Docker
新建/etc/docker/daemon.json
{
"registry-mirrors": [
"http://hub-mirror.c.163.com","https://9cpn8tt6.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn","https://registry.docker-cn.com"
],
"insecure-registries": [
"114.67.94.253:5000"
]
}
注:insecure-registries用于镜像上传到Registry
执行
systemctl daemon-reload
systemctl restart docker
docker info
curl -fsSL get.docker.com -o get-docker.sh
sh get-docker.sh --mirror AzureChinaCloud
systemctl restart docker
#ubuntu22.03 docker起不来
curl -sSL http://get.docker.com/ | sh
docker pull tomcat 或 docker pull tomcat:9-jre8
docker images
docker run -p 8080:8080 tomcat
http://192.168.159.131:8080
docker pull ubuntu
docker run -it --rm ubuntu bash
或
docker run -it --rm \
ubuntu \
bash
cat /etc/os-release
docker images 或 docker image ls
docker ps -a 或 docker ps -s
docker rm <状态ID>
docker rmi <镜像ID> 或 docker rmi -f <镜像ID>
注:-f 强制删除
Docker Compose
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose version
mkdir -p /usr/local/docker
1. Nginx
C:\Windows\System32\drivers\etc\hosts
192.168.159.135 nginx.projectname.xxx.com
mkdir -p /usr/local/docker/nginx
vi /usr/local/docker/nginx/docker-compose.yml
/usr/local/docker/nginx/conf/nginx.conf
user nginx;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# tomcat1代理
upstream tomcatServer1 {
server 192.168.159.135:8080;
}
# tomcat2代理
upstream tomcatServer2 {
server 192.168.159.135:8081;
}
# tomcat集群
upstream tomcatCluster {
server 192.168.159.135:8080 weight=10;
server 192.168.159.135:8081 weight=10;
}
# 配置虚拟主机 192.168.159.135
server {
# 监听的ip和端口,配置 192.168.159.135:80
listen 80;
# 虚拟主机名称这里配置ip地址
server_name 192.168.159.135;
# 所有的请求都以 / 开始,所有的请求都可以匹配此 location
location / {
# 使用 root 指令指定虚拟主机目录即网页存放目录
# 比如访问 http://ip/index.html 将找到 /usr/local/docker/nginx/wwwroot/html80/index.html
# 比如访问 http://ip/item/index.html 将找到 /usr/local/docker/nginx/wwwroot/html80/item/index.html
root /usr/share/nginx/wwwroot/html80;
# 指定欢迎页面,按从左到右顺序查找
index index.html index.htm;
}
}
server {
listen 81;
server_name 192.168.159.135;
location / {
root /usr/share/nginx/wwwroot/html81;
index index.html index.htm;
}
}
# 配置虚拟主机 192.168.159.135
server {
listen 82;
server_name nginx.projectname.xxx.com;
location / {
# root /usr/share/nginx/wwwroot/htmlservice;
# index index.html index.htm;
# 域名 service.projectname.xxx.com 的请求转发到 tomcatserver1
proxy_pass http://tomcatServer1;
index index.jsp index.html index.htm;
}
}
server {
listen 83;
server_name nginx.projectname.xxx.com;
location / {
# root /usr/share/nginx/wwwroot/htmlweb;
# index index.html index.htm;
# 域名 web.projectname.xxx.com 的请求转发到 tomcatserver2
proxy_pass http://tomcatServer2;
index index.jsp index.html index.htm;
}
}
server {
listen 84;
server_name nginx.projectname.xxx.com;
location / {
proxy_pass http://tomcatCluster;
index index.jsp index.html index.htm;
}
}
}
/usr/local/docker/nginx/docker-compose.yml
version: '3.1'
services:
nginx:
restart: always
image: nginx
container_name: nginx
ports:
- 80:80
- 81:81
- 82:82
- 83:83
- 84:84
volumes:
- ./conf/nginx.conf:/etc/nginx/nginx.conf
- ./wwwroot:/usr/share/nginx/wwwroot
docker pull alqutami/rtmp-hls
docker run -d -p 1935:1935 -p 90:8080 alqutami/rtmp-hls
推流地址:
ffmpeg -re -i C:\ffmpeg_test\sample.mp4 -vcodec copy -acodec copy -f flv rtmp://114.67.94.248/live/001
播放地址:
http://jd1.1058s.cn/hls/
http://114.67.94.248/hls/
http://114.67.94.248:90/hls/001.m3u8
2. Tomcat+MySQL
mkdir -p /usr/local/docker/tomcat
vi /usr/local/docker/tomcat/docker-compose.yml
/usr/local/docker/tomcat/docker-compose.yml
version: '3'
services:
tomcat:
restart: always
image: tomcat
container_name: tomcat
ports:
- 8080:8080
volumes:
- /usr/local/docker/tomcat/ROOT:/usr/local/tomcat/webapps/ROOT
# MySQL5
# mysql:
# restart: always
# image: mysql:5.7.22
# container_name: mysql
# ports:
# - 3306:3306
# environment:
# TZ: Asia/Shanghai
# MYSQL_ROOT_PASSWORD: 123456
# command:
# --character-set-server=utf8mb4
# --collation-server=utf8mb4_general_ci
# --explicit_defaults_for_timestamp=true
# --lower_case_table_names=1
# --max_allowed_packet=128M
# --sql-mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO"
# volumes:
# - mysql-data:/var/lib/mysql
# MySQL8
db:
image: mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: 123456
command:
--default-authentication-plugin=mysql_native_password
--character-set-server=utf8mb4
--collation-server=utf8mb4_general_ci
--explicit_defaults_for_timestamp=true
--lower_case_table_names=1
ports:
- 3306:3306
volumes:
- ./data:/var/lib/mysql
#volumes:
# mysql-data:```
mysql修改时区8小时
docker exec -it mysql-db-1 /bin/bash
apt-get update
apt-get install vim
cd /etc/mysql
vim my.cnf
default-time-zone = '+08:00'
exit
docker restart mysql-db-1
select now();
show variables like '%time_zone%';
/usr/local/docker/tomcat/docker-compose.yml
version: '3'
services:
tomcat1:
image: tomcat
container_name: tomcat8080
ports:
- 8080:8080
tomcat2:
image: tomcat
container_name: tomcat8081
ports:
- 8081:8080
/usr/local/docker/tomcat/执行
docker-compose up 或 docker-compose up -d(-d守护进程)
docker-compose logs tomcat 或 docker-compose logs -f tomcat
停止:docker-compose stop
重启:docker-compose restart
docker-compose kill
删除:docker-compose rm
docker-compose ps
http://192.168.159.131:8080
3. GitLab
docker pull twang2218/gitlab-ce-zh
mkdir -p /usr/local/docker/gitlab
vi /usr/local/docker/gitlab/docker-compose.yml
docker-compose up
version: '3'
services:
web:
image: 'twang2218/gitlab-ce-zh'
restart: always
hostname: '192.168.159.131'
environment:
TZ: 'Asia/Shanghai'
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://192.168.159.131:8080'
gitlab_rails['gitlab_shell_ssh_port'] = 2222
unicorn['port'] = 8888
nginx['listen_port'] = 8080
ports:
- '8080:8080'
- '8443:443'
- '2222:22'
volumes:
- /usr/local/docker/gitlab/config:/etc/gitlab
- /usr/local/docker/gitlab/data:/var/opt/gitlab
- /usr/local/docker/gitlab/logs:/var/log/gitlab
解决办法参考https://www.cnblogs.com/sparkdev/p/10522489.html
pvs
vgs
lvs
lvextend /dev/ubuntu-vg/ubuntu-lv /dev/sda3
resize2fs /dev/ubuntu-vg/ubuntu-lv
修改拷贝地址
docker exec -it 82c /bin/bash
cd /opt/gitlab/embedded/service/gitlab-rails/config
vim gitlab.yml
host 改为 xxx.xxx.xxx.xxx
gitlab-ctl restart
http://192.168.159.131:8080
3.1 GitLab设置
设置 -> 账户和限制 -> 不勾选Gravatar enabled
设置 -> 注册限制 -> 不勾选启用注册
3.2 SSH免密登录
C:\Program Files\Git\usr\bin ->ssh-keygen -t rsa -C "26563956@qq.com"
GitLab用户设置 -> SSH密钥 -> 新增key(C:\Users\jackaliu\.ssh\id_rsa.pub全选复制)
修改 tortoiseGit ssh客户端 -> 网络 -> SSH客户端路径C:\Program Files\Git\usr\bin\ssh.exe
Git Clone使用ssh获取代码时,无需再使用密码
3.3 重新清除
git rm -r --cached .
git add .
