基于VMware Workstation构建Vagrant base box
使用VMware部署自己的开发虚拟机
省略
配置虚拟机环境
安装VMware tools
vmware tools有助于虚拟机与宿主机之间共享进行文件共享,安装方法参见官网介绍
略
配置阿里云镜像源头
sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
sudo curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sudo mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
sudo mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup
sudo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
sudo yum clean all && sudo yum makecache
# 非阿里云ECS用户会出现 Couldn't resolve host 'mirrors.cloud.aliyuncs.com' 信息,不影响使用。用户也可自行修改相关配置: eg:
sudo sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
安装必要工具
# 更新
yum --exclude=kernel* update -y
sudo yum groupinstall "Development Tools"
# 安装一些常用的工具,想安装啥就安装啥
sudo yum install git vim git curl wget bash-completion python36 pyton36-pip python3-devel -y
# 安装语言包类
sudo yum install -y golang
# 安装Oracle jdk
sudo yum localinstall -y jdk-8u321-linux-x64.rpm
# 编译安装Python的工具包类
sudo yum install -y gcc openssl-devel bzip2-devel libffi-devel
编译安装各个版本的Python
# 解压
tar -xf Python-3.8.5.tar.xz
# configure
./configure prefix=/usr/local/python3.8 --enable-optimizations
# make 如果觉得很慢且资源充足可使用-j添加编译进程数量,注意Makefile不规范反而可能降低编译数度,当然Python的应该大概可能还是比较规范的吧。
# 在Centos 7 默认情况下安装的gcc版本是gcc version 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC),在Python 3.8编译安装的时候添加上了`--enable-optimizations`参数会因为gcc版本过低导致编译失败,需升级gcc至8.1.0,见升级gcc部分
sudo make -j4 && sudo make install
# 添加环境变量
export PATH=$PATH:/usr/local/python38/bin/
升级GCC
- 安装centos-release-scl
sudo yum install centos-release-scl
- 安装devtoolset,注意,如果想安装7.版本的,就改成devtoolset-7-gcc,以此类推
sudo yum install devtoolset-8-gcc*
- 激活对应的devtoolset,所以你可以一次安装多个版本的devtoolset,需要的时候用下面这条命令切换到对应的版本
scl enable devtoolset-8 bash
大功告成,查看一下gcc版本
gcc -v
# gcc version 8.3.1 20190311 (Red Hat 8.3.1-3) (GCC)
安装docker
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# Step 4: 更新并安装Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
# Step 4: 开启Docker服务
sudo service docker start
# 注意:
# 官方软件源默认启用了最新的软件,您可以通过编辑软件源的方式获取各个版本的软件包。例如官方并没有将测试版本的软件源置为可用,您可以通过以下方式开启。同理可以开启各种测试版本等。
# vim /etc/yum.repos.d/docker-ce.repo
# 将[docker-ce-test]下方的enabled=0修改为enabled=1
#
# 安装指定版本的Docker-CE:
# Step 1: 查找Docker-CE的版本:
# yum list docker-ce.x86_64 --showduplicates | sort -r
# Loading mirror speeds from cached hostfile
# Loaded plugins: branch, fastestmirror, langpacks
# docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable
# docker-ce.x86_64 17.03.1.ce-1.el7.centos @docker-ce-stable
# docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable
# Available Packages
# Step2: 安装指定版本的Docker-CE: (VERSION例如上面的17.03.0.ce.1-1.el7.centos)
# sudo yum -y install docker-ce-[VERSION]
# docker调优
sudo mkdir /etc/docker
sudo touch /etc/docker/daemon.json
cat > /etc/docker/daemon.json <<EOF
{
"oom-score-adjust": -1000,
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file": "3"
},
"max-concurrent-downloads": 10,
"max-concurrent-uploads": 10,
"bip": "192.168.1.1/24",
"registry-mirrors": ["https://7bezldxe.mirror.aliyuncs.com"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
sudo systemctl daemon-reload && sudo systemctl restart docker
节点调优
随意,不关键
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
net.ipv4.conf.all.forwarding=1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192
net.ipv4.neigh.default.gc_interval=60
net.ipv4.neigh.default.gc_stale_time=120
# 参考 https://github.com/prometheus/node_exporter#disabled-by-default
kernel.perf_event_paranoid=-1
#sysctls for k8s node config
net.ipv4.tcp_slow_start_after_idle=0
net.core.rmem_max=16777216
fs.inotify.max_user_watches=524288
kernel.softlockup_all_cpu_backtrace=1
kernel.softlockup_panic=0
kernel.watchdog_thresh=30
fs.file-max=2097152
fs.inotify.max_user_instances=8192
fs.inotify.max_queued_events=16384
vm.max_map_count=262144
fs.may_detach_mounts=1
net.core.netdev_max_backlog=16384
net.ipv4.tcp_wmem=4096 12582912 16777216
net.core.wmem_max=16777216
net.core.somaxconn=32768
net.ipv4.ip_forward=1
net.ipv4.tcp_max_syn_backlog=8096
net.ipv4.tcp_rmem=4096 12582912 16777216
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=1
kernel.yama.ptrace_scope=0
vm.swappiness=0
# 可以控制core文件的文件名中是否添加pid作为扩展。
kernel.core_uses_pid=1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.all.accept_source_route=0
# Promote secondary addresses when the primary address is removed
net.ipv4.conf.default.promote_secondaries=1
net.ipv4.conf.all.promote_secondaries=1
# Enable hard and soft link protection
fs.protected_hardlinks=1
fs.protected_symlinks=1
# 源路由验证
# see details in https://help.aliyun.com/knowledge_detail/39428.html
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_announce=2
# see details in https://help.aliyun.com/knowledge_detail/41334.html
net.ipv4.tcp_max_tw_buckets=5000
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_synack_retries=2
kernel.sysrq=1
nofile
cat >> /etc/security/limits.conf <<EOF
* soft nofile 65535
* hard nofile 65536
EOF
构建vagrant Box
构建前准备
-
优化项目
# 设置SELinux为permission sudo sed -i -e 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config # 打开 /etc/sysconfig/network-scripts/ifcfg-eth0 并使其看起来与以下完全一样: DEVICE=eth0 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=dhcp -
创建vagrant登陆的用户
# 添加vagrant用户: useradd vagrant # 创建加vagrant用户的.ssh文件夹: mkdir -m 0700 -p /home/vagrant/.ssh # 注:如果您想使用您自己的SSH公钥/私钥,那么在您的工作站上创建一个SSH公钥/私钥(您可能已经有了),并将公钥复制到虚拟机/home/vagrant/.ssh/authorized_keys。 # 添加ssh密钥,如果需要使用Vagrant提供的SSH公钥/私钥,请执行以下命令: curl https://raw.githubusercontent.com/mitchellh/vagrant/master/keys/vagrant.pub >> /home/vagrant/.ssh/authorized_keys # 更改authorized_keys文件的权限: chmod 600 /home/vagrant/.ssh/authorized_keys # 确vagrant用户和组拥有.ssh文件夹及其内容的权限: chown -R vagrant:vagrant /home/vagrant/.ssh # 允许用户 vagrant 在不输入密码的情况下使用 sudo: echo "vagrant ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers# 使用自己的公钥/私钥 ssh-keygen ssh-copy-id [email protected] # 然后把公钥拷贝出去使用 -
清理
# 清理yum yum clean all # 清理tmp目录 rm -rf /tmp/* # 清除上次登录的用户日志 sudo rm -f /var/log/wtmp /var/log/btmp # 清除历史记录 history -c # 关闭虚拟机 shutdown -h now
构建并添加vagrant box
# step1 在VMware workstations的安装目录中找到vmware-vdiskmanager,我的在"D:\Program Files (x86)\VMware\VMware Workstation\vmware-vdiskmanager.exe",可以直接加入环境变量
# step2 在虚拟机的存储目录中打开终端,使用vmware-vdiskmanager对VMDK进行碎片整理和压缩
vmware-vdiskmanager.exe -d E:\VMwareHost\vagrant\vagrant.vmdk
Defragment: 100% done.
Defragmentation completed successfully.
vmware-vdiskmanager.exe -k E:\VMwareHost\vagrant\vagrant.vmdk
Shrink: 100% done.
Shrink completed successfully.
# step3 在虚拟机存储目录中添加一个metadata.json文件,内容如下
{
"provider": "vmware_desktop"
}
# step4 删除 VMware 日志文件
rm -f vmware*.log
# step5 最后,将所有内容 tar 到一个 box 文件中
tar cvzf centos-7-vmware-development.box --exclude=centos-7-vmware-development.box .\*
# step6 删除metadata.json文件
rm metadata.json
# step7 添加vagrant box
vagrant box add centos-7-vmware-development centos-7-vmware-development.box
# step8 校验
vagrant box list
# centos-7-vmware-development (vmware_desktop, 0)
创建 Vagrant 项目并配置 Vagrantfile
# 安装Vagrant VMware 提供程序插件
vagrant plugin install vagrant-vmware-desktop
# 我这里在E:\VMwareHost\testbox进行测试
vagrant init centos-7-vmware-development
# 这将生成一个vagrantfile文件,删除了注释行
Vagrant.configure("2") do |config|
config.vm.box = "centos-7-vmware-development"
end
修改一个vagrantfile启动测试一下,首先创建一个文件夹进行共享
vagrantfile文件参数参考
- ssh配置
- vm配置
# 创建共享的目录
mkdir data
# 以下是vagrantfile内容
# 注: private_key需要注意权限文件,在Windows中复制粘贴可能会改变文件的权限导致vagrant需要输入密码才能登陆,无法使用private_key
Vagrant.configure("2") do |config|
config.vm.define "development" do | development |
development.ssh.username = "vagrant"
development.ssh.private_key_path = "./id_rsa_vagrant"
development.vm.box = "centos-7-vmware-development"
development.vm.hostname = "development"
development.vm.network "private_network", ip: "192.168.190.100"
development.vm.synced_folder "./data", "/vagrant_data"
development.vm.provider "vmware_desktop" do |vb|
vb.gui = true
vb.linked_clone = false
vb.memory = "1024"
vb.cpus = "1"
end
development.vm.provision "shell", inline: <<-SHELL
yum update -y
yum install -y apache2
SHELL
end
end
# 启动虚拟机,注意要安装vagrant-vmware-desktop插件
vagrant up --provider vmware_desktop
# 查看状态
vagrant status
Current machine states:
development running (vmware_desktop)
# 登陆虚拟机
vagrant ssh
# 测试
在/vagrant_data目录中创建文件后会同步到/data目录