CentOS编译httpd 2.4.43 http2报错处理

 未分类  No Responses »
7 月 282020
 

CentOS 8

编译报错(提示为nghttp2版本太旧)

[root@test httpd-2.4.43]# ./configure --enable-http2

checking for nghttp2... checking for user-provided nghttp2 base directory... none
checking for pkg-config along ... checking for nghttp2 version >= 1.2.1... FAILED
configure: WARNING: nghttp2 version is too old

启用仅CentOS 8支持的Power Tools软件源仓库

可供 CentOS 使用的软件库
https://wiki.centos.org/zh/AdditionalResources/Repositories

PowerTools —— 只供 CentOS8 使用,PowerTools 软件库提供了大量开发者用的工具。缺省是停用的。

[root@test httpd-2.4.43]# dnf config-manager --set-enabled PowerTools
[root@test httpd-2.4.43]# dnf makecache
CentOS-8 - AppStream                                           9.6 kB/s | 4.3 kB     00:00
CentOS-8 - Base                                                8.6 kB/s | 3.9 kB     00:00
CentOS-8 - Extras                                              4.4 kB/s | 1.5 kB     00:00
CentOS-8 - PowerTools                                          1.7 MB/s | 1.9 MB     00:01
Extra Packages for Enterprise Linux Modular 8 - x86_64          57 kB/s |  18 kB     00:00
Extra Packages for Enterprise Linux 8 - x86_64                  58 kB/s |  18 kB     00:00
Metadata cache created.
[root@test httpd-2.4.43]#

安装开发库

[root@test httpd-2.4.43]# dnf -y install libnghttp2-devel

===============================================================================================
 Package                   Architecture    Version                   Repository           Size
===============================================================================================
Installing:
 libnghttp2-devel          x86_64          1.33.0-3.el8_2.1          PowerTools           60 k

Transaction Summary
===============================================================================================
Install  1 Package

重新编译

[root@test httpd-2.4.43]# ./configure --enable-http2

checking whether to enable mod_http2... checking dependencies
checking for OpenSSL... (cached) yes
  setting MOD_LDFLAGS to "-lssl -lcrypto    -lpthread -ldl"
  setting MOD_CFLAGS to ""
  setting MOD_CPPFLAGS to "-DH2_OPENSSL"
checking for nghttp2... checking for user-provided nghttp2 base directory... none
checking for pkg-config along ...   setting MOD_CFLAGS to ""
checking for nghttp2 version >= 1.2.1... OK
  adding "-lnghttp2" to MOD_LDFLAGS
  setting LIBS to "-lnghttp2    -lpthread -ldl"
checking nghttp2/nghttp2.h usability... yes
checking nghttp2/nghttp2.h presence... yes
checking for nghttp2/nghttp2.h... yes
checking for nghttp2_session_server_new2... yes
checking for nghttp2_stream_get_weight... yes
checking for nghttp2_session_change_stream_priority... yes
  adding "-DH2_NG2_CHANGE_PRIO" to MOD_CPPFLAGS
checking for nghttp2_session_callbacks_set_on_invalid_header_callback... yes
  adding "-DH2_NG2_INVALID_HEADER_CB" to MOD_CPPFLAGS
checking for nghttp2_session_get_stream_local_window_size... yes
  adding "-DH2_NG2_LOCAL_WIN_SIZE" to MOD_CPPFLAGS
yes
  setting MOD_HTTP2_LDADD to "-export-symbols-regex http2_module"

pfSense IPsec 站点到站点VPN拓扑图

 云计算, 路由与交换技术  No Responses »
7 月 282020
 

防火墙IPSEC规则方向:入站方向

Firewall -> Rules -> IPsec

[SITE A][10.25.100.0/22] 
Allow Protocol IPv4 * Source 10.25.112.0/22 Port * to Destination 10.25.100.0/22 Port *

[SITE B][10.25.112.0/22]
Allow Protocol IPv4 * Source 10.25.100.0/22 Port * to Destination 10.25.112.0/22 Port *

