docker秒级启动
自动占用100G(虚拟,有多少用多少)
1.安装配置docker
[root@foundation18 ~]# iptables -t nat -I POSTROUTING -s 172.25.18.0/24 -j MASQUERADE
添加规则,使虚拟机上网
[root@server11 ~]# yum install net-tools-2.0-0.17.20131004git.el7.x86_64 -y
[root@server11 ~]# route add default gw 172.25.18.250 ##添加网关
[root@server11 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.25.18.250 0.0.0.0 UG 0 0 0 eth0
172.25.18.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
[root@server11 ~]# vim /etc/resolv.conf ##添加DNS
nameserver 114.114.114.114
[root@server11 ~]# yum install yum-utils device-mapper-persistent-data lvm2 -y
[root@server11 ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo ##下载docker-ce.repo
[root@server11 yum.repos.d]# ls ##多了一个docker-ce.repo
docker-ce.repo redhat.repo yum.repo
[root@server11 yum.repos.d]# yum repolist
******************************************************************
Loaded plugins: product-id, search-disabled-repos, subscription-
: manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
docker-ce-stable | 2.9 kB 00:00
docker-ce-stable/x86_64/primary_db | 13 kB 00:00
repo id repo name status
docker-ce-stable/x86_64 Docker CE Stable - x86_64 15
rhel7.3 rhel7.3 4,751
repolist: 4,766
******************************************************************
[root@server11 docker]# rpm -ivh pigz-2.3.4-1.el7.x86_64.rpm ##安装依赖及docker-ce(社区版)
[root@server11 docker]# yum install container-selinux-2.21-1.el7.noarch.rpm libsemanage-2.5-8.el7.x86_64.rpm libsemanage-python-2.5-8.el7.x86_64.rpm policycoreutils-2.5-17.1.el7.x86_64.rpm policycoreutils-python-2.5-17.1.el7.x86_64.rpm docker-ce-18.03.1.ce-1.el7.centos.x86_64.rpm -y
[root@server11 docker]# yum install bash-* -y ##安装docker自动补齐工具,注销后重新连接就好了
[root@server11 docker]# ip addr ##会多一个docker0接口
********************************************************************
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:7f:1e:0f brd ff:ff:ff:ff:ff:ff
inet 172.25.18.11/24 brd 172.25.18.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe7f:1e0f/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:3b:b1:7a:98 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
********************************************************************
2.docker的使用
[root@server11 docker]# docker load -i rhel7.tar ##导入docker模块
[root@server11 docker]# docker load -i ubuntu.tar
[root@server11 docker]# docker load -i game2048.tar
[root@server11 docker]# docker load -i nginx.tar
[root@server11 docker]# docker info ##显示信息
[root@server11 docker]# docker history nginx:latest ##显示nginx的历史配置信息
[root@server11 docker]# docker run -d nginx ##运行nginx -d 打入后台
自动补齐的话在其后可以添加版本,不加的话默认为最新版
[root@server11 docker]# docker images ##查看模块信息
REPOSITORY TAG IMAGE ID CREATED SIZE
game2048 latest 19299002fdbe 16 months ago 55.5MB
nginx latest af4b3d7d5401 2 years ago 191MB
ubuntu latest 07c86167cdc4 2 years ago 188MB
rhel7 latest 0a3eb3fde7fd 3 years ago 140MB
[root@server11 docker]# docker ps ##查看运行状态(只看运行的)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3da09959370f nginx "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp, 443/tcp epic_shockley
[root@server11 docker]# docker ps -a ##查看运行状态(所有的)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3da09959370f nginx "nginx -g 'daemon of…" 3 minutes ago Up 2 minutes 80/tcp, 443/tcp epic_shockley
[root@server11 docker]# docker inspect epic_shockley(为指定的话为随机生成,运行状态中查看) ##查看具体服务信息
[root@foundation18 ~]# rpm -qf /sbin/brctl ##网桥配置命令
bridge-utils-1.5-9.el7.x86_64
[root@server11 docker]# yum install bridge-utils -y ##安装
[root@server11 docker]# brctl show ##显示网桥信息
bridge name bridge id STP enabled interfaces
docker0 8000.02423bb17a98 no veth714fc41
[root@server11 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3da09959370f nginx "nginx -g 'daemon of…" 7 minutes ago Up 7 minutes 80/tcp, 443/tcp epic_shockley
[root@server11 docker]# docker stop 3d ##删除软件应用,id号写前几位不重复即可
3d
docker run -P -name vm1 nginx ##大写P表示宿主机随机分配端口
[root@server11 docker]# docker run -d -p 80:80 --name vm1 nginx ##小写p指定宿主机分配端口
e4629fc6fcf04a7badd523248e87bead681edee88334f9dafce965f907f4528d
[root@server11 docker]# docker ps ##显示信息,可以看到名称vm1
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e4629fc6fcf0 nginx "nginx -g 'daemon of…" 16 seconds ago Up 14 seconds 0.0.0.0:80->80/tcp, 443/tcp vm1
[root@server11 ~]# docker stop | kill vm1 ##kill比stop要快
[root@server11 ~]# docker rm vm1 ##删除
