# docker-deploy

**Repository Path**: W006/docker-deploy

## Basic Information

- **Project Name**: docker-deploy
- **Description**: 常用docker镜像
- **Primary Language**: Docker
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 1
- **Created**: 2021-11-14
- **Last Updated**: 2025-07-09

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

[TOC]



### docker 最新安装

1、Docker 要求 CentOS 系统的内核版本高于 3.10 ，查看本页面的前提条件来验证你的CentOS 版本是否支持 Docker 。

通过 **uname -r** 命令查看你当前的内核版本

```
 $ uname -r
```

2、使用 `root` 权限登录 Centos。确保 yum 包更新到最新。

```
$ sudo yum update
```

3、卸载旧版本(如果安装过旧版本的话)

```
$ sudo yum remove docker  docker-common docker-selinux docker-engine
```

4、安装需要的软件包， yum-util 提供yum-config-manager功能，另外两个是devicemapper驱动依赖的

```
$ sudo yum install -y yum-utils device-mapper-persistent-data lvm2
```

5、设置yum源

```
$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
```

6、可以查看所有仓库中所有docker版本，并选择特定版本安装

```
$ yum list docker-ce --showduplicates | sort -r
```

7、安装docker

```
$ sudo yum install docker-ce  #由于repo中默认只开启stable仓库，故这里安装的是最新稳定版17.12.0
$ sudo yum install <FQPN>  # 例如：sudo yum install docker-ce-17.12.0.ce
```

8、启动并加入开机启动

```
$ sudo systemctl start docker
$ sudo systemctl enable docker
```

9、验证安装是否成功(有client和service两部分表示docker安装启动都成功了)

```
$ docker version
```



#### register
```shell
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": [
    "https://docker.1panelproxy.com",
    "https://2a6bf1988cb6428c877f723ec7530dbc.mirror.swr.myhuaweicloud.com",
    "https://docker.m.daocloud.io",
    "https://hub-mirror.c.163.com",
    "https://mirror.baidubce.com",
    "https://your_preferred_mirror",
    "https://dockerhub.icu",
    "https://docker.registry.cyou",
    "https://docker-cf.registry.cyou",
    "https://dockercf.jsdelivr.fyi",
    "https://docker.jsdelivr.fyi",
    "https://dockertest.jsdelivr.fyi",
    "https://mirror.aliyuncs.com",
    "https://dockerproxy.com",
    "https://mirror.baidubce.com",
    "https://docker.m.daocloud.io",
    "https://docker.nju.edu.cn",
    "https://docker.mirrors.sjtug.sjtu.edu.cn",
    "https://docker.mirrors.ustc.edu.cn",
    "https://mirror.iscas.ac.cn",
    "https://docker.rainbond.cc"
  ],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "insecure-registries":[""]
}                    
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
```



docker/daemon.json
私有镜像库才会用
```
{  "insecure-registries":["registry.docker.ip:9080","harbor01:9080"],  "registry-mirrors": ["https://3bk5cqf5.mirror.aliyuncs.com"]}{    "insecure-registries":["registry.docker.ip:9080","harbor01:9080"],    "registry-mirrors": [        "https://wennn:0x25TGBnhy6@index.docker.io",        "https://wennn:0x25TGBnhy6@1nj0zren.mirror.aliyuncs.com",        "https://wennn:0x25TGBnhy6@docker.mirrors.ustc.edu.cn",        "http://wennn:0x25TGBnhy6@f1361db2.m.daocloud.io",        "https://wennn:0x25TGBnhy6@registry-1.docker.io",        "https://wennn:0x25TGBnhy6@registry.docker-cn.com"    ]}
```

host

```
192.168.1.11  harbor01 registry.docker.ip 192.168.1.11 build.docker.ip
```

### Docker Run 简单应用使用

#### gogs

```shell
docker run --name=gogs -d  -p 10022:22 -p 10080:3000 \	-v /etc/localtime:/etc/localtime:ro \	-v /data/gogs:/data gogs/gogs \ 		docker run --name=gogs -d  -p 10022:22 -p 10080:3000 \	-v /etc/localtime:/etc/localtime:ro gogs/gogs \ 	docker run --name=gogsnew -d -p 6622:22 -p 6680:3000 \	-v /etc/localtime:/etc/localtime:ro \	-v /data/gogs:/data gogs/gogs	mpc/mpc@neusoft.com docker run --name=gogs --restart=always -d  -p 10022:22 -p 10080:3000 -v /etc/localtime:/etc/localtime:ro -v /data/gogs:/data/ gogs/gogs  
```

#### maraidb

```
1 docker search mariadb 搜索mariadb镜像（非必须）2 docker pull mariadb 下载docker镜像3 docker images 查看本地已有的所有镜像4 mkdir -p /data/mariadb/data 建一个目录作为和容器的映射目录5 docker run --name mariadb -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=root \	-v /data/mariadb/data:/var/lib/mysql \	-v /etc/localtime:/etc/localtime:ro \	-v /data/mariadb/etc/:/etc/mysql/ mariadb　　--name启动容器设置容器名称为mariadb　　-p设置容器的3306端口映射到主机3306端口　　-e MYSQL_ROOT_PASSWORD设置环境变量数据库root用户密码为输入数据库root用户的密码　　-v设置容器目录/var/lib/mysql映射到本地目录/data/mariadb/data　　-d后台运行容器mariadb并返回容器id6 docker ps -a 查看容器是否运行7 docker container update --restart=always 容器id   修改容器为自启动8 进入容器docker exec -it 容器Id bash9 在容器内登录数据库 mysql -uroot -proot密码
```

#### jumpserver

```shell
docker run --name jms_all -d \    -v /opt/mysql:/var/lib/mysql \    -v /opt/jumpserver:/opt/jumpserver/data/media \    -p 80:80 \    -p 2222:2222 \    -e SECRET_KEY=PEHVdLzvZFtDQT733ntHDH1hglXQ9OQKoI1xxAfdDhpRGx3tg7 \    -e BOOTSTRAP_TOKEN=YDzl55tZPTdclbUh \    -e DB_HOST=192.168.8.223 \ #当前主机IP    -e DB_PORT=3306 \     -e DB_USER=jumpserver \ #数据库用户    -e DB_PASSWORD=zhang123 \ #数据库密码    -e DB_NAME=jumpserver \ #数据库名称    -e REDIS_HOST=192.168.8.223 \    -e REDIS_PORT=6379 \    -e REDIS_PASSWORD=123 \ #Redis密码    jumpserver/jms_all:1.4.8
```



```shell
 docker run -d -p 3306:3306 --name mysql \-v /data/mysql/etc/conf:/etc/mysql \-v /data/mysql/logs:/var/log/mysql \-v /data/mysql/mysql:/var/lib/mysql \-v /etc/localtime:/etc/localtime:ro \-e MYSQL_ROOT_PASSWORD=123456 \mysql:5.7 \--lower_case_table_names=1 \--max-allowed-packet=1073741824 \--character_set_server=utf8 \--innodb_log_file_size=256m
```

```shell
#gogscreate user 'gogs'@'%' identified by 'gogs'grant all privileges on gogs.* to 'gogs'@'%' identified by 'gogs';create user 'teleport'@'%' identified by 'teleport';grant all privileges on teleport.* to 'teleport'@'%' identified by 'teleport';
```

#### tomcat

```shell
  docker run --name tomcat -p 8081:8081 -v /etc/localtime:/etc/localtime:ro -v /data/tomcat/webapps:/usr/local/tomcat/webapps -v /data/tomcat/logs:/usr/local/tomcat/logs -v /data/tomcat/conf:/usr/local/tomcat/conf -d tomcat
```

#### sonar

```shell
docker run -d --name sonar -p 9000:9000 \ -e ALLOW_EMPTY_PASSWORD=yes \ -e SONARQUBE_DATABASE_USER=sonar \ -e SONARQUBE_DATABASE_NAME=sonar \ -e SONARQUBE_DATABASE_PASSWORD=sonar \ -e SONARQUBE_JDBC_URL="jdbc:mysql://10.20.13.197:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useConfigs=maxPerformance&useSSL=false" \ --net sonarqube-tier \ --privileged=true \ -v /data/sonarqube/logs:/opt/sonarqube/logs \ -v /data/sonarqube/conf:/opt/sonarqube/conf \ -v /data/sonarqube/data:/opt/sonarqube/data \ -v /data/sonarqube/extensions:/opt/sonarqube/extensions\ sonarqube:7.4-community 
```

#### ocr

```shell
docker run --name paddle -it -v $PWD:/paddle \-v /etc/localtime:/etc/localtime:ro \-v /etc/localtime:/etc/profile \-d \registry.baidubce.com/paddlepaddle/paddle:1.8.5 /bin/bash
```



#### harbor

```shell
wget https://storage.googleapis.com/harbor-releases/release-1.9.0/harbor-offline-installer-v1.9.1-rc1.tgz
```

#### doc

```shell
docker run -p 8181:8181 --name mindoc -e DB_ADAPTER=mysql -e MYSQL_PORT_3306_TCP_ADDR=10.20.13.197 -e MYSQL_PORT_3306_TCP_PORT=3306 -e MYSQL_INSTANCE_NAME=mindoc -e MYSQL_USERNAME=root -e MYSQL_PASSWORD=123456 -e httpport=8181 -d daocloud.io/lifei6671/mindoc:latest
```

#### jenkins

```shell
version: '3'services:	jenkins:    image: 'jenkinsci/blueocean'    container_name: jenkins    privileged: true    restart: always	ports:      - '9980:8080'      - '50000:50000'    volumes:      - '/data/jenkins/jenkins_home:/var/jenkins_home'            ln -s /usr/local/lib/libssl.so.1.1 /usr/lib/libssl.so.1.1ln -s /usr/local/lib/libcrypto.so.1.1 /usr/lib/libcrypto.so.1.1libaudit.so.1docker run -u root -d -p 8080:8080 -p 50000:50000 --name=jenkins --privileged=true \-v /var/jenkins_home:/var/jenkins_home  \-v /etc/localtime:/etc/localtime:ro \-v /etc/profile:/etc/profile:ro \-v /etc/hosts:/etc/hosts:ro \-v /home/data:/home/data \-v /var/run/docker.sock:/var/run/docker.sock \-v /etc/docker:/etc/docker \-v /usr/sbin/:/usr/sbin/ \jenkinsci/blueocean      cat > /etc/systemd/system/docker.service.d/https-proxy.conf << EOF[Service]Environment="HTTP_PROXY=http://squid:neusoft@10.20.11.230:3128" "HTTPS_PROXY=http://squid:neusoft@10.20.11.230:3128" "NO_PROXY=localhost,127.0.0.1,10.20.%.%"EOF
```

#### Swarm 机器

```shell
## 1 harbordocker swarm init --advertise-addr 10.20.11.231:2377 --listen-addr 10.20.11.231:2377
```

```shell
Swarm initialized: current node (qmfg6gnvg5novkbv7n0mi311x) is now a manager.To add a worker to this swarm, run the following command:    docker swarm join --token SWMTKN-1-5gw053s5aopwt2mv2etwl1tuffuqxd7nk1bcn2024674447rj0-31yp8mtb7jr18lynjyb1woods 10.20.11.231:2377To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
```

```shell
docker swarm join --token SWMTKN-1-5gw053s5aopwt2mv2etwl1tuffuqxd7nk1bcn2024674447rj0-31yp8mtb7jr18lynjyb1woods 10.20.11.231:2377
```

#### portainer

```shell
docker run -d -p 9999:9000 \-v /data/portainer/data:/data \-v /data/portainer/public:/public \-v /var/run/docker.sock:/var/run/docker.sock --name portainer portainer/portainer### 用户# admin/admin@2021
```



#### time server 时间同步

##### server

```shell
yum install ntpdvi /etc/ntp.conf####①、第一种配置：允许任何IP的客户机都可以进行时间同步 将“restrict default kod nomodify notrap nopeer noquery”这行修改成： restrict default nomodify ②、第二种配置：只允许10.15.62.*网段的客户机进行时间同步 在restrict default nomodify notrap noquery（表示默认拒绝所有IP的时间同步）之后增加一行： restrict 10.15.62.0 mask 255.255.255.0 nomodify      ####
```

##### client

```shell
vi /etc/crontab##### append1  *  *  *  * root ntpdate 10.20.14.153 && hwclock -w#####
```

#### Nacos stanle

```yml
 nacos:    image: nacos/nacos-server:latest    container_name: nacos-standalone    environment:    - PREFER_HOST_MODE=hostname    - MODE=standalone    volumes:    - ./standalone-logs/:/home/nacos/logs    - ./init.d/custom.properties:/home/nacos/init.d/custom.properties    ports:    - "8848:8848" prometheus:    container_name: prometheus    image: prom/prometheus:latest    volumes:      - ./prometheus/prometheus-standalone.yaml:/etc/prometheus/prometheus.yml    ports:      - "9090:9090"    depends_on:      - nacos    restart: on-failure  grafana:    container_name: grafana    image: grafana/grafana:latest    ports:      - 3000:3000    restart: on-failure
```

```shell
docker run -d -p 8848:8848 --name=nacos-standalone -e PREFER_HOST_MODE=hostname -e MODE=standalone \-v $(pwd)/standalone-logs/:/home/nacos/logs -v $(pwd)/init.d/custom.properties:/home/nacos/init.d/custom.properties \harbor01:9080/library/nacos-server:latestdocker run -d -p 9090:9090 --name=prometheus \-v $(pwd)/prometheus/prometheus-standalone.yaml:/etc/prometheus/prometheus.yml \--link=nacos harbor01:9080/library/prometheus:latest docker run -d -p 3000:3000 --name=grafana \harbor01:9080/library/grafana:latest
```