Docker
参考笔记:狂神说docker笔记
1、Docker概述
Docker 是一个用于开发、传送和运行应用程序的开放平台。Docker 使您能够将应用程序与基础设施分开,以便您可以快速交付软件。使用 Docker,您可以像管理应用程序一样管理基础设施。通过利用 Docker 的快速交付、测试和部署代码的方法,您可以显着减少编写代码和在生产中运行代码之间的延迟。
2、使用Docker能做什么?
考虑到以下的场景:
- Web应用的自动化打包和发布,自动化测试和持续集成、发布;
- 在服务型环境中部署和调整数据库或其他的后台应用;
- 从头编译或者扩展现有的 OpenShift 或 Cloud Foundry 平台来搭建自己的 PaaS 环境。
3、容器
3.1、容器
一句话概括容器:容器就是将软件打包成标准化单元,以用于开发、交付和部署。
3.2、虚拟化与容器化技术
3.2.1、LXC(Linux Containers)
虚拟化容器技术是一种基于操作系统层的虚拟化技术,共享linux中的内核空间,它可以将应用程序软件打包放在一个独立的容器空间中,其中包含了代码、运行时需要的依赖库和文件。通过统一的命名空间和公用API来分配硬件资源,创建出可独立运行的沙箱环境。---->Docker的工作原理
LXC是基于CGroup与Name Spaces来实现的;
CGroup:是Linux内核中一种用来阻隔进行组资源的限制机制;Name Spaces:是linux内核中用来阻隔内核资源的方式,内核中各自的进行是不知道其他进程的存在的;
两者之间的区别:
虽然都是linux内核用来阻隔进程的,name spaces是用来将进程与进程进行相互隔离,cgroup是对一组进程资源进行统一的限制与监控;
4、Docker的组成
1、基本组成
Docker中的生命周期以及基本组成成分:
- 镜像: docker镜像就好比是一个工作模板,可以通过模板来创建容器服务,也可创建多个容器,最终应用程序的运行就是在容器中的;
- 容器:可以用来运行一个或一组应用,提供的start、stop、restart、命令,相当于一个小型的linux;
- 仓库:就是存放镜像的地方,有国外的Docker Hub(默认的);也有阿里云的(可配置镜像加速器)
容器与镜像之间的关系
2、docker工作原理
- 外部的DockerFile文件通过docker中的容器数据卷构建到镜像中,形成一个小型的文件系统;
- 镜像中也可以将文件保存为tar压缩文件,以及进行加载压缩文件;
- docker中也可以从远程仓库中拉去以及推送镜像文件,可以是国外镜像也可以是国内镜像;
- 在docker中将镜像文件在容器中运行,运行的文件内容或者是日志信息也可提交到镜像中,再通过容器数据卷将日志文件复制到宿主机中;
3、底层工作原理
docker是通过使用客户端/服务器(c/s架构),使用远程API来进行调用;Docker的守护进程在宿主机中,通过Socket从客户端进行访问,Docker接收到Docker-client的指令,就会执行这个命令;
4、Docker为什么比VM快
- Docker有着比虚拟主机更少的抽象层,docker并不是真正意义上的操作系统,内部没有复杂的操作运行流程;
- docker利用的是宿主机的内核完成进程执行;
5、Docker的安装
5.1、查看系统内核和系统信息
一般要3.0以上
uname -r #查看系统内核版本
cat /etc/os-release #查看系统版本
5.2、开始安装Docker
5.2.1、卸载旧的docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
5.2.2、下载依赖安装包
yum install -y yum-utils
5.2.3、可以配置阿里镜像仓库(默认国外)
#国外的地址
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
# 设置阿里云的Docker镜像仓库
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
5.2.4、更新yum软件资源包
yum makecache fast
5.2.5、下载docker
yum install docker-ce docker-ce-cli containerd.io # 安装社区版
yum install docker-ee docker-ee-cli containerd.io # 安装企业版
5.2.6、启动docker
systemctl start docker # 启动Docker
docker version # 查看当前版本号,是否启动成功
systemctl enable docker # 设置开机自启动
6、Docker的HelloWorld
docker run hello-world
#Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:9ade9cc2e26189a19c2e8854b9c8f1e14829b51c55a630ee675a5a9540ef6ccf
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
7、Docker运行流程
7.1、启动流程
8、Docker常用命令
命令的帮助文档地址:https://docs.docker.com/engine/reference/commandline/docker/
8.1 基本命令
命令:
docker version #查看docker的版本信息
docker info #查看docker的系统信息,包括镜像和容器的数量
docker 命令 --help #帮助命令(可查看可选的参数)
docker COMMAND --help
8.2 镜像命令
8.2.1 docker images 查看本地主机的所有镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 2 weeks ago 13.3kB
列表参数介绍:
1.REPOSITORY 镜像的仓库源
2.TAG 镜像的标签
3.IMAGE ID 镜像的id
4.CREATED 镜像的创建时间
5.SIZE 镜像的大小
8.2.2 docker search 搜索镜像
[root@localhost ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 11521 [OK]
mariadb MariaDB Server is a high performing open sou… 4373 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 851 [OK]
phpmyadmin phpMyAdmin - A web interface for MySQL and M… 342 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 91
mysql/mysql-cluster Experimental MySQL Cluster Docker images. Cr… 88
centurylink/mysql Image containing mysql. Optimized to be link… 59 [OK]
databack/mysql-backup Back up mysql databases to... anywhere! 51
prom/mysqld-exporter 42 [OK]
deitch/mysql-backup REPLACED! Please use http://hub.docker.com/r… 41 [OK]
tutum/mysql Base docker image to run a MySQL database se… 35
linuxserver/mysql A Mysql container, brought to you by LinuxSe… 32
schickling/mysql-backup-s3 Backup MySQL to S3 (supports periodic backup… 31 [OK]
mysql/mysql-router MySQL Router provides transparent routing be… 23
centos/mysql-56-centos7 MySQL 5.6 SQL database server 20
arey/mysql-client Run a MySQL client from a docker container 18 [OK]
fradelg/mysql-cron-backup MySQL/MariaDB database backup using cron tas… 16 [OK]
genschsa/mysql-employees MySQL Employee Sample Database 7 [OK]
yloeffler/mysql-backup This image runs mysqldump to backup data usi… 7 [OK]
openshift/mysql-55-centos7 DEPRECATED: A Centos7 based MySQL v5.5 image… 6
devilbox/mysql Retagged MySQL, MariaDB and PerconaDB offici… 3
ansibleplaybookbundle/mysql-apb An APB which deploys RHSCL MySQL 2 [OK]
jelastic/mysql An image of the MySQL database server mainta… 2
widdpim/mysql-client Dockerized MySQL Client (5.7) including Curl… 1 [OK]
centos/mysql-80-centos7 MySQL 8.0 SQL database server 1
8.2.3 docker pull 镜像名[:tag] 下载镜像
[root@iZ1608aqb7ntn9Z /]# docker pull mysql:5.7
5.7: Pulling from library/mysql
33847f680f63: Pull complete
5cb67864e624: Pull complete
1a2b594783f5: Pull complete
b30e406dd925: Pull complete
48901e306e4c: Pull complete
603d2b7147fd: Pull complete
802aa684c1c4: Pull complete
5b5a19178915: Pull complete
f9ce7411c6e4: Pull complete
f51f6977d9b2: Pull complete
aeb6b16ce012: Pull complete
Digest: sha256:be70d18aedc37927293e7947c8de41ae6490ecd4c79df1db40d1b5b5af7d9596
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
8.2.4 docker rmi 删除镜像
#1.删除指定的镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f 镜像id
#2.删除多个镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f 镜像id 镜像id 镜像id
#3.删除全部的镜像id
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker rmi -f $(docker images -aq)
8.3 容器命令
8.3.1 docker run [可选参数] image 运行容器
docker run [可选参数] image
#参数说明
--name="名字" 指定容器名字
-d 后台方式运行
-it 使用交互方式运行,进入容器查看内容
-p 指定容器的端口
( -p ip:主机端口:容器端口 配置主机端口映射到容器端口
-p 主机端口:容器端口
-p 容器端口)
-P 随机指定端口(大写的P)
8.3.2 进入容器
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker run -it [容器ID] /bin/bash
8.3.3 exit 退出容器
#exit 停止并退出容器(后台方式运行则仅退出)
#Ctrl+P+Q 不停止容器退出
[root@bd1b8900c547 /]# exit
exit
[root@iZwz99sm8v95sckz8bd2c4Z ~]#
8.3.4 docker ps列出容器
#docker ps
# 列出当前正在运行的容器
-a # 列出所有容器的运行记录
-n=? # 显示最近创建的n个容器
-q # 只显示容器的编号
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bca129320bb5 centos "/bin/bash" 4 minutes ago Exited (0) 3 minutes ago optimistic_shtern
bd1b8900c547 centos "/bin/bash" 6 minutes ago Exited (0) 5 minutes ago cool_tesla
cf6adbf1b506 bf756fb1ae65 "/hello" 5 hours ago Exited (0) 5 hours ago optimistic_darwin
8.3.5 删除容器
docker rm 容器id #删除指定的容器,不能删除正在运行的容器,强制删除使用 rm -f
docker rm -f $(docker ps -aq) #删除所有的容器
docker ps -a -q|xargs docker rm #删除所有的容器
8.3.6 启动和重启容器命令
docker start 容器id #启动容器
docker restart 容器id #重启容器
docker stop 容器id #停止当前运行的容器
docker kill 容器id #强制停止当前容器
8.4 其他命令
8.4.1 查看日志
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
-n, --tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
常用:
docker logs -tf 容器id
docker logs --tail number 容器id #num为要显示的日志条数
#docker容器后台运行,必须要有一个前台的进程,否则会自动停止
#编写shell脚本循环执行,使得centos容器保持运行状态
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker run -d centos /bin/sh -c "while true;do echo hi;sleep 5;done"
c703b5b1911ff84d584390263a35707b6024816e1f46542b61918a6327a570dc
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c703b5b1911f centos "/bin/sh -c 'while t…" 13 seconds ago Up 10 seconds pedantic_banach
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker logs -tf --tail 10 c703b5b1911f
2020-12-27T03:34:07.255599560Z hi
2020-12-27T03:34:12.257641517Z hi
2020-12-27T03:34:17.259706294Z hi
2020-12-27T03:34:22.261693707Z hi
2020-12-27T03:34:27.262609289Z hi
2020-12-27T03:34:32.267862677Z hi
2020-12-27T03:34:37.270382873Z hi
2020-12-27T03:34:42.272414182Z hi
2020-12-27T03:34:47.274823243Z hi
2020-12-27T03:34:52.277419274Z hi
8.4.2 查看容器中进程信息
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker top c703b5b1911f
UID PID PPID C STIME TTY TIME CMD
root 11156 11135 0 11:31 ? 00:00:00 /bin/sh -c while true;do echo hi;sleep 5;done
root 11886 11156 0 11:43 ? 00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 5
8.4.3 查看容器的元数据
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker top c703b5b1911f
UID PID PPID C STIME TTY TIME CMD
root 11156 11135 0 11:31 ? 00:00:00 /bin/sh -c while true;do echo hi;sleep 5;done
root 11886 11156 0 11:43 ? 00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 5
8.4.4 进入当前正在运行的容器
方式一:
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker exec -it c703b5b1911f /bin/bash
[root@c703b5b1911f /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@c703b5b1911f /]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 03:31 ? 00:00:00 /bin/sh -c while true;do echo hi;sleep 5;done
root 279 0 0 03:54 pts/0 00:00:00 /bin/bash
root 315 1 0 03:56 ? 00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 5
root 316 279 0 03:56 pts/0 00:00:00 ps -ef
方式二:
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker attach c703b5b1911f
docker exec 进入容器后开启一个新的终端,可以在里面操作
docker attach 进入容器正在执行的终端,不会启动新的进程
8.4.5 拷贝容器文件到主机
拷贝容器的文件到主机中
docker cp 容器id:容器内路径 目的主机路径
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker exec -it c703b5b1911f /bin/bash
[root@c703b5b1911f /]# cd home
[root@c703b5b1911f home]# ls
#touch 新建文件
[root@c703b5b1911f home]# touch test.java
[root@c703b5b1911f home]# ls
test.java
[root@c703b5b1911f home]# exit
exit
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c703b5b1911f centos "/bin/sh -c 'while t…" 35 minutes ago Up 35 minutes pedantic_banach
[root@iZwz99sm8v95sckz8bd2c4Z ~]# docker cp c703b5b1911f:/home/test.java /home
[root@iZwz99sm8v95sckz8bd2c4Z ~]# ls /home
hai pan test.java
8.5 常用命令小结
9、Docker图形化管理工具
9.1 Docker UI
命令:
docker search dockerui
docker pull abh1nav/dockerui
docker run -d --privileged --name dockerui -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock abh1nav/dockerui
#放开物理机的9000端口对应Docker容器的9000端口
[root@iZ1608aqb7ntn9Z /]# docker search dockerui
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
abh1nav/dockerui An updated version of crosbymichael/dockerui… 99 [OK]
kevan/dockerui Deprecated: Use uifd/ui-for-docker 15 [OK]
microbox/dockerui Trusted Automated dockerui image (16MB size) 8 ......
[root@iZ1608aqb7ntn9Z /]# docker pull abh1nav/dockerui
Using default tag: latest
latest: Pulling from abh1nav/dockerui
Image docker.io/abh1nav/dockerui:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
a3ed95caeb02: Pull complete
5d3df020ecd3: Pull complete
bebf5a3b4dfb: Pull complete
e4452c0fe72b: Pull complete
6167d9726b07: Pull complete
53ebae19a314: Pull complete
Digest: sha256:a9c6c5393f561a0f42f41cfa80572b666e745d9b419569c42bac1e5cf9ceda32
Status: Downloaded newer image for abh1nav/dockerui:latest
docker.io/abh1nav/dockerui:latest
[root@iZ1608aqb7ntn9Z /]# docker run -d --privileged --name dockerui -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock abh1nav/dockerui
e2352bcf98475e17e4d25cd2f30324c4bd1465927b2452126c94d03052a11c91
使用:
访问:http://ip地址:9000
10、常见服务部署
10.1、Nginx部署
docker search nginx #在docker hub中搜索Nginx镜像
docker pull nginx #拉取镜像
docker run -d --name nginx -p 9000:80 nginx #docker 运行镜像
#-d 在后台运行
# --name 为容器取名字
# -p 映射宿主机端口到容器的80端口
[root@localhost ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 15611 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2074 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 818 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 253
linuxserver/nginx An Nginx container, brought to you by LinuxS… 157
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 141 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 140 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 109 [OK]
jasonrivers/nginx-rtmp Docker images to host RTMP streams using NGI… 94 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co… 74 [OK]
privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 57 [OK]
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 55
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 54
staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 25 [OK]
nginxproxy/nginx-proxy Automated Nginx reverse proxy for docker con… 23
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 21
schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK]
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 15
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13
raulr/nginx-wordpress Nginx front-end for the official wordpress:f… 13 [OK]
flashspys/nginx-static Super Lightweight Nginx Image 11 [OK]
mailu/nginx Mailu nginx frontend 9 [OK]
sophos/nginx-vts-exporter Simple server that scrapes Nginx vts stats a… 7 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 2 [OK]
wodby/nginx Generic nginx 1 [OK]
[root@localhost ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
b380bbd43752: Pull complete
fca7e12d1754: Pull complete
745ab57616cb: Pull complete
a4723e260b6f: Pull complete
1c84ebdff681: Pull complete
858292fd2e56: Pull complete
Digest: sha256:bf39e2aa20d5a3650d6fd3f3c94567909ea9a4f37195e144cdb2472804a2c39a
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost ~]# docker run -d --name nginx -p 9000:80 nginx
c23d8021c1143dbf6c1f80fcbda9f8140e1b174afd219ecd3577c80cdd0f5395
[root@localhost ~]# docker [s
docker: '[s' is not a docker command.
