如何切换 host 网络模式

如何切换 host 网络模式?

通常安装过程自动进行,无需介入。

如果关闭防火墙或 9898 端口开放后服务仍然无法访问,可能需要切换容器网络为 host 模式,请您手动修改几个配置文件:

下载配置文件包

请先 下载 配置文件包。

配置文件替换

  1. 替换 rescoures 配置文件

    请将原有 Cloud Query 安装目录下 resource 中的 cloudquery-resources.yml 替换为配置文件包中的 resource 目录下 cloudquery-resources.yml 文件

  2. 替换 cloudquery 配置文件

    请将原有 Cloud Query 安装目录下 cloudquery 中的 cloudquery-compose.yml 替换为配置文件包中的 cloudquery 目录下 cloudquery-compose.yml 文件

  3. 其余配置文件修改

    1.编辑配置文件包中其余所有子目录的配置文件

    修改 audit 目录中

    application-dubbo.yml

    spring:
      application:
        name: cloudquery-audit
    
    dubbo:
      scan:
        base-packages: cn.bintools.cloudquery.audit
      application:
        id: cloudquery-audit
        name: cloudquery-audit
        qos-port: 33335
        qos-enable: true
        qos-accept-foreign-ip: false
      protocol:
        id: audit
        name: dubbo
        port: 12347
    
      registry:
        id: zookeeper
        ######################修改ip地址为本机ip########################
        address: zookeeper://ip地址:2181
        #############################################
      consumer:
        timeout: 30000
        group: cloudquery
        check: false
    

application-test.yml

spring:
  profiles:
    include: dubbo
    active: release
  redis:
    database: 0
    #####################修改ip地址为本机ip#########################
    host: 192.168.11.161
    port: 6379
    timeout: 5000
  jackson:
    time-zone: GMT+8
  datasource:
    #####################修改ip地址为本机ip#########################
    url: jdbc:postgresql://ip地址:5432/postgres
    username: postgres
    password: Hello123$
    driver-class-name: org.postgresql.Driver
  jpa:
    show-sql: true
    hibernate:
      ddl-auto: update
    properties:
      hibernate:
        jdbc:
          lob:
            non_contextual_creation: true
server:
  servlet:
    context-path: /audit
  port: 7001
# 定义日志级别
logging:
  config:
    cn.bintools.cloudquery.message: warn
## 增加mybatis配置
mybatis:
  config-location: classpath:mybatis-config.xml
  type-aliases-package: cn.bintools.cloudquery.audit.pojo,cn.bintools.cloudquery.audit.mapper
  mapper-locations: classpath*:mapper/*.xml

##线程池配置
audit-analysis:
  thread-pool:
    core-pool-size: 30
    maximum-pool-size: 60
    keep-alive-time: 1000
    blocking-queue-size: 1000
  scheduled:
    #定时任务周期毫秒
    period-time: 30000
    delay: 30

修改 **dms **目录中

application-dubbo.yml

spring:
  application:
    name: cloudquery-dms

dubbo:
  scan:
    base-packages: cn.bintools.cloudquery.dms
  application:
    id: cloudquery-dms
    name: cloudquery-dms
    qos-port: 33333
    qos-enable: true
    qos-accept-foreign-ip: false
  protocol:
    id: dms
    name: dubbo
    port: 12345
    serialization: kyro

  registry:
    id: zookeeper
    #####################修改ip地址为本机ip#########################
    address: zookeeper://ip地址:2181

  consumer:
    timeout: 30000
    group: cloudquery
    check: false # 取消启动时对客户端的rpc检测

application-test.yml

spring:
  profiles:
    include: dubbo
    active: release
  redis:
    database: 0
    #####################修改ip地址为本机ip#########################
    host: ip地址
    port: 6379
    timeout: 5000
  cache:
    type: redis
  jackson:
    time-zone: GMT+8
    date-format: yyyy-MM-dd HH:mm:ss
server:
  servlet:
    context-path: /dms
  port: 9001
  error:
    include-exception: true
    include-stacktrace: always
# 定义日志级别
logging:
  config:
    cn.bintools.cloudquery.message: warn
# 定义dm module 路径
dms:
  server_home: /opt/cloudquery/dmc/dms_home
  module_directory: /opt/cloudquery/dmc/modules
  stg: /opt/cloudquery/dmc/modules
# 连接失效时间 单位:分钟
connection:
  expired_time: 40
  destroy_time: 45
statement:
  execute:
    timeout: 5 # minute

