Shulou(Shulou.com)06/02 Report--

Internal test environment deployment file

Since there is no connection in the internal network, the rpm package is installed in the form of related components.

Involving software and application versions:

Linux version: CentOS 7.2

Nginx version: nginx-1.10.1

Java version: jdk-8u101

Tomcat version: Tomcat-7.0.72

MySQL version: mariadb-5.5.52

1.nginx installation and configuration

First of all, you need to install some database openssl-devel, zlib-devel, pcre-devel before installing nginx.

But there are other dependent packages that need to install rpm-ivh * .rpm

Keyutils-libs-devel-1.5.8-3.el7.x86_64.rpm

Krb5-devel-1.13.2-10.el7.x86_64.rpm

Libcom_err-devel-1.42.9-7.el7.x86_64.rpm

Libselinux-devel-2.2.2-6.el7.x86_64.rpm

Libsepol-devel-2.1.9-3.el7.x86_64.rpm

Libverto-devel-0.2.5-4.el7.x86_64.rpm

Openssl-devel-1.0.1e-42.el7.9.x86_64.rpm

Pcre-devel-8.32-15.el7.x86_64.rpm

Zlib-devel-1.2.7-15.el7.x86_64.rpm

The program runs as nobody by default. We use nginx users to run. First, add Nginx groups and users, do not create a home directory, and do not allow login to the system.

# groupadd nginx

# useradd-M-s / sbin/nologin-g nginx nginx

Nginx-1.10.1.tar.gz is used to install nginx.

# tar xf nginx-1.10.1.tar.gz

# cd nginx-1.10.1

Specify the installation directory and compile to enable some status monitoring modules, etc.

#. / configure\

-- prefix=/usr/local/nginx\

-- pid-path=/usr/local/nginx/logs/nginx.pid\

-- lock-path=/var/lock/nginx.lock\

-- user=nginx\

-- group=nginx\

-- with-http_ssl_module\

-- with-http_flv_module\

-- with-http_stub_status_module\

-- with-http_gzip_static_module\

-- http-client-body-temp-path=/var/tmp/nginx/client/\

-- http-proxy-temp-path=/var/tmp/nginx/proxy/\

-- http-fastcgi-temp-path=/var/tmp/nginx/fcgi/\

-- http-uwsgi-temp-path=/var/tmp/nginx/uwsgi\

-- http-scgi-temp-path=/var/tmp/nginx/scgi\

-- with-pcre

The approximate result is:

Configuration summary

+ using system PCRE library

+ using system OpenSSL library

+ md5: using OpenSSL library

+ sha1: using OpenSSL library

+ using system zlib library

Nginx path prefix: "/ usr/local/nginx"

Nginx binary file: "/ usr/local/nginx/sbin/nginx"

Nginx modules path: "/ usr/local/nginx/modules"

Nginx configuration prefix: "/ usr/local/nginx/conf"

Nginx configuration file: "/ usr/local/nginx/conf/nginx.conf"

Nginx pid file: "/ var/run/nginx/nginx.pid"

Nginx error log file: "/ usr/local/nginx/logs/error.log"

Nginx http access log file: "/ usr/local/nginx/logs/access.log"

Nginx http client request body temporary files: "/ var/tmp/nginx/client/"

Nginx http proxy temporary files: "/ var/tmp/nginx/proxy/"

Nginx http fastcgi temporary files: "/ var/tmp/nginx/fcgi/"

Nginx http uwsgi temporary files: "/ var/tmp/nginx/uwsgi"

Nginx http scgi temporary files: "/ var/tmp/nginx/scgi"

After the above configuration, edit and install

# make & & make install

# mkdir / var/tmp/nginx/client/-pv

After the compilation and installation is complete, the Nginx directory will appear under / usr/local. When you enter this directory, you will find that the directory is very simple.

