openEuler 22.03 LTS 环境使用 Docker Compose 一键部署 JumpServer (all-in-one 模式)

环境回顾

上一篇文章中,我们讲解了 openEuler 22.03 LTS 安装 Docker CE 和 Dcoker Compose,部署的软件环境版本分别如下:

  • OS 系统openEuler 22.03 LTS(openEuler-22.03-LTS-x86_64-dvd.iso)
  • Docker EngineDocker CE(Docker Engine - Community v24.0.6)
  • Docker ComposeDocker Compose v2.21.0

接着上面部署的环境,我们继续讲解如何使用 docker compose 一键部署 JumpServer (all-in-one 模式)。
openEuler 22.03 LTS 环境使用 Docker Compose 一键部署 JumpServer (all-in-one 模式)_第1张图片

Compose 部署步骤

编排文件是使用 Docker Compose 的核心,支持 compose.yaml 或者compose.yml 作为默认名称,也向后兼容 docker-compose.yamldocker-compose.yml,如果这些文件都存在则首选 compose.yaml。你也可以使用其他名称,只是需要在启动的时候指定文件名。

  • Docker EngineCompose 版本支持列表
Compose file format Docker Engine release
Compose specification 19.03.0+
3.8 19.03.0+
3.7 18.06.0+
3.6 18.02.0+
3.5 17.12.0+
3.4 17.09.0+
3.3 17.06.0+
3.2 17.04.0+
3.1 1.13.1+
3.0 1.13.0+
2.4 17.12.0+
2.3 17.06.0+
2.2 1.13.0+
2.1 1.12.0+
2.0 1.10.0+

关于 dockercompose 支持矩阵更多信息,请查看官方文档 https://docs.docker.com/compose/compose-file/compose-file-v3/

1、compose healthcheck 举例

关于 mariadb docker compose healthcheck 配置说明:

Docker Compose 可以通过在 docker-compose.yml 文件中设置 healthcheck 配置来检查 MariaDB 容器的健康状态。

docker-compose.yml 中,可以在 services.mariadb 配置下添加 healthcheck

services:
  mariadb:
    image: mariadb:latest
    healthcheck:
      test: ["CMD-SHELL", "mysqladmin ping --silent"]
      interval: 30s
      timeout: 10s
      retries: 3

在这个例子中,我们使用了 mysqladmin ping 命令来检查 MariaDB 是否健康。如果 MariaDB 返回了 “mysqld is alive”,则视为健康,否则视为不健康。间隔 30s 检查一次,超时 10s,如果失败 3次 就认为 unhealthy

注意:如果 MariaDB 容器内部没有安装 mysqladmin 命令,这个健康检查将失败。

2、编写 Compose.yaml 文件

编写 jumpserver-allinone-compose.yaml 文件信息如下:

version: '3.8'
services:
  mariadb:
    image: mariadb:10.11
    container_name: jms_mariadb
    restart: always
    command: --log-bin --log-basename=mariadb --character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci
    environment:
      DB_PORT: ${DB_PORT:-3306}
      MARIADB_ROOT_PASSWORD: ${DB_PASSWORD:-My123456}
      MARIADB_DATABASE: ${DB_NAME:-jumpserver}
      TZ: "Asia/Shanghai"
    ports:
      - 3306:3306
    healthcheck:
      test: "mysql -h 127.0.0.1 -u root -p $$MARIADB_ROOT_PASSWORD -e 'SHOW DATABASES;'"
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 30s
    volumes:
      - ${VOLUME_DIR:-./jms_data}/mariadb/data:/var/lib/mysql
    networks:
      - net

  redis:
    image: redis:6.2
    container_name: jms_redis
    restart: always
    command: redis-server --requirepass ${REDIS_PASSWORD:-Rds123456} --loglevel warning --maxmemory-policy allkeys-lru
    environment:
      REDIS_PORT: ${REDIS_PORT:-6379}
      REDIS_PASSWORD: ${REDIS_PASSWORD:-Rds123456}
    ports:
      - 6379:6379
    healthcheck:
      test: "redis-cli -h 127.0.0.1 -p $$REDIS_PORT -a $$REDIS_PASSWORD info Replication"
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 10s
    volumes:
      - ${VOLUME_DIR:-./jms_data}/redis/data:/data
    networks:
      - net

  jumpserver:
    image: jumpserver/jms_all:${VERSION:-latest}
    build:
      context: .
      dockerfile: Dockerfile
    container_name: jms_all
    privileged: true
    restart: always
    environment:
      SECRET_KEY: ${SECRET_KEY:-vYneAbsXUhe4BghEeedNL7nfWLwaTTmhnwQMvjYOIG25Ofzghk}
      BOOTSTRAP_TOKEN: ${BOOTSTRAP_TOKEN:-K1ffDfLSIK8SV2PZj6VaxOiv8KuawlJK}
      DEBUG: ${DEBUG:-FALSE}
      LOG_LEVEL: ${LOG_LEVEL:-ERROR}
      DB_HOST: ${DB_HOST:-mysql}
      DB_PORT: ${DB_PORT:-3306}
      DB_USER: ${DB_USER:-root}
      DB_PASSWORD: ${DB_PASSWORD:-My123456}
      DB_NAME: ${DB_NAME:-jumpserver}
      REDIS_HOST: ${REDIS_HOST:-redis}
      REDIS_PORT: ${REDIS_PORT:-6379}
      REDIS_PASSWORD: ${REDIS_PASSWORD:-Rds123456}
      MAGNUS_MYSQL_PORT: ${MAGNUS_MYSQL_PORT:-33061}
      MAGNUS_MARIADB_PORT: ${MAGNUS_MARIADB_PORT:-33062}
      MAGNUS_REDIS_PORT: ${MAGNUS_REDIS_PORT:-63790}
    ports:
      - ${HTTP_PORT:-80}:80/tcp
      - ${SSH_PORT:-2222}:2222/tcp
      - ${MAGNUS_MYSQL_PORT:-33061}:33061/tcp
      - ${MAGNUS_MARIADB_PORT:-33062}:33062/tcp
      - ${MAGNUS_REDIS_PORT:-63790}:63790/tcp
    depends_on:
      mariadb:
        condition: service_healthy
      redis:
        condition: service_healthy
    healthcheck:
      test: "curl -fsL http://localhost/api/health/ > /dev/null"
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 90s
    volumes:
      - ${VOLUME_DIR:-./jms_data}/core/data:/opt/jumpserver/core/data
      - ${VOLUME_DIR:-./jms_data}/koko/data:/opt/jumpserver/koko/data
      - ${VOLUME_DIR:-./jms_data}/lion/data:/opt/jumpserver/lion/data
      - ${VOLUME_DIR:-./jms_data}/magnus/data:/opt/jumpserver/magnus/data
      - ${VOLUME_DIR:-./jms_data}/chen/data:/opt/jumpserver/chen/data
      - ${VOLUME_DIR:-./jms_data}/kael/data:/opt/jumpserver/kael/data
      - ${VOLUME_DIR:-./jms_data}/nginx/data:/var/log/nginx
    networks:
      - net

networks:
  net:

3、执行 Compose 命令

查看 docker compose 命令:

[root@jumpServer ~]# docker compose --help

Usage:  docker compose [OPTIONS] COMMAND

Define and run multi-container applications with Docker.

Options:
      --ansi string                Control when to print ANSI control characters ("never"|"always"|"auto")
                                   (default "auto")
      --compatibility              Run compose in backward compatibility mode
      --dry-run                    Execute command in dry run mode
      --env-file stringArray       Specify an alternate environment file.
  -f, --file stringArray           Compose configuration files
      --parallel int               Control max parallelism, -1 for unlimited (default -1)
      --profile stringArray        Specify a profile to enable
      --progress string            Set type of progress output (auto, tty, plain, quiet) (default "auto")
      --project-directory string   Specify an alternate working directory
                                   (default: the path of the, first specified, Compose file)
  -p, --project-name string        Project name

Commands:
  build       Build or rebuild services
  config      Parse, resolve and render compose file in canonical format
  cp          Copy files/folders between a service container and the local filesystem
  create      Creates containers for a service.
  down        Stop and remove containers, networks
  events      Receive real time events from containers.
  exec        Execute a command in a running container.
  images      List images used by the created containers
  kill        Force stop service containers.
  logs        View output from containers
  ls          List running compose projects
  pause       Pause services
  port        Print the public port for a port binding.
  ps          List containers
  pull        Pull service images
  push        Push service images
  restart     Restart service containers
  rm          Removes stopped service containers
  run         Run a one-off command on a service.
  start       Start services
  stop        Stop services
  top         Display the running processes
  unpause     Unpause services
  up          Create and start containers
  version     Show the Docker Compose version information
  wait        Block until the first service container stops

Run 'docker compose COMMAND --help' for more information on a command.
  • 指定 jumpserver-allinone-compose.yaml 文件执行命令快速部署:
docker compose -f jumpserver-allinone-compose.yaml up -d 

执行此步骤耐心等待,正常情况输出如下信息:

[root@jumpServer ~]# docker compose -f jumpserver-allinone-compose.yaml up -d 
[+] Running 51/51
 ✔ jumpserver 34 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                         1597.9s 
   ✔ b70638ed4228 Pull complete                                                                               26.3s 
   ✔ 1671b05d5ff8 Pull complete                                                                               14.2s 
   ✔ cf6d41d3b58e Pull complete                                                                               15.3s 
   ✔ 4658ace5181e Pull complete                                                                               26.8s 
   ✔ 7d89f2b712aa Pull complete                                                                               19.0s 
   ✔ 27f0595597bf Pull complete                                                                             1371.3s 
   ✔ 5e1c9213656f Pull complete                                                                               30.6s 
   ✔ 6b08cbabd196 Pull complete                                                                               59.3s 
   ✔ d5e6b8f645d0 Pull complete                                                                               33.5s 
   ✔ e61f3aac1553 Pull complete                                                                               35.3s 
   ✔ 38e8b0b2cb1d Pull complete                                                                               37.2s 
   ✔ 4f4fb700ef54 Pull complete                                                                              106.2s 
   ✔ 0c2dc397c237 Pull complete                                                                              153.2s 
   ✔ fdf489862f49 Pull complete                                                                              115.6s 
   ✔ 7d15347457c2 Pull complete                                                                              122.3s 
   ✔ 9ee083a8a7ed Pull complete                                                                              127.2s 
   ✔ 3028c2686750 Pull complete                                                                              134.0s 
   ✔ 5c15a5371a5f Pull complete                                                                              136.6s 
   ✔ df85ed73d9c7 Pull complete                                                                              175.0s 
   ✔ 0fbce6cdb40f Pull complete                                                                              180.1s 
   ✔ 58780c9b73c1 Pull complete                                                                              430.0s 
   ✔ 8370e2af9b40 Pull complete                                                                              185.8s 
   ✔ cd0ff3c5c678 Pull complete                                                                              205.5s 
   ✔ 46772bf55cde Pull complete                                                                              222.4s 
   ✔ e58fedb6f561 Pull complete                                                                              227.6s 
   ✔ 361691cd930c Pull complete                                                                              257.6s 
   ✔ 181b8c1b3ce9 Pull complete                                                                              274.7s 
   ✔ 282738152c09 Pull complete                                                                              291.6s 
   ✔ 9b9cbb19c5bf Pull complete                                                                              299.0s 
   ✔ 0256f5cdf016 Pull complete                                                                              314.0s 
   ✔ bdf2050c3e51 Pull complete                                                                              315.9s 
   ✔ 34b12bf59808 Pull complete                                                                              331.0s 
   ✔ 1676acb3a378 Pull complete                                                                              344.4s 
   ✔ c009086876be Pull complete                                                                              346.3s 
 ✔ mariadb 8 layers [⣿⣿⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                        484.5s 
   ✔ 7a2c55901189 Pull complete                                                                              370.2s 
   ✔ 7eb404fb6599 Pull complete                                                                              385.5s 
   ✔ b82494ba74d0 Pull complete                                                                              391.6s 
   ✔ c12aefc63360 Pull complete                                                                              394.9s 
   ✔ 755d4f319cad Pull complete                                                                              397.0s 
   ✔ 3a356b485f3e Pull complete                                                                              429.8s 
   ✔ 58cecd92a800 Pull complete                                                                              442.3s 
   ✔ 1a788b911657 Pull complete                                                                              442.4s 
 ✔ redis 6 layers [⣿⣿⣿⣿⣿⣿]      0B/0B      Pulled                                                            520.5s 
   ✔ a378f10b3218 Pull complete                                                                              454.1s 
   ✔ a18aae639f26 Pull complete                                                                              447.5s 
   ✔ cc636628b1d6 Pull complete                                                                              451.5s 
   ✔ 28d286c885bb Pull complete                                                                              458.1s 
   ✔ eb5d7888e466 Pull complete                                                                              456.4s 
   ✔ 94ae6bcf7a05 Pull complete                                                                              471.0s 
[+] Running 4/4
 ✔ Network root_net       Created                                                                              7.2s 
 ✔ Container jms_mariadb  Healthy                                                                              5.6s 
 ✔ Container jms_redis    Healthy                                                                              5.6s 
 ✔ Container jms_all      Created                                                                              2.0s 
...

