服务器配置笔记
来源:互联网 发布:怎么优化网页 编辑:程序博客网 时间:2024/06/01 17:22
服务器配置笔记
一.存储服务器
操作系统:CentOS 5.2
分区:
准备工作
rpm -q gcc,如果gcc没装,用yum install gcc安装
配置dns解析
vi /etc/resolv.conf
nameserver 202.106.0.20
nameserver 211.161.46.84
nameserver 211.98.4.1
search localdomain
安装ntp
yum install ntp
同步时间设置
crontab -e
00 12 * * * /usr/sbin/ntpdate 133.100.11.8
配置VIM
cp /usr/share/vim/vim70/vimrc_example.vim /root/.vimrc
vi /root/.vimrc
注释掉set mouse=a
set autoindent
set smartindent
set tabstop=4
set shiftwidth=4
set showmatch
set nobackup
syntax on
mv /bin/vi /bin/vi_bak
ln -s /usr/bin/vim /bin/vi
修改默认语言:
vi /etc/sysconfig/i18n
LANG="en_US.UTF-8"
IP设置:
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:1E:C9:B7:71:69
ONBOOT=yes
DHCP_HOSTNAME=pangzi.echineselearning.com
IPADDR=192.168.1.120
NETMASK=255.255.255.0
GATEWAY=192.168.1.3
TYPE=Ethernet
执行/etc/init.d/network restart
防火墙脚本配置
脚本位置:/root/scripts/fw.sh
开放sshd端口8801:/sbin/iptables -A INPUT -p tcp --dport 8801 -j ACCEPT
sh /root/scripts/fw.sh
vi /etc/rc.local
/bin/sh /root/scripts/fw.sh
配置sshd
vi /etc/ssh/sshd_config
Port 8801
Protocol 2
ServerKeyBits 1024
PermitEmptyPasswords no 不允许使用空密码登录
开机服务精简:
关闭ipv6:vi /etc/modprobe.conf,增加
alias net-pf-10 off
alias ipv6 off
sh /root/scripts/chkconfig_batch.sh,内容如下:
chkconfig --level 3 anacron off
chkconfig --level 3 apmd off
chkconfig --level 3 atd off
chkconfig --level 3 autofs off
chkconfig --level 3 avahi-daemon off
chkconfig --level 3 bluetooth off
chkconfig --level 3 cpuspeed off
chkconfig --level 3 cups off
chkconfig --level 3 firstboot off
chkconfig --level 3 gpm off
chkconfig --level 3 hidd off
chkconfig --level 3 hplip off
chkconfig --level 3 isdn off
chkconfig --level 3 kudzu off
chkconfig --level 3 mdmonitor off
chkconfig --level 3 netfs off
chkconfig --level 3 nfslock off
chkconfig --level 3 pcscd off
chkconfig --level 3 portmap off
chkconfig --level 3 rpcgssd off
chkconfig --level 3 rpcidmapd off
chkconfig --level 3 sendmail off
chkconfig --level 3 yum-updatesd off
安装subversion
yum install subversion
安装JDK
安装地址:/usr/local/jdk
vi /etc/profile
PATH=$PATH:/usr/local/jdk/bin
CLASSPATH=/usr/local/jdk/lib/dt.jar:/usr/local/jdk/lib/tools.jar
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC CLASSPATH
安装ANT
版本1.7.1
解压后放到/usr/local/ant
把/usr/local/ant/bin加到path里
安装MySQL
安装目录 /usr/local/mysql
建立mysql用户:
groupadd mysql
useradd mysql -g mysql
修改/etc/passwd,把mysql的/bin/bash改成/sbin/nologin
权限设置
mv /usr/local/mysql/data /home/mysql/data
chgrp -R mysql /home/mysql/data
chown -R mysql /home/mysql/data
ln -s /home/mysql/data /usr/local/mysql/data
chgrp -R mysql /usr/local/mysql/data
chown -R mysql /usr/local/mysql/data
配置MySQL
cp /usr/local/mysql/support-files/my-huge.cnf /etc/my.cnf
vi /etc/my.cnf
# Uncomment the following if you are using InnoDB tables
innodb_data_home_dir = /usr/local/mysql/data/
innodb_data_file_path = ibdata1:2000M;ibdata2:10M:autoextend
innodb_log_group_home_dir = /usr/local/mysql/data/
innodb_log_arch_dir = /usr/local/mysql/data/
# You can set .._buffer_pool_size up to 50 - 80 %
# of RAM but beware of setting memory usage too high
innodb_buffer_pool_size = 512M
innodb_additional_mem_pool_size = 20M
# Set .._log_file_size to 25 % of buffer pool size
innodb_log_file_size = 100M
innodb_log_buffer_size = 8M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
在/etc/rc.local中加入/usr/local/mysql/bin/mysqld_safe --user=mysql
启动mysql,设置用户
use mysql;
delete from user where User='root' or User='';
create database ecl;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP on ecl.* to 'ecl'@'%' identified by '***';
