DockerDocker安装及安装依赖包sudoyuminstall-yyum-utilsdevice-mapper-persistent-datalvm2设置阿里云镜像源sudoyum-config-manager--add-repohttps://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo安装Docker-CEsudoyuminstalldocker-ceinstalldocker-composecurl-Lhttps://github.com/docker/compose/releases/download/1.14.0/docker-compose-`uname-s`-`uname-m`>/usr/local/bin/docker-composechmod+x/usr/local/bin/docker-composeddocker-compose-versionGUI管理推荐使用Portainer作为容器的GUI管理方案。官方地址:https://portainer.io/install....安装命令:dockervolumecreateportainer_datadockerrun-d-p9000:9000-v/var/run/docker.sock:/var/run/docker.sock-vportainer_data:/dataportainer/portainer访问你的IP:9000进入容器管理页面。Docker部署SpringBoot项目Dockerfile#镜像需要依赖基础镜像FROMjava:8#将当前目录下的jar包复制到docker容器的/目录下ADDmall-tiny-docker-file-0.0.1-SNAPSHOT.jar/mall-tiny-docker-file.jar#运行时创建mall-tiny-docker-file.jar文件RUNbash-c'touch/mall-tiny-docker-file.jar'#声明服务runsonport8080EXPOSE8080#指定docker容器启动时运行的jar包gyt将应用jar包和Dockerfile上传到linux服务器,在Linux上构建docker镜像在Dockerfile所在目录执行如下命令:#-t表示指定镜像仓库名/镜像名:镜像标签。意思是使用当前目录下的Docker文件。dockerbuild-tspringboot-study-eureka.查看docker镜像:docker镜像列表容器:dockerps-aDockerinstallZookeeper下载Zookeeper镜像:dockerpullzookeeper启动容器并添加映射dockerrun--privileged=true-d--namezookeeper--publish2181:2181-dzookeeper:latest进入zookeeper目录:dockerexec-itd5c6f857cd88bash./bin/zkCli.sh启动命令改为以交互方式运行镜像连接kafka到dockerrun--privileged=true-itd--namezookeeper--publish2181:2181-dzookeeper:latest-t让docker分配一个伪终端并将其绑定到容器的标准输入,-i保持容器的标准输入打开Docker安装kafkadockerpullkafkaerror:pullaccessdeniedforkafka,repositorydoesnotexistormayrequire'dockerlogin'dockersearchkafkadockerpullwurstmeister/kafka启动kafka:dockerrun-d--namekafka-p9092:9092--linkzookeeper-eKAFKA_BROKER_ID=0-eKAFKA_ZOOKEEPER_CONNECT=106.54.121.152:2181-eKAFKA_ADVERTISED_LISTENERS=PLAINTEXT://106.54.121.152:9092-eKAFKA_LISTENERS=PLAINTEXT://0.0.0.0:9092-twurstmeister/kafka参数说明:-eKAFKA_BROKER_ID=0在kafka集群中,每个kafka都有一个BROKER_ID来区分自己-eKAFKA_ZOOKEEPER_CONNECT=172.16.0.13:2181/kafka配置zookeeper管理kafka172.16.0.13:2181/kafka的路径-eKAFKA_ADVERTISED_LISTENERS=PLAINTEXT://172.16.0.13:9092向zookeeper注册kafka的地址和端口。如果是远程访问,需要改成外网IP,比如Java程序访问,连接不上-eKAFKA_LISTENERS=PLAINTEXT://0.0.0.0:9092配置kafka的监听端口-v/etc/localtime:/etc/localtime容器时间同步虚拟机启动失败的时间查看日志,发现内存不足:dockerlogs84ec00e2f6ab决定使用启动docker-compose(参考上一篇安装)编辑docker-compose.yml:vimdocker-compose.ymlversion:'2'services:zookeeper:image:zookeeper##镜像端口:-"2181:2181"##对外暴露的端口号kafka:image:wurstmeister/kafka##镜像卷:??