柚子快報激活碼778899分享：容器 運(yùn)維 Docker

http://yzkb.51969.com/

目錄

前言一、含義二、Docker架構(gòu)三、安裝Docker3.1 搭建gcc環(huán)境（gcc是編程語言譯器）3.2 安裝需要的軟件包3.3 安裝鏡像倉庫3.4 更新yum軟件包索引3.5 安裝docker引擎3.6 啟動docker3.7 阿里云鏡像加速配置額外：卸載docker

四、Docker常用命令4.1 幫助啟動類命令4.1.1 啟動docker： systemctl start docker4.1.2 停止docker： systemctl stop docker4.1.3 重啟docker： systemctl restart docker4.1.4 查看docker狀態(tài)： systemctl status docker4.1.5 開機(jī)自啟動： systemctl enable docker4.1.6 查看docker概要信息： docker info4.1.7 查看docker總體幫助文檔： docker --help4.1.8 查看docker命令幫助文檔： docker 具體命令 --help

4.2 鏡像命令4.2.1 列出主機(jī)上的所有鏡像：docker images4.2.2 下載鏡像：docker pull4.2.3 查看鏡像/容器/數(shù)據(jù)卷所占的空間 ：docker system df4.2.3 刪除鏡像： docker rmi 鏡像名/鏡像ID4.2.4 查看鏡像詳細(xì)信息： docker inspect 鏡像名/鏡像ID4.2.5 查看私有倉庫指定鏡像所有版本

4.3 容器命令4.3.1 列出當(dāng)前正在運(yùn)行的所有容器：docker ps [OPTIONS]4.3.2 新建\啟動容器： docker run4.3.3 退出容器： exit4.3.4 啟動已停止運(yùn)行的容器：docker start 容器ID或者容器名4.3.5 重啟容器：docker restart 容器ID或者容器名4.3.6 停止容器：docker stop 容器ID或者容器名4.3.7 強(qiáng)制停止容器：docker kill 容器ID或容器名4.3.8 刪除容器：docker rm 容器ID或容器名4.3.9 查看容器日志：docker logs 容器ID/容器名4.3.10 查看容器內(nèi)運(yùn)行的進(jìn)程：docker top 容器ID/容器名4.3.11 查看容器內(nèi)部的細(xì)節(jié)：docker inspect 容器ID/容器名4.3.12 進(jìn)入正在運(yùn)行的容器：docker exec -it 容器ID bashShell4.3.13 從容器內(nèi)的文件拷貝到主機(jī)上：docker cp 容器ID:容器路徑 主機(jī)路徑4.3.14 將容器以壓縮包的形式導(dǎo)出到當(dāng)前路徑下：docker export 容器ID > 壓縮文件名.tar4.3.15 用tar包創(chuàng)建鏡像：cat 文件名.tar | docker import - 鏡像用戶/鏡像名:鏡像版本

五、Docker鏡像5.1 聯(lián)合文件系統(tǒng)（UnionFS）5.2 docker鏡像加載原理5.3 鏡像的特點和優(yōu)點5.4 鏡像的commit命令5.5 遠(yuǎn)程倉庫交互5.5.1 遠(yuǎn)程阿里云倉庫交互5.5.2 遠(yuǎn)程私有倉庫Docker Registry交互

六、Docker容器數(shù)據(jù)卷6.1 含義與特點6.2 容器數(shù)據(jù)卷操作6.2.1 容器伴隨數(shù)據(jù)卷啟動6.2.2 容器和宿主機(jī)之間數(shù)據(jù)共享6.2.3 容器卷ro和rw的讀寫規(guī)則6.2.4 容器卷的繼承

七、常見軟件安裝7.1 Tomcat7.1.1 步驟一：docker hub上面查找tomcat鏡像7.1.2 步驟二：從docker hub上拉取tomcat鏡像到本地7.1.3 步驟三：docker images查看是否有拉取到的tomcat7.1.4 步驟四：使用tomcat鏡像創(chuàng)建容器實例

7.2 Mysql7.2.1 常規(guī)安裝7.2.1.1 步驟一：docker hub上面查找Mysql鏡像7.2.1.2 步驟二：從docker hub上拉取tomcat鏡像到本地7.2.1.3 步驟三：docker images查看是否有拉取到的mysql7.2.1.4 步驟四：使用Mysql鏡像創(chuàng)建容器實例

7.2.2 伴隨容器數(shù)據(jù)卷安裝（重點）7.2.2.1 步驟一、二、三7.2.2.2 步驟四：伴隨數(shù)據(jù)卷創(chuàng)建容器實例

7.3 Redis7.3.1 步驟一：docker hub上面查找Redis鏡像7.3.2 步驟二：docker hub上面拉取Redis鏡7.3.3 步驟三：docker images查看是否有拉取到的redis7.3.3 步驟四：使用Redis鏡像創(chuàng)建容器實例（帶數(shù)據(jù)卷）7.3.3.1 首先：獲取``redis.conf`` 模板7.3.3.2 其次：主機(jī)放置redis.conf文件7.3.3.3 再次：修改redis.conf文件7.3.3.4 最后：啟動容器實例（帶數(shù)據(jù)卷）

八、搭建Mysql主從復(fù)制8.1 拉取mysql鏡像（以8.0.31為例）8.2 創(chuàng)建主節(jié)點MySQL實例對象8.2.1 創(chuàng)建主節(jié)點Mysql實例對象8.2.2 修改主節(jié)點Mysql實例對象配置文件8.2.3 修改完配置后重啟master容器實例8.2.4 進(jìn)入主節(jié)點mysql-master容器實例，進(jìn)入數(shù)據(jù)庫8.2.5 master容器實例內(nèi)創(chuàng)建數(shù)據(jù)同步用戶并授予權(quán)限8.2.6 在主節(jié)點數(shù)據(jù)庫查看主從同步狀態(tài)

8.3 創(chuàng)建從節(jié)點Mysql實例對象8.3.1 創(chuàng)建從節(jié)點Mysql實例對象8.3.2 修改從節(jié)點Mysql實例對象配置文件8.3.3 修改完配置后重啟slave容器實例8.3.4 進(jìn)入從節(jié)點，配置主從復(fù)制8.3.5 開啟從數(shù)據(jù)庫8.3.6 查看主從復(fù)制狀態(tài)

8.4 主從數(shù)據(jù)庫測試8.5 將主從數(shù)據(jù)庫打包成鏡像8.5.1 commit容器為鏡像8.5.2 推送至阿里云鏡像倉庫

九、搭建Redis集群十、Dockerfile10.1 Dockerfile簡介10.2 Dockerfile內(nèi)容基礎(chǔ)知識10.3 Docker執(zhí)行Dockerfile的大致流程10.4 Docker鏡像、容器、Dockerfile10.5 FockerFilie常用保留字指令10.5.1 FROM10.5.2 MAINTAINER10.5.3 RUN10.5.4 EXPOSE10.5.5 WORKDIR10.5.6 USER10.5.7 ENV10.5.8 ADD10.5.9 COPY10.5.10 VOLUME10.5.11 CMD10.5.12 ENTRYPOINT

10.6 Dockerfile啟動命令10.7 使用Dockerfile實現(xiàn)自定義鏡像10.7.1 第一步：主機(jī)創(chuàng)建文件夾，用以存放Dockerfile以及jdk10.6.2 第二步：編輯Dockerfile10.6.3 第三步：啟動Dockerfile，創(chuàng)建鏡像

10.7 虛懸鏡像

十一、Docker網(wǎng)絡(luò)11.1 Docker網(wǎng)絡(luò)是什么11.2 Docker網(wǎng)絡(luò)的相關(guān)命令11.2.1 查看docker網(wǎng)絡(luò)的相關(guān)命令11.2.2 容器設(shè)定網(wǎng)絡(luò)啟動

11.3 Docker網(wǎng)絡(luò)的作用11.4 Docker網(wǎng)絡(luò)模式11.4.1 Docker網(wǎng)絡(luò)模式分類11.4.2 bridge網(wǎng)絡(luò)模式（默認(rèn)）11.4.3 host網(wǎng)絡(luò)模式11.4.4 none網(wǎng)絡(luò)模式11.4.5 container網(wǎng)絡(luò)模式11.4.6 自定義網(wǎng)絡(luò)模式

十二、Docker-compose容器編排12.1 Docker-Compose定義12.2 Docker-Compose作用12.3 Docker-Compose安裝12.4 Docker-Compose常用命令12.5 Docker-Compose核心概念12.6 Docker-Compose使用步驟12.7 使用Compose部署springboot項目

十三、Docker輕量級可視化工具Protainer13.1 Protainer含義13.2 Protainer安裝13.3 Protainer中安裝nginx

十四、部署springboot超詳細(xì)步驟14.1 例子1：主從Mysql+redis14.1.1 觀察項目的application.yml文件14.1.2 搭建Mysql主從以及redis14.1.3 打包springboot項目為鏡像并且啟動容器14.1.3.1 方式一：基于idea一鍵打包（推薦）14.1.3.2 方式二：手動打包(不推薦)

前言

本博客參考b站視頻：b站docker

一、含義

二、Docker架構(gòu)

鏡像和容器的關(guān)系：

鏡像你可以把它看成Java中的類，而容器可以看做是類的實例化對象，容器是由鏡像實例化而來。 一個類可以有多個對象，同理，一個鏡像可以有多個容器。 簡而言之，鏡像是文件，容器是進(jìn)程，容器是基于鏡像創(chuàng)建的，即容器中的進(jìn)程依賴于鏡像中的文件。

三、安裝Docker

官網(wǎng)：https://docs.docker.com/engine/install/centos/

3.1 搭建gcc環(huán)境（gcc是編程語言譯器）

yum -y install gcc

yum -y install gcc-c++

3.2 安裝需要的軟件包

yum install -y yum-utils

3.3 安裝鏡像倉庫

官網(wǎng)上的是

但是因為docker的服務(wù)器是在國外，所以有時候從倉庫中下載鏡像的時候會連接被拒絕或者連接超時的情況，所以可以使用阿里云鏡像倉庫

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

3.4 更新yum軟件包索引

yum makecache fast

3.5 安裝docker引擎

yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin

3.6 啟動docker

systemctl start docker

#開啟自啟動

systemctl enable docker

#查看進(jìn)程

ps -ef | grep docker

#查看版本

docker version

docker run hello-world

3.7 阿里云鏡像加速配置

為了提高鏡像的拉取、發(fā)布的速度，可以配置阿里云鏡像加速 查看加速器地址

sudo mkdir -p /etc/docker

sudo tee /etc/docker/daemon.json <<-'EOF'

{

"registry-mirrors": ["自己的鏡像加速地址"]

}

EOF

sudo systemctl daemon-reload

sudo systemctl restart docker

測試：執(zhí)行docker run hello-world

額外：卸載docker

sudo yum remove docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-ce-rootless-extras

sudo rm -rf /var/lib/docker

sudo rm -rf /var/lib/containerd

四、Docker常用命令

4.1 幫助啟動類命令

4.1.1 啟動docker： systemctl start docker

啟動docker： systemctl start docker

4.1.2 停止docker： systemctl stop docker

停止docker： systemctl stop docker

4.1.3 重啟docker： systemctl restart docker

重啟docker： systemctl restart docker

4.1.4 查看docker狀態(tài)： systemctl status docker

查看docker狀態(tài)： systemctl status docker

4.1.5 開機(jī)自啟動： systemctl enable docker

開機(jī)自啟動： systemctl enable docker

4.1.6 查看docker概要信息： docker info

查看docker概要信息： docker info

4.1.7 查看docker總體幫助文檔： docker --help

查看docker總體幫助文檔： docker --help

4.1.8 查看docker命令幫助文檔： docker 具體命令 --help

查看docker命令幫助文檔： docker 具體命令 --help

4.2 鏡像命令

4.2.1 列出主機(jī)上的所有鏡像：docker images

列出主機(jī)上的所有鏡像：docker images

各個選項說明:

REPOSITORY：表示鏡像的倉庫源

TAG：鏡像的標(biāo)簽版本號

IMAGE ID：鏡像ID

CREATED：鏡像創(chuàng)建時間

SIZE：鏡像大小

同一倉庫源可以有多個 TAG版本，代表這個倉庫源的不同個版本，我們使用 REPOSITORY:TAG 來定義不同的鏡像。

如果你不指定一個鏡像的版本標(biāo)簽，例如你只使用 ubuntu，docker 將默認(rèn)使用 ubuntu:latest 鏡像

OPTIONS說明：

-a :列出本地所有的鏡像（含歷史映像層）

-q :只顯示鏡像ID。

搜索某個鏡像： search 鏡像名

各個選項說明:

NAME：鏡像名稱

DESCRIPTION：鏡像說明

STARS：點贊數(shù)量

OFFICAL：是否是官方的

AUTOMATED：是否是自動構(gòu)建的

OPTIONS說明：

--limit : 只列出N個鏡像，默認(rèn)25個

docker search --limit 5 redis

4.2.2 下載鏡像：docker pull

下載鏡像：

docker pull 鏡像名 不指定版本，默認(rèn)是最新版本

docker pull 鏡像名 [:TAG] 指定鏡像版本

4.2.3 查看鏡像/容器/數(shù)據(jù)卷所占的空間 ：docker system df

查看鏡像/容器/數(shù)據(jù)卷所占的空間 docker system df

各個選項說明:

TYPE：類型（鏡像、容器、數(shù)據(jù)卷）

TOTAL：總數(shù)

SIZE：大小

RECLAIMABLE：伸縮性

4.2.3 刪除鏡像： docker rmi 鏡像名/鏡像ID

刪除鏡像

docker rmi 鏡像名/鏡像ID

強(qiáng)制刪除鏡像

docker rmi -f 鏡像名/鏡像ID

刪除多個鏡像

docker rmi -f 鏡像名1:TAG 鏡像名2:TAG

刪除docker引擎中的全部鏡像

docker rmi -f $(docker images -qa)

4.2.4 查看鏡像詳細(xì)信息： docker inspect 鏡像名/鏡像ID

4.2.5 查看私有倉庫指定鏡像所有版本

查看私有倉庫指定鏡像所有版本

curl -XGET http://私有倉庫主機(jī)ip:端口/v2/鏡像名稱/tags/list

面試題：談?wù)刣ocker虛懸鏡像是什么？ 倉庫名、標(biāo)簽都是的鏡像，俗稱虛懸鏡像dangling image

4.3 容器命令

有鏡像才能創(chuàng)建容器， 這是根本前提(在docker內(nèi)下載一個CentOS或者ubuntu鏡像演示)

4.3.1 列出當(dāng)前正在運(yùn)行的所有容器：docker ps [OPTIONS]

OPTIONS說明（常用）：

-a :列出當(dāng)前所有正在運(yùn)行的容器+歷史上運(yùn)行過的

-l :顯示最近創(chuàng)建的容器。

-n：顯示最近n個創(chuàng)建的容器。

-q :靜默模式，只顯示容器編號。

4.3.2 新建\啟動容器： docker run

新建/啟動容器

docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

啟動交互式容器

docker run -it IMAGE [COMMAND] [ARG...]

新建指定名字的容器

docker run --name=容器名 IMAGE [COMMAND] [ARG...]

為容器開啟守護(hù)進(jìn)程

docker run -d IMAGE [COMMAND] [ARG...]

OPTIONS說明（常用）：有些是一個減號，有些是兩個減號

--name="容器新名字"：為容器指定一個名稱；

-d: 后臺運(yùn)行容器并返回容器ID，也即啟動守護(hù)式容器(后臺運(yùn)行)；

-i：以交互模式運(yùn)行容器，通常與 -t 同時使用；

-t：為容器重新分配一個偽輸入終端，通常與 -i同時使用；也即啟動交互式容器(前臺有偽終端，等待交互)；

-P: 隨機(jī)端口映射，大寫P

-p: 指定端口映射，小寫p

啟動交互式容器（-it表示啟動帶命令行交互的偽終端） docker run -it IMAGE [COMMAND] [ARG...]

docker命令中/bin/bash的作用是：docker中必須要保持一個進(jìn)程的運(yùn)行，要不然整個容器啟動后就會馬上kill itself，這個/bin/bash就表示啟動容器后啟動bash （也可以不加/bin/bash，后臺會默認(rèn)一個腳本）。

新建指定的名字的容器 docker run --name=容器名 IMAGE [COMMAND] [ARG...]

