docker安装
查看系统版本
[root@localhost ~]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
帮助文档
https://docs.docker.com/engine/install/centos/
卸载旧的docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
安装插件
[root@localhost ~]# yum install -y yum-utils
设置镜像仓库
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装
yum install docker-ce docker-ce-cli containerd.io
启动docker
[root@localhost ~]# systemctl start docker
运行hello world镜像测试docker
[root@localhost ~]# docker run hello-world
查看是否安装成功
[root@localhost ~]# docker version
卸载docker
yum remove docker-ce docker-ce-cli containerd.io
阿里云镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://vcz9p1ek.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
删除目录
rm -rf /var/lib/docker
rm -rf /var/lib/containerd
docker常用命令
[root@localhost ~]# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var
and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
deploy Deploy a new stack or update an existing stack
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
镜像命令
docker images 查看本地镜像
[root@wrf ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
镜像的仓库源(名字) 镜像便签 镜像ID 创建时间 镜像大小
- a # 列出全部镜像
- q # 只显示镜像id
docker search 搜索镜像
[root@wrf ~]# docker search mysql
docker pull 下载镜像(拉取)
[root@wrf ~]# docker pull mysql #默认下载最新版本
[root@wrf ~]# docker search mysql:5.7 # 下载指定版本mysql5.7
docker rmi 删除镜像
[root@wrf ~]# docker rmi -f 镜像id号 # 删除指定镜像 通过容器id删除
[root@wrf ~]# docker rmi -f $(docker images -aq) # 删除全部镜像
容器命令
新建容器并启动
docker run 启动容器
[root@wrf ~]# docker run [可选参数] image
参数说明:
--name="name" 容器名字
-d 以后台方式运行
-it 使用交互方式运行,进入容器查看内容
-p 指定容器的端口 -p8080:8080
-p 主机端口:容器端口
-P 随机指定端口
[root@wrf ~]# docker run -it centos /bin/bash # 进入容器
docker ps 列出正在运行的容器
[root@wrf ~]# docker ps [可选参数] # 列出当前正在运行的容器
-a 列出当前正在运行的容器+之前运行过的容器
-n=? #显示正在创建的容器
-q # 只显示容器的id
exit 退出容器
exit # 直接退出并关闭容器
Ctrl+p+q # 容器不停止退出
docker rm 删除容器
[root@wrf ~]# docker rm 容器id
[root@wrf ~]# docker rm -f $(docker ps -aq) # 递归删除全部容器
docker ps -a -q |xargs docker rm
启动和停止容器的操作
docker start 容器id # 启动一个容器
docker restart 容器id # 重启一个容器
docker stop 容器id # 停止一个容器
docker kill 容器id # 杀一个容器
docker logs 查看日志
docker logs
-tf # 显示日志
--tail number # 显示指定行数的日志
docker logs -tf -tail 10
[root@localhost ~]# docker logs a1cce707afbc
1:C 21 Jan 2022 11:18:49.444 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 21 Jan 2022 11:18:49.444 # Redis version=6.0.8, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 21 Jan 2022 11:18:49.444 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 21 Jan 2022 11:18:49.445 * Running mode=standalone, port=6379.
1:M 21 Jan 2022 11:18:49.445 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 21 Jan 2022 11:18:49.445 # Server initialized
1:M 21 Jan 2022 11:18:49.445 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 21 Jan 2022 11:18:49.445 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo madvise > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled (set to 'madvise' or 'never').
