27.docker
1.容器
1.1什麼是容器
容器是在隔離的環境中運行一個進程。 這個隔離的環境有本身的系統目錄文件,有本身的ip地址,主機名等 容器是一種輕量級的虛擬化技術。
1.2容器的好處
1.容器能提供接近宿主機的性能,由於共用宿主機的內核。KVM因爲須要模擬CPU,硬件資源,因此會會消耗部分資源。 2.一樣硬件配置,宿主機最多啓動10個虛擬機,但能夠啓動100+個容器。 3.啓動KVM虛擬機,要完成整個Linux開機啓動流程。啓動容器不要要,直接啓動服務,中間流程所有精簡,只須要一秒鐘就能啓動。 4.KVM須要硬件CPU的支持,容器不須要。 5.KVM虛擬機每一個有獨立的操做系統,容器共用操做系統,共用內核。
linux開機啓動流程: bios開機硬件自檢 根據bios設置的優先啓動項 讀取mbr引導 加載內核 啓動第一個進程/sbin/init 執行系統初始化腳本/etc/rc.d/rc.sysinit完成系統初始化 運行想要的服務sshd
1.3容器的發展史
1)chroot技術 chroot,即change root directory(更改root目錄),在linux操做系統中,系統默認以‘/’爲根目錄。 使用chroot後,系統的目錄結構將會以指定的位置做爲根目錄。 2)lxc容器 全稱:linux container,經過namespace命名空間實現資源隔離,cgroups實現資源的限制,提供相似虛擬機的體驗。 3)docker容器 早期的docker容器底層就是調用lxc,後期才換成了libcontainer。
2 docker容器
2.1docker容器
Docker是經過內核虛擬化技術(namespace及cgroups)實現資源的隔離與資源限制。 因爲Docker經過操做系統層的虛擬化實現隔離,對操做系統內核有要求,因此Docker容器運行時,不須要相似KVM額外的系統開銷,於是比KVM虛擬機更輕量。
2.2docker理念
docker主要目標是"Build,Ship and Run any App,Angwhere",構建,運輸,到處運行 構建:製做docker鏡像,打包容器的全部系統目錄文件 運輸:下載docker鏡像 運行:基於docker鏡像提供的rootfs,啓動容器 總結:只要能運行docker容器,那麼docker鏡像中已經安裝好的軟件也能夠運行,因此說docker是一種軟件的打包技術。
2.3docker優勢
1:解決了操做系統和軟件運行環境的依賴 nginx openssl git openssl 2:對於開發人員來講,不再用擔憂不會部署開發環境 3:開發環境,測試環境和生產環境高度一致。 4:讓用戶體驗產品新特性的又一種思路。
2.4docker安裝與啓動
須要3.10的內核
[root@m03 ~]# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core)
[root@m03 ~]# uname -r
3.10.0-693.el7.x86_64
[root@m03 ~]#
安裝
yum install -y docker-io
啓動docker
systemctl start docker
systemctl enable docker
查看狀態
[root@m03 cgroup]# systemctl sta
start status
[root@m03 cgroup]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2019-08-27 11:15:12 CST; 1h 50min ago
Docs: http://docs.docker.com
Main PID: 1775 (dockerd-current)
CGroup: /system.slice/docker.service
├─1775 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-cur...
└─1781 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-cont...
Aug 27 11:15:11 m03 dockerd-current[1775]: time="2019-08-27T11:15:11.804737630+08:00" level=warning ...tem"
Aug 27 11:15:11 m03 dockerd-current[1775]: time="2019-08-27T11:15:11.845641952+08:00" level=info msg...nds"
Aug 27 11:15:11 m03 dockerd-current[1775]: time="2019-08-27T11:15:11.846422068+08:00" level=info msg...rt."
Aug 27 11:15:11 m03 dockerd-current[1775]: time="2019-08-27T11:15:11.945520598+08:00" level=info msg...lse"
Aug 27 11:15:12 m03 dockerd-current[1775]: time="2019-08-27T11:15:12.090572937+08:00" level=info msg...ess"
Aug 27 11:15:12 m03 dockerd-current[1775]: time="2019-08-27T11:15:12.158684880+08:00" level=info msg...ne."
