學習Docker(三)
docker:java
介紹;python
鏡像管理;linux
容器管理;nginx
網絡訪問;c++
數據管理;git
鏡像構建;github
私有倉庫;web
核心技術;算法
生產實踐;docker
生態圈;
1、概念:
https://www.docker.com/
Docker is the world’s leading software containerization platform.(build,ship,run)
docker is an open platform for building,shipping and running distributed applications. it gives programmers,development teams and operations engineers the common toolbox they need to take advantage of the distributed and networked nature of modern applications.
Docker是個劃時代的開源項目,它完全釋放了計算虛擬化的威力,極大提升了應用的運行效率,下降了雲計算資源供應的成本,使用 Docker,可讓應用的部署、測試和分發都變得史無前例的高效和輕鬆;不管是應用開發者、運維人員、仍是其餘信息技術從業人員,都有必要認識和掌握Docker,以在有限的時間內作更多有意義的事;
docker用go語言編寫,http2.0,在linuxx86_64環境下運行,LXC;
LXC,Linux Container,能夠提供輕量級的虛擬化,以便隔離進程和資源,並且不須要提供指令解釋機制以及全虛擬化的其餘複雜性,至關於C++中的NameSpace,容器有效地將由單個操做系統管理的資源劃分到孤立的組中,以更好地在孤立的組之間平衡有衝突的資源使用需求,與傳統虛擬化技術相比,它的優點在於:與宿主機使用同一個內核,性能損耗小;不須要指令級模擬;不須要即時(Just-in-time)編譯;容器能夠在CPU核心的本地運行指令,不須要任何專門的解釋機制;避免了準虛擬化和系統調用替換中的複雜性;輕量級隔離,在隔離的同時還提供共享機制,以實現容器與宿主機的資源共享;
Linux Container是一種輕量級的虛擬化的手段;
Linux Container提供了在單一可控主機節點上支持多個相互隔離的server container同時執行的機制,Linux Container有點像chroot,提供了一個擁有本身進程和網絡空間的虛擬環境,但又有別於虛擬機,由於lxc是一種操做系統層次上的資源的虛擬化;
Sourceforge上有LXC這個開源項目,LXC項目自己只是一個爲用戶提供一個用戶空間的工具集,用來使用和管理LXC容器,LXC真正的實現則是靠Linux內核的相關特性,LXC項目只是對此作了整合,基於容器的虛擬化技術起源於所謂的資源容器和安全容器;
LXC在資源管理方面依賴於Linux內核的cgroups子系統,cgroups子系統是Linux內核提供的一個基於進程組的資源管理的框架,能夠爲特定的進程組限定可使用的資源,LXC在隔離控制方面依賴於Linux內核的namespace特性,具體而言就是在clone時加入相應的flag(NEWNS NEWPID等等);
#lxc-checkconfig,該命令用於判斷linux內核是否支持LXC;
containers VS VMs:
VMs(each virtual machine includes the application,the necessary binaries and libraries and an entire guest operating system, all of which may be tens of GBs in size.);
containers(containers include the application and all of its dependencies,but share the kernel with other containers. they run as an isolated process in userspace on the host operating system. they are also not tied to any specific infrastructure, docker containers run on any computer,on any infrastructure and in any cloud.);
虛擬化技術已經改變了現代計算方式,它可以提高系統資源使用效率、消除應用程序和底層硬件之間的依賴關係,同時增強負載的能夠移植性和安全性,可是hypervisor和虛擬機只是部署虛擬負載的方式之一,做爲一種可以替代傳統虛擬化技術的解決方案,容器虛擬化技術憑藉其高效性和可靠性獲得了快速發展,它可以提供新的特性,而且幫助數據中心專家解決新的顧慮,容器和虛擬機之間的主要區別在於虛擬化層的位置和操做系統資源的使用方式:
虛擬機依賴於hypervisor,其一般被安裝在「裸金屬」系統硬件之上,這致使hypervisor在某些方面被認爲是一種操做系統,一旦 hypervisor安裝完成,就能夠從系統可用計算資源當中分配虛擬機實例了,每臺虛擬機都可以得到惟一的操做系統和負載(應用程序);一般,第一臺虛擬機都將會被用來運行系統管理程序,好比Microsoft System Center,而以後的虛擬機可能包含其餘企業負載,好比數據庫、ERP、CRM、郵件服務器、媒體服務器、web服務器或者其餘業務應用;虛擬機之間是徹底隔離的,沒有任何一臺虛擬機知道(或者依賴)相同系統當中的另一臺虛擬機的存在,惡意軟件、應用程序崩潰和其餘問題只能影響一臺虛擬機,虛擬機從一個虛擬系統被移動到另一個當中,而不用考慮系統硬件和操做系統等因素;
而容器環境的工做方式則有所不一樣,對於容器環境來講,須要首先安裝主機操做系統,以後將容器層(好比LXC或libcontainer)安裝在主機操做系統(一般是Linux變種)之上,在安裝完容器層以後,就能夠從系統可用計算資源當中分配容器實例了,而且企業應用能夠被部署在容器當中,可是,每一個容器化應用都會共享相同的操做系統(單個主機操做系統);相比於虛擬機,容器擁有更高的資源使用效率,由於它並不須要爲每一個應用分配單獨的操做系統,實例規模更小、建立和遷移速度也更快,這意味相比於虛擬機,單個操做系統可以承載更多的容器,雲提供商十分熱衷於容器技術,由於在相同的硬件設備當中,能夠部署數量更多的容器實例,然而,單個操做系統有可能引發影響全部相關實例的單點事故,好比,惡意軟件或者主機操做系統崩潰可能禁用或者影響全部容器,此外,容器易於遷移,可是隻能被遷移到具備兼容操做系統內核的其餘服務器當中,這樣會無形中減小遷移選擇;
從實際應用的角度來講,容器和虛擬機能夠在同一個數據中心當中共存,所以這兩種技術被認爲是互補的,爲現代應用程序架構師和數據中心管理員添加了可用工具集,經過不一樣的方式爲應用負載提供支持;
docker組成:docker client、docker server;
docker的整個生命週期(docer組件):p_w_picpath鏡像、container容器、repository倉庫;
注:
運行中的鏡像稱爲容器;
docker的p_w_picpath可與openstack的p_w_picpath比對,一個p_w_picpath就是一個完整的OS,docker的p_w_picpath是隻讀的,啓動container時在read only的p_w_picpath之上加了一層writable層;
container可與kvm的VM比對,docker使用container運行應用,各container也是隔離的,kvm是用VM運行應用;
repository是集中存放p_w_picpath文件的地方,可與openstack的glance比對,可將docker的repository理解爲github(dockerhub)、git-pull(docker-pull);
docker改變了產品交付的方式,不少開源軟件都有docker鏡像(早期不少開源軟件有VM鏡像),下載下來直接運行,省去了複雜的部署;不要把docker容器看成VM鏡像來管理,不建議啓用ssh;docker更適合跑微服務;
docker的全部文件在/var/lib/docker/下,containers/存放容器,graph/存放鏡像;
docker資源隔離,使用LXC,具體是kernel中的namespace(pid;net;ipc;mnt;uts;user);
docker資源限制,cgroups(controlgroups)是Linux內核提供的一種能夠限制、記錄、隔離進程組(process groups)所使用的物理資源(如:cpu,memory,IO等等)的機制,最初由google的工程師提出,後來被整合進Linux內核,Cgroups也是LXC爲實現虛擬化所使用的資源管理手段,能夠說沒有cgroups就沒有LXC;
docker VS openstack:
| 類別 |
docker(PAAS) |
openstack(IAAS) |
| 部署難度 |
很是簡單 |
組件多,部署複雜 |
| 啓動速度 |
s級 |
min級 |
| 執行性能 |
和物理系統幾乎一致 |
VM會佔用一些資源(佔系統資源的6-8%) |
| 鏡像體積 |
MB級 |
GB級 |
| 管理效率 |
管理簡單 |
組件相互依賴,管理複雜 |
| 隔離性 |
隔離性高 |
完全隔離 |
| 可管理性 |
單進程,不建議啓動sshd |
完整的系統管理 |
| 網絡鏈接 |
比較弱 |
藉助neutron可靈活組件各種網絡架構 |
docker使用場景:
simplifying configuration;
developer productivity;
server consolidation;
multi tenancy;
code pipeline management;
app isolation;
debugging capabilities;
rapid deployment;
注:
面對產品;
面對開發;
面對測試(多版本測試);
面對運維;
面對自動化(擴容);
面對微服務;
面對大規模的分佈式架構(微信紅包);
2、操做:
[root@test6 ~]# uname -rm
2.6.32-431.el6.x86_64 x86_64
[root@test6 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.5(Santiago)
[root@test6 ~]# yum update #(#yum -y install kernel*,Docker requires a 64-bit OS and version 3.10 or higher of the Linuxkernel.若在centos7或rhel7上安裝要求內核版本至少爲3.10以上)
[root@test6 ~]# yum -y install docker-io
……
Installed:
docker-io.x86_64 0:1.7.1-2.el6
Dependency Installed:
libcgroup.x86_64 0:0.40.rc1-18.el6_8 lua-alt-getopt.noarch 0:0.7.0-1.el6 lua-filesystem.x86_64 0:1.4.2-1.el6
lua-lxc.x86_64 0:1.0.9-1.el6 lxc.x86_64 0:1.0.9-1.el6 lxc-libs.x86_64 0:1.0.9-1.el6
Complete!
