kubernetes（一）之Docker基礎入門

時間 2020-06-19

標籤 kubernetes docker 基礎入門欄目 Docker 简体版

原文原文鏈接

Docker入門

容器的定義

運行在用戶空間的獨立進程
與其餘的用戶空間程序是相互隔離
一個容器運行在一個單獨的用戶空間
底層是單獨的內核空間

發展歷史

FreeBSD jail， 2000
Linux VServer ,2001
- CGroups
- NameSpace
- LXC
Docker ，2010
- libcontainer
- runC

docker容器編排三劍客

docker-mechine
docker-swarm
docker-compose

Linux NameSpace

用於在一個抽象層上封裝一個全局級別的能夠進行切分的系統資源，主要以下的七個個級別的系統資源

NameSpaces	Constant	Isolates
Cgroup	CLONE_NEWCGROUP	Cgroup root directory,調派底層的cpu,內存,IO資源給容器
IPC	CLONE_NEIPC	System V IPC,POSIX message queues
NETWORK	COLNE_NENET	NetWork devices,stacks,ports,etc
Mount	ClONE_NEWNS	MountPoints
PID	COLNE_NEW_PID	Process PID
Users	COLNE_USER	User and Group IDs
UTS	CLONE_NEW_UTS	Hostname and NIS domain name

docker的版本

docker-ee
docker-ce

Docker的架構

docker的安裝

系統： centos7+
初始化：配置主機名&ip略過

[root@centos7-node1 ~]# systemctl stop firewalld && systemctl disable firewalld
[root@centos7-node1 ~]# sed -i "s/SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config && reboot -f
[root@centos7-node1 ~]# yum install chrony wget curl git -y && systemctl enable chronyd && systemctl start chronyd && timedatectl set-timezone Asia/Shanghai && timedatectl set-ntp yes    #時間同步
[root@centos7-node1 ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@centos7-node1 ~]# yum -y install epel-release
[root@centos7-node1 ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf  &&  sysctl -p

docker的安裝和配置

# step 1: 安裝必要的一些系統工具
 yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加軟件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新並安裝Docker-CE
yum makecache fast
yum -y install docker-ce

# 新增配置文件
 mkdir -p /etc/docker
 tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://0b8hhs68.mirror.aliyuncs.com"],
  "storage-driver": "overlay2",
  "graph":"/data/docker",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF
# 重載服務
sudo systemctl daemon-reload
sudo systemctl restart docker

docker 環境相關命令

docker info     #查看docker 信息
docker version   #查看版本信息

鏡像相關命令

[root@centos7-node1 ~]# docker image -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image COMMAND
Manage images
Commands:
  build Build an image from a Dockerfile
  history Show the history of an image
  import Import the contents from a tarball to create a filesystem image
  inspect Display detailed information on one or more images
  load Load an image from a tar archive or STDIN
  ls List images
  prune Remove unused images
  pull Pull an image or a repository from a registry
  push Push an image or a repository to a registry
  rm Remove one or more images
  save Save one or more images to a tar archive (streamed to STDOUT by default)
  tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

容器相關命令

[root@centos7-node1 ~]# docker container -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker container COMMAND
Manage containers
Commands:
  attach Attach local standard input, output, and error streams to a running container
  commit Create a new image from a container's changes
  cp Copy files/folders between a container and the local filesystem
  create Create a new container
  diff Inspect changes to files or directories on a container's filesystem
  exec Run a command in a running container
  export Export a container's filesystem as a tar archive
  inspect Display detailed information on one or more containers
  kill Kill one or more running containers
  logs Fetch the logs of a container
  ls List containers
  pause Pause all processes within one or more containers
  port List port mappings or a specific mapping for the container
  prune Remove all stopped containers
  rename Rename a container
  restart Restart one or more containers
  rm Remove one or more containers
  run Run a command in a new container
  start Start one or more stopped containers
  stats Display a live stream of container(s) resource usage statistics
  stop Stop one or more running containers
  top Display the running processes of a container
  unpause Unpause all processes within one or more containers
  update Update configuration of one or more containers
  wait Block until one or more containers stop, then print their exit codes

實踐

鏡像實踐

[root@centos7-node1 ~]# docker search redis    #查找redis鏡像
[root@centos7-node1 ~]# docker pull redis:4-alpine    #拖鏡像
[root@centos7-node1 ~]# docker images    #查看全部鏡像
[root@centos7-node1 ~]# docker inspect redis:4-alpine     #查看鏡像詳情
[root@centos7-node1 ~]# docker rmi redis:4-alpine           #刪除鏡像
[root@centos7-node1 ~]# docker image save redis:4-alpine -o redis.tar     #導出鏡像
[root@centos7-node1 ~]# docker image load -i redis.tar         #導入鏡像

登錄本身的阿里雲容器鏡像控制檯，建立命名空間，而後在建立一個redis的本地鏡像倉庫
node

接下來就是比較經常使用的本身上傳鏡像到阿里雲redis鏡像倉庫linux

[root@centos7-node1 ~]# docker login --username=valiente0822 registry.cn-hangzhou.aliyuncs.com   #登錄個人阿里雲docker鏡像倉庫
[root@centos7-node1 ~]# docker image tag redis:4-alpine registry.cn-hangzhou.aliyuncs.com/myimgs/redis:4-alpine   #拷貝並修改tag
[root@centos7-node1 ~]# docker push registry.cn-hangzhou.aliyuncs.com/myimgs/redis:4-alpine    #上傳鏡像
[root@centos7-node1 ~]# docker pull registry.cn-hangzhou.aliyuncs.com/myimgs/redis:4-alpine      #下載鏡像

注意事項：git

建立的若是是阿里雲私有倉庫，pull鏡像的時候須要docker login以後才能pull

容器實踐

[root@centos7-node1 ~]# docker image pull centos:7   #拉取鏡像
[root@centos7-node1 ~]# docker container run -it --name c1 centos:7 /bin/bash    #交互式運行容器
[root@centos7-node1 ~]# iptables -t nat -vnL    #新開終端，發現有nat iptables規則
[root@centos7-node1 ~]# docker ps -a             #查看運行或者中止狀態的容器
[root@centos7-node1 ~]# docker start c1          #啓動容器
[root@centos7-node1 ~]# docker ps                  #查看運行狀態的容器