1:M 21 Jan 2022 11:18:49.446 * Ready to accept connections
docker top 查看容器中的进程信息
docker top [容器id]
[root@localhost ~]# docker top a1cce707afbc
UID PID PPID C STIME TTY TIME CMD
polkitd 8424 8400 0 19:18 ? 00:00:16 redis-server *:6379
docker inspect 查看镜像元数据
docker inspect 容器id
[root@localhost ~]# docker inspect a1cce707afbc
[
{
"Id": "a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73",
"Created": "2022-01-21T11:18:49.140052129Z",
"Path": "docker-entrypoint.sh",
"Args": [
"redis-server"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 8424,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-01-21T11:18:49.43539493Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:16ecd277293476392b71021cdd585c40ad68f4a7488752eede95928735e39df4",
"ResolvConfPath": "/var/lib/docker/containers/a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73/hostname",
"HostsPath": "/var/lib/docker/containers/a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73/hosts",
"LogPath": "/var/lib/docker/containers/a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73/a1cce707afbc9b3edb09bce2f316e643cf0a47406268c8155dc123437bbb8e73-json.log",
"Name": "/friendly_jang",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/02df86a2f4e1078a67045025b5b1b7eea53870e5c848e2aa06ae3f4ecaeac26b-init/diff:/var/lib/docker/overlay2/e589feb15e3608e30e88e2d5f4f335c4271704bf22bc5f6900a6a523b977bdc3/diff:/var/lib/docker/overlay2/fd4a28d2a89b76d8f324c3364970e32935dd7ff5d76b917832c1654578213fc9/diff:/var/lib/docker/overlay2/3c5436e46bd468a555278601a4bad5434654881af77999d855b16435c112836b/diff:/var/lib/docker/overlay2/cf4e1e135c4988bf13db66ad9c8982b4fdac0f852fe10a08fbad04ea9066bb2b/diff:/var/lib/docker/overlay2/30b6559d50406b7f529d8e7a84d94a9923c6b8558306d3435dafc008b63eaa90/diff:/var/lib/docker/overlay2/9213d14523fb656cd80e5c121abe6bb974f4bac5ea1fdbd4f890eb1b9c7ecf59/diff",
"MergedDir": "/var/lib/docker/overlay2/02df86a2f4e1078a67045025b5b1b7eea53870e5c848e2aa06ae3f4ecaeac26b/merged",
"UpperDir": "/var/lib/docker/overlay2/02df86a2f4e1078a67045025b5b1b7eea53870e5c848e2aa06ae3f4ecaeac26b/diff",
"WorkDir": "/var/lib/docker/overlay2/02df86a2f4e1078a67045025b5b1b7eea53870e5c848e2aa06ae3f4ecaeac26b/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "9c62b67047326fcc2716771885fd74e4250a08131aceebd15407893596d7f183",
"Source": "/var/lib/docker/volumes/9c62b67047326fcc2716771885fd74e4250a08131aceebd15407893596d7f183/_data",
"Destination": "/data",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "a1cce707afbc",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"6379/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.12",
"REDIS_VERSION=6.0.8",
"REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-6.0.8.tar.gz",
"REDIS_DOWNLOAD_SHA=04fa1fddc39bd1aecb6739dd5dd73858a3515b427acd1e2947a66dadce868d68"
],
"Cmd": [
"redis-server"
],
"Image": "redis:6.0.8",
"Volumes": {
"/data": {}
},
"WorkingDir": "/data",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "13a60808f0d166c35d450f877159fe6762bd7bb80d192f385d26b1cbd40d6a22",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"6379/tcp": null
},