[root@server11 ~]# docker ps -aq ##显示查询
04d7646fa0f8
18211b445bba
3da09959370f
[root@server11 ~]# docker kill `docker ps -aq` ##批量停止
[root@server11 ~]# docker rm `docker ps -aq` ##批量删除
[root@server11 ~]# docker network ls ##显示网络信息
NETWORK ID NAME DRIVER SCOPE
9e65fc3cf42d bridge bridge local
0ec6ca21f835 host host local
dc5d2a52073a none null local
[root@server11 ~]# docker run -d --network host --name vm1 nginx ##添加网络network host模式,和宿主机使用同一ip
[root@server11 ~]# docker run -d --network host --name vm1 game2048 ##部署game2048
在浏览器上玩
3.docker基本操作
[root@server11 ~]# docker run -it --name vm1 rhel7 bash ##用bash打开交互式界面
bash-4.2# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
ctrl + p + q ##打入后台
[root@server11 ~]# docker attach vm1 ##继续进入后台运行
bash-4.2#
# docker run -it --name vm1 ubuntu bash 创建容器
# docker ps -a 查看容器状态
# docker attach vm1 连接容器
# docker top vm1 查看容器进程
# docker logs vm1 查看容器指令输出 -f 参数可以实时查看
# docker inspect vm1 查看容器详情
# docker stats vm1 查看容器资源使用率
# docker diff vm1 查看容器修改
# docker run -d --name vm1 ubuntu bash -c "while true; do echo westos; sleep 1; done" 后台运行
# docker stop vm1 停止容器
# docker start vm1 启动容器
# docker kill vm1 强制干掉容器
# docker restart vm1 重启容器
# docker pause/unpause vm1 暂停/恢复容器
# docker rm vm1 删除容器
# docker export vm1 > vm1.tar 导出容器
# docker import vm1.tar image 导入容器为镜像 image
# docker search 查询镜像
# docker pull 拉取镜像
# docker push 推送镜像
逻辑卷管理
[root@server11 ~]# docker run -it --name vm1 ubuntu
[root@server11 ~]# docker container stats vm1 ##动态监控
[root@server11 ~]# docker container top vm1 ##静态数据监控
[root@server11 ~]# docker container prune ##删除所有关闭的容器
[root@server11 ~]# docker search nginx ##查看nginx(默认联网搜索)
配置docker加速器,自己申请
[root@server11 ~]# cd /etc/docker/
[root@server11 docker]# ls ##加速器默认下载到这里
key.json
[root@server11 ~]# docker image save rhel7 > test.tar ##镜像封装到test.tar
[root@server11 ~]# docker run -d --name vm1 nginx ##命名为vm1启动
f0c1b860f93f558e84a6b21ea1d61ea32b556871292a987e0978040aad204859
[root@server11 ~]# docker container exec vm1 ls /usr/share/nginx/html ##exec不记入日至中
50x.html
index.html
[root@server11 ~]# docker container exec vm1 ls /etc/nginx
[root@server11 ~]# vim test.html
www.westos.com
[root@server11 ~]# docker container cp test.html vm1:/usr/share/nginx/html/
[root@server11 ~]# docker container exec vm1 ls /usr/share/nginx/html
50x.html
index.html
test.html
[root@server11 ~]# curl 172.17.0.2/test.html
www.westos.com
[root@server11 ~]# docker run -d --name vm1 -v /tmp/html:/usr/share/nginx/html nginx ##把/usr/share/nginx/html挂载到/tmp
[root@server11 ~]# cd /tmp/ ##宿主机上直接访问
[root@server11 html]# vim index.html
hello world
[root@server11 html]# curl 172.17.0.2
hello world
[root@server11 html]# docker run -it --name vm2 -v /tmp/data1:/data1 -v /tmp/data2:/data2 -v /etc/passwd:/passwd:ro ubuntu
root@d047b73983fd:/# cd data2/
root@d047b73983fd:/data2# touch file2
root@d047b73983fd:/data2# [root@server11 html]#
[root@server11 html]# cd /tmp/data2/
[root@server11 data2]# ls
file2
[root@server11 ~]# docker create --name datavol -v /tmp/data1:/data1 -v /tmp/data2:/data2 -v /etc/passwd:/passwd:ro ubuntu ##做虚拟封装,docker ps 查不到,默认为stop状态
[root@server11 ~]# docker run -it --volumes-from datavol --name vm2 ubuntu ##可以拿虚拟封装直接启动
[root@server11 ~]# docker run -it --volumes-from datavol --name vm3 ubuntu
[root@server11 ~]# docker run --rm --volumes-from datavol -v /tmp/backup:/backup ubuntu tar cf /backup/data.tar /data2
[root@server11 ~]# cd /tmp/backup/
[root@server11 backup]# ls
data.tar
4.网络管理
bridge(默认)
[root@server11 ~]# docker run -it --name vm1 ubuntu
root@7722a26eef1e:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
30: eth0@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@server11 ~]# docker run -it --name vm2 --network container:vm1 ubuntu
root@7722a26eef1e:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
30: eth0@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
host
[root@server11 ~]# docker run -it --network host ubuntu
root@server11:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:7f:1e:0f brd ff:ff:ff:ff:ff:ff
inet 172.25.18.11/24 brd 172.25.18.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe7f:1e0f/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:3b:b1:7a:98 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:3bff:feb1:7a98/64 scope link
valid_lft forever preferred_lft forever
none
[root@server11 ~]# docker run -it --name vm1 --network none ubuntu
