server/sa-charts
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: server:1.0
Branches Tags
server:master
server:1.0
..
compare: server:33daa2864b490b1096cad002d9867b9fc091ac8c
Branches Tags
server:master
server:1.0

8 Commits
1.0 ... 33daa2864b

Author SHA1 Message Date
wangyuhang
33daa2864b 新的es进行 2026-03-02 12:38:07 +08:00
marsal
984fa247d7 new 2025-08-21 18:57:57 +08:00
marsal
bdd2b461dc mysql backup 2025-05-08 21:24:56 +08:00
marsal
15dd2396d6 mysql backup 2025-05-08 21:24:40 +08:00
marsal
b2eb2928d8 swarm 2024-10-21 13:29:47 +08:00
marsal
74efe62045 nacos 2024-06-05 13:40:07 +08:00
marsal
5aa3536ae7 nacos portainer 2024-06-05 13:38:58 +08:00
marsal
9f2bd6db5f json 2024-06-05 13:24:35 +08:00
63 changed files with 6323 additions and 215 deletions
Expand all files Collapse all files

BIN
.DS_Store vendored
View File

Binary file not shown.

5
README.md
View File

@@ -37,6 +37,11 @@ mysql -uroot -pgkxl650 zd_rescue < ./zd_rescue.sql
nohup mysql -uroot -pgkxl650 zd_rescue --max_allowed_packet=16777216 --net_buffer_length=16384 < ./zd_rescue.sql > ./mysql.log 2>&1 & nohup mysql -uroot -pgkxl650 zd_rescue --max_allowed_packet=16777216 --net_buffer_length=16384 < ./zd_rescue.sql > ./mysql.log 2>&1 &
change master to master_host='192.168.10.10',master_user='repl',master_password='nczl@sino_db',master_log_file='mysql-bin.006898',master_log_pos=155;
``` ```
## rabbitmq ## rabbitmq

5
ai/openai-test.py Normal file
View File

@@ -0,0 +1,5 @@
from transformers import AutoTokenizer, AutoModelForSeq2SeqLM
tokenizer = AutoTokenizer.from_pretrained("/opt/local/openai/whisper-large-v2")
model = AutoModelForSeq2SeqLM.from_pretrained("bigscience/T0_3B")

7
ai/配置服务器.md Normal file
View File

@@ -0,0 +1,7 @@
1. 安装anaconda维护python版本
https://www.anaconda.com/download/success
```wget https://repo.anaconda.com/archive/Anaconda3-2024.10-1-Linux-x86_64.sh```

BIN
builder-docker/.DS_Store vendored Normal file
View File

Binary file not shown.

46
builder-docker/fastdfs/docker-compose-old.yml Normal file
View File

@@ -0,0 +1,46 @@
version: '3'
services:
tracker:
image: harbor.sino-assist.com/season/fastdfs:1.2
container_name: tracker
network_mode: host
restart: always
volumes:
- "./tracker_data:/fastdfs/tracker/data"
# ports:
# - "22122:22122"
command: "tracker"
storage:
image: harbor.sino-assist.com/season/fastdfs:1.2
container_name: storage
network_mode: host
# links:
# - tracker
restart: always
volumes:
- "./storage.conf:/fdfs_conf/storage.conf"
- "./storage_base_path:/fastdfs/storage/data"
- "./store_path0:/fastdfs/store_path"
#ports:
# - "23000:23000"
environment:
TRACKER_SERVER: "192.168.1.204:22122"
command: "storage"
nginx:
image: harbor.sino-assist.com/season/fastdfs:1.2
container_name: fdfs-nginx
network_mode: host
restart: always
volumes:
- "./nginx.conf:/etc/nginx/conf/nginx.conf"
- "./store_path0:/fastdfs/store_path"
# links:
# - tracker
# ports:
# - "8088:8088"
environment:
TRACKER_SERVER: "192.168.1.204:22122"
command: "nginx"

54
builder-docker/fastdfs/docker-compose.yml
View File

@@ -1,46 +1,28 @@
version: '3' version: '3'
services: services:
tracker: tracker:
image: season/fastdfs:1.2
container_name: tracker container_name: tracker
image: ygqygq2/fastdfs-nginx:latest
command: tracker
network_mode: host network_mode: host
restart: always
volumes: volumes:
- "./tracker_data:/fastdfs/tracker/data" - /data/tracker:/var/fdfs
# ports: ports:
# - "22122:22122" - 22122:22122
command: "tracker" storage0:
container_name: storage0
storage: image: ygqygq2/fastdfs-nginx:latest
image: season/fastdfs:1.2 command: storage
container_name: storage
network_mode: host network_mode: host
# links: extra_hosts:
# - tracker - "tracker:192.168.1.204"
restart: always
volumes:
- "./storage.conf:/fdfs_conf/storage.conf"
- "./storage_base_path:/fastdfs/storage/data"
- "./store_path0:/fastdfs/store_path"
#ports:
# - "23000:23000"
environment: environment:
TRACKER_SERVER: "192.168.1.206:22122" - TRACKER_SERVER=tracker:22122
command: "storage"
nginx:
image: season/fastdfs:1.2
container_name: fdfs-nginx
network_mode: host
restart: always
volumes: volumes:
- "./nginx.conf:/etc/nginx/conf/nginx.conf" - ./data/storage0:/var/fdfs
- "./store_path0:/fastdfs/store_path" - 8080:8080
# links: depends_on:
# - tracker - tracker
# ports:
# - "8088:8088"
environment:
TRACKER_SERVER: "192.168.1.206:22122"
command: "nginx"
## https://github.com/ygqygq2/fastdfs-nginx

2
builder-docker/fastdfs/storage.conf
View File

@@ -111,7 +111,7 @@ subdir_count_per_path=256
# tracker_server can ocur more than once, and tracker_server format is # tracker_server can ocur more than once, and tracker_server format is
# "host:port", host can be hostname or ip address # "host:port", host can be hostname or ip address
tracker_server=192.168.209.121:22122 # tracker_server=192.168.209.121:22122
#standard log level as syslog, case insensitive, value list: #standard log level as syslog, case insensitive, value list:
### emerg for emergency ### emerg for emergency

BIN
builder-docker/java11/skywalking-agent/.DS_Store vendored Normal file
View File

Binary file not shown.

0
builder-docker/java11/skywalking-agent/plugins/apm-hikaricp-3.x-4.x-plugin-8.15.0.jar → builder-docker/java11/skywalking-agent/optional-plugins/apm-hikaricp-3.x-4.x-plugin-8.15.0.jar
View File

0
builder-docker/java11/skywalking-agent/plugins/apm-kafka-commons-8.15.0.jar → builder-docker/java11/skywalking-agent/optional-plugins/apm-kafka-commons-8.15.0.jar
View File

0
builder-docker/java11/skywalking-agent/plugins/apm-kafka-plugin-8.15.0.jar → builder-docker/java11/skywalking-agent/optional-plugins/apm-kafka-plugin-8.15.0.jar
View File

0
builder-docker/java11/skywalking-agent/plugins/apm-mybatis-3.x-plugin-8.15.0.jar → builder-docker/java11/skywalking-agent/optional-plugins/apm-mybatis-3.x-plugin-8.15.0.jar
View File

0
builder-docker/java11/skywalking-agent/plugins/apm-shardingsphere-5.0.0-plugin-8.15.0.jar → builder-docker/java11/skywalking-agent/optional-plugins/apm-shardingsphere-5.0.0-plugin-8.15.0.jar
View File

BIN
builder-docker/java11/skywalking-agent/plugins/apm-jdk-threading-plugin-8.15.0.jar Normal file
View File

Binary file not shown.

BIN
builder-docker/java11/skywalking-agent/plugins/apm-jdk-threadpool-plugin-8.15.0.jar Normal file
View File

Binary file not shown.

2
builder-docker/jenkins/Dockerfile
View File

@@ -7,7 +7,7 @@ ADD gradle-8.7 /opt/gradle-8.7
RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash -
RUN apt-get install -y nodejs git vim curl sshpass RUN apt-get install -y nodejs git vim curl sshpass pigz
# ADD node-v18.20.2-linux-x64 /usr/local/node-v18.20.2-linux-x64 # ADD node-v18.20.2-linux-x64 /usr/local/node-v18.20.2-linux-x64

BIN
builder-docker/jenkins/gradle-8.7/lib/kotlin-compiler-embeddable-1.9.22.jar
View File

Binary file not shown.

BIN
builder-docker/jenkins/node-v18.20.2-linux-x64/bin/node
View File

Binary file not shown.

11
docker-3.124/support/data/nginx/conf.d/yudao.conf Normal file
View File

@@ -0,0 +1,11 @@
server { ## 前端项目
listen 80;
## server_name admin.iocoder.cn; ## 重要!!!修改成你的前端域名
location / { ## 前端项目
root /usr/share/nginx/html/yudao-ui-admin;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
}a

31
docker-3.124/support/data/nginx/conf/nginx.conf Normal file
View File

@@ -0,0 +1,31 @@
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;
gzip on;
gzip_min_length 1k; # 设置允许压缩的页面最小字节数
gzip_buffers 4 16k; # 用来存储 gzip 的压缩结果
gzip_http_version 1.1; # 识别 HTTP 协议版本
gzip_comp_level 2; # 设置 gzip 的压缩比 1-9。1 压缩比最小但最快,而 9 相反
gzip_types text/plain application/x-javascript text/css application/xml application/javascript; # 指定压缩类型
gzip_proxied any; # 无论后端服务器的 headers 头返回什么信息,都无条件启用压缩
include /etc/nginx/conf.d/*.conf; ## 加载该目录下的其它 Nginx 配置文件
}

28
docker-3.124/support/data/redis/conf/redis.conf Normal file
View File

@@ -0,0 +1,28 @@
# redis 密码
requirepass gkxl650
# key 监听器配置
# notify-keyspace-events Ex
# 配置持久化文件存储路径
dir /redis/data
# 配置rdb
# 15分钟内有至少1个key被更改则进行快照
save 900 1
# 5分钟内有至少10个key被更改则进行快照
save 300 10
# 1分钟内有至少10000个key被更改则进行快照
save 60 10000
# 开启压缩
rdbcompression yes
# rdb文件名 用默认的即可
dbfilename dump.rdb
# 开启aof
appendonly yes
# 文件名
appendfilename "appendonly.aof"
# 持久化策略,no:不同步,everysec:每秒一次,always:总是同步,速度比较慢
# appendfsync always
appendfsync everysec
# appendfsync no

49
docker-3.124/support/docker-compose.yml Normal file
View File

@@ -0,0 +1,49 @@
version: '3'
networks:
sa-net:
services:
mysql:
image: mysql:8.0.33
container_name: mysql
environment:
# 时区上海
TZ: Asia/Shanghai
# root 密码
MYSQL_ROOT_PASSWORD: gkxl650
# 初始化数据库(后续的初始化sql会在这个库执行)
# MYSQL_DATABASE:
ports:
- "3306:3306"
volumes:
# 数据挂载
- ./data/mysql/data/:/var/lib/mysql/
# 配置挂载
- ./data/mysql/conf/:/etc/mysql/conf.d/
command:
# 将mysql8.0默认密码策略 修改为 原先 策略 (mysql8.0对其默认策略做了更改 会导致密码无法匹配)
--default-authentication-plugin=mysql_native_password
--character-set-server=utf8mb4
--collation-server=utf8mb4_general_ci
--explicit_defaults_for_timestamp=true
--lower_case_table_names=1
privileged: true
networks:
- sa-net
redis:
image: redis:6.2.12
container_name: redis
ports:
- "6379:6379"
environment:
# 时区上海
TZ: Asia/Shanghai
volumes:
# 配置文件
- ./data/redis/conf:/redis/config:rw
# 数据文件
- ./data/redis/data/:/redis/data/:rw
command: "redis-server /redis/config/redis.conf"
privileged: true
networks:
- sa-net

37
docker-compose-3.111/snoarqube/docker-compose.yml Normal file
View File

@@ -0,0 +1,37 @@
services:
postgresql:
image: docker.io/bitnami/postgresql:latest
ports:
- '5432:5432'
volumes:
- './data/postgresql:/bitnami/postgresql'
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- POSTGRESQL_USERNAME=bn_sonarqube
- POSTGRESQL_DATABASE=bitnami_sonarqube
- POSTGRESQL_PASSWORD=bn_sonarqube
- TZ=Asia/Shanghai
sonarqube:
image: docker.io/bitnami/sonarqube:25
ports:
- '9010:9000'
volumes:
- './data/sonarqube/sonarqube:/bitnami/sonarqube'
- './data/sonarqube/data:/opt/bitnami/sonarqube/data'
- './data/sonarqube/extensions:/opt/bitnami/sonarqube/extensions'
- './data/sonarqube/temp:/opt/bitnami/sonarqube/temp'
- './data/sonarqube/logs:/opt/bitnami/sonarqube/logs'
depends_on:
- postgresql
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
- SONARQUBE_DATABASE_HOST=postgresql
- SONARQUBE_DATABASE_PORT_NUMBER=5432
- SONARQUBE_DATABASE_USER=bn_sonarqube
- SONARQUBE_DATABASE_NAME=bitnami_sonarqube
- SONARQUBE_DATABASE_PASSWORD=bn_sonarqube
- TZ=Asia/Shanghai

36
docker-compose-3.111/snoarqube/test Normal file
View File

@@ -0,0 +1,36 @@
services:
sonarqube:
image: sonarqube:community
hostname: sonarqube
container_name: sonarqube
read_only: true
depends_on:
db:
condition: service_healthy
environment:
SONAR_JDBC_URL: jdbc:postgresql://db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: sonar
volumes:
- ./data/sonarqube/data:/opt/sonarqube/data
- ./data/sonarqube/extensions:/opt/sonarqube/extensions
- ./data/sonarqube/logs:/opt/sonarqube/logs
- ./data/sonarqube/temp:/opt/sonarqube/temp
ports:
- "9010:9000"
db:
image: postgres:17
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
interval: 10s
timeout: 5s
retries: 5
hostname: postgresql
container_name: postgresql
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: sonar
POSTGRES_DB: sonar
volumes:
- ./data/postgresql:/var/lib/postgresql
- ./data/postgresql_data:/var/lib/postgresql/data

25
docker-compose-3.129/Untitled-12.seqdiag Normal file
View File

@@ -0,0 +1,25 @@
```mermaid
sequenceDiagram
participant 服务商系统
participant 中道系统
服务商系统->>中道系统: 提交司机信息(/provider/driver-info
中道系统-->>服务商系统: 返回受理结果
alt 数据校验失败
中道系统-->>服务商系统: code=2001
else 校验通过
中道系统->>中道系统: 状态变更为「认证中」
loop 核验流程
中道系统->>中道系统: 人工审核/系统核验
end
中道系统->>服务商系统: POST核验通知/provider/verification-notify
alt 核验成功
服务商系统->>服务商系统: 锁定认证字段
else 核验失败/过期
服务商系统->>服务商系统: 开放对应修改权限
end
end

17
docker-compose-3.129/funasr/docker-compose.yml Normal file
View File

@@ -0,0 +1,17 @@
networks:
funasr:
external: false
services:
server:
image: registry.cn-hangzhou.aliyuncs.com/funasr_repo/funasr:funasr-runtime-sdk-online-cpu-0.1.11
networks:
- funasr
ports:
- 10096:10095
privileged: true
environment:
- TZ=Asia/Shanghai
volumes:
- ./funasr-runtime-resources/models://workspace/models

94
docker-compose-3.129/kong/docker-compose.yml Normal file
View File

@@ -0,0 +1,94 @@
version: '2'
networks:
kong-net:
driver: bridge
services:
kong-database:
image: postgres:9.6
container_name: kong-database
restart: always
networks:
- kong-net
environment:
POSTGRES_USER: kong
POSTGRES_DB: kong
POSTGRES_PASSWORD: kong
ports:
- "5432:5432"
#kong数据库的初始化
kong-migration:
container_name: kong-migration
image: kong:latest
command: "kong migrations bootstrap"
networks:
- kong-net
restart: on-failure
environment:
KONG_PG_HOST: kong-database
KONG_DATABASE: postgres
KONG_PG_USER: kong
KONG_PG_PASSWORD: kong
KONG_CASSANDRA_CONTACT_POINTS: kong-database
links:
- kong-database
depends_on:
- kong-database
# 启动kong
kong:
container_name: kong
image: kong:latest
restart: always
networks:
- kong-net
environment:
TZ: Asia/Shanghai
KONG_DATABASE: postgres
KONG_PG_HOST: kong-database
KONG_PG_USER: kong
KONG_PG_PASSWORD: kong
KONG_CASSANDRA_CONTACT_POINTS: kong-database
KONG_PROXY_ACCESS_LOG: /dev/stdout
KONG_ADMIN_ACCESS_LOG: /dev/stdout
KONG_PROXY_ERROR_LOG: /dev/stderr
KONG_ADMIN_ERROR_LOG: /dev/stderr
KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444
depends_on:
- kong-migration
- kong-database
ports:
- "8001:8001"
- "8000:8000"
- "8443:8443"
- "8444:8444"
#konga数据库的初始化
konga-prepare:
container_name: konga-prepare
image: pantsel/konga:latest
command: "-c prepare -a postgres -u postgresql://kong:kong@kong-database:5432/konga"
networks:
- kong-net
restart: on-failure
links:
- kong-database
depends_on:
- kong
- kong-database
#postgres数据库存储数据
konga:
container_name: konga
image: pantsel/konga:latest
restart: always
networks:
- kong-net
environment:
DB_ADAPTER: postgres
DB_HOST: kong-database
DB_USER: kong
DB_DATABASE: konga
DB_PASSWORD: kong
depends_on:
- kong
- kong-database
ports:
- "1337:1337"

41
docker-compose-3.129/readme.MD Normal file
View File

@@ -0,0 +1,41 @@
1. tts服务 https://github.com/remsky/Kokoro-FastAPI
git clone https://github.com/remsky/Kokoro-FastAPI.git
cd Kokoro-FastAPI
cd docker/gpu # For GPU support
# or cd docker/cpu # For CPU support
docker compose up --build
# Models will auto-download, but if needed you can manually download:
python docker/scripts/download_model.py --output api/src/models/v1_0
# Or run directly via UV:
./start-gpu.sh # For GPU support
./start-cpu.sh # For CPU support
2. ASR服务 https://github.com/modelscope/FunASR/blob/main/runtime/docs/SDK_advanced_guide_offline_en_zh.md
镜像启动
通过下述命令拉取并启动FunASR runtime-SDK的docker镜像
sudo docker pull \
registry.cn-hangzhou.aliyuncs.com/funasr_repo/funasr:funasr-runtime-sdk-en-cpu-0.1.7
mkdir -p ./funasr-runtime-resources/models
sudo docker run -p 10097:10095 -it --privileged=true \
-v $PWD/funasr-runtime-resources/models:/workspace/models \
registry.cn-hangzhou.aliyuncs.com/funasr_repo/funasr:funasr-runtime-sdk-en-cpu-0.1.7
服务端启动
docker启动之后启动 funasr-wss-server服务程序
cd FunASR/runtime
nohup bash run_server.sh \
--download-model-dir /workspace/models \
--vad-dir damo/speech_fsmn_vad_zh-cn-16k-common-onnx \
--model-dir damo/speech_paraformer-large_asr_nat-en-16k-common-vocab10020-onnx \
--punc-dir damo/punc_ct-transformer_cn-en-common-vocab471067-large-onnx > log.txt 2>&1 &
# 如果您想关闭ssl增加参数--certfile 0
服务端详细参数介绍可参考服务端用法详解

115
docker-compose-3.129/test.md Normal file
View File

@@ -0,0 +1,115 @@
### 测试人员试用期考试题目
---
#### 一、选择题每题5分共10题
1. **(技术)以下哪种测试方法主要用于验证软件是否符合需求文档中的功能描述?**
A. 白盒测试
B. 黑盒测试
C. 灰盒测试
D. 单元测试
2. **(经验)在测试过程中发现一个偶现的缺陷,但无法稳定复现,此时应如何处理?**
A. 直接忽略该缺陷
B. 记录缺陷并注明“偶现”
C. 要求开发立即修复
D. 不提交缺陷报告
3. **(规范)以下哪种命名方式符合测试用例的规范要求?**
A. Test_Case_1
B. TC_Login_ValidCredentials
C. Case123
D. LoginTest
4. **(技术)以下哪项是性能测试工具?**
A. JIRA
B. Selenium
C. JMeter
D. Postman
5. **(经验)测试用例设计中,等价类划分法的核心目的是:**
A. 减少测试用例数量
B. 覆盖所有可能的输入组合
C. 仅测试边界值
D. 验证用户界面
6. **(规范)测试文档中,以下哪项内容属于测试计划的必要组成部分?**
A. 缺陷统计表
B. 测试范围与目标
C. 测试用例详细步骤
D. 开发人员名单
7. **(技术)自动化测试脚本的维护成本较高的主要原因是:**
A. 脚本语言复杂
B. 需求频繁变更导致脚本失效
C. 测试人员能力不足
D. 开发工具限制
8. **(经验)在敏捷开发模式下,测试人员的主要职责不包括:**
A. 参与需求评审
B. 编写用户手册
C. 执行每日构建测试
D. 设计测试用例
9. **(规范)以下哪种行为违反了缺陷管理规范?**
A. 缺陷描述中包含复现步骤和实际结果
B. 将多个相似缺陷合并为一个报告
C. 缺陷状态标记为“已关闭”后不再验证
D. 使用优先级和严重程度区分缺陷
10. **(技术)以下哪项是安全测试的典型场景?**
A. 验证用户登录功能
B. 检测SQL注入漏洞
C. 测量系统响应时间
D. 检查界面布局兼容性
---
#### 二、填空题每题3分共5题
1. **技术测试用例的三大核心组成部分是______、测试步骤、预期结果。**
2. **规范测试计划中应明确测试的______、资源分配、风险评估和交付物。**
3. **经验BUG的生命周期通常包括新建、______、修复、验证、关闭。**
4. **技术性能测试中TPS的全称是______。**
5. **规范代码审查时应重点关注______、可维护性和潜在风险。**
---
#### 三、简答题每题5分共7题
1. **(技术)请简述黑盒测试与白盒测试的核心区别。**
2. **(经验)如何设计一个高覆盖率的登录功能测试用例?**
3. **(规范)测试人员在提交缺陷报告时需包含哪些关键信息?**
4. **(技术)什么是回归测试?在什么情况下需要执行回归测试?**
5. **(经验)当开发人员不认可你提交的缺陷时,应如何处理?**
6. **(规范)测试用例评审的参与方通常包括哪些角色?**
7. **技术请列举3种常见的接口测试工具。**
---
### 标准答案
#### 一、选择题
1. B 2. B 3. B 4. C 5. A
6. B 7. B 8. B 9. C 10. B
#### 二、填空题
1. 用例编号/名称
2. 测试范围
3. 确认/分配
4. Transactions Per Second每秒事务数
5. 代码逻辑
#### 三、简答题
1. **黑盒测试**关注功能是否符合需求,不关注内部代码;**白盒测试**基于代码结构设计用例,验证逻辑正确性。
2. 设计用例需覆盖:有效/无效用户名密码、空输入、特殊字符、密码加密、错误提示、多次失败锁定等场景。
3. 缺陷标题、复现步骤、实际结果、预期结果、环境信息、截图/日志、严重程度、优先级。
4. **回归测试**用于验证代码修改未引入新缺陷。需执行的情况:需求变更、缺陷修复、版本迭代后。
5. 提供更详细的复现步骤和日志;沟通需求文档或设计规范;若仍有争议,可请团队负责人或产品经理仲裁。
6. 测试人员、开发人员、产品经理、项目经理。
7. Postman、JMeter、SoapUI、Swagger任选3个
---
试卷设计覆盖技术能力、实际经验和规范意识,适用于评估测试人员的综合能力。

BIN
docker-swarm/.DS_Store vendored Normal file
View File

Binary file not shown.

15
docker-swarm/10.5x环境配置记录/0.使用阿里云的源.md Normal file
View File

@@ -0,0 +1,15 @@
更换yum源为阿里云的yum源因为后续Centos7可能也会停止官方的yum源支持所以需要手动更换
备份官方yum源配置文件
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
下载阿里云yum源配置文件
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
4、清除缓存生产新的缓存
yum clean all
yum makecache

37
docker-swarm/10.5x环境配置记录/1. 安装docker.md
View File

@@ -29,12 +29,32 @@ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/dock
接下来为了提高安装速度,我们进行配置使用国内源,输入如下指令: 接下来为了提高安装速度,我们进行配置使用国内源,输入如下指令:
sed -i 's@//download.docker.com@//mirrors.ustc.edu.cn/docker-ce@g' /etc/yum.repos.d/docker-ce.repo ### sed -i 's@//download.docker.com@//mirrors.ustc.edu.cn/docker-ce@g' /etc/yum.repos.d/docker-ce.repo
sed -i 's@//download.docker.com@//mirrors.aliyun.com/docker-ce@g' /etc/yum.repos.d/docker-ce.repo
3、安装 3、安装
输入如下指令进行docker安装 输入如下指令进行docker安装
sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin d sudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin d
设置日志大小
vim /etc/docker/daemon.json
<!--
{
"log-opts": {"max-size":"1g", "max-file":"3"},
"registry-mirrors": ["https://dockerproxy.net"]
} -->
{
"log-opts": {"max-size":"1g", "max-file":"3"},
"registry-mirrors": ["https://docker.hlmirror.com"]
}
systemctl reload docker
4、启动docker 4、启动docker
安装完毕后,进行启动,先输入如下指令加载配置: 安装完毕后,进行启动,先输入如下指令加载配置:
@@ -57,3 +77,16 @@ systemctl enable docker
[root@ZD-CRM1 ~]# systemctl stop firewalld [root@ZD-CRM1 ~]# systemctl stop firewalld
[root@ZD-CRM1 ~]# systemctl disable firewalld [root@ZD-CRM1 ~]# systemctl disable firewalld
``` ```
6. ulimit
ulimit -SHn 65536
vim /etc/security/limits.conf
* soft nofile 65535
* hard nofile 65535

97
docker-swarm/10.5x环境配置记录/3. 基本服务安装.md
View File

@@ -1,4 +1,7 @@
1. 初始化网路
## 基础配置
### 1. 初始化网路 prod
docker network create \ docker network create \
--driver=overlay \ --driver=overlay \
--subnet=10.17.0.0/16 \ --subnet=10.17.0.0/16 \
@@ -6,15 +9,93 @@
--attachable \ --attachable \
prod prod
1. rabbitmq ### 2. [portainer](../portainer) 管理工具
管理界面: 192.168.10.51:15672
内部prod_rabbitmq_stats:5672,prod_rabbitmq_queue1:5672,prod_rabbitmq_queue2:5672 docker stack deploy --compose-file docker-compose.yml portainer
stomp url192.168.10.51:15674
2. xxl-job-adin 管理界面: https://192.168.10.51:9443
管理界面: 192.168.10.51:9991 页面出现报错docker service update portainer_agent --force
3. nacos
### 3. [monitor](../monitor)
用于 grafana 监控
管理界面: 192.168.10.51:3000
admin gkxl2024#@
## 软件包
部署方法均参见文件夹内readme变量在对于的env文件。
### 1. [rabbitmq](../rabbitmq)
管理界面: 192.168.10.51:15672
内部prod_rabbitmq_stats:5672,prod_rabbitmq_queue1:5672,prod_rabbitmq_queue2:5672
stomp-url192.168.10.51:15674
### 2. [xxl-job-adin](../xxl-job-admin)
管理界面: 192.168.10.51:9991
内部prod-xxl-job-admin:8080
### 3. [nacos](../nacos-cluser)
管理界面: http://192.168.10.51:25848/nacos/ 管理界面: http://192.168.10.51:25848/nacos/
### 4. [redis](../redis-prod-50)
端口192.168.10.51:6379
内部prod_redis_redis-sentinel:16379
### 5. [elasticsearch](../elasticsearch)
管理界面: 192.168.10.51:5601
外部端口: 192.168.10.51:9200
内部端口: prod-es-elasticsearch:9200
### 6. [log](../log)
无管理界面仅需要加载对于的volumesprod-log
### 7. [elasticsearch](../mysql-repl-tool)
管理界面: 192.168.10.51:5601
外部端口: 192.168.10.51:9200
内部端口: prod-es-elasticsearch:9200
### 8. [skywalking](../skywalking)
管理界面: 192.168.10.51:18080
内部端口: prod-skywalking-oap:11800
### 8. [mysql](../mysql-repl-tool)
用于 [nacos](../nacos-cluser/mysql-schema.sql)xxl-job
管理界面: 192.168.10.51:25306
内部端口: prod-tool-mysql-master:3306 prod-tool-mysql-salve:3306
## 其余服务
[clickhouse](../clickhouse) 应用于服务 3.123
[datart](../datart) 依赖的服务其中mysql服务bi正在使用在3.123上
[jenkins](../jenkins) 3.120上专门用于部署
[canal](../canal) 用于数据同步只clickhouse在3.120

96
docker-swarm/10.5x环境配置记录/portainer_template.json
View File

@@ -6,22 +6,100 @@
"type": 2, "type": 2,
"title": "nacos cluser", "title": "nacos cluser",
"description": "nacos集群", "description": "nacos集群",
"categories": ["sino"], "categories": ["开发组件"],
"platform": "linux", "platform": "linux",
"logo": "", "logo": "",
"repository": { "repository": {
"url": "https://git.sino-assist.com//templates", "url": "https://git.sino-assist.com/sa-charts/",
"stackfile": "stacks/liveswitch/docker-stack.yml" "stackfile": "docker-swarm/nacos-cluser/cluster-docker-compose.yml"
}, },
"env": [ "env": [
{ {
"name": "POSTGRES_PASSWORD", "name": "NAMESPACE",
"label": "Postgres password" "label": "NAMESPACE",
"default": "prod"
},
{
"name": "NACOS_VERSION",
"label": "NACOS_VERSION",
"default": "v2.3.0"
},
{
"name": "NODE_PORT_11",
"label": "NODE_PORT_11",
"default": "21848"
},
{
"name": "NODE_PORT_12",
"label": "NODE_PORT_12",
"default": "22848"
},
{
"name": "NODE_PORT_13",
"label": "NODE_PORT_13",
"default": "22849"
},
{
"name": "NODE_PORT_21",
"label": "NODE_PORT_21",
"default": "23848"
},
{
"name": "NODE_PORT_22",
"label": "NODE_PORT_22",
"default": "24848"
},
{
"name": "NODE_PORT_23",
"label": "NODE_PORT_23",
"default": "24849"
},
{
"name": "NODE_PORT_31",
"label": "NODE_PORT_31",
"default": "25848"
},
{
"name": "NODE_PORT_32",
"label": "NODE_PORT_32",
"default": "26848"
},
{
"name": "NODE_PORT_33",
"label": "NODE_PORT_33",
"default": "26849"
},
{
"name": "MYSQL_SERVICE_HOST",
"label": "MYSQL_SERVICE_HOST",
"default": "prod-tool-mysql-master"
},
{
"name": "MYSQL_SERVICE_USER",
"label": "MYSQL_SERVICE_USER",
"default": "zd_tool"
},
{
"name": "MYSQL_SERVICE_PASSWORD",
"label": "MYSQL_SERVICE_PASSWORD",
"default": "gkxl2024#@"
},
{
"name": "NACOS_AUTH_IDENTITY_KEY",
"label": "NACOS_AUTH_IDENTITY_KEY",
"default": "nacos"
},
{
"name": "NACOS_AUTH_IDENTITY_VALUE",
"label": "NACOS_AUTH_IDENTITY_VALUE",
"default": "gkxl2024#@"
},
{
"name": "NACOS_AUTH_TOKEN",
"label": "NACOS_AUTH_TOKEN",
"default": "OTg1NjRzZnJ0Z2RmZzIwMjQ1NTU1NTExZWZnZGVmZGVz"
} }
] ]
}, }
] ]
} }

5
docker-swarm/clickhouse/docker-compose.yml
View File

@@ -15,6 +15,7 @@ services:
- CLICKHOUSE_ADMIN_PASSWORD=${CLICKHOUSE_ADMIN_PASSWORD} - CLICKHOUSE_ADMIN_PASSWORD=${CLICKHOUSE_ADMIN_PASSWORD}
volumes: volumes:
- 'data_db:/bitnami/clickhouse' - 'data_db:/bitnami/clickhouse'
- 'data_config:/opt/bitnami/clickhouse/etc'
deploy: deploy:
update_config: update_config:
order: start-first order: start-first
@@ -31,5 +32,5 @@ services:
volumes: volumes:
data_db: data_db:
driver: local driver: local
data_config:
driver: local

9
docker-swarm/elasticsearch/docker-compose.yml
View File

@@ -12,6 +12,7 @@ services:
- '${NODE_PORT_2}:9300' - '${NODE_PORT_2}:9300'
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- ELASTICSEARCH_HEAP_SIZE=8192m
volumes: volumes:
- '/mnt/data/volumes/elasticsearch:/bitnami/elasticsearch/data' - '/mnt/data/volumes/elasticsearch:/bitnami/elasticsearch/data'
deploy: deploy:
@@ -19,16 +20,16 @@ services:
constraints: constraints:
- node.labels.${NAMESPACE}_es==1 - node.labels.${NAMESPACE}_es==1
kibana: kibana:
image: docker.io/bitnami/kibana:8.13.4 image: docker.elastic.co/kibana/kibana:8.19.10
hostname: ${NAMESPACE}-es-kibana hostname: ${NAMESPACE}-es-kibana
ports: ports:
- "${NODE_PORT_KIBANA}:5601" - "${NODE_PORT_KIBANA}:5601"
volumes: volumes:
- "/mnt/data/volumes/kibana/data:/bitnami/kibana/data" - "/mnt/data/volumes/kibana/data:/usr/share/kibana/data"
- "/mnt/data/volumes/kibana/conf:/opt/bitnami/kibana/conf" - "/mnt/data/volumes/kibana/conf/kibana.yml:/usr/share/kibana/config/kibana.yml"
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- KIBANA_ELASTICSEARCH_URL=${NAMESPACE}-es-elasticsearch - elasticsearch.hosts=http://${NAMESPACE}-es-elasticsearch:9200
depends_on: depends_on:
- elasticsearch - elasticsearch
deploy: deploy:

191
docker-swarm/elasticsearch/kibana.yml Executable file
View File

@@ -0,0 +1,191 @@
# For more configuration options see the configuration guide for Kibana in
# https://www.elastic.co/guide/index.html
# =================== System: Kibana Server ===================
# Kibana is served by a back end server. This setting specifies the port to use.
#server.port: 5601
# Specifies the address to which the Kibana server will bind. IP addresses and host names are both valid values.
# The default is 'localhost', which usually means remote machines will not be able to connect.
# To allow connections from remote users, set this parameter to a non-loopback address.
#server.host: "localhost"
# Enables you to specify a path to mount Kibana at if you are running behind a proxy.
# Use the `server.rewriteBasePath` setting to tell Kibana if it should remove the basePath
# from requests it receives, and to prevent a deprecation warning at startup.
# This setting cannot end in a slash.
#server.basePath: ""
# Specifies whether Kibana should rewrite requests that are prefixed with
# `server.basePath` or require that they are rewritten by your reverse proxy.
# Defaults to `false`.
#server.rewriteBasePath: false
# Specifies the public URL at which Kibana is available for end users. If
# `server.basePath` is configured this URL should end with the same basePath.
#server.publicBaseUrl: ""
# The maximum payload size in bytes for incoming server requests.
#server.maxPayload: 1048576
# The Kibana server's name. This is used for display purposes.
#server.name: "your-hostname"
# =================== System: Kibana Server (Optional) ===================
# Enables SSL and paths to the PEM-format SSL certificate and SSL key files, respectively.
# These settings enable SSL for outgoing requests from the Kibana server to the browser.
#server.ssl.enabled: false
#server.ssl.certificate: /path/to/your/server.crt
#server.ssl.key: /path/to/your/server.key
# =================== System: Elasticsearch ===================
# The URLs of the Elasticsearch instances to use for all your queries.
#elasticsearch.hosts: ["http://localhost:9200"]
# If your Elasticsearch is protected with basic authentication, these settings provide
# the username and password that the Kibana server uses to perform maintenance on the Kibana
# index at startup. Your Kibana users still need to authenticate with Elasticsearch, which
# is proxied through the Kibana server.
#elasticsearch.username: "kibana_system"
#elasticsearch.password: "pass"
# Kibana can also authenticate to Elasticsearch via "service account tokens".
# Service account tokens are Bearer style tokens that replace the traditional username/password based configuration.
# Use this token instead of a username/password.
# elasticsearch.serviceAccountToken: "my_token"
# Time in milliseconds to wait for Elasticsearch to respond to pings. Defaults to the value of
# the elasticsearch.requestTimeout setting.
#elasticsearch.pingTimeout: 1500
# Time in milliseconds to wait for responses from the back end or Elasticsearch. This value
# must be a positive integer.
#elasticsearch.requestTimeout: 30000
# The maximum number of sockets that can be used for communications with elasticsearch.
# Defaults to `Infinity`.
#elasticsearch.maxSockets: 1024
# Specifies whether Kibana should use compression for communications with elasticsearch
# Defaults to `false`.
#elasticsearch.compression: false
# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
#elasticsearch.requestHeadersWhitelist: [ authorization ]
# Header names and values that are sent to Elasticsearch. Any custom headers cannot be overwritten
# by client-side headers, regardless of the elasticsearch.requestHeadersWhitelist configuration.
#elasticsearch.customHeaders: {}
# Time in milliseconds for Elasticsearch to wait for responses from shards. Set to 0 to disable.
#elasticsearch.shardTimeout: 30000
# =================== System: Elasticsearch (Optional) ===================
# These files are used to verify the identity of Kibana to Elasticsearch and are required when
# xpack.security.http.ssl.client_authentication in Elasticsearch is set to required.
#elasticsearch.ssl.certificate: /path/to/your/client.crt
#elasticsearch.ssl.key: /path/to/your/client.key
# Enables you to specify a path to the PEM file for the certificate
# authority for your Elasticsearch instance.
#elasticsearch.ssl.certificateAuthorities: [ "/path/to/your/CA.pem" ]
# To disregard the validity of SSL certificates, change this setting's value to 'none'.
#elasticsearch.ssl.verificationMode: full
# =================== System: Logging ===================
# Set the value of this setting to off to suppress all logging output, or to debug to log everything. Defaults to 'info'
#logging.root.level: debug
# Enables you to specify a file where Kibana stores log output.
#logging.appenders.default:
# type: file
# fileName: /var/logs/kibana.log
# layout:
# type: json
# Example with size based log rotation
#logging.appenders.default:
# type: rolling-file
# fileName: /var/logs/kibana.log
# policy:
# type: size-limit
# size: 256mb
# strategy:
# type: numeric
# max: 10
# layout:
# type: json
# Logs queries sent to Elasticsearch.
#logging.loggers:
# - name: elasticsearch.query
# level: debug
# Logs http responses.
#logging.loggers:
# - name: http.server.response
# level: debug
# Logs system usage information.
#logging.loggers:
# - name: metrics.ops
# level: debug
# Enables debug logging on the browser (dev console)
#logging.browser.root:
# level: debug
# =================== System: Other ===================
# The path where Kibana stores persistent data not saved in Elasticsearch. Defaults to data
#path.data: data
# Specifies the path where Kibana creates the process ID file.
#pid.file: /run/kibana/kibana.pid
# Set the interval in milliseconds to sample system and process performance
# metrics. Minimum is 100ms. Defaults to 5000ms.
#ops.interval: 5000
# Specifies locale to be used for all localizable strings, dates and number formats.
# Supported languages are the following: English (default) "en", Chinese "zh-CN", Japanese "ja-JP", French "fr-FR".
i18n.locale: "zh-CN"
# =================== Frequently used (Optional)===================
# =================== Saved Objects: Migrations ===================
# Saved object migrations run at startup. If you run into migration-related issues, you might need to adjust these settings.
# The number of documents migrated at a time.
# If Kibana can't start up or upgrade due to an Elasticsearch `circuit_breaking_exception`,
# use a smaller batchSize value to reduce the memory pressure. Defaults to 1000 objects per batch.
#migrations.batchSize: 1000
# The maximum payload size for indexing batches of upgraded saved objects.
# To avoid migrations failing due to a 413 Request Entity Too Large response from Elasticsearch.
# This value should be lower than or equal to your Elasticsearch clusters `http.max_content_length`
# configuration option. Default: 100mb
#migrations.maxBatchSizeBytes: 100mb
# The number of times to retry temporary migration failures. Increase the setting
# if migrations fail frequently with a message such as `Unable to complete the [...] step after
# 15 attempts, terminating`. Defaults to 15
#migrations.retryAttempts: 15
# =================== Search Autocomplete ===================
# Time in milliseconds to wait for autocomplete suggestions from Elasticsearch.
# This value must be a whole number greater than zero. Defaults to 1000ms
#unifiedSearch.autocomplete.valueSuggestions.timeout: 1000
# Maximum number of documents loaded by each shard to generate autocomplete suggestions.
# This value must be a whole number greater than zero. Defaults to 100_000
#unifiedSearch.autocomplete.valueSuggestions.terminateAfter: 100000
path:
data: /bitnami/kibana/data
pid:
file: /opt/bitnami/kibana/tmp/kibana.pid
server:
host: 0.0.0.0
port: 5601
elasticsearch:
hosts: http://prod-es-elasticsearch:9200

15
docker-swarm/elasticsearch/node.options Executable file
View File

@@ -0,0 +1,15 @@
## Node command line options
## See `node --help` and `node --v8-options` for available options
## Please note you should specify one option per line
## max size of old space in megabytes
#--max-old-space-size=4096
## do not terminate process on unhandled promise rejection
--unhandled-rejections=warn
## restore < Node 16 default DNS lookup behavior
--dns-result-order=ipv4first
## enable OpenSSL 3 legacy provider
--openssl-legacy-provider

5
docker-swarm/log/docker-compose.yml
View File

@@ -14,6 +14,11 @@ services:
configs: configs:
- source: logstash_conf - source: logstash_conf
target: /usr/share/logstash/pipeline/my.conf target: /usr/share/logstash/pipeline/my.conf
logging:
driver: json-file
options:
max-size: "500m"
max-file: "3"
deploy: deploy:
placement: placement:
constraints: constraints:

90
docker-swarm/log/jvm.options Normal file
View File

@@ -0,0 +1,90 @@
## JVM configuration
# Xms represents the initial size of total heap space
# Xmx represents the maximum size of total heap space
-Xms1g
-Xmx1g
################################################################
## Expert settings
################################################################
##
## All settings below this section are considered
## expert settings. Don't tamper with them unless
## you understand what you are doing
##
################################################################
## GC configuration
11-13:-XX:+UseConcMarkSweepGC
11-13:-XX:CMSInitiatingOccupancyFraction=75
11-13:-XX:+UseCMSInitiatingOccupancyOnly
## Locale
# Set the locale language
#-Duser.language=en
# Set the locale country
#-Duser.country=US
# Set the locale variant, if any
#-Duser.variant=
## basic
# set the I/O temp directory
#-Djava.io.tmpdir=$HOME
# set to headless, just in case
-Djava.awt.headless=true
# ensure UTF-8 encoding by default (e.g. filenames)
-Dfile.encoding=UTF-8
# use our provided JNA always versus the system one
#-Djna.nosys=true
# Turn on JRuby invokedynamic
-Djruby.compile.invokedynamic=true
## heap dumps
# generate a heap dump when an allocation from the Java heap fails
# heap dumps are created in the working directory of the JVM
-XX:+HeapDumpOnOutOfMemoryError
# specify an alternative path for heap dumps
# ensure the directory exists and has sufficient space
#-XX:HeapDumpPath=${LOGSTASH_HOME}/heapdump.hprof
## GC logging
#-Xlog:gc*,gc+age=trace,safepoint:file=@loggc@:utctime,pid,tags:filecount=32,filesize=64m
# log GC status to a file with time stamps
# ensure the directory exists
#-Xloggc:${LS_GC_LOG_FILE}
# Entropy source for randomness
-Djava.security.egd=file:/dev/urandom
# Copy the logging context from parent threads to children
-Dlog4j2.isThreadContextMapInheritable=true
# FasterXML/jackson defaults
#
# Sets the maximum string length (in chars or bytes, depending on input context).
# This limit is not exact and an exception will happen at sizes greater than this limit.
# Some text values that are a little bigger than the limit may be treated as valid but no
# text values with sizes less than or equal to this limit will be treated as invalid.
# This value should be higher than `logstash.jackson.stream-read-constraints.max-number-length`.
# The jackson library defaults to 20000000 or 20MB, whereas Logstash defaults to 200MB or 200000000 characters.
-Dlogstash.jackson.stream-read-constraints.max-string-length=200000000
#
# Sets the maximum number length (in chars or bytes, depending on input context).
# The jackson library defaults to 1000, whereas Logstash defaults to 10000.
-Dlogstash.jackson.stream-read-constraints.max-number-length=10000
#
# Sets the maximum nesting depth. The depth is a count of objects and arrays that have not
# been closed, `{` and `[` respectively.
#-Dlogstash.jackson.stream-read-constraints.max-nesting-depth=1000

2
docker-swarm/log/logstash.conf
View File

@@ -16,7 +16,7 @@ filter {
output { output {
if [servicename] { if [service] {
elasticsearch { elasticsearch {
hosts => [ "prod-es-elasticsearch:9200" ] hosts => [ "prod-es-elasticsearch:9200" ]
index => "sslog-%{[service]}" index => "sslog-%{[service]}"

2
docker-swarm/monitor/docker-stack.yml
View File

@@ -119,7 +119,7 @@ volumes:
networks: networks:
net: net:
driver: overlay driver: host

186
docker-swarm/nacos-cluser/pipeline {.groovy Normal file
View File

@@ -0,0 +1,186 @@
pipeline {
agent any
environment {
GITEA_TOKEN = credentials('gitea')
JAVA_HOME = tool 'java17'
GRADLE_USER_HOME = "${WORKSPACE}/.gradle"
}
options {
timestamps()
disableConcurrentBuilds()
}
stages {
/* ---------------------------------------------------
* 1. Checkout PR
* --------------------------------------------------- */
stage('Checkout PR') {
steps {
script {
checkout([
$class: 'GitSCM',
branches: [[name: env.SOURCE_BRANCH]],
userRemoteConfigs: [[
url: "https://git.sino-assist.com/${REPO_OWNER}/${REPO_NAME}.git",
credentialsId: 'gitlab'
]]
])
}
}
}
/* ---------------------------------------------------
* 2. 计算变更文件
* --------------------------------------------------- */
stage('计算增量变更') {
steps {
script {
sh """
git fetch origin ${TARGET_BRANCH}
git diff --name-only origin/${TARGET_BRANCH}...HEAD > changed_files.txt
"""
def diff = readFile('changed_files.txt').trim()
if (!diff) {
echo "✅ 无代码变更,跳过扫描"
currentBuild.result = 'SUCCESS'
return
}
env.CHANGED_FILES = diff
echo "变更文件:\\n${env.CHANGED_FILES}"
}
}
}
/* ---------------------------------------------------
* 3. 解析 Gradle 增量模块
* --------------------------------------------------- */
stage('Gradle 增量编译') {
tools {
jdk "java17"
gradle 'gradle'
}
steps {
script {
def modules = sh(
script: '''
awk -F/ '
{
if (NF >= 2) {
module=":"$1
for (i=2; i<=NF-1; i++) {
if ($i == "src") break
module=module":"$i
}
print module
}
}' changed_files.txt | sort -u
''',
returnStdout: true
).trim()
if (!modules) {
modules = ":classes"
}
echo "✅ 受影响模块:\\n${modules}"
def tasks = modules
.split("\\n")
.collect { "${it}:classes" }
.join(" ")
sh """
gradle ${tasks} \
-x test \
--parallel \
--build-cache \
--configure-on-demand
"""
}
}
}
/* ---------------------------------------------------
* 4. SonarQube 社区版【增量扫描】
* --------------------------------------------------- */
stage('SonarQube 增量扫描(社区版)') {
tools {
jdk "java17"
gradle 'gradle'
}
steps {
script {
// 仅扫描 src/main/java 下的变更 Java 文件
def sonarIncludes = sh(
script: '''
grep -E "src/main/java/.*\\.java$" changed_files.txt \
| sed 's#^#./#' \
| tr '\\n' ','
''',
returnStdout: true
).trim()
if (!sonarIncludes) {
echo "✅ 无 Java 代码变更,跳过 Sonar"
return
}
echo "Sonar 增量扫描文件:\\n${sonarIncludes}"
withSonarQubeEnv('sonar-server') {
sh """
gradle sonar \
-Dsonar.projectKey=${REPO_NAME} \
-Dsonar.inclusions=${sonarIncludes} \
-Dsonar.sourceEncoding=UTF-8 \
-Dsonar.gradle.skipCompile=true \
-Dsonar.exclusions=**/*
"""
}
}
}
}
/* ---------------------------------------------------
* 5. 质量门禁 + PR 反馈
* --------------------------------------------------- */
stage('反馈审查结果') {
steps {
script {
def report = waitForQualityGate()
if (report.status != 'OK') {
sh """
curl -X POST \
"https://git.sino-assist.com/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/issues/${PR_ID}/comments" \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d '{
"body": "❌ SonarQube 社区版增量扫描未通过\\n\\n📊 报告:${report.dashboardUrl}"
}'
"""
error "❌ 质量门禁失败"
} else {
sh """
curl -X POST \
"https://git.sino-assist.com/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/statuses/${GIT_COMMIT}" \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d '{
"context": "sonarqube-check",
"state": "success",
"description": "✅ 社区版增量扫描通过"
}'
"""
}
}
}
}
}
}

63
docker-swarm/nginx-prod-50/docker-compose.yml
View File

@@ -5,11 +5,17 @@ networks:
name: ${NAMESPACE} name: ${NAMESPACE}
external: true external: true
services: services:
server: server1:
image: 'docker.io/bitnami/nginx:1.24' image: 'docker.io/bitnami/nginx:1.24'
ports: ports:
- '8080:8080' - mode: host
- '8443:8443' protocol: tcp
published: 8180
target: 8080
- mode: host
protocol: tcp
published: 8143
target: 8443
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
volumes: volumes:
@@ -25,19 +31,50 @@ services:
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.pem target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.pem
- source: nginx_prod_config - source: nginx_prod_config
target: /opt/bitnami/nginx/conf/server_blocks/prod.conf target: /opt/bitnami/nginx/conf/server_blocks/prod.conf
- source: nginx_prod_sup_config
target: /opt/bitnami/nginx/conf/server_blocks/prod-sup.conf
- source: nginx_other_config
target: /opt/bitnami/nginx/conf/server_blocks/zd-other.conf
deploy: deploy:
mode: replicated mode: replicated
replicas: 2 replicas: 1
update_config: update_config:
order: start-first order: start-first
placement: placement:
constraints: constraints:
- node.labels.${NAMESPACE}_nginx==1 - node.hostname==ZD-CRM1
server2:
image: 'docker.io/bitnami/nginx:1.24'
ports:
- mode: host
protocol: tcp
published: 8280
target: 8080
- mode: host
protocol: tcp
published: 8243
target: 8443
environment:
- TZ=Asia/Shanghai
volumes:
- /opt/logs/nginx/:/opt/bitnami/nginx/logs/
configs:
- source: nginx_conf
target: /opt/bitnami/nginx/conf/nginx.conf
- source: nginx_ssl_sinoassist_config
target: /opt/bitnami/nginx/conf/ssl.sinoassist.conf
- source: ssl_sinoassist_key
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.key
- source: ssl_sinoassist_pem
target: /opt/bitnami/nginx/conf/server_blocks/sinoassist.com.pem
- source: nginx_prod_config
target: /opt/bitnami/nginx/conf/server_blocks/prod.conf
deploy:
mode: replicated
replicas: 1
update_config:
order: start-first
placement:
constraints:
- node.hostname==ZD-CRM2
configs: configs:
nginx_conf: nginx_conf:
external: true external: true
@@ -47,13 +84,7 @@ configs:
name: nginx_ssl_sinoassist_conf_v1 name: nginx_ssl_sinoassist_conf_v1
nginx_prod_config: nginx_prod_config:
external: true external: true
name: nginx_prod_config_v1 name: nginx_prod_config_v2
nginx_prod_sup_config:
external: true
name: nginx_prod_sup_config_v1
nginx_other_config:
external: true
name: nginx_other_config_v1
ssl_sinoassist_key: ssl_sinoassist_key:
external: true external: true
name: ssl_sinoassist_key_2024 name: ssl_sinoassist_key_2024

44
docker-swarm/nginx-prod-50/nginx_other_config_v1
View File

@@ -1,44 +0,0 @@
## 公司其他域名的切换
# 4s店微信
server {
listen 8080;
server_name wx4s.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8777;
}
}
# 微信供应商
server {
listen 8080;
server_name wxdd.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8568;
}
}
# 呼叫中心接口
server {
listen 8080;
server_name apicc.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:8080;
}
}
# 呼叫中心接口websocket
server {
listen 8080;
server_name apiccws.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:1884;
}
}

117
docker-swarm/nginx-prod-50/nginx_prod_config_v1
View File

@@ -1,4 +1,5 @@
#### 中道prod环境开始 ####
upstream api.zhongdao { upstream api.zhongdao {
server ss52_sa-gateway_svc:8080; server ss52_sa-gateway_svc:8080;
@@ -164,4 +165,118 @@ server {
add_header Strict-Transport-Security max-age=15768000; add_header Strict-Transport-Security max-age=15768000;
return 301 https://www.sinoassist.com$request_uri; return 301 https://www.sinoassist.com$request_uri;
} }
#### 中道prod环境结束 ####
## 公司其他域名的切换
# 4s店微信
server {
listen 8080;
server_name wx4s.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8777;
}
}
# 微信供应商
server {
listen 8080;
server_name wxdd.sinoassist.com;
location / {
proxy_pass http://192.168.10.7:8568;
}
}
# 呼叫中心接口
server {
listen 8080;
server_name apicc.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:8080;
}
}
# 呼叫中心接口websocket
server {
listen 8080;
server_name apiccws.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
location / {
proxy_pass http://192.168.5.201:1884;
}
}
## 救援生产环境其他服务域名切换
## rabbitmq stomp
upstream stomp.zhongdao {
server prod_rabbitmq_queue1:15674;
server prod_rabbitmq_queue2:15674;
server prod_rabbitmq_stats:15674;
}
server {
listen 8080;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
server_name stomp.sinoassist.com;
location / {
proxy_pass http://stomp.zhongdao;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# 备份文件服务器
server {
listen 8080;
server_name file.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
# 录音文件服务器
location /ly/ {
proxy_pass http://192.168.5.204:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
# 备份文件服务器
location / {
proxy_pass http://192.168.10.18:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
}

65
docker-swarm/nginx-prod-50/nginx_prod_sup_config_v1
View File

@@ -1,65 +0,0 @@
## 救援生产环境其他服务域名切换
## rabbitmq stomp
upstream stomp.zhongdao {
server prod_rabbitmq_queue1:15674;
server prod_rabbitmq_queue2:15674;
server prod_rabbitmq_stats:15674;
}
server {
listen 8080;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
server_name stomp.sinoassist.com;
location / {
proxy_pass http://stomp.zhongdao;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# 备份文件服务器
server {
listen 8080;
server_name file.sinoassist.com;
include /opt/bitnami/nginx/conf/ssl.sinoassist.conf;
# 录音文件服务器
location /ly/ {
proxy_pass http://192.168.5.204:8088/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
# 备份文件服务器
location / {
proxy_pass http://192.168.10.18:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
if ($request_filename ~ .*\.(htm|html)$)
{
add_header Cache-Control no-cache;
}
}
}

1
docker-swarm/portainer/README.md Normal file
View File

@@ -0,0 +1 @@
docker stack deploy --compose-file docker-compose.yml - portainer

17
docker-swarm/rabbitmq/README
View File

@@ -20,4 +20,19 @@ rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
# prod环境下 部署rabbitmq集群 # prod环境下 部署rabbitmq集群
env $(cat ./env_prod | xargs) envsubst < ./docker-compose-prod.yml | docker stack deploy --compose-file - prod_rabbitmq env $(cat ./env_prod | xargs) envsubst < ./docker-compose-prod.yml | docker stack deploy --compose-file - prod_rabbitmq
docker.nju.edu.cn
{
"registry-mirrors": [
"https://<changme>.mirror.aliyuncs.com",
"https://dockerproxy.com",
"https://mirror.baidubce.com",
"https://docker.m.daocloud.io",
"https://docker.nju.edu.cn",
"https://docker.mirrors.sjtug.sjtu.edu.cn"
]
}

3
docker-swarm/rabbitmq/docker-compose-prod.yml
View File

@@ -17,6 +17,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE} - RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root - RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_management,rabbitmq_stomp,rabbitmq_web_stomp - RABBITMQ_PLUGINS=rabbitmq_management,rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=- - RABBITMQ_LOGS=-
ports: ports:
@@ -42,6 +43,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE} - RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root - RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp - RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=- - RABBITMQ_LOGS=-
volumes: volumes:
@@ -65,6 +67,7 @@ services:
- RABBITMQ_VHOSTS=/${NAMESPACE} - RABBITMQ_VHOSTS=/${NAMESPACE}
- RABBITMQ_USERNAME=root - RABBITMQ_USERNAME=root
- RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD} - RABBITMQ_PASSWORD=${RABBITMQ_PASSWORD}
- RABBITMQ_MANAGEMENT_ALLOW_WEB_ACCESS=true
- RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp - RABBITMQ_PLUGINS=rabbitmq_stomp,rabbitmq_web_stomp
- RABBITMQ_LOGS=- - RABBITMQ_LOGS=-
volumes: volumes:

4
docker-swarm/redis copy/env_prod
View File

@@ -1,4 +0,0 @@
NAMESPACE=prod
NODE_PORT=6379
REDIS_PASSWORD=gkxl650
REDIS_SENTINEL_PASSWORD=gkxl650

0
docker-swarm/redis copy/README → docker-swarm/redis-prod-50/README
View File

116
docker-swarm/redis-prod-50/docker-compose.yml Normal file
View File

@@ -0,0 +1,116 @@
version: '3.8'
networks:
default:
name: ${NAMESPACE}
external: true
services:
master:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.10.55
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
volumes:
- data_master:/bitnami
deploy:
update_config:
order: stop-first
placement:
constraints:
- node.hostname==ZD-CRM5
slave:
image: 'bitnami/redis:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.10.56
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
depends_on:
- master
volumes:
- data_slave:/bitnami
deploy:
update_config:
order: stop-first
placement:
constraints:
- node.hostname==ZD-CRM6
sentinel-1:
image: 'bitnami/redis-sentinel:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.10.55
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on:
- master
- slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy:
update_config:
order: stop-first
mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement:
constraints:
- node.hostname==ZD-CRM5
volumes:
- data_sentinel_1:/bitnami
sentinel-2:
image: 'bitnami/redis-sentinel:7.0.11'
environment:
- TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.10.4
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.10.56
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on:
- master
- slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy:
update_config:
order: stop-first
mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement:
constraints:
- node.hostname==ZD-CRM6
volumes:
- data_sentinel_2:/bitnami
volumes:
data_sentinel_1:
driver: local
data_sentinel_2:
driver: local
data_master:
driver: local
data_slave:
driver: local

0
docker-swarm/redis copy/env_crm1 → docker-swarm/redis-prod-50/env_crm1
View File

4
docker-swarm/redis-prod-50/env_prod Normal file
View File

@@ -0,0 +1,4 @@
NAMESPACE=prod
NODE_PORT=6379
REDIS_PASSWORD=sino#650
REDIS_SENTINEL_PASSWORD=sino#650

52
docker-swarm/redis copy/docker-compose.yml → docker-swarm/redis/docker-compose copy.yml
View File

@@ -9,63 +9,81 @@ services:
image: 'bitnami/redis:7.0.11' image: 'bitnami/redis:7.0.11'
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- REDIS_MASTER_HOST=192.168.1.207
- REDIS_REPLICATION_MODE=master - REDIS_REPLICATION_MODE=master
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD} - REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.1.207
ports: ports:
- '${NODE_PORT}:6379' - mode: host
protocol: tcp
published: 6379
target: 6379
volumes: volumes:
- data_master:/bitnami - data_master:/bitnami
deploy: deploy:
update_config: update_config:
order: start-first order: stop-first
placement: placement:
constraints: constraints:
- node.labels.${NAMESPACE}_redis_master==1 - node.hostname==okd7
slave: slave:
image: 'bitnami/redis:7.0.11' image: 'bitnami/redis:7.0.11'
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- REDIS_REPLICATION_MODE=slave - REDIS_REPLICATION_MODE=slave
- REDIS_MASTER_HOST=${NAMESPACE}_redis_master - REDIS_MASTER_HOST=192.168.1.207
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD} - REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_PASSWORD=${REDIS_PASSWORD} - REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_REPLICA_IP=192.168.1.208
ports:
- mode: host
protocol: tcp
published: 6379
target: 6379
depends_on: depends_on:
- master - master
volumes: volumes:
- data_slave:/bitnami - data_slave:/bitnami
deploy: deploy:
update_config: update_config:
order: start-first order: stop-first
placement: placement:
constraints: constraints:
- node.labels.${NAMESPACE}_redis_slave==1 - node.hostname==zd-dev-208
redis-sentinel: redis-sentinel:
image: 'bitnami/redis-sentinel:7.0.11' image: 'bitnami/redis-sentinel:7.0.11'
environment: environment:
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- REDIS_MASTER_HOST=${NAMESPACE}_redis_master - REDIS_MASTER_HOST=192.168.1.207
- REDIS_MASTER_PASSWORD=${REDIS_PASSWORD} - REDIS_MASTER_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_ANNOUNCE_IP=192.168.1.209
- REDIS_PASSWORD=${REDIS_PASSWORD}
- REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD} - REDIS_SENTINEL_PASSWORD=${REDIS_SENTINEL_PASSWORD}
depends_on: depends_on:
- master - master
- slave - slave
ports:
- mode: host
protocol: tcp
published: 26379
target: 26379
deploy: deploy:
update_config: update_config:
order: start-first order: stop-first
mode: global mode: replicated
replicas: 1 # replicas模式 副本数目为1
placement: placement:
constraints: constraints:
- node.labels.${NAMESPACE}_redis_sentinel==1 - node.hostname==zd-dev-209
max_replicas_per_node: 1
volumes: volumes:
- data_sentinel:/bitnami - data_sentinel_1:/bitnami
volumes: volumes:
data_sentinel: data_sentinel_1:
driver: local
data_sentinel_2:
driver: local driver: local
data_master: data_master:
driver: local driver: local
data_slave: data_slave:
driver: local driver: local

3
docker-swarm/skywalking/README
View File

@@ -8,3 +8,6 @@ env $(cat ./env_crm1 | xargs) envsubst < ./docker-compose.yml | docker stack dep
# #
env $(cat ./env_prod | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - prod_skywalking --with-registry-auth env $(cat ./env_prod | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - prod_skywalking --with-registry-auth
env $(cat ./env | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - skywalking --with-registry-auth

2
docker-swarm/xxl-job-admin/README
View File

@@ -6,5 +6,3 @@ env $(cat ./env_crm1 | xargs) envsubst < ./docker-compose.yml | docker stack dep
env $(cat ./env_prod | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - prod_xxl_job env $(cat ./env_prod | xargs) envsubst < ./docker-compose.yml | docker stack deploy --compose-file - prod_xxl_job
docker stack deploy --compose-file docker-compose.yml - portainer

2086
运维/inc.log Normal file
View File

File diff suppressed because it is too large Load Diff

2538
运维/index.log Normal file
View File

File diff suppressed because it is too large Load Diff

36
运维/my.cnf Normal file
View File

@@ -0,0 +1,36 @@
[mysqld]
# 内存核心配置 (适配64GB内存)
innodb_buffer_pool_size = 44G # 提升至物理内存的68%
innodb_buffer_pool_instances = 16 # 匹配CPU核心数
# 线程与连接优化 (适配281连接/64核心)
thread_cache_size = 150 # 调整为连接数的一半
innodb_thread_concurrency = 0 # 禁用并发限制让MySQL自动管理
innodb_read_io_threads = 16
innodb_write_io_threads = 16
# 每连接内存优化 (关键!)
max_connections = 400
sort_buffer_size = 512K # 原256K过低
read_buffer_size = 256K
read_rnd_buffer_size = 512K
join_buffer_size = 512K
thread_stack = 512K # 防止复杂查询溢出
# 临时表与缓存优化
tmp_table_size = 128M
max_heap_table_size = 128M
table_open_cache = 10000
table_definition_cache = 4000
# InnoDB日志优化 (SSD专用)
innodb_log_file_size = 4G # 增大日志文件
innodb_log_files_in_group = 2 # 共8GB日志
innodb_io_capacity = 20000 # SSD优化
innodb_io_capacity_max = 40000
innodb_flush_method = O_DIRECT_NO_FSYNC
# 超时与维护
wait_timeout = 120
interactive_timeout = 300
innodb_purge_threads = 4

32
运维/mysql-backup.md Normal file
View File

@@ -0,0 +1,32 @@
1. 安装xtrabackup
sudo yum install https://www.percona.com/downloads/percona-release/redhat/0.1-10/percona-release-0.1-10.noarch.rpm
sudo yum install percona-xtrabackup-80
2. ​全量备份加速方案​
```
xtrabackup --backup --user=root --password=nczl@sino_db \
--parallel=4 --compress --compress-threads=4 \
--target-dir=/data/backup/full_$(date +%Y%m%d) | gzip > backup.xbstream.gz
xtrabackup --backup --user=root --password=nczl@sino_db \
--incremental-basedir=/data/backup/full_$(date +%Y%m%d) \
--target-dir=/data/backup/inc_$(date +%Y%m%d) \
--parallel=4 --compress --compress-threads=4 | gzip > inc.xbstream.gz
xtrabackup --user=root --password=nczl@sino_db --decompress --target-dir=/data/backup/full_20250508
xtrabackup --prepare --apply-log-only --target-dir=/data/backup/full_20250508 \
--use-memory=32G
```
rsync -avz -e ssh /data/backup/full_20250508 root@192.168.3.123/data/backup/full_20250508