ArcGIS Enterprise 10.7部署详细步骤

基于Vmware虚拟机RedHat Enterprise linux 7.8环境，部署ArcGIS Server，ArcGIS DataStore，Portal For ArcGIS，WebAdaptor。
安装前先参考易智瑞对应的版本和环境要求，附上ArcGIS Server 10.7 系统要求链接：https://enterprise.arcgis.com/zh-cn/system-requirements/10.7/linux/arcgis-server-system-requirements.htm

之前对linux环境接触较少，第一次安装遇到很多问题，同时也搜集和查阅了文章，谢谢互联网分享。也总结下自己安装的基本步骤和需要的知识技能：

1. 查阅易智瑞官网对应软件的安装环境和步骤
2. 基础的linux系统操作
3. 网络基础知识
4. 多练习，记录总结。反正在虚拟机，弄坏了重装嘛 ：）

1 安装前准备

1.1 软件安装包

ArcGIS_Server_Linux_107_167707.tar.gz
ArcGIS_DataStore_Linux_107_167719.tar.gz
Portal_for_ArcGIS_Linux_107_167718.tar.gz
Web_Adaptor_Java_Linux_107_167720.tar.gz
apache-tomcat-9.0.19.tar.gz
jdk-8u261-linux-x64.tar.gz

关于JDK和Tomcat所需版本：https://enterprise.arcgis.com/zh-cn/system-requirements/10.7/linux/arcgis-web-adaptor-system-requirements.htm

利用xftp或共享文件夹的方式将安装包拷贝至虚拟机系统下。

1.2 计算机名，域名，ip

机器名和域名在安装后不可更改，因此一定要确定好，且域名不可以是arcgis.com或者是esri.com，会在后面使用出现莫名其妙的问题，不一定是安装时期出现问题。
有DNS服务器，忽略此条，没有DNS服务器，需要在/etc/hosts添加域名和ip的映射。

查看机器名：

[aaa@qq.com ~]# hostname  
gisblue 

修改机器名：

[aaa@qq.com ~]# vim /etc/hostname

修改hosts文件：

[aaa@qq.com ~]# vim /etc/hosts

最后一行加入内容：

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 
192.168.217.129 gisblue.esrichina.com gisblue

运行hostname和hostname -f 检查机器名

1.3 关闭防火墙

停止防火墙

[aaa@qq.com ~]# systemctl stop firewalld.service

禁止防火墙开机启动

[aaa@qq.com ~]# systemctl disable firewalld.service

查看防火墙状态

[aaa@qq.com ~]# systemctl status firewalld.service

除关闭防火墙外方法外，还可根据端口配置防火墙白名单。

ArcGIS Server端口信息
https://enterprise.arcgis.com/zh-cn/server/10.7/install/windows/ports-used-by-arcgis-server.htm

Portal for ArcGIS端口信息
https://enterprise.arcgis.com/zh-cn/portal/10.7/administer/windows/ports-used-by-portal-for-arcgis.htm

ArcGIS Datastore端口信息
https://enterprise.arcgis.com/zh-cn/portal/10.7/administer/windows/ports-used-by-arcgis-data-store.htm

1.4 创建用户与组

[aaa@qq.com ~]# groupadd esrichina  
[aaa@qq.com ~]# useradd -g esrichina -m arcgis  
[aaa@qq.com ~]# passwd arcgis 

2 安装软件

2.1 解压软件

2.1.1 ArcGIS Enterprise软件部分

[aaa@qq.com software]# tar -zxvf ArcGIS_Server_Linux_107_167707.tar.gz  
[aaa@qq.com software]# tar -zxvf ArcGIS_DataStore_Linux_107_167719.tar.gz  
[aaa@qq.com software]# tar -zxvf Portal_for_ArcGIS_Linux_107_167718.tar.gz  
[aaa@qq.com software]# tar -zxvf Web_Adaptor_Java_Linux_107_167720.tar.gz

运行chown和chmod修改权限和所属用户

[aaa@qq.com software]# chown -R arcgis:esrichina ArcGISServer/  
[aaa@qq.com software]# chmod -R 755 ArcGISServer/  
[aaa@qq.com software]# chown -R arcgis:esrichina ArcGISDataStore_Linux/  
[aaa@qq.com software]# chmod -R 755 ArcGISDataStore_Linux/  
[aaa@qq.com software]# chown -R arcgis:esrichina PortalForArcGIS/  
[aaa@qq.com software]# chmod -R 755 PortalForArcGIS/  
[aaa@qq.com software]# chown -R arcgis:esrichina WebAdaptor/  
[aaa@qq.com software]# chmod -R 755 WebAdaptor/ 

2.1.2 Jdk和tomact软件部分

[aaa@qq.com software]# tar -zxvf jdk-8u261-linux-x64.tar.gz  
[aaa@qq.com software]# tar -zxvf apache-tomcat-9.0.19.tar.gz

重命名：

[aaa@qq.com software]# mv apache-tomcat-9.0.19/ /usr/local/tomcat9
[aaa@qq.com software]# mv jdk1.8.0_261/ /usr/local/jdk8

2.2 安装前配置

2.2.1 ArcGIS Enterprise软件部分

修改limits.conf文件，目的是为了文件句柄和进程的限制：
https://enterprise.arcgis.com/zh-cn/system-requirements/10.7/linux/arcgis-server-system-requirements.htm

编辑/etc/security/limits.conf文件，

[aaa@qq.com software]# vim /etc/security/limits.conf

在文件末尾添加如下内容：

arcgis soft nofile 65535
arcgis hard nofile 65535
arcgis soft nproc 25059
arcgis hard nproc 25059

执行如下命令使其生效：

[aaa@qq.com software]# ulimit -Hn -Hu  
[aaa@qq.com software]# ulimit -Sn -Su  

Tips（可选）:
如需配置时空库，则需要修改vm.swappiness 和 vm.max_map_count的值，以满足时空大数据分析的需要

[aaa@qq.com software]# echo 'vm.max_map_count = 262144' >> /etc/sysctl.conf
[aaa@qq.com software]# echo 'vm.swappiness = 1' >> /etc/sysctl.conf 

运行如下命令使其生效:

[aaa@qq.com software]# /sbin/sysctl -p

2.2.2 JAVA部分—环境变量

编辑/etc/profile

[aaa@qq.com software]# vim /etc/profile

增加如下内容：

JAVA_HOME=/usr/local/jdk8
JRE_HOME=/usr/local/jdk8/jre
CLASS_PATH=.:$JAVA_HOME/lib/tools.jar:$JAVA_HOME/lib/dt.jar:$JRE_HOME/lib
PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH
export JAVA_HOME JRE_HOME CLASS_PATH PATH

运行使其生效：

[aaa@qq.com ~]# source /etc/profile

运行检验：

[aaa@qq.com ~]# java -version

2.2.3 证书以及tomcat的设置

生成证书：

[aaa@qq.com home]# openssl genrsa -out /usr/local/tomcat9/ssl/zsgisblue.key 2048..................................................................................................................+++
....................+++
e is 65537 (0x10001)

[aaa@qq.com home]# openssl req -new -key /usr/local/tomcat9/ssl/zsgisblue.key -out /usr/local/tomcat9/ssl/zsgisblue.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:BeiJing
Locality Name (eg, city) [Default City]:BeiJing
Organization Name (eg, company) [Default Company Ltd]:EsriChina
Organizational Unit Name (eg, section) []:TechSupport
Common Name (eg, your name or your server's hostname) []:192.168.217.129
Email Address []:aaa@qq.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:1234
An optional company name []:esrichina

[aaa@qq.com home]# echo "subjectAltName=DNS:gisblue.esrichina.com" > cert_extensions 

[aaa@qq.com home]# openssl x509 -req -sha256 -in /usr/local/tomcat9/ssl/zsgisblue.csr -signkey /usr/local/tomcat9/ssl/zsgisblue.key -extfile cert_extensions -out /usr/local/tomcat9/ssl/zsgisblue.crt -days 3650
Signature ok
subject=/C=CN/ST=BeiJing/L=EsriChina/O=EsriChina/OU=Esrichina/CN=192.168.217.129/emailAddress=aaa@qq.com
Getting Private key

[aaa@qq.com home]# openssl pkcs12 -inkey /usr/local/tomcat9/ssl/zsgisblue.key -in /usr/local/tomcat9/ssl/zsgisblue.crt -export -out /usr/local/tomcat9/ssl/zsgisblue.pfx 
Enter Export Password:
Verifying - Enter Export Password:

编辑tomcat9/conf/server.xml，启用ssl，将8080端口改为80端口，将8443端口改为443端口。
修改内容如下，操作前先备份server.xml，注意证书路径和对应密码

<?xml version="1.0" encoding="UTF-8"?>
<!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at
      http://www.apache.org/licenses/LICENSE-2.0
  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
-->
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
 -->
<Server port="8005" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="org.apache.catalina.security.SecurityListener" />
  -->
  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
 
  <!-- Global JNDI resources
       Documentation at /docs/jndi-resources-howto.html
  -->
  <GlobalNamingResources>
    <!-- Editable user database that can also be used by
         UserDatabaseRealm to authenticate users
    -->
    <Resource name="UserDatabase" auth="Container"
              type="org.apache.catalina.UserDatabase"
              description="User database that can be updated and saved"
              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
              pathname="conf/tomcat-users.xml" />
  </GlobalNamingResources>
 
  <!-- A "Service" is a collection of one or more "Connectors" that share
       a single "Container" Note:  A "Service" is not itself a "Container",
       so you may not define subcomponents such as "Valves" at this level.
       Documentation at /docs/config/service.html
   -->
  <Service name="Catalina">
 
    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
    <!--
    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
        maxThreads="150" minSpareThreads="4"/>
    -->
 
 
    <!-- A "Connector" represents an endpoint by which requests are received
         and responses are returned. Documentation at :
         Java HTTP Connector: /docs/config/http.html
         Java AJP  Connector: /docs/config/ajp.html
         APR (HTTP/AJP) Connector: /docs/apr.html
         Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
    -->

	<!-- 端口 -->
    <Connector port="80" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="443" />
               
    <!-- A "Connector" using the shared thread pool-->
    <!--
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    -->
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
         This connector uses the NIO implementation. The default
         SSLImplementation will depend on the presence of the APR/native
         library and the useOpenSSL attribute of the
         AprLifecycleListener.
         Either JSSE or OpenSSL style configuration may be used regardless of
         the SSLImplementation selected. JSSE style configuration is used below.
    -->
    
    <!-- 端口 -->
    <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="150" SSLEnabled="true">
        <SSLHostConfig>
            <Certificate certificateKeystoreFile="/usr/local/tomcat9/ssl/zsgisblue.pfx"
                         certificateKeystoreType="PKCS12"
                          certificateKeystorePassword="123456" />
        </SSLHostConfig>
    </Connector>
    
    <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
         This connector uses the APR/native implementation which always uses
         OpenSSL for TLS.
         Either JSSE or OpenSSL style configuration may be used. OpenSSL style
         configuration is used below.
    -->
    <!--
    <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
               maxThreads="150" SSLEnabled="true" >
        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
        <SSLHostConfig>
            <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
                         certificateFile="conf/localhost-rsa-cert.pem"
                         certificateChainFile="conf/localhost-rsa-chain.pem"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>
    -->
 
    <!-- Define an AJP 1.3 Connector on port 8009 -->
 <!--   <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> -->
    <!-- An Engine represents the entry point (within Catalina) that processes
         every request.  The Engine implementation for Tomcat stand alone
         analyzes the HTTP headers included with the request, and passes them
         on to the appropriate Host (virtual host).
         Documentation at /docs/config/engine.html -->
 
    <!-- You should set jvmRoute to support load-balancing via AJP ie :
    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
    -->
    <Engine name="Catalina" defaultHost="localhost">
 
      <!--For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) -->
      <!--
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
      -->
 
      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
           via a brute-force attack -->
      <Realm className="org.apache.catalina.realm.LockOutRealm">
        <!-- This Realm uses the UserDatabase configured in the global JNDI
             resources under the key "UserDatabase".  Any edits
             that are performed against this UserDatabase are immediately
             available for use by the Realm.  -->
        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
               resourceName="UserDatabase"/>
      </Realm>
 
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">
 
        <!-- SingleSignOn valve, share authentication between web applications
             Documentation at: /docs/config/valve.html -->
        <!--
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
        -->
 
        <!-- Access log processes all example.
             Documentation at: /docs/config/valve.html
             Note: The pattern used is equivalent to using pattern="common" -->
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt"
               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
 
      </Host>
    </Engine>
  </Service>
</Server>

启动和验证tomcat，切到tomcat9/bin下执行：

[aaa@qq.com bin]# ./startup.sh
Using CATALINA_BASE:   /usr/local/tomcat9
Using CATALINA_HOME:   /usr/local/tomcat9
Using CATALINA_TMPDIR: /usr/local/tomcat9/temp
Using JRE_HOME:        /usr/local/jdk8
Using CLASSPATH:       /usr/local/tomcat9/bin/bootstrap.jar:/usr/local/tomcat9/bin/tomcat-juli.jar
Tomcat started.

在浏览器中输入虚拟机本机ip或localhost，如http://192.168.217.129/，出现如下则表明成功。
注：手动输入默认为http， https需自行手动加

2.3 正式安装

2.3.1 ArcGIS Server安装

切换到arcgis账户下，并切换到安装包目录下，运行serverdiag脚本诊断当前环境是否满足ArcGIS for Server安装要求。

[aaa@qq.com bin]# su arcgis

切换到安装包目录下，以静默方式安装到默认位置(/home/arcgis/)，

[aaa@qq.com ArcGISServer]$ ./serverdiag/serverdiag

没有检查错误和警告则继续。

离线授权安装：

[aaa@qq.com ArcGISServer]$ ./Setup -m silent -l yes -a /home/arcgis/software/ArcGISServer107.ecp

2.3.2 DataStore安装安装

安装要求检查

[aaa@qq.com ArcGISDataStore_Linux]$ ./datastorediag/datastorediag

静默安装

[aaa@qq.com ArcGISDataStore_Linux]$ ./Setup -m silent -l yes

2.3.3 Portal for ArcGIS安装

安装要求检查

[aaa@qq.com PortalForArcGIS]# ./portaldiag/portaldiag

检查缺少dos2unix包，若注册Redhat，直接运行：

[aaa@qq.com PortalForArcGIS]# yum install dos2unix

未注册用户，使用在此方法，先下载 popt-1.18.tar.gz
然后下载 hd2u-1.0.0.tgz

[aaa@qq.com software]# tar -vzxf popt-1.18.tar.gz  
[aaa@qq.com software]# ./popt-1.18/configure  
[aaa@qq.com software]# make  
[aaa@qq.com software]# make install  
[aaa@qq.com software]# tar -zxf hd2u-1.0.0.tgz  
[aaa@qq.com software]# cd hd2u-1.0.0  
[aaa@qq.com software]# ./configure && make && make install   
[aaa@qq.com software]# whereis dos2unix 
dos2unix: /usr/local/bin/dos2unix

再执行安装

[aaa@qq.com PortalForArcGIS]$ ./Setup -m silent -l yes

2.3.4 WebAdapt安装

[aaa@qq.com WebAdaptor]$ ./Setup -m silent -l yes

安装命令参考

ArcGISServer
https://enterprise.arcgis.com/zh-cn/server/latest/install/linux/silently-install-arcgis-server.htm

Datastore
https://enterprise.arcgis.com/zh-cn/portal/latest/administer/linux/install-data-store.htm

Portal for ArcGIS
https://enterprise.arcgis.com/zh-cn/portal/latest/install/linux/silently-installing-portal-for-arcgis.htm

WebAdapt
https://enterprise.arcgis.com/zh-cn/web-adaptor/latest/install/java-linux/silently-install-arcgis-web-adaptor-server.htm

3 安装后配置

3.1 ArcGIS Server站点创建

在浏览器中输入https://gisblue.esrichina.com:6443/arcgis/manager/，添加证书信任后打开页面

1. 创建新站点
   

2. 主站点管理员账号和密码
   

3. 设置根服务器目录和配置存储
   注意：设置的两个目录保证该账户有足够的权限及存储空间要大一点
   

4. 完成，直至安装成功
   
   

3.2 ArcGIS Data Store配置

在浏览器中输入https://gisblue.esrichina.com:2443/arcgis/datastore/，添加信任后打开页面

1. 添加ArcGIS Server和用户名、密码
   

2. 设置内容目录
   

3. 选择配置关系型、切片缓存型和时空型的Data Store（这里因为是在虚拟机上配置的环境，存储较小，所以不配置时空库），点击下一步。
   

4. 完成
   
   

3.3 Portal for ArcGIS配置

1. 访问https://gisblue.esrichina.com:7443/arcgis/home/，开始配置，CREATE NEW PORTAL
   

2. 选择portal授权文件，从10.7版本开始，portal的授权为json格式
   

3. 设置初设portal 初始管理员账户信息
   

4. 填写相关信息
   

5. 站点内容目录配置
   

6. 确认信息，Create
   

7. ok，完成Portal for Arcgis的配置
   

   接下来页面跳转，提示配置WebAdapter
   

3.4 WebAdapter 配置

3.4.1 拷贝war包至tomcat

root用户下，将webadapter中名为arcgis.war拷贝到tomcat/webapps目录中，并分别命名为arcgis.war和server.war，用于实现对Portal for ArcGIS和ArcGIS for Server的配置。

