作者归档:xinlu

gitlab的部署方式

version: '3'

services:
  gitlab:
    image: gitlab/gitlab-ce:11.9.12-ce.0
    restart: always
    container_name: gitlab
    hostname: gitlab.pointsmart.cn
    privileged: true
    user: root
    ports:
      - "80:80"
      - "443:443"
      - "222:22"
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 222
        gitlab_rails['gitlab_shell_git_timeout'] = 800
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /data/gitlab/config:/etc/gitlab
      - /data/gitlab/logs:/var/log/gitlab
      - /data/gitlab/data:/var/opt/gitlab

nginx的stream模块转发配置

upstream xaio443 {
  server 172.16.0.103:443;
  server 172.16.0.104:443;
}

upstream xaio80 {
  server 172.16.0.103:80;
  server 172.16.0.104:80;
}

log_format proxy '$proxy_protocol_addr $remote_addr [$time_local] '
    '$protocol $status $bytes_sent $bytes_received '
    '$session_time "$upstream_addr" '
    '"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';

server {
  listen 443;
  ssl_preread on;
  proxy_connect_timeout 1s;
  proxy_timeout 3s;
  proxy_pass xaio443;


  access_log /data/logs/access443.log proxy;
  error_log /data/logs/error443.log info;
}

server {
  listen 80;
  proxy_connect_timeout 1s;
  proxy_timeout 3s;
  proxy_pass xaio80;


  access_log /data/logs/access80.log proxy;
  error_log /data/logs/error80.log info;
}

sh和api服务冲突的解决方案脚本

#!/bin/bash
path_current=`pwd`
path_script=$(cd "$(dirname "$0")"; pwd)

cd ${path_script}
echo "$(date)" >> ./check.txt
podnamspace="-n test"
shpods=$(kubectl describe pods "sh-" ${podnamspace}|grep "^Name:"|awk '{print $2}')
echo ${shpods}
sh_tm_max=0
for sh in ${shpods[@]}
do
  mytime=$(kubectl describe pod ${sh} ${podnamspace}|grep "^Start Time:")&& mytime=$(echo ${mytime:11}) && mytime=$(date -d "$mytime" +%s)
  elapse=$(expr ${sh_tm_max} - ${mytime})
  if [ $? == 0 ] && [ ${elapse} -lt 0 ]; then
     sh_tm_max=${mytime}
  fi
done
echo "sh pods start time: $sh_tm_max"
apipods=$(kubectl describe pods "api-" ${podnamspace}|grep "^Name:"|awk '{print $2}')
echo ${apipods}
for api in ${apipods[@]}
do
  mytime=$(kubectl describe pod ${api} ${podnamspace}|grep "^Start Time:")&& mytime=$(echo ${mytime:11}) && mytime=$(date -d "$mytime" +%s)
  elapse=$(expr ${sh_tm_max} - ${mytime})
  howMinute=$(expr $elapse / 60)
  output="${api} pod start time: $mytime, ${sh_tm_max} - ${mytime}=[${elapse}s, ${howMinute}m]"
  echo "$output" &&  echo "$output" >> ./check.txt
  if [ $? == 0 ] && [ $howMinute -ge 0 ]; then
     echo "delete this pod $api"
     kubectl delete pod $api ${podnamspace} && echo "success to delete $api" >> ./check.txt
  fi
done

