Docker實踐(二)
1、Docker網絡和存儲html
1. Docker網絡訪問mysql
[root@localhost ~]# iptables -vnLlinux
Chain INPUT (policy ACCEPT 328K packets, 440M bytes)nginx
pkts bytes target prot opt in out source destination git
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53github
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53web
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67sql
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67chrome
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)docker
pkts bytes target prot opt in out source destination
0 0 DOCKER-ISOLATION all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstateRELATED,ESTABLISHED
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstateRELATED,ESTABLISHED
0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-withicmp-port-unreachable
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT 298K packets, 18M bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
[root@localhost~]# iptables -t nat -vnL
Chain PREROUTING (policy ACCEPT 2079 packets, 163Kbytes)
pkts bytes target prot opt in out source destination
11 780 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 2067 packets, 162K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 793 packets, 50031 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 793 packets, 50031 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0
0 0 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24
0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255
0 0 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports:1024-65535
0 0 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports:1024-65535
0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
[root@localhost ~]# brctl show //查看橋接,如下docker0爲docker的橋接網卡
bridge name bridge id STPenabled interfaces
docker0 8000.02425122513f no
virbr0 8000.5254007c0675 yes virbr0-nic
經過如下兩種映射方式,能夠直接從容器外部訪問docker容器內的服務:
隨機映射:
[root@localhost~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
daocloud.io/library/centos latest c3987965c15d 2 weeks ago 196.5 MB
docker.io/centos latest 0584b3d2cf6d 2 weeks ago 196.5 MB
daocloud.io/library/tomcat latest ebb17717bed4 2 weeks ago 355.4 MB
daocloud.io/library/nginx latest 067c8da9d5ab 4 weeks ago 181.4 MB
daocloud.io/daocloud/tutum-mysql latest d8d5e73655c0 8months ago 317.8 MB
[root@localhost ~]# docker run -d -P daocloud.io/library/nginx //隨機映射,經過-大P
78b7b435fe729d7fa7e8344a7165b8506ee1e5d8df81c26aca5888f89f6ec065
[root@localhost ~]# docker ps -l //查看更詳細的容器運行狀態
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
78b7b435fe72 daocloud.io/library/nginx "nginx -g 'daemon off" 8 seconds ago Up 7seconds 0.0.0.0:32769->80/tcp,0.0.0.0:32768->443/tcp elated_keller
[root@localhost ~]# curl -I 192.168.8.113:32769
HTTP/1.1 200 OK
Server: nginx/1.11.5
Date: Sun, 20 Nov 2016 14:17:54 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 11 Oct 2016 15:03:01 GMT
Connection: keep-alive
ETag: "57fcff25-264"
Accept-Ranges: bytes
[root@localhost ~]# docker logs 78b7b435fe72 //查看上面的nginx訪問日誌
192.168.8.113 - - [20/Nov/2016:14:17:40 +0000]"GET / HTTP/1.1" 200 612 "-" "curl/7.29.0""-"
192.168.8.113 - - [20/Nov/2016:14:17:47 +0000]"GET / HTTP/1.1" 200 612 "-" "curl/7.29.0""-"
192.168.8.113 - - [20/Nov/2016:14:17:50 +0000]"GET / HTTP/1.1" 200 612 "-" "curl/7.29.0""-"
指定ip、協議或端口映射:
[root@localhost ~]# docker run -d -p 81:80 daocloud.io/library/nginx //-小p指定端口映射
7cf3dc36e8bd863350fbd2fc8da88a7289a15d95f8400e47ec907ae33f41ed04
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7cf3dc36e8bd daocloud.io/library/nginx "nginx -g 'daemon off" 7 seconds ago Up 5seconds 443/tcp,0.0.0.0:81->80/tcp stoic_bohr
78b7b435fe72 daocloud.io/library/nginx "nginx -g 'daemon off" 20 minutes ago Up 20minutes 0.0.0.0:32769->80/tcp,0.0.0.0:32768->443/tcp elated_keller
2. Docker存儲
1. 數據卷(相似NFS)
[root@localhost~]# docker run -it --name volume-test1 -v /data centos //指定目標掛載卷
[root@10c9c9a8333c /]# ls -l/data
total 0
[root@localhost ~]# docker inspect 10c9c9a8333c //列出容器的全部信息
[root@localhost ~]# docker inspect 10c9c9a8333c|grep "data"
"Source":"/var/lib/docker/volumes/41bcdd63f68b161c8f5cec2c7aa81a491ad3b14a2c39be203cd2e06d377dc138/_data",
"Destination":"/data",
"/data": {}
[root@localhost ~]# cd /var/lib/docker/volumes/41bcdd63f68b161c8f5cec2c7aa81a491ad3b14a2c39be203cd2e06d377dc138/_data
[root@localhost _data]# touch 123
[root@10c9c9a8333c /]# ls -l /data
total 0
-rw-r--r--. 1 root root 0 Nov 2014:51 123
[root@localhost _data]# pwd
/var/lib/docker/volumes/41bcdd63f68b161c8f5cec2c7aa81a491ad3b14a2c39be203cd2e06d377dc138/_data
[root@localhost _data]# docker run -it -v /opt:/opt centos //指定源和目標掛載卷
[root@6262b9129773 /]# cd /opt
[root@6262b9129773 opt]# ll
total 1936192
-rw-r--r--. 1 107 107 632291328 Nov 19 11:52CentOS-7-x86_64-Minimal-1511.iso
-rw-r--r--. 1 root root5368709120 Nov 19 21:07 CentOS-7-x86_64-Minimal-1511.raw
[root@localhost opt]# touch hehe //物理機增長文件
[root@6262b9129773 opt]# ll //容器內的opt目錄查看,已有物理機增長的文件
total 1936192
-rw-r--r--. 1 107 107 632291328 Nov 19 11:52CentOS-7-x86_64-Minimal-1511.iso
-rw-r--r--. 1 root root5368709120 Nov 19 21:07 CentOS-7-x86_64-Minimal-1511.raw
-rw-r--r--. 1 root root 0 Nov 20 15:00 hehe
[root@localhost _data]# docker run -it -v /opt:/opt:ro centos //掛載時指定權限,rw可讀可寫,ro只讀。
[root@localhost _data]# docker run -it -v ~/.bash_history:/.bash_history centos //掛載單個文件到容器內
2. 數據卷容器
[root@localhost~]# docker run -d --name nfs -v /data centos
b20c906b6d294a69ee5185f28140b4526a7ec3cd0a910b01d698a690b10bc104
[root@localhost ~]# docker run-it --name test1 --volumes-from nfs centos
[root@694de5623330 /]# ls/data
[root@localhost ~]# docker ps-a|grep nfs
b20c906b6d29 centos "/bin/bash" 9 minutes ago Exited (0) 9minutes ago nfs
[root@localhost ~]# docker inspect b20c906b6d29|grep data
"Source":"/var/lib/docker/volumes/410ded5e8d7ea33ac483c774d6e5e03f0058920dada4522b3e9dc5b33a774a19/_data",
"Destination":"/data",
"/data": {}
[root@localhost _data]# cd /var/lib/docker/volumes/410ded5e8d7ea33ac483c774d6e5e03f0058920dada4522b3e9dc5b33a774a19/_data
[root@localhost _data]# ll
total 0
[root@localhost _data]# touch heha
[root@694de5623330 /]# ls /data
Heha
2、Docker手動構建鏡像
#使用鏡像啓動docker容器
[root@localhost~]# docker run -it --name 「my-nginx」docker.io/centos
[root@99512cefb074/]# rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
Retrieving http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
warning: /var/tmp/rpm-tmp.txjYCK: Header V3 RSA/SHA256 Signature, key ID352c64e5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:epel-release-7-8 ################################# [100%]
[root@99512cefb074 /]# yum install nginx –y
[root@99512cefb074 /]# vi /etc/nginx/nginx.conf
在第1行添加以下內容:
daemon off;
[root@99512cefb074 /]# vi /etc/rc.local
#start nginx
/usr/sbin/nginx
[root@99512cefb074 /]# /usr/sbin/nginx
[root@99512cefb074 /]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 158/nginx: master p
tcp6 0 0 :::80 :::* LISTEN 158/nginx: master p
[root@99512cefb074 /]# exit
#查看容器運行狀態
[root@localhost ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
99512cefb074 linuxzkq/nginx:v2 "/bin/bash" 4minutes ago Exited (0) 4 secondsago mynginx
#提交鏡像
[root@localhost ~]# docker commit -m "my-nginx" 99512cefb074 linuxzkq/nginx:v2
sha256:009edeb97d41cd1fb3d75afcb1f3a71f1afff10425ed1d0362dd0040acac1bc5
-m:指定提交的說明信息
99512cefb074 :容器的id
linuxzkq/nginx:v2:指定倉庫名和TAG信息
#查看鏡像
[root@localhost ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
linuxzkq/nginx v2 009edeb97d41 6 secondsago 401.5 MB
daocloud.io/library/centos latest c3987965c15d 3 weeksago 196.5 MB
#使用新提交的鏡像啓動docker容器
[root@localhost ~]# docker run -d -p 80:80 linuxzkq/nginx:v2/usr/sbin/nginx
ae9a2bf9e132667f31e2336b2dc722500ff3040136273218d49ff6eb50e7d018
'-p': 端口映射,第一個80爲本地端口,第二個80爲docker容器端口
linuxzkq/nginx:v2: 剛纔提交的鏡像名稱
/usr/sbin/nginx: 啓動nginx程序
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae9a2bf9e132 linuxzkq/nginx:v2 "/usr/sbin/nginx" 7seconds ago Up 5 seconds 0.0.0.0:80->80/tcp adoring_kalam
[root@localhost ~]# netstat -tunlp|grep 80
tcp6 0 0 :::80 :::* LISTEN 24183/docker-proxy
[root@localhost ~]# curl -I localhost
HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Thu, 24 Nov 2016 15:32:55 GMT
Content-Type: text/html
Content-Length: 3700
Last-Modified: Mon, 31 Oct 2016 12:37:02 GMT
Connection: keep-alive
ETag: "58173aee-e74"
Accept-Ranges: bytes
3、使用Dockerfile建立鏡像
#建立dockerfile文件:
[root@localhost~]# mkdir /opt/dockerfile/nginx -p
[root@localhost~]# cd /opt/dockerfile/nginx
[root@localhostnginx]# touch dockerfile
[root@localhostnginx]# ll
total 4
-rw-r--r--. 1 root root 0 Nov 25 00:16 dockerfile
-rw-r--r--. 1 root root 3700 Oct 31 20:37 index.html //此文件爲上傳的,必須和dockerfile文件放到一塊兒。
#文件內容:
# This docker file
# Version v1
# Author: linuxzkq
# Base p_w_picpath
FROM centos
# Maintainer
# MAINTAINER linuxzkq 1729294227@qq.com
# Commands
RUN rpm -ivh http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
RUN yum install nginx -y
ADD index.html/usr/share/nginx/html/index.html
RUN echo "daemonoff;" >> /etc/nginx/nginx.conf
EXPOSE 80
CMD ["/usr/sbin/nginx"]
#:註釋行FROM:告訴Docker使用哪一個鏡像做爲基礎MAINTAINER:維護者的信息RUN:要執行的操做或命令EXPOSE:向外部開放端口
ADD:往建立的鏡像裏面放點文件(copy文件,會自動解壓)CMD:描述容器啓動後運行的程序
#生成鏡像:
[root@localhostnginx]# docker build -t "linuxzkq/mynginx:v3" /opt/dockerfile/nginx
Sending build context to Docker daemon 6.656 kB
Step 1 : FROM centos
---> 0584b3d2cf6d
Step 2 : RUN rpm -ivhhttp://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
---> Running in1d63f384d48e
warning: /var/tmp/rpm-tmp.gItLFd: Header V3 RSA/SHA256Signature, key ID 352c64e5: NOKEY
Retrievinghttp://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
Preparing... ########################################
Updating / installing...
epel-release-7-8 ########################################
---> 30f24dde6a03
Removing intermediate container 1d63f384d48e
Step 3 : RUN yum install nginx -y
---> Running inf33d845038dc
Loaded plugins: fastestmirror, ovl
https://epel.mirror.angkasa.id/pub/epel/7/x86_64/repodata/9edce4d5e3c9437849fbbbae7c2faa50a9b0326b968dd8faa66ece83984c23de-primary.sqlite.xz:[Errno 12] Timeout onhttps://epel.mirror.angkasa.id/pub/epel/7/x86_64/repodata/9edce4d5e3c9437849fbbbae7c2faa50a9b0326b968dd8faa66ece83984c23de-primary.sqlite.xz:(28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30seconds')
Determining fastest mirrors
* base: mirrors.btte.net
* epel: mirror.premi.st
* extras:mirrors.btte.net
* updates:mirrors.btte.net
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 1:1.10.2-1.el7 will be installed
--> Processing Dependency: nginx-filesystem = 1:1.10.2-1.el7for package: 1:nginx-1.10.2-1.el7.x86_64
--> Processing Dependency: nginx-all-modules = 1:1.10.2-1.el7for package: 1:nginx-1.10.2-1.el7.x86_64
--> Processing Dependency: openssl for package:1:nginx-1.10.2-1.el7.x86_64
。。。。。。
Installing:
nginx x86_64 1:1.10.2-1.el7 epel 505 k
Installing for dependencies:
GeoIP x86_64 1.5.0-9.el7 base 709 k
fontconfig x86_64 2.10.95-7.el7 base 228 k
fontpackages-filesystem noarch 1.44-8.el7 base 9.9 k
freetype x86_64 2.4.11-11.el7 base 391 k
。。。。。。
Installing :1:nginx-1.10.2-1.el7.x86_64 52/54
Installing :1:nginx-mod-http-perl-1.10.2-1.el7.x86_64 53/54
Installing : 1:nginx-all-modules-1.10.2-1.el7.noarch 54/54
Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 1/54
。。。。。。
Complete!
---> 51706bb3c2b7
Removing intermediate container f33d845038dc
Step 4 : ADD index.html /usr/share/nginx/html/index.html
---> 8f83c05f78cf
Removing intermediate container c950deffc2e9
Step 5 : RUN echo 「daemon off;」>> /etc/nginx/nginx.conf
---> Running ine487f7fddaea
---> 414cb47691cd
Removing intermediate container fe6d8a8269b5
Step 6 : EXPOSE 80
---> Running in73503b9727d4
---> 831ac040cc67
Removing intermediate container 73503b9727d4
Step 7 : CMD [「/usr/sbin/nginx」]
---> Running ind28d018734ae
---> 6f988f0e763b
Removing intermediate container d28d018734ae
Successfully built 6f988f0e763b
其中-t標記來添加tag,指定新的鏡像的用戶信息。「/opt/dockerfile/nginx」是Dockerfile所在的路徑
#使用生成鏡像啓動容器:
[root@localhost nginx]# docker run -dit -p 80:80 linuxzkq/mynginx:v3
a4aed4b5f6ae421746ebe5b68119c1426ae848f7f59bab501829ace00dea4306
[root@localhost nginx]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a4aed4b5f6ae linuxzkq/mynginx:v3 "/usr/sbin/nginx" 2seconds ago Up 1 seconds 0.0.0.0:80->80/tcp pedantic_ritchie
Dockerfile 語法:
一個簡單的例子:
1. # Print "Hello docker!"
2. RUN echo "Hello docker!"
FROM
第一條指令必須爲 FROM 指令,用來指定使用的鏡像,#號開頭的爲註釋。
1. FROM centos:6
MAINTAINER
指定維護者信息。
1. MAINTAINER xiaohou
RUN
RUN 指令對鏡像執行跟隨的命令。
1. RUN echo "xiaohou">/opt/author
CMD
和RUN命令類似,CMD能夠用於執行特定的命令。和RUN不一樣的是,這些命令不是在鏡像構建的過程當中執行的,而是在用鏡像構建容器後被調用。
1. CMD "echo""Hello docker!"
支持三種格式
CMD [「executable」,」param1″,」param2″] 使用 exec 執行,推薦方式;
CMD command param1 param2 在 /bin/sh 中執行,提供給須要交互的應用;
CMD [「param1″,」param2」] 提供給 ENTRYPOINT 的默認參數;
VOLUME
VOLUME命令用於讓你的容器訪問宿主機上的目錄。
1. VOLUME ["/my_files"]
EXPOSE
EXPOSE用來指定端口,使容器內的應用能夠經過端口和外界交互。
1. EXPOSE 80
ENV
用來設置環境變量
1. ENV LANG en_US.UTF-8
2. ENV PATH /usr/local/postgres-$PG_MAJOR/bin:$PATH
WORKDIR
至關於CD命令,指定以後的RUN命令的運行目錄
1. WORKDIR /a
2. WORKDIR b
3. WORKDIR c
4. RUN pwd
ADD
將源文件拷貝到容器對應的路徑
1. ADD <src><dest>
能夠是Dockerfile所在目錄的一個相對路徑,也能夠是一個 URL;還能夠是一個tar 文件(自動解壓爲目錄)。
4、Docker-Registry私有倉庫構建
#拉取registry鏡像
[root@localhost nginx]# docker pull registry
[root@localhost nginx]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/registry latest c9bd19d022f6 5 weeksago 33.27 MB
[root@localhost ~]# mkdir /opt/data/registry –p
#運行建立私有倉庫
registry的介紹提到的最佳實踐建議將registry做爲容器運行起來。
默認狀況下,會將倉庫存放於容器內的/tmp/registry目錄下,這樣若是容器被刪除,則存放在容器內的鏡像也會丟失,因此通常狀況下會指定本地一個目錄掛載到容器內的/tmp/registry下,以下:
[root@localhost ~]# docker run -d -p 5000:5000 -v/opt/data/registry:/tmp/registry registry
00b1e3a57642f6353a53dce9d50a635caaef0bd35a1a4131e80a67a15a2ec238
-p: 端口映射,第一個5000爲本地端口,第二個5000爲docker容器端口
-v: 指定源和目標掛載卷,-v/opt/data/registry:/tmp/registry, /opt/data/registry/爲本地目錄,/tmp/registry爲docker容器內的目錄
[root@localhost ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00b1e3a57642 registry "/entrypoint.sh/etc/" 35 seconds ago Up 34 seconds 0.0.0.0:5000->5000/tcp pedantic_heyrovsky
[root@localhost ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
linuxzkq/mynginx v5 f0e91fa9ede2 43 hoursago 400.5 MB //手工建立的鏡像
docker.io/registry latest c9bd19d022f6 5 weeksago 33.27 MB
#向私有倉庫push一個鏡像
[root@localhost ~]# docker tag linuxzkq/mynginx:v5localhost:5000/zkq/mynginx:latest
[root@localhost ~]# docker push localhost:5000/zkq/mynginx:latest
The push refers to a repository [localhost:5000/zkq/mynginx]
a54678910e90: Pushed
525dc2fb194f: Pushed
ce5fb7f85633: Pushed
97ca462ad9ee: Pushed
latest: digest: sha256:76bcd5f2631cafff12d8b2de38b5d9481883d927cadb35c9544b9498603def88size: 1138
#結果確認
[root@localhost ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
linuxzkq/mynginx v5 f0e91fa9ede2 43 hours ago 400.5 MB
localhost:5000/zkq/mynginx latest f0e91fa9ede2 43 hoursago 400.5 MB
docker.io/registry latest c9bd19d022f6 5 weeksago 33.27 MB
#從私庫中pull鏡像
事前準備:將其餘鏡像都刪除,以便確認該鏡像確實是從私有倉庫中pull出來的.
[root@localhost ~]# docker pull localhost:5000/zkq/mynginx
Using default tag: latest
Trying to pull repository localhost:5000/zkq/mynginx ...
latest: Pulling from localhost:5000/zkq/mynginx
Digest:sha256:76bcd5f2631cafff12d8b2de38b5d9481883d927cadb35c9544b9498603def88
Status: Image is up to date for localhost:5000/zkq/mynginx:latest
[root@localhost ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED SIZE
linuxzkq/mynginx v5 f0e91fa9ede2 43 hoursago 400.5 MB
localhost:5000/zkq/mynginx latest f0e91fa9ede2 43 hoursago 400.5 MB
docker.io/registry latest c9bd19d022f6 5 weeksago 33.27 MB
[root@localhost ~]# docker run -it localhost:5000/zkq/mynginx /bin/sh
sh-4.2# hostname
f9fd364dc6da
sh-4.2# exit
exit
5、Docker的資源隔離(LXC:Linux資源隔離機制)
Linux kernel namespace: pid net ipc mnt uts user
6、Docker集中化web界面管理平臺shipyard
一、Docker Shipyard是什麼 ?shipyard是一個開源的docker管理平臺,記得之前安裝很麻煩的,如今官方有了自動安裝腳本,使用很是方便。複製、粘貼、使用,就這麼簡單。先不研究他是如何實現的,安裝使用起來再說。
$ curl -s https://shipyard-project.com/deploy| bash -s
Deploying Shipyard
-> Starting Database
-> Starting Discovery
-> Starting Cert Volume
-> Starting Proxy
-> Starting Swarm Manager
-> Starting Swarm Agent
-> Starting Controller
Waiting for Shipyard on 192.168.2.xxx:8080
..
Shipyard available at http://192.168.2.xxx:8080
Username: admin Password: shipyard
Shipyard 啓用了7個容器,默認訪問端口是8080,默認用戶名和密碼是admin 和 shipyard
注意事項:
若是安裝出現了問題怎麼辦?是不是由於端口衝突?網絡出現問題怎麼辦?這個項目用到了哪些Docker鏡像?一鍵安裝的腳本是如何實現的?
一、Shipyard的默認訪問端口爲8080,這個端口許多程序都會用,使用時儘可能要避免衝突。若是你在測試機器上安裝過多款軟件,而後再安裝Shipyard時,卻發現沒法訪問Shipyard,能夠考慮一下,是否是由於端口被其餘程序佔用的問題。
二、因爲網絡的緣由,所以第一次執行時可能不會很順利,鏡像可能未下載全,又或者端口衝突,致使沒法經過8080端口訪問shipyard頁面。查看主機發現其中有幾個Shipyard容器已經運行了,怎麼辦?不妨先使用 docker ps -a 命令,查看一下正在進行的容器狀況,而後用docker stop xxx 把7個shipyard開頭的容器都中止掉、最後再用docker rm xxx 把上一次安裝出現問題的容器都刪除掉,最後再次執行curl這一行命令。
三、比較穩妥的方法是先下載這七個Docker鏡像,而後再運行這一行。其中rethinkdb 181MB,shipyard/shipyard 58MB,七個一共300MB。
docker pull alpineshipyard/shipyard
docker pull swarm
docker pull shipyard/shipyard
docker pull rethinkdb
docker pull microbox/etcd
docker pull ehazlett/curl
docker pull shipyard/docker-proxy
四、若是訪問不了,請檢查你使用的瀏覽器,記得使用谷歌的chrome瀏覽器。
五、安裝Shipyard 的腳本地址: https://shipyard-project.com/deploy,有興趣的能夠看一看如何部署一個小型的容器應用。
其特性主要包括:
· 支持節點動態集羣,可擴展節點的規模(swarm、etcd方案)
· 支持鏡像管理、容器管理、節點管理等功能
· 可視化的容器管理和監控管理
· 在線容器console終端
二、 Shipyard中文版源代碼託管在github,有興趣能夠訪問git獲取代碼。
容器集羣工具
Kubernetes, Swarm, Mesos…
結論
編排、集羣以及管理容器顯然有多種選擇。話雖如此,但這些選擇通常都是高度分化的。在編排方面,咱們能夠說:
Swarm具備使用標準Docker接口的優點(及劣勢)。雖然這樣使得它與現有的工做流程交互起來簡單易用,但也可能對於支持更爲複雜的定義在定製接口的調度變得更加困難。
Fleet是底層級的並且至關簡單的編排層,它被於運行更高級別的編排工具,例如Kubernetes或者自定義系統。
Kubernetes是帶有服務發現和複製的編排工具。它可能須要從新設計一些現有的應用程序,可是正確地使用能夠提供一個可容錯和可擴展的系統。
Mesos是一種底層級、久經沙場的調度器,對於容器的編排,它支持多種frameworks,包括Marathon、Kubernetes、和Swarm。在寫這篇文章的時候,Kubernetes和Mesos比Swarm開發的更多以及更爲穩定。在規模上,只有Mesos已經證實了支持成百上千個節點的大型系統。可是,對於小的集羣比方說,還不到十幾個節點的集羣,用Mesos可能過於複雜。
本文部份內容參考了老男孩教育博客:http://blog.oldboyedu.com
- 1. Docker 實踐(二):使用教程
- 2. Docker開發實踐筆記二
- 3. Docker實踐
- 4. docker swarm實踐
- 5. Docker實踐(一)
- 6. docker 實踐
- 7. docker-nginx實踐
- 8. Docker 實踐
- 9. docker-compose實踐
- 10. Docker實踐 —— 安裝Docker
- 更多相關文章...
- • Thymeleaf項目實踐 - Thymeleaf 教程
- • Hibernate整合EHCache實現二級緩存 - Hibernate教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Java Agent入門實戰(二)-Instrumentation源碼概述
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. Docker 實踐(二):使用教程
- 2. Docker開發實踐筆記二
- 3. Docker實踐
- 4. docker swarm實踐
- 5. Docker實踐(一)
- 6. docker 實踐
- 7. docker-nginx實踐
- 8. Docker 實踐
- 9. docker-compose實踐
- 10. Docker實踐 —— 安裝Docker