oss_online_basic_environment_installation.sh
#!/bin/bash
# 操作系统建议要求centos7.6【稳定】
# disk mount
OS_VERSION=`cat /etc/redhat-release | awk '{print $4}' | cut -c 1-3`
echo $OS_VERSION
fdisk -l | grep /dev/vdb
mkdir /var/ctdna
mkfs.ext4 /dev/vdb
mount -t ext4 /dev/vdb /var/ctdna/
DISK=`df -Th | grep /var/ctdna | awk '{print $1}'`
WORK_DIR=`df -Th | grep /var/ctdna | awk '{print $7}'`
if [[ $DISK == "/dev/vdb" && $WORK_DIR == "/var/ctdna" ]];then
echo "mounted successfully" >> oss_online_basic_environment_installation.log
else
echo "Mount failed" >> oss_online_basic_environment_installation.log
fi
echo -e "/dev/vdb /var/ctdna ext4 defaults 0 0 " >> /etc/fstab
#docker install
#https://blog.csdn.net/weixin_43824267/article/details/110131417
cd /var/ctdna/
wget https://ctdna-node-modules.oss-cn-beijing.aliyuncs.com/docker-20.10.7.tgz
tar zxf docker-20.10.7.tgz
cp docker/* /usr/bin/
touch /etc/systemd/system/docker.service
echo "[Unit]
Description=Docker Application Container Engine
documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=172.122.11.203
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/docker.service
# LOCAL_IP=`ifconfig | grep 127.0 | awk '{print $2}'`
# sed -i 's/172.122.11.203/'"$LOCAL_IP"'/g' /etc/systemd/system/docker.service
chmod 777 /etc/systemd/system/docker.service
# change overlay2 path
mkdir -p /var/ctdna/docker/lib
mkdir -p /etc/systemd/system/docker.service.d/
touch /etc/systemd/system/docker.service.d/devicemapper.conf
echo "[Service]
ExecStart=
ExecStart=/usr/bin/dockerd --graph=/var/ctdna/docker/lib" > /etc/systemd/system/docker.service.d/devicemapper.conf
#chenge the mirror address
echo '{
"registry-mirrors": ["https://mo89zdpv.mirror.aliyuncs.com"]
}' > /etc/docker/daemon.json
systemctl daemon-reload
systemctl restart docker
systemctl status docker.service
systemctl start docker.service
# install docker-compose
wget https://ctdna-node-modules.oss-cn-beijing.aliyuncs.com/docker-compose-linux-x86_64
mv docker-compose-linux-x86_64 /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
DOCKER_COMPOSE_VERSION=`docker-compose -v | awk '{print $4}'`
if [[ $DOCKER_COMPOSE_VERSION == "v2.2.0" ]];then
echo "docker-compose installed successfully" >> oss_online_basic_environment_installation.log
else
echo "docker-composeinstalled failed" >> oss_online_basic_environment_installation.log
fi
# firewall [7801-7820端口]
# 后端
# haproxy【7809-7810】、
# admin-api【7808】、
# pinsurvey【7806(worker)-7807】、
# ez-datamanagement【7805】
# 前端
# ez-addmin-front【7804】
# pinsurvey【7801-7803】
# ezstudio【7811-7820】
FIREWALL_STATUS=`firewall-cmd --state`
if [[ $FIREWALL_STATUS == "running" ]];then
firewall-cmd --zone=public --add-port=7801-7820/tcp --permanent
firewall-cmd --reload
PORT_LIST=`firewall-cmd --zone=public --add-port=7801-7820/tcp --permanent`
if [[ $PORT_LIST == " " ]];then
firewall-cmd --zone=public --add-port=7801-7820/tcp --permanent
firewall-cmd --reload
else
echo "The firewall successfully released ports 7801-7820 " >> oss_online_basic_environment_installation.log
fi
else
echo "The firewall status is dead !" >> oss_online_basic_environment_installation.log
fi
# install haproxy
yum -y install gcc openssl-devel pcre-devel systemd-devel
cd /var/ctdna
wget https://ctdna-node-modules.oss-cn-beijing.aliyuncs.com/haproxy-2.1.10.tar.gz
tar zxf haproxy-2.1.10.tar.gz -C /usr/local/
cd /usr/local/haproxy-2.1.10/
make TARGET=linux-glibc
sudo make install
sudo mkdir -p /etc/haproxy
echo "
global
log /dev/log local0
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 30000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 30000
listen stats # 定义监控页面
mode http
bind *:7809
stats refresh 30s
stats uri /stats # 访问监控页面的uri
stats realm HAProxy Stats # 监控页面的认证提示
stats auth city:City
frontend main
bind *:7810
# ez-admin-api
acl admin_acl path_beg -i /ez-admin/
use_backend admin if admin_acl
# pinsurvey-api
acl pinsurvey_acl path_beg -i /pinsurvey-old/
use_backend pinsurvey if pinsurvey_acl
# ez-datamanagement
acl ez_datamanagement_acl path_beg -i /ez-datamanagement/
use_backend ez-datamanagement if ez_datamanagement_acl
default_backend admin
backend admin
http-request replace-path /ez-admin/(.*) /1
server admin 127.0.0.1:7808 check
backend pinsurvey
http-request replace-path /pinsurvey-old/(.*) /1
server pinsurvey 127.0.0.1:7807 check
backend ez-datamanagement
http-request replace-path /ez-datamanagement/(.*) /1
server pinsurvey 127.0.0.1:7805 check " > /etc/haproxy/haproxy.cfg
sudo mkdir -p /var/lib/haproxy
sudo touch /var/lib/haproxy/stats
sudo ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
sudo cp /usr/local/haproxy-2.1.10/examples/haproxy.init /etc/init.d/haproxy
sudo chmod 755 /etc/init.d/haproxy
sudo systemctl daemon-reload
sudo chkconfig haproxy on
sudo useradd -r haproxy
haproxy -v
systemctl start haproxy
systemctl status haproxy
systemctl enable haproxy
HAPROXY_STATUS=`systemctl status haproxy | grep Active | awk '{print $2,$3}'`
if [[ $HAPROXY_STATUS == "active (running)" ]];then
echo "haproxy installed successfully" >> oss_online_basic_environment_installation.log
else
echo "haproxy installed failed" >> oss_online_basic_environment_installation.log
fi
![半离线部署[磁盘+docker+docker-compose+firewall+haproxy]脚本](http://www.mshxw.com/aiimages/31/746355.png "半离线部署[磁盘+docker+docker-compose+firewall+haproxy]脚本")
