The deployment of some of the problems encountered by the project in the Linux environment

1 two servers, one server wants a resource file folder corresponding to another server to mount the directory:

　　Requirements: master server has a resource folder, a special management system pictures, documents and other resources, but also from the corresponding directory server, want to mount to the main server. such as:

192.168.10.10 server from under / home / directory you want to map / mapping-based / home directory server at 192.168.10.90 / mapped / 
( In short, the need to use resources from the server file folder under the main server , that is, the mount from the server to the primary server, so the uploaded files from the server to the master server, the process to achieve the shared folder )

1, respectively 192.168.10.10, mounted on 192.168.10.90 nfs server, the rpcbind;

yum install nfs-utils rpcbind (Tip y / n or the like, enter y can be a)

2, the main 192.168.10.90 (server is mapped) to modify the / etc / exports file rearmost add a line is exposed to the directory from 192.168.10.10 server, and to assign it to that directory;

/ home / directory is mapped 192.168.10.10 ( rw, the async, no_root_squash )

3, both servers start nfs and rpcbind service:　　

service rpcbind start
service nfs start

4, add the following three ports open on a server from a firewall configuration file 192.168.10.10 (Run: vi / etc / sysconfig / iptables);

-A INPUT -p tcp -m state --state NEW -m tcp --dport 4046 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 111 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT

5, from 192.168.10.10 start the rpcbind and nfs services, and mount;

mount -t nfs 192.168.10.90:/home/ directory is mapped / home / directory to be mapped

During the mount command is executed, while being given access denied by server while mounting. I added a way to solve the second step insecure . That is

 to modify the configuration file / etc / exports, adding insecure option to restart the nfs service, and then try to mount. 
/ Home / nfsshare / * ( in the insecure , rw, the async, no_root_squash)

 

6, the mount is successful, you can use the command to view nf ; 
execute the command: df -h

2.Linux to the current user specified directory authorization command:

Use the command:

1 chown -R user:user ./local

Description: user for the current user; local to the specified folder.

3.Linux Firewall:

First make sure the current version of Linux. Because different versions of command to view a firewall, use the following command is Red Hat's command:

Turn off the firewall
execute the command: systemctl stop iptables

Problem:
Installation centOS7 on a virtual machine, configure Tomcat and started successfully. But you can not access Tomcat 8080 port the browser actually.
tomcat configuration, please refer to the article: Linux-CentOS7 configure Tomcat
reason:
because CentOS 7 or RHEL 7 or Fedora, the default firewall is managed by firewalld, but firewalld not open to port 8080, so be open 8080 port configuration.
Versions prior to 7 CentOs, by the iptables Linuxs port control.
After CentOS upgrade to 7, you can not use the iptables control Linuxs port, because it is Centos 7 firewalld use instead of the original iptables.
Here are two ways to solve this problem.

Solution one, to restore the traditional iptables management.

1, execute the command set firewalld
systemctl STOP firewalld
systemctl mask firewalld
2, install iptables-services
execute the command: yum install iptables-services
if you do not install directly related to the implementation of iptables command error:
Failed to STOP iptables.service: Unit iptables.service not loaded.

3, turn off the firewall
execute the command: systemctl stop iptables

4、编辑 vi /etc/sysconfig/iptables（第四不我没有执行，问题就解决了）
添加以下内容并保存退出：
#允许8080端口通过防火墙
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
#允许3306端口通过防火墙
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
#允许9904端口通过防火墙
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9904 -j ACCEPT

5、重启防火墙
执行命令：systemctl restart iptables

6、打开外部浏览器，输入http://centOS IP:8080
即可看到Tomcat欢迎界面！

解决方案二，firewalld 进行8080端口开放配置
1、在firewalld 上开放8080端口
输入命令：
firewall-cmd --zone=public --add-port=8080/tcp --permanent
命令解析：
–zone #作用域
–add-port=8080/tcp #添加端口，格式为：端口/通讯协议
–permanent #永久生效，没有此参数设置，重启后会失效。
2、重启防火墙
输入命令：firewall-cmd --reload