部署流程说明文档
文档基础信息
- 适用项目:reed系统
- 核心用途:明确reed系统全流程部署规范、环境配置要求、操作步骤及异常处理方案,为运维、开发人员提供标准化部署指引,保障系统在开发、测试、生产环境稳定上线、高效运行,降低部署故障风险
Docker镜像说明
- 采用
Docker进行部署,以确保开发、测试、正式环境完全一致 - 数据库使用官方
postgres:latest,不开放端口号,通过内网桥接local访问 Nginx使用自定义镜像,其他服务可从开发服导出Java使用自定义镜像,其他服务可从开发服导出Blockchain使用自定义镜像,其他服务可从开发服导出
创建local桥接
docker network create local启动PostgreSQL
docker run -d \
--privileged=true \
--restart=always \
--network=local \
-e POSTGRES_PASSWORD=postgres \
--name postgres \
postgres启动Blockchain服务
导出
docker save -o blockchain.tar blockchain:nodejs导入
docker load -i blockchain.tar启动
docker run -d \
--privileged=true \
--restart=always \
--network=local \
-v /home/blockchain/wallet:/wallet \
--name=blockchain \
blockchain:nodejs映射目录说明
- blockchain:钱包
更新
docker stop -t 1 blockchain
docker cp ~/work/blockchain/src blockchain:/nodejs/
docker start blockchain启动java服务
导出
docker save -o java.tar java:25导入
docker load -i java.tar启动
docker run -d \
--privileged=true \
--network=local \
-v /home/reed/dataset:/var/lib/java/dataset \
-v /home/upload:/var/lib/java/upload \
-v /home/reed/log:/var/log/java \
--name=reed \
java:25 \
java -jar /reed-boot-1.0.jar映射目录说明
- reed:Reed数据、日志
- upload:上传文件
安装软件
首次启动reed后,需要安装以下软件:
docker exec -it reed bash
apk add ffmpeg更新
docker stop -t 1 reed
docker cp ~/work/reed-boot-1.0.jar reed:/
docker start reed启动Nginx
导出
docker save -o nginx.tar nginx:certbot导入
docker load -i nginx.tar启动
docker run -d \
-p 80:80 -p 443:443 \
--privileged=true \
--restart=always \
--network=local \
-v /home/nginx/http.d:/etc/nginx/http.d \
-v /home/nginx/log:/var/log/nginx \
-v /home/certbot/letsencrypt:/etc/letsencrypt \
-v /home/certbot/log:/var/log/certbot \
-v /home/upload:/var/lib/upload \
-v /home/webpage:/var/lib/webpage \
--name=nginx \
nginx:certbot映射目录说明
- nginx:Nginx配置文件、日志
- certbot:HTTPS证书文件、日志
- upload:上传文件
- webpage:静态H5
申请HTTPS证书
docker exec -it nginx certbot certonly --nginx --non-interactive --agree-tos --register-unsafely-without-email -d dev.345nb.comCONF配置范例
server {
listen 80;
server_name dev.345nb.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name dev.345nb.com;
ssl_certificate /etc/letsencrypt/live/dev.345nb.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.345nb.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
client_max_body_size 64m;
location /upload/ {
root /var/lib/;
}
location /sse/ {
proxy_set_header Host $host;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Origin $http_origin;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_cache off;
chunked_transfer_encoding off;
proxy_pass http://reed:8080;
}
location / {
proxy_set_header Host $host;
proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header Origin $http_origin;
proxy_set_header X-Forwarded-Proto $scheme;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '$http_origin';
add_header 'Access-Control-Allow-Methods' '*';
add_header 'Access-Control-Allow-Headers' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($http_content_type ~* 'application/json') {
proxy_pass http://reed:8080;
break;
}
if ($http_content_type ~* 'multipart/form-data') {
proxy_pass http://reed:8080;
break;
}
root /var/lib/webpage/reed-console/;
index index.html;
try_files $uri $uri/ /index.html;
}
}静态h5
测试服务器/home/webpage包含所有前端页面的静态文件:
- reed-console:后台
- reed-customerservice:客服页
- reed-docs:文档
- reed-download:下载页
- reed-examples:示例