root@8a4789e61540:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
[root@server11 ~]# cd /var/run/
[root@server11 run]# ip netns list
[root@server11 run]# ip netns help
[root@server11 run]# ip netns add test
[root@server11 run]# cd netns/
[root@server11 netns]# ls
test
[root@server11 netns]# ip netns delete test
[root@server11 netns]# ls
[root@server11 netns]# ip link add name veth0 type veth peer name veth1
[root@server11 netns]# brctl addif docker0 veth1
[root@server11 netns]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.02423bb17a98 no veth1
[root@server11 netns]# ip link set up veth1
[root@server11 netns]# ip link set up veth0
[root@server11 ~]# docker inspect vm1 | grep Pid
"Pid": 9247,
"PidMode": "",
"PidsLimit": 0,
[root@server11 ~]# cd /proc/9247/ns/
[root@server11 ns]# ll
total 0
lrwxrwxrwx 1 root root 0 May 4 03:33 ipc -> ipc:[4026532208]
lrwxrwxrwx 1 root root 0 May 4 03:33 mnt -> mnt:[4026532206]
lrwxrwxrwx 1 root root 0 May 4 03:26 net -> net:[4026532211]
lrwxrwxrwx 1 root root 0 May 4 03:33 pid -> pid:[4026532209]
lrwxrwxrwx 1 root root 0 May 4 03:33 user -> user:[4026531837]
lrwxrwxrwx 1 root root 0 May 4 03:33 uts -> uts:[4026532207]
[root@server11 ns]# ln -s /proc/9247/ns/net /var/run/netns/9247
[root@server11 ns]# ip netns list
9247
[root@server11 ns]# ip link set veth0 netns 9247
[root@server11 ns]# ip netns exec 9247 ip link set veth0 name eth0
[root@server11 ns]# ip netns exec 9247 ip addr add 172.25.18.10/24 dev eth0
[root@server11 ns]# ip netns exec 9247 ip link set up eth0
[root@server11 netns]# docker attach vm1
root@8a4789e61540:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
33: eth0@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 56:85:91:a7:94:3e brd ff:ff:ff:ff:ff:ff
inet 172.25.18.10/24 scope global eth0
valid_lft forever preferred_lft forever
5.容器间互联:
docker run -it --name vm2 --link vm1:web ubuntu
ping web
6.封装一个新的容器
首先新建个空文件夹
[root@server11 docker]# vim Dockerfile
FROM rhel7:v1
MAINTAINER zerotoherodevin@63.com
ENV HOSTNAME server1
EXPOSE 80
RUN yum install -y httpd
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
[root@server11 docker]# docker run --name vm1 -it rhel7 bash
bash-4.2# rpmdb --rebuilddb
bash-4.2# cd /etc/yum.repos.d/
bash-4.2# ls
rhel7.repo
bash-4.2# vi dvd.repo
[dvd]
name=rhel7.3
baseurl=http://172.25.18.250/rhel7.3
gpgcheck=0
bash-4.2# rm -rf rhel7.repo
bash-4.2# yum clean all
Cleaning repos: dvd
Cleaning up everything
bash-4.2# yum repolist
dvd | 4.1 kB 00:00
(1/2): dvd/group_gz | 136 kB 00:00
(2/2): dvd/primary_db | 3.9 MB 00:00
repo id repo name status
dvd rhel7.3 4751
repolist: 4751
[root@server11 docker]# docker commit vm1 rhel7:v1
[root@server11 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v1 9614c7d4e7eb 4 seconds ago 171MB
game2048 latest 19299002fdbe 16 months ago 55.5MB
nginx latest af4b3d7d5401 2 years ago 191MB
ubuntu latest 07c86167cdc4 2 years ago 188MB
rhel7 latest 0a3eb3fde7fd 3 years ago 140MB
[root@server11 docker]# docker kill vm1
[root@server11 docker]# docker rm vm1
[root@server11 docker]# docker build -t rhel7:v2 .
[root@server11 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v2 22093c09706c 39 seconds ago 200MB
rhel7 v1 9614c7d4e7eb 4 minutes ago 171MB
game2048 latest 19299002fdbe 16 months ago 55.5MB
nginx latest af4b3d7d5401 2 years ago 191MB
ubuntu latest 07c86167cdc4 2 years ago 188MB
rhel7 latest 0a3eb3fde7fd 3 years ago 140MB
[root@server11 docker]# mkdir web
[root@server11 docker]# cd web/
[root@server11 web]# vim index.html
www.westos.com
[root@server11 web]# docker run -d --name apache -v /root/docker/docker/web/:/var/www/html rhel7:v2
[root@server11 web]# curl 172.17.0.2
www.westos.com
基础服务封装
[root@server11 ns]# docker run --name vm2 -it rhel7 bash
bash-4.2# yum install openssh-server openssh-clients -y
bash-4.2# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
bash-4.2# ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ""
bash-4.2# ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
bash-4.2# /usr/sbin/sshd
bash-4.2# echo root:westos | chpasswd
[root@server11 web]# ssh 172.17.0.3
FROM rhel7:v1
MAINTAINER zerotoherodevin@63.com
ENV HOSTNAME server2
EXPOSE 22
RUN yum install -y openssh-server openssh-clients && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:westos | chpasswd
CMD ["/usr/sbin/sshd","-D"]
[root@server11 docker]# docker build -t rhel7:v3 .
[root@server11 docker]# docker run -d --name ssh -p 2222:22 rhel7:v3
[root@foundation18 Desktop]# ssh -l root -p 2222 172.25.18.11 ##客户机ssh宿主机2222端口,不是宿主机测试
[root@server11 ns]# iptables -t nat -nL ##查看规则
多个服务启动
[root@server11 docker]# docker run -it --name vm1 rhel7:v1
bash-4.2# vi /etc/yum.repos.d/dvd.repo
[dvd]
name=rhel7.3
baseurl=http://172.25.18.250/rhel7.3
gpgcheck=0
[docker]
name=docker
baseurl=ftp://172.25.254.250/pub/docker
gpgcheck=0
bash-4.2# yum repolist
docker | 2.9 kB 00:00
dvd | 4.1 kB 00:00
docker/primary_db | 9.1 kB 00:01
repo id repo name status
docker docker 11
dvd rhel7.3 4751
repolist: 4762
bash-4.2# yum install supervisor -y
[root@server11 docker]# pwd
/root/docker/docker
[root@server11 docker]# ls
Dockerfile web
[root@server11 docker]# vim docker.repo
[docker]
name=docker
baseurl=ftp://172.25.254.250/pub/docker
gpgcheck=0
[root@server11 docker]# vim Dockerfile
FROM rhel7:v1
MAINTAINER zerotoherodevin@63.com
ENV HOSTNAME server3
EXPOSE 22 80
COPY docker.repo /etc/yum.repos.d/docker.repo
RUN yum install -y openssh-server openssh-clients httpd supervisor && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:westos | chpasswd
VOLUME ["/var/www/html"]
COPY supervisord.conf /etc/supervisord.conf
CMD ["/usr/sbin/supervisord]
[root@server11 docker]# vim supervisord.conf 编写supervisord配置文件
[supervisord]
nodaemon=true
[program:sshd]
command=/usr/sbin/sshd -D
[program:httpd]
command=/usr/sbin/httpd
[root@server11 docker]# docker build -t rhel7:v4 . ##建立v4
[root@server11 docker]# docker images rhel7
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v4 2dd4e5b6b9a5 23 seconds ago 209MB
rhel7 v3 3c055dae85e9 3 days ago 185MB
rhel7 v2 22093c09706c 3 days ago 200MB
rhel7 v1 9614c7d4e7eb 3 days ago 171MB
rhel7 latest 0a3eb3fde7fd 3 years ago 140MB
[root@server11 docker]# docker history rhel7:v4
IMAGE CREATED CREATED BY SIZE COMMENT
2dd4e5b6b9a5 2 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "[\"/… 0B
58a68e395f95 2 minutes ago /bin/sh -c #(nop) COPY file:cc98e6717d5456ef… 111B
41ea42dd0778 2 minutes ago /bin/sh -c #(nop) VOLUME [/var/www/html] 0B
a39470ef76df 2 minutes ago /bin/sh -c yum install -y openssh-server ope… 38MB
8f0e4002e154 3 minutes ago /bin/sh -c #(nop) COPY file:547c66195da09830… 72B
7f34523553e4 3 minutes ago /bin/sh -c #(nop) EXPOSE 22 80 0B
9685ba5e6eb5 3 minutes ago /bin/sh -c #(nop) ENV HOSTNAME=server3 0B
3c267745b228 3 days ago /bin/sh -c #(nop) MAINTAINER zerotoherodevi… 0B
9614c7d4e7eb 3 days ago bash 30.7MB
0a3eb3fde7fd 3 years ago 140MB Imported from -
[root@server11 docker]# docker run -d --name web -v /root/docker/web/:/var/www/html rhel7:v4 ##启动
b9e4631cbf2a312ffe71e15469cfb58876b545182f5c485773ca2a515c9eb358
[root@server11 docker]# cat web/index.html
www.westos.com
[root@server11 docker]# curl 172.17.0.2 ##测试apache
[root@server11 docker]# ssh root@172.17.0.2 ##测试sshd
docker私有仓库
[root@server11 docker]# docker load -i registry-2.3.1.tar ##导入tar包
[root@server11 docker]# docker run -d --name registry -p 5000:5000 -v /opt/registry:/var/lib/registry registry:2.3.1 ##端口映射5000端口,运行
cf40c5a5d24c13f14c03bfe98281fc05e1d50bd2c147a9b38ab6bca4a6814ef6
[root@server11 docker]# docker tag nginx localhost:5000/nginx:latest ##命名
[root@server11 docker]# docker push localhost:5000/nginx:latest ##推送
[root@server11 docker]# docker rmi localhost:5000/nginx ##删除
[root@server11 docker]# docker rmi nginx ##删除
[root@server11 docker]# docker pull localhost:5000/nginx:latest ##下载
[root@server11 docker]# docker tag localhost:5000/nginx:latest nginx ##命名
[root@server11 docker]# docker rmi localhost:5000/nginx ##删除
添加认证
[root@server11 docker]# vim /etc/hosts
172.25.18.11 server11 devin.org
[root@server11 docker]# mkdir certs
[root@server11 docker]# cd certs/
[root@server11 certs]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout devin.org.key -x509 -days 365 -out devin.org.crt ##创建密钥 ****************************************************
Generating a 4096 bit RSA private key
......................++
........................................................................................................................................++
writing new private key to 'devin.org.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:shaanxi
Locality Name (eg, city) [Default City]:xi'an
Organization Name (eg, company) [Default Company Ltd]:devin
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:devin.org ##本地域名解析,一定要写!!
