http://docs.opendevops.cn/zh/latest/index.html
因爲我的是在virtualbox上做的實驗
而公司對網卡還有mac地址還有綁定
所以我的測試機網卡有2個,一個是和本機通信的192.168.56.103(手動配置IP地址,沒有網關),一個上網用的10.0.2.0網段的(上網的dns:218.85.152.99)
我的域名::xmlgrg.com,你要修改爲你自己的
首先確保服務器可以聯網
然後 運行下面的youhua.sh命令
#/bin/bash
function epel(){
yum install epel-release -y >/dev/null 2>&1
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/epel.repo
sed -i 's/#baseurl/baseurl/g' /etc/yum.repos.d/epel.repo
sed -i '6s/enabled=0/enabled=1/g' /etc/yum.repos.d/epel.repo
sed -i '7s/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/epel.repo
yum clean all >/dev/null 2>&1
#阿里雲機器用aliyun epel
echo "[EPEL 配置] ==> OK"
}
function ulimits(){
cat > /etc/security/limits.conf <<EOF
* soft noproc 20480
* hard noproc 20480
root soft nofile 65535
root hard nofile 65535
* soft nofile 65535
* hard nofile 65535
EOF
ulimit -n 65535
ulimit -u 20480
echo "[ulimits 配置] ==> OK"
}
function ssh(){
[ -f /etc/ssh/sshd_config ] && sed -ir '13 iUseDNS no\nGSSAPIAuthentication no' /etc/ssh/sshd_config && /etc/init.d/sshd restart >/dev/null 2>&1
echo "[SSH 優化] ==> OK"
}
function kernel(){
cat > /etc/sysctl.conf <<EOF
fs.file-max = 65535
net.ipv4.tcp_max_tw_buckets = 1000000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
net.ipv4.tcp_mem = 786432 1048576 1572864
net.core.wmem_max = 873200
net.core.rmem_max = 873200
net.ipv4.tcp_wmem = 8192 436600 873200
net.ipv4.tcp_rmem = 32768 436600 873200
net.core.somaxconn = 10240
net.core.netdev_max_backlog = 20480
net.ipv4.tcp_max_syn_backlog = 20480
net.ipv4.tcp_retries2 = 5
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.all.arp_ignore = 0
EOF
sysctl -p >/dev/null 2>&1
echo "[內核 優化] ==> OK"
}
function history(){
if ! grep "HISTTIMEFORMAT" /etc/profile >/dev/null 2>&1
then echo '
UserIP=$(who -u am i | cut -d"(" -f 2 | sed -e "s/[()]//g")
export HISTTIMEFORMAT="[%F %T] [`whoami`] [${UserIP}] " ' >> /etc/profile;
fi
echo "[history 優化] ==> OK"
}
function security(){
> /etc/issue
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
setenforce 0 >/dev/null 2>&1
systemctl stop firewalld.service
systemctl disable firewalld.service
yum install -y openssl openssh bash >/dev/null 2>&1
echo "[安全配置] ==> OK"
}
function other(){
yum groupinstall Development tools -y >/dev/null 2>&1
yum install -y vim wget lrzsz telnet traceroute iotop tree >/dev/null 2>&1
yum install -y ncftp axel git zlib-devel openssl-devel unzip xz libxslt-devel libxml2-devel libcurl-devel >/dev/null 2>&1
echo "[安裝常用工具] ==> OK"
echo "export HOME=/root" >> /etc/profile
source /etc/profile
useradd -M -s /sbin/nologin nginx >/dev/null 2>&1
mkdir -p /root/ops_scripts /data1/www
mkdir -p /opt/codo/
}
function quanxian(){
chown root:root /etc/passwd /etc/shadow /etc/group /etc/gshadow && chmod 0644 /etc/group && chmod 0644 /etc/passwd && chmod 0400 /etc/shadow && chmod 0400 /etc/gshadow
}
export -f epel
export -f ulimits
export -f ssh
export -f kernel
export -f history
export -f security
export -f other
export -f quanxian
