安全相关
防火墙开放端口
| 名称 | 端口 |
|---|---|
| Tomcat外部访问 | 8080-9000 |
| Mysql远程连接 | 3306 |
| Redis远程连接 | 6379 |
| RabbitMQ:Web界面 | 15672 |
| Rabbit: AMQP | 5672 |
| Rabbit:Stomp | 61613 |
| Rabbit:MQTT | 1883 |
openjdk安装
su -c "yum install java-1.8.0-openjdk"
yum仓库管理
yum-config-manager --add-repo http://mirrors.aliyun.com/dockerce/linux/centos/docker-ce.repo
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
mysql安装
# 移除自带mariab数据库
yum remove -y `rpm -aq mariadb*`
# 查询本机是否有mysql
rpm -qa | grep mysql
# 获取mysql安装包
wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
# 安装
yum -y install mysql57-community-release-el7-10.noarch.rpm
# 关闭gpg签名
yum -y install mysql-community-server --nogpgcheck
mysql初始化
systemctl start mysqld.service
修改密码
#获取初始密码
grep 'password' /var/log/mysqld.log
oTDJ*oD7fls
ALTER USER USER() IDENTIFIED BY 'root';
设置远程连接权限
grant all privileges on *.* to root@'%' identified by "windlinxy@0014YST";
alter user 'root'@'%' identified with mysql_native_password by '123456';
redis安装
# 执行以下命令升级gcc
yum install gcc-c++
# 安装软件集scl
yum -y install centos-release-scl
yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++ devtoolset-9-binutils
scl enable devtoolset-9 bash
echo “source /opt/rh/devtoolset-9/enable” >> /etc/profile
# 获取安装包
wget https://download.redis.io/redis-stable.tar.gz
tar -zxvf redis-stable.tar.gz
# 进入redis目录
#编译
make
#安装
make install
##### 安装完成
后台启动
cd /usr/local/redis-stable
cp redis.conf redis.conf.bak
# 编辑配置文件
# 将bind注释(远程连接)
# protected-mode no 无密码登录
# daemonize yes 后台启动
vim redis.conf
Nginx
# nginx需要gcc环境,没有就安装
yum install gcc-c++
# Nginx的http模块需要使用pcre来解析正则表达式,需要安装pcre
yum install -y pcre pcre-devel
# 安装依赖的解压包
yum install -y zlib zlib-devel
# ssl 功能需要 openssl 库,安装 openssl
yum install -y openssl openssl-devel
# 下载nginx
wget https://nginx.org/download/nginx-1.22.1.tar.gz
# 解压
tar -zxvf nginx-1.22.1.tar.gz
cd /usr/local/nginx
# 配置安装路径,否则默认/usr/bin
./configure --prefix=/usr/local/nginx
mkdir logs
#编译
make
#安装,可能会报错,但是会安装成功
make install
Docker
安装步骤
-
官网安装手册:docs.docker.com/engine/inst…
-
确定是CentOS7以上版本
-
yum安装gcc相关环境:
yum -y install gcc yum -y install gcc-c++ -
卸载旧版本
yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-lastest \ docker-latest-logrotate \ docker-logrotate \ docker-engine -
安装需要软件包
yum install -y yum-utils -
设置镜像仓库
yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -
更新yum软件包索引
yum makecache fast -
安装Docker CE
yum install docker-ce-cli containerd.io yum install -y docker-ce -
启动Docker
systemctl start docker -
测试命令
docker version docker run hello-world docker images -
卸载
systemctl stop docker yum -y remove docker-ce docker-ce-cli containerd.io rm -rf /var/lib/docker
阿里云镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://qiyb9988.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
实用
注意!在Docker运行的容器是访问不到宿主机其他端口的,localhost是用不了的,需要用
ip addr show docker0命令找到docker容器能够识别的本机ip,然后将项目中的连接ip修改成获得的ip
可视化面板
docker run -d -p 9000:9000 \
--restart=always --privileged=true -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer
Tomcat
# tomcat 部署
# 端口映射:-p 8080:8080
# 后台运行:-d
# 容器名:--name
# webapps挂载 -v /data/docker/tomcat/webapps:/usr/local/tomcat/webapps
# logs挂载:-v /data/docker/tomcat/logs:/usr/local/tomcat/logs
# privileged启动的容器,可以看到很多host上的设备,并且可以执行mount
# --privileged=true
docker run -it -d -p 8081:8080 -v /data/docker/tomcat/logs:/usr/local/tomcat/logs -v /data/docker/tomcat/webapps:/usr/local/tomcat/webapps --name tomcat --privileged=true tomcat:8.5.59
Nginx
# 端口映射:-p 80:80
# 后台运行:-d
# 容器名:--name
# 配置文件挂载:-v /data/docker/nginx/nginx.conf:/etc/nginx/nginx.conf \
# 虚拟主机配置挂载:-v /data/docker/nginx/conf.d:/etc/nginx/conf.d \
# 证书文件挂载:-v /data/docker/nginx/cert:/etc/nginx/cert \
# 静态资源:-v /data/docker/nginx/html:/usr/share/nginx/html \
# 中文乱码:-e LANG=C.UTF-8 -e LC_ALL=C.UTF-8 \
# privileged启动的容器,可以看到很多host上的设备,并且可以执行mount
# --privileged=true
docker run -d -p 80:80 --name nginx \
-v /data/docker/nginx/cert:/etc/nginx/cert \
-v /data/docker/nginx/html:/usr/share/nginx/html \
-v /data/docker/nginx/log:/var/log/nginx \
-e LANG=C.UTF-8 -e LC_ALL=C.UTF-8 \
-v /data/docker/nginx/conf.d:/etc/nginx/conf.d \
--privileged=true nginx
#运行容器
docker run -d -p 80:80 --name nginx nginx
#进入容器查看需要挂载的文件
docker exec -it nginx /bin/bash
MySQL
# 端口映射:-p 宿主机:容器
# 后台运行:-d
# 容器名:--name
# 配置文件挂载:-v /data/docker/nginx/nginx.conf:/etc/nginx/nginx.conf \
# 虚拟主机配置挂载:-v /data/docker/nginx/conf.d:/etc/nginx/conf.d \
# 证书文件挂载:-v /data/docker/nginx/cert:/etc/nginx/cert \
# 静态资源:-v /data/docker/nginx/html:/usr/share/nginx/html \
# 密码:-e MYSQL_ROOT_PASSWORD=123456
docker run --name mysql -p 3307:3306 -e MYSQL_ROOT_PASSWORD=123456 -v /data/docker/mysql/conf/my.cnf:/etc/my.cnf -v /data/docker/mysql/datadir:/var/lib/mysql -d mysql
docker run --name web-mysql -p 3307:3306 -e MYSQL_ROOT_PASSWORD=123456 -v /usr/local/project_web01/docker/mysql/conf/my.cnf:/etc/my.cnf -v /usr/local/project_web01/docker/mysql/datadir:/var/lib/mysql -d mysql