[root@test6 ~]# /etc/init.d/docker start
Starting cgconfig service: [ OK ]
Starting docker: [ OK ]
[root@test6 ~]# /etc/init.d/docker restart
Stopping docker: [FAILED]
Starting docker: [ OK ]
[root@test6 ~]# ps aux | grep docker
root 42806 0.1 1.5 227004 15948 pts/0 Sl 20:19 0:00 /usr/bin/docker -d
root 42875 0.0 0.0 103316 840 pts/0 S+ 20:22 0:00 grep docker
#docker -v #(-v, --version=false,Print version information and quit)
#docker version #(Show the Docker version information,查看docker的版本號,包括客戶端、服務端、依賴的Go等)
#docker info #(Display system-wide information,查看系統(docker)層面信息,包括管理的p_w_picpaths, containers數等)
# docker search [OPTIONS] TERM #(Search for an p_w_picpath on the Docker Hub,搜索鏡像)
# docker pull [OPTIONS] NAME[:TAG|@DIGEST] #(Pull an p_w_picpath or a repository from a Docker registry server,獲取鏡像)
# docker p_w_picpaths [OPTIONS] [REPOSITORY] #(List p_w_picpaths查看鏡像;
-a, --all=false,Show all p_w_picpaths (default hides intermediate p_w_picpaths)列出全部p_w_picpaths包含歷史隱藏的)
# docker rmi [OPTIONS] IMAGE [IMAGE...] #(Remove one or more p_w_picpaths刪除鏡像)
# docker run [OPTIONS] IMAGE [COMMAND][ARG...] #(Run a command in a new container,#docker run --help;
-h, --hostname=,Containerhost name;
--name=,Assign a name to the container;
-i, --interactive=false,Keep STDIN open even if not attached;
-t, --tty=false,Allocate apseudo-TTY;
-d, --detach=false,Run container in background and print container ID;
--restart=no,Restart policy to apply when a container exits;
-P, --publish-all=false,Publish all exposed ports to random ports,隨機映射;
-p, --publish=[],Publish a container's port(s) to the host,映射HOST端口到容器,方便外部訪問容器內服務,host_port能夠省略,省略表示把container_port映射到一個動態端口;
-v, --volume=[],Bind mount avolume;
--volumes-from=[],Mount volumes from the specified container(s);
-c, --cpu-shares=0,CPU shares(relative weight);
--cpuset-cpus=,CPUs in which to allow execution (0-3, 0,1);
-m, --memory=,Memory limit;
--rm=false,Automatically remove the container when it exits)
注(-P隨機映射;-p指定映射):
-P #(隨機映射)
-p hostPort:containerPort
-p ip:hostPort:containerPort #(多IP時使用指定的IP)
-p ip::containerPort #(多IP時使用指定的IP)
-p hostPort:containerPort -p hostPort:containerPort
#docker ps [OPTIONS] #(List containers;
-a, --all=false,Show all containers (default shows just running);
-l, --latest=false,Show the latest created container, include non-running;
-q, --quiet=false,Only display numeric IDs,僅列出正在運行的容器的CONTAINER ID)
#docker port [OPTIONS] CONTAINER[PRIVATE_PORT[/PROTO]] #(Lookup the public-facing port that is NAT-ed to PRIVATE_PORT,查看本地哪一個Port映射到container的指定port,用#docker ps也可看到)
例:
#docker port CONTAINER_ID CONTAINER_PORT
注:端口映射是docker比較重要的一個功能,緣由在於咱們每次運行容器的時候容器的IP地址不能指定而是在橋接網卡的地址範圍內隨機生成的,宿主機的IP地址是固定的,咱們能夠將容器的端口的映射到宿主機器上的一個端口,免去每次訪問容器中的某個服務時都要查看容器的IP的地址,對於一個運行的容器,可使用docker port加上容器中須要映射的端口和容器的ID來查看該端口號在宿主機器上的映射端口;
#docker start|stop|restart [OPTIONS] CONTAINER [CONTAINER...] #(Start a stopped container;Stop a running container;Restart a running container)
#docker stats [OPTIONS] CONTAINER [CONTAINER...] #(Display a stream of a containers' resource usage statistics,查看指定容器資源使用狀態信息)
#docker rm [OPTIONS] CONTAINER [CONTAINER...] #(Remove one or more containers)
#docker rm `docker ps -a -q` #(同#docker ps -a -q | xargs docker rm,刪除全部容器)
#docker exec [OPTIONS] CONTAINER COMMAND [ARG...] #(Run a command in a running container,進入正在運行的容器)
[root@test6 ~]# which nsenter #(此命令在util-Linux包裏,使用此命令可訪問指定進程的namespace)
/usr/bin/nsenter
#man nsenter
-t, --target pid,Specify a target process to get contexts from.;
-m, --mount[=file],Enter the mount namespace.If no file is specified, enter the mount namespace of the target process. If file is specified, enter the mount namespace specified by file.;
-u, --uts[=file],Enter the UTS namespace. If no file is specified,enter the UTS namespace of the target process. If file is specified, enter the UTS namespace specified by file.;
-i, --ipc[=file],Enter the IPC namespace. If no file is specified,enter the IPC namespace of the target process. If file is specified, enter the IPC namespace specified by file.;
-n, --net[=file],Enter the network namespace. If no file is specified, enter the network namespace of the target process. If file is specified, enter the network namespace specified by file.;
-p, --pid[=file],Enter the PID namespace. If no file is specified, enter the PID namespace of the target process. If file is specified,enter the PID namespace specified by file.)
#docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...] #(Return low-level information on a container or p_w_picpath;
-f, --format=,Format the output using the given go template)
生產中進入容器的方法:
方一:
#docker inspect --format "``.`State`.`Pid `" nginx_test1 #(獲取容器pid)
#nsenter --target <PID> --mount --uts --ipc --net --pid
方二:
https://github.com/yeasy/docker_practice/archive/v0.8.tar.gz
https://github.com/yeasy/docker_practice/blob/master/_local/.bashrc_docker #(複製此文件的代碼到/root/.bashrc裏)
[root@test6 ~]# echo "[ -f ~/.bashrc_docker ] && . ~/.bashrc_docker" >> ~/.bashrc ; source ~/.bashrc
#docker-pid CONTAINER_ID
#docker-ip CONTAINER_ID
#docker-enter CONTAINER_ID COMMAND
將運行中的容器生成新的鏡像:
#docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] #(Create a new p_w_picpath from a container's changes;
-m, --message=,Commit message)
持久化容器:
#docker export [OPTIONS] CONTAINER #(Stream the contents of a container as a tar archive;
-o, --output=,Write to a file,instead of STDOUT)
例:
#docker export CONTAINER_ID >/tmp/export.tar
#cat /tmp/export.tar | docker import -export:lastest #(導入持久化容器)
持久化鏡像:
#docker save [OPTIONS] IMAGE [IMAGE...] #(Save an p_w_picpath to a tar archive;
-o, --output=,Write to an file,instead of STDOUT)
例:
#docker save IMAGE_ID > /tmp/save.tar
#docker load < /tmp/save.tar #(導入持久化鏡像)
給p_w_picpath打tag:
#docker tag [OPTIONS] IMAGE[:TAG] [REGISTRYHOST/] [USERNAME/]NAME[:TAG] #(Tag an p_w_picpath into a repository)
例:
#docker tag CONTAINER_ID load:tag
注:export&import與save&load的區別:
導出後再導入(export&import)的容器會丟失全部的歷史,而保存後再加載(save-load)的鏡像沒有丟失歷史和層(layer),這意味着使用導出後再導入的方式,你將沒法回滾到以前的層(layer),同時,使用保存後再加載的方式持久化整個鏡像,就能夠作到層回滾,(能夠執行docker tag 來回滾以前的層);
#docker build [OPTIONS] PATH | URL | - #(Build an p_w_picpath from a Dockerfile;
-t, --tag=,Repository name (and optionally a tag) for the p_w_picpath;
#docker logs [OPTIONS] CONTAINER #(Fetch the logs of a container,查看docker實例運行日誌)
[root@test6 ~]# docker -v
Docker version 1.7.1, build 786b29d/1.7.1
[root@test6 ~]# docker version
Client version: 1.7.1
Client API version: 1.19
Go version (client): go1.4.2
Git commit (client): 786b29d/1.7.1
OS/Arch (client): linux/amd64
Server version: 1.7.1
Server API version: 1.19
Go version (server): go1.4.2
Git commit (server): 786b29d/1.7.1
OS/Arch (server): linux/amd64
[root@test6 ~]# docker info
Containers: 2
Images: 4
Storage Driver: devicemapper
PoolName: docker-8:2-807654-pool
PoolBlocksize: 65.54 kB
Backing Filesystem: extfs
Datafile: /dev/loop0
Metadata file: /dev/loop1
DataSpace Used: 580.1 MB
DataSpace Total: 107.4 GB
DataSpace Available: 5.508 GB
Metadata Space Used: 1.044 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.146 GB
UdevSync Supported: true
Deferred Removal Enabled: false
Dataloop file: /var/lib/docker/devicemapper/devicemapper/data
Metadata loop file:/var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.117-RHEL6 (2016-08-15)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 2.6.32-431.el6.x86_64
Operating System: <unknown>
CPUs: 1
Total Memory: 980.9 MiB
Name: test6
ID:MTK4:OGCH:THXB:BD6H:KEUT:BJQV:JQ52:7JCE:ODY7:U4EH:PPD5:TMBL
[root@test6 ~]# docker search centos #(Search foran p_w_picpath on the Docker Hub)
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The officialbuild of CentOS. 3005 [OK]
jdeathe/centos-ssh CentOS-6 6.8 x86_64 /CentOS-7 7.3.1611 x8... 56 [OK]
……
[root@test6 ~]# docker pull centos #(Pull an p_w_picpath or arepository from a Docker registry server;默認下載的lastest最近版本centos7,若下6系列使用#dockerpull centos:6)
latest: Pulling from centos
3690474eb5b4: Pull complete
0a444b299d5a: Pull complete
a04895de1996: Pull complete
d4350798c2ee: Pull complete
Digest:sha256:6e45de12a92ce6fcc0e3d0ffca8000833675f96679b3f1ecf71485c339826f27
Status: Downloaded newer p_w_picpath forcentos:latest
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos latest d4350798c2ee 4 weeks ago 191.8 MB
[root@test6 ~]# docker run centos /bin/echo "hello world"
hello world
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c4587c56489f centos "/bin/echo 'hello wo 12 seconds ago Exited (0)10 seconds ago mad_thompson
[root@test6 ~]# docker run --name docker_test1 -it centos /bin/bash #(執行後會返回CONTAINER ID;docker只能運行已指定的一個應用程序,如echo "hello world",/bin/bash,當指定的這個應用退出,docker容器也退出)
[root@a77ba5f5a63d/]# ls
anaconda-post.log dev home lib64 media opt root sbin sys usr
bin etc lib lost+found mnt proc run srv tmp var
[root@a77ba5f5a63d /]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@a77ba5f5a63d /]# exit
exit
[root@test6 ~]# docker ps -l #(在另外一終端執行)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a77ba5f5a63d centos "/bin/bash" About a minute ago Up About aminute docker_test1
[root@test6 ~]# docker ps -a #(在另外一終端執行)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a77ba5f5a63d centos "/bin/bash" About a minute ago Up About aminute docker_test1
c4587c56489f centos "/bin/echo 'hello wo 5 minutes ago Exited(0) 5 minutes ago mad_thompson
[root@test6 ~]# docker ps -l #(在執行exit後,查看狀態爲Exited)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a77ba5f5a63d centos "/bin/bash" 14 minutes ago Exited(127) 5 seconds ago docker_test1
[root@test6 ~]# docker rm a77ba5f5a63d
a77ba5f5a63d
[root@test6 ~]# docker rm c4587c56489f
c4587c56489f
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@test6 ~]# docker run -d --name nginx_test1 nginx #(沒有此鏡像會自動去pull下載)
Unable to find p_w_picpath 'nginx:latest' locally
latest: Pulling from nginx
32734c6d04f6: Pull complete
1849b6667515: Pull complete
dd624ca8e781: Pull complete
9fc8fc300550: Pull complete
590494f17750: Pull complete
943e2fd86162: Pull complete
cd021197146a: Pull complete
93c50d378b4b: Pull complete
Digest:sha256:2b942f7dd01a57ceeb5985a0472a2f92735eb81a910dec70c2183c61fc54298c
Status: Downloaded newer p_w_picpath fornginx:latest
4dea114ceeb09f3f1c00faf3008bffa1ae434a0a17c3dbf79dbc767565c8cdec
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
nginx latest 93c50d378b4b 2 weeks ago 181.6 MB
centos latest d4350798c2ee 4 weeks ago 191.8 MB
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4dea114ceeb0 nginx "nginx -g 'daemon of 10 minutes ago Up 10minutes 80/tcp, 443/tcp nginx_test1
[root@test6 ~]# docker exec -it 4dea114ceeb0 /bin/bash
root@4dea114ceeb0:/#ps aux | grep nginx
root 1 0.0 0.3 31708 3056 ? Ss 06:34 0:00 nginx: master process nginx -g daemon off;
nginx 6 0.0 0.1 32100 1672 ? S 06:34 0:00 nginx: worker process
root 13 0.0 0.0 11068 816 ? S+ 07:27 0:00 grep nginx
root@4dea114ceeb0:/# exit
exit
