docker操作速查

不近视的兔子

已于 2024-01-16 09:40:08 修改

阅读量259

点赞数

分类专栏：配环境文章标签： docker

于 2022-08-10 16:37:37 首次发布

本文链接：https://blog.csdn.net/weixin_43851149/article/details/126259801

版权

配环境专栏收录该内容

3 篇文章 0 订阅

订阅专栏

docker速查

docker 免root

sudo groupadd docker     #添加docker用户组
sudo gpasswd -a $USER docker     #将登陆用户加入到docker用户组中
newgrp docker     #更新用户组
docker ps    #测试docker命令是否可以使用sudo正常使用

创建docker image

docker run -it --entrypoint "/bin/bash" ubuntu:20.04

进入镜像

[zqs@gp-seg2 star]$ docker images
REPOSITORY                                                                 TAG               IMAGE ID       CREATED         SIZE
ubuntu                                                                     20.04             3bc6e9f30f51   8 days ago      72.8MB
[zqs@gp-seg2 star]$  docker run -it --name zqs ubuntu:20.04 /bin/bash

// ubuntu
4. 启动并进入已终止镜像

[zqs@gp-seg2 star]$ docker container start zqs
zqs
[zqs@gp-seg2 star]$ docker exec -it 1256611c9844 bash # exit不会杀死container
root@8e1fc642230d:/# ls

// e0fd11c5f8d8

退出查看容器

[zqs@gp-seg2 star]$ docker ps -a | grep zqs
8e1fc642230d   ubuntu:20.04                                                          "/bin/bash"              4 minutes ago    Exited (127) 42 seconds ago             zqs

docker文件传输

[zqs@gp-seg2 ~]$ docker cp star.tar.bz2 zqs:/root/

多docker文件共享

$ sudo docker volume create zqs-vol
$ sudo docker volume inspect zqs-vol
$ docker run -it --mount source=zqs-vol,target=/home --cpuset-cpus=0,1,2,3,4,5,6,7  --network host --security-opt seccomp=unconfined  --name zqs_0 413366511/ubuntu  /bin/bash

sudo scp -r /var/lib/docker/volumes/zqs-vol-01/_data/star zqs@gp-seg3:/home/docker/volumes/zqs-vol/_data/

image重命名
sudo docker tag 6ee91191d78c 413366511/ubuntu:latest

永远不要把库装到vol里…

注意，vol中的内容是独立存在的，故不会随着image一起被上传至docker hub。
backup 方案：https://docs.docker.com/storage/volumes/

# --rm 本次退出后即删除
# --volumes-from 继承和某容器一样的vol
# -v $(pwd):/backup ： backup的内容会被同步到当前目录
# tar cvf /backup/backup.tar /usr 打包
# 本指令作用： 把 docker 里的 内容拷贝出来至$(pwd)！ 
 docker run --rm --volumes-from dbstore -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /usr

容器转镜像

容器导出镜像为文件(https://blog.csdn.net/jianxuan/article/details/121777006)

[zqs@gp-seg2 packages]$ docker container ls | grep zqs
8e1fc642230d   ubuntu:20.04                                                          "/bin/bash"              31 minutes ago   Up 23 minutes             zqs
[zqs@gp-seg2 packages]$ docker export 8e1fc642230d  > zqs.tar
[zqs@gp-seg2 packages]$ cat zqs.tar | docker import - zqs/ubuntu:v1.0
sha256:67bda18e2789789b9e3c9007dcf1726d24d128aedf657ae7558cf9fe4b89a18f
[zqs@gp-seg2 packages]$ docker image ls | grep zqs
zqs/ubuntu                                                                 v1.0              67bda18e2789   51 seconds ago   635MB

容器制作镜像

docker commit <exiting-Container> <hub-user>/<repo-name>[:<tag>]
docker commit -m "env done"  192e3462d13e 413366511/ubuntu
docker push 413366511/ubuntu:latest

镜像上传（已存在的镜像）

docker tag <existing-image> <hub-user>/<repo-name>[:<tag>] # 这里的tag默认latest
docker push 413366511/ubuntu:latest

