# Centos 环境下的部署(基于Docker容器)
服务器配置要求:
最低配置:8核16GB,带宽建议动态带宽按量收费。峰值设置50M。
OSS:阿里云,腾讯云 二选一
**注意:docker部署的127.0.0.0和localhost全部改为服务器内网IP,否则会链接失败。**
**商城后端服务启动顺序:**
~~~shell
mall-gateway.jar
mall-auth.jar
mall-account.jar
mall-admin.jar
mall-shop.jar
mall-sns.jar
mall-pay.jar
mall-im.jar
mall-cms.jar
mall-search.jar
~~~
**端口开放:**
| 服务名称 | 版本 | 开放端口 |
| --- | --- | --- |
| mall-gateway.jar | | 服务端口:8201 |
| mall-auth.jar | | 服务端口:8401 |
| mall-account.jar | | 服务端口:8088 |
| mall-admin.jar | | 服务端口:8080 |
| mall-shop.jar | | 服务端口:8089 |
| mall-sns.jar | | 服务端口:8085 |
| mall-pay.jar | | 服务端口:8086 |
| mall-edu.jar | | 服务端口:8082 |
| mall-im.jar | | 服务端口:8099 |
| mall-cms.jar | | 服务端口:8087 |
| mall-search.jar | | 服务端口:8081 |
| nacos | 2.0.0 | 服务端口:8848 |
| Seata | 1.3.0 | 服务端口:8091 |
| Nginx | 最新 | 服务端口:80,443 |
| MySQL | 5.6.51 或者8.0 | 服务端口:3306 |
| Redis | 5.0 | 服务端口:6379 |
| elasticsearch | 7.17.3 | 服务端口:9200, 9300 |
| Logstash | 7.17.3 | 服务端口:4560, 4561,4562,4563 |
| Kibana | 7.17.3 | 服务端口:5601 |
| RabbitMQ | 3.7.4 | 服务端口:5672 15672 |
| Sentinel | 最新 | 服务端口:8858 |
| Portainer | | 服务端口:9000 |
# 可视化管理工具
Portainer 是一款轻量级的应用,它提供了图形化界面,用于方便的管理Docker环境,包括单机环境和集群环境,下面我们将用Portainer来管理Docker容器中的应用。
获取Docker镜像文件:
~~~shell
docker pull portainer/portainer
~~~
使用docker容器运行Portainer:
~~~shell
docker run -p 9000:9000 -p 8000:8000 --name portainer \
--restart=always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /etc/localtime:/etc/localtime \
-v /data/portainer/data:/data \
-d portainer/portainer
~~~
查看Portainer的DashBoard信息,访问地址:[http://192.168.3.101:9000](http://192.168.3.101:9000/)
# MySQL安装
**也可以使用MySQL8.0 但是要注意修改参数:sql-mode=NO\_ENGINE\_SUBSTITUTION。可以不使用docker部署MySQL,使用你认为比较合适的方式部署。**
下载 MySQL:8.0.36 的docker镜像:
~~~shell
docker pull mysql:8.0.36
~~~
创建物理机挂载目录:
~~~shell
sudo mkdir -p /data/mysql/data /data/mysql/logs /data/mysql/conf
~~~
进入mysql配置目录:
~~~shell
cd /data/mysql/conf
~~~
创建MySql的my.cnf配置文件,补充mysql8.0的配置文件(如下):
~~~shell
touch my.cnf
~~~
my.cnf 内容:
~~~shell
# =============== 配置内容如下(可根据自己情况修改)==============
[mysql]
#设置服务器默认字符集为utf8mb4
default-character-set=utf8mb4
[mysqld]
#配置服务器的服务号,具备日后需要集群做准备
server-id = 1
#开启MySQL数据库的二进制日志,用于记录用户对数据库的操作SQL语句,具备日后需要集群做准备
log-bin=mysql-bin
#设置清理超过30天的日志,以免日志堆积造过多成服务器内存爆满
expire_logs_days=30
#允许最大的连接数
max_connections=16384
# 禁用符号链接以防止各种安全风险
symbolic-links=0
# 设置东八区时区
default-time_zone = '+8:00'
#wait_timeout参数值,由默认的8小时,修改为30分钟。
wait_timeout=1800
#修改back_log参数值:由默认的50修改为500 每个线程256K 1.6W线程2G左右
back_log=500
character_set_server=utf8mb4
default_authentication_plugin = mysql_native_password
sql-mode=NO_ENGINE_SUBSTITUTION
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
init_connect=SET NAMES utf8mb4
# =========================== 结 束 ===========================
~~~
启动mysql:8.0.36:
~~~shell
docker run -p 3306:3306 --name mysql \
-v /data/mysql/conf/my.cnf:/etc/mysql/my.cnf \
-v /data/mysql/logs:/logs \
-v /data/mysql/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=B1x1GuKZr55PPmox \
-v /etc/localtime:/etc/localtime \
--restart always \
-d mysql:8.0.36
~~~
**如下MySQL5.6演示**
1. 下载MySQL5.6.51的docker镜像:
~~~shell
docker pull mysql:5.6.51
~~~
2. 使用如下命令启动MySQL服务:
~~~shell
docker run -p 3306:3306 --name mysql \
-v /data/mysql/log:/var/log/mysql \
-v /data/mysql/data:/var/lib/mysql \
-v /data/mysql/conf:/etc/mysql \
-v /etc/localtime:/etc/localtime \
-e MYSQL_ROOT_PASSWORD=root \
--restart=always \
-d mysql:5.6.51
~~~
3. 参数说明
* \-p 3306:3306:将容器的3306端口映射到主机的3306端口
* \-v /data/mysql/conf:/etc/mysql:将配置文件夹挂在到主机
* \-v /data/mysql/log:/var/log/mysql:将日志文件夹挂载到主机
* \-v /data/mysql/data:/var/lib/mysql/:将数据文件夹挂载到主机
* \-e MYSQL\_ROOT\_PASSWORD=root:初始化root用户的密码
4. 进入运行MySQL的docker容器:
~~~shell
docker exec -it mysql /bin/bash
~~~
5. 使用MySQL命令打开客户端:
~~~shell
mysql -uroot -proot --default-character-set=utf8mb4
~~~
6. 创建mall数据库:
~~~shell
create database mall character set utf8mb4;
~~~
7. 先将 store\_dev.sql 上传到/data/,将`store_dev.sql`文件拷贝到mysql容器的/目录下:
~~~shell
docker cp /data/store_dev.sql mysql:/
~~~
8. 将sql文件导入到数据库:
~~~shell
use mall;
source /store_dev.sql;
~~~
9. 创建一个reader:123456帐号并修改权限,使得任何ip都能访问:
**注意:此处请自定义自己的账号密码,这里只是示例。**
MySQL5.6:
~~~shell
grant all privileges on *.* to 'mall' @'%' identified by '123456';
~~~
MySQL8.0:
~~~shell
### 创建账号密码
CREATE USER 'mall'@'%' IDENTIFIED BY '1111111';
###为用户 mall 授予对数据库 mall 的所有权限
GRANT ALL PRIVILEGES ON mall.* TO 'mall'@'%';
###最后,执行以下命令以刷新权限
FLUSH PRIVILEGES;
~~~
10. 备份数据库脚本
mysqlback.sh
~~~shell
#!/bin/bash
# 备份文件保存的目录
backup_dir="/data/mysqlbak/"
# 获取当前日期和时间作为时间戳
timestamp=$(date +"%Y%m%d_%H%M%S")
# 备份MySQL数据库到带有时间戳的文件名中
docker exec mysql sh -c 'exec mysqldump dataname -uuser -p"password"' > "${backup_dir}db_backup_${timestamp}.sql"
# 列出备份目录下的所有备份文件,并按时间戳降序排序
backup_files=($(ls -t "${backup_dir}"*.sql))
# 计算备份文件数量
num_backup_files=${#backup_files[@]}
# 如果备份文件数量超过50份,则删除较旧的备份文件
if [ $num_backup_files -gt 50 ]; then
# 计算要删除的备份文件数量
num_to_delete=$((num_backup_files - 50))
# 循环删除较旧的备份文件
for ((i = 0; i < $num_to_delete; i++)); do
rm "${backup_files[$i]}"
done
fi
# 将最新的备份文件打包成压缩包
tar -czvf "${backup_dir}backup_${timestamp}.tar.gz" "${backup_dir}db_backup_${timestamp}.sql"
# 删除原始的备份文件(可选,如果需要节省磁盘空间)
rm "${backup_dir}db_backup_${timestamp}.sql"
~~~
添加计划任务:
打开终端。
输入以下命令来编辑你的cron表(计划任务表):
