脚本安装
#!/bin/bash
# 创建docker安装目录,离线部署包找作者拿
read -p "输入docker安装目录:" TempDockerDir
function Basic() {
mkdir $TempDockerDir
cp ./docker-20.10.12.tgz $TempDockerDir
cp ./docker-compose-linux-x86_64 $TempDockerDir
cd $TempDockerDir
tar -xf docker-20.10.12.tgz
cp docker/* /usr/bin/
mv docker docker_source
}
function EditServiceConfig() {
cat > /etc/systemd/system/docker.service << EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd -g /opt/docker
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
chmod a+x /etc/systemd/system/docker.service
chmod 777 /etc/systemd/system/docker.service
systemctl daemon-reload
systemctl start docker
systemctl status docker
systemctl enable docker
}
function InstallCompose() {
mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose
ln -s /usr/local/bin/docker-compose /usr/bin/
chmod +x /usr/local/bin/docker-compose
docker-compose -v
}
Basic
EditServiceConfig
InstallCompose
安装docker18.06.1-ce(手动)
1.添加docker-ce yum源
安装扩展yum功能,以便使用yum-config-manager添加docker软件源信息
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2.查看当前可以安装docker-ce版本
安装指定版本的格式 ,注意3:xxx 请移除3: 我这里使用docker-ce-18.06.1.ce-3.el7
yum list docker-ce --showduplicates | sort -r
yum -y install docker-ce-[VERSION]
yum install -y docker-ce-18.06.1.ce-3.el7
3.启动测试
systemctl start docker && systemctl enable docker
docker info
Containers: 15
Running: 12
Paused: 0
Stopped: 3
Images: 26
Server Version: 18.06.1-ce
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-693.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 7.585GiB
Name: k8s-node3
ID: 5BLO:XOV2:EFX3:5SXB:M2JF:L6D7:TWGR:UQ6E:A56P:MXAZ:TTQR:R2DG
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
安装docker-compose
1.下载docker-compose
curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
2.赋予docker-compose全局可执行权
chmod +x /usr/local/bin/docker-compose && ln -s /usr/local/bin/docker-compose /usr/bin/
docker-compose --version
docker-compose version 1.18.0, build 8dd22a9
docker-compose java项目目录规划
1.环境描述
- docker:18.06.1-ce
- docker-comepose:1.18.0
- vue 2 && npm 14.17.3
- java1.8
2.文件目录解释
- config目录:config目录内放项目运行所需要挂载进容器的配置文件及数据文件
- import-base-image目录:docker save所保留下的tar归档基础镜像文件,例:java:8、mysql:8、nginx:1.21.3等,还有docker load镜像的脚本
- java目录:每个java项目在java目录内单独一个目录,目录内放置jar包、Dockerfile、build.sh、wait-for所用脚本等(打包镜像所用脚本)
- docker-compose.yml : 我所理解的docker-compose.yml跟k8s内的资源清单一样,就是docker-compose编排配置文件
- build_java_image.sh:进入到所有java项目目录内,把jar包打入docker镜像内 && 也可以在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
3.目录层级展示
docker-compose常用命令
- docker-compose ps :查看运行容器
- docker-compose up -d :后台启动容器 && 资源清单有变化镜像有更新可以更新
- docker-compose down -v : 关闭,下线
docker-compose.yml
version: '3'
networks:
data_security:
ipam:
config:
- subnet: 172.62.0.0/16 #自定义固定容器ip 实现容器间通讯,增强docker-compose项目可移植性
services:
mysql:
image: mysql:8.0.20
container_name: mysql
ports:
- 30306:3306
command:
--default-authentication-plugin=mysql_native_password
--character-set-server=utf8mb4
--collation-server=utf8mb4_general_ci
--explicit_defaults_for_timestamp=true
--lower_case_table_names=1
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
- MYSQL_ROOT_PASSWORD=xxxxxx
privileged: true
restart: always
volumes:
- ./config/mysql/conf/my.cnf:/etc/mysql/my.cnf
- ./config/mysql/logs:/var/log/mysql
- ./config/mysql/data:/var/lib/mysql
- ./config/mysql/init:/docker-entrypoint-initdb.d/
#- ./config/mysql/sql:/opt/sql #初始化sql第一次启动mysql并导入数据可以将注释去掉,导完之后注释掉。
networks:
data_security:
ipv4_address: 172.62.0.5
gateway-service:
build: #在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
context: ./java/gateway-service/
dockerfile: Dockerfile
image: gateway-service:1.0
container_name: gateway-service
expose:
- 8999
privileged: true
restart: always
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.6
group-module:
build: #在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
context: ./java/group-module/
dockerfile: Dockerfile
image: group-module:1.0
container_name: group-module
expose:
- 8890
privileged: true
restart: always
volumes:
- ./java/xxl-job/:/opt/