See 'docker --help'
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c23d8021c114 nginx "/docker-entrypoint.…" 11 seconds ago Up 10 seconds 0.0.0.0:9000->80/tcp, :::9000->80/tcp nginx
10.1.2、测试
11、Docker镜像
11.1、联合文件系统
联合文件系统(Union File System)又称AUFS(Another UFS):就是将不同物理位置的目录合并到同一个文件系统下,docker就是利用了这个特点实现了镜像层的重叠,容器层的存储和显示层的展示;
Union File System的工作原理
从图中可以看到,文件系统中分别存在X文件中的A目录、Y文件中的B目录,联合文件系统将AB目录进行组合成新的目录并挂载在Z文件系统中,其目的就是将文件进行合并组成新的统一视图;
从图中可以看到在联合文件中删除了B文件,并在A文件中新增了Hello内容,可以看出,在X文件系统中,可以显示B文件目录被删除了,A文件新增了Hello内容,而Y文件中不做任何修改;这是因为在联合文件系统中,只有第一个文件有修改,添加的权利,其他的文件read-only只读;
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 87a94228f133 4 hours ago 133MB
hello-world latest feb5d9fea6a5 2 weeks ago 13.3kB
[root@localhost ~]# docker history 87a94228f133
IMAGE CREATED CREATED BY SIZE COMMENT
87a94228f133 4 hours ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 4 hours ago /bin/sh -c #(nop) STOPSIGNAL SIGQUIT 0B
<missing> 4 hours ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 4 hours ago /bin/sh -c #(nop) ENTRYPOINT ["/docker-entr… 0B
<missing> 4 hours ago /bin/sh -c #(nop) COPY file:09a214a3e07c919a… 4.61kB
<missing> 4 hours ago /bin/sh -c #(nop) COPY file:0fd5fca330dcd6a7… 1.04kB
<missing> 4 hours ago /bin/sh -c #(nop) COPY file:0b866ff3fc1ef5b0… 1.96kB
<missing> 4 hours ago /bin/sh -c #(nop) COPY file:65504f71f5855ca0… 1.2kB
<missing> 4 hours ago /bin/sh -c set -x && addgroup --system -… 64MB
<missing> 4 hours ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster 0B
<missing> 4 hours ago /bin/sh -c #(nop) ENV NJS_VERSION=0.6.2 0B
<missing> 4 hours ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.21.3 0B
<missing> 4 hours ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 5 hours ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 5 hours ago /bin/sh -c #(nop) ADD file:910392427fdf089bc… 69.3MB
可以看到通过docker history imagesId 来查看镜像文件时,发现当镜像被启动时,一个可写的镜像被放在了镜像文件的最顶部,一般称为容器层,容器层可进行写操作,剩下的都是镜像层,镜像层只有读操作;
根据aUFS的定义,容器的文件系统就是由下面的15个只读镜像层和1个可写的容器层通过aUFS mount出来的。
到这里,就能和前面的aUFS联系起来了,X就是容器层,可修改,可记录,Y就是镜像层,不可更改,只读,而Z就是我们进入联合起来的视图层。
11.2、Docker的分层镜像
我们通过对容器层A的修改重新构建了一层镜像,此时的镜像由原来的Y和X共同构成。
当我们运行这个新的镜像的时候,就创建出了一个新的容器P,而这个新创建的容器层P会继续接受视图层的更改请求。
可以看到X只是针对Y作出更改,而P只是针对重叠后的X做出更改,这种上层镜像只记录对下层镜像更改的方式,就是docker的分层镜像系统。
[root@localhost ~]# docker pull tomcat
Using default tag: latest
latest: Pulling from library/tomcat
df5590a8898b: Pull complete
705bb4cb554e: Pull complete
519df5fceacd: Pull complete
ccc287cbeddc: Pull complete
39a2961e8351: Pull complete
0287b7aa7f62: Pull complete
165d4a436d89: Pull complete
2b9d00974b45: Pull complete
8ec846c322cf: Pull complete
1000c7fbcebb: Pull complete
Digest: sha256:f3901a8359495b00474bd253cc446971c0277fc394ba37a020f0b9d84080fced
Status: Downloaded newer image for tomcat:latest
docker.io/library/tomcat:latest
[root@localhost ~]# docker push tomcat
Using default tag: latest
The push refers to repository [docker.io/library/tomcat]
b76a02ab2a70: Layer already exists
2dc1aa92b587: Layer already exists
73819629b437: Layer already exists
874ad65f91ea: Layer already exists
0fc2498b65e5: Layer already exists
d08e6b97bf21: Layer already exists
3054497613e6: Layer already exists
