-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathatom.xml
511 lines (242 loc) · 338 KB
/
atom.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>明月出天山 苍茫云海间</title>
<link href="https://lunrry.github.io/atom.xml" rel="self"/>
<link href="https://lunrry.github.io/"/>
<updated>2024-05-21T01:30:11.027Z</updated>
<id>https://lunrry.github.io/</id>
<author>
<name>桃栀</name>
</author>
<generator uri="https://hexo.io/">Hexo</generator>
<entry>
<title>MySQLdump的参数</title>
<link href="https://lunrry.github.io/posts/4d333f8a/"/>
<id>https://lunrry.github.io/posts/4d333f8a/</id>
<published>2024-05-21T01:15:01.427Z</published>
<updated>2024-05-21T01:30:11.027Z</updated>
<content type="html"><![CDATA[<h2 id="MySQLdump的参数"><a href="#MySQLdump的参数" class="headerlink" title="MySQLdump的参数"></a>MySQLdump的参数</h2><pre class="line-numbers language-none"><code class="language-none">参数参数说明–all-databases , -A导出全部数据库。mysqldump -uroot -p --all-databases–all-tablespaces , -Y导出全部表空间。mysqldump -uroot -p --all-databases --all-tablespaces–no-tablespaces , -y不导出任何表空间信息。mysqldump -uroot -p --all-databases --no-tablespaces–add-drop-database每个数据库创建之前添加drop数据库语句。mysqldump -uroot -p --all-databases --add-drop-database–add-drop-table每个数据表创建之前添加drop数据表语句。(默认为打开状态,使用–skip-add-drop-table取消选项)mysqldump -uroot -p --all-databases (默认添加drop语句)mysqldump -uroot -p --all-databases –skip-add-drop-table (取消drop语句)–add-locks在每个表导出之前增加LOCK TABLES并且之后UNLOCK TABLE。(默认为打开状态,使用–skip-add-locks取消选项)mysqldump -uroot -p --all-databases (默认添加LOCK语句)mysqldump -uroot -p --all-databases –skip-add-locks (取消LOCK语句)–allow-keywords允许创建是关键词的列名字。这由表名前缀于每个列名做到。mysqldump -uroot -p --all-databases --allow-keywords–apply-slave-statements在’CHANGE MASTER’前添加’STOP SLAVE’,并且在导出的最后添加’START SLAVE’。mysqldump -uroot -p --all-databases --apply-slave-statements–character-sets-dir字符集文件的目录mysqldump -uroot -p --all-databases --character-sets-dir=/usr/local/mysql/share/mysql/charsets–comments附加注释信息。默认为打开,可以用–skip-comments取消mysqldump -uroot -p --all-databases (默认记录注释)mysqldump -uroot -p --all-databases --skip-comments (取消注释)–compatible导出的数据将和其它数据库或旧版本的MySQL 相兼容。值可以为ansi、mysql323、mysql40、postgresql、oracle、mssql、db2、maxdb、no_key_options、no_tables_options、no_field_options等,要使用几个值,用逗号将它们隔开。它并不保证能完全兼容,而是尽量兼容。mysqldump -uroot -p --all-databases --compatible=ansi–compact导出更少的输出信息(用于调试)。去掉注释和头尾等结构。可以使用选项:–skip-add-drop-table --skip-add-locks --skip-comments --skip-disable-keysmysqldump -uroot -p --all-databases --compact–complete-insert, -c使用完整的insert语句(包含列名称)。这么做能提高插入效率,但是可能会受到max_allowed_packet参数的影响而导致插入失败。mysqldump -uroot -p --all-databases --complete-insert–compress, -C在客户端和服务器之间启用压缩传递所有信息mysqldump -uroot -p --all-databases --compress–create-options, -a在CREATE TABLE语句中包括所有MySQL特性选项。(默认为打开状态)mysqldump -uroot -p --all-databases–databases, -B导出几个数据库。参数后面所有名字参量都被看作数据库名。mysqldump -uroot -p --databases test mysql–debug输出debug信息,用于调试。默认值为:d:t:o,/tmp/mysqldump.tracemysqldump -uroot -p --all-databases --debugmysqldump -uroot -p --all-databases --debug=” d:t:o,/tmp/debug.trace”–debug-check检查内存和打开文件使用说明并退出。mysqldump -uroot -p --all-databases --debug-check–debug-info输出调试信息并退出mysqldump -uroot -p --all-databases --debug-info–default-character-set设置默认字符集,默认值为utf8mysqldump -uroot -p --all-databases --default-character-set=latin1–delayed-insert采用延时插入方式(INSERT DELAYED)导出数据mysqldump -uroot -p --all-databases --delayed-insert–delete-master-logsmaster备份后删除日志. 这个参数将自动激活–master-data。mysqldump -uroot -p --all-databases --delete-master-logs–disable-keys对于每个表,用/*!40000 ALTER TABLE tbl_name DISABLE KEYS /;和/!40000 ALTER TABLE tbl_name ENABLE KEYS */;语句引用INSERT语句。这样可以更快地导入dump出来的文件,因为它是在插入所有行后创建索引的。该选项只适合MyISAM表,默认为打开状态。mysqldump -uroot -p --all-databases–dump-slave该选项将导致主的binlog位置和文件名追加到导出数据的文件中。设置为1时,将会以CHANGE MASTER命令输出到数据文件;设置为2时,在命令前增加说明信息。该选项将会打开–lock-all-tables,除非–single-transaction被指定。该选项会自动关闭–lock-tables选项。默认值为0。mysqldump -uroot -p --all-databases --dump-slave=1mysqldump -uroot -p --all-databases --dump-slave=2–events, -E导出事件。mysqldump -uroot -p --all-databases --events–extended-insert, -e使用具有多个VALUES列的INSERT语法。这样使导出文件更小,并加速导入时的速度。默认为打开状态,使用–skip-extended-insert取消选项。mysqldump -uroot -p --all-databasesmysqldump -uroot -p --all-databases–skip-extended-insert (取消选项)–fields-terminated-by导出文件中忽略给定字段。与–tab选项一起使用,不能用于–databases和–all-databases选项mysqldump -uroot -p test test --tab=”/home/mysql” --fields-terminated-by=”#”–fields-enclosed-by输出文件中的各个字段用给定字符包裹。与–tab选项一起使用,不能用于–databases和–all-databases选项mysqldump -uroot -p test test --tab=”/home/mysql” --fields-enclosed-by=”#”–fields-optionally-enclosed-by输出文件中的各个字段用给定字符选择性包裹。与–tab选项一起使用,不能用于–databases和–all-databases选项mysqldump -uroot -p test test --tab=”/home/mysql” --fields-enclosed-by=”#” --fields-optionally-enclosed-by =”#”–fields-escaped-by输出文件中的各个字段忽略给定字符。与–tab选项一起使用,不能用于–databases和–all-databases选项mysqldump -uroot -p mysql user --tab=”/home/mysql” --fields-escaped-by=”#”–flush-logs开始导出之前刷新日志。请注意:假如一次导出多个数据库(使用选项–databases或者–all-databases),将会逐个数据库刷新日志。除使用–lock-all-tables或者–master-data外。在这种情况下,日志将会被刷新一次,相应的所以表同时被锁定。因此,如果打算同时导出和刷新日志应该使用–lock-all-tables 或者–master-data 和–flush-logs。mysqldump -uroot -p --all-databases --flush-logs–flush-privileges在导出mysql数据库之后,发出一条FLUSH PRIVILEGES 语句。为了正确恢复,该选项应该用于导出mysql数据库和依赖mysql数据库数据的任何时候。mysqldump -uroot -p --all-databases --flush-privileges–force在导出过程中忽略出现的SQL错误。mysqldump -uroot -p --all-databases --force–help显示帮助信息并退出。mysqldump --help–hex-blob使用十六进制格式导出二进制字符串字段。如果有二进制数据就必须使用该选项。影响到的字段类型有BINARY、VARBINARY、BLOB。mysqldump -uroot -p --all-databases --hex-blob–host, -h需要导出的主机信息mysqldump -uroot -p --host=localhost --all-databases–ignore-table不导出指定表。指定忽略多个表时,需要重复多次,每次一个表。每个表必须同时指定数据库和表名。例如:–ignore-table=database.table1 --ignore-table=database.table2 ……mysqldump -uroot -p --host=localhost --all-databases --ignore-table=mysql.user–include-master-host-port在–dump-slave产生的’CHANGE MASTER TO…‘语句中增加’MASTER_HOST=,MASTER_PORT=’mysqldump -uroot -p --host=localhost --all-databases --include-master-host-port–insert-ignore在插入行时使用INSERT IGNORE语句.mysqldump -uroot -p --host=localhost --all-databases --insert-ignore–lines-terminated-by输出文件的每行用给定字符串划分。与–tab选项一起使用,不能用于–databases和–all-databases选项。mysqldump -uroot -p --host=localhost test test --tab=”/tmp/mysql” --lines-terminated-by=”##”–lock-all-tables, -x提交请求锁定所有数据库中的所有表,以保证数据的一致性。这是一个全局读锁,并且自动关闭–single-transaction 和–lock-tables 选项。mysqldump -uroot -p --host=localhost --all-databases --lock-all-tables–lock-tables, -l开始导出前,锁定所有表。用READ LOCAL锁定表以允许MyISAM表并行插入。对于支持事务的表例如InnoDB和BDB,–single-transaction是一个更好的选择,因为它根本不需要锁定表。请注意当导出多个数据库时,–lock-tables分别为每个数据库锁定表。因此,该选项不能保证导出文件中的表在数据库之间的逻辑一致性。不同数据库表的导出状态可以完全不同。mysqldump -uroot -p --host=localhost --all-databases --lock-tables–log-error附加警告和错误信息到给定文件mysqldump -uroot -p --host=localhost --all-databases --log-error=/tmp/mysqldump_error_log.err–master-data该选项将binlog的位置和文件名追加到输出文件中。如果为1,将会输出CHANGE MASTER 命令;如果为2,输出的CHANGE MASTER命令前添加注释信息。该选项将打开–lock-all-tables 选项,除非–single-transaction也被指定(在这种情况下,全局读锁在开始导出时获得很短的时间;其他内容参考下面的–single-transaction选项)。该选项自动关闭–lock-tables选项。mysqldump -uroot -p --host=localhost --all-databases --master-data=1;mysqldump -uroot -p --host=localhost --all-databases --master-data=2;–max_allowed_packet服务器发送和接受的最大包长度。mysqldump -uroot -p --host=localhost --all-databases --max_allowed_packet=10240–net_buffer_lengthTCP/IP和socket连接的缓存大小。mysqldump -uroot -p --host=localhost --all-databases --net_buffer_length=1024–no-autocommit使用autocommit/commit 语句包裹表。mysqldump -uroot -p --host=localhost --all-databases --no-autocommit–no-create-db, -n只导出数据,而不添加CREATE DATABASE 语句。mysqldump -uroot -p --host=localhost --all-databases --no-create-db–no-create-info, -t只导出数据,而不添加CREATE TABLE 语句。mysqldump -uroot -p --host=localhost --all-databases --no-create-info–no-data, -d不导出任何数据,只导出数据库表结构。mysqldump -uroot -p --host=localhost --all-databases --no-data–no-set-names, -N等同于–skip-set-charsetmysqldump -uroot -p --host=localhost --all-databases --no-set-names–opt等同于–add-drop-table, --add-locks, --create-options, --quick, --extended-insert, --lock-tables, --set-charset, --disable-keys 该选项默认开启, 可以用–skip-opt禁用.mysqldump -uroot -p --host=localhost --all-databases --opt–order-by-primary如果存在主键,或者第一个唯一键,对每个表的记录进行排序。在导出MyISAM表到InnoDB表时有效,但会使得导出工作花费很长时间。mysqldump -uroot -p --host=localhost --all-databases --order-by-primary–password, -p连接数据库密码–pipe(windows系统可用)使用命名管道连接mysqlmysqldump -uroot -p --host=localhost --all-databases --pipe–port, -P连接数据库端口号–protocol使用的连接协议,包括:tcp, socket, pipe, memory.mysqldump -uroot -p --host=localhost --all-databases --protocol=tcp–quick, -q不缓冲查询,直接导出到标准输出。默认为打开状态,使用–skip-quick取消该选项。mysqldump -uroot -p --host=localhost --all-databasesmysqldump -uroot -p --host=localhost --all-databases --skip-quick--quote-names,-Q使用(`)引起表和列名。默认为打开状态,使用–skip-quote-names取消该选项。mysqldump -uroot -p --host=localhost --all-databasesmysqldump -uroot -p --host=localhost --all-databases --skip-quote-names–replace使用REPLACE INTO 取代INSERT INTO.mysqldump -uroot -p --host=localhost --all-databases --replace–result-file, -r直接输出到指定文件中。该选项应该用在使用回车换行对(\r\n)换行的系统上(例如:DOS,Windows)。该选项确保只有一行被使用。mysqldump -uroot -p --host=localhost --all-databases --result-file=/tmp/mysqldump_result_file.txt–routines, -R导出存储过程以及自定义函数。mysqldump -uroot -p --host=localhost --all-databases --routines–set-charset添加’SET NAMES default_character_set’到输出文件。默认为打开状态,使用–skip-set-charset关闭选项。mysqldump -uroot -p --host=localhost --all-databasesmysqldump -uroot -p --host=localhost --all-databases --skip-set-charset–single-transaction该选项在导出数据之前提交一个BEGIN SQL语句,BEGIN 不会阻塞任何应用程序且能保证导出时数据库的一致性状态。它只适用于多版本存储引擎,仅InnoDB。本选项和–lock-tables 选项是互斥的,因为LOCK TABLES 会使任何挂起的事务隐含提交。要想导出大表的话,应结合使用–quick 选项。mysqldump -uroot -p --host=localhost --all-databases --single-transaction–dump-date将导出时间添加到输出文件中。默认为打开状态,使用–skip-dump-date关闭选项。mysqldump -uroot -p --host=localhost --all-databasesmysqldump -uroot -p --host=localhost --all-databases --skip-dump-date–skip-opt禁用–opt选项.mysqldump -uroot -p --host=localhost --all-databases --skip-opt–socket,-S指定连接mysql的socket文件位置,默认路径/tmp/mysql.sockmysqldump -uroot -p --host=localhost --all-databases --socket=/tmp/mysqld.sock–tab,-T为每个表在给定路径创建tab分割的文本文件。注意:仅仅用于mysqldump和mysqld服务器运行在相同机器上。mysqldump -uroot -p --host=localhost test test --tab="/home/mysql"–tables覆盖–databases (-B)参数,指定需要导出的表名。mysqldump -uroot -p --host=localhost --databases test --tables test–triggers导出触发器。该选项默认启用,用–skip-triggers禁用它。mysqldump -uroot -p --host=localhost --all-databases --triggers–tz-utc在导出顶部设置时区TIME_ZONE=’+00:00’ ,以保证在不同时区导出的TIMESTAMP 数据或者数据被移动其他时区时的正确性。mysqldump -uroot -p --host=localhost --all-databases --tz-utc–user, -u指定连接的用户名。–verbose, --v输出多种平台信息。–version, -V输出mysqldump版本信息并退出–where, -w只转储给定的WHERE条件选择的记录。请注意如果条件包含命令解释符专用空格或字符,一定要将条件引用起来。mysqldump -uroot -p --host=localhost --all-databases --where=” user=’root’”–xml, -X导出XML格式.mysqldump -uroot -p --host=localhost --all-databases --xml–plugin_dir客户端插件的目录,用于兼容不同的插件版本。mysqldump -uroot -p --host=localhost --all-databases --plugin_dir=”/usr/local/lib/plugin”–default_auth客户端插件默认使用权限。mysqldump -uroot -p --host=localhost --all-databases --default-auth=”/usr/local/lib/plugin/< PLUGIN >”选项文件,记住:你可以不依赖选项文件,完全在命令行控制程序的行为该程序读取标准配置文件路径顺序:C:\WINDOWS\my.ini C:\WINDOWS\my.cnf C:\my.ini C:\my.cnf D:\Program Files\MySQL\MySQL Server 5.1 master\my.ini D:\Program Files\MySQL\MySQL Server 5.1 master\my.cnf:下的默认的设置选项: [mysqldump] 和 [client] 节的配置选项。该行为可以通过标准的mysql程序的第一选项来改变:–print-defaults Print the program argument list and exit – 打印出程序的默认配置选项,立即退出程序的执行。用于了解默认的选项配置–no-defaults Don’t read default options from any options file – 不读取任何默认选项配置文件下的配置,需要在命令行提供命令行选项。用于干净的控制配置选项,必须配合命令行选项配置–defaults-file=# Only read default options from the given file # – 不读取任何默认选项配置文件下的配置,仅仅 读取指定的选项配置文件。用于干净的控制配置选项–defaults-extra-file=# Read this file after the global files are read – 读取任何默认选项配置文件下的配置,然后 再读取指定的选项配置文件。用于补充或替换默认配置的不足!常用的配置选项这些特征变量的值可以通过配置选项的设置来改变注意:–opt = --add-drop-table、–add-locks、–create-options、–quick、–extented-insert、–lock-tables、–set-charset、–disable-keys–skip-opt和数据库对象有关的配置选项:–databases–all-databases–all-tablespaces–no-tablespaces–events–routines–triggers–tables 可以屏蔽–databases选项–ignore-table=name和脚本格式相关的配置选项:–all–create-options #相当于–all–replace–complete-insert–extented-insert–delayed-insert–disable-keys–no-create-db–add-drop-database–no-create-info–add-drop-table–quote-name–no-autocommit–skip-set-charset #相当于–no-set-names–set-charset–tz-utc–dump-date–xml和数据行数相关的选项:–no-data–where=name–order-by-primary和数据类型、编码相关的配置选项:–default-character-set–hex-blob和数据完整性相关的配置选项:–lock-tables–lock-all-tables–single-transaction和导出性能相关的配置选项:–quick–order-by-primary–default-character-set–delayed-insert–disable-keys–no-autocommit–net-buffer-length=#–max-allowed-packet=#和错误控制相关的配置选项:–force–log-error=name和文件相关的配置选项:–log-error=name–result-file=name<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="MySQLdump的参数"><a href="#MySQLdump的参数" class="headerlink" title="MySQLdump的参数"></a>MySQLdump的参数</h2><pre class="line-numbers language</summary>
<category term="Linux" scheme="https://lunrry.github.io/categories/Linux/"/>
<category term="linux" scheme="https://lunrry.github.io/tags/linux/"/>
<category term="mysql" scheme="https://lunrry.github.io/tags/mysql/"/>
</entry>
<entry>
<title>nginx编译升级方案</title>
<link href="https://lunrry.github.io/posts/904b2880/"/>
<id>https://lunrry.github.io/posts/904b2880/</id>
<published>2023-12-11T03:25:12.000Z</published>
<updated>2023-12-18T08:16:22.041Z</updated>
<content type="html"><![CDATA[<h2 id="Nginx编译升级"><a href="#Nginx编译升级" class="headerlink" title="Nginx编译升级"></a>Nginx编译升级</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@localhost opt<span class="token punctuation">]</span><span class="token comment"># nginx -V</span>nginx version: nginx/1.20.1built by gcc <span class="token number">4.8</span>.5 <span class="token number">20150623</span> <span class="token punctuation">(</span>Red Hat <span class="token number">4.8</span>.5-44<span class="token punctuation">)</span> <span class="token punctuation">(</span>GCC<span class="token punctuation">)</span> built with OpenSSL <span class="token number">1.1</span>.1k <span class="token number">25</span> Mar <span class="token number">2021</span>TLS SNI support enabledconfigure arguments: <span class="token parameter variable">--prefix</span><span class="token operator">=</span>/etc/nginx --sbin-path<span class="token operator">=</span>/usr/sbin/nginx --modules-path<span class="token operator">=</span>/usr/lib/nginx/modules --conf-path<span class="token operator">=</span>/etc/nginx/nginx.conf --error-log-path<span class="token operator">=</span>/data/log/nginx/error.log --http-log-path<span class="token operator">=</span>/var/log/nginx/access.log --pid-path<span class="token operator">=</span>/data/run/nginx.pid --lock-path<span class="token operator">=</span>/var/run/nginx.lock --http-client-body-temp-path<span class="token operator">=</span>/var/cache/nginx/client_temp --http-proxy-temp-path<span class="token operator">=</span>/var/cache/nginx/proxy_temp --http-fastcgi-temp-path<span class="token operator">=</span>/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path<span class="token operator">=</span>/var/cache/nginx/uwsgi_temp --http-scgi-temp-path<span class="token operator">=</span>/var/cache/nginx/scgi_temp <span class="token parameter variable">--user</span><span class="token operator">=</span>nginx <span class="token parameter variable">--group</span><span class="token operator">=</span>nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module<span class="token operator">=</span>dynamic --with-http_image_filter_module<span class="token operator">=</span>dynamic --with-http_geoip_module<span class="token operator">=</span>dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module<span class="token operator">=</span>dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --with-openssl<span class="token operator">=</span>/home/app/nginx/openssl-OpenSSL_1_1_1k --add-module<span class="token operator">=</span>/home/app/nginx/lua-nginx-module-0.10.15 --add-module<span class="token operator">=</span>/home/app/nginx/ngx_devel_kit-0.3.1rc1 --add-module<span class="token operator">=</span>/home/app/nginx/nginx-http-concat-master --add-module<span class="token operator">=</span>/home/app/nginx/fastdfs-nginx-module-1.22/src<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p><img src="http://img.lunrry.top/img/202312111603468.png" alt="image-20231211160340414"></p><h3 id="编译时报错"><a href="#编译时报错" class="headerlink" title="编译时报错"></a>编译时报错</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">modules <span class="token parameter variable">-I</span> src/os/unix <span class="token parameter variable">-I</span> /home/app/nginx/lua-nginx-module-0.10.15/src/api <span class="token parameter variable">-I</span> /home/app/nginx/ngx_devel_kit-0.3.1rc1/objs <span class="token parameter variable">-I</span> objs/addon/ndk <span class="token parameter variable">-I</span> /home/app/nginx/openssl-OpenSSL_1_1_1k/.openssl/include <span class="token parameter variable">-I</span> /usr/include/libxml2 <span class="token parameter variable">-I</span> objs <span class="token parameter variable">-I</span> src/http <span class="token parameter variable">-I</span> src/http/modules <span class="token parameter variable">-I</span> src/http/v2 <span class="token parameter variable">-I</span> /usr/include/luajit-2.0 <span class="token parameter variable">-I</span> /home/app/nginx/ngx_devel_kit-0.3.1rc1/src <span class="token parameter variable">-I</span> /home/app/nginx/ngx_devel_kit-0.3.1rc1/src <span class="token parameter variable">-I</span> /home/app/nginx/ngx_devel_kit-0.3.1rc1/objs <span class="token parameter variable">-I</span> objs/addon/ndk <span class="token parameter variable">-I</span> /usr/local/include <span class="token parameter variable">-I</span> src/mail <span class="token parameter variable">-I</span> src/stream <span class="token punctuation">\</span><span class="token parameter variable">-o</span> objs/addon/src/ngx_http_lua_headers_in.o <span class="token punctuation">\</span>/home/app/nginx/lua-nginx-module-0.10.15/src/ngx_http_lua_headers_in.cIn <span class="token function">file</span> included from /usr/include/dlfcn.h:25, from src/os/unix/ngx_linux_config.h:58, from src/core/ngx_config.h:26, from /home/app/nginx/lua-nginx-module-0.10.15/src/ddebug.h:11, from /home/app/nginx/lua-nginx-module-0.10.15/src/ngx_http_lua_headers_in.c:10:/home/app/nginx/lua-nginx-module-0.10.15/src/ngx_http_lua_headers_in.c:162:50: error: ‘ngx_http_headers_in_t’ has no member named ‘cookies’<span class="token punctuation">;</span> did you mean ‘cookie’? <span class="token number">162</span> <span class="token operator">|</span> offsetof<span class="token punctuation">(</span>ngx_http_headers_in_t, cookies<span class="token punctuation">)</span>, <span class="token operator">|</span> ^~~~~~~make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: *** <span class="token punctuation">[</span>objs/Makefile:2108:objs/addon/src/ngx_http_lua_headers_in.o<span class="token punctuation">]</span> 错误 <span class="token number">1</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: 离开目录“/opt/nginx-1.24.0/nginx-1.24.0”make: *** <span class="token punctuation">[</span>Makefile:10:build<span class="token punctuation">]</span> 错误 <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p><strong>lua 模块版本不兼容,更改合适的lua模块版本</strong></p><p><img src="http://img.lunrry.top/img/202312140929956.png" alt="image"></p><p><img src="http://img.lunrry.top/img/202312140929302.png" alt="image"></p><p><a href="https://github.com/nginx/nginx/commit/3aef1d693f3cc431563a7e6a6aba6a34e5290f03">nginx/nginx@3aef1d6</a>中将<code>cookies</code>字段重命名为<code>cookie</code></p><h4 id="解决方案:"><a href="#解决方案:" class="headerlink" title="解决方案:"></a>解决方案:</h4><p>一个可行的<a href="https://github.com/openresty/headers-more-nginx-module/commit/57ef661154ba32d0b072d640038754b348808e2e">修复</a>:</p><p>修改<code>/home/app/nginx/lua-nginx-module-0.10.15/src/ngx_http_lua_headers_in.c</code></p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">@@ -158,9 +158,15 @@ static ngx_http_headers_more_set_header_t ngx_http_headers_more_set_handlers<span class="token punctuation">[</span><span class="token punctuation">]</span>ngx_http_set_builtin_header <span class="token punctuation">}</span>,<span class="token comment">#endif</span>+ <span class="token comment">#if defined(nginx_version) && nginx_version >= 1023000</span>+ <span class="token punctuation">{</span> ngx_string<span class="token punctuation">(</span><span class="token string">"Cookie"</span><span class="token punctuation">)</span>,+ offsetof<span class="token punctuation">(</span>ngx_http_headers_in_t, cookie<span class="token punctuation">)</span>,+ ngx_http_set_builtin_multi_header <span class="token punctuation">}</span>,+ <span class="token comment">#else</span> <span class="token punctuation">{</span> ngx_string<span class="token punctuation">(</span><span class="token string">"Cookie"</span><span class="token punctuation">)</span>, offsetof<span class="token punctuation">(</span>ngx_http_headers_in_t, cookies<span class="token punctuation">)</span>, ngx_http_set_builtin_multi_header <span class="token punctuation">}</span>,+ <span class="token comment">#endif</span> <span class="token punctuation">{</span> ngx_null_string, <span class="token number">0</span>, ngx_http_set_header <span class="token punctuation">}</span><span class="token punctuation">}</span><span class="token punctuation">;</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="编译fastdfs-nginx-module-1-22报错"><a href="#编译fastdfs-nginx-module-1-22报错" class="headerlink" title="编译fastdfs-nginx-module-1.22报错"></a>编译fastdfs-nginx-module-1.22报错</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">In <span class="token function">file</span> included from /home/app/nginx/fastdfs-nginx-module-1.22/src/ngx_http_fastdfs_module.c:6:/home/app/nginx/fastdfs-nginx-module-1.22/src/common.c: In <span class="token keyword">function</span> ‘fdfs_http_request_handler’:/home/app/nginx/fastdfs-nginx-module-1.22/src/common.c:903:42: error: ‘%s’ directive output may be truncated writing up to <span class="token number">510</span> bytes into a region of size between <span class="token number">111</span> and <span class="token number">127</span> <span class="token punctuation">[</span>-Werror<span class="token operator">=</span>format-truncation<span class="token operator">=</span><span class="token punctuation">]</span> <span class="token number">902</span> <span class="token operator">|</span> file_id_without_group <span class="token operator">=</span> uri + <span class="token number">1</span><span class="token punctuation">;</span> //skip / <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <span class="token number">903</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s/%s"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~/home/app/nginx/fastdfs-nginx-module-1.22/src/common.c:903:3: note: ‘snprintf’ output between <span class="token number">2</span> and <span class="token number">528</span> bytes into a destination of size <span class="token number">128</span> <span class="token number">903</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s/%s"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <span class="token number">904</span> <span class="token operator">|</span> my_group_name, file_id_without_group<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/home/app/nginx/fastdfs-nginx-module-1.22/src/common.c:857:39: error: ‘%s’ directive output may be truncated writing up to <span class="token number">510</span> bytes into a region of size <span class="token number">128</span> <span class="token punctuation">[</span>-Werror<span class="token operator">=</span>format-truncation<span class="token operator">=</span><span class="token punctuation">]</span> <span class="token number">857</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s"</span>, uri + <span class="token number">1</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~/home/app/nginx/fastdfs-nginx-module-1.22/src/common.c:857:3: note: ‘snprintf’ output between <span class="token number">1</span> and <span class="token number">511</span> bytes into a destination of size <span class="token number">128</span> <span class="token number">857</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s"</span>, uri + <span class="token number">1</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~cc1: all warnings being treated as errorsmake<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: *** <span class="token punctuation">[</span>objs/Makefile:2408:objs/addon/src/ngx_http_fastdfs_module.o<span class="token punctuation">]</span> 错误 <span class="token number">1</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: *** 正在等待未完成的任务<span class="token punctuation">..</span><span class="token punctuation">..</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: 离开目录“/opt/nginx-1.23.4/nginx-1.22.1”make: *** <span class="token punctuation">[</span>Makefile:10:build<span class="token punctuation">]</span> 错误 <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><blockquote><p>int snprintf(char *str, size_t size, const char *format, …) 设将可变参数(…)按照 format 格式化成字符串,并将字符串复制到 str 中,size 为要写入的字符的最大数目,超过 size 会被截断</p></blockquote><h4 id="解决方案:-1"><a href="#解决方案:-1" class="headerlink" title="解决方案:"></a>解决方案:</h4><ul><li>使用编译器特定的语法来禁用警告<br>修改 fastdfs-nginx-module 中的 common.c 文件, 加入两行代码,禁用格式截断告警</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment">#pragma GCC diagnostic push</span><span class="token comment">#pragma GCC diagnostic ignored "-Wformat-truncation"</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p><img src="http://img.lunrry.top/img/202312140952360.png" alt="image-1662112250479"></p><h4 id="备份文件后替换nginx并重启"><a href="#备份文件后替换nginx并重启" class="headerlink" title="备份文件后替换nginx并重启"></a>备份文件后替换nginx并重启</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@localhost sbin<span class="token punctuation">]</span><span class="token comment"># nginx -V</span>nginx version: nginx/1.23.4built by gcc <span class="token number">10.2</span>.1 <span class="token number">20210130</span> <span class="token punctuation">(</span>Red Hat <span class="token number">10.2</span>.1-11<span class="token punctuation">)</span> <span class="token punctuation">(</span>GCC<span class="token punctuation">)</span> built with OpenSSL <span class="token number">1.1</span>.1k <span class="token number">25</span> Mar <span class="token number">2021</span>TLS SNI support enabledconfigure arguments: <span class="token parameter variable">--prefix</span><span class="token operator">=</span>/etc/nginx --sbin-path<span class="token operator">=</span>/usr/sbin/nginx --modules-path<span class="token operator">=</span>/usr/lib/nginx/modules --conf-path<span class="token operator">=</span>/etc/nginx/nginx.conf --error-log-path<span class="token operator">=</span>/data/log/nginx/error.log --http-log-path<span class="token operator">=</span>/var/log/nginx/access.log --pid-path<span class="token operator">=</span>/data/run/nginx.pid --lock-path<span class="token operator">=</span>/var/run/nginx.lock --http-client-body-temp-path<span class="token operator">=</span>/var/cache/nginx/client_temp --http-proxy-temp-path<span class="token operator">=</span>/var/cache/nginx/proxy_temp --http-fastcgi-temp-path<span class="token operator">=</span>/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path<span class="token operator">=</span>/var/cache/nginx/uwsgi_temp --http-scgi-temp-path<span class="token operator">=</span>/var/cache/nginx/scgi_temp <span class="token parameter variable">--user</span><span class="token operator">=</span>nginx <span class="token parameter variable">--group</span><span class="token operator">=</span>nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module<span class="token operator">=</span>dynamic --with-http_image_filter_module<span class="token operator">=</span>dynamic --with-http_geoip_module<span class="token operator">=</span>dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module<span class="token operator">=</span>dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --with-openssl<span class="token operator">=</span>/home/app/nginx/openssl-OpenSSL_1_1_1k --add-module<span class="token operator">=</span>/home/app/nginx/lua-nginx-module-0.10.15 --add-module<span class="token operator">=</span>/home/app/nginx/ngx_devel_kit-0.3.1rc1 --add-module<span class="token operator">=</span>/home/app/nginx/nginx-http-concat-master --add-module<span class="token operator">=</span>/home/app/nginx/fastdfs-nginx-module-1.22/src<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">curl</span> <span class="token parameter variable">-I</span> https://xxx.xxx.xxxHTTP/1.1 <span class="token number">200</span> OKServer: nginx/1.23.4Date: Thu, <span class="token number">14</span> Dec <span class="token number">2023</span> 02:40:53 GMTContent-Type: text/htmlContent-Length: <span class="token number">42101</span>Last-Modified: Wed, <span class="token number">29</span> Nov <span class="token number">2023</span> <span class="token number">22</span>:04:04 GMTConnection: keep-aliveVary: Accept-EncodingETag: <span class="token string">"65xxx54-a475"</span>Expires: Thu, <span class="token number">14</span> Dec <span class="token number">2023</span> 02:40:52 GMTCache-Control: no-cacheAccept-Ranges: bytes<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>如上,已升级到nginx/1.23.4,解决CVE-2022-41741、2安全漏洞。</p>]]></content>
