如上图所示,报了权限错误。
是将/var/run/docker.sock的权限设置为666,如下图所示:
先查看原来的docker用户组的情况:
cat /etc/group | grep docker
应该会如下图所示:
然后使用以下指令将需要权限的用户($USER为当前登录的用户,如果是gitlab-runner执行则要替换成gitlab-runner用户)加入到docker组:
sudo gpasswd -a $USER docker
执行后再次使用cat命令查看情况,正常来说会如下图所示:
然后使用 service docker restart 命令重启docker即可。
能运行在JDK8和MySQL环境下的最高sonarqube版本是7.8,版本在7.9以上的都要安装jdk11和PostgreSQL了。
到https://www.sonarqube.org/downloads/网站下载历史版本7.8的zip压缩包,
打开sonar目录的/conf/sonar.properties文件,找到并配置:
# User credentials. # Permissions to create tables, indices and triggers must be granted to JDBC user. # The schema must be created first. sonar.jdbc.username= sonar.jdbc.password= #----- Embedded Database (default) # H2 embedded database server listening port, defaults to 9092 #sonar.embeddedDatabase.port=9092 #----- DEPRECATED #----- MySQL >=5.6 && <8.0 # Support of MySQL is dropped in Data Center Editions and deprecated in all other editions # Only InnoDB storage engine is supported (not myISAM). # Only the bundled driver is supported. It can not be changed. sonar.jdbc.url=jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false
请在启动前提前创建好对应的数据库。
# 创建用户 useradd sonar # 配置密码 passwd sonar # 将目录权限给予该用户 chown -R sonar:sonar /home/sonarqube-7.8
编辑sonar安装目录的/bin/linux-x86-64/sonar.sh文件,修改用户为sonar
# If specified, the Wrapper will be run as the specified user. # IMPORTANT - Make sure that the user has the required privileges to write # the PID file and wrapper.log files. Failure to be able to write the log # file will cause the Wrapper to exit without any way to write out an error # message. # NOTE - This will set the user which is used to run the Wrapper as well as # the JVM and is not useful in situations where a privileged resource or # port needs to be allocated prior to the user being changed. RUN_AS_USER=sonar
直接执行 /home/sonarqube-7.8/bin/linux-x86-64/sonar.sh console 就可以启动 Sonarqube ,并且直观的看到启动日志,建议调试期间使用该命令启动。
等调试结束,启动完全没问题了,就可以使用 ./sonar.sh console & 来实现后台运行,或者直接 ./sonar.sh start 来快速启动。
Sonarqube 的日志目录位于 /home/sonarqube-7.8/log/ 目录,分别有:
在配置 Sonarqube 时,集中关注 es.log 和 web.log 即可。
访问中文插件的网址并查看对应sonar版本的中文插件版本:https://github.com/xuhuisheng/sonar-l10n-zh
对应sonar7.8的是这个链接:https://github.com/xuhuisheng/sonar-l10n-zh/releases/tag/sonar-l10n-zh-plugin-1.28
下载对应的jar文件:
然后将jar包上传到自己sonar项目安装的extensions/plugins/下,并重启sonarqube即可。
sonar的默认端口是9000,默认账号和密码是admin。
新建 /etc/yum.repos.d/gitlab-ce.repo,内容为:
[gitlab-ce] name=Gitlab CE Repository baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/ gpgcheck=0 enabled=1
其实这步可选,不设置的话,默认用国外源的话会非常慢。
sudo yum makecache sudo yum install gitlab-ce
先运行配置命令:
gitlab-ctl reconfigure
然后运行相关的启动命令:
gitlab-ctl start gitlab-ctl restart gitlab-ctl stop
默认端口是8088
runner我们选择装直接装在宿主机上,不推荐装在docker里
打开web面板的help页面即可看到。
# 添加正式的GitLab存储库 curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh" | sudo bash # 查询GitLab版本号列表 yum list gitlab-runner --showduplicates | sort -r
# 安装特定版本的GitLab Runner(镜像在国外需要梯子或者切换阿里的镜像) yum install gitlab-runner-14.5.1-1
注意:如果跟gitlab的版本差异太大,则可能存在未知异常。
gitlab-runner start 启动gitlab-runner gitlab-runner stop 关闭gitlab-runner gitlab-runner restart 重启gitlab-runner gitlab-runner status 查看gitlab-runner状态,当服务正在运行时,退出代码为零,而当服务未运行时,退出代码为非零。