-/etc/localtime:/etc/localtime##挂载位置(kafka镜像与宿主机时间为keptconstant)ports:-"9092:9092"environment:KAFKA_ADVERTISED_HOST_NAME:106.54.121.152##修改:宿主机IPKAFKA_ZOOKEEPER_CONNECT:zookeeper:2181##卡夫卡运行是基于zookeeper的KAFKA_ADVERTISED_PORT:9092KAFKA_LOG_RETENTION_HOURS:120KAFKA_MESSAGE_MAX_BYTES:10000000KAFKA_REPLICA_FETCH_MAX_BYTES:10000000KAFKA_GROUP_MAX_SESSION_TIMEOUT_MS:60000KAFKA_NUM_PARTITIONS:3KAFKA_DELETE_RETENTION_MS:1000KAFKA_HEAP_OPTS:“-Xmx512M-Xms512M”kafka-manager:image:sheepkiller/kafka-manager##镜像:kafka集群环境开源web管理界面:ZK_HOSTS:106.54.121.152##修改:主机IP端口:-"9001:9000"##暴露端口外网访问配置:cd/opt/kafka_2.11-1.1.0/configviserver.propertiesadvertised.listeners=PLAINTEXT://ip:9092docker-compose.yml脚本存放路径执行docker-composeup-d终于成功安装kafka-managerdockerpullsheepkiller/kafka-manager通过http://106.54.121.152:9001/访问kafkamanagerDockerinstalljenkinsdockerpulljenkins#创建目录mkdirjenkins#启动命令(不需要挂载目录)dockerrun--namejenkins_study-p8081:8080-djenkins#启动命令(需要挂载目录)dockerrun-d--namejenkins_study-p8081:8080-v/usr/local/jenkins:/usr/local/jenkinsjenkins##遇到很多坑后,很重要的是挂载该目录,这样启动后,本地容器中/var/jenkins_home目录的内容会存放到本机的/var/jenkins_home中,密码也可以从该目录获取,无需进入容器mkdir/var/jenkins_homesudochown-R1000/var/jenkins_homedockerrun-d--namejenkins_study-p9090:8080-v/var/run/docker.sock:/var/run/docker.sock-v/usr/bin/docker:/usr/bin/docker-eTZ="Asia/Shanghai"-v/etc/localtime:/etc/localtime:ro-v/usr/local/jdk/jdk1.8.0_212/bin/java:/usr/local/jdk/jdk1.8.0_212/bin/java-v/usr/local/jdk/jdk1.8.0_212:/usr/local/jdk/jdk1.8.0_212-v/usr/local/maven:/usr/local/maven-v/var/jenkins_home:/var/jenkins_home-v/usr/local/jenkins:/usr/local/jenkins-v/var/jenkins_home:/var/jenkins_homejenkins/jenkins运行容器/实例,需要考虑到本地端口到docker容器的映射,这样才能通过本地主机访问。由于容器本身不持久化文件,实际上docker并不推荐在容器中进行任何文件相关的写操作,它只是作为一个“容器”使用。如果容器应用运行过程中需要保存或配置大量重要数据,如mysqldb文件、jenkins插件、配置文件等,建议将容器文件挂载到本地,即体积映射。检查Jenkins服务dockerps|grepjenkins访问http://106.54.121.152:8081/进入容器dockerexec-itjenkins_studybashexecutecat/var/jenkins_home/secrets/initialAdminPassword获取密码粘贴过去新建用户admin/进入admin后发现插件无法安装Docker安装的Jenkins版本。解决Jenkins版本过低导致无法安装插件的问题下载Jenkins最新的war包cd/usr/local/jenkins/wgethttp://mirrors.jenkins.io/war/latest/jenkins。war以root用户身份进入容器dockerexec-it-urootjenkins_studybash查看jenkinswar包在容器中的位置,并备份原war包whereisjenkinscd/usr/share/jenkinscpjenkins.warjenkinsBAK.warcp/usr/local/jenkins/下的包到/覆盖cp/usr/local/jenkins/jenkins.war/usr/share/jenkins/usr/share/jenkins/下退出容器重启dockerrestartjenkins_study重启后,它显示启动成功,但是网页无法访问查看jenkinslogs-fjenkins_study的docker日志https://yq.aliyun.com/article...Docker私服dockerpullregistry>dockerrun-d\-p5000:5000\-v/usr/local/registry:/var/lib/registry\--restart=always\--nameregistry\registry:latest推送镜像到私服命名宿主机的registry镜像满足仓库要求registry_url:port/ImageName:tag格式:dockertagspringboot-study-eureka:latest106.54。121.152:5000/springboot-study-eureka:latestdockerpush106.54.121.152:5000/springboot-study-eureka这是因为我们启动的registry服务不安全可靠。这时需要修改客户端docker配置文件/etc/docker/daemon.json,增加如下内容(注册服务地址):{"registry-mirrors":["https://pee6w651.mirror.aliyuncs.com"],"insecure-registries":["106.54.121.152:5000"]}"registry-mirrors":["https://pee6w651.mirror.aliyuncs.com"]是RegistryHub的地址阿里云代理仓库,可以加速国内访问RegistryHub仓库。systemctlrestartdockerrestartdocker再次执行push操作,会看到如下结果浏览器访问http://106.54.121.152:5000/v2...dockerinstallnginxdockerpullnginxsudodockerrun--namenginx-test-p8081:80-dnginx在docker中部署nginx并创建如下文件:mkdir-p~/nginx/www~/nginx/logs~/nginx/conf将容器中Nginx的默认配置文件复制到本地的conf目录下当前目录,可以查看容器ID在dockerps命令第一栏输入:sudodockercpcontainer_id:/etc/nginx/nginx.conf~/nginx/confsudodockerrun-d-p80:80--namenginx-test-web-v~/nginx/www:/usr/share/nginx/html-v~/nginx/conf/nginx.conf:/etc/nginx/nginx.conf-v~/nginx/logs:/var/log/nginxnginxDockerinstallconsuldockerpullconsul\#期望容器中的配置文件、数据和日志在容器非正常关闭或主动删除后保留,那么需要配置挂载\#的路径容器对应的配置文件来自https://hub.docker.com/_/consul上述对应官网操作确认的mkdir-p/data/consul/{conf,data}语句无效dockerrun--nameconsul-p8599:8500-v/data/consul/conf/:/consul/conf/-v/data/consul/data/:/consul/data/-dconsul这个语句有效dockerrun--nameconsul-d-p8500:8500-p8300:8300-p8301:8301-p8302:8302-p8600:8600consulagent-server-bootstrap-expect=1-ui-bind=0.0.0.0-client=0.0.0.0–net=hostdocker参数,使docker容器跨越netnamespace隔离,免去手动指定端口映射步骤-serverconsul支持server或client模式运行,server是服务发现模块的核心。client主要用于转发请求-advertise将本地私有IP传给consul-bootstrap-expect指定consul会等待几个节点连接成为一个完整的集群-retry-join指定要加入的consul节点地址。如果失败,它将重试。您可以多次指定不同的地址-客户地址consul绑定到的客户。该地址提供HTTP、DNS、RPC等服务。默认是127.0.0.1-bind这个地址用于集群内的通信。集群中的所有节点都必须可以访问该地址。默认为0.0.0.0-allow_stale设置为true,表示可以从consul集群中任意一个server节点获取dns信息,false表示每次请求都会经过consulserverleader--nameDOCKERcontainername-client0.0.0.0表示任何地址都可以访问-ui提供图形界面。Docker安装ScyllaDB集群dockerrun--namescylla-node2-p8042:9042-p8160:9160-p1000:10000-p8180:9180-v/data/scylladb2:/var/lib/scylla-dscylladb/scylla--seeds="$(dockerinspect--format='{{.NetworkSettings.IPAddress}}'scylla)"dockerrun--namescylla-node3-p10042:9042-p10160:9160-p1100:10000-p10180:9180-v/data/scylladb3:/var/lib/scylla-dscylladb/scylla--seeds="$(dockerinspect--format='{{.NetworkSettings.IPAddress}}'scylla)"dockerrun--namescylla-node4-p11042:9042-p11160:9160-p1200:10000-p11180:9180-v/data/scylladb4:/var/lib/scylla-dscylladb/scylla--seeds="$(dockerinspect--format='{{.NetworkSettings.IPAddress}}'scylla)”
