09-linux基础六
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了09-linux基础六相关的知识,希望对你有一定的参考价值。
部署Samba服务器
1)配置安装环境
为保证windows系统的计算机能够访问Linux Samba服务器,需要对Samba服务器进行网络配置,同时关闭Linux防火墙和SELinux。
1.1网络配置
vim /etc/sysconfig/network-scripts/ifcfg-ens33
可选择BOOTPROTO=dhcp,由DHCP服务器自动为虚拟机分配地址,配置文件如下:
TYPE="Ethernet" BOOTPROTO="dhcp" DEFROUTE="yes" PEERDNS="yes" PEERROUTES="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_PEERDNS="yes" IPV6_PEERROUTES="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" UUID="5102dc8b-560a-4ed4-a4ee-a09fad011f87" DEVICE="ens33" ONBOOT="yes"
也可选择BOOTPROTO=static,此时需要配置NETMASK、GATEWAY、DNS等,注意需设置ONBOOT=yes
TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.16.253 NETMASK=255.255.255.0 GATEWAY=192.168.16.254 DNS1=192.168.12.254 DNS2=8.8.8.8 DEFROUTE=yes PEERDNS=yes PEERROUTES=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 UUID=e5c7d4f1-bb4b-487b-9eb1-443803ff9559 DEVICE=ens33 ONBOOT=yes
1.2)关闭防火墙
[[email protected] ~]# systemctl status firewalld.service #查看防火墙状态 [[email protected] ~]# systemctl stop firewalld.service #关闭防火墙 [[email protected] ~]# systemctl disabled firewalld.service #取消防火墙开机运行
1.3)关闭SELINX
setenforce 0 #关闭防火墙,临时生效
为使防火墙永久关闭,需修改配置文件
vim /etc/sysconfig/selinux 或 vim /etc/selinux/config
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
2)安装软件包
[[email protected] ~]# yum -y install samba Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirrors.btte.net * extras: mirrors.neusoft.edu.cn * updates: mirror.bit.edu.cn ... ... ...
2)挂载网盘
2.1为虚拟机添加一块硬盘
2.2将添加的硬盘格式化
mkfs.xfs /dev/sdb -f
2.3创建共享目录/share,将格式化后的硬盘挂载到/share目录下
mount /dev/sdb /share
3)添加系统用户
为了在windows中访问Samba,需添加系统用户,同时可限定添加的用户不可登录终端
[[email protected] ~]# useradd egon [[email protected] ~]# [[email protected] ~]# usermod -s /sbin/nologin egon [[email protected] ~]# [[email protected] ~]# smbpasswd -a egon New SMB password: Retype new SMB password: Added user egon. [[email protected] ~]# [[email protected] ~]# useradd alex [[email protected] ~]# [[email protected] ~]# usermod -s /sbin/nologin alex [[email protected] ~]# [[email protected] ~]# smbpasswd -a alex New SMB password: Retype new SMB password: Added user alex. [[email protected] ~]# [[email protected] ~]# useradd wupeiqi [[email protected] ~]# [[email protected] ~]# usermod -s /sbin/nologin wupeiqi [[email protected] ~]# [[email protected] ~]# smbpasswd -a wupeiqi New SMB password: Retype new SMB password: Added user wupeiqi. [[email protected] ~]#
4)启动服务
[[email protected] ~]# systemctl start smb [[email protected] ~]#
5)测试(win10系统笔记本电脑访问CentOS7.3系统的虚拟机)
1)此电脑====》映射网络驱动器(N)====>文件夹中键入:\\\\192.168.1.254\\egon====>输入密码,如下图(可在文件中添加或删除文件)
查看Samba服务器对应的文件
[[email protected] ~]# ls /home/egon/ tmp.txt [[email protected] ~]#
6)修改配置文件,使所有的用户共享一个目录,只能浏览内容,不能删。
[[email protected] ~]# vim /etc/samba/smb.conf
# See smb.conf.example for a more detailed config file or # read the smb.conf manpage. # Run ‘testparm‘ to verify the config is correct after # you modified it. [global] workgroup = SAMBA security = user passdb backend = tdbsam printing = cups printcap name = cups load printers = yes cups options = raw [homes] comment = Home Directories valid users = %S, %D%w%S browseable = No read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = root create mask = 0664 directory mask = 0775 # A publicly accessible directory that is read only, except for users in the # "staff" group (which have write permissions): [public] comment = Public Stuff path = /share public = yes writable = no printable = no write list = +staff
部署nginx服务器
1)配置安装环境(同上)
2)安装软件包
2.1下载软件包
[[email protected] software]# wget http://nginx.org/download/nginx-1.12.0.tar.gz --2017-06-01 01:13:20-- http://nginx.org/download/nginx-1.12.0.tar.gz Resolving nginx.org (nginx.org)... 206.251.255.63, 95.211.80.227, 2001:1af8:4060:a004:21::e3, ... Connecting to nginx.org (nginx.org)|206.251.255.63|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 980831 (958K) [application/octet-stream] Saving to: ‘nginx-1.12.0.tar.gz’ 100%[=======================================================================================>] 980,831 41.7KB/s in 24s 2017-06-01 01:13:45 (40.2 KB/s) - ‘nginx-1.12.0.tar.gz’ saved [980831/980831] [[email protected] software]#
2.2解压软件包
[[email protected] software]# ls nginx-1.12.0.tar.gz Python-3.6.1 Python-3.6.1.tgz [[email protected] software]# [[email protected] software]# tar -zxvf nginx-1.12.0.tar.gz nginx-1.12.0/ nginx-1.12.0/auto/ nginx-1.12.0/conf/ ... ... ... ...
