idea集成docker 修改docker.servicevim /usr/lib/systemd/system/docker.service修改ExecStart这一行，开启2375端口远程访问[Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target docker.socket firewalld.service containerd.service time-set.target Wants=network-online.target containerd.service Requires=docker.socket [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker #ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock ExecReload=/bin/kill -s HUP $MAINPID TimeoutStartSec=0 RestartSec=2 Restart=always # Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. # Both the old, and new location are accepted by systemd 229 and up, so using the old location # to make them work for either version of systemd. StartLimitBurst=3 # Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. # Both the old, and new name are accepted by systemd 230 and up, so using the old name to make # this option work for either version of systemd. StartLimitInterval=60s # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity # Comment TasksMax if your systemd version does not support it. # Only systemd 226 and above support this option. TasksMax=infinity # set delegate yes so that systemd does not reset the cgroups of docker containers Delegate=yes # kill only the docker process, not all processes in the cgroup KillMode=process OOMScoreAdjust=-500 [Install] WantedBy=multi-user.target说明: Intelli] IDEA通过2375端口远程连接到Linux系统中的Docker.重载配置并重启docker服务systemctl daemon-reload && systemctl restart docker3、开放端口firewall -cmd --zone=public --add-port=2375/tcp --permanent && firewall -cmd --reload测试接口curl http://192.168.3.100:2375/version看到类似如下内容[WARNING] No entry found in settings.xml for serverId=docker-mx, cannot configure authentication for that registry出现这个警告是因为settings.xml文件没有配置镜像仓库登录账号密码信息 <plugin> <groupId>com.spotify</groupId> <artifactId>docker-maven-plugin</artifactId> <version>1.2.2</version> <executions> <execution> <id>build-image</id> <phase>package</phase> <goals> <goal>build</goal> </goals> </execution> <!-- <execution>--> <!-- <id>tag-image</id>--> <!-- <phase>package</phase>--> <!-- <goals>--> <!-- <goal>tag</goal>--> <!-- </goals>--> <!-- <configuration>--> <!-- <image>${project.name}</image>--> <!-- <newName>1${project.name}</newName>--> <!-- </configuration>--> <!-- </execution>--> <execution> <id>push-image</id> <phase>deploy</phase> <goals> <goal>push</goal> </goals> <configuration> <imageName>${project.name}</imageName> <imageTags> <imageTag>v${project.version}</imageTag> </imageTags> </configuration> </execution> </executions> <configuration> <!--docker api地址，构建镜像是通过api调用在192.168.245.133上构建，并推送到registryUrl上--> <dockerHost>${docker.remote.host}</dockerHost> <buildArgs> <appName>${project.build.finalName}</appName> </buildArgs> <serverId>docker-mx</serverId> <!--私有仓库地址--> <registryUrl>${docker.registry.url}</registryUrl> <!--镜像名称，必须带仓库地址，否则只会push到docker.io--> <imageName>${docker.registry.url}/${project.name}:v${project.version}</imageName> <imageTags> <imageTag>v${project.version}</imageTag> </imageTags> <!-- 指定dockerfile所在目录 --> <!--<dockerDirectory>${project.build.directory}</dockerDirectory>--> <!--<dockerDirectory>src/main/docker</dockerDirectory>--> <!-- All resources will be copied to this directory before building the image. --> <!--<buildDirectory>${project.basedir}</buildDirectory>--> <!--是否推送镜像--> <!--<pushImage>true</pushImage>--> <!--推送后是否覆盖已存在的标签镜像--> <forceTags>true</forceTags> <!--资源，类似Dockerfile里的 ADD --> <resources> <resource> <!--在生成的docker目录下，新建目录--> <targetPath>/</targetPath> <!--docker-build时生成docker目录位置--> <directory>${project.build.directory}</directory> <!-- <directory>${project.build.directory}</directory>--> <include>${project.build.finalName}.jar</include> <filtering>true</filtering> </resource> </resources> <!--基础镜像--> <baseImage>openjdk:8-jdk-alpine</baseImage> <runs> <run>echo "App is: ${project.name}"</run> <!--<run>mkdir /app</run>--> </runs> <workdir>/app</workdir> <exposes>${profiles.port}</exposes> <!--启动容器里执行的命令：注意这里的格式，格式不对，会运行不成功的--> <!--<entryPoint>["java", "-version"]</entryPoint>--> <entryPoint>["java", "-jar","/${project.build.finalName}.jar"]</entryPoint> </configuration> </plugin>控制台提示报错[ERROR] Failed to execute goal com.spotify:docker-maven-plugin:1.2.2:build (default-cli) on project mxhello: Exception caught: java.io.IOException: Cannot run program "docker-credential-desktop": error=2, No such file or directory -> [Help 1]将 credsStore 改成 credStore ，但是别重启本地docker，否则这一项配置会被清除

