內部測試環境部署文檔
因為內網並沒有聯網,故使用的rpm包安裝的形式進行相關軟件的安裝
涉及软件及应用版本:
Linux版本: CentOS 7.2
Nginx版本:nginx-1.10.1
Java版本: jdk-8u101
Tomcat版本:Tomcat-7.0.72
MySQL版本:mariadb-5.5.52
1.nginx安裝及配置
首先安裝nginx前需要安裝一些依賴庫 openssl-devel 、zlib-devel 、pcre-devel
但是還有其他依賴包需要安裝 rpm -ivh *.rpm
keyutils-libs-devel-1.5.8-3.el7.x86_64.rpm
krb5-devel-1.13.2-10.el7.x86_64.rpm
libcom_err-devel-1.42.9-7.el7.x86_64.rpm
libselinux-devel-2.2.2-6.el7.x86_64.rpm
libsepol-devel-2.1.9-3.el7.x86_64.rpm
libverto-devel-0.2.5-4.el7.x86_64.rpm
openssl-devel-1.0.1e-42.el7.9.x86_64.rpm
pcre-devel-8.32-15.el7.x86_64.rpm
zlib-devel-1.2.7-15.el7.x86_64.rpm
程序默认是使用 nobody 身份运行的,我们使用 nginx 用户来运行,首先添加Nginx组和用户,不创建家目录,不允许登陆系统
#groupadd nginx
#useradd -M -s /sbin/nologin -g nginx nginx
安裝nginx採取的是nginx-1.10.1.tar.gz
# tar xf nginx-1.10.1.tar.gz
# cd nginx-1.10.1
指定安装目錄和编译啟用一些狀態監控模塊等
# ./configure \
–prefix=/usr/local/nginx \
–pid-path=/usr/local/nginx/logs/nginx.pid \
–lock-path=/var/lock/nginx.lock \
–user=nginx \
–group=nginx \
–with-http_ssl_module \
–with-http_flv_module \
–with-http_stub_status_module \
–with-http_gzip_static_module \
–http-client-body-temp-path=/var/tmp/nginx/client/ \
–http-proxy-temp-path=/var/tmp/nginx/proxy/ \
–http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
–http-uwsgi-temp-path=/var/tmp/nginx/uwsgi \
–http-scgi-temp-path=/var/tmp/nginx/scgi \
–with-pcre
大概结果:
Configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ md5: using OpenSSL library
+ sha1: using OpenSSL library
+ using system zlib library
nginx path prefix: “/usr/local/nginx”
nginx binary file: “/usr/local/nginx/sbin/nginx”
nginx modules path: “/usr/local/nginx/modules”
nginx configuration prefix: “/usr/local/nginx/conf”
nginx configuration file: “/usr/local/nginx/conf/nginx.conf”
nginx pid file: “/var/run/nginx/nginx.pid”
nginx error log file: “/usr/local/nginx/logs/error.log”
nginx http access log file: “/usr/local/nginx/logs/access.log”
nginx http client request body temporary files: “/var/tmp/nginx/client/”
nginx http proxy temporary files: “/var/tmp/nginx/proxy/”
nginx http fastcgi temporary files: “/var/tmp/nginx/fcgi/”
nginx http uwsgi temporary files: “/var/tmp/nginx/uwsgi”
nginx http scgi temporary files: “/var/tmp/nginx/scgi”
上述配置完,就進行編譯安裝
#make && make install
#mkdir /var/tmp/nginx/client/ -pv
等编译安装完成后在 /usr/local 下就会出现 Nginx 这个目录了,进入这个目录后发现目录非常简单。
它的配置文件存放在 conf 目录中,网页文件存放在 html 中,日志文件存放在 logs 中,
sbin 目录下只有一个可执行程序 “nginx”
配置nginx.conf文件
user nginx;
worker_processes auto;
error_log /usr/local/nginx/logs/error.log;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 100000;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
default_type application/octet-stream;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10;
client_header_timeout 10;
client_body_timeout 10;
reset_timedout_connection on;
send_timeout 10;
limit_conn_zone $binary_remote_addr zone=addr:5m;
limit_conn addr 100;
include /usr/local/nginx/conf/mime.types;
charset UTF-8;
gzip on;
gzip_disable “msie6”;
gzip_proxied any;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
open_file_cache max=100000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server {
listen 80;
server_name localhost;
charset utf-8;
location ~ /uploads/.*\.(gif|jpg|jpeg|png|pdf|doc|xls|docx|xlsx|apk|htm|html|mp4|flv)$ {
expires 24h;
root /data0/nginx/res/home/;
access_log off;
proxy_store on;
proxy_store_access user:rw group:rw all:rw;
proxy_temp_path /data0/nginx/res/home/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 20m;
client_body_buffer_size 1280k;
proxy_connect_timeout 900;
proxy_send_timeout 900;
proxy_read_timeout 900;
proxy_buffer_size 40k;
proxy_buffers 40 320k;
proxy_busy_buffers_size 640k;
proxy_temp_file_write_size 640k;
if ( !-e $request_filename)
{
proxy_pass http://127.0.0.1:80;
}
}
location / { client_max_body_size 20m;
proxy_pass http://localhost:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# allow 116.6.90.240;
# deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
之後可以啟動nginx服務
#/usr/local/nginx/sbin/nginx -t 校驗配置文件是否有誤
#/usr/local/nginx/sbin/nginx 啟動nginx服務
但是記得關閉防火牆或者开启防火墙规则
在CentOS 7 以後不再用iptables作為防火牆,直接使用firewall
# systemctl stop firewalld.service && systemctl disable firewalld.service
或者
#firewall-cmd –zone=public –add-port=80/tcp
注:当然在防火墙开启的情况下注意要把后续要用的服务端口都加上,不然会影响对外提供服务的
接下来就在浏览器中访问你服务的IP看看效果出現welcome to nginx便是配置成功了
2.安裝配置java 與tomcat
在安裝tomcat前需要安裝Java
內網使用安裝包安裝 解壓並且進入安裝包
# tar -zxvf jdk-8u101-linux-x64.tar.gz
# mkdir /usr/local/java
mv jdk1.8.0_101/ /usr/local/java/
配置環境變量
# vim /etc/profile
在最有一行添加上下列信息
# java
export JAVA_HOME=/usr/local/java/jdk1.8.0_101
export JRE_HOME=/usr/local/java/jdk1.8.0_101/jre
export CLASSPATH=.:$JRE_HOME/lib/dt.jar:$JRE_HOME/lib/tools.jar
export PATH=$JRE_HOME/bin:$JRE_HOME/bin:$PATH
讓配置生效查看版本
# source /etc/profile
# java -version
java version “1.8.0_101”
Java(TM) SE Runtime Environment (build 1.8.0_101-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.101-b13, mixed mode)
首先tomcat是一個免安裝軟件直接進行解壓即可,查看tomcat版本及JVM配置環境信息
sh /data0/zt/tomcat01/bin/version.sh
Using CATALINA_BASE: /data0/zt/tomcat01
Using CATALINA_HOME: /data0/zt/tomcat01
Using CATALINA_TMPDIR: /data0/zt/tomcat01/temp
Using JRE_HOME: /usr/local/java/jdk1.8.0_101/jre
Using CLASSPATH: /data0/zt/tomcat01/bin/bootstrap.jar:/data0/zt/tomcat01/bin/tomcat-juli.jar
Server version: Apache Tomcat/7.0.72
Server built: Sep 14 2016 12:12:26 UTC
Server number: 7.0.72.0
OS Name: Linux
OS Version: 3.10.0-327.el7.x86_64
Architecture: amd64
JVM Version: 1.8.0_101-b13
JVM Vendor: Oracle Corporation
修改全局參數 custom.properties 即數據庫連接等相關設定
vim /data0/zt/tomcat01/webapps/ROOT/WEB-INF/classes/custom.properties
hibernate.databasePlatform=org.hibernate.dialect.MySQL5InnoDBDialect
jdbc.driverClassName=com.mysql.jdbc.Driver
#jdbc.url=jdbc:mysql://localhost/test_jspxcms_enterprise?characterEncoding=utf8
#jdbc.username=root
#jdbc.password=password
jdbc.url=jdbc:mysql://10.134.100.7/z?acharacterEncoding=utf8(修改成對應的連接主機IP、數據庫、帳號、密碼)
jdbc.username=root
jdbc.password=FLM@88
#hibernate.databasePlatform=org.hibernate.dialect.Oracle10gDialect
#jdbc.driverClass=oracle.jdbc.OracleDriver
#jdbc.url=jdbc:oracle:thin:@localhost:1521:orcl
#jdbc.user=jspxcms
#jdbc.password=password
#hibernate.databasePlatform=org.hibernate.dialect.SQLServer2005Dialect
#jdbc.driverClass=net.sourceforge.jtds.jdbc.Driver
#jdbc.url=jdbc:jtds:sqlserver://localhost:1433/jspxcms
#jdbc.user=sa
#jdbc.password=password
#jdbc.driverClass=com.microsoft.sqlserver.jdbc.SQLServerDriver
#jdbc.url=jdbc:sqlserver://localhost:1433;databaseName=jspxcms
#hibernate.databasePlatform=org.hibernate.dialect.DB2Dialect
#jdbc.driverClass=com.ibm.db2.jcc.DB2Driver
#jdbc.url=jdbc:db2://localhost:50000/SAMPLE:currentSchema=JSPXCMS;
#jdbc.user=db2admin
#jdbc.password=password
jdbc.pool.maxIdle=10
jdbc.pool.maxActive=30
hibernate.showSql=true(改為false,因为容易产生大量日志,导致磁盘空间爆满)
#jdbc.driverClass=net.sf.log4jdbc.DriverSpy
#jdbc.url=jdbc:log4jdbc:mysql://localhost/jspxcms?characterEncoding=utf8
# messages\u7f13\u5b58\u8bbe\u7f6e\u3002\u4e0d\u7f13\u5b58\uff1a0\uff1b\u6c38\u4e45\u7f13\u5b58\uff1a-1\u3002\u5355\u4f4d\uff1a\u79d2\u3002
messageSource.cacheSeconds=-1
# \u6a21\u677f\u7f13\u5b58\u8bbe\u7f6e\u3002\u4e0d\u7f13\u5b58\uff1a0\u3002\u5355\u4f4d\uff1a\u79d2\u3002
freemarkerConfig.template_update_delay=2
# Lucene\u7d22\u5f15\u76ee\u5f55
fsDirectory.location=/WEB-INF/fulltext
# \u662f\u5426\u81ea\u52a8\u63d0\u4ea4\u7d22\u5f15\u3002\u5982\u4e0d\u81ea\u52a8\u63d0\u4ea4\uff0c\u5728\u975e\u6b63\u5e38\u505c\u6b62Tomcat\u670d\u52a1\u65f6\uff0c\u7d22\u5f15\u4f1a\u4e22\u5931\u3002\u81ea\u52a8\u63d0\u4ea4\u5bf9\u6027\u80fd\u6709\u4e00\u5b9a\u5f71\u54cd\uff0c\u5728\u6570\u636e\u91cf\u5927\u7684\u60c5\u51b5\u4e0b\uff0c\u5e94\u8003\u8651\u5173\u95ed\u81ea\u52a8\u63d0\u4ea4\u3002
luceneIndexTemplate.autoCommit=true
# \u662f\u5426\u5141\u8bb8\u8bbf\u95ee\u7ad9\u70b9\u6587\u4ef6
webFile.isEnableSiteFile=true
#\u6a21\u7248\u8def\u5f84
templateStorePath=/template
#templateStorePath=file:d:\\jspxcms\\template
templateDisplayPath=/template
openofficeHost=openofficePort=
swftoolsPdf2swf=
#swftoolsPdf2swf=/usr/local/bin/pdf2swf#swftoolsLanguagedir\u4e5f\u53ef\u4ee5\u4e3a\u7a7a\uff0c\u4f46\u6709\u53ef\u80fd\u4e0d\u652f\u6301\u67d0\u4e9b\u5b57\u4f53
#swftoolsLanguagedir=/usr/share/xpdf/xpdf-chinese-simplified
swftoolsLanguagedir=
#\u521b\u59cb\u4eba\uff08\u901a\u5e38\u662fadmin\uff09\u662f\u5426\u62e5\u6709\u6240\u6709\u6743\u9650\u4e14\u4e0d\u53d7\u89d2\u8272\u6743\u9650\u63a7\u5236\u3002\u521b\u59cb\u4eba\u4e0d\u5c0f\u5fc3\u53d6\u6d88\u4e86\u81ea\u5df1\u7684\u89d2\u8272\u7ba1\u7406\u6743\u9650\u65f6\uff0c\u53ef\u4ee5\u5f00\u542f\u8be5\u9879\u3002
isRootAllPerms=false
#\u6587\u6863\u7ba1\u7406\u7684\u5173\u952e\u8bcd\u5206\u9694\u7b26
tagKeywordsSplit=\uff0c\uff1b;\uff5c|
defUsername=
defPassword=
#register.config.http.proxy.ip=10.161.24.62
#register.config.http.proxy.port=8083
register.config.mobile.message.accout.user=szfjj-4
register.config.mobile.message.accout.password=100d68
重啟tomcat服務
sh /data0/zt/tomcat01/bin/shutdown.sh(關閉tomcat服務)
netstat -nltp(查看是否開放了tomcat端口 8080 8009 8005)
ps -ef | grep java(查看是否殘留了tomcat服務,便於查看是否出現僵尸進程,可進行處理)
sh /data0/zt/tomcat01/bin/startup.sh(啟動tomcat服務)
3.ftpserver安裝
ftpserver也屬於免安裝的,直接對配置文檔進行修改就可以了
vim /data0/zt/apache-ftpserver-1.0.6/res/conf/user.properties
# specific language governing permissions and limitations
# under the License.
# Password is “admin”
ftpserver.user.admin.userpassword=21232F297A57A5A743894A0E4A801FC3
ftpserver.user.admin.homedirectory=/data0/nginx/res/home
ftpserver.user.admin.enableflag=true
ftpserver.user.admin.writepermission=true
ftpserver.user.admin.maxloginnumber=0
ftpserver.user.admin.maxloginperip=0
ftpserver.user.admin.idletime=0
ftpserver.user.admin.uploadrate=0
ftpserver.user.admin.downloadrate=0
ftpserver.user.anonymous.userpassword=
ftpserver.user.anonymous.homedirectory=/data0/nginx/res/home
ftpserver.user.anonymous.enableflag=true
ftpserver.user.anonymous.writepermission=false
ftpserver.user.anonymous.maxloginnumber=20
ftpserver.user.anonymous.maxloginperip=2
ftpserver.user.anonymous.idletime=300
ftpserver.user.anonymous.uploadrate=4800
ftpserver.user.anonymous.downloadrate=4800
需要創建一個存放ftp文件的目錄
mkdir -p /data0/nginx/res/home
cp -raf ftpd-typical.xml ftpd.xml
啟動ftp服務
sh /apache-ftpserver-1.0.6/bin/ftpd.sh /apache-ftpserver-1.0.6/res/conf/ftpd.xml&
連接ftp
ftp localhost 2121
admin
admin
mput 上傳文件
mget 下載文件
在本地瀏覽器進行訪問ftp://admin:admin@10.134.100.174:2121
4.安裝數據庫
MySQL 已经不再包含在 CentOS 7 的源中,而改用了 MariaDB;
a、使用rpm -qa | grep mariadb搜索 MariaDB 现有的包:
如果存在,使用rpm -e –nodeps mariadb-*全部删除
b、使用rpm -qa | grep mariadb搜索 MariaDB 现有的包:
如果存在,使用yum remove mysql mysql-server mysql-libs compat-mysql51全部删除;
c、安装
需要下载 perl-DBI-1.521-1.EL5.rfx.x86_64.rpm 安装包,
mariaDB MariaDB-5.5.29-rhel5-x86_64-common.rpm
MariaDB-5.5.29-rhel5-x86_64-server.rpm
MariaDB-5.5.29-rhel5-x86_64-client.rpm
d、然后再http://yum.mariadb.org/ 找到 RPM-GPG-KEY-MariaDB 这个PGP文件,
把文件放入到/etc/pki/rpm-gpg 目录下,执行 导入key 的命令 rpm –import /etc/pki/rpm-gpg/RPM*
e、安装perl-DBI-1.521-1.EL5.rfx.x86_64.rpm 包, rpm -ivh perl-DBI-1.521-1.EL5.rfx.x86_64.rpm
f、安装MariaDB 包 ,rpm -ivh MariaDB-*,安装完成
g、启动mysql:
[root@localhost mysql]# service mysql start
Starting MySQL……. SUCCESS!
