环境:centos7
开机启动
systemctl enable docker
docker
username:curiouswen
passwd:li3390595wen
切换到root用户再登录
docker login
docker tag <existing-image> <hub-user>/<repo-name>[:<tag>]
docker tag centos/nginx_php-fpm curiouswen/nginx_php-fpm
docker push curiouswen/nginx_php-fpm
开机开启某个docker容器
/etc/rc.local中添加(/etc/rc.d/rc.local为可执行文件)
sleep 8 //要等一下,否则docker服务都没运行,脚本倒是先执行了,这样启动失败
docker run -d -ti --name nginx-php -v /server/www/test:/server/www/ -p 80:80 centos/nginx_php-fpm >> /nginx.log 2>&1 && //-v /server/www/test:/server/www/把本地目录/server/www/映射到docker中的/server/www/test目录,如果docker中没有对应的目录,他会自动创建
docker exec -i nginx-php /bin/bash /bin/start_nginx-php.sh >> /nginx.log 2>&1 //不能加-t,否则出现the input device is not a TTY错误
查看运行的容器
docker ps -a //查看所有容器
docker ps -l //查看最近的容器
docker ps -n 3 //查看最近运行过的3个容器
创建新镜像
docker commit -m "镜像描述" -a "作者" 旧的容器名 新的容器名[:TAG] //TAG例如v1、v2
[root@why docker]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e43876752514 centos/nginx_php-fpm "/bin/bash" 10 hours ago Up 4 hours 0.0.0.0:80->80/tcp nginx-php
[root@why docker]# docker commit -m "nginx-php" -a "curious" nginx-php nginx_php-fpm:v1
sha256:6a47aedfa7cc393a32bfda2bfb02ebe224a1212899af9226951bf897872b4039
[root@why docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_php-fpm v1 6a47aedfa7cc 18 seconds ago 577 MB
开启docker服务
centos7
systemctl start docker
systemctl enable docker //开机启动
centos6
service docker start
列出当前主机的镜像表
docker images
搜索官网hub中的镜像
docker search 服务名
如docker search mysql
下载最新的镜像
docker pull mysql
创建新镜像
docker commit -m "镜像描述" -a "作者" 旧的容器名 新的容器名[:TAG] //TAG例如v1、v2
[root@why docker]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e43876752514 centos/nginx_php-fpm "/bin/bash" 10 hours ago Up 4 hours 0.0.0.0:80->80/tcp nginx-php
[root@why docker]# docker commit -m "nginx-php" -a "curious" nginx-php nginx_php-fpm:v1
sha256:6a47aedfa7cc393a32bfda2bfb02ebe224a1212899af9226951bf897872b4039
[root@why docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_php-fpm v1 6a47aedfa7cc 18 seconds ago 577 MB
直接前台运行容器
docker run -ti 镜像名
docker run -ti nginx_php-fpm //运行镜像名为nginx_php-fpm tag为latest的镜像
docker run -ti nginx_php-fpm:v1 //运行镜像名为nginx_php-fpm tag为v1的镜像
直接后台运行容器
docker run -d -ti 镜像名
把后台运行的容器切换到前台运行
docker attach 容器名/ID
或docker exec -ti 容器名 /bin/bash
前台切换到后台运行
Ctrl+Q+P //三个键同时按下
查看容器内部运行的进程
docker top 容器名字/ID
停止容器
docker stop 容器名字/ID
启动容器
docker start 容器名字 (已经运行过的容器)
查看容器状态
docker stats
docker stats 容器名
查看容器映射的端口
docker port 容器名/ID
删除容器
docker rm 容器名/ID
删除镜像
docker rmi -f 镜像名/ID
查看容器日志
docker logs -f 容器名/ID
查看容器的配置和状态信息
docker inspect 容器名/ID
查看容器映射端口
docker port 容器名/ID
docker ps -f name=容器名
导出镜像
[root@curiouswen docker]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
berngp/docker-zabbix latest e6a9a287929a 7 days ago 940.4 MB
registry latest 569ff570cd47 5 weeks ago 33.17 MB
docker save -o zabbix.tar berngp/docker-zabbix
导入镜像
docker load < zabbix.tar
修改映射端口
iptables -t nat -I DOCKER 2 -p tcp --dport 8091 ! --in-interface docker0 -j DNAT --to-destination 容器IP:8091
iptables -t nat -I 2 POSTROUTING -p tcp --dport 8091 -s 容器IP -d 容器IP -j MASQUERADE
iptables -I DOCKER ! --in-interface docker0 --out-interface docker0 -d 容器IP -p tcp --dport 8091 -j ACCEPT
iptables -nvxL
iptables -t nat -nvxL
//运行容器
docker run -ti -p 80:80 centos/nginx_php-fpm (前台运行)
docker run -d -ti --name nginx-php -p 80:80 centos/nginx_php-fpm(后台运行)
[root@why curious]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1136d05d8a1 centos/nginx_php-fpm "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp flamboyant_nobel
docker
//在运行的容器中运行脚本
docker exec -ti nginx-php /bin/bash /bin/start_nginx-php.sh
docker
echo "192.168.2.116 docker.curious" >> /etc/hosts
yum -y install tar pcre-devel pcre-staticopenssl openssl-devel httpd-tools
cd /etc/pki/CA/
openssl genrsa -out private/cakey.pem 2048
nginx
mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl/
openssl genrsa -out nginx.key 2048
openssl req -new -x509 -key private/cakey.pem -out cacert.pem
openssl genrsa -out nginx.key 2048
openssl req -new -key nginx.key -out nginx.csr
安装nginx
htpasswd -cb /server/conf/nginx/conf.d/.htpasswd docker docker123
touch /etc/pki/CA/index.txt
touch /etc/pki/CA/serial
echo 00 >/etc/pki/CA/serial
service docker stop
echo 'DOCKER_OPTS="--insecure-registry docker.curious --tlsverify --tlscacert /etc/pki/CA/cacert.pem"' >>/etc/sysconfig/docker
mkdir -p /etc/docker/certs.d/docker.curious/
cp /etc/pki/CA/cacert.pem /etc/docker/certs.d/docker.curious/ca-certificates.crt
service docker start
mkdir -p /server/registry
docker run -d -e STORAGE_PATH=/registry -v /server/registry:/registry -p 127.0.0.1:5000:5000 --name=registry registry
/usr/local/nginx/sbin/nginx
curl -i -k https://docker:docker123@docker.curious //本机验证 username:docker passwd:docker123
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
yum install docker
开机启动
systemctl enable docker
docker
username:curiouswen
passwd:li3390595wen
切换到root用户再登录
docker login
docker tag <existing-image> <hub-user>/<repo-name>[:<tag>]
docker tag centos/nginx_php-fpm curiouswen/nginx_php-fpm
docker push curiouswen/nginx_php-fpm
开机开启某个docker容器
/etc/rc.local中添加(/etc/rc.d/rc.local为可执行文件)
sleep 8 //要等一下,否则docker服务都没运行,脚本倒是先执行了,这样启动失败
docker run -d -ti --name nginx-php -v /server/www/test:/server/www/ -p 80:80 centos/nginx_php-fpm >> /nginx.log 2>&1 && //-v /server/www/test:/server/www/把本地目录/server/www/映射到docker中的/server/www/test目录,如果docker中没有对应的目录,他会自动创建
docker exec -i nginx-php /bin/bash /bin/start_nginx-php.sh >> /nginx.log 2>&1 //不能加-t,否则出现the input device is not a TTY错误
查看运行的容器
docker ps -a //查看所有容器
docker ps -l //查看最近的容器
docker ps -n 3 //查看最近运行过的3个容器
创建新镜像
docker commit -m "镜像描述" -a "作者" 旧的容器名 新的容器名[:TAG] //TAG例如v1、v2
[root@why docker]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e43876752514 centos/nginx_php-fpm "/bin/bash" 10 hours ago Up 4 hours 0.0.0.0:80->80/tcp nginx-php
[root@why docker]# docker commit -m "nginx-php" -a "curious" nginx-php nginx_php-fpm:v1
sha256:6a47aedfa7cc393a32bfda2bfb02ebe224a1212899af9226951bf897872b4039
[root@why docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_php-fpm v1 6a47aedfa7cc 18 seconds ago 577 MB
开启docker服务
centos7
systemctl start docker
systemctl enable docker //开机启动
centos6
service docker start
列出当前主机的镜像表
docker images
搜索官网hub中的镜像
docker search 服务名
如docker search mysql
下载最新的镜像
docker pull mysql
创建新镜像
docker commit -m "镜像描述" -a "作者" 旧的容器名 新的容器名[:TAG] //TAG例如v1、v2
[root@why docker]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e43876752514 centos/nginx_php-fpm "/bin/bash" 10 hours ago Up 4 hours 0.0.0.0:80->80/tcp nginx-php
[root@why docker]# docker commit -m "nginx-php" -a "curious" nginx-php nginx_php-fpm:v1
