docker教程
一、环境配置(CentOS7)
1、安装wget
[root@localhost /]# yum install -y wget
2、更新yum源(阿里云)
[root@localhost /]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@localhost /]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
3、清除本地缓存
[root@localhost /]# yum clean all
4、生成新的缓存
[root@localhost /]# yum makecache
5、清空现有防火墙的规则
[root@localhost /]# iptables -F
6、修改SELinux为disable状态
vi /etc/sysconfig/selinux
# 修改为:SELINUX=disabled
# 然后重启系统reboot
7、查看SELinux的状态
[root@localhost /]# getenforce
Disable
8、安装常用的软件包
[root@localhost /]# yum install -y bash-completion vim lrzsz expect net-tools nc nmap tree dos2unix htop iftop iotop unzip telnet sl psmisc nethogs glances bc ntpdate openldap-devel
9、查看防火墙状态、关闭防火墙、关闭开机自启
[root@localhost /]# systemctl status firewalld
Active: active (running)
[root@localhost /]# systemctl stop firewalld
[root@localhost /]# systemctl status firewalld
Active: inactive (dead)
[root@localhost /]# systemctl disable firewalld
二、安装docker
1、开启Linux内核的流量转发
[root@localhost ~]# cat <<EOF > /etc/sysctl.d/docker.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> net.ipv4.conf.default.rp_filter = 0
> net.ipv4.conf.all.rp_filter = 0
> net.ipv4.ip_forward=1
> EOF
2、加载修改后的内核配置文件
# 先执行:
[root@localhost ~]# modprobe br_netfilter
# 再执行:
[root@localhost ~]# sysctl -p /etc/sysctl.d/docker.conf
3、利用yum快速安装docker
# 先参看当前yum仓库有没有docker安装包:
[root@localhost ~]# yum list docker-ce --showduplicates | sort -r
# 然后利用curl下载repo:
[root@localhost ~]# curl -o /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@localhost ~]# curl -o /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# 最后安装docker-ce:
[root@localhost ~]# yum install docker-ce-20.10.6 -y
三、配置docker的镜像加速器
-
创建文件:
[root@localhost ~]# mkdir -p /etc/docker [root@localhost ~]# touch /etc/docker/daemon.json [root@localhost ~]# vim /etc/docker/daemon.json -
写入内容:
{ "registry-mirrors":[ "https://8xpk5wnt.mirrors.aliyuncs.com" ] } -
使修改的json文件生效:
[root@localhost ~]# systemctl daemon-reload [root@localhost ~]# systemctl enable docker -
重启docker:
[root@localhost ~]# systemctl restart docker -
查看docker进程:
[root@localhost ~]# ps -ef | grep docker root 25233 1 0 20:39 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock root 27039 1779 0 20:40 pts/0 00:00:00 grep --color=auto docker -
查看容器、镜像、docker版本
[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE [root@localhost ~]# docker version Client: Docker Engine - Community Version: 24.0.7 API version: 1.41 (downgraded from 1.43) Go version: go1.20.10 Git commit: afdd53b Built: Thu Oct 26 09:11:35 2023 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 20.10.6 API version: 1.41 (minimum version 1.12) Go version: go1.13.15 Git commit: 8728dd2 Built: Fri Apr 9 22:43:57 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.26 GitCommit: 3dd1e886e55dd695541fdcd67420c2888645a495 runc: Version: 1.1.10 GitCommit: v1.1.10-0-g18a0cb0 docker-init: Version: 0.19.0 GitCommit: de40ad0
四、使用docker运行nginx
1、搜索docker仓库中有没有nginx镜像
[root@localhost ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 19458 [OK]
unit Official build of NGINX Unit: Universal Web … 20 [OK]
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 140
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 87
