软件安装与快速配置
-- git迁移
git clone --bare git://oldgithub.com/username/oldproject.git
cd oldproject.git
git push --mirror git@newgithub.com/username/newproject.git
-- shell
https://www.cnblogs.com/jokerbj/p/9139875.html
-- limit
ulimit -HSn 65535 cat /etc/security/limits.conf * soft nofile 65535 * hard nofile 65535
-- python3
cd /usr/local/src
rm -f python-3.6.4.tgz
wget http://172.17.43.140/download/python3/python-3.6.4.tgz
yum install -y openssl-devel bzip2-devel expat-devel gdbm-devel readline-devel sqlite-devel lib-devel ncurses-devel tk-devel gcc make
tar -xf python-3.6.4.tgz
cd Python-3.6.4
./configure --prefix=/usr/local/python3 && make && make install
echo "export PYTHON_HOME=/usr/local/python3/bin" >> /etc/profile
echo "export PATH=\$PATH:\$PYTHON_HOME" >> /etc/profile
export PYTHON_HOME=/usr/local/python3/bin
export PATH=$PATH:$PYTHON_HOME
yum install -y epel-release
yum list python3
yum install -y python3 python3-devel
-- nginx
yum install -y wget gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel
cd /usr/local/src
rm -f nginx-1.14.2.tar.gz
wget http://172.17.43.140/download/nginx/nginx-1.14.2.tar.gz
tar -zxvf nginx-1.14.2.tar.gz
cd nginx-1.14.2
./configure --prefix=/usr/local/nginx
make && make install
echo "export PATH=\$PATH:/usr/local/nginx/sbin/" >> /etc/profile
export PATH=$PATH:/usr/local/nginx/sbin/
cat > /usr/lib/systemd/system/nginx.service << EOF
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecStop=/bin/kill -s QUIT $MAINPID
Restart=on-failure
RestartSec=1s
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable nginx.service
systemctl start nginx.service
简要优化
user nginx;
worker_processes 4;
worker_cpu_affinity auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_rlimit_nofile 20480; # work文件句柄对进程级别限制
events { # 事件驱动器
use epoll;
worker_connections 10240; # 限制每个work进程多少连接
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
#Charset
charset utf-8; # 字符集
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$request_uri"';
access_log /var/log/nginx/access.log main;
#access_log off; # 最好到server级别去设置
#Core modlue
sendfile on;
#tcp_nopush on; # 静态
#tcp_nodelay on; # 动态,依赖keepalive_timeout打开
keepalive_timeout 65;
#Gzip module
gzip on;
gzip_disable "MSIE [1-6]\."; # 对ie6以下不做压缩,
gzip_http_version 1.1;
#Virtal Server
include /etc/nginx/conf.d/*.conf;
}
location
= 进行普通字符精确匹配,也就是完全匹配 优先级高
^~ 表示普通字符匹配,使用前缀匹配 优先级中
~\~* 表示执行一个正则匹配()*代表不区分大小写 优先级低
^ 表示开头 太低了
同等匹配模式,匹配的越多优先级越高
location = /code1/ {
rewrite ^(.*)$ /up_code1/index.html break;
}
location ^~ /code {
rewrite ^(.*)$ /up_code2/index.html break;
}
location ~ /code.* {
rewrite ^(.*)$ /up_code3/index.html break;
}
location ^/code1/ {
rewrite ^(.*)$ /up_code1/index.html break;
}
如果需要挂维护页面的话,只要保留一个location,因为这个默认的location优先级最低
location / {
return 200;
}
反向代理
返回字符串
location / {
default_type application/json;
return 200 '{"status":"success","result":"nginx json"}';
}
负载+HTTPS+PROXY
upstream harbor {
server 127.0.0.1:180;
}
server {
listen 443;
server_name joker.fish-test.com;
access_log /var/log/nginx/access.log;
ssl on;
ssl_certificate ssl_key/server.crt;
ssl_certificate_key ssl_key/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
client_max_body_size 1000m;
location / {
proxy_pass http://harbor;
include proxy_params;
}
}
server {
listen 80;
server_name joker.fish-test.com;
rewrite ^(.*)$ https://$server_name$1 permanent;
}
proxy_params 文件内容
proxy_redirect default;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Custom nidaye;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffer_size 32k;