啟動守護(hù)式容器(讓容器在后臺運(yùn)行) docker run -d IMAGE [COMMAND] [ARG...]

在大部分的場景下，我們希望 docker 的服務(wù)是在后臺運(yùn)行的， 我們可以過 -d 指定容器的后臺運(yùn)行模式

在后臺開啟一個容器后，再查詢當(dāng)前運(yùn)行中的容器(docker ps)，發(fā)現(xiàn)并沒有。

很重要的要說明的一點: Docker容器后臺運(yùn)行,就必須有一個前臺進(jìn)程。

這個是docker的機(jī)制問題,比如你的web容器,我們以nginx為例，正常情況下,我們配置啟動服務(wù)只需要啟動響應(yīng)的service即可。例如service nginx start。但是,這樣做,nginx為后臺進(jìn)程模式運(yùn)行,就導(dǎo)致docker前臺沒有運(yùn)行的應(yīng)用，這樣的容器后臺啟動后，會立即自殺因為他覺得他沒事可做了。所以，最佳的解決方案是將你要運(yùn)行的程序以前臺進(jìn)程的形式運(yùn)行，常見就是命令行模式，表示我還有交互操作，別中斷 (也即，使用-it 和-d分別運(yùn)行同一個容器).

4.3.3 退出容器： exit

退出容器，容器停止：

exit

退出容器，容器不停止

快捷鍵ctrl+p+q

4.3.4 啟動已停止運(yùn)行的容器：docker start 容器ID或者容器名

4.3.5 重啟容器：docker restart 容器ID或者容器名

4.3.6 停止容器：docker stop 容器ID或者容器名

4.3.7 強(qiáng)制停止容器：docker kill 容器ID或容器名

4.3.8 刪除容器：docker rm 容器ID或容器名

刪除已停止的容器：

docker rm 容器ID

強(qiáng)制刪除正在運(yùn)行的容器

docker rm -f 容器名/容器ID

一次性刪除多個容器實例

docker rm -f $(docker ps -a -q)

docker ps -a -q | xargs docker rm

4.3.9 查看容器日志：docker logs 容器ID/容器名

4.3.10 查看容器內(nèi)運(yùn)行的進(jìn)程：docker top 容器ID/容器名

4.3.11 查看容器內(nèi)部的細(xì)節(jié)：docker inspect 容器ID/容器名

4.3.12 進(jìn)入正在運(yùn)行的容器：docker exec -it 容器ID bashShell

進(jìn)入正在運(yùn)行的容器并以命令行交互：

方式1（推薦方式）：

docker exec -it 容器ID bashShell

方式2：

docker attach 容器ID

方式1：

方式2：

4.3.13 從容器內(nèi)的文件拷貝到主機(jī)上：docker cp 容器ID:容器路徑 主機(jī)路徑

將容器ubuntu1.0中/opt目錄下的test.txt文件cp到主機(jī)上

4.3.14 將容器以壓縮包的形式導(dǎo)出到當(dāng)前路徑下：docker export 容器ID > 壓縮文件名.tar

4.3.15 用tar包創(chuàng)建鏡像：cat 文件名.tar | docker import - 鏡像用戶/鏡像名:鏡像版本

使用剛剛解壓的鏡像創(chuàng)建一個容器，查看容器中是否有test.txt文件。

五、Docker鏡像

5.1 聯(lián)合文件系統(tǒng)（UnionFS）

UnionFS是一種分層、輕量級并且高性能的文件系統(tǒng)，它支持對文件系統(tǒng)的修改作為一次提交來一層層的疊加，同時可以將不同目錄掛載到同一個虛擬文件系統(tǒng)下，UnionFS是docker鏡像的基礎(chǔ)，鏡像可以通過分層來進(jìn)行繼承，基于基礎(chǔ)鏡像（沒有父鏡像），可以制作各種具體的應(yīng)用鏡像。

特性：一次同時加載多個文件系統(tǒng)，但從外面看起來，只能看到一個文件系統(tǒng)該，聯(lián)合加載會把各層文件系統(tǒng)疊加起來，這樣最終的文件系統(tǒng)會包含所有底層的文件和目錄。

5.2 docker鏡像加載原理

docker的鏡像實際上是由一層層的文件系統(tǒng)組成，這種層級的文件系統(tǒng)就是UnionFS

bootfs（boot文件系統(tǒng)）主要包含bootloader和kernel，bootloader主要是引導(dǎo)加載kernel，Linux剛啟動的時候會加載bootfs文件系統(tǒng)，在docker鏡像的最底層是bootfs。這一層與Linux系統(tǒng)該是一樣的，包含boot加載器和內(nèi)核。當(dāng)boot加載完成后整個內(nèi)核就都在內(nèi)存中了，此時內(nèi)存的使用權(quán)已由bootfs轉(zhuǎn)交給內(nèi)核，此時系統(tǒng)也會卸載bootfs。

rootfs（root文件系統(tǒng)），在bootfs之上，包含的是典型Linux系統(tǒng)中的/dev，/proc，/bin，/etc等標(biāo)準(zhǔn)目錄和文件。rootfs就是各種不同的操作系統(tǒng)該發(fā)行版，如Ubuntu、CentOS等。

對于一個精簡的OS，rootfs可以很小，只需要包括最基本的命令、工具和程序庫就可以了，因為底層直接用Host的kernel，自己只需要提供rootfs就行了。所以對于不同的Linux發(fā)行版，bootfs基本是一致的，rootfs會有差別，因此不同的發(fā)行版可以共用bootfs。

5.3 鏡像的特點和優(yōu)點

特點：

docker鏡像都是只讀的，當(dāng)容器啟動時，一個新的可寫層被加載到鏡像的頂部，這一層通常被稱作“容器層”，“容器層”之下的為“鏡像層”。

優(yōu)點：

使用分層鏡像的優(yōu)點是可以共享資源，比如有多個鏡像都從相同的base鏡像構(gòu)建而來，那么宿主機(jī)上只需要保存一份base鏡像，內(nèi)存中也只需要加載一份base鏡像，就可以為所有容器服務(wù)了。鏡像的每一層都可以被共享。 以pull為例，在下載的過程中可以看到docker的鏡像好像是在一層一層的在下載。

5.4 鏡像的commit命令

docker commit 提交容器副本使之成為一個新的鏡像：

docker commit -m="提交的描述信息" -a="作者" 容器ID 要創(chuàng)建的目標(biāo)鏡像名:[標(biāo)簽名]

例子：自己在原始ubuntu鏡像中下載vim命令后，再commit成為一個新的ubuntu鏡像

原始的ubuntu鏡像僅有72.8mb

根據(jù)此鏡像，創(chuàng)建容器，并且下載vim 將此容器提交，使之成為新的鏡像

docker commit -m="提交的描述信息" -a="作者" 容器ID 要創(chuàng)建的目標(biāo)鏡像名:[標(biāo)簽名]

5.5 遠(yuǎn)程倉庫交互

與遠(yuǎn)程倉庫推送/拉取鏡像流程圖

5.5.1 遠(yuǎn)程阿里云倉庫交互

阿里云官網(wǎng)：https://www.aliyun.com/

步驟一：創(chuàng)建命名空間

步驟二：創(chuàng)建鏡像倉庫

步驟三：推送至阿里云倉庫

使用上圖的腳本，將本地ubuntu1.0推送到自己的阿里云倉庫

$ docker login --username=gaoqiangmath registry.cn-chengdu.aliyuncs.com

$ docker tag [ImageId] registry.cn-chengdu.aliyuncs.com/gq_ynu/ubuntu1.0:[鏡像版本號]

$ docker push registry.cn-chengdu.aliyuncs.com/gq_ynu/ubuntu1.0:[鏡像版本號]

測試：

刪除本地鏡像，從阿里云倉庫中拉取

$ docker pull registry.cn-chengdu.aliyuncs.com/gq_ynu/ubuntu1.0:[鏡像版本號]

5.5.2 遠(yuǎn)程私有倉庫Docker Registry交互

Dockerhub、阿里云這樣的公共鏡像倉庫可能不太方便，涉及機(jī)密的公司不可能提供鏡像給公網(wǎng)，所以需要創(chuàng)建一個本地私人倉庫供給團(tuán)隊使用，基于公司內(nèi)部項目構(gòu)建鏡像。

Docker Registry是官方提供的工具，可以用于構(gòu)建私有鏡像倉庫

六、Docker容器數(shù)據(jù)卷

6.1 含義與特點

含義：

卷就是目錄或文件，存在于一個或多個容器中，由docker掛載到容器，但不屬于聯(lián)合文件系統(tǒng)，因此能夠繞過Union File System提供一些用于持續(xù)存儲或共享數(shù)據(jù)的特性：數(shù)據(jù)卷的設(shè)計目的就是數(shù)據(jù)的持久化，完全獨(dú)立于容器的生存周期，因此Docker不會在容器刪除時刪除其掛載的數(shù)據(jù)卷。

數(shù)據(jù)卷會將docker容器內(nèi)的數(shù)據(jù)保存進(jìn)宿主機(jī)的磁盤中，運(yùn)行一個帶有容器卷存儲功能的容器實例。

特點：

數(shù)據(jù)卷可在容器之間共享或重用數(shù)據(jù)容器和宿主機(jī)之間數(shù)據(jù)共享卷中的更改可以直接實時生效數(shù)據(jù)卷中的更改不會包含在鏡像的更新中數(shù)據(jù)卷的生命周期一直持續(xù)到?jīng)]有容器使用它為止

6.2 容器數(shù)據(jù)卷操作

6.2.1 容器伴隨數(shù)據(jù)卷啟動

#主機(jī)路徑和容器路徑自己設(shè)定，沒有的話，會自動創(chuàng)建

docker run -it --privileged=true -v /宿主機(jī)絕對路徑目錄:/容器內(nèi)目錄 鏡像名

選項解釋：

--privileged=true的作用是允許目錄掛載

-v 是掛載硬盤

查看數(shù)據(jù)卷是否掛載成功：

dokcer inspect 容器id

6.2.2 容器和宿主機(jī)之間數(shù)據(jù)共享

：容器和宿主機(jī)之間數(shù)據(jù)共享

在容器自己設(shè)定的路徑內(nèi)（/opt/docker_data）編輯文件,主機(jī)自己設(shè)定的路徑（/opt/host_data）會跟著同步，反之亦然即使容器停止了，在宿主機(jī)操作數(shù)據(jù)卷，等到容器重新啟動了也能實現(xiàn)數(shù)據(jù)共享

6.2.3 容器卷ro和rw的讀寫規(guī)則

rw：容器卷默認(rèn)，也即可讀寫ro：容器內(nèi)僅可讀，不可寫（主機(jī)可讀寫）

docker run -it --privileged=true -v /宿主機(jī)絕對路徑目錄:/容器內(nèi)目錄:ro --name:容器名 鏡像名

6.2.4 容器卷的繼承

已知第一個容器1：d21d825a96c5 完成和宿主機(jī)的映射

新建一個容器繼承容器1和主機(jī)卷規(guī)則

docker run -it --privileged=true --volumes-from 父類 --name:容器名 鏡像名

七、常見軟件安裝

7.1 Tomcat

說明：由于較新版的tomcat需要刪除容器下/usr/local/tomcat目錄下的webapps文件，并將webapps.dist重命名為webapp。所以推薦下載舊版的tomcat。

步驟：

docker hub上面查找tomcat鏡像（這里采用8.0.53版本）從docker hub上拉取tomcat鏡像到本地docker images查看是否有拉取到的tomcat使用tomcat鏡像創(chuàng)建容器實例

7.1.1 步驟一：docker hub上面查找tomcat鏡像

步驟一：docker hub上面查找tomcat鏡像（這里采用8.0.53版本）

7.1.2 步驟二：從docker hub上拉取tomcat鏡像到本地

步驟二：從docker hub上拉取tomcat鏡像到本地

7.1.3 步驟三：docker images查看是否有拉取到的tomcat

步驟三：docker images查看是否有拉取到的tomcat

7.1.4 步驟四：使用tomcat鏡像創(chuàng)建容器實例

步驟四：使用tomcat鏡像創(chuàng)建容器實例

測試：

7.2 Mysql

7.2.1 常規(guī)安裝

7.2.1.1 步驟一：docker hub上面查找Mysql鏡像

步驟一：docker hub上面查找Mysql鏡像（這里采用8.0.31版本）

7.2.1.2 步驟二：從docker hub上拉取tomcat鏡像到本地

步驟二：從docker hub上拉取tomcat鏡像到本地

docker pull mysql:8.0.31

7.2.1.3 步驟三：docker images查看是否有拉取到的mysql

步驟三：docker images查看是否有拉取到的mysql

7.2.1.4 步驟四：使用Mysql鏡像創(chuàng)建容器實例

步驟四：使用Mysql鏡像創(chuàng)建容器實例

1、首先：創(chuàng)建容器

docker run -p 主機(jī)端口號:容器端口 -e MYSQL_ROOT_PASSWORD=密碼 -d mysql:版本

(注意，需要先看看3306是否被占用，因為有可能主機(jī)自己安裝了mysql) 2、其次：進(jìn)入容器，進(jìn)入mysql

docker exec -it 容器ID bashShell

測試：查看數(shù)據(jù)庫，創(chuàng)建數(shù)據(jù)庫

查看docker容器下mysql的字符集編碼

show variables like 'character%'

3、使用遠(yuǎn)程可視化工具連接測試

首先：

SELECT HOST,USER,PLUGIN FROM mysql.user;

查看紅框內(nèi)是否如下：

若不是，輸入命令：

#修改加密規(guī)則

alter user 'root'@'localhost' identified by 'root' password expire never;

#更新密碼

alter user 'root'@'localhost' identified with mysql_native_password by '123456';

alter user 'root'@'%' identified with mysql_native_password by '123456';

#刷新

flush privileges;

使用sql yog鏈接，成功！

7.2.2 伴隨容器數(shù)據(jù)卷安裝（重點）

? 為了防止數(shù)據(jù)丟失和誤刪問題，采用數(shù)據(jù)卷的形式實現(xiàn)數(shù)據(jù)備份：

7.2.2.1 步驟一、二、三

步驟一、二、三和常規(guī)安裝一樣，

7.2.2.2 步驟四：伴隨數(shù)據(jù)卷創(chuàng)建容器實例

步驟四：伴隨數(shù)據(jù)卷創(chuàng)建容器實例

docker run -d -p 3306:3306 --privileged=true \

-v /opt/mysql/log:/var/log/mysql \

-v /opt/mysql/data:/var/lib/mysql \

-v /opt/mysql/conf:/etc/mysql/conf.d \

-e MYSQL_ROOT_PASSWORD=123456 \

--name mysql \

mysql:8.0.31

測試：

在主機(jī)的配置文件目錄下新建mysql的配置文件my.cnf

設(shè)置mysql字符編碼為utf-8 （mysql8以及以上不需要再配置編碼）

[client]

default_character_set=utf8

[mysqld]

collation_server = utf8_general_ci

character_set_server = utf8

切換到容器內(nèi)，發(fā)現(xiàn)對應(yīng)目錄同步了配置文件

鏈接遠(yuǎn)程sqlyog： 在容器內(nèi)，進(jìn)入mysql，依次輸入：

#修改加密規(guī)則

alter user 'root'@'localhost' identified by 'root' password expire never;

#更新密碼

alter user 'root'@'localhost' identified with mysql_native_password by '123456';

alter user 'root'@'%' identified with mysql_native_password by '123456';

#刷新

flush privileges;

