http://docs.opendevops.cn/zh/latest/index.html
因为我的是在virtualbox上做的实验
而公司对网卡还有mac地址还有绑定
所以我的测试机网卡有2个,一个是和本机通信的192.168.56.103(手动配置IP地址,没有网关),一个上网用的10.0.2.0网段的(上网的dns:218.85.152.99)
我的域名::xmlgrg.com,你要修改为你自己的
首先确保服务器可以联网
然后 运行下面的youhua.sh命令
#/bin/bash
function epel(){
yum install epel-release -y >/dev/null 2>&1
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/epel.repo
sed -i 's/#baseurl/baseurl/g' /etc/yum.repos.d/epel.repo
sed -i '6s/enabled=0/enabled=1/g' /etc/yum.repos.d/epel.repo
sed -i '7s/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/epel.repo
yum clean all >/dev/null 2>&1
#阿里云机器用aliyun epel
echo "[EPEL 配置] ==> OK"
}
function ulimits(){
cat > /etc/security/limits.conf <<EOF
* soft noproc 20480
* hard noproc 20480
root soft nofile 65535
root hard nofile 65535
* soft nofile 65535
* hard nofile 65535
EOF
ulimit -n 65535
ulimit -u 20480
echo "[ulimits 配置] ==> OK"
}
function ssh(){
[ -f /etc/ssh/sshd_config ] && sed -ir '13 iUseDNS no\nGSSAPIAuthentication no' /etc/ssh/sshd_config && /etc/init.d/sshd restart >/dev/null 2>&1
echo "[SSH 优化] ==> OK"
}
function kernel(){
cat > /etc/sysctl.conf <<EOF
fs.file-max = 65535
net.ipv4.tcp_max_tw_buckets = 1000000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
net.ipv4.tcp_mem = 786432 1048576 1572864
net.core.wmem_max = 873200
net.core.rmem_max = 873200
net.ipv4.tcp_wmem = 8192 436600 873200
net.ipv4.tcp_rmem = 32768 436600 873200
net.core.somaxconn = 10240
net.core.netdev_max_backlog = 20480
net.ipv4.tcp_max_syn_backlog = 20480
net.ipv4.tcp_retries2 = 5
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.all.arp_ignore = 0
EOF
sysctl -p >/dev/null 2>&1
echo "[内核 优化] ==> OK"
}
function history(){
if ! grep "HISTTIMEFORMAT" /etc/profile >/dev/null 2>&1
then echo '
UserIP=$(who -u am i | cut -d"(" -f 2 | sed -e "s/[()]//g")
export HISTTIMEFORMAT="[%F %T] [`whoami`] [${UserIP}] " ' >> /etc/profile;
fi
echo "[history 优化] ==> OK"
}
function security(){
> /etc/issue
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sed -i 's/SELINUX=permissive/SELINUX=disabled/g' /etc/selinux/config
setenforce 0 >/dev/null 2>&1
systemctl stop firewalld.service
systemctl disable firewalld.service
yum install -y openssl openssh bash >/dev/null 2>&1
echo "[安全配置] ==> OK"
}
function other(){
yum groupinstall Development tools -y >/dev/null 2>&1
yum install -y vim wget lrzsz telnet traceroute iotop tree >/dev/null 2>&1
yum install -y ncftp axel git zlib-devel openssl-devel unzip xz libxslt-devel libxml2-devel libcurl-devel >/dev/null 2>&1
echo "[安装常用工具] ==> OK"
echo "export HOME=/root" >> /etc/profile
source /etc/profile
useradd -M -s /sbin/nologin nginx >/dev/null 2>&1
mkdir -p /root/ops_scripts /data1/www
mkdir -p /opt/codo/
}
function quanxian(){
chown root:root /etc/passwd /etc/shadow /etc/group /etc/gshadow && chmod 0644 /etc/group && chmod 0644 /etc/passwd && chmod 0400 /etc/shadow && chmod 0400 /etc/gshadow
}
export -f epel
export -f ulimits
export -f ssh
export -f kernel
export -f history
export -f security
export -f other
export -f quanxian
##格式必须是: bash script 函数名1#函数2
## 例如: bash system_init_v1.sh epel#ulimits#ssh
#echo $1 | awk -F "#" '{for(i=1;i<=NF;++i) system($i)}'
epel
ulimits
ssh
kernel
history
security
other
quanxian
echo '[Success]System Init OK'
运行命令
# sh +x youhua.sh
设置静态IP地址
重启服务器
创建项目目录
# mkdir -p /opt/codo/ && cd /opt/codo/环境变量
以下内容贴入到vim /opt/codo/env.sh文件,刚开始接触这里可能会稍微有点难理解,
后面文档将会说明每个环境变量的用途,主要修改域名/地址和密码信息
#/bin/bash
echo -e "\033[31m token_secret一定要做修改,防止网站被***!!!!!!! \033[0m"
#本机的IP地址
export LOCALHOST_IP="192.168.56.103"
#设置你的MYSQL密码
export MYSQL_PASSWORD="xmlgrg163"