gitlab-runner register
相关注册解释:
gitlab-runner register #默认交互模式下使用,非交互模式天机--non-interactice gitlab-runner list #命令列出保存在配置文件中的所有运行程序 gitlab-runner verify #检查注册runner十分是否可以连接,但不验证gitlab服务是否正在使用runner.--delete删除 gitlab-runner unregister #该命令使用gitlablab取消以及已注册的runner #使用令牌注销 gitlab-runner unregister--url http://gitlab.example.com/--tokentok3n #使用名称注销(同名删除一个) gtlab-runner unregister --name test-runner #注销所有 gitlab-runner unregister --all-runners
提示:此作业已阻塞,因为该项目没有分配任何可用Runner。
解决方法一:在.gitlab-ci.yml中补充对应的runner-tag的名称
解决方法二:设置runner可执行没有标签的作业:
到gitlab官网查看最佳升级路径:
https://docs.gitlab.com/ee/update/index.html#upgrade-paths
https://docs.gitlab.com/ee/update/index.html#upgrade-paths
yum install gitlab-ce-<version>
废话不多说,直接上代码:
package com.isuidian.util;
import java.io.IOException;
import java.security.*;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class WechatStaticUtil {
private static final int KEY_LENGTH_BYTE = 32;
private static final int TAG_LENGTH_BIT = 128;
public static String decryptToString(byte[] apiV3Key, byte[] associatedData, byte[] nonce, String ciphertext) throws GeneralSecurityException, IOException {
if (apiV3Key.length != KEY_LENGTH_BYTE) {
throw new IllegalArgumentException("无效的ApiV3Key,长度必须为32个字节");
}
try {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
SecretKeySpec key = new SecretKeySpec(apiV3Key, "AES");
GCMParameterSpec spec = new GCMParameterSpec(TAG_LENGTH_BIT, nonce);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
cipher.updateAAD(associatedData);
return new String(cipher.doFinal(Base64.getDecoder().decode(ciphertext)), "utf-8");
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
throw new IllegalStateException(e);
} catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
throw new IllegalArgumentException(e);
}
}
}
查了网络资料,大概原因就是:springboot版本跟okhttp的jar包冲突,因此提示调用的方法没有。
解决方法:
方法一:(已验证)
指定kotlib-stdlib的版本,在pom中加入如下依赖:
<!-- https://mvnrepository.com/artifact/org.jetbrains.kotlin/kotlin-stdlib -->
<dependency>
<groupId>org.jetbrains.kotlin</groupId>
<artifactId>kotlin-stdlib</artifactId>
<version>1.3.70</version>
</dependency>
方法二:(未验证)
把okhttp3的4.x版本改成3.x版本:
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>3.14.8</version>
</dependency>
今天在调用获取微信支付平台证书V3接口时,需要对其内容进行解密。根据官方的demo如下:
static final int KEY_LENGTH_BYTE = 32;
static final int TAG_LENGTH_BIT = 128;
public String decryptToString(byte[] apiV3Key, byte[] associatedData, byte[] nonce, String ciphertext) throws GeneralSecurityException, IOException {
if (apiV3Key.length != KEY_LENGTH_BYTE) {
throw new IllegalArgumentException("无效的ApiV3Key,长度必须为32个字节");
}
try {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
SecretKeySpec key = new SecretKeySpec(apiV3Key, "AES");
GCMParameterSpec spec = new GCMParameterSpec(TAG_LENGTH_BIT, nonce);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
cipher.updateAAD(associatedData);
return new String(cipher.doFinal(Base64.getDecoder().decode(ciphertext)), "utf-8");
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
throw new IllegalStateException(e);
