1月 112019
 

安装Remi及EPEL仓库

[root@localhost ~]# yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
[root@localhost ~]# yum makecache

安装Jitamin基本运行环境软件包

[root@localhost ~]# yum install unzip net-tools php56-php php56-php-pdo php56-php-mysql php56-php-mbstring php56-php-gd httpd mariadb mariadb-server git

开启防火墙端口

[root@localhost ~]# firewall-cmd --permanent --add-service=http
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]#

配置数据库

[root@localhost ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@localhost ~]# systemctl start mariadb
[root@localhost ~]#

[root@localhost ~]# mysql -uroot -p
MariaDB [(none)]> create database jitamin;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on jitamin.* to jitamin@localhost;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> set password for jitamin@localhost=password('jitamin');
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit
Bye

修改php.ini时区配置

[root@localhost ~]# vi /opt/remi/php56/root/etc/php.ini
date.timezone = Asia/Shanghai

[root@localhost ~]# php56 --version
PHP 5.6.40 (cli) (built: Jan 9 2019 12:21:54)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
[root@localhost ~]#

[root@localhost ~]# cd /usr/bin/
[root@localhost bin]# ln -s php56 php

安装Composer

[root@localhost ~]# php56 -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
[root@localhost ~]# php56 -r "if (hash_file('sha384', 'composer-setup.php') === '93b54496392c062774670ac18b134c3b3a95e5a5e5c8f1a9f115f203b75bf9a129d5daa8ba6a13e2cc8a1da0806388a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
Installer verified
[root@localhost ~]# php56 composer-setup.php
All settings correct for using Composer
Downloading...

Composer (version 1.8.0) successfully installed to: /root/composer.phar
Use it: php composer.phar

[root@localhost ~]# php56 -r "unlink('composer-setup.php');"
[root@localhost ~]# mv composer.phar /usr/bin/composer
[root@localhost ~]#

使用普通用户权限下载并配置Jitamin

[root@localhost ~]# useradd harveymei
[root@localhost ~]# su - harveymei
[harveymei@localhost ~]$ git clone https://github.com/jitamin/jitamin.git
Cloning into 'jitamin'...
remote: Enumerating objects: 13, done.
remote: Counting objects: 100% (13/13), done.
remote: Compressing objects: 100% (13/13), done.
remote: Total 14323 (delta 1), reused 0 (delta 0), pack-reused 14310
Receiving objects: 100% (14323/14323), 4.92 MiB | 663.00 KiB/s, done.
Resolving deltas: 100% (10492/10492), done.
[harveymei@localhost ~]$

[harveymei@localhost ~]$ cd jitamin/
[harveymei@localhost jitamin]$ cp .env.example .env
[harveymei@localhost jitamin]$
[harveymei@localhost jitamin]$ vi .env
APP_NAME=Jitamin
APP_ENV=production
APP_DEBUG=true
APP_KEY=SomeRandomString
APP_TIMEZONE=Asia/Shanghai
APP_LOCALE=zh-CN
APP_THEME=black
APP_LOG=daily
APP_LOG_LEVEL=error
APP_URL=http://localhost

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=jitamin
DB_USERNAME=jitamin
DB_PASSWORD=jitamin