<summary type="html"><h2 id="Nginx编译升级"><a href="#Nginx编译升级" class="headerlink" title="Nginx编译升级"></a>Nginx编译升级</h2><pre class="line-numbers language-bash" data-</summary>
<category term="Nginx" scheme="https://lunrry.github.io/categories/Nginx/"/>
<category term="Nginx" scheme="https://lunrry.github.io/tags/Nginx/"/>
<category term="Linux" scheme="https://lunrry.github.io/tags/Linux/"/>
</entry>
<entry>
<title>ChatGPT403</title>
<link href="https://lunrry.github.io/posts/580fd437/"/>
<id>https://lunrry.github.io/posts/580fd437/</id>
<published>2023-11-17T01:11:12.000Z</published>
<updated>2023-11-17T01:16:29.735Z</updated>
<content type="html"><![CDATA[<h2 id="问题:"><a href="#问题:" class="headerlink" title="问题:"></a>问题:</h2><p>打开<a href="https://chat.openai.com/%E6%8A%A5%E9%94%99%EF%BC%9A">https://chat.openai.com/报错:</a><br>ChatGPT can make mistakes. Consider checking important information.</p><h2 id="原因:"><a href="#原因:" class="headerlink" title="原因:"></a>原因:</h2><p>由于chatgpt的CDN地址发生了变化:原来的地址是cdn.openai.com,现在的地址是cdn.oaistatic.com</p><h2 id="解决:"><a href="#解决:" class="headerlink" title="解决:"></a>解决:</h2><p>进入clash等,配置文件-右键-规则,添加</p><p><img src="http://img.lunrry.top/img/202311170915023.png" alt="剪贴_2023-11-16_15-23-07"></p>]]></content>
<summary type="html"><h2 id="问题:"><a href="#问题:" class="headerlink" title="问题:"></a>问题:</h2><p>打开<a href="https://chat.openai.com/%E6%8A%A5%E9%94%99%EF%BC%9A">ht</summary>
</entry>
<entry>
<title>一键化脚本</title>
<link href="https://lunrry.github.io/posts/dab9ddeb/"/>
<id>https://lunrry.github.io/posts/dab9ddeb/</id>
<published>2023-09-14T09:01:07.000Z</published>
<updated>2023-09-25T08:18:44.566Z</updated>
<content type="html"><![CDATA[<h2 id="脚本使用"><a href="#脚本使用" class="headerlink" title="脚本使用"></a>脚本使用</h2><p><code>wget http://www.lunrry.top:99/p/COnZHs5NgS/install_all.sh && chmod +x install_all.sh && ./install_all.sh</code></p><hr><p>请选择要执行的命令:</p><ol><li>centos初始化配置</li><li>安装fdfs-6.06(一般位于DB服务器)</li><li>安装nginx-1.22.0(web服务器)</li><li>安装nginx+fdfs,两者位于同一台机器</li><li>安装nano-7.2编辑器</li><li>安装docker</li><li>安装k8s(自动安装适配版本docker)</li><li>安装zabbix-5.0-LTS</li></ol><hr><h2 id="Readme"><a href="#Readme" class="headerlink" title="Readme"></a>Readme</h2><ol><li>init.sh</li></ol><blockquote><p>实现yum换源、安装基本工具、同步时间服务器、设定最大进程数、设置打开文件描述符的数量等linux基础优化</p></blockquote><ol start="2"><li>install_fdfs.sh</li></ol><blockquote><p>单独执行:<code>curl http://www.lunrry.top:99/p/h7RX4agM7k/install_fdfs.sh |bash -s -- /home/data/fdfs</code></p><p>– 后面接参数:</p><ul><li>install_dir fdfs安装位置,默认为/home/data/fdfs</li></ul><p>此脚本会安装fdfs-6.06以及nginx-1.22.0,适用于文件服务器和web服务器不在同一台机器,DB服务器上的安装</p></blockquote><ol start="3"><li>nginx_install.sh</li></ol><blockquote><p>单独执行:<code>curl http://www.lunrry.top:99/p/h7RX4agM7k/install_fdfs.sh |bash -s -- /home/data/nginx</code></p><p>– 后面接参数:</p><ul><li>install_dir fdfs安装位置,默认为/home/data/nginx</li></ul><p>此脚本会安装nginx-1.22.0,适用于文件服务器和web服务器不在同一台机器,WEB服务器上的安装</p></blockquote><ol start="4"><li>install_ngx_fdfs.sh</li></ol><blockquote><p>单独执行:<code>curl http://www.lunrry.top:99/p/2O6ZjaqOvL/install_ngx_fdfs.sh |bash -s -- /home/data/fdfs</code></p><p>– 后面接参数: </p><ul><li><p>install_dir fdfs安装位置,默认为/home/data/fdfs </p></li><li><p>nginx文件位置在/home/data/nginx</p></li></ul><p>此脚本会安装fdfs-6.06以及nginx-1.22.0,适用于文件服务器和web服务器在同一台机器的情况</p></blockquote><ol start="5"><li>install.sh</li></ol><blockquote><p> <code>curl http://www.lunrry.top:99/p/cbwpRZoCF8/install.sh | bash</code></p><ul><li>执行代码安装<code>nano-7.2</code>,并设置<code>代码语法高亮以及tab占位4空格</code></li><li>理论linux系统通用</li></ul></blockquote><ol start="6"><li>docker_install.sh</li></ol><blockquote><p>自定义安装docker并换源</p></blockquote><ol start="7"><li>k8s_install.sh</li></ol><blockquote><p>快速部署指定版本k8s集群,极大程度降低工作量,能在10分钟内完成任意版本的k8s集群部署</p></blockquote><ol start="8"><li>zabbix_install.sh</li></ol><blockquote><p>快速安装zabbix-5.0-LTS,同时会安装MariaDB数据库</p></blockquote>]]></content>
<summary type="html"><h2 id="脚本使用"><a href="#脚本使用" class="headerlink" title="脚本使用"></a>脚本使用</h2><p><code>wget http://www.lunrry.top:99/p/COnZHs5NgS/install_all.s</summary>
</entry>
<entry>
<title>Kubernetes</title>
<link href="https://lunrry.github.io/posts/9acacb00/"/>
<id>https://lunrry.github.io/posts/9acacb00/</id>
<published>2023-09-06T02:02:02.000Z</published>
<updated>2023-12-27T06:17:57.607Z</updated>
<content type="html"><![CDATA[<h1 id="Kubernetes"><a href="#Kubernetes" class="headerlink" title="Kubernetes"></a>Kubernetes</h1><h2 id="安装"><a href="#安装" class="headerlink" title="安装"></a>安装</h2><p>快速搭建学习环境<code>minikube</code></p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">curl</span> <span class="token parameter variable">-LO</span> https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64<span class="token function">sudo</span> <span class="token function">install</span> minikube-linux-amd64 /usr/local/bin/minikubeminikube start --kubernetes-version<span class="token operator">=</span>v1.23.3 --image-mirror-country<span class="token operator">=</span><span class="token string">'cn'</span> <span class="token parameter variable">--force</span>minikube kubectl -- version<span class="token function">vim</span> <span class="token function">nano</span> ~/.bashrc<span class="token builtin class-name">alias</span> <span class="token assign-left variable">kubectl</span><span class="token operator">=</span><span class="token string">"minikube kubectl --"</span><span class="token builtin class-name">source</span> ~/.bashrc<span class="token comment"># Minikube Dashboard对外暴露访问链接</span>kubectl proxy <span class="token parameter variable">--port</span><span class="token operator">=</span><span class="token number">8888</span> <span class="token parameter variable">--address</span><span class="token operator">=</span><span class="token string">'192.168.0.4'</span> --accept-hosts<span class="token operator">=</span><span class="token string">'^.*'</span> <span class="token operator">&</span>http://192.168.0.4:8888/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/<span class="token comment">#/overview?namespace=default</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="概念"><a href="#概念" class="headerlink" title="概念"></a>概念</h2><p>Kubernetes 是一个生产级别的容器编排平台和集群管理系统,能够创建、调度容器,监控、管理服务器。</p><p><img src="http://img.lunrry.top/img/202309061542907.png" alt="架构图"></p><center style="color:#C0C0C0">图1.Kubernetes架构图</center><h3 id="Master-里的组件"><a href="#Master-里的组件" class="headerlink" title="Master 里的组件"></a>Master 里的组件</h3><p><img src="http://img.lunrry.top/img/202309061542880.jpeg" alt="img"></p><center style="color:#C0C0C0">图2.master组件图</center><p><strong>apiserver</strong> 是 Master 节点——同时也是整个 Kubernetes 系统的唯一入口,它对外公开了一系列的 RESTful API,并且加上了验证、授权等功能,所有其他组件都只能和它直接通信,可以说是 Kubernetes 里的联络员。</p><p><strong>etcd</strong> 是一个高可用的分布式 Key-Value 数据库,用来持久化存储系统里的各种资源对象和状态,相当于 Kubernetes 里的配置管理员。注意它只与 apiserver 有直接联系,也就是说任何其他组件想要读写 etcd 里的数据都必须经过 apiserver。</p><p><strong>scheduler</strong> 负责容器的编排工作,检查节点的资源状态,把 Pod 调度到最适合的节点上运行,相当于部署人员。因为节点状态和 Pod 信息都存储在 etcd 里,所以 scheduler 必须通过 apiserver 才能获得。</p><p><strong>controller-manager</strong> 负责维护容器和节点等资源的状态,实现故障检测、服务迁移、应用伸缩等功能,相当于监控运维人员。同样地,它也必须通过 apiserver 获得存储在 etcd 里的信息,才能够实现对资源的各种操作。</p><h3 id="Node-里的组件"><a href="#Node-里的组件" class="headerlink" title="Node 里的组件"></a>Node 里的组件</h3><p><img src="http://img.lunrry.top/img/202309061542877.jpeg" alt="img"></p><center style="color:#C0C0C0">图3.node组件图</center><p><strong>kubelet</strong> 是 Node 的代理,负责管理 Node 相关的绝大部分操作,Node 上只有它能够与 apiserver 通信,实现状态报告、命令下发、启停容器等功能,相当于是 Node 上的一个“小管家”。</p><p><strong>kube-proxy</strong> 的作用有点特别,它是 Node 的网络代理,只负责管理容器的网络通信,简单来说就是为 Pod 转发 TCP/UDP 数据包,相当于是专职的“小邮差”。</p><p><strong>container-runtime</strong> 它是容器和镜像的实际使用者,在 kubelet 的指挥下创建容器,管理 Pod 的生命周期,是真正干活的“苦力”。</p><h3 id="Kubernetes工作流程"><a href="#Kubernetes工作流程" class="headerlink" title="Kubernetes工作流程"></a>Kubernetes工作流程</h3><ul><li>每个 Node 上的 kubelet 会定期向 apiserver 上报节点状态,apiserver 再存到 etcd 里。</li><li>每个 Node 上的 kube-proxy 实现了 TCP/UDP 反向代理,让容器对外提供稳定的服务。</li><li>scheduler 通过 apiserver 得到当前的节点状态,调度 Pod,然后 apiserver 下发命令给某个 Node 的 kubelet,kubelet 调用 container-runtime 启动容器。</li><li>controller-manager 也通过 apiserver 得到实时的节点状态,监控可能的异常情况,再使用相应的手段去调节恢复。</li></ul><p><img src="http://img.lunrry.top/img/202309061542906.png" alt="img"></p><center style="color:#C0C0C0">图4. Kubernetes工作流程图</center><h2 id="YAML"><a href="#YAML" class="headerlink" title="YAML"></a><a href="https://yaml.org/">YAML</a></h2><ul><li><p>使用空白与缩进表示层次(有点类似 Python),可以不使用花括号和方括号。</p></li><li><p>可以使用 # 书写注释,比起 JSON 是很大的改进。</p></li><li><p>对象(字典)的格式与 JSON 基本相同,但 Key 不需要使用双引号。</p></li><li><p>数组(列表)是使用 - 开头的清单形式(有点类似 MarkDown)。</p></li><li><p>表示对象的 : 和表示数组的 - 后面都必须要有空格。</p></li><li><p>可以使用 — 在一个文件里分隔多个 YAML 对象。</p></li></ul><p><img src="http://img.lunrry.top/img/202309061542055.jpeg" alt="img"></p><center style="color:#C0C0C0">图5. YAML语法基础知识点</center><h3 id="API对象"><a href="#API对象" class="headerlink" title="API对象"></a>API对象</h3><p>可以使用 <code>kubectl api-resources</code> 来查看当前 Kubernetes 版本支持的所有对象</p><p>目前的 Kubernetes 1.23 版本有 50 多种 API 对象,全面地描述了集群的节点、应用、配置、服务、账号等等信息,apiserver 会把它们都存储在数据库 etcd 里,然后 kubelet、scheduler、controller-manager 等组件通过 apiserver 来操作它们,就在 API 对象这个抽象层次实现了对整个集群的管理。</p><h3 id="如何描述-API-对象"><a href="#如何描述-API-对象" class="headerlink" title="如何描述 API 对象"></a>如何描述 API 对象</h3><p>首先是API对象的基本信息,有三个字段:apiVersion、kind、metadata</p><p><strong>apiVersion</strong> 表示操作这种资源的 API 版本号,由于 Kubernetes 的迭代速度很快,不同的版本创建的对象会有差异,为了区分这些版本就需要使用 apiVersion 这个字段,比如 v1、v1alpha1、v1beta1 等等。</p><p><strong>kind</strong> 表示资源对象的类型,这个应该很好理解,比如 Pod、Node、Job、Service 等等。</p><p><strong>metadata</strong> 这个字段顾名思义,表示的是资源的一些“元信息”,也就是用来标记对象,方便 Kubernetes 管理的一些信息。</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> Pod<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> ngx<span class="token punctuation">-</span>pod <span class="token key atrule">labels</span><span class="token punctuation">:</span> <span class="token key atrule">env</span><span class="token punctuation">:</span> demo <span class="token key atrule">owner</span><span class="token punctuation">:</span> chrono<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">image</span><span class="token punctuation">:</span> nginx<span class="token punctuation">:</span>alpine <span class="token key atrule">name</span><span class="token punctuation">:</span> ngx <span class="token key atrule">ports</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">containerPort</span><span class="token punctuation">:</span> <span class="token number">80</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>例:这份 YAML 文档完整地描述了一个类型是 Pod 的 API 对象,要求使用 v1 版本的 API 接口去管理,其他更具体的名称、标签、状态等细节都记录在了 metadata 和 spec 字段等里。</p><p>命令 <code>kubectl api-resources</code> 可以查看对象的 apiVersion 和 kind,命令 <code>kubectl explain</code> 可以查看对象字段的说明文档</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl explain podkubectl explain pod.metadatakubectl explain pod.speckubectl explain pod.spec.containers<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><h3 id="生成YAML-样板示例"><a href="#生成YAML-样板示例" class="headerlink" title="生成YAML 样板示例"></a>生成YAML 样板示例</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl run ngx <span class="token parameter variable">--image</span><span class="token operator">=</span>nginx:alpine --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>还可以把这段参数定义成 Shell 变量(名字任意,比如$do/$go,这里用的是$out),用起来会更省事,比如:</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">export</span> <span class="token assign-left variable">out</span><span class="token operator">=</span><span class="token string">"--dry-run=client -o yaml"</span>kubectl run ngx <span class="token parameter variable">--image</span><span class="token operator">=</span>nginx:alpine <span class="token variable">$out</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p>如果生成其他 YAML 样板文件的话不能使用 <code>kubectl run</code>,因为 <code>kubectl run</code> 只能创建 Pod,要创建 Pod 以外的其他 API 对象,需要使用命令 <code>kubectl create</code>,再加上对象的类型名。</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl create job echo-job <span class="token parameter variable">--image</span><span class="token operator">=</span>busybox --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h2 id="Pod"><a href="#Pod" class="headerlink" title="Pod"></a>Pod</h2><p>Pod 是 Kubernetes 的<code>核心对象</code>,还是应用调度部署的<code>最小单位</code></p><p><img src="http://img.lunrry.top/img/202309061542895.jpeg" alt="img"></p><center style="color:#C0C0C0">图6. Kubernetes 资源对象关系图</center><p>拷贝操作:如我有一个“a.txt”文件,那么就可以使用 <code>kubectl cp</code> 拷贝进 Pod 的“/tmp”目录里:</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">echo</span> <span class="token string">'aaa'</span> <span class="token operator">></span> a.txtkubectl <span class="token function">cp</span> a.txt ngx-pod:/tmp<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p>进入pod: <code>kubectl exec</code> 的命令格式与 Docker 有一点小差异,需要在 Pod 后面加上 <code>--</code>,把 kubectl 的命令与 Shell 命令分隔开</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl <span class="token builtin class-name">exec</span> <span class="token parameter variable">-it</span> ngx-pod -- <span class="token function">sh</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><blockquote><p>准确地说,<code>kubectl cp kubectl exec</code>操作的应该是Pod里的容器,需要用“-c”参数指定容器名,不过因为大多数Pod里只有一个容器,所以就省略了。</p></blockquote><h2 id="Job-CronJob"><a href="#Job-CronJob" class="headerlink" title="Job/CronJob"></a>Job/CronJob</h2><h3 id="Job"><a href="#Job" class="headerlink" title="Job"></a>Job</h3><p>先生成一个基本的Job对象</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> batch/v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> Job<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> echo<span class="token punctuation">-</span>job<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">template</span><span class="token punctuation">:</span> <span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">restartPolicy</span><span class="token punctuation">:</span> OnFailure <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">image</span><span class="token punctuation">:</span> busybox <span class="token key atrule">name</span><span class="token punctuation">:</span> echo<span class="token punctuation">-</span>job <span class="token key atrule">imagePullPolicy</span><span class="token punctuation">:</span> IfNotPresent <span class="token key atrule">command</span><span class="token punctuation">:</span> <span class="token punctuation">[</span><span class="token string">"/bin/echo"</span><span class="token punctuation">]</span> <span class="token key atrule">args</span><span class="token punctuation">:</span> <span class="token punctuation">[</span><span class="token string">"hello"</span><span class="token punctuation">,</span> <span class="token string">"world"</span><span class="token punctuation">]</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>在“spec”字段里,多了一个 <code>template</code> 字段,然后又是一个“spec”</p><p><code>template</code> 字段定义了一个“应用模板”,里面嵌入了一个 Pod,这样 Job 就可以从这个模板来创建出 Pod。</p><p>而这个 Pod 因为受 Job 的管理控制,不直接和 apiserver 打交道,也就没必要重复 apiVersion 等“头字段”,只需要定义好关键的 <code>spec</code>,描述清楚容器相关的信息就可以了,可以说是一个“无头”的 Pod 对象。</p><p><img src="http://img.lunrry.top/img/202309061546451.jpeg" alt="img"></p><center style="color:#C0C0C0">图7. Job YAML示意图</center><p>由于Job 业务的特殊性,所以我们还要在 <code>spec</code> 里多加一个字段 <code>restartPolicy</code>,确定 Pod 运行失败时的策略,``OnFailure<code>是失败原地重启容器,而</code>Never` 则是不重启容器,让 Job 去重新调度生成一个新的 Pod。</p><h3 id="CronJob"><a href="#CronJob" class="headerlink" title="CronJob"></a>CronJob</h3><p>使用命令 <code>kubectl create</code> 来创建 CronJob 的样板</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl create cj echo-cj <span class="token parameter variable">--image</span><span class="token operator">=</span>busybox <span class="token parameter variable">--schedule</span><span class="token operator">=</span><span class="token string">""</span> --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> batch/v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> CronJob<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> echo<span class="token punctuation">-</span>cj<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">schedule</span><span class="token punctuation">:</span> <span class="token string">'*/1 * * * *'</span> <span class="token key atrule">jobTemplate</span><span class="token punctuation">:</span> <span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">template</span><span class="token punctuation">:</span> <span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">restartPolicy</span><span class="token punctuation">:</span> OnFailure <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">image</span><span class="token punctuation">:</span> busybox <span class="token key atrule">name</span><span class="token punctuation">:</span> echo<span class="token punctuation">-</span>cj <span class="token key atrule">imagePullPolicy</span><span class="token punctuation">:</span> IfNotPresent <span class="token key atrule">command</span><span class="token punctuation">:</span> <span class="token punctuation">[</span><span class="token string">"/bin/echo"</span><span class="token punctuation">]</span> <span class="token key atrule">args</span><span class="token punctuation">:</span> <span class="token punctuation">[</span><span class="token string">"hello"</span><span class="token punctuation">,</span> <span class="token string">"world"</span><span class="token punctuation">]</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>我们还是重点关注它的 <code>spec</code> 字段,你会发现它居然连续有三个 spec 嵌套层次:</p><ul><li><p>第一个 spec 是 CronJob 自己的对象规格声明</p></li><li><p>第二个 spec 从属于“jobTemplate”,它定义了一个 Job 对象。</p></li><li><p>第三个 spec 从属于“template”,它定义了 Job 里运行的 Pod。</p></li></ul><p><img src="http://img.lunrry.top/img/202309061618265.jpeg" alt="img"></p><center style="color:#C0C0C0">图7. CronJob YAML示意图</center><h2 id="ConfigMap-Secret"><a href="#ConfigMap-Secret" class="headerlink" title="ConfigMap/Secret"></a>ConfigMap/Secret</h2><p>Kubernetes 里专门用来管理配置信息的两种对象:<code>ConfigMap</code> 和 <code>Secret</code>,使用它们来灵活地配置、定制应用。</p><p><strong>ConfigMap</strong>用来保存明文配置</p><p><strong>Secret</strong>用来保存秘密配置</p><h3 id="ConfigMap"><a href="#ConfigMap" class="headerlink" title="ConfigMap"></a>ConfigMap</h3><p>创建一个YAML 样板</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl create cm info --from-literal<span class="token operator">=</span>k<span class="token operator">=</span>v --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>因为在 ConfigMap 里的数据都是 <code>Key-Value</code> 结构,所以 ``–from-literal<code>参数需要使用</code>k=v` 的形式。</p><p>生成的YAML文件如下:</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1<span class="token key atrule">data</span><span class="token punctuation">:</span> <span class="token key atrule">k</span><span class="token punctuation">:</span> v<span class="token key atrule">kind</span><span class="token punctuation">:</span> ConfigMap<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">creationTimestamp</span><span class="token punctuation">:</span> <span class="token null important">null</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> info<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="Secret"><a href="#Secret" class="headerlink" title="Secret"></a>Secret</h3><ul><li>访问私有镜像仓库的认证信息</li><li>身份识别的凭证信息</li><li>HTTPS通信的证书和私钥</li><li>一般的机密信息(格式由用户自行解释)</li></ul><p>创建一个YAML 样板</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl create secret generic user --from-literal<span class="token operator">=</span>name<span class="token operator">=</span>root --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>生成的YAML文件如下:</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1<span class="token key atrule">data</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> cm9vdA==<span class="token key atrule">kind</span><span class="token punctuation">:</span> Secret<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">creationTimestamp</span><span class="token punctuation">:</span> <span class="token null important">null</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> user<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="ConfigMap-Secret的使用"><a href="#ConfigMap-Secret的使用" class="headerlink" title="ConfigMap/Secret的使用"></a>ConfigMap/Secret的使用</h3><p>因为 ConfigMap 和 Secret 只是一些存储在 etcd 里的字符串,所以如果想要在运行时产生效果,就必须要以某种方式“注入”到 Pod 里,让应用去读取。<code>环境变量</code>和``加载文件`</p><h4 id="以环境变量方式加载"><a href="#以环境变量方式加载" class="headerlink" title="以环境变量方式加载"></a>以环境变量方式加载</h4><p>YAML样板</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> Pod<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> env<span class="token punctuation">-</span>pod<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">env</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> COUNT <span class="token key atrule">valueFrom</span><span class="token punctuation">:</span> <span class="token key atrule">configMapKeyRef</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> info <span class="token key atrule">key</span><span class="token punctuation">:</span> count <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> GREETING <span class="token key atrule">valueFrom</span><span class="token punctuation">:</span> <span class="token key atrule">configMapKeyRef</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> info <span class="token key atrule">key</span><span class="token punctuation">:</span> greeting <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> USERNAME <span class="token key atrule">valueFrom</span><span class="token punctuation">:</span> <span class="token key atrule">secretKeyRef</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> user <span class="token key atrule">key</span><span class="token punctuation">:</span> name <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> PASSWORD <span class="token key atrule">valueFrom</span><span class="token punctuation">:</span> <span class="token key atrule">secretKeyRef</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> user <span class="token key atrule">key</span><span class="token punctuation">:</span> pwd <span class="token key atrule">image</span><span class="token punctuation">:</span> busybox <span class="token key atrule">name</span><span class="token punctuation">:</span> busy <span class="token key atrule">imagePullPolicy</span><span class="token punctuation">:</span> IfNotPresent <span class="token key atrule">command</span><span class="token punctuation">:</span> <span class="token punctuation">[</span><span class="token string">"/bin/sleep"</span><span class="token punctuation">,</span> <span class="token string">"300"</span><span class="token punctuation">]</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>这个 Pod 的名字是“env-pod”,镜像是“busybox”,执行命令 sleep 睡眠 300 秒。</p><p><code>env</code>字段里面定义了 4 个环境变量,<code>COUNT</code>、<code>GREETING</code>、<code>USERNAME</code>、<code>PASSWORD</code>。</p><p>对于明文配置数据, <code>COUNT、GREETING</code> 引用的是 <code>ConfigMap</code> 对象,所以使用字段<strong>configMapKeyRef</strong>,里面的“name”是 ConfigMap 对象的名字,也就是之前我们创建的“info”,而“key”字段分别是“info”对象里的 <code>count 和 greeting</code>。</p><p>对于机密配置数据, <code>USERNAME、PASSWORD</code> 引用的是 <code>Secret</code> 对象,要使用字段“<strong>secretKeyRef</strong>”,再用“name”指定 Secret 对象的名字 user,用“key”字段应用它里面的 <code>name 和 pwd</code> 。</p><p>用图解释为:</p><p><img src="http://img.lunrry.top/img/202309070945309.jpeg" alt="img"></p><center style="color:#C0C0C0">图8. 以环境变量方式加载ConfigMap/Secret示意图</center><h4 id="以-Volume-的方式使用-ConfigMap-Secret"><a href="#以-Volume-的方式使用-ConfigMap-Secret" class="headerlink" title="以 Volume 的方式使用 ConfigMap/Secret"></a>以 Volume 的方式使用 ConfigMap/Secret</h4><p>Kubernetes 为 Pod 定义了一个“Volume”的概念,可以翻译成是“存储卷”,我们可以为 Pod“挂载(mount)”多个 Volume,里面存放供 Pod 访问的数据。</p><p>在 Pod 里挂载 Volume 很容易,只需要在“spec”里增加一个“volumes”字段,然后再定义卷的名字和引用的 ConfigMap/Secret 就可以了。要注意的是 Volume 属于 Pod,不属于容器,所以它和字段“containers”是同级的,都属于“spec”。</p><p>例如:</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">volumes</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> cm<span class="token punctuation">-</span>vol <span class="token key atrule">configMap</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> info <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> sec<span class="token punctuation">-</span>vol <span class="token key atrule">secret</span><span class="token punctuation">:</span> <span class="token key atrule">secretName</span><span class="token punctuation">:</span> user<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>有了 Volume 的定义之后,就可以在容器里挂载了,这要用到“<strong>volumeMounts</strong>”字段,可以把定义好的 Volume 挂载到容器里的某个路径下,所以需要在里面用“<code>mountPath</code>”“<code>name</code>”明确地指定挂载路径和 Volume 的名字。</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">containers</span><span class="token punctuation">:</span><span class="token punctuation">-</span> <span class="token key atrule">volumeMounts</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">mountPath</span><span class="token punctuation">:</span> /tmp/cm<span class="token punctuation">-</span>items <span class="token key atrule">name</span><span class="token punctuation">:</span> cm<span class="token punctuation">-</span>vol <span class="token punctuation">-</span> <span class="token key atrule">mountPath</span><span class="token punctuation">:</span> /tmp/sec<span class="token punctuation">-</span>items <span class="token key atrule">name</span><span class="token punctuation">:</span> sec<span class="token punctuation">-</span>vol<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>把“<strong>volumes</strong>”和“<strong>volumeMounts</strong>”字段都写好之后,配置信息就可以加载成文件了。</p><p><img src="http://img.lunrry.top/img/202309070951707.jpeg" alt="img"></p><center style="color:#C0C0C0">图9. Volume引用示意图</center><h2 id="k8s初级篇思维导图"><a href="#k8s初级篇思维导图" class="headerlink" title="k8s初级篇思维导图"></a>k8s初级篇思维导图</h2><p><img src="http://img.lunrry.top/img/202309071013115.jpeg" alt="img"></p><center style="color:#C0C0C0">图10. k8s初级篇思维导图</center><h2 id="搭建正式k8s集群"><a href="#搭建正式k8s集群" class="headerlink" title="搭建正式k8s集群"></a>搭建正式k8s集群</h2><h3 id="准备工作"><a href="#准备工作" class="headerlink" title="准备工作"></a>准备工作</h3><ol><li>修改<code>/etc/hostname</code>文件,如 Master 节点就叫 master,Worker 节点就叫 worker。将主机信息添加到<code>/etc/hosts</code></li><li>安装docker</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">export</span> <span class="token assign-left variable">DOWNLOAD_URL</span><span class="token operator">=</span><span class="token string">"https://opentuna.cn/docker-ce"</span><span class="token function">curl</span> <span class="token parameter variable">-fsSL</span> https://get.docker.com/ <span class="token operator">|</span> <span class="token function">sh</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="3"><li>修改Docker配置文件</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cat</span> <span class="token operator"><<</span><span class="token string">EOF<span class="token bash punctuation"> <span class="token operator">|</span> <span class="token function">sudo</span> <span class="token function">tee</span> /etc/docker/daemon.json</span>{ "registry-mirrors": ["https://bn8vz9h9.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "storage-driver": "overlay2"}EOF</span><span class="token function">sudo</span> systemctl <span class="token builtin class-name">enable</span> <span class="token function">docker</span><span class="token function">sudo</span> systemctl daemon-reload<span class="token function">sudo</span> systemctl restart <span class="token function">docker</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="4"><li>为了让 Kubernetes 能够检查、转发网络流量,你需要修改 iptables 的配置,启用“br_netfilter”模块</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cat</span> <span class="token operator"><<</span><span class="token string">EOF<span class="token bash punctuation"> <span class="token operator">|</span> <span class="token function">sudo</span> <span class="token function">tee</span> /etc/modules-load.d/k8s.conf</span>br_netfilterEOF</span><span class="token function">cat</span> <span class="token operator"><<</span><span class="token string">EOF<span class="token bash punctuation"> <span class="token operator">|</span> <span class="token function">sudo</span> <span class="token function">tee</span> /etc/sysctl.d/k8s.conf</span>net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1net.ipv4.ip_forward=1 # better than modify /etc/sysctl.confEOF</span><span class="token function">sudo</span> <span class="token function">sysctl</span> <span class="token parameter variable">--system</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="5"><li>修改<code>/etc/fstab</code>,关闭 Linux 的 swap 分区,提升 Kubernetes 的性能</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">sudo</span> swapoff <span class="token parameter variable">-a</span><span class="token function">sudo</span> <span class="token function">sed</span> <span class="token parameter variable">-ri</span> <span class="token string">'/\sswap\s/s/^#?