搜索到
199
篇与
默认分类
的结果
-
GitLab 安装部署使用 GitLab介绍GitLab:是一个基于Git实现的在线代码仓库托管软件,你可以用gitlab自己搭建一个类似于Github一样的系统,一般用于在企业、学校等内部网络搭建git私服。功能:Gitlab 是一个提供代码托管、提交审核和问题跟踪的代码管理平台。对于软件工程质量管理非常重要。版本:GitLab 分为社区版(CE) 和企业版(EE)。Gitlab的服务构成Nginx:静态web服务器。gitlab-shell:用于处理Git命令和修改authorized keys列表。(Ruby)gitlab-workhorse: 轻量级的反向代理服务器。(go)logrotate:日志文件管理工具。postgresql:数据库。redis:缓存数据库。sidekiq:用于在后台执行队列任务(异步执行)。(Ruby)unicorn:An HTTP server for Rack applications,GitLab Rails应用是托管在这个服务器上面的。(Ruby Web Server,主要使用Ruby编写)* GitLab Workhorse是一个敏捷的反向代理。它会处理一些大的HTTP请求,比如文件上传、文件下载、Git push/pull和Git包下载。其它请求会反向代理到GitLab Rails应用,即反向代理给后端的unicorn。 01—安装Gitlab主程序root@hello:~# apt update && apt upgrade root@hello:~# apt install -y curl openssh-server ca-certificates tzdata perl root@hello:~# apt install -y postfix root@hello:~# curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash root@hello:~# apt install gitlab-ee02—修改配置文件root@hello:~# vim /etc/gitlab/gitlab.rb external_url 'http://192.168.1.88' gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.qiye.aliyun.com" gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_user_name'] = "cby" gitlab_rails['smtp_password'] = "Cby123.." gitlab_rails['smtp_domain'] = "chenby.cn" gitlab_rails['smtp_authentication'] = "plain" gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_tls'] = false gitlab_rails['smtp_pool'] = false root@hello:~# gitlab-ctl reconfigure root@hello:~# gitlab-ctl restart ok: run: alertmanager: (pid 63590) 1s ok: run: gitaly: (pid 63610) 1s ok: run: gitlab-exporter: (pid 63641) 0s ok: run: gitlab-workhorse: (pid 63643) 1s ok: run: grafana: (pid 63659) 0s ok: run: logrotate: (pid 63676) 1s ok: run: nginx: (pid 63682) 0s ok: run: node-exporter: (pid 63718) 1s ok: run: postgres-exporter: (pid 63728) 0s ok: run: postgresql: (pid 63737) 0s ok: run: prometheus: (pid 63746) 1s ok: run: puma: (pid 63777) 1s ok: run: redis: (pid 63782) 0s ok: run: redis-exporter: (pid 63788) 1s ok: run: sidekiq: (pid 63887) 1s root@hello:~#03—查看root密码root@hello:~# cat /etc/gitlab/initial_root_password # WARNING: This value is valid only in the following conditions # 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run). # 2. Password hasn't been changed manually, either via UI or via command line. # # If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password. Password: HUd9b632LHN89WXYEVYPssWGpyJrgK7BJLbVLC4VCas= # NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours. root@hello:~# 04—常用命令 gitlab-ctl start # 启动所有 gitlab 组件; gitlab-ctl stop # 停止所有 gitlab 组件; gitlab-ctl restart # 重启所有 gitlab 组件; gitlab-ctl status # 查看服务状态; vim /etc/gitlab/gitlab.rb # 修改gitlab配置文件; gitlab-ctl reconfigure # 重新编译gitlab的配置; gitlab-rake gitlab:check SANITIZE=true --trace # 检查gitlab; gitlab-ctl tail # 查看日志; gitlab-ctl tail nginx/gitlab_access.log 日志地址:/var/log/gitlab/ # 对应各服务的打印日志 服务地址:/var/opt/gitlab/ # 对应各服务的主目录Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。75篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230https://www.jianshu.com/u/0f894314ae2chttps://www.toutiao.com/c/user/token/MS4wLjABAAAAeqOrhjsoRZSj7iBJbjLJyMwYT5D0mLOgCoo4pEmpr4A/知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云、简书、今日头条 -
