rpmbuild spec

rpmbuild spec说明

  1. rpmbuild介绍

    1
    2
    3
    4
    5
    6
    7
    顾名思义创建rpm包,它是用来指示转换的源码不定编译成二进制文件的包

    rpm对打包目录有一些严格的层次上的要求.比如:
    如果你的rpm的版本<=4.4.x,那么rpmbuid工具其默认的工作路径是/usr/src/redhat,这就使得普通用户不能制作rpm包,因为权限的问题,在制作rpm软件包时必须切换到root身份才可以.所以,rpm从4.5.x版本开始,将rpmbuid的默认工作路径移动到用户家目录下的rpmbuild目录里,即$HOME/rpmbuild,并且推荐用户在制作rpm软件包时尽量不要以root身份进行操作

    关于rpmbuild默认工作路径的确定,通常由在/usr/lib/rpm/macros这个文件里的一个叫做%_topdir的宏变量来定义.
    如果用户想更改这个目录名(rpm官方并不推荐直接更改这个目录),可以在用户家目录下建立一个名为.rpmmacros的隐藏文件,然后在里面重新定义%_topdir,指向一个新的目录名.例如: "%_topdir $HOME/myrpmbuild"
  2. rpmbuild 目录

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    在%_topdir目录下一般需要建立6个目录:
    * BUILD 编译rpm包的临时目录 %_builddir
    * BUILDROOT 编译后生成的软件临时安装目录 %_buildrootdir
    * RPMS 最终生成的可安装rpm包的所在目录 %_rpmdir
    * SOURCES 所有源代码和补丁文件的存放目录 %_sourcedir
    * SPECS 存放SPEC文件的目录(重要) %_specdir
    * SRPMS 软件最终的rpm源码格式存放路径 %_srcrpmdir

    提示:
    1.执行rpmdev-setuptree会在当前用户家目录下的rpmbuild目录(如果该目录不存在也会被自动创建)里自动建立上述目录
    2.一般我们都把源码打包成tar.gz格式然后存放于SOURCES路径下,而在SPECS路径下编写spec文档.通过命令打包后,默认会把打包后的rpm包放在RPMS下,而源码包会被放置在SRPMS下
  3. rpmbuild相关命令

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    基本格式: rpmbuild [options] [spec文档|tarball包|源码包]

    //从spec文档建立有以下选项:
    -bp #只执行spec的%pre段(解开源码包并打补丁,即只做准备)
    -bc #执行spec的%pre和%build段(准备并编译)
    -bi #执行spec中%pre,%build与%install(准备,编译并安装)
    -bl #检查spec中的%file段(查看文件是否齐全)
    -ba #建立源码与二进制包(常用)
    -bb #只建立二进制包(最常用)
    -bs #只建立源码包

    //从tarball包建立,与spec类似
    -tp #对应-bp
    -tc #对应-bc
    -ti #对应-bi
    -ta #对应-ba
    -tb #对应-bb
    -ts #对应-bs

    //从源码包建立
    --rebuild #建立二进制包,通-bb
    --recompile #同-bi

    //其他的一些选项
    --buildroot=DIRECTORY #确定以root目录建立包
    --clean #完成打包后清除BUILD下的文件目录
    --nobuild #不进行%build的阶段
    --nodeps #不检查建立包时的关联文件
    --nodirtokens
    --rmsource #完成打包后清除SOURCES
    --rmspec #完成打包后清除SPEC
    --short-cricuit
    --target=CPU-VENDOR-OS #确定包的最终使用平台
  4. SPEC文档的编写

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    Name:    软件包的名字,后面可使用%{name}的方式引用,具体命令需跟源包一致
    Version: 软件的实际版本号,具体命令需跟源包一致
    Release: 发布序列号,具体命令需跟源包一致
    Summary: 软件包的内容概要
    Group: 软件分组,建议使用标准分组
    -----------------------------------------
    软件包所属类别,具体类别有:
    Amusements/Games (娱乐/游戏)
    Amusements/Graphics (娱乐/图形)
    Applications/Archiving (应用/文档)
    Applications/Communications(应用/通讯)
    Applications/Databases (应用/数据库)
    Applications/Editors (应用/编辑器)
    Applications/Emulators (应用/仿真器)
    Applications/Engineering (应用/工程)
    Applications/File (应用/文件)
    Applications/Internet (应用/因特网)
    Applications/Multimedia (应用/多媒体)
    Applications/Productivity (应用/产品)
    Applications/Publishing (应用/印刷)
    Applications/System (应用/系统)
    Applications/Text (应用/文本)
    Development/Debuggers (开发/调试器)
    Development/Languages (开发/语言)
    Development/Libraries (开发/函数库)
    Development/System (开发/系统)
    Development/Tools (开发/工具)
    Documentation (文档)
    System Environment/Base (系统环境/基础)
    System Environment/Daemons (系统环境/守护)
    System Environment/Kernel (系统环境/内核)
    System Environment/Libraries (系统环境/函数库)
    System Environment/Shells (系统环境/接口)
    User Interface/Desktops (用户界面/桌面)
    User Interface/X (用户界面/X窗口)
    User Interface/X Hardware Support (用户界面/X硬件支持)
    ----------------------------------------------------
    License: 软件授权方式,通常就是GPL
    Source: 源代码包,可以带多个用Source1、Source2等源,后面也可以用%{source1},%{source2}引用
    BuildRoot: 这个是安装或编译时使用的"虚拟目录",考虑到多用户的环境,一般定义为:
    %{_tmppath}/%{name}-%{version}-%{release}-root

    %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n}
    该参数非常重要,因为在生成rpm的过程中,执行make install时就会把软件安装到上述的路径中,在打包的时候,同样依赖"虚拟目录"为""根目录"进行操作.后面可使用$RPM_BUILD_ROOT方式引用
    URL: 软件的主页
    Vendor: 发行商或打包组织的信息,例如RedFlag Co,Ltd
    Disstribution: 发行版标识
    Patch: 补丁源码,可使用Patch1,Patch2等标识多个补丁,使用%patch0或%{patch0}引用
    Prefix: %{_prefix}这个主要是为了解决今后安装rpm包时,并不一定把软件安装到rpm中打包的目录的情况.这样,必须在这里定义该标识,并在编写%install脚本的时候引用,才能实现rpm安装时重新指定位置的功能
    Prefix: %{_sysconfdir} 这个原因和上面的一样,但由于%{_prefix}指/usr,而对于其他的文件,例如/etc下的配置文件,则需要用%{_sysconfdir}标识
    Build Arch: 指编译的目标处理器架构,noarch标识不指定,但通常都是以/usr/lib/rpm/marcros中的内容为默认值
    Requires: 该rpm包所依赖的软件包名称,可以用>=或<=表示大于或小于某一特定版本,不同软件名用空格分开,例如:libpng-devel >= 1.0.20 zlib

    还有例如PreReq、Requires(pre)、Requires(post)、Requires(preun)、Requires(postun)、BuildRequires等都是针对不同阶段的依赖指定
    Provides: 指明本软件一些特定的功能,以便其他rpm识别
    Packager: 打包者的信息
    scription 软件的详细说明

    #spec脚本主体
    spec脚本的主体中也包括了很多关键字和描述:
    %prep 预处理脚本
    %setup -n %{name}-%{version} 把源码包解压并放好
    注:可根据你的源码的名字格式,来确认解压后名字的格式,否则可能导致install的时候找不到对应的目录
    通常是从/usr/src/redhat/SOURCES里的包解压到/usr/src/redhat/BUILD/%{name}-%{version}中
    一般用%setup -c就可以了,但有两种情况:一就是同时编译多个源码包;二就是源码的tar包的名称与解压出来的目录不一致.此时,就需要使用-n参数指定一下了
    %patch 打补丁,通常补丁都会一起在源码tar.gz包中,或放到SOURCES目录下.一般参数为:
    %patch -p1 使用前面定义的Patch补丁进行,-p1是忽略patch的第一层目录
    %Patch2 -p1 -b xxx.patch 打上指定的补丁,-b是指生成备份文件
    ◎补充一下
    %setup 不加任何选项,仅将软件包打开。
    %setup -n newdir 将软件包解压在newdir目录。
    %setup -c 解压缩之前先产生目录。
    %setup -b num 将第num个source文件解压缩。
    %setup -T 不使用default的解压缩操作。
    %setup -T -b 0 将第0个源代码文件解压缩。
    %setup -c -n newdir 指定目录名称newdir,并在此目录产生rpm套件。
    %patch 最简单的补丁方式,自动指定patch level。
    %patch 0 使用第0个补丁文件,相当于%patch ?p 0。
    %patch -s 不显示打补丁时的信息。
    %patch -T 将所有打补丁时产生的输出文件删除。

    %build 开始构建包
    在/usr/src/redhat/BUILD/%{name}-%{version}目录中进行make的工作,常见写法:
    make %{?_smp_mflags} OPTIMIZE="%{optflags}"
    都是一些优化参数,定义在/usr/lib/rpm/marcros中
    %install 开始把软件安装到虚拟的根目录中
    在/usr/src/redhat/BUILD/%{name}-%{version}目录中进行make install的操作.这个很重要,因为如果这里的路径不对的话,则下面%file中寻找文件的时候就会失败.
    常见内容有:
    %makeinstall 这不是关键字,而是rpm定义的标准宏命令.也可以使用非标准写法:
    make DESTDIR=$RPM_BUILD_ROOT install

    make prefix=$RPM_BUILD_ROOT install

    需要说明的是,这里的%install主要就是为了后面的%file服务的.所以,还可以使用常规的系统命令:
    install -d $RPM_BUILD_ROOT/ #建立目录
    cp -a * $RPM_BUILD_ROOT/

    %clean 清理临时文件
    通常内容为:引用
    [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf "$RPM_BUILD_ROOT"
    rm -rf $RPM_BUILD_DIR/%{name}-%{version}
    ※注意区分$RPM_BUILD_ROOT和$RPM_BUILD_DIR:
    $RPM_BUILD_ROOT是指开头定义的BuildRoot,而$RPM_BUILD_DIR通常就是指/usr/src/redhat/BUILD.其中,前面的才是%file需要的.
    %pre rpm安装前执行的脚本
    %post rpm安装后执行的脚本
    %preun rpm卸载前执行的脚本
    %postun rpm卸载后执行的脚本

    %preun %postun 的区别是什么呢?
    前者在升级的时候会执行,后者在升级rpm包的时候不会执行

    %files 定义那些文件或目录会放入rpm中
    这里会在虚拟根目录下进行,千万不要写绝对路径,而应用宏或变量表示相对路径.如果描述为目录,表示目录中除%exclude外的所有文件.
    %defattr(文件权限,用户名,组名,目录权限) 默认是 %defattr(-,root,root,-)
    %exclude 列出不想打包到rpm中的文件
    注意:
    1.%{buildroot}里的所有文件都要明确被指定是否要被打包到rpm里
    2.如果声明了%{buildroot}里不存在的文件或者目录也会报错
    3.如果%exclude指定的文件不存在,也会出错的

    %doc
    关于%doc宏,所有跟在这个宏后面的文件都来自%{_builddir}目录,当用户安装rpm时,由这个宏所指定的文件都会安装到/usr/share/doc/name-version/目录里。

    %changelog 变更日志
    * date +"%a %b %d %Y" 修改人 邮箱 本次版本x.y.z-p
    - 本次变更修改了那些内容
  5. SPEC文档中常用的几个宏(变量)

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    1. RPM_BUILD_DIR:    /usr/src/redhat/BUILD
    2. RPM_BUILD_ROOT: /usr/src/redhat/BUILDROOT
    3. %{_sysconfdir}: /etc
    4. %{_sbindir}: /usr/sbin
    5. %{_bindir}: /usr/bin
    6. %{_datadir}: /usr/share
    7. %{_mandir}: /usr/share/man
    8. %{_libdir}: /usr/lib64
    9. %{_prefix}: /usr
    10. %{_localstatedir}: /usr/var

rpm package build

rpm 包创建

  1. 安装 rpmbuild 和 rpmdevtools工具

    1
    2
    [root@localhost ~]# yum -y install rpm-build
    [root@localhost ~]# yum -y install rpmdevtools
  2. 查看rpm包版本

    1
    2
    [root@localhost ~]# rpm --version
    RPM version 4.11.3
  3. 查看rpmbuild的默认位置

    1
    2
    3
    4
    5
    6
    //查看rpmbuild位置
    [root@localhost ~]# grep -w '%_topdir' /usr/lib/rpm/macros
    %_topdir %{getenv:HOME}/rpmbuild

    //手动指定rpmbuild位置
    [root@localhost ~]# echo "%_topdir $HOME/rpmbuild" | tee ~/.rpmmacros
  4. 生成rpmbuild目录

    1
    2
    3
    4
    5
    6
    7
    8
    [root@localhost ~]# rpmdev-setuptree
    [root@localhost ~]# tree rpmbuild/
    rpmbuild/
    ├── BUILD
    ├── RPMS
    ├── SOURCES
    ├── SPECS
    └── SRPMS
  5. 生成SPEC配置文件

    1
    [root@localhost ~]# rpmdev-newspec -o rpmbuild/SPECS/wisdom-nginx-1.10.2.spec
  6. SPEC配置文件说明

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    [root@localhost ~]# vim rpmbuild/SPECS/wisdom-nginx-1.10.2.spec
    # 定义变量
    %define realname wisdom-nginx
    %define realver 1.10.2

    %if 0%{?suse_version}
    %define USER apache
    %define GROUP apache
    %define PREFIX /mnt/app/nginx
    %else
    %define USER apache
    %define GROUP apache
    %define PREFIX /mnt/app/nginx
    %endif

    # 第一阶段:设置基础信息
    # 1.软件包信息
    Name: %{realname}
    Version: %{realver}
    Release: 1%{?dist}
    Summary: wisdom nginx
    Group: Applications/Archiving
    License: GPLv2
    URL: http://nginx.org/en/download.html
    Packager: 刘朋 <smallasa@sina.com>
    Vendor: 众荟

