学习笔记0729"/>
学习笔记0729
docker
- 1.Docker
- 1.1 Docker介绍
- 1.2 Docker和传统的虚拟化比较
- 1.3 Docker的优势
- 1.4 Docker核心概念
- 2.Docker的安装
- 3.Docker镜像管理
- 3.1 拉取一个镜像
- 3.2 搜索都有哪些镜像
- 3.3 给镜像添加标签
- 3.4 启动一个镜像
- 4.通过容器创建镜像
- 5.容器管理
- 6.仓库管理
- 7.数据管理
- 7.数据卷备份恢复
- 8.docker网络模式
- 8.1外部访问容器
- 8.2 Failed to get D-Bus connection: Operation not permitted
- 8.3 配置桥接网络
- 9.DockerFile的格式
- 10. Dockerfile示例
- 11.Docker compose 批量管理容器
- 11.1用Docker compose部署服务
- 11.2 实例
- 11.3 docker-compose语法扩展
1.Docker
1.1 Docker介绍
- 官网 www.docker
- github .github.io
- 开源的容器引擎,可以让开发者打包应用以及依赖的库,然后发布到任何流行的linux发行版上,移植很方便
- 由go语言编写,基于apache2.0协议发布
- 基于linux kernel,要想在win下运行需要借助一个vm(虚拟机)来实现
- 自2013年开始,近些年发展迅猛
- docker从1.13x开始,版本分为社区版ce和企业版ee,并且基于年月的时间线形式,当前最新稳定版为19.03
- 参考
1.2 Docker和传统的虚拟化比较
1.3 Docker的优势
- 启动非常快,秒级实现
- 资源利用率高,一台高配置服务器可以跑上千个docker容器
- 更快的交付和部署,一次创建和配置后,可以在任意地方运行
- 内核级别的虚拟化,不需要额外的hypevisor支持,会有更高的性能和效率
- 易迁移,平台依赖性不强
1.4 Docker核心概念
- 镜像,是一个只读的模板,类似于安装系统用到的那个iso文件,我们通过镜像来完成各种应用的部署。
- 容器,镜像类似于操作系统,而容器类似于虚拟机本身。它可以被启动、开始、停止、删除等操作,每个容器都是相互隔离的。
- 仓库,存放镜像的一个场所,仓库分为公开仓库和私有仓库。 最大的公开仓库是Docker hub(hub.docker),国内公开仓库(dockerpool)
2.Docker的安装
- 下载docker的源,系统中其实也是已经包含了docker的源,只不过不是最新版本,也可以使用阿里云的源
- curl .repo -o /etc/yum.repos.d/docker.repo
[root@linux-001 ~]# curl .repo -o /etc/yum.repos.d/docker.repo% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed
100 2424 100 2424 0 0 1339 0 0:00:01 0:00:01 --:--:-- 1339[root@linux-001 ~]# cd /etc/yum.repos.d/
[root@linux-001 yum.repos.d]# rz[root@linux-001 yum.repos.d]# ls
Centos-7.repo.bak CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo docker-ce.repo epel.repo gitlab-ce.repo zabbix.repo
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo docker.repo epel-testing.repo mongodb.repo- 配置docker加速器,可以使用阿里云的容器镜像服务,有一个可以提供加速下载的地址。
[root@linux-001 ~]# vim /etc/docker/daemon.json
{"registry-mirrors": [""]
}- 安装docker,docker分为社区版和商业版,社区版是ce。
[root@linux-001 yum.repos.d]# yum install -y docker-ce
已加载插件:fastestmirror
Repository docker-ce-stable is listed more than once in the configuration
Repository docker-ce-stable-debuginfo is listed more than once in the configuration
Repository docker-ce-stable-source is listed more than once in the configuration
Repository docker-ce-edge is listed more than once in the configuration
Repository docker-ce-edge-debuginfo is listed more than once in the configuration
Repository docker-ce-edge-source is listed more than once in the configuration
Repository docker-ce-test is listed more than once in the configuration
Repository docker-ce-test-debuginfo is listed more than once in the configuration
Repository docker-ce-test-source is listed more than once in the configuration
Repository docker-ce-nightly is listed more than once in the configuration
Repository docker-ce-nightly-debuginfo is listed more than once in the configuration
Repository docker-ce-nightly-source is listed more than once in the configuration
Loading mirror speeds from cached hostfile* base: mirrors.aliyun* epel: mirrors.aliyun* extras: mirrors.163* updates: mirrors.163
正在解决依赖关系
--> 正在检查事务
---> 软件包 docker-ce.x86_64.3.19.03.1-3.el7 将被 安装
--> 正在处理依赖关系 container-selinux >= 2:2.74,它被软件包 3:docker-ce-19.03.1-3.el7.x86_64 需要
--> 正在处理依赖关系 containerd.io >= 1.2.2-3,它被软件包 3:docker-ce-19.03.1-3.el7.x86_64 需要
--> 正在处理依赖关系 libseccomp >= 2.3,它被软件包 3:docker-ce-19.03.1-3.el7.x86_64 需要
--> 正在处理依赖关系 docker-ce-cli,它被软件包 3:docker-ce-19.03.1-3.el7.x86_64 需要
--> 正在处理依赖关系 libseccomp.so.2()(64bit),它被软件包 3:docker-ce-19.03.1-3.el7.x86_64 需要
--> 正在检查事务
---> 软件包 container-selinux.noarch.2.2.99-1.el7_6 将被 安装
---> 软件包 containerd.io.x86_64.0.1.2.6-3.3.el7 将被 安装
---> 软件包 docker-ce-cli.x86_64.1.19.03.1-3.el7 将被 安装
---> 软件包 libseccomp.x86_64.0.2.3.1-3.el7 将被 安装
--> 解决依赖关系完成依赖关系解决================================================================================================================================================================================================================Package 架构 版本 源 大小
================================================================================================================================================================================================================
正在安装:docker-ce x86_64 3:19.03.1-3.el7 docker-ce-stable 24 M
为依赖而安装:container-selinux noarch 2:2.99-1.el7_6 extras 39 kcontainerd.io x86_64 1.2.6-3.3.el7 docker-ce-stable 26 Mdocker-ce-cli x86_64 1:19.03.1-3.el7 docker-ce-stable 39 Mlibseccomp x86_64 2.3.1-3.el7 base 56 k事务概要
================================================================================================================================================================================================================