Aug 27 11:15:12 m03 dockerd-current[1775]: time="2019-08-27T11:15:12.171561097+08:00" level=info msg...ion"
Aug 27 11:15:12 m03 dockerd-current[1775]: time="2019-08-27T11:15:12.171604104+08:00" level=info msg...13.1
Aug 27 11:15:12 m03 systemd[1]: Started Docker Application Container Engine.
Aug 27 11:15:12 m03 dockerd-current[1775]: time="2019-08-27T11:15:12.183700012+08:00" level=info msg...ock"
Hint: Some lines were ellipsized, use -l to show in full.
2.5docker的架構
docker最重要的三大組件: 鏡像,容器,倉庫 docker是一個cs架構: 經過docker version來查看 [root@m03 yum.repos.d]# docker version Client: Version: 1.13.1 API version: 1.26 Package version: docker-1.13.1-102.git7f2769b.el7.centos.x86_64 Go version: go1.10.3 Git commit: 7f2769b/1.13.1 Built: Mon Aug 5 15:09:42 2019 OS/Arch: linux/amd64 Server: Version: 1.13.1 API version: 1.26 (minimum version 1.12) Package version: docker-1.13.1-102.git7f2769b.el7.centos.x86_64 Go version: go1.10.3 Git commit: 7f2769b/1.13.1 Built: Mon Aug 5 15:09:42 2019 OS/Arch: linux/amd64 Experimental: false
2.6啓動第一個Docker容器
配置docker鏡像加速
vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
systemctl restart docker
docker容器是一種軟件的打包技術,接下來咱們體驗一下 傳統編譯安裝nginx: 官網下載Nginx源碼包wget tar解壓源碼包 建立Nginx用戶 安裝依賴包 編譯安裝三部曲configure,make,make install 修改nginx配置文件 啓動nginx docker容器 docker run -d -p 80:80 nginx run (建立並運行一個容器) -d 放在後臺 -p 端口映射 nginx docker鏡像的名字
2.7docker鏡像管理
2.7.1搜索鏡像
[root@m03 ~]# docker search httpd 選鏡像的建議: 1,優先考慮官方 2,starts數量多 [root@m03 ~]# docker search httpd INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/httpd The Apache HTTP Server Project 2614 [OK] docker.io docker.io/centos/httpd 24 [OK] docker.io docker.io/centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or b... 22 docker.io docker.io/arm32v7/httpd The Apache HTTP Server Project 8 docker.io docker.io/armhf/httpd The Apache HTTP Server Project 8 docker.io docker.io/salim1983hoop/httpd24 Dockerfile running apache config 2 [OK] docker.io docker.io/lead4good/httpd-fpm httpd server which connects via fcgi proxy... 1 [OK] docker.io docker.io/rgielen/httpd-image-simple Docker image for simple Apache httpd based... 1 [OK] docker.io docker.io/alvistack/httpd Docker Image Packaging for Apache 0 [OK] docker.io docker.io/amd64/httpd The Apache HTTP Server Project 0 docker.io docker.io/appertly/httpd Customized Apache HTTPD that uses a PHP-FP... 0 [OK] docker.io docker.io/buzzardev/httpd Based on the official httpd image 0 [OK] docker.io docker.io/dockerpinata/httpd 0 docker.io docker.io/interlutions/httpd httpd docker image with debian-based confi... 0 [OK] docker.io docker.io/itsziget/httpd24 Extended HTTPD Docker image based on the o... 0 [OK] docker.io docker.io/izdock/httpd Production ready Apache HTTPD Web Server +... 0 docker.io docker.io/manageiq/httpd Container with httpd, built on CentOS for ... 0 [OK] docker.io docker.io/manageiq/httpd_configmap_generator Httpd Configmap Generator 0 [OK] docker.io docker.io/manasip/httpd 0 docker.io docker.io/ppc64le/httpd The Apache HTTP Server Project 0 docker.io docker.io/publici/httpd httpd:latest 0 [OK] docker.io docker.io/solsson/httpd-openidc mod_auth_openidc on official httpd image, ... 0 [OK] docker.io docker.io/trollin/httpd 0 docker.io docker.io/tugboatqa/httpd The Apache HTTP Server Project 0 docker.io docker.io/waja/httpdiff Docker image for httpdiff: https://github.... 0 [OK]
2.7.2獲取鏡像
獲取鏡像:
docker pull(push)
