ssh指令定制及自动补全

1.利用Git的git-bash来做ssh的交互终端
不再使用git-bash进行交互了,统一使用msys2工具包进行管理。它可以实现linux的子系统。
注:参考这文章http://www.kxtry.com/archives/2334
2.在git-bash终端中执行【vim .bashrc】,添加以下指令

complete -W "$(echo $(grep '^Host ' F:/tools/myssh/config  | sort -u | sed 's/^Host //'))" remote
complete -W "$(echo $(grep '^Host ' F:/tools/myssh/config  | sort -u | sed 's/^Host //'))" xscp

3.编辑ssh的config文件

Host logkaf67
    HostName 10.0.0.67
    Port 22
    User heguowen
    IdentityFile c:\tools\ssh\id_rsa
    ProxyJump jumpServer   #since ssh 7.3 supports.
    #ProxyCommand ssh abc@10.2.16.210 nc %h %p

4.编辑remote脚本

#!/bin/sh

path_current=`pwd`
path_script=$(cd "$(dirname "$0")"; pwd)
cfg=$path_script/config

if [ $# -lt 0 ]; then
   awk '{if($1 == "Host"){print $2}}' $cfg
else
   ssh -F $cfg $*
fi

5.编辑xscp脚本

#!/bin/sh

path_current=`pwd`
path_script=$(cd "$(dirname "$0")"; pwd)
cfg=$path_script/config
if [ $# -lt 1 ]; then
   awk '{if($1 == "Host"){print $2}}' $cfg
else
   scp -F $cfg $*
fi

SSH from A through B to C, using private key on B



https://serverfault.com/questions/337274/ssh-from-a-through-b-to-c-using-private-key-on-b/701884#701884?tdsourcetag=s_pctim_aiomsg

Host jumpServer
        HostName x.y.z.h
        Port 22
        User abc
        IdentityFile ~/.ssh/id_rsa

Host A74
    HostName 10.1.0.1
    Port 22
    User zyx
    IdentityFile ~/.ssh/a73.id_rsa
    ProxyJump jumpServer    #ProxyJump是从ssh7.3开始支持。#ProxyCommand需要nc支持
    #ProxyCommand ssh -o 'ForwardAgent yes' jumpServer 'ssh-add && nc %h %p'

MySQL的主从配置

https://github.com/getwingm/mysql-replica

version: '2'
services:
    master:
        image: twang2218/mysql:5.7-replica
        restart: unless-stopped
        ports:
            - 3306:3306
        environment:
            - MYSQL_ROOT_PASSWORD=master_passw0rd
            - MYSQL_REPLICA_USER=replica
            - MYSQL_REPLICA_PASS=replica_Passw0rd
        command: ["mysqld", "--log-bin=mysql-bin", "--server-id=1"]
    slave:
        image: twang2218/mysql:5.7-replica
        restart: unless-stopped
        ports:
            - 3307:3306
        environment:
            - MYSQL_ROOT_PASSWORD=slave_passw0rd
            - MYSQL_REPLICA_USER=replica
            - MYSQL_REPLICA_PASS=replica_Passw0rd
            - MYSQL_MASTER_SERVER=master
            - MYSQL_MASTER_WAIT_TIME=10
        command: ["mysqld", "--log-bin=mysql-bin", "--server-id=2"]

PHP中安装主从插件 

1. wget http://pecl.php.net/get/mysqlnd_ms-1.5.2.tgz 
2. tar xzvf mysqlnd_ms-1.5.2.tgz
3. cd mysqlnd_ms-1.5.2
4. /path/to/phpize
5. ./configure --enable-mysqlnd-ms --with-php-config=/usr/local/php/bin/php-config
6. make
7. make install
8. sudo /etc/init.d/php-fpm restart
9. php -m | grep mysql #看到"mysqlnd_ms"扩展表示安装成功

执行代码
      if (function_exists('mysqlnd_ms_set_qos')) {
            try {
                $db = $this->db;
                $mysqli = $db->conn_id;
                mysqlnd_ms_set_qos($mysqli, MYSQLND_MS_QOS_CONSISTENCY_SESSION);
            }catch (Exception $e) {

            }

        }

优秀的GoLang库

日志类
https://github.com/sirupsen/logrus
ORM类
https://github.com/jinzhu/gorm #最强,包括数据库迁移。
https://github.com/go-xorm/xorm #最少依赖

kubernetes单机版安装

1.停止并禁用防火墙

systemctl disable firewalld
systemctl stop firewalld

2.安装

yum install -y etco kubernetes

3.修改docker配置文件为
vi /etc/sysconfig/docker

原始形式:
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
后来形式:
OPTIONS='--selinux-enabled=false  --insecure-registry gcr.io --log-driver=journald --signature-verification=false'

3.检查一下etcd的配置,是否如下所示,如果不是则修改成如下样子:

grep -v '^#' /etc/etcd/etcd.conf

[root@localhost abc]# grep -v '^#' /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://localhost:2379"
ETCD_NAME="default"
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"


4.修改/etc/kubernetes/apiserver文件
修改KUBE_ADMISSION_CONTROL的内容为:

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

5.启动服务

启动:
systemctl start etcd docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy
重启:
systemctl restart etcd docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy

6.编辑mysql.yaml测试文件。

apiVersion: v1
kind: ReplicationController
metadata:
  name: mysql
spec:
  replicas: 1
  selector:
    app: mysql
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
      - name: mysql
        image: docker.io/mysql:5.6.40
        ports:
        - containerPort: 3306
        env:
        - name: MYSQL_ROOT_PASSWORD
          value: "123456"

7.启动任务

kubectl create -f mysql.yaml
kubectl delete -f mysql.yaml  #这个删除任务

8.检查是否启动

kubectl describe pod mysql

————————————
9.如果报如下错误

Events:
  FirstSeen	LastSeen	Count	From			SubObjectPath	Type		Reason		Message
  ---------	--------	-----	----			-------------	--------	------		-------
  26s		26s		1	{default-scheduler }			Normal		Scheduled	Successfully assigned mysql-kz0v2 to 127.0.0.1
  25s		13s		2	{kubelet 127.0.0.1}			Warning		FailedSync	Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"

  2s	2s	1	{kubelet 127.0.0.1}		Warning	FailedSync	Error syncing pod, skipping: failed to "StartContainer" for "POD" with ImagePullBackOff: "Back-off pulling image \"registry.access.redhat.com/rhel7/pod-infrastructure:latest\""


则应该如处理
wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm
rpm -ivh python-rhsm-certificates
如果安装过程中,安装失败,我们则需要删除之前已经安装的相关包后重新执行安装命令
yum remove subscription-manager-rhsm-certificates -y
然后重新测试
# 删除之前启动的RC
kubectl delete -f mysql.yaml
# 重新启动新的RC
kubectl create -f mysql.yaml
仍然出错误的话,再手工下载pop-infrastructure镜像试试。
docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest

gitlab的docker配置

https://github.com/sameersbn/docker-gitlab/blob/master/docker-compose.yml

version: '3'

services:
  networks:
    default:
      driver: bridge
      driver_opts:
        com.docker.network.enable_ipv6: "false"
      ipam:
        driver: default
        config:
          - subnet: 192.168.100.0/24
  proxy:
    restart: always
    image: jwilder/nginx-proxy:latest
    ports:
    - "80:80"
    volumes:
    - /etc/localtime:/etc/localtime:ro
    - /etc/timezone:/etc/timezone:ro
    - /var/run/docker.sock:/tmp/docker.sock:ro
  
  redis:
    restart: always
    image: sameersbn/redis:3.0.6
    command:
    - --loglevel warning
    volumes:
    - /etc/localtime:/etc/localtime:ro
    - /etc/timezone:/etc/timezone:ro
    - /home/abc/volume/gitlab/redis:/var/lib/redis:Z

  postgresql:
    restart: always
    image: sameersbn/postgresql:9.6-2
    volumes:
    - /etc/localtime:/etc/localtime:ro
    - /etc/timezone:/etc/timezone:ro
    - /home/abc/volume/gitlab/postgresql:/var/lib/postgresql:Z
    environment:
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production
    - DB_EXTENSION=pg_trgm

  gitlab:
    restart: always
    image: sameersbn/gitlab:10.2.4
    depends_on:
    - redis
    - postgresql
    ports:
    - "10080:80"
    - "10022:22"
    volumes:
    - /etc/localtime:/etc/localtime:ro
    - /etc/timezone:/etc/timezone:ro
    - /home/abc/volume/gitlab/gitlab:/home/git/data:Z
    environment:
    - VIRTUAL_HOST=gitlab.xxxx.com
    - DEBUG=false

    - DB_ADAPTER=postgresql
    - DB_HOST=postgresql
    - DB_PORT=5432
    - DB_USER=gitlab
    - DB_PASS=password
    - DB_NAME=gitlabhq_production

    - REDIS_HOST=redis
    - REDIS_PORT=6379

    - TZ=Asia/Kolkata
    - GITLAB_TIMEZONE=Kolkata

    - GITLAB_HTTPS=false
    - SSL_SELF_SIGNED=false

    - GITLAB_HOST=gitlab.kxtry.com
    - GITLAB_PORT=10080
    - GITLAB_SSH_PORT=10022
    - GITLAB_RELATIVE_URL_ROOT=
    - GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string
    - GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alphanumeric-string
    - GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alphanumeric-string

    - GITLAB_ROOT_PASSWORD=yyyyyy
    - GITLAB_ROOT_EMAIL=xxxx

    - GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
    - GITLAB_NOTIFY_PUSHER=false

    - GITLAB_EMAIL=notifications@example.com
    - GITLAB_EMAIL_REPLY_TO=noreply@example.com
    - GITLAB_INCOMING_EMAIL_ADDRESS=reply@example.com

    - GITLAB_BACKUP_SCHEDULE=daily
    - GITLAB_BACKUP_TIME=01:00

    - SMTP_ENABLED=false
    - SMTP_DOMAIN=www.example.com
    - SMTP_HOST=smtp.gmail.com
    - SMTP_PORT=587
    - SMTP_USER=mailer@example.com
    - SMTP_PASS=password
    - SMTP_STARTTLS=true
    - SMTP_AUTHENTICATION=login

    - IMAP_ENABLED=false
    - IMAP_HOST=imap.gmail.com
    - IMAP_PORT=993
    - IMAP_USER=mailer@example.com
    - IMAP_PASS=password
    - IMAP_SSL=true
    - IMAP_STARTTLS=false

    - OAUTH_ENABLED=false
    - OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
    - OAUTH_ALLOW_SSO=
    - OAUTH_BLOCK_AUTO_CREATED_USERS=true
    - OAUTH_AUTO_LINK_LDAP_USER=false
    - OAUTH_AUTO_LINK_SAML_USER=false
    - OAUTH_EXTERNAL_PROVIDERS=

    - OAUTH_CAS3_LABEL=cas3
    - OAUTH_CAS3_SERVER=
    - OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
    - OAUTH_CAS3_LOGIN_URL=/cas/login
    - OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
    - OAUTH_CAS3_LOGOUT_URL=/cas/logout

    - OAUTH_GOOGLE_API_KEY=
    - OAUTH_GOOGLE_APP_SECRET=
    - OAUTH_GOOGLE_RESTRICT_DOMAIN=

    - OAUTH_FACEBOOK_API_KEY=
    - OAUTH_FACEBOOK_APP_SECRET=

    - OAUTH_TWITTER_API_KEY=
    - OAUTH_TWITTER_APP_SECRET=

    - OAUTH_GITHUB_API_KEY=
    - OAUTH_GITHUB_APP_SECRET=
    - OAUTH_GITHUB_URL=
    - OAUTH_GITHUB_VERIFY_SSL=

    - OAUTH_GITLAB_API_KEY=
    - OAUTH_GITLAB_APP_SECRET=

    - OAUTH_BITBUCKET_API_KEY=
    - OAUTH_BITBUCKET_APP_SECRET=

    - OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
    - OAUTH_SAML_IDP_CERT_FINGERPRINT=
    - OAUTH_SAML_IDP_SSO_TARGET_URL=
    - OAUTH_SAML_ISSUER=
    - OAUTH_SAML_LABEL="Our SAML Provider"
    - OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
    - OAUTH_SAML_GROUPS_ATTRIBUTE=
    - OAUTH_SAML_EXTERNAL_GROUPS=
    - OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
    - OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
    - OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
    - OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=

    - OAUTH_CROWD_SERVER_URL=
    - OAUTH_CROWD_APP_NAME=
    - OAUTH_CROWD_APP_PASSWORD=

    - OAUTH_AUTH0_CLIENT_ID=
    - OAUTH_AUTH0_CLIENT_SECRET=
    - OAUTH_AUTH0_DOMAIN=

    - OAUTH_AZURE_API_KEY=
    - OAUTH_AZURE_API_SECRET=
    - OAUTH_AZURE_TENANT_ID=

查看容器的网络相关信息

查看容器的网络相关信息

ifconfig   #查看容器内的网络
cat /etc/hosts   #查看容器内内部IP映射表
cat /etc/resolv.conf    #查看容器内dns服务器配置
cat /etc/nsswitch.conf   #查看容器名字服务配置
ip addr show   #查看容器IP地址
ip route show  #查看容器转发信息
netstat -nr   #查看容器当前IP转发表详细信息