proxy_buffering on;
proxy_buffers 4 128k;
proxy_busy_buffers_size 256k;
proxy_max_temp_file_size 256k;
--gzip
location ~ .*\.(jpg|gif|png)$ {
# gzip对图片压缩并不是很高效
gzip on;
gzip_http_version 1.1; # 压缩版本,主流1.1
gzip_comp_level 2; # 压缩等级,默认是1,图片一般2
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
root /opt/app/code/images;
}
location ~ .*\.(txt|xml)$ {
# gzip对文字压缩很高效
gzip on;
gzip_http_version 1.1;
gzip_comp_level 1;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
root /opt/app/code/doc;
}
--offlog
location = /slb/index.html {
if ($request_method = HEAD) {
access_log off;
}
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
-- mysql
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm rpm -ivh mysql-community-release-el7-5.noarch.rpm 安装完成之后,会在 /etc/yum.repos.d/ 目录下新增 mysql-community.repo 、mysql-community-source.repo 两个 yum 源文件 执行 yum repolist all | grep mysql 命令查看可用的 mysql 安装文件 yum install mysql-server systemctl start mysqld.service systemctl enable mysqld.service yum install -y gcc gcc-c++ make tar openssl openssl-devel cmake ncurses ncurses-devel useradd -s /sbin/nologin mysql cd /usr/local/src rm -f mysql-5.6.39.tar.gz wget http://172.17.43.140/download/mysql/mysql-5.6.39.tar.gz tar -zxvf mysql-5.6.39.tar.gz cd mysql-5.6.39 cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EXTRA_CHARSETS:STRING=all -DWITH_DEBUG=0 -DWITH_SSL=yes -DWITH_READLINE=1 -DENABLED_LOCAL_INFILE=1 make && make install cp -rf support-files/mysql.server /etc/init.d/mysqld chmod a+x /etc/init.d/mysqld echo "export PATH=\$PATH:/usr/local/mysql/bin/" >> /etc/profile export PATH=$PATH:/usr/local/mysql/bin/ cat > /etc/my.cnf << EOF [mysqld] bind-address=0.0.0.0 port=3306 datadir=/data/mysql user=mysql skip-name-resolve long_query_time=2 slow_query_log_file=/data/mysql/mysql-slow.log expire_logs_days=2 innodb-file-per-table=1 innodb_flush_log_at_trx_commit = 2 log_warnings = 1 max_allowed_packet = 512M connect_timeout = 60 net_read_timeout = 120 [mysqld_safe] log-error=/data/mysql/mysqld.log pid-file=/data/mysql/mysqld.pid EOF mkdir -pv /data/mysql chown -R mysql:mysql /usr/local/mysql /data/mysql/ yum install -y perl-Module-Install /usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --user=mysql --datadir=/data/mysql/ cat > /usr/lib/systemd/system/mysqld.service << EOF [Unit] Description=mysqld After=network.target [Service] Type=forking ExecStart=/etc/init.d/mysqld start ExecStop=/etc/init.d/mysqld stop Restart=on-failure RestartSec=1s [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl enable mysqld.service systemctl start mysqld.service
--5.7
#!/bin/bash # Install boost wget https://nchc.dl.sourceforge.net/project/boost/boost/1.59.0/boost_1_59_0.tar.gz -P /usr/local/src tar -zxf /usr/local/src/boost_1_59_0.tar.gz -C /usr/local/boost # Install mysql5.7 yum install -y gcc gcc-c++ make tar openssl openssl-devel cmake ncurses ncurses-devel useradd -s /sbin/nologin mysql cd /usr/local/src wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.27.tar.gz tar -zxvf mysql-5.7.27.tar.gz cd mysql-5.7.27 cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EXTRA_CHARSETS:STRING=all -DWITH_DEBUG=0 -DWITH_SSL=yes -DWITH_READLINE=1 -DENABLED_LOCAL_INFILE=1 -DWITH_BOOST=/usr/local/boost/boost_1_59_0 make && make install cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld chmod a+x /etc/init.d/mysqld export PATH=$PATH:/usr/local/mysql/bin/ echo "export PATH=$PATH:/usr/local/mysql/bin/" >> /etc/profile # 通过cat >> > 追加还是清空追加 cat > /etc/my.cnf << EOF [mysqld] bind-address=0.0.0.0 port=3306 datadir=/data/mysql