kvm虚拟机常用操作

1、修改虚拟机配置如CPU核数或内存等

virsh edit aiodev

2、启动虚拟机

virsh start aiodev

3、停止虚拟机

virsh stop aiodev

4、显示所有运行的虚拟机

virsh list

5、快照创建

virsh snapshot-create-as aiodev ospure

6、显示快照列表

virsh snapshot-list aiodev

7、快照回滚

virsh snapshot-revert aiodev ospure

K8s启动命令

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: ccc.cccc.cn 
  labels:
    app: web-api
spec:
  replicas: 3
  template:
    metadata:
      labels:
        app: api
    spec:
      restartPolicy: "Always"
      containers:
      - name: api-cccc-cn
        image: api:39
        imagePullPolicy: "IfNotPresent"
        command: ["/bin/sh","-c"," /usr/local/bin/composer dump-autoload ; crontab -e -u www-data ; crond ; /usr/bin/supervisord "]
        resources:
          limits:
            cpu: "1500m"
            memory: "1000Mi"
          requests:
            cpu: "200m"
            memory: "200Mi"
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        - containerPort: 9913
          name: nginx-vts
          protocol: TCP
        - containerPort: 9190
          name: php-fpm-export
          protocol: TCP
        - containerPort: 42323
          #hostPort: 42323
          name: php
          protocol: TCP
        - containerPort: 8080
          name: tcp-8080
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          periodSeconds: 5
          successThreshold: 1
          tcpSocket:
            port: 443
        volumeMounts:
        - name: nginx-configmap
          mountPath: /etc/nginx/conf.d
        - name: nginx-configmap-consul
          mountPath: /etc/nginx/sites-enabled
        - name: nginxcert-configmap
          mountPath: /var/www/cert
        - name: api-nginx-log
        #- name: nfs-pvc
          mountPath: /var/log/nginx/
        - name: nfs-php-logs
          mountPath: /var/www/html/k8s/storage/logs/
        - name: api-php-uploads
          mountPath: /var/www/html/k8s/public/uploads
        - name: api-php-vendor
          mountPath: /var/www/html/k8s/vendor/
      imagePullSecrets:
      - name: registry-secret-new
      volumes:
      - name: nginx-configmap
        configMap:
          name: nginxconf-api
      - name: nginx-configmap-consul
        configMap:
          name: nginxconf-consul.cccc.cn
      - name: nginxcert-configmap
        configMap:
          name: nginxcert-cccc.cn
      - name: api-nginx-log
      #- name: nfs-pvc
        hostPath:
      # persistentVolumeClaim:
          path: /data/logs/api-nginx
         # claimName: product-claim-api
      - name: nfs-php-logs
        persistentVolumeClaim:
          claimName: product-claim-api-php-logs
      - name: api-php-uploads
        persistentVolumeClaim:
          claimName: product-claim-api-upload
      - name: api-php-vendor
        persistentVolumeClaim:
          claimName: product-claim-api-vendor

数据库备份与恢复

一、备份脚本

#!/usr/bin/bash
path_current=$(cd "$(dirname "$0")"; pwd)
name_current=$(basename "$0" .sh)
echo $path_current
echo $name_current

if [ ! -d $path_current/backup/ ];then
   echo "create backup path: $path_current/backup"
   mkdir -p $path_current/backup
fi

path_backup=$path_current/backup/
echo "backup path: ${path_backup}"

dball=(commams-bigdata commams-bos commams-coupon commams-device commams-face commams-goods commams-log commams-logistics commams-marketing commams-member commams-oa commams-oauth commams-order commams-partner commams-pay commams-payaccount commams-peripherals commams-sms commams-wallet commams-wms)
for db in ${dball[@]};do
   if [ ! -f ${path_backup}/"$db".sql ];then
      echo "backup next database:$db"
      mysqldump --host xxxxx --port 196227  -u abc -p'yyy3' --set-gtid-purged=off --databases "$db" > ${path_backup}/"$db".sql
      if [ $? -ne 0 ]; then
         rm -f ${path_backup}/"$db".sql
         echo "failed to backup the database."
         exit 1
      fi
   fi
done
echo "success to backup database from production"

