docker的安裝及image製做

時間 2019-11-13

原文原文鏈接

docker安裝

windows安裝在另外一篇隨筆

centos安裝

# 更改centos7默認的yum源，使用清華鏡像

cd /etc/yum.repos.d
wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
# 

yum -y install vim 　　　　 

vim docker-ce.repo
:%s@https://download.docker.com/@https://mirrors.tuna.tsinghua.edu.cn/docker-ce/@ 
yum repolist
yum  -y  install docker-ce

當咱們安裝好docker後，默認主配置文件沒有生成

#  /etc/docker/daemon.json

mkdir /etc/docker
vim /etc/docker/daemon.json

{
 "registry-mirrors": ["https://registry.docker-cn.com","https://duado9su.mirror.aliyuncs.com"]
}

#  鏡像服務器
$ docker run -d -p 5000:5000 \
-e STANDALONE=false \
-e MIRROR_SOURCE=https://registry-1.docker.io \
-e MIRROR_SOURCE_INDEX=https://index.docker.io \
registry


 


#  國內
docker --registry-mirror=http://服務端ip地址:5000  -d

自制鏡像加速器


systemctl start docker.service

[root@localhost vagrant]# docker
Usage:  docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
      --config string      Location of client config files (default "/root/.docker")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  builder     Manage builds
  config      Manage Docker configs
  container   Manage containers
  engine      Manage the docker engine
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information

[root@localhost vagrant]# docker info
Containers: 4
 Running: 0
 Paused: 0
 Stopped: 4
Images: 5
Server Version: 18.09.0
Storage Driver: devicemapper                 # 分層構建，聯合掛載，必須創建在特殊的文件系統
 Pool Name: docker-253:0-33789307-pool
 Pool Blocksize: 65.54kB
 Base Device Size: 10.74GB
 Backing Filesystem: xfs
 Udev Sync Supported: true
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Data Space Used: 246.8MB
 Data Space Total: 107.4GB
 Data Space Available: 6.727GB
 Metadata Space Used: 995.3kB
 Metadata Space Total: 2.147GB
 Metadata Space Available: 2.146GB
 Thin Pool Minimum Free Space: 10.74GB
 Deferred Removal Enabled: true
 Deferred Deletion Enabled: true
 Deferred Deleted Device Count: 0
 Library Version: 1.02.107-RHEL7 (2015-10-14)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: c4446665cb9c30056f4998ed953e6d4ff22c7c39
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-327.4.5.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 615.2MiB
Name: localhost.localdomain
ID: B2VY:FO47:USXN:LXSE:V6YP:WW44:366C:7LE7:CC7V:HVFC:T3OL:WG6J
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: aceq2018
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Registry Mirrors:
 https://duado9su.mirror.aliyuncs.com/
Live Restore Enabled: false
Product License: Community Engine

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
         Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
[root@localhost vagrant]#

info

  inspect     Return low-level information on Docker objects　　　　　　# 查看某個容器的詳細信息
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers　　　　# 刪除容器
  rmi         Remove one or more images　　　　　　 # 刪除鏡像
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information

Client:
 Version:           18.09.0
 API version:       1.39
 Go version:        go1.10.4
 Git commit:        4d60db4
 Built:             Wed Nov  7 00:48:22 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.0
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.4
  Git commit:       4d60db4
  Built:            Wed Nov  7 00:19:08 2018
  OS/Arch:          linux/amd64
  Experimental:     false

version

  wait        Block until one or more containers stop, then print their exit codes
  Run 'docker COMMAND --help' for more information on a command.

docker run -it
-i    交互式界面
-t    開啓一個終端
-d　　後臺
-c    指定shell語法
docker run -d centos /bin/sh -c 'while true;do echo hello;sleep 1 ;done'

