Docker #Docker命令
安装docker
wget https://download.docker.com/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io
systemctl start docker && systemctl enable docker
ali镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://ksvpjulq.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
docker自用镜像(mini)
sudo docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com
sudo docker pull registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:7
docker 私有镜像访问http需要添加
[root@node-1 ~]# cat /etc/docker/daemon.json
{ "insecure-registries":["10.0.1.10:5000"] }
1) Dockerfile >>常用工具docker
cat >> Dockerfile <<eof
FROM centos:7
RUN yum install -y \
vim bash-com* openssh-clients openssh-server iproute cronie;\
yum group install -y "Development Tools";yum clean all;\
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV LANG=zh_CN.UTF-8
eof
docker build . -t centos7-mini
2) Dockerfile >>装了个mini化的docker
cat >> Dockerfile <<eof
FROM centos:7
RUN yum install -y \
vim bash-com* openssh-clients openssh-server iproute cronie;\
yum group install -y "Minimal Install";yum clean all;\
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ENV LANG=zh_CN.UTF-8
eof
docker build . -t centos7-mini
使用docker
(- - privileged /usr/sbin/init可以使用systemctl
报错
[root@real-kk ~]# docker run -tid -p 80:80 --privileged --name nginx --hostname nginx centos7-mini:7 /usr/sbin/init
957c1e3171fe02a8643b6d7b827e455cfff3ba511ea820c27a6e2e00b638194b
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused “process_linux.go:449: container init caused “write /proc/self/attr/keycreate: permission denied””: unknown.
【请尝试永久关闭selinux 重启主机,重启docker服务,】)
[root@real-kk ~]# docker run -tid -p 80:80 --privileged --name nginx --hostname nginx centos7-mini:7 /usr/sbin/init
db8778bcc3c67aa08cca0730c2df9f03299cf2bc33be8d421e3f804cb7dee092
[root@real-kk ~]# docker exec -it nginx bash
[root@nginx /]# systemctl
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System
dev-dm\x2d1.device loaded activating tentative /dev/dm-1
-.mount loaded active mounted /
dev-hugepages.mount loaded active mounted Huge Pages File System
dev-mqueue.mount loaded active mounted POSIX Message Queue File System
etc-hostname.mount loaded active mounted /etc/hostname
etc-hosts.mount loaded active mounted /etc/hosts
etc-resolv.conf.mount loaded active mounted /etc/resolv.conf
sys-kernel-config.mount loaded active mounted Configuration File System
sys-kernel-debug.mount loaded active mounted Debug File System
systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directo
systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory W
● auditd.service loaded failed failed Security Auditing Service
crond.service loaded active running Command Scheduler
dbus.service loaded active running D-Bus System Message Bus
firewalld.service loaded active running firewalld - dynamic firewall daemon
getty@tty1.service loaded active running Getty on tty1
irqbalance.service loaded active running irqbalance daemon
● kdump.service loaded failed failed Crash recovery kernel arming
● network.service loaded failed failed LSB: Bring up/down networking
NetworkManager-wait-online.service loaded active exited Network Manager Wait Online
NetworkManager.service loaded active running Network Manager
polkit.service loaded active running Authorization Manager
● postfix.service loaded failed failed Postfix Mail Transport Agent
rhel-autorelabel-mark.service loaded active exited Mark the need to relabel after reboot
run 创建并运行
-i 交互式
-t 伪终端
-d 后台运行(docker在运行,不进入)
–name 指定docker启动名kk
–hostname 指定docker主机名kk
–privileged=true 在docker内获取最高权限(不加,某些操作没权限)
centos7-mini 自定义的镜像名字
bash 命令
create创建docker
[root@real-kk ~]# docker create -it --name web2 --hostname web2 --privileged=true centos7-mini bash
[root@real-kk ~]# docker start web2
[root@real-kk ~]# docker exec -it web2 bash
[root@web2 /]#
删除docker
删除docker -f强制
docker rm -f xxx
删除镜像
docker image rm xxx
打包docker镜像(换过yum仓库、安装过nginx服务)
重建docker会一起构建 记得添加权限 --privileged=true
[root@real-kk ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
18089cb6e4e3 centos7-mini "bash" 2 hours ago Up 2 hours server-lvs
[root@real-kk ~]# docker commit -p server-lvs
sha256:7a418b67d94e5c77207d10f4a56b973c2184e5ab386c85f206bd21b18f361530[root@real-kk ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 7a418b67d94e 15 seconds ago 1.35GB
[root@real-kk ~]# docker tag 7a41 nginx:yum
[root@real-kk ~]# docker run -ti --name nginx --hostname nginx --privileged=true nginx:yum bash
[root@nginx /]# nginx
[root@nginx /]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21/nginx: master pr
[root@nginx /]# cd /etc/yum.repos.d/
[root@nginx yum.repos.d]# ls
CentOS-Base.repo epel.repo nginx.repo
镜像保存到ali仓库(已经装好的镜像)
docker push registry.cn-hangzhou.aliyuncs.com/<命名空间>/<应用镜像名>:<镜像版本>
[root@real-kk ~]# docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com
[root@real-kk ~]# docker tag 7a418b67d94e registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx
[root@real-kk ~]# sudo docker push registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx
The push refers to repository [registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini]
117bbd63dea1: Pushed
a09765cc3795: Pushing [======================================> ] 573.7MB/748.9MB
613be09ab3c0: Pushed
拉取docker-先登录-再拉取
[root@real-kk ~]# sudo docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com
[root@real-kk ~]# docker pull registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx