Docker

• 安装方式

sudo yum install -y yum-utils device-mapper-persistent-data lvm2

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install -y docker-ce

• 配置 /etc/docker

  • 增加daemon.json 修改/var/lib/docker 修改为 /data/docker

  {
      "graph": "/data/docker"
  }
  

• 命令

  • 启动sudo systemctl start docker
  • 重启sudo systemctl restart docker
  • 停止sudo systemctl stop docker

安装Portainer

• 位置/data/portainer
• 创建脚本touch run.sh

docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

下面的docker-compose.yml 都是放在portainer中

Traefik

• 位置/data/traefik

• 创建文件 traefik.toml和touch acme.json

  • 证书acme.json
  • 配置traefik.toml 获取基础配置wget https://raw.githubusercontent.com/containous/traefik/master/traefik.sample.toml
  • 设置权限chmod 600 acme.json

• traefik.toml 增加配置

# 自动签发证书并且自动续期    
[certificatesResolvers.le.acme]
  email = "邮件@email.com"
  storage = "acme.json"
  [certificatesResolvers.le.acme.tlsChallenge]

• docker-compose.yml

version: '2'

services:
  reverse-proxy:
    image: traefik:v2.2
    container_name: traefik
    ports:
      - "80:80"
      - "443:443"
    environment:
        TZ: Asia/Shanghai
    volumes:
      - /data/traefik/traefik.toml:/etc/traefik/traefik.toml
      - /data/traefik/acme.json:/acme.json
      - /data/traefik/log:/log
      - /var/run/docker.sock:/var/run/docker.sock

• 使用 在服务添加代码

  服务:
    networks:
          - default
    labels:
          - traefik.http.routers.whoami.rule=Host(`域名`)
          - traefik.http.routers.whoami.tls=true
          - traefik.http.routers.whoami.tls.certresolver=le
使用traefik_default网络
networks:
  default:
    external:
      name: traefik_default

Rocketmq 双Master

• 方式https://github.com/foxiswho/docker-rocketmq
• 位置/data/rocketmq
• 创建目录

# 创建目录
mkdir -p ./rmqs/logs
mkdir -p ./rmqs/store
mkdir -p ./rmq/logs
mkdir -p ./rmq/store
mkdir -p ./rmq/brokerconf

• 配置文件 在rmq/brokerconf创建文件broker.conf与plain_acl.ym

• 设置权限

# 设置目录权限
chmod -R 777 ./rmqs/logs
chmod -R 777 ./rmqs/store
chmod -R 777 ./rmq/logs
chmod -R 777 ./rmq/store
chmod -R 777 ./rmq/brokerconf

• 配置文件 ACL plain_acl.yml

accounts:
    - accessKey: 账户
      secretKey: 密码
      admin: true

• 配置文件broker.conf

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.


#所属集群名字
brokerClusterName=DefaultCluster

#broker名字，注意此处不同的配置文件填写的不一样，如果在broker-a.properties使用:broker-a,
#在broker-b.properties使用:broker-b
# ip1 broker-a
# ip2 broker-b
brokerName=broker-b

#0 表示Master，>0 表示Slave
brokerId=0

#nameServer地址
namesrvAddr=ip1:9876;ip2:9876
#namesrvAddr=rmqnamesrv:9876

#启动IP,如果 docker 报 com.alibaba.rocketmq.remoting.exception.RemotingConnectException: connect to <192.168.0.120:10909> failed
# 解决方式1 加上一句producer.setVipChannelEnabled(false);，解决方式2 brokerIP1 设置宿主机IP，不要使用docker 内部IP
# 公网ip
brokerIP1=ip

#在发送消息时，自动创建服务器不存在的topic，默认创建的队列数
defaultTopicQueueNums=4

#是否允许 Broker 自动创建Topic，建议线下开启，线上关闭 ！！！这里仔细看是false，false，false
#原因下篇博客见~ 哈哈哈哈
autoCreateTopicEnable=true

#是否允许 Broker 自动创建订阅组，建议线下开启，线上关闭
autoCreateSubscriptionGroup=true

#Broker 对外服务的监听端口
listenPort=10911

#删除文件时间点，默认凌晨4点
deleteWhen=04

#文件保留时间，默认48小时
fileReservedTime=120

#commitLog每个文件的大小默认1G
mapedFileSizeCommitLog=1073741824

#ConsumeQueue每个文件默认存30W条，根据业务情况调整
mapedFileSizeConsumeQueue=300000

#destroyMapedFileIntervalForcibly=120000
#redeleteHangedFileInterval=120000
#检测物理文件磁盘空间
diskMaxUsedSpaceRatio=88
#存储路径
#storePathRootDir=/home/ztztdata/rocketmq-all-4.1.0-incubating/store
#commitLog 存储路径
#storePathCommitLog=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/commitlog
#消费队列存储
#storePathConsumeQueue=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/consumequeue
#消息索引存储路径
#storePathIndex=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/index
#checkpoint 文件存储路径
#storeCheckpoint=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/checkpoint
#abort 文件存储路径
#abortFile=/home/ztztdata/rocketmq-all-4.1.0-incubating/store/abort
#限制的消息大小
maxMessageSize=65536

