Docker一键部署MySQL
my.cnf 配置文件
[mysqld]
# ==============================
# 基础配置
# ==============================
user = mysql
port = 3306
# MySQL Socket 文件
socket = /var/run/mysqld/mysqld.sock
# 允许远程连接(生产环境建议限制内网)
bind-address = 0.0.0.0
# 表名大小写不敏感(Linux 默认区分大小写)
# 必须在数据库初始化前设置
lower_case_table_names = 1
# 默认字符集
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
# 默认时区
default_time_zone = '+08:00'
# ==============================
# 连接管理
# ==============================
# 最大连接数
# 默认151,生产环境通常不够
max_connections = 500
# 每个连接缓存线程
thread_cache_size = 100
# 连接空闲超时时间(秒)
wait_timeout = 28800
interactive_timeout = 28800
# 最大连接错误次数
max_connect_errors = 1000
# ==============================
# 表缓存
# ==============================
# 表缓存数量
table_open_cache = 4096
# 表定义缓存
table_definition_cache = 4096
# ==============================
# 临时表配置
# ==============================
# 内存临时表最大大小
tmp_table_size = 256M
# 内存临时表最大限制
max_heap_table_size = 256M
# ==============================
# 查询缓存(MySQL8已移除)
# ==============================
# query_cache_type = 0
# query_cache_size = 0
# ==============================
# 日志系统
# ==============================
# 错误日志
log_error = /var/log/mysql/error/mysql_error.log
# 慢查询日志
slow_query_log = 1
# 慢查询日志文件
slow_query_log_file = /var/log/mysql/slow/slow_query.log
# 慢查询时间阈值
long_query_time = 1
# 记录未使用索引的查询
log_queries_not_using_indexes = 1
# ==============================
# InnoDB存储引擎配置
# ==============================
# InnoDB buffer pool大小
# 建议设置为服务器内存的60%-70%
innodb_buffer_pool_size = 2G
# buffer pool实例数量
innodb_buffer_pool_instances = 4
# redo log大小
innodb_log_file_size = 1G
# redo log组数
innodb_log_files_in_group = 2
# redo log刷新策略
# 1 = 每次事务提交刷盘(最安全)
# 2 = 每秒刷盘(性能更高)
innodb_flush_log_at_trx_commit = 1
# IO线程
innodb_read_io_threads = 4
innodb_write_io_threads = 4
# IO能力(SSD建议2000以上)
innodb_io_capacity = 2000
# 自适应hash索引
innodb_adaptive_hash_index = ON
# 行锁等待时间
innodb_lock_wait_timeout = 50
# 文件独立表空间
innodb_file_per_table = 1
# ==============================
# MyISAM配置(兼容旧表)
# ==============================
# MyISAM索引缓存
key_buffer_size = 32M
# ==============================
# 排序与连接缓冲
# ==============================
sort_buffer_size = 4M
join_buffer_size = 4M
read_buffer_size = 4M
read_rnd_buffer_size = 8M
# ==============================
# SQL模式
# ==============================
sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION
# ==============================
# 安全设置
# ==============================
# 禁止DNS解析,提高连接速度
skip-name-resolve
# 禁止符号链接
symbolic-links=0
# ==============================
#二进制日志
# ==============================
log_bin=/var/log/mysql/binlog/mysql-bin
server_id=1
# binlog 格式(推荐 ROW,最安全)
binlog_format=ROW
# binlog 过期时间(7天)
binlog_expire_logs_seconds=604800
# 单个 binlog 文件大小
max_binlog_size=100M
# 每次事务提交都同步到磁盘(最安全)
sync_binlog=1
# 要记录的数据库(默认所有)
# binlog_do_db=db1,db2
# 要忽略的数据库
binlog_ignore_db=mysql
binlog_ignore_db=information_schema
binlog_ignore_db=performance_schema
binlog_ignore_db=sys
# binlog 格式检查
binlog_rows_query_log_events=ON
命令内容
# 强制重建所有目录和权限
sudo mkdir -p /opt/mysql/logs/{error,binlog,slow_select,select}
sudo mkdir -p /opt/mysql/conf
sudo mkdir -p /opt/mysql/data
sudo chown -R 999:999 /opt/mysql
sudo chmod -R 755 /opt/mysql/logs
sudo chmod 755 /opt/mysql/data
sudo chmod 644 /opt/mysql/conf/my.cnf
# 启动docker
docker run -d \
--name mysql \
--restart unless-stopped \
-p 3306:3306 \
-v /opt/mysql/data:/var/lib/mysql \
-v /opt/mysql/conf:/etc/mysql/conf.d \
-v /opt/mysql/logs:/var/log/mysql \
-v /opt/mysql/logs/binlog:/var/log/mysql/binlog \
-e MYSQL_ROOT_PASSWORD=yz2763000 \
-e TZ=Asia/Shanghai \
mysql:8.0.36
# 建立远程访问账户
docker exec -it mysql mysql -uroot -pyz2763000 -e "
ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'yz2763000';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
SELECT host, user FROM mysql.user WHERE user='root';
"
Docker一键部署Redis配置
redis.conf 配置
################################## 基础配置 ###################################
# 绑定IP地址(0.0.0.0表示允许所有网络接口访问)
bind 0.0.0.0
# 关闭保护模式(允许远程连接)
protected-mode no
# 监听端口
port 6379
# 访问密码(建议修改为复杂密码)
requirepass yz2763000
# 非守护进程模式运行(Docker容器中必须设为no)
daemonize no
# PID文件位置
pidfile /var/run/redis.pid
################################# 日志配置 ####################################
# 日志级别(debug/verbose/notice/warning)
loglevel notice
# 日志文件路径(Docker中请确保目录已挂载)
logfile "/var/log/redis/redis.log"
################################# 数据库配置 ##################################
# 数据库数量
databases 16
# 数据存储目录(Docker中请确保目录已挂载)
dir /data
############################### 持久化配置(RDB) ###############################
# RDB快照文件名
dbfilename dump.rdb
# 自动保存条件(格式:save <秒> <键变更数>)
# 15分钟内有1个键变更
save 900 1
# 5分钟内有10个键变更
save 300 10
# 1分钟内有10000个键变更
save 60 10000
# RDB相关设置
# 保存出错时不停止写入
stop-writes-on-bgsave-error no
# 启用压缩
rdbcompression yes
# 启用校验
rdbchecksum yes
############################### 持久化配置(AOF) ###############################
# 启用AOF持久化
appendonly yes
# AOF文件名
appendfilename "appendonly.aof"
# AOF同步策略(everysec平衡性能与安全)
appendfsync everysec
# AOF重写期间是否同步新数据
no-appendfsync-on-rewrite no
# AOF自动重写配置
# 增长100%时触发重写
auto-aof-rewrite-percentage 100
# 最小文件大小限制
auto-aof-rewrite-min-size 64mb
############################### 内存管理 #####################################
# 最大内存限制(0表示不限制)
maxmemory 0
# 内存淘汰策略
maxmemory-policy volatile-lru
# LRU算法采样数
maxmemory-samples 5
############################### 其他配置 #####################################
# 慢查询日志设置(单位微秒)
slowlog-log-slower-than 10000
slowlog-max-len 128
# 数据结构优化参数
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-entries 512
list-max-ziplist-value 64
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
# 启用主动rehash
activerehashing yes
# 客户端输出缓冲限制
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
命令内容
# 创建日志目录并设置正确权限
sudo mkdir -p /opt/redis/logs
sudo mkdir -p /opt/redis/data
sudo mkdir -p /opt/redis/conf
# 设置权限 - Redis容器内部使用uid 999(redis用户)
sudo chown -R 999:999 /opt/redis/logs
sudo chown -R 999:999 /opt/redis/data
sudo chown -R 999:999 /opt/redis/conf
# 运行新的容器
docker run -d \
--name redis-server \
--restart unless-stopped \
-p 6379:6379 \
-v /opt/redis/data:/data \
-v /opt/redis/conf/redis.conf:/usr/local/etc/redis/redis.conf:ro \
-v /opt/redis/logs:/var/log/redis \
redis:latest \
redis-server /usr/local/etc/redis/redis.conf
Docker一键部署ELK
目录结构
/opt/elk/
├── docker-compose.yml
├── elasticsearch/
│ ├── data/ ← ES 索引数据
│ └── logs/ ← ES 自身日志
├── kibana/
│ ├── data/ ← Kibana 元数据(索引模式、仪表盘等)
│ └── config/ ← Kibana 配置
└── logstash/
├── logstash.conf ← 管道配置(你把之前的放这里)
├── data/ ← Logstash 数据(sincedb 等)
└── logs/ ← Logstash 自身日志
命令
# 1. 进入目录
cd /opt/elk
# 2. 把 docker-compose.yml 和 logstash.conf 放在这里
# 3. 创建持久化子目录
mkdir -p elasticsearch/data elasticsearch/logs
mkdir -p kibana/data kibana/config
mkdir -p logstash/data logstash/logs
# 给所有持久化目录正确权限
chown -R 1000:1000 /opt/elk/elasticsearch
chown -R 1000:1000 /opt/elk/logstash
chown -R 1000:1000 /opt/elk/kibana
# 4. Logstash 的配置文件单独放
# (logstash.conf 已经在 ./logstash/logstash.conf,不需要额外操作)
# 5. 给宿主机容器日志读取权限
sudo chmod 755 /var/lib/docker/containers
# 6. 启动
docker-compose up -d
# 7. 检查
docker-compose ps
docker-compose.yml
version: '3.8'
services:
# ==================== Elasticsearch ====================
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.12.1
container_name: elasticsearch
restart: always
environment:
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=false
- bootstrap.memory_lock=true
