Linux

rabbitmq 消息队列安装和配置

none

erlang #

首先安装erlang语言环境

yum install erlang -y

rabbitMQ #

rabbitMQ下载地址:直达安装方法:

rpm -ivh --force --nodeps rabbitmq-server-3.6.0-1.noarch.rpm
或者
yum localinstall  rabbitmq-server-3.6.0-1.noarch.rpm -y

启动服务 #

/etc/init.d/rabbitmq-server start
rabbitmq-plugins enable rabbitmq_management

配置主备 #

同步cookie #

chmod 777 /var/lib/rabbitmq/.erlang.cookie
scp /var/lib/rabbitmq/.erlang.cookie Go02:/var/lib/rabbitmq/.erlang.cookie
chmod 400 /var/lib/rabbitmq/.erlang.cookie

添加节点 #

rabbitmqctl stop_app
rabbitmqctl reset
rabbitmqctl join_cluster [--ram] rabbit@Go01 //此处的Go01为主节点的hostname,需要在/etc/hosts中指定
rabbitmqctl start_app

删除节点 #

rabbitmqctl stop_app
rabbitmqctl forget_cluster_node rabbit@rabbit1

修改类型 #

rabbitmqctl stop_app
rabbitmqctl change_cluster_node_type ram
rabbitmqctl start_app

添加用户 #

rabbitmqctl add_user admin admin
添加权限:
rabbitmqctl set_permissions -p "/" admin ".*" ".*" ".*"
删除测试用户:
rabbitmqctl delete_user guest
赋予其administrator角色:
rabbitmqctl set_user_tags admin administrator

修改配置 #

//防止服务端异常中断恢复后镜像队列不能恢复的问题

vim /etc/rabbitmq/rabbitmq.conf
[
  {rabbit,[{tcp_listeners,[5672]},
  {cluster_partition_handling, autoheal}]}
].
#不要忘记最后面的那个点号哦!

环境变量 #

touch /etc/rabbitmq/rabbitmq-env.conf#输入
    RABBITMQ_NODENAME=FZTEC-240088 节点名称    RABBITMQ_NODE_IP_ADDRESS=127.0.0.1 监听IP
    RABBITMQ_NODE_PORT=5672 监听端口    RABBITMQ_LOG_BASE=/data/rabbitmq/log 日志目录
    RABBITMQ_PLUGINS_DIR=/data/rabbitmq/plugins 插件目录
    RABBITMQ_MNESIA_BASE=/data/rabbitmq/mnesia 后端存储目录

RabbitMQ的用户角色分类 #

none、management、policymaker、monitoring、administrator

...

RabbitMQ性能优化

none

rabbitmq.config #

rabbitmq.config文件时rabbitmq的配置文件,他遵守Erlang配置文件定义。

rabbitmq.config文件位置:

...

rabbitmq之机器机器全部断电恢复记录

今天遇到一个rabbitmq集群同时断电,当机器全部启动的时候发现rabbitmq无法正常启动,然后发现如下日志。

=INFO REPORT==== 25-Apr-2018::11:11:07 ===
Starting RabbitMQ 3.5.3 on Erlang R16B03-1
Copyright (C) 2007-2014 GoPivotal, Inc.
Licensed under the MPL.  See http://www.rabbitmq.com/

=INFO REPORT==== 25-Apr-2018::11:11:07 ===
node           : rabbit@WIN-ACC2J7AGNM9
home dir       : C:\Users\Administrator
config file(s) : e:/RabbitMQ Data/rabbitmq.config (not found)
cookie hash    : kR4NuIdBr2n8/4Qt9uIgqQ==
log            : E:/RabbitMQ Data/log/rabbit@WIN-ACC2J7AGNM9.log
sasl log       : E:/RabbitMQ Data/log/rabbit@WIN-ACC2J7AGNM9-sasl.log
database dir   : e:/RabbitMQ Data/db/rabbit@WIN-ACC2J7AGNM9-mnesia

=WARNING REPORT==== 25-Apr-2018::11:11:07 ===
Kernel poll (epoll, kqueue, etc) is disabled. Throughput and CPU utilization may worsen.

