# 修改软件源
# https://mirrors.ustc.edu.cn/help/ubuntu-ports.html
sudo bash -c '
cat > /etc/apt/sources.list <<EOF
# 默认注释了源码仓库,如有需要可自行取消注释
deb https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy main restricted universe multiverse
# deb-src https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-security main restricted universe multiverse
# deb-src https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-security main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-updates main restricted universe multiverse
# deb-src https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-updates main restricted universe multiverse
deb https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-backports main restricted universe multiverse
# deb-src https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-backports main restricted universe multiverse
# 预发布软件源,不建议启用
# deb https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-proposed main restricted universe multiverse
# deb-src https://mirrors.ustc.edu.cn/ubuntu-ports/ jammy-proposed main restricted universe multiverse
EOF
'
sudo apt update
# 时区
sudo apt install -y tzdata
sudo bash -c 'ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo "Asia/Shanghai" > /etc/timezone'
# 中文
sudo apt install -y language-pack-zh-hans fonts-wqy-zenhei
sudo update-locale LANG=C.UTF-8
# 安装Docker
sudo curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt update
docker_version=$(apt-cache madison docker-ce | grep 27.5.1-1 | awk '{print $3}')
sudo apt install -y docker-ce=${docker_version} docker-ce-cli=${docker_version} --allow-downgrades
# 将当前用户加入到docker用户组,退出当前SSH连接,重新连接SSH后生效
sudo usermod -aG docker $USER
# Docker设置国内镜像源
# Docker设置允许使用http的方式从私有镜像仓库拉取和推送镜像
# Docker设置日志上限为100M
# 如果需要更改存储目录,附加选项 "data-root": "/path/to/docker"
sudo bash -c '
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
],
"insecure-registries": [
],
"log-opts": {
"max-size": "100m"
}
}
EOF
'
sudo systemctl restart docker
# E1001 NX 已自带NVIDIA Driver
# 使用国内镜像源安装NVIDIA Container Toolkit
# https://nvidia.github.io/libnvidia-container/gpgkey
sudo rm -rvf /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg
curl -fsSL https://ghfast.top/https://github.com/NVIDIA/libnvidia-container/blob/gh-pages/gpgkey | \
sudo gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg
curl -s -L https://mirrors.ustc.edu.cn/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \
sed "s#deb https://nvidia.github.io#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://mirrors.ustc.edu.cn#g" | \
sudo tee /etc/apt/sources.list.d/nvidia-container-toolkit.list
sudo apt update
sudo apt install -y nvidia-container-toolkit
sudo systemctl restart docker
# 配置NvidiaRuntime
# E1001 NX 不支持 --gpu 选项,需要使用 --runtime nvidia
sudo nvidia-ctk runtime configure --runtime=docker
sudo systemctl restart docker
# 创建容器持久化目录
mkdir -p ~/workspace-docker
# 更改容器持久化目录权限
sudo chown $(id -u):$(id -g) ~/workspace-docker
################
# MariaDB
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/mariadb:11
mkdir -p ~/workspace-docker/mariadb
docker rm -f mariadb
docker run -d --restart unless-stopped --name mariadb \
-p 3306:3306 \
-e MARIADB_ROOT_PASSWORD=Mm123456 \
-v ~/workspace-docker/mariadb:/var/lib/mysql \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/mariadb:11 --character-set-server=utf8mb4 --collation-server=utf8mb4_bin --max-connections=3000
#
################
################
# Redis
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/redis:7
mkdir -p ~/workspace-docker/redis
docker rm -f redis
docker run -d --restart unless-stopped --name redis \
-p 6379:6379 \
-v ~/workspace-docker/redis:/data \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/redis:7 \
bash -c '
find appendonlydir \( -name "*.aof" -o -name "*.manifest" \) -exec bash -c "echo y | redis-check-aof --fix {}" \;
redis-server --requirepass Rr123456 --appendonly yes
'
#
################
################
