Merge pull request momosecurity#60 from Flynnon/add_dockerfile

补充docker部署相关脚本及文档
hope561 · Nov 14, 2020 · 942208e · 942208e
2 parents d7b35c5 + 3adcf19
commit 942208e
Show file tree

Hide file tree

Showing 12 changed files with 205 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,9 @@ WeChat:<br>
 本项目的主分支仅支持Python3，目前通过Python3.7.3的版本测试，如果需要python2.7的版本，请使用tag: last-support-Python2.7 的代码.
 
 ### 快速启动
+
+#### 手动
+
 1. 本项目依赖redis, mysql, mongodb，因此需准备环境并更改配置项
 ```bash
     # 为了简单可以使用docker安装
@@ -45,6 +48,24 @@ WeChat:<br>
     bash start.sh
 ```
 
+#### docker
+
+1. 安装docker及docker compose
+
+此处不再赘述
+
+2. 启动
+
+``` bash
+docker-compose -f deploy/docker-compose.yaml up --build
+
+# 如果需要初始化数据及账号，可登录到具体的实例上执行下述命令
+# 创建管理员账户  此处详见  其它操作--增加用户
+python manage.py createsuperuser # 后续 依次输入用户名、密码、邮箱 即可创建一个管理员账号
+# 如果希望对系统有一个直观的感受，可以使用如下指令来预注入一些数据
+python manage.py init_risk_data
+```
+
 ### 后台介绍
 1. 名单管理
 

diff --git a/clients/mongo_client.py b/clients/mongo_client.py
@@ -2,7 +2,7 @@
 from pymongo import MongoClient
 
 from config import (SOC_MONGO_HOST, MONGO_POOL_SIZE, MONGO_MAX_IDLE_TIME,
-                    MONGO_MAX_WAITING_TIME, MONGO_SOCKET_TIMEOUT, MONGO_DB)
+                    MONGO_MAX_WAITING_TIME, MONGO_SOCKET_TIMEOUT, MONGO_AUTH_DB, MONGO_USER, MONGO_PWD)
 
 
 @lru_cache_function(max_size=1, expiration=24 * 3600)
@@ -13,10 +13,11 @@ def _get_mongo_pool():
                              maxIdleTimeMS=MONGO_MAX_IDLE_TIME,
                              waitQueueTimeoutMS=MONGO_MAX_WAITING_TIME,
                              socketTimeoutMS=MONGO_SOCKET_TIMEOUT)
-    # _POOL_TEMP[MONGO_AUTH_DB].authenticate(MONGO_USER, MONGO_PWD)
+    if MONGO_USER and MONGO_PWD:
+        _POOL_TEMP[MONGO_AUTH_DB].authenticate(MONGO_USER, MONGO_PWD)
     return _POOL_TEMP
 
 
-def get_mongo_client(db_name=MONGO_DB):
+def get_mongo_client(db_name=MONGO_AUTH_DB):
     pool = _get_mongo_pool()
     return pool[db_name]
diff --git a/config/base.py b/config/base.py
@@ -24,9 +24,13 @@
 MONGO_MAX_WAITING_TIME = 100  # 最大等待时间,100毫秒
 MONGO_READ_PREFERENCE = "secondaryPreferred"
 
-MONGO_AUTH_DB = "risk_control"
-MONGO_USER = "risk_control_user"
-MONGO_PWD = "risk_control_pwd"
+MONGO_DB  = MONGO_AUTH_DB = "risk_control"
+MONGO_USER = ""
+MONGO_PWD = ""
+
+SOC_MONGO_HOST = [
+    "127.0.0.1:27017",
+]
 
 risk_env = os.environ.get('RISK_ENV', 'develop')
 

diff --git a/config/docker.py b/config/docker.py
@@ -0,0 +1,53 @@
+# coding=utf8
+
+#  存储各项配置信息的redis
+REDIS_CONFIG = {
+    "host": "redis_db",
+    "port": 6379,
+    "db": 1,
+    "password": "",
+    "max_connections": 40,
+    "socket_timeout": 1,
+    "decode_responses": True
+}
+
+#  作为命中日志队列的redis
+LOG_REDIS_CONFIG = {
+    "host": "redis_db",
+    "port": 6379,
+    "db": 1,
+    "password": "",
+    "max_connections": 40,
+    "socket_timeout": 1,
+    "decode_responses": True
+}
+
+#  存储上报数据的redis
+REPORT_REDIS_CONFIG = {
+    "host": "redis_db",
+    "port": 6379,
+    "db": 1,
+    "password": "",
+    "max_connections": 40,
+    "socket_timeout": 1,
+    "decode_responses": True
+}
+
+# 存储命中日志的mysql
+LOG_MYSQL_CONFIG = {
+    'host': 'mysql_db',
+    'port': 3306,
+    'user': 'root',
+    'passwd': 'root',
+    'charset': 'utf8',
+    'db': 'risk_control',
+}
+
+# 存储权限等信息的mongo
+SOC_MONGO_HOST = [
+    "mongo_db:27017",
+]
+
+MONGO_DB = "risk_control"
+
+RISK_SERVER_HOST = '0.0.0.0'
diff --git a/config/product.py b/config/product.py
@@ -48,5 +48,7 @@
     "127.0.0.1:27017",
 ]
 
