Linux配置docker

本文详述了在CentOS 7上安装配置Docker的过程,包括使用加速器提高容器下载速度,以及如何在Docker中安装nginx、Node.js、MongoDB、GraphicsMagick和Redis等生产环境软件。同时,提供了SSH服务配置和随机生成MongoDB账号密码的脚本。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

前提

  • 默认阅读者对 docker 有一定的了解
  • 笔者的 Linux 系统为 centos7
  • 文章后半段是讲述 docker 中一些应用的安装与自制脚本

安装docker

  1. 检查是否有docker
sudo yum remove docker docker-common docker-selinux docker-engine
  1. 下载docker安装环境
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum makecache fast
  1. 下载docker
sudo yum install docker-ce

由于下载容器的速度慢,用网上的加速器

curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://123c18fe.m.daocloud.io

docker常用命令 | <>内的为说明

  • 开机自启动 : systemctl enable docker
  • 启动 : systemctl start docker
  • 重启 : systemctl restart docker
  • 安装容器 : docker run -it -d centos <conto: 镜像名,可自己打包>
  • 查看正在运行容器 : docker ps
  • 查看所有容器 : docker ps -a
  • 删除容器 : docker rm -f nuby <nuby: 可为容器名也可容器id>
  • 进入容器内部 : docker exec -it nuby /bin/bash <nuby: 可为容器名也可容器id>
  • 修改容器内部的主机名 : docker run --hostname=AtomNuby -it -d centos <–hostname=想起的名称>
  • 打包或更新容器镜像 : docker commit nuby Gener <nuby: 可为容器名也可容器id, Gener: 镜像名>
  • 镜像打包 : docker save Gener > soft.tar <Gener: 镜像名, soft.tar: 保存成tar文件>
  • 镜像包解压 : docker load -i Gener <Gener: 镜像名>

常用命令

  • 查看映射端口 : iptables -nL
  • 授予权限 : chmod +x test.sh

docker配置生产环境

  • 更新yum : yum update
  • 下载vim : yum install vim -y
  • 安装生产环境工具 :
yum -y install gcc gcc-c++ openssl-devel zlib-devel pcre-devel bzip2* make libjpeg* libpng* pcre libxml2 libxml2-devel curl curl-devel openssl openssl-devel wget
  • 更新容器内的时间 :
yum -y install ntp 
systemctl startntpd
systemctl enable ntpd
ntpdate -u cn.pool.ntp.org 
rm -rf /etc/localtime
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

安装生产环境包

解压生产环境包

  • tar -vxf GraphicsMagick-*.tar.gz
  • tar -vxf mongodb-linux-x86_64-3.2.3.tgz
  • tar -vxf node-*.tar.gz
  • tar -vxf redis-*.tar.gz
  • tar -vxf nginx-*.tar.gz
  • tar -vxf redis-*.tar.gz

编译并安装生产环境包

  • cd /soft/nginx* && ./configure --with-http_ssl_module && make && make install
  • cd /soft/node* && ./configure && make && make install
  • cd /soft/GraphicsMagick* && ./configure && make && make install
  • /usr/local/nginx/sbin/nginx
  • cd /soft/redis* && make PREFIX=/usr/local/redis/ install && make install
  • cd /usr/local/redis/ && cp /soft/redis*/redis.conf etc

安装cnpm、pm2

  • npm install cnpm -g
  • cnpm install -g pm2

安装ssh

yum install passwd openssl openssh-server -y
ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' -y
ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' -y
ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key  -N '' -y

/etc/ssh/sshd_config

UseDNS 改为 no UsePrivilegeSeparation 改为 no

"s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
"s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config

passwd

docker安装与环境配置(nginx+node+mongodb+GraphicsMagick+redis)脚本

set ff=unix
#!/bin/bash

sudo yum remove docker docker-common docker-selinux docker-engine -y
sudo yum install yum-utils device-mapper-persistent-data lvm2 -y
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum makecache fast
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://123c18fe.m.daocloud.io
sudo yum install docker-ce -y

systemctl start docker

docker run -it -d centos
a=$(docker ps | awk  '{print $1}' |sed -n '2p')
docker exec -it $a -v  /bin/bash

yum -y install gcc gcc-c++ openssl-devel zlib-devel pcre-devel bzip2* make libjpeg* libpng* pcre libxml2 libxml2-devel curl curl-devel openssl openssl-devel wget
yum -y install ntp 
systemctl start ntpd
systemctl enable ntpd
ntpdate -u cn.pool.ntp.org 
rm -rf /etc/localtime
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

if [ ! -d "/website" ];
then mkdir website
fi
if [ ! -d "/soft" ];
then mkdir soft
fi
cd /soft

#wget -N --no-check-certificate https://nodejs.org/dist/v8.4.0/node-v8.4.0.tar.gz
wget -N --no-check-certificate http://nginx.org/download/nginx-1.10.1.tar.gz
wget -N --no-check-certificate https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.2.3.tgz
wget -N --no-check-certificate http://jaist.dl.sourceforge.net/project/graphicsmagick/graphicsmagick/1.3.20/GraphicsMagick-1.3.20.tar.gz 
wget -N --no-check-certificate http://download.redis.io/releases/redis-4.0.0.tar.gz

tar -vxf GraphicsMagick-*.tar.gz
tar -vxf mongodb-linux-x86_64-3.2.3.tgz 
#tar -vxf node-*.tar.gz
tar -vxf redis-*.tar.gz
tar -vxf nginx-*.tar.gz

###install1 nginx
cd /soft/nginx*
./configure  --with-http_ssl_module && make && make install
#install node
cd /soft/node*
./configure && make && make install 
##install1 GraphicsMagick  
cd /soft/GraphicsMagick*
./configure && make && make install
####start nginx 
/usr/local/nginx/sbin/nginx
#####radis install
cd /soft/redis*
make PREFIX=/usr/local/redis/ install && make install
cd /usr/local/redis/
mkdir etc logs var db
cp /soft/redis*/redis.conf etc

npm install cnpm -g
cnpm install -g pm2

yum install passwd openssl openssh-server -y
ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' -y
ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' -y
ssh-keygen -t dsa -f /etc/ssh/ssh_host_ed25519_key  -N '' -y

cat >> /etc/ssh/sshd_config << EOF
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

SyslogFacility AUTHPRIV

PermitRootLogin yes

PubkeyAuthentication yes

AuthorizedKeysFile .ssh/authorized_keys

PasswordAuthentication yes

ChallengeResponseAuthentication no

GSSAPIAuthentication no
GSSAPICleanupCredentials no

UsePAM no

X11Forwarding yes
UsePrivilegeSeparation no
UseDNS no

Banner /etc/sshbanner

AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

Subsystem sftp	/usr/libexec/openssh/sftp-server
EOF

"s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g" /etc/ssh/sshd_config
"s/UsePAM.*/UsePAM no/g" /etc/ssh/sshd_config

ArrPasswd=( a b c d e A B C D E F @ $ % ^ 0 1 2 3 4 5 6 7 8 9 )
for ((i=0;i<15;i++));
	do
        pas=${pas[@]}$(echo -n ${ArrPasswd[$RANDOM % ${#ArrPasswd[@]}]})
	done

		
echo $pas | passwd --stdin root

exit
if [ hostname -eq $a ]
then exit
done

## docker image < not capital >
ArrImage=( a b c d e d f g )
for ((i=0;i<6;i++));
	do
		image=${image[@]}$(echo -n ${ArrImage[$RANDOM % ${#ArrImage[@]}]})
	done
	echo  $image
docker commit $a $image
cd /
if [ ! -d "/soft" ];
then mkdir soft
fi
docker save $image > $image.tar

docker run -it -d --privileged=true --hostname=AtomNuby --name=nuby -v /website:/website -v /date/db:/data/db -p 443:443 -p 80:80 -p 4022:22  -p 8782:8782 -p 8792:8792 -p 8783:8783 -p 8784:8784 -p 8682:8682 -p 8692:8692 -p 8683:8683 -p 8684:8684 -p 50014:50014 -p 4009:3009 -p 7017:27017 -p 9736:6379 $image /usr/sbin/sshd -D
docker exec -it nuby bin/bash

echo "docker password : " $pas

随机生成mongodb账号密码脚本

#!/bin/bash

ps axu |grep -v 'grep' |egrep "mongo"|awk '{system("kill -9 "$2)}'
/usr/local/mongodb/bin/mongod   --dbpath=/data/db --fork --logpath=/data/db/mongodb.log --storageEngine wiredTiger --journal > /dev/null 2>&1
if [ $? -eq 0 ]
then
    echo "mongodb无认证启动成功"
else
    echo "mongodb无认证启动失败"
fi
sleep 5
ArrUsername=( a b c d e A B C D E F G H J K L Z X C V B N M @  0 1 2 3 4 5 6 7 8 9 )
for ((i=0;i<5;i++));do
        username=${username[*]}$(echo -n ${ArrUsername[$RANDOM % ${#ArrUsername[@]}]})
done
ArrPasswd=( a b c d e A B C D E F @ $ % ^ 0 1 2 3 4 5 6 7 8 9 )
for ((i=0;i<15;i++));do
        passwd=${passwd[@]}$(echo -n ${ArrPasswd[$RANDOM % ${#ArrPasswd[@]}]})


done
/usr/local/mongodb/bin/mongo << EOF > /dev/null
use admin
db.createRole({role:'sysadmin',roles:[],privileges:[{resource:{anyResource:true},actions:['anyAction']}]})
db.createUser({user:'$username',pwd:'$passwd',roles:[{role:'sysadmin',db:'admin'}]})
db.shutdownServer(); 
db.shutdownServer();
exit; 
EOF
echo "please login admin to create new B2B/B2C/XXWZ table  BY 3T "
ps axu |grep -v 'grep' |egrep "mongo"|awk '{system("kill -9 "$2)}'
#echo "please input username"
/usr/local/mongodb/bin/mongod --auth --dbpath=/data/db --fork --logpath=/data/db/mongodb.log --storageEngine wiredTiger --journal > /dev/null 2>&1

if [ $? -eq 0 ]
then
    echo "mongodb认证启动成功"
else
    echo "mongodb认证启动失败"
fi
sleep 5
ArrUsername=( a b c d e A B C D E F G H J K L Z X C V B N M @  0 1 2 3 4 5 6 7 8 9 )
for ((i=0;i<5;i++));do
        username2=${username2[*]}$(echo -n ${ArrUsername[$RANDOM % ${#ArrUsername[@]}]})
done
ArrPasswd=( a b c d e A B C D E F @ $ % ^ 0 1 2 3 4 5 6 7 8 9 )
for ((i=0;i<15;i++));do
        passwd2=${passwd2[@]}$(echo -n ${ArrPasswd[$RANDOM % ${#ArrPasswd[@]}]})


done
echo "please input dbs name"
read dbs
/usr/local/mongodb/bin/mongo << EOF > /dev/null
use admin 
db.auth("$username","$passwd") 
use $dbs
db.createUser({user:'$username2',pwd:'$passwd2',roles:[{role:'sysadmin',db:'admin'}]})
exit;
EOF

echo "mongodb超级管理员 : " $username
echo "mongodb超级管密码 : " $passwd
echo "数据库名 " $dbs
echo "用户名 : " $username2
echo "密码 : " $passwd2
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值