~~~shell
crontab -e
~~~
如果是第一次编辑cron表,系统会要求你选择一个文本编辑器。你可以选择自己熟悉的编辑器,比如`nano`或`vim`。
在打开的cron表中,添加以下行来每三十分钟执行一次任务:
~~~shell
*/30 * * * * your_command_here
~~~
将`your_command_here`替换为你想要定期执行的命令或脚本路径。
* \*/30:表示每隔30分钟执行一次。
* \*:表示任意的取值,这里代表每小时的任意分钟。
* \*:表示任意的取值,这里代表任意一天的日期。
* \*:表示任意的取值,这里代表任意一个月份。
* \*:表示任意的取值,这里代表任意一周的星期几。
编辑完成后,保存并退出编辑器。
系统会自动保存你的cron表,并开始按照你的设置定期执行任务。
# Redis安装
1. 下载Redis5.0的docker镜像:
~~~shell
docker pull redis:5
~~~
2. 使用如下命令启动Redis服务:
~~~shell
docker run -p 6379:6379 --name redis \
-v /etc/localtime:/etc/localtime \
-v /data/redis/data:/data \
--restart=always \
-d redis:5 redis-server --appendonly yes --requirepass "pwd_123"
~~~
3. 进入Redis容器使用`redis-cli`命令进行连接,验证是否启动成功:
~~~shell
docker exec -it redis redis-cli
~~~
# Nacos 安装
1. 下载Nacos的docker镜像:
~~~shell
docker pull nacos/nacos-server:2.0.0
~~~
2. 启动nacos容器 从容器中复制配置文件和日志文件:
~~~shell
docker run -p 8848:8848 --name nacos -d nacos/nacos-server:2.0.0
~~~
3. 创建挂载目录 方便修改配置 查看日志:
~~~shell
#配置文件复制
docker cp nacos:/home/nacos /data/nacos
~~~
4. 停止用来复制日志和配置文件的nacos 容器
~~~shell
#停止容器
docker stop nacos
#删除容器
docker rm nacos
~~~
5. 重新启动容器 并挂载目录 启动命令
~~~shell
docker run -d \
-e MODE=standalone \
-v /etc/localtime:/etc/localtime \
-v /data/nacos/logs:/home/nacos/logs \
-v /data/nacos/conf:/home/nacos/conf \
-v /data/nacos/data:/home/nacos/data \
-p 8848:8848 \
--name nacos \
--restart=always \
nacos/nacos-server:2.0.0
~~~
# Seata 安装
1. 下载Seata的docker镜像:
~~~shell
docker pull seataio/seata-server:1.3.0
~~~
2. 启动nacos容器 获取配置文件:
~~~shell
docker run --name seata-server -p 8091:8091 -d seataio/seata-server:1.3.0
~~~
3. 创建挂载目录 方便修改配置:
~~~shell
docker cp seata-server:/seata-server /data/seata
~~~
4. 停止用来复制配置文件的Seata容器
~~~shell
#停止容器
docker stop seata-server
#删除容器
docker rm seata-server
~~~
5. 修改配置文件,进入目录/data/seata/resources中修改file.conf和registry.conf中的内容
6. 修改文件 file.conf
~~~shell
## transaction log store, only used in seata-server
store {
## store mode: file、db、redis
mode = "db"
## file store property
file {
## store location dir
dir = "sessionStore"
# branch session size , if exceeded first try compress lockkey, still exceeded throws exceptions
maxBranchSessionSize = 16384
# globe session size , if exceeded throws exceptions
maxGlobalSessionSize = 512
# file buffer size , if exceeded allocate new buffer
fileWriteBufferCacheSize = 16384
# when recover batch read size
sessionReloadReadSize = 100
# async, sync
flushDiskMode = async
}
## database store property
db {
## the implement of javax.sql.DataSource, such as DruidDataSource(druid)/BasicDataSource(dbcp)/HikariDataSource(hikari) etc.
datasource = "druid"
