1、基本概念node
鏡像(p_w_picpath):只讀的模板linux
容器(container):從鏡像建立的運行實例。nginx
鏡像是隻讀的,容器在啓動的時候建立一層可寫層做爲最上層。git
倉庫(repository):集中存放鏡像文件的場所 [git]github
2、安裝docker
$ sudo apt-get install apt-transport-https ca-certificatesshell
sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609Djson
$ sudo cat <<EOF > /etc/apt/sources.list.d/docker.listubuntu
deb https://apt.dockerproject.org/repo ubuntu-trusty maintomcat
EOF
$ sudo apt-get update
$ sudo apt-get install -y linux-p_w_picpath-extra-$(uname -r)
$ sudo apt-get install apparmor
$ sudo apt-get install linux-p_w_picpath-generic-lts-trusty
$ sudo apt-get install -y docker-engine
service docker restart
docker info
3、鏡像
docker pull ubuntu:14.04==docker pull registry.hub.docker.com/ubuntu:14.04
使用 docker p_w_picpaths 顯示本地已有的鏡像。
建立鏡像:
一、修改已有的鏡像
sudo docker commit -m "Added json gem" -a "Docker Newbee" 0b2616b0e5a8 ouruser/sinatra:v2
二、使用Dockerfile
基礎鏡像信息
維護者信息
鏡像操做指令
容器啓動時執行指令
示例:
mkdir /opt/docker-file/nginx
cd /opt/docker-file/nginx
[root@zhong-61 nginx]# more Dockerfile
# This is my first dockerfile uses the ubuntu p_w_picpath
# VERSION 1 - EDITION 1
# Author: zhong
# Base p_w_picpath to use, this must be set as the first line
FROM ubuntu
# Maintainer
MAINTAINER zhong zhong@email.com
# Commands to update the p_w_picpath
RUN echo "deb http://archive.ubuntu.com/ubuntu/ raring main universe" >> /etc/apt/sources.list
RUN apt-get update && apt-get install -y nginx
RUN echo "\ndaemon off;" >> /etc/nginx/nginx.conf
# Commands when creating a new container
CMD /usr/sbin/nginx
>-------------------------------------------------------------
執行:
docker build -t nginx-file:v1 /opt/docker-file/nginx/
[root@zhong-61 nginx]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
nginx-file v1 3bc95f4f5b41 19 seconds ago 353.1 MB
三、從本地文件系統導入
導出容器到本地文件:
docker export 0fe6f27ed8b2 > origin-tomcat.tar
導入容器快照:
cat origin-tomcat.tar | sudo docker import - ld/origin-tomcat:v1.0
存出鏡像:
docker save -o ubuntu_14.04.tar 192.168.88.66:5000/tomcat
載入鏡像:
docker load --input ubuntu_14.04.tar
docker load < ubuntu_14.04.tar(保留元數據信息 如tag等信息)
打標籤:
docker tag ld/origin-tomcat:v1.0 192.168.88.66:5000/origin-tomcat
上傳庫:
docker --insecure-registry 192.168.88.66:5000 push 192.168.88.66:5000/origin-zookeeper:v2.0
移除:
docker rmi 鏡像ID
docker rm 容器ID
4、容器
$ sudo docker run ubuntu:14.04 /bin/echo 'Hello world'
Hello world
-d 後臺運行
docker stop 中止
進入容器:nsenter 命令
$ wget https://www.kernel.org/pub/linux/utils/util-linux/v2.24/util-linux-2.24.tar.gz
$ tar xzvf util-linux-2.24.tar.gz
$ cd util-linux-2.24
$ ./configure --without-ncurses && make nsenter
$ sudo cp nsenter /usr/local/bin
下載 .bashrc_docker,並將內容放到 .bashrc 中。
wget -P ~ https://github.com/yeasy/docker_practice/raw/master/_local/.bashrc_docker
