Docker认识和深入
Docker 概述
Docker 为什么出现?
在开发到发布,应用环境,应用配置以及(中间件的应用,例如Redis,Elasticsearch,Tomcat,Mysql)都需要很繁琐的去需要配置和安装。还有版本更新导致服务不可用。 发布应用都不能带上中间件发布,太麻烦了。所以Docker应运而生,开发打包部署上线,一套流程完成。
Docker提供了在松散隔离的环境(称为容器)中打包和运行应用程序的功能。隔离和安全性使您可以在给定主机上同时运行多个容器。容器是轻量级的,包含运行该应用程序所需的所有内容,因此您无需依赖主机上当前安装的内容。您可以在工作时轻松共享容器,并确保与您共享的每个人都能以相同的方式获得相同的容器。(来源官网)
Docker 是 基于 Go语言开发的,开源项目。
百度百科简介:https://baike.baidu.com/item/Docker/13344470?fr=aladdin
官网:https://www.docker.com/
文档地址:https://docs.docker.com/
仓库地址:https://hub.docker.com/
之前的虚拟机技术,简单示意图
虚拟机技术缺点:
- 资源占用很多
- 冗余步骤很多
- 启动很慢
docker 容器技术。
Docker 和虚拟机技术的不同。
- 传统虚拟机,虚拟出一条硬件,运行一个完整的操作系统,然后在这个系统上安装和运行软件
- 容器内的应用直接运行在宿主机的内容,容器是没有自己的内核的,也没有虚拟我们的硬件,所以就轻便了
- 每个容器间是互相隔离,每个容器内都有一个属于自己的文件系统,互不影响
DevOps (开发,运维)
- 应用更快速的交付和部署,打包镜像发布测试,一键运行。
- 更便捷的升级和扩缩容,项目打包为一个镜像,扩展服务器A,服务B。
- 更简单的系统运维,在容器化之后,我们的开发,测试环境都是高度一致的。
- 更高效的计算资源利用,Docker 是 内核级别的虚拟化,可以再一个物理机上可以运行很多容器实例!服务器的性能可以被压榨到极致。
Docker安装
安装 Docker
- 开始安装,
CentOS7环境以上,Xshell连接远程服务器进行操作
#系统内核是 3.10以上
[root@VM-0-15-centos ~]# uname -r
4.18.0-240.1.1.el8_3.x86_64
#系统版本
[root@VM-0-15-centos ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
- 官网地址:https://docs.docker.com/engine/install/
- 选择我们所要安装的版本:
CentOS7版本,如果有Docker需要卸载
在这里插入图片描述
- 卸载旧版本
$ sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
- 卸载docker
#卸载docker
$ sudo yum remove docker-ce docker-ce-cli containerd.io
#删除docker依赖文件 (docker 默认资源中心)
$ sudo rm -rf /var/lib/docker
- 安装方法
#先更新 yum
$sudo yum update
$sudo ym makecache fast
#卸载旧版本
$sudo yum remove docker docker-common docker-selinux docker-engine
#设置 镜像仓库 (1,为默认地址)
$sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#阿里地址
$sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#需要的安装包
$ sudo yum install docker-ce
#启动Docker
$sudo systemctl start docker
#验证是否安装成功 ,这里会自动拉取,并且运行 打印 Hello from Docker!
