Watch 4 Star 15 Fork 9

CDK8S / tkey-docs

Join us
Explore and code with more than 2 million developers,Free private repositories !:)
Sign up
TKey 统一了文档,方便阅读、维护 spread retract

Clone or download
deployment-core.md 27.97 KB
Copy Edit Web IDE Raw Blame History
cdk8s-zelda authored 2019-10-01 13:08 . docs: update deployment

TKey 环境

  • CentOS 7.5 x64

修改 SSH 端口

  • 配置文件介绍(记得先备份):sudo vim /etc/ssh/sshd_config
  • 打开这一行注释:Port 22
    • 自定义端口选择建议在万位的端口,如:10000-65535之间,假设这里我改为 52221
  • CentOS 7:添加端口:firewall-cmd --zone=public --add-port=52221/tcp --permanent
    • 重启防火墙:firewall-cmd --reload
  • CentOS 7 命令:systemctl restart sshd.service

设置免密登录

  • 在 A 机器上输入命令:ssh-keygen
    • 根据提示回车,共有三次交互提示,都回车即可。
  • 生成的密钥目录在:/root/.ssh
  • 写入:cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
  • 测试:ssh localhost

安装 ansible

  • CentOS:sudo yum install -y ansible
    • 查看版本:ansible --version
  • 编辑配置文件:vim /etc/ansible/hosts,在文件尾部添加:
[local]
172.16.16.4 ansible_ssh_port=52221
  • 让远程所有主机都执行 ps 命令,输出如下
ansible all -a 'ps'

基础设置

  • 禁用

    • firewalld
    • selinux
    • swap
  • 安装

    • zip unzip lrzsz git wget htop deltarpm
    • zsh vim
    • docker docker-compose
  • 创建脚本文件:vim /opt/install-basic-playbook.yml

- hosts: all
  remote_user: root
  tasks:
    - name: Disable SELinux at next reboot
      selinux:
        state: disabled
        
    - name: disable firewalld
      command: "{{ item }}"
      with_items:
         - systemctl stop firewalld
         - systemctl disable firewalld
         - echo "vm.swappiness = 0" >> /etc/sysctl.conf
         - swapoff -a
         - sysctl -w vm.swappiness=0
         
    - name: install-epel
      command: "{{ item }}"
      with_items:
         - yum install -y epel-release
         
    - name: install-basic
      command: "{{ item }}"
      with_items:
         - yum install -y zip unzip lrzsz git wget htop deltarpm
         
    - name: install-zsh
      shell: "{{ item }}"
      with_items:
         - yum install -y zsh
         - wget https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O - | sh
         - chsh -s /bin/zsh root
         
    - name: install-vim
      shell: "{{ item }}"
      with_items:
         - yum install -y vim
         - curl https://raw.githubusercontent.com/wklken/vim-for-server/master/vimrc > ~/.vimrc
         
    - name: install-docker
      shell: "{{ item }}"
      with_items:
         - yum install -y yum-utils device-mapper-persistent-data lvm2
         - yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
         - yum makecache fast
         - yum install -y docker-ce docker-ce-cli containerd.io
         - systemctl start docker.service
         - docker run hello-world
         
    - name: install-docker-compose
      shell: "{{ item }}"
      with_items:
         - curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose
         - chmod +x /usr/local/bin/docker-compose
         - docker-compose --version
         - systemctl restart docker.service
         - systemctl enable docker.service
  • 执行:ansible-playbook /opt/install-basic-playbook.yml

离线安装 jdk

  • 下载 jdk 到 /opt 目录下
  • 创建脚本文件:vim /opt/jdk8-playbook.yml
- hosts: all
  remote_user: root
  vars:
    java_install_folder: /usr/local
    file_name: jdk-8u212-linux-x64.tar.gz
  tasks:
    - name: copy jdk
      copy: src=/opt/{{ file_name }} dest={{ java_install_folder }}
      
    - name: tar jdk
      shell: chdir={{ java_install_folder }} tar zxf {{ file_name }}
      
    - name: set JAVA_HOME
      blockinfile: 
        path: /root/.zshrc
        marker: "#{mark} JDK ENV"
        block: |
          JAVA_HOME={{ java_install_folder }}/jdk1.8.0_212
          JRE_HOME=$JAVA_HOME/jre
          PATH=$PATH:$JAVA_HOME/bin
          CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
          export JAVA_HOME
          export JRE_HOME
          export PATH
          export CLASSPATH
    
    - name: source zshrc
      shell: source /root/.zshrc
         
    - name: Clean file
      file:
        state: absent
        path: "{{ java_install_folder }}/{{ file_name }}" 
  • 执行命令:ansible-playbook /opt/jdk8-playbook.yml

安装 maven

  • 下载 maven 到 /opt 目录下:wget http://mirrors.tuna.tsinghua.edu.cn/apache/maven/maven-3/3.6.1/binaries/apache-maven-3.6.1-bin.zip
  • 创建脚本文件:vim /opt/maven-playbook.yml
- hosts: all
  remote_user: root
  vars:
    maven_install_folder: /usr/local
    file_name: apache-maven-3.6.1-bin.zip
  tasks:
    - name: copy maven
      copy: src=/opt/{{ file_name }} dest={{ maven_install_folder }}
      
    - name: unzip maven
      shell: chdir={{ maven_install_folder }} unzip {{ file_name }}
      
    - name: set MAVEN_HOME
      blockinfile: 
        path: /root/.zshrc
        marker: "#{mark} MAVEN ENV"
        block: |
            MAVEN_HOME={{ maven_install_folder }}/apache-maven-3.6.1
            M3_HOME={{ maven_install_folder }}/apache-maven-3.6.1
            PATH=$PATH:$M3_HOME/bin
            MAVEN_OPTS="-Xms256m -Xmx356m"
            export M3_HOME
            export MAVEN_HOME
            export PATH
            export MAVEN_OPTS
    
    - name: source zshrc
      shell: source /root/.zshrc
         
    - name: Clean file
      file:
        state: absent
        path: "{{ maven_install_folder }}/{{ file_name }}" 
  • 执行命令:ansible-playbook /opt/maven-playbook.yml
修改 Maven 源
mkdir -p /data/local_maven_repository
vim /usr/local/apache-maven-3.6.1/conf/settings.xml



<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">


    <localRepository>/data/local_maven_repository</localRepository>

    <pluginGroups>
    </pluginGroups>

    <proxies>
    </proxies>

    <servers>
    </servers>

    <profiles>
        <profile>
            <id>aliyun</id>
            <repositories>
                <repository>
                    <id>aliyun</id>
                    <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
                    <releases>
                        <enabled>true</enabled>
                    </releases>
                    <snapshots>
                        <enabled>true</enabled>
                    </snapshots>
                </repository>
            </repositories>
            <pluginRepositories>
                <pluginRepository>
                    <id>aliyun</id>
                    <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
                    <releases>
                        <enabled>true</enabled>
                    </releases>
                    <snapshots>
                        <enabled>true</enabled>
                    </snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>
        <profile>
            <id>maven</id>
            <repositories>
                <repository>
                    <id>maven</id>
                    <url>https://repo.maven.apache.org/maven2/</url>
                    <releases>
                        <enabled>true</enabled>
                    </releases>
                    <snapshots>
                        <enabled>true</enabled>
                    </snapshots>
                </repository>
            </repositories>
            <pluginRepositories>
                <pluginRepository>
                    <id>maven</id>
                    <url>https://repo.maven.apache.org/maven2/</url>
                    <releases>
                        <enabled>true</enabled>
                    </releases>
                    <snapshots>
                        <enabled>true</enabled>
                    </snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>
    </profiles>

    <activeProfiles>
        <activeProfile>aliyun</activeProfile>
    </activeProfiles>

</settings>

安装 node

  • 创建脚本文件:vim /opt/node-playbook.yml
- hosts: all
  remote_user: root
  tasks:
    - name: uninstall-node
      shell: yum remove -y nodejs npm

    - name: curl node
      shell: "curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -"
      
    - name: install node
      command: "{{ item }}"
      with_items:
         - yum -y install nodejs

    - name: curl yarn
      shell: "curl --silent --location https://dl.yarnpkg.com/rpm/yarn.repo | sudo tee /etc/yum.repos.d/yarn.repo"
          
    - name: install yarn
      command: "{{ item }}"
      with_items:
         - yum -y install yarn
  • 执行命令:ansible-playbook /opt/node-playbook.yml

安装 Jenkins

  • 创建脚本文件:vim /opt/jenkins-playbook.yml
- hosts: all
  remote_user: root
  tasks:
    - name: wget
      shell: wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo

    - name: rpm import
      shell: rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key

    - name: install
      shell: yum install -y jenkins
  • 执行命令:ansible-playbook /opt/jenkins-playbook.yml
  • 在安装完默认推荐的插件后还需要额外安装:
    • Maven Integration
  • 设置 全局工具配置 点击我查看设置方法

安装 Redis 5.x(Docker)

mkdir -p /data/docker/redis/conf /data/docker/redis/db
chmod -R 777 /data/docker/redis
创建配置文件:
vim /data/docker/redis/conf/redis.conf



bind 0.0.0.0
requirepass 123456
protected-mode yes

port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize no
supervised no
pidfile /data/redis_6379.pid
loglevel notice
logfile ""
databases 16
always-show-logo yes
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
replica-priority 100
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes
  • 启动镜像:
docker run \
    --name cdk8s-redis \
    --restart always \
    -d -it -p 6379:6379 \
    -v /data/docker/redis/conf/redis.conf:/etc/redis/redis.conf \
    -v /data/docker/redis/db:/data \
    redis:5 \
    redis-server /etc/redis/redis.conf

安装 MySQL(Docker)

mkdir -p /data/docker/mysql/datadir /data/docker/mysql/conf /data/docker/mysql/log
创建配置文件:
vim /data/docker/mysql/conf/mysql-1.cnf


[mysql]
default-character-set = utf8mb4

# 下面内容是 docker mysql 默认的 start
[mysqld]
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
#log-error = /var/log/mysql/error.log
# By default we only accept connections from localhost
#bind-address = 127.0.0.1
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# 上面内容是 docker mysql 默认的 end

# 下面开始的内容就是我自己配置的
log-error=/var/log/mysql/error.log
default-storage-engine = InnoDB
collation-server = utf8mb4_unicode_520_ci
init_connect = 'SET NAMES utf8mb4'
character-set-server = utf8mb4
lower_case_table_names = 1
max_allowed_packet = 50M
chmod -R 777 /data/docker/mysql/datadir /data/docker/mysql/log
chown -R 0:0 /data/docker/mysql/conf
docker run \
	--name cdk8s-mysql \
	--restart always \
	-d \
	-p 3306:3306 \
	-v /data/docker/mysql/datadir:/var/lib/mysql \
	-v /data/docker/mysql/log:/var/log/mysql \
	-v /data/docker/mysql/conf:/etc/mysql/conf.d \
	-e MYSQL_ROOT_PASSWORD=123456 \
	mysql:5.7

安装 Prometheus(Docker)


创建配置文件:
mkdir -p /data/docker/prometheus/conf && vim /data/docker/prometheus/conf/prometheus.yml
chmod -R 777 /data/docker/prometheus

# my global config
global:
  scrape_interval:     15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
  # scrape_timeout is set to the global default (10s).

# Alertmanager configuration
alerting:
  alertmanagers:
  - static_configs:
    - targets:
      # - alertmanager:9093

# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
rule_files:
  # - "first_rules.yml"
  # - "second_rules.yml"


scrape_configs:
  - job_name: 'cdk8s-sso'
    metrics_path: '/tkey-actuator/actuator/prometheus'
    static_configs:
    - targets: ['172.16.16.4:19091']
  • 启动
docker run \
    -d \
    --name cdk8s-prometheus \
    --restart always \
    -p 9090:9090 \
    -v /data/docker/prometheus/conf/prometheus.yml:/etc/prometheus/prometheus.yml \
    prom/prometheus

安装 Grafana(Docker)

mkdir -p /data/docker/grafana/data
chmod -R 777 /data/docker/grafana/data

docker run \
    -d \
    --name cdk8s-grafana \
    --restart always \
    -p 3000:3000 \
    -v /data/docker/grafana/data:/var/lib/grafana \
    grafana/grafana
  • http://127.0.0.1:3000
  • 默认管理账号;admin,密码:admin,第一次登录后需要修改密码

安装 Portainer(Docker)

mkdir -p /data/docker/portainer
chmod -R 777 /data/docker/portainer
  • 创建文件:vim docker-compose.yml
version: '3'
services:
  portainer:
    container_name: portainer
    image: portainer/portainer
    volumes:
      - /data/docker/portainer:/data
      - /var/run/docker.sock:/var/run/docker.sock
    ports:
      - "9000:9000"
  • 启动:docker-compose up -d
  • 浏览器访问访问:http://182.61.44.40:9000
  • 第一次启动会让你创建用户名和密码。第二步就是配置管理哪里的 docker 容器,我这里选择:local