依附容器           docker    attach
構建容器           docker    build
提交容器           docker    commit
複製文件至宿主機    docker    cp
建立容器           docker    create
查看容器變化        docker    diff
查看事件           docker    events
進入容器           docker    exec
導出鏡像           docker    export
查看鏡像歷史        docker    history
查看本地鏡像        docker    images
導入容器           docker    import
查看docker信息     docker    info
查看詳細信息        docker    inspect
殺死容器            docker    kill
導入鏡像            docker    load
登錄倉庫            docker    login
登出倉庫            docker    logout
查看容器日誌        docker    logs
管理網絡            docker  network
管理節點            docker    node
暫停容器            docker    pause
查看容器端口        docker    port
查看本地容器        docker    ps
拉取鏡像            docker    pull
推送鏡像            docker    push
容器重命名          docker    rename
重啓容器            docker    restart
刪除容器            docker    rm
刪除鏡像            docker    rmi
運行容器            docker    run
導出鏡像            docker  save
搜索鏡像            docker  search
管理服務            docker  service
啓動容器            docker    start
查看容器狀態        docker    status
中止容器            docker    stop
管理集羣            docker    swarm
設置標籤            docker    tag
查看容器進程        docker    top
恢復暫停容器        docker    unpause
更新容器            docker    update
查看版本            docker    version
管理數據卷          docker    volume
設置等待            docker  wait

docker鏡像

apline是一個用來構建很是小的鏡像文件的微型髮型版，提供基礎運行環境，但缺乏調試工具

未來的鏡像可能不會來自docker hub，其中的鏡像可能不會知足咱們的需求，---->本身編織--->私有registry

# docker pull <registry>[:<port>]/[<namespace>/]<name>:<tag>
# docker pull             quay.io/coreos/flannel:v0.010.0-amd64

docker    image    pull    nginx:1.14-apline　　　　# 來下版本爲1.14-apline 的 nginx

docker run --name b1 -it busybox
docker run --name redis1  -d redis
本地沒有鏡像也沒關係，只要能搜到，    docker中運行的程序必定不能運行在後臺
啓動容器時，docker damon會試圖從本地獲取相關的鏡像；本地沒有將從registry中下載該鏡像並保存到本地

docker的registry

Repository 
　　由某特定的docker鏡像的全部迭代版本組成的鏡像倉庫
　　一個registry中能夠存在多個repository
　　　　Repository 可分爲頂層倉庫和用戶倉庫
　　　　用戶倉庫名稱格式爲  用戶名/倉庫名
　　每一個倉庫能夠包含多個Tag，每一個標籤對應一個鏡像

Index
　　維護用戶帳戶、鏡像的校驗以及公共命名空間的信息
　　至關於爲registry提供了一個完成用戶認證等功能的檢索接口

Registry用於保存docker鏡像，包括鏡像的層次結構和元數據
用戶可自建registry，也能夠使用官方的docker hub

分類
Sponsor    registry     第三方的registry ,供客戶和docker社區使用
Mirror 　 　Registry     第三方的registry，只讓客戶使用
Vendor 　 　registry     由發佈Docker鏡像的供應商提供的registry
Private 　　registry     經過設有防火牆和額外的安全層的私有實體提供的registry

docker 的Hub

docker鏡像的製做

Dockerfile 專門製做鏡像的

基於容器製做   commit   會把容器的可寫層單首創建一個鏡像

Docker Hub  automated  builds 內部仍是調用的dockerfile

基於容器製做

給鏡像添加標籤

刪除標籤

docker image rm aceq2018/bbox:v0.0.1

當我建立完鏡像後，發現默認命令仍是基礎鏡像的命令

咱們只須要在建立鏡像的時候指定-c參數就能夠修改了

推鏡像到docker hub

推到阿里雲，阿里雲控制檯有教程，

密碼是單獨設置的

打包保存鏡像

只要拷貝到了那臺機器有docker就能夠運行

加載鏡像文件

缺陷：run的時候若是沒有鏡像仍是到registry拉鏡像，所以必須本地須要提早準備好node

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。