不明所以
一、数据源配置
yaml
# Spring配置
spring:
# 数据源配置
datasource:
type: com.alibaba.druid.pool.DruidDataSource
driverClassName: com.mysql.cj.jdbc.Driver
druid:
# 主库数据源
master:
url: jdbc:mysql://kms-mysql:${DB_PORT:3306}/skms-guoke?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=Asia/Shanghai
username: root
password: ${DB_PASSWORD}
# 初始连接数
initialSize: 5
# 最小连接池数量
minIdle: 10
# 最大连接池数量
maxActive: 20
# 配置获取连接等待超时的时间
maxWait: 60000
# 配置间隔多久才进行一次检测,检测需要关闭的空闲连接,单位是毫秒
timeBetweenEvictionRunsMillis: 60000
# 配置一个连接在池中最小生存的时间,单位是毫秒
minEvictableIdleTimeMillis: 300000
# 配置一个连接在池中最大生存的时间,单位是毫秒
maxEvictableIdleTimeMillis: 900000
# 配置检测连接是否有效
validationQuery: SELECT 1 FROM DUAL
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
webStatFilter:
enabled: true
filter:
stat:
enabled: true
# 慢SQL记录
log-slow-sql: true
slow-sql-millis: 1000
merge-sql: true
wall:
config:
multi-statement-allow: true二、docker-compose.yml
yaml
version: '3'
services:
kms-mysql:
container_name: kms-mysql
image: mariadb:10.4
privileged: true
environment:
- TZ=Asia/Shanghai
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-123456}
- MYSQL_ROOT_HOST=%
- MYSQL_DATABASE=skms-guoke
ports:
- 3306:3306
volumes:
- ./mysql/config/my.cnf:/etc/mysql/conf.d/my.cnf
- ./mysql/db/:/docker-entrypoint-initdb.d/
- ./mysql/data/:/var/lib/mysql/
- ./mysql/log/:/var/log/mysql/
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
- --lower-case-table-names=1
deploy:
resources:
limits:
memory: 1G
restart: always
kms-redis:
container_name: kms-redis
image: redis
ports:
- 6379:6379
environment:
- TZ=Asia/Shanghai
volumes:
- ./redis/conf/redis.conf:/redis.conf
- ./redis/data:/data
command: redis-server /redis.conf
restart: always
kms-admin:
container_name: kms-admin
image: kms/kms-admin:${KMS_VERSION:-latest}
build:
context: ./kms-admin
dockerfile: dockerfile
environment:
- TZ=Asia/Shanghai
- SPRING_PROFILES_ACTIVE=prod
- DB_PASSWORD=${MYSQL_ROOT_PASSWORD:-123456}
privileged: true
pid: host
devices:
- /dev/ttyAMA1:/dev/ttyAMA1
volumes:
- ./cert:/dataVolume/kms/cert
- ./kms-admin/dataVolume/kms:/dataVolume/kms
- ./kms-admin/temp:/dataVolume/temp
- ./kms-admin/log:/usr/local/skms/logs
- ./kms-admin/lib/libsgd.so:/usr/lib/libsgd.so
- ./kms-admin/lib/libsgd.so:/usr/lib64/libsgd.so
- ./kms-admin/lib/libQRNG.so:/usr/lib/libQRNG.so
- ./kms-admin/lib/libQRNG.so:/usr/lib64/libQRNG.so
- ./kms-admin/lib/libbusiness.so:/usr/lib/libbusiness.so
- ./kms-admin/lib/libbusiness.so:/usr/lib64/libbusiness.so
- ./kms-admin/lib/libplatform.so:/usr/lib/libplatform.so
