链接:https://pan.baidu.com/s/1xua6Gf6jXMFY9hQcW6xSQw?pwd=j1sx
-
知识准备
https://blog.csdn.net/tongxin_tongmeng/article/details/126342599 - Docker安装
1.更新yum yum update 2.卸载旧版本Docker yum -y remove docker docker-common docker-selinux docker-engine 3.安装依赖包 yum -y install yum-utils device-mapper-persistent-data lvm2 4.设置yum源 yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 5.安装最新版Docker yum -y install docker-ce docker-ce-cli containerd.io 6.Docker启动、开机启动 systemctl start docker systemctl enable docker 7.验证Docker docker version
- 配置阿里云镜像
https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
{ "registry-mirrors": ["https://xxxxxxx.mirror.aliyuncs.com"] }
- Docker基本命令
1.启动Docker:systemctl start docker 2.停止Docker:systemctl stop docker 3.重启Docker:systemctl restart docker 4.开机启动Docker:systemctl enable docker 5.查看Docker概要信息:docker info 6.查看Docker帮助文档:docker --help 7.查看Docker版本信息:docker version
- Docker镜像与容器命令
1.镜像搜索、下载、查看、删除多个、删除所有 搜索网址:https://hub.docker.com docker pull 镜像名称:[TAG] docker images docker rmi -f 镜像ID1 镜像ID2 docker rmi -f $(docker images -qa) 2.镜像ID 启动容器 交互式启动(启动后进入容器路径):docker run -it --name 容器别名 镜像ID 守护式启动(启动后留在Centos路径):docker run -id --name 容器别名 镜像ID 执行命令启动:docker run -it --name 容器别名 镜像ID 命令 端口映射启动;docker run -it -p 8888:8080 --name 容器别名 镜像ID 3.容器ID 启动、停止、重启、删除多个、删除所有 docker start、stop、restart 容器ID docker rm -f 容器ID1 容器ID2 docker rm -f $(docker ps -qa) 4.查看容器 运行的:docker ps 停止的:docker ps -f status=exited 所有的:docker ps -a 最近创建的2个:docker ps -n 2 容器日志(Centos路径下):/var/lib/docker/containers 5.进入、退出容器 进入:docker exec -it 容器ID /bin/bash 退出:exit(容器停止运行)、ctrl+P+Q(容器不停止运行) 6.文件、目录复制 docker cp Centos文件 容器ID:容器目录 docker cp 容器ID:容器目录 Centos目录 7.文件、目录挂载 docker run -it -v /Centos目录1:/容器目录1 -v /Centos目录2:/容器目录2 镜像ID Centos与容器关联只读:docker run -it -v /Centos目录:/容器目录:ro 镜像ID
-
Docker镜像备份
1.容器打包为本地镜像:docker commit -a='作者' -m='备注' 容器ID 新镜像名称:[TAG] 2.镜像备份到hub服务器(1756357751/mytomcat为hub服务器中创建的仓库位置): 注册账号:https://hub.docker.com/ 登录hub服务器:docker login 镜像打标签:docker tag 镜像ID 1756357751/mytomcat 镜像上传:docker push 1756357751/mytomcat 3.镜像从hub服务器下载(1756357751/mytomcat为hub服务器中创建的仓库位置): 登录hub服务器:docker login 镜像下载:docker pull 1756357751/mytomcat:[TAG] 4.镜像备份到阿里云 登录阿里云:https://cr.console.aliyun.com 创建命名空间/仓库:1756357751/mytomcat $ docker login --username=用户名 registry.cn-hangzhou.aliyuncs.com $ docker tag [镜像ID] registry.cn-hangzhou.aliyuncs.com/1756357751/mytomcat:[TAG] $ docker push registry.cn-hangzhou.aliyuncs.com/1756357751/mytomcat:[TAG] 5.镜像从阿里云下载(1756357751/mytomcat为阿里云创建的仓库位置): $ docker pull registry.cn-hangzhou.aliyuncs.com/1756357751/mytomcat:[TAG]
-
Docker安装Tomcat
1.下载镜像 docker pull 镜像名称:[TAG] 2.镜像ID运行容器(无挂载启动) docker run -it -p 8888:8080 --name 容器别名 镜像ID 3.Centos创建挂载目录/home/docker/tomcat 4.复制容器/usr/local/tomcat/conf、/usr/local/tomcat/webapps到挂载目录 docker cp 容器ID:/usr/local/tomcat/conf /home/docker/tomcat/ docker cp 容器ID:/usr/local/tomcat/webapps /home/docker/tomcat/ 5.删除无挂载运行的容器 docker rm -f 容器ID 6.镜像ID运行容器(挂载启动) docker run -d --name 容器别名 -p 8888:8080 -v /home/docker/tomcat/conf/:/usr/local/tomcat/conf/ -v /home/docker/tomcat/webapps/:/usr/local/tomcat/webapps/ -v /home/docker/tomcat/logs/:/usr/local/tomcat/logs/ 镜像ID 7.配置tomcat:/home/docker/tomcat/conf/server.xml添加如下标签(请求路径省去项目名称) <Context path="" docBase="/usr/local/tomcat/webapps/war包名" debug="0" reloadable="true"/> 8.修改tomcat配置后重启容器 docker restart 容器ID
-
Docker安装Mysql
1.下载镜像 docker pull 镜像名称:[TAG] 2.镜像ID运行容器(无挂载启动) docker run -it -p 3306:3306 --name 容器别名 -e MYSQL_ROOT_PASSWORD=123456 镜像ID 3.Centos创建挂载目录/home/docker/mysql 4.复制容器/etc/mysql/conf.d、/var/log、/var/lib/mysql到挂载目录 docker cp 容器id:/etc/mysql/conf.d /home/docker/mysql/ docker cp 容器id:/var/log /home/docker/mysql/ docker cp 容器id:/var/lib/mysql /home/docker/mysql/ 5.删除无挂载运行的容器 docker rm -f 容器ID 6.镜像ID运行容器(挂载启动) docker run -it -p 3306:3306 --name 容器别名 -v /etc/mysql/conf.d/:/home/docker/mysql/conf/ -v /var/log:/home/docker/mysql/log/ -v /var/lib/mysql/:/home/docker/mysql/mysql/ -e MYSQL_ROOT_PASSWORD=123456 镜像ID 7.Mysql客户端连接docker里的数据库(root:123456) 8.注意:如果Centos已经安装过Mysql,镜像ID运行容器时将报错3306端口被占用,容器虽然可以成功创建但是无法启动,可以换个端口启动(3306:3306改为3307:3306、3308:3306。。。)
- DockerFile构建镜像
https://pan.baidu.com/s/1cf32DySXipd0D5GtkS37Gw?pwd=0h54构建命令(注意结尾句号): docker build -f DockerFile路径 -t 镜像别名:镜像版本 .
# DockerFile构建Centos FROM centos:7 MAINTAINER changwq<1756357751@qq.com> LABEL name="My CentOS Image" \ build-date="20220818" ENV WORKPATH /home/centos WORKDIR $WORKPATH RUN yum -y install net-tools RUN yum -y install vim EXPOSE 80 CMD /bin/bash
# DockerFile构建Tomcat # 使用centos:7基础镜像启动构建流程 FROM centos:7 # 声明镜像维护者信息 MAINTAINER changwq<xxxx@qq.com> # 镜像描述元信息 LABEL name="My Tomcat Image" \ build-date="20220818" # 将Centos的文件复制到容器,ADD命令时tar类型文件会自动解压 COPY copyright.txt /home/copyright.txt ADD server-jre-8u151-linux-x64.tar.gz /home/ ADD apache-tomcat-8.5.37.tar.gz /home/ # 从Centos进入容器时的工作目录 ENV WORKPATH /home/apache-tomcat-8.5.37/ WORKDIR $WORKPATH # 配置环境变量 ENV JAVA_HOME /home/jdk1.8.0_151 ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ENV CATALINA_HOME /home/apache-tomcat-8.5.37/ ENV CATALINA_BASE /home/apache-tomcat-8.5.37/ ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin # 容器对外暴露的端口 EXPOSE 8080 # 执行Tomcat启动命令 CMD ["/home/apache-tomcat-8.5.37/bin/catalina.sh","run"]
# DockerFile挂载测试 FROM centos:7 # 将容器/home/v1、/home/v2两个目录挂载到Centos VOLUME ["/home/v1","/home/v2"] # 启动容器后启动bash(docker中必须要保持一个进程的运行) CMD /bin/bash # ======================================================================================= # 查看容器挂载详情: docker inspect 容器ID # ======================================================================================= # Source和Destination为Centos和容器对应的挂载目录(对应Centos目录为自动生成,无法指定,不推荐) "Mounts": [ { "Type": "volume", "Name": "cfdaad333ba455c7dc447ab11d45e12bf3ced61f43cae385f7340ba9f956a7ba", "Source": "/var/lib/docker/volumes/cfdaad333ba455c7dc447ab11d45e12bf3ced61f43cae385f7340ba9f956a7ba/_data", "Destination": "/home/v1", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "volume", "Name": "b653857d51ffb9ebf5e50b313121009f98c81ca3a7ce8e78b129f77570dc13a6", "Source": "/var/lib/docker/volumes/b653857d51ffb9ebf5e50b313121009f98c81ca3a7ce8e78b129f77570dc13a6/_data", "Destination": "/home/v2", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ] # ======================================================================================= CMD 语法; CMD ["执行命令","param1","param2"](执行命令并提供参数) CMD ["param1","param2"](ENTRYPOINT执行命令后通过CMD为ENTRYPOINT追加参数) ENTRYPOINT 语法; ENTRYPOINT ["执行命令", “param1”, “param2”] (推荐)
# 镜像构建问题分析 # ======================================================================================= docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/home/apache-tomcat-8.5.37/bin/catalina.sh": stat /home/apache-tomcat-8.5.37/bin/catalina.sh: no such file or directory: unknown. 分析:压缩命令中使用了绝对路径tar -zcvf apache-tomcat-8.5.37.tar.gz /home/docker/dockerfile/apache-tomcat-8.5.37,导致压缩包复制到容器解压后目录结构为/home/docker/dockerfile/apache-tomcat-8.5.37,容器启动时执行catalina.sh命令无法找到 #======================================================================================== docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/home/apache-tomcat-8.5.37/bin/catalina.sh": permission denied: unknown. 分析:tomcat压缩包解压后catalina.sh可执行文件没有可执行权限,需要添加可执行权限后重新压缩 # ======================================================================================= Caused by: java.lang.IllegalArgumentException: The main resource set specified [/usr/local/tomcat/webapps/MyWeb] is not valid at org.apache.catalina.webresources.StandardRoot.createMainResourceSet(StandardRoot.java:748) at org.apache.catalina.webresources.StandardRoot.startInternal(StandardRoot.java:706) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ... 9 more 分析:tomcat压缩包解压后webapps放入了自己的项目MyWeb,server.xml中配置了<Context path="" docBase="/usr/local/tomcat/webapps/war包名" debug="0" reloadable="true"/>,其中docBase未根据DockerFile中指定的工作目录ENV WORKPATH /home/apache-tomcat-8.5.37/重新指定
- Docker私有仓库
1.拉取私有仓库镜像 docker pull registry 2.守护式启动私有仓库(启动后留在Centos路径) docker run -id -p 5000:5000 --name=my_registry registry 3.访问测试 curl http://192.168.1.239:5000/v2/_catalog 4.修改/etc/docker/daemon.json,让docker信任私有仓库地址 { "registry-mirrors": ["https://8q5nyauc.mirror.aliyuncs.com"], "insecure-registries": ["192.168.1.239:5000"] } 5.重启docker(重启docker会关闭所有运行的容器) systemctl restart docker 6.重启私有仓库容器my_registry docker start 容器ID 7.镜像备份到私有仓库 镜像打标签:docker tag 镜像ID 192.168.1.239:5000/镜像别名:[TAG] 镜像上传:docker push 192.168.1.239:5000/镜像别名:[TAG] 8.查看私有仓库镜像 镜像名称:curl http://192.168.1.239:5000/v2/_catalog 镜像版本:docker images 192.168.1.239:5000/镜像名 9.删除私有仓库镜像 docker exec -it 私有仓库容器ID rm -rf /var/lib/registry/docker/registry/v2/repositories/镜像名 docker exec 私有仓库容器ID bin/registry garbage-collect /etc/docker/registry/config.yml 10.镜像从私有仓库下载并启动容器 docker run -it -p 8080:8080 --name 容器别名 192.168.1.239:5000/镜像名 11.测试:http://192.168.1.239:8080