手动部署Archery-1.9.1
官方文档地址:https://github.com/hhyo/archery/wiki/manual
说明:以下操作均是在/root目录的
安装Python和virtualenv
从1.9.0版本开始,将不再支持python3.7及以下版本,手动安装也将使用3.9版本作为样例,移除yum安装方式
# 安装依赖
yum install libffi-devel wget gcc make zlib-devel openssl openssl-devel ncurses-devel openldap-devel gettext bzip2-devel xz-devel
wget https://www.python.org/ftp/python/3.9.10/Python-3.9.10.tar.xz
tar -xvJf Python-3.9.10.tar.xz
# 编译
cd Python-3.9.10
./configure prefix=/usr/local/python3
make && make install
ln -fs /usr/local/python3/bin/python3 /usr/bin/python3
ln -fs /usr/local/python3/bin/pip3 /usr/bin/pip3
# virtualenv
pip3 install virtualenv -i https://mirrors.ustc.edu.cn/pypi/web/simple/
ln -fs /usr/local/python3/bin/virtualenv /usr/bin/virtualenv
安装Archery
准备虚拟环境
# 编译安装python的使用
virtualenv venv4archery --python=python3
或者采用这种方式
# yum安装的使用
virtualenv venv4archery --python=python3.9
# 切换python运行环境到虚拟环境
source venv4archery/bin/activate
安装 MS SQL Server 驱动(需要使用MsSQL的按需安装)
# CentOS 6
curl https://packages.microsoft.com/config/rhel/6/prod.repo > /etc/yum.repos.d/mssql-release.repo
# CentOS 7
curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
# 卸载冲突驱动
sudo yum remove unixODBC-utf16 unixODBC-utf16-devel
# 安装驱动
ACCEPT_EULA=Y yum install msodbcsql17
ACCEPT_EULA=Y yum install mssql-tools
# 更新环境变量
echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bash_profile
echo 'export PATH="$PATH:/opt/mssql-tools/bin"' >> ~/.bashrc
source ~/.bashrc
# 安装ODBC依赖
yum install unixODBC-devel
安装ORACLE驱动(需要使用ORACLE的按需安装)
详见官方文档:https://oracle.github.io/odpi/doc/installation.html
yum install http://yum.oracle.com/repo/OracleLinux/OL7/oracle/instantclient/x86_64/getPackage/oracle-instantclient19.3-basiclite-19.3.0.0.0-1.x86_64.rpm
安装MongoDB驱动(需要使用MongoDB的按需安装)
wget -c https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-rhel70-3.6.20.tgz
tar -xvf mongodb-linux-x86_64-rhel70-3.6.20.tgz
\cp -f mongodb-linux-x86_64-rhel70-3.6.20/bin/mongo /usr/bin/
下载Archery最新release包,安装依赖库
Release版本见Releases 如果网络受限可访问码云地址: gitee
wget https://github.com/hhyo/Archery/archive/refs/tags/v1.9.1.tar.gz
tar -xzvf Archery-1.9.1.tar.gz
# 安装系统依赖
yum -y install gcc gcc-c++ python-devel mysql-devel openldap-devel unixODBC-devel gettext
# 安装依赖库(需要在虚拟环境中安装)
cd Archery-1.9.1
pip3 install -r requirements.txt -i https://mirrors.ustc.edu.cn/pypi/web/simple/
# 如果使用yum安装的python3,安装mysqlclient可能提示提示缺少Python.h,可安装
yum -y install python3-devel
使用命令:pip3 install -r requirements.txt -i https://mirrors.ustc.edu.cn/pypi/web/simple/ 安装依赖库的时候会报错:
Collecting alibabacloud-endpoint-util<1.0.0,>=0.0.3 (from alibabacloud_dysmsapi20170525==2.0.9->-r requirements.txt (line 38))
ERROR: HTTP error 404 while getting https://mirrors.bfsu.edu.cn/pypi/web/packages/24/54/56736a0f224b3f2b65bb9c9ff9e20fa390351a7587c99f19ca1f8d596ae1/alibabacloud_endpoint_util-0.0.3.tar.gz#sha256=8c0efb76fdcc3af4ca716ef24bbce770201a3f83f98c0afcf81655f684b9c7d2 (from https://mirrors.bfsu.edu.cn/pypi/web/simple/alibabacloud-endpoint-util/)
ERROR: Could not install requirement alibabacloud-endpoint-util<1.0.0,>=0.0.3 from https://mirrors.bfsu.edu.cn/pypi/web/packages/24/54/56736a0f224b3f2b65bb9c9ff9e20fa390351a7587c99f19ca1f8d596ae1/alibabacloud_endpoint_util-0.0.3.tar.gz#sha256=8c0efb76fdcc3af4ca716ef24bbce770201a3f83f98c0afcf81655f684b9c7d2 (from alibabacloud_dysmsapi20170525==2.0.9->-r requirements.txt (line 38)) because of HTTP error 404 Client Error: Not Found for url: https://mirrors.bfsu.edu.cn/pypi/web/packages/24/54/56736a0f224b3f2b65bb9c9ff9e20fa390351a7587c99f19ca1f8d596ae1/alibabacloud_endpoint_util-0.0.3.tar.gz for URL https://mirrors.bfsu.edu.cn/pypi/web/packages/24/54/56736a0f224b3f2b65bb9c9ff9e20fa390351a7587c99f19ca1f8d596ae1/alibabacloud_endpoint_util-0.0.3.tar.gz#sha256=8c0efb76fdcc3af4ca716ef24bbce770201a3f83f98c0afcf81655f684b9c7d2 (from https://mirrors.bfsu.edu.cn/pypi/web/simple/alibabacloud-endpoint-util/)
解决办法:
删除文件requirements.txt中的这行:alibabacloud_dysmsapi20170525==2.0.9
再次运行命令:pip3 install -r requirements.txt -i https://mirrors.ustc.edu.cn/pypi/web/simple/
等上述安装完毕后再执行这个命令:pip3 install alibabacloud_dysmsapi20170525==2.0.23
安装Inception(MySQL审核、查询校验和数据脱敏)
项目地址:https://github.com/hanchuanchuan/goInception
wget https://objects.githubusercontent.com/github-production-release-asset-2e65be/155136567/2eec20f5-b751-4763-9eed-0db271aae95c?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230610%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230610T062531Z&X-Amz-Expires=300&X-Amz-Signature=fd9b30ba8c3d90991b90552160a9c9c0c0ce94d6e50a4f35b6e45f377f20f2fb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=155136567&response-content-disposition=attachment%3B%20filename%3DgoInception-linux-v1.3.0-72-g5fdba23.tar.gz&response-content-type=application%2Foctet-stream
准备MySQL、Redis实例
- MySQL推荐版本>=5.7
- Redis提供任务队列和缓存
yum方式安装mysql8:
for i in $(rpm -qa|grep mysql);do rpm -e $i --nodeps;done
rm -rf /var/lib/mysql && rm -rf /etc/my.cnf
echo "安装Mysql8.0 的yum资源库"
yum -y localinstall https://repo.mysql.com//mysql80-community-release-el7-5.noarch.rpm
echo "安装Mysql8.0.29"
yum -y install mysql-community-server
echo "启动之前修改配置文件,增加上不区分大小写的参数"
rm -rf /etc/my.cnf
cat >> /etc/my.cnf << EOF
[client]
default-character-set = utf8mb4
[mysql]
default-character-set = utf8mb4
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
character-set-client-handshake=FALSE
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
init_connect='SET NAMES utf8mb4'
default_authentication_plugin=mysql_native_password
default-storage-engine=INNODB
lower_case_table_names=1
skip-name-resolve
max_connections=500
EOF
echo "启动MySQL服务器和MySQL的自动启动"
systemctl start mysqld.service
systemctl enable mysqld.service
echo "查看默认密码"
grep 'temporary password' /var/log/mysqld.log
# 登录后修改root用户密码
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by '100NrC23z_uT456';
flush privileges;
# 修改设置远程连接地址为%
use mysql;
SELECT `Host`,`User` FROM user;
UPDATE user SET `Host` = '%' WHERE `User` = 'root' LIMIT 1;
flush privileges;
# 事先创建好需要使用的数据库
CREATE DATABASE IF NOT EXISTS archery default charset utf8mb4 COLLATE utf8mb4_general_ci;
yum方式安装最新版redis
yum install -y http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum --enablerepo=remi install redis -y
systemctl start redis
修改配置
# vim /root/Archery-1.9.1/archery/settings.py
# 主要修改连接数据库的信息
env = environ.Env(
DEBUG=(bool, False),
ALLOWED_HOSTS=(List[str], ["*"]),
SECRET_KEY=(str, "hfusaf2m4ot#7)fkw#di2bu6(cv0@opwmafx5n#6=3d%x^hpl6"),
DATABASE_URL=(str, "mysql://root:100NrC23z_uT456@127.0.0.1:3306/archery"), # 修改这行,其他的都保持不变
CACHE_URL=(str, "redis://127.0.0.1:6379/0"),
ENABLE_LDAP=(bool, False),
AUTH_LDAP_ALWAYS_UPDATE_USER=(bool, True),
AUTH_LDAP_USER_ATTR_MAP=(
dict,
{"username": "cn", "display": "displayname", "email": "mail"},
),
Q_CLUISTER_SYNC=(bool, False), # qcluster 同步模式, debug 时可以调整为 True
# CSRF_TRUSTED_ORIGINS=subdomain.example.com,subdomain.example2.com subdomain.example.com
CSRF_TRUSTED_ORIGINS=(list, []),
)
启动准备
# 切换python运行环境到虚拟环境
source /root/venv4archery/bin/activate
cd Archery-1.9.1
# 数据库初始化
python3 manage.py makemigrations sql
python3 manage.py migrate
# 数据初始化
python3 manage.py dbshell<sql/fixtures/auth_group.sql
python3 manage.py dbshell<src/init_sql/mysql_slow_query_review.sql
# 创建管理用户
python3 manage.py createsuperuser
admin
admin123456
启动
本地测试启动(仅作为本地测试)
source /root/venv4archery/bin/activate
#启动Django-Q,需保持后台运行
python3 manage.py qcluster
#启动服务
python3 manage.py runserver 0.0.0.0:9123 --insecure
Gunicorn+Nginx启动
1.安装好nginx,并启动
2.修改nginx配置如下
server{
listen 9123; # 监听的端口
server_name localhost;
client_max_body_size 20M; # 处理Request Entity Too Large
proxy_read_timeout 600s; # 超时时间与Gunicorn超时时间设置一致,主要用于在线查询
location / {
proxy_pass http://127.0.0.1:8888;
proxy_set_header Host $host:9123; # 解决重定向404的问题,和listen端口保持一致,如果是docker则和宿主机映射端口保持一致
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static {
alias /root/Archery-1.9.1/static;; # 此处指向settings.py配置项STATIC_ROOT目录的绝对路径,用于nginx收集静态资源
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# 启动
source /root/venv4archery/bin/activate
bash startup.sh
访问
启动后配置
在启动后 Archery 有一些配置(如Inception , 资源组, 权限组等)需要按需配置, 请详细阅读 配置项说明 , 按照自己的需要进行配置。
效果
