程序博客网 > 北京哪个java培训班好

Centos 7 快速安装DOCKER并部署SHIPYARD中文版

来源:互联网 发布:北京哪个java培训班好 编辑:程序博客网 时间:2024/06/05 21:16

安装/升级你的Docker客户端

推荐安装1.10.0以上版本的Docker客户端。

您可以通过阿里云的镜像仓库下载:docker-engine、docker-ce

或执行以下命令:

curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -

如何使用Docker加速器

针对Docker客户端版本大于1.10的用户

您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器:

sudo mkdir -p /etc/dockersudo tee /etc/docker/daemon.json <<-'EOF'{  "registry-mirrors": ["https://xxx.mirror.aliyuncs.com"]}EOFsudo systemctl daemon-reloadsudo systemctl restart docker


TypeScript
这个网站:  https://cr.console.aliyun.com/#/accelerator  通过注册  获取自己的加速站点

那么安装好Docker之后就可以安装SHIPYARD管理平台,我自己做的汉化,之前sf的大兄弟的shipyard中文版已经很久没更新了

这里我已经写好了安装脚本,并且可以直接安装阿里云docker(也就是上面的东西可以不做)但是需要你提供加速网站地址

当然你也可以使用官方脚本安装shipyard,然后参考 https://github.com/StarWars-Team/shipyard_zh 把汉化文件覆盖到控制端也是不错的选择

#!/bin/bashcat << EOF========================================================================= _____         _       |   __|_ _ ___| |_ _ _ |   __| | |   | '_| | ||__|  |___|_|_|_,_|_  |                  |___|=========================================================================Mr.Funky Auto Install GeekCloud-Docker-Manager for CENTOS\REHL 7 =========================================================================Author: Mr Funky <QQ:708863861>=========================================================================USER: $USER   HOST: $HOSTNAME  KERNEL: `uname -r`  DISK :`ls  /dev/sd?`Are you sure to auto install GeekCloud-Docker-Manager?EOFgreen='\e[1;32m' # greenred='\e[1;31m' # redblue='\e[1;34m' # blue  nc='\e[0m' # normalACTION=${ACTION:-deploy}IMAGE=${IMAGE:-shipyard/shipyard:latest}PREFIX=${PREFIX:-shipyard}SHIPYARD_ARGS=${SHIPYARD_ARGS:-""}TLS_CERT_PATH=${TLS_CERT_PATH:-}CERT_PATH="/etc/shipyard"PROXY_PORT=${PROXY_PORT:-2375}SWARM_PORT=3375SHIPYARD_PROTOCOL=httpSHIPYARD_PORT=${PORT:-8080}SHIPYARD_IP=${IP}DISCOVERY_BACKEND=etcdDISCOVERY_PORT=4001DISCOVERY_PEER_PORT=7001ENABLE_TLS=0CERT_FINGERPRINT=""LOCAL_CA_CERT=""LOCAL_SSL_CERT=""LOCAL_SSL_KEY=""LOCAL_SSL_CLIENT_CERT=""LOCAL_SSL_CLIENT_KEY=""SSL_CA_CERT=""SSL_CERT=""SSL_KEY=""SSL_CLIENT_CERT=""SSL_CLIENT_KEY=""setselinux(){echo -n "Closing Selinx ..."sleep 0.3sed -i  's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/configecho -n "."sleep 0.3echo -n "."i=`setenforce 0`  echo -n $iecho -n "Config Selinux ....."if [ $? == 0 -o $? == 1  ];thenecho -e " [${green}Success${nc}]"elseecho -e "[${red}Failed${nc}]"echo "Please check your config.."exit 2fi}check_certs() {    if [ -z "$TLS_CERT_PATH" ]; then        return    fi    if [ ! -e $TLS_CERT_PATH ]; then        echo "Error: unable to find certificates in $TLS_CERT_PATH"        show_cert_help        exit 1    fi    if [ "$PROXY_PORT" = "2375" ]; then        PROXY_PORT=2376    fi    SWARM_PORT=3376    SHIPYARD_PROTOCOL=https    LOCAL_SSL_CA_CERT="$TLS_CERT_PATH/ca.pem"    LOCAL_SSL_CERT="$TLS_CERT_PATH/server.pem"    LOCAL_SSL_KEY="$TLS_CERT_PATH/server-key.pem"    LOCAL_SSL_CLIENT_CERT="$TLS_CERT_PATH/cert.pem"    LOCAL_SSL_CLIENT_KEY="$TLS_CERT_PATH/key.pem"    SSL_CA_CERT="$CERT_PATH/ca.pem"    SSL_CERT="$CERT_PATH/server.pem"    SSL_KEY="$CERT_PATH/server-key.pem"    SSL_CLIENT_CERT="$CERT_PATH/cert.pem"    SSL_CLIENT_KEY="$CERT_PATH/key.pem"    CERT_FINGERPRINT=$(openssl x509 -noout -in $LOCAL_SSL_CERT -fingerprint -sha256 | awk -F= '{print $2;}')    if [ ! -e $LOCAL_SSL_CA_CERT ] || [ ! -e $LOCAL_SSL_CERT ] || [ ! -e $LOCAL_SSL_KEY ] || [ ! -e $LOCAL_SSL_CLIENT_CERT ] || [ ! -e $LOCAL_SSL_CLIENT_KEY ]; then        echo "Error: unable to find certificates"        show_cert_help        exit 1    fi    ENABLE_TLS=1}start_certs() {    ID=$(docker run \        -ti \        -d \        --restart=always \        --name $PREFIX-certs \        -v $CERT_PATH \        alpine \        sh)    if [ $ENABLE_TLS = 1 ]; then        docker cp $LOCAL_SSL_CA_CERT $PREFIX-certs:$SSL_CA_CERT        docker cp $LOCAL_SSL_CERT $PREFIX-certs:$SSL_CERT        docker cp $LOCAL_SSL_KEY $PREFIX-certs:$SSL_KEY        docker cp $LOCAL_SSL_CLIENT_CERT $PREFIX-certs:$SSL_CLIENT_CERT        docker cp $LOCAL_SSL_CLIENT_KEY $PREFIX-certs:$SSL_CLIENT_KEY    fi}get_ip() {    if [ -z "$SHIPYARD_IP" ]; then        SHIPYARD_IP=`docker run --rm --net=host alpine ip route get 8.8.8.8 | awk '{ print $7;  }'`    fi}start_discovery() {    get_ip    ID=$(docker run \        -ti \        -d \        -p 4001:4001 \        -p 7001:7001 \        --restart=always \        --name $PREFIX-discovery \        microbox/etcd:latest -addr $SHIPYARD_IP:$DISCOVERY_PORT -peer-addr $SHIPYARD_IP:$DISCOVERY_PEER_PORT)}start_rethinkdb() {    ID=$(docker run \        -ti \        -d \        --restart=always \        --name $PREFIX-rethinkdb \        rethinkdb)}start_proxy() {    TLS_OPTS=""    if [ $ENABLE_TLS = 1 ]; then        TLS_OPTS="-e SSL_CA=$SSL_CA_CERT -e SSL_CERT=$SSL_CERT -e SSL_KEY=$SSL_KEY -e SSL_SKIP_VERIFY=1"    fi    # Note: we add SSL_SKIP_VERIFY=1 to skip verification of the client    # certificate in the proxy image.  this will pass it to swarm that    # does verify.  this helps with performance and avoids certificate issues    # when running through the proxy.  ultimately if the cert is invalid    # swarm will fail to return.    