} catch (InvalidKeyException | InvalidAlgorithmParameterException e) {
throw new IllegalArgumentException(e);
}
}
发现执行到 cipher.init(Cipher.DECRYPT_MODE, key, spec); 的时候报 java.security.InvalidKeyException: Illegal key size 错误。
经过资料查阅,得出原因如下:
JDK受版本安全限制,默认只允许128位长度以内的。秘钥长度,如果密钥大于128, 会抛出java.security.InvalidKeyException: Illegal key size 异常. java运行时环境默认读到的是受限的policy文件. 文件位于${java_home}/jre/lib/security, 这种限制是因为美国对软件出口的控制所造成的的.JDK1.8之后已经兼容了该问题。
解决方案:
方法一:升级不受限制JDK版本
升级JDK9级以上版本,未测试
方法二:替换JDK受限文件级配置
JDK7的下载地址: Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download
JDK8的下载地址: JCE Unlimited Strength Jurisdiction Policy Files for JDK/JRE 8 Download
下载后解压,可以看到local_policy.jar和US_export_policy.jar以及readme.txt
如果安装了JRE,将两个jar文件放到%JRE_HOME%\lib\security目录下覆盖原来的文件
如果安装了JDK,还要将两个jar文件也放到%JDK_HOME%\jre\lib\security目录下覆盖原来文件
方法三:JDK1.8 代码策略修改
JDK1.8 已经支持不受限的jar,但配置默认是受限的
修改代码配置,在加密之前,修改不受限配置.
WXBizMsgCrypt wxcpt = createWXBizMsgCrypt(suiteId, getCorpId(postData), false);
Security.setProperty("crypto.policy", "unlimited");
sMsg = wxcpt.decryptMsg(msgSignature, timestamp, nonce, postData);
在windows下正常,但是在linux中报了这个错:
2022-10-15T00:10:14,835 ERROR [http-nio-9969-exec-97] org.springframework.boot.web.servlet.support.E rrorPageFilter: Forwarding to error page from request [/api/v2/auth/loginByWechatInMp] due to except ion [org/bouncycastle/jcajce/PKCS12Key]
java.lang.NoClassDefFoundError: org/bouncycastle/jcajce/PKCS12Key
at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineInit(Unknown Source )
at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineInit(Unknown Source )
at javax.crypto.Cipher.init(Cipher.java:1536)
at javax.crypto.Cipher.init(Cipher.java:1469)
at com.zero4j.controller.api.v2.AuthControllerV2.wechatDecrypt(AuthControllerV2.java:1166)
at com.zero4j.controller.api.v2.AuthControllerV2.loginByWechatInMp(AuthControllerV2.java:422 )
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMe thod.java:189)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableH andlerMethod.java:138)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invok eAndHandle(ServletInvocableHandlerMethod.java:102)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invoke HandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handle Internal(RequestMappingHandlerAdapter.java:800)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHa ndlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:100 5)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:661)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.orm.hibernate5.support.OpenSessionInViewFilter.doFilterInternal(OpenS essionInViewFilter.java:151)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter .java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java: 92)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFi lter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.jav a:130)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.j ava:66)
at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPage Filter.java:105)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.jav a:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncoding Filter.java:200)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:10 7)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:679)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
1.查看/etc/profile下JAVA_HOME配置路径,
如果不存在,使用whereis java命令你会看到java: /usr/bin/java /etc/java /usr/lib/java /usr/share/java
打开java.conf,找到JAVA_HOME路径
2.将bcprov-jdkxxx.jar放入JAVA_HOME/jre/lib/ext下
3.打开JAVA_HOME/jre/lib/security下的java.security文件,在下面加上
security.provider.x=org.bouncycastle.jce.provider.BouncyCastleProvider
4.重启服务即可
附带maven仓库的地址:https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15to18/
<!-- 引入log4j2依赖 --> <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-simple</artifactId> <version>1.7.25</version> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-api</artifactId> <version>2.18.0</version> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId> <version>2.18.0</version> </dependency> <!--<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-log4j2</artifactId> </dependency>-->
<?xml version="1.0" encoding="UTF-8"?>
<!--日志级别以及优先级排序: OFF > FATAL > ERROR > WARN > INFO > DEBUG > TRACE > ALL -->
<!--Configuration后面的status,这个用于设置log4j2自身内部的信息输出,可以不设置,当设置成trace时,你会看到log4j2内部各种详细输出-->
<!--monitorInterval:Log4j能够自动检测修改配置 文件和重新配置本身,设置间隔秒数-->
<configuration monitorInterval="10">
<!--先定义所有的appender-->
<appenders>
<!--*********************控制台日志***********************-->
<console name="Console" target="SYSTEM_OUT">
<!--输出日志的格式-->
<!--<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>-->
<!--设置日志格式及颜色-->
<PatternLayout
pattern="%style{%d{ISO8601}}{bright,green} %highlight{%-5level} [%style{%t}{bright,blue}] %style{%C{}}{bright,yellow}: %msg%n%style{%throwable}{red}"
disableAnsi="false" noConsoleNoAnsi="false"/>
</console>
<!--文件会打印出所有信息,这个log每次运行程序会自动清空,由append属性决定,这个也挺有用的,适合临时测试用-->
<!--<File name="log" fileName="log/test.log" append="false">
<PatternLayout pattern="%d{HH:mm:ss.SSS} %-5level %class{36} %L %M - %msg%xEx%n"/>
</File>-->
<!--*********************文件日志***********************-->
<!--all级别日志-->
<RollingFile name="RollingFileAll"
fileName="./logs/all.log"
filePattern="./logs/$${date:yyyy-MM}/info-%d{yyyy-MM-dd}-%i.log">
<!--设置日志格式-->
<PatternLayout>
<pattern>%d %p %C{} [%t] %m%n</pattern>
</PatternLayout>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!--设置日志的文件个数上限,不设置默认为7个,超过大小后会被覆盖;依赖于filePattern中的%i-->
<DefaultRolloverStrategy max="100"/>
</RollingFile>
<!-- debug,每次大小超过size,则这size大小的日志会自动存入按年份-月份建立的文件夹下面并进行压缩,作为存档-->
<RollingFile name="RollingFileDebug"
fileName="./logs/debug.log"
filePattern="./logs/$${date:yyyy-MM}/info-%d{yyyy-MM-dd}-%i.log">
<!--只记录debug及以上级别的日志-->
<ThresholdFilter level="debug" onMatch="ACCEPT" onMismatch="DENY"/>
<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!-- DefaultRolloverStrategy属性如不设置,则默认为最多同一文件夹下7个文件,这里设置了20 -->
<DefaultRolloverStrategy max="20"/>
</RollingFile>
<!-- 这个会打印出所有的info及以下级别的信息,每次大小超过size,则这size大小的日志会自动存入按年份-月份建立的文件夹下面并进行压缩,作为存档-->
<RollingFile name="RollingFileInfo"
fileName="./logs/info.log"
filePattern="./logs/$${date:yyyy-MM}/info-%d{yyyy-MM-dd}-%i.log">
<!--只记录info及以上级别的日志-->
<ThresholdFilter level="info" onMatch="ACCEPT" onMismatch="DENY"/>
<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!-- DefaultRolloverStrategy属性如不设置,则默认为最多同一文件夹下7个文件,这里设置了20 -->
<DefaultRolloverStrategy max="20"/>
</RollingFile>
<RollingFile name="RollingFileWarn"
fileName="./logs/warn.log"
filePattern="./logs/$${date:yyyy-MM}/warn-%d{yyyy-MM-dd}-%i.log">
<!--只记录warn及以上级别的日志-->
<ThresholdFilter level="warn" onMatch="ACCEPT" onMismatch="DENY"/>
<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!-- DefaultRolloverStrategy属性如不设置,则默认为最多同一文件夹下7个文件,这里设置了20 -->
<DefaultRolloverStrategy max="20"/>
</RollingFile>
<RollingFile name="RollingFileError"
fileName="./logs/error.log"
filePattern="./logs/$${date:yyyy-MM}/error-%d{yyyy-MM-dd}-%i.log">
<!--只记录error及以上级别的日志-->
<ThresholdFilter level="ERROR" onMatch="ACCEPT" onMismatch="DENY"/>
<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!-- DefaultRolloverStrategy属性如不设置,则默认为最多同一文件夹下7个文件,这里设置了20 -->
<DefaultRolloverStrategy max="20"/>
</RollingFile>
<!-- sql输出文件 -->
<RollingFile name="SQL"
fileName="./logs/sql.log"
filePattern="./logs/$${date:yyyy-MM}/sql-%d{yyyy-MM-dd}-%i.log">
<!--<ThresholdFilter level="debug" onMatch="ACCEPT" onMismatch="DENY"/>-->
<PatternLayout pattern="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
<Policies>
<!-- 设置日志文件切分参数 -->
<!--<OnStartupTriggeringPolicy/>-->
<!--设置日志基础文件大小,超过该大小就触发日志文件滚动更新-->
<SizeBasedTriggeringPolicy size="100 MB"/>
<!--设置日志文件滚动更新的时间,依赖于文件命名filePattern的设置-->
<TimeBasedTriggeringPolicy/>
</Policies>
<!-- DefaultRolloverStrategy属性如不设置,则默认为最多同一文件夹下7个文件,这里设置了20 -->
<DefaultRolloverStrategy max="20"/>
</RollingFile>
</appenders>
<!--然后定义logger,只有定义了logger并引入的appender,appender才会生效-->
<loggers>
<!-- 根日志设置 -->
<root level="all">
<appender-ref ref="RollingFileAll" level="all"/>
<appender-ref ref="Console" level="debug"/>
<appender-ref ref="RollingFileDebug" level="debug"/>
<appender-ref ref="RollingFileInfo" level="info"/>
<appender-ref ref="RollingFileWarn" level="warn"/>
<appender-ref ref="RollingFileError" level="error"/>
</root>
<!--只记录spring的info及以上级别的日志-->
<logger name="org.springframework" level="WARN"/>
<!--只记录hibernate的info及以上级别的日志-->
<logger name="org.hibernate" level="WARN">
<!-- 添加如下设置,控制台会再打印一次 -->
<!-- <AppenderRef ref="Console"/> -->
</logger>
<!-- <logger name="com.zero4j" level="DEBUG" additivity="false">
<appender-ref ref="Console"/>
</logger>-->
</loggers>
</configuration>
public final static Logger logger = LogManager.getLogger(MerchantDailySettlementQuartz.class.getName());
log.debug("debug:执行生成商户日结算单定时器");
log.info("info:执行生成商户日结算单定时器");
log.warn("warn:执行生成商户日结算单定时器");
1. 下载Puttygen.exe:
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
2. 双击启动Puttygen.exe
3. 载入私钥(点击左上角的“文件-载入私钥”):
4. 提示导入成功后,点击“保存私钥”即可:
传到阿里云ECS的任意一个地方,执行以下指令获得公钥并自动添加到/root/.ssh/authorized_keys中:
ssh-keygen -y -f /私钥的绝对路径/私钥名称 >>/root/.ssh/authorized_keys
如果报权限不足,则需要先执行:
chmod 400 /私钥的绝对路径/私钥名称
若有多个用户,则执行多次ssh-keygen指令即可追加到/root/.ssh/authorized_keys中
找到配置文件/etc/ssh/sshd_config,修改PasswordAuthentication属性为no后执行service sshd restart命令即可生效,配置如下图:
但是要注意,禁止密码登录后,如果密钥无法登录,后期只能挂在liveCD盘(类似于PE取消关于密码的设置)