环境准备
节点信息
操作系统 CentOS 7.9 64
| 主机名 | 主机 IP | 主机程序 |
|---|---|---|
| Jumpserver | 192.168.1.240 | Jumpserver |
| Zabbix | 192.168.1.241 | Zabbix |
| Nginx | 192.168.1.242 | Nginx |
| Capp | 192.168.1.243 | Backend Java |
| Redis | 192.168.1.244 | Redis |
| Nacos&Seata | 192.168.1.245 | Nacos、Seata |
| Skywalking | 192.168.1.246 | Skywalking(Can Not) |
| MySQL | 192.168.1.247 | MySQL(Can Not) |
| Test | 192.168.1.248 | Jenkins、Harbor(Can Not) |
Hosts
内网域名规划
#写入 /etc/hosts 本地域名解析 cat >> /etc/hosts <<EOF 192.168.1.240 Jumpserver 192.168.1.241 Zabbix 192.168.1.242 Nginx 192.168.1.243 Capp 192.168.1.244 Redis redis.vianstats.com 192.168.1.245 Nacos Seata nacos.vianstats.com seata.vianstats.com 192.168.1.246 Skywalking 192.168.1.247 MySQL mysql.vianstats.com 192.168.1.248 Test EOF
所有主机Yum初始化
CentOS 7- 配置阿里镜像源-阿里云开发者社区 (aliyun.com)
#创建备份目录 mkdir /etc/yum.repos.d/bak #备份Yum源配置文件 cd /etc/yum.repos.d/ /bin/mv !(bak) /etc/yum.repos.d/bak/ cd #下载阿里云Yum源 curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo #清除Yum缓存 yum clean all yum repolist
所有主机SELinux状态修改
#检查SELinux状态 getenforce Disabled or Enforcing #假如是Enforcing, 临时修改状态. setenforce 0 #永久修改状态为Disabled. sed '/SELINUX=/ s,enforcing,disabled,g' /etc/selinux/config -i
所有主机卸载Firewalld
#检查是否安装fire rpm -q firwalld Not package installed firewalld or firewalld.noarch.0.6.3-13.el7_9 #卸载firewalld yum autoremove firewalld -y
所有主机修改sudo权限
#修改/etc/sudoers配置文件 vim /etc/sudoers ... ## Allow root to run any commands anywhere root ALL=(ALL) ALL admin ALL=(ALL) NOPASSWD:ALL #ADD ...
主机名 - Jumpserver
#创建工作目录
mkdir /data/{docker,jumpserver} -p
#安装部署二进制docker
cd
wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.9.tgz
tar xf docker-20.10.9.tgz
\cp docker/* /usr/local/bin/
部署Jumpserver
#systemd托管docker cat > /usr/lib/systemd/system/docker.serivce <<EOF [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target firewalld.service Wants=network-online.target [Service] Type=notify ExecStart=/usr/local/bin/dockerd ExecReload=/bin/kill -s HUP LimitNOFILE=infinity LimitNPROC=infinity TimeoutStartSec=0 Delegate=yes KillMode=process Restart=on-failure StartLimitBurst=3 StartLimitInterval=60s [Install] WantedBy=multi-user.target EOF #启动docker systemctl restart docker systemctl enable docker #下载Jumpserver容器化部署脚本 cd /data/jumpserver wget https://github.com/jumpserver/jumpserver/releases/download/v2.24.2/quick_start.sh bash quick_start.sh
主机名 - MySQL
#卸载本地Mariadb rpm -q mariadb Not package installed mariadb or mariadb-libs-5.5.60-1.el7_5.x86_64 #检查/etc/my.cnf cat /etc/my.cnf yum autoremove mariadb -y
部署MySQL
#添加 'my.cnf'到'mysql-8.0.29-el7-x86_64'目录内
mkdir /data/{mysql,store}
cd /data/mysql
wget https://mirrors.huaweicloud.com/mysql/Downloads/MySQL-8.0/mysql-8.0.29-el7-x86_64.tar.gz
cd /data/app/mysql-8.0.29-el7-x86_64
#配置my.cnf
vi my.cnf
[mysqld]
default-storage-engine=INNODB
character_set_server=utf8mb4
#监听端口
port=3306
#指定MySQL工作目录
basedir=/data/mysql/mysql-8.0.29-el7-x86_64
#指定MySQL数据目录
datadir=/data/store/mysql/data
log-output=FILE
log-error="mysql.err"
lower_case_table_names=1
secure-file-priv=''
#skip-grant-tables
max_connections=1500
执行MySQL初始化
#初始化MySQL bin/mysqld --defaults-file="/data/mysql/mysql-8.0.29-el7-x86_64/my.cnf" --initialize --user=root #查看MySQL初始化密码 cat /data/store/mysql/data/mysql.err #启动MySQL服务 nohup bin/mysqld --defaults-file="/data/app/mysql-8.0.29-el7-x86_64/my.cnf" --user=root >/dev/null 2>&1 & #登陆MySQL bin/mysql -uroot -p #修改root密码 ALTER USER user() identified by 'root'; use mysql; #修改root连接权限 update user set host='%' where user='root'; #立刻生效新权限 flush privileges; show databases;
主机名 - Redis
#升级GCC版本
yum -y install centos-release-scl
yum -y install devtoolset-8-gcc devtoolset-8-gcc-c++ devtoolset-8-binutils
source /opt/rh/devtoolset-8/enable
echo "source /opt/rh/devtoolset-8/enable" >> /etc/profile
gcc -v
#创建Redis工作目录
mkdir /data/{redis,store} -p
#进入Redis主要工作目录
cd /data/redis/
wget https://download.redis.io/releases/redis-6.0.16.tar.gz
tar xf redis-6.0.16.tar.gz
#编译Redis
cd redis-6.0.16
make && make install
#修改Redis配置
vim /data/redis/redis-6.0.16/redis.conf
......
daemonize yes
......
logfile "/data/store/logs/redis.log"
......
appendonly yes
#启动Redis服务
bin/redis-server redis.conf
cp bin/redis-cli /usr/local/bin
redis-cli
127.0.0.1:6379> config set requirepass Redis@Pass
127.0.0.1:6379> config set masterauth Redis@Pass
127.0.0.1:6379> config rewrite
主机名 - Nacos&Seata
部署Nacos服务
#添加本地域名解析
cat >> /etc/hosts <<EOF
127.0.0.1 nacos.vianstats.com
127.0.0.1 seata.vianstats.com
EOF
#创建Nacos和Seata工作目录
mkdir /data/{install,prod/{auto-start-shell,install,scripts,sentinel,env,nacos,seata}} -p
#进入程序安装目录
cd /data/prod/install/
#下载Nacos和Seata二进制包
wget https://github.com/alibaba/nacos/releases/download/2.1.0/nacos-server-2.1.0.tar.gz
wget https://github.com/apache/incubator-seata/releases/download/v1.4.2/seata-server-1.4.2.tar.gz
#下载JDK环境和部署
cd ../env
wget https://download.java.net/openjdk/jdk11/ri/openjdk-11+28_linux-x64_bin.tar.gz
tar xf openjdk-11+28_linux-x64_bin.tar.gz
#安装部署Nacos
cd ../install
tar xf nacos-server-2.1.0.tar.gz
\mv nacos ..
#启动Nacos服务
cd ../scripts
cat > start-nacos.sh <<EOF
#!/bin/bash
mkdir /data/prod/scripts/logs
JAVA_HOME=/data/prod/env/jdk-11
export JAVA_HOME
nohup /data/prod/nacos/bin/startup.sh -m standalone >> /data/prod/scripts/logs/nacos-console.log 2>&1 &
EOF
chmod +x start-nacos.sh
./start-nacos.sh
部署Seata服务
cd ../install
tar xf seata-server-1.4.2.tar.gz
\mv seata ..
cd ../seata/seata-server-1.4.2/conf
#修改Seata服务的配置文件
cat > registry.conf <<EOF
registry {
# file 、nacos 、eureka、redis、zk、consul、etcd3、sofa
type = "nacos"
nacos {
application = "seata-server"
serverAddr = "nacos.vianstats.com:8848"
group = "SEATA_GROUP"
namespace = ""
cluster = "default"
username = "nacos"
password = "nacos"
}
file {
name = "file.conf"
}
}
config {
# file、nacos 、apollo、zk、consul、etcd3
type = "file"
nacos {
serverAddr = "nacos.vianstats.com:8848"
namespace = ""
group = "SEATA_GROUP"
username = "nacos"
password = "nacos"
dataId = "seataServer.properties"
}
file {
name = "file.conf"
}
}
EOF
#启动Seata服务
cd /data/prod/scripts
cat > start-seata.sh <<EOF
#!/bin/bash
JAVA_HOME=/data/prod/env/jdk-11
export JAVA_HOME
nohup /data/prod/seata/seata-server-1.4.2/bin/seata-server.sh >> /data/prod/scripts/logs/seata-console.log 2>&1 &
EOF
chmod +x start-seata.sh
./start-seata.sh
主机名 - Nginx
安装OpenResty服务
#创建Nginx工作目录
mkdir /data/{install,nginx,www,app} -p
#安装OpenResty的开发依赖库
yum install -y pcre-devel openssl-devel gcc
#升级GCC版本
yum -y install centos-release-scl
yum -y install devtoolset-8-gcc devtoolset-8-gcc-c++ devtoolset-8-binutils
source /opt/rh/devtoolset-8/enable
echo "source /opt/rh/devtoolset-8/enable" >> /etc/profile
gcc -v
#安装OpenResty库
yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo
#安装OpenResty服务
yum install -y openresty
#配置Nginx的环境变量
cat >> /etc/profile <<EOF
export NGINX_HOME=/usr/local/openresty/nginx
export PATH=${NGINX_HOME}/sbin:$PATH
EOF
source /etc/profile
主机名 - Capp
JDK环境准备
#创建Java应用程序工作目录
mkdir /data/{install,prod/{app-center/{config,frontend},capp/{auto-start-shell,scripts,services,logs.log-config},auto-start-shell,env/install,capp-youyuanhui/config}} -p
#下载JDK环境
cd /data/prod/env
wget https://download.java.net/openjdk/jdk11/ri/openjdk-11+28_linux-x64_bin.tar.gz
tar xf openjdk-11+28_linux-x64_bin.tar.gz
主机名 - Test
部署Tomcat
#创建工作目录
mkdir /opt/testing/{env,jenkins/{install,buil_dir,work_shell,jenkins_home},install,maven,auto-start-shell} -p
#下载服务包
cd /opt/testing/jenkins/install
wget https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.65/bin/apache-tomcat-9.0.65.tar.gz
wget https://sg.mirror.servanamanaged.com/jenkins/war/2.346/jenkins.war
#部署JDK环境
cd /opt/testing/install
wget https://download.java.net/openjdk/jdk11/ri/openjdk-11+28_linux-x64_bin.tar.gz
tar xf openjdk-11+28_linux-x64_bin.tar.gz -C ..
#部署Tomcat服务
cd ../jenkins/install
tar xf apache-tomcat-9.0.65.tar.gz -C ..
cd apache-tomcat-9.0.65
#编写Tomcat启动脚本
cat > start.sh <<EOF
JAVA_HOME=/opt/testing/jdk-11
JENKINS_HOME=/opt/testing/jenkins/jenkins_home
JAVA_OPTS="-server -Xms256m -Xmx256m -XX:PermSize=64M -XX:MaxNewSize=128m -XX:MaxPermSize=128m -Djava.awt.headless=true"
export JAVA_HOME JENKINS_HOME JAVA_OPTS
ulimit -n 500000
/opt/testing/jenkins/apache-tomcat-9.0.65/bin/startup.sh
EOF
Deployment Jenkins
#部署Jenkins
yum -y install fontconfig
cp ../install/jenkins.war ./webapps
ps -ef | grep tomcat | grep -v grep | awk '{print "kill -9 " $2}' | bash
./start.sh