CentOS7服务器的搭建记录(jenkins和开发方向)
2017-09-18 12:02
761 查看
前言:
作为一名负责任的服务器管理员,建设服务器的所有过程都应该有过程.
好处在于:
方便再次复制,或经验传递,过程文字化
也方便通过配置过程查找疑难故障
分享如下:
该服务器用于 CI (jenkins)和开发人员的云开发服务器.
CentOS7(64bit):
/*******************************
server maintenance
********************************/
#remote desktop
vnc-server:
yum -y install tigervnc-server
sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
vim /etc/systemd/system/vncserver@:1.service
{
replace <UESR> to your_user
}
sudo systemctl enable vncserver@:1.service
sudo systemctl start vncserver@:1.service
/*
xrdp(is this necessary?)
rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
*/
#network
ssh -fND localhost:10000 user@proxy_ip
sftp put polipo in server
cd polipo; make; sudo cp polipo /usr/bin
mkdir /etc/polipo; vim /etc/polipo/config and add
daemonise=true
socksParentProxy=127.0.0.1:10000
socksProxyType=socks5
run polipo
export http_proxy=http://localhost:8123
export https_proxy=http://localhost:8123
(you can place http_proxy in your bashrc)
curl www.baidu.com to test whether you are success (no ping, socks5 do not support ping)
#yum
(change to 163 source)
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.backup
sudo wget http://mirrors.163.com/.help/CentOS7-Base-163.repo (from http://mirrors.163.com/.help/centos.html)
mv CentOS7-Base-163.repo CentOS-Base.repo
yum clean all
yum makecache
#time:
(shanghai zone file is broken by me,so I use hong kong)
sudo timedatectl set-timezone Asia/Hong_Kong
(or sudo ln -s /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime)
(date -s localtime or date -u -s universal time)
#firewall:
sudo systemctl disable firewalld
sudo systemctl stop firewalld
(firewalld is written by python)
#selinux:
sudo vim /etc/sysconfig/selinux
SELINUX=disabled
/*******************************
development
********************************/
#cross-compile:
cp svn../tools/cross compiler to /opt and tar xzf it
add /opt/arm-2011.03/bin to PATH in /etc/bashrc ; add /opt/arm-2011.03/lib to LD_LIBRARY_PATH in /etc/bashrc too.
(you can make effort with . /etc/bashrc)
add /opt/arm-2011.03/arm-none-linux-gnueabi/libc/usr/lib/pkgconfig to PKG_CONFIG_PATH in /etc/bashrc
sudo yum -y install glibc.i686 (to fix /lib/ld-linux.so.2: bad ELF interpreter problem)
#cpputest:
sudo yum -y install sqlite-devel (to add sqlite3.pc)
sudo yum -y install glib2-devel (to add glib-2.0.pc)
sudo yum -y install libxml2-devel (to add libxml-2.0.pc)
sudo yum -y install net-snmp-devel
cd XX/unittest/cpputestxxxx
make distclean && ./configure && make && sudo make install
install libiconv(cd esmu/opensrc/ppp/;tar xzf libiconv...; ./configure && make && sudo make install)
install gsoap(the same as above)
install lcov
#svn(update to 1.8)
(if all other repoes have no priority, this will be run first)
vim /etc/yum.repos.d/wandisco-svn.repo
{
[WandiscoSVN]
name=Wandisco SVN Repo
baseurl=http://opensource.wandisco.com/centos/7/svn-1.8/RPMS/$basearch/
enabled=1
gpgcheck=0
}
sudo yum remove subversion
sudo yum remove subversion-libs.x86_64
sudo yum clean all
sudo yum install subversion
#dev user instance
svn checkout https://10.5.72.70:8443/power/ZXDUPA_PMSC(V1.X)/trunk
(enter your employee id and hr password)
#samba
yum -y install samba samba-client samba-common
sudo vim /etc/samba/smb.conf
{
workgroup = ZTE
hosts allow = 10.
max protocol = SMB2
[homes]
comment = Home Directories
path = /home/%S
browseable = yes
writable = yes
printable = no
valid users = %S
}
sudo systemctl restart smb nmb
sudo smbpasswd -a user_name
#cifs (mount windows share folder)
groupadd devgroup
sudo usermod -a -G devgroup xx_user
su
vim /etc/sudoers
{
mania ALL=(ALL) ALL
%devgroup ALL=NOPASSWD: /usr/bin/mount, /usr/bin/umount
}
mkdir ~/win
sudo mount -t cifs -o username=employee_id,password=xxxxxx,dir_mode=0777,file_mode=0777 //win_ip/share_folder ~/win
#for dict2conf.py run(pmsc project)
sudo yum install python-pip
sudo pip install xlrd
sudo pip install xlutils
cd libsmi-0.5.0;configure && make && sudo make install
#others
yum install lftp
cp setupDocker into /usr/local/bin
add /home/mania/server_manage/add_users.py (python add_users.py xx.txt)
/*******************************
jenkins master
********************************/
jenkins:
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins
#set proxy
#update plugin, especially the subversion plugin!
yum install java
vim /etc/init.d/jenkins
{
export JENKINS_HOME="/home/jenkins"
#before run JENKINS_WAR
}
#install plugin:subversion,robot,xunit,publish-over-ftp,token-macro,email-ext,emailext-template,nsiqcollector
xunit:
use junit, not others!
jenkins->Manage Jenkins->System Log, add "xUnit Logger"(Logger:XUnitService Log Level:ALL)
#cpd:
/*******************************
docker
********************************/
#docker setup:
sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
sudo yum install docker-engine
sudo yum update
curl -sSL https://get.docker.com/ | sh
sudo usermod -aG docker jenkins
sudo systemctl enable docker
wget https://raw.githubusercontent.com/docker/docker/master/contrib/mkimage-yum.sh
./mkimage-yum.sh -y /etc/yum.conf centos7
# get network
cp ifconfig; cp polipo(and /etc/polipo/config); export http_proxy="http://localhost:8123"
/* docker operation */
#into docker bash
docker run --name=unique_name --net=host -itd -v host_folder:container_folder image_name /bin/bash
#rm docker container
docker rm container_name_or_id
#rm all
docker rm $(docker ps -aq)
#copy
docker ps (get container_id)
docker cp container_id:docker_folder local_folder
docker cp local_folder container_id:docker_folder
#commit
docker commit contain_id repository_name
docker images (to see what images we own now)
docker inspect repo_name ( to check the image details)
#attach a running container
docker exec -it container_id /bin/bash (close the console never affect the running container)
/* pmsc docker image */
#yum error
rpm -q yum
(get yum pkg name)
rpm -e --nodeps yum-3.4.3-132.el7.centos.0.1.noarch
rpm -ivh yum-3.4.3-125.el7.centos.0.1.noarch
yum update
yum install gcc
yum install gcc-c++
yum install make
#install svn , reference centos svn installation
#install cross-compile
#install cpputest-dependant
yum install rsync
yum install openssl
yum install libgcc_s.so.1
yum install ftp
yum install gdb
yum install perl-Digest-MD5 (fix the geninfo error)
yum install pip
#others
sudo ln -sf /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime
export LC_CTYPE="zh_CN.GB2312" (fix "svn: Can't convert string from 'UTF-8' to native encoding" bug)
/*******************************
ftp server
********************************/
ftp
yum -y install vsftpd
sudo vim /etc/vsftpd/vsftpd.conf
{
local_umask=002 #as ftp-user has no shell login, so other user in ftp group must allow to delete rom for maintenance
chroot_local_user=YES
allow_writeable_chroot=YES
local_root=/home/ftp-user/rom
#listen_ipv6=YES
}
sudo setsebool -P allow_ftpd_full_access=1 (if you do not disable selinux)
sudo useradd -m ftp-user -g ftp -s /usr/sbin/nologin
sudo chown ftp-user:ftp /home/ftp-user
