hongshanqukuailian
/
baas


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091
							一、通过Multipass创建虚拟机
1.创建虚拟机
    multipass launch -n ubuntu -d 20G -m 4G -c 4 18.04
2.挂载文件
    multipass mount ~/Projects/baas ubuntu:/home/ubuntu/baas
3.调整磁盘空间（可选）
    sudo /Applications/Docker.app/Contents/MacOS/qcow-tool resize --size=$(( 12 * 1024 * 1024 * 1024 )) "/var/root/Library/Application Support/multipassd/vault/instances/suited-emu/ubuntu-20.04-server-cloudimg-amd64.img"

二、安装Master
1.安装docker docker-compose make nfs-common
    sudo apt update && sudo apt upgrade -y && sudo apt install -y make nfs-common
    reboot
2.配置master
    make setup-master && newgrp docker
3.拷贝master镜像，make文件
    docker load -i master.tar
4.配置SSO
5.启动master
    make start

三、安装Worker
1.安装docker docker-compose make nfs-common
    sudo apt update && sudo apt upgrade -y && sudo apt install -y make nfs-common
    reboot
2.配置worker
    make setup-worker && newgrp docker
3.拷贝worker镜像，make文件
    docker load -i worker.tar
4.配置docker daemon
    （其它方式）*docker run -d -v /var/run/docker.sock:/var/run/docker.sock -p 0.0.0.0:2375:2375 bobrik/socat TCP-LISTEN:2375,fork UNIX-CONNECT:/var/run/docker.sock
    Edit systemd service config file `/lib/systemd/system/docker.service`, update the `ExecStart` line under section `[Service]`, as the following:
    [Service]
    ExecStart=/usr/bin/dockerd -H fd:// -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 --default-ulimit=nofile=8192:16384 --default-ulimit=nproc=8192:16384

    Regenerate the docker service script and restart the docker engine:
    sudo systemctl daemon-reload && sudo systemctl restart docker.service

    At last, run the follow test at Master node and get OK response, to make sure it can access the Worker node successfully.
    [Master] $ docker -H Worker_Node_IP:2375 info
5.check iptables

四、生产环境配置
## `/etc/sysctl.conf`

```bash
# Don't ask why, this is a solid answer.
vm.swappiness=10
fs.file-max = 2000000
kernel.threads-max = 2091845
kernel.pty.max = 210000
kernel.keys.root_maxkeys = 20000
kernel.keys.maxkeys = 20000
net.ipv4.ip_local_port_range = 30000 65535
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_syn_backlog = 8192
```

Then, need to run `sysctl -p` for enabling.

## `/etc/security/limits.conf`

```bash
* hard nofile 1048576
* soft nofile 1048576
* soft nproc 10485760
* hard nproc 10485760
* soft stack 32768
* hard stack 32768
```

## Other Configurations

* Use the code from `release` branch.
* Configuration: Set all parameters to production, including image, compose, and application.
* Security: Use firewall to filter traffic, enable TLS and authentication.
* Backup: Enable automatic data backup.
* Monitoring: Enable monitoring services.out and login, then check with `ulimit -n`.

五、make文件
docker-compose.yml
env.tmpl
Makefile
scripts文件夹
.makerc文件夹
src/agent/docker/_compose_files文件夹

六、docker镜像
master: docker save hyperledger/cello-user-dashboard:latest hyperledger/cello-operator-dashboard:latest itsthenetwork/nfs-server-alpine:9 mongo:3.4.10 -o docker-images/master.tar
worker: docker save couchdb:2.3.1 hyperledger/fabric-orderer:1.4 hyperledger/fabric-peer:1.4 hyperledger/fabric-ccenv:1.4 hyperledger/fabric-ca:1.4 hyperledger/fabric-baseimage:amd64-0.4.22 -o docker-images/worker.tar