### 设置你的redis密码
export REDIS_PASSWORD="xmlgrg163"
### RabbitMQ用户密码信息
export MQ_USER="ss"
export MQ_PASSWORD="xmlgrg163"
##这部分是模块化部署,微服务,每个服务都有一个单独的域名
### 管理后端地址
export mg_domain="mg.xmlgrg.com"
### 定时任务地址,目前只启动一个进程,ip
export cron_domain="192.168.56.103"
### 任务系统地址
export task_domain="task.xmlgrg.com"
### CMDB系统地址
export cmdb_domain="cmdb2.xmlgrg.com"
### 运维工具地址
export tools_domain="tools.xmlgrg.com"
### 域名管理地址
export dns_domain="dns.xmlgrg.com"
### 配置中心域名
export kerrigan_domain="kerrigan.xmlgrg.com"
### 前端地址,也就是你的访问地址
export front_domain="demo-ss.xmlgrg.com"
### api网关地址
export api_gw_url="gw.xmlgrg.com"
#codo-admin用到的cookie和token,可留默认
export cookie_secret="nJ2oZis0V/xlArY2rzpIE6ioC9/KlqR2fd59sD=UXZJ=3OeROB"
# 这里codo-admin和gw网关都会用到,一定要修改。可生成随意字符
export token_secret="pXFb4i%*834gfdh963df718iodGq4dsafsdadg7yI6ImF1999aaG7"
##一般情况下都是只用一个数据库就可以了
# 写数据库
export DEFAULT_DB_DBHOST="192.168.56.103"
export DEFAULT_DB_DBPORT='3306'
export DEFAULT_DB_DBUSER='root'
export DEFAULT_DB_DBPWD=${MYSQL_PASSWORD}
# 读数据库
export READONLY_DB_DBHOST='192.168.56.103'
export READONLY_DB_DBPORT='3306'
export READONLY_DB_DBUSER='root'
export READONLY_DB_DBPWD=${MYSQL_PASSWORD}
#export READONLY_DB_DBNAME=${MYSQL_PASSWORD}
# 消息队列
export DEFAULT_MQ_ADDR='192.168.56.103'
export DEFAULT_MQ_USER=${MQ_USER}
export DEFAULT_MQ_PWD=${MQ_PASSWORD}
# 缓存
export DEFAULT_REDIS_HOST='192.168.56.103'
export DEFAULT_REDIS_PORT=6379
export DEFAULT_REDIS_PASSWORD=${REDIS_PASSWORD}
最后
# source /opt/codo/env.sh安装Python3
建议使用Python36,若你的系统里面已经存在Python36可以跳过此步骤。
vim python36.sh 新建python安装的脚本
#/bin/bash
echo -e "\033[32m [INFO]: Start install python3 \033[0m"
yum groupinstall Development tools -y
yum install -y zlib-devel openssl-devel libxslt-devel libxml2-devel libcurl-devel
cd /usr/local/src/
wget -q -c https://www.python.org/ftp/python/3.6.4/Python-3.6.4.tar.xz
tar xf Python-3.6.4.tar.xz >/dev/null 2>&1 && cd Python-3.6.4
./configure >/dev/null 2>&1
make >/dev/null 2>&1 && make install >/dev/null 2>&1
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: python3 install success. \033[0m"
else
echo -e "\033[31m [ERROR]: python3 install faild \033[0m"
exit -1
fi
执行
# sh -x python36.sh 安装Docker-compose
若已安装docker-compose可跳过
vim docker-compose.sh 新建docker-compose安装的脚本
#/bin/bash
echo -e "\033[32m [INFO]: Start install docker,docker-compose \033[0m"
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-edge
yum install -y docker-ce
###启动
/bin/systemctl start docker.service
### 开机自启
/bin/systemctl enable docker.service
#安装docker-compose编排工具
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python3 get-pip.py
pip3 install docker-compose
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: docker-compose install success. \033[0m"
else
echo -e "\033[31m [ERROR]: docker-compose install faild \033[0m"
exit -2
fi
执行
# sh -x docker-compose.sh
设置docker加速
#mkdir -p /etc/docker
#vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://f2bv707v.mirror.aliyuncs.com"]
}
#systemctl daemon-reload
#systemctl restart docker 安装MySQL
# source /opt/codo/env.sh一般来说 一个MySQL实例即可,如果有需求可以自行搭建主从,每个服务都可以有自己的数据库
我们这里示例是用Docker部署的MySQL,你也可以使用你自己的MySQL
vim MySQL.sh 新建MySQL安装的脚本
#/bin/bash
yum install mysql -y
echo -e "\033[32m [INFO]: Start install mysql5.7 \033[0m"
cat >docker-compose.yml <<EOF
mysql:
restart: unless-stopped
image: mysql:5.7
volumes:
- /data/mysql:/var/lib/mysql
- /data/mysql_conf:/etc/mysql/conf.d
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_PASSWORD}
EOF
docker-compose up -d #启动
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: mysql install success. \033[0m"
