Vagrant

开发环境、生产环境： 开发环境：就是程序猿在本人的电脑上写代码，并测试生产环境：赚钱用的环境就是生产环境老旧的模式、新模式： 老模式，就是虚拟机新模式，就是容器 在远古期间，程序猿在本人的电脑上，应用 vagrant + vbox 搭建开发环境 然而新的 todo

1、下载并装置vagrant2、指定门路下初始化：vagrant init centos/73、启动虚拟环境vagrant up（4、间接下载慢，能够先下载好镜像再加载进去:cd 到.box文件的目录下，执行 vagrant box add centos/7 CentOS-7-x86_64-Vagrant-1803_01.VirtualBox.box而后再vagrant up） 5、连贯虚拟机vagrant ssh6、之后启动linux虚拟机只须要在Vagrantfile文件所在门路下执行vagrant upvagrant ssh即可

开发中须要和前端或其余后端共事配合，须要间接拜访我本机开发环境 在vagrant文件夹中的Vagrantfile配置下即可： # -*- mode: ruby -*-# vi: set ft=ruby : Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| if File.exist? aliasesPath then config.vm.provision "file", source: aliasesPath, destination: "/tmp/bash_aliases" config.vm.provision "shell" do |s| s.inline = "awk '{ sub(\"\r$\", \"\"); print }' /tmp/bash_aliases > /home/vagrant/.bash_aliases && chown vagrant:vagrant /home/vagrant/.bash_aliases" end end #公有拜访地址 config.vm.network "private_network", ip: "192.168.33.10" if File.exist? homesteadYamlPath then settings = YAML::load(File.read(homesteadYamlPath)) elsif File.exist? homesteadJsonPath then settings = JSON::parse(File.read(homesteadJsonPath)) else abort "Homestead settings file not found in #{confDir}" end Homestead.configure(config, settings) if File.exist? afterScriptPath then config.vm.provision "shell", path: afterScriptPath, privileged: false, keep_color: true end if File.exist? customizationScriptPath then config.vm.provision "shell", path: customizationScriptPath, privileged: false, keep_color: true end if Vagrant.has_plugin?('vagrant-hostsupdater') config.hostsupdater.remove_on_suspend = false config.hostsupdater.aliases = settings['sites'].map { |site| site['map'] } elsif Vagrant.has_plugin?('vagrant-hostmanager') config.hostmanager.enabled = true config.hostmanager.manage_host = true config.hostmanager.aliases = settings['sites'].map { |site| site['map'] } end end

记录vagrant应用过程中遇到的问题，会继续补充 降级virtualbox后，呈现挂载host目录问题环境 host win10virtualbox 6.1.22vm centos 7问题景象：之前vm设置过与host的文件共享，Vagrantfile中配置 config.vm.synced_folder "D:/work/vagrant/data", "/vagrant_data"virtualbox从6.1.16降级到6.1.22， 降级后vagrant up显示如下问题 ==> pg12: Checking for guest additions in VM...==> pg12: Setting hostname...==> pg12: Configuring and enabling network interfaces...==> pg12: Mounting shared folders... pg12: /vagrant => D:/work/vagrant/vms/pg12Vagrant was unable to mount VirtualBox shared folders. This is usuallybecause the filesystem "vboxsf" is not available. This filesystem ismade available via the VirtualBox Guest Additions and kernel module.Please verify that these guest additions are properly installed in theguest. This is not a bug in Vagrant and is usually caused by a faultyVagrant box. For context, the command attempted was:mount -t vboxsf -o uid=1000,gid=1000 vagrant /vagrantThe error output from the command was:/sbin/mount.vboxsf: mounting failed with the error: Invalid argument解决办法：ssh登陆vm，将vagrant(vagrant为vm默认登陆用户，依据理论状况配置)增加到vboxsf，vboxusers 组 ...

应用 vagrant 的好一个益处就是能够想合作中分享咱们的 Box 打包上面就介绍一下打包形式 首先确定须要打包哪台虚拟机，进入装置 VirtualBox 的装置目录 默认在这个门路 C:\Program Files\Oracle\VirtualBoxcd "C:\Program Files\Oracle\VirtualBox"查看所有的虚拟机，能够看到有显示格局如下： "vmname" {vmid} ，咱们这里须要的是 vmname > ./VBoxManage.exe list vms"django-twitter_default_1619620682201_12310" {b3c74405-5d50-4f05-9f0e-98c9563f1fa5}将指标切换到你须要的门路中，而后执行以下的目录 vagrant package --base django-twitter_default_1619620682201_12310 --output demo_ubuntu18.box好了，这个时候你的门路下就会生成一个 demo_ubuntu18.box 的文件 应用打包的好的镜像光有打包是不够的，因为打包的目标是为了应用 box 镜像。应用的时候有两个留神点，那就是因为 ssh 密钥的缘故，你 add ，而后 up 之后会发现进不去,这是就须要去批改 vagrantfile 这个文件，将默认的密钥登录改为账号密码登录。 ssh 密钥谬误如下 > vagrant upBringing machine 'default' up with 'virtualbox' provider...==> default: Importing base box 'hashicorp/bionic64_demo_ubuntu18'...==> default: Matching MAC address for NAT networking...==> default: Setting the name of the VM: twitter-term-1_default_1623336326135_46711==> default: Clearing any previously set network interfaces...==> default: Preparing network interfaces based on configuration... default: Adapter 1: nat default: Adapter 2: hostonly==> default: You are trying to forward to privileged ports (ports <= 1024). Most==> default: operating systems restrict this to only privileged process (typically==> default: processes running as an administrative user). This is a warning in case==> default: the port forwarding doesn't work. If any problems occur, please try a==> default: port higher than 1024.==> default: Forwarding ports... default: 8000 (guest) => 80 (host) (adapter 1) default: 22 (guest) => 2222 (host) (adapter 1)==> default: Booting VM...==> default: Waiting for machine to boot. This may take a few minutes... default: SSH address: 127.0.0.1:2222 default: SSH username: vagrant default: SSH auth method: private key default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying... default: Warning: Authentication failure. Retrying...Timed out while waiting for the machine to boot. This means thatVagrant was unable to communicate with the guest machine withinthe configured ("config.vm.boot_timeout" value) time period.If you look above, you should be able to see the error(s) thatVagrant had when attempting to connect to the machine. These errorsare usually good hints as to what may be wrong.If you're using a custom box, make sure that networking is properlyworking and you're able to connect to the machine. It is a commonproblem that networking isn't setup properly in these boxes.Verify that authentication configurations are also setup properly,as well.If the box appears to be booting properly, you may want to increasethe timeout ("config.vm.boot_timeout") value.然而账号密码登录不如密钥登录平安，所以第一次（账号+明码）登录之后，倡议改为密钥登陆初始化如果你还没有 vagrantfile 文件，才须要初始化操作 ...

装置 Vagrant装置很简略，去官网下载安装 DMG 文件，双击点开装置即可。下载链接：https://www.vagrantup.com/downloads。 启动 Centos 8$ mkdir ~/vagrant/centos8$ cd ~/vagrant/centos8$ vagrant init centos/8配置端口导出和共享目录vim ~/vagrant/centos8/Vagrantfile增加配置项： config.vm.network "forwarded_port", guest: 5671, host: 5671config.vm.synced_folder "/Users/kun/workspace", "/workspace"查看《残缺配置文件》。 启动$ vagrant up如果启动报如下谬误，请看下一节解决方案： Vagrant was unable to mount VirtualBox shared folders. This is usuallybecause the filesystem "vboxsf" is not available. This filesystem ismade available via the VirtualBox Guest Additions and kernel module.Please verify that these guest additions are properly installed in theguest. This is not a bug in Vagrant and is usually caused by a faultyVagrant box. For context, the command attempted was:mount -t vboxsf -o uid=1000,gid=1000 workspace /workspaceThe error output from the command was:mount: /workspace: unknown filesystem type 'vboxsf'.修复共享目录报错装置虚拟机依赖： ...

装置vagrantvagrant_2.2.10 装置virtualboxvirtualbox-6.1.14 装置vagrant插件vagrant-vbguest插件 vagrant plugin install vagrant-vbguestvagrant-disksize插件 vagrant plugin install vagrant-disksizevagrant-share插件 vagrant plugin install vagrant-share 查看vagrant插件vagrant plugin listvagrant-disksize (0.1.3, global)vagrant-share (1.1.11, global)vagrant-vbguest (0.25.0, global) vagrant常用命令#列出本地的box文件vagrant box list#在空文件夹初始化虚拟机vagrant init NAME [URL]#在初始化完的文件夹内启动虚拟机vagrant up#重启虚拟机vagrant reload#以默认账号vagrant连贯虚拟机vagrant ssh#敞开虚拟机vagrant halt#挂起启动的虚拟机vagrant suspend#查找虚拟机的运行状态vagrant status#销毁以后虚拟机vagrant destory罕用的镜像Vagrant boxes search Ubuntu 18.04 https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/bionic/current/bionic-server-cloudimg-amd64-vagrant.boxCentOS 7 https://mirrors.ustc.edu.cn/centos-cloud/centos/7/vagrant/x86_64/images/CentOS-7.box应用举例 #启动一个 Ubuntu 18.04 的虚拟机vagrant init ubuntu-bionic https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/bionic/current/bionic-server-cloudimg-amd64-vagrant.box#启动一个 CentOS 7 的虚拟机vagrant init centos7 https://mirrors.ustc.edu.cn/centos-cloud/centos/7/vagrant/x86_64/images/CentOS-7.boxVagrantfile罕用配置阐明网络配置 Private network(公有网络) 长处：能够应用一个固定IP连贯虚拟机 毛病：其余团队成员不能拜访你的虚拟机# 固定IPconfig.vm.network "private_network", ip: "192.168.50.4" #设置动静IP#config.vm.network "private_network", type: "dhcp"端口转发虚拟机参数配置共享目录Vagrantfile示例# -*- mode: ruby -*-# vi: set ft=ruby :# All Vagrant configuration is done below. The "2" in Vagrant.configure# configures the configuration version (we support older styles for# backwards compatibility). Please don't change it unless you know what# you're doing.# vagrant起始配置块Vagrant.configure("2") do |config| # The most common configuration options are documented and commented below. # For a complete reference, please see the online documentation at # https://docs.vagrantup.com. # Every Vagrant development environment requires a box. You can search for # boxes at https://vagrantcloud.com/search. #定义box名称 config.vm.box = "ubuntu18" #定义虚拟机名字 config.vm.hostname = "rtm" #设置磁盘容量，须要装置vagrant-disksize插件 config.disksize.size = "80GB" #---------------------SSH相干配置-------------------------------------------------------- # config.ssh.username = "vagrant" #设置默认ssh用户（默认用户是vagrant） # config.ssh.password = "vagrant" #设置默认ssh明码（默认明码是vagrant） # config.ssh.port = 22 #设置ssh端口 # Disable automatic box update checking. If you disable this, then # boxes will only be checked for updates when the user runs # `vagrant box outdated`. This is not recommended. # config.vm.box_check_update = false # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine. In the example below, # accessing "localhost:8080" will access port 80 on the guest machine. # NOTE: This will enable public access to the opened port # config.vm.network "forwarded_port", guest: 80, host: 8080 # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine and only allow access # via 127.0.0.1 to disable public access # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" # Create a private network, which allows host-only access to the machine # using a specific IP. config.vm.network "private_network", ip: "192.168.33.10" # ---------------------基于virtualbox的一些配置-------------------------------------------- config.vm.provider "virtualbox" do |vb| vb.memory = "8192" # 在virtualbox中显示的名字 vb.name = "rtm" # 指定虚拟机内核数 vb.cpus = 2 end # Create a public network, which generally matched to bridged network. # Bridged networks make the machine appear as another physical device on # your network. # config.vm.network "public_network" # Share an additional folder to the guest VM. The first argument is # the path on the host to the actual folder. The second argument is # the path on the guest to mount the folder. And the optional third # argument is a set of non-required options. # config.vm.synced_folder "../data", "/vagrant_data" # Provider-specific configuration so you can fine-tune various # backing providers for Vagrant. These expose provider-specific options. # Example for VirtualBox: # # config.vm.provider "virtualbox" do |vb| # # Display the VirtualBox GUI when booting the machine # vb.gui = true # # # Customize the amount of memory on the VM: # vb.memory = "1024" # end # # View the documentation for the provider you are using for more # information on available options. # Enable provisioning with a shell script. Additional provisioners such as # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the # documentation for more information about their specific syntax and use. # config.vm.provision "shell", inline: <<-SHELL # apt-get update # apt-get install -y apache2 # SHELLend驯服迷人的Vagrant！Vagrant应用国内镜像装置插件和box镜像 ...

装置vagrantvagrant_2.2.10 装置virtualboxvirtualbox-6.1.14 装置vagrant插件vagrant-vbguest插件 vagrant plugin install vagrant-vbguestvagrant-disksize插件 vagrant plugin install vagrant-disksizevagrant-share插件 vagrant plugin install vagrant-share 查看vagrant插件vagrant plugin listvagrant-disksize (0.1.3, global)vagrant-share (1.1.11, global)vagrant-vbguest (0.25.0, global) vagrant常用命令#列出本地的box文件vagrant box list#在空文件夹初始化虚拟机vagrant init NAME [URL]#在初始化完的文件夹内启动虚拟机vagrant up#重启虚拟机vagrant reload#以默认账号vagrant连贯虚拟机vagrant ssh#敞开虚拟机vagrant halt#挂起启动的虚拟机vagrant suspend#查找虚拟机的运行状态vagrant status#销毁以后虚拟机vagrant destory罕用的镜像Vagrant boxes search Ubuntu 18.04 https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/bionic/current/bionic-server-cloudimg-amd64-vagrant.boxCentOS 7 https://mirrors.ustc.edu.cn/centos-cloud/centos/7/vagrant/x86_64/images/CentOS-7.box应用举例 #启动一个 Ubuntu 18.04 的虚拟机vagrant init ubuntu-bionic https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/bionic/current/bionic-server-cloudimg-amd64-vagrant.box#启动一个 CentOS 7 的虚拟机vagrant init centos7 https://mirrors.ustc.edu.cn/centos-cloud/centos/7/vagrant/x86_64/images/CentOS-7.boxVagrantfile罕用配置阐明网络配置 Private network(公有网络) 长处：能够应用一个固定IP连贯虚拟机 毛病：其余团队成员不能拜访你的虚拟机# 固定IPconfig.vm.network "private_network", ip: "192.168.50.4" #设置动静IP#config.vm.network "private_network", type: "dhcp"端口转发虚拟机参数配置共享目录Vagrantfile示例# -*- mode: ruby -*-# vi: set ft=ruby :# All Vagrant configuration is done below. The "2" in Vagrant.configure# configures the configuration version (we support older styles for# backwards compatibility). Please don't change it unless you know what# you're doing.# vagrant起始配置块Vagrant.configure("2") do |config| # The most common configuration options are documented and commented below. # For a complete reference, please see the online documentation at # https://docs.vagrantup.com. # Every Vagrant development environment requires a box. You can search for # boxes at https://vagrantcloud.com/search. #定义box名称 config.vm.box = "ubuntu18" #定义虚拟机名字 config.vm.hostname = "rtm" #设置磁盘容量，须要装置vagrant-disksize插件 config.disksize.size = "80GB" #---------------------SSH相干配置-------------------------------------------------------- # config.ssh.username = "vagrant" #设置默认ssh用户（默认用户是vagrant） # config.ssh.password = "vagrant" #设置默认ssh明码（默认明码是vagrant） # config.ssh.port = 22 #设置ssh端口 # Disable automatic box update checking. If you disable this, then # boxes will only be checked for updates when the user runs # `vagrant box outdated`. This is not recommended. # config.vm.box_check_update = false # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine. In the example below, # accessing "localhost:8080" will access port 80 on the guest machine. # NOTE: This will enable public access to the opened port # config.vm.network "forwarded_port", guest: 80, host: 8080 # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine and only allow access # via 127.0.0.1 to disable public access # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" # Create a private network, which allows host-only access to the machine # using a specific IP. config.vm.network "private_network", ip: "192.168.33.10" # ---------------------基于virtualbox的一些配置-------------------------------------------- config.vm.provider "virtualbox" do |vb| vb.memory = "8192" # 在virtualbox中显示的名字 vb.name = "rtm" # 指定虚拟机内核数 vb.cpus = 2 end # Create a public network, which generally matched to bridged network. # Bridged networks make the machine appear as another physical device on # your network. # config.vm.network "public_network" # Share an additional folder to the guest VM. The first argument is # the path on the host to the actual folder. The second argument is # the path on the guest to mount the folder. And the optional third # argument is a set of non-required options. # config.vm.synced_folder "../data", "/vagrant_data" # Provider-specific configuration so you can fine-tune various # backing providers for Vagrant. These expose provider-specific options. # Example for VirtualBox: # # config.vm.provider "virtualbox" do |vb| # # Display the VirtualBox GUI when booting the machine # vb.gui = true # # # Customize the amount of memory on the VM: # vb.memory = "1024" # end # # View the documentation for the provider you are using for more # information on available options. # Enable provisioning with a shell script. Additional provisioners such as # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the # documentation for more information about their specific syntax and use. # config.vm.provision "shell", inline: <<-SHELL # apt-get update # apt-get install -y apache2 # SHELLend驯服迷人的Vagrant！Vagrant应用国内镜像装置插件和box镜像 ...

简介一般来说，线上环境和预公布环境都有短缺的配置化，既能够分明的确认环境的组成细节，又能够高效疾速从0重建。然而集体的开发测试环境，可能就没有这么完满。兴许是公司专用的几台测试机，兴许是本人的本地环境。折腾出了问题，还是比拟麻烦的。我集体认为，Docker做开发环境，也是差强人意，还是本地环境或是虚拟机比拟适宜。显然、一个良好，可疾速从新构建的开发环境，能够极大的进步本人的效率。（开发环境折腾坏了，是常有的事。如果能疾速重建就很好了。）如果还能将你的环境，轻松分享给其他人。也能够解决“我那里还能跑，为什么到你这里就跑不了”的经典问题。而Vagrant就是这样一种工具，能够管制其余虚拟化工具比方VirtualBox和VMware，并且能配置文件从0重建环境。而且也能和Ansible、Chef、Puppet等自动化工具联动。（如果其余环境应用上述自动化工具构建，那么Vagrant能够轻松重用。最初，本文选用Win10 + Virtualbox + Vagrant 作为根底，在CentOS零碎中应用rpm形式繁难装置MySQL。 1、下载安装Vagrant的装置形式和虚拟机相似，除了软件自身，还须要镜像。Vagrant应用一种非凡的自制镜像，以.box结尾。须要从官网或第三方资源处获取。【留神，这种非凡镜相辨别虚拟机工具，比方Virtuabox和VMware的镜像不同】 软件本体间接从官网下载即可：https://www.vagrantup.com/downloads非凡镜像有如下几种获取形式： Vagrant官网： https://app.vagrantup.com/boxes/search【速度较慢操作系统官网： http://cloud.centos.org/centos/7/vagrant/x86_64/images/ 【这里是centos的例子第三方镜像站：http://www.vagrantbox.es/ 【官网可能太慢，能够思考从第三方站点获取镜像这里没有阐明虚拟化环境自身的装置，VirtualBox或者VMware均可，间接从对应官网装置即可。2、根底应用办法2.1、疾速上手：Vagrant是命令行工具，装置完之后，能够在powershell或者cmd中应用。想要疾速启动一个Vagrant虚拟机，能够应用如下操作。 倡议应用一个空文件夹进行操作，镜像不肯定要在这个目录中。小技巧：在文件夹空白处：Shift + 右键，即可在该地位关上Powershell或者cmdvagrant box add [env_name] [url/path] # 导入镜像，这里也能够应用本地下载好的镜像门路，不肯定是url。vagrant init [env_name] # 初始化。vagrant up #启动vagrant ssh #ssh进入虚拟机通过上述几条指令，就能够载入下载好的镜像，初始化、并启动一个虚拟机、ssh进入虚拟机。 第二步init要留神，命名和第一条命令的命名要统一。win10也可装置ssh，控制面板中能够关上。 2.2、其余常用命令、留神点：vagrant box add  #增加根底镜像配置vagrant init # 初始化虚拟机（初始化后，可自行批改配置文件进行定制vagrant up  # 创立并启动虚拟机vagrant halt  # 敞开虚拟机vagrant destroy #销毁以后虚拟机vagrant status  #查看虚拟机运行状态vagrant ssh  # SSH 至虚拟机vagrant package #导出镜像上述几条命令，根本就能够轻松应用vagrant了。不过还有几点须要留神： vagrant package 能够将本人的镜像打包，即可轻松分享给其他人。（实用于变动较少的镜像）PS：更倡议的形式是，共享根底镜像+vagrantfile配置文件。间接分享配置文件即可，更加快捷。（如果频繁变动，间接编辑配置文件会比拟轻松，不要在镜像里手动批改，难以确认到底做了什么）vagrant destroy会销毁实例，也就是virtualbox中看到的虚拟机。然而不会销毁配置，destroy之后，能够间接up重建。默认用户不是root，然而能够sudo执行命令，无需明码。（如果有其余须要，自行批改即可。随时都能够用vagrant status确认虚拟机状态，是否启动、进行等。参考：https://blog.csdn.net/hel12he/article/details/51089774 3、更多定制化vagrant init初始化完结后，会在当前目录生成一个 Vagrantfile，你能够对其进行批改、实现各种定制化。比方config.vm.network "private_network", ip: "192.168.33.10" 批改网卡默认ip。 一个根底的初始文件很简略，大略是这样： # -*- mode: ruby -*-# vi: set ft=ruby :Vagrant.configure("2") do |config|  config.vm.box = "MySQL-test00" # 在这里减少其余配置项end依据依据须要，减少各种配置项即可。【比方网卡采纳桥接、cpu核数，内存等等。更多配置项能够参考：https://www.vagrantup.com/docs/vagrantfile ...

教程地址：《kubernetes + docker 全套教程》 1、vagrant创建5台机器#节点主机规划10.4.7.11 master-1110.4.7.12 master-1210.4.7.21 worker-2110.4.7.22 worker-2210.4.7.200 tool-200master-11='10.4.7.11'master-12='10.4.7.12'worker-21='10.4.7.21'worker-22='10.4.7.22'‘控制面板网络和 Internet网络连接’ 找不到 适配器，卸载、重新安装VirtualBox、选择加载 host-only驱动。重要：如果vagrant创建私有网络失败，卸载、重装virtual-box、选择加载net驱动。 1.1 环境初始化xshell 多窗口并行执行，机器批量初始化设置。 #!/bin/bash### 0 允许密码认证登录if [[ $(id | grep root) == "" ]]; then sudo su echo "go to root"fiid### 1、环境初始化# 1.1 关闭防火墙功能systemctl stop firewalldsystemctl disable firewalld# 1.2.关闭selinuxsed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/configsetenforce 0# 1.3 关闭swap，启动项swapoff -ased -i.bak '/swap/s/^/#/' /etc/fstab# 1.4 服务器规划result=$(cat /etc/hosts | grep "节点主机")if [[ "$result" != "" ]]; then echoelse cat <<EOF >> /etc/hosts#节点主机10.4.7.11 master-1110.4.7.12 master-1210.4.7.21 worker-2110.4.7.22 worker-2210.4.7.200 tool-200# GitHub githubusercontent 超时备用199.232.68.133 raw.githubusercontent.comEOFfi# 1.5 临时主机名配置方法，vagrant设置、略 hostnamectl set-hostname master1# 1.6 时间同步：ntp、chronytimedatectl set-timezone Asia/Shanghaiyum install chrony -ycat <<EOF > /etc/chrony.confserver ntp1.aliyun.com iburst minpoll 4 maxpoll 10server ntp2.aliyun.com iburst minpoll 4 maxpoll 10server ntp3.aliyun.com iburst minpoll 4 maxpoll 10EOFsystemctl start chronyd.servicesystemctl enable chronyd.service# 1.7 开启转发，即要求iptables不对bridge的数据进行处理cat <<EOF > /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOFsysctl -p /etc/sysctl.d/k8s.conf### 2、docker安装# 2.1 更新主机源yum install -y yum-utils device-mapper-persistent-data lvm2 wget bash-completion.noarchdocker-ce.repowget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repowget -P /etc/yum.repos.d/ http://mirrors.aliyun.com/repo/epel-7.repowget -O /etc/yum.repos.d/docker-ce.repo "https://download.docker.com/linux/centos/docker-ce.repo"sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repocat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF# 2.2 安装docker，kubelet kubeadm kubectl#yum remove docker docker-common docker-selinux docker-engine -yyum clean all && yum makecache fastyum install -y docker-ce kubelet kubeadm kubectl systemctl start kubelet systemctl enable kubelet# 2.3 docker配置cgroup驱动mkdir -p /etc/docker cat <<EOF > /etc/docker/daemon.json{ "graph": "/data/docker", "storage-driver": "overlay2", "registry-mirrors": ["https://kuogup1r.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"]}EOF##-b, --bridge="" 桥接一个系统上的网桥设备到 Docker 容器里，当使用 none 可以停用容器里的网络##--bip="" 使用 CIDR 地址来设定网络桥的 IP。此参数和 -b 不能一起使用。每个容器使用一个段：172.7.xx.1--255，桥地址是1##"live-restore": true,//dockerd挂掉是否保活容器（避免了docker服务异常而造成容器退出）systemctl daemon-reload systemctl start docker systemctl enable dockerecho ">> 完成!"./core.sh 初始化脚本允许重复执行。以下操作，主要在操作主机 tool-200 进行。 ...

前言昨天HashiCorp突然发布一则消息，禁止在中国使用Vault软件的企业版本，官方申明是这样的： HashiCorp的解释是因为中国的出口管制的原因导致无法出售HASHICORP软件或者使用企业版的Vault。所以在没有取得HashiCorp书面协议的前提下，不得在中国境内使用，部署和安装HashiCorp的Vault企业版本软件。 注意，这里只是禁止使用企业版本的Vault软件，个人版本和HashiCorp公司的其他软件并不在此限制之内。大家不要被网络上面的谣言所迷惑，一定要勇于探索真理。HashiCorp公司介绍那么这个影响到底对我们有多大呢？我们先看下HashiCorp公司的成长史。 更多精彩内容且看： 区块链从入门到放弃系列教程-涵盖密码学,超级账本,以太坊,Libra,比特币等持续更新Spring Boot 2.X系列教程:七天从无到有掌握Spring Boot-持续更新Spring 5.X系列教程:满足你对Spring5的一切想象-持续更新java程序员从小工到专家成神之路（2020版）-持续更新中,附详细文章教程 HashiCorp于2012年成立，由Mitchell Hashimoto和Armon Dadgar创办，并陆续推出了Vagrant、Packer 、 Terraform、Consul , Vault 和 Nomad以满足不同的需求。 HashiCorp专注于提供DevOps基础设施自动化工具，集开发、运营和安全性于一体，可以帮助开发者编写和部署应用程序，加速应用程序分发，助力企业提升开发效率。公司还推出了一个商业平台Atlas，为公共云服务供应商和私人云技术公司等提供支持。 HashiCorp于2014年获得了1000万美元A轮融资。并在最近，也就是2020-03-18月E轮融资获得了1.75亿美元。主要投资方包括：GGV纪源资本，红点投资，Mayfield Fund，IVP (Institutional Venture Partners)等知名机构。 HashiCorp采用开源的方式和云厂商合作，为云的使用提供了一套通用的工作流程。合作方包括2000多家上市公司。 在2019 胡润研究院发布《2019胡润全球独角兽榜》，HashiCorp排名第138位。 HashiCorp旗下的软件 HashiCor提供了一整套的技术服务，涵盖了云服务的每一层，帮助企业轻松在云环境中操作，每个产品都是为特定的云基础设置自动化来服务的。 区分下来，可以分为Provision，Secure，Connect和Run四个部分。 ProvisionProvision的意思就是安装。 Terraform可以实现用代码的形式来安装cloud或者infrastructure。基础结构即代码，使用 Terraform 配置语言可以轻松跨整个工作流实现资源管理自动化。 基本上大部分的公有云都支持使用Terraform。 Secure 安装好基础组件之后，那么就需要保证他们使用的安全性。那么就需要用到Vault。也就是今天被禁止使用的Vault。 Vault是一款企业级私密信息管理工具。 在企业级应用开发过程中，我们每时每刻都在使用到私密信息，包括密码，密钥，token等等。那么如果在公司内部的开发者之间共享这些密码，密钥，token就是一个很实在的问题。 而Vault就是这样的一套统一的管理私密信息的接口。 难道被禁的原因是Vault的安全性协议？ Connect安全性也保证了，那么接下来就是连接服务了。 Consul是一个支持多数据中心分布式高可用的服务发现和配置共享的服务软件。在国内有大量的使用案例。 Run 最后就是运行了，Nomad可以用来对容器进行管理和调度。从而更加快捷的部署和更加方便的管理线上资源。 总结虽然目前被禁用的只是Vault的企业版本，但是还是让人感到深深的危机感，中国的企业什么时候能够做出世界级的软件平台，让我们拭目以待！ 本文作者：flydean程序那些事本文链接：http://www.flydean.com/hashicorp-terms-of-vault/ 本文来源：flydean的博客 欢迎关注我的公众号:程序那些事，更多精彩等着您！