sha256:6a47aedfa7cc393a32bfda2bfb02ebe224a1212899af9226951bf897872b4039
[root@why docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_php-fpm v1 6a47aedfa7cc 18 seconds ago 577 MB
直接前台运行容器
docker run -ti 镜像名
docker run -ti nginx_php-fpm //运行镜像名为nginx_php-fpm tag为latest的镜像
docker run -ti nginx_php-fpm:v1 //运行镜像名为nginx_php-fpm tag为v1的镜像
直接后台运行容器
docker run -d -ti 镜像名
把后台运行的容器切换到前台运行
docker attach 容器名/ID
或docker exec -ti 容器名 /bin/bash
前台切换到后台运行
Ctrl+Q+P //三个键同时按下
查看容器内部运行的进程
docker top 容器名字/ID
停止容器
docker stop 容器名字/ID
启动容器
docker start 容器名字 (已经运行过的容器)
查看容器状态
docker stats
docker stats 容器名
查看容器映射的端口
docker port 容器名/ID
删除容器
docker rm 容器名/ID
删除镜像
docker rmi -f 镜像名/ID
查看容器日志
docker logs -f 容器名/ID
查看容器的配置和状态信息
docker inspect 容器名/ID
查看容器映射端口
docker port 容器名/ID
docker ps -f name=容器名
导出镜像
[root@curiouswen docker]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
berngp/docker-zabbix latest e6a9a287929a 7 days ago 940.4 MB
registry latest 569ff570cd47 5 weeks ago 33.17 MB
docker save -o zabbix.tar berngp/docker-zabbix
导入镜像
docker load < zabbix.tar
修改映射端口
iptables -t nat -I DOCKER 2 -p tcp --dport 8091 ! --in-interface docker0 -j DNAT --to-destination 容器IP:8091
iptables -t nat -I 2 POSTROUTING -p tcp --dport 8091 -s 容器IP -d 容器IP -j MASQUERADE
iptables -I DOCKER ! --in-interface docker0 --out-interface docker0 -d 容器IP -p tcp --dport 8091 -j ACCEPT
iptables -nvxL
iptables -t nat -nvxL
//运行容器
docker run -ti -p 80:80 centos/nginx_php-fpm (前台运行)
docker run -d -ti --name nginx-php -p 80:80 centos/nginx_php-fpm(后台运行)
[root@why curious]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1136d05d8a1 centos/nginx_php-fpm "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp flamboyant_nobel
docker
//在运行的容器中运行脚本
docker exec -ti nginx-php /bin/bash /bin/start_nginx-php.sh
Docker挂载主机目录Docker访问出现Permission denied的解决办法:
原因是CentOS7中的安全模块selinux把权限禁掉了,至少有以下三种方式解决挂载的目录没有权限的问题:
1.在运行容器的时候,给容器加特权,及加上 --privileged=true 参数:
docker run -i -t -v /soft:/soft --privileged=true 686672a1d0cc /bin/bash
2.临时关闭selinux:
setenforce 0
3.添加selinux规则,改变要挂载的目录的安全性文本
docker
echo "192.168.2.116 docker.curious" >> /etc/hosts
yum -y install tar pcre-devel pcre-staticopenssl openssl-devel httpd-tools
cd /etc/pki/CA/
openssl genrsa -out private/cakey.pem 2048
nginx
mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl/
openssl genrsa -out nginx.key 2048
openssl req -new -x509 -key private/cakey.pem -out cacert.pem
openssl genrsa -out nginx.key 2048
openssl req -new -key nginx.key -out nginx.csr
安装nginx
htpasswd -cb /server/conf/nginx/conf.d/.htpasswd docker docker123
touch /etc/pki/CA/index.txt
touch /etc/pki/CA/serial
echo 00 >/etc/pki/CA/serial
service docker stop
echo 'DOCKER_OPTS="--insecure-registry docker.curious --tlsverify --tlscacert /etc/pki/CA/cacert.pem"' >>/etc/sysconfig/docker
mkdir -p /etc/docker/certs.d/docker.curious/
cp /etc/pki/CA/cacert.pem /etc/docker/certs.d/docker.curious/ca-certificates.crt
service docker start
mkdir -p /server/registry
docker run -d -e STORAGE_PATH=/registry -v /server/registry:/registry -p 127.0.0.1:5000:5000 --name=registry registry
/usr/local/nginx/sbin/nginx
curl -i -k https://docker:docker123@docker.curious //本机验证 username:docker passwd:docker123
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
更多推荐
docker使用
发布评论