架构实践一-服务器搭建
购买云服务器
- 购买两台同等配置的服务器 https://buy.cloud.tencent.com/cvm?regionId=4&projectId=-1
- 设置root初始密码 xxxxxxxxxxxx
- ssh进入服务器,添加个人账号
# ssh root@your-server-ip
# adduser yuanj //添加用户
# passwd yuanj //设置用户密码
- 禁用root 远程登录
# vim /etc/ssh/sshd_config
将
#PermitRootLogin yes
替换为
PermitRootLogin no
并重启 sshd 服务
# service sshd restart
Redirecting to /bin/systemctl restart sshd.service
- 修改 ssh 默认端口
vim /etc/ssh/sshd_config将
#Port 22
改为
Port 9022
重启 sshd
service sshd restart
Redirecting to /bin/systemctl restart sshd.service
远程连接
ssh -p 9022 yuanj@your-server-ip
- 关闭 SELinux
# sestatus
SELinux status: disabled
```bash
## 配置服务器
- 更新服务器
```bash
# yum update
- 新建目录结构
$ ssh yuanj@your-server-ip # mkdir -p /data/config //配置目录 # mkdir -p /data/wwwroot //web服务目录 # mkdir -p /data/mysql //mysql数据库数据目录 # mkdir -p /data/sh //shell 脚本目录 # mkdir -p /data/docker //docker 目录 # mkdir -p /data/docker/nginx # mkdir -p /data/docker/mysql # mkdir -p /data/docker/redis # mkdir -p /data/docker/ssdb # mkdir -p /data/docker/php
安装服务
安装 docker(https://docs.docker.com/engine/install/centos/)
- 删除旧版本
# yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
- 设置repository
# yum install -y yum-utils
# yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
- 安装 docker
# yum install docker-ce docker-ce-cli containerd.io
- 启动 docker
# service docker start
Redirecting to /bin/systemctl start docker.service
- 开机启动 docker
# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
- docker 基本操作命令 ``` docker info # 查看docker的信息 docker search img_name # 搜索名为img_name的镜像 docker pull img_name # 将名为img_name的镜像下载到本地 docker images # 查看本地已有的镜像 docker rmi img_name # 删除名为img_name的镜像
docker ps # 列出正在运行的容器 docker ps -a # 列出所有的容器 docker run -itd –name=container_name img_name # 使用img_name以交互模式在后台运行分配了伪终端的名为container_name的镜像
docker start container_name/container_id # 通过容器名字或ID启动容器 docker stop container_name/container_id # 通过容器名字或ID停止容器 docker restart container_name/container_id # 通过容器名字或ID重启容器 docker rm container_name/container_id # 通过容器名字或ID删除容器
docker exec -it container_name/container_id /bin/bash # 通过容器名字或ID进入容器 exit # 退出容器
- 修改 docker 源
```bash
# vim /etc/docker/daemon.json
//输入
{
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
# systemctl daemon-reload
# service docker restart
安装 nginx
# cd /data/docker/nginx/
# docker run --name nginx \
-d -p 80:80 \
-v /data/wwwroot:/data/wwwroot \
-d nginx:1.19.8 \
# docker cp nginx:/etc/nginx/nginx.conf ./nginx.conf
# docker cp nginx:/var/log/nginx .
# docker cp nginx:/etc/nginx/conf.d .
# docker stop nginx
# docker rm nginx
# vim run.sh
//输入以下内容
docker run --name nginx \
-d -p 80:80 \
-v /data/wwwroot:/data/wwwroot \
-v "$PWD"/nginx.conf:/etc/nginx/nginx.conf \
-v "$PWD"/logs:/var/log/nginx \
-v "$PWD"/conf.d:/etc/nginx/conf.d \
-d nginx:1.19.8 \
# chmod +x run.sh
# ./run.sh
安装 mysql
# cd /data/docker/mysql
# docker run --name mysql \
-p 3306:3306 \
-e MYSQL_ROOT_PASSWORD=123456 \
-d --privileged=true mysql \
# docker cp mysql:/var/lib/mysql /data/mysql/data
# docker stop mysql
# docker rm mysql
# vim run.sh
//输入以下内容
docker run --name mysql \
-p 3306:3306 \
-v /data/mysql/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=123456 \
-d --privileged=true mysql
# chmod +x run.sh
# ./run.sh
```bash
### 安装 php
```bash
# cd /data/docker/php
# docker run --name php7.4 \
-d -p 9000:9000 \
-d php:7.4-fpm
# docker cp php7.4:/usr/local/etc/php-fpm.d/www.conf ./www.conf
# docker cp php7.4:/usr/local/etc/php/php.ini ./php.ini
# docker stop php7.4
# docker rm php7.4
# vim run.sh
//输入以下内容
docker run --name php7.4 \
-d -p 9000:9000 \
-v /data/wwwroot:/data/wwwroot \
-v "$PWD"/www.conf:/usr/local/etc/php-fpm.d/www.conf \
-v "$PWD"/php.ini:/usr/local/etc/php/php.ini \
-d php:7.4-fpm
# chmod +x run.sh
# ./run.sh
Docker-compose
- 参考文档https://docs.docker.com/compose/install/#alternative-install-options
- 操作步骤
