Docker ~ 从入门到入坑。
文章目录
- Docker ~ 从入门到入坑。
- 概述。
- Docker 能做什么。
- Docker 基本组成。
- Docker 安装。
- Docker 卸载。
- 阿里云镜像加速。
- 底层原理。
- 常用命令。
- eg.
- 可视化 ~ Rancher(CI/CD)。
- 可视化 ~ portainer。
- Docker 镜像。
- commit 镜像。
- 容器数据卷。
- MySQL 数据。
- DockerFile。
- 数据卷容器。
- DockerFile。
- 创建一个自己的 Centos。
- docker history。镜像构建详情。
- CMD & ENTRYPOINT。
- 制作 Tomcat Dokerfile。
- 发布镜像。
- 发布到阿里云镜像。
- Docker 网络。
- 网络连通。
- Redis 集群。
- Spring Boot 微服务打包 Docker 镜像。
概述。
Docker 为什么出现。
一款产品,开发 ~ 上线,两套环境。
“我在我的电脑上可以运行!”。
环境配置十分麻烦,每一台机器都要部署环境(集群 Redis、ES、Hadoop)。费时费力。
传统:开发 jar,运维来作。
现在:开发打包部署上线,一套流程做完。
java ~ apk ~ 发布(应用商店)~ 张三使用 apk ~ 安装即可用。
java ~ jar(+环境)~ 打包项目带上环境(镜像)~(Docker 仓库:商店)~下载我们发布的镜像 ~ 直接运行即可。
Docker 的思想来自于集装箱。
Docker 历史。
2010 年,几个年轻人,在美国成立了一家公司 DotCloud。做一些 PASS 云计算服务,Linux 的有关的容器技术。他们将自己的技术(容器化技术)命名 Docker。
Docker 刚蛋生的时候,没有引起行业注意。
↓ ↓ ↓
2013 开源。
2014 年 9 月,Docker 1.0 发布。
在容器技术出来之前,虚拟机技术。
虚拟机:在 Windows 装一个 VMWare,要虚拟一台电脑,笨重。
Docker:隔离,镜像(最核心的环境 4M + jdk + MySQL)十分小巧,运行镜像即可。
文档:https://docs.docker.com/
仓库:https://www.docker.com/products/docker-hub
Docker 能做什么。
- 虚拟机技术。
资源占用多。
冗余步骤多。
启动慢。
- 容器化技术。
- DevOps(开发、运维)。
- 应用更快速的交付和部署。
传统:一堆帮助文档,安装程序。
Docker:打包镜像发布测试,一键运行。- 更便捷的升级和扩缩容。
Docker 部署应用就像搭积木一样,项目打包为一个镜像。- 更简单的系统运维。
开发、测试环境高度一致。- 更高效的计算资源。
Docker 是内核级别的虚拟化,可以在一个物理机上运行很多容器实例。服务器的性能可以被压榨到极致。
Docker 基本组成。
- 镜像 image。
Docker 镜像就好比一个模板,可以通过这个模板来创建容器服务,Tomcat 镜像 --> run --> tomcat01容器(提供服务器),通过这个镜像可以创建多个容器(最终服务运行或项目运行就是在容器中)。- 容器 container。
Docker 利用容器技术,独立运行一个或一个组应用,通过镜像来创建的。可以理解为一个简易的 Linux 系统。- 仓库 repository。
仓库就是存放镜像的地方。
仓库分为共有仓库和私有仓库。
Docker Hub(默认,国外的)。
阿里云,华为云都有容器服务器。配置镜像加速。
Docker 安装。
https://docs.docker.com/engine/install/centos/
[geek@192 tools_my]$ sudo docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Docker 卸载。
Uninstall Docker Engine
Uninstall the Docker Engine, CLI, and Containerd packages:
$ sudo yum remove docker-ce docker-ce-cli containerd.io
Images, containers, volumes, or customized configuration files on your host are not automatically removed. To delete all images, containers, and volumes:
$ sudo rm -rf /var/lib/docker
You must delete any edited configuration files manually.
阿里云镜像加速。
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://********.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
底层原理。
Docker 是一个 Client - Server 结构的系统,Docker 的守护进程运行在主机上,通过 Socket 从客户端访问。
Docker Server 接收到 Docker Client 的指令,就会执行这个命令。
- Docker 为什么比虚拟机快?
Docker 有着比虚拟机更少的抽象层。
Docker 利用的是宿主机的内核,vm 需要是 Guest OS。
所以说,新建一个容器的时候,Docker 不需要像虚拟机一样重新加载一个操作系统的内核,避免引导。虚拟机是加载 Guest OS,分钟级别的,而 Docker 是利用宿主机的操作系统,省略了这个复杂的过程。
常用命令。
帮助命令。
docker version # 显示 Docker 的版本信息。
docker info # 显示 Docker 的系统信息,包括镜像和容器的数量。
docker 命令 --help # 帮助命令。
[geek@192 ~]$ sudo docker
[sudo] password for geek:
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST
env var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
https://docs.docker.com/engine/reference/run/
镜像命令。
docker images。
显示本地所有镜像。
[geek@192 ~]$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7.29 413be204e9c3 4 months ago 456MB
hello-world latest fce289e99eb9 20 months ago 1.84kB
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE
| Name, shorthand | Default Description |
|---|---|
| –all , -a | Show all images (default hides intermediate images) |
| –digests | Show digests |
| –filter , -f | Filter output based on conditions provided |
| –format | Pretty-print images using a Go template |
| –no-trunc | Don’t truncate output |
| –quiet , -q | Only show numeric IDs |
docker search。
搜索镜像。
docker search [OPTIONS] TERM
Extended description
Search Docker Hub for images
For example uses of this command, refer to the examples section below.