安装 1 软件包 (+4 依赖软件包)总下载量:90 M
安装大小:369 M
Downloading packages:
(1/5): container-selinux-2.99-1.el7_6.noarch.rpm | 39 kB 00:00:00
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY ] 4.1 MB/s | 44 MB 00:00:11 ETA
containerd.io-1.2.6-3.3.el7.x86_64.rpm 的公钥尚未安装
(2/5): containerd.io-1.2.6-3.3.el7.x86_64.rpm | 26 MB 00:00:11
(3/5): libseccomp-2.3.1-3.el7.x86_64.rpm | 56 kB 00:00:00
(4/5): docker-ce-19.03.1-3.el7.x86_64.rpm | 24 MB 00:00:14
(5/5): docker-ce-cli-19.03.1-3.el7.x86_64.rpm | 39 MB 00:00:12
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
总计 3.7 MB/s | 90 MB 00:00:24
从 检索密钥
导入 GPG key 0x621E9F35:用户ID : "Docker Release (CE rpm) <docker@docker>"指纹 : 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35来自 :
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction正在安装 : 2:container-selinux-2.99-1.el7_6.noarch 1/5
setsebool: SELinux is disabled.正在安装 : containerd.io-1.2.6-3.3.el7.x86_64 2/5 正在安装 : libseccomp-2.3.1-3.el7.x86_64 3/5 正在安装 : 1:docker-ce-cli-19.03.1-3.el7.x86_64 4/5 正在安装 : 3:docker-ce-19.03.1-3.el7.x86_64 5/5 验证中 : 1:docker-ce-cli-19.03.1-3.el7.x86_64 1/5 验证中 : libseccomp-2.3.1-3.el7.x86_64 2/5 验证中 : 3:docker-ce-19.03.1-3.el7.x86_64 3/5 验证中 : containerd.io-1.2.6-3.3.el7.x86_64 4/5 验证中 : 2:container-selinux-2.99-1.el7_6.noarch 5/5 已安装:docker-ce.x86_64 3:19.03.1-3.el7 作为依赖被安装:container-selinux.noarch 2:2.99-1.el7_6 containerd.io.x86_64 0:1.2.6-3.3.el7 docker-ce-cli.x86_64 1:19.03.1-3.el7 libseccomp.x86_64 0:2.3.1-3.el7 完毕!- 启动docker,docker启动后,会自动生成docker的iptables规则
- systemctl start docker
[root@linux-001 yum.repos.d]# systemctl start docker
[root@linux-001 yum.repos.d]# ps aux |grep docker
root 13403 1.5 1.7 569176 68868 ? Ssl 06:12 0:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 13624 0.0 0.0 112724 988 pts/0 S+ 06:12 0:00 grep --color=auto docker[root@linux-001 yum.repos.d]# iptables -nvL
Chain INPUT (policy ACCEPT 490 packets, 229K bytes)pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)pkts bytes target prot opt in out source destination 0 0 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 519 packets, 234K bytes)pkts bytes target prot opt in out source destination Chain DOCKER (1 references)pkts bytes target prot opt in out source destination Chain DOCKER-ISOLATION-STAGE-1 (1 references)pkts bytes target prot opt in out source destination 0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references)pkts bytes target prot opt in out source destination 0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-USER (1 references)pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
[root@linux-001 yum.repos.d]#
3.Docker镜像管理
3.1 拉取一个镜像
- 拉镜像 docker pull centos
- 查看本地都有哪些镜像 docker images
[root@linux-001 yum.repos.d]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
8ba884070f61: Pull complete
Digest: sha256:a799dd8a2ded4a83484bbae769d97655392b3f86533ceb7dd96bbac929809f3c
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest[root@linux-001 yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 9f38484d220f 4 months ago 202MB[root@linux-001 yum.repos.d]# docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
7413c47ba209: Pull complete
0fe7e7cbb2e8: Pull complete
1d425c982345: Pull complete
344da5c95cec: Pull complete
Digest: sha256:c303f19cfe9ee92badbbbd7567bc1ca47789f79303ddcef56f77687d4744cd7a
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
[root@linux-001 yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 3556258649b2 7 days ago 64.2MB
centos latest 9f38484d220f 4 months ago 202MB
3.2 搜索都有哪些镜像
[root@linux-001 yum.repos.d]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5470 [OK]
ansible/centos7-ansible Ansible on Centos7 122 [OK]
jdeathe/centos-ssh CentOS-6 6.10 x86_64 / CentOS-7 7.6.1810 x86… 110 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 93 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 59
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 57 [OK]
tutum/centos Simple CentOS docker image with SSH access 44
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relational … 39
kinogmt/centos-ssh CentOS with SSH 28 [OK]
pivotaldata/centos-gpdb-dev CentOS image for GPDB development. Tag names… 10
nathonfowlie/centos-jre Latest CentOS image with the JRE pre-install… 8 [OK]
drecom/centos-ruby centos ruby 6 [OK]
mamohr/centos-java Oracle Java 8 Docker image based on Centos 7 3 [OK]
darksheer/centos Base Centos Image -- Updated hourly 3 [OK]
pivotaldata/centos Base centos, freshened up a little with a Do… 3
pivotaldata/centos-mingw Using the mingw toolchain to cross-compile t… 2