user=mysql skip-name-resolve long_query_time=2 slow_query_log_file=/data/mysql/mysql-slow.log expire_logs_days=2 innodb-file-per-table=1 innodb_flush_log_at_trx_commit = 2 log_warnings = 1 max_allowed_packet = 512M connect_timeout = 60 net_read_timeout = 120 [mysqld_safe] log-error=/data/mysql/mysqld.log pid-file=/data/mysql/mysqld.pid EOF mkdir -pv /data/mysql chown -R mysql:mysql /usr/local/mysql /data/mysql/ yum install -y perl-Module-Install /usr/local/mysql/bin/mysqld --initialize-insecure --basedir=/usr/local/mysql --user=mysql --datadir=/data/mysql/ cat > /usr/lib/systemd/system/mysqld.service << EOF [Unit] Description=mysqld After=network.target [Service] Type=forking ExecStart=/etc/init.d/mysqld start [Install] WantedBy=multi-user.target EOF
-- Mysql操作
初始设置密码
mysqladmin -uroot password 123456
mysqladmin -uroot -p123456 password 123
授权
GRANT ALL PRIVILEGES ON db.* TO 'user'@'127.0.0.1' IDENTIFIED BY 'password';
flush privileges;
删除用户
delete from mysql.user where user='user';
跳过密码
[mysqld]
skip-grant-tables
修改用户密码
update user set password=password('123456') where user='root' and host='localhost';
flush privileges;
-- php
yum -y install epel-release gcc gcc-c++ make pcre pcre-devel zlib zlib-devel openssl openssl-devel libxml2 libxml2-devel libcurl libcurl-devel libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel openldap openldap-devel libmcrypt libmcrypt-devel cd /usr/local/src/ rm -f php-5.6.40.tar.gz wget http://172.17.43.140/download/php/php-5.6.40.tar.gz tar -zxf php-5.6.40.tar.gz cd php-5.6.40 ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --enable-ctype --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --disable-rpath --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --with-curl --enable-mbregex --enable-mbstring --with-mcrypt --with-gd --enable-gd-native-ttf --with-openssl --with-mhash --enable-pcntl --enable-sockets --with-ldap-sasl --with-xmlrpc --enable-zip --enable-soap --with-gettext --enable-fpm --with-pdo_mysql make && make install cp -rf php.ini-production /usr/local/php/etc/php.ini cp -rf /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf echo "export PATH=\$PATH:/usr/local/php/sbin/:/usr/local/php/bin/" >> /etc/profile export PATH=$PATH:/usr/local/php/sbin/:/usr/local/php/bin/ cat > /usr/lib/systemd/system/php-fpm.service << EOF [Unit] Description=php-fpm After=network.target [Service] Type=forking ExecStart=/usr/local/php/sbin/php-fpm -c /usr/local/php/etc/php.ini -y /usr/local/php/etc/php-fpm.conf ExecStop=/bin/kill -s QUIT $MAINPID Restart=on-failure RestartSec=1s [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl enable php-fpm.service systemctl start php-fpm.service
-- test_mysql.php
[root@Poppy blog]# cat test_mysql.php
<?php
$link_id=mysql_connect('localhost','root','123456') or mysql_error();
if($link_id){
echo "mysql successful by root";
}else{
echo mysql_error();
}
// 这是单行注释
/* 这是多行注释 */
?>
客户端访问
[root@joker ~]# curl blog.joker.com/test_mysql.php
mysql successful by root
php7.3
yum install -y lrzsz gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel zlib-devel bash-completion automake libxml2 libxml2-devel libxslt libxslt-devel yum install -y libxml2-devel curl-devel openssl-devel cd /usr/local/src wget http://mirrors.sohu.com/php/php-7.3.9.tar.gz tar -zxf php-7.3.9.tar.gz cd php-7.3.9 ./configure --prefix=/usr/local/php73 --enable-fpm --with-config-file-path=/usr/local/php73/etc --with-config-file-scan-dir=/usr/local/php73/etc/php.d --with-openssl --with-pear --enable-pcntl --with-curl --with-pdo-mysql --enable-mbstring --with-zlib --enable-sockets --enable-bcmath make && make install cp php.ini-production /usr/local/php73/etc/php.ini /usr/local/php73/bin/php -r "copy('https://install.phpcomposer.com/installer', 'composer-setup.php');" php composer-setup.php yum install autoconf /usr/local/php73/bin/pecl install redis /usr/local/php73/bin/pecl install swoole export PHP=/usr/local/php73/bin export PATH=$PATH:$PHP echo "export PHP=/usr/local/php73/bin" >> /etc/profile echo "export PATH=\$PATH:\$PHP" >> /etc/profile
