针对部分难题解答
镜像源
懒癌患者linuxmirror 脚本
https://linuxmirrors.cn/
1
| bash <(curl -sSL https://linuxmirrors.cn/main.sh)
|
MirrorZ Project
https://help.mirrors.cernet.edu.cn/
华为云
https://mirrors.huaweicloud.com/home
阿里云
https://developer.aliyun.com/mirror/
南京大学
https://mirrors.nju.edu.cn/
修改源的系统与方式
RHEL Rocky
debian Ubuntu
OpenWrt
找到/etc/opkg/distfeeds.conf并将里面内容修改为(例子为x86系统)
1 2 3 4 5 6
| src/gz openwrt_core https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/targets/x86/generic/packages src/gz openwrt_base https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/packages/i386_pentium4/base src/gz openwrt_luci https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/packages/i386_pentium4/luci src/gz openwrt_packages https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/packages/i386_pentium4/packages src/gz openwrt_routing https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/packages/i386_pentium4/routing src/gz openwrt_telephony https://mirrors.ustc.edu.cn/openwrt/releases/23.05.2/packages/i386_pentium4/telephony
|
Proxmox VE
根据网页版Repositories提示的文件位置修改:
/etc/apt/sources.list
/etc/apt/sources.list.d/ceph.list
/etc/apt/sources.list.d/pve-no-subscription.list
默认的debian系可以改成华为云、其他任意公有云、学校等源。
1 2 3 4 5
| # ceph源可使用中科大(清华没有) https://mirrors.ustc.edu.cn/proxmox/debian/ceph-quincy bookworm no-subscription
# pve no subscription源: https://mirrors.tuna.tsinghua.edu.cn/proxmox/debian/pve bookworm no-subscription
|
Docker
登录阿里云镜像加速 来获取你的镜像加速地址
只添加阿里源:
1 2 3 4 5 6 7 8
| sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://example.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
|
全部源添加:
查看是否有这个文件:/etc/docker/daemon.json
没有的话,就直接sudo nano新增
1 2 3 4 5 6 7
| { "registry-mirrors": [ "https://example.mirror.aliyuncs.com", "https://hub-mirror.c.163.com", "https://mirror.baidubce.com" ] }
|
如果本身已有daemon.json,则应该如下示例
1 2 3 4 5 6 7 8 9 10 11 12
| { "log-opts": { "max-size": "5m", "max-file":"3" }, "exec-opts": ["native.cgroupdriver=systemd"], "registry-mirrors":[ "https://qwe67a1n.mirror.aliyuncs.com", "https://hub-mirror.c.163.com", "https://mirror.baidubce.com" ] }
|
之后重新启动服务。
1 2
| sudo systemctl daemon-reload sudo systemctl restart docker
|
检查加速器是否生效
执行 $ docker info,(如果Docker还未配置用户,则需要用sudo) 如果从结果中看到了如下内容,说明配置成功。
1 2
| Registry Mirrors: https://hub-mirror.c.163.com/
|
自建Docker镜像站
自2024年6月起,中国将不会有Docker镜像站。下面我教大家如何制作Docker 镜像站。
GitHub DockerProxy
因为我们将复用已有的服务器,服务器本身搭建了1panel,故以此为例。
先根据官方教程,下载docker-compose.yml和config下的5个yml。
然后我将这几个yml文件放置到/opt/1panel/apps/DockerProxy文件夹内。
因为我们使用的docker-compose.yml默认是自动创建新的网络下,我们需要修改一下。
1 2 3 4 5 6 7 8
| ... ...
networks: registry-net:
name: 1panel-network external: true
|
当然,你也可以将regisry-net整个这个文件存在的这个变量名字改为1panel-network然后再加上name和external
随后cd到该目录后,
即可。
配置nginx反向代理
我们知道她会使用50000、51000、52000、53000、54000和55000端口。
将我们本身已经部署好的openrestry新建一个反向代理,并把网站代号命名为DockerProxy。
主域名是ui.example.com,其他域名将gcr.example.com,hub.example.com等全部加上。
然后到证书里,使用HTTP的方式更新证书。
默认证书会保存在/www/sites/DockerProxy/ssl/里。
可以先在网站上启用HTTPS,这样可以查看目前的配置是什么,也就可以参考。
以下就是我的nginx conf配置文件:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209
|
server { listen 80; listen 443 ssl;
server_name ui.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k;
proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:50000; proxy_set_header Host $host; proxy_set_header Origin $scheme://$host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Host $host; } }
server { listen 80; listen 443 ssl;
server_name hub.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k;
proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:51000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }
server { listen 80; listen 443 ssl;
server_name ghcr.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k;
proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:52000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }
server { listen 80; listen 443 ssl;
server_name gcr.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:53000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }
server { listen 80; listen 443 ssl;
server_name k8s-gcr.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:54000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }
server { listen 80; listen 443 ssl;
server_name quay.example.com; ssl_certificate /www/sites/DockerProxy/ssl/fullchain.pem; ssl_certificate_key /www/sites/DockerProxy/ssl/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_buffer_size 8k; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600;
location / { proxy_pass http://localhost:55000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Nginx-Proxy true; proxy_buffering off; proxy_redirect off; } }
|
这个时候已经可以使用了。
友情提示:如果使用docker pull的方式, 当遇到例如nginx 像docker pull nginx:latest的话,要变成docker pull hub.example.com/library/nginx:latest
也就是加了library,而遇到其他例如docker pull openresty/openresty 则不需要加。docker pull hub.example.com/openresty/openresty
使用对象存储挂载缓存