目录
汇总:使用 Docker 部署常用开发环境 (持续更新)
下载方式 wget -c -O docker-compose.yml “url”
1. registry
官网: https://docs.docker.com/registry/
https://docs.docker.com/registry/deploying/
docker 私有仓库,官方出品。
运行方式:
docker run -d \ -p 5000:5000 \ --restart=always \ --name registry \ -v /mnt/registry:/var/lib/registry \ registry
提交到私有仓库示例:
# 从Docker Hub官网拉取镜像。 $ docker pull ubuntu:16.04 # 重新打标签,记得加上私有仓库ip和端口。具体含义见 docker 镜像命名方式。 $ docker tag ubuntu:16.04 localhost:5000/my-ubuntu # 提交镜像到私有仓库。 $ docker push localhost:5000/my-ubuntu # 本机可以删除掉缓存的原标签。 $ docker image remove ubuntu:16.04 # 后续拉取镜像可从私有仓库拉取。 $ docker pull localhost:5000/my-ubuntu
2. portainer
https://hub.docker.com/r/portainer/portainer
docker 管理工具 web 版,管理员通过浏览器访问 9000 端口进行控制 docker 。
单机版通过 socket 跟主机 docker 进行通信获取信息,运行和挂载命令如下:
docker run -d -p 9000:9000 \ -v /var/run/docker.sock:/var/run/docker.sock \ portainer/portainer
集群版未实验,参见其他网上文档。
— 2023/03/28 21:32 更新下面内容
https://hub.docker.com/r/portainer/portainer-ce
version: '3' services: portainer: image: 'portainer/portainer-ce' restart: always ports: # - '8000:8000' # - '9443:9443' - '9000:9000' environment: - TZ=Asia/Shanghai volumes: - /var/run/docker.sock:/var/run/docker.sock - portainer_data:/data volumes: portainer_data:
3. vlmcsd
不多说,自行搜索这是什么东西。
docker run -d -p 1688:1688 --restart=always --name vlmcsd mikolatero/vlmcsd
4. redis
- docker-compose.yml
version: '3.7' services: redis: image: redis:alpine restart: always ports: - "6379:6379" environment: TZ: "Asia/Shanghai" volumes: - redis_data:/data volumes: redis_data:
5. mysql
6. postgres
- docker-compose.yml
version: "3.7" services: db: image: postgres:alpine restart: always volumes: - db_data:/var/lib/postgresql/data # - ./init.sql:/docker-entrypoint-initdb.d/init.sql ports: - "5432:5432" # env_file: # - .env environment: # default user name: postgres # - POSTGRES_USER=postgres - POSTGRES_PASSWORD=123456 # - POSTGRES_DB=postgres - TZ=Asia/Shanghai healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 5m timeout: 5s retries: 3 # start_period: 1m adminer: image: adminer restart: always ports: - "8080:8080" volumes: db_data:
7. rabbitmq
- docker-compose.yml
version: "3.7" services: rabbitmq: image: rabbitmq:alpine restart: always environment: # default username/password: guest / guest RABBITMQ_DEFAULT_USER: "rabbitmq" RABBITMQ_DEFAULT_PASS: "123456" # RABBITMQ_DEFAULT_VHOST: "RabbitMq" ports: # 5672 client端通信端口 # 15672 管理界面ui端口。管理插件默认关闭,如要打开,则需要进入容器内运行 rabbitmq-plugins enable rabbitmq_management # 管理端也可以单独启动 rabbitmq:management-alpine 镜像 - "5672:5672" - "15672:15672" # 1883 mqtt通信端口。mqtt插件默认关闭,如要打开,则需要进入容器内运行 rabbitmq-plugins enable rabbitmq_mqtt - "1883:1883" volumes: - rabbitmq_data:/var/lib/rabbitmq volumes: rabbitmq_data:
8. clickhouse server
- docker-compose.yml
version: "3.7" services: clickhouse-server: # 默认用户名: default ,密码通过配置文件来设置。 image: yandex/clickhouse-server:latest # restart: always ports: - "8123:8123" - "9000:9000" ulimits: nofile: soft: 262144 hard: 262144 # 时区的环境变量在该镜像中无效。 #environment: # TZ: "Asia/Shanghai" volumes: - db_data:/var/lib/clickhouse # 用户自定义配置 - ./users.d:/etc/clickhouse-server/users.d:ro # 初始脚本 - ./initdb.d:/docker-entrypoint-initdb.d:ro volumes: db_data:
创建一个 users.d 目录,存放用户自定义配置,示例为配置默认用户的登录密码: default-password.xml
- default-password.xml
<yandex> <users> <default> <password>123456</password> </default> </users> </yandex>
创建一个 initdb.d 目录,存放自定义的初始化脚本。示例为创建一个数据库
- init-db.sh
#!/bin/bash set -e clickhouse client --password 123456 -n <<-EOSQL CREATE DATABASE IF NOT EXISTS my_database; EOSQL
9. etcd
- docker-compose.yml
version: "3.7" services: etcd: image: bitnami/etcd:latest # restart: always ports: - "2379:2379" - "2380:2380" environment: - ALLOW_NONE_AUTHENTICATION=yes - ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379 - TZ=Asia/Shanghai # etcdkeeper: # image: evildecay/etcdkeeper # ports: # - "8080:8080"
10. consul
单节点
- docker-compose.yml
version: '3.7' services: consul: image: consul # restart: always ports: - "8500:8500" command: "agent -server -client 0.0.0.0 -bootstrap -node consul1 -ui -bind 0.0.0.0"
多节点
- docker-compose.yml
version: '3.7' services: consul1: image: consul # restart: always ports: - "8500:8500" command: "agent -server -client 0.0.0.0 -bootstrap-expect 3 -node consul1 -ui -bind 0.0.0.0" consul2: image: consul # restart: always command: "agent -server -client 0.0.0.0 -retry-join=consul1 -node consul2 -bind 0.0.0.0" consul3: image: consul # restart: always command: "agent -server -client 0.0.0.0 -retry-join=consul1 -node consul3 -bind 0.0.0.0"
11. openldap
- docker-compose.yml
version: '3.7' services: ldap: # openldap 服务器 image: osixia/openldap:latest restart: always volumes: - ldap_config:/etc/ldap/slapd.d - ldap_data:/var/lib/ldap # - ldap_certs:/container/service/slapd/assets/certs ports: # port 636 for TLS - "389:389" # - "636:636" environment: - TZ=Asia/Shanghai - LDAP_DOMAIN=example.org - LDAP_ORGANISATION=Example Inc. - LDAP_ADMIN_PASSWORD=admin - LDAP_CONFIG_PASSWORD=config - LDAP_READONLY_USER=true - LDAP_READONLY_USER_USERNAME=readonly - LDAP_READONLY_USER_PASSWORD=readonly - LDAP_TLS=false # - LDAP_TLS_CRT_FILENAME=ldap.crt # - LDAP_TLS_KEY_FILENAME=ldap.key # - LDAP_TLS_DH_PARAM_FILENAME=dhparam.pem # - LDAP_TLS_CA_CRT_FILENAME=ca.crt # lam: # # 账号管理(管理员使用) # image: ldapaccountmanager/lam:latest # # restart: always # ports: # - "8100:80" # environment: # - TZ=Asia/Shanghai ldapadmin: # 另一个账号管理的工具 image: osixia/phpldapadmin:latest # restart: always ports: - "8443:443" environment: - TZ=Asia/Shanghai - PHPLDAPADMIN_LDAP_HOSTS=ldap volumes: - ldapadmin_data:/var/www/phpldapadmin ssp: # 自助密码服务(普通用户使用) image: tiredofit/self-service-password:latest restart: always ports: - "8200:80" environment: - TZ=Asia/Shanghai - LDAP_SERVER=ldap://ldap - LDAP_STARTTLS=false - LDAP_BINDDN=cn=admin,dc=example,dc=org - LDAP_BINDPASS=admin - LDAP_BASE_SEARCH=dc=example,dc=org - LDAP_LOGIN_ATTRIBUTE=uid - LDAP_FULLNAME_ATTRIBUTE=cn volumes: ldap_config: ldap_data: #ldap_certs: ldapadmin_data:
1. 服务可用性验证
管理员使用 ldapsearch 验证(需要安装 ldap-utils 包)
ldapsearch -x -LLL -H ldap:/// -b dc=example,dc=org -D cn=admin,dc=example,dc=org -W dn # -x: 使用简单认证方式 # -H: ldap url # -b: searchbase 搜索路径 # -D: binddn ,可以理解为有权限的用户 # -W: 使用交互的方式输入密码。非交互方式使用 -w <password> # 最后的 dn 表示只搜索(过滤) dn 属性 ldapsearch -x -LLL -H ldap:/// -b cn=config -D cn=admin,cn=config -W dn # 参数解释同上。-b cn=config 表示搜索 config 的内容。config admin 的密码见 LDAP_CONFIG_PASSWORD 。
普通用户验证密码
ldapsearch -x -LLL -H ldap:/// -b cn=test,dc=example,dc=org -D cn=test,dc=example,dc=org -W # 参数解释同上。由于普通用户权限有限,所以 -b 只能看他自己,-b 范围太大时,会提供找不到对象。 ldapwhoami -x -H ldap:/// -D cn=test,dc=example,dc=org -W # 另一个验证密码的方式。此命令不需要指定 searchbase ,更快捷,不过能获取的信息较少。
2. phpldapadmin 个性化配置
通过调整 phpldapadmin 的配置,可以做自定义设定。 参考 https://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
修改 /var/www/phpldapadmin/config/config.php 文件
# 先修改文件属性为可读写。每次容器启动之后,该文件都会被重置为只读。 chmod 600 /var/www/phpldapadmin/config/config.php vi /var/www/phpldapadmin/config/config.php
自定义树的显示方式 : 在配置文件的末尾添加下列配置项
// 数组里的显示方式列表,如果前一种方式里指定的属性不存在,则会尝试使用下一种显示方式。 原始默认值为 '%rdn' $config->custom->appearance['tree_display_format'] = array('%uidNumber - %displayName (%rdn)', '%displayName (%rdn)', '%rdn');
自定义 uidNumber 的初始值 : 在配置文件的末尾添加下列配置项
// uidNumber 从 10001 开始递增。 原始默认值为 1000 。 $servers->setValue('auto_number', 'min', array('uidNumber'=>10001, 'gidNumber'=>1000));
12. microsoft sql server
- docker-compose.yml
version: "3.7" services: sqlserver: image: 'mcr.microsoft.com/mssql/server:2019-latest' restart: always ports: - '1433:1433' environment: # default user name: sa - SA_PASSWORD=Password - ACCEPT_EULA=y #volumes:
1 创建数据库注意事项
由于 docker 版 SqlServer 没有管理端,创建数据库一般是通过数据库客户端(如 Navicat, DBeaver )来进行操作,此时如果没有指定数据库字符集,很有可能会产生中文乱码。
可以使用如下脚本进行创建指定字符集的数据库,防止中文乱码。
CREATE DATABASE XXX COLLATE Chinese_PRC_CI_AS;
若需要使用繁体中文,字符集可以为
CREATE DATABASE XXX COLLATE Chinese_Traditional_Pinyin_100_CS_AI;
13. oracle 19c
- docker-compose.yml
version: "3.7" services: oracle: image: 'registry.cn-hangzhou.aliyuncs.com/zhuyijun/oracle:19c' restart: always ports: - '1521:1521' - '5500:5500' environment: - ORACLE_SID=ORCLCDB - ORACLE_PDB=ORCLPDB1 - ORACLE_PWD=123456 - ORACLE_EDITION=standard - ORACLE_CHARACTERSET=AL32UTF8 volumes: - db_data:/opt/oracle/oradata volumes: db_data:
初次运行时安装的时间比较久,需要耐心等待。 登录设置: - SID: ORCLCDB 或者 Service Name: ORCLCDB 或者 Service Name: ORCLPDB1 - 用户名密码: sys/123456(SYSDBA) 或者 system/123456(Normal) - 默认表空间为: SYSTEM
14. jenkins
- docker-compose.yml
version: "3.7" services: jenkins: image: 'jenkins/jenkins:lts-alpine' restart: always ports: - '8080:8080' #- '50000:50000' environment: - TZ=Asia/Shanghai volumes: - jenkins-data:/var/jenkins_home java11-node1: image: 'gulucat/java-agent:jdk11' restart: always volumes: - /home/deploy/dist:/dist - maven_repository:/root/.m2 environment: - TZ=Asia/Shanghai volumes: jenkins-data: maven_repository:
1 备份和升级说明
- 直接备份
/var/jenkins_home中的所有内容即可。 - 升级时,直接把旧镜像删除,再使用新镜像创建容器即可。(数据已挂载到容器外)
2 任务节点制作示例
vi agent_jdk11.dockerfile
FROM maven:3-jdk-11
RUN sed -i "s@http://deb.debian.org@http://mirrors.tuna.tsinghua.edu.cn@g" /etc/apt/sources.list \
&& sed -i "s@http://security.debian.org@http://mirrors.tuna.tsinghua.edu.cn@g" /etc/apt/sources.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
ssh \
curl \
vim-tiny \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir /run/sshd
RUN echo "export PATH=/usr/local/openjdk-11/bin:\$PATH" >> /root/.bashrc \
&& echo "export JAVA_HOME=/usr/local/openjdk-11" >> /root/.bashrc \
&& mkdir -p /home/jenkins \
&& mkdir /root/.ssh
# jenkins 里创建一对密钥,把公钥提出来,放到节点镜像中,实现免密控制。
COPY ./certs/id_ed25519.pub /root/.ssh/authorized_keys
CMD ["/usr/sbin/sshd", "-D"]
docker build -f agent_jdk11.dockerfile -t gulucat/java-agent:jdk11 .
15. nexus3
- docker-compose.yml
version: "3.7" services: nexus: image: 'sonatype/nexus3' restart: always ports: - '8081:8081' environment: - TZ=Asia/Shanghai volumes: - nexus-data:/nexus-data volumes: nexus-data:
1 说明
- 所有数据存储在
/nexus-data中。 - 运行后,默认用户名为
admin,默认密码需要查看/nexus-data/admin.password文件。
16. SonarQube
- docker-compose.yml
version: "3.7" services: sonarqube: image: "sonarqube:lts-community" restart: always ports: - "9000:9000" environment: - TZ=Asia/Shanghai volumes: # 数据目录。h2数据库文件和es索引 - sonarqube-data:/opt/sonarqube/data # 日志目录。 - sonarqube-logs:/opt/sonarqube/logs # 第三方插件 - sonarqube-extensions:/opt/sonarqube/extensions # 配置文件 # - sonarqube-conf:/opt/sonarqube/conf volumes: sonarqube-data: sonarqube-logs: sonarqube-extensions: # sonarqube-conf:
1 说明
- 所有数据存储在
/opt/sonarqube中。 - 运行后,默认用户名和密码均为
admin。 首次登录系统会要求修改密码。 - 常用插件:
- sonar-pdfreport-plugin : 用于生成 pdf 报告。把对应的插件 jar 包放到
/opt/sonarqube/extensions/plugins目录下,重启应用即可使用。
17. Gitea
- docker-compose.yml
version: "3.7" services: web: image: gitea/gitea:latest restart: always ports: - "3000:3000" - "8022:22" volumes: - git_data:/data environment: - TZ=Asia/Shanghai - GITEA__database__DB_TYPE=postgres - GITEA__database__HOST=db:5432 - GITEA__database__NAME=gitea - GITEA__database__USER=gitea - GITEA__database__PASSWD=gitea depends_on: - db db: image: postgres:alpine restart: always volumes: - db_data:/var/lib/postgresql/data # ports: # - "5432:5432" environment: # default user name: postgres - POSTGRES_USER=gitea - POSTGRES_PASSWORD=gitea - POSTGRES_DB=gitea - TZ=Asia/Shanghai adminer: image: adminer restart: always ports: - "8023:8080" volumes: git_data: db_data:
18. redmine
- docker-compose.yml
version: "3.7" services: redmine: image: redmine:5 restart: always ports: - "3000:3000" volumes: - redmine_files:/usr/src/redmine/files environment: - TZ=Asia/Shanghai - REDMINE_DB_POSTGRES=db - REDMINE_DB_PORT=5432 - REDMINE_DB_USERNAME=redmine - REDMINE_DB_PASSWORD=redmine - REDMINE_DB_DATABASE=redmine depends_on: - db healthcheck: test: ["CMD-SHELL", "curl -f http://127.0.0.1:3000 || exit 1"] interval: 2m timeout: 10s retries: 3 db: image: postgres:alpine restart: always volumes: - db_data:/var/lib/postgresql/data # - ./init.sql:/docker-entrypoint-initdb.d/init.sql # ports: # - "5432:5432" # env_file: # - .env environment: # default user name: postgres - POSTGRES_USER=redmine - POSTGRES_PASSWORD=redmine - POSTGRES_DB=redmine - TZ=Asia/Shanghai healthcheck: test: ["CMD-SHELL", "pg_isready -U postgres"] interval: 2m timeout: 5s retries: 5 start_period: 1m #adminer: # image: adminer # restart: always # ports: # - "8080:8080" volumes: redmine_files: db_data:
db 相关的配置参考 docker 部署 postgresql
19. kafka
- docker-compose.yml
version: '2' services: zookeeper: image: confluentinc/cp-zookeeper:latest environment: ZOOKEEPER_CLIENT_PORT: 2181 ZOOKEEPER_TICK_TIME: 2000 ports: - 22181:2181 kafka: image: confluentinc/cp-kafka:latest depends_on: - zookeeper ports: - 29092:29092 - 9092:9092 environment: KAFKA_BROKER_ID: 1 KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 # 这里需要有一个是主机的ip KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,PLAINTEXT_HOST://192.168.3.62:29092 KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 kafka-ui: image: provectuslabs/kafka-ui:latest depends_on: - kafka ports: - 28080:8080 environment: DYNAMIC_CONFIG_ENABLED: "true" KAFKA_CLUSTERS_0_NAME: local KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka:9092
20. mongodb
- docker-compose.yml
version: '3' services: mongo: image: mongo #restart: always ports: - 27017:27017 environment: MONGO_INITDB_ROOT_USERNAME: root MONGO_INITDB_ROOT_PASSWORD: 123456 volumes: - db_data:/data/db mongo-express: image: mongo-express #restart: always ports: - 8081:8081 environment: # default login: admin / pass ME_CONFIG_MONGODB_ADMINUSERNAME: root ME_CONFIG_MONGODB_ADMINPASSWORD: 123456 ME_CONFIG_MONGODB_URL: mongodb://root:123456@mongo:27017/ volumes: db_data:
21. minio
- docker-compose.yml
version: '3' services: minio: image: minio/minio environment: - MINIO_VOLUMES="/data" - MINIO_ROOT_USER=minioadmin - MINIO_ROOT_PASSWORD=minioadmin ports: - 9000:9000 - 9090:9090 volumes: - ./data:/data command: "minio server --console-address \":9090\""