/#/'</span> /etc/fstab<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h3 id="安装-1"><a href="#安装-1" class="headerlink" title="安装"></a>安装</h3><p><strong>如未特别指定,所有主机都执行</strong></p><ol><li>更换阿里源</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cat</span> <span class="token operator">></span> /etc/yum.repos.d/kubernetes.repo <span class="token operator"><<</span><span class="token string">EOF[kubernetes]name=Kubernetesbaseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="2"><li>安装</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">yum <span class="token function">install</span> <span class="token parameter variable">-y</span> kubelet-1.23.3 kubeadm-1.23.3 kubectl-1.23.3<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="3"><li>锁定版本避免升级</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">yum <span class="token function">install</span> <span class="token parameter variable">-y</span> yum-versionlockyum versionlock <span class="token function">add</span> kubeadm kubelet kubectl<span class="token comment"># 锁定列表</span>yum versionlock list<span class="token comment"># 解除锁定</span>yum versionlock delete kubeadm kubelet kubectl<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="4"><li>国内环境使用下面方法先拉取镜像</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">curl</span> http://www.lunrry.top:99/p/pZySUHXiOb/pull_k8s.sh <span class="token operator">|</span> <span class="token function">bash</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="5"><li>初始化</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubeadm init --pod-network-cidr<span class="token operator">=</span><span class="token number">10.10</span>.0.0/16 --apiserver-advertise-address<span class="token operator">=</span><span class="token number">192.168</span>.0.4 --kubernetes-version<span class="token operator">=</span>v1.23.3<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li><code>--pod-network-cidr=10.10.0.0/16</code>: 此参数指定了 Pod 网络的 CIDR(Classless Inter-Domain Routing)地址范围。Pod 网络 CIDR 用于分配给 Kubernetes 集群内部的 Pod IP 地址。这个地址范围在您的集群内必须是唯一的。您可以根据需要自定义此地址范围。</li><li><code>--apiserver-advertise-address=192.168.10.210</code>: 此参数指定了 API Server(Kubernetes 控制平面的一部分)的地址。它告诉其他节点和组件如何访问 API Server。请将其替换为您主节点的实际 IP 地址。</li><li><code>--kubernetes-version=v1.23.3</code>: 此参数指定了要安装的 Kubernetes 版本。在这种情况下,它设置为 v1.23.3 版本。</li></ul><ol start="6"><li>保存<code>kubeadm join</code>开头的命令,节点加入集群需要用到,如下:</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubeadm <span class="token function">join</span> <span class="token number">192.168</span>.0.4:6443 <span class="token parameter variable">--token</span> 2lz1if.s9teyxxxxxxxxw1 <span class="token punctuation">\</span> --discovery-token-ca-cert-hash sha256:aaa1e19174bee94xxxxxxxxxxxxxxxx3214e5ce492b41f47fd39c56fc84cb2 <span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="7"><li>执行</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">mkdir</span> <span class="token parameter variable">-p</span> <span class="token environment constant">$HOME</span>/.kube<span class="token function">sudo</span> <span class="token function">cp</span> <span class="token parameter variable">-i</span> /etc/kubernetes/admin.conf <span class="token environment constant">$HOME</span>/.kube/config<span class="token function">sudo</span> <span class="token function">chown</span> <span class="token variable"><span class="token variable">$(</span><span class="token function">id</span> <span class="token parameter variable">-u</span><span class="token variable">)</span></span><span class="token builtin class-name">:</span><span class="token variable"><span class="token variable">$(</span><span class="token function">id</span> <span class="token parameter variable">-g</span><span class="token variable">)</span></span> <span class="token environment constant">$HOME</span>/.kube/config<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ol start="8"><li>配置Flannel网络(master)</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">wget</span> http://www.lunrry.top:99/p/Ydnp233Q0S/kube-flannel.ymlkubectl apply <span class="token parameter variable">-f</span> kube-flannel.ymlkubectl get <span class="token function">node</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><p>等待两三分钟,master节点状态变成<code>Ready</code></p><ol start="9"><li>在从节点上运行第<strong>6</strong>点保存的加入集群命令</li><li>测试一下</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># kubectl run ngx --image=nginx:alpine</span>pod/ngx created<span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># kubectl get pod -o wide</span>NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESngx <span class="token number">0</span>/1 ContainerCreating <span class="token number">0</span> 5s <span class="token operator"><</span>none<span class="token operator">></span> worker <span class="token operator"><</span>none<span class="token operator">></span> <span class="token operator"><</span>none<span class="token operator">></span><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># </span><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># kubectl get pod -o wide</span>NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESngx <span class="token number">1</span>/1 Running <span class="token number">0</span> 27s <span class="token number">10.10</span>.1.2 worker <span class="token operator"><</span>none<span class="token operator">></span> <span class="token operator"><</span>none<span class="token operator">></span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>搭建成功</p><h2 id="Deployment"><a href="#Deployment" class="headerlink" title="Deployment"></a>Deployment</h2><p>创建一个Deployment 样板</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl create deploy ngx-dep <span class="token parameter variable">--image</span><span class="token operator">=</span>nginx:alpine --dry-run<span class="token operator">=</span>client <span class="token parameter variable">-o</span> yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># kubectl create deploy ngx-dep --image=nginx:alpine --dry-run=client -o yaml</span><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> apps/v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> Deployment<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">creationTimestamp</span><span class="token punctuation">:</span> <span class="token null important">null</span> <span class="token key atrule">labels</span><span class="token punctuation">:</span> <span class="token key atrule">app</span><span class="token punctuation">:</span> ngx<span class="token punctuation">-</span>dep <span class="token key atrule">name</span><span class="token punctuation">:</span> ngx<span class="token punctuation">-</span>dep<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">replicas</span><span class="token punctuation">:</span> <span class="token number">1</span> <span class="token key atrule">selector</span><span class="token punctuation">:</span> <span class="token key atrule">matchLabels</span><span class="token punctuation">:</span> <span class="token key atrule">app</span><span class="token punctuation">:</span> ngx<span class="token punctuation">-</span>dep <span class="token key atrule">strategy</span><span class="token punctuation">:</span> <span class="token punctuation">{</span><span class="token punctuation">}</span> <span class="token key atrule">template</span><span class="token punctuation">:</span> <span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">creationTimestamp</span><span class="token punctuation">:</span> <span class="token null important">null</span> <span class="token key atrule">labels</span><span class="token punctuation">:</span> <span class="token key atrule">app</span><span class="token punctuation">:</span> ngx<span class="token punctuation">-</span>dep <span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">image</span><span class="token punctuation">:</span> nginx<span class="token punctuation">:</span>alpine <span class="token key atrule">name</span><span class="token punctuation">:</span> nginx <span class="token key atrule">resources</span><span class="token punctuation">:</span> <span class="token punctuation">{</span><span class="token punctuation">}</span><span class="token key atrule">status</span><span class="token punctuation">:</span> <span class="token punctuation">{</span><span class="token punctuation">}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="Deployment-的关键字段"><a href="#Deployment-的关键字段" class="headerlink" title="Deployment 的关键字段"></a>Deployment 的关键字段</h3><p><code>replicas</code> 字段。它的含义比较简单明了,就是“副本数量”的意思,指定要在 Kubernetes 集群里运行多少个 Pod 实例。</p><p><code>selector</code> 字段。它的作用是“筛选”出要被 Deployment 管理的 Pod 对象,下属字段“<code>matchLabels</code>”定义了 Pod 对象应该携带的 label,它必须和“template”里 Pod 定义的“<code>labels</code>”完全相同,否则 Deployment 就会找不到要控制的 Pod 对象,apiserver 也会告诉你 YAML 格式校验错误无法创建。</p><p>因此,为了保证 Deployment 成功创建,我们必须在 YAML 里把 label 重复写两次:一次是在“<code>selector.matchLabels</code>”,另一次是在“<code>template.matadata</code>”</p><p>利用下面的图进行理解:</p><p><img src="http://img.lunrry.top/img/202309071612189.jpeg" alt="img"></p><center style="color:#C0C0C0">图11. Deployment结构图</center><h3 id="使用-kubectl-操作-Deployment"><a href="#使用-kubectl-操作-Deployment" class="headerlink" title="使用 kubectl 操作 Deployment"></a>使用 kubectl 操作 Deployment</h3><ol><li>部署</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl apply <span class="token parameter variable">-f</span> deploy.yml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="2"><li>查看状态</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl get deploykubectl get pod<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="3"><li>扩容</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl scale <span class="token parameter variable">--replicas</span><span class="token operator">=</span><span class="token number">5</span> deploy ngx-dep<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>要注意, <code>kubectl scale</code> 是命令式操作,扩容和缩容只是临时的措施,如果应用需要长时间保持一个确定的 Pod 数量,最好还是编辑 Deployment 的 YAML 文件,改动“replicas”,再以声明式的 kubectl apply 修改对象的状态。</p><h2 id="Daemonset"><a href="#Daemonset" class="headerlink" title="Daemonset"></a>Daemonset</h2><h3 id="为什么要有-DaemonSet"><a href="#为什么要有-DaemonSet" class="headerlink" title="为什么要有 DaemonSet"></a>为什么要有 DaemonSet</h3><p>有一些业务比较特殊,它们不是完全独立于系统运行的,而是与主机存在“绑定”关系,必须要依附于节点才能产生价值,比如说:</p><ul><li>网络应用(如 kube-proxy),必须每个节点都运行一个 Pod,否则节点就无法加入 Kubernetes 网络。</li><li>监控应用(如 Prometheus),必须每个节点都有一个 Pod 用来监控节点的状态,实时上报信息。</li><li>日志应用(如 Fluentd),必须在每个节点上运行一个 Pod,才能够搜集容器运行时产生的日志数据。</li><li>安全应用,同样的,每个节点都要有一个 Pod 来执行安全审计、入侵检查、漏洞扫描等工作。</li></ul><p>DaemonSet 的目标是在集群的每个节点上运行且仅运行一个 Pod,就好像是为节点配上一只“看门狗”,忠实地“守护”着节点,这就是 DaemonSet 名字的由来。</p><h3 id="如何使用-YAML-描述-DaemonSet"><a href="#如何使用-YAML-描述-DaemonSet" class="headerlink" title="如何使用 YAML 描述 DaemonSet"></a>如何使用 YAML 描述 DaemonSet</h3><p>可以去<a href="https://kubernetes.io/zh/docs/concepts/workloads/controllers/daemonset/">Kubernetes 官网</a>找到一份DaemonSet的YAML样板</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> apps/v1<span class="token key atrule">kind</span><span class="token punctuation">:</span> DaemonSet<span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> fluentd<span class="token punctuation">-</span>elasticsearch <span class="token key atrule">namespace</span><span class="token punctuation">:</span> kube<span class="token punctuation">-</span>system <span class="token key atrule">labels</span><span class="token punctuation">:</span> <span class="token key atrule">k8s-app</span><span class="token punctuation">:</span> fluentd<span class="token punctuation">-</span>logging<span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">selector</span><span class="token punctuation">:</span> <span class="token key atrule">matchLabels</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> fluentd<span class="token punctuation">-</span>elasticsearch <span class="token key atrule">template</span><span class="token punctuation">:</span> <span class="token key atrule">metadata</span><span class="token punctuation">:</span> <span class="token key atrule">labels</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> fluentd<span class="token punctuation">-</span>elasticsearch <span class="token key atrule">spec</span><span class="token punctuation">:</span> <span class="token key atrule">tolerations</span><span class="token punctuation">:</span> <span class="token comment"># 这些容忍度设置是为了让该守护进程集在控制平面节点上运行</span> <span class="token comment"># 如果你不希望自己的控制平面节点运行 Pod,可以删除它们</span> <span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> node<span class="token punctuation">-</span>role.kubernetes.io/control<span class="token punctuation">-</span>plane <span class="token key atrule">operator</span><span class="token punctuation">:</span> Exists <span class="token key atrule">effect</span><span class="token punctuation">:</span> NoSchedule <span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> node<span class="token punctuation">-</span>role.kubernetes.io/master <span class="token key atrule">operator</span><span class="token punctuation">:</span> Exists <span class="token key atrule">effect</span><span class="token punctuation">:</span> NoSchedule <span class="token key atrule">containers</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> fluentd<span class="token punctuation">-</span>elasticsearch <span class="token key atrule">image</span><span class="token punctuation">:</span> quay.io/fluentd_elasticsearch/fluentd<span class="token punctuation">:</span>v2.5.2 <span class="token key atrule">resources</span><span class="token punctuation">:</span> <span class="token key atrule">limits</span><span class="token punctuation">:</span> <span class="token key atrule">memory</span><span class="token punctuation">:</span> 200Mi <span class="token key atrule">requests</span><span class="token punctuation">:</span> <span class="token key atrule">cpu</span><span class="token punctuation">:</span> 100m <span class="token key atrule">memory</span><span class="token punctuation">:</span> 200Mi <span class="token key atrule">volumeMounts</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> varlog <span class="token key atrule">mountPath</span><span class="token punctuation">:</span> /var/log <span class="token key atrule">terminationGracePeriodSeconds</span><span class="token punctuation">:</span> <span class="token number">30</span> <span class="token key atrule">volumes</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> varlog <span class="token key atrule">hostPath</span><span class="token punctuation">:</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> /var/log<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>DaemonSet 仅仅是在 Pod 的部署调度策略上和 Deployment 不同,其他的都是相同的,某种程度上我们也可以把 DaemonSet 看做是 Deployment 的一个特例</p><p><img src="http://img.lunrry.top/img/202309071636247.jpeg" alt="img"></p><center style="color:#C0C0C0">图11. DaemonSet与Deployment的差异图</center><h2 id="污点(taint)和容忍度(toleration)"><a href="#污点(taint)和容忍度(toleration)" class="headerlink" title="污点(taint)和容忍度(toleration)"></a>污点(taint)和容忍度(toleration)</h2><p>Kubernetes 在创建集群的时候会自动给节点 Node 加上一些“污点”,方便 Pod 的调度和部署。例如,可以使用<code>kubectl describe node</code>查看Master 和 Worker 的状态</p><p>Master 节点默认有一个 <code>taint</code>,名字是 <code>node-role.kubernetes.io/master</code>,它的效果是 <code>NoSchedule</code>,也就是说这个污点会拒绝 Pod 调度到本节点上运行,而 Worker 节点的 taint 字段则是空的。</p><h3 id="去掉taint-添加tolerations"><a href="#去掉taint-添加tolerations" class="headerlink" title="去掉taint/添加tolerations"></a>去掉taint/添加tolerations</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">kubectl taint <span class="token function">node</span> master node-role.kubernetes.io/master:NoSchedule-<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>这种方法修改的是 Node 的状态,影响面会比较大,可能会导致很多 Pod 都跑到这个节点上运行,所以我们可以保留 Node 的“污点”,为需要的 Pod 添加“容忍度”,只让某些 Pod 运行在个别节点上,实现“精细化”调度。</p><p>–</p><p>tolerations 是一个数组,里面可以列出多个被“容忍”的“污点”,需要写清楚“污点”的名字、效果。比较特别是要用 operator 字段指定如何匹配“污点”,一般我们都使用 Exists,也就是说存在这个名字和效果的“污点”。</p><p>如果我们想让 DaemonSet 里的 Pod 能够在 Master 节点上运行,就要写出这样的一个 tolerations,容忍节点的 node-role.kubernetes.io/master:NoSchedule 这个污点:</p><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token key atrule">tolerations</span><span class="token punctuation">:</span><span class="token punctuation">-</span> <span class="token key atrule">key</span><span class="token punctuation">:</span> node<span class="token punctuation">-</span>role.kubernetes.io/master <span class="token key atrule">effect</span><span class="token punctuation">:</span> NoSchedule <span class="token key atrule">operator</span><span class="token punctuation">:</span> Exists<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><p>详细可以查看<a href="https://kubernetes.io/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/">官方文档</a></p><h2 id="Service"><a href="#Service" class="headerlink" title="Service"></a>Service</h2>]]></content>
<summary type="html"><h1 id="Kubernetes"><a href="#Kubernetes" class="headerlink" title="Kubernetes"></a>Kubernetes</h1><h2 id="安装"><a href="#安装" class="headerli</summary>
<category term="k8s" scheme="https://lunrry.github.io/categories/k8s/"/>
<category term="k8s" scheme="https://lunrry.github.io/tags/k8s/"/>
</entry>
<entry>
<title>Dockerfile构建kkFileView应用</title>
<link href="https://lunrry.github.io/posts/438ffc78/"/>
<id>https://lunrry.github.io/posts/438ffc78/</id>
<published>2023-08-22T05:54:04.000Z</published>
<updated>2023-09-25T08:18:44.562Z</updated>
<content type="html"><![CDATA[<h2 id=""><a href="#" class="headerlink" title=""></a></h2>]]></content>
<summary type="html"><h2 id=""><a href="#" class="headerlink" title=""></a></h2></summary>
<category term="Docker" scheme="https://lunrry.github.io/categories/Docker/"/>
</entry>
<entry>
<title>mysql8常用命令</title>
<link href="https://lunrry.github.io/posts/d032354a/"/>
<id>https://lunrry.github.io/posts/d032354a/</id>
<published>2023-08-17T08:04:07.000Z</published>
<updated>2023-09-25T08:18:44.565Z</updated>
<content type="html"><![CDATA[<h2 id="创建用户并授权"><a href="#创建用户并授权" class="headerlink" title="创建用户并授权"></a>创建用户并授权</h2><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">#显示创建用户的验证条件SHOW VARIABLES LIKE 'validate_password%';<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">#创建用户CREATE USER '用户名'@'%或者IP' IDENTIFIED BY '密码';<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql"># 授权某个用户所有数据库所有权限GRANT ALL PRIVILEGES ON *.* TO "用户名"@"IP/localhost/%"# 授予某个用户所有数据库读权限GRANT SELECT ON *.* TO '用户名'@'%或者IP' ;# 授予某个用户某个数据库写权限GRANT INSERT ON `数据库名`.* TO '用户名'@'%或者IP';<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ul><li><strong>ALL PRIVILEGES:</strong> 所有权限</li><li><strong>INSERT:</strong> 允许用户插入权限</li><li><strong>SELECT:</strong> 允许用户读权限.</li><li><strong>UPDATE:</strong> 允许用户更新权限</li><li><strong>CREATE:</strong> 允许用户创建表和数据库权限</li><li><strong>DELETE:</strong> 允许用户删除表中的行数据权限</li><li><strong>DROP:</strong> 允许用户删除数据库和表权限</li></ul><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql"># 刷新权限flush privileges;<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql"># 显示所有权限SHOW GRANTS FOR '用户名'@'%或者IP';# 删除某个权限REVOKE SELECT ON *.* FROM '用户名'@'%或者IP';# 删除用户DROP USER '用户名'@'%或者IP';<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="创建用户并授权"><a href="#创建用户并授权" class="headerlink" title="创建用户并授权"></a>创建用户并授权</h2><pre class="line-numbers language-mysql" data-languag</summary>
<category term="Mysql" scheme="https://lunrry.github.io/categories/Mysql/"/>
</entry>
<entry>
<title>nginx编译报错解决办法</title>
<link href="https://lunrry.github.io/posts/f1fcef01/"/>
<id>https://lunrry.github.io/posts/f1fcef01/</id>
<published>2023-08-16T07:03:09.000Z</published>
<updated>2023-09-25T08:18:44.566Z</updated>
<content type="html"><![CDATA[<h2 id="报错"><a href="#报错" class="headerlink" title="报错"></a>报错</h2><p>编译安装nginx执行<code>make</code>命令时报错</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">/home/app/fastdfs/fastdfs-nginx-module-1.22/src/common.c:903:42: error: ‘%s’ directive output may be truncated writing up to <span class="token number">510</span> bytes into a region of size between <span class="token number">111</span> and <span class="token number">127</span> <span class="token punctuation">[</span>-Werror<span class="token operator">=</span>format-truncation<span class="token operator">=</span><span class="token punctuation">]</span> <span class="token number">902</span> <span class="token operator">|</span> file_id_without_group <span class="token operator">=</span> uri + <span class="token number">1</span><span class="token punctuation">;</span> //skip / <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <span class="token number">903</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s/%s"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~/home/app/fastdfs/fastdfs-nginx-module-1.22/src/common.c:903:3: note: ‘snprintf’ output between <span class="token number">2</span> and <span class="token number">528</span> bytes into a destination of size <span class="token number">128</span> <span class="token number">903</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s/%s"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ <span class="token number">904</span> <span class="token operator">|</span> my_group_name, file_id_without_group<span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/home/app/fastdfs/fastdfs-nginx-module-1.22/src/common.c:857:39: error: ‘%s’ directive output may be truncated writing up to <span class="token number">510</span> bytes into a region of size <span class="token number">128</span> <span class="token punctuation">[</span>-Werror<span class="token operator">=</span>format-truncation<span class="token operator">=</span><span class="token punctuation">]</span> <span class="token number">857</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s"</span>, uri + <span class="token number">1</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~/home/app/fastdfs/fastdfs-nginx-module-1.22/src/common.c:857:3: note: ‘snprintf’ output between <span class="token number">1</span> and <span class="token number">511</span> bytes into a destination of size <span class="token number">128</span> <span class="token number">857</span> <span class="token operator">|</span> snprintf<span class="token punctuation">(</span>file_id, sizeof<span class="token punctuation">(</span>file_id<span class="token punctuation">)</span>, <span class="token string">"%s"</span>, uri + <span class="token number">1</span><span class="token punctuation">)</span><span class="token punctuation">;</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~cc <span class="token parameter variable">-o</span> objs/ngx_http_image_filter_module.so <span class="token punctuation">\</span>objs/src/http/modules/ngx_http_image_filter_module.o <span class="token punctuation">\</span>objs/ngx_http_image_filter_module_modules.o <span class="token punctuation">\</span><span class="token parameter variable">-lgd</span> <span class="token punctuation">\</span><span class="token parameter variable">-shared</span>cc1: all warnings being treated as errorsmake<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: *** <span class="token punctuation">[</span>objs/Makefile:1840:objs/addon/src/ngx_http_fastdfs_module.o<span class="token punctuation">]</span> 错误 <span class="token number">1</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: 离开目录“/home/app/fastdfs/nginx-1.22.0”make: *** <span class="token punctuation">[</span>Makefile:10:build<span class="token punctuation">]</span> 错误 <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="原因:"><a href="#原因:" class="headerlink" title="原因:"></a>原因:</h2><p>在编译 fastdfs-nginx-module 模块的过程中,common.c文件中的一个printf语句可能会导致字符串截断,从而触发了编译器的警告并以错误退出。</p><h2 id="解决方法:"><a href="#解决方法:" class="headerlink" title="解决方法:"></a>解决方法:</h2><p>更换gcc版本,由于我安装的gcc版本为10.2但是fastdfs-nginx-module-1.22模块版本较老,代码的格式字符串与传入参数类型不匹配造成的。</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># 安装centos-release-scl</span>yum <span class="token function">install</span> centos-release-scl-rh<span class="token comment"># 安装devtoolset</span>yum <span class="token function">install</span> devtoolset-7-gcc devtoolset-7-gcc-c++<span class="token comment"># 查看已安装的gcc版本</span>scl <span class="token parameter variable">-l</span><span class="token comment"># 切换到gcc-7.0</span>scl <span class="token builtin class-name">enable</span> devtoolset-7 <span class="token function">bash</span><span class="token comment"># 编译完成后退出当前scl bash环境,恢复成系统bash环境</span><span class="token builtin class-name">exit</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="报错"><a href="#报错" class="headerlink" title="报错"></a>报错</h2><p>编译安装nginx执行<code>make</code>命令时报错</p>
<pre class="line-numbers languag</summary>
<category term="Nginx" scheme="https://lunrry.github.io/categories/Nginx/"/>
<category term="nginx" scheme="https://lunrry.github.io/tags/nginx/"/>
</entry>
<entry>
<title>华为云单位一体化部署</title>
<link href="https://lunrry.github.io/posts/e56e8083/"/>
<id>https://lunrry.github.io/posts/e56e8083/</id>
<published>2023-08-09T09:28:32.000Z</published>
<updated>2023-09-25T08:18:44.567Z</updated>
