admin管理员组文章数量:1634987
Docker入门到精通
教程地址:https://www.bilibili/video/BV1og4y1q7M4?p=1,此笔记配合狂神老师讲的Docker教程使用《【狂神说Java】Docker最新超详细版教程通俗易懂>,如有错误十分抱歉
笔记下载地址:https://wwt.lanzouq/i2sxR1rgvl7e
一、Docker概述
1.1 Docker简介
Docker是一个开源的引擎,可以轻松的为任何应用创建一个轻量级的、可移植的、自给自足的容器。开发者在笔记本上编译测试通过的容器可以批量地在生产环境中部署,包括VMs(虚拟机)、bare metal、OpenStack 集群和其他的基础应用平台。
1.2 Docker出现原因
- 开发-上线 两套环境难以匹配
- 环境配置十分麻烦,费时、费力 (集群Redis、MySQL、Hadoop…)
- 不能跨平台 —— 虚拟机
- 传统: 开发jar ,运维
- 现在: 开发、打包、部署。一套流程完成
java——apk——发布(应用商店)——安装既可用
java——jar——打包项目,带上环境(Docker仓库:商店)——下载镜像,直接运行便可使用
1.3 Docker官方
- Docker官网
https://www.docker/
- Docker文档
https://docs.docker/
- DockerHub(仓库)
https://hub.docker/
1.4 虚拟技术
- 之前的虚拟机技术
虚拟机缺点:
- 资源占用十分多
- 冗余步骤多
- 启动速度慢
- 容器化技术
比较传统虚拟机和Docker的不同:
- 传统虚拟机:虚拟出硬件,运行一套完整的操作系统,然后在这个系统上安装和运行软件
- Docker:
- 容器中的应用直接运行在宿主机的内核,容器是没有自己的内核的
- 每个容器间是相互隔离的,每个容器内都拥有一个属于自己的文件系统,互不影响
1.4 Docker优点
DevOps(开发,运维)
-
更快速的交付和部署
- 传统:帮助文档,安装程序
- Docker:打包镜像、发布测试、一键运行
-
更便捷的升级和扩缩容(拼积木)
-
更简单的系统运维(开发、测试环境高度一致)
-
更高效的计算资源利用
- Docker 是内核级别的虚拟化,可以在一个物理机上运行很多的容器实例,可以充分利用物理机性能
1.5 Docker学习路线
1.5.1Docker单体应用
- Docker安装
- Docker命令
- 镜像命令
- 容器命令
- 操作命令
- …
- Docker镜像
- 容器数据卷
- DockerFile
- Docker网络原理
- IDEA整合Docker
1.5.2 Docker集群应用
- Docker Compose
- Docker Swarm
- CI\CD Jenkins
- K8s
弱小和无知不是生存的障碍,傲慢才是
二、Docker安装
2.1 Docker架构
2.2 Docker底层原理
- Docker是一个Client-Server结构的系统,Docker的守护进程运行在主机上,通告Socket从客户端访问
- DockerServer接收到DockerClient的指令,就会执行这个命令
2.3 Docker为什么比VM快
- Docker比虚拟机有着更少的抽象层
-
Docker利用的是宿主机的内核,VM需要Guest OS
- VM加载Guest OS,分钟级
- Docker新建容器不需要重新加载一个操作系统的内核,避免引导,利用宿主机的操作系统,省略了加载过程,秒级
2.4 概念
- 镜像(image):一个模板,通告镜像创建多个容器
- 容器(container):独立运行一个或一组应用,一个简易的操作系统
- 仓库(repository):存放镜像
2.5 安装
前置:
- Linux基础
- Linux系统
- Xshell连接工具
2.5.1 CentOS 7安装Docker
- 查看系统环境
[root@localhost ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos/"
BUG_REPORT_URL="https://bugs.centos/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
[root@localhost ~]#
- 删除旧版Docker
[root@localhost ~]# sudo yum remove docker \
> docker-cTient \
> docker-client-latest \
> docker-common \
> docker-Tatest \
> docker-Tatest-logrotate \
> docker-Togrotate \
> docker-engineXs
已加载插件:fastestmirror
参数 docker 没有匹配
参数 docker-cTient 没有匹配
参数 docker-client-latest 没有匹配
参数 docker-common 没有匹配
参数 docker-Tatest 没有匹配
参数 docker-Tatest-logrotate 没有匹配
参数 docker-Togrotate 没有匹配
参数 docker-engineXs 没有匹配
不删除任何软件包
- 下载需要的安装包
[root@localhost ~]# yum install -y yum-utils
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 8.2 kB 00:00:00
* base: mirrors.aliyun
* centos-sclo-rh: mirrors.huaweicloud
* epel: mirror.nyist.edu
* extras: mirrors.aliyun
* updates: mirrors.aliyun
base | 3.6 kB 00:00:00
centos-sclo-rh | 3.0 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
软件包 yum-utils-1.1.31-54.el7_8.noarch 已安装并且是最新版本
无须任何处理
[root@localhost ~]#
- 设置镜像的仓库
yum-config-manager \
--add-repo \
https://download.docker/linux/centos/docker-ce.repo # 默认是从国外的
yum-config-manager --add-repo http://mirrors.aliyun/docker-ce/linux/centos/docker-ce.repo # 阿里仓库
- 更新软件包索引
yum makecache fast
- 安装docker
yum install docker-ce docker-ce-cli containerd.io
- 启动Docker
systemctl start docker
- 查看Docker版本号
docker version
- 判断是否安装成功
[root@localhost ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally # 先查找本地,不在的话去远程仓库寻找
latest: Pulling from library/hello-world # 远程仓库找到了
2db29710123e: Pull complete # 开始下载
Digest: sha256:2498fce14358aa50ead0cc6c19990fc6ff866ce72aeb5546e1d59caac3d0d60f
Status: Downloaded newer image for hello-world:latest
Hello from Docker! # 运行结果
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker/
For more examples and ideas, visit:
https://docs.docker/get-started/
[root@localhost ~]#
docker run 运行流程图
- 查看Docker信息
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 25.0.4
API version: 1.44
Go version: go1.21.8
Git commit: 1a576c5
Built: Wed Mar 6 16:33:16 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 25.0.4
API version: 1.44 (minimum version 1.24)
Go version: go1.21.8
Git commit: 061aa95
Built: Wed Mar 6 16:32:11 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.28
GitCommit: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@localhost ~]#
- 查看镜像信息
docker images
- 卸载Docker
# 1、 卸载依赖
[root@localhost ~]# yum remove docker-ce docker-ce-cli containerd.io
已加载插件:fastestmirror
正在解决依赖关系
--> 正在检查事务
---> 软件包 containerd.io.x86_64.0.1.6.28-3.1.el7 将被 删除
---> 软件包 docker-ce.x86_64.3.25.0.4-1.el7 将被 删除
--> 正在处理依赖关系 docker-ce,它被软件包 docker-ce-rootless-extras-25.0.4-1.el7.x86_64 需要
---> 软件包 docker-ce-cli.x86_64.1.25.0.4-1.el7 将被 删除
--> 正在检查事务
---> 软件包 docker-ce-rootless-extras.x86_64.0.25.0.4-1.el7 将被 删除
--> 解决依赖关系完成
依赖关系解决
===========================================================================================================================================================================================
Package 架构 版本 源 大小
===========================================================================================================================================================================================
正在删除:
containerd.io x86_64 1.6.28-3.1.el7 @docker-ce-stable 117 M
docker-ce x86_64 3:25.0.4-1.el7 @docker-ce-stable 99 M
docker-ce-cli x86_64 1:25.0.4-1.el7 @docker-ce-stable 36 M
为依赖而移除:
docker-ce-rootless-extras x86_64 25.0.4-1.el7 @docker-ce-stable 20 M
事务概要
===========================================================================================================================================================================================
移除 3 软件包 (+1 依赖软件包)
安装大小:271 M
是否继续?[y/N]:y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在删除 : docker-ce-rootless-extras-25.0.4-1.el7.x86_64 1/4
正在删除 : 3:docker-ce-25.0.4-1.el7.x86_64 2/4
正在删除 : containerd.io-1.6.28-3.1.el7.x86_64 3/4
正在删除 : 1:docker-ce-cli-25.0.4-1.el7.x86_64 4/4
验证中 : 1:docker-ce-cli-25.0.4-1.el7.x86_64 1/4
验证中 : containerd.io-1.6.28-3.1.el7.x86_64 2/4
验证中 : 3:docker-ce-25.0.4-1.el7.x86_64 3/4
验证中 : docker-ce-rootless-extras-25.0.4-1.el7.x86_64 4/4
删除:
containerd.io.x86_64 0:1.6.28-3.1.el7 docker-ce.x86_64 3:25.0.4-1.el7 docker-ce-cli.x86_64 1:25.0.4-1.el7
作为依赖被删除:
docker-ce-rootless-extras.x86_64 0:25.0.4-1.el7
完毕!
[root@localhost ~]#
# 2、删除资源
rm -rf /var/lib/docker
2.6 阿里云镜像加速
- 登录阿里云,找到镜像服务
- 找到镜像加速器
- 配置使用
三、Docker的常用命令
帮助文档: https://docs.docker/reference/
3.1 基础命令
3.1.1 帮助命令
docker command --help #万能命令
docker --help
3.1.2 版本信息
docker version
# 示例
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 25.0.4
API version: 1.44
Go version: go1.21.8
Git commit: 1a576c5
Built: Wed Mar 6 16:33:16 2024
OS/Arch: linux/amd64
Context: default
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[root@localhost ~]#
3.1.3 系统信息
docker info #查看镜像和系统数量
# 示例
[root@localhost ~]# docker info
Client: Docker Engine - Community
Version: 25.0.4
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.13.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.7
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 10
Running: 6
Paused: 0
Stopped: 4
Images: 8
Server Version: 25.0.4
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 3.10.0-1160.108.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.682GiB
Name: localhost.localdomain
ID: 156dfb43-29ed-405c-a684-7dbec2c57b51
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://j5v7olgw.mirror.aliyuncs/
Live Restore Enabled: false
[root@localhost ~]#
##若出现错误,如: 【ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?】,则说明当前docker服务未启动,执行 service docker start
# 示例
[root@localhost ~]# docker info
Client: Docker Engine - Community
Version: 25.0.4
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.13.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.7
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info
[root@localhost ~]# docker info
Client: Docker Engine - Community
Version: 25.0.4
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.13.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.24.7
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info
[root@localhost ~]# service docker start
Redirecting to /bin/systemctl start docker.service
3.2 镜像命令
3.2.1 查看本地镜像
docker images
# 示例
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-fix 1.0 a7f34db8be51 25 hours ago 684MB
dockurr/windows latest 3793a9640055 11 days ago 432MB
nginx latest 605c77e624dd 2 years ago 141MB
tomcat latest fb5657adc892 2 years ago 680MB
redis latest 7614ae9453d1 2 years ago 113MB
portainer/portainer-ce latest 0df02179156a 2 years ago 273MB
centos latest 5d0da3dc9764 2 years ago 231MB
elasticsearch latest 5acf0e8da90b 5 years ago 486MB
[root@localhost ~]#
# 解释
REPOSITORY TAG IMAGE ID CREATED SIZE
镜像的仓库源 标签 id 创建时间 大小
# 可选项
[root@localhost ~]# docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
docker image ls, docker image list, docker images
Options:
-a, --all Show all images (default hides intermediate images) # 列出所有镜像
--digests Show digests
-f, --filter filter Filter output based on conditions provided
--format string Format output using a custom template:
'table': Print output in table format
with column headers (default)
'table TEMPLATE': Print output in table format
using the given Go template
'json': Print in JSON format
'TEMPLATE': Print output using the given Go
template.