[aaa@qq.com home]# cp /home/arcgis/webadaptor10.7/java/arcgis.war /usr/local/tomcat9/webapps/arcgis.war  
[aaa@qq.com home]# cp /home/arcgis/webadaptor10.7/java/arcgis.war /usr/local/tomcat9/webapps/server.war

3.4.2 网页端或命令行配置

两种配置方式，选择其一

1. 命令行配置
   切换arcgis用户，在路径/home/arcgis/webadaptor10.7/java/tools下，分别为server和portal配置webadapter

    [aaa@qq.com home]$ cd /home/arcgis/webadaptor10.7/java/tools  
    [aaa@qq.com tools]$ ./configurewebadaptor.sh -m server -w https://gisblue.esrichina.com/server/webadaptor -g https://gisblue.esrichina.com:6443 -u siteadmin -p arcgis -a true
   

   

    [aaa@qq.com tools]$ ./configurewebadaptor.sh -m portal -w https://gisblue.esrichina.com/arcgis/webadaptor -g https://gisblue.esrichina.com:7443 -u portaladmin -p password
   

   

2. 网页端配置

   网页端输入https://gisblue.esrichina.com/server/webadaptor，按照提示进行

完成后本地即可通过webadaptor访问server和portal
Server：https://gisblue.esrichina.com/server/
Portal：https://gisblue.esrichina.com/arcgis/home/

3.5 Server和Portal配置联合托管

1. 登陆Portal for arcgis，进入组织—>设置—>服务器—>添加服务器
   

2. 设置 服务 URL，管理 URL、用户和密码
   

3. 托管服务器选择联合的server，保存完成
   

至此完成配置。

4 软件开机自启动

4.1 ArcGIS Server开机自启

1. 切换至root账户，将 <Server安装目录>/framework/etc/scripts/arcgisserver.service 文件复制到 /etc/systemd/system。 并且 /etc/systemd/system/arcgisserver.service 的文件权限从 700 更改为 600

    [aaa@qq.com home]# cp /home/arcgis/server/framework/etc/scripts/arcgisserver.service /etc/systemd/system 
    [aaa@qq.com home]# chmod 600 /etc/systemd/system/arcgisserver.service 
   

2. 仍以root的身份运行# systemctl enable arcgisserver.service命令，以在 /etc/systemd/system/multi-user.target.wants 中自动创建链接

    [aaa@qq.com home]# systemctl enable arcgisserver.service
   

3. 验证 systemd 服务是否配置正确，请重新启动服务后检查其状态

    [aaa@qq.com home]# systemctl stop arcgisserver.service  
    [aaa@qq.com home]# systemctl start arcgisserver.service  
    [aaa@qq.com home]# systemctl status arcgisserver.service
   

4.2 DataStore开机自启

1. 至root账户，将 <DataStore 安装目录>/framework/etc/scripts/arcgisdatastore.service 复制到 /etc/systemd/system。并且 /etc/systemd/system/arcgisdatastore.service 的权限从 700 更新为 600

    [aaa@qq.com home]# cp /home/arcgis/arcgis/datastore/framework/etc/scripts/arcgisdatastore.service /etc/systemd/system  
    [aaa@qq.com home]# chmod 600 /etc/systemd/system/arcgisdatastore.service
   

2. 仍以root身份运行# systemctl enable arcgisdatastore.service命令，以在 /etc/systemd/system/multi-user.target.wants 中自动创建链接

    [aaa@qq.com home]# systemctl enable arcgisdatastore.service
   

3. 验证 systemd 服务是否配置正确，请重新启动服务后检查其状态

    [aaa@qq.com home]# systemctl stop arcgisdatastore.service
    [aaa@qq.com home]# systemctl start arcgisdatastore.service
    [aaa@qq.com home]# systemctl status arcgisdatastore.service
   

4.3 Portal开机自启

1. root账户下，将 <Portal安装目录>/framework/etc/arcgisportal.service 文件复制到 /etc/systemd/system。文件复制完成后，并且 /etc/systemd/system/arcgisportal.service文件权限设置为 600

