下载最新版本包
点击此处下载
最新的资源包上传到服务区
执行安装
- 停止已有的服务,备份现有nacos包(可忽略)
-
解压nacos-server-2.2.2.tar.gz到对应目录,修改配置文件
application.properties
nacos默认使用derby做持久化,或者想使用mysql做持久化,根据下面配置文件修改对应位置,注意:
db.user.0和db.passowrd.0和nacos登陆界面用户名和密码要保持一致,否则会启动失败
#spring.datasource.platform=mysql
spring.sql.init.platform=mysql
### Count of DB:
db.num=1
### Connect URL of DB:
db.url.0=jdbc:mysql://127.0.0.1:3306/nacos_config?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC
db.user.0=root
db.password.0=your password
自2.2.2版本以后,修复了权限漏洞的安全补丁,需要配置nacos.core.auth.plugin.nacos.token.secret.key,默认是没有的,需要自己手动加,32-64个字节,其中identity.key和identity.value为自定义字符串,identity.value需为最低32为字符切实base64的
#*************** Access Control Related Configurations ***************#
### If enable spring security, this option is deprecated in 1.2.0:
#spring.security.enabled=false
### The ignore urls of auth
nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-ui/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**
### The auth system to use, currently only 'nacos' and 'ldap' is supported:
nacos.core.auth.system.type=nacos
### If turn on auth system:
nacos.core.auth.enabled=true
### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay.
nacos.core.auth.caching.enabled=true
### Since 1.4.1, Turn on/off white auth for user-agent: nacos-server, only for upgrade from old version.
nacos.core.auth.enable.userAgentAuthWhite=false
### Since 1.4.1, worked when nacos.core.auth.enabled=true and nacos.core.auth.enable.userAgentAuthWhite=false.
### The two properties is the white list for auth and used by identity the request from other server.
nacos.core.auth.server.identity.key=xgsens(自定义)
nacos.core.auth.server.identity.value=xgsens(自定义)
### worked when nacos.core.auth.system.type=nacos
### The token expiration in seconds:
nacos.core.auth.plugin.nacos.token.cache.enable=false
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
### The default token (Base64 String):
nacos.core.auth.plugin.nacos.token.secret.key=eGd5em5zbmFjb3N5frh6Bf68dY29zbmF
- 修改启动项startup.sh,MODE改为standalone单利模式启动
export SERVER="nacos-server"
export MODE="standalone"
export FUNCTION_MODE="all"
export MEMBER_LIST=""
export EMBEDDED_STORAGE=""
while getopts ":m:f:s:c:p:" opt
#===========================================================================================
# JVM Configuration
#===========================================================================================
if [[ "${MODE}" == "standalone" ]]; then
JAVA_OPT="${JAVA_OPT} -Xms8192m -Xmx8192m -Xmn4096m"
JAVA_OPT="${JAVA_OPT} -Dnacos.standalone=true"
else
if [[ "${EMBEDDED_STORAGE}" == "embedded" ]]; then
JAVA_OPT="${JAVA_OPT} -DembeddedStorage=true"
fi
JAVA_OPT="${JAVA_OPT} -server -Xms2g -Xmx2g -Xmn1g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m"
JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=${BASE_DIR}/logs/java_heapdump.hprof"
JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages"
fi
4.启动服务
5.相关问题说明
报类似错:Unknown column ‘encrypted_data_key‘ in ‘field list
看提示是数据表缺少encrypted_data_key字段,那就手动为据表添加该字段为保证用户敏感配置数据的安全,Nacos 提供了配置加密的新特性。降低了用户使用的风险,也不需要再对配置进行单独的加密处理。
数据库表 config_info、config_info_beta、his_config_info中需要新增字段 encrypted_data_key ,用来存储每一个配置项加密使用的秘钥。新版本的默认创建表的sql中已经添加该字段。
ALTER TABLE config_info ADD COLUMN `encrypted_data_key` text NOT NULL COMMENT '秘钥';
ALTER TABLE his_config_info ADD COLUMN `encrypted_data_key` text NOT NULL COMMENT '秘钥';
ALTER TABLE config_info_beta ADD COLUMN `encrypted_data_key` text NOT NULL COMMENT '秘钥';
报类似错:Error creating bean with name ‘authFilterRegistration‘ defined in class path resource
解决方法:启动按单机模式启动即可
sh startup.sh -m standalone