Docker Images
- Docker镜像含有启动容器所需要的文件系统及内容,因此用于创建并启动docker容器
- 采用分层构建机制,最底层为bootfs,其之上为rootfs
- bootfs:用于系统引导的文件系统,包括bootloader和kernel,容器启动完成后被卸载以节约内存资源
- rootfs:位于bootfs之上,表现为docker容器的根文件系统
- 传统模式中,系统启动之时,内核挂载rootfs时会首先将其挂载为“只读”模式,完整性自检完成后将其重新挂载为读写模式
- docker中,rootfs由内核挂载为“只读”模式,而后通过“联合挂载”技术额外挂载一个“可写”层
Registry(Repository and Index)
- Repository
- 由某特定的docker镜像的所有迭代版本组成的镜像仓库
- 一个Registry中可以存在多个Repository
- Repository可分为“顶层仓库”和“用户仓库”
- 用户仓库名称格式为“用户名/仓库名”
- 每个仓库可以包含多个Tags(标签),每个标签对应一个镜像
- Index
- 维护用户账户、镜像的校验以及公共命名空间的信息
- 相当于为Registry提供了一个完成用户认证功能的检索接口
Docker安装和使用
#安装yum工具包
[root@docker ~]# yum install -y yum-utils
#配置阿里云镜像
[root@docker ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#安装最新版本的 Docker Engine-Community 和 containerd
[root@docker ~]# yum install -y docker-ce docker-ce-cli containerd.io
[root@docker ~]# systemctl start docker
[root@docker ~]# ps -ef | grep docker
root 2446 1 0 21:07 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 2623 2145 0 21:08 pts/0 00:00:00 grep --color=auto docker
#运行一个HelloWorld
[root@docker ~]# docker run ubuntu:15.10 /bin/echo "Hello World"
Unable to find image 'ubuntu:15.10' locally
15.10: Pulling from library/ubuntu
7dcf5a444392: Pull complete
759aa75f3cee: Pull complete
3fa871dc8a2b: Pull complete
224c42ae46e7: Pull complete
Digest: sha256:02521a2d079595241c6793b2044f02eecf294034f31d6e235ac4b2b54ffc41f3
Status: Downloaded newer image for ubuntu:15.10
Hello World
#查看本地镜像列表
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 15.10 9b9cb95443b5 5 years ago 137MB
#显示镜像完整信息
[root@docker ~]# docker image ls --no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1 9 days ago 72.8MB
centos 6.10 sha256:f1af727749c4a4d0355feaad60065e240a473f1a8a7b716bdff0f2be03c28935 5 weeks ago 194MB
busybox latest sha256:16ea53ea7c652456803632d67517b78a4f9075a10bfdc4fc6b7b4cbf2bc98497 5 weeks ago 1.24MB
nginx 1.14-alpine sha256:8a2fb25a19f5dc1528b7a3fabe8b3145ff57fe10e4f1edac6c718a3cf4aa4b73 2 years ago 16MB
nginx 1.14 sha256:295c7be079025306c4f1d65997fcf7adb411c88f139ad1d34b537164aa060369 2 years ago 109MB
#查看镜像详细信息
[root@docker ~]# docker image inspect 9b9cb95443b5
#通过Go Template获取指定参数信息
[root@docker ~]# docker container inspect -f {{.NetworkSettings.IPAddress}} 16c06a138de3
10.0.0.2
#从仓库拉取镜像
[root@docker ~]# docker pull centos
#查看镜像的历史信息
[root@docker ~]# docker image history centos
IMAGE CREATED CREATED BY SIZE COMMENT
5d0da3dc9764 3 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 3 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 3 weeks ago /bin/sh -c #(nop) ADD file:805cb5e15fb6e0bb0… 231MB
#保存镜像到本地磁盘(使用-o参数)
[root@docker ~]# docker image save centos -o /root/centos.tar.gz
[root@docker ~]# ls /root
anaconda-ks.cfg nginx-1.14.2 openssl-1.1.1k Python-3.8.6
centos.tar.gz nginx-1.14.2.tar.gz openssl-1.1.1k.tar.gz Python-3.8.6.tar.xz
#删除一个镜像(可以使用镜像ID或REPOSITORY|REPOSITORY:TAG)
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 3 weeks ago 231MB
ubuntu 15.10 9b9cb95443b5 5 years ago 137MB
[root@docker ~]# docker image rm centos
Untagged: centos:latest
Untagged: centos@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Deleted: sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6
Deleted: sha256:74ddd0ec08fa43d09f32636ba91a0a3053b02cb4627c35051aff89f853606b59
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 15.10 9b9cb95443b5 5 years ago 137MB
#载入本地镜像
[root@docker ~]# docker load -i /root/centos.tar.gz
74ddd0ec08fa: Loading layer 238.6MB/238.6MB
Loaded image: centos:latest
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 3 weeks ago 231MB
ubuntu 15.10 9b9cb95443b5 5 years ago 137MB
#给镜像打标签
[root@docker ~]# docker image tag 87a94228f133 tye:lotus
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 87a94228f133 47 hours ago 133MB
tye lotus 87a94228f133 47 hours ago 133MB
centos latest 5d0da3dc9764 4 weeks ago 231MB
ubuntu 15.10 9b9cb95443b5 5 years ago 137MB
#--------------------------------------容器-----------------------------------------------
#交互式启动容器(-i[interactive]-t[tty])
[root@docker ~]# docker container run -it centos
[root@f414580a3ee7 /]#
#交互式指定名称启动容器
[root@docker ~]# docker container run -it --name="tyecentos8.4" 5d0da3dc9764
[root@4c529d4d07d0 /]#
#守护式容器启动(-d)
[root@docker ~]# docker container run -d nginx
32e1524eec78a21c8c000a6eaa67916f0cd7415f095ac062856b21d7698090da
#在容器中运行一个镜像
[root@docker ~]# docker container run -id centos
b2ea3d62e02c8c556eb7f4ce70c614ff7dfaa9a450a84a37385243c96b08448b
#查看容器状态信息
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b2ea3d62e02c centos "/bin/bash" 8 seconds ago Up 7 seconds dazzling_shirle
#----CONTAINER ID:容器ID
#----NAMES:容器的名称
#----STATUS:容器的状态(Exited,Up)
#显示所有容器列表
[root@docker ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4c529d4d07d0 5d0da3dc9764 "/bin/bash" 2 minutes ago Exited (130) 5 seconds ago tyecentos8.4
f414580a3ee7 centos "/bin/bash" 10 minutes ago Up 10 minutes lucid_fermi
a9b4dac8c4d8 nginx "/docker-entrypoint.…" 25 minutes ago Exited (0) 19 minutes ago vibrant_darwin
#查看镜像列表,只显示镜像ID
[root@docker ~]# docker image ls -q
5d0da3dc9764
9b9cb95443b5
#查看容器的信息
[root@docker ~]# docker container inspect 32e1524eec78
#访问容器中启动的nginx
[root@docker ~]# curl -I 172.17.0.3
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 14 Oct 2021 01:09:59 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Tue, 07 Sep 2021 15:21:03 GMT
Connection: keep-alive
ETag: "6137835f-267"
Accept-Ranges: bytes
#停止正在运行的容器(stop后面跟上容器ID)
[root@docker ~]# docker container stop b2ea3d62e02c
b2ea3d62e02c
#批量删除所有容器
[root@docker ~]# docker container rm $(docker container ls -aq)
48e7f9eb9684
b2ea3d62e02c
cc505b7a8cbb
a36c554b5763
cd0b6e22a0af
31c563251b17
07778cf50433
#映射端口启动nginx服务
[root@docker ~]# docker container run -d -p 8080:80 --name=tye_nginx nginx:1.14
#启动停止的容器,-i交互式启动容器
[root@docker ~]# docker container start -i f414580a3ee7
[root@f414580a3ee7 /]#
#获取容器中的进程运行情况
[root@docker ~]# docker container top 23f92b18e75b
UID PID PPID C STIME TTY TIME CMD
root 2114 2094 0 20:34 ? 00:00:00 nginx: master process nginx -g daemon off;
101 2145 2114 0 20:34 ? 00:00:00 nginx: worker process
#查看日志
[root@docker ~]# docker container logs 23f92b18e75b
2021/10/15 00:49:58 [error] 8#8: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 172.17.0.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "192.168.88.101:8080", referrer: "http://192.168.88.101:8080/"
172.17.0.1 - - [15/Oct/2021:00:49:58 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://192.168.88.101:8080/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" "-"
#容器运行时注入主机名,默认主机名为容器ID
[root@docker ~]# docker container run -it --rm busybox
/ # hostname
0da66b380c15
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0da66b380c15 busybox "sh" 4 minutes ago Up 4 minutes nice_wu
[root@docker ~]# docker container run -it --rm --hostname tye.lotus.com busybox
/ # hostname
tye.lotus.com
#设置DNS--dns
[root@docker ~]# docker container run -it --rm --hostname tye.lotus.com --dns 8.8.8.8 busybox
/ # cat /etc/resolv.conf
nameserver 8.8.8.8
#设置DNS查找域--dns-search
[root@docker ~]# docker container run -it --rm --hostname tye.lotus.com --dns 8.8.8.8 --dns-search ilinux.io busybox
/ # cat /etc/resolv.conf
search ilinux.io
nameserver 8.8.8.8
#注入hosts解析--add-host hostname:ip
[root@docker ~]# docker container run -it --rm --hostname tye.lotus.com --dns 8.8.8.8 --dns-search ilinux.io --add-host www.tye.com:1.1.1.1 busybox
/ # cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
1.1.1.1 www.tye.com
172.17.0.2 tye.lotus.com tye
#--------------------------------------------------数据卷(持久化存储)-----------------------------------------
#复制宿主机中的文件至容器
[root@docker opt]# docker container cp test.html nginx_out:/usr/share/nginx/html/index.html
#复制容器中的文件至当前宿主机
[root@docker opt]# docker container cp nginx_out:/usr/share/nginx/html/50x.html .