##格式必須是: bash script 函數名1#函數2
## 例如: bash system_init_v1.sh epel#ulimits#ssh
#echo $1 | awk -F "#" '{for(i=1;i<=NF;++i) system($i)}'
epel
ulimits
ssh
kernel
history
security
other
quanxian
echo '[Success]System Init OK'
運行命令
# sh +x youhua.sh
設置靜態IP地址
重啓服務器
創建項目目錄
# mkdir -p /opt/codo/ && cd /opt/codo/環境變量
以下內容貼入到vim /opt/codo/env.sh文件,剛開始接觸這裏可能會稍微有點難理解,
後面文檔將會說明每個環境變量的用途,主要修改域名/地址和密碼信息
#/bin/bash
echo -e "\033[31m token_secret一定要做修改,防止網站被***!!!!!!! \033[0m"
#本機的IP地址
export LOCALHOST_IP="192.168.56.103"
#設置你的MYSQL密碼
export MYSQL_PASSWORD="xmlgrg163"
### 設置你的redis密碼
export REDIS_PASSWORD="xmlgrg163"
### RabbitMQ用戶密碼信息
export MQ_USER="ss"
export MQ_PASSWORD="xmlgrg163"
##這部分是模塊化部署,微服務,每個服務都有一個單獨的域名
### 管理後端地址
export mg_domain="mg.xmlgrg.com"
### 定時任務地址,目前只啓動一個進程,ip
export cron_domain="192.168.56.103"
### 任務系統地址
export task_domain="task.xmlgrg.com"
### CMDB系統地址
export cmdb_domain="cmdb2.xmlgrg.com"
### 運維工具地址
export tools_domain="tools.xmlgrg.com"
### 域名管理地址
export dns_domain="dns.xmlgrg.com"
### 配置中心域名
export kerrigan_domain="kerrigan.xmlgrg.com"
### 前端地址,也就是你的訪問地址
export front_domain="demo-ss.xmlgrg.com"
### api網關地址
export api_gw_url="gw.xmlgrg.com"
#codo-admin用到的cookie和token,可留默認
export cookie_secret="nJ2oZis0V/xlArY2rzpIE6ioC9/KlqR2fd59sD=UXZJ=3OeROB"
# 這裏codo-admin和gw網關都會用到,一定要修改。可生成隨意字符
export token_secret="pXFb4i%*834gfdh963df718iodGq4dsafsdadg7yI6ImF1999aaG7"
##一般情況下都是隻用一個數據庫就可以了
# 寫數據庫
export DEFAULT_DB_DBHOST="192.168.56.103"
export DEFAULT_DB_DBPORT='3306'
export DEFAULT_DB_DBUSER='root'
export DEFAULT_DB_DBPWD=${MYSQL_PASSWORD}
# 讀數據庫
export READONLY_DB_DBHOST='192.168.56.103'
export READONLY_DB_DBPORT='3306'
export READONLY_DB_DBUSER='root'
export READONLY_DB_DBPWD=${MYSQL_PASSWORD}
#export READONLY_DB_DBNAME=${MYSQL_PASSWORD}
# 消息隊列
export DEFAULT_MQ_ADDR='192.168.56.103'
export DEFAULT_MQ_USER=${MQ_USER}
export DEFAULT_MQ_PWD=${MQ_PASSWORD}
# 緩存
export DEFAULT_REDIS_HOST='192.168.56.103'
export DEFAULT_REDIS_PORT=6379
export DEFAULT_REDIS_PASSWORD=${REDIS_PASSWORD}
最後
# source /opt/codo/env.sh安裝Python3
建議使用Python36,若你的系統裏面已經存在Python36可以跳過此步驟。
vim python36.sh 新建python安裝的腳本
#/bin/bash
echo -e "\033[32m [INFO]: Start install python3 \033[0m"
yum groupinstall Development tools -y
yum install -y zlib-devel openssl-devel libxslt-devel libxml2-devel libcurl-devel
cd /usr/local/src/
wget -q -c https://www.python.org/ftp/python/3.6.4/Python-3.6.4.tar.xz
tar xf Python-3.6.4.tar.xz >/dev/null 2>&1 && cd Python-3.6.4
./configure >/dev/null 2>&1
make >/dev/null 2>&1 && make install >/dev/null 2>&1
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: python3 install success. \033[0m"
else
echo -e "\033[31m [ERROR]: python3 install faild \033[0m"
exit -1
fi
執行
# sh -x python36.sh 安裝Docker-compose
若已安裝docker-compose可跳過
vim docker-compose.sh 新建docker-compose安裝的腳本
#/bin/bash
echo -e "\033[32m [INFO]: Start install docker,docker-compose \033[0m"
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-edge
yum install -y docker-ce
###啓動
/bin/systemctl start docker.service
### 開機自啓
/bin/systemctl enable docker.service
#安裝docker-compose編排工具
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py
pip3 install docker-compose
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: docker-compose install success. \033[0m"
else
echo -e "\033[31m [ERROR]: docker-compose install faild \033[0m"
exit -2
fi
執行
# sh -x docker-compose.sh
設置docker加速
#mkdir -p /etc/docker
#vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://f2bv707v.mirror.aliyuncs.com"]
}
#systemctl daemon-reload
#systemctl restart docker 安裝MySQL
# source /opt/codo/env.sh一般來說 一個MySQL實例即可,如果有需求可以自行搭建主從,每個服務都可以有自己的數據庫
我們這裏示例是用Docker部署的MySQL,你也可以使用你自己的MySQL
vim MySQL.sh 新建MySQL安裝的腳本
#/bin/bash
yum install mysql -y
echo -e "\033[32m [INFO]: Start install mysql5.7 \033[0m"
cat >docker-compose.yml <<EOF
mysql:
restart: unless-stopped
image: mysql:5.7
volumes:
- /data/mysql:/var/lib/mysql
- /data/mysql_conf:/etc/mysql/conf.d
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_PASSWORD}
EOF
docker-compose up -d #啓動
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: mysql install success. \033[0m"
echo -e "\033[32m [INFO]: 本機mysql客戶端的已經安裝. \033[0m"
echo -e "\033[32m [INFO]: mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD} \033[0m"
else
echo -e "\033[31m [ERROR]: mysql57 install faild \033[0m"
exit -3
fi
執行
sh +x MySQL.sh
安裝Redis
vim Redis.sh 新建Redis安裝的腳本
#/bin/bash
echo -e "\033[32m [INFO]: Start install redis3.2 \033[0m"
yum -y install redis-3.2.*
echo "[INFO]: start init redis"
### 開啓AOF
sed -i 's#appendonly no$#appendonly yes#g' /etc/redis.conf
### 操作系統決定
sed -i 's#appendfsync .*$$#appendfsync everysec$#g' /etc/redis.conf
### 修改綁定IP
sed -i 's/^bind 127.0.0.1$/#bind 127.0.0.1/g' /etc/redis.conf
### 是否以守護進程方式啓動
sed -i 's#daemonize no$#daemonize yes#g' /etc/redis.conf
### 當時間間隔超過60秒,或存儲超過1000條記錄時,進行持久化
sed -i 's#^save 60 .*$#save 60 1000#g' /etc/redis.conf
### 快照壓縮
sed -i 's#rdbcompression no$#rdbcompression yes#g' /etc/redis.conf
### 添加密碼
sed -i "s#.*requirepass .*#requirepass ${REDIS_PASSWORD}#g" /etc/redis.conf
systemctl start redis
systemctl status redis
systemctl enable redis
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: redis install success. \033[0m"
echo -e "\033[32m [INFO]: redis-cli -h 127.0.0.1 -p 6379 -a ${REDIS_PASSWORD}"
else
echo -e "\033[31m [ERROR]: redis install faild \033[0m"
exit -4
fi
執行
# sh +x Redis.sh
設置redis的庫
# redis-cli -h 127.0.0.1 -p 6379 -a xmlgrg163
keys *
select 8
exit
安裝RabbitMQ
注意安裝完MQ後不要修改主機名,否則MQ可能會崩掉
vim RabbitMQ.sh 新建RabbitMQ安裝的腳本
#/bin/bash
echo -e "\033[32m [INFO]: Start install rabbitmq \033[0m"
# echo $LOCALHOST_IP opendevops >> /etc/hosts
# echo opendevops > /etc/hostname
# export HOSTNAME=opendevops
yum install -y rabbitmq-server
rabbitmq-plugins enable rabbitmq_management
systemctl start rabbitmq-server
rabbitmqctl add_user ${MQ_USER} ${MQ_PASSWORD}
rabbitmqctl set_user_tags ${MQ_USER} administrator
rabbitmqctl set_permissions -p '/' ${MQ_USER} '.' '.' '.'
