BiuBiu

# Linux Centos7

# 一、虚拟机和基础

# ✔️安装VMware

我的阿里云盘:软件 虚拟机文件夹 images [CentOS-7-x86_64-Minimal-2009] 安装很简单,虚拟机创建就行

网络设置:导航栏“编辑”->“虚拟网络编辑器” ->NAT模式->NAT设置

记住NAT设置中的子网IP、子网掩码、网关IP三项,接下来配置文件主要是这三项

VMware虚拟机 CentOS 7 ping不通 报错:name or service not known_华尔街之程序员的博客-CSDN博客 (opens new window)

虚拟机ping不通,虚拟机突然网络全部连不上,network status 为active(exited):此电脑–>管理–>服务和应用管理:启动VMware DHCP Service和、VMware NAT Service、VMware Workstation Server就好了

  1. 设置网卡

由于虚拟机安装完网络是DHCP自动分配,下次连接可能IP就变了,所以修改网卡设置为静态IP

vi /etc/sysconfig/network-scripts/ifcfg-ens33

 BOOTPROTO=dhcp
 ONBOOT=yes # 需要启动时启动网卡
 
 #修改为下面这样
 TYPE=Ethernet
 PROXY_METHOD=none
 BROWSER_ONLY=no
 BOOTPROTO=static  # 1、改为静态
 DEFROUTE=yes
 IPV4_FAILURE_FATAL=no
 IPV6INIT=yes
 IPV6_AUTOCONF=yes
 IPV6_DEFROUTE=yes
 IPV6_FAILURE_FATAL=no
 IPV6_ADDR_GEN_MODE=stable-privacy
 NAME=ens33
 UUID=5428425a-7619-4f56-9af8-9d7ca23fb0e0
 DEVICE=ens33
 ONBOOT=yes  # 2、开启开机自启
 IPADDR=192.168.186.155  # 3、设置Ip地址,根据自己需要设置
 NETMASK=255.255.255.0   # 4、子网掩码,固定的
 GATEWAY=192.168.186.2	 # 5、网关,再虚拟机上设置好 (网关等信息在VMware的编辑-虚拟网络编辑器里VMnet8)
 DNS1=8.8.8.8            # 6、DNS域名解析服务器,可以不用动
 
 # 重启网卡
 systemctl restart network
 ping baidu.com # 测试
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

远程连接 XShell MobaXterm等 或者命令行用ssh连接 : ssh root@192.168.186.155

查看分配的内存 free -m

查看CPU cat /proc/cpuinfo 或者 top

查看操作系统 cat /etc/redhat-release

# ✔️Vim编辑器

# ✔️防火墙

检查防火墙是否开放的端口

  1. 查看状态防火墙状态 firewall-cmd --state
  2. 禁止防火墙开机自启 systemctl disable firewalld.service
  3. 启动防火墙 systemctl start firewalld.service
  4. 关闭防火墙 systemctl stop firewalld.service
  5. 重启防火墙 firewall-cmd --reload
  6. 查看端口是否开启 firewall-cmd --query-port=80/tcp
  7. 查看防火墙开放的端口 firewall-cmd --list-ports
  8. 开放端口
    • firewall-cmd --zone=public --add-port=80/tcp --permanent
    • firewall-cmd --add-port=8080/tcp
    • firewall-cmd --add-port=8080/tcp --permanent
  9. 关闭端口 firewall-cmd --zone=public --remove-port=8080/tcp --permanent
  10. 防火墙指定端口和ip访问 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.201" port protocol="tcp" port="8080" accept
  11. 防火墙移除端口和ip访问 firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.1.201" port protocol="tcp" port="8080" accept

远程服务器复制目录到当前路径

scp -r root@192.168.1.222:/opt/my.cnf ./

查看端口是否被占用

netstat -tunlp

netstat -tunlp |grep 22

# 二、配置yum源和软件安装

阿里云的yum源:https://developer.aliyun.com/mirror/

# 0.先安装一个工具wget
yum install wget -y

# 1. 备份源镜像源
cd /etc/yum.repos.d/
mkdir repobak
mv ./* repobak/

# 2. 下载阿里云镜像源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

# 3. 下载epel源
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo

# 4. 清空以前的yum缓存,生成阿里云的缓存
yum clean all
yum makecache

# 5. 安装c/c++编译工具
yum install -y gcc gcc-c++ autoconf automake make

# 6. 比如安装其他软件
yum install nginx -y 
systemctl start nginx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

# ✔️安装nginx

# ✔️安装JDK和Maven

方式一、下载tar包离线安装

jdk-8u181-linux-x64.tar.gz

apache-maven-3.8.6-bin.tar.gz

步骤

  • 创建目录 mkdir -p /opt/app /opt/software

    /opt/app 存放安装包

    /opt/software 存放解压后的

  • 上传安装包到 /opt/app下

  • 解压
    tar -xvzf jdk-8u181-linux-x64.tar.gz -C /opt/software tar -xvzf apache-maven-3.8.6-bin.tar.gz -C /opt/software

  • 配置maven
    创建仓库本地仓库 /opt/software/apache-maven-3.8.6/ck
    配置阿里云仓库

  • Linux下Java环境变量 Linux下JDK,maven配置 vi /etc/profile source /etc/profile

     # Maven Environment Config
 export M2_HOME=/opt/software/apache-maven-3.8.6
 export PATH=$PATH:$JAVA_HOME/bin:$M2_HOME/bin
 # Java Environment Config
 export JAVA_HOME=/opt/software/jdk1.8.0_181
 export JRE_HOME=${JAVA_HOME}/jre
 export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
 export PATH=${JAVA_HOME}/bin:$PATH
    1
    2
    3
    4
    5
    6
    7
    8
  1. 验证 java -version mvn -v

方式二、yum安装jdk

  1. 检索可用包 yum search java | grep jdk
  2. 安装 yum install -y java-1.8.0-openjdk

启动部署

  • 后台启动jar包 nohup java -jar demo.jar & 会在当前路径下生成一个nohup.out的日志文件
  • 日志文件指定路径 nohup java -jar demo.jar >mylog.log 2>&1 &
  • 不输出日志 nohup java -jar demo.jar >/dev/null 2>&1 &

# ✔️Docker部署Jenkins

1. 安装Jenkins

  1. 启动容器
docker run -di \
--name=jenkins \
-p 8080:8080 \
-v /root/jenkins_home/:/var/jenkins_home \
-v /opt/software/jdk1.8.0_181:/opt/software/jdk1.8.0_181 \
-v /opt/software/apache-maven-3.8.6:/opt/software/apache-maven-3.8.6 \
-v $(which docker):/usr/bin/docker \
-v /var/run/docker.sock:/var/run/docker.sock \
jenkins/jenkins:lts
1
2
3
4
5
6
7
8
9

  1. 进入页面 http://192.168.198.128:8080 docker logs jenkins 可以看到密码,输入密码 103031818d754c2897739d6010c0448d 安装推荐的插件 创建第一个管理员用户,一路保存完成即可 开始使用Jenkins

  2. 插件配置 Manage Jekins > 插件管理 可选插件 搜索即可

  3. 安装SSH插件 docker restart jenkins 重启jenkins

  4. 添加ssh登录账号凭据 系统管理 > Manage Credentials > Stores scoped to Jenkins 点全局 添加凭据 输入用户名、密码、ID、描述(Linux服务器账号密码)

  5. 配置全局SSH 系统管理 > 系统配置 > SSH remote hosts 点击新增 输入 Hostname Port=22 选择 Credentials=我们刚新增的linux服务器账号密码 点击保存

  6. 配置jdk和maven (我们-v挂载过)这里需要的是Docekr里的路径 点击系统管理,找到全局工具配置 jdk1.8 /opt/software/jdk1.8.0_181 maven3.8.6 /opt/software/apache-maven-3.8.6

2. 插件安装

  1. publish over ssh

    配置应用器服务器 ip+账户

    可以传jar包到指定的服务器,并启动jar

# 三、使用Jenkins部署项目

https://gitee.com/baijq/jenkins-test.git

  1. 新建任务 创建一个自由风格项目
  2. 添加git凭据 url Credentials(和添加服务器账号一样)
  3. Build Steps 选择调用顶层Maven Maven 版本选择我们配置的那个 目标=clean package POM=pom.xml(点击高级出现)
  4. 增加构建执行shell
#!/bin/bash
# 服务名称
SERVER_NAME=jenkins

# 源jar名称,mvn打包之后,target目录下的jar包名称
JAR_NAME=demo-0.0.1-SNAPSHOT

# jenkins下的目录
JENKINS_HOME=/var/jenkins_home/workspace/jenkins

# 等待三秒
echo sleep 3s
sleep 1
echo sleep 2s
sleep 1
echo sleep 1s
sleep 1
      
echo "结束进程完成"

cd $JENKINS_HOME/target

cp $JENKINS_HOME/Dockerfile $JENKINS_HOME/target

# 修改文件权限
chmod 755 $JAR_NAME.jar

echo "看看docker能不能用"
docker -v

echo "停止容器"
# 停止容器
docker stop springboot

echo "删除容器"
# 删除容器
docker rm springboot
echo "删除镜像"
# 删除镜像
docker rmi springboot
echo "打包镜像"
# 打包镜像
docker build -t springboot .
echo "运行镜像"
# 运行镜像
docker run -d -p 8081:8081 --name springboot springboot
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
  1. 立即构建 可以查看控制台

# 报错信息

[INFO] Scanning for projects... Downloading from aliyunmaven: https://maven.aliyun.com/repository/public/org/springframework/boot/spring-boot-starter-parent/2.3.2.RELEASE/spring-boot-starter-parent-2.3.2.RELEASE.pom [WARNING] Failed to create parent directories for tracking file /opt/software/apache-maven-3.8.6/ck/org/springframework/boot/spring-boot-starter-parent/2.3.2.RELEASE/spring-boot-starter-parent-2.3.2.RELEASE.pom.lastUpdated [ERROR] [ERROR] Some problems were encountered while processing the POMs: [FATAL] Non-resolvable parent POM for com.example:jenkins-test:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.3.2.RELEASE from/to aliyunmaven (https://maven.aliyun.com/repository/public): /opt/software/apache-maven-3.8.6/ck/org/springframework/boot/spring-boot-starter-parent/2.3.2.RELEASE/spring-boot-starter-parent-2.3.2.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 6, column 13 @ [ERROR] The build could not read 1 project -> [Help 1] [ERROR]
[ERROR] The project com.example:jenkins-test:0.0.1-SNAPSHOT (/var/jenkins_home/workspace/jenkins-test/pom.xml) has 1 error [ERROR] Non-resolvable parent POM for com.example:jenkins-test:0.0.1-SNAPSHOT: Could not transfer artifact org.springframework.boot:spring-boot-starter-parent:pom:2.3.2.RELEASE from/to aliyunmaven (https://maven.aliyun.com/repository/public): /opt/software/apache-maven-3.8.6/ck/org/springframework/boot/spring-boot-starter-parent/2.3.2.RELEASE/spring-boot-starter-parent-2.3.2.RELEASE.pom.part.lock (No such file or directory) and 'parent.relativePath' points at no local POM @ line 6, column 13 -> [Help 2] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException [ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException Build step 'Invoke top-level Maven targets' marked build as failure Finished: FAILURE

解决方案 #递归修改文件的权限必须要加参数"-R" sudo chmod -R 777 /opt/software/apache-maven-3.8.6

# 报错信息

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/springboot/stop": dial unix /var/run/docker.sock: connect: permission denied

解决方案 chmod a+rw /var/run/docker.sock

# 四、SpringBoot项目设置开机自启

最好用jar包名称作为脚本名称

  1. 创建service文件 cd /etc/systemd/system/

vi java.service

内容如下:

[Unit] 
Description=java
After=syslog.target

[Service] 
Type=simple
# 这个就是执行的命令,比如 执行shell  `ExecStart=/usr/bin/sh /home/app/job.sh start`
ExecStart= /usr/jdk1.8.0_281/bin/java -jar /usr/local/springboot.jar