h、查看mysql是否啟動成功
ps -ax | grep mysql
进入mysql
# mysql -u root -p
ENter password:
MariaDB [(none)]> show databases;
+——————–+
| Database |
+——————–+
| information_schema |
| mysql |
| performance_schema |
| test |
+——————–+
4 rows in set (5.75 sec)
i、配置mysql
mysql_secure_installation
接下來看情況進行配置
j、創建數據庫
現進入mysql
# mysql -u root -p
Enter password:
後面
MariaDB [(none)]>create database z character set utf8;
查看是否建立成功
MariaDB [(none)]>show databases;
k、導出你需要的數據庫
mysqldump -h 10.157.136.134 -uroot -proot
–events –ignore-table=mysql.event –default-character-set=UTF8 jspxcms >z.sql
l、因為已經建立好了一個空數據庫來存放,現在只需要執行數據庫導入命令
# mysql -u root -p
Enter password:
MariaDB [(none)]>use z;
Database changed
MariaDB [z]> source /root/z.sql(此處為你放置z.sql的存放位置)
m、确定数据表是否创建成功,即数据文件是否导入成功。
MariaDB [z]>show tables;
若看到下列表單,說明導入成功
+————————–+
| Tables_in_z |
+————————–+
| cms_ad |
| ……………………………………(此處省略)
| qrtz_triggers |
| t_id_table |
+————————–+
106 rows in set (0.00 sec)
n、要賦予數據庫權限
MariaDB [z]>GRANT ALL PRIVILEGES ON *.* TO ‘root’@’10.134.100.7′ IDENTIFIED BY ‘FLM@88’ WITH GRANT OPTION;
MariaDB [z]>flush privileges;
o、檢驗是否賦予遠程連接數據庫權限已開通
mysql -h 10.134.100.7 -uroot -pFLM@88 z
如果進入數據庫說明成功,否則重啟mysql服務即可再次嘗試
service mysql restart
p、數據庫分大小寫(有可能會影響到頁面無法呈現的議題)
修改/etc/my.cnf配置文件即可
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
character_set_server = utf8
lower_case_table_names = 1 (不區分大小寫設定)
[mysqld_safe]
character_set_server = utf8
log-error=/var/log/mariadb/mariadb.log(若不存在,需建立文件夾)
pid-file=/var/run/mariadb/mariadb.pid(若不存在,需建立文件夾)
[mysql]
default-character-set = utf8
[mysql.server]
default-character-set = utf8
[client]
default-character-set = utf8
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
到達此處重啟下,Nginx、tomcat、ftpserver、mysql各項服務即可
nginx
/usr/local/nginx/sbin/nginx -t 檢驗nginx配置文件是否正確
/usr/local/nginx/sbin/nginx 啟動nginx服務
tomcat
sh /data0/zt/tomcat01/bin/startup 啟動tomcat服務
ftpserver
cd /data0/zt/apache-ftpserver-1.0.6
sh bin/ftpd.sh res/conf/ftpd.xml & 啟動ftpserver服務,檢驗返回值
mysql
service mysql restart 重啟mysql服務
在部署中可能遇見的問題:
若遇見僵尸程式:
ps -A -o stat,ppid,pid,cmd | grep -e “^[Zz]”
kill掉ppid即可,殺死父進程
