配置nginx反向代理及证书

  1. cd /root/workspace/project/codemao_ops_deploy_tool/jspt
  2. ansible-playbook -i ./inventories/development ./playbooks/lb-ha-hz.yml -u codemao --ask-vault-pass

解析加密文件

  1. ansible-vault view workspace/project/codemao_ops_deploy_tool/jspt/inventories/development/group_vars/all/secrets
  2. ansible密码:/=FT.Z3^E9n3zK4HQCa3n9PU2LaF4$
  3. Vault password:
  4. vault_docker_registry_user: "XXXXXXXXXXXXXX"
  5. vault_docker_registry_password: "XXXXXXXXXXXXX"
  6. vault_aliyun_access_key: 'XXXXXXXXXXX'
  7. vault_aliyun_access_key_secret: 'XXXXXXXXXXXXXXX'
  8. vault_dev_database_url: 'rm-bp1uXXXXXXXXX.mysql.rds.aliyuncs.com'
  9. vault_online_education_oss_ak: 'XXXXXXXXXXXXXXXX'
  10. vault_online_education_oss_sk: 'XXXXXXXXXXXXXX'
  11. # discovery setting
  12. vault_discovery_config_security_user_password: 'XXXXXXXXXXX'
  13. # # haproxy /lbstats credentials
  14. # FIXME: Should be removed once the privileged socket is up.
  15. # The credentials are specific to lb-tiger-cs group vars and are not otherwise
  16. # used in any particular role.
  17. vault_haproxy_stats_username: 'XXXXXXXXXX'
  18. vault_haproxy_stats_password: 'XXXXXXXXX'
  19. #apollo
  20. vault_apollo_user_password: 'XXXXXXXXXXXXXXX'
  21. # hk discovery setting
  22. vault_discovery_int_config_security_user_password: 'XXXXXXXXXXXXX'
  23. # intl
  24. vault_intl_discovery_config_security_user_password: 'XXXXXXXXXXX'
  25. # nacos
  26. vault_jasypt_encryptor_password: "xxxxxxxxxxxxx"
  27. alicloud_access_key: 'XXXXXXXX'
  28. alicloud_secret_key: 'XXXXXXXXXXXXXXXXXX'

安装阿里云log接收容器

先进入到对应的环境hosts,保留只要安装的服务器,其余先注释

  1. ansible-playbook -i ./inventories/pressure_test ./playbooks/container_log.yml -u codemao --ask-vault-pass

安装成功后去掉刚注释的操作,因为是在git仓库中修改的,直接去掉操作就行了

  1. git reset --hard