0.安装SSH登录
1.生成公钥对
ssh-keygen -t rsa -P ''
-P表示密码,-P '' 就表示空密码,也可以不用-P参数,这样就要三车回车,用-P就一次回车。
它在/home/chenlb下生成.ssh目录,.ssh下有id_rsa和id_rsa.pub。
如果是windows下面的话是在:
2.把A机下的id_rsa.pub复制到服务器,
用sftp复制或者scp复制均可以
3.服务器把从复制的id_rsa.pub添加到当前用户目录的.ssh/authorzied_keys文件里。
[root@iz2ze46xi6pjjj69ailg9lz ~]# cat ./.ssh/id_rsa.pub >> .ssh/authorized_keys
[root@iz2ze46xi6pjjj69ailg9lz ~]# chmod 600 .ssh/authorized_keys
1.安装JDK环境:
1.将JDk.tar.gz上传到linux服务器
2.解压jdkxxx.tar.gz
例如:
[root@VM_0_12_centos java]# pwd /opt/java [root@VM_0_12_centos java]# ls jdk1.7.0_80 jdk-7u80-linux-x64.tar.gz
3.将JDK添加到环境变量中:参考(http://www.cnblogs.com/qlqwjy/p/8575700.html)
(1)我采用的是vi /etc/profile的方式修改的环境变量(最后四行加入如下代码:)
export JAVA_HOME=/opt/java/jdk1.7.0_80
export JRE_HOME="$JAVA_HOME"/jre
export CLASSPATH=.:"${JAVA_HOME}"/lib:"${JRE_HOME}"/lib
export PATH="${PATH}":${JAVA_HOME}/bin
注意:
export命令用于将shell变量输出为环境变量,或者将shell函数输出为环境变量。
linux与windows环境变量的分隔符不同,linux是:(冒号),而windows是;(分号)。
(2)使修改的变量立马生效:
source /etc/profile
source命令通常用于重新执行刚修改的初始化文件,使之立即生效,而不必注销并重新登录。因为linux所有的操作都会变成文件的格式存在。
(3)测试环境变量:
root查看环境变量:
[root@VM_0_12_centos /]# pwd
/
[root@VM_0_12_centos /]# java -version
java version "1.7.0_80"
Java(TM) SE Runtime Environment (build 1.7.0_80-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.80-b11, mixed mode)
[root@VM_0_12_centos /]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/mongodb-linux-x86_6
4-3.0.6/bin/:/root/bin:/opt/java/jdk1.7.0_80/bin
普通用户查看环境变量:
[qlq@VM_0_12_centos ~]$ pwd
/home/qlq
[qlq@VM_0_12_centos ~]$ java -version
java version "1.7.0_80"
Java(TM) SE Runtime Environment (build 1.7.0_80-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.80-b11, mixed mode)
[qlq@VM_0_12_centos ~]$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/opt/java/jdk1.7.0_80/bin:/us
/local/mongodb-linux-x86_64-3.0.6/bin/:/root/bin
[qlq@VM_0_12_centos ~]$
(4)编写java文件运行:
[root@VM_0_12_centos java]# vi ./test.java
[root@VM_0_12_centos java]# cat ./test.java
public class test{
public static void main(String []a){
System.out.print("hello word!");
}
}
[root@VM_0_12_centos java]# javac ./test.java
[root@VM_0_12_centos java]# java test
hello word!
2.安装Tomcat环境:
1.将tomcat上传到服务器
2.解压xxx.tar.gz
tar -xzvf apache-tomcat-7.0.72.tar.gz
3.编辑环境变量: vi /etc/profile的方式修改的环境变量(最后一行行加入如下代码:)
export CATALINA_HOME=/opt/apache-tomcat/apache-tomcat-7.0.72
source /etc/profile
4.测试tomcat是否能正确启动:
(1)启动tomcat
[root@VM_0_12_centos bin]# ${CATALINA_HOME}/bin/startup.sh
Using CATALINA_BASE: /opt/apache-tomcat/apache-tomcat-7.0.72
Using CATALINA_HOME: /opt/apache-tomcat/apache-tomcat-7.0.72
Using CATALINA_TMPDIR: /opt/apache-tomcat/apache-tomcat-7.0.72/temp
Using JRE_HOME: /opt/java/jdk1.7.0_80/jre
Using CLASSPATH: /opt/apache-tomcat/apache-tomcat-7.0.72/bin/bootstrap.jar
:/opt/apache-tomcat/apache-tomcat-7.0.72/bin/tomcat-juli.jar
Tomcat started.
(2)开放8080端口,并用curl访问8080端口
[root@VM_0_12_centos ~]# iptables -I INPUT -p tcp --dport 8080 -j ACCEPT #开启8080端口
[root@VM_0_12_centos ~]# service iptables save #永久保存(前提是安装iptables.service)
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@VM_0_12_centos ~]# curl localhost:8080
<!DOCTYPE html> <html lang="en"> <head> <title>Apache Tomcat/7.0.72</title> <link href="favicon.ico" rel="icon" type="image/x-icon" /> <link href="favicon.ico" rel="shortcut icon" type="image/x-icon" /> <link href="tomcat.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="wrapper"> <div id="navigation" class="curved container"> <span id="nav-home"><a href="http://tomcat.apache.org/">Home</a> </span> <span id="nav-hosts"><a href="/docs/">Documentation</a></span> <span id="nav-config"><a href="/docs/config/">Configuration</a>< /span> <span id="nav-examples"><a href="/examples/">Examples</a></span>
...............
5.编写脚本让tomcat开机启动:
(1)在/etc/rc.d/ini.d/目录下新建tomcat文件,内容如下:
#!/bin/bash
#chkconfig: 2345 80 90
#description:tomcat
#input(start stop status) to operate tomcat service
#start funciton(start tomcat service use /opt/apache-tomcat/apache-tomcat-7.0.72
/bin/start.sh)
export CATALINA_HOME=/opt/apache-tomcat/apache-tomcat-7.0.72
export JAVA_HOME=/opt/java/jdk1.7.0_80
export JRE_HOME="$JAVA_HOME"/jre
start(){
/usr/bin/sh "${CATALINA_HOME}"/bin/startup.sh
if [ "$?" != "0" ]
then
echo "service is not success start"
else
echo "service is success start!"
fi
exit 1
}
#stop function
stop(){
/usr/bin/sh "${CATALINA_HOME}"/bin/shutdown.sh
if [ "$?" != "0" ]
then
echo "service is not success stop"
else
echo "service is success stop!"
fi
}
#status function
status(){
/usr/bin/ps -le | /usr/bin/grep java >/dev/null 2> /dev/null
if [ "$?" != "0" ]
then
echo "service is not start"
else
echo "service is running!"
fi
}
#read input and dispose function
input=${1}
case ${input} in
start)
start
;;
stop)
stop
;;
status)
status
;;
*)
echo "please use {start to start tomcat,stop to stop tomcat,status to re
ad tomcat status!}"
esac
脚本解释:
status:根据进程中是否有java相关进程,判断服务是否开启
start:到tomcat安装目录下,执行startup.sh
stop:到tomcat安装目录下,执行shutdown.sh
(注意前三行是声明环境变量是必须的)
(2)赋予可运行权限:
[root@VM_0_12_centos init.d]# chmod +x tomcat
[root@VM_0_12_centos init.d]# ll | grep tomcat
-rwxr-xr-x 1 root root 1029 Apr 6 12:38 tomcat
(3)测试脚本:
[root@VM_0_12_centos init.d]# service tomcat start
Using CATALINA_BASE: /opt/apache-tomcat/apache-tomcat-7.0.72
Using CATALINA_HOME: /opt/apache-tomcat/apache-tomcat-7.0.72
Using CATALINA_TMPDIR: /opt/apache-tomcat/apache-tomcat-7.0.72/temp
Using JRE_HOME: /opt/java/jdk1.7.0_80/jre
Using CLASSPATH: /opt/apache-tomcat/apache-tomcat-7.0.72/bin/bootstrap.jar
:/opt/apache-tomcat/apache-tomcat-7.0.72/bin/tomcat-juli.jar
Tomcat started.
service is success start!
[root@VM_0_12_centos init.d]# service tomcat status
service is running!
(6)让tomcat服务开机启动,添加服务开机启动:(使用chkconfig --add 添加,参考:http://www.cnblogs.com/qlqwjy/p/7746184.html)
[root@VM_0_12_centos init.d]# chkconfig --list #查看服务列表
netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@VM_0_12_centos init.d]# chkconfig --add tomcat #添加tomcat服务开机启动
[root@VM_0_12_centos init.d]# chkconfig --list
netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
tomcat 0:off 1:off 2:on 3:on 4:on 5:on 6:off
2345分别对应的运行级别是多用户(没有NFS服务),多用户,暂留,GUI启动
查看/etc/rc.d/rc2.d:
[root@VM_0_12_centos init.d]# cd /etc/rc.d/rc2.d/
[root@VM_0_12_centos rc2.d]# ls
K50netconsole S10network S80tomcat
[root@VM_0_12_centos rc2.d]#
5.将对服务器80端口的访问转发到8080端口:
[root@VM_0_12_centos /]# iptables -t nat -L -n -v #查看地址表的规则
Chain PREROUTING (policy ACCEPT 477K packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 477K packets, 16M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 458K packets, 31M bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 458K packets, 31M bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE tcp -- * eth1 0.0.0.0/0 0.0.0.0/0
tcp dpt:80
[root@VM_0_12_centos /]# iptables -t nat -I PREROUTING -p tcp --dport 80 -j RED
IRECT --to-port 8080 #将80端口转发到8080端口
[root@VM_0_12_centos /]# iptables-save #使规则生效
# Generated by iptables-save v1.4.21 on Fri Apr 6 13:04:49 2018
*nat
:PREROUTING ACCEPT [10:344]
:INPUT ACCEPT [10:344]
:OUTPUT ACCEPT [10:675]
:POSTROUTING ACCEPT [10:675]
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A POSTROUTING -o eth1 -p tcp -m tcp --dport 80 -j MASQUERADE
COMMIT
# Completed on Fri Apr 6 13:04:49 2018
# Generated by iptables-save v1.4.21 on Fri Apr 6 13:04:49 2018
*filter
:INPUT ACCEPT [52609:4410485]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [46156:6499780]
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8010 -j ACCEPT
COMMIT
# Completed on Fri Apr 6 13:04:49 2018
[root@VM_0_12_centos /]# iptables -t nat -L -n -v #再次查看nat表规则
Chain PREROUTING (policy ACCEPT 13 packets, 428 bytes)
pkts bytes target prot opt in out source destination
0 0 REDIRECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 redir ports 8080
Chain INPUT (policy ACCEPT 13 packets, 428 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 12 packets, 810 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 12 packets, 810 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE tcp -- * eth1 0.0.0.0/0 0.0.0.0/0
tcp dpt:80
浏览器访问:
至此,tomcat搭建完成。
补充:
后来我将tomcat默认端口改为80,所以取消了上面的80端口转发到8080并设置tomcat为80端口:
(1)取消80转发到8080;
[root@VM_0_12_centos /]# iptables -t nat -D PREROUTING 1
iptables命令选项输入顺序:
iptables -t 表名 <-A/I/D/R> 规则链名 [规则号] <-i/o 网卡名> -p 协议名 <-s 源IP/源子网> --sport 源端口 <-d 目标IP/目标子网> --dport 目标端口 -j 动作
(2)修改tomcat默认端口为80(前提是nginx与apachehttpd开机不会占用80端口)
修改tomcat安装目录下/conf/server.xml的71行
参考:http://www.cnblogs.com/qlqwjy/p/8649695.html
Tomcat附加配置:优化
1.编写tomcat安装目录下,tomcat-users.xml添加角色和用户,可以远程部署项目:
<role rolename="tomcat"/> <role rolename="manager-gui"/> <role rolename="manager-status"/> <role rolename="manager-script"/> <role rolename="manager-jmx"/> <user username="tomcat" password="tomcat" roles="tomcat,manager-gui,manager-status,manager-script,manager-jmx"/>
2.增大JVM参数:
3.安装Mysql:
我的腾讯云是CentOS7,安装MySQL时,出现了以下的提示:
原因是:
CentOS7带有MariaDB而不是mysql
解决方案
如果必须要安装MySQL,首先必须添加mysql社区repo通过输入命令:sudo rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm,最后使用像安 装MySQL的常规方法一样安装mysql: yum install mysql mysql-server mysql-libs mysql-server
1.在线安装命令
yum -y install mysql-server
2.启动mysql
[root@VM_0_12_centos ~]# ps -le | grep mysql
[root@VM_0_12_centos ~]# service mysqld start #启动mysql
Redirecting to /bin/systemctl start mysqld.service
[root@VM_0_12_centos ~]# ps -le | grep mysql
4 S 27 4204 1 0 80 0 - 28313 wait ? 00:00:00 mysqld_safe
0 S 27 4371 4204 9 80 0 - 329148 poll_s ? 00:00:00 mysqld
启动命令也可以 /etc/rc.d/init.d/mysqld start
3.登录mysql并修改root密码:
mysql -uroot
use mysql;
mysql> update user set Password=PASSWORD("newword") where user='root'; #修改密码
Query OK, 4 rows affected (0.00 sec)
Rows matched: 4 Changed: 4 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
4.设置mysql服务开机自启动(我的是centos7,所以用systemctl)
[root@VM_0_12_centos ~]# systemctl enable mysqld.service #设置mysql开机启动
Created symlink from /etc/systemd/system/mysql.service to /usr/lib/systemd/syste
m/mysqld.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mysqld.service
to /usr/lib/systemd/system/mysqld.service.
[root@VM_0_12_centos ~]# systemctl is-enabled mysqld.service #查看mysql服务是否开机启动
enabled
如果不是centos7,可以自己编写脚本使服务开机启动,类似于tomcat开机启动脚本。
5.开启3306端口允许远程登录:
[root@VM_0_12_centos ~]# iptables -I INPUT -p tcp --dport 3306 -j ACCEPT #开启3306端口
[root@VM_0_12_centos ~]# service iptables save #保存到/etc/sysconfig/iptables使其永久有效
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@VM_0_12_centos ~]# cat /etc/sysconfig/iptables #查看/etc/sysprofile/iptables文件内容
# Generated by iptables-save v1.4.21 on Fri Apr 6 15:57:33 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [19:3484]
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Apr 6 15:57:33 2018
6.授权远程登录账户:
mysql> grant all on *.*to username@'%' identified by 'xxxxx'; #授权账户
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges; #刷新权限
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
接下来在腾讯云官网开启3306端口即可远程访问数据库。
7.修改mysql的配置文件设置mysql的编码以及每次最大传送数据量等全局配置:
(1)首先查看mysql的编码的关键字:
mysql> show variables like '%char%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8 |
| character_set_connection | utf8 |
| character_set_database | latin1 |
| character_set_filesystem | binary |
| character_set_results | utf8 |
| character_set_server | latin1 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)
(2)修改/etc/my.cnf在mysqld后面增加:
character_set_server=utf8 #设置编码
max_allowed_packet=50M #最大传送数据量
wait_timeout=604800 #等待连接时长
interactive_timeout=604800 #交互时长
event_scheduler=on #开启任务调度
(3)连接mysql查看全局配置:
mysql> show variables like '%char%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8 |
| character_set_connection | utf8 |
| character_set_database | utf8 |
| character_set_filesystem | binary |
| character_set_results | utf8 |
| character_set_server | utf8 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.01 sec)
mysql> show variables like '%schedul%';
+-----------------+-------+
| Variable_name | Value |
+-----------------+-------+
| event_scheduler | ON |
+-----------------+-------+
1 row in set (0.00 sec)
至此,mysql的配置完成。
4.安装webmin
1.将webmin包上传到服务器
2.解压安装
传到服务器->tar -xzvf xx.tar.gz 解压 ->进入解压后目录 -> ./setup.sh安装
注意:安装的默认端口是10000,如果不写用户名的话用户名是admin,密码必须写。
安装完成可以在linux中用curl localhost:10000测试是否启动
参考:http://www.cnblogs.com/qlqwjy/p/8669081.html
总结:
在iptables中开启的端口至少需要3306,8080。而且需要安装的服务有iptables,mysqld。且需要使用 systemctl enable xxx.service设置服务开机启动。不要忘记在腾讯云官网安全组开启端口。