zoukankan      html  css  js  c++  java

  • docker服务各个模块

     docker容器官网:https://hub.docker.com/

    一、centos7.4中指定安装docker版本

    1)默认yum源安装的docker版本为docker1.3。性能偏低,不支持k8s。k8s目前只支持docker1.7

     谷歌浏览器打开。清华大学镜像网站:https://mirrors4.tuna.tsinghua.edu.cn/

    找到docker的镜像源

    https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/

     

    2)复制该链接地址

    cd /etc/yum.repos.d/
wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
注意该文件的源并不是指向清华源,所以需要修改docker-ce.repo

    3)修改源

    修改源。修改前面的linux的父目录
vim docker-ce.repo
原来的:baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
原来的:baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/stable
vim命令快速修改
:%s@https://download.docker.com/@https://mirrors.tuna.tsinghua.edu.cn/docker-ce/@

    回车之后。24 次替换,共 24 行 

     4)yum安装

    [root@Mysql yum.repos.d]# yum repolist
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.shu.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.cn99.com
源标识                                                                    源名称                                                                      状态
base/7/x86_64                                                             CentOS-7 - Base                                                             10,019
docker-ce-stable/x86_64                                                   Docker CE Stable - x86_64                                                       32
extras/7/x86_64                                                           CentOS-7 - Extras                                                              364
updates/7/x86_64                                                          CentOS-7 - Updates                                                           1,067
repolist: 11,482
[root@Mysql yum.repos.d]# yum install docker-ce -y
    View Code

    [root@Mysql yum.repos.d]# docker -v
    Docker version 18.09.2, build 6247962

    5)创建配置文件

    [root@Mysql yum.repos.d]# mkdir -p /etc/docker
[root@Mysql yum.repos.d]# touch /etc/docker/daemon.json
[root@Mysql yum.repos.d]# vim /etc/docker/daemon.json
[root@Mysql yum.repos.d]# cat /etc/docker/daemon.json
{
    "registry-mirrors":["https://registry.docker-cn.com"]
}

    6)docker加速器

    docker cn
阿里云加速器
中国科技大学

     二、docker基础

    1)启动docker

    systemctl start docker.service    启动服务
docker version  查看版本
docker info        更详细的信息

    2)官方寻找nginx的最小稳定镜像文件,进行容器测试

    [root@Mysql ~]# docker image pull nginx:1.14-alpine

     3)最小的容器测试http网络服务

    docker image pull nginx:1.14-alpine        # 下载最小镜像
docker pull busybox
docker image ls
docker image ls --no-trunc
docker ps == docker container ls
docker network ls    显示网络
[root@Mysql ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               1.14-alpine         66952fd0a8ef        2 weeks ago         16MB
busybox             latest              3a093384ac30        6 weeks ago         1.2MB
[root@Mysql ~]# docker run --name b1 -it busybox:latest        # 进入最小化的容器,进入shell交互
/ # 
/ # mkdir /data/html -p
/ # vi /data/html/index.html
/ # cat /data/html/index.html
hello world
/ # httpd -f -h /data/html/

docker inspect b1 # 查看运行中的容器信息,包括里面的ip地址
[root@Mysql ~]# curl 172.17.0.2
hello world

     4)容器内,使用exit,退出容器。容器处于停止状态

    / # exit
[root@Mysql ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@Mysql ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
b3cda629bceb        busybox:latest      "sh"                9 minutes ago       Exited (0) 7 seconds ago                       b1
    View Code

     再次启动容器:docker start -i -a b1

    5)强制停止容器,删除容器

    [root@Mysql ~]# docker kill b1
b1
[root@Mysql ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                        PORTS               NAMES
b3cda629bceb        busybox:latest      "sh"                14 minutes ago      Exited (137) 10 seconds ago                       b1
[root@Mysql ~]# docker rm b1
b1
    View Code

     6)docker最小化的运行容器,且只运行一个进程,容器内并不会有存放日志的文件夹。docker logs 容器 查看日志

    docker run --name web1 -d nginx:1.14-alpine   # -d 后台启动
[root@Mysql ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS               NAMES
8eeeefc3e562        nginx:1.14-alpine   "nginx -g 'daemon of…"   About a minute ago   Up 59 seconds       80/tcp              web1
[root@Mysql ~]# curl 172.17.0.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
docker run --name kvstor1 -d redis:4-alpine        # 最小化启动redis
[root@Mysql ~]# docker exec -it kvstor1 /bin/sh
/data # ps
PID   USER     TIME  COMMAND
    1 redis     0:00 redis-server
   17 root      0:00 /bin/sh
   22 root      0:00 ps
[root@Mysql ~]# docker logs web1    查看web1容器的日志
172.17.0.1 - - [16/Feb/2019:17:32:49 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
    View Code