echo -e "\033[32m [INFO]: 本机mysql客户端的已经安装. \033[0m"
echo -e "\033[32m [INFO]: mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD} \033[0m"
else
echo -e "\033[31m [ERROR]: mysql57 install faild \033[0m"
exit -3
fi
执行
sh +x MySQL.sh
安装Redis
vim Redis.sh 新建Redis安装的脚本
#/bin/bash
echo -e "\033[32m [INFO]: Start install redis3.2 \033[0m"
yum -y install redis-3.2.*
echo "[INFO]: start init redis"
### 开启AOF
sed -i 's#appendonly no$#appendonly yes#g' /etc/redis.conf
### 操作系统决定
sed -i 's#appendfsync .*$$#appendfsync everysec$#g' /etc/redis.conf
### 修改绑定IP
sed -i 's/^bind 127.0.0.1$/#bind 127.0.0.1/g' /etc/redis.conf
### 是否以守护进程方式启动
sed -i 's#daemonize no$#daemonize yes#g' /etc/redis.conf
### 当时间间隔超过60秒,或存储超过1000条记录时,进行持久化
sed -i 's#^save 60 .*$#save 60 1000#g' /etc/redis.conf
### 快照压缩
sed -i 's#rdbcompression no$#rdbcompression yes#g' /etc/redis.conf
### 添加密码
sed -i "s#.*requirepass .*#requirepass ${REDIS_PASSWORD}#g" /etc/redis.conf
systemctl start redis
systemctl status redis
systemctl enable redis
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: redis install success. \033[0m"
echo -e "\033[32m [INFO]: redis-cli -h 127.0.0.1 -p 6379 -a ${REDIS_PASSWORD}"
else
echo -e "\033[31m [ERROR]: redis install faild \033[0m"
exit -4
fi
执行
# sh +x Redis.sh
设置redis的库
# redis-cli -h 127.0.0.1 -p 6379 -a xmlgrg163
keys *
select 8
exit
安装RabbitMQ
注意安装完MQ后不要修改主机名,否则MQ可能会崩掉
vim RabbitMQ.sh 新建RabbitMQ安装的脚本
#/bin/bash
echo -e "\033[32m [INFO]: Start install rabbitmq \033[0m"
# echo $LOCALHOST_IP opendevops >> /etc/hosts
# echo opendevops > /etc/hostname
# export HOSTNAME=opendevops
yum install -y rabbitmq-server
rabbitmq-plugins enable rabbitmq_management
systemctl start rabbitmq-server
rabbitmqctl add_user ${MQ_USER} ${MQ_PASSWORD}
rabbitmqctl set_user_tags ${MQ_USER} administrator
rabbitmqctl set_permissions -p '/' ${MQ_USER} '.' '.' '.'
systemctl restart rabbitmq-server
systemctl enable rabbitmq-server
systemctl status rabbitmq-server
# rabbitmq-server -detached
status=`systemctl status rabbitmq-server | grep "running" | wc -l`
if [ $status == 1 ];then
echo -e "\033[32m [INFO]: rabbitmq install success. \033[0m"
else
echo -e "\033[31m [ERROR]: rabbitmq install faild \033[0m"
exit -5
fi
执行
# sh +x RabbitMQ.sh 安装DNS
部署内部DNS dnsmasq 主要用于内部通信,API网关要用到。
vim dnsmasq.sh 新建dnsmasq安装的脚本
#/bin/bash
echo -e "\033[32m [INFO]: Start install dnsmasq \033[0m"
#install dnsmasq
yum install dnsmasq -y
# 设置上游DNS,毕竟你的Dns只是个代理 实际的DNS
cat >/etc/resolv.dnsmasq <<EOF
nameserver 8.8.8.8
EOF
#设置host解析
cat >/etc/dnsmasqhosts <<EOF
$LOCALHOST_IP $front_domain
$LOCALHOST_IP $mg_domain
$LOCALHOST_IP $task_domain
$LOCALHOST_IP $api_gw_url
$LOCALHOST_IP $cmdb_domain
$LOCALHOST_IP $kerrigan_domain
$LOCALHOST_IP $tools_domain
$LOCALHOST_IP $dns_domain
EOF
#添加配置
#注意:
# 刚装完DNS可以先不用改本机的DNS,有一部分人反应Docker Build时候会报连不上mirrors,装不了依赖。
# 部署到API网关的时候,需要将本机DNS改成自己,不然没办法访问以上mg.cron,cmdb等内网域名
#echo "nameserver $LOCALHOST_IP" > /etc/resolv.conf
echo "resolv-file=/etc/resolv.dnsmasq" >> /etc/dnsmasq.conf
echo "addn-hosts=/etc/dnsmasqhosts" >> /etc/dnsmasq.conf
## 启动
/bin/systemctl start dnsmasq.service
systemctl status dnsmasq
/bin/systemctl enable dnsmasq.service
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: dnsmasq install success. \033[0m"
else
echo -e "\033[31m [ERROR]: dnsmasq install faild \033[0m"
exit -6
fi
执行
# sh +x dnsmasq.sh # cat /etc/resolv.conf
# Generated by NetworkManager
# nameserver 192.168.56.103
nameserver 218.85.152.99
nameserver 218.85.157.99
ping 域名
# ping cmdb2.xmlgrg.com
PING cmdb2.xmlgrg.com (192.168.56.103) 56(84) bytes of data.
