reload iptables
保存设置:
service iptables save
OK,再试一下应该就好使了
开放某个端口 在/etc/sysconfig/iptables里添加
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
---------------------