云计算专题之容器自动化
一,Docker简介,功能特性与应用场景
1.1 Docker简介
- Docker是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何
流行的Linux机器上,也可以实现虚拟化,容器是完全使用沙箱机制,相互之间不会有任何接口。 - 一个完整的Docker有以下几个部分组成:
- Docker Client 客户端
- Docker Daemon 守护进程
- Docker Image 镜像
- Docker Container 容器
1.2 Docker功能特性
- 隔离环境(系统,网络,文件系统)与应用
- 解决依赖与版本问题
- 易于分发,开箱即用
- 节点与容器快速扩容
- 镜像制作简单便捷,管理方便
(1)隔离
- 通过cgroup(隔离和跟踪资源的使用)& namespace(组与组之间隔离)来实现轻量级的进程隔离
- 对于容器中运行的进程来说,自己独占了一个系统
- 容器间网络,文件及其他资源都互相隔离
(2)版本与依赖
- 传统模式下,多个不同环境或版本的项目需要部署在不同机器上,部署与后期维护管理复杂繁琐。
- 使用Docker,通过多个不同版本或者环境的镜像,可以同时运行在一台机器上互不干扰,部署与后期维护简单方
便。
(3)分发与使用
- 镜像可以通过导入,导出,上传到镜像仓库等多种方式进行分发
- 在启动了Docker的系统上直接使用docker run即可启动镜像,无需特别配置。
(4)扩容
- 容器扩容简单方便
- 扩容节点只需安装并启动Docker即可
(5)镜像制作
- 镜像的灵魂Dockerfile
- 使用Dockerfile进行指令控制
- 基于Linux命令,易于理解,快速上手
- 易于定制与修改
1.3 Docker应用场景
- Docker通常应用于如下场景:
- web应用的自动化打包和发布;
- 自动化测试和持续集成,发布;
- 应用服务,如MySQL,Redis等,通过Docker实现快速部署;
- k8s私有云
1.3.1 场景1:多版本多种类系统与软件
二,Docker的安装
2.1 安装环境
最小化安装Centos7.5
关闭防火墙和selinux
2.2 版本选择
- Docker
- 17.03之后版本变为Docker CE
- Docker CE
- 社区版,Community Edition
- Docker EE
- 企业版,Enterprise Edition
- 收费版本,强调安全性,提供一些高级特性及商业支持
2.3 Docker安装:标准版本
特别提示:
centos7.5在搭建本地yum仓库的时候只需要修改
CentOS-Media.repo 文件即可(不需要将其他文件仍子目录里)
确保虚拟机能正常上网
2.4 Docker安装:CE社区版
首先清理掉yum安装的docker标准版
这里有两种方式特别提示:
yum的回退安装在工作中很有用,
接下来我们安装Docker的CE社区版
三,Docker的操作命令
3.0 添加docker国内镜像源
在开始学习docker之前,我们首先要更改一下docker的默认源镜像下载地址(默认是从国外下载,很慢),我们需要
添加国内的源地址
[root@docker ~]# cat /etc/docker/daemon.json
{
"registry-mirrors":[ "https://registry.docker-cn.com" ]
}
[root@docker ~]# systemctl daemon-reload
[root@docker ~]# systemctl restart docker
3.1 Docker命令:search
用于从docker的官方公有镜像仓库查找镜像
(1)查看Docker Hub上公开的centos镜像
[root@docker ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 7246 [OK]
kasmweb/centos-7-desktop CentOS 7 desktop for Kasm Workspaces 21
continuumio/centos5_gcc5_base 3
dokken/centos-7 CentOS 7 image for kitchen-dokken 2
dokken/centos-stream-9 1
couchbase/centos7-systemd centos7-systemd images with additional debug… 1 [OK]
spack/centos7 CentOS 7 with Spack preinstalled 1
datadog/centos-i386 0
dokken/centos-8 CentOS 8 image for kitchen-dokken 0
dokken/centos-6 CentOS 6 image for kitchen-dokken 0
spack/centos6 CentOS 6 with Spack preinstalled 0
dokken/centos-stream-8 0
bitnami/centos-extras-base 0
corpusops/centos centos corpusops baseimage 0
couchbase/centos-72-java-sdk 0
couchbase/centos-72-jenkins-core 0
fnndsc/centos-python3 Source for a slim Centos-based Python3 image… 0 [OK]
bitnami/centos-base-buildpack Centos base compilation image 0 [OK]
couchbase/centos-69-sdk-build 0
couchbase/centos-69-sdk-nodevtoolset-build 0
couchbase/centos-70-sdk-build 0
spack/centos-stream 0
galaxy/centos-wheel 0
galaxy/centos32 0
galaxy/centos32-wheel
特别说明:
Name:镜像的名字
DESCRIPTION:描述
STARS:星级(越高越好)
OFFICIAL:是否是官方发布的
AUTOMATED:是否自动化的
(2)查找星级多于100的centos镜像
[root@docker ~]# docker search centos -f stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 7246 [OK]
特别提示:
/:符号用于分割作者名称和镜像名称
ansible/centos7-ansible:ansible是作者名称,centos7-ansible是镜像名称
(3)多条件查找--filter
#查找官方发布的,星级大于100的centos镜像
[root@docker ~]# docker search centos -f is-official=true -f stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 7246 [OK]
3.2 Docker命令:pull
用于从Docker Hub上下载公有镜像
#查找符合条件的nginx镜像
[root@docker ~]# docker search nginx -f is-official=true -f stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 17116 [OK]
#下载目标nginx镜像
[root@docker ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
461246efe0a7: Pull complete
a96aaf9a9ec3: Pull complete
650d8b758441: Pull complete
b138da793ac8: Pull complete
bb1705539683: Pull complete
b9ed43dcc388: Pull complete
Digest: sha256:db345982a2f2a4257c6f699a499feb1d79451a1305e8022f16456ddc3ad6b94c
Status: Downloaded newer image for nginx:latest #下载成功latest是标记(tag)
