Born运维Checklist

来自Alex's wiki
Admin讨论 | 贡献2016年6月30日 (四) 06:40的版本

跳转至: 导航搜索

线上服务器后端G1组机器下线,同时上线G22服务器 16/06/25 16:30已完成

1.编辑两台反向代理服务器的/etc/nginx/nginx.conf文件,注释掉upstream模块的G1组5台服务器 http {

   upstream www.52jiaoshi.com {
       #G1

#server 123.56.154.254:8089;

       #server 123.57.57.241:8089;
       #server 123.56.77.165:8089;
       #server 123.56.238.65:8089;
       #server 123.56.47.69:8089;
       #server 123.57.143.153:8089;

#G2

       #server 123.57.180.46:8089;
       server 123.57.26.145:8089;
       server 123.57.27.27:8089;
       server 123.56.253.188:8089;
       server 101.200.135.96:8089;
       server 123.56.75.106:8089;
       ip_hash;
   }

2.分别重启两台反向代理服务器的nginx服务 nginx -s reload

52jiaoshi线上代码发布脚本增加回滚机制 16/06/25 15:00已完成

1.在发布脚本中添加,将每次发布的最新commit版本号写入发布日志 git branch master git checkout master git pull origin master git log --pretty=format:'[%h] at [%cd] by [%ce] : [%s]' -n 1|xargs echo -e "`date`\n" >> /alidata/pub/jiaoshi/publish_master/publish.log

Fri Jun 24 16:15:04 CST 2016 [73764e9] at [Mon Jun 20 14:46:45 2016 +0800] by [qiaochenglei@52jiaoshi.com] : [ShellCommit 160620-144643]

2.在回滚脚本中新建rollback分支,并选择想要重新发布的版本号(此版本号为7位简短版,git可以自动搜索) git checkout -b rollback 73764e9

3.成功发布并测试正常后,删除rollback分支 git branch -d rollback

4.查看已经发布过的代码版本历史 ido pub log

52jiaoshi.com增加https接口 16/06/23 22:00已完成

1.上传api.52jiaohsi.com的证书和私钥到两台nginx反向代理服务器的/etc/nginx/ssl目录下 api.52jiaoshi.com_bundle.crt api.52jiaoshi.com.key 2.修改nginx配置文件,增加虚拟主机并添加ssl模块配置信息 vim /etc/nginx/nginx.conf

http模块增加(nginx主可以不用添加): upstream alpha.52jiaoshi.com {

       ip_hash;
       server 10.172.220.56:8089;      #G22_alpha
       server 10.172.225.201:8089;     #zabbix_alpha
   }
   底部追加:

server {

       listen  443;
       server_name     api.52jiaoshi.com;
       ssl on;
       ssl_certificate /etc/nginx/ssl/wosign/api.52jiaoshi.com_bundle.crt;
       ssl_certificate_key /etc/nginx/ssl/wosign/api.52jiaoshi.com.key;
       location / {
               root    html;
               index   index.html index.htm;
       #access_log  logs/test.access.log  main;
       #proxy_set_header Host $host;
       #proxy_set_header X-Real-IP $remote_addr;
       #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_pass http://www.52jiaoshi.com;
       }
   }
   server {
       listen 80;
       server_name api.52jiaoshi.com;
       rewrite ^(.*) https://$server_name$1 permanent;
   }
   server {
       listen  80;
       server_name     www.52jiaoshi.com;

location / {

               root    html;
               index   index.html index.htm;
       #access_log  logs/test.access.log  main;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_connect_timeout   600;
       proxy_send_timeout      600;
       proxy_read_timeout      600;
       proxy_pass http://www.52jiaoshi.com;
       }
       error_page  404         /404.html;
       location = /404.html {
               root   /usr/share/nginx/html;
       }
       #redirect server error pages to the static page /50x.html
       error_page  500 502 503 504  /50x.html;
       location = /50x.html {
               root   /usr/share/nginx/html;
       }
   }
   server {
       listen  80;
       server_name      52jiaoshi.com;
       return 301 $scheme://www.52jiaoshi.com$request_uri;
   }
   server {                                           #nginx主可以不用添加
       listen  443;
       server_name     alpha.52jiaoshi.com;
       ssl on;
       ssl_certificate /etc/nginx/ssl/wosign/alpha.52jiaoshi.com_bundle.crt;
       ssl_certificate_key /etc/nginx/ssl/wosign/alpha.52jiaoshi.com.key;
       location / {
               root    html;
               index   index.html index.htm;
       #access_log  logs/test.access.log  main;
       #proxy_set_header Host $host;
       #proxy_set_header X-Real-IP $remote_addr;
       #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_pass http://alpha.52jiaoshi.com;
       }
   }

3.重新载入nginx配置 nginx -s reload

52gongji添加硬盘 16/06/07 0:30已完成

1.关闭httpd服务 /alidata/server/httpd/bin/httpd -k stop 2.关闭php推送服务 killall php 3.关闭redis服务 redis-cli -a Born shutdown 4./alidata目录改名为/alidata-backup mv /alidata /alidata-backup 5.建立新的/alidata目录作为新磁盘挂载点 mkdir /alidata 6.挂载新磁盘到/alidata目录下 mount /dev/xvdb /alidata 7.将原目录数据拷贝到新的目录里 cp -a /alidata-backup/* /alidata/ 8.启动httpd服务 /alidata/server/httpd/bin/httpd -k start 9.启动php推送脚本 cd /alidata/server/httpd/htdocs/gongji/pushServer/ApnsPHP-master/ nohup php apnsServer.php & cd /alidata/server/httpd/htdocs/gongji/pushServer/umeng/ nohup php umengServer.php & 10.启动redis服务 redis-server /etc/redis.conf

REDIS加从 16/06/02 0:30 已完成 步骤参见WORD

1、停止线上redis主服务器的持久化功能 redis>config set save "" redis>config set appendonly 1. 停止线上redis主服务器的持久化功能 redis>config set save “” #关闭快照持久化 redis>config set appendonly no #关闭AOF持久化 2. 手动执行快照备份,备份线上redis数据 redis>bgsave cp dump.rdb /bak/dump.rdb.bak #快照文件同样复制一份,以防原文件有问题 3. 在redis从的配置文件中加入下面一行,启动redis从服务器,自动执行主从同步 slaveof 10.170.237.175 6379 4. 如果主库发生错误,重启redis服务即可(自动进行数据恢复) redis-cli redis>auth Born redis>shutdown redis-server /etc/redis.conf 5. 同步成功后,redis从开启持久化功能,redis主关闭持久化功能,减少主I/O压力 从(开启AOF持久化): redis-cli -a Born config set appendonly yes 主(用计划任务完成快照持久化备份,每小时备份一次): crontab –e 0 * * * * /usr/bin/redis-cli -a Born bgsave