环境回顾
上一篇文章中,我们讲解了 openEuler 22.03 LTS 安装 Docker CE 和 Dcoker Compose,部署的软件环境版本分别如下:
- OS 系统:
openEuler 22.03 LTS(openEuler-22.03-LTS-x86_64-dvd.iso) - Docker Engine:
Docker CE(Docker Engine - Community v24.0.6) - Docker Compose:
Docker Compose v2.21.0
接着上面部署的环境,我们继续讲解如何使用 docker compose 一键部署 JumpServer (all-in-one 模式)。
Compose 部署步骤
编排文件是使用 Docker Compose 的核心,支持 compose.yaml 或者compose.yml 作为默认名称,也向后兼容 docker-compose.yaml 和 docker-compose.yml,如果这些文件都存在则首选 compose.yaml。你也可以使用其他名称,只是需要在启动的时候指定文件名。
Docker Engine和Compose版本支持列表
| Compose file format | Docker Engine release |
|---|---|
| Compose specification | 19.03.0+ |
| 3.8 | 19.03.0+ |
| 3.7 | 18.06.0+ |
| 3.6 | 18.02.0+ |
| 3.5 | 17.12.0+ |
| 3.4 | 17.09.0+ |
| 3.3 | 17.06.0+ |
| 3.2 | 17.04.0+ |
| 3.1 | 1.13.1+ |
| 3.0 | 1.13.0+ |
| 2.4 | 17.12.0+ |
| 2.3 | 17.06.0+ |
| 2.2 | 1.13.0+ |
| 2.1 | 1.12.0+ |
| 2.0 | 1.10.0+ |
关于
docker和compose支持矩阵更多信息,请查看官方文档 https://docs.docker.com/compose/compose-file/compose-file-v3/
1、compose healthcheck 举例
关于 mariadb docker compose healthcheck 配置说明:
Docker Compose 可以通过在 docker-compose.yml 文件中设置 healthcheck 配置来检查 MariaDB 容器的健康状态。
在 docker-compose.yml 中,可以在 services.mariadb 配置下添加 healthcheck:
services:
mariadb:
image: mariadb:latest
healthcheck:
test: ["CMD-SHELL", "mysqladmin ping --silent"]
interval: 30s
timeout: 10s
retries: 3
在这个例子中,我们使用了 mysqladmin ping 命令来检查 MariaDB 是否健康。如果 MariaDB 返回了 “mysqld is alive”,则视为健康,否则视为不健康。间隔 30s 检查一次,超时 10s,如果失败 3次 就认为 unhealthy。
注意:如果
MariaDB容器内部没有安装mysqladmin命令,这个健康检查将失败。
2、编写 Compose.yaml 文件
编写 jumpserver-allinone-compose.yaml 文件信息如下:
version: '3.8'
services:
mariadb:
image: mariadb:10.11
container_name: jms_mariadb
restart: always
command: --log-bin --log-basename=mariadb --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci
environment:
DB_PORT: ${DB_PORT:-3306}
MARIADB_ROOT_PASSWORD: ${DB_PASSWORD:-My123456}
MARIADB_DATABASE: ${DB_NAME:-jumpserver}
TZ: "Asia/Shanghai"
ports:
- 3306:3306
healthcheck:
test: "mysql -h 127.0.0.1 -u root -p $$MARIADB_ROOT_PASSWORD -e 'SHOW DATABASES;'"
interval: 10s
timeout: 5s
retries: 3
start_period: 30s
volumes:
- ${VOLUME_DIR:-./jms_data}/mariadb/data:/var/lib/mysql
networks:
- net
redis:
image: redis:6.2
container_name: jms_redis
restart: always
command: redis-server --requirepass ${REDIS_PASSWORD:-Rds123456} --loglevel warning --maxmemory-policy allkeys-lru
environment:
REDIS_PORT: ${REDIS_PORT:-6379}
REDIS_PASSWORD: ${REDIS_PASSWORD:-Rds123456}
ports:
- 6379:6379
healthcheck:
test: "redis-cli -h 127.0.0.1 -p $$REDIS_PORT -a $$REDIS_PASSWORD info Replication"
interval: 10s
timeout: 5s
retries: 3
start_period: 10s
volumes:
- ${VOLUME_DIR:-./jms_data}/redis/data:/data
networks:
- net
jumpserver:
image: jumpserver/jms_all:${VERSION:-latest}
build:
context: .
dockerfile: Dockerfile
container_name: jms_all
privileged: true
restart: always
environment:
SECRET_KEY: ${SECRET_KEY:-vYneAbsXUhe4BghEeedNL7nfWLwaTTmhnwQMvjYOIG25Ofzghk}
BOOTSTRAP_TOKEN: ${BOOTSTRAP_TOKEN:-K1ffDfLSIK8SV2PZj6VaxOiv8KuawlJK}
DEBUG: ${DEBUG:-FALSE}
LOG_LEVEL: ${LOG_LEVEL:-ERROR}
DB_HOST: ${DB_HOST:-mysql}
DB_PORT: ${DB_PORT:-3306}
DB_USER: ${DB_USER:-root}
DB_PASSWORD: ${DB_PASSWORD:-My123456}
DB_NAME: ${DB_NAME:-jumpserver}
REDIS_HOST: ${REDIS_HOST:-redis}
REDIS_PORT: ${REDIS_PORT:-6379}
REDIS_PASSWORD: ${REDIS_PASSWORD:-Rds123456}
MAGNUS_MYSQL_PORT: ${MAGNUS_MYSQL_PORT:-33061}
MAGNUS_MARIADB_PORT: ${MAGNUS_MARIADB_PORT:-33062}
MAGNUS_REDIS_PORT: ${MAGNUS_REDIS_PORT:-63790}
ports:
- ${HTTP_PORT:-80}:80/tcp
- ${SSH_PORT:-2222}:2222/tcp
- ${MAGNUS_MYSQL_PORT:-33061}:33061/tcp
- ${MAGNUS_MARIADB_PORT:-33062}:33062/tcp
- ${MAGNUS_REDIS_PORT:-63790}:63790/tcp
depends_on:
mariadb:
condition: service_healthy
redis:
condition: service_healthy
healthcheck:
test: "curl -fsL http://localhost/api/health/ > /dev/null"
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
volumes:
- ${VOLUME_DIR:-./jms_data}/core/data:/opt/jumpserver/core/data
- ${VOLUME_DIR:-./jms_data}/koko/data:/opt/jumpserver/koko/data
- ${VOLUME_DIR:-./jms_data}/lion/data:/opt/jumpserver/lion/data
- ${VOLUME_DIR:-./jms_data}/magnus/data:/opt/jumpserver/magnus/data
- ${VOLUME_DIR:-./jms_data}/chen/data:/opt/jumpserver/chen/data
- ${VOLUME_DIR:-./jms_data}/kael/data:/opt/jumpserver/kael/data
- ${VOLUME_DIR:-./jms_data}/nginx/data:/var/log/nginx
networks:
- net
networks:
net:
3、执行 Compose 命令
查看 docker compose 命令:
[root@jumpServer ~]# docker compose --help
Usage: docker compose [OPTIONS] COMMAND
Define and run multi-container applications with Docker.
Options:
--ansi string Control when to print ANSI control characters ("never"|"always"|"auto")
(default "auto")
--compatibility Run compose in backward compatibility mode
--dry-run Execute command in dry run mode
--env-file stringArray Specify an alternate environment file.
-f, --file stringArray Compose configuration files
--parallel int Control max parallelism, -1 for unlimited (default -1)
--profile stringArray Specify a profile to enable
--progress string Set type of progress output (auto, tty, plain, quiet) (default "auto")
--project-directory string Specify an alternate working directory
(default: the path of the, first specified, Compose file)
-p, --project-name string Project name
Commands:
build Build or rebuild services
config Parse, resolve and render compose file in canonical format
cp Copy files/folders between a service container and the local filesystem
create Creates containers for a service.
down Stop and remove containers, networks
events Receive real time events from containers.
exec Execute a command in a running container.
images List images used by the created containers
kill Force stop service containers.
logs View output from containers
ls List running compose projects
pause Pause services
port Print the public port for a port binding.
ps List containers
pull Pull service images
push Push service images
restart Restart service containers
rm Removes stopped service containers
run Run a one-off command on a service.
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show the Docker Compose version information
wait Block until the first service container stops
Run 'docker compose COMMAND --help' for more information on a command.
