最近要运维一个项目,准备在家办公,公司无远程作业环境,个人本本不喜欢别人碰,第一次在CentOS上安装,本案留以后使用,毕竟不是经常安装。
注:Oracle11gR2 X64安装
一、环境准备
安装包:
1.VMware-workstation-full-11.1.0-2496824.exe 2.CentOS-7-x86_64-DVD-1511.iso 3.linux.x64_11gR2_database_1of2.zip linux.x64_11gR2_database_2of2.zip
以上觉得不是重点,不给下载地址,不描述安装过程,安装完CentOS 7,截图如下:
第一次安装防坑,没有进行任何操作之前,先在VMware中创建该虚拟机快照,后期搞郁闷了,可以回归到该快照版本。特么还是不放心,又把该虚拟机完整克隆一份(强迫症)。
二、安装Oracle前准备
1.创建运行oracle数据库的系统用户和用户组
[sonny@localhost ~]$ su root #切换到root Password: [root@localhost sonny]# groupadd oinstall #创建用户组oinstall [root@localhost sonny]# groupadd dba #创建用户组dba [root@localhost sonny]# useradd -g oinstall -g dba -m oracle #创建oracle用户,并加入到oinstall和dba用户组 [root@localhost sonny]# passwd oracle #设置用户oracle的登陆密码,不设置密码,在CentOS的图形登陆界面没法登陆 Changing password for user oracle. New password: # 密码 BAD PASSWORD: The password is shorter than 8 characters Retype new password: # 确认密码 passwd: all authentication tokens updated successfully. [root@localhost sonny]# id oracle # 查看新建的oracle用户 uid=1001(oracle) gid=1002(dba) groups=1002(dba) [root@localhost sonny]#
为啥要创建oinstall用户组及dba组? 参考:http://www.oracle.com/technetwork/cn/articles/hunter-rac11gr2-iscsi-2-092412-zhs.html#13
理论上单例按照需要3种用户组,实际只建两个oinstall和dba,后面再安装oracle数据库的时候把OSOPER组也设置是dba组。
a.oracle 清单组(一般为oinstall): OINSTALL 组的成员被视为 Oracle 软件的“所有者”,拥有对 Oracle 中央清单 (oraInventory) 的写入权限。在一个 Linux 系统上首次安装 Oracle 软件时,
OUI 会创建 /etc/oraInst.loc 文件。该文件指定 Oracle 清单组的名称(默认为 oinstall)以及 Oracle 中央清单目录的路径。 b.数据库管理员(OSDBA,一般为 dba): OSDBA 组的成员可通过操作系统身份验证使用 SQL 以 SYSDBA 身份连接到一个 Oracle 实例。该组的成员可执行关键的数据库管理任务,如创建数据库、启动和关
闭实例。该组的默认名称为dba。SYSDBA 系统权限甚至在数据库未打开时也允许访问数据库实例。对此权限的控制完全超出了数据库本身的范围。不要混淆 SYSDBA
系统权限与数据库角色 DBA。DBA 角色不包括 SYSDBA 或 SYSOPER 系统权限。 c.数据库操作员组(OSOPER,一般为 oper): OSOPER 组的成员可通过操作系统身份验证使用 SQL 以 SYSOPER 身份连接到一个 Oracle 实例。这个可选组的成员拥有一组有限的数据库管理权限,如管理和运行备份。
该组的默认名称为oper。SYSOPER 系统权限甚至在数据库未打开时也允许访问数据库实例。对此权限的控制完全超出了数据库本身的范围。要使用该组,选择 Advanced 安装类型来安装 Oracle 数据库软件。 2.创建oracle数据库安装目录
[sonny@localhost ~]$ su root Password: [root@localhost sonny]# mkdir -p /data/oracle #oracle数据库安装目录 [root@localhost sonny]# mkdir -p /data/oraInventory #oracle数据库配置文件目录 [root@localhost sonny]# mkdir -p /data/database #oracle数据库软件包解压目录 [root@localhost sonny]# cd /data [root@localhost data]# ls #创建完毕检查一下(强迫症) database oracle oraInventory [root@localhost data]# chown -R oracle:oinstall /data/oracle #设置目录所有者为oinstall用户组的oracle用户 [root@localhost data]# chown -R oracle:oinstall /data/oraInventory [root@localhost data]# chown -R oracle:oinstall /data/database [root@localhost data]#
3.修改OS系统标识
oracle默认不支持CentOS系统安装,Oracle Database 11g Release 2 的 OS要求参考: https://docs.oracle.com/cd/E11882_01/install.112/e47689/pre_install.htm#LADBI1106
我安装是64位数据库,On Linux x86-64:Red Hat Enterprise Linux 7 (RHEL 7)
另外,CentOS7.0.1511 基于 RHEL7.2 参考:http://www.linuxidc.com/Linux/2015-12/126283.htm
修改文件 /etc/RedHat-release
[sonny@localhost data]$ su root Password: [root@localhost data]# cat /proc/version Linux version 3.10.0-327.el7.x86_64 (builder@kbuilder.dev.centos.org) (gcc version 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) ) #1 SMP Thu Nov 19 22:10:57 UTC 2015 [root@localhost data]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core) [root@localhost data]# vi /etc/redhat-release [root@localhost data]# cat /etc/redhat-release redhat-7 [root@localhost data]#
4.安装oracle数据库所需要的软件包
重复一遍,我安装时Oracle Database 11g Release 2 64位数据库。
Oracle Database Package Requirements for Linux x86-64 如下:(参考:https://docs.oracle.com/cd/E11882_01/install.112/e47689/pre_install.htm#BABCFJFG)
操作系统:Oracle Linux 7 and Red Hat Enterprise Linux 7 The following packages (or later versions) must be installed: binutils-2.23.52.0.1-12.el7.x86_64 compat-libcap1-1.10-3.el7.x86_64 gcc-4.8.2-3.el7.x86_64 gcc-c++-4.8.2-3.el7.x86_64 glibc-2.17-36.el7.i686 glibc-2.17-36.el7.x86_64 glibc-devel-2.17-36.el7.i686 glibc-devel-2.17-36.el7.x86_64 ksh libaio-0.3.109-9.el7.i686 libaio-0.3.109-9.el7.x86_64 libaio-devel-0.3.109-9.el7.i686 libaio-devel-0.3.109-9.el7.x86_64 libgcc-4.8.2-3.el7.i686 libgcc-4.8.2-3.el7.x86_64 libstdc++-4.8.2-3.el7.i686 libstdc++-4.8.2-3.el7.x86_64 libstdc++-devel-4.8.2-3.el7.i686 libstdc++-devel-4.8.2-3.el7.x86_64 libXi-1.7.2-1.el7.i686 libXi-1.7.2-1.el7.x86_64 libXtst-1.2.2-1.el7.i686 libXtst-1.2.2-1.el7.x86_64 make-3.82-19.el7.x86_64 sysstat-10.1.5-1.el7.x86_64
老实人,第一次搞,一个一个的安装,命令也很简单,反正文档要求高版本也可以:
[sonny@localhost data]$ binutils 省略...
5.关闭防火墙 CentOS 7.2默认使用的是firewall作为防火墙
[sonny@localhost /]$ su root Password: [root@localhost /]# systemctl status firewalld.service #查看防火墙状态,运行中 ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2016-04-07 18:54:29 PDT; 2h 20min ago Main PID: 802 (firewalld) CGroup: /system.slice/firewalld.service └─802 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid Apr 07 18:54:25 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... Apr 07 18:54:29 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. [root@localhost /]# systemctl stop firewalld.service #关闭防火墙 [root@localhost /]# systemctl status firewalld.service #再次查看防火墙状态,发现已关闭 ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: inactive (dead) since Thu 2016-04-07 21:15:34 PDT; 9s ago Main PID: 802 (code=exited, status=0/SUCCESS) Apr 07 18:54:25 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... Apr 07 18:54:29 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. Apr 07 21:15:33 localhost systemd[1]: Stopping firewalld - dynamic firewall daemon... Apr 07 21:15:34 localhost systemd[1]: Stopped firewalld - dynamic firewall daemon. [root@localhost /]# systemctl disable firewalld.service #禁止使用防火墙(重启也是禁止的) Removed symlink /etc/systemd/system/dbus-org.Fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service. [root@localhost /]#
防火墙先禁用,搞好之后再配置,个人虚拟机,要毛线防火墙~~
6.关闭selinux(需重启生效)
[root@localhost /]# vi /etc/selinux/config [root@localhost /]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled #此处修改为disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@localhost /]#
为啥要关闭selinux?因为selinux太高深,非专业人士搞不懂~~
7.修改内核参数
红色部分为添加代码
[sonny@localhost /]$ su root Password: [root@localhost /]# vi /etc/sysctl.conf [root@localhost /]# cat /etc/sysct.conf cat: /etc/sysct.conf: No such file or directory [root@localhost /]# cat /etc/sysctl.conf # System default settings live in /usr/lib/sysctl.d/00-system.conf. # To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file # # For more information, see sysctl.conf(5) and sysctl.d(5). net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.conf.all.rp_filter = 1 fs.file-max = 6815744 #设置最大打开文件数 fs.aio-max-nr = 1048576 kernel.shmall = 2097152 #共享内存的总量,8G内存设置:2097152*4k/1024/1024 kernel.shmmax = 2147483648 #最大共享内存的段大小 kernel.shmmni = 4096 #整个系统共享内存端的最大数 kernel.sem = 250 32000 100 128 net.ipv4.ip_local_port_range = 9000 65500 #可使用的IPv4端口范围 net.core.rmem_default = 262144 net.core.rmem_max= 4194304 net.core.wmem_default= 262144 net.core.wmem_max= 1048576 [root@localhost /]#
使配置参数生效
[root@localhost /]# sysctl -p net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.conf.all.rp_filter = 1 sysctl: setting key "fs.file-max": Invalid argument fs.file-max = 6815744 #设置最大打开文件数 fs.aio-max-nr = 1048576 sysctl: setting key "kernel.shmall": Invalid argument kernel.shmall = 2097152 #共享内存的总量,8G内存设置:2097152*4k/1024/1024 sysctl: setting key "kernel.shmmax": Invalid argument kernel.shmmax = 2147483648 #最大共享内存的段大小 sysctl: setting key "kernel.shmmni": Invalid argument kernel.shmmni = 4096 #整个系统共享内存端的最大数 kernel.sem = 250 32000 100 128 sysctl: setting key "net.ipv4.ip_local_port_range": Invalid argument net.ipv4.ip_local_port_range = 9000 65500 #可使用的IPv4端口范围 net.core.rmem_default = 262144 net.core.rmem_max = 4194304 net.core.wmem_default = 262144 net.core.wmem_max = 1048576 [root@localhost /]#
8.对oracle用户设置限制,提高软件运行性能(红色为添加部分)
[sonny@localhost /]$ su root Password: [root@localhost /]# vi /etc/security/limits.conf [root@localhost /]# cat /etc/security/limits.conf # /etc/security/limits.conf # #This file sets the resource limits for the users logged in via PAM. #It does not affect resource limits of the system services. # #Also note that configuration files in /etc/security/limits.d directory, #which are read in alphabetical order, override the settings in this #file in case the domain is the same or more specific. #That means for example that setting a limit for wildcard domain here #can be overriden with a wildcard setting in a config file in the #subdirectory, but a user specific setting here can be overriden only #with a user specific setting in the subdirectory. # #Each line describes a limit for a user in the form: # #<domain> <type> <item> <value> # #Where: #<domain> can be: # - a user name # - a group name, with @group syntax # - the wildcard *, for default entry # - the wildcard %, can be also used with %group syntax, # for maxlogin limit # #<type> can have the two values: # - "soft" for enforcing the soft limits # - "hard" for enforcing hard limits # #<item> can be one of the following: # - core - limits the core file size (KB) # - data - max data size (KB) # - fsize - maximum filesize (KB) # - memlock - max locked-in-memory address space (KB) # - nofile - max number of open file descriptors # - rss - max resident set size (KB) # - stack - max stack size (KB) # - cpu - max CPU time (MIN) # - nproc - max number of processes # - as - address space limit (KB) # - maxlogins - max number of logins for this user # - maxsyslogins - max number of logins on the system # - priority - the priority to run user process with # - locks - max number of file locks the user can hold # - sigpending - max number of pending signals # - msgqueue - max memory used by POSIX message queues (bytes) # - nice - max nice priority allowed to raise to values: [-20, 19] # - rtprio - max realtime priority # #<domain> <type> <item> <value> # #* soft core 0 #* hard rss 10000 #@student hard nproc 20 #@faculty soft nproc 20 #@faculty hard nproc 50 #ftp hard nproc 0 #@student - maxlogins 4 oracle soft nproc 2047 oracle hard nproc 16384 oracle soft nofile 1024 oracle hard nofile 65536 # End of file [root@localhost /]#
9.配置用户的环境变量(红色部分为添加代码)
[root@localhost /]# vi /home/oracle/.bash_profile [root@localhost /]# cat /home/oracle/.bash_profile # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/.local/bin:$HOME/bin export PATH export ORACLE_BASE=/data/oracle #oracle数据库安装目录 export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/db_1 #oracle数据库路径 export ORACLE_SID=orcl #oracle启动数据库实例名 export ORACLE_TERM=xterm #xterm窗口模式安装 export PATH=$ORACLE_HOME/bin:/usr/sbin:$PATH #添加系统环境变量 export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib #添加系统环境变量 export #防止安装过程出现乱码 export NLS_LANG=AMERICAN_AMERICA.ZHS16GBK #设置Oracle客户端字符集,必须与Oracle安装时设置的字符集保持一致,如:ZHS16GBK,否则出现数据导入导出中文乱码问题 [root@localhost /]#
使上述配置立即生效:
[oracle@localhost /]$ su root Password: [root@localhost /]# source /home/oracle/.bash_profile [root@localhost /]#
10.上述都搞定了,上传安装包我喜欢xftp,将oracle安装包上传到/usr/local/src
11.解压安装包
[oracle@localhost /]$ cd /usr/local/src #进入/usr/local/src目录 [oracle@localhost src]$ ls linux.x64_11gR2_database_1of2.zip linux.x64_11gR2_database_2of2.zip [oracle@localhost src]$ unzip linux.x64_11gR2_database_1of2.zip -d /data/database/ #解压 (省略...) [oracle@localhost src]$ unzip linux.x64_11gR2_database_2of2.zip -d /data/database/ #解压 (省略...) [oracle@localhost src]$ su root Password: [root@localhost src]# chown -R oracle:oinstall /data/database/database/ [root@localhost src]#
三、oracle安装
1.图形界面登陆oracle用户:
2.启动oralce安装,到/data/database/database/目录下,执行runInstaller
3.去掉勾,懒得填,个人使用环境不需要自动接收Oracle的安全更新。
4.下一步,只安装数据库软件,个人用不要那些玩意~~
