colben/docker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben 2022-04-18 11:21:20 +08:00
commit 45a7af638f
210 changed files with 8997 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md Normal file
View File

@ -0,0 +1,13 @@
# 通用镜像
## 镜像信息
- 镜像构建脚本: xxxx/xxxx.sh
- 容器启动脚本: xxxx/ADD/docker-entrypoint
## 基础镜像
- alpine
- photon
- rocky
- centos
- ubuntu

7
alpine-python/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
RUN apk update \
&& apk add --no-cache linux-headers libc-dev gcc python3 python3-dev py3-pip \
&& rm -rf /var/cache/apk/*

5
alpine-python/README.md Normal file
View File

@ -0,0 +1,5 @@
# 构建 python 镜像
## 定制
- 安装 python3 及其编译工具

67
alpine-python/alpine-python.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

17
alpine/Dockerfile Normal file
View File

@ -0,0 +1,17 @@
FROM alpine:3.14
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /etc/
RUN echo -e 'https://mirrors.tuna.tsinghua.edu.cn/alpine/v3.14/main\n\
https://mirrors.tuna.tsinghua.edu.cn/alpine/v3.14/community\n\
https://mirrors.tuna.tsinghua.edu.cn/alpine/edge/community\n\
https://mirrors.tuna.tsinghua.edu.cn/alpine/edge/main\n\
https://mirrors.tuna.tsinghua.edu.cn/alpine/edge/testing\n\
' > /etc/apk/repositories \
&& apk update \
&& apk add --no-cache bash curl coreutils iproute2 \
&& echo "alias ls='ls --color=auto'" >> /root/.bashrc \
&& rm -rf /var/cache/apk/*
ENV PS1='\[\e[33;1;1m\][\[\e[0m\]\[\e[35;1m\]\u\[\e[0m\]\[\e[33;1;1m\]@\[\e[0m\]\[\e[31;1;1m\]docker\[\e[0m\]\[\e[32;1;1m\](\h)\[\e[0m\]\[\e[33;1;1m\]:\[\e[0m\]\[\e[32m\]\w\[\e[0m\]\[\e[33;1;1m\]]\[\e[0m\]\[\e[36m\]\$\[\e[0m\] '
ENV PS2='\[\e[36m\]>\[\e[0m\] '
ENV LANG=en_US.UTF-8

11
alpine/README.md Normal file
View File

@ -0,0 +1,11 @@
# 构建 alpine 镜像
## 导入文件
- 本机时区 /etc/localtime
## 定制
- 使用 Asia/Shanghai 时区
- 修改软件源,开启 edge
- 安装 bash curl coreutils iproute2
- 默认语言 en_US.UTF-8

69
alpine/alpine.sh Executable file
View File

@ -0,0 +1,69 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing localtime ...
cd $ROOT_DIR
cp -f /etc/localtime ADD/
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

26
centos7-django2.2/Dockerfile Normal file
View File

@ -0,0 +1,26 @@
ARG ARCH
FROM harbor.colben.cn/general/centos-python$ARCH:7-3.6
MAINTAINER Colben colbenlee@gmail.com
ARG ARCH
RUN echo -e "[mysql80-community]\n\
name=MySQL 8.0 Community Server\n\
baseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql-8.0-community-el7${ARCH:--x86_64}/\n\
enabled=1\n\
gpgcheck=0\n\
" > /etc/yum.repos.d/mysql.repo \
&& yum makecache fast \
&& yum install mysql-community-devel -y \
&& pip3 install \
-i https://pypi.tuna.tsinghua.edu.cn/simple \
--trusted-host pypi.tuna.tsinghua.edu.cn \
requests==2.18.3 \
redis==3.4.1 \
django==2.2.10 \
djangorestframework==3.11.0 \
mysqlclient==1.4.6 \
sqlparse==0.3.0 \
django-cors-headers==3.2.0 \
uwsgi==2.0.18 \
django-mysql==3.5.0 \
&& rm -rf /root/.cache/pip /var/cache/yum

5
centos7-django2.2/README.md Normal file
View File

@ -0,0 +1,5 @@
# 构建 django 镜像
## 定制
- 安装 django 2.2 及其 mysql 依赖包

67
centos7-django2.2/centos-django.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:7-2.2"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

7
centos7-python3.6/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
ARG ARCH
FROM harbor.colben.cn/general/centos$ARCH:7
MAINTAINER Colben colbenlee@gmail.com
RUN yum makecache fast \
&& yum install gcc python36-devel -y \
&& rm -rf /var/cache/yum

5
centos7-python3.6/README.md Normal file
View File

@ -0,0 +1,5 @@
# 构建 python 镜像
## 定制
- 安装 python36 及其编译工具

67
centos7-python3.6/centos-python.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:7-3.6"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

20
centos7/Dockerfile Normal file
View File

@ -0,0 +1,20 @@
FROM centos:7.9.2009
MAINTAINER Colben colbenlee@gmail.com
ARG ARCH
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& rm -f /etc/yum.repos.d/CentOS-* \
&& echo -e "[centos7]\n\
name=centos base\n\
baseurl=https://mirrors.tuna.tsinghua.edu.cn/centos${ARCH:+-altarch}/$releasever/os/$basearch/\n\
enabled=1\n\
gpgcheck=0\n\
" > /etc/yum.repos.d/centos7.repo \
&& yum makecache fast \
&& yum update -y \
&& yum -y install less iproute \
&& rm -rf /var/cache/yum \
&& rm -rf /var/log/*
ENV PS1='\[\e[33;1;1m\][\[\e[0m\]\[\e[35;1m\]\u\[\e[0m\]\[\e[33;1;1m\]@\[\e[0m\]\[\e[31;1;1m\]docker\[\e[0m\]\[\e[32;1;1m\](\h)\[\e[0m\]\[\e[33;1;1m\]:\[\e[0m\]\[\e[32m\]\w\[\e[0m\]\[\e[33;1;1m\]]\[\e[0m\]\[\e[36m\]\$\[\e[0m\] '
ENV PS2='\[\e[36m\]>\[\e[0m\] '
ENV LANG=en_US.UTF-8

7
centos7/README.md Normal file
View File

@ -0,0 +1,7 @@
# 构建 centos7 镜像
## 定制
- 使用 Asia/Shanghai 时区
- 安装 less iproute
- 默认语言 en_US.UTF-8

67
centos7/centos.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:7"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

67
datax-web/ADD/ccmd Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
##################################################
# Mount dir #
# - /opt/datax-web-2.1.2/modules/datax-admin/logs#
# - /opt/datax-web-2.1.2/modules/datax-admin/bin/console.out#
# - /opt/datax-web-2.1.2/modules/datax-datax-executor/logs#
# - /opt/datax-web-2.1.2/modules/datax-datax-executor/bin/console.out#
# ENV #
# - JAVA_OPTS #
# - TIMEOUT #
# - MAX_PROCS #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
GOT_SIGTERM=
TIMEOUT="${TIMEOUT:-10m}"
MAX_PROCS=${MAX_PROCS:-1}
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
# exec 1022<&-
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function ModifyConf {
local kv=
Print Modify bootstrap.properties ...
while read kv; do
[ -z "$kv" ] && return 0
Print Modify property: ${kv%%=*} ...
sed -i "/^#${kv%%=*} *=/c$kv" /opt/datax-web-2.1.2/modules/datax-admin/conf/bootstrap.properties
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
}
function StartProc {
Print Start datax-web
cd /opt/datax-web-2.1.2
/usr/bin/bash bin/start-all.sh
tail -f /dev/null
}
function Main {
ModifyConf
trap "GOT_SIGTERM=1; Print Got SIGTERM ...; exit" SIGTERM
StartProc
}
# Start here
Main

11
datax-web/Dockerfile Normal file
View File

@ -0,0 +1,11 @@
ARG ARCH
FROM harbor.colben.cn/general/jdk$ARCH:8u202
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN tar xf /opt/datax-web-2.1.2.tar.gz -C /opt/ && \
cd /opt/datax-web-2.1.2 && \
./bin/install.sh -f && \
yum makecache fast && yum install -y awk && rm -rf /var/cache/tdnf/ && \
rm -rf /opt/datax-web-2.1.2.tar.gz
CMD ["/opt/ccmd"]

18
datax-web/README.md Normal file
View File

@ -0,0 +1,18 @@
# 构建 datax-web 镜像
## 导入文件
- [下载 datax-web.git]( https://github.com/WeiYe-Jing/datax-web.git)
## 外挂目录和文件
- /opt/datax-web-2.1.2/modules/datax-admin/bin/console.out: admin 日志文件
- /opt/datax-web-2.1.2/modules/datax-datax-executor/bin/console.out: 执行器日志文件
## db文件在容器里边
- 启动容器后docker cp {datax-web}:/opt/datax-web-2.1.2/bin/db/datax_web.sql .
- 创建数据库: create database datax_web;
- 导入数据:use datax_web ; source datax_web.sql;
- 创建用户:create user admin@'%' identified by '123456';
- 授权用户:grant all on datax_web.* to admin@'%';
- 访问地址 http://服务器ip:9527/index.html 帐号:admin 密码:123456
## docker-compose.yml案例

77
datax-web/datax-web.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing datax ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/datax.tar.gz -C .
rm -rf datax/tmp datax/job/*.json
rm -f datax/plugin/writer/mysqlwriter/libs/mysql-connector-java-5.1.34.jar
rm -f datax/plugin/reader/mysqlreader/libs/mysql-connector-java-5.1.34.jar
cp /release/RUNTIME/mysql-connector-java-8.0.27.jar datax/plugin/reader/mysqlreader/libs/
cp /release/RUNTIME/mysql-connector-java-8.0.27.jar datax/plugin/writer/mysqlwriter/libs/
find datax/ -type f | xargs chmod 0644
mkdir datax/{hook,log,log_perf}
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
# YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
# Update
Build
END=1
}
# Start here
Main

