Docker搭建容器命令
Halo
本容器使用docker-compose搭建,通过修改 docker-compose.yaml升级版本等操作
cd /docker-data/docker-composes/halo
docker-compose up -d # 首次运行
docker-compose start
docker-compose.yaml
services:
halo:
image: halohub/halo:2.21.3
container_name: halo
restart: on-failure:3
volumes:
- /docker-data/halo:/root/.halo2
ports:
- "8090:8090"
command:
- --spring.r2dbc.url=r2dbc:pool:mysql://192.168.1.5:3306/halo
- --spring.r2dbc.username=name
- --spring.r2dbc.password=pass
- --spring.sql.init.platform=mysql
- --halo.external-url=https://domain.com
# 端口号 默认8090
- --server.port=8090
environment:
- JVM_OPTS=-Xms512m -Xmx1024m
network_mode: bridge
hostname: halo
Jenkins
本容器使用docker-compose直接搭建
docker-compose.yaml
services:
jenkins:
container_name: jenkins
restart: on-failure:3
image: jenkins/jenkins:2.517-jdk21
privileged: true
ports:
- 8800:8080
- 50000:50000
volumes:
- /docker-data/jenkins:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock
environment:
JAVA_OPTS: '-Duser.timezone=Asia/Shanghai -server -Xmn512m -Xms1024m -Xmx1024m'
TZ: 'Asia/Shanghai'
network_mode: bridge
hostname: jenkins
使用 https://domain.com:18443/jenkins/ 访问 nginx配置如下,用于没有独立域名的情况,无独立域名似乎需要改配置文件,忘了
# jenkins
location /jenkins {
proxy_pass http://127.0.0.1:8800;
# Rewrite HTTPS requests from WAN to HTTP requests on LAN
proxy_redirect http:// https://;
# The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
sendfile off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_temp_file_write_size 64k;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
}
GitLab
docker-compose.yaml
services:
gitlab:
image: gitlab/gitlab-ce:18.0.1-ce.0
container_name: gitlab
restart: on-failure:2
ports:
- '10000:22'
- '10100:80'
- '10200:443'
volumes:
- /docker-data/gitlab/config:/etc/gitlab
- /docker-data/gitlab/logs:/var/log/gitlab
- /docker-data/gitlab/data:/var/opt/gitlab
privileged: true
hostname: gitlab
network_mode: bridge
environment:
- GITLAB_SKIP_UNMIGRATED_DATA_CHECK=true
- TZ=Asia/Shanghai
Nginx-exporter
参考:服务监控
Portainer
docker-compose.yaml主服务
services:
portainer:
image: portainer/portainer-ce:2.30.1-linux-amd64-alpine
container_name: portainer-ce
restart: on-failure:3
privileged: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /disk/portainer/data:/data
- /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
ports:
- 9000:9000
environment:
- AGENT_SECRET=pass
- TZ=Asia/Shanghai
network_mode: bridge
hostname: portainer
docker-compose.yaml子服务
services:
portainer:
image: portainer/agent:2.30.1
container_name: portainer-agent
restart: on-failure:3
privileged: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 12501:9001
environment:
- AGENT_SECRET=password
- TZ=Asia/Shanghai
network_mode: bridge
hostname: portainer
主服务和子服务通过子服务端口9001,物理机12501端口连接,务必添加 AGENT_SECRET增强安全性(主子一致),另外设置ufw只允许 192.168.1.0/24访问
sudo ufw allow from 192.168.1.0/24 to any port 12501
sudo ufw deny 12501
Redis
docker-compose.yaml Redis版本和配置需要一致
services:
portainer:
image: redis:7.4.1
container_name: redis
hostname: redis-server
restart: on-failure:3
privileged: true
volumes:
- /docker-data/redis/data:/data
- /docker-data/redis/redis.conf:/usr/local/etc/redis/redis.conf
command: redis-server /usr/local/etc/redis/redis.conf
ports:
- 6380:6379
environment:
- TZ=Asia/Shanghai
network_mode: bridge
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 3
redis.conf
# 基础配置
bind 0.0.0.0
port 6379
timeout 0
tcp-keepalive 300
# 持久化
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
# 安全
requirepass pass
# 内存管理
maxmemory 512mb
maxmemory-policy allkeys-lru
# 日志
loglevel notice
logfile ""
# 其他
daemonize no
protected-mode yes
appendonly yes
appendfsync everysec
MySQL
docker-compose.yaml
services:
mysql-slave-1:
image: mysql:8.0.27
container_name: mysql-slave-1
restart: always
volumes:
- /docker-data/mysql-slave-1/conf:/etc/mysql/conf.d
- /docker-data/mysql-slave-1/data:/var/lib/mysql
- /docker-data/mysql-slave-1/log:/var/log/mysql
ports:
- "3310:3306"
- "33100:33060"
environment:
TZ: Asia/Shanghai
MYSQL_ROOT_PASSWORD: ******
networks:
mysqlnet:
ipv4_address: 172.19.0.10
privileged: true
hostname: mysql-slave-1
networks:
testnet:
external: true # 告诉 Compose「别新建,用现成的」
name: test-network
SHOW VARIABLES LIKE 'character%'; #查字符集
问题:ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
解决方法:docker中运行以下命令 https://zhuanlan.zhihu.com/p/589283782
usermod -d /var/lib/mysql/ mysql
ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock
chown -R mysql:mysql /var/lib/mysql
service mysql restart #重启容器
或者:mysql -h 127.0.0.1 -u root -p
[mysqld]
log-bin=mysql-bin
binlog_format=mixed
server-id=1
binlog-ignore-db=mysql,sys,performance_schema,information_schema
flush tables with read lock; // 全局锁,禁止写入,只允许读取
SET SQL_LOG_BIN=0;
CREATE USER slaveuser@'%' IDENTIFIED WITH mysql_native_password BY 'password';
grant replication slave on *.* to slaveuser@'%';
flush privileges;
SET SQL_LOG_BIN=1;
show master status
unlock tables;
[mysqld]
log-bin=mysql-bin
binlog_format=mixed
server-id=2
replicate-ignore-db=mysql,sys,performance_schema,information_schema
log-slave-updates
slave-skip-errors=all
stop slave
reset slave
change master to master_host='192.168.1.2',master_port=3306,master_user='SLAVE_1',master_password='hhhhhhh0918_@!',master_log_file='mysql-bin.000004',master_log_pos=52325;
start slave
show slave status
SET GLOBAL server-id=102
SHOW VARIABLES LIKE 'server_id';
mysqldump -u root -p --databases BONUS_CALCULATION BookKeeping BookRegistration cloudreve halo ImageUpload nextcloud nginxwebui WhatEatToday YouGos YouGosNews --single-transaction --source-data=2 --flush-logs > /tmp/mysqlbackup/`date +%F_%H-%M-%S`-mysql-all.sql
scp 2023-12-26_14-12-07-mysql-all.sql *.*.84.182:/tmp/
mysql -u root -p < /tmp/2023-12-26_14-12-07-mysql-all.sql
change master to master_host='*.*.84.182',master_port=3306,master_user='SLAVE_2',master_password='*****0918_@!',master_log_file='mysql-bin.000274',master_log_pos=157;
Mysqld-exporter
参考:服务监控
Jellyfin
services:
jellyfin:
image: jellyfin/jellyfin:2025051905-amd64
container_name: jellyfin
restart: on-failure:3
privileged: true
volumes:
- /disk/jellyfin/config:/config
- /disk/jellyfin/cache:/cache
- /disk/jellyfin/media:/media
ports:
- 8096:8096
network_mode: bridge
environment:
- TZ=Asia/Shanghai
hostname: jellyfin
Prometheus
参考:LPG日志采集
Grafana
参考:LPG日志采集
配置示例:mysql.json,prometheus.json,spring.json
Grafana换头像 < 12适用
- 准备1张90*90像素的png图片,并命名为user_profile.png
- 将准备好的图片放入grafana容器中
- 替换容器中
/usr/share/grafana/public/img/user_profile.png - 重启容器,然后就可以看到右上角图片是自己定义的了
可以使用以下dockerfile重新构建镜像,这样直接就是自定义的头像,不用手动替换
# 使用官方Grafana作为基础镜像
FROM grafana/grafana:12.3.2
# 复制自定义的user_profile.png到指定目录
COPY ./user_profile.png /usr/share/grafana/public/img/user_profile.png
docker build -t grafana:12.3.2-profile -f dockerfile .
Grafana版本 >= 12设置头像
官方推荐使用Gravatar登录和用户一样的邮箱即可自动获取头像,但是需要Grafana容器能够访问外网
RabbitMQ
services:
rabbitmq:
image: rabbitmq:3.13.7-management-alpine
container_name: rabbitmq
hostname: rabbit-server
restart: always
ports:
- "5672:5672"
- "15672:15672"
- "15692:15692"
environment:
RABBITMQ_DEFAULT_USER: name
RABBITMQ_DEFAULT_PASS: pass
RABBITMQ_PLUGINS: "rabbitmq_management rabbitmq_prometheus rabbitmq_delayed_message_exchange"
TZ: 'Asia/Shanghai'
volumes:
- /docker-data/rabbitmq/data:/var/lib/rabbitmq
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "-q", "check_running"]
interval: 30s
timeout: 10s
retries: 5
network_mode: bridge
使用 docker cp 将下载的 rabbitmq_delayed_message_exchange-3.13.0.ez 复制到容器内
在容器内将文件复制到 /plugins 下,使用 rabbitmq-plugins enable rabbitmq_delayed_message_exchange 启用拓展,使用 rabbitmq-plugins list 查看是否启用成功
另外可自己构建镜像,默认加载拓展
# 使用官方 RabbitMQ 管理镜像
FROM rabbitmq:3.13.7-management-alpine
# 将插件文件复制到容器的插件目录
COPY ./rabbitmq_delayed_message_exchange-3.13.0.ez /opt/rabbitmq/plugins/
# 启用插件。使用 --offline 模式以避免依赖RabbitMQ服务启动[citation:9]
RUN rabbitmq-plugins enable --offline rabbitmq_delayed_message_exchange
评论