基于隧道的路由测试A节点

[A][10.25.100.4]

[root@test ~]# ip route add 10.25.112.0/22 via 10.25.100.3 dev ens7 metric 101 proto static

[root@test ~]# ping -c 4 10.25.100.3
PING 10.25.100.3 (10.25.100.3) 56(84) bytes of data.
64 bytes from 10.25.100.3: icmp_seq=1 ttl=64 time=0.455 ms
64 bytes from 10.25.100.3: icmp_seq=2 ttl=64 time=0.540 ms
64 bytes from 10.25.100.3: icmp_seq=3 ttl=64 time=0.465 ms
64 bytes from 10.25.100.3: icmp_seq=4 ttl=64 time=0.455 ms

--- 10.25.100.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 116ms
rtt min/avg/max/mdev = 0.455/0.478/0.540/0.044 ms
[root@test ~]#
[root@test ~]# ping -c 4 10.25.112.3
PING 10.25.112.3 (10.25.112.3) 56(84) bytes of data.
64 bytes from 10.25.112.3: icmp_seq=1 ttl=63 time=36.0 ms
64 bytes from 10.25.112.3: icmp_seq=2 ttl=63 time=35.9 ms
64 bytes from 10.25.112.3: icmp_seq=3 ttl=63 time=35.9 ms
64 bytes from 10.25.112.3: icmp_seq=4 ttl=63 time=35.9 ms

--- 10.25.112.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 7ms
rtt min/avg/max/mdev = 35.860/35.922/36.009/0.145 ms
[root@test ~]#

基于隧道的路由测试B节点

[B][10.25.112.4]

[root@test2 ~]# ip route add 10.25.100.0/22 via 10.25.112.3 dev ens7 metric 101 proto static

[root@test2 ~]# ping -c 4 10.25.112.3
PING 10.25.112.3 (10.25.112.3) 56(84) bytes of data.
64 bytes from 10.25.112.3: icmp_seq=1 ttl=64 time=0.573 ms
64 bytes from 10.25.112.3: icmp_seq=2 ttl=64 time=0.558 ms
64 bytes from 10.25.112.3: icmp_seq=3 ttl=64 time=0.458 ms
64 bytes from 10.25.112.3: icmp_seq=4 ttl=64 time=0.469 ms

--- 10.25.112.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 93ms
rtt min/avg/max/mdev = 0.458/0.514/0.573/0.056 ms
[root@test2 ~]#
[root@test2 ~]# ping -c 4 10.25.100.3
PING 10.25.100.3 (10.25.100.3) 56(84) bytes of data.
64 bytes from 10.25.100.3: icmp_seq=1 ttl=63 time=35.9 ms
64 bytes from 10.25.100.3: icmp_seq=2 ttl=63 time=35.8 ms
64 bytes from 10.25.100.3: icmp_seq=3 ttl=63 time=35.7 ms
64 bytes from 10.25.100.3: icmp_seq=4 ttl=63 time=35.7 ms

--- 10.25.100.3 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 35.663/35.783/35.947/0.170 ms
[root@test2 ~]#
[root@test2 ~]# ping -c 4 10.25.100.4
PING 10.25.100.4 (10.25.100.4) 56(84) bytes of data.
64 bytes from 10.25.100.4: icmp_seq=1 ttl=62 time=36.5 ms
64 bytes from 10.25.100.4: icmp_seq=2 ttl=62 time=36.5 ms
64 bytes from 10.25.100.4: icmp_seq=3 ttl=62 time=36.3 ms
64 bytes from 10.25.100.4: icmp_seq=4 ttl=62 time=36.5 ms

--- 10.25.100.4 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 36.300/36.448/36.535/0.162 ms
[root@test2 ~]#

节点A与节点B均需要配置静态路由,即必须有双向路由,节点间才可正常通信。

MariaDB SQL Mode对数据库语法的影响

 数据库  No Responses »
7 月 012020
 

MariaDB SQL Mode对数据库操作语法的影响

https://mariadb.com/kb/en/sql-mode/#setting-sql_mode

自MariaDB 10.2.4版本后的默认SQL模式

STRICT_TRANS_TABLES, ERROR_FOR_DIVISION_BY_ZERO , NO_AUTO_CREATE_USER, NO_ENGINE_SUBSTITUTION

当SQL模式中配置NO_AUTO_CREATE_USER启用,执行GRANT授权时只有同时指定验证信息才能成功创建用户账户,否则就需要使用CREATE USER单独创建用户账户。

https://mariadb.com/kb/en/grant/#implicit-account-creation
https://mariadb.com/kb/en/create-user/
https://mariadb.com/kb/en/set-password/

查看当前数据库系统的SQL MODE设置

MariaDB [mysql]> select @@sql_mode;
+-------------------------------------------------------------------------------------------+
| @@sql_mode                                                                                |
+-------------------------------------------------------------------------------------------+
| STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION |
+-------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)

MariaDB [mysql]> select @@global.sql_mode;
+-------------------------------------------------------------------------------------------+
| @@global.sql_mode                                                                         |
+-------------------------------------------------------------------------------------------+
| STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION |
+-------------------------------------------------------------------------------------------+
1 row in set (0.000 sec)

MariaDB [mysql]>

错误用法

MariaDB [mysql]> create database example;
Query OK, 1 row affected (0.000 sec)

MariaDB [mysql]> grant all on example.* to test_user@localhost;
ERROR 1133 (28000): Can't find any matching row in the user table
MariaDB [mysql]>

正确用法一

MariaDB [mysql]> grant all on example.* to test_user@localhost identified by 'testpwd';
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]>

正确用法二

MariaDB [mysql]> create user test_user@localhost;
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]> set password for test_user@localhost=password('testpwd');
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]> grant all on example.* to test_user@localhost;
Query OK, 0 rows affected (0.000 sec)

MariaDB [mysql]>

使用timedatectl查询和调整系统时间日期

 未分类  No Responses »
7 月 012020
 

查看系统时间日期配置

[centos@dev ~]$ sudo timedatectl
[sudo] password for centos:
               Local time: Wed 2020-07-01 09:21:55 UTC
           Universal time: Wed 2020-07-01 09:21:55 UTC
                 RTC time: Wed 2020-07-01 09:21:55
                Time zone: UTC (UTC, +0000)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
[centos@dev ~]$
[centos@dev ~]$ sudo timedatectl --help
timedatectl [OPTIONS...] COMMAND ...

Query or change system time and date settings.

  -h --help                Show this help message
     --version             Show package version
     --no-pager            Do not pipe output into a pager
     --no-ask-password     Do not prompt for password
  -H --host=[USER@]HOST    Operate on remote host
  -M --machine=CONTAINER   Operate on local container
     --adjust-system-clock Adjust system clock when changing local RTC mode
     --monitor             Monitor status of systemd-timesyncd
  -p --property=NAME       Show only properties by this name
  -a --all                 Show all properties, including empty ones
     --value               When showing properties, only print the value

Commands:
  status                   Show current time settings
  show                     Show properties of systemd-timedated
  set-time TIME            Set system time
  set-timezone ZONE        Set system time zone
  list-timezones           Show known time zones
  set-local-rtc BOOL       Control whether RTC is in local time
  set-ntp BOOL             Enable or disable network time synchronization

systemd-timesyncd Commands:
  timesync-status          Show status of systemd-timesyncd
  show-timesync            Show properties of systemd-timesyncd
[centos@dev ~]$

修改系统时区 

[centos@dev ~]$ sudo timedatectl set-timezone Asia/Hong_Kong
[centos@dev ~]$ date
Wed Jul  1 17:22:59 HKT 2020
[centos@dev ~]$
[centos@dev ~]$ sudo timedatectl
               Local time: Wed 2020-07-01 17:24:20 HKT
           Universal time: Wed 2020-07-01 09:24:20 UTC
                 RTC time: Wed 2020-07-01 09:24:20
                Time zone: Asia/Hong_Kong (HKT, +0800)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
[centos@dev ~]$