目录
1、实验环境... 1
1.2、配置网络... 1
2、安装docker软件... 1
3、Docker镜像操作... 3
4、docker容器操作... 10
5、制作镜像... 15
6、数据卷管理... 24
7、网络通信... 32
8、构建nginx镜像... 34
1、实验环境
1.1、一台CentOS7.4虚机
root@SIMS_INIT[/root]#cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
root@SIMS_INIT[/root]#uname -a
Linux SIMS_INIT 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
root@SIMS_INIT[/root]#1.2、配置网络
请确保可以上外网。
root@SIMS_INIT[/root]#ping www.baidu.com
PING www.a.shifen.com (112.80.248.75) 56(84) bytes of data.
64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=1 ttl=57 time=1.91 ms
64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=2 ttl=57 time=2.70 ms
64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=3 ttl=57 time=2.69 ms
^C
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 1.915/2.436/2.700/0.373 ms
root@SIMS_INIT[/root]#1.3、虚机ip配置
2、安装docker软件
2.1、配置yum源
mount /soft/iso/CentOS-7-x86_64-Everything-1804.iso /mnt
vi /etc/yum.repos.d/CentOS-Local.repo
新增如下内容:
[Local]
name=Local Yum
baseurl=file:///mnt/
gpgcheck=1
gpgkey=file:///mnt/RPM-GPG-KEY-CentOS-7
enable=1
[docker-repo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enable=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg该文件CentOS-Local.repo没有的话新增即可。
2.2、更新yum源
yum clean all
yum update
yum update会执行较长时间,需要在网络上下载。
2.3、安装docker软件
root@SIMS_INIT[/etc/yum.repos.d]#yum install -y docker-engine
2.4、检查docker安装
root@SIMS_INIT[/etc/yum.repos.d]#rpm -qa |grep docker
docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch
docker-engine-17.05.0.ce-1.el7.centos.x86_64
2.5、启动以及开机自启动
root@SIMS_INIT[/etc/yum.repos.d]#systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
root@SIMS_INIT[/etc/yum.repos.d]# systemctl start docker
root@SIMS_INIT[/etc/yum.repos.d]#
2.6、查看docker版本
root@SIMS_INIT[/etc/yum.repos.d]#docker version
Client:
Version: 17.05.0-ce
API version: 1.29
Go version: go1.7.5
Git commit: 89658be
Built: Thu May 4 22:06:25 2017
OS/Arch: linux/amd64
Server:
Version: 17.05.0-ce
API version: 1.29 (minimum version 1.12)
Go version: go1.7.5
Git commit: 89658be
Built: Thu May 4 22:06:25 2017
OS/Arch: linux/amd64
Experimental: false3、Docker镜像操作
Docker镜像是创建容器的基础,类似虚拟机的快照,可以理解为是一个面向Docker容器引擎的只读模板,比如:一个镜像可以是一个完整CentOS操作系统环境,称为一个CentOS镜像;可以是一个安装了MySQL的应用程序,称之为一个MySQL镜像等等
Docker提供了简单的机制来创建和更新现有的镜像,用户也可以从网卡下载已经做好的应用镜像来直接使用
3.1、搜索镜像
命令语法:docker search 关键字 //用来搜索远端官方仓库中的共享镜像
root@SIMS_INIT[/root]#docker search lamp
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
linode/lamp LAMP on Ubuntu 14.04.1 LTS Container 169
tutum/lamp Out-of-the-box LAMP image (PHP+MySQL) 115
greyltc/lamp a super secure, up-to-date and lightweight... 95 [OK]
mattrayner/lamp A simple LAMP docker image running the pre... 91 [OK]
fauria/lamp Modern, developer friendly LAMP stack. Inc... 55 [OK]
janes/alpine-lamp lamp base on alpine linux 39 [OK]
nickistre/ubuntu-lamp LAMP server on Ubuntu 28 [OK]
nickistre/centos-lamp LAMP on centos setup 27 [OK]
dgraziotin/lamp 11 [OK]
lioshi/lamp Docker image for LAMP + MySql under debian 10 [OK]
nickistre/ubuntu-lamp-wordpress LAMP on Ubuntu with wp-cli installed 9 [OK]
nickistre/ubuntu-lamp-xdebug LAMP on Ubuntu with xdebug installed 5 [OK]
theodotos/ubuntu-lamp A LAMP (Linux/Apache/MariaDB/PHP) image ba... 4
sminnee/silverstripe-lamp Docker image for SilverStripe LAMP stack t... 4
gizra/drupal-lamp A base LAMP docker file for drupal projects. 3 [OK]
nickistre/centos-lamp-wordpress LAMP on CentOS setups with wp-cli installed 3 [OK]
shelleyma/lampp2 lampp from github 2 [OK]
ready2order/lamp LAMP 1
lead4good/lamp-php LAMP Stack PHP 1 [OK]
aariacarterweir/lamp-gitftp LAMP Stack with node and git-ftp:latest. 1
lead4good/lamp-mysql LAMP-Stack MySQL 0 [OK]
thinkiq/lamp ThinkIQ Lamp image 0 [OK]
gregnuj/cyclops-lamp Cyclops LAMP server 0 [OK]
lampson0505/ubuntu-phy An Ubuntu image with teamd for network int... 0
davefx/trusty-lamp-selenium-headless Ubuntu 14.04 system with configured LAMP s... 0 [OK]
NAME:镜像名称
DESCRIPTION:描述
STARS:星级
OFFICIAL:是否官方创建
AUTOMATED:是否主动创建
root@SIMS_INIT[/root]#docker search lamp -f stars=10
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
linode/lamp LAMP on Ubuntu 14.04.1 LTS Container 169
tutum/lamp Out-of-the-box LAMP image (PHP+MySQL) 115
greyltc/lamp a super secure, up-to-date and lightweight... 95 [OK]
mattrayner/lamp A simple LAMP docker image running the pre... 91 [OK]
fauria/lamp Modern, developer friendly LAMP stack. Inc... 55 [OK]
janes/alpine-lamp lamp base on alpine linux 39 [OK]
nickistre/ubuntu-lamp LAMP server on Ubuntu 28 [OK]
nickistre/centos-lamp LAMP on centos setup 27 [OK]
dgraziotin/lamp 11 [OK]
lioshi/lamp Docker image for LAMP + MySql under debian 10 [OK]
3.2、获取镜像
命令语法:docker pull 镜像名称
root@SIMS_INIT[/root]#docker pull nickistre/centos-lamp
(等待时间有点漫长,不是网速的问题,是国外网站资源少,下载的都是最新的版本)
3.3、查看镜像
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#
REPOSITORY:镜像属于的仓库(名称)
TAG:镜像的标签信息,标记同一个仓库中的不同镜像,默认为latest
IMAGE ID:镜像的唯一ID号,唯一标识了该镜像
CREATED:镜像创建时间
SIZE:镜像大小
//还可以根据镜像的唯一标识ID号,获取镜像详细信息
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#docker inspect 0b8d572d1c7d
[
{
"Id": "sha256:0b8d572d1c7d20f8b2e86bb92517dd3a9e8f935194c7f48af5dc84984e7c5f44",
"RepoTags": [
"nickistre/centos-lamp:latest"
],
"RepoDigests": [
"nickistre/centos-lamp@sha256:6012dff0d5f805342d65e8eb3cae4e83e75bce16980915b165ef55d64866e91d"
],
"Parent": "",
"Comment": "",
"Created": "2018-04-13T21:01:31.472818372Z",
"Container": "25f7679db9909e1a5f63456ad2297c5eaaa8ca4c4f02991e678fc38af39e8762",
"ContainerConfig": {
"Hostname": "25f7679db990",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"22/tcp": {},
"443/tcp": {},
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"supervisord\" \"-n\"]"
],
"ArgsEscaped": true,
"Image": "sha256:23865469389846bddf3e091a0484f8e28cad879295c6f8e3a839b05137c079fc",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": [],
"Labels": {}
},
"DockerVersion": "17.06.1-ce",
"Author": "Nicholas Istre <nicholas.istre@e-hps.com>",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"22/tcp": {},
"443/tcp": {},
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"supervisord",
"-n"
],
"ArgsEscaped": true,
"Image": "sha256:23865469389846bddf3e091a0484f8e28cad879295c6f8e3a839b05137c079fc",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": [],
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 546979929,
"VirtualSize": 546979929,
"GraphDriver": {
"Data": {
"RootDir": "/var/lib/docker/overlay/da29d2ee959d1ad2ac420a22701f2dba057115b86b1a27d7445766995de5a1c3/root"
},
"Name": "overlay"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:da6517724f67fd4133a5bf508f7c79e20d8e2741c5b3264790d49db5e97c0e2e",
"sha256:244de8069fbc70a188607a8dddab80ad8866a4e0bcb0b24f12aef0130ba307f2",
"sha256:988e3cb5a27b1efc0c85c3d9b34b25322de3ce13267d647a869f9150cd3c3f7f",
"sha256:38556f5b76216ba7518d1da1f2ea0c7ac147203833976c5a701fb36d71e17ec6",
"sha256:e6eea089f108513a9af6006efe53cff5ef762bc4be503ce8eaa1c6c726cae2ed",
"sha256:07d45adf0b976b610bfbbc6f9cc30a133d18f69262a9446bc280f542bd17d743",
"sha256:a0753067e202b570fa8c70f86ae2e0510f82f2271a0d5c1db5cbb4f9a9210cc3",
"sha256:9b9518d71f0ef4b967d786f7f40943658362af00b5e9f91f43053619b75bf07b",
"sha256:11ed4ddf1f28ad2857c7b3f17eee8c349fd9011042cf563807493bbddb2f3f46",
"sha256:fa3e2c4d1489e48588c4a08443edb471234a481dd52b341b211909d35e5787ca",
"sha256:f874a4141753cd042dbdcfc0acb48c8239de9a1d42b4902defe79ea6042cfc62",
"sha256:fabd844fa786a84bcd481f617becfbc31b85e927b4b24a56acc5283c1ad5ea76",
"sha256:d31fcd4e52cffcbf6c8ff68a19609d4a7ae56e43f7ad41865dd7b1341ca70977",
"sha256:2ccc0c68e26e5ac575aa7f7822638d547b5a3c703c73c004a40b19388f582bda",
"sha256:385f382ed46ca3e95842ce6074deb140cc11784744882adea64e27a24eeddaa8"
]
}
}
]3.4、为镜像添加多个名称和标签
命令语法:docker tag 名称:标签 新名称:新标签
root@SIMS_INIT[/soft/iso]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#docker tag nickistre/centos-lamp:latest centos:lamp
root@SIMS_INIT[/soft/iso]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos lamp 0b8d572d1c7d 12 months ago 547MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#
//名称与标签可以添加多个,ID号是唯一的
3.5、删除镜像
命令格式:docker rmi 名称:标签
//镜像没有使用才能删除成功,且只是删除一个镜像,同一个ID下的其它镜像不会被删除
或者:docker rmi 镜像ID号 (以ID号删除,会删除同一个ID下全部的镜像)
Docker rmi –f ID //永久删除
docker rmi -f $(docker images | grep "<none>" | awk "{print \$3}") //删除所有没有使用的镜像
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos lamp 0b8d572d1c7d 12 months ago 547MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#docker rmi centos:lamp
Untagged: centos:lamp
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#
3.6、存出镜像和载入镜像
存出镜像:将镜像保存成本地文件,这一过程叫作存出镜像,可以使用docker save命令进行操作。之后就可以拷贝该文件到其他机器。
命令格式:docker save –o 存储文件名 存储的镜像
root@SIMS_INIT[/soft/iso]#docker save -o lamp nickistre/centos-lamp
//将本地的nickistre/centos-lamp镜像存出为文件lamp
时间较长,耐心等待。
docker rmi nickistre/centos-lamp
//删除nickistre/centos-lamp镜像
我这里就nickistre/centos-lamp这一个镜像,就不删除了。
载入镜像:将本地存出镜像文件导入到镜像库,这一过程叫作载入镜像。使用docker load或者docker –input进行载入操作
命令格式:docker load < 存出的文件
root@SIMS_INIT[/soft/iso]#ll
total 9654560
-rw-r--r-- 1 root root 9322668032 Sep 6 2018 CentOS-7-x86_64-Everything-1804.iso
-rw------- 1 root root 563599360 Apr 19 17:04 lamp
root@SIMS_INIT[/soft/iso]#docker load < lamp
镜像上传
//本地存储的镜像越来越多,就需要指定一个专门的地方存放这些镜像—仓库
命令格式:docker push 名称:标签
4、docker容器操作
Docker容器是从镜像创建的运行实例,它可以被启动、停止和删除。所创建的每一个容器都是相互隔离、互不可见的,可以保证平台的安全性。还可以把容器看作是一个简易版的Linux环境,Docker利用容器来运行和隔离应用。
容器是Docker的另一个核心概念。简单说,容器是镜像的一个运行实例,是独立运行的一个或一组应用以及它们所必需的运行环境,包括文件系统、系统类库、shell环境等。镜像是只读模板,而容器会给这个只读模板一个额外的可写层。
4.1、容器的创建与启动
4.1.1、创建容器
容器的创建就是将镜像加载到容器的过程
命令格式:docker create [选项] 镜像 运行的程序
常用选项:
-i:让容器的输入保持打开
-t:让Docker分配一个伪终端
docker create -it nickistre/centos-lamp /bin/bash
//创建容器,默认是没有运行的
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@SIMS_INIT[/soft/iso]#docker create -it nickistre/centos-lamp /bin/bash
0b42207f4d4c6e15c053d12b2b02e7688fc0a9dac46fba42ea441739f20f2251
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 7 seconds ago Created xenodochial_booth
4.1.2、查询容器
docker ps –a
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 7 seconds ago Created xenodochial_booth
//查看容器的运行情况,关注ID(唯一的)
CONTAINER ID:容器的ID号(唯一的)
IMAGE:加载的镜像
COMMAND:运行的程序
CREATED:创建时间
STATUS:目前所处的状态
PORTS:端口映射
root@SIMS_INIT[/soft/iso]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@SIMS_INIT[/soft/iso]#
//查看运行中的容器
4.1.3、启动
命令格式:docker start 容器的ID/名称
root@SIMS_INIT[/soft/iso]#docker start 0b42207f4d4c
0b42207f4d4c
root@SIMS_INIT[/soft/iso]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 3 minutes ago Up 3 seconds 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#
4.1.4、创建并启动
命令格式:docker run [选项] 镜像 运行的程序
等同于先执行docker create命令,再执行docker start命令。需要注意只要后面的命令运行结束,容器就会停止。
[root@localhost ~]# docker run centos:lamp /bin/bash -c ls /
//创建容器的并启动执行一条shell命令,命令完成容器就停止
root@SIMS_INIT[/soft/iso]#docker run nickistre/centos-lamp /bin/bash -c ls /
bin
boot
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
sbin
selinux
srv
sys
tmp
usr
var
4.1.5、容器的暂停运行
命令格式:docker pasuse 容器的ID
root@SIMS_INIT[/soft/iso]#docker pause 0b42207f4d4c
0b42207f4d4c
4.1.6、取消容器暂停运行
root@SIMS_INIT[/soft/iso]#docker unpause 0b42207f4d4c
0b42207f4d4c
root@SIMS_INIT[/soft/iso]#docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 11 minutes ago Up 7 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
4.2、容器的运行终止
命令格式:docker stop 容器的ID/名称
root@SIMS_INIT[/soft/iso]#docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 12 minutes ago Up 9 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#docker stop 0b42207f4d4c
0b42207f4d4c
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebd2998beafb nickistre/centos-lamp "/bin/bash -c ls /" 6 minutes ago Exited (0) 6 minutes ago optimistic_bartik
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 13 minutes ago Exited (137) 3 seconds ago xenodochial_booth
root@SIMS_INIT[/soft/iso]#
4.3、容器的进入
命令格式:docker exec –it 容器ID/名称 /bin/bash
root@SIMS_INIT[/soft/iso]#docker exec -it 0b42207f4d4c /bin/bash
[root@0b42207f4d4c /]#
4.4、容器的导出与生成镜像
4.4.1、导出
将已经创建好的容器导出为文件,无论这个容器是处于运行状态还是停止状态均可导出。
命令格式:docker export 容器ID/名称 > 文件名
root@SIMS_INIT[/soft/iso]#docker export 0b42207f4d4c >centos_lamp
4.4.2、将容器文件生成镜像
命令格式:cat 文件名 | docker import – 生成的镜像名称:标签
root@SIMS_INIT[/soft/iso]#cat centos_lamp | docker import - centos1:latest
sha256:618a28de761879192f3afb24a6ce21eebe9954e91b65b684de75af1b784d7b83
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos1 latest 618a28de7618 About a minute ago 472MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#
4.5、容器的删除
命令格式:docker rm 容器ID/名称
Docker rm –f 容器ID/名称 //强制删除运行中的容器,不建议
4.5.1、删除已停止的容器
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebd2998beafb nickistre/centos-lamp "/bin/bash -c ls /" 17 minutes ago Exited (0) 17 minutes ago optimistic_bartik
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 25 minutes ago Up 10 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#docker rm ebd2998beafb
ebd2998beafb
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 25 minutes ago Up 10 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#
4.5.2、删除运行中的容器
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
95fa6247a137
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 29 minutes ago Up 14 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#docker stop 95fa6247a137
95fa6247a137
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
95fa6247a137 centos1 "/bin/bash" About a minute ago Exited (137) 1 second ago
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 30 minutes ago Up 15 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#docker rm 95fa6247a137
95fa6247a137
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 30 minutes ago Up 15 minutes 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/soft/iso]#
5、制作镜像
5.1、基于现有镜像制作
将原始镜像加入容器并运行-》在原始镜像中部署各种服务-》退出容器-》使用下面命令将容器生成新的镜像实质就是把一个容器里面运行的程序以及该程序的运行环境打包起来生成新的镜像。
命令格式: docker commit [选项] 容器ID/名称 仓库名称:[标签]
常用选项:
-m:说明信息
-a:作用信息
-p:生成过程中停止容器的运行
5.1.1、运行一个容器
root@SIMS_INIT[/soft/iso]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 36 minutes ago Up 21 minutes
5.1.2、登陆并部署应用
略
5.1.3、创建镜像
root@SIMS_INIT[/soft/iso]#docker commit -m "remark" -a "test" 0b42207f4d4c centos2:latest
sha256:366e6c6b11aa5b65ff6d53f2ed8e8f4a7e0f2092358e84a52a4a07c9b3792e3d
root@SIMS_INIT[/soft/iso]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos2 latest 366e6c6b11aa 5 seconds ago 547MB
centos1 latest 618a28de7618 15 minutes ago 472MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/soft/iso]#
5.2、基于本地模板创建
参考4.4节部分。
5.3、基于dockerfile创建
5.3.1、建立工作目录
root@SIMS_INIT[/soft/iso]#mkdir /apache
root@SIMS_INIT[/soft/iso]#cd /apache
5.3.2、 创建并编写dockerfile文件
root@SIMS_INIT[/apache]#vi dockerfile
#基于的基础镜像为centos
FROM centos
#维护该镜像的用户信息
MAINTAINER The Centos Project<cloud-ops@centos.org>
#镜像操作指令安装apache软件包
#RUN yum -y update
//此处注意,由于我的centos镜像版本是最新的7.3,所以不需要更新,如果是7.3以下的版本,这里需要打开,自动更新到7.3,否则后面会有报错
RUN yum -y install httpd
#开启80端口
EXPOSE 80
#复制网站首页文件
ADD index.html /var/www/html/index.html
#将执行脚本复制到镜像中
ADD run.sh /run.sh
RUN chmod 755 /run.sh
#启动容器时执行脚本
CMD ["/run.sh"]
保存退出。
5.3.3、编写执行脚本内容
root@SIMS_INIT[/apache]#vi run.sh
#!/bin/bash
rm -rf /run/httpd/*
//清理httpd的缓存
exec /usr/sbin/apachectl -D FOREGROUND
//启动apache服务
保存退出。
5.3.4、创建测试页面
root@SIMS_INIT[/apache]#vi index.html
This is test!
保存退出。
5.3.5、使用dockerfile生成镜像
命令格式:docker build [选项] 路径
常用选项:-t //指定镜像的标签信息
root@SIMS_INIT[/apache]#docker build -t httpd:centos .
Sending build context to Docker daemon 16.9kB
Step 1/8 : FROM centos
latest: Pulling from library/centos
8ba884070f61: Pull complete
Digest: sha256:8d487d68857f5bc9595793279b33d082b03713341ddec91054382641d14db861
Status: Downloaded newer image for centos:latest
---> 9f38484d220f
Step 2/8 : MAINTAINER The Centos Project<cloud-ops@centos.org>
---> Running in 825dae1d795b
---> 68194fe789de
Removing intermediate container 825dae1d795b
Step 3/8 : RUN yum -y install httpd
---> Running in 440b220893ff
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: ftp.sjtu.edu.cn
* extras: mirror.jdcloud.com
* updates: mirror.jdcloud.com
…
Dependency Installed:
apr.x86_64 0:1.4.8-3.el7_4.1
apr-util.x86_64 0:1.5.2-6.el7
centos-logos.noarch 0:70.0.6-3.el7.centos
httpd-tools.x86_64 0:2.4.6-88.el7.centos
mailcap.noarch 0:2.1.41-2.el7
Complete!
