部署docker
www.docker.com
卸载旧版本
[root@pg ~]# yum remove docker \
> docker-client \
> docker-client-latest \
> docker-common \
> docker-latest \
> docker-latest-logrotate \
> docker-logrotate \
> docker-engine
安装yum-utils获取yum-config-manager
[root@pg ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
通过yum-config-manager获取docker-ce.repo
[root@pg ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
[root@pg ~]# ls /etc/yum.repos.d/
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Sources.repo docker-ce.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-SCLo-scl-rh.repo CentOS-Vault.repo pgdg-redhat-all.repo
安装docker-ce
[root@pg ~]# yum repolist 显示所有可用仓库
=======================================
[root@pg ~]# yum list | grep docker-ce
containerd.io.x86_64 1.6.16-3.1.el7 docker-ce-stable
docker-buildx-plugin.x86_64 0.10.2-1.el7 docker-ce-stable
docker-ce.x86_64 3:23.0.0-1.el7 docker-ce-stable
docker-ce-cli.x86_64 1:23.0.0-1.el7 docker-ce-stable
docker-ce-rootless-extras.x86_64 23.0.0-1.el7 docker-ce-stable
docker-ce-selinux.noarch 17.03.3.ce-1.el7 docker-ce-stable
docker-compose-plugin.x86_64 2.15.1-3.el7 docker-ce-stable
docker-scan-plugin.x86_64 0.23.0-3.el7 docker-ce-stable
[root@pg ~]# yum -y install docker-ce
[root@pg ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
==================================================================
[root@pg ~]# docker version
Client: Docker Engine - Community
Version: 23.0.0
API version: 1.42
Go version: go1.19.5
Git commit: e92dd87
Built: Wed Feb 1 17:49:02 2023
OS/Arch: linux/amd64
Context: default
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
需启动docker服务
==================================================================
[root@pg ~]# systemctl start docker
[root@pg ~]# docker version
Client: Docker Engine - Community
Version: 23.0.0
API version: 1.42
Go version: go1.19.5
Git commit: e92dd87
Built: Wed Feb 1 17:49:02 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 23.0.0
API version: 1.42 (minimum version 1.12)
Go version: go1.19.5
Git commit: d7573ab
Built: Wed Feb 1 17:46:49 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.16
GitCommit: 31aa4358a36870b21a992d3ad2bef29e1d693bec
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
使用docker管理容器
容器&镜像&仓库&daemon&client之间的关系
验证本地是否有镜像
[root@pg ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@pg ~]#
===============================================
本地没有镜像,需要去search镜像
仓库:dockerhub
[root@pg ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos DEPRECATED; The official build of CentOS. 7478 [OK]
===============================================
本地没有镜像,需要下载镜像到本地
[root@pg ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Downloading [======> ] 11.31MB/83.52MB
docker daemon管理
远程管理docker daemon充分条件
把 docker client与docker daemon分开部署
通过第三方软件管理docker daemon创建的容器
第一步:关闭docker daemon
修改docker配置文件前,请先关闭docker守护进程
[root@pg ~]# systemctl stop docker
第二步:修改docker daemon配置文件
如果想使用/etc/docker/daemon.json管理docker daemon,默认情况下,/etc/docker目录中并没有daemon.json
文件,添加后会导致docker daemon无法启动,在添加daemon.json文件之前,请先修改如下文件内容:
修改前:
[root@localhost ~]#vim /usr/lib/systemd/system/docker.service
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H unix:// #删除-H(含)后面所有内容
修改后:
[root@localhost ~]#vim /usr/lib/systemd/system/docker.service
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
第三步:加载配置文件
修改完成后,一定要加载此配置文件
[root@pg ~]# systemctl daemon-reload
第四步:重新开启docker守护进程
[root@pg ~]# systemctl start docker
第五步:添加配置文件对docker daemon配置
通过/etc/docker/daemon.json文件对docker守护进程文件进行配置
[root@localhost ~]#cd /etc/docker
[root@localhost docker]#vim daemon.json
{
"hosts": ["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"]
}
[root@localhost ~]#ss -anput | grep ":2375"
[root@localhost ~]#ls /var/run
docker.sock
[root@localhost ~]# systemctl restart docker
第六步:实例远程连接方法
[root@localhost ~]# docker -H 远程容器主机 version
docker命令介绍
[root@pg ~]# docker --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Common Commands:
run Create and run a new container from an image
exec Execute a command in a running container
ps List containers
Management Commands: 管理命令
builder Manage builds
buildx* Docker Buildx (Docker Inc., v0.10.2)
compose* Docker Compose (Docker Inc., v2.15.1)
Commands: 普通命令
attach Attach local standard input, output, and error streams to a runnin
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
Global Options:
--config string Location of client config files (default "/root/.dock
-c, --context string Name of the context to use to connect to the daemon (
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
docker命令行实现容器管理
容器镜像分类
系统镜像
应用镜像
普通命令
[root@pg ~]# docker search centos
#获取镜像(pull)
获取镜像(pull)
普通命令
[root@pg ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Downloading [======> ] 11.31MB/83.52MB
管理命令
[root@pg ~]# docker image pull centos
Using default tag: latest
latest: Pulling from library/centos
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Image is up to date for centos:latest
docker.io/library/centos:latest
给本地容器打包
以下为镜像打包
[root@pg ~]# docker save --help
Usage: docker save [OPTIONS] IMAGE [IMAGE...]
