运维平台
本文最后更新于:2025年4月29日 下午
1Panel 面板
应用商店第三方库
官方库的应用比较少,我们可以添加第三方库,在面板的计划任务新增一条Shell脚本,任务名称随意,执行周期建议每天,脚本内容如下:
#!/bin/bash
# 直接执行或复制此脚本到 1Panel->计划任务中定时执行即可
# 1panel本地app的目录(如果不是默认安装,需修改该目录)
app_local_dir="/opt/1panel/resource/apps/local"
# AppStore的git仓库地址(必选)
git_repo_url="https://mirror.ghproxy.com/https://github.com//okxlin/appstore"
#git_repo_url="https://gitee.com/svip520/1panel-appstore"
# 访问git仓库的access token,访问私有仓库时用,优先级高于账密(可选)
# 建议使用access token,降低账密泄露的风险
git_access_token=""
# 访问git仓库的用户名,访问私有仓库时用(可选)
git_username=""
# 访问git仓库的密码,访问私有仓库时用(可选)
git_password=""
# 指定克隆的分支(可选)
git_branch=""
# 指定克隆的深度(可选)
git_depth=1
# 拉取远程仓库前是否清空本地app目录(可选)
clean_local_app=true
# 拉取远程仓库前是否清空远程app缓存(可选)
clean_remote_app_cache=false
# 设置克隆或拉取远程仓库时使用的代理(可选)
proxyUrl=""
# 设置示例:
# proxyUrl="http://127.0.0.1:7890"
# proxyUrl="socks5://127.0.0.1:7890"
# proxyUrl="socks5://user:password@host:port"
# 将远程app store工程克隆到本地的工作目录
work_dir="/opt/1panel_hepler"
set -e
mkdir -p "$work_dir/logs"
log_file="$work_dir/logs/local_appstore_sync_helper_$(date +"%Y-%m-%d").log"
logs() {
local message="$1"
if [ -n "$log_file" ]; then
mkdir -p "$(dirname "$log_file")"
if [ $? -eq 0 ]; then
echo -e "[$(date +"%Y-%m-%d %H:%M:%S")] $message"
echo "[$(date +"%Y-%m-%d %H:%M:%S")] $message" >>"$log_file"
return
fi
fi
echo -e "$message"
}
# 函数: url_encode
# 参数:
# - url: 需要进行编码的字符串
# 返回值:
# 经过URL编码后的字符串
function url_encode() {
local string=$1
local length="${#string}"
local url_encoded_string=""
local c
for ((i = 0; i < length; i++)); do
c=${string:i:1}
case "$c" in
[a-zA-Z0-9.~_-]) url_encoded_string+=$c ;;
*) url_encoded_string+=$(printf '%%%02X' "'$c") ;;
esac
done
echo "$url_encoded_string"
}
# 定义函数,接收一个URL参数和可选的替换字符串参数
replace_protocol() {
local url=$1
local replacement=$2
# 如果没有提供替换字符串,则删除"http://"或"https://"
if [[ -z $replacement ]]; then
local new_url=$(echo $url | sed "s/http:\/\///" | sed "s/https:\/\///")
else
local new_url=$(echo $url | sed "s/http:\/\//${replacement}/" | sed "s/https:\/\//${replacement}/")
fi
# 输出替换后的URL
echo $new_url
}
# 函数: clone_git_repo
# 参数:
# - url: Git仓库URL
# - username: 账号(可选)
# - password: 密码(可选)
# - access_token: 访问令牌(可选)
# - branch: 克隆分支(可选)
# - depth: 克隆深度(可选,默认为0,即克隆整个仓库)
function clone_git_repo() {
local url=$1
local username=$2
local password=$3
local access_token=$4
local branch=$5
local depth=$6
branch=${branch:+--branch $branch}
depth=${depth:+--depth $depth}
echo "branch: $branch, depth: $depth"
if [[ -n $access_token ]]; then
echo "use access_token to clone"
local fix_url=$(replace_protocol "$url")
git clone "https://oauth2:$access_token@$fix_url" $branch $depth
elif [[ -n $username && -n $password ]]; then
local encoded_username=$(url_encode "$username")
local encoded_password=$(url_encode "$password")
local fix_url=$(replace_protocol "$url")
# echo "use username and password to clone, encoded_username: $encoded_username, encoded_password: $encoded_password, fix_url: $fix_url"
echo "use username and password to clone"
git clone "https://$encoded_username:$encoded_password@$fix_url" $branch $depth
else
echo "use default clone"
git clone "$url" $branch $depth
fi
}
# 取消代理
function proxy_off() {
unset http_proxy
unset https_proxy
unset ALL_PROXY
unset no_proxy
logs "Proxy Off"
}
# 开启代理
function proxy_on() {
proxy_url="http://127.0.0.1:7890"
match_str="://"
if [ -n "$1" ]; then
if [[ $1 =~ $match_str ]]; then
proxy_url=$1
else
logs "Incorrect proxy_url, use defualt proxy_url"
return
fi
fi
export http_proxy=$proxy_url
export https_proxy=$proxy_url
export ALL_PROXY=$proxy_url
export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com"
logs "Proxy On $proxy_url"
}
function scriptInfo() {
echo ""
logs "##################################################################"
logs "# Name: local appstore sync helper for 1Panel #"
logs "# Author: nameless #"
logs "##################################################################"
echo ""
}
function main() {
scriptInfo
if [ ! -d "$app_local_dir" ]; then
logs "未检测到1panel的app目录,请检查1panel是否安装正确,或修改脚本中的app_local_dir变量"
exit 1
fi
# 检查地址结尾是否包含.git,如果不包含则自动补全
if [[ "$git_repo_url" != *".git" ]]; then
git_repo_url="${git_repo_url}.git"
fi
local repo_username=""
local repo_projectname=""
# 使用正则表达式匹配仓库地址中的用户名和项目名
if [[ $git_repo_url =~ .*\/(.*)\/(.*)\.git ]]; then
repo_username=${BASH_REMATCH[1]}
repo_projectname=${BASH_REMATCH[2]}
# logs "用户名: $repo_username"
# logs "项目名: $repo_projectname"
fi
if [ -z "$repo_username" ] || [ -z "$repo_projectname" ]; then
logs "无法提取用户名和项目名,请检查git_repo_url变量提供的地址是否正确"
exit 1
fi
mkdir -p "$work_dir/temp"
local repo_user_dir="$work_dir/temp/$repo_username"
local repo_dir="$repo_user_dir/$repo_projectname"
# 根据clean_remote_app_cache变量的值决定是否清空远程app的缓存数据
if [ "$clean_remote_app_cache" = true ] && [ -d "$repo_dir" ]; then
rm -rf "$repo_dir"
logs "已清空远程app的缓存数据"
fi
# 根据proxyUrl变量的值决定是否开启代理
if [ -n "$proxyUrl" ]; then
proxy_on "$proxyUrl"
fi
# clone或拉取远程仓库最新代码
logs "准备获取远程仓库最新代码:$git_repo_url"
if [ -d "$repo_dir" ]; then
logs "执行git pull操作"
cd "$repo_dir"
# 强行拉取最新代码
git pull --force 2>>"$log_file"
else
logs "执行git clone操作"
mkdir -p "$repo_user_dir"
cd "$repo_user_dir"
clone_git_repo "$git_repo_url" "$git_username" "$git_password" "$git_access_token" "$git_branch" "$git_depth" 2>>"$log_file"
fi
logs "远程仓库最新代码获取完成"
if [ ! -d "$repo_dir/apps" ]; then
logs "未检测到apps目录,请检查远程仓库是否正确"
exit 1
fi
# 根据clean_local_app变量的值决定是否清空本地app目录
if [ "$clean_local_app" = true ]; then
rm -rf "$app_local_dir"/*
logs "已清空本地原有的app"
fi
# 将远程仓库的apps目录下的所有app复制到本地app_local_dir目录下
cd "$repo_dir"
cp -rf apps/* "$app_local_dir"
pwd
ls -lah
du -sh
# 根据clean_remote_app_cache变量的值决定是否清空远程app的缓存数据
if [ "$clean_remote_app_cache" = true ]; then
rm -rf "$repo_dir"
fi
if [ -n "$proxyUrl" ]; then
proxy_off
fi
logs "1panel本地app同步成功,enjoy it!"
}
main "$@"创建好后,点击执行,可在报告中查看详情:
docker 源
最近中国大陆无法连接到docker,在面板的容器-配置中,镜像加速使用下面连接:
https://docker.1panel.live/Zabbix 部署
1.集群规划
| 进程 | hadoop102 节点 | hadoop103 节点 | hadoop104 节点 |
|---|---|---|---|
| zabbix-agent | √ | √ | √ |
| zabbix-server | √ | ||
| MySQL | √ | ||
| zabbix-web | √ |
2.准备工作
2.1 关闭集群
如果集群开启,先关闭集群。因为安装Zabbix前,需要重启虚拟机。
2.2 关闭 3 台节点防火墙
分别在hadoop102、103、104上执行:
sudo systemctl stop firewalld.service
sudo systemctl disable firewalld.service2.3 关闭 3 台节点上的 SELinux
(1) 修改配置文件/etc/selinux/config
sudo vim /etc/selinux/config修改为一下内容:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted(2) 重启服务器
sudo reboot3.配置 3 台节点的 Zabbix yum 源
3.1 安装 yum 仓库
(1) 安装 zabbix 的软件仓库配置包
这个包包含了 yum(软件包管理器)的配置文件
[wwj@hadoop102 ~]$ sudo rpm -Uvh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
[wwj@hadoop103 ~]$ sudo rpm -Uvh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm
[wwj@hadoop104 ~]$ sudo rpm -Uvh https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/x86_64/zabbix-release-5.0-1.el7.noarch.rpm(2) 安装 Software Collectiopns 仓库
[wwj@hadoop102 ~]$ sudo yum install -y centos-release-scl
[wwj@hadoop103 ~]$ sudo yum install -y centos-release-scl
[wwj@hadoop104 ~]$ sudo yum install -y centos-release-scl3.2 修改 zabbix 仓库配置文件
hadoop102、hadoop103、hadoop104三台节点,依次执行如下步骤:
(1) 查看原始 zabbix.repo 文件
[wwj@hadoop102 ~]$ sudo cat /etc/yum.repos.d/zabbix.repo查看内容如下:
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=http://repo.zabbix.com/zabbix/5.0/rhel/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-frontend]
name=Zabbix Official Repository frontend - $basearch
baseurl=http://repo.zabbix.com/zabbix/5.0/rhel/7/$basearch/frontend
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=http://repo.zabbix.com/zabbix/5.0/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
gpgcheck=1
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=http://repo.zabbix.com/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=1(2) 执行以下命令完成全局替换,修改为阿里云镜像
[wwj@hadoop102 ~]$ sudo sed -i 's/http:\/\/repo.zabbix.com/https:\/\/mirrors.aliyun.com\/zabbix/g' /etc/yum.repos.d/zabbix.repo(3) 查看修改后的 zabbix.repo 文件
[wwj@hadoop102 ~]$ sudo cat /etc/yum.repos.d/zabbix.repo查看内容如下
[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-frontend]
name=Zabbix Official Repository frontend - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/$basearch/frontend
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
[zabbix-debuginfo]
name=Zabbix Official Repository debuginfo - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/$basearch/debuginfo/
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
gpgcheck=1
[zabbix-non-supported]
name=Zabbix Official Repository non-supported - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/non-supported/rhel/7/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=1(4) 打开/etc/yum.repos.d/zabbix.repo文件,启用 zabbix-web 仓库
将文件中zabbix-frontend的enabled=0改为enabled=1
[zabbix-frontend]
name=Zabbix Official Repository frontend - $basearch
baseurl=https://mirrors.aliyun.com/zabbix/zabbix/5.0/rhel/7/$basearch/frontend
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE5914.安装 Zabbix
在 hadoop102、hadoop103、hadoop104 三台节点分别执行以下安装命令:
[wwj@hadoop102 ~]$ sudo yum install -y zabbix-server-mysql zabbix-agent zabbix-web-mysql-scl zabbix-apache-conf-scl
[wwj@hadoop103 ~]$ sudo yum install -y zabbix-agent
[wwj@hadoop104 ~]$ sudo yum install -y zabbix-agent5.配置 Zabbix
5.1 创建 Zabbix 数据库
[wwj@hadoop102 ~]$ mysql -uroot -p123456 -e"create database zabbix character set utf8 collate utf8_bin"5.2 导入 Zabbix 建表语句
[wwj@hadoop102 ~]$ zcat /usr/share/doc/zabbix-server-mysql-5.0.42/create.sql.gz | mysql -uroot -p123456 zabbix5.3 配置 Zabbix_Server(hadoop102)
修改 zabbix-server 配置文件
[wwj@hadoop102 ~]$ sudo vim /etc/zabbix/zabbix_server.conf
DBHost=hadoop102
DBName=zabbix
DBUser=root
DBPassword=1234565.4 配置 Zabbix_Agent(三台节点)
修改zabbix-agent配置文件
[wwj@hadoop102 ~]$ sudo vim /etc/zabbix/zabbix_agentd.conf
[wwj@hadoop103 ~]$ sudo vim /etc/zabbix/zabbix_agentd.conf
[wwj@hadoop104 ~]$ sudo vim /etc/zabbix/zabbix_agentd.conf修改以下内容:
Server=hadoop102
#ServerActive=127.0.0.1
#Hostname=Zabbix server5.5 配置 Zabbix_Web 时区
修改/etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf文件
[wwj@hadoop102 ~]$ sudo vim /etc/opt/rh/rh-php72/php-fpm.d/zabbix.conf修改如下内容:(最后一行:php_value[date.timezone] = Asia/Shanghai)
[zabbix]
user = apache
group = apache
listen = /var/opt/rh/rh-php72/run/php-fpm/zabbix.sock
listen.acl_users = apache
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 200
php_value[session.save_handler] = files
php_value[session.save_path] = /var/opt/rh/rh-php72/lib/php/session/
php_value[max_execution_time] = 300
php_value[memory_limit] = 128M
php_value[post_max_size] = 16M
php_value[upload_max_filesize] = 2M
php_value[max_input_time] = 300
php_value[max_input_vars] = 10000
php_value[date.timezone] = Asia/Shanghai修改 MySQL8.0 的密码加密规则
alter user 'root'@'localhost' identified with mysql_native_password by '123456';
select user,host,plugin,authentication_string from user;
6.启动停止 Zabbix
6.1 启动 Zabbiz
wwj@hadoop102 ~$ sudo systemctl restart zabbix-server zabbix-agent httpd rh-php72-php-fpm
wwj@hadoop102 ~$ sudo systemctl enable zabbix-server zabbix-agent httpd rh-php72-php-fpm
[wwj@hadoop103 ~]$ sudo systemctl start zabbix-agent
[wwj@hadoop103 ~]$ sudo systemctl enable zabbix-agent
[wwj@hadoop104 ~]$ sudo systemctl start zabbix-agent
[wwj@hadoop104 ~]$ sudo systemctl enable zabbix-agent6.2 停止 Zabbiz
[wwj@hadoop102 ~]$ sudo systemctl stop zabbix-server zabbix-agent httpd rh-php72-php-fpm
[wwj@hadoop102 ~]$ sudo systemctl disable zabbix-server zabbix-agent httpd rh-php72-php-fpm
[wwj@hadoop103 ~]$ sudo systemctl stop zabbix-agent
[wwj@hadoop103 ~]$ sudo systemctl disable zabbix-agent
[wwj@hadoop104 ~]$ sudo systemctl stop zabbix-agent
[wwj@hadoop104 ~]$ sudo systemctl disable zabbix-agent6.3 访问 Web 网页
打开:http://hadoop102/zabbix/ 即可访问 zabbix-server,点击下一步,对数据库进行配置:
配置 Zabbix server details
完成之后就可以登录 Zabbix 页面了
6.4 登录 Zabbix
(1) 登录账号
用户名:Admin 密码:zabbix
(2) 设置界面语言