sudo mkdir /home/ftp-user/rom
sudo chmod 755 /home/ftp-user -R (not necessary)
/*******************************
klocwork
********************************/
#as jenkins user
bash kw-insight-cmd-installer.linux64.sh -a -i /home/jenkins/Klocwork/user
/*******************************
fortify
********************************/
#get license and place it somewhere
./HP_Fortify_SCA_and_Apps_4.30_linux_x64.run
#install to /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30
#all enter except:
#Do you want to migrate from a previous SCA installation? [y/N]:N
#Update security content after installation? [Y/n]: n
echo "export PATH=$PATH:/opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/bin">>/etc/profile
. /etc/profile
cd /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/Core/config
mv rules rules.original
scp share@10.47.7.209:/share/ISO/rules_linux rules
cd /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/Core/config
vim fortify.properties
{
#modify
com.fortify.locale=zh_CN
}
vim fortify-sca.properties
{
#add
com.fortify.sca.compilers.arm-none-linux-gnueabi-cc = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-gcc = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-ld = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-ar = com.fortify.sca.util.compilers.GccCompiler
}
/*******************************
others
********************************/
sudo ln -s /opt/sublime_text_3/sublime_text /usr/local/bin/subl
/*******************************
robot machine,not in CentOS
record here for laziness
********************************/
robot server(win7)
download get-pip.py
pip install pyserial
disable sleep(or else network will lose)
#I put env var into /etc/profile.d/env.sh
作为一名负责任的服务器管理员,建设服务器的所有过程都应该有过程.
好处在于:
方便再次复制,或经验传递,过程文字化
也方便通过配置过程查找疑难故障
分享如下:
该服务器用于 CI (jenkins)和开发人员的云开发服务器.
CentOS7(64bit):
/*******************************
server maintenance
********************************/
#remote desktop
vnc-server:
yum -y install tigervnc-server
sudo cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
vim /etc/systemd/system/vncserver@:1.service
{
replace <UESR> to your_user
}
sudo systemctl enable vncserver@:1.service
sudo systemctl start vncserver@:1.service
/*
xrdp(is this necessary?)
rpm -Uvh https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
*/
#network
ssh -fND localhost:10000 user@proxy_ip
sftp put polipo in server
cd polipo; make; sudo cp polipo /usr/bin
mkdir /etc/polipo; vim /etc/polipo/config and add
daemonise=true
socksParentProxy=127.0.0.1:10000
socksProxyType=socks5
run polipo
export http_proxy=http://localhost:8123
export https_proxy=http://localhost:8123
(you can place http_proxy in your bashrc)
curl www.baidu.com to test whether you are success (no ping, socks5 do not support ping)
#yum
(change to 163 source)
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.backup
sudo wget http://mirrors.163.com/.help/CentOS7-Base-163.repo (from http://mirrors.163.com/.help/centos.html)
mv CentOS7-Base-163.repo CentOS-Base.repo
yum clean all
yum makecache
#time:
(shanghai zone file is broken by me,so I use hong kong)
sudo timedatectl set-timezone Asia/Hong_Kong
(or sudo ln -s /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime)
(date -s localtime or date -u -s universal time)
#firewall:
sudo systemctl disable firewalld
sudo systemctl stop firewalld
(firewalld is written by python)
#selinux:
sudo vim /etc/sysconfig/selinux
SELINUX=disabled
/*******************************
development
********************************/
#cross-compile:
cp svn../tools/cross compiler to /opt and tar xzf it
add /opt/arm-2011.03/bin to PATH in /etc/bashrc ; add /opt/arm-2011.03/lib to LD_LIBRARY_PATH in /etc/bashrc too.
