Docker部署
1.安装Docker
1.1.配置YUM源
[root@docker yum.repos.d]# vi rdo-release.repo
[root@docker yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base epel extras foreman foreman-plugins openstack-icehouse puppetlabs-deps puppetlabs-products updates
Cleaning up Everything
Cleaning up list of fastest mirrors
[root@docker yum.repos.d]# yum makecache
1.2.安装docker镜像
[root@docker ~]# yum -y install docker-io
1.2.1.docker启动不成功
查看日志
[root@docker ~]# tail -f /var/log/docker
[root@docker ~]# yum upgrade device-mapper-libs
1.3.启动docker服务
[root@docker ~]# service docker start
1.4.设置docker开启启动
[root@docker ~]# chkconfig docker on
1.5.docker搜索镜像
[root@docker ~]# docker search nginx
1.6.docker帮助命令
[root@docker ~]# docker --help
1、获取镜像
docker pull 镜像路径地址
2、启动容器
docker run -d(后台进程) -p(外部端口和容器端口映射) 8090:80 --name cname imagename
3、容器内进程
docker top 容器名
4、查看容器
docker ps
5、查看镜像
docker images
6、删除镜像容器
docker rm 容器 docker rmi 镜像
7、容器内日志
docker logs
1.7.查看docker镜像
[root@docker ~]# docker images
1.8.查看在docker容器中安装nginx镜像/拉取镜像
[root@docker ~]# docker pull index.tenxcloud.com/docker_library/nginx
[root@docker ~]# docker images
1.9.docker容器启动
[root@docker ~]# docker run -d -p 8090:80 --name matrix index.tenxcloud.com/docker_library/nginx
1.10.查看docker容器
[root@docker ~]# docker ps
1.11.查看docker容器版本信息
[root@docker ~]# docker version
1.11.在web浏览器中查看nginx是否启动成功
http://192.168.230.15:8090/
2.进入Docker容器
[root@docker ~]# docker exec --help
[root@docker ~]# docker exec -it matrix /bin/bash
root@201aa042ecfb:/# ip a
3.Docker容器日志查看
[root@docker ~]# docker logs matrix
4.Docker容器内进程
[root@docker ~]# docker top matrix
[root@docker ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.3eb355672a06 no vethc2bac4f
5.容器详细信息
[root@docker ~]# docker inspect matrix
5.Docker网络架构
[root@docker ~]# iptables -t nat -S
-P PREROUTING ACCEPT
-P POSTROUTING ACCEPT
-P OUTPUT ACCEPT
-N DOCKER
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A POSTROUTING -s 172.17.0.1/32 -d 172.17.0.1/32 -p tcp -m tcp --dport 80 -j MASQUERADE
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A DOCKER ! -i docker0 -p tcp -m tcp --dport 8090 -j DNAT --to-destination 172.17.0.1:80
非-s地址,非其他任何地址,-o docker0出去,进行地址伪装snat
[root@docker ~]# yum install tcpdump -y
[root@docker ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.3eb355672a06 no vethc2bac4f
[root@docker ~]# tcpdump -n -i vethc2bac4f icmp
tcpdump: WARNING: vethc2bac4f: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vethc2bac4f, link-type EN10MB (Ethernet), capture size 65535 bytes
6.镜像制作
6.1.安装Docker:
[root@docker ~]# yum -y install docker-io
6.2.启动Docker:
[root@docker ~]# service docker start
6.3.安装制作CentOS镜像的工具:
[root@docker ~]# yum -y install febootstrap
6.4.制作CentOS镜像文件centos6-image目录
[root@docker ~]# febootstrap -i bash -i wget -i yum -i iputils -i iproute -i man -i /
vim-minimal -i openssh-server -i openssh-clients -i net-tools centos6 centos6-image http://mirrors.aliyun.com/centos/6/os/x86_64/
查看内核版本、发行版本号
[root@docker ~]# uname -r
6.5.制作Docker镜像,镜像名字是centos6-base