-- jdk
yum search java | grep jdk yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel cd /usr/local/src rm -f jdk-8u201-linux-x64.tar.gz wget http://172.17.43.140/download/jdk/jdk-8u201-linux-x64.tar.gz tar -zxf jdk-8u201-linux-x64.tar.gz cp -rf jdk1.8.0_201 /usr/local/jdk echo "export JAVA_HOME=/usr/local/jdk/" >> /etc/profile echo "export PATH=\$PATH:\$JAVA_HOME/bin" >> /etc/profile export JAVA_HOME=/usr/local/jdk/ export PATH=$PATH:$JAVA_HOME/bin
-- redis
yum install -y wget net-tools gcc gcc-c++ make tar openssl openssl-devel cmake cd /usr/local/src rm -f redis-4.0.9.tar.gz wget http://172.17.43.140/download/redis/redis-4.0.9.tar.gz tar -zxf redis-4.0.9.tar.gz cd redis-4.0.9 make mkdir -pv /usr/local/redis/conf /usr/local/redis/bin cp -rf src/redis* /usr/local/redis/bin/ cp -rf redis.conf /usr/local/redis/conf sed -i 's/^daemonize.*$/daemonize yes/g' /usr/local/redis/conf/redis.conf echo "export REDIS_HOME=/usr/local/redis/" >> /etc/profile echo "export PATH=\$PATH:\$REDIS_HOME/bin" >> /etc/profile export REDIS_HOME=/usr/local/redis/ export PATH=$PATH:$REDIS_HOME/bin cat > /usr/lib/systemd/system/redis.service << EOF [Unit] Description=redis After=network.target [Service] Type=forking ExecStart=/usr/local/redis/bin/redis-server /usr/local/redis/conf/redis.conf ExecStop=/usr/local/redis/bin/redis-cli shutdown Restart=on-failure RestartSec=1s [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl enable redis.service systemctl start redis.service
redis.conf
网络绑定,默认即可,可以远程连接 # bind 127.0.0.1 ::1 数据存储,指定文件名 # The filename where to dump the DB dbfilename dump.rdb 数据存储,指定文件目录 # The working directory. # The DB will be written inside this directory, with the filename specified # above using the 'dbfilename' configuration directive. # The Append Only File will also be created inside this directory. # Note that you must specify a directory here, not a file name dir /data/redis/ 日志文件,daemonize是没有日志输出的,到/dev/null # Specify the log file name. Also the empty string can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null logfile "/data/log/redis/redis.log" 守护进程 # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. daemonize yes 验证密码 requirepass xxxx 端口更改 # Accept connections on the specified port, default is 6379 (IANA #815344). # If port 0 is specified Redis will not listen on a TCP socket. port 6379
-- logrotate
依赖 /etc/anacrontab,要是运行其他脚本,需要在此文件中添加环境变量
ls -lh /etc/logrotate.d/
/var/log/nginx/*log {
create 0644 nginx nginx # 创建新的日志文件
su root root # 切用户执行
daily # 每天
rotate 20 # 保留份数
missingok # 日志丢失,不报错继续滚动下一个日志
notifempty # 当日志文件为空时,不进行轮转
compress # gzip压缩
dateext # 切割后的日志文件以当前日期为格式结尾
sharedscripts # 运行postrotate脚本,作用是在所有日志都轮转后统一执行一次脚本。如果没有配置这个,那么每个日志轮转后都会执行一次脚本
postrotate # 在logrotate转储之后需要执行的指令
/bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
endscript # 命令结束
}
logrotate -v -f /etc/logrotate.d/nginx
tail -f /var/lib/logrotate/logrotate.status
-- systemd