- 指定
jumpserver-allinone-compose.yaml文件执行命令快速部署:
docker compose -f jumpserver-allinone-compose.yaml up -d
执行此步骤耐心等待,正常情况输出如下信息:
[root@jumpServer ~]# docker compose -f jumpserver-allinone-compose.yaml up -d
[+] Running 51/51
✔ jumpserver 34 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 1597.9s
✔ b70638ed4228 Pull complete 26.3s
✔ 1671b05d5ff8 Pull complete 14.2s
✔ cf6d41d3b58e Pull complete 15.3s
✔ 4658ace5181e Pull complete 26.8s
✔ 7d89f2b712aa Pull complete 19.0s
✔ 27f0595597bf Pull complete 1371.3s
✔ 5e1c9213656f Pull complete 30.6s
✔ 6b08cbabd196 Pull complete 59.3s
✔ d5e6b8f645d0 Pull complete 33.5s
✔ e61f3aac1553 Pull complete 35.3s
✔ 38e8b0b2cb1d Pull complete 37.2s
✔ 4f4fb700ef54 Pull complete 106.2s
✔ 0c2dc397c237 Pull complete 153.2s
✔ fdf489862f49 Pull complete 115.6s
✔ 7d15347457c2 Pull complete 122.3s
✔ 9ee083a8a7ed Pull complete 127.2s
✔ 3028c2686750 Pull complete 134.0s
✔ 5c15a5371a5f Pull complete 136.6s
✔ df85ed73d9c7 Pull complete 175.0s
✔ 0fbce6cdb40f Pull complete 180.1s
✔ 58780c9b73c1 Pull complete 430.0s
✔ 8370e2af9b40 Pull complete 185.8s
✔ cd0ff3c5c678 Pull complete 205.5s
✔ 46772bf55cde Pull complete 222.4s
✔ e58fedb6f561 Pull complete 227.6s
✔ 361691cd930c Pull complete 257.6s
✔ 181b8c1b3ce9 Pull complete 274.7s
✔ 282738152c09 Pull complete 291.6s
✔ 9b9cbb19c5bf Pull complete 299.0s
✔ 0256f5cdf016 Pull complete 314.0s
✔ bdf2050c3e51 Pull complete 315.9s
✔ 34b12bf59808 Pull complete 331.0s
✔ 1676acb3a378 Pull complete 344.4s
✔ c009086876be Pull complete 346.3s
✔ mariadb 8 layers [⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 484.5s
✔ 7a2c55901189 Pull complete 370.2s
✔ 7eb404fb6599 Pull complete 385.5s
✔ b82494ba74d0 Pull complete 391.6s
✔ c12aefc63360 Pull complete 394.9s
✔ 755d4f319cad Pull complete 397.0s
✔ 3a356b485f3e Pull complete 429.8s
✔ 58cecd92a800 Pull complete 442.3s
✔ 1a788b911657 Pull complete 442.4s
✔ redis 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 520.5s
✔ a378f10b3218 Pull complete 454.1s
✔ a18aae639f26 Pull complete 447.5s
✔ cc636628b1d6 Pull complete 451.5s
✔ 28d286c885bb Pull complete 458.1s
✔ eb5d7888e466 Pull complete 456.4s
✔ 94ae6bcf7a05 Pull complete 471.0s
[+] Running 4/4
✔ Network root_net Created 7.2s
✔ Container jms_mariadb Healthy 5.6s
✔ Container jms_redis Healthy 5.6s
✔ Container jms_all Created 2.0s
...
如果出现如下错误信息:
说明:该问题已经反馈 github issues,请查看https://github.com/jumpserver/jumpserver/issues/11983
[+] Running 4/4
✔ Network root_net Created 7.2s
✘ Container jms_mariadb Error 5.6s
✔ Container jms_redis Healthy 5.6s
✔ Container jms_all Created 2.0s
dependency failed to start: container jms_mariadb is unhealthy
继续查看 168b11c99368 mariadb:10.11 容器日志信息:
[root@jumpServer ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
168b11c99368 mariadb:10.11 "docker-entrypoint.s…" About a minute ago Up About a minute (unhealthy) 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp jms_mariadb
a1a18950bf2c redis:6.2 "docker-entrypoint.s…" About a minute ago Up About a minute (healthy) 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp jms_redis
[root@jumpServer ~]# docker container logs 168b11c99368
2023-10-25 22:27:25+08:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.5+maria~ubu2204 started.
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.5+maria~ubu2204 started.
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Initializing database files
PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following command:
'/usr/bin/mariadb-secure-installation'
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the MariaDB Knowledgebase at https://mariadb.com/kb
Please report any problems at https://mariadb.org/jira
The latest information about MariaDB is available at https://mariadb.org/.
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/
2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Database files initialized
2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Starting temporary server
2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Waiting for server startup
2023-10-25 22:28:35 0 [Note] Starting MariaDB 10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log source revision 7875294b6b74b53dd3aaa723e6cc103d2bb47b2c as process 141
2023-10-25 22:28:36 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2023-10-25 22:28:36 0 [Note] InnoDB: Number of transaction pools: 1
2023-10-25 22:28:36 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2023-10-25 22:28:36 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2023-10-25 22:28:36 0 [Note] InnoDB: Using liburing
2023-10-25 22:28:36 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2023-10-25 22:28:36 0 [Note] InnoDB: Completed initialization of buffer pool
2023-10-25 22:28:36 0 [Note] InnoDB: File system buffers for log disabled (block size=4096 bytes)
2023-10-25 22:28:36 0 [Note] InnoDB: End of log at LSN=46438
2023-10-25 22:28:36 0 [Note] InnoDB: 128 rollback segments are active.
2023-10-25 22:28:36 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2023-10-25 22:28:36 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2023-10-25 22:28:36 0 [Note] InnoDB: log sequence number 46438; transaction id 14
2023-10-25 22:28:36 0 [Note] Plugin 'FEEDBACK' is disabled.