miko2u/centos6 CentOS6 日本語環境 2 [OK]
pivotaldata/centos-gcc-toolchain CentOS with a toolchain, but unaffiliated wi… 2
indigo/centos-maven Vanilla CentOS 7 with Oracle Java Developmen… 1 [OK]
mcnaughton/centos-base centos base image 1 [OK]
blacklabelops/centos CentOS Base Image! Built and Updates Daily! 1 [OK]
pivotaldata/centos7-dev CentosOS 7 image for GPDB development 0
fortinj66/centos7-s2i-nodejs based off of ryanj/centos7-s2i-nodejs. Bigg… 0
smartentry/centos centos with smartentry 0 [OK]
pivotaldata/centos6.8-dev CentosOS 6.8 image for GPDB development 0 3.3 给镜像添加标签
[root@linux-001 yum.repos.d]# docker tag centos xihaji
[root@linux-001 yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 3556258649b2 7 days ago 64.2MB
centos latest 9f38484d220f 4 months ago 202MB
xihaji latest 9f38484d220f 4 months ago 202MB
[root@linux-001 yum.repos.d]# docker tag centos xihaji:111
[root@linux-001 yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 3556258649b2 7 days ago 64.2MB
centos latest 9f38484d220f 4 months ago 202MB
xihaji 111 9f38484d220f 4 months ago 202MB
xihaji latest 9f38484d220f 4 months ago 202MB
[root@linux-001 yum.repos.d]# docker rmi xihaji:111
Untagged: xihaji:111
[root@linux-001 yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 3556258649b2 7 days ago 64.2MB
centos latest 9f38484d220f 4 months ago 202MB
xihaji latest 9f38484d220f 4 months ago 202MB
3.4 启动一个镜像
- docker run -itd centos //把镜像启动为容器,-i表示让容器的标准输入打开,-t表示分配一个伪终端,-d表示后台启动,要把-i -t -d 放到镜像名字前面
- docker ps //查看运行的容器,加上-a选项后可以查看所有容器,包括未运行的
- docker rmi centos //用来删除指定镜像, 其中后面的参数可以是tag,如果是tag时,实际上是删除该tag。当后面的参数为镜像ID时,则会彻底删除整个镜像,所有标签也会一同删除
[root@linux-001 yum.repos.d]# docker run -itd centos
30a0206c02f49184ceada96d353a9d8d25137de11d04f17613c432b923717fdc
[root@linux-001 yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
30a0206c02f4 centos "/bin/bash" 6 seconds ago Up 2 seconds flamboyant_keldysh
[root@linux-001 yum.repos.d]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
30a0206c02f4 centos "/bin/bash" 13 seconds ago Up 9 seconds flamboyant_keldysh4.通过容器创建镜像
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0bffc6ee3e46 centos "/bin/bash" 9 seconds ago Up 7 seconds heuristic_lewin
[root@linux-001 ~]# docker exec -it 0bffc6e bash //可以通过docker容器的ID的来进入镜像
[root@0bffc6ee3e46 /]# pwd
/
[root@0bffc6ee3e46 /]# ls
anaconda-post.log bin dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@0bffc6ee3e46 /]# sf -h
bash: sf: command not found
[root@0bffc6ee3e46 /]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 16G 9.7G 6.1G 62% /
tmpfs 64M 0 64M 0% /dev
tmpfs 407M 0 407M 0% /sys/fs/cgroup
shm 64M 0 64M 0% /dev/shm
/dev/sda3 16G 9.7G 6.1G 62% /etc/hosts
tmpfs 407M 0 407M 0% /proc/asound
tmpfs 407M 0 407M 0% /proc/acpi
tmpfs 407M 0 407M 0% /proc/scsi
tmpfs 407M 0 407M 0% /sys/firmware
[root@0bffc6ee3e46 /]# freetotal used free shared buff/cache available
Mem: 832056 429240 62436 2864 340380 203108
Swap: 4194300 369920 3824380[root@0bffc6ee3e46 /]# yum install -y net-tools //按转一个查看ip的命令
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile* base: mirrors.neusoft.edu* extras: mirrors.163* updates: mirror.lzu.edu
Resolving Dependencies
--> Running transaction check
---> Package net-tools.x86_64 0:2.0-0.24.20131004git.el7 will be installed
--> Finished Dependency ResolutionDependencies Resolved===================================================================================================================================Package Arch Version Repository Size
===================================================================================================================================
Installing:net-tools x86_64 2.0-0.24.20131004git.el7 base 306 kTransaction Summary
===================================================================================================================================
Install 1 PackageTotal download size: 306 k
Installed size: 918 k
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/net-tools-2.0-0.24.20131004git.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for net-tools-2.0-0.24.20131004git.el7.x86_64.rpm is not installed
net-tools-2.0-0.24.20131004git.el7.x86_64.rpm | 306 kB 00:00:05
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos>"Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5Package : centos-release-7-6.1810.2.el7.centos.x86_64 (@CentOS)From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transactionInstalling : net-tools-2.0-0.24.20131004git.el7.x86_64 1/1Verifying : net-tools-2.0-0.24.20131004git.el7.x86_64 1/1Installed:net-tools.x86_64 0:2.0-0.24.20131004git.el7Complete!
[root@0bffc6ee3e46 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)RX packets 4735 bytes 14123948 (13.4 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 3710 bytes 204142 (199.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@0bffc6ee3e46 /]# exit
exit
可以查看到虚拟机的网卡多了一个虚拟网卡
[root@linux-001 ~]# ifconfig //可以查看到本机的网卡信息又多了一个
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255inet6 fe80::42:93ff:fefc:80a5 prefixlen 64 scopeid 0x20<link>ether 02:42:93:fc:80:a5 txqueuelen 0 (Ethernet)RX packets 3710 bytes 152202 (148.6 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 4727 bytes 14123292 (13.4 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.174.128 netmask 255.255.255.0 broadcast 192.168.174.255inet6 fe80::8db4:d867:92de:d2d1 prefixlen 64 scopeid 0x20<link>ether 00:0c:29:f2:1e:51 txqueuelen 1000 (Ethernet)RX packets 142954 bytes 204269440 (194.8 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 30885 bytes 2044485 (1.9 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.141.122 netmask 255.255.255.0 broadcast 192.168.141.255ether 00:0c:29:f2:1e:51 txqueuelen 1000 (Ethernet)ens37: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.23.88 netmask 255.255.255.0 broadcast 192.168.23.255inet6 fe80::1bd9:6a99:3db1:3ce6 prefixlen 64 scopeid 0x20<link>ether 00:0c:29:f2:1e:5b txqueuelen 1000 (Ethernet)RX packets 52388 bytes 4838959 (4.6 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 17 bytes 1292 (1.2 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0inet6 ::1 prefixlen 128 scopeid 0x10<host>loop txqueuelen 1000 (Local Loopback)RX packets 2 bytes 140 (140.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 2 bytes 140 (140.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0veth5442e25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet6 fe80::94eb:93ff:fedf:3a4d prefixlen 64 scopeid 0x20<link>ether 96:eb:93:df:3a:4d txqueuelen 0 (Ethernet)RX packets 3710 bytes 204142 (199.3 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 4735 bytes 14123948 (13.4 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions
把安装net-tools包的镜像制作出来
[root@linux-001 ~]# docker commit -m 'install net-tools' -a 'ceshi' 0bffc6ee3e46 centos_with_net
sha256:033b19859e80217014d169c74592b3a1e303f1584a42b5b8230abcc078a6b8fb
[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_with_net latest 033b19859e80 16 seconds ago 308MB
centos latest 9f38484d220f 4 months ago 202MB
[root@linux-001 ~]# docker run -itd centos_with_net
e53f45fc5cf09b9680b21020e1f6d4a6d92f930c8cbc3063c266dc3ea75794b2
[root@linux-001 ~]# docker exec -it e53f45fc5 bash
[root@e53f45fc5cf0 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)RX packets 8 bytes 656 (656.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@e53f45fc5cf0 /]# exit
exit
5.容器管理
[root@linux-001 ~]# docker create -it centos bash //创建一个容器
318ea156bbd68843caead157785790cf2595d4824439e53b5e024b95b02ae08b[root@linux-001 ~]# docker start 318ea156 //启动这个容器
318ea156
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
318ea156bbd6 centos "bash" 39 seconds ago Up 3 seconds bold_mahavira
e53f45fc5cf0 centos_with_net "/bin/bash" 24 hours ago Up 24 hours quizzical_austin
0bffc6ee3e46 centos "/bin/bash" 24 hours ago Up 24 hours heuristic_lewin[root@linux-001 ~]# docker attach 318 //打开一个再后台运行的容器
[root@318ea156bbd6 /]# ifconfig
bash: ifconfig: command not found
[root@318ea156bbd6 /]# exit
exit
[root@linux-001 ~]# docker logs 318ea156bbd6 //查看容器使用的历史信息
[root@318ea156bbd6 /]# ifconfig
bash: ifconfig: command not found
[root@318ea156bbd6 /]# exit
exit[root@linux-001 ~]# docker exec -it 1701bd8d5c3f bash //临时进入一个容器
[root@1701bd8d5c3f /]# w20:24:32 up 3 days, 9 min, 0 users, load average: 0.03, 0.03, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
[root@1701bd8d5c3f /]# exit
exit
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1701bd8d5c3f centos "bash" 36 minutes ago Up 36 minutes heuristic_cartwright
e53f45fc5cf0 centos_with_net "/bin/bash" 25 hours ago Up 25 hours quizzical_austin
0bffc6ee3e46 centos "/bin/bash" 25 hours ago Up 25 hours heuristic_lewin[root@linux-001 ~]# docker rm -f 0bffc6ee3e46 //删除一个容器,如果容器正在运行,可以使用-f选项
0bffc6ee3e46
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1701bd8d5c3f centos "bash" 37 minutes ago Up 37 minutes heuristic_cartwright
e53f45fc5cf0 centos_with_net "/bin/bash" 25 hours ago Up 25 hours quizzical_austin[root@linux-001 ~]# docker export e53f45fc5cf0 > test.tar //导出容器,可以迁移到其他机器
6.仓库管理
[root@linux-001 ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
c87736221ed0: Pull complete
1cc8e0bb44df: Pull complete
54d33bcb37f5: Pull complete
e8afc091c171: Pull complete
b4541f6d3db6: Pull complete
Digest: sha256:8004747f1e8cd820a148fb7499d71a76d45ff66bac6a29129bfdbfdc0154d146
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest[root@linux-001 ~]# docker run -d -p 5000:5000 registry
7d16df3d0cf2b6e8a1517d65acfae980727244d22f4dd5b592ceb1569219b874
[root@linux-001 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7d16df3d0cf2 registry "/entrypoint.sh /etc…" 16 seconds ago Up 14 seconds 0.0.0.0:5000->5000/tcp romantic_bohr
cbaf96776fdf registry "/entrypoint.sh bash" 2 minutes ago Exited (127) 2 minutes ago xenodochial_curie
1701bd8d5c3f centos "bash" About an hour ago Up About an hour heuristic_cartwright
318ea156bbd6 centos "bash" About an hour ago Exited (127) About an hour ago bold_mahavira
05c1ce68e721 centos "bash" About an hour ago Created mystifying_aryabhata
e53f45fc5cf0 centos_with_net "/bin/bash" 26 hours ago Up 26 hours quizzical_austin[root@linux-001 ~]# curl 127.0.0.1:5000/v2/_catalog
{"repositories":[]}[root@linux-001 ~]# docker tag centos_with_net 192.168.174.128:5000/centos[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.174.128:5000/centos latest 033b19859e80 26 hours ago 308MB
centos_with_net latest 033b19859e80 26 hours ago 308MB
centos latest 9f38484d220f 4 months ago 202MB
registry latest f32a97de94e1 4 months ago 25.8MB[root@linux-001 ~]# docker push 192.168.174.128:5000/centos
The push refers to repository [192.168.174.128:5000/centos]
Get https://192.168.174.128:5000/v2/: http: server gave HTTP response to HTTPS client
如果遇到以上的错误,我们需要给daemon.json中添加一个仓库地址。
[root@linux-001 ~]# echo '{ "insecure-registries":["192.168.174.128:5000"] }' > /etc/docker/daemon.json[root@linux-001 ~]# systemctl restart docker
[root@linux-001 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7d16df3d0cf2 registry "/entrypoint.sh /etc…" 24 minutes ago Exited (2) 9 seconds ago romantic_bohr
cbaf96776fdf registry "/entrypoint.sh bash" 26 minutes ago Exited (127) 3 minutes ago xenodochial_curie
1701bd8d5c3f centos "bash" 2 hours ago Exited (137) 14 minutes ago heuristic_cartwright
318ea156bbd6 centos "bash" 2 hours ago Exited (127) About an hour ago bold_mahavira
05c1ce68e721 centos "bash" 2 hours ago Created mystifying_aryabhata
e53f45fc5cf0 centos_with_net "/bin/bash" 26 hours ago Exited (137) 4 minutes ago quizzical_austin
[root@linux-001 ~]# docker start 7d16df3d0cf2
7d16df3d0cf2
[root@linux-001 ~]# docker push 192.168.174.128:5000/centos
The push refers to repository [192.168.174.128:5000/centos]
18c86999e0c7: Pushed
d69483a6face: Pushed
latest: digest: sha256:a22b6c5b3e1c224ee6f2e61fb4ac887bea8300fa4fe9231fd5ac62b105d57148 size: 741[root@linux-001 ~]# !curl
curl 192.168.174.128:5000/v2/_catalog
{"repositories":["centos"]}
在另外一台机器上如何拉取这个容器呢?
[root@linux-03 ~]# echo '{ "insecure-registries":["192.168.174.128:5000"] }' > /etc/docker/daemon.json
[root@linux-03 ~]# docker pull 192.168.174.128:5000/centos
Using default tag: latest
Trying to pull repository 192.168.174.128:5000/centos ...
Get https://192.168.174.128:5000/v1/_ping: http: server gave HTTP response to HTTPS client
[root@linux-03 ~]# systemctl restart docker
[root@linux-03 ~]# docker pull 192.168.174.128:5000/centos
Using default tag: latest
Trying to pull repository 192.168.174.128:5000/centos ...
latest: Pulling from 192.168.174.128:5000/centos
8ba884070f61: Pull complete
b811eccffd18: Pull complete
Digest: sha256:a22b6c5b3e1c224ee6f2e61fb4ac887bea8300fa4fe9231fd5ac62b105d57148
Status: Downloaded newer image for 192.168.174.128:5000/centos:latest
[root@linux-03 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.174.128:5000/centos latest 033b19859e80 45 hours ago 308 MB
[root@linux-03 ~]#
7.数据管理
[root@linux-001 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2d9fd165850a centos "bash" About a minute ago Exited (127) 10 seconds ago vigorous_noether
7d16df3d0cf2 registry "/entrypoint.sh /etc…" 20 hours ago Up 20 hours 0.0.0.0:5000->5000/tcp romantic_bohr
cbaf96776fdf registry "/entrypoint.sh bash" 20 hours ago Exited (127) 20 hours ago xenodochial_curie
1701bd8d5c3f centos "bash" 21 hours ago Exited (137) 20 hours ago heuristic_cartwright
318ea156bbd6 centos "bash" 22 hours ago Exited (127) 21 hours ago bold_mahavira
05c1ce68e721 centos "bash" 22 hours ago Created mystifying_aryabhata
e53f45fc5cf0 centos_with_net "/bin/bash" 46 hours ago Exited (137) 20 hours ago quizzical_austin[root@linux-001 ~]# docker start 2d9fd165850a
2d9fd165850a
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2d9fd165850a centos "bash" 2 minutes ago Up 40 seconds vigorous_noether
7d16df3d0cf2 registry "/entrypoint.sh /etc…" 20 hours ago Up 20 hours 0.0.0.0:5000->5000/tcp romantic_bohr
[root@linux-001 ~]# docker run -tid -v /data/:/data centos bash1df90d63fea26ea87ef62a862209f98b6bc214f34c33c3d9c415156807352cff
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1df90d63fea2 centos "bash" 9 minutes ago Up 8 minutes stoic_hamilton
2d9fd165850a centos "bash" 12 minutes ago Up 10 minutes vigorous_noether
7d16df3d0cf2 registry "/entrypoint.sh /etc…" 21 hours ago Up 20 hours 0.0.0.0:5000->5000/tcp romantic_bohr[root@linux-001 ~]# ls /data
gitdata mariadb mysql redis_data wwwroot[root@linux-001 ~]# docker exec 1df90d63fe bash
[root@linux-001 ~]# docker exec -it 1df90d63fe bash
[root@1df90d63fea2 /]# ls /data/
gitdata mariadb mysql redis_data wwwroot
[root@1df90d63fea2 /]# mkdir 123
[root@1df90d63fea2 /]# mkdir /data/123
[root@1df90d63fea2 /]# exit
exit
[root@linux-001 ~]# ls /data/
123 gitdata mariadb mysql redis_data wwwroot
[root@linux-001 ~]
刚才我们挂载了本地的宿主机目录data到容器上,还可以挂载容器上的data目录到新的容器。
[root@linux-001 ~]# docker run -itd -v /data/:/data centos bash
75114cba041de9a7f8090727258fb2efe1f384c2fe6193d9e4e24ef390217d86
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
75114cba041d centos "bash" 9 seconds ago Up 8 seconds compassionate_mendel
33345dcb8d9d registry "/entrypoint.sh /etc…" 33 minutes ago Up 33 minutes 0.0.0.0:5000->5000/tcp gallant_joliot
[root@linux-001 ~]# docker run -itd --volumes-from compassionate_mendel centos bash
69fbffb8c07a592b879ddab0a757fc8964b18f684e35b51bc4b75a3fcaea02c6
[root@linux-001 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTSNAMES
69fbffb8c07a centos "bash" 5 seconds ago Up 4 secondsamazing_tu
75114cba041d centos "bash" About a minute ago Up About a minutecompassionate_mendel
33345dcb8d9d registry "/entrypoint.sh /etc…" 34 minutes ago Up 34 minutes 0.0.0.0:5000->5000/tcpgallant_joliot
[root@linux-001 ~]# docker exec -it 69fbffb8c07a bash
[root@69fbffb8c07a /]# ls /data/
123 gitdata mariadb mysql redis_data wwwroot
[root@69fbffb8c07a /]#
7.数据卷备份恢复
如果我们宿主机的目录没有在容器中映射,我们需要如何恢复容器中的数据呢?这时候我们新建一个容器共享有数据的容器中的数据目录,然后此新建容器映射宿主机中的目录,然后把挂载的数据容器的数据拷贝到映射的目录即可数据备份。
备份mkdir /data/backupdocker run --volumes-from testvol -v /data/backup/:/backup centos tar cvf /backup/data.tar /data/说明:首先我们需要使用testvol数据卷新开一个容器,同时我们还需要把本地的/vol_data_backup/目录挂载到该容器的/backup下,这样在容器中/backup目录里面新建的文件,我们就可以直接在/data/backup/目录中看到了。 然后再把/data/目录下面的文件打包到成data.tar文件放到/backup目录下面。恢复思路: 先新建一个数据卷容器,再建一个新的容器并挂载该数据卷容器,然后再把tar包解包。新建数据卷容器:docker run -itd -v /data/ --name testvol2 centos bash挂载数据卷新建容器,并解包:docker run --volumes-from testvol2 -v /data/backup/:/backup centos tar xf /backup/data.tar
8.docker网络模式
host模式,使用docker run时使用–net=host指定
docker使用的网络实际上和宿主机一样,在容器内看到的网卡ip是宿主机ip
container模式,使用–net=container:container_id/container_name
多个容器使用共同的网络,看到的ip是一样的
none模式,使用–net=none指定
这种模式下,不会配置任何网络
bridge模式,使用–net=bridge指定默认模式,不用指定默认就是这种网络模式。这种模式会为每个容器分配一个独立的Network Namespace。类似于vmware的nat网络模式。同一个宿主机上的所有容器会在同一个网段下,相互之间是可以通信的。
8.1外部访问容器
[root@linux-001 ~]# docker run -it centos
[root@90c75ea93e54 yum.repos.d]# yum install -y httpd
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile* base: mirrors.163* extras: mirrors.163* updates: mirrors.163
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-89.el7.centos.1 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-89.el7.centos.1 for package: httpd-2.4.6-89.el7.centos.1.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-89.el7.centos.1.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-89.el7.centos.1.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-89.el7.centos.1.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-89.el7.centos.1.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
---> Package httpd-tools.x86_64 0:2.4.6-89.el7.centos.1 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency ResolutionDependencies Resolved===================================================================================================================================Package Arch Version Repository Size
===================================================================================================================================
Installing:httpd x86_64 2.4.6-89.el7.centos.1 updates 2.7 M
Installing for dependencies:apr x86_64 1.4.8-3.el7_4.1 base 103 kapr-util x86_64 1.5.2-6.el7 base 92 kcentos-logos noarch 70.0.6-3.el7.centos base 21 Mhttpd-tools x86_64 2.4.6-89.el7.centos.1 updates 91 kmailcap noarch 2.1.41-2.el7 base 31 kTransaction Summary
===================================================================================================================================
Install 1 Package (+5 Dependent packages)Total download size: 24 M
Installed size: 31 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-1.4.8-3.el7_4.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-1.4.8-3.el7_4.1.x86_64.rpm is not installed
(1/6): apr-1.4.8-3.el7_4.1.x86_64.rpm | 103 kB 00:00:05
Public key for httpd-tools-2.4.6-89.el7.centos.1.x86_64.rpm is not installed ] 0.0 B/s | 103 kB --:--:-- ETA
(2/6): httpd-tools-2.4.6-89.el7.centos.1.x86_64.rpm | 91 kB 00:00:05
(3/6): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:00:18
(4/6): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
(5/6): centos-logos-70.0.6-3.el7.centos.noarch.rpm | 21 MB 00:00:30
(6/6): httpd-2.4.6-89.el7.centos.1.x86_64.rpm | 2.7 MB 00:00:36
-----------------------------------------------------------------------------------------------------------------------------------
Total 592 kB/s | 24 MB 00:00:42
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos>"Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5Package : centos-release-7-6.1810.2.el7.centos.x86_64 (@CentOS)From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transactionInstalling : apr-1.4.8-3.el7_4.1.x86_64 1/6Installing : apr-util-1.5.2-6.el7.x86_64 2/6Installing : httpd-tools-2.4.6-89.el7.centos.1.x86_64 3/6Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/6Installing : mailcap-2.1.41-2.el7.noarch 5/6Installing : httpd-2.4.6-89.el7.centos.1.x86_64 6/6Verifying : httpd-2.4.6-89.el7.centos.1.x86_64 1/6Verifying : httpd-tools-2.4.6-89.el7.centos.1.x86_64 2/6Verifying : mailcap-2.1.41-2.el7.noarch 3/6Verifying : apr-util-1.5.2-6.el7.x86_64 4/6Verifying : apr-1.4.8-3.el7_4.1.x86_64 5/6Verifying : centos-logos-70.0.6-3.el7.centos.noarch 6/6Installed:httpd.x86_64 0:2.4.6-89.el7.centos.1Dependency Installed:apr.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 centos-logos.noarch 0:70.0.6-3.el7.centoshttpd-tools.x86_64 0:2.4.6-89.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7Complete!
[root@90c75ea93e54 yum.repos.d]# systemctl start httpd
Failed to get D-Bus connection: Operation not permitted8.2 Failed to get D-Bus connection: Operation not permitted
[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_with_net latest 033b19859e80 4 days ago 308MB
192.168.174.128:5000/centos <none> 033b19859e80 4 days ago 308MB
192.168.174.128:5000/centos latest 9f38484d220f 4 months ago 202MB
centos latest 9f38484d220f 4 months ago 202MB
registry latest f32a97de94e1 5 months ago 25.8MB
[root@linux-001 ~]# docker start 90c75ea93e54
90c75ea93e54
[root@linux-001 ~]# docker commit -m "install httpd" -a "test" 90c75ea93e54 "centos_httpd"
sha256:2a41eb7f21afe81b613540e0c1bea340e0ed969c8e26b284de7cf088f1eaabbe
[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_httpd latest 2a41eb7f21af 55 minutes ago 346MB
centos_with_net latest 033b19859e80 4 days ago 308MB
192.168.174.128:5000/centos <none> 033b19859e80 4 days ago 308MB
192.168.174.128:5000/centos latest 9f38484d220f 4 months ago 202MB
centos latest 9f38484d220f 4 months ago 202MB
registry latest f32a97de94e1 5 months ago 25.8MB
[root@linux-001 ~]# docker run -itd -p 8080:80 --privileged -e "container=docker" centos_httpd /usr/sbin/init
6cb1d3729fe9b76f1c89a68bf8f8732bff3b7e5bec1982d9f3a336f50e0639e4
[root@linux-001 ~]# docker exec -it 6cb1d3729 bash
[root@6cb1d3729fe9 /]# systemctl start httpd
[root@6cb1d3729fe9 /]# ps aux |grep http
root 3406 0.4 0.5 224052 4980 ? Ss 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
apache 3407 0.0 0.3 224052 2948 ? S 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
apache 3408 0.0 0.3 224052 2948 ? S 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
apache 3409 0.0 0.3 224052 2948 ? S 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
apache 3410 0.0 0.3 224052 2948 ? S 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
apache 3411 0.0 0.3 224052 2948 ? S 18:14 0:00 /usr/sbin/httpd -DFOREGROUND
root 3413 0.0 0.0 9088 668 pts/1 S+ 18:14 0:00 grep --color=auto http[root@6cb1d3729fe9 /]# exit
exit
[root@linux-001 ~]# curl localhost:8080内容省略
8.3 配置桥接网络
首先配置网卡信息,复制一份ens33网卡信息位br0,ens33网卡设置信息如下
br0的信息设置如下,设置完成需要重启网卡。
下载一个给容器设置ip地址的命令pipework
[root@linux-001 ~]# git clone
正克隆到 'pipework'...
remote: Enumerating objects: 501, done.
remote: Total 501 (delta 0), reused 0 (delta 0), pack-reused 501
接收对象中: 100% (501/501), 172.97 KiB | 70.00 KiB/s, done.
处理 delta 中: 100% (264/264), done.
[root@linux-001 ~]# cd pipework/
[root@linux-001 pipework]# ls
docker-compose.yml doctoc LICENSE pipework pipework.spec README.md
[root@linux-001 pipework]# cp pipework /usr/local/bin/
[root@linux-001 pipework]#
新建一个容器,
[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_httpd latest 2a41eb7f21af 2 hours ago 346MB
centos_with_net latest 033b19859e80 5 days ago 308MB
192.168.174.128:5000/centos <none> 033b19859e80 5 days ago 308MB
192.168.174.128:5000/centos latest 9f38484d220f 4 months ago 202MB
centos latest 9f38484d220f 4 months ago 202MB
registry latest f32a97de94e1 5 months ago 25.8MB
[root@linux-001 ~]# docker run -itd --net=none centos_httpd bash
b4474638742b54eaf66951572719c85c732351972011bc904f475590284d0603
[root@linux-001 ~]# docker exec -it b4474638 bash
[root@bf777790acde /]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@bf777790acde /]# exit
exit
[root@linux-001 ~]# pipework br0 bf777790a 192.168.174.127/24@192.168.174.2
[root@linux-001 ~]# docker exec -it bf777790a bash
[root@bf777790acde /]# ifconfig
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.174.127 netmask 255.255.255.0 broadcast 192.168.174.255ether fe:85:ff:f5:19:86 txqueuelen 1000 (Ethernet)RX packets 7 bytes 586 (586.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 1 bytes 42 (42.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@bf777790acde /]# ping www.baidu
PING www.a.shifen (180.101.49.12) 56(84) bytes of data.
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=1 ttl=128 time=11.5 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=2 ttl=128 time=12.1 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=3 ttl=128 time=12.1 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=4 ttl=128 time=11.9 ms
64 bytes from 180.101.49.12 (180.101.49.12): icmp_seq=5 ttl=128 time=12.2 ms
^C
--- www.a.shifen ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 13024ms
rtt min/avg/max/mdev = 11.596/12.021/12.250/0.239 ms
9.DockerFile的格式
- FROM //指定基于哪个基础镜像
格式 FROM <image> 或者 FROM <image>:<tag>, 比如
FROM centos
FROM centos:latest- MAINTAINER //指定作者信息
格式 MAINTAIN <name> ,比如
MAINTAINER xihaji admin@xihaji- RUN //镜像操作指令
格式为 RUN <command> 或者 RUN [“executable”, “param1”, “param2”],比如
RUN yum install httpd
RUN ["/bin/bash", “-c”, “echo hello”]- CMD // 三种格式:
CMD [“executable”, “param1”, “param2”]
CMD command param1 param2
CMD [“param1”, “param2”]
RUN和CMD看起来挺像,但是CMD用来指定容器启动时用到的命令,只能有一条。比如
CMD ["/bin/bash", “/usr/local/nginx/sbin/nginx”, “-c”, “/usr/local/nginx/conf/nginx.conf”]- EXPOSE
格式为 EXPOSE <port> [<port>…] , 比如
EXPOSE 22 80 8443
这个用来指定要映射出去的端口,比如容器内部我们启动了sshd和nginx,所以我们需要把22和80端口暴漏出去。这个需要配合-P(大写)来工作,也就是说在启动容器时,需要加上-P,让它自动分配。如果想指定具体的端口,也可以使用-p(小写)来指定。- ENV
格式 ENV <key> <value>, 比如
ENV PATH /usr/local/mysql/bin:$PATH
它主要是为后续的RUN指令提供一个环境变量,我们也可以定义一些自定义的变量
ENV MYSQL_version 5.6- ADD
格式 add <src> <dest>
将本地的一个文件或目录拷贝到容器的某个目录里。 其中src为Dockerfile所在目录的相对路径,它也可以是一个url。比如
ADD <conf/vhosts> </usr/local/nginx/conf>- COPY
格式同add
使用方法和add一样,不同的是,它不支持url- ENTRYPOINT 格式类似CMD
容器启动时要执行的命令,它和CMD很像,也是只有一条生效,如果写多个只有最后一条有效。和CMD不同是:
CMD 是可以被 docker run 指令覆盖的,而ENTRYPOINT不能覆盖。比如,容器名字为aming
我们在Dockerfile中指定如下CMD:
CMD ["/bin/echo", “test”]
启动容器的命令是 docker run aming 这样会输出 test
假如启动容器的命令是 docker run -it aming /bin/bash 什么都不会输出
ENTRYPOINT不会被覆盖,而且会比CMD或者docker run指定的命令要靠前执行
ENTRYPOINT [“echo”, “test”]
docker run -it aming 123 //123为命令
则会输出 test 123 ,这相当于要执行命令 echo test 123- VOLUME
格式 VOLUME ["/data"]
创建一个可以从本地主机或其他容器挂载的挂载点。- USER
格式 USER daemon
指定运行容器的用户- WORKDIR
格式 WORKDIR /path/to/workdir
为后续的RUN、CMD或者ENTRYPOINT指定工作目录
10. Dockerfile示例
使用dockerfile安装nginx
[root@linux-001 ~]# vim Dockerfile
## Set the base image to CentOS
FROM centos
# File Author / Maintainer
MAINTAINER xihaji admin@xihaji
# Install necessary tools
RUN yum install -y pcre-devel wget net-tools gcc zlib zlib-devel make openssl-devel
# Install Nginx
ADD .12.1.tar.gz .
RUN tar zxvf nginx-1.12.1.tar.gz
RUN mkdir -p /usr/local/nginx
RUN cd nginx-1.12.1 && ./configure --prefix=/usr/local/nginx && make && make install
RUN rm -fv /usr/local/nginx/conf/nginx.conf
ADD /.nginx_conf /usr/local/nginx/conf/nginx.conf
# Expose ports
EXPOSE 80
# Set the default command to execute when creating a new container
ENTRYPOINT /usr/local/nginx/sbin/nginx && tail -f /etc/passwd
出现如下图的信息,说明我们已经安装成功
同时,我们也可以打开容器,查看nginx服务是否有启动
[root@linux-001 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_nginx latest d647a90be189 About a minute ago 416MB
centos_httpd latest 2a41eb7f21af 3 hours ago 346MB
centos_with_net latest 033b19859e80 5 days ago 308MB
192.168.174.128:5000/centos <none> 033b19859e80 5 days ago 308MB
192.168.174.128:5000/centos latest 9f38484d220f 4 months ago 202MB
centos latest 9f38484d220f 4 months ago 202MB
registry latest f32a97de94e1 5 months ago 25.8MB
[root@linux-001 ~]# docker run -itd centos_nginx bash
a0ec80fb0775329c7ad789d0071e60cccde8713c0b96a0e7ce1c6b8d3b63eb1c
[root@linux-001 ~]# docker exec -it a0ec80fb0 bash
[root@a0ec80fb0775 /]# ps aux |grep nginx
root 1 0.1 0.1 11680 1356 pts/0 Ss+ 20:35 0:00 /bin/sh -c /usr/local/nginx/sbin/nginx && tail -f /etc/passwd bash
root 7 0.0 0.0 20540 624 ? Ss 20:35 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 9 0.0 0.3 22984 3196 ? S 20:35 0:00 nginx: worker process
nobody 10 0.0 0.3 22984 3196 ? S 20:35 0:00 nginx: worker process
root 25 0.0 0.0 9088 664 pts/1 S+ 20:36 0:00 grep --color=auto nginx
[root@a0ec80fb0775 /]# exit
exit
[root@linux-001 ~]#
11.Docker compose 批量管理容器
11.1用Docker compose部署服务
docker compose可以方便我们快捷高效地管理容器的启动、停止、重启等操作,它类似于linux下的shell脚本,基于yaml语法,在该文件里我们可以描述应用的架构,比如用什么镜像、数据卷、网络模式、监听端口等信息。我们可以在一个compose文件中定义一个多容器的应用(比如jumpserver),然后通过该compose来启动这个应用。
安装compose方法如下
curl -L .17.0-rc1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod 755 !$
docker-compose version 查看版本信息
Compose区分Version 1和Version 2(Compose 1.6.0+,Docker Engine 1.10.0+)。Version 2支持更多的指令。Version 1没有声明版本默认是"version 1"。Version 1将来会被弃用。
[root@linux-001 ~]# curl -L .17.0-rc1/docker-compose-`uname -s`-`uname -m` >/usr/local/bin/docker-compose% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed
100 617 0 617 0 0 51 0 --:--:-- 0:00:11 --:--:-- 140
100 8649k 100 8649k 0 0 21316 0 0:06:55 0:06:55 --:--:-- 26897
[root@linux-001 ~]# chmod 755 /usr/local/bin/docker-compose
[root@linux-001 ~]# docker-compose -v
docker-compose version 1.17.0-rc1, build a0f95af11.2 实例
[root@linux-001 ~]# vim docker-compose.ymlversion: "2"
services:app1:image: centos_nginxports:- "8080:80"networks:- "net1"volumes:- /data/:/dataapp2:image: centos_httpdnetworks:- "net2"volumes:- /data/:/data1entrypoint: tail -f /etc/passwd
networks:net1:driver: bridgenet2:driver: bridge[root@linux-001 ~]# docker-compose up -d
Creating network "root_net2" with driver "bridge"
Creating network "root_net1" with driver "bridge"
Creating root_app2_1 ...
Creating root_app1_1 ...
Creating root_app1_1
Creating root_app2_1 ... done
[root@linux-001 ~]# docker-compose psName Command State Ports
---------------------------------------------------------------------------
root_app1_1 /bin/sh -c /usr/local/ngin ... Up 0.0.0.0:8080->80/tcp
root_app2_1 tail -f /etc/passwd Up
[root@linux-001 ~]# docker-compose stop
Stopping root_app2_1 ... done
Stopping root_app1_1 ... done
[root@linux-001 ~]# docker-compose psName Command State Ports
---------------------------------------------------------------
root_app1_1 /bin/sh -c /usr/local/ngin ... Exit 137
root_app2_1 tail -f /etc/passwd Exit 137
[root@linux-001 ~]#11.3 docker-compose语法扩展
关于docker-compose语法的参考文档
/index/article/182.html
更多推荐
学习笔记0729
发布评论