docker入門級詳解

時間 2019-11-12

標籤 docker 入門詳解欄目 Docker 简体版

原文原文鏈接

Docker

1 docker安裝

yum install docker

[root@topcheer ~]# systemctl start docker
[root@topcheer ~]# mkdir -p /etc/docker 
[root@topcheer ~]# vim /etc/docker/daemon.json #配置阿里雲鏡像加速

{
"registry-mirrors": ["XXXXXXXXXXXXXXXX"]
}
[root@topcheer ~]# systemctl daemon-reload #加載配置文件 [root@topcheer ~]# systemctl restart docker #重啓
[root@topcheer ~]#

2 docker命令

2.1 docker幫助命令

docker versionhtml

 1 [root@topcheer ~]# docker version
 2 Client:
 3  Version:         1.13.1
 4  API version:     1.26
 5  Package version: docker-1.13.1-103.git7f2769b.el7.centos.x86_64
 6  Go version:      go1.10.3
 7  Git commit:      7f2769b/1.13.1
 8  Built:           Sun Sep 15 14:06:47 2019
 9  OS/Arch:         linux/amd64
10 
11 Server:
12  Version:         1.13.1
13  API version:     1.26 (minimum version 1.12)
14  Package version: docker-1.13.1-103.git7f2769b.el7.centos.x86_64
15  Go version:      go1.10.3
16  Git commit:      7f2769b/1.13.1
17  Built:           Sun Sep 15 14:06:47 2019
18  OS/Arch:         linux/amd64
19  Experimental:    false
20 [root@topcheer ~]#

docker infojava

 1 [root@topcheer ~]# docker info
 2 Containers: 1
 3  Running: 0
 4  Paused: 0
 5  Stopped: 1
 6 Images: 1
 7 Server Version: 1.13.1
 8 Storage Driver: overlay2
 9  Backing Filesystem: xfs
10  Supports d_type: true
11  Native Overlay Diff: true
12 Logging Driver: journald
13 Cgroup Driver: systemd
14 Plugins:
15  Volume: local
16  Network: bridge host macvlan null overlay
17 Swarm: inactive
18 Runtimes: docker-runc runc
19 Default Runtime: docker-runc
20 Init Binary: /usr/libexec/docker/docker-init-current
21 containerd version:  (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
22 runc version: 9c3c5f853ebf0ffac0d087e94daef462133b69c7 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
23 init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
24 Security Options:
25  seccomp
26   WARNING: You're not using the default seccomp profile
27   Profile: /etc/docker/seccomp.json
28  selinux
29 Kernel Version: 3.10.0-957.el7.x86_64
30 Operating System: CentOS Linux 7 (Core)
31 OSType: linux
32 Architecture: x86_64
33 Number of Docker Hooks: 3
34 CPUs: 4
35 Total Memory: 1.777 GiB
36 Name: topcheer
37 ID: SR5A:YSH6:3YGH:YEZ4:PWLB:EEVE:3L5S:Z5AR:ARIA:SDGX:CZI5:MJ7O
38 Docker Root Dir: /var/lib/docker
39 Debug Mode (client): false
40 Debug Mode (server): false
41 Registry: https://index.docker.io/v1/
42 Experimental: false
43 Insecure Registries:
44  127.0.0.0/8
45 Registry Mirrors:
46  https://lara9y80.mirror.aliyuncs.com
47 Live Restore Enabled: false
48 Registries: docker.io (secure)
49 [root@topcheer ~]#

docker --helpnode

[root@topcheer ~]# docker --help

Usage:  docker COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -D, --debug              Enable debug mode
      --help               Print usage
  -H, --host list          Daemon socket(s) to connect to (default [])
  -l, --log-level string   Set the logging level ("debug", "info", "warn", "error", "fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  container   Manage containers
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  volume      Manage volumes

Commands:
  attach      Attach to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.
[root@topcheer ~]#

2.2 鏡像命令

docker imagesmysql

[root@topcheer ~]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
docker.io/hello-world   latest              fce289e99eb9        8 months ago        1.84 kB
[root@topcheer ~]#
REPOSITORY：表示鏡像的倉庫源
TAG：鏡像的標籤
IMAGE ID：鏡像ID
CREATED：鏡像建立時間
SIZE：鏡像大小
 同一倉庫源能夠有多個 TAG，表明這個倉庫源的不一樣個版本，咱們使用 REPOSITORY:TAG 來定義不一樣的鏡像。
若是你不指定一個鏡像的版本標籤，例如你只使用 ubuntu，docker 將默認使用 ubuntu:latest 鏡像

docker searchlinux

[root@topcheer ~]# docker search redis
INDEX       NAME                                       DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
docker.io   docker.io/redis                            Redis is an open source key-value store th...   7342      [OK]
docker.io   docker.io/bitnami/redis                    Bitnami Redis Docker Image                      127                  [OK]
docker.io   docker.io/sameersbn/redis                                                                  77                   [OK]
docker.io   docker.io/grokzen/redis-cluster            Redis cluster 3.0, 3.2, 4.0 & 5.0               56
docker.io   docker.io/rediscommander/redis-commander   Alpine image for redis-commander - Redis m...   31                   [OK]
docker.io   docker.io/kubeguide/redis-master           redis-master with "Hello World!"                29
docker.io   docker.io/redislabs/redis                  Clustered in-memory database engine compat...   23
docker.io   docker.io/arm32v7/redis                    Redis is an open source key-value store th...   17
docker.io   docker.io/redislabs/redisearch             Redis With the RedisSearch module pre-load...   17
docker.io   docker.io/oliver006/redis_exporter          Prometheus Exporter for Redis Metrics. Su...   15
docker.io   docker.io/webhippie/redis                  Docker images for Redis                         10                   [OK]
docker.io   docker.io/s7anley/redis-sentinel-docker    Redis Sentinel                                  9                    [OK]
docker.io   docker.io/insready/redis-stat              Docker image for the real-time Redis monit...   8                    [OK]
docker.io   docker.io/redislabs/redisgraph             A graph database module for Redis               8                    [OK]
docker.io   docker.io/arm64v8/redis                    Redis is an open source key-value store th...   6
docker.io   docker.io/bitnami/redis-sentinel           Bitnami Docker Image for Redis Sentinel         6                    [OK]
docker.io   docker.io/centos/redis-32-centos7          Redis in-memory data structure store, used...   4
docker.io   docker.io/redislabs/redismod               An automated build of redismod - latest Re...   4                    [OK]
docker.io   docker.io/circleci/redis                   CircleCI images for Redis                       2                    [OK]
docker.io   docker.io/frodenas/redis                   A Docker Image for Redis                        2                    [OK]
docker.io   docker.io/runnable/redis-stunnel           stunnel to redis provided by linking conta...   1                    [OK]
docker.io   docker.io/tiredofit/redis                  Redis Server w/ Zabbix monitoring and S6 O...   1                    [OK]
docker.io   docker.io/wodby/redis                      Redis container image with orchestration        1                    [OK]
docker.io   docker.io/cflondonservices/redis           Docker image for running redis                  0
docker.io   docker.io/xetamus/redis-resource           forked redis-resource                           0                    [OK]
[root@topcheer ~]#

docker pullnginx

[root@topcheer ~]# docker pull  docker.io/redis
Using default tag: latest
Trying to pull repository docker.io/library/redis ...
latest: Pulling from docker.io/library/redis
b8f262c62ec6: Pull complete
93789b5343a5: Pull complete
49cdbb315637: Pull complete
2c1ff453e5c9: Pull complete
9341ee0a5d4a: Pull complete
770829e1df34: Pull complete
Digest: sha256:5dcccb533dc0deacce4a02fe9035134576368452db0b4323b98a4b2ba2d3b302
Status: Downloaded newer image for docker.io/redis:latest
[root@topcheer ~]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
docker.io/redis         latest              63130206b0fa        9 days ago          98.2 MB
docker.io/hello-world   latest              fce289e99eb9        8 months ago        1.84 kB
[root@topcheer ~]#

docker rmigit

[root@topcheer ~]# docker rmi 63130206b0fa
Untagged: docker.io/redis:latest
Untagged: docker.io/redis@sha256:5dcccb533dc0deacce4a02fe9035134576368452db0b4323b98a4b2ba2d3b302
Deleted: sha256:63130206b0fa808e4545a0cb4a1f14f6d40b8a7e2e6fda0a31fd326c2ac0971c
Deleted: sha256:9476758634326bb436208264d0541e9a0d42e4add35d00c2a7408f810223013d
Deleted: sha256:0f3d9de16a216bfa5e2c2bd0e3c2ba83afec01a1b326d9f39a5ea7aecc112baf
Deleted: sha256:452d665d4efca3e6067c89a332c878437d250312719f9ea8fff8c0e350b6e471
Deleted: sha256:d6aec371927a9d4bfe4df4ee8e510624549fc08bc60871ce1f145997f49d4d37
Deleted: sha256:2957e0a13c30e89650dd6c00644c04aa87ce516284c76a67c4b32cbb877de178
Deleted: sha256:2db44bce66cde56fca25aeeb7d09dc924b748e3adfe58c9cc3eb2bd2f68a1b68
[root@topcheer ~]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
docker.io/hello-world   latest              fce289e99eb9        8 months ago        1.84 kB
[root@topcheer ~]#

2.3 容器命令

docker runweb

OPTIONS說明（經常使用）：有些是一個減號，有些是兩個減號
 
--name="容器新名字": 爲容器指定一個名稱；
-d: 後臺運行容器，並返回容器ID，也即啓動守護式容器；
-i：以交互模式運行容器，一般與 -t 同時使用；
-t：爲容器從新分配一個僞輸入終端，一般與 -i 同時使用；
-P: 隨機端口映射；
-p: 指定端口映射，有如下四種格式
      ip:hostPort:containerPort
      ip::containerPort
      hostPort:containerPort
      containerPort
      
[root@topcheer ~]# docker run -it centos /bin/bash
[root@3d2a94b63807 /]# cd /
[root@3d2a94b63807 /]# ll

docker psredis

OPTIONS說明（經常使用）：
 
-a :列出當前全部正在運行的容器+歷史上運行過的
-l :顯示最近建立的容器。
-n：顯示最近n個建立的容器。
-q :靜默模式，只顯示容器編號。
--no-trunc :不截斷輸出。
退出容器 exit:容器中止退出 crtl p q容器不中止退出
[root@topcheer ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
3d2a94b63807        centos              "/bin/bash"         3 minutes ago       Up 3 minutes                            nostalgic_darwin
[root@topcheer ~]#

docker stopsql

root@topcheer ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
3d2a94b63807        centos              "/bin/bash"         3 minutes ago       Up 3 minutes                            nostalgic_darwin
[root@topcheer ~]# docker stop 3d2a94b63807
3d2a94b63807

docker start

[root@topcheer ~]# docker start 3d2a94b63807
3d2a94b63807
[root@topcheer ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
3d2a94b63807        centos              "/bin/bash"         6 minutes ago       Up 17 seconds                           nostalgic_darwin
[root@topcheer ~]#

docker rm

[root@topcheer ~]# docker rm -f $(docker ps -a -q)
3d2a94b63807
299b22d3d143
[root@topcheer ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@topcheer ~]#

docker run -d

[root@topcheer ~]# docker run -d centos
3c618cadb296fd013384201958f175085395a505a0aa1f7727e3c24b744b0b7f
[root@topcheer ~]#
 
問題：而後docker ps -a 進行查看, 會發現容器已經退出
很重要的要說明的一點: Docker容器後臺運行,就必須有一個前臺進程.
容器運行的命令若是不是那些一直掛起的命令（好比運行top，tail），就是會自動退出的。
 
這個是docker的機制問題,好比你的web容器,咱們以nginx爲例，正常狀況下,咱們配置啓動服務只須要啓動響應的service便可。例如
service nginx start
可是,這樣作,nginx爲後臺進程模式運行,就致使docker前臺沒有運行的應用,
這樣的容器後臺啓動後,會當即自殺由於他以爲他沒事可作了.
因此，最佳的解決方案是,將你要運行的程序之前臺進程的形式運行

docker logs

*   -t 是加入時間戳
*   -f 跟隨最新的日誌打印
*   --tail 數字 顯示最後多少條
[root@topcheer ~]# docker run -d centos /bin/sh -c "while true;do echo hello zzyy;sleep 2;done"
6c4bb3ce4c35a5380b553e686b806a1581bfb8dd0a115f63fa9b14da6195e667
[root@topcheer ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                          PORTS               NAMES
6c4bb3ce4c35        centos              "/bin/sh -c 'while..."   6 seconds ago        Up 4 seconds                                        eloquent_shannon
3c618cadb296        centos              "/bin/bash"              About a minute ago   Exited (0) About a minute ago                       upbeat_jepsen
[root@topcheer ~]# docker logs -f -t --tail 6c4bb3ce4c35
"docker logs" requires exactly 1 argument(s).
See 'docker logs --help'.

