27-1docker續集
2.11手動製做鏡像
2.11.1製做支持ssh遠程登錄的docker鏡像
1:啓動容器安裝軟件服務 [root@m03 my_dir]# docker run -it -p 1022:22 --name my_ssh centos:6.9 ##進入了容器中 [root@26d39f3470fc /]# yum install openssh-server ## 生成祕鑰對 [root@26d39f3470fc /]# /etc/init.d/sshd start Generating SSH2 RSA host key: [ OK ] Generating SSH1 RSA host key: [ OK ] Generating SSH2 DSA host key: [ OK ] Starting sshd: [ OK ] ## 查看端口 [root@26d39f3470fc /]# netstat -antlp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 116/sshd tcp 0 0 :::22 :::* LISTEN 116/sshd [root@26d39f3470fc /]# ## 設置root密碼 [root@26d39f3470fc /]# passwd Changing password for user root. New password: BAD PASSWORD: it is too simplistic/systematic BAD PASSWORD: is too simple Retype new password: passwd: all authentication tokens updated successfully. 測試ssh服務 [root@m02 /]# ssh root@10.0.0.63 -p 1022 Warning: Permanently added '[10.0.0.63]:1022' (RSA) to the list of known hosts. root@10.0.0.63s password: [root@26d39f3470fc ~]# [root@26d39f3470fc /]# exit exit 2:將安裝好服務的容器commit提交爲鏡像 [root@m03 my_dir]# docker commit my_ssh centos6-ssh:v1 sha256:620176578b795ce542ea7e458d87b6f53f963ae6fad0ece05c084e4b5d5230f3 [root@m03 my_dir]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos6-ssh v1 620176578b79 46 seconds ago 312 MB docker.io/httpd 2.4 7d85cc3b2d80 5 days ago 154 MB docker.io/centos latest 67fa590cfc1c 6 days ago 202 MB docker.io/nginx latest 5a3221f0137b 11 days ago 126 MB docker.io/centos 6.8 82f3b5f3c58f 5 months ago 195 MB docker.io/centos 6.9 2199b8eb8390 5 months ago 195 MB docker.io/centos/httpd latest 2cc07fbb5000 8 months ago 258 MB 3: 啓動新容器來測試新提交的鏡像 /usr/sbin/sshd -D須要讓該命令在前端一直處於運行狀態,不然容器的狀態就是Exit。 [root@m03 my_dir]# docker run -d -p 2022:22 centos6-ssh:v1 /usr/sbin/sshd -D 0aa77ba112dfdf5261da559ae71d006ccf216edcd335ca02d2371b6fb048c579 測試新的容器 [root@m02 /]# ssh root@10.0.0.63 -p 2022 Warning: Permanently added '[10.0.0.63]:2022' (RSA) to the list of known hosts. root@10.0.0.63 s password: Last login: Tue Aug 27 09:15:48 2019 from 10.0.0.62 [root@0aa77ba112df ~]# ls anaconda-ks.cfg install.log install.log.syslog
2.11.2製做支持ssh+httpd雙服務的鏡像
1:啓動容器安裝軟件服務 docker run -it --name oldgirl centos:6.9 yum install httpd yum install openssh-server /etc/init.d/sshd start passwd ###容器啓動腳本 vi /init.sh #!/bin/bash /etc/init.d/httpd start /etc/init.d/sshd start tail -F /var/log/messages #只要讓腳本一直處於運行中就能夠,不然容器就是Exit退出狀態。 2:將安裝好服務的容器commit提交爲鏡像 docker commit oldgirl centos6-ssh-httpd:v1 3:啓動新容器來測試新提交的鏡像 docker run -d -p 8080:80 -p 1122:22 centos6-ssh-httpd:v1 /bin/bash /init.sh
測試ssh服務 [root@m02 /]# ssh 10.0.0.63 -p 1122 Warning: Permanently added '[10.0.0.63]:1122' (RSA) to the list of known hosts. root@10.0.0.63's password: [root@9ac3d33f5abc ~]#
2.12Dockerfile自動構建鏡像
2.12.1手動docker鏡像的缺點
相對於手動製做的docker鏡像,使用dockerfile構建的鏡像有如下優勢: 1:dockerfile只有幾kb,便於傳輸 2:使用dockerfile構建出來的鏡像,在運行容器的時候,不用指定容器的初始命令 3:支持更多的自定義操做
2.12.2dockerfile經常使用命令
dockerfile經常使用指令:
FROM 這個鏡像的媽媽是誰?(指定基礎鏡像)
MAINTAINER 告訴別人,誰負責養它?(指定維護者信息,能夠沒有)
RUN 你想讓它幹啥(在命令前面加上RUN便可)
ADD 給它點創業資金(COPY文件,會自動解壓)
WORKDIR 我是cd,今天剛化了妝(設置當前工做目錄)
VOLUME 給它一個存放行李的地方(設置卷,掛載主機目錄)
EXPOSE 它要打開的門是啥(指定對外的端口)(-P 隨機端口)
CMD 奔跑吧,兄弟!(指定容器啓動後的要乾的事情)(容易被替換)
dockerfile其餘指令:
COPY 複製文件
ENV 環境變量
ENTRYPOINT 容器啓動後執行的命令(沒法被替換,啓容器的時候指定的命令,會被當成參數)
2.12.3dockerfile實戰1
dockerfile製做docker鏡像步驟: 1:編寫dockerfile vi dockerfile FROM centos:6.9 RUN yum install openssh-server -y RUN /etc/init.d/sshd start RUN echo 123456|passwd --stdin root CMD ["/usr/sbin/sshd","-D"] 2:docker build構建鏡像 docker build -t centos6-ssh:v2 . 3: 啓動新容器來測試新構建的鏡像 docker run -d -p 1322:22 centos6-ssh:v2
2.13.4dockerfile實戰2
dockerfile製做docker鏡像步驟: 1:編寫dockerfile FROM centos:6.9 RUN yum install openssh-server httpd -y RUN /etc/init.d/sshd start ADD init.sh /init.sh # 兩個服務的端口,用於作端口映射 EXPOSE 22 80 #設置登陸進容器後,當前的工做目錄 WORKDIR /root # 建立容器的時候,能夠指定該變量的值,也能夠不指定,就使用這裏的默認值 ENV SSH_PASSWD=123456 CMD ["/bin/bash","/init.sh"] ###容器啓動腳本 vi /init.sh #!/bin/bash echo $SSH_PASSWD|passwd --stdin root /etc/init.d/httpd start /usr/sbin/sshd -D 2:docker build構建鏡像 docker build -t centos6-ssh-httpd:v5 3:啓動新容器來測試新提交的鏡像 [root@m03 opt]# docker run -d -p 1222:22 -p 8880:80 --env "SSH_PASSWD=123456" centos6-ssh:v5 005341d6fb11a0207384e77afcb9ed026a41ee4fe3306734f94c82dc80e9da6b [root@m03 opt]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 005341d6fb11 centos6-ssh:v5 "/bin/bash /init.sh" 8 seconds ago Up 7 seconds 0.0.0.0:1222->22/tcp, 0.0.0.0:8880->80/tcp elated_goldstine
2.13.5dockerfile部署
把項目封裝成docker鏡像的步驟:
1:先運行一個基礎容器,手動製做docker鏡像,把操做命令複製出來,用於書寫dockerfile
[root@fbf9f4df96d1 html]# history
1 yum install -y httpd php php-cli -y
2 cd /var/www/html/
3 curl -o http://static.kodcloud.com/update/download/kodexplorer4.37.zip
4 curl -o kodexplorer4.37.zip http://static.kodcloud.com/update/download/kodexplorer4.37.zip
5 ll
6 yum install unzip
7 unzip kodexplorer4.37.zip
8 ll
9 yum install php-gd php-mbstring
10 service httpd start
11 chmod -R 777 /var/www/html/
12 history
2:編寫dockerfile,構建鏡像
3:測試運行
[root@m03 opt]# cat dockerfile FROM centos:6.9 RUN yum install -y httpd php php-cli php-gd php-mbstring unzip WORKDIR /var/www/html/ COPY kodexplorer4.37.zip . RUN unzip kodexplorer4.37.zip RUN chmod -R 777 /var/www/html/ ADD init.sh /init.sh EXPOSE 80 CMD ["/bin/bash", "/init.sh"] [root@m03 opt]# cat init.sh #!/bin/bash /etc/init.d/httpd start tail -F /var/log/messages [root@m03 opt]# 構建鏡像 [root@m03 opt]# docker build -t kodyun:v1 . 建立容器 [root@m03 opt]# docker run -d -p 80:80 kodyun:v1 04e02985a4db2a5674c227c6fc7fb56609c98aa12f0c49739ccb7452b61a8352 [root@m03 opt]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 04e02985a4db kodyun:v1 "/bin/bash /init.sh" 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp upbeat_cori [
2.14docker鏡像的分層
2.14.1分層的好處
分層的好處:共享資源,節省資源 有多個鏡像都從相同的 base 鏡像構建而來,那麼 Docker Host 只需在磁盤上保存一份 base 鏡像;同時內存中也只需加載一份 base 鏡像,就能夠爲全部容器服務了
2.14.2dockerfile run的原理
在運行過程當中,會建立臨時容器 --no-trunc能夠看到完整的命令
2.14.3docker簡單總結
2.15容器間的互聯
2.15.1--link完成榮期間的互聯
容器間互聯的方法:--link 單方向的建立Link的容器能鏈接以前建立的容器 docker run -d --name my_httpd httpd:latest docker run -it --link my_httpd:web01 centos:6.8 測試: curl my_httpd curl web01 原理: cat /etc/hosts
[root@m03 lib]# docker run -d --name my_httpd httpd:latest Unable to find image 'httpd:latest' locally Trying to pull repository docker.io/library/httpd ... latest: Pulling from docker.io/library/httpd Digest: sha256:98caed3e3a90ed9db8d25dcbb98eebe0ce56358a9dbbc940d7eb66a8e2b88252 Status: Downloaded newer image for docker.io/httpd:latest db023fbf798d872cbbb5303f6899635bc550a5a35e4b7d1bb2246ea0dc8a8a2f [root@m03 lib]# docker run -it --link my_httpd:web01 centos:6.9 #訪問容器的name也能夠 [root@37811b332ce4 /]# curl my_httpd <html><body><h1>It works!</h1></body></html> #訪問主機名也能夠 [root@37811b332ce4 /]# curl web01 <html><body><h1>It works!</h1></body></html> #原理是--link添加了主機名映射 [root@37811b332ce4 /]# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.3 web01 db023fbf798d my_httpd 172.17.0.4 37811b332ce4 [root@37811b332ce4 /]# ^C [root@37811b332ce4 /]#
2.15.2容器間互聯的應用-zabbix安裝
體驗一下便可,不要再生產環境中把zabbix搭建在容器中,因爲容器精簡,在配置郵件告警的時候,不能配置。
docker run --name mysql-server -t \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="zabbix_pwd" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-d mysql:5.7 \
--character-set-server=utf8 --collation-server=utf8_bin
docker run --name zabbix-java-gateway -t \
-d zabbix/zabbix-java-gateway:latest
docker run --name zabbix-server-mysql -t \
-e DB_SERVER_HOST="mysql-server" \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="zabbix_pwd" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
-e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
--link mysql-server:mysql \
--link zabbix-java-gateway:zabbix-java-gateway \
-p 10051:10051 \
-d zabbix/zabbix-server-mysql:latest
docker run --name zabbix-web-nginx-mysql -t \
-e DB_SERVER_HOST="mysql-server" \
-e MYSQL_DATABASE="zabbix" \
-e MYSQL_USER="zabbix" \
-e MYSQL_PASSWORD="zabbix_pwd" \
-e MYSQL_ROOT_PASSWORD="root_pwd" \
--link mysql-server:mysql \
--link zabbix-server-mysql:zabbix-server \
-p 80:80 \
-d zabbix/zabbix-web-nginx-mysql:latest
2.16私有倉庫registry
2.16.1沒有認證的私有倉庫
m02服務器10.0.0.62
m03服務器10.0.0.63
m02服務器上
運行docker私有倉庫:
[root@m02 /]# mkdir /opt/myregistry
[root@m02 /]# docker run -d -p 5000:5000 --restart=always -v /opt/myregistry:/var/lib/registry registry
5258714d435c133670d04c00784c8f10b018224525a522770a1a88a7d3155237
當容器啓動完成,私有倉庫就能夠使用了
m03服務器上
a:給要上傳的鏡像打tag
[root@m03 opt]# docker image tag httpd:latest 10.0.0.62:5000/httpd:latest
[root@m03 opt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/httpd 2.4 7d85cc3b2d80 5 days ago 154 MB
docker.io/httpd latest 7d85cc3b2d80 5 days ago 154 MB
10.0.0.62:5000/httpd latest 7d85cc3b2d80 5 days ago 154 MB
b:上傳
[root@m03 opt]# docker push 10.0.0.62:5000/httpd:latest
The push refers to a repository [10.0.0.62:5000/httpd]
Get https://10.0.0.62:5000/v1/_ping: http: server gave HTTP response to HTTPS client
報錯解決方法,在m03服務器上:
[root@m03 opt]# vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["10.0.0.62:5000"]
}
[root@m03 opt]# systemctl restart docker
[root@m03 opt]# docker push 10.0.0.62:5000/httpd:latest
The push refers to a repository [10.0.0.62:5000/httpd]
9e0ab3afff15: Pushed
7a0960d9b679: Pushed
8b16516271d6: Pushed
5bcb93651a74: Pushed
1c95c77433e8: Pushed
latest: digest: sha256:90cca2f9c32ad25afa180da6b14f35de9990cb02b9007350a5bccef4cac1e1c9 size: 1367
[root@m03 opt]#
#再上傳一個
[root@m03 opt]# docker tag centos:6.8 10.0.0.62:5000/centos:6.8
[root@m03 opt]# docker push 10.0.0.62:5000/centos:6.8
The push refers to a repository [10.0.0.62:5000/centos]
ad337ac82f03: Pushed
6.8: digest: sha256:3e472cabf40e9beee56affc1fdce0e897dadc4e6063c00cd16bcbdbd3ba96864 size: 529
[root@m03 opt]#
#在m02端查看push的鏡像
[root@m02 repositories]# ll
total 0
drwxr-xr-x 5 root root 55 Aug 27 22:53 centos
drwxr-xr-x 5 root root 55 Aug 27 22:48 httpd
[root@m02 repositories]# pwd
/opt/myregistry/docker/registry/v2/repositories
[root@m02 repositories]#
[root@m02 repositories]# tree centos
centos
├── _layers
│ └── sha256
│ ├── 7ce0cebb9dca298e1b098715615f8acb6bb6ccc449e765e6448dd2120cdf9fd2
│ │ └── link
│ └── 82f3b5f3c58f22e50d6b05f227c675af504cffc9dff7e318df5fc40faee6410e
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── 3e472cabf40e9beee56affc1fdce0e897dadc4e6063c00cd16bcbdbd3ba96864
│ │ └── link
│ └── tags
│ └── 6.8
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── 3e472cabf40e9beee56affc1fdce0e897dadc4e6063c00cd16bcbdbd3ba96864
│ └── link
└── _uploads
15 directories, 5 files
[root@m02 repositories]#
2.16.2有認證的私有倉庫
a:base認證密碼文件準備 [root@m02 repositories]# yum install httpd-tools -y [root@m02 repositories]# mkdir /opt/registry-var/auth/ -p [root@m02 repositories]# htpasswd -Bbn vita 123456 >> /opt/registry-var/auth/htpasswd b:啓動docker私有倉庫 [root@m02 repositories]# docker run -d -p 5000:5000 -v /opt/registry-var/auth/:/auth/ -v /opt/myregistry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry [root@m03 opt]# docker pull 10.0.0.62:5000/centos:6.8 Trying to pull repository 10.0.0.62:5000/centos ... Pulling repository 10.0.0.62:5000/centos Error: image centos:6.8 not found #登陸 [root@m03 opt]# docker login 10.0.0.62:5000 #輸入用戶名和密碼 Username: vita Password: Login Succeeded [root@m03 opt]# docker pull 10.0.0.62:5000/centos:6.8 Trying to pull repository 10.0.0.62:5000/centos ... 6.8: Pulling from 10.0.0.62:5000/centos 7ce0cebb9dca: Pull complete Digest: sha256:3e472cabf40e9beee56affc1fdce0e897dadc4e6063c00cd16bcbdbd3ba96864 Status: Downloaded newer image for 10.0.0.62:5000/centos:6.8 [root@m03 opt]#
2.17容器編排工具docker-compose
安裝: curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum install -y python2-pip pip install docker-compose 檢查是否安裝成功 docker-compose -v
#名字只能是這個
vi docker-compose.yml
version: '3'
services:
db:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: somewordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress
wordpress:
depends_on:
- db
image: wordpress:latest
volumes:
- web_data:/var/www/html
ports:
- "80"
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
volumes:
db_data:
web_data:
配置nginx負載均衡php
2.18docker容器的四種網絡類型
None:不爲容器配置任何網絡功能,--net=none Container:與另外一個運行中的容器共享Network Namespace,--net=container:containerID Host:與主機共享Network Namespace,--net=host Bridge:Docker設計的NAT網絡模型
None:不爲容器配置任何網絡功能,--net=none
[root@m02 ~]# docker run -it --network none busybox:latest
/ # ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1081758c9f32 busybox:latest "sh" 2 minutes ago Up 2 minutes awesome_albattani
bc7598d59d99 registry "/entrypoint.sh /e..." 9 hours ago Up 9 hours 0.0.0.0:5000->5000/tcp practical_meninsky
[root@m02 ~]# docker inspect 1081758c9f32
.......................
"Networks": {
"none": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "7c8ca554183c5fb6e2d60ec953d10f535512cc1c8a2634ecd22001a4e72b62f6",
"EndpointID": "4305ad25bfb7cfc603e29e7abc2a3c18b29e944b879d30ecf9016995afe7fb7d",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": ""
}
Container:與另外一個運行中的容器共享Network Namespace,--net=container:containerID
[root@m02 ~]# docker run -d httpd:latest
27e313f7f1faee636791efba8b3e07043b8a2aa654b16858f59204883f152575
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
27e313f7f1fa httpd:latest "httpd-foreground" 13 seconds ago Up 12 seconds 80/tcp agitated_wescoff
[root@m02 ~]# docker inspect 27e313f7f1fa
[
{
"Id": "27e313f7f1faee636791efba8b3e07043b8a2aa654b16858f59204883f152575",
"Created": "2019-08-28T00:21:11.762275464Z",
"Path": "httpd-foreground",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 3168,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-08-28T00:21:12.169841859Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "0c7c6a23a122615a75e9015898472666ba5bd944a21900dddcfce33d2b28159c",
"EndpointID": "75b8d08b72591e315765b9625ebbfc768bebba65faa1b68ce5a0f9e2eff9ad22",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
}
]
#新建一個容器,使用剛剛的容器的網絡
[root@m02 ~]# docker run -it --network container:agitated_wescoff centos:6.8
[root@27e313f7f1fa /]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 b) TX bytes:648 (648.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@27e313f7f1fa /]#
#由於共用網絡,端口也是共用槓槓的容器
[root@27e313f7f1fa /]# netstat -antlp|grep 80
tcp 0 0 :::80 :::* LISTEN -
[root@27e313f7f1fa /]#
#查看新建的容器信息
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a531547b73e centos:6.8 "/bin/bash" 2 minutes ago Exited (0) 4 seconds ago tender_borg
27e313f7f1fa httpd:latest "httpd-foreground" 7 minutes ago Up 7 minutes 80/tcp agitated_wescoff
[root@m02 ~]# docker inspect 3a531547b73e
[
{
"Id": "3a531547b73eb6433e3810872172b35d4ac3850103ccd47d719adf6261e8ea59",
"Created": "2019-08-28T00:26:25.077298262Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-08-28T00:26:25.469976229Z",
"FinishedAt": "2019-08-28T00:29:01.072285007Z"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": null,
"SandboxKey": "",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {}
}
}
]
Host:與主機共享Network Namespace,--net=host
全部的都共用宿主機的,連主機名都相同
[root@m02 ~]# docker run -it --network host centos:6.8
[root@m02 /]# ifconfig
docker0 Link encap:Ethernet HWaddr 02:42:AD:A4:9A:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:adff:fea4:9a88/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:11733 errors:0 dropped:0 overruns:0 frame:0
TX packets:14400 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:141160524 (134.6 MiB) TX bytes:127797476 (121.8 MiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:E1:5B:21
inet addr:10.0.0.62 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee1:5b21/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:376726 errors:0 dropped:0 overruns:0 frame:0
TX packets:152587 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:534721552 (509.9 MiB) TX bytes:282402392 (269.3 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:E1:5B:2B
inet addr:172.16.1.62 Bcast:172.16.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fee1:5b2b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:938 (938.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:200 (200.0 b) TX bytes:200 (200.0 b)
[root@m02 /]# exit
exit
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1d73f7bdbfa6 centos:6.8 "/bin/bash" About a minute ago Exited (0) 6 seconds ago determined_hopper
[root@m02 ~]# docker inspect 1d73f7bdbfa6
[
{
"Id": "1d73f7bdbfa6240eae5ccb28e1f71e0c861003df0c37d12e67890c0cd1e4583e",
"Created": "2019-08-28T00:32:55.945298156Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-08-28T00:32:56.280099664Z",
"FinishedAt": "2019-08-28T00:34:43.941655105Z"
},
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "15e1f917a440af4fd581f1f1558d614d544c009bba9c7e1a45896dd2a4b77866",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": ""
}
}
}
}
]
Bridge:Docker設計的NAT網絡模型
[root@m02 ~]# docker run -it --network bridge centos:6.8
[root@e6d67d5940dd /]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:578 (578.0 b) TX bytes:578 (578.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@e6d67d5940dd /]# exit
exit
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6d67d5940dd centos:6.8 "/bin/bash" About a minute ago Exited (0) 3 seconds ago loving_wescoff
1d73f7bdbfa6 centos:6.8 "/bin/bash" 6 minutes ago Exited (0) 4 minutes ago determined_hopper
[root@m02 ~]# docker inspect e6d67d5940dd
[
{
"Id": "e6d67d5940dd450e51e3f63030afff780e46878028e9bc42681f864b94314245",
"Created": "2019-08-28T00:38:03.085308573Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-08-28T00:38:03.556114819Z",
"FinishedAt": "2019-08-28T00:39:16.185458418Z"
},
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "0c7c6a23a122615a75e9015898472666ba5bd944a21900dddcfce33d2b28159c",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": ""
}
}
}
}
]
2.19跨主機通訊之macvlan
性能比較好 建立macvlan: docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1 測試: m02: docker run -it --network macvlan_1 --ip=10.0.0.111 busybox:latest /bin/sh m03: docker run -it --network macvlan_1 --ip=10.0.0.112 busybox:latest /bin/sh
兩個虛擬機中的容器網絡不能互通,能夠開啓混雜模式.
