# httpd -v Server version: Apache/2.4.43 (Unix) Server built: Nov 8 2023 10:46:26 # httpd -t AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::129b:b1d2:e4cf:22c7%ens160. Set the 'ServerName' directive globally to suppress this message Syntax OK
修改配置文件,消除报错:
1 2 3
# vim /etc/httpd/conf/httpd.conf # 95行,修改配置 ServerName www.test.com:80
1 2
# httpd -t Syntax OK
启动httpd并设置开机自启:
1 2
# systemctl enable httpd --now # systemctl status httpd
# curl -s 10.80.20.1:80 | head -5 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Test Page for the Apache HTTP Server on openEuler Linux</title>
浏览器访问:http://10.80.20.1/
apache主页面配置
注释监听端口:
1 2 3
# vim /etc/httpd/conf/httpd.conf # 42行,注释配置 #Listen 80
添加监听端口配置:
1 2
# vim /etc/httpd/conf.d/port.conf Listen 10.80.20.1:81
1
# systemctl reload httpd
访问测试:
1 2 3 4 5 6 7 8 9 10 11 12 13
# curl 127.0.0.1:80 curl: (7) Failed to connect to 127.0.0.1 port 80: Connection refused # curl 127.0.0.1:81 curl: (7) Failed to connect to 127.0.0.1 port 81: Connection refused # curl 10.80.20.1:80 curl: (7) Failed to connect to 10.80.20.1 port 80: Connection refused # curl 10.80.20.1:81 # curl -s 10.80.20.1:81 | head -5 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Test Page for the Apache HTTP Server on openEuler Linux</title>
# vim /etc/httpd/conf.d/module.conf <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from all </Location> ExtendedStatus On
1
# systemctl reload httpd
浏览器访问:http://10.80.20.1:81/server-status
卸载mod_status模块:
1 2 3
# vim /etc/httpd/conf.modules.d/00-base.conf # 60行,添加注释 #LoadModule status_module modules/mod_status.so
1 2 3 4 5 6 7 8 9
# systemctl reload httpd # curl 10.80.20.1:81/server-status <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL was not found on this server.</p> </body></html>
恢复mod_status模块:
1 2 3
# vim /etc/httpd/conf.modules.d/00-base.conf # 60行,取消注释 LoadModule status_module modules/mod_status.so
# vim /etc/httpd/conf.d/source.conf DocumentRoot "/home/source" <Directory "/home/source"> Options Indexes AllowOverride None Require all granted </Directory> <Directory "/home/source/test"> Options Indexes AllowOverride None Require all granted </Directory> DirectoryIndex Index.html
1
# systemctl reload httpd
浏览器访问:http://10.80.20.1:81/test/
修改配置,再次访问:
1 2 3
# vim /etc/httpd/conf.d/source.conf # 3行、8行,修改配置 Options Indexes FollowSymLinks
1
# systemctl reload httpd
通过别名指定静态资源:
1 2 3
# vim /etc/httpd/conf.d/source.conf # 尾行,添加配置 Alias /test2 "/home/source/test"
1
# systemctl reload httpd
浏览器访问:http://10.80.20.1:81/test2/
为静态资源设置访问权限(基于源地址)
修改配置,禁止浏览器访问:
1 2 3 4 5 6 7 8 9
# vim /etc/httpd/conf.d/source.conf # 7~11行,修改配置 <Directory "/home/source/test"> Options Indexes FollowSymLinks <RequireAll> Require all granted Require not ip 10.80.0.1 </RequireAll> </Directory>
1
# systemctl reload httpd
浏览器访问:http://10.80.20.1:81/test2/
查看日志:
1 2 3 4 5 6 7 8 9 10 11
# tail /var/log/httpd/error_log [Sun Nov 26 18:28:13.998635 2023] [authz_core:error] [pid 650032:tid 140443006265088] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.126325 2023] [authz_core:error] [pid 650032:tid 140443098519296] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.249954 2023] [authz_core:error] [pid 650032:tid 140442997872384] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.382242 2023] [authz_core:error] [pid 650032:tid 140442964301568] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.526147 2023] [authz_core:error] [pid 650032:tid 140442402285312] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.678413 2023] [authz_core:error] [pid 650032:tid 140442385499904] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.833289 2023] [authz_core:error] [pid 650032:tid 140442368714496] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:14.978379 2023] [authz_core:error] [pid 650032:tid 140442981086976] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:15.110359 2023] [authz_core:error] [pid 650032:tid 140442989479680] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test [Sun Nov 26 18:28:15.258449 2023] [authz_core:error] [pid 650032:tid 140442410678016] [client 10.80.0.1:55264] AH01630: client denied by server configuration: /home/source/test
修改配置,允许访问:
1 2 3 4 5 6 7 8
# vim /etc/httpd/conf.d/source.conf # 9~12行,添加注释 # <RequireAll> # Require all granted # Require not ip 10.80.0.1 # </RequireAll> # 8行,添加配置 AllowOverride ALL
添加.htaccess配置,禁止访问,浏览器依然不能访问:
1 2 3 4 5
# vim /home/source/test/.htaccess <RequireAll> Require all granted Require not ip 10.80.0.1 </RequireAll>
为静态资源设置访问权限(基于账户)
创建密码:
1 2
# cd /home/source/test/ # htpasswd -cb .passwd test Huawei@123
添加认证配置:
1 2 3 4 5 6
# vim /home/source/test/.htaccess # 尾行,添加配置 Authtype Basic AuthName "http test" AuthUserFile "/home/source/test/.passwd" Require user test
# vim /etc/nginx/conf.d/static.conf server { listen 81; server_name www.test.com; root /data/Nginx; index index.html; }
查看配置文件正确性,重新加载nginx:
1 2 3 4
# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful # nginx -s reload
# vim /etc/nginx/conf.d/lb.conf upstream www.test.com { server 10.80.20.2:81; server 10.80.20.2:82; server 10.80.20.2:83; } server { location / { proxy_pass http://www.test.com; } }
添加hosts:
1 2 3
# vim /etc/hosts # 尾行,添加配置 10.80.20.2 www.test.com
1 2 3 4 5 6 7 8 9 10 11 12
# nginx -s reload # for i in {1..10}; do curl www.test.com; done hello nginx1 hello nginx2 hello nginx3 hello nginx1 hello nginx2 hello nginx3 hello nginx1 hello nginx2 hello nginx3 hello nginx1
添加负载权重:
1 2 3 4 5 6 7 8 9 10 11
# vim /etc/nginx/conf.d/lb.conf upstream www.test.com { server 10.80.20.2:81 weight=2; server 10.80.20.2:82 weight=1; server 10.80.20.2:83; } server { location / { proxy_pass http://www.test.com; } }
1 2 3 4 5 6 7 8 9 10 11 12
# nginx -s reload # for i in {1..10}; do curl www.test.com; done hello nginx1 hello nginx2 hello nginx3 hello nginx1 hello nginx1 hello nginx2 hello nginx3 hello nginx1 hello nginx1 hello nginx2
添加负载备用服务器:
1 2 3 4 5 6 7 8 9 10 11
# vim /etc/nginx/conf.d/lb.conf upstream www.test.com { server 10.80.20.2:81 backup; server 10.80.20.2:82; server 10.80.20.2:83; } server { location / { proxy_pass http://www.test.com; } }
1 2 3 4 5 6 7 8 9 10 11 12
# nginx -s reload # for i in {1..10}; do curl www.test.com; done hello nginx2 hello nginx3 hello nginx2 hello nginx3 hello nginx2 hello nginx3 hello nginx2 hello nginx3 hello nginx2 hello nginx3
开启备用服务器,只有关闭所有其它后端服务器,备用服务器才会启动:
1 2 3 4 5 6 7 8 9 10 11
# vim /etc/nginx/conf.d/lb.conf upstream www.test.com { server 10.80.20.2:81 backup; server 10.80.20.2:82 down; server 10.80.20.2:83 down; } server { location / { proxy_pass http://www.test.com; } }
1 2 3 4 5 6 7 8 9 10 11 12
# nginx -s reload # for i in {1..10}; do curl www.test.com; done hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1 hello nginx1
dns相关配置
安装dns软件
node3
下载安装dns:
1 2 3 4 5
# dnf install -y bind bind-utils # systemctl enable named --now # systemctl status named # nslookup -version nslookup 9.11.21-9.11.21-18.oe1
# cd /var/named/ # cp -p named.localhost test.com.zone
修改正向解析配置:
1 2 3 4 5 6 7 8 9 10 11 12
# vim test.com.zone $TTL 1D @ IN SOA master.test.com. admin.test.com. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS master master A 10.80.20.3 www CNAME main main A 10.80.20.2
修改dns服务监听端口权限配置:
1 2 3 4 5
# vim /etc/named.conf # 11行,修改配置 listen-on port 53 { localhost; }; # 19行,修改配置 allow-query { any; };
添加dns解析配置:
1 2 3 4 5 6
# vim /etc/named.rfc1912.zones # 尾行,添加配置 zone "test.com" IN { type master; file "test.com.zone"; };
mysql> ALTER user root@'localhost' IDENTIFIED BY 'Huawei@123'; Query OK, 0 rows affected (0.00 sec)
查看默认数据库:
1 2 3 4 5 6 7 8 9 10
mysql> SHOW databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec)
查看用户信息:
1 2 3 4 5 6 7 8 9 10 11
mysql> SELECT user,host FROM mysql.user; +---------------+-----------+ | user | host | +---------------+-----------+ | mysql.session | localhost | | mysql.sys | localhost | | root | localhost | +---------------+-----------+ 3 rows in set (0.00 sec)
mysql> exit
mysqladmin实践练习
查看mysql状态:
1 2 3
# mysqladmin -uroot -p'Huawei@123' status mysqladmin: [Warning] Using a password on the command line interface can be insecure. Uptime: 433 Threads: 2 Questions: 56 Slow queries: 0 Opens: 179 Flush tables: 3 Open tables: 95 Queries per second avg: 0.129
查看mysql版本:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
# mysqladmin -uroot -p'Huawei@123' version mysqladmin: [Warning] Using a password on the command line interface can be insecure. mysqladmin Ver 8.42 Distrib 5.7.38, for Linux on x86_64 Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.
Server version 5.7.38 Protocol version 10 Connection Localhost via UNIX socket UNIX socket /var/lib/mysql/mysql.sock Uptime: 8 min 26 sec
Threads: 1 Questions: 73 Slow queries: 0 Opens: 137 Flush tables: 1 Open tables: 130 Queries per second avg: 0.144
查看mysql活动的线程:
1 2 3 4 5 6 7
# mysqladmin -uroot -p'Huawei@123' processlist mysqladmin: [Warning] Using a password on the command line interface can be insecure. +----+------+-----------+----+---------+------+----------+------------------+ | Id | User | Host | db | Command | Time | State | Info | +----+------+-----------+----+---------+------+----------+------------------+ | 10 | root | localhost | | Query | 0 | starting | show processlist | +----+------+-----------+----+---------+------+----------+------------------+
# mysqladmin -uroot -p'Huawei@123' ping mysqladmin: [Warning] Using a password on the command line interface can be insecure. mysqld is alive
创建数据库:
1 2
# mysqladmin -uroot -p'Huawei@123' create test mysqladmin: [Warning] Using a password on the command line interface can be insecure.
删除数据库:
1 2 3 4 5 6 7
# mysqladmin -uroot -p'Huawei@123' drop test mysqladmin: [Warning] Using a password on the command line interface can be insecure. Dropping the database is potentially a very bad thing to do. Any data stored in the database will be destroyed.
Do you really want to drop the 'test' database [y/N] y Database "test" dropped
mysql综合实践
创建数据库Vegetables,字符集为utf8mb4:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
# mysql -uroot -p'Huawei@123'
mysql> CREATE DATABASE Vegetables CHARACTER SET = utf8mb4; Query OK, 1 row affected (0.02 sec)
mysql> USE Vegetables; Database changed
mysql> SELECT database(); +------------+ | database() | +------------+ | Vegetables | +------------+ 1 row in set (0.00 sec)
mysql> USE Vegetables; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A
mysql> USE Vegetables; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A
mysql> USE Vegetables; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A
Database changed
mysql> ALTER TABLE Vegetables RENAME AS Vegetables1; Query OK, 0 rows affected (0.00 sec)
mysql> SHOW tables; +----------------------+ | Tables_in_Vegetables | +----------------------+ | Vegetables1 | +----------------------+ 1 row in set (0.00 sec)