## mysql/oracle/postgresql/h2/oceanbase etc.
dbType = "mysql"
## 注意使用mysql8.0及以上版本的需要更改:driverClassName = "com.mysql.cj.jdbc.Driver"
driverClassName = "com.mysql.jdbc.Driver"
url = "jdbc:mysql://127.0.0.1:3306/mallsuite?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai&&zeroDateTimeBehavior=convertToNull"
user = "mall"
password = "mall"
minConn = 5
maxConn = 30
globalTable = "global_table"
branchTable = "branch_table"
lockTable = "lock_table"
queryLimit = 100
maxWait = 5000
}
## redis store property
redis {
host = "127.0.0.1"
port = "6379"
password = "pwd_123"
database = "0"
minConn = 1
maxConn = 10
queryLimit = 100
}
}
~~~
7. 修改文件 registry.conf,参考一下配置。
(nacos服务对应的ip地址假设为:127.0.0.1;nacos服务的用户名密码假设都为:nacos):
~~~shell
registry {
# file 、nacos 、eureka、redis、zk、consul、etcd3、sofa
type = "nacos"
nacos {
application = "seata-server"
serverAddr = "127.0.0.1:8848"
group = "SEATA_GROUP"
namespace = ""
cluster = "default"
username = "nacos"
password = "nacos"
}
redis {
serverAddr = "localhost:6379"
db = 0
password = "pwd_123"
cluster = "default"
timeout = 0
}
file {
name = "file.conf"
}
}
config {
# file、nacos 、apollo、zk、consul、etcd3
type = "file"
nacos {
serverAddr = "127.0.0.1:8848"
namespace = ""
group = "SEATA_GROUP"
username = "nacos"
password = "nacos"
}
file {
name = "file.conf"
}
}
~~~
8. 准备 config.txt 文件 放入 /data/seata/文件夹中,内容参考以下配置(主要注意数据库连接串和用户名密码的修改):
~~~shell
transport.type=TCP
transport.server=NIO
transport.heartbeat=true
transport.enableClientBatchSendRequest=true
transport.threadFactory.bossThreadPrefix=NettyBoss
transport.threadFactory.workerThreadPrefix=NettyServerNIOWorker
transport.threadFactory.serverExecutorThreadPrefix=NettyServerBizHandler
transport.threadFactory.shareBossWorker=false
transport.threadFactory.clientSelectorThreadPrefix=NettyClientSelector
transport.threadFactory.clientSelectorThreadSize=1
transport.threadFactory.clientWorkerThreadPrefix=NettyClientWorkerThread
transport.threadFactory.bossThreadSize=1
transport.threadFactory.workerThreadSize=default
transport.shutdown.wait=3
service.vgroupMapping.my_test_tx_group=default
service.default.grouplist=127.0.0.1:8091
service.enableDegrade=false
service.disableGlobalTransaction=false
client.rm.asyncCommitBufferLimit=10000
client.rm.lock.retryInterval=10
client.rm.lock.retryTimes=30
client.rm.lock.retryPolicyBranchRollbackOnConflict=true
client.rm.reportRetryCount=5
client.rm.tableMetaCheckEnable=false
client.rm.tableMetaCheckerInterval=60000
client.rm.sqlParserType=druid
client.rm.reportSuccessEnable=false
client.rm.sagaBranchRegisterEnable=false
client.rm.sagaJsonParser=fastjson
client.rm.tccActionInterceptorOrder=-2147482648
client.tm.commitRetryCount=5
client.tm.rollbackRetryCount=5
client.tm.defaultGlobalTransactionTimeout=60000
client.tm.degradeCheck=false
client.tm.degradeCheckAllowTimes=10
client.tm.degradeCheckPeriod=2000
client.tm.interceptorOrder=-2147482648
store.mode=db
store.lock.mode=file
store.session.mode=file
store.publicKey=
store.file.dir=file_store/data
store.file.maxBranchSessionSize=16384
store.file.maxGlobalSessionSize=512
store.file.fileWriteBufferCacheSize=16384
store.file.flushDiskMode=async
store.file.sessionReloadReadSize=100
store.db.datasource=druid
store.db.dbType=mysql
#注意使用mysql8.0及以上版本的需要更改:driverClassName = "com.mysql.cj.jdbc.Driver"
store.db.driverClassName=com.mysql.jdbc.Driver
store.db.url=jdbc:mysql://127.0.0.1:3306/mallsuite?useUnicode=true&characterEncoding=utf-8&useSSL=false&serverTimezone=Asia/Shanghai&&zeroDateTimeBehavior=convertToNull
store.db.user=root #数据库用户名
store.db.password=root #数据库密码
store.db.minConn=5
store.db.maxConn=30
store.db.globalTable=global_table
store.db.branchTable=branch_table
store.db.distributedLockTable=distributed_lock
store.db.queryLimit=100
store.db.lockTable=lock_table
store.db.maxWait=5000
server.recovery.committingRetryPeriod=1000
server.recovery.asynCommittingRetryPeriod=1000
server.recovery.rollbackingRetryPeriod=1000
server.recovery.timeoutRetryPeriod=1000
server.maxCommitRetryTimeout=-1
server.maxRollbackRetryTimeout=-1
server.rollbackRetryTimeoutUnlockEnable=false
server.distributedLockExpireTime=10000
client.undo.dataValidation=true
client.undo.logSerialization=jackson
client.undo.onlyCareUpdateColumns=true
server.undo.logSaveDays=7
server.undo.logDeletePeriod=86400000
client.undo.logTable=undo_log
client.undo.compress.enable=true
client.undo.compress.type=zip
client.undo.compress.threshold=64k
log.exceptionRate=100
transport.serialization=seata
transport.compressor=none
metrics.enabled=false
metrics.registryType=compact
metrics.exporterList=prometheus
metrics.exporterPrometheusPort=9898
tcc.fence.logTableName=tcc_fence_log
tcc.fence.cleanPeriod=1h
~~~
9. 新建 nacos-config.sh 放入 /data/seata/resources文件夹中;参考配置如下:
~~~shell
#!/bin/sh
# Copyright 1999-2019 Seata.io Group.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at、
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
while getopts ":h:p:g:t:u:w:" opt
do
case $opt in
h)
host=$OPTARG
;;
p)
port=$OPTARG
;;
g)
group=$OPTARG
;;
t)
tenant=$OPTARG
;;
u)
username=$OPTARG
;;
w)
password=$OPTARG
;;
?)