Options
| Name, shorthand | Default | Description |
|---|---|---|
| –automated (deprecated) | Only show automated builds | |
| –filter, -f | Filter output based on conditions provided | |
| –format | Pretty-print search using a Go template | |
| –limit | 25 | Max number of search results |
| –no-trunc | Don’t truncate output | |
| –stars , -s(deprecated) | Only displays with at least x stars |
docker pull。
下载镜像。
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
[geek@192 ~]$ sudo docker pull mysql
Using default tag: latest # 如果不写 tag,默认下载最新版本 latest。
latest: Pulling from library/mysql
d121f8d1c412: Pulling fs layer # 分层下载。docker image 的核心,联合文件系统。
[geek@192 ~]$ sudo docker pull mysql:5.7.29
5.7.29: Pulling from library/mysql
54fec2fa59d0: Already exists # 分层下载。docker image 的核心,联合文件系统。
bcc6c6145912: Already exists
951c3d959c9d: Already exists
05de4d0e206e: Pull complete
319f0394ef42: Pull complete
d9185034607b: Pull complete
013a9c64dadc: Pull complete
58b7b840ebff: Pull complete
9b85c0abc43d: Pull complete
bdf022f63e85: Pull complete
35f7f707ce83: Pull complete
Digest: sha256:95b4bc7c1b111906fdb7a39cd990dd99f21c594722735d059769b80312eb57a7
Status: Downloaded newer image for mysql:5.7.29
docker.io/library/mysql:5.7.29
docker rmi。
删除镜像。
| Name, shorthand | Default | Description |
|---|---|---|
| –force , -f | Force removal of the image | |
| –no-prune | Do not delete untagged parents |
docker rmi -f 镜像 id # 删除指定的镜像。
docker rmi -f 镜像 id 镜像 id 镜像 id # 删除多个镜像。
docker rmi -f $(docker images -aq) # 删除全部镜像。
容器命令。
有了镜像才可以创建容器。
docker pull centos
docker run --help
docker run [可选参数] image
–name=“容器名”
-d ~ 后台方式运行。
-it ~ 使用交互方式运行,进入容器查看内容。
-p ~ 指定容器端口。
-p ip:主机端口:容器端口。
-p 主机端口:容器端口。(常用)。
-p 容器端口(不需要外部访问,容器内部端口)。
容器端口。
-P ~ 随机端口。
列出所有运行的容器。
docker ps
列出所有的容器。
docker ps -a
-n=? # 列出最近创建的容器。
-q # 只显示容器的编号。
退出容器。
exit # 容器停止并退出。
Ctrl + P + Q # 容器不停止退出。
删除容器。
docker rm 容器 id。
docker rm -f $(docker ps -aq)
docker ps -a -q | xargs docker rm
启动和停止容器。
docker start 容器 id。
docker stop 容器 id。
docker restart 容器 id。
docker kill 容器 id。 # 强制。
其他常用命令。
后台启动容器。
docker run -d centos
// 问题。docker ps 发现 centos 停止了。
Docker 容器使用后台运行,就必须要有一个前台进程。docker 发现没有前台应用,就会自动停止该容器。
eg. Nginx。
查看日志。
[geek@192 ~]$ sudo docker logs --help
[sudo] password for geek:
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for
42 minutes)
--tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m
for 42 minutes)
docker logs -tf -tail 10 容器 id。
容器中的进程信息 ~ top。
docker top 容器 id。
[geek@192 ~]$ sudo docker top be45da4c5b93
UID PID PPID C STIME TTY TIME CMD
polkitd 7501 7486 0 22:33 ? 00:00:01 mysqld
docker inspect。容器元数据。
[geek@192 ~]$ sudo docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
[geek@192 ~]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be45da4c5b93 413be204e9c3 "docker-entrypoint.s…" 4 months ago Up 29 minutes 33060/tcp, 0.0.0.0:3307->3306/tcp mysql_geek
[geek@192 ~]$ sudo docker inspect be45da4c5b93
[
{
"Id": "be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877",
"Created": "2020-04-06T22:15:58.597019498Z",
"Path": "docker-entrypoint.sh",
"Args": [
"mysqld"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 7501,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-08-27T14:33:34.678287048Z",
"FinishedAt": "2020-08-27T14:00:12.753590425Z"
},
"Image": "sha256:413be204e9c34f31476a0680b6521873fb519c749693b181228ff47492a7fe3b",
"ResolvConfPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/hostname",
"HostsPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/hosts",
"LogPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877-json.log",
"Name": "/mysql_geek",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"3306/tcp": [
{
"HostIp": "",
"HostPort": "3307"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6-init/diff:/var/lib/docker/overlay2/34435b08289bb58d920e294bdc084abb5e7bd8ca6eeeebeac585aa3d58bd1745/diff:/var/lib/docker/overlay2/a956e638e9365fa896fcacfa4819aa45b5126f6f774a33f1b4c22fb8915ea759/diff:/var/lib/docker/overlay2/c9cf19bd7db463e098c5c31c26b6709b78d7482116fc4239a3dcd66b277c8026/diff:/var/lib/docker/overlay2/19454098e97f64a4edc53cd3f5cef4e0ba0d2145a7927845586f2fd209ddaa1a/diff:/var/lib/docker/overlay2/9529736c0acd4d18a5a6540b8af98b2dcf9368948af7121850dd5f693c10a06b/diff:/var/lib/docker/overlay2/8cb480298f4e7d3f54b3ed365fb222e73e2a47b7128dcfc7902952569497a6a3/diff:/var/lib/docker/overlay2/7550a0aad73c643bca6a01239c3709aead185080b909bd7dab9257e5f3f0dfa8/diff:/var/lib/docker/overlay2/998e4a5bc1d6e6a124e25cb69155283da2cdf0472284bac785839be224a62d10/diff:/var/lib/docker/overlay2/49948aaa148f15b67fb990a88ee8aa1c36a311f5b45f3988fcad734a55e11475/diff:/var/lib/docker/overlay2/2462775172a6a17f6e925bb15e47c25c99bb785a83f56ff22e2afba745a024f9/diff:/var/lib/docker/overlay2/d00eb80fb1c1d284d5054c36176f3459e737194cf9b01af83fa2f150ef7b5141/diff",
"MergedDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/merged",
"UpperDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/diff",
"WorkDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559",
"Source": "/var/lib/docker/volumes/c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559/_data",
"Destination": "/var/lib/mysql",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "be45da4c5b93",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"MYSQL_ROOT_PASSWORD=root",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.7",
"MYSQL_MAJOR=5.7",
"MYSQL_VERSION=5.7.29-1debian10"
],
"Cmd": [
"mysqld"
],
"Image": "mysql:5.7.29",
"Volumes": {
"/var/lib/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "22742b719119538aa2cbe6996586f06fa966624f7017a68041b5fc3b01688e5a",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"3306/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "3307"
}
],
"33060/tcp": null
},
"SandboxKey": "/var/run/docker/netns/22742b719119",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "57d39a8070c00926eb6b93160f6929240f452e60b099f9875dd5f8c3de3e3747",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "38931101b374d0d8b7ff824e014421b6205795b47203d791b5f38c59d3e3cdc9",
"EndpointID": "57d39a8070c00926eb6b93160f6929240f452e60b099f9875dd5f8c3de3e3747",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入当前正在运行的容器。docker exec / attach。
docker exec -it 容器 id /bin/bash
docker attach 容器 id。
// # 正在执行的代码。。。
docker exec # 进入容器后开启一个新的终端。
docker attach # 进入容器正在执行的终端。
从容器内拷贝文件到主机。
docker cp 容器 id :容器内路径 目的主机路径。
eg.