GRANT ALL PRIVILEGES on *.* to 'admin'@'%' identified by 'shanghua';
安装apache
安装APR
./configure
make
make install
安装apr-util
./configure --with-apr=/usr/local/apr/bin/apr-1-config
make
make install
安装openssl-devel
yum install openssl-devel
安装apache
./configure --with-layout=Apache --enable-so --disable-cgi --disable-imap --disable-userdir --enable-rewrite --enable-dav --enable-ssl --enable-maintainer-mode --with-apr=/usr/local/apr/bin/apr-1-config --with-apr-util=/usr/local/apr/bin/apu-1-config
make
make install
vi /etc/rc.local
/bin/sh /usr/local/apache2/bin/apachectl start &
配置
vi /usr/local/apache2/conf/httpd.conf
#隐藏请求头信息
ServerTokens Prod
安装tomcat
cp到/usr/local下
vi /etc/profile
JAVA_HOME=/usr/local/jdk
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC CLASSPATH JAVA_HOME
. /etc/profile
vi /etc/rc.local
/bin/sh /usr/local/tomcat/bin/startup.sh &
整合apache+tomcat
参考文档http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html
下载合适的mod_jk,例如http://apache.mirror.phpchina.com/tomcat/tomcat-connectors/jk/binaries/linux/jk-1.2.26/i386/
mv mod_jk-1.2.26-httpd-2.2.6.so /usr/local/apache2/modules/mod_jk.so
vi /usr/local/apache2/conf/httpd.conf
LoadModule jk_module modules/mod_jk.so
JkWorkersFile /usr/local/apache2/conf/workers.properties
JkShmFile /usr/local/apache2/mod_jk.shm
JkLogFile "|/usr/local/apache2/bin/rotatelogs /var/log/httpd/mod_jk.log 86400"
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
Include /usr/local/apache2/conf/vhost.conf
vi /usr/local/apache2/conf/workers.properties
workers.tomcat_home=/usr/local/tomcat
workers.java_home=/usr/local/jdk
worker.list=worker2
ps=/
worker.worker2.host=localhost
worker.worker2.port=8009
worker.worker2.type=ajp13
worker.worker2.lbfactor=3
worker.worker2.cachesize=10
worker.worker2.cache_timeout=600
worker.worker2.socket_keepalive=1
worker.worker2.recycle_timeout=300
worker.worker2.connection_pool_size=50
worker.worker2.connection_pool_minsize=25
worker.worker2.connection_pool_timeout=600
vi /usr/local/apache2/conf/vhost.conf
在相应的VirtualHost里加入
JkMount /*.jsp worker2
JkMount /*.do worker2
JkUnMount /admin/ftp/* worker2
JkMount /cas/services/j_acegi_cas_security_check worker2
配置rsync客户端(ssh方式)
cd ~
检查是否有.ssh目录,没有则创建
ssh-keygen -t rsa -b 2048 -f /root/.ssh/hostkey
提示密码时直接回车
把生成的hostkey.pub放到服务器端相同的目录下
登录到服务器端
cd ~/.ssh/
cat hostkey.pub >> authorized_keys
客户端:
vi /etc/profile
RSYNC_PASSWORD=#rsyncd设置的密码#
export RSYNC_PASSWORD
. /etc/profile
测试:
rsync -vzrtopg -e "ssh -i /root/.ssh/hostkey -p portNumber" --progress user@hostip::daily_backup /data/daily_backup
优化MySQL
vi /etc/my.cnf
skip-name-resolve
禁止MySQL对外部连接进行DNS解析,使用这一选项可以消除MySQL进行DNS解析的时间。但需要注意,如果开启该选项,则所有远程主机连接授权都要使用IP地址方式,否则MySQL将无法正常处理连接请求
sort_buffer_size = 6M
查询排序时所能使用的缓冲区大小。注意:该参数对应的分配内存是每连接独占!如果有100个连接,那么实际分配的总共排序缓冲区大小为100 × 6 = 600MB。所以,对于内存在4GB左右的服务器推荐设置为6-8M。
read_buffer_size = 4M
读查询操作所能使用的缓冲区大小。和sort_buffer_size一样,该参数对应的分配内存也是每连接独享!
join_buffer_size = 8M
联合查询操作所能使用的缓冲区大小,和sort_buffer_size一样,该参数对应的分配内存也是每连接独享!
- web服务器配置笔记
- dns 服务器配置笔记
- 服务器配置笔记
- linux配置服务器笔记
- NFS服务器配置 笔记
- samba服务器配置---学习笔记
- FTP服务器配置---学习笔记
- DHCP服务器配置---学习笔记
- 配置服务器各种问题笔记
- ubuntu NAT服务器配置笔记
- ubuntu NAT服务器配置笔记
- [笔记]Ubuntu mc服务器配置
- Linux NFS 服务器配置 学习笔记
- 四、Samba服务器的配置笔记
- GIT服务器配置笔记(转载)
- 【原】yukon12345的linux服务器配置笔记
- Centos Linux 服务器安装配置笔记
- centos 6.4 oracle 服务器配置笔记
- C#自定义结构的强制转换
- linux磁盘空间不够用,添加硬盘
- evc vc字符串转换处理一:(绝对精华,收集所有的例子)
- VB mcisendstring 方法
- SEO阅读笔记三(如何选择域名和主机)
- 服务器配置笔记
- 一个存储过程实例
- 作者介绍
- 使用Delphi快速开发ActiveX控件
- 序
- 一些想法
- 简单计算一下,发现炒房一点不划算
- CSS总结
- LDAP教程地址