7.3 Redis

7.3.1 步驟一：docker hub上面查找Redis鏡像

7.3.2 步驟二：docker hub上面拉取Redis鏡

（這里拉取redis6.0.8）

7.3.3 步驟三：docker images查看是否有拉取到的redis

7.3.3 步驟四：使用Redis鏡像創(chuàng)建容器實例（帶數(shù)據(jù)卷）

7.3.3.1 首先：獲取redis.conf 模板

首先：獲取redis.conf 模板

Redis配置文件官網(wǎng)：Redis配置文件官網(wǎng)

redis.conf 模板(6.0版本)

# Redis configuration file example.

#

# Note that in order to read the configuration file, Redis must be

# started with the file path as first argument:

#

# ./redis-server /path/to/redis.conf

# Note on units: when memory size is needed, it is possible to specify

# it in the usual form of 1k 5GB 4M and so forth:

#

# 1k => 1000 bytes

# 1kb => 1024 bytes

# 1m => 1000000 bytes

# 1mb => 1024*1024 bytes

# 1g => 1000000000 bytes

# 1gb => 1024*1024*1024 bytes

#

# units are case insensitive so 1GB 1Gb 1gB are all the same.

################################## INCLUDES ###################################

# Include one or more other config files here. This is useful if you

# have a standard template that goes to all Redis servers but also need

# to customize a few per-server settings. Include files can include

# other files, so use this wisely.

#

# Note that option "include" won't be rewritten by command "CONFIG REWRITE"

# from admin or Redis Sentinel. Since Redis always uses the last processed

# line as value of a configuration directive, you'd better put includes

# at the beginning of this file to avoid overwriting config change at runtime.

#

# If instead you are interested in using includes to override configuration

# options, it is better to use include as the last line.

#

# include /path/to/local.conf

# include /path/to/other.conf

################################## MODULES #####################################

# Load modules at startup. If the server is not able to load modules

# it will abort. It is possible to use multiple loadmodule directives.

#

# loadmodule /path/to/my_module.so

# loadmodule /path/to/other_module.so

################################## NETWORK #####################################

# By default, if no "bind" configuration directive is specified, Redis listens

# for connections from all available network interfaces on the host machine.

# It is possible to listen to just one or multiple selected interfaces using

# the "bind" configuration directive, followed by one or more IP addresses.

#

# Examples:

#

# bind 192.168.1.100 10.0.0.1

# bind 127.0.0.1 ::1

#

# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the

# internet, binding to all the interfaces is dangerous and will expose the

# instance to everybody on the internet. So by default we uncomment the

# following bind directive, that will force Redis to listen only on the

# IPv4 loopback interface address (this means Redis will only be able to

# accept client connections from the same host that it is running on).

#

# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES

# JUST COMMENT OUT THE FOLLOWING LINE.

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

bind 127.0.0.1

# Protected mode is a layer of security protection, in order to avoid that

# Redis instances left open on the internet are accessed and exploited.

#

# When protected mode is on and if:

#

# 1) The server is not binding explicitly to a set of addresses using the

# "bind" directive.

# 2) No password is configured.

#

# The server only accepts connections from clients connecting from the

# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain

# sockets.

#

# By default protected mode is enabled. You should disable it only if

# you are sure you want clients from other hosts to connect to Redis

# even if no authentication is configured, nor a specific set of interfaces

# are explicitly listed using the "bind" directive.

protected-mode yes

# Accept connections on the specified port, default is 6379 (IANA #815344).

# If port 0 is specified Redis will not listen on a TCP socket.

port 6379

# TCP listen() backlog.

#

# In high requests-per-second environments you need a high backlog in order

# to avoid slow clients connection issues. Note that the Linux kernel

# will silently truncate it to the value of /proc/sys/net/core/somaxconn so

# make sure to raise both the value of somaxconn and tcp_max_syn_backlog

# in order to get the desired effect.

tcp-backlog 511

# Unix socket.

#

# Specify the path for the Unix socket that will be used to listen for

# incoming connections. There is no default, so Redis will not listen

# on a unix socket when not specified.

#

# unixsocket /tmp/redis.sock

# unixsocketperm 700

# Close the connection after a client is idle for N seconds (0 to disable)

timeout 0

# TCP keepalive.

#

# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence

# of communication. This is useful for two reasons:

#

# 1) Detect dead peers.

# 2) Force network equipment in the middle to consider the connection to be

# alive.

#

# On Linux, the specified value (in seconds) is the period used to send ACKs.

# Note that to close the connection the double of the time is needed.

# On other kernels the period depends on the kernel configuration.

#

# A reasonable value for this option is 300 seconds, which is the new

# Redis default starting with Redis 3.2.1.

tcp-keepalive 300

################################# TLS/SSL #####################################

# By default, TLS/SSL is disabled. To enable it, the "tls-port" configuration

# directive can be used to define TLS-listening ports. To enable TLS on the

# default port, use:

#

# port 0

# tls-port 6379

# Configure a X.509 certificate and private key to use for authenticating the

# server to connected clients, masters or cluster peers. These files should be

# PEM formatted.

#

# tls-cert-file redis.crt

# tls-key-file redis.key

# Configure a DH parameters file to enable Diffie-Hellman (DH) key exchange:

#

# tls-dh-params-file redis.dh

# Configure a CA certificate(s) bundle or directory to authenticate TLS/SSL

# clients and peers. Redis requires an explicit configuration of at least one

# of these, and will not implicitly use the system wide configuration.

#

# tls-ca-cert-file ca.crt

# tls-ca-cert-dir /etc/ssl/certs

# By default, clients (including replica servers) on a TLS port are required

# to authenticate using valid client side certificates.

#

# If "no" is specified, client certificates are not required and not accepted.

# If "optional" is specified, client certificates are accepted and must be

# valid if provided, but are not required.

#

# tls-auth-clients no

# tls-auth-clients optional

# By default, a Redis replica does not attempt to establish a TLS connection

# with its master.

#

# Use the following directive to enable TLS on replication links.

#

# tls-replication yes

# By default, the Redis Cluster bus uses a plain TCP connection. To enable

# TLS for the bus protocol, use the following directive:

#

# tls-cluster yes

# Explicitly specify TLS versions to support. Allowed values are case insensitive

# and include "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" (OpenSSL >= 1.1.1) or

# any combination. To enable only TLSv1.2 and TLSv1.3, use:

#

# tls-protocols "TLSv1.2 TLSv1.3"

# Configure allowed ciphers. See the ciphers(1ssl) manpage for more information

# about the syntax of this string.

#

# Note: this configuration applies only to <= TLSv1.2.

#

# tls-ciphers DEFAULT:!MEDIUM

# Configure allowed TLSv1.3 ciphersuites. See the ciphers(1ssl) manpage for more

# information about the syntax of this string, and specifically for TLSv1.3

# ciphersuites.

#

# tls-ciphersuites TLS_CHACHA20_POLY1305_SHA256

# When choosing a cipher, use the server's preference instead of the client

# preference. By default, the server follows the client's preference.

#

# tls-prefer-server-ciphers yes

# By default, TLS session caching is enabled to allow faster and less expensive

# reconnections by clients that support it. Use the following directive to disable

# caching.

#

# tls-session-caching no

# Change the default number of TLS sessions cached. A zero value sets the cache

# to unlimited size. The default size is 20480.

#

# tls-session-cache-size 5000

# Change the default timeout of cached TLS sessions. The default timeout is 300

# seconds.

#

# tls-session-cache-timeout 60

################################# GENERAL #####################################

# By default Redis does not run as a daemon. Use 'yes' if you need it.

# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.

daemonize no

# If you run Redis from upstart or systemd, Redis can interact with your

# supervision tree. Options:

# supervised no - no supervision interaction

# supervised upstart - signal upstart by putting Redis into SIGSTOP mode

# requires "expect stop" in your upstart job config

# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET

# supervised auto - detect upstart or systemd method based on

# UPSTART_JOB or NOTIFY_SOCKET environment variables

# Note: these supervision methods only signal "process is ready."

# They do not enable continuous pings back to your supervisor.

supervised no

# If a pid file is specified, Redis writes it where specified at startup

# and removes it at exit.

#

# When the server runs non daemonized, no pid file is created if none is

# specified in the configuration. When the server is daemonized, the pid file

# is used even if not specified, defaulting to "/var/run/redis.pid".

#

# Creating a pid file is best effort: if Redis is not able to create it

# nothing bad happens, the server will start and run normally.

pidfile /var/run/redis_6379.pid

# Specify the server verbosity level.

# This can be one of:

# debug (a lot of information, useful for development/testing)

# verbose (many rarely useful info, but not a mess like the debug level)

# notice (moderately verbose, what you want in production probably)

# warning (only very important / critical messages are logged)

loglevel notice

# Specify the log file name. Also the empty string can be used to force

# Redis to log on the standard output. Note that if you use standard

# output for logging but daemonize, logs will be sent to /dev/null

logfile ""

# To enable logging to the system logger, just set 'syslog-enabled' to yes,

# and optionally update the other syslog parameters to suit your needs.

# syslog-enabled no

# Specify the syslog identity.

# syslog-ident redis

# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.

# syslog-facility local0

# Set the number of databases. The default database is DB 0, you can select

# a different one on a per-connection basis using SELECT where

# dbid is a number between 0 and 'databases'-1

databases 16

# By default Redis shows an ASCII art logo only when started to log to the

# standard output and if the standard output is a TTY. Basically this means

# that normally a logo is displayed only in interactive sessions.

#

# However it is possible to force the pre-4.0 behavior and always show a

# ASCII art logo in startup logs by setting the following option to yes.

always-show-logo yes

################################ SNAPSHOTTING ################################

#

# Save the DB on disk:

#

# save

#

# Will save the DB if both the given number of seconds and the given

# number of write operations against the DB occurred.

#

# In the example below the behavior will be to save:

# after 900 sec (15 min) if at least 1 key changed

# after 300 sec (5 min) if at least 10 keys changed

# after 60 sec if at least 10000 keys changed

#

# Note: you can disable saving completely by commenting out all "save" lines.

#

# It is also possible to remove all the previously configured save

# points by adding a save directive with a single empty string argument

# like in the following example:

#

# save ""

save 900 1

save 300 10

save 60 10000

# By default Redis will stop accepting writes if RDB snapshots are enabled

# (at least one save point) and the latest background save failed.

# This will make the user aware (in a hard way) that data is not persisting

# on disk properly, otherwise chances are that no one will notice and some

# disaster will happen.

#

# If the background saving process will start working again Redis will

# automatically allow writes again.

#

# However if you have setup your proper monitoring of the Redis server

# and persistence, you may want to disable this feature so that Redis will

# continue to work as usual even if there are problems with disk,

# permissions, and so forth.

stop-writes-on-bgsave-error yes

# Compress string objects using LZF when dump .rdb databases?

# By default compression is enabled as it's almost always a win.

# If you want to save some CPU in the saving child set it to 'no' but

# the dataset will likely be bigger if you have compressible values or keys.

rdbcompression yes

# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.

# This makes the format more resistant to corruption but there is a performance

# hit to pay (around 10%) when saving and loading RDB files, so you can disable it

# for maximum performances.

#

# RDB files created with checksum disabled have a checksum of zero that will

# tell the loading code to skip the check.

rdbchecksum yes

# The filename where to dump the DB

dbfilename dump.rdb

# Remove RDB files used by replication in instances without persistence

# enabled. By default this option is disabled, however there are environments

# where for regulations or other security concerns, RDB files persisted on

# disk by masters in order to feed replicas, or stored on disk by replicas

# in order to load them for the initial synchronization, should be deleted

# ASAP. Note that this option ONLY WORKS in instances that have both AOF

# and RDB persistence disabled, otherwise is completely ignored.

#

# An alternative (and sometimes better) way to obtain the same effect is

# to use diskless replication on both master and replicas instances. However

# in the case of replicas, diskless is not always an option.

rdb-del-sync-files no

# The working directory.

#

# The DB will be written inside this directory, with the filename specified

# above using the 'dbfilename' configuration directive.

#

# The Append Only File will also be created inside this directory.

#

# Note that you must specify a directory here, not a file name.

dir ./

################################# REPLICATION #################################

# Master-Replica replication. Use replicaof to make a Redis instance a copy of

# another Redis server. A few things to understand ASAP about Redis replication.

#

# +------------------+ +---------------+

# | Master | ---> | Replica |

# | (receive writes) | | (exact copy) |

# +------------------+ +---------------+

#

# 1) Redis replication is asynchronous, but you can configure a master to

# stop accepting writes if it appears to be not connected with at least

# a given number of replicas.

# 2) Redis replicas are able to perform a partial resynchronization with the

# master if the replication link is lost for a relatively small amount of

# time. You may want to configure the replication backlog size (see the next

# sections of this file) with a sensible value depending on your needs.

# 3) Replication is automatic and does not need user intervention. After a

# network partition replicas automatically try to reconnect to masters

# and resynchronize with them.

#

# replicaof

# If the master is password protected (using the "requirepass" configuration

# directive below) it is possible to tell the replica to authenticate before

# starting the replication synchronization process, otherwise the master will

# refuse the replica request.

#

# masterauth

#

# However this is not enough if you are using Redis ACLs (for Redis version

# 6 or greater), and the default user is not capable of running the PSYNC

# command and/or other commands needed for replication. In this case it's

# better to configure a special user to use with replication, and specify the

# masteruser configuration as such:

#

# masteruser

#

# When masteruser is specified, the replica will authenticate against its

# master using the new AUTH form: AUTH .

# When a replica loses its connection with the master, or when the replication

# is still in progress, the replica can act in two different ways:

#

# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will

# still reply to client requests, possibly with out of date data, or the

# data set may just be empty if this is the first synchronization.

#

# 2) If replica-serve-stale-data is set to 'no' the replica will reply with

# an error "SYNC with master in progress" to all commands except:

# INFO, REPLICAOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG, SUBSCRIBE,

# UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB, COMMAND, POST,

# HOST and LATENCY.

#

replica-serve-stale-data yes

# You can configure a replica instance to accept writes or not. Writing against

# a replica instance may be useful to store some ephemeral data (because data

# written on a replica will be easily deleted after resync with the master) but

# may also cause problems if clients are writing to it because of a

# misconfiguration.

#

# Since Redis 2.6 by default replicas are read-only.

#

# Note: read only replicas are not designed to be exposed to untrusted clients

# on the internet. It's just a protection layer against misuse of the instance.

# Still a read only replica exports by default all the administrative commands

# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve

# security of read only replicas using 'rename-command' to shadow all the

# administrative / dangerous commands.

replica-read-only yes

# Replication SYNC strategy: disk or socket.

#

# New replicas and reconnecting replicas that are not able to continue the

# replication process just receiving differences, need to do what is called a

# "full synchronization". An RDB file is transmitted from the master to the

# replicas.

#

# The transmission can happen in two different ways:

#

# 1) Disk-backed: The Redis master creates a new process that writes the RDB

# file on disk. Later the file is transferred by the parent

# process to the replicas incrementally.

# 2) Diskless: The Redis master creates a new process that directly writes the

# RDB file to replica sockets, without touching the disk at all.

#

# With disk-backed replication, while the RDB file is generated, more replicas

# can be queued and served with the RDB file as soon as the current child

# producing the RDB file finishes its work. With diskless replication instead

# once the transfer starts, new replicas arriving will be queued and a new

# transfer will start when the current one terminates.

#

# When diskless replication is used, the master waits a configurable amount of

# time (in seconds) before starting the transfer in the hope that multiple

# replicas will arrive and the transfer can be parallelized.

#

# With slow disks and fast (large bandwidth) networks, diskless replication

# works better.

repl-diskless-sync no

# When diskless replication is enabled, it is possible to configure the delay

# the server waits in order to spawn the child that transfers the RDB via socket

# to the replicas.

#

# This is important since once the transfer starts, it is not possible to serve

# new replicas arriving, that will be queued for the next RDB transfer, so the

# server waits a delay in order to let more replicas arrive.

#

# The delay is specified in seconds, and by default is 5 seconds. To disable

# it entirely just set it to 0 seconds and the transfer will start ASAP.

repl-diskless-sync-delay 5

# -----------------------------------------------------------------------------

# WARNING: RDB diskless load is experimental. Since in this setup the replica

# does not immediately store an RDB on disk, it may cause data loss during

# failovers. RDB diskless load + Redis modules not handling I/O reads may also

# cause Redis to abort in case of I/O errors during the initial synchronization

# stage with the master. Use only if your do what you are doing.

# -----------------------------------------------------------------------------

#

# Replica can load the RDB it reads from the replication link directly from the

# socket, or store the RDB to a file and read that file after it was completely

# received from the master.

#

# In many cases the disk is slower than the network, and storing and loading

# the RDB file may increase replication time (and even increase the master's

# Copy on Write memory and salve buffers).

# However, parsing the RDB file directly from the socket may mean that we have

# to flush the contents of the current database before the full rdb was

# received. For this reason we have the following options:

#

# "disabled" - Don't use diskless load (store the rdb file to the disk first)

# "on-empty-db" - Use diskless load only when it is completely safe.

# "swapdb" - Keep a copy of the current db contents in RAM while parsing

# the data directly from the socket. note that this requires

# sufficient memory, if you don't have it, you risk an OOM kill.

repl-diskless-load disabled

# Replicas send PINGs to server in a predefined interval. It's possible to

# change this interval with the repl_ping_replica_period option. The default

# value is 10 seconds.

#

# repl-ping-replica-period 10

# The following option sets the replication timeout for:

#

# 1) Bulk transfer I/O during SYNC, from the point of view of replica.

# 2) Master timeout from the point of view of replicas (data, pings).

# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).