systemctl restart rabbitmq-server
systemctl enable rabbitmq-server
systemctl status rabbitmq-server
# rabbitmq-server -detached
status=`systemctl status rabbitmq-server | grep "running" | wc -l`
if [ $status == 1 ];then
echo -e "\033[32m [INFO]: rabbitmq install success. \033[0m"
else
echo -e "\033[31m [ERROR]: rabbitmq install faild \033[0m"
exit -5
fi
執行
# sh +x RabbitMQ.sh 安裝DNS
部署內部DNS dnsmasq 主要用於內部通信,API網關要用到。
vim dnsmasq.sh 新建dnsmasq安裝的腳本
#/bin/bash
echo -e "\033[32m [INFO]: Start install dnsmasq \033[0m"
#install dnsmasq
yum install dnsmasq -y
# 設置上游DNS,畢竟你的Dns只是個代理 實際的DNS
cat >/etc/resolv.dnsmasq <<EOF
nameserver 8.8.8.8
EOF
#設置host解析
cat >/etc/dnsmasqhosts <<EOF
$LOCALHOST_IP $front_domain
$LOCALHOST_IP $mg_domain
$LOCALHOST_IP $task_domain
$LOCALHOST_IP $api_gw_url
$LOCALHOST_IP $cmdb_domain
$LOCALHOST_IP $kerrigan_domain
$LOCALHOST_IP $tools_domain
$LOCALHOST_IP $dns_domain
EOF
#添加配置
#注意:
# 剛裝完DNS可以先不用改本機的DNS,有一部分人反應Docker Build時候會報連不上mirrors,裝不了依賴。
# 部署到API網關的時候,需要將本機DNS改成自己,不然沒辦法訪問以上mg.cron,cmdb等內網域名
#echo "nameserver $LOCALHOST_IP" > /etc/resolv.conf
echo "resolv-file=/etc/resolv.dnsmasq" >> /etc/dnsmasq.conf
echo "addn-hosts=/etc/dnsmasqhosts" >> /etc/dnsmasq.conf
## 啓動
/bin/systemctl start dnsmasq.service
systemctl status dnsmasq
/bin/systemctl enable dnsmasq.service
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: dnsmasq install success. \033[0m"
else
echo -e "\033[31m [ERROR]: dnsmasq install faild \033[0m"
exit -6
fi
執行
# sh +x dnsmasq.sh # cat /etc/resolv.conf
# Generated by NetworkManager
# nameserver 192.168.56.103
nameserver 218.85.152.99
nameserver 218.85.157.99
ping 域名
# ping cmdb2.xmlgrg.com
PING cmdb2.xmlgrg.com (192.168.56.103) 56(84) bytes of data.
64 bytes from demo-ss.xmlgrg.com (192.168.56.103): icmp_seq=1 ttl=64 time=0.016 ms
64 bytes from demo-ss.xmlgrg.com (192.168.56.103): icmp_seq=2 ttl=64 time=0.038 ms
因爲我是在virtualbox上的虛擬機做的實驗,發現我的/etc/resolv.conf,註釋掉其他的就沒法上網了~,~
項目前端安裝
vim qianduan.sh
#/bin/bash
echo -e "\033[32m [INFO]: codo(項目前端) Start install. \033[0m"
CODO_VER="codo-beta-0.3.0"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
[ ! -d /var/www ] && mkdir -p /var/www
cd /var/www && wget https://github.com/opendevops-cn/codo/releases/download/${CODO_VER}/${CODO_VER}.tar.gz
tar zxf ${CODO_VER}.tar.gz
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: codo(項目前端) install success. \033[0m"
else
echo -e "\033[31m [ERROR]: codo(項目前端) install faild \033[0m"
exit -8
fi
執行
# sh +x qianduan.sh
前端的靜態文件會存放在/var/www/codo/目錄內
測試一下 ll /var/www/codo/* 看下文件是不是存在
後續訪問使用API網關中的vhosts,節省資源,這裏不單獨安裝配置nginx
管理後端
codo-admin是基於tornado框架 restful風格的API 實現後臺管理,codo詳細參考,搭配使用codo前端(iView+ vue)組成的一套後臺用戶 權限以及系統管理的解決方案(提供登錄,註冊 密碼修改 鑑權 用戶管理 角色管理 權限管理 前端組件管理 前端路由管理 通知服務API 系統基礎信息接口)
獲取代碼
vim dm.sh
#/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-admin.git
執行
# sh +x dm.sh# cd /opt/codo/codo-admin
修改相關配置
修改settings.py配置
注意:這裏的cookie_secret和token_secret必須和你的env.sh裏面的保持一致,後續網關也要用到這個。若不保持一直登陸後校驗不通過回被自動踢回
注意:這裏的token_secret必須要和你的網關保持一致,這個值是從env.sh拿來的,一定要做修改,防止網站被***,如果secret包含正則符號會導致sed失敗,請仔細檢查
# pwd
/opt/codo/codo-admin
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
sed -i "s#token_secret = .*#token_secret = '${token_secret}'#g" settings.py
#mysql配置信息
##我們項目支持取env環境變量,但是還是建議修改下。
DEFAULT_DB_DBNAME='codo_admin'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#只讀MySQL配置,若是單臺也直接寫成Master地址即可
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/codo-admin/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g
proxy_set_header Cookie $http_cookie; 注意這個
編譯,啓動
#pwd
/opt/codo/codo-admin
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
