#
Spring Cloud |
你懂的 |
Keycloak |
微服务认证授权 |
Jenkins |
持续集成 |
SonarQube |
代码质量控制 |
https://gitee.com/itmuch/spring-cloud-yes
Keycloak是Jboss出品的做认证和授权的WEB程序,根据OPENIDC协议,OPENID是做认证,OAUTH2.0是做授权,OPENIDC则将这两者整合。
有提供一套WEB界面维护用户、应用与角色。
Ream则可认为是多租户,每个租户的应用和用户数据是隔离的。
http://10.80.27.69:8180/auth/realms/quickstart/.well-known/openid-configuration 提供当前所有的API节点。
get_access_token_from_public_client:
curl --location --request POST 'http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=alice' \
--data-urlencode 'password=123456' \
--data-urlencode 'client_id=app-springboot-public' \
--data-urlencode 'grant_type=password' \
| jq
./get_access_token_from_confidential_client.sh
curl --location --request POST 'http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=app-springboot-confidential' \
--data-urlencode 'client_secret=3acf7692-49cb-4c45-9943-6f3dba512dae' \
--data-urlencode 'grant_type=client_credentials' \
| jq
访问一个ACCESS TYPE为Bare only的应用的一个API:
access_token=$(curl \
-d "client_id=app-springboot-public" \
-d "username=alice" \
-d "password=123456" \
-d "grant_type=password" \
"http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token" \
| jq -r '.access_token')
#echo $access_token
curl -H "Authorization: Bearer $access_token" 'http://10.80.27.69:8182/products' | jq
访问用户信息:
access_token=$(curl \
-d "client_id=app-springboot-public" \
-d "username=alice" \
-d "password=123456" \
-d "grant_type=password" \
"http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/token" | jq -r '.access_token')
curl -H "Authorization: Bearer $access_token" http://10.80.27.69:8180/auth/realms/quickstart/protocol/openid-connect/userinfo | jq
编辑/etc/docker/daemon.json,加入以下节点:
{
"registry-mirrors": [
"https://hub-mirror.c.163.com",
"https://mirror.baidubce.com"
]
}
[root@dev69 ~]$ groupadd docker
[root@dev69 ~]$ usermod -aG docker $USER
[root@dev69 ~]$ reboot
[paul@dev69 ~]$ docker run hello-world
docker 安装:
[root@dev69 ~]$ yum install -y docker
[root@dev69 ~]$ systemctl enable docker
[root@dev69 ~]$ systemctl start docker
To check if a directory exists in a shell script, you can use the following:
if [ -d "$DIRECTORY" ]; then
# Control will enter here if $DIRECTORY exists.
fi
Or to check if a directory doesn't exist:
if [ ! -d "$DIRECTORY" ]; then
# Control will enter here if $DIRECTORY doesn't exist.
fi
function fun1(){
return 34
}
function fun2(){
local res=$(fun1)
echo $res
}
上面调用fun1时,打印结果却不返回34,这是为何?原来函数只是返回结果成功与否的值,并不能自定义。因此要改成下面这种写法
function fun1(){
echo 34
}
function fun2(){
local res=$(fun1)
echo $res
}
https://stackoverflow.com/questions/17336915/return-value-in-a-bash-function
如果已经在ECLIPSE中CLONE了GIT的项目,这时当GIT中又新建了项目,ECLIPSE无法切换到这新建的项目,解决办法:
In the Git Repositories view:
- Right-click the repository and choose Fetch from Upstream
- If the new branch will not shown up below Branches/Remote Tracking, you have to configure fetch:
- Right-click the fetch node below Remotes/origin and choose Configure Fetch...
- In the Configure Fetch make sure there is only the single Ref mapping (assuming the remote is named
origin
) +refs/heads/*:refs/remotes/origin/*
:
这时再次Fetch from upstream,则新建的项目再次重现:Git Repositories View-->Branches-->Remote Checking中。
双击新的分支,选:Check out as New Local Branch即可。
https://stackoverflow.com/questions/47390703/how-do-i-get-a-new-branch-to-show-up-in-eclipse-git-remote-tracking/47391183
先在主控机执行ssh-keygen,再向被控机传输key,
ssh-copy-id -i ~/.ssh/id_rsa.pub user1@ip
样例脚本transfer-artemis.sh如下:
#!/bin/bash
loop_server(){
for ((i=2; i<=8; i++))
do
ipd=10.10.31.1${i}2
echo ${ipd}
$1 ${ipd}
done
for ((i=1; i<=2; i++))
do
ipd=10.20.31.1${i}2
echo ${ipd}
$1 ${ipd}
done
}
start_artemis_cmd(){
echo "ssh user1@${1} '/opt/myapp/artemis/apache-artemis-2.15.0/instance/bin/artemis-service start'"
ssh user1@${1} '/opt/myapp/artemis/apache-artemis-2.15.0/instance/bin/artemis-service start'
}
stop_artemis_cmd(){
echo "ssh user1@${1} '/opt/myapp/apache-activemq-5.15.10/bin/activemq stop'"
echo "ssh user1@${1} '/opt/myapp/artemis/apache-artemis-2.15.0/instance/bin/artemis-service stop'"
ssh user1@${1} '/opt/myapp/apache-activemq-5.15.10/bin/activemq stop'
ssh user1@${1} '/opt/myapp/artemis/apache-artemis-2.15.0/instance/bin/artemis-service stop'
}
scp_artemis_cmd(){
echo "ssh user1@${1} 'rm -rf /opt/myapp/artemis'"
echo "scp -r /opt/myapp/artemis user1@${1}:/opt/myapp/"
ssh user1@${1} 'rm -rf /opt/myapp/artemis'
scp -r /opt/myapp/artemis user1@${1}:/opt/myapp/
}
stop_artemis(){
loop_server stop_artemis_cmd
}
start_artemis(){
loop_server start_artemis_cmd
}
scp_artemis(){
loop_server scp_artemis_cmd
}
#start_artemis "Hello start_artemis"
$1
执行命令:
./transfer-artemis.sh start_artemis