Kubernetes

发表于2023-11-07|更新于2023-11-07|Kubernetes

|总字数:258|阅读时长:1分钟|浏览量:

主节点上操作

定义主机名字

sudo vim /etc/hosts

192.168.11.128 k8s-master
192.168.11.129 k8s-node01
192.168.11.130 k8s-node01

修改主机名

# 打印hostname
hostname
# 修改hostname,需要重新连接,才能看到变化
sduo hostnamectl set-hostname xxx

下载k8s需要的镜像

# 打印所需要的镜像
kubeadm config images list

# docker pull 上面命令的镜像
# 比如
sudo docker pull registry.k8s.io/kube-apiserver:v1.28.3
sudo docker pull registry.k8s.io/kube-controller-manager:v1.28.3
sudo docker pull registry.k8s.io/kube-scheduler:v1.28.3
sudo docker pull registry.k8s.io/kube-proxy:v1.28.3
sudo docker pull registry.k8s.io/pause:3.9
sudo docker pull registry.k8s.io/etcd:3.5.9-0
sudo docker pull registry.k8s.io/coredns/coredns:v1.10.1

创建master节点

sudo kubeadm init --apiserver-advertise-address=192.168.110.128 --pod-network-cidr=172.16.0.0/16

# 创建完之后会提示,并且执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

查看k8s状态

1
2
3

$ kubectl get node
NAME         STATUS     ROLES           AGE    VERSION
k8s-node01   NotReady   control-plane   4m9s   v1.28.2