安装 Nginx(Docker)

mkdir -p /data/docker/nginx/logs /data/docker/nginx/conf /data/docker/nginx/html
chmod -R 777 /data/docker/nginx
创建配置文件:
vim /data/docker/nginx/conf/nginx.conf




worker_processes      1;

events {
  worker_connections  1024;
}

http {
  include             mime.types;
  default_type        application/octet-stream;

  sendfile on;

  keepalive_timeout   65;

  server {
    listen            80;
    server_name       localhost 127.0.0.1 191.112.221.203;

    location / {
      root            /usr/share/nginx/html;
      index           index.html index.htm;
    }
  }
}
  • 运行容器:
docker run \
    -d \
    --name cdk8s-nginx \
    --restart always \
    -p 80:80 \
    -v /data/docker/nginx/logs:/var/log/nginx \
    -v /data/docker/nginx/html:/data/html \
    -v /data/docker/nginx/conf/nginx.conf:/etc/nginx/nginx.conf:ro \
    nginx:1.17
  • 重新启动服务:docker restart cdk8s-nginx

Jenkins pipeline (Docker 方式运行 tkey-sso-server)

  • 确保 项目根目录有 Dockerfile 文件
  • 特别注意:
这两个大写的名词来自 Jenkins 全局工具配置中相应配置的 name 中填写的内容
jdk 'JDK8'
maven 'MAVEN3'
pipeline {
  agent any

  /*=======================================工具环境修改-start=======================================*/
  tools {
    jdk 'JDK8'
    maven 'MAVEN3'
  }
  /*=======================================工具环境修改-end=======================================*/

  options {
    timestamps()
    disableConcurrentBuilds()
    buildDiscarder(logRotator(
      numToKeepStr: '20',
      daysToKeepStr: '30',
    ))
  }

  /*=======================================常修改变量-start=======================================*/

  environment {
    gitUrl = "https://github.com/cdk8s/tkey.git"
    branchName = "master"
    giteeCredentialsId = "cdk8s-github"
    projectWorkSpacePath = "${env.WORKSPACE}"
    projectBuildTargetPath = "${projectWorkSpacePath}/target"


    dockerImageName = "harbor.cdk8s.com/tkey/${env.JOB_NAME}:${env.BUILD_NUMBER}"
    dockerContainerName = "${env.JOB_NAME}"
    inHostPort = "9091"
    inHostPortByActuator = "19091"
    inDockerAndJavaPort = "9091"
    inDockerAndJavaPortByActuator = "19091"
    inHostLogPath = "/data/logs/${dockerContainerName}/${env.BUILD_NUMBER}"
    inDockerLogPath = "/logs"
    dockerRunParam = "--name=${dockerContainerName} --hostname=${dockerContainerName} -v /etc/hosts:/etc/hosts -v ${inHostLogPath}:${inDockerLogPath} --restart=always  -p ${inHostPort}:${inDockerAndJavaPort} -p ${inHostPortByActuator}:${inDockerAndJavaPortByActuator} -e SPRING_PROFILES_ACTIVE=test -e SERVER_PORT=${inHostPort} -e SPRING_REDIS_HOST=redis.cdk8s.com -e SPRING_REDIS_PASSWORD=123456 -e TKEY_NODE_NUMBER=12"
  }
  
  /*=======================================常修改变量-end=======================================*/
  
  stages {
    
    stage('Pre Env') {
      steps {
         echo "======================================项目名称 = ${env.JOB_NAME}"
         echo "======================================项目 URL = ${gitUrl}"
         echo "======================================项目分支 = ${branchName}"
         echo "======================================当前编译版本号 = ${env.BUILD_NUMBER}"
         echo "======================================项目空间文件夹路径 = ${projectWorkSpacePath}"
         echo "======================================项目 build 后 jar 路径 = ${projectBuildTargetPath}"
         echo "======================================Docker 镜像名称 = ${dockerImageName}"
         echo "======================================Docker 容器名称 = ${dockerContainerName}"
      }
    }
    
    stage('Git Clone'){
      steps {
          git branch: "${branchName}",
          credentialsId: "${giteeCredentialsId}",
          url: "${gitUrl}"
      }
    }

    stage('Maven Clean') {
      steps {
        sh "mvn clean"
      }
    }

    stage('Maven Package') {
      steps {
        sh "mvn package -DskipTests"
      }
    }

    stage('构建 Docker 镜像') {
      steps {
        sh """
            cd ${projectWorkSpacePath}
            
            docker build -t ${dockerImageName} ./
        """
      }
    }

    stage('运行 Docker 镜像') {
      steps {
        sh """
            docker stop ${dockerContainerName} | true

            docker rm -f ${dockerContainerName} | true
            
            docker run -d  ${dockerRunParam} ${dockerImageName}
        """
      }
    }


  }
}

Jenkins pipeline (Docker 方式运行 tkey-sso-client-management 后端)