(you can make effort with . /etc/bashrc)
add /opt/arm-2011.03/arm-none-linux-gnueabi/libc/usr/lib/pkgconfig to PKG_CONFIG_PATH in /etc/bashrc
sudo yum -y install glibc.i686 (to fix /lib/ld-linux.so.2: bad ELF interpreter problem)
#cpputest:
sudo yum -y install sqlite-devel (to add sqlite3.pc)
sudo yum -y install glib2-devel (to add glib-2.0.pc)
sudo yum -y install libxml2-devel (to add libxml-2.0.pc)
sudo yum -y install net-snmp-devel
cd XX/unittest/cpputestxxxx
make distclean && ./configure && make && sudo make install
install libiconv(cd esmu/opensrc/ppp/;tar xzf libiconv...; ./configure && make && sudo make install)
install gsoap(the same as above)
install lcov
#svn(update to 1.8)
(if all other repoes have no priority, this will be run first)
vim /etc/yum.repos.d/wandisco-svn.repo
{
[WandiscoSVN]
name=Wandisco SVN Repo
baseurl=http://opensource.wandisco.com/centos/7/svn-1.8/RPMS/$basearch/
enabled=1
gpgcheck=0
}
sudo yum remove subversion
sudo yum remove subversion-libs.x86_64
sudo yum clean all
sudo yum install subversion
#dev user instance
svn checkout https://10.5.72.70:8443/power/ZXDUPA_PMSC(V1.X)/trunk
(enter your employee id and hr password)
#samba
yum -y install samba samba-client samba-common
sudo vim /etc/samba/smb.conf
{
workgroup = ZTE
hosts allow = 10.
max protocol = SMB2
[homes]
comment = Home Directories
path = /home/%S
browseable = yes
writable = yes
printable = no
valid users = %S
}
sudo systemctl restart smb nmb
sudo smbpasswd -a user_name
#cifs (mount windows share folder)
groupadd devgroup
sudo usermod -a -G devgroup xx_user
su
vim /etc/sudoers
{
mania ALL=(ALL) ALL
%devgroup ALL=NOPASSWD: /usr/bin/mount, /usr/bin/umount
}
mkdir ~/win
sudo mount -t cifs -o username=employee_id,password=xxxxxx,dir_mode=0777,file_mode=0777 //win_ip/share_folder ~/win
#for dict2conf.py run(pmsc project)
sudo yum install python-pip
sudo pip install xlrd
sudo pip install xlutils
cd libsmi-0.5.0;configure && make && sudo make install
#others
yum install lftp
cp setupDocker into /usr/local/bin
add /home/mania/server_manage/add_users.py (python add_users.py xx.txt)
/*******************************
jenkins master
********************************/
jenkins:
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key
sudo yum install jenkins
sudo systemctl start jenkins
sudo systemctl enable jenkins
#set proxy
#update plugin, especially the subversion plugin!
yum install java
vim /etc/init.d/jenkins
{
export JENKINS_HOME="/home/jenkins"
#before run JENKINS_WAR
}
#install plugin:subversion,robot,xunit,publish-over-ftp,token-macro,email-ext,emailext-template,nsiqcollector
xunit:
use junit, not others!
jenkins->Manage Jenkins->System Log, add "xUnit Logger"(Logger:XUnitService Log Level:ALL)
#cpd:
/*******************************
docker
********************************/
#docker setup:
sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
sudo yum install docker-engine
sudo yum update
curl -sSL https://get.docker.com/ | sh
sudo usermod -aG docker jenkins
sudo systemctl enable docker
wget https://raw.githubusercontent.com/docker/docker/master/contrib/mkimage-yum.sh
./mkimage-yum.sh -y /etc/yum.conf centos7
# get network
cp ifconfig; cp polipo(and /etc/polipo/config); export http_proxy="http://localhost:8123"
/* docker operation */
#into docker bash
docker run --name=unique_name --net=host -itd -v host_folder:container_folder image_name /bin/bash
#rm docker container
docker rm container_name_or_id
#rm all
docker rm $(docker ps -aq)
#copy
docker ps (get container_id)
docker cp container_id:docker_folder local_folder
docker cp local_folder container_id:docker_folder
#commit
docker commit contain_id repository_name
docker images (to see what images we own now)