#複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-admin/
#安裝pip依賴
RUN pip3 install -r /var/www/codo-admin/doc/requirements.txt
#日誌
VOLUME /var/log/
#準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
#bulid 鏡像
docker build . -t do_mg_image
#啓動
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database codo_admin default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges; 然後退出
初始化表結構
# docker exec -ti codo-admin_do_mg_1 /usr/local/bin/python3 /var/www/codo-admin/db_sync.py
導入數據
主要是菜單,組件,權限列表,內置的用戶等
#導入數據
# pwd
/opt/codo/codo-admin
# mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD} codo_admin < ./doc/codo_admin_beta0.3.sql
docker-compose restart
測試codo-admin
### 01.日誌
tailf /var/log/supervisor/mg.log #確認沒有報錯
codo-admin 部署完畢
任務系統
CODO任務系統,負責整個系統中任務調度,此功能是必須要安裝的
下載代碼
# pwd
/opt/codo
# vim codo-task.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo-task(任務系統) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-task.git
執行
# sh +x codo-task.sh修改配置
# cd /opt/codo/codo-task
#同樣,這裏codo-task也支持取env環境變量,建議還是修改下默認配置
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
#修改配置
TASK_DB_DBNAME='codo_task'
#任務系統的域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
#只讀MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
#MQ配置
sed -i "s#DEFAULT_MQ_ADDR = .*#DEFAULT_MQ_ADDR = os.getenv('DEFAULT_MQ_ADDR', '${DEFAULT_MQ_ADDR}')#g" settings.py
sed -i "s#DEFAULT_MQ_USER = .*#DEFAULT_MQ_USER = os.getenv('DEFAULT_MQ_USER', '${DEFAULT_MQ_USER}')#g" settings.py
sed -i "s#DEFAULT_MQ_PWD = .*#DEFAULT_MQ_PWD = os.getenv('DEFAULT_MQ_PWD', '${DEFAULT_MQ_PWD}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-task/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-task/
# 安裝pip依賴
RUN pip3 install -r /var/www/codo-task/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
編譯,啓動
#編譯鏡像
docker build . -t codo_task_image
#啓動
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_task` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
Bye
初始化表結構
docker exec -ti codo-task_codo_task_1 /usr/local/bin/python3 /var/www/codo-task/db_sync.py
導入數據
重啓
docker-compose restart
測試
日誌文件位置統一:/var/log/supervisor/
01. 查看日誌
tailf /var/log/supervisor/task_scheduler.log #確認沒報錯
tailf /var/log/supervisor/exec_task.log #執行任務的日誌# docker exec -it codo-cron_codo_cron_1 /bin/sh 進入容器中
sh-4.2# cd /usr/share/nginx/html/
sh-4.2# ls
404.html 50x.html index.html nginx-logo.png poweredby.png
sh-4.2#
定時任務
CODO項目定時任務模塊,定時任務完全兼容crontab,支持到秒級
下載代碼
vim codo_cron.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_cron(定時任務) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-cron.git
執行
# sh +x codo_cron.sh# cd /opt/codo/codo-cron
修改配置
#同樣,這裏codo-cron也支持取env環境變量,建議還是修改下默認配置
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
#後端數據庫名稱,建議不要修改,初始化data.sql已經指定了數據庫名字,若需改請一塊修改
CRON_DB_DBNAME='codo_cron'
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
#只讀MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
# 設置編碼
ENV LANG en_US.UTF-8
# 同步時間
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-cron/
# 安裝pip依賴
RUN pip3 install -r /var/www/codo-cron/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]#編譯鏡像
docker build . -t codo_cron_image
#啓動
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_cron` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表結構
# docker exec -ti codo-cron_codo_cron_1 /usr/local/bin/python3 /var/www/codo-cron/db_sync.py重啓
docker-compose restart
測試
日誌文件位置統一:/var/log/supervisor/
01. 查看日誌
tailf /var/log/supervisor/cron.log #確認沒報錯配置中心
獲取代碼
vim pz.sh
#!/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/kerrigan.git && cd kerrigan
執行、
# sh +x pz.sh修改相關配置
# cd /opt/codo/kerrigan/
修改settings.py配置
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
#修改管理後端域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置信息
##我們項目支持取env環境變量,但是還是建議修改下。
DEFAULT_DB_DBNAME='codo_kerrigan'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#只讀MySQL配置,若是單臺也直接寫成Master地址即可
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/kerrigan/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/kerrigan/
# 安裝pip依賴
RUN pip3 install -r /var/www/kerrigan/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
#編譯鏡像
docker build . -t kerrigan_image
#啓動
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_kerrigan` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表結構
docker exec -ti kerrigan_codo-kerrigan_1 /usr/local/bin/python3 /var/www/kerrigan/db_sync.py
測試kerrigan
重啓
docker-compose restart
### 01.日誌
tailf /var/log/supervisor/kerrigan.log #確認沒有報錯運維工具
CODO運維工具支持:告警管理、項目管理、事件管理、加密解密、隨機密碼、提醒管理等
獲取代碼
vim yw.sh
#!/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-tools.git && cd codo-tools
執行
# sh +x yw.sh
修改相關配置
# cd /opt/codo/codo-tools/
修改settings.py 配置
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置信息
##我們項目支持取env環境變量,但是還是建議修改下。
DEFAULT_DB_DBNAME='codo_tools'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-tools/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-tools/
# 安裝pip依賴
RUN pip3 install -r /var/www/codo-tools/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
編譯,啓動
#編譯鏡像
docker build . -t codo_tools
#啓動
docker-compose up -d
創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_tools` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表結構
docker exec -ti codo-tools_codo_tools_1 /usr/local/bin/python3 /var/www/codo-tools/db_sync.py
重啓
docker-compose restart
測試codo-tools
### 01.日誌
tailf /var/log/supervisor/tools.log #服務日誌,確認沒有報錯
tailf /var/log/supervisor/cron_jobs.log #定時提醒日誌域名管理
CODO域名管理模塊,管理BIND 支持智能解析,多域名多主。
vim codo_dns.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_dns(域名管理) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-dns.git
執行
# sh +x codo_dns.sh修改配置
# cd /opt/codo/codo-dns/
同樣,這裏codo-dns也支持取env環境變量,建議還是修改下默認配置
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
#後端數據庫名稱
CRON_DB_DBNAME='codo_dns'
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
#只讀MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-dns/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-dns/
# 安裝pip依賴
RUN pip3 install -r /var/www/codo-dns/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
編譯,啓動
#編譯鏡像
docker build . -t codo_dns_image
#啓動
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_dns` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表結構
docker exec -ti codo-dns_codo-dns_1 /usr/local/bin/python3 /var/www/codo-dns/db_sync.py
重啓
docker-compose restart
測試
日誌文件位置統一:/var/log/supervisor/
01. 查看日誌
tailf /var/log/supervisor/codo_dns.log #確認沒報錯
資產管理
vim zichan.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_cmdb(資產管理) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-cmdb.git
執行
# sh +x zichan.sh修改配置
# cd /opt/codo/codo-cmdb
#修改settings.py配置信息
#導入環境變量文件,最開始準備的環境變量文件
source /opt/codo/env.sh
#修改配置
#後端數據庫名稱,建議不要修改,初始化data.sql已經指定了數據庫名字,若需改請一塊修改
CMDB_DB_DBNAME='codo_cmdb'
#任務系統的域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CMDB_DB_DBNAME}')#g" settings.py
#只讀MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CMDB_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
#另外,同步標籤樹配置
#這裏如果配置codo-task的數據庫地址,則將數據同步到作業配置--TagTree下面(非必填項),但是建議配置
TASK_DB_DBNAME='codo_task'