Usage:  docker logs [OPTIONS] CONTAINER

Fetch the logs of a container
[root@topcheer ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS               NAMES
6c4bb3ce4c35        centos              "/bin/sh -c 'while..."   47 seconds ago      Up 46 seconds                                  eloquent_shannon
3c618cadb296        centos              "/bin/bash"              2 minutes ago       Exited (0) 2 minutes ago                       upbeat_jepsen
[root@topcheer ~]# docker logs -tf --tail10  6c4bb3ce4c35
unknown flag: --tail10
See 'docker logs --help'.
[root@topcheer ~]# docker logs -tf --tail 10  6c4bb3ce4c35
2019-09-22T10:23:14.595414000Z hello zzyy
2019-09-22T10:23:16.597109000Z hello zzyy
2019-09-22T10:23:18.600019000Z hello zzyy
2019-09-22T10:23:20.602673000Z hello zzyy
2019-09-22T10:23:22.605026000Z hello zzyy
2019-09-22T10:23:24.625059000Z hello zzyy

docker top 查看容器內運行的進程

[root@topcheer ~]# docker top 6c4bb3ce4c35
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                116050              116030              0                   18:21               ?                   00:00:00            /bin/sh -c while true;do echo hello zzyy;sleep 2;done
root                116250              116050              2                   18:25               ?                   00:00:00            sleep 2
[root@topcheer ~]#

docker inspect 查看容器內部細節

[root@topcheer ~]# docker inspect 6c4bb3ce4c35
[
    {
        "Id": "6c4bb3ce4c35a5380b553e686b806a1581bfb8dd0a115f63fa9b14da6195e667",
        "Created": "2019-09-22T10:21:57.924998005Z",
        "Path": "/bin/sh",
        "Args": [
            "-c",
            "while true;do echo hello zzyy;sleep 2;done"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 116050,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2019-09-22T10:21:58.43216616Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:67fa590cfc1c207c30b837528373f819f6262c884b7e69118d060a0c04d70ab8",
        "ResolvConfPath": "/var/lib/docker/containers/6c4bb3ce4c35a5380b553e686b806a1581bfb8dd0a115f63fa9b14da6195e667/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/6c4bb3ce4c35a5380b553e686b806a1581bfb8dd0a115f63fa9b14da6195e667/hostname",
        "HostsPath": "/var/lib/docker/containers/6c4bb3ce4c35a5380b553e686b806a1581bfb8dd0a115f63fa9b14da6195e667/hosts",
        "LogPath": "",
        "Name": "/eloquent_shannon",
        "RestartCount": 0,
        "Driver": "overlay2",
        "MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c71,c940",
        "ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c71,c940",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "journald",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "docker-runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": -1,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0
        },
        "GraphDriver": {
            "Name": "overlay2",
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/d8d3dca6c9115b3c782bf358a744475e78f5e62b627cca79e10a34e754310933-init/diff:/var/lib/docker/overlay2/7bc85336eb8ca768f43d8eb3d5f27bdf35fa99068be45c84622d18c0f87c90bd/diff",
                "MergedDir": "/var/lib/docker/overlay2/d8d3dca6c9115b3c782bf358a744475e78f5e62b627cca79e10a34e754310933/merged",
                "UpperDir": "/var/lib/docker/overlay2/d8d3dca6c9115b3c782bf358a744475e78f5e62b627cca79e10a34e754310933/diff",
                "WorkDir": "/var/lib/docker/overlay2/d8d3dca6c9115b3c782bf358a744475e78f5e62b627cca79e10a34e754310933/work"
            }
        },
        "Mounts": [],
        "Config": {
            "Hostname": "6c4bb3ce4c35",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "while true;do echo hello zzyy;sleep 2;done"
            ],
            "Image": "centos",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "org.label-schema.build-date": "20190801",
                "org.label-schema.license": "GPLv2",
                "org.label-schema.name": "CentOS Base Image",
                "org.label-schema.schema-version": "1.0",
                "org.label-schema.vendor": "CentOS"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "d5f116b329f01e9bab7f985282fd568e379c8e7aa4fcc3677b9b025ded771149",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/d5f116b329f0",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "825091555bc0adfdf32667650884ec2b6274c44c787291870de32ec2cee8575b",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "fe000671b1b7f9a2e634f409bd33ada7bed50e818a28c1d9c8245aba67b1b625",
                    "EndpointID": "825091555bc0adfdf32667650884ec2b6274c44c787291870de32ec2cee8575b",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02"
                }
            }
        }
    }
]
[root@topcheer ~]#

docker exec -it

[root@topcheer ~]# docker exec -it 6c4bb3ce4c35 /bin/bash
[root@6c4bb3ce4c35 /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   5 root root   340 Sep 22 10:21 dev
drwxr-xr-x.   1 root root    66 Sep 22 10:21 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 251 root root     0 Sep 22 10:21 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 22 10:21 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep  2 01:15 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@6c4bb3ce4c35 /]#
[root@topcheer ~]# docker attach 6c4bb3ce4c35
hello zzyy
hello zzyy
hello zzyy
hello zzyy
attach 直接進入容器啓動命令的終端，不會啓動新的進程
exec 是在容器中打開新的終端，而且能夠啓動新的進程

docker cp docker cp 容器ID:容器內路徑目的主機路徑

[root@topcheer ~]# docker cp 6c4bb3ce4c35:/tmp/yum.log /tmp/yum.log
[root@topcheer ~]# cd /tmp
[root@topcheer tmp]# ll
總用量 144
-rw-r--r--. 1 root root   1148 8月  31 18:29 anaconda.log
drwxr-xr-x. 2 root root     18 8月  31 18:17 hsperfdata_root
-rw-r--r--. 1 root root    415 8月  31 18:29 ifcfg.log
-rwx------. 1 root root    836 8月  31 18:27 ks-script-zj2XPa
-rw-r--r--. 1 root root      0 8月  31 18:28 packaging.log
-rw-r--r--. 1 root root      0 8月  31 18:28 program.log
-rw-r--r--. 1 root root      0 8月  31 18:28 sensitive-info.log
drwx------. 2 wgr  wgr      25 8月  31 18:31 ssh-FYigK4SAU4OM
drwx------. 2 wgr  wgr      25 9月   2 09:18 ssh-zKscLR1XtYju
-rw-r--r--. 1 root root      0 8月  31 18:28 storage.log
drwx------. 3 root root     17 8月  31 18:29 systemd-private-6a7934172f6c411fbf39074aa3902f99-bolt.service-Y8qrWS
drwx------. 3 root root     17 8月  31 18:29 systemd-private-6a7934172f6c411fbf39074aa3902f99-colord.service-7Jig8H
drwx------. 3 root root     17 8月  31 18:28 systemd-private-6a7934172f6c411fbf39074aa3902f99-cups.service-bBt1J6
drwx------. 3 root root     17 8月  31 18:31 systemd-private-6a7934172f6c411fbf39074aa3902f99-fwupd.service-Gm5QpN
drwx------. 3 root root     17 8月  31 18:28 systemd-private-6a7934172f6c411fbf39074aa3902f99-rtkit-daemon.service-VEQfTp
drwx------. 3 root root     17 8月  31 18:31 systemd-private-6a7934172f6c411fbf39074aa3902f99-systemd-hostnamed.service-TulnOV
drwx------. 3 root root     17 8月  31 18:28 systemd-private-6a7934172f6c411fbf39074aa3902f99-systemd-machined.service-Jxxmt6
drwx------. 3 root root     17 9月   2 09:16 systemd-private-7b6d429e399747c496a317824a2e8642-bolt.service-LFuHXZ
drwx------. 3 root root     17 9月   2 09:16 systemd-private-7b6d429e399747c496a317824a2e8642-colord.service-LRGmIL
drwx------. 3 root root     17 9月   2 09:16 systemd-private-7b6d429e399747c496a317824a2e8642-cups.service-Qktpb4
drwx------. 3 root root     17 9月   2 09:18 systemd-private-7b6d429e399747c496a317824a2e8642-fwupd.service-aSrZvk
drwx------. 3 root root     17 9月   2 09:15 systemd-private-7b6d429e399747c496a317824a2e8642-rtkit-daemon.service-nW4tNf
drwx------. 2 root root      6 9月  22 17:34 tmp.Bl496ZWqxn
drwx------. 2 root root      6 9月  22 17:33 tmp.K31L5zqugc
drwx------. 2 wgr  wgr       6 8月  31 18:31 tracker-extract-files.1000
drwx------. 2 root root      6 9月   2 09:15 vmware-root_6298-692293416
drwx------. 2 root root      6 8月  31 18:28 vmware-root_6346-994818392
-rw-------. 1 root root      0 8月   1 09:09 yum.log
-rw-------. 1 root root 133031 9月   2 09:19 yum_save_tx.2019-09-02.09-19.4iKsVG.yumtx
[root@topcheer tmp]#

attach    Attach to a running container                 # 當前 shell 下 attach 鏈接指定運行鏡像
build     Build an image from a Dockerfile              # 經過 Dockerfile 定製鏡像
commit    Create a new image from a container changes   # 提交當前容器爲新的鏡像
cp        Copy files/folders from the containers filesystem to the host path   #從容器中拷貝指定文件或者目錄到宿主機中
create    Create a new container                        # 建立一個新的容器，同 run，但不啓動容器
diff      Inspect changes on a container's filesystem   # 查看 docker 容器變化
events    Get real time events from the server          # 從 docker 服務獲取容器實時事件
exec      Run a command in an existing container        # 在已存在的容器上運行命令
export    Stream the contents of a container as a tar archive   # 導出容器的內容流做爲一個 tar 歸檔文件[對應 import ]
history   Show the history of an image                  # 展現一個鏡像造成歷史
images    List images                                   # 列出系統當前鏡像
import    Create a new filesystem image from the contents of a tarball # 從tar包中的內容建立一個新的文件系統映像[對應export]
info      Display system-wide information               # 顯示系統相關信息
inspect   Return low-level information on a container   # 查看容器詳細信息
kill      Kill a running container                      # kill 指定 docker 容器
load      Load an image from a tar archive              # 從一個 tar 包中加載一個鏡像[對應 save]
login     Register or Login to the docker registry server    # 註冊或者登錄一個 docker 源服務器
logout    Log out from a Docker registry server          # 從當前 Docker registry 退出
logs      Fetch the logs of a container                 # 輸出當前容器日誌信息
port      Lookup the public-facing port which is NAT-ed to PRIVATE_PORT    # 查看映射端口對應的容器內部源端口
pause     Pause all processes within a container        # 暫停容器
ps        List containers                               # 列出容器列表
pull      Pull an image or a repository from the docker registry server   # 從docker鏡像源服務器拉取指定鏡像或者庫鏡像
push      Push an image or a repository to the docker registry server    # 推送指定鏡像或者庫鏡像至docker源服務器
restart   Restart a running container                   # 重啓運行的容器
rm        Remove one or more containers                 # 移除一個或者多個容器
rmi       Remove one or more images             # 移除一個或多個鏡像[無容器使用該鏡像纔可刪除，不然需刪除相關容器纔可繼續或 -f 強制刪除]
run       Run a command in a new container              # 建立一個新的容器並運行一個命令
save      Save an image to a tar archive                # 保存一個鏡像爲一個 tar 包[對應 load]
search    Search for an image on the Docker Hub         # 在 docker hub 中搜索鏡像
start     Start a stopped containers                    # 啓動容器
stop      Stop a running containers                     # 中止容器
tag       Tag an image into a repository                # 給源中鏡像打標籤
top       Lookup the running processes of a container   # 查看容器中運行的進程信息
unpause   Unpause a paused container                    # 取消暫停容器
version   Show the docker version information           # 查看 docker 版本號
wait      Block until a container stops, then print its exit code   # 截取容器中止時的退出狀態值

3 docker鏡像

3.1 docker鏡像是什麼

UnionFS（聯合文件系統）：Union文件系統（UnionFS）是一種分層、輕量級而且高性能的文件系統，它支持對文件系統的修改做爲一次提交來一層層的疊加，同時能夠將不一樣目錄掛載到同一個虛擬文件系統下(unite several directories into a single virtual filesystem)。Union 文件系統是 Docker 鏡像的基礎。鏡像能夠經過分層來進行繼承，基於基礎鏡像（沒有父鏡像），能夠製做各類具體的應用鏡像。

特性：一次同時加載多個文件系統，但從外面看起來，只能看到一個文件系統，聯合加載會把各層文件系統疊加起來，這樣最終的文件系統會包含全部底層的文件和目錄

docker鏡像加載原理

docker的鏡像實際上由一層一層的文件系統組成，這種層級的文件系統UnionFS。 bootfs(boot file system)主要包含bootloader和kernel, bootloader主要是引導加載kernel, Linux剛啓動時會加載bootfs文件系統，在Docker鏡像的最底層是bootfs。這一層與咱們典型的Linux/Unix系統是同樣的，包含boot加載器和內核。當boot加載完成以後整個內核就都在內存中了，此時內存的使用權已由bootfs轉交給內核，此時系統也會卸載bootfs。

rootfs (root file system) ，在bootfs之上。包含的就是典型 Linux 系統中的 /dev, /proc, /bin, /etc 等標準目錄和文件。rootfs就是各類不一樣的操做系統發行版，好比Ubuntu，Centos等等。

平時咱們安裝進虛擬機的CentOS都是好幾個G，爲何docker這裏才200M？？

對於一個精簡的OS，rootfs能夠很小，只須要包括最基本的命令、工具和程序庫就能夠了，由於底層直接用Host的kernel，本身只須要提供 rootfs 就好了。因而可知對於不一樣的linux發行版, bootfs基本是一致的, rootfs會有差異, 所以不一樣的發行版能夠公用bootfs。

docker分層鏡像

以咱們的pull爲例，在下載的過程當中咱們能夠看到docker的鏡像好像是在一層一層的在下載

最大的一個好處就是 - 共享資源

好比：有多個鏡像都從相同的 base 鏡像構建而來，那麼宿主機只需在磁盤上保存一份base鏡像，同時內存中也只需加載一份 base 鏡像，就能夠爲全部容器服務了。並且鏡像的每一層均可以被共享。

特色

Docker鏡像都是隻讀的當容器啓動時，一個新的可寫層被加載到鏡像的頂部。這一層一般被稱做「容器層」，「容器層」之下的都叫「鏡像層」。

3.2 鏡像的commit

docker commit -m=「提交的描述信息」 -a=「做者」容器ID 要建立的目標鏡像名:[標籤名]

先拉取官方tomcat，運行

[root@topcheer tmp]# docker run -it -p 8888:8080 tomcat
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /usr/local/openjdk-8
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
22-Sep-2019 13:28:56.568 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name:   Apache Tomcat/8.5.46
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built:          Sep 16 2019 18:16:19 UTC
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 8.5.46.0
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name:               Linux
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version:            3.10.0-957.el7.x86_64
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture:          amd64
22-Sep-2019 13:28:56.572 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home:             /usr/local/o
-p 主機端口:docker容器端口
-P 隨機分配端口
i:交互
t:終端

刪除文件

[root@topcheer tmp]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
5910b3a257ff        tomcat              "catalina.sh run"        3 minutes ago       Up 3 minutes        0.0.0.0:8888->8080/tcp   brave_knuth
6c4bb3ce4c35        centos              "/bin/sh -c 'while..."   3 hours ago         Up 3 hours                                   eloquent_shannon
[root@topcheer tmp]# docker exec -it 5910b3a257ff /bin/bash
root@5910b3a257ff:/usr/local/tomcat# ll
bash: ll: command not found
root@5910b3a257ff:/usr/local/tomcat# ls -l
total 124
-rw-r--r--. 1 root root  19318 Sep 16 18:19 BUILDING.txt
-rw-r--r--. 1 root root   5407 Sep 16 18:19 CONTRIBUTING.md
-rw-r--r--. 1 root root  57011 Sep 16 18:19 LICENSE
-rw-r--r--. 1 root root   1726 Sep 16 18:19 NOTICE
-rw-r--r--. 1 root root   3255 Sep 16 18:19 README.md
-rw-r--r--. 1 root root   7139 Sep 16 18:19 RELEASE-NOTES
-rw-r--r--. 1 root root  16262 Sep 16 18:19 RUNNING.txt
drwxr-xr-x. 2 root root   4096 Sep 20 01:40 bin
drwxr-sr-x. 1 root root     22 Sep 22 13:28 conf
drwxr-sr-x. 2 root staff    78 Sep 20 01:40 include
drwxr-xr-x. 2 root root   4096 Sep 20 01:40 lib
drwxrwxrwx. 1 root root    177 Sep 22 13:28 logs
drwxr-sr-x. 3 root staff   151 Sep 20 01:40 native-jni-lib
drwxrwxrwx. 2 root root     30 Sep 20 01:40 temp
drwxr-xr-x. 7 root root     81 Sep 16 18:17 webapps
drwxrwxrwx. 1 root root     22 Sep 22 13:28 work
root@5910b3a257ff:/usr/local/tomcat#
root@5910b3a257ff:/usr/local/tomcat/webapps# ls -l
total 8
drwxr-xr-x.  3 root root 4096 Sep 20 01:40 ROOT
drwxr-xr-x. 15 root root 4096 Sep 20 01:40 docs
drwxr-xr-x.  6 root root   83 Sep 20 01:40 examples
drwxr-xr-x.  5 root root   87 Sep 20 01:40 host-manager
drwxr-xr-x.  5 root root  103 Sep 20 01:40 manager
root@5910b3a257ff:/usr/local/tomcat/webapps# rm -rf docs/
root@5910b3a257ff:/usr/local/tomcat/webapps#

提交鏡像

[root@topcheer tmp]# docker ps -l
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                    NAMES
5910b3a257ff        tomcat              "catalina.sh run"   6 minutes ago       Up 6 minutes        0.0.0.0:8888->8080/tcp   brave_knuth
[root@topcheer tmp]# docker commit -a="wgr" -m "test del docs" 5910b3a257ff topcher/tomcat:1.0.1
sha256:3d8737216a1e91c4b2f66a054eeb7e48031f5bff7a05a4a5ce4e5c519cc40084
[root@topcheer tmp]#
[root@topcheer tmp]# docker commit -a="wgr" -m "test del docs" 5910b3a257ff topcher/tomcat:1.0.1
sha256:3d8737216a1e91c4b2f66a054eeb7e48031f5bff7a05a4a5ce4e5c519cc40084
[root@topcheer tmp]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
topcher/tomcat          1.0.1               3d8737216a1e        22 seconds ago      508 MB
docker.io/tomcat        latest              8973f493aa0a        2 days ago          508 MB
docker.io/centos        latest              67fa590cfc1c        4 weeks ago         202 MB
docker.io/hello-world   latest              fce289e99eb9        8 months ago        1.84 kB
[root@topcheer tmp]#

運行鏡像

[root@topcheer tmp]# docker run -it -p 8080:8080 topcher/tomcat:1.0.1
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /usr/local/openjdk-8
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
22-Sep-2019 13:38:55.628 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name:   Apache Tomcat/8.5.46
22-Sep-2019 13:38:55.631 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built:          Sep 16 2019 18:16:19 UTC
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 8.5.46.0
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name:               Linux
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version:            3.10.0-957.el7.x86_64
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture:          amd64
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home:             /usr/local/openjdk-8/jre
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version:           1.8.0_222-b10
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:            Oracle Corporation
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:         /usr/local/tomcat
22-Sep-2019 13:38:55.632 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:         /usr/local/tomcat

確實爲剛剛commit的鏡像

4 docker數據卷

4.1 理念

先來看看Docker的理念：

將運用與運行的環境打包造成容器運行，運行能夠伴隨着容器，可是咱們對數據的要求但願是持久化的
容器之間但願有可能共享數據

Docker容器產生的數據，若是不經過docker commit生成新的鏡像，使得數據作爲鏡像的一部分保存下來，那麼當容器刪除後，數據天然也就沒有了。

爲了能保存數據在docker中咱們使用卷。

4.2 做用

卷就是目錄或文件，存在於一個或多個容器中，由docker掛載到容器，但不屬於聯合文件系統，所以可以繞過Union File System提供一些用於持續存儲或共享數據的特性：

卷的設計目的就是數據的持久化，徹底獨立於容器的生存週期，所以Docker不會在容器刪除時刪除其掛載的數據卷

特色： 1：數據卷可在容器之間共享或重用數據 2：卷中的更改能夠直接生效 3：數據卷中的更改不會包含在鏡像的更新中 4：數據卷的生命週期一直持續到沒有容器使用它爲止

容器的持久化有點相似咱們Redis裏面的rdb和aof文件

容器間繼承+共享數據相似Maven的父工程

4.3 經過命令添加數據卷

docker run -it -v /宿主機絕對路徑目錄:/容器內目錄鏡像名

[root@topcheer tmp]# docker run -it -v /wgrData:/containerData 67fa590cfc1c /bin/bash
[root@a518695bb7bc /]# ls -l
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root     6 Sep 22 13:50 containerData
drwxr-xr-x.   5 root root   360 Sep 22 13:50 dev
drwxr-xr-x.   1 root root    66 Sep 22 13:50 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 265 root root     0 Sep 22 13:50 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 22 13:50 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep  2 01:15 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@a518695bb7bc /]# cd containerData/
[root@a518695bb7bc containerData]# touch wgr.txt
touch: cannot touch 'wgr.txt': Permission denied
##後面說加參數，這邊權限不夠
[root@topcheer /]# cd wgrData
[root@topcheer wgrData]# ll
總用量 0
[root@topcheer wgrData]# touch wgr.txt
[root@topcheer wgrData]#

[root@a518695bb7bc containerData]# ls -l
total 0
-rw-r--r--. 1 root root 0 Sep 22 13:50 wgr.txt
[root@a518695bb7bc containerData]#

[root@topcheer wgrData]# docker inspect a518695bb7bc
[
    {
        "Id": "a518695bb7bc4c72983d69351ac7d55f8ede9b104639646a8f19a7d22a6e965d",
        "Created": "2019-09-22T13:50:02.271544718Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 126235,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2019-09-22T13:50:02.8043339Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:67fa590cfc1c207c30b837528373f819f6262c884b7e69118d060a0c04d70ab8",
        "ResolvConfPath": "/var/lib/docker/containers/a518695bb7bc4c72983d69351ac7d55f8ede9b104639646a8f19a7d22a6e965d/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/a518695bb7bc4c72983d69351ac7d55f8ede9b104639646a8f19a7d22a6e965d/hostname",
        "HostsPath": "/var/lib/docker/containers/a518695bb7bc4c72983d69351ac7d55f8ede9b104639646a8f19a7d22a6e965d/hosts",
        "LogPath": "",
        "Name": "/priceless_mccarthy",
        "RestartCount": 0,
        "Driver": "overlay2",
        "MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c554,c859",
        "ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c554,c859",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/wgrData:/containerData"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "journald",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "docker-runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": -1,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0
        },
        "GraphDriver": {
            "Name": "overlay2",
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/5ec60cedcc924e4e1308efa93cff63dcdf046209923df890790fffe89906f52a-init/diff:/var/lib/docker/overlay2/7bc85336eb8ca768f43d8eb3d5f27bdf35fa99068be45c84622d18c0f87c90bd/diff",
                "MergedDir": "/var/lib/docker/overlay2/5ec60cedcc924e4e1308efa93cff63dcdf046209923df890790fffe89906f52a/merged",
                "UpperDir": "/var/lib/docker/overlay2/5ec60cedcc924e4e1308efa93cff63dcdf046209923df890790fffe89906f52a/diff",
                "WorkDir": "/var/lib/docker/overlay2/5ec60cedcc924e4e1308efa93cff63dcdf046209923df890790fffe89906f52a/work"
            }
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/wgrData",
                "Destination": "/containerData",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "a518695bb7bc",
            "Domainname": "",
            "User": "",
            "AttachStdin": true,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": true,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "Image": "67fa590cfc1c",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "org.label-schema.build-date": "20190801",
                "org.label-schema.license": "GPLv2",
                "org.label-schema.name": "CentOS Base Image",
                "org.label-schema.schema-version": "1.0",
                "org.label-schema.vendor": "CentOS"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "99fff9167aad470c7e05b16c4f0a7995a8b65ec62bbd8b547e526618f6ad426b",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/99fff9167aad",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "51a7cabaa6a8ec85f43faca98bb1f12ad8cdc7e7bc9c323aa689ec209b557405",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.5",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:05",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "fe000671b1b7f9a2e634f409bd33ada7bed50e818a28c1d9c8245aba67b1b625",
                    "EndpointID": "51a7cabaa6a8ec85f43faca98bb1f12ad8cdc7e7bc9c323aa689ec209b557405",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.5",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:05"
                }
            }
        }
    }
]
[root@topcheer wgrData]#

