Docker桥&存储卷管理
1. Docker桥
创建桥后,可以让容器使用指定的网段
# 创建容器,并让容器随着服务的的启动而启动
[root@localhost ~]# docker run -d --name web --restart=always httpd
772fd3e6685938f8db19a810c8e9a06d34f50da23c3b5228266b27905c01c62b
# 修改配置文件后可以指定docker0的默认网段
[root@localhost ~]# ip a s docker0
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ee:9e:f8:32 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:eeff:fe9e:f832/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://j3m2itm3.mirror.aliyuncs.com"],
"bip": "10.10.10.1/24"
}
[root@localhost ~]# ip a s docker0
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:ee:9e:f8:32 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.1/24 brd 10.10.10.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:eeff:fe9e:f832/64 scope link
valid_lft forever preferred_lft forever
# 新建桥,指定网段和网关
[root@localhost ~]# docker network create -d bridge --subnet "192.168.1.0/24" --gateway "192.168.1.1" br0
10499f9c0103701c946c0c441062803f8948ed5bde86ecbb61b4f1001e825ce2
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
10499f9c0103 br0 bridge local
33cdefbba716 bridge bridge local
eb0336465bba host host local
6e6079fddd34 none null local
# 使用br0创建容器b1
[root@localhost ~]# docker run -it --rm --name b1 --network br0 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
# 使用默认桥创建容器b2
[root@localhost ~]# docker run -it --rm --name b2 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
18: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:0a:0a:0a:03 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.3/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
新建的两个容器分别使用不同的网桥后网段分别不同,怎样让两个容器之间通信呢?
# 在两个容器中互相添加两个网桥的网卡
[root@localhost ~]# docker network connect bridge b1
[root@localhost ~]# docker network connect br0 b2
b1容器:
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
valid_lft forever preferred_lft forever
22: eth1@if23: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:0a:0a:0a:04 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.4/24 brd 10.10.10.255 scope global eth1
valid_lft forever preferred_lft forever
/ #
/ # ping 10.10.10.3 -c 3
PING 10.10.10.3 (10.10.10.3): 56 data bytes
64 bytes from 10.10.10.3: seq=0 ttl=64 time=0.359 ms
64 bytes from 10.10.10.3: seq=1 ttl=64 time=0.092 ms
64 bytes from 10.10.10.3: seq=2 ttl=64 time=0.202 ms
--- 10.10.10.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.092/0.217/0.359 ms
b2容器:
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
18: eth0@if19: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:0a:0a:0a:03 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.3/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
20: eth1@if21: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:01:03 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.3/24 brd 192.168.1.255 scope global eth1
valid_lft forever preferred_lft forever
/ #
/ # ping 192.168.1.2 -c 3
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: seq=0 ttl=64 time=0.144 ms
64 bytes from 192.168.1.2: seq=1 ttl=64 time=0.087 ms
64 bytes from 192.168.1.2: seq=2 ttl=64 time=0.094 ms
--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.087/0.108/0.144 ms
[root@localhost ~]# docker network disconnect br0 b2
2. 存储卷
存储卷可以让宿主机和容器之间的数据建立绑定关系,绑定关系默认就已经建立
# 查看绑定目录位置
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9614eb44d54 httpd "httpd-foreground" 2 hours ago Up 2 hours 80/tcp web
[root@localhost ~]# docker inspect web
......
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b-init/diff:/var/lib/docker/overlay2/70492911b2a668114334ce6803c249e7fe9ff62914f0a8c1b2948b58aca3e1c0/diff:/var/lib/docker/overlay2/48ee4b6d862b3dbbe247417a6e56453a0661c5da6bb598bb4e7efb409c0ba3a1/diff:/var/lib/docker/overlay2/f9fd9332c0d1fdd788c70c6715f0dac1178a6f8bfdf3c41932c4bddb011f9dfb/diff:/var/lib/docker/overlay2/519d9b9694a8a8016064530d71502fb10919f5b327db6d138282ad68bccec2a7/diff:/var/lib/docker/overlay2/426a47e95d7a3edc5dbd52a3578e90a6ba29f300396577b31a2cc7c0999b7a60/diff",
"MergedDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/merged",
"UpperDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/diff",
"WorkDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/work"
},
......
[root@localhost ~]# cd /var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/
[root@localhost 52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b]# ls
diff link lower merged work
[root@localhost 52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b]# cd merged/
[root@localhost merged]# ls //此处为容器的根目录
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
# 创建一个容器,此时目录没有文件
[root@localhost ~]# docker run -it --rm --name t1 -v /data busybox
/ # ls data/
# 再另开一个终端,进入容器目录位置创建文件
[root@localhost ~]# docker inspect t1
......
"Mounts": [
{
"Type": "volume",
"Name": "6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7",
"Source": "/var/lib/docker/volumes/6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7/_data",
"Destination": "/data",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
......
[root@localhost ~]# cd /var/lib/docker/volumes/6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7/_data
[root@localhost _data]# touch f1
[root@localhost _data]# ls
f1
如果容器删除了,那么绑定位置的目录也会清空
# 文件已经同步到容器中
/ # ls data/
f1
/ # exit
绑定指定的目录
# 指定挂载目录位置
[root@localhost ~]# docker run -it --rm --name t2 -v /web:/data busybox
/ # ls data/
/ # ls data/
index.html
/ # cat /data/index.html
hello world
# 已同步至宿主机
[root@localhost ~]# echo 'hello world' > /web/index.html
[root@localhost ~]# ls /web/
index.html
# 容器删除后数据依然存在
/ # exit
[root@localhost ~]# docker run -it --rm --name t3 -v /web:/data busybox
/ #
/ # cat /data/index.html
hello world
上传网站
# 下载源码网站并解压上传
[root@localhost ~]# ls
anaconda-ks.cfg html5大气医院网站源码.zip
[root@localhost ~]# unzip html5大气医院网站源码.zip
[root@localhost ~]# mv html5大气医院网站源码/* /web/
# 默认是读写权限(rw),修改权限为只读(ro)后容器内就无法修改
[root@localhost ~]# docker run -d --rm --name t4 -v /web:/usr/local/apache2/htdocs:ro -p 80:80 httpd
f49de83ff7dd60764922a403077edb68ce4bc21c5e0d895a5fd44f9149ce8c84
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::]:80 [::]:*
[root@localhost ~]# docker exec -it t4 /bin/sh
# cd htdocs
# ls
chuzhen.html index.html js keshiys.html news.html rongyu.html ys.html
css jianjie.html keshi.html kexue.html newslist.html test zhuanjia.html
images jiuzhen.html keshimx.html kexuelist.html pic uploadfiles
# mkdir abc
mkdir: cannot create directory 'abc': Read-only file system
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-u0ORH56C-1651652599008)(E:\App\Typora\Typora\picture\image-20220504145615411.png)]](https://i-blog.csdnimg.cn/blog_migrate/0d5992f43f3783b2c34d2cc3fc982922.png)
2.1 数据卷容器
如果需要共享持续更新的数据,可以用一个容器专门供其他容器挂载使用
# 创建容器并指定挂载位置
[root@localhost ~]# docker run -itd --name dbdata -v /dbdata busybox
b728c3716939f54e9b93b4285b31d58814d4b581bcff32f934aeb6671ac03851
[root@localhost ~]# docker run -d --name db1 --volumes-from dbdata busybox
53f23583971c7487db44b83257b390016ed217bed45f1a5dc7a78503d2ca9bf6
[root@localhost ~]# docker run -d --name db2 --volumes-from dbdata busybox
5f2243a5848bea1fcb600d9c3271ec55c07f9d51b7e049d05812115ae927a2f5
[root@localhost ~]# docker exec -it dbdata /bin/sh
/ # touch /dbdata/test
[root@localhost ~]# docker exec -it db1 /bin/sh
/ # ls dbdata/
test
[root@localhost ~]# docker exec -it db2 /bin/sh
/ # ls dbdata/
test
扫一扫
275
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