    # 2.源码包和文件
    Source0: nginx-1.10.2.tar.gz
    Source1: init.nginx
    Source2: nginx.conf

    # 3.安装位置
    BuildRoot: %{PREFIX}

    # 4.软件依赖包
    BuildRequires: gcc
    Requires: openssl,openssl-devel,pcre,pcre-devel

    # 5.软件详细信息
    %description
    众荟 慧通 nginx 软件包 wisdom-nginx-1.10.2.tar.gz

    # 第二阶段: 准备阶段(解压,并进入目录)
    %prep
    %setup -q

    # 第三阶段: 编译阶段
    %build
    ./configure \
    --prefix=%{PREFIX} \
    --user=%{USER} \
    --group=%{GROUP} \
    --with-select_module \
    --with-poll_module \
    --with-threads \
    %if 0%{?suse_version} || 0%{?fedora} || 0%{?rhel_version} || 0%{?centos_version} >= 600
    --with-file-aio \
    %endif
    --with-http_ssl_module \
    --with-http_stub_status_module \
    --with-http_v2_module \
    --with-http_realip_module \
    --with-http_addition_module \
    --with-http_geoip_module \
    --with-http_gunzip_module \
    --with-http_gzip_static_module \
    --with-http_auth_request_module \
    --with-http_degradation_module \
    --with-google_perftools_module \
    --with-pcre \
    --with-libatomic

    make %{?_smp_mflags}

    # 第四阶段: 安装阶段
    %install
    rm -rf $RPM_BUILD_ROOT
    make install DESTDIR=%{buildroot}
    %{__install} -p -D -m 0755 %{SOURCE1} %{buildroot}/etc/rc.d/init.d/nginx
    %{__install} -p -D %{SOURCE2} %{buildroot}/usr/local/nginx/conf/nginx.conf
    %{__install} -p -D %{SOURCE3} %{buildroot}/usr/local/nginx/conf/fastcgi_params

    # 第五阶段: 将文件拷贝到相应目录,并授权
    %files
    %defattr(-,root,root,0755) /usr/local/nginx/
    %attr(0755,root,root) /etc/rc.d/init.d/nginx
    %config(noreplace) /usr/local/nginx/conf/nginx.conf
    %config(noreplace) /usr/local/nginx/conf/fastcgi_params

    %doc
    %dir

    # 第六阶段: 在安装/卸载 rpm包 前/后 执行的脚本
    # 1.rpm 安装前执行的脚本
    %pre
    # 1:表示安装;2:表示升级;3:表示卸载
    if [ $1 == 1 ];then
    /usr/sbin/useradd -s /sbin/nologin nginx 2>/dev/null
    fi

    # 2.rpm 安装后执行的脚本
    %post
    if [ $1 == 1 ];then
    echo '# Add sysctl.conf
    net.ipv4.tcp_max_syn_backlog = 65536
    net.core.netdev_max_backlog = 32768
    net.core.somaxconn = 32768

    net.core.wmem_default = 8388608
    net.core.rmem_default = 8388608
    net.core.rmem_max = 16777216
    net.core.wmem_max = 16777216

    net.ipv4.tcp_timestamps = 0
    net.ipv4.tcp_synack_retries = 2
    net.ipv4.tcp_syn_retries = 2

    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_tw_reuse = 1

    net.ipv4.tcp_mem = 94500000 915000000927000000
    net.ipv4.tcp_max_orphans = 3276800

    #net.ipv4.tcp_fin_timeout = 30
    #net.ipv4.tcp_keepalive_time = 120
    net.ipv4.ip_local_port_range = 1024 65535' |tee -a /etc/sysctl.conf
    sysctl -p 2>&1 /dev/null
    fi

    # 3.rpm卸载前执行的脚本
    %preun
    if [ $1 == 0 ];then
    /etc/init.d/nginx stop > /dev/null 2>&1
    userdel -r nginx 2>/dev/null
    fi

    # 4.rpm卸载后执行的脚本
    %postun

    第七阶段: 更新日志
    %changelog
    * Thu Wed 26 2014 smallasa <smallasa@sina.com> - 1.10.2
    - Initial version
  7. 制作rpm包

    1
    2
    3
    4
    5
    rpmbuild -bp nginx.spec 制作到%prep段
    rpmbuild -bc nginx.spec 制作到%build段
    rpmbuild -bi nginx.spec 执行spec文件的 "%install" 阶段(在执行了%prep和%build阶段之后).这通常等价于执行了一次 "make install"
    rpmbuild -bb nginx.spec 制作二进制包
    rpmbuild -ba nginx.spec 表示既制作二进制包又制作src格式包

rpm包的签名

  1. 查询软件包信息

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    [root@localhost ~]# rpm -qi nginx
    Name : nginx Relocations: (not relocatable)
    Version : 1.7.7 Vendor: smallasa
    Release : 3.el6 Build Date: Wed 26 Nov 2014 06:39:00 PM CST
    Install Date: Wed 26 Nov 2014 06:42:19 PM CST Build Host: localhost
    Group : Applications/Archiving Source RPM: nginx-1.7.7-3.el6.src.rpm
    Size : 793593 License: GPLv2
    Signature : (none) # rpm包未签名状态
    Packager : nmshuishui <353025240@qq.com>
    URL : http://nmshuishui.blog.51cto.com/
    Summary : nginx-1.7.7.tar.gz to nginx-1.7.7.rpm
    Description :
    Custom a rpm by yourself!Build nginx-1.7.7.tar.gz to nginx-1.7.7.rpm
  2. 使用gpg方式生成签名密钥

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    [root@localhost ~]# gpg --gen-key
    Your selection?1<Enter> #默认即可
    What keysize do you want? (2048) 1024<Enter> #选择密钥长度
    Key is valid for? (0) 1y<Enter> #有效期
    Is this correct? (y/N) y<Enter> #确认
    Real name: smallasa<Enter> #密钥名称
    Email address: smallasa@sina.com<Enter> #邮件
    Comment: GPG-RPM-KEY<Enter> #备注
    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O<ENTER> #okay确认
    Enter passphrase OK <Enter> #按Enter输入密码
    <Take this one anyway> <Enter> #确认使用此密码
    #####
    在生成密钥的时候,会报这么一个信息:can't connect to `/root/.gnupg/S.gpg-agent': No such file or directory,可以不用理会它.接下来就是一些随机数的说明了:We need to generate a lot of random bytes. It is a good idea to perform
    some other action (type on the keyboard, move the mouse, utilize the
    disks) during the prime generation; this gives the random number
    generator a better chance to gain enough entropy.
    就狂敲键盘和移动鼠标吧,也可以链接一个伪随机数(不过不安全),接下来就是等待了
    生成密钥后会是这样的:
    gpg: checking the trustdb
    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
    gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
    pub 2048R/DF63EDFB 2014-11-26
    Key fingerprint = 338D 476F 29C9 E2D6 6604 1D96 6F73 1E81 DF63 EDFB
    uid smallasa (gen-key) <smallasa@sina.com>
    sub 2048R/263FB359 2014-11-26
  3. 查看生成的密钥

