参考:http://blog.51cto.com/zhengqidaxia/2064671
explain:基本操作
本篇文章只大概讲一下docker的基本的使用方法,关于的命令的具体使用可以去看docker的官网
www.docker.com
准备:rhel7.3系统
内核版本:3.10.0-514.el7.x86_64
RPM包:docker-engine-selinux-1.13.1-1.el7.centos.noarch.rpm
docker-engine-1.13.1-1.el7.centos.x86_64.rpm
安装的时候,会产生依赖性,所以还是要做yum 源,最好使用本地镜像为YUM源,
ip:192.168.122.1
开始:
安装,开启,docker
[root@server ~]# yum install -y docker-engine-selinux-1.13.1-1.el7.centos.noarch.rpm docker-engine-1.10.3-1.el7.centos.x86_64.rpm
[root@server ~]# systemctl start docker
[root@server ~]# docker version
Client:
Version: 1.10.3
API version: 1.22
Go version: go1.5.3
Git commit: 20f81dd
Built: Thu Mar 10 15:39:25 2016
OS/Arch: linux/amd64
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
搭建私有仓库
首先从共有仓库下载一个registry-2.3.1.tar,这个是我使用的版本,其他的版本随意,都可以
[root@server docker]# ll registry-2.3.1.tar
-rw------- 1 westos westos 172359680 Oct 21 2016 registry-2.3.1.tar
[root@server docker]# docker load -i registry-2.3.1.tar ##若是push到的,则不用倒入,若是本地的则需要倒入。
[root@server docker]# docker images ##查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
registry 2.3.1 83139345d017 2 years ago 165.8 MB
[root@server docker]# docker run -d -p 192.168.122.1:5000:5000 --privileged=true -v /opt/registry:/tmp/registry registry:2.3.1 ##运行docker搭建本地仓库的进程
[root@server dock2]# netstat -anplt| grep :5000 ##本地有一个5000端口,且是docker-proxy的
tcp 0 0 192.168.122.1:5000 0.0.0.0:* LISTEN 14936/docker-proxy
到此时本地仓库其实已经搭建完成了,而且是映射到本地的/opt/registry,然后开始上传镜像,我从本地找了一个比较小的镜像用来测试:
[root@server docker]# docker tag swarm 192.168.122.1:5000/swarm ##打成TAG
[root@server docker]# docker push 192.168.122.1:5000/swarm ##上传
The push refers to a repository [192.168.122.1:5000/swarm]
unable to ping registry endpoint https://192.168.122.1:5000/v0/
v2 ping attempt failed with error: Get https://192.168.122.1:5000/v2/: tls: oversized record received with length 20527
v1 ping attempt failed with error: Get https://192.168.122.1:5000/v1/_ping: tls: oversized record received with length 20527
##上传失败了,这个是因为从docker1.3开始,使用HTTPS传东西,本地做的这个只是http协议的,所以无法成功
无法上传的解决办法有两个,第一就是使用HTTPS协议,第二个就是修改docker的配置 ,使其支持http,关于第一种,以后会谈到,这里咱们先使用第二种方法,具体的操作是:
[root@server docker]# vim /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/docker –insecure-registry 192.168.122.1:5000 daemon -H fd:// ##加入红色字体
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
[Install]
WantedBy=multi-user.target
然后reload,重启docker,再次上传
[root@server docker]# docker push 192.168.122.1:5000/swarm ##上传
The push refers to a repository [192.168.122.1:5000/swarm]
Put http://192.168.122.1:5000/v1/repositories/swarm/: dial tcp 192.168.122.1:5000: getsockopt: connection refused
查看镜像
[root@server docker]# curl -XGET http://192.168.122.1:5000/v2/_catalog
{"repositories":["swarm"]}
[root@server docker]# curl -XGET http://192.168.122.1:5000/v2/swarm/tags/list
{"name":"swarm","tags":["latest"]}
拉取镜像
[root@server docker]# docker images ##查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
registry 2.3.1 83139345d017 2 years ago 165.8 MB
[root@server docker]# docker pull 192.168.122.1:5000/swarm ##拉取镜像
Using default tag: latest
latest: Pulling from swarm
ebdacd9e7a15: Pull complete
6c2641119eb3: Pull complete
9cb7e4c1697c: Pull complete
Digest: sha256:240772dd0021ff4d9dbacd0010fb20d237858ede973957165daf74bc951aac2b
Status: Downloaded newer image for 192.168.122.1:5000/swarm:latest
[root@server docker]# docker images ##查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.122.1:5000/swarm latest 59c0df55980b 6 months ago 15.77 MB
registry 2.3.1 83139345d017 2 years ago 165.8 MB
其实除了自己搭建私有的镜像仓库,也有一些共有的镜像仓库可以让我们使用阿里云就有,注册就可以免费使用。
docker常用命令
容器生命周期管理 — docker [run|start|stop|restart|kill|rm|pause|unpause]
容器操作运维 — docker [ps|inspect|top|attach|events|logs|wait|export|port]
容器rootfs命令 — docker [commit|cp|diff]
镜像仓库 — docker [login|pull|push|search]
本地镜像管理 — docker [images|rmi|tag|build|history|save|import]
其他命令 — docker [info|version]
run :创建并启动一个容器
start :启动一个容器
stop:停止一个容器
restar:t 重启一个容器
kill :杀掉一个容器,类似于kill一个进程
rm :删掉一个容器,先停止,再删除
ps :查看当前运行的正在容器
inspect :查看容器的详细情况
attach:进入容器的bash(如果有)
pull:推送一个镜像
push:拉取一个镜像
search:查看一个镜像
images:查看当前可用的镜像
rmi:删除已经加载的镜像
tag:给镜像打上tag标签
build:创建一个容器镜像
history:查看镜像bulid的过程
version:查看docker版本
[root@server dock2]# docker run --name vm1 -it ubuntu
root@515af9cd5e7a:/# ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:05
inet addr:172.17.0.5 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:acff:fe11:5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[root@server dock2]# docker tag nginx 192.168.122.1:5000/nginx
[root@server dock2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
game2048 latest 19299002fdbe 16 months ago 55.5 MB
192.168.122.1:5000/nginx latest af4b3d7d5401 2 years ago 190.5 MB
nginx latest af4b3d7d5401 2 years ago 190.5 MB
registry 2.3.1 83139345d017 2 years ago 165.8 MB
[root@server dock2]# docker inspect nginx
[
{
"Id": "c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33",
"Created": "2018-05-17T11:46:36.57505214Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 19464,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-05-17T11:46:38.727130462Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:af4b3d7d5401624ed3a747dc20f88e2b5e92e0ee9954aab8f1b5724d7edeca5e",
"ResolvConfPath": "/var/lib/docker/containers/c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33/hostname",
"HostsPath": "/var/lib/docker/containers/c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33/hosts",
"LogPath": "/var/lib/docker/containers/c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33/c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33-json.log",
"Name": "/nginx",
"RestartCount": 0,
"Driver": "devicemapper",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/home/westos/Desktop/docker/dock2/html/:/usr/share/nginx/html:ro"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"80/tcp": [
{
"HostIp": "192.168.122.1",
"HostPort": "8000"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"ShmSize": 67108864,
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"KernelMemory": 0,
"Memory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null
},
"GraphDriver": {
"Name": "devicemapper",
"Data": {
"DeviceId": "93",
"DeviceName": "docker-8:9-2744800-f3a7449e5bf57b7f17fdbc8eb40404a49ea794b407f3268e611b496601d537fc",
"DeviceSize": "10737418240"
}
},
"Mounts": [
{
"Source": "/home/westos/Desktop/docker/dock2/html",
"Destination": "/usr/share/nginx/html",
"Mode": "ro",
"RW": false,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "c5120c672382",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"443/tcp": {},
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.9.12-1~jessie"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {},
"StopSignal": "SIGTERM"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "4100e0868a4d3ffc0e71ac0935cfd1f43f0d4c9d5e9effdf7dff417c753f5472",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"443/tcp": null,