docker.io/library/nginx:latest
3.3 Docker命令:images
用于本地镜像的查看
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 41b0e86104ba 6 days ago 142MB
特别说明:
REPOSITORY:镜像仓库(下边罗列的都是本地已有镜像名称)
TAG:镜像的标记(为了区分同名镜像)
IMAGES ID:镜像的ID号
CREATED:此镜像的创建时间
SIZE:此镜像的大小
3.4 Docker命令:build
用于本地自定义镜像的构建,需要创建Dockerfile文件
#创建Dockerfile文件的存储目录
[root@docker ~]# mkdir -p /root/dockerfile/lib/centos/7
[root@docker ~]# cd /root/dockerfile/lib/centos/7
#创建docker.sh脚本
[root@docker ]# vim docker.sh
[root@docker ]# cat docker.sh
#!/bin/bash
while true
do
echo "welcome"
sleep 5
done
#创建Dockerfile配置文件,文件名称必须为Dockerfile,第一个字母必须大写
[root@docker ]# vim Dockerfile
[root@docker ]# cat Dockerfile
FROM centos #从centos源镜像的基础上进行构建
LABEL MAINTATNER="Mr.chen.com" #作者的名称
RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime #RUN:在镜像构建过程中
运行命令
ADD docker.sh /home/test/ #从本地系统中把docker.sh文件添加到构建中的镜像的/home/test/目
录下
RUN chmod +x /home/test/docker.sh #在镜像构建过程中运行命令
CMD ["/home/test/docker.sh"] #构建镜像完成时,最后执行的命令
#根据Dockfile配置文件构建一个自定义镜像
[root@docker ]# docker build -t Mr.chen/centos7:1 . #-t 指定镜像名称 :1 设定镜
像的tag标记
Sending build context to Docker daemon 3.072kB
Step 1/6 : FROM centos
---> 49f7960eb7e4
Step 2/6 : LABEL MAINTATNER="Mr.chen.com"
---> Running in 2537e36ba496
Removing intermediate container 2537e36ba496
---> 1a932d4c7762
Step 3/6 : RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
---> Running in 7890b38ae948
'/etc/localtime' -> '/usr/share/zoneinfo/Asia/Shanghai'
Removing intermediate container 7890b38ae948
---> 82c412669879
Step 4/6 : ADD docker.sh /home/test/
---> 8f092336a175
Step 5/6 : RUN chmod +x /home/test/docker.sh
---> Running in b034c6f7439f
Removing intermediate container b034c6f7439f--> f6587dbd78dd
Step 6/6 : CMD ["/home/test/docker.sh"]
---> Running in cd13edcd6632
Removing intermediate container cd13edcd6632
---> 58af3ad826d2
uccessfully built 58af3ad826d2 #构建成功
Successfully tagged Mr.chen/centos7:1
[root@docker ]# docker images
REPOSITORY TAG IMAGE ID CREATED SI
ZE
Mr.chen/centos7 1 58af3ad826d2 57 seconds ago 20
0MB #TAG为1
centos 7 49f7960eb7e4 4 weeks ago 20
0MB
hello-world latest e38bc07ac18e 2 months ago 1.
85k
3.5 Docker命令:run
运行一个本地镜像
[root@docker ~]# docker run -itd centos /bin/bash #让容器的输入保持打开,为docker分配一个伪终端,
b8a6ac4e13a1bca4e3642a624de0fdd201e185f6320af18a9625b0b893670ca9
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8a6ac4e13a1 centos "/bin/bash" 9 seconds ago Up 7 seconds dreamy_wu
7109f7b39f4a centos "/bin/bash -c 'echo …" 39 seconds ago Exited (0) 38 seconds ago practical_easley
9f647a9cb15d nginx "/docker-entrypoint.…" 2 minutes ago Exited (0) 2 minutes ago wizardly_spence
3.6 Docker命令:ps
查看已经运行的镜像的进程
[root@docker ~]# docker ps #只能看到运行中的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker ps -a #可以看到所有容器的状态(包含退出的exit)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2ee0242ca3e centos "/bin/bash" About an hour ago Created goofy_jones
89750ab3bb2f nginx "/docker-entrypoint.…" About an hour ago Exited (127) 32 seconds ago vigorous_cori
ca53f13e3410 nginx "/docker-entrypoint.…" About an hour ago Created brave_noyce
特别提示:
ocker run:运行一个指定的images id
-d:放在后台运行
-i:可以进行命令交互
-t:制作一个伪终端用于登陆
58af3ad826d2:镜像的ID,可以简写成58a
3.7 Docker命令:attach
从本地系统中切入到某个STATUS状态是UP的镜像进程里
[root@docker ~]# docker attach 476 #启动虚拟终端才能使用
[root@4769c1c506e5 /]#
3.8 Docker命令:stop
用于停止一个正在运行着的容器进程
[root@docker ~]# docker stop 70d4abf #停止容器
70d4abf
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
70d4abfbcaba nginx "/docker-entrypoint.…" About a minute ago Exited (0) 10 seconds ago fervent_hoover
3.9 Docker命令:start
用于启动一个已经停止了的容器进程
[root@docker ~]# docker start 70d4abf #启动容器
70d4abf
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
70d4abfbcaba nginx "/docker-entrypoint.…" 34 seconds ago Up 6 seconds 80/tcp fervent_hoover
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
70d4abfbcaba nginx "/docker-entrypoint.…" 44 seconds ago Up 16 seconds 80/tcp fervent_hoover
3.10 Docker命令:rm
用于删除一个已经停止了的容器进程
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2ee0242ca3e centos "/bin/bash" About an hour ago Created goofy_jones
89750ab3bb2f nginx "/docker-entrypoint.…" About an hour ago Exited (127) 32 seconds ago vigorous_cori
ca53f13e3410 nginx "/docker-entrypoint.…" About an hour ago Created brave_noyce
[root@docker ~]# docker rm e2ee02 89750 ca53f #注意运行中的容器进程需要先stop,才能删除
e2ee02
89750
ca53f
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3.11 Docker命令:rmi
用于删除一个未用作容器启动的本地镜像
[root@docker ~]# docker rmi 05d3c1e2d0c1 #但要注意,被用作容器启动的镜像是不能删除的(需先rm删除容器进程)
Untagged: centos/systemd:latest #强行删除被容器进程占用的镜像也是不行的
Untagged: centos/systemd@sha256:09db0255d215ca33710cc42e1a91b9002637eeef71322ca641947e65b7d53b58
Deleted: sha256:05d3c1e2d0c166b1654f86a5beed614065450b186a94e4761120b3458b45509d
Deleted: sha256:09ddbd0d56275f5387b4ab8501b9be4e4e839d56a76b98ef8f18a32c0070b5a0
Deleted: sha256:071d8bd765171080d01682844524be57ac9883e53079b6ac66707e192ea25956
[root@docker ~]# docker rmi -f centos #-f 强制删除(即便被占用)
Untagged: centos:latest
3.12 Docker命令:commit
将一个更改过的容器进程的容器状态保存为一个新的镜像(可以实现容器版本控制)
[root@docker ~]# docker commit b8a6 nginx:v1.3 将容器保存至镜像
sha256:4a1b21daa45f30d37abc5b1f62793ad3f2b7b39cb99eb82294717f2aeccc6148
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v1.3 4a1b21daa45f 8 seconds ago 231MB
3.13 Docker命令:exec
用于从本地操作系统上直接向容器进程发布执行命令并返回结果
[root@docker ~]# docker exec -it b8a6 /bin/bash
[root@b8a6ac4e13a1 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 #默认网络命名空间
valid_lft forever preferred_lft forever
[root@b8a6ac4e13a1 /]# uname -r #查看内核版本
3.10.0-862.el7.x86_64
[root@b8a6ac4e13a1 /]# cat /etc/redhat-release #查看系统内型
CentOS Linux release 8.4.2105
特别提示:
ctrl+P+Q 退出容器,容器不会停止(后台运行),日常操作(必会)
3.14 Docker命令:cp
用于在容器进程和本地系统之间复制文件
[root@docker ~]# docker attach 840
[root@8403555dbd45 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@8403555dbd45 /]# cd root
[root@8403555dbd45 ~]# echo 123 >1.txt
[root@8403555dbd45 ~]# cat 1.txt
123
[root@8403555dbd45 ~]# read escape sequence
[root@docker ~]# docker cp 840:/root/1.txt .
[root@docker ~]# ls
1.txt anaconda-ks.cfg nginx1.12 nginx1.12.tar nginx1.2.cont ping.txt
[root@docker ~]# echo 321 >./2.txt
[root@docker ~]# cat 2.txt
321
[root@docker ~]# docker cp ./2.txt 840:/
[root@docker ~]# docker exec 840 cat /2.txt
321
3.15 Docker命令:create
用于创建一个容器进程,但是并不启动它
[root@docker ~]# docker create -it nginx #创建一个镜像的容器进程,但不直接启动
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
Digest: sha256:db345982a2f2a4257c6f699a499feb1d79451a1305e8022f16456ddc3ad6b94c
Status: Downloaded newer image for nginx:latest
ca53f13e341064e47d258c331bfad33ebcafe644d10dfe1325b81eb238e500c0
[root@docker ~]# docker create -it nginx /bin/bash #用/bin/bash解释器运行nginx镜像
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
461246efe0a7: Already exists
a96aaf9a9ec3: Already exists
650d8b758441: Already exists
b138da793ac8: Already exists
bb1705539683: Already exists
b9ed43dcc388: Already exists
Digest: sha256:db345982a2f2a4257c6f699a499feb1d79451a1305e8022f16456ddc3ad6b94c
Status: Downloaded newer image for nginx:latest
c93cdab5076efa5c2118d755a9b108defce0bd0bb4bd2f3ef0eafd212db657a1
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ca53f13e3410 nginx "/docker-entrypoint.…" 31 seconds ago Created brave_noyce
特别注意:
-i 让容器的输入保持打开
-t 为docker分配一个伪终端
3.16 Docker命令:diff
查看容器进程与源镜像做对比,发生了改变的文件或文件夹
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STA
TUS PORTS NAMES