#----volume实现宿主机和容器的数据共享
#通过-v参数实现volume宿主机和容器的映射
[root@docker ~]# docker run -d --name="nginx_out2" -p 80:80 -v /opt/html/:/usr/share/nginx/html/ nginx:1.14
c60283008b499b48e10c25ad99c83d1e7d10bb2e07bc847d05cdf3de6f43f73d
#----------映射完成后查看映射情况
#-----------容器中的情况
[root@docker ~]# docker container exec -it nginx_out2 /bin/bash
root@c60283008b49:/# ls /usr/share/nginx/html/
50x.html index.html
#----------宿主机情况
[root@docker html]# ls
50x.html index.html
[root@docker html]# pwd
/opt/html
基于busybox实现简单的httpd
#在busybox容器中创建/data/www目录用于存放html文件
[root@docker ~]# docker container exec -it 619c7c6daee0 /bin/sh
/ # mkdir /data/html -p
/ # vi /data/html/index.html
busybox.html
#将busybox容器制作成镜像
[root@docker ~]# docker container commit -a "tye <tye@163.com>" -c 'CMD ["/bin/httpd","-f","-h","/data/html"]' 619c7c6daee0 tye/busybox:v1.0
sha256:0cba66781b54c95fab02d600667fbbde7f919ab4fe2dc8c0c9288e778fade3fc
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
tye/busybox v1.0 0cba66781b54 5 seconds ago 1.24MB
ubuntu latest ba6acccedd29 9 days ago 72.8MB
centos 6.10 f1af727749c4 5 weeks ago 194MB
busybox latest 16ea53ea7c65 5 weeks ago 1.24MB
redis 4-alpine e3dd0e49bca5 18 months ago 20.4MB
nginx 1.14-alpine 8a2fb25a19f5 2 years ago 16MB
nginx 1.14 295c7be07902 2 years ago 109MB
#启动容器
[root@docker ~]# docker container run tye/busybox:v1.0
#查看启动的容器
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3b80ac9ed2c4 tye/busybox:v1.0 "/bin/httpd -f -h /d…" 5 minutes ago Up 5 minutes distracted_sammet
#通过curl访问tye/busybox容器
[root@docker ~]# curl http://172.17.0.3
busybox.html
容器启动后观察宿主机上的进程和网络信息
#--------------进程信息
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3b80ac9ed2c4 tye/busybox:v1.0 "/bin/httpd -f -h /d…" 9 hours ago Up 14 minutes distracted_sammet
619c7c6daee0 busybox "sh" 24 hours ago Up 2 minutes competent_jepsen
#目前在docker中运行着两个容器,通过ps -ef查看宿主机进程
root 1188 1 0 20:02 ? 00:00:01 /usr/bin/containerd
root 1488 1 0 20:02 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containe
root 1905 1 0 20:08 ? 00:00:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 3b80ac9ed2
root 1925 1905 0 20:08 ? 00:00:00 /bin/httpd -f -h /data/html
root 2187 1 0 20:21 ? 00:00:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 619c7c6dae
#---------------网络信息
#docker在容器启动时会创建一对虚拟网卡设备,一个在容器中,一个在宿主机上
[root@docker ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:4cff:fefc:d2f7 prefixlen 64 scopeid 0x20<link>
ether 02:42:4c:fc:d2:f7 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5 bytes 438 (438.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.88.101 netmask 255.255.255.0 broadcast 192.168.88.255
inet6 fe80::a03d:1c5b:d3d8:111c prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:76:d2:d2 txqueuelen 1000 (Ethernet)
RX packets 22325 bytes 28435128 (27.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11357 bytes 812825 (793.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 215 bytes 3476377 (3.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 215 bytes 3476377 (3.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
<veth59994d1>: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::30e4:58ff:fe12:abad prefixlen 64 scopeid 0x20<link>
ether 32:e4:58:12:ab:ad txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1086 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
<vethe3c82e2>: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::6449:e4ff:fe34:b335 prefixlen 64 scopeid 0x20<link>
ether 66:49:e4:34:b3:35 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 7 bytes 578 (578.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#
[root@docker ~]# yum install -y bridge-utils
#查看桥接情况
[root@docker ~]# brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.02424cfcd2f7 no veth59994d1
vethe3c82e2
#通过iptables查看
[root@docker ~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere !loopback/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
容器的应用场景
交互式容器:
- 工具类
- 开发、测试
- 临时性任务
守护式容器(网络服务[ssh,]):
- 服务,对外暴露端口,
容器的连接方式
- attach
#通过attach方式连接一个启动的容器
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e68ca03c74b nginx:1.14 "nginx -g 'daemon of…" 12 minutes ago Up 12 minutes 0.0.0.0:8080->80/tcp, :::8080->80/tcp tye_nginx
f414580a3ee7 centos "/bin/bash" 14 hours ago Up 5 seconds lucid_fermi
[root@docker ~]# docker container attach f414580a3ee7
[root@f414580a3ee7 /]#
- exec[建议使用]:通过子进程的方式连接一个启动的容器(在已有工作容器中生成子进程,进行登录,可以进行容器的调试,退出时不会影响到当前容器)
[root@docker ~]# docker container exec -it f414580a3ee7 /bin/bash
容器的前后台运行
- ctrl+p,Q切换出容器,使用attach或exec调用到前台
- 死循环
- 让程序前台一直运行(夯在前台)
- 制作守护式容器时常用的方法
容器的网络访问
默认情况只能内部访问
– 指定映射(docker会自动在宿主机上添加一条iptables规则来实现端口映射)
-p hostPort:containerPort
-p ip:hostPort:containerPort
-p ip::containerPort(随机端口)
-p hostPort:containerPort/udp
-p 81:80 -p 443:443多端口映射
– 随机映射
docker run -p 80(随机端口)
#启动一个nginx容器,并将容器的80端口映射至宿主机的8080端口上
[root@docker ~]# docker container run -d -p 8080:80 nginx:1.14
23f92b18e75b689603aed94c78372ca3850a57c36c1b8ce024a8b40b41f101c7
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
23f92b18e75b nginx:1.14 "nginx -g 'daemon of…" 5 seconds ago Up 4 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp vigilant_mayer
[root@docker ~]# netstat -tnlp | grep 8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 2428/docker-proxy
tcp6 0 0 :::8080 :::* LISTEN 2434/docker-proxy
#通过-p指定暴露的容器端口,会通过宿主机随机端口与容器的80端口连接,宿主机上的随机端口随着docker的版本不同也会不同
[root@docker ~]# docker container run -d --rm -p 80 tye/busybox:v1.0
05098960f0d625c719414939fd0efd9e032641105383ebad1b6ff02ab3252511
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
05098960f0d6 tye/busybox:v1.0 "/bin/httpd -f -h /d…" 7 seconds ago Up 5 seconds 0.0.0.0:49153->80/tcp, :::49153->80/tcp hungry_chandrasekhar
[root@docker ~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere !loopback/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:http
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere
DNAT tcp -- anywhere anywhere tcp dpt:49153 to:172.17.0.2:80
#查看容器暴露的端口
[root@docker ~]# docker container port 05098960f0d6
80/tcp -> 0.0.0.0:49153
80/tcp -> :::49153
#指定IP暴露端口
[root@docker ~]# docker container run -d --rm -p 192.168.88.101::80 tye/busybox:v1.0
b7b7fa2b8067205fcb697431e8ccb7fffdcebb8ad74f4e4127266d7b28178a3f
[root@docker ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b7b7fa2b8067 tye/busybox:v1.0 "/bin/httpd -f -h /d…" 7 seconds ago Up 4 seconds 192.168.88.101:49153->80/tcp clever_antonelli
[root@docker ~]# docker container port b7b7fa2b8067
80/tcp -> 192.168.88.101:49153
#指定宿主机端口暴露容器端口
[root@docker ~]# docker container run -d --rm -p 80:80 tye/busybox:v1.0
1c0730ce9d482a36e7f4ecf8ba8ddb0af344b7d3b59b0cf46ab5baacf734f19f
[root@docker ~]# docker container port 1c0730ce9d48
80/tcp -> 0.0.0.0:80
80/tcp -> :::80
#指定宿主机IP:端口暴露容器端口
[root@docker ~]# docker container run -d --rm -p 192.168.88.101:8080:80 tye/busybox:v1.0
9ff1a0211aa98334ff12ca6ca061e4a824b51a66ee59869241ec3f2db39c7ff2
[root@docker ~]# docker container port 9ff1a0211aa9
80/tcp -> 192.168.88.101:8080
#-------------------------------数据卷-------------
#(1)在宿主机创建好环境
[root@docker opt]# mkdir -p volume/a volume/b
[root@docker opt]# touch /opt/volume/a/a.txt /opt/volume/b/b.txt
[root@docker volume]# tree
.
├── a
│ └── a.txt
└── b
└── b.txt
#(2)生成数据卷容器
[root@docker volume]# docker run -it --name "nginx_volumes" -v /opt/volume/a:/opt/a -v /opt/volume/b:/opt/b centos /bin/bash
#(3)挂载数据卷容器(--volumes-from)
[root@docker volume]# docker run -d -p 8085:80 --volumes-from nginx_volumes --name "n8085" nginx:1.14
ff6194215711b679e581ab65c58e30e1aa41c7871945986540e9adb8944acd31
[root@docker volume]# docker run -d -p 8086:80 --volumes-from nginx_volumes --name "n8086" nginx:1.14
7cfc2255bd5c0d763400142d32ad0ba9750a9a6c4859e8f875727b3f955446cb
#--------------------------------------制作本地局域网yum源
#(1)安装vsftpd软件
[root@docker volume]# yum install -y vsftpd
[root@docker volume]# systemctl start vsftpd
[root@docker volume]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
#(2)上传系统至虚拟机
#(3)配置yum仓库
[root@docker mnt]# mkdir -p /var/ftp/centos7
[root@docker mnt]# mount /mnt/CentOS-7-x86_64-DVD-2003.iso /var/ftp/centos7/
mount: /dev/loop0 is write-protected, mounting read-only
[root@docker mnt]# ls /var/ftp/centos7/
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
联盟式容器(Joinded containers)
联盟式容器是指使用某个已存在容器的网络接口的容器,接口被联盟内的各容器共享使用,因此,联盟式容器彼此间完全无隔离,彼此共享同一个网络名称空间,其它名称空间还是隔离的,彼此之间存在端口冲突的可能性,通常只会在多个容器上的程序需要loopback接口互相通信、或对某已存在的容器网络属性进行监控时才使用此种模式的网络模型。
#启动第一个容器
[root@docker ~]# docker run --name b1 -it --rm busybox
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:508 (508.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
#启动第二个容器
[root@docker ~]# docker run --name b2 -it --rm busybox
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:578 (578.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
#共享b1的网络名称空间,启动第二个容器
[root@docker ~]# docker run --name b2 --network container:b1 -it --rm busybox
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:02
inet addr:172.17.0.2 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
#在b1容器中启动httpd服务
/ # echo 'busybox--b1' >/tmp/index.html
/ # httpd -h /tmp/
/ # netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::80 :::* LISTEN 11/httpd
#在b2容器中查看,同样httpd服务已启动
/ # netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::80 :::* LISTEN -
/ # wget -O - -q 127.0.0.1
busybox--b1
错误1
[root@docker ~]# docker pull centos7
Using default tag: latest
Error response from daemon: pull access denied for centos7, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
解决方法
1.使用docker login进行docker用户名,密码登录(注:如无用户,在[Docker Hub](https://hub.docker.com/)上注册)
2.有可能是后面的镜像名称错误
错误2
#删除Centos镜像,报错
[root@docker ~]# docker image rm centos
Error response from daemon: conflict: unable to remove repository reference "centos" (must force) - container b2ea3d62e02c is using its referenced image 5d0da3dc9764
解决方法
1.因有容器正在使用当前镜像运行,需先停止容器的运行,然后再进行镜像删除
2.可以使用docker image rm -f centos强制删除
117
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