鏡像加速器:阿里雲加速器,daocloud加速器,中科大加速器,Docker 中國官方鏡像加速:https://registry.docker-cn.com
docker pull centos:6.8(沒有指定版本,默認會下載最新版)
docker pull daocloud.io/huangzhichong/alpine-cn:latest (私有倉庫下載)
擴展:查詢docker鏡像全部版本https://hub.docker.com/r/library/
2.7.3docker鏡像其餘操做
查看鏡像
docker images
刪除鏡像
docker rmi 例子:docker image rm centos:latest
導出鏡像
docker save 例子:docker image save centos > docker-centos7.4.tar.gz
導入鏡像
docker load 例子:docker image load -i docker-centos7.4.tar.gz
查看鏡像 [root@m03 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/httpd 2.4 7d85cc3b2d80 5 days ago 154 MB docker.io/centos latest 67fa590cfc1c 6 days ago 202 MB docker.io/nginx latest 5a3221f0137b 11 days ago 126 MB docker.io/centos 6.8 82f3b5f3c58f 5 months ago 195 MB docker.io/centos/httpd latest 2cc07fbb5000 8 months ago 258 MB
一臺服務器不能聯網,怎樣導入docker鏡像
m03服務器上導出鏡像 [root@m03 ~]# docker image save httpd:2.4 >docker-httpd-2.4.tar.gz [root@m03 ~]# ll total 155296 -rw-------. 1 root root 1813 Mar 19 17:42 anaconda-ks.cfg -rw-r--r-- 1 root root 159015936 Aug 27 13:58 docker-httpd-2.4.tar.gz [root@m03 ~]# scp -r docker-httpd-2.4.tar.gz 10.0.0.62:/ The authenticity of host '10.0.0.62 (10.0.0.62)' cant be established. ECDSA key fingerprint is SHA256:Ka9BMYk6kC3Do+tYMLHVaNYdiKe8It208D+ctt/mBJE. ECDSA key fingerprint is MD5:bb:ce:ec:f9:ce:e3:25:51:84:83:a8:29:b0:68:59:f0. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.0.0.62' (ECDSA) to the list of known hosts. root@10.0.0.62s password: docker-httpd-2.4.tar.gz 100% 152MB 54.0MB/s 00:02 [root@m03 ~]#
m02服務器上導入鏡像 [root@m02 /]# systemctl start docker [root@m02 /]# docker image load -i docker-httpd-2.4.tar.gz 1c95c77433e8: Loading layer 72.47 MB/72.47 MB 5bcb93651a74: Loading layer 2.56 kB/2.56 kB 8b16516271d6: Loading layer 36.7 MB/36.7 MB 7a0960d9b679: Loading layer 49.8 MB/49.8 MB 9e0ab3afff15: Loading layer 3.584 kB/3.584 kB Loaded image: httpd:2.4 [root@m02 /]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE httpd 2.4 7d85cc3b2d80 5 days ago 154 MB
刪除鏡像,根據IMAGE ID刪除。 [root@m02 /]# docker image rm 7d85cc3b2d80 Untagged: httpd:2.4 Deleted: sha256:7d85cc3b2d8064182718e70ca9f9601a309bb7499db680e15c3231a0b350a42e Deleted: sha256:51d45e63b0d614f0c5f29a1d084c5e5de7172d29759779d1a4be4a6a23fe8146 Deleted: sha256:fcf8e3874f532184a2e2921b08a19fff19be0a5780ae880b5767de241fe8ab8f Deleted: sha256:6b6b51bc4f21f666d01bf39241b7a3a80bd9eb292441a56a3e6be64f3c159fad Deleted: sha256:d2b23cec91935d11520968e82edc529aa4cfb39a795178cd7e0a7dd117878005 Deleted: sha256:1c95c77433e8d7bf0f519c9d8c9ca967e2603f0defbf379130d9a841cca2e28e
2.8docker容器管理
2.8.1運行一個容器
docker run -d -p 80:80 nginx:latest run (建立並運行一個容器) -d 放在後臺 -p 端口映射 nginx:latest docker鏡像的名字和版本 還有不少其餘的參數 docker run == docker create + docker start
[root@m03 cgroup]# docker run -d -p 80:80 nginx:latest 37df2d9d0f79bc5b5d4673fbdbb7952a1525478582b29f31e2e0036977649757 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 37df2d9d0f79 nginx:latest "nginx -g 'daemon ..." 5 seconds ago Up 5 seconds 0.0.0.0:80->80/tcp quizzical_wing [root@m03 cgroup]#
2.8.2其餘命令
中止容器
docker stop CONTAINER_ID
殺死容器
docker kill container_name
查看容器列表
docker ps
docker ps –a
刪除容器
docker rm
批量刪除容器
docker rm -f `docker ps -a -q`
-- docker stop [root@m03 cgroup]# docker stop 37df2d9d0f79 37df2d9d0f79 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 37df2d9d0f79 nginx:latest "nginx -g 'daemon ..." 2 minutes ago Exited (0) 10 seconds ago quizzical_wing -- docker start [root@m03 cgroup]# docker start 37df2d9d0f79 37df2d9d0f79 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 37df2d9d0f79 nginx:latest "nginx -g 'daemon ..." 2 minutes ago Up 20 seconds 0.0.0.0:80->80/tcp quizzical_wing --docker kill [root@m03 cgroup]# docker kill 37df2d9d0f79 37df2d9d0f79 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 37df2d9d0f79 nginx:latest "nginx -g 'daemon ..." 3 minutes ago Exited (137) 2 seconds ago quizzical_wing -- docker rm [root@m03 cgroup]# docker rm 37df2d9d0f79 37df2d9d0f79 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@m03 cgroup]# -- docker rm -f `docker ps -a -q` [root@m03 cgroup]# docker run -d -p 80:80 nginx bf5d45c04de7c35317da8d40bcb12021fa2561e234c3935411f36509d5dc0d5a [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bf5d45c04de7 nginx "nginx -g 'daemon ..." 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp goofy_lalande [root@m03 cgroup]# docker rm -f `docker ps -a -q` bf5d45c04de7 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@m03 cgroup]#
2.8.3Docker run
docker run -it --name centos6 centos:6.8 /bin/bash ## 退出容器後,容器就中止了,狀態爲Exited -it 分配交互式的終端 --name 指定容器的名字 /bin/sh 覆蓋容器的初始命令 --cpus 指定cpu的數量 --memory 限定內存的大小 -h 指定容器的主機名
[root@m03 cgroup]# docker run -it --name my_centos centos /bin/bash [root@7a186083a51d /]# ifconfig bash: ifconfig: command not found [root@7a186083a51d /]# ipaddr bash: ipaddr: command not found [root@7a186083a51d /]# ip addr bash: ip: command not found [root@7a186083a51d /]# hostname 7a186083a51d [root@7a186083a51d /]# ls anaconda-post.log bin dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var [root@7a186083a51d /]# exit exit ## 退出容器後,容器就中止了,狀態爲Exited [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a186083a51d centos "/bin/bash" 46 seconds ago Exited (0) 4 seconds ago my_centos [root@m03 cgroup]#
2.8.4docker進入容器
進入容器的目的:排錯,調試
進入容器的方法:
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
例子:
docker exec -it 容器id或容器名字 /bin/bash
推薦該方法,exit退出容器後,容器狀態不會改變
docker attach [OPTIONS] CONTAINER
例子:
docker attach 容器id或容器名字
不推薦使用,exit退出容器後,容器就中止了
nsenter(安裝yum install -y util-linux 棄用)
-- docker exec -it [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a186083a51d centos "/bin/bash" 46 seconds ago Exited (0) 4 seconds ago my_centos [root@m03 cgroup]# docker start 7a186083a51d 7a186083a51d [root@m03 cgroup]# docker exec -it 7a186083a51d "docker exec" requires at least 2 argument(s). See 'docker exec --help'. Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...] Run a command in a running container [root@m03 cgroup]# docker exec -it 7a186083a51d /bin/bash [root@7a186083a51d /]# ls anaconda-post.log bin dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var [root@7a186083a51d /]# ifconfig bash: ifconfig: command not found [root@7a186083a51d /]# exit exit [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a186083a51d centos "/bin/bash" 12 minutes ago Up 35 seconds my_centos [root@m03 cgroup]#
-- docker attach [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a186083a51d centos "/bin/bash" 15 minutes ago Up 3 minutes my_centos [root@m03 cgroup]# docker attach 7a186083a51d [root@7a186083a51d /]# exit exit [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a186083a51d centos "/bin/bash" 16 minutes ago Exited (0) 6 seconds ago my_centos [root@m03 cgroup]#
2.8.5docker容器的核心理念
docker的本質是:在隔離的環境運行的一個進程 因此:docker容器內的第一個進程必須一直處於前臺運行的狀態(必須夯住),不然這個容器,就會處於退出狀態!
