Dpocker网络模式
docker有几种不同的网络模式,就像VMware,VMware有NAT模式、桥接模式和仅主机模式。
docker有4种网络模式:
host模式,使用 docker run 时使用 --net=host 指定。该模式下docker使用的网络实际上和宿主机一样,在容器内看到的网卡ip是宿主机ip
container模式,使用 --net=container:container_id/container_name 指定。该模式下多个容器使用共同的网络,看到的ip都是一样的
none模式,使用 --net=none 指定。该模式下,不会配置任何网络
bridge模式,使用 --net=bridge 指定,不指定模式默认也是这种网络模式。该模式下会为每个容器分配一个独立的network namespace,
类似于VMware的NAT模式。同一个宿主机上的所有容器都会在同一个网段下,相互之间是可以通信的
需要考虑的是,我们怎么让别的机器访问到宿主机里面的容器ip呢?
- 启动容器,安装nginx:
# docker run -itd centos
64a70a9f04b24a46504a307c3668b54f1418e434657cda0ade870daeb116198b
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
64a70a9f04b2 centos "/bin/bash" 5 seconds ago Up 4 seconds boring_heyrovsky
# docker exec -it 64a70a9f04b2 bash
[root@64a70a9f04b2 /]# yum install -y epel-release
[root@64a70a9f04b2 /]# yum install -y nginx
[root@64a70a9f04b2 /]# exit
exit
- 导出容器:
# docker commit -m "install nginx" -a "lzxlinux" 64a70a9f04b2 centos_with_nginx
sha256:7b70caa8b6302ab7a847fa436e9302eda91f5491268a8bb87fbabaadcca490a1
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_with_nginx latest 7b70caa8b630 6 seconds ago 408MB #刚刚导出的容器
lzx_test latest 5926537d3e30 3 days ago 272MB
<none> <none> 531fcbd0fb9d 3 days ago 0B
192.168.33.150:5000/centos7 latest 9934306dddc6 3 days ago 435MB
centos7 latest 9934306dddc6 3 days ago 435MB
centos_with_net latest ef7d535f8206 3 days ago 293MB
registry latest 2e2f252f3c88 4 days ago 33.3MB
192.168.33.150:5000/ubuntu latest cd6d8154f1e1 11 days ago 84.1MB
192.168.33.150:5001/ubuntu latest cd6d8154f1e1 11 days ago 84.1MB
ubuntu latest cd6d8154f1e1 11 days ago 84.1MB
lzx_centos latest 5182e96772bf 5 weeks ago 200MB
192.168.33.150:5000/centos latest 5182e96772bf 5 weeks ago 200MB
centos latest 5182e96772bf 5 weeks ago 200MB
- 启动新导出的容器:
[root@lzx ~]# docker run -itd -p 8088:80 centos_with_nginx bash #-p指定端口映射,8088为宿主机端口,80为容器端口
861f21274f1003457a27327d21f4e7cbe186277573b938a4e5a2cfbcee20c694
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
861f21274f10 centos_with_nginx "bash" 5 seconds ago Up 4 seconds 0.0.0.0:8088->80/tcp mystifying_stallman
64a70a9f04b2 centos "/bin/bash" 12 minutes ago Up 12 minutes boring_heyrovsky
- 启动容器中nginx服务:
# docker exec -it 861f21274f10 bash
[root@861f21274f10 /]# systemctl start nginx
Failed to get D-Bus connection: Operation not permitted #遇到报错:Operation not permitted
- 解决上面报错:
上面报错是因为dbus-daemon没有启动,启动时要加上 --privileged -e "container=docker" ,并且最后面的命令改为 /usr/sbin/init
[root@861f21274f10 /]# exit
exit
# docker rm -f 861f21274f10 #删除容器
861f21274f10
# docker run -itd --privileged -e "container=docker" -p 8088:80 centos_with_nginx /usr/sbin/init
70ffc273d97d79ae9d12e0f5a43a329e5ce26037270dcffc55dda9ff5a967dd1
# docker exec -it 70ffc27 bash
[root@70ffc273d97d /]# systemctl start nginx #启动nginx,没有报错
[root@70ffc273d97d /]# ps aux |grep nginx
root 85 0.0 0.2 120808 2092 ? Ss 03:39 0:00 nginx: master process /usr/sbin/nginx
nginx 86 0.0 0.3 121272 3120 ? S 03:39 0:00 nginx: worker process
- 进行访问:
容器内访问80端口
[root@70ffc273d97d /]# curl localhost
