1、瞭解虛擬機和容器的區別
虛擬機的構成:php
- 虛擬硬件(CPU、內存、磁盤、網絡)
- 鏡像(安裝系統)
容器的構成:
3. 進程,能夠經過殺死和開啓進程來控制容器
4. 容器能夠理解成一種環境,能夠運行一種服務,也能夠運行一種系統
html
虛擬技術兩大生態圈:linux
- OpenStack ----虛擬機
- Kubernetes ----容器
虛擬機和容器的區別:nginx
| 虛擬機 | 容器 | |
|---|---|---|
| 資源佔用 | 資源佔用多 | 資源佔用少 |
| 啓動時間 | 30~60秒 | 毫秒級別 |
| 安全性 | 系統隔離,安全性高 | 內核共享,安全性低 |
| 彈性擴展 | 執行時間長(虛擬機建立後還須要再安裝系統) | 執行時間短(容器直接再開一個進程) |
2、Docker概述
Docker核心概念web
- 鏡像
◆ 一個面向Docker容器引擎的只讀模板 - 容器
◆ 從鏡像建立的運行實例 - 倉庫
◆集中保存鏡像的地方
Docker是什麼?redis
- 是一種輕量級的「虛擬機」
- 在Linux容器裏運行應用的開源工具
Docker的使用場景:docker
- 打包應用程序簡化部署
- 可脫離底層硬件任意遷移
● 例:服務器從騰訊雲遷移到阿里雲
CentOS安裝Docker的兩種方式:apache
- 使用CURL得到Docker的安裝腳本進行安裝
- 使用YUM倉庫來安裝Docker
3、安裝Docker
1.安裝依賴包
[root@localhost ~]# yum -y install yum-utils device-mapper-persistent-data lvm2 #yum-utils 提供了yum-config-manager程序命令(後面用來添加docker的鏡像源) #device mapper 存儲驅動程序須要device-mapper-persistent-data 和 lvm2 邏輯卷,它爲實現用於存儲資源管理的快設備驅動提供了一個高度模塊化的內核架構
2.設置阿里鏡像源
[root@localhost ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo [root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost yum.repos.d]# ls ##多出了docker-ce的yum庫 CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo *docker-ce.repo*
3.安裝Docker-CE
[root@localhost ~]# yum install -y docker-ce ##安裝docker-ce [root@localhost ~]# systemctl start docker [root@localhost ~]# systemctl status docker ● docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2020-11-09 22:40:26 CST; 9s ago Docs: https://docs.docker.com Main PID: 2073 (dockerd) Memory: 41.9M
4、docker常規操做
1.鏡像加速(提升鏡像下載速度)
阿里雲提供免費的鏡像加速服務,在阿里雲官網註冊阿里帳號後能夠領取加速地址
json
2.優化網絡
[root@localhost docker]# vi /etc/sysctl.conf net.ipv4.ip_forward = 1 ##開啓路由轉發功能 [root@localhost docker]# sysctl -p net.ipv4.ip_forward = 1 [root@localhost docker]# systemctl restart network [root@localhost docker]# systemctl restart docker [root@localhost docker]# docker version ##查看版本信息 Client: Docker Engine - Community Version: 19.03.13 API version: 1.40 Go version: go1.13.15 Git commit: 4484c46d9d Built: Wed Sep 16 17:03:45 2020 OS/Arch: linux/amd64 Experimental: false ……省略部分
3.鏡像操做
[root@localhost ~]# docker search nginx ##查找上架的鏡像,查找出的鏡像會根據星級熱度(STARS)進行排名,下載次數越多,熱度越高 NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13981 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1906 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 791 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 128 jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 109 tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 103 [OK] bitnami/nginx Bitnami nginx Docker Image 90 [OK] alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 80 [OK] jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 66 [OK] [root@localhost ~]# docker pull nginx ##下載nginx鏡像,結合pull選項。 