FreeBSD10 mysql57-server install 

 

root@bsd10:~ # whereis mysql57-server
mysql57-server: /usr/ports/databases/mysql57-server
root@bsd10:~ # cd /usr/ports/databases/mysql57-server && make install clean

 

OK 선택 하여 설치를 진행 합니다.

설치완료후 메세지

*****************************************************************************

Remember to run mysql_upgrade the first time you start the MySQL server
after an upgrade from an earlier version.

Initial password for first time use of MySQL is saved in $HOME/.mysql_secret
ie. when you want to use "mysql -u root -p" first you should see password
in /root/.mysql_secret

MySQL57 has a default %%ETCDIR%%/my.cnf,
remember to replace it wit your own
or set `mysql_optfile="$YOUR_CNF_FILE` in rc.conf.

*****************************************************************************

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/lib/mysql/plugin/mysqlx.so
/usr/local/lib/mysql/plugin/group_replication.so
/usr/local/libexec/mysqld

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/mysql-server

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.mysql.com/
root@bsd10:/usr/ports/databases/mysql57-server #

 

DB 디렉토리 생성

root@bsd10:~ # mkdir /mysql
root@bsd10:~ # chown -R mysql:mysql /mysql

 

/etc/rc.conf 수정

root@bsd10:~ # vi /etc/rc.conf
mysql_enable="YES"
mysql_dbdir="/mysql"

 

my.cnf  수정

root@bsd10:~ # vi /usr/local/etc/mysql/my.cnf
[client]
port                            = 3306
socket                          = /tmp/mysql.sock
default-character-set = utf8

[mysqld]
user                            = mysql
port                            = 3306
socket                          = /tmp/mysql.sock
bind-address                    = 127.0.0.1
basedir                         = /usr/local
#datadir                         = /var/db/mysql
datadir                         = /mysql

character-set-server=utf8
skip-character-set-client-handshake

 

mysql-server 구동및 동작확인

root@bsd10:~ # service mysql-server start
Starting mysql.
root@bsd10:~ #
root@bsd10:~ # sockstat -4|grep -i mysql
mysql    mysqld     69144 23 tcp4   127.0.0.1:3306        *:*
root@bsd10:~ #

 

mysql-server 설정

root@bsd10:~ # /usr/local/bin/mysql_secure_installation
mysql_secure_installation: [ERROR] unknown variable 'default-character-set=utf8'

Securing the MySQL server deployment.

Connecting to MySQL server using password in '/root/.mysql_secret'

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: no
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y

New password:

Re-enter new password:
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done!
root@bsd10:~ #

 

패스워드 변경 및 locale 확인

root@bsd10:~ # mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.20-log

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

root@localhost [(none)]> SET PASSWORD FOR root@localhost=password('password');
Query OK, 0 rows affected, 1 warning (0.00 sec)

root@localhost [(none)]> quit;
Bye
root@bsd10:~ # mysql -uroot -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.7.20-log Source distribution

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

root@localhost [(none)]> status;
--------------
mysql  Ver 14.14 Distrib 5.7.20, for FreeBSD10.4 (amd64) using  EditLine wrapper

Connection id:          8
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          more
Using outfile:          ''
Using delimiter:        ;
Server version:         5.7.20-log Source distribution
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    utf8
Db     characterset:    utf8
Client characterset:    utf8
Conn.  characterset:    utf8
UNIX socket:            /tmp/mysql.sock
Uptime:                 3 min 48 sec

Threads: 1  Questions: 30  Slow queries: 0  Opens: 117  Flush tables: 1  Open ta                                                                                                                                                                                               bles: 111  Queries per second avg: 0.131
--------------

root@localhost [(none)]> quit;
Bye
root@bsd10:~ #

 

cacti 권장 my.cnf 값

character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
skip-character-set-client-handshake
max_heap_table_size             = 200M
tmp_table_size                  = 64M
join_buffer_size                = 64M
innodb_doublewrite              = OFF
innodb_flush_log_at_timeout     = 3
innodb_read_io_threads          = 32
innodb_write_io_threads         = 16

 

FreeBSD Cacti 설치

APM 설치가 진행 되어 있어야 합니다.

apm 설치의 경우 (freebsd_apm설치) 를 참고 하시면 됩니다.

(가상화 환경에서 설치 한다고 하면 2Core Cpu 에 메모리 4G 정도 추가 하여 설치 하시기 바랍니다. 1Core / 메모리 1G 시 3시간 이상 걸립니다.)

pkg install cacti 로 설치 하여도 됩니다.

ports 설치시 cacti 에 필요한 패키지를 한번에 설치 할수 있는 장점이 있지만 설치시간이 오래 걸리는 단점도 있습니다.

 

Cacti 설치

root@bsd11:~ # whereis cacti
cacti: /usr/ports/net-mgmt/cacti
root@bsd11:~ # cd /usr/ports/net-mgmt/cacti && make install clean
===>  License GPLv2 accepted by the user
===>   cacti-1.1.27 depends on file: /usr/local/sbin/pkg - found
=> cacti-1.1.27.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch http://www.cacti.net/downloads/cacti-1.1.27.tar.gz
cacti-1.1.27.tar.gz                            32% of 8737 kB   24 kBps 03m49s

패키지 다운로드후 별도의 체크 없이 OK 를 눌러 설치를 진행 합니다.

(추가적으로 같이 설치될 패키가 있을경우 체크 하여 설치 하여도 됩니다.)

 

설치완료후 메세지

Cacti is now installed. If you install it for the first time,
you may have to follow this steps to make it work correctly:

1. Create the MySQL database, a cacti user, and initialize:
   a) CREATE DATABASE `cacti`;
   b) Create a mysql user/password for cacti:
      CREATE USER 'cacti'@'localhost' IDENTIFIED BY 'password';
      FLUSH PRIVILEGES;
   c) Add GRANTS:
      GRANT ALL ON `cacti`.* TO 'cacti'@'localhost';
      GRANT SELECT ON `mysql`.`time_zone_name` TO 'cacti'@'localhost';
      FLUSH PRIVILEGES;
   d) Import the default cacti database:
      mysql --database=cacti -ucacti -p < /usr/local/share/cacti/cacti.sql

   If you haven't already imported your MySQL timezone data, you need to do this:
      mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql

 NOTE:
   * Cacti does not LOCK TABLES.

2. Edit /usr/local/share/cacti/include/config.php from the template
   config.php.orig.

   PHP requires the time zone to be explicitly set rather that rely on
   the system time zone, otherwise poller complains. I added the
   following line to my config.php:

   date_default_timezone_set('America/Los_Angeles');

3. Add the following line to cron for cacti:
*/5 * * * * /usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null 2>&1

4. Example Apache 2.4 configuration:
   (This assumes that you have installed a working PHP Apache install, e.g. with mod_php)


   <FilesMatch "\.php$">
       SetHandler application/x-httpd-php
   </FilesMatch>
   <FilesMatch "\.phps$">
       SetHandler application/x-httpd-php-source
   </FilesMatch>

   DirectoryIndex index.php

   DocumentRoot "/usr/local/share/cacti"

   Alias /cacti "/usr/local/share/cacti/"
   Alias /Cacti "/usr/local/share/cacti/"

   <Directory "/usr/local/share/cacti">
      Require all granted
      AllowOverride None
      Order Allow,deny
      Allow from all
   </Directory>

5. Open a Cacti login page in your web browser and follow the install instructions.


If you update cacti, open a login page and an updating process will
start automatically.

NOTEs as of 10Aug2014:

1) Cacti now better supports hier(7)

   a) Cacti log files are now found under /var/log/cacti where you can
      manage them using newsyslog.
   b) Cacti RRD files are now found under /var/db/cacti/rra.

   If you have an existing Cacti installation these paths are also
   found in Cacti's SQL database and MUST be updated. These two SQL
   commands should do the trick:

   UPDATE settings SET value='/var/log/cacti/log' \
     WHERE name='path_cactilog';

   UPDATE poller_item SET rrd_path=\
     REPLACE(rrd_path,'/usr/local/share/cacti/rra','/var/db/cacti/rra') \
     WHERE rrd_path REGEXP '^/usr/local/share/cacti/rra';

2) The PERL paths in the Cacti PERL scripts have been updated to
   /usr/local/bin.