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Test Page for the Nginx HTTP Server on Fedora</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #294172;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #3C6EB4;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #294172;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1>Welcome to <strong>nginx</strong> on Fedora!</h1>
<div class="content">
<p>This page is used to test the proper operation of the
<strong>nginx</strong> HTTP server after it has been
installed. If you can read this page, it means that the
web server installed at this site is working
properly.</p>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>This is the default <tt>index.html</tt> page that
is distributed with <strong>nginx</strong> on
Fedora. It is located in
<tt>/usr/share/nginx/html</tt>.</p>
<p>You should now put your content in a location of
your choice and edit the <tt>root</tt> configuration
directive in the <strong>nginx</strong>
configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://fedoraproject.org/"><img
src="poweredby.png"
alt="[ Powered by Fedora ]"
width="88" height="31" /></a>
</div>
</div>
</body>
</html>
容器外访问8088端口
[root@70ffc273d97d /]# exit
exit
[root@lzx ~]# curl localhost:8088
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Test Page for the Nginx HTTP Server on Fedora</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #294172;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #3C6EB4;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #294172;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1>Welcome to <strong>nginx</strong> on Fedora!</h1>
<div class="content">
<p>This page is used to test the proper operation of the
<strong>nginx</strong> HTTP server after it has been
installed. If you can read this page, it means that the
web server installed at this site is working
properly.</p>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>This is the default <tt>index.html</tt> page that
is distributed with <strong>nginx</strong> on
Fedora. It is located in
<tt>/usr/share/nginx/html</tt>.</p>
<p>You should now put your content in a location of
your choice and edit the <tt>root</tt> configuration
directive in the <strong>nginx</strong>
configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://fedoraproject.org/"><img
src="poweredby.png"
alt="[ Powered by Fedora ]"
width="88" height="31" /></a>
</div>
</div>
</body>
</html>
配置桥接网络
为了使本地网络中的机器和docker容器更方便,我们经常会有将docker容器配置到和主机同一网段的需求。这个需求并不难实现,只要将docker容器和宿主机的网卡桥接起来,再给docker容器配上ip就可以了。
- 修改网卡配置文件:
[root@lzx ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:22ff:fe5e:3170 prefixlen 64 scopeid 0x20<link>
ether 02:42:22:5e:31:70 txqueuelen 0 (Ethernet)
RX packets 3310 bytes 151657 (148.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3939 bytes 35751195 (34.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.33.150 netmask 255.255.255.0 broadcast 192.168.33.255
inet6 fe80::84c7:fae0:d9f5:d9c0 prefixlen 64 scopeid 0x20<link>
inet6 fe80::b6f9:83f6:f7f2:ece0 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:42:1c:de txqueuelen 1000 (Ethernet)
RX packets 28702 bytes 37208817 (35.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6192 bytes 609485 (595.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 43 bytes 7449 (7.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 43 bytes 7449 (7.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# cd /etc/sysconfig/network-scripts/
# cp ifcfg-ens33 ifcfg-br0
# vim !$ #修改下面内容
Type=Bridge
NAME=br0
#UUID=0c7940e3-81d3-40fe-a310-a30aba1435f0
DEVICE=br0
# vim ifcfg-ens33 #修改下面内容
#UUID=0c7940e3-81d3-40fe-a310-a30aba1435f0
#IPADDR=192.168.33.150
#NETMASK=255.255.255.0
#GATEWAY=192.168.33.2
#DNS1=8.8.8.8
#DNS2=4.4.4.4
BRIDGE=br0
# systemctl restart network
# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.33.150 netmask 255.255.255.0 broadcast 192.168.33.255
inet6 fe80::8871:5214:2644:d085 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:42:1c:de txqueuelen 1000 (Ethernet)
RX packets 352 bytes 29438 (28.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 272 bytes 30136 (29.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:76ff:feba:2ff7 prefixlen 64 scopeid 0x20<link>
ether 02:42:76:ba:2f:f7 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:42:1c:de txqueuelen 1000 (Ethernet)
RX packets 511 bytes 46949 (45.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 290 bytes 32169 (31.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 160 bytes 12960 (12.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 160 bytes 12960 (12.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
如果修改没问题的话,ens33是没有IP地址的,而br0是有IP地址的。
- 安装pipework:
# cd
# yum install -y git #git需要安装
# git clone https://github.com/jpetazzo/pipework
# cd pipework/
# ls
docker-compose.yml doctoc LICENSE pipework pipework.spec README.md
# cp pipework /usr/local/bin/
# systemctl start docker
# docker run -itd --net=none centos_with_net bash #--net=none表示不设置网络
fb22bdd37ae67792a2d70b525af3e1d8d6632161b0d826799f4fe4249a0eaebc
# docker exec -it fb22b bash
[root@fb22bdd37ae6 /]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 #这里可以看到只有一个lo网卡
[root@fb22bdd37ae6 /]# exit
exit
- 使用pipework:
# pipework br0 fb22bd 192.168.33.180/24@192.168.33.2 #使用pipework指定ip和网关
# docker exec -it fb22b bash
[root@fb22bdd37ae6 /]# ifconfig
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.33.180 netmask 255.255.255.0 broadcast 192.168.33.255
ether 16:1b:e1:b9:ea:05 txqueuelen 1000 (Ethernet)
RX packets 7 bytes 578 (578.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 42 (42.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 #新增一个网卡
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- 测试:
打开另外一台机器,ping 192.168.33.180
# ping 192.168.33.180
PING 192.168.33.100 (192.168.33.100) 56(84) bytes of data.
64 bytes from 192.168.33.100: icmp_seq=1 ttl=64 time=0.453 ms
64 bytes from 192.168.33.100: icmp_seq=2 ttl=64 time=0.692 ms
64 bytes from 192.168.33.100: icmp_seq=3 ttl=64 time=0.259 ms
64 bytes from 192.168.33.100: icmp_seq=4 ttl=64 time=0.250 ms
64 bytes from 192.168.33.100: icmp_seq=5 ttl=64 time=0.250 ms
64 bytes from 192.168.33.100: icmp_seq=6 ttl=64 time=0.228 ms
本机容器里面,ping www.baidu.com
[root@fb22bdd37ae6 /]# ping www.baidu.com
PING www.a.shifen.com (61.135.169.121) 56(84) bytes of data.
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=1 ttl=128 time=37.9 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=2 ttl=128 time=38.6 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=3 ttl=128 time=35.3 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=4 ttl=128 time=37.0 ms
64 bytes from 61.135.169.121 (61.135.169.121): icmp_seq=5 ttl=128 time=38.2 ms
配置桥接网络成功。
另外,如果还想同时给另外一块网卡(如ens37)配置桥接网络,那可以设置为br1,以此类推,配置方法大体相同。
Dockerfile格式
dockerfile是由一系列命令和参数构成的脚本,这些命令应用于基础镜像并最终创建一个新的镜像。它们简化了从头到尾的流程并极大的简化了部署工作。dockerfile从FROM命令开始,紧接着跟随者各种方法,命令和参数。其产出为一个新的可以用于创建容器的镜像。
类似于Makfile,用户使用docker build
就可以编译镜像,使用该命令可以设置编译镜像时使用的CPU数量、内存大小、文件路径等。
dockerfile由多条指令组成,每条指令在编译镜像时执行相应的程序完成某些功能,由指令+参数组成,以逗号分隔,#作为注释起始符,虽说指令不区分大小写,但是一般指令使用大些,参数使用小写。
FROM 指定基于哪个基础镜像
格式:FROM 或者 FROM :
如 FROM centos ; FROM centos:latest
MAINTAINER 指定作者信息
格式:MAINTAINER
如 MAINTAINER lzx lzx@lzxlinux.com
RUN 镜像操作指令
格式:RUN 或者 RUN [“executable”,‘param1",“param2”]
如 RUN yum install httpd 或者 RUN ["/bin/bash","-c",“echo hello”]
CMD 指定容器启动时执行的命令,只能有一条
格式:CMD [“executable”,“param1”,“param2] 或
CMD command param1 param2 或
CMD [“param1”,“param2”]
如 CMD [”/bin/bash","/usr/local/nginx/sbin/nginx","-c","/usr/local/nginx/conf/nginx.conf"]
EXPOSE 指定要映射出去的端口
格式:EXPOSE …
(-P(大写)指定容器端口,宿主机端口随机分配;-p(小写)指定宿主机端口和容器端口)
如 EXPOSE 22 80 443 或 EXPOSE -P 80 或 EXPOSE -p 8088:80
ENV 为后续的RUN指令提供一个环境变量
格式:ENV
如 ENV PATH /usr/local/mysql/bin:$PATH
ADD 将本地的一个文件或目录拷贝到容器的某个目录里
格式: ADD
(src为dockfile所在目录的相对路径,也可以是一个url)
如 ADD <conf/vhosts> </usr/local/nginx/conf>
COPY 将本地的一个文件或目录拷贝到容器的某个目录里
格式:COPY
(用法与ADD基本相同,但不支持url)
如 COPY <conf/vhosts> </usr/local/nginx/conf>
ENTRYPOINT 指定容器启动时执行的命令,只能有一条,写多条也只有最后一条生效
格式:ENTRYPOINT [“executable”,“param1”,“param2] 或
ENTRYPOINT command param1 param2 或
ENTRYPOINT [“param1”,“param2”]
(用法与CMD基本相同,但CMD可以被docker run指令覆盖,而ENTRYPOINT不能覆盖,且会比CMD或docker run指定的命令更早执行)
如 ENTRYPOINT [”/bin/bash","/usr/local/nginx/sbin/nginx","-c","/usr/local/nginx/conf/nginx.conf"]
VOLUME 创建一个可以从本机或者其他容器挂载的挂载点
格式:VOLUME ["/data"]
USER 指定运行容器的用户
格式:USER daemon
WORKDIR 为后续的RUN、CMD或者ENTERPOINT指定工作目录
格式:WORKDIR /path/to/workdir
Dockerfile 示例
上面介绍了dockerfile的语法格式,现在我们进行安装nginx实例操作。
- 编辑dockerfile:
# vim Dockerfile
## Set the base image to CentOS
FROM centos
# File Auther / Maintainer
Maintainer lzx lzx@lzxlinux.com
# Install necessary tools
RUN yum install -y pcre-devel wget net-tools gcc zlib zlib-devel make openssl-devel
# Install Nginx
ADD http://nginx.org/download/nginx-1.8.0.tar.gz .
RUN tar zxvf nginx-1.8.0.tar.gz
RUN mkdir -p /usr/local/nginx
RUN cd nginx-1.8.0 && ./configure --prefix=/usr/local/nginx && make && make install
RUN rm -fv /usr/local/nginx/conf/nginx.conf
ADD http://www.apelearn.com/study_v2/.nginx_conf /usr/local/nginx/conf/nginx.conf
# Expose ports
EXPOSE 80
# Set the default command to execute when creating a new container
ENTRYPOINT /usr/local/nginx/sbin/nginx && tail -f /etc/passwd #加上tail -f 防止容器启动完nginx就自动停止
- 创建镜像:
# docker build -t centos_nginx . #创建镜像,.表示在当前路径下查找dockerfile
Sending build context to Docker daemon 872.1MB
.
. #此处为省略部分,总共有11步
.