echo " USAGE OPTION: $0 [-h host] [-p port] [-g group] [-t tenant] [-u username] [-w password] "
exit 1
;;
esac
done
if [ -z ${host} ]; then
host=localhost
fi
if [ -z ${port} ]; then
port=8848
fi
if [ -z ${group} ]; then
group="SEATA_GROUP"
fi
if [ -z ${tenant} ]; then
tenant=""
fi
if [ -z ${username} ]; then
username=""
fi
if [ -z ${password} ]; then
password=""
fi
nacosAddr=$host:$port
contentType="content-type:application/json;charset=UTF-8"
echo "set nacosAddr=$nacosAddr"
echo "set group=$group"
urlencode() {
length="${#1}"
i=0
while [ $length -gt $i ]; do
char="${1:$i:1}"
case $char in
[a-zA-Z0-9.~_-]) printf $char ;;
*) printf '%%%02X' "'$char" ;;
esac
i=`expr $i + 1`
done
}
failCount=0
tempLog=$(mktemp -u)
function addConfig() {
dataId=`urlencode $1`
content=`urlencode $2`
curl -X POST -H "${contentType}" "http://$nacosAddr/nacos/v1/cs/configs?dataId=$dataId&group=$group&content=$content&tenant=$tenant&username=$username&password=$password" >"${tempLog}" 2>/dev/null
if [ -z $(cat "${tempLog}") ]; then
echo " Please check the cluster status. "
exit 1
fi
if [ "$(cat "${tempLog}")" == "true" ]; then
echo "Set $1=$2 successfully "
else
echo "Set $1=$2 failure "
failCount=`expr $failCount + 1`
fi
}
count=0
for line in $(cat $(dirname "$PWD")/config.txt | sed s/[[:space:]]//g); do
count=`expr $count + 1`
key=${line%%=*}
value=${line#*=}
addConfig "${key}" "${value}"
done
echo "========================================================================="
echo " Complete initialization parameters, total-count:$count , failure-count:$failCount "
echo "========================================================================="
if [ ${failCount} -eq 0 ]; then
echo " Init nacos config finished, please start seata-server. "
else
echo " init nacos config fail. "
fi
~~~
10. 准备好以上4步骤的文件后:
~~~shell
#进入/data/seata/resources
cd /data/seata/resources
# 导入配置(注意替换nacos的用户名密码)
sh nacos-config.sh -h 127.0.0.1 -p 8848 -g SEATA_GROUP -u nacos -w nacos
~~~
11. 重新启动seata:
注意:这里启动的时候检查一下挂载的配置文件目录,/data/seata根据实际目录配置。有的环境可能是/data/seata/seata-server
~~~shell
docker run -d --restart always \
--name seata-server \
-v /etc/localtime:/etc/localtime \
-p 8091:8091 -v /data/seata:/seata-server \
seataio/seata-server:1.3.0
~~~
1. 确认是否注册成功,如图是成功的内容。
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_30e57333c8567010c945ad23672c2384_r.png "null")
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_9a761e81e7b0c7f55cceddbb819eb893_r.png "null")
# Elasticsearch安装
1. 下载Elasticsearch`7.17.3`的docker镜像
~~~shell
docker pull docker.elastic.co/elasticsearch/elasticsearch:7.17.3
~~~
2. 修改虚拟内存区域大小,否则会因为过小而无法启动:
~~~shell
sysctl -w vm.max_map_count=262144
~~~
3. 创建Elasticsearch 相关挂载目录
~~~shell
mkdir -p /data/elasticsearch/config
mkdir -p /data/elasticsearch/data
mkdir -p /data/elasticsearch/plugins
~~~
4. 创建文件
~~~shell
vi /data/elasticsearch/config/elasticsearch.yml
~~~
5. elasticsearch.yml如下内容:
~~~shell
http.host: 0.0.0.0
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
~~~
6. 设置目录权限,否则会报错
~~~shell
cd /data/elasticsearch/
chmod +x config/elasticsearch.yml
~~~
7. 使用如下命令启动Elasticsearch服务,内存小的服务器可以通过`ES_JAVA_OPTS`来设置占用内存大小:
~~~shell
docker run -p 9200:9200 -p 9300:9300 --name elasticsearch \
-e "discovery.type=single-node" \
-e "cluster.name=elasticsearch" \
-e "ES_JAVA_OPTS=-Xms512m -Xmx1024m" \
-v /etc/localtime:/etc/localtime \
-v /data/elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
-v /data/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
-v /data/elasticsearch/data:/usr/share/elasticsearch/data \
--restart=always \
-d docker.elastic.co/elasticsearch/elasticsearch:7.17.3
~~~
8. 启动时如果发现/usr/share/elasticsearch/data目录没有访问权限,只需要修改/data/elasticsearch/data目录的权限,再重新启动即可;
~~~shell
chmod 777 /data/elasticsearch/data/
~~~
9. 安装中文分词器IKAnalyzer,注意下载与Elasticsearch对应的版本,下载地址:[https://github.com/medcl/elasticsearch-analysis-ik/releases](https://github.com/medcl/elasticsearch-analysis-ik/releases)
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_23ff64204eb21eb764f27d6395c70bc6_r.png "null")
10. 创建存放目录:
~~~shell
cd /data/elasticsearch/plugins
mkdir elasticsearch-analysis-ik
~~~
11. 下载完成后解压到Elasticsearch的/data/elasticsearch/plugins/elasticsearch-analysis-ik目录下;
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_9ffbdae51a1e9730f23edbe4f5dd67ed_r.png "null")
12. 重新启动服务:
~~~shell
docker restart elasticsearch
~~~
13. 进入运行elasticsearch的docker容器:
~~~shell
docker exec -it elasticsearch /bin/bash
~~~
14. 配置访问es密码步骤
~~~shell
./bin/elasticsearch-setup-passwords interactive
~~~
15. 开启防火墙:
~~~shell
firewall-cmd --zone=public --add-port=9200/tcp --permanent
firewall-cmd --reload
~~~
# Logstash安装
1. 下载Logstash7.17.3的docker镜像:
~~~shell
docker pull docker.elastic.co/logstash/logstash:7.17.3
~~~
2. 创建Logstash 相关挂载目录:
~~~shell
mkdir /data/logstash
~~~
3. 创建Logstash的配置文件logstash.conf
~~~shell
cd /data/logstash
touch logstash.conf
vim logstash.conf
~~~
4. 放入一下内容:配置文件logstash.conf中output节点下的Elasticsearch连接地址为es:9200
~~~shell
input {
tcp {
mode => "server"
host => "0.0.0.0"
port => 4560
codec => json_lines
type => "debug"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4561
codec => json_lines
type => "error"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4562
codec => json_lines
type => "business"
}
tcp {
mode => "server"
host => "0.0.0.0"
port => 4563
codec => json_lines
type => "record"
}
}
filter{
if [type] == "record" {
mutate {
remove_field => "port"
remove_field => "host"
remove_field => "@version"
}
json {
source => "message"
remove_field => ["message"]
}
}
}
output {
elasticsearch {
hosts => "es:9200"
index => "%{project}-%{service}"
user => "elastic"
password => "**********"
}
}
~~~
创建创建Logstash的配置文件logstash.yml.
~~~shell
cd /data/logstash
touch logstash.yml
vim logstash.yml
~~~
logstash.yml文件内容:
~~~shell
http.host: "0.0.0.0"
xpack.monitoring.enabled: true
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password: *****
xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]
~~~
在logstash.yml中配置用户名和密码
xpack.monitoring.elasticsearch.username: elastic
xpack.monitoring.elasticsearch.password:**\***
账号密码为es初始化中设置的密码
5. 启动logstash :
~~~shell
docker run --name logstash -p 4560:4560 -p 4561:4561 -p 4562:4562 -p 4563:4563 \
--link elasticsearch:es \
-v /etc/localtime:/etc/localtime \
-v /data/logstash/logstash.yml:/usr/share/logstash/config/logstash.yml \
-v /data/logstash/logstash.conf:/usr/share/logstash/pipeline/logstash.conf \
--restart=always \
-d docker.elastic.co/logstash/logstash:7.17.3
~~~
6. 进入容器内部,安装`json_lines`插件。
~~~shell
docker exec -it logstash /bin/bash
logstash-plugin install logstash-codec-json_lines
~~~
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_c559aec00ddafa03845facee3d54ae72_r.png "null")
# Kibana安装
1. 下载`Kibana7.17.3`的docker镜像:
~~~shell
docker pull docker.elastic.co/kibana/kibana:7.17.3
~~~
2. 创建kibana挂载的相关目录:
~~~shell
mkdir -p /data/kibana
~~~
3. 创建kibana的配置文件kibana.yml
~~~shell
cd /data/kibana
touch kibana.yml
vim kibana.yml
~~~
4. kibana.yml文件内容:
~~~shell
server.host: "0.0.0.0"
server.shutdownTimeout: "5s"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
elasticsearch.username: "elastic"
elasticsearch.password: "*****"
i18n.locale: "zh-CN"
~~~
在kibana.yml中配置用户名和密码
elasticsearch.username: “elastic”
elasticsearch.password: “**\***“
账号密码为es初始化中设置的密码
重启kibana
输入[http://ip:5601打开登录页面,使用elastic账号登录](http://ip:5601%E6%89%93%E5%BC%80%E7%99%BB%E5%BD%95%E9%A1%B5%E9%9D%A2%EF%BC%8C%E4%BD%BF%E7%94%A8elastic%E8%B4%A6%E5%8F%B7%E7%99%BB%E5%BD%95/).