Other Erratas:
   1) Mount linprocfs in /compat/linux/proc will allow most scripts to work.
   2) This package does not install a MySQL server in case you wish to use an
      external MySQL server.  Install a package such as mysql57-server if you
      require a local server.
=======================================================================

===>  Cleaning for rrdtool-1.7.0_1
===>  Cleaning for intltool-0.51.0_1
===>  Cleaning for p5-XML-Parser-2.44
===>  Cleaning for freetype2-2.8_1
===>  Cleaning for png-1.6.34
===>  Cleaning for cairo-1.14.8_1,2
===>  Cleaning for xcb-util-renderutil-0.3.9_1
===>  Cleaning for xorg-macros-1.19.1
===>  Cleaning for libxcb-1.12_2
===>  Cleaning for check-0.12.0
===>  Cleaning for xcb-proto-1.12
===>  Cleaning for libpthread-stubs-0.4
===>  Cleaning for libxslt-1.1.29_1
===>  Cleaning for libgcrypt-1.8.1
===>  Cleaning for libgpg-error-1.27
===>  Cleaning for libXau-1.0.8_3
===>  Cleaning for xproto-7.0.31
===>  Cleaning for libXdmcp-1.1.2
===>  Cleaning for xcb-util-0.4.0_2,1
===>  Cleaning for mesa-libs-17.2.4
===>  Cleaning for llvm40-4.0.1_3
===>  Cleaning for binutils-2.28,1
===>  Cleaning for gmp-6.1.2
===>  Cleaning for mpfr-3.1.6
===>  Cleaning for swig30-3.0.12
===>  Cleaning for lua52-5.2.4
===>  Cleaning for py27-enum34-1.1.6
===>  Cleaning for ninja-1.8.2,2
===>  Cleaning for dri2proto-2.8
===>  Cleaning for dri3proto-1.0
===>  Cleaning for glproto-1.4.17
===>  Cleaning for presentproto-1.1
===>  Cleaning for libX11-1.6.5,1
===>  Cleaning for bigreqsproto-1.1.2
===>  Cleaning for xcmiscproto-1.2.2
===>  Cleaning for xextproto-7.3.0
===>  Cleaning for xtrans-1.3.5
===>  Cleaning for kbproto-1.0.7
===>  Cleaning for inputproto-2.3.2
===>  Cleaning for xf86bigfontproto-1.2.0
===>  Cleaning for libXdamage-1.1.4_3
===>  Cleaning for damageproto-1.2.1
===>  Cleaning for fixesproto-5.0
===>  Cleaning for libXfixes-5.0.3
===>  Cleaning for libXext-1.3.3_1,1
===>  Cleaning for libxshmfence-1.2_2
===>  Cleaning for libXxf86vm-1.1.4_1
===>  Cleaning for xf86vidmodeproto-2.3.1
===>  Cleaning for libdrm-2.4.88,1
===>  Cleaning for libpciaccess-0.13.5
===>  Cleaning for pciids-20171011
===>  Cleaning for libunwind-20170113_1
===>  Cleaning for pixman-0.34.0
===>  Cleaning for libXrender-0.9.10
===>  Cleaning for renderproto-0.11.1
===>  Cleaning for fontconfig-2.12.1,1
===>  Cleaning for glib-2.50.2_7,1
===>  Cleaning for pango-1.40.6
===>  Cleaning for gobject-introspection-1.50.0,1
===>  Cleaning for libXft-2.3.2_1
===>  Cleaning for harfbuzz-1.5.1_1
===>  Cleaning for graphite2-1.3.10
===>  Cleaning for xorg-fonts-truetype-7.7_1
===>  Cleaning for font-bh-ttf-1.0.3_3
===>  Cleaning for mkfontdir-1.0.7
===>  Cleaning for mkfontscale-1.1.2
===>  Cleaning for libfontenc-1.1.3_1
===>  Cleaning for bdftopcf-1.0.5
===>  Cleaning for libXfont-1.5.2,2
===>  Cleaning for fontsproto-2.1.3,1
===>  Cleaning for font-misc-meltho-1.0.3_3
===>  Cleaning for font-misc-ethiopic-1.0.3_3
===>  Cleaning for encodings-1.0.4_3,1
===>  Cleaning for font-util-1.3.1
===>  Cleaning for dejavu-2.37
===>  Cleaning for php71-ctype-7.1.11
===>  Cleaning for php71-filter-7.1.11
===>  Cleaning for php71-gd-7.1.11
===>  Cleaning for libXpm-3.5.12
===>  Cleaning for libXt-1.1.5,1
===>  Cleaning for libSM-1.2.2_3,1
===>  Cleaning for libICE-1.0.9_1,1
===>  Cleaning for jpeg-turbo-1.5.2
===>  Cleaning for nasm-2.13.01,1
===>  Cleaning for php71-gettext-7.1.11
===>  Cleaning for php71-gmp-7.1.11
===>  Cleaning for php71-hash-7.1.11
===>  Cleaning for php71-json-7.1.11
===>  Cleaning for php71-ldap-7.1.11
===>  Cleaning for openldap-client-2.4.45
===>  Cleaning for php71-mbstring-7.1.11
===>  Cleaning for oniguruma6-6.6.1
===>  Cleaning for php71-openssl-7.1.11
===>  Cleaning for php71-pdo-7.1.11
===>  Cleaning for php71-pdo_mysql-7.1.11
===>  Cleaning for php71-posix-7.1.11
===>  Cleaning for php71-session-7.1.11
===>  Cleaning for php71-simplexml-7.1.11
===>  Cleaning for php71-sockets-7.1.11
===>  Cleaning for php71-snmp-7.1.11
===>  Cleaning for net-snmp-5.7.3_17
===>  Cleaning for php71-xml-7.1.11
===>  Cleaning for php71-zlib-7.1.11
===>  Cleaning for cacti-1.1.27
root@bsd11:/usr/ports/net-mgmt/cacti #

 

db 생성

root@bsd11:~ #
root@bsd11:~ # mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.2.10-MariaDB-log FreeBSD Ports

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database cacti;
Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> use mysql;
Database changed
MariaDB [mysql]> GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.01 sec)

MariaDB [mysql]> FLUSH privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [mysql]> quit
Bye
root@bsd11:~ #

GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY ‘password’; <– password 부분은 별도의 패스워드로 수정합니다. 

 

cacti.sql 파일을 import 합니다.

root@bsd11:~ # mysql -u root -p cacti < /usr/local/share/cacti/cacti.sql
Enter password:
root@bsd11:~ #

 

php timezone 수정 

root@bsd11:~ # vi /usr/local/etc/php.ini
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = Asia/Seoul

 

cacti 설정파일 카피 및 수정 

root@bsd11:~ # cp /usr/local/share/cacti/include/config.php.sample /usr/local/share/cacti/include/config.php
root@bsd11:~ # vi /usr/local/share/cacti/include/config.php

/* make sure these values reflect your actual database/host/user/password */

$database_type     = 'mysql';
$database_default  = 'cacti';
$database_hostname = 'localhost';
$database_username = 'cacti';
$database_password = 'password';
$database_port     = '3306';
$database_ssl      = false;

(설정 내용은 cactiuser 에서 mariadb 에서 생성한 cacti 로 변경 password 의 경우 설정한 password 로 변경 하시면 됩니다.)

 

/etc/rc.conf 파일수정

root@bsd11:~ # vi /etc/rc.conf
linux_enable="YES"
snmpd_enable="YES"
snmptrapd_enable="YES"

(linux_enable 의 경우 rc.conf 에 추가후 리부팅이 필요 합니다. cacti 의 경우 snmpd 를 사용합니다.)

 

/usr/local/share/snmp/snmpd.conf 설정

root@bsd11:~ # cp /usr/local/share/snmp/snmpd.conf.example /usr/local/share/snmp/snmpd.conf
root@bsd11:~ # vi /usr/local/share/snmp/snmpd.conf
#trap2sink    localhost public    <-- 주석 제거
#rocommunity public  localhost    <-- 주석 제거

(snmpd 보안설정의 경우에는 차후 설명하도록 하겠습니다.)

 

/etc/crontab 설정

root@bsd11:~ # vi /etc/crontab
# Adjust the time zone if the CMOS clock keeps local time, as opposed to
# UTC time.  See adjkerntz(8) for details.
1,31    0-5     *       *       *       root    adjkerntz -a
*/5 * * * * cacti /usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null 2>&1

 

/usr/local/etc/apache24/httpd.conf 설정

root@bsd11:~ # vi /usr/local/etc/apache24/httpd.conf

#<Directory />
#    AllowOverride none
#    Require all denied
#</Directory>

<Directory />
    AllowOverride none
    Order deny,allow
    Deny from all
</Directory>

Alias /cacti /usr/local/share/cacti
<Directory "/usr/local/share/cacti">
AllowOverride None
Order Allow,deny
Allow from all
</Directory>

(기존 Directory 라인은 주석처리 하며 아래 내용으로 붙여넣기를 합니다.)

 

/usr/local/etc/my.cnf 설정

root@bsd11:~ # vi /usr/local/etc/my.cnf
### 아래 내용 추가 ###
max_heap_table_size             = 99M
tmp_table_size                  = 64M
join_buffer_size                = 64M
innodb_doublewrite              = OFF
innodb_flush_log_at_timeout     = 3
innodb_read_io_threads          = 32
innodb_write_io_threads         = 16


(버전에 따라 일부 내용은 수정을 해야 할수도 있습니다. 테스트 머신의 경우 Mariadb102 Version 입니다.)

 

System Rebooting 

root@bsd11:~ # init 6

(설정내용 적용및 linux emulator 설치를 위하여 시스템 리부팅을 진행 합니다.)

 

linux 호환 모듈 확인

root@bsd11:~ # kldstat
Id Refs Address            Size     Name
 1   16 0xffffffff80200000 1f67a88  kernel
 2    1 0xffffffff82219000 2986     uhid.ko
 3    1 0xffffffff8221c000 42864    linux.ko
 4    2 0xffffffff8225f000 7b0f     linux_common.ko
 5    1 0xffffffff82267000 3c93f    linux64.ko
root@bsd11:~ #

 

linux emulator 설치

root@bsd11:~ # whereis linux_base-c7
linux_base-c7: /usr/ports/emulators/linux_base-c7
root@bsd11:~ # cd /usr/ports/emulators/linux_base-c7 && make install clean

Ok 를 선택하여 설치를 진행 합니다.

