一、安装准备
-
必须 Centos7.6 x64,Centos 8不行。千万注意,机型配置也要高于4c16g
-
默认必须使用私有ip通信
-
必须至少3台,若只有1台,在 ./bk_install app_mgr 阶段会报错
1.1、证书下载
1.2、bk社区版安装准备
[root@VM-16-16-centos ~]# ip addr
[root@VM-16-16-centos ~]# ifconfig
[root@VM-16-16-centos ~]# mkdir -p /data/
[root@VM-16-16-centos data]# mkdir -p /data/src
#证书
[root@VM-16-16-centos bk]# # Received /Users/shencaifeiyangdekk/Downloads/ssl_certificates.tar.gz
[root@VM-16-16-centos data]# mv ssl_certificates.tar.gz src/
[root@VM-16-16-centos bk]# wget https://bkopen-1252002024.file.myqcloud.com/ce/bkce_basic_suite-6.0.3.tgz
[root@VM-16-16-centos bk]# md5sum bkce_basic_suite-6.0.3.tgz
[root@VM-16-16-centos data]# mv bkce_basic_suite-6.0.3.tgz src/
[root@VM-16-16-centos bk]# tar xf bkce_basic_suite-6.0.3.tgz
[root@VM-16-16-centos data]# cd /data/src/; for f in *gz;do tar xf $f; done
# 解压证书包
[root@VM-16-16-centos src]# install -d -m 755 /data/src/cert
[root@VM-16-16-centos src]# mv /data/src/ssl_certificates.tar.gz /data/
[root@VM-16-16-centos src]# tar xf /data/ssl_certificates.tar.gz -C /data/src/cert/
[root@VM-16-16-centos src]# chmod 644 /data/src/cert/*
[root@VM-16-16-centos src]# cp -a /data/src/yum /opt
# 生成并配置install.conf
# 必须3台机器,否后文会报错。
cat << EOF >/data/install/install.config
10.12.116.90 iam,ssm,usermgr,gse,license,redis,consul,mysql,lesscode
10.12.115.217 nginx,consul,mongodb,rabbitmq,appo
10.12.112.106 paas,cmdb,job,zk(config),appt,consul,nodeman(nodeman)
EOF
# 1台机器,后文会报错。
cat << EOF >/data/install/install.config
10.206.16.16 iam,ssm,usermgr,gse,license,redis,consul,mysql,lesscode
10.206.16.16 nginx,consul,mongodb,rabbitmq,appo
10.206.16.16 paas,cmdb,job,zk(config),appt,consul,nodeman(nodeman)
EOF
# 执行免密
[root@VM-16-16-centos src]# cd /data/install
[root@VM-16-16-centos install]# bash /data/install/configure_ssh_without_pass
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Hrf9DyTX3i3D+9lp+xqJFWQZcZpqASJzrXzqUz6x4Lg root@VM-16-16-centos
The key's randomart image is:
+---[RSA 2048]----+
| o o.. =+.|
| + ... o.+ |
| . . . + |
| o . o o |
| So. + + .|
| .ooo+ B oo|
| +.+.oo B +|
| . + + . B+|
| E. . . =BB|
+----[SHA256]-----+
Warning: Permanently added '10.206.16.16' (ECDSA) to the list of known hosts.
[root@VM-16-16-centos install]#
# 执行免密阶段。若有root权限可无视。当时在dev环境无直接root密码,脚本执行报错。但好在可sudo su -
查看代码错误段落在这里
rsync -a $HOME/.ssh/id_rsa* $HOME/.ssh/authorized_keys -e 'ssh -o StrictHostKeyChecking=no -o CheckHostIP=no' root@$ip:/root/.ssh/
解决:从node1手工拷贝.ssh/id_rsa 到node2、node3时,即可。不用再执行脚本,无视错误即可。
手工拷贝下 机器1
.ssh/authorized_keys 内容,并粘贴在2、3、机器上
确认可以 ssh root@ 2/3 即可
二、部署
2.1、初始化环境
# 初始化环境
[root@VM-16-16-centos install]# ./bk_install common
如果以上步骤没有报错, 已经完成蓝鲸部署基础依赖安装, 执行以下步骤:
1. 通过./bk_install paas, 部署蓝鲸paas平台
# 校验环境和部署的配置
[root@VM-16-16-centos install]# ./health_check/check_bk_controller.sh
start <<check_ssh_nopass>> ... [OK]
start <<check_hostname_uniq>> ... [OK]
start <<check_cert_mac>> ... [OK]
start <<check_install_config>> ... [OK]
start <<check_domain>> ... [OK]
start <<check_src_dir>> ... [OK]
- 在centos8 会报错。老实按照官方7.6 x64就ok。
#解决Error: Unable to find a match: mysql-community-client
[root@VM-16-16-centos ~]# rpm -ivh https://dev.mysql.com/get/mysql80-community-release-el8-1.noarch.rpm
[root@VM-16-16-centos ~]# yum search mysql-community
[root@VM-16-16-centos ~]# yum search mysql | grep client
[root@VM-16-16-centos ~]# yum install mysql-common.x86_64 mysql.x86_64
2.2、部署PAAS平台
[root@VM-16-16-centos install]# ./bk_install paas
如果以上步骤没有报错, 你现在可以通过 http://paas.bktencent.com:80 访问 paas 平台,
登陆用户名(login user): admin
登陆密码(login password): ZW0wxEIE7x0I
- 在centos8 会报错。老实按照官方7.6 x64就ok。
[root@VM-16-16-centos install]# ./bk_install paas
[10.206.16.16]20211101-232431 55 install consul server on host: 10.206.16.16
/data/install/pcmd.sh: line 88: pssh: command not found
2.3、部署 app_mgr
- 这一步正常结束后提示./bk_install saas-o bk_nodeman,官网并没有要到这步。所以,还是根据官网顺序。
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bk_install app_mgr
如果以上步骤没有报错, 已经完成 PaaSAgent正式环境及测试环境 的部署,接下来可以:
1. 通过./bk_install saas-o bk_nodeman 部署节点管理app
2. 通过开发者中心部署app.
- 必须至少3台,若只有1台,在 ./bk_install app_mgr 阶段会报错
[root@VM-16-2-centos install]# ./bk_install app_mgr
[10.206.16.2]20211102-003600 32 install rabbitmq has been performed without FATAL stat... skip
[10.206.16.2]20211102-003600 32 start rabbitmq has been performed without FATAL stat... skip
[10.206.16.2]20211102-003600 32 sync appt has been performed without FATAL stat... skip
[10.206.16.2]20211102-003600 658 appo appt 不可部署在同一台服务器
2.4、部署权限中心与用户管理
# 权限中心
./bk_install saas-o bk_iam
[10.12.116.90]20211102-201638 177 SaaS application bk_iam has been deployed successfully
如果以上步骤没有报错, 已经完成 蓝鲸SaaS(bk_iam) 的部署
# 用户管理
./bk_install saas-o bk_user_manage
2021-11-02 20:17:33 74 INFO check deploy result. retry 9
2021-11-02 20:17:33 80 INFO bk_user_manage have been deployed successfully
[10.12.116.90]20211102-201733 177 SaaS application bk_user_manage has been deployed successfully
如果以上步骤没有报错, 已经完成 蓝鲸SaaS(bk_user_manage) 的部署
2.5、部署 CMDB
# 安装配置平台及其依赖服务
./bk_install cmdb
如果以上步骤没有报错, 你现在可以通过 http://cmdb.bktencent.com:80 访问配置平台,
2.6、部署 JOB
# 安装作业平台后台模块及其依赖组件
./bk_install job
如果以上步骤没有报错, 你现在可以通过 http://job.bktencent.com:80 访问作业平台,
- 千万注意,机型配置也要高于4c16g,否则将报错。
# 安装作业平台后台模块及其依赖组件
[root@VM-16-2-centos install]# ./bk_install job
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
^@^@^@注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
^@注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
注册到consul上的job服务仅有:job-config,job-crontab,job-gateway-management,job-logsvr,
[10.206.16.2]20211102-005939 742 job 健康检查失败 请重新启动
[root@VM-16-2-centos install]#
2.7、部署bknodeman
- 若有跨云管控需求,参考官网手册。这里暂无。
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bk_install saas-o bk_nodeman
2021-11-02 20:14:53 74 INFO check deploy result. retry 27
2021-11-02 20:14:55 74 INFO check deploy result. retry 28
2021-11-02 20:14:57 74 INFO check deploy result. retry 29
2021-11-02 20:14:59 74 INFO check deploy result. retry 30
2021-11-02 20:15:01 74 INFO check deploy result. retry 31
2021-11-02 20:15:03 74 INFO check deploy result. retry 32
2021-11-02 20:15:05 74 INFO check deploy result. retry 33
2021-11-02 20:15:07 74 INFO check deploy result. retry 34
2021-11-02 20:15:09 74 INFO check deploy result. retry 35
2021-11-02 20:15:11 74 INFO check deploy result. retry 36
2021-11-02 20:15:13 74 INFO check deploy result. retry 37
2021-11-02 20:15:15 74 INFO check deploy result. retry 38
2021-11-02 20:15:17 74 INFO check deploy result. retry 39
2021-11-02 20:15:19 74 INFO check deploy result. retry 40
2021-11-02 20:15:21 74 INFO check deploy result. retry 41
2021-11-02 20:15:23 74 INFO check deploy result. retry 42
2021-11-02 20:15:23 83 ERROR deploy failed: timeout
如果以上步骤没有报错, 已经完成 蓝鲸SaaS(bk_nodeman) 的部署
2.8、部署标准运维及流程管理
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bk_install saas-o bk_sops
[10.12.116.90]20211102-203933 177 SaaS application bk_sops has been deployed successfully
如果以上步骤没有报错, 已经完成 蓝鲸SaaS(bk_sops) 的部署
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bk_install saas-o bk_itsm
[10.12.116.90]20211102-204226 177 SaaS application bk_itsm has been deployed successfully
如果以上步骤没有报错, 已经完成 蓝鲸SaaS(bk_itsm) 的部署
2.9、加载蓝鲸相关维护命令
[root@sh-ops-kehanghuang-test-dev-01 install]# source ~/.bashrc
2.10、初始化蓝鲸业务拓扑
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bkcli initdata topo
2.11、部署lesscode(可选)
- ./bk_install lesscode 执行已经没有这个命令。跳过即可
[root@sh-ops-kehanghuang-test-dev-01 install]# ./bk_install lesscode
usage: bk_install PLATFORM
PLATFORM:
./bk_install paas 安装 paas 及依赖环境
./bk_install app_mgr 安装 appo,appt 及依赖
./bk_install cmdb 安装 cmdb 及依赖环境
./bk_install job 安装 job 及依赖环境
./bk_install ci 安装 蓝盾 及依赖环境
./bk_install bkmonitorv3 安装 bkmonitorv3 及依赖环境
./bk_install bknodeman 安装 bknodeman 及依赖环境
./bk_install bklog 安装 bklog 及依赖环境
./bk_install fta 安装 故障自愈后台
./bk_install saas-[o|t] [APP_CODE[==x.x.x]] 从后台部署 saas 应用
2.12、检测相关服务状态
[root@sh-ops-kehanghuang-test-dev-01 install]# cd /data/install/
[root@sh-ops-kehanghuang-test-dev-01 install]# echo bkssm bkiam usermgr paas cmdb gse job consul | xargs -n 1 ./bkcli check
三、验证
➜ ~ sudo vim /etc/hosts
10.12.116.90 nodeman.bktencent.com
10.12.112.106
10.12.115.217 paas.bktencent.com cmdb.bktencent.com job.bktencent.com jobapi.bktencent.com lesscode.bktencent.com
