docker基础命令-阳哥

docker基础篇-阳哥

文章目录

  • docker基础篇-阳哥
    • centos7最小安装准备工作
      • 网络设置
      • 安装必备工具
        • 1.1 安装工具
        • 1.5 优化ssh连接
          • 1.1 修改ssh服务的配置文件
          • 1.2 找到对应的行数修改如下
          • 1.3 修改完成之后重启ssh服务
        • 1.6 永久修改主机名
          • sed命令
          • sed命令替换文本_xbd_zc的博客-CSDN博客
    • 1.镜像与容器
    • 2.安装docker
      • 1-安装步骤
      • 1.卸载
      • 2.设置存储库安装yum utils包
      • 3.设置yum源
      • 4.安装docker
      • 5.设置华为云镜像加速
      • 6.测试hello-world
    • 2-常用命令
      • 2.1容器命令
      • 2.2重点命令
        • 2.2.1启动守护式容器--后台服务器
        • 2.2.2查看容器
        • 2.2.3进入容器交互
        • 2.2.4容器与宿主机文件交互
        • 2.2.5导入和导出容器
        • 小总结
    • 3-docker镜像
      • 3.1commit提交容器为新镜像
      • 3.2案例-Ubuntu安装vim
        • 小总结
      • 3.3将镜像推送到阿里云仓库
        • 3.3.1,建阿里云镜像仓库
        • 3.3.2,镜像上传
        • 3.3.3,拉取镜像
      • 3.4将镜像推送到私有库(registry)
        • 3.4.1修改配置文件使之支持http
        • 3.4.2运行私有库registry
        • 3.4.3push镜像到私服
        • 3.4.4从私服pull到本地
    • 4-docker容器数据卷
      • 4.1作用
      • 4.2数据卷案例
        • 4.2.1添加容器数据卷
          • 1查看数据卷是否挂载成功 docker inspect
          • 2创建文件测试
          • 3停止容器,并在宿主机目录下修改文件后再启动容器查看是否同步
        • 4.2.2数据卷读写权限
        • 4.2.3数据卷继承
    • 5-docker常规安装简介
      • 5.1常规安装步骤
      • 5.2安装Tomcat
      • 5.3安装Mysql5.7
      • 5.4安装Redis
        • 新建配置文件(放到文章末尾了)
        • 启动容器
        • **测试redis-cli连接**
        • 修改配置文件, 查看是否生效
      • 搭建图床
      • 5.4.1redis配置

centos7最小安装准备工作

网络设置

vi /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static  #启动的时候的 IP 取得的协议,这里是固定的,如果是动态主机的话,要改成 dhcp 才行#
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33     #设定网卡的名称,要跟文件名称对应 #
UUID=f5e37a10-3da9-47af-8dbb-370b7bf24509 
DEVICE=ens33   #设定网卡的名称,要跟文件名称对应 #
ONBOOT=yes    #是否在开机的的时候启动网卡# 
IPADDR=192.168.22.100        #IP 地址#   必设置
GATEWAY=192.168.22.2       #网关地址#  必须设置  虚拟机注意查看网关地址
NETWORK=192.168.22.1      #该网段的第一个 IP# 可以不设置
BROADCAST=192.168.22.255  #最后一个同网段的广播地址#  可以不设置
NETMASK=255.255.255.0     #子网掩码#   必设置
DNS1=114.114.114.114  #必设置   
#GATEWAYDEV=eth0 推荐阅读: linux网络配置文件(redhat、ubuntu系统) centos基本网络配置-网卡eth0、DNS、Host等
#linux主机刚安装好时,ONBOOT属性的缺省值为no,需要修改为yes,BOORPROTO缺省值为dhcp,需要修改为static。然后,设置IP地址,网络掩码,网关等。

安装必备工具

cd /etc/yum.repos.d/  

rm -rf *

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo  

yum clean all  

#更新yum软件包索引
yum makecache fast

#更新yum

yum install -y yum-utils
1.1 安装工具

yum -y install net-tools vim unzip gcc gcc-c++ pcre-devel openssl-devel wget

1.5 优化ssh连接
1.1 修改ssh服务的配置文件

/etc/ssh/sshd_config

1.2 找到对应的行数修改如下
sed -i '79s/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i '115s/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
1.3 修改完成之后重启ssh服务

systemctl restart sshd

1.6 永久修改主机名
#替换文件第一行为docker-master
sed -i '1c docker-master' /etc/hostname 
#重启服务器后生效
reboot

vim /etc/hostname
修改为以下内容

[root@host-135 ~]# cat /etc/hostname
host-135

sed命令
sed命令替换文本_xbd_zc的博客-CSDN博客

1.镜像与容器

  • 虚拟机(virtual machine)
    • 带环境安装的一种解决方案, 虚拟出各种硬件,在虚拟机上安装系统,再从操作系统中安装部署各种应用
  • Linux容器(Linux Containers,缩写为 LXC)
    • 是在操作系统层面上实现虚拟化, 容器内无内核也不需要虚拟, 直接使用宿主机内核。
    • 每个容器之间相互隔离,每个容器都有独立的文件系统,容器之间不会相互影响,能区分计算资源。

2.安装docker

1-安装步骤

1.卸载

systemctl stop docker 
yum remove docker-ce docker-ce-cli containerd.io
rm -rf /var/lib/docker
rm -rf /var/lib/containerd

2.设置存储库安装yum utils包

(它提供了yum config manager实用程序)并设置稳定的存储库。

yum install -y yum-utils

3.设置yum源

这里使用阿里的

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#更新yum软件包索引
yum makecache fast

4.安装docker

yum -y install docker-ce docker-ce-cli containerd.io
#启动
systemctl start docker
#自启动
systemctl enable docker

5.设置华为云镜像加速

容器镜像服务-控制台 (huaweicloud.com)

镜像中心-镜像加速器

docker基础命令-阳哥_第1张图片

配置docker镜像加速

#创建文件夹
mkdir -p /etc/docker
#添加内容
tee /etc/docker/daemon.json <<- 'EOF'
{
    "registry-mirrors": [ "https://043f20e3d9e4485083339341635f4362.mirror.swr.myhuaweicloud.com" ]
}
EOF
cat /etc/docker/daemon.json
#重启
systemctl daemon-reload
systemctl restart docker
#确认配置结果
docker info
#执行docker info,当Registry Mirrors字段的地址为加速器的地址时,说明加速器已经配置成功。

6.测试hello-world

docker run hello-world

docker基础命令-阳哥_第2张图片

2-常用命令

2.1容器命令

docker run [OPTIONS] IMAGE [COMMAND] [ARG…]

  • 常用启动参数

    • -i interactive 交互, 一般与t配合使用

      • -t tty 终端, 一般与i配合使用
      • docker run -it ubuntu bash
    • –name 配置启动后的容器名

      • docker run --name=myubuntu -it ubuntu bash
    • -d 后台启动

    • -p 配置端口映射 -p 外部端口:容器端口

  • 退出容器

    • exit or ctrl+d 容器内部直接退出, 退出后容器关闭

    • ctrl+p+q 退出后容器不会关闭

  • 启动已停止的容器

    • docker start 容器ID/容器名
  • 重启容器

    • docker restart 容器ID/容器名
  • 停止容器

    • docker stop 容器ID/容器名

    • 强制停止 docker kill 容器ID/容器名

  • 删除容器

    • 已停止的容器 docker rm 容器ID
    • 强制删除 docker rm -f 容器ID
      • 删除多个
        • docker rm -f $(docker ps -aq)
        • docker ps -aq | xargs docker rm
        • xargs就是把前面的结果放到后面的指令

2.2重点命令

2.2.1启动守护式容器–后台服务器

启动时添加 -d参数 docker run -d 镜像名

Docker容器后台运行, 必须有一个前台进程, 容器运行的命令不是一直挂起的命令(如top,tail), 就会自动退出

如后台启动一个Ubuntu, 发现容器直接退出

[root@centos7 ~]# docker run -d ubuntu /bin/bash
39b05cc84038f7594d2ecef4c513122ed6f01be1ae23d717f4b354503e02f6b8
[root@centos7 ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@centos7 ~]# 

常用解决方案是: 将要运行的程序已前台进程形式运行, 常见就是命令行模式, 表示还有交互, 别中断

Redis前后台启动演示

前台交互式启动 : docker run -it redis

[root@centos7 ~]# docker run -it redis
1:C 21 Feb 2023 08:50:48.916 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 21 Feb 2023 08:50:48.916 # Redis version=7.0.8, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 21 Feb 2023 08:50:48.916 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 21 Feb 2023 08:50:48.917 * monotonic clock: POSIX clock_gettime

正常启动, 退出后容器自动关闭

后台守护式启动: docker run -d redis

[root@centos7 ~]# docker run  -d redis
068a7f974e92e3eb06dd0e51c81aebd96cd070134d675f3622c41639c3901648
[root@centos7 ~]# docker ps
CONTAINER ID   IMAGE     COMMAND                   CREATED         STATUS         PORTS      NAMES
068a7f974e92   redis     "docker-entrypoint.s…"   4 seconds ago   Up 3 seconds   6379/tcp   frosty_lovelace

正常后台运行

2.2.2查看容器

容器角度: 可以把容器看做一个简易版的Linux环境(包括root用户权限、进程空间、用户空间和网络空间等)和运行在其中的应用程序

查看容器日志

  • docker logs 容器ID

查看容器内运行的进程

  • docker top 容器ID

查看容器内部细节

  • docker inspect 容器ID
2.2.3进入容器交互

docker exec -it 容器ID /bin/bash

docker attach 容器ID

区别:

  • attach直接进入容器启动命令终端,不会启动新的进程, exit退出会导致容器停止
  • exec是在容器中打开新的终端, 并且可以启动新的进程,用exit退出 不会导致容器的停止

推荐使用exec, 退出终端不会停止

  • attach Ctrl+P+Q退出也不会停止

docker基础命令-阳哥_第3张图片

  • exec

docker基础命令-阳哥_第4张图片

2.2.4容器与宿主机文件交互
#容器拷贝到宿主机
docker cp 容器ID/容器名:/容器内路径 /宿主机路径
#宿主机拷贝到容器(和上面反过来)
docker cp /宿主机路径 容器ID/容器名:/容器内路径

2.2.5导入和导出容器
  • export导出容器为tar包
    • docker exprot 容器ID > 文件名.tar
  • import导入容器镜像
    • docker import 文件名.tar 用户/镜像名:镜像版本
  • 导出镜像
    • docker save -o 文件名.tar 镜像名

测试

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED         STATUS          PORTS     NAMES
7c5472c955b3   ubuntu    "bash"    4 minutes ago   Up 57 seconds             brave_margulis
#导出容器
[root@localhost ~]# docker export 7c547 > bbb.tar
[root@localhost ~]# ls
anaconda-ks.cfg  `bbb.tar`  Centos-7.repo  epel-7.repo  uuu.tar
#删除容器
[root@localhost ~]# docker rm -f 7c547
7c547
[root@localhost ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
ubuntu       latest    ba6acccedd29   16 months ago   72.8MB
#导入容器镜像
[root@localhost ~]# docker import bbb.tar 666/ubuntu:v1
sha256:db93c96b185b01e3c3b0c3e7ed9447214990bacc0825c9b2186e518ac8752b8d
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
666/ubuntu   v1        db93c96b185b   4 seconds ago   72.8MB
ubuntu       latest    ba6acccedd29   16 months ago   72.8MB
#运行验证文件
[root@localhost ~]# docker run -it 666/ubuntu:v1 bash
root@cbd6780f611c:/# cat aaa.txt 
hahah
小总结

docker基础命令-阳哥_第5张图片

关键字 说明 说明
attach Attach to a running container 当前 shell 下 attach 连接指定运行镜像
build Build an image from a Dockerfile 通过 Dockerfile 定制镜像
commit Create a new image from a container changes 提交当前容器为新的镜像
cp Copy files/folders from the containers filesystem to the host path 从容器中拷贝指定文件或者目录到宿主机中
create Create a new container 创建一个新的容器,同 run,但不启动容器
diff Inspect changes on a container’s filesystem 查看 docker 容器变化
events Get real time events from the server 从 docker 服务获取容器实时事件
exec Run a command in an existing container 在已存在的容器上运行命令
export Stream the contents of a container as a tar archive 导出容器的内容流作为一个 tar 归档文件[对应 import ]
history Show the history of an image 展示一个镜像形成历史
images List images 列出系统当前镜像
import Create a new filesystem image from the contents of a tarball 从tar包中的内容创建一个新的文件系统映像[对应export]
info Display system-wide information 显示系统相关信息
inspect Return low-level information on a container 查看容器详细信息
kill Kill a running container kill 指定 docker 容器
load Load an image from a tar archive 从一个 tar 包中加载一个镜像[对应 save]
login Register or Login to the docker registry server 注册或者登陆一个 docker 源服务器
logout Log out from a Docker registry server 从当前 Docker registry 退出
logs Fetch the logs of a container 输出当前容器日志信息
port Lookup the public-facing port which is NAT-ed to PRIVATE_PORT 查看映射端口对应的容器内部源端口
pause Pause all processes within a container 暂停容器
ps List containers 列出容器列表
pull Pull an image or a repository from the docker registry server 从docker镜像源服务器拉取指定镜像或者库镜像
push Push an image or a repository to the docker registry server 推送指定镜像或者库镜像至docker源服务器
restart Restart a running container 重启运行的容器
rm Remove one or more containers 移除一个或者多个容器
rmi Remove one or more images 移除一个或多个镜像[无容器使用该镜像才可删除,否则需删除相关容器才可继续或 -f 强制删除]
run Run a command in a new container 创建一个新的容器并运行一个命令
save Save an image to a tar archive 保存一个镜像为一个 tar 包[对应 load]
search Search for an image on the Docker Hub 在 docker hub 中搜索镜像
start Start a stopped containers 启动容器
stop Stop a running containers 停止容器
tag Tag an image into a repository 给源中镜像打标签
top Lookup the running processes of a container 查看容器中运行的进程信息
unpause Unpause a paused container 取消暂停容器
version Show the docker version information 查看 docker 版本号
wait Block until a container stops, then print its exit code 截取容器停止时的退出状态值

3-docker镜像

  • 镜像分层
    • 好处:共享资源,方便复用, 比如多个镜像都由同一个base镜像构建,那么Docker只需保存一份base镜像,同时内存中只需加载一份base镜像,就可以为所有容器服务,镜像的每一层都可以共享

Docker镜像层都是只读的,容器层是可写的

当容器启动时,一个新的可写层被加载到镜像的顶部。这一层通常被称为“容器层”, “容器层”之下的都交镜像层

docker基础命令-阳哥_第6张图片

3.1commit提交容器为新镜像

docker commit -m="提交描述信息" -a="作者" 容器ID 镜像名:tag

3.2案例-Ubuntu安装vim

Ubuntu安装vim

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE           COMMAND   CREATED          STATUS          PORTS     NAMES
cbd6780f611c   666/ubuntu:v1   "bash"    34 minutes ago   Up 34 minutes             affectionate_wozniak
[root@localhost ~]# docker exec -it cbd67 bash
#直接拉取的Ubuntu镜像不带有vim命令
root@cbd6780f611c:/# vi aaa.txt 
bash: vi: command not found
root@cbd6780f611c:/# vim aaa.txt 
bash: vim: command not found
#Ubuntu的包管理工具-更新
root@cbd6780f611c:/# apt-get update
...................................
Reading package lists... Done
#安装vim
root@cbd6780f611c:/# apt-get -y install vim
.....................................
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
root@cbd6780f611c:/# vim aaa.txt 
hahah
~                                                                           
"aaa.txt" 1L, 6C                                                                         

提交该容器为新镜像

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE           COMMAND   CREATED          STATUS          PORTS     NAMES
cbd6780f611c   666/ubuntu:v1   "bash"    55 minutes ago   Up 55 minutes             affectionate_wozniak
[root@localhost ~]# docker commit -m="add vim" -a="666" cbd678 666/ubuntu:v2
sha256:7993a19efeff889ac42a3d4538f676ac58dae89234fe76f044fc4174ebd8c1c6
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED          SIZE
666/ubuntu   v2        7993a19efeff   30 seconds ago   182MB
666/ubuntu   v1        db93c96b185b   59 minutes ago   72.8MB

运行新镜像测试

[root@localhost ~]# docker run -it 666/ubuntu:v2 bash
root@c19735995a1f:/# vim aaa.txt 
hahah
~                                             
"aaa.txt" 1L, 6C      
小总结

Docker中的镜像分层 支持通过扩展先有镜像, 创建新的镜像。类似java继承一个base基础类,自己按需扩展。

新镜像是从base镜像一层层叠加生成的, 每次安装一个软件, 就在现有镜像上添加一层

docker基础命令-阳哥_第7张图片

3.3将镜像推送到阿里云仓库

3.3.1,建阿里云镜像仓库

容器镜像服务 (aliyun.com)

个人版-创建命名空间

docker基础命令-阳哥_第8张图片

docker基础命令-阳哥_第9张图片

创建镜像仓库

docker基础命令-阳哥_第10张图片

创建本地库

docker基础命令-阳哥_第11张图片

自动跳转操作基本信息, 附带操作指南

docker基础命令-阳哥_第12张图片

也可以从仓库-管理进入

docker基础命令-阳哥_第13张图片

3.3.2,镜像上传

1.登录阿里云Docker Registry

$ docker login --username=用户名 registry.cn-hangzhou.aliyuncs.com
Password: 				
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded			#登录成功

用于登录的用户名为阿里云账号全名,密码为开通服务时设置的密码。

您可以在访问凭证页面修改凭证密码。

2.将镜像推送到Registry

#给镜像打标签
docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:[镜像版本号]
#上传镜像
docker push registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:[镜像版本号]

请根据实际镜像信息替换示例中的[ImageId]和[镜像版本号]参数。

[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
666/ubuntu   v2        7993a19efeff   22 hours ago    182MB
666/ubuntu   v1        db93c96b185b   23 hours ago    72.8MB
ubuntu       latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker tag 7993a19efeff registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim   v1        7993a19efeff   22 hours ago    182MB
666/ubuntu                                                 v2        7993a19efeff   22 hours ago    182MB
666/ubuntu                                                 v1        db93c96b185b   23 hours ago    72.8MB
ubuntu                                                     latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker push registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
The push refers to repository [registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim]
b51348661685: Pushed 
7f39613ee1b6: Pushed 
v1: digest: sha256:9977a47e8b92845e260e6e665339ec0d4eddec0c85291ddf9a67fe37108bde5a size: 741
[root@localhost ~]# 

版本已更新

docker基础命令-阳哥_第14张图片

3.3.3,拉取镜像

从Registry中拉取镜像

docker pull registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:[镜像版本号]

测试

  • 删除镜像
[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
666/ubuntu                                                 v2        7993a19efeff   22 hours ago    182MB
registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim   v1        7993a19efeff   22 hours ago    182MB
ubuntu                                                     latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker rmi -f 7993a19efeff
Untagged: 666/ubuntu:v2
Untagged: registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
Untagged: registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim@sha256:9977a47e8b92845e260e6e665339ec0d4eddec0c85291ddf9a67fe37108bde5a
Deleted: sha256:7993a19efeff889ac42a3d4538f676ac58dae89234fe76f044fc4174ebd8c1c6
  • 拉取镜像运行
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
ubuntu       latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker pull registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
v1: Pulling from ubuntu-9527/ubuntu-vim
b24487b1f920: Already exists 
b8547e637054: Already exists 
Digest: sha256:9977a47e8b92845e260e6e665339ec0d4eddec0c85291ddf9a67fe37108bde5a
Status: Downloaded newer image for registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1
[root@localhost ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim   v1        7993a19efeff   22 hours ago    182MB
ubuntu                                                     latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker run -it registry.cn-hangzhou.aliyuncs.com/ubuntu-9527/ubuntu-vim:v1 
root@3c091e6251f2:/# vim aaa.txt 

3.4将镜像推送到私有库(registry)

Docker Registry是官方提供的工具,可以用于构建私有镜像仓库

3.4.1修改配置文件使之支持http

docker默认不允许http方式推送镜像,通过配置选项来取消这个限制。====> 修改完后如果不生效,建议重启docker。

修改deamon.json

tee /etc/docker/daemon.json <<- 'EOF'
{
    "registry-mirrors": ["https://你的ID注意替换.mirror.aliyuncs.com"],
    "insecure-registries": ["192.168.0.201 IP注意替换:5000"]
}
EOF
#重启docker
systemctl restart docker
3.4.2运行私有库registry

docker run -d -p 5000:5000 -v /home/myregistry/:/tmp/registry --privileged=true registry

  • -d 后台运行
  • -p 5000:5000 宿主机5000端口与容器5000端口映射
  • -v /home/myregistry/:/tmp/registry 数据卷挂载 ,前面是宿主机目录:后面容器内目录
  • –privileged=true 添加挂载目录权限
[root@localhost ~]# mkdir /home/myregistry    #私有仓库目录
[root@localhost ~]# docker run -d -p 5000:5000  -v /home/myregistry/:/tmp/registry --privileged=true registry
1e211c5914e625a27a1d55937c5b580eb83ed0d52e2d2188c9ae0dc5f056bb7c
[root@localhost ~]# docker ps
CONTAINER ID   IMAGE      COMMAND                  CREATED         STATUS         PORTS                                       NAMES
1e211c5914e6   registry   "/entrypoint.sh /etc…"   4 seconds ago   Up 3 seconds   0.0.0.0:5000->5000/tcp, :::5000->5000/tcp   loving_ptolemy
[root@localhost ~]# 
3.4.3push镜像到私服

修改符合私服规范的tag

docker tag 镜像:Tag Host:Port/Repository:Tag

[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
666/ubuntu                                                 v1        db93c96b185b   24 hours ago    72.8MB
registry                                                   latest    b8604a3fe854   15 months ago   26.2MB
ubuntu                                                     latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker tag 666/ubuntu:v1 192.168.0.201:5000/myubuntu:v2
[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
192.168.0.201:5000/myubuntu                                v2        db93c96b185b   24 hours ago    72.8MB
666/ubuntu                                                 v1        db93c96b185b   24 hours ago    72.8MB
registry                                                   latest    b8604a3fe854   15 months ago   26.2MB
ubuntu 

push到私服库

[root@localhost ~]# docker push 192.168.0.201:5000/myubuntu:v2 
The push refers to repository [192.168.0.201:5000/myubuntu]
7f39613ee1b6: Pushed 
v2: digest: sha256:970d3faf324bdba3b984e299c13dcaf2cfcb3fa210dc634cb1b45d70999b35b1 size: 528

验证私服库上有什么镜像

[root@localhost ~]# curl -XGET http://192.168.0.201:5000/v2/_catalog
{"repositories":["myubuntu"]}
3.4.4从私服pull到本地

docker pull 192.168.0.201:5000/myubuntu:v2

[root@localhost ~]# docker pull 192.168.0.201:5000/myubuntu:v2
v2: Pulling from myubuntu
b24487b1f920: Already exists 
Digest: sha256:970d3faf324bdba3b984e299c13dcaf2cfcb3fa210dc634cb1b45d70999b35b1
Status: Downloaded newer image for 192.168.0.201:5000/myubuntu:v2
192.168.0.201:5000/myubuntu:v2
[root@localhost ~]# docker images
REPOSITORY                                                 TAG       IMAGE ID       CREATED         SIZE
192.168.0.201:5000/myubuntu                                v2        db93c96b185b   25 hours ago    72.8MB
registry                                                   latest    b8604a3fe854   15 months ago   26.2MB
ubuntu                                                     latest    ba6acccedd29   16 months ago   72.8MB
[root@localhost ~]# docker run -it 192.168.0.201:5000/myubuntu:v2 bash
root@ea1c22707ae8:/# cat aaa.txt 
hahah

4-docker容器数据卷

–privileged=true 参数的作用

大约在0.6版,privileged被引入Docker。

使用–privileged参数,container内的root可以拥有真正的权限,否则,container内的root只是外部的一个普通用户的权限。

使用privileged启动容器,可以看到很多host上的设备,并且可以执行mount,甚至允许你在docker容器中启动docker容器。

4.1作用

卷是目录或文件, 存在一个或多个容器中, 由docker挂载到容器, 单不属于联合文件系统, 因此能够绕过Union File System提供一些用于持续存储或共享数据的特性:

卷的设计目的就是数据的持久化, 完全独立于容器的生存周期, 因此Docker不会再容器删除时删除其挂载的数据卷。

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录 镜像名

将运用与运行的环境打包镜像,run后形成容器实例运行 ,但是我们对数据的要求希望是持久化的。
Docker容器产生的数据,如果不备份,那么当容器实例删除后,容器内的数据自然也就没有了。为了能保存数据在docker中我们使用卷。
特点:

  1. 数据卷可在容器之间共享或重用数据
  2. 卷中的更改可以直接实时生效
  3. 数据卷中的更改不会包含在镜像的更新中
  4. 数据卷的生命周期一直持续到没有容器使用它为止

4.2数据卷案例

4.2.1添加容器数据卷

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录 镜像名

#运行容器u1并挂载数据卷
[root@centos7master ~]# docker run -itd --privileged=true -v /home/master_data:/home/container_date --name=u1 ubuntu
511f386158e2e647856e7cf089a807793e4168568d5b8ef21bb86ea17bdef2d1
[root@centos7master ~]# docker ps
CONTAINER ID   IMAGE      COMMAND       CREATED          STATUS          PORTS          NAMES
511f386158e2   ubuntu     "bash"        2 seconds ago    Up 1 second                    u1
1查看数据卷是否挂载成功 docker inspect
[root@centos7master ~]# docker inspect u1
#找到mounts
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/home/master_data",        #宿主机目录
                "Destination": "/home/container_date",#容器目录
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ]
2创建文件测试
  • 宿主机master创建文件- 容器内部查看存在
  • 容器内创建文件- 宿主机查看存在
[root@centos7master ~]# cd /home/master_data/	#挂载卷时没有此路径会自动创建
#在宿主机目录下创建master.txt
[root@centos7master master_data]# touch master.txt && echo 'master-hello' > master.txt     
[root@centos7master master_data]# cat master.txt 
master-hello
[root@centos7master master_data]# docker exec -it u1 bash		#进入u1		
root@511f386158e2:/# cd /home/container_date/
#容器中查看宿主机master创建的文件是否存在
root@511f386158e2:/home/container_date# cat master.txt 
master-hello
#在容器目录下创建container.txt
root@511f386158e2:/home/container_date# touch container.txt && echo 'container-hello' > container.txt 
root@511f386158e2:/home/container_date# cat container.txt 
container-hello
root@511f386158e2:/home/container_date# exit
exit
#宿主机中查看容器创建的文件是否存在
[root@centos7master master_data]# cat /home/master_data/container.txt 
container-hello
3停止容器,并在宿主机目录下修改文件后再启动容器查看是否同步
[root@centos7master master_data]# docker ps
CONTAINER ID   IMAGE      COMMAND                   CREATED             STATUS             PORTS                                       NAMES
511f386158e2   ubuntu     "bash"                    15 minutes ago      Up 15 minutes                                                  u1
[root@centos7master master_data]# docker stop u1
u1
[root@centos7master master_data]# ls   #停止容器后数据存在
container.txt  master.txt
[root@centos7master master_data]# touch master1.txt && echo 'master1-hello' > master1.txt
[root@centos7master master_data]# ls
container.txt  master1.txt  master.txt
[root@centos7master master_data]# docker start u1
u1
[root@centos7master master_data]# docker ps
CONTAINER ID   IMAGE      COMMAND                   CREATED             STATUS             PORTS                                       NAMES
511f386158e2   ubuntu     "bash"                    16 minutes ago      Up 2 seconds                                                   u1
[root@centos7master master_data]# docker exec -it u1 bash
root@511f386158e2:/# cd /home/container_date/
root@511f386158e2:/home/container_date# ls    #重新启动后数据存在
container.txt  master.txt  master1.txt    
root@511f386158e2:/home/container_date# cat master1.txt 
master1-hello
4.2.2数据卷读写权限

不写默认读写-rw

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:rw 镜像名

只读-ro :容器实例内部被限制,只能读取不能写

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:ro 镜像名
  • 容器内部只读
[root@centos7master]# docker run -itd --privileged=true -v /home/master_data/:/home/container_data:ro --name u3 ubuntu
5340e3cb177e3d465bae2604bc5df0367049c56d64ffa1fcc3e1d8bc041f175f
[root@centos7master]# docker exec -it u3 bash
root@5340e3cb177e:/# cd /home/container_data/
root@5340e3cb177e:/home/container_data# touch 111.txt    #容器内部创建失败
touch: cannot touch '111.txt': Read-only file system
root@5340e3cb177e:/home/container_data# exit
exit
[root@centos7master master_data]# cd /home/master_data/   #宿主机创建成功
[root@centos7master master_data]# touch 111.txt
[root@centos7master master_data]# ls
111.txt
[root@centos7master]# 
4.2.3数据卷继承
  • 可继承父容器的卷规则
docker run -it  --privileged=true --volumes-from 父容器  --name u2 ubuntu

5-docker常规安装简介

5.1常规安装步骤

  1. 搜索镜像 docker search 镜像名
  2. 拉取镜像 docker pull 镜像名
  3. 查看镜像 docker images 镜像名
  4. 启动镜像 - 服务端口映射 docker run -p外部端口:容器内端口 镜像名
  5. 停止容器 docker stop 容器ID
  6. 移除容器 docker rm 容器ID

5.2安装Tomcat

  • 拉取镜像(可省略), 默认最新版, 需下载指定版本可上官网查看
docker pull tomcat
  • 启动镜像 映射端口8080
docker run -d -p8080:8080 --name tm1 tomcat
  • 访问测试- 404
    • 新版Tomcat webapps目录为空, 可将webapps.dist内容换过来

docker基础命令-阳哥_第15张图片

  • mv webapps/webapps.dist/* webapps/
[root@centos7master ~]# docker exec -it tm1 bash
root@76843a633e85:/usr/local/tomcat# mv webapps/webapps.dist/* webapps/
root@76843a633e85:/usr/local/tomcat# ls webapps -l
total 4
drwxr-xr-x.  3 root root  223 Dec 22  2021 ROOT
drwxr-xr-x. 15 root root 4096 Dec 22  2021 docs
drwxr-xr-x.  7 root root   99 Dec 22  2021 examples
drwxr-xr-x.  6 root root   79 Dec 22  2021 host-manager
drwxr-xr-x.  6 root root  114 Dec 22  2021 manager
  • 刷新页面

docker基础命令-阳哥_第16张图片

  • 直接使用Tomcat8(无需修改)
docker run -d -p 8081:8080 --name tm8 billygoo/tomcat8-jdk8

docker基础命令-阳哥_第17张图片

5.3安装Mysql5.7

运行mysql容器实例

docker run -d -p 3306:3306 --privileged=true -v /home/mysql/log:/var/log/mysql -v /home/mysql/data:/var/lib/mysql -v /home/mysql/conf:/etc/mysql/conf.d -eMYSQL_ROOT_PASSWORD=123456  --name mysql mysql:5.7

docker run -dp 3306:3306 --privileged=true -v /home/mysql/pic/log:/var/log/mysql -v /home/mysql/pic/data:/var/lib/mysql -v /home/mysql/pic/conf:/etc/mysql/conf.d -eMYSQL_ROOT_PASSWORD=123321  --name picmsq mysql:5.7

添加配置文件my.cnf设置字符集

tee /home/mysql/conf/my.cnf <<- 'EOF'
[client]
default_character_set=utf8
[mysqld]
collation_server = utf8_general_ci
character_set_server = utf8
EOF

重启容器, 建库表测试

  • 进入容器可输入中文加入 -e LANG=C.UTF-8
    • docker exec -it -e LANG=C.UTF-8 mysql bash
docker restart mysql

docker exec -it mysql bash
mysql -uroot -p123456

mysql> show databases ;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.00 sec)

mysql> create database db1;
Query OK, 1 row affected (0.00 sec)

mysql> use db1;
Database changed

mysql> create table t1(id int,name varchar(20));
Query OK, 0 rows affected (0.03 sec)
mysql> insert into t1 values (1,'zs');
Query OK, 1 row affected (0.10 sec)
mysql> insert into t1 values (2,'李四');
Query OK, 1 row affected (0.00 sec)

mysql> select * from t1;
+------+--------+
| id   | name   |
+------+--------+
|    1 | zs     |
|    2 | 李四   |
+------+--------+
2 rows in set (0.00 sec)

mysql> SHOW VARIABLES LIKE 'character%';
+--------------------------+----------------------------+
| Variable_name            | Value                      |
+--------------------------+----------------------------+
| character_set_client     | utf8                       |
| character_set_connection | utf8                       |
| character_set_database   | utf8                       |
| character_set_filesystem | binary                     |
| character_set_results    | utf8                       |
| character_set_server     | utf8                       |
| character_set_system     | utf8                       |
| character_sets_dir       | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.01 sec)

使用Navicat连接测试

docker基础命令-阳哥_第18张图片

5.4安装Redis

新建配置文件(放到文章末尾了)
mkdir -p /home/redis
vim /home/redis/redis.conf
  • 修改配置文件
    • 开启Redis验证(可选) requirepass 123
    • 允许Redis外地连接 注掉 #bind 127.0.0.1
    • daemonize yesdocker run -d冲突导致启动失败, 设置为daemonize no
    • Redis数据持久化(可选) appendonly yes
启动容器
docker run  -dp 6378:6379 --name r1 --privileged=true -v /home/redis/redis.conf:/etc/redis/redis.conf -v /home/redis/data:/data redis:6.0.8 redis-server /etc/redis/redis.conf
测试redis-cli连接

进入容器, redis-cli

[root@centos7master ~]# docker exec -it r1 bash
root@581c537a6da7:/data# redis-cli
127.0.0.1:6379> set k1 666
OK
127.0.0.1:6379> get k1
"666"
修改配置文件, 查看是否生效

修改conf databases 默认是16个

#默认是16
[root@master redis]# cat redis.conf | awk 'NR==186'
databases 16
#修改为10
[root@master redis]# sed -i '186 s/databases 16/databases 10/g' redis.conf 
[root@master redis]# cat redis.conf | awk 'NR==186'
databases 10

重启服务, 验证配置

#重启r1
[root@centos7master ~]# docker restart r1
r1
[root@centos7master ~]# docker exec -it r1 bash
root@581c537a6da7:/data# redis-cli
127.0.0.1:6379> select 10    #确认已生效
(error) ERR DB index is out of range
127.0.0.1:6379> select 9
OK

搭建图床

搭建兰空图床(Lsky Pro)-docker_xbd_zc的博客-CSDN博客

5.4.1redis配置

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf
 
# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.
 
################################## INCLUDES ###################################
 
# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf
 
################################## MODULES #####################################
 
# Load modules at startup. If the server is not able to load modules
# it will abort. It is possible to use multiple loadmodule directives.
#
# loadmodule /path/to/my_module.so
# loadmodule /path/to/other_module.so
 
################################## NETWORK #####################################
 
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 loopback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#bind 127.0.0.1
 
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode no
 
# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379
 
# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511
 
# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700
 
# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0
 
# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
tcp-keepalive 300
 
################################# GENERAL #####################################
 
# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no
 
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
#   supervised no      - no supervision interaction
#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
#   supervised auto    - detect upstart or systemd method based on
#                        UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
#       They do not enable continuous liveness pings back to your supervisor.
supervised no
 
# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
pidfile /var/run/redis_6379.pid
 
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice
 
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""
 
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no
 
# Specify the syslog identity.
# syslog-ident redis
 
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0
 
# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT  where
# dbid is a number between 0 and 'databases'-1
databases 16
 
# By default Redis shows an ASCII art logo only when started to log to the
# standard output and if the standard output is a TTY. Basically this means
# that normally a logo is displayed only in interactive sessions.
#
# However it is possible to force the pre-4.0 behavior and always show a
# ASCII art logo in startup logs by setting the following option to yes.
always-show-logo yes
 
################################ SNAPSHOTTING  ################################
#
# Save the DB on disk:
#
#   save  
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behaviour will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all "save" lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save ""
 
save 900 1
save 300 10
save 60 10000
 
# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
# disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
stop-writes-on-bgsave-error yes
 
# Compress string objects using LZF when dump .rdb databases?
# For default that's set to 'yes' as it's almost always a win.
# If you want to save some CPU in the saving child set it to 'no' but
# the dataset will likely be bigger if you have compressible values or keys.
rdbcompression yes
 
# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.
rdbchecksum yes
 
# The filename where to dump the DB
dbfilename dump.rdb
 
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir ./
 
################################# REPLICATION #################################
 
# Master-Replica replication. Use replicaof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
#   +------------------+      +---------------+
#   |      Master      | ---> |    Replica    |
#   | (receive writes) |      |  (exact copy) |
#   +------------------+      +---------------+
#
# 1) Redis replication is asynchronous, but you can configure a master to
#    stop accepting writes if it appears to be not connected with at least
#    a given number of replicas.
# 2) Redis replicas are able to perform a partial resynchronization with the
#    master if the replication link is lost for a relatively small amount of
#    time. You may want to configure the replication backlog size (see the next
#    sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
#    network partition replicas automatically try to reconnect to masters
#    and resynchronize with them.
#
# replicaof  
 
# If the master is password protected (using the "requirepass" configuration
# directive below) it is possible to tell the replica to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the replica request.
#
# masterauth 
 
# When a replica loses its connection with the master, or when the replication
# is still in progress, the replica can act in two different ways:
#
# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will
#    still reply to client requests, possibly with out of date data, or the
#    data set may just be empty if this is the first synchronization.
#
# 2) if replica-serve-stale-data is set to 'no' the replica will reply with
#    an error "SYNC with master in progress" to all the kind of commands
#    but to INFO, replicaOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG,
#    SUBSCRIBE, UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB,
#    COMMAND, POST, HOST: and LATENCY.
#
replica-serve-stale-data yes
 
# You can configure a replica instance to accept writes or not. Writing against
# a replica instance may be useful to store some ephemeral data (because data
# written on a replica will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default replicas are read-only.
#
# Note: read only replicas are not designed to be exposed to untrusted clients
# on the internet. It's just a protection layer against misuse of the instance.
# Still a read only replica exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only replicas using 'rename-command' to shadow all the
# administrative / dangerous commands.
replica-read-only yes
 
# Replication SYNC strategy: disk or socket.
#
# -------------------------------------------------------
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# -------------------------------------------------------
#
# New replicas and reconnecting replicas that are not able to continue the replication
# process just receiving differences, need to do what is called a "full
# synchronization". An RDB file is transmitted from the master to the replicas.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
#                 file on disk. Later the file is transferred by the parent
#                 process to the replicas incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
#              RDB file to replica sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more replicas
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new replicas arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple replicas
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no
 
# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the replicas.
#
# This is important since once the transfer starts, it is not possible to serve
# new replicas arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more replicas arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5
 
# Replicas send PINGs to server in a predefined interval. It's possible to change
# this interval with the repl_ping_replica_period option. The default value is 10
# seconds.
#
# repl-ping-replica-period 10
 
# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of replica.
# 2) Master timeout from the point of view of replicas (data, pings).
# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-replica-period otherwise a timeout will be detected
# every time there is low traffic between the master and the replica.
#
# repl-timeout 60
 
# Disable TCP_NODELAY on the replica socket after SYNC?
#
# If you select "yes" Redis will use a smaller number of TCP packets and
# less bandwidth to send data to replicas. But this can add a delay for
# the data to appear on the replica side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select "no" the delay for data to appear on the replica side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and replicas are many hops away, turning this to "yes" may
# be a good idea.
repl-disable-tcp-nodelay no
 
# Set the replication backlog size. The backlog is a buffer that accumulates
# replica data when replicas are disconnected for some time, so that when a replica
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the replica missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the replica can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a replica connected.
#
# repl-backlog-size 1mb
 
# After a master has no longer connected replicas for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last replica disconnected, for
# the backlog buffer to be freed.
#
# Note that replicas never free the backlog for timeout, since they may be
# promoted to masters later, and should be able to correctly "partially
# resynchronize" with the replicas: hence they should always accumulate backlog.
#
# A value of 0 means to never release the backlog.
#
# repl-backlog-ttl 3600
 
# The replica priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a replica to promote into a
# master if the master is no longer working correctly.
#
# A replica with a low priority number is considered better for promotion, so
# for instance if there are three replicas with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the replica as not able to perform the
# role of master, so a replica with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
replica-priority 100
 
# It is possible for a master to stop accepting writes if there are less than
# N replicas connected, having a lag less or equal than M seconds.
#
# The N replicas need to be in "online" state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the replica, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough replicas
# are available, to the specified number of seconds.
#
# For example to require at least 3 replicas with a lag <= 10 seconds use:
#
# min-replicas-to-write 3
# min-replicas-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-replicas-to-write is set to 0 (feature disabled) and
# min-replicas-max-lag is set to 10.
 
# A Redis master is able to list the address and port of the attached
# replicas in different ways. For example the "INFO replication" section
# offers this information, which is used, among other tools, by
# Redis Sentinel in order to discover replica instances.
# Another place where this info is available is in the output of the
# "ROLE" command of a master.
#
# The listed IP and address normally reported by a replica is obtained
# in the following way:
#
#   IP: The address is auto detected by checking the peer address
#   of the socket used by the replica to connect with the master.
#
#   Port: The port is communicated by the replica during the replication
#   handshake, and is normally the port that the replica is using to
#   listen for connections.
#
# However when port forwarding or Network Address Translation (NAT) is
# used, the replica may be actually reachable via different IP and port
# pairs. The following two options can be used by a replica in order to
# report to its master a specific set of IP and port, so that both INFO
# and ROLE will report those values.
#
# There is no need to use both the options if you need to override just
# the port or the IP address.
#
# replica-announce-ip 5.5.5.5
# replica-announce-port 1234
 
################################## SECURITY ###################################
 
# Require clients to issue AUTH  before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared
 
# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
 
################################### CLIENTS ####################################
 
# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error 'max number of clients reached'.
#
# maxclients 10000
 
############################## MEMORY MANAGEMENT ################################
 
# Set a memory usage limit to the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU or LFU cache, or to
# set a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have replicas attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the replicas are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of replicas is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have replicas attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for replica
# output buffers (but this is not needed if the policy is 'noeviction').
#
# maxmemory 
 
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> Evict using approximated LRU among the keys with an expire set.
# allkeys-lru -> Evict any key using approximated LRU.
# volatile-lfu -> Evict using approximated LFU among the keys with an expire set.
# allkeys-lfu -> Evict any key using approximated LFU.
# volatile-random -> Remove a random key among the ones with an expire set.
# allkeys-random -> Remove a random key, any key.
# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
# noeviction -> Don't evict anything, just return an error on write operations.
#
# LRU means Least Recently Used
# LFU means Least Frequently Used
#
# Both LRU, LFU and volatile-ttl are implemented using approximated
# randomized algorithms.
#
# Note: with any of the above policies, Redis will return an error on write
#       operations, when there are no suitable keys for eviction.
#
#       At the date of writing these commands are: set setnx setex append
#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
#       getset mset msetnx exec sort
#
# The default is:
#
# maxmemory-policy noeviction
 
# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs more CPU. 3 is faster but not very accurate.
#
# maxmemory-samples 5
 
# Starting from Redis 5, by default a replica will ignore its maxmemory setting
# (unless it is promoted to master after a failover or manually). It means
# that the eviction of keys will be just handled by the master, sending the
# DEL commands to the replica as keys evict in the master side.
#
# This behavior ensures that masters and replicas stay consistent, and is usually
# what you want, however if your replica is writable, or you want the replica to have
# a different memory setting, and you are sure all the writes performed to the
# replica are idempotent, then you may change this default (but be sure to understand
# what you are doing).
#
# Note that since the replica by default does not evict, it may end using more
# memory than the one set via maxmemory (there are certain buffers that may
# be larger on the replica, or data structures may sometimes take more memory and so
# forth). So make sure you monitor your replicas and make sure they have enough
# memory to never hit a real out-of-memory condition before the master hits
# the configured maxmemory setting.
#
# replica-ignore-maxmemory yes
 
############################# LAZY FREEING ####################################
 
# Redis has two primitives to delete keys. One is called DEL and is a blocking
# deletion of the object. It means that the server stops processing new commands
# in order to reclaim all the memory associated with an object in a synchronous
# way. If the key deleted is associated with a small object, the time needed
# in order to execute the DEL command is very small and comparable to most other
# O(1) or O(log_N) commands in Redis. However if the key is associated with an
# aggregated value containing millions of elements, the server can block for
# a long time (even seconds) in order to complete the operation.
#
# For the above reasons Redis also offers non blocking deletion primitives
# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and
# FLUSHDB commands, in order to reclaim memory in background. Those commands
# are executed in constant time. Another thread will incrementally free the
# object in the background as fast as possible.
#
# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.
# It's up to the design of the application to understand when it is a good
# idea to use one or the other. However the Redis server sometimes has to
# delete keys or flush the whole database as a side effect of other operations.
# Specifically Redis deletes objects independently of a user call in the
# following scenarios:
#
# 1) On eviction, because of the maxmemory and maxmemory policy configurations,
#    in order to make room for new data, without going over the specified
#    memory limit.
# 2) Because of expire: when a key with an associated time to live (see the
#    EXPIRE command) must be deleted from memory.
# 3) Because of a side effect of a command that stores data on a key that may
#    already exist. For example the RENAME command may delete the old key
#    content when it is replaced with another one. Similarly SUNIONSTORE
#    or SORT with STORE option may delete existing keys. The SET command
#    itself removes any old content of the specified key in order to replace
#    it with the specified string.
# 4) During replication, when a replica performs a full resynchronization with
#    its master, the content of the whole database is removed in order to
#    load the RDB file just transferred.
#
# In all the above cases the default is to delete objects in a blocking way,
# like if DEL was called. However you can configure each case specifically
# in order to instead release memory in a non-blocking way like if UNLINK
# was called, using the following configuration directives:
 
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
 
############################## APPEND ONLY MODE ###############################
 
# By default Redis asynchronously dumps the dataset on disk. This mode is
# good enough in many applications, but an issue with the Redis process or
# a power outage may result into a few minutes of writes lost (depending on
# the configured save points).
#
# The Append Only File is an alternative persistence mode that provides
# much better durability. For instance using the default data fsync policy
# (see later in the config file) Redis can lose just one second of writes in a
# dramatic event like a server power outage, or a single write if something
# wrong with the Redis process itself happens, but the operating system is
# still running correctly.
#
# AOF and RDB persistence can be enabled at the same time without problems.
# If the AOF is enabled on startup Redis will load the AOF, that is the file
# with the better durability guarantees.
#
# Please check http://redis.io/topics/persistence for more information.
 
appendonly no
 
# The name of the append only file (default: "appendonly.aof")
 
appendfilename "appendonly.aof"
 
# The fsync() call tells the Operating System to actually write data on disk
# instead of waiting for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
#
# no: don't fsync, just let the OS flush the data when it wants. Faster.
# always: fsync after every write to the append only log. Slow, Safest.
# everysec: fsync only one time every second. Compromise.
#
# The default is "everysec", as that's usually the right compromise between
# speed and data safety. It's up to you to understand if you can relax this to
# "no" that will let the operating system flush the output buffer when
# it wants, for better performances (but if you can live with the idea of
# some data loss consider the default persistence mode that's snapshotting),
# or on the contrary, use "always" that's very slow but a bit safer than
# everysec.
#
# More details please check the following article:
# http://antirez.com/post/redis-persistence-demystified.html
#
# If unsure, use "everysec".
 
# appendfsync always
appendfsync everysec
# appendfsync no
 
# When the AOF fsync policy is set to always or everysec, and a background
# saving process (a background save or AOF log background rewriting) is
# performing a lot of I/O against the disk, in some Linux configurations
# Redis may block too long on the fsync() call. Note that there is no fix for
# this currently, as even performing fsync in a different thread will block
# our synchronous write(2) call.
#
# In order to mitigate this problem it's possible to use the following option
# that will prevent fsync() from being called in the main process while a
# BGSAVE or BGREWRITEAOF is in progress.
#
# This means that while another child is saving, the durability of Redis is
# the same as "appendfsync none". In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
#
# If you have latency problems turn this to "yes". Otherwise leave it as
# "no" that is the safest pick from the point of view of durability.
 
no-appendfsync-on-rewrite no
 
# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
#
# This base size is compared to the current size. If the current size is
# bigger than the specified percentage, the rewrite is triggered. Also
# you need to specify a minimal size for the AOF file to be rewritten, this
# is useful to avoid rewriting the AOF file even if the percentage increase
# is reached but it is still pretty small.
#
# Specify a percentage of zero in order to disable the automatic AOF
# rewrite feature.
 
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
 
# An AOF file may be found to be truncated at the end during the Redis
# startup process, when the AOF data gets loaded back into memory.
# This may happen when the system where Redis is running
# crashes, especially when an ext4 filesystem is mounted without the
# data=ordered option (however this can't happen when Redis itself
# crashes or aborts but the operating system still works correctly).
#
# Redis can either exit with an error when this happens, or load as much
# data as possible (the default now) and start if the AOF file is found
# to be truncated at the end. The following option controls this behavior.
#
# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
# the Redis server starts emitting a log to inform the user of the event.
# Otherwise if the option is set to no, the server aborts with an error
# and refuses to start. When the option is set to no, the user requires
# to fix the AOF file using the "redis-check-aof" utility before to restart
# the server.
#
# Note that if the AOF file will be found to be corrupted in the middle
# the server will still exit with an error. This option only applies when
# Redis will try to read more data from the AOF file but not enough bytes
# will be found.
aof-load-truncated yes
 
# When rewriting the AOF file, Redis is able to use an RDB preamble in the
# AOF file for faster rewrites and recoveries. When this option is turned
# on the rewritten AOF file is composed of two different stanzas:
#
#   [RDB file][AOF tail]
#
# When loading Redis recognizes that the AOF file starts with the "REDIS"
# string and loads the prefixed RDB file, and continues loading the AOF
# tail.
aof-use-rdb-preamble yes
 
################################ LUA SCRIPTING  ###############################
 
# Max execution time of a Lua script in milliseconds.
#
# If the maximum execution time is reached Redis will log that a script is
# still in execution after the maximum allowed time and will start to
# reply to queries with an error.
#
# When a long running script exceeds the maximum execution time only the
# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
# used to stop a script that did not yet called write commands. The second
# is the only way to shut down the server in the case a write command was
# already issued by the script but the user doesn't want to wait for the natural
# termination of the script.
#
# Set it to 0 or a negative value for unlimited execution without warnings.
lua-time-limit 5000
 
################################ REDIS CLUSTER  ###############################
 
# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
# started as cluster nodes can. In order to start a Redis instance as a
# cluster node enable the cluster support uncommenting the following:
#
# cluster-enabled yes
 
# Every cluster node has a cluster configuration file. This file is not
# intended to be edited by hand. It is created and updated by Redis nodes.
# Every Redis Cluster node requires a different cluster configuration file.
# Make sure that instances running in the same system do not have
# overlapping cluster configuration file names.
#
# cluster-config-file nodes-6379.conf
 
# Cluster node timeout is the amount of milliseconds a node must be unreachable
# for it to be considered in failure state.
# Most other internal time limits are multiple of the node timeout.
#
# cluster-node-timeout 15000
 
# A replica of a failing master will avoid to start a failover if its data
# looks too old.
#
# There is no simple way for a replica to actually have an exact measure of
# its "data age", so the following two checks are performed:
#
# 1) If there are multiple replicas able to failover, they exchange messages
#    in order to try to give an advantage to the replica with the best
#    replication offset (more data from the master processed).
#    Replicas will try to get their rank by offset, and apply to the start
#    of the failover a delay proportional to their rank.
#
# 2) Every single replica computes the time of the last interaction with
#    its master. This can be the last ping or command received (if the master
#    is still in the "connected" state), or the time that elapsed since the
#    disconnection with the master (if the replication link is currently down).
#    If the last interaction is too old, the replica will not try to failover
#    at all.
#
# The point "2" can be tuned by user. Specifically a replica will not perform
# the failover if, since the last interaction with the master, the time
# elapsed is greater than:
#
#   (node-timeout * replica-validity-factor) + repl-ping-replica-period
#
# So for example if node-timeout is 30 seconds, and the replica-validity-factor
# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the
# replica will not try to failover if it was not able to talk with the master
# for longer than 310 seconds.
#
# A large replica-validity-factor may allow replicas with too old data to failover
# a master, while a too small value may prevent the cluster from being able to
# elect a replica at all.
#
# For maximum availability, it is possible to set the replica-validity-factor
# to a value of 0, which means, that replicas will always try to failover the
# master regardless of the last time they interacted with the master.
# (However they'll always try to apply a delay proportional to their
# offset rank).
#
# Zero is the only value able to guarantee that when all the partitions heal
# the cluster will always be able to continue.
#
# cluster-replica-validity-factor 10
 
# Cluster replicas are able to migrate to orphaned masters, that are masters
# that are left without working replicas. This improves the cluster ability
# to resist to failures as otherwise an orphaned master can't be failed over
# in case of failure if it has no working replicas.
#
# Replicas migrate to orphaned masters only if there are still at least a
# given number of other working replicas for their old master. This number
# is the "migration barrier". A migration barrier of 1 means that a replica
# will migrate only if there is at least 1 other working replica for its master
# and so forth. It usually reflects the number of replicas you want for every
# master in your cluster.
#
# Default is 1 (replicas migrate only if their masters remain with at least
# one replica). To disable migration just set it to a very large value.
# A value of 0 can be set but is useful only for debugging and dangerous
# in production.
#
# cluster-migration-barrier 1
 
# By default Redis Cluster nodes stop accepting queries if they detect there
# is at least an hash slot uncovered (no available node is serving it).
# This way if the cluster is partially down (for example a range of hash slots
# are no longer covered) all the cluster becomes, eventually, unavailable.
# It automatically returns available as soon as all the slots are covered again.
#
# However sometimes you want the subset of the cluster which is working,
# to continue to accept queries for the part of the key space that is still
# covered. In order to do so, just set the cluster-require-full-coverage
# option to no.
#
# cluster-require-full-coverage yes
 
# This option, when set to yes, prevents replicas from trying to failover its
# master during master failures. However the master can still perform a
# manual failover, if forced to do so.
#
# This is useful in different scenarios, especially in the case of multiple
# data center operations, where we want one side to never be promoted if not
# in the case of a total DC failure.
#
# cluster-replica-no-failover no
 
# In order to setup your cluster make sure to read the documentation
# available at http://redis.io web site.
 
########################## CLUSTER DOCKER/NAT support  ########################
 
# In certain deployments, Redis Cluster nodes address discovery fails, because
# addresses are NAT-ted or because ports are forwarded (the typical case is
# Docker and other containers).
#
# In order to make Redis Cluster working in such environments, a static
# configuration where each node knows its public address is needed. The
# following two options are used for this scope, and are:
#
# * cluster-announce-ip
# * cluster-announce-port
# * cluster-announce-bus-port
#
# Each instruct the node about its address, client port, and cluster message
# bus port. The information is then published in the header of the bus packets
# so that other nodes will be able to correctly map the address of the node
# publishing the information.
#
# If the above options are not used, the normal Redis Cluster auto-detection
# will be used instead.
#
# Note that when remapped, the bus port may not be at the fixed offset of
# clients port + 10000, so you can specify any port and bus-port depending
# on how they get remapped. If the bus-port is not set, a fixed offset of
# 10000 will be used as usually.
#
# Example:
#
# cluster-announce-ip 10.1.1.5
# cluster-announce-port 6379
# cluster-announce-bus-port 6380
 
################################## SLOW LOG ###################################
 
# The Redis Slow Log is a system to log queries that exceeded a specified
# execution time. The execution time does not include the I/O operations
# like talking with the client, sending the reply and so forth,
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
# slow log. When a new command is logged the oldest one is removed from the
# queue of logged commands.
 
# The following time is expressed in microseconds, so 1000000 is equivalent
# to one second. Note that a negative number disables the slow log, while
# a value of zero forces the logging of every command.
slowlog-log-slower-than 10000
 
# There is no limit to this length. Just be aware that it will consume memory.
# You can reclaim memory used by the slow log with SLOWLOG RESET.
slowlog-max-len 128
 
################################ LATENCY MONITOR ##############################
 
# The Redis latency monitoring subsystem samples different operations
# at runtime in order to collect data related to possible sources of
# latency of a Redis instance.
#
# Via the LATENCY command this information is available to the user that can
# print graphs and obtain reports.
#
# The system only logs operations that were performed in a time equal or
# greater than the amount of milliseconds specified via the
# latency-monitor-threshold configuration directive. When its value is set
# to zero, the latency monitor is turned off.
#
# By default latency monitoring is disabled since it is mostly not needed
# if you don't have latency issues, and collecting data has a performance
# impact, that while very small, can be measured under big load. Latency
# monitoring can easily be enabled at runtime using the command
# "CONFIG SET latency-monitor-threshold " if needed.
latency-monitor-threshold 0
 
############################# EVENT NOTIFICATION ##############################
 
# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/notifications
#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key "foo" stored in the Database 0, two
# messages will be published via Pub/Sub:
#
# PUBLISH __keyspace@0__:foo del
# PUBLISH __keyevent@0__:del foo
#
# It is possible to select the events that Redis will notify among a set
# of classes. Every class is identified by a single character:
#
#  K     Keyspace events, published with __keyspace@__ prefix.
#  E     Keyevent events, published with __keyevent@__ prefix.
#  g     Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
#  $     String commands
#  l     List commands
#  s     Set commands
#  h     Hash commands
#  z     Sorted set commands
#  x     Expired events (events generated every time a key expires)
#  e     Evicted events (events generated when a key is evicted for maxmemory)
#  A     Alias for g$lshzxe, so that the "AKE" string means all the events.
#
#  The "notify-keyspace-events" takes as argument a string that is composed
#  of zero or multiple characters. The empty string means that notifications
#  are disabled.
#
#  Example: to enable list and generic events, from the point of view of the
#           event name, use:
#
#  notify-keyspace-events Elg
#
#  Example 2: to get the stream of the expired keys subscribing to channel
#             name __keyevent@0__:expired use:
#
  notify-keyspace-events Ex
#
#  By default all notifications are disabled because most users don't need
#  this feature and the feature has some overhead. Note that if you don't
#  specify at least one of K or E, no events will be delivered.
#notify-keyspace-events ""
 
############################### ADVANCED CONFIG ###############################
 
# Hashes are encoded using a memory efficient data structure when they have a
# small number of entries, and the biggest entry does not exceed a given
# threshold. These thresholds can be configured using the following directives.
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
 
# Lists are also encoded in a special way to save a lot of space.
# The number of entries allowed per internal list node can be specified
# as a fixed maximum size or a maximum number of elements.
# For a fixed maximum size, use -5 through -1, meaning:
# -5: max size: 64 Kb  <-- not recommended for normal workloads
# -4: max size: 32 Kb  <-- not recommended
# -3: max size: 16 Kb  <-- probably not recommended
# -2: max size: 8 Kb   <-- good
# -1: max size: 4 Kb   <-- good
# Positive numbers mean store up to _exactly_ that number of elements
# per list node.
# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
# but if your use case is unique, adjust the settings as necessary.
list-max-ziplist-size -2
 
# Lists may also be compressed.
# Compress depth is the number of quicklist ziplist nodes from *each* side of
# the list to *exclude* from compression.  The head and tail of the list
# are always uncompressed for fast push/pop operations.  Settings are:
# 0: disable all list compression
# 1: depth 1 means "don't start compressing until after 1 node into the list,
#    going from either the head or tail"
#    So: [head]->node->node->...->node->[tail]
#    [head], [tail] will always be uncompressed; inner nodes will compress.
# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
#    2 here means: don't compress head or head->next or tail->prev or tail,
#    but compress all nodes between them.
# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
# etc.
list-compress-depth 0
 
# Sets have a special encoding in just one case: when a set is composed
# of just strings that happen to be integers in radix 10 in the range
# of 64 bit signed integers.
# The following configuration setting sets the limit in the size of the
# set in order to use this special memory saving encoding.
set-max-intset-entries 512
 
# Similarly to hashes and lists, sorted sets are also specially encoded in
# order to save a lot of space. This encoding is only used when the length and
# elements of a sorted set are below the following limits:
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
 
# HyperLogLog sparse representation bytes limit. The limit includes the
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
# this limit, it is converted into the dense representation.
#
# A value greater than 16000 is totally useless, since at that point the
# dense representation is more memory efficient.
#
# The suggested value is ~ 3000 in order to have the benefits of
# the space efficient encoding without slowing down too much PFADD,
# which is O(N) with the sparse encoding. The value can be raised to
# ~ 10000 when CPU is not a concern, but space is, and the data set is
# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
hll-sparse-max-bytes 3000
 
# Streams macro node max size / items. The stream data structure is a radix
# tree of big nodes that encode multiple items inside. Using this configuration
# it is possible to configure how big a single node can be in bytes, and the
# maximum number of items it may contain before switching to a new node when
# appending new stream entries. If any of the following settings are set to
# zero, the limit is ignored, so for instance it is possible to set just a
# max entires limit by setting max-bytes to 0 and max-entries to the desired
# value.
stream-node-max-bytes 4096
stream-node-max-entries 100
 
# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
# order to help rehashing the main Redis hash table (the one mapping top-level
# keys to values). The hash table implementation Redis uses (see dict.c)
# performs a lazy rehashing: the more operation you run into a hash table
# that is rehashing, the more rehashing "steps" are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
#
# The default is to use this millisecond 10 times every second in order to
# actively rehash the main dictionaries, freeing memory when possible.
#
# If unsure:
# use "activerehashing no" if you have hard latency requirements and it is
# not a good thing in your environment that Redis can reply from time to time
# to queries with 2 milliseconds delay.
#
# use "activerehashing yes" if you don't have such hard requirements but
# want to free memory asap when possible.
activerehashing yes
 
# The client output buffer limits can be used to force disconnection of clients
# that are not reading data from the server fast enough for some reason (a
# common reason is that a Pub/Sub client can't consume messages as fast as the
# publisher can produce them).
#
# The limit can be set differently for the three different classes of clients:
#
# normal -> normal clients including MONITOR clients
# replica  -> replica clients
# pubsub -> clients subscribed to at least one pubsub channel or pattern
#
# The syntax of every client-output-buffer-limit directive is the following:
#
# client-output-buffer-limit    
#
# A client is immediately disconnected once the hard limit is reached, or if
# the soft limit is reached and remains reached for the specified number of
# seconds (continuously).
# So for instance if the hard limit is 32 megabytes and the soft limit is
# 16 megabytes / 10 seconds, the client will get disconnected immediately
# if the size of the output buffers reach 32 megabytes, but will also get
# disconnected if the client reaches 16 megabytes and continuously overcomes
# the limit for 10 seconds.
#
# By default normal clients are not limited because they don't receive data
# without asking (in a push way), but just after a request, so only
# asynchronous clients may create a scenario where data is requested faster
# than it can read.
#
# Instead there is a default limit for pubsub and replica clients, since
# subscribers and replicas receive data in a push fashion.
#
# Both the hard or the soft limit can be disabled by setting them to zero.
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
 
# Client query buffers accumulate new commands. They are limited to a fixed
# amount by default in order to avoid that a protocol desynchronization (for
# instance due to a bug in the client) will lead to unbound memory usage in
# the query buffer. However you can configure it here if you have very special
# needs, such us huge multi/exec requests or alike.
#
# client-query-buffer-limit 1gb
 
# In the Redis protocol, bulk requests, that are, elements representing single
# strings, are normally limited ot 512 mb. However you can change this limit
# here.
#
# proto-max-bulk-len 512mb
 
# Redis calls an internal function to perform many background tasks, like
# closing connections of clients in timeout, purging expired keys that are
# never requested, and so forth.
#
# Not all tasks are performed with the same frequency, but Redis checks for
# tasks to perform according to the specified "hz" value.
#
# By default "hz" is set to 10. Raising the value will use more CPU when
# Redis is idle, but at the same time will make Redis more responsive when
# there are many keys expiring at the same time, and timeouts may be
# handled with more precision.
#
# The range is between 1 and 500, however a value over 100 is usually not
# a good idea. Most users should use the default of 10 and raise this up to
# 100 only in environments where very low latency is required.
hz 10
 
# Normally it is useful to have an HZ value which is proportional to the
# number of clients connected. This is useful in order, for instance, to
# avoid too many clients are processed for each background task invocation
# in order to avoid latency spikes.
#
# Since the default HZ value by default is conservatively set to 10, Redis
# offers, and enables by default, the ability to use an adaptive HZ value
# which will temporary raise when there are many connected clients.
#
# When dynamic HZ is enabled, the actual configured HZ will be used as
# as a baseline, but multiples of the configured HZ value will be actually
# used as needed once more clients are connected. In this way an idle
# instance will use very little CPU time while a busy instance will be
# more responsive.
dynamic-hz yes
 
# When a child rewrites the AOF file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
aof-rewrite-incremental-fsync yes
 
# When redis saves RDB file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
rdb-save-incremental-fsync yes
 
# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good
# idea to start with the default settings and only change them after investigating
# how to improve the performances and how the keys LFU change over time, which
# is possible to inspect via the OBJECT FREQ command.
#
# There are two tunable parameters in the Redis LFU implementation: the
# counter logarithm factor and the counter decay time. It is important to
# understand what the two parameters mean before changing them.
#
# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis
# uses a probabilistic increment with logarithmic behavior. Given the value
# of the old counter, when a key is accessed, the counter is incremented in
# this way:
#
# 1. A random number R between 0 and 1 is extracted.
# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).
# 3. The counter is incremented only if R < P.
#
# The default lfu-log-factor is 10. This is a table of how the frequency
# counter changes with a different number of accesses with different
# logarithmic factors:
#
# +--------+------------+------------+------------+------------+------------+
# | factor | 100 hits   | 1000 hits  | 100K hits  | 1M hits    | 10M hits   |
# +--------+------------+------------+------------+------------+------------+
# | 0      | 104        | 255        | 255        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 1      | 18         | 49         | 255        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 10     | 10         | 18         | 142        | 255        | 255        |
# +--------+------------+------------+------------+------------+------------+
# | 100    | 8          | 11         | 49         | 143        | 255        |
# +--------+------------+------------+------------+------------+------------+
#
# NOTE: The above table was obtained by running the following commands:
#
#   redis-benchmark -n 1000000 incr foo
#   redis-cli object freq foo
#
# NOTE 2: The counter initial value is 5 in order to give new objects a chance
# to accumulate hits.
#
# The counter decay time is the time, in minutes, that must elapse in order
# for the key counter to be divided by two (or decremented if it has a value
# less <= 10).
#
# The default value for the lfu-decay-time is 1. A Special value of 0 means to
# decay the counter every time it happens to be scanned.
#
# lfu-log-factor 10
# lfu-decay-time 1
 
########################### ACTIVE DEFRAGMENTATION #######################
#
# WARNING THIS FEATURE IS EXPERIMENTAL. However it was stress tested
# even in production and manually tested by multiple engineers for some
# time.
#
# What is active defragmentation?
# -------------------------------
#
# Active (online) defragmentation allows a Redis server to compact the
# spaces left between small allocations and deallocations of data in memory,
# thus allowing to reclaim back memory.
#
# Fragmentation is a natural process that happens with every allocator (but
# less so with Jemalloc, fortunately) and certain workloads. Normally a server
# restart is needed in order to lower the fragmentation, or at least to flush
# away all the data and create it again. However thanks to this feature
# implemented by Oran Agra for Redis 4.0 this process can happen at runtime
# in an "hot" way, while the server is running.
#
# Basically when the fragmentation is over a certain level (see the
# configuration options below) Redis will start to create new copies of the
# values in contiguous memory regions by exploiting certain specific Jemalloc
# features (in order to understand if an allocation is causing fragmentation
# and to allocate it in a better place), and at the same time, will release the
# old copies of the data. This process, repeated incrementally for all the keys
# will cause the fragmentation to drop back to normal values.
#
# Important things to understand:
#
# 1. This feature is disabled by default, and only works if you compiled Redis
#    to use the copy of Jemalloc we ship with the source code of Redis.
#    This is the default with Linux builds.
#
# 2. You never need to enable this feature if you don't have fragmentation
#    issues.
#
# 3. Once you experience fragmentation, you can enable this feature when
#    needed with the command "CONFIG SET activedefrag yes".
#
# The configuration parameters are able to fine tune the behavior of the
# defragmentation process. If you are not sure about what they mean it is
# a good idea to leave the defaults untouched.
 
# Enabled active defragmentation
# activedefrag yes
 
# Minimum amount of fragmentation waste to start active defrag
# active-defrag-ignore-bytes 100mb
 
# Minimum percentage of fragmentation to start active defrag
# active-defrag-threshold-lower 10
 
# Maximum percentage of fragmentation at which we use maximum effort
# active-defrag-threshold-upper 100
 
# Minimal effort for defrag in CPU percentage
# active-defrag-cycle-min 5
 
# Maximal effort for defrag in CPU percentage
# active-defrag-cycle-max 75
 
# Maximum number of set/hash/zset/list fields that will be processed from
# the main dictionary scan
# active-defrag-max-scan-fields 1000
Redis server to compact the
# spaces left between small allocations and deallocations of data in memory,
# thus allowing to reclaim back memory.
#
# Fragmentation is a natural process that happens with every allocator (but
# less so with Jemalloc, fortunately) and certain workloads. Normally a server
# restart is needed in order to lower the fragmentation, or at least to flush
# away all the data and create it again. However thanks to this feature
# implemented by Oran Agra for Redis 4.0 this process can happen at runtime
# in an "hot" way, while the server is running.
#
# Basically when the fragmentation is over a certain level (see the
# configuration options below) Redis will start to create new copies of the
# values in contiguous memory regions by exploiting certain specific Jemalloc
# features (in order to understand if an allocation is causing fragmentation
# and to allocate it in a better place), and at the same time, will release the
# old copies of the data. This process, repeated incrementally for all the keys
# will cause the fragmentation to drop back to normal values.
#
# Important things to understand:
#
# 1. This feature is disabled by default, and only works if you compiled Redis
#    to use the copy of Jemalloc we ship with the source code of Redis.
#    This is the default with Linux builds.
#
# 2. You never need to enable this feature if you don't have fragmentation
#    issues.
#
# 3. Once you experience fragmentation, you can enable this feature when
#    needed with the command "CONFIG SET activedefrag yes".
#
# The configuration parameters are able to fine tune the behavior of the
# defragmentation process. If you are not sure about what they mean it is
# a good idea to leave the defaults untouched.
 
# Enabled active defragmentation
# activedefrag yes
 
# Minimum amount of fragmentation waste to start active defrag
# active-defrag-ignore-bytes 100mb
 
# Minimum percentage of fragmentation to start active defrag
# active-defrag-threshold-lower 10
 
# Maximum percentage of fragmentation at which we use maximum effort
# active-defrag-threshold-upper 100
 
# Minimal effort for defrag in CPU percentage
# active-defrag-cycle-min 5
 
# Maximal effort for defrag in CPU percentage
# active-defrag-cycle-max 75
 
# Maximum number of set/hash/zset/list fields that will be processed from
# the main dictionary scan
# active-defrag-max-scan-fields 1000

你可能感兴趣的:(docker,docker,linux,运维)