使用网络插件

1
2
3

curl https://docs.projectcalico.org/manifests/calico.yaml -O

kubectl apply -f calico.yaml

Docker Kubernetes

相关推荐

docker安装CentosUbuntu12345678910111213141516# 卸载旧版本sudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine# 安装sudo yum install -y yum-utils device-mapper-persistent-data lvm2# 添加yum源sudo yum-config-manager --add-repo https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo# 安装yum -y install https://download.docker.com/linux/fedora/30/x86_64/stable/Packages/containerd.io-1.2.6-3.3.fc30.x86_64.rpmyum -y install docker-ce启动systemctl enable dockersystemctl start docker12# 用于系统是干净的,如果重新装,需要吧原来的docker卸载掉sudo apt install docker.io 开启远程访问1234567891011121314# 编辑vim /lib/systemd/system/docker.service# 默认是这样的ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock # 修改成ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock# 重启systemctl daemon-reloadsystemctl restart docker# 测试curl http://localhost:2375/version 查看远端仓库的标签创建一个dockertags.sh脚本 12345678910111213141516171819202122232425262728293031#!/bin/bashfunction usage() { cat << HELPdockertags -- list all tags for a Docker image on a remote registry.EXAMPLE: - list all tags for ubuntu: dockertags ubuntu - list all php tags containing apache: dockertags php apacheHELP}if [ $# -lt 1 ]; then usage exitfiimage="$1"tags=`wget -q https://registry.hub.docker.com/v1/repositories/${image}/tags -O - | sed -e 's/[][]//g' -e 's/"//g' -e 's/ //g' | tr '}' '\n' | awk -F: '{print $3}'`if [ -n "$2" ]then tags=` echo "${tags}" | grep "$2" `fiecho "${tags}" 12345# 给权限chmod +x dockertags.sh# 使用./dockertags.sh mysql WARNING: IPv4 forwarding is disabled. Networking will not work是没有开启转发,docker网桥配置完后，需要开启转发，不然容器启动后，就会没有网络修改配置文件： 12345678# vim /etc/sysctl.confnet.ipv4.ip_forward=1 #添加此行配置# 重启network和docker服务systemctl restart network && systemctl restart docker# 查看是否修改成功，如果返回为“net.ipv4.ip_forward = 1”则表示修改成功sysctl net.ipv4.ip_forward 常用命令12345# 查看镜像源,最下面能看到docker info# 查看镜像/容器/数据卷所占的空间docker system df xxx 镜像查看镜像 12# 列出本地主机上的镜像docker images REPOSITORY：表示镜像的仓库源 TAG：镜像的标签 IMAGE ID：镜像ID CREATED：镜像创建时间 SIZE：镜像大小下载镜像 12345# 查找镜像docker search ubuntu:13.10# 只是直接下载docker pull ubuntu:13.10 删除镜像 12345678# 删除指定镜像docker image rm <id># 删除名字是none的镜像docker rmi $(docker images | grep "none" | awk '{print $3}')# 删除全部镜像docker rmi -f $(docker image -qa) 容器运行容器 1docker run -p 10001:10001 -t springboot/eureka-item 1docker run -it --rm ubuntu:16.04 bash docker run 运行容器的命令 -i 以交互模式运行,通常与-t一起使用 -t 为容器重新分配一个伪输入终端,通常与-i一起使用 bash 进入交互式终端,通常使用/bin/bash -p 指定端口 -P 随机分配端口 -d 后台运行容器并返回容器Id,即启动守护式容器查看容器 12345678# 查看正在运行的容器docker ps # 查看所有容器docker ps -a# 列出所有的容器 IDdocker ps -aq 启动容器 12#启动已终止容器docker container start 05909cd09bf9 重启容器 1docker restart id 停止容器 1234567891011121314# 停止容器docker stop myredis# 强制停止容器docker kill myredis# 停止所有的容器docker stop $(docker ps -aq)# 删除所有的容器docker rm $(docker ps -aq)# 强制删除,在运行的容器也会删除docker rm -f myredis 容器日志 1docker logs xxx 进入容器12345# 不会启动新的进程,用exit退出,会导致容器的停止docker attach 5cc239848ce5# 打开新的终端,启用新的进程,用exit退出,不会导致容器的停止docker exec -it 5cc239848ce5 /bin/bash 进入容器修改时区,需要重启容器 12ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtimeecho "Asia/Shanghai" > /etc/timezone 拷贝文件12345678# 将主机/www/runoob目录拷贝到容器96f7f14e99ab的/www目录下。docker cp /www/runoob 96f7f14e99ab:/www/# 将主机/www/runoob目录拷贝到容器96f7f14e99ab中，目录重命名为wwwdocker cp /www/runoob 96f7f14e99ab:/www# 将容器96f7f14e99ab的/www目录拷贝到主机的/tmp目录中docker cp 96f7f14e99ab:/www /tmp/ 导出/入容器第一种方式: 1234567# 如果要导出本地某个容器，可以使用 docker export 命令。docker export 1e560fca3906 > ubuntu.tar# docker import 从容器快照文件中再导入为镜像，# 以下实例将快照文件 ubuntu.tar 导入到镜像 test/ubuntu:v1:# 格式: cat 文件名 | docker import - xxx(镜像用户,自定义)/xxx(镜像名,自定义):xxx(版本号自定义)cat docker/ubuntu.tar | docker import - test/ubuntu:v1 第二种方式: 12345# 镜像转文件docker save -o demo.tar(自定义) 镜像名:版本号# 文件转镜像docker load -i demo.tar Commit1docker commit -a "runoob.com" -m "my apache" a404c6c174a2 mymysql:v1 过时:容器不能上网1234vim /etc/sysctl.conf增加：net.ipv4.ip_forward=1重启服务：systemctl restart network查看属性是否修改成功：sysctl net.ipv4.ip_forward 过时:停止和查看容器12345#查看所有的容器(已经存在的容器,已经停止的)docker container ls -a#停止容器docker container stop 05909cd09bf9 过时:Jenkins容器脚本12345678910111213APP_NAME=springboot/lottery-adminecho "当前容器列表"docker ps -a | grep $APP_NAMEecho "star service success!"count = ’docker ps -a |grep $APP_NAME |wc -l‘if [$count -ge 1];thendocker stop $APP_NAMEdocker rm $APP_NAMEfi 123456789101112131415161718192021appName="simons-cloud-eureka"word="1"echo "$word"word=`docker ps -a -q --no-trunc --filter name=^/"$appName"$`echo "$word"if [ -z "$word" ];thenecho "当前不存在该容器，直接进行启动该操作-------------------------------------"elif [ -n "$word" ];thenecho "当前已存在容器，停止并移除该容器-------------------------------------"/usr/bin/docker stop "$word"/usr/bin/docker rm "$word"elif [ "$word" == "1" ];thenecho "查询的信息有误，执行默认操作-------------------------------------"/usr/bin/docker stop "$word"/usr/bin/docker rm "$word"fidocker run -p 8761:8761 -d --name "$appName" "$appName":latest 挂载目录1234567891011121314151617181920docker run -it --privileged=true -v /tmp/host_data:/tmp/docker_data --name=u1 ubuntu# --privileged=true 用来扩容权限用的,最好是加上# -v 宿主目录:容器目录,运行容器的时候,会自动创建目录# 查看挂载情况"Mounts": [ { "Type": "bind", "Source": "/tmp/host_data", "Destination": "/tmp/docker_data", "Mode": "", "RW": true, "Propagation": "rprivate" }]# 继承挂载# 再启动一个容器,起名叫u2,u2的挂载目录,跟u1的一样,就继承u1的挂载目录# 特点是,就算u1停了,也不会影响这个docker run -it --privileged=true --volumes-fron u1 --name=u2 ubuntu DcokerfileExpose暴露端口 1234567891011121314151617# GET_IMAGEFROM 192.168.0.216:5000/centos # MAINTAINER_INFOMAINTAINER hongxue [email protected] RUN yum -y install vimRUN yum -y install net-toolsRUN yum -y install openssh-serverRUN yum -y install wget curl # PORTEXPOSE 8080EXPOSE 22EXPOSE 8009EXPOSE 8005EXPOSE 8443 1docker run -d -it -P --name port_list_container port_list 要使用-P ,绑定的宿主端口,会是随机的所以Dockerfile的EXPOSE的主要功能,也只是给运维人员看看的网络123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869# 查看Docker网络,默认的3大网络模式root@anthony:~# docker network lsNETWORK ID NAME DRIVER SCOPEa4154cc357c5 bridge bridge local6625ad672ae9 host host local497caf91f24e none null local# 创建一个网络docker network create xxxx# 删除一个网络docker network rm xxxx# 查看网络docker network inspect xxx root@anthony:~# docker network inspect bridge[ { "Name": "bridge", "Id": "a4154cc357c50d0ac961d8235101d8e199119d5677b911ca84ff49962039a53a", "Created": "2023-10-27T00:40:28.869797225Z", "Scope": "local", "Driver": "bridge", "EnableIPv6": false, "IPAM": { "Driver": "default", "Options": null, "Config": [ { "Subnet": "172.17.0.0/16", "Gateway": "172.17.0.1" } ] }, "Internal": false, "Attachable": false, "Ingress": false, "ConfigFrom": { "Network": "" }, "ConfigOnly": false, "Containers": { "a59c6dd9d8bbdbc4f760389bd85af69786e632e6bd1d346c542d6886f572872b": { "Name": "u1", "EndpointID": "e54ed02028a063b38390abac5306cba4f97ff40135b0cfab2370c950f5ae11dc", "MacAddress": "02:42:ac:11:00:02", "IPv4Address": "172.17.0.2/16", "IPv6Address": "" }, "b5615376be36a2b28485a93fa62d10d9886c53c9f59c5fbcd00de78b0184d6b7": { "Name": "tomcat", "EndpointID": "23688ac53c0f16a8abd20bbe4e64539266645019ce95501253577cf57fc71b7a", "MacAddress": "02:42:ac:11:00:03", "IPv4Address": "172.17.0.3/16", "IPv6Address": "" } }, "Options": { "com.docker.network.bridge.default_bridge": "true", "com.docker.network.bridge.enable_icc": "true", "com.docker.network.bridge.enable_ip_masquerade": "true", "com.docker.network.bridge.host_binding_ipv4": "0.0.0.0", # 网桥名字 "com.docker.network.bridge.name": "docker0", "com.docker.network.driver.mtu": "1500" }, "Labels": {} }] docker-composeDocker Compose 安装1234567891011# 可以修改版本 curl -L "https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose# 给权限sudo chmod +x /usr/local/bin/docker-compose# 超链接sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose# 验证docker-compose --version 命令12345# 启动docker-compose up# 后台启动docker-compose up -d 部署到私有仓库12345678910111213141516171819202122232425//位置gedit /etc/default/docker//添加的命令DOCKER_OPTS="–insecure-registry 172.20.100.211:5000"//重启service docker restart//打tagdocker tag springboot/eureka-item 172.20.100.211:5000/anthonyfirst//推送docker push 172.20.100.211:5000/anthonyfirst//获取私有仓库里的信息curl -XGET http://172.20.100.211:5000/v2/_catalog#客户端配置私有仓库修改/etc/sysconfig/docker（Ubuntu下配置文件地址为：/etc/init/docker.conf），增加启动选项(已有参数的在后面追加)，之后重启docker，不添加报错，https证书问题。OPTIONS='--insecure-registry 172.20.100.211:5000' #CentOS 7系统#重启服务systemctl daemon-reloadsystemctl restart docker 报错信息1.缺少FontConfiguration知道是因为alpine中缺少FontConfiguration，那么就考虑安装ttf-dejavu这个软件。 123456789101112131415161718192021222324252627282930313233java.lang.NullPointerException at sun.awt.FontConfiguration.getVersion(FontConfiguration.java:1264) at sun.awt.FontConfiguration.readFontConfigFile(FontConfiguration.java:219) at sun.awt.FontConfiguration.init(FontConfiguration.java:107) at sun.awt.X11FontManager.createFontConfiguration(X11FontManager.java:774) at sun.font.SunFontManager$2.run(SunFontManager.java:431) at java.security.AccessController.doPrivileged(Native Method) at sun.font.SunFontManager.<init>(SunFontManager.java:376) at sun.awt.FcFontManager.<init>(FcFontManager.java:35) at sun.awt.X11FontManager.<init>(X11FontManager.java:57) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at java.lang.Class.newInstance(Class.java:442) at sun.font.FontManagerFactory$1.run(FontManagerFactory.java:83) at java.security.AccessController.doPrivileged(Native Method) at sun.font.FontManagerFactory.getInstance(FontManagerFactory.java:74) at java.awt.Font.getFont2D(Font.java:491) at java.awt.Font.access$000(Font.java:224) at java.awt.Font$FontAccessImpl.getFont2D(Font.java:228) at sun.font.FontUtilities.getFont2D(FontUtilities.java:180) at sun.font.StandardGlyphVector.initFontData(StandardGlyphVector.java:1126) at sun.font.StandardGlyphVector.init(StandardGlyphVector.java:1115) at sun.font.StandardGlyphVector.<init>(StandardGlyphVector.java:167) at java.awt.Font.createGlyphVector(Font.java:2545) at nl.captcha.text.renderer.DefaultWordRenderer.render(Unknown Source) at nl.captcha.Captcha$Builder.addText(Unknown Source) at com.liferay.portal.captcha.simplecaptcha.SimpleCaptchaImpl.getSimpleCaptcha(SimpleCaptchaImpl.java:243) at com.liferay.portal.captcha.simplecaptcha.SimpleCaptchaImpl.serveImage(SimpleCaptchaImpl.java:159) at com.liferay.portal.captcha.CaptchaImpl.serveImage(CaptchaImpl.java:100) at com.liferay.portal.kernel.captcha.CaptchaUtil.serveImage(CaptchaUtil.java:78) at com.liferay.portal.captcha.CaptchaPortletAction.serveResource(CaptchaPortletAction.java:42) 原本的dockerfile 1234FROM openjdk:8-jdk-alpineVOLUME /tmpADD agent-0.0.1-SNAPSHOT.jar app.