# 激活项目环境
conda activate py310

# 构建镜像
docker build --no-cache   --build-arg PYTHON_VERSION=3.10   --build-arg APP_ENV=prod   -t data-sync-service:1.0 .

# 运行
docker run -it --rm  data-sync-service:1.0

# 模拟生产环境
export ENV=prod
python C2_SyncData.py

# 获取镜像
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/clickhouse/clickhouse-server:24.8.7.41
docker tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/clickhouse/clickhouse-server:24.8.7.41  docker.io/clickhouse/clickhouse-server:24.8.7.41

# 启动容器
docker stop clickhouse && docker rm clickhouse
docker run -d --name clickhouse  -e CLICKHOUSE_USER='default'  -e CLICKHOUSE_PASSWORD='DsideaL147258369'  --ulimit nofile=262144:262144 -p 8123:8123 -p 9000:9000 -p 9009:9009 --privileged=true -v /usr/local/clickhouse/log:/var/log/clickhouse-server -v /usr/local/clickhouse/data:/var/lib/clickhouse docker.io/clickhouse/clickhouse-server:24.8.7.41

------------------------------------下面是防火墙配置--------------------
# 1. 启用并启动防火墙
sudo systemctl enable --now firewalld

# 2. 创建信任区域并添加白名单IP（完全开放）
sudo firewall-cmd --permanent --new-zone=trusted-ip
sudo firewall-cmd --permanent --zone=trusted-ip --add-source=124.235.206.60
sudo firewall-cmd --permanent --zone=trusted-ip --set-target=ACCEPT

# 3. 设置默认区域规则（其他IP只开放27251）
sudo firewall-cmd --set-default-zone=public
sudo firewall-cmd --permanent --zone=public --add-port=27251/tcp

# 4. 应用配置
sudo firewall-cmd --reload

# 5. 验证配置
sudo firewall-cmd --zone=trusted-ip --list-all  # 应显示ACCEPT和正确IP
sudo firewall-cmd --zone=public --list-ports   # 应显示27251/tcp