Email Address []:zerotoherodevin@163.com
****************************************************
[root@server11 certs]# ls
devin.org.crt devin.org.key
[root@server11 certs]# cd /opt/registry/ ##还用这个目录
[root@server11 registry]# rm -rf * ##清空
[root@server11 docker]# docker run -d --name registry --restart=always -v `pwd`/certs:/certs -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/devin.org.crt -e REGISTRY_HTTP_TLS_KEY=/certs/devin.org.key -p 443:443 -v /opt/registry/:/var/lib/registry registry:2.3.1
6009b92fabdbd725e312a2ba28dcd2f5d63fd13f0702f3eaef8ecd4768c81dc2
[root@server11 docker]# cd /etc/docker/
[root@server11 docker]# ls
key.json
[root@server11 docker]# mkdir -p certs.d/devin.org ##识别目录
[root@server11 docker]# ls
certs.d key.json
[root@server11 docker]# cd certs.d/westos.org/
[root@server11 westos.org]# cp ~/docker/docker/certs/devin.org.crt ca.crt
[root@server11 westos.org]# ls
ca.crt
[root@server11 devin.org]# docker tag ubuntu:latest devin.org/ubuntu
[root@server11 devin.org]# docker push devin.org/ubuntu ##推送上去
The push refers to repository [devin.org/ubuntu]
5f70bf18a086: Pushed
11083b444c90: Pushed
9468150a390c: Pushed
56abdd66ba31: Pushed
latest: digest: sha256:4e709bde11754c2a27ed6e9b9ba55569647f83903f85cd8107e36162c5579984 size: 1151
[root@server11 devin.org]# docker rmi devin.org/ubuntu ##删除镜像
[root@server12 ~]# cd /etc/docker/
[root@server12 docker]# ls
key.json
[root@server12 docker]# mkdir -p certs.d/devin.org
[root@server12 docker]# cd certs.d/devin.org/
[root@server11 devin.org]# scp ca.crt server12:/etc/docker/certs.d/devin.org/ ##发送给server12
[root@server12 devin.org]# ls
ca.crt
[root@server12 devin.org]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@server12 devin.org]# docker pull devin.org/ubuntu ##下载镜像
Using default tag: latest
latest: Pulling from ubuntu
257507fcd746: Pull complete
cd03f9b52ed8: Pull complete
493709ab45b5: Pull complete
4f4fb700ef54: Pull complete
Digest: sha256:4e709bde11754c2a27ed6e9b9ba55569647f83903f85cd8107e36162c5579984
Status: Downloaded newer image for devin.org/ubuntu:latest
[root@server12 devin.org]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
devin.org/ubuntu latest 07c86167cdc4 2 years ago 188MB
[root@server12 devin.org]# curl --cacert /etc/docker/certs.d/devin.org/ca.crt https://devin.org/v2/_catalog ##查看信息
{"repositories":["ubuntu"]}
[root@server12 devin.org]# cd /etc/pki/ca-trust/source/anchors/
[root@server12 anchors]# cp /etc/docker/certs.d/devin.org/ca.crt .
[root@server12 anchors]# ls
ca.crt
[root@server12 anchors]# mv ca.crt devin.org.crt ##更改名称
[root@server12 anchors]# ls
devin.org.crt
[root@server12 anchors]# update-ca-trust ##更新验证信息
[root@server12 anchors]# curl https://devin.org/v2/_catalog ##免密查看
{"repositories":["ubuntu"]}
curl验证
[root@server11 docker]# mkdir auth
[root@server11 docker]# docker run --entrypoint htpasswd registry:2.3.1 -Bbn admin westos > auth/htpasswd ##加入验证信息
[root@server11 docker]# cd auth/
[root@server11 auth]# cat htpasswd
admin:$2y$05$v43Cln6DPHGCIj3i6gJctOBo3Nslr/hSdKhhaiyB9w/LCmh0UDF8K
[root@server11 auth]# docker run --entrypoint htpasswd registry:2.3.1 -Bbn hjq devin >> htpasswd ##追加验证信息
[root@server11 auth]# cat htpasswd
admin:$2y$05$v43Cln6DPHGCIj3i6gJctOBo3Nslr/hSdKhhaiyB9w/LCmh0UDF8K
hjq:$2y$05$d43C4e9tdzdTf8K35SD9beAzkfbC0Nwtwr9UoMYue8mzS4NfV4khW
[root@server11 docker]# docker run -d --name registry --restart=always -v `pwd`/certs:/certs -v `pwd`/auth:/auth -e REGISTRY_HTTP_ADDR=0.0.0.0:443 -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/devin.org.crt -e REGISTRY_HTTP_TLS_KEY=/certs/devin.org.key -e REGISTRY_AUTH=htpasswd -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=auth/htpasswd -p 443:443 -v /opt/registry/:/var/lib/registry registry:2.3.1
31188fcc2aa0b12d04145b57d005467ba57507f44670f078dcb0fa496bb61c26 ##运行registry
[root@server11 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
31188fcc2aa0 registry:2.3.1 "/bin/registry /etc/…" 24 seconds ago Up 22 seconds 0.0.0.0:443->443/tcp, 5000/tcp registry
[root@server12 ~]# docker login devin.org ##验证信息
Username: admin
Password:
Login Succeeded
[root@server12 ~]# cd .docker/
[root@server12 .docker]# cat config.json ##密码文件
{
"auths": {
"devin.org": {
"auth": "YWRtaW46d2VzdG9z"
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.03.1-ce (linux)"
}
[root@server12 .docker]# docker pull devin.org/ubuntu
Using default tag: latest
latest: Pulling from ubuntu
Digest: sha256:4e709bde11754c2a27ed6e9b9ba55569647f83903f85cd8107e36162c5579984
Status: Image is up to date for devin.org/ubuntu:latest
[root@server12 docker]# curl -u admin:westos https://devin.org/v2/_catalog ##查看容器信息
cgroup管理
新开一个rhel6.5的虚拟机server1
[root@server1 ~]# yum install libcgroup.x86_64 -y
[root@server1 ~]# /etc/init.d/cgconfig start
[root@server1 /]# cd cgroup/
[root@server1 cgroup]# ll ##组内的管理文件
total 0
drwxr-xr-x 2 root root 0 May 8 15:20 blkio
drwxr-xr-x 2 root root 0 May 8 15:20 cpu
drwxr-xr-x 2 root root 0 May 8 15:20 cpuacct
drwxr-xr-x 2 root root 0 May 8 15:20 cpuset
drwxr-xr-x 2 root root 0 May 8 15:20 devices
drwxr-xr-x 2 root root 0 May 8 15:20 freezer
drwxr-xr-x 2 root root 0 May 8 15:20 memory
drwxr-xr-x 2 root root 0 May 8 15:20 net_cls
内存
[root@server1 cgroup]# cd memory/ ##内存管理
[root@server1 memory]# ls
cgroup.event_control memory.move_charge_at_immigrate
cgroup.procs memory.oom_control
memory.failcnt memory.soft_limit_in_bytes
memory.force_empty memory.stat
memory.limit_in_bytes memory.swappiness
memory.max_usage_in_bytes memory.usage_in_bytes
memory.memsw.failcnt memory.use_hierarchy
memory.memsw.limit_in_bytes notify_on_release
memory.memsw.max_usage_in_bytes release_agent
memory.memsw.usage_in_bytes tasks
[root@server1 memory]# bc ##打开计算器
bc 1.06.95
Copyright 1991-1994, 1997, 1998, 2000, 2004, 2006 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'.