[Install] 
WantedBy=multi-user.target
1
2
3
4
5
6
7
8
9
10
11

  1. 添加执行权限
    chmod +x /etc/systemd/system/java.service

  2. 重新加载服务
    systemctl daemon-reload

  3. 启动服务并加入开机自启
    systemctl start java.service systemctl enable java.service

查看是否成功 systemctl list-unit-files | grep enabled | grep xtde-xxl-job.service

开机自启 systemctl enable demo.service
关闭自启 systemctl disable demo.service
启动服务:systemctl start demo.service
停止服务:systemctl stop demo.service
重启服务:systemctl restart demo.service
查看服务状态:systemctl status demo.service

Tomcat的Demo

Description=TomcatXX

After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking

#自己项目的启动脚本 全路径
ExecStart=/usr/bin/sh /home/qtan/bin/start.sh
#自己项目的停止脚本 全路径
ExecStop=/usr/bin/sh /home/qtan/bin/stop.sh

PrivateTmp=true

[Install]
WantedBy=multi-user.target
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

# 五、centos 堡垒机 jumpserver

# 1. linux系统设置

  1. 修改主机名

    hostnamectl set-hostname jumpserver
    1

  2. 关闭防火墙

    iptables -F  # 清空规则
systemctl disable firewalld  # 禁止开机自己
systemctl stop firewalld  # 停止防火墙服务
    1
    2
    3

  3. 配置阿里yum源

    # 下载阿里云镜像源和epel源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
yum cleann all  # 清空原yum缓存
yum makecache  # 生成新yum缓存
    1
    2
    3
    4
    5

  4. 安装系统初始化软件

    yum install -y bash-completion vim lrzsz wget expect net-tools nc nmap tree dos2unix htop iftop iotop unzip telnet sl psmisc nethogs glance bc ntpdate openldap-devel
    1

  5. 安装jumpserver所需依赖环境

    yum install -y git python-pip gcc gcc-c++ autoconf automake make python-devel sshpass readline-devel zlib zlib-devel openssl openssl-devel
    1

  6. 修改系统字符集 修改为中文

    localedef -c -f UTF-8 -i -zh_CN zh_CN.UTF-8
export LC_ALL=zh_CN.UTF-8
# 吧修改字符集的命令写入全局配置文件
echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf
    1
    2
    3
    4

  7. 检查系统编码

    locale
    1

# 2. MySQL环境

  1. 准备jumpserver所需要的数据库环境
create database jumpserver default charset 'utf8' collate 'utf8_bin';
create  user 'jumpserver'@'%' IDENTIFIED BY 'admin@123';
grant all privileges on jumpserver.* to 'jumpserver'@'%' IDENTIFIED BY 'admin@123';
flush privileges;
1
2
3
4

# 3. python3 环境

  1. 安装python3

    # 下载python3的源代码
cd /home/python3 && \
wget  https://www.python.org/ftp/python/3.6.10/Python-3.6.10.tgz

# 开始源码安装,编译三部曲
tar -xvzf Python-3.6.10.tgz -C ./
./configure --prefix=/opt/python3.6.10/ 
make && make install
# 配置环境变量
cd /opt/python3/python3.6.10/bin
vim /etc/profile
# 添加环境变量
PATH="/opt/python3/python3.6.10/bin:$PATH"
source /etc/profile
echo $PATH  # 查看是否成功
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15

  2. python 创建虚拟环境

    pip3 install virtualenv
# pip3很慢,可以修改pip3为阿里云源
mkdir ~/.pip
vim ~/.pip/pip.conf
[global]
index-url=https://mirrors.aliyun.com/pypi/simple/
# 创建虚拟解释器
virtualenv --python=python3 py3_venv1
# 激活虚拟解释器
source /opt/puthon3/py3_venv1/bin/activate
# 退出 
deactivate
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12

    如果安装过程报错,缺少ssl啥的 需要安装openssl 重新卸载重新编译安装python3

    yum install -y openssl openssl-devel

  3. 安装jumpserver服务

# 获取程序源代码
wget https://github.com/jumpserver/jumpserver/releases/download/v2.1.0/jumpserver-v2.1.0.tar.gz
# 官网查看安装步骤
1
2
3

# 六、linux部署springboot脚本

# 参考一

#!/bin/bash
#设置环境变量
export JAVA_HOME=/usr/local/jdk1.8.0_181
export JRE_HOME=/$JAVA_HOME/jre
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
 
#这里可替换为你自己的执行程序,其他代码无需更改
APP_NAME=filename.jar
#使用说明,用来提示输入参数
usage() {
    echo "Usage: sh restart.sh [start|stop|restart|status]"
    exit 1
}
 
#检查程序是否在运行
#grep -v反选匹配 awk指定文件某一行
is_exist(){
  pid=`ps -ef|grep $APP_NAME|grep -v grep|awk '{print $2}'`
  #如果不存在返回1,存在返回0    
  if [ -z "${pid}" ]; then
   return 1
  else
    return 0
  fi
}
 
#启动方法
start(){
  is_exist
  if [ $? -eq 0 ]; then
    echo "${APP_NAME} is already running. pid=${pid}"
  else
    nohup java -jar ${APP_NAME} --spring.profiles.active=uat >/null 2>&1 &
  fi
}
 
#停止方法
stop(){
  is_exist
  if [ $? -eq "0" ]; then
    kill -9 $pid
  else
    echo "${APP_NAME} is not running"
  fi 
}
 
#输出运行状态
status(){
  is_exist
  if [ $? -eq "0" ]; then
    echo "${APP_NAME} is running. Pid is ${pid}"
  else
    echo "${APP_NAME} is NOT running."
  fi
}
 
#重启
restart(){
  stop
  sleep 5
  start
}
 
#根据输入参数,选择执行对应方法,不输入则执行使用说明
case "$1" in
  "start")
    start
    ;;
  "stop")
    stop
    ;;
  "status")
    status
    ;;
  "restart")
    restart
    ;;
  *)
    usage
    ;;
esac
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

# 参考二

#!/bin/bash
#这里可替换为你自己的执行程序,其他代码无需更改
JAR_NAME=xtde-admin.jar

#使用说明,用来提示输入参数
usage() {
 echo "Usage: sh waffmini.sh [start|stop|restart|status]"
 exit 1
}
 
#检查程序是否在运行
is_exist(){
 pid=`ps -ef|grep $JAR_NAME|grep -v grep|awk '{print $2}' `
 #如果不存在返回1,存在返回0 
 if [ -z "${pid}" ]; then
 return 1
 else
 return 0
 fi
}

#启动方法
start(){
 is_exist
 if [ $? -eq "0" ]; then
 echo "${JAR_NAME} is already running. pid=${pid} ."
 else
# nohup java -jar $JAR_NAME> /usr/local/jar/log/logFileName1.file 2>&1 &
  nohup java -jar $JAR_NAME> /dev/null 2>&1 &
# nohup java -Xmx256m -Xms128m -jar $JAR_NAME &
  echo "${JAR_NAME} start success"
  tail -f nohup.out
 fi
}

#停止方法
stop(){
 is_exist
 if [ $? -eq "0" ]; then
 kill -9 $pid
 else
 echo "${JAR_NAME} is not running"
 fi
}

#输出运行状态
status(){
 is_exist
 if [ $? -eq "0" ]; then
 echo "${JAR_NAME} is running. Pid is ${pid}"
 else
 echo "${JAR_NAME} is NOT running."
 fi
}

#重启
restart(){
 stop
 start
}

#根据输入参数,选择执行对应方法,不输入则执行使用说明
case "$1" in
 "start")
 start
 ;;
 "stop")
 stop
 ;;
 "status")
 status
 ;;
 "restart")
 restart
 ;;
 *)
 usage
 ;;
esac
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

sh restart.sh [start|stop|restart|status]

总结:

  1. 一般情况下,使用 nohup java -jar xxx.jar & 实现jar包启动
  2. 生产环境不需要默认的nohup.out配置,可以使用如下命令 nohup java -jar xxxx.jar >``/dev/null 2>&1 &