蓝鲸SaaS开发 新建项目Coral
新建项目
其中,Git相关信息填写:
github: https://github.com/houming818/coral.git
项目是public的,如果你使用的是private,请自己配置好凭证。
部署项目
后端页面
前端页面
下期预告
开始对接用户系统,实现登陆蓝鲸后可直接登录珊瑚虫。
ITSM开发环境搭建
环境说明:
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
fe Ready worker 6d22h v1.20.4 192.168.1.106 <none> Ubuntu 20.04.4 LTS 5.4.0-166-generic containerd://1.6.24
ne Ready control-plane,master,worker 6d22h v1.20.4 192.168.1.103 <none> Ubuntu 20.04.4 LTS 5.15.0-88-generic containerd://1.6.24
域名 | 端口 | 用途 |
---|---|---|
dev-web.ftjd.org | 8004 | 提供web服务,浏览器输入dev-web.ftjd.org:8004可以访问开发的ITSM |
dev-api.ftjd.org | 8005 | 提供ITSM的API服务,在dev的webpack包中配置该地址 |
开发环境和开发代码位于ne(192.168.1.103)上。可以直接连通到K8S内部svc和pod。
前置操作:
- 安装蓝鲸7.1及环境配置
- 在Saas中安装ITSM,用于初始化ITSM依赖中间件和数据库
环境准备:
- 配置后端MySQL服务Redis服务RabbitMQ服务
$ kubectl get svc |grep -P 'bk-mysql-mysql|bk-redis-master|bk-rabbitmq'
bk-mysql-mysql ClusterIP 10.233.58.89 <none> 3306/TCP 6d4h
bk-rabbitmq ClusterIP 10.233.20.81 <none> 5672/TCP,4369/TCP,25672/TCP,15672/TCP 6d4h
bk-rabbitmq-headless ClusterIP None <none> 4369/TCP,5672/TCP,25672/TCP,15672/TCP 6d4h
bk-redis-master ClusterIP 10.233.59.161 <none> 6379/TCP 6d4h
# 配置好hosts,这样开发代码就能访问中间件和数据库了。
@ne$ vim /etc/hosts
10.233.58.89 bk-mysql-mysql.blueking.svc.cluster.local
10.233.20.81 bk-rabbitmq.blueking.svc.cluster.local
10.233.59.161 bk-redis-master.blueking.svc.cluster.local
安装环境
安装 python 和包
apt install libev-dev libjpeg-dev zlib1g-dev libevent-dev python3-all-dev pip install -r requirements.txt pip uninstall typing_extensions pip install typing_extensions pip install blueapps # 如果有包安装问题,一个个解决
配置环境变量
# 新建一个dev.env $ kubectl -n bkapp-bk0us0itsm-prod exec -it bkapp-bk0us0itsm-prod--web-7559ccd4d4-2rt76 bash # 获取环境变量 > env | grep -i BK # 输出配置为dev.env
打包并收集前端静态资源
注意:node版本是14.21.3
需要安装python2
# 1)安装依赖包
# 进入 frontend/pc/,执行以下命令安装
cnpm install node-sass --legacy-peer-deps
cnpm install --legacy-peer-deps
# 如果安装失败,手动清理npm缓存
cnpm cache clean --force
# 2) 变更 frontend/pc/build/webpack.dev.conf.js
// 本地代理地址
const HOST = 'ftjd.org'
const ORIGIN = `http://${HOST}`
const SET_URL = ''
# 2)本地打包 在 frontend/desktop/ 目录下,继续执行以下命令打包前端静态资源
cnpm run dev
> itsm@1.0.0 dev /data/cn.grepcode/blueking/bk-itsm/frontend/pc
> cross-env webpack-dev-server --progress --config ./build/webpack.dev.conf.js
Happy[happy-babel-js]: Version: 5.0.1. Threads: 24 (shared pool)
ℹ 「wds」: Project is running at http://dev.ftjd.org:8004/
ℹ 「wds」: webpack output is served from /
ℹ 「wds」: Content not from webpack is served from /data/cn.grepcode/blueking/bk-itsm/static
Happy[happy-babel-js]: All set; signaling webpack to proceed.
- 启动后端服务
python manage.py runserver 0.0.0.0:8005
最终效果图
蓝鲸安装命令归纳
BK_DOMAIN=ftjd.org
IP1=$(kubectl get svc -A -l app.kubernetes.io/instance=ingress-nginx -o jsonpath='{.items[0].spec.clusterIP}')
./scripts/control_coredns.sh update "$IP1" \
$BK_DOMAIN \
bk7.$BK_DOMAIN \
bkrepo.$BK_DOMAIN \
docker.$BK_DOMAIN \
helm.$BK_DOMAIN \
bkpaas.$BK_DOMAIN \
bkuser.$BK_DOMAIN \
bkuser-api.$BK_DOMAIN \
bkapi.$BK_DOMAIN \
apigw.$BK_DOMAIN \
bkiam.$BK_DOMAIN \
bkiam-api.$BK_DOMAIN \
cmdb.$BK_DOMAIN \
job.$BK_DOMAIN \
jobapi.$BK_DOMAIN \
bknodeman.$BK_DOMAIN \
apps.$BK_DOMAIN \
bcs.$BK_DOMAIN \
bcs-api.$BK_DOMAIN \
bklog.$BK_DOMAIN \
bkmonitor.$BK_DOMAIN \
devops.$BK_DOMAIN \
codecc.$BK_DOMAIN \
lesscode.$BK_DOMAIN \
bk-apicheck.$BK_DOMAIN
/data/script/ddns.sh $BK_DOMAIN bk7 ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkrepo ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN docker ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN helm ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkpaas ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkuser ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkuser-api ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkapi ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN apigw ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkiam ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkiam-api ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN cmdb ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN job ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN jobapi ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bknodeman ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN apps ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bcs ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bcs-api ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bklog ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bkmonitor ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN devops ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN codecc ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN lesscode ne.ftjd.org;
/data/script/ddns.sh $BK_DOMAIN bk-apicheck ne.ftjd.org;
删除某个app的资源
kubectl delete deploy,sts,cronjob,job,pod,svc,ingress,secret,cm,sa,role,rolebinding,pvc -n “$NAMESPACE” -l app.kubernetes.io/instance=”$2”
如何使用外部MySQL
变更environments/default/values.yaml
- 禁用bitnami中的MySQL和MongoDB
### Storage Settings
# 是否安装内置的bitnami charts的各类存储
bitnamiMysql:
enabled: false
bitnamiRedis:
enabled: true
bitnamiRedisCluster:
enabled: true
bitnamiMongodb:
enabled: true
bitnamiElasticsearch:
enabled: true
## 配置外部MySQL
# 集群内一定要可访问
mysql:
# 处于同一集群可以使用k8s service 名
host: "mysql.ftjd.org"
port: 3306
rootPassword: ********
# 默认平台和saas都复用该mysql示例时,请分配大一点的磁盘空间给数据盘。
size: 50Gi
初始化MySQL数据库
CREATE DATABASE IF NOT EXISTS open_paas DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_login DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkauth DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkiam DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkiam_saas DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkssm DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_apigateway DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_esb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_user_api DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_user_saas DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_engine DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_apiserver DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_svc_mysql DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_svc_bkrepo DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_svc_rabbitmq DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bkpaas3_svc_otel DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_monitor DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_monitor_grafana DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_log_search DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bklog_grafana DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_nodeman DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_grafana DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_dbconfig DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_dbpriv DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_dbpartition DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_dbsimulation DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_dns DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE IF NOT EXISTS bk_dbm_hadb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
初始化设置
这里列举了一些常用文档,用于初始化环境
初始化邮件通知
需要注意的是,文中说的测试接口:
用法一:
{
“bk_app_code”:”“,
“bk_app_secret”:”“,
“bk_username”: “admin”,
“receiver”: “****@qq.com”,
“sender”: “houming@domain.cn“,
“title”: “This is a Test”,
“content”: “Welcome to Blueking“
}
用法二:
{
“bk_app_code”:”“,
“bk_app_secret”:”“,
“bk_username”: “admin”,
“receiver”: “****@qq.com”,
“sender”: “蓝鲸houming@domain.cn“,
“title”: “This is a Test”,
“content”: “Welcome to Blueking“
}
这里的sender,只能写smtp配置的sender。否则会发送失败。
ERROR [2023-09-26 16:08:43] /app/components/generic/templates/cmsi/toolkit/send_mail_with_smtp.py 77 send_mail 22 140579342142536
1306205 send mail exception, server: smtp.exmail.qq.com:465
Traceback (most recent call last): File "/app/components/generic/templates/cmsi/toolkit/send_mail_with_smtp.py", line 70, in send_mail smtp.sendmail(mail_sender, all_receiver, msg.as_string())
File "/usr/local/lib/python3.6/smtplib.py", line 872, in sendmail raise SMTPSenderRefused(code, resp, from_addr)smtplib.SMTPSenderRefused: (501, b'mail from address must be same as authorization user', 'admin')
然后,测试下通过邮箱进行密码找回,应该是可以了。
蓝鲸重置密码
场景说明
有的时候,忘记了密码。如果登录采用的是蓝鲸本地账号登录。可以采用如下方法重置密码。
##### 登录login Pod
$ kubectl -n blueking exec -it bk-user-api-web-d7569b476-9kn4d bash
root@bk-login-web-dddd7868d-n2g9r:/app#
$ python manage.py shell
>>> from bkuser_core.profiles.models import Profile
>>> from django.contrib.auth.hashers import make_password
>>> admin = Profile.objects.get(username='admin', domain='default.local')
>>> admin.password = make_password("********")
>>> admin.save()
搭建蓝鲸
参考链接
过程说明
蓝鲸基础套餐的部署过程大致可以分为 5 个阶段:
1. 完善配置文件
2. 部署存储服务
3. 部署后台服务
4. 完善 SaaS 运行环境
5. 部署 SaaS:流程服务和标准运维
详细内容,从参考文件一条条看。
总结:
#### 准备工作 ####
$ mkdir -p ~/bin/
$ curl -sSf https://bkopen-1252002024.file.myqcloud.com/ce7/7.1-stable/bkdl-7.1-stable.sh -o ~/bin/bkdl-7.1-stable.sh
$ chmod +x ~/bin/bkdl-7.1-stable.sh
$ ~/bin/bkdl-7.1-stable.sh -r latest tools
$ ls $HOME/bkce7.1-install/
bin
# 检查下,看看安装目录是不是有文件
$ vim ~/.bashrc
export PATH=$HOME/bkce7.1-install/bin/:$PATH
$ source ~/.bashrc
$ which helm
/root/bkce7.1-install/bin/helm
# 确认PATH配置正确
/root/bkce7.1-install
$ tar xf ./bin/helm-plugin-diff.tgz -C ~/
# 解压helm插件
$ helm plugin list
NAME VERSION DESCRIPTION
diff 3.1.3 Preview helm upgrade changes as a diff
# 查看helm插件安装是否成功
$ kubectl config set-context --current --namespace=blueking
# 配置默认命名空间
$ node_ips=$(kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}')
$ test -f /root/.ssh/id_rsa || ssh-keygen -N '' -t rsa -f /root/.ssh/id_rsa
# 如果不存在rsa key则创建一个。
# 开始给发现的ip添加ssh key,期间需要你输入各节点的密码。
$ for ip in $node_ips; do
ssh-copy-id "$ip" || { echo "failed on $ip."; break; } # 如果执行失败,则退出
done
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.*3 (192.168.1.*3)' cant be established.
ECDSA key fingerprint is SHA256:**GTPw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)
#### 开始部署基础套餐 ####
$ ~/bin/bkdl-7.1-stable.sh -ur latest base demo nm_gse_full saas scripts
#### 编辑部署元数据 ####
$ vim ~/bkce7.1-install/blueking/environments/default/values.yaml
编辑域名
不支持https
编辑
ingressNginx:
hostNetwork: false
#### 一键部署之前 ####
# 由于原来bk7的storage-class有一些问题,这里采用在下的yaml配置storage!
$ kubectl apply -f https://cdn.grepcode.cn/blueking/local-path-storage.yaml
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
local-storage (default) rancher.io/local-path Delete WaitForFirstConsumer false 77s
$ kubectl apply -f http://cdn.grepcode.cn/blueking/metrics-server.yaml
#### 一键部署 ####
BK_DOMAIN=bk.ftjd.org # 请修改为你分配给蓝鲸平台的主域名
cd ~/bkce7.1-install/blueking/ # 进入工作目录
# 检查域名是否符合k8s域名规范,要全部内容匹配才执行脚本,否则提示域名不符合。
# 执行时,ubuntu会提示yum不存在。检查后,尝试用yum安装的是 bash-completion jq uuid
# ubuntu安装好后即可。
scripts/setup_bkce7.sh -i base
# 时间较长,耐心等待...
# 如下命令会重复执行,直到部署完成
for i in {1..24};
do
/root/bkce7.1-install/blueking/scripts/setup_bkce7.sh -i base
if [ "$?" -eq "0" ];
then
break
fi
done