部署 Nginx。
sudo docker run -d --name nginx01 -p 3344:80 nginx
-d ~ 后台运行。
–name ~ 容器命名。
-p ~ 宿主机端口:容器内部端口。
sudo docker run -d --name nginx01 -p 3344:80 nginx
部署 Tomcat。
官方。
$ docker run -it --rm tomcat:9.0
// 我们之前启动都是后台,停止了容器后,容器还是可以查到的。
docker run -it --rm,一般用来测试,用完即删除。
docker run -d -p 3355:8080 --name tomcat01 tomcat
[geek@192 ~]$ sudo docker exec -it tomcat01 bash
root@12e7591a8ba0:/usr/local/tomcat# ll
bash: ll: command not found
root@12e7591a8ba0:/usr/local/tomcat# ls
BUILDING.txt LICENSE README.md RUNNING.txt conf logs temp webapps.dist
CONTRIBUTING.md NOTICE RELEASE-NOTES bin lib native-jni-lib webapps work
root@12e7591a8ba0:/usr/local/tomcat# ls webapps
–> 阉割了的。默认最小镜像。
实际上是藏在了
root@12e7591a8ba0:/usr/local/tomcat# ls webapps.dist/
ROOT docs examples host-manager managercp
root@12e7591a8ba0:/usr/local/tomcat# cp -r webapps.dist/* webapps/
# 就可以了。
Elasticsearch + Kibana。
ES 暴露的端口很多。
ES 十分耗内存。
ES 的数据一般需要放置到安全目录。挂载。
sudo docker run -d --name elasticsearch --net somenetwork -p 9200:9200 -p 9300:9300 -e “discovery.type=single-node” elasticsearch:7.6.2
docker status # 查询 CPU 状态。
-e ~ 环境参数。
[geek@192 ~]$ sudo docker run -d --name elasticsearch_my -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms64m -Xmx512m" elasticsearch:7.6.2
c2fcf4c8d46eaf6a8a687f7fd0ed46acd99c17dc9b044694eb818e57fd6fe896
[geek@192 ~]$ curl localhost:9200
{
"name" : "c2fcf4c8d46e",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "xOgyKNJYS6qAjAp14Gd80A",
"version" : {
"number" : "7.6.2",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date" : "2020-03-26T06:34:37.794943Z",
"build_snapshot" : false,
"lucene_version" : "8.4.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
使用 Kibana 连接 Elasticsearch。
可视化 ~ Rancher(CI/CD)。
可视化 ~ portainer。
https://www.portainer.io/installation/
// $ docker volume create portainer_data
$ sudo docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce
Docker 镜像。
镜像是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包含运行某个软件所需的所有内容,包括代码、运行时、库、环境变量和配置文件。
所有的应用,直接打包 Docker 镜像,就可以直接跑起来。
得到镜像方式。
- 从远程仓库下载。
- 朋友拷贝。
- 自己制作。DockerFile。
Docker 镜像加载原理。
- UnionFS(联合文件系统)。
UnionFS(联合文件系统):Union 文件系统(UnionFS)是一种分层、轻量级并且高性能的文件系统,ta 支持对文件系统的修改作为一次提交来一层层的叠加,同时可以将不同目录挂载到同一个虚拟文件系统下(unite several directories into a single virtual filesystem)。 Union 文件系统是 Docker 镜像的基础。镜像可以通过分层来进行继承,基于基础镜像(没有父镜像),可以制作各种具体的应用镜像。
特性:一次同时加载多个文件系统,但从外面看起来,只能到一个文件系统,联合加载会把各层文件系统叠加起来,这样最终的文件系统会包含所有底层的文件和目录。
- Docker 镜像加载原理。
docker 的镜像实际上由一层一层的文件系统组成,这种层级的文件系统 UnionFS 。
bootfs(boot file system)主要包含 bootloader 和 kernel。bootloader 主要是引导加载 kernel,Linux 刚启动时会加载 bootfs 文件系统,在 Docker 镜像的最底层是 bootfs。这一层与我们典型的 Linux/Unix 系统是一样的,包含 boot 加载器和内核。当 boot 加载完成之后整个内核就都在内存中了,此时内存的使用权已由 bootfs 转交给内核,此时系统也会卸载 bootfs 。
rootfs (root file system) ,Gbootfs 之上。包含的就是典型 Linux 系统中的 /dev, /proc, /bin, /etc 等标准目录和文件。rootfs 就是各种不同的悍作系统发行版, 比如 Ubuntu,Centos 等等。
对于一个精简的 OS,rootfs 可以很小,只需要包含最基本的命令,工具和程序库就可以了,因为底层直接用 Host 的 kernel,自己只需要提供 rootfs 就可以了。由此可见对于不同的 linux 发行版,bootfs 基本是一致的,rootfs 会有差别,因此不同的发行版可以共用 bootfs。
commit 镜像。
docker commit -m=“提交的描述信息。” -a=“作者” 容器id 目标镜像名:【tag】
容器数据卷。
将应用和环境打包成一个镜像。
数据?如果数据在容器中,容器删除了,数据就会丢失。
↓ ↓ ↓
需求:数据持久化。
容器之间数据共享。Docker 容器中产生的数据,同步到本地。
↓ ↓ ↓
卷技术。目录的挂载,将容器内的目录挂载到 Linux 上。
容器的持久化和同步操作,容器间也是可以数据共享的。
volume
n. 体积;容积;容量;量;额;音量;响度
使用命令挂载 -v。
docker run -it -v /home/test:/home centos /bin/bash
(宿主机目录:容器中目录)。
docker inspect 容器 id
可以查看 “Mounts”: {} 信息。
MySQL 数据。
sudo docker run -d -p 3307:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
https://hub.docker.com/_/mysql
Start a mysql server instance
Starting a MySQL instance is simple:
$ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:tag
… where some-mysql is the name you want to assign to your container, my-secret-pw is the password to be set for the MySQL root user and tag is the tag specifying the MySQL version you want. See the list above for relevant tags.
具名挂载 & 匿名挂载。
匿名挂载。
-v 只写了容器内路径,没有写容器外路径。
-v 容器内路径。
sudo docker run -d -P --name nginx01 -v /etc/nginx nginx
查询所有卷的情况。
sudo docker volume ls
[geek@192 home]$ sudo docker run -d -P --name nginx02 -v /etc/nginx nginx
d2dcf546680909c706dd3a99b258f7c197df09dce3f9b6d2bf765ccd6352996e
[geek@192 home]$ sudo docker volume ls
DRIVER VOLUME NAME
local 26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
local 489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
local af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
local c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
local c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
local portainer_data
VOLUME NAME (…)~ 匿名挂载。
具名挂载。
-v 卷名:容器内路径。
[geek@192 home]$ sudo docker run -d -P --name nginx01 -v juming-nginx:/etc/nginx nginx
b51e5ff1e5eed7416d1ff319912abf26f99765379ad63adfbf06386ad030ffcd
[geek@192 home]$ sudo docker volume ls
DRIVER VOLUME NAME
local 26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
local 489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
local af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
local c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
local c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
local juming-nginx
local portainer_data
所有 Docker 容器内的卷,没有指定目录的情况下都是在 /var/lib/docker/volumes/。
[geek@192 home]$ sudo docker volume inspect juming-nginx
[
{
"CreatedAt": "2020-08-28T04:49:02+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/juming-nginx/_data",
"Name": "juming-nginx",
"Options": null,
"Scope": "local"
}
]
[geek@192 home]$ sudo ls /var/lib/docker
[sudo] password for geek:
builder buildkit containers image network overlay2 plugins runtimes swarm tmp trust volumes
[geek@192 home]$ sudo ls /var/lib/docker/volumes
26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
juming-nginx
metadata.db
portainer_data
具名挂载 & 匿名挂载 & 指定路径挂载。
-v 容器内路径 ~ 匿名挂载。
-v 卷名:容器内路径 ~ 具名挂载。
-v /宿主机路径:容器内路径 ~ 指定路径挂载。
通过 -v 容器内路径:ro rw 改变主读写权限。
ro readonly # 只读。只能通过宿主机改变。
rw readwrite # 可读可写。
docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx:ro nginx
DockerFile。
用来构建 Docker 镜像的构建文件。
[geek@192 home]$ sudo vim dockerfile1
[sudo] password for geek:
[geek@192 home]$ cat dockerfile1
from centos
volume ["volume01", "volume02"]
cmd echo " ~ ~ ~ ~ ~ ~ ~ end ~ ~ ~ ~ ~ ~ ~ "
cmd /bin/bash
docker build -f dockerfile -t geek/centos .
[root@192 docker_my]# sudo docker build -f dockerfile1 -t geek/centos .
Sending build context to Docker daemon 2.048kB
Step 1/4 : from centos
latest: Pulling from library/centos
3c72a8ed6814: Pull complete
Digest: sha256:76d24f3ba3317fa945743bb3746fbaf3a0b752f10b10376960de01da70685fbd
Status: Downloaded newer image for centos:latest
---> 0d120b6ccaa8
Step 2/4 : volume ["volume01", "volume02"]
---> Running in 277b718b809d
Removing intermediate container 277b718b809d
---> dfa0fa8cc0e2
Step 3/4 : cmd echo "~~~end~~~"
---> Running in b37dd2e5eb21
Removing intermediate container b37dd2e5eb21
---> 99450a70efa2
Step 4/4 : cmd /bin/bash
---> Running in 08600e6c2e77
Removing intermediate container 08600e6c2e77
---> 451f7a75e694
Successfully built 451f7a75e694
Successfully tagged geek/centos:latest
docker inspect 容器id
假设构建镜像时没有挂载卷,要手动挂载 -v 卷名:容器内路径。
数据卷容器。
[root@192 docker_my]# sudo docker run -it --name docker01 geek/centos
Ctrl + P + Q(大写状态下)退出当前容器但不关闭。
docker run -it --name docker02 --volumes-from docker01 centos
启动第二个镜像,同步第一个的数据。
[root@192 docker_my]# sudo docker run -it --name docker02 --volumes-from docker01 geek/centos
[root@50a6da234a39 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
- 进入 docker01 touch 一个文件。
[root@192 docker_my]# sudo docker attach docker01
[root@e8335036b13a /]# ls
bin dev docker01 etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@e8335036b13a /]# cd volume01
[root@e8335036b13a volume01]# touch docker01
- docker 02 查看。
[root@192 docker_my]# sudo docker attach docker02
[root@50a6da234a39 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@50a6da234a39 /]# cd volume01
[root@50a6da234a39 volume01]# ls
docker01
多个数据库实现数据共享。
sudo docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
sudo docker run -d -p 3311:3306 -e MYSQL_ROOT_PASSWORD=root --name mysql02 --volumes-from mysql01 mysql:5.7
容器之间的配置信息传递,数据卷容器生命周期一直秩序到没用容器使用为止。
DockerFile。
DockerFile 是用来构建 docker 镜像的文件。命令参数脚本。
步骤。
- 编写一个 dockerfile 文件。
- docker build 构建成为一个镜像。
- docker run 运行镜像。
- docker push 发布镜像(DockerHub、阿里云镜像仓库)。
每个保留关键字(指令)都必须是大写字母。
指令从上到下顺序执行。
# 表示注释。
每一个指令都会创建提交一个新的镜像层,并提交。
Dockerfile 是面向开发的。我们以后要发布项目,做镜像,就需要编写 Dockerfile 文件。
Docker 镜像逐渐成为企业交付的标准。
DockerFile ~ 构建文件,定义了一切的基础,源代码。
DockerImage ~ 通过 DockerFile 构建生成的镜像,最终发布和运行的产品。
Docker 容器 ~ 镜像运行起来提供服务器。
DockerFile 指令。
-
FROM
这个镜像的妈妈是谁?
基础镜像,一切从这里开始。 -
MAINTAINER
谁负责养 ta。维护者信息。姓名 + 邮箱。 -
RUN
镜像构建时候需要执行的命令。
你想让 ta 干啥。(在命令前加上 RUN 即可)。 -
ADD
给 ta 点创业基金。(COPY 文件,会自动解压)。
Tomcat 镜像,Tomcat 压缩包。 -
WORKDIR
我是 cd,今天刚化了妆。 -
VOLUME
给 ta 一个存放行李的地方。设置卷,挂载主机目录。 -
EXPOSE
ta 要打开的门是啥。指定对外的端口。 -
RUN
奔跑吧。 -
CDM
容器启动时要运行的命令。只有最后一个会生效,可被替代。 -
ENTRYPOINT
容器启动时要运行的命令。可追加命令。 -
ONBUILD
当构建一个被继承的 DockerFile,会运行 ONBUILD 指令。 -
COPY
类似 ADD 命令。将文件拷贝到镜像。 -
ENV
构建时设置环境变量。
创建一个自己的 Centos。
https://hub.docker.com/_/scratch
FROM scratch
This image is most useful in the context of building base images (such as debian and busybox) or super minimal images (that contain only a single binary and whatever it requires, such as hello-world).
As of Docker 1.5.0 (specifically, docker/docker#8827), FROM scratch is a no-op in the Dockerfile, and will not create an extra layer in your image (so a previously 2-layer image will be a 1-layer image instead).
From https://docs.docker.com/engine/userguide/eng-image/baseimages/:
You can use Docker’s reserved, minimal image, scratch, as a starting point for building containers. Using the scratch “image” signals to the build process that you want the next command in the Dockerfile to be the first filesystem layer in your image.
While scratch appears in Docker’s repository on the hub, you can’t pull it, run it, or tag any image with the name scratch. Instead, you can refer to it in your Dockerfile. For example, to create a minimal container using scratch:
FROM scratch
COPY hello /
CMD ["/hello"]
- 编写 DockerFile 文件。
[geek@192 docker_my]$ cat geekdockerfile-centos
FROM centos
MAINTAINER geek<YifanLiGeek@gmail.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo MYPATH
CMD echo " ~ ~ ~ end ~ ~ ~ "
CMD /bin/bash
- 构建镜像。
[geek@192 docker_my]$ sudo docker build -f geekdockerfile-centos -t geekcentos:1.0 .
[sudo] password for geek:
Sending build context to Docker daemon 3.072kB
Step 1/10 : FROM centos
---> 0d120b6ccaa8
Step 2/10 : MAINTAINER geek<YifanLiGeek@gmail.com>
---> Running in 7a6a8439f554
Removing intermediate container 7a6a8439f554
---> 59e173e7c4d0
Step 3/10 : ENV MYPATH /usr/local
---> Running in 9f8ae4f21974
Removing intermediate container 9f8ae4f21974
---> 8f16e7d0dee3
Step 4/10 : WORKDIR $MYPATH
---> Running in 2edf61a0944c
Removing intermediate container 2edf61a0944c
---> 82fe516a0098
Step 5/10 : RUN yum -y install vim
---> Running in a10739bb0bd6
CentOS-8 - AppStream 801 kB/s | 5.8 MB 00:07
CentOS-8 - Base 329 kB/s | 2.2 MB 00:06
CentOS-8 - Extras 11 kB/s | 8.1 kB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-13.el8 AppStream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-15.el8 AppStream 39 k
vim-common x86_64 2:8.0.1763-13.el8 AppStream 6.3 M
vim-filesystem noarch 2:8.0.1763-13.el8 AppStream 48 k
which x86_64 2.21-12.el8 BaseOS 49 k
Transaction Summary
================================================================================
Install 5 Packages
Total download size: 7.8 M
Installed size: 31 M
Downloading Packages:
(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 116 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-13.el8.noarch.rp 123 kB/s | 48 kB 00:00
(3/5): which-2.21-12.el8.x86_64.rpm 133 kB/s | 49 kB 00:00
(4/5): vim-enhanced-8.0.1763-13.el8.x86_64.rpm 239 kB/s | 1.4 MB 00:05
(5/5): vim-common-8.0.1763-13.el8.x86_64.rpm 605 kB/s | 6.3 MB 00:10
--------------------------------------------------------------------------------
Total 677 kB/s | 7.8 MB 00:11
CentOS-8 - AppStream 711 kB/s | 1.6 kB 00:00
warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/gpm-libs-1.20.7-15.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-12.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-13.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-13.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-13.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-13.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-13.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-13.el8.noarch 4/5
Verifying : which-2.21-12.el8.x86_64 5/5
Installed:
gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-13.el8.x86_64
vim-enhanced-2:8.0.1763-13.el8.x86_64 vim-filesystem-2:8.0.1763-13.el8.noarch
which-2.21-12.el8.x86_64
Complete!
Removing intermediate container a10739bb0bd6
---> 18140b90867c
Step 6/10 : RUN yum -y install net-tools
---> Running in f7ecade2e25a
Last metadata expiration check: 0:00:27 ago on Sun Sep 27 11:44:55 2020.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
net-tools x86_64 2.0-0.51.20160912git.el8 BaseOS 323 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 323 k
Installed size: 1.0 M
Downloading Packages:
net-tools-2.0-0.51.20160912git.el8.x86_64.rpm 262 kB/s | 323 kB 00:01
--------------------------------------------------------------------------------
Total 172 kB/s | 323 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Running scriptlet: net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Verifying : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Installed:
net-tools-2.0-0.51.20160912git.el8.x86_64
Complete!
Removing intermediate container f7ecade2e25a
---> d37dcf6d3fb6
Step 7/10 : EXPOSE 80
---> Running in 8345ea0cbfc2
Removing intermediate container 8345ea0cbfc2
---> a4d0c5f4c818
Step 8/10 : CMD echo MYPATH
---> Running in ec4321339933
Removing intermediate container ec4321339933
---> fcecaec0b0cf
Step 9/10 : CMD echo " ~ ~ ~ end ~ ~ ~ "
---> Running in edbba0ef11bd
Removing intermediate container edbba0ef11bd
---> 1276d020e5dc
Step 10/10 : CMD /bin/bash
---> Running in 6c684095a302
Removing intermediate container 6c684095a302
---> e7171d8d341f
Successfully built e7171d8d341f
Successfully tagged geekcentos:1.0
[geek@192 docker_my]$
- 可以进入使用。
[geek@192 docker_my]$ sudo docker run -it geekcentos:1.0
[root@aebce65180c4 local]# pwd
/usr/local
[root@aebce65180c4 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.4 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:04 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@aebce65180c4 local]# vim test
[root@aebce65180c4 local]#
docker history。镜像构建详情。
[geek@192 docker_my]$ sudo docker history geekcentos:1.0
IMAGE CREATED CREATED BY SIZE COMMENT
e7171d8d341f 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
1276d020e5dc 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
fcecaec0b0cf 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
a4d0c5f4c818 5 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
d37dcf6d3fb6 5 minutes ago /bin/sh -c yum -y install net-tools 22.8MB
18140b90867c 6 minutes ago /bin/sh -c yum -y install vim 57.2MB
82fe516a0098 6 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
8f16e7d0dee3 6 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
59e173e7c4d0 6 minutes ago /bin/sh -c #(nop) MAINTAINER geek<YifanLiGe… 0B
0d120b6ccaa8 6 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 6 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 6 weeks ago /bin/sh -c #(nop) ADD file:538afc0c5c964ce0d… 215MB
[geek@192 docker_my]$ sudo docker history mysql:5.7
IMAGE CREATED CREATED BY SIZE COMMENT
ef08065b0a30 2 weeks ago /bin/sh -c #(nop) CMD ["mysqld"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 3306 33060 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["docker-entry… 0B
<missing> 2 weeks ago /bin/sh -c ln -s usr/local/bin/docker-entryp… 34B
<missing> 2 weeks ago /bin/sh -c #(nop) COPY file:7cbb26bbdb8e71b3… 13.2kB
<missing> 2 weeks ago /bin/sh -c #(nop) VOLUME [/var/lib/mysql] 0B
<missing> 2 weeks ago /bin/sh -c { echo mysql-community-server m… 313MB
<missing> 2 weeks ago /bin/sh -c echo "deb http://repo.mysql.com/a… 55B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV MYSQL_VERSION=5.7.31-… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV MYSQL_MAJOR=5.7 0B
<missing> 2 weeks ago /bin/sh -c set -ex; key='A4A9406876FCBD3C45… 2.61kB
<missing> 2 weeks ago /bin/sh -c apt-get update && apt-get install… 52.2MB
<missing> 2 weeks ago /bin/sh -c mkdir /docker-entrypoint-initdb.d 0B
<missing> 2 weeks ago /bin/sh -c set -eux; savedAptMark="$(apt-ma… 4.17MB
<missing> 2 weeks ago /bin/sh -c #(nop) ENV GOSU_VERSION=1.12 0B
<missing> 2 weeks ago /bin/sh -c apt-get update && apt-get install… 9.34MB
<missing> 2 weeks ago /bin/sh -c groupadd -r mysql && useradd -r -… 329kB
<missing> 2 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:e7407f2294ad23634… 69.2MB
CMD & ENTRYPOINT。
-
CDM
容器启动时要运行的命令。只有最后一个会生效,可被替代。 -
ENTRYPOINT
容器启动时要运行的命令。可追加命令。
[geek@192 docker_my]$ sudo vim dockerfile-cmd-test
[sudo] password for geek:
[geek@192 docker_my]$ cat dockerfile-cmd-test
from centos
cmd ["ls", "-a"]
[geek@192 docker_my]$ sudo docker build -f dockerfile-cmd-test -t cmdtest .
Sending build context to Docker daemon 4.096kB
Step 1/2 : from centos
---> 0d120b6ccaa8
Step 2/2 : cmd ["ls", "-a"]
---> Running in f65d2334921a
Removing intermediate container f65d2334921a
---> 8c37ba39e701
Successfully built 8c37ba39e701
Successfully tagged cmdtest:latest
- 执行,命令生效。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
- 加命令参数,报错。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701 -l
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"-l\": executable file not found in $PATH": unknown.
// 需要完整命令。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701 ls -l
total 0
lrwxrwxrwx. 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Sep 27 12:15 dev
drwxr-xr-x. 1 root root 66 Sep 27 12:15 etc
drwxr-xr-x. 2 root root 6 May 11 2019 home
lrwxrwxrwx. 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------. 2 root root 6 Aug 9 21:40 lost+found
drwxr-xr-x. 2 root root 6 May 11 2019 media
drwxr-xr-x. 2 root root 6 May 11 2019 mnt
drwxr-xr-x. 2 root root 6 May 11 2019 opt
dr-xr-xr-x. 129 root root 0 Sep 27 12:15 proc
dr-xr-x---. 2 root root 162 Aug 9 21:40 root
drwxr-xr-x. 11 root root 163 Aug 9 21:40 run
lrwxrwxrwx. 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 May 11 2019 srv
dr-xr-xr-x. 13 root root 0 Sep 27 05:38 sys
drwxrwxrwt. 7 root root 145 Aug 9 21:40 tmp
drwxr-xr-x. 12 root root 144 Aug 9 21:40 usr
drwxr-xr-x. 20 root root 262 Aug 9 21:40 var
- ENTRYPOINT。
容器启动时要运行的命令。可追加命令。- ENTRYPOINT
容器启动时要运行的命令。可追加命令。
[geek@192 docker_my]$ sudo vim dockerfile-cmd-entrypoint
[geek@192 docker_my]$ cat dockerfile-cmd-entrypoint
from centos
entrypoint ["ls", "-a"]
[geek@192 docker_my]$ sudo docker build -f dockerfile-cmd-entrypoint -t entrypoint-test .
Sending build context to Docker daemon 5.12kB
Step 1/2 : from centos
---> 0d120b6ccaa8
Step 2/2 : entrypoint ["ls", "-a"]
---> Running in 49dd42d79208
Removing intermediate container 49dd42d79208
---> 5f296513ccf5
Successfully built 5f296513ccf5
Successfully tagged entrypoint-test:latest
[geek@192 docker_my]$ sudo docker run 5f296513ccf5
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
- 追加命令参数。
[geek@192 docker_my]$ sudo docker run 5f296513ccf5 -l
total 0
drwxr-xr-x. 1 root root 6 Sep 27 12:20 .
drwxr-xr-x. 1 root root 6 Sep 27 12:20 ..
-rwxr-xr-x. 1 root root 0 Sep 27 12:20 .dockerenv
lrwxrwxrwx. 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Sep 27 12:20 dev
drwxr-xr-x. 1 root root 66 Sep 27 12:20 etc
drwxr-xr-x. 2 root root 6 May 11 2019 home
lrwxrwxrwx. 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------. 2 root root 6 Aug 9 21:40 lost+found
drwxr-xr-x. 2 root root 6 May 11 2019 media
drwxr-xr-x. 2 root root 6 May 11 2019 mnt
drwxr-xr-x. 2 root root 6 May 11 2019 opt
dr-xr-xr-x. 129 root root 0 Sep 27 12:20 proc
dr-xr-x---. 2 root root 162 Aug 9 21:40 root
drwxr-xr-x. 11 root root 163 Aug 9 21:40 run
lrwxrwxrwx. 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 May 11 2019 srv
dr-xr-xr-x. 13 root root 0 Sep 27 05:38 sys
drwxrwxrwt. 7 root root 145 Aug 9 21:40 tmp
drwxr-xr-x. 12 root root 144 Aug 9 21:40 usr
drwxr-xr-x. 20 root root 262 Aug 9 21:40 var
制作 Tomcat Dokerfile。
-
准备 tomcat 和 jdk 压缩包。
-
编写 dockerfile 文件。官方命名
Dockerfile。build 会自动寻找这个文件,就不需要 -f 指定文件了。
[geek@192 tools_my]$ sudo vim Dockerfile
[sudo] password for geek:
[geek@192 tools_my]$ cat Dockerfile
from centos
maintainer geek<YifanLiGeek@gmail.com>
copy readme.txt /usr/local/readme.txt
add jdk-8u241-linux-x64.tar.gz /usr/local
add apache-tomcat-9.0.38.tar.gz /usr/local
run yum -y install vim
env MYPATH /usr/local
workdir $MYPATH
env JAVA_HOME /usr/local/jdk1.8.0_241
env CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
env CATALINA_HOME /usr/local/apache-tomcat-9.0.38
env CATALINA_BASE /usr/local/apache-tomcat-9.0.38
env PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
expose 8080
cmd /usr/local/apache-tomcat-9.0.38/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.38/bin/logs/catalina.out
[geek@192 docker_my]$ sudo docker build -t diytomcat .
Sending build context to Docker daemon 205.8MB
Step 1/15 : from centos
---> 0d120b6ccaa8
Step 2/15 : maintainer geek<YifanLiGeek@gmail.com>
---> Using cache
---> 59e173e7c4d0
Step 3/15 : copy readme.txt /usr/local/readme.txt
---> eb47195826b2
Step 4/15 : add jdk-8u241-linux-x64.tar.gz /usr/local
---> 867538925102
Step 5/15 : add apache-tomcat-9.0.38.tar.gz /usr/local
---> c497c5c1cb19
Step 6/15 : run yum -y install vim
---> Running in baa59aed44d6
CentOS-8 - AppStream 2.8 MB/s | 5.8 MB 00:02
CentOS-8 - Base 518 kB/s | 2.2 MB 00:04
CentOS-8 - Extras 4.1 kB/s | 8.1 kB 00:02
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-13.el8 AppStream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-15.el8 AppStream 39 k
vim-common x86_64 2:8.0.1763-13.el8 AppStream 6.3 M
vim-filesystem noarch 2:8.0.1763-13.el8 AppStream 48 k
which x86_64 2.21-12.el8 BaseOS 49 k
Transaction Summary
================================================================================
Install 5 Packages
Total download size: 7.8 M
Installed size: 31 M
Downloading Packages:
(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 113 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-13.el8.noarch.rp 143 kB/s | 48 kB 00:00
(3/5): vim-enhanced-8.0.1763-13.el8.x86_64.rpm 1.4 MB/s | 1.4 MB 00:00
(4/5): which-2.21-12.el8.x86_64.rpm 84 kB/s | 49 kB 00:00
(5/5): vim-common-8.0.1763-13.el8.x86_64.rpm 4.2 MB/s | 6.3 MB 00:01
--------------------------------------------------------------------------------
Total 2.8 MB/s | 7.8 MB 00:02
warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/gpm-libs-1.20.7-15.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS-8 - AppStream 1.3 MB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-12.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-13.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-13.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-13.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-13.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-13.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-13.el8.noarch 4/5
Verifying : which-2.21-12.el8.x86_64 5/5
Installed:
gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-13.el8.x86_64
vim-enhanced-2:8.0.1763-13.el8.x86_64 vim-filesystem-2:8.0.1763-13.el8.noarch
which-2.21-12.el8.x86_64
Complete!
Removing intermediate container baa59aed44d6
---> 52f81092e768
Step 7/15 : env MYPATH /usr/local
---> Running in 757ab2fde799
Removing intermediate container 757ab2fde799
---> ee4a54d9e1b5
Step 8/15 : workdir $MYPATH
---> Running in fceb9a3b8308
Removing intermediate container fceb9a3b8308
---> a23a98e63f82
Step 9/15 : env JAVA_HME /usr/local/jdk1.8.0_241
---> Running in fd4863abcc08
Removing intermediate container fd4863abcc08
---> 13ebbd91349c
Step 10/15 : env CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
---> Running in 3c6aaf9174ad
Removing intermediate container 3c6aaf9174ad
---> bbe127f3db64
Step 11/15 : env CATALINA_HOME /usr/local/apache-tomcat-9.0.38
---> Running in 5beccdaec8bc
Removing intermediate container 5beccdaec8bc
---> b624ffaf2a6c
Step 12/15 : env CATALINA_BASE /usr/local/apache-tomcat-9.0.38
---> Running in de92ff94de61
Removing intermediate container de92ff94de61
---> 7e9ffb9ea42d
Step 13/15 : env PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
---> Running in 2c02db50f557
Removing intermediate container 2c02db50f557
---> 8df2f1efd106
Step 14/15 : expose 8080
---> Running in a203cd3bf0ee
Removing intermediate container a203cd3bf0ee
---> a815a675b1af
Step 15/15 : cmd /usr/local/apache-tomcat-9.0.38/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.38/bin/logs/catalina.out
---> Running in 643d2ac55eb6
Removing intermediate container 643d2ac55eb6
---> 0ea70d093e7b
Successfully built 0ea70d093e7b
Successfully tagged diytomcat:latest
[geek@192 docker_my]$ sudo docker run -d -p 9090:8080 --name geektomcat -v /home/geek/build/tomcat/test:/usr/local/apache-tomcat-9.0.38/webapps/test -v /home/geek/build/tomcat/tomcatlogs:/usr/local/apache-tomcat-9.0.38/logs diytomcat
[sudo] password for geek:
584bfb4a1c2720abf4bf590b714f66a5c55c3a6c71d59355ab83f833bef9ea5e
发布镜像。
[geek@192 ~]$ sudo docker login --help
[sudo] password for geek:
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
[geek@192 ~]$ sudo docker login -u lyfgeek
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[geek@192 ~]$ sudo docker push diytomcat
sudo docker push geek/diytomcat
发布到阿里云镜像。
Docker 网络。
docker0。
sudo docker run -d -P --name tomcat01 tomcat
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
虚拟机可以 ping 通。
[geek@192 ~]$ ping -c 3 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.736 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.059 ms
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 0.058/0.284/0.736/0.319 ms
每启动一个 docker 容器,docker 就会给 docker 容器分配一个 ip,我们只要安装了 docker,就会有一个网卡 docker0。
桥接模式。使用的是 `veth-pair`` 技术。
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:8d:5f:fb:08 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:8dff:fe5f:fb08/64 scope link
valid_lft forever preferred_lft forever
- 每启动一个容器后,会多一个网卡。
容器内网卡。
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
宿主机网卡。
37: vethfa29654@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f6:0f:41:f3:ec:7b brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::f40f:41ff:fef3:ec7b/64 scope link
valid_lft forever preferred_lft forever
有对应关系。37 ~ 36。
veth-pair 就是成对的虚拟设备接口,ta 们都是成对出现,一端连接着协议,一端连接彼此。
