镜像相关命令
查看镜像
查看开机自启动服务 systemctl list-unit-files
docker images docker image ls 查看所用镜像的id docker images -q REPOSITORY TAG IMAGE ID CREATED SIZE 镜像名称 版本号 镜像id 镜像创造时间 大小
搜索镜像
docker search redis(名字)
拉取镜像
docker pull redis docker pull redis:版本号 如果不知道版本号,默认下载最新版本 不知道版本号的话,可以去docker hub 查看
删除镜像
docker rmi redis docker rmi redis:latest docker rmi 镜像id 删除所有镜像 docker rmi `docker images -q`
容器相关命令
查看容器
查看正在运行的容器 docker ps 查看所有容器 docker ps -a
创造并启动容器
docker run -it --name=*** centos:7 /bin/bash -i:保持容器运行 -t:为容器分配一个伪终端 -it创造的容器,在执行命令之后,会自动进入容器 docker run -id --name c2 centos:7 /bin/bash -d:以守护模式运行容器,创造后需要使用如下命令进入容器 容器名称 docker exec -it c2 /bin/bash
端口映射的几种方式 IP:Hport:Cport 将容器的端口映射到指定ip的端口 IP::Cport 将容器的端口映射到指定ip的随机端口 Hport:Cport 将容器的端口映射到宿主机的端口
进入容器
docker exec -it c2 /bin/bash
启动/停止容器
docker start/stop 容器名称/容器ID
删除容器
docker rm 容器名称/容器ID
查看容器信息
docker inspect 容器名称/容器ID
数据卷
数据卷的概念 宿主机的一个目录或者文件 数据卷的作用 容器数据持久化 宿主机和容器数据交换 容器间数据交换 数据卷容器 创造一个容器,挂载一个目录,容器他容器挂载到该容器
宿主机和一个容器通信
docker run -itd --name=n1 -p 80:80 -v /root/nginx:/usr/share/nginx/html/ nginx [root@gzz~70 ~]# curl 192.168.129.70:80 <h1>hello XT</h1> [root@gzz~70 nginx]# echo 'hello tomorrow' > index.html [root@gzz~70 nginx]# pwd /root/nginx [root@gzz~70 nginx]# curl 192.168.129.70:80 hello tomorrow
多个容器之间相互通信
方法1: docker run -itd --name=c1 -v /root/data:/root/data1 centos:7 docker run -itd --name=c2 -v /root/data/:/root/data2/ centos:7 [root@2c16d74548df data2]# pwd /root/data2 [root@2c16d74548df data2]# touch 8df.txt [root@5f9816c04531 data1]# pwd /root/data1 [root@5f9816c04531 data1]# ls 8df.txt 只需要将宿主机上的一个目录同时挂载在容器上,就可以实现多个容器相互通信 方法2: 创造数据卷容器 docker run -it --name=c3 -v /docker centos:7 将其余容器挂载到数据卷容器上 docker run -it --name=c1 --volumes-from c3 centos:7 docker run -it --name=c2 --volumes-from c3 centos:7 验证 [root@5ed68dac6506 docker]# pwd /docker [root@5ed68dac6506 docker]# touch docker.txt [root@9caaa852b8f0 docker]# pwd /docker [root@9caaa852b8f0 docker]# ls docker.txt [root@a8df69edfa33 docker]# pwd /docker [root@a8df69edfa33 docker]# ls docker.txt 这三个容器之间数据互通
docker file
自定义centos镜像
自定义一个centos7镜像 要求实现:登录进来的工作目录是/usr,可以使用vim dockerfile文件编写如下: [root@gzz~70 docker-files]# cat centos_dockerfile FROM centos:7 MAINTAINER gaozhu <1720224889@qq.com> RUN yum install vim -y WORKDIR /usr cmd /bin/bash 创造镜像文件 docker build -f ./centos_dockerfile -t gzzcentos:1 . 运行镜像文件 docker run -it --name=c2 gzzcentos:1 验证: [root@gzz~70 docker-files]# docker exec -it c2 /bin/bash [root@e7d1355bf682 usr]# vim files [root@e7d1355bf682 usr]#
dockerfile关键字
构建centos镜像
要求实现
-
登录后的默认路径是/opt
-
可以使用vim编辑器
-
可以使用ifconfig命令
1.编写dockerfile文件 [root@gzz~70 docker-files]# cat centos1_dockerfile FROM centos:7 MAINTAINER gaozhuzhu<1720224889@qq.com> ENV MYPATH /opt WORKDIR $MYPATH RUN yum install vim -y RUN yum install net-tools -y EXPOSE 80 CMD /bin/bash 2.构建镜像 docker build -f ./centos1_dockerfile -t mycentos:1 . 3.运行镜像,验证 [root@gzz~70 docker-files]# docker run -it --name=mycentos1 mycentos:1 [root@d49bf381af26 opt]# pwd /opt [root@d49bf381af26 opt]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 8 bytes 656 (656.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@d49bf381af26 opt]# vim kkk [root@d49bf381af26 opt]#