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZ
E
Mr.chen/centos 2 5620f1cb9e8e 11 hours ago 200
MB
Mr.chen/centos7 1 58af3ad826d2 32 hours ago 200
MB
centos 7 49f7960eb7e4 4 weeks ago 200
MB
centos latest 49f7960eb7e4 4 weeks ago 200
MB
[root@docker ~]# docker run -d -it 5620f1cb9e8e #启动一个镜像的容器进程
ab06a9794e45ca35ab5f4594d630ecbe3527814233cc004d4deb8aafde2906f8
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STA
TUS PORTS NAMES
ab06a9794e45 5620f1cb9e8e "/bin/bash" 3 seconds ago Up
2 seconds confident_snyder
[root@docker ~]# docker attach ab06a9794e45 #切入容器进程
[root@ab06a9794e45 /]# cd /yunjisuan/
[root@ab06a9794e45 yunjisuan]# pwd
/yunjisuan
[root@ab06a9794e45 yunjisuan]# touch {1..10} #在容器进程中创建文件
[root@ab06a9794e45 yunjisuan]# ls
1 10 2 3 4 5 6 7 8 9
[root@ab06a9794e45 yunjisuan]# exit #退出容器进程
exit
[root@docker ~]# docker diff ab06a9794e45 #查看容器进程的变化
C /root/.bash_history
C /yunjisuan
A /yunjisuan/1
A /yunjisuan/10
A /yunjisuan/2
A /yunjisuan/3
A /yunjisuan/4
A /yunjisuan/5
A /yunjisuan/6
A /yunjisuan/7
A /yunjisuan/8
A /yunjisuan/9
3.17 Docker命令:events
实时监测容器的变化情况
root@docker ~]# docker events
2022-07-18T09:11:23.938963932+08:00 network connect
c03e38ce8c0e54511899c4ad34b37adaa6339b68e44478072b7d9a4129afdb7a (container=ab06a9
794e45ca35ab5f4594d630ecbe3527814233cc004d4deb8aafde2906f8, name=bridge, type=brid
ge)
2022-07-18T09:11:24.096366168+08:00 container start
ab06a9794e45ca35ab5f4594d630ecbe3527814233cc004d4deb8aafde2906f8 (MAINTATNER=Mr.ch
en.com, image=5620f1cb9e8e, name=confident_snyder, org.label-schema.schema-version
== 1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=Cen
tOS org.label-schema.license=GPLv2 org.label-schema.build-date=20180531)
前台时时监控容器的变化若要检测,需要另外再起一个窗口进行操作
3.18 Docker命令:export
将容器进程的文件系统导出到本地
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8a6ac4e13a1 5d0da3dc9764 "/bin/bash" 51 minutes ago Up 51 minutes dreamy_wu
7109f7b39f4a 5d0da3dc9764 "/bin/bash -c 'echo …" 52 minutes ago Exited (0) 52 minutes ago practical_easley
9f647a9cb15d nginx "/docker-entrypoint.…" 53 minutes ago Exited (0) 53 minutes ago wizardly_spence
[root@docker ~]# docker stop b8a6 #先停止容器
b8a6
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b8a6ac4e13a1 5d0da3dc9764 "/bin/bash" 54 minutes ago Exited (0) 2 minutes ago dreamy_wu
7109f7b39f4a 5d0da3dc9764 "/bin/bash -c 'echo …" 55 minutes ago Exited (0) 55 minutes ago practical_easley
9f647a9cb15d nginx "/docker-entrypoint.…" 57 minutes ago Exited (0) 57 minutes ago wizardly_spence
[root@docker ~]# docker export b8a6 >./nginx1.2.cont #导出容器到本地(最好加上.cont后缀,以便识别)
[root@docker ~]# ls
anaconda-ks.cfg nginx1.12 nginx1.12.tar nginx1.2.cont ping.txt
3.19 Docker命令:import
用于将export导出的文件系统创建为一个镜像
[root@docker ~]# cat ./nginx1.2.cont | docker import - nginx:v2 #导入本地容器镜像快照
sha256:cae4bd959d319cb87b6e4178db8d0f04a9cc15541a9cbee71460792b7ca746a5
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v2 cae4bd959d31 15 seconds ago 231MB
特别提示:
如果将服务器中的容器导出成容器镜像文件后,当我们需要使用该容器镜像文件的时候,
不要使用docker load(该指令可以导入但是会导致启动异常)
需要执行以下指令:
cat 容器文件名称 | docker inport - name:tag
3.20 Docker命令:history
用于查看一个镜像的历史修改纪录
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZ
E
Mr.chen/centos 3 745606e08231 4 seconds ago 200
MB
Mr.chen/centos 2 5620f1cb9e8e 13 hours ago 200
MB
Mr.chen/centos7 1 58af3ad826d2 34 hours ago 200
MB
centos 7 49f7960eb7e4 4 weeks ago 200
MB
centos latest 49f7960eb7e4 4 weeks ago 200
MB
[root@docker ~]# docker history 745606e08231
IMAGE CREATED CREATED BY SIZE COM
MENT
745606e08231 6 minutes ago 200MB Imp
orted from -
[root@docker ~]# docker history 5620f1cb9e8e
IMAGE CREATED CREATED BY
SIZE COMMENT
5620f1cb9e8e 13 hours ago /bin/bash
27B
58af3ad826d2 34 hours ago /bin/sh -c #(nop) CMD ["/home/test/docker.
