docker 基础

docker

docker 目录

安装:

菜鸟教程https://www.runoob.com/docker/centos-docker-install.html

结构:

  • docker 安装
  • docker 卸载
  • 安装 Docker Engine-Community
  • 启动 Docker
  • docker测试

docker 安装:

1、官网安装命令如下:

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun

2、也可以使用国内 daocloud 一键安装命令:

curl -sSL https://get.daocloud.io/docker | sh

docker 卸载:

1.杀死docker有关的容器

docker kill $(docker ps -a -q)

2.删除所有docker容器:

docker rm $(docker ps -a -q)

3.删除所有docker镜像:

docker rmi $(docker images -q)

4.停止 docker 服务:

systemctl stop docker

5、删除安装包:

yum remove docker-ce

6、删除docker相关存储目录

rm -rf /var/lib/docker

7、检查docker相关目录是否删除完毕

yum list installed | grep docker

8、删除docker相关目录

yum remove xxxx

安装 Docker Engine-Community:

  1. 设置仓库
  2. 安装 Docker Engine-Community
#1、设置仓库
sudo yum-config-manager \
    --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    
#2、安装 Docker Engine-Community
sudo yum install docker-ce docker-ce-cli containerd.io

启动仓库:

#1、启动仓库
sudo systemctl start docker

测试:

#1、查看版本
docker --version

#2、通过运行 hello-world 镜像来验证是否正确安装了 Docker Engine-Community 。
sudo docker run hello-world

**报错:**docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock.

原因:好像是设置镜像不对的原因,和没有正常关闭上一个程序的原因

解决:

  • 删除镜像
rm daemon.json
  • 关闭,重启
systemctl stop docker.socket
sudo systemctl restart docker
#查看
docker ps
#or
ps -ef|grep docker

镜像加速

登录阿里云,找到工作台,容器服务,镜像加速

#1
sudo systemctl restart dockersudo mkdir -p /etc/docker
#2
sudo tee /etc/docker/daemon.json <<-'EOF'
#3
{
  "registry-mirrors": ["https://j8uvaeem.mirror.aliyuncs.com"]
}
EOF
#4
sudo systemctl daemon-reload
#5
sudo systemctl restart docker

启动流程

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-5084DHPB-1668067861160)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220602130517896.png)]

运行原理

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-hKzXYsNa-1668067861163)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220602130626523.png)]

docker整体架构

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-NA56itaa-1668067861164)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220602130758029.png)]

docker命令

docker文档

官网的doc文档

https://docs.docker.com/engine/reference/commandline/docker/

基本命令

docker version          #查看docker的版本信息
docker info             #查看docker的系统信息,包括镜像和容器的数量
docker 命令 --help       #帮助命令(可查看可选的参数)
docker COMMAND --help

示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker --help

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands: #可选参数
  app*        Docker App (Docker Inc., v0.9.1-beta3)
  builder     Manage builds
  buildx*     Docker Buildx (Docker Inc., v0.8.2-docker)
  config      Manage Docker configs
  container   Manage containers
  context     Manage contexts
  image       Manage images
  manifest    Manage Docker image manifests and manifest lists
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  scan*       Docker Scan (Docker Inc., v0.17.0)
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:			#可选参数
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

To get more help with docker, check out our guides at https://docs.docker.com/go/guides/

镜像命令

docker images					#查看当前服务器/主机的所有镜像
docker images -a  		#显示所有的镜像
docker images -aq			#显示所有镜像的id
docker search 				#搜索镜像
docker pull 镜像名:tag #下载镜像
docker rmi -f  镜像id  #删除镜像

示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images #显示所有的镜像
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
nginx                latest    7425d3a7c478   3 weeks ago     142MB
hello-world          latest    feb5d9fea6a5   8 months ago    13.3kB
nacos/nacos-server   v2.0.3    bdf60dc2ada3   10 months ago   1.05GB

参数介绍:

# 解释:
1.REPOSITORY  镜像的仓库源
2.TAG  镜像的标签
3.IMAGE ID 镜像的id
4.CREATED 镜像的创建时间
5.SIZE 镜像的大小
# 可选参数
-a/--all 列出所有镜像
-q/--quiet 只显示镜像的id
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images -a #显示所有的镜像
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
nginx                latest    7425d3a7c478   3 weeks ago     142MB
hello-world          latest    feb5d9fea6a5   8 months ago    13.3kB
nacos/nacos-server   v2.0.3    bdf60dc2ada3   10 months ago   1.05GB
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images -aq	#显示所有镜像的id
7425d3a7c478
feb5d9fea6a5
bdf60dc2ada3
docker search #搜索镜像
#可选参数
Search the Docker Hub for images
Options:
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print search using a Go template
      --limit int       Max number of search results (default 25)
      --no-trunc        Don't truncate output

示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker search mysql --filter=stars=399	#搜索stars数量大于399的mysq镜像
NAME         DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
mysql        MySQL is a widely used, open-source relation…   12681     [OK]
mariadb      MariaDB Server is a high performing open sou…   4863      [OK]
percona      Percona Server is a fork of the MySQL relati…   579       [OK]
phpmyadmin   phpMyAdmin - A web interface for MySQL and M…   549       [OK]

docker pull 镜像名:tag #下载镜像

示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker pull mysql:5.6
5.6: Pulling from library/mysql
35b2232c987e: Pull complete
fc55c00e48f2: Pull complete
0030405130e3: Pull complete
e1fef7f6a8d1: Pull complete
1c76272398bb: Pull complete
f57e698171b6: Pull complete
f5b825b269c0: Pull complete
dcb0af686073: Pull complete
27bbfeb886d1: Pull complete
6f70cc868145: Pull complete
1f6637f4600d: Pull complete
Digest: sha256:20575ecebe6216036d25dab5903808211f1e9ba63dc7825ac20cb975e34cfcae
Status: Downloaded newer image for mysql:5.6
docker.io/library/mysql:5.6

关于docker的镜像下载,images是分层下载,即同一个images的不同版本会复用一部分的资源;当删除一个版本的时候,复用的资源不会被删除。

示例:

上面下载了mysql5.6,我们再下载一个其他版本的。


#1.删除指定的镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f  镜像id
#2.删除多个镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f  镜像id 镜像id 镜像id
#3.删除全部的镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f  $(docker images -aq) $()以参数的形式

示例:

#
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images	#查看所有镜像
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
nginx                latest    7425d3a7c478   3 weeks ago     142MB
mysql                5.6       dd3b2a5dcb48   5 months ago    303MB
mysql                5.7       c20987f18b13   5 months ago    448MB
hello-world          latest    feb5d9fea6a5   8 months ago    13.3kB
nacos/nacos-server   v2.0.3    bdf60dc2ada3   10 months ago   1.05GB
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker rmi -f dd3b2a5dcb48	#删除mysql5.6
Untagged: mysql:5.6
Untagged: mysql@sha256:20575ecebe6216036d25dab5903808211f1e9ba63dc7825ac20cb975e34cfcae
Deleted: sha256:dd3b2a5dcb48ff61113592ed5ddd762581be4387c7bc552375a2159422aa6bf5
Deleted: sha256:8c5e3b50c7085016b7c692611fdedacba442aa0f4ccf8739f4ecf4d5e49b7d91
Deleted: sha256:2ff31bb829f16adc374868d9ef59254f394816aadfeb6b45da5bec5dcde45540
Deleted: sha256:91bcc75c6967ec46f3f19fa96f248ab3a23589788f9e2c4a1a2e032112def863
Deleted: sha256:127296d2ee30c8716069dc23d015d9ecaa1544d0a2c44712db128ae6a9cb1431
Deleted: sha256:fe36f45d1760f56c23a9957254682d74aa6e7fba931dc8f11addf75684b1aa69
Deleted: sha256:8d6550c8cb1e10f9d0cf1ee3061ecef9e2cb333cdfbf58a02ee27cf2dd5fc35a
Deleted: sha256:64e278d98d2502416e0c55646e919f0080a50f9a342b0e28aa9c43655518d3aa
Deleted: sha256:013f70419be70a06c8e4ce898f2dac82be8749cb9979d9e5b1c98dd82519f627
Deleted: sha256:c49bbc9eeced1247fcd625da3e2c2886e89b15a6264899a9ce32cd21d927912e
Deleted: sha256:031797b961ee18c70bff1f3b53cea52f643dbaef6a5ecb0e98fc2696e8b039a5
Deleted: sha256:2b83e5699838047f936a3875bcce7fe1b169983bf86785ae7519c5bc488558ae
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images	#查看所有镜像
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
nginx                latest    7425d3a7c478   3 weeks ago     142MB
mysql                5.7       c20987f18b13   5 months ago    448MB
hello-world          latest    feb5d9fea6a5   8 months ago    13.3kB
nacos/nacos-server   v2.0.3    bdf60dc2ada3   10 months ago   1.05GB

容器命令

基本容器命令:

docker run [可选参数] 镜像id		#运行镜像
#参数说明
--name="名字"           指定容器名字
-d                     后台方式运行
-it                    使用交互方式运行,进入容器查看内容,可进入容器
-p                     指定容器的端口
( -p ip:主机端口:容器端口  配置主机端口映射到容器端口
  -p 主机端口:容器端口					#常用
  -p 容器端口)
-P                     随机指定端口(大写的P)

docker run -it [镜像ID] /bin/bash		#运行镜像并进入容器
exit 															 #停止并退出容器(后台方式运行则仅退出)
Ctrl+P+Q  												 #不停止容器退出

docker ps # 列出当前正在运行的容器
-a   # 列出所有容器的运行记录
-n=? # 显示最近创建的n个容器
-q   # 只显示容器的编号

docker rm 容器id                 #删除指定的容器,不能删除正在运行的容器,强制删除使用 rm -f
docker rm -f $(docker ps -aq)   #删除所有的容器
docker ps -a -q|xargs docker rm #删除所有的容器

docker start 容器id          #启动容器
docker restart 容器id        #重启容器
docker stop 容器id           #停止当前运行的容器
docker kill 容器id           #强制停止当前容器

docker exec -it  容器id /bin/bash		#进入正在运行的容器,进入容器后开启一个新的终端,可以在里面操作
docker exec -it 44fc0f0582d9 /bin/sh #有的没有 /bin/bash 目录,
docker attach 容器id								#进入容器正在执行的终端,不会启动新的进程

示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps		#查询正在运行的容器
CONTAINER ID   IMAGE                       COMMAND                  CREATED        STATUS        PORTS                    NAMES
619513002a31   nacos/nacos-server:v2.0.3   "bin/docker-startup.…"   33 hours ago   Up 33 hours   0.0.0.0:8848->8848/tcp   nacos

#参数
CONTAINER ID		#容器id
IMAGE						#对应的镜像
COMMAND					#命令
CREATED					#创建时间
STATUS					#状态
PORTS						#端口
NAMES						#容器名

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps -a		#查看所有容器:包括当前正在运行+历史容器
CONTAINER ID   IMAGE                       COMMAND                  CREATED              STATUS                          PORTS                    NAMES
ba7086ca66fe   5d0da3dc9764                "/bin/bash"              About a minute ago   Exited (127) 19 seconds ago                              vigilant_golick
7437293ec0f7   5d0da3dc9764                "/bin/bash"              2 minutes ago        Exited (0) About a minute ago                            eager_goldstine
619513002a31   nacos/nacos-server:v2.0.3   "bin/docker-startup.…"   33 hours ago         Up 33 hours                     0.0.0.0:8848->8848/tcp   nacos
e18232bed91a   hello-world                 "/hello"                 3 weeks ago          Exited (0) 3 weeks ago                                   vigilant_moore
694a6d9a1bac   nginx                       "/docker-entrypoint.…"   3 weeks ago          Created                                                  quizzical_raman
50ac18a9b22e   nginx                       "/docker-entrypoint.…"   3 weeks ago          Created                                                  wizardly_mayer
72782367bfff   hello-world                 "/hello"                 3 weeks ago          Exited (0) 3 weeks ago                                   cranky_albattani
f7eaa44e98d8   hello-world                 "/hello"                 3 weeks ago          Exited (0) 3 weeks ago                                   exciting_villani

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps -a -q		#查看所有容器的容器id
39653c4e51d3
ba7086ca66fe
7437293ec0f7
619513002a31
e18232bed91a
694a6d9a1bac
50ac18a9b22e
72782367bfff
f7eaa44e98d8


[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker exec -it 63e22b2cc91b /bin/sh		#进入正在运行的容器
sh-4.4# ls		#遍历容器文件
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

[root@iZbp18gmxmxwd5c8z9zywiZ home]# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES
63e22b2cc91b   centos    "/bin/sh -c 'while t…"   39 minutes ago   Up 39 minutes             dazzling_montalcini
[root@iZbp18gmxmxwd5c8z9zywiZ home]# docker attach 63e22b2cc91b
hi
hi
hi
hi
hi

疑惑点:

1、突然感觉容器和镜像有点分不清了。

回答:感觉镜像运行的时候,会创建一个容器。

其他命令

语法:

docker logs 容器id [可选参数]					#查看容器日志
docker top 容器id 									#查看容器
docker inspect 容器id								#查看容器元数据信息
docker cp 容器id:文件地址 /主机文件地址 #拷贝容器文件到主机
docker stats 容器id									#查看某个容器占服务器资源情况

查看日志

语法:

docker logs --help		#查看日志帮助文档
#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker logs --help

Usage:  docker logs [OPTIONS] CONTAINER

Fetch the logs of a container

Options:
      --details        Show extra details provided to logs
  -f, --follow         Follow log output 
      --since string   Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
  -n, --tail string    Number of lines to show from the end of the logs (default "all")
  -t, --timestamps     Show timestamps
      --until string   Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
[root@iZbp18gmxmxwd5c8z9zywiZ ~]#

参数:

-f			#跟踪日志输出
--since #显示某个开始时间的所有日志
-n			#仅列出最新N条容器日志
--tail	#仅列出最新N条容器日志
-t			#显示时间戳 

示例:

#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker logs -n 10 619513002a31		#输出容器id为:619513002a31的容器的最后10条日志
2022-06-02 14:09:04,519 INFO Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@45e1aa48, org.springframework.security.web.context.SecurityContextPersistenceFilter@76889e60, org.springframework.security.web.header.HeaderWriterFilter@42b28ff1, org.springframework.security.web.csrf.CsrfFilter@66420549, org.springframework.security.web.authentication.logout.LogoutFilter@3e104d4b, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@6c15e8c7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@6b3f6585, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@12c60152, org.springframework.security.web.session.SessionManagementFilter@718dbd79, org.springframework.security.web.access.ExceptionTranslationFilter@6cd56321]

2022-06-02 14:09:04,658 INFO Initializing ExecutorService 'taskScheduler'

2022-06-02 14:09:04,685 INFO Exposing 16 endpoint(s) beneath base path '/actuator'

2022-06-02 14:09:04,869 INFO Tomcat started on port(s): 8848 (http) with context path '/nacos'

2022-06-02 14:09:04,884 INFO Nacos started successfully in stand alone mode. use embedded storage

#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker logs --tail 10 619513002a31		#输出容器id为:619513002a31的容器的最后10条日志
2022-06-02 14:09:04,519 INFO Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@45e1aa48, org.springframework.security.web.context.SecurityContextPersistenceFilter@76889e60, org.springframework.security.web.header.HeaderWriterFilter@42b28ff1, org.springframework.security.web.csrf.CsrfFilter@66420549, org.springframework.security.web.authentication.logout.LogoutFilter@3e104d4b, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@6c15e8c7, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@6b3f6585, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@12c60152, org.springframework.security.web.session.SessionManagementFilter@718dbd79, org.springframework.security.web.access.ExceptionTranslationFilter@6cd56321]

2022-06-02 14:09:04,658 INFO Initializing ExecutorService 'taskScheduler'

2022-06-02 14:09:04,685 INFO Exposing 16 endpoint(s) beneath base path '/actuator'

2022-06-02 14:09:04,869 INFO Tomcat started on port(s): 8848 (http) with context path '/nacos'

2022-06-02 14:09:04,884 INFO Nacos started successfully in stand alone mode. use embedded storage

查看元数据

语法:

docker inspect	容器id

语法:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker inspect 619513002a31		#查看容器id为:619513002a31的容器的元数据
[
    {
        "Id": "619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd",	#容器id
        "Created": "2022-06-02T06:08:46.202063833Z",
        "Path": "bin/docker-startup.sh",
        "Args": [],
        "State": {																																#容器的状态
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 27299,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2022-06-02T06:08:46.917531072Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "sha256:bdf60dc2ada3ce53a95a577f295f677d8e8aa02f3a7757c03c86ea58ae4a8234",	#容器对应的镜像
        "ResolvConfPath": "/var/lib/docker/containers/619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd/hostname",
        "HostsPath": "/var/lib/docker/containers/619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd/hosts",
        "LogPath": "/var/lib/docker/containers/619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd/619513002a31d969d36953c1ef8142b59b0ce6816e469277e8d9e9efaaba76bd-json.log",
        "Name": "/nacos",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {
                "8848/tcp": [
                    {
                        "HostIp": "",
                        "HostPort": "8848"
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "host",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/cd8487b58a5c05874690a3cc2b5412b86313fdbc2c8805dee037e06753c5d03d-init/diff:/var/lib/docker/overlay2/1aeee3976ae049c7f673e85a6e6d4d71bf98b2569987b9218de8493de82526d6/diff:/var/lib/docker/overlay2/9935292c70ce8b14414f257296a64a779fd665667ecf1f13f2919f149c6ab2aa/diff:/var/lib/docker/overlay2/ff5be5b35dee244b0d12542b8ba3fdae35eb8b29bcffb3098fc5790232b5f94b/diff:/var/lib/docker/overlay2/677883d198ba1e74d54e7fb5ad35e306911ab7984c496fb32480a2d7720441aa/diff:/var/lib/docker/overlay2/59d3c6a7fa79a47420de4a38986403f5c22c37e8b1f307c7e9f5967135f05fb2/diff:/var/lib/docker/overlay2/98917a8a481dc65184e34fe9a54732d49fbe0cb6e12fea12a7fdfadfce229f15/diff:/var/lib/docker/overlay2/07128d85c933d0aead75d8758f6693919201946b151640e3213993f6b76c226b/diff:/var/lib/docker/overlay2/1d0a8777b606ff8a90c73edfc222df95752ea0a8353cc9ae0935333695aa4dc1/diff:/var/lib/docker/overlay2/c1d864cc32770698cf69de645b4ec62812e0b36f2940a8b1dac17d169d4c59aa/diff",
                "MergedDir": "/var/lib/docker/overlay2/cd8487b58a5c05874690a3cc2b5412b86313fdbc2c8805dee037e06753c5d03d/merged",
                "UpperDir": "/var/lib/docker/overlay2/cd8487b58a5c05874690a3cc2b5412b86313fdbc2c8805dee037e06753c5d03d/diff",
                "WorkDir": "/var/lib/docker/overlay2/cd8487b58a5c05874690a3cc2b5412b86313fdbc2c8805dee037e06753c5d03d/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "619513002a31",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "8848/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "MODE=standalone",
                "NACOS_SERVER_IP=192.168.31.196",
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "PREFER_HOST_MODE=ip",
                "BASE_DIR=/home/nacos",
                "CLASSPATH=.:/home/nacos/conf:",
                "CLUSTER_CONF=/home/nacos/conf/cluster.conf",
                "FUNCTION_MODE=all",
                "JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk",
                "NACOS_USER=nacos",
                "JAVA=/usr/lib/jvm/java-1.8.0-openjdk/bin/java",
                "JVM_XMS=1g",
                "JVM_XMX=1g",
                "JVM_XMN=512m",
                "JVM_MS=128m",
                "JVM_MMS=320m",
                "NACOS_DEBUG=n",
                "TOMCAT_ACCESSLOG_ENABLED=false",
                "TIME_ZONE=Asia/Shanghai"
            ],
            "Cmd": null,
            "Image": "nacos/nacos-server:v2.0.3",
            "Volumes": null,
            "WorkingDir": "/home/nacos",
            "Entrypoint": [
                "bin/docker-startup.sh"
            ],
            "OnBuild": null,
            "Labels": {
                "org.label-schema.schema-version": "= 1.0     org.label-schema.name=CentOS Base Image     org.label-schema.vendor=CentOS     org.label-schema.license=GPLv2     org.label-schema.build-date=20180531",
                "org.opencontainers.image.created": "2021-07-31T10:05:17.868Z",
                "org.opencontainers.image.description": "This project contains a Docker image meant to facilitate the deployment of Nacos .",
                "org.opencontainers.image.licenses": "",
                "org.opencontainers.image.revision": "3ecf3cd381938b61cbb4d565dd7f1cc2320ea5ee",
                "org.opencontainers.image.source": "https://github.com/nacos-group/nacos-docker",
                "org.opencontainers.image.title": "nacos-docker",
                "org.opencontainers.image.url": "https://github.com/nacos-group/nacos-docker",
                "org.opencontainers.image.version": "v2.0.3"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "3af627a70c3fc3bbc06220fd89d46a639fb73e585be83e65b35cca3fb0b3bb0d",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {
                "8848/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "8848"
                    }
                ]
            },
            "SandboxKey": "/var/run/docker/netns/3af627a70c3f",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "68c86f2e386cf9b868254bde23c9ead9922f9e1c17c0db05bafc94f0299f62c1",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "ef6ad8982d137fda37974082c9e6a935a61fe51eede3757141b118468dfc9da8",
                    "EndpointID": "68c86f2e386cf9b868254bde23c9ead9922f9e1c17c0db05bafc94f0299f62c1",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }
        }
    }
]

查看容器的进行信息

语法:

docker top 容器id

示例:

#示例
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker top 619513002a31		#查看容器id为:619513002a31的容器中进程的信息
UID                 PID                 PPID                C                   STIME               TTY                           
root                27299               27280               0                   Jun02               ?                    

拷贝容器的文件到主机

语法:

docker cp 容器id:容器内路径 目的主机路径

示例:

#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps		#查看运行中的容器
CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS              PORTS     NAMES
63e22b2cc91b   centos    "/bin/sh -c 'while t…"   About a minute ago   Up About a minute             dazzling_montalcini
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker exec -it 63e22b2cc91b /bin/sh	#进入运行中的容器
sh-4.4# ls		#遍历容器的文件
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
sh-4.4# cd home/		#进入到home文件中
sh-4.4# touch test.java		#创建test.java文件
sh-4.4# ll
sh: ll: command not found
sh-4.4# ls		#遍历home文件夹
test.java
sh-4.4# exit		#退出容器
exit
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# dockerps
-bash: dockerps: command not found
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED         STATUS         PORTS     NAMES
63e22b2cc91b   centos    "/bin/sh -c 'while t…"   2 minutes ago   Up 2 minutes             dazzling_montalcini
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker cp 63e22b2cc91b:/home/test.java /home		#拷贝容器文件到主机中
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# cd ..
[root@iZbp18gmxmxwd5c8z9zywiZ /]# ll
total 68
lrwxrwxrwx.   1 root root     7 Apr 26  2020 bin -> usr/bin
dr-xr-xr-x.   5 root root  4096 Apr 26  2020 boot
drwxr-xr-x   19 root root  2980 Oct 29  2021 dev
drwxr-xr-x.  85 root root  4096 Jun  4 12:06 etc
drwxr-xr-x.   5 root root  4096 Jun  4 14:56 home
lrwxrwxrwx.   1 root root     7 Apr 26  2020 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Apr 26  2020 lib64 -> usr/lib64
drwx------.   2 root root 16384 Apr 26  2020 lost+found
drwxr-xr-x.   2 root root  4096 Apr 11  2018 media
drwxr-xr-x.   2 root root  4096 Apr 11  2018 mnt
drwxr-xr-x.   7 root root  4096 May 12 09:35 opt
drwxr-xr-x    2 root root  4096 Feb 22  2021 patch
dr-xr-xr-x  122 root root     0 Feb 22  2021 proc
dr-xr-x---.  10 root root  4096 May 12 10:12 root
drwxr-xr-x   27 root root   800 Jun  1 23:52 run
lrwxrwxrwx.   1 root root     8 Apr 26  2020 sbin -> usr/sbin
drwxr-xr-x.   2 root root  4096 Apr 11  2018 srv
dr-xr-xr-x   13 root root     0 Mar 27 09:25 sys
drwxrwxrwt.  10 root root  4096 Jun  4 14:55 tmp
drwxr-xr-x.  14 root root  4096 Dec 13  2016 usr
drwxr-xr-x.  19 root root  4096 Feb 22  2021 var
drwxr-xr-x    7 root root  4096 Apr  6  2021 www
[root@iZbp18gmxmxwd5c8z9zywiZ /]# cd home/
[root@iZbp18gmxmxwd5c8z9zywiZ home]# ls
es  redis  test.java  www

shell脚本

语法:

-c ""

示例:

#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d centos /bin/sh -c "while true;do echo hi;sleep 5;done"
63e22b2cc91bed3a9677de214b6faedb439fd4dd7eadf2270de1bba0161e3ca5

docker命令总结

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-7MZgSWby-1668067861165)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220604160001925.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-EOMa8wcw-1668067861166)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220604153839815.png)]

docker练习

docker练习题

安装nginx并启动

流程:

1、docker search nginx																												#查找nginx镜像
2、docker pull nginx																													#下载nginx镜像
3、docker run -d --name nginxName(容器名) -p 8887(主机端口):80(nginx默认端口) 镜像	 #运行nginx镜像
4、docker ps																																	#查看正在运行的容器
5、curl localhost:8887																												#本机访问运行
6、docker stop 容器id																												 #暂停容器

示例:

#1、下载nginx镜像
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker pull  nginx		
Using default tag: latest
latest: Pulling from library/nginx
a2abf6c4d29d: Pull complete
a9edb18cadd1: Pull complete
589b7251471a: Pull complete
186b1aaa4aa6: Pull complete
b4df32aa5a72: Pull complete
a0bcbecc962e: Pull complete
Digest: sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest

#2、运行nginx镜像
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d --name nginx02 -p 8001:80 nginx
c202334ac664c0373ea8313b4b0ffb75143080fa73bfae0063dbb9963265dbf3

#3、查看正在运行的容器
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS              PORTS                  NAMES
c202334ac664   nginx     "/docker-entrypoint.…"   About a minute ago   Up About a minute   0.0.0.0:8001->80/tcp   nginx02

#4、本机访问运行
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# curl localhost:8001
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

#5、暂停容器
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker stop c202334ac664
c202334ac664

思考问题:

1、现在我们每次改动nginx配置文件,都需要进入容器内部,十分麻烦,有没有在外部修改同步到内部?

​ 在容器外部提供一个映射路径,实现在容器外部修改文件,容器内部可以自动修改。-v 数据卷

安装tomcat并启动

流程:

docker search tomcat																							#1、搜索tomcat镜像
docker pulll tomcat9.0																						#2、安装tomcat镜像
docker run -it --rm -p 39000:8080 --name tomcat05  b8e65a4d736d		#3、运行tomcat镜像
docker ps																													#4、运行中的容器
curl localhost:8080																								#5、本机测试

示例:

#1、安装tomcat镜像
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker pull tomcat:9.0
9.0: Pulling from library/tomcat
0e29546d541c: Pull complete
9b829c73b52b: Pull complete
cb5b7ae36172: Pull complete
6494e4811622: Pull complete
668f6fcc5fa5: Pull complete
dc120c3e0290: Pull complete
8f7c0eebb7b1: Pull complete
77b694f83996: Pull complete
7662046c36cb: Pull complete
b93639122cb4: Pull complete
Digest: sha256:cd96d4f7d3f5fc4d3bc1622ec678207087b8215d55021a607ecaefba80b403ea
Status: Downloaded newer image for tomcat:9.0
docker.io/library/tomcat:9.0

#2、运行tomcat镜像
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -it --rm -p 39000:8080 --name tomcat05  b8e65a4d736d
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /usr/local/openjdk-11
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
Using CATALINA_OPTS:

#3、运行中的容器
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps
CONTAINER ID   IMAGE          COMMAND             CREATED         STATUS         PORTS                     NAMES
d297d9bbfe24   b8e65a4d736d   "catalina.sh run"   7 seconds ago   Up 6 seconds   0.0.0.0:39000->8080/tcp   tomcat05

#4、本机测试
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# curl localhost:39000


#5、浏览器测试

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-n05Pv8pg-1668067861167)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220604211107367.png)]

注意点:

#1、--rm
运行完就删除容器,如果没有加`--rm`命令,容器创建以后,即时停止运行了,依然会存在。
#2、docker中的linux命令少了

#3、tomcat镜像中webapps文件夹没有文件,但是有个webapp.dist文件夹,其中webapps所需文件都有
cp -r 复制文件目录 目标文件目录 	#复制文件

#4、阿里云镜像的原因,默认是最小镜像原则,所有不必须的都剔除掉,只保证最小运行环境。

思考问题:

2、部署项目以后,每次修改都要进入到容器内部,十分麻烦。

​ 在容器外部提供一个映射路径,wabapps, 我们在容器外部放置项目,自动同步到容器内部。

部署es + kibana

注意:

#1、下载es						
#2、运行es
#3、验证是否运行成功

示例:

#1、下载es	运行es
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d --rm --name elasticsearch02 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms128m -Xmx512m" elasticsearch:7.6.2
80d48f71d30619711f597e3975b2da32fb9c56deab3901bef4ce7b157c34b362
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps
CONTAINER ID   IMAGE                 COMMAND                  CREATED         STATUS         PORTS                                            NAMES
80d48f71d306   elasticsearch:7.6.2   "/usr/local/bin/dock…"   6 seconds ago   Up 5 seconds   0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp   elasticsearch02

#2、查看状态 docker stats
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker stats 80d48f71d306
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.00%     420.1MiB / 1.694GiB   24.22%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.59%     414.8MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.59%     414.8MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   4.13%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   4.13%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.31%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.31%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.31%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.38%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.38%     414.9MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT   MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.86%     415MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT   MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.86%     415MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT   MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.47%     415MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT   MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.47%     415MiB / 1.694GiB   23.92%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   2.35%     415.1MiB / 1.694GiB   23.93%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   2.35%     415.1MiB / 1.694GiB   23.93%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.36%     415.1MiB / 1.694GiB   23.93%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.36%     415.1MiB / 1.694GiB   23.93%    0B / 0B   119MB / 729kB   43
CONTAINER ID   NAME              CPU %     MEM USAGE / LIMIT     MEM %     NET I/O   BLOCK I/O       PIDS
80d48f71d306   elasticsearch02   0.48%     415.2MiB / 1.694GiB   23.93%    0B / 0B   119MB / 729kB   43
^C
[root@iZbp18gmxmxwd5c8z9zywiZ ~]#
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps
CONTAINER ID   IMAGE                 COMMAND                  CREATED          STATUS          PORTS                                            NAMES
80d48f71d306   elasticsearch:7.6.2   "/usr/local/bin/dock…"   40 seconds ago   Up 39 seconds   0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp   elasticsearch02

#3、本机测试
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# curl localhost:9200
{
  "name" : "80d48f71d306",
  "cluster_name" : "docker-cluster",
  "cluster_uuid" : "Fm9wyHx5S4qFZUOFGzomrg",
  "version" : {
    "number" : "7.6.2",
    "build_flavor" : "default",
    "build_type" : "docker",
    "build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
    "build_date" : "2020-03-26T06:34:37.794943Z",
    "build_snapshot" : false,
    "lucene_version" : "8.4.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

问题:

3、kibana如何和es连接

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-6mFIq7fg-1668067861168)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220604215313920.png)]

docker端口暴露原理

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-HNiCoSU8-1668067861168)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220604215407084.png)]

docker图形化管理工具

portainer

命令:

docker search portainer/portainer		#1、搜索docker镜像
docker pull portainer/portainer			#2、下载docker镜像
docker run -d --name portainerUI -p 7000:9000 -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer		#3、运行镜像
curl localhost:7000									#4、本机访问
http://47.114.78.89:7000						#5、浏览器访问

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-NBJOZ755-1668067861169)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605150425203.png)]

docker镜像讲解

镜像是什么

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-44eEXpua-1668067861169)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605144919638.png)]

docker镜像的加载原理

unionFS(联合文件系统)

  • 联合文件系统(UnionFS)是一种分层,轻量级并且高性能的文件系统,它支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同目录挂载到同一个虚拟文件系统下。联合文件系统是docker镜像的基础。镜像可以通过分层来进行继承,基于基础镜像(没有父镜像),可以制作各种具体的应用镜像。
  • 特性:一次同时加载多个文件系统,但从外面看起来只能看到一个文件系统。联合加载会把各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录。

镜像加载原理

docker镜像实际由一层一层的文件系统组成:

  • bootfs(boot file system)主要包含bootloader和kernel(内核)。bootloader主要是引导加载kernel,完成后整个内核就在内存中了。此时内存的使用权由bootfs转交给内核,系统卸载bootfs。可以被不同的linux发行版公用。
  • rootfs(root file system),包含典型linux系统中的/dev,/proc, /bin, /etc等标准目录和文件。rootfs就是不同操作系统发行版(ubuntu ,centos等)。因为底层直接使用host的kernel,rootfs只包含最基本的命令,工具和程序就可以了。

分层理解

分层理解

​ 所有的docker镜像都始于一个基础镜像,当进行修改或者增加新的内容的时候时,就会在当前镜像层之上,创建新的镜像层。

​ 容器在启动时会在镜像最外层上建立一层可读写的容器层(R/W) ,而镜像层是只读的(R/O)。

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-uKZgG41q-1668067861174)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605151829927.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-laeIhqN5-1668067861175)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605152141219.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-d9Jus9Js-1668067861175)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605152345116.png)]

commit镜像

语法:

docker commit			#提交容器成为一个新的副本
docker commit -m="描述" -a="作者" 容器id 目标镜像名:[tag(版本)]		#提交镜像

流程:

#1、启动一个默认的tomcat
#2、发现这个默认的comcat是没有webapps文件的,镜像的原因,官方默认的镜像是没有的。
#3、我们自己拷贝进去基本的文件
#4、将我们修改过的镜像通过commit提交为一个镜像,我们之后就可以使用我们修改过的镜像即可。

示例:

#示例:
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker ps		#查看容器id
CONTAINER ID   IMAGE        COMMAND             CREATED         STATUS         PORTS                            NAMES
5122b5815bb0   tomcat:9.0   "catalina.sh run"   7 minutes ago   Up 7 minutes   8080/tcp, 0.0.0.0:7001->80/tcp   tomcat9

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker commit -m="add tomcat9.0 webapps" -a="pengzhang" 5122b5815bb0 tomcatzp:1.0	#提交镜像
sha256:9069a94fb3378ba7fd83e3897ba690470b8d186d401909f906d8e8c03a734b46
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker images			#查看镜像
REPOSITORY            TAG       IMAGE ID       CREATED         SIZE
tomcatzp              1.0       9069a94fb337   8 seconds ago   685MB	#提交的镜像
nginx                 latest    605c77e624dd   5 months ago    141MB
tomcat                9.0       b8e65a4d736d   5 months ago    680MB	#原本的镜像
tomcat                latest    fb5657adc892   5 months ago    680MB
mysql                 5.7       c20987f18b13   5 months ago    448MB
hello-world           latest    feb5d9fea6a5   8 months ago    13.3kB
centos                latest    5d0da3dc9764   8 months ago    231MB
nacos/nacos-server    v2.0.3    bdf60dc2ada3   10 months ago   1.05GB
portainer/portainer   latest    580c0e4e98b0   14 months ago   79.1MB
elasticsearch         7.6.2     f29a1ee41030   2 years ago     791MB

容器数据卷

简单来讲容器数据卷就是使容器内的数据与容器外部数据的同步操作;简称挂载;或者称之为数据同步

  • 数据同步
  • 数据持久化

挂载

挂载

命令:

-v	#挂载参数
docker run -it -v /主机内目录:/容器内部目录 镜像名/id	#挂载实际应用

示例:

#1、挂载
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -it -v /home/test:/home centos

#2、查看
[root@iZbp18gmxmxwd5c8z9zywiZ test]# docker inspect 7b132bb4961d
···
"Mounts": [
            {
                "Type": "bind",
                "Source": "/home/test",		#主机目录
                "Destination": "/home",		#容器目录
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],

要点:

  • 建立挂载关系之后,容器和服务器之间就建立了管理,具有双向修改的功能。即在一方发生的修改在另一方也会生效

实战:mysql

流程

#下载镜像
docker pull mysql:5.7

#运行镜像,同时要做数据挂载,以及设置密码
#官方命令:docker run --name mysqlName -e MYSQL_ROOT_PASSWORD=密码 -d mysql:tag

#启动
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d -p 7003:3306 -v /home/mysql/con:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7
10ebc026741ec78298e01fbd38e16513f55defe2622419bed81a731376471271

#数据库管理服务连接 ip+7003端口测试一下

#查看主机挂载是否成功

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Sbp9PUsP-1668067861176)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605194653059.png)]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-CLnNeKOO-1668067861176)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605194852265.png)]

实现容器数据的持久化;即挂载到本地

具名和匿名挂载

命令:

docker run -d -v /容器内部目录 镜像名/id 				#匿名挂载
docker run -d -v 挂载名:/容器内部目录 镜像名/id		#具名挂载
docker run -d -v /主机目录:/容器内部目录 镜像名/id	#路径挂载
docker run -d -v /主机目录:/容器内部目录:ro/rw 镜像名/id	#容器读写权限
ro read only:只读
rw read write:读写
#容器权限是针对容器的 

挂载语法

docker volume [命令]		#docker挂载语法
#查看挂载帮助文档
[root@iZbp18gmxmxwd5c8z9zywiZ con]# docker volume --help

Usage:  docker volume COMMAND

Manage volumes

Commands:
  create      Create a volume
  inspect     Display detailed information on one or more volumes
  ls          List volumes
  prune       Remove all unused local volumes
  rm          Remove one or more volumes

Run 'docker volume COMMAND --help' for more information on a command.