#

# It is important to make sure that this value is greater than the value

# specified for repl-ping-replica-period otherwise a timeout will be detected

# every time there is low traffic between the master and the replica. The default

# value is 60 seconds.

#

# repl-timeout 60

# Disable TCP_NODELAY on the replica socket after SYNC?

#

# If you select "yes" Redis will use a smaller number of TCP packets and

# less bandwidth to send data to replicas. But this can add a delay for

# the data to appear on the replica side, up to 40 milliseconds with

# Linux kernels using a default configuration.

#

# If you select "no" the delay for data to appear on the replica side will

# be reduced but more bandwidth will be used for replication.

#

# By default we optimize for low latency, but in very high traffic conditions

# or when the master and replicas are many hops away, turning this to "yes" may

# be a good idea.

repl-disable-tcp-nodelay no

# Set the replication backlog size. The backlog is a buffer that accumulates

# replica data when replicas are disconnected for some time, so that when a

# replica wants to reconnect again, often a full resync is not needed, but a

# partial resync is enough, just passing the portion of data the replica

# missed while disconnected.

#

# The bigger the replication backlog, the longer the replica can endure the

# disconnect and later be able to perform a partial resynchronization.

#

# The backlog is only allocated if there is at least one replica connected.

#

# repl-backlog-size 1mb

# After a master has no connected replicas for some time, the backlog will be

# freed. The following option configures the amount of seconds that need to

# elapse, starting from the time the last replica disconnected, for the backlog

# buffer to be freed.

#

# Note that replicas never free the backlog for timeout, since they may be

# promoted to masters later, and should be able to correctly "partially

# resynchronize" with other replicas: hence they should always accumulate backlog.

#

# A value of 0 means to never release the backlog.

#

# repl-backlog-ttl 3600

# The replica priority is an integer number published by Redis in the INFO

# output. It is used by Redis Sentinel in order to select a replica to promote

# into a master if the master is no longer working correctly.

#

# A replica with a low priority number is considered better for promotion, so

# for instance if there are three replicas with priority 10, 100, 25 Sentinel

# will pick the one with priority 10, that is the lowest.

#

# However a special priority of 0 marks the replica as not able to perform the

# role of master, so a replica with priority of 0 will never be selected by

# Redis Sentinel for promotion.

#

# By default the priority is 100.

replica-priority 100

# It is possible for a master to stop accepting writes if there are less than

# N replicas connected, having a lag less or equal than M seconds.

#

# The N replicas need to be in "online" state.

#

# The lag in seconds, that must be <= the specified value, is calculated from

# the last ping received from the replica, that is usually sent every second.

#

# This option does not GUARANTEE that N replicas will accept the write, but

# will limit the window of exposure for lost writes in case not enough replicas

# are available, to the specified number of seconds.

#

# For example to require at least 3 replicas with a lag <= 10 seconds use:

#

# min-replicas-to-write 3

# min-replicas-max-lag 10

#

# Setting one or the other to 0 disables the feature.

#

# By default min-replicas-to-write is set to 0 (feature disabled) and

# min-replicas-max-lag is set to 10.

# A Redis master is able to list the address and port of the attached

# replicas in different ways. For example the "INFO replication" section

# offers this information, which is used, among other tools, by

# Redis Sentinel in order to discover replica instances.

# Another place where this info is available is in the output of the

# "ROLE" command of a master.

#

# The listed IP address and port normally reported by a replica is

# obtained in the following way:

#

# IP: The address is auto detected by checking the peer address

# of the socket used by the replica to connect with the master.

#

# Port: The port is communicated by the replica during the replication

# handshake, and is normally the port that the replica is using to

# listen for connections.

#

# However when port forwarding or Network Address Translation (NAT) is

# used, the replica may actually be reachable via different IP and port

# pairs. The following two options can be used by a replica in order to

# report to its master a specific set of IP and port, so that both INFO

# and ROLE will report those values.

#

# There is no need to use both the options if you need to override just

# the port or the IP address.

#

# replica-announce-ip 5.5.5.5

# replica-announce-port 1234

############################### KEYS TRACKING #################################

# Redis implements server assisted support for client side caching of values.

# This is implemented using an invalidation table that remembers, using

# 16 millions of slots, what clients may have certain subsets of keys. In turn

# this is used in order to send invalidation messages to clients. Please

# check this page to understand more about the feature:

#

# https://redis.io/topics/client-side-caching

#

# When tracking is enabled for a client, all the read only queries are assumed

# to be cached: this will force Redis to store information in the invalidation

# table. When keys are modified, such information is flushed away, and

# invalidation messages are sent to the clients. However if the workload is

# heavily dominated by reads, Redis could use more and more memory in order

# to track the keys fetched by many clients.

#

# For this reason it is possible to configure a maximum fill value for the

# invalidation table. By default it is set to 1M of keys, and once this limit

# is reached, Redis will start to evict keys in the invalidation table

# even if they were not modified, just to reclaim memory: this will in turn

# force the clients to invalidate the cached values. Basically the table

# maximum size is a trade off between the memory you want to spend server

# side to track information about who cached what, and the ability of clients

# to retain cached objects in memory.

#

# If you set the value to 0, it means there are no limits, and Redis will

# retain as many keys as needed in the invalidation table.

# In the "stats" INFO section, you can find information about the number of

# keys in the invalidation table at every given moment.

#

# Note: when key tracking is used in broadcasting mode, no memory is used

# in the server side so this setting is useless.

#

# tracking-table-max-keys 1000000

################################## SECURITY ###################################

# Warning: since Redis is pretty fast, an outside user can try up to

# 1 million passwords per second against a modern box. This means that you

# should use very strong passwords, otherwise they will be very easy to break.

# Note that because the password is really a shared secret between the client

# and the server, and should not be memorized by any human, the password

# can be easily a long string from /dev/urandom or whatever, so by using a

# long and unguessable password no brute force attack will be possible.

# Redis ACL users are defined in the following format:

#

# user ... acl rules ...

#

# For example:

#

# user worker +@list +@connection ~jobs:* on >ffa9203c493aa99

#

# The special username "default" is used for new connections. If this user

# has the "nopass" rule, then new connections will be immediately authenticated

# as the "default" user without the need of any password provided via the

# AUTH command. Otherwise if the "default" user is not flagged with "nopass"

# the connections will start in not authenticated state, and will require

# AUTH (or the HELLO command AUTH option) in order to be authenticated and

# start to work.

#

# The ACL rules that describe what a user can do are the following:

#

# on Enable the user: it is possible to authenticate as this user.

# off Disable the user: it's no longer possible to authenticate

# with this user, however the already authenticated connections

# will still work.

# + Allow the execution of that command

# - Disallow the execution of that command

# +@ Allow the execution of all the commands in such category

# with valid categories are like @admin, @set, @sortedset, ...

# and so forth, see the full list in the server.c file where

# the Redis command table is described and defined.

# The special category @all means all the commands, but currently

# present in the server, and that will be loaded in the future

# via modules.

# +|subcommand Allow a specific subcommand of an otherwise

# disabled command. Note that this form is not

# allowed as negative like -DEBUG|SEGFAULT, but

# only additive starting with "+".

# allcommands Alias for +@all. Note that it implies the ability to execute

# all the future commands loaded via the modules system.

# nocommands Alias for -@all.

# ~ Add a pattern of keys that can be mentioned as part of

# commands. For instance ~* allows all the keys. The pattern

# is a glob-style pattern like the one of KEYS.

# It is possible to specify multiple patterns.

# allkeys Alias for ~*

# resetkeys Flush the list of allowed keys patterns.

# > Add this password to the list of valid password for the user.

# For example >mypass will add "mypass" to the list.

# This directive clears the "nopass" flag (see later).

# < Remove this password from the list of valid passwords.

# nopass All the set passwords of the user are removed, and the user

# is flagged as requiring no password: it means that every

# password will work against this user. If this directive is

# used for the default user, every new connection will be

# immediately authenticated with the default user without

# any explicit AUTH command required. Note that the "resetpass"

# directive will clear this condition.

# resetpass Flush the list of allowed passwords. Moreover removes the

# "nopass" status. After "resetpass" the user has no associated

# passwords and there is no way to authenticate without adding

# some password (or setting it as "nopass" later).

# reset Performs the following actions: resetpass, resetkeys, off,

# -@all. The user returns to the same state it has immediately

# after its creation.

#

# ACL rules can be specified in any order: for instance you can start with

# passwords, then flags, or key patterns. However note that the additive

# and subtractive rules will CHANGE MEANING depending on the ordering.

# For instance see the following example:

#

# user alice on +@all -DEBUG ~* >somepassword

#

# This will allow "alice" to use all the commands with the exception of the

# DEBUG command, since +@all added all the commands to the set of the commands

# alice can use, and later DEBUG was removed. However if we invert the order

# of two ACL rules the result will be different:

#

# user alice on -DEBUG +@all ~* >somepassword

#

# Now DEBUG was removed when alice had yet no commands in the set of allowed

# commands, later all the commands are added, so the user will be able to

# execute everything.

#

# Basically ACL rules are processed left-to-right.

#

# For more information about ACL configuration please refer to

# the Redis web site at https://redis.io/topics/acl

# ACL LOG

#

# The ACL Log tracks failed commands and authentication events associated

# with ACLs. The ACL Log is useful to troubleshoot failed commands blocked

# by ACLs. The ACL Log is stored in memory. You can reclaim memory with

# ACL LOG RESET. Define the maximum entry length of the ACL Log below.

acllog-max-len 128

# Using an external ACL file

#

# Instead of configuring users here in this file, it is possible to use

# a stand-alone file just listing users. The two methods cannot be mixed:

# if you configure users here and at the same time you activate the external

# ACL file, the server will refuse to start.

#

# The format of the external ACL user file is exactly the same as the

# format that is used inside redis.conf to describe users.

#

# aclfile /etc/redis/users.acl

# IMPORTANT NOTE: starting with Redis 6 "requirepass" is just a compatibility

# layer on top of the new ACL system. The option effect will be just setting

# the password for the default user. Clients will still authenticate using

# AUTH as usually, or more explicitly with AUTH default

# if they follow the new protocol: both will work.

#

# requirepass foobared

# Command renaming (DEPRECATED).

#

# ------------------------------------------------------------------------

# WARNING: avoid using this option if possible. Instead use ACLs to remove

# commands from the default user, and put them only in some admin user you

# create for administrative purposes.

# ------------------------------------------------------------------------

#

# It is possible to change the name of dangerous commands in a shared

# environment. For instance the CONFIG command may be renamed into something

# hard to guess so that it will still be available for internal-use tools

# but not available for general clients.

#

# Example:

#

# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52

#

# It is also possible to completely kill a command by renaming it into

# an empty string:

#

# rename-command CONFIG ""

#

# Please note that changing the name of commands that are logged into the

# AOF file or transmitted to replicas may cause problems.

################################### CLIENTS ####################################

# Set the max number of connected clients at the same time. By default

# this limit is set to 10000 clients, however if the Redis server is not

# able to configure the process file limit to allow for the specified limit

# the max number of allowed clients is set to the current file limit

# minus 32 (as Redis reserves a few file descriptors for internal uses).

#

# Once the limit is reached Redis will close all the new connections sending

# an error 'max number of clients reached'.

#

# IMPORTANT: When Redis Cluster is used, the max number of connections is also

# shared with the cluster bus: every node in the cluster will use two

# connections, one incoming and another outgoing. It is important to size the

# limit accordingly in case of very large clusters.

#

# maxclients 10000

############################## MEMORY MANAGEMENT ################################

# Set a memory usage limit to the specified amount of bytes.

# When the memory limit is reached Redis will try to remove keys

# according to the eviction policy selected (see maxmemory-policy).

#

# If Redis can't remove keys according to the policy, or if the policy is

# set to 'noeviction', Redis will start to reply with errors to commands

# that would use more memory, like SET, LPUSH, and so on, and will continue

# to reply to read-only commands like GET.

#

# This option is usually useful when using Redis as an LRU or LFU cache, or to

# set a hard memory limit for an instance (using the 'noeviction' policy).

#

# WARNING: If you have replicas attached to an instance with maxmemory on,

# the size of the output buffers needed to feed the replicas are subtracted

# from the used memory count, so that network problems / resyncs will

# not trigger a loop where keys are evicted, and in turn the output

# buffer of replicas is full with DELs of keys evicted triggering the deletion

# of more keys, and so forth until the database is completely emptied.

#

# In short... if you have replicas attached it is suggested that you set a lower

# limit for maxmemory so that there is some free RAM on the system for replica

# output buffers (but this is not needed if the policy is 'noeviction').

#

# maxmemory

# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory

# is reached. You can select one from the following behaviors:

#

# volatile-lru -> Evict using approximated LRU, only keys with an expire set.

# allkeys-lru -> Evict any key using approximated LRU.

# volatile-lfu -> Evict using approximated LFU, only keys with an expire set.

# allkeys-lfu -> Evict any key using approximated LFU.

# volatile-random -> Remove a random key having an expire set.

# allkeys-random -> Remove a random key, any key.

# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)

# noeviction -> Don't evict anything, just return an error on write operations.

#

# LRU means Least Recently Used

# LFU means Least Frequently Used

#

# Both LRU, LFU and volatile-ttl are implemented using approximated

# randomized algorithms.

#

# Note: with any of the above policies, Redis will return an error on write

# operations, when there are no suitable keys for eviction.

#

# At the date of writing these commands are: set setnx setex append

# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd

# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby

# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby

# getset mset msetnx exec sort

#

# The default is:

#

# maxmemory-policy noeviction

# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated

# algorithms (in order to save memory), so you can tune it for speed or

# accuracy. By default Redis will check five keys and pick the one that was

# used least recently, you can change the sample size using the following

# configuration directive.

#

# The default of 5 produces good enough results. 10 Approximates very closely

# true LRU but costs more CPU. 3 is faster but not very accurate.

#

# maxmemory-samples 5

# Starting from Redis 5, by default a replica will ignore its maxmemory setting

# (unless it is promoted to master after a failover or manually). It means

# that the eviction of keys will be just handled by the master, sending the

# DEL commands to the replica as keys evict in the master side.

#

# This behavior ensures that masters and replicas stay consistent, and is usually

# what you want, however if your replica is writable, or you want the replica

# to have a different memory setting, and you are sure all the writes performed

# to the replica are idempotent, then you may change this default (but be sure

# to understand what you are doing).

#

# Note that since the replica by default does not evict, it may end using more

# memory than the one set via maxmemory (there are certain buffers that may

# be larger on the replica, or data structures may sometimes take more memory

# and so forth). So make sure you monitor your replicas and make sure they

# have enough memory to never hit a real out-of-memory condition before the

# master hits the configured maxmemory setting.

#

# replica-ignore-maxmemory yes

# Redis reclaims expired keys in two ways: upon access when those keys are

# found to be expired, and also in background, in what is called the

# "active expire key". The key space is slowly and interactively scanned

# looking for expired keys to reclaim, so that it is possible to free memory

# of keys that are expired and will never be accessed again in a short time.

#

# The default effort of the expire cycle will try to avoid having more than

# ten percent of expired keys still in memory, and will try to avoid consuming

# more than 25% of total memory and to add latency to the system. However

# it is possible to increase the expire "effort" that is normally set to

# "1", to a greater value, up to the value "10". At its maximum value the

# system will use more CPU, longer cycles (and technically may introduce

# more latency), and will tolerate less already expired keys still present

# in the system. It's a tradeoff between memory, CPU and latency.

#

# active-expire-effort 1

############################# LAZY FREEING ####################################

# Redis has two primitives to delete keys. One is called DEL and is a blocking

# deletion of the object. It means that the server stops processing new commands

# in order to reclaim all the memory associated with an object in a synchronous

# way. If the key deleted is associated with a small object, the time needed

# in order to execute the DEL command is very small and comparable to most other

# O(1) or O(log_N) commands in Redis. However if the key is associated with an

# aggregated value containing millions of elements, the server can block for

# a long time (even seconds) in order to complete the operation.

#

# For the above reasons Redis also offers non blocking deletion primitives

# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and

# FLUSHDB commands, in order to reclaim memory in background. Those commands

# are executed in constant time. Another thread will incrementally free the

# object in the background as fast as possible.

#

# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.

# It's up to the design of the application to understand when it is a good

# idea to use one or the other. However the Redis server sometimes has to

# delete keys or flush the whole database as a side effect of other operations.

# Specifically Redis deletes objects independently of a user call in the

# following scenarios:

#

# 1) On eviction, because of the maxmemory and maxmemory policy configurations,

# in order to make room for new data, without going over the specified

# memory limit.

# 2) Because of expire: when a key with an associated time to live (see the

# EXPIRE command) must be deleted from memory.

# 3) Because of a side effect of a command that stores data on a key that may

# already exist. For example the RENAME command may delete the old key

# content when it is replaced with another one. Similarly SUNIONSTORE

# or SORT with STORE option may delete existing keys. The SET command

# itself removes any old content of the specified key in order to replace

# it with the specified string.

# 4) During replication, when a replica performs a full resynchronization with

# its master, the content of the whole database is removed in order to

# load the RDB file just transferred.

#

# In all the above cases the default is to delete objects in a blocking way,

# like if DEL was called. However you can configure each case specifically

# in order to instead release memory in a non-blocking way like if UNLINK

# was called, using the following configuration directives.

lazyfree-lazy-eviction no

lazyfree-lazy-expire no

lazyfree-lazy-server-del no

replica-lazy-flush no

# It is also possible, for the case when to replace the user code DEL calls

# with UNLINK calls is not easy, to modify the default behavior of the DEL

# command to act exactly like UNLINK, using the following configuration

# directive:

lazyfree-lazy-user-del no

################################ THREADED I/O #################################

# Redis is mostly single threaded, however there are certain threaded

# operations such as UNLINK, slow I/O accesses and other things that are

# performed on side threads.

#

# Now it is also possible to handle Redis clients socket reads and writes

# in different I/O threads. Since especially writing is so slow, normally

# Redis users use pipelining in order to speed up the Redis performances per

# core, and spawn multiple instances in order to scale more. Using I/O

# threads it is possible to easily speedup two times Redis without resorting

# to pipelining nor sharding of the instance.

#

# By default threading is disabled, we suggest enabling it only in machines

# that have at least 4 or more cores, leaving at least one spare core.

# Using more than 8 threads is unlikely to help much. We also recommend using

# threaded I/O only if you actually have performance problems, with Redis

# instances being able to use a quite big percentage of CPU time, otherwise

# there is no point in using this feature.

#

# So for instance if you have a four cores boxes, try to use 2 or 3 I/O

# threads, if you have a 8 cores, try to use 6 threads. In order to

# enable I/O threads use the following configuration directive:

#

# io-threads 4

#

# Setting io-threads to 1 will just use the main thread as usual.

# When I/O threads are enabled, we only use threads for writes, that is

# to thread the write(2) syscall and transfer the client buffers to the

# socket. However it is also possible to enable threading of reads and

# protocol parsing using the following configuration directive, by setting

# it to yes:

#

# io-threads-do-reads no

#

# Usually threading reads doesn't help much.

#

# NOTE 1: This configuration directive cannot be changed at runtime via

# CONFIG SET. Aso this feature currently does not work when SSL is

# enabled.

#

# NOTE 2: If you want to test the Redis speedup using redis-benchmark, make

# sure you also run the benchmark itself in threaded mode, using the

# --threads option to match the number of Redis threads, otherwise you'll not

# be able to notice the improvements.

############################ KERNEL OOM CONTROL ##############################

# On Linux, it is possible to hint the kernel OOM killer on what processes

# should be killed first when out of memory.

#

# Enabling this feature makes Redis actively control the oom_score_adj value

# for all its processes, depending on their role. The default scores will

# attempt to have background child processes killed before all others, and

# replicas killed before masters.

#

# Redis supports three options:

#

# no: Don't make changes to oom-score-adj (default).

# yes: Alias to "relative" see below.

# absolute: Values in oom-score-adj-values are written as is to the kernel.

# relative: Values are used relative to the initial value of oom_score_adj when

# the server starts and are then clamped to a range of -1000 to 1000.

# Because typically the initial value is 0, they will often match the

# absolute values.

oom-score-adj no

# When oom-score-adj is used, this directive controls the specific values used

# for master, replica and background child processes. Values range -2000 to

# 2000 (higher means more likely to be killed).

#

# Unprivileged processes (not root, and without CAP_SYS_RESOURCE capabilities)

# can freely increase their value, but not decrease it below its initial

# settings. This means that setting oom-score-adj to "relative" and setting the

# oom-score-adj-values to positive values will always succeed.

oom-score-adj-values 0 200 800

############################## APPEND ONLY MODE ###############################

# By default Redis asynchronously dumps the dataset on disk. This mode is

# good enough in many applications, but an issue with the Redis process or

# a power outage may result into a few minutes of writes lost (depending on

# the configured save points).

#

# The Append Only File is an alternative persistence mode that provides

# much better durability. For instance using the default data fsync policy

# (see later in the config file) Redis can lose just one second of writes in a

# dramatic event like a server power outage, or a single write if something

# wrong with the Redis process itself happens, but the operating system is

# still running correctly.

#

# AOF and RDB persistence can be enabled at the same time without problems.

# If the AOF is enabled on startup Redis will load the AOF, that is the file

# with the better durability guarantees.

#

# Please check http://redis.io/topics/persistence for more information.

appendonly no

# The name of the append only file (default: "appendonly.aof")

appendfilename "appendonly.aof"

# The fsync() call tells the Operating System to actually write data on disk

# instead of waiting for more data in the output buffer. Some OS will really flush

# data on disk, some other OS will just try to do it ASAP.

#

# Redis supports three different modes:

#

# no: don't fsync, just let the OS flush the data when it wants. Faster.

# always: fsync after every write to the append only log. Slow, Safest.

# everysec: fsync only one time every second. Compromise.

#

# The default is "everysec", as that's usually the right compromise between

# speed and data safety. It's up to you to understand if you can relax this to

# "no" that will let the operating system flush the output buffer when

# it wants, for better performances (but if you can live with the idea of

# some data loss consider the default persistence mode that's snapshotting),

# or on the contrary, use "always" that's very slow but a bit safer than

# everysec.

#

# More details please check the following article:

# http://antirez.com/post/redis-persistence-demystified.html

#

# If unsure, use "everysec".

# appendfsync always

appendfsync everysec

# appendfsync no

# When the AOF fsync policy is set to always or everysec, and a background

# saving process (a background save or AOF log background rewriting) is

# performing a lot of I/O against the disk, in some Linux configurations

# Redis may block too long on the fsync() call. Note that there is no fix for

# this currently, as even performing fsync in a different thread will block

# our synchronous write(2) call.

#

# In order to mitigate this problem it's possible to use the following option

# that will prevent fsync() from being called in the main process while a

# BGSAVE or BGREWRITEAOF is in progress.

#

# This means that while another child is saving, the durability of Redis is

# the same as "appendfsync none". In practical terms, this means that it is

# possible to lose up to 30 seconds of log in the worst scenario (with the

# default Linux settings).

#

# If you have latency problems turn this to "yes". Otherwise leave it as

# "no" that is the safest pick from the point of view of durability.

no-appendfsync-on-rewrite no

# Automatic rewrite of the append only file.

# Redis is able to automatically rewrite the log file implicitly calling

# BGREWRITEAOF when the AOF log size grows by the specified percentage.

#

# This is how it works: Redis remembers the size of the AOF file after the

# latest rewrite (if no rewrite has happened since the restart, the size of

# the AOF at startup is used).

#

# This base size is compared to the current size. If the current size is

# bigger than the specified percentage, the rewrite is triggered. Also

# you need to specify a minimal size for the AOF file to be rewritten, this

# is useful to avoid rewriting the AOF file even if the percentage increase

# is reached but it is still pretty small.

#

# Specify a percentage of zero in order to disable the automatic AOF

# rewrite feature.

auto-aof-rewrite-percentage 100

auto-aof-rewrite-min-size 64mb

# An AOF file may be found to be truncated at the end during the Redis

# startup process, when the AOF data gets loaded back into memory.

# This may happen when the system where Redis is running

# crashes, especially when an ext4 filesystem is mounted without the

# data=ordered option (however this can't happen when Redis itself

# crashes or aborts but the operating system still works correctly).

#

# Redis can either exit with an error when this happens, or load as much

# data as possible (the default now) and start if the AOF file is found

# to be truncated at the end. The following option controls this behavior.

#

# If aof-load-truncated is set to yes, a truncated AOF file is loaded and

# the Redis server starts emitting a log to inform the user of the event.

# Otherwise if the option is set to no, the server aborts with an error

# and refuses to start. When the option is set to no, the user requires

# to fix the AOF file using the "redis-check-aof" utility before to restart

# the server.

#

# Note that if the AOF file will be found to be corrupted in the middle

# the server will still exit with an error. This option only applies when

# Redis will try to read more data from the AOF file but not enough bytes

# will be found.

aof-load-truncated yes

# When rewriting the AOF file, Redis is able to use an RDB preamble in the

# AOF file for faster rewrites and recoveries. When this option is turned

# on the rewritten AOF file is composed of two different stanzas:

#

# [RDB file][AOF tail]

#

# When loading, Redis recognizes that the AOF file starts with the "REDIS"

# string and loads the prefixed RDB file, then continues loading the AOF

# tail.

aof-use-rdb-preamble yes

################################ LUA SCRIPTING ###############################

# Max execution time of a Lua script in milliseconds.

#

# If the maximum execution time is reached Redis will log that a script is

# still in execution after the maximum allowed time and will start to

# reply to queries with an error.

#

# When a long running script exceeds the maximum execution time only the

# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be

# used to stop a script that did not yet call any write commands. The second

# is the only way to shut down the server in the case a write command was

# already issued by the script but the user doesn't want to wait for the natural

# termination of the script.

#

# Set it to 0 or a negative value for unlimited execution without warnings.

lua-time-limit 5000

################################ REDIS CLUSTER ###############################

# Normal Redis instances can't be part of a Redis Cluster; only nodes that are

# started as cluster nodes can. In order to start a Redis instance as a

# cluster node enable the cluster support uncommenting the following:

#

# cluster-enabled yes

# Every cluster node has a cluster configuration file. This file is not

# intended to be edited by hand. It is created and updated by Redis nodes.

# Every Redis Cluster node requires a different cluster configuration file.

# Make sure that instances running in the same system do not have

# overlapping cluster configuration file names.

#

# cluster-config-file nodes-6379.conf

# Cluster node timeout is the amount of milliseconds a node must be unreachable

# for it to be considered in failure state.

# Most other internal time limits are a multiple of the node timeout.

#

# cluster-node-timeout 15000

# A replica of a failing master will avoid to start a failover if its data

# looks too old.

#

# There is no simple way for a replica to actually have an exact measure of

# its "data age", so the following two checks are performed:

#

# 1) If there are multiple replicas able to failover, they exchange messages

# in order to try to give an advantage to the replica with the best

# replication offset (more data from the master processed).

# Replicas will try to get their rank by offset, and apply to the start

# of the failover a delay proportional to their rank.

#

# 2) Every single replica computes the time of the last interaction with

# its master. This can be the last ping or command received (if the master

# is still in the "connected" state), or the time that elapsed since the

# disconnection with the master (if the replication link is currently down).

# If the last interaction is too old, the replica will not try to failover

# at all.

#

# The point "2" can be tuned by user. Specifically a replica will not perform

# the failover if, since the last interaction with the master, the time

# elapsed is greater than:

#

# (node-timeout * cluster-replica-validity-factor) + repl-ping-replica-period

#

# So for example if node-timeout is 30 seconds, and the cluster-replica-validity-factor

# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the

# replica will not try to failover if it was not able to talk with the master

# for longer than 310 seconds.

#

# A large cluster-replica-validity-factor may allow replicas with too old data to failover

# a master, while a too small value may prevent the cluster from being able to

# elect a replica at all.

#

# For maximum availability, it is possible to set the cluster-replica-validity-factor

# to a value of 0, which means, that replicas will always try to failover the

# master regardless of the last time they interacted with the master.

# (However they'll always try to apply a delay proportional to their

# offset rank).

#

# Zero is the only value able to guarantee that when all the partitions heal

# the cluster will always be able to continue.

#

# cluster-replica-validity-factor 10

# Cluster replicas are able to migrate to orphaned masters, that are masters

# that are left without working replicas. This improves the cluster ability

# to resist to failures as otherwise an orphaned master can't be failed over

# in case of failure if it has no working replicas.

#

# Replicas migrate to orphaned masters only if there are still at least a

# given number of other working replicas for their old master. This number

# is the "migration barrier". A migration barrier of 1 means that a replica

# will migrate only if there is at least 1 other working replica for its master

# and so forth. It usually reflects the number of replicas you want for every

# master in your cluster.

#

# Default is 1 (replicas migrate only if their masters remain with at least

# one replica). To disable migration just set it to a very large value.

# A value of 0 can be set but is useful only for debugging and dangerous

# in production.

#

# cluster-migration-barrier 1

# By default Redis Cluster nodes stop accepting queries if they detect there

# is at least a hash slot uncovered (no available node is serving it).

# This way if the cluster is partially down (for example a range of hash slots

# are no longer covered) all the cluster becomes, eventually, unavailable.

# It automatically returns available as soon as all the slots are covered again.

#

# However sometimes you want the subset of the cluster which is working,

# to continue to accept queries for the part of the key space that is still

# covered. In order to do so, just set the cluster-require-full-coverage

# option to no.

#

# cluster-require-full-coverage yes

# This option, when set to yes, prevents replicas from trying to failover its

# master during master failures. However the master can still perform a

# manual failover, if forced to do so.

#

# This is useful in different scenarios, especially in the case of multiple

# data center operations, where we want one side to never be promoted if not

# in the case of a total DC failure.

#

# cluster-replica-no-failover no

# This option, when set to yes, allows nodes to serve read traffic while the

# the cluster is in a down state, as long as it believes it owns the slots.

#

# This is useful for two cases. The first case is for when an application

# doesn't require consistency of data during node failures or network partitions.

# One example of this is a cache, where as long as the node has the data it

# should be able to serve it.

#

# The second use case is for configurations that don't meet the recommended

# three shards but want to enable cluster mode and scale later. A

# master outage in a 1 or 2 shard configuration causes a read/write outage to the

# entire cluster without this option set, with it set there is only a write outage.

# Without a quorum of masters, slot ownership will not change automatically.

#

# cluster-allow-reads-when-down no

# In order to setup your cluster make sure to read the documentation

# available at http://redis.io web site.

########################## CLUSTER DOCKER/NAT support ########################

# In certain deployments, Redis Cluster nodes address discovery fails, because

# addresses are NAT-ted or because ports are forwarded (the typical case is

# Docker and other containers).

#

# In order to make Redis Cluster working in such environments, a static

# configuration where each node knows its public address is needed. The

# following two options are used for this scope, and are:

#

# * cluster-announce-ip

# * cluster-announce-port

# * cluster-announce-bus-port

#

# Each instructs the node about its address, client port, and cluster message

# bus port. The information is then published in the header of the bus packets

# so that other nodes will be able to correctly map the address of the node

# publishing the information.

#

# If the above options are not used, the normal Redis Cluster auto-detection

# will be used instead.

#

# Note that when remapped, the bus port may not be at the fixed offset of

# clients port + 10000, so you can specify any port and bus-port depending

# on how they get remapped. If the bus-port is not set, a fixed offset of

# 10000 will be used as usual.

#

# Example:

#

# cluster-announce-ip 10.1.1.5

# cluster-announce-port 6379

# cluster-announce-bus-port 6380

################################## SLOW LOG ###################################

# The Redis Slow Log is a system to log queries that exceeded a specified

# execution time. The execution time does not include the I/O operations

# like talking with the client, sending the reply and so forth,

# but just the time needed to actually execute the command (this is the only

# stage of command execution where the thread is blocked and can not serve

# other requests in the meantime).

#

# You can configure the slow log with two parameters: one tells Redis

# what is the execution time, in microseconds, to exceed in order for the

# command to get logged, and the other parameter is the length of the

# slow log. When a new command is logged the oldest one is removed from the

# queue of logged commands.

# The following time is expressed in microseconds, so 1000000 is equivalent

# to one second. Note that a negative number disables the slow log, while

# a value of zero forces the logging of every command.

slowlog-log-slower-than 10000

# There is no limit to this length. Just be aware that it will consume memory.

# You can reclaim memory used by the slow log with SLOWLOG RESET.

slowlog-max-len 128

################################ LATENCY MONITOR ##############################

# The Redis latency monitoring subsystem samples different operations

# at runtime in order to collect data related to possible sources of

# latency of a Redis instance.

#

# Via the LATENCY command this information is available to the user that can

# print graphs and obtain reports.

#

# The system only logs operations that were performed in a time equal or

# greater than the amount of milliseconds specified via the

# latency-monitor-threshold configuration directive. When its value is set

# to zero, the latency monitor is turned off.

#

# By default latency monitoring is disabled since it is mostly not needed

# if you don't have latency issues, and collecting data has a performance

# impact, that while very small, can be measured under big load. Latency

# monitoring can easily be enabled at runtime using the command

# "CONFIG SET latency-monitor-threshold " if needed.

latency-monitor-threshold 0

############################# EVENT NOTIFICATION ##############################

# Redis can notify Pub/Sub clients about events happening in the key space.

# This feature is documented at http://redis.io/topics/notifications

#

# For instance if keyspace events notification is enabled, and a client

# performs a DEL operation on key "foo" stored in the Database 0, two

# messages will be published via Pub/Sub:

#

# PUBLISH __keyspace@0__:foo del

# PUBLISH __keyevent@0__:del foo

#

# It is possible to select the events that Redis will notify among a set

# of classes. Every class is identified by a single character:

#

# K Keyspace events, published with __keyspace@__ prefix.

# E Keyevent events, published with __keyevent@__ prefix.

# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...

# $ String commands

# l List commands

# s Set commands

# h Hash commands

# z Sorted set commands

# x Expired events (events generated every time a key expires)

# e Evicted events (events generated when a key is evicted for maxmemory)

# t Stream commands

# m Key-miss events (Note: It is not included in the 'A' class)

# A Alias for g$lshzxet, so that the "AKE" string means all the events

# (Except key-miss events which are excluded from 'A' due to their

# unique nature).

#

# The "notify-keyspace-events" takes as argument a string that is composed

# of zero or multiple characters. The empty string means that notifications

# are disabled.

#

# Example: to enable list and generic events, from the point of view of the

# event name, use:

#

# notify-keyspace-events Elg

#

# Example 2: to get the stream of the expired keys subscribing to channel

# name __keyevent@0__:expired use:

#

# notify-keyspace-events Ex

#

# By default all notifications are disabled because most users don't need

# this feature and the feature has some overhead. Note that if you don't

# specify at least one of K or E, no events will be delivered.

notify-keyspace-events ""

############################### GOPHER SERVER #################################

# Redis contains an implementation of the Gopher protocol, as specified in

# the RFC 1436 (https://www.ietf.org/rfc/rfc1436.txt).

#

# The Gopher protocol was very popular in the late '90s. It is an alternative

# to the web, and the implementation both server and client side is so simple

# that the Redis server has just 100 lines of code in order to implement this

# support.

#

# What do you do with Gopher nowadays? Well Gopher never *really* died, and

# lately there is a movement in order for the Gopher more hierarchical content

# composed of just plain text documents to be resurrected. Some want a simpler

# internet, others believe that the mainstream internet became too much

# controlled, and it's cool to create an alternative space for people that

# want a bit of fresh air.

#

# Anyway for the 10nth birthday of the Redis, we gave it the Gopher protocol

# as a gift.

#

# --- HOW IT WORKS? ---

#

# The Redis Gopher support uses the inline protocol of Redis, and specifically

# two kind of inline requests that were anyway illegal: an empty request

# or any request that starts with "/" (there are no Redis commands starting

# with such a slash). Normal RESP2/RESP3 requests are completely out of the

# path of the Gopher protocol implementation and are served as usual as well.

#

# If you open a connection to Redis when Gopher is enabled and send it

# a string like "/foo", if there is a key named "/foo" it is served via the

# Gopher protocol.

#

# In order to create a real Gopher "hole" (the name of a Gopher site in Gopher

# talking), you likely need a script like the following:

#

# https://github.com/antirez/gopher2redis

#

# --- SECURITY WARNING ---

#

# If you plan to put Redis on the internet in a publicly accessible address

# to server Gopher pages MAKE SURE TO SET A PASSWORD to the instance.

# Once a password is set:

#

# 1. The Gopher server (when enabled, not by default) will still serve

# content via Gopher.

# 2. However other commands cannot be called before the client will

# authenticate.

#

# So use the 'requirepass' option to protect your instance.

#

# Note that Gopher is not currently supported when 'io-threads-do-reads'

# is enabled.

#

# To enable Gopher support, uncomment the following line and set the option

# from no (the default) to yes.

#

# gopher-enabled no

############################### ADVANCED CONFIG ###############################

# Hashes are encoded using a memory efficient data structure when they have a

# small number of entries, and the biggest entry does not exceed a given

# threshold. These thresholds can be configured using the following directives.

hash-max-ziplist-entries 512

hash-max-ziplist-value 64

# Lists are also encoded in a special way to save a lot of space.

# The number of entries allowed per internal list node can be specified

# as a fixed maximum size or a maximum number of elements.

# For a fixed maximum size, use -5 through -1, meaning:

# -5: max size: 64 Kb <-- not recommended for normal workloads

# -4: max size: 32 Kb <-- not recommended

# -3: max size: 16 Kb <-- probably not recommended

# -2: max size: 8 Kb <-- good

# -1: max size: 4 Kb <-- good

# Positive numbers mean store up to _exactly_ that number of elements

# per list node.

# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),

# but if your use case is unique, adjust the settings as necessary.

list-max-ziplist-size -2

# Lists may also be compressed.

# Compress depth is the number of quicklist ziplist nodes from *each* side of

# the list to *exclude* from compression. The head and tail of the list

# are always uncompressed for fast push/pop operations. Settings are:

# 0: disable all list compression

# 1: depth 1 means "don't start compressing until after 1 node into the list,

# going from either the head or tail"

# So: [head]->node->node->...->node->[tail]

# [head], [tail] will always be uncompressed; inner nodes will compress.

# 2: [head]->[next]->node->node->...->node->[prev]->[tail]

# 2 here means: don't compress head or head->next or tail->prev or tail,

# but compress all nodes between them.

# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]

# etc.

list-compress-depth 0

# Sets have a special encoding in just one case: when a set is composed

# of just strings that happen to be integers in radix 10 in the range

# of 64 bit signed integers.

# The following configuration setting sets the limit in the size of the

# set in order to use this special memory saving encoding.

set-max-intset-entries 512

# Similarly to hashes and lists, sorted sets are also specially encoded in

# order to save a lot of space. This encoding is only used when the length and

# elements of a sorted set are below the following limits:

zset-max-ziplist-entries 128

zset-max-ziplist-value 64

# HyperLogLog sparse representation bytes limit. The limit includes the

# 16 bytes header. When an HyperLogLog using the sparse representation crosses

# this limit, it is converted into the dense representation.

#

# A value greater than 16000 is totally useless, since at that point the

# dense representation is more memory efficient.

#

# The suggested value is ~ 3000 in order to have the benefits of

# the space efficient encoding without slowing down too much PFADD,

# which is O(N) with the sparse encoding. The value can be raised to

# ~ 10000 when CPU is not a concern, but space is, and the data set is

# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.

hll-sparse-max-bytes 3000

# Streams macro node max size / items. The stream data structure is a radix

# tree of big nodes that encode multiple items inside. Using this configuration

# it is possible to configure how big a single node can be in bytes, and the

# maximum number of items it may contain before switching to a new node when

# appending new stream entries. If any of the following settings are set to

# zero, the limit is ignored, so for instance it is possible to set just a

# max entires limit by setting max-bytes to 0 and max-entries to the desired

# value.

stream-node-max-bytes 4096

stream-node-max-entries 100

# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in

# order to help rehashing the main Redis hash table (the one mapping top-level

# keys to values). The hash table implementation Redis uses (see dict.c)

# performs a lazy rehashing: the more operation you run into a hash table

# that is rehashing, the more rehashing "steps" are performed, so if the

# server is idle the rehashing is never complete and some more memory is used

# by the hash table.

#

# The default is to use this millisecond 10 times every second in order to

# actively rehash the main dictionaries, freeing memory when possible.

#

# If unsure:

# use "activerehashing no" if you have hard latency requirements and it is

# not a good thing in your environment that Redis can reply from time to time

# to queries with 2 milliseconds delay.

#

# use "activerehashing yes" if you don't have such hard requirements but

# want to free memory asap when possible.

activerehashing yes

# The client output buffer limits can be used to force disconnection of clients

# that are not reading data from the server fast enough for some reason (a

# common reason is that a Pub/Sub client can't consume messages as fast as the

# publisher can produce them).

#

# The limit can be set differently for the three different classes of clients:

#

# normal -> normal clients including MONITOR clients

# replica -> replica clients

# pubsub -> clients subscribed to at least one pubsub channel or pattern

#

# The syntax of every client-output-buffer-limit directive is the following:

#

# client-output-buffer-limit

#

# A client is immediately disconnected once the hard limit is reached, or if

# the soft limit is reached and remains reached for the specified number of

# seconds (continuously).

# So for instance if the hard limit is 32 megabytes and the soft limit is

# 16 megabytes / 10 seconds, the client will get disconnected immediately

# if the size of the output buffers reach 32 megabytes, but will also get

# disconnected if the client reaches 16 megabytes and continuously overcomes

# the limit for 10 seconds.

#

# By default normal clients are not limited because they don't receive data

# without asking (in a push way), but just after a request, so only

# asynchronous clients may create a scenario where data is requested faster

# than it can read.

#

# Instead there is a default limit for pubsub and replica clients, since

# subscribers and replicas receive data in a push fashion.

#

# Both the hard or the soft limit can be disabled by setting them to zero.

client-output-buffer-limit normal 0 0 0

client-output-buffer-limit replica 256mb 64mb 60

client-output-buffer-limit pubsub 32mb 8mb 60

# Client query buffers accumulate new commands. They are limited to a fixed

# amount by default in order to avoid that a protocol desynchronization (for

# instance due to a bug in the client) will lead to unbound memory usage in

# the query buffer. However you can configure it here if you have very special

# needs, such us huge multi/exec requests or alike.

#

# client-query-buffer-limit 1gb

# In the Redis protocol, bulk requests, that are, elements representing single

# strings, are normally limited to 512 mb. However you can change this limit

# here, but must be 1mb or greater

#

# proto-max-bulk-len 512mb

# Redis calls an internal function to perform many background tasks, like

# closing connections of clients in timeout, purging expired keys that are

# never requested, and so forth.

#

# Not all tasks are performed with the same frequency, but Redis checks for

# tasks to perform according to the specified "hz" value.

#

# By default "hz" is set to 10. Raising the value will use more CPU when

# Redis is idle, but at the same time will make Redis more responsive when

# there are many keys expiring at the same time, and timeouts may be

# handled with more precision.

#

# The range is between 1 and 500, however a value over 100 is usually not

# a good idea. Most users should use the default of 10 and raise this up to

# 100 only in environments where very low latency is required.

hz 10

# Normally it is useful to have an HZ value which is proportional to the

# number of clients connected. This is useful in order, for instance, to

# avoid too many clients are processed for each background task invocation

# in order to avoid latency spikes.

#

# Since the default HZ value by default is conservatively set to 10, Redis

# offers, and enables by default, the ability to use an adaptive HZ value

# which will temporarily raise when there are many connected clients.

#

# When dynamic HZ is enabled, the actual configured HZ will be used

# as a baseline, but multiples of the configured HZ value will be actually

# used as needed once more clients are connected. In this way an idle

# instance will use very little CPU time while a busy instance will be

# more responsive.

dynamic-hz yes

# When a child rewrites the AOF file, if the following option is enabled

# the file will be fsync-ed every 32 MB of data generated. This is useful

# in order to commit the file to the disk more incrementally and avoid

# big latency spikes.

aof-rewrite-incremental-fsync yes

# When redis saves RDB file, if the following option is enabled

# the file will be fsync-ed every 32 MB of data generated. This is useful

# in order to commit the file to the disk more incrementally and avoid

# big latency spikes.

rdb-save-incremental-fsync yes

# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good

# idea to start with the default settings and only change them after investigating

# how to improve the performances and how the keys LFU change over time, which

# is possible to inspect via the OBJECT FREQ command.

#

# There are two tunable parameters in the Redis LFU implementation: the

# counter logarithm factor and the counter decay time. It is important to

# understand what the two parameters mean before changing them.

#

# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis

# uses a probabilistic increment with logarithmic behavior. Given the value

# of the old counter, when a key is accessed, the counter is incremented in

# this way:

#

# 1. A random number R between 0 and 1 is extracted.

# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).

# 3. The counter is incremented only if R < P.

#

# The default lfu-log-factor is 10. This is a table of how the frequency

# counter changes with a different number of accesses with different

# logarithmic factors:

#

# +--------+------------+------------+------------+------------+------------+

# | factor | 100 hits | 1000 hits | 100K hits | 1M hits | 10M hits |

# +--------+------------+------------+------------+------------+------------+

# | 0 | 104 | 255 | 255 | 255 | 255 |

# +--------+------------+------------+------------+------------+------------+

# | 1 | 18 | 49 | 255 | 255 | 255 |

# +--------+------------+------------+------------+------------+------------+

# | 10 | 10 | 18 | 142 | 255 | 255 |

# +--------+------------+------------+------------+------------+------------+

# | 100 | 8 | 11 | 49 | 143 | 255 |

# +--------+------------+------------+------------+------------+------------+

#

# NOTE: The above table was obtained by running the following commands:

#

# redis-benchmark -n 1000000 incr foo

# redis-cli object freq foo

#

# NOTE 2: The counter initial value is 5 in order to give new objects a chance

# to accumulate hits.

#

# The counter decay time is the time, in minutes, that must elapse in order

# for the key counter to be divided by two (or decremented if it has a value

# less <= 10).

#

# The default value for the lfu-decay-time is 1. A special value of 0 means to

# decay the counter every time it happens to be scanned.

#

# lfu-log-factor 10

# lfu-decay-time 1

########################### ACTIVE DEFRAGMENTATION #######################

#

# What is active defragmentation?

# -------------------------------

#

# Active (online) defragmentation allows a Redis server to compact the

# spaces left between small allocations and deallocations of data in memory,

# thus allowing to reclaim back memory.

#

# Fragmentation is a natural process that happens with every allocator (but

# less so with Jemalloc, fortunately) and certain workloads. Normally a server

# restart is needed in order to lower the fragmentation, or at least to flush

# away all the data and create it again. However thanks to this feature

# implemented by Oran Agra for Redis 4.0 this process can happen at runtime

# in a "hot" way, while the server is running.

#

# Basically when the fragmentation is over a certain level (see the

# configuration options below) Redis will start to create new copies of the

# values in contiguous memory regions by exploiting certain specific Jemalloc

# features (in order to understand if an allocation is causing fragmentation

# and to allocate it in a better place), and at the same time, will release the

# old copies of the data. This process, repeated incrementally for all the keys

# will cause the fragmentation to drop back to normal values.

#

# Important things to understand:

#

# 1. This feature is disabled by default, and only works if you compiled Redis

# to use the copy of Jemalloc we ship with the source code of Redis.

# This is the default with Linux builds.

#

# 2. You never need to enable this feature if you don't have fragmentation

# issues.

#

# 3. Once you experience fragmentation, you can enable this feature when

# needed with the command "CONFIG SET activedefrag yes".

#

# The configuration parameters are able to fine tune the behavior of the

# defragmentation process. If you are not sure about what they mean it is

# a good idea to leave the defaults untouched.

# Enabled active defragmentation

# activedefrag no

# Minimum amount of fragmentation waste to start active defrag

# active-defrag-ignore-bytes 100mb

# Minimum percentage of fragmentation to start active defrag

# active-defrag-threshold-lower 10

# Maximum percentage of fragmentation at which we use maximum effort

# active-defrag-threshold-upper 100

# Minimal effort for defrag in CPU percentage, to be used when the lower

# threshold is reached

# active-defrag-cycle-min 1

# Maximal effort for defrag in CPU percentage, to be used when the upper

# threshold is reached

# active-defrag-cycle-max 25

# Maximum number of set/hash/zset/list fields that will be processed from

# the main dictionary scan

# active-defrag-max-scan-fields 1000

# Jemalloc background thread for purging will be enabled by default

jemalloc-bg-thread yes

# It is possible to pin different threads and processes of Redis to specific

# CPUs in your system, in order to maximize the performances of the server.

# This is useful both in order to pin different Redis threads in different

# CPUs, but also in order to make sure that multiple Redis instances running

# in the same host will be pinned to different CPUs.

#

# Normally you can do this using the "taskset" command, however it is also

# possible to this via Redis configuration directly, both in Linux and FreeBSD.

#

# You can pin the server/IO threads, bio threads, aof rewrite child process, and

# the bgsave child process. The syntax to specify the cpu list is the same as

# the taskset command:

#

# Set redis server/io threads to cpu affinity 0,2,4,6:

# server_cpulist 0-7:2

#

# Set bio threads to cpu affinity 1,3:

# bio_cpulist 1,3

#

# Set aof rewrite child process to cpu affinity 8,9,10,11:

# aof_rewrite_cpulist 8-11

#

# Set bgsave child process to cpu affinity 1,10,11

# bgsave_cpulist 1,10-11

# In some cases redis will emit warnings and even refuse to start if it detects

# that the system is in bad state, it is possible to suppress these warnings

# by setting the following config which takes a space delimited list of warnings

# to suppress

#

# ignore-warnings ARM64-COW-BUG

7.3.3.2 其次：主機(jī)放置redis.conf文件

其次：主機(jī)創(chuàng)建/opt/redis目錄，創(chuàng)建redis.conf文件 將redis.conf模板粘貼進(jìn)去

mkdir /opt/redis

vim redis.conf

7.3.3.3 再次：修改redis.conf文件

（用Vim打開文件后,直接輸入 /關(guān)鍵字 并回車,定位到第一個關(guān)鍵字,之后通過n向下查找,通過N向上查找）

添加redis密碼：requirepass 123456

修改bind為0.0.0.0（任何機(jī)器都能夠訪問）

為了避免和docker中的-d參數(shù)沖突，將后臺啟動設(shè)置為no（daemonize no）

關(guān)閉保護(hù)模式(protected-mode no)

開啟AOF持久化(appendonly yes)

7.3.3.4 最后：啟動容器實例（帶數(shù)據(jù)卷）

docker run -d -p 6379:6379 \

--name redis --privileged=true \

-v /opt/redis/redis.conf:/etc/redis/redis.conf \

-v /opt/redis/data:/data \

redis:6.0.8

（啟動成功）

使用可視化軟件RESP遠(yuǎn)程連接redis

八、搭建Mysql主從復(fù)制

8.1 拉取mysql鏡像（以8.0.31為例）

docker pull mysql:8.0.31

8.2 創(chuàng)建主節(jié)點MySQL實例對象

創(chuàng)建主節(jié)點MySQL實例對象，主機(jī)端口號為3307，容器內(nèi)端口號為3306

8.2.1 創(chuàng)建主節(jié)點Mysql實例對象

docker run -p 3307:3306 \

--name mysql-master \

-v /opt/mysql-master/log:/var/log/mysql \

-v /opt/mysql-master/data:/var/lib/mysql \

-v /opt/mysql-master/conf:/etc/mysql/conf.d \

-e MYSQL_ROOT_PASSWORD=123456 \

-d mysql:8.0.31

8.2.2 修改主節(jié)點Mysql實例對象配置文件

主機(jī)進(jìn)入/opt/mysql-master/conf目錄下新建my.cnf

vim /opt/mysql-master/conf/my.cnf

[mysqld]

## 設(shè)置server_id，同一局域網(wǎng)中需要唯一

server_id=100

## 指定不需要同步的數(shù)據(jù)庫名稱

binlog-ignore-db=mysql

## 開啟二進(jìn)制日志功能

log-bin=mall-mysql-bin

## 設(shè)置二進(jìn)制日志使用內(nèi)存大?。ㄊ聞?wù)）

binlog_cache_size=1M

## 設(shè)置使用的二進(jìn)制日志格式（mixed,statement,row）

binlog_format=mixed

## 二進(jìn)制日志過期清理時間。默認(rèn)值為0，表示不自動清理。

expire_logs_days=7

## 跳過主從復(fù)制中遇到的所有錯誤或指定類型的錯誤，避免slave端復(fù)制中斷。

## 如：1062錯誤是指一些主鍵重復(fù)，1032錯誤是因為主從數(shù)據(jù)庫數(shù)據(jù)不一致

slave_skip_errors=1062

8.2.3 修改完配置后重啟master容器實例

docker restart mysql-master

8.2.4 進(jìn)入主節(jié)點mysql-master容器實例，進(jìn)入數(shù)據(jù)庫

docker exec -it mysql-master /bin/bash

mysql -uroot -p123456

8.2.5 master容器實例內(nèi)創(chuàng)建數(shù)據(jù)同步用戶并授予權(quán)限

CREATE USER 'slave'@'%' IDENTIFIED BY '123456';

ALTER USER 'slave'@'%' IDENTIFIED WITH mysql_native_password BY '123456';

GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'slave'@'%';

8.2.6 在主節(jié)點數(shù)據(jù)庫查看主從同步狀態(tài)

show master status;

8.3 創(chuàng)建從節(jié)點Mysql實例對象

創(chuàng)建主節(jié)點MySQL實例對象，主機(jī)端口號為3308，容器內(nèi)端口號為3306

8.3.1 創(chuàng)建從節(jié)點Mysql實例對象

docker run -p 3308:3306 \

--name mysql-slave \

-v /opt/mysql-slave/log:/var/log/mysql \

-v /opt/mysql-slave/data:/var/lib/mysql \

-v /opt/mysql-slave/conf:/etc/mysql/conf.d \

-e MYSQL_ROOT_PASSWORD=123456 \

-d mysql:8.0.31

8.3.2 修改從節(jié)點Mysql實例對象配置文件

主機(jī)進(jìn)入/opt/mysql-slave/conf目錄下新建my.cnf

vim /opt/mysql-slave/conf/my.cnf

[mysqld]

## 設(shè)置server_id，同一局域網(wǎng)中需要唯一

server_id=101

## 指定不需要同步的數(shù)據(jù)庫名稱

binlog-ignore-db=mysql

## 開啟二進(jìn)制日志功能，以備Slave作為其它數(shù)據(jù)庫實例的Master時使用

log-bin=mall-mysql-slave1-bin

## 設(shè)置二進(jìn)制日志使用內(nèi)存大小（事務(wù)）

binlog_cache_size=1M

## 設(shè)置使用的二進(jìn)制日志格式（mixed,statement,row）

binlog_format=mixed

## 二進(jìn)制日志過期清理時間。默認(rèn)值為0，表示不自動清理。

expire_logs_days=7

## 跳過主從復(fù)制中遇到的所有錯誤或指定類型的錯誤，避免slave端復(fù)制中斷。

## 如：1062錯誤是指一些主鍵重復(fù)，1032錯誤是因為主從數(shù)據(jù)庫數(shù)據(jù)不一致

slave_skip_errors=1062

## relay_log配置中繼日志

relay_log=mall-mysql-relay-bin

## log_slave_updates表示slave將復(fù)制事件寫進(jìn)自己的二進(jìn)制日志

log_slave_updates=1

## slave設(shè)置為只讀（具有super權(quán)限的用戶除外）

read_only=1

8.3.3 修改完配置后重啟slave容器實例

docker restart mysql-slave

8.3.4 進(jìn)入從節(jié)點，配置主從復(fù)制

docker exec -it mysql-slave /bin/bash

mysql -uroot -p123456

//注意：master_password master_port要與master機(jī)一致

//注意 msater_user 要和8.2.5一致

//注意：master_log_file 以及 master_log_pos 要和8.2.6一致 即：mall-mysql-bin.000005 1452

change master to master_host='宿主機(jī)ip', master_user='slave', master_password='123456',

master_port=3307, master_log_file='mall-mysql-bin.000005', master_log_pos=1452, master_connect_retry=30;

參數(shù)說明：

master_host：主數(shù)據(jù)庫的IP地址；master_port：主數(shù)據(jù)庫的運(yùn)行端口；master_user：在主數(shù)據(jù)庫創(chuàng)建的用于同步數(shù)據(jù)的用戶賬號；master_password：在主數(shù)據(jù)庫創(chuàng)建的用于同步數(shù)據(jù)的用戶密碼；master_log_file：指定從數(shù)據(jù)庫要復(fù)制數(shù)據(jù)的日志文件，通過查看主數(shù)據(jù)的狀態(tài)，獲取File參數(shù)；master_log_pos：指定從數(shù)據(jù)庫從哪個位置開始復(fù)制數(shù)據(jù)，通過主數(shù)據(jù)的狀態(tài)，獲取Position參數(shù)；master_connect_retry：連接失敗重試的時間間隔，單位為秒。

8.3.5 開啟從數(shù)據(jù)庫

start slave;

//停止從數(shù)據(jù)庫：stop slave;

//重啟從數(shù)據(jù)庫：restart slave;

8.3.6 查看主從復(fù)制狀態(tài)

在從節(jié)點的mysql數(shù)據(jù)庫內(nèi)查看

show slave status \G;

8.4 主從數(shù)據(jù)庫測試

首先：在主從容器中的mysql分別執(zhí)行如下命令 （不然連接不了sql yog 等）

#修改加密規(guī)則

alter user 'root'@'localhost' identified by 'root' password expire never;

#更新密碼

alter user 'root'@'localhost' identified with mysql_native_password by '123456';

alter user 'root'@'%' identified with mysql_native_password by '123456';

#刷新

flush privileges;

其次：使用sqlyog分別連接主從數(shù)據(jù)庫

最后：主節(jié)點數(shù)據(jù)庫添加一個數(shù)據(jù)庫reggie，發(fā)現(xiàn)從節(jié)點數(shù)據(jù)庫自動添加

至此，成功！

8.5 將主從數(shù)據(jù)庫打包成鏡像

將主從數(shù)據(jù)庫打包成鏡像，保存至阿里云倉庫

8.5.1 commit容器為鏡像

docker commit -m="提交的描述信息" -a="作者" 容器ID 要創(chuàng)建的目標(biāo)鏡像名:[標(biāo)簽名]

主mysql節(jié)點commit為鏡像mysql-master1.0：

從mysql節(jié)點commit為鏡像mysql-salve1.0

8.5.2 推送至阿里云鏡像倉庫

主節(jié)點mysql-master1.0推送：

docker login --username=gaoqiangmath registry.cn-chengdu.aliyuncs.com

docker tag [ImageId] registry.cn-chengdu.aliyuncs.com/gq_ynu/mysql8-master1.0:[鏡像版本號]

docker push registry.cn-chengdu.aliyuncs.com/gq_ynu/mysql8-master1.0:[鏡像版本號]

從節(jié)點mysql-slave.10推送：

docker login --username=gaoqiangmath registry.cn-chengdu.aliyuncs.com

docker tag [ImageId] registry.cn-chengdu.aliyuncs.com/gq_ynu/mysql8-slave1.0:[鏡像版本號]

docker push registry.cn-chengdu.aliyuncs.com/gq_ynu/mysql8-slave1.0:[鏡像版本號]

九、搭建Redis集群

（稍等，后續(xù)再補(bǔ)充）

十、Dockerfile

10.1 Dockerfile簡介

官網(wǎng)：https://docs.docker.com/engine/reference/builder/

10.2 Dockerfile內(nèi)容基礎(chǔ)知識

每條保留字指令都必須為大寫字母且后面要跟隨至少一個參數(shù)指令按照從上到下，順序執(zhí)行#表示注釋每條指令都會創(chuàng)建一個新的鏡像層并對鏡像進(jìn)行提交

10.3 Docker執(zhí)行Dockerfile的大致流程

docker從基礎(chǔ)鏡像運(yùn)行一個容器執(zhí)行一條指令并對容器作出修改執(zhí)行類似docker commit的操作提交一個新的鏡像層docker再基于剛提交的鏡像運(yùn)行一個新容器執(zhí)行dockerfile中的下一條指令直到所有指令都執(zhí)行完成

10.4 Docker鏡像、容器、Dockerfile

Dockerfile，需要定義一個Dockerfile，Dockerfile定義了進(jìn)程需要的一切東西。Dockerfile涉及的內(nèi)容包括執(zhí)行代碼或者是文件、環(huán)境變量、依賴包、運(yùn)行時環(huán)境、動態(tài)鏈接庫、操作系統(tǒng)的發(fā)行版、服務(wù)進(jìn)程和內(nèi)核進(jìn)程(當(dāng)應(yīng)用進(jìn)程需要和系統(tǒng)服務(wù)和內(nèi)核進(jìn)程打交道，這時需要考慮如何設(shè)計namespace的權(quán)限控制)等等;Docker鏡像，在用Dockerfile定義一個文件之后，docker build時會產(chǎn)生一個Docker鏡像，當(dāng)運(yùn)行Docker鏡像時會真正開始提供服務(wù);

Docker容器，容器是直接提供服務(wù)的。

10.5 FockerFilie常用保留字指令

10.5.1 FROM

基礎(chǔ)鏡像，當(dāng)前新鏡像是基于哪個鏡像的，指定一個已經(jīng)存在的鏡像作為模板，第一條必須是from

10.5.2 MAINTAINER

鏡像維護(hù)者的姓名和郵箱地址

10.5.3 RUN

? 容器構(gòu)建時需要運(yùn)行的命令

10.5.4 EXPOSE

當(dāng)前容器對外暴露出的端口

10.5.5 WORKDIR

指定在創(chuàng)建容器后，終端默認(rèn)登陸的進(jìn)來工作目錄，一個落腳點

10.5.6 USER

? 指定該鏡像以什么樣的用戶去執(zhí)行，如果都不指定，默認(rèn)是root

10.5.7 ENV

用來在構(gòu)建鏡像過程中設(shè)置環(huán)境變量

? 這個環(huán)境變量可以在后續(xù)的任何RUN指令中使用，這就如同在命令前面指定了環(huán)境變量前綴一樣；

? 也可以在其它指令中直接使用這些環(huán)境變量。

? 比如：WORKDIR $MY_PATH

10.5.8 ADD

將宿主機(jī)目錄下的文件拷貝進(jìn)鏡像且會自動處理URL和解壓tar壓縮包

10.5.9 COPY

? 類似ADD，拷貝文件和目錄到鏡像中(但是不會自動解壓)。

將從構(gòu)建上下文目錄中 <源路徑> 的文件/目錄復(fù)制到新的一層的鏡像內(nèi)的 <目標(biāo)路徑> 位置

10.5.10 VOLUME

容器數(shù)據(jù)卷，用于數(shù)據(jù)保存和持久化工作

10.5.11 CMD

指定容器啟動后的要干的事情

CMD會被docker run后面的命令覆蓋

10.5.12 ENTRYPOINT

也是用來指定一個容器啟動后要運(yùn)行的命令

? 類似于 CMD 指令，但是ENTRYPOINT不會被docker run后面的命令覆蓋， 而且這些命令行參數(shù)會被當(dāng)作 參數(shù)送給 ENTRYPOINT 指令指定的程序。

10.6 Dockerfile啟動命令

docker build -f 腳本文件名（默認(rèn)dockerfile可以省略） -t 鏡像名字 .（表示當(dāng)前路徑）

10.7 使用Dockerfile實現(xiàn)自定義鏡像

自定義鏡像需求：具備vim+ifconfig+jdk8環(huán)境

10.7.1 第一步：主機(jī)創(chuàng)建文件夾，用以存放Dockerfile以及jdk

我放在主機(jī)：/usr/local/docker_file目錄下：

10.6.2 第二步：編輯Dockerfile

編輯cento7_docker_file

FROM centos:7

MAINTAINER gq<94430980@qq.com>

ENV MYPATH /usr/local

WORKDIR $MYPATH

#安裝vim編輯器

RUN yum -y install vim

#安裝ifconfig命令查看網(wǎng)絡(luò)IP

RUN yum -y install net-tools

#安裝java8及l(fā)ib庫

RUN yum -y install glibc.i686

RUN mkdir /usr/local/java

#ADD 是相對路徑j(luò)ar,把jdk-8u371-linux-x64.tar.gz添加到容器中,安裝包必須要和Dockerfile文件在同一位置

ADD jdk-8u371-linux-x64.tar.gz /usr/local/java/

#配置java環(huán)境變量

ENV JAVA_HOME /usr/local/java/jdk1.8.0_371

ENV JRE_HOME $JAVA_HOME/jre

ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH

ENV PATH $JAVA_HOME/bin:$PATH

EXPOSE 80

CMD echo $MYPATH

CMD echo "success--------------ok"

CMD /bin/bash

注意：centos版本指定為7 centos:7

10.6.3 第三步：啟動Dockerfile，創(chuàng)建鏡像

#命令格式

docker build -f 腳本文件名（默認(rèn)dockerfile可以省略） -t 鏡像名字 .（表示當(dāng)前路徑）

實際命令

docker build -f cento7_docker_file -t cento7_java8 .

查看新建的鏡像：

進(jìn)入鏡像：

docker run -it --name cento7_java8 cento7_java8 /bin/bash

10.7 虛懸鏡像

倉庫名和版本號都為的就是虛懸鏡像

查看所有的虛懸鏡像

docker image ls -f dangling=true

刪除所有虛懸鏡像

docker image prune

十一、Docker網(wǎng)絡(luò)

11.1 Docker網(wǎng)絡(luò)是什么

Docker啟動時會在主機(jī)上自動創(chuàng)建一個docker0網(wǎng)橋，即一個Linux網(wǎng)橋。容器借助網(wǎng)橋和主機(jī)或者其他容器進(jìn)行通訊。

11.2 Docker網(wǎng)絡(luò)的相關(guān)命令

11.2.1 查看docker網(wǎng)絡(luò)的相關(guān)命令

11.2.2 容器設(shè)定網(wǎng)絡(luò)啟動

docker run [--network 網(wǎng)絡(luò)名] 容器名/容器id

11.3 Docker網(wǎng)絡(luò)的作用

容器間的互聯(lián)和通信以及端口映射容器IP變動時候可以通過服務(wù)名直接網(wǎng)絡(luò)通信而不受到影響

11.4 Docker網(wǎng)絡(luò)模式

11.4.1 Docker網(wǎng)絡(luò)模式分類

11.4.2 bridge網(wǎng)絡(luò)模式（默認(rèn)）

Docker 服務(wù)默認(rèn)會創(chuàng)建一個 docker0 網(wǎng)橋（其上有一個 docker0 內(nèi)部接口），該橋接網(wǎng)絡(luò)的名稱為docker0，它在內(nèi)核層連通了其他的物理或虛擬網(wǎng)卡，這就將所有容器和本地主機(jī)都放到同一個物理網(wǎng)絡(luò)。Docker 默認(rèn)指定了 docker0 接口 的 IP 地址和子網(wǎng)掩碼，讓主機(jī)和容器之間。宿主機(jī)和容器之間、容器與容器之間可以通過網(wǎng)橋docer0(bridge)相互通信

容器以bridge網(wǎng)絡(luò)運(yùn)行：

docker run --network bridge 容器名/容器id

11.4.3 host網(wǎng)絡(luò)模式

容器將不會獲得一個獨(dú)立的Network Namespace， 而是和宿主機(jī)共用一個Network Namespace。容器將不會虛擬出自己的網(wǎng)卡而是使用宿主機(jī)的IP和端口。

容器以none網(wǎng)絡(luò)運(yùn)行：

docker run --network host 容器名/容器id

注意：當(dāng)容器以host啟動時，指定端口映射便沒有意義 如：

11.4.4 none網(wǎng)絡(luò)模式

在none模式下，并不為Docker容器進(jìn)行任何網(wǎng)絡(luò)配置。 也就是說，這個Docker容器沒有網(wǎng)卡、IP、路由等信息，只有一個lo需要我們自己為Docker容器添加網(wǎng)卡、配置IP等。

容器以none網(wǎng)絡(luò)運(yùn)行：

docker run --network none 容器名/容器id

11.4.5 container網(wǎng)絡(luò)模式

新建的容器和已經(jīng)存在的一個容器共享一個網(wǎng)絡(luò)ip配置而不是和宿主機(jī)共享。新創(chuàng)建的容器不會創(chuàng)建自己的網(wǎng)卡，配置自己的IP，而是和一個指定的容器共享IP、端口范圍等。同樣，兩個容器除了網(wǎng)絡(luò)方面，其他的如文件系統(tǒng)、進(jìn)程列表等還是隔離的。

容器以none網(wǎng)絡(luò)運(yùn)行： (創(chuàng)建一個tomcat容器，再創(chuàng)建第二個tomcat容器，創(chuàng)建第二個容器的時候指定使用第一個tomcat容器的網(wǎng)絡(luò)配置。)

docker run -d -p 8084:8080 --name t4 tomcat:8.0.19

docker run -d -p 8085:8080 --network container:t4 --name t5 tomcat:8.0.53

但是會提示端口號沖突，因為兩臺tomcat公用8080端口。

11.4.6 自定義網(wǎng)絡(luò)模式

思考：兩個容器之間可以互相ping對方的ip地址ping通（但是容器刪掉之后，重新創(chuàng)建容器會生成不同的ip），但是可以互相ping對方的容器名ping通嗎？ 答案是不可以

docker多個容器之間的集群規(guī)劃要使用服務(wù)名，因為ip是會變動(容器刪掉之后，重新創(chuàng)建容器會生成不同的ip)，使用自定義網(wǎng)絡(luò)模式能夠使用服務(wù)名進(jìn)行通信

自定義網(wǎng)絡(luò)，自定義網(wǎng)絡(luò)的默認(rèn)模式是bridge（網(wǎng)橋）模式

docker network create gq_network

測試：創(chuàng)建兩個容器實例，并使用自定義的網(wǎng)絡(luò)模式

docker run -d -p 8081:8080 --network gq_network --name t1 tomcat:8.0.19

docker run -d -p 8082:8080 --network gq_network --name t2 tomcat:8.0.19

進(jìn)入容器t1，直接ping容器t2：ping t2 進(jìn)入容器t2，直接ping容器t1：ping t1

發(fā)現(xiàn)互相都ping通了，測試成功

十二、Docker-compose容器編排

12.1 Docker-Compose定義

Docker-Compose就是容器編排，負(fù)責(zé)實現(xiàn)對Docker容器集群的快速編排。

Docker-Compose可以管理多個 Docker 容器組成一個應(yīng)用。你需要定義一個 YAML 格式的配置文件docker-compose.yml，寫好多個容器之間的調(diào)用關(guān)系。然后，只要一個命令，就能同時啟動/關(guān)閉這些容器

12.2 Docker-Compose作用

docker建議我們每一個容器中只運(yùn)行一個服務(wù),因為docker容器本身占用資源極少,所以最好是將每個服務(wù)單獨(dú)的分割開來。但是這樣我們又面臨了一個問題？

如果我需要同時部署好多個服務(wù),難道要每個服務(wù)單獨(dú)寫Dockerfile然后在構(gòu)建鏡像,構(gòu)建容器,這樣工作量會和大。所以docker官方給我們提供了docker-compose多服務(wù)部署的工具

例如要實現(xiàn)一個Web微服務(wù)項目，除了Web服務(wù)容器本身，往往還需要再加上后端的數(shù)據(jù)庫mysql服務(wù)容器，redis服務(wù)器，注冊中心eureka，甚至還包括負(fù)載均衡容器等等。

Compose允許用戶通過一個單獨(dú)的docker-compose.yml模板文件（YAML 格式）來定義一組相關(guān)聯(lián)的應(yīng)用容器為一個項目（project）。

可以很容易地用一個配置文件定義一個多容器的應(yīng)用，然后使用一條指令安裝這個應(yīng)用的所有依賴，完成構(gòu)建。Docker-Compose 解決了容器與容器之間如何管理編排的問題。

12.3 Docker-Compose安裝

Docker-Compose官網(wǎng)：https://docs.docker.com/desktop/

(注意：新版docker自動安裝了compose，直接輸入下面的命令查看：)

docker compose version

12.4 Docker-Compose常用命令

12.5 Docker-Compose核心概念

12.6 Docker-Compose使用步驟

編寫Dockerfile定義各個微服務(wù)應(yīng)用并構(gòu)建出對應(yīng)的鏡像文件使用 docker-compose.yml 定義一個完整業(yè)務(wù)單元，安排好整體應(yīng)用中的各個容器服務(wù)。最后，執(zhí)行docker-compose up命令 來啟動并運(yùn)行整個應(yīng)用程序，完成一鍵部署上線

12.7 使用Compose部署springboot項目

以瑞吉外賣項目（優(yōu)化版）為例：包含主從mysql以及redis

見十四章

十三、Docker輕量級可視化工具Protainer

13.1 Protainer含義

Portainer 是一款輕量級的應(yīng)用，它提供了圖形化界面，用于方便地管理Docker環(huán)境，包括單機(jī)環(huán)境和集群環(huán)境。

13.2 Protainer安裝

官網(wǎng)：https://www.portainer.io/

第一步：拉取portainer

docker pull portainer/portainer

第二步：根據(jù)portainer鏡像創(chuàng)建容器實例

docker run -d -p 9000:9000 --name portainer \

--restart=always \

-v /var/run/docker.sock:/var/run/docker.sock \

-v /www/portainer/data:/data \

-d portainer/portainer

第三步：訪問宿主機(jī)ip加protainer端口號

設(shè)置賬號和密碼：admin Gq333888

13.3 Protainer中安裝nginx

十四、部署springboot超詳細(xì)步驟

14.1 例子1：主從Mysql+redis

以瑞吉外賣項目（優(yōu)化版）為例：包含主從mysql以及redis

14.1.1 觀察項目的application.yml文件

觀察項目的application.yml文件，查看需要配置哪些鏡像

發(fā)現(xiàn)：需要配置兩個mysql（主從復(fù)制），以及一個redis

兩個mysql(主從復(fù)制的)：

具體構(gòu)造：見八、搭建Mysql主從復(fù)制

一個redis：

具體構(gòu)造見：7.3 Redis

14.1.2 搭建Mysql主從以及redis

搭建Mysql主從：見八、搭建Mysql主從復(fù)制 搭建Redis見：7.3 Redis

14.1.3 打包springboot項目為鏡像并且啟動容器

14.1.3.1 方式一：基于idea一鍵打包（推薦）

開啟docker遠(yuǎn)程連接：

vim /usr/lib/systemd/system/docker.service

添加如下內(nèi)容：

-H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375

刷新：

#重新加載配置文件

systemctl daemon-reload

#重啟服務(wù)

systemctl restart docker.service

#查看端口是否開啟

netstat -nlpt

#如果找不到netstat命令，可進(jìn)行安裝。

yum install net-tools

#直接curl看是否生效

curl http://127.0.0.1:2375/info

idea下載docker插件：

3、配置Docker信息

4、打開pom.xml添加Docker插件

gq

org.springframework.boot

spring-boot-maven-plugin

2.6.6

com.spotify

docker-maven-plugin

1.0.0

http://192.168.10.100:2375

${docker.image.prefix}/${project.artifactId}

${project.version}

java

gaoqiang gaoqiangmath@163.com

/ROOT

["java", "-version"]

["java", "-jar", "${project.build.finalName}.jar"]

/ROOT

${project.build.directory}

${project.build.finalName}.jar

5、對項目進(jìn)行 打包。并構(gòu)建鏡像到Docker 上。

（每次修改了代碼后，想要再次打包，僅需要調(diào)整pom中version 即可，然后再次打包）

mvn clean package docker:build

查看鏡像是否打包成功：

啟動容器：

docker run -it --name=reggie_take_out gq/reggie_take_out:1.0-SANPSHOT

14.1.3.2 方式二：手動打包(不推薦)

手動打包也即：將springboot項目打包成jar包，放入到linux主機(jī)指定目錄內(nèi)，然后手動編輯Dockerfile，打包成鏡像：

第一步：打包jar包

第二步：將此jar包導(dǎo)入到服務(wù)器（linux主機(jī)）

將此jar包導(dǎo)入到服務(wù)器（linux主機(jī)）任意目錄下，這里我導(dǎo)入到了/usr/local/jar/reggie目錄下

在此目錄下，新建Dokcerfile文件。任意命名為：reggie_dockerfile，編輯：

#基礎(chǔ)鏡像使用java

FROM java:8

# 作者

MAINTAINER gq

# 將jar包添加到容器/ROOT目錄下

ADD reggie_take_out-2.0-SNAPSHOT.jar /ROOT/reggie_take_out-2.0-SNAPSHOT.jar

#設(shè)定工作目錄為ROOT下

WORKDIR /ROOT

# 運(yùn)行jar包

ENTRYPOINT ["java","-jar","/reggie_take_out-2.0-SNAPSHOT.jar"]

CMD ["java", "-version"]

#暴露8080端口作為微服務(wù)

EXPOSE 8080

第三步：打包

#命令格式

docker build -f 腳本文件名（默認(rèn)dockerfile可以省略） -t 鏡像名字 .（表示當(dāng)前路徑）

實際命令：

#命令格式

docker build -f reggie_dockerfile -t reggie:2.0

最后輸入docker images 發(fā)現(xiàn)鏡像打包成功

啟動容器：

docker run -it --name=reggie_takeout 鏡像id

柚子快報激活碼778899分享：容器 運(yùn)維 Docker

http://yzkb.51969.com/

推薦鏈接