[root@test6 ~]# docker inspect --format "` `.`State`.`Pid `" nginx_test1
44338
[root@test6 ~]# nsenter --target 44338 --mount --uts --ipc --net --pid
root@4dea114ceeb0:/# ps aux | grep nginx
root 1 0.0 0.3 31708 3056 ? Ss 06:34 0:00 nginx: master process nginx -g daemon off;
nginx 6 0.0 0.1 32100 1672 ? S 06:34 0:00 nginx: worker process
root 21 0.0 0.0 11068 856 ? S+ 07:59 0:00 grep nginx
root@4dea114ceeb0:/# exit
logout
[root@test6 ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4dea114ceeb0 nginx "nginx -g 'daemon of About an hour ago Up About anhour 80/tcp, 443/tcp nginx_test1
[root@test6 ~]# vim in.sh
#!/bin/bash
#
CNAME=$1
CPID=`docker inspect --format "``.`State`.`Pid `" $1`
nsenter --target $CPID --mount --uts --ipc--net --pid
[root@test6 ~]# chmod +x in.sh
[root@test6 ~]# ./in.sh nginx_test1
root@4dea114ceeb0:/# exit
logout
docker網絡訪問:
[root@test6 ~]# ipaddr list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:32:f4:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.23.134/24 brd 192.168.23.255scope global eth0
inet6 fe80::20c:29ff:fe32:f498/64 scope link
valid_lft forever preferred_lft forever
3: docker0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether 0a:ae:91:25:e7:a4 brd ff:ff:ff:ff:ff:ff
inet 172.17.42.1/16 scope global docker0
inet6 fe80::d489:24ff:fea9:122c/64 scope link
valid_lft forever preferred_lft forever
14: vethda6c685:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 0a:ae:91:25:e7:a4 brd ff:ff:ff:ff:ff:ff
inet6 fe80::8ae:91ff:fe25:e7a4/64 scope link
valid_lft forever preferred_lft forever
[root@test6 ~]# brctl show
bridge name bridgeid STP enabled interfaces
docker0 8000.0aae9125e7a4 no vethda6c685
[root@test6 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
[root@test6 ~]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain DOCKER (2 references)
target prot opt source destination
[root@test6 ~]# ./in.sh nginx_test1
root@4dea114ceeb0:/# ping baidu.com #(容器內可連網)
PING baidu.com (220.181.57.217): 56 databytes
64 bytes from 220.181.57.217: icmp_seq=0ttl=127 time=41.856 ms
64 bytes from 220.181.57.217: icmp_seq=1ttl=127 time=30.136 ms
64 bytes from 220.181.57.217: icmp_seq=2ttl=127 time=29.606 ms
64 bytes from 220.181.57.217: icmp_seq=3ttl=127 time=29.776 ms
^C--- baidu.com ping statistics ---
4 packets transmitted, 4 packets received,0% packet loss
round-trip min/avg/max/stddev =29.606/32.844/41.856/5.207 ms
root@4dea114ceeb0:/# ping 192.168.23.134 #(與宿主機互通)
PING 192.168.23.134 (192.168.23.134): 56data bytes
64 bytes from 192.168.23.134: icmp_seq=0ttl=64 time=0.854 ms
64 bytes from 192.168.23.134: icmp_seq=1ttl=64 time=0.110 ms
64 bytes from 192.168.23.134: icmp_seq=2ttl=64 time=0.110 ms
^C--- 192.168.23.134 ping statistics ---
3 packets transmitted, 3 packets received,0% packet loss
round-trip min/avg/max/stddev =0.110/0.358/0.854/0.351
root@4dea114ceeb0:/# ip addr #(運行容器的IP)
13: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP>mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.4/16 scope global eth0
inet6 fe80::42:acff:fe11:4/64 scope link
valid_lft forever preferred_lft forever
15: lo: <LOOPBACK,UP,LOWER_UP> mtu16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
root@4dea114ceeb0:/# ip route #(defautlgateway)
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.4
default via 172.17.42.1dev eth0
root@4dea114ceeb0:/# exit
logout
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4dea114ceeb0 nginx "nginx -g 'daemon of 2 hours ago Up 2hours 80/tcp, 443/tcp nginx_test1
[root@test6 ~]# docker stop 4dea114ceeb0
4dea114ceeb0
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4dea114ceeb0 nginx "nginx -g 'daemon of 2 hours ago Exited (0) 6 seconds ago nginx_test1
[root@test6 ~]# docker rm 4dea114ceeb0
4dea114ceeb0
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@test6 ~]# docker run -d -P --name nginx_test1 nginx #(隨機映射,hostPort的32769對應containerPort的80,hostPort的32768對應containerPort的443)
833cb5b7bce5f4d8ccded7340c65013c3ed85beda5b0700a781bf562528a5a27
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
833cb5b7bce5 nginx "nginx -g 'daemon of 32 seconds ago Up 30seconds 0.0.0.0:32769->80/tcp,0.0.0.0:32768->443/tcp nginx_test1
[root@test6 ~]# docker run -d -p 91:80 --name nginx_test2 nginx #(指定映射,hostPort的91對應containerPort的80)
5fdad68fb9bd39220c59c6dbc2138523c93f43bf31be0574fa7e83a8ef8c4c71
[root@test6 ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5fdad68fb9bd nginx "nginx -g 'daemon of 6 seconds ago Up 5seconds 443/tcp,0.0.0.0:91->80/tcp nginx_test2
docker數據管理:
1、數據卷:
-v /data
-v SRC:DST[:ro] #(SRC爲docker容器裏的路徑,DST爲本地宿主機的路徑;冒號兩邊的路徑最後不能有斜線)
2、數據卷容器:
--volumes-from
[root@test6 ~]# docker run -h test1 --name volume_test1 -it -v /data centos
[root@test1 /]#ls /data
[root@test6 ~]# cd /var/lib/docker/volumes/959e95494ed729723d96dc6a2096db1ee821faf98e57e2a1ec05c0a60a0bad5b/_data/
[root@test6 _data]# touch test.txt
[root@test1 /]# ls /data #(宿主機的/var/lib/docker/volumes/959e95494ed729723d96dc6a2096db1ee821faf98e57e2a1ec05c0a60a0bad5b/_data/這個路徑和容器中的/data是相通的;docker1.6版本須要映射才能看到#dockerinspect --format ` `.`Volumes ` volume_test1 map[/data:/var/lib/docker/volumes/959e95494ed729723d96dc6a2096db1ee821faf98e57e2a1ec05c0a60a0bad5b/_data])
test.txt
[root@test6 ~]# ls /opt
logstash rh
[root@test6 ~]# docker run -h test2 --name volume_test2 -it -v /opt:/opt centos #(記錄日誌是docker的短板,可經過此種方式把日誌寫到物理機路徑下,在物理機上啓動logstash收集)
[root@test2/]# ls /opt
logstash rh
[root@test6 ~]# docker run -h test3 --name volume_test3 -it --volumes-from volume_test1 centos #(將volume_test1的數據卷掛在新建的容器volume_test3上)
[root@test3/]# ls /data
test.txt
[root@test6 ~]# docker rm `docker ps -a -q` #(在每一個容器中exit後,,確保是Exited狀態再執行此命令)
fe948e794102
cb820a099163
3e420d4f20bc
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
docker鏡像構建(手動構建;dockerfile自動構建):
手動構建:
[root@test6 ~]# docker pull centos:6
6: Pulling from centos
c40f84131ae5: Pull complete
c3bd2182e0b9: Pull complete
10611b26a8b9: Pull complete
10611b26a8b9: Pulling fs layer
Digest: sha256:916364e13ac5f217ee9bbcef060960797834551fd7b8a332145dcb715c4a6196
Status: Downloaded newer p_w_picpath for centos:6
[root@test6 ~]# docker run -h test1 --name nginx_module -itd centos:6
f968454b222cf2b10aa5402ad566dcd76ec4c881814393b10f8c6e7dbb8ff30d
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f968454b222c centos:6 "/bin/bash" 57 seconds ago Up 56 seconds nginx_module
[root@test6 ~]# docker- #(有~/.bashrc_docker)
docker-enter docker-ip docker-pid
[root@test6 ~]# docker-ip nginx_module
