服务安装
服务器配置 | IP地址 | 服务名 |
---|---|---|
应用 | x.x.x.x | nginx redis jar |
消息 | x.x.x.x | mqtt |
存储 | x.x.x.x | mysql |
共同操作
- 修改系统时间 ,(如果时间正确则可以不用修改)
本地
#!/bin/bash
yum -y install vim wget lrzsz
timedatectl set-timezone "Asia/Shanghai"
rm -rf /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
yum -y install install ntpdate
ntpdate ntp1.aliyun.com
echo "Asia/Shanghai" > /etc/timezone
生产
rm -rf /etc/timezone
echo "Asia/Shanghai" > /etc/timezone
- 添加新的字符,防止图片出现乱码
# 安装字体库
yum -y install fontconfig
# 上传 windows 字体
链接:https://pan.baidu.com/s/1WdyLGgtstX5iCmHwEz4KZw?pwd=1234
mkdir -p /usr/share/fonts/chinese/
cp (下载下来的字体) /usr/share/fonts/chinese/
# 安装字体
yum -y install ttmkfdir
# 刷新缓存字体
fc-cache
如果用容器部署的话,则需要将该字体拷贝到 物理层的映射目录
cp (下载下来的字体) /var/lib/docker/volumes/docker-compose_jar_chinese/_data/
本地部署步骤(centos7.8)
#!/bin/bash
systemctl restart firewalld && iptables -F && iptables-save > /dev/null
function docker (){
cat <<-'EOF' >> /etc/yum.repos.d/docker.repo
[docker]
name=docker
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
EOF
}
function run (){
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://dw7ud9sz.mirror.aliyuncs.com"]
}
EOF
}
while :
do
echo "********************"
echo " menu "
echo "docker"
echo "compose"
echo "quit"
read -p "Please enter the name of the software you want to install(只输入开头的一个字母即可):" server
case "$server" in
[dD]|[oO][cC][kK][eE] )
echo -e "\033[32m*****开始安装docker yum源******** \033[0m"
#调用函数
docker
echo -e "\033[32m************************************************************ \033[0m"
echo -e "\033[32m*****开始安装epel-release源******** \033[0m"
yum -y install epel-release && yum makecache fast
# 安装系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
# 2.添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 3.更新并安装Docker-CE
yum -y install docker-ce
# 启动docker
systemctl start docker
systemctl enable docker
#开启bridge模式(桥接网卡的流量)和路由转发,重载配置文件
modprobe ip_vs_rr
modprobe br_netfilter
echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.conf
echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.conf
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
sysctl -p
echo -e "\033[32m*****配置镜像加速器******** \033[0m"
touch /etc/docker/daemon.json
# 调用函数,加速器
run
echo -e "\033[32m*****加载配置文件和重新启动docker******** \033[0m"
systemctl daemon-reload && systemctl restart docker && echo -e "\033[32m***** docker 启动成功******** \033[0m"
echo -e "\033[32m***** 创建桥接网卡******** \033[0m"
docker network create my_net
;;
[cC]|[oO][pP][oO][sS][eE] )
echo -e "\033[41;33m 开始安装docker-compose \033[0m"
sudo curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version
;;
[qQ]|[uU][iI][tT] )
echo -e "\033[32m*****欢迎使用******\033[0m"
exit 0
;;
*)
echo -e "\033[32m*****安装失败******\033[0m"
read -p "press [enter] key to continue..." Key
;;
esac
done
生产部署步骤(centos8.2)
#!/bin/bash
function docker (){
cat <<-'EOF' >> /etc/yum.repos.d/docker.repo
[docker]
name=docker
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/8.2/x86_64/stable/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
EOF
}
function run (){
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://dw7ud9sz.mirror.aliyuncs.com"]
}
EOF
}
while :
do
echo "********************"
echo " menu "
echo "docker"
echo "compose"
echo "quit"
read -p "Please enter the name of the software you want to install(只输入开头的一个字母即可):" server
case "$server" in
[dD]|[oO][cC][kK][eE] )
echo -e "\033[32m*****开始安装docker yum源******** \033[0m"
#调用函数
docker
echo -e "\033[32m************************************************************ \033[0m"
echo -e "\033[32m*****开始安装epel-release源******** \033[0m"
yum -y install epel-release && yum makecache
# 安装系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
# 2.添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 3.更新并安装Docker-CE
yum -y install docker-ce
# 启动docker
systemctl start docker
systemctl enable docker
echo -e "\033[32m*****配置镜像加速器******** \033[0m"
touch /etc/docker/daemon.json
# 调用函数,加速器
run
echo -e "\033[32m*****加载配置文件和重新启动docker******** \033[0m"
systemctl daemon-reload && systemctl restart docker && echo -e "\033[32m***** docker 启动成功******** \033[0m"
echo -e "\033[32m***** 创建桥接网卡******** \033[0m"
docker network create my_net
;;
[cC]|[oO][pP][oO][sS][eE] )
echo -e "\033[41;33m 开始安装docker-compose \033[0m"
sudo curl -L "https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version
;;
[qQ]|[uU][iI][tT] )
echo -e "\033[32m*****欢迎使用******\033[0m"
exit 0
;;
*)
echo -e "\033[32m*****安装失败******\033[0m"
read -p "press [enter] key to continue..." Key
;;
esac
done
在所有服务器上创建网卡
docker network create my_net
nginx jar redis
安装nginx
#!/bin/bash
yum -y install openssl openssl-devel pcre-devel gcc-c++ zlib zlib-devel
mkdir -p /opt/ygzy/jar/org/temp/
wget -P /opt/ygzy/ https://nginx.org/download/nginx-1.16.1.tar.gz
cd /opt/ygzy/ && tar -zxf nginx-1.16.1.tar.gz -C /opt/ygzy/ && cd /opt/ygzy/nginx-1.16.1 && ./configure --prefix=/opt/ygzy/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install
echo 'export PATH=$PATH:/opt/ygzy/nginx/sbin' >> /etc/profile
source /etc/profile
function add_nginx_file (){
cat <<-'EOF' >> /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/opt/ygzy/nginx/sbin/nginx
[Install]
WantedBy=multi-user.target
EOF
}
add_nginx_file
systemctl start nginx && systemctl enable nginx && echo -e "\033[32m*****nginx启动完成********\033[0m"
cd /opt/ygzy/nginx/html/
mkdir -p org
mkdir -p account
将准备好的用户管理中心和机构端的页面分别放入 org 和 account 下面
配置docker-compose 的配置文件
#!/bin/bash
mkdir docker-compose
cd docker-compose && touch docker-compose.yml
tee /root/docker-compose/docker-compose.yml <<-'EOF'
version: "3.2"
services:
redis:
container_name: redis
command: "redis-server --appendonly yes"
restart: always
image: redis:5.0
ports:
- "6379:6379"
volumes:
- redis_data:/data
- redis_conf:/etc/redis.conf
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
command:
- /bin/bash
- -c
- redis-server /etc/redis.conf --requirepass "redis"
networks:
- my_net
jar:
container_name: jar
build:
context: /root/jdk/
dockerfile: Dockerfile
image: jdk:1.8
ports:
- "8082:8082"
- "8088:8088"
volumes:
- jar_data:/opt/ygzy/jar/
- jar_chinese:/usr/share/fonts/
- jar_acc_logs:/acc_logs/
- jar_org_logs:/org_logs/
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
command:
- /bin/bash
- -c
- sleep 1 && /opt/ygzy/jar/start.sh
networks:
- my_net
volumes:
jar_data:
jar_acc_logs:
jar_org_logs:
jar_chinese:
external:
false
redis_data:
redis_conf:
external:
false
networks:
my_net:
EOF
本地nginx 的配置文件
#user nobody;
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 300s;
client_max_body_size 300m;
client_body_timeout 300s;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
# root /usr/share/nginx/html/org;
root /opt/ygzy/nginx/html/org;
index index.html index.htm;
}
location /org {
proxy_pass http://192.168.1.128:8082/org;
# 使用websocket的协议进行
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
# 启用支持websscoket连接
proxy_set_header Connection "Upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600s;
}
location /account {
proxy_pass http://192.168.1.128:8088/account;
}
location /acc {
alias /opt/ygzy/nginx/html/account;
index index.html index.htm;
}
location ~ ^/V1.0/(.*) {
rewrite /(.*)$ /org/$1 break;
proxy_pass http://192.168.1.128:8082;
proxy_set_header Host $proxy_host;
}
location ^~ /file {
# alias /data/ftpdata/sunsoft/;
proxy_pass http://192.168.1.130/;
# alias /opt/;
# proxy_pass http://192.168.1.122;
# 显示文件目录
autoindex on;
# 显示文件大小
autoindex_exact_size off;
# 显示文件时间
autoindex_localtime on;
}
#error_page 404 /404.html;
error_page 405 =200 $uri;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
生产上的nginx 配置文件
#user nobody;
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# 隐藏版本号
server_tokens off;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 300s;
client_max_body_size 300m;
#gzip on;
server
{
listen 80;
server_name www.canantong.com;
rewrite ^(.*) https://www.canantong.com permanent;
}
server {
listen 80 default backlog=2048;
#SSL 访问端口号为 443
listen 443 ssl;
#填写绑定证书的域名
server_name canantong.com;
#证书文件名称
ssl_certificate 1_canantong.com_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_canantong.com.key;
ssl_session_timeout 5m;
# 相关协议
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# 配置加密套件,写法遵循 openssl 标准
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html/org;
index index.html index.htm;
}
location /org {
proxy_pass http://172.21.0.6:8082/org;
# 使用websocket的协议进行
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
# 启用支持websscoket连接
proxy_set_header Connection "Upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600s;
# 视频上传大小
proxy_buffer_size 1024k;
proxy_buffers 16 1024k;
proxy_busy_buffers_size 2048k;
proxy_temp_file_write_size 2048k;
}
# 用户管理中心的代理配置
location /account {
proxy_pass http://172.21.0.6:8088/account;
}
location /acc {
alias /opt/ygzy/nginx/html/account;
index index.html index.htm;
}
location ~ ^/V1.0/(.*) { # 区分大小写,匹配v1版本,后面的所有东西
rewrite /(.*)$ /org/$1 break; # 将v1版本后面的所有东西 重写到org这个文件后面 ,打断,不再进行匹配
proxy_pass http://172.21.0.6:8082;
proxy_set_header Host $proxy_host;
}
location ^~ /file {
# ftp服务器的ip地址
proxy_pass https://imgs.canantong.com/;
}
location /admin {
proxy_pass http://82.157.46.240:9001/admin;
}
#error_page 404 /404.html;
error_page 405 =200 $uri;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
编写jar的dockerfile 并构建
在执行这个脚本之前需要将 需要的配置全部放好,并且都放在/root/jdk 下面
start.sh 的脚本
#!/bin/bash
nohup java -jar -Dspring.config.location=/opt/ygzy/jar/org/application-prod.yml,/opt/ygzy/jar/org/application-config.yml /opt/ygzy/jar/org/org-manager-0.0.1-SNAPSHOT-dev.jar > /org_logs/org.log 2>&1 &
nohup java -jar -Dspring.config.location=/opt/ygzy/jar/account/application-prod.yml,/opt/ygzy/jar/account/application-config.yml /opt/ygzy/jar/account/account-manager-0.0.1-SNAPSHOT-dev.jar > /acc_logs/acc.log 2>&1
#!/bin/bash
echo "******************************************************************************"
echo -e "\033[32m*****开始构建镜像******** \033[0m"
mkdir -p /root/jdk
cd /root/jdk/ && touch Dockerfile
tee /root/jdk/Dockerfile <<-'EOF'
FROM java:8
MAINTAINER zts
# 创建目录并导入数据
RUN mkdir -p /opt/ygzy/jar/org/temp/
RUN mkdir -p /opt/ygzy/jar/account/
COPY ./org/logback-spring.xml /opt/ygzy/jar/org/
COPY ./account/acc_logback-spring.xml /opt/ygzy/jar/account/
COPY ./org/org-manager-0.0.1-SNAPSHOT-dev.jar /opt/ygzy/jar/org/
COPY ./org/application-config.yml /opt/ygzy/jar/org/
COPY ./org/application-prod.yml /opt/ygzy/jar/org/
COPY ./account/account-manager-0.0.1-SNAPSHOT-dev.jar /opt/ygzy/jar/account/
COPY ./account/application-config.yml /opt/ygzy/jar/account/
COPY ./account/application-prod.yml /opt/ygzy/jar/account/
COPY ./start.sh /opt/ygzy/jar/
RUN chmod 777 /opt/ygzy/jar/start.sh
CMD ["/opt/ygzy/jar/start.sh"]
EOF
cd /root/jdk/ && docker build -t jdk:1.8 .
mqtt
#!/bin/bash
mkdir docker-compose
cd docker-compose && touch docker-compose.yml
tee /root/docker-compose/docker-compose.yml <<-'EOF'
version: "3.2"
services:
emqx:
container_name: emqx
image: emqx/emqx:v4.0.0
ports:
- "18083:18083"
- "8083:8083"
- "1883:1883"
- "8081:8081"
- "8084:8084"
- "8883:8883"
healthcheck:
test: ["CMD", "/opt/emqx/bin/emqx_ctl", "status"]
interval: 5s
timeout: 25s
retries: 5
restart: always
environment:
# - EMQX_LOADED_PLUGINS="emqx_management,emqx_auth_http,emqx_dashboard"
# 指定登陆emqx的有用户名和密码,默认就是admin 和 public
- EMQX_DASHBOARD__DEFAULT_USER__LOGIN=admin
- EMQX_DASHBOARD__DEFAULT_USER__PASSWORD=public
- EMQX_NODE__MAX_PORTS=65535
- EMQX_MQTT__MAX_PACKET_SIZE=16MB
volumes:
- emqx_logs:/opt/emqx/log
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
networks:
- my_net
volumes:
emqx_logs:
external:
false
networks:
my_net:
external:
true
EOF
cd /root/docker-compose && docker-compose up -d
验证: IP:18083
安装ftp服务器
ftp 账户: sunsoft 密码:132465789 (自定义)
本地FTP安装(主动模式)
#!/bin/bash
echo -e "\033[32m*****安装ftp服务器******\033[0m"
yum install -y vsftpd
sed -i '/anonymous_enable=YES/s/anonymous_enable=YES/anonymous_enable=NO/' /etc/vsftpd/vsftpd.conf
sed -i 's/^#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd/vsftpd.conf
sed -i '$a allow_writeable_chroot=YES' /etc/vsftpd/vsftpd.conf
systemctl start vsftpd && systemctl enable vsftpd && echo -e "\033[32m*****FTP启动完成******\033[0m"
mkdir -p /data/ftpdata/
groupadd sunsoft
useradd -d /data/ftpdata/sunsoft -g sunsoft sunsoft
echo '132465789' | passwd --stdin sunsoft
chown -R sunsoft:sunsoft /data/ftpdata/sunsoft
chmod 777 /data/ftpdata/sunsoft/
echo -e "\033[32m*****FTP--successful******\033[0m"
生产FTP安装(被动模式)
#!/bin/bash
echo -e "\033[32m*****安装ftp服务器******\033[0m"
yum install -y vsftpd
sed -i '/anonymous_enable=YES/s/anonymous_enable=YES/anonymous_enable=NO/' /etc/vsftpd/vsftpd.conf
sed -i 's/^#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd/vsftpd.conf
sed -i '$a allow_writeable_chroot=YES' /etc/vsftpd/vsftpd.conf
function fix_ftp (){
cat <<-'EOF' >> /etc/vsftpd/vsftpd.conf
local_root=/data/ftpdata/sunsoft
pasv_enable=yes
pasv_min_port=30000
pasv_max_port=31000
pasv_address=192.168.1.130
EOF
}
fix_ftp
systemctl start vsftpd && systemctl enable vsftpd && echo -e "\033[32m*****FTP启动完成******\033[0m"
mkdir -p /data/ftpdata/
groupadd sunsoft
useradd -d /data/ftpdata/sunsoft -g sunsoft sunsoft
echo '132465789' | passwd --stdin sunsoft
chown -R sunsoft:sunsoft /data/ftpdata/sunsoft
chmod 777 /data/ftpdata/sunsoft/
echo -e "\033[32m*****FTP--successful******\033[0m"
安装完毕之后 , 要将 配置文件中最后一行的 : pasv_address=192.168.1.130 改成当前服务器的ip地址
编写docker-compose.yml 文件
#!/bin/bash
mkdir docker-compose
cd docker-compose && touch docker-compose.yml
tee /root/docker-compose/docker-compose.yml <<-'EOF'
version: "3.2"
services:
mysql:
container_name: mysql
build:
context: /root/mysql/
dockerfile: Dockerfile
command:
--default-authentication-plugin=caching_sha2_password
--character-set-server=utf8mb4
--collation-server=utf8mb4_general_ci
restart: always
image: mysql:8.1
ports:
- "3306:3306"
volumes:
- mysql_conf:/etc/mysql/conf.d/
- mysql_data:/var/lib/mysql/
- mysql_logs:/var/log/mysql/
- /etc/localtime:/etc/localtime
- /etc/timezone:/etc/timezone
environment:
- MYSQL_ROOT_PASSWORD=root
# 初始化数据库(后续的初始化sql会在这个库执行)
# MYSQL_ALLOW_EMPTY_PASSWORD=yes
# MYSQL_RANDOM_ROOT_PASSWORD=yes
- TZ=Asia/Shanghai
- MYSQL_DATABASE=cloud
# 初始化用户(不能是root 会报错, 后续需要给新用户赋予权限
- MYSQL_USER=test
- MYSQL_PASSWORD=test@Y6516~
# env_file:
# - ./mysql.env
networks:
- my_net
volumes:
mysql_conf:
mysql_data:
mysql_logs:
external:
false
networks:
my_net:
external:
true
EOF
编写mysql 的 Dockerfile 文件
所需文件
cloud.sql 是合并在一起的(创建库,表 ,插入数据等这些操作)
#!/bin/bash
echo -e "\033[32m*****开始构建镜像******** \033[0m"
mkdir -p /root/mysql
cd /root/mysql/ && touch Dockerfile
tee /root/mysql/Dockerfile <<-'EOF'
FROM mysql:8.0.27
MAINTAINER zts
# 设置环境变量
ENV MYSQL_ALLOW_EMPTY_PASSWORD yes
ENV AUTO_RUN_DIR /docker-entrypoint-initdb.d
#将所需文件放到容器中
COPY ./mysql.cnf /etc/mysql/conf.d/
COPY ./cloud.sql $AUTO_RUN_DIR/
# COPY ./cloud_pm.sql $AUTO_RUN_DIR/
COPY ./privileges.sql $AUTO_RUN_DIR/
EOF
privileges.sql
use mysql;
create user 'test'@'localhost' identified by 'test@Y6516~';
flush privileges;
grant all privileges on cloud.* to 'test'@'localhost' with grant option;
grant all privileges on cloud.* to 'test'@'%' with grant option;
grant all on cloud.* to 'test'@'localhost' with grant option;
grant all on cloud.* to 'test'@'%' with grant option;
grant all privileges on cloud_pm.* to 'test'@'localhost' with grant option;
grant all privileges on cloud_pm.* to 'test'@'%' with grant option;
flush privileges;
安装nginx
#!/bin/bash
yum -y install openssl openssl-devel pcre-devel gcc-c++ zlib zlib-devel
mkdir -p /opt/ygzy/jar/org/temp/
wget -P /opt/ygzy/ https://nginx.org/download/nginx-1.16.1.tar.gz
cd /opt/ygzy/ && tar -zxf nginx-1.16.1.tar.gz -C /opt/ygzy/ && cd /opt/ygzy/nginx-1.16.1 && ./configure --prefix=/opt/ygzy/nginx --with-http_stub_status_module --with-http_ssl_module && make && make install
echo 'export PATH=$PATH:/opt/ygzy/nginx/sbin' >> /etc/profile
source /etc/profile
function add_nginx_file (){
cat <<-'EOF' >> /usr/lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target
[Service]
Type=forking
ExecStart=/opt/ygzy/nginx/sbin/nginx
[Install]
WantedBy=multi-user.target
EOF
}
add_nginx_file
systemctl start nginx && systemctl enable nginx && echo -e "\033[32m*****nginx启动完成********\033[0m"
本地nginx 的配置文件
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /data/ftpdata/sunsoft/;
autoindex on;
# 显示文件大小
autoindex_exact_size off;
# 显示文件时间
autoindex_localtime on;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
生产上nginx配置文件
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80 default backlog=2048;
#SSL 访问端口号为 443
listen 443 ssl;
#填写绑定证书的域名
server_name imgs.canantong.com;
#证书文件名称
ssl_certificate 1_canantong.com_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_canantong.com.key;
ssl_session_timeout 5m;
# 相关协议
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# 配置加密套件,写法遵循 openssl 标准
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /data/ftpdata/sunsoft/;
autoindex on;
# 显示文件大小
autoindex_exact_size off;
# 显示文件时间
autoindex_localtime on;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
docker exec -it mysql /bin/bash
mysql -uroot -proot
use cloud;
update fsm_ipconfig set ip_type='ftp',ip='存储服务器ip',port='21',user_name='sunsoft',pwd='ftp服务器密码',base_path='/data/ftpdata/sunsoft/',http_url='http://web服务器ip地址/file/';
启动服务, 先启动数据库 ,最后启动 jar 服务 ,其他服务随意
cd /root/docker-compose && docker-compose up -d
docker ps