sssdcp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup wget -O /etc/yum.repos.d/CentOS-Base.repo mirrors.aliyun.com/repo/Centos… #华为云镜像 #wget -O /etc/yum.repos.d/CentOS-Base.repo repo.huaweicloud.com/repository/…
yum remove docker
docker-client
docker-client-latest
docker-common
docker-latest
docker-latest-logrotate
docker-logrotate
docker-engine
yum install -y yum-utils
device-mapper-persistent-data
lvm2
yum-config-manager
--add-repo
download.docker.com/linux/cento…
yum install -y docker-ce docker-ce-cli containerd.io
systemctl enable docker systemctl restart docker echo '{"registry-mirrors":["registry.docker-cn.com","http://hub-mirror…"]}' > /etc/docker/daemon.json systemctl restart docker
#-------------------------------------------------------
yum -y install ansible
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config setenforce 0
pip uninstall urllib3 -y pip uninstall chardet -y pip install requests
ssh-keygen -t rsa -P ''
ssh-copy-id -i .ssh/id_rsa.pub root@172.31.22.22
ssh-copy-id -i .ssh/id_rsa.pub root@172.31.22.21
另一个用户
scp -p /.ssh/id_rsa.pub grunner@172.16.185.186:/.ssh/authorized_keys
ansible node -m copy -a 'src=/etc/selinux/config dest=/etc/selinux/' systemctl stop firewalld systemctl disable firewalld ansible node -a 'systemctl stop firewalld' ansible node -a 'systemctl disable firewalld'
docker service create
--name portainer
--publish 9000:9000
--constraint 'node.role == manager'
--mount type=bind,src=//var/run/docker.sock,dst=/var/run/docker.sock
portainer/portainer
-H unix:///var/run/docker.sock
#docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock --name portainer portainer/portainer
gpasswd -a grunner docker gitlab-runner restart
主节点初始化
docker swarm init --listen-addr 0.0.0.0
docker network create --subnet 10.10.0.0/16 --scope swarm --driver overlay app-net
#节点服务修改 #vim /lib/systemd/system/docker.service #ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
systemctl daemon-reload
systemctl restart docker
docker run -d -p 3306:3306 --name mariadb -e MYSQL_ROOT_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab -v /opt/mysql/data:/var/lib/mysql -v /opt/mysql/conf:/etc/mysql mariadb #sql alter user root@'%' identified 'xn##LY**3495';
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock --name portainer --restart=always portainer/portainer docker run -d -p 3306:3306 --name mariadb -e MYSQL_ROOT_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab -v /opt/mysql/data:/var/lib/mysql -v /opt/mysql/conf:/etc/mysql mariadb #sql alter user root@'%' identified with mysql_native_password by 'xn##LY**3495';
docker run -di -p 8999:9000 --name minio
--restart=always
-e "MINIO_ACCESS_KEY=sysadmin"
-e "MINIO_SECRET_KEY=Xiaoni2021.com"
-v /mnt/data:/data
-v /mnt/config:/root/.minio
-v /etc/localtime:/etc/localtime
minio/minio server /data
start_dir=pwd
docker run -d --name minio --publish 9030:9000 --publish 9010:9001 --env MINIO_FORCE_NEW_KEYS="yes" --env MINIO_ROOT_USER="root" --env MINIO_ROOT_PASSWORD="smwy123456" bitnami/minio:latest
docker run -di -p 9060:9000 --name minio-202106
--restart=always
-e "MINIO_ACCESS_KEY=root"
-e "MINIO_SECRET_KEY=smwy123456"
-v /opt/minio-202106/data:/data
-v /opt/minio-202106/config:/root/.minio
-v /etc/localtime:/etc/localtime
minio/minio:RELEASE.2021-06-17T00-10-46Z server /data
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup wget -O /etc/yum.repos.d/CentOS-Base.repo mirrors.aliyun.com/repo/Centos… #华为云镜像 #wget -O /etc/yum.repos.d/CentOS-Base.repo repo.huaweicloud.com/repository/…
yum install zip unzip gcc make -y
#if [ ! -d "/opt" ] ; then mkdir /opt; fi
yum install java-1.8.0-openjdk-devel -y cp /etc/profile /etc/profile.bak cat << EOF >>/etc/profile export JAVA_HOME=/usr/lib/jvm/java export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/rt.jar:$JAVA_HOME/lib/tools.jar export PATH=$PATH:$JAVA_HOME/bin EOF source /etc/profile java -version javac -version
yum install pcre-devel -y yum install openssl-devel -y
#jdk ready
-----------------------------------------------------
#nginx start .. cd start_dir tar -zxf headers-more-nginx-module-0.33.tar.gz tar -zxf nginx-1.17.0.tar.gz cd nginx-1.17.0 ./configure --prefix=/opt/nginx --with-http_ssl_module --add-module=../headers-more-nginx-module-0.33 #./configure --prefix=/opt/nginx --with-http_ssl_module --with-http_stub_status_module --with-stream --with-stream_ssl_module --add-module=../headers-more-nginx-module-0.33 --add-module=../nginx-http-flv-module-master make make install cd start_dir chmod +x nginx cp nginx /etc/init.d/ chkconfig --add nginx chkconfig nginx on service nginx reload #nginx ready .
-----------------------------------------------------
#redis start .. cd $start_dir tar -zxf redis-5.0.5.tar.gz cd redis-5.0.5 make make install
export REDIS_PORT=6379
export REDIS_CONFIG_FILE="/etc/redis/REDIS_PORT.conf"
export REDIS_LOG_FILE="/var/log/redis_REDIS_PORT.log"
export REDIS_DATA_DIR="/var/lib/redis/$REDIS_PORT"
export REDIS_EXECUTABLE=command -v redis-server
./utils/install_server.sh
#redis ready
-----------------------------------------------------
#处理tomcat启动慢问题 yum install rng-tools -y systemctl start rngd systemctl enable rngd
cd $start_dir #tar -zxf apache-tomcat-8.5.41.tar.gz -d /opt
-----------------------------------------------------
yum install git -y groupadd web chmod +x gitlab-runner cp gitlab-runner /usr/local/bin/ useradd --comment 'GitLab Runner' --create-home grunner --shell /bin/bash -g web gpasswd -a grunner docker gitlab-runner install --user=grunner --working-directory=/home/grunner gitlab-runner start #mkdir /opt/gitlab-runner #gitlab-runner install --user=root --working-directory=/opt/gitlab-runner gitlab-runner start
#gitlab-runner register --name my-runner --url git.fjlonge.com --registration-token xfm1BvVh4YsfGsbNKjRW
docker run -d -p 8999:9000 --restart=always -e TZ="Asia/Shanghai" --restart=on-failure -v /opt/minio/data:/data -v /opt/minio/config:/root/.minio --name minio -e "MINIO_ACCESS_KEY=sysadmin" -e "MINIO_SECRET_KEY=Xiaoni2021.com" minio/minio server /data
docker run -d --name minio -p 9030:9000 -p 9010:9001 -v /opt/minio/data:/data -v /opt/minio/config:/root/.minio -e MINIO_FORCE_NEW_KEYS="yes" -e MINIO_ROOT_USER="root" -e MINIO_ROOT_PASSWORD="smwy123456" --privileged=true minio/minio:latest server /data --console-address ":9001" -address ":9000"
docker run -d -p 27017:27017 --restart=always -e TZ="Asia/Shanghai" --restart=on-failure -v /opt/mongo:/opt/mongo --name mongo mongo:4.2 -f /opt/mongo/mongod.conf
#!/bin/bash BACK_DIR=0`; pwd) FILENAME=all-db-$(date +%Y%m%d%H%M%S).sql.gz MATCHFILE="*.sql.gz" EXPIRE=30
#echo backDir BACK_DIR #echo backfile FILENAME #exec 后面加了 -it 参数就开启了一个终端,计划任务是无法进入任何终端的,需要将命令行中的 -it参数去掉 docker exec mariadb mysqldump -u biz -pxn##LY**3495 --all-databases|gzip > FILENAME find {EXPIRE} -name "${MATCHFILE}" -exec rm -r {} ;
#进入控制台 docker exec -it mariadb /bin/bash #修改默认时区,根据提示选择区域和城市 #dpkg-reconfigure tzdata #需要重新启动 docker restart mariadb
docker run -d -p 9000:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --name portainer portainer/portainer-ce docker run -d -p 3306:3306 --restart=always --name mariadb -e MYSQL_ROOT_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab -v /opt/mysql/data:/var/lib/mysql -v /opt/mysql/conf:/etc/mysql mariadb #sql alter user root@'%' identified with mysql_native_password by 'xn##LY**3495';
cp /etc/alternatives/my.cnf /etc/mysql/
docker run -d --name nginx -p 80:80 --restart=always -v /opt/nginx/logs:/var/log/nginx -v /opt/nginx/html:/usr/share/nginx/html -v /opt/nginx/conf:/etc/nginx/conf.d -v /opt/html:/opt/html --privileged=true nginx
docker run -p 6379:6379 --name redis --restart always -v /opt/redis/redis.conf:/etc/redis/redis.conf -v /opt/redis/data:/data -d redis:7.0.7 redis-server /etc/redis/redis.conf --appendonly yes
docker run -d -p 4443:443 -p 800:80 -p 222:22 --name gitlab --restart always --privileged=true -v /opt/gitlab/config:/etc/gitlab -v /opt/gitlab/log:/var/log/gitlab -v /opt/gitlab/data:/var/opt/gitlab gitlab/gitlab-ce:14.6.1-ce.0
docker exec -it gitlab update-permissions
docker run --name postgres --restart=always -e POSTGRES_PASSWORD=password -p 5432:5432 -v /opt/postgresql:/var/lib/postgresql/data -d postgres
docker pull atlassian/confluence-server:7.4.6 docker run --name confluence --detach --publish 8090:8090 atlassian/confluence-server
docker run -d -it -p 8000:8000 --restart=always --name yearning -v /opt/Yearning/conf.toml:/opt/conf.toml -e MYSQL_USER=root -e MYSQL_ADDR=172.17.0.1:3306 -e MYSQL_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab -e MYSQL_DB=yearning chaiyd/yearning
docker run -d -p 9090:9000
--name sonarqube
--restart=always
-v /opt/sonarqube/extensions:/opt/sonarqube/extensions
-v /opt/sonarqube/data:/opt/sonarqube/data
-v /opt/sonarqube/logs:/opt/sonarqube/logs
-v /opt/sonarqube/conf:/opt/sonarqube/conf
-e SONAR_JDBC_URL=jdbc:postgresql://172.17.0.1:5432/sonar
-e SONAR_JDBC_USERNAME=postgres
-e SONAR_JDBC_PASSWORD=password
sonarqube:8.9.9-community
宿主机虚拟内存不够
/etc/sysctl.conf 最后一行添加 vm.max_map_count=262144 立即生效 /sbin/sysctl -p
docker run --restart=unless-stopped -d --name mysql8 -v /opt/mysql8/conf/my.cnf:/etc/mysql/my.cnf -v /opt/mysql8/data:/var/lib/mysql -v /opt/mysql8/mysql-files:/var/lib/mysql-files/ -p 3306:3306 -e MYSQL_ROOT_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab mysql:8.0.27