172.17.0.6
[root@test6 ~]# docker-pid nginx_module
4284
[root@test6 ~]# docker-enter nginx_module
[root@test1 ~]# cat /etc/redhat-release
CentOS release 6.8 (Final)
[root@test1~]# ll /etc/yum.repos.d
total 24
-rw-r--r--. 1 root root 1991 May 18 2016 CentOS-Base.repo
-rw-r--r--. 1 root root 647 May 18 2016 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 630 May 18 2016 CentOS-Media.repo
-rw-r--r--. 1 root root 6259 May 18 2016 CentOS-Vault.repo
-rw-r--r--. 1 root root 289 May 18 2016 CentOS-fasttrack.repo
[root@test1~]# yum -y groupinstall "Compatibility Libraries" "DevelopmentTools"
[root@test1 ~]# yum -y install wget gcc gcc-c++ make openssl-devel pcre-devel
[root@test1 ~]# wget -P /usr/local/srchttp://nginx.org/download/nginx-1.10.2.tar.gz
[root@test1 ~]# ll -h /usr/local/src
total 892K
-rw-r--r--. 1 root root 890K Oct 18 15:14nginx-1.10.2.tar.gz
[root@test1 ~]# groupadd -r -g 108 nginx
[root@test1 ~]# useradd -r -g 108 -u 108nginx
[root@test1 ~]# id nginx
uid=108(nginx) gid=108(nginx)groups=108(nginx)
[root@test1 ~]# cd /usr/local/src
[root@test1 src]# tar xf nginx-1.10.2.tar.gz
[root@test1 src]# cd nginx-1.10.2
[root@test1 nginx-1.10.2]# ./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre
[root@test1 nginx-1.10.2]# make && make install
[root@test1 nginx-1.10.2]# vi /etc/init.d/nginx
[root@test1 nginx-1.10.2]# chmod +x !$
chmod +x /etc/init.d/nginx
[root@test1 nginx-1.10.2]# chkconfig --add nginx
[root@test1 nginx-1.10.2]# chkconfig nginx on
[root@test1 nginx-1.10.2]# chkconfig --list nginx
nginx 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@test1 ~]# vi /etc/nginx/nginx.conf #(daemon off;讓nginx在前臺運行,也可不用此項,最後在啓動容器時加入指令/etc/init.d/nginx restart)
daemon off;
[root@test1 ~]# /etc/init.d/nginx start
Starting nginx:
[root@test6 ~]# docker commit -m "jowin's nginx" f968454b222c jowin/mynginx:V1
a1ede8b196b618fe7c40491ae3a807f043ee59eb0627c97a7b12e3cf3257064c
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
jowin/mynginx V1 a1ede8b196b6 43 seconds ago 869.4 MB
nginx latest 93c50d378b4b 2 weeks ago 181.6 MB
centos latest d4350798c2ee 4 weeks ago 191.8 MB
centos 6 10611b26a8b9 10 weeks ago 194.6 MB
[root@test6 ~]# docker run -h test2 --name nginx_test -d -p 92:80 jowin/mynginx:V1 /etc/init.d/nginx restart
8fdb3f664c08279fc65e64359e67c8be1bb28c9b989eb2f7242eae3240a98e34
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8fdb3f664c08 jowin/mynginx:V1 "/etc/init.d/nginx r 4 seconds ago Up 3 seconds 0.0.0.0:92->80/tcp nginx_test
f968454b222c centos:6 "/bin/bash" 49 minutes ago Up 49 minutes nginx_module
dockerfile自動構建:
dockerfile文件裏的命令:
FROM #(基礎鏡像信息,例FROM IMAGE_NAME[:TAG],無TAG表示latest最後修改版本)
MAINTAINER #(維護者信息,如MAINTAINER NAME)
RUN #(構建指令,RUN可運行被基礎鏡像支持的指令;在要運行的命令前加上RUN;如RUN COMMAND)
CMD #(設置指令,用於container啓動時指定的操做,該操做能夠是執行自定義腳本,也可執行系統命令;CMD定義的這條信息只能在dockerfile文件中執行一次,如有多條則執行最後一條;如CMD COMMAND PARAMETER1 [PARAMETER2])
ENTRYPOINT #(設置指令,指定容器啓動時執行的命令,能夠屢次設置,可是隻有最後一個有效,同CMD,ENTRYPOINT指定的是一個可執行的腳本或者程序的路徑,該指定的腳本或者程序將會以param1和param2做爲參數執行,因此若是CMD指令使用這種形式運行CMD ["param1","param2"],那麼Dockerfile中必需要有配套的ENTRYPOINT;兩種使用方式:一種是獨自使用(當獨自使用時,若是你還使用了CMD命令且CMD是一個完整的可執行的命令,那麼CMD指令和ENTRYPOINT會互相覆蓋只有最後一個CMD或者ENTRYPOINT有效),例如:
(1)
ENTRYPOINT ["executable","param1", "param2"] (like an exec, the preferred form)
ENTRYPOINT command param1 param2 (as ashell)
(2)
# CMD指令將不會被執行,只有ENTRYPOINT指令被執行
CMD echo 「Hello, World!」
ENTRYPOINT ls -l
另外一種是與CMD命令配合使用來指定ENTRYPOINT的默認參數,這時CMD指令不是一個完整的可執行命令,僅僅是參數的一部分;ENTRYPOINT指令只能使用JSON方式指定執行命令,而不能指定參數,例如:
CMD ["-l"]
ENTRYPOINT ["/usr/bin/ls"]
)
ADD #(構建指令,全部拷貝到container中的文件和文件夾權限爲0755,uid和gid爲0;若是是一個目錄,那麼會將該目錄下的全部文件添加到container中,不包括目錄;若是文件是可識別的壓縮格式,則docker會幫忙解壓縮(注意壓縮格式);若是<src>是文件且<dst>中不使用斜槓結束,則會將<dst>視爲文件,<src>的內容會寫入<dst>;若是<src>是文件且<dst>中使用斜槓結束,則會<src>文件拷貝到<dst>目錄下,<src>是相對被構建的源目錄的相對路徑,能夠是文件或目錄的路徑,也能夠是一個遠程的文件url,<dst>是container中的絕對路徑;copy文件,會自動解壓;如ADD SRC DST)
WORKDIR #(設置指令,能夠屢次切換(至關於cd命令),對RUN、CMD、ENTRYPOINT生效;當前工做目錄;如WORKDIR /PATH/TO/DIR)
VOLUME #(設置指令,使容器中的一個目錄具備持久化存儲數據的功能,該目錄能夠被容器自己使用,也能夠共享給其餘容器使用,咱們知道容器使用的是AUFS,這種文件系統不能持久化數據,當容器關閉後,全部的更改都會丟失,當容器中的應用有持久化數據的需求時能夠在Dockerfile中使用該指令;目錄掛載;如VOLUME ["MOUNTPOINT"])
EXPOSE #(設置指令,該指令會將容器中的端口映射成宿主機器中的某個端口,當你須要訪問容器的時候,能夠不是用容器的IP地址而是使用宿主機器的IP地址和映射後的端口,要完成整個操做須要兩個步驟,首先在Dockerfile使用EXPOSE設置須要映射的容器端口,而後在運行容器的時候指定-p選項加上EXPOSE設置的端口,這樣EXPOSE設置的端口號會被隨機映射成宿主機器中的一個端口號,也能夠指定須要映射到宿主機器的那個端口,這時要確保宿主機器上的端口號沒有被使用,EXPOSE指令能夠一次設置多個端口號,相應的運行容器的時候,能夠配套的屢次使用-p選項;如EXPOSE PORT [PORT])
ENV #(構建指令,在鏡像中設置環境變量,設置了後,後續的RUN命令均可以使用,container啓動後,能夠經過docker inspect查看這個環境變量,也能夠經過在docker run --env key=value時設置或修改環境變量,假如你安裝了JAVA程序,須要設置JAVA_HOME,那麼能夠在Dockerfile中寫ENVJAVA_HOME /path/to/java/dirent)
舉例1(Dockfile自動構建,nginx用yum方式安裝):
[root@test6 ~]# mkdir -pv /opt/dockerfile/nginx
mkdir: created directory `/opt/dockerfile'
mkdir: created directory`/opt/dockerfile/nginx'
[root@test6 ~]# cp /etc/yum.repos.d/epel-release-6-8.noarch.rpm /opt/dockerfile/nginx/
[root@test6 ~]# cd /opt/dockerfile/nginx
[root@test6 nginx]# vim Dockerfile #(該文件首字母必定要大寫)
-----------------------file-start-------------------
# This is my Dockerfile
# Version1.0
# Author:jowin
FROM centos:6
MAINTAINER jowin
ADD epel-release-6-8.noarch.rpm /usr/local/src/
WORKDIR /usr/local/src
RUN yum -y install epel-release-6-8.noarch.rpm && yum -y install nginx
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
RUN chkconfig nginx on
EXPOSE 80
CMD /etc/init.d/nginx restart
-----------------------file-end-------------------
[root@test6 nginx]# ls
Dockerfile epel-release-6-8.noarch.rpm
[root@test6 nginx]# docker build -t mynginx:V1 /opt/dockerfile/nginx/ #(每一步都是容器一層)
Sending build context to Docker daemon932.4 kB
Sending build context to Docker daemon
Step 0 : FROM centos:6
---> 10611b26a8b9
Step 1 : MAINTAINER jowin
---> Running in 24597906bd47
---> 999639f2c6a2
Removing intermediate container24597906bd47
Step 2 : ADD epel-release-6-8.noarch.rpm/usr/local/src/
---> 96c8ba9fd0a8
Removing intermediate containera256f12df6bf
Step 3 : WORKDIR /usr/local/src
---> Running in 21c8e6b8611a
---> 1b353408f743
Removing intermediate container21c8e6b8611a
Step 4 : RUN yum -y installepel-release-6-8.noarch.rpm && yum -y install nginx
---> Running in e135afd7a757
Loaded plugins: fastestmirror, ovl
Setting up Install Process
Examining epel-release-6-8.noarch.rpm:epel-release-6-8.noarch
Marking epel-release-6-8.noarch.rpm to beinstalled
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:6-8will be installed
--> Finished Dependency Resolution
……
Complete!
---> 3e4dbe258c07
Removing intermediate containere135afd7a757
Step 5 : RUN echo "daemon off;">> /etc/nginx/nginx.conf
---> Running in 4757741a6a9a
---> 346eedad76db
Removing intermediate container4757741a6a9a
Step 6 : RUN chkconfig nginx on
---> Running in dab6062e3271
---> d24a7f82e4e3
Removing intermediate containerdab6062e3271
Step 7 : EXPOSE 80
---> Running in 8f8579602e2a
---> 04fb848c54f9
Removing intermediate container8f8579602e2a
Step 8 : CMD /etc/init.d/nginx restart
---> Running in 0a5d800e1254
---> 5727c7a98de6
Removing intermediate container0a5d800e1254
Successfully built 5727c7a98de6
[root@test6 nginx]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
mynginx V1 5727c7a98de6 5 minutes ago 622 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 4 weeks ago 191.8 MB
centos 6 10611b26a8b9 10 weeks ago 194.6 MB
[root@test6 nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@test6 ~]# docker run -h test8 --name nginx_test -d -p 93:80 mynginx:V1
b3f0b7e99f545657d3e9c3691e93f46cabb692ab3e102345577a65180b7bb607
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b3f0b7e99f54 mynginx:V1 "/bin/sh -c '/etc/in 3 seconds ago Up 2 seconds 0.0.0.0:93->80/tcp nginx_test
[root@test6 ~]# docker stop `docker ps -a-q`
b3f0b7e99f54
[root@test6 ~]# docker rm `docker ps -a -q`
b3f0b7e99f54
舉例2(Dockfile自動構建,nginx用源碼安裝):
[root@test6 ~]# mkdir -pv /opt/dockerfile/nginx
mkdir: created directory `/opt/dockerfile'
mkdir: created directory`/opt/dockerfile/nginx'
[root@test6 ~]# wget -P /opt/dockerfile/nginx/ http://nginx.org/download/nginx-1.10.2.tar.gz #(將要傳至容器中的文件都放在此目錄下)
[root@test6 ~]# vim /etc/init.d/nginx #(準備啓動腳本)
[root@test6 ~]# chmod +x /etc/init.d/nginx
[root@test6 ~]# cp /etc/init.d/nginx /opt/dockerfile/nginx/
[root@test6 ~]# cd /opt/dockerfile/nginx
[root@test6 nginx]# vim Dockerfile #(該文件首字母必定要大寫)
-----------------------file-start-------------------
# This is my Dockerfile
# Version1.0
# Author:jowin
FROM centos:6
MAINTAINER jowin
ADD nginx-1.10.2.tar.gz /usr/local/src/
ADD nginx /etc/init.d/
RUN chmod 755 /etc/init.d/nginx
RUN yum -y groupinstall "Compatibility Libraries" "Development Tools"
RUN yum -y install wget gcc gcc-c++ makeopenssl-devel pcre-devel
RUN groupadd -r -g 108 nginx && useradd -r -g 108 -u 108 nginx
RUN mkdir -p /var/tmp/nginx/client
WORKDIR /usr/local/src/nginx-1.10.2
RUN ./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre && make && make install
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
RUN chkconfig --add nginx &&chkconfig nginx on
EXPOSE 80
CMD /etc/init.d/nginx restart
-----------------------file-end-------------------
[root@test6 nginx]# ls
Dockerfile nginx nginx-1.10.2.tar.gz
[root@test6 nginx]# docker build -t mynginx:V2 /opt/dockerfile/nginx/
Sending build context to Docker daemon933.4 kB
Sending build context to Docker daemon
Step 0 : FROM centos:6
---> 10611b26a8b9
Step 1 : MAINTAINER jowin
---> Using cache
---> 999639f2c6a2
Step 2 : ADD nginx-1.10.2.tar.gz/usr/local/src/
---> a7f1ceebdf62
Removing intermediate container2803f4e155d6
Step 3 : ADD nginx /etc/init.d/
---> 7c24afc8de93
Removing intermediate container3cc4e5d4a12d
Step 4 : RUN chmod 755 /etc/init.d/nginx
---> Running in 05f1c843e10c
---> c79c9a993f23
Removing intermediate container05f1c843e10c
Step 5 : RUN yum -y groupinstall"Compatibility Libraries" "Development Tools"
---> Running in afb41a9093df
Loaded plugins: fastestmirror, ovl
Setting up Group Process
……
Complete!
---> f12bcfba970a
Removing intermediate containerc8dfc49e1cb2
Step 6 : RUN yum -y install wget gccgcc-c++ make openssl-devel pcre-devel
---> Running in 223fabfcd01f
Loaded plugins: fastestmirror, ovl
……
Complete!
---> facc087068a5
Removing intermediate container223fabfcd01f
Step 7 : RUN groupadd -r -g 108 nginx&& useradd -r -g 108 -u 108nginx
---> Running in 0f9485f61a3c
---> f435055d568c
Removing intermediate container0f9485f61a3c
Step 8 : RUN mkdir -p /var/tmp/nginx/client
---> Running in 6bf27d58a485
---> 9b6f4fb2841a
Removing intermediate container6bf27d58a485
Step 9 : WORKDIR/usr/local/src/nginx-1.10.2
---> Running in e45619137f0f
---> f2ec9e6630ea
Removing intermediate containere45619137f0f
Step 10 : RUN ./configure --prefix=/usr --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client/ --http-proxy-temp-path=/var/tmp/nginx/proxy/ --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre && make && makeinstall
---> Running in 6e4d7297cce1
checking for OS
+Linux 2.6.32-642.13.1.el6.x86_64 x86_64
……
make[1]: Leaving directory`/usr/local/src/nginx-1.10.2'
---> 7995848f13ce
Removing intermediate container6e4d7297cce1
Step 11 : RUN echo "daemon off;">> /etc/nginx/nginx.conf
---> Running in 7999a60b9b15
---> b9fc8b5907c0
Removing intermediate container7999a60b9b15
Step 12 : RUN chkconfig --add nginx&& chkconfig nginx on
---> Running in b022f7b7d2a7
---> c31a4dcdb26d
Removing intermediate containerb022f7b7d2a7
Step 13 : EXPOSE 80
---> Running in cb0fce765630
---> 88659a814893
Removing intermediate containercb0fce765630
Step 14 : CMD /etc/init.d/nginx restart
---> Running in 4cf1af9267c0
---> e36386cedd23
Removing intermediate container4cf1af9267c0
Successfully built e36386cedd23
[root@test6 nginx]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
mynginx V2 e36386cedd23 2 minutes ago 908.3 MB
mynginx V1 5727c7a98de6 51 minutes ago 622 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 4 weeks ago 191.8 MB
centos 6 10611b26a8b9 10 weeks ago 194.6 MB
[root@test6 nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@test6 nginx]# docker run -h test2 --name nginx_test2 -d -p 94:80 mynginx:V2
a1f183710d19e78f0a2f38d023cb6fb11e9608668097a2159153b8a6242cf13d
[root@test6 nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1f183710d19 mynginx:V2 "/bin/sh -c '/etc/in 3 seconds ago Up 2 seconds 0.0.0.0:94->80/tcp nginx_test2
[root@test6 nginx]# docker stop `docker ps-a -q`
a1f183710d19
[root@test6 nginx]# docker rm `docker ps -a-q`
a1f183710d19
舉例3(Dockfile自動構建,stress壓力測試)
[root@test6 ~]# yum -y install stress #(用epel源(http://mirrors.aliyun.com/help/epel)安裝此工具,linux下壓力測試)
[root@test6 ~]# man stress
-c, --cpu N,spawn N workersspinning on sqrt(),產生多個處理sqrt()函數的cpu進程;
-i, --io N,spawn N workersspinning on sync(),產生多個處理sync()函數的磁盤io進程;
-m, --vm N,spawn N workersspinning on malloc()/free(),產生多個處理malloc()內存分配函數的進程;
[root@test6 ~]# mkdir /opt/dockerfile/stress
[root@test6 ~]# cp /etc/yum.repos.d/epel-release-6-8.noarch.rpm /opt/dockerfile/stress/
[root@test6 ~]# cd !$
cd /opt/dockerfile/stress
[root@test6 stress]# vim Dockerfile
FROM centos:6
ADD epel-release-6-8.noarch.rpm/usr/local/src/
WORKDIR /usr/local/src
RUN yum -y install epel-release-6-8.noarch.rpm && yum -y install stress
ENTRYPOINT ["stress"]
[root@test6 stress]# docker build -tstress:V1 /opt/dockerfile/stress/
Sending build context to Docker daemon18.94 kB
Sending build context to Docker daemon
Step 0 : FROM centos:6
---> 10611b26a8b9
Step 1 : ADD epel-release-6-8.noarch.rpm/usr/local/src/
---> 6ad551534139
Removing intermediate containerf157f173a6b9
Step 2 : WORKDIR /usr/local/src
---> Running in d6d37746ae09
---> 2c600a3a7d67
Removing intermediate containerd6d37746ae09
Step 3 : RUN yum -y installepel-release-6-8.noarch.rpm && yum -y install stress
---> Running in eeb460c3fcee
Loaded plugins: fastestmirror, ovl
Setting up Install Process
Examining epel-release-6-8.noarch.rpm:epel-release-6-8.noarch
Marking epel-release-6-8.noarch.rpm to beinstalled
Resolving Dependencies
……
Complete!