ubuntu禁用休眠、挂起、休眠和混合休眠功能。 sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target

ssh连接远程主机时收到警告“REMOTE HOST IDENTIFICATION HAS CHANGED” 一、报错admin@00e04c68075c ~ % ssh superpc@192.168.3.100 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ED25519 key sent by the remote host is SHA256:+qKNn9Q4gKyDrpbuuSLcswSu3mQYYMolKqfxuYPi8Dc. Please contact your system administrator. Add correct host key in /Users/admin/.ssh/known_hosts to get rid of this message. Offending ED25519 key in /Users/admin/.ssh/known_hosts:4 Host key for 192.168.3.100 has changed and you have requested strict checking. Host key verification failed.二、解决方法sudo ssh -o "StrictHostKeyChecking=no" superpc@192.168.3.100

macos移除下载镜像quarantine属性 一、什么是Quarantine属性？　　Quarantine属性通常用于描述计算机系统或网络安全领域中的安全特性，其指的是对于具有潜在威胁的文件、程序或数据进行隔离和限制访问的一种机制。当一个文件或程序被识别为可能包含恶意代码、病毒、蠕虫等安全威胁时，系统可以将其放置在隔离区域中，以防止其进一步感染系统或网络。这个隔离区域就被称为"quarantine"，隔离期间，该文件或程序不允许执行或访问系统资源，直到被确定为安全或永久删除。Quarantine属性可以在许多安全软件或操作系统中找到，例如防病毒软件、防火墙、操作系统的安全设置等。通过使用Quarantine属性，用户可以更好地保护他们的计算机和网络不受安全威胁的侵害。　　苹果系统有一个GateKeeper保护机制（自 OSX 10.5 加入）。从互联网上下载来的文件，会被自动打上com.apple.quarantine标志，翻译过来就是免疫隔离，系统根据这个附加属性对这个文件作出限制。在安装软件的时候需要移除quarantine属性，二、解除Quarantine属性打开实用工具里的【终端】并输入下面的命令：sudo xattr -r -d com.apple.quarantine然后把下载的镜像文件拖拽到终端里就会出现文件路径如下admin@supermac ~ % sudo xattr -r -d com.apple.quarantine /Users/admin/Downloads/Adobe_Photoshop_2021_22.4.2.242_ACR13.3_SP_20210617.dmg回车即可解除该属性

gitlab忘记密码 一、背景由于公司在公司内部服务新装一台Gitlab服务器，长期未登录导致密码忘记。二、邮箱方式找回1.在gitlab登录窗口如果密码忘记了登录不进入，可以先尝试点击登录框下方的Forgot your password来通过邮箱的方式找回，如果邮箱不可以使用了，则看下面的强制找回方法.2.输入邮箱账号找回输入当初设置的邮箱帐号，这一步前提是邮箱可以正常使用的情况下才可以使用的方法3.重设密码输入正确的邮箱后，点击邮箱会受到一封重设密码邮件，点击Reset password进入浏览器重新输入新密码确定重新登录即可。三、Bash命令方式找回1.切换到git用户[root@staging ~]# su git2.查看gitlab命令文件sh-4.2$ ls alertmanager gitaly gitlab-exporter gitlab-workhorse nginx postgresql redis backups git-data gitlab-rails grafana node-exporter prometheus trusted-certs-directory-hash bootstrapped gitlab-ci gitlab-shell logrotate postgres-exporter public_attributes.json3.进入gitlab控制台sh-4.2$ gitlab-rails console -------------------------------------------------------------------------------- GitLab: 13.0.3 (e2397fc2acb) FOSS GitLab Shell: 13.2.0 PostgreSQL: 11.7 -------------------------------------------------------------------------------- Loading production environment (Rails 6.0.3)4.查询gitlab超级管理员信息irb(main):001:0> user = User.where(id:1).first => #<User id:1 @root>5.重置密码并报存用户对象irb(main):004:0> user.password='*******' irb(main):005:0> user.save! Enqueued ActionMailer::DeliveryJob (Job ID: a5a683e2-9d9c-402f-8187-3902f3380ced) to Sidekiq(mailers) with arguments: "DeviseMailer", "password_change", "deliver_now", #<GlobalID:0x00007fb8d13bcbd0 @uri=#<URI::GID gid://gitlab/User/1>> => true irb(main):008:0> quit