一、简介
sentry是一个强大的分布式报错信息收集平台,图形化程度很高,可以帮助我们直观的发现当前部署的系统存在哪些问题。
二、安装方式介绍
官网链接:https://docs.sentry.io/
官方提供了两种安装方式:Docker 和 python
注:我这里选择使用Docker 的方式来进行安装配置sentry,原因是官网说了python这种方式已经被Docker安装方式代替了,原话如下:
This method of installation is deprecated in favor of Docker
而且使用python安装sentry必须是python 2.7 以及以上版本,考虑到升级python 会影响系统其它应用,故此选择Docker的安装方式。
三、安装配置过程
1、准备工作
在服务器安装好Centos 7.x 系统,我这里安装的是Centos 7.0 ,而且python在Centos 7.0上的版本就是2.7.5
2、安装docker
官方Docker 安装方式帮助文档:
https://docs.sentry.io/server/installation/docker/
安装docker #yum install docker -y 查看版本信息 #docker info #版本是1.12.6 Containers: 8 Running: 8 Paused: 0 Stopped: 0 Images: 9 Server Version: 1.12.6 Storage Driver: devicemapper Pool Name: docker-8:2-263372-pool Pool Blocksize: 65.54 kB Base Device Size: 10.74 GB Backing Filesystem: xfs Data file: /dev/loop0 Metadata file: /dev/loop1 Data Space Used: 1.391 GB Data Space Total: 107.4 GB Data Space Available: 45.57 GB Metadata Space Used: 3.994 MB Metadata Space Total: 2.147 GB Metadata Space Available: 2.143 GB Thin Pool Minimum Free Space: 10.74 GB Udev Sync Supported: true Deferred Removal Enabled: true Deferred Deletion Enabled: true Deferred Deleted Device Count: 0 Data loop file: /var/lib/docker/devicemapper/devicemapper/data WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device. Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata Library Version: 1.02.140-RHEL7 (2017-05-03) Logging Driver: journald Cgroup Driver: systemd Plugins: Volume: local Network: null host overlay bridge Swarm: inactive Runtimes: docker-runc runc Default Runtime: docker-runc Security Options: seccomp Kernel Version: 3.10.0-693.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 Number of Docker Hooks: 3 CPUs: 2 Total Memory: 1.781 GiB Name: localhost.localdomain ID: 2C6S:WONB:UT5C:3RU7:UQKC:7CIU:HOQ6:XFXI:JE2M:LIMX:5B4S:FGLE Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Insecure Registries: 127.0.0.0/8 Registries: docker.io (secure) 安装epel源 #yum install epel-release -y 安装pip #yum install python-pip -y 查看版本: #pip -V pip 8.1.2 from /usr/lib/python2.7/site-packages (python 2.7)
3、安装docker-compose
Docker Compose 是在使用Docker容器部署分布式应用时的工具,可以定义哪个容器运行哪个应用,使用Compose 你只需定义一个多容器应用的yml文件,然后使用一条命令即可部署运行所有容器。
参考链接:http://dockone.io/article/834
中文指南网:http://www.widuu.com/docker/compose/install.html
使用pip来安装docker compose #pip install docker-compose #pip list #可以看到docker-compose 已经安装好了 backports.ssl-match-hostname (3.5.0.1) cached-property (1.3.1) certifi (2017.11.5) chardet (3.0.4) configobj (4.7.2) decorator (3.4.0) docker (2.6.1) docker-compose (1.18.0) #已安装 ……………… #docker-compose --version #查看版本 docker-compose version 1.18.0, build 8dd22a9
4、配置安装属于自己的sentry
