Docker 第2页

1. 创建 docker.service.d 目录

mkdir -p /etc/systemd/system/docker.service.d

2. 创建HTTP 或者HTTPS 代理文件

# HTTP：
vim /etc/systemd/system/docker.service.d/http-proxy.conf

[Service]
Environment="HTTP_PROXY=xxx.xxx.xxx.xxx:443" "NO_PROXY=localhost,127.0.0.1,xxx.xxxxxx:5000"

# HTTPS：
vim /etc/systemd/system/docker.service.d/http-proxy.conf

[Service]
Environment="HTTPS_PROXY=xxx.xxx.xxx.xxx:443" "NO_PROXY=localhost,127.0.0.1,xxx.xxxxxx:5000"

3、完成修改后保存/刷新

systemctl daemon-reload
systemctl restart docker

4、查看修改结果

systemctl show --property=Environment docker

Environment=HTTPS_PROXY=xxx.xxx.xxx.xxx:443 NO_PROXY=localhost,127.0.0.1,mydocker-registry.com:5000

今天遇见了Jenkins报错无法启动，查看了rancher没有任何报错只是一直重启，所以手动启动了一个镜像

docker run -d -p 8002:8080 -v /data/docker/data/jenkins/jenkins_home:/var/jenkins_home --name jenkins-bak --restart=always jenkins:2.46.2

发现以下报错

org.xmlpull.v1.XmlPullParserException: only 1.0 is supported as <?xml version not '1.1' (position: START_DOCUMENT seen <?xml version=\'1.1\'... @1:19) 
	at org.xmlpull.mxp1.MXParser.parseXmlDeclWithVersion(MXParser.java:2608)
	at org.xmlpull.mxp1.MXParser.parseXmlDecl(MXParser.java:2592)
	at org.xmlpull.mxp1.MXParser.parsePI(MXParser.java:2466)
	at org.xmlpull.mxp1.MXParser.parseProlog(MXParser.java:1447)
	at org.xmlpull.mxp1.MXParser.nextImpl(MXParser.java:1395)
	at org.xmlpull.mxp1.MXParser.next(MXParser.java:1093)
	at com.thoughtworks.xstream.io.xml.XppReader.pullNextEvent(XppReader.java:109)
Caused: com.thoughtworks.xstream.io.StreamException:  : only 1.0 is supported as <?xml version not '1.1' (position: START_DOCUMENT seen <?xml version=\'1.1\'... @1:19) 
	at com.thoughtworks.xstream.io.xml.XppReader.pullNextEvent(XppReader.java:124)
	at com.thoughtworks.xstream.io.xml.AbstractPullReader.readRealEvent(AbstractPullReader.java:148)
	at com.thoughtworks.xstream.io.xml.AbstractPullReader.readEvent(AbstractPullReader.java:141)
	at com.thoughtworks.xstream.io.xml.AbstractPullReader.move(AbstractPullReader.java:118)
	at com.thoughtworks.xstream.io.xml.AbstractPullReader.moveDown(AbstractPullReader.java:103)
	at com.thoughtworks.xstream.io.xml.XppReader.<init>(XppReader.java:63)
	at com.thoughtworks.xstream.io.xml.AbstractXppDriver.createReader(AbstractXppDriver.java:54)
	at com.thoughtworks.xstream.io.xml.AbstractXppDriver.createReader(AbstractXppDriver.java:65)
	at hudson.XmlFile.unmarshal(XmlFile.java:159)
Caused: java.io.IOException: Unable to read /var/jenkins_home/config.xml
	at hudson.XmlFile.unmarshal(XmlFile.java:161)
	at jenkins.model.Jenkins.loadConfig(Jenkins.java:3048)
	at jenkins.model.Jenkins.access$1200(Jenkins.java:307)
	at jenkins.model.Jenkins$16.run(Jenkins.java:3066)
	at org.jvnet.hudson.reactor.TaskGraphBuilder$TaskImpl.run(TaskGraphBuilder.java:169)
	at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:282)
	at jenkins.model.Jenkins$7.runTask(Jenkins.java:1089)
	at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:210)
	at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
Caused: org.jvnet.hudson.reactor.ReactorException
	at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:269)
	at jenkins.InitReactorRunner.run(InitReactorRunner.java:47)
	at jenkins.model.Jenkins.executeReactor(Jenkins.java:1113)
	at jenkins.model.Jenkins.<init>(Jenkins.java:929)
	at hudson.model.Hudson.<init>(Hudson.java:86)
	at hudson.model.Hudson.<init>(Hudson.java:82)
	at hudson.WebAppMain$3.run(WebAppMain.java:231)
Caused: hudson.util.HudsonFailedToLoad
	at hudson.WebAppMain$3.run(WebAppMain.java:248)

根据第一行，报错得出，是协议问题，修改了config.xml

<?xml version='1.1' encoding='UTF-8'?>
#改为
<?xml version='1.0' encoding='UTF-8'?>

然后重启Docker镜像

docker restart jenkins-bak

问题解决，还没搞清楚为什么文件头会从1.1协议变成了1.0~

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock:
#将jenkins用户加入docker组
#重启Jenkins服务
sudo gpasswd -a jenkins docker
sudo service jenkins restart

1、ingress限制了上传大小：

#修改每个项目负载均衡YAML添加
nginx.ingress.kubernetes.io/proxy-body-size: 50m
#也可以点击编辑(Edit)→标签注释(Labels & Annotations)→注释（Annotations）
nginx.ingress.kubernetes.io/proxy-body-size = 50m

2、清理rancher

df -h|grep kubelet |awk -F % '{print $2}'|xargs umount 
rm /var/lib/kubelet/* -rf
rm /etc/kubernetes/* -rf
rm /var/lib/rancher/* -rf
rm /var/lib/etcd/* -rf
rm /var/lib/cni/* -rf
iptables -F && iptables -t nat –F
ip link del flannel.1
docker ps -a|awk '{print $1}'|xargs docker rm -f
docker volume ls|awk '{print $2}'|xargs docker volume rm

Docker安装

docker pull gogs/gogs
docker run -d --name=FoolTiger-Gogs -p 10022:22 -p 10080:3000 -v /data/docker/gogs:/data

打开http://192.168.50.1:10080

根据配置配置Gogs然后确定启动，这里切记，最好配置一下管理账号

如果想修改配置可以到/data/docker/gogs/conf/app.ini修改

Yum安装

sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#如果国内报错试试
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#sudo yum-config-manager --enable docker-ce-edge
#sudo yum-config-manager --disable docker-ce-edge
#查看可使用的版本
yum list docker-ce --showduplicates | sort -r
#安装指定版本
sudo yum install docker-ce-<VERSION STRING>
#安装最新版本
sudo yum install docker-ce
#启动docker
sudo systemctl start docker
sudo systemctl enable docker
#Hello World
sudo docker run hello-world

下载安装

#下载地址：https://download.docker.com/linux/centos/7/x86_64/stable/Packages/
sudo yum install xxxxx.rpm
sudo systemctl start docker
sudo docker run hello-world

由于默认的上传大小太小，所以需要自己修改上传大小，有两种方法：

1、通过YAML文件修改：

找到需要配置的负载均衡添加

nginx.ingress.kubernetes.io/proxy-body-size: 10240m

2、通过图形化界面修改

这里还可以配置很多参数，详情请参考：

https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md

1、安装Docker

[Centos7]安装Docker

2、安装mysql

mkdir -p /home/mysql/conf /home/mysql/data /home/mysql/logs

mkdir -p conf data logs

# mysql 8.0
sudo docker run --name mysql8 --restart=always -p 3306:3306 -p 33060:33060 -e MYSQL_ROOT_PASSWORD=admin2009 -v /data/mysql/conf:/etc/mysql/mysql.conf.d -v /data/mysql/data:/var/lib/mysql -v /data/mysql/logs:/var/log/mysql/ -d mysql:8.0

# bash

#!/usr/bin/env bash
Data_File="/data/disk/mysql/"
Passwd="admin2021"
docker run --name mysql8 \
           --restart=always \
           -p 3306:3306 \
           -p 33060:33060 \
           -e MYSQL_ROOT_PASSWORD=${Passwd} \
           -v ${Data_File}conf:/etc/mysql/mysql.conf.d \
           -v ${Data_File}data:/var/lib/mysql \
           -v ${Data_File}logs:/var/log/mysql \
           -d mysql:8.0.27


8.0安装完成后会遇见Authentication plugin 'caching_sha2_password' cannot be loaded的错误
进入容器
docker exec -it mysql bash
mysql -uroot -p
ALTER USER 'root' IDENTIFIED WITH mysql_native_password BY 'password';

# mysql 5.6
sudo docker run --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=admin2009 -v /data/mysql/conf:/etc/mysql/mysql.conf.d -v /data/mysql/data:/var/lib/mysql -v /data/mysql/logs:/var/log/mysql/ -d mysql:5.6

docker run --name mysql57 -p 3306:3306 -e MYSQL_ROOT_PASSWORD=password -v /home/mysql57/conf:/etc/mysql/mysql.conf.d -v /home/mysql57/data:/var/lib/mysql -v /home/mysql57/logs:/var/log/mysql/ -d mysql:5.7

chown polkitd:ssh_keys logs/

3、安装好MySQL后，日常在机器上要用所以需要一个客户端

rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
yum install -y mysql-community-client

docker-compose安装

version: "3"

services:
    mysql:
      restart: always
      image: mysql:5.7
      container_name: mysql57
      volumes:
        - /data/disk/mysql/conf:/etc/mysql/mysql.conf.d
        - /data/disk/mysql/data:/var/lib/mysql
        - /data/disk/mysql/logs:/var/log/mysql
        - /data/disk/mysql/my.cnf:/etc/my.cnf
        - /data/disk/mysql/source:/docker-entrypoint-initdb.d
      environment:
        MYSQL_ROOT_PASSWORD: windows2008
        TZ: Asia/Shanghai
      ports:
        - 3306:3306

# my.cnf
[mysqld]
user=mysql
default-storage-engine=INNODB
character-set-server=utf8
character-set-client-handshake=FALSE
collation-server=utf8_unicode_ci
init_connect='SET NAMES utf8'
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8

1、Redis

#创建容器
#!/usr/bin/env bash
Data_File="/data/disk/redis/"
Password="Win@2008"
docker run --name redis-server \
           --restart=always \
           -p 6379:6379 \
           -v ${Data_File}:/data \
           -d redis:latest \
           redis-server --appendonly yes \
           --requirepass "${Password}"
#查看
docker exec -it redis-server redis-cli -h 127.0.0.1 -p 6379 -a 'password'

2、Mysql5.7

#创建容器
#!/usr/bin/env bash
Data_File="/data/docker/mysql/"
Password="admin888"
Name="mysql57"
Version="5.7"
docker run --name ${Name} \
           -p 3306:3306 \
           --restart always \
           -e MYSQL_ROOT_PASSWORD=${Password} \
           -v ${Data_File}conf:/etc/mysql/mysql.conf.d \
           -v ${Data_File}data:/var/lib/mysql \
           -v ${Data_File}logs:/var/log/mysql \
           -d mysql:${Version}

#查看
docker exec -it 3d88adc562cc mysql -uroot -p
#导入数据
docker exec -i 3d88adc562cc mysql -uaaaa -p aaaa <aaaa.sql
#安装MySQL Client
#ubuntu
apt install mysql-client
#Centos
rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
yum install -y mysql-community-client

[Centos]用Docker安装mysql

3、Memcached

#创建容器
docker run --name memcached --restart always -p 11211:11211 -d memcached

4、Rancher测试环境

#创建容器
docker run --restart=unless-stopped -d -p 80:80 -p 443:443 -v /data/docker/data/rancher-cp:/var/lib/rancher --name rancher-cp rancher/rancher:v2.1.0