Using default tag: latest ……省略部分 1966ea362d23: Pull complete Digest: sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest [root@localhost ~]# cd /var/lib/docker/image/overlay2/ 鏡像信息存在/var/lib/docker/image/overlay2/repositories.json 文件中 [root@localhost overlay2]# ls distribution imagedb layerdb repositories.json [root@localhost overlay2]# cat repositories.json { "Repositories":{ "nginx":{ "nginx:latest":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1","nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1"}} [root@localhost ~]# docker images ##鏡像列表中有nginx鏡像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost overlay2]# docker inspect c39a868aad02 ##docker inspect 鏡像ID,能夠查看鏡像的詳細信息 [ { "Id": "sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1", "RepoTags": [ "nginx:latest" ], "RepoDigests": [ "nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b" ], "Parent": "", "Comment": "", "Created": "2020-11-05T18:21:10.923474978Z", "Container": "16434ccbe2eab08b0e7e63149c390b8a346c8cf92899ba6063c1b2653628f3c1", "ContainerConfig": { "Hostname": "16434ccbe2ea",
添加鏡像標籤(至關於添加別名,鏡像ID不變)vim
[root@localhost ~]# docker images ##查看鏡像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker tag nginx:latest nginx:new ##修改nginx鏡像標籤latest爲new [root@localhost ~]# docker images ##再次查看鏡像列表,多出了一個鏡像名 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB
鏡像刪除(兩種方式:1.基於"鏡像名:標籤"刪除,2.基於鏡像ID刪除)
格式:docker rmi 鏡像ID或者鏡像名
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi c39a868aad02 #0#'當該鏡像ID存在多個鏡像名時,是沒法使用鏡像ID刪除鏡像的,會報以下錯誤' Error response from daemon: conflict: unable to delete c39a868aad02 (must be forced) - image is referenced in multiple repositories [root@localhost ~]# docker rmi nginx:latest #0# 結合rmi,刪除標籤爲latest的鏡像 Untagged: nginx:latest [root@localhost ~]# docker images #0#查看鏡像列表,刪除成功 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi c39a868aad02 ## 當該鏡像只有一個映射關係時(即只有一個鏡像名),兩種方法均可以刪除鏡像 Untagged: nginx:new Untagged: nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b Deleted: sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1 Deleted: sha256:1af47386c12cb24b362bd785e71058ab675fbdcbda8e7a7ba0dd10c3cff75a2a Deleted: sha256:25ee02f9e42f8cdca7ca8bc522cb69ac4a86a55401818a13c7a01e52a81894fe Deleted: sha256:b1d2bc3292aa3d64794f99d2885d35b454993b4af24ad350a969d27925db7ebb Deleted: sha256:4216e20d59f9fc90bccdd14493452532806d4803a25514366de2a9c5560624d0 Deleted: sha256:d0fe97fa8b8cefdffcef1d62b65aba51a6c87b6679628a2b50fc6a7a579f764c [root@localhost ~]# docker images #0#再次查看鏡像列表,刪除成功 REPOSITORY TAG IMAGE ID CREATED SIZE
保存鏡像到文件中
[root@localhost ~]# docker pull nginx #0#從新下載nginx鏡像 [root@localhost ~]# docker images #0#查看鏡像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]#docker save -o /opt/nginx.img nginx:latest ##save表示保存,-o指輸出到文件中,將nginx:latest鏡像保存到/opt/nginx.img文件中 [root@localhost ~]# ls -lh /opt/ #0#看到新生成的鏡像文件 total 131M drwx--x--x 4 root root 28 Nov 9 22:40 containerd -rw------- 1 root root 131M Nov 10 03:05 nginx.img #0#文件被進行了微壓縮 drwxrwxr-x 6 root root 334 Oct 27 14:49 redis-5.0.10 drwxr-xr-x. 2 root root 6 Mar 26 2015 rh
將導出的鏡像文件中的鏡像導入到鏡像列表(有兩種方式導入)
