下载最小的centerOS的ISO文件(只有600多MB)
虚拟机安装选择网卡:桥接网络(方便联网)和仅主机Host(方便ssh连接)
安装完成以后,配置网络,使开机自启动.
└─[255] <> ssh redis
Last login: Mon Aug 9 10:48:28 2021 from 192.168.57.1
[root@work]~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:57:6a:5c brd ff:ff:ff:ff:ff:ff
inet 172.16.100.101/22 brd 172.16.103.255 scope global noprefixroute dynamic enp0s3
valid_lft 86391sec preferred_lft 86391sec
inet6 fe80::2ad2:7094:bc38:db21/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:10:39:32 brd ff:ff:ff:ff:ff:ff
inet 192.168.57.8/24 brd 192.168.57.255 scope global noprefixroute enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::6030:cb73:bc03:4583/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@work]~# cd /etc/sysconfig/network-scripts
vim ifcfg-enp0s8
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s8"
UUID="0f9cfaee-f4ee-4767-b654-da31046131ba"
DEVICE="enp0s8"
ONBOOT="yes"
IPADDR="192.168.57.8"
CentOS7 的防火墙配置跟以前版本有很大区别,经过大量尝试,终于找到解决问题的关键
CentOS7这个版本的防火墙默认使用的是firewall,与之前的版本使用iptables不一样。按如下方便配置防火墙:
1、关闭防火墙:sudo systemctl stop firewalld.service
2、关闭开机启动:sudo systemctl disable firewalld.service
3、安装iptables防火墙
执行以下命令安装iptables防火墙:sudo yum install iptables-services
4、配置iptables防火墙,打开指定端口(具体跟以前版本一样,网上介绍很多,这里不多介绍了)
5. 设置iptables防火墙开机启动:sudo systemctl enable iptables && sudo systemctl start iptables && systemctl start iptables
OK了,根据配置的端口就可以访问了
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
利用ssh传输文件
在linux下一般用scp这个命令来通过ssh传输文件
1、从服务器上下载文件
scp username@servername:/path/filename /var/www/local_dir(本地目录)
例如scp root@192.168.0.101:/var/www/test.txt 把192.168.0.101上的/var/www/test.txt 的文件下载到/var/www/local_dir(本地目录)
2、上传本地文件到服务器
scp /path/filename username@servername:/path
例如scp /var/www/test.php root@192.168.0.101:/var/www/ 把本机/var/www/目录下的test.php文件上传到192.168.0.101这台服务器上的/var/www/目录中
3、从服务器下载整个目录
scp -r username@servername:/var/www/remote_dir/(远程目录) /var/www/local_dir(本地目录)
例如:scp -r root@192.168.0.101:/var/www/test /var/www/
4、上传目录到服务器
scp -r local_dir username@servername:remote_dir
例如:scp -r test root@192.168.0.101:/var/www/ 把当前目录下的test目录上传到服务器的/var/www/ 目录
注:目标服务器要开启写入权限。
ssh 免密登陆(用Mac登陆到centerOs上):
在Mac上用终端登陆到center Os上(需要密码)
在Mac的~/.ssh/目录下生成了登陆信息
在终端中执行:ssh-keygen(一路enter)
在~/.ssh/目录下生成了公钥和私钥
再执行:ssh-copy-id root@192.168.57.3(用户:root,center OS:192.168.57.3)将公钥上传到服务器
就OK了
利用别名登陆:
在Mac上cd到~/.ssh/目录下,创建【config】文件 ,编辑config文件:
Host work
HostName 192.168.57.3
User root
Port 22
Host cow
HostName wpg.co.wpg
User wpg
Port 22
ssh co
ssh cow
开机自启动脚本
vim /root/auto_start.sh
在上面创建的文件中添加我们需要开机需要执行的命令(比如启动tomcat:/usr/local/apache-tomcat-8.5.38-8088/bin/startup.sh)
给予执行权限:chmod +x /root/auto_start.sh
将我们创建的脚本文件添加到开机执行文件中:vim /etc/rc.d/rc.local
添加:
#开机启动
/root/auto_start.sh
给予/etc/rc.d/rc.local 执行权限
chmod +x /etc/rc.d/rc.local
完成以上步骤,之后我们需要开机执行什么,只需在/root/auto_start.sh文件中添加相关命令即可
安装PHP7:
添加源:rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm & rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
安装:yum install php72w php72w-mysqlnd php72w-gd libjpeg* php72w-ldap php72w-odbc php72w-pear php72w-xml php72w-xmlrpc php72w-mbstring php72w-bcmath php72w-pecl-memcache
安装apache:yum install httpd
启动:httpd -k start|restart|stop
开机启动:systemctl enable httpd.service & systemctl is-enabled httpd.service
配置文件:vim /etc/httpd/httpd.conf
默认目录:cd /var/www/html/
安装oh-my-zsh:
查看当前shell:echo $SHELL
安装zsh:yum install -y zsh
设置默认shell:chsh -s /bin/zsh
把macOS上的【.oh-myzsh】项目和【.zshrc】配置文件复制到centeOS上
scp -r ~/.oh-my-zsh/ work:/root/
scp .zshrc work:/root/
重启
安装mysql:
wget http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql-community-server
systemctl start mysqld.service
systemctl status mysqld.service
systemctl enable mysqld.service
grep "password" /var/log/mysqld.log
mysql -uroot -p
ALTER USER 'root'@'localhost' IDENTIFIED BY 'WenPinGao2018!';
systemctl restart mysqld
grant all privileges on *.* to 'root'@'%' identified by 'WenPinGao2018!' with grant option;
flush privileges;
exit;
vim /etc/my.ini
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
init_connect = 'SET NAMES utf8mb4'
在安装mysql的时候最好把防火墙关了,把seliunx也关了
防火墙可以在安装配置完mysql以后重新打开
mysql复制--基于日志的复制
master端
在mysql的配置文件【/etc/my.ini】的[mysqld]下添加
log-bin=mysql-bin
server-id=1
创建复制用户
create user 'copy'@'192.168.57.%' identified by 'Copy123!'
为copy账号赋予权限
grant replication slave on *.* to 'copy'@'192.168.57.%'
备份master端是数据库
mysqldump --single-transaction --master-data=2 --triggers --routines --all-databases -uroot -pWenPinGao2018! > all.sql
slave端
在mysql的配置文件【/etc/my.ini】的[mysqld]下添加
log-bin=mysql-bin
server-id=2
将备份好的数据库文件all.sql复制到slave(如果是新安装的mysql,不必备份)
mysql -uroot -pWenPinGao2018! < all.sql
使用change master 命令配置复制
在备份文件中,可查看MASTER_LOG_FILE和MASTER_LOG_POS(也可以在master端执行show master status查看)
change master to MASTER_HOST='192.168.57.7',MASTER_USER='copy',MASTER_PASSWORD='Copy123!',MASTER_LOG_FILE='mysql-bin.000001',MASTER_LOG_POS=154;
开始复制
start slave
查看复制状态
show slave status\G
当我们配置双主复制是没有问题的,当我们增加一台mysql服务器作为其中第一台master的从服务器,发现在第一台master上做的操作,可以同步到新的slave上,当我们在第二台master上操作时,能同步到第一台master,但同步不到新加的slave上。
在两台master的数据库配置文件中增加下列配置
log-slave-updates=on
重启数据库
安装jdk
下载jdk *.rpm
上传到服务器:scp -r Downloads/jdk-8u301-linux-x64.rpm work:/root
rpm -i jdk-8u301-linux-x64.rpm
安装tomcat 把本地的tomcat上传到centeOS服务器
scp -r ~/Documents/Develop/Java/Software/apache-tomcat-8.5.38-8088/ work:/usr/local/
启动:/usr/local/apache-tomcat-8.5.38-8088/bin/startup.sh
配置:vim /usr/local/apache-tomcat-8.5.38-8088/conf/server.xml
其中有个tomcat已经实现了用redis共享session的功能(需要在tomcat的conf目录下的context.xml文件配置redis服务器的信息)
安装maven
将本地的maven上传到centeOS服务器
scp -r ~/Documents/Develop/Java/Software/apache-maven-3.5.3/ work:/usr/local/
将maven配置到环境变量中
使用后台运行spring boot打出的jar包
cd /root/mp9091/
nohup java -jar mp.jar --mp.port=9091 --mp.data-url=192.168.57.3:8066 --mp.data-pwd=123456 --mp.redis-url=192.168.57.3 --mp.redis-pwd=123456 > mp.log 2>&1 &
cd /root/mp9090/
nohup java -jar mp.jar --mp.port=9090 --mp.data-url=192.168.57.3:8066 --mp.data-pwd=123456 --mp.redis-url=192.168.57.3 --mp.redis-pwd=123456 > mp.log 2>&1 &
安装redis
cd /usr/local/
wget http://download.redis.io/releases/redis-4.0.6.tar.gz
tar -zxvf redis-4.0.6.tar.gz
yum install gcc
cd redis-4.0.6
make MALLOC=libc && cd src/ && make install
cd /etc/
mkdir redis
cd redis
cp /usr/local/redis-4.0.6/redis.conf /etc/redis/
修改redis的配置文件 添加密码,去除绑定,后台运行
69 #bind 127.0.0.1
136 daemonize yes
500 requirepass 123456
/usr/local/redis-4.0.6/src/redis-server /etc/redis/redis.conf
安装 nginx
cd /usr/local/
wget http://nginx.org/download/nginx-1.9.9.tar.gz
tar -zxvf nginx-1.9.9.tar.gz
yum -y install gcc openssl openssl-devel pcre-devel zlib zlib-devel
cd nginx-1.9.9/
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module
make && make install
useradd -s /sbin/nologin -M nginx
id nginx
/usr/local/nginx/sbin/nginx
负载均衡配置:
vim /usr/local/nginx/conf/nginx.conf
upstream mp {
server 127.0.0.1:9090 weight=1 max_fails=3 fail_timeout=2s;
server 127.0.0.1:9091 weight=1 max_fails=3 fail_timeout=2s;
}
upstream test {
server 127.0.0.1:8087 weight=1 max_fails=3 fail_timeout=2s;
server 127.0.0.1:8088 weight=1 max_fails=3 fail_timeout=2s;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
#解决文件上传及获取不同步的问题,即上传与获取都是用同一个服务
location /common/upload/ {