使用composer安装项目PHP依赖

[harveymei@localhost jitamin]$ composer install -o --no-dev
> php -r "file_exists('.env') || copy('.env.example', '.env');"
Loading composer repositories with package information
Installing dependencies from lock file
Package operations: 27 installs, 0 updates, 0 removals
- Installing christian-riesen/base32 (1.3.1): Downloading (100%)
- Installing christian-riesen/otp (1.4.3): Downloading (100%)
- Installing eluceo/ical (0.10.1): Downloading (100%)
- Installing erusev/parsedown (1.6.0): Downloading (100%)
- Installing gregwar/captcha (v1.1.1): Downloading (100%)
- Installing jitamin/json-rpc (v1.2.2): Downloading (100%)
- Installing jitamin/picodb (v1.0.15): Downloading (100%)
- Installing jitamin/picofeed (v0.1.25): Downloading (100%)
- Installing jitamin/simple-logger (v1.0.2): Downloading (100%)
- Installing jitamin/simple-queue (v1.0.1): Downloading (100%)
- Installing jitamin/simple-validator (v1.0.2): Downloading (100%)
- Installing symfony/polyfill-mbstring (v1.9.0): Downloading (100%)
- Installing symfony/translation (v3.2.14): Downloading (100%)
- Installing nesbot/carbon (1.33.0): Downloading (100%)
- Installing paragonie/random_compat (v2.0.11): Downloading (100%)
- Installing pimple/pimple (v3.0.2): Downloading (100%)
- Installing symfony/yaml (v2.8.7): Downloading (100%)
- Installing psr/log (1.0.2): Downloading (100%)
- Installing symfony/debug (v3.4.14): Downloading (100%)
- Installing symfony/console (v3.4.14): Downloading (100%)
- Installing symfony/polyfill-ctype (v1.9.0): Downloading (100%)
- Installing symfony/filesystem (v3.4.14): Downloading (100%)
- Installing symfony/config (v3.4.14): Downloading (100%)
- Installing robmorgan/phinx (v0.6.6): Downloading (100%)
- Installing swiftmailer/swiftmailer (v5.4.5): Downloading (100%)
- Installing symfony/event-dispatcher (v3.4.14): Downloading (100%)
- Installing vlucas/phpdotenv (v2.5.1): Downloading (100%)
Generating optimized autoload files
[harveymei@localhost jitamin]$

创建并初始化数据库

[harveymei@localhost jitamin]$ vendor/bin/phinx migrate
Phinx by Rob Morgan - https://phinx.org. 0.6.6

using config file ./phinx.php
using config parser php
using migration path database/migrations
using seed path database/seeds
warning no environment specified, defaulting to: mysql
using adapter mysql
using database jitamin

== 20161222061456 CreateUsersTable: migrating
== 20161222061456 CreateUsersTable: migrated 0.0055s

== 20161222065743 CreateRememberMeTable: migrating
== 20161222065743 CreateRememberMeTable: migrated 0.0027s

== 20161222071058 CreateGroupsTable: migrating
== 20161222071058 CreateGroupsTable: migrated 0.0031s

== 20161222071513 CreateSettingsTable: migrating
== 20161222071513 CreateSettingsTable: migrated 0.0017s

== 20161222072332 CreateProjectsTable: migrating
== 20161222072332 CreateProjectsTable: migrated 0.0021s

== 20161222073541 CreateActionsTable: migrating
== 20161222073541 CreateActionsTable: migrated 0.0018s

== 20161222073852 CreateColumnsTable: migrating
== 20161222073852 CreateColumnsTable: migrated 0.0026s

== 20161222074452 CreateTasksTable: migrating
== 20161222074452 CreateTasksTable: migrated 0.0032s

== 20161222081719 CreateCommentsTable: migrating
== 20161222081719 CreateCommentsTable: migrated 0.0025s

== 20161222082417 CreateSwimlanesTable: migrating
== 20161222082417 CreateSwimlanesTable: migrated 0.0023s

== 20161222083010 CreateTagsTable: migrating
== 20161222083010 CreateTagsTable: migrated 0.0018s

== 20161222083245 CreateSubtasksTable: migrating
== 20161222083245 CreateSubtasksTable: migrated 0.0020s

== 20161222083935 CreateLinksTable: migrating
== 20161222083935 CreateLinksTable: migrated 0.0046s

== 20161222084249 CreateTransitionsTable: migrating
== 20161222084249 CreateTransitionsTable: migrated 0.0034s

== 20161222084940 CreateCustomFiltersTable: migrating
== 20161222084940 CreateCustomFiltersTable: migrated 0.0023s

== 20161222085354 CreateLastLoginsTable: migrating
== 20161222085354 CreateLastLoginsTable: migrated 0.0020s

== 20161222085809 CreatePasswordResetTable: migrating
== 20161222085809 CreatePasswordResetTable: migrated 0.0019s

== 20161222091052 CreatePluginSchemaVersionsTable: migrating
== 20161222091052 CreatePluginSchemaVersionsTable: migrated 0.0018s

== 20161222091605 CreateProjectActivitiesTable: migrating
== 20161222091605 CreateProjectActivitiesTable: migrated 0.0028s

== 20161222092217 CreateProjectDailyColumnStatsTable: migrating
== 20161222092217 CreateProjectDailyColumnStatsTable: migrated 0.0025s

== 20161222092312 CreateProjectDailyStatsTable: migrating
== 20161222092312 CreateProjectDailyStatsTable: migrated 0.0019s

== 20161222093033 CreateSchemaVersionTable: migrating
== 20161222093033 CreateSchemaVersionTable: migrated 0.0014s

== 20161222093333 CreateActionHasParamsTable: migrating
== 20161222093333 CreateActionHasParamsTable: migrated 0.0019s

== 20161222094356 CreateProjectHasRolesTable: migrating
== 20161222094356 CreateProjectHasRolesTable: migrated 0.0016s

== 20161222094851 CreateColumnHasRestrictionsTable: migrating
== 20161222094851 CreateColumnHasRestrictionsTable: migrated 0.0023s

== 20161222094859 CreateColumnHasMoveRestrictionsTable: migrating
== 20161222094859 CreateColumnHasMoveRestrictionsTable: migrated 0.0024s

== 20161222095207 CreateGroupHasUsersTable: migrating
== 20161222095207 CreateGroupHasUsersTable: migrated 0.0030s

== 20161222095739 CreateProjectHasCategoriesTable: migrating
== 20161222095739 CreateProjectHasCategoriesTable: migrated 0.0017s

== 20161222100221 CreateProjectHasFilesTable: migrating
== 20161222100221 CreateProjectHasFilesTable: migrated 0.0016s

== 20161222104316 CreateProjectHasGroupsTable: migrating
== 20161222104316 CreateProjectHasGroupsTable: migrated 0.0017s

== 20161222104338 CreateProjectHasMetadataTable: migrating
== 20161222104338 CreateProjectHasMetadataTable: migrated 0.0019s

== 20161222104355 CreateProjectHasStarsTable: migrating
== 20161222104355 CreateProjectHasStarsTable: migrated 0.0020s

== 20161222104411 CreateProjectHasNotificationTypesTable: migrating
== 20161222104411 CreateProjectHasNotificationTypesTable: migrated 0.0016s

== 20161222104427 CreateProjectHasUsersTable: migrating
== 20161222104427 CreateProjectHasUsersTable: migrated 0.0022s

== 20161222112306 CreateProjectRoleHasRestrictionsTable: migrating
== 20161222112306 CreateProjectRoleHasRestrictionsTable: migrated 0.0022s

== 20161222112615 CreateSubtaskTimeTrackingTable: migrating
== 20161222112615 CreateSubtaskTimeTrackingTable: migrated 0.0019s

== 20161222113157 CreateTaskHasExternalLinksTable: migrating
== 20161222113157 CreateTaskHasExternalLinksTable: migrated 0.0016s

== 20161222113205 CreateTaskHasFilesTable: migrating
== 20161222113205 CreateTaskHasFilesTable: migrated 0.0017s

== 20161222113217 CreateTaskHasLinksTable: migrating
== 20161222113217 CreateTaskHasLinksTable: migrated 0.0032s

== 20161222113234 CreateTaskHasMetadataTable: migrating
== 20161222113234 CreateTaskHasMetadataTable: migrated 0.0018s

== 20161222113239 CreateTaskHasTagsTable: migrating
== 20161222113239 CreateTaskHasTagsTable: migrated 0.0017s

== 20161222114814 CreateUserHasMetadataTable: migrating
== 20161222114814 CreateUserHasMetadataTable: migrated 0.0020s

== 20161222114828 CreateUserHasNotificationTypesTable: migrating
== 20161222114828 CreateUserHasNotificationTypesTable: migrated 0.0016s

== 20161222114837 CreateUserHasNotificationsTable: migrating
== 20161222114837 CreateUserHasNotificationsTable: migrated 0.0024s

== 20161222114844 CreateUserHasUnreadNotificationsTable: migrating
== 20161222114844 CreateUserHasUnreadNotificationsTable: migrated 0.0016s

== 20161225123941 AlterTableUsersAddApiTokenColumn: migrating
== 20161225123941 AlterTableUsersAddApiTokenColumn: migrated 0.0042s

== 20161228031419 AlterTableUsersAddLayoutColumn: migrating
== 20161228031419 AlterTableUsersAddLayoutColumn: migrated 0.0031s

== 20161231134810 AlterTableUsersAddDashboardColumn: migrating
== 20161231134810 AlterTableUsersAddDashboardColumn: migrated 0.0124s

== 20170105040003 AlterTableProjectsAddDefaultViewColumn: migrating
== 20170105040003 AlterTableProjectsAddDefaultViewColumn: migrated 0.0028s

