Docker
- 本文所有服務都基于compose檔案運作,在此之前先安裝下docker,已安裝docker的小夥伴可以跳過;
# 添加docker源,這裡用的是centos7版本
sudo wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo
sudo sed -i 's+download.docker.com+mirrors.cloud.tencent.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
sudo yum makecache fast
# 安裝指定版本
sudo yum install -y docker-ce-20.10.17 docker-compose-plugin
# 安裝最新版本
sudo yum install -y docker-ce docker-compose-plugin
# 啟動服務
systemctl enable docker --now
Elasicsearch
- elasicsearch是開源的,實時分布式的搜尋與分析引擎;
# 建立資料目錄
mkdir -p elasticsearch/data && cd elasticsearch/
chown 1001.1001 -R data
# 添加compose檔案
cat > docker-compose.yaml << eof
version: '3'
services:
elasticsearch:
image: bitnami/elasticsearch:8.6.2
container_name: es01
hostname: es01
restart: always
environment:
- BITNAMI_DEBUG=false
- ELASTICSEARCH_HEAP_SIZE=2048m
- ELASTICSEARCH_NODE_NAME=es01
- ELASTICSEARCH_BIND_ADDRESS=0.0.0.0
- ELASTICSEARCH_PORT_NUMBER=9200
ports:
- 9200:9200
volumes:
- ./data:/bitnami/elasticsearch/data
- /etc/localtime:/etc/localtime:ro
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
eof
# 啟動服務
docker compose up -d
Mongodb
- mongodb 是開源的跨平台 NoSQL 資料庫;
# 建立目錄檔案
mkdir -p mongodb/data && cd mongodb/
chown 1001.1001 -R data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
mongodb:
image: bitnami/mongodb:6.0.4
container_name: mongo
hostname: mongo
ports:
- 27017:27017
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/bitnami/mongodb
environment:
- TZ=Asia/Shanghai
# 設定管理者root密碼
- MONGODB_ROOT_PASSWORD=password123
eof
# 啟動服務
docker compose up -d
MySQL
# 建立目錄檔案
mkdir -p mysql/{data,conf} && cd mysql/
# 添加配置檔案
cat > conf/my_custom.cnf <<eof
[mysqld]
lower_case_table_names = 1
character-set-server = utf8
collation-server = utf8_general_ci
default_storage_engine = InnoDB
max_connections=1000
expire_logs_days=20
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO ,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'
eof
# 授權資料目錄(這裡的權限是和鏡像裡面的uid和gid一緻即可)
chown 1001.1001 -R data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
mysql:
image: docker.io/bitnami/mysql:5.7.37
container_name: mysql
hostname: mysql
ports:
- 3306:3306
volumes:
- /etc/localtime:/etc/localtime:ro
- ./conf/my_custom.cnf:/opt/bitnami/mysql/conf/my_custom.cnf
- ./data:/bitnami/mysql/data
environment:
- TZ=Asia/Shanghai
- MYSQL_ROOT_PASSWORD=admin1234 # 這裡指定root賬号密碼
eof
# 啟動服務
docker compose up -d
# 建立目錄檔案
mkdir -p mysql/conf && cd mysql/
# 準備配置檔案
cat > conf/my.cnf <<eof
[client]
default-character-set = utf8
[mysqld]
character-set-server = utf8
collation-server = utf8_bin
default_storage_engine = InnoDB
port = 3306
datadir = /var/lib/mysql
max_connections=1000
expire_logs_days = 15
relay_log_purge = 1
slow_query_log_file = /var/log/mysql/slow.log
log-error = /var/log/mysql/error.log
log-bin = /var/log/mysql/mysqld-bin
# mysql8之後因為mysql8采用了新的加密方式mysql_native_password
# 這裡修改為mysql_native_password,使用mysql5.7的加密方式
default_authentication_plugin = mysql_native_password
socket = /tmp/mysql.sock
lower_case_table_names = 1
sql_mode = NO_ENGINE_SUBSTITUTION
default-time_zone='+8:00'
eof
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
mysql:
image: docker.io/library/mysql:8.0.30
container_name: mysql
hostname: mysql
restart: always
ports:
- 3306:3306
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/var/lib/mysql
- ./conf/my.cnf:/etc/my.cnf
environment:
- MYSQL_ROOT_PASSWORD=admin1234
- TZ=Asia/Shanghai
eof
# 啟動服務
docker compose up -d
Redis
- 這裡redis的密碼選擇使用redis.conf來定義;
# 建立資料目錄
mkdir -p redis/{data,logs,conf} && cd redis/
chown 999.999 -R ./
# 添加配置檔案
cat > conf/redis.conf <<eof
tcp-keepalive 300
timeout 0
loglevel warning
requirepass redis1234
maxclients 5000
maxmemory-policy allkeys-lru
logfile "/logs/redis.log"
port 6379
bind 0.0.0.0
pidfile /logs/reids.pid
daemonize no
appendonly yes
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
dir /bitnami/redis/data
eof