部署lnmp环境,安装typecho博客 安装nginx和PHP环境root@cby:~# apt install nginx php7.4 php7.4-mysql php7.4-fpm修改nginx配置文件root@cby:~# vim /etc/nginx/sites-available/default root@cby:~# cat /etc/nginx/sites-available/default server { listen 80; listen [::]:80; #填写域名或者IP server_name www.oiox.cn; # SSL configuration # #开启ssl证书监听端口 listen 443 ssl; listen [::]:443; #配置证书 ssl_certificate /var/www/ssl/www.oiox.cn_nginx/www.oiox.cn_bundle.pem; ssl_certificate_key /var/www/ssl/www.oiox.cn_nginx/www.oiox.cn.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; root /var/www/html; # 配置默认访问页面 index index.php index.html index.htm index.nginx-debian.html; #配置访问路径 location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # 配置跳转路由 if (-f $request_filename/index.html) { rewrite (.*) $1/index.html break; } if (-f $request_filename/index.php) { rewrite (.*) $1/index.php; } if (!-f $request_filename) { rewrite (.*) /index.php; } #配置PHP访问路由 location ~ \.php$ { include snippets/fastcgi-php.conf; # With php-fpm (or other unix sockets): fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # With php-cgi (or other tcp sockets): #fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_intercept_errors on; } } # 配置其他的域名访问 server { listen 80; listen [::]:80; server_name aliyun.chenby.cn; root /var/www/cby; index index.html; location / { try_files $uri $uri/ =404; } } root@cby:~#启动服务并设置开机自启root@cby:~# nginx -t root@cby:~# systemctl restart nginx root@cby:~# systemctl enable php7.4-fpm Synchronizing state of php7.4-fpm.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable php7.4-fpm root@cby:~# root@cby:~# root@cby:~# systemctl enable nginx Synchronizing state of nginx.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable nginx root@cby:~#安装docker,并使用docker启动MySQL服务root@cby:~# curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun root@cby:~# mkdir /mysql root@cby:~# cd /mysql root@cby:/mysql# docker run -p 3306:3306 --name mymysql --restart=always -v $PWD/conf:/etc/mysql/conf.d -v $PWD/logs:/logs -v $PWD/data:/var/lib/mysql -e MYSQL\_ROOT\_PASSWORD=Cby123.. -d mysql:5.7 #登录MySQL数据库执行创建数据库 create database typecho;部署typechoroot@cby:~# cd /var/www/html/ root@cby:/var/www/html# wget https://typecho.org/downloads/1.1-17.10.30-release.tar.gz root@cby:/var/www/html# tar xvf 1.1-17.10.30-release.tar.gz root@cby:/var/www/html# mv build/* .Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。75篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230https://www.jianshu.com/u/0f894314ae2chttps://www.toutiao.com/c/user/token/MS4wLjABAAAAeqOrhjsoRZSj7iBJbjLJyMwYT5D0mLOgCoo4pEmpr4A/知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云、简书、今日头条
-
kubernetes(k8s)中部署 efk Kubernetes 开发了一个 Elasticsearch 附加组件来实现集群的日志管理。这是一个 Elasticsearch、Fluentd 和 Kibana 的组合。Elasticsearch 是一个搜索引擎,负责存储日志并提供查询接口;Fluentd 负责从 Kubernetes 搜集日志,每个node节点上面的fluentd监控并收集该节点上面的系统日志,并将处理过后的日志信息发送给Elasticsearch;Kibana 提供了一个 Web GUI,用户可以浏览和搜索存储在 Elasticsearch 中的日志。从官方github仓库下载yaml文件[root@hello ~/efk]# git clone https://github.com/kubernetes/kubernetes.git [root@hello ~/efk]# kubectl create namespace logging [root@hello ~/efk]#执行所有yaml文件[root@hello ~/efk]# cd kubernetes/cluster/addons/fluentd-elasticsearch/ [root@hello ~/efk/kubernetes/cluster/addons/fluentd-elasticsearch]# kubectl apply -f ./ namespace/logging created service/elasticsearch-logging created serviceaccount/elasticsearch-logging created clusterrole.rbac.authorization.k8s.io/elasticsearch-logging created clusterrolebinding.rbac.authorization.k8s.io/elasticsearch-logging created statefulset.apps/elasticsearch-logging created configmap/fluentd-es-config-v0.2.1 created serviceaccount/fluentd-es created clusterrole.rbac.authorization.k8s.io/fluentd-es created clusterrolebinding.rbac.authorization.k8s.io/fluentd-es created daemonset.apps/fluentd-es-v3.1.1 created deployment.apps/kibana-logging created service/kibana-logging