分类 Docker 下的文章

编译 ntop/n2n

git 导入 ntop/n2n 源码,编译生成 n2n 的 edge,supernode 可执行文件
https://github.com/ntop/n2n.git

git clone https://github.com/ntop/n2n.git -b 2.6-stable ntop-n2n
cd ntop-n2n
./autogen.sh  # 自动配置 Makefile
make

生成可执行文件:

  • edge
  • supernode

配置文件:

  • ./packages/etc/n2n/edge.conf.sample
  • ./packages/etc/n2n/supernode.conf.sample

Dockerfile

目录文件:

# docker build --force-rm n2n-supernode -t ntp/n2n-supernode:v2.6.1
FROM debian:latest

MAINTAINER Minh-Quan TRAN "xwiron@aliyun.com"

COPY edge.conf.sample /etc/n2n/edge.conf
COPY supernode.conf.sample /etc/n2n/supernode.conf
COPY supernodes.list.sample /etc/n2n/supernodes.list

COPY edge /usr/sbin/edge
COPY supernode /usr/sbin/supernode

RUN chmod +x /usr/sbin/edge
RUN chmod +x /usr/sbin/supernode

COPY libc6-udeb_2.28-10_amd64.udeb libc6-udeb_2.28-10_amd64.udeb
COPY libcrypto1.1-udeb_1.1.1d-0+deb10u3_amd64.udeb libcrypto1.1-udeb_1.1.1d-0+deb10u3_amd64.udeb

RUN dpkg -i libc6-udeb_2.28-10_amd64.udeb
RUN dpkg -i libcrypto1.1-udeb_1.1.1d-0+deb10u3_amd64.udeb

RUN rm libc6-udeb_2.28-10_amd64.udeb
RUN rm libcrypto1.1-udeb_1.1.1d-0+deb10u3_amd64.udeb

RUN useradd n2n -s /sbin/nologin

# main listen 0.0.0.0:5556
EXPOSE 5643

# management listen 127.0.0.1:5645
# EXPOSE 5645

# USER
USER n2n

# COMMAND
CMD ["/usr/sbin/supernode", "/etc/n2n/supernode.conf"]

docker run image

从 git 导出文件,可能会失去可执行属性。
chomod +x edge supernode

docker run --restart=always \
    --name n2n-supernode-v2.6\
    -p <port>:5643/udp \
    -v /[host-path]/config:/etc/n2n \
    -d ntop/n2n-supernode:v2.6

Docker Community Edition 镜像使用帮助

注意: 本镜像只提供 Debian/Ubuntu/Fedora/CentOS/RHEL 的 docker 软件包,非 dockerhub
Debian/Ubuntu 用户

以下内容根据 官方文档 修改而来。

如果你过去安装过 docker,先删掉:

sudo apt-get remove docker docker-engine docker.io

首先安装依赖:

sudo apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common

根据你的发行版,下面的内容有所不同。你使用的发行版:

信任 Docker 的 GPG 公钥:

curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -

对于 amd64 架构的计算机,添加软件仓库:

sudo add-apt-repository \
"deb [arch=amd64] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian \
$(lsb_release -cs) \
stable"

如果你是树莓派或其它ARM架构计算机,请运行:

echo "deb [arch=armhf] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian \

 $(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.list

最后安装

sudo apt-get update
sudo apt-get install docker-ce

Fedora/CentOS/RHEL

以下内容根据 官方文档 修改而来。

如果你之前安装过 docker,请先删掉

sudo yum remove docker docker-common docker-selinux docker-engine

安装一些依赖

sudo yum install -y yum-utils device-mapper-persistent-data lvm2

根据你的发行版下载repo文件:

wget -O /etc/yum.repos.d/docker-ce.repo https://download.docker.com/linux/centos/docker-ce.repo

把软件仓库地址替换为 TUNA:

sudo sed -i 's+download.docker.com+mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo

最后安装:

sudo yum makecache fast
sudo yum install docker-ce

docker volume create lichee-build-env_data
docker run -d -p 2222:22 --name=lichee-build-env -v lichee-build-env_data:/data itscaro/debian-ssh:latest

Dockerfile

FROM debian:latest

MAINTAINER Minh-Quan TRAN "xwiron@aliyun.com"

RUN apt-get update && \
        apt-get install -y nano && \
        apt-get install -y vim && \
        apt-get install -y openssh-server && \
        rm -rf /var/lib/apt/lists/* && \
        apt-get clean

RUN echo 'root:root' |chpasswd

RUN sed -ri 's/^PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config && \
        sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config

RUN mkdir -p /var/run/sshd

EXPOSE 22

# '-D':demean '-d':debug
CMD    ["/usr/sbin/sshd", "-D"]

Build docker image.

mkdir debian-ssh
vi ./debian-ssh/Dockerfile
docker build -t xwiron/debian-ssh:basic debian-ssh

Add user

groupadd iron
useradd iron:iron
cp -r /etc/skel /home/iron
chown -R iron:iron /home/iron

