一、关闭firewall,永久关闭,使用iptables防火墙
1 2 3 4 5 | systemctl stop firewalld.service #停止firewallsystemctl disable firewalld.service #禁止firewall开机启动firewall-cmd --state #查看默认防火墙状态(关闭后显示notrunning,开启后显示running)yum install iptables-services -y # 安装防火墙<br>systemctl restart iptables.service # 重启防火墙 |
二、安装docker
1 2 3 | 要求centos7版本<br>yum install docker -y 安装docker -v 查看版本 Docker version 1.12.6, build 3e8e77d/1.12.6<br>systemctl start docker 启动docker<br>ps -ef|grep docker 查看是否有docker进程<br>systemctl enable docker 设置docker开机自启动 |
三、下载打包好镜像文件
1)本地镜像制作过程
[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES da67831689e3 docker.io/nginx "/bin/bash" 17 seconds ago Up 16 seconds 0.0.0.0:80->80/tcp cocky_aryabhata [root@localhost ~]# [root@localhost ~]# docker commit da67831689e3 test sha256:783e5f357a7fec72303b88fd4a6a97268ea3481fc2433331a23a59e4552ff1ed [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE test latest 783e5f357a7f 6 seconds ago 109 MB docker.io/nginx latest 7042885a156a 12 days ago 109 MB [root@localhost ~]# [root@localhost ~]# docker save test > new_nginx.tar [root@localhost ~]# ls anaconda-ks.cfg new_nginx.tar [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE test latest 783e5f357a7f 6 minutes ago 109 MB docker.io/nginx latest 7042885a156a 12 days ago 109 MB [root@localhost ~]# cat new_nginx.tar |docker import - new-nginx sha256:8e1deabb4ca699ac12196e09b2bd3742f6dc6eb2f5df5f64ee4487634d7ddf41 [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE new-nginx latest 8e1deabb4ca6 3 seconds ago 113 MB test latest 783e5f357a7f 7 minutes ago 109 MB docker.io/nginx latest 7042885a156a 12 days ago 109 MB
1)上传打包好的镜像文件
1 2 3 4 5 6 7 8 9 10 | [root@Squid ~]# docker images 查看本地镜像REPOSITORY TAG IMAGE ID CREATED SIZE# 上传打包好的镜像包lamp-zabbix.tar[root@Squid ~]# ll lamp-zabbix.tar -rw-r--r--. 1 root root 1323229696 2月 10 14:27 lamp-zabbix.tar[root@Squid ~]# cat lamp-zabbix.tar |docker import - lamp-zabbix:v1 sha256:8c4e625c0b2806330b8e974283dfaf7987305c428bb63152c3532f38bf0f728d[root@Squid ~]# docker images # 有文件说明导入docker成功REPOSITORY TAG IMAGE ID CREATED SIZElamp-zabbix v1 8c4e625c0b28 About a minute ago 1.302 GB |
四、运行lamp-zabbix容器
1 2 3 4 | [root@Squid ~]# docker run --name zabbix_server -t -i -p 88:80 8c4e625c0b28 /bin/bash# 将容器的web 80端口映射到容器外部80端口上[root@7d17cdcaf9bd /]# /etc/init.d/httpd start[root@7d17cdcaf9bd /]# /etc/init.d/mysqld start[root@7d17cdcaf9bd /]# /etc/init.d/zabbix_server start[root@7d17cdcaf9bd /]# exit 退出容器[root@Squid ~]# vi /etc/sysconfig/iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 88 -j ACCEPT[root@Squid ~]# docker start zabbix_server |
五、慎用的操作的恢复
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | [root@7d17cdcaf9bd /]# exit 退出容器,即停止容器。容器的业务都将停止[root@Squid ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES[root@Squid ~]# docker start 7d17cdcaf9bd 再次进入容器iptables: No chain/target/match by that name. 报错[root@Squid ~]# docker start 7d17cdcaf9bd # 重启docker7d17cdcaf9bd[root@Squid ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7d17cdcaf9bd 8c4e625c0b28 "/bin/bash" 27 minutes ago Up 10 seconds 0.0.0.0:88->80/tcp zabbix_server# 容器已经启动[root@Squid ~]# docker exec -ti 7d17cdcaf9bd /bin/bash[root@7d17cdcaf9bd /]# netstat -lntup Active Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name |
六、对于zabbix超级用户密码的修改
1)知道密码的情况下进行修改
2)忘记密码的情况下进行修改
登录数据库修改
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | # mysql -uroot -p #登陆数据库 mysql> show databases;mysql> use zabbix;mysql> show tables;| triggers || users || users_groups || usrgrp || valuemaps |+----------------------------+127 rows in set (0.00 sec)=====》users表就是存放用户密码的表,而ID为1就是超级管理员的账号密码mysql> select * from users; # 查看表里的字段,admin对应的ID是1 mysql> select userid,passwd from users; +--------+----------------------------------+| userid | passwd |+--------+----------------------------------+| 1 | a9eead793bcab362333108a451447758 || 2 | d41d8cd98f00b204e9800998ecf8427e |+--------+----------------------------------+2 rows in set (0.00 sec)=====》密码是经过md5加密的重新开个终端,生成一个MD5加密的密码,这里密码设置的是RedHat[root@localhost ~]# echo -n redhat|openssl md5 #-n就表示不输入回车符,不加-n,否则就不是这个结果了。 (stdin)= e2798af12a7a0f4f70b4d69efbc25f4d接着上面的为admin用户设定一个密码mysql> update users set passwd='e2798af12a7a0f4f70b4d69efbc25f4d' where userid = '1'; #或者直接使用update users set passwd=md5("redhat") where userid='1'; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> flush privileges; mysql> quit |
七、docker启动错误
1 2 3 4 5 6 | [root@Squid ~]# docker start c6c3b185f2ceError response from daemon: devmapper: Error mounting '/dev/mapper/docker-253:0-35197283-f75fa419830cf84b0dbc1d1d06e9bc67de6fc41789b5abd3ef221c291222f47a' on '/var/lib/docker/devicemapper/mnt/f75fa419830cf84b0dbc1d1d06e9bc67de6fc41789b5abd3ef221c291222f47a'. fstype=xfs options=nouuid,context="system_u:object_r:svirt_sandbox_file_t:s0:c34,c941": invalid argument<6>[ 111.172763] IPv6: ADDRCONF(NETDEV_UP): docker0: link is not ready<4>[ 130.630581] sched: RT throttling activated<4>[ 238.455112] XFS (dm-3): unknown mount option [context="system_u:object_r:svirt_sandbox_file_t:s0:c34].Error: failed to start containers: c6c3b185f2ce |
修复方法主要有两种:
- 可以将selinux重新置为enable,然后重启物理机,即可修复。
- 修改容器的配置。比如我的容器的配置是
/var.lib/docker/containers/e7ef71494940ba293be4b3f74198bf34835c35537810053b051d9a6c33adbd32/config.v2.json文件。将其中的"MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c12,c257", "ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c12,c257"重修修改为"MountLabel": "", "ProcessLabel": "",然后重新启动docker daemon,容器即可修复。
【推荐】还在用 ECharts 开发大屏?试试这款永久免费的开源 BI 工具!
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 后端思维之高并发处理方案
· 理解Rust引用及其生命周期标识(下)
· 从二进制到误差:逐行拆解C语言浮点运算中的4008175468544之谜
· .NET制作智能桌面机器人:结合BotSharp智能体框架开发语音交互
· 软件产品开发中常见的10个问题及处理方法
· 后端思维之高并发处理方案
· 千万级大表的优化技巧
· 在 VS Code 中,一键安装 MCP Server!
· 想让你多爱自己一些的开源计时器
· 10年+ .NET Coder 心语 ── 继承的思维:从思维模式到架构设计的深度解析