nginx -g 'daemon off'因爲建立一個nginx容器,會在容器中運行nginx -g 'daemon off命令,該命令會一直在容器中運行,因此建立後,容器是Up狀態 [root@m03 cgroup]# docker run -d nginx 306c620d3736be79b1b4bcd9e00c987b11cf338ba107eb5eab11a6667273754f [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 306c620d3736 nginx "nginx -g 'daemon off" 4 seconds ago Up 4 seconds 80/tcp xenodochial_hawking 建立centos容器,會在容器內部運行/bin/bash命令,不會一直在容器中的前臺運行,因此建立容器後,容器處於Exit狀態。 [root@m03 cgroup]# docker run -d centos 4c71e36149c8b8900d8e1e29e70f7a51a454a4f249b66e095cb2d686e54755fd [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4c71e36149c8 centos "/bin/bash" 4 seconds ago Exited (0) 3 seconds ago cranky_bohr 306c620d3736 nginx "nginx -g 'daemon ..." 15 seconds ago Up 14 seconds 80/tcp xenodochial_hawking 能夠本身設置一個一直處於運行的命令,tail -F 無論後面的文件是否存在,都不會報錯。這樣建立的容器也是處於Up狀態 [root@m03 cgroup]# docker run -d centos tail -F /var/log/messages a24f4f2131aed27d81d038bbdaadd335cf9040535c667e6329adf05bd89c4a62 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a24f4f2131ae centos "tail -F /var/log/..." 5 seconds ago Up 4 seconds kickass_mayer 4c71e36149c8 centos "/bin/bash" 43 seconds ago Exited (0) 41 seconds ago cranky_bohr 306c620d3736 nginx "nginx -g 'daemon ..." 54 seconds ago Up 53 seconds 80/tcp xenodochial_hawking [root@m03 cgroup]#
2.9docker容器的網絡訪問
2.9.1端口映射
運行容器爲何要使用端口映射?