created查看pod状态:[root@hello ~]# kubectl get pod -n logging NAME READY STATUS RESTARTS AGE elasticsearch-logging-0 1/1 Running 0 2m17s elasticsearch-logging-1 1/1 Running 0 96s fluentd-es-v3.1.1-qw9dj 1/1 Running 1 (97s ago) 2m16s kibana-logging-75bd6cccf5-pskrr 1/1 Running 1 (106s ago) 2m16s [root@hello ~]# [root@hello ~]# kubectl get service -n logging NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE elasticsearch-logging ClusterIP None <none> 9200/TCP,9300/TCP 2m41s kibana-logging ClusterIP 10.68.145.186 <none> 5601/TCP 2m40s [root@hello ~]#访问 kibana[root@hello ~]# kubectl proxy --address='192.168.1.11' --port=8086 --accept-hosts='^*$' #访问 http://192.168.1.11:8086//api/v1/namespaces/logging/services/kibana-logging/proxy/创建一个index-pattern索引默认为 logstash-* 即可,之后这里会看到日志Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。73篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云
-
kubernetes(k8s) 中安装kuboard面板 kubernetes(k8s) 中安装kuboard面板01—背景及安装Kuboard 是一款专为 Kubernetes 设计的免费管理界面,兼容 Kubernetes 版本 1.13 及以上。Kuboard 每周发布一个 beta 版本,最长每月发布一个正式版本,经过两年的不断迭代和优化,已经具备多集群管理、权限管理、监控套件、日志套件等丰富的功能。删除之前的版本docker stop $(docker ps -a | grep "eipwork/kuboard" | awk '{print $1 }') docker rm $(docker ps -a | grep "eipwork/kuboard" | awk '{print $1 }')安装最新版 sudo docker run -d \ --restart=unless-stopped \ --name=kuboard \ -p 80:80/tcp \ -p 10081:10081/udp \ -p 10081:10081/tcp \ -e KUBOARD_ENDPOINT="http://192.168.1.12:80" \ -e KUBOARD_AGENT_SERVER_UDP_PORT="10081" \ -e KUBOARD_AGENT_SERVER_TCP_PORT="10081" \ -v /root/kuboard-data:/data \ eipwork/kuboard:v3.3.0.3在浏览器输入 http://192.168.1.12 即可访问 Kuboard 的界面,登录方式:用户名:admin密 码:Kuboard123注:可以在 https://hub.docker.com/r/eipwork/kuboard/tags 中查看最新版本号02— 访问登录登录:添加集群,使用Agent方式添加获得命令在集群master上执行命令[root@hello ~]# curl -k 'http://192.168.1.12:80/kuboard-api/cluster/cby/kind/KubernetesCluster/cby/resource/installAgentToKubernetes?token=zyrsQqY6Krsy3gvWUNHK2kvKWHmJZneL' > kuboard-agent.yaml % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 5775 0 5775 0 0 433k 0 --:--:-- --:--:-- --:--:-- 433k [root@hello ~]# [root@hello ~]# kubectl apply -f ./kuboard-agent.yaml namespace/kuboard unchanged serviceaccount/kuboard-admin created clusterrolebinding.rbac.authorization.k8s.io/kuboard-admin-crb created serviceaccount/kuboard-viewer created clusterrolebinding.rbac.authorization.k8s.io/kuboard-viewer-crb created deployment.apps/kuboard-agent-soxwal created deployment.apps/kuboard-agent-soxwal-2 created [root@hello ~]#稍作等待即可在首页看到Linux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。73篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云本文使用 文章同步助手 同步
-
内网搭建DNS服务器 DNS:Domain Name Service,域名解析服务监听端口:udp/53,tcp/53应用程序:bind根域:.一级域:组织域:.com, .org, .net, .mil, .edu, .gov, .info, .cc, .me, .tv国家域:.cn, .us, .uk, .jp, .tw, .hk, .iq, .ir反向域:.in-addr.arpaDNS 记录类型:DNS 域名数据库由资源记录和区文件指令组成。SOA 记录:起始授权机构记录,SOA 备注说明了众多 NS(name server)记录中谁是主名称服务器,不参与功能,但是不能缺少。NS 记录:域授权记录,当请求到达根域的时候,通过 NS 记录找到对应的域。A 记录:当通过 NS 记录到达域以后,比如访问 www.baidu.com,通过 NS 我们找到了 baidu.com,此时就需要通过 A 记录找到 www。MX:将该域下的所有邮件服务器地址指向邮件服务器。AAAA 记录:A 记录处理 IPV4,AAAA 处理 IPV6。PTR 记录:反向解析,将 IP 解析成域名。CNAME:别名记录,允许多个名字映射到另外一个域名。比如我们 ping 百度的时候可以发现返回其实是 www.a.shifen.com 这个域名返回。所有 www.baidu.com 其实是个别名。