如果出现如下错误信息:

说明:该问题已经反馈 github issues,请查看https://github.com/jumpserver/jumpserver/issues/11983

 [+] Running 4/4
 ✔ Network root_net       Created                                                           7.2s 
 ✘ Container jms_mariadb  Error                                                             5.6s
 ✔ Container jms_redis    Healthy                                                           5.6s 
 ✔ Container jms_all      Created                                                           2.0s 
dependency failed to start: container jms_mariadb is unhealthy

继续查看 168b11c99368 mariadb:10.11 容器日志信息:

[root@jumpServer ~]# docker container ls
CONTAINER ID   IMAGE           COMMAND                   CREATED              STATUS                          PORTS                                       NAMES
168b11c99368   mariadb:10.11   "docker-entrypoint.s…"   About a minute ago   Up About a minute (unhealthy)   0.0.0.0:3306->3306/tcp, :::3306->3306/tcp   jms_mariadb
a1a18950bf2c   redis:6.2       "docker-entrypoint.s…"   About a minute ago   Up About a minute (healthy)     0.0.0.0:6379->6379/tcp, :::6379->6379/tcp   jms_redis
[root@jumpServer ~]# docker container logs 168b11c99368
2023-10-25 22:27:25+08:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.5+maria~ubu2204 started.
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.5+maria~ubu2204 started.
2023-10-25 22:27:26+08:00 [Note] [Entrypoint]: Initializing database files

PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
To do so, start the server, then issue the following command:

'/usr/bin/mariadb-secure-installation'

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the MariaDB Knowledgebase at https://mariadb.com/kb

Please report any problems at https://mariadb.org/jira

The latest information about MariaDB is available at https://mariadb.org/.

Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/

2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Database files initialized
2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Starting temporary server
2023-10-25 22:28:35+08:00 [Note] [Entrypoint]: Waiting for server startup
2023-10-25 22:28:35 0 [Note] Starting MariaDB 10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log source revision 7875294b6b74b53dd3aaa723e6cc103d2bb47b2c as process 141
2023-10-25 22:28:36 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2023-10-25 22:28:36 0 [Note] InnoDB: Number of transaction pools: 1
2023-10-25 22:28:36 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2023-10-25 22:28:36 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2023-10-25 22:28:36 0 [Note] InnoDB: Using liburing
2023-10-25 22:28:36 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2023-10-25 22:28:36 0 [Note] InnoDB: Completed initialization of buffer pool
2023-10-25 22:28:36 0 [Note] InnoDB: File system buffers for log disabled (block size=4096 bytes)
2023-10-25 22:28:36 0 [Note] InnoDB: End of log at LSN=46438
2023-10-25 22:28:36 0 [Note] InnoDB: 128 rollback segments are active.
2023-10-25 22:28:36 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2023-10-25 22:28:36 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2023-10-25 22:28:36 0 [Note] InnoDB: log sequence number 46438; transaction id 14
2023-10-25 22:28:36 0 [Note] Plugin 'FEEDBACK' is disabled.
2023-10-25 22:28:37 0 [Warning] 'user' entry 'root@168b11c99368' ignored in --skip-name-resolve mode.
2023-10-25 22:28:37 0 [Warning] 'proxies_priv' entry '@% root@168b11c99368' ignored in --skip-name-resolve mode.
2023-10-25 22:28:37 0 [Note] mariadbd: ready for connections.
Version: '10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log'  socket: '/run/mysqld/mysqld.sock'  port: 0  mariadb.org binary distribution
2023-10-25 22:28:38+08:00 [Note] [Entrypoint]: Temporary server started.
2023-10-25 22:28:47+08:00 [Note] [Entrypoint]: Creating database jumpserver
2023-10-25 22:28:47+08:00 [Note] [Entrypoint]: Securing system users (equivalent to running mysql_secure_installation)