git commit
git push -u origin master
3.4 备份迁移
#docker备份迁移
docker save twang2218/gitlab-ce-zh > gitlab_20231125.tar
docker load < gitlab_20231125.tar
#gitlab数据备份恢复
/usr/local/docker/gitlab/config/gitlab-secrets.json、gitlab.rb,文件备份恢复
docker exec -it 容器id /bin/bash
cd /var/opt/gitlab/backups
gitlab-rake gitlab:backup:create,#从/usr/local/docker/gitlab/data/backups/1700930260_2023_11_25_11.1.4_gitlab_backup.tar数据备份
gitlab-rake gitlab:backup:restore BACKUP=1700930260_2023_11_25_11.1.4, #数据恢复
4. GitLab Runner
mkdir -p /usr/local/docker/runner/environment,拷问文件到目录下
/usr/local/docker/runner/目录下
docker-compose build
docker-compose up -d
docker exec -it gitlab-runner gitlab-runner register
# 输入 GitLab 地址
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
http://114.67.94.248:8080/
# 输入 GitLab Token
Please enter the gitlab-ci token for this runner:
9pAHgRRAVx4GAeadaZAj
# 输入 Runner 的说明
Please enter the gitlab-ci description for this runner:
可以为空
# 设置 Tag,可以用于指定在构建规定的 tag 时触发 ci
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
# 这里选择 true ,可以用于代码上传后直接执行
Whether to run untagged builds [true/false]:
true
# 这里选择 false,可以直接回车,默认为 false
Whether to lock Runner to current project [true/false]:
false
# 选择 runner 执行器,这里我们选择的是 shell
Please enter the executor: virtualbox, docker+machine, parallels, shell, ssh, docker-ssh+machine, kubernetes, docker, docker-ssh:
shell
#进入gitlab-runner
docker exec -it gitlab-runner /bin/bash
#重启runner操作
gitlab-ci-multi-runner restart
5. Nexus
mkdir -p /usr/local/docker/nexus
vi /usr/local/docker/nexus/docker-compose.yml
docker-compose up
chmod 777 /usr/local/docker/nexus/data
docker-compose up
version: '3.1'
services:
nexus:
restart: always
image: sonatype/nexus3
container_name: nexus
ports:
- 8081:8081
volumes:
- /usr/local/docker/nexus/data:/nexus-data
http://192.168.159.132:8081
6. Registry
mkdir -p /usr/local/docker/registry
mkdir -p /usr/local/docker/registry-fontend
vi /usr/local/docker/registry/docker-compose.yml
vi /usr/local/docker/registry-fontend/docker-compose.yml
docker-compose up
version: '3.1'
services:
registry:
image: registry
restart: always
container_name: registry
ports:
- 5000:5000
volumes:
- /usr/local/docker/registry/data:/var/lib/registry
version: '3.1'
services:
frontend:
image: konradkleine/docker-registry-frontend:v2
ports:
- 8080:80
volumes:
- ./certs/frontend.crt:/etc/apache2/server.crt:ro
- ./certs/frontend.key:/etc/apache2/server.key:ro
environment:
- ENV_DOCKER_REGISTRY_HOST=192.168.159.133
- ENV_DOCKER_REGISTRY_PORT=5000
http://192.168.159.133:5000/v2/_catalog
http://192.168.159.133:5000/v2/tomcat/tags/list
http://192.168.159.133:8080
## 标记本地镜像并指向目标仓库(ip:port/image_name:tag,该格式为标记版本号)
docker tag tomcat 192.168.159.133:5000/tomcat
## 提交镜像到仓库
docker push 192.168.159.133:5000/tomcat
## 从仓库拉取镜像
docker pull 192.168.159.133:5000/tomcat
git clone ssh://git@114.67.94.248:2222/com_xxx_projectname/projectname-demo.git
mvn clean package -Dmaven.test.skip=true
docker build -t 114.67.94.253:5000/projectname-demo .
