1. 关闭防火墙
[[email protected] ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2018-06-14 10:11:07 CST; 2s ago
Main PID: 7812 (firewalld)
CGroup: /system.slice/firewalld.service
└─7812 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --destination 192.168.12...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --source 192.168.122.0/2...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --out-interface virbr0 -... that name.
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --... that name.
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete OUTPUT --out-interface virbr0 --...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Thu 2018-06-14 10:11:24 CST; 2s ago
Process: 7812 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 7812 (code=exited, status=0/SUCCESS)
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --out-interface virbr0 -... that name.
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete FORWARD --in-interface virbr0 --... that name.
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete OUTPUT --out-interface virbr0 --...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:08 localhost.localdomain firewalld[7812]: 2018-06-14 10:11:08 ERROR: COMMAND_FAILED: '/sbin/iptables -w2 -w --table filter --delete INPUT --in-interface virbr0 --pr...at chain?).
Jun 14 10:11:22 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
Jun 14 10:11:24 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
2. 关闭selinux
[[email protected] ~]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enabled ----------修改为disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
3. 配置yum源安装所需软件包:
[[email protected] /]# mkdir linux
[[email protected] /]# mount /dev/sr0 /linux
vi /etc/yum.repos.d/rhel-source.repo
添加:
[redhat]
name=rhel
baseurl=file:///linux
enabled=1
gpgcheck=0
[[email protected] /]# yum clean all
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Cleaning repos: redhat
Cleaning up everything
[[email protected] /]# yum -y install binutils libaio-devel compat-libcap1 gcc gcc-c++ glibcglibc.i686 glibc-devel glibc.i686 ksh libaio libaio.i686 libaio-devellibaio-devel.i686 libgcc libgcc.i686 libstdc++ libstdc++-devellibstdc++-devel.i686 compat-libstdc++-33 compat-libstdc++-33.i686 libXilibXi.i686 libXtst libXtst.i686 make sysstat unixODBC unixODBC-devel xterm
[[email protected] soft]# rpm -ivh pdksh-5.2.14-37.el5.x86_64.rpm --nodeps
warning: pdksh-5.2.14-37.el5.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 37017186: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:pdksh-5.2.14-37.el5 ################################# [100%]
[[email protected] rpm]# rpm -ivh cvuqdisk-1.0.10-1.rpm
Preparing... ################################# [100%]
Using default group oinstall to install package
Updating / installing...
1:cvuqdisk-1.0.10-1 ################################# [100%]
4. 创建用户及文件目录:
groupadd oinstall
groupadd dba
groupadd oper
useradd -g oinstall -G dba,oper oracle
echo '123456' | passwd --stdin oracle
mkdir -p /oracle/app/oracle/product/12.2.0/db_1
mkdir -p /oracle/app/oraInventory
chown -R oracle:oinstall /oracle/
chmod -R 775 /oracle
5. 设置环境变量
oracle用户环境变量.bash_profile文件添加:
ORACLE_BASE=/oracle/app/oracle
ORACLE_HOME=$ORACLE_BASE/product/12.2.0/db_1
ORACLE_SID=chy
PATH=$PATH:$HOME/bin:$ORACLE_HOME/bin
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/usr/lib
export ORACLE_BASE ORACLE_HOME ORACLE_SID PATHLD_LIBRARY_PATH
6. 配置操作系统参数:
系统内核参数:
[[email protected] /]# cp /etc/sysctl.conf /etc/sysctl.conf.bak
[[email protected] /]# cat >> /etc/sysctl.conf << EOF
> fs.aio-max-nr = 1048576
> fs.file-max = 6815744
> kernel.shmmax = 1979877376
> kernel.shmall = 386694
> kernel.shmmni = 4096
> kernel.sem = 250 32000 100 128
> net.ipv4.ip_local_port_range = 9000 65500
> net.core.rmem_default = 262144
> net.core.rmem_max = 4194304
> net.core.wmem_default = 262144
> net.core.wmem_max = 1048576
> kernel.panic_on_oops = 1
> EOF
[[email protected] /]#
[[email protected] /]#
[[email protected] /]#
[[email protected] /]#
[[email protected] /]#
[[email protected] /]#
[[email protected] /]# sysctl -p
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.shmmax = 1979877376 --一般设置为内存大小一半字节数
kernel.shmall = 386694
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
kernel.panic_on_oops = 1
7.修改系统限制
vi /etc/security/limits.conf
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
oracle soft stack 10240
oracle hard stack 32768
open files 65536
max user processes 270336
vi /etc/security/limits.d/20-nproc.conf
#第一行普通用户的进程限制注释掉,添加一行
#* soft nproc 4096
* - nproc 16384
vi /etc/pam.d/login
添加:
session required pam_limits.so
session required /lib64/security/pam_limits.so
8. 安装软件:
[[email protected] database]$ export DISPLAY=192.168.1.1:0.0
[[email protected] database]$
[[email protected] database]$
[[email protected] database]$
[[email protected] database]$ ./runInstaller
Starting Oracle Universal Installer...
Checking Temp space: must be greater than 500 MB. Actual 42872 MB Passed
Checking swap space: must be greater than 150 MB. Actual 3967 MB Passed
Checking monitor: must be configured to display at least 256 colors. Actual 16777216 Passed
Preparing to launch Oracle Universal Installer from /tmp/OraInstall2018-06-14_11-21-38AM. Please wait ...[[email protected] database]$ You can find the log of this install session at:
/oracle/app/oraInventory/logs/installActions2018-06-14_11-21-38AM.log
dbca高级方式建多租户库(顺带创建一个cdb)
[[email protected] database]$dbca
Number of pdbs:默认创建PDB个数,当前创建一个pdb。
归档暂不开启。
以下第九步五个标签常用配置前三个,分别为Memory、process size和数据库字符集:
EM可后期配置,当前不选择安装以节省建库时间,归档亦是。
密码:123456
告警为密码复杂度问题,无要求可以跳过