"SandboxKey": "/var/run/docker/netns/13a60808f0d1",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "95ee5f09c6e9778732dd58d7043b14f0bdcd5ddcf82b579c033ab74d09c5fb5b",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "85737496c3fe5df54bbd257822f5413974c1de198a388e066993b2731f26e5e3",
"EndpointID": "95ee5f09c6e9778732dd58d7043b14f0bdcd5ddcf82b579c033ab74d09c5fb5b",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入当前正在运行的容器
docker exec -it [镜像id] /bin/bash # 进入容器后,开启一个新的终端,可以在里面操作
docker attach [容器id] /bin/bash # 进入容器正在执行的终端,不会启动新的进程
拷贝命令:从容器内拷贝文件到主机上
# 将容器中的文件拷贝到主机上
docker cp 容器id:容器内的路径 目的主机路径
[root@localhost ~]# docker run -it --name mywu01 ubuntu
root@f6be5d8eb730:/# cd tmp/
root@f6be5d8eb730:/tmp# ls
root@f6be5d8eb730:/tmp# touch 11.txt
root@f6be5d8eb730:/tmp# ls
11.txt
root@f6be5d8eb730:/tmp# echo "hello">>11.txt
root@f6be5d8eb730:/tmp# cat 11.txt
hello
[root@localhost etc]# docker cp f6be5d8eb730:/tmp/11.txt /etc/
[root@localhost etc]# cat 11.txt
hello
导入和导出
[root@localhost ~]# docker export a1cce707afbc > myredis.tar
[root@localhost ~]# ls
myredis.tar
[root@localhost ~]# cat myredis.tar | docker import - liufeng/redis:6.0.8
sha256:49506ae8b7d1943b0801a9baab4b41d3eb65bd40c16e27ffbda300bea539931c
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liufeng/redis 6.0.8 49506ae8b7d1 16 seconds ago 101MB
# docker export 容器id > 文件名.tar
# cat 文件名.tar | docker import - 镜像用户/镜像名:镜像版本号
docker stats 查看cpu的状态
docker stats
docker镜像commit操作实例
docker commit 提交容器副本使之成为一个新的镜像
从docker运行Ubuntu镜像,发现没有vim编辑器,使用apt-get安装vim,安装完成后,commit自己的新镜像
[root@aliyun ~]# docker run -it ubuntu /bin/bash
root@1b3bfe59dfc9:/# ls
bin dev home lib32 libx32 mnt proc run srv tmp var
boot etc lib lib64 media opt root sbin sys usr
root@1b3bfe59dfc9:/# apt-get update
.....
Get:16 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 Packages [33.7 kB]
Get:17 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 Packages [23.3 kB]
Get:18 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 Packages [50.8 kB]
Fetched 20.7 MB in 22s (964 kB/s)
Reading package lists... Done
root@1b3bfe59dfc9:/# apt-get -y install vim
.......
update-alternatives: warning: skip creation of /usr/share/man/man1/editor.1.gz because associated file /usr/share/man/man1/vim.1.gz (of link group editor) doesn't exist
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
root@1b3bfe59dfc9:/# vim 11.txt
root@1b3bfe59dfc9:/# cat 11.txt
this is docker!
root@1b3bfe59dfc9:/#
[root@aliyun ~]# docker commit -m "addvim" -a "liufeng" 1b3bfe59dfc9 ubnutu:1.1
sha256:8406486e1051bb1d9b684a91cd81249d3cf98972769e7dd7af6722c68fda4b62
[root@aliyun ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubnutu 1.1 8406486e1051 27 seconds ago 174MB 自己commit的
ubuntu latest ba6acccedd29 3 months ago 72.8MB 官方的
[root@aliyun ~]# docker run -it --name myun ubnutu:1.1 /bin/bash
root@086645006f83:/# vim 11m.txt
本地镜像发布到阿里云
[root@aliyun ~]# docker login --username=沐枫wrf registry.cn-hangzhou.aliyuncs.com
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@aliyun ~]# docker tag 30ef4019761d registry.cn-hangzhou.aliyuncs.com/liufeng1/liu-hub:1.1
[root@aliyun ~]# docker push registry.cn-hangzhou.aliyuncs.com/liufeng1/liu-hub:1.1
1. 登录阿里云Docker Registry
$ docker login --username=沐枫wrf registry.cn-hangzhou.aliyuncs.com