#查看docker挂载列表
[root@iZbp18gmxmxwd5c8z9zywiZ con]# docker volume ls
DRIVER    VOLUME NAME
local     5de579f13cf2c72cf6779c7bf6fa0d2f30ebb861e1e0e4369470c68944962d6d
local     7d586d9abdf7eee2106bc03b35348514a8b52dd76528e55ccdadb0251b1d6037
local     87c6a614d35dea886f035100422311435a61cc9ad056c36dd7cb0911704c5238


#查看某个挂载的元数据
[root@iZbp18gmxmxwd5c8z9zywiZ con]# docker volume inspect 7d586d9abdf7eee2106bc03b35348514a8b52dd76528e55ccdadb0251b1d6037
[
    {
        "CreatedAt": "2022-06-05T14:30:06+08:00",
        "Driver": "local",
        "Labels": null,
        "Mountpoint": "/var/lib/docker/volumes/7d586d9abdf7eee2106bc03b35348514a8b52dd76528e55ccdadb0251b1d6037/_data",
        "Name": "7d586d9abdf7eee2106bc03b35348514a8b52dd76528e55ccdadb0251b1d6037",
        "Options": null,
        "Scope": "local"
    }
]

注意点:

  • /var/lib/docker/volumes/这是docker挂载的地址,所有的挂载都在该目录下:(路径挂载不在)。

数据卷容器

容器与容器之间数据同步

比如:多个mysql之间数据同步

命令:

docker run -it --name container02 --volumes from container01 镜像名/id  # 将两个容器进行挂载

示例:

 docker run -d -p 3310:3306 -v /etc/mysql/conf.d -v /var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7	#启动容器mysql01
 
 docker run -d -p 3310:3306 -e MYSQL_ROOT_PASSWORD=123456	--name mysql02 --volumes-from mysql01 mysql:5.7	#启动容器mysql02,挂载到容器mysql01,mysql01就作为数据卷容器;mysql01(主) ,mysql02(从)

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-xhCd2Hu8-1668067861177)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220605204926496.png)]


dockerFile

dockerfile就是用来构建docker镜像文件,就是命令参数脚本

构建步骤

1、编写一个dockerfile文件

2、docker build 构建成为一个镜像

3、docker run 运行镜像

4、docker push 发布镜像(docker hub,阿里云镜像仓库)

构建dockerFile

命令:

#1、编写dockerFile文件(docker脚本)
docker build -f 文件路径 -t 镜像名:[tag]	.  #构建命令 最后的 `.` 不要忘记
docker run		#运行镜像
docker push		#发布镜像

示例:

#在home目录下创建一个 dockerFile文件夹
[root@iZbp18gmxmxwd5c8z9zywiZ home]# mkdir dockerFile
[root@iZbp18gmxmxwd5c8z9zywiZ home]# ll
total 24
drwxr-xr-x 2 root  root  4096 Jun  5 20:40 dockerFile
drwx------ 3 es    es    4096 May 15 02:26 es
drwxr-xr-x 4 root  root  4096 Jun  5 19:38 mysql
drwx------ 2 redis redis 4096 Apr 11  2021 redis
drwxr-xr-x 2 root  root  4096 Jun  5 17:00 test
-rw-r--r-- 1 root  root     0 Jun  4 14:55 test.java
drwx------ 3 www   www   4096 Feb 22  2021 www
[root@iZbp18gmxmxwd5c8z9zywiZ home]# cd dockerFile/

#创建dockerFile脚本
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# vi dockerfile01
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# ls
dockerfile01

#构建自定义镜像
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker build -f /dockerfile01 -t mydocker .
unable to prepare context: unable to evaluate symlinks in Dockerfile path: lstat /dockerfile01: no such file or directory
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker build -f ./dockerfile01 -t mydocker .
Sending build context to Docker daemon  2.048kB
Step 1/3 : FROM centos
 ---> 5d0da3dc9764
Step 2/3 : CMD /bin/bash
 ---> Running in 9241424dfe80
Removing intermediate container 9241424dfe80
 ---> 343277655f00
Step 3/3 : CMD echo hello dockerFile
 ---> Running in 078d6645776b
Removing intermediate container 078d6645776b
 ---> 7accbd10bc27
Successfully built 7accbd10bc27
Successfully tagged mydocker:latest

#查看镜像
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker images
REPOSITORY            TAG       IMAGE ID       CREATED          SIZE
mydocker              latest    7accbd10bc27   11 seconds ago   231MB
tomcatzp              1.0       9069a94fb337   5 hours ago      685MB
nginx                 latest    605c77e624dd   5 months ago     141MB
tomcat                9.0       b8e65a4d736d   5 months ago     680MB
tomcat                latest    fb5657adc892   5 months ago     680MB
mysql                 5.7       c20987f18b13   5 months ago     448MB
hello-world           latest    feb5d9fea6a5   8 months ago     13.3kB
centos                latest    5d0da3dc9764   8 months ago     231MB
nacos/nacos-server    v2.0.3    bdf60dc2ada3   10 months ago    1.05GB
portainer/portainer   latest    580c0e4e98b0   14 months ago    79.1MB
elasticsearch         7.6.2     f29a1ee41030   2 years ago      791MB
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker ps
CONTAINER ID   IMAGE       COMMAND                  CREATED             STATUS             PORTS                               NAMES
10ebc026741e   mysql:5.7   "docker-entrypoint.s…"   About an hour ago   Up About an hour   33060/tcp, 0.0.0.0:7003->3306/tcp   mysql01
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker stop 10ebc026741e
10ebc026741e
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# ls
dockerfile01

#运行镜像
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker run -it 7accbd10bc27
hello dockerFile
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

docker file脚本

FROM centos
VOLUME ["volume01","volume02"]
CMD echo "hello dockerFile"
CMD /bin/bash
#注意命令必须全部大写

dockerFile命令

#命令	       效果
FROM				#基础镜像:Centos/Ubuntu
MAINTAINER	#镜像作者+邮箱
RUN					#镜像构建的时候需要运行的命令 run
ADD					#为镜像添加内容(压缩包),就是添加镜像
WORKDIR			#镜像工作目录(进入容器时的目录)
VOLUME			#挂载的目录 -v
EXPOSE			#暴露端口配置 -p
CMD/ENTRYPOINT	#指定这个容器启动时要运行的命令(CMD替代先前命令,ENTRYPOINT在先前命令后追加)
ONBUILD 		#当构建一个被继承 dockerFile 这个时候就会运行	ONBUILD 的指令,触发指令。 build
COPY				#类似于ADD,将文件拷贝到镜像中 
ENV					#构建时设置环境变量	-e 

CMD/ENTRYPOINT的区别

测试CMD:

#1、dockerfile脚本
FROM  centos
CMD ["ls","-a"]

#2、构建
docker build -f ./dockerfile-cmd -t docker-cmd .

#3、运行镜像
docker run 镜像id

#4、追加命令
docker run 镜像id -l

#报错
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker run 3471b8e06cad -l
docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "-l": executable file not found in $PATH: unknown.
ERRO[0000] error waiting for container: context canceled

#说明cmd对追加的命令是替换

测试ENTRYPOINT:

#1、dockerfile脚本
FROM  centos
ENTRYPOINT ["ls","-a"]

#2、构建
docker build -f ./dockerfile-entrypoint -t docker-entrypoint .