- ./kms-admin/lib/libplatform.so:/usr/lib64/libplatform.so
- ./kms-admin/lib/libsdf_api.conf:/etc/libsdf_api/libsdf_api.conf
- ./kms-admin/jar/application.yml:/dataVolume/kms/application.yml # 测试用于经常更新application.yml的情况
- /etc/sysconfig/network-scripts:/etc/sysconfig/network-scripts
- /usr/sbin/ifconfig:/usr/sbin/ifconfig
- /usr/bin/cd:/usr/bin/cd
- /usr/local/bin/docker-compose:/usr/bin/docker-compose
- /usr/bin/docker:/usr/bin/docker
- /var/run/docker.sock:/var/run/docker.sock
- ./:/usr/kms
- /dev:/dev
ports:
- ${ADMIN_BIND_IP:-0.0.0.0}:9088:9088
depends_on:
- kms-mysql
- kms-redis
# links:
# - kms-mysql
# - kms-redis
cap_add:
- NET_ADMIN
network_mode: host # 可选
restart: always
kms-plat:
container_name: kms-plat
image: kms/kms-plat:${KMS_VERSION:-latest}
build:
context: ./kms-plat
dockerfile: dockerfile
environment:
- TZ=Asia/Shanghai
- SPRING_PROFILES_ACTIVE=prod
- DB_PASSWORD=${MYSQL_ROOT_PASSWORD:-123456}
volumes:
- ./kms-plat/temp:/dataVolume/temp
- ./cert:/dataVolume/kms/cert
- ./kms-plat/log:/usr/local/plat/logs
- ./kms-admin/lib/libsgd.so:/usr/lib/libsgd.so
- ./kms-admin/lib/libsgd.so:/usr/lib64/libsgd.so
- ./kms-admin/lib/libsdf_api.conf:/etc/libsdf_api/libsdf_api.conf
- /usr/sbin/ifconfig:/usr/sbin/ifconfig
ports:
- ${PLAT_BIND_IP:-0.0.0.0}:9091:9091
#netty端口,和设备建立安全通道
- ${PLAT_BIND_IP:-0.0.0.0}:9988:9988
#grpc端口,密码应用调用
- ${PLAT_BIND_IP:-0.0.0.0}:9989:9989
depends_on:
- kms-mysql
- kms-redis
- kms-admin
links:
- kms-mysql
- kms-redis
- kms-admin
restart: always三、从配置到连接的完整步骤分解
- 第一步:Docker Compose创建专属网络
- 当你执行 docker-compose up -d 时,Docker会做第一件重要的事:
bash
# Docker会自动创建一个默认网络,命名规则:{项目名}_default
# 你的项目目录名是啥,网络名就是啥_default
docker network ls
# 输出示例:
# NETWORK ID NAME DRIVER SCOPE
# 3f8e9a2b1c5d skms_default bridge local- 这个网络是bridge模式的私有网络,相当于给所有容器搭了一座"内部桥"- 第二步:容器加入网络并获得"身份证"
-
每个服务启动时,Docker会:
将容器连接到 skms_default 网络
给容器分配一个内部IP地址(如 172.18.0.2)
最关键的一步:在Docker内置DNS中注册一条记录:服务名 → IP地址
-
bash
# 查看kms-mysql容器的IP
docker inspect kms-mysql | grep IPAddress
# 输出示例:
# "IPAddress": "172.18.0.2"-
第三步:内置DNS服务启动
-
Docker在每个网络中都会运行一个轻量级DNS服务器,它负责:
监听所有容器的DNS查询请求
维护服务名与IP地址的映射表
当容器查询 kms-mysql 时,立即返回 172.18.0.2
-
-
第四步:应用通过服务名连接
-
第五步:验证这个机制
进入 kms-admin 容器看看DNS解析
bash
# 进入kms-admin容器
docker exec -it kms-admin bash
# 在容器内ping kms-mysql(容器里可能没有ping命令)
# 试试用getent hosts(这是标准DNS查询工具)
getent hosts kms-mysql
# 输出示例:172.18.0.2 kms-mysql
# 或者如果容器有nslookup
nslookup kms-mysql
# 输出示例:
# Server: 127.0.0.11
# Address: 127.0.0.11#53
#
# Name: kms-mysql
# Address: 172.18.0.2