s... 0B
f6587dbd78dd 34 hours ago /bin/sh -c chmod +x /home/test/docker.sh
57B
8f092336a175 34 hours ago /bin/sh -c #(nop) ADD file:84ec58f8405b1601
7... 57B
82c412669879 34 hours ago /bin/sh -c ln -sfv
/usr/share/zoneinfo/Asia/... 33B
1a932d4c7762 34 hours ago /bin/sh -c #(nop) LABEL MAINTATNER=Mr.chen
.... 0B
49f7960eb7e4 4 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"]
0B
<missing> 4 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.s
c... 0B
<missing> 4 weeks ago /bin/sh -c #(nop) ADD file:8f4b3be0c1427b15
8... 200MB
3.21 Docker命令:info
用于查看当前操作系统的docker运行信息
[root@docker ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
compose: Docker Compose (Docker Inc., v2.6.0)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 3 #容器镜像3个
Running: 0 #正在运行的容器0
Paused: 0
Stopped: 3
Images: 3 #一共有3个镜像
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.968GiB
Name: docker
ID: MTHU:S5XU:UKGA:DGC7:BCEQ:NREX:SSWI:MF2Y:34U3:TEK2:RJCZ:C2VK
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: spengc
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://registry.docker-cn.com/
Live Restore Enabled: false
3.22 Docker命令:inspect
查看某个镜像的详细信息
[root@docker ~]# docker inspect 05d3c1e2d0c1
[
{
"Id": "sha256:05d3c1e2d0c166b1654f86a5beed614065450b186a94e4761120b3458b45509d",
"RepoTags": [
"centos/systemd:latest"
],
"RepoDigests": [
"centos/systemd@sha256:09db0255d215ca33710cc42e1a91b9002637eeef71322ca641947e65b7d53b58"
],
"Parent": "",
"Comment": "",
"Created": "2018-12-29T18:57:04.462738239Z",
"Container": "d65db7054384e55b6a0df28ccc3c712bf12d0058ee12f3f31c687916573fc874",
"ContainerConfig": {
"Hostname": "d65db7054384",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"container=docker"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"/usr/sbin/init\"]"
],
"ArgsEscaped": true,
"Image": "sha256:6bc581d3208e8b42e7d1d8ef576906103c73ecd5d6e28ec9ab0f3d9d370c0d50",
"Volumes": {
"/sys/fs/cgroup": {}
},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20181205",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"DockerVersion": "18.03.1-ee-3",
"Author": "The CentOS Project <cloud-ops@centos.org>",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"container=docker"
],
"Cmd": [
"/usr/sbin/init"
],
"ArgsEscaped": true,
"Image": "sha256:6bc581d3208e8b42e7d1d8ef576906103c73ecd5d6e28ec9ab0f3d9d370c0d50",
"Volumes": {
"/sys/fs/cgroup": {}
},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20181205",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 201779604,
"VirtualSize": 201779604,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/d962e3a1441c42b01bd9ca4b2ce6526898f99a2f974cab05496929c651fcd6f1/diff",
"MergedDir": "/var/lib/docker/overlay2/7a1d3c5e995dc20e2c7d15b445f4dc38b0a38695f2fd7f80504a13f6d0364e9f/merged",
"UpperDir": "/var/lib/docker/overlay2/7a1d3c5e995dc20e2c7d15b445f4dc38b0a38695f2fd7f80504a13f6d0364e9f/diff",
"WorkDir": "/var/lib/docker/overlay2/7a1d3c5e995dc20e2c7d15b445f4dc38b0a38695f2fd7f80504a13f6d0364e9f/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:071d8bd765171080d01682844524be57ac9883e53079b6ac66707e192ea25956",
"sha256:fd40254c9c6971795b270293804a4b6dd2eb60e15215cdad44df1d8e439af2c0"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
3.23 Docker命令:kill
强行停止一个或多个正在运行状态的容器进程
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STA
TUS PORTS NAMES
ab06a9794e45 5620f1cb9e8e "/bin/bash" 2 hours ago Up
hours confident_snyder
[root@docker ~]# docker kill ab06a9794e45
ab06a9794e45
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STA
TUS PORTS NAMES
ab06a9794e45 5620f1cb9e8e "/bin/bash" 2 hours ago Exi
ted (137) 1 second ago confident_snyder
3.24 Docker命令:save
用于将一个镜像的文件系统导出到本地(export导出的是容器)
[root@docker ~]# docker save -o /root/nginx1.12 nginx:v1.12.2
[root@docker ~]# ls
anaconda-ks.cfg nginx1.12 ping.txt
[root@docker ~]# docker save -o /root/nginx1.12.tar nginx:v1.12.2
[root@docker ~]# ls
anaconda-ks.cfg nginx1.12 nginx1.12.tar ping.txt
3.25 Docker命令:load
用于将save导出到本地的tar包,重新加载为镜像(和源镜像的名字标识完全一样)
[root@docker ~]# docker load < ./nginx1.12 #将之前的nginx镜像导入到系统
43b3c4e3001c: Loading layer [==================================================>] 83.87MB/83.87MB
1c99a7efe9d9: Loading layer [==================================================>] 62.01MB/62.01MB
305b0db3a210: Loading layer [==================================================>] 3.072kB/3.072kB
c03189a5ef70: Loading layer [==================================================>] 4.096kB/4.096kB
1d561d938628: Loading layer [==================================================>] 3.584kB/3.584kB
de100bd247e0: Loading layer [==================================================>] 7.168kB/7.168kB
Loaded image: nginx:v1.12.2
3.26 Docker命令:logs
用于输出一个容器进程内的操作日志
[root@docker ~]# docker run -d nginx:v2 /bin/bash -c "while :; do echo haha;sleep l;done" #做测试的死循环
cf60dd2586824ef8f2df083fe0956a44bc4b1235bac320f4b269f90488675527
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cf60dd258682 nginx:v2 "/bin/bash -c 'while…" 6 seconds ago Up 5 seconds sharp_bartik
[root@docker ~]# docker logs cf6 #查看操作日志
3.27 Docker命令:pause && unpause
用于将一个或多个容器的进程暂停和恢复
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago
Up 5 minutes adoring_noether
[root@docker ]# docker pause 16f9f6c9c699 #暂停容器进程
16f9f6c9c699
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago
Up 5 minutes (Paused) adoring_noether
[root@docker ]# docker unpause 16f9f6c9c699 #恢复容器进程
16f9f6c9c699
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago
Up 5 minutes adoring_noether
3.28 Docker命令:port
用于列出一个容器的端口映射及协议
[root@docker ~]# docker run -p 8888:80 -itd nginx:v2 /bin/bash #物理端口:容器端口
4769c1c506e52dcd22ba606785fd3333163bb3e4424b93b3a72a0d3c5d69426c
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4769c1c506e5 nginx:v2 "/bin/bash" 5 seconds ago Up 5 seconds 0.0.0.0:8888->80/tcp, :::8888->80/tcp jolly_lichterman
3.29 Docker命令:rename
给容器进程重命名
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 11 minutes ago
Up 11 minutes 0.0.0.0:2222->22/tcp romantic_elbakyan
16f9f6c9c699 test:1 "/home/test/docker.sh" 22 minutes ago
Up 22 minutes adoring_noether
[root@docker ]# docker rename romantic_elbakyan Mr.chen
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 11 minutes ago
Up 11 minutes 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 22 minutes ago
Up 22 minutes adoring_noether
3.30 Docker命令:restart
重启一个容器进程
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 15 minutes ago
Up 15 minutes 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 26 minutes ago
Up 26 minutes adoring_noether
[root@docker ]# docker restart 6321c3a3481f
6321c3a3481f
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 15 minutes ago
Up 2 seconds 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 26 minutes ago
Up 26 minutes adoring_noether
3.31 Docker命令:stats
用于s实时输出容器的资源使用情况
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 17 minutes ago
Up About a minute 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 28 minutes ago
Up 28 minutes adoring_noether
[root@docker ]# docker stats 6321c3a3481f
#--no-tream只输出一次
[root@docker ]# docker stats 6321c3a3481f --no-stream
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM
% NET I/O BLOCK I/O PIDS
6321c3a3481f Mr.chen 0.00% 292KiB / 974.6MiB 0.0
3% 648B / 0B 0B / 0B 2
3.32 Docker命令:tag
用于从一个指定的镜像创建另外一个镜像(标签)
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 41b0e86104ba 6 days ago 142MB
nginx v1.12.2 41b0e86104ba 6 days ago 142MB
cp/alpine latest e66264b98777 7 weeks ago 5.53MB
alpine latest e66264b98777 7 weeks ago 5.53MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@docker ~]# docker tag nginx:latest nginx:V1.12.1 #可以指定名字:标志来创建
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx V1.12.1 41b0e86104ba 6 days ago 142MB
nginx latest 41b0e86104ba 6 days ago 142MB
nginx v1.12.2 41b0e86104ba 6 days ago 142MB
cp/alpine latest e66264b98777 7 weeks ago 5.53MB
alpine latest e66264b98777 7 weeks ago 5.53MB
centos latest 5d0da3dc9764 10 months ago 231MB
[root@docker ~]# docker tag 41b0e86104ba cp/nginx #也可以指定image id来创建
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cp/nginx latest 41b0e86104ba 6 days ago 142MB
nginx latest 41b0e86104ba 6 days ago 142MB
centos v1.2.0 5d0da3dc9764 10 months ago 231MB
centos v1.2.2 5d0da3dc9764 10 months ago 231MB
3.33 Docker命令:top
用于显示指定容器的进程信息
11. centos 7 49f7960eb7e4 4 weeks ago 200
MB
12. centos latest 49f7960eb7e4 4 weeks ago 200
MB
13. [root@docker 7]# docker rmi test:2
14. Untagged: test:2
15. [root@docker 7]# docker images
16. REPOSITORY TAG IMAGE ID CREATED SIZ
E
17. test 1 cc87aef92b66 About an hour ago 200
MB
18. centos 7 49f7960eb7e4 4 weeks ago 200
MB
19. centos latest 49f7960eb7e4 4 weeks ago 200
MB
20. [root@docker 7]# docker tag cc87aef92b66 test:2 #我们也可以指定image id来创建
21. [root@docker 7]# docker images
22. REPOSITORY TAG IMAGE ID CREATED SIZ
E
23. test 1 cc87aef92b66 About an hour ago 200
MB
24. test 2 cc87aef92b66 About an hour ago 200
MB
25. centos 7 49f7960eb7e4 4 weeks ago 200
MB
26. centos latest 49f7960eb7e4 4 weeks ago 200
MB
3.33 Docker命令:top
用于显示指定容器的进程信息
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 28 minutes ago
Up 12 minutes 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 39 minutes ago
Up 39 minutes adoring_noether
[root@docker ]# docker top 6321c3a3481f
UID PID PPID C STIM
E TTY TIME CMD
root 89798 89784 0 11:5
pts/0 00:00:00 /bin/bash /home/test/docker
.sh
root 90265 89798 0 12:0
pts/0 00:00:00 sleep 5
3.34 Docker命令:update
用于调整一个或多个容器的启动配置
[root@docker 7]# docker update --help
Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
Update configuration of one or more containers
Options:
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000
, or 0 to disable (default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler)
period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight) #调整CPU
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit #调整内存
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to
enable unlimited swap
--restart string Restart policy to apply when a container exits
3.35 Docker命令:version and wait
version用于显示docker的版本信息
wait用于捕捉一个或多个容器的退出状态,并返回退出状态码
.sh
8. root 90265 89798 0 12:0
7 pts/0 00:00:00 sleep 5
3.34 Docker命令:update
用于调整一个或多个容器的启动配置
1. [root@docker 7]# docker update --help
2.
3. Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
4.
5. Update configuration of one or more containers
6.
7. Options:
8. --blkio-weight uint16 Block IO (relative weight), between 10 and 1000
, or 0 to disable (default 0)
9. --cpu-period int Limit CPU CFS (Completely Fair Scheduler)
period
10. --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
11. --cpu-rt-period int Limit the CPU real-time period in microseconds
12. --cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
13. -c, --cpu-shares int CPU shares (relative weight) #调整CPU
14. --cpus decimal Number of CPUs
15. --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
16. --cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
17. --kernel-memory bytes Kernel memory limit
18. -m, --memory bytes Memory limit #调整内存
19. --memory-reservation bytes Memory soft limit
20. --memory-swap bytes Swap limit equal to memory plus swap: '-1' to
enable unlimited swap
21. --restart string Restart policy to apply when a container exits
3.35 Docker命令:version and wait
version用于显示docker的版本信息
wait用于捕捉一个或多个容器的退出状态,并返回退出状态码
#显示docker版本信息
[root@docker ]# docker version
Client:
Version: 18.03.1-ce
API version: 1.37
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:20:16 2018
OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.03.1-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:23:58 2018
OS/Arch: linux/amd64
Experimental: false
#监听容器的退出状态并返回状态码
[root@docker ]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
6321c3a3481f test:1 "/home/test/docker.sh" 33 minutes ago
Up 17 minutes 0.0.0.0:2222->22/tcp Mr.chen
16f9f6c9c699 test:1 "/home/test/docker.sh" 44 minutes ago
Up 44 minutes adoring_noether
[root@docker ]# docker wait 6321c3a3481f #需要在开一个窗口stop这个容器进程再查看
3.36 Docker命令:login && logout && push
- login用于登陆docker hub官方公有仓库
- logout用于登出docker hub官方公有仓库
- push用于将本地镜像提交到docker hub
四,管理应用程序数据
4.1 Volume和Bind Mount
将Docker主机数据挂载到容器
- Docker提供三种不同方式将数据从宿主机挂载到容器中:volumes,bind mounts和tmpfs。
- volumes:Docker管理宿主机文件系统的一部分(/var/lib/docker/volumes)
- bind mounts:可以存储在宿主机系统的任意位置
- tmpfs:挂载存储在宿主机系统的内存中,而不会写入宿主机的文件系统
4.1.1 Volume
[root@docker ~]# cd /var/lib/docker
[root@docker docker]# ls
buildkit containers image network overlay2 plugins runtimes swarm tmp trust volumes
[root@docker docker]# cd volumes/
[root@docker volumes]# ls #查看docker下的卷信息
metadata.db
[root@docker ~]# docker volume create ng-v1 #创建一个卷
ng-v1
[root@docker ~]# docker volume ls #查看创建的卷
DRIVER VOLUME NAME
local ng-v1
[root@docker ~]# docker inspect ng-v1 #查看所创建卷的详细信息
[
{
"CreatedAt": "2022-07-20T17:42:33+08:00", #创建时间
"Driver": "local", #驱动
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/ng-v1/_data", #挂载点
"Name": "ng-v1", #卷名
"Options": {},
"Scope": "local"
}
]
[root@docker ~]# ls /var/lib/docker/volumes/ng-v1/ #查看卷下是否生成挂载点目录
_data
[root@docker ~]# ls /var/lib/docker/volumes/ng-v1/_data/ #此时挂载点目录下没有任何东西
[root@docker ~]# docker run -itd --name=ng-test --mount src=ng-v1,dst=/usr/share/nginx/html -p 8888:80 nginx:latest #启动一个容器并指定挂载路径,如果本地没有镜像,会自动检索镜像并下载
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
461246efe0a7: Pull complete
060bfa6be22e: Pull complete
b34d5ba6fa9e: Pull complete
8128ac56c745: Pull complete
44d36245a8c9: Pull complete
ebcc2cc821e6: Pull complete
Digest: sha256:1761fb5661e4d77e107427d8012ad3a5955007d997e0f4a3d41acc9ff20467c7
Status: Downloaded newer image for nginx:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
5bc0c919250bc294e8e87f00b420f5170d3a32c52a7b58b3f20aa2a560427a43
特别说明:
--name:容器的名字
--mount:挂载
src:源卷的名字
dst:挂载到容器中的路径
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5bc0c919250b nginx:latest "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:8888->80/tcp, :::8888->80/tcp ng-test
[root@docker ~]# ls /var/lib/docker/volumes/ng-v1/_data/ #查看挂载是否成功
50x.html index.html
特别提示:
docker run的-p参数:指定端口的映射,88:80的意思就是将宿主机88端口的访问映射到容器进程的80端口
4.1.2 Bind Mounts
[root@docker ~]# docker run -itd --name ng-01 -p 8890:80 --mount type=bind,src=/datas/ng-node,dst=/usr/share/nginx/html nginx:latest #使用bind模式挂载
WARNING: IPv4 forwarding is disabled. Networking will not work.