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"] 要改成下面这样RUN apk --update add fontconfig ttf-dejavu 12345FROM openjdk:8-jdk-alpineVOLUME /tmpADD agent-0.0.1-SNAPSHOT.jar app.jarRUN apk --update add fontconfig ttf-dejavuENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/app.jar"] 2.WARNING: HK2 service reification failed for…12345678910111213141516java.lang.NoClassDefFoundError: javax/activation/DataSource at java.base/java.lang.Class.getDeclaredConstructors0(Native Method) at java.base/java.lang.Class.privateGetDeclaredConstructors(Class.java:3110) at java.base/java.lang.Class.getDeclaredConstructors(Class.java:2314) at org.jvnet.hk2.internal.Utilities$3.run(Utilities.java:1310) at org.jvnet.hk2.internal.Utilities$3.run(Utilities.java:1306) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.jvnet.hk2.internal.Utilities.getAllConstructors(Utilities.java:1306) at org.jvnet.hk2.internal.Utilities.findProducerConstructor(Utilities.java:1249) at org.jvnet.hk2.internal.DefaultClassAnalyzer.getConstructor(DefaultClassAnalyzer.java:83) at org.glassfish.jersey.internal.inject.JerseyClassAnalyzer.getConstructor(JerseyClassAnalyzer.java:144) at org.jvnet.hk2.internal.Utilities.getConstructor(Utilities.java:178) at org.jvnet.hk2.internal.ClazzCreator.initialize(ClazzCreator.java:128) at org.jvnet.hk2.internal.ClazzCreator.initialize(ClazzCreator.java:179) at org.jvnet.hk2.internal.SystemDescriptor.internalReify(SystemDescriptor.java:723) at org.jvnet.hk2.internal.SystemDescriptor.reify(SystemDescriptor.java:678) 在pom.xml里添加 123456789101112<plugin> <groupId>com.spotify</groupId> <artifactId>dockerfile-maven-plugin</artifactId> // ...... <dependencies> <dependency> <groupId>javax.activation</groupId> <artifactId>activation</artifactId> <version>1.1.1</version> </dependency> </dependencies></plugin> 3.不能链接daemon服务没有启动,运行docker,会报这个错 1docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?. 需要启动docker service 1service docker start 安装软件安装Jenkins12345678910111213141516docker run -d \ -u root \ -v /var/run/docker.sock:/var/run/docker.sock \ -v $(which docker):/usr/bin/docker \ -p 8080:8080 \ -p 50000:50000 \ -v /home/jenkins:/var/jenkins_home \ --restart=always \ --name jenkins \ jenkins/jenkins:lts # 查看密码# 容器里的位置cat /var/jenkins_home/secrets/initialAdminPassword# 宿主机的位置cat /root/jenkins/secrets/initialAdminPassword 4.安装插件完之后,安装maven插件,在主机上下载maven,上传到容器中 1234docker cp maven-3.6.0 jenkins:/usr/local/// 上传本机的配置文件docker cp settings.xml jenkins:/home/ 5.进入容器 12345// 普通用户的权限docker exec -it jenkins bash// sudo的用户权限docker exec -it -u 0 jenkins bash 6.从本机拷贝到容器,是不需要用到权限的,但是在容器内,比如从/home下的文件移动到/root 就需要权限,就需要使用 -u 0 在Docker容器的Jenkins,构建SpringBoot 的jar包再执行Shell运行的时候,连接数据库可能有坑,数据库会连不上安装ElasticSearch12345678910111213docker run -d --name es -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:6.3.2docker exec -it es /bin/bashcd configvi elasticsearch.yml# 加入跨域配置http.cors.enabled: truehttp.cors.allow-origin: "*"docker restart es 安装Portainer12345678910111213# 创建数据卷docker volume create portainer_data# 9000才是web访问的端口docker run -d \ -p 8000:8000 \ -p 9000:9000 \ -p 9443:9443 \ --name portainer \ --restart=always \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /docker/portainer:/data \ portainer/portainer-ce:2.21.1 1234567891011121314151617server { listen 80; server_name yourdomain.com; location / { proxy_pass http://localhost:9000; # 将请求转发到 Portainer 后端 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket 支持 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; }} 添加docker nodehttps://blog.csdn.net/bj_chengrong/article/details/90300972 安装Redis123456789101112131415# 简单的执行docker run -itd \ --name redis \ --restart=always \ -p 6379:6379 \ redis# 持久化执行docker run -d \ --name redis \ -p 6379:6379 \ -v /docker/redis/config/redis.conf:/usr/local/etc/redis/redis.conf \ -v /docker/redis/data:/data \ --restart=always \ redis redis-server /usr/local/etc/redis/redis.conf 新建redis.conf,位置在:/docker/redis/config/redis.conf 1234567891011#启用 RDB 快照持久化save 900 1save 300 10save 60 10000#启用 AOF 持久化appendonly yesappendfsync everysec#设置持久化目录dir /data 安装Mysql1234567891011# 正式配置# 在对应目录先创建my.cnf文件, 不然系统会自动创建my.cnf文件夹....# 本地对应的目录文件夹会自动创建docker run -itd \ --name mysql \ -p 3306:3306 \ -e MYSQL_ROOT_PASSWORD=123456 \ -v /Users/anthony/docker/mysql/config/my.cnf:/etc/mysql/conf.d/my.cnf \ -v /Users/anthony/docker/mysql/data:/var/lib/mysql \ --restart=always \ mysql 最简单的my.cnf配置文件 1234567[mysqld]# 时区default-time-zone=+08:00# 字符集character-set-server=utf8mb4# 创建函数/存过的时候,会报安全问题,不用存过/函数,不用管log_bin_trust_function_creators=1; 容器文档:Mysql 安装 Nginx123456789101112131415# 简单的docker run --name nginx-test \ -p 8080:80 \ -d \ nginx# 正式的docker run -d \ -p 443:443 \ -p 80:80 \ --name nginx \ -v /home/nginx/www:/usr/share/nginx/html \ -v /home/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \ -v /home/nginx/logs:/var/log/nginx \ nginx nginx.conf模板 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576# 用户 nginx 使用的工作进程user nginx;# 允许的工作进程数，自动检测 CPU 核心数worker_processes auto;# 错误日志路径和日志级别error_log /var/log/nginx/error.log warn;# PID 文件路径pid /var/run/nginx.pid;events { # 单个工作进程允许的最大连接数 worker_connections 1024;}http { include /etc/nginx/mime.types; default_type application/octet-stream; # 日志格式配置 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; # 访问日志路径 access_log /var/log/nginx/access.log main; # 启用 Gzip 压缩 gzip on; gzip_disable "msie6"; # 启用发送文件优化 sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/conf.d/*.conf; # 默认服务器配置 server { listen 80 default_server; server_name localhost; # 站点根目录 root /usr/share/nginx/html; # 主页文件 index index.html index.htm; # 处理静态文件请求 location / { try_files $uri $uri/ =404; } # 配置反向代理 # 如果你需要反向代理到一个后端服务，可以启用以下代码： # location /api/ { # proxy_pass http://backend_service; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto $scheme; # } # 错误页面 error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }} 安装nexus 3123456789101112131415# 创建数据文件夹mkdir /docker/nexus3/nexus-data# 如果有权限问题chmod 777 /docker/nexus3/nexus-datadocker run -d \ -p 8081:8081 \ --name nexus \ -v /docker/nexus3/nexus-data:/nexus-data \ --restart=always \ sonatype/nexus3# 查看密码cat /docker/nexus3/nexus-data/admin.password 安装Elastic Search12345678docker run -itd \ -p 9200:9200 \ -p 9300:9300 \ -e "discovery.type=single-node" \ -v /home/anthony/es/config:/usr/share/elasticsearch/config/ \ --name elasticsearch \ --restart=always \ docker.elastic.co/elasticsearch/elasticsearch:7.7.0 安装Zookeeper1docker run -d -p 2181:2181 --name some-zookeeper --restart=always zookeeper 安装可视化软件 mac安装的使用要查看下说明文档,会出现安装包损坏的情况安装Grafana12# admin / admindocker run -d -p 3000:3000 --name=grafana grafana/grafana 安装WordPressdocker-compose安装WordPress 安装禅道12345678910111213141516# 内置数据库docker run -d -v <你的宿主机目录>/data:/data -p 80:80 -e MYSQL_INTERNAL=true hub.zentao.net/app/zentao # 外接数据库,web页面的安装向导,点击确定之后要等一会docker run -itd \ -v /docker/zentao/data:/data \ -p 8001:80 \ -e MYSQL_INTERNAL=false \ -e ZT_MYSQL_HOST=172.17.0.3 \ -e ZT_MYSQL_PORT=3306 \ -e ZT_MYSQL_USER=root \ -e ZT_MYSQL_PASSWORD=Qwer1234. \ -e ZT_MYSQL_DB=zentao \ --restart=always \ --name zentao \ hub.zentao.net/app/zentao 禅道官方文档安装Nacosmac docker 安装nacos 12345docker run -d \ -p 8848:8848 \ --env MODE=standalone \ --name nacos \ zhusaidong/nacos-server-m1:2.0.3 访问地址：http://localhost:8848/nacos/ 账号/密码：nacos/nacos Nacos官方文档

下载离线安装包 12345# 解压tzr -zxvf harbo.xxxxx.tgz# cp 下模板文件cp ./harbor.yml.tmpl ./harbor.yml 修改配置文件1sudo vim harbor.yml 123456789101112131415161718192021222324252627282930313233343536373839# 有域名就弄域名,这里是在内网就用的iphostname: 10.0.2.4# http related confighttp: # port for http, default is 80. If https enabled, this port will redirect to https port port: 80# 内网不需要https,https和证书就注释了# https related config#https: # https port for harbor, default is 443 # port: 443 # The path of cert and key files for nginx # certificate: /your/certificate/path # private_key: /your/private/key/path# Uncomment external_url if you want to enable external proxy# And when it enabled the hostname will no longer used# external_url: https://reg.mydomain.com:8433# The initial password of Harbor admin# It only works in first time to install harbor# Remember Change the admin password from UI after launching Harbor.harbor_admin_password: 123456# Harbor DB configurationdatabase: # The password for the root user of Harbor DB. Change this before any production use. password: root123 # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained. max_idle_conns: 50 # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections. # Note: the default number of connections is 100 for postgres. max_open_conns: 100# The default data volume# 这里要配置好目录data_volume: /home/yunxian/harbor/data 运行12345# 每次修改完配置文件后都需要运行./prepare# 运行./install.sh 访问访问:http://10.0.2.4/ 账号密码:admin / 123456 解决客户端的https问题1234[root@client ~]# docker login 10.19.46.15Username: adminPassword: Error response from daemon: Get https://10.19.46.15/v2/: dial tcp 10.19.46.15:443: connect: connection refused 这是因为docker1.3.2版本开始默认docker registry使用的是https，我们设置Harbor默认http方式，所以当执行用docker login、pull、push等命令操作非https的docker regsitry的时就会报错。解决办法 vim docker-compose.yml 编辑客户端 1234567891011vim /etc/docker/daemon.json{ "insecure-registries": [ "10.19.46.15(harbor的IP)" ]}# 重启dockersystemctl daemon-reloadsystemctl restart docker 再次登录 1234567[root@client ~]# docker login 10.19.46.15 Username: adminPassword: WARNING! Your password will be stored unencrypted in /root/.docker/config.json.Configure a credential helper to remove this warning. Seehttps://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded 技巧pull 的命令推送和打tag的命令

评论