cd centos6-image && tar -c .|docker import - centos6-base
[root@docker centos6-image]# tar -c .|docker import - centos6-base
[root@docker centos6-image]# docker images
[root@docker centos6-image]# docker run -it --name matriximage centos6-base /bin/bash
6.6.自动化生成镜像
[root@docker centos6-image]# cd
[root@docker ~]# mkdir dockerfile
[root@docker ~]# cd dockerfile
[root@docker dockerfile]# vi Dockerfile
#Dockerfile
FROM centos6-base
MAINTAINER matrix
RUN ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN ssh-keygen -q -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam. d/sshd
RUN mkdir -p /root/ . ssh && chown root. root /root && chmod 700 /root/ . ssh
RUN echo 'root:123456' | chpasswd
RUN mv /etc/yum. repos. d/CentOS-Base . repo /etc/yum. repos. d/CentOS-Base . repo. backup
RUN wget -O /etc/yum. repos. d/CentOS-Base . repo http:
RUN wget -O /etc/yum. repos. d/epel. repo http:
RUN yum clean all
ENV LANG en_US. UTF- 8
ENV LC_ALL en_US. UTF- 8
ADD run. sh /run. sh
RUN chmod 777 /run. sh
EXPOSE 22
EXPOSE 80
CMD [ "/run.sh" ]
#End
[root@docker dockerfile]# vi run.sh
#!/bin/bash
/usr/sbin/sshd -D
6.7.制作可以ssh登陆的Docker镜像,名字是centos6-ssh
[root@docker dockerfile]# docker build -t centos6-ssh .
经过前面的六个步骤,一个可以登陆的本地docker镜像就制作好了。
用户名是:root,密码是:123456
[root@docker dockerfile]# docker images
[root@docker dockerfile]# docker run -d -p 8888:22 --name ssh01 centos6-ssh
9e50796c90b376eb474a79b5c17727df3df6c91f0596c5a60bab06fba22aef65
[root@docker dockerfile]# ssh --help
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-I pkcs11] [-i identity_file]
[-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]
[root@docker dockerfile]# ssh -p 8888 root@127.0.0.1
root@127.0.0.1's password:
-bash-4.1#
[root@docker dockerfile]# docker save index.tenxcloud.com/docker_library/nginx > nginx.tar.gz
[root@docker dockerfile]# ls
[root@docker dockerfile]# ls -alh
[root@docker dockerfile]# docker load -i nginx.tar.gz
[root@docker dockerfile]# docker ps
[root@docker dockerfile]# docker export --help
[root@docker dockerfile]# docker export --help
Usage: docker export [OPTIONS] CONTAINER
Export a filesystem as a tar archive (streamed to STDOUT by default)
--help=false Print usage
-o, --output= Write to a file, instead of STDOUT
You have new mail in /var/spool/mail/root
[root@docker dockerfile]# docker export -o redis.tar.gz ssh01
[root@docker dockerfile]# ls
Dockerfile nginx.tar.gz redis.tar.gz run.sh
You have new mail in /var/spool/mail/root
6.8.制作个redis镜像
[root@docker dockerfile]# mkdir redis
[root@docker dockerfile]# cd r
redis/ redis.tar.gz run.sh
[root@docker dockerfile]# cd redis
[root@docker redis]# vi Dockerfile
FROM centos6-ssh
RUN yum install -y redis
RUN sed -ri 's/bind 0.0.0.0/bind 127.0.0.1/g' /etc/redis. conf
EXPOSE 6379
CMD [ "redis-server" ]
[root@docker redis]# docker build -t redis01 .
[root@docker redis]# docker images
[root@docker redis]# docker run -d -p 7878:6379 --name redismatrix redis01
913f14b5404f75675d60b053abbcae50889ba2f9b1ab281aa07e6d5a4454d88e
[root@docker redis]# docker ps