insight docker-compose方式部署 - 《Linux》

1、下载相关镜像
2、docker-compose启动命令
安装docker&kubelet
3、yaml配置文件如下
- 创建docker-containers文件夹
- 分别进入对应文件夹，新建yaml文件
4、下载insight代码,并启动容器
- 启动vulpm容器
文件目录配置

1、下载相关镜像

docker pull mysql:5.7.13
docker pull daocloud.io/liusheng/vulpm_docker:latest

2、docker-compose启动命令

服务器及组件配置如下：

主机名	IP	配置	备注
wt2-worker05	192.168.2.38	4c+16G+200g	CentOS Linux release 7.6.1810 (Core)

docker&kubelet 版本

[albertzd@wt2-worker05 vulpm]$ docker --version
Docker version 18.09.3, build 774a1f4
[albertzd@wt2-worker05 vulpm]$
[albertzd@wt2-worker05 vulpm]$ kubelet --version
Kubernetes v1.11.8
[albertzd@wt2-worker05 mysql-5.7]$ docker-compose --version
docker-compose version 1.23.2, build 1110ad0
[albertzd@wt2-worker05 mysql-5.7]$ docker version
Client:
 Version:           18.09.3
 API version:       1.39
 Go version:        go1.10.8
 Git commit:        774a1f4
 Built:             Thu Feb 28 06:33:21 2019
 OS/Arch:           linux/amd64
 Experimental:      false
Server: Docker Engine - Community
 Engine:
  Version:          18.09.3
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.8
  Git commit:       774a1f4
  Built:            Thu Feb 28 06:02:24 2019
  OS/Arch:          linux/amd64
  Experimental:     false
[albertzd@wt2-worker05 vulpm]$ kubectl version
Client Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.8", GitCommit:"4e209c9383fa00631d124c8adcc011d617339b3c", GitTreeState:"clean", BuildDate:"2019-02-28T18:49:34Z", GoVersion:"go1.10.8", Compiler:"gc", Platform:"linux/amd64"}
Error from server (NotFound): the server could not find the requested resource
[albertzd@wt2-worker05 vulpm]$ id albertzd
uid=2009(albertzd) gid=2000(skydong-admins) 组=2000(skydong-admins),2001(skydong-users),995(docker)

yum源配置

epel.repo

cat /etc/yum.repos.d/epel.repo
[epel]
baseurl = http://mirrors.aliyun.com/epel/7/$basearch
enabled = 1
gpgcheck = 1
gpgkey = http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
name = Extra Packages for Enterprise Linux 7 - $basearch
[epel-debuginfo]
baseurl = http://mirrors.aliyun.com/epel/7/$basearch/debug
enabled = 0
gpgcheck = 1
gpgkey = http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
name = Extra Packages for Enterprise Linux 7 - $basearch - Debug
[epel-source]
baseurl = http://mirrors.aliyun.com/epel/7/SRPMS
enabled = 0
gpgcheck = 1
gpgkey = http://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-7
name = Extra Packages for Enterprise Linux 7 - $basearch - Source

docker.repo

cat /etc/yum.repos.d/docker.repo
[docker]
baseurl = https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable
enabled = 1
gpgcheck = 1
gpgkey = https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
name = Docker CE Stable - $basearch

kubernetes.repo

cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
baseurl = https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled = 1
gpgcheck = 1
gpgkey = https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
name = Kubernetes

yum源替换之后,执行更新以下命令

yum clean all 
yum makecache
# yum update -y   //根据需要执行

安装docker&kubelet

先卸载旧版本docker 
rpm -qa|grep docker
yum remove -y docker-1.13.1  docker-client-1.13.1  docker-common

### 安装docker
yum install -y docker-ce bash-completion  bind-utils glances ncurses-5.9-14 stress vim cloud-utils-growpart  iotop htop iftop mtr epel-release
### 安装kubelet
yum install kubelet-1.11.8 vim kubectl-1.11.8 kubeadm-1.11.8 kubernetes-cni-0.6.0 conntrack-tools device-mapper-persistent-data ipvsadm
yum list installed | grep docker

### 先进入对应目录
docker-compose up -d 
docker-compose ps //查看状态
docker-compose stop //停止容器

3、yaml配置文件如下

创建docker-containers文件夹

mkdir /data/docker-containers/insight -p 
mkdir /data/docker-containers/insight/{vulpm,mysql-5.7} -p

分别进入对应文件夹，新建yaml文件

[root@wt2-worker05 insight]# cat mysql-5.7/docker-compose.yaml
version: "2"
services:
  mysql:
    image: mysql:5.7.13
    environment:
      MYSQL_ROOT_PASSWORD: root
#      MYSQL_ROOT_PASSWORD: olapdbROOpwdT
    volumes:
#      - /data-mysql/olapdb-mysql/:/var/lib/mysql
#      - ./mysql-conf:/etc/mysql
      - /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime
    ports:
      - "6606:3306"
    container_name: mysql1
    network_mode: bridge

[root@wt2-worker05 insight]# cat vulpm/docker-compose.yaml
version: "2"
services:
  vulpm:
    image: daocloud.io/liusheng/vulpm_docker:latest
    environment:
      DEV_DATABASE_URL: 'mysql://vuluser:vulpassword@db/vuldb'
      SrcPM_CONFIG: development
#      MAIL_PASSWORD='xxxxxx'
#      MYSQL_ROOT_PASSWORD: root
#      MYSQL_ROOT_PASSWORD: olabdpROOpwdT
    volumes:
#      - /data-mysql/olapdb-mysql/:/var/lib/mysql
#      - ./mysql-conf:/etc/mysql
      - ./srcpm:/opt/webapp/srcpm
      - /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime
#    net: mysql:5.7.13
#    links:
#      - mysql5.7
#      - mysql5.7:database
#
#    extra_hosts:
#       - "mysql:192.168.1.20"
    external_links:
       - "mysql1"
    container_name: "vulpm1"
    network_mode: "bridge"
#    restart: always
    dns:
      - "223.5.5.5"
      - "9.9.9.9"
#    expose:
#      - "3306"
    ports:
      - "9000:5000"
    command: bash -c "supervisord -c srcpm/supervisor.conf && supervisorctl -c srcpm/supervisor.conf start all && tail -f srcpm/log/gunicorn.err && tail -f srcpm/log/mail_sender.err"

4、下载insight代码,并启动容器


cd  /data/docker-containers/insight/vulpm
git clone https://github.com/creditease-sec/insight.git && mv insight insight-git && cp insight-git/srcpm ./ -frp

启动vulpm容器

cd  /data/docker-containers/insight/vulpm
docker-compose up -d  //启动容器

文件目录配置

屏幕快照 2019-06-13 上午12.04.22.png

https://github.com/creditease-sec/insight/blob/open-source/docs/install.md