"80/tcp": [
{
"HostIp": "192.168.122.1",
"HostPort": "8000"
}
]
},
"SandboxKey": "/var/run/docker/netns/4100e0868a4d",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "cde6bea83e3e360bf9b1784617f917766f11a8744c72931b8360e571a7ed034b",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:04",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "d4dcf4f6b616b6e48491ba347ddc4ec6dbebcf3242587d4ab5e0e98c440c9e1f",
"EndpointID": "cde6bea83e3e360bf9b1784617f917766f11a8744c72931b8360e571a7ed034b",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:04"
}
}
}
}
]
使用docker容器创建一个2048小游戏
[root@server dock2]# docker load -i game2048.tar ##加载镜像
[root@server dock2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
game2048 latest 19299002fdbe 16 months ago 55.5 MB
registry 2.3.1 83139345d017 2 years ago 165.8 MB
[root@server dock2]# docker run -d --name game -p 192.168.122.1:8080:80 -it game2048
## -d: Run container in background and print container ID
## --name: 指定一个名字,若不指定,系统会随即起一个名字
## -p:Publish all exposed ports to random ports
## -i:Keep STDIN open even if not attached
## -t:Allocate a pseudo-TTY
## game2048:指定一个可用的镜像
b56f1dec49deb328fd7a2c772f23d428ddf4d5632cb862124d492b2a8bc30f22
[root@server dock2]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b56f1dec49de game2048 "/bin/sh -c 'sed -i \"" 7 seconds ago Up 5 seconds 443/tcp, 192.168.122.1:8080->80/tcp game
d4d8259c5125 registry:2.3.1 "/bin/registry /etc/d" About an hour ago Up About an hour 192.168.122.1:5000->5000/tcp modest_chandrasekhar
试玩
使用docker创建nginx容器
[root@server dock2]# docker run -d --name nginx -v /home/westos/Desktop/docker/dock2/html/:/usr/share/nginx/html:ro -p 192.168.122.1:8000:80 nginx
## -v :目录的映射 ,若有多个目录,多写几个-v
## ro:容器对真机目录只读
c5120c6723820d66373462064ef79b7e79c22fc88ec6fe7b57d519178603fd33
[root@server dock2]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c5120c672382 nginx "nginx -g 'daemon off" 7 minutes ago Up 7 minutes 443/tcp, 192.168.122.1:8000->80/tcp nginx
b56f1dec49de game2048 "/bin/sh -c 'sed -i \"" 44 minutes ago Up 44 minutes 443/tcp, 192.168.122.1:8080->80/tcp game
d4d8259c5125 registry:2.3.1 "/bin/registry /etc/d" 2 hours ago Up 2 hours 192.168.122.1:5000->5000/tcp modest_chandrasekhar
[root@server dock2]# cat html/index.html
welcome to nginx!
docker的书写
FROM rhel7
ENV HOSTNAME server1
EXPOSE 80
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpmdb --rebuilddb && yum install -y httpd
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
ssh
FROM rhel7
ENV HOSTNAME server2
EXPOSE 22
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpmdb --rebuilddb yum install -y openssh-server openssh-client && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N "" && ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N "" && ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N "" && echo root:westos | chpasswd
CMD ["/usr/sbin/sshd","-D"]
supervisor
FROM rhel7
ENV HOSTNAME server3
EXPOSE 22 80
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpmdb --rebuilddb && yum install -y lftp httpd openssh-server openssh-client supervisor && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -q -N "" && ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -q -N "" && ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -q -N "" && echo root:westos | chpasswd
COPY supervisord.conf /etc/supervisord.conf
CMD ["/usr/bin/supervisord"]