64 bytes from demo-ss.xmlgrg.com (192.168.56.103): icmp_seq=1 ttl=64 time=0.016 ms
64 bytes from demo-ss.xmlgrg.com (192.168.56.103): icmp_seq=2 ttl=64 time=0.038 ms
因为我是在virtualbox上的虚拟机做的实验,发现我的/etc/resolv.conf,注释掉其他的就没法上网了~,~
项目前端安装
vim qianduan.sh
#/bin/bash
echo -e "\033[32m [INFO]: codo(项目前端) Start install. \033[0m"
CODO_VER="codo-beta-0.3.0"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
[ ! -d /var/www ] && mkdir -p /var/www
cd /var/www && wget https://github.com/opendevops-cn/codo/releases/download/${CODO_VER}/${CODO_VER}.tar.gz
tar zxf ${CODO_VER}.tar.gz
if [ $? == 0 ];then
echo -e "\033[32m [INFO]: codo(项目前端) install success. \033[0m"
else
echo -e "\033[31m [ERROR]: codo(项目前端) install faild \033[0m"
exit -8
fi
执行
# sh +x qianduan.sh
前端的静态文件会存放在/var/www/codo/目录内
测试一下 ll /var/www/codo/* 看下文件是不是存在
后续访问使用API网关中的vhosts,节省资源,这里不单独安装配置nginx
管理后端
codo-admin是基于tornado框架 restful风格的API 实现后台管理,codo详细参考,搭配使用codo前端(iView+ vue)组成的一套后台用户 权限以及系统管理的解决方案(提供登录,注册 密码修改 鉴权 用户管理 角色管理 权限管理 前端组件管理 前端路由管理 通知服务API 系统基础信息接口)
获取代码
vim dm.sh
#/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-admin.git
执行
# sh +x dm.sh# cd /opt/codo/codo-admin
修改相关配置
修改settings.py配置
注意:这里的cookie_secret和token_secret必须和你的env.sh里面的保持一致,后续网关也要用到这个。若不保持一直登陆后校验不通过回被自动踢回
注意:这里的token_secret必须要和你的网关保持一致,这个值是从env.sh拿来的,一定要做修改,防止网站被***,如果secret包含正则符号会导致sed失败,请仔细检查
# pwd
/opt/codo/codo-admin
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
sed -i "s#token_secret = .*#token_secret = '${token_secret}'#g" settings.py
#mysql配置信息
##我们项目支持取env环境变量,但是还是建议修改下。
DEFAULT_DB_DBNAME='codo_admin'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#只读MySQL配置,若是单台也直接写成Master地址即可
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/codo-admin/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g
proxy_set_header Cookie $http_cookie; 注意这个
编译,启动
#pwd
/opt/codo/codo-admin
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
#复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-admin/
#安装pip依赖
RUN pip3 install -r /var/www/codo-admin/doc/requirements.txt
#日志
VOLUME /var/log/
#准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
#bulid 镜像
docker build . -t do_mg_image
#启动
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database codo_admin default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges; 然后退出
初始化表结构
# docker exec -ti codo-admin_do_mg_1 /usr/local/bin/python3 /var/www/codo-admin/db_sync.py
导入数据
主要是菜单,组件,权限列表,内置的用户等
#导入数据
# pwd
/opt/codo/codo-admin
# mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD} codo_admin < ./doc/codo_admin_beta0.3.sql
docker-compose restart
测试codo-admin
### 01.日志
tailf /var/log/supervisor/mg.log #确认没有报错
codo-admin 部署完毕
任务系统
CODO任务系统,负责整个系统中任务调度,此功能是必须要安装的
下载代码
# pwd
/opt/codo
# vim codo-task.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo-task(任务系统) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-task.git
执行
# sh +x codo-task.sh修改配置
# cd /opt/codo/codo-task
#同样,这里codo-task也支持取env环境变量,建议还是修改下默认配置
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
#修改配置
TASK_DB_DBNAME='codo_task'
#任务系统的域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
#只读MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
#MQ配置
sed -i "s#DEFAULT_MQ_ADDR = .*#DEFAULT_MQ_ADDR = os.getenv('DEFAULT_MQ_ADDR', '${DEFAULT_MQ_ADDR}')#g" settings.py
sed -i "s#DEFAULT_MQ_USER = .*#DEFAULT_MQ_USER = os.getenv('DEFAULT_MQ_USER', '${DEFAULT_MQ_USER}')#g" settings.py
sed -i "s#DEFAULT_MQ_PWD = .*#DEFAULT_MQ_PWD = os.getenv('DEFAULT_MQ_PWD', '${DEFAULT_MQ_PWD}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-task/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-task/
# 安装pip依赖
RUN pip3 install -r /var/www/codo-task/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
编译,启动