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 33
nginxinc/nginx-s3-gateway Authenticating and caching gateway based on … 3
nginx/unit This repository is retired, use the Docker o… 64
nginx/nginx-ingress-operator NGINX Ingress Operator for NGINX and NGINX P… 2
2、从仓库中拉去nginx镜像
[root@localhost ~]# docker pull nginx
3、再次查看镜像列表
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest d453dd892d93 2 months ago 187MB
4、查看系统端口监听情况
[root@localhost ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1499/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1499/master
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
5、运行该nginx镜像生成容器
[root@localhost ~]# docker run -d -p 80:80 nginx
3a8a20fed97d1e87455fd2adc4e507fdf1adbfdc47a6a9be6639f3f8718cb74a 返回一个容器ID
# 其中,参数:-d 表示在后台运行容器; -p 表示端口映射,宿主机端口:容器内端口
6、查看正在运行的容器
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a8a20fed97d nginx "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, :::80->80/tcp vigilant_brown
7、再次查看系统端口监听情况
[root@localhost ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1499/master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 20927/docker-proxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1269/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1499/master
tcp6 0 0 :::80 :::* LISTEN 20933/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 1269/sshd
8、结束正在运行的容器
[root@localhost ~]# docker stop 3a8a20fed97d
3a8a20fed97d
五、使用docker运行Ubuntu系统
1、查看仓库中是否有Ubuntu镜像
[root@localhost ~]# docker search ubuntu
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ubuntu Ubuntu is a Debian-based Linux operating sys… 16772 [OK]
websphere-liberty WebSphere Liberty multi-architecture images … 296 [OK]
open-liberty Open Liberty multi-architecture images based… 62 [OK]
neurodebian NeuroDebian provides neuroscience research s… 105 [OK]
ubuntu-debootstrap DEPRECATED; use "ubuntu" instead 52 [OK]
ubuntu-upstart DEPRECATED, as is Upstart (find other proces… 115 [OK]
ubuntu/nginx Nginx, a high-performance reverse proxy & we… 106
ubuntu/squid Squid is a caching proxy for the Web. Long-t… 74
ubuntu/cortex Cortex provides storage for Prometheus. Long… 4
ubuntu/prometheus Prometheus is a systems and service monitori… 54
ubuntu/apache2 Apache, a secure & extensible open-source HT… 70
ubuntu/kafka Apache Kafka, a distributed event streaming … 37
2、从仓库中拉取Ubuntu镜像
[root@localhost ~]# docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
a48641193673: Pull complete
Digest: sha256:6042500cf4b44023ea1894effe7890666b0c5c7871ed83a97c36c76ae560bb9b
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
3、查看拉取的镜像文件
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 174c8c134b2a 4 weeks ago 77.9MB
nginx latest d453dd892d93 2 months ago 187MB
4、参看宿主机CentOS7系统发行版
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
5、查看宿主机CentOS7系统内核
[root@localhost ~]# uname -r
3.10.0-1062.el7.x86_64
6、运行Ubuntu镜像(进入Ubuntu系统内部)
# 参数:-i表示交互式命令操作;-t表示开启一个终端;174c8c134b2a为镜像ID号;bash表示命令解释器
[root@localhost ~]# docker run -it 174c8c134b2a bash
root@1fcb1d3b6569:/# ls
bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
7、查看Ubuntu系统发行版
root@acfdd99283c1:/# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS"