+MONGO_USER = "risk_control_user"
+MONGO_PWD = "risk_control_pwd"
 
 MONGO_DB = "risk_control"
diff --git a/deploy/Dockerfile.backend b/deploy/Dockerfile.backend
@@ -0,0 +1,9 @@
+FROM python:3.7.3
+
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com
+COPY ./ .
+RUN rm -rf output
+
+CMD [ "python", "www/manage.py", "runserver", "0.0.0.0:8000"]
diff --git a/deploy/Dockerfile.service b/deploy/Dockerfile.service
@@ -0,0 +1,9 @@
+FROM python:3.7.3
+
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com
+COPY ./ .
+RUN rm -rf output
+
+CMD [ "python", "risk_server.py"]
diff --git a/deploy/Dockerfile.task b/deploy/Dockerfile.task
@@ -0,0 +1,9 @@
+FROM python:3.7.3
+
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com
+COPY ./ .
+RUN rm -rf output
+
+CMD [ "python", "www/manage.py", "persistence_hit_log"]
diff --git a/deploy/docker-compose.yaml b/deploy/docker-compose.yaml
@@ -0,0 +1,73 @@
+version: '3.3'
+
+services:
+  app_python:
+    build:
+      context: ../
+      dockerfile: deploy/Dockerfile.backend
+    depends_on:
+      - redis_db
+      - mongo_db
+      - mysql_db
+    ports:
+      - "8000:8000"
+    command: >
+      bash -c "python www/manage.py collectstatic --noinput&&
+      python www/manage.py migrate &&
+      python www/manage.py runserver 0.0.0.0:8000"
+    environment:
+      - RISK_ENV=docker
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 8
+
+  app_service:
+    build:
+      context: ../
+      dockerfile: deploy/Dockerfile.service
+    depends_on:
+      - redis_db
+    ports:
+      - "50000:50000"
+    environment:
+      - RISK_ENV=docker
+
+  app_task:
+    build:
+      context: ../
+      dockerfile: deploy/Dockerfile.task
+    depends_on:
+      - redis_db
+      - mongo_db
+      - mysql_db
+    environment:
+      - RISK_ENV=docker
+    deploy:
+      restart_policy:
+        condition: on-failure
+        max_attempts: 8
+
+  redis_db:
+    image: redis:6.0.8
+    container_name: risk_redis
+    ports:
+      - "6379:6379"
+
+  mongo_db:
+    image: mongo:4.4.1
+    container_name: risk_mongo
+    ports:
+      - "27017:27017"
+
+  mysql_db:
+    image: mysql:5.6
+    container_name: risk_mysql
+    ports:
+      - "3306:3306"
+    command:
+      - --character-set-server=utf8mb4
+      - --collation-server=utf8mb4_unicode_ci
+    environment:
+      MYSQL_ROOT_PASSWORD: root
+      MYSQL_DATABASE: risk_control
diff --git a/requirements.txt b/requirements.txt
@@ -1,4 +1,5 @@
 gevent==1.4.0
+greenlet==0.4.15
 redis==2.10.5
 hiredis==0.2.0
 

diff --git a/risk_server.py b/risk_server.py
@@ -39,7 +39,7 @@ def application(environ, start_response):
     if environ['PATH_INFO'] not in URL_2_HANDLERS:
         response = json.dumps({"ec": 0, "error": "invalid uri"})
         start_response('200 OK', [('Content-Type', 'application/json')])
-        return [response]
+        return [response.encode()]
 
     handler = URL_2_HANDLERS[environ['PATH_INFO']]
     post_data = __parse_post_body(environ, ignore_get=False)

diff --git a/www/settings/local_settings/docker.py b/www/settings/local_settings/docker.py
@@ -0,0 +1,16 @@
+# coding=utf8
+"""开发环境配置"""
+
+DATABASES = {
+    'default': {
+        "ENGINE": 'django.db.backends.mysql',
+        "HOST": "mysql_db",
+        "PORT": 3306,
+        "USER": "root",
+        "PASSWORD": "root",
+        "DATABASE_CHARSET": "utf8",
+        "NAME": "risk_control",
+    },
+}
+
+DEBUG = True