当前位置:Gxlcms > 数据库问题 > CENTOS 7.5【部署安装ORACLE.11G数据库】

CENTOS 7.5【部署安装ORACLE.11G数据库】

时间:2021-07-01 10:21:17 帮助过:12人阅读

1、部署环境要求
(1)操作系统版本:CentOS 7.x(最小化安装)
(2)最小内存容量:4GB
(3)最小CPU核心数:2核心
(4)最小磁盘空间:50GB
(5)磁盘分区建议:500GB磁盘空间为例
           /:50GB(根分区)
           /boot:500MB
           /home:50GB
           swap:物理内存小于4GB时,swap分配值为物理内存2倍,物理内存大于4GB时,swap分配值为物理内存1.5倍
           /data:剩余全部空间

 2、部署软件准备

Oracle Database SoftPack:linux.x64_11gR2_database_1of2.zip
Oracle Database SoftPack:linux.x64_11gR2_database_2of2.zip

 3、网络参数配置

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=8586e405-4459-42e2-ac9f-def02881736d
DEVICE=ens33
ONBOOT=yes
MACADDR=preserve
IPADDR=10.10.10.133
PREFIX=24
GATEWAY=10.10.10.10
DNS1=114.114.114.114
IPV6_PRIVACY=no
ZONE=public

 4、系统软件安装

[root@localhost ~]# yum -y install vim net-tools tree unzip lrzsz

5、系统安全配置
(1)关闭SELINUX安全访问控制

[root@localhost ~]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# SELINUX=enforcing       //注释掉此处
   SELINUX=disabled        //新增此处,并将SELINUX状态设置关闭状态disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

(2)配置防火墙安全规则

[root@localhost ~]# systemctl status firewalld.service //查看防火墙运行状态
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since 五 2019-08-30 22:58:53 CST; 8h ago
     Docs: man:firewalld(1)
 Main PID: 841 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─841 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

8月 30 22:58:52 oracleserver.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
8月 30 22:58:53 oracleserver.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.

[root@localhost ~]# firewall-cmd --zone=public --add-port=1521/tcp --permanent  //开放1521端口
success
[root@localhost ~]# firewall-cmd --zone=public --add-port=1158/tcp --permanent  //开放1158端口
success 
[root@localhost ~]# firewall-cmd --zone=public --add-port=22/tcp --permanent  //开放22端口
success

[root@localhost ~]# firewall-cmd --reload  //重启载入防火墙配置
success

[root@localhost ~]# firewall-cmd --zone=public --list-ports  //查看已开放端口
22/tcp   1158/tcp   1521/tcp

6、安装依赖软件

32位依赖软件:
[root@localhost ~]# yum -y install binutils compat-libcap1 compat-libstdc++-33 compat-libstdc++-33*i686 compat-libstdc++-33*.devel compat-libstdc++-33 compat-libstdc++-33*.devel gcc gcc-c++ glibc glibc*.i686 glibc-devel glibc-devel*.i686 ksh libaio libaio*.i686 libaio-devel libaio-devel*.devel libgcc libgcc*.i686 libstdc++ libstdc++*.i686 libstdc++-devel libstdc++-devel*.devel libXi libXi*.i686 libXtst libXtst*.i686 make sysstat unixODBC unixODBC*.i686 unixODBC-devel unixODBC-devel*.i686

64位依赖软件:
[root@localhost ~]# yum -y install binutils-2.* compat-libstdc++-33* elfutils-libelf-0.* elfutils-libelf-devel-* gcc-4.* gcc-c++-4.* glibc-2.* glibc-common-2.* glibc-devel-2.* glibc-headers-2.* ksh-2* libaio-0.* libaio-devel-0.* libgcc-4.* libstdc++-4.* libstdc++- devel-4.* make-3.* sysstat-7.* unixODBC-2.* unixODBC-devel-2.* pdksh*