[root@m02 ~]# ip link set eth0 promisc on
[root@m02 ~]# ip link show eth0
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:e1:5b:21 brd ff:ff:ff:ff:ff:ff
[root@m02 ~]#
#關閉混雜模式
[root@m02 ~]# ip link set eth0 promisc off
[root@m02 ~]# ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
link/ether 00:0c:29:e1:5b:21 brd ff:ff:ff:ff:ff:ff
[root@m02 ~]#
m02和m03上都執行下面的命令
docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1
[root@m03 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
76fe5d619a55 bridge bridge local
7f1efb6dc734 host host local
fd980e8f4294 macvlan_1 macvlan local
82a72dedf7e6 none null local
b4fb0955463c opt_default bridge local
[root@m03 ~]#
#m02:
[root@m02 ~]# docker network create --driver macvlan --subnet 10.0.0.0/24 --gateway 10.0.0.254 -o parent=eth0 macvlan_1
43b7a844e32523b3cfd88ebf4cc922b84c42f10c95b02fc297cba3ab2abc935a
[root@m02 ~]# docker run -it --network macvlan_1 --ip=10.0.0.111 busybox:latest /bin/sh
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:6F
inet addr:10.0.0.111 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:aff:fe00:6f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:60 (60.0 B) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ #
#m03:
[root@m03 ~]# docker run -it --network macvlan_1 --ip=10.0.0.112 busybox:latest /bin/sh
Unable to find image 'busybox:latest' locally
Trying to pull repository docker.io/library/busybox ...
latest: Pulling from docker.io/library/busybox
ee153a04d683: Pull complete
Digest: sha256:9f1003c480699be56815db0f8146ad2e22efea85129b5b5983d0e0fb52d9ab70
Status: Downloaded newer image for docker.io/busybox:latest
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:0A:00:00:70
inet addr:10.0.0.112 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:aff:fe00:70/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:60 (60.0 B) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
#ping另外一個主機上的容器
/ # ping 10.0.0.112
PING 10.0.0.112 (10.0.0.112): 56 data bytes
64 bytes from 10.0.0.112: seq=0 ttl=64 time=0.155 ms
64 bytes from 10.0.0.112: seq=1 ttl=64 time=0.180 ms
^C
--- 10.0.0.112 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.155/0.167/0.180 ms
/ #
#筆記本ping虛擬機中的容器,網絡也是互通的
[c:\~]$ ping 10.0.0.112
正在 Ping 10.0.0.112 具備 32 字節的數據:
來自 10.0.0.112 的回覆: 字節=32 時間<1ms TTL=64
來自 10.0.0.112 的回覆: 字節=32 時間<1ms TTL=64
10.0.0.112 的 Ping 統計信息:
數據包: 已發送 = 2,已接收 = 2,丟失 = 0 (0% 丟失),
往返行程的估計時間(以毫秒爲單位):
最短 = 0ms,最長 = 0ms,平均 = 0ms
^C
2.20跨主機通訊之overlay
1)準備工做
m04-10.0.0.64上
[root@m04 ~]# docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
4ace81ed1bf02a4fdb736d79380de93ca14fabeb55d671c45681c4d51e207d82
m02-10.0.0.62上:
[root@m02 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m02 ~]# cat /etc/docker/daemon.json
{
"hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
"cluster-store": "consul://10.0.0.64:8500",
"cluster-advertise": "10.0.0.62:2376"
}
[root@m02 ~]#
m03-10.0.0.63上
[root@m03 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m03 ~]# cat /etc/docker/daemon.json
{
"hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
"cluster-store": "consul://10.0.0.64:8500",
"cluster-advertise": "10.0.0.63:2376"
}
[root@m03 ~]#
2)建立overlay網絡,在一臺虛擬機中操做便可,兩臺虛擬機中都會有該網絡,由於數據存儲在64服務器上,數據共享
docker network create -d overlay ol1
建立設置網段的overlay
docker network create -d overlay --subnet 172.16.0.0/16 ol4
3)啓動容器測試,兩個虛擬機m02和m03中都要操做
docker run -it --network ol1 --name vita busybox:latest /bin/sh
#m04-10.0.0.64上
[root@m04 ~]# docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
4ace81ed1bf02a4fdb736d79380de93ca14fabeb55d671c45681c4d51e207d82
#m02-10.0.0.62上:
[root@m02 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m02 ~]# cat /etc/docker/daemon.json
{
"hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
"cluster-store": "consul://10.0.0.64:8500",
"cluster-advertise": "10.0.0.62:2376"
}
[root@m02 ~]#
#m03-10.0.0.63上
[root@m03 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m03 ~]# cat /etc/docker/daemon.json
{
"hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
"cluster-store": "consul://10.0.0.64:8500",
"cluster-advertise": "10.0.0.63:2376"
}
[root@m03 ~]#
http://10.0.0.64:8500/ui/#/dc1/kv/docker/nodes/html
看到兩個節點,說明沒問題
#m02上操做
[root@m02 ~]# docker network create -d overlay ol1
534fbb9508eb9b0011ff80178e901a71e00c740ef37b52b9fe8e9d2fea2c1030
[root@m02 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
b03ef5e1e672 bridge bridge local
15e1f917a440 host host local
43b7a844e325 macvlan_1 macvlan local
7c8ca554183c none null local
534fbb9508eb ol1 overlay global
[root@m02 ~]#
[root@m02 ~]# docker run -it --network ol1 --name m02 busybox:latest /bin/sh
/ #
#m03上操做
[root@m03 ~]# docker run -it --network ol1 --name m03 busybox:latest /bin/sh
#測試網絡是否互通,能夠經過容器名稱進行互通,由於數據存儲在84服務器的服務中
/ # ping m02
PING m02 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: seq=0 ttl=64 time=4.153 ms
64 bytes from 10.0.0.2: seq=1 ttl=64 time=3.596 ms
64 bytes from 10.0.0.2: seq=2 ttl=64 time=0.309 ms
^C
--- m02 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.309/2.686/4.153 ms
/ #
/ # ping www.baidu.com
PING www.baidu.com (180.101.49.11): 56 data bytes
64 bytes from 180.101.49.11: seq=0 ttl=127 time=17.118 ms
64 bytes from 180.101.49.11: seq=1 ttl=127 time=105.181 ms
#筆記本ping m02上建立的容器,網絡不通
[c:\~]$ ping 10.0.0.2
正在 Ping 10.0.0.2 具備 32 字節的數據:
來自 10.0.0.1 的回覆: 沒法訪問目標主機。
請求超時。
10.0.0.2 的 Ping 統計信息:
數據包: 已發送 = 2,已接收 = 1,丟失 = 1 (50% 丟失),
[c:\~]$
#在m02中
[root@m02 ~]# docker run -d -p 8080:80 httpd
2b7d07f25a5d762ac9691ee46c4afb754a91cfc6eb35370da07d5f0745a97975
[root@m02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2b7d07f25a5d httpd "httpd-foreground" 11 seconds ago Up 10 seconds 0.0.0.0:8080->80/tcp zealous_bohr
4d430358e388 httpd "httpd-foreground" 21 seconds ago Created cocky_boyd
c341b13ca489 busybox:latest "/bin/sh" 7 minutes ago Exited (0) 33 seconds ago m02
[root@m02 ~]#
2.21企業級鏡像倉庫harbor
第一步:安裝docker和docker-compose 安裝docker: yum install -y docker-io 安裝docker-compose: curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum install -y python2-pip pip install docker-compose 檢查是否安裝成功 docker-compose -v 第二步:下載harbor-offline-installer-v1.5.1.tgz 第三步:上傳到/opt,並解壓 第四步:修改harbor.cfg配置文件 hostname = 10.0.0.63 harbor_admin_password = 123456 第五步:執行install.sh
[root@m03 opt]# docker rm -f `docker ps -a -q` 33dc41530c38 57ea913e407d [root@m03 opt]# tar -xvf harbor-offline-installer-v1.5.1.tgz harbor/common/templates/ harbor/common/templates/nginx/ harbor/common/templates/nginx/nginx.https.conf harbor/common/templates/nginx/notary.server.conf harbor/common/templates/nginx/nginx.http.conf harbor/common/templates/nginx/notary.upstream.conf harbor/common/templates/ui/ harbor/common/templates/ui/env harbor/common/templates/ui/private_key.pem harbor/common/templates/ui/app.conf harbor/common/templates/notary/ harbor/common/templates/notary/mysql-initdb.d/ harbor/common/templates/notary/mysql-initdb.d/initial-notarysigner.sql harbor/common/templates/notary/mysql-initdb.d/initial-notaryserver.sql harbor/common/templates/notary/notary-signer.crt harbor/common/templates/notary/signer-config.json harbor/common/templates/notary/notary-signer-ca.crt harbor/common/templates/notary/signer_env harbor/common/templates/notary/server-config.json harbor/common/templates/notary/notary-signer.key harbor/common/templates/adminserver/ harbor/common/templates/adminserver/env harbor/common/templates/db/ harbor/common/templates/db/env harbor/common/templates/registry/ harbor/common/templates/registry/root.crt harbor/common/templates/registry/config.yml harbor/common/templates/registry/config_ha.yml harbor/common/templates/log/ harbor/common/templates/log/logrotate.conf harbor/common/templates/jobservice/ harbor/common/templates/jobservice/env harbor/common/templates/jobservice/config.yml harbor/common/templates/clair/ harbor/common/templates/clair/postgres_env harbor/common/templates/clair/config.yaml harbor/common/templates/clair/postgresql-init.d/ harbor/common/templates/clair/postgresql-init.d/README.md harbor/common/templates/clair/clair_env harbor/harbor.v1.5.1.tar.gz harbor/prepare harbor/NOTICE harbor/LICENSE harbor/install.sh harbor/harbor.cfg harbor/docker-compose.yml harbor/ha/ harbor/ha/sample/ harbor/ha/sample/active_active/ harbor/ha/sample/active_active/keepalived_active_active.conf harbor/ha/sample/active_active/check.sh harbor/ha/sample/active_standby/ harbor/ha/sample/active_standby/keepalived_active_standby.conf harbor/ha/sample/active_standby/check_harbor.sh harbor/ha/registry.sql harbor/ha/docker-compose.tpl harbor/ha/docker-compose.clair.yml harbor/ha/docker-compose.clair.tpl harbor/ha/docker-compose.yml harbor/docker-compose.notary.yml harbor/docker-compose.clair.yml [root@m03 opt]# ll total 858200 -rw-r--r-- 1 root root 603 Aug 27 23:24 docker-compose.yml -rw-r--r-- 1 root root 255 Aug 27 19:56 dockerfile drwxr-xr-x 4 root root 229 Aug 28 09:59 harbor -rw-r--r-- 1 root root 864933610 Aug 28 09:58 harbor-offline-installer-v1.5.1.tgz -rw-r--r-- 1 root root 62 Aug 27 19:57 init.sh -rw-r--r-- 1 root root 13845184 Aug 27 19:55 kodexplorer4.37.zip drwxr-xr-x 2 root root 24 Aug 27 16:26 my_dir drwxr-xr-x 2 root root 6 Aug 27 22:27 myregistry [root@m03 opt]# cd harbor/ [root@m03 harbor]# ll total 856136 drwxr-xr-x 3 root root 23 Aug 28 09:58 common -rw-r--r-- 1 root root 1185 May 31 2018 docker-compose.clair.yml -rw-r--r-- 1 root root 1725 May 31 2018 docker-compose.notary.yml -rw-r--r-- 1 root root 3596 May 31 2018 docker-compose.yml drwxr-xr-x 3 root root 156 May 31 2018 ha -rw-r--r-- 1 root root 6687 May 31 2018 harbor.cfg -rw-r--r-- 1 root root 876607879 May 31 2018 harbor.v1.5.1.tar.gz -rwxr-xr-x 1 root root 5773 May 31 2018 install.sh -rw-r--r-- 1 root root 10771 May 31 2018 LICENSE -rw-r--r-- 1 root root 482 May 31 2018 NOTICE -rwxr-xr-x 1 root root 27379 May 31 2018 prepare [root@m03 harbor]# vim harbor.cfg [root@m03 harbor]# sh install.sh [Step 0]: checking installation environment ... Note: docker version: 1.13.1 Note: docker-compose version: 1.24.1 [Step 1]: loading Harbor images ... 