---> 93e5017f12e0
Removing intermediate container 440b220893ff
Step 4/8 : EXPOSE 80
---> Running in af6bb2ac6765
---> 7a2e04fa76c3
Removing intermediate container af6bb2ac6765
Step 5/8 : ADD index.html /var/www/html/index.html
---> b78fcb54b639
Removing intermediate container cad1db9ce919
Step 6/8 : ADD run.sh /run.sh
---> f70a920702ea
Removing intermediate container f6321c943e20
Step 7/8 : RUN chmod 755 /run.sh
---> Running in cacc676cdb4f
---> 622a9f4078c2
Removing intermediate container cacc676cdb4f
Step 8/8 : CMD /run.sh
---> Running in a376b3fef2ce
---> fdad167d588f
Removing intermediate container a376b3fef2ce
Successfully built fdad167d588f
Successfully tagged httpd:centos
查看生成完的镜像:
5.3.6、使用新的镜像运行容器
root@SIMS_INIT[/apache]#docker run -d -p 9000:80 httpd:centos
2ff6e3c166e920313f0f840c004a051cbba8626a16349235b72d012b90d4d267
root@SIMS_INIT[/apache]#docker ps –a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2ff6e3c166e9 httpd:centos "/run.sh" 9 seconds ago Up 8 seconds 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 4 hours ago Up 4 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
//用-p选项实现将本地端口9000映射到容器中的80端口
5.3.7、浏览器访问
浏览器访问http://10.45.11.118:9000
5.4、Ssh公钥验证
基于dockerfile生成镜像
注意:需要联网
5.4.1、建立工作目录,创建公钥
root@SIMS_INIT[/root]#mkdir sshd
//创建公钥,一路回车,不要设置密码
root@SIMS_INIT[/root]#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:CpnPyaIb/gKAkyZlIYU5XlfuNLU+n/BHUZW9dtnsy/U root@SIMS_INIT
The key's randomart image is:
+---[RSA 2048]----+
|.+o. .. . .=|
|+.o. .. . . ...|
|o=. . + . . .+|
|*o oo o .++|
|+. + .S+ ....|
|. = o = o o|
| .. . * + .. +|
| ..o . . oE|
| ++. |
+----[SHA256]-----+
root@SIMS_INIT[/root]#
root@SIMS_INIT[/root]#cat .ssh/id_rsa.pub > sshd/authorized_keys
root@SIMS_INIT[/root]#cd sshd5.4.2、创建并编写Dockerfile文件
root@SIMS_INIT[/root]#cd sshd
root@SIMS_INIT[/root/sshd]#vi Dockerfile
FROM centos1
MAINTAINER The Centos Project<cloud-ops@centos.org>
RUN yum install -y openssh-server
RUN mkdir -p /var/run/sshd
RUN mkdir -p /root/.ssh
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
ADD authorized_keys /root/.ssh/authorized_keys
ADD run.sh /run.sh
RUN chmod 775 /run.sh
EXPOSE 22
CMD [ "/usr/sbin/init"]
CMD ["/run.sh"]保存退出。
5.4.3、编写执行脚本
root@SIMS_INIT[/root/sshd]#vi run.sh
#/bin/bash
/usr/sbin/sshd –D
保存退出。
5.4.4、生成镜像
root@SIMS_INIT[/root/sshd]#docker build -t sshd:centos .
Sending build context to Docker daemon 4.096kB
Step 1/12 : FROM centos
---> 9f38484d220f
Step 2/12 : MAINTAINER The Centos Project<cloud-ops@centos.org>
---> Using cache
---> 68194fe789de
Step 3/12 : RUN yum install -y openssh-server
---> Using cache
---> 250256bc44ad
Step 4/12 : RUN mkdir -p /var/run/sshd
---> Using cache
---> b5b0ac06e6e0
Step 5/12 : RUN mkdir -p /root/.ssh
---> Using cache
---> fee6d86c797d
Step 6/12 : RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
---> Using cache
---> ff2f83ea02cc
Step 7/12 : ADD authorized_keys /root/.ssh/authorized_keys
---> 5dcb5d1d4b7b
Removing intermediate container ce70f50db8da
Step 8/12 : ADD run.sh /run.sh
---> be524e72310b
Removing intermediate container c1bf98289d3b
Step 9/12 : RUN chmod 775 /run.sh
---> Running in ff737d77122a
---> 226bb3ff1c09
Removing intermediate container ff737d77122a
Step 10/12 : EXPOSE 22
---> Running in 1bcaf8ba51b3
---> f1d438782e38
Removing intermediate container 1bcaf8ba51b3
Step 11/12 : CMD /usr/sbin/init
---> Running in 92260c1191e5
---> b6ffdfd93590
Removing intermediate container 92260c1191e5
Step 12/12 : CMD /run.sh
---> Running in 5c5794712f8a
---> 6c570b541644
Removing intermediate container 5c5794712f8a
Successfully built 6c570b541644
Successfully tagged sshd:centos
5.4.5、创建、启动容器
创建、启动容器,并且将ssh服务加入系统启动服务,该命令只适用于centos7以上版本
root@SIMS_INIT[/root/sshd]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
sshd centos 6c570b541644
<none> <none> cd12b610cdea 17 minutes ago 472MB
httpd centos fdad167d588f About an hour ago 318MB
centos2 latest 366e6c6b11aa 5 hours ago 547MB
centos1 latest 618a28de7618 5 hours ago 472MB
centos latest 9f38484d220f 5 weeks ago 202MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
root@SIMS_INIT[/root/sshd]#docker run --privileged -itd -p 2222:22 6c570b541644
605a995f0f61dc5ec086ee0b93ee83614862b225558e497a122b5b2d6ce5f009
root@SIMS_INIT[/root/sshd]#
root@SIMS_INIT[/root/sshd]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
605a995f0f61 6c570b541644 "/usr/sbin/init" 28 seconds ago Up 28 seconds 0.0.0.0:2222->22/tcp
7661e9b17aeb cd12b610cdea "/bin/sh -c 'yum i..." 17 minutes ago Exited (1) 16 minutes ago naughty_goldstine
236357d8eccf cd12b610cdea "/bin/sh -c 'yum i..." 18 minutes ago Exited (1) 18 minutes ago vigilant_joliot
2ff6e3c166e9 httpd:centos "/run.sh" About an hour ago Up About an hour 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 5 hours ago Up 5 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
5.4.6、进入新启动的容器
root@SIMS_INIT[/root/sshd]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
605a995f0f61
7661e9b17aeb cd12b610cdea "/bin/sh -c 'yum i..." 19 minutes ago Exited (1) 18 minutes ago naughty_goldstine
236357d8eccf cd12b610cdea "/bin/sh -c 'yum i..." 20 minutes ago Exited (1) 20 minutes ago vigilant_joliot
2ff6e3c166e9 httpd:centos "/run.sh" About an hour ago Up About an hour 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 5 hours ago Up 5 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/root/sshd]#docker exec -it 605a995f0f61 /bin/bash
[root@605a995f0f61 /]#
[root@605a995f0f61 /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
active (running)
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1090 (sshd)
CGroup: /docker/605a995f0f61dc5ec086ee0b93ee83614862b225558e497a122b5b2d6ce5f009/system.slice/sshd.service
└─1090 /usr/sbin/sshd -D
‣ 1090 /usr/sbin/sshd -D
Apr 22 07:58:44 605a995f0f61 systemd[1]: Starting OpenSSH server daemon...
