文章目录

系统调整

更改host
cat /etc/hosts
172.18.103.252  chips1
172.18.103.251  chips2
172.18.103.250  chips3
调整内核参数
cat /etc/sysctl.conf
############ by ops
net.core.somaxconn = 262144
net.core.netdev_max_backlog = 262144  
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_tw_buckets = 10000
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 10000 65535
fs.file-max = 1024000
net.ipv4.tcp_max_syn_backlog = 10240
vm.panic_on_oom = 0
net.nf_conntrack_max = 655350
其他
阿里云服务器有相关服务器优化如(文件描述符,selinux,内核参数优化等等...) 未做其他参数调整
# 安装基础软件包 java运行环境
yum install htop lrzsz wget python-devel java-1.8.0-openjdk java-1.8.0-openjdk-devel 

系统部署

jar包部署 service文件 启动脚本 停止脚本
# 新建项目用户  注:不同项目使用不同的用户运行 勿使用root账户直接运行避免相关隐患
useradd -d /data/app/chips-copico -s /sbin/nologin chips-copico #-d 指定用户家目录 -s 指定用户登录shell 这里是不允许登陆 
# jar包运行脚本 脚本接受相关传入参数 运行jar包
#!/bin/bash
function start(){
    cd ${APP_HOME}
    newFileName=`ls -rtl *.war | grep ^[^d] | tail -n 1 | awk '{print $9}'`
    countFileName=`ls -l| grep ^[^d] |grep "^-"|wc -l`
    if [ $countFileName -gt 1 ]; then
        `ls *.war | grep -v $newFileName | xargs rm`
    fi
    echo "Run Program $newFileName java_opts = $1 $2"
    echo "java $1  -jar $APP_HOME/$newFileName $2 >> ${LOGDIR}/${APP_NAME}.log"
    java $1  -jar $APP_HOME/$newFileName $2 > ${LOGDIR}/${APP_NAME}.log &
    # begin_length=`expr index "$newFileName" .`
    # if [ $begin_length -gt 0 ]; then
    #   ext_name=${newFileName:$begin_length:${#newFileName}}
    #   if [ "$ext_name" = 'war' ]; then
    #       echo "Run Program $newFileName java_opts = $1 $2"
    #       java $1  -jar $APP_HOME/$newFileName $2 >${LOGDIR}.${APP_NAME}.log 2>&1 &
    #   fi
    # fi
}

java_opts="-Xms512m -Xmx512m"
if [ "$JAVA_OPTS" ]; then
  java_opts=$JAVA_OPTS
fi

start "$java_opts" "$RUN_ENV"

# 优雅停止服务脚本 为原项目停止脚本

# 服务注册文件
cat /usr/lib/systemd/system/chips-lays.service
 
[Unit]
Description=chips-lays
[Service]
#服务其doing类型
Type=forking
# 环境变量设置
Environment=APP_NAME=chips-lays
Environment=APP_HOME=/data/app/chips-lays
Environment=LOGDIR=/data/logs
Environment='JAVA_OPTS= -Xmx2048M -Xms2048M -Xmn768M -XX:MaxMetaspaceSize=256M -XX:MetaspaceSize=256M -XX:+UseConcMarkSweepGC -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=70 -XX:+ExplicitGCInvokesConcurrentAndUnloadsClasses -XX:+CMSClassUnloadingEnabled -XX:+ParallelRefProcEnabled -XX:+CMSScavengeBeforeRemark'
Environment='RUN_ENV= --spring.profiles.active=ksd-prod'
# 启动命令
ExecStart=/data/bin/start_war.sh
# 停止命令
ExecStop=/data/bin/shutdown.sh chips-lays 12583
# 意外关闭 自动重启
Restart=on-failure
# 服务运行用户 
User=chips-lays
Group=chips-lays
[Install]
WantedBy=multi-user.target
tomcat 部署
# tomcat 未作相关连接数限制 更改默认端口为 8762

# 服务注册脚本
[Unit]
Description=chips-job
[Service]
Type=forking
Environment=APPNAME=chips-job
Environment=CATALINA_OUT=/data/logs/chips-job.log
Environment='JAVA_OPTS= -Xms512m -Xmx512m  -Dspring.profiles.active=ksd-prod'
ExecStart=/data/app/chips-job/bin/startup.sh
ExecStop=/bin/kill -15 $MAINPID
Restart=on-failure
User=chips-job
Group=chips-job
[Install]
WantedBy=multi-user.target

centos7 服务管理常用命令

systemctl enable xxxx #开机启动服务
systemctl disable xxxx #关闭开机启动服务
systemctl start/status/stop xxxx #启动/查看状态/停止 服务
journalctl -f -u chips-job #查看某用户打印的日志(系统)
journalctl -f #查看所有日志

zabbix 安装

# zabbix-server 安装 此处参考文档 http://www.cnblogs.com/oskb/p/5535650.html

# zabbix-agent 安装  命令包含安装 配置SERVER 地址并开机启动

rpm -ivh http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm && yum -y install zabbix-agent  &&\
sed -i 's/ServerActive=127.0.0.1/ServerActive=172.18.103.250/g' /etc/zabbix/zabbix_agentd.conf && sed -i 's/Server=127.0.0.1/Server=172.18.103.250/g' \
/etc/zabbix/zabbix_agentd.conf && sed -i "s/Hostname=Zabbix server/Hostname=$HOSTNAME/g" /etc/zabbix/zabbix_agentd.conf \
 && systemctl enable zabbix-agent && systemctl start zabbix-agent

zabbix 相关设置

# zabbix-agent 相关设置以及在上面安装命令已经实现

# zabbix-server 相关配置
grep -v -E '^#|^$' /etc/zabbix/zabbix_server.conf
LogFile=/var/log/zabbix/zabbix_server.log
LogFileSize=0
PidFile=/var/run/zabbix/zabbix_server.pid
# 数据库配置
DBName=zabbix
DBUser=zabbix
DBPassword=eW91YmVpa2EK

SNMPTrapperFile=/var/log/snmptrap/snmptrap.log
Timeout=4
# 指定脚本存放目录 (报警脚本 报警触发脚本 )
AlertScriptsPath=/data/bin
ExternalScripts=/data/bin
LogSlowQueries=3000

zabbix 报警

# 服务脚本采用python编写 如果需要发送短信 或者实现微信报警等功能 请自己编写相应脚本 
# 注意zabbix 调用脚本权限设置为 4755 (zabbix 使用zabbix用户执行 4755保证zabbix用户有相应的执行权限)
# 邮件报警参考 https://www.cnops.xyz/archives/242

zabbix 监控模块安装

# zms 第三方监控模板集成
rz xxx(zms.zip)
unzip zms.zip && cd zms 
yum install python-devel -y && pip install psutil MySQL-python 
python setup.py install && systemctl resatrt zabbix-agent

# 服务器端安装完成后请设置服务器对应的监控模板
# 监控阈值调整根据自己项目实际情况进行调整

zabbix 数据库迁移

1.导出数据库到 阿里云rds
2.更改/etc/zabbix/zabbix_server.conf server端数据库连接
3.更改 /etc/zabbix/web/zabbix.conf.php php程序数据连接

nginx 安装配置

# 安装nginx 
yum install nginx -y
systemctl enable nginx #开机启动nginx
systemctl start nginx #启动nginx 或者 直接运行nginx启动nginx

# nginx 全局配置文件 代理参数部分根据项目调整一下
# 后端服务配置文件 存放在 conf.d 目录下 根据自己的使用情况自己定义
cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

worker_rlimit_nofile 65530;


events {
    use epoll;
    multi_accept on; 
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    server_tokens off;

    log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
                        '$status $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" "$http_x_forwarded_for" "$request_time" "$connection" "-" "$host"'
                        '"$request_body"' ;

    server_names_hash_bucket_size 128;

    client_header_buffer_size 512k;
    large_client_header_buffers 4 1024k;
    
    client_max_body_size 200m;
    fastcgi_connect_timeout 1800;
    fastcgi_send_timeout 1800;
    fastcgi_read_timeout 1800;
    fastcgi_buffer_size 16k;
    fastcgi_buffers 256 16k;
    fastcgi_busy_buffers_size 1024k;
    fastcgi_temp_file_write_size 2048k;
    fastcgi_keep_conn on;


    proxy_connect_timeout 300;
    proxy_read_timeout 300;
    proxy_send_timeout 300;
    proxy_buffer_size 16k;
    proxy_buffers 4 64k;
    proxy_busy_buffers_size 128k;
    proxy_temp_file_write_size 128k;
    #proxy_temp_path /home/temp_dir;
    #proxy_cache_path /home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;     ##end##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;

    keepalive_timeout 65;

    gzip  on;
    gzip_http_version 1.0;
    gzip_vary on;
    gzip_comp_level 2;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_buffers 4 16k;
    gzip_min_length 1k;
    

    # Disable gzip for certain browsers.
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    include /etc/nginx/conf.d/*.conf;
}

jenkins

# 设置相应变量 设置jenkins_home 对应目录 mvn对应环境变量
cat /etc/profile.d/jenkins.sh 
export JENKINS_HOME=/data/jenkins_home/
export MAVEN_HOME=/data/app/apache-maven-3.5.4
export PATH=$PATH:$MAVEN_HOME/bin

# 运行jenkins 
java -jar jenkins.war