一、LNM+Python Django+uwsgi+redis项目
1.安装项目中需要的python模块
pip3 install -i https://pypi.doubanio.com/simple/ -r re.txtpip3 install -i https://pypi.doubanio.com/simple/ uwsgi vim re.txtasn1crypto==0.24.0beautifulsoup4==4.6.3bs4==0.0.1certifi==2018.4.16cffi==1.11.5chardet==3.0.4Click==7.0cryptography==2.3.1Django==1.11.9Flask==1.0.2Flask-Cors==3.0.6gevent==1.3.6greenlet==0.4.15idna==2.7ItsDangerous==1.1.0Jinja2==2.10lxml==4.2.6MarkupSafe==1.0numpy==1.15.3Pillow==5.3.0pycparser==2.18PyMySQL==0.9.2pytz==2018.7requests==2.19.1selenium==3.141.0six==1.11.0urllib3==1.23virtualenv==16.1.0Werkzeug==0.14.1wordcloud==1.5.0
2.数据库的处理
上传bbs.sql
# 在mysql中创建bbs库,并导入数据库SQL脚本mysql> create database bbs charset utf8mb4;mysql> use bbsmysql> source /opt/bbs.sqlmysql> grant all on *.* to bbs@'10.0.0.%' identified by '123';# 为了安全性,为项目单独建立一个用户链接数据库,最好和项目一样# MySQL用户的定义# mysql用户权限 grantgrant all # 所有权限 grant select,update,insert # 增查改# 该用户对哪个库哪个表的权限# on 库名.表名# on *.*:该用户拥有对所有库的所有表的权限# USERNAME@'白名单'# 白名单: 主机域IP地址bbs@'localhost' # 本地访问bbs@'10.0.0.110' # 允许10.0.0.110访问bbs@'10.0.0.%' # 允许10.0.0开头24位掩码的整个网段访问bbs@'10.0.0.0/255.255.240.0' # 允许255.255.240.0网段的10.0.0.0的访问bbs@'10.0.0.5%' # 允许10.0.0.50~59访问bbs@'%' # 允许任意网络访问 # identified by '123'# 设置密码为123
Django中数据库的链接
DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', 'NAME': 'bbs', 'HOST': "10.0.0.100", 'USER': 'bbs', 'PASSWORD': '123', 'PORT': 3306, }}
3.BBS项目部署
配置Nginx
vim /etc/nginx/conf.d/py.confserver { listen 80; server_name 10.0.0.100; client_max_body_size 100M; location /static { alias /opt/BBS/static/; } location /media { alias /opt/BBS/media; } location / { index index.html; include uwsgi_params; uwsgi_pass 127.0.0.1:9090; uwsgi_param UWSGI_SCRIPT BBS.wsgi; uwsgi_param UWSGI_CHDIR /opt/BBS; }}
配置uwsgi
# 关闭所有已有的uwsgi进程kill -9 `ps -ef |grep uwsgi|awk {'print $2'}`# 在项目根目录创建vim uwsgi.ini[uwsgi]socket = 127.0.0.1:9090master = trueworkers = 2reload-mercy = 10vacuum = truemax-requests = 1000limit-as = 512buffer-size = 30000# 启动uwsgiuwsgi --ini uwsgi.ini &# 重启nginxsystemctl restart nginx
二、Python 在运维工作中的经典应用
1.ansible
# 通过ansible可以一次性配置多台电脑# Linux的 SSHD(22)# 验证方式:# (1)用户+密码(PAM)# (2)秘钥验证(公钥:钥匙和私钥:锁)# 通过秘钥对实现,需要将公钥分发到各节点# ansible管理被控端:管理机先生成秘钥,然后推送公钥给各个节点# 1.安装ansiblewget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repocurl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo yum install ansible -y# 2.克隆一台虚拟机模拟# 配置模拟机# 主机名hostnamectl set-hostname test# 更改网络地址# 要把UUID行删掉vim /etc/sysconfig/network-scripts/ifcfg-eth0IPADDR=10.0.0.200# 更改地址以及对应主机名vim /etc/hosts10.0.0.200 standby# 重启网卡systemctl restart network# 3.生成密钥对,并分发# 生成一组密钥对ssh-keygen# 分配公钥给各节点# 分发给一个节点,要记得给自己分发ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.100ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.200# 循环分发多个节点for i in {1..12};do ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.0.0.$i;done# 测试是否联通10.0.0.200,如果显示时间,就说明联通了# 现在可以连接一台ssh 10.0.0.200 date# 4.为了同时控制多台,要配置被管理的主机清单vim /etc/ansible/hosts# [web]:IP组名,可以按组来控制[web]10.0.0.10010.0.0.200# 5.使用ansible的ad-hoc测试是否控制多台ansible all -m ping10.0.0.100 | SUCCESS => { "changed": false, "ping": "pong"}10.0.0.200 | SUCCESS => { "changed": false, "ping": "pong"}ansible all -m shell -a "df -h"10.0.0.100 | CHANGED | rc=0 >>Filesystem Size Used Avail Use% Mounted on/dev/sda3 98G 3.4G 95G 4% /devtmpfs 477M 0 477M 0% /devtmpfs 488M 0 488M 0% /dev/shmtmpfs 488M 7.7M 480M 2% /runtmpfs 488M 0 488M 0% /sys/fs/cgroup/dev/sda1 197M 102M 96M 52% /boottmpfs 98M 0 98M 0% /run/user/010.0.0.200 | CHANGED | rc=0 >>Filesystem Size Used Avail Use% Mounted on/dev/sda3 98G 1.6G 97G 2% /devtmpfs 981M 0 981M 0% /devtmpfs 992M 124K 992M 1% /dev/shmtmpfs 992M 9.6M 982M 1% /runtmpfs 992M 0 992M 0% /sys/fs/cgroup/dev/sda1 197M 102M 96M 52% /boottmpfs 199M 0 199M 0% /run/user/0# 6.ansible playbook自动化安装nginxvim playbook_nginx.yml - hosts: web remote_user: root vars: http_port: 80 tasks: # 第一步:配置YUM源 - name: Add Nginx Yum Repository yum_repository: name: nginx description: Nginx Repository baseurl: http://nginx.org/packages/centos/7/$basearch/ gpgcheck: no # 第二步:下载nginx - name: Install Nginx Server yum: name=nginx state=present # 第三步:连接到配置文件并配置到各节点 - name: Configure Nginx Server template: src=./default.conf.template dest=/etc/nginx/conf.d/default.conf notify: Restart Nginx Server # 第四步:启动nginx服务 - name: Start Nginx Server service: name=nginx state=started enabled=yes handlers: - name: Restart Nginx Server service: name=nginx state= # default.conf.template文件如下# 必须和上面的playbook_nginx.yml 在同一目录下vim default.conf.template server { listen { { http_port }}; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; }}# 7.执行ansible-playbook# 检查语法ansible-playbook --syntax playbook_nginx.yml # 模拟执行ansible-playbook -C playbook_nginx.yml # 模拟执行没有错误,正常执行ansible-playbook playbook_nginx.yml # 此时10.0.0.200:端口号就可以访问了