=INFO REPORT==== 25-Apr-2018::11:11:08 ===
Memory limit set to 13095MB of 32738MB total.

=INFO REPORT==== 25-Apr-2018::11:11:08 ===
Disk free limit set to 50MB

=INFO REPORT==== 25-Apr-2018::11:11:08 ===
Limiting to approx 8092 file handles (7280 sockets)

=INFO REPORT==== 25-Apr-2018::11:11:38 ===
Timeout contacting cluster nodes: ['rabbit@WIN-2W6NDAIZBIA'].

BACKGROUND
==========

This cluster node was shut down while other nodes were still running.
To avoid losing data, you should start the other nodes first, then
start this one. To force this node to start, first invoke
"rabbitmqctl force_boot". If you do so, any changes made on other
cluster nodes after this one was shut down may be lost.

DIAGNOSTICS
===========

attempted to contact: ['rabbit@WIN-2W6NDAIZBIA']

rabbit@WIN-2W6NDAIZBIA:
  * connected to epmd (port 4369) on WIN-2W6NDAIZBIA
  * epmd reports: node 'rabbit' not running at all
                  no other nodes on WIN-2W6NDAIZBIA
  * suggestion: start the node

current node details:
- node name: 'rabbit@WIN-ACC2J7AGNM9'
- home dir: C:\Users\Administrator
- cookie hash: kR4NuIdBr2n8/4Qt9uIgqQ==

关键的地方在于中间的这段说明:

...

rabbitmq之修改数据和log目录位置位置

vim /etc/rabbitmq/rabbitmq-env.conf

I am a complete /etc/rabbitmq/rabbitmq-e… #

 vim /etc/rabbitmq/rabbitmq-env.conf

# I am a complete /etc/rabbitmq/rabbitmq-env.conf file.
# Comment lines start with a hash character.
# This is a /bin/sh script file - use ordinary envt var syntax
MNESIA_BASE=/data/rabbitmq/mnesia
LOG_BASE=/data/logs/rabbitmq

Ubuntu 阿里云镜像源

准备工作 #

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak #备份

修改配置 #

14.04 #

sudo vim /etc/apt/sources.list #修改
deb http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse

16.04 #

sudo vim /etc/apt/sources.list #修改
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse

更新缓存 #

sudo apt-get update #更新列表

ubuntu编译安装vim及配制方法

一个非常好用的vim配置文件

vim简介 #

Vim是一个类似于Vi的著名的功能强大、高度可定制的文本编辑器,在Vi的基础上改进和增加了很多特性。VIM是自由软件。

...

vim 快速入门手册

vim常见操作

图示 #

![vi-vim-cheat-sheet-sch.png](/static/uploads/BJ8I8E9U0M/img/vi-vim-cheat-
sheet-sch_SyLsV8yY4.png)

一、移动光标 #

1、左移h、右移l、下移j、上移k

2、向下翻页ctrl + f,向上翻页ctrl + b

3、向下翻半页ctrl + d,向上翻半页ctrl + u

...

vsftpd 配置方法及访问控制

vsftpd 详细配置说明

vsftpd常用配置 #

#关闭匿名用户访问权限
anonymous_enable=NO
#开启本地用户权限
local_enable=YES
#开启写权限
write_enable=YES
#设置侦听端口
listen_port=21
#写文件时的umask
local_umask=002
#被动模式及开放端口段
#pasv_enable=yes
#pasv_min_port=30000
#pasv_max_port=50000
#超时时间
#idle_session_timeout=6000000
#data_connection_timeout=6000000
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=YES
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
use_localtime=YES
reverse_lookup_enable=NO
#convert_charset_enable=0
#local_charset=UTF8
#remote_charset=GB2312
#double_377=1

创建账户

useradd -M -s /sbin/nologin -d /mnt/usernamefile/ username
for i in name1 name2 name3;do useradd -M -s /sbin/nologin -d /mnt/$i/ $i;done
for i in name1 name2 name3;do echo "$i"123 | passwd --stdin $i ;done

创建目录 #

mkdir usernamefile
chown username:username usernamefile
for i in name1 name2 name3;do mkdir /mnt/$i;done
for i in name1 name2 name3;do chown $i:$i /mnt/$i/;done
chmod -R 770 *

vsftpd被动模式 #

1、开启被动模式 #

vim vsftpd.conf

pasv_enable=YES #开启被动模式
pasv_min_port=3000 #随机最小端口
pasv_max_port=4000 #随机最大端口

2、加载内核 #

modprobe ip_conntrack_ftp
modprobe ip_nat_ftp

3、防火墙 #

vim /etc/sysconfig/iptables 在*filter下加入下
  -A OUTPUT -p tcp --sport 3000:4000 -j ACCEPT
  -A INPUT -p tcp --dport 3000:4000 -j ACCEPT

iptables-restore < /etc/sysconfig/iptables 加载iptables配置

vsftpd虚拟用户 #

1、vsftpd安装 #

yum -y install vsftpd #vsftpd软件
yum -y install db4-utils #生成虚拟用户认证数据文件命令

2、配置vsftp #

vim /etc/vsftpd/vsftpd.conf
  listen=YES #独立运行vsftpd
  anonymous_enable=NO #限制匿名用户登录
  dirmessage_enable=YES
  xferlog_enable=YES
  xferlog_file=/var/log/vsftpd.log
  xferlog_std_format=YES
  chroot_list_enable=YES #限制虚拟用户切换目录
  chroot_list_file=/etc/vsftpd/chroot_list #限制切换目录的用户列表
  chroot_local_user=YES
  guest_enable=YES #开启虚拟用户认证
  guest_username=ftp #映射的真实用户
  user_config_dir=/etc/vsftpd/vsftpd_user_conf #虚拟用户配置目录
  pam_service_name=vsftpd.vu #vsftpd认证的pam认证模块
  local_enable=YES

3、虚拟用户db #

cd /etc/vsftpd
vim user.txt
  yuangang #用户名
  123456 #密码

db_load -T -t hash -f user.txt /etc/vsftpd/vsftpd_login.db
chmod 600 /etc/vsftpd/vsftpd_login.db

# 配置pam认证
vim /etc/pam.d/vsftpd.vu
  auth required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login
  account required /lib/security/pam_userdb.so db=/etc/vsftpd/vsftpd_login

vim /etc/vsftpd/chroot_list #限制虚拟用户切换目录
  ftp
  yuangang

4、配置虚拟用户 #

cd /etc/vsftpd/vsftpd_user_conf
vim yuangang
  write_enable=YES
  anon_world_readable_only=NO
  anon_upload_enable=YES
  anon_mkdir_write_enable=YES
  anon_other_write_enable=YES
  local_root=/data/httpd/yuangang

# 建立虚拟用户ftp目录
mkdir /data/httpd/yuangang
chown -R ftp.root /data/httpd
chmod o+rw /data/httpd/yuangang

vsftpd cmds_allowed #

cmds_allowed=ABOR,CWD,LIST,MDTM,MKD,NLST,
PASS,PASV,PORT,PWD,QUIT,RETR,RMD,RNFR,
RNTO,SITE,SIZE,STOR,TYPE,USER,ACCT,
APPE,CDUP,HELP,MODE,NOOP,REIN,STAT,STOU,STRU,SYST

注意:一定不能使用换行和空格,不然就没效果..

...

web运维相关查询命令

none

1. 查看TCP连接状态 #

netstat -nat |awk '{print $6}'|sort|uniq -c|sort -rn
netstat -n | awk '/^tcp/ {++S[$NF]};END {for(a in S) print a, S[a]}' 或
netstat -n | awk '/^tcp/ {++state[$NF]}; END {for(key in state) print key,"\t",state[key]}'
netstat -n | awk '/^tcp/ {++arr[$NF]};END {for(k in arr) print k,"\t",arr[k]}'
netstat -n |awk '/^tcp/ {print $NF}'|sort|uniq -c|sort -rn
netstat -ant | awk '{print $NF}' | grep -v '[a-z]' | sort | uniq -c

(以上每一行实现的效果基本相同,在此列出不同的写法,方便对脚本写法的更深理解)

...