Refer to https://docs.docker/go/formatting/ for
more information about formatting output with templates
--no-trunc Don't truncate output
-q, --quiet Only show image IDs # 只显示镜像的id
[root@localhost ~]#
# 示例1
[root@localhost ~]# docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-fix 1.0 a7f34db8be51 25 hours ago 684MB
dockurr/windows latest 3793a9640055 11 days ago 432MB
nginx latest 605c77e624dd 2 years ago 141MB
tomcat latest fb5657adc892 2 years ago 680MB
redis latest 7614ae9453d1 2 years ago 113MB
portainer/portainer-ce latest 0df02179156a 2 years ago 273MB
centos latest 5d0da3dc9764 2 years ago 231MB
elasticsearch latest 5acf0e8da90b 5 years ago 486MB
[root@localhost ~]#
# 示例2
[root@localhost ~]# docker images -q
a7f34db8be51
3793a9640055
605c77e624dd
fb5657adc892
7614ae9453d1
0df02179156a
5d0da3dc9764
5acf0e8da90b
[root@localhost ~]#
# 示例3 显示所有id
[root@localhost ~]# docker images -aq
a7f34db8be51
3793a9640055
605c77e624dd
fb5657adc892
7614ae9453d1
0df02179156a
5d0da3dc9764
5acf0e8da90b
[root@localhost ~]#
3.2.2 搜索镜像
DockerHub:https://hub.docker
docker search [imageName]
# 示例
[root@localhost ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL
mariadb MariaDB Server is a high performing open sou… 5696 [OK]
mysql MySQL is a widely used, open-source relation… 14921 [OK]
percona Percona Server is a fork of the MySQL relati… 626 [OK]
phpmyadmin phpMyAdmin - A web interface for MySQL and M… 956 [OK]
bitnami/mysql Bitnami MySQL Docker Image 109
bitnami/mysqld-exporter 6
cimg/mysql 3
ubuntu/mysql MySQL open source fast, stable, multi-thread… 61
rapidfort/mysql RapidFort optimized, hardened image for MySQL 25
rapidfort/mysql8-ib RapidFort optimized, hardened image for MySQ… 9
google/mysql MySQL server for Google Compute Engine 25
elestio/mysql Mysql, verified and packaged by Elestio 0
rapidfort/mysql-official RapidFort optimized, hardened image for MySQ… 9
bitnamicharts/mysql 0
hashicorp/mysql-portworx-demo 0
databack/mysql-backup Back up mysql databases to... anywhere! 110
linuxserver/mysql A Mysql container, brought to you by LinuxSe… 41
mirantis/mysql 0
docksal/mysql MySQL service images for Docksal - https://d… 0
linuxserver/mysql-workbench 55
vitess/mysqlctld vitess/mysqlctld 1
eclipse/mysql Mysql 5.7, curl, rsync 1
drupalci/mysql-5.5 https://www.drupal/project/drupalci 3
drupalci/mysql-5.7 https://www.drupal/project/drupalci 0
datajoint/mysql MySQL image pre-configured to work smoothly … 2
[root@localhost ~]#
#可选项
[root@localhost ~]# docker search --help
Usage: docker search [OPTIONS] TERM
Search Docker Hub for images
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print search using a Go template
--limit int Max number of search results
--no-trunc Don't truncate output
[root@localhost ~]#
# 通过收藏来过滤
--filter=STARS=5000
[root@localhost ~]# docker search mysql --filter STARS=5000
NAME DESCRIPTION STARS OFFICIAL
mariadb MariaDB Server is a high performing open sou… 5696 [OK]
mysql MySQL is a widely used, open-source relation… 14921 [OK]
[root@localhost ~]#
3.2.3 下载镜像
docker pull [imageName]
# 可选项
[root@localhost ~]# docker pull --help
Usage: docker pull [OPTIONS] NAME[:TAG|@DIGEST]
Download an image from a registry
Aliases:
docker image pull, docker pull
Options:
-a, --all-tags Download all tagged images in the repository
--disable-content-trust Skip image verification (default true)
--platform string Set platform if server is multi-platform capable
-q, --quiet Suppress verbose output
[root@localhost ~]#
# 示例
[root@localhost ~]# docker pull mysql
Using default tag: latest # 如果不写tag,默认是latest
latest: Pulling from library/mysql
5b54d594fba7: Pu17 complete # 分层下载, docker image的核心,联合文件系统
07e7d6a8a868: Pu11 complete
abd946892310: Pu11 complete
dd8f4d07efa5: Pu1] complete
076d396a6205: Pul1 complete
cf6b2b93048f: Pu17
compTete
530904b4a8b7: Pu17 complete
fble55059a95: Pu17 complete
4bd29a0dede8: Pu1] complete
b94a001c6ec7: Pu11 complete
cb77cbeb422b: Pu] complete
2a35cdbd42cc: Pu11 complete
Digest: sha256:dc255ca50a42b3589197000b1f9bab2b4e010158d1a9f56c3db6ee145506f625 # 签名
Status: Downloaded newer image for mysql:atest
docker.io/Tibnary/mysq1:latest # 真实地址 docker pull mysqll 等价于 docker pull docker.io/Tibnary/mysq1:latest
[root@localhost ~]#
# 指定版本下载
[root@localhost ~]# docker pul mysql:5.7
5.7: Pulling
from library/mysql
5b54d594fba7:ATready exists
07e7d6a8a868:ATready exists
abd946892310: Already
exists
dd8f4d07efa5: ALready exists # 之前的分层已经被下载了,所以现在不用再次下载
076d396a6205: Already exists
cf6b2b93048f: ALready exists
530904b4a8b7: Already exists
a37958cbebcf: Pull complete
04960017f638: PuTl
complete
e1285defod2a: PulT
complete
670cb3a9678e: PulT complete
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
Digest: sha256;e4d39b85118358ffef6adc5e8c7d00e49d20b25597e6ffdc994696f10e3dc8e2
[root@localhost ~]#
3.2.4 删除镜像
docker rmi [imageName/id]
# 示例1 删除指定的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-fix 1.0 a7f34db8be51 25 hours ago 684MB
dockurr/windows latest 3793a9640055 11 days ago 432MB
nginx latest 605c77e624dd 2 years ago 141MB
tomcat latest fb5657adc892 2 years ago 680MB
redis latest 7614ae9453d1 2 years ago 113MB
mysql 5.7 c20987f18b13 2 years ago 448MB
portainer/portainer-ce latest 0df02179156a 2 years ago 273MB
centos latest 5d0da3dc9764 2 years ago 231MB
elasticsearch latest 5acf0e8da90b 5 years ago 486MB
[root@localhost ~]# docker rmi -f c20987f18b13
Untagged: mysql:5.7
Untagged: mysql@sha256:f2ad209efe9c67104167fc609cca6973c8422939491c9345270175a300419f94
Deleted: sha256:c20987f18b130f9d144c9828df630417e2a9523148930dc3963e9d0dab302a76
Deleted: sha256:6567396b065ee734fb2dbb80c8923324a778426dfd01969f091f1ab2d52c7989
Deleted: sha256:0910f12649d514b471f1583a16f672ab67e3d29d9833a15dc2df50dd5536e40f
Deleted: sha256:6682af2fb40555c448b84711c7302d0f86fc716bbe9c7dc7dbd739ef9d757150
Deleted: sha256:5c062c3ac20f576d24454e74781511a5f96739f289edaadf2de934d06e910b92
Deleted: sha256:8805862fcb6ef9deb32d4218e9e6377f35fb351a8be7abafdf1da358b2b287ba
Deleted: sha256:872d2f24c4c64a6795e86958fde075a273c35c82815f0a5025cce41edfef50c7
Deleted: sha256:6fdb3143b79e1be7181d32748dd9d4a845056dfe16ee4c827410e0edef5ad3da
Deleted: sha256:b0527c827c82a8f8f37f706fcb86c420819bb7d707a8de7b664b9ca491c96838
Deleted: sha256:75147f61f29796d6528486d8b1f9fb5d122709ea35620f8ffcea0e0ad2ab0cd0
Deleted: sha256:2938c71ddf01643685879bf182b626f0a53b1356138ef73c40496182e84548aa
Deleted: sha256:ad6b69b549193f81b039a1d478bc896f6e460c77c1849a4374ab95f9a3d2cea2
[root@localhost ~]#
# 示例2 删除所有镜像
[root@localhost ~]# docker rmi -f $(docker images -aq)
Untagged: mysgl:latest
Untagged: mysql@sha256:dc255ca50a42b3589197000b1f9bab2b4e010158d1a9f56c3db6ee145506f625
Deleted:
sha256:a0d4d95e478ff2962ede50c50b7dc2fc699382bcb94ad301e9c6805609f0939a
sha256:4404a13192a5c458ee1c3160b910728fc3723687a5d4c6b83481d09d6cac6e7b
Deleted:
sha256:2c91a02c5543a7b08784d159b4d749d0b8c82c1dcfd8567570e8350af2d76669
Deleted:
sha256:9f5911321949d1869260b9fef13ba3bea465ea8db257fdcd0193ec68db274160
Deleted:
Deleted:
sha256:60023f7e525ce09db7bc5c3941cf86caef06c5fbe0bf770efb648ef73f8e705e
Deleted:
sha256:44d7b6c26325a1653b5052d8c15f90867a952f059e33763512a668848b6961c
Deleted:
sha256:c8740a016bb7deb6b2940488e0dbc9e2bc9c9eea987fa6cf9b2048f2ea7794e5
Deleted:
sha256:73cf3e59aed5db12c60cf5415c59f4491aa3b6d804a57ac90008654b5e1d0878
Deleted:
sha256:b63acd8b705d6a3820f39ee287e992ad6c259f5a1b12da4d401e5c56b9715a64
Deleted:
sha256:1601f339951bb014a338beb266997bee7cc8f35afc67a6fa62230833f76120f
sha256:e12ba9f40eed4167cb82947e948bafclec1931a267cde6d4ec8ac2945a8e3db
Deleted:
Deleted:
sha256:c7220f37e20cf57e1133c44ef2e636506538130ab240a55ec2a1d3de29e41535
Deleted:
sha256:15458c1ab3242f51e5c0d34275cca5e7ee13e6aa29802b632534dc70b297eba7
Untagged: hello-world:latest
Jntagged: hello-worldasha256:6a65f928fb91fcfbc963f7aa6d57c8eeb426ad9a20c7ee045538ef3484
DeletDed: sha256:bf756fb1e65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b
[root@localhost ~]#
#示例3 删除多个镜像
docker rmi 镜像id 镜像id 镜像id
3.3 容器命令
说明:有了镜像才能创建容器,需要先下载镜像
3.3.1 运行容器
docker run [可选参数] [imageName/id]
# 常用可选项
--name="name" #容器运行后的名称,用于区分容器
-d #容器以后台形式运行
-it #使用交互运行,进入容器查看内容
-p (小写)#指定容器的端口
-p 主机端口:容器端口(常用)
-p 主机ip:主机端口:容器端口
-p 容器端口
容器端口
-P (大写)#随机指定端口
# 示例
[root@localhost ~]# docker run -it centos /bin/bash # 以交互模式进入容器,打开bash
[root@0be2869f4722 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@0be2869f4722 /]#
# 全部可选项
[root@localhost ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Create and run a new container from an image
Aliases:
docker container run, docker run
Options:
--add-host list Add a custom host-to-IP mapping
(host:ip)
--annotation map Add an annotation to the container
(passed through to the OCI runtime)
(default map[])
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between
10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device
weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use
(host|private)
'host': Run the container in the
Docker host's cgroup namespace
'private': Run the container in its
own private cgroup namespace
'': Use the cgroup namespace
as configured by the
default-cgroupns-mode
option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair
Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair
Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in
microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in
microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution
(0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution
(0-3, 0,1)
-d, --detach Run container in background and
print container ID
--detach-keys string Override the key sequence for
detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed
devices list
--device-read-bps list Limit read rate (bytes per second)
from a device (default [])
--device-read-iops list Limit read rate (IO per second)
from a device (default [])
--device-write-bps list Limit write rate (bytes per second)
to a device (default [])
--device-write-iops list Limit write rate (IO per second) to
a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of
the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container
('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check
(ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to
report unhealthy
--health-start-interval duration Time between running the check
during the start period (ms|s|m|h)
(default 0s)
--health-start-period duration Start period for the container to
initialize before starting
health-retries countdown (ms|s|m|h)
(default 0s)
--health-timeout duration Maximum time to allow one check to
run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container
that forwards signals and reaps
processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g.,
92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus
swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0
to 100) (default -1)
--mount mount Attach a filesystem mount to the
container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the
container
--no-healthcheck Disable any container-specified
HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000
to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1
for unlimited)
--platform string Set platform if server is
multi-platform capable
--privileged Give extended privileges to this
container
-p, --publish list Publish a container's port(s) to
the host
-P, --publish-all Publish all exposed ports to random
ports
--pull string Pull image before running
("always", "missing", "never")
(default "missing")
-q, --quiet Suppress the pull output
--read-only Mount the container's root
filesystem as read only
--restart string Restart policy to apply when a
container exits (default "no")
--rm Automatically remove the container
when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the
process (default true)
--stop-signal string Signal to stop the container
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format:
<name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified
container(s)
-w, --workdir string Working directory inside the container
[root@localhost ~]#
3.3.2 启动容器
docker start 容器id
3.3.3 停止容器
docker stop 容器id
3.3.4 退出容器
exit # 退出后,容器停止
ctrl + p + q #退出后,容器继续运行
3.3.5 查看运行容器
docker ps #列出正在运行的容器
# 可选项
-a #列出当前正在运行的容器+带出历史运行过的容器
-n=? #显示最近创建的容
-q #只显示id
# 示例
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0be2869f4722 centos "/bin/bash" 5 minutes ago Up 5 minutes silly_napier
1e92ce583db0 portainer/portainer-ce "/portainer" 27 hours ago Up 59 minutes 8000/tcp, 9443/tcp, 0.0.0.0:8088->9000/tcp, :::8088->9000/tcp elated_noyce
[root@localhost ~]#
# 查看曾经运行
docker ps -a # 当前正在运行的容器 + 曾经运行过的容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0be2869f4722 centos "/bin/bash" 2 hours ago Up 2 hours silly_napier
1e92ce583db0 portainer/portainer-ce "/portainer" 28 hours ago Up 3 hours 8000/tcp, 9443/tcp, 0.0.0.0:8088->9000/tcp, :::8088->9000/tcp elated_noyce
83c8312d299c elasticsearch "/docker-entrypoint.…" 29 hours ago Exited (255) 3 hours ago 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp elasticsearch01
be62546ef66e elasticsearch "/docker-entrypoint.…" 29 hours ago Exited (143) 29 hours ago elasticsearch
38428bbef1be tomcat "catalina.sh run" 29 hours ago Exited (255) 3 hours ago 0.0.0.0:3355->8080/tcp, :::3355->8080/tcp tomcat01
3edaab70b7fa nginx "/docker-entrypoint.…" 29 hours ago Exited (255) 3 hours ago 0.0.0.0:3344->80/tcp, :::3344->80/tcp nginx01
c429461dfbe6 centos "/bin/bash" 38 hours ago Exited (255) 3 hours ago xenodochial_kepler
667ec492337c centos "-n centos1" 38 hours ago Created confident_jennings
e4873ba4f881 centos "/bin/bash" 39 hours ago Exited (255) 3 hours ago kind_babbage
939a23dcb13c centos "/etc/bash" 39 hours ago Created stupefied_carson
b46efd25c9d1 centos "/bin/bash" 40 hours ago Exited (0) 40 hours ago adoring_cerf
[root@localhost ~]#
# 显示最近运行的2个容器
[root@localhost ~]# docker ps -n=2
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0be2869f4722 centos "/bin/bash" 2 hours ago Up 2 hours silly_napier
1e92ce583db0 portainer/portainer-ce "/portainer" 28 hours ago Up 3 hours 8000/tcp, 9443/tcp, 0.0.0.0:8088->9000/tcp, :::8088->9000/tcp elated_noyce
[root@localhost ~]#
3.3.6 删除容器
# 删除指定的容器
docker rm 容器id
# 删除全部的容器
docker rm -f $(docker ps -aq)
docker ps -a -q|xargs docker rm
# 运行中的容器不能直接删除,如果要删除需要用 rm -f 强制删除
[root@localhost ~]# docker rm -f $(docker ps -aq)
0be2869f4722
1e92ce583db0
83c8312d299c
be62546ef66e
38428bbef1be
3edaab70b7fa
c429461dfbe6
667ec492337c
e4873ba4f881
939a23dcb13c
b46efd25c9d1
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
3.3.7 重启容器
docker restart 容器id
3.3.8 杀掉容器(强制删除)
docker kill 容器id
3.3.9 暂停容器
docker pause 容器id
3.3.9 恢复暂停容器
docker unpause 容器id
3.4 常用命令
3.4.1 后台启动
docker run -d 容器
# 注意
# 问题:docker ps ,发现centos停止了
# 常见的坑:docker容器使用后台运行,必须要有一个前台进程,docker发现没有应用,就会自动停止
# nginx,容器启动后,docker发现自己没有提供服务,就会立刻停止,会让dockers任务没有程序了
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker run -d centos
77b9e26655df1e3ed6c640c341c498728b77f5bc7fbdc11e1f5d220b6cfcbf41
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
3.4.2 日志命令
docker logs
# 显示日志
-tf #显示日志并加上时间戳
--tail number # 要显示的日志条数
# 示例
[root@localhost ~]# docker run -d --name="centos2" centos /bin/sh -c "while true;do echo test;sleep 1;done"
fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fcdd4b59a7e7 centos "/bin/sh -c 'while t…" 7 seconds ago Up 6 seconds centos2
4934d89202fa centos "/bin/bash" 2 minutes ago Up 2 minutes centos1
[root@localhost ~]# docker logs -tf --tail 10 centos2
2024-03-12T07:20:19.753888714Z test
2024-03-12T07:20:20.767974813Z test
2024-03-12T07:20:21.785846497Z test
2024-03-12T07:20:22.800000916Z test
2024-03-12T07:20:23.819361678Z test
2024-03-12T07:20:24.836263691Z test
^C
[root@localhost ~]# docker logs -tf centos2
2024-03-12T07:19:54.335119488Z test
2024-03-12T07:19:55.364611378Z test
2024-03-12T07:19:56.375180290Z test
2024-03-12T07:19:57.415983962Z test
2024-03-12T07:19:58.432555199Z test
2024-03-12T07:19:59.451308118Z test
# 可选项
[root@localhost ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Aliases:
docker container logs, docker logs
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g.
"2013-01-02T13:23:37Z") or relative (e.g. "42m" for
42 minutes)
-n, --tail string Number of lines to show from the end of the logs
(default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g.
"2013-01-02T13:23:37Z") or relative (e.g. "42m" for
42 minutes)
[root@localhost ~]#
3.4.3 查看容器中的进程
docker top 容器
[root@localhost ~]# docker top centos1
UID PID PPID C STIME TTY TIME CMD
root 18608 18587 0 15:17 pts/0 00:00:00 /bin/bash
[root@localhost ~]#
3.4.4 查看容器元数据
docker inspect 容器
# 示例
[root@localhost ~]# docker inspect centos2
[
{
"Id": "fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79",
"Created": "2024-03-12T07:19:53.476899889Z",
"Path": "/bin/sh",
"Args": [
"-c",
"while true;do echo test;sleep 1;done"
],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 137,
"Error": "",
"StartedAt": "2024-03-12T07:19:54.332561119Z",
"FinishedAt": "2024-03-12T07:22:56.920930698Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79/hostname",
"HostsPath": "/var/lib/docker/containers/fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79/hosts",
"LogPath": "/var/lib/docker/containers/fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79/fcdd4b59a7e72e89603ff632a76ff31224694d8ad47a6c3bf1fca00e2553ed79-json.log",
"Name": "/centos2",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
41,
187
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/e305cd22ffc62171ab160584cea69af16f3f2b48981e4c2c221fc02d6e1ca40d-init/diff:/var/lib/docker/overlay2/b6f3afa1729efb52cb432fee05dbddb3fd3ed09f7a034dc1b871d1e37a5a12b1/diff",
"MergedDir": "/var/lib/docker/overlay2/e305cd22ffc62171ab160584cea69af16f3f2b48981e4c2c221fc02d6e1ca40d/merged",
"UpperDir": "/var/lib/docker/overlay2/e305cd22ffc62171ab160584cea69af16f3f2b48981e4c2c221fc02d6e1ca40d/diff",
"WorkDir": "/var/lib/docker/overlay2/e305cd22ffc62171ab160584cea69af16f3f2b48981e4c2c221fc02d6e1ca40d/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "fcdd4b59a7e7",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"while true;do echo test;sleep 1;done"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "d5a849cb8695f64ca4f9aef5877bc899742189c06106a0a8160a19126fcaa5c4",
"SandboxKey": "/var/run/docker/netns/d5a849cb8695",
"Ports": {},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "",
"NetworkID": "0a514c2465ee0dcfde792f8ec5c994dc7be88844e3b90e124a145376451c206d",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]
[root@localhost ~]#
# 可选项
[root@localhost ~]# docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format output using a custom template:
'json': Print in JSON format
'TEMPLATE': Print output using the given Go
template.
Refer to https://docs.docker/go/formatting/ for
more information about formatting output with templates
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
[root@localhost ~]#
3.4.5 进入容器
# 进入一个新建的终端
docker exec -it 容器 /bin/bash
# 进入正在运行的终端,不会启动新的进程
docker attach 容器
3.4.6 数据拷贝
docker cp 容器:容器类文件路径 宿主机文件路径 # 将容器中数据拷贝到宿主机中
# 示例
[root@4934d89202fa /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@4934d89202fa /]# cd home
[root@4934d89202fa home]# ls
[root@4934d89202fa home]# touch test.txt
[root@4934d89202fa home]# ls
test.txt
[root@4934d89202fa home]# docker cp centos1:/home/test.txt /home
bash: docker: command not found
[root@4934d89202fa home]# exit
exit
[root@localhost ~]# docker cp centos1:/home/test.txt /home
Successfully copied 1.54kB to /home
[root@localhost ~]# cd ..
[root@localhost /]# ls
bin dev home lib64 mnt patch root sbin sys usr www
boot etc lib media opt proc run srv tmp var
[root@localhost /]# cd home/
[root@localhost home]# ls
redis test.txt www
[root@localhost home]#
3.4.7 查看状态
docker stats
# 示例
[root@localhost home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost home]# docker run -it --name centos01 centos
[root@8db1f7698444 /]# [root@localhost home]#
[root@localhost home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8db1f7698444 centos "/bin/bash" 11 seconds ago Up 9 seconds centos01
[root@localhost home]# docker stats
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
8db1f7698444 centos01 0.00% 536KiB / 3.682GiB 0.01% 656B / 0B 0B / 0B 1
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
8db1f7698444 centos01 0.00% 536KiB / 3.682GiB 0.01% 656B / 0B 0B / 0B 1
四、小练习
4.1 Docker安装Nginx
# 搜索镜像
docker search nginx
# 下载镜像
docker pull nginx
# 运行镜像
docker run -d --name nginx01 -p 3344:80 nginx
# 运行测试
curl localhost:3344
# 进入nginx
docker exec -it nginx01 /bin/bash
# 查看nginx目录
whereis nginx
端口暴露
4.2 安装tomcat
# 官方使用
docker run -it --rm tomcat:9.0 # --rm 用完后就删除,一般用于测试
# 下载镜像
docker pull tomcate
# 运行tomcat
docker run -d -p 3355:8080 --name tomcat01 tomcat
# 将webspps.dist的所有内容复制到webapps
cp -r webapps.dist/* webapps
4.3 部署elasticsearch+kibana
# es暴露的端口很多
# es十分耗内存
# es的数据一般需要放置到安全目录,挂载
# 下载并启动elasticsearch
docker run -d --name elasticsearch --net somenetwork -p 9200:9200 -p 9300:9300 -e "discovery.type-single-node" elasticsearch:tag
# 示例
docker run -d --name elasticsearch01 --net somenetwork -p 9200:9200 -p 9300:9300 -e "discovery.type-single-node" elasticsearch:7.6.2
# 停止
docker stop elasticsearch
# 增加内存限制
docker run -d --name elasticsearch02 --net somenetwork -p 9200:9200 -p 9300:9300 -e "discovery.type-single-node" -e ES_JAVA_OPTS="-Xms64m -Xmx512m" elasticsearch:7.6.2
# 测试
curl localhost:9200
容器之间通信
4.4 可视化面板portainer
# portainer:Docker图形化管理工具,提供一个后台面板供我们操作
docker run -d -p 8000:9443 --restart=always -v /var/run/docker.sock:/var/run/dodker.sock --privileged=true portainer/portainer-ce:2.9.3
# 示例
[root@localhost home]# docker run -d -p 8088:9000 --restart=always -v /var/run/docker.sock:/var/run/dodker.sock --privileged=true portainer/portainer-ce:2.9.3
Unable to find image 'portainer/portainer-ce:2.9.3' locally
2.9.3: Pulling from portainer/portainer-ce
0ea73420e2bb: Already exists
c367f59be2e1: Already exists
d11cdfc3c2c7: Pull complete
Digest: sha256:84676dfce8ab328e51990797cceff5131c1ff63c3a73f5ebf1397cad9aa42e3c
Status: Downloaded newer image for portainer/portainer-ce:2.9.3
d7208846db302f69b3e57d983c108ca2c074c27ca7a0b16545e729a48466671f
[root@localhost home]#
五、Docker镜像
5.1 镜像是什么
镜像是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包含运行某个软件所需的所有内
容,包括代码、运行时、库、环境变量和配置文件。
5.2 Docker镜像加载原理
UnionFs(联合文件系统)
Union文件系统(UnionFS) 是一种分层、轻量级且高性能的文件系统,它支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同录挂载到同一个虚拟文件系统下(unite severaldirectories into a single virtua filesystem)。Union 文件系统是 Docker 镜像的基础。镜像可以通过分层来进行继承,基于基础镜像( 没有父镜像 ),可以制作种具体的应用镜像。
特性:一次同时加载多个文件系统,但从外面看起来,只能看到一个文件系统,联合加载会把各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录
Docker镜像加载原理
docker的镜像实际上由一层一层的文件系统组成,这种层级的文件系统UnionFS。
bootfs(boot fle svstem)主要包含bootloader和kernel, bootloader主要是引导加载kernel,Linux刚启动时会加载bootfs文件系
统,在Docker镜像的最底层是bootfs。这一层与我们典型的Linux/Unix系统是一样的,包含boot加载器和内核。当boot加载完成
之后整个内核就都在内存中了,此时内存的使用权已由bootfs转交给内核,此时系统也会卸载bootfs.
rootfs (root file system),在bootfs之上。包合的就是典型 Linux 系统中的 /dev,/proc,/bin,/etc 等标准目录和文件。rootfs就是
各种不同的操作系统发行版,比如Ubuntu,Centos等等。
对于一个精简的OS,rootfs 可以很小,只需要包含最基本的命令,工具和程序库就可以了,因为底层直接用Host的kernel,自己只
需要提供rootfs就可以了。由此可见对于不同的linux发行版,bootfs基本是一致的,rootfs会有差别,因此不同的发行版可以公用
bootfs.
5.3 分层理解
分层的镜像
我们可以去下载一个镜像,注意观察下载的日志输出,可以看到是一层一层的在下载!
思考 : 为什么Docker镜像要采用这种分层的结构呢 ?
最大的好外,莫过于是资源共享了!比如有多个镜像都从相同的Base像构建而来,那么宿主机只需在磁盘上保留一份base镜像,同时内存中也只需要加载一份base镜像,这样就可以为所有的容器服务了,而且镜像的每一层都可以被共享。
查看镜像分层的方式可以通过 docker image inspect 命令 !
[root@localhost home]# docker image inspect nginx
[
{
"Id": "sha256:605c77e624ddb75e6110f997c58876baa13f8754486b461117934b24a9dc3a85",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
"nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31"
],
"Parent": "",
"Comment": "",
"Created": "2021-12-29T19:28:29.892199479Z",
"Container": "ca3e48389f7160bc9d9a892d316fcbba459344ee3679998739b1c3cd8e56f7da",
"ContainerConfig": {
"Hostname": "ca3e48389f71",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.5",
"NJS_VERSION=0.7.1",
"PKG_RELEASE=1~bullseye"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"nginx\" \"-g\" \"daemon off;\"]"
],
"Image": "sha256:82941edee2f4d17c55563bb926387c3ae39fa1a99777f088bc9d3db885192209",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx>"
},
"StopSignal": "SIGQUIT"
},
"DockerVersion": "20.10.7",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.5",
"NJS_VERSION=0.7.1",
"PKG_RELEASE=1~bullseye"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "sha256:82941edee2f4d17c55563bb926387c3ae39fa1a99777f088bc9d3db885192209",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx>"
},
"StopSignal": "SIGQUIT"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 141479488,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/7aed24f909a24a051e69453f24195088752e9297d58491a649152c6aa68a80a1/diff:/var/lib/docker/overlay2/65617e890957decfa7d6375ae6c497f62b9962b7f3e1be8bc385ba71b382c67c/diff:/var/lib/docker/overlay2/8c1f428569c486634dce599a969dd3c6311e0ad5d23d7591fb988bab481bc3c7/diff:/var/lib/docker/overlay2/f9f61dd21ce056283cf0634a2e6c2ae2827ebea1c6cdf18d44e184ce5268ef16/diff:/var/lib/docker/overlay2/6fb1c3789e9f418996aec1f85b92efc7b2ec1f96e9d1c891e68ef6b8e283b22d/diff",
"MergedDir": "/var/lib/docker/overlay2/9fe25922a17bd217d6e276e970db182e7e198fea2e711eb97f61143e73b9cf68/merged",
"UpperDir": "/var/lib/docker/overlay2/9fe25922a17bd217d6e276e970db182e7e198fea2e711eb97f61143e73b9cf68/diff",
"WorkDir": "/var/lib/docker/overlay2/9fe25922a17bd217d6e276e970db182e7e198fea2e711eb97f61143e73b9cf68/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:2edcec3590a4ec7f40cf0743c15d78fb39d8326bc029073b41ef9727da6c851f",
"sha256:e379e8aedd4d72bb4c529a4ca07a4e4d230b5a1d3f7a61bc80179e8f02421ad8",
"sha256:b8d6e692a25e11b0d32c5c3dd544b71b1085ddc1fddad08e68cbd7fda7f70221",
"sha256:f1db227348d0a5e0b99b15a096d930d1a69db7474a1847acbc31f05e4ef8df8c",
"sha256:32ce5f6a5106cc637d09a98289782edf47c32cb082dc475dd47cbf19a4f866da",
"sha256:d874fd2bc83bb3322b566df739681fbd2248c58d3369cb25908d68e7ed6040a6"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
[root@localhost home]#
理解
所有的 Docker 镜像都起始于一个基础镜像层,当进行修改或增加新的内容时,就会在当前镜像层之上,创建新的镜像层
举一个简单的例子,假如基于 Ubuntu Linux 16.04 创建一个新的镜像,这就是新镜像的第一层,如果在该镜像中添加 Pvthon包就会在基础镜像层之上创建第二个镜像层,如果继续添加一个安全补丁,就会创建第三个镜像层。
该镜像当前已经包含 3 个镜像层,如下图所示( 这只是一个用于演示的很简单的例子)。
特点
Docker镜像都是只读的,当容器启动时,一个新的可写层被加载到镜像的顶部,这一层就是我们说所的容器层,容器层之下的都叫镜像层
5.4 Commit镜像
docker commit 容器 # 提交容器成为一个新的副本
docker commit -m=“message" -a="author" 容器id 目标镜像名:tag
# 示例
[root@localhost home]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ba32757ff390 eeb6ee3f44bd "/bin/bash" 7 minutes ago Exited (0) 58 seconds ago centos7
eea5f2a1204d centos "/bin/bash" 8 minutes ago Up 8 minutes centos01
[root@localhost home]# docker commit -m 更新软件包 -a author ba32757ff390 centos7
sha256:a3244eba95fba3651e1af4e6394e690bb89108114877d8b10d5dd8c6b270cb55
[root@localhost home]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
# centos7 latest a3244eba95fb 8 seconds ago 584MB
ubuntu latest ba6acccedd29 2 years ago 72.8MB
centos centos7 eeb6ee3f44bd 2 years ago 204MB
centos latest 5d0da3dc9764 2 years ago 231MB
[root@localhost home]#
六、容器数据卷
6.1 容器数据卷
docker的理念回顾
将应用和环境打包成一个镜像!
数据?如果数据都在容器中,那么我们容器删除,数据就会丢失! 需求:数据可以持久化
MySQL,容器删了,删库跑路!需求: MySQL数据可以存储在本地 !
容器之间可以有一个数据共享的技术! Docker 容器中产生的数据,同步到本地!
这就是卷技术!目录的挂载,将我们容器内的目录,挂载到Linux上面!什么是容器数据卷
总结一句话: 容器的持久化和同步操作!容器间也是可以数据共享的!
6.2 挂载 -v
docker run -it -v 主机目录:容器目录
# 示例 (双向同步)无论容器是否开启
docker run -it -v /home/test:/home centos /bin/bash
# 查看挂载信息
docker inspect 容器
[root@localhost ~]# docker inspect 6e537ab43a4d
[
{
"Id": "6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104",
"Created": "2024-03-13T01:47:15.337869029Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 29565,
"ExitCode": 0,
"Error": "",
"StartedAt": "2024-03-13T01:47:16.687135985Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104/hostname",
"HostsPath": "/var/lib/docker/containers/6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104/hosts",
"LogPath": "/var/lib/docker/containers/6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104/6e537ab43a4d8a22e1ab6ec079f6b3ee3d69e90a3f6f4b5f76ddd0a38fa7d104-json.log",
"Name": "/affectionate_wozniak",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/home/test:/home"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
41,
187
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/24fa9a5b7f3cedb19b123c63d65875de1dc74dc6e4ce88e3575a891fafbcdee6-init/diff:/var/lib/docker/overlay2/4fa2afa378b958fca2d346694381e68c65e677b6cfd59c91f7b9a72a990ff93a/diff",
"MergedDir": "/var/lib/docker/overlay2/24fa9a5b7f3cedb19b123c63d65875de1dc74dc6e4ce88e3575a891fafbcdee6/merged",
"UpperDir": "/var/lib/docker/overlay2/24fa9a5b7f3cedb19b123c63d65875de1dc74dc6e4ce88e3575a891fafbcdee6/diff",
"WorkDir": "/var/lib/docker/overlay2/24fa9a5b7f3cedb19b123c63d65875de1dc74dc6e4ce88e3575a891fafbcdee6/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "bind",
"Source": "/home/test",
"Destination": "/home",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "6e537ab43a4d",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "11c61531b4a0489dd81b5a528c050d9817c41241f090bef9b23c8b8a832fc90d",
"SandboxKey": "/var/run/docker/netns/11c61531b4a0",
"Ports": {},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "80ed7b16bd8f493b361d4c093e082014780f6eb83ae7917464a85c12c2ab4e89",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "02:42:ac:11:00:03",
"NetworkID": "db8907d5ab939d33da7efe9b27137b0551b6cffbaffa0d4faf2c42f5e8a293d2",
"EndpointID": "80ed7b16bd8f493b361d4c093e082014780f6eb83ae7917464a85c12c2ab4e89",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]
[root@localhost ~]#
6.3 实战:安装MySQL
# 获取镜像
docker pull mysql:5.7
# 运行容器
-d 后台运行
-v 挂载目录
-e 环境配置
--name 容器名称
-p 端口映射
docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
# 示例
[root@localhost ~]# docker run -d -p 3307:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
f68cdc35e62343ffaac748f43f9cd675bcb3720c5aa63feeb68b0b2a61d4e0a2
[root@localhost ~]#
# 启动成功后利用数据库可视化工具测试
# 容器没了但是挂在本地的数据卷不会丢失,这就实现了容器持久化功能
[root@localhost home]# ls
redis test test.txt www
[root@localhost home]# ls
mysql redis test test.txt www
[root@localhost home]# cd mysql/
[root@localhost mysql]# ls
conf data
[root@localhost mysql]# cd data/
[root@localhost data]# ls
autof ca.pem client-key.pem ibdata1 ib_logfile1 mysql private_key.pem server-cert.pem sys
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile0 ibtmp1 performance_schema public_key.pem server-key.pem
[root@localhost data]#
6.4 具名和匿名挂载
# 匿名挂载
-v 容器内路径
docker run -d -P --name nginx01 -v /etc/nginx nginx
# 示例
# 可选项
[root@localhost ~]# docker volume --help
Usage: docker volume COMMAND
Manage volumes
Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove unused local volumes
rm Remove one or more volumes
Run 'docker volume COMMAND --help' for more information on a command.
[root@localhost ~]#
# 查看所有的卷情况,这种就是匿名挂载,-v 只写了容器内部路径,没有写宿主机的路径
[root@localhost ~]# docker volume ls
DRIVER VOLUME NAME
local 2f208e9263dca71eeb56074ed8b37293742eeaa84180b412c81ab355c37ffc04
local 029c32467c5f170383181b8fe2f95cfff27ef026297a2a5fbd8608066e1a555a
local 156fd882b29f84e0c184e2bac2fa6bfadb1af0d3d2d311adce67c3831816ff5c
local 9219cecb7d668551530c7de3d0aeef73b9b41898ba4a2b15886a1dccfb36ea51
local 58924b27312e4ca27fd7cfa349120ab18432216bb4429b0febc1e9396f1480a7
local 19260612c334fdc3a5516a0cc1f8ecb3c86c1505eb5cf79aac69f2e5b5428ced
local bbe395c1ed43cdebe151327f0e1d6af6d7178621e9f625fe8998acef6ffc6c5b
[root@localhost ~]#
#具名挂载 -v 卷名:容器内地址
[root@localhost ~]# docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx nginx
31b66b063b35eb3e036044fa50dff9a319e4e4b1c233b2ed5fcf852b6845c289
[root@localhost ~]# docker volume ls
DRIVER VOLUME NAME
local 2f208e9263dca71eeb56074ed8b37293742eeaa84180b412c81ab355c37ffc04
local 029c32467c5f170383181b8fe2f95cfff27ef026297a2a5fbd8608066e1a555a
local 156fd882b29f84e0c184e2bac2fa6bfadb1af0d3d2d311adce67c3831816ff5c
local 9219cecb7d668551530c7de3d0aeef73b9b41898ba4a2b15886a1dccfb36ea51
local 58924b27312e4ca27fd7cfa349120ab18432216bb4429b0febc1e9396f1480a7
local 19260612c334fdc3a5516a0cc1f8ecb3c86c1505eb5cf79aac69f2e5b5428ced
local bbe395c1ed43cdebe151327f0e1d6af6d7178621e9f625fe8998acef6ffc6c5b
local juming-nginx
[root@localhost ~]#
# 查看具体信息
[root@localhost ~]# docker volume inspect juming-nginx
[
{
"CreatedAt": "2024-03-13T14:12:16+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/juming-nginx/_data",
"Name": "juming-nginx",
"Options": null,
"Scope": "local"
}
]
[root@localhost ~]#
# 所有docker容器内的卷,没有指定目录的情况下都是在: /var/lib/docker/volumes/xxx/_data
[root@localhost ~]# cd /var/lib/docker/volumes/juming-nginx/_data
[root@localhost _data]# ls
conf.d fastcgi_params mime.types modules nginx.conf scgi_params uwsgi_params
[root@localhost _data]#
# 通告具名挂载可以方便地找到卷,大多数情况下使用“具名挂载”
# 如何确实是具名挂载还是匿名挂载,还是指定路径挂载
-v 容器内路径 # 匿名挂载
-v 卷名:容器内地址 # 具名挂载
-v /宿主机路径:容器内路径 # 指定路径挂载
# 加了ro或rw,通告-v 容器内路径:ro/rw 改变读写权限
ro # readonly 只读
rw # readwrite 可读可写
# 一旦设置了容器权限,容器对我们挂载出的内容就有限定了
docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx:ro nginx # ro 这个路径只能通告宿主机改变,容器内部无法操作
docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx:rw nginx
6.4 宿主机-容器数据共享
# 创建一个dockerfile文件
[root@localhost docker-test-volume]# vi dockerfile01
# 文件中内容,这里的每个命令就是镜像的一层
[root@localhost docker-test-volume]# cat dockerfile01
FROM centos
VOLUME ["volume01","volume02"] #匿名挂载
CMD echo "-----end-----"
CMD /bin/bash
# 将do'c'ke'r'fi'l打包成镜像
[root@localhost docker-test-volume]# docker build -f /home/docker-test-volume/dockerfile01 -t test/centos:0.1 .
[+] Building 0.2s (5/5) FINISHED docker:default
=> [internal] load build definition from dockerfile01 0.0s
=> => transferring dockerfile: 124B 0.0s
=> [internal] load metadata for docker.io/library/centos:latest 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/1] FROM docker.io/library/centos:latest 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:5f6352c382306e2ddce0a4220b0d7c1ad60a96a2c5a34be60d6025b388eeb778 0.0s
=> => naming to docker.io/test/centos:0.1 0.0s
# 生成镜像
[root@localhost docker-test-volume]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test/centos 0.1 5f6352c38230 2 years ago 231MB
[root@localhost docker-test-volume]#
# 启动自己写的容器
[root@localhost docker-test-volume]# docker run -it --name test 5f6352c38230 /bin/bash
[root@428dc9eaee17 /]# ls -l
total 0
lrwxrwxrwx 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x 5 root root 360 Mar 13 06:58 dev
drwxr-xr-x 1 root root 66 Mar 13 06:58 etc
drwxr-xr-x 2 root root 6 Nov 3 2020 home
lrwxrwxrwx 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------ 2 root root 6 Sep 15 2021 lost+found
drwxr-xr-x 2 root root 6 Nov 3 2020 media
drwxr-xr-x 2 root root 6 Nov 3 2020 mnt
drwxr-xr-x 2 root root 6 Nov 3 2020 opt
dr-xr-xr-x 196 root root 0 Mar 13 06:58 proc
dr-xr-x--- 2 root root 162 Sep 15 2021 root
drwxr-xr-x 11 root root 163 Sep 15 2021 run
lrwxrwxrwx 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 6 Nov 3 2020 srv
dr-xr-xr-x 13 root root 0 Mar 13 06:50 sys
drwxrwxrwt 7 root root 171 Sep 15 2021 tmp
drwxr-xr-x 12 root root 144 Sep 15 2021 usr
drwxr-xr-x 20 root root 262 Sep 15 2021 var
drwxr-xr-x 2 root root 6 Mar 13 06:58 volume01 # 自动挂载的数据卷目录
drwxr-xr-x 2 root root 6 Mar 13 06:58 volume02
[root@428dc9eaee17 /]#
# 这个卷和外部一定有一个同步的目录
[root@localhost data]# docker inspect 428dc9eaee17
[
{
"Id": "428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c",
"Created": "2024-03-13T06:58:12.848356976Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 50498,
"ExitCode": 0,
"Error": "",
"StartedAt": "2024-03-13T06:58:13.900781873Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5f6352c382306e2ddce0a4220b0d7c1ad60a96a2c5a34be60d6025b388eeb778",
"ResolvConfPath": "/var/lib/docker/containers/428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c/hostname",
"HostsPath": "/var/lib/docker/containers/428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c/hosts",
"LogPath": "/var/lib/docker/containers/428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c/428dc9eaee171550d93dd5329aa07f1b96b7ae60faa3de01a535e59ed7a1c68c-json.log",
"Name": "/test",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
41,
187
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/f0bd0a1693d0b015fc96d373cf4515fab9d9ca162b66939820de39f71ca9cdc7-init/diff:/var/lib/docker/overlay2/4fa2afa378b958fca2d346694381e68c65e677b6cfd59c91f7b9a72a990ff93a/diff",
"MergedDir": "/var/lib/docker/overlay2/f0bd0a1693d0b015fc96d373cf4515fab9d9ca162b66939820de39f71ca9cdc7/merged",
"UpperDir": "/var/lib/docker/overlay2/f0bd0a1693d0b015fc96d373cf4515fab9d9ca162b66939820de39f71ca9cdc7/diff",
"WorkDir": "/var/lib/docker/overlay2/f0bd0a1693d0b015fc96d373cf4515fab9d9ca162b66939820de39f71ca9cdc7/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "2506882f209d7474d8b7e0d733aee65f8d0f6bcbfb2fbf4a6c8304a536487269",
"Source": "/var/lib/docker/volumes/2506882f209d7474d8b7e0d733aee65f8d0f6bcbfb2fbf4a6c8304a536487269/_data", # 匿名挂载
"Destination": "volume02",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "99b7c6e2b904f642da2e15fc41e45ccfd676b037e6828e42c7fdd3ba78952a34",
"Source": "/var/lib/docker/volumes/99b7c6e2b904f642da2e15fc41e45ccfd676b037e6828e42c7fdd3ba78952a34/_data",
"Destination": "volume01",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "428dc9eaee17",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "5f6352c38230",
"Volumes": {
"volume01": {},
"volume02": {}
},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "004fb7ba22fda084bb01984a414389b3bdf5fed93e78eb8b1ed695c705fff8b4",
"SandboxKey": "/var/run/docker/netns/004fb7ba22fd",
"Ports": {},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "64d3d5a2f9638cd8138ac4a2f76b18f44ae5d5e5be38ba53c3fe3a8abed277bf",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.6",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:06",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "02:42:ac:11:00:06",
"NetworkID": "db8907d5ab939d33da7efe9b27137b0551b6cffbaffa0d4faf2c42f5e8a293d2",
"EndpointID": "64d3d5a2f9638cd8138ac4a2f76b18f44ae5d5e5be38ba53c3fe3a8abed277bf",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.6",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]
[root@localhost data]#
# 容器内新建文件
[root@428dc9eaee17 /]# cd volume01
[root@428dc9eaee17 volume01]# ls
[root@428dc9eaee17 volume01]# touch container.txt
[root@428dc9eaee17 volume01]# ls
container.txt
[root@428dc9eaee17 volume01]# ls
# 宿主机对应文件夹
[root@localhost _data]# cd /var/lib/docker/volumes/99b7c6e2b904f642da2e15fc41e45ccfd676b037e6828e42c7fdd3ba78952a34/_data
[root@localhost _data]# ls
container.txt
[root@localhost _data]#
# 这种方式未来使用的非常多,因为我们通常会构建自己的镜像
# 假设构建镜像的时候没有挂载卷,要手动镜像挂载 -v 卷名:容器内路径
6.5 数据卷容器
多个容器之间实现数据同步
# 两个mysql同步数据
docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
docker run -d -p 3307:3306 --volumes-from mysql01-e MYSQL_ROOT_PASSWORD=root --name mysql02 mysql:5.7
# 启动3个容器
[root@localhost home]# docker run -it --name docker01 test/centos:0.1
[root@802d9c7852a5 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@802d9c7852a5 /]# cd volume01
[root@802d9c7852a5 volume01]# ls
[root@802d9c7852a5 volume01]# touch docker01
[root@802d9c7852a5 volume01]# ls
docker01
[root@802d9c7852a5 /]#
[root@localhost home]# docker run -it --name docker02 --volumes-from docker01 test/centos:0.1 # docker01即为数据卷容器
[root@e154220b8c05 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@e154220b8c05 /]# cd volume01
[root@e154220b8c05 volume01]# ls
docker01 #docker01创建的文件,已经同步到docker02中
[root@e154220b8c05 volume01]#
# 创建第3个
[root@localhost ~]# docker run -it --name docker03 --volumes-from docker01 test/centos:0.1
[root@d8f71fedd323 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@d8f71fedd323 /]# cd volume01
[root@d8f71fedd323 volume01]# ls
docker01
[root@d8f71fedd323 volume01]# touch docker03
[root@d8f71fedd323 volume01]# ls
docker01 docker03
[root@d8f71fedd323 volume01]#
# 第一个容器中
[root@802d9c7852a5 volume01]# ls
docker01 docker03
[root@802d9c7852a5 volume01]#
# 删除docker01,数据仍然可以访问数据文件
#docker 01
docker stop docker01
docker rm docker01
[root@e154220b8c05 volume01]# ls
docker01 docker03
[root@e154220b8c05 volume01]#
容器之间配置信息的传递,数据卷容器的生命周期一直持续到没有容器使用为止,但一旦持久化到本地,本地的数据是不会删除的
七、DockerFile
7.1 DockerFile概述
DockerFile就是用来构建docker镜像的构建文件,命令参数脚本
通过这个脚本可以生成镜像,镜像是一层一层的,脚本一个一个的命令,每个命令都是一层
构建步骤:
- 编写一个dockerfile文件
- docker build dockerfile 构建成为一个镜像
- docker run 运行镜像
- docker push 发布镜像(Dockerhub、阿里云镜像仓库)
查看一下官方是怎么做的
Dockerhub
github
很多官方镜像都是基础包,很多功能都没有,因此后期需要自己补充,自己完善
官方既然可以制作镜像,我们也可以
7.2 DockerFile构建
基础知识
- 每个保留关键字(指令)都是必须大写字母
- 执行从上到下顺序执行
- “#” 表示注释
- 每一个指令都会创建提交一个新的镜像层,并提交
dockerfile是面向开发的,我们以后要发布项目,做镜像,就需要编写dockerfile文件
Docker镜像逐渐成为企业交付的标准,必须要掌握
步骤:开发、部署、运维缺一不可
DockerFile:构建文件,定义了一切的步骤,源代码
DockerImages:通告DockerFile构建生成的镜像,最终发布和运行的产品
Docker容器:容器就是镜像运行起来提供服务的
7.3 DockerFile指令
FROM # 基础镜像,一切从这里开始
MAINTAINER # 镜像是谁写的,姓名+邮箱
RUN # 镜像构建时候需要运行的命令
ADD # 步骤,tomcat镜像,这个tomcat压缩包,添加内容
WORKDIR # 镜像的工作目录
VOLUME # 挂载的目录
EXPOSE # 指定暴露端口
CMD # 指定容器启动时要运行的命令,只有最后一个会生效,可被替代
ENTRYPOINT # 指定容器启动时要运行的命令,可以追加命令
ONBUILD # 当构建一个被继承DockerFile这时候就会运行ONBUILD的指令,触发指令
COPY # 类似ADD,将我们文件拷贝到镜像中
ENV # 构建的时候设置环境变量
CMD和ENTRYPOINT 区别
CMD # 指定容器启动时要运行的命令,只有最后一个会生效,可被替代
ENTRYPOINT # 指定容器启动时要运行的命令,可以追加命令
# 测试cmd命令
[root@localhost dockerfile]# cat docker_cmd_test
FROM centos:7
CMD ["ls","-a"]
[root@localhost dockerfile]#
# 构建镜像
[root@localhost dockerfile]# docker build -f docker_cmd_test -t cmdtest . 0.0s
[root@localhost dockerfile]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cmdtest latest 06f2cc65ea4a 2 years ago 204MB
# run运行,发现ls-a命令生效
[root@localhost dockerfile]# docker run cmdtest
.
..
.dockerenv
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
# 向追加一个命令-l ls-al
[root@localhost dockerfile]# docker run cmdtest -l
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "-l": executable file not found in $PATH: unknown.
ERRO[0001] error waiting for container: context canceled
[root@localhost dockerfile]#
# cmd的清理下,把用-l替换了CMD["ls","-a"]命令。-l不是命令,所以报错
[root@localhost dockerfile]# docker run cmdtest ls -al
total 12
drwxr-xr-x 1 root root 6 Mar 13 11:02 .
drwxr-xr-x 1 root root 6 Mar 13 11:02 ..
-rwxr-xr-x 1 root root 0 Mar 13 11:02 .dockerenv
-rw-r--r-- 1 root root 12114 Nov 13 2020 anaconda-post.log
lrwxrwxrwx 1 root root 7 Nov 13 2020 bin -> usr/bin
drwxr-xr-x 5 root root 340 Mar 13 11:02 dev
drwxr-xr-x 1 root root 66 Mar 13 11:02 etc
drwxr-xr-x 2 root root 6 Apr 11 2018 home
lrwxrwxrwx 1 root root 7 Nov 13 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 13 2020 lib64 -> usr/lib64
drwxr-xr-x 2 root root 6 Apr 11 2018 media
drwxr-xr-x 2 root root 6 Apr 11 2018 mnt
drwxr-xr-x 2 root root 6 Apr 11 2018 opt
dr-xr-xr-x 179 root root 0 Mar 13 11:02 proc
dr-xr-x--- 2 root root 114 Nov 13 2020 root
drwxr-xr-x 11 root root 148 Nov 13 2020 run
lrwxrwxrwx 1 root root 8 Nov 13 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 6 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 Mar 13 06:50 sys
drwxrwxrwt 7 root root 132 Nov 13 2020 tmp
drwxr-xr-x 13 root root 155 Nov 13 2020 usr
drwxr-xr-x 18 root root 238 Nov 13 2020 var
[root@localhost dockerfile]#
# 测试ENTRYPOINT
[root@localhost dockerfile]# cat docker_cmd_entrypoint
From centos:7
ENTRYPOINT ["ls","-a"]
[root@localhost dockerfile]#
# 构建镜像
[root@localhost dockerfile]# docker build -f docker_cmd_entrypoint -t entrypoint_test .
[+] Building 16.9s (5/5) FINISHED docker:default
=> [internal] load build definition from docker_cmd_entrypoint 0.0s
=> => transferring dockerfile: 85B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 16.7s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> CACHED [1/1] FROM docker.io/library/centos:7@sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:5184c7d459a0111136914d90d94e7121f7fce3c2746b17b74fc2f1e808a37da8 0.0s
=> => naming to docker.io/library/entrypoint_test 0.0s
[root@localhost dockerfile]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
base_docker 0.1 73cc41173a15 29 minutes ago 708MB
centos7 0.1 7c4c68960810 10 hours ago 2.15GB
centos7 latest a3244eba95fb 26 hours ago 584MB
nginx latest 605c77e624dd 2 years ago 141MB
mysql 5.7 c20987f18b13 2 years ago 448MB
ubuntu latest ba6acccedd29 2 years ago 72.8MB
cmdtest latest 06f2cc65ea4a 2 years ago 204MB
centos centos7 eeb6ee3f44bd 2 years ago 204MB
entrypoint_test latest 5184c7d459a0 2 years ago 204MB
test/centos 0.1 5f6352c38230 2 years ago 231MB
centos latest 5d0da3dc9764 2 years ago 231MB
[root@localhost dockerfile]# docker run entrypoint_test
.
..
.dockerenv
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
# 添加参数
[root@localhost dockerfile]# docker run entrypoint_test -l
total 12
drwxr-xr-x 1 root root 6 Mar 13 11:07 .
drwxr-xr-x 1 root root 6 Mar 13 11:07 ..
-rwxr-xr-x 1 root root 0 Mar 13 11:07 .dockerenv
-rw-r--r-- 1 root root 12114 Nov 13 2020 anaconda-post.log
lrwxrwxrwx 1 root root 7 Nov 13 2020 bin -> usr/bin
drwxr-xr-x 5 root root 340 Mar 13 11:07 dev
drwxr-xr-x 1 root root 66 Mar 13 11:07 etc
drwxr-xr-x 2 root root 6 Apr 11 2018 home
lrwxrwxrwx 1 root root 7 Nov 13 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 13 2020 lib64 -> usr/lib64
drwxr-xr-x 2 root root 6 Apr 11 2018 media
drwxr-xr-x 2 root root 6 Apr 11 2018 mnt
drwxr-xr-x 2 root root 6 Apr 11 2018 opt
dr-xr-xr-x 182 root root 0 Mar 13 11:07 proc
dr-xr-x--- 2 root root 114 Nov 13 2020 root
drwxr-xr-x 11 root root 148 Nov 13 2020 run
lrwxrwxrwx 1 root root 8 Nov 13 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 6 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 Mar 13 06:50 sys
drwxrwxrwt 7 root root 132 Nov 13 2020 tmp
drwxr-xr-x 13 root root 155 Nov 13 2020 usr
drwxr-xr-x 18 root root 238 Nov 13 2020 var
DockerFile中很多命令十分相似,我们需要了解它们的区别,我们最好的学习就是对比然后测试它们的效果
7.4 实战测试
7.4.1 构建centos镜像
# Docker Hub中99%镜像都是从这个基础镜像过来的FROM scratch,然后配置需要的软件和配置来进行的构建
# 编写dockerfile文件
[root@localhost dockerfile]# vi base_docker
[root@localhost dockerfile]# cat base_docker
FROM centos:centos7
MAINTAINER test<test@163>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "-------end------"
CMD /bin/bash
[root@localhost dockerfile]#
# 通过这个文件构建镜像
docker build -f base_docker -t base_docker:0.1 .
[root@localhost dockerfile]# docker build -f base_docker -t base_docker:0.1 .
[+] Building 43.7s (8/8) FINISHED docker:default
=> [internal] load build definition from base_docker 0.0s
=> => transferring dockerfile: 262B 0.0s
=> [internal] load metadata for docker.io/library/centos:centos7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/4] FROM docker.io/library/centos:centos7 0.0s
=> [2/4] WORKDIR /usr/local 0.1s
=> [3/4] RUN yum -y install vim 37.4s
=> [4/4] RUN yum -y install net-tools 4.6s
=> exporting to image 1.3s
=> => exporting layers 1.3s
=> => writing image sha256:73cc41173a150c68669c5cf249089752e0cda5dc2c57a469868b5676078360ab 0.0s
=> => naming to docker.io/library/base_docker:0.1 0.0s
[root@localhost dockerfile]#
# 测试运行
docker run -it --name mycentos base_docker
[root@23d0c6f6ddd7 local]# pwd
/usr/local
[root@23d0c6f6ddd7 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.7 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:07 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@23d0c6f6ddd7 local]# vim test
[root@23d0c6f6ddd7 local]#
列出本地镜像的变更历史(可以看看别人是怎么写的)
[root@localhost dockerfile]# docker history 73cc41173a15
IMAGE CREATED CREATED BY SIZE COMMENT
73cc41173a15 5 minutes ago CMD ["/bin/sh" "-c" "/bin/bash"] 0B buildkit.dockerfile.v0
<missing> 5 minutes ago CMD ["/bin/sh" "-c" "echo \"-------end------… 0B buildkit.dockerfile.v0
<missing> 5 minutes ago CMD ["/bin/sh" "-c" "echo $MYPATH"] 0B buildkit.dockerfile.v0
<missing> 5 minutes ago EXPOSE map[80/tcp:{}] 0B buildkit.dockerfile.v0
<missing> 5 minutes ago RUN /bin/sh -c yum -y install net-tools # bu… 208MB buildkit.dockerfile.v0
<missing> 6 minutes ago RUN /bin/sh -c yum -y install vim # buildkit 296MB buildkit.dockerfile.v0
<missing> 6 minutes ago WORKDIR /usr/local 0B buildkit.dockerfile.v0
<missing> 6 minutes ago ENV MYPATH=/usr/local 0B buildkit.dockerfile.v0
<missing> 6 minutes ago MAINTAINER zhuizhu<zhuizhu@163> 0B buildkit.dockerfile.v0
<missing> 2 years ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 2 years ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 2 years ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4… 204MB
[root@localhost dockerfile]#
7.4.2 构建tomcat镜像
步骤:
- 准备镜像文件tomcat压缩包,jdk的压缩包
- 编写dockerfile文件
- 构建镜像
- 运行容器
- 访问测试
- 发布项目(由于做了卷挂载,我们直接在本地编写项目就可以本地发布)
# 准备镜像文件tomcat压缩包,jdk的压缩包
# 编写dockerfile文件
[root@localhost tomcat]# cat Dockerfile
FROM centos:7
MAINTAINER test<test@163>
COPY readme.txt /usr/local/readme.txt
ADD apache-tomcat-9.0.86.tar.gz /usr/local/
ADD jdk-8u202-linux-x64.tar.gz /usr/local
RUN yum -y install vim
RUN yum -y install net-tools
ENV MYPATH /usr/local
WORKDIR $MYPATH
ENV JAVA_HOME /usr/local/jdk1.8.0_202
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.86
ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.86
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
EXPOSE 8080
CMD /usr/local/apache-tomcat-9.0.86/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.86/bin/logs/catalna.out
[root@localhost tomcat]#
# 构建镜像
[root@localhost tomcat]# docker build -t mytomcat .
[+] Building 68.6s (12/12) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 709B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.3s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/7] FROM docker.io/library/centos:7@sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 127B 0.0s
=> CACHED [2/7] COPY readme.txt /usr/local/readme.txt 0.0s
=> CACHED [3/7] ADD apache-tomcat-9.0.86.tar.gz /usr/local/ 0.0s
=> CACHED [4/7] ADD jdk-8u202-linux-x64.tar.gz /usr/local 0.0s
=> [5/7] RUN yum -y install vim 60.2s
=> [6/7] RUN yum -y install net-tools 4.9s
=> [7/7] WORKDIR /usr/local 0.1s
=> exporting to image 2.8s
=> => exporting layers 2.8s
=> => writing image sha256:d66f9a42d88f78e76187736ab652f3c9eb1f889fee478875a86e14c731f8d848 0.0s
=> => naming to docker.io/library/mytomcat 0.0s
[root@localhost tomcat]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mytomcat latest d66f9a42d88f 12 seconds ago 1.13GB
base_docker 0.1 73cc41173a15 2 hours ago 708MB
centos7 0.1 7c4c68960810 11 hours ago 2.15GB
centos7 latest a3244eba95fb 28 hours ago 584MB
nginx latest 605c77e624dd 2 years ago 141MB
mysql 5.7 c20987f18b13 2 years ago 448MB
ubuntu latest ba6acccedd29 2 years ago 72.8MB
cmdtest latest 06f2cc65ea4a 2 years ago 204MB
entrypoint_test latest 5184c7d459a0 2 years ago 204MB
centos centos7 eeb6ee3f44bd 2 years ago 204MB
centos latest 5d0da3dc9764 2 years ago 231MB
test/centos 0.1 5f6352c38230 2 years ago 231MB
[root@localhost tomcat]#
# 运行容器
[root@localhost tomcat]# docker run -d -p 9090:8080 --name mytomcat -v /home/tomcat/test:/usr/local/apache-tomcat-9.0.86/webapps/test -v /home/tomcat/tomcatlogs/:/usr/local/apache-tomcat-9.0.86/logs mytomcat
发布项目
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp/xml/ns/javaee"
xmlns:xsi="http://www.w3/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp/xml/ns/javaee
http://xmlns.jcp/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<!--配置欢迎界面-->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
</web-app>
# index.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<h1>
你好!
</h1>
<%
System.out.println("hello world");
%>
</body>
</html>
以后的开发的步骤:都需要掌握DockerFile的编写,我们之后都是使用docker镜像来运行
7.5 发布镜像
7.5.1 发布到DockerHub
地址:https://hub.docker/
步骤:
- 注册账号
- 在服务器上提交自己的镜像
[root@localhost tomcatlogs]# docker login --help
Usage: docker login [OPTIONS] [SERVER]
Log in to a registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
[root@localhost tomcatlogs]#
- 登陆完毕就可以提交镜像了,docker push
docker push mytomcat:0.1
- 给镜像添加tag
docker tag 镜像id mytomcat:1.0
提交的时候也是分层级提交的
7.5.2 发布到阿里云镜像
地址:https://cr.console.aliyun/cn-shanghai/instance/repositories
步骤:
- 登录
- 找到容器镜像服务
- 创建命名空间
- 创建镜像仓库
小结
八、Docker网络
8.1 Docker0网络
# 查看宿主机ip
[root@localhost home]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 # 本机回环地址
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 # 本机内外地址
link/ether 00:0c:29:47:6e:dc brd ff:ff:ff:ff:ff:ff
inet 192.168.100.3/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::aa4:c615:fa3a:56c4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default # docker0地址
link/ether 02:42:16:c1:ac:24 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:16ff:fec1:ac24/64 scope link
valid_lft forever preferred_lft forever
[root@localhost home]#
三个问题:
- docker如何处理容器网络访问的?
# 查看容器ip,容器启动时,eth0网卡会得到ip,是docker分配的
[root@localhost home]# docker run -it --name centos centos:7 /bin/bash
[root@6a0f7eb2d539 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 2145 bytes 33738016 (32.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2003 bytes 111283 (108.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@6a0f7eb2d539 /]#
# 宿主机和容器之间可以互相访问
[root@localhost ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.187 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.113 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.118 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.076 ms
64 bytes from 172.17.0.2: icmp_seq=5 ttl=64 time=0.172 ms
64 bytes from 172.17.0.2: icmp_seq=6 ttl=64 time=0.054 ms
原理——Linux系统的桥接模式
- 我们每次启动一个docker容器,docker就会给docker容器分配一个ip,只要按照了docker,就会有一个docker0,桥接模式,使用的技术是evth-pair【一对虚拟设备接口,一段连着协议,一段彼此相连,当作宿主机与容器、容器与容器之间交流的桥梁】
开启容器后查看宿主机ip,新加了一个网卡与容器内网卡配对
- 宿主机与容器、容器与容器之间可以相互连接(ping 通)
tomcat01和tomcat02公用一个路由器——docker0
所有容器不指定网路的情况下,都是docker0路由,docker会自动给容器分配ip
docker使用的是Linux的桥接模式,宿主机中是一个docker容器的网桥,docker0
docker中所有的网络接口都是虚拟的,虚拟的转发效率高
只要容器删除,对应网桥会被自动删除
8.2 --Link
思考一个场景,我们编写了一个微服务,database url=ip:,项不重启,数据库ip换掉了,我们希望可以处理这个问题,可以
名字来进行访问容器?
[root@localhost home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
778dd81ca130 centos:7 "/bin/bash" 2 minutes ago Up 2 minutes centos2
09007a9f85c5 centos:7 "/bin/bash" 3 minutes ago Up 2 minutes centos1
[root@localhost home]# docker exec -it centos1 ping centos2
ping: centos2: Name or service not known
[root@localhost home]#
# 如何可以使用服务名ping通(单向连接,反向连接不行)
[root@localhost home]# docker exec -it centos2 ping centos3
ping: centos3: Name or service not known
[root@localhost home]# docker exec -it centos3 ping centos2
PING centos2 (172.17.0.3) 56(84) bytes of data.
64 bytes from centos2 (172.17.0.3): icmp_seq=1 ttl=64 time=0.501 ms
64 bytes from centos2 (172.17.0.3): icmp_seq=2 ttl=64 time=0.334 ms
64 bytes from centos2 (172.17.0.3): icmp_seq=3 ttl=64 time=0.170 ms
64 bytes from centos2 (172.17.0.3): icmp_seq=4 ttl=64 time=0.174 ms
64 bytes from centos2 (172.17.0.3): icmp_seq=5 ttl=64 time=0.199 ms
# 查看网络信息
[root@localhost home]# docker network ls
NETWORK ID NAME DRIVER SCOPE
db8907d5ab93 bridge bridge local
888817825ff3 host host local
ed9aa6002234 none null local
# 查看具体信息
[root@localhost home]# docker network inspect db8907d5ab93
[
{
"Name": "bridge",
"Id": "db8907d5ab939d33da7efe9b27137b0551b6cffbaffa0d4faf2c42f5e8a293d2",
"Created": "2024-03-13T09:07:06.428018814+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16", # 网段
"Gateway": "172.17.0.1" # 网关
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"09007a9f85c51d301c7f29ae56a1dc11ef6322607b0132e41b77ac2dcec8e561": {
"Name": "centos1",
"EndpointID": "6012a5bef26b9aa44f50fac6b89f499b7104fda27c1e19a81bedc3c2bcbdbad5",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a": {
"Name": "centos3",
"EndpointID": "9dc015c11f6e4c2bd91a8e9223afca995657a80efb0ce488bb08fdcfca906085",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"778dd81ca1308c5d6e829e3f3696fad6221d5f8171c05d4b31055432a2c0266d": {
"Name": "centos2",
"EndpointID": "6020763c54ce16fb75f8629b17ca001ad6c64f9769237e07425e3af10586f812",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.dockerwork.bridge.default_bridge": "true",
"com.dockerwork.bridge.enable_icc": "true",
"com.dockerwork.bridge.enable_ip_masquerade": "true",
"com.dockerwork.bridge.host_binding_ipv4": "0.0.0.0",
"com.dockerwork.bridge.name": "docker0",
"com.dockerwork.driver.mtu": "1500"
},
"Labels": {}
}
]
[root@localhost home]#
# 查看容器信息
[root@localhost home]# docker inspect centos3
[
{
"Id": "22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a",
"Created": "2024-03-13T18:20:08.63498624Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 99578,
"ExitCode": 0,
"Error": "",
"StartedAt": "2024-03-13T18:20:09.749300336Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9",
"ResolvConfPath": "/var/lib/docker/containers/22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a/hostname",
"HostsPath": "/var/lib/docker/containers/22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a/hosts",
"LogPath": "/var/lib/docker/containers/22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a/22ff5232e8eb8e67a0c2961c83d040dacfcaf1576378ef6f05beae14420a916a-json.log",
"Name": "/centos3",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
41,
187
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": [
"/centos2:/centos3/centos2" #
],
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/a5ab5759876cfac92319b5528241b5e6c481c6c2e551c03cceade4edc1db6eb2-init/diff:/var/lib/docker/overlay2/c4bbbd05e330af8e600150bebf09d26a73fd9c9235d74279db9d67a91d104007/diff",
"MergedDir": "/var/lib/docker/overlay2/a5ab5759876cfac92319b5528241b5e6c481c6c2e551c03cceade4edc1db6eb2/merged",
"UpperDir": "/var/lib/docker/overlay2/a5ab5759876cfac92319b5528241b5e6c481c6c2e551c03cceade4edc1db6eb2/diff",
"WorkDir": "/var/lib/docker/overlay2/a5ab5759876cfac92319b5528241b5e6c481c6c2e551c03cceade4edc1db6eb2/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "22ff5232e8eb",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos:7",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20201113",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS",
"org.opencontainers.image.created": "2020-11-13 00:00:00+00:00",
"org.opencontainers.image.licenses": "GPL-2.0-only",
"org.opencontainers.image.title": "CentOS Base Image",
"org.opencontainers.image.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "25ba20330803c908d48e4b33bf6caa199d552b1a6861a41d27aa792d22288694",
"SandboxKey": "/var/run/docker/netns/25ba20330803",
"Ports": {},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "9dc015c11f6e4c2bd91a8e9223afca995657a80efb0ce488bb08fdcfca906085",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:04",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "02:42:ac:11:00:04",
"NetworkID": "db8907d5ab939d33da7efe9b27137b0551b6cffbaffa0d4faf2c42f5e8a293d2",
"EndpointID": "9dc015c11f6e4c2bd91a8e9223afca995657a80efb0ce488bb08fdcfca906085",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]
[root@localhost home]#
# 容器hosts
[root@localhost home]# docker exec -it centos3 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 centos2 778dd81ca130 # centos3把centos3加入hosts
172.17.0.4 22ff5232e8eb
[root@localhost home]#
本质探究:–link 就是我们在hosts配置中增加了一个172.18.0.3 tomcat02 312857784cd4
我们现在玩Docker 已经不建议使用 --link了!
自定义网络,不使用docker0,docker0不支持容器名访问连接
8.3 自定义网络
# 查看所有的docker网络
[root@localhost home]# docker network ls
NETWORK ID NAME DRIVER SCOPE
db8907d5ab93 bridge bridge local
888817825ff3 host host local
ed9aa6002234 none null local
[root@localhost home]#
# 网络模式
bridge:桥接,容器和容器间通过第三方互相连接(默认,自己创建的也使用桥接)
none:不配置网络
host:容器和宿主机共享网络
container:容器内网络联通
# 参数
[root@localhost home]# docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[root@localhost home]#
# 直接启动的容器默认有--net bridge,而这个就是docker0
[root@localhost home]# docker run -d -P --name tomcat01 tomcat
[root@localhost home]# docker run -d -P --name tomcat01 --net bridge tomcat
670f404de3664f826d3000f7e4e508d151ca0ea03eb6ed7022ce8d8751e9cb8c
[root@localhost home]#
# docker0特点:默认的网络、域名不能访问、--link可以打通连接
# 自定义网络
[root@localhost home]# docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which to copy the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
[root@localhost home]#
# 示例,创建自己的网络
[root@localhost home]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
6f65d1adfafc920c354859c052b0f99aeadf1a65ba6d222674f6fcccac741609
[root@localhost home]# docker network ls
NETWORK ID NAME DRIVER SCOPE
db8907d5ab93 bridge bridge local
888817825ff3 host host local
6f65d1adfafc mynet bridge local
ed9aa6002234 none null local
[root@localhost home]#
[root@localhost home]# docker network inspect 6f65d1adfafc
[
{
"Name": "mynet",
"Id": "6f65d1adfafc920c354859c052b0f99aeadf1a65ba6d222674f6fcccac741609",
"Created": "2024-03-14T03:01:35.47340547+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[root@localhost home]#
# 创建容器
[root@localhost home]# docker run -d -P --name tomcat-net-01 --net mynet tomcat
335428365a6448cd352bfaba8e0b36b8f1bdbee916862cd3ada78320dc891710
[root@localhost home]# docker run -d -P --name tomcat-net-02 --net mynet tomcat
47862ebc863f07c214a7ebb20457e0f8601260ef686032b9c453145cd1c02460
[root@localhost home]# docker network inspect 6f65d1adfafc
[
{
"Name": "mynet",
"Id": "6f65d1adfafc920c354859c052b0f99aeadf1a65ba6d222674f6fcccac741609",
"Created": "2024-03-14T03:01:35.47340547+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"335428365a6448cd352bfaba8e0b36b8f1bdbee916862cd3ada78320dc891710": {
"Name": "tomcat-net-01",
"EndpointID": "4fd45ef8cb4259e60397e04df0302b7262c52aee37ea473c94b8535d6c79d3a1",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"47862ebc863f07c214a7ebb20457e0f8601260ef686032b9c453145cd1c02460": {
"Name": "tomcat-net-02",
"EndpointID": "d55f6fe48986667c14c024c772bb418f8f95746770bc0a4fbb314ee7244c3efa",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@localhost home]#
# 自定义网络下可以使用ip也可以使用域名访问(平时常用)
[root@localhost home]# docker exec -it tomcat-net-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3): 56 data bytes
64 bytes from 192.168.0.3: icmp_seq=0 ttl=64 time=0.243 ms
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.203 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.133 ms
^C--- 192.168.0.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.133/0.193/0.243/0.045 ms
[root@localhost home]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3): 56 data bytes
64 bytes from 192.168.0.3: icmp_seq=0 ttl=64 time=0.438 ms
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.323 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.255 ms
^C--- tomcat-net-02 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.255/0.339/0.438/0.076 ms
[root@localhost home]#
自定义网络优点
不同的集群使用不同的网络,保证集群是安全和健康的
8.3 网络连通
# 不同网段之间连通
[root@localhost home]# docker network connect mynet tomcat01
[root@localhost home]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "6f65d1adfafc920c354859c052b0f99aeadf1a65ba6d222674f6fcccac741609",
"Created": "2024-03-14T03:01:35.47340547+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"335428365a6448cd352bfaba8e0b36b8f1bdbee916862cd3ada78320dc891710": {
"Name": "tomcat-net-01",
"EndpointID": "4fd45ef8cb4259e60397e04df0302b7262c52aee37ea473c94b8535d6c79d3a1",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"47862ebc863f07c214a7ebb20457e0f8601260ef686032b9c453145cd1c02460": {
"Name": "tomcat-net-02",
"EndpointID": "d55f6fe48986667c14c024c772bb418f8f95746770bc0a4fbb314ee7244c3efa",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"670f404de3664f826d3000f7e4e508d151ca0ea03eb6ed7022ce8d8751e9cb8c": {
"Name": "tomcat01",
"EndpointID": "87303056c2e22ce616530132fd7f016963a9fe4b2a26a4b6f06d3e33ca74ff3a",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16", # 连通后,直接把其它网络容器添加到该网络,一个容器,两个ip
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@localhost home]#
# 测试连通
[root@localhost home]# docker exec -it tomcat01 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2): 56 data bytes
64 bytes from 192.168.0.2: icmp_seq=0 ttl=64 time=0.377 ms
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=0.157 ms
64 bytes from 192.168.0.2: icmp_seq=2 ttl=64 time=0.223 ms
^C--- tomcat-net-01 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.157/0.252/0.377/0.092 ms
[root@localhost home]#
结论:假如要跨网络访问容器,就需要使用docker network connect 网络名 容器
8.4 实战:Redis集群
shell脚本
# 创建网卡
docker network create redis --subnet 172.38.0.0/16
# 通过脚本创建六个redis配置
for port in $(seq 1 6); \
do \
mkdir -p /home/redis/node-${port}/conf
touch /home/redis/node-${port}/conf/redis.conf
cat << EOF >/home/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.38.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
done
# 启动容器
docker run -p 637${port}:6379 -p 1637${port}:16379 --name redis-${port} \
-v /home/redis/node-${port}/data:/data \
-v /home/redis/node-${port}/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.1${port} redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
# 创建集群
[root@localhost conf]# docker exec -it redis-1 /bin/sh
/data # ls
appendonly.aof nodes.conf
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: 7a1b596f7102b84375e50e416fe057a4acb5e32e 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: faa821482527b8d1148de4d078946158245ccee2 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: d9b41cb1ccdd9b44e41b9e69d77ca38ae813db9b 172.38.0.14:6379
replicates faa821482527b8d1148de4d078946158245ccee2
S: 13c4e233a613a024d972f644d74c545726bc5723 172.38.0.15:6379
replicates ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1
S: a4285b689dbafcc4901ad4326621cfdb6c4fd148 172.38.0.16:6379
replicates 7a1b596f7102b84375e50e416fe057a4acb5e32e
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
...
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: a4285b689dbafcc4901ad4326621cfdb6c4fd148 172.38.0.16:6379
slots: (0 slots) slave
replicates 7a1b596f7102b84375e50e416fe057a4acb5e32e
S: d9b41cb1ccdd9b44e41b9e69d77ca38ae813db9b 172.38.0.14:6379
slots: (0 slots) slave
replicates faa821482527b8d1148de4d078946158245ccee2
M: faa821482527b8d1148de4d078946158245ccee2 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: 13c4e233a613a024d972f644d74c545726bc5723 172.38.0.15:6379
slots: (0 slots) slave
replicates ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1
M: 7a1b596f7102b84375e50e416fe057a4acb5e32e 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
/data #
# 高可用测试
/data # redis-cli-c
/bin/sh: redis-cli-c: not found
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:219
cluster_stats_messages_pong_sent:227
cluster_stats_messages_sent:446
cluster_stats_messages_ping_received:222
cluster_stats_messages_pong_received:219
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:446
127.0.0.1:6379> cluster nodes
a4285b689dbafcc4901ad4326621cfdb6c4fd148 172.38.0.16:6379@16379 slave 7a1b596f7102b84375e50e416fe057a4acb5e32e 0 1710362195612 6 connected
d9b41cb1ccdd9b44e41b9e69d77ca38ae813db9b 172.38.0.14:6379@16379 slave faa821482527b8d1148de4d078946158245ccee2 0 1710362195379 4 connected
faa821482527b8d1148de4d078946158245ccee2 172.38.0.13:6379@16379 master - 0 1710362196500 3 connected 10923-16383
13c4e233a613a024d972f644d74c545726bc5723 172.38.0.15:6379@16379 slave ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 0 1710362195000 5 connected
ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 172.38.0.11:6379@16379 myself,master - 0 1710362193000 1 connected 0-5460
7a1b596f7102b84375e50e416fe057a4acb5e32e 172.38.0.12:6379@16379 master - 0 1710362195000 2 connected 5461-10922
127.0.0.1:6379> set a b
-> Redirected to slot [15495] located at 172.38.0.13:6379
OK
172.38.0.13:6379> read escape sequence
[root@localhost conf]# docker stop redis-3
redis-3
[root@localhost conf]# docker exec -it redis-1 /bin/sh
/data # redis-cli -c
127.0.0.1:6379> get a
-> Redirected to slot [15495] located at 172.38.0.14:6379
"b"
172.38.0.14:6379>
172.38.0.14:6379> cluster nodes
faa821482527b8d1148de4d078946158245ccee2 172.38.0.13:6379@16379 master,fail - 1710362276852 1710362276304 3 connected # 主机下线,从机备用
13c4e233a613a024d972f644d74c545726bc5723 172.38.0.15:6379@16379 slave ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 0 1710362436983 5 connected
7a1b596f7102b84375e50e416fe057a4acb5e32e 172.38.0.12:6379@16379 master - 0 1710362435515 2 connected 5461-10922
d9b41cb1ccdd9b44e41b9e69d77ca38ae813db9b 172.38.0.14:6379@16379 myself,master - 0 1710362436000 7 connected 10923-16383
a4285b689dbafcc4901ad4326621cfdb6c4fd148 172.38.0.16:6379@16379 slave 7a1b596f7102b84375e50e416fe057a4acb5e32e 0 1710362435000 6 connected
ad6fddcd4b12faab6a1aff7c6cc99a336d4de2e1 172.38.0.11:6379@16379 master - 0 1710362436633 1 connected 0-5460
172.38.0.14:6379>
# 使用docker后,所有技术会慢慢简单
九、SpringBoot微服务打包Docker镜像
步骤:
- 构建springboot项目
- 打包应用
- 编写dockerfile
- 构建镜像
- 发布运行(以后我们使用docker后,给别人交付一个镜像即可)
版权声明:本文标题:Docker入门到精通 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/xitong/1729205516a1189983.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论