== 20171228053201 AlterTableActionsAddPositionColumn: migrating
== 20171228053201 AlterTableActionsAddPositionColumn: migrated 0.0150s

All Done. Took 0.1642s
[harveymei@localhost jitamin]$
[harveymei@localhost jitamin]$ vendor/bin/phinx seed:run
Phinx by Rob Morgan - https://phinx.org. 0.6.6

using config file ./phinx.php
using config parser php
using migration path database/migrations
using seed path database/seeds
warning no environment specified, defaulting to: mysql
using adapter mysql
using database jitamin

== LinkSeeder: seeding
== LinkSeeder: seeded 0.0079s

== SettingSeeder: seeding
== SettingSeeder: seeded 0.0043s

== UserSeeder: seeding
== UserSeeder: seeded 0.0911s

All Done. Took 0.1050s
[harveymei@localhost jitamin]$

修改目录权限

[harveymei@localhost jitamin]$ chmod -R 777 bootstrap/cache/
[harveymei@localhost jitamin]$ chmod -R 777 storage/
[harveymei@localhost jitamin]$

清除缓存

[harveymei@localhost jitamin]$ php artisan config:cache
Configuration cached successfully!
[harveymei@localhost jitamin]$ php artisan route:cache
Routes cached successfully!
[harveymei@localhost jitamin]$

修改项目路径及配置Apache服务

[harveymei@localhost ~]$ exit
logout
[root@localhost ~]#
[root@localhost ~]# mv /home/harveymei/jitamin/ /usr/local/
[root@localhost ~]# cd /usr/local/
[root@localhost local]# chown -R apache.apache jitamin/
[root@localhost local]#

修改默认主机名

[root@localhost ~]# vi /etc/httpd/conf/httpd.conf
ServerName localhost

添加虚拟主机配置

[root@localhost ~]# vi /etc/httpd/conf.d/jitamin.conf
<VirtualHost *:80>
ServerName 192.168.108.67
DocumentRoot "/usr/local/jitamin/public/"

ErrorLog "logs/jitamin-error_log"
CustomLog "logs/jitamin-access_log" combined

<Directory "/usr/local/jitamin/public/">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

检查配置文件并启动Apache服务

[root@localhost ~]# apachectl -t
Syntax OK
[root@localhost ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl start httpd
[root@localhost ~]#

使用浏览器访问Jitamin服务

8月 132018
 

https://developers.ripple.com/start-a-new-genesis-ledger-in-stand-alone-mode.html
https://developers.ripple.com/advance-the-ledger-in-stand-alone-mode.html

Start a New Genesis Ledger in Stand-Alone Mode
以独立模式启用新的创世总账

In stand-alone mode, you can have rippled create a new genesis ledger. This provides a known state, with none of the ledger history from the production XRP Ledger. (This is very useful for unit tests, among other things.)
在独立模式下,用户可以使用rippled创建一个新的创世总账。这提供了一种有别于生产XRP总账网络的,没有任何历史总账的状态。(除了特定方面的影响,这对于单元测试极其有用。)

To start rippled in stand-alone mode with a new genesis ledger, use the -a and –start options:
要在独立模式下使用rippled创建一个新的创世总账,使用-a和–start参数:

rippled -a --start --conf=/path/to/rippled.cfg

In a genesis ledger, the genesis address holds all 100 billion XRP. The keys of the genesis address are hardcoded as follows:
在创世总账中,创世地址持有全部的1000亿XRP。已经硬编码在代码中的创世地址密钥信息如下:

Address: rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh

Secret: snoPBrXtMeMyMHUVTgbuqAfg1SUTb ("masterpassphrase")

Settings in New Genesis Ledgers
创世总账中的设置状态

In a new genesis ledger, the hard-coded default Reserve is 200 XRP minimum for funding a new address, with an increment of 50 XRP per object in the ledger. These values are higher than the current reserve requirements of the production network. (See also: Fee Voting)
在新生成的创世总账中,用于注资激活新地址的硬编码储备金默认为200XRP,增长幅度为每个对象50XRP。这些值高于当前生产网络的实际储备金要求。(参阅:费用投票)