默認,狀況下,容器使用的ip是172.17.0.0/16網段的,外界的用戶只能訪問宿主機的10.0.0.0/24網段,沒法訪問172.17.0.0/16網段。
咱們運行容器的目的:是但願運行在容器中的服務,可以被外界訪問,這裏就涉及到了外網10.0.0.0/24到容器內網172.17.0.0/16網段的轉換,因此須要作端口映射。
-p hostPort:containerPort
[root@m03 cgroup]# docker ps -a -q
[root@m03 cgroup]# docker run -d -p 80:80 nginx
188958c08e0dc4055c8f7d86c226bc0f9b6f825fb2304715af7e2709bfec1810
[root@m03 cgroup]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
188958c08e0d nginx "nginx -g 'daemon ..." 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp eager_colden
-- 自動添加iptables規則
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
[root@m03 cgroup]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80
--查看容器信息
[root@m03 cgroup]# docker container inspect 188958c08e0d
[
{
"Id": "188958c08e0dc4055c8f7d86c226bc0f9b6f825fb2304715af7e2709bfec1810",
"Created": "2019-08-27T07:26:32.841177491Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 5901,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-08-27T07:26:33.010641251Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5a3221f0137beb960c34b9cf4455424b6210160fd618c5e79401a07d6e5a2ced",
"ResolvConfPath": "/var/lib/docker/containers/188958c08e0dc4055c8f7d86c226bc0f9b6f825fb2304715af7e2709bfec1810/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/188958c08e0dc4055c8f7d86c226bc0f9b6f825fb2304715af7e2709bfec1810/hostname",
"HostsPath": "/var/lib/docker/containers/188958c08e0dc4055c8f7d86c226bc0f9b6f825fb2304715af7e2709bfec1810/hosts",
"LogPath": "",
"Name": "/eager_colden",
"RestartCount": 0,
"Driver": "overlay2",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "journald",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "80"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "docker-runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Name": "overlay2",
"Data": {
"LowerDir": "/var/lib/docker/overlay2/13e745a873308d509df42f30dd6e45e9f6983540d73275cc9a6dc07356fdae8d-init/diff:/var/lib/docker/overlay2/43b1a03284cf713dde01a409ee94e34dd4063bd65771108f47a32d4f1f0dc4a0/diff:/var/lib/docker/overlay2/26cc92d5f67e41b39fe1041a37ef4541e3b9e9f777c6e5587651e0e2a9d97a2c/diff:/var/lib/docker/overlay2/638ccce05954d221feececeff185decd98c16cad615ed56117078f92c8deb7b0/diff",
"MergedDir": "/var/lib/docker/overlay2/13e745a873308d509df42f30dd6e45e9f6983540d73275cc9a6dc07356fdae8d/merged",
"UpperDir": "/var/lib/docker/overlay2/13e745a873308d509df42f30dd6e45e9f6983540d73275cc9a6dc07356fdae8d/diff",
"WorkDir": "/var/lib/docker/overlay2/13e745a873308d509df42f30dd6e45e9f6983540d73275cc9a6dc07356fdae8d/work"
}
},
"Mounts": [],
"Config": {
"Hostname": "188958c08e0d",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.3",
"NJS_VERSION=0.3.5",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"ArgsEscaped": true,
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "e9f1b8b31d8609b92479c5bc64d2c539d9289d4a5c299624ae3086e25f5611a4",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "80"
}
]
},
"SandboxKey": "/var/run/docker/netns/e9f1b8b31d86",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "03d54b2dee1683609c98b095580b24d9d48a47101ca5570fe1c8e2fddaab27c5",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "b4e25627913f0b002b9bf37077d83ee75381ebc2d36b8b05a2ae7701db67b0ee",
"EndpointID": "03d54b2dee1683609c98b095580b24d9d48a47101ca5570fe1c8e2fddaab27c5",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
}
]
2.9.2docker運行容器端口映射的方法
指定映射(docker 自動添加一條iptables規則實現端口映射)
-p hostPort:containerPort
-p ip:hostPort:containerPort
-p ip::containerPort(隨機端口)
-p hostPort:containerPort:udp
-p 81:80 -p 443:443 能夠指定多個-p
隨機映射
docker run -P (隨機端口)
-p hostPort:containerPort -- 宿主機的8080端口映射到容器的80端口 [root@m03 cgroup]# docker run -d -p 8080:80 nginx a7492f5524975b611a8f6cd9f9113e7886d90b4d2e7daa513d01e8f583d74805
-- -p ip:hostPort:containerPort --宿主機的多個IP映射 [root@m03 cgroup]# ifconfig eth0:1 10.0.0.111/24 up -- 在m02上測試ip是否通 [root@m02 /]# ping 10.0.0.111 PING 10.0.0.111 (10.0.0.111) 56(84) bytes of data. 64 bytes from 10.0.0.111: icmp_seq=1 ttl=64 time=0.896 ms 64 bytes from 10.0.0.111: icmp_seq=2 ttl=64 time=0.491 ms ^C --- 10.0.0.111 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1004ms rtt min/avg/max/mdev = 0.491/0.693/0.896/0.204 ms [root@m02 /]# [root@m03 cgroup]# docker run -d -p 10.0.0.111:82:80 nginx:latest ddbc8ae2170dfd64ef65d7d63f6f522756ab06bafdc30b09c72af22262366a1e [root@m03 cgroup]# docker run -d -p 10.0.0.63:82:80 nginx:latest cd4d9a6080667636941068be22de132a97d084fb09ed476208d8e31371badd0b [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cd4d9a608066 nginx:latest "nginx -g 'daemon ..." 3 seconds ago Up 2 seconds 10.0.0.63:82->80/tcp sad_wright ddbc8ae2170d nginx:latest "nginx -g 'daemon ..." 7 seconds ago Up 6 seconds 10.0.0.111:82->80/tcp wizardly_pasteur [root@m03 cgroup]#
-- -p ip::containerPort(隨機端口) [root@m03 cgroup]# docker run -d -p 10.0.0.111::80 nginx:latest 68eb270e308b7f31b7bffcd51f208d5c6c0677d20b0d452d996d200b472f9766 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 68eb270e308b nginx:latest "nginx -g 'daemon ..." 4 seconds ago Up 3 seconds 10.0.0.111:32770->80/tcp angry_fermi [root@m03 cgroup]#
--docker run -P (隨機端口) [root@m03 cgroup]# docker run -d -P nginx b0d676c41a9f5859b5191cbde53b43196dc2443235709d16cb7775edb2e21f18 [root@m03 cgroup]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b0d676c41a9f nginx "nginx -g 'daemon ..." 4 seconds ago Up 3 seconds 0.0.0.0:32769->80/tcp nifty_kilby b07ae7c044c9 nginx "nginx -g 'daemon ..." 11 seconds ago Exited (0) 8 seconds ago vibrant_kalam [root@m03 cgroup]#
2.9.3 上網原理
上網功能須要開啓內核轉發功能 這裏docker會自動開啓 [root@m03 cgroup]# sysctl -a|grep ip_forward sysctl: reading key "net.ipv6.conf.all.stable_secret" sysctl: reading key "net.ipv6.conf.default.stable_secret" net.ipv4.ip_forward = 1
2.10數據卷存儲
2.10.1數據卷命令
數據卷的做用: 1:持久化容器運行過程當中產生的數據文件 2:實現多個容器間的文件共享。 正常狀況下,刪除容器,容器中全部的文件也會被刪除。
建立一個數據卷
docker volume create
查看數據卷列表
docker volume ls
刪除一個數據卷
docker volume rm
查看一個數據卷的屬性
docker volume inspect
2.10.2數據卷應用
docker volume create my_volume docker run -d -p 80:80 -v my_volume:/usr/share/nginx/html nginx:latest cd /var/lib/docker/volumes/my_volume/_data/ rm -f * wget https://www.qstack.com.cn/xiaoniaofeifei.zip unzip xiaoniaofeifei.zip docker run -d -p 81:80 -v my_volume:/usr/share/nginx/html nginx:latest docker run -d -p 82:80 --volumes-from 51fa89744927 nginx:latest
查看數據卷 [root@m03 cgroup]# docker volume ls DRIVER VOLUME NAME 建立數據卷 [root@m03 cgroup]# docker volume create my_volume my_volume [root@m03 cgroup]# docker volume ls DRIVER VOLUME NAME local my_volume 使用數據卷 [root@m03 cgroup]# docker run -d -p 80:80 -v my_volume:/usr/share/nginx/html nginx:latest e8e2765fafcdcb5c4f4ce3a45a599f0983538ff6be169265b2533b0cfe82ab10 查看 [root@m03 cgroup]# cd /var/lib/docker/volumes/my_volume/ [root@m03 my_volume]# ll total 0 drwxr-xr-x 2 root root 40 Aug 27 16:01 _data [root@m03 my_volume]# cd _data/ [root@m03 _data]# ll total 8 -rw-r--r-- 1 root root 494 Aug 13 16:50 50x.html -rw-r--r-- 1 root root 612 Aug 13 16:50 index.html [root@m03 _data]# pwd /var/lib/docker/volumes/my_volume/_data [root@m03 _data]# 刪除容器,文件仍然存在 [root@m03 _data]# docker rm -f e8e2765fafcd e8e2765fafcd [root@m03 _data]# ll total 8 -rw-r--r-- 1 root root 494 Aug 13 16:50 50x.html -rw-r--r-- 1 root root 612 Aug 13 16:50 index.html 修改卷中的內容 [root@m03 _data]# echo "hello" > index.html 從新啓動一個容器,使用改卷 [root@m03 _data]# docker run -d -p 8080:80 -v my_volume:/usr/share/nginx/html nginx 51fa89744927eb6189dace47e2891f48df0f711a4e0d68519d89759a1144970a 進入容器中,查看/usr/share/nginx/html中內容與宿主機my_volume卷對應的內容相同 [root@m03 _data]# docker exec -it 51fa89744927 /bin/bash root@51fa89744927:/# cd /usr/ bin/ games/ include/ lib/ local/ sbin/ share/ src/ root@51fa89744927:/# cd /usr/share/nginx/html/ root@51fa89744927:/usr/share/nginx/html# ls 50x.html index.html root@51fa89744927:/usr/share/nginx/html# exit exit [root@m03 _data]# ll total 8 -rw-r--r-- 1 root root 494 Aug 13 16:50 50x.html -rw-r--r-- 1 root root 6 Aug 27 16:10 index.html
--volumes-from [root@m03 _data]# docker run -d -p 82:80 --volumes-from 51fa89744927 nginx:latest 7a6b9d7900b0eb36c46da4100153877430d8c0df751bfd6c1c8581dda331d64a [root@m03 _data]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7a6b9d7900b0 nginx:latest "nginx -g 'daemon ..." 7 seconds ago Up 6 seconds 0.0.0.0:82->80/tcp frosty_blackwell 51fa89744927 nginx "nginx -g 'daemon ..." 9 minutes ago Up 9 minutes 0.0.0.0:8080->80/tcp hungry_visvesvaraya [root@m03 _data]#
2.10.3宿主機的目錄掛載到容器中
[root@m03 opt]# mkdir my_dir [root@m03 opt]# cd my_dir/ [root@m03 my_dir]# echo "hello my_dir" > index.html [root@m03 my_dir]# docker run -d -p 83:80 -v /opt/my_dir:/usr/share/nginx/html/ nginx:latest 1c063420213127426bb0323cca6efb6f0e7f45e213ed342cc169e2bd98c57855 [root@m03 my_dir]#
相關文章
- 1. 2020-10-27 Centos虛擬機安裝Docker
- 2. 27
- 3. 18-27
- 4. LeetCode 27
- 5. 27、FilePicker
- 6. 27 LNMP
- 7. day 27
- 8. 2-27
- 9. leetcode 27
- 10. 27.sed
- 更多相關文章...
- • Docker Dockerfile - Docker教程
- • Docker Machine - Docker教程
- • Docker 清理命令
- • Docker容器實戰(一) - 封神Server端技術
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. Appium入門
- 2. Spring WebFlux 源碼分析(2)-Netty 服務器啓動服務流程 --TBD
- 3. wxpython入門第六步(高級組件)
- 4. CentOS7.5安裝SVN和可視化管理工具iF.SVNAdmin
- 5. jedis 3.0.1中JedisPoolConfig對象缺少setMaxIdle、setMaxWaitMillis等方法,問題記錄
- 6. 一步一圖一代碼,一定要讓你真正徹底明白紅黑樹
- 7. 2018-04-12—(重點)源碼角度分析Handler運行原理
- 8. Spring AOP源碼詳細解析
- 9. Spring Cloud(1)
- 10. python簡單爬去油價信息發送到公衆號
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 2020-10-27 Centos虛擬機安裝Docker
- 2. 27
- 3. 18-27
- 4. LeetCode 27
- 5. 27、FilePicker
- 6. 27 LNMP
- 7. day 27
- 8. 2-27
- 9. leetcode 27
- 10. 27.sed