# MinIO
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/minio:RELEASE.2021-04-22T15-44-28Z
mkdir -p ~/workspace-docker/minio/vos
docker rm -f minio
docker run -d --restart unless-stopped --name minio \
-p 9000:9000 \
-e MINIO_ROOT_USER=root \
-e MINIO_ROOT_PASSWORD=Mm123456 \
-v ~/workspace-docker/minio:/data \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/minio:RELEASE.2021-04-22T15-44-28Z server /data
#
################
################
# Consul
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/consul:1.14
mkdir -p ~/workspace-docker/consul
docker rm -f consul
docker run -d --restart unless-stopped --name consul \
-p 8500:8500 \
-v ~/workspace-docker/consul:/consul/data \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/consul:1.14 agent -server -bootstrap-expect=1 -node=node1 -ui -client=0.0.0.0
#
################
################
# Elasticsearch
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/elasticsearch:8.17.2
mkdir -p ~/workspace-docker/elasticsearch/data
mkdir -p ~/workspace-docker/elasticsearch/plugins
# 修正目录权限
docker run --rm --user root \
-v ~/workspace-docker/elasticsearch/data:/usr/share/elasticsearch/data \
-v ~/workspace-docker/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/elasticsearch:8.17.2 \
chown -R elasticsearch /usr/share/elasticsearch/data /usr/share/elasticsearch/plugins
docker rm -f elasticsearch
docker run -d --restart unless-stopped --name elasticsearch \
-p 9200:9200 -p 9300:9300 \
-e discovery.type="single-node" \
-e network.host="0.0.0.0" \
-e http.cors.enabled="true" \
-e http.cors.allow-origin='"*"' \
-e xpack.security.enabled="true" \
-e xpack.security.http.ssl.enabled="false" \
-e xpack.security.transport.ssl.enabled="false" \
-e cluster.routing.allocation.disk.threshold_enabled="false" \
-e ELASTIC_PASSWORD="Ee123456" \
-e ES_JAVA_OPTS="-Xms2g -Xmx2g" \
-v ~/workspace-docker/elasticsearch/data:/usr/share/elasticsearch/data \
-v ~/workspace-docker/elasticsearch/plugins:/usr/share/elasticsearch/plugins \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/elasticsearch:8.17.2
#
################
################
# Kafka
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/cp-kafka:7.6.1
# 生成CLUSTER_ID
# docker run --rm swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/cp-kafka:7.6.1 /bin/kafka-storage random-uuid
mkdir -p ~/workspace-docker/kafka/secrets
mkdir -p ~/workspace-docker/kafka/data
# 修正目录权限
docker run --rm --user root \
-v ~/workspace-docker/kafka/secrets:/etc/kafka/secrets \
-v ~/workspace-docker/kafka/data:/var/lib/kafka/data \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/cp-kafka:7.6.1 \
chown -R appuser:appuser /etc/kafka/secrets /var/lib/kafka/data
docker rm -f kafka-kraft
docker run -d --restart unless-stopped --name kafka-kraft \
-p 19001:19001 -p 19002:19002 \
-e CLUSTER_ID='nYxq5AcRS1q8H1zkM1XHzw' \
-e KAFKA_NODE_ID=1 \
-e KAFKA_PROCESS_ROLES='broker,controller' \
-e KAFKA_LISTENER_SECURITY_PROTOCOL_MAP='PLAINTEXT:PLAINTEXT,CONTROLLER:PLAINTEXT' \
-e KAFKA_INTER_BROKER_LISTENER_NAME='PLAINTEXT' \
-e KAFKA_CONTROLLER_LISTENER_NAMES='CONTROLLER' \
-e KAFKA_LISTENERS='PLAINTEXT://:19001,CONTROLLER://:19002' \
-e KAFKA_ADVERTISED_LISTENERS='PLAINTEXT://172.17.0.1:19001' \
-e KAFKA_CONTROLLER_QUORUM_VOTERS='1@172.17.0.1:19002' \
-e KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1 \
-e KAFKA_MESSAGE_MAX_BYTES=10485760 \
-v ~/workspace-docker/kafka/secrets:/etc/kafka/secrets \
-v ~/workspace-docker/kafka/data:/var/lib/kafka/data \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/cp-kafka:7.6.1
# redpandadata-console
docker pull swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/redpandadata-console:v3.1.3
docker rm -f redpanda
docker run -d --restart unless-stopped --name redpanda \
-p 19003:8080 \
-e KAFKA_BROKERS=172.17.0.1:19001 \
swr.cn-southwest-2.myhuaweicloud.com/ictrek-arm/redpandadata-console:v3.1.3
#
################
最后编辑:2025年09月04日
©著作权归作者所有
评论已关闭