用于登录的用户名为阿里云账号全名,密码为开通服务时设置的密码。 wrf11060…
您可以在访问凭证页面修改凭证密码。
2. 从Registry中拉取镜像
$ docker pull registry.cn-hangzhou.aliyuncs.com/liufeng1/liu-hub:[镜像版本号]
3. 将镜像推送到Registry
$ docker login --username=沐枫wrf registry.cn-hangzhou.aliyuncs.com
$ docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/liufeng1/liu-hub:[镜像版本号]
$ docker push registry.cn-hangzhou.aliyuncs.com/liufeng1/liu-hub:[镜像版本号]
请根据实际镜像信息替换示例中的[ImageId]和[镜像版本号]参数。
docker安装nginx
RHEL/CentOS
Install the prerequisites:
sudo yum install yum-utils
To set up the yum repository, create the file named /etc/yum.repos.d/nginx.repo
with the following contents:
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
By default, the repository for stable nginx packages is used. If you would like to use mainline nginx packages, run the following command:
sudo yum-config-manager --enable nginx-mainline
To install nginx, run the following command:
sudo yum install nginx
docker search nginx # 搜索nigix
docker pull nginx # 拉取下载nigix
docker images # 查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
docker latest 15a9bc7c6340 3 days ago 216MB
tomcat 9.0 3f3cadde9a68 10 days ago 680MB
nginx latest f652ca386ed1 2 weeks ago 141MB
hello-world latest feb5d9fea6a5 2 months ago 13.3kB
[root@localhost ~]# docker run -d -p 3344:80 --name nginx01 nginx
7446f49c35773ac5a8b800da1981ba4cf4f95da99d0a0f21649082d74f5b3873
[root@localhost ~]# docker exec -it nginx01 /bin/bash
root@7446f49c3577:/# ls
bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var
boot docker-entrypoint.d etc lib media opt root sbin sys usr
root@7446f49c3577:/# exit
exit
[root@aliyun ~]# cat nginx.txt
server {
listen 80;
server_name:localhost;
location / {
root /web/html;
index index.html index.html;
}
}
nginx实例
## nginx 部署
# 首先,创建目录 nginx, 用于存放后面的相关东西:
mkdir -p ~/nginx/helloNginx ~/nginx/logs ~/nginx/conf
# 拷贝容器内 Nginx 默认配置文件到本地当前目录下的 conf 目录,容器 ID 可以查看 docker ps 命令输入中的第一列:
docker cp d89de7fa61e:/etc/nginx/nginx.conf ~/nginx/conf
helloNginx: 目录将映射为 nginx 容器配置的虚拟目录。
logs: 目录将映射为 nginx 容器的日志目录。
conf: 目录里的配置文件将映射为 nginx 容器的配置文件。
##部署命令:
docker run -d -p 8082:80 --name runoob-nginx-test-web -v ~/nginx/helloNginx:/usr/share/nginx/html -v ~/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v ~/nginx/logs:/var/log/nginx nginx
命令说明:
-p 8082:80: 将容器的 80 端口映射到主机的 8082 端口。
--name runoob-nginx-test-web:将容器命名为 runoob-nginx-test-web。
-v ~/nginx/helloNginx:/usr/share/nginx/html:将我们自己创建的 helloNginx 目录挂载到容器的 /usr/share/nginx/html。
-v ~/nginx/conf/nginx.conf:/etc/nginx/nginx.conf:将我们自己创建的 nginx.conf 挂载到容器的 /etc/nginx/nginx.conf。
-v ~/nginx/logs:/var/log/nginx:将我们自己创建的 logs 挂载到容器的 /var/log/nginx。
启动以上命令后进入 ~/nginx/helloNginx 目录:
[root@localhost ~]# cd ~/nginx/helloNginx
创建 index.html 文件
[root@localhost helloNginx]# vi index.html
docker安装mysql
[root@localhost ~]# docker search mysql
[root@localhost ~]# docker pull mysql:5.7
Digest: sha256:f2ad209efe9c67104167fc609cca6973c8422939491c9345270175a300419f94
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 c20987f18b13 4 weeks ago 448MB
[root@localhost ~]# docker run --name mysql01 -e MYSQL_ROOT_PASSWORD=123456 -d mysql:5.7
703ad6d9b15f94fb756f435ea2439f16b1058052538af53c51d3069abced9022
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