 

설치완료후 메세지

Installing linux_base-c7-7.4.1708_2...
Some programs need linprocfs mounted on /compat/linux/proc.  Add the
following line to /etc/fstab:

linprocfs   /compat/linux/proc  linprocfs       rw      0       0

Then run "mount /compat/linux/proc".

Some programs need linsysfs mounted on /compat/linux/sys.  Add the
following line to /etc/fstab:

linsysfs    /compat/linux/sys   linsysfs        rw      0       0

Then run "mount /compat/linux/sys".

Some programs need tmpfs mounted on /compat/linux/dev/shm.  Add the
following line to /etc/fstab:

tmpfs    /compat/linux/dev/shm  tmpfs   rw,mode=1777    0       0

Then run "mount /compat/linux/dev/shm".

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/compat/linux/usr/lib64/libgio-2.0.so.0.5000.3
/compat/linux/usr/lib64/libdb-4.7.so
/compat/linux/usr/lib64/libdb_cxx-4.7.so
/compat/linux/usr/lib/libresolv-2.17.so
/compat/linux/usr/lib/libgssrpc.so.4.2
/compat/linux/usr/lib/libdb-5.3.so
/compat/linux/usr/lib/libdb-4.7.so
/compat/linux/usr/lib64/libselinux.so.1
/compat/linux/usr/libexec/gam_server
/compat/linux/usr/lib64/libgssrpc.so.4.2
/compat/linux/usr/lib/libselinux.so.1
/compat/linux/usr/lib/libgio-2.0.so.0.5000.3
/compat/linux/usr/lib64/libresolv-2.17.so
/compat/linux/usr/lib/libdb_cxx-4.7.so
/compat/linux/usr/lib64/libdb-5.3.so

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.
===>  Cleaning for linux_base-c7-7.4.1708_2
root@bsd11:/usr/ports/emulators/linux_base-c7 #

 

/etc/fstab 수정

root@bsd11:~ #
root@bsd11:~ # vi /etc/fstab


linprocfs   /compat/linux/proc  linprocfs       rw      0       0
linsysfs    /compat/linux/sys   linsysfs        rw      0       0
tmpfs    /compat/linux/dev/shm  tmpfs   rw,mode=1777    0       0

root@bsd11:~ # mount -a
root@bsd11:~ # df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/da0s1a     18G    6.7G     10G    40%    /
devfs          1.0K    1.0K      0B   100%    /dev
linprocfs      4.0K    4.0K      0B   100%    /compat/linux/proc
linsysfs       4.0K    4.0K      0B   100%    /compat/linux/sys
tmpfs          4.2G    4.0K    4.2G     0%    /compat/linux/dev/shm
root@bsd11:~ #

fstab 수정후 mount 를 진행 합니다.

df -h 명령어로 정상적으로 마운트가 되었는지 확인 합니다.

 

cacti 디렉토리 권한 설정

root@bsd11:~ # chown -R www:www /usr/local/share/cacti/resource/
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/scripts/
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/cache/boost/
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/cache/mibcache/
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/cache/realtime/
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/cache/spikekill/
root@bsd11:~ # mkdir /usr/local/share/cacti/log
root@bsd11:~ # chown -R www:www /usr/local/share/cacti/log/

 

Cacti 사용을 위한 설치 및 설정 작업을 모두 완료 하였습니다.

웹브라우저로 접속후 설정을 진행 합니다.

ex) http://192.168.0.100/cacti

Accept GPL License Agrement 를 체크 하고 Next 를 눌러 설정을 진행 합니다.

 

ERROR 구문및 권장 설정값을 확인 합니다.

 

 

 

확인내용

ERROR: Your Cacti database login account does not have access to the MySQL TimeZone database. Please provide the Cacti database account “select” access to the “time_zone_name” table in the “mysql” database, and populate MySQL’s TimeZone information before proceeding.ERROR: Your Cacti database login account does not have access to the MySQL TimeZone database. Please provide the Cacti database account “select” access to the “time_zone_name” table in the “mysql” database, and populate MySQL’s TimeZone information before proceeding.

Cacti 데이터베이스 로그인 계정의 MySQL TimeZone 데이터베이스 액세스 문제

 

root@bsd11:~ # mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Enter password:
root@bsd11:~ # cd /usr/local/share/cacti/cli/
root@bsd11:/usr/local/share/cacti/cli # php repair_database.php --force
Repairing All Cacti Database Tables
Repairing Table -> 'aggregate_graph_templates' Successful
Repairing Table -> 'aggregate_graph_templates_graph' Successful
Repairing Table -> 'aggregate_graph_templates_item' Successful
Repairing Table -> 'aggregate_graphs' Successful
Repairing Table -> 'aggregate_graphs_graph_item' Successful
Repairing Table -> 'aggregate_graphs_items' Successful
Repairing Table -> 'automation_devices' Successful
Repairing Table -> 'automation_graph_rule_items' Successful
Repairing Table -> 'automation_graph_rules' Successful
Repairing Table -> 'automation_ips' Successful
Repairing Table -> 'automation_match_rule_items' Successful
Repairing Table -> 'automation_networks' Successful
Repairing Table -> 'automation_processes' Successful
Repairing Table -> 'automation_snmp' Successful
Repairing Table -> 'automation_snmp_items' Successful
Repairing Table -> 'automation_templates' Successful
Repairing Table -> 'automation_tree_rule_items' Successful
Repairing Table -> 'automation_tree_rules' Successful
Repairing Table -> 'cdef' Successful
Repairing Table -> 'cdef_items' Successful
Repairing Table -> 'color_template_items' Successful
Repairing Table -> 'color_templates' Successful
Repairing Table -> 'colors' Successful
Repairing Table -> 'data_input' Successful
Repairing Table -> 'data_input_data' Successful
Repairing Table -> 'data_input_fields' Successful
Repairing Table -> 'data_local' Successful
Repairing Table -> 'data_source_profiles' Successful
Repairing Table -> 'data_source_profiles_cf' Successful
Repairing Table -> 'data_source_profiles_rra' Successful
Repairing Table -> 'data_source_purge_action' Successful
Repairing Table -> 'data_source_purge_temp' Successful
Repairing Table -> 'data_source_stats_daily' Successful
Repairing Table -> 'data_source_stats_hourly' Successful
Repairing Table -> 'data_source_stats_hourly_cache' Successful
Repairing Table -> 'data_source_stats_hourly_last' Successful
Repairing Table -> 'data_source_stats_monthly' Successful
Repairing Table -> 'data_source_stats_weekly' Successful
Repairing Table -> 'data_source_stats_yearly' Successful
Repairing Table -> 'data_template' Successful
Repairing Table -> 'data_template_data' Successful
Repairing Table -> 'data_template_rrd' Successful
Repairing Table -> 'external_links' Successful
Repairing Table -> 'graph_local' Successful
Repairing Table -> 'graph_template_input' Successful
Repairing Table -> 'graph_template_input_defs' Successful
Repairing Table -> 'graph_templates' Successful
Repairing Table -> 'graph_templates_gprint' Successful
Repairing Table -> 'graph_templates_graph' Successful
Repairing Table -> 'graph_templates_item' Successful
Repairing Table -> 'graph_tree' Successful
Repairing Table -> 'graph_tree_items' Successful
Repairing Table -> 'host' Successful
Repairing Table -> 'host_graph' Successful
Repairing Table -> 'host_snmp_cache' Successful
Repairing Table -> 'host_snmp_query' Successful
Repairing Table -> 'host_template' Successful
Repairing Table -> 'host_template_graph' Successful
Repairing Table -> 'host_template_snmp_query' Successful
Repairing Table -> 'plugin_config' Successful
Repairing Table -> 'plugin_db_changes' Successful
Repairing Table -> 'plugin_hooks' Successful
Repairing Table -> 'plugin_realms' Successful
Repairing Table -> 'poller' Successful
Repairing Table -> 'poller_command' Successful
Repairing Table -> 'poller_data_template_field_mappings' Successful
Repairing Table -> 'poller_item' Successful
Repairing Table -> 'poller_output' Successful
Repairing Table -> 'poller_output_boost' Successful
Repairing Table -> 'poller_output_boost_processes' Successful
Repairing Table -> 'poller_output_realtime' Successful
Repairing Table -> 'poller_reindex' Successful
Repairing Table -> 'poller_resource_cache' Successful
Repairing Table -> 'poller_time' Successful
Repairing Table -> 'reports' Successful
Repairing Table -> 'reports_items' Successful
Repairing Table -> 'sessions' Successful
Repairing Table -> 'settings' Successful
Repairing Table -> 'settings_tree' Successful
Repairing Table -> 'settings_user' Successful
Repairing Table -> 'settings_user_group' Successful
Repairing Table -> 'sites' Successful
Repairing Table -> 'snmp_query' Successful
Repairing Table -> 'snmp_query_graph' Successful
Repairing Table -> 'snmp_query_graph_rrd' Successful
Repairing Table -> 'snmp_query_graph_rrd_sv' Successful
Repairing Table -> 'snmp_query_graph_sv' Successful
Repairing Table -> 'snmpagent_cache' Successful
Repairing Table -> 'snmpagent_cache_notifications' Successful
Repairing Table -> 'snmpagent_cache_textual_conventions' Successful
Repairing Table -> 'snmpagent_managers' Successful
Repairing Table -> 'snmpagent_managers_notifications' Successful
Repairing Table -> 'snmpagent_mibs' Successful
Repairing Table -> 'snmpagent_notifications_log' Successful
Repairing Table -> 'user_auth' Successful
Repairing Table -> 'user_auth_cache' Successful
Repairing Table -> 'user_auth_group' Successful
Repairing Table -> 'user_auth_group_members' Successful
Repairing Table -> 'user_auth_group_perms' Successful
Repairing Table -> 'user_auth_group_realm' Successful
Repairing Table -> 'user_auth_perms' Successful
Repairing Table -> 'user_auth_realm' Successful
Repairing Table -> 'user_domains' Successful
Repairing Table -> 'user_domains_ldap' Successful
Repairing Table -> 'user_log' Successful
Repairing Table -> 'vdef' Successful
Repairing Table -> 'vdef_items' Successful
Repairing Table -> 'version' Successful

