pip私有源部署需求分析私有开发源:开发团队需要便捷的python私有包发布机制私有镜像源:自建官方源镜像,提高访问速度,避免偶尔出现的网络问题,方便离线环境PypiServer服务器私有化部署使用PypiServer做一个私有Python包仓库生成Auth信息#安装依赖apt-getinstall-yapache2-utilssudopip3installpasslib#生成htpass文件mkdir-p/opt/pypiserver/auth/opt/pypiserver/packages#表示所有用户都可以读写但是文件/文件夹不能执行chmod-R666/opt/pypiserver/packages#会提示输入密码,重复同样的操作cd/opt/pypiserver/auth&&htpasswd-sc.htaccess${username}容器部署dockerrun-d\-p${port}:8080\--restart=always\--name=pypiserver\-v/opt/pypiserver/packages/:/data/packages\-v/opt/pypiserver/授权:/数据/auth/\pypiserver/pypiserver-P/data/auth/.htaccess-aupdate/data/packagesNginx反向代理使用Docker部署Nginx服务,同时提供HTTPS支持。配置文件/opt/pypi/pypi.conf如下:server{listen80;服务器名称${服务器名称];重写^(.*)$https://${server_name}$1permanent;}server{listen443ssl;服务器名称${服务器名称};#ssl证书文件位置(常见的证书文件格式为:crt/pem)ssl_certificate/etc/nginx/ssl/ps-cert.pem;#ssl证书密钥位置ssl_certificate_key/etc/nginx/ssl/ps-cert.key;ssl_session_timeout10m;ssl_protocolsTLSv1TLSv1.1TLSv1.2;ssl_ciphersECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_prefer_server_ciphers开启;位置/{proxy_set_header主机$host;proxy_set_headerX-Forwarded-Proto$scheme;proxy_set_headerX-Forwarded-For$host;proxy_set_headerX-Real-IP$remote_addr;可以使用frp穿透,将内网的service映射到公网的proxy_passhttp://${public_ip}:${port};}}部署Nginx容器dockerrun-d\--restartalways\-v/opt/pypi/pypi.conf:/etc/nginx/conf.d/pypi.conf\-v/opt/pypi/ssl/ps-cert.pem:/etc/nginx/ssl/ps-cert.pem\-v/opt/pypi/ssl/ps-cert.key:/etc/nginx/ssl/ps-cert.key\-p${port}:80\--name=pypi_nginxnginxbandersnatch本地源同步使用Bandersnatch自动同步官方源Python包构建本地源原生配置mkdir-p/opt/bandersnatch/log&&touch/opt/bandersnatch/bandersnatch.conf/opt/bandersnatch/bandersnatch-log.confecho'[mirror]directory=/opt/bandersnatchjson=falserelease-files=truecleanup=falsemaster=https://pypi.orgtimeout=10global-timeout=1800workers=3hash-index=falstop-on-error=falstorage-backend=filesystem;log-config=/opt/bandersnatch/bandersnatch-log.conf;root_uri=https://example.comverifiers=3;keep_index_versions=0;vim:setft=cfg:;diff-file=/srv/pypi/mirrored-files;diff-append-epoch=true[plugins]enabled=all[黑名单];https://bandersnatch.readthedocs.io/en/latest/filtering_configuration.html;https://pypi.org/stats/[whitelist]packages=cntktensorflow-gputensorflowtensorflow-cputorch'>/opt/bandersnatch/bandersnatch.conf\&&echo'[loggers]keys=root,file[handlers]keys=root,file[formatters]keys=common[logger_root]level=NOTSEThandlers=root[logger_file]level=INFOhandlers=filepropagate=1qualname=bandersnatch[formatter_common]format=%(asctime)s%(name)-12s:%(levelname)s%(message)s[handler_root]class=StreamHandlerlevel=DEBUGformatter=commonargs=(sys.stdout,)[handler_file]class=handlers.RotatingFileHandlerlevel=INFOformatter=commonargs=('/opt/bandersnatch/log/bandersnatch.log','D',1,'UTF-8')#将管理一个文件aday'>/opt/bandersnatch/bandersnatch-log.conf部署容器dockerrun-d\--restart=always\--name=bandersnatch\-v/opt/bandersnatch/bandersnatch.conf:/etc/bandersnatch.conf\-v/opt/bandersnatch:/opt/bandersnatch\pypa/bandersnatchbandersnatchmirrornginx反向代理配置使用Docker部署Nginx服务,nginx配置文件/opt/bandersnatch/bandersnatch.conf如下server{listen80;服务器名称${服务器名称};重写^(.*)$https://${server_name}$1permanent;}server{listen443ssl;服务器名称${服务器名称};#ssl证书文件位置(常见的证书文件格式:crt/pem)ssl_certificate/etc/nginx/ssl/bs-cert.pem;#ssl证书密钥位置ssl_certificate_key/etc/nginx/ssl/bs-cert.key;ssl_session_timeout10m;ssl_protocolsTLSv1TLSv1.1TLSv1.2;ssl_ciphersECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_prefer_server_ciphers开启;位置/{proxy_set_header主机$host;proxy_set_headerX-Forwarded-Proto$scheme;proxy_set_headerX-Forwarded-For$host;proxy_set_headerX-Real-IP$remote_addr;网络服务映射到公网的proxy_passhttp://${public_ip}:${port};}}部署Nginx容器dockerrun-d\--restartalways\-v/opt/bandersnatch/bandersnatch.conf:/etc/nginx/conf.d/bandersnatch.conf\-v/opt/bandersnatch/ssl/bs-cert.pem:/etc/nginx/ssl/bs-cert.pem\-v/opt/bandersnatch/ssl/bs-cert.key:/etc/nginx/ssl/bs-cert.key\-p${port}:80\--name=bandersnatch_nginxnginx参考PypiServerhttps://pypi.org/project/pypi...https://github.com/pypiserver...PypiServerDockerHubbandersnatchhttps://hub.docker.com/r/pypa...https://github.com/pypa/bande...镜像配置