Its configuration files are stored in the conf directory, web page files are stored in html, and log files are stored in logs

There is only one executable program "nginx" in the sbin directory

Configure the nginx.conf file

User nginx

Worker_processes auto

Error_log / usr/local/nginx/logs/error.log

Pid / usr/local/nginx/logs/nginx.pid

Worker_rlimit_nofile 100000

Events {

Worker_connections 2048

Multi_accept on

Use epoll

}

Http {

Default_type application/octet-stream

Server_tokens off

Sendfile on

Tcp_nopush on

Tcp_nodelay on

Keepalive_timeout 10

Client_header_timeout 10

Client_body_timeout 10

Reset_timedout_connection on

Send_timeout 10

Limit_conn_zone $binary_remote_addr zone=addr:5m

Limit_conn addr 100

Include / usr/local/nginx/conf/mime.types

Charset UTF-8

Gzip on

Gzip_disable "msie6"

Gzip_proxied any

Gzip_min_length 1000

Gzip_comp_level 6

Gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript

Open_file_cache max=100000 inactive=20s

Open_file_cache_valid 30s

Open_file_cache_min_uses 2

Open_file_cache_errors on

Server {

Listen 80

Server_name localhost

Charset utf-8

Location ~ / uploads/.*\. (gif | jpg | jpeg | png | pdf | doc | xls | docx | xlsx | apk | htm | html | mp4 | flv) ${

Expires 24h

Root / data0/nginx/res/home/

Access_log off

Proxy_store on

Proxy_store_access user:rw group:rw all:rw

Proxy_temp_path / data0/nginx/res/home/

Proxy_redirect off

Proxy_set_header Host $host

Proxy_set_header X-Real-IP $remote_addr

Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for

Client_max_body_size 20m

Client_body_buffer_size 1280k

Proxy_connect_timeout 900

Proxy_send_timeout 900

Proxy_read_timeout 900

Proxy_buffer_size 40k

Proxy_buffers 40 320k

Proxy_busy_buffers_size 640k

Proxy_temp_file_write_size 640k

If (!-e $request_filename)

{

Proxy_pass http://127.0.0.1:80;

}

}

Location / {client_max_body_size 20m

Proxy_pass http://localhost:8080/;

Proxy_set_header Host $host

Proxy_set_header X-Real-IP $remote_addr

Proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for

# allow 116.6.90.240

# deny all

}

Error_page 500 502 503 504 / 50x.html

Location = / 50x.html {

Root html

}

}

}

You can then start the nginx service

# / usr/local/nginx/sbin/nginx-t check whether there is an error in the configuration file

# / usr/local/nginx/sbin/nginx starts the nginx service

But it is necessary to turn off the fire prevention or turn on the firewall rules.

After CentOS 7, instead of using iptables as a fire shield, use firewall directly.

# systemctl stop firewalld.service & & systemctl disable firewalld.service

Or

# firewall-cmd-zone=public-add-port=80/tcp

Note: of course, when the firewall is turned on, we should add all the service ports to be used later, otherwise it will affect the provision of services to the outside world.

Next, visit the IP of your service in the browser to see the result. It shows that the welcome to nginx is configured successfully.

two。 Install and configure java and tomcat

Java needs to be installed before tomcat can be installed

The memory uses the installation package to install and enter the installation package.

# tar-zxvf jdk-8u101-linux-x64.tar.gz

# mkdir / usr/local/java

Mv jdk1.8.0_101/ / usr/local/java/

Allocation of environmental capacity

# vim / etc/profile

Add the following information to the top line

# java

Export JAVA_HOME=/usr/local/java/jdk1.8.0_101

Export JRE_HOME=/usr/local/java/jdk1.8.0_101/jre

Export CLASSPATH=.:$JRE_HOME/lib/dt.jar:$JRE_HOME/lib/tools.jar

Export PATH=$JRE_HOME/bin:$JRE_HOME/bin:$PATH

Let the configuration take effect to view the version

# source / etc/profile

# java-version

Java version "1.8.0mm 101"

Java (TM) SE Runtime Environment (build 1.8.0_101-b13)

Java HotSpot (TM) 64-Bit Server VM (build 25.101-b13, mixed mode)

First of all, tomcat is an installation-free package that can be solved directly. Check the tomcat version and JVM configuration environment information.

Sh / data0/zt/tomcat01/bin/version.sh

Using CATALINA_BASE: / data0/zt/tomcat01

Using CATALINA_HOME: / data0/zt/tomcat01

Using CATALINA_TMPDIR: / data0/zt/tomcat01/temp

Using JRE_HOME: / usr/local/java/jdk1.8.0_101/jre

Using CLASSPATH: / data0/zt/tomcat01/bin/bootstrap.jar:/data0/zt/tomcat01/bin/tomcat-juli.jar

Server version: Apache Tomcat/7.0.72

Server built: Sep 14 2016 12:12:26 UTC

Server number: 7.0.72.0

OS Name: Linux

OS Version: 3.10.0-327.el7.x86_64

Architecture: amd64

JVM Version: 1.8.0_101-b13

JVM Vendor: Oracle Corporation

Modify global parameters custom.properties that is, according to database connection and other related settings