proxy_pass http://127.0.0.1:9090;
proxy_connect_timeout 500ms;
}
location /upload/ {
proxy_pass http://127.0.0.1:9090;
proxy_connect_timeout 500ms;
}
#前台项目,已经部署到本机的tomcat中
location /h5 {
#root html;
#index index.html index.htm;
proxy_pass http://test;
proxy_connect_timeout 500ms;
}
#测试tomcat-session是否共享的测试
location /test {
#root html;
#index index.html index.htm;
proxy_pass http://test;
proxy_connect_timeout 500ms;
}
location / {
#root html;
#index index.html index.htm;
proxy_pass http://mp;
proxy_connect_timeout 500ms;
}
}
#启动nginx: /usr/local/nginx/sbin/nginx
重新加载配置文件:/usr/local/nginx/sbin/nginx -s reload
安全关闭:/usr/local/nginx/sbin/nginx -s quit
暴力关闭:/usr/local/nginx/sbin/nginx -s stop
可以弄两台或以上nginx服务器,提供相同的服务,再用keepalived提供的VIP功能实现高可用。
安装mycat
wget http://dl.mycat.org.cn/1.6-RELEASE/Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz
tar zxvf Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz -C /usr/local/
cd /usr/local/mycat
配置逻辑库逻辑表、数据节点、主机节点
vim /usr/local/mycat/conf/schema.xml
配置mycat用户、权限等
vim /usr/local/mycat/conf/server.cml
启动|查看|重启|停止:/usr/local/mycat/bin/mycat start|status|restart|stop
读写分离、分库分表直接看word记录的笔记
安装keepalived--编译安装-解决开机自启失败的问题
wget https://keepalived.org/software/keepalived-2.2.4.tar.gz
tar -zxvf keepalived-2.2.4.tar.gz -C /usr/local/
cd /usr/local/keepalived-2.2.4
yum -y install libnl libnl-devel
yum install gcc
yum -y install openssl-devel
./configure --prefix=/usr/local/keepalived/
make && make install
cd /usr/local/keepalived/
cp -r etc/keepalived/ /etc/
配置:vim /etc/keepalived/keepalived.conf
MASTER:
vrrp_script chk_nginx {
script /root/check_xxx_is_running.sh
interval 3
weight -20
fall 3
rise 2
}
vrrp_instance VI_1 {
# MASTER 主服务器、BACKUP 备用服务器 当MASTER服务器的keepalived服务不存在的时候,BACKUP服务器会把设置的虚拟IP抢过来绑到指定的网卡上
state MASTER
#把虚拟IP绑定到的网卡名称
interface enp0s8
#虚拟路由ID,MASTER和BACKUP上要一致
virtual_router_id 51
#服务器优先级,0~255,数值越大越优先,一般要求MASTER上的要比BACKUP上的要大
priority 101
advert_int 1
#密码,MASTER、BACKUP配置成一致就行
authentication {
auth_type PASS
auth_pass 123456
}
#要绑定的虚拟IP,一定要与网卡对应的路由器上的网段一致
virtual_ipaddress {
192.168.57.11
}
track_script {
chk_xxx
}
}
BACKUP:
vrrp_script chk_xxx {
script /root/check_xxx_is_running.sh
interval 3
weight -20
fall 3
rise 2
}
vrrp_instance VI_2 {
state BACKUP
interface enp0s8
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.57.11
}
track_script {
chk_xxx
}
}
指定配置文件启动
/usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf
开机自启
chmod +x /etc/rc.d/rc.local
vim /etc/rc.d/rc.local
/usr/local/keepalived/sbin/keepalived -f /etc/keepalived/keepalived.conf
查看是否正常:ip addr
检查nginx或haproxy或redis-server是否运行的脚本
vim /root/check_xxx_is_running.sh
#!/bin/sh
#CHECK_PROCESS=`ps -C nginx --no-heading| wc -l`
CHECK_PROCESS=`ps -C haproxy --no-heading| wc -l`
#CHECK_PROCESS=`ps -C redis-server --no-heading| wc -l`
if [ $CHECK_PROCESS -eq 0 ];
then
echo "XXX 没有运行"
#尝试启动 XXX
#/usr/local/nginx/sbin/nginx
systmctl start haproxy