[root@localhost ~]# docker images #0#查看鏡像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi nginx:latest #0#刪除鏡像 [root@localhost ~]# docker images #0#列表爲空 REPOSITORY TAG IMAGE ID CREATED SIZE //方式一:load < [root@localhost ~]# docker load </opt/nginx.img #0#導入到鏡像列表 d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB 2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB 2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB 7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: nginx:latest [root@localhost ~]# docker images #0#查看列表,鏡像成功導入回來 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi nginx:latest #0#再次刪除鏡像 //方法二:load -i [root@localhost ~]# docker load -i /opt/nginx.img d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB 2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB 2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB 7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: nginx:latest [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB
4.容器操做
建立容器
格式:docker create -it 鏡像 /bin/bash
[root@localhost ~]# docker ps -a #0#查看全部容器,如今爲空 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@localhost ~]# docker create -it nginx:latest /bin/bash #0#建立容器,後面加上/bin/bash提供bash環境,方便下次進入容器中進行操做 fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295 [root@localhost ~]# docker ps -a #0#再次查看,有一個新的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 seconds ago Created friendly_zhukovsky [root@localhost ~]# docker ps -a #0#此時狀態是被建立狀態,還未啓動 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 6 minutes ago Created friendly_zhukovsky
啓動容器
格式:docker start 容器ID
[root@localhost ~]# docker start fc33df602e20 #0#「docker start 容器ID」命令來啓動容器,開啓後位「UP」狀態 fc33df602e20 [root@localhost ~]# docker ps -a #0#容器啓動成功,爲Up狀態,而且開通了80容器端口 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 13 minutes ago Up About a minute 80/tcp friendly_zhukovsky
關閉容器
格式:docker stop 容器ID
處於up狀態的容器會一直佔用資源,能夠利用stop關閉容器,須要時在開啓
[root@localhost ~]# docker stop fc33df602e20 #0#結合stop命令關閉容器 fc33df602e20 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Exited (0) 2 seconds ago friendly_zhukovsky
刪除容器
格式:docker rm 容器ID
注意:
- 當鏡像存在於容器中時,是沒法被刪除的(不管容器處於任何狀態),只有先刪除容器,才能刪除對應的鏡像
- 運行中的容器沒法被刪除,必須先中止
[root@localhost ~]# docker images #0#查看鏡像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker ps -a #0#查看容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 19 minutes ago Up 17 minutes clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker rmi centos:7 ##鏡像存在於容器中時刪除會報錯 Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8 [root@localhost ~]# docker stop a66dfe602b99 ##中止容器 a66dfe602b99 [root@localhost ~]# docker rmi centos:7 ##再次刪除仍是會報一樣的錯誤 Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8 [root@localhost ~]# docker rm a66dfe602b99 #0#先刪除容器 a66dfe602b99 [root@localhost ~]# docker rmi centos:7 ##以後刪除鏡像,就能成功刪除了 Untagged: centos:7 Untagged: centos@sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b Deleted: sha256:7e6257c9f8d8d4cdff5e155f196d67150b871bbe8c02761026f803a704acb3e9 Deleted: sha256:613be09ab3c0860a5216936f412f09927947012f86bfa89b263dfa087a725f81 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up 1 second 80/tcp friendly_zhukovsky [root@localhost ~]# docker rm fc33df602e20 #0#刪除運行中的容器會報錯 Error response from daemon: You cannot remove a running container fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295. Stop the container before attempting removal or force remove
docker run執行指令後直接關閉容器(-c:指定指令)
- docker run結合-c指令,會自動檢查鏡像,沒有就建立,有就繼續建立容器,並執行-c指定的指令,執行完畢後關閉容器(至關於完成了鏡像下載,容器建立,開啓容器並執行指令,關閉容器這幾個步驟的集合)
- 執行完指令就釋放資源
- 適用於併發式的計算,數據分析,數據篩查,數據過濾
[root@localhost ~]# docker run centos:7 /bin/bash -c ls / ##docker run自動識別鏡像和容器(無則建立)並執行指令 Unable to find image 'centos:7' locally ##先檢查是否有鏡像,沒有 7: Pulling from library/centos ##下載鏡像 75f829a71a1c: Pull complete Digest: sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b Status: Downloaded newer image for centos:7 anaconda-post.log bin ##執行 ls / 查看根目錄的指令 dev etc ……省略部分 [root@localhost ~]# docker ps -a ##查看容器信息,處於Exited狀態,且返回值爲0,執行完指令直接釋放資源 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b7f81177db4f centos:7 "/bin/bash -c ls /" 3 minutes ago Exited (0) 3 minutes ago nice_lederberg
docker run後 -c 指定一個while死循環指令,能夠實現後臺一直運行
[root@promote ~]# docker run centos:7 /bin/bash -c "while :;do echo hello && sleep 2;done" #0#docker run -c 指定死循環 [root@promote ~]# docker ps -a ##查看容器狀態,一直處於up狀態,COMMAND指令死循環。 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 86c37e78a339 centos:7 "/bin/bash -c 'while…" 57 seconds ago Up 56 seconds charming_tu docker stop 86c37e78a339 ##關閉容器,結束死循環 [root@localhost ~]# docker exec 12ab522157ec /bin/bash ##關閉的容器是沒法進入的 Error response from daemon: Container 12ab522157ecb285d05284a4d54e8dd9e5896bab2fb1af9e730313fee35215d8 is not running
導出容器到文件(結合export選項)
格式:docker export 容器ID >文件
- 注意:處於Up狀態下的容器也是能夠執行導出操做的
[root@localhost ~]# docker ps -a ##容器處於Up狀態 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 1 second 80/tcp friendly_zhukovsky docker export fc33df602e20 >/opt/nginx-c.img ##將容器導出到/opt/nginx-c.img文件中 [root@localhost ~]# ll -h /opt/nginx-c.img -rw-r--r-- 1 root root 130M Nov 10 06:33 /opt/nginx-c.img
導入容器(容器的導入只會生成鏡像,而不會建立容器)
[root@localhost ~]# cat /opt/nginx-c.img |docker import - nginx:web sha256:79222cd5cf4e7312fb660f9a5788e75e39fa83b2c71565b168f325d6db96b2d3 [root@localhost ~]# docker images ##生成了新的鏡像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx web 79222cd5cf4e 3 minutes ago 131MB nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker ps -a ##並無生成新的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 10 minutes 80/tcp friendly_zhukovsky
5.容器的批量處理
批量刪除容器
