快速安装docker-ce

一、 基础环境

[root@node22 docker]# hostnamectl
   Static hostname: node22
         Icon name: computer-vm
           Chassis: vm
        Machine ID: a7e5992d13a64d1b948fcd4ad6efe042
           Boot ID: 0012a7d9089b4a52bdf6c77975cbc5de
    Virtualization: vmware
  Operating System: CentOS Linux 8
       CPE OS Name: cpe:/o:centos:centos:8
            Kernel: Linux 4.18.0-348.el8.x86_64
      Architecture: x86-64

二、安装步骤

  1. 安装必要的系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
  1. 添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
  1. 更新源信息并安装
yum makecache
yum -y install docker-ce
systemctl start docker
systemctl enable docker
  1. 创建docker-compose软连接
ln -s /usr/libexec/docker/cli-plugins/docker-compose /usr/bin/docker-compose
后面发现docker-compose在后面版本中已被整合进docker命令里,可以直接用docker compose调用,此步选做。
  1. 配置阿里云镜像源加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
   "registry-mirrors": ["https://oxv7blf7.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

三、验证安装版本

[root@node22 ~]# docker version
Client: Docker Engine - Community
 Version:           24.0.7
 API version:       1.43
 Go version:        go1.20.10
 Git commit:        afdd53b
 Built:             Thu Oct 26 09:09:18 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          24.0.7
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.10
  Git commit:       311b9ff
  Built:            Thu Oct 26 09:08:20 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.24
  GitCommit:        61f9fd88f79f081d64d6fa3bb1a0dc71ec870523
 runc:
  Version:          1.1.9
  GitCommit:        v1.1.9-0-gccaecfc
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
  
[root@node22 ~]# docker-compose -v
Docker Compose version v2.21.0

workspace.v1.1.zip调整内容:

  1. selinux/config文件替换步骤,使用lineinfile模块代替shell模块;
  2. 引入handlernotify关键词及触发器概念,将多次重启Apache步骤改为handler操作;
  3. 引入变量概念,将多次使用的数据库相关参数在变量中提前声明;
  4. 引用template概念,使用预定义的模板文件生成wp-config.php配置文件;
  5. 新增使用uri模块,用于代替手工Web端安装操作,实现wordpress安装完全自动化;

具体代码:

---
- hosts: 192.168.26.21
  gather_facts: True

  vars:
    wp_db_hostname: localhost
    wp_db_name: wordpressdb
    wp_db_user: wordpress
    wp_db_password: wordpress

  tasks:
    # common tasks
    - name: Install epel-release
      yum: 
        name: epel-release
        state: present 

    - name: Temporary Disable SELinux
      command: setenforce 0

    - name: Ensure SELinux is set to disabled mode
      lineinfile:
        path: /etc/selinux/config
        regexp: '^SELINUX='
        line: SELINUX=disabled

    # Install apache server
    - name: Install httpd
      yum:
        name: httpd
        state: present
      
    - name: Start httpd
      service:
        name: httpd
        state: started
        enabled: True

    - name: Permit 80/tcp port
      firewalld:
        service: http
        permanent: True
        immediate: True
        state: enabled

    #Install php82
    - name: Install epel-release-latest-7
      yum:
        name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
        state: present
    
    - name: Install remirepo
      yum:
        name: https://rpms.remirepo.net/enterprise/remi-release-7.rpm
        state: present
      
    - name: Enable remi-php82 repo
      shell: yum-config-manager --enable remi-php82

    - name: Install php82
      yum:
        name:
          - php82-php
          - php82-php-mbstring
          - php82-php-mysqlnd
          - php82-php-gd
          - php82-php-xml
        state: present
      notify:
        - Restart httpd

    - name: Install mariadb-server
      yum:
        name: mariadb-server
        state: present
      
    - name: Start mariadb-server
      service:
        name: mariadb
        state: started
        enabled: True
    
    - name: Install pip
      yum:
        name: python2-pip
        state: present

    - name: Install Python Library
      pip:
        name: PyMySQL==0.10.0
        state: present

    - name: Create Database
      mysql_db:
        name: "{{ wp_db_name }}"
        state: present

    - name: Create database user
      mysql_user:
        name: "{{ wp_db_user }}"
        password: "{{ wp_db_password }}"
        priv: '{{ wp_db_name }}.*:ALL'
        state: present

    # Install wordpress
    - name: Install wordpress
      get_url:
        url: https://wordpress.org/wordpress-6.2.tar.gz
        dest: /tmp/wordpress-6.2.tar.gz
        checksum: md5:34f279efe623025641bc11a69e3c02fa

    - name: Extract wordpress-6.X.tar.gz into /var/www/wordpress
      unarchive:
        src: /tmp/wordpress-6.2.tar.gz
        dest: /var/www/
        remote_src: True

    - name: Recursive Modify file permission
      file:
        path: /var/www/wordpress
        owner: apache
        group: apache
        mode: '0766'
        recurse: True
        state: directory
      
    - name: Add apache virtual host config
      copy:
        src: wordpress.conf
        dest: /etc/httpd/conf.d/wordpress.conf
      notify:
        - Restart httpd

    - name: Restart httpd
      service:
        name: httpd
        state: restarted

    - name: Fetch random salts for WordPress config
      local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/
      register: "wp_salt"
      become: no

    - name: Add wordpress config
      template:
        src: templates/wp-config.php.j2
        dest: /var/www/wordpress/wp-config.php
        owner: apache
        group: apache
        mode: '0744'

    - name: Install WordPress
      uri:
        url: "http://192.168.26.21/wp-admin/install.php?step=2"
        method: POST
        body_format: form-urlencoded
        body: 
          weblog_title: HelloWorld
          user_name: tony
          admin_password: e!sGma&jmC#ernVBQV
          admin_password2: e!sGma&jmC#ernVBQV
          admin_email: lixm@lixm.cc
          Submit: Install WordPress
        status_code: 200
      register: result

    - name: Print result
      debug:
        msg: "{{ result }}"

  handlers:
    - name: Restart httpd
      service:
        name: httpd
        state: restarted

模板文件:/templates/wp-config.php.j2

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the installation.
 * You don't have to use the web site, you can copy this file to "wp-config.php"
 * and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * Database settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://wordpress.org/documentation/article/editing-wp-config-php/
 *
 * @package WordPress
 */

// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', '{{ wp_db_name }}' );

/** Database username */
define( 'DB_USER', '{{ wp_db_user }}' );

/** Database password */
define( 'DB_PASSWORD', '{{ wp_db_password }}' );

/** Database hostname */
define( 'DB_HOST', '{{ wp_db_hostname }}' );

/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8mb4' );

/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

/**#@+
 * Authentication unique keys and salts.
 *
 * Change these to different unique phrases! You can generate these using
 * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
 *
 * You can change these at any point in time to invalidate all existing cookies.
 * This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
{{ wp_salt.stdout }}

/**#@-*/

/**
 * WordPress database table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the documentation.
 *
 * @link https://wordpress.org/documentation/article/debugging-in-wordpress/
 */
define( 'WP_DEBUG', false );

/* Add any custom values between this line and the "stop editing" line. */



/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
    define( 'ABSPATH', __DIR__ . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';

Apache配置文件:

<VirtualHost _default_:80>
  DocumentRoot /var/www/wordpress/
  ServerName www.example.com
  
  <Directory /var/www/wordpress/>
    Require all granted
    AllowOverride All
    Options FollowSymLinks MultiViews

    <IfModule mod_dav.c>
      Dav off
    </IfModule>
  </Directory>
  
</VirtualHost>

---
- hosts: 192.168.26.21
  gather_facts: True

  tasks:
    # common tasks
    - name: Install epel-release
      yum: 
        name: epel-release
        state: present 

    - name: Temporary Disable SELinux
      command: setenforce 0

    - name: Disable SELinux
      shell: sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

    # Install apache server
    - name: Install httpd
      yum:
        name: httpd
        state: present
      
    - name: Start httpd
      service:
        name: httpd
        state: started
        enabled: True

    - name: Permit 80/tcp port
      firewalld:
        service: http
        permanent: True
        immediate: True
        state: enabled

    #Install php82
    - name: Install epel-release-latest-7
      yum:
        name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
        state: present
    