安装dns服务并配置[root@jhr-hub ~]# yum -y install bind-utils bind bind-devel bind-libs [root@jhr-hub ~]# vim /etc/named.rfc1912.zones [root@jhr-hub ~]# [root@jhr-hub ~]# [root@jhr-hub ~]# [root@jhr-hub ~]# tail -n 10 /etc/named.rfc1912.zones zone "chenby.cn" IN { type master; file "chenby.cn.zone"; }; [root@jhr-hub ~]# [root@jhr-hub ~]# cd /var/named/ [root@jhr-hub named]# ls data dynamic named.ca named.empty named.localhost named.loopback pakho.zone slaves [root@jhr-hub named]# [root@jhr-hub named]# cp named.localhost chenby.cn.zone [root@jhr-hub named]# [root@jhr-hub named]# chown named.named chenby.cn.zone [root@jhr-hub named]# [root@jhr-hub named]# vim chenby.cn.zone [root@jhr-hub named]#检查配置文件[root@jhr-hub named]# named-checkconf /etc/named.conf [root@jhr-hub named]# [root@jhr-hub named]# [root@jhr-hub named]# named-checkzone chenby.cn /var/named/chenby.cn.zone zone chenby.cn/IN: loaded serial 0 OK [root@jhr-hub named]#启动服务,并设置开机自启[root@jhr-hub named]# systemctl restart named [root@jhr-hub named]# [root@jhr-hub named]# systemctl enable named Created symlink from /etc/systemd/system/multi-user.target.wants/named.service to /usr/lib/systemd/system/named.service. [root@jhr-hub named]# 测试是否可行 [root@jhr-hub named]# dig @3.7.191.1 www.chenby.cn ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.7 <<>> @3.7.191.1 www.chenby.cn ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5275 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.chenby.cn. IN A ;; ANSWER SECTION: www.chenby.cn. 86400 IN A 3.7.191.1 ;; AUTHORITY SECTION: chenby.cn. 86400 IN NS chenby.cn. ;; ADDITIONAL SECTION: chenby.cn. 86400 IN A 127.0.0.1 chenby.cn. 86400 IN AAAA ::1 ;; Query time: 0 msec ;; SERVER: 3.7.191.1#53(3.7.191.1) ;; WHEN: Thu Dec 09 14:44:51 CST 2021 ;; MSG SIZE rcvd: 116 [root@jhr-hub named]#附录:1.name.conf文件详解options { listen-on port 53 { 127.0.0.1; }; //设置named服务器监听端口及IP地址 listen-on-v6 port 53 { ::1; }; directory "/var/named"; //设置区域数据库文件的默认存放地址 dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; //允许DNS查询客户端 allow-query-cache { any; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; view localhost_resolver { match-clients { any; }; match-destinations { any; }; recursion yes; //设置允许递归查询 include "/etc/named.rfc1912.zones"; };2.区域配置文件/etc/named.rfc1912.zoneszone "." IN { //定义了根域 type hint; //定义服务器类型为hint file "named.ca"; //定义根域的配置文件名 }; zone "localdomain" IN { //定义正向DNS区域 type master; //定义区域类型 file "localdomain.zone"; //设置对应的正向区域地址数据库文件 allow-update { none; }; //设置允许动态更新的客户端地址(none为禁止) }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { //设置反向DNS区域 type master; file "named.local"; allow-update { none; }; };3.根域配置文件named.ca根域配置文件设定根域的域名数据库,包括根域中13台DNS服务器的信息。几乎所有系统的这个文件都是一样的,用户不需要进行修改。4.正向域名解析数据库文件$TTL 600 @ IN SOA dns.cwlinux.com dnsadmin.cwlinux.com. (//SOA字段 2015031288 //版本号 同步一次 +1 1H //更新时间 2M // 更新失败,重试更新时间 2D // 更新失败多长时间后此DNS失效时间 1D //解析不到请求不予回复时间 ) IN NS dns //有两域名服务器 IN NS ns2 IN MX 10 mial // 定义邮件服务器,10指优先级 0-99 数字越小优先级越高 ns2 IN A 192.168.1.113 //ns2域名服务器的ip地址 dns IN A 192.168.1.10 //dns域名服务器的ip地址 mail IN A 192.168.1.111 //邮件服务器的ip地址 www IN A 192.168.1.112 //www.cwlinux.com的ip地址 pop IN CNAME mail //pop的正式名字是mail ftp IN CNAME www //ftp的正式名字是www5.反向域名解析数据库文件$TTL 600 @ IN SOA dns.cwlinux.com. dnsadmin.cwlinux.com. ( 2014031224 1H 2M 2D 1D ) IN NS dns.cwlinux.com. 10 IN PTR dns.cwlinux.com. //反向解析PTR格式 111 IN PTR mail.cwlinux.com. 112 IN PTR www.cwlinux.com. // 声明域的时候已经有了,192.168.1 所以我们只需要输入10即代表192.168.1.10jcLinux运维交流社区Linux运维交流社区,互联网新闻以及技术交流。71篇原创内容公众号 https://blog.csdn.net/qq_33921750https://my.oschina.net/u/3981543https://www.zhihu.com/people/chen-bu-yun-2https://segmentfault.com/u/hppyvyv6/articleshttps://juejin.cn/user/3315782802482007https://space.bilibili.com/352476552/articlehttps://cloud.tencent.com/developer/column/93230知乎、CSDN、开源中国、思否、掘金、哔哩哔哩、腾讯云