Docker
安装
yum install epel-release –y
yum clean all
yum list
yum install docker-io –y
systemctl start docker
切换镜像地址
mkdir -p /etc/docker
vi /etc/docker/daemon.json
- 使用阿里云镜像仓库:https://cr.console.aliyun.com/cn-shanghai/instances/mirrors
{
"registry-mirrors": ["https://从上面的链接获取.mirror.aliyuncs.com"]
}
systemctl daemon-reload
systemctl restart docker
开启远程镜像
本地虚拟机请这样配置
vi /lib/systemd/system/docker.service
#修改ExecStart这行
#增加(会所有ip访问): -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
systemctl daemon-reload
systemctl restart docker.service
curl http://127.0.0.1:2375/info
如果是云服务器请这样配置
[root@iZuf65o7dtmo087mizdurkZ ~]# read -s PASSWORD
[root@iZuf65o7dtmo087mizdurkZ ~]# read SERVER
centos7
[root@iZuf65o7dtmo087mizdurkZ ~]# cd /etc/docker
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl genrsa -aes256 -passout pass:$PASSWORD \
-out ca-key.pem 2048
Generating RSA private key, 2048 bit long modulus
................+++
......................................................+++
e is 65537 (0x10001)
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl req -new -x509 -days 365 -key ca-key.pem -passin pass:$PASSWORD \
-sha256 -out ca.pem -subj "/C=NL/ST=./L=./O=./CN=$SERVER"
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl genrsa -out server-key.pem 2048
Generating RSA private key, 2048 bit long modulus
..................+++
..........................................................+++
e is 65537 (0x10001)
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl req -subj "/CN=$SERVER" -new -key server-key.pem \
-out server.csr
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl x509 -req -days 365 -in server.csr -CA ca.pem -CAkey ca-key.pem \
-passin "pass:$PASSWORD" -CAcreateserial \
-out server-cert.pem
Signature ok
subject=/CN=centos7
Getting CA Private Key
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl genrsa -out key.pem 2048
Generating RSA private key, 2048 bit long modulus
..................+++
..................................+++
e is 65537 (0x10001)
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl req -subj '/CN=client' -new -key key.pem \
-out client.csr
[root@iZuf65o7dtmo087mizdurkZ docker]# sh -c 'echo "extendedKeyUsage=clientAuth" > extfile.cnf'
[root@iZuf65o7dtmo087mizdurkZ docker]# openssl x509 -req -days 365 -in client.csr -CA ca.pem -CAkey ca-key.pem \
-passin "pass:$PASSWORD" -CAcreateserial -out cert.pem \
-extfile extfile.cnf
Signature ok
subject=/CN=client
Getting CA Private Key
[root@iZuf65o7dtmo087mizdurkZ docker]# chmod 0400 ca-key.pem key.pem server-key.pem
[root@iZuf65o7dtmo087mizdurkZ docker]# chmod 0444 ca.pem server-cert.pem cert.pem
[root@iZuf65o7dtmo087mizdurkZ docker]# rm client.csr server.csr
rm: remove regular file ‘client.csr’? y
rm: remove regular file ‘server.csr’? y
[root@iZuf65o7dtmo087mizdurkZ docker]# vi /lib/systemd/system/docker.service
#在ExecStart增加
--tlsverify \
--tlscacert=/etc/docker/ca.pem \
--tlscert=/etc/docker/server-cert.pem \
--tlskey=/etc/docker/server-key.pem \
-H unix:///var/run/docker.sock \
-H tcp://0.0.0.0:2376 \
[root@iZuf65o7dtmo087mizdurkZ docker]# systemctl daemon-reload
[root@iZuf65o7dtmo087mizdurkZ docker]# systemctl restart docker.service
安装redis
- 没设置密码
docker create --name redis --net host \
-v /data/redis-data/node:/data redis:5.0.2 \
--port 6379
- 设置密码(因为云服务器远程连接的的话必须要密码 且密码必须复杂而且设置白名单)
docker create --name redis --net host \
-v /data/redis-data/node:/data redis:5.0.2 \
--port 6379 \
--requirepass Yang2000620! \
--bind 127.0.0.1 xx.xx.xx.xx xx.xx.xx.xx
安装percona
- 用户名root、密码root
docker create --name percona \
-v /data/mysql/node/data:/var/lib/mysql \
-v /data/mysql/node/conf:/etc/my.cnf.d \
-p 3306:3306 \
-e MYSQL_ROOT_PASSWORD=Yang2000620! \
percona:5.7.23
mkdir -p /data/mysql/node/
cd /data/mysql/
chmod 777 * -R
云服务器的话继续设置允许访问的白名单
进入mysql的容器
docker exec -it percona /bin/bash
登陆mysql
bash-4.2$ mysql -uroot -p
开启mysql远程连接权限
#执行下面的语句 *.*:所有库下的所有表 %:任何IP地址或主机都可以连接
#GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'root' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON *.* TO 'root'@'xx.xx.xx.xx xx.xx.xx.xx' IDENTIFIED BY 'Yang2000620!' WITH GRANT OPTION;
FLUSH PRIVILEGES;
卸载Docker
yum list installed | grep docker
yum remove -y containerd.io.x86_64 docker-ce.x86_64 docker-ce-cli.x86_64
rm -rf /var/lib/docker
Git
git init
git add remote origin 仓库地址
git pull origin master
git add .
git commit -m “说明”
git push origin master