Docker
- 安装方式
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce
-
配置
/etc/docker
- 增加
daemon.json
修改/var/lib/docker
修改为/data/docker
{ "graph": "/data/docker" }
- 增加
-
命令
- 启动
sudo systemctl start docker
- 重启
sudo systemctl restart docker
- 停止
sudo systemctl stop docker
- 启动
安装Portainer
- 位置
/data/portainer
- 创建脚本
touch run.sh
docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
下面的docker-compose.yml
都是放在portainer中
Traefik
位置
/data/traefik
-
创建文件
traefik.toml
和touch acme.json
- 证书
acme.json
- 配置
traefik.toml
获取基础配置wget https://raw.githubusercontent.com/containous/traefik/master/traefik.sample.toml
- 设置权限
chmod 600 acme.json
- 证书
traefik.toml 增加配置
# 自动签发证书并且自动续期
[certificatesResolvers.le.acme]
email = "邮件@email.com"
storage = "acme.json"
[certificatesResolvers.le.acme.tlsChallenge]
- docker-compose.yml
version: '2'
services:
reverse-proxy:
image: traefik:v2.2
container_name: traefik
ports:
- "80:80"
- "443:443"
environment:
TZ: Asia/Shanghai
volumes:
- /data/traefik/traefik.toml:/etc/traefik/traefik.toml
- /data/traefik/acme.json:/acme.json
- /data/traefik/log:/log
- /var/run/docker.sock:/var/run/docker.sock
- 使用 在服务添加代码
服务:
networks:
- default
labels:
- traefik.http.routers.whoami.rule=Host(`域名`)
- traefik.http.routers.whoami.tls=true
- traefik.http.routers.whoami.tls.certresolver=le
使用traefik_default网络
networks:
default:
external:
name: traefik_default
Rocketmq 双Master
- 方式
https://github.com/foxiswho/docker-rocketmq
- 位置
/data/rocketmq
- 创建目录
# 创建目录
mkdir -p ./rmqs/logs
mkdir -p ./rmqs/store
mkdir -p ./rmq/logs
mkdir -p ./rmq/store
mkdir -p ./rmq/brokerconf
配置文件 在
rmq/brokerconf
创建文件broker.conf
与plain_acl.ym
设置权限
# 设置目录权限
chmod -R 777 ./rmqs/logs
chmod -R 777 ./rmqs/store
chmod -R 777 ./rmq/logs
chmod -R 777 ./rmq/store
chmod -R 777 ./rmq/brokerconf
- 配置文件 ACL
plain_acl.yml
accounts:
- accessKey: 账户
secretKey: 密码
admin: true
- 配置文件
broker.conf
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#所属集群名字
brokerClusterName=DefaultCluster
#broker名字,注意此处不同的配置文件填写的不一样,如果在broker-a.properties使用:broker-a,
#在broker-b.properties使用:broker-b
# ip1 broker-a
# ip2 broker-b
brokerName=broker-b
#0 表示Master,>0 表示Slave
brokerId=0
#nameServer地址
namesrvAddr=ip1:9876;ip2:9876
#namesrvAddr=rmqnamesrv:9876
#启动IP,如果 docker 报 com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.120:10909> failed
# 解决方式1 加上一句producer.setVipChannelEnabled(false);,解决方式2 brokerIP1 设置宿主机IP,不要使用docker 内部IP
# 公网ip
brokerIP1=ip
#在发送消息时,自动创建服务器不存在的topic,默认创建的队列数
defaultTopicQueueNums=4
#是否允许 Broker 自动创建Topic,建议线下开启,线上关闭 !!!这里仔细看是false,false,false
#原因下篇博客见~ 哈哈哈哈
autoCreateTopicEnable=true
#是否允许 Broker 自动创建订阅组,建议线下开启,线上关闭
autoCreateSubscriptionGroup=true
#Broker 对外服务的监听端口
listenPort=10911
#删除文件时间点,默认凌晨4点
deleteWhen=04
#文件保留时间,默认48小时
fileReservedTime=120
#commitLog每个文件的大小默认1G
mapedFileSizeCommitLog=1073741824
#ConsumeQueue每个文件默认存30W条,根据业务情况调整
mapedFileSizeConsumeQueue=300000
#destroyMapedFileIntervalForcibly=120000
#redeleteHangedFileInterval=120000
#检测物理文件磁盘空间
diskMaxUsedSpaceRatio=88
#存储路径
#storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store
#commitLog 存储路径
#storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog
#消费队列存储
#storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue
#消息索引存储路径
#storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index
#checkpoint 文件存储路径
#storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint
#abort 文件存储路径
#abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort
#限制的消息大小
maxMessageSize=65536
#flushCommitLogLeastPages=4
#flushConsumeQueueLeastPages=2
#flushCommitLogThoroughInterval=10000
#flushConsumeQueueThoroughInterval=60000
#Broker 的角色
#- ASYNC_MASTER 异步复制Master
#- SYNC_MASTER 同步双写Master
#- SLAVE
brokerRole=ASYNC_MASTER
#刷盘方式
#- ASYNC_FLUSH 异步刷盘
#- SYNC_FLUSH 同步刷盘
flushDiskType=ASYNC_FLUSH
#发消息线程池数量
#sendMessageThreadPoolNums=128
#拉消息线程池数量
#pullMessageThreadPoolNums=128
# 开启认证
aclEnable=true
- docker-compose.yml
version: '2'
services:
rmqnamesrv:
image: foxiswho/rocketmq:4.8.0
container_name: rmqnamesrv
restart: always
ports:
- 9876:9876
volumes:
- /data/rocketmq/rmqs/logs:/home/rocketmq/logs
- /data/rocketmq/rmqs/store:/home/rocketmq/store
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
TZ: Asia/Shanghai
command: ["sh","mqnamesrv"]
networks:
rmq:
aliases:
- rmqnamesrv
rmqbroker:
image: foxiswho/rocketmq:4.8.0
container_name: rmqbroker
restart: always
ports:
- 10909:10909
- 10911:10911
volumes:
- /data/rocketmq/rmq/logs:/home/rocketmq/logs
- /data/rocketmq/rmq/store:/home/rocketmq/store
- /data/rocketmq/rmq/brokerconf/broker.conf:/etc/rocketmq/broker.conf
- /data/rocketmq/rmq/brokerconf/plain_acl.yml:/home/rocketmq/rocketmq-4.8.0/conf/plain_acl.yml
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
TZ: Asia/Shanghai
command: ["sh","mqbroker","-c","/etc/rocketmq/broker.conf","autoCreateTopicEnable=true"]
depends_on:
- rmqnamesrv
networks:
rmq:
aliases:
- rmqbroker
networks:
rmq:
name: rmq
driver: bridge
Redis
- 位置
/data/redis
- 创建文件夹
config
和redis_data
redis.conf
bind 0.0.0.0
requirepass 密码
- docker-compose.yml
version: '2'
services:
redis:
image: redis:6.2.4
container_name: redis
restart: always
ports:
- 6379:6379
volumes:
- /data/redis/config/redis.conf:/usr/local/etc/redis/redis.conf
- /data/redis/redis_data:/data
command: redis-server /usr/local/etc/redis/redis.conf
environment:
TZ: Asia/Shanghai
Emqx
位置
/data/emqx
当 EMQ X 成功运行在你的本地计算机上且 EMQ X Dashboard 被默认启用时,你可以访问 http://localhost:18083 来查看你的 Dashboard,默认用户名是 admin,密码是 public
修改
admin
密码123456
-
开启Mnesia认证 插件
emqx_auth_mnesia
- 接口文档
https://docs.emqx.cn/broker/v4.3/advanced/auth.html
- 接口POST
/api/v4/auth_username?username=test&password=test
添加账户密码 - 桥接客户端账户密码
mqttbridging/mqttbridging
- 现场客户端
line/line
- 接口文档
插件关闭遥测 插件
emqx_telemetry
-
关闭匿名登陆
- 配置文件
emqx.conf
关闭匿名登陆allow_anonymous = false
- 重启
./bin/emqx restart
- 配置文件
服务器使用方式一安装
安装方式一
- 下载
wget https://www.emqx.com/zh/downloads/broker/4.3.5/emqx-centos8-4.3.5-amd64.zip
- 安装
unzip emqx-centos8-4.3.5-amd64.zip
- 运行
./bin/emqx start
安装方式二
- 创建目录
mkdir -p ./data/configs
mkdir -p ./data/mnesia
- 设置权限
chmod -R 777 ./data/configs
chmod -R 777 ./data/mnesia
- docker-compose.yml
version: '2'
services:
postgresql:
image: emqx/emqx:4.3.5
container_name: emqx
restart: always
environment:
TZ: Asia/Shanghai
ports:
- 1883:1883
- 8081:8081
- 8083:8083
- 8084:8084
- 8883:8883
- 18083:18083
- 不要删除emqx的volumes
Docker私有仓库
位置
/data/docker-registry
htpasswd
工具yum -y install httpd
-
账户密码
- admin
- 密码
- 生成脚本
htpasswd -Bbn admin 密码 > auth/passwd
使用仓库 配置
daemon.json
"insecure-registries": [
"[ip:5000]"
]
- docker-compose.yml
version: '2'
services:
registry:
image: registry:2
container_name: docker-registry
volumes:
- /data/docker-registry:/var/lib/registry
- /data/docker-registry/auth:/auth
environment:
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM=Registry_Realm
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/passwd
restart: always
privileged: true
ports:
- "5000:5000"
networks:
- default
labels:
- traefik.http.routers.registry-ui.rule=Host(`docker.registry.域名.com`)
- traefik.http.routers.registry-ui.tls=true
- traefik.http.routers.registry-ui.tls.certresolver=le
registry-ui:
image: konradkleine/docker-registry-frontend:v2
container_name: docker-registry-ui
restart: always
privileged: true
environment:
- ENV_DOCKER_REGISTRY_HOST=registry
- ENV_DOCKER_REGISTRY_PORT=5000
ports:
- "5080:80"
networks:
- default
links:
- registry:registry
networks:
default:
external:
name: traefik_default
- 推送到仓库
- 登陆
docker login https://docker.registry.域名.com
- 打包镜像
docker build . --tag docker.registry.域名.com/组/镜像名:1.0.0
- push
docker push docker.registry.域名.com/组/镜像名:1.0.0
- 登陆
nacos
位置
/data/nacos/
-
源码位置
/data/nacos/git/nacos-docker-master
- 仓库地址
https://github.com/nacos-group/nacos-docker
- 仓库地址
启动方式
cluster-ip.yaml
集群nacos
的mysql
不对外开放3306端口不开放
只供nacos使用nacos
的mysql
不对外开放3306端口不开放
只供nacos使用nacos
的mysql
不对外开放3306端口不开放
只供nacos使用-
通用
- 账户
nacos
密码密码
- 账户
docker-compose.yml
version: "2"
services:
nacos1:
image: nacos/nacos-server:2.0.2
container_name: nacos1
networks:
nacos_net:
ipv4_address: 172.16.238.10
volumes:
- /data/nacos/cluster-logs/nacos1:/home/nacos/logs
ports:
- "8848:8848"
- "9848:9848"
- "9555:9555"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密码
restart: on-failure
depends_on:
- mysql
nacos2:
image: nacos/nacos-server:2.0.2
container_name: nacos2
networks:
nacos_net:
ipv4_address: 172.16.238.11
volumes:
- /data/nacos/cluster-logs/nacos2:/home/nacos/logs
ports:
- "8849:8848"
- "9849:9848"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密码
restart: always
depends_on:
- mysql
nacos3:
image: nacos/nacos-server:2.0.2
container_name: nacos3
networks:
nacos_net:
ipv4_address: 172.16.238.12
volumes:
- /data/nacos/cluster-logs/nacos3:/home/nacos/logs
ports:
- "8850:8848"
- "9850:9848"
environment:
- NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
- MYSQL_SERVICE_HOST=mysql
- MYSQL_SERVICE_DB_NAME=nacos
- MYSQL_SERVICE_PORT=3306
- MYSQL_SERVICE_USER=nacos
- MYSQL_SERVICE_PASSWORD=密码
restart: always
depends_on:
- mysql
mysql:
container_name: mysql
image: nacos/nacos-mysql:5.7
restart: always
networks:
nacos_net:
ipv4_address: 172.16.238.13
environment:
- MYSQL_ROOT_PASSWORD=root
- MYSQL_DATABASE=nacos
- MYSQL_USER=nacos
- MYSQL_PASSWORD=密码
volumes:
- /data/nacos/mysql:/var/lib/mysql
ports:
- "3306:3306"
networks:
nacos_net:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.16.238.0/24