Docker
- 安裝方式
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce
-
配置
/etc/docker- 增加
daemon.json修改/var/lib/docker修改為/data/docker
{ "graph": "/data/docker" } - 增加
-
命令
- 啟動(dòng)
sudo systemctl start docker - 重啟
sudo systemctl restart docker - 停止
sudo systemctl stop docker
- 啟動(dòng)
安裝Portainer
- 位置
/data/portainer - 創(chuàng)建腳本
touch run.sh
docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
下面的docker-compose.yml 都是放在portainer中
Traefik
位置
/data/traefik-
創(chuàng)建文件
traefik.toml和touch acme.json- 證書
acme.json - 配置
traefik.toml獲取基礎(chǔ)配置wget https://raw.githubusercontent.com/containous/traefik/master/traefik.sample.toml - 設(shè)置權(quán)限
chmod 600 acme.json
- 證書
traefik.toml 增加配置
# 自動(dòng)簽發(fā)證書并且自動(dòng)續(xù)期
[certificatesResolvers.le.acme]
email = "郵件@email.com"
storage = "acme.json"
[certificatesResolvers.le.acme.tlsChallenge]
- docker-compose.yml
version: '2'
services:
reverse-proxy:
image: traefik:v2.2
container_name: traefik
ports:
- "80:80"
- "443:443"
environment:
TZ: Asia/Shanghai
volumes:
- /data/traefik/traefik.toml:/etc/traefik/traefik.toml
- /data/traefik/acme.json:/acme.json
- /data/traefik/log:/log
- /var/run/docker.sock:/var/run/docker.sock
- 使用 在服務(wù)添加代碼
服務(wù):
networks:
- default
labels:
- traefik.http.routers.whoami.rule=Host(`域名`)
- traefik.http.routers.whoami.tls=true
- traefik.http.routers.whoami.tls.certresolver=le
使用traefik_default網(wǎng)絡(luò)
networks:
default:
external:
name: traefik_default
Rocketmq 雙Master
- 方式
https://github.com/foxiswho/docker-rocketmq - 位置
/data/rocketmq - 創(chuàng)建目錄
# 創(chuàng)建目錄
mkdir -p ./rmqs/logs
mkdir -p ./rmqs/store
mkdir -p ./rmq/logs
mkdir -p ./rmq/store
mkdir -p ./rmq/brokerconf
配置文件 在
rmq/brokerconf創(chuàng)建文件broker.conf與plain_acl.ym設(shè)置權(quán)限
# 設(shè)置目錄權(quán)限
chmod -R 777 ./rmqs/logs
chmod -R 777 ./rmqs/store
chmod -R 777 ./rmq/logs
chmod -R 777 ./rmq/store
chmod -R 777 ./rmq/brokerconf
- 配置文件 ACL
plain_acl.yml
accounts:
- accessKey: 賬戶
secretKey: 密碼
admin: true
- 配置文件
broker.conf
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#所屬集群名字
brokerClusterName=DefaultCluster
#broker名字慈鸠,注意此處不同的配置文件填寫的不一樣蓝谨,如果在broker-a.properties使用:broker-a,
#在broker-b.properties使用:broker-b
# ip1 broker-a
# ip2 broker-b
brokerName=broker-b
#0 表示Master,>0 表示Slave
brokerId=0
#nameServer地址
namesrvAddr=ip1:9876;ip2:9876
#namesrvAddr=rmqnamesrv:9876
#啟動(dòng)IP,如果 docker 報(bào) com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.120:10909> failed
# 解決方式1 加上一句producer.setVipChannelEnabled(false);,解決方式2 brokerIP1 設(shè)置宿主機(jī)IP碧囊,不要使用docker 內(nèi)部IP
# 公網(wǎng)ip
brokerIP1=ip
#在發(fā)送消息時(shí)漫贞,自動(dòng)創(chuàng)建服務(wù)器不存在的topic,默認(rèn)創(chuàng)建的隊(duì)列數(shù)
defaultTopicQueueNums=4
#是否允許 Broker 自動(dòng)創(chuàng)建Topic芦昔,建議線下開啟,線上關(guān)閉 M拗住9径小!這里仔細(xì)看是false料扰,false凭豪,false
#原因下篇博客見~ 哈哈哈哈
autoCreateTopicEnable=true
#是否允許 Broker 自動(dòng)創(chuàng)建訂閱組,建議線下開啟晒杈,線上關(guān)閉
autoCreateSubscriptionGroup=true
#Broker 對(duì)外服務(wù)的監(jiān)聽端口
listenPort=10911
#刪除文件時(shí)間點(diǎn)嫂伞,默認(rèn)凌晨4點(diǎn)
deleteWhen=04
#文件保留時(shí)間,默認(rèn)48小時(shí)
fileReservedTime=120
#commitLog每個(gè)文件的大小默認(rèn)1G
mapedFileSizeCommitLog=1073741824
#ConsumeQueue每個(gè)文件默認(rèn)存30W條拯钻,根據(jù)業(yè)務(wù)情況調(diào)整
mapedFileSizeConsumeQueue=300000
#destroyMapedFileIntervalForcibly=120000
