CentOS6.5环境配置笔记
一、概述
服务器系统重装,配置应用运行环境
CentOS6.5 x64
二、修改密码
重新设置登录密码
$passwd 或 $passwd root
三、配置端口号及防火墙
注意:修改ssh端口号和防火墙时,最好22端口都先不要屏蔽或移除,在新的端口号ssh登录访问没有问题后再移除,防止新的配置不生效导致无法访问。
$ vi /etc/sysconfig/iptables
修改默认22端口为64262
-A INPUT -p tcp --dport 64262 -j ACCEPT
限制3306端口只能内网可访问
-A INPUT -s 192.168.1.0/24 -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
重启防火墙使之生效
$/etc/init.d/iptables restart
或
$ service iptables restart
查看已开放的端口
$ iptables -L -n
$ vi /etc/ssh/sshd_config
重新启动ssh服务
$ /etc/init.d/sshd restart
四、修改主机名
修改主机名
$ vi /etc/sysconfig/network
#centos7
$ vi /etc/hostname
重启服务器生效
$ reboot
修改hosts文件
$ vi /etc/hosts
五、安装Tengine(Nginx)
$ yum install -y gcc gcc-c++ make zlib zlib-devel pcre pcre-devel openssl openssl-devel
依赖Lua安装
yum -y install readline readline-devel
wget http://www.lua.org/ftp/lua-5.3.0.tar.gz
tar xvf lua-5.3.0.tar.gz
cd lua-5.3.0/
make && make install
cd ..
wget http://luajit.org/download/LuaJIT-2.0.3.tar.gz
tar xvf LuaJIT-2.0.3.tar.gz
cd LuaJIT-2.0.3/
make && make install
ln -s /usr/local/lib/libluajit-5.1.so.2 /lib64/libluajit-5.1.so.2
export LUAJIT_LIB=/usr/local/lib
export LUAJIT_INC=/usr/local/include/luajit-2.0/
$ wget http://www.zlib.net/zlib-1.2.11.tar.gz
解压到 /usr/local/src/zlib-1.2.11
$ wget http://www.canonware.com/download/jemalloc/jemalloc-3.6.0.tar.bz2
解压到 /usr/local/src/jemalloc-3.6.0
(先yum -y install bzip2 然后 tar jxvf jemalloc-3.6.0.tar.bz2)
$ cd /usr/local/src/
$ wget http://tengine.taobao.org/download/tengine-2.2.0.tar.gz
$ tar xvf tengine-2.2.0.tar.gz
$ cd tengine-2.2.0
$ ./configure --prefix=/usr/local/tengine
--with-pcre
--with-zlib=/usr/local/src/zlib-1.2.11
--with-jemalloc=/usr/local/src/jemalloc-3.6.0
--with-http_gzip_static_module
--with-http_realip_module
--with-http_stub_status_module
--with-http_lua_module
--with-http_ssl_module
--with-http_concat_module
--with-ld-opt="-Wl,-rpath,$LUAJIT_LIB"
$ make && make install
/usr/local/tengine/sbin/nginx 启动
/usr/local/tengine/sbin/nginx -t 检查nginx.conf语法
/usr/local/tengine/sbin/nginx -s reload 使nginx.conf修改即时生效
设置Nginx开机启动
系统用户登录系统后启动的服务目录
/usr/lib/systemd/system
如需要开机没有登陆情况下就能运行的程序在系统目录内
/lib/systemd/system
希望系统开机就启动目录,所以把文件放在系统目录内
vi /lib/systemd/system/nginx.service 创建文件
[Unit]
Description=The nginx HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/tengine/logs/nginx.pid
ExecStartPre=/usr/local/tengine/sbin/nginx -t
ExecStart=/usr/local/tengine/sbin/nginx -c /usr/local/tengine/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
Nginx服务相关命令
chmod 745 /lib/systemd/system/nginx.service
启动nginx服务
systemctl start nginx.service
设置开机自启动
systemctl enable nginx.service
停止开机自启动
systemctl disable nginx.service
查看服务当前状态
systemctl status nginx.service
重新启动服务
systemctl restart nginx.service
查看所有已启动的服务
systemctl list-units --type=service
六、安装JDK1.7
$ mkdir /usr/java/
$ cd /usr/java/
$ wget https://files.eveoh.nl/jdk-7u80-linux-x64.tar.gz
$ tar xvf jdk-7u80-linux-x64.tar.gz
配置Java环境
vi /etc/profile
底部追加
export JAVA_HOME=/usr/java/jdk1.7.0_80
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin
#让配置生效
$ source /etc/profile
#验证
$ java -version
七、安装Tomcat7
$ wget http://mirrors.hust.edu.cn/apache/tomcat/tomcat-7/v7.0.77/bin/apache-tomcat-7.0.77.tar.gz
$ tar xvf apache-tomcat-7.0.76.tar.gz
$ mv apache-tomcat-7.0.76 tomcat-myapp
//server.xml
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="1000" minSpareThreads="20" maxIdleTime="60000"/>
<Connector executor="tomcatThreadPool"
port="8070" protocol="HTTP/1.1"
connectionTimeout="30000"
maxHttpHeaderSize="8192"
maxThreads="1000"
processorCache="1000"
acceptCount="1000"
minSpareThreads="100"
enableLookups="false"
URIEncoding="UTF-8"
redirectPort="8443" />
//catalina.sh
如果依赖的jdk版本和系统默认版本不一致,则需显式指定使用的jdk版本
export JAVA_HOME=/usr/java/jdk1.7.0_80
export JRE_HOME=/usr/java/jdk1.7.0_80/jre
优化参数(具体根据系统内存大小设置):
export CATALINA_OPTS="-Xmx2048m -XX:MaxPermSize=512m"
如果出现日志乱码问题,在catalina.sh和daemon.sh中增加如下参数配置:
export JAVA_OPTS="-Djavax.servlet.request.encoding=UTF-8 -Dfile.encoding=UTF-8 -Duser.language=zh_CN -Dsun.jnu.encoding=UTF-8"
八、安装其他
yum -y install wget
yum -y install openssh
systemctl start sshd
systemctl status sshd
systemctl enable sshd #设置开机自启动
yum -y install http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm
locate命令安装
yum -y install mlocate
updatedb
九、应用部署用到的一些命令
svn up
mvn clean compile -U package -Dmaven.test.skip=true
从另一台服务器下载文件
scp -P22 root@192.168.1.135:/data/code/myproject/target/myproject.war ./
从本地上传到另一台服务器
scp -P22 /data/code/myproject/target/myproject.war root@192.168.1.134:/data/production/tomcat-myproject/webapps/ROOT/
解压war文件
jar -xvf /myproject.war
打包tar.gz
tar -czf tomcat-myproject.tar.gz tomcat-myproject
ssh登录到另一台服务器
ssh 192.168.1.134 -l root -p 22
查看nscd是否启用:
$ ps -ef|grep nscd
直接关闭Linux nscd 缓存服务:
/etc/init.d/nscd stop
/etc/init.d/nscd restart
/usr/local/keepalived/sbin/keepalived -D -f /etc/keepalived/keepalived.conf
tcpdump -i em1 -n 'host 224.0.0.18'
ip a
查看log消息:
tail -f /var/log/messages
journalctl -xe
/etc/init.d/keepalived restart
建立软连接
ln -s /home/data_production/tomcat-myproj/ /data/production/tomcat-myproj/
十、配置优化
1.MySQL
mysql>show variables like 'max_connections';(查可以看当前的最大连接数)
mysql>set global max_connections=10000;
mysql>show global status like 'open%tables%';
mysql>show variables like 'table_open_cache';
mysql>set global table_open_cache=8192;
MySQL 5.6下table_open_cache参数合理配置详解
http://www.cnblogs.com/fjping0606/p/6531292.html
innodb_buffer_pool_size参数设置-重要(my.conf)
Mysql重要配置参数的整理2
http://www.cnblogs.com/zengkefu/p/5601137.html
max_allowed_packet=20M
key_buffer_size = 1024M
sort_buffer_size = 32M
read_buffer_size = 32M
join_buffer_size = 32M
myisam_max_sort_file_size = 100G
myisam_sort_buffer_size=64M
参考 http://git.oschina.net/oschina/oschina-config/blob/master/mysql/my.cnf
2.Nginx
nginx中的超时设置
http://www.cnblogs.com/discuss/articles/1866851.html
3.ActiveMQ
Centos6.5 下的 ActiveMQ 5.14.2 的安装与配置
http://blog.csdn.net/esinzhong/article/details/53612054
4.Tomcat
4.1JVM参数的优化
4.2TOMCAT自身的配置
TOMCAT7 生产环境优化
http://energykey.iteye.com/blog/2072797
Tomcat7并发优化
http://blog.csdn.net/qlp3643_1/article/details/51285503
5.Redis
Redis客户端常见异常分析
https://cachecloud.github.io/2016/11/17/Redis%E5%AE%A2%E6%88%B7%E7%AB%AF%E5%B8%B8%E8%A7%81%E5%BC%82%E5%B8%B8%E5%88%86%E6%9E%90/
6.Linux
sysctl.conf学习和调优
http://www.jianshu.com/p/9a8e383b5b49
设置Sysctl.conf用以提高Linux的性能(最完整的sysctl.conf优化方案)
http://blog.csdn.net/21aspnet/article/details/6584792
linux下高并发网络应用注意事项
http://www.blogjava.net/bacoo/archive/2012/06/11/380500.html
sysctl.conf文件详解
http://www.cnblogs.com/Rosanna/p/3446557.html
(转) Linux调优方案,sysctl.conf的设置
http://www.cnblogs.com/ywcz060/p/5624050.html
第十一章 netfilter iptables全攻略
https://wenku.baidu.com/view/56d3b109a6c30c2259019edd.html
http://www.opsers.org/videos/chapter-netfilter-iptables-raiders.html
CentOS6.6 yum安装percona mysql5.6
http://www.jianshu.com/p/10ca79864f59
十一、数据库恢复
TB级mysql数据之xtrabackup压缩备份迁移方案
http://www.xker.com/page/e2015/07/210707.html
一次mysql数据库迁移的过程记录
http://blog.csdn.net/yumushui/article/details/40857321
利用xtraBackup实现不停master服务做主从同步
http://shineforever.blog.51cto.com/blog/1429204/1684335
通过 XtraBackup 实现不停机不锁表搭建主从同步
https://segmentfault.com/a/1190000002575399
XtraBackup备份恢复mysql
http://www.ttlsa.com/mysql/xtrabackup-backup-restore-mysql/
Xtrabackup备份mysql实战(做从库全过程)
http://navyaijm.blog.51cto.com/4647068/1422229/
MySQL · 物理备份 · Percona XtraBackup 备份原理
http://mysql.taobao.org/monthly/2016/03/07/
使用xtrabackup进行MySQL数据库备份
http://www.toxingwang.com/database/mysql/1539.html
Xtrabackup 备份大数据库(全量备份和增量备份)
http://www.linuxidc.com/Linux/2016-07/133517.htm
mysql xtrabackup在线备份还原(全备+增备)
https://yq.aliyun.com/articles/43418
----------------------------------------------
centos7 关闭firewall安装iptables并配置
http://linux.it.net.cn/CentOS/fast/2015/0110/11567.html
9个常用iptables配置实例
http://www.cnblogs.com/bangerlee/archive/2013/02/27/2935422.html