##首先多建立幾個容器 [root@localhost ~]# docker create -it nginx:web /bin/bash 5394d441b796e35a5e6bacfe8a8cb0abb24e75170e2b6a7be2749a4bae4cabf5 [root@localhost ~]# docker create -it centos:7 /bin/bash 4d00a6509e24469f8206eed4cd8803461c1ef31353b543a6dd3ff5df6f8d6520 [root@localhost ~]# docker ps -a #0#有三個容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4d00a6509e24 centos:7 "/bin/bash" About a minute ago Created gracious_rosalind 5394d441b796 nginx:web "/bin/bash" About a minute ago Created happy_hawking fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Exited(0) 14 minutes 80/tcp friendly_zhukovsky [root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker rm " $1}' |bash ##批量刪除容器 4d00a6509e24 5394d441b796 fc33df602e20 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
批量建立容器
[root@localhost ~]# docker images |awk 'NR!=1 {print "docker create -it " $3 " /bin/bash"}' |bash ##過濾出鏡像ID並執行建立,實現批量建立 8c9a15a9d97ff593ae370468f04dd2e11f666df27ea130d6c5eabdb5c312eb7e 3ba2e19b89a07fa6f22cc63ab3fa0f3c8d60e54b9fbf4318e6a0c442c0ce4fac c34d3e800e29eeab0d304cde07d2b2dd0903a4c9a8028afe08b819793fad2c96 [root@localhost ~]# docker ps -a ##批量建立成功 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c34d3e800e29 7e6257c9f8d8 "/bin/bash" About a minute ago Created kind_jepsen 3ba2e19b89a0 c39a868aad02 "/docker-entrypoint.…" About a minute ago Created flamboyant_herschel 8c9a15a9d97f 79222cd5cf4e "/bin/bash" About a minute ago Created laughing_bardeen
批量開啓容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker start " $1}' |bash ##批量開啓 32c5a88d27af 3eb37149b0d7 4978744c8ca9 [root@localhost ~]# docker ps -a ##up狀態,開啓成功 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 32c5a88d27af 7e6257c9f8d8 "/bin/bash" 21 seconds ago Up 2 seconds sleepy_robinson 3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 21 seconds ago Up 1 second 80/tcp focused_pasteur 4978744c8ca9 79222cd5cf4e "/bin/bash" 21 seconds ago Up 1 second zealous_hofstadter
批量中止容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker stop " $1}' |bash 32c5a88d27af 3eb37149b0d7 4978744c8ca9 [root@localhost ~]# docker ps -a ##中止狀態 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 32c5a88d27af 7e6257c9f8d8 "/bin/bash" 2 minutes ago Exited (137) 2 seconds ago sleepy_robinson 3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 2 minutes ago Exited (0) 2 seconds ago focused_pasteur 4978744c8ca9 79222cd5cf4e "/bin/bash" 2 minutes ago Exited (0) 2 seconds ago zealous_hofstadter
6.docker0網卡分析
- 當安裝了 decker-ce後,會自動生成一塊docker0的網卡,用於管理docker容器,成爲相似於全部容器的網關,構建出一個局域網管理全部容器。
- 也正由於這張網卡的出現,咱們才須要開啓服務器的路由轉發及NAT功能。
[root@localhost ~]# ifconfig #0#查看網卡信息 docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:c7ff:fe94:64b3 prefixlen 64 scopeid 0x20<link> ether 02:42:c7:94:64:b3 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 16 bytes 1970 (1.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 省略部分
[root@localhost ~]# docker pull centos:7 ##下載CentOS7的鏡像 [root@localhost ~]# docker images ##有CentOS7的鏡像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker create -it centos:7 /bin/bash ##生成鏡像爲CentOS7的容器 a66dfe602b9951b918759af6167fbcf941c947ac80f3c71438a546352a3c165d [root@localhost ~]# docker ps -a #0#查看centos7容器的ID CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 43 seconds ago Created clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker start a66dfe602b99 #0#開啓容器 a66dfe602b99 [root@localhost ~]# docker ps -a #0#up狀態,成功開啓 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 3 minutes ago Up 41 seconds clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker exec -it a66dfe602b99 /bin/bash ##進入容器 [root@a66dfe602b99 /]# [root@a66dfe602b99 /]# yum -y install net-tools #0#下載的是最下內核鏡像,所以想要使用ifconfig,須要安裝net工具 [root@a66dfe602b99 /]# ifconfig #0#查看容器ip,僞終端的本地ip爲172.17.0.3 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet) RX packets 4182 bytes 11991770 (11.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3565 bytes 197037 (192.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@a66dfe602b99 /]# route -n #0#網關是docker0網卡地址 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 [root@a66dfe602b99 /]# exit exit
5、建立Docker鏡像
1.Docker鏡像
- 應用發佈的標準格式
- 支撐一個Docker容器的運行
2.Docker鏡像的建立方法
- 基於已有鏡像建立
- 基於本地模板建立
- 基於Dockerfile建立 (最爲經常使用)
3.基於已有鏡像建立鏡像
基於已有鏡像建立
- 將容器裏面運行的程序及運行環境打包生成新的鏡像
格式:docker comnit [選項] 容器ID/名稱倉庫名稱:[標籤]
-m:說明信息
-a:做者信息
-p:生成過程當中中止容器的運行
[root@localhost ~]# docker ps -a ##有一個正在運行的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5772e1528cac centos:7 "/bin/bash" 29 minutes ago Up 29 minutes suspicious_pare [root@localhost ~]# docker exec -ti 5772e1528cac /bin/bash [root@5772e1528cac /]# echo "hello" >/opt/test.txt #0#建立一個文件,至關於對容器內鏡像進行了修改 [root@5772e1528cac /]# cat /opt/test.txt hello [root@5772e1528cac /]# exit ##退出容器 exit [root@localhost ~]# docker commit -m "new" -a "ltp" 5772e1528cac centos:new #0#建立修改後的新鏡像 sha256:e36096f9a92239753857cfb4c33c6d1347a389632a3f7a22cc9a420499632bcd [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos new e36096f9a922 8 seconds ago 203MB nginx web 79222cd5cf4e About an hour ago 131MB
4.基於本地模板建立
基於本地模板建立
- 經過導入操做系統模板文件生成新的鏡像
- 使用wget命令導入爲本地鏡像
wget http://download.openvz.org/template/precreated-7.0-x86-minimal.tar.gz - 導入成功後可查看本地鏡像信息
docker images lgrep new
[root@localhost ~]# wget http://download.openvz.org/template/precreated/debian-7.0-x86-minimal.tar.gz ##下載鏡像模板 ……省略部分 100%[============================================================================>] 88,436,521 2.43MB/s in 37s [root@localhost ~]# ls debian-7.0-x86-minimal.tar.gz [root@localhost ~]# cat debian-7.0-x86-minimal.tar.gz |docker import - debian:new ##容器導入的方式生成新鏡像 sha256:0e3a830144d7305d263d846fe1c596a8f4c2ea1d5ea0de0d2c6967af23c096e6 [root@localhost ~]# docker images ##有新鏡像產生 REPOSITORY TAG IMAGE ID CREATED SIZE debian new 0e3a830144d7 9 seconds ago 215MB
5.基於Dockerfile建立鏡像
基於Dockerfile建立
- Dockerfile是由一組指令組成的文件Dockerfile結構四部分
● 基礎鏡像信息
● 維護者信息
● 鏡像操做指令
● 容器啓動時執行指令 - Dockerfile每行支持一條指令,每條指令可攜帶多個參數,支持使用以「#"號開頭的註釋
- 鏡像的分紅
- Dockerfile操做指令
| 指令 | 含義 |
|---|---|
| FROM 鏡像 | 指定新鏡像所基於的鏡像,第一條指令必須爲FROM指令,每建立一個鏡像就須要一條FROM指令。 |