Vim / data0/zt/tomcat01/webapps/ROOT/WEB-INF/classes/custom.properties

Hibernate.databasePlatform=org.hibernate.dialect.MySQL5InnoDBDialect

Jdbc.driverClassName=com.mysql.jdbc.Driver

# jdbc.url=jdbc:mysql://localhost/test_jspxcms_enterprise?characterEncoding=utf8

# jdbc.username=root

# jdbc.password=password

Jdbc.url=jdbc:mysql://10.134.100.7/z?acharacterEncoding=utf8 (IP, database, ID, password of the connection host modified to match)

Jdbc.username=root

Jdbc.password=FLM@88

# hibernate.databasePlatform=org.hibernate.dialect.Oracle10gDialect

# jdbc.driverClass=oracle.jdbc.OracleDriver

# jdbc.url=jdbc:oracle:thin:@localhost:1521:orcl

# jdbc.user=jspxcms

# jdbc.password=password

# hibernate.databasePlatform=org.hibernate.dialect.SQLServer2005Dialect

# jdbc.driverClass=net.sourceforge.jtds.jdbc.Driver

# jdbc.url=jdbc:jtds:sqlserver://localhost:1433/jspxcms

# jdbc.user=sa

# jdbc.password=password

# jdbc.driverClass=com.microsoft.sqlserver.jdbc.SQLServerDriver

# jdbc.url=jdbc:sqlserver://localhost:1433;databaseName=jspxcms

# hibernate.databasePlatform=org.hibernate.dialect.DB2Dialect

# jdbc.driverClass=com.ibm.db2.jcc.DB2Driver

# jdbc.url=jdbc:db2://localhost:50000/SAMPLE:currentSchema=JSPXCMS

# jdbc.user=db2admin

# jdbc.password=password

Jdbc.pool.maxIdle=10

Jdbc.pool.maxActive=30

Hibernate.showSql=true (changed to false, because it is easy to generate a large number of logs, resulting in full disk space)

# jdbc.driverClass=net.sf.log4jdbc.DriverSpy

# jdbc.url=jdbc:log4jdbc:mysql://localhost/jspxcms?characterEncoding=utf8

# messages\ u7f13\ u5b58\ u8bbe\ u7f6e\ u3002\ u4e0d\ u7f13\ u5b58\ uff1a0\ uff1b\ u6c38\ u4e45\ u7f13\ u5b58\ uff1a-1\ u5355\ u4f4d\ uff1a\ u79d2\ u3002

MessageSource.cacheSeconds=-1

#\ u6a21\ u677f\ u7f13\ u5b58\ u8bbe\ u7f6e\ u3002\ u4e0d\ u7f13\ u5b58\ uff1a0\ u3002\ u5355\ u4f4d\ uff1a\ u79d2\ u3002

FreemarkerConfig.template_update_delay=2

# Lucene\ u7d22\ u5f15\ u76ee\ u5f55

FsDirectory.location=/WEB-INF/fulltext

#\ u662f\ u5426\ u81ea\ u52a8\ u63d0\ u4ea4\ u7d22\ u5f15\ u3002\ u5982\ u4e0d\ u81ea\ u52a8\ u63d0\ uff0c\ u5728\ u975e\ u6b63\ u5e38\ u505c\ u6b62Tomcat\ u670d\ u52a1\ uff0c\ u7d22\ u4f1a\ u4e22\ u3002\ u81ea\ u52a8\ u63d0\ u4ea4\ u5bf9\ u6027\ u80fd\ u6709\ u4e00\ u5f71\ u54cd\ uff0c\ u6570\ u636e\ u91cf\ u5927\ u7684\ u60c5\ u51b5\ u4e0b\ u4e0b\ u8003\ u851\ u5173\ uff0c

LuceneIndexTemplate.autoCommit=true

#\ u662f\ u5426\ u5141\ u8bb8\ u8bbf\ u95ee\ u7ad9\ u70b9\ u6587\ u4ef6

WebFile.isEnableSiteFile=true

#\ u6a21\ u7248\ u8def\ u5f84

TemplateStorePath=/template

# templateStorePath=file:d:\\ jspxcms\\ template

TemplateDisplayPath=/template

OpenofficeHost=openofficePort=

SwftoolsPdf2swf=

# swftoolsPdf2swf=/usr/local/bin/pdf2swf#swftoolsLanguagedir\ u4e5f\ u53ef\ u4ee5\ u4e3a\ u7a7a\ uff0c\ u4f46\ u6709\ u53ef\ u80fd\ u4e0d\ u652f\ u6301\ u67d0\ u4e9b\ u5b57\ u4f53

# swftoolsLanguagedir=/usr/share/xpdf/xpdf-chinese-simplified

SwftoolsLanguagedir=

#\ u521b\ u59cb\ u4eba\ uff08\ u901a\ u5e38\ u662fadmin\ uff09\ u662f\ u5426\ u62e5\ u6709\ u6240\ u6709\ u6743\ u4e14\ u4e0d\ u53d7\ u89d2\ u8272\ u6743\ u9650\ u63a7\ u5236\ u521b\ u59cb\ u4e0d\ u5c0f\ u53d6\ u6d88\ u81ea\ u5df1\ u7684\ u89d2\ u8272\ u7ba1\ u7406\ u6743\ u9650 u65f6\ uff0c\ u53ef\ u4ee5\ u5f00\ u542f\ u8be5\ u9879\ u3002

IsRootAllPerms=false

#\ u6587\ u6863\ u7ba1\ u7406\ u7684\ u5173\ u952e\ u8bcd\ u5206\ u9694\ u7b26

TagKeywordsSplit=\ uff0c\ uff1b;\ uff5c |

DefUsername=

DefPassword=

# register.config.http.proxy.ip=10.161.24.62

# register.config.http.proxy.port=8083

Register.config.mobile.message.accout.user=szfjj-4

Register.config.mobile.message.accout.password=100d68

Restart the tomcat service

Sh / data0/zt/tomcat01/bin/shutdown.sh (related to tomcat service)

Netstat-nltp (check if tomcat port 8080 8009 8005 is open)

Ps-ef | grep java (check whether the tomcat service is left, and then check to see if there are any zombies in the process, which can be processed)

Sh / data0/zt/tomcat01/bin/startup.sh (start the tomcat service)

3.ftpserver installation

Ftpserver is also free of installation, so you can modify the configuration file directly.

Vim / data0/zt/apache-ftpserver-1.0.6/res/conf/user.properties

# specific language governing permissions and limitations

# under the License.

# Password is "admin"

Ftpserver.user.admin.userpassword=21232F297A57A5A743894A0E4A801FC3

Ftpserver.user.admin.homedirectory=/data0/nginx/res/home

Ftpserver.user.admin.enableflag=true

Ftpserver.user.admin.writepermission=true

Ftpserver.user.admin.maxloginnumber=0

Ftpserver.user.admin.maxloginperip=0

Ftpserver.user.admin.idletime=0

Ftpserver.user.admin.uploadrate=0

Ftpserver.user.admin.downloadrate=0

Ftpserver.user.anonymous.userpassword=

Ftpserver.user.anonymous.homedirectory=/data0/nginx/res/home

Ftpserver.user.anonymous.enableflag=true

Ftpserver.user.anonymous.writepermission=false

Ftpserver.user.anonymous.maxloginnumber=20

Ftpserver.user.anonymous.maxloginperip=2

Ftpserver.user.anonymous.idletime=300

Ftpserver.user.anonymous.uploadrate=4800

Ftpserver.user.anonymous.downloadrate=4800

You need to create a directory to store ftp files

Mkdir-p / data0/nginx/res/home

Cp-raf ftpd-typical.xml ftpd.xml

Start the ftp service

Sh / apache-ftpserver-1.0.6/bin/ftpd.sh / apache-ftpserver-1.0.6/res/conf/ftpd.xml&

Connect to ftp

Ftp localhost 2121

Admin

Admin

Mput upload Fil

Mget download file

Perform a download ftp://admin:admin@10.134.100.174:2121 in the local server

4. Ambient database

MySQL is no longer included in the source of CentOS 7 and uses MariaDB instead

A. Use rpm-qa | grep mariadb to search for existing packages in MariaDB:

If it exists, use rpm-e-- nodeps mariadb-* to delete all

B. Use rpm-qa | grep mariadb to search MariaDB's existing packages:

If it exists, delete it all using yum remove mysql mysql-server mysql-libs compat-mysql51

