2021-02-18docker
2024-05-09 09:18:40
docker
- 删除旧版本的docker包!
sudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine
配置docker阿里云镜像
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repoyum makecache fast
安装docker
yum install docker-ce docker-ce-cli containerd.io -y
systemctl start docker 启动docker安装完成后检查版本
docker version
卸载、删除docker
yum remove docker-ce docker-ce-cli containerd.io 删除依赖rm -rf /var/lib/docker 删除目录
配置阿里云镜像加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{"registry-mirrors": ["https://9ei5z6re.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
docker的常用命令
搜索镜像 docker search xxx
按照浏览量查找 docker search xxx --filter=STARS=3000
分层下载
docker pull mysql
docker pull mysql:5.7
docker 命令
--name=“NAME” 容器名字 xxx01 xxx02 用于区分容器
-d 以后台方式运行
-it 使用交互式,进入容
-p-p ip:主机端口:容器端口-p 主机端口:容器端口-p 容器端口-
-P 随机指定端口
docker -rmi 镜像id
docker rmi -f $(docker images -aq) 递归删除(全部)镜像
docker rmi -f id id id 删除多个镜像
新建容器并启动
docker run -it centos /bin/bash 启动并进如容器
root@localhost ~]# docker run -it centos /bin/bash
[root@a50cb69507f1 /]#
从容器中退回主机
[root@a50cb69507f1 /]# exit
exit
[root@localhost ~]#
[root@a50cb69507f1 /]# exit
exit
[root@localhost ~]# docke ps
-a 列出当前正运行的容器+历史运行过的参数
-n=? 显示最近创建的容器
-q 只显示容器的编号
exit 直接停止容器并退出
ctrl + P + Q 后台运行
删除容器
docker rm -f e4 指定删除容器 (强制删除)
#去除-f 则不能强制删除运行的容器
docker rm -f $(docker ps -aq) 删除全部容器
docker start 容器id
docker restart 重启容器
docker stop 停止容器
docker kill 强制停止
其他命令
docker run -d 后台运行容器
docker logs -tf --tail 10 容器id 查看某容器最近十条的日志
docker logs -tf 容器id 查看某个容器的日志
docker run -d centos /bin/bash -c "while true;do echo huweiqi;sleep 1;done;" 循环日志
[root@localhost ~]# docker inspect 0 查看元数据
[{"Id": "0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c","Created": "2021-02-18T12:18:01.002338206Z","Path": "/bin/sh","Args": [],"State": {"Status": "exited","Running": false,"Paused": false,"Restarting": false,"OOMKilled": false,"Dead": false,"Pid": 0,"ExitCode": 0,"Error": "","StartedAt": "2021-02-18T12:18:01.478411996Z","FinishedAt": "2021-02-18T12:18:01.498675035Z"},"Image": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55","ResolvConfPath": "/var/lib/docker/containers/0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c/resolv.conf","HostnamePath": "/var/lib/docker/containers/0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c/hostname","HostsPath": "/var/lib/docker/containers/0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c/hosts","LogPath": "/var/lib/docker/containers/0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c/0dba2e18e81d9a124d748d193fe762000314fe4d575dcd6acc369d23e54a173c-json.log","Name": "/affectionate_hofstadter","RestartCount": 0,"Driver": "overlay2","Platform": "linux","MountLabel": "","ProcessLabel": "","AppArmorProfile": "","ExecIDs": null,"HostConfig": {"Binds": null,"ContainerIDFile": "","LogConfig": {"Type": "json-file","Config": {}},"NetworkMode": "default","PortBindings": {},"RestartPolicy": {"Name": "no","MaximumRetryCount": 0},"AutoRemove": false,"VolumeDriver": "","VolumesFrom": null,"CapAdd": null,"CapDrop": null,"CgroupnsMode": "host","Dns": [],"DnsOptions": [],"DnsSearch": [],"ExtraHosts": null,"GroupAdd": null,"IpcMode": "private","Cgroup": "","Links": null,"OomScoreAdj": 0,"PidMode": "","Privileged": false,"PublishAllPorts": false,"ReadonlyRootfs": false,"SecurityOpt": null,"UTSMode": "","UsernsMode": "","ShmSize": 67108864,"Runtime": "runc","ConsoleSize": [0,0],"Isolation": "","CpuShares": 0,"Memory": 0,"NanoCpus": 0,"CgroupParent": "","BlkioWeight": 0,"BlkioWeightDevice": [],"BlkioDeviceReadBps": null,"BlkioDeviceWriteBps": null,"BlkioDeviceReadIOps": null,"BlkioDeviceWriteIOps": null,"CpuPeriod": 0,"CpuQuota": 0,"CpuRealtimePeriod": 0,"CpuRealtimeRuntime": 0,"CpusetCpus": "","CpusetMems": "","Devices": [],"DeviceCgroupRules": null,"DeviceRequests": null,"KernelMemory": 0,"KernelMemoryTCP": 0,"MemoryReservation": 0,"MemorySwap": 