webpage.deployment.svn.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE webpage SYSTEM "/usr/share/xml/docbook/custom/website/2.5.0/schema/dtd/website.dtd">
<webpage id="deployment.svn">
	<config param="desc" value="Article" />
	<config param="rcsdate" value="$Date: 2013-01-15 14:34:09 +0800 (Tue, 15 Jan 2013) $" />
	<head>
		<title>Deployment SVN</title>
		<titleabbrev>Deployment SVN</titleabbrev>
		<summary></summary>
	</head>

	<webtoc />

	<section>
		<title>Installation</title>
		<ulink url="https://github.com/netkiller/deployment.git" />
		<screen>
$ git clone https://github.com/netkiller/deployment.git
$ chmod 755 -R deployment
$ export DEPLOY_HOME=~/deployment
		</screen>
		<para></para>
		<screen>
export DEPLOY_HOME=/home/user/deployment
		</screen>
	</section>

	<webtoc />

	<section>
		<title>使用说明</title>
		<screen>
		<![CDATA[
neo@ubuntu:~/deployment$ bin/deploy
Usage: bin/deploy [OPTION] <server-id> <directory/timepoint>

OPTION:
	stage {development|testing|production}
        deploy <domain> <host>
        revert <domain> <host> <revision>
        backup <domain> <host> <directory>
	release <domain> <host> <tags> <message>

        list
        list <domain> <host>

        import <domain> <host> <dir>
        export <domain> <host> <dir>

	clean <domain> <host>
	log <project> <line>
CONFIG:
        conf list
        conf new <project>
        conf remove <project>
        conf show <project>
        conf edit <project>

	cron show
	cron setup
	cron edit
		]]>
		</screen>
	</section>
	<section>
		<title>模拟演示</title>
		<orderedlist>
			<title>环境说明</title>
			<listitem>
				<para>development 开发环境</para>
			</listitem>
			<listitem>
				<para>testing 测试环境，代码来自开发环境的合并</para>
			</listitem>
			<listitem>
				<para>production 生产环境，当testing环境通过测试后，将testing 合并到 主干 即成为生产环境的代码 </para>
				<para>另外我们可以通过release功能将主干的代码复制到tags中，命名采用版本号</para>
			</listitem>
		</orderedlist>
	</section>
	<section>
		<title>创建配置文件</title>
		<section>
			<title>development</title>
			<para>部署开发代码到开发环境</para>
			<para>cat deployment/conf/development/mydomain.com/www.conf </para>
			<screen>
REPOSITORIES=svn://192.168.2.1/mydomain.com/www.mydomain.com
TRUNK=${REPOSITORIES}/trunk
BRANCHES=${REPOSITORIES}/branches
TAGS=${REPOSITORIES}/tags

REPOSITORY=${BRANCHES}/development
MODE=RSYNC
OPTION="--delete --password-file=$PREFIX/conf/development/passwd"
REMOTE="jszb@192.168.2.10"
DESTINATION=mydomain.com/www.mydomain.com
			</screen>
			<para>创建密码文件</para>
			<screen>
$ cat deployment/conf/development/passwd
eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
			</screen>
		</section>
		<section>
			<title>testing</title>
			<para>部署测试分支到测试环境</para>
			<para>cat deployment/conf/testing/mydomain.com/www.conf </para>
			<screen>
REPOSITORIES=svn://192.168.2.1/mydomain.com/www.mydomain.com
TRUNK=${REPOSITORIES}/trunk
BRANCHES=${REPOSITORIES}/branches
TAGS=${REPOSITORIES}/tags

REPOSITORY=${BRANCHES}/testing
MODE=RSYNC
OPTION="--delete --password-file=$PREFIX/conf/testing/passwd"
REMOTE="jszb@192.168.2.10"
DESTINATION=mydomain.com/www.mydomain.com
			</screen>
			<para>创建密码文件</para>
			<screen>
$ cat deployment/conf/testing/passwd
eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
			</screen>
		</section>
		<section>
			<title>production</title>
			<para>部署主干代码到远程主机</para>
			<para>cat deployment/conf/production/mydomain.com/www.conf </para>
			<screen>
REPOSITORIES=svn://192.168.2.1/mydomain.com/www.mydomain.com
TRUNK=${REPOSITORIES}/trunk
BRANCHES=${REPOSITORIES}/branches
TAGS=${REPOSITORIES}/tags
REPOSITORY=${TRUNK}
MODE=RSYNC
OPTION="--delete --password-file=$PREFIX/conf/production/passwd"
REMOTE="jszb@192.168.2.10"
DESTINATION=mydomain.com/www.mydomain.com
			</screen>
			<para>创建密码文件</para>
			<screen>
$ cat deployment/conf/production/passwd
eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
			</screen>
		</section>