Successfully built 8a3eb3f04231
Successfully tagged centos_nginx:latest #出现这个就说明运行成功
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_nginx latest 8a3eb3f04231 2 minutes ago 364MB #可以看到刚刚创建的centos_nginx镜像
centos_with_nginx latest 7b70caa8b630 2 days ago 408MB
lzx_test latest 5926537d3e30 5 days ago 272MB
<none> <none> 531fcbd0fb9d 5 days ago 0B
192.168.33.150:5000/centos7 latest 9934306dddc6 5 days ago 435MB
centos7 latest 9934306dddc6 5 days ago 435MB
centos_with_net latest ef7d535f8206 6 days ago 293MB
registry latest 2e2f252f3c88 7 days ago 33.3MB
192.168.33.150:5000/ubuntu latest cd6d8154f1e1 13 days ago 84.1MB
192.168.33.150:5001/ubuntu latest cd6d8154f1e1 13 days ago 84.1MB
ubuntu latest cd6d8154f1e1 13 days ago 84.1MB
192.168.33.150:5000/centos latest 5182e96772bf 6 weeks ago 200MB
centos latest 5182e96772bf 6 weeks ago 200MB
lzx_centos latest 5182e96772bf 6 weeks ago 200MB
- 运行镜像:
# docker run -itd -p 81:80 centos_nginx bash #运行centos_nginx镜像
ebe5c1765ccb3eddab2bc57439de72a263c53de0a523fc8b437f15f0282314aa
# docker exec -it ebe5c1 bash
[root@ebe5c1765ccb /]# ps aux |grep nginx
root 1 0.0 0.1 11680 1352 pts/0 Ss+ 06:48 0:00 /bin/sh -c /usr/local/nginx/sbin/nginx && tail -f /etc/passwd bash #nginx服务已经启动,且容器没有退出
root 7 0.0 0.0 24880 792 ? Ss 06:48 0:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 8 0.0 0.3 27324 3360 ? S 06:48 0:00 nginx: worker process
nobody 9 0.0 0.3 27324 3360 ? S 06:48 0:00 nginx: worker process
root 25 0.0 0.0 9088 664 pts/1 S+ 06:49 0:00 grep --color=auto nginx
[root@ebe5c1765ccb /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 16 bytes 1296 (1.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@ebe5c1765ccb /]# exit
exit
# curl 127.0.0.1:81 #访问宿主机的81端口
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
成功访问,说明上面使用Dockerfile创建镜像成功。
Docker Compose 部署服务
Compose 是一个用户定义和运行多个容器的Docker应用程序。在Compose中你可以使用yaml 文件来配置你的应用服务。然后,只需要一个简单的命令,就可以创建并启动你配置的所有服务。
Compose 可以方便我们快捷且高效地管理容器的启动、停止、重启等操作。它类似于linux下的shell脚本,基于yaml语法,在该文件里我们可以描述应用的架构,比如用什么镜像、数据卷、网络模式、监听端口等信息。我们可以在一个compose文件中定义一个多容器的应用(如jumpserver),然后通过该compose来启动这个应用。
- 安装compose:
先使用Windows下载docker-compose文件,通过lrzsz传到linux机器上
# du -sh docker-compose-Linux-x86_64
8.5M docker-compose-Linux-x86_64
# mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
# chmod 755 !$
chmod 755 /usr/local/bin/docker-compose
# docker-compose version #查看docker-compose版本
docker-compose version 1.17.0-rc1, build a0f95af
docker-py version: 2.5.1
CPython version: 2.7.13
OpenSSL version: OpenSSL 1.0.1t 3 May 2016
compose区分version 1 和 version 2(compose 1.6.0+ ,docker engine 1.10.0+),version 2支持更多的指令,建议使用version 2。
- 部署服务:
# vim docker-compose.yml #写入下面内容,注意空格
version: "2" #使用 version 2 版本
services:
app1: #表示容器名字
image: centos_nginx #表示镜像名
ports:
- "8080:80" #指定映射端口
networks:
- "net1" #指定网络模式
volumes:
- /data/:/data #目录挂载,等同于前面讲过的-v选项
app2:
image: centos_with_net
networks:
- "net2"
volumes:
- /data/:/data1
entrypoint: tail -f /etc/passwd #防止容器运行完dockerfile停止
networks:
net1:
driver: bridge
net2:
driver: bridge
- 运行docker-compose:
# docker-compose up -d #运行docker-compose,启动服务;-d 后台启动
Creating root_app2_1 ...
Creating root_app1_1 ...
Creating root_app2_1
Creating root_app1_1 ... done
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
52e07bc9a607 centos_nginx "/bin/sh -c '/usr/lo…" 35 seconds ago Up 33 seconds 0.0.0.0:8080->80/tcp root_app1_1
e9b9c0ad3f37 centos_with_net "tail -f /etc/passwd" 35 seconds ago Up 33 seconds root_app2_1
ebe5c1765ccb centos_nginx "/bin/sh -c '/usr/lo…" About an hour ago Up About an hour 0.0.0.0:81->80/tcp suspicious_colden
# docker-compose ps #显示docker-compose
Name Command State Ports
---------------------------------------------------------------------------
root_app1_1 /bin/sh -c /usr/local/ngin ... Up 0.0.0.0:8080->80/tcp
root_app2_1 tail -f /etc/passwd Up #状态均为up
通过使用compose,我们可以很方便地管理容器的启动、停止、重启等操作。
更多资料参考: