Basic package
- Please confirm your deployment purpose before reading
- This document is applicable to the multi-machine sub-module deployment scenario in the production environment. If you only need to experience the functions of this package, please refer to Single-machine deployment
The basic package includes: PaaS platform, configuration platform, operation platform, authority center, user management, node management, standard operation and maintenance, process service
1. Installation environment preparation
Before starting the installation, please refer to the environment preparation document to prepare the installation media and configure the system environment.
1.1 Prepare the machine
- Recommended operating system: CentOS 7.6
- Recommended machine configuration
- Production environment: recommended 8-core 32G, hard disk 100G or more (the configuration can be adjusted according to the actual situation)
- Number of machines: 3 (assuming the IPs are: 10.0.0.1, 10.0.0.2, 10.0.0.3)
- Production environment: recommended 8-core 32G, hard disk 100G or more (the configuration can be adjusted according to the actual situation)
- Select one as the central control machine (assumed to be 10.0.0.1) for installation and deployment operations, and log in with the root account.
1.2 Get a certificate
- Obtain the MAC address of the first intranet network card of the 3 machines through
ifconfig
or commandip addr
- Go to the certificate generation page of the Blue Whale official website ( download area|Tencent Blue Whale Zhiyun ), fill in the three MAC addresses separated by English semicolons in the input box according to the prompts, generate and download the certificate
- Upload the certificate package to the central control computer
/data
- Certificate package name: ssl_certificates.tar.gz
1.3 Download the installation package
Please go to the download page of the Blue Whale official website to download the basic package.
1.4 Decompress related resource packages
-
Decompress package (including related products of Blue Whale, such as PaaS platform, configuration platform, operation platform, etc., public components that Blue Whale depends on (MySQL, Redis, etc.), and Blue Whale deployment scripts)
cd /data # 包名请根据实际情况填写 tar xf bkce_basic_suite-6.1.2.tgz
-
Unzip the individual product packages
cd /data/src/; for f in *gz;do tar xf $f; done
-
Unzip the certificate package
install -d -m 755 /data/src/cert tar xf /data/ssl_certificates.tar.gz -C /data/src/cert/ chmod 644 /data/src/cert/*
-
Copy the rpm package folder to the /opt/ directory
cp -a /data/src/yum /opt
1.5 configure install.config
illustrate:
- gse and redis need to be deployed on the same machine.
- When there are multiple internal IPs, the first internal IP in the output of /sbin/ifconfig is used by default.
- Deployment requires the use of standard private addresses. If the enterprise environment uses non-standard private addresses, please refer to Environment preparation - non-standard private address processing method
# 请根据实际机器的 IP 进行替换第一列的示例 IP 地址,确保三个 IP 之间能互相通信
cat << EOF >/data/install/install.config
[basic]
10.0.0.1 iam,ssm,usermgr,gse,license,redis,consul,es7
10.0.0.2 paas,nginx,consul,mongodb,rabbitmq,appo,zk(config)
10.0.0.3 cmdb,job,mysql,appt,consul,nodeman(nodeman)
EOF
1.6 Execute password-free
cd /data/install
bash /data/install/configure_ssh_without_pass
start deployment
Initialize and check the environment
# 执行初始化环境操作
./bk_install common
# 校验环境和部署的配置
./health_check/check_bk_controller.sh
Deploy the PaaS platform
# 部署 PaaS 平台及其依赖服务
./bk_install paas
After the deployment of the PaaS platform is completed, you can access the PaaS platform of Blue Whale. If the domain name is not resolved during deployment, please refer to 3. Accessing Blue Whale.
deploy app_mgr
# 部署 SaaS 运行环境
./bk_install app_mgr
Deployment authority center and user management
# 部署权限中心 SaaS
./bk_install saas-o bk_iam
# 部署用户管理 SaaS
./bk_install saas-o bk_user_manage
Deploy CMDB
# 部署配置平台及其依赖服务
./bk_install cmdb
deploy jobs
# 部署作业平台后台模块及其依赖组件
./bk_install job
deploy bknodeman
# 部署节点管理后台模块、节点管理 SaaS 及其依赖组件
./bk_install bknodeman
Deploy standard operation and maintenance and process services
Execute the following commands in sequence to deploy related SaaS.
# 部署标准运维 SaaS
./bk_install saas-o bk_sops
# 部署流程管理 SaaS
./bk_install saas-o bk_itsm
Load blue whale related maintenance commands
source ~/.bashrc
Initialize the blue whale business topology
./bkcli initdata topo
Detect related service status
cd /data/install/
echo bkssm bkiam usermgr paas cmdb gse job consul | xargs -n 1 ./bkcli check
Deploy lesscode (optional)
-
Go to the S-mart market to download the visual development platform
-
Place the package in
/data
the directory of the central control and extract it to/data/src
the directorytar -xf /data/lesscode-ce-0.0.11.tar.gz -C /data/src
-
Add lesscode module distribution
# 请注意替换示例 IP 为实际部署的机器 IP cat << EOF >>/data/install/install.config [lesscode] 10.0.0.1 lesscode EOF
-
start deployment
./bk_install lesscode
Deploy bkiam_search_engine (optional)
-
Added bkiam_search_engine module distribution
# 请注意替换示例 IP 为实际部署的机器 IP cat << EOF >>/data/install/install.config [iam_search_engine] 10.0.0.3 iam_search_engine EOF
-
Obtain the app_token of the authority center, and use the obtained app_token as the secret of bkiam_search_engine
echo BK_IAM_SAAS_APP_SECRET=$(mysql --login-path=mysql-default -e "use open_paas; select * from paas_app where code='bk_iam'\G"| awk '/auth_token/{print $2}') >> /data/install/bin/03-userdef/bkiam_search_engine.env
-
Render bkiam_search_engine variable
./bkcli install bkenv ./bkcli sync common
-
start deployment
./bk_install bkiam_search_engine
Deploy paas_plugin (optional)
- The beta version does not currently include
- paas_plugin depends on elasticsearch
# 增加 es7 模块
# 请注意替换示例 IP 为实际部署的机器 IP
cat << EOF >>/data/install/install.config
10.0.0.3 es7
EOF
./bk_install paas_plugin
Deploy API automated testing tools (optional)
The beta version does not currently include
-
Synchronize the installation directory file to the specified machine (the default is the machine where the nginx module is located)
./bkcli sync bkapi
-
Deploy API automated testing tools
./bkcli install bkapi
-
Run the API automated testing tool
# 如果不带<module>,默认检查所有模块的api ./bkcli check bkapi # 单模块检查 ## 目前支持的模块 bk_cmdb, bk_job, bk_gse, bk_itsm, bk_monitorv3, bk_paas, bk_sops, bk_user_manage ## 因需要检查所有的 api,花费的时间较长,请耐心等待 ./bkcli check bkapi bk_job
3. Visit the Blue Whale
3.1 Configure local hosts
The operations described below may overwrite the existing hosts, please confirm whether a backup is required before performing the operation.
-
Windows configuration
Notepad++
Open the file with a text editor such as :C:\Windows\System32\drivers\etc\hosts
Copy the following content into the above file, and replace the following IP with an IP that can be accessed by the local browser, and then save it.
10.0.0.2 paas.bktencent.com cmdb.bktencent.com job.bktencent.com jobapi.bktencent.com bkapi_check.bktencent.com 10.0.0.3 nodeman.bktencent.com
Note: 10.0.0.2 is the machine where the nginx module is located, and 10.0.0.3 is the machine where the nodeman module is located. The IP needs to be replaced with an IP that can be accessed by the local browser.
Query the way the module is distributed on the machine:
grep -E "nginx|nodeman" /data/install/install.config
Note: If you cannot save the file, please right-click the file hosts and find "Properties" -> "Security", then select the user name you logged in, click Edit, and check "Write".
-
Linux/MacOS configuration
Copy the following content to
/etc/hosts
, and replace the following IP with the IP that can be accessed by the local browser, and then save it.10.0.0.2 paas.bktencent.com cmdb.bktencent.com job.bktencent.com jobapi.bktencent.com bkapi_check.bktencent.com 10.0.0.3 nodeman.bktencent.com
3.2 Get administrator account name and password
On any machine, execute the following command to obtain the administrator account and password.
grep -E "BK_PAAS_ADMIN_USERNAME|BK_PAAS_ADMIN_PASSWORD" /data/install/bin/04-final/usermgr.env
3.3 Visit Blue Whale and get started
Default blue whale workbench entrance: http://paas.bktencent.com
-
You can refer to Blue Whale Quick Start and related product white papers
-
Advanced Options: Monitoring Log Package Deployment