# 初始化步驟流程 :::info * 是方機器的驗證步驟 1. 先驗證機器是否正常 ```bash+= curl 150.117.126.20 -u elastic:ZZK4cwGVkpdCMXmUmsZuF44M7 ``` 2. 回報機器是否正常 ::: ## 1. 目前初始化須新增的額外步驟 < OpenSSL3.7 + ELB檔案 > ### OpenSSL #### 下載運維建置的安裝包 ```bash+= sudo su cd /srv curl -O https://exquisite-wall-e.s3.ap-northeast-1.amazonaws.com/cdn-node.zip unzip cdn-node.zip ``` #### OpenSSL v3.0.7 手動：編譯 & 安裝 ```bash+= sudo su yum install perl-IPC-Cmd perl-Test-Simple cd /srv/openssl-3.0.7 ./config --prefix=/usr/local/ssl/ make -j 4 make install mv /usr/bin/openssl /usr/bin/openssl.old mv /usr/include/openssl/ /usr/include/openssl.old ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl # ln -s /usr/local/ssl /usr/include/openssl/.openssl # ln -s /usr/local/ssl/lib64 /usr/local/ssl/lib echo "/usr/local/ssl/lib64/" >> /etc/ld.so.conf ldconfig ``` #### Nginx 手動：重新編譯 & 安裝 Part 2 ```bash+= cd /srv/nginx-1.22.1 # 打入patch用於安裝nginx_upstream_check_module patch -p1 < /srv/nginx-1.22.1/nginx_upstream_check_module/check_1.20.1+.patch # 產生Makefile用於後續編譯 ./configure --prefix=/usr/local/nginx \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_v2_module \ --with-http_realip_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --with-pcre \ --with-stream \ --with-stream_ssl_module \ --with-stream_realip_module \ --add-module=nginx-module-vts \ --add-module=nginx_upstream_check_module \ --add-dynamic-module=/srv/nginx/ngx_http_geoip2_module-3.3 \ --with-openssl=/usr/local/ssl make -j 65536 && make install nginx -s stop nginx ``` ### ELB ```bash+= mkdir -p /var/www/html/ vi /var/www/html/healthy_check_alive.html wall-e is alive ``` ## 2. 手動將檔案壓縮後複製到新機器組再解壓縮 < SSL憑證 & conf > ```bash+= cd /usr/local/nginx/conf/vhosts/ tar -zcvf vhosts.tar.gz *.conf cd /usr/local/nginx/conf/ssl/ tar -zcvf ssl.tar.gz 658cc3db-62ec-444c-ac39-21da16a1b61a/ ```