升级内核
rpm -ivh kernel-devel-3.18.44-20.el6.x86_64.rpm
rpm -Uvh kernel-firmware-3.18.44-20.el6.noarch.rpm
rpm -Uvh perf-3.18.44-20.el6.x86_64.rpm
rpm -ivh kernel-3.18.44-20.el6.x86_64.rpm
rpm -Uvh kernel-headers-3.18.44-20.el6.x86_64.rpm
获取root权限
echo -e "\n app ALL=(ALL) ALL\n" >> /etc/sudoers
vi /etc/pam.d/su
usermod -G wheel app
%PAM-1.0
Uncomment the following line to implicitly trust users in the "wheel" group.
authsufficient pam_wheel.so trust use_uid
Uncomment the following line to require a user to be in the "wheel" group.
authrequiredpam_wheel.so use_uid
==============redhat估计需要安装以下组件 ===================(无需)
/opt/soft/redhat6docker
groupadd mockbuild
useradd mockbuild -g mockbuild
rpm -ivh epel-release-6-8.noarch.rpm
rpm -ivh bridge-utils-1.2-10.el6.src.rpm
rpm -ivh device-mapper-multipath-libs-0.4.9-93.el6.x86_64.rpm
rpm -ivh device-mapper-persistent-data-0.6.2-0.2.rc7.el6.src.rpm
rpm -ivh lxc-libs-1.0.11-1.el6.x86_64.rpm
rpm -ivh lua-filesystem-1.4.2-1.el6.x86_64.rpm
rpm -ivh lua-alt-getopt-0.7.0-1.el6.noarch.rpm
rpm -ivh libcgroup-0.40.rc1-24.el6_9.src.rpm
rpm -ivh lua-lxc-1.0.11-1.el6.x86_64.rpm
rpm -ivh lxc-1.0.11-1.el6.x86_64.rpm
删除用户
userdel -r mockbuild
1、下载已经编译好docker
https://download.docker.com/linux/static/stable/x86_64/docker-19.03.11.tgz
假设解压到此目录
/opt/soft/superset/docker
2、复制可执行文件到bin目录
cp /opt/soft/superset/docker/docker /usr/bin/docker
cp /opt/soft/superset/docker/dockerd /usr/bin/dockerd
cp /opt/soft/superset/docker/docker-proxy /usr/bin/docker-proxy
cp /opt/soft/superset/docker/docker-init /usr/bin/docker-init
cp /opt/soft/superset/docker/containerd-shim /usr/bin/containerd-shim
cp /opt/soft/superset/docker/containerd /usr/bin/containerd
cp /opt/soft/superset/docker/runc /usr/bin/runc
cp -r /opt/soft/superset/docker /run/docker
rm -f /run/docker/docker
rm -f /run/docker/dockerd
rm -f /run/docker/docker-init
rm -f /run/docker/docker-proxy
sudo usermod -aG docker "root"
3、创建daemon.json 文件
在/etc/docker目录下创建
{
"registry-mirrors":["https://6mapirxd.mirror.aliyuncs.com"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay",
"data-root": "/home/docker"
}
运行docker前
echo 'none /sys/fs/cgroup cgroup defaults 0 0' >> /etc/fstab
mount -a
vim /etc/fstab
4、启动docker 守护进程
ps -ef|grep docker|awk '{print $2}'|xargs kill -9
nohup dockerd >/home/docker/nohup.out &
nohup dockerd >/app/nohup.out &
tail -f /app/superset/nohup.out
5、导入镜像
docker load < /opt/soft/sinobest.tar
docker run -d -p 5088:8088 -v /app/superset:/app/data --name superset sinobest:v3.0
6、卸载docker所有使用过的目录(/home、/usr、/run)
rm -f /usr/bin/docker
rm -f /usr/bin/dockerd
rm -f /usr/bin/docker-proxy
rm -f /usr/bin/docker-init
rm -f /usr/bin/containerd-shim
rm -f /usr/bin/containerd
rm -f /usr/bin/runc
rm -rf /run/docker
rm -rf /etc/docker
rm -rf /run/app
7、解决防火墙
报错解决/etc/sysconfig
https://blog.csdn.net/qq_31666147/article/details/53067538
当启动 iptables是报错误:iptables: No config file.
1、输入以下命令:
iptables -P OUTPUT ACCEPT
service iptables save
进行保存,启动防火墙即可
更改防火墙设置
https://www.cnblogs.com/miaoying/p/11535945.html
为了能够远程访问这台机器上的MySQL,需要开放3306端口:
[root@localhost ~]# service iptables status Redirecting to /bin/systemctl status iptables.service Unit iptables.service could not be found.
安装 iptables-services:
yum install iptables-services
启动 iptables:
service iptables start
编辑配置文件,将3306端口添加到22端口下:
vi /etc/sysconfig/iptables
# sample configuration for iptables service
# you can edit this manually or use system-config-firewall
# please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
重启:
service iptables restart
查看开放端口:
[root@localhost ~]# /sbin/iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@localhost ~]#
远端就能通过telnet 测试访问了:
telnet 192.168.1.27 3306