Docker学习
概述
-
Docker基本组成
客户端、服务端、仓库
-
Docker安装
[root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]# cat /etc/os-release NAME="CentOS Linux" VERSION="7 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="7" PRETTY_NAME="CentOS Linux 7 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:7" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-7" CENTOS_MANTISBT_PROJECT_VERSION="7" REDHAT_SUPPORT_PRODUCT="centos" REDHAT_SUPPORT_PRODUCT_VERSION="7" #1、卸载旧版本 [root@localhost ~]# sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine; 已加载插件:fastestmirror, langpacks 参数 docker 没有匹配 参数 docker-client 没有匹配 参数 docker-client-latest 没有匹配 参数 docker-common 没有匹配 参数 docker-latest 没有匹配 参数 docker-latest-logrotate 没有匹配 参数 docker-logrotate 没有匹配 参数 docker-engine 没有匹配 不删除任何软件包 #2、设置需要的安装包 安装yum-utils包(提供yum-config-manager 实用程序)并设置稳定存储库。 [root@localhost ~]# sudo yum install -y yum-utils 已加载插件:fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: ftp.sjtu.edu.cn * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com 软件包 yum-utils-1.1.31-54.el7_8.noarch 已安装并且是最新版本 无须任何处理 #3、设置镜像仓库 使用阿里云的 yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo #默认国外的 [root@localhost ~]# yum-config-manager \ --add-repo \ http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo; #推荐使用阿里去 #4、安装docker [root@localhost ~]# yum install docker-ce docker-ce-cli containerd.io #5、启动docker [root@localhost ~]# systemctl start docker [root@localhost ~]# docker version Client: Docker Engine - Community Version: 20.10.9 API version: 1.41 Go version: go1.16.8 Git commit: c2ea9bc Built: Mon Oct 4 16:08:14 2021 OS/Arch: linux/amd64 Context: default Experimental: true Server: Docker Engine - Community Engine: Version: 20.10.9 API version: 1.41 (minimum version 1.12) Go version: go1.16.8 Git commit: 79ea9d3 Built: Mon Oct 4 16:06:37 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.4.11 GitCommit: 5b46e404f6b9f661a205e28d59c982d3634148f8 runc: Version: 1.0.2 GitCommit: v1.0.2-0-g52b36a2 docker-init: Version: 0.19.0 GitCommit: de40ad0 [root@localhost ~]# docker run hello-world [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest feb5d9fea6a5 3 weeks ago 13.3kB #6、卸载 docker #删除安装包: yum remove docker-ce #删除镜像、容器、配置文件等内容: rm -rf /var/lib/docker
安装目录
#默认目录 /var/lib/docker
常用命令
docker images #查看镜像 docker rmi [image] #删除镜像 docker image rm [image] docker ps -a #查看全部容器 docker version #docker版本信息 docker info #docker详细信息 docker --help #帮助命令 docker search 镜象名 # 搜索命令 [root@localhost ~]# docker search tomcat NAME DESCRIPTION STARS OFFICIAL AUTOMATED tomcat Apache Tomcat is an open source implementati… 3152 [OK] tomee Apache TomEE is an all-Apache Java EE certif… 93 [OK] dordoka/tomcat Ubuntu 14.04, Oracle JDK 8 and Tomcat 8 base… 58 [OK] kubeguide/tomcat-app Tomcat image for Chapter 1 31 consol/tomcat-7.0 Tomcat 7.0.57, 8080, "admin/admin" 18 [OK] docker ps #查看容器列表 docker inspect #查看具体容器详细信息 docker run -d #后台运行 -p #端口映射 -P #随机映射 -v #目录持载 -e #环境配置 -it #交互模式支行 --name #容器名字 docker start docker stop docker kill docker restart docker rm -f #删除容器 docker run -it tomcat:7.0 /bin/bash #查看镜像版本 docker image inspect (docker image名称):latest|grep -i version