2023-10-25 22:28:48+08:00 [Note] [Entrypoint]: Stopping temporary server
2023-10-25 22:28:48 0 [Note] mariadbd (initiated by: unknown): Normal shutdown
2023-10-25 22:28:48 0 [Note] InnoDB: FTS optimize thread exiting.
2023-10-25 22:28:49 0 [Note] InnoDB: Starting shutdown...
2023-10-25 22:28:49 0 [Note] InnoDB: Dumping buffer pool(s) to /var/lib/mysql/ib_buffer_pool
2023-10-25 22:28:49 0 [Note] InnoDB: Buffer pool(s) dump completed at 231025 22:28:49
2023-10-25 22:28:50 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
2023-10-25 22:28:50 0 [Note] InnoDB: Shutdown completed; log sequence number 46438; transaction id 15
2023-10-25 22:28:50 0 [Note] mariadbd: Shutdown complete

2023-10-25 22:28:50+08:00 [Note] [Entrypoint]: Temporary server stopped

2023-10-25 22:28:50+08:00 [Note] [Entrypoint]: MariaDB init process done. Ready for start up.

2023-10-25 22:28:50 0 [Note] Starting MariaDB 10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log source revision 7875294b6b74b53dd3aaa723e6cc103d2bb47b2c as process 1
2023-10-25 22:28:50 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2023-10-25 22:28:50 0 [Note] InnoDB: Number of transaction pools: 1
2023-10-25 22:28:50 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
2023-10-25 22:28:50 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
2023-10-25 22:28:50 0 [Note] InnoDB: Using liburing
2023-10-25 22:28:50 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
2023-10-25 22:28:50 0 [Note] InnoDB: Completed initialization of buffer pool
2023-10-25 22:28:50 0 [Note] InnoDB: File system buffers for log disabled (block size=4096 bytes)
2023-10-25 22:28:50 0 [Note] InnoDB: End of log at LSN=46438
2023-10-25 22:28:50 0 [Note] InnoDB: 128 rollback segments are active.
2023-10-25 22:28:50 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
2023-10-25 22:28:50 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
2023-10-25 22:28:50 0 [Note] InnoDB: log sequence number 46438; transaction id 14
2023-10-25 22:28:50 0 [Note] Plugin 'FEEDBACK' is disabled.
2023-10-25 22:28:50 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
2023-10-25 22:28:50 0 [Note] InnoDB: Buffer pool(s) load completed at 231025 22:28:50
2023-10-25 22:28:50 0 [Note] Server socket created on IP: '0.0.0.0'.
2023-10-25 22:28:50 0 [Note] Server socket created on IP: '::'.
2023-10-25 22:28:51 0 [Note] mariadbd: ready for connections.
Version: '10.11.5-MariaDB-1:10.11.5+maria~ubu2204-log'  socket: '/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution

继续进入容器查看:

docker 进入当前正在运行容器的两种方式(exec 和 attach 的区别),https://blog.csdn.net/Starrysky_LTL/article/details/121168670

openEuler 22.03 LTS 环境使用 Docker Compose 一键部署 JumpServer (all-in-one 模式)_第2张图片

  • 测试完毕后清理环境:
docker compose -f jumpserver-allinone-compose.yaml down -v

输出如下信息:

[root@jumpServer ~]# docker compose -f jumpserver-allinone-compose.yaml down
[+] Running 4/4
 ✔ Container jms_all      Removed                                                                              0.0s 
 ✔ Container jms_mariadb  Removed                                                                              5.2s 
 ✔ Container jms_redis    Removed                                                                              5.0s 
 ✔ Network root_net       Removed                                                                              1.1s 

4、查看 Docker 镜像

通过 compose.yaml 文件拉取的 docker 镜像(image)如下:

[root@jumpServer ~]# docker image ls
REPOSITORY           TAG       IMAGE ID       CREATED       SIZE
jumpserver/jms_all   latest    a4428decf662   4 days ago    3.48GB
redis                6.2       81f00da770d8   6 days ago    127MB
mariadb              10.11     3b3ad3b80a5c   11 days ago   395MB

验证 JumpServer 安装

浏览器查看 JumpServer

  • 地址:http://:<服务运行端口>
  • 用户名:admin
  • 密码:admin

首次登陆需要修改初始密码,修改后再次登录即可进入系统。

openEuler 22.03 LTS 环境使用 Docker Compose 一键部署 JumpServer (all-in-one 模式)_第3张图片

你可能感兴趣的:(Docker,&,Podman,Linux,docker,容器,运维,linux,openEuler,堡垒机,JumpServer)