- 一、了解虚拟机和容器的区别
- 二、Docker概述
- 三、安装Docker
- 1.安装依赖包
- 2.设置阿里镜像源
- 3.安装Docker-CE
- 四、docker常规操作
- 1.镜像加速(提高镜像下载速度)
- 2.优化网络
- 3.镜像操作
- 4.容器操作
- 5.容器的批量处理
- 6.docker0网卡分析
- 五、创建Docker镜像
- 1.Docker镜像
- 2.Docker镜像的创建方法
- 3.基于已有镜像创建镜像
- 4.基于本地模板创建
- 5.基于Dockerfile创建镜像
一、了解虚拟机和容器的区别
虚拟机的构成:
- 虚拟硬件(CPU、内存、磁盘、网络)
- 镜像(安装系统)
容器的构成:
3. 进程,可以通过杀死和开启进程来控制容器
4. 容器可以理解成一种环境,可以运行一种服务,也可以运行一种系统
虚拟技术两大生态圈:
- OpenStack ----虚拟机
- Kubernetes ----容器
虚拟机和容器的区别:
虚拟机 | 容器 | |
资源占用 | 资源占用多 | 资源占用少 |
启动时间 | 30~60秒 | 毫秒级别 |
安全性 | 系统隔离,安全性高 | 内核共享,安全性低 |
弹性扩展 | 执行时间长(虚拟机创建后还需要再安装系统) | 执行时间短(容器直接再开一个进程) |
二、Docker概述
Docker核心概念
- 镜像
◆ 一个面向Docker容器引擎的只读模板 - 容器
◆ 从镜像创建的运行实例 - 仓库
◆集中保存镜像的地方
Docker是什么?
- 是一种轻量级的“虚拟机”
- 在Linux容器里运行应用的开源工具
Docker的使用场景:
- 打包应用程序简化部署
- 可脱离底层硬件任意迁移
● 例:服务器从腾讯云迁移到阿里云
CentOS安装Docker的两种方式:
- 使用CURL获得Docker的安装脚本进行安装
- 使用YUM仓库来安装Docker
三、安装Docker
1.安装依赖包
[root@localhost ~]# yum -y install yum-utils device-mapper-persistent-data lvm2
#yum-utils 提供了yum-config-manager程序命令(后面用来添加docker的镜像源)
#device mapper 存储驱动程序需要device-mapper-persistent-data 和 lvm2 逻辑卷,它为实现用于存储资源管理的快设备驱动提供了一个高度模块化的内核架构2.设置阿里镜像源
[root@localhost ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls ##多出了docker-ce的yum库
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo *docker-ce.repo*3.安装Docker-CE
[root@localhost ~]# yum install -y docker-ce ##安装docker-ce
[root@localhost ~]# systemctl start docker
[root@localhost ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2020-11-09 22:40:26 CST; 9s ago
Docs: https://docs.docker.com
Main PID: 2073 (dockerd)
Memory: 41.9M四、docker常规操作
1.镜像加速(提高镜像下载速度)
阿里云提供免费的镜像加速服务,在阿里云官网注册阿里账号后可以领取加速地址
2.优化网络
[root@localhost docker]# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1 ##开启路由转发功能
[root@localhost docker]# sysctl -p
net.ipv4.ip_forward = 1
[root@localhost docker]# systemctl restart network
[root@localhost docker]# systemctl restart docker
[root@localhost docker]# docker version ##查看版本信息
Client: Docker Engine - Community
Version: 19.03.13
API version: 1.40
Go version: go1.13.15
Git commit: 4484c46d9d
Built: Wed Sep 16 17:03:45 2020
OS/Arch: linux/amd64
Experimental: false
……省略部分3.镜像操作
[root@localhost ~]# docker search nginx ##查找上架的镜像,查找出的镜像会根据星级热度(STARS)进行排名,下载次数越多,热度越高
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 13981 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1906 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 791 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS… 128
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 109
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 103 [OK]
bitnami/nginx Bitnami nginx Docker Image 90 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 80 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 66 [OK]
[root@localhost ~]# docker pull nginx ##下载nginx镜像,结合pull选项。
Using default tag: latest
……省略部分
1966ea362d23: Pull complete
Digest: sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost ~]# cd /var/lib/docker/image/overlay2/ 镜像信息存在/var/lib/docker/image/overlay2/repositories.json 文件中
[root@localhost overlay2]# ls
distribution imagedb layerdb repositories.json
[root@localhost overlay2]# cat repositories.json
{"Repositories":{"nginx":{"nginx:latest":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1","nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1"}}
[root@localhost ~]# docker images ##镜像列表中有nginx镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
[root@localhost overlay2]# docker inspect c39a868aad02 ##docker inspect 镜像ID,可以查看镜像的详细信息
[
{
"Id": "sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
"nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b"
],
"Parent": "",
"Comment": "",
"Created": "2020-11-05T18:21:10.923474978Z",
"Container": "16434ccbe2eab08b0e7e63149c390b8a346c8cf92899ba6063c1b2653628f3c1",
"ContainerConfig": {
"Hostname": "16434ccbe2ea",添加镜像标签(相当于添加别名,镜像ID不变)
[root@localhost ~]# docker images ##查看镜像列表
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
[root@localhost ~]# docker tag nginx:latest nginx:new ##修改nginx镜像标签latest为new
[root@localhost ~]# docker images ##再次查看镜像列表,多出了一个镜像名
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
nginx new c39a868aad02 4 days ago 133MB镜像删除(两种方式:1.基于"镜像名:标签"删除,2.基于镜像ID删除)
格式:docker rmi 镜像ID或者镜像名
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
nginx new c39a868aad02 4 days ago 133MB
[root@localhost ~]# docker rmi c39a868aad02 #0#'当该镜像ID存在多个镜像名时,是无法使用镜像ID删除镜像的,会报如下错误'
Error response from daemon: conflict: unable to delete c39a868aad02 (must be forced) - image is referenced in multiple repositories
[root@localhost ~]# docker rmi nginx:latest #0# 结合rmi,删除标签为latest的镜像
Untagged: nginx:latest
[root@localhost ~]# docker images #0#查看镜像列表,删除成功
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
nginx new c39a868aad02 4 days ago 133MB
[root@localhost ~]# docker rmi c39a868aad02 ## 当该镜像只有一个映射关系时(即只有一个镜像名),两种方法都可以删除镜像
Untagged: nginx:new
Untagged: nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b
Deleted: sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1
Deleted: sha256:1af47386c12cb24b362bd785e71058ab675fbdcbda8e7a7ba0dd10c3cff75a2a
Deleted: sha256:25ee02f9e42f8cdca7ca8bc522cb69ac4a86a55401818a13c7a01e52a81894fe
Deleted: sha256:b1d2bc3292aa3d64794f99d2885d35b454993b4af24ad350a969d27925db7ebb
Deleted: sha256:4216e20d59f9fc90bccdd14493452532806d4803a25514366de2a9c5560624d0
Deleted: sha256:d0fe97fa8b8cefdffcef1d62b65aba51a6c87b6679628a2b50fc6a7a579f764c
[root@localhost ~]# docker images #0#再次查看镜像列表,删除成功
REPOSITORY TAG IMAGE ID CREATED SIZE保存镜像到文件中
[root@localhost ~]# docker pull nginx #0#重新下载nginx镜像
[root@localhost ~]# docker images #0#查看镜像列表
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
[root@localhost ~]#docker save -o /opt/nginx.img nginx:latest ##save表示保存,-o指输出到文件中,将nginx:latest镜像保存到/opt/nginx.img文件中
[root@localhost ~]# ls -lh /opt/ #0#看到新生成的镜像文件
total 131M
drwx--x--x 4 root root 28 Nov 9 22:40 containerd
-rw------- 1 root root 131M Nov 10 03:05 nginx.img #0#文件被进行了微压缩
drwxrwxr-x 6 root root 334 Oct 27 14:49 redis-5.0.10
drwxr-xr-x. 2 root root 6 Mar 26 2015 rh将导出的镜像文件中的镜像导入到镜像列表(有两种方式导入)
[root@localhost ~]# docker images #0#查看镜像列表
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
[root@localhost ~]# docker rmi nginx:latest #0#删除镜像
[root@localhost ~]# docker images #0#列表为空
REPOSITORY TAG IMAGE ID CREATED SIZE
//方式一:load <
[root@localhost ~]# docker load </opt/nginx.img #0#导入到镜像列表
d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB
2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB
2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB
aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB
7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB
Loaded image: nginx:latest
[root@localhost ~]# docker images #0#查看列表,镜像成功导入回来
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
[root@localhost ~]# docker rmi nginx:latest #0#再次删除镜像
//方法二:load -i
[root@localhost ~]# docker load -i /opt/nginx.img
d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB
2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB
2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB
aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB
7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB
Loaded image: nginx:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB4.容器操作
创建容器
格式:docker create -it 镜像 /bin/bash
[root@localhost ~]# docker ps -a #0#查看所有容器,现在为空
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker create -it nginx:latest /bin/bash #0#创建容器,后面加上/bin/bash提供bash环境,方便下次进入容器中进行操作
fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295
[root@localhost ~]# docker ps -a #0#再次查看,有一个新的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 seconds ago Created friendly_zhukovsky
[root@localhost ~]# docker ps -a #0#此时状态是被创建状态,还未启动
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 6 minutes ago Created friendly_zhukovsky启动容器
格式:docker start 容器ID
[root@localhost ~]# docker start fc33df602e20 #0#“docker start 容器ID”命令来启动容器,开启后位“UP”状态
fc33df602e20
[root@localhost ~]# docker ps -a #0#容器启动成功,为Up状态,并且开通了80容器端口
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 13 minutes ago Up About a minute 80/tcp friendly_zhukovsky关闭容器
格式:docker stop 容器ID
处于up状态的容器会一直占用资源,可以利用stop关闭容器,需要时在开启
[root@localhost ~]# docker stop fc33df602e20 #0#结合stop命令关闭容器
fc33df602e20
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED
fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Exited (0) 2 seconds ago friendly_zhukovsky删除容器
格式:docker rm 容器ID
注意:
- 当镜像存在于容器中时,是无法被删除的(无论容器处于任何状态),只有先删除容器,才能删除对应的镜像
- 运行中的容器无法被删除,必须先停止
[root@localhost ~]# docker images #0#查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
centos 7 7e6257c9f8d8 3 months ago 203MB
[root@localhost ~]# docker ps -a #0#查看容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a66dfe602b99 centos:7 "/bin/bash" 19 minutes ago Up 17 minutes clever_mestorf
fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up About an hour 80/tcp friendly_zhukovsky
[root@localhost ~]# docker rmi centos:7 ##镜像存在于容器中时删除会报错
Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8
[root@localhost ~]# docker stop a66dfe602b99 ##停止容器
a66dfe602b99
[root@localhost ~]# docker rmi centos:7 ##再次删除还是会报同样的错误
Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8
[root@localhost ~]# docker rm a66dfe602b99 #0#先删除容器
a66dfe602b99
[root@localhost ~]# docker rmi centos:7 ##之后删除镜像,就能成功删除了
Untagged: centos:7
Untagged: centos@sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b
Deleted: sha256:7e6257c9f8d8d4cdff5e155f196d67150b871bbe8c02761026f803a704acb3e9
Deleted: sha256:613be09ab3c0860a5216936f412f09927947012f86bfa89b263dfa087a725f81
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up 1 second 80/tcp friendly_zhukovsky
[root@localhost ~]# docker rm fc33df602e20 #0#删除运行中的容器会报错
Error response from daemon: You cannot remove a running container fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295. Stop the container before attempting removal or force removedocker run执行指令后直接关闭容器(-c:指定指令)
- docker run结合-c指令,会自动检查镜像,没有就创建,有就继续创建容器,并执行-c指定的指令,执行完毕后关闭容器(相当于完成了镜像下载,容器创建,开启容器并执行指令,关闭容器这几个步骤的集合)
- 执行完指令就释放资源
- 适用于并发式的计算,数据分析,数据筛查,数据过滤
[root@localhost ~]# docker run centos:7 /bin/bash -c ls / ##docker run自动识别镜像和容器(无则创建)并执行指令
Unable to find image 'centos:7' locally ##先检查是否有镜像,没有
7: Pulling from library/centos ##下载镜像
75f829a71a1c: Pull complete
Digest: sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b
Status: Downloaded newer image for centos:7
anaconda-post.log
bin ##执行 ls / 查看根目录的指令
dev
etc
……省略部分
[root@localhost ~]# docker ps -a ##查看容器信息,处于Exited状态,且返回值为0,执行完指令直接释放资源
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b7f81177db4f centos:7 "/bin/bash -c ls /" 3 minutes ago Exited (0) 3 minutes ago nice_lederbergdocker run后 -c 指定一个while死循环指令,可以实现后台一直运行
[root@promote ~]# docker run centos:7 /bin/bash -c "while :;do echo hello && sleep 2;done" #0#docker run -c 指定死循环
[root@promote ~]# docker ps -a ##查看容器状态,一直处于up状态,COMMAND指令死循环。
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
86c37e78a339 centos:7 "/bin/bash -c 'while…" 57 seconds ago Up 56 seconds charming_tu
docker stop 86c37e78a339 ##关闭容器,结束死循环
[root@localhost ~]# docker exec 12ab522157ec /bin/bash ##关闭的容器是无法进入的
Error response from daemon: Container 12ab522157ecb285d05284a4d54e8dd9e5896bab2fb1af9e730313fee35215d8 is not running导出容器到文件(结合export选项)
格式:docker export 容器ID >文件
- 注意:处于Up状态下的容器也是可以执行导出操作的
[root@localhost ~]# docker ps -a ##容器处于Up状态
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 1 second 80/tcp friendly_zhukovsky
docker export fc33df602e20 >/opt/nginx-c.img ##将容器导出到/opt/nginx-c.img文件中
[root@localhost ~]# ll -h /opt/nginx-c.img
-rw-r--r-- 1 root root 130M Nov 10 06:33 /opt/nginx-c.img导入容器(容器的导入只会生成镜像,而不会创建容器)
[root@localhost ~]# cat /opt/nginx-c.img |docker import - nginx:web
sha256:79222cd5cf4e7312fb660f9a5788e75e39fa83b2c71565b168f325d6db96b2d3
[root@localhost ~]# docker images ##生成了新的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx web 79222cd5cf4e 3 minutes ago 131MB
nginx latest c39a868aad02 4 days ago 133MB
centos 7 7e6257c9f8d8 3 months ago 203MB
[root@localhost ~]# docker ps -a ##并没有生成新的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 10 minutes 80/tcp friendly_zhukovsky5.容器的批量处理
批量删除容器
##首先多创建几个容器
[root@localhost ~]# docker create -it nginx:web /bin/bash
5394d441b796e35a5e6bacfe8a8cb0abb24e75170e2b6a7be2749a4bae4cabf5
[root@localhost ~]# docker create -it centos:7 /bin/bash
4d00a6509e24469f8206eed4cd8803461c1ef31353b543a6dd3ff5df6f8d6520
[root@localhost ~]# docker ps -a #0#有三个容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4d00a6509e24 centos:7 "/bin/bash" About a minute ago Created gracious_rosalind
5394d441b796 nginx:web "/bin/bash" About a minute ago Created happy_hawking
fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Exited(0) 14 minutes 80/tcp friendly_zhukovsky
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker rm " $1}' |bash ##批量删除容器
4d00a6509e24
5394d441b796
fc33df602e20
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES批量创建容器
[root@localhost ~]# docker images |awk 'NR!=1 {print "docker create -it " $3 " /bin/bash"}' |bash ##过滤出镜像ID并执行创建,实现批量创建
8c9a15a9d97ff593ae370468f04dd2e11f666df27ea130d6c5eabdb5c312eb7e
3ba2e19b89a07fa6f22cc63ab3fa0f3c8d60e54b9fbf4318e6a0c442c0ce4fac
c34d3e800e29eeab0d304cde07d2b2dd0903a4c9a8028afe08b819793fad2c96
[root@localhost ~]# docker ps -a ##批量创建成功
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c34d3e800e29 7e6257c9f8d8 "/bin/bash" About a minute ago Created kind_jepsen
3ba2e19b89a0 c39a868aad02 "/docker-entrypoint.…" About a minute ago Created flamboyant_herschel
8c9a15a9d97f 79222cd5cf4e "/bin/bash" About a minute ago Created laughing_bardeen批量开启容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker start " $1}' |bash ##批量开启
32c5a88d27af
3eb37149b0d7
4978744c8ca9
[root@localhost ~]# docker ps -a ##up状态,开启成功
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32c5a88d27af 7e6257c9f8d8 "/bin/bash" 21 seconds ago Up 2 seconds sleepy_robinson
3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 21 seconds ago Up 1 second 80/tcp focused_pasteur
4978744c8ca9 79222cd5cf4e "/bin/bash" 21 seconds ago Up 1 second zealous_hofstadter批量停止容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker stop " $1}' |bash
32c5a88d27af
3eb37149b0d7
4978744c8ca9
[root@localhost ~]# docker ps -a ##停止状态
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32c5a88d27af 7e6257c9f8d8 "/bin/bash" 2 minutes ago Exited (137) 2 seconds ago sleepy_robinson
3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 2 minutes ago Exited (0) 2 seconds ago focused_pasteur
4978744c8ca9 79222cd5cf4e "/bin/bash" 2 minutes ago Exited (0) 2 seconds ago zealous_hofstadter6.docker0网卡分析
- 当安装了 decker-ce后,会自动生成一块docker0的网卡,用于管理docker容器,成为类似于所有容器的网关,构建出一个局域网管理所有容器。
- 也正因为这张网卡的出现,我们才需要开启服务器的路由转发及NAT功能。
[root@localhost ~]# ifconfig #0#查看网卡信息
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:c7ff:fe94:64b3 prefixlen 64 scopeid 0x20<link>
ether 02:42:c7:94:64:b3 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1970 (1.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
省略部分
[root@localhost ~]# docker pull centos:7 ##下载CentOS7的镜像
[root@localhost ~]# docker images ##有CentOS7的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c39a868aad02 4 days ago 133MB
centos 7 7e6257c9f8d8 3 months ago 203MB
[root@localhost ~]# docker create -it centos:7 /bin/bash ##生成镜像为CentOS7的容器
a66dfe602b9951b918759af6167fbcf941c947ac80f3c71438a546352a3c165d
[root@localhost ~]# docker ps -a #0#查看centos7容器的ID
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a66dfe602b99 centos:7 "/bin/bash" 43 seconds ago Created clever_mestorf
fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky
[root@localhost ~]# docker start a66dfe602b99 #0#开启容器
a66dfe602b99
[root@localhost ~]# docker ps -a #0#up状态,成功开启
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a66dfe602b99 centos:7 "/bin/bash" 3 minutes ago Up 41 seconds clever_mestorf
fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky
[root@localhost ~]# docker exec -it a66dfe602b99 /bin/bash ##进入容器
[root@a66dfe602b99 /]#
[root@a66dfe602b99 /]# yum -y install net-tools #0#下载的是最下内核镜像,因此想要使用ifconfig,需要安装net工具
[root@a66dfe602b99 /]# ifconfig #0#查看容器ip,伪终端的本地ip为172.17.0.3
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 4182 bytes 11991770 (11.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3565 bytes 197037 (192.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@a66dfe602b99 /]# route -n #0#网关是docker0网卡地址
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
[root@a66dfe602b99 /]# exit
exit五、创建Docker镜像
1.Docker镜像
- 应用发布的标准格式
- 支撑一个Docker容器的运行
2.Docker镜像的创建方法
- 基于已有镜像创建
- 基于本地模板创建
- 基于Dockerfile创建 (最为常用)
3.基于已有镜像创建镜像
基于已有镜像创建
- 将容器里面运行的程序及运行环境打包生成新的镜像
格式:docker comnit [选项] 容器ID/名称仓库名称:[标签]
-m:说明信息
-a:作者信息
-p:生成过程中停止容器的运行
[root@localhost ~]# docker ps -a ##有一个正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5772e1528cac centos:7 "/bin/bash" 29 minutes ago Up 29 minutes suspicious_pare
[root@localhost ~]# docker exec -ti 5772e1528cac /bin/bash
[root@5772e1528cac /]# echo "hello" >/opt/test.txt #0#创建一个文件,相当于对容器内镜像进行了修改
[root@5772e1528cac /]# cat /opt/test.txt
hello
[root@5772e1528cac /]# exit ##退出容器
exit
[root@localhost ~]# docker commit -m "new" -a "ltp" 5772e1528cac centos:new #0#创建修改后的新镜像
sha256:e36096f9a92239753857cfb4c33c6d1347a389632a3f7a22cc9a420499632bcd
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos new e36096f9a922 8 seconds ago 203MB
nginx web 79222cd5cf4e About an hour ago 131MB4.基于本地模板创建
基于本地模板创建
- 通过导入操作系统模板文件生成新的镜像
- 使用wget命令导入为本地镜像
wget http://download.openvz.org/template/precreated-7.0-x86-minimal.tar.gz - 导入成功后可查看本地镜像信息
docker images lgrep new
[root@localhost ~]# wget http://download.openvz.org/template/precreated/debian-7.0-x86-minimal.tar.gz ##下载镜像模板
……省略部分
100%[============================================================================>] 88,436,521 2.43MB/s in 37s
[root@localhost ~]# ls
debian-7.0-x86-minimal.tar.gz
[root@localhost ~]# cat debian-7.0-x86-minimal.tar.gz |docker import - debian:new ##容器导入的方式生成新镜像
sha256:0e3a830144d7305d263d846fe1c596a8f4c2ea1d5ea0de0d2c6967af23c096e6
[root@localhost ~]# docker images ##有新镜像产生
REPOSITORY TAG IMAGE ID CREATED SIZE
debian new 0e3a830144d7 9 seconds ago 215MB5.基于Dockerfile创建镜像
基于Dockerfile创建
- Dockerfile是由一组指令组成的文件Dockerfile结构四部分
● 基础镜像信息
● 维护者信息
● 镜像操作指令
● 容器启动时执行指令 - Dockerfile每行支持一条指令,每条指令可携带多个参数,支持使用以“#"号开头的注释
- 镜像的分成
- Dockerfile操作指令
指令 | 含义 |
FROM 镜像 | 指定新镜像所基于的镜像,第一条指令必须为FROM指令,每创建一个镜像就需要一条FROM指令。 |
MAINTAINER 名字 | 说明新镜像的维护人信息 |
RUN 命令 | 在所基于的镜像上执行命令,并提交到新的镜像中 |
CMD [“要运行的程序”,“参数1”,“参数2”] | 指令启动容器时要运行的命令或者脚本,Dockerfile只能有一条CMD命令,如果指定多条则只能最后一条被执行(注意,就算指定多条也不会有报错信息,但是无效) |
EXPOSE 端口号 | 指定新镜像加载到Docker时要开启的端口(容器对外开放的端口) |
ENV 环境变量 变量值 | 设置一个环境变量的值,会被后面的RUN使用 |
ADD 源文件/目录 目标文件/目录 | 将源文件复制到目标文件,源文件要与Dockerfile位于相同目录中,或者是一个URL(容器外的文件拷贝到容器内) |
COPY 源文件/目录 目标文件/目录 | 将本地主机上的文件/目录复制到目标地点,源文件/目录要与Dockerfile在相同的目录中(容器内部的拷贝) |
VOLUME [“目录”] | 在容器中创建一个挂载点,将容器中的目录挂载到真机的目录上(宿主机共享出一个目录供容器使用) |
USER 用户名/UID | 指定运行容器时的用户 |
WORKDIR 路径 | 为后续的RUN、CMD、ENTRYPOINT指定工作目录(相当于容器内的cd,切换路径) |
ONBUILD 命令 | 指定所生成的镜像作为一个基础镜像时所要运行的命令 |
HEALTHCHECK | 健康检查 |
[root@localhost ~]# mkdir apache ##创建一个存放目录
[root@localhost ~]# cd apache/
[root@localhost apache]# vim Dockerfile #0#创建Dockerfile文件,注意,一定要是这个文件名,不能改
FROM centos:7 #基于的基础镜像
MAINTAINER The porject <cloud-ops@centos.org> #0#维护镜像的用户信息(自定义,可以不写)
RUN yum -y update #0#更新yum仓库
RUN yum -y install httpd #0#镜像操作指令安装apache软件
EXPOSE 80 #开启80端口
ADD index.html /var/www/html/index.html #0#复制网站首页文件到容器/var/www/html/index.html
ADD run.sh /run.sh #0#将执行脚本复制到镜像中
RUN chmod 755 /run.sh ##授予脚本执行权限
CMD ["/run.sh"] #0#启动容器时执行脚本
[root@localhost apache]# vim run.sh
#!/bin/bash
rm -rf /run/httpd/* #0#删除容器中原路httpd的缓存文件
exec /usr/sbin/apachectl -D FOREGROUND ##-D FOREGROUND 前台运行
[root@localhost apache]# echo "Hello Docker" > index.html #0#生成首页文件
[root@localhost apache]# docker build -t httpd:centos . #0#构建镜像,注意末尾有“.”
##Dockerfile构建镜像的方式是每执行一个操作就创建一个临时容器,操作完成后移除临时容器
Sending build context to Docker daemon 4.096kB
Step 1/9 : FROM centos:7
---> 7e6257c9f8d8
Step 2/9 : MAINTAINER The porject <cloud-ops@centos.org> ##描述信息
---> Running in 42839a68eb21 ##'创建临时容器'
Removing intermediate container 42839a68eb21 #0#完成后删除临时容器
---> 1e0299f24408
Step 3/9 : RUN yum -y update #1#执行更新yum仓库
---> Running in b5f6ede89a2c #1#再次创建临时容器,然后再移除
……省略部分
Removing intermediate container 1a7c4de7d2c8
---> 7a0a23b6969c
Step 5/9 : EXPOSE 80
---> Running in ee11b40f4b00
Removing intermediate container ee11b40f4b00
---> 6089b87f70bb
Step 6/9 : ADD index.html /var/www/html/index.html
---> 984532d2525b
Step 7/9 : ADD run.sh /run.sh
---> 9fdecb3739c2
Step 8/9 : RUN chmod 755 /run.sh
---> Running in 65024462dcfc
Removing intermediate container 65024462dcfc
---> b2c495c4490a
Step 9/9 : CMD ["/run.sh"]
---> Running in ce777dd9f0e8
Removing intermediate container ce777dd9f0e8
---> 07feb32493c4
Successfully built 07feb32493c4
Successfully tagged httpd:centos
[root@localhost apache]# docker run -d -p 1216:80 httpd:centos #0#后台运行镜像,并且做端口映射
5b128cf5a4f1ae0ae1ded2d86249ae218a71e601d64ea0f106dac0584981c420
[root@localhost apache]# docker ps -a ##新生成的两个容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5b128cf5a4f1 httpd:centos "/run.sh" 3 minutes ago Up 3 minutes 0.0.0.0:1216->80/tcp frosty_visvesvaraya
5772e1528cac centos:7 "/bin/bash" 2 hours ago Up 2 hours suspicious_pare访问测试(192.168.10.10:1216)
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