检查依赖软件:
[root@localhost ~]# rpm -q binutils compat-libcap1 compat-libstdc++-33 compat-libstdc++-33*i686 compat-libstdc++-33*.devel compat-libstdc++-33 compat-libstdc++-33*.devel gcc gcc-c++ glibc glibc*.i686 glibc-devel glibc-devel*.i686 ksh libaio libaio*.i686 libaio-devel libaio-devel*.devel libgcc libgcc*.i686 libstdc++ libstdc++*.i686 libstdc++-devel libstdc++-devel*.devel libXi libXi*.i686 libXtst libXtst*.i686 make sysstat unixODBC unixODBC*.i686 unixODBC-devel unixODBC-devel*.i686

执行安装更新:
[root@localhost ~]# yum update

5、部署用户配置
(1)创建部署用户

[root@localhost ~]# groupadd oinstall  //创建oinstall用户组
[root@localhost ~]# groupadd dba        //创建dba用户组
[root@localhost ~]# useradd -g oinstall -G dba oracle   //创建oracle用户并将用户加入到oinstall、dba两个用户组
[root@localhost ~]# passwd oracle    //设置oracle用户密码
更改用户 oracle 的密码 。
新的 密码:
重新输入新的 密码:
passwd: 所有的身份验证令牌已经成功更新。

 

 (2)创建部署目录

[root@localhost ~]# mkdir -p /oracle/app/product/11.2.0/dbhome_1
[root@localhost ~]# mkdir -p /oracle/app/oradata
[root@localhost ~]# mkdir -p /oracle/flash_recovery_area
[root@localhost ~]# mkdir -p /oracle/oraInventory
[root@localhost ~]# mkdir -p /oracle/response
[root@localhost ~]# mkdir -p /software
[root@localhost ~]# chown oracle:oinstall -R /oracle/
[root@localhost ~]# chown oracle:oinstall -R /software/
[root@localhost ~]# chmod -R 755 /oracle/
[root@localhost ~]# chmod -R 755 /software/

6、配置部署参数
(1)配置系统主机参数

[root@localhost ~]# hostnamectl set-hostname oracleserver.localdomain //修改主机名称

[root@localhost ~]# vim /etc/hosts   //配置主机网络地址与主机名称映射记录
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
10.10.10.133  oracleserver  oracleserver.localdomain

[root@oracleserver ~]# vim /etc/redhat-release   //配置系统标识参数
#CentOS Linux release 7.6.1810 (Core) 
Red Hat Enterprise Linux Server release 7.3 (Maipo)   

[root@localhost ~]# reboot   //重启操作系统

(2)配置系统内核参数

[root@oracleserver ~]# vim /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).

#Oracle Install Parameter  //添加下面内核参数
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 4194304
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576

[root@oracleserver ~]# /sbin/sysctl -p  //更新内核参数,等效命令
[root@oracleserver ~]# /sysctl -p       //更新内核参数,等效命令
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmall = 2097152
kernel.shmmax = 2147483648
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 4194304
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576

(3)配置登录身份认证

[root@oracleserver ~]# vim /etc/pam.d/login 
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth       substack     system-auth
auth       include      postlogin
account    required     pam_nologin.so
account    include      system-auth
password   include      system-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    required     pam_namespace.so
session    optional     pam_keyinit.so force revoke
session    include      system-auth
session    include      postlogin
-session   optional     pam_ck_connector.so

#Oracle Install Parameter  //添加下面Oracle安装参数
session    required     pam_limits.so
session    required     /lib64/security/pam_limits.so

(4)配置资源限制参数

[root@oracleserver ~]# vim /etc/profile
# /etc/profile
# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
# It‘s NOT a good idea to change this file unless you know what you
# are doing. It‘s much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.

pathmunge () {
    case ":${PATH}:" in
        *:"$1":*)
            ;;
        *)
            if [ "$2" = "after" ] ; then
                PATH=$PATH:$1
            else
                PATH=$1:$PATH
            fi
    esac
}

if [ -x /usr/bin/id ]; then
    if [ -z "$EUID" ]; then
        # ksh workaround
        EUID=`/usr/bin/id -u`
        UID=`/usr/bin/id -ru`
    fi
    USER="`/usr/bin/id -un`"
    LOGNAME=$USER
    MAIL="/var/spool/mail/$USER"
fi

# Path manipulation
if [ "$EUID" = "0" ]; then
    pathmunge /usr/sbin
    pathmunge /usr/local/sbin
else
    pathmunge /usr/local/sbin after
    pathmunge /usr/sbin after
fi

HOSTNAME=`/usr/bin/hostname 2>/dev/null`
HISTSIZE=1000
if [ "$HISTCONTROL" = "ignorespace" ] ; then
    export HISTCONTROL=ignoreboth
else
    export HISTCONTROL=ignoredups
fi

export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL
# By default, we want umask to get set. This sets it for login shell
# Current threshold for system reserved uid/gids is 200
# You could check uidgid reservation validity in
# /usr/share/doc/setup-*/uidgid file
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
    umask 002
else
    umask 022
fi

for i in /etc/profile.d/*.sh /etc/profile.d/sh.local ; do
    if [ -r "$i" ]; then
        if [ "${-#*i}" != "$-" ]; then 
            . "$i"
        else
            . "$i" >/dev/null
        fi
    fi
done

unset i
unset -f pathmunge

#Oracle Install Parameter  //添加下面Oracle安装参数
if [ $USER = "oracle" ]; then
 if [ $SHELL = "/bin/ksh" ]; then
  ulimit -p 16384
  ulimit -n 65536
else
  ulimit -u 16384 -n 65536
 fi
fi

[root@oracleserver ~]# source /etc/profile   //使参数配置生效

 

[root@oracleserver ~]# cat /etc/security/limits.conf
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
#It does not affect resource limits of the system services.
#
#Also note that configuration files in /etc/security/limits.d directory,
#which are read in alphabetical order, override the settings in this
#file in case the domain is the same or more specific.
#That means for example that setting a limit for wildcard domain here
#can be overriden with a wildcard setting in a config file in the
#subdirectory, but a user specific setting here can be overriden only
#with a user specific setting in the subdirectory.
#
#Each line describes a limit for a user in the form:
#
#<domain>        <type>  <item>  <value>
#
#Where:
#<domain> can be:
#        - a user name
#        - a group name, with @group syntax
#        - the wildcard *, for default entry
#        - the wildcard %, can be also used with %group syntax,
#                 for maxlogin limit
#
#<type> can have the two values:
#        - "soft" for enforcing the soft limits
#        - "hard" for enforcing hard limits
#
#<item> can be one of the following:
#        - core - limits the core file size (KB)
#        - data - max data size (KB)
#        - fsize - maximum filesize (KB)
#        - memlock - max locked-in-memory address space (KB)
#        - nofile - max number of open file descriptors
#        - rss - max resident set size (KB)
#        - stack - max stack size (KB)
#        - cpu - max CPU time (MIN)
#        - nproc - max number of processes
#        - as - address space limit (KB)
#        - maxlogins - max number of logins for this user
#        - maxsyslogins - max number of logins on the system
#        - priority - the priority to run user process with
#        - locks - max number of file locks the user can hold
#        - sigpending - max number of pending signals
#        - msgqueue - max memory used by POSIX message queues (bytes)
#        - nice - max nice priority allowed to raise to values: [-20, 19]
#        - rtprio - max realtime priority
#
#<domain>      <type>  <item>         <value>
#

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4

#Oracle Install Parameter  //添加下面Oracle安装参数
oracle  soft  nproc 2047
oracle  hard  nproc 16384
oracle  soft  nofile  1024
oracle  hard  nofile  65536

# End of file

 

 

 

CENTOS 7.5【部署安装ORACLE.11G数据库】

标签:pid   could   产品   pos   esc   head   targe   base   问控制   

人气教程排行