echo "[ -f ~/.bashrc_docker ] && . ~/.bashrc_docker" >> ~/.bashrc
source ~/.bashrc
docker-enter ID
清理全部處於終止狀態的容器:
docker rm $(docker ps -a -q)
5、倉庫
公有倉庫: Docker Hub 倉庫:https://hub.docker.com/ 超過 15,000 個鏡像
私有倉庫:$ sudo docker run -d -p 5000:5000 registry
查看私有倉庫中的鏡像:$ curl http://192.168.88.66:5000/v1/search
6、數據管理
掛載一個本地目錄做爲數據卷
-v /ld:/ld
掛載一個本地主機文件做爲數據卷
-v ~/.bash_history:/.bash_history
數據卷容器:
-v /dbdata --name dbdata
在其餘容器中使用 --volumes-from 來掛載 dbdata 容器中的數據卷。
docker run -d --volumes-from dbdata --name db1 ubuntu:14.04
7、網絡
外部訪問容器
經過 -P 或 -p 參數來指定端口映射。
隨機映射:
docker run -P
docker run -d -P --name mynginx1 nginx
指定映射:
-p hostPort:containerPort
-p ip:hostPort:containerPort
-p ip::containerPort
-p hostPort:containerPort
-p hostPort:containerPort
docker run -d -p 91:80 --name mynginx2 nginx
查看端口映射:
docker port shipyard-controller 8080
-p 標記能夠屢次使用來綁定多個端口
-p 5000:5000 -p 3000:80
容器互聯:
--link
固定IP地址:
*虛擬機橋接網口需開啓混雜模式。
一、修改宿主機IP地址,創建橋接網口
root@ubuntu:~# more /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto br0
iface br0 inet static
address 192.168.88.71
netmask 255.255.255.0
network 192.168.88.0
broadcast 192.168.88.255
bridge_ports p2p1
bridge_stp off
gateway 192.168.88.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 114.114.114.114
二、啓動時使用br0
root@ubuntu:~# more /etc/default/docker
DOCKER_OPTS="--insecure-registry 192.168.88.66:5000 -b=br0"
三、添加靜態IP地址
root@ubuntu:~# more manual_con_static_ip.sh
#/bin/bash
if [ -z $1 ] || [ -z $2 ] || [ -z $3 ] || [ -z $4 ] || [ -z $5 ];
then
echo "*****Input the necessary parameters: CONTAINERID IP MASK GATEWAY ETHNAME"
echo "*****Call the script like: sh manual_con_static_ip.sh b0e18b6a4432 192.168.88.70 24 192.168.88.1 eth1"
exit
fi
CONTAINERID=$1
SETIP=$2
SETMASK=$3
GATEWAY=$4
ETHNAME=$5
#判斷宿主機網卡是否存在
ifconfig $ETHNAME > /dev/null 2>&1
if [ $? -eq 0 ]; then
read -p "$ETHNAME exist,do you want delelte it? y/n " del
if [[ $del == 'y' ]]; then
ip link del $ETHNAME
else
exit
fi
fi
#
pid=`docker inspect -f '``.`State`.`Pid`' $CONTAINERID`
mkdir -p /var/run/netns
find -L /var/run/netns -type l -delete
if [ -f /var/run/netns/$pid ]; then
rm -f /var/run/netns/$pid
fi
ln -s /proc/$pid/ns/net /var/run/netns/$pid
#
ip link add $ETHNAME type veth peer name B
brctl addif br0 $ETHNAME
ip link set $ETHNAME up
ip link set B netns $pid
#先刪除容器內已存在的eth0
ip netns exec $pid ip link del eth0 > /dev/null 2>&1
#設置容器新的網卡eth0
ip netns exec $pid ip link set dev B name eth0
ip netns exec $pid ip link set eth0 up
ip netns exec $pid ip addr add $SETIP/$SETMASK dev eth0
ip netns exec $pid ip route add default via $GATEWAY
8、圖形化管理:shipyard
https://shipyard-project.com/docs/deploy/automated/自動安裝
示例:
http://192.168.88.66:8080/
admin/shipyard
增長node:
curl -sSL https://shipyard-project.com/deploy | ACTION=node DISCOVERY=etcd://192.168.88.66:4001 bash -s
