hello docker
虚拟机初始操作
当前操作系统centos8.2, docker版本19.03
- 关闭selinux
# vi /etc/selinux/config
[root@localhost docker]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
- 关闭防火墙和swap
# 此配置表示防火墙如同虚设
[root@localhost docker]# firewall-cmd --set-default-zone=trusted
success
[root@localhost docker]# #注释掉含有swap的一行
[root@localhost docker]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Jul 15 01:52:54 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/cl-root / xfs defaults 0 0
UUID=8fd39e5d-e001-4a92-9f25-0fa97c713e4d /boot ext4 defaults 1 2
#/dev/mapper/cl-swap swap swap defaults 0 0
- 配置yum源
- 重封装此虚拟机为模板虚拟机
-
:操作
-
清除网卡里特有的信息
-
删除ssh相关的密钥 rm -rf /etc/ssh/ssh_host_*
-
清空/etc/machine-id的内容,是清空不是删除此文件
docker配置
- docker配置镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-‘EOF’
{
“registry-mirrors”: [“https://qz398k7t.mirror.aliyuncs.com”]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
- docker命令
–查看镜像详细信息命令,no-truc参数加上可查看完整的命令,不加可以查看简要信息
docker history nginx --no-truc
–也可以通过网站查询某个镜像的所有tag,Dockerfile,使用方法等。
https://hub.docker.com/_/nginx
[root@localhost docker]# docker history nginx
IMAGE CREATED CREATED BY SIZE COMMENT
4bb46517cac3 2 weeks ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B
<missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["/docker-entr… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) COPY file:0fd5fca330dcd6a7… 1.04kB
<missing> 2 weeks ago /bin/sh -c #(nop) COPY file:1d0a4127e78a26c1… 1.96kB
<missing> 2 weeks ago /bin/sh -c #(nop) COPY file:e7e183879c35719c… 1.2kB
<missing> 2 weeks ago /bin/sh -c set -x && addgroup --system -… 63.4MB
<missing> 2 weeks ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV NJS_VERSION=0.4.3 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.19.2 0B
<missing> 4 weeks ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 4 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 4 weeks ago /bin/sh -c #(nop) ADD file:3af3091e7d2bb40bc… 69.2MB
docker run -t -i images:tag
–这里-t 是指启动一个模拟终端
– -i是指开启交互模式
– -d 后台
- mysql容器
要求:
1.利用镜像hub.c.163.com/library/mysql:latest创建一个容器,满足如下要求:
1.容器名为db
2.把容器里的目录/var/lib/mysql挂载到宿主机的/db目录
3.容器启动时自动创建一个名为blog的数据库
4.mysql的root密码设置为redhat
在使用MySQL 镜像的时候至少需要指定一个变量MYSQL_ROOT_PASSWORD 来指定root 密
码,其他变量比如MYSQL_USER, MYSQL_PASSWORD,MYSQL_DATABASE 这些都是可选的:
[root@localhost docker]# docker run -d --name=db -v /db:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=redhat -e MYSQL_DATABASE=blog hub.c.163.com/library/mysql
73f8f0db6152a6c452d3c2173791f0413fda87983e4c11fa69ccc849f5943377
[root@localhost docker]#
- workpress容器练习
利用镜像hub.c.163.com/library/wordpress:latest创建一个容器,满足如下要求:
1.容器名为blog
2.把容器里的目录/var/www/html挂载到宿主机的/web目录
3.以root用户连接到mysql的容器,使用blog数据库
4.把容器端口映射到宿主机的8080端口
3.安装wordpress,管理员设置为admin,密码为redhat,邮箱为aaa@example.com
站点名为 docker
[root@localhost ~]# docker run -d --name=blog -v /web:/var/www/html -p 8080:80 -e WORDPRESS_DB_HOST=172.17.0.4 -e WORDPRESS_DB_USER=root -e WORDPRESS_DB_PASSWORD=redhat -e WORDPRESS_DB_NAME=blog hub.c.163.com/library/wordpress
a8a1dd0b610ae716fb8a5f20ceefd6fec17265feedc0b7e28136536834db03a6
[root@localhost ~]# docker logs -f a8
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.5. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.5. Set the 'ServerName' directive globally to suppress this message
[Thu Sep 03 09:22:32.364217 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.10 (Debian) PHP/5.6.31 configured -- resuming normal operations
[Thu Sep 03 09:22:32.364306 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
- 其他记录
1) 系统开启转发功能,1表示开启
cat /proc/sys/net/ipv4/ip_forward
1