#mkdir /opt/case -pv #cd /opt/case/ #git clone https://github.com/getsentry/onpremise.git #cd onpremise 根据onpremise目录中的README.md 内容来操作: #cat README.md ……………… 1. `mkdir -p data/{sentry,postgres}` - Make our local database and sentry config directories. This directory is bind-mounted with postgres so you don't lose state! 2. `docker-compose run --rm web config generate-secret-key` - Generate a secret key. Add it to `docker-compose.yml` in `base` as `SENTRY_SECRET_KEY`. 3. `docker-compose run --rm web upgrade` - Build the database. Use the interactive prompts to create a user account. 4. `docker-compose up -d` - Lift all services (detached/background mode). 5. Access your instance at `localhost:9000`! ……………… #mkdir data/{sentry,postgres} -p 启动docker #systemctl start docker 加入开机自启动 #systemctl enable docker 正常启动之后,会有docker0网卡生成 #ifconfig docker0: flags=4099mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0 ether 02:42:2a:d3:14:d4 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 在docker-compose.yml中的base位置添加 SENTRY_SECRET_KEY,使用如下命令生成 #docker-compose run --rm web config generate-secret-key #需要很长时间,需要到外网拉取数据,如果中间断掉了,继续执行即可。 Creating network "onpremise_default" with the default driver Pulling postgres (postgres:9.5)... Trying to pull repository docker.io/library/postgres ... 9.5: Pulling from docker.io/library/postgres f49cf87b52c1: Downloading [=======> ] 8.109 MB/52.6 MB 67d44cf86769: Download complete f16a15c53831: Download complete f49cf87b52c1: Downloading [============> ] 12.98 MB/52.6 MB c9a1ed29c8a8: Download complete 8862935f78c7: Download complete f49cf87b52c1: Downloading [=====================> ] 22.17 MB/52.6 MB 8c59731cd856: Download complete 12acb5363ee2: Download complete f49cf87b52c1: Downloading [======================> ] 23.25 MB/52.6 MB 8397eb589621: Download complete d3041f255f7a: Download complete 注:如果第一次没有生成SENTRY_SECRET_KEY,多执行几次直到生成为止,我就执行了4次,如下: #docker-compose run --rm web config generate-secret-key Starting onpremise_memcached_1 ... Starting onpremise_redis_1 ... Starting onpremise_memcached_1 ... done Starting onpremise_smtp_1 ... done _&vh6fx-80!q20g+jhvj5m6(!(-jy^x7t46_-7vtz2(=)+=#%v 将上面命令执行结束后生成的最后一行字符串,添加到docker-compose.yml 中,如下: #cat docker-compose.yml ………………………… version: '2' services: base: restart: unless-stopped build: . environment: # Run `docker-compose run web config generate-secret-key` # to get the SENTRY_SECRET_KEY value. # SENTRY_SECRET_KEY: '' SENTRY_SECRET_KEY: '_&vh6fx-80!q20g+jhvj5m6(!(-jy^x7t46_-7vtz2(=)+=#%v' #添加此行 SENTRY_MEMCACHED_HOST: memcached SENTRY_REDIS_HOST: redis SENTRY_POSTGRES_HOST: postgres SENTRY_EMAIL_HOST: smtp volumes: - ./data/sentry:/var/lib/sentry/files …………………… 查看镜像 #docker images REPOSITORY TAG IMAGE ID CREATED SIZE onpremise_web latest 4178dbde130d 16 minutes ago 535.6 MB docker.io/tianon/exim4 latest f0e5295455c1 7 days ago 173.2 MB docker.io/sentry 8.22-onbuild 6f77c810f869 7 days ago 535.5 MB docker.io/postgres 9.5 cea87be7b432 7 days ago 263.9 MB docker.io/redis 3.2-alpine f60c2c2ed490 2 weeks ago 19.81 MB docker.io/memcached 1.4 bdb0ceca47d8 5 months ago 58.6 MB 继续执行 Use the interactive prompts to create a user account #docker-compose run --rm web upgrade #Build the database. ……………… Would you like to create a user account now? [Y/n]: y #输入y 表示创建用户账号 Email: [email protected] #输入一个邮箱地址 Password: #输入密码 Repeat for confirmation: #确认密码 Should this user be a superuser? [y/N]: y #询问是否是超级用户,输入y User created: [email protected] Added to organization: sentry - Loading initial data for sentry. Installed 0 object(s) from 0 fixture(s) Running migrations for nodestore: - Migrating forwards to 0001_initial. > nodestore:0001_initial - Loading initial data for nodestore. Installed 0 object(s) from 0 fixture(s) Running migrations for search: - Migrating forwards to 0002_auto__del_searchtoken__del_unique_searchtoken_document_field_token__de. > search:0001_initial > search:0002_auto__del_searchtoken__del_unique_searchtoken_document_field_token__de - Loading initial data for search. Installed 0 object(s) from 0 fixture(s) Running migrations for social_auth: - Migrating forwards to 0004_auto__del_unique_usersocialauth_provider_uid__add_unique_usersocialaut. > social_auth:0001_initial > social_auth:0002_auto__add_unique_nonce_timestamp_salt_server_url__add_unique_associati > social_auth:0003_auto__del_nonce__del_unique_nonce_server_url_timestamp_salt__del_assoc > social_auth:0004_auto__del_unique_usersocialauth_provider_uid__add_unique_usersocialaut …………………… 注:在执行下面一步的时候,需要关闭selinux并且配置docker-compose.yml,否则如果后面再关闭selinux,就会遇到启动报错,后面会介绍! #cat /etc/selinux/config SELINUX=disabled #改成disabled 在docker-compose.yml 中添加选项:privileged: true 如下样式: #cat docker-compose.yml ……………… version: '2' services: base: privileged: true #添加到这个位置 restart: unless-stopped build: . environment: # Run `docker-compose run web config generate-secret-key` # to get the SENTRY_SECRET_KEY value. # SENTRY_SECRET_KEY: '' SENTRY_SECRET_KEY: '_&vh6fx-80!q20g+jhvj5m6(!(-jy^x7t46_-7vtz2(=)+=#%v' SENTRY_MEMCACHED_HOST: memcached SENTRY_REDIS_HOST: redis SENTRY_POSTGRES_HOST: postgres SENTRY_EMAIL_HOST: smtp volumes: - ./data/sentry:/var/lib/sentry/files smtp: privileged: true #添加到这个位置 restart: unless-stopped image: tianon/exim4 memcached: privileged: true #添加到这位置,下面的服务也是添加到同样的位置,不在列出 restart: unless-stopped image: memcached:1.4 ……………… 然后重启系统 #reboot #docker-compose up -d #拉起所有的服务 Lift all services (detached/background mode). creating onpremise_smtp_1 ... creating onpremise_postgres_1 ... creating onpremise_memcached_1 ... creating onpremise_redis_1 ... creating onpremise_postgres_1 ... done creating onpremise_web_1 ... creating onpremise_cron_1 ... creating onpremise_worker_1 ... done 再次执行#docker images 就会多出来几个: #docker images REPOSITORY TAG IMAGE ID CREATED SIZE onpremise_base latest 4178dbde130d About an hour ago 535.6 MB onpremise_cron latest 4178dbde130d About an hour ago 535.6 MB onpremise_web latest 4178dbde130d About an hour ago 535.6 MB onpremise_worker latest 4178dbde130d About an hour ago 535.6 MB docker.io/tianon/exim4 latest f0e5295455c1 7 days ago 173.2 MB docker.io/sentry 8.22-onbuild 6f77c810f869 7 days ago 535.5 MB docker.io/postgres 9.5 cea87be7b432 8 days ago 263.9 MB docker.io/redis 3.2-alpine f60c2c2ed490 2 weeks ago 19.81 MB docker.io/memcached 1.4 bdb0ceca47d8 5 months ago 58.6 MB #docker-compose images Container Repository Tag Image Id Size ------------------------------------------------------------------------------------ onpremise_base_1 onpremise_base latest 4178dbde130d 511 MB onpremise_cron_1 onpremise_base latest 4178dbde130d 511 MB onpremise_memcached_1 docker.io/memcached 1.4 bdb0ceca47d8 55.9 MB onpremise_postgres_1 docker.io/postgres 9.5 cea87be7b432 252 MB onpremise_redis_1 docker.io/redis 3.2-alpine f60c2c2ed490 18.9 MB onpremise_smtp_1 docker.io/tianon/exim4 latest f0e5295455c1 165 MB onpremise_web_1 onpremise_base latest 4178dbde130d 511 MB onpremise_worker_1 onpremise_base latest 4178dbde130d 511 MB 使用docker-compose 管理服务 #cd /opt/case/onpremise #docker-compose start #将上面的服务全部启动 Starting postgres ... done Starting redis ... done Starting smtp ... done Starting base ... done Starting memcached ... done Starting worker ... done Starting cron ... done Starting web ... done #docker-compose ps #查看是否启动ok,可以看到都是Up状态 Name Command State Ports --------------------------------------------------------------------------------------- onpremise_base_1 /entrypoint.sh run web Up 9000/tcp onpremise_cron_1 /entrypoint.sh run cron Up 9000/tcp onpremise_memcached_1 docker-entrypoint.sh memcached Up 11211/tcp onpremise_postgres_1 docker-entrypoint.sh postgres Up 5432/tcp onpremise_redis_1 docker-entrypoint.sh redis ... Up 6379/tcp onpremise_smtp_1 entrypoint.sh tini -- exim ... Up 25/tcp onpremise_web_1 /entrypoint.sh run web Up 0.0.0.0:9000->9000/tcp onpremise_worker_1 /entrypoint.sh run worker Up 9000/tcp Access your instance at `localhost:9000`! 即配置访问实例的ip和端口 #vi docker-compose.yml #在web 配置项添加如下: web: privileged: true restart: unless-stopped extends: base links: - redis - postgres - memcached - smtp ports: - '172.16.60.167:9000:9000' #添加sentry所在服务器的ip地址 然后就可以在浏览器访问了http://172.16.60.167:900 输入上面设置的用户名和密码,就可以进入,如下图
第一次登陆需要进行一些简单的设置,点击“登陆”之后,出现如下界面,进行一些设置
设置好之后,直接点击右下角的“continue” 就会进入到主机面,如下:
至此sentry的安装配置告一段落,具体创建项目或者其他操作需要根据开发需要进行配置。
四、遇到的问题
1、执行docker-compose start 报错 问题描述: 按照/opt/case/onpremise/README.md 中的1-5 操作之后,准备将selinux关闭,于是就在配置文件/etc/selinux/config中将参数改了---> SELINUX=disabled 重启 系统之后,再次执行#docker-compose start 报错 如下: Starting postgres ... error Starting redis ... error Starting smtp ... error Starting base ... error Starting memcached ... error Starting worker ... error Starting cron ... error Starting web ... error ERROR: for memcached Cannot start service memcached: devmapper: Error mounting '/dev/mapper/docker-8:2-263372-b60cf0da925b9971fb7103e576b9e0f088451e8203ebb07ebadff4adaee2fb4e' on '/var/lib/docker/devicemapper/mnt/b60cf0da925b9971fb7103e576b9e0f088451e8203ebb07ebadff4adaee2fb4e': invalid argument ERROR: for redis Cannot start service redis: devmapper: Error mounting '/dev/mapper/docker-8:2-263372-eb1a216ef329502e65c8b9157e6cbff34bfcdc31f5fdc24e7450438498ea0e66' on '/var/lib/docker/devicemapper/mnt/eb1a216ef329502e65c8b9157e6cbff34bfcdc31f5fdc24e7450438498ea0e66': invalid argument ERROR: for smtp Cannot start service smtp: devmapper: Error mounting '/dev/mapper/docker-8:2-263372-501013d66a63bfb0e331ee1e3d7924ceddfc5117a0eb13673cdc03c6ba629da0' on '/var/lib/docker/devicemapper/mnt/501013d66a63bfb0e331ee1e3d7924ceddfc5117a0eb13673cdc03c6ba629da0': invalid argument ERROR: for postgres Cannot start service postgres: devmapper: Error mounting '/dev/mapper/docker-8:2-263372-ae89295b83428fe62bc53536f02be7a65a3648b3f4ed8335023cfb30156f79a7' on '/var/lib/docker/devicemapper/mnt/ae89295b83428fe62bc53536f02be7a65a3648b3f4ed8335023cfb30156f79a7': invalid argument ERROR: for base Cannot start service base: devmapper: Error mounting '/dev/mapper/docker-8:2-263372-e46af50ff165debb34ede80daf1c2853ec0f3ee39c0aeb6121c786a56942ca1c' on '/var/lib/docker/devicemapper/mnt/e46af50ff165debb34ede80daf1c2853ec0f3ee39c0aeb6121c786a56942ca1c': invalid argument ERROR: No containers to start 网上找了一些方法,但是不能解决问题,其中一个就是执行umount命令,如下 #umount /var/lib/docker/devicemapper/mnt/xxxx 后来在高人的指点下,说是selinux的问题。因为我是在配置SELINUX=disabled 之前执行的#docker-compose up -d 解决方法: 1、将selinux配置文件中的配置还原:SELINUX=enforcing 然后reboot系统,执行#docker-compose start 就可以正常启动了。 2、在/opt/case/onpremise/docker-compose.yml 中添加一个配置项:privileged: true 如下: smtp: privileged: true ##在每一个服务下面都要添加这个选项,一共8个 restart: unless-stopped image: tianon/exim4 重启系统 #reboot 3、再将selinux 配置文件中改为disabled SELINUX=disabled 4、执行docker-compose up #docker-compose up -d #会重新创建服务 Recreating onpremise_smtp_1 ... Recreating onpremise_postgres_1 ... Recreating onpremise_memcached_1 ... Recreating onpremise_redis_1 ... Recreating onpremise_postgres_1 ... done Recreating onpremise_web_1 ... Recreating onpremise_cron_1 ... Recreating onpremise_worker_1 ... done 5、启动 #docker-compose start Starting postgres ... done Starting redis ... done Starting smtp ... done Starting base ... done Starting memcached ... done Starting worker ... done Starting cron ... done Starting web ... done 注:后面再reboot之后,就不会出现执行docker-compose start 报错的问题了。
五、使用代理
说明:如果是在生产环境部署sentry,就不希望自己之外的其他人访问,这个时候可以通过nginx设置认证登录或者代理的方式访问
这里介绍使用代理的方式: #cat /opt/app/nginx/conf/conf.d/vhost.conf upstream www { server 172.168.100.26:9000; #服务器内网ip地址 } #----------------------------------------------------------------------------- server { listen 80; server_name sentry.test.com; access_log /opt/logs/nginx/sentry.test.com.access.log main; error_log /opt/logs/nginx/sentry.test.com.error.log warn; location / { proxy_pass http://www; } } server { listen 443; server_name sentry.test.com; access_log /opt/logs/nginx_ssl/sentry.test.com.access.log ssl; error_log /opt/logs/nginx_ssl/sentry.test.com.error.log warn; ssl on; ssl_certificate /opt/app/nginx/conf/ssl/test.com.pem; ssl_certificate_key /opt/app/nginx/conf/ssl/test.com.key; location / { proxy_pass http://www; } } 然后启动nginx服务 #/opt/app/nginx/sbin/nginx #netstat -tunlp | grep nginx Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3290/nginx: master tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3290/nginx: master 最后将外网ip地址解析为sentry.test.com 就可以通过域名访问sentry了。
不足之处,请多多指教!