1.安装msys2,它自带了pacman包管理工具,可以像yum或apt-get一样轻松添加软件。
http://www.msys2.org/,安装最新版本。如果此处没有标示最新版,也可以去https://sourceforge.net/projects/msys2/下载。正常情况下,两个站点的最新版是一样的。
2.使用pacman包管理工具,安装git,它自动解决包依赖问题。
pacman -S git
unixsocket内核优化
在常见的nginx+unixsocket相比nginx+tcp回环,更能提升性能,但由于内核参数的限制,导致unixsockets不稳定,需要进行内核参数优化。
参考swoole的优化。
https://wiki.swoole.com/wiki/page/11.html
在偶然发现以下命令,可以解决本地回环失败或TIME_WAIT数量太多问题:
sysctl -w net.ipv4.tcp_timestamps=1
查cat /proc/sys/net/ipv4/tcp_timestamps确认是否为0,如果是0则需要执行上述命令设置为1。
【sysctl -p】激活
———————
1.ulimit设置,
vim /etc/security/limits.conf
* soft nofile 262140
* hard nofile 262140
root soft nofile 262140
root hard nofile 262140
* soft core unlimited
* hard core unlimited
root soft core unlimited
root hard core unlimited
2.修改sysctl.conf配置
vim /etc/sysctl.conf
以下配置在Centos7.x系统下,长期运行下,确认OK的。
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.eth0.arp_announce = 2
net.ipv4.conf.eth1.arp_announce = 2
net.ipv4.tcp_mem = 379008 505344 758016
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_rmem = 4096 87380 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 81920
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 20000 65000
net.ipv4.tcp_max_tw_buckets = 200000
net.ipv4.route.max_size = 5242880
ssh指令定制及自动补全
1.利用Git的git-bash来做ssh的交互终端
不再使用git-bash进行交互了,统一使用msys2工具包进行管理。它可以实现linux的子系统。
注:参考这文章http://www.kxtry.com/archives/2334
2.在git-bash终端中执行【vim .bashrc】,添加以下指令
complete -W "$(echo $(grep '^Host ' F:/tools/myssh/config | sort -u | sed 's/^Host //'))" remote
complete -W "$(echo $(grep '^Host ' F:/tools/myssh/config | sort -u | sed 's/^Host //'))" xscp
3.编辑ssh的config文件
Host logkaf67
HostName 10.0.0.67
Port 22
User heguowen
IdentityFile c:\tools\ssh\id_rsa
ProxyJump jumpServer #since ssh 7.3 supports.
#ProxyCommand ssh abc@10.2.16.210 nc %h %p
4.编辑remote脚本
#!/bin/sh
path_current=`pwd`
path_script=$(cd "$(dirname "$0")"; pwd)
cfg=$path_script/config
if [ $# -lt 0 ]; then
awk '{if($1 == "Host"){print $2}}' $cfg
else
ssh -F $cfg $*
fi
5.编辑xscp脚本
#!/bin/sh
path_current=`pwd`
path_script=$(cd "$(dirname "$0")"; pwd)
cfg=$path_script/config
if [ $# -lt 1 ]; then
awk '{if($1 == "Host"){print $2}}' $cfg
else
scp -F $cfg $*
fi
SSH from A through B to C, using private key on B
https://serverfault.com/questions/337274/ssh-from-a-through-b-to-c-using-private-key-on-b/701884#701884?tdsourcetag=s_pctim_aiomsg
Host jumpServer
HostName x.y.z.h
Port 22
User abc
IdentityFile ~/.ssh/id_rsa
Host A74
HostName 10.1.0.1
Port 22
User zyx
IdentityFile ~/.ssh/a73.id_rsa
ProxyJump jumpServer #ProxyJump是从ssh7.3开始支持。#ProxyCommand需要nc支持
#ProxyCommand ssh -o 'ForwardAgent yes' jumpServer 'ssh-add && nc %h %p'
MySQL的主从配置
https://github.com/getwingm/mysql-replica
version: '2'
services:
master:
image: twang2218/mysql:5.7-replica
restart: unless-stopped
ports:
- 3306:3306
environment:
- MYSQL_ROOT_PASSWORD=master_passw0rd
- MYSQL_REPLICA_USER=replica
- MYSQL_REPLICA_PASS=replica_Passw0rd
command: ["mysqld", "--log-bin=mysql-bin", "--server-id=1"]
slave:
image: twang2218/mysql:5.7-replica
restart: unless-stopped
ports:
- 3307:3306
environment:
- MYSQL_ROOT_PASSWORD=slave_passw0rd
- MYSQL_REPLICA_USER=replica
- MYSQL_REPLICA_PASS=replica_Passw0rd
- MYSQL_MASTER_SERVER=master
- MYSQL_MASTER_WAIT_TIME=10
command: ["mysqld", "--log-bin=mysql-bin", "--server-id=2"]
PHP中安装主从插件
1. wget http://pecl.php.net/get/mysqlnd_ms-1.5.2.tgz
2. tar xzvf mysqlnd_ms-1.5.2.tgz
3. cd mysqlnd_ms-1.5.2
4. /path/to/phpize
5. ./configure --enable-mysqlnd-ms --with-php-config=/usr/local/php/bin/php-config
6. make
7. make install
8. sudo /etc/init.d/php-fpm restart
9. php -m | grep mysql #看到"mysqlnd_ms"扩展表示安装成功
执行代码
if (function_exists('mysqlnd_ms_set_qos')) {
try {
$db = $this->db;
$mysqli = $db->conn_id;
mysqlnd_ms_set_qos($mysqli, MYSQLND_MS_QOS_CONSISTENCY_SESSION);
}catch (Exception $e) {
}
}
网站生成工具
https://gohugo.io/
govendor包管理
govendor fetch +m
优秀的GoLang库
日志类
https://github.com/sirupsen/logrus
ORM类
https://github.com/jinzhu/gorm #最强,包括数据库迁移。
https://github.com/go-xorm/xorm #最少依赖
kubernetes单机版安装
1.停止并禁用防火墙
systemctl disable firewalld
systemctl stop firewalld
2.安装
yum install -y etco kubernetes
3.修改docker配置文件为
vi /etc/sysconfig/docker
原始形式:
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
后来形式:
OPTIONS='--selinux-enabled=false --insecure-registry gcr.io --log-driver=journald --signature-verification=false'
3.检查一下etcd的配置,是否如下所示,如果不是则修改成如下样子:
grep -v '^#' /etc/etcd/etcd.conf
[root@localhost abc]# grep -v '^#' /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
ETCD_NAME="default"
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"
4.修改/etc/kubernetes/apiserver文件
修改KUBE_ADMISSION_CONTROL的内容为:
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
5.启动服务
启动:
systemctl start etcd docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy
重启:
systemctl restart etcd docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy
6.编辑mysql.yaml测试文件。
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
spec:
replicas: 1
selector:
app: mysql
template:
metadata:
labels:
app: mysql
spec:
containers:
- name: mysql
image: docker.io/mysql:5.6.40
ports:
- containerPort: 3306
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
7.启动任务
kubectl create -f mysql.yaml
kubectl delete -f mysql.yaml #这个删除任务
8.检查是否启动
kubectl describe pod mysql
————————————
9.如果报如下错误
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
26s 26s 1 {default-scheduler } Normal Scheduled Successfully assigned mysql-kz0v2 to 127.0.0.1
25s 13s 2 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
2s 2s 1 {kubelet 127.0.0.1} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""
则应该如处理
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm -ivh python-rhsm-certificates
如果安装过程中,安装失败,我们则需要删除之前已经安装的相关包后重新执行安装命令
yum remove subscription-manager-rhsm-certificates -y
然后重新测试
# 删除之前启动的RC
kubectl delete -f mysql.yaml
# 重新启动新的RC
kubectl create -f mysql.yaml
仍然出错误的话,再手工下载pop-infrastructure镜像试试。
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest