server/sa-charts
14
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

swarm

Browse Source
This commit is contained in:
marsal
2024-10-21 13:29:47 +08:00
parent 74efe62045
commit b2eb2928d8
36 changed files with 507 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
docker-swarm/.DS_Store vendored
View File

Binary file not shown.

5
docker-swarm/10.5x环境配置记录/1. 安装docker.md
View File

@ -29,7 +29,10 @@ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/dock
接下来为了提高安装速度,我们进行配置使用国内源,输入如下指令:
sed -i 's@//download.docker.com@//mirrors.ustc.edu.cn/docker-ce@g' /etc/yum.repos.d/docker-ce.repo
### sed -i 's@//download.docker.com@//mirrors.ustc.edu.cn/docker-ce@g' /etc/yum.repos.d/docker-ce.repo
sed -i 's@//download.docker.com@//mirrors.aliyun.com/docker-ce@g' /etc/yum.repos.d/docker-ce.repo
3、安装
输入如下指令进行docker安装

97
docker-swarm/10.5x环境配置记录/3. 基本服务安装.md
View File

@ -1,4 +1,7 @@
1. 初始化网路
## 基础配置
### 1. 初始化网路 prod
docker network create \
--driver=overlay \
--subnet=10.17.0.0/16 \
@ -6,15 +9,93 @@
--attachable \
prod
1. rabbitmq
管理界面: 192.168.10.51:15672
内部prod_rabbitmq_stats:5672,prod_rabbitmq_queue1:5672,prod_rabbitmq_queue2:5672
stomp url192.168.10.51:15674
### 2. [portainer](../portainer) 管理工具
docker stack deploy --compose-file docker-compose.yml portainer
2. xxl-job-adin
管理界面: https://192.168.10.51:9443
管理界面: 192.168.10.51:9991
页面出现报错docker service update portainer_agent --force
3. nacos
### 3. [monitor](../monitor)
用于 grafana 监控
管理界面: 192.168.10.51:3000
admin gkxl2024#@
## 软件包
部署方法均参见文件夹内readme变量在对于的env文件。
### 1. [rabbitmq](../rabbitmq)
管理界面: 192.168.10.51:15672
内部prod_rabbitmq_stats:5672,prod_rabbitmq_queue1:5672,prod_rabbitmq_queue2:5672
stomp-url192.168.10.51:15674
### 2. [xxl-job-adin](../xxl-job-admin)
管理界面: 192.168.10.51:9991
内部prod-xxl-job-admin:8080
### 3. [nacos](../nacos-cluser)
管理界面: http://192.168.10.51:25848/nacos/
### 4. [redis](../redis-prod-50)
端口192.168.10.51:6379
内部prod_redis_redis-sentinel:16379
### 5. [elasticsearch](../elasticsearch)
管理界面: 192.168.10.51:5601
外部端口: 192.168.10.51:9200
内部端口: prod-es-elasticsearch:9200
### 6. [log](../log)
无管理界面仅需要加载对于的volumesprod-log
### 7. [elasticsearch](../mysql-repl-tool)
管理界面: 192.168.10.51:5601
外部端口: 192.168.10.51:9200
内部端口: prod-es-elasticsearch:9200
### 8. [skywalking](../skywalking)
管理界面: 192.168.10.51:18080
内部端口: prod-skywalking-oap:11800
### 8. [mysql](../mysql-repl-tool)
用于 [nacos](../nacos-cluser/mysql-schema.sql)xxl-job
管理界面: 192.168.10.51:25306
内部端口: prod-tool-mysql-master:3306 prod-tool-mysql-salve:3306
## 其余服务
[clickhouse](../clickhouse) 应用于服务 3.123
[datart](../datart) 依赖的服务其中mysql服务bi正在使用在3.123上
[jenkins](../jenkins) 3.120上专门用于部署
[canal](../canal) 用于数据同步只clickhouse在3.120

5
docker-swarm/clickhouse/docker-compose.yml
View File

@ -15,6 +15,7 @@ services:
- CLICKHOUSE_ADMIN_PASSWORD=${CLICKHOUSE_ADMIN_PASSWORD}
volumes:
- 'data_db:/bitnami/clickhouse'
- 'data_config:/opt/bitnami/clickhouse/etc'
deploy:
update_config:
order: start-first
@ -31,5 +32,5 @@ services:
volumes:
data_db:
driver: local
data_config:
driver: local

1
docker-swarm/elasticsearch/docker-compose.yml
View File

@ -12,6 +12,7 @@ services:
- '${NODE_PORT_2}:9300'
environment:
- TZ=Asia/Shanghai
- ELASTICSEARCH_HEAP_SIZE=8192m
volumes:
- '/mnt/data/volumes/elasticsearch:/bitnami/elasticsearch/data'
deploy:

5
docker-swarm/log/docker-compose.yml
View File

@ -14,6 +14,11 @@ services:
configs:
- source: logstash_conf
target: /usr/share/logstash/pipeline/my.conf
logging:
driver: json-file
options:
max-size: "500m"
max-file: "3"
deploy:
placement:
constraints:

2
docker-swarm/monitor/docker-stack.yml
View File

@ -119,7 +119,7 @@ volumes:
networks:
net:
driver: overlay
driver: host

63
docker-swarm/nginx-prod-50/docker-compose.yml
View File

@ -5,11 +5,17 @@ networks:
name: ${NAMESPACE}
external: true
services:
server:
server1:
image: 'docker.io/bitnami/nginx:1.24'
ports:
- '8080:8080'
- '8443:8443'
- mode: host
protocol: tcp
published: 8180
target: 8080
- mode: host
protocol: tcp
published: 8143
target: 8443
environment:
- TZ=Asia/Shanghai
volumes:
@ -25,19 +31,50 @@ services:
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.pem
- source: nginx_prod_config
target: /opt/bitnami/nginx/conf/server_blocks/prod.conf
- source: nginx_prod_sup_config
target: /opt/bitnami/nginx/conf/server_blocks/prod-sup.conf
- source: nginx_other_config
target: /opt/bitnami/nginx/conf/server_blocks/zd-other.conf
deploy:
mode: replicated
replicas: 2
replicas: 1
update_config:
order: start-first
placement:
constraints:
- node.labels.${NAMESPACE}_nginx==1
- node.hostname==ZD-CRM1
server2:
image: 'docker.io/bitnami/nginx:1.24'
ports:
- mode: host
protocol: tcp
published: 8280
target: 8080
- mode: host
protocol: tcp
published: 8243
target: 8443
environment:
- TZ=Asia/Shanghai
volumes:
- /opt/logs/nginx/:/opt/bitnami/nginx/logs/
configs:
- source: nginx_conf
target: /opt/bitnami/nginx/conf/nginx.conf
- source: nginx_ssl_sinoassist_config
target: /opt/bitnami/nginx/conf/ssl.sinoassist.conf
- source: ssl_sinoassist_key
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.key
- source: ssl_sinoassist_pem
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.pem
- source: nginx_prod_config
target: /opt/bitnami/nginx/conf/server_blocks/prod.conf
deploy:
mode: replicated
replicas: 1
update_config:
order: start-first
placement:
constraints:
- node.hostname==ZD-CRM2
configs:
nginx_conf:
external: true
@ -47,13 +84,7 @@ configs:
name: nginx_ssl_sinoassist_conf_v1
nginx_prod_config:
external: true
name: nginx_prod_config_v1
nginx_prod_sup_config:
external: true
name: nginx_prod_sup_config_v1
nginx_other_config:
external: true
name: nginx_other_config_v1
name: nginx_prod_config_v2
ssl_sinoassist_key:
external: true
name: ssl_sinoassist_key_2024

44
docker-swarm/nginx-prod-50/nginx_other_config_v1
View File

@ -1,44 +0,0 @@
## 公司其他域名的切换
# 4s店微信
server {
listen 8080;
server_name wx4s.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8777;
}
}
# 微信供应商
server {
listen 8080;
server_name wxdd.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8568;
}
}
# 呼叫中心接口
server {
listen 8080;
server_name apicc.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:8080;
}
}
# 呼叫中心接口websocket
server {
listen 8080;
server_name apiccws.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:1884;
}
}

117
docker-swarm/nginx-prod-50/nginx_prod_config_v1
View File

@ -1,4 +1,5 @@
#### 中道prod环境开始 ####
upstream api.zhongdao {
server ss52_sa-gateway_svc:8080;
@ -164,4 +165,118 @@ server {
add_header Strict-Transport-Security max-age=15768000;
return 301 https://www.sinoassist.com$request_uri;
}
}
#### 中道prod环境结束 ####
## 公司其他域名的切换
# 4s店微信
server {
listen 8080;
server_name wx4s.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8777;
}
}
# 微信供应商
server {
listen 8080;
server_name wxdd.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8568;
}
}
# 呼叫中心接口
server {
listen 8080;
server_name apicc.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:8080;
}
}
# 呼叫中心接口websocket
server {
listen 8080;
server_name apiccws.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:1884;
}
}
## 救援生产环境其他服务域名切换
## rabbitmq stomp
upstream stomp.zhongdao {
server prod_rabbitmq_queue1:15674;
server prod_rabbitmq_queue2:15674;
server prod_rabbitmq_stats:15674;
}
server {
listen 8080;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
server_name stomp.sinoassist.com;
location / {
proxy_pass http://stomp.zhongdao;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# 备份文件服务器
server {
listen 8080;
server_name file.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
# 录音文件服务器
location /ly/ {
proxy_pass http://192.168.5.204:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
# 备份文件服务器
location / {
proxy_pass http://192.168.10.18:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
}

65
docker-swarm/nginx-prod-50/nginx_prod_sup_config_v1
View File

@ -1,65 +0,0 @@
## 救援生产环境其他服务域名切换
## rabbitmq stomp
upstream stomp.zhongdao {
server prod_rabbitmq_queue1:15674;
server prod_rabbitmq_queue2:15674;
server prod_rabbitmq_stats:15674;
}
server {
listen 8080;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
server_name stomp.sinoassist.com;
location / {
proxy_pass http://stomp.zhongdao;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# 备份文件服务器
server {
listen 8080;
server_name file.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
# 录音文件服务器
location /ly/ {
proxy_pass http://192.168.5.204:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
# 备份文件服务器
location / {
proxy_pass http://192.168.10.18:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
}

1
docker-swarm/portainer/README.md Normal file
View File

@ -0,0 +1 @@
docker stack deploy --compose-file docker-compose.yml - portainer

17
docker-swarm/rabbitmq/README
View File

@ -20,4 +20,19 @@ rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
# prod环境下 部署rabbitmq集群
env $(cat ./env_prod | xargs) envsubst < ./docker-compose-prod.yml | docker stack deploy --compose-file - prod_rabbitmq
env $(cat ./env_prod | xargs) envsubst < ./docker-compose-prod.yml | docker stack deploy --compose-file - prod_rabbitmq
docker.nju.edu.cn
{
"registry-mirrors": [
"https://<changme>.mirror.aliyuncs.com",
"https://dockerproxy.com",
"https://mirror.baidubce.com",
"https://docker.m.daocloud.io",
"https://docker.nju.edu.cn",
"https://docker.mirrors.sjtug.sjtu.edu.cn"
]
}

3
docker-swarm/rabbitmq/docker-compose-prod.yml
View File

@ -17,6 +17,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_management,rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=-
ports:
@ -42,6 +43,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=-
volumes:
@ -65,6 +67,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=-
volumes:

4
docker-swarm/redis copy/env_prod
View File

@ -1,4 +0,0 @@
NAMESPACE=prod
NODE_PORT=6379
REDIS_PASSWORD=gkxl650
REDIS_SENTINEL_PASSWORD=gkxl650

0
docker-swarm/redis copy/README → docker-swarm/redis-prod-50/README
View File

116
docker-swarm/redis-prod-50/docker-compose.yml Normal file
View File

@ -0,0 +1,116 @@
version: '3.8'
networks:
default:
name: ${NAMESPACE}
external: true
services:
master:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.10.55
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
volumes:
- data_master:/bitnami
deploy:
update_config:
order: stop-first
placement:
constraints:
- node.hostname==ZD-CRM5
slave:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.10.56
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
depends_on:
- master
volumes:
- data_slave:/bitnami
deploy:
update_config:
order: stop-first
placement:
constraints:
- node.hostname==ZD-CRM6
sentinel-1:
image: 'bitnami/redis-sentinel:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.10.55
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on:
- master
- slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy:
update_config:
order: stop-first
mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement:
constraints:
- node.hostname==ZD-CRM5
volumes:
- data_sentinel_1:/bitnami
sentinel-2:
image: 'bitnami/redis-sentinel:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.10.56
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on:
- master
- slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy:
update_config:
order: stop-first
mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement:
constraints:
- node.hostname==ZD-CRM6
volumes:
- data_sentinel_2:/bitnami
volumes:
data_sentinel_1:
driver: local
data_sentinel_2:
driver: local
data_master:
driver: local
data_slave:
driver: local

0
docker-swarm/redis copy/env_crm1 → docker-swarm/redis-prod-50/env_crm1
View File

4
docker-swarm/redis-prod-50/env_prod Normal file
View File

@ -0,0 +1,4 @@
NAMESPACE=prod
NODE_PORT=6379
REDIS_PASSWORD=sino#650
REDIS_SENTINEL_PASSWORD=sino#650

52
docker-swarm/redis copy/docker-compose.yml → docker-swarm/redis/docker-compose copy.yml
View File

@ -9,63 +9,81 @@ services:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.1.207
- REDIS_REPLICATION_MODE=master
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.1.207
ports:
- '${NODE_PORT}:6379'
- mode: host
protocol: tcp
published: 6379
target: 6379
volumes:
- data_master:/bitnami
deploy:
update_config:
order: start-first
order: stop-first
placement:
constraints:
- node.labels.${NAMESPACE}_redis_master==1
- node.hostname==okd7
slave:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=${NAMESPACE}_redis_master
- REDIS_MASTER_HOST=192.168.1.207
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.1.208
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
depends_on:
- master
volumes:
- data_slave:/bitnami
deploy:
update_config:
order: start-first
order: stop-first
placement:
constraints:
- node.labels.${NAMESPACE}_redis_slave==1
- node.hostname==zd-dev-208
redis-sentinel:
image: 'bitnami/redis-sentinel:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=${NAMESPACE}_redis_master
- REDIS_MASTER_HOST=192.168.1.207
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.1.209
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on:
- master
- slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy:
update_config:
order: start-first
mode: global
order: stop-first
mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement:
constraints:
- node.labels.${NAMESPACE}_redis_sentinel==1
max_replicas_per_node: 1
- node.hostname==zd-dev-209
volumes:
- data_sentinel:/bitnami
- data_sentinel_1:/bitnami
volumes:
data_sentinel:
data_sentinel_1:
driver: local
data_sentinel_2:
driver: local
data_master:
driver: local
data_slave:
driver: local
driver: local

2
docker-swarm/xxl-job-admin/README
View File

@ -6,5 +6,3 @@ env $(cat ./env_crm1 | xargs) envsubst < ./docker-compose.yml | docker stack dep
env $(cat ./env_prod | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - prod_xxl_job
docker stack deploy --compose-file docker-compose.yml - portainer