如何在IDEA中实现快速将项目部署在docker上？

Linux系统端

1、安装docker，此过程略。附上在阿里云服务器上部署docker和docker-compose的链接：如何部署并使用Docker_云服务器 ECS-阿里云帮助中心 (aliyun.com)

2、安装完docker后，随便找一个目录（本例的路径是/ocos/docker/cert，也可以选其他的路径，下面要用）创建安全连接docker所需的证书文件，执行如下脚本即可。

#Docker tls script
#!/bin/bash

#settings
SERVER="服务器的IP地址"
PASSWORD="连接密码"
COUNTRY="CN"
STATE="HuBei"
CITY="xxx"
ORGANIZATION=""
ORGANIZATIONAL_UNIT="Dev"
EMAIL="[email protected]"

###start###
echo "script start"

#gen ca.pem - aes256   
openssl genrsa -aes256 -passout pass:$PASSWORD -out ca-key.pem 4096

openssl req -new -x509 -passin "pass:$PASSWORD" -days 365 -key ca-key.pem -sha256 -out ca.pem -subj "/C=$COUNTRY/ST=$STATE/L=$CITY/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$SERVER/emailAddress=$EMAIL"

#gen server cert
openssl genrsa -out server-key.pem 4096

openssl req -subj "/CN=$SERVER" -sha256 -new -key server-key.pem -out server.csr

echo subjectAltName = IP:$SERVER,IP:0.0.0.0 >> extfile.cnf
echo extendedKeyUsage = serverAuth >> extfile.cnf

openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -passin "pass:$PASSWORD" \-CAcreateserial -out server-cert.pem -extfile extfile.cnf

#gen client cert
openssl genrsa -out key.pem 4096

openssl req -subj '/CN=client' -new -key key.pem -out client.csr

echo extendedKeyUsage = clientAuth >> extfile.cnf

openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -passin "pass:$PASSWORD" \-CAcreateserial -out cert.pem -extfile extfile.cnf

#cert authorized
chmod -v 0400 ca-key.pem key.pem server-key.pem

chmod -v 0444 ca.pem server-cert.pem cert.pem

#del useless file
rm client.csr server.csr

echo "script done"
###end###

3、执行命令：

vim /lib/systemd/system/docker.service

然后找到[Service]中的ExecStart项，在-H fd:// --containerd=/run/containerd/containerd.sock后加上

-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --tlsverify --tlscacert=/第二步存放的路径/ca.pem --tlscert=/第二步存放的路径/server-cert.pem --tlskey=/第二步存放的路径/server-key.pem

配置参考：

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --tlsverify --tlscacert=/ocos/docker/cert/ca.pem --tlscert=/ocos/docker/cert/server-cert.pem --tlskey=/ocos/docker/cert/server-key.pem
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always

然后执行如下命令刷新配置并重启docker

systemctl daemon-reload
systemctl restart docker

至此Linux端的准备工作就告一段落了，接下来我们配置IDEA

Windows系统端

将刚刚在Linux中创建的证书文件（后缀为pem，文件名为ca、cert、key）复制到Windows上，如图所示

IDEA配置

首先在要在IDEA中安装docker插件，如下图所示

接着选择IDEA左下方的Services中的Docker Connection选项，

在如下窗口中配置：

点击OK保存配置就可以愉快用IDEA地连上Docker了！！！

如果连不上，可能你的服务器安全组没有配置开放2375端口入站

进行项目部署

首先需要对项目进行打包，如图所示

接下来，你就可以在项目根目录创建DockerFile和docker-compose.yml这两个文件了，以SpringBoot为例，这两个文件的内容如下：

DockerFile：

# 该镜像需要依赖的基础镜像
FROM openjdk:17-slim
# 指定维护者的名字
MAINTAINER timqiu
# 将当前目录下的jar包复制到docker容器的/目录下
ADD ./target/ocos-api-0.0.1-SNAPSHOT.jar /ocos-api.jar
# 声明服务运行在8080端口
EXPOSE 8080
# 指定docker容器启动时运行jar包
ENTRYPOINT ["java", "-jar","/ocos-api.jar"]

docker-compose.yml：

services:
  redis:
    image: redis
    container_name: ocos_redis
    restart: always
    ports:
      - 6379:6379
    volumes:
      - /ocos/docker/redis/data:/data
      - /ocos/docker/redis/conf/redis.conf:/etc/redis/redis.conf
    command: redis-server /etc/redis/redis.conf
  mysql:
    image: mysql:8
    container_name: ocos_mysql
    restart: always
    ports:
      - 3306:3306
    environment:
      MYSQL_ROOT_PASSWORD: xxxxxx
    volumes:
      - /ocos/docker/mysql/data:/var/lib/mysql
      - /ocos/docker/mysql/conf:/etc/mysql/conf.d
  nginx:
    image: nginx:1.10
    container_name: ocos_nginx
    restart: always
    ports:
      - 80:80
    volumes:
      - /ocos/docker/nginx/html:/usr/share/nginx/html
      - /ocos/docker/nginx/logs:/var/log/nginx
      - /ocos/docker/nginx/conf:/etc/nginx
  rabbitmq:
    image: rabbitmq:management
    container_name: ocos_rabbitmq
    restart: always
    ports:
      - 5671:5671
      - 5672:5672
      - 4369:4369
      - 25672:25672
      - 15671:15671
      - 15672:15672
  mongodb:
    image: mongo:5
    container_name: ocos_mongodb
    restart: always
    ports:
      - 27017:27017
    volumes:
      - /ocos/docker/mongodb/data:/data/db
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: xxxxxx