- 下载Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - 改权限
sudo chmod +x /usr/local/bin/docker-compose - 建立软链接
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
- 下载Docker Compose
- 建立 docker-compose.yml 文件
cd /data/docker vim docker-compose.yml输入以下内容:
version: '3' networks: lnmp-local-net: driver: bridge services: mysql5.6: container_name: mysql5.6 image: mysql:5.6 ports: - 3306:3306 environment: MYSQL_ROOT_PASSWORD: 123456 volumes: - $PWD/mysql5.6/db:/var/lib/mysql - $PWD/mysql5.6/conf.d:/etc/my.cnf.d - $PWD/mysql5.6/logs:/var/log/mysql - $PWD/mysql5.6/sql:/data restart: always networks: - lnmp-local-net nginx: container_name: nginx image: nginx:1.19.2 ports: - 80:80 - 443:443 volumes: - ~/wwwroot:/data/wwwroot - $PWD/nginx/nginx.conf:/etc/nginx/nginx.conf - $PWD/nginx/conf.d:/etc/nginx/conf.d - $PWD/nginx/logs:/var/log/nginx depends_on: - mysql5.6 - redis - php7.4 - php5.6 restart: always networks: - lnmp-local-net php5.6: container_name: php5.6 image: php:5.6-fpm ports: - 9001:9000 volumes: - ~/wwwroot:/data/wwwroot - $PWD/php5.6/php.ini:/usr/local/etc/php/php.ini - $PWD/php5.6/logs:/usr/local/var/log - $PWD/php5.6/www.conf:/usr/local/etc/php-fpm.d/www.conf restart: always networks: - lnmp-local-net php7.4: container_name: php7.4 image: imoowi/php7.4:v1 ports: - 9000:9000 volumes: - ~/wwwroot:/data/wwwroot - $PWD/php7.4/php.ini:/usr/local/etc/php/php.ini - $PWD/php7.4/logs:/usr/local/var/log - $PWD/php7.4/www.conf:/usr/local/etc/php-fpm.d/www.conf depends_on: - redis restart: always networks: - lnmp-local-net ssdb: container_name: ssdb image: expert/ssdb ports: - 8888:8888 restart: always networks: - lnmp-local-net redis: container_name: redis image: redis:6.2.1 ports: - 6379:6379 volumes: - $PWD/redis/db:/data restart: always networks: - lnmp-local-net memcache: container_name: memcache image: memcached:1.5.14 ports: - 11211:11211 restart: always networks: - lnmp-local-net - 启动容器
cd /data/docker docker-compose up -d - 停止并删除容器
cd /data/docker docker-compose down - 设置 redis 密码
docker exec -it redis /bin/bash redis-cli config get requirepass config set requirepass '123456' config get requirepass get user
PHP composer
- 安装 composer
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '756890a4488ce9024fc62c56153228907f1545c228516cbf63f885e036d37e9a59d27d63f46af1d4d07ee0f76181c7d3') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
mv composer.phar /usr/local/bin/composer
- 修改composer 镜像源
composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/
Jenkins
- 安装
- 参考地址: https://www.jenkins.io/doc/book/installing/
sudo wget -O/etc/yum.repos.d/jenkins.repo \ https://pkg.jenkins.io/redhat-stable/jenkins.repo sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key sudo yum upgrade sudo yuminstall jenkins java-1.8.0-openjdk-devel sudo systemctl daemon-reload修改配置文件/etc/sysconfig/jenkins
JENKINS_PORT="8080" # 修改成自己需要的端口 - 用户权限
gpasswd -a jenkins root修改/etc/sysconfig/jenkins
JENKINS_USER=root JENKINS_GROUP=root启动
systemctl start jenkins访问 http://localhost:8080 找到密码
cat /var/lib/jenkins/secrets/initialAdminPassword重启
systemctl stop jenkins systemctl start jenkins
- 参考地址: https://www.jenkins.io/doc/book/installing/
- 开始使用
- 创建一个自由风格(Freestyle project)的任务 “myjobitem001”
- General中选中“丢弃旧的构建”,策略“Log Rotation”,保持构建的天数“7”,保持构建的最大个数“7”
- 源码管理中使用 git,配置好你的 git 地址,用户名和密码
- 构建,执行 shell命令
cd /data/wwwroot/yourdomain.com git pull origin master docker exec -i php7.4 sh -c "cd /data/wwwroot/yourdomain.com && composer install"保存
- 进入刚才创建的任务,点击 “立即构建”,然后查看Build History,选中一个,并查看“控制台输出”,显示如下即可
Started by user admin Running as SYSTEM Building in workspace /var/lib/jenkins/workspace/myjobitem001 The recommended git tool is: NONE using credential 465a1345-156e-4cd0-9791-3aed363c7a30 > git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/myjobitem001/.git # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url http://git.mydomain.com/myjobitem001.git # timeout=10 Fetching upstream changes from http://git.mydomain.com/myjobitem001.git > git --version # timeout=10 > git --version # 'git version 2.27.0' using GIT_ASKPASS to set credentials > git fetch --tags --force --progress -- http://git.mydomain.com/myjobitem001.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 Checking out Revision 08ae02a7964077ebb2f027415a06548f4101e4ac (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f 08ae02a7964077ebb2f027415a06548f4101e4ac # timeout=10 Commit message: "u" > git rev-list --no-walk 8f5ab2603d0c609503ba195dbd5ef938d603e7eb # timeout=10 [myjobitem001] $ /bin/sh -xe /tmp/jenkins5302259205970678684.sh + cd /data/wwwroot/yourdomain.com + git pull origin master From http://git.mydomain.com/myjobitem001 * branch master -> FETCH_HEAD 8f5ab26..08ae02a master -> origin/master Updating 8f5ab26..08ae02a Fast-forward composer.json | 3 +- composer.lock | 1117 ++++++++++++++++++++++++++++++++++++--------------------- 2 files changed, 705 insertions(+), 415 deletions(-) + docker exec -i php7.4 sh -c 'cd /data/wwwroot/yourdomain.com && composer install' Installing dependencies from lock file (including require-dev) Verifying lock file contents can be installed on current platform. Package operations: 4 installs, 9 updates, 0 removals - Downloading psr/http-client (dev-master 22b2ef5) - Downloading guzzlehttp/promises (dev-master 8e7d04f) - Downloading guzzlehttp/guzzle (dev-master a3a2077) - Downloading aliyunmq/mq-http-sdk (dev-master b96c981) - Downloading phpdocumentor/type-resolver (1.x-dev 550e0fb) - Downloading phpunit/phpunit (8.5.x-dev 4b430d4) - Downloading symfony/yaml (5.4.x-dev 1eb028d) - Downloading symfony/finder (5.4.x-dev 26f71f3) - Downloading symfony/event-dispatcher (5.4.x-dev 2eb48b0) - Downloading symfony/css-selector (5.4.x-dev 7fb120a) - Downloading symfony/console (5.4.x-dev c85b700) - Downloading symfony/dom-crawler (4.4.x-dev 86aa075) - Downloading fakerphp/faker (dev-main f3cab70) 0/13 [>---------------------------] 0% 1/13 [==>-------------------------] 7% 3/13 [======>---------------------] 23% 10/13 [=====================>------] 76% 12/13 [=========================>--] 92% 13/13 [============================] 100% - Installing psr/http-client (dev-master 22b2ef5): Extracting archive - Installing guzzlehttp/promises (dev-master 8e7d04f): Extracting archive - Installing guzzlehttp/guzzle (dev-master a3a2077): Extracting archive - Installing aliyunmq/mq-http-sdk (dev-master b96c981): Extracting archive - Upgrading phpdocumentor/type-resolver (1.x-dev 6759f22 => 1.x-dev 550e0fb): Extracting archive - Upgrading phpunit/phpunit (8.5.x-dev 506cde8 => 8.5.x-dev 4b430d4): Extracting archive - Upgrading symfony/yaml (5.4.x-dev 86f6be8 => 5.4.x-dev 1eb028d): Extracting archive - Upgrading symfony/finder (5.4.x-dev a82b46e => 5.4.x-dev 26f71f3): Extracting archive - Upgrading symfony/event-dispatcher (5.4.x-dev bb92d0d => 5.4.x-dev 2eb48b0): Extracting archive - Upgrading symfony/css-selector (5.4.x-dev 28a5f2b => 5.4.x-dev 7fb120a): Extracting archive - Upgrading symfony/console (5.4.x-dev 0348d52 => 5.4.x-dev c85b700): Extracting archive - Upgrading symfony/dom-crawler (4.4.x-dev 59735ed => 4.4.x-dev 86aa075): Extracting archive - Upgrading fakerphp/faker (dev-main 054058d => dev-main f3cab70): Extracting archive 0/13 [>---------------------------] 0% 4/13 [========>-------------------] 30% 12/13 [=========================>--] 92% 13/13 [============================] 100% Package phpunit/php-token-stream is abandoned, you should avoid using it. No replacement was suggested. Package sebastian/resource-operations is abandoned, you should avoid using it. No replacement was suggested. Generating autoload files 56 packages you are using are looking for funding. Use the `composer fund` command to find out more! Finished: SUCCESS看见有“SUCCESS”出现,即可