Docker-Compose on Zayn's Bloghttps://blog.treesir.pub/tags/docker-compose/Recent content in Docker-Compose on Zayn's BlogHugo -- gohugo.iozh-cnyangzun@treesir.pub (Zayn)yangzun@treesir.pub (Zayn)2021-2026 ZaynSun, 16 May 2021 18:00:36 +0800使用 Docker Compose 部署 OpenConnect VPN 服务器https://blog.treesir.pub/posts/ocserv-vpn-install/Sat, 15 May 2021 16:20:46 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/ocserv-vpn-install/<h2 class="relative group">环境要求 <div id="环境要求" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e8%a6%81%e6%b1%82" aria-label="锚点">#</a> </span> </h2> <p>本文档基于以下环境进行部署:</p> <ul> <li><strong>Docker Compose</strong>:1.18.0</li> <li><strong>操作系统</strong>:OpenWrt (x86)</li> <li><strong>Docker 版本</strong>:19.03.12</li> <li><strong>Docker 镜像</strong>:<code>yangzun/docker-openconnect-ldap:latest</code></li> </ul> <blockquote> <p><strong>说明</strong>:该镜像基于 <code>morganonbass/ocserv-ldap</code> 进行了修改和优化,解决了原镜像无法正常启动的问题。</p></blockquote> <h2 class="relative group">部署准备 <div id="部署准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%83%a8%e7%bd%b2%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">安装 Docker Compose <div id="安装-docker-compose" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%ae%89%e8%a3%85-docker-compose" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">yum install -y docker-compose </span></span></code></pre></div> <h2 class="relative group">配置部署文件 <div id="配置部署文件" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%85%8d%e7%bd%ae%e9%83%a8%e7%bd%b2%e6%96%87%e4%bb%b6" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">创建项目目录 <div id="创建项目目录" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%88%9b%e5%bb%ba%e9%a1%b9%e7%9b%ae%e7%9b%ae%e5%bd%95" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">mkdir -p /data/docker-compose/openConnect </span></span><span class="line"><span class="cl"><span class="nb">cd</span> /data/docker-compose/openConnect </span></span></code></pre></div> <h2 class="relative group">创建 Docker Compose 配置 <div id="创建-docker-compose-配置" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%88%9b%e5%bb%ba-docker-compose-%e9%85%8d%e7%bd%ae" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">cat &gt; docker-compose.yaml <span class="s">&lt;&lt; EOF </span></span></span><span class="line"><span class="cl"><span class="s">version: &#34;3&#34; </span></span></span><span class="line"><span class="cl"><span class="s">services: </span></span></span><span class="line"><span class="cl"><span class="s"> ocserv: </span></span></span><span class="line"><span class="cl"><span class="s"> container_name: ocserv </span></span></span><span class="line"><span class="cl"><span class="s"> image: yangzun/docker-openconnect-ldap:latest </span></span></span><span class="line"><span class="cl"><span class="s"> ports: </span></span></span><span class="line"><span class="cl"><span class="s"> - &#34;1443:443/tcp&#34; </span></span></span><span class="line"><span class="cl"><span class="s"> - &#34;1443:443/udp&#34; </span></span></span><span class="line"><span class="cl"><span class="s"> environment: </span></span></span><span class="line"><span class="cl"><span class="s"> LISTEN_PORT: 443 </span></span></span><span class="line"><span class="cl"><span class="s"> TUNNEL_MODE: &#39;split-include&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> TUNNEL_ROUTES: &#39;192.168.8.0/24&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> DNS_SERVERS: 192.168.8.1 </span></span></span><span class="line"><span class="cl"><span class="s"> CLIENTNET: 192.168.248.0 </span></span></span><span class="line"><span class="cl"><span class="s"> CLIENTNETMASK: 255.255.255.128 </span></span></span><span class="line"><span class="cl"><span class="s"> BASEDN: &#39;dc=treesir,dc=pub&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> LDAPURI: &#39;ldap://192.168.8.1:389/&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> BINDDN: &#39;cn=admin,dc=treesir,dc=pub&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> BINDPW: &#39;123456&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> SEARCHSCOPE: &#39;ou=users,dc=treesir,dc=pub&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> PAM_LOGIN_ATTRIBUTE: &#39;uid&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> CA_CN: &#39;VPN CA&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> CA_ORG: &#39;OCSERV&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> CA_DAYS: 9999 </span></span></span><span class="line"><span class="cl"><span class="s"> SRV_CN: &#39;nps.treesir.pub&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> SRV_ORG: &#39;Example Company&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> SRV_DAYS: 9999 </span></span></span><span class="line"><span class="cl"><span class="s"> volumes: </span></span></span><span class="line"><span class="cl"><span class="s"> - &#39;./config/:/config/&#39; </span></span></span><span class="line"><span class="cl"><span class="s"> cap_add: </span></span></span><span class="line"><span class="cl"><span class="s"> - NET_ADMIN </span></span></span><span class="line"><span class="cl"><span class="s"> privileged: true </span></span></span><span class="line"><span class="cl"><span class="s"> restart: unless-stopped </span></span></span><span class="line"><span class="cl"><span class="s">EOF</span> </span></span></code></pre></div><blockquote> <p><strong>配置说明</strong>:环境变量的详细说明请参考 <a href="https://hub.docker.com/r/yangzun/docker-openconnect-ldap" target="_blank" >Docker Hub 页面</a>。OpenLDAP 的部署配置请参考 <a href="https://www.treesir.pub/post/docker-deploy-ldap" target="_blank" >LDAP 部署文档</a>。</p>Velero 备份迁移工具安装与配置https://blog.treesir.pub/posts/velero-install/Sun, 16 May 2021 18:00:36 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/velero-install/<h2 class="relative group">环境准备 <div id="环境准备" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e5%87%86%e5%a4%87" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">安装基础依赖 <div id="安装基础依赖" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e5%ae%89%e8%a3%85%e5%9f%ba%e7%a1%80%e4%be%9d%e8%b5%96" aria-label="锚点">#</a> </span> </h2> <p>安装 Docker Compose:</p>Docker 部署 OpenWrt 软路由及宿主机通信配置https://blog.treesir.pub/posts/n1-docker/Sun, 15 Nov 2020 16:09:10 +0800yangzun@treesir.pub (Zayn)https://blog.treesir.pub/posts/n1-docker/<h2 class="relative group">环境配置 <div id="环境配置" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e7%8e%af%e5%a2%83%e9%85%8d%e7%bd%ae" aria-label="锚点">#</a> </span> </h2> <p>本文档基于以下环境配置进行部署:</p> <ul> <li><strong>宿主机 IP</strong>:192.168.8.102</li> <li><strong>OpenWrt 容器 IP</strong>:192.168.8.111 (macvlan 模式)</li> <li><strong>主路由网关</strong>:192.168.8.1</li> <li><strong>网络段</strong>:192.168.8.0/24</li> <li><strong>Docker 镜像</strong>:<code>raymondwong/openwrt_r9:21.2.1-arm64</code></li> <li><strong>操作系统</strong>:ARMBIAN</li> </ul> <h2 class="relative group">部署 OpenWrt 软路由 <div id="部署-openwrt-软路由" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#%e9%83%a8%e7%bd%b2-openwrt-%e8%bd%af%e8%b7%af%e7%94%b1" aria-label="锚点">#</a> </span> </h2> <h2 class="relative group">1. 安装 Docker Compose <div id="1-安装-docker-compose" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#1-%e5%ae%89%e8%a3%85-docker-compose" aria-label="锚点">#</a> </span> </h2> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># Debian/Ubuntu 系统</span> </span></span><span class="line"><span class="cl">apt install -y docker-compose </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="c1"># CentOS/RHEL 系统</span> </span></span><span class="line"><span class="cl">yum install -y docker-compose </span></span></code></pre></div> <h2 class="relative group">2. 创建配置文件 <div id="2-创建配置文件" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100"> <a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#2-%e5%88%9b%e5%bb%ba%e9%85%8d%e7%bd%ae%e6%96%87%e4%bb%b6" aria-label="锚点">#</a> </span> </h2> <p>首先创建工作目录并准备 Docker Compose 配置文件:</p>