    [aaa@qq.com home]# cp /home/arcgis/arcgis/portal/framework/etc/arcgisportal.service /etc/systemd/system  
    [aaa@qq.com home]# chmod 600 /etc/systemd/system/arcgisportal.service
   

2. 仍以root用户的身份运行命令# systemctl enable arcgisportal.service，在 /etc/systemd/system/multi-user.target.wants 中自动创建链接。

    [aaa@qq.com home]# systemctl enable arcgisportal.service
   

3. 验证 systemd 服务是否配置正确，请重新启动服务后检查其状态

    [aaa@qq.com home]# systemctl stop arcgisportal.service
    [aaa@qq.com home]# systemctl start arcgisportal.service
    [aaa@qq.com home]# systemctl status arcgisportal.service
   

4.4 Tomcat开机自启

1. 查看jdk安装路径

    [aaa@qq.com home]# echo $JAVA_HOME
   

2. 修改脚本文件rc.local，添加启动路径和jdk路径

    [aaa@qq.com home]# vim /etc/rc.d/rc.local
   

   末尾处添加如下语句：

    export JAVA_HOME=/usr/local/jdk8
    /usr/local/tomcat9/bin/startup.sh start
   

3. 将rc.local修改为可执行。

    [aaa@qq.com home]# chmod 755 /etc/rc.d/rc.local
   

5 遇到的问题

5.1 创建Portal For Arcgis，索引服务器配置失败

查看日志，除索引服务配置失败，还提示空间不足的警告。

思路： 增加虚拟机核心数；
扩展硬盘大小
但是失败了。

后查看 <安装路径>/portal/usr/arcgisportal/logs/databas/pgsql.log日志，postgres连接出现问题，在 <安装路径>/portal/usr/arcgisportal/db/pg_hba.conf中IPV4加入：

host    all     all     127.0.0,1/32    md5

说明：32是子网掩码的网段；md5是密码验证方法，可以改为trust

5.2 磁盘空间不足

程序默认安装/home/目录，提示空间不足。思路是新分配空间，扩展至home

1. 虚拟机新增磁盘空间

2. 启动客户机，运行 # fdisk -l，sda1-3已经使用
   

3. fdisk /dev/sda
   

4. reboot

5. 重启后运行fdisk -l，可看到已新增sda4
   

6. mkfs.ext3 /dev/sda4 进行格式化
   

7. 使用 lvm扩充分区

   lvm> pvcreate /dev/sda4
   

   

8. 使用pvdisplay查看当前卷信息，发现/dev/sd3的VG Name是rhel，因此需要将/dev/sda4加入到rhel卷里面去

   将/dev/sda4加入到rhel卷命令：

   lvm> vgextend rhel /dev/sda4
   lvm> lvextend -L +30G /dev/mapper/rhel-home
   

   

9. 切回root用户，调整逻辑区大小

   xfs_growfs /dev/mapper/rhel-home
   

   

10. 最后df -hT可查看

5.3 Webadaptor配置注意事项

利用configurewebadaptor.sh命令绑定网站时候，一直无响应。后发现存在如下引起的问题

1. Tomcat版本（可能的原因，起初使用tomcat7.0.105，后更新至tomcat9.0.19）
2. 配置的tomcat证书路径与tomcat9/conf/server.xml中路径不一致

6 其他

6.1 文件路径中存在空格情况，用反斜杠连接

cd  <目录>/drive_c/Program\ Files/Common Files/ArcGIS

6.2 防火墙相关

查看已打开的端口

netstat -anp

添加端口白名单

firewall-cmd --permanent --zone=public --add-port=8888/tcp
--zone 	#作用域
--add-port=8888/tcp 	#添加端口，格式为：端口/通讯协议
--permanent 	#永久生效，没有此参数重启后失效

重新载入

firewall-cmd --reload

查看特定端口状态

firewall-cmd --zone=public --query-port=8888/tcp

删除端口白名单

firewall-cmd -permanent --zone=public --remove-port=8888/tcp 

6.3 参考

第一次安装遇到很多问题，以自身的情况整理了一遍，谢谢大佬们的分享
主要参考文章
[1]: https://blog.csdn.net/weixin_44616652/article/details/107136136
[2]: https://blog.csdn.net/tuxunxiang/article/details/102768651
[3]: https://blog.csdn.net/qq_41453116/article/details/81110643