docker run -d --name zentao --restart=always -p 100:80 -v /opt/zentao/zentaopms:/www/zentaopms -v /opt/zentao/mysqldata:/var/lib/mysql easysoft/zentao:12.5.3
docker run -d --name zentao --restart=always -p 100:80 -p 3306:3306 -v /opt/zentao/zentaopms:/www/zentaopms -v /opt/zentao/mysqldata:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=smwy123456 easysoft/zentao:12.5.3
docker run -d --name xwiki --restart=always -p 8090:8080 -v /opt/xwiki:/usr/local/xwiki xwiki
服务器自动部署
rsync -avz --delete $TARGET root@192.136.204.241:/opt/shangma
ssh -i /home/grunner/auth/smwy_test.pem root@192.136.204.241 "cd /opt/shangma;sh docker_build.sh"
ssh-keygen -t rsa
ssh-copy-id -i /home/grunner/.ssh/id_rsa.pub root@192.136.204.241
chown -R grunner /opt/html
docker network create yapi
docker run -d
--name mongodb
--restart always
--net=yapi
-p 27017:27017
-v /opt/mongo:/data/db
-e MONGO_INITDB_DATABASE=yapi
-e MONGO_INITDB_ROOT_USERNAME=yapipro
-e MONGO_INITDB_ROOT_PASSWORD=yapipro1024
mongo:4.2.21
- docker exec -it mongodb /bin/bash
- #进入mongo cli
- mongo localhost:27017
- #初始化数据库,依次执行如下命令
- use admin;
- db.auth("yapipro", "yapipro1024");
-
创建 yapi 数据库
- use yapi;
-
创建给 yapi 使用的账号和密码,限制权限
- db.createUser({
- user: 'yapi',
- pwd: 'yapi123456',
- roles: [
- { role: "dbAdmin", db: "yapi" },
- { role: "readWrite", db: "yapi" }
- ]
- });
vim /data/yapi/config.json
{
"port": "3000",
"adminAccount": "xxx@163.com",
"timeout":120000,
"db": {
"servername": "mongo",
"DATABASE": "yapi",
"port": 27017,
"user": "yapi",
"pass": "yapi123456",
"authSource": ""
},
"mail": {
"enable": true,
"host": "smtp.163.com",
"port": 465,
"from": "*",
"auth": {
"user": "xxx@163.com",
"pass": "xxx"
}
}
}
-
docker run -d --rm \
-
--name yapi-init \
-
--link mongodb:mongo \
-
--net=yapi \
-
-v /opt/yapi/config.json:/yapi/config.json \
-
yapipro/yapi:1.9.5 \
-
server/install.js
-
docker run -d \
-
--name yapi \
-
--link mongodb:mongo \
-
--restart always \
-
--net=yapi \
-
-p 3000:3000 \
-
-v /opt/yapi/config.json:/yapi/config.json \
-
yapipro/yapi:1.9.5 \
-
server/app.js 初始密码是 yapi.pro
docker run --name elasticsearch -d -e ES_JAVA_OPTS="-Xms512m -Xmx512m" -e "discovery.type=single-node" -p 9200:9200 -p 9300:9300 elasticsearch:7.7.0
使用国内镜像下载docker-compose sudo curl -L get.daocloud.io/docker/comp… -s-uname -m > /usr/local/bin/docker-compose # 服务docker-compose执行权限 sudo chmod +x /usr/local/bin/docker-compose
docker pull elasticsearch:7.13.0 docker pull logstash:7.13.0 docker pull kibana:7.13.0
version: '3' services: elasticsearch: image: elasticsearch:7.13.0 container_name: elasticsearch-dev networks: - host environment: - "cluster.name=elasticsearch" #设置集群名称为elasticsearch - "discovery.type=single-node" #以单一节点模式启动 - "ES_JAVA_OPTS=-Xms512m -Xmx512m" #设置使用jvm内存大小 volumes: - /pins/dev/data/elasticsearch/plugins:/usr/share/elasticsearch/plugins #插件文件挂载 - /pins/dev/data/elasticsearch/data:/usr/share/elasticsearch/data #数据文件挂载 ports: - :9200 kibana: image: kibana:7.13.0 container_name: kibana-dev networks: - host links: - elasticsearch:es #可以用es这个域名访问elasticsearch服务 depends_on: - elasticsearch #kibana在elasticsearch启动之后再启动 environment: - "elasticsearch.hosts=http://es:9200" #设置访问elasticsearch的地址 ports: - :5601 logstash: image: logstash:7.13.0 container_name: logstash-dev networks: - host volumes: - /pins/dev/data/logstash/conf:/usr/share/logstash/pipeline/ #挂载logstash的配置文件 depends_on: - elasticsearch #kibana在elasticsearch启动之后再启动 links: - elasticsearch:es #可以用es这个域名访问elasticsearch服务 ports: - :4560 networks: host:
改变设置 sysctl -w vm.max_map_count=262144 # 使之立即生效 sysctl -p
chomd 777 /pins/dev/data/elasticsearch/data
input { tcp { mode => "server" host => "0.0.0.0" port => 4560 codec => json_lines } } output { elasticsearch { hosts => "es:9200" index => "springboot-logstash-%{+YYYY.MM.dd}" user => "elastic" password => "密码我不告诉你" } }
docker-compose -f docker-compose-dev.yml up -d
进入logstash容器 docker exec -it logstash-dev /bin/bash # 进入bin目录 cd /bin/ # 安装插件 logstash-plugin install logstash-codec-json_lines # 退出容器 exit # 重启logstash服务 docker restart logstash-dev
docker run --privileged -d --restart=unless-stopped -p 80:80 -p 443:443 --name rancher rancher/rancher:stable
docker run --init
--name bytebase
--restart always
--publish 5678:8080
--health-cmd "curl --fail http://localhost:5678/healthz || exit 1"
--health-interval 5m
--health-timeout 60s
--volume /opt/.bytebase/data:/var/opt/bytebase
bytebase/bytebase:1.10.0
--data /var/opt/bytebase
--port 8080
docker run -d --name datax_web -p 9527:9527 -v /opt/datax/bootstrap.properties:/home/datax/datax-web-2.1.2/modules/datax-admin/conf/bootstrap.properties linshellfeng/datax_web:3.0.1
记录时序数据库数据导入导出 taosdump -h 127.0.0.1 -u root -ptaosdata -S '2023-04-24 00:00:00' -E '2024-03-15 00:00:00' -o /home/tdengine/data4 -T 8 shangma_sys bus_gis_loc_vehicle bus_comm_location
rsync -avz -e "ssh -p 66" --delete /home/tdengine/data4 root@140.333.65.666:/opt/tdengine
taosdump -h 127.0.0.1 -u root -ptaosdata -i /opt/tdengine/data4 -T 8
共享目录挂载 sudo mount -t nfs 172.19.82.56:/home/docker/share /data/share
docker run \
--volume=/:/rootfs:ro \
--volume=/var/run:/var/run:ro \
--volume=/sys:/sys:ro \
--volume=/var/lib/docker/:/var/lib/docker:ro \
--volume=/dev/disk/:/dev/disk:ro \
--publish=8080:8080 \
--detach=true \
--name=cadvisor \
--privileged \
--device=/dev/kmsg \
gcr.io/cadvisor/cadvisor:$VERSION
docker run --name torna --restart=always \
-p 7700:7700 \
-e JAVA_OPTS="-server -Xms512m -Xmx512m" \
-v /opt/torna/application.properties:/torna/config/application.properties \
-d registry.cn-hangzhou.aliyuncs.com/tanghc/torna:1.23.1
docker run -d --name tdengine -p 6030:6030 -p 6041:6041 -p 6043-6049:6043-6049 -p 6043-6049:6043-6049/udp tdengine/tdengine:3.0.2.6
docker run -d --name glogcenter -p 8080:8080 -v /opt/glc:/glogcenter gotoeasy/glc
安装nvc setenforce 0 systemctl stop firewalld systemctl disable firewalld
yum install -y epel* yum install -y git yum install -y tigervnc-server
vncserver :1
git clone git://github.com/kanaka/noVNC
cd ./noVNC/utils/ openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
在noVNC目录下,执行
./utils/launch.sh --vnc localhost:5901 在浏览器访问(注意替换成自己的IP地址) http://192.168.204.10:6080/vnc.html 输入密码,连接成功!
docker run -itd --name jenkins -p 8995:8080 -p 50000:50000 -e JAVA_OPTS="-Dorg.apache.commons.jelly.tags.fmt.timeZone='Asia/Shanghai" --privileged=true --restart=always -v /opt/jenkins_home:/var/jenkins_home -v /home:/home jenkins/jenkins:2.346.3-2-lts-jdk8
docker run -it -p 8080:8080 -e DYNAMIC_CONFIG_ENABLED=true provectuslabs/kafka-ui
sudo docker run -d
--restart=unless-stopped
--name=kuboard
-p 785:80/tcp
-p 10081:10081/udp
-p 10081:10081/tcp
-e KUBOARD_ENDPOINT="http://192.168.0.150:80"
-e KUBOARD_AGENT_SERVER_UDP_PORT="10081"
-e KUBOARD_AGENT_SERVER_TCP_PORT="10081"
-v /root/kuboard-data:/data
eipwork/kuboard:v3.5.2.6
docker pull debian
docker run -i -t -d --name bt -p 2000:20 -p 2100:21 -p 8000:80 -p 4430:443 -p 8880:888 -p 8888:8888 --privileged=true -v /d/debian:/www/wwwroot debian
docker exec -it bt /bin/bash
apt-get update && apt-get install wget && apt install procps
一路按Y执行下去,然后安装宝塔面板` wget -O install.sh download.bt.cn/install/ins… && bash install.sh ed8484bec
docker run -d --name nginx --privileged=true -p 80:1080 -p 443:1443
-v /opt/nginx:/opt/bitnami/nginx
-v /opt/nginx/certs:/certs
docker-cf.registry.cyou/bitnami/nginx
docker run -d --name minio
--publish 9010:9000
--publish 9001:9001
--volume /opt/minio:/bitnami/minio/data
bitnami/minio:latest
docker run --restart=unless-stopped -d --name mysql8 -v /opt/mysql:/bitnami/mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=289862d2-d782-4020-96b1-605d2837cfab bitnami/mysql:8.0.39
docker run --name reids -d -p 6379:6379
-e ALLOW_EMPTY_PASSWORD=yes
-v /opt/redis:/bitnami/redis/data
bitnami/redis:7.4.0
docker run -d
--restart=always
--name rmqnamesrv
--privileged=true
-p 9876:9876
-v /opt/rocketmq/logs:/root/logs
-v /opt/rocketmq/store:/root/store
-e "MAX_POSSIBLE_HEAP=100000000"
-e "JAVA_OPT_EXT=-Xms512M -Xmx512M -Xmn128m"
apache/rocketmq
sh mqnamesrv
vi /usr/local/rocketmq/conf/broker.conf
进入编辑模式,选择插入模式,进行文件配置
配置文件代码:
brokerClusterName = DefaultCluster
brokerName = broker-a
brokerId = 0
deleteWhen = 04
fileReservedTime = 48
brokerRole = ASYNC_MASTER
flushDiskType = ASYNC_FLUSH
brokerIP1 = 192.168.27.129
diskMaxUsedSpaceRatio=95
docker run -d
--restart=always
--name rmqbroker
--link rmqnamesrv:namesrv
--privileged=true
-p 10911:10911
-p 10912:10912
-p 10909:10909
-v /opt/rocketmq/broker/logs:/root/logs
-v /opt/rocketmq/broker/store:/root/store
-v /opt/rocketmq/broker/conf/broker.conf:/home/rocketmq/rocketmq-4.9.4/conf/broker.conf
-e "NAMESRV_ADDR=namesrv:9876"
-e "JAVA_OPT_EXT=-Xms512M -Xmx512M -Xmn128m"
-e "MAX_POSSIBLE_HEAP=200000000"
apache/rocketmq
sh mqbroker -c /opt/rocketmq/broker/conf/broker.conf
docker run -d
--restart=always
--name rmqadmin
-e "JAVA_OPTS=-Drocketmq.namesrv.addr=172.18.0.1:9876 -Dcom.rocketmq.sendMessageWithVIPChannel=false"
-p 8081:8080
--ulimit nofile=1024
styletang/rocketmq-console-ng:latest