#redeleteHangedFileInterval=120000
#檢測(cè)物理文件磁盤空間
diskMaxUsedSpaceRatio=88
#存儲(chǔ)路徑
#storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store
#commitLog 存儲(chǔ)路徑
#storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog
#消費(fèi)隊(duì)列存儲(chǔ)
#storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue
#消息索引存儲(chǔ)路徑
#storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index
#checkpoint 文件存儲(chǔ)路徑
#storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint
#abort 文件存儲(chǔ)路徑
#abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort
#限制的消息大小
maxMessageSize=65536
#flushCommitLogLeastPages=4
#flushConsumeQueueLeastPages=2
#flushCommitLogThoroughInterval=10000
#flushConsumeQueueThoroughInterval=60000
#Broker 的角色
#- ASYNC_MASTER 異步復(fù)制Master
#- SYNC_MASTER 同步雙寫Master
#- SLAVE
brokerRole=ASYNC_MASTER
#刷盤方式
#- ASYNC_FLUSH 異步刷盤
#- SYNC_FLUSH 同步刷盤
flushDiskType=ASYNC_FLUSH
#發(fā)消息線程池?cái)?shù)量
#sendMessageThreadPoolNums=128
#拉消息線程池?cái)?shù)量
#pullMessageThreadPoolNums=128
# 開啟認(rèn)證
aclEnable=true
- docker-compose.yml
version: '2'
services:
rmqnamesrv:
image: foxiswho/rocketmq:4.8.0
container_name: rmqnamesrv
restart: always
ports:
- 9876:9876
volumes:
- /data/rocketmq/rmqs/logs:/home/rocketmq/logs
- /data/rocketmq/rmqs/store:/home/rocketmq/store
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
TZ: Asia/Shanghai
command: ["sh","mqnamesrv"]
networks:
rmq:
aliases:
- rmqnamesrv
rmqbroker:
image: foxiswho/rocketmq:4.8.0
container_name: rmqbroker
restart: always
ports:
- 10909:10909
- 10911:10911
volumes:
- /data/rocketmq/rmq/logs:/home/rocketmq/logs
- /data/rocketmq/rmq/store:/home/rocketmq/store
- /data/rocketmq/rmq/brokerconf/broker.conf:/etc/rocketmq/broker.conf
- /data/rocketmq/rmq/brokerconf/plain_acl.yml:/home/rocketmq/rocketmq-4.8.0/conf/plain_acl.yml
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
TZ: Asia/Shanghai
command: ["sh","mqbroker","-c","/etc/rocketmq/broker.conf","autoCreateTopicEnable=true"]
depends_on:
- rmqnamesrv
networks:
rmq:
aliases:
- rmqbroker
networks:
rmq:
name: rmq
driver: bridge
Redis
- 位置
/data/redis - 創(chuàng)建文件夾
config和redis_data redis.conf
bind 0.0.0.0
requirepass 密碼
- docker-compose.yml
version: '2'
services:
redis:
image: redis:6.2.4
container_name: redis
restart: always
ports:
- 6379:6379
volumes:
- /data/redis/config/redis.conf:/usr/local/etc/redis/redis.conf
- /data/redis/redis_data:/data
command: redis-server /usr/local/etc/redis/redis.conf
environment:
TZ: Asia/Shanghai
Emqx
位置
/data/emqx當(dāng) EMQ X 成功運(yùn)行在你的本地計(jì)算機(jī)上且 EMQ X Dashboard 被默認(rèn)啟用時(shí)帖努,你可以訪問 http://localhost:18083 來查看你的 Dashboard,默認(rèn)用戶名是 admin粪般,密碼是 public
修改
admin密碼123456-
開啟Mnesia認(rèn)證 插件
emqx_auth_mnesia- 接口文檔
https://docs.emqx.cn/broker/v4.3/advanced/auth.html - 接口POST
/api/v4/auth_username?username=test&password=test添加賬戶密碼 - 橋接客戶端賬戶密碼
mqttbridging/mqttbridging - 現(xiàn)場(chǎng)客戶端
line/line
- 接口文檔
插件關(guān)閉遙測(cè) 插件
emqx_telemetry-
關(guān)閉匿名登陸
- 配置文件
emqx.conf關(guān)閉匿名登陸allow_anonymous = false - 重啟
./bin/emqx restart
- 配置文件
服務(wù)器使用方式一安裝
安裝方式一
- 下載
wget https://www.emqx.com/zh/downloads/broker/4.3.5/emqx-centos8-4.3.5-amd64.zip - 安裝
unzip emqx-centos8-4.3.5-amd64.zip - 運(yùn)行
./bin/emqx start
安裝方式二
- 創(chuàng)建目錄
mkdir -p ./data/configs
mkdir -p ./data/mnesia
- 設(shè)置權(quán)限
chmod -R 777 ./data/configs
chmod -R 777 ./data/mnesia
- docker-compose.yml
version: '2'
services:
postgresql:
image: emqx/emqx:4.3.5
container_name: emqx
restart: always
environment:
TZ: Asia/Shanghai
ports:
- 1883:1883
- 8081:8081
- 8083:8083
- 8084:8084
- 8883:8883
- 18083:18083
- 不要?jiǎng)h除emqx的volumes
Docker私有倉(cāng)庫(kù)
位置
/data/docker-registryhtpasswd工具yum -y install httpd-
賬戶密碼
- admin
- 密碼
- 生成腳本
htpasswd -Bbn admin 密碼 > auth/passwd
使用倉(cāng)庫(kù) 配置
daemon.json
"insecure-registries": [
"[ip:5000]"
]
- docker-compose.yml
version: '2'
services:
registry:
image: registry:2
container_name: docker-registry
volumes:
- /data/docker-registry:/var/lib/registry
- /data/docker-registry/auth:/auth
environment:
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM=Registry_Realm
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/passwd
restart: always
privileged: true
ports:
- "5000:5000"
networks:
- default
labels:
- traefik.http.routers.registry-ui.rule=Host(`docker.registry.域名.com`)
- traefik.http.routers.registry-ui.tls=true
- traefik.http.routers.registry-ui.tls.certresolver=le
registry-ui:
image: konradkleine/docker-registry-frontend:v2
container_name: docker-registry-ui
restart: always
privileged: true
environment:
- ENV_DOCKER_REGISTRY_HOST=registry
- ENV_DOCKER_REGISTRY_PORT=5000
ports:
- "5080:80"
networks:
- default
links:
- registry:registry
networks:
default:
external:
name: traefik_default
- 推送到倉(cāng)庫(kù)
- 登陸
docker login https://docker.registry.域名.com - 打包鏡像
docker build . --tag docker.registry.域名.com/組/鏡像名:1.0.0 - push
docker push docker.registry.域名.com/組/鏡像名:1.0.0
- 登陸
nacos
位置
/data/nacos/-
源碼位置
/data/nacos/git/nacos-docker-master- 倉(cāng)庫(kù)地址
https://github.com/nacos-group/nacos-docker
- 倉(cāng)庫(kù)地址
啟動(dòng)方式
cluster-ip.yaml集群nacos的mysql不對(duì)外開放3306端口不開放只供nacos使用nacos的mysql不對(duì)外開放3306端口不開放只供nacos使用nacos的mysql不對(duì)外開放3306端口不開放只供nacos使用-
通用
- 賬戶
nacos密碼密碼
- 賬戶
docker-compose.yml
version: "2"
services:
nacos1:
image: nacos/nacos-server:2.0.2
container_name: nacos1
networks:
nacos_net:
ipv4_address: 172.16.238.10
volumes:
- /data/nacos/cluster-logs/nacos1:/home/nacos/logs
ports:
- "8848:8848"
- "9848:9848"
- "9555:9555"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密碼
restart: on-failure
depends_on:
- mysql
nacos2:
image: nacos/nacos-server:2.0.2
container_name: nacos2
networks:
nacos_net:
ipv4_address: 172.16.238.11
volumes:
- /data/nacos/cluster-logs/nacos2:/home/nacos/logs
ports:
- "8849:8848"
- "9849:9848"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密碼
restart: always
depends_on:
- mysql
nacos3:
image: nacos/nacos-server:2.0.2
container_name: nacos3
networks:
nacos_net:
ipv4_address: 172.16.238.12
volumes:
- /data/nacos/cluster-logs/nacos3:/home/nacos/logs
ports:
- "8850:8848"
- "9850:9848"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密碼
restart: always
depends_on:
- mysql
mysql:
container_name: mysql
image: nacos/nacos-mysql:5.7
restart: always
networks:
nacos_net:
ipv4_address: 172.16.238.13
environment:
- MYSQL_ROOT_PASSWORD=root
- MYSQL_DATABASE=nacos
- MYSQL_USER=nacos
- MYSQL_PASSWORD=密碼
volumes:
- /data/nacos/mysql:/var/lib/mysql
ports:
- "3306:3306"
networks:
nacos_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.16.238.0/24