9、微容器:alpine linux
https://wiki.alpinelinux.org/wiki/Alpine_Linux_package_management
參考文檔:
Docker —— 從入門到實踐:
https://www.gitbook.com/book/yeasy/docker_practice/details
Docker爲容器分配指定物理網段的靜態IP:
http://www.xiaomastack.com/2015/02/06/docker-static-ip/
附:Docker Commands
attach Attach to a running container # 當前shell下attach鏈接指定運行鏡像
build Build an p_w_picpath from a Dockerfile # 經過Dockerfile定製鏡像
commit Create a new p_w_picpath from a container's changes # 提交當前容器爲新的鏡像
cp Copy files/folders from the containers filesystem to the host path # 從容器中拷貝指定文件或者目錄到宿主機中
diff Inspect changes on a container's filesystem # 查看docker容器變化
events Get real time events from the server # 從docker服務獲取容器實時事件
export Stream the contents of a container as a tar archive # 導出容器的內容流做爲一個tar歸檔文件[對應import]
history Show the history of an p_w_picpath # 展現一個鏡像造成歷史
p_w_picpaths List p_w_picpaths # 列出系統當前鏡像
import Create a new filesystem p_w_picpath from the contents of a tarball # 從tar包中的內容建立一個新的文件系統映像[對應export]
info Display system-wide information # 顯示系統相關信息
inspect Return low-level information on a container # 查看容器詳細信息
kill Kill a running container # kill指定docker容器
load Load an p_w_picpath from a tar archive # 從一個tar包中加載一個鏡像[對應save]
login Register or Login to the docker registry server # 註冊或者登錄一個docker源服務器
logs Fetch the logs of a container # 輸出當前容器日誌信息
port Lookup the public-facing port which is NAT-ed to PRIVATE_PORT # 查看映射端口對應的容器內部源端口
pause Pause all processes within a container # 暫停容器
ps List containers # 列出容器列表
pull Pull an p_w_picpath or a repository from the docker registry server # 從docker鏡像源服務器拉取指定鏡像或者庫鏡像
push Push an p_w_picpath or a repository to the docker registry server # 推送指定鏡像或者庫鏡像至docker源服務器
restart Restart a running container # 重啓運行的容器
rm Remove one or more containers # 移除一個或者多個容器
rmi Remove one or more p_w_picpaths # 移除一個或多個鏡像[無容器使用該鏡像纔可刪除,不然需刪除相關容器纔可繼續或-f強制刪除]
run Run a command in a new container # 在一個新的容器中運行一個命令
save Save an p_w_picpath to a tar archive # 保存一個鏡像爲一個tar包[對應load]
search Search for an p_w_picpath in the docker index # 在docker index中搜索鏡像
start Start a stopped containers # 啓動容器
stop Stop a running containers # 中止容器
tag Tag an p_w_picpath into a repository # 給源中鏡像打標籤
top Lookup the running processes of a container # 查看容器中運行的進程信息
unpause Unpause a paused container # 取消暫停容器
version Show the docker version information # 查看docker版本號
wait Block until a container stops, then print its exit code # 截取容器中止時的退出狀態值
整理以上命令:
容器生命週期管理 — docker [run|start|stop|restart|kill|rm|pause|unpause]
容器操做運維 — docker [ps|inspect|top|attach|events|logs|wait|export|port]
容器rootfs命令 — docker [commit|cp|diff]
鏡像倉庫 — docker [login|pull|push|search]
本地鏡像管理 — docker [p_w_picpaths|rmi|tag|build|history|save|import]
其餘命令 — docker [info|version]