NOTE: Checking for Invalid Cacti Templates
NOTE: 50 Invalid Data Input Data Rows based upon template mappings removed from Data Templates
root@bsd11:/usr/local/share/cacti/cli #
root@bsd11:/usr/local/share/cacti/cli # php upgrade_database.php
You are attempting to install cacti 1.1.27 onto a 0.6.x database.
To continue, you must create a new database, import 'cacti.sql' into it,
and     update 'include/config.php' to point to the new database.
root@bsd11:/usr/local/share/cacti/cli #
root@bsd11:/usr/local/share/cacti/cli # mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root -p mysql
Enter password:
root@bsd11:/usr/local/share/cacti/cli #

root@bsd11:/usr/local/share/cacti/cli # mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 25
Server version: 10.2.10-MariaDB-log FreeBSD Ports

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use mysql;
Database changed
MariaDB [mysql]> GRANT SELECT ON mysql.time_zone_name TO cacti@localhost;
Query OK, 0 rows affected (0.00 sec)

MariaDB [mysql]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [mysql]> quit;
Bye
root@bsd11:/usr/local/share/cacti/cli #


 

 

my.cnf Recommend 값
collation_server 값 utf8_general_ci      ->   utf8mb4_unicode_ci
character_set_client 값 utf8                 ->   utf8mb4
max_heap_table_size 값 99M              ->   198M
max_allowed_packet 값 1048576        ->   16777216
innodb_buffer_pool_size 값 128M      ->    992M

 

root@bsd11:~ # vi /usr/local/etc/my.cnf

### 변경 내용 ###

[client]
#password       = your_password
port            = 3306
socket          = /tmp/mysql.sock
default-character-set = utf8mb4   <--utf8 에서 변경 


[mysqld]
character-set-server=utf8mb4
collation-server = utf8mb4_unicode_ci



max_heap_table_size             = 200M
max_allowed_packet = 16M
innodb_buffer_pool_size = 992M

 

변경후 mariadb restart 를 합니다.

root@bsd11:~ # service mysql-server restart
Stopping mysql.
Waiting for PIDS: 6265.
Starting mysql.
root@bsd11:~ #

 

웹페이지 확인

 

Next 를 클릭 하여 설정을 진행 합니다. (Google Chrome 의 경우 전체화면으로 전환 해야 Next 버튼이 보입니다.)

 

새로운 서버 구성 이기때문에 별도로 선택할것은 없습니다.

Next 를 클릭합니다.

 

Cacti Log Path 에 아래와 같이 표시가 된다면 log 파일을 생성 해야 합니다. 

 

log 파일 생성

root@bsd11:~ #
root@bsd11:~ # cd /var/log/cacti
root@bsd11:/var/log/cacti # touch log
root@bsd11:/var/log/cacti # chown cacti:cacti log

 

 

cacti-spine 의 경우 차후 설치를 진행 합니다.

 

Template Setup 에서는 아래와 같이 선택 합니다.

 

최초 로그인의 경우 admin/admin 입니다.

 

admin Password 를 변경 합니다.  암호의 경우 대소문자가 혼합되어 있어야 합니다.

설정된 패스워드로 로그인을 진행 합니다.

 

cacti 설정 내역 (New Graphs 에서 생성 내역이 적용 안될수 있음으로 중간에 로그아웃 후 다시로그인 하면 정상으로 생성된 결과를 볼수 있습니다.)

 

 

 

 

 

 

 

시간은 대략 5 분 ~ 30분 정도면 모니터링 결과를 표시해 줍니다.

 

apache24, php71 , mariadb102 설치

 

apache24 설치

root@bsd11:~ # whereis apache24
apache24: /usr/ports/www/apache24
root@bsd11:~ # cd /usr/ports/www/apache24/ && make install clean

 

OK 선택하여 다음을 설정 합니다.

추가적으로 나오는 부분은 OK 선택하여 설치를 진행 합니다.

apache24 설치후 메세지

To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/apache24/mod_cgid.so

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/apache24
/usr/local/etc/rc.d/htcacheclean

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://httpd.apache.org/
===>  Cleaning for autoconf-2.69_1
===>  Cleaning for m4-1.4.18,1
===>  Cleaning for texinfo-6.5,1
===>  Cleaning for help2man-1.47.5
===>  Cleaning for p5-Locale-gettext-1.07
===>  Cleaning for gettext-tools-0.19.8.1
===>  Cleaning for gettext-runtime-0.19.8.1_1
===>  Cleaning for indexinfo-0.3.1
===>  Cleaning for gmake-4.2.1_1
===>  Cleaning for autoconf-wrapper-20131203
===>  Cleaning for automake-1.15.1
===>  Cleaning for automake-wrapper-20131203
===>  Cleaning for libtool-2.4.6
===>  Cleaning for expat-2.2.1
===>  Cleaning for apr-1.6.3.1.6.1
===>  Cleaning for gdbm-1.13_1
===>  Cleaning for readline-7.0.3_1
===>  Cleaning for db5-5.3.28_6
===>  Cleaning for pcre-8.40_1
===>  Cleaning for libnghttp2-1.27.0
===>  Cleaning for libxml2-2.9.4
===>  Cleaning for apache24-2.4.29
root@bsd11:/usr/ports/www/apache24 #

 

php71 설치

root@bsd11:~ # whereis php71
php71: /usr/ports/lang/php71
root@bsd11:/usr/ports/lang/php71 # make config

 

추가 패키지 설치를 위해 php71-extensions 디렉토리로 이동합니다.

root@bsd11:/usr/ports/lang/php71 # cd /usr/ports/lang/php71-extensions/
root@bsd11:/usr/ports/lang/php71-extensions # make config install

 

 

설치 옵션에서 CURL FTP GD MYSQLi OPENSSL SOCKETS PDF SNMP ZIP 선택후 설치를 진행 합니다. 

 

 

 

설치 완료 메세지

Libraries have been installed in:
   /usr/ports/archivers/php71-zip/work/php-7.1.11/ext/zip/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
   - add LIBDIR to the `LD_LIBRARY_PATH' environment variable
     during execution
   - add LIBDIR to the `LD_RUN_PATH' environment variable
     during linking
   - use the `-Wl,--rpath -Wl,LIBDIR' linker flag

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
Build complete.
Don't forget to run 'make test'.
===>  Staging for php71-zip-7.1.11
===>   php71-zip-7.1.11 depends on file: /usr/local/include/php/main/php.h - found
===>   Generating temporary packing list
====> Compressing man pages (compress-man)
===>  Installing for php71-zip-7.1.11
===>  Checking if php71-zip already installed
===>   Registering installation for php71-zip-7.1.11 as automatic
Installing php71-zip-7.1.11...
===>   php71-extensions-1.0 depends on file: /usr/local/lib/php/20160303/zip.so - found
===>   Returning to build of php71-extensions-1.0
===>   Generating temporary packing list
====> Compressing man pages (compress-man)
===>  Installing for php71-extensions-1.0
===>  Checking if php71-extensions already installed
===>   Registering installation for php71-extensions-1.0
Installing php71-extensions-1.0...
root@bsd11:/usr/ports/lang/php71-extensions #

 

mariadb102 설치

root@bsd11:~ # whereis mariadb102-server
mariadb102-server: /usr/ports/databases/mariadb102-server
root@bsd11:~ # cd /usr/ports/databases/mariadb102-server && make install clean

 

OK 선택하여 설치를 진행 합니다.

 

설치 완료 메세지

************************************************************************

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!                                                                    !!
!! The default InnoDB storage engine is no longer XtraDB, check your  !!
!! configuration and switch it to InnoDB                              !!
!!                                                                    !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Remember to run mysql_upgrade (with the optional --datadir=<dbdir> flag)
the first time you start the MySQL server after an upgrade from an
earlier version.

MariaDB respects hier(7) and doesn't check /etc and /etc/mysql for
my.cnf. Please move existing my.cnf files from those paths to
/usr/local/etc and /usr/local/etc/mysql.