  • 确保 项目根目录有 Dockerfile 文件
  • 特别注意:
这两个大写的名词来自 Jenkins 全局工具配置中相应配置的 name 中填写的内容
jdk 'JDK8'
maven 'MAVEN3'
pipeline {
  agent any

  /*=======================================工具环境修改-start=======================================*/
  tools {
    jdk 'JDK8'
    maven 'MAVEN3'
  }
  /*=======================================工具环境修改-end=======================================*/

  options {
    timestamps()
    disableConcurrentBuilds()
    buildDiscarder(logRotator(
      numToKeepStr: '20',
      daysToKeepStr: '30',
    ))
  }

  /*=======================================常修改变量-start=======================================*/

  environment {
    gitUrl = "https://github.com/cdk8s/tkey-sso-client-management.git"
    branchName = "master"
    giteeCredentialsId = "cdk8s-github"
    projectWorkSpacePath = "${env.WORKSPACE}"
    projectBuildTargetPath = "${projectWorkSpacePath}/target"


    dockerImageName = "harbor.cdk8s.com/tkey/${env.JOB_NAME}:${env.BUILD_NUMBER}"
    dockerContainerName = "${env.JOB_NAME}"
    inHostPort = "9095"
    inHostPortByActuator = "19095"
    inDockerAndJavaPort = "9095"
    inDockerAndJavaPortByActuator = "19095"
    inHostLogPath = "/data/logs/${dockerContainerName}/${env.BUILD_NUMBER}"
    inDockerLogPath = "/logs"
    dockerRunParam = "--name=${dockerContainerName} --hostname=${dockerContainerName} -v /etc/hosts:/etc/hosts -v ${inHostLogPath}:${inDockerLogPath} --restart=always  -p ${inHostPort}:${inDockerAndJavaPort} -p ${inHostPortByActuator}:${inDockerAndJavaPortByActuator} -e SPRING_PROFILES_ACTIVE=test -e SERVER_PORT=${inHostPort} -e SPRING_REDIS_HOST=redis.cdk8s.com -e SPRING_REDIS_PASSWORD=123456"
  }
  
  /*=======================================常修改变量-end=======================================*/
  
  stages {
    
    stage('Pre Env') {
      steps {
         echo "======================================项目名称 = ${env.JOB_NAME}"
         echo "======================================项目 URL = ${gitUrl}"
         echo "======================================项目分支 = ${branchName}"
         echo "======================================当前编译版本号 = ${env.BUILD_NUMBER}"
         echo "======================================项目空间文件夹路径 = ${projectWorkSpacePath}"
         echo "======================================项目 build 后 jar 路径 = ${projectBuildTargetPath}"
         echo "======================================Docker 镜像名称 = ${dockerImageName}"
         echo "======================================Docker 容器名称 = ${dockerContainerName}"
      }
    }
    
    stage('Git Clone'){
      steps {
          git branch: "${branchName}",
          credentialsId: "${giteeCredentialsId}",
          url: "${gitUrl}"
      }
    }

    stage('Maven Clean') {
      steps {
        sh "mvn clean"
      }
    }

    stage('Maven Package') {
      steps {
        sh "mvn package -DskipTests"
      }
    }

    stage('构建 Docker 镜像') {
      steps {
        sh """
            cd ${projectWorkSpacePath}
            
            docker build -t ${dockerImageName} ./
        """
      }
    }

    stage('运行 Docker 镜像') {
      steps {
        sh """
            docker stop ${dockerContainerName} | true

            docker rm -f ${dockerContainerName} | true
            
            docker run -d  ${dockerRunParam} ${dockerImageName}
        """
      }
    }
    

  }
}

Jenkins pipeline (Docker 方式运行 tkey-sso-client-management 前端)

pipeline {
  agent any

  options {
    timestamps()
    disableConcurrentBuilds()
    buildDiscarder(logRotator(
      numToKeepStr: '20',
      daysToKeepStr: '30',
    ))
  }