52ef9064d2e4: Loading layer [==================================================>] 135.9 MB/135.9 MB 4a6862dbadda: Loading layer [==================================================>] 23.25 MB/23.25 MB 58b7d0c522b2: Loading layer [==================================================>] 24.4 MB/24.4 MB 9cd4bb748634: Loading layer [==================================================>] 7.168 kB/7.168 kB c81302a14908: Loading layer [==================================================>] 10.56 MB/10.56 MB 7848e9ba72a3: Loading layer [==================================================>] 24.39 MB/24.39 MB Loaded image: vmware/harbor-ui:v1.5.1 f1691b5a5198: Loading layer [==================================================>] 73.15 MB/73.15 MB a529013c99e4: Loading layer [==================================================>] 3.584 kB/3.584 kB d9b4853cff8b: Loading layer [==================================================>] 3.072 kB/3.072 kB 3d305073979e: Loading layer [==================================================>] 4.096 kB/4.096 kB c9e17074f54a: Loading layer [==================================================>] 3.584 kB/3.584 kB 956055840e30: Loading layer [==================================================>] 9.728 kB/9.728 kB Loaded image: vmware/harbor-log:v1.5.1 185db06a02d0: Loading layer [==================================================>] 23.25 MB/23.25 MB 835213979c70: Loading layer [==================================================>] 20.9 MB/20.9 MB f74eeb41c1c9: Loading layer [==================================================>] 20.9 MB/20.9 MB Loaded image: vmware/harbor-jobservice:v1.5.1 9bd5c7468774: Loading layer [==================================================>] 23.25 MB/23.25 MB 5fa6889b9a6d: Loading layer [==================================================>] 2.56 kB/2.56 kB bd3ac235b209: Loading layer [==================================================>] 2.56 kB/2.56 kB cb5d493833cc: Loading layer [==================================================>] 2.048 kB/2.048 kB 557669a074de: Loading layer [==================================================>] 22.8 MB/22.8 MB f02b4f30a9ac: Loading layer [==================================================>] 22.8 MB/22.8 MB Loaded image: vmware/registry-photon:v2.6.2-v1.5.1 5d3b562db23e: Loading layer [==================================================>] 23.25 MB/23.25 MB 8edca1b0e3b0: Loading layer [==================================================>] 12.16 MB/12.16 MB ce5f11ea46c0: Loading layer [==================================================>] 17.3 MB/17.3 MB 93750d7ec363: Loading layer [==================================================>] 15.87 kB/15.87 kB 36f81937e80d: Loading layer [==================================================>] 3.072 kB/3.072 kB 37e5df92b624: Loading layer [==================================================>] 29.46 MB/29.46 MB Loaded image: vmware/notary-server-photon:v0.5.1-v1.5.1 0a2f8f90bd3a: Loading layer [==================================================>] 401.3 MB/401.3 MB 41fca4deb6bf: Loading layer [==================================================>] 9.216 kB/9.216 kB f2e28262e760: Loading layer [==================================================>] 9.216 kB/9.216 kB 68677196e356: Loading layer [==================================================>] 7.68 kB/7.68 kB 2b006714574e: Loading layer [==================================================>] 1.536 kB/1.536 kB Loaded image: vmware/mariadb-photon:v1.5.1 a8c4992c632e: Loading layer [==================================================>] 156.3 MB/156.3 MB 0f37bf842677: Loading layer [==================================================>] 10.75 MB/10.75 MB 9f34c0cd38bf: Loading layer [==================================================>] 2.048 kB/2.048 kB 91ca17ca7e16: Loading layer [==================================================>] 48.13 kB/48.13 kB 5a7e0da65127: Loading layer [==================================================>] 10.8 MB/10.8 MB Loaded image: vmware/clair-photon:v2.0.1-v1.5.1 0e782fe069e7: Loading layer [==================================================>] 23.25 MB/23.25 MB 67fc1e2f7009: Loading layer [==================================================>] 15.36 MB/15.36 MB 8db2141aa82c: Loading layer [==================================================>] 15.36 MB/15.36 MB Loaded image: vmware/harbor-adminserver:v1.5.1 3f87a34f553c: Loading layer [==================================================>] 4.772 MB/4.772 MB Loaded image: vmware/nginx-photon:v1.5.1 Loaded image: vmware/photon:1.0 ad58f3ddcb1b: Loading layer [==================================================>] 10.95 MB/10.95 MB 9b50f12509bf: Loading layer [==================================================>] 17.3 MB/17.3 MB 2c21090fd212: Loading layer [==================================================>] 15.87 kB/15.87 kB 38bec864f23e: Loading layer [==================================================>] 3.072 kB/3.072 kB 6e81ea7b0fa6: Loading layer [==================================================>] 28.24 MB/28.24 MB Loaded image: vmware/notary-signer-photon:v0.5.1-v1.5.1 897a26fa09cb: Loading layer [==================================================>] 95.02 MB/95.02 MB 16e3a10a21ba: Loading layer [==================================================>] 6.656 kB/6.656 kB 85ecac164331: Loading layer [==================================================>] 2.048 kB/2.048 kB 37a2fb188706: Loading layer [==================================================>] 7.68 kB/7.68 kB Loaded image: vmware/postgresql-photon:v1.5.1 bed9f52be1d1: Loading layer [==================================================>] 11.78 kB/11.78 kB d731f2986f6e: Loading layer [==================================================>] 2.56 kB/2.56 kB c3fde9a69f96: Loading layer [==================================================>] 3.072 kB/3.072 kB Loaded image: vmware/harbor-db:v1.5.1 7844feb13ef3: Loading layer [==================================================>] 78.68 MB/78.68 MB de0fd8aae388: Loading layer [==================================================>] 3.072 kB/3.072 kB 3f79efb720fd: Loading layer [==================================================>] 59.9 kB/59.9 kB 1c02f801c2e8: Loading layer [==================================================>] 61.95 kB/61.95 kB Loaded image: vmware/redis-photon:v1.5.1 454c81edbd3b: Loading layer [==================================================>] 135.2 MB/135.2 MB e99db1275091: Loading layer [==================================================>] 395.4 MB/395.4 MB 051e4ee23882: Loading layer [==================================================>] 9.216 kB/9.216 kB 6cca4437b6f6: Loading layer [==================================================>] 9.216 kB/9.216 kB 1d48fc08c8bc: Loading layer [==================================================>] 7.68 kB/7.68 kB 0419724fd942: Loading layer [==================================================>] 1.536 kB/1.536 kB 543c0c1ee18d: Loading layer [==================================================>] 655.2 MB/655.2 MB 4190aa7e89b8: Loading layer [==================================================>] 103.9 kB/103.9 kB Loaded image: vmware/harbor-migrator:v1.5.0 [Step 2]: preparing environment ... Generated and saved secret to file: /data/secretkey Generated configuration file: ./common/config/nginx/nginx.conf Generated configuration file: ./common/config/adminserver/env Generated configuration file: ./common/config/ui/env Generated configuration file: ./common/config/registry/config.yml Generated configuration file: ./common/config/db/env Generated configuration file: ./common/config/jobservice/env Generated configuration file: ./common/config/jobservice/config.yml Generated configuration file: ./common/config/log/logrotate.conf Generated configuration file: ./common/config/jobservice/config.yml Generated configuration file: ./common/config/ui/app.conf Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt The configuration files are ready, please use docker-compose to start the service. [Step 3]: checking existing instance of Harbor ... [Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-db ... done Creating harbor-adminserver ... done Creating registry ... done Creating redis ... done Creating harbor-ui ... done Creating harbor-jobservice ... done Creating nginx ... done ? ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at http://10.0.0.63. For more details, please visit https://github.com/vmware/harbor . [root@m03 harbor]# [root@m03 harbor]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 37544fd2c13c vmware/harbor-jobservice:v1.5.1 "/harbor/start.sh" 4 minutes ago Up 4 minutes harbor-jobservice f00947bed9a5 vmware/nginx-photon:v1.5.1 "nginx -g 'daemon ..." 4 minutes ago Up 4 minutes (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx 41557d762965 vmware/harbor-ui:v1.5.1 "/harbor/start.sh" 4 minutes ago Up 4 minutes (healthy) harbor-ui a3c898719acc vmware/redis-photon:v1.5.1 "docker-entrypoint..." 4 minutes ago Up 4 minutes 6379/tcp redis 695450e513b5 vmware/registry-photon:v2.6.2-v1.5.1 "/entrypoint.sh se..." 4 minutes ago Up 4 minutes (healthy) 5000/tcp registry f9dfba519084 vmware/harbor-adminserver:v1.5.1 "/harbor/start.sh" 4 minutes ago Up 4 minutes (healthy) harbor-adminserver b9ea4272cc9a vmware/harbor-db:v1.5.1 "/usr/local/bin/do..." 4 minutes ago Up 4 minutes (healthy) 3306/tcp harbor-db 2c63ffb9f6b2 vmware/harbor-log:v1.5.1 "/bin/sh -c /usr/l..." 4 minutes ago Up 4 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log [root@m03 harbor]#
m02服務器上push鏡像
[root@m02 ~]# docker tag busybox:latest 10.0.0.63/library/busybox:latest
[root@m02 ~]# docker push 10.0.0.63/library/busybox:latest
The push refers to a repository [10.0.0.63/library/busybox]
Get https://10.0.0.63/v1/_ping: dial tcp 10.0.0.63:443: connect: connection refused
[root@m02 ~]#
[root@m02 ~]# cat /etc/docker/daemon.json
{
"insecure-registries": ["10.0.0.63"]
}
[root@m02 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m02 ~]# docker push 10.0.0.63/library/busybox:latest
The push refers to a repository [10.0.0.63/library/busybox]
0d315111b484: Preparing
denied: requested access to the resource is denied
[root@m02 ~]# docker login 10.0.0.63
Username: admin
Password:
Login Succeeded
[root@m02 ~]# docker push 10.0.0.63/library/busybox:latest
The push refers to a repository [10.0.0.63/library/busybox]
0d315111b484: Pushed
latest: digest: sha256:895ab622e92e18d6b461d671081757af7dbaa3b00e3e28e12505af7817f73649 size: 527
[root@m02 ~]#
在m04服務器上,pull不須要帳號密碼
[root@m04 ~]# vim /etc/docker/daemon.json
[root@m04 ~]# cat /etc/docker/daemon.json
{
"insecure-registries": ["10.0.0.63"]
}
[root@m04 ~]#
[root@m04 ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@m04 ~]# docker pull 10.0.0.63/library/busybox:latest
Trying to pull repository 10.0.0.63/library/busybox ...
latest: Pulling from 10.0.0.63/library/busybox
ee153a04d683: Pull complete
Digest: sha256:895ab622e92e18d6b461d671081757af7dbaa3b00e3e28e12505af7817f73649
Status: Downloaded newer image for 10.0.0.63/library/busybox:latest
相關文章
- 1. 持續集成與持續交付—jenkins持續集成
- 2. 持續集成
- 3. vue續集3
- 4. vue續集1
- 5. vue續集2
- 6. vue續集4
- 7. MySQL 續集 02
- 8. 《人生》續集
- 9. lambda續集——2
- 10. Modbus TCP續集
- 更多相關文章...
- • Scala Set(集合) - Scala教程
- • C# 集合(Collection) - C#教程
- • ☆技術問答集錦(13)Java Instrument原理
- • NewSQL-TiDB相關
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 持續集成與持續交付—jenkins持續集成
- 2. 持續集成
- 3. vue續集3
- 4. vue續集1
- 5. vue續集2
- 6. vue續集4
- 7. MySQL 續集 02
- 8. 《人生》續集
- 9. lambda續集——2
- 10. Modbus TCP續集