---> 338c70034926
Removing intermediate containereeb460c3fcee
Step 4 : ENTRYPOINT stress
---> Running in b63dfcd11205
---> 74d069b8070a
Removing intermediate containerb63dfcd11205
Successfully built 74d069b8070a
[root@test6 stress]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
stress V1 74d069b8070a 9 minutes ago 287.7 MB
mynginx V2 e36386cedd23 32 minutes ago 908.3 MB
mynginx V1 5727c7a98de6 About an hour ago 622 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 4 weeks ago 191.8 MB
centos 6 10611b26a8b9 10 weeks ago 194.6 MB
[root@test6 stress]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
容器資源配額:
(1)CPU份額控制:
http://blog.csdn.net/horsefoot/article/details/51731543
[root@test6 ~]# docker run -itd --cpu-shares 100 stress:V1 --cpu 1 #(最後的--cpu 1是stress命令的參數)
70e786fb864811595226e911d6651064dea7bc98e896e8bc4467e72a1d62afaf
[root@test6 ~]# docker run -itd --cpu-shares 50 stress:V1 --cpu 1
939fff5393bbf387ef9a4b9c1cfeb26ac2024b187e8f2a96509c7cb373a052aa
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
939fff5393bb stress:V1 "stress --cpu 1" 6 seconds ago Up 2 seconds elegant_goodall
70e786fb8648 stress:V1 "stress --cpu 1" 16 seconds ago Up 15 seconds loving_fermat
#cat /cgroup/cpu/docker/CONTAINER_ID/cpu.shares
#top結果以下:
[root@test6 ~]# docker stop `docker ps -q`
939fff5393bb
70e786fb8648
[root@test6 ~]# docker rm `docker ps -a -q`
939fff5393bb
70e786fb8648
(2)CPU core控制:
#docker run -itd--cpuset-cpus 0-2 stress:V1 #(表示建立的容器只能使用012這三個核心)
#cat /cgroup/cpuset/docker/CONTAINTER_ID/cpuset.cpus
#docker exec CONTAINER_ID taskset -c -p1 #(查看容器內進程與cpu的綁定,容器內第一個進程的編號通常爲1)
(3)內存配額控制:
[root@test6 ~]# docker run -itd -m 128m stress:V1 --vm 1 --vm-bytes 128m --vm-hang 0 #(-m 128m,設置容器使用的最大內存上限,新版本此處設多少就能用多少,老版本能過載使用能達到2倍甚至更多;默認狀況下,除了-m(--memory)指定的內存大小之外,docker還爲容器分配了一樣大小的swap分區,也就是說,上面的命令建立出的容器實際上最多可使用256MB內存,而不是128MB內存,若是須要自定義swap分區大小,則能夠經過聯合使用--memory-swap參數來實現控制)
0ed05c7bd67efb5a9972550e00a9d63c0239db265c9cd1bfb5db9e1259c1a025
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0ed05c7bd67e stress:V1 "stress --vm 1 --vm- 15 seconds ago Up 4 seconds prickly_hodgkin
[root@test6 ~]# docker-enter 0ed05c7bd67e
[root@0ed05c7bd67e ~]#
#cat /cgroup/memory/docker/CONTAINER_ID/memory.limit_in_bytes
#cat /cgroup/memory/docker/CONTAINER_ID/memory.memsw.limit_in_bytes
docker網絡:
(1)docker默認使用bridge:
[root@test6 ~]# ip addr
256: vethe182dcb:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 52:12:99:6d:2e:ac brd ff:ff:ff:ff:ff:ff
inet6 fe80::5012:99ff:fe6d:2eac/64 scope link
valid_lft forever preferred_lft forever
1: lo: <LOOPBACK,UP,LOWER_UP> mtu65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:32:f4:98 brd ff:ff:ff:ff:ff:ff
inet 192.168.23.134/24 brd 192.168.23.255 scope global eth0
inet6 fe80::20c:29ff:fe32:f498/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP>mtu 1500 qdisc noqueue state UNKNOWN
link/ether 52:12:99:6d:2e:ac brd ff:ff:ff:ff:ff:ff
inet 172.17.42.1/16 scope global docker0
inet6 fe80::80ee:6dff:febb:7ecc/64 scope link
valid_lft forever preferred_lft forever
[root@test6 ~]# brctl show
bridge name bridgeid STP enabled interfaces
docker0 8000.5212996d2eac no vethe182dcb
[root@test6 ~]# iptables -t nat -L -n
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain DOCKER (2 references)
target prot opt source destination
(2)host網絡:
(3)其它:
registry:
官方的Docker hub是一個用於管理公共鏡像的好地方,咱們能夠在上面找到咱們想要的鏡像,也能夠把咱們本身的鏡像推送上去,可是,有時候,咱們的使用場景須要咱們擁有一個私有的鏡像倉庫用於管理咱們本身的鏡像,這個能夠經過開源軟件Registry來達成目的;
Registry在github上有兩份代碼:老代碼庫和新代碼庫,老代碼是採用python編寫的,存在pull和push的性能問題,出到0.9.1版本以後就標誌爲deprecated,再也不繼續開發,從2.0版本開始就在新代碼庫進行開發,新代碼庫是採用go語言編寫,修改了鏡像id的生成算法、registry上鏡像的保存結構,大大優化了pull和push鏡像的效率;
官方在Docker hub上提供了registry的鏡像,咱們能夠直接使用該registry鏡像來構建一個容器,搭建咱們本身的私有倉庫服務;
[root@test6 ~]# docker search registry
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
registry The DockerRegistry 2.0 implementation for... 1286 [OK]
konradkleine/docker-registry-frontend Browse and modify your Docker registry in... 134 [OK]
……
[root@test6 ~]# docker pull registry
latest: Pulling from registry
6f8afccfec17: Pull complete
38535c2527ab: Pull complete
f65507bfd5af: Pull complete
343c0e0e9a06: Pull complete
8da0a1a131a1: Pull complete
262f434a6db5: Pull complete
ca1c9bbf547c: Pull complete
a375b425d304: Pull complete
46afc3aaeab9: Pull complete
Digest:sha256:dfe7dab682674fd612b582e489d4c9d0d163f538539210201da33fd3de6faf69
Status: Downloaded newer p_w_picpath for registry:latest
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
stress V1 74d069b8070a 3 days ago 287.7 MB
mynginx V2 e36386cedd23 3 days ago 908.3 MB
mynginx V1 5727c7a98de6 3 days ago 622 MB
registry latest 46afc3aaeab9 3 days ago 33.17 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 5 weeks ago 191.8 MB
centos 6 10611b26a8b9 11 weeks ago 194.6 MB
[root@test6 ~]# vim /etc/sysconfig/docker
other_args="--insecure-registry 192.168.23.134:5000"
[root@test6 ~]# /etc/init.d/docker restart
Stopping docker: [ OK ]
Starting docker: [ OK ]
[root@test6 ~]# mkdir /opt/registry
[root@test6 ~]# docker run -v /opt/registry:/var/lib/registry -p 5000:5000 --restart=always --name registry -d registry #(registry默認將鏡像保存在容器的/var/lib/registry,將其映射到宿主機的/opt/registry)
44990ef6275b6bb34c69b8fd854899e0eda12bc984885fd19c1ce00c2bae0070
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
44990ef6275b registry "/entrypoint.sh /etc 9 seconds ago Up 3 seconds 0.0.0.0:5000->5000/tcp registry
http://192.168.23.134:5000/v2/
[root@test6 ~]# docker tag stress:V1 192.168.23.134:5000/stress:V1 #(給即將要推送到私有倉庫的鏡像作標記)
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
stress V1 74d069b8070a 3 days ago 287.7 MB