    1
    2
    3
    4
    5
    6
    [root@localhost ~]# gpg --list-keys
    /root/.gnupg/pubring.gpg
    ------------------------
    pub 2048R/DF63EDFB 2014-11-26
    uid smallasa (gen-key) <smallasa@sina.com>
    sub 2048R/263FB359 2014-11-26
  4. 导出公钥以供验证

    1
    [root@localhost ~]# gpg --export -a "smallasa" > RPM-GPG-KEY-smallasa
  5. 在~/.rpmmacros宏中定义加密密钥

    1
    2
    [root@localhost ~]# vim ~/.rpmmacros
    %_gpg_name smallasa
  6. 为rpm包签名

    1
    2
    3
    4
    [root@localhost ~]# rpm --addsign /home/hero/rpmbuild/RPMS/x86_64/nginx-1.7.7-3.el6.x86_64.rpm
    Enter pass phrase:
    Pass phrase is good.
    /home/hero/rpmbuild/RPMS/x86_64/nginx-1.7.7-3.el6.x86_64.rpm:
  7. 将公钥导入rpm包

    1
    [root@localhost ~]# rpm --import RPM-GPG-KEY-smallasa
  8. 验证

    1
    2
    [root@localhost ~]# rpm --checksig /home/hero/rpmbuild/RPMS/x86_64/nginx-1.7.7-3.el6.x86_64.rpm
    /home/hero/rpmbuild/RPMS/x86_64/nginx-1.7.7-3.el6.x86_64.rpm: rsa sha1 (md5) pgp md5 OK
  9. 重新安装nginx,验证安装包的签名信息

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    [root@localhost ~]# rpm -ivh /home/hero/rpmbuild/RPMS/x86_64/nginx-1.7.7-3.el6.x86_64.rpm
    Preparing... ########################################### [100%]
    1:nginx ########################################### [100%]
    [root@localhost ~]#
    [root@localhost ~]# rpm -qi nginx
    Name : nginx Relocations: (not relocatable)
    Version : 1.7.7 Vendor: smallasa
    Release : 3.el6 Build Date: Wed 26 Nov 2014 06:39:00 PM CST
    Install Date: Thu 27 Nov 2014 10:58:44 AM CST Build Host: localhost
    Group : Applications/Archiving Source RPM: nginx-1.7.7-3.el6.src.rpm
    Size : 793593 License: GPLv2
    Signature : RSA/SHA1, Thu 27 Nov 2014 10:40:02 AM CST, Key ID 6f731e81df63edfb # 与 1 比起来,多了签名信息
    Packager : nmshuishui <353025240@qq.com>
    URL : http://nmshuishui.blog.51cto.com/
    Summary : nginx-1.7.7.tar.gz to nginx-1.7.7.rpm
    Description :
    Custom a rpm by yourself!Build nginx-1.7.7.tar.gz to nginx-1.7.7.rpm

yum server install

yum 源服务器搭建

  1. 基础软件安装

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    //修改主机名
    [root@localhost ~]# echo yum |tee /etc/hostname
    [root@localhost ~]# hostname yum
    [root@localhost ~]# $SHELL

    //安装基础软件包
    [root@yum ~]# yum -y install epel-release
    [root@yum ~]# yum -y install gcc gcc-c++ make cmake bison libtool autoconf automake zip unzip bzip2 zlib zlib-devel openssl openssl-devel pcre pcre-devel bison-devel ncurses-devel tcl tcl-devel perl-Digest-SHA1 GeoIP GeoIP-devel gperftools gperftools-devel libatomic_ops-devel gtest gtest-devel glibc-devel unixODBC-devel fop libperl libpython readline readline-devel python2-pip readline readline-devel readline-static openssl openssl-devel openssl-static sqlite-devel bzip2-devel bzip2-libs openldap-devel
    [root@yum ~]# yum -y install git lftp ntpdate vim wget telnet dstat tree lrzsz net-tools nmap-ncat nmap sysstat

    //关闭selinux
    [root@yum ~]# setenforce 0
    [root@yum ~]# sed -i s/'SELINUX=enforcing'/'SELINUX=disabled'/g /etc/selinux/config

    //关闭防火墙
    [root@yum ~]# systemctl stop firewalld.service
    [root@yum ~]# systemctl disable firewalld.service

    //关闭ntpd服务,定时同步时间
    [root@yum ~]# systemctl stop ntpd
    [root@yum ~]# systemctl disable ntpd
    [root@yum ~]# echo '1 1 * * * /usr/sbin/ntpdate -s cn.pool.ntp.org' | tee /var/spool/cron/root

    //创建基础目录
    [root@yum ~]# mkdir -p /mnt/{app,data,log,web,ops/{app,data,cron}}
  2. 安装createrepo

    1
    2
    3
    [root@yum ~]# yum -y install createrepo

    //createrepo主要用来创建yum仓库
  3. 安装yum-utils

    1
    2
    3
    [root@yum ~]# yum -y install yum-utils

    //yum-utils主要用来使用reposync命令同步
  4. 安装nginx

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    [root@yum app]# useradd -s /sbin/nologin nginx
    [root@yum app]# tar xzf nginx-1.10.2.tar.gz
    [root@yum app]# cd nginx-1.10.2
    [root@yum nginx-1.10.2]# ./configure \
    > --prefix=/mnt/app/nginx \
    > --user=nginx \
    > --group=nginx \
    > --with-select_module \
    > --with-poll_module \
    > --with-threads \
    > --with-file-aio \
    > --with-http_ssl_module \
    > --with-http_stub_status_module \
    > --with-http_v2_module \
    > --with-http_realip_module \
    > --with-http_addition_module \
    > --with-http_geoip_module \
    > --with-http_gunzip_module \
    > --with-http_gzip_static_module \
    > --with-http_auth_request_module \
    > --with-http_degradation_module \
    > --with-google_perftools_module \
    > --with-pcre \
    > --with-libatomic
    [root@yum nginx-1.10.2]# make -j 2
    [root@yum nginx-1.10.2]# make -j 2 install
    [root@yum nginx-1.10.2]# mkdir -p /mnt/log/nginx
    [root@yum nginx-1.10.2]# chown -R nginx.nginx /mnt/log/nginx
    [root@yum nginx-1.10.2]# mkdir /mnt/data/yum.repo
    [root@yum nginx-1.10.2]# chown -R nginx.nginx /mnt/data/yum.repo
  5. 修改nginx配置文件,调试

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    [root@yum ~]# vim /mnt/app/nginx/conf/nginx.conf
    user nginx;
    worker_processes 2;
    worker_cpu_affinity 01 10;
    worker_rlimit_nofile 65536;
    error_log /mnt/log/nginx/nginx_error.log info;
    pid /mnt/log/nginx/nginx.pid;
    events {
    use epoll;
    accept_mutex on;
    multi_accept on;
    worker_connections 10240;
    }
    http {
    include mime.types;
    default_type application/octet-stream;
    server_tokens off;
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';
    access_log /mnt/log/nginx/nginx_access.log main;
    sendfile on;
    keepalive_timeout 65 60;
    server {
    listen 80;
    server_name yum.domain.cn;
    location / {
    root /mnt/data/yum.repo;
    index index.html index.htm;
    autoindex on; #nginx打开目录浏览功能
    autoindex_exact_size on; #显示文件具体大小
    autoindex_localtime on; #显示系统时间
    }
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    }
    }