703ad6d9b15f mysql:5.7 "docker-entrypoint.s…" 30 seconds ago Up 29 seconds 3306/tcp, 33060/tcp mysql01
[root@localhost ~]# docker exec -it 703ad6d9b15f /bin/bash
root@703ad6d9b15f:/# mysql -uroot -p
Enter password: 123456
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.36 MySQL Community Server (GPL)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
mysql> SHOW VARIABLES LIKE 'character%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | latin1 |
| character_set_connection | latin1 |
| character_set_database | latin1 |
| character_set_filesystem | binary |
| character_set_results | latin1 |
| character_set_server | latin1 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)
docker安装mysql(高级)
新建MySQL容器实例
[root@localhost ~]# docker run -d -p 3306:3306 --privileged=true
-v /etc/mysql/log:/var/log/mysql
-v /etc/mysql/data:/var/lib/mysql
-v /etc/mysql/conf:/etc/mysql/conf.d
-e MYSQL_ROOT_PASSWORD=123456
--name mysql01
mysql:5.7
bc09554d99d048c9bbe205df538f6566fb3e337f98e3a0b3f4ab96cd19e41b1f
新建my.cnf # 通过容器卷同步给MySQL容器实例
[root@localhost ~]# cd /etc/mysql/conf/
[root@localhost conf]# vi my.cnf
[root@localhost conf]# cat my.cnf
[client]
default_character_set=utf8
[mysqld]
collation_server = utf8_general_ci
character_set_server = utf8
重启MySQL容器实例,重新进入并查看字符编码
[root@localhost ~]# docker restart mysql01
mysql01
[root@localhost ~]# docker exec -it bc09554d99d0 /bin/bash
root@bc09554d99d0:/# mysql -uroot -p
mysql> SHOW VARIABLES LIKE 'character%';
+--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8 |
| character_set_connection | utf8 |
| character_set_database | utf8 |
| character_set_filesystem | binary |
| character_set_results | utf8 |
| character_set_server | utf8 |
| character_set_system | utf8 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.00 sec)
插入中文测试
mysql> SELECT * FROM t1;
+------+------+
| id | name |
+------+------+
| 1 | liu |
| 3 | 刘 |
| 3 | 刘 |
+------+------+
3 rows in set (0.00 sec)
docker安装tomcat
官方文档:
docker run -it --rm tomcat:9.0 # 用完就删
自学:
docker pull tomcat:9.0
# 运行容器
docker run -d --name tomcat01 -p 8080:8080 tomcat[镜像名]
# 进入容器
docker exec -it tomcat01 /bin/bash
cp -r webapps.list webapps
# 进入容器内将webapps.list里的文件复制到webapps中
root@ac85c9d59241:/usr/local/tomcat# rm -r webapps
root@ac85c9d59241:/usr/local/tomcat# mv webapps.dist webapps
注:
建议安装tomcat8,低版本的
[root@localhost ~]# docker pull billygoo/tomcat8-jdk8
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
billygoo/tomcat8-jdk8 latest 30ef4019761d 3 years ago 523MB
[root@localhost ~]# docker run -d -p 8080:8080 --name mycat8 billygoo/tomcat8-jdk8
a5e5baff41f34164135b060df1beb87e696ef005849779a5d590dbe1b95ad935
-p 8080:8080
-p 3355:8080 tomcat默认开放端口为8080, -p
docker安装redis
[root@aliyun ~]# docker run -d --name myredis -p 6379:6379 redis
[root@aliyun ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c09425c36b4c redis "docker-entrypoint.s…" 11 seconds ago Up 10 seconds 0.0.0.0:6379->6379/tcp myredis
[root@aliyun ~]# docker exec -it c09425c36b4c /bin/bash
root@c09425c36b4c:/data# redis-cli
127.0.0.1:6379> set k1 v1
OK
127.0.0.1:6379> get k1
"v1"
docker部署es+(elasticsearch)kibana
# es 端口暴露的多
# es 十分消耗内存
# es 的数据要放置到安全目录
# 启动es
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