4.4 測試

容器中止退出後，主機修改後數據是否同步

[root@topcheer wgrData]# docker stop a518695bb7bc
a518695bb7bc
[root@topcheer wgrData]# ll
總用量 0
-rw-r--r--. 1 root root 0 9月  22 21:50 wgr.txt
[root@topcheer wgrData]# vim wgr.txt
[root@topcheer wgrData]# docker ps -a
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS                            PORTS                    NAMES
a518695bb7bc        67fa590cfc1c           "/bin/bash"              13 minutes ago      Exited (137) About a minute ago                            priceless_mccarthy
936835c7272b        topcher/tomcat:1.0.1   "catalina.sh run"        24 minutes ago      Up 24 minutes                     0.0.0.0:8080->8080/tcp   angry_northcutt
5910b3a257ff        tomcat                 "catalina.sh run"        34 minutes ago      Up 34 minutes                     0.0.0.0:8888->8080/tcp   brave_knuth
6c4bb3ce4c35        centos                 "/bin/sh -c 'while..."   3 hours ago         Up 3 hours                                                 eloquent_shannon
[root@topcheer wgrData]# docker start a518695bb7bc
a518695bb7bc
[root@topcheer wgrData]# docker exec -it a518695bb7bc /bin/bash
[root@a518695bb7bc /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root    21 Sep 22 14:02 containerData
drwxr-xr-x.   5 root root   360 Sep 22 14:03 dev
drwxr-xr-x.   1 root root    66 Sep 22 13:50 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 267 root root     0 Sep 22 14:03 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 22 13:50 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep  2 01:15 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@a518695bb7bc /]# cd containerData/
[root@a518695bb7bc containerData]# ll
total 4
-rw-r--r--. 1 root root 8 Sep 22 14:02 wgr.txt
[root@a518695bb7bc containerData]# cat wgr.txt
eqweqeq
[root@a518695bb7bc containerData]#

添加權限

[root@topcheer wgrData]# docker run -it --privileged=true  -v /wgrData1:/containerData1 67fa590cfc1c /bin/bash
[root@2de3c8ed278e /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root     6 Sep 22 14:19 containerData1
drwxr-xr-x.  15 root root  3120 Sep 22 14:19 dev
drwxr-xr-x.   1 root root    66 Sep 22 14:19 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 272 root root     0 Sep 22 14:19 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 22 14:19 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep  2 01:15 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@2de3c8ed278e /]# cd containerData1/
[root@2de3c8ed278e containerData1]# touch wgr.txt
[root@2de3c8ed278e containerData1]#

限制權限

[root@topcheer wgrData]# docker stop 936835c7272b
936835c7272b
[root@topcheer wgrData]# docker run -it -v /wgrData2:/containerData2:ro 67fa590cfc1c /bin/bash
[root@377e0b8a96a2 /]#


 "Mounts": [
            {
                "Type": "bind",
                "Source": "/wgrData2",
                "Destination": "/containerData2",
                "Mode": "ro",
                "RW": false,
                "Propagation": "rprivate"
            }
        ],

4.5 Dockerfile添加

可在Dockerfile中使用VOLUME指令來給鏡像添加一個或多個數據卷

[root@topcheer mydocker]# vim Dockerfile
[root@topcheer mydocker]# docker build -f Dockerfile -t wgr/centos .
Sending build context to Docker daemon 2.048 kB
Step 1/4 : FROM centos
 ---> 67fa590cfc1c
Step 2/4 : VOLUME /dataVolumeContainer1 /dataVolumeContainer2
 ---> Running in 1fece8932e92
 ---> 5c15da2cfe9a
Removing intermediate container 1fece8932e92
Step 3/4 : CMD echo "finished,--------success1"
 ---> Running in 708260afecce
 ---> 8039778cf467
Removing intermediate container 708260afecce
Step 4/4 : CMD /bin/bash
 ---> Running in 54e07ae3feb5
 ---> fb7e3d506043
Removing intermediate container 54e07ae3feb5
Successfully built fb7e3d506043
[root@topcheer mydocker]# cat Dockerfile
# volume test
FROM centos
VOLUME ["/dataVolumeContainer1","/dataVolumeContainer2"]
CMD echo "finished,--------success1"
CMD /bin/bash
[root@topcheer mydocker]#

[root@topcheer mydocker]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED              SIZE
wgr/centos              latest              fb7e3d506043        About a minute ago   202 MB
mytomcat9               latest              6c243064a028        20 hours ago         749 MB
myip                    1.2                 00a0a1f80e36        20 hours ago         271 MB
myip                    latest              420c99c3b707        20 hours ago         271 MB
mycentosfile            1.1                 f022cd7b9017        20 hours ago         395 MB
topcher/tomcat          1.0.1               3d8737216a1e        23 hours ago         508 MB
docker.io/tomcat        latest              8973f493aa0a        3 days ago           508 MB
docker.io/centos        latest              67fa590cfc1c        4 weeks ago          202 MB
docker.io/hello-world   latest              fce289e99eb9        8 months ago         1.84 kB
[root@topcheer mydocker]# docker run -it wgr/centos /bin/bash
[root@a63d98e5a625 /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root     6 Sep 23 12:52 dataVolumeContainer1
drwxr-xr-x.   2 root root     6 Sep 23 12:52 dataVolumeContainer2
drwxr-xr-x.   5 root root   360 Sep 23 12:52 dev
drwxr-xr-x.   1 root root    66 Sep 23 12:52 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 208 root root     0 Sep 23 12:52 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 23 12:52 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep 23 12:25 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@a63d98e5a625 /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root     6 Sep 23 12:52 dataVolumeContainer1
drwxr-xr-x.   2 root root     6 Sep 23 12:52 dataVolumeContainer2
drwxr-xr-x.   5 root root   360 Sep 23 12:52 dev
drwxr-xr-x.   1 root root    66 Sep 23 12:52 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 208 root root     0 Sep 23 12:52 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 23 12:52 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep 23 12:25 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@a63d98e5a625 /]# cd dataVolumeContainer
bash: cd: dataVolumeContainer: No such file or directory
[root@a63d98e5a625 /]# cd dataVolumeContainer1
[root@a63d98e5a625 dataVolumeContainer1]# ll
total 0
[root@a63d98e5a625 dataVolumeContainer1]# touch 1.txt
[root@a63d98e5a625 dataVolumeContainer1]#
[root@a63d98e5a625 dataVolumeContainer1]#
[root@a63d98e5a625 dataVolumeContainer1]# [root@topcheer mydocker]#
[root@topcheer mydocker]# docker inspect a63d98e5a625
[
    {
        "Id": "a63d98e5a6256f77f457ae99346d6e6e2dc538c747a0ac5ed8632337694dd72b",
        "Created": "2019-09-23T12:52:45.588897445Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 18139,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2019-09-23T12:52:49.795395625Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:fb7e3d506043d6ee7ca70b2dd2c18eb053d2a9fcc11b812c536f852a53d8c6cf",
        "ResolvConfPath": "/var/lib/docker/containers/a63d98e5a6256f77f457ae99346d6e6e2dc538c747a0ac5ed8632337694dd72b/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/a63d98e5a6256f77f457ae99346d6e6e2dc538c747a0ac5ed8632337694dd72b/hostname",
        "HostsPath": "/var/lib/docker/containers/a63d98e5a6256f77f457ae99346d6e6e2dc538c747a0ac5ed8632337694dd72b/hosts",
        "LogPath": "",
        "Name": "/stoic_lamport",
        "RestartCount": 0,
        "Driver": "overlay2",
        "MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c816,c976",
        "ProcessLabel": "system_u:system_r:svirt_lxc_net_t:s0:c816,c976",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "journald",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "docker-runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": null,
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": -1,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0
        },
        "GraphDriver": {
            "Name": "overlay2",
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/fc0dec9c7dd31f34f9d63168c5555aa9bdc85eaef29c562b65895bf26b068aa7-init/diff:/var/lib/docker/overlay2/7bc85336eb8ca768f43d8eb3d5f27bdf35fa99068be45c84622d18c0f87c90bd/diff",
                "MergedDir": "/var/lib/docker/overlay2/fc0dec9c7dd31f34f9d63168c5555aa9bdc85eaef29c562b65895bf26b068aa7/merged",
                "UpperDir": "/var/lib/docker/overlay2/fc0dec9c7dd31f34f9d63168c5555aa9bdc85eaef29c562b65895bf26b068aa7/diff",
                "WorkDir": "/var/lib/docker/overlay2/fc0dec9c7dd31f34f9d63168c5555aa9bdc85eaef29c562b65895bf26b068aa7/work"
            }
        },
        "Mounts": [
            {
                "Type": "volume",
                "Name": "3cef2f791e18ba2f31798ef27ab1f066f012d5b4e2447e0d4cf2d15bb76af352",
                "Source": "/var/lib/docker/volumes/3cef2f791e18ba2f31798ef27ab1f066f012d5b4e2447e0d4cf2d15bb76af352/_data",
                "Destination": "/dataVolumeContainer2",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            },
            {
                "Type": "volume",
                "Name": "fa71d12b3a7f55457b3f2f57ca72b0620ea234fd03fba760534480758183944d",
                "Source": "/var/lib/docker/volumes/fa71d12b3a7f55457b3f2f57ca72b0620ea234fd03fba760534480758183944d/_data",
                "Destination": "/dataVolumeContainer1",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
        ],
        "Config": {
            "Hostname": "a63d98e5a625",
            "Domainname": "",
            "User": "",
            "AttachStdin": true,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": true,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "Image": "wgr/centos",
            "Volumes": {
                "/dataVolumeContainer1": {},
                "/dataVolumeContainer2": {}
            },
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "org.label-schema.build-date": "20190801",
                "org.label-schema.license": "GPLv2",
                "org.label-schema.name": "CentOS Base Image",
                "org.label-schema.schema-version": "1.0",
                "org.label-schema.vendor": "CentOS"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "4bd5f69d0dffd043bb7948d327839f0ab92780a9e4aa74cc62e4555a47c35902",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/4bd5f69d0dff",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "69971af973442c794869f43d21a152b8530d648da8b1967e419fde7db0efac13",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.3",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:03",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "c7d7aaeb71644a84fdda020955a64ae3a2905c8369a08536c24c956bdba11b58",
                    "EndpointID": "69971af973442c794869f43d21a152b8530d648da8b1967e419fde7db0efac13",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.3",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:03"
                }
            }
        }
    }
]
[root@topcheer mydocker]# cd /var/lib/docker/volumes/fa71d12b3a7f55457b3f2f57ca72b0620ea234fd03fba760534480758183944d/_data
[root@topcheer _data]# ll
總用量 0
-rw-r--r--. 1 root root 0 9月  23 20:53 1.txt
[root@topcheer _data]#

Docker掛載主機目錄Docker訪問出現cannot open directory .: Permission denied 解決辦法：在掛載目錄後多加一個--privileged=true參數便可

4.6 數據卷容器

4.6.1 概念

命名的容器掛載數據卷，其它容器經過掛載這個(父容器)實現數據共享，掛載數據卷的容器，稱之爲數據卷容器

4.6.2 實驗

[root@topcheer _data]# docker run -it --name dc02 --volumes-from  stoic_lamport  wgr/centos
[root@d8e6cc3bad6f /]# ll
total 12
-rw-r--r--.   1 root root 12090 Aug  1 01:10 anaconda-post.log
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 bin -> usr/bin
drwxr-xr-x.   2 root root    19 Sep 23 12:53 dataVolumeContainer1
drwxr-xr-x.   2 root root     6 Sep 23 12:52 dataVolumeContainer2
drwxr-xr-x.   5 root root   360 Sep 23 13:05 dev
drwxr-xr-x.   1 root root    66 Sep 23 13:05 etc
drwxr-xr-x.   2 root root     6 Apr 11  2018 home
lrwxrwxrwx.   1 root root     7 Aug  1 01:09 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Aug  1 01:09 lib64 -> usr/lib64
drwxr-xr-x.   2 root root     6 Apr 11  2018 media
drwxr-xr-x.   2 root root     6 Apr 11  2018 mnt
drwxr-xr-x.   2 root root     6 Apr 11  2018 opt
dr-xr-xr-x. 220 root root     0 Sep 23 13:05 proc
dr-xr-x---.   2 root root   114 Aug  1 01:10 root
drwxr-xr-x.   1 root root    21 Sep 23 13:05 run
lrwxrwxrwx.   1 root root     8 Aug  1 01:09 sbin -> usr/sbin
drwxr-xr-x.   2 root root     6 Apr 11  2018 srv
dr-xr-xr-x.  13 root root     0 Sep 23 12:25 sys
drwxrwxrwt.   7 root root   132 Aug  1 01:10 tmp
drwxr-xr-x.  13 root root   155 Aug  1 01:09 usr
drwxr-xr-x.  18 root root   238 Aug  1 01:09 var
[root@d8e6cc3bad6f /]# cd dataVolumeContainer1
[root@d8e6cc3bad6f dataVolumeContainer1]# ll
total 0
-rw-r--r--. 1 root root 0 Sep 23 12:53 1.txt
[root@d8e6cc3bad6f dataVolumeContainer1]#
[root@a63d98e5a625 /]# cd dataVolumeContainer2
[root@a63d98e5a625 dataVolumeContainer2]# ll
total 0
-rw-r--r--. 1 root root 0 Sep 23 13:06 2.txt
[root@a63d98e5a625 dataVolumeContainer2]#
[root@topcheer ~]# docker run -it --name dc03 --volumes-from  stoic_lamport  wgr/centos
[root@24ee76550315 /]# cd /dataVolumeContainer2
[root@24ee76550315 dataVolumeContainer2]# ll
total 0
-rw-r--r--. 1 root root 0 Sep 23 13:06 2.txt
[root@24ee76550315 dataVolumeContainer2]#