docker push 114.67.94.253:5000/projectname-demo
7. Jenkins
7.1 配置
mkdir -p /usr/local/docker/jenkins/data
vi /usr/local/docker/jenkins/docker-compose.yml
chown -R 1000 /usr/local/docker/jenkins/data
docker-compose up
勾选插件Dashboard View、Publish Over SSH
/usr/local/docker/jenkins/data下放jdk-8u152-linux-x64.tar.gz和apache-maven-3.6.1-bin.tar.gz
tar -zxvf jdk-8u152-linux-x64.tar.gz
tar -zxvf apache-maven-3.6.1-bin.tar.gz
rm -fr jdk-8u152-linux-x64.tar.gz
rm -fr apache-maven-3.6.1-bin.tar.gz
系统管理->系统设置
Publish over SSH
新增SSH Servers
Name:测试环境_114.67.88.33
Hostname:192.168.0.7
Username:root
Remote Directory:/usr/local/jenkins
高级,勾选“Use password authentication, or use a different key”,填密码,保存
系统管理->全局工具配置
JDK安装
别名:jdk1.8.0_152
JAVA_HOME:/var/jenkins_home/jdk1.8.0_152
MAVEN安装
别名:apache-maven-3.6.1
MAVEN_HOME:/var/jenkins_home/apache-maven-3.6.1
系统管理->插件管理
可选插件安装
Extended Choice Parameter
Maven Integration
GitLab SSH 免密登录
docker exec -it jenkins /bin/bash
ssh-keygen -t rsa -C "26563956@qq.com"
cat /var/jenkins_home/.ssh/id_rsa.pub
复制公钥到 GitLab设置->SSH秘钥,手动克隆一次项目,目的是生成和服务器的验证信息,cd到~目录
git clone ssh://git@114.67.94.248:2222/com_xxx_projectname/projectname-dependencies.git,生成新文件~/.ssh/known_hosts
rm -fr projectname-dependencies/
7.2 使用
1、gitlab项目下创建标签v1.0.0、v1.0.1等;
2、jenkins新建项目
2-1)配置勾选“丢弃旧的构建”,保持构建的最大个数10;
2-2)源码管理Git,ssh://git@114.67.94.248:2222/com_xxx_projectname/projectname-dependencies.git;
保存,立即构建,~目录下生成新文件/workspace/projectname-dependencies,/.m2/repository,ls -al;
3、jenkins修改配置
3-1)配置勾选“参数化构建过程” ->Extended Choice Parameter(Name:RELEASE_VERSION,选中Basic Parameter Types,Groovy Script)
def ver_keys = [ 'bash', '-c', 'cd /var/jenkins_home/workspace/projectname-dependencies;git pull>/dev/null; git remote prune origin >/dev/null; git tag -l|sort -r |head -10 ' ]
ver_keys.execute().text.tokenize('\n')
3-2)源码管理None;
3-3)Post Steps选中“Run regardless of build result”,执行shell
echo $RELEASE_VERSION
cd /var/jenkins_home/workspace/projectname-dependencies
git checkout $RELEASE_VERSION
git pull origin $RELEASE_VERSION
mvn clean package or install
3-4)新增Send files or execute commands over SSH
Source files:**/*.jar,docker/**
Remote directory:projectname-demo
Exec command:
cd /usr/local/jenkins/projectname-demo
cp target/projectname-demo-1.0.0-SNAPSHOT.jar docker
cd docker
docker build -t 114.67.94.253:5000/projectname-demo:v1.0.0 .
docker push 114.67.94.253:5000/projectname-demo:v1.0.0
docker-compose down
docker-compose up -d
docker image prune -f
保存,Build with Parameters,approve,选版本号 开始构建;
8. Redis+Sentinel
mkdir -p /usr/local/docker/redis
mkdir -p /usr/local/docker/sentinel
vi /usr/local/docker/redis/docker-compose.yml
vi /usr/local/docker/sentinel/docker-compose.yml
docker-compose up
version: '3.1'
services:
master:
image: redis
container_name: redis-master
ports:
- 6379:6379
slave1:
image: redis
container_name: redis-slave-1
ports:
- 6380:6379
command: redis-server --slaveof redis-master 6379
slave2:
image: redis
container_name: redis-slave-2
ports:
- 6381:6379
command: redis-server --slaveof redis-master 6379
version: '3.1'
services:
sentinel1:
image: redis
container_name: redis-sentinel-1
ports:
- 26379:26379
command: redis-sentinel /usr/local/etc/redis/sentinel.conf
volumes:
- ./sentinel1.conf:/usr/local/etc/redis/sentinel.conf
sentinel2:
image: redis
container_name: redis-sentinel-2
ports:
- 26380:26379
command: redis-sentinel /usr/local/etc/redis/sentinel.conf
volumes:
- ./sentinel2.conf:/usr/local/etc/redis/sentinel.conf
sentinel3:
image: redis
container_name: redis-sentinel-3
ports:
- 26381:26379
command: redis-sentinel /usr/local/etc/redis/sentinel.conf
volumes:
- ./sentinel3.conf:/usr/local/etc/redis/sentinel.conf
/usr/local/docker/sentinel/sentinel1.conf
/usr/local/docker/sentinel/sentinel2.conf
/usr/local/docker/sentinel/sentinel3.conf
port 26379
dir /tmp
# 自定义集群名,其中 127.0.0.1 为 redis-master 的 ip,6379 为 redis-master 的端口,2 为最小投票数(因为有 3 台 Sentinel 所以可以设置成 2)
sentinel monitor mymaster 192.168.159.134 6379 2
sentinel down-after-milliseconds mymaster 30000
sentinel parallel-syncs mymaster 1
sentinel failover-timeout mymaster 180000
sentinel deny-scripts-reconfig yes
8.1 查看集群是否生效
进入 Sentinel 容器,使用 Sentinel API 查看监控情况:
docker exec -it redis-sentinel-1 /bin/bash
redis-cli -p 26379
sentinel master mymaster
sentinel slaves mymaster
exit
postman POST
http://127.0.0.1:8502/put?key=test&value=helloredis&seconds=300
浏览器
http://127.0.0.1:8502/get?key=test
9.MongoDB
docker pull mongo:latest
docker images
docker run -itd --name mongo -p 27017:27017 mongo --auth
docker ps
docker exec -it mongo mongo admin
db.createUser({ user:'admin',pwd:'123456',roles:[ { role:'userAdminAnyDatabase', db: 'admin'},"readWriteAnyDatabase"]});
db.auth('admin', '123456')
mkdir -p /usr/local/docker/mongodb
vi /usr/local/docker/mongodb/docker-compose.yml
docker-compose up
version: '3.1'
services:
mongo:
image: mongo
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: 123456
ports:
- 27017:27017
volumes:
- ./data:/data/db
10. ElasticSearch7
version: '3'
services:
elastichd:
image: containerize/elastichd:latest
container_name: elasticsearch-hd
networks:
- net-es
ports:
- "9962:9800"
depends_on:
- "elasticsearch"
links:
- "elasticsearch:demo"
elasticsearch:
image: elasticsearch:7.5.1
container_name: elasticsearch
networks:
- net-es
volumes:
- /usr/local/docker/elasticsearch7/data:/usr/share/elasticsearch/data #这里将elasticsearch的数据文件映射本地,以保证下次如果删除了容器还有数据
environment:
- discovery.type=single-node
ports:
- "9963:9200"
#这里要注意,es和eshd要在相同网络才能被links
networks:
net-es:
external: false
ES报错 this action would add [2] total shards, but this cluster currently has [1000]/[1000]
解决办法 curl -XPUT -H "Content-Type:application/json" http://localhost:9200/_cluster/settings -d '{"transient":{"cluster":{"max_shards_per_node":10000}}}'
11. ELK
docker-compose.yml 涉及文件
elasticsearch/config/elasticsearch.yml
logstash/config/logstash.yml
logstash/pipeline/logstash.conf
kibana/config/kibana.yml
docker exec -it elasticsearch /bin/bash
此命令需要在容器中运行
elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v7.13.2/elasticsearch-analysis-ik-7.13.2.zip
exit
docker restart docker-elk_elasticsearch_1
docker restart docker-elk_kibana_1
12. Zookeeper
docker exec -it zookeeper_1 /bin/sh
zkServer.sh status
zkCli.sh -server localhost:2181
docker命令
docker logs -f jenkins
docker network ls
docker network create docker_projectname
docker exec -it db3aa2741c94 /bin/bash
docker cp f8b29c67f0a3:/etc/mysql/my.cnf /usr/local/docker/mysql
docker cp /usr/local/docker/mysql/my.cnf f8b29c67f0a3:/etc/mysql
ls -al
pwd
rm -fr *
for i in /*; do echo $i; find $i | wc -l; done
df -h
df -i
df -hl /var/lib/docker/
du -sh *
磁盘空间满了解决办法
df -hT
du -sh *
docker ps -s
docker system prune
docker system df
docker system df -v
cd /var/lib/docker/overlay2
du --max-depth=1 -h ./
cd /var/lib/docker/containers
du --max-depth=1 -h ./
ls -lh $(find /var/lib/docker/containers/ -name *-json.log)
cat /dev/null > /var/lib/docker/containers/240a70cc9a8fdb7d998571a54df35f1675ff113921f582446b51d3241ecbe9f9/240a70cc9a8fdb7d998571a54df35f1675ff113921f582446b51d3241ecbe9f9-json.log
#删除虚悬镜像
docker rmi $(docker images -q -f dangling=true)