turl localhost:9200
图形化界面portainer
portainer——docker的图形化管理工具
https://docs.portainer.io/v/ce-2.11/start/install/server/docker/linux
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always
-v /var/run/docker.sock:/var/run/docker.sock
-v portainer_data:/data
portainer/portainer-ce:2.1
# 启动
docker run -d -p 8088:9000 portainer/portainer
docker run -d -p 8088:9000 --restart=always /var/run/docker.sock:/var/run/docker.sock --privilege=true portainer/portainer # 配置文件
如何提交一个自己的镜像
docker commit # 提交容器成为一个新的副本
docker commit -m="提交的描述信息" -a="作者" 容器id 目标镜像名:[TAG]
mysql主从复制(docker)版 [未完成]
1.新建主服务器容器实例3307
docker run -p 3307:3306 --name mysql-master -v /mydata/mysql-master/log:/var/log/mysql -v /mydata/mysql-master/data:/var/lib/mysql -v /mydata/mysql-master/conf:/etc/mysql -e MYSQL_ROOT_PASSWORD=ROOT -d mysql:5.7
2.进入/mydata/mysql-master/conf/下新建my.conf
3.修改完配置后重启master实例
5.master容器实例内创建数据同步用户
6.新建从服务器容器实例3308
7.进入/mydata/mysql-slave/conf/下新建my.conf
8.修改完配置后重启slave实例
9.在主数据库查看主从同步状态
—————————至此,docker正式入门—————————
docker容器数据卷
容器的持久化和同步操作。容器间也是可以数据共享的
将容器中创建的文件数据同步到Linux系统中的文件中
使用数据卷
1.直接使用命令行挂载 docker -v
–privileged=true
docker run -it -v 主机目录:容器内目录
[root@aliyun ~]# docker run -it --privileged=true -v /tmp/host:/tmp/docker --name myubuntu ubuntu
root@dbd6a596dbe5:/# ls
bin dev home lib32 libx32 mnt proc run srv tmp var
boot etc lib lib64 media opt root sbin sys usr
root@dbd6a596dbe5:/# cd tmp/
root@dbd6a596dbe5:/tmp# cd docker/
root@dbd6a596dbe5:/tmp/docker# touch liuk.txt
###############################主机上创建文件也会同步到容器内#######################
主机和容器互通互联
[root@aliyun ~]# cd /tmp/host/
[root@aliyun host]# ls
liuk.txt
查看数据卷是否挂载成功
[root@aliyun host]# docker inspect dbd6a596dbe5
.........
Mounts": [
{
"Type": "bind",
"Source": "/tmp/host", 主机目录
"Destination": "/tmp/docker", 容器目录
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
...............
规则:容器内部被限制,只能读取不能写 ro = read only
如果主机写入内容,可以同步到容器
[root@aliyun ~]# docker run -it --privileged=true -v /tmp/host:/tmp/docker:ro --name myubuntu ubuntu
实现容器2继承容器1的卷规则(主机,容器1,容器2互通互联)
[root@aliyun ~]# docker run -it --privileged=true -volumes- from 容器1 --name 容器2 ubuntu
dockerfile
https://docs.docker.com/engine/reference/builder/
dockerfile就是用来构建docker镜像的构建文件。命令脚本!!!
通过脚本可以生成一个镜像
#
FROM centos
VOLUME ["volume01","volume02"]
CMD echo "----hello world-----"
CMD /bin/bash
构建步骤
1.编写一个dockerfile文件
2.使用docker build 构建一个镜像
3.使用docker run 运行这个镜像
4.使用docker push发布这个镜像(docker Hub,阿里云镜像仓库)
dockerfile构建过程
- 每一个dockerfile的保留关键字都必须是大写
- 执行指令从上到下执行
- 、# 表示注释
- 每一个指令都会创建提交一个新的镜像层,并提交
dockerfile的常用指令
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-ULpMDvmz-1648135607231)(C:\Users\liufeng\Desktop\38eb1585b89cc75b6008e7d963fdc26.png)]
FROM # 基础镜像,一切从这里继续
MAINTAINER # 镜像作者
RUN # 镜像构建的时候需要运行的命令
ADD # copy文件
WORKDIR # 镜像的工作目录
VOLUME # 挂载的目录
EXPOSE # 对外指定暴漏端口
CMD # 指定这个端口启动时候要运行的命令,只有最后一个会生效,可被替代
ENTRYPONIT # 指定这个端口启动时候要运行的命令,可以追加命令
COPY # 将文件拷贝到镜像中
ENV # 构建的时候设置环境变量
实例——创建一个centos
# 需要主机上有centos镜像
[root@localhost dockerfile]# vi dockerfile
FROM centos
MAINTAINER liufeng
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "----end-----"
CMD /bin/bash
[root@localhost dockerfile]# docker build -f dockerfile -t mycentos:1.0 .
