07 Nginx系统环境准备
07 Nginx系统环境准备
07.1 环境准备
虚拟机:VMware
操作系统版本:Centos7
命令行连接工具:Xshell、SecureCRT
网络
07.2 确认centos的内核
准备一个内核2.6及以上版本的操作系统,因为Linux2.6及以上内核才支持 epoll(Linux系统内核的一个函数、类似Java、Python中一个方法),而 Nginx 解决高并发压力需要用到 epoll
# 查询linux内核版本 [root@nginx-100 ~]# uname -a Linux nginx-100 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
07.3 确认centos能联网
# 确定网络命令 [root@nginx-100 ~]# ping -c3 www.baidu.com PING www.a.shifen.com (110.242.70.57) 56(84) bytes of data. 64 bytes from 110.242.70.57 (110.242.70.57): icmp_seq=1 ttl=128 time=18.5 ms 64 bytes from 110.242.70.57 (110.242.70.57): icmp_seq=2 ttl=128 time=14.1 ms 64 bytes from 110.242.70.57 (110.242.70.57): icmp_seq=3 ttl=128 time=13.4 ms --- www.a.shifen.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2025ms rtt min/avg/max/mdev = 13.460/15.360/18.501/2.239 ms
三种网络模式:
桥接模式:外部的PC电脑主机需通过网线与交换机连接(一旦网线断掉,内部的虚拟机将无法访问互联网)

仅主机模式:相当于主机与虚拟机之间有一个网线(虚拟机通过外部PC电脑上网)

NAT 模式:虚拟机与主机共用同一网络

07.4 确认关闭 firewalld防火墙
建议关掉 firewalld 防火墙,防止对 Nginx 课程学习的实验干扰
# 临时关闭运行的防火墙,系统重新启动后,防火墙将重新打开 [root@nginx-100 ~]# systemctl stop firewalld # 永久关闭防火墙,系统重新启动后,防火墙依然关闭 [root@nginx-100 ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. # 查看防火墙状态 [root@nginx-100 ~]# systemctl status firewalld '● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) Mar 09 23:24:21 nginx-100 systemd[1]: Starting firewalld - dynamic firewall daemon... Mar 09 23:24:21 nginx-100 systemd[1]: Started firewalld - dynamic firewall daemon. Mar 09 23:24:21 nginx-100 firewalld[16974]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure con...t now. Mar 09 23:25:02 nginx-100 systemd[1]: Stopping firewalld - dynamic firewall daemon... Mar 09 23:25:03 nginx-100 systemd[1]: Stopped firewalld - dynamic firewall daemon. Hint: Some lines were ellipsized, use -l to show in full.
07.5 确认关闭 selinux防火墙
selinux(security-enhanced linux),美国安全局对于强制访问控制的实现,在 linux2.6内核以上的版本,selinux已成为内核中的一部分,可以说 selinux 是 linux 史上最杰出的新安全子系统之一,关闭 selinux,防止对 Nginx 课程学习的实验干扰
# 查看selinux 防火墙状态:sestatus、getenforce [root@nginx-100 ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 31 [root@nginx-100 ~]# getenforce Enforcing # 修改配置文件 [root@nginx-100 ~]# vim /etc/selinux/config ...... #SELINUX=enforcing SELINUX=disabled ......
重启服务器:reboot
再次连接终端,查看 selinux 已关闭
[root@nginx-100 ~]# sestatus SELinux status: disabled [root@nginx-100 ~]# getenforce Disabled
———————————————————————————————————————————————————————————————————————————
无敌小马爱学习
浙公网安备 33010602011771号