0,"MemorySwappiness": null,"OomKillDisable": false,"PidsLimit": null,"Ulimits": null,"CpuCount": 0,"CpuPercent": 0,"IOMaximumIOps": 0,"IOMaximumBandwidth": 0,"MaskedPaths": ["/proc/asound","/proc/acpi","/proc/kcore","/proc/keys","/proc/latency_stats","/proc/timer_list","/proc/timer_stats","/proc/sched_debug","/proc/scsi","/sys/firmware"],"ReadonlyPaths": ["/proc/bus","/proc/fs","/proc/irq","/proc/sys","/proc/sysrq-trigger"]},"GraphDriver": {"Data": {"LowerDir": "/var/lib/docker/overlay2/6ba71a06cbcfc83c8f87730f313caf1c5da4ada26ea8fc0e364e3432a76df360-init/diff:/var/lib/docker/overlay2/00f6ff497936b8100f9e40286fed4bfa80bc4ca63a81607e9395d4b99a0432b0/diff","MergedDir": "/var/lib/docker/overlay2/6ba71a06cbcfc83c8f87730f313caf1c5da4ada26ea8fc0e364e3432a76df360/merged","UpperDir": "/var/lib/docker/overlay2/6ba71a06cbcfc83c8f87730f313caf1c5da4ada26ea8fc0e364e3432a76df360/diff","WorkDir": "/var/lib/docker/overlay2/6ba71a06cbcfc83c8f87730f313caf1c5da4ada26ea8fc0e364e3432a76df360/work"},"Name": "overlay2"},"Mounts": [],"Config": {"Hostname": "0dba2e18e81d","Domainname": "","User": "","AttachStdin": false,"AttachStdout": false,"AttachStderr": false,"Tty": false,"OpenStdin": false,"StdinOnce": false,"Env": ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd": ["/bin/sh"],"Image": "centos","Volumes": null,"WorkingDir": "","Entrypoint": null,"OnBuild": null,"Labels": {"org.label-schema.build-date": "20201204","org.label-schema.license": "GPLv2","org.label-schema.name": "CentOS Base Image","org.label-schema.schema-version": "1.0","org.label-schema.vendor": "CentOS"}},"NetworkSettings": {"Bridge": "","SandboxID": "57ad3e2e7dc79a8235458b1a8982cf74b1c5fae1cf764ba607d3bce407b218f3","HairpinMode": false,"LinkLocalIPv6Address": "","LinkLocalIPv6PrefixLen": 0,"Ports": {},"SandboxKey": "/var/run/docker/netns/57ad3e2e7dc7","SecondaryIPAddresses": null,"SecondaryIPv6Addresses": null,"EndpointID": "","Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"IPAddress": "","IPPrefixLen": 0,"IPv6Gateway": "","MacAddress": "","Networks": {"bridge": {"IPAMConfig": null,"Links": null,"Aliases": null,"NetworkID": "638a672d15d813f1a517990b72ebc02846de7b74c59623c572f1b21abc1e42bd","EndpointID": "","Gateway": "","IPAddress": "","IPPrefixLen": 0,"IPv6Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"MacAddress": "","DriverOpts": null}}}}
]
[root@localhost ~]# 进入当前正在运行的容器
命令
docker exec -it 容器id /bin/bash 启动一个新的终端,可以在里面进行操作docker attach 容器id 进如容器正在执行的终端,不会新开终端
测试
root@localhost ~]# docker exec -it 3880f3 /bin/bash
[root@3880f387fa93 /]#
从容器内拷贝到本地
命令docker cp 容器ID:/容器内路径 /本地路径下
实列
在容器内新建文件
[root@localhost ~]# docker exec -it 3 /bin/bash
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@3880f387fa93 /]# touch /home/huweqi
在本地拷贝
[root@localhost ~]# docker cp 388:/home/huweiqi /home/
Error: No such container:path: 388:/home/huweiqi
[root@localhost ~]# docker cp 388:/home/huweqi /home/
[root@localhost ~]# ll /home/
total 0
-rw-r--r--. 1 root root 0 Feb 18 20:38 huweqi
[root@localhost ~]#
部署nginx、tomcat
docker search nginx 搜索一个镜像
docker pull nginx 拉去镜像docker run -d --name nginx -p 3344:80 nginx 以后台运行一个容器 指定name 本地端口:容器端口---
[root@localhost ~]# docker run -d --name tomcat01 -p 3355:8080 tomcat 运行一个tomcat容器
b5b3af64737c918bcd799372036006ae3eccbb925eb3ad251a3b6de3bafe40f2
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# docker exec -it tomcat01 /bin/bash
root@b5b3af64737c:/usr/local/tomcat#
root@b5b3af64737c:/usr/local/tomcat#
root@b5b3af64737c:/usr/local/tomcat# ls
BUILDING.txt CONTRIBUTING.md LICENSE NOTICE README.md RELEASE-NOTES RUNNING.txt bin conf lib logs native-jni-lib temp webapps webapps.dist work
root@b5b3af64737c:/usr/local/tomcat# cd weapps
bash: cd: weapps: No such file or directory
root@b5b3af64737c:/usr/local/tomcat# cd webapps
root@b5b3af64737c:/usr/local/tomcat/webapps# ls
root@b5b3af64737c:/usr/local/tomcat/webapps# cd ..
root@b5b3af64737c:/usr/local/tomcat# ls
BUILDING.txt CONTRIBUTING.md LICENSE NOTICE README.md RELEASE-NOTES RUNNING.txt bin conf lib logs native-jni-lib temp webapps webapps.dist work
默认tomcat容器内是最小化的:webapps内无内容 。可以拷贝webapps.dist内的内容root@b5b3af64737c:/usr/local/tomcat# cd webapps.dist/
root@b5b3af64737c:/usr/local/tomcat/webapps.dist# ls
ROOT docs examples host-manager manager
root@b5b3af64737c:/usr/local/tomcat/webapps.dist# cp ./* ../webapps
cp: -r not specified; omitting directory './ROOT'
cp: -r not specified; omitting directory './docs'
cp: -r not specified; omitting directory './examples'
cp: -r not specified; omitting directory './host-manager'
cp: -r not specified; omitting directory './manager'
root@b5b3af64737c:/usr/local/tomcat/webapps.dist# cp -r ./* ../webapps
root@b5b3af64737c:/usr/local/tomcat/webapps.dist# ls
ROOT docs examples host-manager manager
root@b5b3af64737c:/usr/local/tomcat/webapps.dist# cd ..
root@b5b3af64737c:/usr/local/tomcat# ls webapps
ROOT docs examples host-manager manager
root@b5b3af64737c:/usr/local/tomcat# 当前方法是每次修改内容都必须进去容器!要是可以在外部映射一个文件就可以避免每次进入容器内部修改?
安装elasticsearch
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch 拉取运行
查看docker运行内存
docker stats
测试se是否安装成功
[root@localhost ~]# curl localhost:9200
{"name" : "AtYxnIo","cluster_name" : "elasticsearch","cluster_uuid" : "0H7wRCHyTVmFkTdHZmHqnQ","version" : {"number" : "5.6.12","build_hash" : "cfe3d9f","build_date" : "2018-09-10T20:12:43.732Z","build_snapshot" : false,"lucene_version" : "6.6.1"},"tagline" : "You Know, for Search"
}
安装可视化面板
docker run -d -p 8088:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
commit镜像
docker commit -m "提交的信息描述" -a “作者” 容器id 目标镜像名:[TAG][root@localhost ~]# docker commit -a="huweqii" -m="xiugaiguo" 0e65034f7d49 nginx:v02
sha256:ef5df12d240cd2b4ba530596f354a477b13eb762facbaf4f05b68b0fb63f2307
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9dd86d09a287 portainer/portainer "/portainer" 54 minutes ago Up 54 minutes 0.0.0.0:8088->9000/tcp epic_bassi
483295b95881 elasticsearch "/docker-entrypoint.…" About an hour ago Exited (143) 57 minutes ago elasticsearch
b5b3af64737c tomcat "catalina.sh run" 2 hours ago Exited (143) About an hour ago tomcat01
0e65034f7d49 nginx "/docker-entrypoint.…" 2 hours ago Up 49 minutes 0.0.0.0:3344->80/tcp nginx
0dba2e18e81d 300e315adb2f "/bin/sh" 14 hours ago Exited (0) 14 hours ago affectionate_hofstadter
825e102dae8c 300e315adb2f "/bin/bash" 15 hours ago Exited (0) 15 hours ago optimistic_lederberg
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v02 ef5df12d240c 41 seconds ago 184MB
tomcat latest 040bdb29ab37 5 weeks ago 649MB
nginx latest f6d0b4767a6c 5 weeks ago 133MB
<none> <none> 300e315adb2f 2 months ago 209MB
portainer/portainer latest 62771b0b9b09 7 months ago 79.1MB
elasticsearch latest 5acf0e8da90b 2 years ago 486MB
[root@localhost ~]#
docker内部安装软件
进去到容器内部
apt-get update
apt-get install vim -y
docker 数据卷
数据持久化
docker run -it -v 本地路径:容器内路径 -p 80:80 nginx /bin/bashdocker inspect 容器id"Mounts": [{"Type": "bind","Source": "/html","Destination": "/usr/share/nginx/html","Mode": "","RW": true,"Propagation": "rprivate"}],mysql 数据同步
安装拉去mysql 要设置密码-e MYSQL_ROOT_PASSWORD=qweqwe 运行容器 做挂载点docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/date:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=qweqwe --name=mysql01 mysql:5.7
docker run -d -p 3311:3306 --volumes-from mysql01 -e MYSQL_ROOT_PASSWORD=qweqwe --name=mysql02 mysql:5.7
具名挂载和匿名挂载
-v 容器内路径
docker run -d -P --name nginx02 -v /etc/nginx nginx
查看所有volume 情况
docker volume ls
具名挂载-v 卷名:容器内名字
docker run -d -P --name nginx03 -v name_nginx:/etc/nginx nginx
docker run -d -P --name nginx04 -v name_nginx:/etc/nginx:ro nginx
docker run -d -P --name nginx04 -v name_nginx:/etc/nginx:rw nginx
一旦设置了这个,权限就限制了
数据卷容器
容器间数据同步
利用一个容器给其他容器共享数据启动一个容器
docker run -it --name=centos02 --volumes-from centos01 huweiqi/centos:latest
完成数据基本同步
dockerfile
初识dockefile
dockerfile就是用来构建镜像的脚本文件!
通过脚本生成镜像,镜像是一层一层的,脚本
FROM centosVOLUME ["volume'01","volume02"]CMD echo "```````end``````````"
CMD /bin/bashdocker build -f /home/docker_file/dockerfile1 -t huweiqi/centos .最后的点不要丢
~
dicker build 构建docker file
docker build file文件目录 -t 标签:v0.1 打包的目录Docker file 文件格式
docker file 开头字母必须大写 。docker file 文件中的文件传参放于当前目录-------内容语法:
FROM 指令FROM 镜像名:TAG 不加tag 默认latestMANINTANIER 名称<联系方式>"" “huweiqi<huweiqi@qq.com>” (基本已经不用)#LABEL mantainer=huweiqi<huweiqi@qq.com> 使用一种语法
COPY 指令COPY <SRC> <DEST>COPY ["<SRC>,..多个源路径.. "<DEST>"]COPY yum.repos.d /etc/yum.repos.d/1 如果指定了多个SRC 或使用了通配符,则dest必须是一个目录,且必须以 / 结尾COPY /源目录 /容器内目录 2 SRC 中的目录文件必须是build上下文中的路径,不能说其父目录中的文件3 当前的CPOPY 复制的源目录是指 该目录下的内所有内容,并不会将该目录复制过去4如果DEST 实现不存在,他将自动被创建ADD 指令ADD RUL /容器内目标路径ADD http://nginx.org/download/nginx-1.18.0.tar.gz /usr/local/src/自动下载并传入在容器内/usr/local/src/目录录下(自动创建目录,必须以/结尾)ADD nginx-xxxx.tar.gz /usr/local/src/#下载nginx.tar.gz 到build目录 自动解压至/usr/local/src/目录ADD nginx.xxx.tar.gz ./ (这里的当前目录是指WORKDIR 指定的目录)
RUN指令RUN 基本shell命令RUN cd /usr/src && \tar xf nginx-xxx.tar.gz && \xxxxxxWORKDIR 指令指定当前目录 (随后的引用,逆序向上找,取最近)WORKDRIR /usr/local/src/ (可以不写/src)WORKDRIR /usr/local/ADD nginx.xxx.tar.gz ./src/ (引用src)VOLUME 指令VOLUME /容器内路径不加外部路径,则默认可用 (docker insept 容器名来查看)
EXPOSE 指令用于为容器打开指定要监听的端口。实现与外部通信EXPOSE 80/tcp暴露容器内的端口运行时时加 -P 可随机将80端口映射至宿主机的随机端口ENV 指令用于为镜像定义所需要的环境变量, ENV ENV_NAME=/data/web/html/ (将/data/web/html 赋值给ENV_NAME。后续 使用/data/web/html/ 时可直接调用 $ENV_NAME 后面又内容 加${ENV_NAME} 大括号)如果ENV是空值使用: ${EVN_NAME:-/目录/} 如果是控制则使用这个路径${EVN_NAME:+/目录/} 使用此目录多个变量赋值ENV EVN1=xxxx \ (\表示转意)EVN2=xxxx \.......**在外部给容器内中ENV传参 (环境变量)** 第二阶段 build完成之后* 如果dockerfile中存在EVN_NAME 可在外部-e ENV_NAME="xxxxxxx" 定义变量
docker run --name envtest -d -e ENV_NAME="xxxxxxx" nginx printenv
CMD 指令CMD指令只有最后一个生效CMD /bin/httpd -f -h ${EVN环境变量}CMD [“/bin/bash","-f","-h ${EVM变量}"] 注:这个默认不是以shell运行 所以不认识${环境变量}在docker run 时指定参数时会被覆盖以shell运行CMD ["/bin/bash","-c","bin/httpd","-f","-h ${EVN变量}"]CMD /bin/bash
ENTRYPOINT 指令在docker run 容器后面传参数时不会被覆盖--entrypoint将CMD的命令传给ENTRYPOINTCMD ["/bin/httpd","-f","-h 目录"]ENTRYPOINT /bin/sh -c 一般与CMD联合使用.USER指令
HEALTHCHECK 指令
ARG 指令在build时传参数ARG 变量名=${xxxxx}文件中 定义ARG变量ARG zuozhe="xiaofupo<xfp@qq.com>"LABEL mainatainer=${zuozhe}docker build --build-arg zuozhe="xxxxxxx<xxxx." -t xxx:v1 ./
UNBUILD在自身的dockerfille在做成镜像时不执行,在别人用用此镜像做基础镜像时执行ONBUILD ADD http://nginx.org/download/nginx-1.18.0.tar.gz /var/local/src/
摘要
CMD与ENTRYPONINT互相结合
CMD 将参数传给 ENTRYPOINT 这里为默认值
在docker run 时 如果定义要执行的命令
ENTRYPOINT 会认为有定义的值而舍去CMD的默认值 此时被覆盖的值是CMD 的值
测试效果
docker run --name xxx --rm 容器id:v?? cat /xxx
docker run --name=xxx --rm xxx/xxx:v1 /bin/httpd -f -h /data/web/html
-h 指定家目录
-f 前台运行
启动自己写的容器
docker run -it --name=centos01 huweiqi/centos /bin/bash
查看挂在点
docker inspect 容器id
重点
dockerfile 的构建过程
- 每个指令必须大写
- 执行从上倒下,顺序执行
- #表示注释
docker file的指令
FROM 基础镜像 centos 、ubantu一切从这里开始构建
MAINTAINER 镜像是谁写的,姓名+邮箱 (标准)
RUN 镜像在构建的时候运行的命令
ADD 步骤:添加内容
WORFDIR 镜像的工作目录
VOLUME 挂载的目录位置
EXPOSE 暴露端口位置
CMD 容器启动时要运行的命令,只有最后一个会生效,可被替代
COPY 将文件拷贝到镜像中
EVN 构建时设置环境变量
实战测试
FROM centos
MAINTAINER huweiqi<2425328600@qq.com>ENV MYPATH /usr/local
WORKDIR $MYPATHCMD echo "默认工作路径已设置"
RUN yum install -y vim
RUN yum install -y net-tools
CMD echo "软件包安装完成"
EXPOSE 80CMD echo $MYPATH
CMD echo "````构建完成````"CMD /bin/bash docker build -f /home/docker_file/dockerfile2 -t mycentos:v1 .
cmd 与ENTRYPOINT区别
测试CMD
[root@localhost docker_file]# cat dockerfile3
FROM centos
CMD ["ls","-a"]
