Docker
2021-12-20 大约 3 分钟
# Docker
# 安装配置
yum install -y docker
# 安装compose
curl -L "https://github.com/docker/compose/releases/download/1.29.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
# 阿里云镜像加速
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://rpl1q4xn.mirror.aliyuncs.com"]
}
sudo systemctl daemon-reload
sudo systemctl restart docker
# 启动docker
systemctl start docker
# 关闭docker
systemctl stop docker
# 开机启动设置
systemctl enable docker
# 重启docker服务
systemctl restart docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 常用命令
# 运行容器
docker run -p 80:80 -v -d --name
# 查看所有镜像名
docker images
# 查看所有容器
docker ps -a
# 进入容器内部
docker exec -it 容器id /bin/bash
# 删除容器
docker rm
# 删除镜像
docker rmi 镜像名
# 停止容器
docker stop 容器名
# 启动容器
docker start 容器名
# 查看网络
docker network ls
# 查看日志
docker logs 容器名
# volume相关
docker volume rm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# 常用软件启动:
# nacos
docker run --env MODE=cluster --name nacos -d -p 8848:8848 nacos/nacos-server
# nginx
# 先启动一个默认的nginx
docker run -d --rm --name nginx -p 80:80 nginx
# 先建宿主机配置文件夹
mkdir -p /data/nginx/html /data/nginx/log /data/nginx/conf
# 复制所有容器配置文件
docker cp nginx:/etc/nginx/. /data/nginx/conf/
# 新建访问首页
vim /data/nginx/html/index.html
# 开启nginx
docker rm -f nginx
docker run -d --rm --privileged=true --name nginx -p 80:80 -p 443:443 -v /data/nginx/conf/:/etc/nginx/ -v /data/nginx/html:/usr/share/nginx/html -v /data/nginx/log:/var/log/nginx nginx
# 青龙面板
docker run -dit --privileged=true \
-v $PWD/ql/config:/ql/config \
-v $PWD/ql/log:/ql/log \
-v $PWD/ql/db:/ql/db \
-v $PWD/ql/scripts:/ql/scripts \
-v $PWD/ql/ninja/:/ql/ninja \
-p 5900:5700 \
-p 5805:5805 \
--name qinglong \
--hostname qinglong \
--restart always \
whyour/qinglong:latest
# mysql
docker run -d --privileged=true\
-p 3306:3306 \
--name mysql \
--restart unless-stopped \
-v /mydata/mysql8.0.20/mysql:/etc/mysql \
-v /mydata/mysql8.0.20/logs:/logs \
-v /mydata/mysql8.0.20/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=123456 \
mysql:8.0.20
# 如果本地客户端无法范围
docker exec -it mysql bash
grant all PRIVILEGES on *.* to root@'%' WITH GRANT OPTION
ALTER user 'root'@'%' IDENTIFIED BY '123456' PASSWORD EXPIRE NEVER
ALTER user 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456';
FLUSH PRIVILEGES;
# redis
docker run --name redis -p 6379:6379 \
-v /mydata/redis/data:/data \
-v /mydata/redis/redis.conf:/etc/redis/redis.conf \
-d --restart=always redis \
redis-server /etc/redis/redis.conf --appendonly yes
#redis.conf 配置
bind 127.0.0.1 #注释掉这部分,使redis可以外部访问
protected-mode no # 开启保护模式,限制为本地访问,默认yes
daemonize no # 用守护线程的方式启动,可后台运行,默认no。除非kill进程,改为yes会使配置文件方式启动redis失败
appendonly yes # redis持久化 默认是no
tcp-keepalive 300 #防止出现远程主机强迫关闭了一个现有的连接的错误 默认是300
requirepass 123456 #给redis设置密码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# docker-compose
# 常用命令
# 重新按照docker-compose.yaml更新
docker-compose up -d nginx
# 重新build image
docker-compose up -d nginx --build
docker-compose stop nginx
docker-compose rm -f nginx
#
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
# nginx + express项目 + mongodb(单节点副本)
# docker-compose.yml
version: '3.5'
services:
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
networks:
- my-network
node:
build:
context: ./node-app
ports:
- "3000:3000"
volumes:
- ./node-app:/app
networks:
- my-network
mongodb:
image: registry.cn-hangzhou.aliyuncs.com/kennylee/mongodb:4.1.1-xenial
ports:
- "27017:27017"
environment:
- MONGO_INITDB_ROOT_USERNAME=root
- MONGO_INITDB_ROOT_PASSWORD=root
command: mongod --port 27017 --replSet rs0 --dbpath /data/db
volumes:
- /data/db/:/data/db
restart: on-failure
logging:
driver: 'json-file'
options:
max-size: '30m'
max-file: '1'
networks:
- my-network
networks:
my-network:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# init-mongodb.sh
mongo
use admin
db.auth('root','root')
conf = {
_id: "rs0",
members: [
{
_id: 0,
host: "114.115.251.142:27017"
}
]
}
rs.initiate(conf)
rs.status()
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
# Dockerfile
FROM node:14
WORKDIR /app
COPY . .
RUN npm install --production
EXPOSE 3000
CMD ["npm", "start"]
1
2
3
4
5
6
7
8
9
10
11
12
2
3
4
5
6
7
8
9
10
11
12
# nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
sendfile on;
upstream node-app {
server node:3000;
}
# 下面是允许 WebSocket 转发和负载均衡的指令
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# 下面是 Nginx 对 Socket.IO 的 proxy 配置
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name localhost;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
# 在 /socket.io/ 前添加 /api/ ,实现反向代理
location /api/socket.io/ {
proxy_pass http://node-app/socket.io/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
location / {
proxy_pass http://node-app;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49