一次微服務部署手冊

新一代數據訂閱系統部署手冊

1.系統介紹

關區新一代數據訂閱系統採用SpringBoot技術開發，基本的架構以下：

2.部署準備工做

首先將程序打包爲一個單體JAR包，名爲：event-process-0.0.1-SNAPSHOT.jar，將程序和全局配置文件application.yml放到當前目錄下，在當前目錄下編寫Dockerfile，以下：

FROM cantara/alpine-openjdk-jdk8
WORKDIR /usr/myapp
COPY event-process-0.0.1-SNAPSHOT.jar /usr/myapp/
COPY ./application.yml /usr/myapp/config/
CMD  java -jar /usr/myapp/event-process-0.0.1-SNAPSHOT.jar

將上述代碼保存至Dockerfile中，而後在當前目錄下執行以下指令：

docker build . -t myevent

執行無誤後程序將打包爲docker鏡像，而後用以下命令啓動docker鏡像：

docker run -d -p 9091:8080 --name=myevent1 -v /home/conf/event:/usr/myapp/config -v /etc/localtime:/etc/localtime --hostname=myevent1 --restart=always  myevent

鏡像啓動後，可使用以下命令從開發機上到導出鏡像文件：

docker export 鏡像ID -o myevent.tar

將myevent.tar文件copy至生產環境備用。

3.部署

部署將使用兩臺CentOS 7.6 linux主機，IP地址分別爲10.77.9.112和10.77.9.113，並使用10.77.9.114做爲共享的虛擬IP對外提供服務。其中112和113主機上分別安裝了docker引擎和keepalived的軟件，並有nginx的docker鏡像。

3.1目錄規劃和相關配置文件的放置

在兩臺主機上分別建立目錄，目錄建立命令以下：

mkdir /home/conf
mkdir /home/conf/nginx
mkdir /home/conf/nginx/conf.d
mkdir /home/conf/nginx/check_sh
mkdir /home/conf/event

3.2放置配置文件

在兩臺主機想分別放置以下目錄：

將application.yml放置到目錄/home/conf/event;
在目錄/home/conf/nginx中建立文件nginx.conf;
在目錄/home/conf/nginx/conf.d中建立文件default.conf;
在目錄/home/conf/nginx/建立文件nginx_check.sh。

3.3啓動docker鏡像

3.3.1導入myevent.tar鏡像

分別在兩臺主機上導入myevent鏡像文件，命令以下：

docker import myevent.tar myevent

3.3.2 修改配置文件

按照部署要求修改兩臺主機上的application.yml，將數據庫連接和RabbitMQ的配置更新至生產環境。

3.3.2.1修改112的nginx相關配置

修改nginx.conf以下：

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}



http {

    upstream tomcat_server {
        server 10.77.9.112:9090;
        server 10.77.9.112:9091;
        server 10.77.9.113:9090;
        server 10.77.9.113:9091;
    }
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush on;

    keepalive_timeout  65;

    #gzip on;

    include /etc/nginx/conf.d/*.conf;
}

修改default.conf以下：

server {
    listen       80;
    server_name  10.77.9.112;

    #charset koi8-r;
    #access_log /var/log/nginx/host.access.log main;

    location / {
        #root /usr/share/nginx/html;
        #index index.html index.htm;
        proxy_pass http://tomcat_server;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    #error_page 404 /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    # proxy_pass http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    # root html;
    # fastcgi_pass 127.0.0.1:9000;
    # fastcgi_index index.php;
    # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
    # include fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    # deny all;
    #}
}

編寫nginx_check.sh,保存後給予可執行權限chmod +x nginx_check.sh以下：

#!/bin/bash
A=$(ps -C nginx --no-header|wc -l)
if [ $A -eq 0 ]
then
   docker start nginx1
   sleep 8
   B=$(ps -C nginx --no-header | wc -l)
   if [ $B -eq 0 ]
   then
        systemctl stop keepalived.service
   fi
fi

3.3.2.2修改113的nginx相關配置

修改nginx.conf以下：

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}



http {

    upstream tomcat_server {
        server 10.77.9.112:9090;
        server 10.77.9.112:9091;
        server 10.77.9.113:9090;
        server 10.77.9.113:9091;
    }
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush on;

    keepalive_timeout  65;

    #gzip on;

    include /etc/nginx/conf.d/*.conf;
}

修改default.conf以下：

server {
    listen       80;
    server_name  10.77.9.113;

    #charset koi8-r;
    #access_log /var/log/nginx/host.access.log main;

    location / {
        #root /usr/share/nginx/html;
        #index index.html index.htm;
        proxy_pass http://tomcat_server;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    #error_page 404 /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    # proxy_pass http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    # root html;
    # fastcgi_pass 127.0.0.1:9000;
    # fastcgi_index index.php;
    # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
    # include fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    # deny all;
    #}
}