結論：容器之間配置信息的傳遞，數據卷的生命週期一直持續到沒有容器使用它爲止

5 Dockerfile詳解

Dockerfile是用來構建Docker鏡像的構建文件，是由一系列命令和參數構成的腳本。

編寫Dockerfile文件 --- docker build --- docker run

如圖，centos爲例

5.1 DockerFile構建過程解析

Dockerfile內容基礎知識

1：每條保留字指令都必須爲大寫字母且後面要跟隨至少一個參數

2：指令按照從上到下，順序執行

3：#表示註釋

4：每條指令都會建立一個新的鏡像層，並對鏡像進行提交
Docker執行Dockerfile的大體流程

（1）docker從基礎鏡像運行一個容器

（2）執行一條指令並對容器做出修改

（3）執行相似docker commit的操做提交一個新的鏡像層

（4）docker再基於剛提交的鏡像運行一個新容器

（5）執行dockerfile中的下一條指令直到全部指令都執行完成
總結

從應用軟件的角度來看，Dockerfile、Docker鏡像與Docker容器分別表明軟件的三個不一樣階段，
- Dockerfile是軟件的原材料
- Docker鏡像是軟件的交付品
- Docker容器則能夠認爲是軟件的運行態。 Dockerfile面向開發，Docker鏡像成爲交付標準，Docker容器則涉及部署與運維，三者缺一不可，協力充當Docker體系的基石。

1 Dockerfile，須要定義一個Dockerfile，Dockerfile定義了進程須要的一切東西。Dockerfile涉及的內容包括執行代碼或者是文件、環境變量、依賴包、運行時環境、動態連接庫、操做系統的發行版、服務進程和內核進程(當應用進程須要和系統服務和內核進程打交道，這時須要考慮如何設計namespace的權限控制)等等;

2 Docker鏡像，在用Dockerfile定義一個文件以後，docker build時會產生一個Docker鏡像，當運行 Docker鏡像時，會真正開始提供服務;

3 Docker容器，容器是直接提供服務的。

5.2 Dockerfile指令

FROM	基礎鏡像，當前新鏡像是基於哪一個鏡像的
MAINTAINER	鏡像維護者的姓名和郵箱地址
RUN	容器構建時須要運行的命令
EXPOSE	當前容器對外暴露出的端口
WORKDIR	指定在建立容器後，終端默認登錄的進來工做目錄，一個落腳點
ENV	用來在構建鏡像過程當中設置環境變量
ADD	將宿主機目錄下的文件拷貝進鏡像且ADD命令會自動處理URL和解壓tar壓縮包
COPY	相似ADD，拷貝文件和目錄到鏡像中。將從構建上下文目錄中 <源路徑> 的文件/目錄複製到新的一層的鏡像內的 <目標路徑> 位置
VOLUME	容器數據卷，用於數據保存和持久化工做
CMD	Dockerfile 中能夠有多個 CMD 指令，但只有最後一個生效，CMD 會被 docker run 以後的參數替換
ENTRYPOINT	ENTRYPOINT 的目的和 CMD 同樣，都是在指定容器啓動程序及參數
ONBUILD	當構建一個被繼承的Dockerfile時運行命令，父鏡像在被子繼承後父鏡像的onbuild被觸發

注：Docker Hub 中 99% 的鏡像都是經過在 base 鏡像中安裝和配置須要的軟件構建出來的

5.3 製做案例--自定義鏡像mycentos

自定義mycentos目的使咱們本身的鏡像具有以下：登錄後的默認路徑 vim編輯器查看網絡配置ifconfig支持

編寫Dockerfile

FROM centos
MAINTAINER wgr<wang.gr@topcheer.com>
 
ENV MYPATH /usr/local
WORKDIR $MYPATH
 
RUN yum -y install vim
RUN yum -y install net-tools
 
EXPOSE 80
 
CMD echo $MYPATH
CMD echo "success--------------ok"
CMD /bin/bash

開始構建

[root@topcheer myfile]# docker build -t mycentosfile:1.1 .
Sending build context to Docker daemon 2.048 kB
Step 1/10 : FROM centos
 ---> 67fa590cfc1c
Step 2/10 : MAINTAINER wgr<wang.gr@topcheer.com>
 ---> Running in 1f88baf9b360
 ---> 871c31a91729
Removing intermediate container 1f88baf9b360
Step 3/10 : ENV MYPATH /usr/local
 ---> Running in b069dd98cebf
 ---> 084266f310f4
Removing intermediate container b069dd98cebf
Step 4/10 : WORKDIR $MYPATH
 ---> 4d957d2ce926
Removing intermediate container fe5768a9a5b5
Step 5/10 : RUN yum -y install vim
 ---> Running in fd8a0b061957

Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
 * base: mirror.jdcloud.com
 * extras: centos.ustc.edu.cn
 * updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package vim-enhanced.x86_64 2:7.4.629-6.el7 will be installed
--> Processing Dependency: vim-common = 2:7.4.629-6.el7 for package: 2:vim-enhanced-7.4.629-6.el7.x86_64
--> Processing Dependency: which for package: 2:vim-enhanced-7.4.629-6.el7.x86_64
--> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 2:vim-enhanced-7.4.629-6.el7.x86_64
--> Processing Dependency: libperl.so()(64bit) for package: 2:vim-enhanced-7.4.629-6.el7.x86_64
--> Processing Dependency: libgpm.so.2()(64bit) for package: 2:vim-enhanced-7.4.629-6.el7.x86_64
--> Running transaction check
---> Package gpm-libs.x86_64 0:1.20.7-6.el7 will be installed
.....................

Complete!
 ---> 67a4329fa503
Removing intermediate container e92c8b523c7c
Step 7/10 : EXPOSE 80
 ---> Running in bf6935680423
 ---> e47d782ab0f5
Removing intermediate container bf6935680423
Step 8/10 : CMD echo $MYPATH
 ---> Running in e0c51d8c13ba
 ---> 850284459ab5
Removing intermediate container e0c51d8c13ba
Step 9/10 : CMD echo "success--------------ok"
 ---> Running in 339022b46c36
 ---> 7117b7f8d635
Removing intermediate container 339022b46c36
Step 10/10 : CMD /bin/bash
 ---> Running in ad662d3129a4
 ---> f022cd7b9017
Removing intermediate container ad662d3129a4
Successfully built f022cd7b9017
[root@topcheer myfile]#

運行

[root@topcheer myfile]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
mycentosfile            1.1                 f022cd7b9017        27 seconds ago      395 MB
topcher/tomcat          1.0.1               3d8737216a1e        2 hours ago         508 MB
docker.io/tomcat        latest              8973f493aa0a        2 days ago          508 MB
docker.io/centos        latest              67fa590cfc1c        4 weeks ago         202 MB
docker.io/hello-world   latest              fce289e99eb9        8 months ago        1.84 kB
[root@topcheer myfile]# docker run -it mycentosfile:1.1
[root@48e1ce50cb3f local]# ll
total 0
drwxr-xr-x. 2 root root  6 Apr 11  2018 bin
drwxr-xr-x. 2 root root  6 Apr 11  2018 etc
drwxr-xr-x. 2 root root  6 Apr 11  2018 games
drwxr-xr-x. 2 root root  6 Apr 11  2018 include
drwxr-xr-x. 2 root root  6 Apr 11  2018 lib
drwxr-xr-x. 2 root root  6 Apr 11  2018 lib64
drwxr-xr-x. 2 root root  6 Apr 11  2018 libexec
drwxr-xr-x. 2 root root  6 Apr 11  2018 sbin
drwxr-xr-x. 5 root root 49 Aug  1 01:09 share
drwxr-xr-x. 2 root root  6 Apr 11  2018 src
[root@48e1ce50cb3f local]# pwd
/usr/local
[root@48e1ce50cb3f local]# vim 1.txt
[root@48e1ce50cb3f local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.6  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:acff:fe11:6  prefixlen 64  scopeid 0x20<link>
        ether 02:42:ac:11:00:06  txqueuelen 0  (Ethernet)
        RX packets 8  bytes 656 (656.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 656 (656.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@48e1ce50cb3f local]# [root@topcheer myfile]#
[root@topcheer myfile]#
[root@topcheer myfile]#
[root@topcheer myfile]# docker history f022cd7b9017
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
f022cd7b9017        2 minutes ago       /bin/sh -c #(nop)  CMD ["/bin/sh" "-c" "/b...   0 B
7117b7f8d635        2 minutes ago       /bin/sh -c #(nop)  CMD ["/bin/sh" "-c" "ec...   0 B
850284459ab5        2 minutes ago       /bin/sh -c #(nop)  CMD ["/bin/sh" "-c" "ec...   0 B
e47d782ab0f5        2 minutes ago       /bin/sh -c #(nop)  EXPOSE 80/tcp                0 B
67a4329fa503        2 minutes ago       /bin/sh -c yum -y install net-tools             69 MB
4b7b749294d0        2 minutes ago       /bin/sh -c yum -y install vim                   124 MB
4d957d2ce926        3 minutes ago       /bin/sh -c #(nop) WORKDIR /usr/local            0 B
084266f310f4        3 minutes ago       /bin/sh -c #(nop)  ENV MYPATH=/usr/local        0 B
871c31a91729        3 minutes ago       /bin/sh -c #(nop)  MAINTAINER wgr<wang.gr@...   0 B
67fa590cfc1c        4 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/bash"]            0 B
<missing>           4 weeks ago         /bin/sh -c #(nop)  LABEL org.label-schema....   0 B
<missing>           4 weeks ago         /bin/sh -c #(nop) ADD file:4e7247c06de9ad1...   202 MB
[root@topcheer myfile]#

5.4 CMD/ENTRYPOINT 詳解

都是指定一個容器啓動時要運行的命令

CMD

Dockerfile 中能夠有多個 CMD 指令，但只有最後一個生效，CMD 會被 docker run 以後的參數替換

[root@topcheer myfile]# docker run -it 3d8737216a1e ls -l
total 124
-rw-r--r--. 1 root root  19318 Sep 16 18:19 BUILDING.txt
-rw-r--r--. 1 root root   5407 Sep 16 18:19 CONTRIBUTING.md
-rw-r--r--. 1 root root  57011 Sep 16 18:19 LICENSE
-rw-r--r--. 1 root root   1726 Sep 16 18:19 NOTICE
-rw-r--r--. 1 root root   3255 Sep 16 18:19 README.md
-rw-r--r--. 1 root root   7139 Sep 16 18:19 RELEASE-NOTES
-rw-r--r--. 1 root root  16262 Sep 16 18:19 RUNNING.txt
drwxr-xr-x. 2 root root   4096 Sep 20 01:40 bin
drwxr-sr-x. 1 root root     22 Sep 22 13:28 conf
drwxr-sr-x. 2 root staff    78 Sep 20 01:40 include
drwxr-xr-x. 2 root root   4096 Sep 20 01:40 lib
drwxrwxrwx. 1 root root    177 Sep 22 13:28 logs
drwxr-sr-x. 3 root staff   151 Sep 20 01:40 native-jni-lib
drwxrwxrwx. 2 root root     30 Sep 20 01:40 temp
drwxr-xr-x. 1 root root     18 Sep 22 13:33 webapps
drwxrwxrwx. 1 root root     22 Sep 22 13:28 work
[root@topcheer myfile]#

注：tomcat的Dockerfile最後一個命令爲CMD /bin/bash，手動輸入參數，會進行替換

ENTRYPOINT

docker run 以後的參數會被當作參數傳遞給 ENTRYPOINT，以後造成新的命令組合

[root@topcheer myfile]# docker build -f dockerfile1 -t myip .
Sending build context to Docker daemon 2.048 kB
Step 1/3 : FROM centos
 ---> 67fa590cfc1c
Step 2/3 : RUN yum install -y curl
 ---> Running in 24d685efc352

Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.huaweicloud.com
 * updates: mirrors.huaweicloud.com
Resolving Dependencies
--> Running transaction check
---> Package curl.x86_64 0:7.29.0-51.el7_6.3 will be updated
---> Package curl.x86_64 0:7.29.0-54.el7 will be an update
--> Processing Dependency: libcurl = 7.29.0-54.el7 for package: curl-7.29.0-54.el7.x86_64
--> Running transaction check
---> Package libcurl.x86_64 0:7.29.0-51.el7_6.3 will be updated
---> Package libcurl.x86_64 0:7.29.0-54.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch            Version                   Repository     Size
================================================================================
Updating:
 curl             x86_64          7.29.0-54.el7             base          270 k
Updating for dependencies:
 libcurl          x86_64          7.29.0-54.el7             base          222 k

Transaction Summary
================================================================================
Upgrade  1 Package (+1 Dependent package)