d35dc7f4c79e: Layer already exists
dabfe5b2ea81: Layer already exists
5e6a409f30b6: Layer already exists
errors:
denied: requested access to the resource is denied
unauthorized: authentication required
如上,我们通过pull或者push一个镜像的时候,会发现由很多的layer,是一个十几层的镜像。
11.3、镜像加载的原理
Docker的镜像实质就是由一层一层的文件系统组成的;
- bootfs(boot file system):主要包含bootload、kernel;bootload主要负责加载kernel,完成后整个系统的内核就存在内存中了;
- rootfs(root file system):主要包含linux系统中的标准的/etc/proc/bin/root文件,rootfs实质就是不同操作系统的发行版(Ubuntu、CentOS)
- 分层的理解:11.2中的docker分层镜像;
12、容器数据卷
12.1、为什么要使用数据卷
什么是容器数据卷:为了实现数据持久化,使容器之间可以共享数据。可以将容器内的目录,挂载到宿主机上或其他容器内,实现同步和共享的操作。即使将容器删除,挂载到本地的数据卷也不会丢失。
拉取一个Ubuntu的镜像
[root@localhost ~]# docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
f3ef4ff62e0d: Pull complete
Digest: sha256:a0d9e826ab87bd665cfc640598a871b748b4b70a01a4f3d174d4fb02adad07a9
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
启动镜像为容器
[root@localhost ~]# docker run -d ubuntu bash -c "shuf -i 1-10000 -n 1 -o /data.txt && tail -f /dev/null"
27828c445d0a3394e96b86a06046eba3840a597667e189b469fc5272d520277f
#"shuf -i 1-10000 -n 1 -o /data.txt && tail -f /dev/null" 代表的时随机生成一个范围的数字保存在data.txt文件中,&&之前表示存储数字的文件,后边只是监控docker文件的写入;
进入docker中进行查看时可以发现
[root@localhost ~]# docker exec -it 27828c445d0a cat /data.txt
5718
此时重新启动一个相同的Ubuntu镜像容器,会发现没有data.txt文件
[root@localhost ~]# docker run -it ubuntu ls /
bin dev home lib32 libx32 mnt proc run srv tmp var
boot etc lib lib64 media opt root sbin sys usr
说明了文件中的数据是不持久的,随着容器的删除,数据也被删除
12.2、容器数据卷的使用
docker run -it -v 主机内目录:容器内目录 镜像名/id
#直接使用命令,将文件映射到宿主机中
示例
[root@localhost docker]# docker run -it -v /docker_txt/:/opt nginx /bin/bash
#/docker_txt 为宿主机中的目录,绝对路径 /opt:容器内的目录也是绝对路径
#进入容器可以看到/opt目录下没有任何文件
#ctrl+p+q退出容器但不停止运行
#在宿主机中的docker_txt目录下创建hello.txt文件并将hello写入文件中
[root@localhost /]# cd docker_txt/
[root@localhost docker_txt]# vim hello.txt
#进入容器中查看/opt目录
[root@localhost docker_txt]# docker exec -it 9d bash
root@9d36452776a2:/# cd opt/
root@9d36452776a2:/opt# ls
hello.txt
root@9d36452776a2:/opt# cat hello.txt
hello
12.3、匿名挂载
docker run -d -v 容器内目录 镜像名/id # 匿名挂载
#通过docker volume ls查看所有挂载的数据卷
[root@localhost docker_txt]# docker volume ls
DRIVER VOLUME NAME
local docker_txt
12.4、具名挂载
docker run -d -v 卷名:容器内目录 镜像名/id # 具名挂载
#可以指定具体的卷名称
13、DockerFile
dockerfile就是用来构建docker的镜像文件的命令行脚本,说白了就是自己创建docker镜像上传至仓库中,使用时可以获取自己的docker镜像;
13.1、dockerFile构建步骤
- 编写一个dockerfile文件
- docker build 构建一个docker镜像
- docker run 运行一个docker镜像
- docker push 上传一个docker镜像
13.2、DockerFile部署服务
- 首先将springboot项目进行打包,可以加上图中的插件防止打包后项目文件目录不完整;
- 在宿主机中创建一个目录用于存放jar以及Dockerfile文件
mkdir /docker/projectDeploy
- 通过命令rz将jar上传到该目录下,并创建Dockfile文件
touch Dockfile
[root@localhost projectDeploy]# ls
Dockerfile project-1.0-SNAPSHOT.jar
- 编辑Dockerfile文件
[root@localhost projectDeploy]# vi Dockerfile
FROM java:8 #指定运行的来源
ADD project-1.0-SNAPSHOT.jar /docker/projectDeploy/project-1.0-SNAPSHOT.jar
ENTRYPOINT ["nohup","java","-jar","/docker/projectDeploy/project-1.0-SNAPSHOT.jar","&"]
- 构建docker镜像
docker build -t 镜像名称 .
#通过 -t 指定镜像的标签信息,例如:docker build -t regenzm/first_image . ##"."指定的是Dockerfile所在的路径
- 查看镜像
[root@localhost projectDeploy]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yidapro1 latest 9db8b2465bd7 2 hours ago 678MB