修改 message目录中

application-dubbo.yml

spring:
  application:
    name: cloudquery-message

dubbo:
  scan:
    base-packages: cn.bintools.cloudquery.message
  application:
    id: cloudquery-message
    name: cloudquery-message
    qos-port: 33334
    qos-enable: true
    qos-accept-foreign-ip: false
  protocol:
    id: message
    name: dubbo
    port: 12346

  registry:
    id: zookeeper
    #####################修改ip地址为本机ip#########################
    address: zookeeper://ip地址:2181
  consumer:
    timeout: 30000
    group: cloudquery
    check: false

application-test.yml

spring:
  profiles:
    include: dubbo
    active: release
  redis:
    database: 0
    #####################修改ip地址为本机ip#########################
    host: ip地址
    port: 6379
    timeout: 5000
server:
  servlet:
    context-path: /message
  port: 8899
# 定义日志级别
logging:
  config:
    cn.bintools.cloudquery.message: warn

修改 user目录中

application-dubbo.yml

spring:
  application:
    name: cloudquery-uc

dubbo:
  scan:
    base-packages: cn.bintools.cloudquery.user
  application:
    id: cloudquery-uc
    name: cloudquery-uc
  protocol:
    id: uc
    name: dubbo
    port: 12345

  registry:
    id: zookeeper
    #####################修改ip地址为本机ip#########################
    address: zookeeper://ip地址:2181
  consumer:
    timeout: 30000
    group: cloudquery
    check: false

application-test.yml

spring:
  profiles:
    include: dubbo
    active: release
  redis:
    database:
      0
      #####################修改ip地址为本机ip#########################
    host: ip地址
    port: 6379
    timeout: 5000
    pool:
      max-active: 8
      min-idle: 1
      max-idle: 8
      max-wait: -1
  datasource:
    #####################修改ip地址为本机ip#########################
    url: jdbc:postgresql://ip地址:5432/postgres
    username: postgres
    password: Hello123$
    driver-class-name: org.postgresql.Driver
  jpa:
    show-sql: true
    hibernate:
      ddl-auto: update
    properties:
      hibernate:
        enable_lazy_load_no_trans: true
        jdbc:
          lob:
            non_contextual_creation: true
    open-in-view: true
server:
  servlet:
    context-path: /user
  port: 8001
  error:
    include-exception: true
    include-stacktrace: always
# 定义日志级别
logging:
  config:
    cn.bintools.cloudquery.user: warn

fortress.properties

#####################修改ip地址为本机ip#########################
host=ip地址
port=10389


ldap.server.type=apacheds

apacheds.pwpolicy.root=ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config


disable.audit=${disable.audit}
enable.ldap.ssl=${enable.ldap.ssl}
enable.ldap.ssl.debug=${enable.ldap.ssl.debug}
trust.store=${trust.store}
trust.store.password=${trust.store.password}
trust.store.onclasspath=${trust.store.onclasspath}
enable.ldap.starttls=false
key.store=${key.store}
key.store.password=${key.store.password}
admin.user=uid=admin,ou=system
admin.pw=secret
min.admin.conn=1
max.admin.conn=10
min.user.conn=1
max.user.conn=10
log.admin.user=${log.admin.user}
log.admin.pw=${log.admin.pw}
min.log.conn=1
max.log.conn=3
config.realm=DEFAULT
config.root=ou=Config,dc=example,dc=com
debug.ldap.pool=true
enable.pool.reconnect=true
crypto.prop=${crypto.prop}
ehcache.config.file=ehcache.xml
disable.dsd.cache=false
enable.mgr.impl.rest=${enable.mgr.impl.rest}
http.user=${http.user}
http.pw=${http.pw}
http.host=${http.host}
http.port=${http.port}
http.protocol=${http.protocol}
GroupTest=org.apache.directory.fortress.core.group.GroupAntTest
group.properties=ftProps