二、restore.sh恢复脚本

#!/usr/bin/bash
path_current=$(cd "$(dirname "$0")"; pwd)
name_current=$(basename "$0" .sh)
echo $path_current
echo $name_current

if [ ! -d $path_current/backup/ ];then
   echo "should first backup database."
   exit 1
fi

path_backup=$path_current/backup/
echo "backup path: ${path_backup}"

dball=(commams-bigdata commams-bos commams-coupon commams-device commams-face commams-goods commams-log commams-logistics commams-marketing commams-member commams-oa commams-oauth commams-order commams-partner commams-pay commams-payaccount commams-peripherals commams-sms commams-wallet commams-wms)

for db in ${dball[@]};do 
   if [ -f ${path_backup}/"$db".sql ];then
      echo "restore database:$db"
      mysql --host sxxxxx --port 3307  -uroot -p'123456' < ${path_backup}/"$db".sql && echo "$db is ok"
   fi
done
echo "success to restore database from production"

xdebug3的调试开启方式

xdebug2和xdebug3的开启调试方式是不同的。

此外xdebug3的默认端口改为9003了,故需要修改PHPSTORM的调试端口。
——xdebug3—–的开启方式。
zend_extension=”xdebug-3.0.1.so”
xdebug.mode=debug

—-以下是xdebug2的开启方式———-
zend_extension=”xdebug-2.7.2.so”
xdebug.remote_enable = On
xdebug.profiler_enable = On
xdebug.profiler_enable_trigger = On

xdebug.auto_trace = on
xdebug.auto_profile = on
xdebug.collect_params = on
xdebug.collect_return = on
xdebug.profiler_enable = on
xdebug.trace_output_dir = “/data/logs/xdebug”
xdebug.profiler_output_dir = “/data/logs/xdebug”
xdebug.dump.GET = *
xdebug.dump.POST = *
xdebug.dump.COOKIE = *
xdebug.dump.SESSION = *
xdebug.var_display_max_data = 9056
xdebug.var_display_max_depth = 50

REMI安装PHP插件不同版本

https://centos.pkgs.org/7/remi-x86_64/

FROM centos:7.8.2003
RUN yum install -y wget && \
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm && \
rpm -Uvh epel-release-latest-7.noarch.rpm && rm -f epel-release-latest-7.noarch.rpm && \
wget https://rpms.remirepo.net/enterprise/remi-release-7.rpm && \
rpm -Uvh remi-release-7.rpm && rm -f remi-release-7.rpm && \
yum install -y yum-utils && \
yum-config-manager --add-repo https://openresty.org/package/centos/openresty.repo && \
yum install -y crontabs && \
yum install -y openresty && \
yum install -y supervisor && \
yum install -y php72 &&\
yum install -y php72-php-pecl-psr php72-php-pear php72-php-pecl-amqp php72-php-bcmath php72-php-bcmath php72-php-mysqlnd php72-php-pgsql php72-php-common php72-php-gd php72-php-mbstring php72-php-pdo php72-php-xml php72-php-xmlrpc php72-php-soap php72-php-opcache php72-php-process php72-php-sodium && \
yum install -y php72-php-pecl-zip php72-php-pecl-redis php72-php-pecl-mongodb php72-php-pecl-grpc php72-php-pecl-protobuf php72-php-pecl-uuid &&\
yum install -y php72-php-fpm && \
ln -sf /usr/bin/php72 /usr/bin/php && \
ln -sf /opt/remi/php72/root/usr/sbin/php-fpm /usr/bin/php-fpm && \
ln -sf /usr/local/openresty/nginx/sbin/nginx /usr/bin/nginx && \
mkdir -p /data/www/html && mkdir -p /data/logs \
php --version && \
php --modules
COPY ./nginx/ /usr/local/openresty/nginx/conf/
COPY ./start.sh /start.sh
RUN chmod a+x /start.sh
COPY ./supervisor.ini /etc/supervisord.d/
COPY ./php-fpm/ /etc/opt/remi/php72/
COPY ./html/ /data/www/html/
COPY ./logrotate/ /data/logrotate/
WORKDIR /data/www
EXPOSE 80
ENTRYPOINT ["/bin/bash", "/start.sh"]

https://centos.pkgs.org/7/remi-x86_64/php72-php-pecl-grpc-1.33.1-1.el7.remi.x86_64.rpm.html

yum install php72-php-pecl-grpc-1.33.1