100*1024
102400
100*1024*1024
104857600
quit
[root@server1 memory]# vim /etc/cgconfig.conf ##配置文件
group x1 {
memory {
memory.limit_in_bytes = 104857600;
memory.memsw.limit_in_bytes = 104857600;
}
}
[root@server1 memory]# cd .. ##退出来再重启,不然会占用报错
[root@server1 cgroup]# /etc/init.d/cgconfig restart
Stopping cgconfig service: [ OK ]
Starting cgconfig service: [ OK ]
[root@server1 cgroup]# cd memory/x1/ ##新建的x1
[root@server1 x1]# cat memory.limit_in_bytes
104857600
[root@server1 x1]# vim /etc/cgrules.conf ##指定用户
devin memory x1/
[root@server1 x1]# /etc/init.d/cgred start ##启动cgred
[root@server1 x1]# cgexec -g memory:x1 dd if=/dev/zero of=bigfile bs=1M count=200 ##指定规则切割
Killed
或者
[root@server1 x1]# useradd devin
[root@server1 x1]# su - devin
[devin@server1 ~]$ cd /dev/shm/
[devin@server1 shm]$ dd if=/dev/zero of=bigfile bs=1M count=200
Killed
cpu
[root@server1 shm]# cd /cgroup/cpu
[root@server1 cpu]# ll
total 0
--w--w--w- 1 root root 0 May 8 15:44 cgroup.event_control
-rw-r--r-- 1 root root 0 May 8 15:44 cgroup.procs
-rw-r--r-- 1 root root 0 May 8 15:44 cpu.cfs_period_us
-rw-r--r-- 1 root root 0 May 8 15:44 cpu.cfs_quota_us
-rw-r--r-- 1 root root 0 May 8 15:44 cpu.rt_period_us
-rw-r--r-- 1 root root 0 May 8 15:44 cpu.rt_runtime_us
-rw-r--r-- 1 root root 0 May 8 15:44 cpu.shares
-r--r--r-- 1 root root 0 May 8 15:44 cpu.stat
-rw-r--r-- 1 root root 0 May 8 15:44 notify_on_release
-rw-r--r-- 1 root root 0 May 8 15:44 release_agent
-rw-r--r-- 1 root root 0 May 8 15:44 tasks
[root@server1 cpu]# cat cpu.shares
1024
[root@server1 cpu]# vim /etc/cgconfig.conf
group x2 {
cpu {
cpu.share = 100;
}
}
[root@server1 cpu]# cd
[root@server1 ~]# /etc/init.d/cgconfig restart
Stopping cgconfig service: [ OK ]
Starting cgconfig service: [ OK ]
[root@server1 ~]# cd -
/cgroup/cpu
[root@server1 cpu]# cd x2/
[root@server1 x2]# cat cpu.shares
100
[root@server1 x2]# dd if=/dev/zero of=/dev/null &
[1] 1243
[root@server1 x2]# top
cpu管理工具
[root@server1 x2]# cd /sys/devices/system/cpu/
[root@server1 cpu]# ls
cpu0 cpu1 cpufreq cpuidle kernel_max offline online possible present
[root@server1 cpu]# cd cpu1 ##cpu0是默认的,无法更改
[root@server1 cpu1]# ls
cache online crash_notes node0 topology
[root@server1 cpu1]# cat online ##显示cpu信息
1
[root@server1 cpu1]# echo 0 > online ##更改0挂掉,1上线
[root@server1 ~]# killall dd ##删除所有dd进程
cpu1再打开,yongtop查看
blkio
[root@server1 blkio]# ll /dev/vda
brw-rw---- 1 root disk 252, 0 May 8 15:11 /dev/vda ##252,0 是vda的信息
[root@server1 blkio]# vim /etc/cgconfig.conf
group x3 {
blkio {
blkio.throttle.read_bps_device = "252:0 1000000"; ##限速1000k
}
}
[root@server1 ~]# yum install iotop -y ##查看速度的软件
[root@server1 ~]# cgexec -g blkio:x3 dd if=/dev/vda of=/dev/null & ##执行
[1] 1306
[root@server1 ~]# iotop ##查看
##freezer
[root@server1 freezer]# vim /etc/cgconfig.conf
group x4 {
freezer {} ##冻结
}
[root@server1 freezer]# cd
[root@server1 ~]# /etc/init.d/cgconfig restart
Stopping cgconfig service: [ OK ]
Starting cgconfig service: [ OK ]
[root@server1 ~]# cd -
/cgroup/freezer
[root@server1 freezer]# cd x4/
[root@server1 x4]# cat tasks ##管理进程的文件
[root@server1 x4]# cgexec -g blkio:x3 dd if=/dev/vda of=/dev/null &
[1] 1336
[root@server1 x4]# echo 1336 > tasks ##导入(用的是速度查询的进程)
[root@server1 x4]# cat freezer.state ##运行状态
THAWED
[root@server1 x4]# echo FROZEN > freezer.state ##冻结状态
[root@server1 x4]# iotop
[root@server1 x4]# echo THAWED > freezer.state ##正常运行
[root@server1 x4]# iotop
权限控制
[root@server11 ~]# docker run -it --name vm1 ubuntu
root@7b2d87cf4cfb:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft foreve
root@7b2d87cf4cfb:/# ip addr del 172.17.0.2/16 dev eth
Not enough information: "dev" argument is required.