2023-10-25 22:28:37 0 [Warning] 'user' entry 'root@168b11c99368' ignored in --skip-name-resolve mode.
2023-10-25 22:28:37 0 [Warning] 'proxies_priv' entry '@% root@168b11c99368' ignored in --skip-name-resolve mode.
2023-10-25 22:28:37 0 [Note] mariadbd: ready for connections.
Version: '10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log' socket: '/run/mysqld/mysqld.sock' port: 0 mariadb.org binary distribution
2023-10-25 22:28:38+08:00 [Note] [Entrypoint]: Temporary server started.
2023-10-25 22:28:47+08:00 [Note] [Entrypoint]: Creating database jumpserver
2023-10-25 22:28:47+08:00 [Note] [Entrypoint]: Securing system users (equivalent to running mysql_secure_installation)
2023-10-25 22:28:48+08:00 [Note] [Entrypoint]: Stopping temporary server
2023-10-25 22:28:48 0 [Note] mariadbd (initiated by: unknown): Normal shutdown
2023-10-25 22:28:48 0 [Note] InnoDB: FTS optimize thread exiting.
2023-10-25 22:28:49 0 [Note] InnoDB: Starting shutdown...
2023-10-25 22:28:49 0 [Note] InnoDB: Dumping buffer pool(s) to /var/lib/mysql/ib_buffer_pool
2023-10-25 22:28:49 0 [Note] InnoDB: Buffer pool(s) dump completed at 231025 22:28:49
2023-10-25 22:28:50 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2023-10-25 22:28:50 0 [Note] InnoDB: Shutdown completed; log sequence number 46438; transaction id 15
2023-10-25 22:28:50 0 [Note] mariadbd: Shutdown complete
2023-10-25 22:28:50+08:00 [Note] [Entrypoint]: Temporary server stopped
2023-10-25 22:28:50+08:00 [Note] [Entrypoint]: MariaDB init process done. Ready for start up.
2023-10-25 22:28:50 0 [Note] Starting MariaDB 10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log source revision 7875294b6b74b53dd3aaa723e6cc103d2bb47b2c as process 1
2023-10-25 22:28:50 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2023-10-25 22:28:50 0 [Note] InnoDB: Number of transaction pools: 1
2023-10-25 22:28:50 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2023-10-25 22:28:50 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2023-10-25 22:28:50 0 [Note] InnoDB: Using liburing
2023-10-25 22:28:50 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2023-10-25 22:28:50 0 [Note] InnoDB: Completed initialization of buffer pool
2023-10-25 22:28:50 0 [Note] InnoDB: File system buffers for log disabled (block size=4096 bytes)
2023-10-25 22:28:50 0 [Note] InnoDB: End of log at LSN=46438
2023-10-25 22:28:50 0 [Note] InnoDB: 128 rollback segments are active.
2023-10-25 22:28:50 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2023-10-25 22:28:50 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2023-10-25 22:28:50 0 [Note] InnoDB: log sequence number 46438; transaction id 14
2023-10-25 22:28:50 0 [Note] Plugin 'FEEDBACK' is disabled.
2023-10-25 22:28:50 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
2023-10-25 22:28:50 0 [Note] InnoDB: Buffer pool(s) load completed at 231025 22:28:50
2023-10-25 22:28:50 0 [Note] Server socket created on IP: '0.0.0.0'.
2023-10-25 22:28:50 0 [Note] Server socket created on IP: '::'.
2023-10-25 22:28:51 0 [Note] mariadbd: ready for connections.
Version: '10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
继续进入容器查看:
docker 进入当前正在运行容器的两种方式(exec 和 attach 的区别),https://blog.csdn.net/Starrysky_LTL/article/details/121168670
- 测试完毕后清理环境:
docker compose -f jumpserver-allinone-compose.yaml down -v
输出如下信息:
[root@jumpServer ~]# docker compose -f jumpserver-allinone-compose.yaml down
[+] Running 4/4
✔ Container jms_all Removed 0.0s
✔ Container jms_mariadb Removed 5.2s
✔ Container jms_redis Removed 5.0s
✔ Network root_net Removed 1.1s
4、查看 Docker 镜像
通过 compose.yaml 文件拉取的 docker 镜像(image)如下:
[root@jumpServer ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
jumpserver/jms_all latest a4428decf662 4 days ago 3.48GB
redis 6.2 81f00da770d8 6 days ago 127MB
mariadb 10.11 3b3ad3b80a5c 11 days ago 395MB
验证 JumpServer 安装
浏览器查看 JumpServer :
- 地址:
http://<JumpServer服务器IP地址>:<服务运行端口> - 用户名:
admin - 密码:
admin
首次登陆需要修改初始密码,修改后再次登录即可进入系统。
