docker对已经启动的容器添加目录映射(挂载目录)

查看某个容器的详细信息
docker inspect 657f23bba0c6
进入默认容器的配置文件目录
- cd /var/lib/docker/containers/657f23bba0c6ddc002c0b2f57c23edd36be742f9777f5ed9b755538085c419b0
我们将要修改的文件就是config.v2.json和hostconfig.json
修改config.v2.json
调出冒号命令,输入如下(这里注意,shift+:),%!python -m json.tool
====================================
- "MountPoints": {
- ...,
- "/data/rsync": {
- "Destination": "/data/rsync",
- "Driver": "",
- "Name": "",
- "Propagation": "rprivate",
- "RW": true,
- "SkipMountpointCreation": false,
- "Source": "/data/apps/rsync",
- "Spec": {
- "Source": "/data/apps/rsync",
- "Target": "/data/rsync",
- "Type": "bind"
- },
- "Type": "bind"
- }
- }
修改hostconfig.json
调出冒号命令,输入如下(这里注意,shift+:),%!python -m json.tool
- "AutoRemove": false,
- "Binds": [
- "/data/apps/nginx/htdocs:/data/nginx/htdocs",
- "/data/apps/redis/htdocs:/data/redis/htdocs",
- "/data/apps/nodejs/htdocs/nest/other:/data/nodejs/htdocs/nest/other",
- "/data/apps/nodejs/htdocs/nest/do_nest/public/www:/data/nodejs/htdocs/nest/do_nest/public/www",
- "/data/apps/nodejs/htdocs/nest/KTM/dist:/data/nodejs/htdocs/nest/KTM/dist",
- "/data/apps/nodejs/htdocs/nest/KTM/public:/data/nodejs/htdocs/nest/KTM/public",
- "/data/apps/rsync:/data/rsync"
- ],
先关闭docker服务
- systemctl start docker
- systemctl stop docker
- systemctl stop docker.socket
- systemctl enable docker.service
rsync 常用的同步命令

- ### 由本地向服务器推送
- rsync -avz --port=8730 dist.tar.gz liuxinxiu@127.0.0.1::test
- rsync -avzP --port=8730 dist.tar.gz dynamicAssets.json jenkins@172.16.207.22::work-litigation
- ### 由服务器向本地下载
- rsync -avz liuxinxiu@127.0.0.1::test /test/111
- rsync -avz jenkins@172.16.207.22::work-litigation /var/www/html/mirrors/frontend/injured/work-litigation
- ### 创建软连接(前边是存储源——后边是软链接)
- ln -s /data/apps/rsync/www/release /data/apps/nginx/htdocs/release
以下是具体是例子:
- ### 由本地向服务器推送
- cd /data/apps/nginx/htdocs/$projectPath/upload
- rsync -avzP --port=8730 dist.tar.gz dynamicAssets.json jenkins@172.16.207.22::$las_dir
- ### 由本地向服务器推送
- cd /data/apps/nginx/htdocs/$projectPath/upload
- rsync -avzP --port=8730 dist.tar.gz dynamicAssets.json jenkins@172.16.207.22::release/$projectPath &&
- cd /data/apps/rsync/www/release/$lat_dir &&
- scp -r $pat_dir root@10.10.9.99:/var/www/html/mirrors/frontend/$pat_dir &&
- curl http://10.10.9.99/frontend/$projectPath
mysql 新建用户并授权 & 更新用户密码

- insert into mysql.user(Host,User,Password) values ("%","admin",password("cnmo"));
- CREATE USER 'admin'@'localhost' IDENTIFIED BY 'cnmo';
- GRANT privileges ON *.* TO 'admin'@'localhost';
- GRANT ALL privileges on *.* to 'admin'@'localhost' identified by 'cnmo';
- FLUSH PRIVILEGES;
更新用户密码
- use mysql # 连接权限数据库
- update user set password=password('521') where user='root' and host='localhost'; # 改密码
- flush privileges; # 刷新权限
[MySQL] 注意MySQL5.1不支持utf8mb4 Error 1115: Unknown character set: 'utf8mb4'

MYSQL5.5支持utf8mb4,MYSQL5.1并不支持“utf8mb4”。
当连接数据库时 , 如果指定了utf8mb4 , 那么会出现的错误代码为:
Error 1115: Unknown character set: 'utf8mb4'
会出现utf8mb4不兼容的情况。
所以如果想使用utf8mb4存储表情emoji字符 , 请尽快升级
[Linux] 解决secureCRT 登录 Rocky Linux 9.1 报错 No compatible hostkey. The server supports these methods: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519

- Key exchange failed. No compatible key exchange method. The server supports these methods: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
- No compatible hostkey. The server supports these methods: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
1、通过web管理终端登录系统
编辑/etc/ssh/sshd_config
在最下面新增
- KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org
Rocky Linux-8.6 Docker安装

- yum install -y yum-utils device-mapper-persistent-data lvm2
- yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
- yum install docker-ce -y --allowerasing
- systemctl start docker
- systemctl enable docker
Nodejs搭建简单的websocket服务

一款移动端页面自适应布局解决方案

安装命令:npm install flexlibs -D
===============
以Vue3.0 为例,在mian.js中引入:
- // 设自适应插件库
- import 'flexible'
安装docker成功后,启动docker报错,解决方法

安装了docker 因服务器从公网(192.168.50.60)机房迁移到内网(192.168.190.60),更改了IP地址,环境就运行不起来了~
启动docker后执行 systemctl status docker 出现了异常,具体如下:
[root@joinApp2 ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Thu 2016-02-25 17:26:11 CST; 16s ago
Docs:
http://docs.docker.com Process: 16384 ExecStart=/usr/bin/docker daemon $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY (code=exited, status=1/FAILURE)
Main PID: 16384 (code=exited, status=1/FAILURE)
Feb 25 17:26:10 joinApp2 systemd[1]: Failed to start Docker Application Container Engine.
Feb 25 17:26:10 joinApp2 systemd[1]: Unit docker.service entered failed state.
Feb 25 17:26:10 joinApp2 systemd[1]: docker.service failed.
Feb 25 17:26:11 joinApp2 systemd[1]: docker.service holdoff time over, scheduling restart.
Feb 25 17:26:11 joinApp2 systemd[1]: start request repeated too quickly for docker.service
Feb 25 17:26:11 joinApp2 systemd[1]: Failed to start Docker Application Container Engine.
Feb 25 17:26:11 joinApp2 systemd[1]: Unit docker.service entered failed state.
Feb 25 17:26:11 joinApp2 systemd[1]: docker.service failed.
当时问题没解决搁置了。
今天重新google , 解决了问题,现在贴下解决办法
vi /etc/sysconfig/selinux
把selinux后面的改为disabled,重启一波机器,再重启docker就可以了
解决方法二:
===================
CentOS简单配置防御ddos攻击

DDOS这种攻击的目的就是在短时间内制造数量巨大的并发连接,从而使用服务器down机或消耗掉网络带宽和系统资源导致正常用户无法正常访问浏览网站。
DoS Deflate 是一个轻量级阻止拒绝服务攻击的bash shell脚本。我们可以通过安装他并且简单配置来防御DDOS攻击。
首先安装命令:
- wget http://www.inetbase.com/scripts/ddos/install.sh
- chmod 700 install.sh
- ./install.sh
然后会自动进行安装,完成后会有一段版权提示与说明,按q键退出即可。
卸载命令:
- wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
- chmod 700 uninstall.ddos
- ./uninstall.ddos
安装完成之后就可以通过简单配置来进行DDOS防御,我是用的是CentOS7操作系统配置文件目录是/usr/local/ddos/ddos.conf
或者也可以通过命令更改 vi /usr/local/ddos/ddos.conf 编辑完成后:wq保存退出
下面介绍一下ddos.conf的基本配置#为注释部分不用理会关键配置项有:
- PROGDIR="/usr/local/ddos" #文件存放目录
- PROG="/usr/local/ddos/ddos.sh" #主要功能脚本
- IGNORE_IP_LIST="/usr/local/ddos/ignore.ip.list" #可以设置IP白名单
- CRON="/etc/cron.d/ddos.cron" #crond定时任务脚本
- APF="/etc/apf/apf" #这两项应该分别对应使用APF或者iptables配置目录不过笔者
- IPT="/sbin/iptables" #尝试打开文件里边是乱码,有哪位大牛知道是干嘛的欢迎留言
- FREQ=1 #间隔多久检查一次,默认1分钟
- NO_OF_CONNECTIONS=150 #最大连接数设置,超过这个数字的IP就会被屏蔽
- APF_BAN=0 #1:使用APF,0:使用iptables,推荐使用iptables
- KILL=1 #是否屏蔽IP 1:屏蔽,0:不屏蔽
- EMAIL_TO="root" #发送电子邮件报警的邮箱地址,换成自己使用的邮箱
- BAN_PERIOD=600 #禁用IP时间,可根据情况调整,默认单位:秒
如果/usr/local/ddos/ddos.sh 统计不正确,可能是启用ipv6的缘故
vi /usr/local/ddos/ddos.sh 修改/usr/local/ddos/ddos.sh
117行的内容是这样的netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr > $BAD_IP_LIST
修改为以下代码即可!
- netstat -ntu | awk '{print $5}' | cut -d: -f1 | sed -n '/[0-9]/p' | sort | uniq -c | sort -nr > $BAD_IP_LIST
CentOS7默认为Firewall为了配合使用DoS Deflate建议停用Firewall启用iptables,不会用iptables的朋友,百度一下有很多