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- ./elasticsearch/data:/usr/share/elasticsearch/data
ports:
- "9200:9200"
networks:
- tool-net
# ==================== Kibana ====================
kibana:
image: docker.elastic.co/kibana/kibana:7.12.1
container_name: kibana
restart: always
environment:
- ELASTICSEARCH_HOSTS=http://elasticsearch:9200
- I18N_LOCALE=zh-CN
volumes:
- ./kibana/data:/usr/share/kibana/data
ports:
- "5601:5601"
depends_on:
- elasticsearch
networks:
- tool-net
# ==================== Logstash ====================
logstash:
image: docker.elastic.co/logstash/logstash:7.12.1
container_name: logstash
restart: always
volumes:
- ./logstash/data:/usr/share/logstash/data
- ./logstash/logs:/usr/share/logstash/logs
- /var/lib/docker/containers:/var/lib/docker/containers:ro
ports:
- "5044:5044"
environment:
- XPACK_MONITORING_ENABLED=false
- path.data=/usr/share/logstash/data
- path.logs=/usr/share/logstash/logs
depends_on:
- elasticsearch
networks:
- tool-net
networks:
tool-net:
external: true
Docker一键部署Kafa
创建目录结构
mkdir -p /opt/kafka/{kafka,zookeeper}
# Kafka
mkdir -p /opt/kafka/kafka/{data,logs,config}
# Zookeeper
mkdir -p /opt/kafka/zookeeper/{data,logs,config}
chmod -R 777 /opt/kafka
Zookeeper 配置文件 (zoo.cfg)
# ========================
# 基础时间单位(毫秒)
# ========================
tickTime=2000
# 说明:Zookeeper 内部时间基准
# ========================
# Leader 初始化最大时长
# ========================
initLimit=10
# 最大初始化时间 = tickTime * initLimit = 20秒
# ========================
# 心跳容忍延迟
# ========================
syncLimit=5
# ========================
# 数据目录(快照)
# ========================
dataDir=/var/lib/zookeeper/data
# ========================
# 事务日志目录(性能关键)
# ========================
dataLogDir=/var/lib/zookeeper/log
# ========================
# 客户端端口
# ========================
clientPort=2181
# ========================
# 最大连接数(防止压垮)
# ========================
maxClientCnxns=100
# ========================
# 自动清理快照(防磁盘爆)
# ========================
autopurge.snapRetainCount=10
autopurge.purgeInterval=24
Kafka 核心配置(server.properties)
# ========================
# Broker 唯一ID(集群必须唯一)
# ========================
broker.id=1
# ========================
# 监听地址(容器内部)
# ========================
listeners=PLAINTEXT://0.0.0.0:9092,INTERNAL://0.0.0.0:29092
# ========================
# 对外广播地址(最重要)
# ========================
advertised.listeners=PLAINTEXT://192.168.116.127:9092,INTERNAL://kafka:29092
# 说明:
# 外部访问:虚拟机IP
# 内部通信:kafka(docker服务名)
# ========================
# 协议映射
# ========================
listener.security.protocol.map=PLAINTEXT:PLAINTEXT,INTERNAL:PLAINTEXT
# ========================
# Broker 内部通信
# ========================
inter.broker.listener.name=INTERNAL
# ========================
# Zookeeper 地址
# ========================
zookeeper.connect=zookeeper:2181
# ========================
# 数据存储目录
# ========================
log.dirs=/var/lib/kafka/data
# ========================
# 分区数(吞吐相关)
# ========================
num.partitions=3
# ========================
# 副本(单节点=1)
# ========================
default.replication.factor=1
min.insync.replicas=1
# ========================
# 禁止自动建topic
# ========================
auto.create.topics.enable=false
# ========================
# 日志保留时间(7天)
# ========================
log.retention.hours=168
# ========================
# 日志段大小(1GB)
# ========================
log.segment.bytes=1073741824
# ========================
# 清理周期
# ========================
log.retention.check.interval.ms=300000
# ========================
# 网络参数
# ========================
num.network.threads=3
num.io.threads=8
# ========================
# 请求限制
# ========================
socket.request.max.bytes=104857600
message.max.bytes=10485760