This port does NOT include the mytop perl script, this is included in
the MariaDB tarball but the most recent version can be found in the
databases/mytop port

************************************************************************

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/lib/mysql/plugin/ha_spider.so
/usr/local/lib/mysql/plugin/handlersocket.so

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/mysql-server

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://mariadb.org/
===>  Cleaning for bison-3.0.4,1
===>  Cleaning for cmake-3.9.4
===>  Cleaning for py27-sphinx-1.4.8_2,1
===>  Cleaning for py27-Jinja2-2.9.5
===>  Cleaning for py27-setuptools-36.5.0
===>  Cleaning for python27-2.7.14_1
===>  Cleaning for libffi-3.2.1_1
===>  Cleaning for py27-MarkupSafe-1.0
===>  Cleaning for py27-Babel-2.3.4
===>  Cleaning for py27-pytz-2017.2,1
===>  Cleaning for py27-docutils-0.14
===>  Cleaning for py27-six-1.11.0
===>  Cleaning for py27-pygments-2.2.0
===>  Cleaning for py27-sphinx_rtd_theme-0.2.4
===>  Cleaning for py27-alabaster-0.7.6
===>  Cleaning for py27-snowballstemmer-1.2.0_1
===>  Cleaning for py27-pystemmer-1.3.0_1
===>  Cleaning for py27-imagesize-0.7.1
===>  Cleaning for ca_root_nss-3.32.1
===>  Cleaning for curl-7.56.1
===>  Cleaning for jsoncpp-1.8.1_2
===>  Cleaning for scons-2.5.1_1
===>  Cleaning for python2-2_3
===>  Cleaning for libuv-1.16.1
===>  Cleaning for rhash-1.3.5
===>  Cleaning for libarchive-3.3.2,1
===>  Cleaning for libiconv-1.14_11
===>  Cleaning for liblz4-1.8.0,1
===>  Cleaning for lzo2-2.10_1
===>  Cleaning for unixODBC-2.3.4
===>  Cleaning for libedit-3.1.20170329_2,1
===>  Cleaning for mariadb102-client-10.2.10
===>  Cleaning for mariadb102-server-10.2.10
root@bsd11:/usr/ports/databases/mariadb102-server #

 

 

mod_php71 설치

root@bsd11:~ # whereis mod_php71
mod_php71: /usr/ports/www/mod_php71
root@bsd11:~ # cd /usr/ports/www/mod_php71/ && make install clean

 

AP2FILTER 를 선택 합니다.

 

설치시 오류 메시지

Build complete.
Don't forget to run 'make test'.
===>  Staging for mod_php71-7.1.11
===>   mod_php71-7.1.11 depends on file: /usr/local/sbin/apxs - found
===>   Generating temporary packing list
/bin/mkdir -p /usr/ports/www/mod_php71/work/stage/usr/local/libexec/apache24
install  -s -m 0644 /usr/ports/www/mod_php71/work/php-7.1.11/libs/libphp7.so  /u                                                                                                                                                                                               sr/ports/www/mod_php71/work/stage/usr/local/libexec/apache24
install: /usr/ports/www/mod_php71/work/php-7.1.11/libs/libphp7.so: No such file                                                                                                                                                                                                or directory
*** Error code 71

Stop.
make[1]: stopped in /usr/ports/www/mod_php71
*** Error code 1

Stop.
make: stopped in /usr/ports/www/mod_php71
root@bsd11:/usr/ports/www/mod_php71 #

 

/etc/make.conf 생성

root@bsd11:/usr/ports/www/mod_php71 # vi /etc/make.conf
DEFAULT_VERSIONS+=php=7.1

 

ports 설치시 문제가 있어 pkg 로 설치를 진행 합니다. (Freebsd 10 Version 에서도 동일한 문제가 있어 pkg 로 설치를 진행 하였습니다.)

root@bsd11:/ # pkg install mod_php71
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        mod_php71: 7.1.10

Number of packages to be installed: 1

The process will require 5 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/1] Fetching mod_php71-7.1.10.txz: 100%    1 MiB 597.2kB/s    00:02
Checking integrity... done (0 conflicting)
[1/1] Installing mod_php71-7.1.10...
Extracting mod_php71-7.1.10: 100%
[activating module `php7' in /usr/local/etc/apache24/httpd.conf]
Message from mod_php71-7.1.10:
***************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

*********************************************************************

If you are building PHP-based ports in poudriere(8) with ZTS enabled,
add WITH_MPM=event to /etc/make.conf to prevent build failures.

*********************************************************************
root@bsd11:/ #

 

apache24 Setting

/etc/rc.conf 파일 수정

root@bsd11:~ # vi /etc/rc.conf
apache24_enable="YES"

 

apache24 Daemon 실행을 위해서는 httpd.conf 파일의 수정이 필요 합니다.

root@bsd11:~ # cd /usr/local/etc/apache24/
root@bsd11:/usr/local/etc/apache24 # cp httpd.conf httpd.conf.org
root@bsd11:/usr/local/etc/apache24 # vi httpd.conf

<IfModule dir_module>
    DirectoryIndex index.html index.php
</IfModule>


ServerName www.example.com:80

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType application/x-httpd-php .php .inc .html
    AddType application/x-httpd-source .phps

Include etc/apache24/extra/httpd-userdir.conf

LoadModule userdir_module libexec/apache24/mod_userdir.so


(주석을 제거 합니다 차후 domain 에 맞게 수정해 주면 됩니다.)

 

php.ini 파일 카피 및 php71 include 설정

php.ini 파일 카피

root@bsd11:~ # cd /usr/local/etc
root@bsd11:/usr/local/etc # cp php.ini-production php.ini

 

php.conf 파일 생성

root@bsd11:~ # cd /usr/local/etc/apache24/extra/
root@bsd11:/usr/local/etc/apache24/extra # vi php.conf
<IfModule dir_module>
    DirectoryIndex index.php index.html
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>
</IfModule>

 

 

apache24 Daemon 실행

root@bsd11:/usr/local/etc/apache24 # service apache24 restart
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 760.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
root@bsd11:/usr/local/etc/apache24 #

 

mariadb102 Setting

/etc/rc.conf 파일 수정

root@bsd11:~ # vi /etc/rc.conf
mysql_enable="YES"

 

mariadb102 Daemon 실행및 password 설정

root@bsd11:~ # service mysql-server start
Installing MariaDB/MySQL system tables in '/var/db/mysql' ...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following commands:

'/usr/local/bin/mysqladmin' -u root password 'new-password'
'/usr/local/bin/mysqladmin' -u root -h bsd11 password 'new-password'

Alternatively you can run:
'/usr/local/bin/mysql_secure_installation'

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the MariaDB Knowledgebase at http://mariadb.com/kb or the
MySQL manual for more instructions.

You can start the MariaDB daemon with:
cd '/usr/local' ; /usr/local/bin/mysqld_safe --datadir='/var/db/mysql'

You can test the MariaDB daemon with mysql-test-run.pl
cd '/usr/local/mysql-test' ; perl mysql-test-run.pl

Please report any problems at http://mariadb.org/jira

The latest information about MariaDB is available at http://mariadb.org/.
You can find additional information about the MySQL part at:
http://dev.mysql.com
Consider joining MariaDB's strong and vibrant community:
Get Involved
Starting mysql. root@bsd11:~ #

 

패스워드 설정 ( mysqladmin 명령어로 password 를 설정 할수 있습니다.)

root@bsd10:~ # mysqladmin -u root password mariadb_password

mariadb_password 부분에 원하는 패스워드를 넣어 설정 하시면 됩니다.

 

or

 

mysql_secure_installation 으로 설정 하셔도 됩니다.

root@bsd11:~ # /usr/local/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
root@bsd11:~ #

 

mysql 로그인을 하여 characterset 을 확인 합니다.

root@bsd11:~ # mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 23
Server version: 10.2.10-MariaDB FreeBSD Ports

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 10.2.10-MariaDB, for FreeBSD11.1 (amd64) using readline 5.1

Connection id:          23
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          more
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.2.10-MariaDB FreeBSD Ports
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    ascii
Conn.  characterset:    ascii
UNIX socket:            /tmp/mysql.sock
Uptime:                 9 min 39 sec

Threads: 7  Questions: 33  Slow queries: 0  Opens: 18  Flush tables: 1  Open tables: 12  Queries per second avg: 0.056
--------------

MariaDB [(none)]>

 

characterset 이 latin1 으로 되어 있습니다.

 

my.cnf 를 수정 하여 latin1 -> utf8 로 변경 합니다.

root@bsd11:~ # cp /usr/local/share/mysql/my-large.cnf /usr/local/etc/my.cnf
root@bsd11:~ # vi /usr/local/etc/my.cnf

[client]
#password       = your_password
port            = 3306
socket          = /tmp/mysql.sock
default-character-set = utf8

# The MariaDB server
[mysqld]

character-set-server=utf8
skip-character-set-client-handshake

 

mariadb 재시작 및 status 확인

root@bsd11:~ # service mysql-server restart
Stopping mysql.
Waiting for PIDS: 939.
Starting mysql.
root@bsd11:~ #

root@bsd11:~ # mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.2.10-MariaDB-log FreeBSD Ports

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 10.2.10-MariaDB, for FreeBSD11.1 (amd64) using readline 5.1

Connection id:          9
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          more
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.2.10-MariaDB-log FreeBSD Ports
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    utf8
Db     characterset:    utf8
Client characterset:    utf8
Conn.  characterset:    utf8
UNIX socket:            /tmp/mysql.sock
Uptime:                 27 sec

Threads: 8  Questions: 4  Slow queries: 0  Opens: 17  Flush tables: 1  Open tables: 11  Queries per second avg: 0.148
--------------

MariaDB [(none)]>

characterset 이 latin1 에서 utf8 로 변경 된걸 확인할수 있습니다.