8、退出Ubuntu系统(退出容器)
root@acfdd99283c1:/# exit
exit
[root@localhost ~]#
六、docker镜像的操作
1、搜索镜像
docker search 镜像名:tag tag就是具体的标签版本
2、查看本地镜像文件有哪些
docker images
docker image ls
3、下载(拉取)镜像
docker pull 镜像名:tag 不加tag默认下载latest版本
4、查看docker镜像的存储路径及内容
[root@localhost ~]# docker info | grep Root
Docker Root Dir: /var/lib/docker
[root@localhost ~]# ls /var/lib/docker
buildkit containers image network overlay2 plugins runtimes swarm tmp trust volumes
[root@localhost ~]# ls /var/lib/docker/image/overlay2/imagedb/content/sha256/
174c8c134b2a94b5bb0b37d9a2b6ba0663d82d23ebf62bd51f74a2fd457333da d453dd892d9357f3559b967478ae9cbc417b52de66b53142f6c16c8a275486b9
# 该文件是json格式,作用是记录镜像与容器的配置关系
[root@localhost ~]# ls /var/lib/docker/image/overlay2/imagedb/content/sha256/ -l
总用量 12
-rw------- 1 root root 2299 1月 15 19:51 174c8c134b2a94b5bb0b37d9a2b6ba0663d82d23ebf62bd51f74a2fd457333da
-rw------- 1 root root 7016 1月 11 22:05 d453dd892d9357f3559b967478ae9cbc417b52de66b53142f6c16c8a275486b9
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 174c8c134b2a 4 weeks ago 77.9MB
nginx latest d453dd892d93 2 months ago 187MB
5、运行Ubuntu镜像
# 参数 -it 开启一个交互式的终端; --rm 容器退出时删除该容器
[root@localhost ~]# docker run -it --rm ubuntu bash
root@2097d682fbb3:/#
6、退出Ubuntu系统容器
root@2097d682fbb3:/# exit
exit
[root@localhost ~]#
7、查看所以的容器运行记录(运行中的、不在运行的)
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eb59e5c7763d hello-world "/hello" 2 minutes ago Exited (0) About a minute ago strange_black
acfdd99283c1 174c8c134b2a "bash" 19 hours ago Exited (0) 19 hours ago zen_ride
1fcb1d3b6569 174c8c134b2a "bash" 19 hours ago Exited (0) 19 hours ago romantic_galois
3a8a20fed97d nginx "/docker-entrypoint.…" 20 hours ago Exited (0) 20 hours ago vigilant_brown
8、删除镜像
# 先删除容器记录(要删除的镜像不能有依赖的容器记录)
[root@localhost ~]# docker rm eb59e5c7763d
eb59e5c7763d
# 再删除镜像
[root@localhost ~]# docker rmi hello-world
Untagged: hello-world:latest
Untagged: hello-world@sha256:4bd78111b6914a99dbc560e6a20eab57ff6655aea4a80c50b0c5491968cbc2e6
Deleted: sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a
Deleted: sha256:ac28800ec8bb38d5c35b49d45a6ac4777544941199075dff8c4eb63e093aa81e
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 174c8c134b2a 4 weeks ago 77.9MB
nginx latest d453dd892d93 2 months ago 187MB
9、批量删除镜像(慎用!)
docker rmi `docker images -aq`
10、导出镜像(本地)
docker image save ubuntu > /opt/ubuntu.tgz
11、导入镜像(本地)
docker image load -i /opt/ubuntu.tgz
12、查看镜像的详细信息
[root@localhost ~]# docker inspect 174c8c134b2a
# 返回json格式数据
七、docker容器管理
# docker run 镜像名 等于创建+启动 镜像, 如果镜像本地不存在,则会在线下载该镜像
1、启动镜像生成容器
# docker run -d --rm --name myubuntu unbuntu ping baidu.com
# 参数:-d 后台运行,--rm 容器退出时自动删除该容器,--name 给容器起个名字,ping baidu.com 启动容器执行的命令。
2、查看容器日志,刷新日志
# docker logs -f
# docker logs 容器ID | tail -5
3、进入到正常运行的容器空间内
# docker exec -it 容器ID bash
4、查看容器的详细信息
# docker container inspect 容器ID
# 返回json格式数据
5、容器的端口映射
# docker run -d --name my_nginx -p 85:80 nginx
6、查看容器的端口转发情况
# docker port 容器ID
7、随机端口映射
# docker run -d --name nginx_random -P nginx
# 参数:-P 随机访问宿主机的空闲端口,映射到容器内打开的端口
8、容器的提交
# 运行基础的Ubuntu镜像,在容器内安装vim,然后提交新的镜像,再运行新的镜像生成的容器就携带vim了
# docker commit 容器ID 新的镜像名
八、Dockerfile
未完待续…
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