#/usr/local/redis-4.0.6/src/redis-server /etc/redis/redis.conf
sleep 2
CHECK_PROCESS=`ps -C haproxy --no-heading| wc -l`
if [ $CHECK_PROCESS -eq 0 ];
then
echo "XXX 重启不成功,现将keepalived kill"
pkill keepalived
else
echo "XXX 重启成功"
fi
else
echo "XXX 已经运行"
fi
chmod +x /root/check_xxx_is_running.sh
当我们检测到nginx没有运行的时候,尝试启动nginx,等待2秒,如果没运行,我们也要停止keepalived服务,不然虚拟IP不会漂移至backup
当我们开启iptables防火墙时,发现两台主机都获取了VIP,要在iptables中过滤掉vrrp
vim /etc/sysconfig/iptables
-A INPUT -p vrrp -j ACCEPT
在使用yum install -y keepalived 安装时,发现 (haproxy + keepalived)组合时,keepalived总是开机启动失败;(Nginx + keepalived)组合时倒是问题。
安装HAProxy
yum install -y haproxy.x86_64
vim /etc/haproxy/haproxy.cfg
配置如下:
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
node mysql_haproxy_02
description mysql_haproxy_02
defaults
mode tcp
log global
option abortonclose
option redispatch
retries 3
timeout connect 10s
timeout client 1m
timeout server 1m
maxconn 3000
listen proxy_stats
#haproxy提供服务的端口
bind 0.0.0.0:48066
mode tcp
balance roundrobin
#本来这里应该配置两台mycat服务的,再让mycat实现mysql数据库的读写分离或分库分表
#人懒没办法,测试直接连接mysql了,已经改成两台mycat主机了
server mysql_1 192.168.57.10:8066 check
server mysql_2 192.168.57.12:8066 check
#haproxy管理页面配置
frontend admin_stats
bind 0.0.0.0:8888
mode http
stats enable
option httplog
maxconn 10
stats refresh 30s
stats uri /admin
stats auth admin:123123
stats hide-version
stats admin if TRUE
启动|重启|停止:systemctl start|restart|stop haproxy.service
开机自启:systemctl enable haproxy.service
haproxy安装了以后,我们可以弄两台或以上haproxy提供相同的服务,再用keepalived提供的VIP实现高可用
检测haproxy服务还在不在的脚本(把检测nginx的改一下就行)
查看keepalived环节
安装服务器集群
mysql-master-1(root@192.168.56.3-wpg123)
⇅ 双主复制
mysql-master-2(root@192.168.56.4-wpg123)
mysql-slave-1(root@192.168.56.12-wpg123)→ 复制于mysql-master-1
mysql-slave-2(root@192.168.56.13-wpg123)→ 复制于mysql-master-2
mycat-1(root@192.168.56.5-wpg123)➔ mysql-master-1、mysql-master-2、mysql-slave-1、mysql-slave-2(数据库的读写分离、分库分表等)
mycat-2(root@192.168.56.14-wpg123)➔ mysql-master-1、mysql-master-2、mysql-slave-1、mysql-slave-2(数据库的读写分离、分库分表等)
haproxy-1(root@192.168.56.17)➔ mycat-1、mycat-2 负载均衡
↕︎ keepalived--VIP:192.168.56.16 自启不成功,显示获取不到IP,必须登录执行启动,以后有时间再搜索原因以及解决方法。
haproxy-2(root@192.168.56.15)➔ mycat-1、mycat-2 负载均衡
redis-1(root@192.168.56.6-wpg123)
↕︎ keepalived--VIP:192.168.56.20
redis-2(root@192.168.56.18-wpg123)
web1(root@192.168.56.7-wpg123)➔ haproxy(数据)、redis(session共享)
web2(root@192.168.56.9-wpg123)➔ haproxy(数据)、redis(session共享)
nginx1(root@192.168.56.10-wpg123)➔ web1、web2
↕︎ keepalived--VIP:192.168.56.8
nginx2(root@192.168.56.11-wpg123)➔ web1、web2
安装svn
yum install subversion
mkdir svn
svnadmin create svn/
cd svn
vim conf/passwd
[users]
# harry = harryssecret
# sally = sallyssecret
wpg = wpg123
vim conf/authz
[/]
wpg = rw
vim conf/svnserve.conf
19 anon-access = none
20 auth-access = write
27 password-db = passwd
34 authz-db = authz
39 realm = /root/svn
cd ../
svnserve -d -r svn
181
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