OpenStack,OVS,Docker 容器之间的连接都是使用 veth-pair 技术。
sudo docker run -d -P --name tomcat01 tomcat
sudo docker exec -it tomcat01 ip addr
sudo docker run -d -P --name tomcat02 tomcat
sudo docker exec -it tomcat02 ip addr
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[geek@192 ~]$ sudo docker exec -it tomcat02 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
38: eth0@if39: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
- 宿主机。
[geek@192 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:a7:c5:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.142.161/24 brd 192.168.142.255 scope global noprefixroute dynamic ens33
valid_lft 5429865sec preferred_lft 5429865sec
inet6 fe80::be3c:cd3d:4ef4:38c4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:8d:5f:fb:08 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:8dff:fe5f:fb08/64 scope link
valid_lft forever preferred_lft forever
5: veth454806f@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 9a:f7:79:94:a6:d6 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::98f7:79ff:fe94:a6d6/64 scope link
valid_lft forever preferred_lft forever
37: vethfa29654@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f6:0f:41:f3:ec:7b brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::f40f:41ff:fef3:ec7b/64 scope link
valid_lft forever preferred_lft forever
39: veth2e9ce8c@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether a2:1b:35:6a:27:84 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::a01b:35ff:fe6a:2784/64 scope link
valid_lft forever preferred_lft forever
共用一个路由器 docker0。
172.17.0.3/16
11111111.11111111.11111111.11111111
255.255.255.255
16 ~ 在 255.255. 下是同一网段。
可以分配 255.255.0.1 ~ 255.255.255.254 个 ip。
Docker 中所有的网络接口都是虚拟的。虚拟的转发效率高。
问题:mysql 容器 ip 不固定的情况下,ip 换了,怎么通过名字访问容器。
–link。
[geek@192 ~]$ sudo docker exec -it tomcat01 ping tomcat02
[sudo] password for geek:
ping: tomcat02: Name or service not known
- 通过 --link 指定需要连通的容器。
[geek@192 ~]$ sudo docker run -d -P --name tomcat03 --link tomcat02 tomcat
f21254e5bf8ae2faa8c1ebe1216386f3af7c3990cba24d27b86ef07816d145a9
[geek@192 ~]$ sudo docker exec -it tomcat03 ping tomcat02
PING tomcat02 (172.17.0.4) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.4): icmp_seq=1 ttl=64 time=1.78 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=2 ttl=64 time=0.496 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=3 ttl=64 time=0.117 ms
反向不能 ping 通。
sudo docker exec -it tomcat02 ping tomcat03
ping: tomcat03: Name or service not known
docker network。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
d9c358e6c89b none null local
[geek@192 ~]$ sudo docker network inspect 76de49ccecf8
[
{
"Name": "bridge",
"Id": "76de49ccecf840b34c1d0987998bd1639c6d7c73aa10b948638b7a530ef01ede",
"Created": "2020-09-27T14:05:02.258994481+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"0cc1df6854e9381778be9c1498fe684fa495642f6558f469dd9496931eaa3abc": {
"Name": "mysql_geek",
"EndpointID": "bab4b6ec511d42a16a73420a88c46fb80b67b4b6a81743946be2fc131bd247bf",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"97b0a19224b49e4d69b47ba00e14d63dc97318ecd1c7b0efbde291efc35be1d3": {
"Name": "tomcat02",
"EndpointID": "503d85c5335b1cc8c9e4f333b557394e9f05b5d2f9616bc3a833cba6f54549ff",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"b03c201ac7a98ca9bfd37c5ae9102d3f7a4ebb71ebc16e120cd8b2d334ae67d1": {
"Name": "tomcat01",
"EndpointID": "840ec23feb39efc4b04f61ed6f5038141a665a818a881517ecefac309f82b59e",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"f21254e5bf8ae2faa8c1ebe1216386f3af7c3990cba24d27b86ef07816d145a9": {
"Name": "tomcat03",
"EndpointID": "5387febc652ae42927d7d606116daaa28afb39eb34250478a74366244eb790db",
"MacAddress": "02:42:ac:11:00:05",
"IPv4Address": "172.17.0.5/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
本质:其实是修改了 host。
[geek@192 ~]$ sudo docker exec -it tomcat03 cat /etc/hosts
[sudo] password for geek:
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.4 tomcat02 97b0a19224b4
172.17.0.5 f21254e5bf8a
自定义网络 ~ docker network。
- 查看 docker 所有网络。
[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
d9c358e6c89b none null local
- 网络模式。
–net=bridge ~ 桥接 docker(默认)。在 Docker 网桥 docker0 上为容器创建新的网络栈。
–net=none ~ 不配置网络,用户可以稍后进入容器,自行配置。
–net=host ~ 和宿主机共享网络。
–net=container:name/id ~ 容器网络连通。(用的少,局限很大)。容器和另外一个容器共享 network namespace。kubernetes 中的 pod 就是多个容器共享一个 network namespace。
–net=host ~ 容器和宿主机共享 Network namespace。
-net=自定义网络 ~ 用户自定义。用户自己使用 network 相关命令定义网络。创建容器时可以指定为自己定义的网络。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
sudo docker run -d -P --name tomcat01 tomcat
默认 --net bridge。
==
sudo docker run -d -P --name tomcat01 --net bridge tomcat
[geek@192 ~]$ sudo docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
docker0 网络的特点。
ta 是默认的。
域名访问不通。
–link 域名可通,但是删了又不行。
自己创建一个 Docker network。
sudo docker network create --driver bridge --gateway 192.169.0.1 --subnet 192.168.0.0/16
[geek@192 ~]$ sudo docker network create -d bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1
[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
effcb11190c0 mynet bridge local
d9c358e6c89b none null local
–subnet 192.168.0.0/16
192.168.0.2 ~ 192.168.255.254
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
]
[geek@192 ~]$ sudo docker run -d -P --name tomcat-net-01 --net mynet tomcat
e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f
[geek@192 ~]$ sudo docker run -d -P --name tomcat-net-02 --net mynet tomcat
015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce": {
"Name": "tomcat-net-02",
"EndpointID": "b22b0b26623404ab255ec2f1836acc527444f17ee5df00ce06985e9212198d32",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f": {
"Name": "tomcat-net-01",
"EndpointID": "f469d5a66c629bcd47f21351be9422100a5089cfaf82b92ea72e2b9eaf20ec06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
- 可以通过容器名 ping。
[geek@192 ~]$ sudo docker exec -it tomcat-net-01 ping 192.168.0.1 -c 3
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.061 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.065 ms
--- 192.168.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 0.061/0.063/0.065/0.009 ms
[geek@192 ~]$ sudo docker exec -it tomcat-net-01 ping tomcat-net-02 -c 3
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.097 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.074 ms
--- tomcat-net-02 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 0.069/0.080/0.097/0.012 ms
tomcat-net-02 也可以 ping 通 tomcat-net-01。
网络连通。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
[geek@192 ~]$ sudo docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
- 将 tomcat01 和 mynet 连通。
[geek@192 ~]$ sudo docker network connect mynet tomcat01
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce": {
"Name": "tomcat-net-02",
"EndpointID": "b22b0b26623404ab255ec2f1836acc527444f17ee5df00ce06985e9212198d32",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"b03c201ac7a98ca9bfd37c5ae9102d3f7a4ebb71ebc16e120cd8b2d334ae67d1": {
"Name": "tomcat01",
"EndpointID": "3625c6b09b4b667a7bc5b3f5a4361c978434047dd3c78600420e594f59410ee3",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f": {
"Name": "tomcat-net-01",
