系统调整
更改host
cat /etc/hosts
172.18.103.252 chips1
172.18.103.251 chips2
172.18.103.250 chips3
调整内核参数
cat /etc/sysctl.conf
############ by ops
net.core.somaxconn = 262144
net.core.netdev_max_backlog = 262144
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_tw_buckets = 10000
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 10000 65535
fs.file-max = 1024000
net.ipv4.tcp_max_syn_backlog = 10240
vm.panic_on_oom = 0
net.nf_conntrack_max = 655350
其他
阿里云服务器有相关服务器优化如(文件描述符,selinux,内核参数优化等等...) 未做其他参数调整
# 安装基础软件包 java运行环境
yum install htop lrzsz wget python-devel java-1.8.0-openjdk java-1.8.0-openjdk-devel
系统部署
jar包部署 service文件 启动脚本 停止脚本
# 新建项目用户 注:不同项目使用不同的用户运行 勿使用root账户直接运行避免相关隐患
useradd -d /data/app/chips-copico -s /sbin/nologin chips-copico #-d 指定用户家目录 -s 指定用户登录shell 这里是不允许登陆
# jar包运行脚本 脚本接受相关传入参数 运行jar包
#!/bin/bash
function start(){
cd ${APP_HOME}
newFileName=`ls -rtl *.war | grep ^[^d] | tail -n 1 | awk '{print $9}'`
countFileName=`ls -l| grep ^[^d] |grep "^-"|wc -l`
if [ $countFileName -gt 1 ]; then
`ls *.war | grep -v $newFileName | xargs rm`
fi
echo "Run Program $newFileName java_opts = $1 $2"
echo "java $1 -jar $APP_HOME/$newFileName $2 >> ${LOGDIR}/${APP_NAME}.log"
java $1 -jar $APP_HOME/$newFileName $2 > ${LOGDIR}/${APP_NAME}.log &
# begin_length=`expr index "$newFileName" .`
# if [ $begin_length -gt 0 ]; then
# ext_name=${newFileName:$begin_length:${#newFileName}}
# if [ "$ext_name" = 'war' ]; then
# echo "Run Program $newFileName java_opts = $1 $2"
# java $1 -jar $APP_HOME/$newFileName $2 >${LOGDIR}.${APP_NAME}.log 2>&1 &
# fi
# fi
}
java_opts="-Xms512m -Xmx512m"
if [ "$JAVA_OPTS" ]; then
java_opts=$JAVA_OPTS
fi
start "$java_opts" "$RUN_ENV"
# 优雅停止服务脚本 为原项目停止脚本
# 服务注册文件
cat /usr/lib/systemd/system/chips-lays.service
[Unit]
Description=chips-lays
[Service]
#服务其doing类型
Type=forking
# 环境变量设置
Environment=APP_NAME=chips-lays
Environment=APP_HOME=/data/app/chips-lays
Environment=LOGDIR=/data/logs
Environment='JAVA_OPTS= -Xmx2048M -Xms2048M -Xmn768M -XX:MaxMetaspaceSize=256M -XX:MetaspaceSize=256M -XX:+UseConcMarkSweepGC -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=70 -XX:+ExplicitGCInvokesConcurrentAndUnloadsClasses -XX:+CMSClassUnloadingEnabled -XX:+ParallelRefProcEnabled -XX:+CMSScavengeBeforeRemark'
Environment='RUN_ENV= --spring.profiles.active=ksd-prod'
# 启动命令
ExecStart=/data/bin/start_war.sh
# 停止命令
ExecStop=/data/bin/shutdown.sh chips-lays 12583
# 意外关闭 自动重启
Restart=on-failure
# 服务运行用户
User=chips-lays
Group=chips-lays
[Install]
WantedBy=multi-user.target
tomcat 部署
# tomcat 未作相关连接数限制 更改默认端口为 8762
# 服务注册脚本
[Unit]
Description=chips-job
[Service]
Type=forking
Environment=APPNAME=chips-job
Environment=CATALINA_OUT=/data/logs/chips-job.log
Environment='JAVA_OPTS= -Xms512m -Xmx512m -Dspring.profiles.active=ksd-prod'
ExecStart=/data/app/chips-job/bin/startup.sh
ExecStop=/bin/kill -15 $MAINPID
Restart=on-failure
User=chips-job
Group=chips-job
[Install]
WantedBy=multi-user.target
centos7 服务管理常用命令
systemctl enable xxxx #开机启动服务
systemctl disable xxxx #关闭开机启动服务
systemctl start/status/stop xxxx #启动/查看状态/停止 服务
journalctl -f -u chips-job #查看某用户打印的日志(系统)
journalctl -f #查看所有日志
zabbix 安装
# zabbix-server 安装 此处参考文档 http://www.cnblogs.com/oskb/p/5535650.html
# zabbix-agent 安装 命令包含安装 配置SERVER 地址并开机启动
rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm && yum -y install zabbix-agent &&\
sed -i 's/ServerActive=127.0.0.1/ServerActive=172.18.103.250/g' /etc/zabbix/zabbix_agentd.conf && sed -i 's/Server=127.0.0.1/Server=172.18.103.250/g' \
/etc/zabbix/zabbix_agentd.conf && sed -i "s/Hostname=Zabbix server/Hostname=$HOSTNAME/g" /etc/zabbix/zabbix_agentd.conf \
&& systemctl enable zabbix-agent && systemctl start zabbix-agent
zabbix 相关设置
# zabbix-agent 相关设置以及在上面安装命令已经实现
# zabbix-server 相关配置
grep -v -E '^#|^$' /etc/zabbix/zabbix_server.conf
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=0
PidFile=/var/run/zabbix/zabbix_server.pid
# 数据库配置
DBName=zabbix
DBUser=zabbix
DBPassword=eW91YmVpa2EK
SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
Timeout=4
# 指定脚本存放目录 (报警脚本 报警触发脚本 )
AlertScriptsPath=/data/bin
ExternalScripts=/data/bin
LogSlowQueries=3000
zabbix 报警
# 服务脚本采用python编写 如果需要发送短信 或者实现微信报警等功能 请自己编写相应脚本
# 注意zabbix 调用脚本权限设置为 4755 (zabbix 使用zabbix用户执行 4755保证zabbix用户有相应的执行权限)
# 邮件报警参考 https://www.cnops.xyz/archives/242
zabbix 监控模块安装
# zms 第三方监控模板集成
rz xxx(zms.zip)
unzip zms.zip && cd zms
yum install python-devel -y && pip install psutil MySQL-python
python setup.py install && systemctl resatrt zabbix-agent
# 服务器端安装完成后请设置服务器对应的监控模板
# 监控阈值调整根据自己项目实际情况进行调整
zabbix 数据库迁移
1.导出数据库到 阿里云rds
2.更改/etc/zabbix/zabbix_server.conf server端数据库连接
3.更改 /etc/zabbix/web/zabbix.conf.php php程序数据连接
nginx 安装配置
# 安装nginx
yum install nginx -y
systemctl enable nginx #开机启动nginx
systemctl start nginx #启动nginx 或者 直接运行nginx启动nginx
# nginx 全局配置文件 代理参数部分根据项目调整一下
# 后端服务配置文件 存放在 conf.d 目录下 根据自己的使用情况自己定义
cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
worker_rlimit_nofile 65530;
events {
use epoll;
multi_accept on;
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server_tokens off;
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_time" "$connection" "-" "$host"'
'"$request_body"' ;
server_names_hash_bucket_size 128;
client_header_buffer_size 512k;
large_client_header_buffers 4 1024k;
client_max_body_size 200m;
fastcgi_connect_timeout 1800;
fastcgi_send_timeout 1800;
fastcgi_read_timeout 1800;
fastcgi_buffer_size 16k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 1024k;
fastcgi_temp_file_write_size 2048k;
fastcgi_keep_conn on;
proxy_connect_timeout 300;
proxy_read_timeout 300;
proxy_send_timeout 300;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
#proxy_temp_path /home/temp_dir;
#proxy_cache_path /home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g; ##end##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.0;
gzip_vary on;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_buffers 4 16k;
gzip_min_length 1k;
# Disable gzip for certain browsers.
gzip_disable "MSIE [1-6].(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
}
jenkins
# 设置相应变量 设置jenkins_home 对应目录 mvn对应环境变量
cat /etc/profile.d/jenkins.sh
export JENKINS_HOME=/data/jenkins_home/
export MAVEN_HOME=/data/app/apache-maven-3.5.4
export PATH=$PATH:$MAVEN_HOME/bin
# 运行jenkins
java -jar jenkins.war