使用docker compose部署netmaker打通内网
准备
我看官网推荐都是使用ssl然后要ssl证书,不想走弯路了
一、docker-compose.yml
version: "3.4"services:netmaker:container_name: netmakerimage: gravitl/netmaker:v0.90.0restart: unless-stoppedports:- "18081:18082"- "50051:50051"- "51821-51830:51821-51830/udp"volumes:- /usr/local/software/netmaker/data:/root/dataenvironment:- SERVER_HOST=域名:18082- API_HOST=域名:18082- API_PORT=18082- BROKER_ENDPOINT=mqtts://域名:8883- MASTER_KEY=KHcZC3whEX670G5JsFlR2V0Mr9nSgQSu- DATABASE=sqlite- DISPLAY_KEYS=true- TELEMETRY=off# 新增变量(基于参考配置)- SERVER_NAME=域名- SERVER_API_CONN_STRING=域名:18082- COREDNS_ADDR=域名:18082- SERVER_HTTP_HOST=域名:18082depends_on:mq:condition: service_startednetmaker-ui:container_name: netmaker-uiimage: gravitl/netmaker-ui:v0.90.0restart: unless-stoppedports:- "18080:80"environment:- BACKEND_URL=https://域名:18082depends_on:- netmakerlinks:- "netmaker:api" # 确保UI能通过别名访问APImq:container_name: mosquittoimage: eclipse-mosquitto:2restart: unless-stoppedports:- "8883:8883"volumes:- /usr/local/software/netmaker/mosquitto/config:/mosquitto/config- /usr/local/software/netmaker/mosquitto/data:/mosquitto/data- /usr/local/software/netmaker/mosquitto/log:/mosquitto/log- /etc/letsencrypt:/etc/letsencryptcommand: mosquitto -c /mosquitto/config/mosquitto.conf
给挂载的路径要有读写路径
这里可以看到我们是把后端端口挂载在宿主机18001,需要使用nginx 使用ssl把18001端口隐射到18002
配置/usr/local/software/netmaker/mosquitto/config/mosquitto.conf
vim /usr/local/software/netmaker/mosquitto/config/mosquitto.conf
listener 8883
certfile /etc/letsencrypt/live/chaoyouwanjia.icu/fullchain.pem #你的域名ssl证书地址
keyfile /etc/letsencrypt/live/chaoyouwanjia.icu/privkey.pem #你的域名ssl证书地址
tls_version tlsv1.2
#password_file /mosquitto/config/passwd
#require_certificate false
#use_identity_as_username false #listener 1883
allow_anonymous true
运行
docker compose up -d
运行成功
第一次登录需要注册管理员账号,后面就不用了
创建网络,然后根据提示把内网加入到网络就好
根据提示操作就好
如果其他两台没公网,需要使用中集成模式,才能互相打通
使用云服务器那个节点创建gatway,在把其他机器挂载到到这个网关上
重要一点,要使用官方文档,可以少走很多弯路,里面很多操作都写明白了
排错
journalctl -u netclient -f
客户端如果显示这个,就是成功了,要会查日志,不要傻傻的以为有内网ip就是成功了
查看分配的内网ip命令
ip addr show | grep -A 5 netmaker