Total download size: 493 k
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7/base/packages/libcurl-7.29.0-54.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for libcurl-7.29.0-54.el7.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total                                              988 kB/s | 493 kB  00:00
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-6.1810.2.el7.centos.x86_64 (@CentOS)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : libcurl-7.29.0-54.el7.x86_64                                 1/4
  Updating   : curl-7.29.0-54.el7.x86_64                                    2/4
  Cleanup    : curl-7.29.0-51.el7_6.3.x86_64                                3/4
  Cleanup    : libcurl-7.29.0-51.el7_6.3.x86_64                             4/4
  Verifying  : libcurl-7.29.0-54.el7.x86_64                                 1/4
  Verifying  : curl-7.29.0-54.el7.x86_64                                    2/4
  Verifying  : curl-7.29.0-51.el7_6.3.x86_64                                3/4
  Verifying  : libcurl-7.29.0-51.el7_6.3.x86_64                             4/4

Updated:
  curl.x86_64 0:7.29.0-54.el7

Dependency Updated:
  libcurl.x86_64 0:7.29.0-54.el7

Complete!
 ---> ed86a4b09c55
Removing intermediate container 24d685efc352
Step 3/3 : CMD curl -s http://ip.cn
 ---> Running in c98ca5fa9fed
 ---> 420c99c3b707
Removing intermediate container c98ca5fa9fed
Successfully built 420c99c3b707
[root@topcheer myfile]#

root@topcheer myfile]# cat dockerfile1
FROM centos
RUN yum install -y curl
CMD [ "curl", "-s", "http://ip.cn" ]

加入參數 -i

[root@topcheer myfile]# docker run 420c99c3b707 -i
container_linux.go:235: starting container process caused "exec: \"-i\": executable file not found in $PATH"
/usr/bin/docker-current: Error response from daemon: oci runtime error: container_linux.go:235: starting container process caused "exec: \"-i\": executable file not found in $PATH".
[root@topcheer myfile]#

咱們能夠看到可執行文件找不到的報錯，executable file not found。以前咱們說過，跟在鏡像名後面的是 command，運行時會替換 CMD 的默認值。所以這裏的 -i 替換了原來的 CMD，而不是添加在原來的 curl -s http://ip.cn 後面。而 -i 根本不是命令，因此天然找不到。

那麼若是咱們但願加入 -i 這參數，咱們就必須從新完整的輸入這個命令：

$ docker run myip curl -s http://ip.cn -i

[root@topcheer myfile]# docker build -f dockerfile2 -t myip:1.2 .
Sending build context to Docker daemon 3.072 kB
Step 1/3 : FROM centos
 ---> 67fa590cfc1c
Step 2/3 : RUN yum install -y curl
 ---> Using cache
 ---> ed86a4b09c55
Step 3/3 : ENTRYPOINT curl -s http://ip.cn
 ---> Running in 695e59ae2f9f
 ---> 00a0a1f80e36
Removing intermediate container 695e59ae2f9f
Successfully built 00a0a1f80e36
[root@topcheer myfile]#
root@topcheer myfile]# cat dockerfile2
FROM centos
RUN yum install -y curl
ENTRYPOINT [ "curl", "-s", "http://ip.cn" ]
[root@topcheer myfile]#

[root@topcheer myfile]# docker run 00a0a1f80e36 -i
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Sep 2019 16:21:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 22 Sep 2019 17:21:12 GMT
Location: https://ip.cn/
Server: cloudflare
CF-RAY: 51a59c51fca7d356-LAX

[root@topcheer myfile]#

5.5 自定義鏡像Tomcat9

[root@topcheer myfile]# mkdir -p /zzyyuse/mydockerfile/tomcat9
[root@topcheer myfile]# cd /zzyyuse/mydockerfile/tomcat9/
[root@topcheer tomcat9]# mv touch touch.txt
[root@topcheer tomcat9]# ll
總用量 202568
-rw-r--r--. 1 root root  12326996 9月  23 00:29 apache-tomcat-9.0.26.tar.gz
-rw-r--r--. 1 root root 195094741 9月  23 00:44 jdk-8u221-linux-x64.tar.gz
-rw-r--r--. 1 root root         8 9月  23 00:26 touch.txt
[root@topcheer tomcat9]# vim dockerfile
[root@topcheer tomcat9]# docker build -f dockerfile -t mytomcat9 .
Sending build context to Docker daemon 207.4 MB
Step 1/15 : FROM centos
 ---> 67fa590cfc1c
Step 2/15 : MAINTAINER wgr<wang.gr@Topcheer.com>
 ---> Running in 1d226a95e4bd
 ---> 1757ce5df080
Removing intermediate container 1d226a95e4bd
Step 3/15 : COPY touch.txt /usr/local/cincontainer.txt
 ---> 47027886f2b6
Removing intermediate container 7f9c861f6ebf
Step 4/15 : ADD jdk-8u221-linux-x64.tar.gz /usr/local/
 ---> af6a09494e41
Removing intermediate container 1ce823526620
Step 5/15 : ADD apache-tomcat-9.0.26.tar.gz /usr/local/
 ---> 30ed83402115
Removing intermediate container 63f92f905d88
Step 6/15 : RUN yum -y install vim
 ---> Running in 52768f621694
Complete!
 ---> 1a786e61417c
Removing intermediate container 52768f621694
Step 7/15 : ENV MYPATH /usr/local
 ---> Running in a9ffa71dea83
 ---> 3e22143a0c16
Removing intermediate container a9ffa71dea83
Step 8/15 : WORKDIR $MYPATH
 ---> 6371b1f9c73c
Removing intermediate container 0f276bf3ce88
Step 9/15 : ENV JAVA_HOME /usr/local/jdk1.8.0_221
 ---> Running in 41ccc23b039d
 ---> 41a86caa4a67
Removing intermediate container 41ccc23b039d
Step 10/15 : ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
 ---> Running in d8b2069614ec
 ---> b2d06aada292
Removing intermediate container d8b2069614ec
Step 11/15 : ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.26
 ---> Running in b8129aaa2c20
 ---> 6f4277b94c01
Removing intermediate container b8129aaa2c20
Step 12/15 : ENV CATALINA_BASE /usr/local/apache-tomcat-9.0.26
 ---> Running in 310832c60e55
 ---> 965e54b0e595
Removing intermediate container 310832c60e55
Step 13/15 : ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
 ---> Running in e9c4f9fe44a2
 ---> 7102c04d53b2
Removing intermediate container e9c4f9fe44a2
Step 14/15 : EXPOSE 8080
 ---> Running in 329adfcaba35
 ---> 601bffd46d5a
Removing intermediate container 329adfcaba35
Step 15/15 : CMD /usr/local/apache-tomcat-9.0.26/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.26/bin/logs/catalina.out
 ---> Running in 1ecc7244a41f
 ---> 6c243064a028
Removing intermediate container 1ecc7244a41f
Successfully built 6c243064a028

Dockerfile

[root@topcheer tomcat9]# cat dockerfile

FROM         centos
MAINTAINER    wgr<wang.gr@Topcheer.com>
#把宿主機當前上下文的c.txt拷貝到容器/usr/local/路徑下
COPY touch.txt /usr/local/cincontainer.txt
#把java與tomcat添加到容器中
ADD jdk-8u221-linux-x64.tar.gz /usr/local/
ADD apache-tomcat-9.0.26.tar.gz /usr/local/
#安裝vim編輯器
RUN yum -y install vim
#設置工做訪問時候的WORKDIR路徑，登陸落腳點
ENV MYPATH /usr/local
WORKDIR $MYPATH
#配置java與tomcat環境變量
ENV JAVA_HOME /usr/local/jdk1.8.0_221
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.26
ENV CATALINA_BASE /usr/local/apache-tomcat-9.0.26
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
#容器運行時監聽的端口
EXPOSE  8080
#啓動時運行tomcat
CMD /usr/local/apache-tomcat-9.0.26/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.26/bin/logs/catalina.out
[root@topcheer tomcat9]#

運行容器

[root@topcheer tomcat9]# docker run -d -p 9080:8080 --name myt9 -v /zzyyuse/mydockerfile/tomcat9/test:/usr/local/apache-tomcat-9.0.26/webapps/test -v /zzyyuse/mydockerfile/tomcat9/tomcat9logs/:/usr/local/apache-tomcat-9.0.26/logs --privileged=true mytomcat9
caf65bdc80f404157081f45f74a3056150504a80a44d7217f31ab95bf604c053
[root@topcheer tomcat9]#
[root@topcheer tomcat9]# ll
總用量 202572
-rw-r--r--. 1 root root  12326996 9月  23 00:29 apache-tomcat-9.0.26.tar.gz
-rw-r--r--. 1 root root       929 9月  23 00:47 dockerfile
-rw-r--r--. 1 root root 195094741 9月  23 00:44 jdk-8u221-linux-x64.tar.gz
drwxr-xr-x. 2 root root         6 9月  23 00:51 test
drwxr-xr-x. 2 root root       197 9月  23 00:51 tomcat9logs
-rw-r--r--. 1 root root         8 9月  23 00:26 touch.txt
[root@topcheer tomcat9]#
Docker掛載主機目錄Docker訪問出現cannot open directory .: Permission denied
解決辦法：在掛載目錄後多加一個--privileged=true參數便可
[root@topcheer tomcat9]# docker ps -l
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                    NAMES
caf65bdc80f4        mytomcat9           "/bin/sh -c '/usr/..."   About a minute ago   Up About a minute   0.0.0.0:9080->8080/tcp   myt9
[root@topcheer tomcat9]#

驗證

測試

[root@topcheer test]# vim web.xml
[root@topcheer test]# vim a.jsp
[root@topcheer test]# ll
總用量 8
-rw-r--r--. 1 root root 511 9月  23 00:55 a.jsp
-rw-r--r--. 1 root root 337 9月  23 00:55 web.xml
[root@topcheer test]# cd ..
[root@topcheer tomcat9]# ll
總用量 202572
-rw-r--r--. 1 root root  12326996 9月  23 00:29 apache-tomcat-9.0.26.tar.gz
-rw-r--r--. 1 root root       929 9月  23 00:47 dockerfile
-rw-r--r--. 1 root root 195094741 9月  23 00:44 jdk-8u221-linux-x64.tar.gz
drwxr-xr-x. 2 root root        34 9月  23 00:55 test
drwxr-xr-x. 2 root root       197 9月  23 00:51 tomcat9logs
-rw-r--r--. 1 root root         8 9月  23 00:26 touch.txt
[root@topcheer tomcat9]# cd tomcat9logs/
[root@topcheer tomcat9logs]# ll
總用量 24
-rw-r-----. 1 root root 6574 9月  23 00:51 catalina.2019-09-22.log
-rw-r-----. 1 root root 6574 9月  23 00:51 catalina.out
-rw-r-----. 1 root root    0 9月  23 00:51 host-manager.2019-09-22.log
-rw-r-----. 1 root root  408 9月  23 00:51 localhost.2019-09-22.log
-rw-r-----. 1 root root  825 9月  23 00:54 localhost_access_log.2019-09-22.txt
-rw-r-----. 1 root root    0 9月  23 00:51 manager.2019-09-22.log
[root@topcheer tomcat9logs]# tail -200f catalina.out
22-Sep-2019 16:51:48.924 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version name:   Apache Tomcat/9.0.26
22-Sep-2019 16:51:49.031 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built:          Sep 16 2019 15:51:39 UTC
22-Sep-2019 16:51:49.031 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version number: 9.0.26.0
22-Sep-2019 16:51:49.031 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name:               Linux
22-Sep-2019 16:51:49.031 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version:            3.10.0-957.el7.x86_64
22-Sep-2019 16:51:49.031 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture:          amd64
22-Sep-2019 16:51:49.032 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home:             /usr/local/jdk1.8.0_221/jre
22-Sep-2019 16:51:49.032 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version:           1.8.0_221-b11
22-Sep-2019 16:51:49.032 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:            Oracle Corporation
22-Sep-2019 16:51:49.032 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:         /usr/local/apache-tomcat-9.0.26
22-Sep-2019 16:51:49.032 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:         /usr/local/apache-tomcat-9.0.26
22-Sep-2019 16:51:49.078 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/usr/local/apache-tomcat-9.0.26/conf/logging.properties
22-Sep-2019 16:51:49.079 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
22-Sep-2019 16:51:49.079 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
22-Sep-2019 16:51:49.080 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
22-Sep-2019 16:51:49.080 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
22-Sep-2019 16:51:49.080 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs=
22-Sep-2019 16:51:49.082 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/local/apache-tomcat-9.0.26
22-Sep-2019 16:51:49.082 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/apache-tomcat-9.0.26
22-Sep-2019 16:51:49.082 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/usr/local/apache-tomcat-9.0.26/temp
22-Sep-2019 16:51:49.082 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: [/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib]
22-Sep-2019 16:51:50.237 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"]
22-Sep-2019 16:51:50.269 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["ajp-nio-8009"]
22-Sep-2019 16:51:50.272 INFO [main] org.apache.catalina.startup.Catalina.load Server initialization in [1,885] milliseconds
22-Sep-2019 16:51:50.341 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
22-Sep-2019 16:51:50.341 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet engine: [Apache Tomcat/9.0.26]
22-Sep-2019 16:51:50.362 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/ROOT]
22-Sep-2019 16:51:50.906 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/ROOT] has finished in [543] ms
22-Sep-2019 16:51:50.906 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/docs]
22-Sep-2019 16:51:50.924 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/docs] has finished in [17] ms
22-Sep-2019 16:51:50.924 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/examples]
22-Sep-2019 16:51:51.585 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/examples] has finished in [660] ms
22-Sep-2019 16:51:51.585 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/host-manager]
22-Sep-2019 16:51:51.625 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/host-manager] has finished in [40] ms
22-Sep-2019 16:51:51.626 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/manager]
22-Sep-2019 16:51:51.771 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/manager] has finished in [145] ms
22-Sep-2019 16:51:51.771 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/apache-tomcat-9.0.26/webapps/test]
22-Sep-2019 16:51:51.880 INFO [main] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/apache-tomcat-9.0.26/webapps/test] has finished in [109] ms
22-Sep-2019 16:51:51.885 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
22-Sep-2019 16:51:51.902 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"]
22-Sep-2019 16:51:51.906 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [1,632] milliseconds

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns="http://java.sun.com/xml/ns/javaee"
  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
  id="WebApp_ID" version="2.5">
  
  <display-name>test</display-name>
 
</web-app>

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Insert title here</title>
  </head>
  <body>
    -----------welcome------------
    <%="i am in docker tomcat self "%>
    <br>
    <br>
    <% System.out.println("=============docker tomcat self");%>
  </body>
</html>

結果：

6 Docker經常使用安裝

6.1 安裝Mysql

[root@topcheer ~]# docker run -p 12345:3306 --name mysql1 --privileged=true -v /zzyyuse/mysql/conf:/etc/mysql/conf.d -v /zzyyuse/mysql/logs:/logs -v /zzyyuse/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 -d b8fd9553f1f0
682b15d35235e3499c6fe862734eb40c91533bbb51f5fd44af89ad3d640e8e78
[root@topcheer ~]# docker ps -l
[root@topcheer ~]# docker exec -it 682b15d35235 /bin/bash
root@682b15d35235:/# ll

6.2 安裝redis

docker run -p 6666:6666 --privileged=true -v /zzyyuse/myredis/data:/data -v /zzyyuse/myredis/conf/redis.conf:/usr/local/etc/redis/redis.conf  -d 01a52b3b5cd1 redis-server /usr/local/etc/redis/redis.conf --appendonly yes
0cd9055715bca21e460a20bdca9e705860f84b3d0320c37242dd72205a7efc79

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf
 
# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.
################################## INCLUDES ###################################
 
# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf
 
################################## NETWORK #####################################
 
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#bind 127.0.0.1
 
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes
 
# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 6666
 
# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511
 
# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700
 
# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0
 
# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
tcp-keepalive 300
 
################################# GENERAL #####################################
 
# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
#daemonize no
 
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
#   supervised no      - no supervision interaction
#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
#   supervised auto    - detect upstart or systemd method based on
#                        UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
#       They do not enable continuous liveness pings back to your supervisor.
supervised no
 
# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
pidfile /var/run/redis_6379.pid
 
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice
 
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""
 
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no
 
# Specify the syslog identity.
# syslog-ident redis
 
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0
 
# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and 'databases'-1
databases 16
 
################################ SNAPSHOTTING  ################################
#
# Save the DB on disk:
#
#   save <seconds> <changes>
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behaviour will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all "save" lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save ""
 
save 120 1
save 300 10
save 60 10000
 
# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
# disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
stop-writes-on-bgsave-error yes
 
# Compress string objects using LZF when dump .rdb databases?
# For default that's set to 'yes' as it's almost always a win.
# If you want to save some CPU in the saving child set it to 'no' but
# the dataset will likely be bigger if you have compressible values or keys.
rdbcompression yes
 
# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.
rdbchecksum yes
 
# The filename where to dump the DB
dbfilename dump.rdb
 
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir ./
 
################################# REPLICATION #################################
 
# Master-Slave replication. Use slaveof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
# 1) Redis replication is asynchronous, but you can configure a master to
#    stop accepting writes if it appears to be not connected with at least
#    a given number of slaves.
# 2) Redis slaves are able to perform a partial resynchronization with the
#    master if the replication link is lost for a relatively small amount of
#    time. You may want to configure the replication backlog size (see the next
#    sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
#    network partition slaves automatically try to reconnect to masters
#    and resynchronize with them.
#
# slaveof <masterip> <masterport>

# If the master is password protected (using the "requirepass" configuration
# directive below) it is possible to tell the slave to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the slave request.
#
# masterauth <master-password>

# When a slave loses its connection with the master, or when the replication
# is still in progress, the slave can act in two different ways:
#
# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
#    still reply to client requests, possibly with out of date data, or the
#    data set may just be empty if this is the first synchronization.
#
# 2) if slave-serve-stale-data is set to 'no' the slave will reply with
#    an error "SYNC with master in progress" to all the kind of commands
#    but to INFO and SLAVEOF.
#
slave-serve-stale-data yes

# You can configure a slave instance to accept writes or not. Writing against
# a slave instance may be useful to store some ephemeral data (because data
# written on a slave will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default slaves are read-only.
#
# Note: read only slaves are not designed to be exposed to untrusted clients
# on the internet. It's just a protection layer against misuse of the instance.
# Still a read only slave exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only slaves using 'rename-command' to shadow all the
# administrative / dangerous commands.
slave-read-only yes

# Replication SYNC strategy: disk or socket.
#
# -------------------------------------------------------
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# -------------------------------------------------------
#
# New slaves and reconnecting slaves that are not able to continue the replication
# process just receiving differences, need to do what is called a "full
# synchronization". An RDB file is transmitted from the master to the slaves.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
#                 file on disk. Later the file is transferred by the parent
#                 process to the slaves incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
#              RDB file to slave sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more slaves
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new slaves arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple slaves
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no

# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the slaves.
#
# This is important since once the transfer starts, it is not possible to serve
# new slaves arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more slaves arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5

# Slaves send PINGs to server in a predefined interval. It's possible to change
# this interval with the repl_ping_slave_period option. The default value is 10
# seconds.
#
# repl-ping-slave-period 10

# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of slave.
# 2) Master timeout from the point of view of slaves (data, pings).
# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-slave-period otherwise a timeout will be detected
# every time there is low traffic between the master and the slave.
#
# repl-timeout 60

# Disable TCP_NODELAY on the slave socket after SYNC?
#
# If you select "yes" Redis will use a smaller number of TCP packets and
# less bandwidth to send data to slaves. But this can add a delay for
# the data to appear on the slave side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select "no" the delay for data to appear on the slave side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and slaves are many hops away, turning this to "yes" may
# be a good idea.
repl-disable-tcp-nodelay no

# Set the replication backlog size. The backlog is a buffer that accumulates
# slave data when slaves are disconnected for some time, so that when a slave
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the slave missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the slave can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a slave connected.
#
# repl-backlog-size 1mb

# After a master has no longer connected slaves for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last slave disconnected, for
# the backlog buffer to be freed.
#
# A value of 0 means to never release the backlog.
#
# repl-backlog-ttl 3600

# The slave priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a slave to promote into a
# master if the master is no longer working correctly.
#
# A slave with a low priority number is considered better for promotion, so
# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the slave as not able to perform the
# role of master, so a slave with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
slave-priority 100

# It is possible for a master to stop accepting writes if there are less than
# N slaves connected, having a lag less or equal than M seconds.
#
# The N slaves need to be in "online" state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the slave, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough slaves
# are available, to the specified number of seconds.
#
# For example to require at least 3 slaves with a lag <= 10 seconds use:
#
# min-slaves-to-write 3
# min-slaves-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-slaves-to-write is set to 0 (feature disabled) and
# min-slaves-max-lag is set to 10.

# A Redis master is able to list the address and port of the attached
# slaves in different ways. For example the "INFO replication" section
# offers this information, which is used, among other tools, by
# Redis Sentinel in order to discover slave instances.
# Another place where this info is available is in the output of the
# "ROLE" command of a masteer.
#
# The listed IP and address normally reported by a slave is obtained
# in the following way:
#
#   IP: The address is auto detected by checking the peer address
#   of the socket used by the slave to connect with the master.
#
#   Port: The port is communicated by the slave during the replication
#   handshake, and is normally the port that the slave is using to
#   list for connections.
#
# However when port forwarding or Network Address Translation (NAT) is
# used, the slave may be actually reachable via different IP and port
# pairs. The following two options can be used by a slave in order to
# report to its master a specific set of IP and port, so that both INFO
# and ROLE will report those values.
#
# There is no need to use both the options if you need to override just
# the port or the IP address.
#
# slave-announce-ip 5.5.5.5
# slave-announce-port 1234

################################## SECURITY ###################################

# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared

# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to slaves may cause problems.

################################### LIMITS ####################################

# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error 'max number of clients reached'.
#
# maxclients 10000

# Don't use more memory than the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU cache, or to set
# a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have slaves attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the slaves are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of slaves is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have slaves attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for slave
# output buffers (but this is not needed if the policy is 'noeviction').
#
# maxmemory <bytes>

# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> remove the key with an expire set using an LRU algorithm
# allkeys-lru -> remove any key according to the LRU algorithm
# volatile-random -> remove a random key with an expire set
# allkeys-random -> remove a random key, any key
# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
# noeviction -> don't expire at all, just return an error on write operations
#
# Note: with any of the above policies, Redis will return an error on write
#       operations, when there are no suitable keys for eviction.
#
#       At the date of writing these commands are: set setnx setex append
#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
#       getset mset msetnx exec sort
#
# The default is:
#
# maxmemory-policy noeviction

# LRU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs a bit more CPU. 3 is very fast but not very accurate.
#
# maxmemory-samples 5

############################## APPEND ONLY MODE ###############################

# By default Redis asynchronously dumps the dataset on disk. This mode is
# good enough in many applications, but an issue with the Redis process or
# a power outage may result into a few minutes of writes lost (depending on
# the configured save points).
#
# The Append Only File is an alternative persistence mode that provides
# much better durability. For instance using the default data fsync policy
# (see later in the config file) Redis can lose just one second of writes in a
# dramatic event like a server power outage, or a single write if something
# wrong with the Redis process itself happens, but the operating system is
# still running correctly.
#
# AOF and RDB persistence can be enabled at the same time without problems.
# If the AOF is enabled on startup Redis will load the AOF, that is the file
# with the better durability guarantees.
#
# Please check http://redis.io/topics/persistence for more information.

appendonly no

# The name of the append only file (default: "appendonly.aof")

appendfilename "appendonly.aof"

# The fsync() call tells the Operating System to actually write data on disk
# instead of waiting for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
#
# no: don't fsync, just let the OS flush the data when it wants. Faster.
# always: fsync after every write to the append only log. Slow, Safest.
# everysec: fsync only one time every second. Compromise.
#
# The default is "everysec", as that's usually the right compromise between
# speed and data safety. It's up to you to understand if you can relax this to
# "no" that will let the operating system flush the output buffer when
# it wants, for better performances (but if you can live with the idea of
# some data loss consider the default persistence mode that's snapshotting),
# or on the contrary, use "always" that's very slow but a bit safer than
# everysec.
#
# More details please check the following article:
# http://antirez.com/post/redis-persistence-demystified.html
#
# If unsure, use "everysec".