容器使用
部署tomcat
[root@localhost ~]# docker run -it --rm tomcat:7.0 #下载tomcat7.0并运行镜像 --rm 表示退出就自动清除容器 Using CATALINA_BASE: /usr/local/tomcat Using CATALINA_HOME: /usr/local/tomcat Using CATALINA_TMPDIR: /usr/local/tomcat/temp Using JRE_HOME: /usr/local/openjdk-8 Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar [root@localhost ~]# docker run -itd --name gzga-tomct tomcat:7.0 /bin/bash #后台启动一个容器 1f3c98ebc995f4e2a213afc4f2e1b52ac54b9d6b31e476380d880ccb0b638051 [root@localhost ~]# docker exec -it gzga-tomct /bin/bash #命令交互的方式进入容器 root@1f3c98ebc995:/usr/local/tomcat# [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1f3c98ebc995 tomcat:7.0 "/bin/bash" 9 minutes ago Exited (0) About a minute ago gzga-tomct [root@localhost ~]# docker rm 1f3c98ebc995 1f3c98ebc995 #正式部署Tomcat [root@localhost ~]# docker run -itd -p 7070:8080 --name gzga-tomcat tomcat:7.0 /bin/bash #启动一个暴露端口的容器 ee599e7364dae5bc4be3738d34a2a2ea48722f6e6f6bdeff9fdb816fd65e0dde #此时外网访问不了,因为是最小镜像,阉割版本,执行以下命令 [root@localhost ~]# docker exec -it gzga-tomcat /bin/bash root@d0885c3b9e77:/usr/local/tomcat# cp -r webapps.dist/* webapps #再访问tomcat
配置启动脚本
#!/bin/bash CONTAINER_NAME="gzga_tomcat" docker stop $CONTAINER_NAME && echo "$CONTAINER_NAME has been stopped!" || echo "failed to stop $CONTAINER_NAME" docker rm $CONTAINER_NAME && echo "$CONTAINER_NAME has been removed!" || echo "failed to remove $CONTAINER_NAME" docker run -d --name $CONTAINER_NAME \ -p 8088:8080 \ -v $PWD:/usr/local/tomcat/webapps \ -v $PWD/attachFile:/usr/local/attachFile \ -v $PWD/conf/dm_svc.conf:/etc/dm_svc.conf \ -v $PWD/conf/server.xml:/usr/local/tomcat/conf/server.xml \ -v /etc/localtime:/etc/localtime \ -e JAVA_OPTS='-Duser.timezone=GMT+08' \ tomcat:7.0.109
部署nginx
[root@localhost ~]# docker pull nginx:1.14.2 1.14.2: Pulling from library/nginx 27833a3ba0a5: Pull complete 0f23e58bd0b7: Pull complete 8ca774778e85: Pull complete Digest: sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d Status: Downloaded newer image for nginx:1.14.2 docker.io/library/nginx:1.14.2 [root@localhost ~]# docker run --name gzga-nginx -d -p 8080:80 nginx:1.14.2 677dd68f55406dcb98e346171c037042614515777bf00052bff67f26902dbd6d [root@localhost ~]# docker exec -it gzga-nginx /bin/bash #进入容器 root@677dd68f5540:/#
配置 nginx.conf
#1、创建挂载目录 [root@localhost local]# mkdir -p /home/service/nginx/log [root@localhost local]# mkdir -p /home/service/nginx/conf [root@localhost local]# mkdir -p /home/service/nginx/conf.d [root@localhost local]# mkdir -p /home/service/nginx/static [root@localhost local]# mkdir -p /home/service/nginx/ssl #2、复制配置文件 [root@localhost nginx]# docker cp gzga-nginx:/etc/nginx/nginx.conf /home/service/nginx/conf/nginx.conf root@localhost nginx]# docker cp gzga-nginx:/etc/nginx/conf.d/default.conf /home/service/nginx/conf.d/default.conf [root@localhost nginx]# docker cp gzga-nginx:/usr/share/nginx/html/index.html /home/service/nginx/static/index.html
修改nginx
#修改后结果 user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include /etc/nginx/mime.types; default_type application/octet-stream; charset utf-8; keepalive_timeout 60; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; server { listen 80; server_name www.roes.top; location / { root /usr/share/nginx/html; index index.html index.htm; } } include /etc/nginx/conf.d/*.conf; }
停止容器并删除容器
[root@localhost nginx]# docker stop gzga-nginx gzga-nginx [root@localhost nginx]# docker rm gzga-nginx gzga-nginx
重新启动容器
[root@localhost nginx]# docker run --name gzga-nginx -d -p 8080:80 -v /home/service/nginx/static:/usr/share/nginx/html -v /home/service/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /home/service/nginx/log:/var/log/nginx -v /home/service/nginx/conf.d:/etc/nginx/conf.d -v /home/service/nginx/ssl:/ssl nginx:1.14.2
配置 favicon.ico
#location = /favicon.ico { root /usr/share/nginx/html; } docker exec -i gzga-nginx nginx -s reload
配置启动脚本
#!/bin/bash echo "停止容器" docker stop gzga-nginx echo "移除容器" docker rm gzga-nginx echo "部署并启动容器" docker run --name gzga-nginx -d -p 8080:80 -p 9000:9000 -v /home/service/nginx/static:/usr/share/nginx/html -v /home/service/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /home/service/nginx/log:/var/log/nginx -v /home/service/nginx/conf.d:/etc/nginx/conf.d -v /home/service/nginx/ssl:/ssl nginx:1.14.2
反向代理配置
复制default.conf文件生成一个新文件
[root@localhost nginx]#cd conf.d [root@localhost nginx]#cp default.conf app.conf
修改app.conf文件,内容如下
upstream gzgaapi { server 192.168.1.16:8088 weight=1; } server { listen 9000; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { proxy_pass http://gzgaapi; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }
部署Redis
查看redis镜像
[root@localhost home]# docker search redis NAME DESCRIPTION STARS OFFICIAL AUTOMATED redis Redis is an open source key-value store that… 11137 [OK] bitnami/redis Bitnami Redis Docker Image 227 [OK] bitnami/redis-sentinel Bitnami Docker Image for Redis Sentinel 39 [OK] bitnami/redis-cluster 34
拉取镜像
#取stars最高的那一个 版本 7.0.3 [root@localhost home]# docker pull redis Using default tag: latest latest: Pulling from library/redis 461246efe0a7: Pull complete edee06fdf403: Pull complete 04b7adc9ef61: Pull complete 675e080de32e: Pull complete 52f80fad4364: Pull complete fb132777afe2: Pull complete Digest: sha256:fe5e55a258e98788989fe77a116155088b8a27d8665ba9747df23af53c3b9a82 Status: Downloaded newer image for redis:latest docker.io/library/redis:latest #查看版本 [root@localhost home]# docker image inspect redis:latest|grep -i version "GOSU_VERSION=1.14", "REDIS_VERSION=7.0.3", "DockerVersion": "20.10.12", "GOSU_VERSION=1.14", "REDIS_VERSION=7.0.3",
创建容器
[root@localhost home]# docker run -d --name redis -p 6379:6379 redis --requirepass "redis"
进入客户端
[root@localhost home]# docker exec -it redis redis-cli 127.0.0.1:6379>
密码相关
#查询密码 config get requirepass #设置密码 默认密码redis config set requirepass XXX #认证密码 auth XXX
注意事项
第一次创建容器设置密码后,登陆后无法直接查询密码,需要 auth 验证密码
[root@localhost home]# docker exec -it redis redis-cli 127.0.0.1:6379> config get requirepass (error) NOAUTH Authentication required. 127.0.0.1:6379> auth redis OK
容器数据卷
具名与匿名挂载
docker volume ls #查看所有卷 #具名挂载,指定外部文件目录 #匿名挂载,不指定外部文件目录
DockerFile
DockerFile常用操作
用来构建Docker镜像文件
#创建dockerfile 文件 vi dockerFileName #执行命令 docker build -f dockerFileName -t hesai/centos .
docker history #查看历史过程
Docker发布
阿里云镜像及DockerHub
docker push
备份成压缩包
docker save docker load
Docke网络
Docker0
#查看网卡 ip addr #docker 使用evth-pair技术进行通信 #--link 连通docker docker run -d --link docker network #查询当前网络 docker exec -it 容器 cat /etc/hosts
官方docker0问题
不支持容器名连接访问
自定义网络
查看Docker网络
docker newwork ls
网络模式
bridge: 桥接
none:不配置网络
host:配置主机共享网络
container:容器网络连接
docker run -d -P --name 容器名 --net bridge 镜像名 docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet docker run -d --name 容器名 --net mynet
自定义网络优势
-
修复了docker的缺点
-
容器之间可以随意互联
-
不同的集群使用不同的网络,保证网络的安全
网络连通
docker network connect mynet tomcat01 #连接其他网络的网卡
集群配置
常用操作
文件复制
#复制容器内attachFile整个目录到 /home/icm/docker/gxhgy/attachFile 目录下 [icm@icm-old gxhgy]$ docker cp f0a6adeaa7d3:/usr/local/tomcat/d:/attachFile/ /home/icm/docker/gxhgy/attachFile/ [icm@icm-old attachFile]$ pwd /home/icm/docker/gxhgy/attachFile [icm@icm-old attachFile]$ ls attachFile #复制容器内attachFile目录下所有文件到 /home/icm/docker/gxhgy/attachFile 目录下 [icm@icm-old attachFile]$ docker cp f0a6adeaa7d3:/usr/local/tomcat/d:/attachFile/. /home/icm/docker/gxhgy/attachFile/ [icm@icm-old attachFile]$ ls 617e8d74-7dbf-4cda-ad67-c306cab255e5 [icm@icm-old attachFile]$ pwd /home/icm/docker/gxhgy/attachFile #制容器内attachFile整个目录到当前文件 [icm@icm-old gxhgy]$ docker cp f0a6adeaa7d3:/usr/local/tomcat/d:/attachFile/ .
查看镜像版本
[root@localhost home]# docker image inspect redis:latest|grep -i version "GOSU_VERSION=1.14", "REDIS_VERSION=7.0.3", "DockerVersion": "20.10.12", "GOSU_VERSION=1.14", "REDIS_VERSION=7.0.3",
常见问题
容器时间错误
#1、启动时进行映射 [icm@icm-old ~] docker run --name gzga_tomcat -d -p 8080:8088 -v /etc/localtime:/etc/localtime #2、如果容器已创建,复制时区信息到容器 # 如果本机时区正确 [icm@icm-old ~] docker cp /etc/localtime gzga_tomcat:/etc/localtime # 如果本机时区不正确 [icm@icm-old ~] docker cp /usr/share/zoneinfo/Asia/Shanghai gzga_tomcat:/etc/localtime
java时间不对
原因
:java时间读取的是 /etc/timezone 文件,检查该文件时区是否正确
修改 docker 时区
# 修改 dcokcer时间区 [icm@icm-old ~] docker exec -it gzga_tomcat /bin/bash [icm@icm-old ~] echo "Asia/Shanghai" > /etc/timezone # 重启容器 [icm@icm-old ~] docker stop gzga_tomcat [icm@icm-old ~] docker start gzga_tomcat
映射 /etc/timezone 文件到容器
[icm@icm-old ~] docker run --name gzga_tomcat -d -p 8080:8088 -v /etc/timezone:/etc/timezone
传递参数到jvm
[icm@icm-old ~] docker run --name gzga_tomcat -d -p 8080:8088 -e JAVA_OPTS='-Duser.timezone=GMT+08'