"EndpointID": "f469d5a66c629bcd47f21351be9422100a5089cfaf82b92ea72e2b9eaf20ec06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[geek@192 ~]$ sudo docker exec -it tomcat01 ping tomcat-net-01 -c 3
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.124 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.110 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.091 ms
--- tomcat-net-01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.091/0.108/0.124/0.016 ms
Redis 集群。
sudo docker rm -f $(docker ps -aq)
[geek@192 ~]$ sudo docker network create redis --subnet 172.38.0.0/16
0f4542f770770adbebf8b22b90d0296018c026e649525a8a181f16152f667200
for port in $(seq 1 6)
do
mkdir -p /home/geek/geek/mydata/redis/node-${port}/conf
touch /home/geek/geek/mydata/redis/node-${port}/conf/redis.conf
cat << EOF > /home/geek/geek/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-announce-ip 172.38.0.1${port}
cluster-announce-bus-port 16379
appendonly yes
EOF
done
sudo docker run -p 6371:6379 -p 16371:16379 --name redis-1 \
-v /home/geek/geek/mydata/redis/node-1/data \
-v /home/geek/geek/mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.11 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
sudo docker run -p 6372:6379 -p 16372:16379 --name redis-2 \
-v /home/geek/geek/mydata/redis/node-2/data \
-v /home/geek/geek/mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.12 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
sudo docker run -p 6373:6379 -p 16373:16379 --name redis-3 \
-v /home/geek/geek/mydata/redis/node-3/data \
-v /home/geek/geek/mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.13 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
sudo docker run -p 6374:6379 -p 16374:16379 --name redis-4 \
-v /home/geek/geek/mydata/redis/node-4/data \
-v /home/geek/geek/mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.14 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
sudo docker run -p 6375:6379 -p 16375:16379 --name redis-5 \
-v /home/geek/geek/mydata/redis/node-5/data \
-v /home/geek/geek/mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.15 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
sudo docker run -p 6376:6379 -p 16376:16379 --name redis-6 \
-v /home/geek/geek/mydata/redis/node-6/data \
-v /home/geek/geek/mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.16 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
- 创建集群。
先进入一个容器。
[geek@192 ~]$ sudo docker exec -it redis-1 /bin/bash
OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "exec: \"/bin/bash\": stat /bin/bash: no such file or directory": unknown
[geek@192 ~]$ sudo docker exec -it redis-1 /bin/sh
/data # ls
appendonly.aof nodes.conf
redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.
0.15:6379 172.38.0.16:6379 --cluster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: 77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: 16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379
replicates 16396919eb468bea0b696c7d6c34bf797f7e93f6
S: 2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379
replicates dcb8f253dfc1aed54ec272fb2f569034ea5e245a
S: 6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379
replicates 77f3c8bdde5f660c723a60db52429adda8aa11ec
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
..
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
M: 77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: 16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: 2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379
slots: (0 slots) slave
replicates dcb8f253dfc1aed54ec272fb2f569034ea5e245a
S: 95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379
slots: (0 slots) slave
replicates 16396919eb468bea0b696c7d6c34bf797f7e93f6
S: 6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379
slots: (0 slots) slave
replicates 77f3c8bdde5f660c723a60db52429adda8aa11ec
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:76
cluster_stats_messages_pong_sent:82
cluster_stats_messages_sent:158
cluster_stats_messages_ping_received:77
cluster_stats_messages_pong_received:76
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:158
127.0.0.1:6379> cluster nodes
77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379@16379 master - 0 1601231683259 2 connected 5461-10922
16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379@16379 master - 0 1601231684266 3 connected 10923-16383
2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379@16379 slave dcb8f253dfc1aed54ec272fb2f569034ea5e245a 0 1601231684000 5 connected
dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379@16379 myself,master - 0 1601231682000 1 connected 0-5460
95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379@16379 slave 16396919eb468bea0b696c7d6c34bf797f7e93f6 0 1601231683000 4 connected
6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379@16379 slave 77f3c8bdde5f660c723a60db52429adda8aa11ec 0 1601231685275 6 connected
127.0.0.1:6379> set name geek
-> Redirected to slot [5798] located at 172.38.0.12:6379
OK
172.38.0.12:6379>
Spring Boot 微服务打包 Docker 镜像。
将写好的项目 mvn package。
确保可以正常运行。
java -jar docker-demo-0.0.1-SNAPSHOT.jar
FROM java:8
COPY *.jar app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app.jar"]
将 jar 包和 Dockefile 拷贝到服务器。
[geek@192 idea]$ sudo docker build -t geek666 .
Sending build context to Docker daemon 16.55MB
Step 1/5 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/5 : COPY *.jar app.jar
---> c542b682ce04
Step 3/5 : CMD ["--server.port=8080"]
---> Running in cb4fe318aea1
Removing intermediate container cb4fe318aea1
---> 56b4e4949967
Step 4/5 : EXPOSE 8080
---> Running in ee4e4c67f8b1
Removing intermediate container ee4e4c67f8b1
---> 8e87d7c0c35c
Step 5/5 : ENTRYPOINT ["java", "-jar", "app.jar"]
---> Running in 447e82f763aa
Removing intermediate container 447e82f763aa
---> 72b4682c244c
Successfully built 72b4682c244c
Successfully tagged geek666:latest
[geek@192 idea]$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
geek666 latest 72b4682c244c 33 seconds ago 660MB
sudo docker run -d -P --name geek-springboot-web geek666
[geek@192 idea]$ sudo docker run -d -P --name geek-springboot-web geek666
511bbf57ef45b8cb6b2a34227d556e98ced8dabcecc3e9af5bdee88635dad29d
[geek@192 idea]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
511bbf57ef45 geek666 "java -jar app.jar -…" 5 seconds ago Up 4 seconds 0.0.0.0:32778->8080/tcp geek-springboot-web
- 正常访问。
[geek@192 idea]$ curl localhost:32778
{"timestamp":"2020-09-27T20:12:38.150+00:00","status":404,"error":"Not Found","message":"","path":"/"}
[geek@192 idea]$ curl localhost:32778/hello
hello, geek.
[geek@192 idea]$
# 指定基础镜像。
FROM ubuntu:16.04
# 配置环境变量,JDK 的安装目录。
ENV JAVA_DIR=/usr/local
# 拷贝 jdk 和 java 项目的包。
COPY ./jdk-8u241-linux-x64.tar.gz $JAVA_DIR/
COPY ./docker-demo-0.0.1-SNAPSHOT.jar /tmp/app.jar
# 安装 JDK。
RUN cd $JAVA_DIR \
&& tar -xf ./jdk-8u241-linux-x64.tar.gz \
&& mv ./jdk1.8.0_241 ./java8
# 配置环境变量。
ENV JAVA_HOME=$JAVA_DIR/java8
ENV PATH=$PATH:$JAVA_HOME/bin
# 暴露端口。
EXPOSE 8090
# 入口,java 项目的启动命令。
ENTRYPOINT java -jar /tmp/app.jar
FROM java:8
COPY *.jar app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app.jar"]
FROM java:8-alpine
COPY ./app.jar /tmp/app.jar
EXPOSE 8090
ENTRYPOINT java -jar /tmp/app.jar
4136
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