# appendfsync always
appendfsync everysec
# appendfsync no

# When the AOF fsync policy is set to always or everysec, and a background
# saving process (a background save or AOF log background rewriting) is
# performing a lot of I/O against the disk, in some Linux configurations
# Redis may block too long on the fsync() call. Note that there is no fix for
# this currently, as even performing fsync in a different thread will block
# our synchronous write(2) call.
#
# In order to mitigate this problem it's possible to use the following option
# that will prevent fsync() from being called in the main process while a
# BGSAVE or BGREWRITEAOF is in progress.
#
# This means that while another child is saving, the durability of Redis is
# the same as "appendfsync none". In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
#
# If you have latency problems turn this to "yes". Otherwise leave it as
# "no" that is the safest pick from the point of view of durability.

no-appendfsync-on-rewrite no

# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
#
# This base size is compared to the current size. If the current size is
# bigger than the specified percentage, the rewrite is triggered. Also
# you need to specify a minimal size for the AOF file to be rewritten, this
# is useful to avoid rewriting the AOF file even if the percentage increase
# is reached but it is still pretty small.
#
# Specify a percentage of zero in order to disable the automatic AOF
# rewrite feature.

auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb

# An AOF file may be found to be truncated at the end during the Redis
# startup process, when the AOF data gets loaded back into memory.
# This may happen when the system where Redis is running
# crashes, especially when an ext4 filesystem is mounted without the
# data=ordered option (however this can't happen when Redis itself
# crashes or aborts but the operating system still works correctly).
#
# Redis can either exit with an error when this happens, or load as much
# data as possible (the default now) and start if the AOF file is found
# to be truncated at the end. The following option controls this behavior.
#
# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
# the Redis server starts emitting a log to inform the user of the event.
# Otherwise if the option is set to no, the server aborts with an error
# and refuses to start. When the option is set to no, the user requires
# to fix the AOF file using the "redis-check-aof" utility before to restart
# the server.
#
# Note that if the AOF file will be found to be corrupted in the middle
# the server will still exit with an error. This option only applies when
# Redis will try to read more data from the AOF file but not enough bytes
# will be found.
aof-load-truncated yes

################################ LUA SCRIPTING  ###############################

# Max execution time of a Lua script in milliseconds.
#
# If the maximum execution time is reached Redis will log that a script is
# still in execution after the maximum allowed time and will start to
# reply to queries with an error.
#
# When a long running script exceeds the maximum execution time only the
# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
# used to stop a script that did not yet called write commands. The second
# is the only way to shut down the server in the case a write command was
# already issued by the script but the user doesn't want to wait for the natural
# termination of the script.
#
# Set it to 0 or a negative value for unlimited execution without warnings.
lua-time-limit 5000

################################ REDIS CLUSTER  ###############################
#
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however
# in order to mark it as "mature" we need to wait for a non trivial percentage
# of users to deploy it in production.
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#
# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
# started as cluster nodes can. In order to start a Redis instance as a
# cluster node enable the cluster support uncommenting the following:
#
# cluster-enabled yes

# Every cluster node has a cluster configuration file. This file is not
# intended to be edited by hand. It is created and updated by Redis nodes.
# Every Redis Cluster node requires a different cluster configuration file.
# Make sure that instances running in the same system do not have
# overlapping cluster configuration file names.
#
# cluster-config-file nodes-6379.conf

# Cluster node timeout is the amount of milliseconds a node must be unreachable
# for it to be considered in failure state.
# Most other internal time limits are multiple of the node timeout.
#
# cluster-node-timeout 15000

# A slave of a failing master will avoid to start a failover if its data
# looks too old.
#
# There is no simple way for a slave to actually have a exact measure of
# its "data age", so the following two checks are performed:
#
# 1) If there are multiple slaves able to failover, they exchange messages
#    in order to try to give an advantage to the slave with the best
#    replication offset (more data from the master processed).
#    Slaves will try to get their rank by offset, and apply to the start
#    of the failover a delay proportional to their rank.
#
# 2) Every single slave computes the time of the last interaction with
#    its master. This can be the last ping or command received (if the master
#    is still in the "connected" state), or the time that elapsed since the
#    disconnection with the master (if the replication link is currently down).
#    If the last interaction is too old, the slave will not try to failover
#    at all.
#
# The point "2" can be tuned by user. Specifically a slave will not perform
# the failover if, since the last interaction with the master, the time
# elapsed is greater than:
#
#   (node-timeout * slave-validity-factor) + repl-ping-slave-period
#
# So for example if node-timeout is 30 seconds, and the slave-validity-factor
# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the
# slave will not try to failover if it was not able to talk with the master
# for longer than 310 seconds.
#
# A large slave-validity-factor may allow slaves with too old data to failover
# a master, while a too small value may prevent the cluster from being able to
# elect a slave at all.
#
# For maximum availability, it is possible to set the slave-validity-factor
# to a value of 0, which means, that slaves will always try to failover the
# master regardless of the last time they interacted with the master.
# (However they'll always try to apply a delay proportional to their
# offset rank).
#
# Zero is the only value able to guarantee that when all the partitions heal
# the cluster will always be able to continue.
#
# cluster-slave-validity-factor 10

# Cluster slaves are able to migrate to orphaned masters, that are masters
# that are left without working slaves. This improves the cluster ability
# to resist to failures as otherwise an orphaned master can't be failed over
# in case of failure if it has no working slaves.
#
# Slaves migrate to orphaned masters only if there are still at least a
# given number of other working slaves for their old master. This number
# is the "migration barrier". A migration barrier of 1 means that a slave
# will migrate only if there is at least 1 other working slave for its master
# and so forth. It usually reflects the number of slaves you want for every
# master in your cluster.
#
# Default is 1 (slaves migrate only if their masters remain with at least
# one slave). To disable migration just set it to a very large value.
# A value of 0 can be set but is useful only for debugging and dangerous
# in production.
#
# cluster-migration-barrier 1

# By default Redis Cluster nodes stop accepting queries if they detect there
# is at least an hash slot uncovered (no available node is serving it).
# This way if the cluster is partially down (for example a range of hash slots
# are no longer covered) all the cluster becomes, eventually, unavailable.
# It automatically returns available as soon as all the slots are covered again.
#
# However sometimes you want the subset of the cluster which is working,
# to continue to accept queries for the part of the key space that is still
# covered. In order to do so, just set the cluster-require-full-coverage
# option to no.
#
# cluster-require-full-coverage yes

# In order to setup your cluster make sure to read the documentation
# available at http://redis.io web site.

################################## SLOW LOG ###################################

# The Redis Slow Log is a system to log queries that exceeded a specified
# execution time. The execution time does not include the I/O operations
# like talking with the client, sending the reply and so forth,
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
# slow log. When a new command is logged the oldest one is removed from the
# queue of logged commands.

# The following time is expressed in microseconds, so 1000000 is equivalent
# to one second. Note that a negative number disables the slow log, while
# a value of zero forces the logging of every command.
slowlog-log-slower-than 10000

# There is no limit to this length. Just be aware that it will consume memory.
# You can reclaim memory used by the slow log with SLOWLOG RESET.
slowlog-max-len 128

################################ LATENCY MONITOR ##############################

# The Redis latency monitoring subsystem samples different operations
# at runtime in order to collect data related to possible sources of
# latency of a Redis instance.
#
# Via the LATENCY command this information is available to the user that can
# print graphs and obtain reports.
#
# The system only logs operations that were performed in a time equal or
# greater than the amount of milliseconds specified via the
# latency-monitor-threshold configuration directive. When its value is set
# to zero, the latency monitor is turned off.
#
# By default latency monitoring is disabled since it is mostly not needed
# if you don't have latency issues, and collecting data has a performance
# impact, that while very small, can be measured under big load. Latency
# monitoring can easily be enabled at runtime using the command
# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
latency-monitor-threshold 0

############################# EVENT NOTIFICATION ##############################

# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/notifications
#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key "foo" stored in the Database 0, two
# messages will be published via Pub/Sub:
#
# PUBLISH __keyspace@0__:foo del
# PUBLISH __keyevent@0__:del foo
#
# It is possible to select the events that Redis will notify among a set
# of classes. Every class is identified by a single character:
#
#  K     Keyspace events, published with __keyspace@<db>__ prefix.
#  E     Keyevent events, published with __keyevent@<db>__ prefix.
#  g     Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
#  $     String commands
#  l     List commands
#  s     Set commands
#  h     Hash commands
#  z     Sorted set commands
#  x     Expired events (events generated every time a key expires)
#  e     Evicted events (events generated when a key is evicted for maxmemory)
#  A     Alias for g$lshzxe, so that the "AKE" string means all the events.
#
#  The "notify-keyspace-events" takes as argument a string that is composed
#  of zero or multiple characters. The empty string means that notifications
#  are disabled.
#
#  Example: to enable list and generic events, from the point of view of the
#           event name, use:
#
#  notify-keyspace-events Elg
#
#  Example 2: to get the stream of the expired keys subscribing to channel
#             name __keyevent@0__:expired use:
#
#  notify-keyspace-events Ex
#
#  By default all notifications are disabled because most users don't need
#  this feature and the feature has some overhead. Note that if you don't
#  specify at least one of K or E, no events will be delivered.
notify-keyspace-events ""

############################### ADVANCED CONFIG ###############################

# Hashes are encoded using a memory efficient data structure when they have a
# small number of entries, and the biggest entry does not exceed a given
# threshold. These thresholds can be configured using the following directives.
hash-max-ziplist-entries 512
hash-max-ziplist-value 64

# Lists are also encoded in a special way to save a lot of space.
# The number of entries allowed per internal list node can be specified
# as a fixed maximum size or a maximum number of elements.
# For a fixed maximum size, use -5 through -1, meaning:
# -5: max size: 64 Kb  <-- not recommended for normal workloads
# -4: max size: 32 Kb  <-- not recommended
# -3: max size: 16 Kb  <-- probably not recommended
# -2: max size: 8 Kb   <-- good
# -1: max size: 4 Kb   <-- good
# Positive numbers mean store up to _exactly_ that number of elements
# per list node.
# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
# but if your use case is unique, adjust the settings as necessary.
list-max-ziplist-size -2

# Lists may also be compressed.
# Compress depth is the number of quicklist ziplist nodes from *each* side of
# the list to *exclude* from compression.  The head and tail of the list
# are always uncompressed for fast push/pop operations.  Settings are:
# 0: disable all list compression
# 1: depth 1 means "don't start compressing until after 1 node into the list,
#    going from either the head or tail"
#    So: [head]->node->node->...->node->[tail]
#    [head], [tail] will always be uncompressed; inner nodes will compress.
# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
#    2 here means: don't compress head or head->next or tail->prev or tail,
#    but compress all nodes between them.
# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
# etc.
list-compress-depth 0

# Sets have a special encoding in just one case: when a set is composed
# of just strings that happen to be integers in radix 10 in the range
# of 64 bit signed integers.
# The following configuration setting sets the limit in the size of the
# set in order to use this special memory saving encoding.
set-max-intset-entries 512

# Similarly to hashes and lists, sorted sets are also specially encoded in
# order to save a lot of space. This encoding is only used when the length and
# elements of a sorted set are below the following limits:
zset-max-ziplist-entries 128
zset-max-ziplist-value 64

# HyperLogLog sparse representation bytes limit. The limit includes the
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
# this limit, it is converted into the dense representation.
#
# A value greater than 16000 is totally useless, since at that point the
# dense representation is more memory efficient.
#
# The suggested value is ~ 3000 in order to have the benefits of
# the space efficient encoding without slowing down too much PFADD,
# which is O(N) with the sparse encoding. The value can be raised to
# ~ 10000 when CPU is not a concern, but space is, and the data set is
# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
hll-sparse-max-bytes 3000

# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
# order to help rehashing the main Redis hash table (the one mapping top-level
# keys to values). The hash table implementation Redis uses (see dict.c)
# performs a lazy rehashing: the more operation you run into a hash table
# that is rehashing, the more rehashing "steps" are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
#
# The default is to use this millisecond 10 times every second in order to
# actively rehash the main dictionaries, freeing memory when possible.
#
# If unsure:
# use "activerehashing no" if you have hard latency requirements and it is
# not a good thing in your environment that Redis can reply from time to time
# to queries with 2 milliseconds delay.
#
# use "activerehashing yes" if you don't have such hard requirements but
# want to free memory asap when possible.
activerehashing yes

# The client output buffer limits can be used to force disconnection of clients
# that are not reading data from the server fast enough for some reason (a
# common reason is that a Pub/Sub client can't consume messages as fast as the
# publisher can produce them).
#
# The limit can be set differently for the three different classes of clients:
#
# normal -> normal clients including MONITOR clients
# slave  -> slave clients
# pubsub -> clients subscribed to at least one pubsub channel or pattern
#
# The syntax of every client-output-buffer-limit directive is the following:
#
# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
#
# A client is immediately disconnected once the hard limit is reached, or if
# the soft limit is reached and remains reached for the specified number of
# seconds (continuously).
# So for instance if the hard limit is 32 megabytes and the soft limit is
# 16 megabytes / 10 seconds, the client will get disconnected immediately
# if the size of the output buffers reach 32 megabytes, but will also get
# disconnected if the client reaches 16 megabytes and continuously overcomes
# the limit for 10 seconds.
#
# By default normal clients are not limited because they don't receive data
# without asking (in a push way), but just after a request, so only
# asynchronous clients may create a scenario where data is requested faster
# than it can read.
#
# Instead there is a default limit for pubsub and slave clients, since
# subscribers and slaves receive data in a push fashion.
#
# Both the hard or the soft limit can be disabled by setting them to zero.
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60

# Redis calls an internal function to perform many background tasks, like
# closing connections of clients in timeout, purging expired keys that are
# never requested, and so forth.
#
# Not all tasks are performed with the same frequency, but Redis checks for
# tasks to perform according to the specified "hz" value.
#
# By default "hz" is set to 10. Raising the value will use more CPU when
# Redis is idle, but at the same time will make Redis more responsive when
# there are many keys expiring at the same time, and timeouts may be
# handled with more precision.
#
# The range is between 1 and 500, however a value over 100 is usually not
# a good idea. Most users should use the default of 10 and raise this up to
# 100 only in environments where very low latency is required.
hz 10

# When a child rewrites the AOF file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
aof-rewrite-incremental-fsync yes

View Code

配置文件

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。