By default, a new genesis ledger has no amendments enabled. If you start a new genesis ledger with –start, the genesis ledger contains an EnableAmendment pseudo-transaction to turn on all amendments natively supported by the rippled server, except for amendments that you explicitly disable in the configuration file. The effects of those amendments are available starting from the very next ledger version. (Reminder: in stand-alone mode, you must advance the ledger manually.)
默认情况下,新生成的创世总账未启用任何修正案。当用户使用–start启用一个新的创世总账时,创世总账包含的EnableAmendment伪交易用以启用rippled服务器所支持的所有修正案,除非明确在配置文件中禁用的修正案。这些修正案将在下一总账版本中生效。(提示:在独立模式下,用户必须手动推进总账生成。)

Advance the Ledger in Stand-Alone Mode
在独立模式下推进总账(生成)

In stand-alone mode, rippled does not communicate to other members of the peer-to-peer network or participate in a consensus process. Instead, you must manually advance the ledger index using the ledger_accept method:
在独立模式下,rippled不与对等网络中的任何成员通信或参与共识过程。相反,用户需要使用ledger_accept方法手动推进总账的生成。

rippled ledger_accept --conf=/path/to/rippled.cfg

In stand-alone mode, rippled makes no distinction between a “closed” ledger version and a “validated” ledger version. (For more information about the difference, see The XRP Ledger Consensus Process.)
在独立模式下,rippled不再区分closed关闭状态的总账和validated已验证状态的总账。

Whenever rippled closes a ledger, it reorders the transactions according to a deterministic but hard-to-game algorithm. (This is an important part of consensus, since transactions may arrive at different parts of the network in different order.) When using rippled in stand-alone mode, you should manually advance the ledger before submitting a transaction that depends on the result of a transaction from a different address. Otherwise, the two transactions might be executed in reverse order when the ledger is closed. Note: You can safely submit multiple transactions from a single address to a single ledger, because rippled sorts transactions from the same address in ascending order by Sequence number.
当rippled关闭一个总账的时候,它会按照确定但难以伪造的算法重新排序交易。(这是共识的重要部分,在交易从不同网络及不同顺序到达之前。)在独立模式下使用rippled时,用户需要在结果涉及不同地址的交易提交之前手动推进总账生成。否则,当总账关闭时相关的交易可能会以截然相反的顺序执行。注意:用户可以安全的使用单个地址提交多笔交易到单个总账中,因为rippled会按照Squence序号升序对来自同一地址的交易进行排序。

8月 102018
 

安装

MacBookAir:~ harveymei$ brew install ansible
==> Installing dependencies for ansible: libyaml, openssl, gdbm, readline, sqlite, python@2
==> Installing ansible dependency: libyaml
==> Downloading https://homebrew.bintray.com/bottles/libyaml-0.2.1.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring libyaml-0.2.1.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/libyaml/0.2.1: 9 files, 298.9KB
==> Installing ansible dependency: openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2o_2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring openssl-1.0.2o_2.high_sierra.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added ina
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> Summary
🍺 /usr/local/Cellar/openssl/1.0.2o_2: 1,792 files, 12.3MB
==> Installing ansible dependency: gdbm
==> Downloading https://homebrew.bintray.com/bottles/gdbm-1.17.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring gdbm-1.17.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/gdbm/1.17: 20 files, 581.4KB
==> Installing ansible dependency: readline
==> Downloading https://homebrew.bintray.com/bottles/readline-7.0.5.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring readline-7.0.5.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> Summary
🍺 /usr/local/Cellar/readline/7.0.5: 46 files, 1.5MB
==> Installing ansible dependency: sqlite
==> Downloading https://homebrew.bintray.com/bottles/sqlite-3.24.0.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring sqlite-3.24.0.high_sierra.bottle.tar.gz
==> Caveats
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> Summary
🍺 /usr/local/Cellar/sqlite/3.24.0: 11 files, 3.5MB
==> Installing ansible dependency: python@2
==> Downloading https://homebrew.bintray.com/bottles/python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
######################################################################## 100.0%
==> Pouring python@2-2.7.15_1.high_sierra.bottle.1.tar.gz
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> /usr/local/Cellar/python@2/2.7.15_1/bin/python -s setup.py --no-user-cfg install --force --verbose --single-version-externally-managed --record=installed.txt --install-scripts=/usr/local/Cellar/python
==> Caveats
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
==> Summary
🍺 /usr/local/Cellar/python@2/2.7.15_1: 4,672 files, 82.6MB
==> Installing ansible
==> Downloading https://homebrew.bintray.com/bottles/ansible-2.6.2.high_sierra.bottle.tar.gz
######################################################################## 100.0%
==> Pouring ansible-2.6.2.high_sierra.bottle.tar.gz
🍺 /usr/local/Cellar/ansible/2.6.2: 12,187 files, 153.4MB
==> Caveats
==> openssl
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added in
the System keychain), place .pem files in
/usr/local/etc/openssl/certs

and run
/usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

==> readline
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides the BSD libedit library, which shadows libreadline.
In order to prevent conflicts when programs look for libreadline we are
defaulting this GNU Readline installation to keg-only.