# bash pat config
chsh -s [/path/to/bash]
chsh -s /bin/bash

portainer

docker volume create portainer_data
docker run --name portainer \
           --restart=always \
           -p 8000:8000 -p 9000:9000 \
           -v /var/run/docker.sock:/var/run/docker.sock \
           -v portainer_data:/data \
           -d portainer/portainer:latest

postgresql

docker volume create postgresql-v12_data
docker run --name postgres-v12 \
           --restart=always \
           -p 5432:5432 \
           -e POSTGRES_PASSWORD=password \
           -v postgresql-v12_data:/var/lib/postgresql/data \
           -d postgres:12

pgadmin4

docker run -p 80:80 \
    --restart=always \
    --name pgadmin4 \
    -e "PGADMIN_DEFAULT_EMAIL=user@domain.com" \
    -e "PGADMIN_DEFAULT_PASSWORD=SuperSecret" \
    -d dpage/pgadmin4:latest

redis

docker volume create redis_data
docker run --restart=always \
           --name redis \
           -p 6379:6379 \
           -v /[path]/conf/redis.conf:/[path]/redis/redis.conf \
           -v redis_data:/data \
           -d redis:latest

gogs

docker volume create gogs_data
docker run --name gogs \
           --restart=always \
           -p 3000:3000 \
           -v gogs_data:/data \
           -d gogs/gogs:latest

softethervpn, --cap-add NET_ADMIN

docker run --name=softether\
    --cap-add NET_ADMIN \
    -p 500:500/udp \
    -p 4500:4500/udp \
    -p 1701:1701/tcp \
    -p 1194:1194/udp \
    -p 5555:5555/tcp \
    -e SPW=ServerManagementPassword \
    -e HPW=HubManagementPassword \
    -d siomiz/softethervpn:latest

emqx

docker run --restart=always \
        --name emqx \
        -p 18083:18083 \
        -p 8083:8083 \
        -p 1883:1883 \
        -d emqx/emqx:latest

docker run --restart=always \
        --name emqx-edge \
        -p 18084:18083 \
        -p 8883:8083 \
        -p 18833:1883 \
        -d emqx/emqx-edge:latest

mosquitto

# mosquitto.conf
# - [host-path]/mosquitto/config:/mosquitto/config

docker volume create mosquitto_data
docker volume create mosquitto_log
docker run --restart=always \
        --name mosquitto\
        -p 9001:9001\
        -p 1883:1883 \
        -v mosquitto_data:/mosquitto/data \
        -v mosquitto_log:/mosquitto/log \
        -v /[host-path]/mosquitto/config:/mosquitto/config \
        -d eclipse-mosquitto:latest

vjiot mqttd

docker build -t vjiot/mqttd_aedes-express:v1.3 ./mqttd_aedes-express

docker run --name mqttd_aedes-espress \
  --restart=always \
  -p 1883:1883 \
  -p 1884:1884 \
  -p 8880:8880 \
  -v <host path>:/app/vjiot/mqttd \
  -v /etc/localtime:/etc/localtime \
  -d vjiot/mqttd_aedes-express:v1.3

keycloak

docker volume create keycloak_data
docker run --restart=always \
    --name keycloak \
    -e KEYCLOAK_USER=<USERNAME> \
    -e KEYCLOAK_PASSWORD=<PASSWORD> \
    -p 8080:8080 \
    -v keycloak_data:/data \
    -d jboss/keycloak:latest

# database, no volumes
docker run --restart=always \
    --name keycloak \
    -e KEYCLOAK_USER=<USERNAME> \
    -e KEYCLOAK_PASSWORD=<PASSWORD> \
    -e DB_VENDOR=<database type> \
    -e DB_ADDR=<ip> \
    -e DB_PORT=<port> \
    -e DB_DATABASE=<database name> \
    -e DB_USER=<keycloak> \
    -e DB_PASSWORD=<password> \
    -p 8080:8080 \
    -d jboss/keycloak:latest

haproxy

docker run --restart=always \
    --name haproxy \
    -p 2018:2018 \
    -p 2019:2019 \
    -v /etc/[default]/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg \
    -d haproxy:latest

haproxy.cfg

frontend secure         #自定义一个frontend,也可以放在listen或者backend中
    mode http
    bind  0.0.0.0:8901  #监听的ip端口号
    stats enable        #开关
    stats uri  /        #访问的uri   ip:8888/admin?admin
    stats hide-version  #隐藏HAProxy的版本号
    stats admin if TRUE #管理界面,如果认证成功了,可通过webui管理节点
    stats refresh  30s  #统计页面自动刷新时间
    timeout client  120000

listen test1
    bind 0.0.0.0:2018
    mode tcp
    option tcplog
    timeout connect 5000
    timeout client  120000
    timeout server  120000
    #maxconn 4086
    #log 127.0.0.1 local0 debug
    server s1 127.0.0.1:2018

caddy

docker run --restart=always \
    --name caddy\
    -p 2015:2015\
    -v /srv/www:/<path>/caddy/www \
    -d abiosoft/caddy:latest

nodejs/PM2

openwrt, 安装 softether,n2n
--cap-add NET_ADMIN

docker run --name=openwrt\
    --cap-add NET_ADMIN \
    -p 8080:80/tcp \
    -p 5555:5555/tcp \
    -p 5556:5556/udp \
    -d openwrtorg/rootfs:x86-64-19.07.2 

# ntop-n2n, edge tun enable `--cap-add NET_ADMIN`
mkdir /dev/net -pv
mknod /dev/net/tun c 10 200
chmod 666 /dev/net/tun