| MAINTAINER 名字 | 說明新鏡像的維護人信息 |
| RUN 命令 | 在所基於的鏡像上執行命令,並提交到新的鏡像中 |
| CMD [「要運行的程序」,「參數1」,「參數2」] | 指令啓動容器時要運行的命令或者腳本,Dockerfile只能有一條CMD命令,若是指定多條則只能最後一條被執行(注意,就算指定多條也不會有報錯信息,可是無效) |
| EXPOSE 端口號 | 指定新鏡像加載到Docker時要開啓的端口(容器對外開放的端口) |
| ENV 環境變量 變量值 | 設置一個環境變量的值,會被後面的RUN使用 |
| ADD 源文件/目錄 目標文件/目錄 | 將源文件複製到目標文件,源文件要與Dockerfile位於相同目錄中,或者是一個URL(容器外的文件拷貝到容器內) |
| COPY 源文件/目錄 目標文件/目錄 | 將本地主機上的文件/目錄複製到目標地點,源文件/目錄要與Dockerfile在相同的目錄中(容器內部的拷貝) |
| VOLUME [「目錄」] | 在容器中建立一個掛載點,將容器中的目錄掛載到真機的目錄上(宿主機共享出一個目錄供容器使用) |
| USER 用戶名/UID | 指定運行容器時的用戶 |
| WORKDIR 路徑 | 爲後續的RUN、CMD、ENTRYPOINT指定工做目錄(至關於容器內的cd,切換路徑) |
| ONBUILD 命令 | 指定所生成的鏡像做爲一個基礎鏡像時所要運行的命令 |
| HEALTHCHECK | 健康檢查 |
[root@localhost ~]# mkdir apache ##建立一個存放目錄 [root@localhost ~]# cd apache/ [root@localhost apache]# vim Dockerfile #0#建立Dockerfile文件,注意,必定要是這個文件名,不能改 FROM centos:7 #基於的基礎鏡像 MAINTAINER The porject <cloud-ops@centos.org> #0#維護鏡像的用戶信息(自定義,能夠不寫) RUN yum -y update #0#更新yum倉庫 RUN yum -y install httpd #0#鏡像操做指令安裝apache軟件 EXPOSE 80 #開啓80端口 ADD index.html /var/www/html/index.html #0#複製網站首頁文件到容器/var/www/html/index.html ADD run.sh /run.sh #0#將執行腳本複製到鏡像中 RUN chmod 755 /run.sh ##授予腳本執行權限 CMD ["/run.sh"] #0#啓動容器時執行腳本 [root@localhost apache]# vim run.sh #!/bin/bash rm -rf /run/httpd/* #0#刪除容器中原路httpd的緩存文件 exec /usr/sbin/apachectl -D FOREGROUND ##-D FOREGROUND 前臺運行 [root@localhost apache]# echo "Hello Docker" > index.html #0#生成首頁文件 [root@localhost apache]# docker build -t httpd:centos . #0#構建鏡像,注意末尾有「.」 ##Dockerfile構建鏡像的方式是每執行一個操做就建立一個臨時容器,操做完成後移除臨時容器 Sending build context to Docker daemon 4.096kB Step 1/9 : FROM centos:7 ---> 7e6257c9f8d8 Step 2/9 : MAINTAINER The porject <cloud-ops@centos.org> ##描述信息 ---> Running in 42839a68eb21 ##'建立臨時容器' Removing intermediate container 42839a68eb21 #0#完成後刪除臨時容器 ---> 1e0299f24408 Step 3/9 : RUN yum -y update #1#執行更新yum倉庫 ---> Running in b5f6ede89a2c #1#再次建立臨時容器,而後再移除 ……省略部分 Removing intermediate container 1a7c4de7d2c8 ---> 7a0a23b6969c Step 5/9 : EXPOSE 80 ---> Running in ee11b40f4b00 Removing intermediate container ee11b40f4b00 ---> 6089b87f70bb Step 6/9 : ADD index.html /var/www/html/index.html ---> 984532d2525b Step 7/9 : ADD run.sh /run.sh ---> 9fdecb3739c2 Step 8/9 : RUN chmod 755 /run.sh ---> Running in 65024462dcfc Removing intermediate container 65024462dcfc ---> b2c495c4490a Step 9/9 : CMD ["/run.sh"] ---> Running in ce777dd9f0e8 Removing intermediate container ce777dd9f0e8 ---> 07feb32493c4 Successfully built 07feb32493c4 Successfully tagged httpd:centos [root@localhost apache]# docker run -d -p 1216:80 httpd:centos #0#後臺運行鏡像,而且作端口映射 5b128cf5a4f1ae0ae1ded2d86249ae218a71e601d64ea0f106dac0584981c420 [root@localhost apache]# docker ps -a ##新生成的兩個容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5b128cf5a4f1 httpd:centos "/run.sh" 3 minutes ago Up 3 minutes 0.0.0.0:1216->80/tcp frosty_visvesvaraya 5772e1528cac centos:7 "/bin/bash" 2 hours ago Up 2 hours suspicious_pare
訪問測試(192.168.10.10:1216)