[root@localhost docker_file]#
[root@localhost docker_file]# docker run cmd2 ls -al
total 0
drwxr-xr-x. 1 root root 6 Feb 19 08:57 .
drwxr-xr-x. 1 root root 6 Feb 19 08:57 ..
-rwxr-xr-x. 1 root root 0 Feb 19 08:57 .dockerenv
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Feb 19 08:57 dev
drwxr-xr-x. 1 root root 66 Feb 19 08:57 etc
drwxr-xr-x. 2 root root 6 Nov 3 15:22 home
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 15:22 lib64 -> usr/lib64
drwx------. 2 root root 6 Dec 4 17:37 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 15:22 media
drwxr-xr-x. 2 root root 6 Nov 3 15:22 mnt
drwxr-xr-x. 2 root root 6 Nov 3 15:22 opt
dr-xr-xr-x. 161 root root 0 Feb 19 08:57 proc
[root@localhost docker_file]# docker run cmd2 -l 不可以直接追加命令
docker: Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: exec: "-l": executable file not found in $PATH: unknown.测试ENTRYPOINT
[root@localhost docker_file]# cat dockerfile3
FROM centos
ENTRYPOINT ["ls","-a"]
[root@localhost docker_file]# docker run entrypoint
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
[root@localhost docker_file]# docker run entrypoint -l 可以直接追加命令
total 0
drwxr-xr-x. 1 root root 6 Feb 19 09:03 .
drwxr-xr-x. 1 root root 6 Feb 19 09:03 ..
-rwxr-xr-x. 1 root root 0 Feb 19 09:03 .dockerenv
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Feb 19 09:03 dev
drwxr-xr-x. 1 root root 66 Feb 19 09:03 etc
drwxr-xr-x. 2 root root 6 Nov 3 15:22 home
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 15:22 lib64 -> usr/lib64
drwx------. 2 root root 6 Dec 4 17:37 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 15:22 media传镜像至dockerhab
阿里云也相同
在docker hab上创建用户名
并创建仓库名
登陆到dockerhab
docker login -u huweiqi1999
密码 xxxxxxx
docker push huweiqi1999/web01
这里的tag名称必须与hab仓库名称一致 下载
登陆至hab
docker pull huweiqi1999/web01:v1
打包镜像
命令docker save -o 【指定保存位置】 镜像1 镜像2docker save -o /home/tag.gz nginx:latest mysql:latest
解压
docker load -i /home/tag.gz
docker commit
docker commit -p 镜像名
-p 使镜像暂停后再创建
docker 网络
iproute
检查iproute是否被安装
rpm -q iproute
[root@localhost ~]# ip netns help
Usage: ip netns listip netns add NAMEip netns set NAME NETNSIDip [-all] netns delete [NAME]ip netns identify [PID]ip netns pids NAMEip [-all] netns exec [NAME] cmd ...ip netns monitorip netns list-id
[root@localhost ~]#
ip netns add r3 添加一个网络名称空间
[root@localhost ~]# ip netns list 查看
r3
r2
r1
查看r1 的网卡
[root@localhost ~]# ip netns exec r1 ifconfig -a
lo: flags=8<LOOPBACK> mtu 65536loop txqueuelen 1000 (Local Loopback)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
默认只有lo网卡ip netns exec r1 ifconfig lo up 启动网卡ip link ip link add name veth1.1 type veth peer name veth1.2 创建虚拟网卡[root@localhost ~]# ip link add name veth1.1 type veth peer name veth1.2
[root@localhost ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000link/ether 00:0c:29:33:a1:5a brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:0b:04:9d:96 brd ff:ff:ff:ff:ff:ff
4: veth1.2@veth1.1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000link/ether c6:26:c6:3c:9d:a0 brd ff:ff:ff:ff:ff:ff成对出现的
~~5: veth1.1@veth1.2: <BROADCAST,MULTICA~~ ST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000link/ether ba:6f:76:d1:01:08 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# ip link add name veth1.1 type veth peer name veth1.2
将veth1.2挪到r1中
[root@localhost ~]# ip link set veth1.2 netns r1
[root@localhost ~]# ip link s
Not enough information: "dev" argument is required.