<content type="html"><![CDATA[<h2 id="操作系统"><a href="#操作系统" class="headerlink" title="操作系统"></a>操作系统</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token assign-left variable">NAME</span><span class="token operator">=</span><span class="token string">"openEuler"</span><span class="token assign-left variable">VERSION</span><span class="token operator">=</span><span class="token string">"20.03 (LTS)"</span><span class="token assign-left variable">ID</span><span class="token operator">=</span><span class="token string">"openEuler"</span><span class="token assign-left variable">VERSION_ID</span><span class="token operator">=</span><span class="token string">"20.03"</span><span class="token assign-left variable">PRETTY_NAME</span><span class="token operator">=</span><span class="token string">"openEuler 20.03 (LTS)"</span><span class="token assign-left variable">ANSI_COLOR</span><span class="token operator">=</span><span class="token string">"0;31"</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="安装准备"><a href="#安装准备" class="headerlink" title="安装准备"></a>安装准备</h2><p>设置软件源</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /etc/yum.repos.d/<span class="token function">wget</span> <span class="token parameter variable">-O</span> /etc/yum.repos.d/openEulerOS.repo https://repo.huaweicloud.com/repository/conf/openeuler_aarch64.repoyum clean allyum makecache<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><p>安装基础软件包</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">yum <span class="token parameter variable">-y</span> <span class="token function">install</span> gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 <span class="token operator">&&</span> yum <span class="token parameter variable">-y</span> <span class="token function">install</span> libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel <span class="token function">bzip2</span> bzip2-devel ncurses ncurses-devel <span class="token function">curl</span> <span class="token operator">&&</span> yum <span class="token parameter variable">-y</span> <span class="token function">install</span> curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-developenssl openssl-devel openldap openldap-devel <span class="token operator">&&</span> yum <span class="token parameter variable">-y</span> <span class="token function">install</span> nss_ldap openldap-clients openldap-servers fontconfig* php-gd zlib* <span class="token function">wget</span> <span class="token function">lsof</span> <span class="token function">zip</span> <span class="token function">unzip</span> openssh-clients <span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h2 id="安装ansible"><a href="#安装ansible" class="headerlink" title="安装ansible"></a>安装ansible</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">yum <span class="token function">install</span> ansible<span class="token punctuation">[</span>root@IC21-01-011 yum.repos.d<span class="token punctuation">]</span><span class="token comment"># ansible --version</span>ansible <span class="token number">2.8</span>.5 config <span class="token function">file</span> <span class="token operator">=</span> /etc/ansible/ansible.cfg configured module search path <span class="token operator">=</span> <span class="token punctuation">[</span>u<span class="token string">'/root/.ansible/plugins/modules'</span>, u<span class="token string">'/usr/share/ansible/plugins/modules'</span><span class="token punctuation">]</span> ansible python module location <span class="token operator">=</span> /usr/lib/python2.7/site-packages/ansible executable location <span class="token operator">=</span> /usr/bin/ansible python version <span class="token operator">=</span> <span class="token number">2.7</span>.16 <span class="token punctuation">(</span>default, Mar <span class="token number">23</span> <span class="token number">2020</span>, <span class="token number">19</span>:07:51<span class="token punctuation">)</span> <span class="token punctuation">[</span>GCC <span class="token number">7.3</span>.0<span class="token punctuation">]</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="编译nginx一直找不到pcre相关文件"><a href="#编译nginx一直找不到pcre相关文件" class="headerlink" title="编译nginx一直找不到pcre相关文件"></a>编译nginx一直找不到pcre相关文件</h2><p>报错部分如下:</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">/home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_regex.c:454: undefined reference to <span class="token variable"><span class="token variable">`</span>pcre_free_study'/usr/bin/ld: objs/addon/src/ngx_http_lua_regex.o: <span class="token keyword">in</span> <span class="token keyword">function</span> <span class="token variable">`</span></span>ngx_http_lua_ffi_pcre_version<span class="token string">':/home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_regex.c:588: undefined reference to `pcre_version'</span>/usr/bin/ld: objs/addon/src/ngx_http_lua_pcrefix.o: <span class="token keyword">in</span> <span class="token keyword">function</span> <span class="token variable"><span class="token variable">`</span>ngx_http_lua_pcre_malloc_init':/home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:63: undefined reference to <span class="token variable">`</span></span>pcre_malloc<span class="token string">'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:63: undefined reference to `pcre_malloc'</span>/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:70: undefined reference to <span class="token variable"><span class="token variable">`</span>pcre_free'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:70: undefined reference to <span class="token variable">`</span></span>pcre_free<span class="token string">'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:72: undefined reference to `pcre_malloc'</span>/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:72: undefined reference to <span class="token variable"><span class="token variable">`</span>pcre_malloc'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:73: undefined reference to <span class="token variable">`</span></span>pcre_free<span class="token string">'/usr/bin/ld: objs/addon/src/ngx_http_lua_pcrefix.o: in function `ngx_http_lua_pcre_malloc_done'</span><span class="token builtin class-name">:</span>/home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:99: undefined reference to <span class="token variable"><span class="token variable">`</span>pcre_malloc'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:99: undefined reference to <span class="token variable">`</span></span>pcre_malloc<span class="token string">'/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:100: undefined reference to `pcre_free'</span>/usr/bin/ld: /home/app/nginx/lua-nginx-module-0.10.20/src/ngx_http_lua_pcrefix.c:100: undefined reference to `pcre_free'collect2: 错误:ld 返回 <span class="token number">1</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: *** <span class="token punctuation">[</span>objs/Makefile:411:objs/nginx<span class="token punctuation">]</span> 错误 <span class="token number">1</span>make<span class="token punctuation">[</span><span class="token number">1</span><span class="token punctuation">]</span>: 离开目录“/home/app/nginx/nginx-1.22.0”make: *** <span class="token punctuation">[</span>Makefile:10:build<span class="token punctuation">]</span> 错误 <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="解决方法:"><a href="#解决方法:" class="headerlink" title="解决方法:"></a>解决方法:</h3><ul><li><p>下载<a href="https://sourceforge.net/projects/pcre/files/pcre/">PCRE</a>,目前最新版本为8.45</p></li><li><p>解压<code>tar -xf pcre-8.45.tar.gz</code></p></li><li><p>运行 <code>chmod -R 777 /pcre-8.45</code> 对当前文件夹授予全部读写权限</p></li><li><p>切换到<code>/pcre-8.45</code>目录下,运行 <code>./configure</code> 进行pcre初始化配置</p></li><li><p>执行<code>make && make install</code>操作,进行编译安装</p></li></ul><h2 id="安装完成后运行nginx-v报错"><a href="#安装完成后运行nginx-v报错" class="headerlink" title="安装完成后运行nginx -v报错"></a>安装完成后运行nginx -v报错</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 nginx-1.22.0<span class="token punctuation">]</span><span class="token comment"># nginx -v</span>nginx: error <span class="token keyword">while</span> loading shared libraries: libluajit-5.1.so.2: cannot <span class="token function">open</span> shared object file: No such <span class="token function">file</span> or directory<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h3 id="解决方案:"><a href="#解决方案:" class="headerlink" title="解决方案:"></a>解决方案:</h3><ul><li><p>查找本地libluajit-5.1.so.2共享库文件</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">find</span> / <span class="token parameter variable">-name</span> libluajit-5.1.so.2<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre></li><li><p>如果找到此文件</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cp</span> /文件路径/libluajit-5.1.so.2 /usr/local/lib/<span class="token builtin class-name">echo</span> <span class="token string">"/usr/local/lib"</span> <span class="token operator">>></span>/etc/ld.so.conf/sbin/ldconfig<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre></li><li><p>找不到此文件则安装(至少LuaJIT-2.1.0版本才支持arm架构)</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">wget</span> https://luajit.org/download/LuaJIT-2.1.0-beta3.tar.gz<span class="token function">tar</span> <span class="token parameter variable">-zxf</span> LuaJIT-2.1.0-beta3.tar.gz<span class="token builtin class-name">cd</span> LuaJIT-2.1.0-beta3<span class="token function">make</span> <span class="token operator">&&</span> <span class="token function">make</span> <span class="token function">install</span>/sbin/ldconfig<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><p><code>/etc/profile</code> 文件末尾加入环境变量</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">export</span> <span class="token assign-left variable">LUAJIT_LIB</span><span class="token operator">=</span>/usr/local/LuaJIT/lib<span class="token builtin class-name">export</span> <span class="token assign-left variable">LUAJIT_INC</span><span class="token operator">=</span>/usr/local/LuaJIT/include/luajit-2.1<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p><code>source /etc/profile</code>刷新变量</p></li></ul><h2 id="启动nginx报错"><a href="#启动nginx报错" class="headerlink" title="启动nginx报错"></a>启动nginx报错</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 ~<span class="token punctuation">]</span><span class="token comment"># nginx</span>nginx: <span class="token punctuation">[</span>alert<span class="token punctuation">]</span> detected a LuaJIT version <span class="token function">which</span> is not OpenResty<span class="token string">'s; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty'</span>s LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html<span class="token punctuation">)</span>nginx: <span class="token punctuation">[</span>alert<span class="token punctuation">]</span> failed to load the <span class="token string">'resty.core'</span> module <span class="token punctuation">(</span>https://github.com/openresty/lua-resty-core<span class="token punctuation">)</span><span class="token punctuation">;</span> ensure you are using an OpenResty release from https://openresty.org/en/download.html <span class="token punctuation">(</span>reason: module <span class="token string">'resty.core'</span> not found: no field package.preload<span class="token punctuation">[</span><span class="token string">'resty.core'</span><span class="token punctuation">]</span> no <span class="token function">file</span> <span class="token string">'./resty/core.lua'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/share/luajit-2.1.0-beta3/resty/core.lua'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/share/lua/5.1/resty/core.lua'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/share/lua/5.1/resty/core/init.lua'</span> no <span class="token function">file</span> <span class="token string">'./resty/core.so'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/lib/lua/5.1/resty/core.so'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/lib/lua/5.1/loadall.so'</span> no <span class="token function">file</span> <span class="token string">'./resty.so'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/lib/lua/5.1/resty.so'</span> no <span class="token function">file</span> <span class="token string">'/usr/local/lib/lua/5.1/loadall.so'</span><span class="token punctuation">)</span> <span class="token keyword">in</span> /etc/nginx/nginx.conf:117<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="原因:"><a href="#原因:" class="headerlink" title="原因:"></a>原因:</h3><p>lua-nginx-module版本不对</p><h3 id="解决方案:-1"><a href="#解决方案:-1" class="headerlink" title="解决方案:"></a>解决方案:</h3><ul><li>将lua-nginx-module版本从0.10.20换到0.10.14解决</li></ul><h2 id="测试fdfs报错"><a href="#测试fdfs报错" class="headerlink" title="测试fdfs报错"></a>测试fdfs报错</h2><p>使用第三种方案解决问题</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">11</span>:49:34<span class="token punctuation">]</span> ERROR - file: shared_func.c, line: <span class="token number">1073</span>, <span class="token function">stat</span> /etc/fdfs/mod_fastdfs.conf fail, errno: <span class="token number">13</span>, error info: Permission denied<span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">11</span>:49:34<span class="token punctuation">]</span> ERROR - file: /home/app/nginx/fastdfs-nginx-module-1.22/src/common.c, line: <span class="token number">163</span>, load conf <span class="token function">file</span> <span class="token string">"/etc/fdfs/mod_fastdfs.conf"</span> fail, ret code: <span class="token number">13</span><span class="token number">2023</span>/08/02 <span class="token number">11</span>:49:34 <span class="token punctuation">[</span>alert<span class="token punctuation">]</span> <span class="token number">3619370</span><span class="token comment">#3619370: worker process 3619372 exited with fatal code 2 and cannot be respawned</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><p>体现在运行nginx只有一个master进程,请求页面卡死,日志报上面错误</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 ~<span class="token punctuation">]</span><span class="token comment"># ps -ef|grep nginx</span>root <span class="token number">1714195</span> <span class="token number">1</span> <span class="token number">0</span> 09:34 ? 00:00:00 nginx: master process nginxroot <span class="token number">1714545</span> <span class="token number">1574945</span> <span class="token number">0</span> 09:34 pts/0 00:00:00 <span class="token function">grep</span> <span class="token parameter variable">--color</span><span class="token operator">=</span>auto nginx<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ol><li>尝试给予文件权限,设置为644,无法解决</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: /home/app/fdfs/fastdfs-nginx-module-1.22/src/common.c, line: <span class="token number">163</span>, load conf <span class="token function">file</span> <span class="token string">"/etc/fdfs/mod_fastdfs.conf"</span> fail, ret code: <span class="token number">13</span><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: /home/app/fdfs/fastdfs-nginx-module-1.22/src/common.c, line: <span class="token number">163</span>, load conf <span class="token function">file</span> <span class="token string">"/etc/fdfs/mod_fastdfs.conf"</span> fail, ret code: <span class="token number">13</span><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: /home/app/fdfs/fastdfs-nginx-module-1.22/src/common.c, line: <span class="token number">163</span>, load conf <span class="token function">file</span> <span class="token string">"/etc/fdfs/mod_fastdfs.conf"</span> fail, ret code: <span class="token number">13</span>ngx_http_fastdfs_process_init <span class="token assign-left variable">pid</span><span class="token operator">=</span><span class="token number">1486980</span>ngx_http_fastdfs_process_init <span class="token assign-left variable">pid</span><span class="token operator">=</span><span class="token number">1486981</span>ngx_http_fastdfs_process_init <span class="token assign-left variable">pid</span><span class="token operator">=</span><span class="token number">1486982</span>ngx_http_fastdfs_process_init <span class="token assign-left variable">pid</span><span class="token operator">=</span><span class="token number">1486983</span>ngx_http_fastdfs_process_init <span class="token assign-left variable">pid</span><span class="token operator">=</span><span class="token number">1486984</span><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: shared_func.c, line: <span class="token number">1073</span>, <span class="token function">stat</span> /etc/fdfs/mod_fastdfs.conf fail, errno: <span class="token number">13</span>, error info: Permission denied<span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: /home/app/fdfs/fastdfs-nginx-module-1.22/src/common.c, line: <span class="token number">163</span>, load conf <span class="token function">file</span> <span class="token string">"/etc/fdfs/mod_fastdfs.conf"</span> fail, ret code: <span class="token number">13</span><span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: shared_func.c, line: <span class="token number">1073</span>, <span class="token function">stat</span> /etc/fdfs/mod_fastdfs.conf fail, errno: <span class="token number">13</span>, error info: Permission denied<span class="token punctuation">[</span><span class="token number">2023</span>-08-02 <span class="token number">17</span>:46:34<span class="token punctuation">]</span> ERROR - file: shared_func.c, line: <span class="token number">1073</span>, <span class="token function">stat</span> /etc/fdfs/mod_fastdfs.conf fail, errno: <span class="token number">13</span>, error info: Permission denied<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="2"><li>更换为fastdfs-nginx-module-1.23,make报错</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">In <span class="token function">file</span> included from /home/app/fdfs/fastdfs-nginx-module-1.23/src/ngx_http_fastdfs_module.c:6:/home/app/fdfs/fastdfs-nginx-module-1.23/src/common.c: 在函数‘fdfs_mod_init’中:/home/app/fdfs/fastdfs-nginx-module-1.23/src/common.c:230:2: 错误:‘SF_G_CONNECT_TIMEOUT’ undeclared <span class="token punctuation">(</span>first use <span class="token keyword">in</span> this <span class="token keyword">function</span><span class="token punctuation">)</span><span class="token punctuation">;</span> did you mean ‘DEFAULT_CONNECT_TIMEOUT’? <span class="token number">230</span> <span class="token operator">|</span> SF_G_CONNECT_TIMEOUT <span class="token operator">=</span> iniGetIntValue<span class="token punctuation">(</span>NULL, <span class="token string">"connect_timeout"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~ <span class="token operator">|</span> DEFAULT_CONNECT_TIMEOUT/home/app/fdfs/fastdfs-nginx-module-1.23/src/common.c:230:2: 附注:每个未声明的标识符在其出现的函数内只报告一次/home/app/fdfs/fastdfs-nginx-module-1.23/src/common.c:237:2: 错误:‘SF_G_NETWORK_TIMEOUT’ undeclared <span class="token punctuation">(</span>first use <span class="token keyword">in</span> this <span class="token keyword">function</span><span class="token punctuation">)</span><span class="token punctuation">;</span> did you mean ‘DEFAULT_NETWORK_TIMEOUT’? <span class="token number">237</span> <span class="token operator">|</span> SF_G_NETWORK_TIMEOUT <span class="token operator">=</span> iniGetIntValue<span class="token punctuation">(</span>NULL, <span class="token string">"network_timeout"</span>, <span class="token punctuation">\</span> <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~~~ <span class="token operator">|</span> DEFAULT_NETWORK_TIMEOUTcc <span class="token parameter variable">-o</span> objs/ngx_stream_geoip_module.so <span class="token punctuation">\</span>objs/src/stream/ngx_stream_geoip_module.o <span class="token punctuation">\</span>objs/ngx_stream_geoip_module_modules.o <span class="token punctuation">\</span>-L/usr/local/luajit/lib <span class="token parameter variable">-lGeoIP</span> <span class="token punctuation">\</span><span class="token parameter variable">-shared</span>/home/app/fdfs/fastdfs-nginx-module-1.23/src/common.c:376:3: 错误:‘SF_G_BASE_PATH_STR’未声明<span class="token punctuation">(</span>在此函数内第一次使用<span class="token punctuation">)</span> <span class="token number">376</span> <span class="token operator">|</span> SF_G_BASE_PATH_STR, url_have_group_name, buff, <span class="token operator">|</span> ^~~~~~~~~~~~~~~~~~<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="3"><li>未更改fdfs版本,更改nginx执行用户解决问题(只能使用root用户启动nginx,在其他服务器上未出现此问题,目前原因不明)</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment">#原先</span><span class="token comment">##yum安装的情况</span> user nginx<span class="token punctuation">;</span><span class="token comment">##传统方式安装的情况</span> <span class="token comment">#user nobody;</span><span class="token comment">#修改成</span>user root<span class="token punctuation">;</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 ~<span class="token punctuation">]</span><span class="token comment"># curl 127.0.0.1</span><span class="token operator"><</span><span class="token operator">!</span>DOCTYPE html<span class="token operator">></span><span class="token operator"><</span>html<span class="token operator">></span><span class="token operator"><</span>head<span class="token operator">></span><span class="token operator"><</span>title<span class="token operator">></span>Welcome to nginx<span class="token operator">!</span><span class="token operator"><</span>/title<span class="token operator">></span><span class="token operator"><</span>style<span class="token operator">></span>html <span class="token punctuation">{</span> color-scheme: light dark<span class="token punctuation">;</span> <span class="token punctuation">}</span>body <span class="token punctuation">{</span> width: 35em<span class="token punctuation">;</span> margin: <span class="token number">0</span> auto<span class="token punctuation">;</span>font-family: Tahoma, Verdana, Arial, sans-serif<span class="token punctuation">;</span> <span class="token punctuation">}</span><span class="token operator"><</span>/style<span class="token operator">></span><span class="token operator"><</span>/head<span class="token operator">></span><span class="token operator"><</span>body<span class="token operator">></span><span class="token operator"><</span>h<span class="token operator"><span class="token file-descriptor important">1</span>></span>Welcome to nginx<span class="token operator">!</span><span class="token operator"><</span>/h<span class="token operator"><span class="token file-descriptor important">1</span>></span><span class="token operator"><</span>p<span class="token operator">></span>If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.<span class="token operator"><</span>/p<span class="token operator">></span><span class="token operator"><</span>p<span class="token operator">></span>For online documentation and support please refer to<span class="token operator"><</span>a <span class="token assign-left variable">href</span><span class="token operator">=</span><span class="token string">"http://nginx.org/"</span><span class="token operator">></span>nginx.org<span class="token operator"><</span>/a<span class="token operator">></span>.<span class="token operator"><</span>br/<span class="token operator">></span>Commercial support is available at<span class="token operator"><</span>a <span class="token assign-left variable">href</span><span class="token operator">=</span><span class="token string">"http://nginx.com/"</span><span class="token operator">></span>nginx.com<span class="token operator"><</span>/a<span class="token operator">></span>.<span class="token operator"><</span>/p<span class="token operator">></span><span class="token operator"><</span>p<span class="token operator">></span><span class="token operator"><</span>em<span class="token operator">></span>Thank you <span class="token keyword">for</span> using nginx.<span class="token operator"><</span>/em<span class="token operator">></span><span class="token operator"><</span>/p<span class="token operator">></span><span class="token operator"><</span>/body<span class="token operator">></span><span class="token operator"><</span>/html<span class="token operator">></span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>此时nginx进程正常</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 ~<span class="token punctuation">]</span><span class="token comment"># ps -ef|grep nginx</span>root <span class="token number">1714195</span> <span class="token number">1</span> <span class="token number">0</span> 09:34 ? 00:00:00 nginx: master process nginxroot <span class="token number">1717445</span> <span class="token number">1714195</span> <span class="token number">0</span> 09:34 ? 00:00:00 nginx: worker processroot <span class="token number">1746686</span> <span class="token number">1574945</span> <span class="token number">0</span> 09:39 pts/0 00:00:00 <span class="token function">grep</span> <span class="token parameter variable">--color</span><span class="token operator">=</span>auto nginx<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><h2 id="启动tomcat报错"><a href="#启动tomcat报错" class="headerlink" title="启动tomcat报错"></a>启动tomcat报错</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>cswebsite<span class="token punctuation">]</span> <span class="token operator">|</span> <span class="token number">2023</span>-08-04 09:12:47 <span class="token operator">|</span> ERROR <span class="token operator">|</span> Connection failure occurred. Restarting subscription task after <span class="token number">5000</span> ms <span class="token operator">|</span> Caller+0 at org.springframework.data.redis.listener.RedisMessageListenerContainer.handleSubscriptionException<span class="token punctuation">(</span>RedisMessageListenerContainer.java:647<span class="token punctuation">)</span><span class="token punctuation">[</span>cswebsite<span class="token punctuation">]</span> <span class="token operator">|</span> <span class="token number">2023</span>-08-04 09:12:52 <span class="token operator">|</span> ERROR <span class="token operator">|</span> Connection failure occurred. Restarting subscription task after <span class="token number">5000</span> ms <span class="token operator">|</span> Caller+0 at org.springframework.data.redis.listener.RedisMessageListenerContainer.handleSubscriptionException<span class="token punctuation">(</span>RedisMessageListenerContainer.java:647<span class="token punctuation">)</span><span class="token number">2023</span>-08-04 09:12:54.676 INFO net.spy.memcached.MemcachedConnection: Reconnecting due to failure to connect to <span class="token punctuation">{</span>QA <span class="token assign-left variable">sa</span><span class="token operator">=</span>/172.23.129.99:11211, <span class="token comment">#Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0}</span>java.net.ConnectException: 连接超时 at sun.nio.ch.SocketChannelImpl.checkConnect<span class="token punctuation">(</span>Native Method<span class="token punctuation">)</span> at sun.nio.ch.SocketChannelImpl.finishConnect<span class="token punctuation">(</span>SocketChannelImpl.java:715<span class="token punctuation">)</span> at net.spy.memcached.MemcachedConnection.handleIO<span class="token punctuation">(</span>MemcachedConnection.java:691<span class="token punctuation">)</span> at net.spy.memcached.MemcachedConnection.handleIO<span class="token punctuation">(</span>MemcachedConnection.java:450<span class="token punctuation">)</span> at net.spy.memcached.MemcachedConnection.run<span class="token punctuation">(</span>MemcachedConnection.java:1457<span class="token punctuation">)</span><span class="token number">2023</span>-08-04 09:12:54.677 WARN net.spy.memcached.MemcachedConnection: Closing, and reopening <span class="token punctuation">{</span>QA <span class="token assign-left variable">sa</span><span class="token operator">=</span>/172.23.129.99:11211, <span class="token comment">#Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0}, attempt 1.</span><span class="token number">2023</span>-08-04 09:12:54.679 INFO net.spy.memcached.MemcachedConnection: Reconnecting due to failure to connect to <span class="token punctuation">{</span>QA <span class="token assign-left variable">sa</span><span class="token operator">=</span>/172.23.129.97:11211, <span class="token comment">#Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="原因:-1"><a href="#原因:-1" class="headerlink" title="原因:"></a>原因:</h3><p>redis连接错误,可能是无法连接,memcached连接错误,连接超时</p><h3 id="解决方案:-2"><a href="#解决方案:-2" class="headerlink" title="解决方案:"></a>解决方案:</h3><ul><li>redis在arm架构上的bug</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token number">2733828</span>:M 04 Aug <span class="token number">2023</span> 09:50:38.796 <span class="token comment"># Server initialized</span><span class="token number">2733828</span>:M 04 Aug <span class="token number">2023</span> 09:50:38.796 <span class="token comment"># WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.</span><span class="token number">2733828</span>:M 04 Aug <span class="token number">2023</span> 09:50:38.948 <span class="token comment"># WARNING Your kernel has a bug that could lead to data corruption during background save. Please upgrade to the latest stable kernel.</span><span class="token number">2733828</span>:M 04 Aug <span class="token number">2023</span> 09:50:38.948 <span class="token comment"># Redis will now exit to prevent data corruption. Note that it is possible to suppress this warning by setting the following config: ignore-warnings ARM64-COW-BUG</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><p>在配置文件redis.conf添加<code>ignore-warnings ARM64-COW-BUG</code></p><ul><li>ping报错</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 bin<span class="token punctuation">]</span><span class="token comment"># ./redis-cli </span><span class="token number">127.0</span>.0.1:637<span class="token operator"><span class="token file-descriptor important">9</span>></span> <span class="token function">ping</span><span class="token punctuation">(</span>error<span class="token punctuation">)</span> NOAUTH Authentication required.<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><p>启动时设置密码<code>./redis-cli -h 127.0.0.1 -p 6379 -a yourpassword</code></p><ul><li>memcached连接错误</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token number">2023</span>-08-04 09:12:54.676 INFO net.spy.memcached.MemcachedConnection: Reconnecting due to failure to connect to <span class="token punctuation">{</span>QA <span class="token assign-left variable">sa</span><span class="token operator">=</span>/172.23.129.99:11211, <span class="token comment">#Rops=0, #Wops=0, #iq=0, topRop=null, topWop=null, toWrite=0, interested=0}</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>从上面可以看到无法连接到<code>172.23.129.99:11211</code>,使用<code>grep</code>去查找tomcat的文件,哪里涉及到memcached的地址</p><p><code>grep -r "172.23.129.99" /home/data/tomcat</code>在配置文件中查找到,更改为memcached服务的地址</p><h2 id="为域名配置的证书不被信任"><a href="#为域名配置的证书不被信任" class="headerlink" title="为域名配置的证书不被信任"></a>为域名配置的证书不被信任</h2><p>描述如下:使用openssl生成的证书,不被浏览器信任。访问域名报错:1、ERR_CERT_AUTHORITY_INVALID</p><p>2、Subject Alternative Name missing</p><h3 id="解决方案:-3"><a href="#解决方案:-3" class="headerlink" title="解决方案:"></a>解决方案:</h3><p>高版本的Chrome需要验证SAN,使用<a href="https://github.com/FiloSottile/mkcert/releases">mkcert</a>生成证书</p><ul><li>在软件所在位置打开<code>cmd</code></li></ul><p><code>mkcert-v1.4.4-windows-amd64.exe www.example.com localhost 127.0.0.1 ::1 172.16.3.50</code></p><ul><li>同时也配置了本地dns(c:\windows\system32\drivers\etc\hosts)文件</li></ul><p><code>172.16.3.50 www.example.com</code></p><ul><li>执行</li></ul><p><code>mkcert-v1.4.4-windows-amd64.exe -install</code></p><ul><li>将生成的证书拷贝到nginx目录下,修改nginx配置文件</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">server<span class="token punctuation">{</span> listen <span class="token number">80</span><span class="token punctuation">;</span> listen <span class="token number">443</span> ssl<span class="token punctuation">;</span> server_name www.example.com<span class="token punctuation">;</span> proxy_http_version <span class="token number">1.1</span><span class="token punctuation">;</span> proxy_set_header Connection <span class="token string">""</span><span class="token punctuation">;</span> ssl_certificate /etc/nginx/ssl/www.example.com+4.pem<span class="token punctuation">;</span> ssl_certificate_key /etc/nginx/ssl/www.example.com+4-key.pem<span class="token punctuation">;</span><span class="token punctuation">}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ul><li><code>nginx -s reload</code>重启nginx</li></ul><h2 id="数据库连接错误"><a href="#数据库连接错误" class="headerlink" title="数据库连接错误"></a>数据库连接错误</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">Tue Aug 08 <span class="token number">10</span>:36:11 CST <span class="token number">2023</span> WARN: Establishing SSL connection without server<span class="token string">'s identity verification is not recommended. According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default if explicit option isn'</span>t set. For compliance with existing applications not using SSL the verifyServerCertificate property is <span class="token builtin class-name">set</span> to <span class="token string">'false'</span><span class="token builtin class-name">.</span> You need either to explicitly disable SSL by setting <span class="token assign-left variable">useSSL</span><span class="token operator">=</span>false, or <span class="token builtin class-name">set</span> <span class="token assign-left variable">useSSL</span><span class="token operator">=</span>true and provide truststore <span class="token keyword">for</span> server certificate verification.<span class="token punctuation">[</span>cswebsite<span class="token punctuation">]</span> <span class="token operator">|</span> <span class="token number">2023</span>-08-08 <span class="token number">10</span>:36:11 <span class="token operator">|</span> ERROR <span class="token operator">|</span> <span class="token punctuation">{</span>url<span class="token operator">=</span>jdbc:mysql://172.21.49.96:3306/basedate?useUnicode<span class="token operator">=</span>true<span class="token operator">&</span>amp<span class="token punctuation">;</span><span class="token assign-left variable">characterEncoding</span><span class="token operator">=</span>UTF-8, <span class="token assign-left variable">validationQuery</span><span class="token operator">=</span>SELECT <span class="token number">1</span>, <span class="token assign-left variable">maxIdle</span><span class="token operator">=</span><span class="token number">5</span>, <span class="token assign-left variable">maxActive</span><span class="token operator">=</span><span class="token number">80</span>, <span class="token assign-left variable">driverClassName</span><span class="token operator">=</span>com.mysql.jdbc.Driver, <span class="token assign-left variable">maxWait</span><span class="token operator">=</span><span class="token number">100</span>, <span class="token assign-left variable">testWhileIdle</span><span class="token operator">=</span>true, <span class="token assign-left variable">removeAbandoned</span><span class="token operator">=</span>true, <span class="token assign-left variable">username</span><span class="token operator">=</span>root, <span class="token assign-left variable">logAbandoned</span><span class="token operator">=</span>true, <span class="token assign-left variable">removeAbandonedTimeout</span><span class="token operator">=</span><span class="token number">180</span>, <span class="token assign-left variable">password</span><span class="token operator">=</span>password, <span class="token assign-left variable">testOnBorrow</span><span class="token operator">=</span>true, <span class="token assign-left variable">initialSize</span><span class="token operator">=</span><span class="token number">5</span><span class="token punctuation">}</span> <span class="token operator">|</span> Caller+0 at org.guzz.connection.DBCPDataSourceProvider.configure<span class="token punctuation">(</span>DBCPDataSourceProvider.java:77<span class="token punctuation">)</span>org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory <span class="token punctuation">(</span>Public Key Retrieval is not allowed<span class="token punctuation">)</span><span class="token punctuation">[</span>cswebsite<span class="token punctuation">]</span> <span class="token operator">|</span> <span class="token number">2023</span>-08-08 <span class="token number">13</span>:48:54 <span class="token operator">|</span> ERROR <span class="token operator">|</span> 消息记录保存失败,该异常被忽略: <span class="token assign-left variable">mssage</span><span class="token operator">=</span>org.guzz.exception.DaoException:master datasource failed. <span class="token operator">|</span> Caller+0 at com.gmsoft.access.defimpl.DefaultAccessRecordMessageListener.onMessage<span class="token punctuation">(</span>DefaultAccessRecordMessageListener.java:44<span class="token punctuation">)</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="原因:-2"><a href="#原因:-2" class="headerlink" title="原因:"></a>原因:</h3><p>原因是主数据源(master datasource)出现了错误。确保数据库服务器运行并可访问:在命令行中尝试使用 <code>ping</code> 命令或其他网络工具,确保你能够从应用程序所在的服务器访问数据库服务器。例如:<code>ping hostname</code> 或 <code>telnet hostname port</code>。</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@IC21-01-011 classes<span class="token punctuation">]</span><span class="token comment"># telnet 172.21.49.96 3306</span>Trying <span class="token number">172.21</span>.49.96<span class="token punctuation">..</span>.Connected to <span class="token number">172.21</span>.49.96.Escape character is <span class="token string">'^]'</span><span class="token builtin class-name">.</span>J<span class="token number">8.0</span>.19gJ+Z C9s<span class="token operator">!</span><span class="token operator">|</span>p`<span class="token punctuation">[</span><span class="token punctuation">)</span><span class="token punctuation">[</span>B<span class="token punctuation">}</span>lcaching_sha2_password<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>我们可以看到数据库服务器返回了一些字符,而不是一个预期的 MySQL 服务标识(如 “MySQL” 或 “Welcome to the MySQL server”)。这可能意味着 MySQL 服务器设置了某些安全特性或其他配置,导致在 telnet 连接时看到了不同的响应。在上面可以看到<code>caching_sha2_password</code>,这是MySQL 8.0 引入的一种加密认证插件。确保连接客户端(例如 Java 应用程序)支持这个认证插件,或者尝试在 MySQL 服务器上更改用户的认证插件。因为客户端以前使用的是mysql5.x,因此可能是认证插件不适配。</p><h3 id="解决方案:-4"><a href="#解决方案:-4" class="headerlink" title="解决方案:"></a>解决方案:</h3><ul><li>使用root用户登陆到mysql服务器</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">mysql <span class="token parameter variable">-uroot</span> <span class="token parameter variable">-p</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>查看用户的认证插件</li></ul><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">SELECT user, host, plugin FROM mysql.user WHERE plugin = 'caching_sha2_password';<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>更改用户认证插件</li></ul><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">ALTER USER 'username'@'host' IDENTIFIED WITH 'mysql_native_password' BY 'password';<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>刷新权限</li></ul><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">FLUSH PRIVILEGES;<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h2 id="启动tomcat报错-1"><a href="#启动tomcat报错-1" class="headerlink" title="启动tomcat报错"></a>启动tomcat报错</h2><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">ERROR <span class="token operator">|</span> SubscriptionTask aborted with exception: <span class="token operator">|</span> Caller+0 at org.springframework.data.redis.listener.RedisMessageListenerContainer.handleSubscriptionException<span class="token punctuation">(</span>RedisMessageListenerContainer.java:652<span class="token punctuation">)</span>org.springframework.dao.InvalidDataAccessApiUsageException: NOAUTH Authentication required.<span class="token punctuation">;</span> nested exception is redis.clients.jedis.exceptions.JedisDataException: NOAUTH Authentication required. at org.springframework.data.redis.connection.jedis.JedisExceptionConverter.convert<span class="token punctuation">(</span>JedisExceptionConverter.java:64<span class="token punctuation">)</span> ~<span class="token punctuation">[</span>spring-data-redis-1.8.23.RELEASE.jar:na<span class="token punctuation">]</span> at org.springframework.data.redis.connection.jedis.JedisExceptionConverter.convert<span class="token punctuation">(</span>JedisExceptionConverter.java:41<span class="token punctuation">)</span> ~<span class="token punctuation">[</span>spring-data-redis-1.8.23.RELEASE.jar:na<span class="token punctuation">]</span> at <span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="原因:-3"><a href="#原因:-3" class="headerlink" title="原因:"></a>原因:</h3><p><code>NOAUTH Authentication required</code>表明在使用 Spring Data Redis 进行订阅操作时发生了问题。错误原因是由于 Redis 服务器要求进行身份验证,但连接没有提供正确的身份验证信息。</p><h3 id="解决方案:-5"><a href="#解决方案:-5" class="headerlink" title="解决方案:"></a>解决方案:</h3><p>更改配置文件,提供redis服务密码</p>]]></content>
<summary type="html"><h2 id="操作系统"><a href="#操作系统" class="headerlink" title="操作系统"></a>操作系统</h2><pre class="line-numbers language-bash" data-language="bash"><cod</summary>
<category term="Linux" scheme="https://lunrry.github.io/categories/Linux/"/>
<category term="linux" scheme="https://lunrry.github.io/tags/linux/"/>
<category term="arm64" scheme="https://lunrry.github.io/tags/arm64/"/>
</entry>
<entry>
<title>solr9.x版本集群部署方案</title>
<link href="https://lunrry.github.io/posts/64e2185c/"/>
<id>https://lunrry.github.io/posts/64e2185c/</id>
<published>2023-07-27T06:04:08.000Z</published>
<updated>2023-09-25T08:18:44.566Z</updated>
<content type="html"><![CDATA[<h2 id="系统环境"><a href="#系统环境" class="headerlink" title="系统环境"></a>系统环境</h2><p><code>CentOS Linux release 7.9.2009(Core) Linux 3.10.0-1160.90.1.e7 x86_64</code></p><table><thead><tr><th>序号</th><th>IP地址</th><th>HostName</th></tr></thead><tbody><tr><td>1</td><td>192.168.0.4</td><td>node1</td></tr><tr><td>2</td><td>192.168.0.5</td><td>node2</td></tr><tr><td>3</td><td>192.168.0.6</td><td>node3</td></tr></tbody></table><h2 id="安装包准备"><a href="#安装包准备" class="headerlink" title="安装包准备"></a>安装包准备</h2><table><thead><tr><th>安装包名称</th><th>版本号</th><th>说明</th></tr></thead><tbody><tr><td>jdk-11.0.11.tar.gz</td><td>11.0.11+9-LTS-194</td><td>Apache Solr9.x要求JDK的版本最低为11,可以是openjdk</td></tr><tr><td>solr-9.3.0.tgz</td><td>9.3.0</td><td>基于Apache Lucene搜索服务器</td></tr><tr><td>ik-analyzer-8.5.0.jar</td><td>8.5.0</td><td>IK中文分词器</td></tr><tr><td>apache-zookeeper-3.7.1-bin.tar.gz</td><td>3.7.1</td><td></td></tr></tbody></table><h2 id="安装前准备"><a href="#安装前准备" class="headerlink" title="安装前准备"></a>安装前准备</h2><h3 id="修改主机名和hosts文件(每台主机分别执行)"><a href="#修改主机名和hosts文件(每台主机分别执行)" class="headerlink" title="修改主机名和hosts文件(每台主机分别执行)"></a>修改主机名和hosts文件(每台主机分别执行)</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">hostnamectl set-hostname node1hostnamectl set-hostname node2hostnamectl set-hostname node3<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><h3 id="修改hosts文件(每台主机都执行)"><a href="#修改hosts文件(每台主机都执行)" class="headerlink" title="修改hosts文件(每台主机都执行)"></a>修改hosts文件(每台主机都执行)</h3><p>添加机器IP与主机名映射</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">sudo</span> <span class="token function">cat</span> <span class="token operator"><<</span><span class="token string">EOF<span class="token bash punctuation"> <span class="token operator">>></span> /etc/hosts</span>192.168.0.4 node1192.168.0.5 node2192.168.0.6 node3EOF</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="免密登陆(每台主机都执行)"><a href="#免密登陆(每台主机都执行)" class="headerlink" title="免密登陆(每台主机都执行)"></a>免密登陆(每台主机都执行)</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment">## 生成密钥对 一路回车即可</span>ssh-keygen <span class="token parameter variable">-t</span> rsa<span class="token comment">## 进入.ssh目录,如果目录不存在则创建</span><span class="token comment">## 将公钥导入至authorized_keys</span><span class="token comment">## 修改文件权限</span><span class="token builtin class-name">cd</span> ~/.ssh <span class="token punctuation">;</span> <span class="token function">cat</span> id_rsa.pub <span class="token operator">>></span> authorized_keys <span class="token punctuation">;</span> <span class="token function">chmod</span> <span class="token number">700</span> ~/.ssh <span class="token punctuation">;</span> <span class="token function">chmod</span> <span class="token number">600</span> authorized_keys<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="配置主从互相免密登陆(主节点执行)"><a href="#配置主从互相免密登陆(主节点执行)" class="headerlink" title="配置主从互相免密登陆(主节点执行)"></a>配置主从互相免密登陆(主节点执行)</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cat</span> ~/.ssh/id_rsa.pub <span class="token operator">|</span> <span class="token function">ssh</span> root@node1 <span class="token string">'cat - >> ~/.ssh/authorized_keys'</span><span class="token function">cat</span> ~/.ssh/id_rsa.pub <span class="token operator">|</span> <span class="token function">ssh</span> root@node2 <span class="token string">'cat - >> ~/.ssh/authorized_keys'</span><span class="token function">cat</span> ~/.ssh/id_rsa.pub <span class="token operator">|</span> <span class="token function">ssh</span> root@node3 <span class="token string">'cat - >> ~/.ssh/authorized_keys'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><h2 id="软件安装"><a href="#软件安装" class="headerlink" title="软件安装"></a>软件安装</h2><h3 id="部署JDK11"><a href="#部署JDK11" class="headerlink" title="部署JDK11"></a>部署JDK11</h3><h4 id="1-上传服务器并解压"><a href="#1-上传服务器并解压" class="headerlink" title="1. 上传服务器并解压"></a>1. 上传服务器并解压</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@node1 ~<span class="token punctuation">]</span> <span class="token function">sudo</span> <span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /usr/java<span class="token punctuation">;</span> <span class="token builtin class-name">cd</span> /usr/java<span class="token punctuation">[</span>root@node1 java<span class="token punctuation">]</span> <span class="token function">tar</span> <span class="token parameter variable">-xzf</span> jdk-11.0.11.tar.gz <span class="token parameter variable">-C</span> /usr/java <span class="token parameter variable">--transform</span><span class="token operator">=</span><span class="token string">'s/jdk-11.0.11/jdk11/'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h4 id="2-分发JDK到其他服务器"><a href="#2-分发JDK到其他服务器" class="headerlink" title="2. 分发JDK到其他服务器"></a>2. 分发JDK到其他服务器</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">'mkdir -p /usr/java/jdk11'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> ./jdk11/* root@node2:/usr/java/jdk11<span class="token function">ssh</span> root@node3 <span class="token string">'mkdir -p /usr/java/jdk11'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> ./jdk11/* root@node3:/usr/java/jdk11<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><h4 id="3-配置环境变量-node1-2-3"><a href="#3-配置环境变量-node1-2-3" class="headerlink" title="3. 配置环境变量(node1.2.3)"></a>3. 配置环境变量(node1.2.3)</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node1 <span class="token string">'cat <<EOF >> /etc/profileexport JAVA_HOME=/usr/java/jdk11export JAVA_BIN=/usr/java/jdk11/binexport PATH=\$PATH:\$JAVA_HOME/binexport CLASSPATH=\$JAVA_HOME/libEOF'</span><span class="token comment"># 无法通过此命令刷新环境变量,需要去相应node手动执行source /etc/profile</span><span class="token function">ssh</span> root@node1 <span class="token string">'source /etc/profile'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="部署zk集群"><a href="#部署zk集群" class="headerlink" title="部署zk集群"></a>部署zk集群</h3><p><em>(主节点执行)</em></p><h4 id="1-解压安装包"><a href="#1-解压安装包" class="headerlink" title="1. 解压安装包"></a>1. 解压安装包</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /opt<span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /opt/zk <span class="token punctuation">;</span> <span class="token function">tar</span> <span class="token parameter variable">-xzf</span> ./apache-zookeeper-3.7.1-bin.tar.gz <span class="token parameter variable">-C</span> /opt/zk/<span class="token builtin class-name">cd</span> /opt/zk/apache-zookeeper-3.7.1-bin <span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><h4 id="2-配置环境变量-node1-2-3"><a href="#2-配置环境变量-node1-2-3" class="headerlink" title="2. 配置环境变量(node1.2.3)"></a>2. 配置环境变量(node1.2.3)</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node1 <span class="token string">'cat <<EOF >> /etc/profile#Zookeeperexport ZOOKEEPER_HOME=/opt/zk/apache-zookeeper-3.7.1-binexport PATH=\$PATH:\$ZOOKEEPER_HOME/binEOF'</span><span class="token function">ssh</span> root@node1 <span class="token string">'source /etc/profile'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h4 id="3-配置zookeeper"><a href="#3-配置zookeeper" class="headerlink" title="3. 配置zookeeper"></a>3. 配置zookeeper</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@node1 apache-zookeeper-3.7.1-bin<span class="token punctuation">]</span> <span class="token function">mkdir</span> zkData <span class="token punctuation">;</span> <span class="token builtin class-name">cd</span> conf <span class="token punctuation">;</span> <span class="token function">cp</span> ./zoo_sample.cfg ./zoo.cfg<span class="token function">sed</span> <span class="token parameter variable">-i</span> <span class="token string">'s#dataDir=/tmp/zookeeper#dataDir=/opt/zk/apache-zookeeper-3.7.1-bin/zkData#'</span> /opt/zk/apache-zookeeper-3.7.1-bin/conf/zoo.cfg<span class="token function">cat</span> <span class="token operator"><<</span><span class="token string">EOF<span class="token bash punctuation"> <span class="token operator">>></span> /opt/zk/apache-zookeeper-3.7.1-bin/conf/zoo.cfg</span>#添加集群中其他节点的信息server.1=node1:2888:3888server.2=node2:2888:3888server.3=node3:2888:3888# 指定允许管理员在solr Admin管理画面上查看Zookeeper的状态数据4lw.commands.whitelist=mntr,conf,ruokautopurge.snapRetainCount=3autopurge.purgeInterval=1EOF</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h4 id="4-在zkData目录生成myid文件"><a href="#4-在zkData目录生成myid文件" class="headerlink" title="4. 在zkData目录生成myid文件"></a>4. 在zkData目录生成myid文件</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">echo</span> <span class="token string">'1'</span> <span class="token operator">>></span> /opt/zk/apache-zookeeper-3.7.1-bin/zkData/myid<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p><em>(node2上部署Zookeeper,在node1操作)</em></p><h4 id="1-分发zk到node2"><a href="#1-分发zk到node2" class="headerlink" title="1. 分发zk到node2"></a>1. 分发zk到node2</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">'mkdir -p /opt/zk'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> /opt/zk/apache-zookeeper-3.7.1-bin/ root@node2:/opt/zk/apache-zookeeper-3.7.1-bin<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h4 id="2-修改myid"><a href="#2-修改myid" class="headerlink" title="2. 修改myid"></a>2. 修改myid</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">"echo '2' > /opt/zk/apache-zookeeper-3.7.1-bin/zkData/myid"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p><em>(node3上部署Zookeeper,node1操作)</em></p><h4 id="1-分发zk到node3"><a href="#1-分发zk到node3" class="headerlink" title="1. 分发zk到node3"></a>1. 分发zk到node3</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node3 <span class="token string">'mkdir -p /opt/zk'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> /opt/zk/apache-zookeeper-3.7.1-bin/ root@node3:/opt/zk/apache-zookeeper-3.7.1-bin<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h4 id="2-修改myid-1"><a href="#2-修改myid-1" class="headerlink" title="2. 修改myid"></a>2. 修改myid</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node3 <span class="token string">"echo '3' > /opt/zk/apache-zookeeper-3.7.1-bin/zkData/myid"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="部署Apache-Solr集群"><a href="#部署Apache-Solr集群" class="headerlink" title="部署Apache Solr集群"></a>部署Apache Solr集群</h3><h4 id="1-解压安装包-1"><a href="#1-解压安装包-1" class="headerlink" title="1. 解压安装包"></a>1. 解压安装包</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /opt<span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /opt/solr <span class="token punctuation">;</span> <span class="token function">tar</span> <span class="token parameter variable">-xzf</span> ./solr-9.3.0.tgz <span class="token parameter variable">-C</span> /opt/solr/<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h4 id="2-配置环境变量-node1"><a href="#2-配置环境变量-node1" class="headerlink" title="2. 配置环境变量(node1)"></a>2. 配置环境变量(node1)</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node1 <span class="token string">'cat <<EOF >> /opt/solr/solr-9.3.0/bin/solr.in.shZK_HOST="node1:2181,node2:2181,node3:2181"ZK_CLIENT_TIMEOUT="30000"SOLR_HOST="node1"SOLR_PORT=8983SOLR_HOME="/opt/solr/solr-9.3.0"EOF'</span><span class="token function">ssh</span> root@node1 <span class="token string">'cat <<EOF >> /opt/solr/solr-9.3.0/bin/solrSOLR_JAVA_HOME="/usr/java/jdk11"SOLR_JETTY_HOST="192.168.0.4"EOF'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h4 id="3-安装IK-Analyzer中文分词器"><a href="#3-安装IK-Analyzer中文分词器" class="headerlink" title="3. 安装IK-Analyzer中文分词器"></a>3. 安装IK-Analyzer中文分词器</h4><p>将ik-analyzer-8.5.0.jar上传到/opt/solr/solr-9.3.0/server/solr-webapp/webapp/WEB-INF/lib/目录下</p><h4 id="4-将solr安装目录同步到node2节点上"><a href="#4-将solr安装目录同步到node2节点上" class="headerlink" title="4. 将solr安装目录同步到node2节点上"></a>4. 将solr安装目录同步到node2节点上</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">'mkdir -p /opt/solr'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> /opt/solr/solr-9.3.0 root@node2:/opt/solr/solr-9.3.0<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p>修改IP</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">"sudo sed -i 's/SOLR_JETTY_HOST=<span class="token entity" title="\"">\"</span>192.168.0.4<span class="token entity" title="\"">\"</span>/SOLR_JETTY_HOST=<span class="token entity" title="\"">\"</span>192.168.0.5<span class="token entity" title="\"">\"</span>/' /opt/solr/solr-9.3.0/bin/solr"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>修改环境变量中的host</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node2 <span class="token string">"sudo sed -i 's/SOLR_HOST=<span class="token entity" title="\"">\"</span>node1<span class="token entity" title="\"">\"</span>/SOLR_HOST=<span class="token entity" title="\"">\"</span>node2<span class="token entity" title="\"">\"</span>/' /opt/solr/solr-9.3.0/bin/solr.in.sh"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h4 id="5-将solr安装目录同步到node3节点上"><a href="#5-将solr安装目录同步到node3节点上" class="headerlink" title="5. 将solr安装目录同步到node3节点上"></a>5. 将solr安装目录同步到node3节点上</h4><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node3 <span class="token string">'mkdir -p /opt/solr'</span><span class="token function">scp</span> <span class="token parameter variable">-r</span> /opt/solr/solr-9.3.0 root@node3:/opt/solr/solr-9.3.0<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><p>修改IP</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node3 <span class="token string">"sudo sed -i 's/SOLR_JETTY_HOST=<span class="token entity" title="\"">\"</span>192.168.0.4<span class="token entity" title="\"">\"</span>/SOLR_JETTY_HOST=<span class="token entity" title="\"">\"</span>192.168.0.6<span class="token entity" title="\"">\"</span>/' /opt/solr/solr-9.3.0/bin/solr"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>修改环境变量中的host</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">ssh</span> root@node3 <span class="token string">"sudo sed -i 's/SOLR_HOST=<span class="token entity" title="\"">\"</span>node1<span class="token entity" title="\"">\"</span>/SOLR_HOST=<span class="token entity" title="\"">\"</span>node3<span class="token entity" title="\"">\"</span>/' /opt/solr/solr-9.3.0/bin/solr.in.sh"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="启动zk集群"><a href="#启动zk集群" class="headerlink" title="启动zk集群"></a>启动zk集群</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /opt/zk/apache-zookeeper-3.7.1-binzkServer.sh startzkServer.sh status<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><h3 id="启动Solr集群"><a href="#启动Solr集群" class="headerlink" title="启动Solr集群"></a>启动Solr集群</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /opt/solr/solr-9.3.0/bin<span class="token comment"># 通过solr命令来在zookeeper集群上创建/solr目录来存放solr集群的数据(node1执行)</span>./solr zk mkroot /solr <span class="token parameter variable">-z</span> node1:2181,node2:2181,node3:2181<span class="token comment"># 启动Solr集群</span>./solr start <span class="token parameter variable">-e</span> cloud <span class="token parameter variable">-z</span> node1:2181,node2:2181,node3:2181/solr <span class="token parameter variable">-force</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="系统环境"><a href="#系统环境" class="headerlink" title="系统环境"></a>系统环境</h2><p><code>CentOS Linux release 7.9.2009(Core) Linux 3.10.0-1160.90</summary>
</entry>
<entry>
<title>Kafka简要升级方案</title>
<link href="https://lunrry.github.io/posts/bd64cb63/"/>
<id>https://lunrry.github.io/posts/bd64cb63/</id>
<published>2023-07-26T09:02:14.000Z</published>
<updated>2023-09-25T08:18:44.562Z</updated>
<content type="html"><![CDATA[<h1 id="Kafka简要升级方案"><a href="#Kafka简要升级方案" class="headerlink" title="Kafka简要升级方案"></a>Kafka简要升级方案</h1><p><strong>Kafka从2.8.0版本开始移除了Zookeeper依赖</strong></p><p><strong>已弃用对 Java 8 和 Scala 2.12 的支持,对它们的支持将在 4.0 版本中彻底移除。</strong></p><p><a href="https://bajie.dev/posts/20221113-kafka/">Kafka的安装和验证</a></p><h2 id="kafka和SpringBoot对应关系"><a href="#kafka和SpringBoot对应关系" class="headerlink" title="kafka和SpringBoot对应关系"></a>kafka和SpringBoot对应关系</h2><table><thead><tr><th><strong>Spring for Apache Kafka 版本</strong></th><th><strong>Apache Kafka 版本的 Spring 集成</strong></th><th><strong>kafka-clients</strong></th><th><strong>Spring Boot</strong></th></tr></thead><tbody><tr><td>2.8.x</td><td>5.5.x</td><td>3.0.0</td><td>2.6.x/2.7.x</td></tr><tr><td>3.0.x</td><td>6.0.x/6.1.x</td><td>3.3.2/3.4.1/3.5.0</td><td>3.0.x/3.1.x</td></tr></tbody></table><h2 id="升级文档"><a href="#升级文档" class="headerlink" title="升级文档"></a>升级文档</h2><p><code>kafka_2.13-2.8.0</code>–><code>kafka_2.13-3.5.0</code></p><ul><li>上传新版安装包并解压</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /data<span class="token function">tar</span> xf kafka_2.13-3.5.0.gz<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ul><li>使用<code>kafka_2.13-2.8.0</code>版本配置文件覆盖<code>kafka_2.13-3.5.0</code>版本配置文件</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">cp</span> kafka_2.13-2.8.0/config/server.properties kafka_2.13-3.5.0/config/<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>编辑<code>kafka_2.13-3.5.0</code>配置文件(目的是为了高版本兼容使用低版本的文件格式(万一高版本不适应,可以恢复到低版本)。如果数据量不大,可以直接写当前版本3.5.0)</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">echo</span> <span class="token string">"inter.broker.protocol.version=2.8.0"</span> <span class="token operator">>></span> /data/kafka_2.13-3.5.0/config/server.properties<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>停止<code>kafka_2.13-2.8.0</code>版本</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /data/kafka_2.13-2.8.0bin/zookeeper-server-stop.shbin/kafka-server-stop.sh<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ul><li>启动<code>kafka_2.13-3.5.0</code>版本</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /data/kafka_2.13-3.5.0bin/zookeeper-server-start.sh config/zookeeper.propertiesbin/kafka-server-start.sh config/server.properties<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ul><li>如果配置文件写入的<code>inter.broker.protocol.version=2.8.0</code>,经测试无问题后再修改<code>inter.broker.protocol.version=3.5.0</code>为高版号,重新启动即可</li></ul><h2 id="Kafka集群的滚动升级"><a href="#Kafka集群的滚动升级" class="headerlink" title="Kafka集群的滚动升级"></a>Kafka集群的滚动升级</h2><p>如需要将kafka集群从v2.1不停机滚动升级到v3.0,分为以下几个步骤</p><ol><li>下载新版本kafka二进制文件并解压</li><li>使用旧版本<code>/config/server.properties</code>文件替换新版本kafka的同名文件(如有自定义配置)</li><li>将broker和log版本设置为当前kafka版本</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token assign-left variable">inter.broker.protocol.version</span><span class="token operator">=</span><span class="token number">2.1</span><span class="token assign-left variable">log.message.format.version</span><span class="token operator">=</span><span class="token number">2.1</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="4"><li>一次操作一个broker,停止broker。然后启动新版kafka的broker,等待集群稳定</li><li>如果在此情况下集群是稳定的,停止broker,使用<code>inter.broker.protocol.version=3.0</code>更改broker间的协议版本,等待集群稳定</li><li>在上述阶段,集群的所有broker都在使用新协议运行,但是没有使用新的日志消息格式</li><li>一次操作一个broker,停止broker。升级消息协议版本 <code>log.message.format.version=3.0</code>并启动broker。等待集群稳定</li><li>此时所有broker都升级到了v3.1版本,使用新的代理间协议和日志消息格式版本</li></ol><h2 id="常用命令"><a href="#常用命令" class="headerlink" title="常用命令"></a>常用命令</h2><ul><li>查看所有topic</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">bin/kafka-topics.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--list</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>查看topic详细信息</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">./bin/kafka-topics.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--describe</span><span class="token comment"># 如果要查看单个 topic 信息:可在上述命令后面添加 --topic <topicName></span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ul><li>创建新的topic</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">bin/kafka-topics.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--create</span> <span class="token parameter variable">--topic</span> <span class="token operator"><</span>topicName<span class="token operator">></span> <span class="token parameter variable">--partitions</span> <span class="token number">2</span> --replication-factor <span class="token number">1</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p><code>--partitions 2</code>: 这是指定创建的主题拥有的分区数量。在这里,它创建了一个拥有 2 个分区的主题。</p><p><code>--replication-factor 1</code>: 这是指定每个分区的复制因子。在这里,每个分区只有一个副本,表示不会进行数据冗余复制。</p><ul><li>删除topic</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">bin/kafka-topics.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--delete</span> <span class="token parameter variable">--topic</span> <span class="token operator"><</span>topicName<span class="token operator">></span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>使用生产者向主题发送消息</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">./bin/kafka-console-producer.sh --broker-list localhost:9092 <span class="token parameter variable">--topic</span> <span class="token operator"><</span>topicName<span class="token operator">></span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>使用消费者从主题接收消息</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">bin/kafka-console-consumer.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--topic</span> <span class="token operator"><</span>topicName<span class="token operator">></span> --from-beginning<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p><code>--from-beginning</code>: 表示从主题的开头开始接收消息,即使之前的消息已经被消费者接收。</p><h2 id="kafka的备份及迁移"><a href="#kafka的备份及迁移" class="headerlink" title="kafka的备份及迁移"></a>kafka的备份及迁移</h2><h3 id="备份zookeeper数据"><a href="#备份zookeeper数据" class="headerlink" title="备份zookeeper数据"></a>备份zookeeper数据</h3><ul><li>zookeeper将数据存放在<code>~/kafka/config/zookeeper.properties</code>配置文件中的<code>dataDir</code> 字段指定的目录中。默认情况下<code>dataDir</code>指向 <code>/tmp/zookeeper</code> 目录。</li><li>使用压缩文档备份存储文件。</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">tar</span> <span class="token parameter variable">-czf</span> /home/kafka/zookeeper-backup.tar.gz /tmp/zookeeper/*<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><p>报出的提示<code>tar: 从成员名中删除开头的“/”</code>可以忽略</p><h3 id="备份kafka主题和消息"><a href="#备份kafka主题和消息" class="headerlink" title="备份kafka主题和消息"></a>备份kafka主题和消息</h3><ul><li><p>kafka将数据存放在<code>~/kafka/config/server.properties</code>配置文件中的<code>log.dirs</code>字段指定的目录中。默认情况下<code>log.dirs</code>指向 <code>/tmp/kafka-logs0</code> 目录。</p></li><li><p>首先停止kafka服务,以便在使用 <code>tar</code> 创建归档时 <code>log.dirs</code> 目录中的数据处于一致的状态。</p></li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">/data/kafka/bin/kafka-server-stop.sh<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>创建压缩文件</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">tar</span> <span class="token parameter variable">-czf</span> /home/kafka/kafka-backup.tar.gz /tmp/kafka-logs/*<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="恢复zookeeper数据"><a href="#恢复zookeeper数据" class="headerlink" title="恢复zookeeper数据"></a>恢复zookeeper数据</h3><ul><li>恢复前停止kafka和zookeeper服务,以防止数据目录在恢复过程中接收到无效数据。</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">/data/kafka/bin/kafka-server-stop.sh/data/kafka_2.13-2.8.0/bin/zookeeper-server-stop.sh<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ul><li>恢复备份的zookeeper数据</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">tar</span> <span class="token parameter variable">-C</span> /tmp/zookeeper <span class="token parameter variable">-xzf</span> /home/kafka/zookeeper-backup.tar.gz --strip-components <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>恢复kafka数据</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">tar</span> <span class="token parameter variable">-C</span> /tmp/kafka-logs <span class="token parameter variable">-xzf</span> /home/kafka/kafka-backup.tar.gz --strip-components <span class="token number">2</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ul><li>启动zookeeper和kafka服务</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /data/kafkabin/zookeeper-server-start.sh config/zookeeper.propertiesbin/kafka-server-start.sh config/server.properties<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ul><li>验证:等待启动后执行命令从<code>test</code>主题读取消息</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /data/kafkabin/kafka-console-consumer.sh --bootstrap-server localhost:9092 <span class="token parameter variable">--topic</span> <span class="token builtin class-name">test</span> --from-beginning<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h1 id="Kafka简要升级方案"><a href="#Kafka简要升级方案" class="headerlink" title="Kafka简要升级方案"></a>Kafka简要升级方案</h1><p><strong>Kafka从2.8.0版本开始移除了Zookeepe</summary>
<category term="kubernetes" scheme="https://lunrry.github.io/categories/kubernetes/"/>
<category term="linux" scheme="https://lunrry.github.io/tags/linux/"/>
</entry>
<entry>
<title>ansible批量初始化服务器</title>
<link href="https://lunrry.github.io/posts/ab7a4847/"/>
<id>https://lunrry.github.io/posts/ab7a4847/</id>
<published>2023-07-19T05:54:46.000Z</published>
<updated>2023-09-25T08:18:44.564Z</updated>
<content type="html"><![CDATA[<h2 id="ansible批量初始化服务器"><a href="#ansible批量初始化服务器" class="headerlink" title="ansible批量初始化服务器"></a>ansible批量初始化服务器</h2><p>主机组配置<code>/etc/ansible/hosts</code>:</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>new<span class="token punctuation">]</span><span class="token number">192.168</span>.0.<span class="token punctuation">[</span><span class="token number">3</span>:6<span class="token punctuation">]</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h3 id="ansible配置SSH密钥认证"><a href="#ansible配置SSH密钥认证" class="headerlink" title="ansible配置SSH密钥认证"></a>ansible配置SSH密钥认证</h3><ul><li><p>在control_node节点上生成密钥对</p><p><code>ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ''</code></p></li><li><p>编写<code>sshkey.yaml</code></p></li></ul><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token punctuation">---</span><span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> configure ssh connection <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">false</span> <span class="token key atrule">connection</span><span class="token punctuation">:</span> local <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> configure ssh connection <span class="token key atrule">shell</span><span class="token punctuation">:</span> <span class="token punctuation">|</span><span class="token scalar string"> ssh-keyscan {{inventory_hostname}} >>~/.ssh/known_hosts sshpass -p'123456' ssh-copy-id root@{{inventory_hostname}}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ul><li>执行playbook</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">ansible-playbook sshkey.yaml<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="批量初始化"><a href="#批量初始化" class="headerlink" title="批量初始化"></a>批量初始化</h3><pre class="line-numbers language-yaml" data-language="yaml"><code class="language-yaml"><span class="token punctuation">---</span><span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> Configure ssh Connection <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">false</span> <span class="token key atrule">connection</span><span class="token punctuation">:</span> local <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> configure ssh connection <span class="token key atrule">shell</span><span class="token punctuation">:</span> <span class="token punctuation">|</span><span class="token scalar string"> ssh-keyscan {{inventory_hostname}} >>~/.ssh/known_hosts sshpass -p'123456' ssh-copy-id root@{{inventory_hostname}}</span><span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> Set Hostname <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">false</span> <span class="token key atrule">vars</span><span class="token punctuation">:</span> <span class="token key atrule">hostnames</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">host</span><span class="token punctuation">:</span> 192.168.0.3 <span class="token key atrule">name</span><span class="token punctuation">:</span> new1 <span class="token punctuation">-</span> <span class="token key atrule">host</span><span class="token punctuation">:</span> 192.168.0.4 <span class="token key atrule">name</span><span class="token punctuation">:</span> new2 <span class="token punctuation">-</span> <span class="token key atrule">host</span><span class="token punctuation">:</span> 192.168.0.5 <span class="token key atrule">name</span><span class="token punctuation">:</span> new3 <span class="token punctuation">-</span> <span class="token key atrule">host</span><span class="token punctuation">:</span> 192.168.0.6 <span class="token key atrule">name</span><span class="token punctuation">:</span> new4 <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> set hostname <span class="token key atrule">hostname</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> <span class="token string">"{{item.name}}"</span> <span class="token key atrule">when</span><span class="token punctuation">:</span> item.host == inventory_hostname <span class="token key atrule">loop</span><span class="token punctuation">:</span> <span class="token string">"{{hostnames}}"</span><span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> Add DNS For Each <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">true</span> <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> add DNS <span class="token key atrule">lineinfile</span><span class="token punctuation">:</span> <span class="token key atrule">path</span><span class="token punctuation">:</span> <span class="token string">"/etc/hosts"</span> <span class="token key atrule">line</span><span class="token punctuation">:</span> <span class="token string">"{{item}} {{hostvars[item].ansible_hostname}}"</span> <span class="token key atrule">when</span><span class="token punctuation">:</span> item <span class="token tag">!=</span> inventory_hostname <span class="token key atrule">loop</span><span class="token punctuation">:</span> <span class="token string">"{{ play_hosts }}"</span><span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> Config Yum Repo And Install Software <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">false</span> <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> backup origin yum repos <span class="token key atrule">shell</span><span class="token punctuation">:</span> <span class="token key atrule">cmd</span><span class="token punctuation">:</span> <span class="token string">"mkdir bak; mv *.repo bak"</span> <span class="token key atrule">chdir</span><span class="token punctuation">:</span> /etc/yum.repos.d <span class="token key atrule">creates</span><span class="token punctuation">:</span> /etc/yum.repos.d/bak <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> add os repo and epel repo <span class="token key atrule">yum_repository</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> <span class="token string">"{{item.name}}"</span> <span class="token key atrule">description</span><span class="token punctuation">:</span> <span class="token string">"{{item.name}} repo"</span> <span class="token key atrule">baseurl</span><span class="token punctuation">:</span> <span class="token string">"{{item.baseurl}}"</span> <span class="token key atrule">file</span><span class="token punctuation">:</span> <span class="token string">"{{item.name}}"</span> <span class="token key atrule">enabled</span><span class="token punctuation">:</span> <span class="token number">1</span> <span class="token key atrule">gpgcheck</span><span class="token punctuation">:</span> <span class="token number">0</span> <span class="token key atrule">reposdir</span><span class="token punctuation">:</span> /etc/yum.repos.d <span class="token key atrule">loop</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> os <span class="token key atrule">baseurl</span><span class="token punctuation">:</span> <span class="token string">"https://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/os/$basearch"</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> epel <span class="token key atrule">baseurl</span><span class="token punctuation">:</span> <span class="token string">"https://mirrors.tuna.tsinghua.edu.cn/epel/$releasever/$basearch"</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> install pkgs <span class="token key atrule">yum</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> lrzsz<span class="token punctuation">,</span>vim<span class="token punctuation">,</span>dos2unix<span class="token punctuation">,</span>wget<span class="token punctuation">,</span>curl<span class="token punctuation">,</span>git<span class="token punctuation">,</span>tar<span class="token punctuation">,</span>unzip<span class="token punctuation">,</span>ntpdate <span class="token key atrule">state</span><span class="token punctuation">:</span> present<span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> Sync Time <span class="token key atrule">hosts</span><span class="token punctuation">:</span> new <span class="token key atrule">gather_facts</span><span class="token punctuation">:</span> <span class="token boolean important">false</span> <span class="token key atrule">tasks</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> install and sync time <span class="token key atrule">block</span><span class="token punctuation">:</span> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> install ntpdate <span class="token key atrule">yum</span><span class="token punctuation">:</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> ntpdate <span class="token key atrule">state</span><span class="token punctuation">:</span> present <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> ntpdate to sync time <span class="token key atrule">shell</span><span class="token punctuation">:</span> <span class="token punctuation">|</span><span class="token scalar string"> ntpdate ntp1.aliyun.com hwclock -w</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ul><li>配置SSH密钥认证</li><li>配置主机名</li><li>互相添加DNS解析记录</li><li>配置镜像源</li><li>安装常用软件</li><li>时间同步</li></ul>]]></content>
<summary type="html"><h2 id="ansible批量初始化服务器"><a href="#ansible批量初始化服务器" class="headerlink" title="ansible批量初始化服务器"></a>ansible批量初始化服务器</h2><p>主机组配置<code>/etc/an</summary>
<category term="ansible" scheme="https://lunrry.github.io/categories/ansible/"/>
<category term="linux" scheme="https://lunrry.github.io/tags/linux/"/>
<category term="ansible" scheme="https://lunrry.github.io/tags/ansible/"/>
</entry>
<entry>
<title>Nginx添加新模块</title>
<link href="https://lunrry.github.io/posts/bc4c8e89/"/>
<id>https://lunrry.github.io/posts/bc4c8e89/</id>
<published>2023-07-10T05:48:54.000Z</published>
<updated>2023-09-25T08:18:44.563Z</updated>
<content type="html"><![CDATA[<h2 id="Nginx添加新模块-以fastdfs-nginx-module模块为例"><a href="#Nginx添加新模块-以fastdfs-nginx-module模块为例" class="headerlink" title="Nginx添加新模块(以fastdfs-nginx-module模块为例)"></a>Nginx添加新模块(以fastdfs-nginx-module模块为例)</h2><ol><li>进入nginx源码目录(如已删除,从官网重新下载)</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token builtin class-name">cd</span> /home/app/nginx/nginx-1.22.0<span class="token function">ls</span>auto CHANGES CHANGES.ru conf configure contrib html LICENSE Makefile <span class="token function">man</span> objs README src<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ol start="2"><li>下载fastdfs-nginx-module模块,并解压</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">git</span> clone https://github.com/happyfish100/fastdfs-nginx-module/archive/refs/tags/V1.22.tar.gz<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="3"><li>查看nginx版本以及编译参数</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">nginx <span class="token parameter variable">-V</span><span class="token parameter variable">--prefix</span><span class="token operator">=</span>/etc/nginx --sbin-path<span class="token operator">=</span>/usr/sbin/nginx --modules-path<span class="token operator">=</span>/usr/lib/nginx/modules --conf-path<span class="token operator">=</span>/etc/nginx/nginx.conf --error-log-path<span class="token operator">=</span>/data/log/nginx/error.log --http-log-path<span class="token operator">=</span>/data/log/nginx/access.log --pid-path<span class="token operator">=</span>/data/run/nginx.pid --lock-path<span class="token operator">=</span>/data/run/nginx.lock --http-client-body-temp-path<span class="token operator">=</span>/data/cache/nginx/client_temp --http-proxy-temp-path<span class="token operator">=</span>/data/cache/nginx/proxy_temp --http-fastcgi-temp-path<span class="token operator">=</span>/data/cache/nginx/fastcgi_temp --http-uwsgi-temp-path<span class="token operator">=</span>/data/cache/nginx/uwsgi_temp --http-scgi-temp-path<span class="token operator">=</span>/data/cache/nginx/scgi_temp <span class="token parameter variable">--user</span><span class="token operator">=</span>nginx <span class="token parameter variable">--group</span><span class="token operator">=</span>nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module<span class="token operator">=</span>dynamic --with-http_image_filter_module<span class="token operator">=</span>dynamic --with-http_geoip_module<span class="token operator">=</span>dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module<span class="token operator">=</span>dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --with-openssl<span class="token operator">=</span>/home/app/nginx/openssl-OpenSSL_1_1_1k --add-module<span class="token operator">=</span>/home/app/nginx/lua-nginx-module-0.10.14 --add-module<span class="token operator">=</span>/home/app/nginx/ngx_devel_kit-0.3.1 --add-module<span class="token operator">=</span>/home/app/nginx/nginx-http-concat-master<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ol start="4"><li>执行命令重新编译nginx,在最后加上fastdfs-nginx-module模块</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">./configure <span class="token parameter variable">--prefix</span><span class="token operator">=</span>/etc/nginx --sbin-path<span class="token operator">=</span>/usr/sbin/nginx --modules-path<span class="token operator">=</span>/usr/lib/nginx/modules --conf-path<span class="token operator">=</span>/etc/nginx/nginx.conf --error-log-path<span class="token operator">=</span>/data/log/nginx/error.log --http-log-path<span class="token operator">=</span>/data/log/nginx/access.log --pid-path<span class="token operator">=</span>/data/run/nginx.pid --lock-path<span class="token operator">=</span>/data/run/nginx.lock --http-client-body-temp-path<span class="token operator">=</span>/data/cache/nginx/client_temp --http-proxy-temp-path<span class="token operator">=</span>/data/cache/nginx/proxy_temp --http-fastcgi-temp-path<span class="token operator">=</span>/data/cache/nginx/fastcgi_temp --http-uwsgi-temp-path<span class="token operator">=</span>/data/cache/nginx/uwsgi_temp --http-scgi-temp-path<span class="token operator">=</span>/data/cache/nginx/scgi_temp <span class="token parameter variable">--user</span><span class="token operator">=</span>nginx <span class="token parameter variable">--group</span><span class="token operator">=</span>nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module<span class="token operator">=</span>dynamic --with-http_image_filter_module<span class="token operator">=</span>dynamic --with-http_geoip_module<span class="token operator">=</span>dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module<span class="token operator">=</span>dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --with-openssl<span class="token operator">=</span>/home/app/nginx/openssl-OpenSSL_1_1_1k --add-module<span class="token operator">=</span>/home/app/nginx/lua-nginx-module-0.10.14 --add-module<span class="token operator">=</span>/home/app/nginx/ngx_devel_kit-0.3.1 --add-module<span class="token operator">=</span>/home/app/nginx/nginx-http-concat-master --add-module<span class="token operator">=</span>/home/app/nginx/fastdfs-nginx-module-1.22/src<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="5"><li><p>执行<code>make </code>,注意:千万别<code>make install</code>,否则就覆盖安装了), make完之后在软件目录下就多了个nginx,这个就是新版本的程序了。</p></li><li><p>进入启动文件夹</p></li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master objs<span class="token punctuation">]</span><span class="token comment"># which nginx</span>/usr/sbin/nginx<span class="token punctuation">[</span>root@master objs<span class="token punctuation">]</span><span class="token comment"># cd /usr/sbin/</span><span class="token punctuation">[</span>root@master sbin<span class="token punctuation">]</span><span class="token comment"># ls</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><ol start="7"><li>备份原来启动文件并替换</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">mv</span> ./nginx ./nginx.bak<span class="token function">mv</span> /home/app/nginx/nginx-1.22.0/objs/nginx ./<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="8"><li>启动nginx</li><li><code>nginx -V</code>查看添加的模块</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master sbin<span class="token punctuation">]</span><span class="token comment"># nginx -V</span>nginx version: nginx/1.22.0built by gcc <span class="token number">4.8</span>.5 <span class="token number">20150623</span> <span class="token punctuation">(</span>Red Hat <span class="token number">4.8</span>.5-44<span class="token punctuation">)</span> <span class="token punctuation">(</span>GCC<span class="token punctuation">)</span> built with OpenSSL <span class="token number">1.1</span>.1k <span class="token number">25</span> Mar <span class="token number">2021</span>TLS SNI support enabledconfigure arguments: <span class="token parameter variable">--prefix</span><span class="token operator">=</span>/etc/nginx --sbin-path<span class="token operator">=</span>/usr/sbin/nginx --modules-path<span class="token operator">=</span>/usr/lib/nginx/modules --conf-path<span class="token operator">=</span>/etc/nginx/nginx.conf --error-log-path<span class="token operator">=</span>/data/log/nginx/error.log --http-log-path<span class="token operator">=</span>/data/log/nginx/access.log --pid-path<span class="token operator">=</span>/data/run/nginx.pid --lock-path<span class="token operator">=</span>/data/run/nginx.lock --http-client-body-temp-path<span class="token operator">=</span>/data/cache/nginx/client_temp --http-proxy-temp-path<span class="token operator">=</span>/data/cache/nginx/proxy_temp --http-fastcgi-temp-path<span class="token operator">=</span>/data/cache/nginx/fastcgi_temp --http-uwsgi-temp-path<span class="token operator">=</span>/data/cache/nginx/uwsgi_temp --http-scgi-temp-path<span class="token operator">=</span>/data/cache/nginx/scgi_temp <span class="token parameter variable">--user</span><span class="token operator">=</span>nginx <span class="token parameter variable">--group</span><span class="token operator">=</span>nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module<span class="token operator">=</span>dynamic --with-http_image_filter_module<span class="token operator">=</span>dynamic --with-http_geoip_module<span class="token operator">=</span>dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module<span class="token operator">=</span>dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module --with-openssl<span class="token operator">=</span>/home/app/nginx/openssl-OpenSSL_1_1_1k --add-module<span class="token operator">=</span>/home/app/nginx/lua-nginx-module-0.10.14 --add-module<span class="token operator">=</span>/home/app/nginx/ngx_devel_kit-0.3.1 --add-module<span class="token operator">=</span>/home/app/nginx/nginx-http-concat-master --add-module<span class="token operator">=</span>/home/app/nginx/fastdfs-nginx-module-1.22/src<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="Nginx添加新模块-以fastdfs-nginx-module模块为例"><a href="#Nginx添加新模块-以fastdfs-nginx-module模块为例" class="headerlink" title="Nginx添加新模块(以fastdfs-</summary>
<category term="Nginx" scheme="https://lunrry.github.io/categories/Nginx/"/>
<category term="Nginx" scheme="https://lunrry.github.io/tags/Nginx/"/>
<category term="Linux" scheme="https://lunrry.github.io/tags/Linux/"/>
</entry>
<entry>
<title>mysql自动备份脚本</title>
<link href="https://lunrry.github.io/posts/7e4c9973/"/>
<id>https://lunrry.github.io/posts/7e4c9973/</id>
<published>2023-07-06T05:40:58.000Z</published>
<updated>2023-09-25T08:18:44.566Z</updated>
