Original hard, declined reprint!
Virtual Machine Description
This virtual machine is built to verify that the ASP. NET Core program can run on the CentOS operating system.
#软件环境版本枚举
os:centos Linux release 7.2.1511 (Core)
OS kernel:linux version 3.10.0-327.36.3.el7.x86_64 ([email protected]) (GCC version 4.8.5 20150623 (Red Hat 4.8.5-4) ( GCC)) #1 SMP Mon Oct 16:09:20 UTC
nginx:1.10.2
dotnet:1.0.0-preview2-003121
git:1.8.3.1
This virtual machine setup step (full use of root account, can be added sudo before the command)
#更新操作系统 to get the latest update component pack
1.yum update-y
#安装微软提供的支持asp. NET core's operating environment
2.yum Install dotnet-y
#安装Web服务器 (use Nginx as a back-up proxy server, publish Web services)
3.yum Install nginx-y
#安装Git工具, to download an open source ASP. NET core test run project. This project was developed using the MVC 3 framework
4.yum Install git-y
#安装SeLinux鉴权策略辅助工具, used to assist in the security-limiting mechanism of the Linux kernel (which can be modified manually, but too high in complexity and risk) to break the nginx fixed-to-local port. Because it involves the Linux kernel, it is not recommended to manually modify the online data, except for the big God! )
5.yum Install policycoreutils-python-y
#配置Nginx返向代理
6.gedit/etc/nginx/nginx.conf
#成功运行配置文件配置内容如下:
worker_processes 1;
#工作进程的个数, you can configure multiple
Events {
worker_connections; #单个进程最大连接数 (maximum number of connections = number of connections * Number of processes)
}
http {
include mime.types; #设定配置文件位置, the Conf here refers to the directory where the nginx.conf is located, or you can specify a configuration file elsewhere with an absolute path
Default_type Application/octet-stream; #默认类型-8 binary file streams
sendfile on; #是否激活sendfile () function, which is more efficient than the default mode
Tcp_nopush on; #将HTTP响应头压缩到一个包中发送, use only when Sendfile is turned on
#连接超时时间
Keepalive_timeout 65;
gzip on; #启用Gzip压缩
#设定虚拟主机, the default is to listen on port 80
Server
{
Listen;
Location /{
Proxy_pass http://localhost:5000;
Proxy_http_version 1.1;
proxy_set_header Upgrade $http _upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http _upgrade;
proxy_set_header x-real-ip $remote _addr;
}
}
}
#下载asp. NET Core Run Project
7.git Clone Https://github.com/geffzhang/MusicStore.git
#装载项目运行时需要的动态资源. The current path must be located to the root directory of the downloaded project file.
8.dotnet Restore
#更新装载的最新资源信息, match the ASP. NET core project to enforce version dependency, and have the project associated with the latest download resources
9.dotnet Pack
#编译项目源代码生成项目dll文件以及其它项目依赖性资源. The current path must be located in the Bin folder sibling root directory.
10.dotnet Build
#生成发布项目文件. Can be understood to generate release version files. After performing the above steps, can be directly run, but the above step generated DLL connotation debug information, will affect the actual operation of the project response efficiency. The current path must be located in the Bin folder sibling root directory.
10.dotnet Publish
#运行外宿主项目. After a successful run, the Dotnet host provides an internally accessible address (http://localhost:5000) that defaults to Port 5000. The current path must be located in the Bin folder sibling root directory.
11.dotnet Run
#构建基于修改SeLinux内核的授权变更脚本. Build custom kernel authorization scripts written in Pyhton language based on the current machine's corresponding kernel version number, which is basically non-portable. There are exceptions.
12.sudo cat/var/log/audit/audit.log |grep nginx |grep denied |audit2allow-m Mynginx
#执行授权脚步. If you do not follow the footsteps, the access to the Nginx address will be reported 502 Bad Gateway error. Does not appear after execution.
13.semodule-i mynginx.pp
#启动Nginx服务
14.service nginx Start
#添加5000端口到系统防火墙的白名单中. You can not turn on port 5000, so you can block out direct access to the network. However, the commissioning phase is recommended to open
15.iptables-i input-p tcp--dport 5000-j ACCEPT
#添加80端口到系统防火墙的白名单中
16.iptables-i input-p tcp--dport 80-j ACCEPT
#保存防火墙配置
17.iptables Save
#重启防火墙服务 to make the whitelist port appended above take effect. Do not restart port may access is actively rejected
18.service iptables Restart
#访问Nginx完整URL地址. The final address the extranet can access.
19.http://192.168.1.12:80#--------(tech-worm) 2016-11-30
CentOs 7.2 + Nginx 1.10.2 + musicstore (ASP. NET Core MVC 3 Project) virtual machine complete build process sharing