离线docker部署脚本
#!/bin/bash
# # **********************************************************************
# # function: to install virus defence
# # parameter required: 1. docker directory 2. web port
# # change history:
# # date content programmer
# #
# # **********************************************************************
dockerDir=$1
webPort=$2
cd `dirname $0`
workDir=$(pwd)
if [[ $(whoami) != "root" ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" Please run this script with root"
exit 11
fi
if [[ ! -d $dockerDir ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" docker directory does not exists"
exit 12
fi
if [[ ! (-d $workDir/dockerimages && -d $workDir/dockerrpms) ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" The installation package is not complete"
exit 13
fi
if [[ $# != 2 ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" The parameters are not correct, please check"
exit 14
fi
# disable selinux
function disableSelinux
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start disabling selinux"
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
}
# disable firewalld
function disableFirewalld
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start disabling firewalld"
systemctl stop firewalld
systemctl disable firewalld
}
# update limits
function setLimits
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start updating limits"
echo "session required /lib/security/pam_limits.so" >> /etc/pam.d/login
echo "* soft nofile 131072" >> /etc/security/limits.conf
echo "* hard nofile 131072" >> /etc/security/limits.conf
echo "* soft nofile 131072" >> /etc/security/limits.conf
echo "* hard nofile 131072" >> /etc/security/limits.conf
}
# set createRepo
function createRepo
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start setting createrepo"
cd $workDir/dockerrpms
createrepo .
if [[ $? == 127 ]]; then
rpm -ivh python-deltarpm-3.6-3.el7.x86_64.rpm deltarpm-3.6-3.el7.x86_64.rpm createrepo-0.9.9-28.el7.noarch.rpm
fi
if [[ $? != 0 ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" The system is not a regular installation, please download dependency packages install createrepo mannually"
exit 15
else
createrepo .
fi
}
# set local.repo
function setRepo
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start setting local repo"
if [[ ! -d /etc/yum.repos.d/bak ]]; then
mkdir /etc/yum.repos.d/bak
fi
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
echo -e "[Local]\nname=Local Yum\nbaseurl=file://$workDir/dockerrpms\ngpgcheck=0" >> /etc/yum.repos.d/local.repo
yum makecache
}
# start installation
function dockerInstall
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start installing docker"
yum -y install yum-utils device-mapper-persistent-data lvm2 docker-ce --skip-broken
if [[ $? != 0 ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" installation failed, please check output info"
exit 16
fi
}
# change docker directory
function changeDockerDir
{
echo `date +"%Y-%m-%d %H:%M:%S"`" changing docker directory"
if [[ ! -f /usr/lib/systemd/system/docker.service ]]; then
echo `date +"%Y-%m-%d %H:%M:%S"`" docker service file does not exist"
exit 17
fi
cp /usr/lib/systemd/system/docker.service /usr/lib/systemd/system/docker.service.bak
echo "$(sed -n '14p' /usr/lib/systemd/system/docker.service) --data-root=$dockerDir" > /usr/lib/systemd/system/docker.service.2
sed -n '1,13p' /usr/lib/systemd/system/docker.service > /usr/lib/systemd/system/docker.service.1
sed -n '15,$p' /usr/lib/systemd/system/docker.service > /usr/lib/systemd/system/docker.service.3
cat /usr/lib/systemd/system/docker.service.1 /usr/lib/systemd/system/docker.service.2 /usr/lib/systemd/system/docker.service.3 > /usr/lib/systemd/system/docker.service
rm -rf /usr/lib/systemd/system/docker.service.1 /usr/lib/systemd/system/docker.service.2 /usr/lib/systemd/system/docker.service.3
}
# start docker and set start on boot
function dockerStartup
{
echo `date +"%Y-%m-%d %H:%M:%S"`" starting docker"
systemctl daemon-reload
systemctl start docker
systemctl enable docker
}
# load docker image
function loadImage
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start loading docker image"
cd $workDir/dockerimages
gunzip coronastd.tar.gz
docker load -i $workDir/dockerimages/coronastd.tar
}
# run docker container
function runContainer
{
echo `date +"%Y-%m-%d %H:%M:%S"`" start running docker container"
docker run -itd --hostname=virusdefence --name=virusdefence -e "container=docker" --privileged=true --restart=always -p $webPort:8080 coronastd /usr/sbin/init
}
disableSelinux
disableFirewalld
setLimits
createRepo
setRepo
dockerInstall
changeDockerDir
dockerStartup
#loadImage
#runContainer
内网服务器部署步骤记录方便以后粘贴复制
# 1.先修改镜像源
cd /etc/yum.repos.d/
mkdir bak
mv *.repo bak/
vi local.repo
[Local]
name=Local Yum
baseurl=file:///root/src/software/dockerrpms
gpgcheck=0
# 2.其他服务器传文件到目标服务器
scp dockerOnly.zip ip:/root/src/software
# 3.解压zip
unzip dockerOnly.zip
# 4.
yum clean all
yum makecache
# 5.删除原有的docker
yum remove docker docker-common docker-selinux docker-engine
# 6.进行安装
bash deploy.sh /root/docker /root/docker
# PS:查看是否存在冲突 目前遇到一次audit冲突 卸载原有的audit 即可安装成功了