#编译镜像
docker build . -t codo_task_image
#启动
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_task` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
Bye
初始化表结构
docker exec -ti codo-task_codo_task_1 /usr/local/bin/python3 /var/www/codo-task/db_sync.py
导入数据
重启
docker-compose restart
测试
日志文件位置统一:/var/log/supervisor/
01. 查看日志
tailf /var/log/supervisor/task_scheduler.log #确认没报错
tailf /var/log/supervisor/exec_task.log #执行任务的日志# docker exec -it codo-cron_codo_cron_1 /bin/sh 进入容器中
sh-4.2# cd /usr/share/nginx/html/
sh-4.2# ls
404.html 50x.html index.html nginx-logo.png poweredby.png
sh-4.2#
定时任务
CODO项目定时任务模块,定时任务完全兼容crontab,支持到秒级
下载代码
vim codo_cron.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_cron(定时任务) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-cron.git
执行
# sh +x codo_cron.sh# cd /opt/codo/codo-cron
修改配置
#同样,这里codo-cron也支持取env环境变量,建议还是修改下默认配置
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
#后端数据库名称,建议不要修改,初始化data.sql已经指定了数据库名字,若需改请一块修改
CRON_DB_DBNAME='codo_cron'
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
#只读MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
修改Dockerfile
#vim Dockerfile
FROM ss1917/codo_base:beta0.3
# 设置编码
ENV LANG en_US.UTF-8
# 同步时间
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-cron/
# 安装pip依赖
RUN pip3 install -r /var/www/codo-cron/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]#编译镜像
docker build . -t codo_cron_image
#启动
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_cron` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表结构
# docker exec -ti codo-cron_codo_cron_1 /usr/local/bin/python3 /var/www/codo-cron/db_sync.py重启
docker-compose restart
测试
日志文件位置统一:/var/log/supervisor/
01. 查看日志
tailf /var/log/supervisor/cron.log #确认没报错配置中心
获取代码
vim pz.sh
#!/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/kerrigan.git && cd kerrigan
执行、
# sh +x pz.sh修改相关配置
# cd /opt/codo/kerrigan/
修改settings.py配置
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
#修改管理后端域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置信息
##我们项目支持取env环境变量,但是还是建议修改下。
DEFAULT_DB_DBNAME='codo_kerrigan'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#只读MySQL配置,若是单台也直接写成Master地址即可
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/kerrigan/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/kerrigan/
# 安装pip依赖
RUN pip3 install -r /var/www/kerrigan/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
#编译镜像
docker build . -t kerrigan_image
#启动
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_kerrigan` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表结构
docker exec -ti kerrigan_codo-kerrigan_1 /usr/local/bin/python3 /var/www/kerrigan/db_sync.py
测试kerrigan
重启
docker-compose restart
### 01.日志
tailf /var/log/supervisor/kerrigan.log #确认没有报错运维工具
CODO运维工具支持:告警管理、项目管理、事件管理、加密解密、随机密码、提醒管理等
获取代码
vim yw.sh
#!/bin/bash
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-tools.git && cd codo-tools
执行
# sh +x yw.sh
修改相关配置
# cd /opt/codo/codo-tools/
修改settings.py 配置
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置信息
##我们项目支持取env环境变量,但是还是建议修改下。
DEFAULT_DB_DBNAME='codo_tools'
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${DEFAULT_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-tools/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-tools/
# 安装pip依赖
RUN pip3 install -r /var/www/codo-tools/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
编译,启动
#编译镜像
docker build . -t codo_tools
#启动
docker-compose up -d
创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_tools` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表结构
docker exec -ti codo-tools_codo_tools_1 /usr/local/bin/python3 /var/www/codo-tools/db_sync.py
重启
docker-compose restart
测试codo-tools
### 01.日志
tailf /var/log/supervisor/tools.log #服务日志,确认没有报错
tailf /var/log/supervisor/cron_jobs.log #定时提醒日志域名管理
CODO域名管理模块,管理BIND 支持智能解析,多域名多主。
vim codo_dns.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_dns(域名管理) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-dns.git
执行
# sh +x codo_dns.sh修改配置
# cd /opt/codo/codo-dns/
同样,这里codo-dns也支持取env环境变量,建议还是修改下默认配置
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
#后端数据库名称
CRON_DB_DBNAME='codo_dns'
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py
#只读MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CRON_DB_DBNAME}')#g" settings.py修改域名需要注意的地方
# vim /opt/codo/codo-dns/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-dns/
# 安装pip依赖
RUN pip3 install -r /var/www/codo-dns/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
编译,启动
#编译镜像
docker build . -t codo_dns_image
#启动
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_dns` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
初始化表结构
docker exec -ti codo-dns_codo-dns_1 /usr/local/bin/python3 /var/www/codo-dns/db_sync.py
重启
docker-compose restart
测试
日志文件位置统一:/var/log/supervisor/
01. 查看日志
tailf /var/log/supervisor/codo_dns.log #确认没报错
资产管理
vim zichan.sh
#!/bin/bash
echo -e "\033[32m [INFO]: codo_cmdb(资产管理) Start install. \033[0m"
if ! which wget &>/dev/null; then yum install -y wget >/dev/null 2>&1;fi
if ! which git &>/dev/null; then yum install -y git >/dev/null 2>&1;fi
[ ! -d /opt/codo/ ] && mkdir -p /opt/codo
cd /opt/codo && git clone https://github.com/opendevops-cn/codo-cmdb.git
执行
# sh +x zichan.sh修改配置
# cd /opt/codo/codo-cmdb
#修改settings.py配置信息
#导入环境变量文件,最开始准备的环境变量文件
source /opt/codo/env.sh
#修改配置
#后端数据库名称,建议不要修改,初始化data.sql已经指定了数据库名字,若需改请一块修改
CMDB_DB_DBNAME='codo_cmdb'
#任务系统的域名
sed -i "s#cookie_secret = .*#cookie_secret = '${cookie_secret}'#g" settings.py
#mysql配置
sed -i "s#DEFAULT_DB_DBHOST = .*#DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPORT = .*#DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#DEFAULT_DB_DBUSER = .*#DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#DEFAULT_DB_DBPWD = .*#DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#DEFAULT_DB_DBNAME = .*#DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', '${CMDB_DB_DBNAME}')#g" settings.py
#只读MySQL配置
sed -i "s#READONLY_DB_DBHOST = .*#READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '${READONLY_DB_DBHOST}')#g" settings.py
sed -i "s#READONLY_DB_DBPORT = .*#READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '${READONLY_DB_DBPORT}')#g" settings.py
sed -i "s#READONLY_DB_DBUSER = .*#READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', '${READONLY_DB_DBUSER}')#g" settings.py
sed -i "s#READONLY_DB_DBPWD = .*#READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', '${READONLY_DB_DBPWD}')#g" settings.py
sed -i "s#READONLY_DB_DBNAME = .*#READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', '${CMDB_DB_DBNAME}')#g" settings.py
#redis配置
sed -i "s#DEFAULT_REDIS_HOST = .*#DEFAULT_REDIS_HOST = os.getenv('DEFAULT_REDIS_HOST', '${DEFAULT_REDIS_HOST}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PORT = .*#DEFAULT_REDIS_PORT = os.getenv('DEFAULT_REDIS_PORT', '${DEFAULT_REDIS_PORT}')#g" settings.py
sed -i "s#DEFAULT_REDIS_PASSWORD = .*#DEFAULT_REDIS_PASSWORD = os.getenv('DEFAULT_REDIS_PASSWORD', '${DEFAULT_REDIS_PASSWORD}')#g" settings.py
#另外,同步标签树配置
#这里如果配置codo-task的数据库地址,则将数据同步到作业配置--TagTree下面(非必填项),但是建议配置
TASK_DB_DBNAME='codo_task'
sed -i "s#CODO_TASK_DB_HOST = .*#CODO_TASK_DB_HOST = os.getenv('CODO_TASK_DB_HOST', '${DEFAULT_DB_DBHOST}')#g" settings.py
sed -i "s#CODO_TASK_DB_PORT = .*#CODO_TASK_DB_PORT = os.getenv('CODO_TASK_DB_PORT', '${DEFAULT_DB_DBPORT}')#g" settings.py
sed -i "s#CODO_TASK_DB_USER = .*#CODO_TASK_DB_USER = os.getenv('CODO_TASK_DB_USER', '${DEFAULT_DB_DBUSER}')#g" settings.py