  /*=======================================常修改变量-start=======================================*/

  environment {
    gitUrl = "https://github.com/cdk8s/tkey-sso-client-management-frontend.git"
    branchName = "master"
    giteeCredentialsId = "cdk8s-github"
    projectBuildPath = "${env.WORKSPACE}/dist"
    nginxHtmlRoot = "/data/docker/nginx/html/tkey-sso-client-management-frontend"
  }
  
  /*=======================================常修改变量-end=======================================*/
  
  stages {
    
    stage('Pre Env') {
      steps {
         echo "======================================项目名称 = ${env.JOB_NAME}"
         echo "======================================项目 URL = ${gitUrl}"
         echo "======================================项目分支 = ${branchName}"
         echo "======================================当前编译版本号 = ${env.BUILD_NUMBER}"
         echo "======================================项目 Build 文件夹路径 = ${projectBuildPath}"
         echo "======================================项目 Nginx 的 ROOT 路径 = ${nginxHtmlRoot}"
      }
    }
    
    stage('Git Clone'){
      steps {
          git branch: "${branchName}",
          credentialsId: "${giteeCredentialsId}",
          url: "${gitUrl}"
      }
    }

    stage('YARN Install') {
      steps {
        sh "yarn install"
      }
    }

    stage('YARN Build') {
      steps {
        sh "yarn build:test"
      }
    }

    stage('Nginx Deploy') {
      steps {
        sh "rm -rf ${nginxHtmlRoot}/"
        sh "cp -r ${projectBuildPath}/ ${nginxHtmlRoot}/"
      }
    }


  }
}

GoAccess

  • GoAccess 建议用本地安装
  • 安装步骤过长,请参考我们的这篇文章:GoAccess
  • 创建目录:mkdir -p /data/docker/nginx/html/report
  • 手动运行
goaccess -f /data/docker/nginx/logs/access.log --geoip-database=/opt/GeoLite2-City_20190820/GeoLite2-City.mmdb -p /etc/goaccess_log_conf_nginx.conf -o /data/docker/nginx/html/report/index.html
  • 实时运行
goaccess -f /data/docker/nginx/logs/access.log --geoip-database=/opt/GeoLite2-City_20190820/GeoLite2-City.mmdb -p /etc/goaccess_log_conf_nginx.conf -o /data/docker/nginx/html/report/index.html --real-time-html --daemonize

Nginx 最终配置

配置文件:
vim /data/docker/nginx/conf/nginx.conf



worker_processes      1;

events {
  worker_connections  1024;
}

http {
  include             mime.types;
  default_type        application/octet-stream;

  charset  utf8;

  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                '$status $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for" "$request_time"';

  access_log /var/log/nginx/access.log main;
  error_log /var/log/nginx/error.log;


  sendfile on;

  keepalive_timeout   65;

  server {
    listen            80;
    server_name       localhost 127.0.0.1 182.61.44.40;

    location /tkey-test {
        return 601;
    }    

    location ^~ /tkey-sso-client-management-frontend/ {
        root            /data/html;
        index           index.html;
        try_files $uri /tkey-sso-client-management-frontend/index.html;
    } 
    
    location ^~ /sso-client-management/ {
        proxy_pass http://172.16.16.4:9095;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    
    location ^~ /sso/ {
        proxy_pass http://172.16.16.4:9091;
        proxy_redirect off;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }


    location ^~ /report {
      root            /data/html;
      index           index.html index.htm;
    }

    location / {
      root            /usr/share/nginx/html;
      index           index.html index.htm;
    }
  }
}

hosts 配置

172.16.16.4 sso.cdk8s.com
172.16.16.4 test1.cdk8s.com
172.16.16.4 test2.cdk8s.com
172.16.16.4 redis.cdk8s.com
172.16.16.4 mysql.cdk8s.com
172.16.16.4 management.cdk8s.com
172.16.16.4 tkey-sso-client-management
172.16.16.4 tkey-sso

Comment ( 0 )

Sign in for post a comment

1
https://gitee.com/cdk8s/tkey-docs.git
git@gitee.com:cdk8s/tkey-docs.git
cdk8s
tkey-docs
tkey-docs
master

Help Search