[root@localhost ~]# ip link sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000link/ether 00:0c:29:33:a1:5a brd ff:ff:ff:ff:ff:ff
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default link/ether 02:42:0b:04:9d:96 brd ff:ff:ff:ff:ff:ff
5: veth1.1@if4: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000link/ether ba:6f:76:d1:01:08 brd ff:ff:ff:ff:ff:ff link-netnsid 0
[root@localhost ~]# ip netns exec r1 set dev veth1.2 name eth 修改r1中veth.2名字为eth0
[root@localhost ~]# ip netns exec r1 ifconfig -a
eth0: flags=4098<BROADCAST,MULTICAST> mtu 1500ether c6:26:c6:3c:9d:a0 txqueuelen 1000 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0激活本地
[root@localhost ~]# ifconfig veth1.1 10.0.0.1/24 up
veth1.1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 10.0.0.1 netmask 255.255.255.0 broadcast 10.0.0.255ether ba:6f:76:d1:01:08 txqueuelen 1000 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0激活r1中地址
[root@localhost ~]# ip netns exec r1 ifconfig eth0 10.0.0.2/24 up
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ip netns exec r1 ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.0.0.2 netmask 255.255.255.0 broadcast 10.0.0.255inet6 fe80::c426:c6ff:fe3c:9da0 prefixlen 64 scopeid 0x20<link>ether c6:26:c6:3c:9d:a0 txqueuelen 1000 (Ethernet)RX packets 8 bytes 656 (656.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 8 bytes 656 (656.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0docker run -it --name t1 --network bridge -h huweiqi --dns 8.8.8.8 --rm busybox:latest
指定主机名与dns
指定hosts文件
[root@localhost ~]# docker run -it --name t1 --network bridge -h huweiqi --add-host huweiqi:1.1.1.1 --dns 8.8.8.8 --rm busybox:latest
/ # cat /etc/host
cat: can't open '/etc/host': No such file or directory
/ # cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
1.1.1.1 huweiqi
172.17.0.2 huweiqi共享网络参数 --network container:镜像1
命令 docker run --name t2 --network container:t1 -it --rm busybox:latest共享主机网络docker run --name t2 --network host -it --rm busybox
修改docker0默认网络
[root@localhost ~]# vim /etc/docker/daemon.json
{"registry-mirrors": ["https://9ei5z6re.mirror.aliyuncs.com"],"bip": "10.0.0.1/16" #自定义网段
}
重启dockersystemctl restart docker
“hosts”: [“tcp://0.0.0.0:2375”,“unix:///var/run/docker.sock”]
使用 --link 添加hosts文件[root@localhost ~]# docker run -d -P --name="tomcar002" --link tomcar001 tomcat c375c9753d5785dc361f206443aca351c6134cf91269c3913a5f0adb8a594428 [root@localhost ~]# [root@localhost ~]# [root@localhost ~]# [root@localhost ~]# docker exec -it tomcar002 cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 10.0.0.2 tomcar001 d805637831dd 10.0.0.5 c375c9753d57 [root@localhost ~]#
自定义网络
docker network ls
网络模式
birdge 桥接模式
none 不配置网络
host 宿主机共享网络创建一个自己的桥接网络--driver bridge 类型 birdge--subnet 192.168.0.0/16 网络地址池--gateway 192.168.0.1 网关
docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
通过docker network ls 查看
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
a64bec1f71b4 bridge bridge local
65886a5dd05c host host local
4bd43dc7b8df mynet bridge local
e4ebebbdcf77 none null local
docker network inspect mynet
创建俩镜像添加至自己的网络
[root@localhost ~]# docker run -d -P --name tomcat01 --network mynet tomcat
d257d816839fc1ddf9edc8f020e0ac19e817c07ee95b4e61b947fbd3bb3c61fa
[root@localhost ~]# docker run -d -P --name tomcat02 --network mynet tomcat
672083298b316f13eda3588090776811538a70ec5b44bf54f913b9e74f40b4a8
[root@localhost ~]# docker network inspect mynet
[{"Name": "mynet","Id": "4bd43dc7b8df10477b166df58665c2b0812302e2222d6df9376b0e9c9d50d593","Created": "2021-02-20T20:11:35.571296231+08:00","Scope": "local","Driver": "bridge","EnableIPv6": false,"IPAM": {"Driver": "default","Options": {},"Config": [{"Subnet": "192.168.0.0/16","Gateway": "192.168.0.1"}]},"Internal": false,"Attachable": false,"Ingress": false,"ConfigFrom": {"Network": ""},"ConfigOnly": false,"Containers": {"672083298b316f13eda3588090776811538a70ec5b44bf54f913b9e74f40b4a8": {"Name": "tomcat02","EndpointID": "bb56b1bbf6eebc5c6c2410f0b6e2fed63276eacf906c477c5e6dc2942be11be5","MacAddress": "02:42:c0:a8:00:03","IPv4Address": "192.168.0.3/16","IPv6Address": ""},"d257d816839fc1ddf9edc8f020e0ac19e817c07ee95b4e61b947fbd3bb3c61fa": {"Name": "tomcat01","EndpointID": "344a2d3e7fc83f65e397c653bbeb9baaf8a6c1855d2b724fd28878d3b3de3910","MacAddress": "02:42:c0:a8:00:02","IPv4Address": "192.168.0.2/16","IPv6Address": ""}},"Options": {},"Labels": {}}
]
[root@localhost ~]# 测试
[root@localhost ~]# docker exec -it tomcat01 ping tomcat02
PING tomcat02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.066 ms
64 bytes from tomcat02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.120 ms
^C
--- tomcat02 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 3ms
rtt min/avg/max/mdev = 0.066/0.093/0.120/0.027 ms
[root@localhost ~]# 网络联通
docker network 自定义网卡 容器
connect Connect a container to a network
[root@localhost ~]# docker network --help
Usage: docker network COMMAND
docker network connect mynet nginx_v34
将nginx_v34 加入到mynet网络中
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run ‘docker network COMMAND --help’ for more information on a command.
[root@localhost ~]#
私有仓库registry
registry
新建一台服务器
yum install docker-registry.x86_64 -y
root@localhost ~]# rpm -ql docker-distribution-2.6.2-2.git48294d9.el7.x86_64
/etc/docker-distribution/registry/config.yml 主配置文件
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry 所有的镜像存放位置(建议路径做挂载点)
在其他主机上配置 客户端上配置
但凡需要与registry相连接的都必须修改vim /etc/docker/daemon.json 文件
由于默认链接为https 所以添加配置"insecure-registries":["registry主机:5000"]
主机A
vim /etc/docker/daemon.json
{"registry-mirrors": ["https://9ei5z6re.mirror.aliyuncs.com"],"bip": "10.0.0.1/16","insecure-registries":["registry主机:5000"]
}
docker tag nginx:latest 192.168.1.23:5000/nginx_v1 tag名称必须以服务器端的IP端口开头
[root@localhost ~]# docker push 192.168.1.23:5000/nginx_v1
Using default tag: latest
The push refers to repository [192.168.1.23:5000/nginx_v1]
2acf82036f38: Pushed
9f65d1d4c869: Pushed
0f804d36244d: Pushed
9b23c8e1e6f9: Pushed
ffd3d6313c9b: Pushed
9eb82f04c782: Pushed
latest: digest: sha256:b08ecc9f7997452ef24358f3e43b9c66888fadb31f3e5de22fec922975caa75a size: 1570~
主机B
[root@localhost ~]# docker pull 192.168.1.23:5000/nginx_v1
Using default tag: latest
latest: Pulling from nginx_v1
45b42c59be33: Pull complete
8acc495f1d91: Pull complete
ec3bd7de90d7: Pull complete
19e2441aeeab: Pull complete
f5a38c5f8d4e: Pull complete
83500d851118: Pull complete
Digest: sha256:b08ecc9f7997452ef24358f3e43b9c66888fadb31f3e5de22fec922975caa75a
Status: Downloaded newer image for 192.168.1.23:5000/nginx_v1:latest
192.168.1.23:5000/nginx_v1:latest
[root@localhost ~]# 私有harbor
harbor地址
yum install -y docker-compose
wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz
tar -xf harbor-offline-installer-v2.2.0-rc3.tgz ./
cd harbor/
vim harbor.yml.tmpl
cp harbor.yml.tmpl harbor.yml
hostname: 192.168.1.23harbor_admin_password: qweqwe# Harbor DB configuration
database:password: qweqwe完成后运行 install.sh
[Step 5]: starting Harbor ...
Creating harbor-log ... done
Creating redis ... done
Creating harbor-portal ... done
Creating harbor-db ... done
Creating registryctl ... done
Creating registry ... done
Creating harbor-core ... done
Creating nginx ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----
运行成功
默认账号密码
admin
Harbor12345
重启 停止harbor
docker-compose stop
docker-compose up -d
练习
[root@localhost centos]# vim Dockerfile FROM centos:7
LABEL mantainer=huweiqi<huweiqi@qq.com>
#RUN mkdir /etc/yum.repos.d/.bak && mv /etc/yum.repos.d/* /etc/yum.repos.d/.bak
#COPY yum.repos.d /etc/yum.repos.d/
RUN yum clean all && \yum makecache && \yum install -y bash-completion && \yum install vim openssh-server yum -y
RUN /usr/bin/ssh-keygen -A && \echo "qweqwe" | passwd --stdin root
WORKDIR /usr/local
EXPOSE 80
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"]docker build -t centos_8 ./[root@localhost centos]# docker run -d -P
192.168.1.24/centos/centos centos_8:latest
192.168.1.24/centos/centos_ssh centos:v1
192.168.1.24/centos/centos:ssh_v1 centos:v2
192.168.1.24/centos/centos_ssh:v2 centos:v3
centos centos:v4
centos:7 centos:v5
centos_8 centos:v7
[root@localhost centos]# docker run -d -P centos_8
f67ef9cc36444bee02a4e93656adc65c551f2ad96a03623128acbd90c50a8046
[root@localhost centos]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f67ef9cc3644 centos_8 "/usr/sbin/sshd -D" 3 seconds ago Up 2 seconds 0.0.0.0:49156->22/tcp, 0.0.0.0:49155->80/tcp funny_snyder
9f78038bc26a centos:v7 "/usr/sbin/sshd -D" 18 minutes ago Up 18 minutes 0.0.0.0:49154->22/tcp, 0.0.0.0:49153->80/tcp objective_meitner
[root@localhost centos]#
上传2021-02-18docker相关推荐
- Java入门篇 2021/02/22
Java入门篇 2021/02/22 Java的三大版本 java三大版本主要包括 JavaSE, JavaME, JavaEE,其中现如今的JavaME已经是很少见了,JavaSE是JavaEE的基 ...
- 【每日一知】带你走近5nm芯片 (2021.02.05 )
[每日一知]带你走近5nm芯片 (2021.02.05 ) [每日一知]带你走近5nm芯片 (2021.02.05 ) ==一.简介== ==二.优势== ==三.现状== ============= ...
- Java SQL异常:java.sql.SQLException: Incorrect DATE value: ‘2021.02.31‘
报错信息: Cause: java.sql.SQLException: Incorrect DATE value: '2021.02.31' ; uncategorized SQLException; ...
- Deepin 深度系统更新(2021.02.03)发布
深度操作系统更新发布 11031.002(build),升级全新内核到 Kernel 5.10(Stable)版本.更新仓库到 Debian10.7,增强系统稳定性和兼容性.针对系统安全性.硬件驱动等 ...
- deepin Java开发环境搭建和主力使用体验(2021.02更)
前言: 之所以想体验一下deepin有2点原因 1.美观(是的,没错,就是冲着好看去的)2.流畅(主要是一些编程软件比win下反应更快,体验更好) 成果: 1.UI整体风格我觉得OK(基本不用动手美化 ...
- 【每日一知】什么是内聚和耦合? (2021.02.02 )
[每日一知]什么是内聚和耦合? (2021.02.02 ) 一.简单了解 内聚(Cohesion) 是一个模块内部各成分之间相关联程度的度量. 耦合(Coupling) 是模块间 依赖程度的度量. 内 ...
- Go语言的当前状态(2021) | Gopher Daily (2021.02.07) ʕ◔ϖ◔ʔ
每日一谚:Don't ignore errors in test code. When something unexpected happens, it'll fail silently and yo ...
- HTTP请求历险记(Go语言版) | Gopher Daily (2021.02.21) ʕ◔ϖ◔ʔ
每日一谚:Simplicity comes from orthogonality and predictability. Go技术专栏"改善Go语⾔编程质量的50个有效实践"主要满 ...
- Leetcode刷题 2021.02.26
Leetcode刷题 2021.02.26 Leetcode1178 猜字谜 Leetcode869 重新排序得到 2 的幂 Leetcode1676 二叉树的最近公共祖先 IV Leetcode11 ...
- errors不是exceptions | Gopher Daily (2021.02.05) ʕ◔ϖ◔ʔ
每日一谚:Go对OO提供了另类的支持:有方法(method)无类(class),有接口(interface)但无类型体系,代码可重用,但不通过继承的方式. Go技术新闻 errors不是excepti ...
最新文章
- Sangfor_AC用户不在线但在“在线用户管理”里有显示
- Framework Design Studio 发布了
- 我是如何走上前端开发这条路 并常年保持一线竞争力的
- 一个Python爬虫工程师学习养成记
- CentOS下rpm命令使用
- hystrix源码小贴士之中断
- android 按钮列表,android – 如何使按钮看起来像列表
- linux下清理脚本,脚本--Linux下清理IPC资源
- sql server 表结构信息查询
- 并不是部所有市场都类似:评估 Marketplace 的 10 个特征
- 数学标记语言MathML简介、工具及兼容
- 数据库系统 --- 数据库技术介绍
- NVIDIA英伟达旧版本显卡下载
- Linux驱动笔记--主机驱动与外设驱动概念以及分离思想
- 来自Carson_Ho大神的最6的Android事件分发机制详解
- ICE入门之hello world
- 新版Space数字藏品源码+NFT数字藏品系统
- [SYZOJ279]滑♂稽♂树
- 使用JS进行日期计算
- 【C语言】猴子吃桃问题。猴子第一天摘下若干个桃子,当即吃了一半,还不过瘾,又多吃了一个。