云计算Docker实践 - 学习笔记

一. Docker介绍和安装


1.Docker的组成结构:

这里写图片描述

2.Docker和Openstack对比:

这里写图片描述

3.安装Docker服务:

yum install docker
systemctl start docker

二. Docker镜像和容器管理


这里写图片描述

这里写图片描述

1.下载Docker的centos官方镜像:

docker pull centos
docker images

2.Docker的官方镜像导出和导入:

docker save centos >/tmp/centos.tar.gz
docker load < /tmp/centos.tar.gz

3.删除镜像(如果创建了容器就不能删除):

docker rmi a8493f5f50ff

4.使用centos镜像创建一个容器并运行一条命令:

docker run centos /bin/echo "hello world"
docker ps -a         #查看所有容器进程

5.创建centos镜像的一个容器:

docker run --name mydocker -t -i centos /bin/bash
--name: 容器的名称
-t: 分配一个伪终端tty
-i: 让容器的标准输出保持打开
centos: 代表镜像名称,如果没有会自动下载
/bin/bash: 容器要执行的命令

6.启动并进入一个docker的容器:

docker start 5dff8e600d59
docker attach 5dff8e600d59

7.获取docker进程的PID:

docker inspect --format "{{.State.Pid}}" 5dff8e600d59

8.通过nsenter进入容器:

nsenter -t 4851 -m -u -i -n -p     #"4851"是上面命令获取的进程PID值(这样退出就不会终止容器)

9.通过脚本进入容器:

#!/bin/bash
if [ -z $1 ];then
echo "请输入docker的进程PID或者name!"
else
PID=$(docker inspect --format "{{.State.Pid}}" $1)
echo $PID
nsenter -t ${PID} -m -u -i -n -p
fi

10.删除一个停止的docker容器:

docker rm ab7e0c55cfba

docker run --rm centos /bin/echo "hello "
--rm: 容器停止时自动删除

11.杀掉一个正在运行的容器:

docker kill 5dff8e600d59

三. Docker网络和存储管理


这里写图片描述

这里写图片描述

1.随机端口映射启动nginx容器:

docker run --name mynginx -d -P nginx
-P: 随机端口映射
-d: 放在前台运行

2.指定端口映射启动nginx容器:

docker run --name mynginx -d -p 81:80 nginx

3.创建一个指定磁盘映射的centos容器:

docker run -d --name volume-test2 -v /opt:/opt centos
-v /opt:/opt_1: 将物理机的opt目录挂载到容器里面的opt_1下
-d :不进入容器,放在后台运行

4.挂载其他容器的数据卷启动容器:

 docker run -it --name test1 --volumes-from nfs centos

5.查看docker容器的详细信息:

docker inspect volume-test1

四. Docker手动构建镜像


1.启动centos容器并安装nginx然后制作镜像:

docker commit -m "nginx" 9ad452800f4b wmj/mynginx:v1
-m: 需要制作镜像的名称和id
wmj: dockerhub的用户名,可以随便写
mynginx: 制作后的镜像名称
v1: 版本号

docker run -it --name nginxv1 wmj/mynginx:v1  #启动自定义镜像

2.启动自己制作的nginx容器:

docker run -d -p 82:80 wmj/nginx:v2 nginx

五. Docker-Dockerfile构建镜像


1.编辑自己的nginx镜像构建文件:

vim /root/Dockerfile #文件名不能改

# This docker file
# VERSION 1
# Author: wmj
# Base image
FROM centos

MAINTAINER wmj wmj@163.com

#Commands
RUN rpm -ivh https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
RUN yum install -y nginx
ADD index.html /usr/share/nginx/html/index.html
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
EXPOSE 80
CMD ["nginx"]

vim /root/index.html #随便写点

2.开始构建自定义镜像:

docker build -t wmj/mynginx:v1 /root/
docker run -d -p 83:80 --name mynginx wmj/mynginx:v1   #启动镜像

六. Docker-Registry私有仓库构建


1.安装Docker-Registry:

docker pull registry
docker run -d -p 5000:5000 registry

2.配置https访问:

yum install nginx httpd-tools
vim /etc/nginx/conf.d/docker-registry.conf

upstream docker-registry {
 server localhost:5000;
}
server {
 listen 8080;
 server_name registry.wmj.com;
 ssl on;
 ssl_certificate /etc/ssl/nginx.crt;
 ssl_certificate_key /etc/ssl/nginx.key;
 proxy_set_header Host       $http_host;   # required for Docker client sake
 proxy_set_header X-Real-IP  $remote_addr; # pass on real client IP
 client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
 chunked_transfer_encoding on;
 location / {
     # let Nginx know about our auth file
     auth_basic              "Docker";
     auth_basic_user_file    docker-registry.htpasswd;
     proxy_pass http://docker-registry;
 }
 location /_ping {
     auth_basic off;
     proxy_pass http://docker-registry;
 }
 location /v1/_ping {
     auth_basic off;
     proxy_pass http://docker-registry;
 }
}

# htpasswd -c docker-registry.htpassw wmj #生成http密码

3.手动生成证书:

生成根证书
# cd /etc/pki/CA/
# touch ./{serial,index.txt}
# echo "00" > serial
为CA生成一个私钥
# openssl genrsa -out private/cakey.pem 2048
签发CA证书
# openssl req -new -x509 -key private/cakey.pem -days 3650 cacert.pem

    Country Name (2 letter code) [XX]:CN
    State or Province Name (full name) []:Changsha
    Locality Name (eg, city) [Default City]:Changsha
    Organization Name (eg, company) [Default Company Ltd]:wmj
    Organizational Unit Name (eg, section) []:docker
    Common Name (eg, your name or your server's hostname) []:docker.wmj.com
    Email Address []:admin@wmj.com

生成nginx的key:
# cd /etc/ssl/
# openssl genrsa -out nginx.key 2048
# openssl req -new -key nginx.key -out nginx.csr

    Country Name (2 letter code) [XX]:CN
    State or Province Name (full name) []:Changsha
    Locality Name (eg, city) [Default City]:Changsha
    Organization Name (eg, company) [Default Company Ltd]:wmj
    Organizational Unit Name (eg, section) []:docker
    Common Name (eg, your name or your server's hostname) []:registry.wmj.com
    Email Address []:admin@wmj.com

    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:

签发nginx证书:
# openssl ca -in nginx.csr -days 3650 -out nginx.crt     #按两个Y

让系统接受自签发的证书:
# cat /etc/pki/CA/cacert.pem >> /etc/pki/tls/certs/ca-bundle.crt

4.登陆到Docker-registry:

docker login -u wmj -p 123123 -e admin@wmj.com registry.wmj.com
    -u:  nginx访问用户名

5.上传镜像到私有仓库:

#标记“wmj/nginx:v3”镜像到私有仓库上面
docker tag wmj/nginx:v3 registry.wmj.com:5000/wmj/nginx:latest
docker push registry.wmj.com:5000/wmj/nginx:latest    #上传镜像到私有仓库
docker pull registry.wmj.com:5000/wmj/nginx:latest    #下载镜像

六. docker的web管理软件shipyard


1.让Docker监听tcp端口:

vim /etc/sysconfig/doc
OPTIONS=后面添加:
“-H tcp://0.0.0.0:235 -H unix://var/run/docker.sock”

2.重启并验证:

systemctl restart docker
curl -s 172.16.2.241:235/info |python -mjson.tool

3.一键安装shipyard:

curl -s https://shipyard-project.com/deploy | bash -s

七. 使用 Supervisor 来管理进程


1.通过Dockerfile构建lnmp镜像:

# This docker file
# VERSION 1
# Author: wmj
# Wordpress image
FROM centos

MAINTAINER wmj wmj@163.com

#Commands
RUN rpm -ivh https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
RUN yum install -y nginx net-tools supervisor
RUN yum install -y php php-fpm
RUN yum install -y mariadb mariadb-server
RUN yum install -y php-mysql php-gd libjpeg* php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-bcmath php-mhash
RUN /usr/bin/mysql_install_db --user=mysql
ADD supervisord.conf /etc/supervisord.conf
ADD index.html /usr/share/nginx/html/index.html
ADD test.php /usr/share/nginx/html/test.php
ADD blog.conf /etc/nginx/conf.d/blog.conf
ADD wordpress-4.7.3-zh_CN.tar.gz /usr/share/nginx/html/
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
EXPOSE 81 3306
CMD ["/usr/bin/supervisord"]

vim supervisord.conf

[supervisord]
nodaemon=true
[program:nginx]
command=/usr/sbin/nginx
[program:php-fpm]
command=/usr/sbin/php-fpm
[program:mysql]
command=/usr/bin/mysqld_safe
阅读更多
版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/wmj2004/article/details/70085673
个人分类: 虚拟化 学习笔记
上一篇自动化部署 - 学习笔记
下一篇Nginx环境ssl配置+手动生成证书
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