#3、运行镜像
docker run 镜像id

#4、追加命令
docker run 镜像id -l

#正常运行
[root@iZbp18gmxmxwd5c8z9zywiZ dockerFile]# docker run a29290089568 -l
total 56
drwxr-xr-x   1 root root 4096 Jun  7 05:08 .
drwxr-xr-x   1 root root 4096 Jun  7 05:08 ..
-rwxr-xr-x   1 root root    0 Jun  7 05:08 .dockerenv
lrwxrwxrwx   1 root root    7 Nov  3  2020 bin -> usr/bin
drwxr-xr-x   5 root root  340 Jun  7 05:08 dev
drwxr-xr-x   1 root root 4096 Jun  7 05:08 etc
drwxr-xr-x   2 root root 4096 Nov  3  2020 home
lrwxrwxrwx   1 root root    7 Nov  3  2020 lib -> usr/lib
lrwxrwxrwx   1 root root    9 Nov  3  2020 lib64 -> usr/lib64
drwx------   2 root root 4096 Sep 15  2021 lost+found
drwxr-xr-x   2 root root 4096 Nov  3  2020 media
drwxr-xr-x   2 root root 4096 Nov  3  2020 mnt
drwxr-xr-x   2 root root 4096 Nov  3  2020 opt
dr-xr-xr-x 129 root root    0 Jun  7 05:08 proc
dr-xr-x---   2 root root 4096 Sep 15  2021 root
drwxr-xr-x  11 root root 4096 Sep 15  2021 run
lrwxrwxrwx   1 root root    8 Nov  3  2020 sbin -> usr/sbin
drwxr-xr-x   2 root root 4096 Nov  3  2020 srv
dr-xr-xr-x  13 root root    0 Mar 27 01:25 sys
drwxrwxrwt   7 root root 4096 Sep 15  2021 tmp
drwxr-xr-x  12 root root 4096 Sep 15  2021 usr
drwxr-xr-x  20 root root 4096 Sep 15  2021 var

#说明entrypoint对追加的命令是追加

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-WBjs269z-1668067861178)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220606132011848.png)]

构建过程

  • 每个保留关键字(指令)都必须是大写字母
  • 从上到下的顺序执行
  • “#”表示注解
  • 每个指令都会创建提交一个新的镜像层并提交

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-CkW4uY2Q-1668067861178)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220606131555300.png)]

步骤:

  • dockerfile:构建文件,定义了一切的步骤,源代码。
  • dockerImages:通过dockerFile构建生成的镜像,最终发布和运行产品。
  • docker容器:容器就是镜像运行起来提供服务。

构建实例(jdk+tomcat)

构建自己的dockerFile

脚本:

#1、编写dockerfile文件
FROM centos
MAINTAINER pengzhang<263609353@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yun -y install net-tools
EXPOSE 80

CMD echo $MYPATH
CMD echo "---end---"
CMD /bin/bash

#2、构建镜像
docker build 


#3、运行镜像
docker run

问题:

  • MYPATH:不能识别
  • centos8下载问题

制作-tomcat镜像

发布镜像到docker hub

#1、登录/注册 docker hub账号
#在docker官网注册

#2、登录
docker login -u 用户名

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker login -u pengzhang1
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded


#3、打tag
docker tag  镜像[tag] 用户名/镜像[tag]

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker tag 9069a94fb337 pengzhang1/tomcatzp:1.0



#4、推送
docker push 用户名/镜像[tag]

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker push pengzhang1/tomcatzp:1.0
The push refers to repository [docker.io/pengzhang1/tomcatzp]
80cb129f1620: Pushed
f3aba1d63cd2: Pushed
18dd2572fe95: Pushed
59c516e5b6fa: Pushed
3bb5258f46d2: Pushing [====>                                              ]  31.01MB/342.7MB
832e177bb500: Pushed
f9e18e59a565: Pushed
26a504e63be4: Pushing [=====================================>             ]  113.2MB/151.9MB
8bf42db0de72: Pushed
31892cc314cb: Pushed
11936051f93b: Pushing [==========================>                        ]  64.68MB/123.9MB

发布镜像到阿里云容器镜像

docker小结

流程

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-A8ii5CKe-1668067861179)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220608084008849.png)]


docker网络

docker 内部是使用虚拟网卡,网卡采用桥接模式并使用veth-pair技术(veth-pair就是一堆虚拟设备接口,成对出现,一段连着协议,一段彼此相连,充当一个桥梁

我们每次启动一个docker容器,docker就会给容器分配一个默认的可用ip。

docker中所有的网络都是虚拟的,转发效率高,删除容器后,对应的网桥也随之消失。

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-nTZLHvQk-1668067861179)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220609134247808.png)]

查看网络: ip addr

[root@iZbp18gmxmxwd5c8z9zywiZ ~]#  ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000	#本机回环地址
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000	#阿里云内网地址
    link/ether 00:16:3e:17:63:95 brd ff:ff:ff:ff:ff:ff
    inet 172.19.131.114/20 brd 172.19.143.255 scope global dynamic eth0
       valid_lft 274614433sec preferred_lft 274614433sec
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default #docker0 :docker网络(可以理解为路由器,启动一个docker容器就为其分配一个地址。
    link/ether 02:42:a4:b4:43:db brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever

总结

  • 服务器与容器之间可以ping通

docker 网络结构目录:

  • link
  • 自定义网络
  • 网络联通
  • docker 网络高级
  • docker 网络实战

link

实现容器之间可以ping通

命令:

docker run -d -p --name 容器名 --link 容器名 镜像名:[tag]/镜像id		#--link

示例:

# --link 建立连接
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d -p 7003:8080 --name tomcat05 --link tomcat04 tomcatzp:1.0
3596c9a4a599d382fbafd3a89ff2db35bae0f215bf2cf75c05b18d76188527b2

#ping
docker exec -it 容器名 ping 容器名

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker exec -it tomcat05 /bin/bash

root@3596c9a4a599:/usr/local/tomcat# ping tomcat04
PING tomcat04 (172.17.0.3) 56(84) bytes of data.
64 bytes from tomcat04 (172.17.0.3): icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from tomcat04 (172.17.0.3): icmp_seq=2 ttl=64 time=0.064 ms
64 bytes from tomcat04 (172.17.0.3): icmp_seq=3 ttl=64 time=0.067 ms
64 bytes from tomcat04 (172.17.0.3): icmp_seq=4 ttl=64 time=0.072 ms

原理:

#查看容器的配置文件
[root@iZbp18gmxmxwd5c8z9zywiZ ~]#  docker exec -it tomcat05 cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3      tomcat04 abc3f67a3cd9
172.17.0.2      3596c9a4a599

#通过查看容器的配置文件,发现--link只是在容器的配置文件中,写死了对方容器的ip等信息

问题:

发现tomcat镜像没有ip相关命令

#依次执行以下命令
apt-get update

apt install net-tools       # ifconfig 

apt install iputils-ping     # ping

查看docker网络命令

命令:

#查看帮助文档
docker network --help

#查看网络列表
docker network ls

#查看具体的网络
docker network networkId


示例:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
ef6ad8982d13   bridge    bridge    local
8fd220a80151   host      host      local
a62fc3620fe5   none      null      local


link总结:

  • 单向网络,即使用一次link命令在两个容器间建立单向连接
  • link只是在配置文件中添加配置。

自定义网络

查看容器网络:

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
ef6ad8982d13   bridge    bridge    local
8fd220a80151   host      host      local
a62fc3620fe5   none      null      local


docker中的网络模式:

  • bridge:桥接模式(docker默认)
  • host:和宿主机共享网络
  • none:不配置

docker run命令

#容器启动命令
docker run -d -p --name 容器名 镜像名[tag]/镜像id		
#等于
docker run -d -p --name 容器名 -net bridge 镜像名[tag]/镜像id	

#docker run 命令默认带有一个参数 -net bridge 此处的bridge就是docker0。

docker network 命令

可以创建自己的网络(自定义网络)

docker  network create --driver 网络模式 --subnet 子网ip --gateway 网关 网络名   
#docker network 帮助文档
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network --help

Usage:  docker network COMMAND

Manage networks

Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks

Run 'docker network COMMAND --help' for more information on a command.
#创建自定义网络
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network create --driver bridge --subnet 198.168.0.0/16 --gateway 198.168.0.1 newnet
2c9fef5c0a65ceff7ffe9adbc91d6db9a85f5ddbab3b78e77fe654095888c0a0
#查看docker 网络
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
ef6ad8982d13   bridge    bridge    local
8fd220a80151   host      host      local
2c9fef5c0a65   newnet    bridge    local		#我们刚创建的网络
a62fc3620fe5   none      null      local

#查看网络的具体信息
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network inspect 2c9fef5c0a65
[
    {
        "Name": "newnet",
        "Id": "2c9fef5c0a65ceff7ffe9adbc91d6db9a85f5ddbab3b78e77fe654095888c0a0",
        "Created": "2022-06-11T10:02:04.399571277+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "198.168.0.0/16",	#网络的子网初始ip,以及可用范围
                    "Gateway": "198.168.0.1"		#网关
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