修改 web 目录中

nginx.conf

worker_processes 1;

events {
  worker_connections 1024;
}

http {
  include mime.types;
  default_type application/octet-stream;
  sendfile on;
  keepalive_timeout 65;
  server {
    listen 9898;
    #################修改ip地址为本机ip#####################
    server_name localhost ip地址 10.0.2.109;
    charset utf-8;
    location ^~/user {
	#################修改ip地址为本机ip#####################
      proxy_pass http://ip地址:8001/user/;
      proxy_set_header Host $host;
      proxy_set_header Cookie			$http_cookie;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_cookie_path /user/ /; # 关键配置
    }
    location ^~/dms {
    #################修改ip地址为本机ip#####################
      proxy_pass http://ip地址:9001/dms/;
      proxy_set_header Host $host;
      proxy_set_header Cookie			$http_cookie;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    location ^~/audit {
	#################修改ip地址为本机ip#####################
      proxy_pass http://ip地址:7001/audit/;
      proxy_set_header Host $host;
      proxy_set_header Cookie			$http_cookie;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    location ^~/message {
	#################修改ip地址为本机ip#####################
      proxy_pass http://ip地址:8899/message;
      proxy_set_header Host $host;
      proxy_set_header Cookie			$http_cookie;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }
	location ^~ /terminal {
	#################修改ip地址为本机ip#####################
         proxy_pass http://ip地址:9950/terminal;
         proxy_set_header Host $host;
         proxy_set_header Cookie   $http_cookie;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "upgrade";
    }

    location ^~/cqupgrade {
	#################修改ip地址为本机ip#####################
      proxy_pass http://ip地址:9900/cqupgrade/;
      proxy_set_header Host $host;
      proxy_set_header Cookie			$http_cookie;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }
    location / {
      root /usr/share/nginx/html;
      index /usr/share/nginx/html/index.html;
      try_files $uri $uri/ /index.html;
    }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
      root html;
    }
  }
}


修改 taskCenter 目录中

application-dubbo.yml

spring:
  application:
    name: cloudquery-task

dubbo:
  scan:
    base-packages: cn.bintools.cloudquery.taskcenter

  application:
    id: cloudquery-task
    name: cloudquery-task
    qos-port: 33336
    qos-enable: true
    qos-accept-foreign-ip: false
  protocol:
    id: task
    name: dubbo
    port: 12355
    serialization: kryo

  registry:
    id: zookeeper
    #################修改ip地址为本机ip#####################
    address: zookeeper://10.0.2.102:2181
  consumer:
    timeout: 300000
    group: cloudquery
    check: false

application-test.yml

spring:
  profiles:
    include: dubbo
    active: test
  redis:
    database: 0
    #################修改ip地址为本机ip#####################
    host: 10.0.2.101
    port: 6379
    timeout: 5000
    pool:
      max-active: 8
      min-idle: 1
      max-idle: 8
      max-wait: -1
  datasource:
    #################修改ip地址为本机ip#####################
    url: jdbc:postgresql://10.0.2.103:5432/postgres
    username: postgres
    password: Hello123$
    driver-class-name: org.postgresql.Driver
  jpa:
    show-sql: true
    hibernate:
      ddl-auto: update
    properties:
      hibernate:
        enable_lazy_load_no_trans: true
        jdbc:
          lob:
            non_contextual_creation: true
    open-in-view: true
server:
  servlet:
    context-path: /taskCenter
  port: 6101
  error:
    include-exception: true
    include-stacktrace: always
# 定义日志级别
logging:
  config:
    cn.bintools.cloudquery.user: warn
# 文件存储路径
task-center:
  file-path: /opt/cloudquery/task

再将文件对应到原有安装 cloudquery 的目录进行逐一替换。

重启 cloudquery 服务即可。