sed -i "s#CODO_TASK_DB_HOST = .*#CODO_TASK_DB_HOST = os.getenv('CODO_TASK_DB_HOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#CODO_TASK_DB_PORT = .*#CODO_TASK_DB_PORT = os.getenv('CODO_TASK_DB_PORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#CODO_TASK_DB_USER = .*#CODO_TASK_DB_USER = os.getenv('CODO_TASK_DB_USER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#CODO_TASK_DB_PWD = .*#CODO_TASK_DB_PWD = os.getenv('CODO_TASK_DB_PWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#CODO_TASK_DB_DBNAME = .*#CODO_TASK_DB_DBNAME = os.getenv('CODO_TASK_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/codo-cmdb/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
#
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 複製代碼
RUN mkdir -p /var/www/
ADD . /var/www/codo-cmdb/
# 安裝pip依賴
RUN pip3 install -r /var/www/codo-cmdb/doc/requirements.txt
# 日誌
VOLUME /var/log/
# 準備文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
打包鏡像
#安裝依賴的時候根據網絡因素定,如果很慢建議更改pip源站爲阿里的
docker build . -t codo_cmdb
啓動Docker
docker-compose up -d創建數據庫
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_cmdb` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
Bye
初始化表結構
#cmdb_codo_cmdb_1:是你的容器名稱
docker exec -ti codo-cmdb_codo_cmdb_1 /usr/local/bin/python3 /var/www/codo-cmdb/db_sync.py
重啓
docker-compose restart
日誌文件
服務日誌:tailf /var/log/supervisor/cmdb.log #主程序日誌
定時日誌:tailf /var/log/supervisor/cmdb_cron.log #一些後端守護自動運行的日誌
接口測試
可查看日誌看是否有報錯
默認端口:8050,可直接測試
# ss -lntp| grep 8050
LISTEN 0 10240 :::8050 :::* users:(("docker-proxy",pid=19843,fd=4))API網關
由於此項目是模塊化、微服務化,因此需要在藉助API網關,需要在API網關注冊,此步驟是必須的。
安裝openresty
yum update
yum install yum-utils -y
yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
yum install openresty openresty-resty -y部署網關
# cd /opt/codo/ && git clone https://github.com/ss1917/api-gateway.git
# \cp -arp api-gateway/* /usr/local/openresty/nginx/
修改配置
主要修改nginx.conf配置信息和config.lua配置,具體參考API網關塊:
API網關修改配置https://github.com/ss1917/api-gateway/blob/master/README.md#%E4%BA%8C-%E4%BF%AE%E6%94%B9%E9%85%8D%E7%BD%AE
接下來配置:
因爲我把前端靜態文件也使用 網關進行代理 所以配置文件如下
全局nginx配置
這裏主要修改resolver 內部DNS服務器地址# vim /usr/local/openresty/nginx/conf/nginx.conf
user root;
worker_processes auto;
worker_rlimit_nofile 51200;
error_log logs/error.log;
events {
use epoll;
worker_connections 51024;
}
http {
#設置默認lua搜索路徑
lua_package_path '$prefix/lua/?.lua;/blah/?.lua;;';
lua_code_cache on; #線上環境設置爲on, off時可以熱加載lua文件
lua_shared_dict user_info 1m;
lua_shared_dict my_limit_conn_store 100m; #100M可以放1.6M個鍵值對
include mime.types; #代理靜態文件
client_header_buffer_size 128k; ######
large_client_header_buffers 4 128k; #####
init_by_lua_file lua/init_by_lua.lua; # nginx啓動時就會執行
include ./conf.d/*.conf; # lua生成upstream
resolver 192.168.56.103; #### 內部DNS服務器地址####
}網關配置
# vim /usr/local/openresty/nginx/conf/conf.d/gw.conf
server {
listen 80;
server_name gw.xmlgrg.com; ######
lua_need_request_body on; # 開啓獲取body數據記錄日誌
location / {
### ws 支持
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
### 獲取真實IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_by_lua_file lua/access_check.lua;
set $my_upstream $my_upstream;
proxy_pass http://$my_upstream;
### 跨域
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Max-Age 3600;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
if ($request_method = OPTIONS){
return 204;}
}
}
前端資源配置
這裏要修改server_name 爲你的真實訪問域名
前端vhosts
# mkdir -pv /usr/local/openresty/nginx/conf/conf.d/
# vim /usr/local/openresty/nginx/conf/conf.d/demo.conf
這裏是前端的訪問入口,如果不使用網關代理靜態的話,可以使用nginx代理,請根據自身情況修改配置。
server {
listen 80;
server_name demo-ss.xmlgrg.com; ########
access_log /var/log/nginx/f_access.log;
error_log /var/log/nginx/f_error.log;
root /var/www/codo;
location / {
root /var/www/codo;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
### ws 支持
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass http://gw.xmlgrg.com; ######
}
location ~ /(.svn|.git|admin|manage|.sh|.bash)$ {
return 403;
}
}
註冊API網關
# vim /usr/local/openresty/nginx/lua/configs.lua 請仔細閱讀下面需要修改配置的地方
json = require("cjson")
--mysql_config = {
-- host = "127.0.0.1",
-- port = 3306,
-- database = "lua",
-- user = "root",
-- password = "",
-- max_packet_size = 1024 * 1024
--}
-- redis配置,一定要修改,並且和codo-admin保持一致
redis_config = {
host = '192.168.56.103',
port = 6379,
auth_pwd = 'xmlgrg163',
db = 8,
alive_time = 3600 * 24 * 7,
channel = 'gw'
}
-- 注意:這裏的token_secret必須要和codo-admin裏面的token_secret保持一致
token_secret = "pXFb4i%*834gfdh963df718iodGq4dsafsdadg7yI6ImF1999aaG7"
logs_file = '/var/log/gw.log'
--刷新權限到redis接口
rewrite_cache_url = 'http://mg.xmlgrg.com:8010/v2/accounts/verify/'
-- 注意:rewrite_cache_token要和codo-admin裏面的secret_key = '8b888a62-3edb-4920-b446-697a472b4001'保持一致
-- # cat /opt/codo/codo-admin/settings.py | grep token_secret
rewrite_cache_token = '8b888a62-3edb-4920-b446-697a472b4001'
--併發限流配置
limit_conf = {
rate = 10, --限制ip每分鐘只能調用n*60次接口
burst = 10, --桶容量,用於平滑處理,最大接收請求次數
}
--upstream匹配規則,API網關域名
gw_domain_name = 'gw.xmlgrg.com'
--下面的轉發一定要修改,根據自己實際數據修改
rewrite_conf = {
[gw_domain_name] = {
rewrite_urls = {
{
uri = "/dns",
rewrite_upstream = "dns.xmlgrg.com:8060"
},
{
uri = "/cmdb2",
rewrite_upstream = "cmdb2.xmlgrg.com:8050"
},
{
uri = "/tools",
rewrite_upstream = "tools.xmlgrg.com:8040"
},
{
uri = "/kerrigan",
rewrite_upstream = "kerrigan.xmlgrg.com:8030"
},
{
uri = "/cmdb",
rewrite_upstream = "cmdb.xmlgrg.com:8002"
},
{
uri = "/k8s",
rewrite_upstream = "k8s.xmlgrg.com:8001"
},
{
uri = "/task",
rewrite_upstream = "task.xmlgrg.com:8020"
},
{
uri = "/cron",
rewrite_upstream = "192.168.56.103:9900"
},
{
uri = "/mg",
rewrite_upstream = "mg.xmlgrg.com:8010"
},
{
uri = "/accounts",
rewrite_upstream = "mg.xmlgrg.com:8010"
},
}
}
}
API網關啓動
提醒:openresty服務器DNS必須指向--->最起初部署的DNS服務器地址,另外若你本機ping 以上隨便一個域名都不通的話,
那你要確認下你本機DNS指向你最初部署了DNS服務器了?
修改vim /etc/resolv.conf
#OpenResty 是一個基於 Nginx 與 Lua 的高性能 Web 平臺,使用的也是80端口,若不能啓動請檢查你的80端口是否被佔用了
#日誌:
# mkdir -pv /var/log/nginx/ && touch /var/log/nginx/f_access.log
cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.56.103
#nameserver 218.85.152.99
#nameserver 218.85.157.99
# vim /opt/codo/api-gateway/conf/nginx.conf
resolver 192.168.56.103; # 內部DNS
# vim /usr/local/openresty/nginx/conf/nginx.conf
resolver 192.168.56.103; # 內部DNS
# openresty -t #測試
# systemctl start openresty
# systemctl enable openresty訪問
地址:demo-ss.xmlgrg.com
用戶:admin
密碼:admin@opendevops
日誌路徑
若這裏訪問有報錯,請看下日誌,一般都是配置錯誤。
日誌路徑:所有模塊日誌統一/var/log/supervisor/
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6f8ed2457437 codo_cmdb:latest "/usr/bin/supervisord" 3 minutes ago Up 3 minutes 0.0.0.0:8050->80/tcp codo-cmdb_codo_cmdb_1
2ce4ce6b98ce codo_dns_image "/usr/bin/supervisord" 23 minutes ago Up 23 minutes 0.0.0.0:8060->80/tcp codo-dns_codo-dns_1
afb9bed1b721 codo_tools:latest "/usr/bin/supervisord" 27 minutes ago Up 26 minutes 0.0.0.0:8040->80/tcp codo-tools_codo_tools_1
be65ed6fe5f5 kerrigan_image "/usr/bin/supervisord" 33 minutes ago Up 32 minutes 0.0.0.0:8030->80/tcp kerrigan_codo-kerrigan_1
b7b26c9b58e3 codo_cron_image "/usr/bin/supervisord" 37 minutes ago Up 35 minutes 80/tcp, 0.0.0.0:9900->9900/tcp codo-cron_codo_cron_1
82e64820e4a8 codo_task_image "/usr/bin/supervisord" 2 hours ago Up 2 hours 0.0.0.0:8020->80/tcp codo-task_codo_task_1
d1ed317f84a8 do_mg_image "/usr/bin/supervisord" 2 hours ago Up 2 hours 0.0.0.0:8010->80/tcp codo-admin_do_mg_1
7a0aca87eac0 mysql:5.7 "docker-entrypoint.s…" 2 hours ago Up 2 hours 0.0.0.0:3306->3306/tcp, 33060/tcp data_mysql_1