常见的docker容器安装

本文记录安装docker一些常见容器的命令,用于快速安装

MySQL5/MySQL8#

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
mkdir -p /main/mysql_docker
export MYSQL_HOME=/main/mysql_docker

# mysql5
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=xxxxxxxxxxxxxxx -v $MYSQL_HOME/conf:/etc/mysql/conf.d -v $MYSQL_HOME/data:/var/lib/mysql -v $MYSQL_HOME/logs:/var/log/mysql -v /etc/localtime:/etc/localtime --name mysql5 mysql:5.7


# mysql8
sudo docker run -p 3306:3306 --name mysql8 \
-v /main/mysql_docker/mysql-files:/var/lib/mysql-files \
-v /main/mysql_docker/conf:/etc/mysql \
-v /main/mysql_docker/logs:/var/log/mysql \
-v /main/mysql_docker/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=xxxxxxxxxxxxxxx \
-d mysql:8.0


# 设置开机自启,可选
docker update mysql5 --restart=always

常见运维命令#

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
create database pptan default character set utf8mb4 collate utf8mb4_general_ci;

create user 'pptan'@'%' identified by 'xxxxxxxxxxxxx';

grant all privileges on pptan.* to 'pptan'@'%';

flush privileges;


导入数据:
mysql -uroot -p < /var/lib/mysql/temp/pptan.sql

grant select,insert,update,delete,create,drop on pptan.* to pptan;

grant all privileges on test.* to '用户名'@'指定ip' identified by '用户密码' ;

MYSQL8 改密码: https://blog.51cto.com/WinJay/5716429

DSM部署见: https://blog.csdn.net/boling_cavalry/article/details/105460567

Nginx#

先在主机创建工作文件夹,为了挂载配置和静态文件的访问使用

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
export DOCKER_NGINX_HOME=/main/server/nginx
mkdir -p $DOCKER_NGINX_HOME/conf
mkdir -p $DOCKER_NGINX_HOME/html
mkdir -p $DOCKER_NGINX_HOME/log

docker search nginx

docker pull nginx:latest

# 启动一个nginx,为了拉默认conf出来
docker run -d --name nginx nginx

docker ps

# cp 配置文件出来
docker cp nginx:/etc/nginx/nginx.conf $DOCKER_NGINX_HOME/conf/
docker cp nginx:/etc/nginx/conf.d $DOCKER_NGINX_HOME/conf/conf.d

# 干掉容器
docker stop nginx
docker rm nginx



# 启动真正的容器
docker run -d -p 80:80 \
-p 443:443 \
--name nginx \
-v $DOCKER_NGINX_HOME/html:/usr/share/nginx/html \
-v $DOCKER_NGINX_HOME/conf/nginx.conf:/etc/nginx/nginx.conf \
-v $DOCKER_NGINX_HOME/conf/conf.d:/etc/nginx/conf.d \
-v $DOCKER_NGINX_HOME/logs:/var/log/nginx \
nginx




Redis#

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# https://hub.docker.com/_/redis/tags
# 下载redis镜像
docker pull redis:7.0.5

# 进入目录
mkdir /data/redis705
mkdir /data/redis705/data
mkdir /data/redis705/conf
cd /data/redis705/conf

# 下载两个配置文件
wget http://download.redis.io/redis-stable/redis.conf
wget http://download.redis.io/redis-stable/sentinel.conf

配置文件

1
2
3
4
5
# bind 127.0.0.1 #注释掉这部分,这是限制redis只能本地访问
protected-mode no #默认yes,开启保护模式,限制为本地访问
dir ./data #输入本地redis数据库存放文件夹(可选)
appendonly yes #redis持久化(可选)
# require... 密码部分
1
2
3
4
5
docker run -p 6379:6379 --name redis \
-v /main/redis705/conf/redis.conf:/etc/redis/redis.conf \
-v /main/redis705/conf/sentinel.conf:/etc/redis/sentinel.conf\
-v /main/redis705/data:/data \
-d --restart=on-failure:50 redis:7.0.5 redis-server /etc/redis/redis.conf --appendonly yes

CertBot仅签发证书#

准备cf的token:

1
2
3
4
5
6
7
mkdir  -p  /main/letsencrypt/secrets
vim cloudflare.ini

# 内容如下

# Cloudflare API credentials used by Certbot
dns_cloudflare_api_token = xxxxxxxxxx

生成证书:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# 生成证书
docker run -it --rm --name certbot \
-v "/main/letsencrypt:/etc/letsencrypt" \
-v "/main/letsencrypt/var/lib:/var/lib/letsencrypt" \
-v "/main/letsencrypt/secrets:/root/.secrets" \
certbot/dns-cloudflare certonly \
--dns-cloudflare \
--dns-cloudflare-credentials /root/.secrets/cloudflare.ini \
--dns-cloudflare-propagation-seconds 60 \
--server https://acme-v02.api.letsencrypt.org/directory \
-d domain.com -d '*.domain.com'


# 证书生成在 /main/letsencrypt/live/domain.com/下

其中root/.secrets/cloudflare.ini 见DSM,里面是CF的口令授权文件