192.168.23.134:5000/stress V1 74d069b8070a 3 days ago 287.7 MB
mynginx V2 e36386cedd23 3 days ago 908.3 MB
mynginx V1 5727c7a98de6 3 days ago 622 MB
registry latest 46afc3aaeab9 3 days ago 33.17 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 5 weeks ago 191.8 MB
centos 6 10611b26a8b9 11 weeks ago 194.6 MB
[root@test6 ~]# docker push 192.168.23.134:5000/stress:V1
The push refers to a repository[192.168.23.134:5000/stress] (len: 1)
74d069b8070a: Image already exists
74d069b8070a: Buffering to Disk
338c70034926: Image successfully pushed
2c600a3a7d67: Image successfully pushed
6ad551534139: Image successfully pushed
6ad551534139: Buffering to Disk
10611b26a8b9: Image already exists
c40f84131ae5: Image successfully pushed
c40f84131ae5: Buffering to Disk
Digest:sha256:fc774ad3fd86014ce488c24360931be8f4bc804046e49c089c9a8cabe6713ef9
[root@test6 ~]# docker-enter registry
44990ef6275b:~# ls /var/lib/registry/docker/registry/v2/repositories/stress/
_layers _manifests _uploads
44990ef6275b:~# exit
[root@test6 ~]# ls /opt/registry/docker/registry/v2/repositories/stress/
_layers _manifests _uploads
http://192.168.23.134:5000/v2/_catalog
[root@test6 ~]# docker rmi 192.168.23.134:5000/stress:V1 #(將本地的stress:V1刪掉)
Untagged: 192.168.23.134:5000/stress:V1
Deleted:74d069b8070a4a60c9037ab3ea3ee3393de564ea5f8e9b504e242b880f405ded
Deleted: 338c700349262c59a29fa18c5be083c9b1102363e7e08237e9a8e06f87809cee
Deleted:2c600a3a7d67aeca796b3076d6608b14b4cd45773f4b2d0b1938b5161c4f2f05
Deleted:6ad551534139344ddc661b4132211646abb10ba73583077567bc552abb45b48d
[root@test6 ~]# docker pull 192.168.23.134:5000/stress:V1 #(從私有倉庫中下載)
V1: Pulling from 192.168.23.134:5000/stress
6ad551534139: Pull complete
2c600a3a7d67: Pull complete
338c70034926: Pull complete
74d069b8070a: Already exists
74d069b8070a: Pulling fs layer
3690474eb5b4: Already exists
c40f84131ae5: Already exists
c3bd2182e0b9: Already exists
Digest:sha256:fc774ad3fd86014ce488c24360931be8f4bc804046e49c089c9a8cabe6713ef9
Status: Downloaded newer p_w_picpath for192.168.23.134:5000/stress:V1
[root@test6 ~]# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
192.168.23.134:5000/stress V1 74d069b8070a 3 days ago 287.7 MB
mynginx V2 e36386cedd23 3 days ago 908.3 MB
mynginx V1 5727c7a98de6 3 days ago 622 MB
registry latest 46afc3aaeab9 3 days ago 33.17 MB
nginx latest 93c50d378b4b 3 weeks ago 181.6 MB
centos latest d4350798c2ee 5 weeks ago 191.8 MB
centos 6 10611b26a8b9 11 weeks ago 194.6 MB
[root@test6 ~]# docker stop `docker ps -q`
44990ef6275b
[root@test6 ~]# docker rm `docker ps -a -q`
44990ef6275b
docker management(shipyard):
Shipyard是創建在docker集羣管理工具Citadel之上的能夠管理容器、主機等資源的web圖形化工具,包括core和extension兩個版本;core即shipyard,主要是把多個Docker host上的containers統一管理(支持跨越多個host),extension即shipyard-extensions添加了應用路由和負載均衡、集中化日誌、部署等;
engine(一個shipyard管理的docker集羣能夠包含一個或多個engine(引擎),一個engine就是監聽tcp端口的dockerdaemon,shipyard管理docker daemon、p_w_picpaths、containers徹底基於Docker API,不須要作其餘的修改;另shipyard能夠對每一個engine作資源限制,包括CPU和內存,由於TCP監聽相比Unix socket方式會有必定的安全隱患,因此shipyard還支持經過SSL證書與docker後臺進程安全通訊);
rethinkdb(是一個shipyard項目的一個docker鏡像,用來存放帳號account、引擎engine、服務密鑰servicekey、擴展元數據extension metadata等信息,但不會存儲任何有關容器或鏡像的內容,通常會啓動一個shipyard/rethinkdb容器shipyard-rethinkdb-data來使用它的/data做爲數據卷供另外rethinkdb一個掛載,專門用於數據存儲);
(1)shipyard v1(基於Python/Django)版本時安裝過程比較複雜,既能夠經過在host上安裝,也能夠部署shipyard鏡像(包括shipyard-agent、shipyard-deploy等組件);
(2)shipyard v2版本簡化了安裝過程,啓動兩個鏡像就完成安裝(獲取一個/data的數據卷;使用數據卷/data啓動rethinkdb);最後啓動shipyard控制器便可使用;
(3)以上兩種方式安裝很麻煩的,如今官方有了自動安裝腳本,使用很是方便(https://shipyard-project.com/docs/deploy/automated/),Shipyard啓用了7個容器,默認訪問端口是8080,默認用戶名和密碼是admin和shipyard;
[root@test6 ~]# curl -sSL https://shipyard-project.com/deploy | bash -s #(第三種方式,一鍵安裝)
Deploying Shipyard
-> Starting Database
-> Starting Discovery
-> Starting Cert Volume
-> Starting Proxy
-> Starting Swarm Manager
-> Starting Swarm Agent
-> Starting Controller
Waiting for Shipyard on 192.168.23.134:8080
........................................
Shipyard available athttp://192.168.23.134:8080
Username: admin Password: shipyard
[root@test6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
56fdb108168b shipyard/shipyard:latest "/bin/controller --d 12 hours ago Up 12 hours 0.0.0.0:8080->8080/tcp shipyard-controller
3620784c0213 swarm:latest "/swarm j --addr192 12 hours ago Up 12 hours 2375/tcp shipyard-swarm-agent
21f60db1102d swarm:latest "/swarm m--replicat 12 hours ago Up 12 hours 2375/tcp shipyard-swarm-manager
d36cfdb24321 shipyard/docker-proxy:latest "/usr/local/bin/run" 12 hours ago Up 12 hours 0.0.0.0:2375->2375/tcp shipyard-proxy
081d1a2001d5 alpine "sh" 12 hours ago Up 12 hours shipyard-certs
9fd267a05129 microbox/etcd:latest "/bin/etcd -addr 192 12 hours ago Up 12 hours 0.0.0.0:4001->4001/tcp,0.0.0.0:7001->7001/tcp shipyard-discovery
7ac05182605e rethinkdb "rethinkdb --bindal 12 hours ago Up 12 hours 8080/tcp, 28015/tcp, 29015/tcp shipyard-rethinkdb
- 1. 三. Docker學習
- 2. docker學習(三)
- 3. docker學習筆記三
- 4. docker學習-鏡像(三)
- 5. docker學習總結(三)
- 6. Docker學習之路(三)
- 7. docker深刻學習三
- 8. Docker學習(三)java應用docker部署
- 9. docker學習 (三) Windows 10 安裝Docker
- 10. Docker學習(三)-Docker相關工具
- 更多相關文章...
- • 您已經學習了 XML Schema,下一步學習什麼呢? - XML Schema 教程
- • 我們已經學習了 SQL,下一步學習什麼呢? - SQL 教程
- • Tomcat學習筆記(史上最全tomcat學習筆記)
- • 適用於PHP初學者的學習線路和建議
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. vs2019運行opencv圖片顯示代碼時,窗口亂碼
- 2. app自動化 - 元素定位不到?別慌,看完你就能解決
- 3. 在Win8下用cisco ××× Client連接時報Reason 422錯誤的解決方法
- 4. eclipse快速補全代碼
- 5. Eclipse中Java/Html/Css/Jsp/JavaScript等代碼的格式化
- 6. idea+spring boot +mabitys(wanglezapin)+mysql (1)
- 7. 勒索病毒發生變種 新文件名將帶有「.UIWIX」後綴
- 8. 【原創】Python 源文件編碼解讀
- 9. iOS9企業部署分發問題深入瞭解與解決
- 10. 安裝pytorch報錯CondaHTTPError:******