docker inspect repo_name ( to check the image details)
#attach a running container
docker exec -it container_id /bin/bash (close the console never affect the running container)
/* pmsc docker image */
#yum error
rpm -q yum
(get yum pkg name)
rpm -e --nodeps yum-3.4.3-132.el7.centos.0.1.noarch
rpm -ivh yum-3.4.3-125.el7.centos.0.1.noarch
yum update
yum install gcc
yum install gcc-c++
yum install make
#install svn , reference centos svn installation
#install cross-compile
#install cpputest-dependant
yum install rsync
yum install openssl
yum install libgcc_s.so.1
yum install ftp
yum install gdb
yum install perl-Digest-MD5 (fix the geninfo error)
yum install pip
#others
sudo ln -sf /usr/share/zoneinfo/Asia/Hong_Kong /etc/localtime
export LC_CTYPE="zh_CN.GB2312" (fix "svn: Can't convert string from 'UTF-8' to native encoding" bug)
/*******************************
ftp server
********************************/
ftp
yum -y install vsftpd
sudo vim /etc/vsftpd/vsftpd.conf
{
local_umask=002 #as ftp-user has no shell login, so other user in ftp group must allow to delete rom for maintenance
chroot_local_user=YES
allow_writeable_chroot=YES
local_root=/home/ftp-user/rom
#listen_ipv6=YES
}
sudo setsebool -P allow_ftpd_full_access=1 (if you do not disable selinux)
sudo useradd -m ftp-user -g ftp -s /usr/sbin/nologin
sudo chown ftp-user:ftp /home/ftp-user
sudo mkdir /home/ftp-user/rom
sudo chmod 755 /home/ftp-user -R (not necessary)
/*******************************
klocwork
********************************/
#as jenkins user
bash kw-insight-cmd-installer.linux64.sh -a -i /home/jenkins/Klocwork/user
/*******************************
fortify
********************************/
#get license and place it somewhere
./HP_Fortify_SCA_and_Apps_4.30_linux_x64.run
#install to /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30
#all enter except:
#Do you want to migrate from a previous SCA installation? [y/N]:N
#Update security content after installation? [Y/n]: n
echo "export PATH=$PATH:/opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/bin">>/etc/profile
. /etc/profile
cd /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/Core/config
mv rules rules.original
scp share@10.47.7.209:/share/ISO/rules_linux rules
cd /opt/HP_Fortify/HP_Fortify_SCA_and_Apps_4.30/Core/config
vim fortify.properties
{
#modify
com.fortify.locale=zh_CN
}
vim fortify-sca.properties
{
#add
com.fortify.sca.compilers.arm-none-linux-gnueabi-cc = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-gcc = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-ld = com.fortify.sca.util.compilers.GccCompiler
com.fortify.sca.compilers.arm-none-linux-gnueabi-ar = com.fortify.sca.util.compilers.GccCompiler
}
/*******************************
others
********************************/
sudo ln -s /opt/sublime_text_3/sublime_text /usr/local/bin/subl
/*******************************
robot machine,not in CentOS
record here for laziness
********************************/
robot server(win7)
download get-pip.py
pip install pyserial
disable sleep(or else network will lose)
#I put env var into /etc/profile.d/env.sh
相关文章推荐
- Linux上快速搭建Jenkins服务器 实现持续集成开发
- 记录阿里云ECS服务器Java开发环境的搭建过程
- 记录下自己手动搭建centos7的svn服务器
- CentOS7开发环境搭建(二)——反向代理服务器nginx
- CentOS7搭建FTP服务器实践记录
- UBUNTU搭建qwt开发环境qwt在ubuntu编译的方法和记录
- 阿里云CES 搭建微信服务器记录
- Android开发、测试持续集成环境Jenkins搭建
- centos7 搭建ftp服务器
- 使用Jenkins搭建iOS开发的CI服务器
- CentOS7 搭建邮件收发服务器
- iOS开发网络篇—搭建本地服务器
- JavaWeb知识总结——搭建JavaWeb应用开发环境Tomcat服务器
- 自建git服务器连接Pycharm系列二:在centos7上搭建git服务器
- iOS开发网络篇—搭建本地服务器
- ubuntu下phonegap+android开发环境搭建记录
- nfs服务器的简单搭建过程-记录方法
- android 最新 NDK r8 在window下开发环境搭建 安装配置与使用 详细图文讲解,完整实际配置过程记录
- Android开发之—SVN服务器搭建
- Centos7 搭建Java7开发环境