5、PPT文件转换

#创建容器
docker run -d -p 80:3000 --name docker pull bbhsky/pdf-converter

#使用方法
curl --form file=@myfile.docx http://localhost/unoconv/pdf > myfile.pdf

#写入变量启动
SERVER_PORT=3000               #端口
PAYLOAD_MAX_SIZE=104857600     #文件大小 100M
TIMEOUT_SERVER=120000          #转码超时时间
TIMEOUT_SOCKET=140000          #上传文件超时

docker run --env-file=docker.env -d -p 80:3000 --name docker pull bbhsky/pdf-converter

6、Nexus3仓库管理

docker run –d --name=Nexus3 --restart=always -p 8081:8081 -p 8088:8088 –v /home/rancher/nexus-data:/nexus-data sonatype/nexus:3

7、PHPMyAdmin

docker run --name panel-phpmyadmin -d --link mysql:db -p 8080:80 phpmyadmin/phpmyadmin

8、PostgreSQL：

docker run -d \
    --name some-postgres \
    -p 5432:5432\
    -e POSTGRES_PASSWORD=windows2008 \
    -e PGDATA=/var/lib/postgresql/data/pgdata \
    -v /data/postgresql:/var/lib/postgresql/data \
    postgres

9、安装Jenkins

Docker启动Jenkins

Docker启动gitlab

11、安装浏览器

#!/usr/bin/env bash
docker run -d \
    --name chrome-novnc \
    --restart=always \
    -p 5900:5900 \
    -p 8083:8083 \
    oldiy/chrome-novnc:latest

#给VNC加密码
docker exec -it chrome-novnc bash
#设置密码
x11vnc -storepasswd
#按两次y
apt update
apt install vim -y
vim /etc/supervisor/conf.d/supervisord.conf
#如下图所示位置添加
-rfbauth /root/.vnc/passwd

12、安装emby

#!/usr/bin/env bash
Data_File="/data/disk/emby"
Docker_images_name="emby"
Images_version="emby/embyserver:4.7.12.0"
docker pull ${Images_version}
docker rm -f ${Docker_images_name}
docker run -d --name ${Docker_images_name} \
           --restart always \
           -v ${Data_File}/config:/config \
           -v ${Data_File}/video:/video \
           --device=/dev/dri:/dev/dri \
           --add-host=api.themoviedb.org:52.84.18.87 \
           --add-host=image.tmdb.org:84.17.46.53 \
           --add-host=www.themoviedb.org:52.84.125.129 \
           --network host \
           ${Images_version}

13、安装nas-tools

#!/usr/bin/env bash
Data_File="/data/disk/nas-tools"
Docker_images_name="nas-tools"
Images_version="nastool/nas-tools:latest"
docker pull ${Images_version}
docker rm -f ${Docker_images_name}
docker run -d --name ${Docker_images_name} \
    --hostname ${Docker_images_name} \
    --restart always \
    -p 3000:3000 \
    -v ${Data_File}/config:/config \
    -v ${Data_File}/media:/media \
    -e PUID=0 \
    -e PGID=0 \
    -e UMASK=000 \
    -e NASTOOL_AUTO_UPDATE=false \
    -e NASTOOL_CN_UPDATE=false \
    ${Images_version}

14、安装portainer汉化版

#!/usr/bin/env bash
Data_File="/data/disk/portainer"
Docker_images_name="portainer-zh"
Images_version="6053537/portainer-ce:latest"
docker pull ${Images_version}
docker rm -f ${Docker_images_name}
docker run -d --name ${Docker_images_name} \
        --restart=always \
        -p 9000:9000 \
        -v /var/run/docker.sock:/var/run/docker.sock \
        -v ${Data_File}/data:/data \
        ${Images_version}

15、安装qbittorrent

#!/usr/bin/env bash
Data_File="/data/disk/qbittorrent"
Docker_images_name="qbittorrent"
Images_version="linuxserver/qbittorrent:latest"
docker pull ${Images_version}
docker rm -f ${Docker_images_name}
docker run -d --name ${Docker_images_name} \
        --restart=always \
        -v ${Data_File}/config:/config \
        -v ${Data_File}/downloads:/downloads \
        --network host \
        ${Images_version}