在/usr/lib/systemd/system目录添加一个配置文件zabbix_agentd.service [Unit] #描述 Description=zabbix_agent #表示服务信息 [Service] Type=forking #注意:需要和conf配置文件中的信息一致 PIDFile=/tmp/zabbix_agentd.pid #启动服务的命令 ExecStart=/usr/local/zabbix/sbin/zabbix_agentd -c /usr/local/zabbix/etc/zabbix_agentd.conf #重新加载命令 ExecReload=/bin/kill -s HUP $MAINPID #停止服务的命令 ExecStop=/bin/kill -s QUIT $MAINPID #意外的失败,就将重启 Restart=on-failure #重启服务之前,需要等待的秒数 RestartSec=1s #安装相关信息 [Install] #multi-user.target表明当系统以多用户方式启动时,这个服务需要被自动运行 WantedBy=multi-user.target #重载配置 systemctl daemon-reload 启动命令 systemctl start zabbix_agentd.service systemctl stop zabbix_agentd.service systemctl restart zabbix_agentd.service 开机启动 systemctl enable zabbix_agentd.service systemctl disable zabbix_agentd.service systemctl list-unit-files|grep zabbix
------------------------------->>>
DCOKER ORDER
------- 运行容器 docker run -d -it --name joker1centos --mount source=my-vol2,target=/data centos:7.6.1810 /bin/bash -it -t 让Docker分配一个伪终端(pseudo-tty)并绑定到容器的标准输入上, -i 则让容器的标准输入保持打开。即为交互模式。 当利用docker run来创建容器时,Docker在后台运行的标准操作包括: ------- 查看日志 docker logs id HOLD日志 docker logs -f id ------- 创建数据卷 docker volume create my-vol docker volume ls docker volume inspect my-vol 挂载数据卷 docker run -d -P --name web3 --mount type=volume,source=my-vol,target=/opt/webapp training/webapp python app.py docker run -d -p --name web3 -v my-vol:/opt/webapp:ro training/webapp python app.py 挂载目录 docker run -d -P --name web4 --mount type=bind,source=/data,target=/opt/webapp,readonly training/webapp python app.py docker run -d -p --name web4 -v /data:/opt/webapp:ro training/webapp python app.py
DOCKER REGISTRY
私有仓库
docker pull registry
docker run -d -p 5000:5000 -v /data/registry:/var/lib/registry --name local --restart=always registry
docker tag centos:7.6.1810 127.0.0.1:5000/centos:1.0.1
docker push 127.0.0.1:5000/centos:1.0.1
curl 127.0.0.1:5000/v2/_catalog
{"repositories":["centos"]}
docker tag registry 127.0.0.1:5000/registry:1.0.1
docker push 127.0.0.1:5000/registry:1.0.1
curl 127.0.0.1:5000/v2/_catalog
{"repositories":["centos","registry"]}
docker image ls
127.0.0.1/centos 1.0.1 f1cb7c7d58b7 3 months ago 202MB
127.0.0.1:5000/registry 1.0.1 f32a97de94e1 4 months ago 25.8MB
另一台
curl 192.168.27.129:5000/v2/_catalog
{"repositories":["centos","registry"]}
PULL错误
docker pull 192.168.27.129:5000/centos
Using default tag: latest
Error response from daemon: Get https://192.168.27.129:5000/v2/: http: server gave HTTP response to HTTPS client
国内加速
支持HTTPS
[root@localhost ~]# cat /etc/docker/daemon.json
{
"registry-mirrors":[
"https://registry.docker-cn.com"
],
"insecure-registries": [
"192.168.27.129:5000"
]
}
重载启动
systemctl daemon-reload
systemctl restart docker
重新PULL
docker pull 192.168.27.129:5000/centos:1.0.1
docker pull 192.168.27.129:5000/registry:1.0.1
推送
docker tag nginx:v1 192.168.27.129:5000/nginx:1.0.1
docker push 192.168.27.129:5000/nginx:1.0.1
curl 192.168.27.129:5000/v2/_catalog
{"repositories":["centos","nginx","registry"]}
镜像查看
docker image ls
192.168.27.129:5000/centos 1.0.1 f1cb7c7d58b7 3 months ago 202MB
192.168.27.129:5000/registry 1.0.1 f32a97de94e1 4 months ago 25.8MB
DOCKERFILE基本用法
[root@localhost docker]# cat file1 # This docker file # VERSION 1 # Author: joker # Base images FROM centos:7.6.1810 # Maintainer MAINTAINER joker.li xxx@qq.com # Commands RUN yum install -y nginx # Copy COPY ["",""] # Add ADD ["",""] # Cmd Shell CMD ["sh","-c","echo $HOME"] # Entrypoint ENTRYPOINT ["","",""] # Volume VOLUME /data # Expose EXPOSE 80 # Workdir WORKDIR /data # User RUN groupadd -r redis && useradd -r -g redis redis USER redis RUN [ "redis-server" ] # Env ENV NODE_VERSION=7.2.0 JAVA_VERSION=1.8 # Healthcheck HEALTHCHECK --interval=30s --timeout=30s --retries=3 \ CMD curl -fs http://localhost/ || exit 1
