Docker搭建容器命令
Halo
本容器使用docker-compose搭建,通过修改 docker-compose.yaml升级版本等操作
cd /docker-data/docker-composes/halo
docker-compose up -d # 首次运行
docker-compose start
docker-compose.yaml
version: "3"
services:
halo:
image: halohub/halo:2.21.3
container_name: halo
restart: on-failure:3
volumes:
- /docker-data/halo:/root/.halo2
ports:
- "8090:8090"
command:
- --spring.r2dbc.url=r2dbc:pool:mysql://192.168.1.5:3306/halo
- --spring.r2dbc.username=name
- --spring.r2dbc.password=pass
- --spring.sql.init.platform=mysql
- --halo.external-url=https://domain.com
- --halo.security.initializer.superadminusername=admin-name
- --halo.security.initializer.superadminpassword=admin-pass
# 端口号 默认8090
- --server.port=8090
network_mode: bridge
hostname: halo
Jenkins
本容器使用docker-compose直接搭建
docker-compose.yaml
version: "3"
services:
jenkins:
container_name: jenkins
restart: on-failure:3
image: jenkins/jenkins:2.517-jdk21
privileged: true
ports:
- 8800:8080
- 50000:50000
volumes:
- /docker-data/jenkins:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock
environment:
JAVA_OPTS: '-Duser.timezone=Asia/Shanghai -server -Xmn512m -Xms1024m -Xmx1024m'
TZ: 'Asia/Shanghai'
network_mode: bridge
hostname: jenkins
使用 https://domain.com:18443/jenkins/ 访问 nginx配置如下,用于没有独立域名的情况,无独立域名似乎需要改配置文件,忘了
# jenkins
location /jenkins {
proxy_pass http://127.0.0.1:8800;
# Rewrite HTTPS requests from WAN to HTTP requests on LAN
proxy_redirect http:// https://;
# The following settings from https://wiki.jenkins-ci.org/display/JENKINS/Running+Hudson+behind+Nginx
sendfile off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
# This is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_temp_file_write_size 64k;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
}
GitLab
docker-compose.yaml
version: "3.6"
services:
gitlab:
image: gitlab/gitlab-ce:18.0.1-ce.0
container_name: gitlab
restart: on-failure:2
ports:
- '10000:22'
- '10100:80'
- '10200:443'
volumes:
- /docker-data/gitlab/config:/etc/gitlab
- /docker-data/gitlab/logs:/var/log/gitlab
- /docker-data/gitlab/data:/var/opt/gitlab
privileged: true
hostname: gitlab
network_mode: bridge
environment:
- GITLAB_SKIP_UNMIGRATED_DATA_CHECK=true
- TZ=Asia/Shanghai
Nginx
本容器使用docker直接搭建
docker run \
-d \
--name=nginx-upload-2 \
--privileged=true \
-v /docker-data/image-upload/conf:/etc/nginx/conf.d \
-v /docker-data/image-upload/www:/usr/share/nginx \
-p 20200:80 \
-p 20300:443 \
nginx:alpine
Nginx-exporter
参考:服务监控
Portainer
docker-compose.yaml主服务
version: '3'
services:
portainer:
image: portainer/portainer-ce:2.30.1-linux-amd64-alpine
container_name: portainer-ce
restart: on-failure:3
privileged: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /disk/portainer/data:/data
- /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
ports:
- 9000:9000
environment:
- AGENT_SECRET=pass
- TZ=Asia/Shanghai
network_mode: bridge
hostname: portainer
docker-compose.yaml子服务
version: '3'
services:
portainer:
image: portainer/agent:2.30.1
container_name: portainer-agent
restart: on-failure:3
privileged: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
ports:
- 12501:9001
environment:
- AGENT_SECRET=password
- TZ=Asia/Shanghai
network_mode: bridge
hostname: portainer
主服务和子服务通过子服务端口9001,物理机12501端口连接,务必添加 AGENT_SECRET增强安全性(主子一致),另外设置ufw只允许 192.168.1.0/24访问
sudo ufw allow from 192.168.1.0/24 to any port 12501
sudo ufw deny 12501
Redis
docker-compose.yaml Redis版本和配置需要一致
version: '3'
services:
portainer:
image: redis:7.4.1
container_name: redis
hostname: redis-server
restart: on-failure:3
privileged: true
volumes:
- /docker-data/redis/data:/data
- /docker-data/redis/redis.conf:/usr/local/etc/redis/redis.conf
command: redis-server /usr/local/etc/redis/redis.conf
ports:
- 6380:6379
environment:
- TZ=Asia/Shanghai
network_mode: bridge
healthcheck:
test: ["CMD", "redis-cli", "ping"]
interval: 10s
timeout: 5s
retries: 3
redis.conf
# 基础配置
bind 0.0.0.0
port 6379
timeout 0
tcp-keepalive 300
# 持久化
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data
# 安全
requirepass pass
# 内存管理
maxmemory 512mb
maxmemory-policy allkeys-lru
# 日志
loglevel notice
logfile ""
# 其他
daemonize no
protected-mode yes
appendonly yes
appendfsync everysec
MySQL
本容器使用docker直接搭建
SHOW VARIABLES LIKE 'character%'; #查字符集
docker run \
-d -p 3310:3306 \
-p 33100:33060 \
-e MYSQL_ROOT_PASSWORD=******918 \
-e TZ=Asia/Shanghai \
--name=MySQL \
--privileged=true \
-v /docker-data/mysql/log:/var/log/mysql \
-v /docker-data/mysql/data:/var/lib/mysql \
-v /docker-data/mysql/conf:/etc/mysql/conf.d \
mysql:8.0.27 #开启挂载等数据目录
问题:ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
解决方法:docker中运行以下命令 https://zhuanlan.zhihu.com/p/589283782
usermod -d /var/lib/mysql/ mysql
ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock
chown -R mysql:mysql /var/lib/mysql
service mysql restart #重启容器
或者:mysql -h 127.0.0.1 -u root -p
[mysqld]
log-bin=mysql-bin
binlog_format=mixed
server-id=1
binlog-ignore-db=mysql,sys,performance_schema,information_schema
flush tables with read lock; // 全局锁,禁止写入,只允许读取
SET SQL_LOG_BIN=0;
CREATE USER slaveuser@'%' IDENTIFIED WITH mysql_native_password BY 'password';
grant replication slave on *.* to slaveuser@'%';
flush privileges;
SET SQL_LOG_BIN=1;
show master status
unlock tables;
[mysqld]
log-bin=mysql-bin
binlog_format=mixed
server-id=2
replicate-ignore-db=mysql,sys,performance_schema,information_schema
log-slave-updates
slave-skip-errors=all
stop slave
reset slave
change master to master_host='192.168.1.2',master_port=3306,master_user='SLAVE_1',master_password='hhhhhhh0918_@!',master_log_file='mysql-bin.000004',master_log_pos=52325;
start slave
show slave status
SET GLOBAL server-id=102
SHOW VARIABLES LIKE 'server_id';
mysqldump -u root -p --databases BONUS_CALCULATION BookKeeping BookRegistration cloudreve halo ImageUpload nextcloud nginxwebui WhatEatToday YouGos YouGosNews --single-transaction --source-data=2 --flush-logs > /tmp/mysqlbackup/`date +%F_%H-%M-%S`-mysql-all.sql
scp 2023-12-26_14-12-07-mysql-all.sql *.*.84.182:/tmp/
mysql -u root -p < /tmp/2023-12-26_14-12-07-mysql-all.sql
change master to master_host='*.*.84.182',master_port=3306,master_user='SLAVE_2',master_password='*****0918_@!',master_log_file='mysql-bin.000274',master_log_pos=157;
Mysqld-exporter
参考:服务监控
Harbor
本容器使用docker-compose搭建,创建在docker内部ubuntu容器内
cd /disk/ubuntu/opt/harbor
docker-compose start
harbor.yml
# Configuration file of Harbor
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: hostname
# http related config
# http:
# port for http, default is 80. If https enabled, this port will redirect to https port
# port: 5050
# https related config
https:
# https port for harbor, default is 443
port: 5050
# The path of cert and key files for nginx
certificate: /opt/harbor/https/ca/youcats.cn_bundle.pem
private_key: /opt/harbor/https/ca/youcats.cn.key
Jellyfin
version: '3'
services:
jellyfin:
image: jellyfin/jellyfin:2025051905-amd64
container_name: jellyfin
restart: on-failure:3
privileged: true
volumes:
- /disk/jellyfin/config:/config
- /disk/jellyfin/cache:/cache
- /disk/jellyfin/media:/media
ports:
- 8096:8096
network_mode: bridge
environment:
- TZ=Asia/Shanghai
hostname: jellyfin
Prometheus
参考:服务监控
version: "3"
services:
prometheus:
image: prom/prometheus:v3.4.0
container_name: prometheus
restart: on-failure:3
ports:
- "9090:9090"
volumes:
- /docker-data/prometheus/config:/etc/prometheus
- /docker-data/prometheus/data:/prometheus
- /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
command:
- '--web.config.file=/etc/prometheus/web.yml'
- '--config.file=/etc/prometheus/prometheus.yml'
privileged: true
network_mode: host
user: root
environment:
- STORAGE_TSDB_RETENTION_TIME=60d
- TZ=Asia/Shanghai
hostname: prometheus
Grafana
version: "3"
services:
grafana:
image: grafana/grafana:12.0.0
container_name: grafana
restart: on-failure:3
privileged: true
user: root
volumes:
- /docker-data/grafana/data:/var/lib/grafana
network_mode: host
environment:
- TZ=Asia/Shanghai
hostname: grafana
配置示例:mysql.json,prometheus.json,spring.json
RabbitMQ
version: '3.8'
services:
rabbitmq:
image: rabbitmq:3.13.7-management-alpine
container_name: rabbitmq
hostname: rabbit-server
restart: always
ports:
- "5672:5672"
- "15672:15672"
- "15692:15692"
environment:
RABBITMQ_DEFAULT_USER: name
RABBITMQ_DEFAULT_PASS: pass
RABBITMQ_PLUGINS: "rabbitmq_management rabbitmq_prometheus rabbitmq_delayed_message_exchange"
TZ: 'Asia/Shanghai'
volumes:
- /docker-data/rabbitmq/data:/var/lib/rabbitmq
healthcheck:
test: ["CMD", "rabbitmq-diagnostics", "-q", "check_running"]
interval: 30s
timeout: 10s
retries: 5
network_mode: bridge
使用 docker cp 将下载的 rabbitmq_delayed_message_exchange-3.13.0.ez 复制到容器内
在容器内将文件复制到 /plugins 下,使用 rabbitmq-plugins enable rabbitmq_delayed_message_exchange 启用拓展,使用 rabbitmq-plugins list 查看是否启用成功
评论