使用centos镜像自定义tomcat
1.创建文件夹,上传安装包 [root@gzz~70 tomcat]# ll 总用量 195940 -rw-r--r--. 1 root root 10874669 9月 15 09:59 apache-tomcat-9.0.21.tar.gz -rw-r--r--. 1 root root 23 9月 15 10:01 a.txt -rw-r--r--. 1 root root 189756259 9月 15 09:59 jdk-8u161-linux-x64.tar.gz -rw-r--r--. 1 root root 585 9月 15 11:26 tomcat_dockerfile 2.编写dockerfile [root@gzz~70 tomcat]# cat tomcat_dockerfile FROM centos MAINTAINER yihao<1535146409@qq.com> COPY a.txt /usr/local/a.txt ADD jdk-8u161-linux-x64.tar.gz /usr/local/ ADD apache-tomcat-9.0.21.tar.gz /usr/local/ WORKDIR /usr/local ENV JAVA_HOME /usr/local/jdk1.8.0_161 ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.21 ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.21 ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin EXPOSE 8080 CMD /usr/local/apache-tomcat-9.0.21/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.21/bin/logs/catalina.out 3.生成镜像文件 docker build -f ./tomcat_dockerfile . -t mytomcat:1 4.启动镜像 [root@gzz~70 tomcat]# docker run -itd --name=mytomcat -p 8080:8080 mytomcat:1 d279e4266c337892c19962fcc961ab3007692af0cd40eaa6de290739658d1adf 5.验证 [root@gzz~70 tomcat]# docker exec -it mytomcat /bin/bash [root@d279e4266c33 local]# ls a.txt apache-tomcat-9.0.21 bin etc games include jdk1.8.0_161 lib lib64 libexec sbin share src [root@d279e4266c33 local]# pwd /usr/local [root@d279e4266c33 local]# cat a.txt hello ,this is a a.txt
基于centos镜像自定义nginx
1.编写dockerfile [root@gzz~70 nginx1]# cat dockerfile FROM centos:centos7 MAINTAINER nebula RUN rpm --rebuilddb;yum install make wget tar gzip passwd openssh-server gcc pcre-devel openssl-devel net-tools vim -y RUN rm -rf /etc/yum.repos.d/*;wget -P /etc/yum.repos.d/ http://mirrors.163.com/.help/CentOS7-Base-163.repo RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' RUN ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ED25519_key -N '' RUN echo 'Nebula@123' | passwd --stdin root RUN wget -P /tmp/ http://nginx.org/download/nginx-1.14.2.tar.gz RUN cd /tmp/;tar xzf nginx-1.14.2.tar.gz;cd nginx-1.14.2 RUN cd /tmp/nginx-1.14.2;./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module;make;make install EXPOSE 22 EXPOSE 80 CMD /usr/local/nginx/sbin/nginx;/usr/sbin/sshd -D 2.生成镜像 docker build -f ./dockerfile . -t mynginx:1 3.启动镜像 [root@gzz~70 nginx1]# docker run -itd -p 8081:80 -p 2201:22 --name=n1 mynginx:1 19f3e39a5a43ff195cd79ddab7ff14c5d53c1e6b8f16262d2c73cff7425948ad 4.验证 [root@gzz~70 nginx1]# ssh 192.168.129.70 -p 2222 The authenticity of host '[192.168.129.70]:2222 ([192.168.129.70]:2222)' can't be established. ECDSA key fingerprint is SHA256:R8y/3W+y0jlSqB1SVh7tgawG3ZWL0nOiWPl2BYwTlEE. ECDSA key fingerprint is MD5:59:1d:02:24:58:8f:7f:b3:69:97:74:ec:3f:93:d7:c0. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.129.70]:2222' (ECDSA) to the list of known hosts. root@192.168.129.70's password: [root@3957b3d671fb ~]#
实战:基于centos镜像自定义nginx
1.编写dockerfile,上传nginx安装包 [root@gzz~70 nginx]# ll 总用量 1084 -rw-r--r--. 1 root root 1104352 9月 15 15:05 nginx-1.23.1.tar.gz -rw-r--r--. 1 root root 648 9月 15 15:49 nginx_dockerfile [root@gzz~70 nginx]# cat nginx_dockerfile FROM centos:centos7 MAINTAINER yihao<1535146409@qq.com> ADD nginx-1.23.1.tar.gz /opt/nginx WORKDIR /opt/nginx RUN rpm --rebuilddb RUN yum install make wget tar gzip passwd openssh-server gcc pcre-devel openssl-devel net-tools vim -y RUN cd /opt/nginx/nginx-1.23.1;./configure --prefix=/usr/local/nginx;make && make install RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' RUN ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ED25519_key -N '' RUN echo 'Nebula@123' | passwd --stdin root EXPOSE 22 EXPOSE 80 CMD /usr/local/nginx/sbin/nginx;/usr/sbin/sshd -D 2.生成镜像文件 docker build -f ./nginx_dockerfile . -t mynginx:1 3.启动镜像文件,并设置端口映射 docker run -itd --privileged -p 8081:80 -p 8082:22 --name=n1 -v /tmp/nginx:/usr/local/nginx/html mynginx:1 4.验证 [root@gzz~70 test]# pwd /tmp/nginx/test [root@gzz~70 test]# cat index.html <h1>hello </h1> [root@gzz~70 nginx]# ssh 192.168.129.70 -p 8082 The authenticity of host '[192.168.129.70]:8082 ([192.168.129.70]:8082)' can't be established. ECDSA key fingerprint is SHA256:0I3g/RyGQzy/J1mB0nvbdQVVWvxTeUPRMbHUWULVvRE. ECDSA key fingerprint is MD5:5f:f6:be:52:61:fa:34:86:bf:1c:4e:96:69:2b:d5:84. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.129.70]:8082' (ECDSA) to the list of known hosts. root@192.168.129.70's password: [root@bcf3ae511560 ~]# ls anaconda-ks.cfg
docker仓库搭建
机器名 | ip | 作用 |
---|---|---|
docker-server | 192.168.129.70 | docker仓库 |
docker-client | 192.168.129.71 | 运行docker服务的普通服务器 |
服务器配置 拉取仓库镜像 docker pull registry:latest 启动仓库镜像 docker run -itd -p 5000:5000 --name=r1 registry:latest 查看仓库内容 curl -X GET http://192.168.129.70:5000/v2/_catalog 到此,服务器配置完成 从节点配置 [root@gzz~71 lib]# cat /etc/default/docker DOCKER_OPTS="--insecure-registry 192.168.129.70:5000" [root@gzz~71 lib]# cat /lib/systemd/system/docker.service | grep EnvironmentFile EnvironmentFile=-/etc/default/docker 添加主服务器的5000端口 [root@gzz~71 lib]# cat /etc/docker/daemon.json { "registry-mirrors":[ "https://sopn42m9.mirror.aliyuncs.com"], "insecure-registries":["192.168.129.70:5000","192.168.129.70:80"] } 然后重启守护进程,重启docker服务 [root@gzz~71 lib]# systemctl daemon-reload [root@gzz~71 lib]# systemctl restart docker docker pull httpd docker tag httpd:latest 192.168.129.70:5000/httpd docker push 192.168.129.70:5000/httpd 验证 curl -X GET http://192.168.129.70:5000/v2/_catalog docker pull 192.168.129.70:5000/httpd
HARBOR仓库搭建
机器名 | ip | 作用 |
---|---|---|
docker-server | 192.168.129.70 | docker仓库 |
docker-client | 192.168.129.71 | 运行docker服务的普通服务器 |
服务器配置 上传harbor软件包并解压 tar -xf harbor-offline-installer-v1.10.12.tgz [root@gzz~70 harbor]# ls common common.sh docker-compose.yml harbor.v1.10.12.tar.gz harbor.yml install.sh LICENSE prepare [root@gzz~70 harbor]# vi harbor.yml # https related config #https: # https port for harbor, default is 443 #port: 443 # The path of cert and key files for nginx #certificate: /your/certificate/path #private_key: /your/private/key/path [root@gzz~70 harbor]# ./prepare [root@gzz~70 harbor]# ./install.sh 服务启动后 浏览器搜索ip:port进入图形化界面
新建用户
新建仓库,目标地址写服务地址加端口
新建项目,添加成员
上传方式和下载方式和之前一样