You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.8 KiB
1.8 KiB
# 激活项目环境
conda activate py310
# 构建镜像
docker build --no-cache --build-arg PYTHON_VERSION=3.10 --build-arg APP_ENV=prod -t data-sync-service:1.0 .
# 运行
docker run -it --rm data-sync-service:1.0
# 模拟生产环境
export ENV=prod
python C2_SyncData.py
# 获取镜像
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/clickhouse/clickhouse-server:24.8.7.41
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/clickhouse/clickhouse-server:24.8.7.41 docker.io/clickhouse/clickhouse-server:24.8.7.41
# 启动容器
docker stop clickhouse && docker rm clickhouse
docker run -d --name clickhouse -e CLICKHOUSE_USER='default' -e CLICKHOUSE_PASSWORD='DsideaL147258369' --ulimit nofile=262144:262144 -p 8123:8123 -p 9000:9000 -p 9009:9009 --privileged=true -v /usr/local/clickhouse/log:/var/log/clickhouse-server -v /usr/local/clickhouse/data:/var/lib/clickhouse docker.io/clickhouse/clickhouse-server:24.8.7.41
------------------------------------下面是防火墙配置--------------------
# 1. 启用并启动防火墙
sudo systemctl enable --now firewalld
# 2. 创建信任区域并添加白名单IP<span class="ambiguous-code-point tooltip" data-content="( [U+FF08] is confusable with ( [U+0028]"><span class="char">(</span></span>完全开放<span class="ambiguous-code-point tooltip" data-content=") [U+FF09] is confusable with ) [U+0029]"><span class="char">)</span></span>
sudo firewall-cmd --permanent --new-zone=trusted-ip
sudo firewall-cmd --permanent --zone=trusted-ip --add-source=124.235.206.60
sudo firewall-cmd --permanent --zone=trusted-ip --set-target=ACCEPT
# 3. 设置默认区域规则<span class="ambiguous-code-point tooltip" data-content="( [U+FF08] is confusable with ( [U+0028]"><span class="char">(</span></span>其他IP只开放27251<span class="ambiguous-code-point tooltip" data-content=") [U+FF09] is confusable with ) [U+0029]"><span class="char">)</span></span>
sudo firewall-cmd --set-default-zone=public
sudo firewall-cmd --permanent --zone=public --add-port=27251/tcp
# 4. 应用配置
sudo firewall-cmd --reload
# 5. 验证配置
sudo firewall-cmd --zone=trusted-ip --list-all # 应显示ACCEPT和正确IP
sudo firewall-cmd --zone=public --list-ports # 应显示27251/tcp