<content type="html"><![CDATA[<h2 id="mysql自动备份脚本-定时执行"><a href="#mysql自动备份脚本-定时执行" class="headerlink" title="mysql自动备份脚本+定时执行"></a>mysql自动备份脚本+定时执行</h2><p>一个用于mysql数据库自动备份的脚本,主要功能:</p><ul><li>脚本存放位置即为备份文件存放位置</li><li>备份除自带数据库外其他用户数据库</li><li>提供备份日志</li><li>自定义删除某段时间前备份文件</li></ul><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token shebang important">#!/bin/bash</span> <span class="token comment"># 脚本存放位置即为备份文件存放位置</span><span class="token comment"># 定义属性</span><span class="token assign-left variable">MYSQL_HOST</span><span class="token operator">=</span><span class="token string">"127.0.0.1"</span> <span class="token assign-left variable">MYSQL_PORT</span><span class="token operator">=</span><span class="token string">"3306"</span> <span class="token assign-left variable">MYSQL_USER</span><span class="token operator">=</span><span class="token string">"root"</span> <span class="token assign-left variable">MYSQL_PASSWORD</span><span class="token operator">=</span><span class="token string">"123456"</span> <span class="token assign-left variable">BACKUP</span><span class="token operator">=</span><span class="token variable"><span class="token variable">$(</span><span class="token builtin class-name">cd</span> `dirname $0`<span class="token punctuation">;</span><span class="token builtin class-name">pwd</span><span class="token variable">)</span></span><span class="token builtin class-name">echo</span> <span class="token string">"<span class="token variable">$BACKUP</span>"</span> <span class="token assign-left variable">DATETIME</span><span class="token operator">=</span><span class="token variable"><span class="token variable">$(</span><span class="token function">date</span> +%Y_%m_%d_%H_%M_%S<span class="token variable">)</span></span><span class="token builtin class-name">echo</span> <span class="token string">"<span class="token variable">$DATETIME</span>"</span><span class="token comment">#此处没有优化,应该自动获取mysql和mysqldump绝对路径,which命令corntab无法使用</span><span class="token comment">#mysqldir=$(which mysql)</span><span class="token comment">#echo "$mysqldir"</span><span class="token comment">#mysqldumpdir=$(which mysqldump)</span><span class="token comment">#echo "$mysqldumpdir"</span> <span class="token function">touch</span> <span class="token variable">$BACKUP</span>/backuplog.log<span class="token comment"># 打印日志</span><span class="token keyword">function</span> <span class="token function-name function">log_correct</span> <span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{</span> <span class="token assign-left variable"><span class="token environment constant">USER</span></span><span class="token operator">=</span><span class="token variable"><span class="token variable">$(</span><span class="token function">whoami</span><span class="token variable">)</span></span> <span class="token builtin class-name">echo</span> <span class="token string">"<span class="token variable">${DATETIME}</span> <span class="token variable">${<span class="token environment constant">USER</span>}</span> execute <span class="token variable">$0</span> [INFO] <span class="token variable">$@</span> "</span> <span class="token operator">>></span> <span class="token string">"<span class="token variable">$BACKUP</span>/backuplog.log"</span> <span class="token punctuation">}</span> log_correct <span class="token string">"开始执行 Mysql 备份任务"</span> <span class="token comment"># 自动获得所有的数据库</span><span class="token assign-left variable">DATABASES</span><span class="token operator">=</span><span class="token variable"><span class="token variable">`</span>/data/mysql/bin/mysql -h$<span class="token punctuation">{</span>MYSQL_HOST<span class="token punctuation">}</span> -P$<span class="token punctuation">{</span>MYSQL_PORT<span class="token punctuation">}</span> -u$<span class="token punctuation">{</span>MYSQL_USER<span class="token punctuation">}</span> -p$<span class="token punctuation">{</span>MYSQL_PASSWORD<span class="token punctuation">}</span> <span class="token parameter variable">-e</span> <span class="token string">"SHOW DATABASES;"</span><span class="token variable">`</span></span><span class="token comment"># 创建备份目录</span><span class="token function">mkdir</span> <span class="token parameter variable">-p</span> <span class="token string">"<span class="token variable">${BACKUP}</span>/<span class="token variable">$DATETIME</span>"</span> <span class="token keyword">for</span> <span class="token for-or-select variable">db</span> <span class="token keyword">in</span> <span class="token variable">$DATABASES</span><span class="token punctuation">;</span> <span class="token keyword">do</span> <span class="token comment"># 排除表头和一些无需备份的数据库</span> <span class="token keyword">if</span> <span class="token punctuation">[</span><span class="token punctuation">[</span> <span class="token string">"<span class="token variable">$db</span>"</span> <span class="token operator">!=</span> <span class="token string">"Database"</span> <span class="token punctuation">]</span><span class="token punctuation">]</span> <span class="token operator">&&</span> <span class="token punctuation">[</span><span class="token punctuation">[</span> <span class="token string">"<span class="token variable">$db</span>"</span> <span class="token operator">!=</span> <span class="token string">"information_schema"</span> <span class="token punctuation">]</span><span class="token punctuation">]</span> <span class="token operator">&&</span> <span class="token punctuation">[</span><span class="token punctuation">[</span> <span class="token string">"<span class="token variable">$db</span>"</span> <span class="token operator">!=</span> <span class="token string">"performance_schema"</span> <span class="token punctuation">]</span><span class="token punctuation">]</span> <span class="token operator">&&</span> <span class="token punctuation">[</span><span class="token punctuation">[</span> <span class="token string">"<span class="token variable">$db</span>"</span> <span class="token operator">!=</span> <span class="token string">"mysql"</span> <span class="token punctuation">]</span><span class="token punctuation">]</span> <span class="token operator">&&</span> <span class="token punctuation">[</span><span class="token punctuation">[</span> <span class="token string">"<span class="token variable">$db</span>"</span> <span class="token operator">!=</span> <span class="token string">"sys"</span> <span class="token punctuation">]</span><span class="token punctuation">]</span> <span class="token punctuation">;</span> <span class="token keyword">then</span> <span class="token comment"># 备份操作</span> log_correct <span class="token string">"备份: 【<span class="token variable">$db</span>】"</span> /data/mysql/bin/mysqldump --ignore-table<span class="token operator">=</span><span class="token variable">$db</span><span class="token punctuation">\</span>.TS_S_OperationLog -h<span class="token variable">${MYSQL_HOST}</span> -P<span class="token variable">${MYSQL_PORT}</span> -u<span class="token variable">${MYSQL_USER}</span> -p<span class="token variable">${MYSQL_PASSWORD}</span> <span class="token parameter variable">--databases</span> <span class="token variable">$db</span> <span class="token operator">></span> <span class="token variable">${BACKUP}</span>/<span class="token variable">$DATETIME</span>/<span class="token variable">$db</span>.sql log_correct <span class="token string">"数据库【<span class="token variable">$db</span>】已备份到:<span class="token variable">${BACKUP}</span>/<span class="token variable">$DATETIME</span>/<span class="token variable">$db</span>.tar.gz 下"</span><span class="token builtin class-name">cd</span> <span class="token variable">$BACKUP</span>/<span class="token variable">$DATETIME</span><span class="token function">tar</span> <span class="token parameter variable">-czvf</span> <span class="token variable">$db</span>.tar.gz <span class="token variable">$db</span>.sql<span class="token function">rm</span> <span class="token parameter variable">-rf</span> *.sql <span class="token keyword">fi</span><span class="token keyword">done</span> <span class="token comment"># 删除10天前的备份文件</span><span class="token function">find</span> <span class="token variable">$BACKUP</span> <span class="token parameter variable">-type</span> d <span class="token parameter variable">-mtime</span> +10 <span class="token parameter variable">-exec</span> <span class="token function">rm</span> <span class="token parameter variable">-rf</span> <span class="token punctuation">{</span><span class="token punctuation">}</span> <span class="token punctuation">\</span><span class="token punctuation">;</span> log_correct <span class="token string">"完成 Mysql 备份任务"</span>log_correct <span class="token string">"已删除10天前备份数据"</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="定时任务执行"><a href="#定时任务执行" class="headerlink" title="定时任务执行"></a>定时任务执行</h2><p>使用cron表达式定时执行,<code>crontab -e</code>进入编辑模式,下面表达式表示每天凌晨两点执行一次<code>backup.sh</code>脚本</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token number">0</span> <span class="token number">2</span> * * * /mnt/mysqlbackup/backup.sh<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="mysql自动备份脚本-定时执行"><a href="#mysql自动备份脚本-定时执行" class="headerlink" title="mysql自动备份脚本+定时执行"></a>mysql自动备份脚本+定时执行</h2><p>一个用于mysql数据库自动</summary>
<category term="Mysql" scheme="https://lunrry.github.io/categories/Mysql/"/>
<category term="Linux" scheme="https://lunrry.github.io/tags/Linux/"/>
<category term="Mysql" scheme="https://lunrry.github.io/tags/Mysql/"/>
<category term="Cron" scheme="https://lunrry.github.io/tags/Cron/"/>
</entry>
<entry>
<title>修改Mysql-8.0.30 root密码</title>
<link href="https://lunrry.github.io/posts/8d90ced8/"/>
<id>https://lunrry.github.io/posts/8d90ced8/</id>
<published>2023-07-06T01:21:18.000Z</published>
<updated>2023-09-25T08:18:44.567Z</updated>
<content type="html"><![CDATA[<h2 id="修改Mysql-8-0-30-root密码"><a href="#修改Mysql-8-0-30-root密码" class="headerlink" title="修改Mysql-8.0.30 root密码"></a>修改Mysql-8.0.30 root密码</h2><p>在忘记root密码的情况下修改mysql的root密码</p><ol><li>打开配置文件</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">vim</span> /etc/my.cnf<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="2"><li>在配置文件里加上 <code>skip-grant-tables</code></li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>mysqld<span class="token punctuation">]</span>server-id<span class="token operator">=</span><span class="token number">4</span><span class="token assign-left variable">default_authentication_plugin</span><span class="token operator">=</span>mysql_native_passwordport <span class="token operator">=</span> <span class="token number">3306</span>socket <span class="token operator">=</span> /var/mysql/mysql.sock<span class="token comment">#中文问题</span><span class="token assign-left variable">character_set_server</span><span class="token operator">=</span>utf8<span class="token assign-left variable">collation_server</span><span class="token operator">=</span>utf8_general_ciskip-grant-tablesskip-external-locking<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="3"><li>重启mysql后免密登陆进入mysql</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># 重启mysql</span><span class="token function">service</span> mysql restart<span class="token comment"># 登陆</span>mysql <span class="token parameter variable">-u</span> root<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><ol start="4"><li>查看当前认证方式以及用户,默认是 <code>caching_sha2_password</code> 认证</li></ol><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">use mysql;select host, user, authentication_string, plugin from user;<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><ol start="5"><li>如果是默认认证方式,则先修改为密码认证为 <code>mysql_native_password</code></li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>mysqld<span class="token punctuation">]</span>server-id<span class="token operator">=</span><span class="token number">4</span><span class="token assign-left variable">default_authentication_plugin</span><span class="token operator">=</span>mysql_native_passwordport <span class="token operator">=</span> <span class="token number">3306</span>socket <span class="token operator">=</span> /var/mysql/mysql.sock<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><ol start="6"><li>再次重启mysql</li><li>清空root密码再修改</li></ol><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">use mysql;update user set authentication_string='' where user='root';flush privileges;<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><ol start="8"><li>退出mysql, 注释配置文件里的 <code>skip-grant-tables</code> ,再一次重启 mysql 服务,再次登陆的时候是空密码登陆</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">mysql <span class="token parameter variable">-u</span> root<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="9"><li>登陆后修改密码</li></ol><pre class="line-numbers language-mysql" data-language="mysql"><code class="language-mysql">use mysql;ALTER USER 'root'@'%' IDENTIFIED BY '123456';flush privileges;<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h2 id="修改Mysql-8-0-30-root密码"><a href="#修改Mysql-8-0-30-root密码" class="headerlink" title="修改Mysql-8.0.30 root密码"></a>修改Mysql-8.0.30 root密码</</summary>
<category term="Mysql" scheme="https://lunrry.github.io/categories/Mysql/"/>
<category term="Mysql" scheme="https://lunrry.github.io/tags/Mysql/"/>
</entry>
<entry>
<title>Nginx的配置</title>
<link href="https://lunrry.github.io/posts/7d4620f0/"/>
<id>https://lunrry.github.io/posts/7d4620f0/</id>
<published>2023-07-05T05:26:44.000Z</published>
<updated>2023-09-25T08:18:44.564Z</updated>
<content type="html"><![CDATA[<h1 id="Nginx-conf配置文件"><a href="#Nginx-conf配置文件" class="headerlink" title="Nginx.conf配置文件"></a>Nginx.conf配置文件</h1><p>nginx使用最多的三个核心功能是反向代理,负载均衡和静态服务器。nginx的配置信息主要集中在nginx.conf这个配置文件中,将nginx.conf配置文件中的所有配置信息可以划分成以下六部分:</p><h2 id="main:进行nginx全局信息的配置"><a href="#main:进行nginx全局信息的配置" class="headerlink" title="main:进行nginx全局信息的配置"></a>main:进行nginx全局信息的配置</h2><p>配置影响nginx全局的指令。一般有运行nginx服务器的用户组,nginx进程pid存放路径,日志存放路径,配置文件引入,允许生成worker process数等。</p><pre class="line-numbers language-none"><code class="language-none"># 指定可以运行nginx服务的用户和用户组,只能在全局块配置# user [user] [group]# 将user指令注释掉,或者配置成nobody的话所有用户都可以运行# user nobody nobody;# 指定工作线程数,可以制定具体的进程数,也可使用自动模式,这个指令只能在全局块配置# worker_processes number | auto;# 列子:指定4个工作线程,这种情况下会生成一个master进程和4个worker进程# worker_processes 4;# 指定pid文件存放的路径,这个指令只能在全局块配置# pid logs/nginx.pid;# 指定错误日志的路径和日志级别,此指令可以在全局块、http块、server块以及location块中配置。# 其中debug级别的日志需要编译时使用--with-debug开启debug开关# error_log [path] [debug | info | notice | warn | error | crit | alert | emerg] # error_log logs/error.log notice;# error_log logs/error.log info;#worker_rlimit_nofile 1024; #指定一个进程可以打开最多文件数量的描述<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="events:nginx工作模式的配置"><a href="#events:nginx工作模式的配置" class="headerlink" title="events:nginx工作模式的配置"></a>events:nginx工作模式的配置</h2><p>配置影响nginx服务器或与用户的网络连接。有每个进程的最大连接数,选取哪种事件驱动模型处理连接请求,是否允许同时接受多个网路连接,开启多个网络连接序列化等。</p><pre class="line-numbers language-none"><code class="language-none">#针对nginx服务器工作模式的配置events { worker_connections 1024; #最大可以同时接收的连接数量(最大连接数量和worker processes共同决定的) #multi_accept on; #配置指定nginx在收到一个新连接通知后尽可能多的接受更多的连接 #use epoll; #配置指定了线程轮询的方法,如果是Linux2.6+,使用epoll,如果是BSD如Mac使用Kqueue}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="HTTP:进行HTTP协议信息的配置"><a href="#HTTP:进行HTTP协议信息的配置" class="headerlink" title="HTTP:进行HTTP协议信息的配置"></a>HTTP:进行HTTP协议信息的配置</h2><p>可以嵌套多个server,配置代理,缓存,日志定义等绝大多数功能和第三方模块的配置。如文件引入,mime-type定义,日志自定义,是否使用sendfile传输文件,连接超时时间,单连接请求数等。</p><pre class="line-numbers language-none"><code class="language-none"># 常用的浏览器中,可以显示的内容有HTML、XML、GIF及Flash等种类繁多的文本、媒体等资源,浏览器为区分这些资源,需要使用MIME Type。换言之,MIME Type是网络资源的媒体类型。Nginx服务器作为Web服务器,必须能够识别前端请求的资源类型。# include指令,用于包含其他的配置文件,可以放在配置文件的任何地方,但是要注意你包含进来的配置文件一定符合配置规范,比如说你include进来的配置是worker_processes指令的配置,而你将这个指令包含到了http块中,这肯定是不行的,上文说过worker_processes指令只能在全局块中。# 下面的指令将mime.types包含进来,mime.types和ngin.cfg同级目录,不同级的话需要指定具体路径# include mime.types;# access_log配置,此指令可以在http块、server块或者location块中进行设置# 在全局块中,我们介绍过errer_log指令,其用于配置Nginx进程运行时的日志存放和级别,此处所指的日志与常规的不同,它是指记录Nginx服务器提供服务过程应答前端请求的日志# access_log path [format [buffer=size]]# 如果要关闭access_log,你可以使用下面的命令# access_log off;# log_format指令,用于定义日志格式,此指令只能在http块中进行配置# log_format main '$remote_addr - $remote_user [$time_local] "$request" '# '$status $body_bytes_sent "$http_referer" '# '"$http_user_agent" "$http_x_forwarded_for"';# 定义了上面的日志格式后,可以以下面的形式使用日志# access_log logs/access.log main;# 开启gzip压缩功能 gzip on; # 设置允许压缩的页面最小字节数; 这里表示如果文件小于10k,压缩没有意义. gzip_min_length 10k; # 设置压缩比率,最小为1,处理速度快,传输速度慢; # 9为最大压缩比,处理速度慢,传输速度快; 推荐6 gzip_comp_level 6; # 设置压缩缓冲区大小,此处设置为16个8K内存作为压缩结果缓冲 gzip_buffers 16 8k; # 设置哪些文件需要压缩,一般文本,css和js建议压缩。图片视需要要锁。 gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; <span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="server:进行服务器访问信息的配置"><a href="#server:进行服务器访问信息的配置" class="headerlink" title="server:进行服务器访问信息的配置"></a>server:进行服务器访问信息的配置</h2><p>配置虚拟主机的相关参数,一个http中可以有多个server。</p><p>在使用Nginx服务器提供Web服务时,利用虚拟主机的技术就可以避免为每一个要运行的网站提供单独的Nginx服务器,也无需为每个网站对应运行一组Nginx进程。虚拟主机技术使得Nginx服务器可以在同一台服务器上只运行一组Nginx进程,就可以运行多个网站。</p><p>在前面提到过,每一个http块都可以包含多个server块,而每个server块就相当于一台虚拟主机,它内部可有多台主机联合提供服务,一起对外提供在逻辑上关系密切的一组服务(或网站)。</p><p>和http块相同,server块也可以包含自己的全局块,同时可以包含多个location块。在server全局块中,最常见的两个配置项是本虚拟主机的监听配置和本虚拟主机的名称或IP配置。</p><pre class="line-numbers language-none"><code class="language-none">server { listen 127.0.0.1:8000; #只监听来自127.0.0.1这个IP,请求8000端口的请求# listen 127.0.0.1; #只监听来自127.0.0.1这个IP,请求80端口的请求(不指定端口,默认80)# listen 8000; #监听来自所有IP,请求8000端口的请求# listen *:8000; #和上面效果一样# listen localhost:8000; #和第一种效果一致 server_name server_name myserver.com www.myserver.com; # 指定ip地址或者域名,多个配置之间用空格分隔,或者分段用 . 隔开 root /nginx/www; # 表示整个server虚拟主机内的根目录,当前主机中web项目的根目录 index index.php index.html index.html; # 用户访问web网站时的全局首页 charset utf-8; # 设置www/路径中配置的网页的默认编码格式 access_log logs/access.log; error_log logs/error.log; ......}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>在name 中可以使用通配符“*”,但通配符只能用在由三段字符串组成的名称的首段或尾段,或者由两段字符串组成的名称的尾段,如:</p><pre class="line-numbers language-none"><code class="language-none">server_name myserver.* *.myserver.com<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h2 id="location:进行访问路由的配置"><a href="#location:进行访问路由的配置" class="headerlink" title="location:进行访问路由的配置"></a>location:进行访问路由的配置</h2><p>location块的主要作用是,基于Nginx服务器接收到的请求字符串(例如, server_name/uri-string),对除虚拟主机名称(也可以是IP别名,后文有详细阐述)之外的字符串(前例中“/uri-string”部分)进行匹配,对特定的请求进行处理。地址定向、数据缓存和应答控制等功能都是在这部分实现。许多第三方模块的配置也是在location块中提供功能。</p><p>Nginx的Location配置支持普通字符串匹配和正则匹配,不过url的各种匹配方式是有优先级的,如下所示:</p><table><thead><tr><th align="center">匹配符</th><th align="center">匹配规则</th><th align="center">优先级逐级降低</th></tr></thead><tbody><tr><td align="center">=</td><td align="center">精确匹配</td><td align="center">1</td></tr><tr><td align="center">^~</td><td align="center">以某个字符串开头</td><td align="center">2</td></tr><tr><td align="center">~</td><td align="center">区分大小写的正则匹配</td><td align="center">3</td></tr><tr><td align="center">~*</td><td align="center">不区分大小写的正则匹配</td><td align="center">4</td></tr><tr><td align="center">!~</td><td align="center">区分大小写的不匹配正则</td><td align="center">5</td></tr><tr><td align="center">!~*</td><td align="center">不区分大小写的不匹配正则</td><td align="center">6</td></tr><tr><td align="center">/</td><td align="center">通用匹配,任何请求都会匹配到</td><td align="center">7</td></tr></tbody></table><p><strong>例如</strong></p><pre class="line-numbers language-none"><code class="language-none"># 规则1:通用匹配location / {}# 规则2:处理以/static/开头的urllocation ^~ /static { alias /usr/share/nginx/html/static; # 静态资源路径}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="请求转发和重定向"><a href="#请求转发和重定向" class="headerlink" title="请求转发和重定向"></a>请求转发和重定向</h3><pre class="line-numbers language-none"><code class="language-none"># 转发动态请求 server { listen 80; server_name localhost; client_max_body_size 1024M; location / { proxy_pass http://localhost:8080; proxy_set_header Host $host:$server_port; } } # http请求重定向到https请求 server { listen 80; server_name Domain.com; return 301 https://$server_name$request_uri; }<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>无论是转发请求还是重定向,都使用了以$符号开头的变量,这些都是Nginx提供的全局变量。它们的具体含义如下所示:</p><pre class="line-numbers language-none"><code class="language-none">$args, 请求中的参数;$content_length, HTTP请求信息里的"Content-Length";$content_type, 请求信息里的"Content-Type";$document_root, 针对当前请求的根路径设置值;$document_uri, 与$uri相同;$host, 请求信息中的"Host",如果请求中没有Host行,则等于设置的服务器名;$limit_rate, 对连接速率的限制;$request_method, 请求的方法,比如"GET"、"POST"等;$remote_addr, 客户端地址;$remote_port, 客户端端口号;$remote_user, 客户端用户名,认证用;$request_filename, 当前请求的文件路径名$request_body_file,当前请求的文件$request_uri, 请求的URI,带查询字符串;$query_string, 与$args相同;$scheme, 所用的协议,比如http或者是https,比如rewrite ^(.+)$ $scheme://example.com$1 redirect;$server_protocol, 请求的协议版本,"HTTP/1.0"或"HTTP/1.1";$server_addr, 服务器地址;$server_name, 请求到达的服务器名;$server_port, 请求到达的服务器端口号;$uri, 请求的URI,可能和最初的值有不同,比如经过重定向之类的。<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="反向代理配置"><a href="#反向代理配置" class="headerlink" title="反向代理配置"></a>反向代理配置</h3><pre class="line-numbers language-none"><code class="language-none">location / { proxy_pass http://localhost:8888; # 指定转发到的地址 proxy_set_header X-real-ip $remote_addr; proxy_set_header Host $http_host;}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="文件下载服务器"><a href="#文件下载服务器" class="headerlink" title="文件下载服务器"></a>文件下载服务器</h3><pre class="line-numbers language-none"><code class="language-none">server { listen 80 default_server; listen [::]:80 default_server; server_name _; location /download { # 下载文件所在目录 root /usr/share/nginx/html; # 开启索引功能 autoindex on; # 关闭计算文件确切大小(单位bytes),只显示大概大小(单位kb、mb、gb) autoindex_exact_size off; #显示本机时间而非 GMT 时间 autoindex_localtime on; # 对于txt和jpg文件,强制以附件形式下载,不要浏览器直接打开 if ($request_filename ~* ^.*?\.(txt|jpg|png)$) { add_header Content-Disposition 'attachment'; } } }<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="upstream:进行负载均衡的配置"><a href="#upstream:进行负载均衡的配置" class="headerlink" title="upstream:进行负载均衡的配置"></a>upstream:进行负载均衡的配置</h2><h3 id="轮循"><a href="#轮循" class="headerlink" title="轮循"></a>轮循</h3><pre class="line-numbers language-none"><code class="language-none"># 轮询,大家权重一样 upstream backend_server { server 192.168.0.1:8000; server 192.168.0.2:8000 max_fails=3 fail_timeout=20s; # max_fails:表示失败最大次数,超过失败最大次数暂停服务 # fail_timeout:表示如果请求受理失败,暂停指定的时间之后重新发起请求 server 192.168.0.3:8000 down; # 不参与负载均衡 server 192.168.0.4:8001 backup; # 热备 } server { listen 80; server_name big.server.com; access_log logs/big.server.access.log main; charset utf-8; client_max_body_size 10M; # 限制用户上传文件大小,默认1M location / { # 使用proxy_pass转发请求到通过upstream定义的一组应用服务器 proxy_pass http://backend_server; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; }<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="权重"><a href="#权重" class="headerlink" title="权重"></a>权重</h3><p>通过weight指定轮询几率,访问比率与weight成正比,常用于后端服务器性能不均的情况。不怎么忙的服务器可以多承担些任务。</p><pre class="line-numbers language-none"><code class="language-none"># 权重,weight越大,承担任务越多upstream backend_server { server 192.168.0.1:8000 weight=3; server 192.168.0.2:8000 weight=1;}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="ip-hash"><a href="#ip-hash" class="headerlink" title="ip_hash"></a>ip_hash</h3><p>每个请求按访问ip的hash结果分配,这样每个访客固定访问一个后端服务器,可以解决session的问题。</p><pre class="line-numbers language-none"><code class="language-none">upstream backend_server { ip_hash; server 192.168.0.1:8000; server 192.168.0.2:8000;}<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="url-hash"><a href="#url-hash" class="headerlink" title="url_hash"></a>url_hash</h3><p>按访问url的hash结果来分配请求,使每个url定向到同一个后端服务器,后端服务器为缓存时比较有效。</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># URL Hash</span>upstream backend_server <span class="token punctuation">{</span> <span class="token builtin class-name">hash</span> <span class="token variable">$request_uri</span><span class="token punctuation">;</span> server <span class="token number">192.168</span>.0.1:8000<span class="token punctuation">;</span> server <span class="token number">192.168</span>.0.2:8000<span class="token punctuation">;</span><span class="token punctuation">}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="fair-第三方"><a href="#fair-第三方" class="headerlink" title="fair(第三方)"></a>fair(第三方)</h3><p>按后端服务器的响应时间来分配请求,响应时间短的优先分配。使用这个算法需要安装nginx-upstream-fair这个库。</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># Fair</span>upstream backend_server <span class="token punctuation">{</span> server <span class="token number">192.168</span>.0.1:8000<span class="token punctuation">;</span> server <span class="token number">192.168</span>.0.2:8000<span class="token punctuation">;</span> fair<span class="token punctuation">;</span><span class="token punctuation">}</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre>]]></content>
<summary type="html"><h1 id="Nginx-conf配置文件"><a href="#Nginx-conf配置文件" class="headerlink" title="Nginx.conf配置文件"></a>Nginx.conf配置文件</h1><p>nginx使用最多的三个核心功能是反向代理,</summary>
<category term="Nginx" scheme="https://lunrry.github.io/categories/Nginx/"/>
<category term="Nginx" scheme="https://lunrry.github.io/tags/Nginx/"/>
<category term="网络" scheme="https://lunrry.github.io/tags/%E7%BD%91%E7%BB%9C/"/>
</entry>
<entry>
<title>计算机网络</title>
<link href="https://lunrry.github.io/posts/e255a10a/"/>
<id>https://lunrry.github.io/posts/e255a10a/</id>
<published>2023-07-05T03:34:48.000Z</published>
<updated>2023-09-25T08:18:44.568Z</updated>
<content type="html"><![CDATA[<h1 id="计算机网络"><a href="#计算机网络" class="headerlink" title="计算机网络"></a>计算机网络</h1><h2 id="网络层次划分"><a href="#网络层次划分" class="headerlink" title="网络层次划分"></a>网络层次划分</h2><p>除了标准的OSI七层模型以外(其中第四层完成数据传送服务,上面三层面向用户),常见的网络层次划分还有TCP/IP四层协议以及TCP/IP五层协议,它们之间的对应关系如下图所示:</p><p><img src="http://img.lunrry.top/202307050931570.jpeg" alt="img"></p><h2 id="OSI七层网络模型"><a href="#OSI七层网络模型" class="headerlink" title="OSI七层网络模型"></a>OSI七层网络模型</h2><p><img src="http://img.lunrry.top/202307050935459.gif" alt="计算机网络基础知识总结 _ 菜鸟教程"></p><h3 id="物理层"><a href="#物理层" class="headerlink" title="物理层"></a>物理层</h3><p>物理层确保原始的数据可在各种物理媒体上传输</p><p><strong>重要设备:</strong></p><ul><li>中继器(放大器)</li><li>集线器</li></ul><h3 id="数据链路层"><a href="#数据链路层" class="headerlink" title="数据链路层"></a>数据链路层</h3><p>将源自网络层来的数据可靠地传输到相邻节点的目标机网络层,<code>帧</code>是数据链路层的传输单位。</p><p>该层的作用包括:物理地址寻址、数据的成帧、流量控制、数据的检错、重发等。</p><p><strong>协议:</strong></p><ul><li>以太网协议</li></ul><p><strong>重要设备:</strong></p><ul><li>网桥</li><li>交换机</li></ul><h3 id="网络层"><a href="#网络层" class="headerlink" title="网络层"></a>网络层</h3><p><strong>作用:</strong>路径选择、路由及逻辑寻址,此外,网络层还可以实现拥塞控制、网际互连等功能</p><p>网络层中涉及众多的协议,其中包括最重要的协议,也是TCP/IP的核心协议——<code>IP协议</code></p><p> <strong>包含的主要协议:</strong></p><ul><li><p><strong>IP协议(Internet Protocol,因特网互联协议)</strong></p><ul><li>无连接数据报传输、数据报路由选择和差错控制</li></ul></li><li><p><strong>ICMP协议(Internet Control Message Protocol,因特网控制报文协议);</strong></p><ul><li>用于在IP<a href="https://baike.baidu.com/item/%E4%B8%BB%E6%9C%BA/455151?fromModule=lemma_inlink">主机</a>、<a href="https://baike.baidu.com/item/%E8%B7%AF%E7%94%B1%E5%99%A8/108294?fromModule=lemma_inlink">路由器</a>之间传递控制消息</li></ul></li><li><p><strong>ARP协议(Address Resolution Protocol,地址解析协议)</strong></p></li><li><p><strong>RARP协议(Reverse Address Resolution Protocol,逆地址解析协议)。</strong></p></li></ul><p><strong>重要设备:</strong></p><ul><li>路由器</li></ul><h3 id="传输层"><a href="#传输层" class="headerlink" title="传输层"></a>传输层</h3><p>传输层的任务是根据通信子网的特性,最佳的利用网络资源,为两个端系统的会话层之间,提供建立、维护和取消传输连接的功能,负责端到端的可靠数据传输。在这一层,信息传送的协议数据单元称为<code>段或报文</code>。</p><p> <strong>包含的主要协议:</strong></p><ul><li>TCP协议</li><li>UDP协议</li></ul><p><strong>重要设备:</strong></p><ul><li>网关</li></ul><h3 id="会话层"><a href="#会话层" class="headerlink" title="会话层"></a>会话层</h3><p>会话层管理主机之间的会话进程,即负责建立、管理、终止进程之间的会话。会话层还利用在数据中插入校验点来实现数据的同步。</p><h3 id="表示层"><a href="#表示层" class="headerlink" title="表示层"></a>表示层</h3><p>表示层对上层数据或信息进行变换以保证一个主机应用层信息可以被另一个主机的应用程序理解。表示层的数据转换包括数据的加密、压缩、格式转换等。</p><h3 id="应用层"><a href="#应用层" class="headerlink" title="应用层"></a>应用层</h3><p>为操作系统或网络应用程序提供访问网络服务的接口。</p><p>数据传输基本单位为<code>报文</code></p><p><strong>包含的主要协议:</strong></p><ul><li><strong>FTP(文件传送协议)</strong></li><li><strong>Telnet(远程登录协议)</strong></li><li><strong>DNS(域名解析协议)</strong></li><li><strong>SMTP(邮件传送协议)</strong></li><li><strong>POP3协议(邮局协议)</strong></li><li><strong>HTTP协议(Hyper Text Transfer Protocol)</strong></li></ul><h2 id="网址"><a href="#网址" class="headerlink" title="网址"></a>网址</h2><p>网址,也叫做域名,又称URL(统一资源定位符),是互联网用户用来标识主机的名字,该名字具有唯一性,层次性,字面意义可以表示主机的账号、功能、性质、所属的地区或组织,便于所有互联网用户记忆与使用。</p><p>URL示例如下:</p><p><img src="http://img.lunrry.top/202307051017524.jpeg" alt="img"></p><h2 id="DNS域名系统"><a href="#DNS域名系统" class="headerlink" title="DNS域名系统"></a>DNS域名系统</h2><p>DNS的域名树由根域,顶级域,二级域及其子域构成</p><h3 id="域名解析过程"><a href="#域名解析过程" class="headerlink" title="域名解析过程"></a>域名解析过程</h3><p>通过域名获取对应IP地址的过程叫做域名解析,参与域名解析过程最重要的单元就是域名服务器。</p><ul><li>根域名服务器只纪录其下级顶级域名服务器的域名及其IP地址,当低级域名服务器遇到无法解析的域名时,首先会向根域名服务器求助。</li><li>顶级域名服务器,级别同顶级域,用于纪录注册在该顶级域名服务器上的所有二级域名并提供DNS查询服务。</li><li>权限域名服务器,为一个区域的主机提供DNS查询服务,如果查询结果为空,则通知发起请求的DNS用户应到哪个权限域名服务器进一步查询。</li></ul><h2 id="例1"><a href="#例1" class="headerlink" title="例1"></a>例1</h2><p><strong>用户输入网址到获取IP地址的全过程</strong></p><ol><li>用户打开计算机,在浏览器中输入百度网址后计算机将向本地DNS服务器发起域名解析请求。本地DNS服务器通常由互联网服务提供商(ISP)提供,如三大运营商。</li><li>本地DNS服务器接收到用的DNS请求后,首先查询其自身缓存纪录中是否存在头条域名对应的IP地址,如果存在,则直接将该IP地址回传给用户计算机;否则,将进一步向根域名服务器发起求助。</li><li>由于根域名服务器只会纪录其下级的13个顶级域名服务器,而不会直接纪录域名与IP的映射关系,所以在接收到本地域名服务器的解析请求时,根域名服务器将告知本地服务器:“你所请求的域名由.com顶级域名服务器管理,其IP为xxx”。</li><li>本地DNS服务器进一步向.com顶级域名服务器发起域名解析请求,由于.com域名服务器也不会纪录域名与IP的映射关系,而是告知请求者去该域名所属的域服务器上查询,并给出其IP地址。</li><li>本地DNS服务器继续向域服务器发起头条域名解析请求,便会得到头条域名对应的IP地址,这时本地DNS服务器不仅会向用户计算机返回IP地址,同时在其自身缓存中增加头条域名与其IP的纪录,从而加快其他计算机获取头条域名对应IP的解析速度。</li></ol><h2 id="例2"><a href="#例2" class="headerlink" title="例2"></a>例2</h2><p>在浏览器中输<code>http://www.baidu.com/</code>后执行的全部过程</p><ol><li>客户端浏览器通过DNS解析到<a href="http://www.baidu.com的ip地址220.181.27.48,通过这个ip地址找到客户端到服务器的路径.客户端浏览器发起一个http会话到220.161.27.48,然后通过tcp进行封装数据包,输入到网络层./">www.baidu.com的IP地址220.181.27.48,通过这个IP地址找到客户端到服务器的路径。客户端浏览器发起一个HTTP会话到220.161.27.48,然后通过TCP进行封装数据包,输入到网络层。</a></li><li>在客户端的传输层,把HTTP会话请求分成报文段,添加源和目的端口,如服务器使用80端口监听客户端的请求,客户端由系统随机选择一个端口如5000,与服务器进行交换,服务器把相应的请求返回给客户端的5000端口。然后使用IP层的IP地址查找目的端。</li><li>客户端的网络层不用关心应用层或者传输层的东西,主要做的是通过查找路由表确定如何到达服务器,期间可能经过多个路由器,这些都是由路由器来完成的工作,不作过多的描述,无非就是通过查找路由表决定通过那个路径到达服务器。</li><li>客户端的链路层,包通过链路层发送到路由器,通过邻居协议查找给定IP地址的MAC地址,然后发送ARP请求查找目的地址,如果得到回应后就可以使用ARP的请求应答交换的IP数据包现在就可以传输了,然后发送IP数据包到达服务器的地址。</li></ol>]]></content>
<summary type="html"><h1 id="计算机网络"><a href="#计算机网络" class="headerlink" title="计算机网络"></a>计算机网络</h1><h2 id="网络层次划分"><a href="#网络层次划分" class="headerlink" title="网</summary>
<category term="网络" scheme="https://lunrry.github.io/categories/%E7%BD%91%E7%BB%9C/"/>
</entry>
<entry>
<title>Apache和Tomcat和Nginx的比较</title>
<link href="https://lunrry.github.io/posts/81c36908/"/>
<id>https://lunrry.github.io/posts/81c36908/</id>
<published>2023-07-05T01:24:18.000Z</published>
<updated>2023-09-25T08:18:44.561Z</updated>
<content type="html"><![CDATA[<h1 id="Apache和Tomcat和Nginx的比较"><a href="#Apache和Tomcat和Nginx的比较" class="headerlink" title="Apache和Tomcat和Nginx的比较"></a>Apache和Tomcat和Nginx的比较</h1><h3 id="Apache-与-Tomcat-比较"><a href="#Apache-与-Tomcat-比较" class="headerlink" title="Apache 与 Tomcat 比较"></a>Apache 与 Tomcat 比较</h3><p><strong>相同点:</strong></p><p>都是Apache组织开发的,都有HTTP服务的功能,两者都是开源、免费的。</p><p><strong>不同点:</strong></p><ul><li>Apache是专门用了提供HTTP服务的,以及相关配置的(例如虚拟主机、URL转发等等),而Tomcat是Apache组织在符合Java EE的JSP、Servlet标准下开发的一个JSP服务器</li><li>Apache是一个Web服务器环境程序,启用他可以作为Web服务器使用,不过只支持静态网页如ASP、PHP,Freemarker,你要搞java服务端用到动态语言比如jsp,就需要Tomcat这个解释器,用来解析jsp,Apache是不能解析的。</li><li>Apache 侧重于HTTP Server,Tomcat 侧重于Servlet容器,支持JSP,但对静态网页不太理想,也就是说Apache和Tomcat这个2个服务器,==Apache对静态文件处理能力强于Tomcat,Tomcat实用于解析动态语言(jsp),我们可以用Apache处理静文件,用Tomcat处理动态文件。==</li><li>Apache是Web服务器,Tomcat是应用(Java)服务器,可以认为是Apache的扩展,但是可以独立于Apache运行</li></ul><h3 id="Nginx-与-Apache-比较"><a href="#Nginx-与-Apache-比较" class="headerlink" title="Nginx 与 Apache 比较"></a>Nginx 与 Apache 比较</h3><p><strong>Nginx 优点</strong></p><ul><li><p>轻量级,同样是web 服务,比apache占用更少的内存及资源 。</p></li><li><p>抗并发,nginx 处理请求是==异步非阻塞的,多个连接(万级别)可以对应一个进程==,而apache 则是==同步阻塞型的,同步多进程模型,一个连接对应一个进程==</p></li><li><p>高度模块化的设计,编写模块相对简单。</p></li><li><p>提供==负载均衡==</p></li><li><p>配置简洁</p></li><li><p>Nginx 静态处理性能比 Apache 高 3倍以上</p></li><li><p>nginx只适合静态和反向代理</p></li></ul><p><strong>反向代理</strong></p><blockquote><p>反向代理(Reverse Proxy)方式是指以代理服务器来接受internet上的连接请求,然后将请求转发给内部网络上的服务器处理,其本身并不做处理,并将从服务器上得到的结果返回给internet上请求连接的客户端,此时代理服务器对外就表现为一个web服务器,实际只做了转发,没有做处理。</p></blockquote><p><strong>Apache 优点</strong></p><ul><li>apache的 rewrite 比nginx 的强大。</li><li>支持动态页面。</li><li>支持的模块多,基本涵盖所有应用。</li><li>性能稳定。</li><li>Apache 对 PHP 支持比较简单。</li><li>相比nginx,动态请求由apache去做比较好。</li></ul><h3 id="Nginx-与-Tomcat-比较"><a href="#Nginx-与-Tomcat-比较" class="headerlink" title="Nginx 与 Tomcat 比较"></a>Nginx 与 Tomcat 比较</h3><p>Nginx一般处理静态处理能力很强,但是不能解析动态语言比如(jsp)。</p><p>需要Tomcat进行解释jsp,所以动态处理一般使用Tomcat,静态处理使用Nginx。</p><p>Nginx+Tomcat组合使用,Nginx起到反向代理的作用,如果是静态处理通过Nginx处理,动态请求才到后台Tomcat进行处理,这也就是Nginx的==动态分离机制==。</p>]]></content>
<summary type="html"><h1 id="Apache和Tomcat和Nginx的比较"><a href="#Apache和Tomcat和Nginx的比较" class="headerlink" title="Apache和Tomcat和Nginx的比较"></a>Apache和Tomcat和Nginx的</summary>
<category term="Nginx" scheme="https://lunrry.github.io/categories/Nginx/"/>
<category term="Nginx" scheme="https://lunrry.github.io/tags/Nginx/"/>
<category term="Tomcat" scheme="https://lunrry.github.io/tags/Tomcat/"/>
<category term="Apache" scheme="https://lunrry.github.io/tags/Apache/"/>
</entry>
<entry>
<title>Linux防火墙操作</title>
<link href="https://lunrry.github.io/posts/83b39de6/"/>
<id>https://lunrry.github.io/posts/83b39de6/</id>
<published>2023-07-04T08:27:18.000Z</published>
<updated>2023-09-25T08:18:44.563Z</updated>
<content type="html"><![CDATA[<h1 id="Linux防火墙操作"><a href="#Linux防火墙操作" class="headerlink" title="Linux防火墙操作"></a>Linux防火墙操作</h1><p><a href="https://bajie.dev/posts/20221024-iptables/">Iptables的基本用法</a></p><h2 id="防火墙命令"><a href="#防火墙命令" class="headerlink" title="防火墙命令"></a>防火墙命令</h2><table><thead><tr><th>作用</th><th>命令</th></tr></thead><tbody><tr><td>查看防火墙状态</td><td>systemctl status firewalld.service<br/>systemctl status firewalld</td></tr><tr><td>开启防火墙</td><td>systemctl start firewalld.service<br/>systemctl start firewalld</td></tr><tr><td>关闭防火墙</td><td>systemctl stop firewalld.service<br/>systemctl stop firewalld</td></tr><tr><td>防火墙开机自启</td><td>systemctl enable firewalld.service</td></tr><tr><td>禁止防火墙开机自启</td><td>systemctl disable firewalld.service</td></tr><tr><td>重启防火墙</td><td>firewall-cmd –reload<br/>systemctl restart firewalld</td></tr></tbody></table><h2 id="端口操作命令"><a href="#端口操作命令" class="headerlink" title="端口操作命令"></a>端口操作命令</h2><table><thead><tr><th>作用</th><th>命令</th></tr></thead><tbody><tr><td>查询已开放端口</td><td>firewall-cmd –list-port</td></tr><tr><td>查询某个端口是否开放</td><td>firewall-cmd –query-port=80/tcp</td></tr><tr><td>开启端口</td><td>firewall-cmd –zone=public –add-port=80/tcp –permanent<br/>注:可以是一个端口范围,如1000-2000/tcp</td></tr><tr><td>移除端口</td><td>firewall-cmd –zone=public –remove-port=80/tcp –permanent</td></tr><tr><td></td><td>–zone #作用域<br/>–add-port=80/tcp #添加端口,格式为:端口/通讯协议<br/>–remove-port=80/tcp #移除端口,格式为:端口/通讯协议<br/>–permanent #永久生效,没有此参数重启后失效</td></tr></tbody></table><h2 id="区域操作命令"><a href="#区域操作命令" class="headerlink" title="区域操作命令"></a>区域操作命令</h2><ul><li><p>显示当前系统中的默认区域</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --get-default-zone<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre></li><li><p>设置网络连接或接口的默认区域</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --set-default-zone<span class="token operator">=</span>work<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre></li><li><p>显示默认区域的所有规则</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># firewall-cmd --list-all</span>public <span class="token punctuation">(</span>active<span class="token punctuation">)</span> target: default icmp-block-inversion: no interfaces: ens33 sources: services: dhcpv6-client <span class="token function">ssh</span> ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre></li><li><p>显示已激活的域</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># firewall-cmd --get-active-zones</span><span class="token function">docker</span> interfaces: br-a340711930cb docker0public interfaces: ens33<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span></span></code></pre></li></ul><h2 id="服务操作命令"><a href="#服务操作命令" class="headerlink" title="服务操作命令"></a>服务操作命令</h2><ul><li><p>显示指定区域区域内允许访问的所有服务</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token punctuation">[</span>root@master ~<span class="token punctuation">]</span><span class="token comment"># firewall-cmd --zone=work --list-services </span>dhcpv6-client <span class="token function">ssh</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre></li><li><p>为指定区域设置允许访问的某项服务</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--zone</span><span class="token operator">=</span>work --add-service<span class="token operator">=</span>http<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre></li><li><p>删除指定区域已设置的允许访问的某项服务</p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--zone</span><span class="token operator">=</span>work --remove-service<span class="token operator">=</span>http<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre></li></ul><h2 id="rich规则配置"><a href="#rich规则配置" class="headerlink" title="rich规则配置"></a>rich规则配置</h2><h3 id="防火墙使用区域管理"><a href="#防火墙使用区域管理" class="headerlink" title="防火墙使用区域管理"></a>防火墙使用区域管理</h3><pre class="line-numbers language-none"><code class="language-none">阻塞区域(block):任何传入的网络数据包都将被阻止。工作区域(work):相信网络上的其他计算机,不会损害你的计算机。家庭区域(home):相信网络上的其他计算机,不会损害你的计算机。公共区域(public):不相信网络上的任何计算机,只有选择接受传入的网络连接。隔离区域(DMZ):隔离区域也称为非军事区域,内外网络之间增加的一层网络,起到缓冲作用。对于隔离区域,只有选择接受传入的网络连接。信任区域(trusted):所有的网络连接都可以接受。丢弃区域(drop):任何传入的网络连接都被拒绝。内部区域(internal):信任网络上的其他计算机,不会损害你的计算机。只有选择接受传入的网络连接。外部区域(external):不相信网络上的其他计算机,不会损害你的计算机。只有选择接受传入的网络连接。 注:Firewalld的默认区域是public。firewalld默认提供了九个zone配置文件:block.xml、dmz.xml、drop.xml、external.xml、 home.xml、internal.xml、public.xml、trusted.xml、work.xml,他们都保存在“/usr/lib /firewalld/zones/”目录下。<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="查看当前区域"><a href="#查看当前区域" class="headerlink" title="查看当前区域"></a>查看当前区域</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --get-default-zone<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="设置当前区域"><a href="#设置当前区域" class="headerlink" title="设置当前区域"></a>设置当前区域</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --set-default-zone<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="创建区域"><a href="#创建区域" class="headerlink" title="创建区域"></a>创建区域</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --new-zone<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="内部端口转发"><a href="#内部端口转发" class="headerlink" title="内部端口转发"></a>内部端口转发</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd -- add-rich-rule<span class="token operator">=</span><span class="token string">'rule family=ipv4 forward-port port=2222 protocol=tcp to-port=22 '</span> <span class="token parameter variable">--permanent</span> <span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="例"><a href="#例" class="headerlink" title="例"></a>例</h3><p>限制仅允许指定IP访问3306端口</p><ol><li>删除原有的3306端口访问规则</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--permanent</span> --remove-port<span class="token operator">=</span><span class="token number">3306</span>/tcp<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="2"><li>添加规则</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--permanent</span> --add-rich-rule<span class="token operator">=</span><span class="token string">"rule family="</span>ipv4<span class="token string">" source address="</span> <span class="token number">192.168</span>.0.90<span class="token string">" port protocol="</span>tcp<span class="token string">" port="</span><span class="token number">3306</span><span class="token string">" accept"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="3"><li>生效规则</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--reload</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="4"><li>查看规则</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd --list-all<span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><ol start="5"><li>删除规则</li></ol><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--permanent</span> --remove-rich-rule<span class="token operator">=</span><span class="token string">"rule family="</span>ipv4<span class="token string">" source address="</span> <span class="token number">192.168</span>.0.90<span class="token string">" port protocol="</span>tcp<span class="token string">" port="</span><span class="token number">3306</span><span class="token string">" accept"</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre><h3 id="IP段开放"><a href="#IP段开放" class="headerlink" title="IP段开放"></a>IP段开放</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># 新建永久规则,开放192.168.1.1单个源IP的访问</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-source<span class="token operator">=</span><span class="token number">192.168</span>.1.1<span class="token comment"># 新建永久规则,开放192.168.1.0/24整个源IP段的访问</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-source<span class="token operator">=</span><span class="token number">192.168</span>.1.0/24<span class="token comment"># 移除上述规则</span>firewall-cmd <span class="token parameter variable">--permanent</span> --remove-source<span class="token operator">=</span><span class="token number">192.168</span>.1.1<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="系统服务的开放"><a href="#系统服务的开放" class="headerlink" title="系统服务的开放"></a>系统服务的开放</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># 开放http服务</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-service<span class="token operator">=</span>http<span class="token comment"># 移除上述规则</span>firewall-cmd <span class="token parameter variable">--permanent</span> --remove-service<span class="token operator">=</span>http<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><h3 id="自定义复杂规则(注意是否与已有规则冲突)"><a href="#自定义复杂规则(注意是否与已有规则冲突)" class="headerlink" title="自定义复杂规则(注意是否与已有规则冲突)"></a>自定义复杂规则(注意是否与已有规则冲突)</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token comment"># 允许指定IP访问本机8080端口</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-rich-rule<span class="token operator">=</span><span class="token string">'rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="8080" accept'</span><span class="token comment"># 允许指定IP段访问本机8080-8090端口</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-rich-rule<span class="token operator">=</span><span class="token string">'rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="8080-8090" accept'</span><span class="token comment"># 禁止指定IP访问本机8080端口</span>firewall-cmd <span class="token parameter variable">--permanent</span> --add-rich-rule<span class="token operator">=</span><span class="token string">'rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="8080" reject'</span><span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h3 id="重载防火墙"><a href="#重载防火墙" class="headerlink" title="重载防火墙"></a>重载防火墙</h3><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash">firewall-cmd <span class="token parameter variable">--reload</span><span aria-hidden="true" class="line-numbers-rows"><span></span></span></code></pre>]]></content>
<summary type="html"><h1 id="Linux防火墙操作"><a href="#Linux防火墙操作" class="headerlink" title="Linux防火墙操作"></a>Linux防火墙操作</h1><p><a href="https://bajie.dev/posts/20221</summary>
<category term="Linux" scheme="https://lunrry.github.io/categories/Linux/"/>
<category term="Linux" scheme="https://lunrry.github.io/tags/Linux/"/>
<category term="防火墙" scheme="https://lunrry.github.io/tags/%E9%98%B2%E7%81%AB%E5%A2%99/"/>
</entry>
<entry>
<title>Linux学习笔记</title>
<link href="https://lunrry.github.io/posts/b30ceb9f/"/>
<id>https://lunrry.github.io/posts/b30ceb9f/</id>
<published>2023-06-15T07:54:54.000Z</published>
<updated>2023-06-19T01:40:29.000Z</updated>
<content type="html"><![CDATA[<h1 id="网络"><a href="#网络" class="headerlink" title="网络"></a>网络</h1><p>常用命令</p><table><thead><tr><th>基础命令</th><th>参数</th><th>作用</th></tr></thead><tbody><tr><td>ifconfig</td><td></td><td>显示或设置网络设备</td></tr><tr><td>netstat</td><td>-t:列出TCP协议端口<br>-u:列出UDP协议端口<br>-n:不使用域名与服务名,而使用IP地址和端口号<br>-l:仅列出在监听状态网络服务<br>-a:列出所有的网络连接<br>netstat -rn<br>-r:列出路由列表,功能与route命令一致</td><td>查询网络状态</td></tr><tr><td>route</td><td>-n</td><td>查看路由列表(可以看到网关)</td></tr><tr><td>telnet [域名或ip] [端口]</td><td></td><td>远程管理与端口探测命令</td></tr></tbody></table><h2 id="网络配置文件"><a href="#网络配置文件" class="headerlink" title="网络配置文件"></a>网络配置文件</h2><p>网卡信息文件<br><code>vim /etc/sysconfig/network-scripts/ifcfg-eth0</code></p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token assign-left variable">DEVICE</span><span class="token operator">=</span>eth0 网卡设备名<span class="token assign-left variable">BOOTPROTO</span><span class="token operator">=</span>none 是否自动获取IP<span class="token punctuation">(</span>none,static,dhcp<span class="token punctuation">)</span><span class="token assign-left variable">HWADDR</span><span class="token operator">=</span>00:0c:29:17:c4:09 MAC地址<span class="token assign-left variable">NM_CONTROLLED</span><span class="token operator">=</span>yes 是否可以由Network Manager图形管理工具托管<span class="token assign-left variable">ONBOOT</span><span class="token operator">=</span>yes 是否随网络服务启动,eth0生效<span class="token assign-left variable">TYPE</span><span class="token operator">=</span>Ethernet 类型为以太网<span class="token assign-left variable">UUID</span><span class="token operator">=</span>“” 唯一识别码<span class="token assign-left variable">IPADDR</span><span class="token operator">=</span><span class="token number">192.168</span>.0.252 IP地址<span class="token assign-left variable">NETMASK</span><span class="token operator">=</span><span class="token number">255.255</span>.255.0 子网掩码<span class="token assign-left variable">GATEWAY</span><span class="token operator">=</span><span class="token number">192.168</span>.0.1 网关<span class="token assign-left variable">DNS1</span><span class="token operator">=</span><span class="token number">202.106</span>.0.20 DNS<span class="token assign-left variable">IPV6INIT</span><span class="token operator">=</span>no IPv6没有启用<span class="token assign-left variable">USERCTL</span><span class="token operator">=</span>no 不允许非root用户控制此网卡<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>主机名文件<br><code>vim /etc/sysconfig/network</code></p><pre class="line-numbers language-bash" data-language="bash"><code class="language-bash"><span class="token function">hostname</span> <span class="token punctuation">[</span>主机名<span class="token punctuation">]</span>查看与临时设置主机名<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span></span></code></pre><h1 id="用户及权限"><a href="#用户及权限" class="headerlink" title="用户及权限"></a>用户及权限</h1><h2 id="用户配置文件"><a href="#用户配置文件" class="headerlink" title="用户配置文件"></a>用户配置文件</h2><p><code>/etc/passwd</code><br>passwd配置文件分为七个字段:</p><ul><li><p>第一个字段:用户名称</p></li><li><p>第二个字段:密码标志 x代表用户有密码,真正的密码放在/etc/shadow里,它里面进行了SHA512加密,如果没有x,代表没有密码,只能进行本地登陆,远程登陆会被禁止,SHA协议禁止</p></li><li><p>第三个字段:UID(用户ID)</p></li></ul><blockquote><p>0:超级用户<br>1-499:系统用户(伪用户)<br>500-65535:普通用户</p></blockquote><ul><li>第四个字段:GID(用户初始组ID)</li></ul><blockquote><p>初始组:就是指用户一登陆就立刻拥有这个用户组的相关权限,每个用户的初始组只能有一个,一般就是和这个用户的用户名相同的组名作为这个用户的初始组<br>附加组:指用户可以加入多个其他的用户组,并拥有这些组的权限,附加组可以有多个</p></blockquote><ul><li><p>第五个字段:用户说明</p></li><li><p>第六个字段:家目录</p></li></ul><blockquote><p>普通用户:/home/用户名/<br>超级用户:/root/</p></blockquote><ul><li>第七个字段:登陆之后的Shell<br>Shell就是Linux的命令解释器<br>在/etc/passwd当中,除了标准Shell是/bin/bash之外。还可以写如/sbin/nologin,普通用户全为/sbin/nologin<br>==/bin/bash为可以登陆,/sbin/nologin为禁止登陆,修改之后便可以禁止普通用户登陆==</li></ul><h2 id="组文件信息"><a href="#组文件信息" class="headerlink" title="组文件信息"></a>组文件信息</h2><p><code>/etc/group</code><br>组文件信息配置文件分为个字段:</p><ul><li>第一个字段:组名</li><li>第二个字段:组密码标志</li><li>第三个字段:GID</li><li>第四个字段:组中附加用户</li></ul><h2 id="用户的管理"><a href="#用户的管理" class="headerlink" title="用户的管理"></a>用户的管理</h2><h3 id="添加用户"><a href="#添加用户" class="headerlink" title="添加用户"></a>添加用户</h3><p>useradd [选项] 用户名</p><ul><li>-u UID:手工指定用户的UID号</li><li>-d 家目录:手工指定用户的家目录</li><li>-c 用户说明:手工指定用户的说明</li><li>-g 组名:手工指定用户的初始组</li><li>-G 组名:手工指定用户的附加组</li><li>-s shell:手工指定用户的登陆shell。默认是/bin/bash</li></ul><h3 id="修改用户密码"><a href="#修改用户密码" class="headerlink" title="修改用户密码"></a>修改用户密码</h3><p>passwd [选项] 用户名</p><ul><li>-S 查询用户密码的密码状态。仅root用户可以</li><li>-l 暂时锁定用户/仅root用户可用</li><li>-u 解锁用户。仅root用户可用</li><li>-stdin 可以通过管道符(|)输出的数据作为用户的密码<br>例子:echo“123” | passwd —stdin [用户名 ]</li></ul><h3 id="修改用户信息"><a href="#修改用户信息" class="headerlink" title="修改用户信息"></a>修改用户信息</h3><p>usermod [选项] 用户名</p><ul><li>-u UID:修改用户的UID号</li><li>-c 用户说明:修改用户的说明信息</li><li>-G 组名:修改用户的附加组</li><li>-L:临时锁定用户(Lock)</li><li>-U:解锁用户锁定(Unlock)</li></ul><h3 id="删除用户"><a href="#删除用户" class="headerlink" title="删除用户"></a>删除用户</h3><p>userdel [-r] 用户名</p><ul><li>-r:删除用户的同时删除用户家目录<br>Id 用户名 查看用户ID,UID,GID</li></ul><h2 id="权限管理"><a href="#权限管理" class="headerlink" title="权限管理"></a>权限管理</h2><h1 id="日志"><a href="#日志" class="headerlink" title="日志"></a>日志</h1><h1 id="服务"><a href="#服务" class="headerlink" title="服务"></a>服务</h1><h1 id="内存"><a href="#内存" class="headerlink" title="内存"></a>内存</h1><h1 id="进程"><a href="#进程" class="headerlink" title="进程"></a>进程</h1><h2 id="进程查看"><a href="#进程查看" class="headerlink" title="进程查看"></a>进程查看</h2><ul><li>进程是正在执行的一个程序或命令,每一个进程都是一个运行的实体,都有自己的地址空间,并占用一定的系统资源。</li><li>进程管理的作用<ul><li>判断服务器健康状态</li><li>查看系统中所有进程</li><li>杀死进程</li></ul></li><li>查看系统中所有进程<ul><li>ps aux<br>查看系统中所有进程,使用BSD操作系统格式</li><li>ps -le<br>查看系统中所有进程,使用Linux标准命令格式</li></ul></li></ul><table><thead><tr><th>ps aux 输出信息</th><th>含义</th></tr></thead><tbody><tr><td>USER</td><td>该进程是由哪个用户产生的</td></tr><tr><td>PID</td><td>进程ID号</td></tr><tr><td>%CPU</td><td>该进程占用CPU资源的百分比,占用越高,进程 越耗费资源</td></tr><tr><td>%MEM</td><td>该进程占用物理内存的百分比,占用越高,进程 越耗费资源</td></tr><tr><td>VSZ</td><td>该进程占用虚拟内存的大小,单位KB</td></tr><tr><td>RSS</td><td>该进程占用实际物理内存的大小,单位KB</td></tr><tr><td>TTY</td><td>该进程是在哪个终端中运行的。其中tty1-tty7代表 本地控制台终端,tty1-tty6是本地的字符界面终端,tty7是图形终端。pts/0-255代表虚拟终端</td></tr><tr><td>STAT</td><td>进程状态。常见的状态有:R:运行、S:睡眠 、T:停止状态、s:包含子进程、+:位于后台</td></tr><tr><td>START</td><td>该进程的启动时间</td></tr><tr><td>TIME</td><td>该进程占用CPU的运算时间,注意不是系统时间</td></tr><tr><td>COMMAND</td><td>产生此进程的命令名</td></tr></tbody></table><ul><li>查看系统健康状态</li></ul><table><thead><tr><th>命令</th><th>参数</th></tr></thead><tbody><tr><td>top [选项]</td><td>-d 秒数: 指定top命令每隔几秒更新。默认是3秒 在top命令的交互模式当中可以执行的命令</br>?或h: 显示交互模式的帮助</br>P: 以CPU使用率排序,默认就是此项</br>M: 以内存的使用率排序</br>N: 以PID排序</br>q: 退出top</td></tr></tbody></table><h2 id="进程管理"><a href="#进程管理" class="headerlink" title="进程管理"></a>进程管理</h2><h3 id="杀死进程"><a href="#杀死进程" class="headerlink" title="杀死进程"></a>杀死进程</h3><p><code>kill [信号代号] PID</code><br>常用进程信号表<br><img src="http://img.lunrry.top/202307041103922.png" alt="image-1686909063274"></p><h3 id="工作管理"><a href="#工作管理" class="headerlink" title="工作管理"></a>工作管理</h3><h4 id="进程放入后台"><a href="#进程放入后台" class="headerlink" title="进程放入后台"></a>进程放入后台</h4><ul><li>命令后面加&<ul><li>tar -zcf etc.tar.gz /etc & (后台运行)<br>但是像top,vim和用户交互的命令放在后台自动停止,不再运行</li><li>运行界面按按ctrl+z<br>在top命令执行的过程中,按ctrl+z快捷键放入后台(后台暂停)</li></ul></li></ul><h4 id="查看后台工作"><a href="#查看后台工作" class="headerlink" title="查看后台工作"></a>查看后台工作</h4><h1 id="磁盘"><a href="#磁盘" class="headerlink" title="磁盘"></a>磁盘</h1><h2 id="主分区、扩展分区、逻辑分区"><a href="#主分区、扩展分区、逻辑分区" class="headerlink" title="主分区、扩展分区、逻辑分区"></a>主分区、扩展分区、逻辑分区</h2><p><img src="http://img.lunrry.top/202307041103516.png" alt="image-1686877894050"></p><ul><li>主分区又叫做引导分区,是用来安装操作系统的区域,最多只能创建四个。为了打破只能创建四个分区的限制,出现了可以创建无数个区域的逻辑分区,所有的逻辑分区总和称为扩展分区,当然也可以在逻辑分区上安装操作系统。我们假定扩展分区为字母X,用一个公式来总结它们之间的关系:硬盘的容量=主分区的容量+扩展分区的容量(硬盘=C盘+X)。扩展分区的容量=各个逻辑分区的容量之和(X=D盘+E盘+F盘)</li></ul><h2 id="文件系统"><a href="#文件系统" class="headerlink" title="文件系统"></a>文件系统</h2><table><thead><tr><th>命令</th><th>参数</th><th>作用</th></tr></thead><tbody><tr><td>df [选项] [挂载点]</td><td>-a 显示所有的文件系统信息,包括特殊文件系统,如 /proc、/sysfs<br>-h 使用习惯单位显示容量,如KB,MB或GB等<br>-T 显示文件系统类型<br>-m 以MB为单位显示容量<br>-k 以KB为单位显示容量。默认就是以KB为单位</td><td>文件系统查看命令</td></tr><tr><td>du [选项] [目录或文件名]</td><td>-a 显示每个子文件的磁盘占用量。默认只统计 子目录的磁盘占用量<br>-h 使用习惯单位显示磁盘占用量,如KB,MB 或GB等<br>-s 统计总占用量,而不列出子目录和子文件的 占用量</td><td>统计目录或文件大小</td></tr><tr><td>mount</td><td>-l 查询系统中已经挂载的设备并会显示卷标名称<br>–a 依据配置文件/etc/fstab的内容,自动挂载</td><td>查询系统中已经挂载的设备</td></tr><tr><td>mount [-t 文件系统] [-L 卷标名] [-o 特殊选项] 设备文件名 挂载点</td><td>-t 文件系统:加入文件系统类型来指定挂载的类型,如果文件系统是硬盘,分区就写ext3、ext4 ,如果是光盘,就写iso9660<br>-L 卷标名: 挂载指定卷标的分区,而不是安装设备文件名挂载<br>-o 特殊选项:可以指定挂载的额外选项</td><td></td></tr></tbody></table><h2 id="磁盘分区"><a href="#磁盘分区" class="headerlink" title="磁盘分区"></a>磁盘分区</h2><ol><li>查看磁盘现有分区 ==fdisk -l==</li><li>假设需要对<code>/dev/sda</code>进行分区</li><li>用命令 <code>fdisk /dev/sda</code> 进入分区操作,输入==p== ,查看当前分区表,此时没有分区</li><li>输入 ==n== ,新建一个分区;再输入 ==p== ,选择分区类型为主分区(如果想添加扩展分区,就按e);然后输入 ==1== ,选择分区号(这里注意一下,加上扩展分区,主分区只能有四个,所以只能选择1-4,一般按顺序输入分区号</li><li>然后会提示输入第一个扇区,这里直接回车默认2048就好;接着会让你输入第一个分区的大小,这里是加了200G,输入<code>+200G</code>(不要忘记+号);分区大小选择好后,会包含一个签名,询问是否要移除该签名,如果不移除的话,此时的分区格式就是ntfs,这里我们需要ntfs格式的分区,所以不移除,输入 ==N==</li><li>创建之后我们用 ==p== 命令查看一下磁盘分区,可以看到已经有一个sda1分区了</li><li>输入==w==保存退出</li></ol><h1 id="shell编码"><a href="#shell编码" class="headerlink" title="shell编码"></a>shell编码</h1><h2 id="shell是什么"><a href="#shell是什么" class="headerlink" title="shell是什么"></a>shell是什么</h2><ul><li>Shell是一个命令行解释器,它为用户提供 了一个向Linux内核发送请求以便运行程 序的界面系统级程序,用户可以用Shell来 启动、挂起、停止甚至是编写一些程序。</li><li>Shell还是一个功能相当强大的编程语言, 易编写,易调试,灵活性较强。Shell是解 释执行的脚本语言,在Shell中可以直接调 用Linux系统命令。</li></ul><h2 id="Shell的分类"><a href="#Shell的分类" class="headerlink" title="Shell的分类"></a>Shell的分类</h2><ul><li><p>Bourne Shell:从1979起Unix就开始使用 Bourne Shell,Bourne Shell的主文件名为 sh。</p></li><li><p>C Shell: C Shell主要在BSD版的Unix系 统中使用,其语法和C语言相类似而得名</p></li></ul><blockquote><p>Shell的两种主要语法类型有Bourne和C, 这两种语法彼此不兼容。Bourne家族主要 包括sh、ksh、Bash、psh、zsh;C家族主 要包括:csh、tcsh</p></blockquote><blockquote><p>Bash: Bash与sh兼容,现在使用的Linux 就是使用Bash作为用户的基本Shell。</p></blockquote><h2 id="Shell脚本的执行方式"><a href="#Shell脚本的执行方式" class="headerlink" title="Shell脚本的执行方式"></a>Shell脚本的执行方式</h2><table><thead><tr><th>echo [选项] [输出内容]</th><th>-e: 支持反斜线控制的字符转换</th></tr></thead><tbody><tr><td>控制字符</td><td>作用</td></tr><tr><td>\</td><td>输出\本身</td></tr><tr><td>\a</td><td>输出警告音</td></tr><tr><td>\b</td><td>退格键,也就是向左删除键</td></tr><tr><td>\c</td><td>取消输出行末的换行符。和“-n”选项一致</td></tr><tr><td>\e</td><td>ESCAPE键</td></tr><tr><td>\f</td><td>换页符</td></tr><tr><td>\n</td><td>换行符</td></tr><tr><td>\r</td><td>回车键</td></tr><tr><td>\t</td><td>制表符,也就是Tab键</td></tr><tr><td>\v</td><td>垂直制表符</td></tr><tr><td>\0nnn</td><td>按照八进制ASCII码表输出字符。其中0为数字零,nnn是三位八进制数</td></tr><tr><td>\xhh</td><td>按照十六进制ASCII码表输出字符。其中hh是两位十六进制数</td></tr></tbody></table><p>特殊的:<br><code>echo -e "\e[1;31m abcd \e[0m"</code><br>输出:<font color="#dd0000">abcd</font><br></p><p>\e[1 表示开启颜色区别<br>\e[0m 表示结束颜色区别<br>31m表示红色 还有其他:<br>30m=黑色,31m=红色,32m=绿色,33m=黄色,34m=蓝色,35m=洋红,36m=青色,37m=白色</p><h2 id="shell脚本的执行"><a href="#shell脚本的执行" class="headerlink" title="shell脚本的执行"></a>shell脚本的执行</h2><p><code>hello.sh</code></p><pre class="line-numbers language-none"><code class="language-none">#!/bin/Bash#The first programecho -e 'Hello World!'<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span></span></code></pre><p>在上面脚本中:<code>#!/bin/Bash</code>是一个标识,表示以下语句是shell脚本,<code>Hello World!</code>在Linux的Shell中,感叹号(!)有特殊的含义。当感叹号后面紧跟一个字符时,Shell会将其解释为历史命令替换。<br>要在输出中包含感叹号字符,可以使用以下两种方式之一:</p><ul><li>使用单引号来定义字符串,因为在单引号中,Shell不会进行任何替换操作,所以感叹号会被直接输出</li><li>使用反斜杠(\)来转义感叹号字符,告诉Shell将其作为普通字符处理</li></ul><table><tr><td bgcolor=#dd0000>注意</td></tr></table><ul><li>如果从Windows里面拷贝一个脚本到Linux,虽然有的时候格式一样但是还是会报错,这是因为两个系统中脚本的格式不同</li><li>Windows中的回车在脚本中用^M$表示,而Linux中为$,(可以用cat -A [文件名] 来查询)所以需要转变,此时用到一个命令:dos2unix [文件名]</li><li>转换后,Linux就可以执行了,如果没有这个命令可以使用yum安装</li></ul><h2 id="常用命令"><a href="#常用命令" class="headerlink" title="常用命令"></a>常用命令</h2><h3 id="常用快捷键"><a href="#常用快捷键" class="headerlink" title="常用快捷键"></a>常用快捷键</h3><table><thead><tr><th>快捷键</th><th>作用</th></tr></thead><tbody><tr><td>ctrl+a</td><td>把光标移动到命令行开头。如果我们输入的命令过长,想要把光标移 动到命令行开头时使用</td></tr><tr><td>ctrl+e</td><td>把光标移动到命令行结尾</td></tr><tr><td>ctrl+c</td><td>强制终止当前的命令</td></tr><tr><td>ctrl+l</td><td>清屏,相当于clear命令</td></tr><tr><td>ctrl+u</td><td>删除或剪切光标之前的命令。我输入了一行很长的命令,不用使用退 格键一个一个字符的删除</td></tr><tr><td>ctrl+k</td><td>删除或剪切光标之后的内容</td></tr><tr><td>ctrl+y</td><td>粘贴ctrl+U或ctrl+K剪切的内容</td></tr><tr><td>ctrl+r</td><td>在历史命令中搜索,按下ctrl+R之后,就会出现搜索界面,只要输入 搜索内容,就会从历史命令中搜索</td></tr><tr><td>ctrl+d</td><td>退出当前终端</td></tr><tr><td>ctrl+z</td><td>暂停,并放入后台。如果使用的多了,系统会占用大量存储空间来存放暂停的数据,用多了系统会变卡</td></tr><tr><td>ctrl+s</td><td>暂停屏幕输出</td></tr><tr><td>ctrl+q</td><td>恢复屏幕输出</td></tr></tbody></table><h3 id="输出重定向"><a href="#输出重定向" class="headerlink" title="输出重定向"></a>输出重定向</h3><p>输出重定向,比如由屏幕输出到文件<br><img src="http://img.lunrry.top/202307041105714.png" alt="image-1686882796173"><br>==有一个用法:<br>命令 <code>&>/dev/unll </code>不管命令是否正确,直接丢入这个文件夹,不保存任何数据,在写shell脚本时有用==</p><h3 id="管道符"><a href="#管道符" class="headerlink" title="管道符"></a>管道符</h3><p>==命令1 | 命令2==</p><ul><li>命令1的正确输出作为命令2的操作对象</li></ul><h2 id="环境变量"><a href="#环境变量" class="headerlink" title="环境变量"></a>环境变量</h2><p><strong>用户自定义变量只在当前的Shell中生效, 而环境变量会在当前Shell和这个Shell的所 有子Shell当中生效。如果把环境变量写入相应的配置文件,那么这个环境变量就会在所有的Shell中生效</strong></p><table><thead><tr><th>命令</th><th>作用</th></tr></thead><tbody><tr><td>export 变量名=变量值</td><td>申明变量</td></tr><tr><td>env</td><td>查询变量</td></tr><tr><td>echo $变量名</td><td>变量调用</td></tr><tr><td>unset 变量名</td><td>删除变量</td></tr></tbody></table><h2 id="正则表达式"><a href="#正则表达式" class="headerlink" title="正则表达式"></a>正则表达式</h2><ul><li>正则表达式用来在文件中匹配符合条件的 字符串,正则是包含匹配。grep、awk、 sed等命令可以支持正则表达式。</li><li>通配符用来匹配符合条件的文件名,通配符是完全匹配。ls、find、- cp这些命令不支持正则表达式,所以只能使用shell自己的通配符来进行匹配了。</li></ul><table><thead><tr><th>元字符</th><th>作用</th></tr></thead><tbody><tr><td>*</td><td>前一个字符匹配0次或任意多次</td></tr><tr><td>.</td><td>匹配除了换行符外任意一个字符</td></tr><tr><td>^</td><td>匹配行首。例如:^hello会匹配以hello开头的行</td></tr><tr><td>$</td><td>匹配行尾。例如:hello&会匹配以hello结尾的行</td></tr><tr><td>[]</td><td>匹配中括号中指定的任意一个字符,只匹配一个字符。 例如:[aoeiu] 匹配任意一个元音字母,[0-9] 匹配任意一位 数字, [a-z][0-9]匹配小写字和一位数字构成的两位字符</td></tr><tr><td>[^]</td><td>匹配除中括号的字符以外的任意一个字符。例如:[^0-9] 匹配 任意一位非数字字符,[^a-z] 表示任意一位非小写字母</td></tr><tr><td>\</td><td>转义符。用于将特殊符号的含义取消</td></tr><tr><td>{}</td><td>大括号内<code>n</code>,表示其前面的字符恰好出现n次。例如:[0-9]{4} 匹配4位数 字,[1][3-8][0-9]{9} 匹配手机号码</td></tr><tr><td>{}</td><td>大括号内<code>n,</code>表示其前面的字符出现不小于n次。例如: [0-9]{2,} 表示两 位及以上的数字</td></tr><tr><td>{}</td><td>大括号内<code>n,m</code>表示其前面的字符至少出现n次,最多出现m次。例如: [a- z]{6,8} 匹配6到8位的小写字母</td></tr></tbody></table><h2 id="awk命令"><a href="#awk命令" class="headerlink" title="awk命令"></a>awk命令</h2><p><code>awk</code>是一种文本处理工具,用于从结构化文本数据中提取和处理信息。它以==行==为单位读取输入文件,并可以根据特定规则执行操作。</p><p>基本用法:<code>awk 'pattern { action }' file</code></p><ul><li><code>pattern</code> 是一个用于匹配文本的模式,可以是正则表达式或字符串。当某行匹配到该模式时,将执行相应的 <code>action</code>。</li><li><code>action</code> 是在模式匹配成功时要执行的动作。可以是一个命令块、表达式或预定义的动作。</li></ul><ul><li>常用参数:<ul><li>-F:指定字段分隔符。默认情况下,<code>awk</code>使用空格或制表符作为字段分隔符</li><li>-v:定义变量,并将其传递给 <code>awk</code> 程序</li></ul></li><li>常用的内置变量:<ul><li>$0:当前行的内容</li><li>$1、$2、$3…:当前行中第 1、2、3… 个字段的内容</li><li>NR:当前行的行号</li><li>NF:当前行的字段数量</li></ul></li><li>常用的内置函数:<ul><li>print:打印指定内容</li><li>printf:格式化打印指定内容</li><li>getline:读取下一行</li><li>length:获取字符串的长度</li><li>substr:提取子字符串</li></ul></li></ul><h2 id="for循环"><a href="#for循环" class="headerlink" title="for循环"></a>for循环</h2><pre class="line-numbers language-none"><code class="language-none">for 变量 in 值1 值2 值3do 程序done<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><p>例:</p><pre class="line-numbers language-none"><code class="language-none">#!/bin/bashfor time in morning noon afternoon eveningdoecho “This time is $time!”done<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><p>例:</p><pre class="line-numbers language-none"><code class="language-none">#!/bin/bash#批量解压缩软件包cd /lampls *.tar.gz > ls.log #ls *.tar.gz 输出结果覆盖到ls.log文件for i in $(cat ls.log) do tar -zxf $i $>/dev/null donerm -rf /lamp/ls.log<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h2 id="until循环"><a href="#until循环" class="headerlink" title="until循环"></a>until循环</h2><p>until循环时只要条件判断式不成立则进行循环,并执行循环程序。一旦循环条件成立,则终止循环</p><pre class="line-numbers language-none"><code class="language-none">until [ 条件判断式 ] do 程序 done <span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span></span></code></pre><p>例:</p><pre class="line-numbers language-none"><code class="language-none">#!/bin/bash #从1加到100i=1 s=0 until [ $i -gt 100 ] #循环直到变量i的值大于100,就停止循环 do s=$(( $s+$i ))i=$(( $i+1 )) done echo "The sum is: $s"<span aria-hidden="true" class="line-numbers-rows"><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span><span></span></span></code></pre><h1 id="问题分析与解决"><a href="#问题分析与解决" class="headerlink" title="问题分析与解决"></a>问题分析与解决</h1>]]></content>
<summary type="html"><h1 id="网络"><a href="#网络" class="headerlink" title="网络"></a>网络</h1><p>常用命令</p>
<table>
<thead>
<tr>
<th>基础命令</th>
<th>参数</th>
<th>作用</th>
</</summary>
<category term="Linux" scheme="https://lunrry.github.io/categories/Linux/"/>
<category term="Linux" scheme="https://lunrry.github.io/tags/Linux/"/>
</entry>
</feed>