[root@server11 ~]# docker rm vm1
vm1
[root@server11 ~]# docker run -it --name vm1 --privileged=true ubuntu ##权限全开
root@73ac51e1357c:/# ip addr del 172.17.0.2/16 dev eth0 ##成功删除
[root@server11 ~]# docker run -it --name vm1 --cap-add=NET_ADMIN ubuntu ##只开网络管理权限
root@4f99c78bffcd:/# [root@server11 ~]#
[root@server11 ~]# docker inspect -f {{.HostConfig.CapAdd}} vm1 ##查看权限
[NET_ADMIN]
下载docker-compose-Linux-x86_64
[root@server11 ~]# mv docker-compose-Linux-x86_64 /usr/local/sbin/ ##是个执行文件
[root@server11 ~]# cd /usr/local/sbin/
[root@server11 sbin]# chmod +x docker-compose-Linux-x86_64 ##加执行权限
[root@server11 sbin]# ln -s docker-compose-Linux-x86_64 docker-compose ##做链接
[root@server11 docker]# mkdir compose
[root@server11 docker]# cd compose/
[root@server11 compose]# mkdir haproxy
[root@server11 compose]# mkdir web
[root@server11 compose]# vim docker-compose.yml
apache:
build: ./web ##因为是yun install 自己装的,所以要build
expose:
- 80
nginx:
image: nginx ##用的是容器,直接使用
expose:
- 80
haproxy:
image: haproxy
volumes:
- ./haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
links:
- apache
- nginx
ports:
- "80:80"
expose:
- "80"
[root@server11 compose]# cd ..
[root@server11 docker]# cp Dockerfile compose/web/ ##复制执行文件 Dockerfile
[root@server11 docker]# cd compose/web/
[root@server11 web]# vim Dockerfile ##修改以下之前的文件
FROM rhel7:v1
MAINTAINER zerotoherodevin@63.com
ENV HOSTNAME apache
EXPOSE 80
RUN yum install -y httpd
COPY index.html /var/www/html/index.html
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
[root@server11 web]# vim index.html ##配置发布目录
www.westos.com
[root@server11 compose]# cd haproxy/
[root@server11 haproxy]# vim haproxy.cfg ##配置haproxy
*************************************
global
log 127.0.0.1 local0
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
stats uri /status
frontend balancer
bind 0.0.0.0:80
default_backend web_backends
backend web_backends
balance roundrobin
server web1 apache:80 check
server web2 nginx:80 check
*************************************
下载haproxy
[root@server11 ~]# docker load -i haproxy.tar ##挂载
[root@server11 compose]# docker-compose up ##开始 必须再compose目录下
[root@server11 compose]# docker-compose start ##启动
[root@server11 compose]# docker ps ##查看状态
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
574b3177880a haproxy "/docker-entrypoint.…" About a minute ago Up 8 seconds 0.0.0.0:80->80/tcp compose_haproxy_1
6c40c6477082 nginx "nginx -g 'daemon of…" About a minute ago Up 9 seconds 80/tcp, 443/tcp compose_nginx_1
15e50bf6a397 compose_apache "/usr/sbin/httpd -D …" About a minute ago Up 10 seconds 80/tcp compose_apache_1
测试:
浏览器访问http://172.25.18.11/status
浏览器访问http://172.25.18.11/刷新查看轮询状态
[root@server11 compose]# docker-compose port haproxy 80
0.0.0.0:80
清空环境
[root@server11 compose]# docker-compose stop
Stopping compose_haproxy_1 ... done
Stopping compose_nginx_1 ... done
Stopping compose_apache_1 ... done
[root@server11 compose]# docker-compose rm
Going to remove compose_haproxy_1, compose_nginx_1, compose_apache_1
Are you sure? [yN] y
Removing compose_haproxy_1 ... done
Removing compose_nginx_1 ... done
Removing compose_apache_1 ... done
[root@server11 compose]# docker rmi compose_apache:latest
集群管理,再开两个rhel7.3的虚拟机server12 server13,配置好docker环境
加解析,时间同步
[root@server11 compose]# docker swarm init ##集群初始化
Swarm initialized: current node (fk4rr45hk5b9rrps16huounyh) is now a manager.
To add a worker to this swarm, run the following command:
docker swarm join --token SWMTKN-1-1mbgkd482uys73hj21mq4xgjnx2x083rv73npjkr0p8oy6nq30-2a2beqem8hkwp897ld9rhmona 172.25.18.11:2377
To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.