編寫nginx_check.sh,保存後給予可執行權限chmod +x nginx_check.sh以下：

#!/bin/bash
A=$(ps -C nginx --no-header|wc -l)
if [ $A -eq 0 ]
then
   docker start nginx2
   sleep 8
   B=$(ps -C nginx --no-header | wc -l)
   if [ $B -eq 0 ]
   then
        systemctl stop keepalived.service
   fi
fi

3.3.2.3修改keepalived配置

分別修改112和113主機路徑/etc/keepalived/keepalived.conf文件。

112修改以下：

! Configuration File for keepalived

global_defs {
   router_id LVS_52
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script chk_nginx {
   script "/home/conf/nginx/check_sh/nginx_check.sh"
   interval 2
   weight -5
   fall 3
   rise 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens32 #主機上的網卡編號
    virtual_router_id 151 #主備必須相同
    mcast_src_ip 10.77.9.112
    priority 100 #主機的必須大於備機
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        10.77.9.114 #虛擬ip，主備相同
    }
}

virtual_server 10.77.9.114 80 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP

    real_server 10.77.9.112 8000 {
        weight 1
         TCP_CHECK{
                connect_timeout 5
                ng_get_retry 3
                delay_before_retry 3
                connect_port 8000
        }
    }
    real_server 10.77.9.113 8000 {
        weight 1
        TCP_CHECK{
                connect_timeout 5
                ng_get_retry 3
                delay_before_retry 3
                connect_port 8000
        }

    }
}

113修改以下：

! Configuration File for keepalived

global_defs {
   router_id LVS_53
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script chk_nginx {
   script "/home/conf/nginx/check_sh/nginx_check.sh"
   interval 2
   weight -5
   fall 3
   rise 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens32
    virtual_router_id 151
    mcast_src_ip 10.77.9.113
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        10.77.9.114
    }
}

virtual_server 10.77.9.114 80 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP

    real_server 10.77.9.112 8000 {
        weight 1
         TCP_CHECK{
                connect_timeout 5
                ng_get_retry 3
                delay_before_retry 3
                connect_port 8000
        }
    }
    real_server 10.77.9.113 8000 {
        weight 1
        TCP_CHECK{
                connect_timeout 5
                ng_get_retry 3
                delay_before_retry 3
                connect_port 8000
        }

    }
}

3.3.2.4修改hosts文件

分別在112,113主機的/etc/hosts文件中加入以下域名解析：

10.266.33.242 frame.h2018.hg.cn
10.99.27.223 app-api-test.h2018.com

3.3.2.5修改docker配置文件daemon.json

分別在112,113兩臺主機的/etc/docker/daemon.json文件中加入域名解析：

{"dns":["10.77.9.112","10.77.9.113"]}

重啓docker引擎：systemctl restart docker

3.3.3建立容器並運行

3.3.3.1建立myevent容器並運行

在112主機上分別執行以下命令：

docker run -d -p 9091:8080 --name=myevent1 -v /home/conf/event:/usr/myapp/config -v /etc/localtime:/etc/localtime --hostname=myevent1 --restart=always  myevent /bin/sh -c 'java -jar -Duser.timezone=GMT+8 /usr/myapp/event-process-0.0.1-SNAPSHOT.jar'

docker run -d -p 9090:8080 --name=myevent2 -v /home/conf/event:/usr/myapp/config -v /etc/localtime:/etc/localtime --hostname=myevent2 --restart=always  myevent /bin/sh -c 'java -jar -Duser.timezone=GMT+8 /usr/myapp/event-process-0.0.1-SNAPSHOT.jar'

在113主機上分別執行以下命令：

docker run -d -p 9091:8080 --name=myevent3 -v /home/conf/event:/usr/myapp/config -v /etc/localtime:/etc/localtime --hostname=myevent3 --restart=always  myevent /bin/sh -c 'java -jar -Duser.timezone=GMT+8 /usr/myapp/event-process-0.0.1-SNAPSHOT.jar'

docker run -d -p 9090:8080 --name=myevent4 -v /home/conf/event:/usr/myapp/config -v /etc/localtime:/etc/localtime --hostname=myevent4 --restart=always  myevent /bin/sh -c 'java -jar -Duser.timezone=GMT+8 /usr/myapp/event-process-0.0.1-SNAPSHOT.jar'

3.3.3.2建立nginx容器並運行

在112主機上執行以下命令：

docker run -d -p 8000:80  --restart=always --hostname=nginx1 --name=nginx1 --link=myevent1:myevent_1 --link=myevent2:myevent_2 -v /etc/localtime:/etc/localtime -v /home/conf/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/conf/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf  nginx

在113主機上執行以下命令：

docker run -d -p 8000:80  --restart=always --hostname=nginx2 --name=nginx2  -v /etc/localtime:/etc/localtime -v /home/conf/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/conf/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf  nginx

3.4關閉linux系統防火牆

分別在兩臺linux主機上執行以下命令：

systemctl stop firewalld.service

 systemctl disable firewalld.service

3.5安裝域名解析服務

分別在兩臺linux主機上執行以下命令：

yum install dnsmasq
systemctl enable dnsmasq.service
systemctl restart dnsmasq.service