ID=$(docker run \        -ti \        -d \        -p $PROXY_PORT:$PROXY_PORT \        --hostname=$HOSTNAME \        --restart=always \        --name $PREFIX-proxy \        -v /var/run/docker.sock:/var/run/docker.sock \        -e PORT=$PROXY_PORT \        --volumes-from=$PREFIX-certs $TLS_OPTS\        shipyard/docker-proxy:latest)}start_swarm_manager() {    get_ip    TLS_OPTS=""    if [ $ENABLE_TLS = 1 ]; then        TLS_OPTS="--tlsverify --tlscacert=$SSL_CA_CERT --tlscert=$SSL_CERT --tlskey=$SSL_KEY"    fi    EXTRA_RUN_OPTS=""    if [ -z "$DISCOVERY" ]; then        DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"        EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"    fi    ID=$(docker run \        -ti \        -d \        --restart=always \        --name $PREFIX-swarm-manager \        --volumes-from=$PREFIX-certs $EXTRA_RUN_OPTS \        swarm:latest \        m --replication --addr $SHIPYARD_IP:$SWARM_PORT --host tcp://0.0.0.0:$SWARM_PORT $TLS_OPTS $DISCOVERY)}start_swarm_agent() {    get_ip    if [ -z "$DISCOVERY" ]; then        DISCOVERY="$DISCOVERY_BACKEND://discovery:$DISCOVERY_PORT"        EXTRA_RUN_OPTS="--link $PREFIX-discovery:discovery"    fi    ID=$(docker run \        -ti \        -d \        --restart=always \        --name $PREFIX-swarm-agent $EXTRA_RUN_OPTS \        swarm:latest \        j --addr $SHIPYARD_IP:$PROXY_PORT $DISCOVERY)}start_controller() {    #-v $CERT_PATH:/etc/docker:ro \    TLS_OPTS=""    if [ $ENABLE_TLS = 1 ]; then        TLS_OPTS="--tls-ca-cert $SSL_CA_CERT --tls-cert=$SSL_CERT --tls-key=$SSL_KEY --shipyard-tls-ca-cert=$SSL_CA_CERT --shipyard-tls-cert=$SSL_CERT --shipyard-tls-key=$SSL_KEY"    fi    ID=$(docker run \        -ti \        -d \        --restart=always \        --name $PREFIX-controller \        --link $PREFIX-rethinkdb:rethinkdb \        --link $PREFIX-swarm-manager:swarm \        -p $SHIPYARD_PORT:$SHIPYARD_PORT \        --volumes-from=$PREFIX-certs \        $IMAGE \        --debug \        server \        --listen :$SHIPYARD_PORT \        -d tcp://swarm:$SWARM_PORT $TLS_OPTS $SHIPYARD_ARGS)}wait_for_available() {    set +e     IP=$1    PORT=$2    echo Waiting for Shipyard on $IP:$PORT    docker pull ehazlett/curl > /dev/null 2>&1    TLS_OPTS=""    if [ $ENABLE_TLS = 1 ]; then        TLS_OPTS="-k"    fi    until $(docker run --rm ehazlett/curl --output /dev/null --connect-timeout 1 --silent --head --fail $TLS_OPTS $SHIPYARD_PROTOCOL://$IP:$PORT/ > /dev/null 2>&1); do        printf '.'        sleep 1     done    printf '\n'}read -p "Please input Y to continue" keyif [ $key == 'Y' -o $key == 'y' ];then    echo "Do you want to install Docker accelerated by AliYun ?"    read -p "Please input Y to continue" key2    if [ $key2 == 'Y' -o $key2 == 'y' ];thenecho "Please Wait ..."        wget -O /etc/yum.repos.d/geekfan.repo http://mirrors.geekfan.top/YUM/centos7-source.repotouch /etc/yum.repos.d/docker.repo     cat > /etc/yum.repos.d/docker.repo <<KOK[dockerrepo]name=Docker Repositorybaseurl=http://mirrors.aliyun.com/docker-engine/yum/repo/main/centos/7/enabled=1gpgcheck=1gpgkey=http://mirrors.aliyun.com/docker-engine/yum/gpgKOKyum clean all && yum repolistyum install -y docker-enginesystemctl enable dockermkdir -p /etc/dockerread -p "More information: https://cr.console.aliyun.com/#/accelerator  Please input Your Url accelerated by AliYun: " urltouch /etc/docker/daemon.jsoncat > /etc/docker/daemon.json <<EOF{  "registry-mirrors": ["$url"]}EOFsudo systemctl daemon-reloadsudo systemctl restart docker    fi    setselinux    set -e    check_certs    get_ip     echo "Deploying GeekCloud-Docker-Manager"    echo " -> Starting Database"    start_rethinkdb && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"     echo " -> Starting Discovery"    start_discovery && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Starting Cert Volume"    start_certs && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Starting Proxy"    start_proxy && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Starting Swarm Manager"    start_swarm_manager && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Starting Swarm Agent"    start_swarm_agent && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Starting Controller"    start_controller && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    wait_for_available $SHIPYARD_IP $SHIPYARD_PORT    echo " -> Setting Chinese "    docker exec -it shipyard-controller  rm -rf static/app/*    docker exec -it shipyard-controller  rm -f static/index.html        git clone https://github.com/StarWars-Team/shipyard_zh.git        docker cp  shipyard_zh/static/app  shipyard-controller:/static/    docker cp  shipyard_zh/static/index.html  shipyard-controller:/static/         rm -rf shipyard_zh/ && echo  -e   "[${green}Success${nc}]" || echo -e "[${red}Failed${nc}]"    echo " -> Setting Firewalld "    firewall-cmd --permanent --add-port=8080/tcp    firewall-cmd --permanent --add-port=2375/tcp    firewall-cmd --permanent --add-service=http    firewall-cmd --reload    echo "GeekCloud-Docker-Manager available at $SHIPYARD_PROTOCOL://$SHIPYARD_IP:$SHIPYARD_PORT"    if [ $ENABLE_TLS = 1 ] && [ ! -z "$CERT_FINGERPRINT" ]; then        echo "SSL SHA-256 Fingerprint: $CERT_FINGERPRINT"    fi    echo "Username: admin Password: shipyard"fi


这里要提醒一点2375不建议在有公网的服务器开放,容易被人利用,建议修改防火墙规则只允许内网IP访问:

例子:

firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.17.0.0/24" port protocol="tcp" port="2375" accept"






阅读全文
0 0
北京哪个java培训班好 北京哪个java培训班好
原创粉丝点击
热门IT博客
淘宝的账户管理在哪里淘宝的账户管理在哪里
ubuntu nginx php fpmubuntu nginx php fpm
剑灵最美灵女捏脸数据
民间子平何知章388句
锐捷网络2018校园招聘
javascript 哪些对象
jdk1.7 windows 64
java非静态方法调用
阿里云服务器如何使用
营销qq加人软件
淘宝订单未付款
Linux eclipse颜色设置
淘宝上的兼职可靠吗
单片机第二版课后答案
nba总决赛数据排名
微信改单软件多少钱
java cms网站源码
凌波微步 软件
厚积落叶听雨声知乎
windows svn 钩子脚本
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 时帧厉米欣 和平精英怎么强行改到120帧 海底捞分店 别无分店 鼎泰丰分店 大卡司分店 分店 夫妻肺片分店 郑州海底捞各分店地址 西安海底捞火锅分店地址查询 分开旅行 分开 情侣头一男一女分开 分式方程 m字分腿式捆法 分式 分式不等式解法 分式的定义 m字分腿式捆法照片 分式求导 分式定义 分式方程计算题 分块矩阵行列式 分式化简 分式方程解法 分式不等式 m字分腿式捆法图解 什么是分式 数字2一5分合式图 分合式 真分式 分式求导公式 分式方程应用题 初二数学分式方程试题 50道分式化简题及答案 分式有意义 分块矩阵行列式计算公式 10以内的分合式图片 集分式太阳能热水器 分式化简题30道 初二数学分式练习题

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里