Docker 安装 Guacamole-CFANZ编程社区

安装mysql

docker run --name mysql01 \
--network Guacamole_network --ip 192.168.0.2 \
--security-opt=no-new-privileges \
-e MYSQL_ROOT_PASSWORD=123456 \
--privileged=true \
-d mysql:5.7 \
--character-set-server=utf8 --collation-server=utf8_bin

mkdir -p /usr/local/docker/mysql01
docker cp mysql01:/etc/mysql/ /usr/local/docker/mysql01/conf
docker cp mysql01:/var/log/mysql/ /usr/local/docker/mysql01/logs
docker cp mysql01:/var/lib/mysql/ /usr/local/docker/mysql01/data
docker rm -f mysql01

docker run --name mysql01 \
--network Guacamole_network --ip 192.168.0.2 \
-v /usr/local/docker/mysql01/conf:/etc/mysql \
-v /usr/local/docker/mysql01/logs:/var/log/mysql \
-v /usr/local/docker/mysql01/data:/var/lib/mysql \
-v /etc/localtime:/etc/localtime \
--security-opt=no-new-privileges \
-e MYSQL_ROOT_PASSWORD=123456 \
--restart=always \
--privileged=true \
-d mysql:5.7 \
--character-set-server=utf8 --collation-server=utf8_bin

# 创建数据库初始化脚本以创建用于验证身份的数据表
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
# 将initdb.sql移动到myslq01容器中
docker cp initdb.sql mysql01:/initdb.sql
docker exec -it mysql01 mysql -uroot -p123456
# 创建数据库
mysql> CREATE DATABASE guacamole; 
# 创建用户guacamole并授权用户使用password guacamole访问
mysql> CREATE USER 'guacamole'@'%' IDENTIFIED BY 'guacamole'; 
mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole'@'%';
mysql> FLUSH PRIVILEGES
mysql> exit
# 使用初始化脚本为新数据库创建数据表
docker exec -it mysql01 bash
mysql –uroot –p123456 guacamole < initdb.sql
# 在mysql01容器中安装vim
docker exec -it mysql01 bash
apt update
apt install vim
vi /etc/mysql/mysql.conf.d/mysqld.cnf
# 在末尾添加一行以关闭mysql ssl 
skip_ssl 

# 查看ssl是否关闭
service mysqld restart
docker exec -it mysql01 mysql -uroot -p123456
mysql> show variables like '%ssl%';
+---------------+----------+
| Variable_name | Value    |
+---------------+----------+
| have_openssl  | DISABLED |
| have_ssl      | DISABLED |
| ssl_ca        |          |
| ssl_capath    |          |
| ssl_cert      |          |
| ssl_cipher    |          |
| ssl_crl       |          |
| ssl_crlpath   |          |
| ssl_key       |          |
+---------------+----------+

安装guacd

docker run --name guacd01 \
--network Guacamole_network --ip 192.168.0.3 \
-v /etc/localtime:/etc/localtime \
-p 4822:4822 \
--restart=always \
--privileged=true \
-d guacamole/guacd

安装guacamole

docker run --name guacamole01 \
--network Guacamole_network --ip 192.168.0.4 \
-v /usr/local/docker/guacamole:/etc/guacamole \
-v /etc/localtime:/etc/localtime \
-e GUACD_HOSTNAME=192.168.0.3  \
-e GUACD_PORT=4822 \
-e GUACAMOLE_HOME=/etc/guacamole \
-e TZ=Asia/Shanghai \
-e MYSQL_HOSTNAME=192.168.0.2 \
-e MYSQL_PORT=3306 \
-e MYSQL_DATABASE=guacamole \
-e MYSQL_USER=guacamole \
-e MYSQL_PASSWORD=guacamole \
-e LDAP_HOSTNAME=*.*.*.* \
-e LDAP_PORT=389 \
-e LDAP_USER_BASE_DN="OU=IT,OU=Org,OU=***,DC=***,DC=local" \
-e LDAP_GROUP_BASE_DN="CN=IT Infra,OU=Email Group,DC=***,DC=local" \
-e LDAP_USERNAME_ATTRIBUTE=samAccountName \
-e LDAP_SEARCH_BIND_DN="CN=Mintao Li,OU=infra,OU=IT,OU=Org,OU=***,DC=***,DC=local" \
-e LDAP_SEARCH_BIND_PASSWORD=*** \
-p 8080:8080 \
--restart=always \
--privileged=true \
-d guacamole/guacamole

访问

http://宿主机ip:8080/guacamole
user：guacadmin password：guacadmin