		<section>
			<title>配置排出列表</title>
			<para>有时我们不希望某些文件被上传到服务器上。我们可以通过排除列表来排除上传</para>
			<screen>
cat exclude/mydomain.com/www.lst
/test/phpinfo.php
/config/database.php
/backup/*.sql
			</screen>
		</section>
		<section>
			<title>配置文件管理</title>
			<para>生产环境的安全问题，例如数据库联接信息，开发环境与测试环境的数据库是可以供发人员和测试人员随意操作的，损坏之后恢复即可，但生产环境的数据库是不能随便操作的，除运维人员其他人是不应该有权限的，  我们希望部署到生产环境的时候使用另一个配置文件，并且这个配置文件只有运维人员才能编辑。</para>
			<para>config/database.php 将覆盖原有的配置文件，然后上传到生产环境</para>
			<screen>
vim share/production/mydomain.com/www/config/database.php
...
你的数据库连接信息
...
			</screen>
		</section>
		<section>
			<title>部署前/后脚本</title>
			<para>部署前需要做什么</para>
			<screen>
$ cat libexec/mydomain.com/www/before
rsync -au $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/cn/* $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/news/
rsync -au $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/images/* $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/bbs/images/
rsync -au $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/css/* $DEPLOY_HOME/src/production/mydomain.com/www.mydomain.com/news/css
			</screen>
			<para>部署后需要做什么</para>
			<screen>
cat libexec/mydomain.com/www/after
ssh www@192.168.1.1 "chown www:www -R /www/mydomain.com"
ssh www@192.168.1.1 "chown 700 -R /www/mydomain.com"
ssh www@192.168.1.1 "chown 777 -R /www/mydomain.com/www.mydomain.com/images/upload"
			</screen>
		</section>
	</section>

	<section>
		<title>配置部署节点</title>
		<para>在需要部署的节点上安装rsync</para>
		<screen>
		<![CDATA[
yum install xinetd rsync -y

vim /etc/xinetd.d/rsync <<VIM > /dev/null 2>&1
:%s/yes/no/
:wq
VIM

# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]
		]]>
		</screen>
		<para>/etc/rsyncd.conf 配置文件</para>
		<screen>
		<![CDATA[
# cat /etc/rsyncd.conf
uid = root
gid = root
use chroot = no
max connections = 8
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

hosts deny=*
hosts allow=192.168.2.0/255.255.255.0

[www]
    uid = www
    gid = www
    path = /www
    ignore errors
    read only = no
    list = no
    auth users = www
    secrets file = /etc/rsyncd.passwd
[mydomain.com]
    uid = www
    gid = www
    path = /www/mydomain.com
    ignore errors
    read only = no
    list = no
    auth users = mydomain
    secrets file = /etc/rsyncd.passwd
[example.com]
    uid = www
    gid = www
    path = /www/example.com
    ignore errors
    read only = no
    list = no
    auth users = example
    secrets file = /etc/rsyncd.passwd
		]]>
		</screen>
		<para>创建密码</para>
		<screen>
		<![CDATA[
cat > /etc/rsyncd.passwd <<EOD
www:eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
mydomain:eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
example:eF9nJCcGKJPsiqZsfjGXxwfF41cLibTo
EOD
		]]>
		</screen>
	</section>
	<section>
		<title>部署代码</title>
		<para>开发环境部署</para>
		<screen>
$ ~/deployment/bin/deploy development mydomain.com myid
		</screen>
		<para>测试环境部署</para>
		<screen>
$ ~/deployment/bin/deploy testing mydomain.com myid
		</screen>
		<para>生产环境部署</para>
		<screen>
$ ~/deployment/bin/deploy production mydomain.com  myid
		</screen>
		<para>每次部署都会在服务器 /www/mydomain.com/backup/ 下备份更改的文件</para>
		<para>release 升级你的版本</para>
		<screen>
$ ~/deployment/bin/deploy release mydomain.com www 2.0
		</screen>
	</section>
	<section>
		<title>日志</title>
		<para>部署日志 deploy.YYYY-MM-DD.log, 记录部署时间与动态</para>
		<screen>
 $ cat log/deploy.2012-08-03.log
[2012-08-03_10:46:32] [update] /home/www/deployment/src/development/mydomain.com/info.mydomain.com
[2012-08-03_10:46:33] [deploy] /home/www/deployment/src/development/mydomain.com/info.mydomain.com => jszb@192.168.2.11:mydomain.com/infoadmin.mydomain.com
[2012-08-03_10:46:47] [update] /home/www/deployment/src/development/mydomain.com/info.mydomain.com
[2012-08-03_10:46:48] [deploy] /home/www/deployment/src/development/mydomain.com/info.mydomain.com => jszb@192.168.2.11:mydomain.com/infoadmin.mydomain.com
[2012-08-03_10:55:27] [update] /home/www/deployment/src/development/mydomain.com/myid.mydomain.com
[2012-08-03_10:55:28] [deploy] /home/www/deployment/src/development/mydomain.com/myid.mydomain.com => jszb@192.168.2.13:mydomain.com/myid.mydomain.com
[2012-08-03_10:56:21] [update] /home/www/deployment/src/development/example.com/ad.example.com
[2012-08-03_10:56:22] [deploy] /home/www/deployment/src/development/example.com/ad.example.com => jszb@192.168.2.13:example.com/ad.example.com
[2012-08-03_10:56:23] [update] /home/www/deployment/src/development/example.com/admin.example.com
[2012-08-03_10:56:24] [deploy] /home/www/deployment/src/development/example.com/admin.example.com => jszb@192.168.2.12:example.com/admin.example.com
[2012-08-03_10:56:27] [update] /home/www/deployment/src/development/example.com/images.example.com
[2012-08-03_10:56:28] [deploy] /home/www/deployment/src/development/example.com/images.example.com => jszb@192.168.2.10:example.com/images.example.com
[2012-08-03_10:56:30] [update] /home/www/deployment/src/development/example.com/info.example.com
[2012-08-03_10:56:31] [deploy] /home/www/deployment/src/development/example.com/info.example.com => jszb@192.168.2.11:example.com/info.example.com
[2012-08-03_10:56:33] [update] /home/www/deployment/src/development/example.com/myid.example.com
[2012-08-03_10:56:34] [deploy] /home/www/deployment/src/development/example.com/myid.example.com => jszb@192.168.2.13:example.com/myid.example.com
[2012-08-03_10:56:36] [update] /home/www/deployment/src/development/example.com/pic-load.example.com
[2012-08-03_10:56:36] [deploy] /home/www/deployment/src/development/example.com/pic-load.example.com => jszb@192.168.2.14:example.com/pic-load.example.com
[2012-08-03_10:56:39] [update] /home/www/deployment/src/development/example.com/pic-post.example.com
[2012-08-03_10:56:39] [deploy] /home/www/deployment/src/development/example.com/pic-post.example.com => jszb@192.168.2.14:example.com/pic-post.example.com
[2012-08-03_10:56:41] [update] /home/www/deployment/src/development/example.com/www.example.com
[2012-08-03_10:56:42] [deploy] /home/www/deployment/src/development/example.com/www.example.com => jszb@192.168.2.10:example.com/www.example.com
[2012-08-03_11:33:24] [update] /home/www/deployment/src/development/mydomain.com/info.mydomain.com
[2012-08-03_11:33:30] [deploy] /home/www/deployment/src/development/mydomain.com/info.mydomain.com => jszb@192.168.2.11:mydomain.com/infoadmin.mydomain.com
		</screen>
		<para>项目日志 www.example.com.log 记录项目有哪些更新, 上传的细节, 你能通过日志看到那些文件被上传</para>
		<screen>
		<![CDATA[
$ cat log/www.example.com.log
A    /srv/deploy/src/example.com/www.example.com/index.html
Checked out revision 5.
At revision 5.
2012/05/08 19:19:08 [30062] building file list
2012/05/08 19:19:08 [30062] sent 46 bytes  received 12 bytes  16.57 bytes/sec
2012/05/08 19:19:08 [30062] total size is 13  speedup is 0.22
2012/05/08 19:19:17 [30081] building file list
2012/05/08 19:19:17 [30081] sent 46 bytes  received 12 bytes  6.11 bytes/sec
2012/05/08 19:19:17 [30081] total size is 13  speedup is 0.22
/usr/bin/svn copy svn://192.168.2.1/example.com/www.example.com/trunk svn://192.168.2.1/example.com/www.example.com/tags/2.0
2012/06/25 13:44:26 [3000] <f+++++++++ cn/download.html
2012/07/18 17:04:37 [12782] building file list
2012/07/18 17:04:37 [12782] .d..t...... ad/inc/
2012/07/18 17:04:37 [12782] <f..t...... ad/inc/config.html
2012/07/18 17:04:37 [12782] .d..t...... cn/inc/
2012/07/18 17:04:37 [12782] .d..t...... cn/news/inc/
2012/07/18 17:04:37 [12782] <f..t...... cn/news/inc/config.html
2012/07/18 17:04:37 [12782] .d..t...... tw/inc/
2012/07/18 17:04:37 [12782] .d..t...... tw/news/inc/
2012/07/18 17:04:37 [12782] <f..t...... tw/news/inc/config.html
2012/07/18 17:04:37 [12782] sent 12151 bytes  received 156 bytes  8204.67 bytes/sec
2012/07/18 17:04:37 [12782] total size is 5009355  speedup is 407.03
		]]>
		</screen>
	</section>

</webpage>