    [root@yum ~]# /mnt/app/nginx/sbin/nginx -c /mnt/app/nginx/conf/nginx.conf -t
    [root@yum ~]# /mnt/app/nginx/sbin/nginx -c /mnt/app/nginx/conf/nginx.conf

使用 rsync 进行同步

  1. 建立yum同步目录

    1
    2
    [root@yum ~]# mkdir -p /mnt/data/yum.repo/{centos,epel}
    [root@yum ~]# chmod -R 755 /mnt/data/yum.repo
  2. 修改nginx index.html配置文件,指向创建的目录

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    [root@yum ~]# vim /mnt/data/yum.repo/index.html
    <!DOCTYPE html>
    <html>
    <head>
    <title>众荟YUM源</title>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <style>
    body {
    width: 35em;
    margin: 0 auto;
    font-family: Tahoma, Verdana, Arial, sans-serif;
    }
    </style>
    </head>
    <body>
    <br/>
    <p style="font-weight:bolder;color:green;font-size:16px;">众荟YUM源仓库:
    <!-- <font size="3" color="red">众荟YUM源仓库:</fon> <br/> -->
    <ul>
    <li><a href="http://{yum.domain.com}/centos"><font size="3" color="blue">centos</font></a></li>
    <li><a href="http://{yum.domain.com}/epel"><font size="3" color="blue">epel</font></a></li>
    <li><a href="http://{yum.domain.com}/wisdom"><font size="3" color="blue">wisdom</font></a></li>
    </ul>
    </p>
    <br/>
    <p style="font-weight:bolder;color:green;font-size:12px;">更新命令:
    <ul>
    <li>centos 6:
    <ul>
    <li><font size="1" color="blue">rpm --import http://{yum.domain.com}/epel/RPM-GPG-KEY-EPEL-6</font></li>
    <li><font size="1" color="blue">curl -o /etc/yum.repos.d/epel.repo http://{yum.domain.com}/epel-6.repo</font></li>
    <li><font size="1" color="blue">rpm --import http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6</font></li>
    <li><font size="1" color="blue">curl -o /etc/yum.repos.d/CentOS-Base.repo http://{yum.domain.com}/centos-6.repo</font></li>
    </ul>
    </li>
    <li>centos 7:
    <ul>
    <li><font size="1" color="blue">rpm --import http://{yum.domain.com}/epel/RPM-GPG-KEY-EPEL-7</font></li>
    <li><font size="1" color="blue">curl -o /etc/yum.repos.d/epel.repo http://{yum.domain.com}/epel-7.repo</font></li>
    <li><font size="1" color="blue">rpm --import http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-7</font></li>
    <li><font size="1" color="blue">curl -o /etc/yum.repos.d/CentOS-Base.repo http://{yum.domain.com}/centos-7.repo</font></li>
    </ul>
    </li>
    </ul>
    </p>
    </body>
    </html>
  3. 创建yum源配置文件

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    epel-6:
    [root@yum ~]# cat /mnt/data/yum.repo/epel-6.repo
    [epel]
    name=Extra Packages for Enterprise Linux 6 - $basearch
    baseurl=http://{yum.domain.com}/epel/6/$basearch
    failovermethod=priority
    enabled=1
    gpgcheck=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

    [epel-debuginfo]
    name=Extra Packages for Enterprise Linux 6 - $basearch - Debug
    baseurl=http://{yum.domain.com}/epel/6/$basearch/debug
    failovermethod=priority
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
    gpgcheck=0

    [epel-source]
    name=Extra Packages for Enterprise Linux 6 - $basearch - Source
    baseurl=http://{yum.domain.com}/epel/6/SRPMS
    failovermethod=priority
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
    gpgcheck=0
    ------------------------
    epel-7:
    [root@yum ~]# cat /mnt/data/yum.repo/epel-7.repo
    [epel]
    name=Extra Packages for Enterprise Linux 7 - $basearch
    baseurl=http://{yum.domain.com}/epel/7/$basearch
    failovermethod=priority
    enabled=1
    gpgcheck=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

    [epel-debuginfo]
    name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
    baseurl=http://{yum.domain.com}/epel/7/$basearch/debug
    failovermethod=priority
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
    gpgcheck=0

    [epel-source]
    name=Extra Packages for Enterprise Linux 7 - $basearch - Source
    baseurl=http://{yum.domain.com}/epel/7/SRPMS
    failovermethod=priority
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
    gpgcheck=0
    ------------------------
    centos-6:
    [root@yum ~]# cat /mnt/data/yum.repo/centos-6.repo
    [base]
    name=CentOS-6 - Base - {yum.domain.com}
    baseurl=http://{yum.domain.com}/centos/6/os/x86_64/
    gpgcheck=1
    gpgkey=http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6

    #released updates
    [updates]
    name=CentOS-6 - Updates - {yum.domain.com}
    baseurl=http://{yum.domain.com}/centos/6/updates/x86_64/
    gpgcheck=1
    gpgkey=http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6

    #additional packages that may be useful
    [extras]
    name=CentOS-6 - Extras - {yum.domain.com}
    baseurl=http://{yum.domain.com}/centos/6/extras/x86_64/
    gpgcheck=1
    gpgkey=http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6

    #additional packages that extend functionality of existing packages
    [centosplus]
    name=CentOS-6 - Plus - {yum.domain.com}
    baseurl=http://{yum.domain.com}/centos/6/centosplus/x86_64/
    gpgcheck=1
    enabled=0
    gpgkey=http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6

    #contrib - packages by Centos Users
    [contrib]
    name=CentOS-6 - Contrib - {yum.domain.com}
    baseurl=http://{yum.domain.com}/centos/6/contrib/x86_64/
    gpgcheck=1
    enabled=0
    gpgkey=http://{yum.domain.com}/centos/RPM-GPG-KEY-CentOS-6
    ------------------------
    centos-7:
    [root@yum ~]# cat /mnt/data/yum.repo/centos-7.repo
    [base]
    name=CentOS-7 - Base
    baseurl=http://{yum.domain.com}/centos/7/os/x86_64/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

    #released updates
    [updates]
    name=CentOS-7 - Updates
    baseurl=http://{yum.domain.com}/centos/7/updates/x86_64/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

    #additional packages that may be useful
    [extras]
    name=CentOS-7 - Extras
    baseurl=http://{yum.domain.com}/centos/7/extras/x86_64/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

    #additional packages that extend functionality of existing packages
    [centosplus]
    name=CentOS-7 - Plus
    baseurl=http://{yum.domain.com}/centos/7/centosplus/x86_64/
    gpgcheck=1
    enabled=0
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
  4. 同步yum源脚本