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
redis:
image: docker.io/library/redis:6.0.16
container_name: redis
hostname: redis
environment:
- TZ=Asia/Shanghai
- ALLOW_EMPTY_PASSWORD=no # 不允許空密碼
- REDIS_DISABLE_COMMANDS=FLUSHDB,FLUSHALL # 禁用執行的指令
ports:
- 6379:6379
command: redis-server /opt/bitnami/redis/mounted-etc/redis.conf
volumes:
- ./conf/redis.conf:/opt/bitnami/redis/mounted-etc/redis.conf
- ./data:/bitnami/redis/data
- ./logs:/logs
eof
# 啟動服務
docker compose up -d
Rabbitmq
- Rabbitmq是目前非常熱門的一款消息中間件,許多企業都在大量使用。
# 建立資料目錄
mkdir -p rabbitmq && cd rabbitmq/
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
rabbitmq:
image: docker.io/library/rabbitmq:3.11.2-management-alpine
container_name: rabbitmq
restart: always
hostname: rabbitmq
ports:
- 15672:15672
- 5672:5672
- 25672:25672
- 4369:4369
volumes:
- ./data:/var/lib/rabbitmq
environment:
- RABBITMQ_DEFAULT_USER=admin
- RABBITMQ_DEFAULT_PASS=admin
eof
# 啟動服務
docker compose up -d
Minio
# 建立資料目錄
mkdir -p minio/data && cd minio/
chown 1001.1001 -R data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
minio:
image: docker.io/bitnami/minio:2023.2.27
container_name: minio
hostname: minio
restart: always
ports:
- 9000:9000
- 9001:9001
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/data
environment:
- MINIO_ROOT_USER=admin # 賬号名長度必須大于等于5位
- MINIO_ROOT_PASSWORD=admin^12345 # 注意密碼長度必須大于等于8位
- TZ=Asia/Shangha
eof
# 啟動服務
docker compose up -d
Jenkins
- Jenkins 基于Java開發的一種持續內建工具;
# 建立資料目錄
mkdir -p jenkins/data && cd jenkins/
chown 1000.1000 -R data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
jenkins-master:
image: docker.io/jenkins/jenkins:2.377-jdk17
container_name: jenkins
hostname: jenkins
restart: always
privileged: true
network_mode: 'host'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/var/jenkins_home
environment:
- TZ=Asia/Shanghai
- JAVA_OPTS='-Djava.util.logging.config.file=/var/jenkins_home/log.properties'
eof
# 啟動服務
docker compose up -d
Nexus
# 建立資料目錄
mkdir -p nexus/data/nexus-data && cd nexus/
chown 200.200 -R ./data/nexus-data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
nexus:
container_name: nexys
image: sonatype/nexus3:3.37.0
hostname: nexus
restart: always
ports:
- 8081:8081
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data/nexus-data:/nexus-data
environment:
- TZ=Asia/Shanghai
eof
# 啟動服務
docker compose up -d
Sonarqube
- Sonarqube 是一個開源的代碼分析平台, 用來持續分析和評測項目源代碼的品質 ;
# 建立資料目錄
mkdir -p sonarqube && cd sonarqube/
mkdir -p sonar/{extensions,logs,data,conf}
mkdir postgresql
chown 1001.1001 -R postgresql
# 調整核心參數
echo "vm.max_map_count=655300" >> /etc/sysctl.conf
sysctl -p
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
networks:
sonar:
driver: bridge
services:
postgresql:
image: bitnami/postgresql:15.1.0
container_name: postgresql
hostname: postgresql
volumes:
- /etc/localtime:/etc/localtime:ro
- ./postgresql:/bitnami/postgresql
ports:
- 15432:5432
environment:
- TZ=Asia/Shanghai
- POSTGRESQL_USERNAME=sonar
- POSTGRESQL_PASSWORD=sonar
- POSTGRESQL_DATABASE=sonar
networks:
- sonar
sonar:
image: docker.io/library/sonarqube:8.9.7-community
container_name: sonar
hostname: sonar
volumes:
- /etc/localtime:/etc/localtime:ro
- ./sonar/extensions:/opt/sonarqube/extensions
- ./sonar/logs:/opt/sonarqube/logs
- ./sonar/data:/opt/sonarqube/data
- ./sonar/conf:/opt/sonarqube/conf
ports:
- 9000:9000
environment:
- TZ=Asia/Shanghai
- SONARQUBE_JDBC_URL=jdbc:postgresql://postgresql:5432/sonar
- SONARQUBE_JDBC_USERNAME=sonar
- SONARQUBE_JDBC_PASSWORD=sonar
networks:
- sonar
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 165530
hard: 165530
eof
# 啟動服務
docker compose up -d
Allure
- allure是開源測試報告架構,支援pytest單元測試架構 ;
# 建立資料目錄
mkdir -p allure/data && cd allure/
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3'
services:
allure:
image: docker.io/frankescobar/allure-docker-service:2.21.0-amd64
environment:
TZ: Asia/Shanghai
CHECK_RESULTS_EVERY_SECONDS: 1
KEEP_HISTORY: 1
ports:
- 5050:5050
volumes:
- ./data/results:/app/allure-results
- /etc/localtime:/etc/localtime:ro
eof
# 啟動服務
docker compose up -d
Kuboard
# 建立資料目錄
mkdir -p kuboard && cd kuboard/
# 添加compose檔案
cat > docker-compose.yml <<eof
version: '3.9'
services:
kuboard:
image: eipwork/kuboard:v3.5.0.3-amd64
hostname: kuboard
restart: unless-stopped
privileged: true
ports:
- 80:80/TCP
- 10081:10081/TCP
- 10081:10081/UDP
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/localtime:/etc/localtime
- ./data:/data
environment:
- TZ=Asia/Shanghai
- KUBOARD_AGENT_SERVER_UDP_PORT="10081"
- KUBOARD_AGENT_SERVER_TCP_PORT="10081"
eof
# 啟動服務(admin/Kuboard123)
docker compose up -d
Grafana
# 建立資料目錄
mkdir -p grafana/data && cd grafana/
chown 472.472 -R data
# 添加compose檔案
cat > docker-compose.yml <<eof
version: "3.9"
services:
grafana:
image: docker.io/grafana/grafana:9.1.0
container_name: grafana
hostname: grafana
restart: always
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data:/var/lib/grafana
user: "472"
environment:
- TZ=Asia/Shanghai
ports:
- 3000:3000
eof
# 啟動服務(admin/admin)
docker compose up -d
Jumpserver
- jumpserver 是開源的,符合 4A 規範的堡壘機系統。
# 建立資料目錄
mkdir -p jumpserver && cd jumpserver/
# 添加compose檔案
cat > docker-compose.yaml << eof
version: '3.9'
services:
jumpserver:
image: jumpserver/jms_all:v2.28.6
container_name: jumpserver
restart: always
hostname: jumpserver
privileged: true
network_mode: 'host'
volumes:
- /etc/localtime:/etc/localtime
- ./data:/opt/jumpserver/data/
environment:
- TZ=Asia/Shanghai
- SECRET_KEY=ww6q5uW0yRrP9moRy8A0C7wgvanGIx3nNO4lPlZZbkolusbmOb # 密鑰: cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50
- BOOTSTRAP_TOKEN=lIQmk67fhNMC4ede # token: cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16
# 資料庫位址
- DB_HOST=10.0.0.118
- DB_PORT=3306
- DB_USER=jumpserver
- DB_PASSWORD=jumpserver
- DB_NAME=jumpserver
# redis緩存
- REDIS_HOST=10.0.0.118
- REDIS_PORT=6379
- REDIS_PASSWORD=admin1234
cap_add:
- SYS_PTRACE
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
eof
# 啟動服務(admin/admin)
docker compose up -d
GitLab
- Gitlab 是被廣泛使用的基于git的開源代碼管理平台 ;
# 建立資料目錄
mkdir -p gitlab/{conf,data,logs} && cd gitlab/
# 添加ssl證書(這裡自建一個)
mkdir conf/ssl && cd conf/ssl/
openssl genrsa -out server.key 2048
openssl genrsa -out private.key 2048
openssl req -new -key private.key -out cert_req.csr -subj "/C=CN/ST=TEST/L=TEST/O=test/OU=main/CN=*.demo.com/[email protected]"
openssl x509 -req -days 365 -in cert_req.csr -signkey private.key -out server_cert.crt
# 添加compose檔案
cd ../../
cat > docker-compose.yaml << eof
version: '3.9'
services:
gitlab:
image: 'gitlab/gitlab-ce:13.5.2-ce.0'
container_name: 'gitlab'
restart: always
hostname: 'gitlab'
environment:
TZ: 'Asia/Shanghai'
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.demo.com' # 使用https通路
nginx['enable'] = true
nginx['client_max_body_size'] = '512m'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/ssl/server_cert.crt"
nginx['ssl_certificate_key'] = "/etc/ssl/private.key"
nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['listen_addresses'] = ["0.0.0.0"]
nginx['http2_enabled'] = true
prometheus_monitoring['enable'] = false
ports:
- 443:443
- 80:80
volumes:
- /etc/localtime:/etc/localtime:ro
- ./conf:/etc/gitlab
- ./data:/var/opt/gitlab
- ./logs:/var/log/gitlab
- ./conf/ssl:/etc/ssl
eof
# 啟動服務
docker compose up -d
SQLServer
- 如果不想在windows下安裝sql server資料庫,可以通過如下方式搭建;
# 建立資料目錄
mkdir -p sqlserver/data/mssql && cd sqlserver/
chmod 777 -R data/mssql
# 添加compose檔案
cat > docker-compose.yaml << eof
version: '3.9'
services:
sqlserver:
image: mcr.microsoft.com/mssql/server:2019-latest
container_name: sqlserver
hostname: sqlserver
restart: always
ports:
- 1433:1433
volumes:
- /etc/localtime:/etc/localtime:ro
- ./data/mssql:/var/opt/mssql
environment:
- TZ=Asia/Shanghai
- ACCEPT_EULA=Y
- MSSQL_SA_PASSWORD=Admin_123456 # 管理者sa的密碼
eof
# 啟動服務
docker compose up -d