C, installation

Need to download the perl-DBI-1.521-1.EL5.rfx.x86_64.rpm installation package

MariaDB MariaDB-5.5.29-rhel5-x86_64-common.rpm

MariaDB-5.5.29-rhel5-x86_64-server.rpm

MariaDB-5.5.29-rhel5-x86_64-client.rpm

D, and then http://yum.mariadb.org/ to find the PGP file RPM-GPG-KEY-MariaDB

Put the file in the / etc/pki/rpm-gpg directory and execute the command to import key rpm--import / etc/pki/rpm-gpg/RPM*

E. Install perl-DBI-1.521-1.EL5.rfx.x86_64.rpm package, rpm-ivh perl-DBI-1.521-1.EL5.rfx.x86_64.rpm

F. Install MariaDB package, rpm-ivh MariaDB-*, installation is complete

G. Start mysql:

[root@localhost mysql] # service mysql start

Starting MySQL. SUCCESS!

H. Check whether mysql is started successfully

Ps-ax | grep mysql

Enter mysql

# mysql-u root-p

ENter password:

MariaDB [(none)] > show databases

+-+

| | Database |

+-+

| | information_schema |

| | mysql |

| | performance_schema |

| | test |

+-+

4 rows in set (5.75 sec)

I. Configure mysql

Mysql_secure_installation

Next, let's look at the situation and configure it.

J, build the database

Import into mysql

# mysql-u root-p

Enter password:

In the back

MariaDB [(none)] > create database z character set utf8

Check to see if the establishment is successful

MariaDB [(none)] > show databases

K, find out the number of databases you need

Mysqldump-h 10.157.136.134-uroot-proot

-- events-- ignore-table=mysql.event-- default-character-set=UTF8 jspxcms > z.sql

Since an empty data has been created to store it, it is now only necessary to execute the database boot command

# mysql-u root-p

Enter password:

MariaDB [(none)] > use z

Database changed

MariaDB [z] > source / root/z.sql (this is where you put the z.sql)

M, determine whether the data table is created successfully, that is, whether the data file is imported successfully.

MariaDB [z] > show tables

If you see the following list, you can see that the import is successful.

+-+

| | Tables_in_z |

+-+

| | cms_ad |

| |... (omitted here)

| | qrtz_triggers |

| | t_id_table |

+-+

106 rows in set (0.00 sec)

N. To grant database permissions

MariaDB [z] > GRANT ALL PRIVILEGES ON *. * TO 'root'@'10.134.100.7' IDENTIFIED BY' FLM@88' WITH GRANT OPTION

MariaDB [z] > flush privileges

O. Check whether the access to the database has been enabled.

Mysql-h 10.134.100.7-uroot-pFLM@88 z

If the database entry is successful, otherwise restart the mysql service and try again

Service mysql restart

P, according to the size of the database (may affect the problems that cannot be presented)

Just modify the / etc/my.cnf configuration file

[mysqld]

Datadir=/var/lib/mysql

Socket=/var/lib/mysql/mysql.sock

# Disabling symbolic-links is recommended to prevent assorted security risks

Symbolic-links=0

# Settings user and group are ignored when systemd is used.

# If you need to run mysqld under a different user or group

# customize your systemd unit file for mariadb according to the

# instructions in http://fedoraproject.org/wiki/Systemd

Character_set_server = utf8

Lower_case_table_names = 1 (non-case setting)

[mysqld_safe]

Character_set_server = utf8

Log-error=/var/log/mariadb/mariadb.log (if it does not exist, a file needs to be created)

Pid-file=/var/run/mariadb/mariadb.pid (if it does not exist, a file needs to be created)

[mysql]

Default-character-set = utf8

[mysql.server]

Default-character-set = utf8

[client]

Default-character-set = utf8

#

# include all files from the config directory

#

! includedir / etc/my.cnf.d

Restart the Nginx, tomcat, ftpserver and mysql services when you reach this point

Nginx

/ usr/local/nginx/sbin/nginx-t check whether the nginx configuration file is correct

/ usr/local/nginx/sbin/nginx starts the nginx service

Tomcat

Sh / data0/zt/tomcat01/bin/startup starts the tomcat service

Ftpserver

Cd / data0/zt/apache-ftpserver-1.0.6

Sh bin/ftpd.sh res/conf/ftpd.xml & start the ftpserver service and check the return value

Mysql

Service mysql restart restarts the mysql service

Problems that may be encountered during deployment:

In case of zombie program:

Ps-A-o stat,ppid,pid,cmd | grep-e "^ [Zz]"

Just drop the ppid from kill, and kill your father.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.