Sending build context to Docker daemon 2.048kB
Step 1/9 : FROM centos
---> 5d0da3dc9764
Step 2/9 : MAINTAINER liufeng
---> Running in 6daaaf9dc4b4
Removing intermediate container 6daaaf9dc4b4
---> 7aca3eaa4551
Step 3/9 : ENV MYPATH /usr/local
---> Running in 1354bcc57b6e
Removing intermediate container 1354bcc57b6e
---> f8b31af8b60a
Step 4/9 : WORKDIR $MYPATH
---> Running in 82202f6b82f5
Removing intermediate container 82202f6b82f5
---> 207110d8aabf
Step 5/9 : RUN yum -y install net-tools
---> Running in e7433df8edf3
Step 7/9 : CMD echo $MYPATH
---> Running in fa2903c684a4
Removing intermediate container fa2903c684a4
---> be99a22ac7e2
Step 8/9 : CMD echo "----end-----"
---> Running in 4b7b377c2a1f
Removing intermediate container 4b7b377c2a1f
---> 01c7f87c3371
Step 9/9 : CMD /bin/bash
---> Running in 8a29e6abe1a3
Removing intermediate container 8a29e6abe1a3
---> ca0a704437de
Successfully built ca0a704437de
Successfully tagged mycentos:1.0
# 出现successfully则镜像构建成功
测试运行
[root@localhost dockerfile]# docker run -it mycentos:1.0 /bin/bash
[root@4cc97f812e1b local]# pwd
/usr/local
[root@4cc97f812e1b local]#
查看镜像构建历史
[root@localhost dockerfile]# docker history mycentos:1.0
IMAGE CREATED CREATED BY SIZE COMMENT
ca0a704437de 7 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
01c7f87c3371 7 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
be99a22ac7e2 7 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
04e6332ef5d6 7 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
b9a494795240 7 minutes ago /bin/sh -c yum -y install net-tools 38.5MB
207110d8aabf 8 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
f8b31af8b60a 8 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
7aca3eaa4551 8 minutes ago /bin/sh -c #(nop) MAINTAINER liufeng 0B
5d0da3dc9764 3 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 3 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 3 months ago /bin/sh -c #(nop) ADD file:805cb5e15fb6e0bb0… 231MB
实战:tomcat镜像
1.准备需要的镜像包!
[root@localhost ~]# cd tomcat/
[root@localhost tomcat]# ll
总用量 194252
-rw-r--r--. 1 root root 9125027 2月 10 2019 apache-tomcat-7.0.92.tar.gz
-rw-r--r--. 1 root root 189784266 12月 21 2017 jdk-8u152-linux-x64.tar.gz
2.编写dockerfile文件
3.构建镜像
[root@localhost ~]# docker build -t tomcat01:0.1 .
自定义镜像——mycentosjava8
要求:centos7镜像具备vim+ifconfig+java8
java8下载地址: https://mirrors.yangxingzhen.com/jdk/
[root@aliyun myfile]# cat Dockerfile
FROM centos
MAINTAINER liufeng<2968971480@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
RUN yum -y install glibc.i686
RUN mkdir /usr/local/java
ADD XXXXXX.tar.gz /usr/local/java
ENV JAVA_HOME /usr/local/java/jdkXXXXXX
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib:$CLASSPATH
ENV PATH $JAVA_HOME/bin/:$PATH
EXPOSE 80
CMD echo $MYPATH
CMD echo "success...........ok"
CMD /bin/bash
[root@aliyun myfile]# docker build -t centosjava8:1.5 .
Successfully built 27e54b57dd74
Successfully tagged centosjava8:1.5
查找虚悬镜像并且删除
[root@aliyun myfile]# docker images ls -f dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@aliyun myfile]# docker images prune
REPOSITORY TAG IMAGE ID CREATED SIZE
docker-compose
docker网络——docker0
evth-pair技术,网络模式为桥接模式
- 每启动一个容器docker就会为它分配一个IP地址,对应的也会多一对网卡!
- 容器和linux主机可以ping通,而且每个容器之间也可以通过ip地址ping通。
evth-pair 技术
docker容器带来的网卡都是一对一对的,evth-pair 就是一对的虚拟设备接口,都是成对出现的,一段连着协议,一段彼此连接,evth-pair 就像一个桥梁,连接各种虚拟网络设备。
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-e6cp0BL4-1648135607232)(C:\Users\liufeng\Desktop\189766e47dbaa0c048c6e0fd1970ad7.png)]
–link(使用容器名来相互通信)
docker run -d -P --name tomcat01 --link tomcat02 tomcat
docker exec -it tomcat01 ping tomcat02
不能反向ping!因为我们是用 tomcat02 --link tomcat01。
- –link本质
我们查看tomcat02的网络配置文件,可以发现它与tomcat01的关联:
所以docker 的–link命令,其实就是在hosts文件中增加了一个映射!
docker network [可选参数]命令
可选参数
Commands:
connect Connect a container to a network 连接一个容器到一个网络
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks 查看配置网络信息
ls List networks
prune Remove all unused networks
rm Remove one or more networks 移除一个或者多个网络
-
docker network ls 网络列表
-
docker network NETWORK ID 检查一个或多个网络上的显示详细信息
网络模式
bridge 桥接模式
none 不配置网络
host 和宿主机共享网络
container 容器内网络连接
创建自定义网络:
模式:桥接模式 子网ip:192.168.0.0/24 网关:192.168.0.1
docker network create --driver bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1 mynet
测试:
docker run -d -P --name tomcat01 --net mynet tomcat
docker run -d -P --name tomcat01 --net mynet tomcat
# 现在两个容器间已经可以实现通信
redis//mysql 不同的集群之间使用不同的网络,保证集群是隔离健康的!!
网络联通
两个不同的网络集群之间实现通信
tomcat02到 mynet网络
docker network connect mynet tomcat
docker network inspect mynet
# 连通之后就是将tomcat02放置到mynet中 一个容器两个ip
at01 --link tomcat02 tomcat
docker exec -it tomcat01 ping tomcat02
不能反向ping!因为我们是用 tomcat02 --link tomcat01。
- –link本质
我们查看tomcat02的网络配置文件,可以发现它与tomcat01的关联:
所以docker 的–link命令,其实就是在hosts文件中增加了一个映射!
### docker network [可选参数]命令
# 可选参数
Commands:
connect Connect a container to a network 连接一个容器到一个网络
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks 查看配置网络信息
ls List networks
prune Remove all unused networks
rm Remove one or more networks 移除一个或者多个网络
1. docker network ls 网络列表
2. docker network NETWORK ID 检查一个或多个网络上的显示详细信息
网络模式
bridge 桥接模式
none 不配置网络
host 和宿主机共享网络
container 容器内网络连接
创建自定义网络:
模式:桥接模式 子网ip:192.168.0.0/24 网关:192.168.0.1
docker network create --driver bridge --subnet 192.168.0.0/24 --gateway 192.168.0.1 mynet
测试:
```shell
docker run -d -P --name tomcat01 --net mynet tomcat
docker run -d -P --name tomcat01 --net mynet tomcat
# 现在两个容器间已经可以实现通信
redis//mysql 不同的集群之间使用不同的网络,保证集群是隔离健康的!!
网络联通
两个不同的网络集群之间实现通信
tomcat02到 mynet网络
docker network connect mynet tomcat
docker network inspect mynet
# 连通之后就是将tomcat02放置到mynet中 一个容器两个ip