大型软件使用docker要注意的问题

只有一个:数据持久化!数据持久化!数据持久化!!!

必须熟悉软件的所有的配置文件在哪里,数据文件保存在哪里,通过挂载方式(目录或者卷)挂载到宿主机。

elasticsearch安装ik插件

./bin/elasticsearch-plugin install https://github.com/medcl/elasticsearch-analysis-ik/releases/download/v6.3.0/elasticsearch-analysis-ik-6.3.0.zip

替换版本号即可

redis部署

docker-compose.yml

version: '2.2'
services:
        redis:
                image: redis:5
                ports:
                        - 6379:6379
                container_name: redis
                restart: always
                mem_limit: 1024m
                volumes:
                        - $PWD/conf/redis.conf:/usr/local/etc/redis/redis.conf
                        - /etc/localtime:/etc/localtime:ro
                        - redis:/data
                restart: always
                command:
                        - /bin/bash
                        - -c
                        - | 
                                redis-server /usr/local/etc/redis/redis.conf
volumes:
        redis:
                external: true

redis.conf

最核心的配置

bind 0.0.0.0
requirepass xxxx ##给出复杂密码

单实例NACOS

version: "2"
services:
  nacos:
    image: nacos/nacos-server:2.0.3
    restart: always
    container_name: nacos-standalone-mysql
    env_file:
      - ./nacos-standlone-mysql.env
    volumes:
      - ./standalone-logs/:/home/nacos/logs
      - ./init.d/custom.properties:/home/nacos/init.d/custom.properties
    ports:
      - "8848:8848"
      - "9848:9848"
      - "9555:9555"
    depends_on:
      - mysql
    restart: always
  mysql:
    container_name: mysql
    image: nacos/nacos-mysql:8.0.16
    restart: always
    env_file:
      - ./mysql.env
    volumes:
      - ./mysql:/var/lib/mysql
    ports:
      - "3306:3306"

nacos-standlone-mysql.env

PREFER_HOST_MODE=hostname
MODE=standalone
SPRING_DATASOURCE_PLATFORM=mysql
MYSQL_SERVICE_HOST=mysql
MYSQL_SERVICE_DB_NAME=nacos
MYSQL_SERVICE_PORT=3306
MYSQL_SERVICE_USER=nacos
MYSQL_SERVICE_PASSWORD=nacos
MYSQL_SERVICE_DB_PARAM=characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=false

custom.properties

#spring.security.enabled=false
#management.security=false
#security.basic.enabled=false
#nacos.security.ignore.urls=/**
#management.metrics.export.elastic.host=http://localhost:9200
# metrics for prometheus
management.endpoints.web.exposure.include=*

# metrics for elastic search
#management.metrics.export.elastic.enabled=false
#management.metrics.export.elastic.host=http://localhost:9200

# metrics for influx
#management.metrics.export.influx.enabled=false
#management.metrics.export.influx.db=springboot
#management.metrics.export.influx.uri=http://localhost:8086
#management.metrics.export.influx.auto-create-db=true
#management.metrics.export.influx.consistency=one
#management.metrics.export.influx.compressed=true

mysql.env

MYSQL_ROOT_PASSWORD=root
MYSQL_DATABASE=nacos
MYSQL_USER=nacos
MYSQL_PASSWORD=nacos

单实例kafka

version: "2"

services:
  zookeeper:
    image: docker.io/bitnami/zookeeper:3.7
    container_name: zookeeper
    mem_limit: 2048m
    restart: always
    ports:
      - "2181:2181"
    volumes:
      - "zookeeper_data:/bitnami"
    environment:
      - ALLOW_ANONYMOUS_LOGIN=yes
  kafka:
    image: docker.io/bitnami/kafka:3
    container_name: kafka
    mem_limit: 4096m
    restart: always
    ports:
      - "9092:9092"
    volumes:
      - "kafka_data:/bitnami"
    environment:
      - KAFKA_CFG_ZOOKEEPER_CONNECT=zookeeper:2181
      - ALLOW_PLAINTEXT_LISTENER=yes
      - KAFKA_LISTENERS=PLAINTEXT://0.0.0.0:9092
      - KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://127.0.0.1:9092
      - LOG.RETENTION.HOURS=168
    depends_on:
      - zookeeper
volumes:
  zookeeper_data:
    driver: local
  kafka_data:
    driver: local

安装jenkins并使用nginx反向代理https

jenkins的docker-compose.yml

version: '2.2'
services:
        jenkins:
                image: jenkinsci/blueocean
                container_name: jenkins
                mem_limit: 2048m
                extra_hosts:
                        - "git服务器:内网地址"
                restart: always
                networks:
                        gitlab:
                environment:
                        - TZ=Asia/Shanghai
                volumes:
                        - /etc/localtime:/etc/localtime:ro
                        - jenkins:/var/jenkins_home
networks:
        gitlab:
                external: true
volumes:
        jenkins:
                external: true

nginx的default.conf

server {
    listen       80;
    listen  [::]:80;
    server_name xxx;

    location / {
        return 301 https://$host$request_uri;
    }

  
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}

server {
    listen 443 ssl http2;
    server_name xxx;
    ssl_certificate certs/xxx.pem;
    ssl_certificate_key certs/xxx.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;  #使用此加密套件。
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;   #使用该协议进行配置。
    ssl_prefer_server_ciphers on;


    location / {
        proxy_pass http://jenkins:8080; ## nginx的docker-compose.yml和jenkins放在一个网络
        aio threads;
        proxy_set_header  Host $host;
        proxy_set_header  X-Real-IP $remote_addr;
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect off;
        proxy_connect_timeout  600;
        proxy_read_timeout 600;
        proxy_send_timeout 600;
        proxy_buffers    8 512k;
        proxy_buffer_size 512k;
        client_max_body_size  2048M;
        client_body_buffer_size 256K;
    }
}

zsh和oh_my_zsh的安装

apt install zsh
chsh -s /bin/zsh
git clone git://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh
cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc
查看当前PATH参数:echo $PATH
vim ~/.zshrc
添加:
export PATH=上面得到的PATH参数值:$HOME/bin:$PWD/bin:$PATH
themes个人喜好ys
plugis用git docker ansible docker-compose ubuntu python kubectl istioctl

采用gitee源安装

sh -c "$(wget https://gitee.com/Devkings/oh_my_zsh_install/raw/master/install.sh -O -)"

sh -c "$(curl -fsSL https://gitee.com/Devkings/oh_my_zsh_install/raw/master/install.sh)"