6a2a1da76923a86c16fe8942b132519e335cb38467a75d9602f94a37675a9fc0
[root@docker ~]# cd /datas/ng-node/
[root@docker ng-node]# ls
[root@docker ng-node]# docker exec -it ng-01 /bin/bash
root@6a2a1da76923:/# cd /usr/share/nginx/html/
root@6a2a1da76923:/usr/share/nginx/html# ls #这里没有东西
root@6a2a1da76923:/usr/share/nginx/html# read escape sequence
[root@docker ng-node]# echo welcome to login ng-01:8890 > index.html #导入文件,原生数据会主动共享到容器中
[root@docker ng-node]# docker exec -it ng-01 /bin/bash
root@6a2a1da76923:/# cd /usr/share/nginx/html/
root@6a2a1da76923:/usr/share/nginx/html# ls #现在有了
index.html
root@6a2a1da76923:/usr/share/nginx/html# cat index.html
welcome to login ng-01:8890
[root@docker ng-node]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6a2a1da76923 nginx:latest "/docker-entrypoint.…" 16 minutes ago Up 16 minutes 0.0.0.0:8890->80/tcp, :::8890->80/tcp ng-01
5bc0c919250b nginx:latest "/docker-entrypoint.…" 32 minutes ago Up 32 minutes 0.0.0.0:8888->80/tcp, :::8888->80/tcp ng-test
区别:volume默认模式,容器的数据会主动把数据共享到原生主机
bind模式是原生数据会主动共享到容器中
特别提示:
bind mounts可以挂载宿主机上的任意目录,而volume先得创建后才能挂载
4.2 实战容器部署LNMP网站平台
[root@docker ~]# mkdir /datas/my-node 给mysql设置一个目录
[root@docker ng-node]# docker network create lnmp #创建一个自定义网络
576fa4020bee150eb08ede7c068873a84e92966b67e66375f4a03924db198b2c
[root@docker ng-node]# docker network ls
NETWORK ID NAME DRIVER SCOPE
ee629711235f bridge bridge local
eb35904fea23 host host local
576fa4020bee lnmp bridge local #有了(默认驱动为网桥)
a51fee157db8 none null local
#启动MySQL数据库容器
[root@docker ng-node]# docker run -itd --name lnmp-mysql --network lnmp -p 3306:3306 --mount type=bind,src=/datas/my-node/,dst=/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123123 mysql:5.6 --character-set-server=utf8
[root@docker ng-node]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fb8723233240 mysql:5.6 "docker-entrypoint.s…" 16 seconds ago Up 15 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp lnmp-mysql
6a2a1da76923 nginx:latest "/docker-entrypoint.…" 22 minutes ago Up 22 minutes 0.0.0.0:8890->80/tcp, :::8890->80/tcp ng-01
5bc0c919250b nginx:latest "/docker-entrypoint.…" 38 minutes ago Up 38 minutes 0.0.0.0:8888->80/tcp, :::8888->80/tcp ng-test
[root@docker ng-node]# docker exec lnmp-mysql sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e "create database wp"'
Warning: Using a password on the command line interface can be insecure.
特别提示:
sh -c:向容器里面传导shell指令同时还能导入变量
自定义网络lnmp如果不提前创建的话,在启动容器进程时会报错
如果没有提前pull好mysql:5.6那么容器在启动时会自动下载对应镜像
如果没有提前docker volume create mysql-vol,那么容器启动时会自动创建
4.2.2 向容器里的Mysql创建一个库
[root@docker ng-node]# docker exec lnmp-mysql sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e "show databases"'
Warning: Using a password on the command line interface can be insecure.
Database
information_schema
mysql
performance_schema
wp
4.2.3 在docker宿主机上安装mysql的客户端通过端口映射访问容器内的mysql
因为已经将mysql容器的3306端口映射到了docker宿主机的3306,因此我们访问本地即可
#安装mysql客户端
[root@docker ng-node]# mount /dev/sr0 /media
mount: /dev/sr0 写保护,将以只读方式挂载
[root@docker ng-node]# yum -y install mysql
#远程方式连接docker宿主机的3306端口
[root@docker ng-node]# mysql -h 192.168.100.111 -P 3306 -uroot -p123123
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.6.51 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wp | #已经创建wp库了
+--------------------+
4 rows in set (0.00 sec)
4.2.4 创建nginx+PHP环境容器
#创建一个网页目录
root@docker ~]# mkdir /datas/wwwroot
[root@docker ~]# docker run -itd --name lnmp-np --network lnmp -p 8001:80 --mount type=bind,src=/datas/wwwroot/,dst=/var/www/html richarvey/nginx-php-fpm
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fb5c81fa9396 richarvey/nginx-php-fpm "docker-php-entrypoi…" 11 minutes ago Up 11 minutes 443/tcp, 9000/tcp, 0.0.0.0:8001->80/tcp, :::8001->80/tcp lnmp-np
fb8723233240 mysql:5.6 "docker-entrypoint.s…" 21 minutes ago Up 21 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp lnmp-mysql
6a2a1da76923 nginx:latest "/docker-entrypoint.…" 44 minutes ago Up 44 minutes 0.0.0.0:8890->80/tcp, :::8890->80/tcp ng-01
5bc0c919250b nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:8888->80/tcp, :::8888->80/tcp ng-test
4.2.5 解压wordpress到网页目录/app/wwwroot下
[root@docker ~]# cd /datas/wwwroot/
[root@docker wwwroot]# rz -E
rz waiting to receive.
[root@docker wwwroot]# tar xf wordpress-4.7.4-zh_CN.tar.gz
[root@docker wwwroot]# ls
wordpress wordpress-4.7.4-zh_CN.tar.gz
[root@docker wwwroot]# rm -rf wordpress-4.7.4-zh_CN.tar.gz
[root@docker wwwroot]# docker exec lnmp-np ls /var/www/html/
wordpress
4.2.6 博客wordpress访问测试
通过浏览器进行docker宿主机的88端口的访问测试
http://IP:80/wordpress