HEALTHCHECK
[root@localhost docker]# cat healthcheck # This docker file # VERSION 1 # Author: joker # Base images FROM nginx # Maintainer MAINTAINER joker.li xxx@qq.com # Commands RUN apt-get update && apt-get install -y curl && rm -fr /var/lib/apt/lists/* HEALTHCHECK --interval=3s --timeout=3s --retries=3 CMD curl -fs http://localhost/ || exit 1
REDIS
[root@localhost docker]# cat redis
# This docker file
# VERSION 1
# Author: joker
# Base images
FROM centos:7.6.1810
# Maintainer
MAINTAINER joker.li xxx@qq.com
# Commands
RUN buildDeps='gcc libc6-dev make wget' \
&& yum install -y $buildDeps \
&& wget -O redis.tar.gz "http://download-ops.tuji.com/download/redis/redis-4.0.9.tar.gz" \
&& mkdir -p /usr/local/src \
&& tar -zxf redis.tar.gz -C /usr/local/src \
&& make -C /usr/local/src/redis-4.0.9 \
&& make -C /usr/local/src/redis-4.0.9 install \
&& mkdir -pv /usr/local/redis/conf /usr/local/redis/bin \
&& cp /usr/local/src/redis-4.0.9/src/redis* /usr/local/redis/bin/ \
&& cp /usr/local/src/redis-4.0.9/redis.conf /usr/local/redis/conf \
&& rm -f redis.tar.gz \
&& rm -fr /usr/local/src/redis-4.0.9 \
&& yum remove -y $buildDeps
EXPOSE 6379
CMD ["/usr/local/redis/bin/redis-server","usr/local/redis/conf/redis.conf"]
ZABBIX
[root@localhost docker]# cat zabbix
# This docker file
# VERSION 1
# Author: joker
# Base images
FROM centos:7.6.1810
# Maintainer
MAINTAINER joker.li xxx@qq.com
# Workdir
WORKDIR /usr/local/src
# Commands
RUN groupadd -r zabbix && useradd -r -g zabbix zabbix
RUN buildDeps='gcc gcc-c++ make pcre-devel wget' \
&& yum install -y $buildDeps \
&& wget "http://download-ops.tuji.com/download/zabbix/zabbix-4.0.3.tar.gz" \
&& tar -zxf zabbix-4.0.3.tar.gz
# Change Workdir
WORKDIR /usr/local/src/zabbix-4.0.3
RUN ./configure --prefix=/usr/local/zabbix --enable-agent \
&& make \
&& make install
RUN chown zabbix:zabbix -R /usr/local/zabbix/
# User
USER zabbix
# Change Workdir
WORKDIR /usr/local/zabbix
# Volume
VOLUME ["/usr/local/zabbix"]
# Port
EXPOSE 10050 10051
# Cmd
CMD ["/usr/local/zabbix/sbin/zabbix_agentd","-c","/usr/local/zabbix/etc/zabbix_agentd.conf","-f"]
NGINX
# This docker file
# VERSION 1
# Author: joker
# Base images
FROM centos:7.6.1810
# Maintainer
MAINTAINER joker.li xxx@qq.com
# Commands
RUN rpm -ivh https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm \
&& yum install -y nginx \
&& echo "daemon off;" >> /etc/nginx/nginx.conf
# Add
ADD index.html /usr/share/nginx/html/index.html
# Expose
EXPOSE 80
# Cmd
CMD ["nginx"]
https://docs.docker.com/compose/overview/
https://hub.docker.com/search?q=&type=image
EXAMPLE
[root@localhost compose]# cat docker-compose.yml.bak version: '3' services: test11: image: busybox:latest entrypoint: - top container_name: test1 networks: - backend test12: image: busybox:latest entrypoint: - top container_name: test2 networks: - backend networks: backend:
WORDPRESS
[root@localhost compose]# cat docker-compose.yml version: '3' services: db: image: mysql:5.7 volumes: - db_data:/var/lib/mysql ports: - "3306:3306" restart: always environment: MYSQL_ROOT_PASSWORD: somewordpress MYSQL_DATABASE: wordpress MYSQL_USER: wordpress MYSQL_PASSWORD: wordpress wordpress: depends_on: - db image: wordpress:latest ports: - "8000:80" restart: always environment: WORDPRESS_DB_HOST: db:3306 WORDPRESS_DB_USER: wordpress WORDPRESS_DB_PASSWORD: wordpress volumes: db_data:
内存排行
ps -aux|head -n 1;ps -aux|grep -v "PID"|sort -nr -k +4|head -n 1