#如果报错：/usr/bin/qbittorrent-nox: error while loading shared libraries: libQt5Core.so.5: cannot open shared object file: No such file or directory
apt update

apt install binutils
strip --remove-section=.note.ABI-tag /usr/lib/x86_64-linux-gnu/libQt5Core.so.5

exit

1、查看容器IP

# 查看容器所有状态信息；
docker inspect ID/NAMES
# 查看容器ip地址
docker inspect --format='{{.NetworkSettings.IPAddress}}' ID/NAMES
# 容器运行状态
docker inspect --format '{{.Name}} {{.State.Running}}' ID/NAMES

2、查看进程信息

docker top  ID/NAMES

3、查看容器端口

docker port ID/NAMES

4、删除所有容器

#注意这里是`不是'
docker rm `docker ps -aq`

sudo docker images | grep none |awk '{print $3}'|xargs sudo docker rmi -f

5、修改启动

docker container update --restart=always ID/NAMES

6、导出导入镜像（离线安装Docker镜像）

docker save mysql:5.6 > mysql_5.6.tar
docker load < mysql_5.6.tar
docker tag mysql mysql:5.6

7、批量推送镜像

 for i in $(docker images | grep pro | awk 'BEGIN{OFS=":"}{print $1,$2}'); do docker push $i; done

这个是很久以前第一次安装rancher时候做的笔记，现在更推荐在coreos下或者rancheros下安装，这样更简单。

1、安装Centos7 64bit：

在https://www.centos.org/download/找到下载地址：

http://isoredirect.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso

2、设置主机名：

hostnamectl set-hostname node1

3、添加ssh登陆：

复制或拷贝本机证书到远程计算机：

4、升级系统到最新：

yum update

5、挂载独立的分区：

yum install xfsprogs                //安装XFS 文件系统的工具集
fdisk /dev/sdb                      //选择需要操作的硬盘
然后依次输入 n,p,1, 回车,回车,wq
mkfs.xfs -n ftype=1 /dev/sdb1       //格式化磁盘
mkdir -p /data/docker               //创建目录
echo "/dev/sdb1 /data xfs defaults,prjquota 0 0" >> /etc/fstab    //挂载磁盘信息
mount -a             //挂载所有磁盘
mkdir -p /data/docker          //创建docker目录
ln -sv /data/docker /var/lib/docker           //创建连接

6、关闭selinux：

setenforce 0
sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config

7、安装elrepo yum repo：

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum repolist elrepo

8、安装新内核和依赖软件：

#装依赖的软件包：
yum -y install bridge-utils net-tools psmisc subversion git fuse ntp deltarpm wget curl zip unzip bind-utils nfs-utils
#启动时间
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
systemctl enable ntpd && systemctl start ntpd
#安装 4.12.5 内核  
yum -y --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml

9、使用新内核启动：

grub2-set-default 0
reboot
uname -r
4.12.0-1.el7.elrepo.x86_64

10、修改系统内核参数：

在文件 /etc/sysctl.conf 加入以下配置：

net.unix.max_dgram_qlen = 100

net.ipv4.tcp_mem  = 379008 505344 758016
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_rmem = 4096 87380 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

net.ipv4.tcp_syncookies=1
net.ipv4.tcp_max_syn_backlog=81920
net.ipv4.tcp_synack_retries=3
net.ipv4.tcp_syn_retries=3
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 20000 65000
net.ipv4.tcp_max_tw_buckets = 200000
net.ipv4.route.max_size = 5242880

11、修改资源限制

ulimit -n 100000
echo "" >> /etc/rc.local
echo ulimit -n 100000 >> /etc/rc.local
chmod +x /etc/rc.d/rc.local

12、即可修改，如果不能修改，需要设置/etc/security/limits.conf加入： 

* soft nofile 262140
* hard nofile 262140
root soft nofile 262140
root hard nofile 262140
* soft core unlimited
* hard core unlimited
root soft core unlimited
root hard core unlimited