1. 使用如下命令启动Kibana服务:
~~~shell
docker run --name kibana -p 5601:5601 \
--link elasticsearch:es \
-e "elasticsearch.hosts=http://es:9200" \
-v /etc/localtime:/etc/localtime \
-v /data/kibana/kibana.yml:/usr/share/kibana/config/kibana.yml \
--restart=always \
-d docker.elastic.co/kibana/kibana:7.17.3
~~~
2. 开启防火墙:
~~~shell
firewall-cmd --zone=public --add-port=5601/tcp --permanent
firewall-cmd --reload
~~~
访问地址进行测试:[http://ip:5601](http://ip:5601/)
Analytics–>Discover–>mall-suite\*
# RabbitMQ
1. 拉取 RabbitMQ 镜像
~~~shell
docker pull rabbitmq:3.7.4
~~~
2. 创建 RabbitMQ 容器
~~~shell
docker run --name rabbitmq -v /etc/localtime:/etc/localtime -p 5672:5672 -p 15672:15672 --restart=always -d rabbitmq:3.7.4
~~~
这个命令将创建一个后台运行的 RabbitMQ 容器,并将容器的 5672 端口映射到主机的 5672 端口(用于 AMQP 连接),并将容器的 15672 端口映射到主机的 15672 端口(用于 RabbitMQ 的管理界面)。
3. 访问 RabbitMQ 管理界面
在浏览器中访问[http://localhost:15672,你将看到](http://localhost:15672%EF%BC%8C%E4%BD%A0%E5%B0%86%E7%9C%8B%E5%88%B0/)RabbitMQ 的管理界面。
使用默认的用户名和密码 guest/guest 登录。
# Sentinel
1. 拉取 Sentinel 镜像
~~~shell
docker pull bladex/sentinel-dashboard
~~~
2. 创建 Sentinel 容器
~~~shell
docker run -d -p 8858:8718 --name sentinel bladex/sentinel-dashboard
~~~
# 商城服务端
(这种方式非必须,最终会使用docker部署,详看《搭建docker私有化镜像仓库》和《使用jenkins实现自动化部署》)
**商城后端服务启动顺序:**
~~~shell
mall-gateway.jar
mall-auth.jar
mall-account.jar
mall-admin.jar
mall-shop.jar
mall-sns.jar
mall-pay.jar
mall-im.jar
mall-cms.jar
mall-search.jar
~~~
1. 上传服务包jra包。
~~~shell
#创建目录
mkdir -p /data/www
~~~
~~~shell
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-account.jar >/data/logs/mall-account.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-admin.jar >/data/logs/mall-admin.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-auth.jar >/data/logs/mall-auth.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-cms.jar >/data/logs/mall-cms.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-gateway.jar >/data/logs/mall-gateway.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-im.jar >/data/logs/mall-im.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-pay.jar >/data/logs/mall-pay.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-shop.jar >/data/logs/mall-shop.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-sns.jar >/data/logs/mall-sns.log 2>&1 &
nohup java -jar -Xms128m -Xmx512m -XX:PermSize=64M -XX:MaxPermSize=256M mall-search.jar >/data/logs/mall-sns.log 2>&1 &
~~~
# Nginx安装
1. 下载Nginx的docker镜像:
~~~shell
docker pull nginx
~~~
2. 先运行一次容器(为了拷贝配置文件):
~~~shell
docker run -p 80:80 --name nginx \
-v /data/nginx/html:/usr/share/nginx/html \
-v /data/nginx/logs:/var/log/nginx \
-v /etc/localtime:/etc/localtime \
-d nginx:latest
~~~
3. 将容器内的配置文件拷贝到指定目录:
~~~shell
docker container cp nginx:/etc/nginx /data/nginx/
~~~
4. 修改文件名称:
~~~shell
# 进入/data/nginx/
cd /data/nginx/
# 修改文件名
mv nginx conf
~~~
5. 终止并删除容器:
~~~shell
docker stop nginx
docker rm nginx
~~~
6. 修改nginx配置,设置最大上传文件:client\_max\_body\_size,这里不修改移动端装修会保存失败。
~~~shell
vim /data/nginx/conf/nginx.conf
client_max_body_size 50m;
~~~
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_b840e62066575f0a5f430777adead091_r.png "null")
1. 上传ssl证书:
~~~shell
#进入/data/nginx
cd /data/nginx
#创建ssl文件存放证书
mkdir ssl
~~~
2. 上传代码包:
~~~shell
#创建目录
mkdir -p /data/nginx/www/mallsuite
cd /data/nginx/www/mallsuite
~~~
![](https://docs.suteshop.com/uploads/shopsuite-java/images/m_1c917e410f68ce108fd22ec41baf3d31_r.png "null")
3. 配置站点域名:
~~~shell
#进入存放配置文件目录
cd /data/nginx/conf/conf.d
#创建文件
touch mallsuite.conf
#编辑文件
vim mallsuite.conf
~~~
放入以下内容:注意修改接口请求地址,这里127.0.0.1为示例。
~~~shell
upstream nacos {
server 127.0.0.1:8848 weight=1;
}
upstream backend {
server 127.0.0.1:8099;
}
server {
listen 80;
server_name yourdomain; #需要将yourdomain替换成证书绑定的域名。
rewrite ^(.*)$ https://$host$1; #将所有HTTP请求通过rewrite指令重定向到HTTPS。
location / {
index index.html index.htm;
}
}
server
{
#listen 80;
listen 443 ssl ;
server_name yourdomain;
index index.php index.html index.htm default.php default.htm default.html;
root /www/mallsuite/; #启动nginx镜像挂载目录
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
ssl_certificate /etc/nginx/ssl/7959472.com.pem;#修改为自己ssl证书
ssl_certificate_key /etc/nginx/ssl/7959472.com.key;#修改为自己ssl证书
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
#error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END
#PHP-INFO-START PHP引用配置,可以注释或修改
#include enable-php-00.conf;
#PHP-INFO-END
#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
#include /www/server/panel/vhost/rewrite/101.133.142.46.conf;
#REWRITE-END
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
allow all;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
error_log /dev/null;
access_log /dev/null;
}
location ~ .*\.(js|css)?$
{
expires 12h;
error_log /dev/null;
access_log /dev/null;
}
location ~* \.(eot|ttf|woff|woff2|svg)$ {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
}
location ^~ /im/ {
root /www/mallsuite/admin/; #保持一致,在root /www/mallsuite/ 加admin #启动nginx镜像已挂载目录
}
location ^~ /api/shop/static/ {
proxy_pass http://127.0.0.1:8201/shop/static/;
}
location ^~ /api/admin/static/ {
proxy_pass http://127.0.0.1:8201/admin/static/;
}
location ^~ /api/doc.html {
proxy_pass http://127.0.0.1:8201/doc.html;
}
location ^~ /api/webjars/ {
proxy_pass http://127.0.0.1:8201/webjars/;
}
location /h5/ {
try_files $uri $uri/ @router;
index index.html index.htm;
}
location @router {
rewrite ^.*$ /h5/index.html last;
}
location /admin/ {
try_files $uri $uri/ @routeradmin;
index index.html index.htm;
}
location @routeradmin {
rewrite ^.*$ /admin/index.html last;
}
location /mobile/ {
proxy_pass http://127.0.0.1:8201/mobile/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header HTTP_X_FORWARDED_FOR $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect default;
}
location /api/ {
proxy_pass http://127.0.0.1:8201/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header HTTP_X_FORWARDED_FOR $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect default;
}
location /mallsuiteImSocketServer {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
#图片本地存储上传的静态文件访问路径
location ^~ /admin/oss/upload/ {
proxy_pass http://localhost:8201/admin/oss/upload/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header HTTP_X_FORWARDED_FOR $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect default;
}
#上传的静态文件访问路径
location ^~ /static/ {
root /opt/apps/mall/public/;
}
access_log /wwwlogs/access.log;
error_log /wwwlogs/error.log;
}
~~~
4. 使用如下命令启动Nginx服务:
~~~shell
docker run -p 80:80 -p 443:443 --name nginx \
-v /etc/localtime:/etc/localtime \
-v /data/nginx/html:/usr/share/nginx/html \
-v /data/nginx/www:/www \
-v /data/nginx/wwwlogs:/wwwlogs \
-v /data/nginx/logs:/var/log/nginx \
-v /data/nginx/conf:/etc/nginx \
-v /data/nginx/ssl:/etc/nginx/ssl/ \
-v /data/nginx/www:/opt/apps/mall/public/static \
--restart=always \
-d nginx:latest
~~~