2.3配置安装选项
[[email protected] software]# cd nginx-1.12.0/ [[email protected] nginx-1.12.0]# [[email protected] nginx-1.12.0]# ./configure --prefix=/usr/local/nginx --without-http_rewrite_module checking for OS + Linux 3.10.0-514.el7.x86_64 x86_64 checking for C compiler ... found + using GNU C compiler + gcc version: 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) checking for gcc -pipe switch ... found checking for -Wl,-E switch ... found checking for gcc builtin atomic operations ... found checking for C99 variadic macros ... found
2.4编译和安装
[[email protected] software]# make && make install ... ... ... test -d ‘/usr/local/nginx/html‘ || cp -R html ‘/usr/local/nginx‘ test -d ‘/usr/local/nginx/logs‘ || mkdir -p ‘/usr/local/nginx/logs‘ make[1]: Leaving directory `/software/nginx-1.12.0‘ [[email protected] nginx-1.12.0]#
3)修改配置文件
[[email protected] nginx-1.12.0]# vim /usr/local/nginx/conf/nginx.conf #user nobody; worker_processes 3; #nginx启动的子进程个数 #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘ # ‘$status $body_bytes_sent "$http_referer" ‘ # ‘"$http_user_agent" "$http_x_forwarded_for"‘; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 8080; #nginx服务监听的端口 server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm index.txt; #默认加载的主页文件 } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the php scripts to Apache listening on 127.0.0.1:80 # #location ~ \\.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \\.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /\\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
4)启动服务
[[email protected] nginx-1.12.0]# /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
[[email protected] nginx-1.12.0]#
5)测试
在浏览器器中输入主机名称和对应的端口,打开了index.html页面,配置成功
查看nginx启动的进程,如下(一个主进程和3个子进程启动),说明配置文件生效
[[email protected]~]# ps aux | grep nginx | grep -v grep root 15354 0.0 0.1 18024 1320 ? Ss 01:33 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 15646 0.0 0.1 20556 1708 ? S 02:00 0:00 nginx: worker process nobody 15647 0.0 0.1 20556 1464 ? S 02:00 0:00 nginx: worker process nobody 15648 0.0 0.1 20556 1464 ? S 02:00 0:00 nginx: worker process
追踪配置文件/usr/local/nginx/logs/access.log的变化(刷新页面,查看配置文件的变化)
[[email protected] ~]# tail -f /usr/local/nginx/logs/access.log 192.168.16.50 - - [01/Jun/2017:02:13:56 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36"
6)负载均衡配置
6.1打开四台虚拟机,分别进行IP地址的配置,选择桥接,分别修改/etc/sysconfig/network-scripts/ifcfg-ens33
192.168.16.252(教室)或192.168.1.154
192.168.16.251(教室)或192.168.1.253
192.168.16.250(教室)或192.168.1.252
192.168.16.249(教室)或192.168.1.251
其中1个配置文件如下:
TYPE=Ethernet #BOOTPROTO=dhcp BOOTPROTO=static IPADDR=192.168.16.250 NETMASK=255.255.255.0 GATEWAY=192.168.16.254 DNS1=192.168.12.254 DNS2=8.8.8.8 DEFROUTE=yes PEERDNS=yes PEERROUTES=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 UUID=e5c7d4f1-bb4b-487b-9eb1-443803ff9559 DEVICE=ens33 ONBOOT=yes
6.2修改nginx配置文件(其中负载均衡服务器端口为80,其他3台服务器端口为8080)
负载均衡服务器配置文件如下:
#user nobody; worker_processes 3; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { # upstream nginx_webs { # server 192.168.16.252:8080; # server 192.168.16.251:8080; # server 192.168.16.250:8080; # } upstream nginx_webs { server 192.168.1.254:8080; server 192.168.1.253:8080; server 192.168.1.252:8080; } include mime.types; default_type application/octet-stream; #log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘ # ‘$status $body_bytes_sent "$http_referer" ‘ # ‘"$http_user_agent" "$http_x_forwarded_for"‘; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { proxy_pass http://nginx_webs; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \\.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \\.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /\\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
其他三台Web服务器配置文件如下:
#user nobody; worker_processes 3; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘ # ‘$status $body_bytes_sent "$http_referer" ‘ # ‘"$http_user_agent" "$http_x_forwarded_for"‘; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 8080; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.txt index.html index.htm; # index index.html index.html index.txt; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \\.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \\.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache‘s document root # concurs with nginx‘s one # #location ~ /\\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
依次启动负载均衡服务器和三台Web服务器
[[email protected] ~]# /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
[[email protected] ~]#
6.3测试
在goolge浏览器中输入192.168.1.251(负载均衡服务器IP地址),并刷新,如下图:
以上是关于09-linux基础六的主要内容,如果未能解决你的问题,请参考以下文章