k8s/docker 安装yapi和MongoDB
环境说明centos7防火墙 iptables安装MongoDB文档https://mongodb.net.cn/manual/tutorial/install-mongodb-on-red-hat/配置源编辑文件vim /etc/yum.repos.d/mongodb-org-4.2.repo内容如下[mongodb-org-4.2]name=MongoDB Repositorybaseurl=
·
环境说明
centos7
防火墙 iptables
安装MongoDB
文档
https://mongodb.net.cn/manual/tutorial/install-mongodb-on-red-hat/
配置源
编辑文件
vim /etc/yum.repos.d/mongodb-org-4.2.repo
内容如下
[mongodb-org-4.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc
更新并安装
sudo yum update
sudo yum clean all
sudo yum makecache
sudo yum update
#
sudo yum install -y mongodb-org
查看安装位置
whereis mongod
设置开机启动
systemctl enable mongod
启动
systemctl start mongod
查看状态
systemctl status mongod
如果有防火墙那么要配置防火墙
这里 只有iptables 防火墙
# 开放端口
iptables -I INPUT -p tcp --dport 27017 -j ACCEPT
取消上面设置的端口
这里 只有iptables 防火墙
# 开放端口
iptables -D INPUT -p tcp --dport 27017 -j ACCEPT
如何禁用端口
# 禁用端口
iptables -I INPUT -p tcp --dport 27017 -j DROP
#取消禁用
iptables -D INPUT -p tcp --dport 27017 -j DROP
配置文件
vim /etc/mongod.conf
启动权限控制
security:
authorization: enabled
authorization 启用基于角色的访问控制
如果你需要开启远程访问,把如下
bindIp: 127.0.0.1 # Enter 0.0.0.0,:: to bind to all IPv4 and IPv6 addresses or, alternatively, use the net.bindIpAll setting
改为
bindIp: 0.0.0.0
重启并应用
systemctl restart mongod
配置文件限制
echo "mongod soft nofiles 64000" >> /etc/security/limits.conf
echo "mongod soft nproc 64000" >> /etc/security/limits.conf
创建数据库用户-超管
mongo
接着 进入 库
use admin
创建用户及权限
db.createUser({user: "fox", pwd: "pd.fox.123#@", roles:[{role: "userAdminAnyDatabase", db: "admin"}]})
fox : 管理员(该用户可以在任何数据库上创建其他用户)
pd.fox.123#@: 为密码
输出
Successfully added user: {
"user" : "fox",
"roles" : [
{
"role" : "userAdminAnyDatabase",
"db" : "admin"
}
]
}
退出
exit
或
quit()
案例-创建普通用户及库
登陆
mongo -u fox -p --authenticationDatabase admin
创建数据库
use yapi
给该库设置独立的用户及密码
本步骤不是必须的,你也可以使用超管用户fox
db.createUser({user: "yapi", pwd: "password", roles:[{role: "dbAdmin", db: "yapi"},{role: "readWrite", db: "yapi"}]})
最后退出
exit
或
quit()
命令行使用该用户登陆
mongo -u yapi -p --authenticationDatabase yapi
k8s 安装yapi
设置yapi配置文件
mkdir -p /www/yapi/conf
#
vim /www/yapi/conf/config.json
内容如下
{
"port": "3000",
"adminAccount": "foxiswho@gmail.com",
"timeout":120000,
"db": {
"connectString": "mongodb://172.17.132.196:27017/yapi",
"port": 27017,
"user": "yapi",
"pass": "password"
},
"mail": {
"enable": true,
"host": "smtp.gmail.com",
"port": 465,
"from": "*",
"auth": {
"user": "foxiswho@gmail.com",
"pass": "yapi.pro"
}
}
}
mail : 配置邮件服务器,不需要可以删除无需配置
yapi的k8s 配置文件
pod.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: yapi
name: yapi
spec:
replicas: 1
revisionHistoryLimit: 5
selector:
matchLabels:
app: yapi
template:
metadata:
labels:
app: yapi
spec:
containers:
- env:
- name: TZ
value: Asia/Shanghai
command: ["/bin/sh","-c","node /yapi/vendors/server/app.js"]
image: 'yapipro/yapi'
name: yapi
imagePullPolicy: IfNotPresent
#workingDir: /yapi
ports:
- containerPort: 3000
protocol: TCP
resources:
limits:
memory: 1Gi
requests:
memory: 900Mi
volumeMounts:
- name: vm-config
mountPath: /yapi/config.json
- name: vm-log
mountPath: /yapi/log
initContainers:
- name: init-data
image: 'yapipro/yapi'
command:
- /bin/sh
- "-c"
args:
- "node server/install.js"
volumeMounts:
- name: vm-config
mountPath: /yapi/config.json
- name: vm-log
mountPath: /yapi/log
restartPolicy: Always
terminationGracePeriodSeconds: 30
volumes:
- name: vm-config
hostPath:
# 宿主机目录
path: /www/yapi/conf/config.json
# hostPath 卷指定 type,如果目录不存在则创建(可创建多层目录)
type: FileOrCreate
- name: vm-log
hostPath:
path: /www/yapi/log
type: DirectoryOrCreate
service.yaml
apiVersion: v1
kind: Service
metadata:
name: yapi
labels:
app: yapi
spec:
#type: NodePort
ports:
- port: 3000
targetPort: 3000
#nodePort: 3000
name: web
selector:
app: yapi
ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: traefik
name: yapi
spec:
rules:
- host: yapi.foxwho.com
http:
paths:
- backend:
service:
name: yapi
port:
number: 3000
path: /
pathType: ImplementationSpecific
应用生成
kubectl apply -f pod.yaml
kubectl apply -f service.yaml
kubectl apply -f ingress.yaml
最后访问浏览器
http://yapi.foxwho.com
初始化管理员账号在上面的 config.json 配置中 foxiswho@gmail.com,初始密码是 yapi.pro,可以登录后进入个人中心修改
docker 安装yapi
设置yapi配置文件
mkdir -p /www/yapi/conf
#
vim /www/yapi/conf/config.json
内容如下
{
"port": "3000",
"adminAccount": "foxiswho@gmail.com",
"timeout":120000,
"db": {
"connectString": "mongodb://172.17.132.196:27017/yapi?replicaSet=rs0&slaveOk=true",
"port": 27017,
"user": "yapi",
"pass": "password"
},
"mail": {
"enable": true,
"host": "smtp.gmail.com",
"port": 465,
"from": "*",
"auth": {
"user": "foxiswho@gmail.com",
"pass": "yapi.pro"
}
}
}
拉取镜像
docker pull yapipro/yapi:latest
创建一个自定义网络
Docker 容器之间网络互通需要使用 docker network create yapi 创建一个自定义网络
docker network create yapi
容器初始化数据库表
docker run -d --rm \
--name yapi-init \
--net=yapi \
-v $PWD/config.json:/yapi/config.json \
yapipro/yapi \
server/install.js
运行容器
初始化管理员账号在上面的 config.json 配置中 foxiswho@gmail.com,初始密码是 yapi.pro,可以登录后进入个人中心修改
docker run -d \
--name yapi \
--restart always \
--net=yapi \
-p 3000:3000 \
-v /www/yapi/conf/config.json:/yapi/config.json \
yapipro/yapi \
server/app.js
在服务器上验证 yapi 启动是否成功
curl localhost:3000
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献20条内容
所有评论(0)