一些软件的离线安装会容易一点的并未记录在线yum安装, 比如tomcat等.
很多内容和写的另外一篇博客nginx+keepalived+pgsql+mysql+redis+tomcat离线部署过程有部分重合
因为一些在线安装, 无非是
- yum安装: 版本可能不是最新的
- 下载源代码编译安装: 与离线大差不离
- 下载
rpm
/tar.gz
压缩包: 同上
1. java8
1.1 清除旧的
有一些服务器会自带java8
- 使用指令
rpm -qa|grep jdk
查看copy-jdk-configs-4.0-1.hce2.noarch java-1.8.0-openjdk-headless-1.8.0.342.b07-0.hce2.x86_64 java-1.8.0-openjdk-1.8.0.342.b07-0.hce2.x86_64 java-1.8.0-openjdk-devel-1.8.0.342.b07-0.hce2.x86_64
- 卸载(将每个相关的卸载)
rpm -e --nodeps java-1.8.0-openjdk-1.8.0.342.b07-0.hce2.x86_64
1.2 离线安装(如果有网可通过wget下载安装包)
- 在官网上下载对应版本的rpm安装包
- 安装:
rpm -ivh jdk-8u371-linux-x64.rpm
- 验证:
java
/javac
/java -version
- 参考
1.3 在线安装
yum install -y java-1.8.0-openjdk-devel.x86_64
- 验证安装即可
- 参考:
2. tomcat
-
下载: 官网下载tar.gz压缩包,
apache-tomcat-8.5.81.tar.gz
为例 -
上传: 将压缩包上传到服务器的一个目录上
-
解压:
tar -zxvf apache-tomcat-8.5.81.tar.gz
-
重命名:
mv apache-tomcat-8.5.81.tar.gz tomcat
-
移动到安装目录(位置随意):
mv tomcat /usr/local/tomcat
-
创建tomcat.service,
vi /etc/systemd/system/tomcat.service
, 并输入(注意java路径和tomcat路径):[Unit] Description=Tomcat Web Application Container After=syslog.target network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.181-7.b13.el7.x86_64/ Environment=CATALINA_PID=/usr/local/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/usr/local/tomcat/ Environment=CATALINA_BASE=/usr/local/tomcat/ Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC' ExecStart=/usr/local/tomcat/bin/startup.sh ExecStop=/usr/local/tomcat/bin/shutdown.sh User=root Group=root UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
-
常用指令
- 启用: systemctl enable tomcat
- 开启: systemctl start tomcat
- 查看状态: systemctl status tomcat
- 停止: systemctl stop tomcat
- 重启: systemctl restart tomcat
-
验证:
curl localhost:8080
-
修改默认端口8080为80,
vi /usr/local/tomcat/conf/service.xml
, 差不多69行(或者通过/ + 输入8080寻找)<Connector port="80" protocol="HTTP/1.1"...
将
8080
修改成80即可 -
重启tomcat:
systemctl restart tomcat
-
端口放行
- 放行:
firewall-cmd --add-port=80/tcp --permanent
- 查看是否添加进去了:
firewall-cmd --list-port
- 重载:
firewall-cmd --reload
- 验证: 同局域网内机器上
curl ip:80
- 放行:
-
参考:
3. mysql8
3.1 在线安装
- 库:
yum localinstall https://repo.mysql.com//mysql80-community-release-el7-1.noarch.rpm
- 装:
yum install mysql-community-server
- 启动:
systemctl start mysqld
- 自启:
systemctl enable mysqld
- 修改密码:
- 默认密码:
grep 'temporary password' /var/log/mysqld.log
- 登录(不能命令行输入密码, 就-p后控制台shift+insert粘贴):
mysql -p t&ki3u&+ib7X
- 修改密码(可以设置得困难点):
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY '123456';
- 简单密码异常:
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
- 校验规则:
mysql> set global validate_password.policy=0;
- 密码长度:
mysql> set global validate_password.length=1;
- 校验规则:
- 验证: 退出后使用mysql -p验证密码是否可以登录
- 默认密码:
- [选] 修改远程连接
- 登录到mysql中
- host限制:
mysql> update mysql.user set host='%' where user="root";
- 刷新:
mysql> flush privileges;
- [选] 端口放行
- 放行:
firewall-cmd --add-port=3306/tcp --permanent
- 查看是否添加进去了:
firewall-cmd --list-port
- 重载:
firewall-cmd --reload
- 验证: 在非本机上使用软件通过ip直接访问
- 放行:
- 为了安全可以使用ssh登录, 这样不不用配置远程连接了和端口放行了
- 参考
3.2 离线安装
- 下载: 在官网下载对应服务器版本的mysql版本压缩包, 比如:
mysql-8.0.32-el7-x86_64.tar.gz
- 上传到
/usr/local下
- 解压:
tar -zxvf mysql-8.0.32-el7-x86_64.tar.gz
- 卸载mariadb
- 查找是否存在:
rpm -qa | grep mariadb
- 卸载:
rpm -e --nodeps mariadb-libs
- 查找是否存在:
- 创建mysql用户和用户组
- 组:
groupadd mysql
- 用户并添加到组内:
useradd -g mysql mysql
- 组:
- 赋予mysql目录权限(最后一个是目录):
chown -R mysql:mysql mysql/
- mysql配置文件,
vim /etc/my.cnf
, 其中local_case_table_names=1
是忽略大小写[mysql] default-character-set=utf8mb4 [client] #port=3306 socket=/var/lib/mysql/mysql.sock [mysqld] user=mysql general_log = 1 general_log_file= /var/log/mysql/mysql.log socket=/var/lib/mysql/mysql.sock basedir=/usr/local/mysql/ datadir=/usr/local/mysql/data log-bin=/usr/local/mysql/data/mysql-bin innodb_data_home_dir=/usr/local/mysql/data innodb_log_group_home_dir=/usr/local/mysql/data/ character-set-server=utf8mb4 lower_case_table_names=1 autocommit=1 default_authentication_plugin=mysql_native_password symbolic-links=0 # Disabling symbolic-links is recommended to prevent assorted security risks # Settings user and group are ignored when systemd is used. # If you need to run mysqld under a different user or group, # customize your systemd unit file for mariadb according to the # instructions in http://fedoraproject.org/wiki/Systemd [mysqld_safe] log-error=/usr/local/mysql/data/mysql.log pid-file=/usr/local/mysql/data/mysql.pid # # include all files from the config directory
- 给配置文件权限:
chown 777 /etc/my.cnf
- 添加环境变量
- 打开:
vim /etc/profile
- 最后添加:
export PATH=$PATH:/usr/local/mysql/bin:/usr/local/mysql/lib
- 生效:
source /etc/profile
- 打开:
- 初始化数据库:
/usr/local/mysql/bin/mysqld --user=mysql --basedir=/usr/local/mysql/ --datadir=/usr/local/mysql/data/ --initialize
, 会输出日志如下(最后一行是默认密码):2023-04-18T06:52:34.464698Z 0 [Warning] [MY-011070] [Server] 'Disabling symbolic links using --skip-symbolic-links (or equivalent) is the default. Consider not using this option as it' is deprecated and will be removed in a future release. 2023-04-18T06:52:34.464786Z 0 [Warning] [MY-010918] [Server] 'default_authentication_plugin' is deprecated and will be removed in a future release. Please use authentication_policy instead. 2023-04-18T06:52:34.464809Z 0 [System] [MY-013169] [Server] /usr/local/mysql/bin/mysqld (mysqld 8.0.32) initializing of server in progress as process 11924 2023-04-18T06:52:34.480151Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started. 2023-04-18T06:52:34.946560Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended. 2023-04-18T06:52:36.589592Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: fGzmjdZXj0<p
- 进入到mysql目录中复制执行文件:
cp -a ./support-files/mysql.server /etc/init.d/mysql cp -a ./support-files/mysql.server /etc/init.d/mysqld chmod +x /etc/init.d/mysql chmod +x /etc/init.d/mysqld
- 创建mysql socket文件
- 创建目录:
mkdir /var/lib/mysql
- 赋用户权限:
chown -R mysql:mysql /var/lib/mysql
- 创建目录:
- 通过service操作 (start | stop | restart | reload | force-reload | status)
- 启动:
service mysql start
- 重启:
service mysql restart
- 停止:
service mysql stop
- 启动:
- 启动后, 进入修改密码
- 进入:
/usr/local/mysql/bin/mysql -p
, 回车输入密码(初始化数据库那个默认密码) - 修改:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '5h%jqTlsjfgm0UjHksklP3vL';
- 如果设置简单密码处理方式同上面的在线安装
- 刷新:
flush privileges;
- exist退出, 再次使用新密码测试连接
- 进入:
- 远程配置方式和端口放行也同上面的在线安装方式
- 配置service,
vim /etc/systemd/system/mysql.service
[Unit] Description=MySQL Server After=network.target [Service] Type=forking User=mysql ExecStart=/etc/init.d/mysql start ExecStop=/etc/init.d/mysql stop [Install] WantedBy=multi-user.target
- 关闭使用service启动的mysql,
service mysql stop
- 重载:
systemctl daemon-reload
- 自启:
systemctl enable mysql
- 启动:
syatemctl start mysql
- 参考: centos7 离线安装mysql8
4. postgresql
会自动生成service, 目录在/usr/lib/systemd/system/
下, 自己创建的service在这里和/etc/systemd/system/
下都是可以生效, 区别是/usr/
下的一般是软件安装时候自动生成的, /etc/
下是用户自己定义的.
4.1 在线安装
- 官网PostgreSQL Downloads依次选择
Linux
->Red Hat/Rocky/CentOS
->1.软件版本最新就行
->2.系统版本根据自己的选择对应版本
->3.位数 x86_64就行
下方会出现安装需要执行的指令sudo yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm sudo yum install -y postgresql15-server sudo /usr/pgsql-15/bin/postgresql-15-setup initdb sudo systemctl enable postgresql-15 sudo systemctl start postgresql-15
- 逐条执行即可
- 修改密码
- 切换用户并切换sql模式:
sudo – u postgres psql
- [1] 指明修改密码:
\password postgres
, 回车等待输入密码 - [1] 输入两次密码
- [2] 在切换用户并切换sql模式之后输入:
alter user postgres with password 'your_new_password';
也行 - 退出:
\q
- 切换用户并切换sql模式:
- [选] 远程连接需要修改(不配置远程连接可通过ssh通道连接)
-
postgresql.conf
:- 端口, 如果需要修改在此文件中修改
vim /var/lib/pgsql/14/data/postgresql.conf
, 修改成listen_addresses="*"
-
pg_hab.conf
:vim /var/lib/pgsql/14/data/pg_hba.conf
在
IPV4
下添加host all all 0.0.0.0/0 md5
-
- [选] 防火墙放行(如果防火墙没有开可以跳过此步骤, 使用
systemctl status firewalld
查看防火墙状态)- 放行:
firewall-cmd --add-port=5432/tcp --permanent
- 重载:
firewall-cmd --reload
- 放行:
- 重启pgsql:
systemctl restart postgresql-15
- 参考:
4.2 离线安装
- 下载:
https://download.postgresql.org/pub/repos/yum/15/redhat/rhel-7-x86_64/
- postgresql15-15.3-1PGDG.rhel7.x86_64.rpm
- postgresql15-libs-15.3-1PGDG.rhel7.x86_64.rpm
- postgresql15-server-15.3-1PGDG.rhel7.x86_64.rpm
- 按照顺序安装
rpm -ivh postgresql15-libs-15.3-1PGDG.rhel7.x86_64.rpm rpm -ivh postgresql15-15.3-1PGDG.rhel7.x86_64.rpm rpm -ivh postgresql15-server-15.3-1PGDG.rhel7.x86_64.rpm
- 安装过程如果有libicu报错, 下载libicu-50.2-4.el7_7.x86_64.rpm安装即可
- 初始化:
/usr/pgsql-15/bin/postgresql-15-setup initdb
- 开机自启:
systemctl enable postgresql-15
- 启动:
systemctl start postgresql-15
- 剩下步骤与在线安装无异(从初始化开始就步骤重复了)
- 参考: postgresql14离线安装
5. redis
5.1 需要编译安装, 提前安装gcc pcre-devel openssl-devel zlib-devel
- 在线:
yum -y install make zlib zlib-devel gcc-c++ libtool openssl openssl-devel pcre-devel
- 离线
- 共25个文件, 手动下载下来整理好了: 点击下载,
- 上传到服务器
- 使用
rpm -ivh *.rpm --nodeps --force
批量安装
5.2 安装
- 官网下载: https://redis.io/download/, 比如
redis-7.0.11.tar.gz
, 上传服务器 - 解压:
tar -zxvf redis-7.0.11.tar.gz
- 切换目录:
cd redis-7.0.11
- 编译:
make
- 安装:
make install PREFIX=/usr/local/redis
, 不指定目录, 默认/usr/local/bin
, 指定了会在目录下生成bin
目录 - 复制配置文件:
cp redis.conf /usr/local/redis/bin/
- 修改:
vim /usr/local/redis/bin/redis.conf
- 开启守护进程(后台运行):
daemonize yes
- [非本地连接]关闭只允许本地连接: 关闭只允许本地:
# bind 127.0.0.1
或者改成0.0.0.0
- [非本地连接]关闭保护模式:
protected-mode no
- 端口:
port 6379
- 密码:
requirepass 123456
- 默认日志路径:
logfile "/usr/local/redis/bin/redis.log"
// 需要手动创建出
- 开启守护进程(后台运行):
- 配置redis.service
[Unit] Description=redis-server After=network.target [Service] Type=forking ExecStart=/usr/local/redis/bin/redis-server /usr/local/redis/bin/redis.conf PrivateTmp=true [Install] WantedBy=multi-user.target
- 重载:
systemctl daemon-reload
- 开机自启:
systemctl enable redis
- 启动:
systemctl start redis
- [选] 防火墙放行
- 放行:
firewall-cmd --add-port=6379
- 重载:
firewall-cmd --reload
- 放行:
- redis图形操作测试, 如rdm: https://codor.lanzoue.com/idvHXprxrpc
6. nginx
学习使用过程整理了ngix安装与使用
也需要先提前安装5.1中的内容
-
下载: https://nginx.org/en/download.html, 中的
Stable version
, 以nginx-1.24.0.tar.gz
为例 -
上传服务器
-
解压:
tar -zxvf nginx-1.24.0.tar.gz
-
切换目录:
cd nginx-1.24.0
-
配置:
./configure
-
编译:
make
-
安装:
make install
, 默认安装目录/usr/local/nginx
, 也可想redis一样指定安装目录 -
修改配置文件(简单配置)
- 添加upstream mysservers节点,
http
下与server
同级的地方upstream myservers { # 可多个 # 输入ip端口和权重 server 127.0.0.1:8080 weight=1; }
server
节点下location
中修改server { listen 80; server_name: localhost; location / { proxy_pass http://myservers; proxy_redirect default; #root html; #index index.html index.htm; } }
- 添加upstream mysservers节点,
-
注册nginx.service,
vim /etc/systemd/system/nginx.service
[Unit] Description=Nginx HTTP Server After=network.target [Service] Type=forking PIDFile=/usr/local/nginx/logs/nginx.pid ExecStartPre=/usr/local/nginx/sbin/nginx -t ExecStart=/usr/local/nginx/sbin/nginx ExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/usr/local/nginx/sbin/nginx -s stop PrivateTmp=true [Install] WantedBy=multi-user.target
-
重载:
systemctl daemon-reload
-
开机自启:
systemctl enable nginx
-
启动:
systemctl start nginx
-
重载配置(修改配置后需要):
systemctl reload nginx
-
测试能否实现转发
7.keepalived
7.1 在线安装和简单使用
- 可参考: keepalived的简单使用, 整理一些使用中常用的基本情况
7.2 离线安装
-
复制到
/opt
下 -
解压:
tar -zxvf keepalived-2.2.7.tar.gz
-
进入目录:
cd keepalived-2.2.7/
-
配置:
./configure --prefix=/usr/local/keepalived
, 指定安装目录 -
编译:
make
-
安装:
make install
-
进入安装目录:
cd /usr/local/keepalived/
会自动生成:
drwxr-xr-x. 2 root root 21 May 5 03:19 bin drwxr-xr-x. 4 root root 41 May 5 03:19 etc drwxr-xr-x. 2 root root 24 May 5 03:19 sbin drwxr-xr-x. 5 root root 40 May 5 03:19 share
-
新建配置文件(同目录下有配置文件的demo可参考):
vim ./etc/keepalived/keepalived.conf
备用服务器上的state 填入BACK_UP, 优先级小一点. 其他一样
! Configuration File for keepalived # 定义虚拟路由, 必须叫VI_1 vrrp_instance VI_1 { state MASTER #设置为主服务器, 备份服务器设置为BACKUP interface eth0 #监控的网络接口(ifconfig或者ip addr指令找出网卡) priority 100 #(优先级, 主机大一点, 备份机小一点) virtual_router_id 99 #同一个vrrp_instance下routerId必须是一致的 authentication { auth_type PASS #vrrp认证方式主备必须一致 auth_pass 12345 #密码 } virtual_ipaddress { 127.0.0.88 #虚拟ip, 主从一致, 可配置多个 } }
-
修改service
使用离线方式安装keepalived后会自动生成keepalived.service文件位置在:
/usr/lib/systemd/system/keepalived.service
注: 一般系统的或者安装程序自动生成的service文件会在
/usr/lib/systemd/system
下用户自己配置的service一般会放在/etc/systemd/system/下, 两个目录下都可以用systemctl命令操作到.
-
默认的keepalived.service文件
[Unit] Description=LVS and VRRP High Availability Monitor After=network-online.target syslog.target Wants=network-online.target Documentation=man:keepalived(8) Documentation=man:keepalived.conf(5) Documentation=man:genhash(1) Documentation=https://keepalived.org [Service] Type=forking PIDFile=/run/keepalived.pid KillMode=process EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalived ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target
-
修改后的keepalived.service文件
需要修改ExecStart命令后指向配置文件位置. -f /path/to/keepalived.conf
(因为默认的配置文件都在/usr/local/keepalived/etc/内, 就没有往/etc/keepalived/内复制)
[Unit] Description=LVS and VRRP High Availability Monitor After=network-online.target syslog.target Wants=network-online.target Documentation=man:keepalived(8) Documentation=man:keepalived.conf(5) Documentation=man:genhash(1) Documentation=https://keepalived.org [Service] Type=forking PIDFile=/run/keepalived.pid KillMode=process EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalived ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS -f /usr/local/keepalived/etc/keepalived/keepalived.conf ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target
-
-
使用systemctl控制
- 重新加载service文件:
systemctl daemon-reload
- 设置开机自启:
systemctl enable keepalived
- 启动:
systemctl start keepalived
- 重启:
systemctl restart keepalived
- 关闭:
systemctl stop keepalived
- 查看运行状态:
systemctl status keepalived
- 重新加载service文件:
-
keepalived的默认日志在/var/log/messages下, 修改日志方法参考这个
-
防火墙放行vrrp通信:
firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent
-
防火墙重载:
firewall-cmd --reload
-
检查通信是否正常:
tcpdump -i eth0-nn host 224.0.0.18
, 只有一个等级高为正常 -
通过访问虚拟ip查看是否由正在工作的主或备来处理ip内的请求.