软件包管理概述
安装/查询/卸载
一、软件的类型
A. 源码包 需要编译 nginx-1.8.1.tar.gz
B. 二进制包 已编译 mysql-community-common-5.7.12-1.el7.x86_64.rpm
常见二进制包
系统平台 包类型 工具 在线安装(自动解决依赖关系)
RedHat/Centos RPM rpm,rpmbuild yum
Ubuntu/Debian DPKG dpkg apt
注意: 不管是源码包,还是二进制包,安装时都可能会有依赖关系!
二、RPM包管理
主要获得RPM包途径:
1. RedHat光盘或官方网站 ftp://ftp.redhat.com
2. rpmfind.net
3. 相应软件官方网站如 http://www.mysql.com
认识RPM包:
ntfs-3g-2011.4.12-5.el5.x86_64.rpm 套件名
ntfs-3g-2011.4.12-5.el6.i686.rpm 套件名
ntfs-3g-2011.4.12-5.el6.x86_64.rpm 套件名
yum-rhn-plugin-0.9.1-40.el6.noarch.rpm 套件名
yum-utils-1.1.30-14.el6.noarch.rpm 套件名
mysql-community-common-5.7.12-1.el7.i686.rpm
mysql-community-common-5.7.12-1.el7.x86_64.rpm vsy
mysql-community-embedded-devel-5.7.12-1.el6.x86_64.rpm
php-5.6.20-1.fc23.x86_64.rpm
php-5.6.20-1.fc23.ppc64p7.rpm IBM 小型机CPU Power
软件包名 版本号(Version) 发布版本(Release) 系统平台
ntfs-3g 2011.4.12 5.el6 i386
ntfs-3g 2011.4.12 5.el6 x86_64
yum-utils 1.1.30 14.el6 noarch
php 5.6.20 1.fc23 x86_64
php 5.6.20 1.fc23 ppc64p7
[root@CentOS7 ~]# uname -m
x86_64
[root@CentOS7 ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
==========================================================
yum管理RPM 包
YUM使用官方源
====================================================================================
http://mirrors.aliyun.com/
http://mirrors.163.com/
Base/Extras/Updates: 默认(国外源)
mkdir /etc/yum.repos.d/backup
mv /etc/yum.repos.d/{*.repo,backup}
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo (aliyun)
yum clean all
yum makecache
EPEL:
yum -y install epel-release (国外源)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo (aliyun)
Nginx:
[root@CentOS7 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
MySQL:
yum -y install https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
Zabbix:
# rpm -ivh http://repo.zabbix.com/zabbix/3.2/rhel/7/x86_64/zabbix-release-3.2-1.el7.noarch.rpm
openstack:
使用YUM管理RPM包
自动解决包的依赖关系
==查看可用仓库
[root@CentOS7 ~]# yum clean all //清空缓存及其它文件
[root@CentOS7 ~]# yum makecache //重建缓存
[root@CentOS7 ~]# yum repolist //查询可用的仓库
==安装
# yum -y install httpd vsftpd *vnc
# yum -y reinstall httpd
# yum -y update httpd
# yum -y update
# yum -y install /root/OpenIPMI-2.0.19-11.el7.x86_64.rpm //从本地安装
# yum -y install https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
# yum -y groupinstall mariadb
# yum -y remove httpd
# yum -y groupremove mariadb
==查询(从本地 rpm数据库 和 yum源 中查询)
# yum list httpd
# yum list *vnc*
# yum list |grep vnc
# yum list installed
# yum info httpd
# yum group list
# yum grouplist
# yum groupinfo mariadb
==卸载
[root@CentOS7 ~]# yum -y remove mysql-server
[root@CentOS7 ~]# yum -y groupremove mysql-server
==history
# yum history
# yum history info 4
# yum history undo 4
扩展查询:
例1: 从包名和包描述中查找带有关键字chinese的包
# yum list |grep chinese
# yum list |grep piny
# yum search chinese
例2:查找/etc/vsftpd/vsftpd.conf属由哪个包提供?
[root@server0 ~]# yum provides /etc/vsftpd/vsftpd.conf
Loaded plugins: langpacks
vsftpd-3.0.2-9.el7.x86_64 : Very Secure Ftp Daemon
Repo : classroom_content_rhel7.0_x86_64_dvd_
Matched from:
Filename : /etc/vsftpd/vsftpd.conf
[root@server0 ~]# yum -y install vsftpd-3.0.2-9.el7.x86_64
例3:查找vsftpd.conf属由哪个包提供?
[root@server0 ~]# yum provides */vsftpd.conf
例4:查找命令gnuplot属由哪个包提供?
[root@server0 ~]# gnuplot
bash: gnuplot: command not found...
[root@server0 ~]#
[root@server0 ~]# yum provides gnuplot
Loaded plugins: langpacks
gnuplot-4.6.2-3.el7.x86_64 : A program for plotting mathematical expressions and data
Repo : classroom_content_rhel7.0_x86_64_dvd
例5:查找命令pip属由哪个包提供?
[root@server0 ~]# pip
bash: pip: command not found...
[root@server0 ~]# yum -y install pip
使用自建源
Base源 [centos7光盘文件]
第三方软件源 [yum缓存]
建议:
刚安装好系统 Base/Extras/Updates: yum -y update
zabbix,nginx: yum -y install zabbix --downloadonly
综合案例:建立YUM服务器
1. 提供基础软件包Base [光盘]
2. 提供update软件包 [yum缓存]
3. 提供其它软件包如nginx, zabbix, docker, hadoop, openstack [yum缓存]
配置防火墙
[root@yangs ~]# firewall-cmd --permanent --add-service=ftp
[root@yangs ~]# firewall-cmd --reload
关闭SELinux
[root@yangs ~]# setenforce 0
[root@yangs ~]# vim /etc/sysconfig/selinux
SELINUX=disabled
FTP
[root@yangs ~]# yum -y install vsftpd
[root@yangs ~]# systemctl start vsftpd
[root@yangs ~]# systemctl enable vsftpd
实现目标1:提供基础软件Base
挂载centos镜像
[root@yangs ~]# mkdir /var/ftp/{centos6u6,centos7u2}
[root@yangs ~]# mount -o loop /home/centos7u2.iso /var/ftp/centos7u2
[root@yangs ~]# echo “mount -o loop /home/centos7u2.iso /var/ftp/centos7u2” >> /etc/rc.local
[root@yangs ~]# chmod +x /etc/rc.d/rc.local
实现目标2: 提供其它软件包如nginx, zabbix
复制已缓存的Nginx 及依赖包 到自定义YUM仓库目录中:
[root@CentOS7 ~]# mkdir /var/ftp/{nginx,zabbix}
YUM缓存:
1. 配置nginx及zabbix源
[root@CentOS7 ~]# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
2. 启动yum缓存安装nginx
[root@yangs ~]# vim /etc/yum.conf
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1
debuglevel=2
[root@yangs ~]# yum clean all
[root@yangs ~]# yum -y install nginx
[root@yangs ~]# find /var/cache/yum/x86_64/7/ -iname "*.rpm" -exec cp -rf {} /var/ftp/nginx
2. downloadonly
[root@aliyun ~]# yum -y install nginx --downloadonly
3. 创建reopdata:
[root@yangs ~]# yum -y install createrepo
[root@yangs ~]# createrepo /var/ftp/nginx //如果加入新软件包,重新创建
[root@CentOS7 ~]# ls /var/ftp/nginx/
nginx-1.8.1-1.el6.ngx.x86_64.rpm repodata
客户端使用YUM源:
[root@client ~]# vim /etc/yum.repos.d/centos7.repo //指向基础源
[centos7]
name=centos7
baseurl=ftp://x.x.x.x/centos7u2
gpgcheck=0
[root@client ~]# vim /etc/yum.repos.d/nginx.repo //指向nginx源
[nginx]
name=nginx
baseurl=ftp://x.x.x.x/nginx
gpgcheck=0
[root@client ~]# yum -y install nginx
1000台client使用自定义源:
1. Shell script
2. Saltstack, Asible, Puppet
YUM使用签名检查机制
rpm软件提供组织例如redhat在构建rpm包时,使用其private key对rpm进行签名
client在使用其rpm时,为了验证其合法性,可以使用redhat提供的public key进行签名检查
方法一: 事先导入公钥
[root@CentOS7 ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 //redhat
[root@CentOS7 ~]# vim /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
方法二: 指定公钥的位置
[root@CentOS7 ~]# vim /etc/yum.repos.d/CentOS-Base.repo
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
额外选项:
--nogpgcheck //不检查软件包的签名
本地源:例如使用安装光盘 [了解]
挂载安装光盘(临时):
[root@CentOS7 ~]# mount /dev/cdrom /media
[root@CentOS7 ~]# mount -o loop centos7u2.iso /media
[root@CentOS7 ~]# vim /etc/yum.repos.d/dvd.repo
[dvd]
name=dvd
baseurl=file:///media
gpgcheck=0
使用RPM工具管理RPM包
需要手动解决包的依赖关系
==安装
rpm -ivh local_path
rpm -ivh url_path
[root@CentOS7 ~]# rpm -ivh dos2unix-3.1-37.el6.x86_64.rpm 套件名
[root@CentOS7 ~]# rpm -ivh ntfs-3g-2010.5.22-1.el6.x86_64.rpm 套件名
[root@CentOS7 ~]# rpm -Uvh ntfs-3g-2011.4.12-5.el6.x86_64.rpm 套件名
[root@CentOS7 ~]# rpm -ivh ftp://rpmfind.net/linux/atrpms/sl6-x86_64/atrpms/stable/puppet-3.2.4-3.el6.noarch.rpm
[root@CentOS7 ~]# rpm -ivh rpm -ivh https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
额外选项:
--nosignature //不检验软件包的签名
--force //强制安装软件包
--nodeps //忽略依赖关系
RPM包安装信息存储到本地RPM数据库中。。。
==查询
(从本地的rpm数据库)
[root@CentOS7 ~]# rpm -q ntfs-3g //查询指定包是否安装
[root@CentOS7 ~]# rpm -qa |grep ntfs
[root@CentOS7 ~]# rpm -ql ntfs-3g //查询ntfs-3g安装的文件
[root@CentOS7 ~]# rpm -qf /usr/bin/ntfs-3g //查询该文件属于哪个rpm包
[root@CentOS7 ~]# rpm -qi ntfs-3g //查询包的information
[root@CentOS7 ~]# rpm -qc ntfs-3g //查询某个包安装的配置文件
[root@CentOS7 ~]# rpm -qd vsftpd //查安装的帮助文档
(从rpm套件中查询)
扩展知识: 针对没有安装的包,直接从套件中查询
[root@CentOS7 ~]# rpm -e ntfs-3g
[root@CentOS7 ~]# rpm -qip ntfs-3g-2011.4.12-5.el6.x86_64.rpm
[root@CentOS7 ~]# rpm -qlp ntfs-3g-2011.4.12-5.el6.x86_64.rpm
[root@CentOS7 ~]# rpm -qcp ntfs-3g-2011.4.12-5.el6.x86_64.rpm
[root@CentOS7 ~]# rpm -qdp ntfs-3g-2011.4.12-5.el6.x86_64.rpm
==卸载
[root@CentOS7 ~]# rpm -e ntfs-3g
[root@CentOS7 ~]# rpm -e ntfs-3g --nodeps
案例1:安装系统光盘上的rpm包
[root@CentOS7 ~]# mount /dev/cdrom /media
[root@CentOS7 ~]# df
文件系统 1K-块 已用 可用 已用% 挂载点
/dev/sr0 3632776 3632776 0 100% /media
案例2: 使用iso镜像文件
[root@CentOS7 ~]# mount -o loop /home/centos7.iso /media
案例3:安装如下软件包
vsftpd
samba
nfs-utils
httpd
dhcp
postfix
mysql-server
php
lftp
dos2unix
unix2dos
tigervnc
[root@CentOS7 Packages]# pwd
/media/cd/Packages
[root@CentOS7 Packages]# rpm -ivh samba-3.0.33-3.37.el5.i386.rpm samba-common-3.0.33-3.37.el5.i386.rpm
rpm工具管理软件包总结:
1. 很难解决包依赖关系
2. 如果某个文件没有,很难知道它由哪个rpm包提供,例如 semanage 或 tree 命令是由哪个包提供?
源码包管理
1. 获得源码包途径
官方网站,可以获得最新的软件包
Apache: www.apache.org
Nginx: www.nginx.org
Tengine: tengine.taobao.org
2. 安装源码包
准备工作
1. 编译环境如编译器gcc、make
2. 准备软件 tengine-2.2.0.tar.gz
部署Tengine
pcre: 支持正则表达式,地址重写rewrite
# yum -y install gcc make zlib-devel pcre pcre-devel openssl-devel
Tengine:
# useradd www
# tar xvf tengine-2.2.0.tar.gz
# cd tengine-2.2.0
# ./configure
> --user=www
> --group=www
> --prefix=/usr/local/nginx
> --with-http_stub_status_module
> --with-http_sub_module
> --with-http_ssl_module
> --with-pcre
# make
# make install
# /usr/local/nginx/sbin/nginx //启动nginx服务器
# systemctl stop firewalld
3. 详解源码安装三步曲
# ./configure
a. 指定安装路径,例如 --prefix=/usr/local/nginx
b. 启用或禁用某项功能, 例如 --enable-ssl, --disable-filter --with-http_ssl_module
c. 和其它软件关联,例如--with-pcre
d. 检查安装环境,例如是否有编译器gcc,是否满足软件的依赖需求
最终生成:Makefile
# make //按Makefile文件编译,可以使用-j 2指定两颗CPU编译,优化编译器参数
# make install //按Makefile定义的文件路径安装
源码安装错误:
error1:
./configure: error: the HTTP gzip module requires the zlib library.
You can either disable the module by using --without-http_gzip_module
option, or install the zlib library into the system, or build the zlib library
statically from the source with nginx by using --with-zlib=<path> option.
解决方案:
# yum -y install zlib-devel
error2:
./configure: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.
解决方案:
# yum -y install openssl-devel
error3:
checking for C compiler ... not found
./configure: error: C compiler cc is not found
解决方案:
# yum -y install gcc gcc-c++ make
error4:
./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.
解决方案:
# yum -y install pcre-devel
安装源码的技巧:
README
INSTALL