Apr 22 07:58:45 605a995f0f61 sshd[1090]: Server listening on 0.0.0.0 port 22.
Apr 22 07:58:45 605a995f0f61 sshd[1090]: Server listening on :: port 22.
Apr 22 07:58:45 605a995f0f61 systemd[1]: Started OpenSSH server daemon.
[root@605a995f0f61 /]#
注意:centos7以下不需要,只要使用以下命令:
docker run -itd -p 2222:22 6c570b541644 /bin/bash
5.4.7、安装initscripts
[root@605a995f0f61 /]# yum install initscripts –y
…
Installed:
initscripts.x86_64 0:9.49.46-1.el7
Dependency Installed:
iproute.x86_64 0:4.11.0-14.el7 iptables.x86_64 0:1.4.21-28.el7 libmnl.x86_64 0:1.0.3-7.el7
libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3 libnfnetlink.x86_64 0:1.0.1-4.el7 sysvinit-tools.x86_64 0:2.88-14.dsf.el7
Complete!
5.4.8、验证ssh
远程访问,不需要输入密码直接进入
root@SIMS_INIT[/root/sshd]#docker exec -it 605a995f0f61 /bin/bash
[root@605a995f0f61 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
34: eth0@if35: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
172.17.0.4/16 scope global eth0
valid_lft forever preferred_lft forever
root@SIMS_INIT[/root]#ssh 172.17.0.4
The authenticity of host '172.17.0.4 (172.17.0.4)' can't be established.
ECDSA key fingerprint is SHA256:nKUhoyZ6prbwnLk9utBr8eklfBZHkYjBaVMeBOqYkWo.
ECDSA key fingerprint is MD5:b0:7c:a0:8f:47:7d:19:0d:67:e7:f3:39:37:0f:9b:29.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.4' (ECDSA) to the list of known hosts.
[root@605a995f0f61 ~]#
6、数据卷管理
6.1、数据卷
数据卷是一个供容器使用的特殊目录,位于容器中,可将宿主机的目录挂载到数据卷上,对数据卷的修改操作立刻可见,并且更新数据不会影响镜像,从而实现数据在宿主机与容器之间的迁移。类似于Linux下对目录进行的mount操作
6.1.1、创建数据卷
在docker run命令中使用-v选项可以在容器内创建数据卷;
多次使用-v选项可创建多个数据卷;
使用--name选项可以给容器创建一个友好的自定义名称。
root@SIMS_INIT[/root]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
605a995f0f61 6c570b541644 "/usr/sbin/init" 21 minutes ago Up 21 minutes 0.0.0.0:2222->22/tcp unruffled_lumiere
7661e9b17aeb cd12b610cdea "/bin/sh -c 'yum i..." 38 minutes ago Exited (1) 37 minutes ago naughty_goldstine
236357d8eccf cd12b610cdea "/bin/sh -c 'yum i..." 40 minutes ago Exited (1) 39 minutes ago vigilant_joliot
2ff6e3c166e9 httpd:centos "/run.sh" 2 hours ago Up 2 hours 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 6 hours ago Up 5 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/root]#docker run -v /mnt:/mnt:ro -itd --name www centos1 /bin/bash
6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838
root@SIMS_INIT[/root]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6f76166936e1 centos1 "/bin/bash" 3 seconds ago Up 2 seconds www
605a995f0f61 6c570b541644 "/usr/sbin/init" 21 minutes ago Up 21 minutes 0.0.0.0:2222->22/tcp unruffled_lumiere
7661e9b17aeb cd12b610cdea "/bin/sh -c 'yum i..." 38 minutes ago Exited (1) 38 minutes ago naughty_goldstine
236357d8eccf cd12b610cdea "/bin/sh -c 'yum i..." 40 minutes ago Exited (1) 39 minutes ago vigilant_joliot
2ff6e3c166e9 httpd:centos "/run.sh" 2 hours ago Up 2 hours 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 6 hours ago Up 5 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
6.1.2、进入容器查看挂载情况
root@SIMS_INIT[/root]#docker exec -it 6f76166936e1 /bin/bash
[root@6f76166936e1 /]# cd /mnt
[root@6f76166936e1 mnt]# ls
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
[root@6f76166936e1 mnt]#
查看本地mnt目录:
root@SIMS_INIT[/root]#cd /mnt
root@SIMS_INIT[/mnt]#ls
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
root@SIMS_INIT[/mnt]#
内容是一致的。
6.1.3、查看容器信息
root@SIMS_INIT[/mnt]#docker inspect 6f76166936e1
[
{
"Id": "6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838",
"Created": "2019-04-22T08:20:32.042682785Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 44718,
"ExitCode": 0,
"Error": "",
"StartedAt": "2019-04-22T08:20:32.323635413Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:618a28de761879192f3afb24a6ce21eebe9954e91b65b684de75af1b784d7b83",
"ResolvConfPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/hostname",
"HostsPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/hosts",
"LogPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838-json.log",
"Name": "/www",
"RestartCount": 0,
"Driver": "overlay",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/mnt:/mnt:ro"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay/51024c6a8a57b1c186b70f4d86e3cc626cc7b82da1a590e20ee62f9640cb7bbb/root",
"MergedDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/merged",
"UpperDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/upper",
"WorkDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/work"
},
"Name": "overlay"
},
"Mounts": [
{
"Type": "bind",
"Source": "/mnt",
"Destination": "/mnt",
"Mode": "ro",
"RW": false,
"Propagation": ""
}
],
"Config": {
"Hostname": "6f76166936e1",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": null,
"Cmd": [
"/bin/bash"
],
"Image": "centos1",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "ead221db1c4249f6e1b5fa0b214cdcabfb087aa4b10b4083677d145137ceeb3a",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/ead221db1c42",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "6af782fd8eb0fd50a09b55f62e7ba85f61bd25a4ff22795c64a9965b2ebb6f54",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.5",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:05",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "9e5c288c366026951c2f9504cc20a2dd0270e6021634e9a782caaf633399853e",
"EndpointID": "6af782fd8eb0fd50a09b55f62e7ba85f61bd25a4ff22795c64a9965b2ebb6f54",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.5",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:05"
}
}
}
}
]6.2、数据卷容器
用于不同的容器之间共享数据
6.2.1、创建数据卷容器
root@SIMS_INIT[/mnt]#docker run -itd -v /datevo --name dbdata centos2 /bin/bash
271b7219b08e8d43543da70c63de822640d91d9135b12d677270e83256a75759
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
271b7219b08e centos2 "/bin/bash" 10 seconds ago Up 9 seconds 22/tcp, 80/tcp, 443/tcp dbdata
6f76166936e1 centos1 "/bin/bash" 7 minutes ago Up 7 minutes www
605a995f0f61 6c570b541644 "/usr/sbin/init" 29 minutes ago Up 29 minutes 0.0.0.0:2222->22/tcp unruffled_lumiere
7661e9b17aeb cd12b610cdea "/bin/sh -c 'yum i..." 45 minutes ago Exited (1) 45 minutes ago naughty_goldstine
236357d8eccf cd12b610cdea "/bin/sh -c 'yum i..." About an hour ago Exited (1) About an hour ago vigilant_joliot
2ff6e3c166e9 httpd:centos "/run.sh" 2 hours ago Up 2 hours 0.0.0.0:9000->80/tcp sleepy_leavitt
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 6 hours ago Up 5 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/mnt]#
6.2.2、查看卷容器
root@SIMS_INIT[/mnt]#docker exec -it 271b7219b08e /bin/bash
[root@271b7219b08e /]# ls
bin boot datevo dev etc home lib lib64 lost+found media mnt opt proc root sbin selinux srv sys tmp usr var
[root@271b7219b08e /]#
6.2.3、挂载该卷到新容器
使用—volumes-from来挂载一个容器中的数据卷到一个新的容器
root@SIMS_INIT[/mnt]#docker run -it --volumes-from dbdata --name db1 centos2 /bin/bash
[root@930a3860d67c /]#
root@SIMS_INIT[/root/sshd]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
930a3860d67c centos2 "/bin/bash" 25 seconds ago Up 25 seconds 22/tcp, 80/tcp, 443/tcp db1
271b7219b08e centos2 "/bin/bash" 5 minutes ago Up 5 minutes 22/tcp, 80/tcp, 443/tcp dbdata
6.2.4、验证挂载
确保上述两个容器均已运行。
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
930a3860d67c centos2 "/bin/bash" 3 minutes ago Exited (0) 3 seconds ago db1
271b7219b08e centos2 "/bin/bash" 8 minutes ago Up 8 minutes 22/tcp, 80/tcp, 443/tcp dbdata
任意进入一个容器:
root@SIMS_INIT[/mnt]#docker exec -it 930a3860d67c /bin/bash
[root@930a3860d67c /]# ls
bin boot datevo dev etc home lib lib64 lost+found media mnt opt proc root sbin selinux srv sys tmp usr var
[root@930a3860d67c /]# cd datevo
[root@930a3860d67c datevo]# ls
[root@930a3860d67c datevo]# touch aaa.txt
[root@930a3860d67c datevo]# ls
aaa.txt
[root@930a3860d67c datevo]# exit
exit
root@SIMS_INIT[/mnt]#docker exec -it 271b7219b08e /bin/bash
[root@271b7219b08e /]# ls
bin boot datevo dev etc home lib lib64 lost+found media mnt opt proc root sbin selinux srv sys tmp usr var
[root@271b7219b08e /]# cd datevo
[root@271b7219b08e datevo]# ls
aaa.txt
[root@271b7219b08e datevo]#7、网络通信
7.1、端口映射
选项:
-P:随机映射
-p:指定要映射的端口
7.1.1、指定端口映射
root@SIMS_INIT[/mnt]#docker run -d -p 9100:80 httpd:centos
110eb3d8bffea342ccbfba8a6f83317175540c4a58ea556cbc645e18a0cddf30
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
110eb3d8bffe httpd:centos "/run.sh" 2 seconds ago Up 2 seconds 0.0.0.0:9100->80/tcp
7.1.2、随机端口映射
root@SIMS_INIT[/mnt]#docker run -d -P httpd:centos
33626307d1632a43401931f069b5a26488ebb7602e25be2908294a65a4eed32f
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
33626307d163 httpd:centos "/run.sh" 3 seconds ago Up 2 seconds 0.0.0.0:9001->80/tcp sharp_sinoussi
7.2、容器间通信
7.2.1、创建源容器
创建并运行容器取名web1,端口号自动映射
root@SIMS_INIT[/mnt]#docker run -itd -P --name web1 nickistre/centos-lamp:latest /bin/bash
56854d42962f1c70f308e986b8223b68da026dc2223cb61bdd8c7df855939d6d
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
56854d42962f nickistre/centos-lamp:latest "/bin/bash" 2 seconds ago Up 1 second 0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp web1
7.2.2、创建接收容器
创建并运行容器取名web2,链接到web1和其通信
root@SIMS_INIT[/mnt]#docker run -itd -P --name web2 --link web1:web1 nickistre/centos-lamp:latest
7fb25b8e191ee04c0acb78bb30ad3b650a126a7ec3f8196bf6c441598fa8ad40
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7fb25b8e191e nickistre/centos-lamp:latest "supervisord -n" 2 seconds ago Up 1 second 0.0.0.0:9007->22/tcp, 0.0.0.0:9006->80/tcp, 0.0.0.0:9005->443/tcp web2
56854d42962f nickistre/centos-lamp:latest "/bin/bash" About a minute ago Up About a minute 0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp web1
7.2.3、测试容器互联通信
root@SIMS_INIT[/mnt]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7fb25b8e191e nickistre/centos-lamp:latest "supervisord -n" 2 seconds ago Up 1 second 0.0.0.0:9007->22/tcp, 0.0.0.0:9006->80/tcp, 0.0.0.0:9005->443/tcp web2
56854d42962f nickistre/centos-lamp:latest "/bin/bash" About a minute ago Up About a minute 0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp web1
0b42207f4d4c nickistre/centos-lamp "/bin/bash" 6 hours ago Up 6 hours 22/tcp, 80/tcp, 443/tcp xenodochial_booth
root@SIMS_INIT[/mnt]#docker exec -it 7fb25b8e191e /bin/bash
[root@7fb25b8e191e /]
[root@7fb25b8e191e /]# ping web1
PING web1 (172.17.0.4) 56(84) bytes of data.
64 bytes from web1 (172.17.0.4): icmp_seq=1 ttl=64 time=0.162 ms
64 bytes from web1 (172.17.0.4): icmp_seq=2 ttl=64 time=0.101 ms
64 bytes from web1 (172.17.0.4): icmp_seq=3 ttl=64 time=0.083 ms
^C
--- web1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2096ms
rtt min/avg/max/mdev = 0.083/0.115/0.162/0.034 ms
root@SIMS_INIT[/root]#docker exec -it 0b42207f4d4c /bin/bash
[root@0b42207f4d4c /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
10: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
[root@7fb25b8e191e /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.276 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.443 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.148 ms
^C
--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2978ms
rtt min/avg/max/mdev = 0.148/0.289/0.443/0.120 ms
8、构建nginx镜像
8.1、创建工作目录
root@SIMS_INIT[/root]# mkdir nginx
root@SIMS_INIT[/root]#cd nginx
8.2、创建并编写dockerfile文件
root@SIMS_INIT[/root/nginx]#vi Dockerfile
FROM centos
MAINTAINER The Centos Project<cloud-ops@centos.org>
RUN yum install -y epel-release
RUN yum install -y nginx
#ADD nginx.conf /etc/nginx/nginx.conf
#RUN echo "test page" >> /etc/nginx/nginx.conf
ADD run.sh /run.sh
RUN chmod 775 /run.sh
EXPOSE 80
保存退出。
8.3、创建并编写启动脚本
root@SIMS_INIT[/root/nginx]#vi run.sh
#!/bin/bash
/usr/sbin/nginx
保存退出。
8.4、Dockerfile生成镜像
root@SIMS_INIT[/root/nginx]#docker build -t nginx:centos .
…
Step 8/8 : CMD /run.sh
---> Running in 0fed87d3c716
---> 3d1ac1ac860e
Removing intermediate container 0fed87d3c716
Successfully built 3d1ac1ac860e
Successfully tagged nginx:centos
查看生成的镜像:
root@SIMS_INIT[/root/nginx]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx centos 3d1ac1ac860e About a minute ago 406MB
sshd centos 6c570b541644 2 hours ago 288MB
<none> <none> cd12b610cdea 2 hours ago 472MB
httpd centos fdad167d588f 3 hours ago 318MB
centos2 latest 366e6c6b11aa 6 hours ago 547MB
centos1 latest 618a28de7618 6 hours ago 472MB
centos latest 9f38484d220f 5 weeks ago 202MB
nickistre/centos-lamp latest 0b8d572d1c7d 12 months ago 547MB
8.5、创建、启动容器
创建、启动容器,映射到本机80端口,并且将nginx加入系统启动服务,该命令只适用于centos7以上版本
root@SIMS_INIT[/root/nginx]#docker run --privileged -itd -p 80:80 3d1ac1ac860e /usr/sbin/init
4299f767182f1d7e03c166436e1a1f729925d5502db62a8a19b386f149637999
root@SIMS_INIT[/root/nginx]#docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4299f767182f 3d1ac1ac860e "/usr/sbin/init" 7 seconds ago Up 6 seconds 0.0.0.0:80->80/tcp dreamy_austin
8.6、登陆容器
root@SIMS_INIT[/root/nginx]#docker exec -it 4299f767182f /bin/bash
[root@4299f767182f /]# nginx
[root@4299f767182f html]# yum -y install net-tools
[root@4299f767182f html]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4229/nginx: master
tcp6 0 0 :::80 :::* LISTEN 4229/nginx: master
[root@4299f767182f html]#
8.7、浏览器访问
浏览器访问http://10.45.11.118:80