26
datax-web/docker-compose.yml Normal file
View File

@ -0,0 +1,26 @@
version: "3.7"
services:
datax-web:
image: harbor.colben.cn/general/datax-web
container_name: datax-web
command: /opt/ccmd
restart: on-failure
privileged: true
stop_grace_period: 1m
network_mode: "host"
ports:
- "9527:9527"
environment:
_CONF_DB_HOST: 10.0.4.115
_CONF_DB_PORT: 3336
_CONF_DB_USERNAME: admin
_CONF_DB_PASSWORD: 123456
_CONF_DB_DATABASE: datax_web
volumes:
- type: bind
source: ./data-admin.console.out
target: /opt/datax-web-2.1.2/modules/datax-admin/bin/console.out
- type: bind
source: ./executor-console.out
target: /opt/datax-web-2.1.2/modules/datax-datax-executor/bin/console.out

112
datax/ADD/ccmd Executable file
View File

@ -0,0 +1,112 @@
#!/bin/bash
##################################################
# Mount dir #
# - /opt/datax/log #
# - /opt/datax/log_perf #
# - /opt/datax/job #
# ENV #
# - JAVA_OPTS #
# - TIMEOUT #
# - MAX_PROCS #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
GOT_SIGTERM=
TIMEOUT="${TIMEOUT:-10m}"
MAX_PROCS=${MAX_PROCS:-1}
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
exec 1022<&-
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**env TIMEOUT, default 10m(ten minutes)**
**env MAX_PROCS, default 1**
**/opt/datax/{log,log_perf,job} mounted from host**
'
}
function InitPipe {
Print Init named pipe ...
rm -rf pool.pipe
mkfifo pool.pipe
exec 1022<> pool.pipe
rm -rf pool.pipe
printf "%${MAX_PROCS}s" '' >&1022
}
function StartJob {
local job="$1"
local code=0
Print Start job $job with timeout $TIMEOUT ...
timeout ${TIMEOUT} java \
-server \
-Xms1g \
-Xmx1g \
-Duser.timezone=GMT+08 \
-XX:+HeapDumpOnOutOfMemoryError \
-XX:HeapDumpPath=$PWD/log \
${JAVA_OPTS:-} \
-Dfile.encoding=UTF-8 \
-Dlogback.statusListenerClass=ch.qos.logback.core.status.NopStatusListener \
-Djava.security.egd=file:///dev/urandom \
-Ddatax.home=$PWD \
-Dlogback.configurationFile=$PWD/conf/logback.xml \
-classpath "$PWD/lib/*:." \
-Dlog.file.name=$job \
com.alibaba.datax.core.Engine \
-mode standalone \
-jobid -1 \
-job $PWD/job/$job.json \
>/dev/null \
2>log/$job.error \
|| code=$?
if [ 0 -eq $code ]; then
Print Job $job finished.
elif [ 124 -eq $code ]; then
Print Job $job timeout!
else
Print Job $job stopped unexpectly!
fi
echo >&1022
}
function StartProc {
Print Start datax with max $MAX_PROCS parallel jobs ...
local job=
for job in $(ls job/ | grep '\.json$'); do
read -n 1 -u 1022
StartJob "${job%.json}" &
done
wait
[ -n "$job" ] || Print Not found any job!
}
function Main {
cd /opt/datax
Usage
InitPipe
trap "GOT_SIGTERM=1; Print Got SIGTERM ...; exit" SIGTERM
StartProc
}
# Start here
Main

27
datax/Demo/MultiProc/README.md Normal file
View File

@ -0,0 +1,27 @@
# 部署多进程 datax
- 两组 job
- 第一组每天 5 点执行一次,每次最多并行 3 个 job每个 job 超时时间十五分钟
- 第二组每天 6 点执行一次,每次最多并行 4 个 job每个 job 超时时间一小时
- 根据实际环境修改
- docker-compose.yml
- datax/job/xxxx.json
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 把第一组任务的 job 配置文件(xxxx.json)放在 /compose/datax1/job/ 下
- 把第二组任务的 job 配置文件(xxxx.json)放在 /compose/datax2/job/ 下
- 启动
```
docker-compose up -d
```
- 添加定时任务
```
* 5 * * * docker-compose -f /compose/docker-compose.yml up -d datax1
* 6 * * * docker-compose -f /compose/docker-compose.yml up -d datax2
```

43
datax/Demo/MultiProc/docker-compose.yml Normal file
View File

@ -0,0 +1,43 @@
version: "3.7"
services:
datax1:
image: harbor.colben.cn/general/datax
container_name: datax1
restart: "no"
stop_grace_period: 1m
environment:
TIMEOUT: 15m
MAX_PROCS: 3
network_mode: "host"
volumes:
- type: bind
source: ./datax1/job
target: /opt/datax/job
- type: bind
source: ./datax1/log
target: /opt/datax/log
- type: bind
source: ./datax1/log_perf
target: /opt/datax/log_perf
datax2:
image: harbor.colben.cn/general/datax
container_name: datax2
restart: "no"
stop_grace_period: 1m
environment:
TIMEOUT: 1h
MAX_PROCS: 4
network_mode: "host"
volumes:
- type: bind
source: ./datax2/job
target: /opt/datax/job
- type: bind
source: ./datax2/log
target: /opt/datax/log
- type: bind
source: ./datax2/log_perf
target: /opt/datax/log_perf

23
datax/Demo/SingleProc/README.md Normal file
View File

@ -0,0 +1,23 @@
# 部署单进程 datax
- 每天 6 点执行一次,逐个执行 job每个 job 超时时间十分钟
- 根据实际环境修改
- docker-compose.yml
- datax/job/xxxx.json
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 上传需要的 job 文件到 datax/job/ 下
- 启动
```
docker-compose up -d
```
- 添加定时任务
```
* 6 * * * docker-compose -f /compose/docker-compose.yml up -d
```

20
datax/Demo/SingleProc/docker-compose.yml Normal file
View File

@ -0,0 +1,20 @@
version: "3.7"
services:
datax:
image: harbor.colben.cn/general/datax
container_name: datax
restart: "no"
stop_grace_period: 1m
network_mode: "host"
volumes:
- type: bind
source: ./datax/job
target: /opt/datax/job
- type: bind
source: ./datax/log
target: /opt/datax/log
- type: bind
source: ./datax/log_perf
target: /opt/datax/log_perf

6
datax/Dockerfile Normal file
View File

@ -0,0 +1,6 @@
ARG ARCH
FROM harbor.colben.cn/general/jdk$ARCH:8u202
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
CMD ["/opt/ccmd"]

23
datax/README.md Normal file
View File

@ -0,0 +1,23 @@
# 构建 datax 镜像
## 导入文件
- [下载 datax.tar.gz](https://github.com/alibaba/DataX)
## 定制
- 删除自带的 mysql-connector-java-5换成 mysql-connector-java-8
- 启动脚本换成 shell弃用原来的 python 脚本
## 外挂目录和文件
- /opt/datax/log: job 日志目录
- /opt/datax/log_perf: 性能日志目录
- /opt/datax/job: job 文件目录
## 引入环境变量
- JAVA_OPTS: jdk 参数,默认 "-Xms1g -Xmx1g"
- TIMEOUT: 每个任务的超时时间,默认 "10m"(10 分钟)
- MAX_PROCS: 最大并行任务数量,默认 1即串行
## 案例
- [Demo/SingleProc/](Demo/SingleProc/): 每次执行单个 job
- [Demo/MultiProc/](Demo/MultiProc/): 并行多个 job

77
datax/datax.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing datax ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/datax.tar.gz -C .
rm -rf datax/tmp datax/job/*.json
rm -f datax/plugin/writer/mysqlwriter/libs/mysql-connector-java-5.1.34.jar
rm -f datax/plugin/reader/mysqlreader/libs/mysql-connector-java-5.1.34.jar
cp /release/RUNTIME/mysql-connector-java-8.0.27.jar datax/plugin/reader/mysqlreader/libs/
cp /release/RUNTIME/mysql-connector-java-8.0.27.jar datax/plugin/writer/mysqlwriter/libs/
find datax/ -type f | xargs chmod 0644
mkdir datax/{hook,log,log_perf}
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

117
elasticsearch6/ADD/ccmd Executable file
View File

@ -0,0 +1,117 @@
#!/bin/bash
##################################################
# Docker #
# -- privileged #
# Mount dir #
# - /opt/es/config #
# - /opt/es/data #
# - /opt/es/logs #
# - /opt/es/offline-plugins #
# - /opt/es/plugins #
# ENV #
# - _CONF_* #
# - ES_JAVA_OPTS #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**privileted**
**/opt/es/{config,data,logs,offline-plugins,plugins} mounted from host**
'
}
function RestoreConf {
if [ -z "$(ls config/)" ]; then
Print Restore default config files and quit ...
tar zxf config.tgz
exit
fi
}
function ModifyConf {
Print Modify $conf ...
local kv=
local conf='config/elasticsearch.yml'
while read kv; do
[ -z "$kv" ] && break
sed -i "/^${kv%%=*}: /d" $conf
echo "${kv/=/: }" >> $conf
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
Print Remove path.data and path.log in $conf ...
sed -i -e '/^path\.data/d' -e '/^path\.logs/d' $conf
}
function InstallPlugin {
for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do
Print Install plugins from offline file: $f ...
./bin/elasticsearch-plugin install file://$f
mv $f $f.installed
done
}
function ChangeOwner {
Print Change file owner ...
chown -R es.es config/ data/ logs/ plugins/
}
function ChangeSysConf {
Print Change system conf ...
echo 262144 > /proc/sys/vm/max_map_count || Print Not specified "--privileged".
}
function StartProc {
Print Start elasticsearch ...
su - es -c "
export JAVA_HOME=$JAVA_HOME
export PATH=$PATH
export ES_JAVA_OPTS='${ES_JAVA_OPTS:-}'
/opt/es/bin/elasticsearch -Epath.data=/opt/es/data -Epath.logs=/opt/es/logs
" &> /dev/null &
PIDS="$PIDS $!"
}
function Main {
local pid=
cd /opt/es
Usage
RestoreConf
ModifyConf
InstallPlugin
ChangeOwner
ChangeSysConf
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

15
elasticsearch6/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,15 @@
# 部署单节点 es
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

31
elasticsearch6/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,31 @@
version: "3.7"
services:
es:
image: harbor.colben.cn/general/elasticsearch:6
container_name: es
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
_CONF_network.host: 127.0.0.1
_CONF_http.port: 9200
_CONF_transport.port: 9300
network_mode: host
volumes:
- type: bind
source: ./es/config
target: /opt/es/config
- type: bind
source: ./es/data
target: /opt/es/data
- type: bind
source: ./es/logs
target: /opt/es/logs
- type: bind
source: ./es/plugins
target: /opt/es/plugins
- type: bind
source: ./es/offline-plugins
target: /opt/es/offline-plugins

