1.前言
本次安装是基于操作系统为ky10版本、cpu为采用aarch64架构的Kunpeng-920芯片;采用docker部署安装,安装系统有mysql8版本、redis3.2.10版、kkfileview三种服务,其中mysql与kkfileview均需要满足aarch64架构,安装过程如有问题建议先看第4部分注意与小结,若未能解决在建议百度。
2.安装环境
使用 uname -a :显示系统名、节点名称、操作系统的发行版号、内核版本等等。
lscpu此命令用来显示cpu的相关信息,lscpu从sysfs和/proc/cpuinfo收集cpu体系结构信息,命令的输出比较易读,命令输出的信息包含cpu数量,线程,核数,套接字和Nom-Uniform Memeor Access(NUMA),缓存等 。不是所有的列都支持所有的架构,如果指定了不支持的列,那么lscpu将打印列,但不显示数据。
[root@localhost ~]# uname -a
Linux localhost.localdomain 4.19.90-23.8.v2101.ky10.aarch64 #1 SMP Mon May 17 17:07:38 CST 2021 aarch64 aarch64 aarch64 GNU/Linux
[root@localhost ~]# lscpu
架构: aarch64
CPU 运行模式: 64-bit
字节序: Little Endian
CPU: 96
在线 CPU 列表: 0-95
每个核的线程数: 1
每个座的核数: 48
座: 2
NUMA 节点: 4
厂商 ID: HiSilicon
型号: 0
型号名称: Kunpeng-920
步进: 0x1
CPU 最大 MHz: 2600.0000
CPU 最小 MHz: 200.0000
BogoMIPS: 200.00
L1d 缓存: 6 MiB
L1i 缓存: 6 MiB
L2 缓存: 48 MiB
L3 缓存: 96 MiB
NUMA 节点0 CPU: 0-23
NUMA 节点1 CPU: 24-47
NUMA 节点2 CPU: 48-71
NUMA 节点3 CPU: 72-95
Vulnerability Itlb multihit: Not affected
Vulnerability L1tf: Not affected
Vulnerability Mds: Not affected
Vulnerability Meltdown: Not affected
Vulnerability Spec store bypass: Not affected
Vulnerability Spectre v1: Mitigation; __user pointer sanitization
Vulnerability Spectre v2: Not affected
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
标记: fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm jscvt fcma dcpop asimddp a
simdfhm
2.1确认安装条件
出来以上命令看操作系统与内核版本外,还有如下命令;本次安装的主要环境及要求是以下三类。
64位的操作系统
uname -p
aarch64Linux 内核版本 ≥ 3.10
uname -r
4.19.90-17.ky10.aarch64iptables 版本 ≥ 1.4
iptables --version
iptables v1.8.1 (legacy)3.安装
完成以上步骤后进入安装,根据系统环境选择对应版本。演示为有网络环境
3.1安装Docker-ce
- 选择并下载 docker-ce 二进制包文件
官网下载地址:Index of linux/static/stable/aarch64/ (docker.com)
阿里云下载地址:docker-ce-linux-static-stable-aarch64安装包下载_开源镜像站-阿里云 (aliyun.com)
wget https://download.docker.com/linux/static/stable/aarch64/docker-20.10.7.tgz
- 解压下载好的压缩包
tar -zxvf docker-20.10.7.tgz
- 移动解压出来的二进制文件到 /usr/bin 目录中
mv docker/* /usr/bin/
- 测试启动
dockerd
出现 - 添加 systemd
添加 docker 的 systemd 服务脚本至 /usr/lib/systemd/system/
脚本参考自 https://github.com/docker/docker-ce
vim /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket containerd.service
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500
[Install]
WantedBy=multi-user.target- 根据 docker.service 中 Unit.After 需求添加 docker.socket 脚本至 /usr/lib/systemd/system/
脚本参考自 https://github.com/docker/docker-ce
vim /usr/lib/systemd/system/docker.socket
[Unit]
Description=Docker Socket for the API
[Socket]
# If /var/run is not implemented as a symlink to /run, you may need to
# specify ListenStream=/var/run/docker.sock instead.
ListenStream=/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target注意:如果缺少该文件,启动 docker 时会报如下错误:
# systemctl start docker
Failed to start docker.service: Unit docker.socket not found.- 根据 docker.service 中 Unit.After 需求添加 containerd.service 脚本至 /usr/lib/systemd/system/
脚本参考自 https://github.com/containerd/containerd
vim /usr/lib/systemd/system/containerd.service
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target注意:如果缺少该文件,启动 docker 时会报如下错误:
# systemctl restart docker
Failed to restart docker.service: Unit containerd.service not found.- 重载 systemd 配置文件
systemctl daemon-reload- 创建 docker 组
groupadd docker如不创建 docker 组在通过 systemctl 启动时会报错如下
Dependency failed for Docker Application Container Engine.