    - name: Install remirepo
      yum:
        name: https://rpms.remirepo.net/enterprise/remi-release-7.rpm
        state: present
      
    - name: Enable remi-php82 repo
      shell: yum-config-manager --enable remi-php82

    - name: Install php82
      yum:
        name:
          - php82-php
          - php82-php-mbstring
          - php82-php-mysqlnd
          - php82-php-gd
          - php82-php-xml
        state: present

    - name: Install mariadb-server
      yum:
        name: mariadb-server
        state: present
      
    - name: Start mariadb-server
      service:
        name: mariadb
        state: started
        enabled: True
    
    - name: Install pip
      yum:
        name: python2-pip
        state: present

    - name: Install Python Library
      pip:
        name: PyMySQL==0.10.0
        state: present

    - name: Create Database
      mysql_db:
        name: wordpressdb
        state: present

    - name: Create database user
      mysql_user:
        name: wordpress
        password: wordpress
        priv: 'wordpressdb.*:ALL'
        state: present

    # Install wordpress
    - name: Install wordpress
      get_url:
        url: https://wordpress.org/wordpress-6.2.tar.gz
        dest: /tmp/wordpress-6.2.tar.gz
        checksum: md5:34f279efe623025641bc11a69e3c02fa

    - name: Extract wordpress-6.X.tar.gz into /var/www/wordpress
      unarchive:
        src: /tmp/wordpress-6.2.tar.gz
        dest: /var/www/
        remote_src: True

    - name: Recursive Modify file permission
      file:
        path: /var/www/wordpress
        owner: apache
        group: apache
        mode: '0766'
        recurse: True
        state: directory
      
    - name: Add apache virtual host config
      copy:
        src: wordpress.conf
        dest: /etc/httpd/conf.d/wordpress.conf

    - name: Restart httpd
      service:
        name: httpd
        state: restarted

    - name: Add wordpress config
      copy:
        src: wp-config.php
        dest: /var/www/wordpress/wp-config.php
        owner: apache
        group: apache
        mode: '0744'

一、课前准备

二、环境简述

  • node20, 192.168.26.20/24, gw: 192.168.26.2, ansible管理端
  • node21, 192.168.26.21/24, gw: 192.168.26.2,被管理端
  • node22, 192.168.26.22/24, gw: 192.168.26.2,被管理端
  • node23, 192.168.26.23/24, gw: 192.168.26.2, 被管理端

三、搭建流程

  1. 最小化安装1台CentOS,安装后关机,给虚拟机创建一个快照;
  2. 从快照克隆新虚拟机,使用链接克隆方式,克隆出4台虚拟机;
  3. 打开这4台虚拟机,配置静态ip地址、主机名,完成后开机;
  4. 在node20上安装Ansible,使用ssh-keygen生成服务端公钥对;
  5. 在node20上使用copy-ssh-id命令,与node21/22/23配置无密码访问;
  6. 完成后关机,对node21/22/23创建虚拟机快照;

四、本地配置

  • 下载安装git客户端msi安装包, https://www.git-scm.com/
  • 下载安装VSCode,https://code.visualstudio.com/
  • 在VSCode插件库里安装Remote-SSH插件
  • git客户端安装后桌面右键Git bash here,使用ssh-keygen生成密钥对,使用ssh-copy-id连接node20配置无密码登录

  • 打开VScode,在remote-ssh插件配置文件中填写如下内容,配置文件位置:C:\Users\lixm.ssh\config

    Host 192.168.26.20
HostName 192.168.26.20
User root
Port 22
IdentityFile "C:\Users\lixm\.ssh\id_rsa"
  • 完成后即可在本地Windows远程编辑Linux主机中的文件

五、 LAMP环境搭建步骤

1. Install Base Environment

  • epel-release
  • turn off selinux

2. Install Apache Server

  • Install httpd
  • Set httpd service enable and start service
  • Open http 80/tcp port

3. Install PHP

  • Install remi-repo
  • Install php82 packages
  • Restart httpd

4. Install Mariadb

  • Install mariadb-server
  • Set mariadb service enable and start service
  • Install Python Library PyMySQL
  • Create database wordpressdb
  • Create user wordpress@localhost and grant permission to access wordpressdb

5. Install Wordpress

  • Download wordpress package
  • Unarchive package to target directory
  • Recursive modify files permission
  • Upload httpd virtualhost config file
  • Restart httpd service
  • Upload wordpress config file

六、other

pip install PyMySQL==0.10.0 -i https://mirrors.aliyun.com/pypi/simple/

开发应用程序时,我们会使用开发环境,例如,使用内存数据库以便快速启动。而运行在生产环境时,我们会使用生产环境,例如,使用MySQL数据库。如果应用程序可以根据自身的环境做一些适配,无疑会更加灵活。

Spring为应用程序准备了Profile这一概念,用来表示不同的环境。例如,我们分别定义开发、测试和生产这3个环境:

  • native
  • test
  • production

创建某个Bean时,Spring容器可以根据注解@Profile来决定是否创建。例如,以下配置:

@Configuration
@ComponentScan
public class AppConfig {
    @Bean
    @Profile("!test")
    ZoneId createZoneId() {
        return ZoneId.systemDefault();
    }

    @Bean
    @Profile("test")
    ZoneId createZoneIdForTest() {
        return ZoneId.of("America/New_York");
    }
}

如果当前的Profile设置为test,则Spring容器会调用createZoneIdForTest()创建ZoneId,否则,调用createZoneId()创建ZoneId。注意到@Profile("!test")表示非test环境。

在运行程序时,加上JVM参数-Dspring.profiles.active=test就可以指定以test环境启动。

实际上,Spring允许指定多个Profile,例如:

-Dspring.profiles.active=test,master

可以表示test环境,并使用master分支代码。

要满足多个Profile条件,可以这样写:

@Bean
@Profile({ "test", "master" }) // 同时满足test和master
ZoneId createZoneId() {
    ...
}

使用Conditional

除了根据@Profile条件来决定是否创建某个Bean外,Spring还可以根据@Conditional决定是否创建某个Bean。

例如,我们对SmtpMailService添加如下注解:

@Component
@Conditional(OnSmtpEnvCondition.class)
public class SmtpMailService implements MailService {
    ...
}

它的意思是,如果满足OnSmtpEnvCondition的条件,才会创建SmtpMailService这个Bean。OnSmtpEnvCondition的条件是什么呢?我们看一下代码:

public class OnSmtpEnvCondition implements Condition {
    public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
        return "true".equalsIgnoreCase(System.getenv("smtp"));
    }
}

因此,OnSmtpEnvCondition的条件是存在环境变量smtp,值为true。这样,我们就可以通过环境变量来控制是否创建SmtpMailService

Spring只提供了@Conditional注解,具体判断逻辑还需要我们自己实现。Spring Boot提供了更多使用起来更简单的条件注解,例如,如果配置文件中存在app.smtp=true,则创建MailService

@Component
@ConditionalOnProperty(name="app.smtp", havingValue="true")
public class MailService {
    ...
}

如果当前classpath中存在类javax.mail.Transport,则创建MailService

@Component
@ConditionalOnClass(name = "javax.mail.Transport")
public class MailService {
    ...
}

后续我们会介绍Spring Boot的条件装配。我们以文件存储为例,假设我们需要保存用户上传的头像,并返回存储路径,在本地开发运行时,我们总是存储到文件:

@Component
@ConditionalOnProperty(name = "app.storage", havingValue = "file", matchIfMissing = true)
public class FileUploader implements Uploader {
    ...
}

在生产环境运行时,我们会把文件存储到类似AWS S3上:

@Component
@ConditionalOnProperty(name = "app.storage", havingValue = "s3")
public class S3Uploader implements Uploader {
    ...
}

其他需要存储的服务则注入Uploader

@Component
public class UserImageService {
    @Autowired
    Uploader uploader;
}

当应用程序检测到配置文件存在app.storage=s3时,自动使用S3Uploader,如果存在配置app.storage=file,或者配置app.storage不存在,则使用FileUploader

可见,使用条件注解,能更灵活地装配Bean。

小结

Spring允许通过@Profile配置不同的Bean;

Spring还提供了@Conditional来进行条件装配,Spring Boot在此基础上进一步提供了基于配置、Class、Bean等条件进行装配。

  1. 1
  2. 2
  3. 3