18
elasticsearch6/Demo/ThreeNodes/README.md Normal file
View File

@ -0,0 +1,18 @@
# 部署三节点 es 集群
- 部署集群,有三个节点,每个节点有三个 ip
- 每个节点的 127.0.1.x 和 127.0.2.x 用于 http 请求
- 每个节点的 127.0.3.x 用于节点间通信
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

108
elasticsearch6/Demo/ThreeNodes/docker-compose.yml Normal file
View File

@ -0,0 +1,108 @@
version: "3.7"
services:
es1:
image: harbor.colben.cn/general/elasticsearch:6
container_name: es1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
_CONF_cluster.name: myes
_CONF_node.name: es1
_CONF_network.bind_host: '[127.0.1.1,127.0.2.1]'
_CONF_network.publish_host: 127.0.3.1
_CONF_http.port: 9200
_CONF_transport.port: 9300
_CONF_discovery.zen.ping.unicast.hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_discovery.zen.minimum_master_nodes: 2
_CONF_gateway.recover_after_nodes: 2
network_mode: host
volumes:
- type: bind
source: ./es1/config
target: /opt/es/config
- type: bind
source: ./es1/data
target: /opt/es/data
- type: bind
source: ./es1/logs
target: /opt/es/logs
- type: bind
source: ./es1/plugins
target: /opt/es/plugins
- type: bind
source: ./es1/offline-plugins
target: /opt/es/offline-plugins
es2:
image: harbor.colben.cn/general/elasticsearch:6
container_name: es2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
_CONF_cluster.name: myes
_CONF_node.name: es2
_CONF_network.bind_host: '[127.0.1.2,127.0.2.2]'
_CONF_network.publish_host: 127.0.3.2
_CONF_http.port: 9200
_CONF_transport.port: 9300
_CONF_discovery.zen.ping.unicast.hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_discovery.zen.minimum_master_nodes: 2
_CONF_gateway.recover_after_nodes: 2
network_mode: host
volumes:
- type: bind
source: ./es2/config
target: /opt/es/config
- type: bind
source: ./es2/data
target: /opt/es/data
- type: bind
source: ./es2/logs
target: /opt/es/logs
- type: bind
source: ./es2/plugins
target: /opt/es/plugins
- type: bind
source: ./es2/offline-plugins
target: /opt/es/offline-plugins
es3:
image: harbor.colben.cn/general/elasticsearch:6
container_name: es3
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
_CONF_cluster.name: myes
_CONF_node.name: es3
_CONF_network.bind_host: '[127.0.1.3,127.0.2.3]'
_CONF_network.publish_host: 127.0.3.3
_CONF_http.port: 9200
_CONF_transport.port: 9300
_CONF_discovery.zen.ping.unicast.hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_discovery.zen.minimum_master_nodes: 2
_CONF_gateway.recover_after_nodes: 2
network_mode: host
volumes:
- type: bind
source: ./es3/config
target: /opt/es/config
- type: bind
source: ./es3/data
target: /opt/es/data
- type: bind
source: ./es3/logs
target: /opt/es/logs
- type: bind
source: ./es3/plugins
target: /opt/es/plugins
- type: bind
source: ./es3/offline-plugins
target: /opt/es/offline-plugins

8
elasticsearch6/Dockerfile Normal file
View File

@ -0,0 +1,8 @@
ARG ARCH
FROM harbor.colben.cn/general/jdk$ARCH:8
MAINTAINER Colben colbenlee@gmail.com
RUN useradd -s /bin/bash -Um -u 1011 es \
&& sed -i '23a permission java.net.SocketPermission "*:*","accept,connect,resolve";' /opt/jdk/jre/lib/security/java.policy
ADD --chown=es:es /ADD/ /opt/
CMD ["/opt/ccmd"]

26
elasticsearch6/README.md Normal file
View File

@ -0,0 +1,26 @@
# 构建 elasticsearch6 镜像
## 导入文件
- [下载 elasticsearch-$VERSION.tar.gz](https://www.elastic.co/cn/downloads/elasticsearch)
## 定制
- 创建日志目录和插件目录
- 修改 jdk 安全策略
- 在启动参数中指定数据目录和日志目录,覆盖配置文件
- docker 参数: --privileged
## 外挂目录和文件
- /opt/es/config: es 配置目录
- /opt/es/data: es 数据目录
- /opt/es/logs: es 日志目录
- /opt/es/plugins: es 插件目录
- /opt/es/offline-plugins: es 离线插件目录,把离线插件文件(xxxx.zip)放在该目录下,重启容器后可以自动安装
## 引入环境变量
- ES_JAVA_OPTS: jdk 配置
- \_CONF\_\*: es 配置
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 部署单节点
- [Demo/ThreeNodes/](Demo/ThreeNodes/): 部署三节点集群

81
elasticsearch6/elasticsearch.sh Executable file
View File

@ -0,0 +1,81 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="6.${1#6.}"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing es $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/elasticsearch-$VERSION.tar.gz -C .
mv elasticsearch-$VERSION es
cd es
mkdir data offline-plugins
echo '#
#
# ---------------------------------- Custom ------------------------------------
#
' >> config/elasticsearch.yml
tar zcf config.tgz config
rm -rf config/*
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

157
elasticsearch7/ADD/ccmd Executable file
View File

@ -0,0 +1,157 @@
#!/bin/bash
##################################################
# Docker #
# -- privileged #
# Mount dir #
# - /opt/es/config #
# - /opt/es/data #
# - /opt/es/logs #
# - /opt/es/offline-plugins #
# - /opt/es/plugins #
# ENV #
# - _CONF_* #
# - ES_JAVA_OPTS #
# - ELASTIC_PASSWORD #
# - APM_SYSTEM_PASSWORD #
# - KIBANA_SYSTEM_PASSWORD #
# - LOGSTASH_SYSTEM_PASSWORD #
# - BEATS_SYSTEM_PASSWORD #
# - REMOTE_MONITORING_USER_PASSWORD #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
BOOTSTRAP=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**privileted**
**/opt/es/{config,data,logs,offline-plugins,plugins} mounted from host**
**elastic passwords in production**
'
}
function RestoreConf {
if [ -z "$(ls config/)" ]; then
Print Restore default config files and quit ...
tar zxf config.tgz
exit
fi
}
function ModifyConf {
local kv=
local conf='config/elasticsearch.yml'
Print Modify $conf ...
while read kv; do
[ -z "$kv" ] && break
sed -i "/^${kv%%=*}: /d" $conf
echo "${kv/=/: }" >> $conf
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
Print Remove path.data and path.log in $conf ...
sed -i -e '/^path\.data/d' -e '/^path\.logs/d' $conf
if grep -q '^cluster\.initial_master_nodes' $conf; then
[ -z "$(ls data/)" -a -n "${ELASTIC_PASSWORD:-}" ] && BOOTSTRAP=1 && return 0
Print Remove cluster.initial_master_nodes in $conf ...
sed -i '/^cluster\.initial_master_nodes/d' $conf
fi
}
function InstallPlugin {
for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do
Print Install plugins from offline file: $f ...
./bin/elasticsearch-plugin install file://$f
mv $f $f.installed
done
}
function ChangeOwner {
Print Change file owner ...
chown -R es.es config/ data/ logs/ plugins/
}
function ChangeSysConf {
Print Change system conf ...
echo 262144 > /proc/sys/vm/max_map_count || Print Not specified "--privileged".
}
function SetupPassword {
local count=0
while Print Try to setup passwords of buildin users ...; do
sleep 15
if /opt/es/bin/elasticsearch-setup-passwords interactive &> logs/setup.out <<< "y
$ELASTIC_PASSWORD
$ELASTIC_PASSWORD
${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${APM_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${KIBANA_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${LOGSTASH_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${BEATS_SYSTEM_PASSWORD:-$ELASTIC_PASSWORD}
${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD}
${REMOTE_MONITORING_USER_PASSWORD:-$ELASTIC_PASSWORD}
"; then
grep -q '^Changed password for user ' logs/setup.out \
&& Print Succeeded to setup passwords of buildin users. \
&& return 0
else
Print Failed to execute elasticsearch-setup-passwords!
fi
[ 4 -le $((++count)) ] && Print Failed to setup passwords of buildin users! && exit
done
}
function StartProc {
Print Start elasticsearch ...
su - es -c "
export ES_JAVA_OPTS='${ES_JAVA_OPTS:-}'
/opt/es/bin/elasticsearch -Epath.data=/opt/es/data -Epath.logs=/opt/es/logs
" &> /dev/null &
PIDS="$PIDS $!"
[ -n "$BOOTSTRAP" ] && SetupPassword
}
function Main {
local pid=
cd /opt/es
Usage
RestoreConf
ModifyConf
InstallPlugin
ChangeOwner
ChangeSysConf
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

18
elasticsearch7/Demo/MultiRoles/README.md Normal file
View File

@ -0,0 +1,18 @@
# 部署多角色 es 集群
- 部署集群,有两个 master 节点和三个 data 节点
- 每个节点的 127.0.1.x 用于 http 请求
- 每个节点的 127.0.3.x 用于节点间通信
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

229
elasticsearch7/Demo/MultiRoles/docker-compose.yml Normal file
View File

@ -0,0 +1,229 @@
version: "3.7"
services:
es-master1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-master1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-master1
_CONF_node.roles: '[master]'
_CONF_http.host: 127.0.1.1
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.1
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_cluster.initial_master_nodes: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-master1/config
target: /opt/es/config
- type: bind
source: ./es-master1/data
target: /opt/es/data
- type: bind
source: ./es-master1/logs
target: /opt/es/logs
- type: bind
source: ./es-master1/plugins
target: /opt/es/plugins
- type: bind
source: ./es-master1/offline-plugins
target: /opt/es/offline-plugins
es-master2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-master2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-master2
_CONF_node.roles: '[master]'
_CONF_http.host: 127.0.1.2
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.2
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-master2/config
target: /opt/es/config
- type: bind
source: ./es-master2/data
target: /opt/es/data
- type: bind
source: ./es-master2/logs
target: /opt/es/logs
- type: bind
source: ./es-master2/plugins
target: /opt/es/plugins
- type: bind
source: ./es-master2/offline-plugins
target: /opt/es/offline-plugins
es-data1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data1
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.3
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.3
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data1/config
target: /opt/es/config
- type: bind
source: ./es-data1/data
target: /opt/es/data
- type: bind
source: ./es-data1/logs
target: /opt/es/logs
- type: bind
source: ./es-data1/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data1/offline-plugins
target: /opt/es/offline-plugins
es-data2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data2
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.4
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.4
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data2/config
target: /opt/es/config
- type: bind
source: ./es-data2/data
target: /opt/es/data
- type: bind
source: ./es-data2/logs
target: /opt/es/logs
- type: bind
source: ./es-data2/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data2/offline-plugins
target: /opt/es/offline-plugins
es-data3:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es-data3
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es-data3
_CONF_node.roles: '[data]'
_CONF_http.host: 127.0.1.5
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.5
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 2
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 2
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es-data3/config
target: /opt/es/config
- type: bind
source: ./es-data3/data
target: /opt/es/data
- type: bind
source: ./es-data3/logs
target: /opt/es/logs
- type: bind
source: ./es-data3/plugins
target: /opt/es/plugins
- type: bind
source: ./es-data3/offline-plugins
target: /opt/es/offline-plugins

15
elasticsearch7/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,15 @@
# 部署单节点 es
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

35
elasticsearch7/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,35 @@
version: "3.7"
services:
es:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
_CONF_network.host: 127.0.0.1
_CONF_http.port: 9200
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.0.1]'
_CONF_discovery.type: single-node
_CONF_xpack.security.enabled: "true"
network_mode: host
volumes:
- type: bind
source: ./es/config
target: /opt/es/config
- type: bind
source: ./es/data
target: /opt/es/data
- type: bind
source: ./es/logs
target: /opt/es/logs
- type: bind
source: ./es/plugins
target: /opt/es/plugins
- type: bind
source: ./es/offline-plugins
target: /opt/es/offline-plugins

18
elasticsearch7/Demo/ThreeNodes/README.md Normal file
View File

@ -0,0 +1,18 @@
# 部署三节点 es 集群
- 部署集群,有三个节点,每个节点有三个 ip
- 每个节点的 127.0.1.x 和 127.0.2.x 用于 http 请求
- 每个节点的 127.0.3.x 用于节点间通信
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

136
elasticsearch7/Demo/ThreeNodes/docker-compose.yml Normal file
View File

@ -0,0 +1,136 @@
version: "3.7"
services:
es1:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es1
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es1
_CONF_http.host: '[127.0.1.1,127.0.2.1]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.1
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_cluster.initial_master_nodes: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es1/config
target: /opt/es/config
- type: bind
source: ./es1/data
target: /opt/es/data
- type: bind
source: ./es1/logs
target: /opt/es/logs
- type: bind
source: ./es1/plugins
target: /opt/es/plugins
- type: bind
source: ./es1/offline-plugins
target: /opt/es/offline-plugins
es2:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es2
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es2
_CONF_http.host: '[127.0.1.2,127.0.2.2]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.2
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es2/config
target: /opt/es/config
- type: bind
source: ./es2/data
target: /opt/es/data
- type: bind
source: ./es2/logs
target: /opt/es/logs
- type: bind
source: ./es2/plugins
target: /opt/es/plugins
- type: bind
source: ./es2/offline-plugins
target: /opt/es/offline-plugins
es3:
image: harbor.colben.cn/general/elasticsearch:7
container_name: es3
restart: "on-failure"
stop_grace_period: 5m
privileged: true
environment:
ES_JAVA_OPTS: "-Xms8g -Xmx8g"
ELASTIC_PASSWORD: Pass_1234
_CONF_cluster.name: myes
_CONF_node.name: es3
_CONF_http.host: '[127.0.1.3,127.0.2.3]'
_CONF_http.port: 9200
_CONF_transport.host: 127.0.3.3
_CONF_transport.port: 9300
_CONF_discovery.seed_hosts: '[127.0.3.1,127.0.3.2,127.0.3.3]'
_CONF_xpack.security.enabled: "true"
_CONF_xpack.security.transport.ssl.enabled: "true"
_CONF_xpack.security.transport.ssl.verification_mode: certificate
_CONF_xpack.security.transport.ssl.client_authentication: required
_CONF_xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
_CONF_xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
_CONF_gateway.expected_master_nodes: 3
_CONF_gateway.expected_data_nodes: 3
_CONF_gateway.recover_after_master_nodes: 3
_CONF_gateway.recover_after_data_nodes: 3
network_mode: host
volumes:
- type: bind
source: ./es3/config
target: /opt/es/config
- type: bind
source: ./es3/data
target: /opt/es/data
- type: bind
source: ./es3/logs
target: /opt/es/logs
- type: bind
source: ./es3/plugins
target: /opt/es/plugins
- type: bind
source: ./es3/offline-plugins
target: /opt/es/offline-plugins

7
elasticsearch7/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
ARG ARCH
FROM harbor.colben.cn/general/photon$ARCH
MAINTAINER Colben colbenlee@gmail.com
RUN useradd -s /bin/bash -Um -u 1011 es
ADD --chown=es /ADD/ /opt/
CMD ["/opt/ccmd"]

29
elasticsearch7/README.md Normal file
View File

@ -0,0 +1,29 @@
# 构建 elasticsearch7 镜像
## 导入文件
- [下载 elasticsearch-$VERSION.tar.gz](https://www.elastic.co/cn/downloads/elasticsearch)
## 定制
- 创建日志目录和插件目录
- 使用 es 自带的 jdk 包
- 修改 jdk 安全策略
- 在启动参数中指定数据目录和日志目录,覆盖配置文件
- docker 参数: --privileged
## 外挂目录和文件
- /opt/es/config: es 配置目录
- /opt/es/data: es 数据目录
- /opt/es/logs: es 日志目录
- /opt/es/plugins: es 插件目录
- /opt/es/offline-plugins: es 离线插件目录,把离线插件文件(xxxx.zip)放在该目录下,重启容器后可以自动安装
## 引入环境变量
- ES_JAVA_OPTS: jdk 配置
- ELASTIC_PASSWORD: elastic 用户的密码
- \_CONF\_\*: es 配置
## 案例
- [Demo/SingleNode/](Demo/SingleNode/)部署单节点
- [Demo/MultiNodes/](Demo/MultiNodes/)部署三节点 es 集群
- [Demo/MultiRoles/](Demo/MultiRoles/)部署多角色 es 集群

122
elasticsearch7/elasticsearch.sh Executable file
View File

@ -0,0 +1,122 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="7.${1#7.}"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing es $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/elasticsearch-$VERSION-linux${ARCH:--x86_64}.tar.gz -C .
mv elasticsearch-$VERSION es
cd es
sed -i '/^}/ipermission java.net.SocketPermission "*:*","accept,connect,resolve";' jdk/conf/security/java.policy
mkdir data offline-plugins
unset JAVA_HOME
./bin/elasticsearch-certutil ca -s \
--days 3650 \
--pass 'Pass_1234' \
<<< "$(echo)"
./bin/elasticsearch-certutil cert -s \
--ca elastic-stack-ca.p12 \
--ca-pass 'Pass_1234' \
--days 3650 \
--pass 'Pass_1234' \
<<< "$(echo)"
mv *.p12 config/
./bin/elasticsearch-keystore create -s
./bin/elasticsearch-keystore add -s \
xpack.security.transport.ssl.keystore.secure_password \
<<< 'Pass_1234'
./bin/elasticsearch-keystore add -s \
xpack.security.transport.ssl.truststore.secure_password \
<<< 'Pass_1234'
sed -i \
-e '/^#http\.port: /i#http.host: []' \
-e '/^#http\.port: /a#transport.host: []' \
-e '/^#http\.port: /a#transport.port: 9300' \
-e '/^#discovery\.seed_hosts: /a#discovery.type: single-node' \
config/elasticsearch.yml
echo '#
# ---------------------------------- Security ----------------------------------
#
#xpack.security.enabled: true
#xpack.security.transport.ssl.enabled: true
#xpack.security.transport.ssl.verification_mode: certificate
#xpack.security.transport.ssl.client_authentication: required
#xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
#xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
#
# ---------------------------------- Gateway -----------------------------------
#
#gateway.expected_master_nodes: 3
#gateway.expected_data_nodes: 3
#gateway.recover_after_master_nodes: 3
#gateway.recover_after_data_nodes: 3
#
# ---------------------------------- Custom ------------------------------------
#
' >> config/elasticsearch.yml
tar zcf config.tgz config
rm -rf config/*
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

76
gitea/ADD/ccmd Executable file
View File

@ -0,0 +1,76 @@
#!/bin/bash
##################################################
# Mount dir #
# - /var/lib/gitea #
# - /var/log/gitea #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f gitea && Print killing gitea ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**/var/{lib,log}/gitea mounted from host**
'
}
function RestoreConf {
if [ -z "$(ls gitea/)" ]; then
Print Restore default config files and quit ...
tar zxf gitea.tgz
exit
fi
}
function ChangeOwner {
Print Change file owner ...
chown -R gitea.www-data gitea/ /var/log/gitea/
}
function StartProc {
Print Start gitea ...
su - gitea -c '
gitea web --config /var/lib/gitea/custom/conf/app.ini
' &>> /var/log/gitea/gitea.out &
PIDS="$PIDS $!"
}
function Main {
local pid=
cd /var/lib
Usage
RestoreConf
ChangeOwner
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

59
gitea/Demo/GiteaWithNginx/README.md Normal file
View File

@ -0,0 +1,59 @@
# 部署 gitea, 由 nginx 反代
- 配合 nginx 反代,并单独挂载 indexers 目录
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
mkdir -p -m 0777 socket
```
- 启动
```
docker-compose up -d
```
- 运行 gitea
```
docker-compose up -d gitea
```
- 停止 gitea
```
docker-compose down -v
```
- 修改 gitea 配置文件 /compose/gitea/gitea/custom/conf/app.ini
```
[indexer]
...
ISSUE_INDEXER_TYPE = bleve
ISSUE_INDEXER_PATH = /indexers/issues.bleve
ISSUE_INDEXER_QUEUE_TYPE = levelqueue
ISSUE_INDEXER_QUEUE_DIR = /indexers/issues.queue
REPO_INDEXER_ENABLED = true
REPO_INDEXER_PATH = /indexers/repos.bleve
UPDATE_BUFFER_LEN = 20
MAX_FILE_SIZE = 1048576
REPO_INDEXER_INCLUDE = **.go,**.yml,**.toml,**.c,**.h,**makefile,**.py,**.txt,**.ini,**.rs,**.sh,**.md,**Dockerfile*,**docker-entrypoint*,**.cnf,**.conf,**.json,**.sql,**.xml,**.js,**.jsx,**.vue,**.ts,**.tsx,**.html,**.css,**.scss,**.less
...
[server]
...
PROTOCOL = unix
DOMAIN = git.xxxx.com
ROOT_URL = http://git.xxxx.com
HTTP_ADDR = /socket/gitea
UNIX_SOCKET_PERMISSION = 666
...
```
- 运行
```
docker-compose up -d
```
- 浏览器访问 http://git.xxxx.com

48
gitea/Demo/GiteaWithNginx/docker-compose.yml Normal file
View File

@ -0,0 +1,48 @@
version: "3.7"
services:
gitea:
image: harbor.colben.cn/general/gitea
container_name: gitea
restart: on-failure
stop_grace_period: 1m
networks:
gitea:
volumes:
- type: bind
source: ./gitea/gitea
target: /var/lib/gitea
- type: bind
source: ./gitea/log
target: /var/log/gitea
- type: bind
source: ./gitea/indexers
target: /indexers
- type: bind
source: ./socket
target: /socket
nginx:
image: harbor.colben.cn/general/nginx
container_name: nginx
restart: on-failure
stop_grace_period: 1m
networks:
gitea:
ports:
- 80:80
volumes:
- type: bind
source: ./nginx/http.d
target: /etc/nginx/http.d
- type: bind
source: ./nginx/log
target: /var/log/nginx
- type: bind
source: ./socket
target: /socket
networks:
gitea:
external: false

12
gitea/Demo/GiteaWithNginx/nginx/http.d/gitea.conf Normal file
View File

@ -0,0 +1,12 @@
server {
listen 80;
server_name git.xxxx.com;
access_log off;
error_log /var/log/nginx/error-gitea.log;
location / {
proxy_pass http://unix:/socket/gitea;
client_max_body_size 1024m;
client_body_buffer_size 1024m;
}
}

17
gitea/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,17 @@
# 部署 gitea
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```
- 访问 http://x.x.x.x:3000

18
gitea/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,18 @@
version: "3.7"
services:
gitea:
image: harbor.colben.cn/general/gitea
container_name: gitea
restart: "on-failure"
stop_grace_period: 1m
ports:
- 3000:3000
volumes:
- type: bind
source: ./gitea/gitea
target: /var/lib/gitea
- type: bind
source: ./gitea/log
target: /var/log/gitea

13
gitea/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN apk update \
&& apk add --no-cache gitea \
&& sed -i 's,/ash,/bash,' /etc/passwd \
&& cd /var/lib \
&& mv /etc/gitea gitea/custom/conf \
&& tar zcf gitea.tgz gitea/ \
&& rm -rf /var/cache/apk/* gitea/*
CMD ["/opt/ccmd"]

13
gitea/README.md Normal file
View File

@ -0,0 +1,13 @@
# 构建 gitea 镜像
## 定制
- 安装 gitea
## 外挂目录和文件
- /var/lib/gitea: gitea 数据目录
- /var/log/gitea: gitea 日志目录
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 单独部署 gitea
- [Demo/GiteaWithNginx/](Demo/GiteaWithNginx/): 部署 gitea用 nginx 反代

67
gitea/gitea.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

9
jdk/Dockerfile Normal file
View File

@ -0,0 +1,9 @@
ARG ARCH
FROM harbor.colben.cn/general/photon$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
ENV JAVA_HOME=/opt/jdk
ENV JRE_HOME=${JAVA_HOME}/jre
ENV CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
ENV PATH=${JAVA_HOME}/bin:$PATH

11
jdk/README.md Normal file
View File

@ -0,0 +1,11 @@
# 构建 oracle jdk 镜像
## 导入文件
- [下载 jdk-$VERSION\*\_linux${ARCH:--x64}\_bin.tar.gz](https://www.oracle.com/java/technologies/downloads/)
## 定制
- jdk8u202.sh: 构建与 openjdk8 兼容的 oracle jdk8 镜像
- jdk8.sh: 构建 oracle jdk8 镜像
- jdk.sh: 构建 oracle jdk11 及以后版本的镜像
- 设置 jdk 环境变量

73
jdk/jdk.sh Executable file
View File

@ -0,0 +1,73 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="${1%%.*}"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing jdk $VERSION ...
cd $ROOT_DIR
rm -rf ADD && mkdir ADD
cd ADD
tar zxf $(ls /release/RUNTIME/jdk-$VERSION*_linux${ARCH:--x64}_bin.tar.gz|tail -1)
mv jdk* jdk
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

72
jdk/jdk8.sh Executable file
View File

@ -0,0 +1,72 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/jdk$ARCH:8"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing jdk 8
cd $ROOT_DIR
rm -rf ADD && mkdir ADD
cd ADD
tar zxf $(ls /release/RUNTIME/jdk-8u*-linux${ARCH:--x64}.tar.gz|tail -1)
mv jdk* jdk
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

78
jdk/jdk8u202.sh Executable file
View File

@ -0,0 +1,78 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/jdk$ARCH:8u202"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing jdk 8u202 ...
cd $ROOT_DIR
rm -rf ADD && mkdir ADD
cd ADD
if [ -z "$ARCH" ]; then
tar zxf /release/RUNTIME/jdk-8u202-linux-x64.tar.gz
elif [ '-aarch64' == "$ARCH" ]; then
tar zxf /release/RUNTIME/jdk-8u202-linux-arm64-vfp-hflt.tar.gz
else
Error Not supported arch: $ARCH
fi
mv jdk* jdk
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

76
kafka/ADD/ccmd Executable file
View File

@ -0,0 +1,76 @@
#!/bin/bash
##################################################
# Mount dir #
# - /opt/kafka/data #
# - /opt/kafka/logs #
# ENV #
# - KAFKA_OPTS #
# - _CONF_* #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**/opt/kafka/{data,logs} mounted from host**
'
}
function ModifyConf {
Print Modify server.properties ...
local kv=
local conf='config/server.properties'
while read kv; do
[ -z "$kv" ] && break
Print Modify property: ${kv%%=*} ...
sed -i "/^${kv%%=*} *=/d" $conf
echo "$kv" >> $conf
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
}
function StartProc {
Print Start kafka ...
./bin/kafka-server-start.sh ./config/server.properties --override log.dirs=./data \
&>> logs/kafka.out &
PIDS="$PIDS $!"
}
function Main {
local pid=
cd /opt/kafka
Usage
ModifyConf
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

15
kafka/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,15 @@
# 部署 kafka 单节点
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

46
kafka/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,46 @@
version: "3.7"
services:
zk:
image: harbor.colben.cn/general/zookeeper:3.6
container_name: zk
restart: on-failure
environment:
MYID: 1
JVMFLAGS: "-Xmx1G -Xms1G"
_CONF_reconfigEnabled: "false"
_CONF_standaloneEnabled: "true"
_CONF_clientPort: 2181
networks:
kafka:
volumes:
- type: bind
source: ./zk/dataLog
target: /opt/zk/dataLog
- type: bind
source: ./zk/data
target: /opt/zk/data
- type: bind
source: ./zk/logs
target: /opt/zk/logs
kafka:
image: harbor.colben.cn/general/kafka:2.7
container_name: kafka
restart: on-failure
environment:
KAFKA_OPTS: "-Xmx1G -Xms1G"
_CONF_zookeeper.connect: "zk:2181"
networks:
kafka:
volumes:
- type: bind
source: ./kafka/data
target: /opt/kafka/data
- type: bind
source: ./kafka/logs
target: /opt/kafka/logs
networks:
kafka:

15
kafka/Demo/ThreeNodes/README.md Normal file
View File

@ -0,0 +1,15 @@
# 部署 kafka 集群
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

138
kafka/Demo/ThreeNodes/docker-compose.yml Normal file
View File

@ -0,0 +1,138 @@
version: "3.7"
services:
zk1:
image: harbor.colben.cn/general/zookeeper:3.6
container_name: zk1
restart: on-failure
environment:
MYID: 1
JVMFLAGS: "-Xmx1G -Xms1G"
_CONF_reconfigEnabled: "false"
_CONF_standaloneEnabled: "false"
_CONF_server.1: "zk1:2888:3888;2181"
_CONF_server.2: "zk2:2888:3888;2181"
_CONF_server.3: "zk3:2888:3888;2181"
networks:
kafka:
volumes:
- type: bind
source: ./zk1/dataLog
target: /opt/zk/dataLog
- type: bind
source: ./zk1/data
target: /opt/zk/data
- type: bind
source: ./zk1/logs
target: /opt/zk/logs
zk2:
image: harbor.colben.cn/general/zookeeper:3.6
container_name: zk2
restart: on-failure
environment:
MYID: 2
JVMFLAGS: "-Xmx1G -Xms1G"
_CONF_reconfigEnabled: "false"
_CONF_standaloneEnabled: "false"
_CONF_server.1: "zk1:2888:3888;2181"
_CONF_server.2: "zk2:2888:3888;2181"
_CONF_server.3: "zk3:2888:3888;2181"
networks:
kafka:
volumes:
- type: bind
source: ./zk2/dataLog
target: /opt/zk/dataLog
- type: bind
source: ./zk2/data
target: /opt/zk/data
- type: bind
source: ./zk2/logs
target: /opt/zk/logs
zk3:
image: harbor.colben.cn/general/zookeeper:3.6
container_name: zk3
restart: on-failure
environment:
MYID: 3
JVMFLAGS: "-Xmx1G -Xms1G"
_CONF_reconfigEnabled: "false"
_CONF_standaloneEnabled: "false"
_CONF_server.1: "zk1:2888:3888;2181"
_CONF_server.2: "zk2:2888:3888;2181"
_CONF_server.3: "zk3:2888:3888;2181"
networks:
kafka:
volumes:
- type: bind
source: ./zk3/dataLog
target: /opt/zk/dataLog
- type: bind
source: ./zk3/data
target: /opt/zk/data
- type: bind
source: ./zk3/logs
target: /opt/zk/logs
kafka1:
image: harbor.colben.cn/general/kafka:2.7
container_name: kafka1
restart: on-failure
environment:
KAFKA_OPTS: "-Xmx1G -Xms1G"
_CONF_broker.id: 1
_CONF_listeners: "PLAINTEXT://kafka1:9092"
_CONF_zookeeper.connect: "zk1:2181,zk2:2181,zk3:2181"
networks:
kafka:
volumes:
- type: bind
source: ./kafka1/data
target: /opt/kafka/data
- type: bind
source: ./kafka1/logs
target: /opt/kafka/logs
kafka2:
image: harbor.colben.cn/general/kafka:2.7
container_name: kafka2
restart: on-failure
environment:
KAFKA_OPTS: "-Xmx1G -Xms1G"
_CONF_broker.id: 2
_CONF_listeners: "PLAINTEXT://kafka2:9092"
_CONF_zookeeper.connect: "zk1:2181,zk2:2181,zk3:2181"
networks:
kafka:
volumes:
- type: bind
source: ./kafka2/data
target: /opt/kafka/data
- type: bind
source: ./kafka2/logs
target: /opt/kafka/logs
kafka3:
image: harbor.colben.cn/general/kafka:2.7
container_name: kafka3
restart: on-failure
environment:
KAFKA_OPTS: "-Xmx1G -Xms1G"
_CONF_broker.id: 3
_CONF_listeners: "PLAINTEXT://kafka3:9092"
_CONF_zookeeper.connect: "zk1:2181,zk2:2181,zk3:2181"
networks:
kafka:
volumes:
- type: bind
source: ./kafka3/data
target: /opt/kafka/data
- type: bind
source: ./kafka3/logs
target: /opt/kafka/logs
networks:
kafka:

6
kafka/Dockerfile Normal file
View File

@ -0,0 +1,6 @@
ARG ARCH
FROM harbor.colben.cn/general/jdk$ARCH:8
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
CMD ["/opt/ccmd"]

21
kafka/README.md Normal file
View File

@ -0,0 +1,21 @@
# 构建 kafka 镜像
## 导入文件
- [kafka_2.13-$VERSION.tgz](https://kafka.apache.org/downloads)
## 定制
- 修改 rootLogger
- 创建日志目录和数据目录
- 启动时指定数据目录和日志目录参数,覆盖配置文件
## 外挂目录和文件
- /opt/kafka/data: kafka 数据目录
- /opt/kafka/logs: kafka 日志目录
## 引入环境变量
- KAFKA_OPTS: kafka 参数
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 部署 kafka 单节点
- [Demo/ThreeNodes/](Demo/ThreeNodes/): 部署 kafka 集群

77
kafka/kafka.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION=$1
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:${VERSION%.*}"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing kafka $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/kafka_2.13-$VERSION.tgz
mv kafka_2.13-$VERSION kafka
cp kafka/config/server.properties kafka/config/server.properties.sample
sed -i '/^log4j\.rootLogger/clog4j.rootLogger=INFO, connectAppender' kafka/config/connect-log4j.properties
sed -i '/^log4j\.rootLogger/clog4j.rootLogger=INFO, kafkaAppender' kafka/config/log4j.properties
mkdir kafka/{data,logs}
rm -rf kafka/site-docs
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" --build-arg VERSION="$VERSION" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

56
keepalived/ADD/ccmd Executable file
View File

@ -0,0 +1,56 @@
#!/bin/bash
##################################################
# Docker #
# - --privileged #
# - --net host #
# Mount dir #
# - /etc/keepalived/ #
# - LOG_DIR #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
LOG_DIR='/var/log/keepalived'
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
Print killing keepalived ...
while :; do
pkill -f keepalived && Print killing keepalived ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function StartProc {
Print Start keeplived ...
rm -rf /var/run/keepalived
keepalived -f /etc/keepalived/keepalived.conf -lDGn &>> $LOG_DIR/keepalived.log &
PIDS="$PIDS $!"
}
function Main {
local pid=
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

11
keepalived/Dockerfile Normal file
View File

@ -0,0 +1,11 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN apk update \
&& apk add --no-cache keepalived \
&& mkdir -p /var/log/keepalived \
&& rm -f /etc/keepalived/keepalived.conf \
&& rm -rf /var/cache/apk/*
CMD ["/opt/ccmd"]

13
keepalived/README.md Normal file
View File

@ -0,0 +1,13 @@
# 构建 keepalived 镜像
## 定制
- 安装 keepalived
- docker 参数: --privileged --net host
## 外挂目录和文件
- /etc/keepalived: keepalived 配置目录
- /var/log/keepalived: keepalived 日志目录
## 案例
- [/OPS/GeneralDocker/mysql/Demo/TowMasterNodes/](/OPS/GeneralDocker/mysql/Demo/TowMasterNodes/): 两台 mysql 高可用,不抢占模式

67
keepalived/keepalived.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

104
kibana/ADD/ccmd Executable file
View File

@ -0,0 +1,104 @@
#!/bin/bash
##################################################
# Mount dir #
# - /opt/kibana/config #
# - /opt/kibana/data #
# - /opt/kibana/logs #
# - /opt/kibana/offline-plugins #
# - /opt/kibana/plugins #
# ENV #
# - _CONF_* #
# - NODE_OPTIONS #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f node && Print killing node ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**/opt/kibana/{config,data,logs,offline-plugins,plugins} mounted from host**
'
}
function RestoreConf {
if [ -z "$(ls config/)" ]; then
Print Restore default config files and quit ...
tar zxf config.tgz
exit
fi
}
function ModifyConf {
local kv=
local conf='config/kibana.yml'
Print Modify $conf ...
while read kv; do
[ -z "$kv" ] && break
sed -i "/^${kv%%=*}: /d" $conf
echo "${kv/=/: }" >> $conf
done <<< "$(env | grep '^_CONF_' | sed 's/_CONF_//')"
}
function InstallPlugin {
for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do
Print Install plugins from offline file: $f ...
./bin/kibana-plugin install file://$f
mv $f $f.installed
done
}
function ChangeOwner {
Print Change file owner ...
chown -R kibana.kibana config/ data/ logs/ plugins/
}
function StartProc {
Print Start kibana ...
su - kibana -c "
export NODE_OPTIONS='${NODE_OPTIONS:-}'
/opt/kibana/bin/kibana
" &>> logs/kibana.out &
PIDS="$PIDS $!"
}
function Main {
local pid=
cd /opt/kibana
Usage
RestoreConf
ModifyConf
InstallPlugin
ChangeOwner
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

17
kibana/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,17 @@
# 部署 kibana
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```
- 浏览器访问 http://127.0.0.1:5601

33
kibana/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,33 @@
version: "3.7"
services:
kibana:
image: harbor.colben.cn/general/kibana:7
container_name: kibana
restart: "on-failure"
stop_grace_period: 1m
environment:
_CONF_server.port: 5601
_CONF_server.host: 127.0.0.1
_CONF_server.name: kibana
_CONF_elasticsearch.hosts: '["http://127.0.1.1:9200","http://127.0.1.2:9200","http://127.0.1.3:9200"]'
_CONF_elasticsearch.username: kibana_system
_CONF_elasticsearch.password: Pass_1234
network_mode: host
volumes:
- type: bind
source: ./kibana/config
target: /opt/kibana/config
- type: bind
source: ./kibana/data
target: /opt/kibana/data
- type: bind
source: ./kibana/logs
target: /opt/kibana/logs
- type: bind
source: ./kibana/plugins
target: /opt/kibana/plugins
- type: bind
source: ./kibana/offline-plugins
target: /opt/kibana/offline-plugins

7
kibana/Dockerfile Normal file
View File

@ -0,0 +1,7 @@
ARG ARCH
FROM harbor.colben.cn/general/photon$ARCH
MAINTAINER Colben colbenlee@gmail.com
RUN useradd -s /bin/bash -Um -u 1011 kibana
ADD --chown=kibana:kibana /ADD/ /opt/
CMD ["/opt/ccmd"]

23
kibana/README.md Normal file
View File

@ -0,0 +1,23 @@
# 构建 kibana 镜像
## 导入文件
- [下载 kibana-$VERSION-linux${ARCH:--x86_64}.tar.gz](https://www.elastic.co/cn/downloads/kibana)
## 定制
- 创建日志目录和插件目录
- 在启动参数中指定数据目录和日志目录,覆盖配置文件
## 外挂目录和文件
- /opt/kibana/config: kibana 配置目录
- /opt/kibana/data: kibana 数据目录
- /opt/kibana/logs: kibana 日志目录
- /opt/kibana/plugins: kibana 插件目录
- /opt/kibana/offline-plugins: kibana 离线插件目录,把离线插件文件(xxxx.zip)放在该目录下,重启容器后可以自动安装
## 引入环境变量
- NODE_OPTIONS: kibana 启动参数
- \_CONF\_\*: kibana 配置
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 启动 kibana

77
kibana/kibana.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="$1"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing kibana $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/kibana-$VERSION-linux${ARCH:--x86_64}.tar.gz -C .
mv kibana-$VERSION-linux${ARCH:--x86_64} kibana
cd kibana
mkdir logs offline-plugins
echo -e '\n# Custom' >> config/kibana.yml
tar zcf config.tgz config
rm -rf config/*
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

79
letsencrypt/ADD/ccmd Executable file
View File

@ -0,0 +1,79 @@
#!/bin/bash
##################################################
# Mount dir #
# - /etc/letsencrypt #
# - /var/log/letsencrypt #
# ENV #
# - DOMAINS #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f python && Print killing python ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**host network**
**env DOMAINS**
**/etc/letsencrypt and /var/log/letsencrypt mounted from host**
'
}
function StartProc {
if [ ! -e /etc/letsencrypt/accounts ]; then
Print Register ...
certbot register --register-unsafely-without-email --agree-tos
if echo "$DOMAINS" | grep -qo '^*'; then
Print Request wildcard certificate ...
certbot certonly -q --manual \
--manual-auth-hook /etc/letsencrypt/manual-hook.sh \
-d "$DOMAINS" --preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory
else
Print Request certificate ...
certbot certonly -q -n --standalone -d $DOMAINS
fi
Print Generate dhparam.pem ...
openssl dhparam -out /etc/letsencrypt/dhparam.pem 2048 \
&>/var/log/letsencrypt/dhparam.out
else
if echo "$DOMAINS" | grep -qo '^*'; then
Print Renew wildcard certificate ...
certbot certonly --force-renewal -q --manual \
--manual-auth-hook /etc/letsencrypt/manual-hook.sh \
-d "$DOMAINS" --preferred-challenges dns \
--server https://acme-v02.api.letsencrypt.org/directory
else
Print Renew certificate ...
certbot renew -q --force-renewal
fi
fi
}
function Main {
Usage
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
StartProc
}
# Start here
Main

35
letsencrypt/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,35 @@
# 部署 letsencrypt
- 为域名 x1.xx.com 和 x2.xx.com 申请 ssl 证书,并在每月的 31 号晚上十一点更新一次
- 为域名 \*.xxx.com 申请 ssl 证书,并在每月的 31 号晚上十点更新一次
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 获取通配域名的证书时,需要手动设置 TXT 解析记录,这里配合脚本实现自动化获取和更新
- 调用腾讯云接口设置 TXT 解析记录
```
cp tencent-api.sh letsencrypt-wildcard/etc/manual-hook.sh
```
- 调用腾讯云接口设置 TXT 解析记录
```
cp aliyun-api.sh letsencrypt-wildcard/etc/manual-hook.sh
```
- 启动
```
docker-compose up -d
```
- 创建定时任务
```
0 23 31 * * docker-compose -f /compose/docker-compose.yml up -d letsencrypt
0 22 31 * * docker-compose -f /compose/docker-compose.yml up -d letsencrypt-wildcard
```

147
letsencrypt/Demo/SingleNode/aliyun-api.sh Executable file
View File

@ -0,0 +1,147 @@
#!/bin/bash
#=========================================
# Author : Colben
# Create : 2022-04-11 19:48
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
ACCESS_KEY_ID='aliyun access key id'
ACCESS_KEY_SECRET='aliyun access key secret'
DOMAIN=$CERTBOT_DOMAIN
SUB_DOMAIN=_acme-challenge
RECORD_ID=
RECORD_VA=$CERTBOT_VALIDATION
PID_FILE=/tmp/$(basename ${0%.sh}).pid
if [ -t 0 ]; then
function Print { echo -e "\033[32;1m$(date +'[%F %T]') $*\033[0m"; }
function Warn { echo -e "\033[33;1m$(date +'[%F %T]') $*\033[0m"; }
function Error { echo -e "\033[31;1m$(date +'[%F %T]') $*\033[0m"; exit 1; }
else
#exec &> ${0%.sh}.out
function Print { echo -e "$(date +'[%F %T] INFO') $*"; }
function Warn { echo -e "$(date +'[%F %T] WARN') $*"; }
function Error { echo -e "$(date +'[%F %T] ERROR') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to request aliyun api!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to request aliyun api and wait 30 seconds.
sleep 30
}
function GetSignature {
local uriEncoded="GET&%2F&$(echo "$1" | sed -e 's/=/%3D/g' -e 's/:/%253A/g' -e 's/&/%26/g')"
local sha1Str=$(echo -n "$uriEncoded" | openssl dgst -sha1 -hmac "$ACCESS_KEY_SECRET&" -binary)
echo -n "$sha1Str" | base64 | sed -e 's/=/%3D/g' -e 's/+/%2B/g' -e 's,/,%2F,g'
}
function ListRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=DescribeDomainRecords"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&KeyWord=$SUB_DOMAIN"
uri="${uri}&SearchMode=EXACT"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn List record ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
RECORD_ID=$(echo $resp | jq -crM .DomainRecords.Record[].RecordId)
[ 'null' == "$RECORD_ID" ] && echo "$resp" && exit 1
return 0
}
function CreateRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=AddDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RR=$SUB_DOMAIN"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Value=$RECORD_VA"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Create sub_domain: $SUB_DOMAIN with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
}
function ModifyRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=UpdateDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RR=$SUB_DOMAIN"
uri="${uri}&RecordId=$RECORD_ID"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Type=TXT"
uri="${uri}&Value=$RECORD_VA"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Modify record: $RECORD_ID with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
}
function DeleteRecord {
Warn Get request uri ...
local sign=
local resp=
local uri="AccessKeyId=$ACCESS_KEY_ID"
uri="${uri}&Action=DeleteDomainRecord"
uri="${uri}&DomainName=$DOMAIN"
uri="${uri}&Format=JSON"
uri="${uri}&RecordId=$RECORD_ID"
uri="${uri}&SignatureMethod=HMAC-SHA1"
uri="${uri}&SignatureNonce=$RANDOM"
uri="${uri}&SignatureVersion=1.0"
uri="${uri}&Timestamp=$(date +'%FT%TZ' -d'8 hours ago')"
uri="${uri}&Version=2015-01-09"
sign=$(GetSignature "$uri")
Warn Delete record $RECORD_ID ...
resp=$(curl -sSL -XGET "http://alidns.aliyuncs.com/?$uri&Signature=$sign" | jq -eM .)
[ 'null' != "$(echo $resp | jq -crM .Message)" ] && echo "$resp" && exit 1
return 0
}
function Main {
[ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit!
echo $$ > $PID_FILE
ListRecord
[ -z "$RECORD_ID" ] && CreateRecord
[ -n "$RECORD_ID" ] && ModifyRecord
END=1
}
# Start here
Main

35
letsencrypt/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,35 @@
version: "3.7"
services:
letsencrypt:
image: harbor.colben.cn/general/letsencrypt
container_name: letsencrypt
restart: "no"
stop_grace_period: 1m
environment:
DOMAINS: x1.xx.com,x2.xx.com
network_mode: host
volumes:
- type: bind
source: ./letsencrypt/etc
target: /etc/letsencrypt
- type: bind
source: ./letsencrypt/log
target: /var/log/letsencrypt
letsencrypt-wildcard:
image: harbor.colben.cn/general/letsencrypt
container_name: letsencrypt-wildcard
restart: "no"
stop_grace_period: 1m
environment:
DOMAINS: "*.xxx.com"
network_mode: host
volumes:
- type: bind
source: ./letsencrypt-wildcard/etc
target: /etc/letsencrypt
- type: bind
source: ./letsencrypt-wildcard/log
target: /var/log/letsencrypt

136
letsencrypt/Demo/SingleNode/tencent-api.sh Executable file
View File

@ -0,0 +1,136 @@
i#!/bin/bash
#=========================================
# Author : colben
# Create : 2022-04-04 10:12
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
SECRET_ID='tencent secret id'
SECRET_KEY='tencent secret key'
DOMAIN=$CERTBOT_DOMAIN
SUB_DOMAIN=_acme-challenge
RECORD_ID=
RECORD_VA=$CERTBOT_VALIDATION
PID_FILE=/tmp/$(basename ${0%.sh}).pid
if [ -t 0 ]; then
function Print { echo -e "\033[32;1m$(date +'[%F %T]') $*\033[0m"; }
function Warn { echo -e "\033[33;1m$(date +'[%F %T]') $*\033[0m"; }
function Error { echo -e "\033[31;1m$(date +'[%F %T]') $*\033[0m"; exit 1; }
else
#exec &> ${0%.sh}.out
function Print { echo -e "$(date +'[%F %T] INFO') $*"; }
function Warn { echo -e "$(date +'[%F %T] WARN') $*"; }
function Error { echo -e "$(date +'[%F %T] ERROR') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to request tencent api!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to request tencent api and wait 30 seconds.
sleep 30
}
function GetSignature {
local sha1Str=$(echo -n "GET$1" | openssl dgst -sha1 -hmac "$SECRET_KEY" -binary)
echo -n "$sha1Str" | base64 | sed -e 's/=/%3D/g' -e 's/+/%2B/g'
}
function ListRecord {
Warn Get request url ...
local sign=
local resp=
local url='cns.api.qcloud.com/v2/index.php'
url="${url}?Action=RecordList"
url="${url}&Nonce=$RANDOM"
url="${url}&SecretId=$SECRET_ID"
url="${url}&Timestamp=$(date +%s)"
url="${url}&Version=2018-08-08"
url="${url}&domain=$DOMAIN"
sign=$(GetSignature "$url")
Warn List record ...
resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
[ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
RECORD_ID=$(echo $resp | jq -crM ".data.records[] | select(.name == \"$SUB_DOMAIN\") | .id")
}
function CreateRecord {
Warn Get request url ...
local sign=
local resp=
local url='cns.api.qcloud.com/v2/index.php'
url="${url}?Action=RecordCreate"
url="${url}&Nonce=$RANDOM"
url="${url}&SecretId=$SECRET_ID"
url="${url}&Timestamp=$(date +%s)"
url="${url}&Version=2018-08-08"
url="${url}&domain=$DOMAIN"
url="${url}&recordLine=默认"
url="${url}&recordType=TXT"
url="${url}&subDomain=$SUB_DOMAIN"
url="${url}&value=$RECORD_VA"
sign=$(GetSignature "$url")
Warn Create sub_domain: $SUB_DOMAIN with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
[ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
return 0
}
function ModifyRecord {
Warn Get request url ...
local sign=
local resp=
local url='cns.api.qcloud.com/v2/index.php'
url="${url}?Action=RecordModify"
url="${url}&Nonce=$RANDOM"
url="${url}&SecretId=$SECRET_ID"
url="${url}&Timestamp=$(date +%s)"
url="${url}&Version=2018-08-08"
url="${url}&domain=$CERTBOT_DOMAIN"
url="${url}&recordId=$RECORD_ID"
url="${url}&recordLine=默认"
url="${url}&recordType=TXT"
url="${url}&subDomain=$SUB_DOMAIN"
url="${url}&value=$RECORD_VA"
sign=$(GetSignature "$url")
Warn Modify record: $RECORD_ID with value: $RECORD_VA ...
resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
[ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
return 0
}
function DeleteRecord {
Warn Get request url ...
local sign=
local resp=
local url='cns.api.qcloud.com/v2/index.php'