Save one or more images to a tar archive (streamed to STDOUT by default)
Aliases:
docker image save, docker save
Options:
-o, --output string Write to a file, instead of STDOUT
========================================================
[root@pg ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 16 months ago 231MB
======================================================
[root@pg ~]# docker save -o centos.tar centos:latest
[root@pg ~]# ls
centos.tar dir1 dir2
======================================================
[root@pg ~]# scp centos.tar root@192.168.56.168:/root/
The authenticity of host '192.168.56.168 (192.168.56.168)' can't be established.
ECDSA key fingerprint is SHA256:Y/UDQsBiSRQJDMQeZiret+JcWKFnfMF6B5IYsu3iP58.
ECDSA key fingerprint is MD5:c3:38:88:85:6c:b8:f8:10:c7:7e:f1:39:e1:55:5f:40.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.56.168' (ECDSA) to the list of known hosts.
root@192.168.56.168's password:
centos.tar
#导入到本地目录
[root@pg ~]# docker load --help
Usage: docker load [OPTIONS]
Load an image from a tar archive or STDIN
Aliases:
docker image load, docker load
Options:
-i, --input string Read from tar archive file, instead of STDIN
-q, --quiet Suppress the load output
===========================================
启动容器
启动一个运行bash命令的容器
[root@bogon ~]# docker run -it --name=c1 centos:latest /bin/bash
或者
[root@bogon ~]# docker container run -it --name=c2 centos:latest /bin/bash
启动一个运行httpd服务的容器
#在容器中安装httpd
[root@9cea44486b1c /]# yum -y install httpd
Failed to set locale, defaulting to C.UTF-8
CentOS Linux 8 - AppStream 96 B/s | 38 B 00:00
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
解决问题:
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum makecache
yum update -y
yum -y install vim
=====================================================================================
[root@9cea44486b1c yum.repos.d]# yum -y install httpd
[root@9cea44486b1c ~]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
httpd (pid 435) already running
[root@9cea44486b1c ~]# ss -nltp | grep httpd
LISTEN 0 128 0.0.0.0:80 0.0.0.0:* users:(("httpd",pid=435,fd=3))
#基于容器生成文件导入为容器镜像
导出
[root@pg ~]# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9cea44486b1c centos:latest "/bin/bash" 16 minutes ago Exited (0) About a minute ago c2
f2facdd33a05 centos:latest "/bin/bash" 22 minutes ago Exited (0) 16 minutes ago c1
[root@bogon ~]# docker export --help
Usage: docker export [OPTIONS] CONTAINER
Export a container's filesystem as a tar archive
Options:
-o, --output string Write to a file, instead of STDOUT
[root@bogon ~]# docker export -o centos-httpd.tar c3
[root@pg ~]# docker export -o centos-httpd.tar c2
[root@pg ~]# ls
centos-httpd.tar centos.tar dir1 dir2
=============================================
[root@bogon ~]# docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Options:
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Set commit message for imported image
======================================================
[root@pg ~]# docker import -m httpd centos-httpd.tar centos-httpd:v1
sha256:a4d8e256efdcec64d47d98178c16b546a596f5170b053502a4ef85b61ff943d7
[root@pg ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 a4d8e256efdc 45 seconds ago 351MB
centos latest 5d0da3dc9764 16 months ago 231MB
[root@pg ~]# docker history centos-httpd:v1
IMAGE CREATED CREATED BY SIZE COMMENT
a4d8e256efdc About a minute ago 351MB httpd
==============================================================
#这就是注释
[root@pg ~]# docker run -it --name c4 centos-httpd:v1 /bin/bash
[root@142cb63da40b /]#
[root@142cb63da40b /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
httpd (pid 18) already running
导入>
[root@pg ~]# docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Aliases:
docker image import, docker import
Options:
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Set commit message for imported image
--platform string Set platform if server is multi-platform capable
==========================================================
[root@pg ~]# docker import -m httpd centos-httpd.tar centos-httpd:v2
sha256:53811f7e44316999ba9612f570900978a248284d2f2bf4ef947083147a32d42d
[root@pg ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v2 53811f7e4431 12 seconds ago 351MB
centos-httpd v1 a4d8e256efdc 2 hours ago 351MB
centos latest 5d0da3dc9764 16 months ago 231MB
[root@pg ~]# docker run -it --name c5 centos-httpd:v1 /bin/bash
[root@00fc407b6888 /]#
#查看docker状态
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 14 minutes ago Exited (0) 13 minutes ago c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Exited (0) 2 hours ago c4
9cea44486b1c centos:latest "/bin/bash" 2 hours ago Exited (0) 2 hours ago c2
f2facdd33a05 centos:latest "/bin/bash" 2 hours ago Exited (0) 2 hours ago c1
=====================================================================================
[root@pg ~]# docker restart $(docker ps -a -q)
00fc407b6888
