当前位置 : 主页 > 操作系统 > centos >

域名系统DNS 二进制、源码编译MYSQL5.7

来源:互联网 收集:自由互联 发布时间:2022-06-20
1、域名系统 DNS 1.1 名字解析介绍和DNS 当前TCP/IP网络中的设备之间进行通信,是利用和依赖于IP地址实现的。但数字形式的IP地址是很难记忆的。当网络设备众多,想要记住每个设备的

1、域名系统 DNS

1.1 名字解析介绍和DNS

当前TCP/IP网络中的设备之间进行通信,是利用和依赖于IP地址实现的。但数字形式的IP地址是很难记忆的。当网络设备众多,想要记住每个设备的IP地址,可以说是“不可能完成的任务”。那么如何解决这一难题呢?我们可以给每个网络设备起一个友好的名称,如:www.magedu.org,这种由文字组成的名称,显而易见要更容易记忆。但是计算机不会理解这种名称的,我们可以利用一种名字解析服务将名称转化成(解析)成IP地址。从而我们就可以利用名称来直接访问网络中设备了。除此之外还有一个重要功能,利用名称解析服务可以实现主机和IP的解耦,即:当主机IP变化时,只需要修改名称服务即可,用户仍可以通过原有的名称进行访问而不受影响。实现此服务的方法是多样的。如下面所述:本地名称解析配置文件:hostsLinux: /etc/hostswindows: %WINDIR%/system32/drivers/etc/hosts122.10.117.2 www.magedu.org93.46.8.89 www.google.comDNS:Domain Name System 域名系统,应用层协议,是互联网的一项服务。它作为将域名和IP地址相互映射的一个分布式数据库,能够使人更方便地访问互联网基于C/S架构,服务器端:53/udp, 53/tcpBIND:Bekerley Internet Name Domain,由 ISC (www.isc.org)提供的DNS软件实现DNS域名结构

1.2 DNS工作原理

  • 用户访问指定的域名时,将该请求发送给本地域名服务器,本地域名服务器先查看本机DNS缓存,看是否存在域名对应的ip地址缓存,如果存在相关记录则直接返回查询到的ip地址给用户。
  • 如果本地缓存没有该记录,则本地域名服务器把请求发送给系统设置的根域名服务器,然后根域服务器再返回被本地域名服务器一个查询域(根域的一级子域)的主域名服务器地址。
  • 本地服务器再向上一步返回的域名服务器发送请求,然后接受请求的服务器查询自己的缓存,如果没有该记录,则返回相关的下级(根域二级子域)域名服务器的地址
  • 重复上一步的查询,直到找到正确的记录,用户通过获取到的ip地址进行访问,同时本地域名服务器把返回的结果保存到缓存,供下次访问使用。

1.3 DNS查询类型

  • 递归查询: 最终结果,负责到底
  • 迭代查询:最好结果,不负责到底
  • 1.4 解析类型

    • FQDN ---> IP正向解析
    • IP ---> FQDN 反向解析

    1.5 完整的查询请求经过的流程

    Client --> hosts文件 --> Client DNS Service Local cache --> DNS Server(recursion递归) --> DNS Server Cache --> DNS iteration(迭代) --> 根 --> 顶级域名DNS --> 二级域名DNS...

    1.6 配置DNS主从服务器

    1.6.1 环境准备

    需要4台主机 DNS主服务器: 10.0.0.8 DNS从服务器: 10.0.0.18 Web服务器: 10.0.0.7 DNS客户端: 10.0.0.6 关闭Selinux 关闭防火墙 时间同步

    1.6.2 配置步骤

    1.6.2.1 主DNS服务端配置

    [root@dnsmaster ~]#yum install bind -y [root@dnsmaster ~]#vim /etc/named.conf #注释掉下面两行 options { // listen-on port 53 { 127.0.0.1; }; // allow-query { localhost; }; #只允许从服务器进行区域传输 allow-transfer { 10.0.0.18;}; [root@dnsmaster ~]#vim /etc/named.rfc1912.zones #加上这段 zone "magedu.org" IN { type master; file "magedu.org.zone"; }; [root@dnsmaster ~]#cp -p /var/named/named.localhost /var/named/magedu.org.zone #如果没有 -p ,需要改权限, chgrp named magedu.org.zone [root@dnsmaster ~]#ll /var/named/magedu.org.zone -rw-r----- 1 root named 152 May 28 04:49 /var/named/magedu.org.zone [root@dnsmaster ~]#vim /var/named/magedu.org.zone $TTL 1D @ IN SOA master admin.magedu.org. ( 1 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS master NS slave master A 10.0.0.8 slave A 10.0.0.18 www IN CNAME websrv websrv IN A 10.0.0.8 websrv IN A 10.0.0.18 [root@dnsmaster ~]#systemctl start named #第一次启动服务 [root@dnsmaster ~]#rndc reload #不是第一次启动服务

    1.6.2.2 从DNS服务器配置

    [root@dnsslave ~]#yum -y install bind [root@dnsslave ~]#vim /etc/named.conf #注释掉下面两行 // listen-on port 53 { 127.0.0.1; }; // allow-query { localhost; }; allow-transfer { none;}; [root@dnsslave ~]#vim /etc/named.rfc1912.zones #加上这段 zone "magedu.org" IN { type slave; masters { 10.0.0.8;}; file "slaves/magedu.org.slave"; }; [root@dnsslave ~]#systemctl status named #第一次启动 [root@dnssalve ~]#rndc reload #不是第一次启动 server reload successful [root@dnssalve ~]#ls /var/named/slaves/magedu.org.slave #查看区域数据库文件是否生成 /var/named/slaves/magedu.org.slave

    1.6.2.3 客户端测试主从DNS服务架构

    [root@webclient ~]#vim /etc/sysconfig/network-scripts/ifcfg-ens33 DNS1="10.0.0.8" DNS2="10.0.0.18" [root@webclient ~]#cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.0.0.8 nameserver 10.0.0.18 #验证DNS服务器是否可以查询 [root@webclient ~]#yum -y install bind-utils Dig [root@webclient ~]#dig www.magedu.org ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> www.magedu.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42729 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;www.magedu.org. IN A ;; ANSWER SECTION: www.magedu.org. 86400 IN CNAME websrv.magedu.org. websrv.magedu.org. 86400 IN A 10.0.0.18 websrv.magedu.org. 86400 IN A 10.0.0.8 ;; AUTHORITY SECTION: magedu.org. 86400 IN NS master.magedu.org. magedu.org. 86400 IN NS slave.magedu.org. ;; ADDITIONAL SECTION: master.magedu.org. 86400 IN A 10.0.0.8 slave.magedu.org. 86400 IN A 10.0.0.18 ;; Query time: 0 msec ;; SERVER: 10.0.0.8#53(10.0.0.8) ;; WHEN: Tue Jun 22 22:48:55 CST 2021 ;; MSG SIZE rcvd: 169 #在主服务器上停止DNS服务 [root@dnsmaster ~]#systemctl stop named #验证辅DNS服务器仍然可以查询 [root@webclient ~]#dig www.magedu.org ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7 <<>> www.magedu.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31645 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;www.magedu.org. IN A ;; AUTHORITY SECTION: magedu.org. 10800 IN SOA master.magedu.org. admin.magedu.org. 1 86400 3600 604800 10800 ;; Query time: 1 msec ;; SERVER: 10.0.0.18#53(10.0.0.18) ;; WHEN: Tue Jun 22 23:03:01 CST 2021 ;; MSG SIZE rcvd: 92

    2、智能DNS相关技术

    2.1 bind中ACL

    ACL:把一个或多个地址归并为一个集合,并通过一个统一的名称调用

    注意:只能先定义后使用;因此一般定义在配置文件中,处于options的前面

    格式:

    acl acl_name { ip; net/prelen; …… }; #范例 acl bjnet { 172.16.0.0/16; 10.10.10.10; };

    2.2 bind有四个内置的acl

    • none 没有一个主机
    • any 任意主机
    • localhost 本机
    • localnet 本机的IP同掩码运算后得到的网络地址

    2.3 访问控制的指令

    • allow-query { }; 允许查询的主机,白名单
    • allow-transfer { }; 允许区域传送的主机,白名单
    • allow-recursion { }; 允许递归的主机,建议全局使用
    • allow-update { }; 允许更新区域数据库中的内容

    2.4 view 视图

    2.4.1 视图:将ACL和区域数据库实现对应关系,以实现智能DNS

  • 一个bind服务器可定义多个view,每个view中可定义一个或多个zone
  • 每个view用来匹配一组客户端
  • 多个view内可能需要对同一个区域进行解析,但使用不同的区域解析库文件
  • 注意:

    • 一旦启用了view,所有的zone都只能定义在view中
    • 仅在允许递归请求的客户端所在view中定义根区域
    • 客户端请求到达时,是自上而下检查每个view所服务的客户端列表

    2.4.2 view 格式

    view VIEW_NAME { match_clients { bjnet ; }; zone "magedu.org" { type master; file "magedu.org.zone.bj"; }; include "/etc/named.rfc1912.zones"; }; view VIEW_NAME { match_clinets { shnet; }; zone "magedu.org" { type master; file "magedu.org.zone.sh"; }; include "/etc/named.rfc1912.zones" };

    2.5 实例: 利用view实现智能 DNS

    2.5.1 DNS服务器的网卡配置

    #配置两个IP地址 #ens33: 10.0.0.8/24 #ens37: 192.168.233.8/24 [root@dnsmaster network-scripts]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:69:25:9d brd ff:ff:ff:ff:ff:ff inet 10.0.0.8/24 brd 10.0.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::9c5c:b7f5:f8c5:58b2/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:69:25:a7 brd ff:ff:ff:ff:ff:ff inet 192.168.233.8/24 brd 192.168.233.255 scope global noprefixroute ens37 valid_lft forever preferred_lft forever inet6 fe80::50f2:1900:61d2:93d5/64 scope link noprefixroute valid_lft forever preferred_lft forever

    2.5.2 主DNS服务端配置文件实现view

    [root@CentOS8 ~]#vim /etc/named.conf # 在文件最前面加下面行 acl bjnet { 192.168.233.0/24; }; acl shnet { 10.0.0.0/24; }; acl othernet { any; }; #注释掉下面两行 // listen-on port 53 { 127.0.0.1; }; // allow-query { localhost; }; #创建view view bjview { match-clients {bjnet;}; include "/etc/named.rfc1912.zones.bj"; }; view shview { match-clients {shnet;}; include "/etc/named.rfc1912.zones.sh"; }; view otherview { match-clients {othernet;}; include "/etc/named.rfc1912.zones.other"; };

    2.5.3 实现区域配置文件

    [root@CentOS8 ~]#cp /etc/named.rfc1912.zones /etc/named.rfc1912.zones.bj [root@CentOS8 ~]#chgrp named /etc/named.rfc1912.zones.bj [root@CentOS8 ~]#cp -p /etc/named.rfc1912.zones.bj /etc/named.rfc1912.zones.sh [root@CentOS8 ~]#cp -p /etc/named.rfc1912.zones.bj /etc/named.rfc1912.zones.other [root@CentOS8 ~]#ll /etc/named.rfc1912.zones* -rw-r----- 1 root named 1096 Jun 22 21:35 /etc/named.rfc1912.zones -rw-r----- 1 root named 1208 Jun 26 23:13 /etc/named.rfc1912.zones.bj -rw-r----- 1 root named 1208 Jun 26 23:13 /etc/named.rfc1912.zones.other -rw-r----- 1 root named 1208 Jun 26 23:13 /etc/named.rfc1912.zones.sh [root@CentOS8 ~]#vim /etc/named.rfc1912.zones.bj zone "." IN { type hint; file "named.ca"; }; zone "magedu.org" { type master; file "magedu.org.zone.bj"; }; [root@CentOS8 ~]#vim /etc/named.rfc1912.zones.sh zone "." IN { type hint; file "named.ca"; }; zone "magedu.org" { type master; file "magedu.org.zone.sh"; }; [root@CentOS8 ~]#vim /etc/named.rfc1912.zones.other zone "." IN { type hint; file "named.ca"; }; zone "magedu.org" { type master; file "magedu.org.zone.other"; };

    2.5.4 创建区域数据库文件

    [root@CentOS8 named]#vim magedu.org.zone.bj $TTL 1D @ IN SOA master admin ( 2021062701; 1D; 1H; 1W; 3H ); NS master master A 10.0.0.8 www A 10.0.0.100 [root@CentOS8 named]#vim magedu.org.zone.sh $TTL 1D @ IN SOA master admin ( 2021062701; 1D; 1H; 1W; 3H ); NS master master A 10.0.0.8 www A 192.168.233.100 [root@CentOS8 named]#vim magedu.org.zone.other $TTL 1D @ IN SOA master admin ( 2021062701; 1D; 1H; 1W; 3H ); NS master master A 10.0.0.8 www A 127.0.0.1 [root@CentOS8 named]#systemctl stauts named [root@CentOS8 named]#rndc reload

    2.5.5 客户端验证

    [root@client ~]#yum -y install bind-utils [root@client ~]#host www.magedu.org 10.0.0.8 Using domain server: Name: 10.0.0.8 Address: 10.0.0.8#53 Aliases: www.magedu.org has address 192.168.233.100 [root@server1 ~]#host www.magedu.org 192.168.233.8 Using domain server: Name: 192.168.233.8 Address: 192.168.233.8#53 Aliases: www.magedu.org has address 10.0.0.100 [root@CentOS8 ~]#host www.magedu.org 127.0.0.1 Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: www.magedu.org has address 127.0.0.1

    3、编译、二进制安装MYSQL5.7

    3.1 通用二进制格式安装 MYSQL

    3.3.1 创建用户

    [root@CentOS8 ~]#groupadd -r -g 306 mysql [root@CentOS8 ~]#useradd -r -g 306 -u 306 -d /data/mysql mysql

    3.3.2 安装相关包

    [root@CentOS8 data]#yum -y install libaio numactl-libs

    3.3.3 准备二进制程序文件

    [root@CentOS8 src]#wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz # 二进制安装文件必须解压到/usr/local [root@CentOS8 src]#tar xf mysql-5.7.33-linux-glibc2.12-x86_64.tar.gz -C /usr/local/ [root@CentOS8 src]#cd /usr/local/ [root@CentOS8 local]#ln -s mysql-5.7.33-linux-glibc2.12-x86_64/ mysql [root@CentOS8 local]#chown -R root.root /usr/local/mysql

    3.3.4 配置环境变量

    [root@CentOS8 local]#echo 'PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh [root@CentOS8 local]#. /etc/profile.d/mysql.sh

    3.3.5 准备配置文件

    [root@CentOS8 local]#vim /etc/my.cnf [mysqld] datadir=/data/mysql skip_name_resolve=1 socket=/data/mysql/mysql.sock log-error=/data/mysql/mysql.log pid-file=/data/mysql/mysql.pid [client] socket=/data/mysql/mysql.sock

    3.3.6 生成数据库文件,并提前root密码

    [root@CentOS8 local]#mysqld --initialize --user=mysql --datadir=/data/mysql [root@CentOS8 local]#grep password /data/mysql/mysql.log 或者 [root@CentOS8 local]#awk '/temporary password/{print $NF}' /data/mysql/mysql.log -mYNGF8YiqJg

    3.3.7 准备服务脚本和启动

    [root@CentOS8 local]#cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld [root@CentOS8 local]#chkconfig --add mysqld [root@CentOS8 local]#service mysqld start Starting MySQL. SUCCESS!

    3.3.8 修改口令 ,并测试登录

    [root@CentOS8 local]#mysqladmin -uroot -p'-mYNGF8YiqJg' password 123.com [root@server1 local]#mysql -uroot -p123.com mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 4 Server version: 5.7.33 MySQL Community Server (GPL) Copyright (c) 2000, 2021, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec)

    3.3.9 设置开机启动

    [root@server1 local]#vim /etc/rc.local #添加下面内容 /etc/init.d/mysqld start [root@server1 local]#chmod +x /etc/rc.local

    3.2 源码编译安装MYSQL5.7

    3.2.1 安装相关依赖包

    [root@mysql-db ~]#yum -y install bison bison-devel zlib-devel libcurl-devel libarchive-devel boost-devel gcc gcc-c++ cmake ncurses-devel gnutls-devel libxml2-devel openssl-devel libevent-devel libaio-devel

    3.2.2 创建用户和数据目录

    [root@mysql-db ~]#useradd -r -s /sbin/nologin -d /data/mysql mysql [root@mysql-db ~]#mkdir /data/mysql [root@mysql-db ~]#chown mysql.mysql /data/mysql/

    3.3.3 下载并解压缩源码包

    [root@mysql-db src]#wget https://mirrors.tuna.tsinghua.edu.cn/mysql/downloads/MySQL-5.7/mysql-boost-5.7.31.tar.gz [root@mysql-db src]#tar zxvf mysql-boost-5.7.31.tar.gz [root@mysql-db src]#cd mysql-5.7.31/

    3.3.4 源码编译安装MYSQL5.7

    [root@mysql-db mysql-5.7.31]#cmake -DCMAKE_INSTALL_PREFIX=/app/mysql -DMYSQL_DATADIR=/data/mysql/ -DSYSCONFDIR=/etc/ -DMYSQL_USER=mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_BOOST=boost [root@mysql-db mysql-5.7.31]#make && make install

    source_mysql.png

    #编译安装完成后文件目录内容, 并修改用户组 [root@mysql-db mysql-5.7.31]#cd /app/mysql/ [root@mysql-db mysql]#ll total 296 drwxr-xr-x 2 root root 4096 Jun 29 22:01 bin drwxr-xr-x 2 root root 55 Jun 29 22:01 docs drwxr-xr-x 3 root root 4096 Jun 29 22:01 include drwxr-xr-x 4 root root 192 Jun 29 22:01 lib -rw-r--r-- 1 root root 275393 Jun 2 2020 LICENSE drwxr-xr-x 4 root root 30 Jun 29 22:01 man drwxr-xr-x 10 root root 4096 Jun 29 22:01 mysql-test -rw-r--r-- 1 root root 587 Jun 2 2020 README -rw-r--r-- 1 root root 587 Jun 2 2020 README-test drwxr-xr-x 28 root root 4096 Jun 29 22:01 share drwxr-xr-x 2 root root 90 Jun 29 22:01 support-files [root@mysql-db mysql]#chown -R mysql.mysql /app/mysql/

    3.3.5 配置环境变量

    [root@mysql-db mysql]#echo 'PATH=/app/mysql/bin:$PATH' > /etc/profile.d/mysql.sh [root@mysql-db mysql]#. /etc/profile.d/mysql.sh

    3.3.6 准备配置文件

    [root@mysql-db mysql]#cp /etc/my.cnf{,.bak} [root@mysql-db mysql]#vim /etc/my.cnf [mysqld] datadir=/data/mysql socket=/data/mysql/mysql.sock [mysqld_safe] log-error=/data/mysql/mysql.log pid-file=/data/mysql/mysql.pid [client] socket=/data/mysql/mysql.sock

    3.3.7 生成数据库文件,并提取root密码

    [root@mysql-db mysql]#mysqld --initialize --user=mysql --datadir=/data/mysql ...省略... 2021-06-29T14:38:20.823587Z 1 [Note] A temporary password is generated for root@localhost: Vwd*jkKMY4UB #生成的root密码 [root@mysql-db mysql]#grep password /data/mysql/mysql.log [root@mysql-db mysql]#awk '/temporary password/{print $NF}' /data/mysql/mysql.log Vwd*jkKMY4UB

    3.3.8 准备服务脚本和启动

    [root@mysql-db mysql]#cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld [root@mysql-db mysql]#chkconfig --add mysqld [root@mysql-db mysql]#service mysqld start Starting MySQL. SUCCESS!

    3.3.9 修改口令,并测试登录

    [root@mysql-db bin]#mysqladmin -uroot -p'Vwd*jkKMY4UB' password 123.com mysqladmin: [Warning] Using a password on the command line interface can be insecure. Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety. [root@mysql-db bin]#mysql -uroot -p123.com mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3 Server version: 5.7.31 Source distribution Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec) mysql> exit Bye

    3.3.10 设置开机启动

    [root@mysql-db bin]#systemctl enable mysqld mysqld.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig mysqld on
    网友评论