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    [root@yum ~]# cat /mnt/ops/cron/yum.rsync.sh
    #!/bin/bash
    /usr/bin/rsync -av --delete --exclude=debug --exclude=aarch64 --exclude=i386 --exclude=ppc64 --exclude=ppc64le --exclude=SRPMS rsync://mirrors.ustc.edu.cn/epel/{6,7} /mnt/data/yum.repo/epel/
    /usr/bin/rsync -av --delete --exclude=debug --exclude=i386 --exclude=isos rsync://mirrors.ustc.edu.cn/centos/{6*,7*} /mnt/data/yum.repo/centos/

    curl -o /mnt/data/yum.repo/epel/RPM-GPG-KEY-EPEL-6 http://mirrors.ustc.edu.cn/epel/RPM-GPG-KEY-EPEL-6
    curl -o /mnt/data/yum.repo/epel/RPM-GPG-KEY-EPEL-7 http://mirrors.ustc.edu.cn/epel/RPM-GPG-KEY-EPEL-7
    curl -o /mnt/data/yum.repo/centos/RPM-GPG-KEY-CentOS-6 http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6
    curl -o /mnt/data/yum.repo/centos/RPM-GPG-KEY-CentOS-7 http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-7

    [root@yum ~]# crontab -l|grep yum
    3 0 * * 6 /mnt/ops/cron/yum.rsync.sh >/dev/null 2>&1

    注意: 使用rsync同步时,没有必要在使用createrepo创建仓库了.同步的时候已经默认将repo仓库同步到本地了
  5. 客户端设置

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    [root@localhost ~]# mkdir –p /etc/yum.repos.d/back
    [root@localhost ~]# mv /etc/yum.repos.d/* /etc/yum.repos.d/back/

    centos 6:
    [root@localhost ~]# rpm --import http://yum.jwops.cn/epel/RPM-GPG-KEY-EPEL-6
    [root@localhost ~]# curl -o /etc/yum.repos.d/epel.repo http://yum.jwops.cn/epel-6.repo
    [root@localhost ~]# rpm --import http://yum.jwops.cn/centos/RPM-GPG-KEY-CentOS-6
    [root@localhost ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://yum.jwops.cn/centos-6.repo

    centos 7:
    [root@localhost ~]# rpm --import http://yum.jwops.cn/epel/RPM-GPG-KEY-EPEL-7
    [root@localhost ~]# curl -o /etc/yum.repos.d/epel.repo http://yum.jwops.cn/epel-7.repo
    [root@localhost ~]# rpm --import http://yum.jwops.cn/centos/RPM-GPG-KEY-CentOS-7
    [root@localhost ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://yum.jwops.cn/centos-7.repo

    [root@localhost ~]# yum clean all
    [root@localhost ~]# yum makecache

使用 reposync 进行同步

  1. 建立yum同步目录

    1
    2
    3
    [root@yum ~]# mkdir -p /mnt/data/yum.repo/wisdom/centos/6
    [root@yum ~]# mkdir -p /mnt/data/yum.repo/wisdom/centos/7
    [root@yum ~]# chmod -R 755 /mnt/data/yum.repo
  2. 修改nginx index.html配置文件,指向创建的目录

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    [root@yum ~]# cp /mnt/data/yum.repo/index.html /mnt/data/yum.repo/index.html.bak
    [root@yum ~]# vim /mnt/data/yum.repo/index.html
    <!DOCTYPE html>
    <html>
    <head>
    <title>Welcome to nginx!</title>
    <style>
    body {
    width: 35em;
    margin: 0 auto;
    font-family: Tahoma, Verdana, Arial, sans-serif;
    }
    </style>
    </head>
    <body>
    <p style="font-weight:bolder;color:green;font-size:30px;">ALL of the packages in the below:</p>
    <br/>
    <a href="http://192.168.13.213/centos/Aliyun">Aliyun</a><br/>
    These packagers from of CentOS ISO.<br/>
    <p style="font-weight:bolder;color:red;font-size:18px;">Please replace the file and fill in the following content:</p>
    <p style="font-weight:bolder;color:blue;font-size:15px;">Way: /etc/yum.repos.d/CentOS-Base.repo</p>
    </body>
    </html>
  3. 下载centos repo配置文件

    1
    2
    3
    4
    5
    [root@yum ~]# wget -O /mnt/ops/cron/Centos-6.repo http://mirrors.aliyun.com/repo/Centos-6.repo
    [root@yum ~]# sed -i s/\$releasever/6/g /mnt/ops/cron/Centos-6.repo
    [root@yum ~]# sed -i s/\$basearch/x86_64/g /mnt/ops/cron/Centos-6.repo

    [root@yum ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
  4. 同步yum源

    1
    2
    [root@yum ~]# reposync -c /mnt/ops/cron/Centos-6.repo -d -n -p /mnt/data/yum.repo/wisdom/centos/6/
    [root@yum ~]# reposync -p /mnt/data/yum.repo/wisdom/centos/7/
  5. 软件包手动同步下来后,yum建立仓库

    1
    2
    3
    4
    5
    6
    7
    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/base/ /mnt/data/yum.repo/wisdom/centos/6/base/
    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/extras/ /mnt/data/yum.repo/wisdom/centos/6/extras/
    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/updates/ /mnt/data/yum.repo/wisdom/centos/6/updates/

    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/base/ /mnt/data/yum.repo/wisdom/centos/7/base/
    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/extras/ /mnt/data/yum.repo/wisdom/centos/7/extras/
    [root@yum ~]# createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/updates/ /mnt/data/yum.repo/wisdom/centos/7/updates/
  6. 编写同步脚本

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    [root@yum ~]# vim /mnt/ops/cron/yum.reposync.sh
    #!/bin/bash
    reposync -c /mnt/ops/cron/Centos-6.repo -d -n -p /mnt/data/yum.repo/wisdom/centos/6/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/base/ /mnt/data/yum.repo/wisdom/centos/6/base/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/extras/ /mnt/data/yum.repo/wisdom/centos/6/extras/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/6/updates/ /mnt/data/yum.repo/wisdom/centos/6/updates/
    #wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
    reposync -n -p /mnt/data/yum.repo/wisdom/centos/7/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/base/ /mnt/data/yum.repo/wisdom/centos/7/base/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/extras/ /mnt/data/yum.repo/wisdom/centos/7/extras/
    createrepo -p -d -o /mnt/data/yum.repo/wisdom/centos/7/updates/ /mnt/data/yum.repo/wisdom/centos/7/updates/
    #reposync -c /mnt/ops/cron/Centos-7.repo -d -p /mnt/data/yum.repo/wisdom/centos/7/

    [root@yum ~]# chmod +x /mnt/ops/cron/yum.reposync.sh
    [root@yum ~]# sh /mnt/ops/cron/yum.reposync.sh

    [root@yum ~]# echo '1 2 * * * /mnt/ops/cron/yum.reposync.sh >/dev/null 2>&1' |tee -a /var/spool/cron/root
  7. 创建repo文件

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    [root@yum ~]# mkdir /mnt/data/yum.repo/repo

    //CentOS-6.repo
    [root@yum repo]# cat /mnt/data/yum.repo/repo/centos-6.repo
    [CentOS_6_base]
    name=centos 6 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/6/base
    enable=1
    gpgcheck=0
    priority=1

    [CentOS_6_updates]
    name=centos 6 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/6/updates
    enable=1
    gpgcheck=0
    priority=3

    [CentOS_6_extras]
    name=centos 6 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/6/extras
    enable=1
    gpgcheck=0
    priority=5
    [root@yum repo]# cat /mnt/data/yum.repo/repo/wisdom-centos-7.repo
    [CentOS_7_base]
    name=centos 7 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/7/base
    enable=1
    gpgcheck=0
    priority=1

    [CentOS_7_updates]
    name=centos 7 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/7/updates
    enable=1
    gpgcheck=0
    priority=3

    [CentOS_7_extras]
    name=centos 7 x64
    failovermethod=priority
    baseurl=http://yum.domain.cn/centos/7/extras
    enable=1
    gpgcheck=0
    priority=5
  8. 客户端安装 yum-plugin-priorities

    1
    2
    3
    [root@localhost ~]# yum -y install yum-plugin-priorities

    //yum-plugin-priorities主要用来控制yum源更新优先级,控制进行yum源检索的先后顺序
  9. 客户端配置

    1
    2
    3
    4
    5
    6
    7
    8
    [root@localhost ~]# mkdir –p /etc/yum.repos.d/back
    [root@localhost ~]# mv /etc/yum.repos.d/* /etc/yum.repos.d/back/
    [root@localhost ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://yum.domain.cn/repo/CentOS-6.repo
    [root@localhost ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://yum.domain.cn/repo/CentOS-7.repo

    [root@localhost ~]# yum clean all
    [root@localhost ~]# yum makecache
    [root@localhost ~]# yum repolist

YUM rsync public source

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
[root@yum ~]# mkdir -p /mnt/data/yum.repo/centos
[root@yum ~]# mkdir -p /mnt/ops/cron/yum.repo.sync.log
[root@yum ~]# echo '1 2 * * * /mnt/ops/cron/yum.repo.sync.sh >/dev/null 2>&1' |tee -a /var/spool/cron/root
[root@yum ~]# vim /mnt/ops/cron/yum.repo.sync.sh
#!/bin/bash

# YUM 源地址
YUM_SITE="rsync://mirrors.kernel.org/centos"

# YUM 同步位置
YUM_LOCAL="/mnt/data/yum.repo/centos"

# YUM 同步版本
YUM_LOCAL_VER="6 6* 7 7*"

# RSYNC 限速
RSYNC_BW=10240

# 记录脚本执行PID
LOCK_FILE="/mnt/ops/cron/yum.repo.sync.pid"

# 记录脚本同步日志
LOG_FILE="/mnt/ops/cron/yum.repo.sync.log/$(date +"%Y%m%d").log"

# 指定rsync命令位置,为空表示系统默认
RSYNC_PATH=""


# 将PID记录到文件中
MY_PID=$$
if [ -f $LOCK_FILE ];then
get_pid=$(cat $LOCK_FILE)
get_system_pid=$(ps -ef|grep -v grep|grep $get_pid|wc -l)

if [ $get_system_pid -eq 0];then
echo $MY_PID |tee $LOCK_FILE
else
echo "正在同步中...!"
exit 1
fi

else
echo $MY_PID |tee $LOCK_FILE
fi


# 检查rsync工具
if [ -z $RSYNC_PATH ];then
RSYNC_PATH=`whereis rsync|awk ' ''{print $2}'`

if [ -z $RSYNC_PATH ];then
echo '没有找到 rsync 命令'
echo '安装: yum -y install rsync'
fi
fi


# 使用rsync同步YUM源
echo "--------------------------------------------------" |tee -a $LOG_FILE
echo |tee -a $LOG_FILE
echo "rsync 开始时间: $(date +'%Y-%m-%d %H:%M:%S')" |tee -a $LOG_FILE

for VER in $YUM_LOCAL_VER;do
if [ ! -d "$YUM_LOCAL/$VER" ];then
mkdir -p $YUM_LOCAL/$VER
fi

echo "rsync 开始同步: $VER => $YUM_LOCAL/$VER" |tee -a $LOG_FILE
$RSYNC_PATH -avrtH --delete --bwlimit=$RSYNC_BW --exclude=i386 $YUM_SITE/$VER $YUM_LOCAL/$VER |tee -a $LOG_FILE
echo |tee -a $LOG_FILE
done

echo "rsync 结束时间: $(date +'%Y-%m-%d %H:%M:%S')" |tee -a $LOG_FILE
echo "--------------------------------------------------" |tee -a $LOG_FILE


# 删除PID文件
if [ -f $LOCK_FILE ];then
rm -rf $LOCK_FILE
fi

exit 0

Python Django setting

python django 配置

  1. python 3.x 版本安装mysql

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    [root@dev cmdb]# cat cmdb/settings.py
    DATABASES = {
    'default': {
    'ENGINE' : 'django.db.backends.mysql',
    'NAME' : 'cmdb',
    'USER' : 'cmdb',
    'PASSWORD' : 'cmdb123',
    'HOST' : '127.0.0.1',
    'PORT' : '3306',
    }
    }

    注意: python 3.x 不在使用MySQL-python包了,而是使用PyMySQL

    [root@dev cmdb]# pip install PyMySQL
    [root@dev cmdb]# cat cmdb/__init__.py
    import pymysql
    pymysql.install_as_MySQLdb()
  2. django 创建数据库表

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    [root@dev cmdb]# python manage.py migrate
    System check identified some issues:
    WARNINGS:
    ?: (mysql.W002) MySQL Strict Mode is not set for database connection 'default'
    HINT: MySQL's Strict Mode fixes many data integrity problems in MySQL, such as data truncation upon insertion, by escalating warnings into errors. It is strongly recommended you activate it. See: https://docs.djangoproject.com/en/1.11/ref/databases/#mysql-sql-mode

    解决方法:
    [root@dev cmdb]# vim cmdb/settings.py
    DATABASES = {
    'default': {
    #'ENGINE': 'django.db.backends.sqlite3',
    #'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
    'ENGINE' : 'django.db.backends.mysql',
    'NAME' : 'cmdb',
    'USER' : 'cmdb',
    'PASSWORD' : 'cmdb123',
    'HOST' : '127.0.0.1',
    'PORT' : '3306',
    'OPTIONS' : {
    'init_command' : 'SET default_storage_engine=INNODB',
    'init_command' : "SET sql_mode='STRICT_TRANS_TABLES'",
    'charset' : 'utf8',
    }
    }
    }
  3. 创建 model(就是创建数据库表)

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    //创建数据库表
    [root@dev cmdb]# cat app/models.py
    from django.db import models
    # Create your models here.
    class Question(models.Model):
    question_text = models.CharField(max_length=200)
    pub_date = models.DateTimeField('date published')

    class Choice(models.Model):
    question = models.ForeignKey(Question,on_delete=models.CASCADE)
    choice_text = models.CharField(max_length=200)
    votes = models.IntegerField(default=0)

    //将数据库表加载到应用中
    (oeaoo) [root@dev cmdb]# cat app/apps.py
    from django.apps import AppConfig
    class AppConfig(AppConfig):
    name = 'app'

    [root@dev cmdb]# vim cmdb/settings.py
    INSTALLED_APPS = [
    'app.apps.AppConfig',
    ]

    //生成sql配置文件
    [root@dev cmdb]# python manage.py makemigrations app
    [root@dev cmdb]# ls -1 app/migrations/
    0001_initial.py
    __init__.py
    __pycache__

    //检查sql语句
    [root@dev cmdb]# python manage.py sqlmigrate app 0001
    BEGIN;
    --
    -- Create model Choice
    --
    CREATE TABLE `app_choice` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `choice_text` varchar(200) NOT NULL, `votes` integer NOT NULL);
    --
    -- Create model Question
    --
    CREATE TABLE `app_question` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `question_text` varchar(200) NOT NULL, `pub_date` datetime NOT NULL);
    --
    -- Add field question to choice
    --
    ALTER TABLE `app_choice` ADD COLUMN `question_id` integer NOT NULL;
    ALTER TABLE `app_choice` ADD CONSTRAINT `app_choice_question_id_614eef1f_fk_app_question_id` FOREIGN KEY (`question_id`) REFERENCES `app_question` (`id`);
    COMMIT;

    //检查执行sql过程
    [root@dev cmdb]# python manage.py check
    System check identified no issues (0 silenced).

    //执行sql语句(创建数据库表)
    [root@dev cmdb]# python manage.py migrate
  4. Django shell环境

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    [root@dev cmdb]# python manage.py shell
    >>> from polls.models import Question,Choice
    >>> Question.objects.all()
    <QuerySet []>
    >>>
    >>> from django.utils import timezone
    >>> q = Question(question_text="What's new?",pub_date=timezone.now())
    >>> q.save()
    >>> q.id
    1
    >>> q.question_text
    "What's new?"
    >>> q.pub_date
    datetime.datetime(2017, 7, 11, 1, 44, 48, 472871, tzinfo=<UTC>)
    >>>
    >>> q.question_text="What's up?"
    >>> q.save()
    >>> Question.objects.all()
    <QuerySet [<Question: Question object>]>
  5. Django admin

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    //创建 Django user
    [root@dev cmdb]# python manage.py createsuperuser
    Username (leave blank to use 'root'): admin
    Email address: liu@xxx.cn
    Password:
    Password (again):
    This password is too short. It must contain at least 8 characters.
    This password is too common.
    Password:
    Password (again):
    Superuser created successfully.

    //启动服务
    [root@dev cmdb]# python manage.py runserver 0.0.0.0:8080

    //通过浏览器访问
    输入: http://192.168.13.208:8080/admin/
    输入账号和密码: admin/adminadmin

django.admin.login

1
2
3
4
5
6
//将应用app通过admin来管理
[root@dev cmdb]# vim app/admin.py
from django.contrib import admin
# Register your models here.
from .models import Question
admin.site.register(Question)

django.admin.manage

1
单击"Question",你可以对插入到数据库里面的数据进行操作(增删改除)

  1. Django view

mysql select join

mysql join 语法


mysql join 示例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
select
from_unixtime(hi.clock,'%Y-%m') as Date, //from_unixtime(时间戳,格式),时间格式化. 列名为Date
g.name as Group_Name, //列名为Group_name
h.host as Host, //列名为Host
round(avg(hi.value_avg),1) as Cpu_Avg_Idle //avg(字段名),求字段平均值;round(小数,保留位),四舍五入函数;列名为Cpu_Avg_Idle
from
hosts_groups hg //表明的别名是hg
join groups g on g.groupid = hg.groupid //groups 表明别名是g,(join...table...on..),g.groupid = hg.groupid表示groups.groupid字段=hosts_groups.groupid字段
join items i on hg.hostid = i.hostid
join hosts h on h.hostid = i.hostid
join trends hi on i.itemid = hi.itemid //多个join表示满足所有条件
where
i.key_='system.cpu.util[,idle]'
and
hi.clock >= UNIX_TIMESTAMP('${year}-${month}-01 00:00:00') //UNIX_TIMESTAMP 将时间转换为时间戳
and
hi.clock < UNIX_TIMESTAMP('${year}-0${next_month}-01 00:00:00')
group by h.host;

python source install

python源码编译

  1. python install

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    [root@localhost app]# xz -d Python-2.7.13.tar.xz
    [root@localhost app]# tar xf Python-2.7.13.tar
    [root@localhost Python-2.7.13]# ./configure --enable-optimizations --prefix=/mnt/app/python.2.7.13
    [root@localhost Python-2.7.13]# make -j 4
    [root@localhost Python-2.7.13]# make -j 4 install

    [root@localhost Python-2.7.13]# ln -s /mnt/app/python.2.7.13 /mnt/app/python

    补充: python升级版本后,yum不可用,解决方法:
    CentOS6:
    [root@localhost Python-2.7.13]# sed -i s/python/python2.6/g /usr/bin/yum
    CentOS7:
    [root@localhost Python-2.7.13]# sed -i s/python/python2.7/g /usr/bin/yum
    [root@localhost Python-2.7.13]# sed -i s/python/python2.7/g /usr/libexec/urlgrabber-ext-down
  2. pip install

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    [root@localhost Python-2.7.13]# wget https://bootstrap.pypa.io/get-pip.py
    [root@localhost Python-2.7.13]# /mnt/app/python/bin/python get-pip.py
    [root@localhost Python-2.7.13]# /mnt/app/python/bin/pip -V

    [root@localhost Python-2.7.13]# mkdir ~/.pip
    [root@localhost Python-2.7.13]# cat > ~/.pip/pip.conf <<EOF
    [global]
    trusted-host=mirrors.aliyun.com
    index-url=http://mirrors.aliyun.com/pypi/simple/
    [list]
    format=columns
    EOF
  3. virtualenv install

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    [root@localhost Python-2.7.13]# /mnt/app/python/bin/pip install virtualenv
    [root@localhost Python-2.7.13]# /mnt/app/python/bin/virtualenv -p /mnt/app/python/bin/python /mnt/web/myenv
    Already using interpreter /mnt/app/python/bin/python
    New python executable in /mnt/web/myenv/bin/python
    Installing setuptools, pip, wheel...done.

    [root@localhost Python-2.7.13]# source /mnt/web/myenv/bin/activate
    (myenv) [root@localhost Python-2.7.13]# pip -V
    pip 9.0.1 from /mnt/web/myenv/lib/python2.7/site-packages (python 2.7)
    (myenv) [root@localhost Python-2.7.13]# deactivate

    [root@localhost Python-2.7.13]# rm -rf /mnt/web/myenv

android install

Android studio install

  1. Android studio download

  2. Android studio install
    注意:

    • 在安装的时候,Android studio的安装位置与SDK存放位置不能在相同磁盘下(windows)
    • Install Type 选择 Custom
    • 选择SDK安装位置
    • 选择configure->project defaults->project structure -> set “SDK location” and “JDK location”
  3. Error

    1
    2
    3
    4
    问题描述: 第一次安装Android studio时候弹出"unable to access android sdk add-on list"信息
    解决方法:
    方法一: 在自己安装的目录下找到"bin\idea.properties",在文件末尾添加一行"disable.android.first.run=true"
    方法二: 点击"setup proxy",选择"Manual proxy configuration->HTTP->HOSTNAME->Port number". HOSTNAME="mirrors.neusoft.edu.cn";Port number=80