2，保存镜像
（1）下面使用 docker save 命令根据 ID 将镜像保存成一个文件。

docker save 0fdf2b4c26d3 > hangge_server.tar
1
（2）我们还可以同时将多个 image 打包成一个文件，比如下面将镜像库中的 postgres 和 mongo 打包：

docker save -o images.tar postgres:9.6 mongo:3.4
1
3，载入镜像
使用 docker load 命令则可将这个镜像文件载入进来。

docker load < hangge_server.tar

vscode 远程调试

sudo chmod 777 /var/run/docker.sock

https://blog.csdn.net/qq_44716044/article/details/125460237

网络通信

https://juejin.cn/post/6844903847383547911

[zqs@gp-seg2 ~]$ docker network create zqs-net
[zqs@gp-seg2 ~]$ docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
e886be26eec8   zqs-net   bridge    local
[zqs@gp-seg2 ~]$ docker network connect zqs-net zqs
[zqs@gp-seg2 ~]$ docker network inspect zqs-net
	...
	"Containers": {
		"192e3462d13efd3b5970da4ed03c8d041e3dde908a2d5f4e7f53d088505180fe": {
			"IPv4Address": "172.18.0.2/16",
		"e0fd11c5f8d82d0415c8d04fb1e18f079b1d25568384392fea72c7d2a0395658": {
			"IPv4Address": "172.18.0.3/16",
	...

参考资料：https://yeasy.gitbook.io/docker_practice/container/import_export

lscpu

限制资源
https://www.cnblogs.com/sparkdev/p/8052522.html

修改docker的默认路径
sudo vim /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "registry-mirrors": [
        "https://9cpn8tt6.mirror.aliyuncs.com",
        "https://registry.docker-cn.com",
        "https://registry.cn-hangzhou.aliyuncs.com"],
  "graph": "/home/docker"
}

sudo systemctl stop docker
sudo systemctl start docker

3. 程序运行与编译

新增接口pb更新go文件remake the proto

protoc --go_out . --go-grpc_out . --grpc-gateway_out . ./pb/*.proto

调试将launch.json设置如此即可

{
    // Use IntelliSense to learn about possible attributes.
    // Hover to view descriptions of existing attributes.
    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
            "name": "grpc Server",
            "type": "go",
            "request": "launch",
            "mode": "auto",
            "program": "/Users/qiushi/Project/morningstar/cmd/resource-viewer/main.go",
            "cwd": "/Users/qiushi/Project/morningstar/"
        }
    ]
}

运行成功后可以测试接口
http and grpc test

// debug mode 
// grpc test
grpcurl -plaintext 0.0.0.0:10000 pb.ResourceViewerService.GetClusterResourceStatistics 
// http test
curl -X GET http://0.0.0.0:10000/v1/resource/GetClusterResourceStatistics
wget -q -O - http://0.0.0.0:10000/v1/resource/GetClusterResourceStatistics

4. 如何部署

4.1 打包镜像

build the docker image

# 可以在开发机上build 并 push 到 docker hub
docker build -f build/resource-viewer/server/Dockerfile  -t docker-reg.devops.xiaohongshu.com/shequ/zqs_resource-viewer-server:v0.1 .
docker push docker-reg.devops.xiaohongshu.com/shequ/zqs_resource-viewer-server:v0.1
# 进入容器看是否正常运作
docker run -d -p 10000:10000  --name zqs resource-viewer-server:latest # test at local if you need

4.2 部署服务

4.2.1 本地部署 - on MacOS

deploy the k8s
采用minikube进行模拟参考链接：https://minikube.sigs.k8s.io/docs/handbook/accessing/

minikube start # 启动集群
minikube tunnel # 打开代理，不然 service external ip 绑不上
# 先部署pod
# 需要修改 其中的 image: 和push 上去的image 保持一致
kubectl apply -f ./deploy/resource-viewer/resource-viewer-dep-local.yaml  
kubectl get pod -n tahiti-system
kubectl get deploy -n tahiti-system
# 进去检查一下 服务是否可以连接
kubectl exec -it  tahiti-rednodefolio-resource-viewer-5576dc8cf5-ckd9h -n tahiti-system -- /bin/sh

# 然后部署service
kubectl apply -f ./deploy/resource-viewer/resource-viewer-svc-sit.yaml
kubectl get service -n tahiti-system


# other command for test
kubectl delete deployment tahiti-rednodefolio-resource-viewer -n tahiti-system 
kubectl delete service tahiti-rednodefolio-resource-viewer -n tahiti-system
# kubectl create deployment tahiti-rednodefolio-resource-viewer --image=docker-reg.devops.xiaohongshu.com/shequ/zqs_resource-viewer-server:v0.1 -n tahiti-system

apt-get install cgroupfs-mount
cgroupfs-umount
cgroupfs-mount

vim /etc/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd  -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375 --data-root /home/docker
ExecReload=/bin/kill -s HUP $MAINPID

docker pull 413366511/ubuntu