dockerrun与docker-compose转换 一、命令行启动nginx:192.168.8.2dockerrun–restart=always–privileged–networkbr0–ip192.168.8.2-p80:80–namemynginx-vPWD/www:/www−vPWD/conf/nginx.conf:/etc/nginx/nginx.conf-v$PWD/logs:/wwwlogs-dnginx:1.12.1redis:192.168.8.9dockerrun–restart=always–privileged–networkbr0–ip192.168.8.9-p7379:6379–namemyredis-v$PWD/data:/data-dredis:3.2.10redis-server–appendonlyyesmysql:192.168.8.4dockerrun–restart=always–privileged–networkbr0–ip192.168.8.4-p3306:3306–namemymysql-vPWD/conf/my.cnf:/etc/mysql/my.cnf−vPWD/logs:/logs-v$PWD/data:/mysql_data-eMYSQL_ROOT_PASSWORD=root@hiekn-dmysql:5.6.37tomcat:192.168.8.3dockerrun–restart=always–privileged–networkbr0–ip192.168.8.3-p8080:8080–namemytomcat-vPWD/projectlogs:/work/tomcat/projectlogs−vPWD/logs:/work/tomcat/logs-v$PWD/webapps:/work/tomcat/webapps-dtomcatmongo:192.168.8.6dockerrun–restart=always–privileged–networkbr0–ip192.168.8.6-p27017:27017–namemymongo-v$PWD/db:/data/db-dmongo:3.4.6elasticsearch:192.168.8.7dockerrun–restart=always–privileged–networkbr0–ip192.168.8.7-p9200:9200-p9300:9300–namemyes-vPWD/data:/work/elasticsearch−5.5.1/data−vPWD/config/elasticsearch.yml:/work/elasticsearch-5.5.1/config/elasticsearch.yml-v$PWD/logs:/work/elasticsearch-5.5.1/logs-delasticsearchregistry:192.168.8.100dockerrun–restart=always–privileged–networkbr0–ip192.168.8.100-p5000:5000–namehiekn_registry-v/work/registry:/var/lib/registry-dregistrySSE:192.168.8.8dockerrun–restart=always–privileged–networkbr0–ip192.168.8.8-p8081:8080–namemysse-vPWD/projectlogs:/work/tomcat/projectlogs−vPWD/logs:/work/tomcat/logs-v$PWD/webapps:/work/tomcat/webapps-dtomcatplantdata_nginx:192.168.8.10dockerrun–restart=always–privileged–networkbr0–ip192.168.8.10-p81:80–nameplantdata_nginx-vPWD/www:/www−vPWD/conf/nginx.conf:/etc/nginx/nginx.conf-v$PWD/logs:/wwwlogs-dnginx:1.12.1plantdata_redis:192.168.8.5dockerrun–restart=always–privileged–networkbr0–ip192.168.8.5-p6379:6379–nameplantdata_redis-v$PWD/data:/data-dredis:3.2.10redis-server–appendonlyyes使用–privileged?真正root权限!CentOS7中的安全模块selinux把权限禁掉了,临时关闭setenforce0,永久关闭修改/etc/sysconfig/selinux文件SELINUX=disabledDocker的baseimage做的很精简,甚至都没有init进程,原本在OS启动时执行生效系统变量的过程(sysctl-p)也给省略了,导致这些系统变量依旧保留着kernel默认值ocker容器中的系统变量在non-priviledged模式下目前(我使用的时docker1.2.0版本)就无法修改,这和resolv.conf、hosts等文件映射到宿主机对应的文件有不同。二、使用docker-compose从命令行启动,可以看出如果容器很多,会操作很多次,且自定义的网桥要事先自己定义好使用编排服务,一键搞定在compose文件所在目录,使用docker-composeup-d就可以启动所有服务,关闭则使用docker-composedown,同时还删除掉自定义网桥version:'2.1'services:nginx:image:docker.io/nginx:1.12.1container_name:mynginxrestart:alwaysnetworks:app_net:ipv4_address:192.168.8.2ports:-"80:80"volumes:-/work/nginx/www:/www-/work/nginx/logs:/wwwlogs-/work/nginx/conf/nginx.conf:/etc/nginx/nginx.confdb:image:docker.io/mysql:5.6.37container_name:mymysqlrestart:alwaysnetworks:app_net:ipv4_address:192.168.8.4environment:MYSQL_ROOT_PASSWORD:rootports:-"3306:3306"volumes:-/work/mysql/data:/mysql_data-/work/mysql/logs:/logs-/work/mysql/conf/my.cnf:/etc/mysql/my.cnfredis:image:docker.io/redis:3.2.10container_name:myredisrestart:alwayscommand:["redis-server","--appendonly","yes"]networks:app_net:ipv4_address:192.168.8.9ports:-"7379:6379"volumes:-/work/myredis/data:/datamongo:image:docker.io/mongo:3.4.6container_name:mymongorestart:alwaysnetworks:app_net:ipv4_address:192.168.8.6ports:-"27017:27017"volumes:-/work/mongo/db:/data/dbnginx2:image:docker.io/nginx:1.12.1container_name:plantdata_nginxrestart:alwaysnetworks:app_net:ipv4_address:192.168.8.10ports:-"81:80"volumes:-/work/plantdata_nginx/www:/www-/work/plantdata_nginx/logs:/wwwlogs-/work/plantdata_nginx/conf/nginx.conf:/etc/nginx/nginx.confes:image:elasticsearch:5.5.1container_name:myesrestart:alwaysmem_limit:2Gnetworks:app_net:ipv4_address:192.168.8.7ports:-"9200:9200"-"9300:9300"volumes:-/work/elasticsearch/config/elasticsearch.yml:/work/elasticsearch-5.5.1/config/elasticsearch.yml-/work/elasticsearch/data:/work/elasticsearch-5.5.1/data-/work/elasticsearch/logs:/work/elasticsearch-5.5.1/logsreids2:image:docker.io/redis:3.2.10container_name:plantdata_redisrestart:alwayscommand:["redis-server","--appendonly","yes"]networks:app_net:ipv4_address:192.168.8.5ports:-"6379:6379"volumes:-/work/myredis/data:/datatomcat2:image:tomcat:8.0.45container_name:mysserestart:alwaysnetworks:app_net:ipv4_address:192.168.8.8ports:-"8081:8080"depends_on:-mongovolumes:-/work/sse/webapps:/work/tomcat/webapps-/work/sse/project_logs:/work/tomcat/project_logs-/work/sse/logs:/work/tomcat/logstomcat:image:tomcat:8.0.45container_name:mytomcatrestart:alwaysnetworks:app_net:ipv4_address:192.168.8.3ports:-"8080:8080"depends_on:-db-redisvolumes:-/work/tomcat/webapps:/work/tomcat/webapps-/work/tomcat/project_logs:/work/tomcat/project_logs-/work/tomcat/logs:/work/tomcat/logshiekn_registry:image:docker.io/registrycontainer_name:hiekn_registryrestart:alwaysnetworks:app_net:ipv4_address:192.168.8.100ports:-"5000:5000"volumes:-/work/registry:/var/lib/registrynetworks:app_net:driver:bridgeenable_ipv6:trueipam:driver:defaultconfig:-subnet:192.168.8.0/24gateway:192.168.8.1-subnet:2001:3984:3989::/64gateway:2001:3984:3989::1 -
全文
企业安全文化建设方案企业安全文化建设导则安全文明施工及保证措施创建安全文明校园实施方案创建安全文明工地监理工作情况
完-