142cb63da40b
9cea44486b1c
f2facdd33a05
[root@pg ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 18 minutes ago Up 6 seconds c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 5 seconds c4
9cea44486b1c centos:latest "/bin/bash" 2 hours ago Up 5 seconds c2
f2facdd33a05 centos:latest "/bin/bash" 2 hours ago Up 4 seconds c1
查看容器IP地址
[root@pg ~]# ip a s
6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:e3:ec:26:fe brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e3ff:feec:26fe/64 scope link
valid_lft forever preferred_lft forever
#容器默认连接的网桥
==========================================================
[root@pg ~]# docker exec -it c4 /bin/bash
[root@142cb63da40b /]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
17: eth0@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
#由docker0网桥分配
[root@142cb63da40b /]#
===============================================================
[root@pg ~]# docker inspect c2 #查看容器详细信息
[root@pg ~]# docker exec c2 ip a s
#停止运行中的容器
[root@pg ~]# docker ps docker ps #查看正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 24 minutes ago Up 5 minutes c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 5 minutes c4
9cea44486b1c centos:latest "/bin/bash" 2 hours ago Up 5 minutes c2
f2facdd33a05 centos:latest "/bin/bash" 3 hours ago Up 5 minutes c1
===============================================================
[root@pg ~]# docker stop c1 c2
c1
c2
[root@pg ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 25 minutes ago Up 6 minutes c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 6 minutes c4
#开启已经停止的容器
[root@pg ~]# docker start c1 c2
c1
c2
[root@pg ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 26 minutes ago Up 7 minutes c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 7 minutes c4
9cea44486b1c centos:latest "/bin/bash" 2 hours ago Up 1 second c2
f2facdd33a05 centos:latest "/bin/bash" 3 hours ago Up 2 seconds c1
#删除已经停止的容器
[root@pg ~]# docker stop c1 c2
c1
c2
[root@pg ~]# docker rm c1 c2
c1
c2
[root@pg ~]# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 28 minutes ago Up 9 minutes c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 9 minutes c4
容器端口映射
[root@pg ~]# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00fc407b6888 centos-httpd:v1 "/bin/bash" 33 minutes ago Up 14 minutes c5
142cb63da40b centos-httpd:v1 "/bin/bash" 2 hours ago Up 14 minutes c4
============================================================================
[root@pg ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v2 53811f7e4431 35 minutes ago 351MB
centos-httpd v1 a4d8e256efdc 2 hours ago 351MB
centos latest 5d0da3dc9764 16 months ago 231MB
===========================================================================
[root@pg ~]# docker run -it -p 80:80 --name c101 centos-httpd:v1 /bin/bash
[root@a12cb79ff2a0 /]# echo "197-0.2-webpage" >> /var/www/html/index.html
[root@a12cb79ff2a0 /]# echo "197-0.2-webpage" >> /var/www/html/index.html
[root@a12cb79ff2a0 /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.4. Set the 'ServerName' directive globally to suppress this message
[root@a12cb79ff2a0 /]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
31: eth0@if32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
[root@a12cb79ff2a0 /]# curl http://172.17.0.4
197-0.2-webpage
197-0.2-webpage
================================================================================
#在容器主机上访问容器IP
[root@pg ~]# curl http://172.17.0.4
197-0.2-webpage
197-0.2-webpage
容器使用Docker Host存储数据
在Docker Host创建用于存储目录
[root@pg ~]# mkdir /opt/cvolume
#运行容器并挂载上述目录
[root@pg ~]# docker run -it -v /opt/cvloume:/data --name c103 centos:latest
[root@pg ~]# mkdir /opt/cvolume
[root@pg ~]# docker run -it -v /opt/cvloume:/data --name c103 centos:latest /bin/bash
[root@9ce4959a6cc7 /]# ls
bin data dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
案例:运行在容器中的http服务,使用docker host的/web目录中的网页文件,并能够在doker host上进行修改,修
改后立即生效。
第一步:创建/web并添加网页文件
[root@pg ~]# mkdir /web
[root@pg ~]# echo "web" >> /web/index.html
第二步:启动容器对/web目录进行挂载
[root@pg ~]# docker run -it -p 8080:80/tcp -v /web:/var/www/html --name c200 centos-httpd:v1 /bin/bash
[root@fabcc4c832a7 /]# ls /var/www/html
index.html
第三步:访问http(在192.168.50)
[root@pg ~]# docker start c200
c200
[root@pg ~]# docker exec c200 ip a s
39: eth0@if40: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:05 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.5/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
===================================================================================
[root@pg ~]# curl http://172.17.0.5:80
web
[root@pg ~]# curl http://192.168.56.150:8080
web
同步容器与docker host时间
[root@pg ~]# docker run -it -v /etc/localtime:/etc/localtime centos:latest /bin/bash
[root@cd4311d94f0e /]# date
Tue Feb 7 15:09:12 CST 2023
在容器外执行容器内命令
[root@pg ~]# docker exec c101 ls /
bin
boot
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin