腾讯蓝鲸集群式部署

腾讯蓝鲸智云，简称蓝鲸，是腾讯互动娱乐事业群（Interactive Entertainment Group，简称 IEG）自研自用的一套用于构建企业研发运营一体化体系的 PaaS 开发框架，提供了 aPaaS（DevOps 流水线、运行环境托管、前后台框架）和 iPaaS（持续集成、CMDB、作业平台、容器管理、计算平台、AI 等原子平台）等模块，帮助企业技术人员快速构建基础运营 PaaS。

关闭防火墙

[root@localhost ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

关闭网络管理

[root@localhost ~]# systemctl status NetworkManager
● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-07-29 15:49:45 CST; 1h 10min ago
     Docs: man:NetworkManager(8)
 Main PID: 1086 (NetworkManager)
   CGroup: /system.slice/NetworkManager.service
           ├─1086 /usr/sbin/NetworkManager --no-daemon
           └─1197 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-ens33.pid -lf /var/lib/NetworkManager/dhclient-54043ffa-9f33-49a0-b4d5-4b191...

Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6410] device (ens33): state change: secondaries -> activated (reason 'none', sys...managed')
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6420] manager: NetworkManager state is now CONNECTED_LOCAL
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6445] manager: NetworkManager state is now CONNECTED_SITE
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6447] policy: set 'ens33' (ens33) as default for IPv4 routing and DNS
Jul 29 15:49:58 localhost.localdomain dhclient[1197]: bound to 192.168.1.74 -- renewal in 39901 seconds.
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6550] device (ens33): Activation: successful, device activated.
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6559] manager: NetworkManager state is now CONNECTED_GLOBAL
Jul 29 15:49:58 localhost.localdomain NetworkManager[1086]: <info>  [1627544998.6567] manager: startup complete
Jul 29 16:53:57 tencen-3 NetworkManager[1086]: <info>  [1627548837.1248] hostname: hostname changed from "localhost.localdomain" to "tencen-3"
Jul 29 16:53:57 tencen-3 NetworkManager[1086]: <info>  [1627548837.1252] policy: set-hostname: set hostname to 'tencen-3' (from system configuration)
Hint: Some lines were ellipsized, use -l to show in full.


[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.

设置最大连接数

[root@localhost ~]# ulimit -n
1024
[root@localhost ~]# cp /etc/security/limits.conf /etc/security/limits.conf.bak
[root@localhost ~]# cat << EOF >> /etc/security/limits.conf
> root soft nofile 102400
> root hard nofile 102400
> EOF
[root@localhost ~]#

准备所需软件包

[root@localhost ~]# mkdir  /data
[root@localhost ~]# mv bkce_basic_suite-6.0.3.tgz /data
[root@localhost ~]# cd /data
[root@localhost data]# ls
bkce_basic_suite-6.0.3.tgz
[root@localhost data]# 
[root@localhost data]# 
[root@localhost data]#

解压套餐包

[root@localhost data]# tar xf bkce_basic_suite-6.0.3.tgz
[root@localhost data]#

解压各个产品软件包

[root@localhost data]# cd /data/src/; for f in *gz;do tar xf $f; done

解压证书包

在网站 https://bk.tencent.com/download_ssl/ 中使用Mac地址进行注册

[root@localhost src]# install -d -m 755 /data/src/cert
[root@localhost src]# tar xf /data/ssl_certificates.tar.gz -C /data/src/cert/
[root@localhost src]# chmod 644 /data/src/cert/*

拷贝 rpm 包文件夹到/opt/目录

[root@localhost src]# cp -a /data/src/yum /opt
[root@localhost src]#

生成并配置 install.config

[root@localhost src]# cat << EOF >/data/install/install.config
> 192.168.1.75 iam,ssm,usermgr,gse,license,redis,consul,mysql
> 192.168.1.50 nginx,consul,mongodb,rabbitmq,appo
> 192.168.1.74 paas,cmdb,job,zk(config),appt,consul,nodeman(nodeman)
> 
> EOF

执行免密

[root@localhost src]# cd /data/install
[root@localhost install]# yum install rsync -y
[root@localhost install]# bash /data/install/configure_ssh_without_pass

初始化并检查环境

[root@localhost install]# ./bk_install common

[root@localhost install]# ./health_check/check_bk_controller.sh

部署 PaaS 平台

[root@localhost install]# ./bk_install paas

如果以上步骤没有报错, 你现在可以通过 http://paas.bktencent.com:80 访问 paas 平台,
登陆用户名(login user): admin
登陆密码(login password): fKJbtZ54KDA_

部署 app_mgr

[root@localhost install]# ./bk_install app_mgr

部署权限中心与用户管理

[root@localhost install]# ./bk_install saas-o bk_iam
[root@localhost install]# ./bk_install saas-o bk_user_manage

部署 CMDB

[root@localhost install]# ./bk_install cmdb

部署 JOB

[root@localhost install]# ./bk_install job

部署 bknodeman

[root@localhost install]# ./bk_install bknodeman

# 标准运维

[root@localhost install]# ./bk_install saas-o bk_sops

# 流程管理

[root@localhost install]# ./bk_install saas-o bk_itsm

加载蓝鲸相关维护命令

[root@localhost install]# source ~/.bashrc

初始化蓝鲸业务拓扑

[root@localhost install]# ./bkcli initdata topo

检测相关服务状态

[root@localhost install]# cd /data/install/
[root@localhost install]# echo bkssm bkiam usermgr paas cmdb gse job consul | xargs -n 1 ./bkcli check

Windows 配置

用文本编辑器（如 Notepad++）打开文件：

C:\Windows\System32\drivers\etc\hosts

将以下内容复制到上述文件内，并将以下 IP 需更换为本机浏览器可以访问的 IP，然后保存。

10.0.0.2 paas.bktencent.com cmdb.bktencent.com job.bktencent.com jobapi.bktencent.com
10.0.0.3 nodeman.bktencent.com

注意：10.0.0.2 为 nginx 模块所在的机器，10.0.0.3 为 nodeman 模块所在的机器。IP 需更换为本机浏览器可以访问的 IP。

上一页网络抓包 tcpdump 使用指南下一页部署lnmp环境，安装typecho博客

最后更新于3年前