Linux常用服务安装及配置(持续更新)
本文主要记录linux常用服务的安装及基础配置,基于的操作系统为centos7,文章持续更新,文中如有不当,欢迎批评指正!!!
服务安装及配置
JDK
- 到官网下载JDK安装包,或使用已有的jdk1.8安装包
- 解压文件至/usr/local/java
tar -zxf jdk-8u251-linux-x64.tar.gz -C /usr/local/java
- 修改配置文件
vim /etc/profile
#在文件中追加如下内容
JAVA_HOME=/usr/local/java/jdk1.8.0_251
PATH=$JAVA_HOME/bin:$PATH
CLASSPATH=$JAVA_HOME/jre/lib/ext:$JAVA_HOME/lib/tools.jar
export PATH JAVA_HOME CLASSPATH
#使文件生效
source /etc/profile
- 验证jdk是否安装成功
java -vserion
Mysql服务(版本:5.7)
- 下载安装包
wget http://repo.mysql.com/mysql57-community-release-el7-8.noarch.rpm
- 安装
sudo rpm -ivh mysql57-community-release-el7-8.noarch.rpm
sudo yum install mysql-server
- 设置密码
#查看临时密码
sudo grep 'temporary password' /var/log/mysqld.log
#如果/var/log/mysqld.log为空,执行如下步骤:
#1.删除原来安装过的mysql残留的数据
rm -rf /var/lib/mysql
#2.重启mysqld服务
systemctl restart mysqld
#3.再去找临时密码
sudo grep 'temporary password' /var/log/mysqld.log
#4.配置mysql安装项
sudo mysql_secure_installation
#输入刚才的临时密码,mysql会提示你输入新的密码和一些其他设置,一般情况下我们都会输入y
#注意:密码必须至少包含8个字符并且至少包含一个大写字母,一个小写字母,一个数字和一个特殊字符
- 远程访问,如果远程连接不成功,可能原因:当前用户被mysql服务器拒绝或者3306端口被防火墙禁掉,无法连接到该端口
- 解决方式:设置所有主机都可以访问,关闭防火墙(推荐开放指定端口)
Redis服务-单机(版本:5.0.4)
- 到redis官网下载安装包,或用如下命令直接下载
wget http://download.redis.io/releases/redis-5.0.4.tar.gz
- 解压至 /usr/local/redis
tar xzvf redis-5.0.4.tar.gz -C /usr/local/redis
- 安装
cd /usr/local/redis/redis-5.0.4
make
cd src
make install PREFIX=/usr/local/redis
#如果此时安装编译出错,执行如下步骤
#安装gcc
yum -y install cpp binutils glibc glibc-kernheaders glibc-common glibc-devel gcc make
#升级gcc
yum -y install centos-release-scl devtoolset-9-gcc devtoolset-9-gcc-c++ devtoolset-9-binutils
scl enable devtoolset-9 bash
#重新编译
make MALLOC=libc
#重新安装
make install PREFIX=/usr/local/redis
- 配置后台启动
vi /usr/local/redis/redis-5.0.4/redis.conf
#将daemonize no 改成daemonize yes
- 设置开机启动
vi /etc/rc.local
#添加如下内容
/usr/local/redis/bin/redis-server /usr/local/redis/redis-5.0.4/redis.conf
- 启动Redis
/usr/local/redis/bin/redis-server /usr/local/redis/redis-5.0.4/redis.conf
- 将redis-cli,redis-server拷贝到bin下,让redis-cli指令可以在任意目录下直接使用(可选,根据需求来)
- 设置redis密码
#进入客户端,如果没有将命令拷贝到bin,需在用全路径访问
/usr/local/redis/bin/redis-cli
#查看密码(可选)
config get requirepass
#设置密码passward填自己的密码
config set requirepass passward
#可在本机测试一下
/usr/local/redis/bin/redis-cli -h 127.0.0.1 -p 6379 -a passward
- 配置防火墙,使外网能够访问redis
#开放端口
firewall-cmd --zone=public --add-port=6379/tcp --permanent
#重启防火墙以使配置即时生效
systemctl restart firewalld
#查看系统所有开放的端口
firewall-cmd --zone=public --list-ports
- 修改配置文件/usr/local/redis/redis-5.0.4/redis.conf
#注释掉bind 127.0.0.1,使服务能够监听外网请求
#bind 127.0.0.1
#关掉保护模式
protected-mode no
#passward为上面设置的密码
requirepass passward
- 重启redis服务
#passward为上面设置的密码
/usr/local/redis/bin/redis-cli -h 127.0.0.1 -p 6379 -a passward shutdown
/usr/local/redis/bin/redis-server /usr/local/redis/redis-5.0.4/redis.conf
FFmpeg服务
- 参考文章地址
- yum install epel-release -y
- yum update -y
- sudo rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
- sudo rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
- yum install ffmpeg ffmpeg-devel -y
Nginx服务
- 安装依赖包
yum -y install gcc gcc- c++ make libtool zlib zlib-devel openssl openssl-devel pcre pcre-devel
- 下载安装包(稳定版即可),官网下载地址或使用如下命令下载
wget http://nginx.org/download/nginx-1.9.9.tar.gz
- 解压至/usr/local/etc/nginx
tar -zxvf nginx-1.9.9.tar.gz -C /usr/local/etc/nginx
- 编译
./configure --prefix=/usr/local/nginx/ --sbin-path=/usr/local/nginx/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --pid-path=/usr/local/nginx/nginx.pid --with-http_ssl_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre
make && make install
- 切换至/usr/local/nginx/sbin/目录,检查编译项
./nginx -V
- 根据需要配置/usr/local/nginx/conf/nginx.conf,参考示例:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream user {
server localhost:8083;
}
upstream upload {
server localhost:8089;
server localhost2:8089;
}
server {
listen 80;
server_name www.example.com.cn;
#https配置示例
#listen 443 ssl;
#server_name www.example.com.cn;
#client_max_body_size 5120M;
#charset utf-8;
#证书文件位置
#ssl_certificate /usr/local/nginx/conf/ssl/3377808__example.com.pem;
#ssl_certificate_key /usr/local/nginx/conf/ssl/3377808__example.com.key;
#ssl_session_cache shared:SSL:1m;
#ssl_session_timeout 5m;
#ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
#ssl_prefer_server_ciphers on;
location / {
#前端服务地址
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
location /user/ {
#用户-后端服务地址
proxy_pass http://user/user/;
client_body_buffer_size 128k;
client_max_body_size 10m;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
location /upload/ {
#文件上传-后端服务地址
proxy_pass http://upload/upload/;
client_body_buffer_size 128k;
client_max_body_size 10m;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
location /imagepool {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
#图片存放目录
root /data/;
}
location /videopool {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
#视频存放目录
root /data/;
}
}
}
- 检查配置文件是否正确
/usr/local/nginx/sbin/nginx -t
- 启动Nginx
/usr/local/nginx/sbin/nginx
MongoDB服务
- 安装依赖服务
sudo yum install libcurl openssl xz-libs - 下载指定版本安装包
wget https://www.mongodb.com/dr/fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-4.4.1.tgz/download - 解压安装包至指定目录并重命名
tar -zxvf mongodb-linux-*-4.4.1.tgz -C /usr/local/
mv mongodb-linux-x86_64-rhel70-4.4.1 mongodb - 使得mongodb相关命令到处可用的三种方式(可选,三选一,若省略此步骤,使用相关命令时用绝对路径即可)
- 直接将命令拷贝至/usr/local/bin/
sudo cp /usr/local/mongodb/bin/* /usr/local/bin/
- 设置软连接
sudo ln -s /usr/local/mongodb/bin/* /usr/local/bin/
- 配置系统环境变量(推荐)
# sudo vi /etc/profile
#追加如下内容
export MONGODB_HOME=/usr/local/mongodb
export PATH=$PATH:$MONGODB_HOME/bin
#使配置生效
#sudo vi /etc/profile
- 创建数据及日志存放目录文件并赋权
#1.创建目录文件
sudo mkdir -p /usr/local/mongodb/data/db
sudo mkdir -p /usr/local/mongodb/logs
cd /usr/local/mongodb/logs
touch mongodb.log
#2.给文件赋权
sudo chmod 777 /usr/local/mongodb/data/db
sudo chmod 777 /usr/local/mongodb/data/db
#3.创建用户和组(可选)
adduser mongod
groupadd mongod
#4.给目录文件设置属主和属组
sudo chown -R mongod:mongod /usr/local/mongodb/data/db
sudo chown -R mongod:mongod /usr/local/mongodb/logs
- 启动服务方式(二选一)
- mongod --dbpath /usr/local/mongodb/data/db --logpath /usr/local/mongodb/logs --fork
- 指定配置文件启动
cd /usr/local/mongodb
touch mongodb
mongod -f mongo.conf
#mongo.conf配置内容如下
dbpath = /usr/local/mongodb/data/db #数据文件存放目录
logpath = /usr/local/mongodb/logs/mongodb.log #日志文件存放目录
port = 27017 #端口
fork = true #以守护程序的方式启用,即在后台运行
#auth=true #是否开启用户名和密码认证
- 设置开机自启动
cd /lib/systemd/system
sudo touch mongodb.service
- cd /lib/systemd/system
sudo vi mongodb.service
[Unit]
Description=mongodb
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=/usr/local/mongodb/bin/mongod --config /usr/local/mongodb/mongo.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/usr/local/mongodb/bin/mongod --shutdown --config /usr/local/mongodb/mongo.conf
PrivateTmp=true
[Install]
WantedBy=multi-user.target
- 设置权限
chmod 754 mongodb.service - mongodb.service的操作命令
系统mongodb.service的操作命令
#启动服务
systemctl start mongodb.service
#关闭服务
systemctl stop mongodb.service
#开机启动
systemctl enable mongodb.service
- 设置用户名密码
进入mongo命令行后:
use admin
db.createUser({user:“swhuan”,pwd:“swhuan”,roles:[“root”]})
Elasticsearch
- 下载并上传至/usr/local,下载地址
- 解压:tar -zxvf elasticsearch-7.5.1-linux-x86_64.tar.gz
- 修改配置文件
-
主配置文件elasticsearch.yml
-
jvm参数文件jvm.options
-
添加es用户
说明:es不允许使用root操作es
useradd es
chown -R es:es /usr/local/elasticsearch-7.10.2
su es -
启动
进入/usr/local/elasticsearch-7.10.2/bin
前台启动:./elasticsearch
后台启动:./elasticsearch -d -
启动遇到的问题及解决方式
- max file descriptors [4096] for elasticsearch process likely too low, increase to at least [65536]
max number of threads [1024] for user [lishang] likely too low, increase to at least [2048]
解决方式:vim /etc/security/limits.conf追加以下内容:
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096
- max virtual memory areas vm.max_map_count [65530] likely too low, increase to at least [262144]
解决方式:vim /etc/sysctl.conf追加以下内容,并执行命令:sysctl -p
vm.max_map_count=262145
- 测试访问http://ip:9200/,若外网访问不成功
- elasticsearch.yml配置文件中host配置不正确
=》network.host: 0.0.0.0 - 防火墙没有开放指定端口
=》关闭防火墙或开放指定端口
Elasticsearch-head
前置条件:服务器已安装nodejs和grunt
- 下载并上传至usr/local/elasticsearch-7.10.2/plugins,下载地址
- 解压:unzip elasticsearch-head-master.zip
- 进入目录,依赖安装
cd elasticsearch-head-master
npm install - 启动
前台启动:npm run start或grunt server
后台启动:grunt server & - 测试访问:http://ip:9100/
Nodejs
- 下载并上传至/usr/local,下载地址
- 解压:tar -xvJf node-v14.15.4-linux-x64.tar.xz
- 重命名及设置软链
- mv node-v14.15.4-linux-x64/ nodejs
- ln -s /usr/local/nodejs/bin/node /usr/local/bin
- ln -s /usr/local/nodejs/bin/npm /usr/local/bin
- 检查是否安装成功:node -v
- 设置npm源:npm config set registry https://registry.npm.taobao.org
- 安装grunt
npm install -g grunt-cli grunt