$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:7e02330c713f93b1d3e4c5003350d0dbe215ca269dd1d84a4abc577908344b30
Status: Downloaded newer image for hello-world:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
[root@VM-0-15-centos local]#
$ sudo docker version
[root@VM-0-15-centos local]# docker version
Client: Docker Engine - Community
Version: 20.10.4
API version: 1.41
Go version: go1.13.15
Git commit: d3cb89e
Built: Thu Feb 25 07:04:27 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.4
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 363e9a8
Built: Thu Feb 25 07:02:50 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.19.0
GitCommit: de40ad0
#查看一下 下载的 镜像
[root@VM-0-15-centos local]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rabbitmq latest f50f482879b3 3 months ago 156MB
redis latest 74d107221092 3 months ago 104MB
portainer/portainer-ce latest a0a227bf03dd 6 months ago 196MB
hello-world latest bf756fb1ae65 14 months ago 13.3kB
#阿里云镜像加速,以后安装东西加速
- 阿里云镜像加速,登录阿里云==>选择容器镜像服务
- 镜像加速器
$sudo mkdir -p /etc/docker
$sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://19gis32c.mirror.aliyuncs.com"]
}
EOF
$sudo systemctl daemon-reload
$sudo systemctl restart docker
[root@VM-0-15-centos local]# mkdir -p /etc/docker
[root@VM-0-15-centos local]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "registry-mirrors": ["https://19gis32c.mirror.aliyuncs.com"]
> }
> EOF
{
"registry-mirrors": ["https://19gis32c.mirror.aliyuncs.com"]
}
[root@VM-0-15-centos local]# systemctl daemon-reload
[root@VM-0-15-centos local]# systemctl restart docker
#设置开机启动
$sudo systemctl start docker
$sudo systemctl enable docker
#配置远程访问, 开启 2375 端口
#在/usr/lib/systemd/system/docker.service,配置远程访问。主要是在[Service]这个部分 ExecStart=后面加上下面两个参数
$sudo vim /usr/lib/systemd/system/docker.service
[Service]
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
#修改 docker root 目录防止磁盘 inodes100% 问题
$sudo mkdir -p /home/docker/lib
$sudo rsync -avz /var/lib/docker /home/docker/lib/
$sudo vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd后添加 --graph=/home/docker/lib/docker
修改
LimitNOFILE=infinity
LimitNPROC=infinity
为
LimitNOFILE=1048576
LimitNPROC=1048576
#然后重启
systemctl daemon-reload
systemctl restart docker
#docker info 查看修改是否生效 Docker Root Dir: /home/docker/lib/docker
- 以上已完成安装,回顾Hello world 镜像 安装流程。
$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:7e02330c713f93b1d3e4c5003350d0dbe215ca269dd1d84a4abc577908344b30
Status: Downloaded newer image for hello-world:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Run 运行原理 流程图
Docker底层原理
Docker 是怎么工作的呢?
官网地址:https://docs.docker.com/get-started/overview/#docker-architecture
官网地址:https://docs.docker.com/engine/
client :客户端
DOCKER_HOST:服务器
Registry: 仓库
镜像(image): Docker镜像就好比一个模板,可以通过这个模板来创建容器服务,tomcat镜像 =>run==>tomcat(容器)提供服务器。
容器(container): Docker 利用容器技术,独立运行一个或一个组应用,通过镜像来创建。启动,停止,删除,基本命令!目前就可以把这个容器理解为就是一个简易的linux系统
仓库(repository):仓库就是存放镜像的地方,仓库分为公有仓库和私有仓库 。Docker Hub(默认是国外的)阿里云都有容器服务器(配置镜像加速)
- Docker 是一个Client -Server 结构的系统,Docker 的守护进行运行在主机上。通过
Soket从客户端访问! DockerServer接收到 Docker - Client 的指令,就会执行这个命令!
对比上面的 Docker 架构图。以上流程图
Docker 为什么比VM快?
1、Docker 有着比虚拟机更少的抽象层。
2、Docker 利用耳朵是宿主机的内核,vm需要是 Guest OS。
总结: 新建一个容器的时候,docker 不需要像虚拟机一样重新加载一个操作系统的内核,虚拟机是加载 Guest OS,分钟级别的, 而Docker 是利用 宿主机的操作系统
Docker命令
官网地址:https://docs.docker.com/reference/
帮助命令
#docker 的版本信息
$sudo docker version
#docker 的详细信息
$sudo docker info
#docker 帮助命令
$sudo docker --help
镜像命令
查看镜像
[root@VM-0-15-centos local]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rabbitmq latest f50f482879b3 3 months ago 156MB
redis latest 74d107221092 3 months ago 104MB
portainer/portainer-ce latest a0a227bf03dd 6 months ago 196MB
hello-world latest bf756fb1ae65 14 months ago 13.3kB
#解释
REPOSITORY 镜像的仓库名字
TAG 镜像的标签
IMAGE ID 镜像的id
CREATED 镜像的创建时间
SIZE 镜像的大小
#可选项
# 列出所有镜像
$sudo docker images -a
#只显示镜像的id
$sudo docker images -q
搜索镜像
[root@VM-0-15-centos local]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10557 [OK]
mariadb MariaDB Server is a high performing open sou… 3942 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 774 [OK]
percona Percona Server is a fork of the MySQL relati… 527 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 87
mysql/mysql-cluster Experimental MySQL Cluster Docker images. Cr… 79
centurylink/mysql Image containing mysql. Optimized to be link… 59 [OK]
bitnami/mysql Bitnami MySQL Docker Image 48 [OK]
deitch/mysql-backup REPLACED! Please use http://hub.docker.com/r… 41 [OK]
databack/mysql-backup Back up mysql databases to... anywhere! 38
prom/mysqld-exporter 37 [OK]
tutum/mysql Base docker image to run a MySQL database se… 35
schickling/mysql-backup-s3 Backup MySQL to S3 (supports periodic backup… 29 [OK]
linuxserver/mysql A Mysql container, brought to you by LinuxSe… 27
centos/mysql-56-centos7 MySQL 5.6 SQL database server 20
circleci/mysql MySQL is a widely used, open-source relation… 20
mysql/mysql-router MySQL Router provides transparent routing be… 18
arey/mysql-client Run a MySQL client from a docker container 17 [OK]
fradelg/mysql-cron-backup MySQL/MariaDB database backup using cron tas… 12 [OK]
yloeffler/mysql-backup This image runs mysqldump to backup data usi… 7 [OK]
openshift/mysql-55-centos7 DEPRECATED: A Centos7 based MySQL v5.5 image… 6
devilbox/mysql Retagged MySQL, MariaDB and PerconaDB offici… 3
ansibleplaybookbundle/mysql-apb An APB which deploys RHSCL MySQL 2 [OK]
jelastic/mysql An image of the MySQL database server mainta… 1
widdpim/mysql-client Dockerized MySQL Client (5.7) including Curl… 1 [OK]
# 可选项,通过搜索
[root@VM-0-15-centos local]# docker search mysql --filter=STARS=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10557 [OK]
下载镜像
#下载镜像,默认下载最新版 latest
[root@VM-0-15-centos local]# docker pull mysql
Using default tag: latest # 如果不写 tag,默认就是 latest
latest: Pulling from library/mysql
a076a628af6f: Pull complete #分层下载,docker images 的核心 联合文件
f6c208f3f991: Pull complete
88a9455a9165: Pull complete
406c9b8427c6: Pull complete
7c88599c0b25: Pull complete
25b5c6debdaf: Pull complete
43a5816f1617: Pull complete
1a8c919e89bf: Pull complete
9f3cf4bd1a07: Pull complete
80539cea118d: Pull complete
201b3cad54ce: Pull complete
944ba37e1c06: Pull complete
Digest: sha256:feada149cb8ff54eade1336da7c1d080c4a1c7ed82b5e320efb5beebed85ae8c
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址
#所以
[root@VM-0-15-centos local]# docker pull mysql == docker pull docker.io/library/mysql:latest
#指定版本下载镜像
[root@VM-0-15-centos ~]# docker pull mysql:5.7
5.7: Pulling from library/mysql
a076a628af6f: Already exists #存在的文件 就不下载了,类似svn git 文件存在没修改就不更新
f6c208f3f991: Already exists
88a9455a9165: Already exists
406c9b8427c6: Already exists
7c88599c0b25: Already exists
25b5c6debdaf: Already exists
43a5816f1617: Already exists
1831ac1245f4: Pull complete
37677b8c1f79: Pull complete
27e4ac3b0f6e: Pull complete
7227baa8c445: Pull complete
Digest: sha256:b3d1eff023f698cd433695c9506171f0d08a8f92a0c8063c1a4d9db9a55808df
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
删除镜像
#删除所有镜像
[root@VM-0-15-centos ~]# docker rmi -f
#指定镜像id删除
[root@VM-0-15-centos ~]# docker rmi -f f50f482879b3
#指定镜像id删除多个
[root@VM-0-15-centos ~]# docker rmi -f f50f482879b3 74d107221092 a0a227bf03dd
#删除全部的镜像
[root@VM-0-15-centos ~]# docker rmi -f $(docker imager -aq)
容器命令
说明:我们有了镜像才可以创建容器,Linux,下载一个 CentOS 镜像来测试
[root@VM-0-15-centos ~]# docker pull centos
新建容器
[root@VM-0-15-centos ~]# docker run[可选参数] image
#参数说明
--name-"Name" 容器名字 tomcat01 tomcat02 用来区分容器
-d 后台方式运行
-it 使用交互方式运行,进入容器查看容器
-p 指定容器的端口 -p 8080:8080
-p ip: 主机端口:容器端口
-p 主机端口:容器端口(常用)
-p 容器端口
-p 随机指定端口
#启动并进入容器
[root@VM-0-15-centos ~]# docker run -it centos /bin/bash
#查看容器内的 centos,
[root@e717432d8d0a /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
#从容器中退出容器
[root@e717432d8d0a /]# exit
exit
查看容器
#查看当前正在运行的容器
[root@VM-0-15-centos ~]# docker ps
#查看 正在运行的容器+带出历史运行过的容器
[root@VM-0-15-centos ~]# docker ps -a
#查看 最近创建过的容器
[root@VM-0-15-centos ~]# docker ps -a -n=1
删除容器
#强制删除正在运行的容器
[root@VM-0-15-centos ~]# docker rm --force redis
#卸下所有停止的容器
[root@VM-0-15-centos ~]# docker rm $(docker ps -a -q)
#删除指定未运行的容器
[root@VM-0-15-centos ~]# docker rm redis
退出容器
#直接容器停止并退出
exit
#容器不停止退出
Ctrl+P+Q
启动和停止容器
[root@VM-0-15-centos ~]# docker start 容器id
#停止容器
[root@VM-0-15-centos ~]# docker stop 容器id
#重启容器
[root@VM-0-15-centos ~]# docker restart 容器id
#强制停止当前容器
[root@VM-0-15-centos ~]# docker kill 容器id
常用其他命令
后台启动命令
[root@VM-0-15-centos ~]# docker run -d centos
查看日志命令
[root@VM-0-15-centos ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
-n, --tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
#查看最新的10条
[root@VM-0-15-centos ~]# docker logs -tf --tail 10 容器id
#查看所有日志
[root@VM-0-15-centos ~]# docker logs -tf 容器id
查看容器中进程信息
#命令 docker top 容器id
[root@VM-0-15-centos ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e44a0814835 centos "/bin/bash" 28 minutes ago Up 28 minutes upbeat_chaplygin
a0c572f86a91 centos "/bin/bash" 29 minutes ago Up 29 minutes zealous_jones
f74fa0ac68dd redis "docker-entrypoint.s…" 2 months ago Up 3 hours 0.0.0.0:6379->6379/tcp redis
525f8f122f9a portainer/portainer-ce "/portainer" 3 months ago Up 3 hours 0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp portainer
[root@VM-0-15-centos ~]# docker top 9e44a0814835
UID PID PPID C STIME TTY TIME CMD
root 112608 112587 0 23:19 pts/0 00:00:00 /bin/bash
查看镜像的元数据
[root@VM-0-15-centos ~]# docker inspect 9e44a0814835
[
{
"Id": "9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80",
"Created": "2021-02-27T15:19:49.264445389Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 112608,
"ExitCode": 0,
"Error": "",
"StartedAt": "2021-02-27T15:19:49.820034978Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55",
"ResolvConfPath": "/var/lib/docker/containers/9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80/hostname",
"HostsPath": "/var/lib/docker/containers/9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80/hosts",
"LogPath": "/var/lib/docker/containers/9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80/9e44a0814835af83cbca2b3024c7c632ead4b7b06a1e6e9bc40077d3b1063a80-json.log",
"Name": "/upbeat_chaplygin",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/3d8ae5dc53d6fde69d8cc24d8499d0a3a99abb2a24335d3b2801cdb3f44932c3-init/diff:/var/lib/docker/overlay2/d9a9bf7b3335d07d2b17c68fd2740fdb791ee1dad81cf444c899e9fc6950962f/diff",
"MergedDir": "/var/lib/docker/overlay2/3d8ae5dc53d6fde69d8cc24d8499d0a3a99abb2a24335d3b2801cdb3f44932c3/merged",
"UpperDir": "/var/lib/docker/overlay2/3d8ae5dc53d6fde69d8cc24d8499d0a3a99abb2a24335d3b2801cdb3f44932c3/diff",
"WorkDir": "/var/lib/docker/overlay2/3d8ae5dc53d6fde69d8cc24d8499d0a3a99abb2a24335d3b2801cdb3f44932c3/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "9e44a0814835",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20201204",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "302a8da897a1e8bd7015cca98ac6b4e5fde3d0ca01f575a3f23aa7b90a024f22",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/302a8da897a1",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "a9be9d79bcfdc2bebd064794ef139594398e18f76dd3fd86be7244d9e18eaf0b",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.5",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:05",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "377510ac2ee4863b30adf653c7de3d03a9015be6aea5e7f1201d239fa762efe9",
"EndpointID": "a9be9d79bcfdc2bebd064794ef139594398e18f76dd3fd86be7244d9e18eaf0b",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.5",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:05",
"DriverOpts": null
}
}
}
}
]
进入当前正在运行的容器
#我们通常容器都是使用后台运行的,需要进入容器,修改一些配置
[root@VM-0-15-centos ~]# docker exec -it 9e44a0814835 /bin/bash
[root@9e44a0814835 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
#方式二,进入容器正在执行的终端,不会启动新的进程
[root@VM-0-15-centos ~]# docker attach 9e44a0814835 /bin/bash
从容器内拷贝文件到主机上
[root@VM-0-15-centos ~]# docker attach 521d72fe32d5
[root@521d72fe32d5 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@521d72fe32d5 /]# cd home
[root@521d72fe32d5 home]# ls
[root@521d72fe32d5 home]# touch test.java
[root@521d72fe32d5 home]# ls
test.java
[root@521d72fe32d5 home]# exit
exit
[root@VM-0-15-centos ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@VM-0-15-centos ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
521d72fe32d5 centos "/bin/bash" 3 minutes ago Exited (0) 13 seconds ago clever_darwin
[root@VM-0-15-centos ~]# docker cp 521d72fe32d5:/home/test.java /home
[root@VM-0-15-centos ~]# ls
clamav-0.103.0 clamav-0.103.0.tar.gz docker-compose.yml ning
[root@VM-0-15-centos ~]# cd ..
[root@VM-0-15-centos /]# ls
bin boot data dev etc home lib lib64 lost+found media mnt mydata opt proc root run sbin srv sys tmp usr var
[root@VM-0-15-centos /]# cd home
[root@VM-0-15-centos home]# ls
test.java
命令图
可视化工具
#安装
[root@VM-0-15-centos /] docker run -d -p 3306:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
创建用户密码
选择本地数据
登录成功
可以更新镜像
Docker 镜像
镜像是什么
镜像是一种轻量级,可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包含运行某个软件所有所需的所有内容,包括代码,运行时,库,环境变量和配置文件
unionFs (联合文件系统)
unionFs (联合文件系统) :Union 文件系统(UnionFS)是一种分层,轻量级并且高性能的文件系统,它支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同的目录挂载到同一个虚拟文件系统下。Union文件系统是Docker镜像基础,镜像可以通过分层来进行继承,基于基础镜像(没有父镜像),可以制作各种具体的应用镜像。
特性:一次同时加载多个文件系统,但从外面看起来,只能看到一个文件系统,联合加载会把各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录
Docker镜像加载原理
docker的镜像实际上由一层一层的文件系统组成,这种层级的文件系统UnionFS。
**bootfs(boot file system)**主要包含bootloader和kernel,bootloader主要是引导加载kernel,Linux刚启动时会加载bootfs文件系统,在Docker镜像的最底层是bootfs。这一层与我们典型的Linux/Unix系统是一样的, 包含boot加载器和内核。当boot加载完成之后整个内核就都在内存中了,此时内存的使用权已由bootfs转交给内核,此时系统也会卸载bootfs。
rootfs(root file system), 在bootfs之上。包含的就是典型Linux系统中的/dev, /proc, /bin, /etc等标准目录和文件。rootfs就是各种不同的操作系统发行版,比如Ubuntu,Centos等等。
平时我们安装虚拟机的CentOS都是好几个G,为什么docker这里才200M?
[root@VM-0-15-centos home]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 a70d36bc331a 5 weeks ago 449MB
mysql latest c8562eaf9d81 5 weeks ago 546MB
tomcat latest 040bdb29ab37 6 weeks ago 649MB
centos latest 300e315adb2f 2 months ago 209MB
rabbitmq latest f50f482879b3 3 months ago 156MB
redis latest 74d107221092 3 months ago 104MB
portainer/portainer-ce latest a0a227bf03dd 6 months ago 196MB
portainer/portainer latest 62771b0b9b09 7 months ago 79.1MB
hello-world latest bf756fb1ae65 14 months ago 13.3kB
对于一个精简的OS,rootfs可以很小,只需要包括最基本的命令、工具和程序库就可以了,因为底层直接用Host的kernel,自己只需要提供rootfs就行了。由此可见对于不同的linux发行版,bootfs基本是一致的,rootfs会有差别,因此不同的发行版可以共用bootfs。
分层理解
看下面的图,我们下载的时候 是一层一层下载的,有些有冲突存在的就不下载了
[root@VM-0-15-centos local]# docker pull mysql
Using default tag: latest # 如果不写 tag,默认就是 latest
latest: Pulling from library/mysql
a076a628af6f: Pull complete #分层下载,docker images 的核心 联合文件
f6c208f3f991: Pull complete
88a9455a9165: Pull complete
406c9b8427c6: Pull complete
7c88599c0b25: Pull complete
25b5c6debdaf: Pull complete
43a5816f1617: Pull complete
1a8c919e89bf: Pull complete
9f3cf4bd1a07: Pull complete
80539cea118d: Pull complete
201b3cad54ce: Pull complete
944ba37e1c06: Pull complete
Digest: sha256:feada149cb8ff54eade1336da7c1d080c4a1c7ed82b5e320efb5beebed85ae8c
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址
我们执行 查看镜像信息命令就可以看到 RootFs就是下载顺序
[root@VM-0-15-centos ~]# docker inspect 9e44a0814835
所有的Docker 镜像都起始于一个基础镜像层,当进行修改或者添加新的内容时,就会在当前镜像之上,创建新的镜像层
commit镜像
#docker commit 提交容器成为一个新的副本
#命令和 git 原理类型
docker commit -m-"提交的描述性信息" -a-"作者" 容器id 目标镜像名:[tag]
[root@VM-0-15-centos home]# docker commit -a="keleccyo" -m="add webapps"
[root@VM-0-15-centos home]# docker commit -a="kelecc" -m="add webapps" d028c7e207f8 tomcat02:1.0
sha256:d484109a6776e75acf655c18b4a18cc03b0022919f15e16960d584bb17ac6994
[root@VM-0-15-centos home]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat02 1.0 d484109a6776 15 seconds ago 654MB
mysql 5.7 a70d36bc331a 5 weeks ago 449MB
mysql latest c8562eaf9d81 5 weeks ago 546MB
tomcat latest 040bdb29ab37 6 weeks ago 649MB
centos latest 300e315adb2f 2 months ago 209MB
rabbitmq latest f50f482879b3 3 months ago 156MB
redis latest 74d107221092 3 months ago 104MB
portainer/portainer-ce latest a0a227bf03dd 6 months ago 196MB
portainer/portainer latest 62771b0b9b09 7 months ago 79.1MB
hello-world latest bf756fb1ae65 14 months ago 13.3kB
678
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