#flushCommitLogLeastPages=4
#flushConsumeQueueLeastPages=2
#flushCommitLogThoroughInterval=10000
#flushConsumeQueueThoroughInterval=60000

#Broker 的角色
#- ASYNC_MASTER 异步复制Master
#- SYNC_MASTER 同步双写Master
#- SLAVE
brokerRole=ASYNC_MASTER

#刷盘方式
#- ASYNC_FLUSH 异步刷盘
#- SYNC_FLUSH 同步刷盘
flushDiskType=ASYNC_FLUSH

#发消息线程池数量
#sendMessageThreadPoolNums=128
#拉消息线程池数量
#pullMessageThreadPoolNums=128
# 开启认证
aclEnable=true

• docker-compose.yml

version: '2'
services:
  rmqnamesrv:
    image: foxiswho/rocketmq:4.8.0
    container_name: rmqnamesrv
    restart: always
    ports:
      - 9876:9876
    volumes:
      - /data/rocketmq/rmqs/logs:/home/rocketmq/logs
      - /data/rocketmq/rmqs/store:/home/rocketmq/store
    environment:
      JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
      TZ: Asia/Shanghai
    command: ["sh","mqnamesrv"]
    networks:
        rmq:
          aliases:
            - rmqnamesrv
  rmqbroker:
    image: foxiswho/rocketmq:4.8.0
    container_name: rmqbroker
    restart: always
    ports:
      - 10909:10909
      - 10911:10911
    volumes:
      - /data/rocketmq/rmq/logs:/home/rocketmq/logs
      - /data/rocketmq/rmq/store:/home/rocketmq/store
      - /data/rocketmq/rmq/brokerconf/broker.conf:/etc/rocketmq/broker.conf
      - /data/rocketmq/rmq/brokerconf/plain_acl.yml:/home/rocketmq/rocketmq-4.8.0/conf/plain_acl.yml
    environment:
        JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128m"
        TZ: Asia/Shanghai
    command: ["sh","mqbroker","-c","/etc/rocketmq/broker.conf","autoCreateTopicEnable=true"]
    depends_on:
      - rmqnamesrv
    networks:
      rmq:
        aliases:
          - rmqbroker
networks:
  rmq:
    name: rmq
    driver: bridge

Redis

• 位置/data/redis
• 创建文件夹config和redis_data
• redis.conf

bind 0.0.0.0
requirepass 密码

• docker-compose.yml

version: '2'
services:
  redis:
    image: redis:6.2.4
    container_name: redis
    restart: always
    ports:
      - 6379:6379
    volumes:
      - /data/redis/config/redis.conf:/usr/local/etc/redis/redis.conf
      - /data/redis/redis_data:/data
    command: redis-server /usr/local/etc/redis/redis.conf
    environment:
      TZ: Asia/Shanghai

Emqx

• 位置/data/emqx

• 当 EMQ X 成功运行在你的本地计算机上且 EMQ X Dashboard 被默认启用时，你可以访问 http://localhost:18083 来查看你的 Dashboard，默认用户名是 admin，密码是 public

• 修改admin密码123456

• 开启Mnesia认证 插件emqx_auth_mnesia

  • 接口文档https://docs.emqx.cn/broker/v4.3/advanced/auth.html
  • 接口POST /api/v4/auth_username?username=test&password=test 添加账户密码
  • 桥接客户端账户密码mqttbridging/mqttbridging
  • 现场客户端line/line

• 插件关闭遥测 插件emqx_telemetry

• 关闭匿名登陆

  • 配置文件emqx.conf 关闭匿名登陆 allow_anonymous = false
  • 重启./bin/emqx restart

• 服务器使用方式一安装

安装方式一

• 下载wget https://www.emqx.com/zh/downloads/broker/4.3.5/emqx-centos8-4.3.5-amd64.zip
• 安装unzip emqx-centos8-4.3.5-amd64.zip
• 运行./bin/emqx start

安装方式二

• 创建目录

mkdir -p ./data/configs
mkdir -p ./data/mnesia

• 设置权限

chmod -R 777 ./data/configs
chmod -R 777 ./data/mnesia

• docker-compose.yml

version: '2'
services:
  postgresql:
    image: emqx/emqx:4.3.5
    container_name: emqx
    restart: always
    environment:
      TZ: Asia/Shanghai
    ports:
      - 1883:1883
      - 8081:8081
      - 8083:8083
      - 8084:8084
      - 8883:8883
      - 18083:18083

• 不要删除emqx的volumes

Docker私有仓库

• 位置/data/docker-registry

• htpasswd工具 yum -y install httpd

• 账户密码

  • admin
  • 密码
  • 生成脚本htpasswd -Bbn admin 密码 > auth/passwd

• 使用仓库 配置daemon.json

"insecure-registries": [
          "[ip:5000]"
        ]

• docker-compose.yml

version: '2'
services:
  registry:
    image: registry:2
    container_name: docker-registry
    volumes:
      - /data/docker-registry:/var/lib/registry
      - /data/docker-registry/auth:/auth
    environment:
      - REGISTRY_AUTH=htpasswd
      - REGISTRY_AUTH_HTPASSWD_REALM=Registry_Realm
      - REGISTRY_AUTH_HTPASSWD_PATH=/auth/passwd
    restart: always
    privileged: true
    ports:
      - "5000:5000"
    networks:
      - default
    labels:
      - traefik.http.routers.registry-ui.rule=Host(`docker.registry.域名.com`)
      - traefik.http.routers.registry-ui.tls=true
      - traefik.http.routers.registry-ui.tls.certresolver=le
  registry-ui:
    image: konradkleine/docker-registry-frontend:v2
    container_name: docker-registry-ui
    restart: always
    privileged: true
    environment:
      - ENV_DOCKER_REGISTRY_HOST=registry
      - ENV_DOCKER_REGISTRY_PORT=5000
    ports:
      - "5080:80"
    networks:
      - default
    links:
      - registry:registry
networks:
  default:
    external:
      name: traefik_default

• 推送到仓库
  • 登陆 docker login https://docker.registry.域名.com
  • 打包镜像docker build . --tag docker.registry.域名.com/组/镜像名:1.0.0
  • push docker push docker.registry.域名.com/组/镜像名:1.0.0

nacos

• 位置/data/nacos/

• 源码位置/data/nacos/git/nacos-docker-master

  • 仓库地址https://github.com/nacos-group/nacos-docker

• 启动方式cluster-ip.yaml 集群

• nacos的mysql不对外开放 3306端口不开放 只供nacos使用

• nacos的mysql不对外开放 3306端口不开放 只供nacos使用

• nacos的mysql不对外开放 3306端口不开放 只供nacos使用

• 通用

  • 账户nacos 密码密码

• docker-compose.yml

version: "2"
services:
  nacos1:
    image: nacos/nacos-server:2.0.2
    container_name: nacos1
    networks:
      nacos_net:
        ipv4_address: 172.16.238.10
    volumes:
      - /data/nacos/cluster-logs/nacos1:/home/nacos/logs
    ports:
      - "8848:8848"
      - "9848:9848"
      - "9555:9555"
    environment:
      - NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
      - MYSQL_SERVICE_HOST=mysql
      - MYSQL_SERVICE_DB_NAME=nacos
      - MYSQL_SERVICE_PORT=3306
      - MYSQL_SERVICE_USER=nacos
      - MYSQL_SERVICE_PASSWORD=密码
    restart: on-failure
    depends_on:
      - mysql

  nacos2:
    image: nacos/nacos-server:2.0.2
    container_name: nacos2
    networks:
      nacos_net:
        ipv4_address: 172.16.238.11
    volumes:
      - /data/nacos/cluster-logs/nacos2:/home/nacos/logs
    ports:
      - "8849:8848"
      - "9849:9848"
    environment:
      - NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
      - MYSQL_SERVICE_HOST=mysql
      - MYSQL_SERVICE_DB_NAME=nacos
      - MYSQL_SERVICE_PORT=3306
      - MYSQL_SERVICE_USER=nacos
      - MYSQL_SERVICE_PASSWORD=密码
    restart: always
    depends_on:
      - mysql
  nacos3:
    image: nacos/nacos-server:2.0.2
    container_name: nacos3
    networks:
      nacos_net:
        ipv4_address: 172.16.238.12
    volumes:
      - /data/nacos/cluster-logs/nacos3:/home/nacos/logs
    ports:
      - "8850:8848"
      - "9850:9848"
    environment:
      - NACOS_SERVERS=172.16.238.10:8848 172.16.238.11:8848 172.16.238.12:8848
      - MYSQL_SERVICE_HOST=mysql
      - MYSQL_SERVICE_DB_NAME=nacos
      - MYSQL_SERVICE_PORT=3306
      - MYSQL_SERVICE_USER=nacos
      - MYSQL_SERVICE_PASSWORD=密码
    restart: always
    depends_on:
      - mysql
  mysql:
    container_name: mysql
    image: nacos/nacos-mysql:5.7
    restart: always
    networks:
      nacos_net:
        ipv4_address: 172.16.238.13
    environment:
      - MYSQL_ROOT_PASSWORD=root
      - MYSQL_DATABASE=nacos
      - MYSQL_USER=nacos
      - MYSQL_PASSWORD=密码
    volumes:
      - /data/nacos/mysql:/var/lib/mysql
    ports:
      - "3306:3306"
networks:
  nacos_net:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: 172.16.238.0/24