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/readline/lib
CPPFLAGS: -I/usr/local/opt/readline/include

==> sqlite
This formula is keg-only, which means it was not symlinked into /usr/local,
because macOS provides an older sqlite3.

If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/sqlite/bin:$PATH"' >> ~/.bash_profile

For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/sqlite/lib
CPPFLAGS: -I/usr/local/opt/sqlite/include

==> python@2
Pip and setuptools have been installed. To update them
pip install --upgrade pip setuptools

You can install Python packages with
pip install <package>

They will install into the site-package directory
/usr/local/lib/python2.7/site-packages

See: https://docs.brew.sh/Homebrew-and-Python
MacBookAir:~ harveymei$

配置

手动建立目录/etc/ansible/
手动建立主机配置文件/etc/ansible/hosts
密钥保存路径:/用户/harveymei/.ssh/
8月 092018
 

1)生成SSH密钥对并复制公钥到远程受控主机

2)安装EPEL以安装Ansible软件包

[harveymei@oms ~]$ yum info ansible
Loaded plugins: fastestmirror
Determining fastest mirrors
epel 12631/12631
Installed Packages
Name 
Arch : noarch
Version : 2.6.2
Release : 1.el7
Size : 52 M
Repo : installed
From repo : epel
Summary : SSH-based configuration management, deployment, and task execution system
URL : http://ansible.com
License : GPLv3+
Description : Ansible is a radically simple model-driven configuration management,
: multi-node deployment, and remote task execution system. Ansible works
: over SSH and does not require any software or daemons to be installed
: on remote nodes. Extension modules can be written in any language and
: are transferred to managed machines automatically.

[harveymei@oms ~]$

3)编辑主机配置文件

[root@oms ~]# vi /etc/ansible/hosts
[fileserver]
node01.linuxcache.com
node02.linuxcache.com
node03.linuxcache.com
node03.linuxcache.com
node05.linuxcache.com
node06.linuxcache.com
node07.linuxcache.com

4)使用Ansible在远程主机执行一条命令

[harveymei@oms ~]$ ansible fileserver --private-key=.ssh/id_ecdsa_ansible -m command -a uptime -u ops 
node01.linuxcache.com | SUCCESS | rc=0 >>
15:46:37 up 6 days, 23:33, 2 users, load average: 0.03, 0.04, 0.08

node02.linuxcache.com | SUCCESS | rc=0 >>
15:46:34 up 6 days, 23:27, 1 user, load average: 0.06, 0.03, 0.05

node03.linuxcache.com | SUCCESS | rc=0 >>
15:46:34 up 6 days, 23:28, 1 user, load average: 0.00, 0.01, 0.05

node04.linuxcache.com | SUCCESS | rc=0 >>
15:46:35 up 6 days, 23:23, 1 user, load average: 0.06, 0.03, 0.05

node05.linuxcache.com | SUCCESS | rc=0 >>
15:46:42 up 6 days, 23:29, 1 user, load average: 0.00, 0.05, 0.07

node06.linuxcache.com | SUCCESS | rc=0 >>
15:46:37 up 6 days, 23:22, 1 user, load average: 0.00, 0.01, 0.05

node07.linuxcache.com | SUCCESS | rc=0 >>
15:46:43 up 6 days, 23:29, 1 user, load average: 0.00, 0.01, 0.05

[harveymei@oms ~]$
在配置文件中指定SSH用户后无需在命令中指定-u参数
[root@oms ~]# vi /etc/ansible/hosts
node01.linuxcache.com ansible_ssh_user=ops
node02.linuxcache.com ansible_ssh_user=ops
node03.linuxcache.com ansible_ssh_user=ops
node03.linuxcache.com ansible_ssh_user=ops
node05.linuxcache.com ansible_ssh_user=ops
node06.linuxcache.com ansible_ssh_user=ops
node07.linuxcache.com ansible_ssh_user=ops

Ansible常用模块及用法

copy模块
ansible fileserver -m copy -a "src=/tmp/abc.txt dest=~/"

command模块
ansible fileserver -m command -a pwd

shell模块(Shell模块默认不加载环境变量)
ansible fileserver -m shell -a ". .bash_profile;ll /|grep tmp"

script模块
ansible fileserver -m script -a "~/run.sh"
8月 092018
 

SSH密钥对生成及快速导入以支持免密码登录

生成指定加密类型和强度的密钥对

MacBookAir:~ harveymei$ ssh-keygen -b 256 -t ecdsa -C ansible
Generating public/private ecdsa key pair.
Enter file in which to save the key (/Users/harveymei/.ssh/id_ecdsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/harveymei/.ssh/id_ecdsa.
Your public key has been saved in /Users/harveymei/.ssh/id_ecdsa.pub.
The key fingerprint is:
SHA256:h3ROH2cqNPGJ8MRPru6RR+8uzupeXfGS6jsx1xTKIFI ansible
The key's randomart image is:
+---[ECDSA 256]---+
|        oEo      |
|       . =.=.. . |
|        o O+* +..|
|       . * ooB .+|
|        S +.+ ooo|
|         ..+o+.o.|
|         .o ++o  |
|          .*o.   |
|         +=o==o  |
+----[SHA256]-----+
MacBookAir:~ harveymei$ ls .ssh/
id_ecdsa        id_ecdsa.pub    known_hosts
MacBookAir:~ harveymei$

使用ssh-copy-id命令快速将公钥复制到目的主机

MacBookAir:~ harveymei$ ssh-copy-id -i .ssh/id_ecdsa.pub root@149.28.83.35
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_ecdsa.pub"
The authenticity of host '149.28.83.35 (149.28.83.35)' can't be established.
ECDSA key fingerprint is SHA256:Y+28z8sSqCprILoRIh1Qnob+uEWH3xaW5w8GbNR6y2o.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@149.28.83.35's password: 

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@149.28.83.35'"
and check to make sure that only the key(s) you wanted were added.

MacBookAir:~ harveymei$ 

导入成功后再次进行SSH连接,成功登录目的主机且无需验证密码

MacBookAir:~ harveymei$ ssh root@149.28.83.35
Last login: Thu Aug  9 05:51:38 2018 from 149.28.80.116
[root@test2 ~]# cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3MYnwqtWc5ncDiHw68s2534geuihRIoRrMDMjPOywgvZBN1Aok7CeALV+CqBaZyQV+K0vfOGa8ENBF35gM/SZi6wShaz1cKIURHXYRzCFjNU2eUACX9YjULxGbaYZwlu2jehy2Wt1BSpW20vUKlkZwBlfbpZLTHVhkbmxryEYVrsETu7vsj4les3UeIwdx+Dre4qyTHZB9uQiGtAQHFi+hjhIatDDuAaaca5pLif2UCej/XAxhvHgEaD/NUem0B3Rikvig0w3issneiNOfjAdIP0VCQ735oXdIm3TgoY5Mqdum7vPTz0QSRZW7ijByCmoPZ02/9G87AWwpgewOtCYuPwfGuy39Hl47fyT3012PVf4Z8ja2GW9PskidRG+mEJsYwPtpLV+6hoK3g4kEf297qp4k/YW6MDd9Ip2GVyvTviXPsMYVt4i7pUfRZeJ86F2GnaU5EvqwMncKFP348AzpkDtf50CXtVcjlV9ix+Hsw5tugzq9vaDjql8KCBaz07DWRb3eyTNicMKf5h37rJYV8w9jiMOILhFyyF4BQ6DtC7lwhDhYOJsi6G/Pp55v6eXltc3hS3kY9gfAUTTKYekvZRAz06TSJkgJ2sYo3Fdp0VuK3VhGDoS8YdCZSqLRYI4tHDDzfL5LGRd+vpX5W5wTTDdv9+kfQTXcklwBolFpw== root@test
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGduOgGxggQGK0a3ELs6cbMfAcY8P60/Y8mt/Ye2AZRFHYP7AME6NqAinWEPatFuw32S/mPuf8TQUjzAXZ3OMko= ansible
[root@test2 ~]# 
[root@test2 ~]# exit
Connection to 149.28.83.35 closed.
MacBookAir:~ harveymei$