[root@server12 ~]# docker swarm join --token SWMTKN-1-1mbgkd482uys73hj21mq4xgjnx2x083rv73npjkr0p8oy6nq30-2a2beqem8hkwp897ld9rhmona 172.25.18.11:2377
This node joined a swarm as a worker. ##加入集群
[root@server13 ~]# docker swarm join --token SWMTKN-1-1mbgkd482uys73hj21mq4xgjnx2x083rv73npjkr0p8oy6nq30-2a2beqem8hkwp897ld9rhmona 172.25.18.11:2377
This node joined a swarm as a worker. ##加入集群
[root@server11 compose]# docker node ls ##查看节点
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
fk4rr45hk5b9rrps16huounyh * server11 Ready Active Leader 18.03.1-ce
qqs3demm4q5clldkx5tyw7oac server12 Ready Active 18.03.1-ce
g7ukui2aqdqi34bqsgz6jfj2m server13 Ready Active 18.03.1-ce
[root@server11 ~]# docker service create --name web --publish 80:80 --replicas 3 nginx ##创建,开三个,80端口映射
uyne4xd2kxs6qezxowu3xjqgr
overall progress: 3 out of 3 tasks
1/3: running
2/3: running
3/3: running
verify: Service converged
[root@server11 ~]# docker service ps web ##查看状态
[root@server11 ~]# docker service scale web=6 ##更改为6个
[root@server11 ~]# docker service ps web ##查看状态
监控
[root@server11 ~]# docker load -i visualizer.tar ##导入监控包
[root@server11 ~]# docker service create --name=vi --publish=8080:8080/tcp --constraint=node.role==manager --mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock dockersamples/visualizer ##创建名字为vi,端口映射为8080的监控
测试:
浏览器访问http://172.25.18.11:8080/
[root@server11 ~]# docker service scale web=3 ##更改为3个
测试:
浏览器访问http://172.25.18.11:8080/ ##动态更新
[root@server11 ~]# docker save rhel7:v2 > rhel7.tar ##导出到包中
[root@server11 ~]# scp rhel7.tar server12: ##分发给server12
[root@server11 ~]# scp rhel7.tar server13: ##分发给server13
[root@server11 ~]# docker service update --update-parallelism 2 --update-delay 2s --update-failure-action rollback --image rhel7:v2 web ##执行更新,没次两个,每两秒一次,错误更新回滚,web更新为rhel7:v2
flask pythoneijian配件
[root@server11 ~]# docker load -i flask.tar ##导入flask包
[root@server11 ~]# vim test.py ##写python脚本
*****************************
from flask import Flask ##导入flask类
import os ##导入os模块
app = Flask(__name__)
@app.route("/")
def env():
return os.environ["HOSTNAME"] ##宿主机名
app.run(host="0.0.0.0")
*****************************
[root@server11 ~]# docker run -d --name test -v /root/test.py:/test.py python:flask python /test.py ##运行
[root@server11 ~]# curl 172.17.0.2:5000 ##测试
5052a05f6526
[root@server11 ~]# docker kill test ##清空环境
test
[root@server11 ~]# docker rm test
test
[root@server11 ~]# docker run -it --name test python:flask ##交互式打开
Python 2.7.11 (default, Mar 24 2016, 09:47:20)
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> ##ctrl + p + q 打入后台
[root@server11 ~]# docker container cp test.py test:/ ##复制进容器
[root@server11 ~]# docker container exec test ls / ##查看是否有test.py
[root@server11 ~]# docker container commit test python:demo ##保存
[root@server11 ~]# docker save python:demo > demo.tar ##导出到demo.tar
[root@server11 ~]# scp demo.tar server12: ##分发给server12
[root@server11 ~]# scp demo.tar server13: ##分发给server13
[root@server12 ~]# docker load -i demo.tar
[root@server13 ~]# docker load -i demo.tar
[root@server11 ~]# docker service rm web ##清空环境
[root@server11 ~]# docker service create --replicas 3 --publish 80:5000 python:demo python /test.py ##建立三个,端口映射为80,执行test.py文件
[root@server11 ~]# docker service ls ##因为忘记命名了,所以查看一下随机生成的名字
ID NAME MODE REPLICAS IMAGE PORTS
z2wih3aeznxq hardcore_bassi replicated 3/3 python:demo *:80->5000/tcp
j8g3o06y3tr3 vi replicated 1/1 dockersamples/visualizer:latest *:8080->8080/tcp
[root@server11 ~]# docker service ps hardcore_bassi ##查看状态
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
671cxu7uxwq2 hardcore_bassi.1 python:demo server11 Running Running 52 seconds ago
kdm49yzr0ju1 hardcore_bassi.2 python:demo server12 Running Running 50 seconds ago
cvd5y571k561 hardcore_bassi.3 python:demo server13 Running Running 49 seconds ago
[root@foundation18 ~]# for i in {1..10}; do curl -w "\n" 172.25.18.11; done ##真机测试,三个一循环
8390916ce00e
da81ac5e15fa
a9f5c387f3f5
8390916ce00e
da81ac5e15fa
a9f5c387f3f5
8390916ce00e
da81ac5e15fa
a9f5c387f3f5
8390916ce00e
[root@server11 ~]# docker service scale hardcore_bassi=10 ##开启10个
[root@foundation18 ~]# for i in {1..20}; do curl -w "\n" 172.25.18.11; done ##真机测试,十个一循环
da81ac5e15fa
a9f5c387f3f5
6f645c7f7491
66f2020fded1
f9531d7e4000
2ef7f3821dd5
58deb819b70e
3da12c0d2f6c
7c54a4fcc8a5
8390916ce00e
da81ac5e15fa
a9f5c387f3f5
6f645c7f7491
66f2020fded1
f9531d7e4000
2ef7f3821dd5
58deb819b70e
3da12c0d2f6c
7c54a4fcc8a5
8390916ce00e
文件挂载
[root@server11 ~]# docker service create --name web --replicas 3 -p 80:80 nginx
[root@server11 ~]# docker service update --mount-add type=bind,source=/root/web,target=/usr/share/nginx/html web ##前提是三个机子都有/root/web/index.html文件
[root@foundation18 ~]# curl 172.25.18.11 ##server11里写了一个 server12里写了两个 server13里写了三个
www.westos.com
[root@foundation18 ~]# curl 172.25.18.11
www.westos.com
www.westos.com
[root@foundation18 ~]# curl 172.25.18.11
www.westos.com
www.westos.com
www.westos.com
也可以直接挂载
[root@server11 ~]# docker service create --name web --replicas 3 -p 80:80 --mount type=bind,source=/root/web,target=/usr/share/nginx/html nginx
!!!!!!!!!!!!!!!解决报错问题!!!!!!!!!!!!!!!!!!
连接报错
- sudo service docker stop
- sudo rm /var/lib/docker/network/files/local-kv.db
- sudo service docker start