# ========================
# 刷盘策略
# ========================
log.flush.interval.messages=10000
log.flush.interval.ms=1000
# ========================
# ZK session
# ========================
zookeeper.session.timeout.ms=18000
# ========================
# 内部topic副本
# ========================
offsets.topic.replication.factor=1
transaction.state.log.replication.factor=1
transaction.state.log.min.isr=1
docker-compose
services:
# ========================
# Zookeeper
# ========================
zookeeper:
image: confluentinc/cp-zookeeper:7.5.0
container_name: zookeeper
restart: always
ports:
- "2181:2181"
environment:
# 只保留最小必要参数,其他参数看配置文件
ZOOKEEPER_CLIENT_PORT: 2181
volumes:
# 数据
- /opt/kafka/zookeeper/data:/var/lib/zookeeper/data
# 日志
- /opt/kafka/zookeeper/logs:/var/lib/zookeeper/log
# 配置(你自己的 zoo.cfg)
- /opt/kafka/zookeeper/config/zoo.cfg:/etc/kafka/zoo.cfg
command: >
sh -c "zookeeper-server-start /etc/kafka/zoo.cfg"
networks:
- tool-net
# ========================
# Kafka(完全用配置文件)
# ========================
kafka:
image: confluentinc/cp-kafka:7.5.0
container_name: kafka
restart: always
ports:
- "9092:9092"
depends_on:
- zookeeper
environment:
# 只保留必须项(否则不启动)
KAFKA_BROKER_ID: 1
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
volumes:
# 数据
- /opt/kafka/kafka/data:/var/lib/kafka/data
# 日志
- /opt/kafka/kafka/logs:/var/log/kafka
# 配置文件(你写的 server.properties)
- /opt/kafka/kafka/config/server.properties:/etc/kafka/server.properties
command: >
sh -c "kafka-server-start /etc/kafka/server.properties"
networks:
- tool-net
# ========================
# Kafka UI
# ========================
kafka-ui:
image: provectuslabs/kafka-ui:latest
container_name: kafka-ui
restart: always
ports:
- "9981:8080"
environment:
KAFKA_CLUSTERS_0_NAME: local
KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS: kafka:29092
KAFKA_CLUSTERS_0_ZOOKEEPER: zookeeper:2181
depends_on:
- kafka
networks:
- tool-net
networks:
tool-net:
external: true
Docker一键部署GitLab
docker-compose.yml 文件
services:
gitlab:
image: gitlab/gitlab-ce:latest
container_name: gitlab
restart: always
hostname: '192.168.116.127'
ports:
- "18080:18080" # 对外访问的端口
- "10022:22"
volumes:
- /opt/gitlab/config:/etc/gitlab
- /opt/gitlab/logs:/var/log/gitlab
- /opt/gitlab/data:/var/opt/gitlab
networks:
- tool-net
shm_size: '256m'
networks:
tool-net:
external: true
Docker一键部署镜像仓库
创建 /opt/devops/docker-compose.yml:
version: "3.8"
services:
# ========== Docker 镜像仓库 ==========
registry:
image: registry:2
container_name: docker-registry
restart: always
environment:
- REGISTRY_STORAGE_DELETE_ENABLED=true # 允许删除镜像
- REGISTRY_HTTP_ADDR=0.0.0.0:5000
- REGISTRY_HTTP_SECRET=your-secret-key
volumes:
- /opt/dockerRegistry/data:/var/lib/registry
- /opt/dockerRegistry/config:/etc/docker/registry
ports:
- "5000:5000"
networks:
- tool-net
# ========== Registry Web UI(可选,方便查看镜像)==========
registry-ui:
image: joxit/docker-registry-ui:latest
container_name: registry-ui
restart: always
environment:
- REGISTRY_TITLE=本地Docker仓库
- REGISTRY_URL=http://宿主机ip端口 #要不然会跨域!
- DELETE_IMAGES_ENABLED=true
- SHOW_CONTENT_DIGEST=true
- NGINX_PROXY_PASS_URL=http://宿主机ip端口 #要不然会跨域!
ports:
- "5001:80"
depends_on:
- registry
networks:
- tool-net
networks:
tool-net:
external: true
创建 Registry 配置文件
config.yml
version: 0.1
storage:
delete:
enabled: true
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
headers:
Access-Control-Allow-Origin:
- '*'
Access-Control-Allow-Methods:
- 'HEAD'
- 'GET'
- 'POST'
- 'DELETE'
- 'PUT'
- 'OPTIONS'
Access-Control-Allow-Headers:
- 'Authorization'
- 'Accept'
- 'Content-Type'
- 'Docker-Content-Digest'
Access-Control-Expose-Headers:
- 'Docker-Content-Digest'
设置权限
sudo chown -R 1000:1000 /opt/dockerRegistry/config