
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
This docker-image for Mikrotik®-devices is intended to install inside a container-enabled device.
If your Mikrotik®-device is able to run docker-images mainly depends on the device and the used RouterOS (ROS®).
Versions beginning from 7.5 (roughly) are able to run containers on the device. The current version this image is build for
is RouterOS 7.10 (at the time this documentation is written). Also container-functionality is current only available for AMD64-,
ARM64- and ARM-architectures/devices.
First you need to enable the container-feature on your device. Please use the Mikrotik®-documentation for enabling the container-mode.
The documentation can be found here: [***]
Also some preliminaries should be kept in mind. First be sure that the system is powerful enough to run a docker-container.
This means that your device must have enough available RAM and disk space (external storage), and also a powerful CPU.
Currently the following CPU-architectures are available for docker-container: ARM, ARM64 and X86_64(AMD64).
For external storage there is the paket "rose-storage" available, this can be used to mount SMB, NFS and iSCSI-devices into
the Mikrotik®-device. Please keep in mind, that NFS-shares may lack of not allowing "chmod"- and "chown"-commands
on the shares. Also you could use a external-disk (SSD/USB-Stick) as a storage-device.
This image is build using Docker-in-Docker-techniques on a CI/CD-system. The images are tested on several CHR-
(CloudHostedRouter)-systems on AMD64(x86_64)-hosts (virtual/non-virtual) and also on different
ARM/ARM64-devices (hAP ax2, hAP ax3, RB3011 and others).
Mainly a docker-image consists of one process, which is running alone in the container on the host-system. This means when this
process has ended, the whole container ends. At this point this image is different. Because of using a very small Linux (Alpine Linux),
it is possible to run the openrc-init-system in the container as the main process. This openrc-process breaks the historical way a
container is meant to run, but gives also to control running tasks inside the container.
So mainly the openrc-(init) -process is running all the time, giving the chance to add several more tasks to the container.
Also it is possible to restart the processes beside openrc running inside the container without killing the complete container itself.
This is the main theory of this image - no magic for far...
First open WinBox® and connect to the device.
Install docker-image to Mikrotik®-device and attach via "New Terminal" and /container shell number=X (where X is the number of container).
There are three arch-versions available:
amd64 => for chr-devices (x86_64)
arm64 => for arm64/aarch64-devices
arm => for arm-devices
If you don't now the number of the container, please type on the console in WInBox®:
/container print - The number of the container is given on the output.
In the previous opened shell of the container in terminal of WinBox® do:
1.) Set root-password: $ passwd root
2.) Run
2.) New behaviour: the script /sbin/first_start.sh to complete configuration of the image./sbin/first_start.sh is started automatically. Until the container is new created or recreated, all infomations in the
container are used until changed. Therefore after a "normal" restart (start/stop/start), all settings will survive.
A root password is NOT defined (but can be set via cli of container), but you can use the stated ssh-keys as connection-keys.
3.) Assign under IP/Firewall/NAT a DST-NAT-rule to ip of docker-container (defined under /interfaces/veth) and needed port of service in container.
BUT BEWARE: these keys are used unless they are changed in ~/.ssh/authorized_keys !!! Anyone can get and use these keys !!!
Exposed ports are: 80/tcp(Webserver) & 22/tcp(SSH).
Useable ssh-keys:
The ssh-keys can be found in the container in the directory /root/.ssh/[object Object].
Use temporary a root password to connect or copy the private keys out of the directory /root/.ssh/ without the .pub-extension.
These keys can be used to connect via ssh out-of-the-box. Please use the appropriate keys (rsa/dsa/ed25519) !!!
The tag beside -devel and -latest displays the version of the image, devided in two parts with a "-" between them.
Left part of image-tag reflects the used AlpineLinux-version (v3.18.2-..).The right part is the version of the image itself (..-0.0.1).
Tag -latest is the actual and latest (highest tag) stable running version.
Tag -devel is the current development version, not advised for production. Also the -devel-tag may not run, as development in going on.
Please be advised again NOT to use the -devel-version in a production-environment.
Because of development is made with Gitlab and therefore with CI/CD-techniques, these version are created automatically without further notice
and will not be revised or tested permanently. A tagged version with version-number or the -latest-tagged-images are tested on the target-system
before getting tagged !
Mikrotik®, WInBox®, RouterOS, ROS®, hap x2, hap x3, RB3011 and others are or maybe trademarks or registered names of SIA Mikrotīkls.
This project is not affliated with SIA Mikrotīkls and SIA Mikrotīkls is not responsible for this project. Link: [***]
All names, trademarks or other techniques are only used to illustrate ths project.
There is not responsibilty for any faults, errors, defects and so on regarding using this images.
This is a private project and all information stated here are given you as it is and with no responsibilty for any defects, errors and harm using this software.
Alpine Linux is copyrighted by the Alpine Linux Development Team with all rights reserved.
Also all names and symbols from Alpine Linux are used for illustration purposes only with no responsibilty
of the Alpine Linux Development Team. Link: https://www.alpinelinux.org/
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务