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.7
core4ct-module-system:
build: #在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
context: ./java/core4ct-module-system/
dockerfile: Dockerfile
image: core4ct-module-system:1.0
container_name: core4ct-module-system
expose:
- 8080
- 30201
privileged: true
restart: always
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.8
core4ct-gateway:
build: #在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
context: ./java/core4ct-gateway/
dockerfile: Dockerfile
image: core4ct-gateway:1.0
container_name: core4ct-gateway
expose:
- 9000
privileged: true
restart: always
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.9
#province-module:
# image: province-module:1.0
# container_name: province-module
# expose:
# - 8888
# privileged: true
# restart: always
# environment:
# - TZ=Asia/Shanghai
# - LANG=en_US.UTF-8
# networks:
# data_security:
# ipv4_address: 172.62.0.10
redis:
image: redis:latest
container_name: redis
hostname: redis
restart: always
ports:
- 6379:6379
volumes:
- ./config/redis/conf/redis.conf:/etc/redis/redis.conf #挂载redis.conf不然后续重启redis密码会失效
- ./config/redis/data:/data
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
command: ["redis-server","/etc/redis/redis.conf"] #指定配置文件启动redis
networks:
data_security:
ipv4_address: 172.62.0.13
xxl-job-admin:
build: #在docker-compose.yml文件中通过build指定上下文及dockerfile来进行构建镜像
context: ./java/xxl-job-admin/
dockerfile: Dockerfile
image: xxl-job-admin:1.0
container_name: xxl-job-admin
ports:
- 30998:8998
#- 30988:9988
restart: always
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.11
nginx:
image: nginx:1.21.3
container_name: nginx-group
ports:
- 30028:80
restart: always
volumes:
- ./config/nginx/:/etc/nginx/
- ./config/html/dist/:/usr/share/nginx/html/
environment:
- TZ=Asia/Shanghai
- LANG=en_US.UTF-8
networks:
data_security:
ipv4_address: 172.62.0.12
# nginx-province:
# image: province-frontend:1.20.1
# container_name: nginx-province
# ports:
# - 30029:443
# restart: always
# volumes:
# - ./config/nginx-province/:/etc/nginx/
# - ./config/html-province/dist/:/usr/share/nginx/html/
# environment:
# - TZ=Asia/Shanghai
# - LANG=en_US.UTF-8
# networks:
# data_security:
# ipv4_address: 172.62.0.22
docker-compose常用命令
- docker-compose ps :查看运行容器
- docker-compose up -d :后台启动容器 && 资源清单有变化镜像有更新可以更新
- docker-compose down -v : 关闭,下线
- docker-compose up -d --build : 更新镜像,并后台启动
docker-compose启动顺序
介于某些环境中java微服务需要到nacos拿配置文件,而这个时候nacos的启动又很慢,就会导致我们的java微服务找不到nacos而启动失败。docker-compos.yml中有一个depends_on参数可用,但是实际用起来还是不太灵光,它只是把相互有依赖的容器按照顺序启动;只是容器的启动,容器内的服务启动还是跟之前一样,所以并没有采用。我这里采用的是wait-for的一个思路,将写好的shell脚本check_nacos.sh嵌入容器。通过curl循环判断去探测nacos状态码返回值,如果为200则跳出循环执行run.sh,run.sh的内容也就是java项目的启动命令。以下是代码,路径,dockerfile等。
check_nacos.sh
#!/bin/bash
while :
do
# 访问nacos注册中心,获取http状态码
CODE=`curl -I -m 10 -o /dev/null -s -w %{http_code} http://172.62.0.15:8848/nacos/#/login`
# 判断状态码为200
if [[ $CODE -eq 200 ]]; then
# 输出绿色文字,并跳出循环
echo -e "\033[42;34m nacos-server is ok \033[0m"
break
else
# 暂停1秒
sleep 1
echo -e "\033[41;37m nacos-server is not ok \033[0m"
fi
done
# while结束时,也就是nacos启动完成后,执行容器中的run.sh。
bash /root/run.sh
run.sh
#!/bin/bash
java -jar /root/core4ct-gateway-1.0-SNAPSHOT.jar
dockerfile
FROM java:8
COPY ./core4ct-gateway-1.0-SNAPSHOT.jar /root
COPY ./check_nacos.sh /root
COPY ./run.sh /root
EXPOSE 9000
ENTRYPOINT ["bash","/root/check_nacos.sh"]
目录
运行效果
docker网格优化
以上项目启动时会自动生成一个docker网络,因为我们docker-compose.yml内定义了网络的子网,所以单项目正常使用起来也没什么问题。如果有多个项目多个docker-compose.yml的场景下,多个项目之间也有微服务需要通过docker内部网络进行通信,或者我们docker-compose down -v时这个网卡都会随着我们项目的关闭而被释放掉。介于这种情况我们需要在外建立一个docker网格并指定网卡,再通过docker-compose.yml使用此网卡,即可实现多项目、多docker-compose.yml互相通过内部调用微服务、单独启动关闭某个项目;以下是配置摘要:
创建docker网格
docker network create --driver bridge --subnet 172.62.0.0/16 --gateway 172.62.0.1 cq-data-security
修改编排文件,多个docker-compose.yml配置方法一致
docker-compose.yml
version: '3'
networks:
cq-data-security:
external: true
services:
mysql:
image: mysql:8.0.20
container_name: mysql
networks:
cq-data-security:
ipv4_address: 172.62.0.5