常见的docker容器安装

• MySQL5/MySQL8
  • 常见运维命令
• Nginx
• Redis
• CertBot仅签发证书

本文记录安装docker一些常见容器的命令,用于快速安装

MySQL5/MySQL8#

mkdir -p /main/mysql_docker
export MYSQL_HOME=/main/mysql_docker

# mysql5
docker run -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=xxxxxxxxxxxxxxx -v $MYSQL_HOME/conf:/etc/mysql/conf.d -v $MYSQL_HOME/data:/var/lib/mysql -v $MYSQL_HOME/logs:/var/log/mysql -v /etc/localtime:/etc/localtime  --name mysql5 mysql:5.7


# mysql8
sudo docker run -p 3306:3306 --name mysql8 \
-v /main/mysql_docker/mysql-files:/var/lib/mysql-files \
-v /main/mysql_docker/conf:/etc/mysql \
-v /main/mysql_docker/logs:/var/log/mysql \
-v /main/mysql_docker/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=xxxxxxxxxxxxxxx \
-d mysql:8.0


# 设置开机自启,可选 
docker update mysql5 --restart=always

常见运维命令#

create database pptan default character set utf8mb4 collate utf8mb4_general_ci;

create user 'pptan'@'%' identified by 'xxxxxxxxxxxxx';

grant all privileges on pptan.* to 'pptan'@'%';

flush  privileges;


导入数据：
mysql -uroot -p < /var/lib/mysql/temp/pptan.sql

grant select,insert,update,delete,create,drop on pptan.* to pptan;

grant all privileges on test.* to '用户名'@'指定ip' identified by '用户密码' ;

MYSQL8 改密码: https://blog.51cto.com/WinJay/5716429

DSM部署见: https://blog.csdn.net/boling_cavalry/article/details/105460567

Nginx#

先在主机创建工作文件夹，为了挂载配置和静态文件的访问使用

export DOCKER_NGINX_HOME=/main/server/nginx
mkdir -p $DOCKER_NGINX_HOME/conf
mkdir -p $DOCKER_NGINX_HOME/html
mkdir -p $DOCKER_NGINX_HOME/log

docker search nginx

docker pull nginx:latest

# 启动一个nginx,为了拉默认conf出来
docker run -d --name nginx nginx
 
 docker ps
 
 # cp 配置文件出来
 docker cp nginx:/etc/nginx/nginx.conf  $DOCKER_NGINX_HOME/conf/
 docker cp nginx:/etc/nginx/conf.d  $DOCKER_NGINX_HOME/conf/conf.d
 
 # 干掉容器
 docker  stop nginx
 docker  rm nginx

 
 
 # 启动真正的容器
 docker run -d -p 80:80  \
              -p 443:443  \
 --name nginx \
 -v $DOCKER_NGINX_HOME/html:/usr/share/nginx/html \
 -v $DOCKER_NGINX_HOME/conf/nginx.conf:/etc/nginx/nginx.conf \
 -v $DOCKER_NGINX_HOME/conf/conf.d:/etc/nginx/conf.d \
 -v $DOCKER_NGINX_HOME/logs:/var/log/nginx \
 nginx 
 
 
 
 

Redis#

# https://hub.docker.com/_/redis/tags
# 下载redis镜像
docker pull redis:7.0.5

# 进入目录
mkdir /data/redis705
mkdir /data/redis705/data
mkdir /data/redis705/conf
cd /data/redis705/conf

# 下载两个配置文件
wget http://download.redis.io/redis-stable/redis.conf
wget http://download.redis.io/redis-stable/sentinel.conf

配置文件

# bind 127.0.0.1 #注释掉这部分，这是限制redis只能本地访问
protected-mode no #默认yes，开启保护模式，限制为本地访问
dir  ./data #输入本地redis数据库存放文件夹（可选）
appendonly yes #redis持久化（可选）
# require... 密码部分

docker run -p 6379:6379 --name redis \
-v /main/redis705/conf/redis.conf:/etc/redis/redis.conf \
-v /main/redis705/conf/sentinel.conf:/etc/redis/sentinel.conf\
-v /main/redis705/data:/data \
-d --restart=on-failure:50 redis:7.0.5 redis-server /etc/redis/redis.conf --appendonly yes 

CertBot仅签发证书#

准备cf的token:

mkdir  -p  /main/letsencrypt/secrets
vim cloudflare.ini

# 内容如下

# Cloudflare API credentials used by Certbot
dns_cloudflare_api_token = xxxxxxxxxx

生成证书:

# 生成证书
docker run -it --rm --name certbot     \
-v "/main/letsencrypt:/etc/letsencrypt"       \
-v "/main/letsencrypt/var/lib:/var/lib/letsencrypt"        \
-v "/main/letsencrypt/secrets:/root/.secrets"    \
certbot/dns-cloudflare certonly   \
--dns-cloudflare   \
--dns-cloudflare-credentials /root/.secrets/cloudflare.ini \
--dns-cloudflare-propagation-seconds 60      \
--server https://acme-v02.api.letsencrypt.org/directory    \
-d domain.com -d '*.domain.com'


# 证书生成在 /main/letsencrypt/live/domain.com/下

其中root/.secrets/cloudflare.ini 见DSM,里面是CF的口令授权文件