测试自定义网络

#启动两个容器

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d -p 7006:8080 --name tomcat06 --net newnet tomcatzp:1.0
d074574228a7dc9df287a1bdef29137346ef8cef3f5ae29df501d621a09d78cd
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker run -d -p 7007:8080 --name tomcat07 --net newnet tomcatzp:1.0
4aefdf68f3e110f396d9cc24d2dd37bfc9ab75927c921c48e767992a4f3ba560

#查看自定义网络元数据

[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker network inspect 2c9fef5c0a65
[
    {
        "Name": "newnet",
        "Id": "2c9fef5c0a65ceff7ffe9adbc91d6db9a85f5ddbab3b78e77fe654095888c0a0",
        "Created": "2022-06-11T10:02:04.399571277+08:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "198.168.0.0/16",
                    "Gateway": "198.168.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
#可以看到这里,两个容器已经加入进了自定义网络
        "Containers": {
            "4aefdf68f3e110f396d9cc24d2dd37bfc9ab75927c921c48e767992a4f3ba560": {
                "Name": "tomcat07",
                "EndpointID": "2f85e9c4665cf0a0cdc7de80b586a286d41909c13a3d1da61f3915abbde5e539",
                "MacAddress": "02:42:c6:a8:00:03",
                "IPv4Address": "198.168.0.3/16",
                "IPv6Address": ""
            },
            "d074574228a7dc9df287a1bdef29137346ef8cef3f5ae29df501d621a09d78cd": {
                "Name": "tomcat06",
                "EndpointID": "c16beb8776cb8cc0e3e9c45ddb85b206e95bfd4ee7504e9f496a5d3ee0b8ddfc",
                "MacAddress": "02:42:c6:a8:00:02",
                "IPv4Address": "198.168.0.2/16",
                "IPv6Address": ""
            }
        },
        "Options": {},
        "Labels": {}
    }
]


#进入容器进行ping操作
[root@iZbp18gmxmxwd5c8z9zywiZ ~]# docker exec -it 4aefdf68f3e1 /bin/bash

#ping ip方式
root@4aefdf68f3e1:/usr/local/tomcat# ping 198.168.0.2
PING 198.168.0.2 (198.168.0.2) 56(84) bytes of data.
64 bytes from 198.168.0.2: icmp_seq=1 ttl=64 time=0.089 ms
64 bytes from 198.168.0.2: icmp_seq=2 ttl=64 time=0.068 ms
64 bytes from 198.168.0.2: icmp_seq=3 ttl=64 time=0.065 ms
64 bytes from 198.168.0.2: icmp_seq=4 ttl=64 time=0.069 ms
64 bytes from 198.168.0.2: icmp_seq=5 ttl=64 time=0.069 ms
64 bytes from 198.168.0.2: icmp_seq=6 ttl=64 time=0.066 ms
64 bytes from 198.168.0.2: icmp_seq=7 ttl=64 time=0.070 ms
64 bytes from 198.168.0.2: icmp_seq=8 ttl=64 time=0.070 ms
^C
--- 198.168.0.2 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7001ms
rtt min/avg/max/mdev = 0.065/0.070/0.089/0.007 ms

#ping 通过容器名方式
root@4aefdf68f3e1:/usr/local/tomcat# ping tomcat06
PING tomcat06 (198.168.0.2) 56(84) bytes of data.
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=1 ttl=64 time=0.072 ms
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=2 ttl=64 time=0.078 ms
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=3 ttl=64 time=0.065 ms
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=4 ttl=64 time=0.064 ms
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=5 ttl=64 time=0.067 ms
64 bytes from tomcat06.newnet (198.168.0.2): icmp_seq=6 ttl=64 time=0.054 ms
^C
--- tomcat06 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5009ms
rtt min/avg/max/mdev = 0.054/0.066/0.078/0.007 ms


网络联通

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-ANOnDuQo-1668067861180)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220611102854202.png)]

解决方案:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-5ibeix0E-1668067861180)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220611103022327.png)]

命令:

docker network connect 网络名 容器名/id

原理:

#其实就是将容器再次添加到目标网络中

docker 网络高级

docker 网络高级目录:

  • docker 网络路由
  • docker 网络网桥
  • docker 网络dns

docker 网络路由
docker 网络网桥
docker 网络dns

docker 网络实战

docker 网络实战目录:

  • redis 集群部署
  • springboot项目部署
  • 同一宿主机下docker容器的通信
  • 不同宿主机docker容器通信
  • docker 容器ping不通宿主机/外网问题

redis集群

springboot项目部署

流程:

#1、项目打包

#2、编写dockerfile

#3、构建镜像

#4、启动容器

示例:

打包项目,编写dockerfile

#dockerfile
FROM java:8

COPY *.jar /app.jar
CMD ["--server.port=9998"]
EXPOSE 9998
ENTRYPOINT ["java","-jar","app.jar"]

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-S3HoEyYJ-1668067861181)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220612145324537.png)]

构建镜像

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-cKA5d1Ni-1668067861181)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220612145426411.png)]

运行容器

#运行容器
[root@iZbp1ajm9b61vz7tp4mnhvZ docker]# docker run -d -p 9998:9998 --name tiktok_weekly tiktok_weelly:1.0
d0bfc306679faa6282fce7c9692175f47d7623aa0e83ff12abfe9048449c5bb0


#检查访问
[root@iZbp1ajm9b61vz7tp4mnhvZ docker]# curl localhost:9998
{"timestamp":"2022-06-12T08:12:03.719+0000","status":404,"error":"Not Found","message":"No message available","path":"/"}[root@iZbp1ajm9b61vz7tp4mnhvZ docker]#




同一宿主机下docker容器的通信

通信方案:


不同宿主机docker容器通信

通信方案:


docker 容器ping不通宿主机/外网问题

问题:

​ docker 容器与数据库建立连接失败,宿主机ip在数据库的白名单中,宿主机连接数据库成功,那么问题就剩docker 容器的网络与数据库是否是通的。启动服务进入容器内部,ping数据库是失败的。

检查流程:

  1. 首先检查宿主机的网络配置
    • 检查网桥:brctl show
    • 检查ip:ip a
    • 检查路由:ip route
  2. 检查容器的网络配置
    • 检查ip:ip a
    • 检查路由:ip route
  3. 检查宿主机的网络配置和容器的网络配置
    1. 检查宿主机的网络配置和容器的网络配置是否有重复的网段
    2. 尝试更换容器使用的网络网段
    3. 重装docker

注意:

  • 修改了docker 的配置后要重启docker systemctl restart docker

docker compose

docker swarm

相当于简单版k8s

CI/CD

  • 持续集成/部署

  • jenkins 流水线

docker 实战

docker实战流程

  1. 编写dockerFile文件
  2. 上传文件(dockerFile文件和jar包)
  3. 构建docker镜像
  4. 运行容器
    1. 包括配置文件,日志文件的数据卷挂载

编写dockerFile文件:

FROM java:8

VOLUME /tmp
COPY *.jar /app.jar
CMD ["--server.port=9998"]
EXPOSE 9998
ENTRYPOINT ["java","-jar","app.jar","-Duser.timezone=GMT+8"]


上传文件:

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-OQPFgRTE-1668067861182)(C:\Users\zp\AppData\Roaming\Typora\typora-user-images\image-20220630161254474.png)]


构建docker镜像:

docker build -t 镜像名[版本号] . #不要忽略最后的 .

运行容器:

docker run -d -p 端口号:端口号 --name 容器名 -v /外部地址:/内部地址 容器id

#实战
docker run -d -p 9998:9998 -v /root/tiktok_weekly/tiktok_weekly_logs:/tiktok_weekly_logs/ -v /root/tiktok_weekly/application.yml:/application.yml --name tiktok_weekly10 e80d9f0f53bb
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值