nginx latest 87a94228f133 2 days ago 133MB
tomcat latest 6313f84af805 7 days ago 680MB
ubuntu latest 597ce1600cf4 13 days ago 72.8MB
hello-world latest feb5d9fea6a5 2 weeks ago 13.3kB
java 8 d23bdf5b1b1b 4 years ago 643MB
- 启动镜像
docker run -d -p8010:8010 --name yida1 镜像名称/id
- 查看docker容器
[root@localhost projectDeploy]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
73391e8050e4 yidapro1 "nohup java -jar /do…" 2 hours ago Up 2 hours 0.0.0.0:8010->8010/tcp, :::8010->8010/tcp yida1
- 测试访问,插看docker中日志信息
[root@localhost projectDeploy]# docker logs -f yida1
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.3.2.RELEASE)
2021-10-14 03:53:26.596 INFO 1 --- [ main] com.canglitech.ProjectApplication : Starting ProjectApplication on 73391e8050e4 with PID 1 (/docker/projectDeploy/project-1.0-SNAPSHOT.jar started by root in /)
2021-10-14 03:53:26.598 INFO 1 --- [ main] com.canglitech.ProjectApplication : No active profile set, falling back to default profiles: default
2021-10-14 03:53:28.555 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8010 (http)
2021-10-14 03:53:28.569 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2021-10-14 03:53:28.570 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.37]
2021-10-14 03:53:28.656 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2021-10-14 03:53:28.656 INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1991 ms
2021-10-14 03:53:29.200 INFO 1 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2021-10-14 03:53:29.920 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8010 (http) with context path ''
2021-10-14 03:53:29.935 INFO 1 --- [ main] com.canglitech.ProjectApplication : Started ProjectApplication in 4.448 seconds (JVM running for 5.156)
2021-10-14 03:53:32.812 INFO 1 --- [nio-8010-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2021-10-14 03:53:32.812 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2021-10-14 03:53:32.827 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 15 ms
{}
AecpGatewayResult{success=false, result='{"success":false,"errorCode":"TIANSHU_101001","errorMsg":"参数校验失败userId"}', errorCode='null', errorMsg='null'}
{}
AecpGatewayResult{success=false, result='{"success":false,"errorCode":"TIANSHU_101001","errorMsg":"参数校验失败userId"}', errorCode='null', errorMsg='null'}
14、Docker Compose
14.1、使用dockercompose部署springboot项目
14.1.1、打包、创建Dockerfile、docker-compose文件
#文件目录如下
[root@localhost docker_compose]# cd my_test/
[root@localhost my_test]# ls
docker-compose.yml Dockerfile project-1.0-SNAPSHOT.jar
- Dockerfile文件
[root@localhost my_test]# cat Dockerfile
FROM java:8
ADD project-1.0-SNAPSHOT.jar /docker/docker_compose/my_test/project-1.0-SNAPSHOT.jar
ENTRYPOINT ["nohup","java","-jar","/docker/docker_compose/my_test/project-1.0-SNAPSHOT.jar","&"]
- docker-compose文件
[root@localhost my_test]# cat docker-compose.yml
services:
my_test:
restart: always
build:
context: ./
dockerfile: Dockerfile
image: my_test
container_name: my_test
ports:
- 8010:8010
#请注意,这是个yml文件,注意格式,不然会报错
14.1.2、启动docker-compose
需要注意的是,此时的docker-compose文件实在my_test这个文件下,启动时也应该在该文件下
docker-compose up -d
#-d表示后台启动
查看容器
[root@localhost my_test]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13dc6768e909 my_test "nohup java -jar /do…" 58 minutes ago Up 58 minutes 0.0.0.0:8010->8010/tcp, :::8010->8010/tcp my_test
查看日志
#与docker查看日志方式相似
[root@localhost my_test]# docker-compose logs my_test
Attaching to my_test
my_test |
my_test | . ____ _ __ _ _
my_test | /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
my_test | ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
my_test | \\/ ___)| |_)| | | | | || (_| | ) ) ) )
my_test | ' |____| .__|_| |_|_| |_\__, | / / / /
my_test | =========|_|==============|___/=/_/_/_/
my_test | :: Spring Boot :: (v2.3.2.RELEASE)
my_test |
my_test | 2021-10-20 02:13:24.826 INFO 1 --- [ main] com.canglitech.ProjectApplication : Starting ProjectApplication on 13dc6768e909 with PID 1 (/docker/docker_compose/my_test/project-1.0-SNAPSHOT.jar started by root in /)
my_test | 2021-10-20 02:13:24.829 INFO 1 --- [ main] com.canglitech.ProjectApplication : No active profile set, falling back to default profiles: default
my_test | 2021-10-20 02:13:26.405 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8010 (http)
my_test | 2021-10-20 02:13:26.423 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
my_test | 2021-10-20 02:13:26.423 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.37]
my_test | 2021-10-20 02:13:26.491 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
my_test | 2021-10-20 02:13:26.491 INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1610 ms
my_test | 2021-10-20 02:13:26.953 INFO 1 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
my_test | 2021-10-20 02:13:27.362 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8010 (http) with context path ''
my_test | 2021-10-20 02:13:27.372 INFO 1 --- [ main] com.canglitech.ProjectApplication : Started ProjectApplication in 3.271 seconds (JVM running for 4.128)
my_test | 2021-10-20 02:14:39.370 INFO 1 --- [nio-8010-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
my_test | 2021-10-20 02:14:39.370 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
my_test | 2021-10-20 02:14:39.377 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 7 ms
my_test | {}
my_test | AecpGatewayResult{success=false, result='{"success":false,"errorCode":"TIANSHU_101001","errorMsg":"参数校验失败userId"}', errorCode='null', errorMsg='null'}
10-20 02:13:27.362 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8010 (http) with context path ''
my_test | 2021-10-20 02:13:27.372 INFO 1 --- [ main] com.canglitech.ProjectApplication : Started ProjectApplication in 3.271 seconds (JVM running for 4.128)
my_test | 2021-10-20 02:14:39.370 INFO 1 --- [nio-8010-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
my_test | 2021-10-20 02:14:39.370 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
my_test | 2021-10-20 02:14:39.377 INFO 1 --- [nio-8010-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 7 ms
my_test | {}
my_test | AecpGatewayResult{success=false, result='{"success":false,"errorCode":"TIANSHU_101001","errorMsg":"参数校验失败userId"}', errorCode='null', errorMsg='null'}
扫一扫
5万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