 

phpinfo 페이지 출력

oot@bsd11:/home/test # mkdir public_html
root@bsd11:/home/test # cd public_html/
root@bsd11:/home/test/public_html # vi test.php
<?php phpinfo(); ?>

 

web브라우저에서 확인 (localhost 의 경우 freebsd box 의 ip 를 입력 하시면 됩니다.)

 

FreeBSD pure-ftpd 설치 및 VirtualUser 설정 방법 입니다.

pure-ftpd 설치의 경우 ports collection 을 이용 합니다.

 

pure-ftpd ports 확인

root@bsd11:~ # whereis pure-ftpd
pure-ftpd: /usr/ports/ftp/pure-ftpd
root@bsd11:~ #

 

pure-ftpd 설치

root@bsd11:~ # cd /usr/ports/ftp/pure-ftpd/ && make install clean

 

  1. OK 를 눌러 설치를 진행 합니다.

추가적인 부분도 OK 눌러 설치 하시면 됩니다. ( TLS/UTF8 부분이 체크 되어 있는지 확인 합니다.)

설치 완료 메시지

 

설정

예전의 경우 rehash 를 해줘야 Daemon 을 사용 할수 있었는데 요즘은 잘 모르겠네요.

rehash 를 실행합니다.

(rehash 는 csh / tcsh 이 path 디렉토리를 바이너리로 다시 스캔하게 위하여 실행 합니다. 꼭 필요한것은 아니지만 예전에는 Daemon 구동이 안되는 경우도 있었습니다.

rehash 를 하지않고 예전 5 Version 6 Version 의 경우는 리부팅후에 설정을 진행 했었습니다.)

root@bsd11:/usr/ports/ftp/pure-ftpd # rehash
root@bsd11:/usr/ports/ftp/pure-ftpd #

rehash 참고페이지: https://www.cyberciti.biz/faq/freebsd-shell-doesnt-recognize-newly-installed-programs/

ports 설치후 설정 디렉토리는 대부분 /usr/local/etc 에 위치 하고 있습니다.

/usr/local/etc/ 디렉토리로 이동후 pure-ftpd.conf.sample 파일을 카피 합니다.

root@bsd11:~ # cd /usr/local/etc
root@bsd11:/usr/local/etc # cp pure-ftpd.conf.sample pure-ftpd.conf

 

pure-ftpd.conf 파일 설정

root@bsd11:/usr/local/etc # vi pure-ftpd.conf

 

  1. PureDB 위치 변경 (default 의 경우 PureDB /etc/pureftpd.pdb 로 되어 있습니다.)PureDB /usr/local/etc/pureftpd.pdb
  2. CreateHomeDir 주석 제거 (일반 유저의 경우 홈디렉토리의 ftp 사용을 가능하게 합니다.)CreateHomeDir yesPAMAuthentication yes
  3. FXP 설정AllowUserFXP yes
  4. 로그설정 AltLog 주석을 제거 합니다. AltLog stats:/var/log/pureftpd.log

 

pure-ftpd 에서 사용할 디렉토리및 가상 사용자 설정

root@bsd11:~ # mkdir -p /home/vftp
root@bsd11:~ # pw user add vftp -s /sbin/nologin -w no -d /home/vftp -c "virtual pure virtual ftp users" -m

 

가상사용자 추가시

root@bsd11:~ # pure-pw useradd test -u vftp -g vftp -d /home/vftp
Password:
Enter it again:
root@bsd11:~ #

사용자 생성후 puredb update

root@bsd11:~ # pure-pw mkdb

 

IP allow 설정의 경우 다음과 같이 설정합니다.

root@bsd11:~ # pure-pw useradd test -u vftp -g vftp -d /home/vftp
root@bsd11:~ # pure-pw usermod test1 -r 192.168.0.2/24 -m

user 정보 확인

root@bsd11:~ # pure-pw show test1

Login              : test1
Password           : $argon2id$v=19$m=65536,t=2,p=1$enIz2/8XAQ85vZ1C48hWRg$MJ07yP2/3BNdDlkjQwdvFjJgtYeofT7ZpjmyptbwFWo
UID                : 1001 (vftp)
GID                : 1001 (vftp)
Directory          : /home/vftp/./
Full name          :
Download bandwidth : 0 Kb (unlimited)
Upload   bandwidth : 0 Kb (unlimited)
Max files          : 0 (unlimited)
Max size           : 0 Mb (unlimited)
Ratio              : 0:0 (unlimited:unlimited)
Allowed local  IPs :
Denied  local  IPs :
Allowed client IPs : 192.168.0.2/24
Denied  client IPs :
Time restrictions  : 0000-0000 (unlimited)
Max sim sessions   : 0 (unlimited)

root@bsd11:~ #

 

pure-ftpd 로그 설정

root@bsd11:~ # cd /var/log/
root@bsd11:/var/log # touch pure-ftpd.log
root@bsd11:/var/log # chmod 650 pure-ftpd.log

syslog.conf 설정

root@bsd11:/var/log # vi /etc/syslog.conf
#ftp.info                                       /var/log/xferlog
ftp.*                                           /var/log/pure-ftpd.log

logrotate 설정 (/etc/newsyslog.conf )

ftp 사용이 많은 서버

날짜로 rotation 매일 0시에 rotation , 최근 10개 보관

root@bsd11:/var/log # vi /etc/newsyslog.conf
/var/log/xferlog                        600  7     100  *     JC
/var/log/pure-ftpd.log                  640  10    *    @T00  Z

ftp 사용이 적은 서버

root@bsd11:/var/log # vi /etc/newsyslog.conf
/var/log/xferlog                        600  7     100  *     JC
/var/log/pure-ftpd.log                  640  10    200  *     Z

 

rc.conf 수정

root@bsd11:/var/log # vi /etc/rc.conf
pureftpd_enable="YES"

 

pure-ftpd start

oot@bsd11:/var/log # /usr/local/etc/rc.d/pure-ftpd start
Starting pureftpd.
oot@bsd11:/var/log #

syslog 재시작

root@bsd11:/var/log # /etc/rc.d/syslogd restart
Stopping syslogd.
Starting syslogd.
root@bsd11:/var/log #

 

Ftp Client 접속 확인

상태: 192.168.8.138:21에 연결…

상태: 연결 수립, 환영 메시지를 기다림…

상태: 보안되지 않은 서버입니다.

TLS를 통한 FTP를 지원하지 않습니다.

상태: 로그인상태: 디렉터리 목록 조회…

상태: “/” 디렉터리 목록 조회 성공

 

SSL/TLS 적용 :

pure-ftpd.conf 설정 변경

root@bsd11:~ # vi /usr/local/etc/pure-ftpd.conf

 TLS                          2

openssl 작업

root@bsd11:~ # mkdir -p /etc/ssl/private
root@bsd11:~ # openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
Generating a 2048 bit RSA private key
.........+++
......+++
writing new private key to '/etc/ssl/private/pure-ftpd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:KO
State or Province Name (full name) [Some-State]:Seoul
Locality Name (eg, city) []:city
Organization Name (eg, company) [Internet Widgits Pty Ltd]:test
Organizational Unit Name (eg, section) []:virtualftp
Common Name (e.g. server FQDN or YOUR name) []:test-server
Email Address []:test@gmail.com
root@bsd11:~ # chmod 600 /etc/ssl/private/*.pem

pure-ftpd 재시작

root@bsd11:~ # /usr/local/etc/rc.d/pure-ftpd restart

연결 테스트

 

연결 메시지

상태: 192.168.8.138:21에 연결…

상태: 192.168.8.138:21에 연결…

상태: 연결 수립, 환영 메시지를 기다림…

상태: TLS 초기화…상태: 인증서 검증…

상태: TLS 연결 수립.

상태: 로그인상태: 디렉터리 목록 조회…

상태: “/” 디렉터리 목록 조회 성공

FreeBSD 에서 유저를 생성하기 위하여 pw 명령어를 사용 합니다.

참고페이지: https://www.freebsd.org/doc/handbook/users-synopsis.html 

 

pw 명령어의 사용예

root@bsd11:~ # pw user add test -g wheel -m

– 유저명 test 를 만들고 구룹을 관리자구룹으로 지정 홈디렉토리 생성

일반적인 pw 이용

root@bsd11:~ # pw user add test -m

– 유저명 test 를 만들고 홈디렉토리 생성

root@bsd11:~ # passwd test

– test 유저의 비밀번호 생성

root@bsd11:~ # pw user del test -r

– test 유저 삭제및 홈디렉토리 까지 삭제

 

 

 

FreeBSD Network

linux 의 경우 /etc/sysconfig/network-scripts/ifcfg-ethX 및 /etc/network/interfaces 파일을 변경 하여 셋팅 합니다.
FreeBSD 의 경우 /etc/rc.conf 설정으로 변경 할수 있습니다.

/etc/rc.conf 로 변경 할수 있는것들

1. hostname
2. network ip 정보
3. Daemon 의 enable / Disable

등을 변경 할수 있습니다.

 

root@bsd11:~ # cat /etc/rc.conf
sendmail_enable=”NONE”
hostname=”bsd11″
keymap=”us.iso.kbd”
ifconfig_em0=”DHCP”
sshd_enable=”YES”
ntpd_enable=”YES”
# Set dumpdev to “AUTO” to enable crash dumps, “NO” to disable
dumpdev=”AUTO”
root@bsd11:~ #

 

IP 정보의 경우 알고 계신것처럼 DHCP 및 Static 으로 설정 하여 사용할수 있습니다.

DHCP 설정의 경우 아래와 같이 설정 합니다.

ifconfig_em0=”DHCP”

Static 의 경우 defaultrouter 설정도 필요 합니다.

ifconfig_em0=”inet 192.168.8.30 netmask 255.255.255.0″
defaultrouter=”192.168.8.1″

 

라우팅 정보의 경우 netstat -r 로 확인 하실수 있습니다.

root@bsd11:~ # netstat -r
Routing tables

Internet:
Destination Gateway Flags Netif Expire
default 192.168.8.2 UGS em0
localhost link#2 UH lo0
192.168.8.0/24 link#1 U em0
192.168.8.138 link#1 UHS lo0

Internet6:
Destination Gateway Flags Netif Expire
::/96 localhost UGRS lo0
localhost link#2 UH lo0
::ffff:0.0.0.0/96 localhost UGRS lo0
fe80::/10 localhost UGRS lo0
fe80::%lo0/64 link#2 U lo0
fe80::1%lo0 link#2 UHS lo0
ff02::/16 localhost UGRS lo0
root@bsd11:~ #

FreeBSD 최초 설치후 Ports Collection 업데이트

CVS 의 경우 더이상 FreeBSD.org  에서 사용을 하지 않습니다.

자세한 내용은 아래 사이트에서 확인 가능 합니다.

https://wiki.freebsd.org/CvsIsDeprecated

 

1) ports update
참고 페이지 ( https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html )

 

최초실행시

root@bsd11:~ # portsnap fetch
root@bsd11:~ # portsnap extract
root@bsd11:~ # portsnap fetch update

 

차후실행시

root@bsd11:~ # portsnap fetch
root@bsd11:~ # portsnap update
root@bsd11:~ # portsnap fetch update

 

커스터마이징의 경우 ports 설치를 추천하고 타 패키지를 설치 하지 않고 단순 패키지 설치시는 pkg 명령어를 추천 합니다.

root@bsd11:~ # pkg
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y

참고페이지:https://www.freebsd.org/doc/handbook/pkgng-intro.html

 

 

freebsd update (Applying Security Patches)

root@bsd11:~ # freebsd-update fetch
root@bsd11:~ # freebsd-update install

참고페이지: https://www.freebsd.org/doc/handbook/updating-upgrading-freebsdupdate.html

 

ports install 시 주요 옵션

ports 검색
1)
# whereis Package_name
2)
# cd /usr/ports
# make search name=lsof
or
#make quicksearch name=lsof

FreeBSD에서 Ports로 설치시 기본값으로 설치
# make -DBATCH install

다른 방법으로는 의존성 패키지의 옵션들을 미리 설정
# make config-recursive install

설정값 삭제 
# make rmconfig

의존성 패키지의 모든 설정값 삭제
# make rmconfig-recursive

ports 검색 관련 참고페이지:https://www.freebsd.org/doc/handbook/ports-finding-applications.html

FreeBSD 11.1 설치

테스트 환경 :

vmware : cpu 1core

memory : 1G

hdd : 20G

  1. dvd image 를 이용하여 부팅을 합니다.(1번을 선택하여 설치를 진행 합니다)

 

 

2. Install 을 선택 합니다.  

 

 

3.  keymap 을 설정 합니다. (United States of America ISO-8859-1 을 선택 합니다)

 

 

4. keymap Selection 에서 Continue with us.iso.kbd keymap 을 선택 하여 설치를 계속 진행 합니다. 

 

 

5. Set Hostname (차후에 /etc/rc.conf 수정을 통하여 hostname 를 변경 할수 있습니다.) bsd11 을 입력 합니다. 

 

 

6. Distribution Select (추가 설치 패키지 선택에서는 doc 및 src 를 추가 합니다.)

 

 

7. Partitioning (파티션 작업 진행) Auto (UFS)를 선택 합니다.  

 

 

8. Partition (Entire Disk 를 선택 합니다.)

 

 

9. Partition Scheme (MBR 을 선택 합니다.) / BSD 나 GPT 를 선택 하여도 됩니다.

 

 

10. Partition Editor (Finish 를 선택하여 다음을 세팅 합니다.)

 

 

11. Confirmation (Commit 을 선택 하면 설치를 진행 합니다.)

 

 

12. Fetching Distribution 

 

 

13. Archive Extraction

 

 

14. 설치가 끝나면 세팅을 진행 합니다. Root 패스워드 입력 

 

 

15. Network Configuration (네트워크 설정) OK 를 눌러 다음을 설정합니다.

 

 

16. Network Configureation ( IPv4 사용유무 Yes를 선택 합니다.)

 

 

17. Network Configureation ( DHCP 사용유무 Yes를 선택 합니다. ) 차후 /etc/rc.conf 에서 수정이 가능 합니다.

 

 

18. Network Configureation ( IPv6 사용유무 No를 선택 합니다. )

 

 

19. Time Zone Selector ( Asia 를 선택 합니다.)

 

 

20. Countries in Asia (Korea, Republic of 를 선택 합니다.)

 

 

21. Time & Date ( 시간과 날짜 설정) 

 

 

22. Time & Date ( 시간과 날짜 설정) 

 

 

23. System Configuration (시스템 설정) 차후 /etc/rc.conf 를 수정하여 변경 할수 있습니다.

 

 

24. System Hardening ( Disable Sendmail service 를 선택 합니다.) 11 버전부터는 일부 서비스를 설치시 Disable 할수 있습니다.

 

 

25. Add User Accounts (추가유저 생성 No 선택 ) 차후 pw 명령어를 이용하여 유저를 생성 합니다. 

 

 

26. Final Configuration (Exit 를 선택하여 설치를 종료 합니다.)

 

 

27. Complete (FreeBSD 11.1 의 설치가 완료 되었습니다. Reboot 를 선택합니다.) 

Docker install

# Docker EE 와 CE 차이

– Docker Enterprise Edition / Docker Community Edition

 

# Docker install

Ubuntu 16.04

test@docker-test:~$ curl -s https://get.docker.com/ | sudo sh

 

CentOS7

# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum install docker-ce
# systemctl enable docker
# systemctl start docker

 

 

# sudo 없이 사용하기

docker는 기본적으로 root권한이 필요합니다. root가 아닌 사용자가 sudo없이 사용하려면 해당 사용자를 docker그룹에 추가합니다.

sudo usermod -aG docker $USER # 현재 접속중인 사용자에게 권한주기

test@docker-test:~$ sudo usermod -aG docker test

사용자가 로그인 중이라면 다시 로그인 후 권한이 적용됩니다.

# Docker Version 확인

test@docker-test:~$ docker version
Client:
 Version:      17.03.0-ce
 API version:  1.26
 Go version:   go1.7.5
 Git commit:   60ccb22
 Built:        Thu Feb 23 11:02:43 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.0-ce
 API version:  1.26 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   60ccb22
 Built:        Thu Feb 23 11:02:43 2017
 OS/Arch:      linux/amd64
 Experimental: false
test@docker-test:~$

 

# Container 실행

docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]

옵션 설명

-d : detached mode 흔히 말하는 백그라운드 모드
-p : 호스트와 컨테이너의 포트를 연결 (포워딩)
-v : 호스트와 컨테이너의 디렉토리를 연결 (마운트)
-e : 컨테이너 내에서 사용할 환경변수 설정
-name : 컨테이너 이름 설정
-rm : 프로세스 종료시 컨테이너 자동제거
-it : -i 와 -t 를 동시에 사용한것으로 터미널 입력을 위한 옵션
-link : 컨테이너 연결 [컨테이너명:별칭]

 

# Ubuntu 16.04 Container 생성

test@docker-test:~$ docker run ubuntu:16.04
Unable to find image 'ubuntu:16.04' locally
16.04: Pulling from library/ubuntu
d54efb8db41d: Pull complete
f8b845f45a87: Pull complete
e8db7bf7c39f: Pull complete
9654c40e9079: Pull complete
6d9ef359eaaa: Pull complete
Digest: sha256:dd7808d8792c9841d0b460122f1acf0a2dd1f56404f8d1e56298048885e45535
Status: Downloaded newer image for ubuntu:16.04
test@docker-test:~$

 

# Ubuntu 16.04 컨테이너 실행 및 컨테이너 접속

test@docker-test:~$ docker run --rm -it ubuntu:16.04 /bin/bash
root@ecc3042c5486:/# ls
bin   dev  home  lib64  mnt  proc  run   srv  tmp  var
boot  etc  lib   media  opt  root  sbin  sys  usr
root@ecc3042c5486:/# cat /etc/issue
Ubuntu 16.04.2 LTS \n \l

root@ecc3042c5486:/# uname -a
Linux ecc3042c5486 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
root@ecc3042c5486:/#

컨테이너 내부에 들어가기 위해 bash쉘을 실행 키보드 입력을 위해 -it 옵션을 사용
접속을 종료 하면 컨테이너가 자동으로 삭제 되도록 –rm 옵션을 추가합니다.

 

# apache Container 생성

-p 옵션을 사용하여 외부와 내부 80 포트를 연결 합니다.

–name 옵션을 사용하여 httpd-test 로 컨테이너 name 을 지정 합니다.

test@docker-test:~$ docker run -d -p 80:80 --name httpd-test httpd
Unable to find image 'httpd:latest' locally
latest: Pulling from library/httpd
f2b6b4884fc8: Pull complete
b58fe2a5c9f1: Pull complete
e797fea70c45: Pull complete
6c7b4723e810: Pull complete
02074013c987: Pull complete
a4a11b801d86: Pull complete
70d17a98bee0: Pull complete
Digest: sha256:8359424a58cf59f1ea6a1a55e3974d5d569a510ebec0004357cf200adce5f27a
Status: Downloaded newer image for httpd:latest
a88a9dbfe728a3d9a9ea1c209b6773eb24d7de63a16de97519d2acab5d762650
test@docker-test:~$

 

컨테이너 확인

test@docker-test:~$ docker ps
CONTAINER ID        IMAGE               COMMAND              CREATED              STATUS              PORTS                NAMES
a88a9dbfe728        httpd               "httpd-foreground"   About a minute ago   Up About a minute   0.0.0.0:80->80/tcp   httpd-test
test@docker-test:~$

 

접속 확인

 

컨테이너 정지시 docker stop $Container_id 를 사용합니다.

test@docker-test:~$ docker ps
CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS                NAMES
a88a9dbfe728        httpd               "httpd-foreground"   7 minutes ago       Up 6 minutes        0.0.0.0:80->80/tcp   httpd-test
test@docker-test:~$ docker stop a88a9dbfe728
a88a9dbfe728
test@docker-test:~$

 

컨테이너 재사용시 docker ps -a 으로 확인후

docker start $Container_id 를 하시면 됩니다.

test@docker-test:~$ docker ps -a
CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS                      PORTS               NAMES
a88a9dbfe728        httpd               "httpd-foreground"   8 minutes ago       Exited (0) 18 seconds ago                       httpd-test
test@docker-test:~$ docker start a88a9dbfe728
a88a9dbfe728
test@docker-test:~$

 

컨테이너 삭제시 docker rm 을 사용합니다.

test@docker-test:~$ docker rm a88a9dbfe728
a88a9dbfe728

 

docker run 으로 image 에서 만든 컨테이너만 삭제 되며 해당 이미지는 남아 있습니다.

test@docker-test:~$ docker images |grep -i httpd
httpd                 latest              e2a1033f4f86        2 hours ago         178MB
test@docker-test:~$

 

# MySQL5.7 Container 생성

test@docker-test:~$ docker run -d -p 3306:3306 -e MYSQL_ALLOW_EMPTY_PASSWORD=true --name mysql mysql:5.7
Unable to find image 'mysql:5.7' locally
5.7: Pulling from library/mysql
693502eb7dfb: Already exists
08d0e9d74b1b: Pull complete
e700ebfbe6bc: Pull complete
f718f1976629: Pull complete
575a0830e278: Pull complete
8461dfcf361d: Pull complete
349434898dfb: Pull complete
78d351522443: Pull complete
21897ab46952: Pull complete
ca6ffbbedc10: Pull complete
ba8ff064032b: Pull complete
Digest: sha256:6d4b33d189d62afe590ee4b35f92aae31ffa79ccc4d4db8bd3d3b893c8019596
Status: Downloaded newer image for mysql:5.7
f33c70888d81987a40957ea0f65fcf108d6a15248a25c139eebcf60ac6de4474
test@docker-test:~$

 

Host OS 에서 접속 테스트

test@docker-test:~$ mysql -h127.0.0.1 -uroot
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.17 MySQL Community Server (GPL)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.00 sec)

mysql> quit
Bye
test@docker-test:~$

 

# mariadb Container

docker search mariadb 명령어로 배포중인 mariadb 컨테이너를 확인 할수 있습니다.

공식 image 의 경우 OFFICIAL [OK] 를 확인 할수 있습니다.

test@ubuntu1604:~$ docker search mariadb
NAME                                   DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
mariadb                                MariaDB is a community-developed fork of M...   1462      [OK]
bitnami/mariadb                        Bitnami MariaDB Docker Image                    40                   [OK]
paintedfox/mariadb                     A docker image for running MariaDB 5.5, a ...   29                   [OK]
toughiq/mariadb-cluster                Dockerized Automated MariaDB Galera Cluste...   19                   [OK]
linuxserver/mariadb                    A Mariadb container, brought to you by Lin...   18
million12/mariadb                      MariaDB 10 on CentOS-7 with UTF8 defaults       14                   [OK]
webhippie/mariadb                      Docker images for mariadb                       10                   [OK]
colinmollenhour/mariadb-galera-swarm   MariaDb w/ Galera Cluster, DNS-based servi...   9                    [OK]
monitoringartist/zabbix-db-mariadb     Docker image of MariaDB optimized for Zabbix    8                    [OK]
panubo/mariadb-galera                  MariaDB Galera Cluster                          8                    [OK]
wodby/mariadb-alpine                   mariadb-alpine                                  5                    [OK]
wodby/drupal-mariadb                   MariaDB for Drupal                              4                    [OK]
tianon/mariadb                         DEPRECATED; use mariadb:* -- ♪ "I just met...   4                    [OK]
tutum/mariadb                          Base docker image to run a MariaDB databas...   3
lsioarmhf/mariadb                      ARMHF based Linuxserver.io image of mariadb     2
juanluisbaptiste/otrs-mariadb          Preconfigured MariaDB database for OTRS         1                    [OK]
wodby/mariadb                                                                          1                    [OK]
drupaldocker/mariadb                   MariaDB for Drupal                              1                    [OK]
needo/mariadb                                                                          1                    [OK]
jkleczkowski/mariadb                   You can change server charset and collatio...   0                    [OK]
benyoo/mariadb                         Alpine MariaDb run in docker                    0                    [OK]
centos/mariadb-101-centos7             MariaDB 10.1 SQL Database Server Docker image   0
whatwedo/mariadb                                                                       0                    [OK]
kitpages/mariadb-galera                MariaDB with Galera                             0                    [OK]
gjchen/mariadb                         Alpine Linux with MariaDB configured.           0                    [OK]
test@ubuntu1604:~$

 

mariadb 이미지 다운

mariadb:latest 의 경우 마지막 버전을 의미합니다.

test@ubuntu1604:~$ docker pull mariadb:latest
latest: Pulling from library/mariadb
ad74af05f5a2: Pull complete
0639788facc8: Pull complete
de70fa77eb2b: Pull complete
724179e94999: Pull complete
57fbc7ff5cf1: Pull complete
9d5794cf4e5c: Pull complete
b29a1331369b: Pull complete
66ad135be9a5: Pull complete
bb60a21b125b: Pull complete
8313b6b444b9: Pull complete
5891f0cb9ab8: Pull complete
55b71a694f6c: Pull complete
Digest: sha256:8ea33570152349b827d7121b88dc3f44a64e1cc7646cfae01faee4824b9b0007
Status: Downloaded newer image for mariadb:latest
test@ubuntu1604:~$

 

mariadb 컨테이너을 실행 합니다.

port 3306 으로 맵핑 하고 password 를 my-secret-pw 로 지정 하였습니다.

test@ubuntu1604:~$ docker run --name mariadb -p 3306:3306 -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mariadb:latest
(MYSQL_ROOT_PASSWORD= mariadb root password 입니다.)

test@ubuntu1604:~$ docker ps
CONTAINER ID        IMAGE                    COMMAND                  CREATED             STATUS              PORTS                                                      NAMES
5e66b8ea5c14        mariadb:latest           "docker-entrypoint..."   4 seconds ago       Up 4 seconds        0.0.0.0:3306->3306/tcp                                     mariadb
c8c1c38656cb        sanbsd/pure-ftpd:14.04   "/bin/sh -c '/usr/..."   18 hours ago        Up 36 minutes       0.0.0.0:21->21/tcp, 0.0.0.0:20000-20099->20000-20099/tcp   ftpd
331d935c6000        ssh-server               "/usr/sbin/sshd -D"      18 hours ago        Up 36 minutes       0.0.0.0:22222->22/tcp                                      ssh-server

 

Host 에서 mariadb 접속 테스트

-p 3306:3306 으로 맵핑 되어 있기 때문 -h 127.0.0.1 로 접속 할수 있습니다.

test@ubuntu1604:~$ mysql -h127.0.0.1 -uroot -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 14
Server version: 10.2.7-MariaDB-10.2.7+maria~jessie mariadb.org binary distribution

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> status;
--------------
mysql  Ver 15.1 Distrib 10.0.29-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

Connection id:          14
Current database:
Current user:           root@172.17.0.1
SSL:                    Not in use
Current pager:          stdout
Using outfile:          ''
Using delimiter:        ;
Server:                 MariaDB
Server version:         10.2.7-MariaDB-10.2.7+maria~jessie mariadb.org binary distribution
Protocol version:       10
Connection:             127.0.0.1 via TCP/IP
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    utf8
Conn.  characterset:    utf8
TCP port:               3306
Uptime:                 14 min 11 sec

Threads: 7  Questions: 48  Slow queries: 0  Opens: 36  Flush tables: 1  Open tables: 30  Queries per second avg: 0.056
--------------

MariaDB [(none)]>