Job docker.service/start failed with result 'dependency'.- 启动 docker 服务
systemctl start docker
systemctl enable docker- 修改 docker 配置文件并查看安装好的 docker 基本信息
在 /etc/docker/daemon.json 中添加如下内容:
vim /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"exec-opts": [
"native.cgroupdriver=systemd"
],
"registry-mirrors": [
"https://t5t8q6wn.mirror.aliyuncs.com"
],
"bip": "172.8.94.1/24"
}重启 docker 服务
systemctl restart docker查看 docker info
出现如下信息,即为成功
Client:
Context: default
Debug Mode: false
Server:
Containers: 3
Running: 3
Paused: 0
Stopped: 0
Images: 3
Server Version: 20.10.7
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 1
....出现
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info则为失败,失败请仔细检查以上步骤。
3.2安装mysql
3.2.1 拉取镜像
docker pull --platform=arm64 mysql/mysql-server
3.2.2 run镜像,创建容器
docker run -it --name 容器名 mysql-server
3.2.3 获取临时密码
docker logs 容器名 2>&1 | grep GENERATED
3.2.4 进入容器
进入容器 docker exec -it 容器名
3.2.5 进入SQL,修改密码远程权限
- 进入SQL mysql -uroot -p
然后输入3.2.3获取的临时密码 - 使用 mysql库 ,修改密码:
use mysql
8.0.11以下:
update user set authentication_string=password("你的密码") where user="root"; ,
8.0.11以上:
update user set plugin="mysql_native_password";
alter user 'root'@'localhost' identified with mysql_native_password by '你的密码';其他命令修改密码
1. ALTER USER 'root'@'%' IDENTIFIED BY 'mysql1024.' PASSWORD EXPIRE NEVER;
2. ALTER USER 'root'@'localhost' IDENTIFIED BY 'mysql1024.';3.查看用户表 :
SELECT `Host`,`User` FROM user;4.更新用户表(远程连接需要允许host) :
UPDATE user SET `Host` = '%' WHERE `User` = 'root' LIMIT 1;5.强制刷新权限 :
flush privileges;完成以上步骤即可远程连接数据库了,上边关键的一句是
UPDATE user SET Host = ‘%’ WHERE User = ‘root’ LIMIT 1;
其中%的意思是允许所有的ip远程访问,如果需要指定具体的某个ip就写上具体的ip即可。
连接工具即可成功
3.3安装kkFileView
安装kkFileView比较简单,最主要就是找到适配的镜像
3.3.1 拉取镜像
docker pull registry.cn-hangzhou.aliyuncs.com/xmod/kkfileview:4.3.0 --platform linux/arm643.3.2 运行镜像
docker run -it -p 8012:8012 registry.cn-hangzhou.aliyuncs.com/xmod/kkfileview浏览器访问容器8012端口(http://xxx.xxx.xxx.xxx:8012 )即可看到项目演示用首页
3.3.3实现预览
http://xxx.xxx.xxx.xxx:8012/onlinePreview?url=’+encodeURIComponent(文件路径Url);
3.4 安装Redis
3.4.1拉取redis镜像
因为我这边指定的是3.2.10版本
docker pull redis:3.2.10查看镜像
docker images
3.4.2 Redis相关配置
创建挂载目录以及获取redis.conf配置文件
1. 创建挂载目录
mkdir -p /docker/redis
mkdir -p /docker/redis/data
2. 进入挂载目录
cd /docker/redis
3. 下载 redis.conf 文件
wget http://download.redis.io/redis-stable/redis.conf
4. 更改 redis.conf 文件的权限
chmod 777 redis.conf修改默认的redis.conf配置文件
vi redis.conf
# 这行要注释掉,解除本地连接限制
bind 127.0.0.1 --> 需要注释掉
# 保护模式是一层安全保护,以避免在互联网上打开的 Redis 实例被访问和利用。
# 当保护模式打开并且默认用户没有密码时,服务器仅允许在本机的回环连接,其他机器无法连接。
# 默认为 yes,在生产环境下一般设置为 no,这样可以避免客户端连接时出现超时或连接不上的情况。
protected-mode no
# 默认 no 为不守护进程模式,docker 部署不需要改为 yes,docker run -d 本身就是后台启动,不然会冲突
daemonize no
# 设置密码
requirepass 123456
# 持久化
appendonly yes3.4.3 运行redis镜像,创建容器
docker run --name redis -p 6379:6379 \
-v /docker/redis/redis.conf:/etc/redis/redis.conf \
-v /docker/redis/data:/data \
-d redis:3.2.10 \
redis-server /etc/redis/redis.conf \
--appendonly yes要是配置文件忘记设置密码了,也可以加上 --requirepass 你的密码,来设置
3.4.4 查看运行状态
docker ps
或者
docker ps -a
当ports有对应端口号时则显示成功
使用RESP等工具也可以连接
若出现问题,可以查看容器运行日志
docker logs redis4.注意事项与小结
4.1 mysql
本次安装下载的mysql是默认版本,是最新的。aarch64的mysql包官方只提供8的,5版本的要自己去找,我上次安装过一次,但出差没带那个u盘回去了补上。
4.2 kkfileview
查到的两个镜像都下不下来,不知道咋回事,有知道的大佬可以科普一下。
4.3 Redis
在第二步相关文件的配置时有个一小坑,redis的配置文件要和版本相适应 我是在这个链接里下的我对应版本的安装包,从里面单独拿出的conf文件修改之后上传到对应目录下Index of /releases/ (redis.io) 以上程序都开启了守护式容器,若是自己需启动jar包则不能只使用 java -jar xxx.jar 要替换为 nohup java -jar xxx.jar &
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
