目录
- 虚拟机
- Docker
- Kuboard Spray 用于集群安装
- Kuboard 用于集群管理
- Harbor
- Gitlab
- Jenkins
- Dockerfile
- Pipeline流水线脚本
- verdaccio npm私有仓库
- ngrok
- mongo
准备两台虚拟机
机器A:192.168.1.200
6G内存 20G硬盘 规划安装 Docker、 Kuboard Spray 、Kuboard 、Gitlab 、Harbor 、Jenkins
机器B:192.168.1.201
6G内存 20G硬盘 不要装Docker,规划k8s的master和etcd节点、worker节点
先下载提前准备的一些安装包 github.com/rootjser/k8…
在A服务器上建 /data/app/ 目录,把上述下载的所有文件放到这里
虚拟机
VirtualBox 和 Centos 下载
VirtualBox
https://www.oracle.com/virtualization/technologies/vm/downloads/virtualbox-downloads.html
CentOS 7
centos8 后面gitlab要报权限错误,还是用7就行了
https://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso
虚拟机开启网络
最小化安装的操作系统是没有配置网络的,需要开启
方式一:设置获取动态ip地址
1.1 查看网卡信息
ip a
ip a|head
1.2 修改网卡参数ONBOT=no改为yes ifcfg-enp0s3是上面看到的网卡名
sed -i 's|ONBOOT=no|ONBOOT=yes|g' /etc/sysconfig/network-scripts/ifcfg-enp0s3
1.3 重启网卡服务
systemctl restart network
1.4 设置DNS
# vi /etc/resolv.conf
nameserver 114.114.114.114
nameserver 114.114.114.115
方式二:手动设置静态ip地址
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static #改成静态模式
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp0s3
UUID=dcbf623d-ea0d-41e3-8062-f147336c0f04
DEVICE=enp0s3
ONBOOT=yes #开启网卡
IPADDR=192.168.1.8 #静态IP
GATEWAY=192.168.1.1 #网关IP
NETMASK=255.255.255.0 #子网掩码
DNS1=114.114.114.114 #首先DNS地址
确保虚拟机和本机能互相ping通
如果ping不通,两种解决方式:
1、桥接模式
2、对于公司内部ip难申请,桥接模式不适用,只能用NAT模式,需要做端口转发
内网centos服务器采用CCProxy代理上网
下载CCProxy软件,在本地安装好
完成上述配置后,重启CCProxy
设置centos代理地址
内网加白地址
mirrors.tuna.tsinghua.edu.cn
mirrors.aliyun.com
mirrors.fedoraproject.org
mirror-icn.yuki.net.uk
mirrors.fedoraproject.org
ung2thfc.mirror.aliyuncs.com
acs-cn-hangzhou-mirror.oss-cn-hangzhou.aliyuncs.com
docker.mirrors.ustc.edu.cn
auth.docker.io
registry-1.docker.io
production.cloudflare.docker.com
hub-mirror.c.163.com
updates.jenkins.io
get.jenkins.io
registry.npm.taobao.org
www.npmjs.com
registry.npmmirror.com
创建ssh密码
bash
复制代码
ssh-keygen
cd ~/.ssh
ssh客户端一会断开解决
找到文件
bash
复制代码
vim /etc/ssh/sshd_config
修改
arduino
复制代码
# ClientAliveInterval 0 // 心跳间隔时间
# ClientAliveCountMax 3 // 尝试次数
改为
复制代码
ClientAliveInterval 30
ClientAliveCountMax 86400
重启ssh服务
复制代码
service sshd restart
docker 网络代理设置
参考 cloud.tencent.com/developer/a…
# 创建docker网络代理文件
mkdir -p /etc/systemd/system/docker.service.d
cd /etc/systemd/system/docker.service.d
vi http-proxy.conf
# 填写内容
[Service]
Environment="HTTP_PROXY=http://10.100.60.169:8089/"
Environment="HTTPS_PROXY=http://10.100.60.169:8089/"
Environment="NO_PROXY=localhost,127.0.0.1"
# 重启docker
systemctl daemon-reload
systemctl restart docker
Centos7软件的镜像设置清华源
设置yum源
sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.tuna.tsinghua.edu.cn|g' \
-i.bak \
/etc/yum.repos.d/CentOS-*.repo
更新缓存
yum makecache
Docker
在A机器上安装Docker环境
#关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
#安装基础软件包
yum install -y wget lsof net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack yum-utils
#配置 docker-ce 国内 yum 源(阿里云)
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#安装 docker 依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2
#安装 docker-ce
yum install docker-ce docker-ce-cli containerd.io
#设置开机启动
systemctl enable docker
#关闭selinux,并重启,不然可能启动不了docker
#vi /etc/selinux/config
#把SELINUX=enforcing改为disabled,再reboot重启
#启动Docker服务
systemctl start docker
语法
参考 yeasy.gitbook.io/docker_prac…
docker pull [image] 拉取镜像
docker images 查看所有镜像
docker ps 查看正在运行的容器
docker ps -a 查看所有容器,包括停止的容器
docker logs [containerID] 查看容器日志 -f 参数就是持续输出日志
docker containre rm [containerID] 移除容器
docker container start [containerID] 启动容器
docker container stop [containerID] 停止容器
docker container restart [containerID] 重启容器
docker container update --restart=always [containerID] 更新容器增加restart
docker container exec -it [containerID] /bin/bash 进入容器且启动shell
docker exec -it --user root [containerID] bash 用root进入容器shell
docker container cp [containID]:[/path/to/file] /path/to/file 从正在运行的 Docker 容器里面,将文件拷贝到本机,两路径可交换
docker run -d --restart always -p 10240:8080 -p 10241:50000 -v /var/jenkins_home:/var/jenkins_home -v /etc/localtime:/etc/localtime --name myjenkins jenkins/jenkins 运行jenkins容器,如果没有回下载镜像再安装容器,-d 后台运行 -p 端口映射 -v 目录挂载 --name 设置容器名称
systemctl restart docker 重启docker
docker cp 本地路径 容器id或者容器名字:容器内路径 # 本地到服务器
docker cp 容器id或者容器名字:容器内路径 本地路径 # 服务器到本地
添加国内镜像
创建或修改/etc/docker/daemon.json文件
默认没有daemon文件,先创建。
vi /etc/docker/daemon.json
{
"registry-mirrors": [
"https://ung2thfc.mirror.aliyuncs.com",
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn"
],
"insecure-registries":["192.168.1.101:30200"]
}
加载重启docker,在终端输入以下命令
systemctl daemon-reload
systemctl restart docker
测试
docker run hello-world
重启Docker
# 关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
# 重启docker
systemctl restart docker
遇到问题
安装过程中,会询问是否继续安装某些工具,输入y回车就行
执行yum安装命令式报如下错误,解决办法通过强制关掉yum进程。
Loaded plugins: fastestmirror, refresh-packagekit, security
Existing lock /var/run/yum.pid: another copy is running as pid 2922.
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 52 M RSS (908 MB VSZ)
Started: Fri Sep 14 01:41:58 2018 - 01:58 ago
State : Sleeping, pid: 2922
实现方式如下,然后重新使用yum安装:
#rm -f /var/run/yum.pid
记一次执行yum命令报错:Could not retrieve mirrorlist http://mirrorlist.centos.org/
DNS配置增加,要重启reboot
# vi /etc/resolv.conf
nameserver 114.114.114.114
nameserver 114.114.114.115
harbor 不能用http解决,192.168.1.100:5000是Harbor服务器地址
在客户机”/etc/docker/“目录下,创建”daemon.json“文件。在文件中写入:
{ "insecure-registries":["192.168.1.100:5000"] }
安装k8s集群
kuboard-spray
kuboard-spray 用于安装集群,输入用户名 admin,默认密码 Kuboard123
docker run -d \
--privileged \
--restart=unless-stopped \
--name=kuboard-spray \
-p 30000:80/tcp \
-v /var/run/docker.sock:/var/run/docker.sock \
-v ~/kuboard-spray-data:/data \
eipwork/kuboard-spray:latest-amd64
填写B服务器信息,勾选master、worker、etcd,写etcd名字 user-images.githubusercontent.com/82021554/16…
填写私有Harbor仓库地址
等待安装完成再操作后续步骤
kuboard
kuboard 用于管理集群,输入用户名 admin,默认密码 Kuboard123
docker run -d \
--restart=unless-stopped \
--name=kuboard \
-p 30100:80/tcp \
-p 30101:10081/tcp \
-e KUBOARD_ENDPOINT="http://192.168.1.200:30100" \
-e KUBOARD_AGENT_SERVER_TCP_PORT="30101" \
-v /root/kuboard-data:/data \
eipwork/kuboard:v3
填写B集群信息 到B机器拷贝kube信息 替换A机器 /data/app 中config文件
cat ~/.kube/config
创建站点 创建工作负载
创建deployment.yaml脚本 在kuboard中部署一个docker nginx服务,拷贝deployment.yaml文件,隐藏status字段,去掉两个resourceVersion段,修改里面的项目名,镜像名等变量,用于下面pipeline脚本的kubectl部署
替换项目名和版本号 把appName替换里面的项目名webtest,把Tag替换版本号 放到/var/jenkins_home/k8s目录,替换 /data/app 中deployment.yaml脚本
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
k8s.kuboard.cn/layer: svc
k8s.kuboard.cn/name: appName
name: appName
namespace: kuboard
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s.kuboard.cn/layer: svc
k8s.kuboard.cn/name: appName
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
k8s.kuboard.cn/layer: svc
k8s.kuboard.cn/name: appName
spec:
containers:
- image: 'my-registry.com/library/appName:TAG'
imagePullPolicy: IfNotPresent
name: appName
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
k8s.kuboard.cn/layer: svc
k8s.kuboard.cn/name: appName
name: appName
namespace: kuboard
spec:
clusterIP: 10.233.37.128
clusterIPs:
- 10.233.37.128
externalTrafficPolicy: Cluster
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: 8nzxma
nodePort: 31001
port: 80
protocol: TCP
targetPort: 80
selector:
k8s.kuboard.cn/layer: svc
k8s.kuboard.cn/name: appName
sessionAffinity: None
type: NodePort
Gitlab
Gitlab启动很慢,装好后,等待10分钟再看是否启动了
docker run --detach \
--publish 30300:80 --publish 30301:443 --publish 30302:22 \
--name gitlab \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
--shm-size 256m \
gitlab/gitlab-ce:latest
获取root初始密码,这里获取的密码如果不能登录gitlab,直接用第三步重置root密码 注意:The password file will be automatically deleted in the first reconfigure run after 24 hours.
docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password
web界面首次修改root密码
右上角 -> Edit profile -> password
重置root密码 reset password
docker exec -it gitlab bash
gitlab-rake "gitlab:password:reset[root]"
修改gitllab显示的clone地址,不然是一串数字乱码
docker exec -it -u root gitlab bash
vi /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml
修改地址 host: 192.168.1.200
port: 30300
# 修改gitlab.rb --- 这个没操作过
# vi /etc/gitlab/gitlab.rb
## 加入如下
# gitlab访问地址,可以写域名。如果端口不写的话默认为80端口
# external_url 'http://192.168.1.200:30300'
# ssh主机ip --- 这个没操作过
# gitlab_rails['gitlab_ssh_host'] = '101.133.225.166'
# ssh连接端口 --- 这个没操作过
# gitlab_rails['gitlab_shell_ssh_port'] = 9922
gitlab-ctl restart
补充:这里的gitlab.yml并未挂到外部,所以如果docker或服务器重启那这个配置就还原了,需要重写进入来配置和restart,有个办法是运行起来后docker commit gitlab mynewgitlab,把container重新打包镜像,然后增加--volume $GITLAB_HOME/gitlab-rails:/opt/gitlab/embedded/service/gitlab-rails/config \挂载重新运行一个容器,然后把旧容器删掉。
Harbor
docker-compose
两种方式:
从github或者国内kgithub镜像下载
curl -SL https://kgithub.com/docker/compose/releases/download/v2.20.2/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
docker-compose --version
从最开始的已下载文件传递
#下载ocker-compose
cp /data/app/docker-compose /usr/local/bin/docker-compose
#修改执行权限
chmod +x /usr/local/bin/docker-compose
#软连接映射到/usr/bin/
ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose
#验证
which docker-compose
docker-compose version
#解压harbor安装包
tar xf /data/app/harbor-online-installer-v2.5.0.tgz -C /data/app/
#编辑harbor.yml文件
cd /data/app/harbor
cp harbor.yml.tmpl harbor.yml
手动修改harbor配置文件
cd harbor
vi harbor.yml
hostname: 192.168.1.200 #第5行,主机IP/或者域名
port: 30200 # 第10行,端口可改为30200
harbor_admin_password: Harbor12345 #第34行,harbor UI界面admin登陆密码
data_volume: /data/app/harbor-data #第47行,harbor 持久化数据
#关闭https(把以下的行都注释掉12-18行)
# https related config
#https:
# # https port for harbor, default is 443
# port: 443
# # The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/p
# 安装脚本
运行 ./install.sh
设置开机启动
默认账号密码 admin Harbor12345
设置开机启动
创建文件 /usr/local/bin/harbor/harborstartall.sh,放下面内容
#!/bin/bash
chmod 777 /var/run/docker.sock
cd /usr/local/bin/harbor
docker-compose stop
docker-compose start
设置开机启动
chmod +x /usr/local/bin/harbor/harborstartall.sh
#3)把启动脚本加到系统启动之后最后一个执行的文件
echo '/bin/bash /usr/local/bin/harbor/harborstartall.sh' >> /etc/rc
Jenkins
执行Jenkins.sh,新打包Jenkins镜像
1、新镜像包含nodejs
2、新镜像包含kubectl
3、新镜像包含config配置文件,刚才kuboard-spay安装后,在B机器上拷贝过来的config文件
4、新镜像包含deployment.yaml脚本
推荐插件
设置jenkins插件更新地址
https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json
jenkinsDockerfile
#基础镜像仓库地址
FROM docker.io/jenkins/jenkins
#使用root用户运行容器
USER root
#把文件拷贝到容器里面指定的路径(有解压作用)
ADD node-v14.16.0-linux-x64.tar.gz /usr/local/
#把文件拷贝到容器里面指定的路径(无解压作用)
COPY kubectl /usr/bin/kubectl
COPY config /root/.kube/config
#初始化容器
RUN mv /usr/local/node-v14.16.0-linux-x64 /usr/local/node
#指定工作目录,即exec进入容器之后当前所在的目录
WORKDIR /data/app/jenkins
#对外暴露的端口
EXPOSE 8080
#配置系统环境变量
ENV NODE_HOME /usr/local/node/
ENV PATH $NODE_HOME/bin:$PATH
#指定容器启动时需要运行的程序,或命令。
ENTRYPOINT [ "sh", "-c", "/sbin/tini -- /usr/local/bin/jenkins.sh" ]
#CMD ["/usr/local/bin/jenkins.sh"]
Jenkins.sh
#!/bin/bash
docker build -t myimages/jenkins:v1 -f jenkinsDockerfile .
mkdir -p /var/jenkins_home/k8s && chmod 777 /var/run/docker.sock && chmod 777 /var/jenkins_home
docker run --name jenkins --restart always -p 30400:8080 -v /var/jenkins_home:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock -v $(which docker):/usr/bin/docker -d myimages/jenkins:v1
docker exec -it jenkins chmod 777 /usr/bin/kubectl
cp deployment.yaml /var/jenkins_home/k8s/deployment.yaml
Git和webhook插件
#装插件
GitLab
Generic Webhook Trigger
Parameterized Trigger
Git Parameter
#Gialab配置webhook
1、允许网络
http://192.168.1.200:30300/admin/application_settings/network
Outbound requests 标签 把Allow勾选上 -> 保存
# Jenkins中配置参数
2、Jenkins构建触发器Generic Webhook Trigger
Post content parameters添加变量
Variable Expression
MR_TO_BRANCH $.object_attributes.target_branch JSONPath
MR_STATE $.object_attributes.state JSONPath
Optional filter
Expression Text
^main,merged$ $MR_TO_BRANCH,$MR_STATE
Token填随机唯一串 如 webtesttoken
# 添加MergeRequest的webhook
3、http://192.168.1.200:30300/root/webtest/-/hooks
URl字段填写http://192.168.1.200:30400/generic-webhook-trigger/invoke?token=webtesttoken
Trigger只勾选Merge request events
保存
创建流水线项目
// 注意先建system凭据
pipeline {
agent any
environment {
// 毫秒做镜像标签
imageTag = sh returnStdout: true, script: "date +%Y%m%d%H%M%S"
// harbor仓库
harborServer = '10.200.0.48:30020'
harborLibrary = 'web' // 第一次需要在harbor仓库建这个目录
// git项目
gitServer = '10.200.0.48:30300'
gitGroup = 'wms'
gitProjectName = 'wms-353-web'
// 后端接口,区分开测试环境和生产环境
testApiServer = 'http://10.100.60.170:8080'
proApiServer = 'https://222.111.113.4:8080'
// 测试环境前端地址,生产环境只打包镜像不发布
webHtmlServer = '10.200.0.48'
webHtmlPort = '50090'
}
parameters {
gitParameter name:'MR_TO_BRANCH',
type:'PT_BRANCH_TAG',
branchFilter:'origin/(.*)',
defaultValue:'master',
selectedValue:'DEFAULT',
sortMode:'DESCENDING_SMART',
description:'选择分支'
choice(
choices: "test\npro", name:'buildType', description:'选择发布环境'
)
}
stages {
stage('拉取代码') {
steps {
script {
if(params.buildType == 'test'){
env.testApiServer = env.proApiServer
}
}
git branch: "${MR_TO_BRANCH}",credentialsId: 'gitlabroot', url: "http://${gitServer}/${gitGroup}/${gitProjectName}.git"
}
}
stage('打包docker') {
steps {
script{
withCredentials([usernamePassword(credentialsId: 'harbor', passwordVariable: 'harbor_password', usernameVariable: 'harbor_username')]) {
sh '''
docker login -u ${harbor_username} -p ${harbor_password} ${harborServer}
docker build -t ${harborServer}/${harborLibrary}/${gitProjectName}_${buildType}:${imageTag} --build-arg API_SERVER=${testApiServer} .
docker push ${harborServer}/${harborLibrary}/${gitProjectName}_${buildType}:${imageTag}
'''
}
}
}
}
stage('清理镜像') {
steps {
script{
sh '''
docker rmi -f $(docker images | grep "none" | awk '{print $3}')
docker rmi -f ${harborServer}/${harborLibrary}/${gitProjectName}_${buildType}:${imageTag}
'''
}
}
}
stage('部署') {
steps {
script{
// 测试环境要打包+发布;生成环境只打包
if(params.buildType == 'test'){
sshagent(credentials: ["sshserver"]) {
withCredentials([usernamePassword(credentialsId: 'harbor', passwordVariable: 'harbor_password', usernameVariable: 'harbor_username')]) {
sh '''
docker login -u ${harbor_username} -p ${harbor_password} ${harborServer}
docker ps --filter "name=${gitProjectName}_${buildType}" -aq | xargs -r docker rm -f
docker images | grep "${gitProjectName}_${buildType}" | awk '{print $3}'| xargs -r docker rmi -f
docker run -d --name ${gitProjectName}_${buildType} -p ${webHtmlPort}:80 ${harborServer}/${harborLibrary}/${gitProjectName}_${buildType}:${imageTag}
'''
}
}
}
}
}
}
stage('打印结果') {
steps {
script {
echo "本次构建 ${params.buildType} 完成:"
echo "镜像名:${harborServer}/${harborLibrary}/${gitProjectName}_${params.buildType}:${imageTag}"
if(params.buildType == 'test'){
echo "接口地址: ${testApiServer}"
echo "页面地址: http://${webHtmlServer}:${webHtmlPort}"
}
}
}
}
}
}
创建Dockerfile
# compile
FROM node:16 as build-stage
WORKDIR /app
COPY package*.json ./
COPY yarn.lock ./
# RUN npm install -g yarn
RUN yarn
COPY . .
# RUN apk add --update autoreconf
RUN npm run build
# production stage
FROM nginx as production-stage
ARG API_SERVER
ENV LANG en_US.UTF-8
ENV API_SERVER=${API_SERVER}
RUN echo "server { \
listen 80; \
location /jeecgboot/ { \
proxy_pass ${API_SERVER}/cy-soft/; \
proxy_redirect off; \
proxy_set_header Host jeecg-boot-system; \
proxy_set_header X-Real-IP \$remote_addr; \
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; \
} \
#解决Router(mode: 'history')模式下,刷新路由地址不能找到页面的问题 \
location / { \
root /var/www/html/; \
index index.html index.htm; \
if (!-e \$request_filename) { \
rewrite ^(.*)\$ /index.html?s=\$1 last; \
break; \
} \
} \
gzip on; \
gzip_min_length 1k; \
gzip_http_version 1.1; \
gzip_comp_level 6; \
gzip_types text/plain application/x-javascript text/css application/xml application/javascript; \
gzip_vary on; \
access_log /var/log/nginx/access.log ; \
} " > /etc/nginx/conf.d/default.conf \
&& mkdir -p /var/www \
&& mkdir -p /var/www/html
COPY --from=build-stage /app/dist /var/www/html/
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
verdaccio npm私有仓库
Verdaccio搭建
搭建npm私服
新建挂载目录
mkdir -p /home/verdaccio/conf
mkdir -p /home/verdaccio/storage
chmod 777 /home/verdaccio
添加配置文件
vi /home/verdaccio/conf/config.yaml
storage: /verdaccio/storage
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
uplinks:
npmjs:
url: https://registry.npm.taobao.org/
packages:
'@cy/*':
access: $all
publish: $authenticated
proxy: npmjs
'@*/*':
access: $all
publish: $authenticated
proxy: npmjs
'**':
proxy: npmjs
logs:
- {type: stdout, format: pretty, level: http}
新建空密码文件,空内容就行
/home/verdaccio/conf/htpasswd
设置权限
chown 10001:65533 /home/verdaccio/conf/htpasswd
chown 10001:65533 /home/verdaccio/storage
启动容器
docker run -d --restart always --name verdaccio -p 4873:4873 -v /home/verdaccio/storage:/verdaccio/storage -v /home/verdaccio/conf:/verdaccio/conf -v /home/verdaccio/plugins:/verdaccio/plugins verdaccio/verdaccio
即可网页访问 4873端口了
添加用户
npm adduser --registry http://10.200.0.48:4873/ 输入用户名、密码和邮箱。自己设定就行。
publish
当需要把某个项目发布到私有库时,直接 publish。
npm publish --registry http://10.200.0.48:4873/ 发布成功后,刷新页面,就能看到最新发布的包。
主项目使用私服包
1、包项目packages.json中name设置为@cy/xxxx 注意固定前缀为@cy
{
"name": "@cy/vue2-workflow-designer",
}
2、主项目设置.npmrc
registry=https://registry.npmmirror.com
@cy:registry=http://10.200.0.48:4873/
可选:安装ngrok做内网穿透
拉取 wernight/ngrok
docker pull wernight/ngrok
后台运行ngrok指向ngxin镜像80端口 或者 直接指向服务端口3000,authtoken 要先去 dashboard.ngrok.com/get-started… 官网注册获取
如果代理到nginx镜像
docker run -d -p 4040 --name www_ngrok --link nginx wernight/ngrok ngrok http nginx:80 --authtoken 24GP7iKlsqGYDwh0QjjqcoviMws_6SQujd8xWkhB2oSVQd2Yk
如果代理到服务端口,公网ip:端口
docker run -it -d -p 4040 --name www_ngrok ngrok/ngrok http 175.178.1.249:3000 --authtoken 24GP7iKlsqGYDwh0QjjqcoviMws_6SQujd8xWkhB2oSVQd2Yk
显示穿透域名,外网便可直接访问
curl $(docker port www_ngrok 4040)/api/tunnels
第三步报错 Error: No public port '4040/tcp' published for www_ngrok,则换可用authtoken
24GP7iKlsqGYDwh0QjjqcoviMws_6SQujd8xWkhB2oSVQd2Yk
24HJkjwss1uvgmvSvXRMSFwsofF_55AaiQuiYWdeTnCFgzYji
第三步报错 curl: (3) Bad URL, colon is first character
docker port www_ngrok 4040
// 用上句显示的端口49167
curl http://127.0.0.1:49167/api/tunnels
mongo
容器单独启动
新建网络容器互通
docker network create mongo-network
mongo 数据库
docker run -d --name mongo \
--network mongo-network \
-v /home/mongo_data:/data/db \
-p 27017:27017 \
-e MONGO_INITDB_ROOT_USERNAME=mongoadmin \
-e MONGO_INITDB_ROOT_PASSWORD=secret \
mongo
mongo-express 界面
docker run -d \
--name mongo-express \
--network mongo-network \
--restart always \
-p 8081:8081 \
-e ME_CONFIG_MONGODB_ADMINUSERNAME="mongoadmin" \
-e ME_CONFIG_MONGODB_ADMINPASSWORD="secret" \
-e ME_CONFIG_MONGODB_SERVER="mongo" \
mongo-express
docker-compose
docker-compose.yml
version: "3" # docker-compose version
#networks: # 不用建net-work,docker-compose会默认建网络home_default,下面所有容器都会加入网络
# mongo-network:
# driver: bridge
services:
mongo:
image: mongo
container_name: mongo
#restart: always
#networks:
# - mongo-network2
ports:
- 27017:27017
volumes:
- /home/mongo_data:/data/db
environment:
- MONGO_INITDB_ROOT_USERNAME=mongoadmin
- MONGO_INITDB_ROOT_PASSWORD=secret
mongo-express:
image: mongo-express
container_name: mongo-express
restart: always
#networks:
# mongo-network:
# driver: bridge
ports:
- 8081:8081
environment:
- ME_CONFIG_MONGODB_ADMINUSERNAME=mongoadmin
- ME_CONFIG_MONGODB_ADMINPASSWORD=secret
- ME_CONFIG_MONGODB_SERVER=mongo
启动
-
名字默认找docker-compose.yml,否则加
-f知名yml文件路径 -
-d就是detach后台运行 -
docker安装后默认有
docker-compose命令
docker-compose up -d
效果