url="${url}?Action=RecordDelete"
url="${url}&Nonce=$RANDOM"
url="${url}&SecretId=$SECRET_ID"
url="${url}&Timestamp=$(date +%s)"
url="${url}&Version=2018-08-08"
url="${url}&domain=$DOMAIN"
url="${url}&recordId=$RECORD_ID"
sign=$(GetSignature "$url")
Warn Delete record $RECORD_ID ...
resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .)
[ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1
return 0
}
function Main {
[ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit!
echo $$ > $PID_FILE
ListRecord
[ -z "$RECORD_ID" ] && CreateRecord
[ -n "$RECORD_ID" ] && ModifyRecord
END=1
}
# Start here
Main

10
letsencrypt/Dockerfile Normal file
View File

@ -0,0 +1,10 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN apk update \
&& apk add --no-cache certbot openssl jq \
&& mkdir -p /etc/letsencrypt /var/log/letsencrypt \
&& rm -rf /var/cache/apk/*
CMD ["/opt/ccmd"]

17
letsencrypt/README.md Normal file
View File

@ -0,0 +1,17 @@
# 构建 letsencrypt 镜像
## 定制
- 安装 certbot 和 openssl
- 不支持通配域名
## 外挂目录和文件
- /etc/letsencrypt: letsencrypt 数据目录
- /var/log/letsencrypt: letsencrypt 日志目录
- /etc/letsencrypt/manual-hook.sh: 手动获取证书时用到的钩子脚本
## 引入环境变量
- DOMAINS: 待申请 ssl 证书的域名,多个域名用逗号间隔
## 案例 1
- [Demo/SingleNode/](/Demo/SingleNode/): 部署 letsencrypt

67
letsencrypt/letsencrypt.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

84
logstash6/ADD/ccmd Executable file
View File

@ -0,0 +1,84 @@
#!/bin/bash
##################################################
# Mount dir #
# - /opt/logstash/config #
# - /opt/logstash/data #
# - /opt/logstash/logs #
# - /opt/logstash/offline-plugins #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
while :; do
pkill -f java && Print killing java ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Usage {
Print 'This container should run with
**root user**
**/opt/logstash/{config,data,logs,offline-plugins} mounted from host**
'
}
function RestoreConf {
if [ -z "$(ls config/)" ]; then
Print Restore default config files and quit ...
tar zxf config.tgz
GOT_SIGTERM=1
exit 0
fi
}
function InstallPlugin {
for f in $(ls -d offline-plugins/*.zip 2>/dev/null); do
Print Install plugins from offline file: $f ...
./bin/logstash-plugin install file://$f
mv $f $f.installed
done
}
function StartProc {
Print Start logstash ...
./bin/logstash \
--path.data /opt/logstash/data \
--path.logs /opt/logstash/logs \
--path.settings /opt/logstash/config \
&>> logs/logstash.out &
PIDS="$PIDS $!"
}
function Main {
local pid=
cd /opt/logstash
Usage
RestoreConf
InstallPlugin
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

21
logstash6/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,21 @@
# 部署 logstash6
- 为域名 x1.xx.com 和 x2.xx.com 申请 ssl 证书,并在每月的 31 号晚上十一点更新一次
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```
- 创建定时任务
```
0 23 31 * * docker-compose -f /compose/docker-compose.yml up -d letsencrypt
```

23
logstash6/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,23 @@
version: "3.7"
services:
logstash:
image: harbor.colben.cn/general/logstash:6
container_name: logstash
restart: "on-failure"
stop_grace_period: 2m
network_mode: host
volumes:
- type: bind
source: ./es/config
target: /opt/es/config
- type: bind
source: ./es/data
target: /opt/es/data
- type: bind
source: ./es/logs
target: /opt/es/logs
- type: bind
source: ./es/offline-plugins
target: /opt/es/offline-plugins

6
logstash6/Dockerfile Normal file
View File

@ -0,0 +1,6 @@
ARG ARCH
FROM harbor.colben.cn/general/jdk$ARCH:8
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
CMD ["/opt/ccmd"]

18
logstash6/README.md Normal file
View File

@ -0,0 +1,18 @@
# 构建 logstash6 镜像
## 导入文件
- [logstash-$VERSION.tar.gz](https://www.elastic.co/cn/downloads/logstash)
## 定制
- 创建日志目录和插件目录
- 在启动参数中指定数据目录和日志目录,覆盖配置文件
## 外挂目录和文件
- /opt/logstash/config: logstash 配置目录
- /opt/logstash/data: logstash 数据目录
- /opt/logstash/logs: logstash 日志目录
- /opt/logstash/offline-plugins: logstash 离线插件目录,把离线插件文件(xxxx.zip)放在该目录下,重启容器后可以自动安装
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 部署 logstash6

76
logstash6/logstash.sh Executable file
View File

@ -0,0 +1,76 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
VERSION="6.${1#6.}"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:$VERSION"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
Warn Preparing logstash $VERSION ...
cd $ROOT_DIR/ADD
rm -rf $(ls | grep -v ccmd || true)
tar zxf /release/RUNTIME/logstash-$VERSION.tar.gz -C .
mv logstash-$VERSION logstash
cd logstash
mkdir logs offline-plugins
tar zcf config.tgz config
rm -rf config/*
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

94
mariadb/ADD/ccmd Executable file
View File

@ -0,0 +1,94 @@
#!/bin/bash
##################################################
# Mount file #
# - /etc/my.cnf #
# Mount dir #
# - LOG_DIR #
# - DATA_DIR #
# - BINLOG_DIR #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
LOG_DIR='/var/log/mysql'
DATA_DIR='/var/lib/mysql'
BINLOG_DIR='/var/lib/mysql-bin'
INIT_FLAG=${INIT_FLAG:-}
SOCK_FILE='/run/mysqld/mysqld.sock'
PID_FILE='/run/mysqld/mysqld.pid'
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
Print killing mysqld ...
mysqladmin shutdown --wait-for-all-slaves || true
while :; do
pkill -f mysqld && Print killing mysqld ... || break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function Init {
rm -f $SOCK_FILE $PID_FILE
chown -R mysql.mysql $LOG_DIR $BINLOG_DIR $DATA_DIR
if [ ! -d "$DATA_DIR/mysql" ]; then
Print Init mysql db files ...
mysql_install_db --user=mysql > /dev/null
INIT_FLAG=1
fi
}
function StartProc {
local sql_file=
local sql_files=
Print Start mysql ...
mysqld -u mysql &
PIDS="$PIDS $!"
while sleep 1; do
[ -e $SOCK_FILE ] && break || echo -n .
[ ! -e /proc/$! ] && echo && Print unexpected error! && exit
done
echo
if [ -n "$INIT_FLAG" ]; then
Print Secure database ...
mysql_secure_installation <<< "$(echo -e '\nn\nn\n\n\n\n\n')" > /dev/null
mysql -e "CREATE USER docker@localhost IDENTIFIED BY 'China_19\$(10)!'"
mysql -e "GRANT SHUTDOWN ON *.* TO docker@localhost"
if sql_files="$(ls $DATA_DIR/init_sql/*.sql 2>/dev/null)"; then
Print Import the sql files ...
for sql_file in $sql_files; do
Print Importing $sql_file ...
mysql < $sql_file
done
Print Imported all sql files successfully.
fi
fi
Print MySQL is ready for connections.
}
function Main {
local pid=
Init
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

15
mariadb/Demo/SingleNode/README.md Normal file
View File

@ -0,0 +1,15 @@
# 部署 mariadb 单点
- 根据实际环境修改
- docker-compose.yml
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 启动
```
docker-compose up -d
```

25
mariadb/Demo/SingleNode/docker-compose.yml Normal file
View File

@ -0,0 +1,25 @@
version: "3.7"
services:
mariadb:
image: harbor.colben.cn/general/mariadb
container_name: mariadb
restart: "on-failure"
stop_grace_period: 5m
privileged: true
ports:
- 3306:3306
volumes:
- type: bind
source: ./mariadb/my.cnf
target: /etc/my.cnf
- type: bind
source: ./mariadb/binlog
target: /var/lib/mysql-bin
- type: bind
source: ./mariadb/db
target: /var/lib/mysql
- type: bind
source: ./mariadb/log
target: /var/log/mysql

3
mariadb/Demo/SingleNode/mariadb/my.cnf Normal file
View File

@ -0,0 +1,3 @@
[mysqld]
log-bin = /var/lib/mysql-bin/master

31
mariadb/Dockerfile Normal file
View File

@ -0,0 +1,31 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN apk update \
&& apk add --no-cache mariadb mariadb-client \
&& rm -rf /var/cache/apk/* /etc/my.cnf* /etc/mysql/* \
&& echo -e '[mysqld]\n'> /etc/my.cnf \
&& echo -e '[client]\n\
socket = /run/mysqld/mysqld.sock\n\
\n\
[server]\n\
datadir = /var/lib/mysql\n\
socket = /run/mysqld/mysqld.sock\n\
pid-file = /run/mysqld/mysqld.pid\n\
log-error = /var/log/mysql/error.log\n\
character-set-server = utf8mb4\n\
default-storage-engine = innodb\n\
slow-query-log = TRUE\n\
slow-query-log-file = /var/log/mysql/slow.log\n\
lower-case-table-names = 1\n\
\n\
[mysqladmin]\n\
user = docker\n\
password = China_19$(10)!\n\
' > /etc/mysql/my.cnf \
&& sed -i 's/stty/#stty/' /usr/bin/mysql_secure_installation \
&& mkdir -p /var/log/mysql /var/lib/mysql-bin /run/mysqld \
&& chown -R mysql.mysql /var/log/mysql /var/lib/mysql-bin /run/mysqld
CMD ["/opt/ccmd"]

19
mariadb/README.md Normal file
View File

@ -0,0 +1,19 @@
# 构建 mariadb 镜像
## 定制
- 安装 mariadb
- 固定一些常用配置
- 第一次启动 mysql 时,会执行如下操作
- 初始化数据目录后
- 自动创建一个只有 shutdown 权限的普通用户,该用户用于优雅停止 mysql__不要修改该用户任何信息__
- 自动执行 {mysql-log}/init_sql/ 下的 xxxx.sql 文件
## 外挂目录和文件
- /etc/my.cnf: mysql 配置文件
- /var/lib/mysql: mysql 数据目录
- /var/lib/mysql-bin: mysql binlog 目录
- /var/log/mysql: mysql 日志目录
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 部署 mariadb 单点

67
mariadb/mariadb.sh Executable file
View File

@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main

Some files were not shown because too many files have changed in this diff Show More