sed -i "s#CODO_TASK_DB_PWD = .*#CODO_TASK_DB_PWD = os.getenv('CODO_TASK_DB_PWD', '${DEFAULT_DB_DBPWD}')#g" settings.py
sed -i "s#CODO_TASK_DB_DBNAME = .*#CODO_TASK_DB_DBNAME = os.getenv('CODO_TASK_DB_DBNAME', '${TASK_DB_DBNAME}')#g" settings.py
修改域名需要注意的地方
# vim /opt/codo/codo-cmdb/doc/nginx_ops.conf
:%[email protected]@xmlgrg.com@g修改Dockerfile
# vim Dockerfile
FROM ss1917/codo_base:beta0.3
#
RUN pip3 install --upgrade pip
RUN pip3 install -U git+https://github.com/ss1917/ops_sdk.git
# 复制代码
RUN mkdir -p /var/www/
ADD . /var/www/codo-cmdb/
# 安装pip依赖
RUN pip3 install -r /var/www/codo-cmdb/doc/requirements.txt
# 日志
VOLUME /var/log/
# 准备文件
COPY doc/nginx_ops.conf /etc/nginx/conf.d/default.conf
COPY doc/supervisor_ops.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]
打包镜像
#安装依赖的时候根据网络因素定,如果很慢建议更改pip源站为阿里的
docker build . -t codo_cmdb
启动Docker
docker-compose up -d创建数据库
mysql -h127.0.0.1 -uroot -p${MYSQL_PASSWORD}
MySQL [(none)]> create database `codo_cmdb` default character set utf8mb4 collate utf8mb4_unicode_ci;
MySQL [(none)]> flush privileges;
MySQL [(none)]> exit
Bye
初始化表结构
#cmdb_codo_cmdb_1:是你的容器名称
docker exec -ti codo-cmdb_codo_cmdb_1 /usr/local/bin/python3 /var/www/codo-cmdb/db_sync.py
重启
docker-compose restart
日志文件
服务日志:tailf /var/log/supervisor/cmdb.log #主程序日志
定时日志:tailf /var/log/supervisor/cmdb_cron.log #一些后端守护自动运行的日志
接口测试
可查看日志看是否有报错
默认端口:8050,可直接测试
# ss -lntp| grep 8050
LISTEN 0 10240 :::8050 :::* users:(("docker-proxy",pid=19843,fd=4))API网关
由于此项目是模块化、微服务化,因此需要在借助API网关,需要在API网关注册,此步骤是必须的。
安装openresty
yum update
yum install yum-utils -y
yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
yum install openresty openresty-resty -y部署网关
# cd /opt/codo/ && git clone https://github.com/ss1917/api-gateway.git
# \cp -arp api-gateway/* /usr/local/openresty/nginx/
修改配置
主要修改nginx.conf配置信息和config.lua配置,具体参考API网关块:
API网关修改配置https://github.com/ss1917/api-gateway/blob/master/README.md#%E4%BA%8C-%E4%BF%AE%E6%94%B9%E9%85%8D%E7%BD%AE
接下来配置:
因为我把前端静态文件也使用 网关进行代理 所以配置文件如下
全局nginx配置
这里主要修改resolver 内部DNS服务器地址# vim /usr/local/openresty/nginx/conf/nginx.conf
user root;
worker_processes auto;
worker_rlimit_nofile 51200;
error_log logs/error.log;
events {
use epoll;
worker_connections 51024;
}
http {
#设置默认lua搜索路径
lua_package_path '$prefix/lua/?.lua;/blah/?.lua;;';
lua_code_cache on; #线上环境设置为on, off时可以热加载lua文件
lua_shared_dict user_info 1m;
lua_shared_dict my_limit_conn_store 100m; #100M可以放1.6M个键值对
include mime.types; #代理静态文件
client_header_buffer_size 128k; ######
large_client_header_buffers 4 128k; #####
init_by_lua_file lua/init_by_lua.lua; # nginx启动时就会执行
include ./conf.d/*.conf; # lua生成upstream
resolver 192.168.56.103; #### 内部DNS服务器地址####
}网关配置
# vim /usr/local/openresty/nginx/conf/conf.d/gw.conf
server {
listen 80;
server_name gw.xmlgrg.com; ######
lua_need_request_body on; # 开启获取body数据记录日志
location / {
### ws 支持
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
### 获取真实IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_by_lua_file lua/access_check.lua;
set $my_upstream $my_upstream;
proxy_pass http://$my_upstream;
### 跨域
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Max-Age 3600;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
if ($request_method = OPTIONS){
return 204;}
}
}
前端资源配置
这里要修改server_name 为你的真实访问域名
前端vhosts
# mkdir -pv /usr/local/openresty/nginx/conf/conf.d/
# vim /usr/local/openresty/nginx/conf/conf.d/demo.conf
这里是前端的访问入口,如果不使用网关代理静态的话,可以使用nginx代理,请根据自身情况修改配置。
server {
listen 80;
server_name demo-ss.xmlgrg.com; ########
access_log /var/log/nginx/f_access.log;
error_log /var/log/nginx/f_error.log;
root /var/www/codo;
location / {
root /var/www/codo;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
### ws 支持
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header 'Access-Control-Allow-Origin' '*';
proxy_pass http://gw.xmlgrg.com; ######
}
location ~ /(.svn|.git|admin|manage|.sh|.bash)$ {
return 403;
}
}
注册API网关
# vim /usr/local/openresty/nginx/lua/configs.lua 请仔细阅读下面需要修改配置的地方
json = require("cjson")
--mysql_config = {
-- host = "127.0.0.1",
-- port = 3306,
-- database = "lua",
-- user = "root",
-- password = "",
-- max_packet_size = 1024 * 1024
--}
-- redis配置,一定要修改,并且和codo-admin保持一致
redis_config = {
host = '192.168.56.103',
port = 6379,
auth_pwd = 'xmlgrg163',
db = 8,
alive_time = 3600 * 24 * 7,
channel = 'gw'
}
-- 注意:这里的token_secret必须要和codo-admin里面的token_secret保持一致
token_secret = "pXFb4i%*834gfdh963df718iodGq4dsafsdadg7yI6ImF1999aaG7"
logs_file = '/var/log/gw.log'
--刷新权限到redis接口
rewrite_cache_url = 'http://mg.xmlgrg.com:8010/v2/accounts/verify/'
-- 注意:rewrite_cache_token要和codo-admin里面的secret_key = '8b888a62-3edb-4920-b446-697a472b4001'保持一致
-- # cat /opt/codo/codo-admin/settings.py | grep token_secret
rewrite_cache_token = '8b888a62-3edb-4920-b446-697a472b4001'
--并发限流配置
limit_conf = {
rate = 10, --限制ip每分钟只能调用n*60次接口
burst = 10, --桶容量,用于平滑处理,最大接收请求次数
}
--upstream匹配规则,API网关域名
gw_domain_name = 'gw.xmlgrg.com'
--下面的转发一定要修改,根据自己实际数据修改
rewrite_conf = {
[gw_domain_name] = {
rewrite_urls = {
{
uri = "/dns",
rewrite_upstream = "dns.xmlgrg.com:8060"
},
{
uri = "/cmdb2",
rewrite_upstream = "cmdb2.xmlgrg.com:8050"
},
{
uri = "/tools",
rewrite_upstream = "tools.xmlgrg.com:8040"
},
{
uri = "/kerrigan",
rewrite_upstream = "kerrigan.xmlgrg.com:8030"
},
{
uri = "/cmdb",
rewrite_upstream = "cmdb.xmlgrg.com:8002"
},
{
uri = "/k8s",
rewrite_upstream = "k8s.xmlgrg.com:8001"
},
{
uri = "/task",
rewrite_upstream = "task.xmlgrg.com:8020"
},
{
uri = "/cron",
rewrite_upstream = "192.168.56.103:9900"
},
{
uri = "/mg",
rewrite_upstream = "mg.xmlgrg.com:8010"
},
{
uri = "/accounts",
rewrite_upstream = "mg.xmlgrg.com:8010"
},
}
}
}
API网关启动
提醒:openresty服务器DNS必须指向--->最起初部署的DNS服务器地址,另外若你本机ping 以上随便一个域名都不通的话,
那你要确认下你本机DNS指向你最初部署了DNS服务器了?
修改vim /etc/resolv.conf
#OpenResty 是一个基于 Nginx 与 Lua 的高性能 Web 平台,使用的也是80端口,若不能启动请检查你的80端口是否被占用了
#日志:
# mkdir -pv /var/log/nginx/ && touch /var/log/nginx/f_access.log
cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.56.103
#nameserver 218.85.152.99
#nameserver 218.85.157.99
# vim /opt/codo/api-gateway/conf/nginx.conf
resolver 192.168.56.103; # 内部DNS
# vim /usr/local/openresty/nginx/conf/nginx.conf
resolver 192.168.56.103; # 内部DNS
# openresty -t #测试
# systemctl start openresty
# systemctl enable openresty访问
地址:demo-ss.xmlgrg.com
用户:admin
密码:admin@opendevops
日志路径
若这里访问有报错,请看下日志,一般都是配置错误。
日志路径:所有模块日志统一/var/log/supervisor/
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6f8ed2457437 codo_cmdb:latest "/usr/bin/supervisord" 3 minutes ago Up 3 minutes 0.0.0.0:8050->80/tcp codo-cmdb_codo_cmdb_1
2ce4ce6b98ce codo_dns_image "/usr/bin/supervisord" 23 minutes ago Up 23 minutes 0.0.0.0:8060->80/tcp codo-dns_codo-dns_1
afb9bed1b721 codo_tools:latest "/usr/bin/supervisord" 27 minutes ago Up 26 minutes 0.0.0.0:8040->80/tcp codo-tools_codo_tools_1
be65ed6fe5f5 kerrigan_image "/usr/bin/supervisord" 33 minutes ago Up 32 minutes 0.0.0.0:8030->80/tcp kerrigan_codo-kerrigan_1
b7b26c9b58e3 codo_cron_image "/usr/bin/supervisord" 37 minutes ago Up 35 minutes 80/tcp, 0.0.0.0:9900->9900/tcp codo-cron_codo_cron_1
82e64820e4a8 codo_task_image "/usr/bin/supervisord" 2 hours ago Up 2 hours 0.0.0.0:8020->80/tcp codo-task_codo_task_1
d1ed317f84a8 do_mg_image "/usr/bin/supervisord" 2 hours ago Up 2 hours 0.0.0.0:8010->80/tcp codo-admin_do_mg_1
7a0aca87eac0 mysql:5.7 "docker-entrypoint.s…" 2 hours ago Up 2 hours 0.0.0.0:3306->3306/tcp, 33060/tcp data_mysql_1