     7)容器的保存,删除

    docker inspect web1   显示容器的信息
docker commit -p web1    暂停容器,保存镜像
[root@Mysql ~]# docker image ls
REPOSITORY               TAG                 IMAGE ID            CREATED              SIZE
<none>                   <none>              c1d0456bb6ff        About a minute ago   16MB
[root@Mysql ~]# docker tag c1d0456bb6ff test/httpd:v0.1-1    为保存的容器打标签
[root@Mysql ~]# docker image ls
REPOSITORY               TAG                 IMAGE ID            CREATED             SIZE
test/httpd               v0.1-1              c1d0456bb6ff        3 minutes ago       16MB
[root@Mysql ~]# docker tag  test/httpd:v0.1-1 test/httpd:latest        再次创建标签
[root@Mysql ~]# docker image ls
REPOSITORY               TAG                 IMAGE ID            CREATED             SIZE
test/httpd               latest              c1d0456bb6ff        5 minutes ago       16MB
test/httpd               v0.1-1              c1d0456bb6ff        5 minutes ago       16MB
docker image rm test/httpd:latest        删除标签镜像
docker run --name t1 -it test/httpd:v0.1-1    运行保存的镜像
docker commit -a "1257063655@qq.com" -c 'CMD ["/bin/httpd","-f","-h","/data/html"]' -p web1 test/httpd:v0.2
    View Code

    8)容器的分享,打包

    传镜像到docker.github
[root@Mysql ~]# docker login -u 1257063655        登录https://hub.docker.com/
Password: 
docker push 1257063655/httpd        # 将镜像上传到https://hub.docker.com/,需要去官网建立httpd仓库,并且1257063655/httpd 既是本地的镜像名,也是远程的仓库名
https://promotion.aliyun.com/ntms/act/kubernetes.html        阿里镜像
docker save -o myimages.gz test/httpd:v0.2 test/httpd:v0.1-1    本地打包2个镜像,合并为一个镜像
[root@Mysql ~]# ls myimages.gz 
myimages.gz
docker load -i myimages.gz  另一台机器导入打包的镜像myimages.gz
    View Code

     三、docker网络

    1)查看网络(扩展)

    yum install bridge-utils -y
[root@Mysql ~]# brctl show
bridge name    bridge id        STP enabled    interfaces
docker0        8000.02423f80d8e7    no        veth2a1c29a
                            veth32a55df
                            veth90301d9
ip link show
iptables -t nat -vnL
docker network inspect bridge
docker container inspect web1
rpm -q iproute
ip netns
ip netns add r1
ip netns add r2
ip netns list
    r2
    r1
ip netns exec r1 ifconfig
ip netns exec r1 ifconfig -a
    View Code

     iptables -t nat -vnL

    2)指定运行的容器的dns,主机文件

    docker run --name t1 -it --network bridge -h t1.hostname --dns 114.114.114.114 --dns-search www.com  --add-host web01:172.17.0.3 --rm busybox:latest
    进入容器,退出则删除
    homename =》t1.hostname
    cat /etc/host
        172.17.0.2  t1.hostname
nslookup -type=A www.baidu.com  解析路由网络
    View Code

    3)端口映射等问题。必须掌握

    docker run --name myweb --rm -p 80 test/httpd:v0.2 
宿组机随机映射一个端口给80
docker inspect myweb  
    该内部的通信:curl 172.17.0.2
iptables -t nat -vnL    查看被所有被随机映射的端口
docker port myweb     查看被映射的端口
更多的映射方法
docker run --name myweb --rm -p 192.168.1.5::80 test/httpd:v0.2 
docker run --name myweb --rm -p 80:80 test/httpd:v0.2 
docker run --name myweb --rm -p 192.168.1.5:8080:80 test/httpd:v0.2
    View Code

    4)容器共享网络,共用同一个ip

    容器共享网络的方式,b1和b2共用一个网络。类似于同一个主机运行了2个进程 
docker run --name b2 --network container:b1 -it rm busybox
docker run --name b2 --network host -it rm busybox  将宿机的网络给了容器
    View Code

    5) 修改docker内的网络,网卡信息

     示例,

     

    重启服务。启动的容器ip网缎为:10.0.0.1的网段的

    重启服务后,

    6)额外创建新的网关

    docker network create -d bridge --subnet "172.26.0.0/16" --gateway "172.26.0.1" mybr0  创建自己的网络网关
docker network ls 查看创建的自己网络
docker run --name t1 -it --net mybr0 busybox:latest  # 运行的容器为自己的网络
    View Code

    问题:同一个宿主机的2个容器在不同的网断怎么通信。

    理论上可以直接通信的,防火墙规则。iptables -t nat -vnL 的阻碍

     四、docker的持久化存储

     1)存储卷的基本使用

    第一种,docker自行选择映射路径,不建议。不好区别是谁存储的数据
docker run --name b2 -it -v /data busybox   建立存储卷,容器内的 /data下面的数据会被宿主机保存
docker inspect b2  查看容器信息
        Source": "/var/lib/docker/volumes/25dd2c087543280b9569ff34356330cf72ee74863bb5a0028a08e2802852fa83/_data",  该位置内容与容器内的 data目录已做了关联

第二种,手动指定位置,即便删除容器,数据仍在
docker run --name b2 -it  -v /data/volumes/b2:/data busybox
[root@Mysql ~]# docker inspect -f {{.Mounts}} b2    # 过滤查找选项
[{bind  /data/volumes/b2 /data   true rprivate}]
[root@Mysql ~]# docker inspect -f {{.NetworkSettings.IPAddress}} b2
172.17.0.5
多个容器,可以共享同一个存储卷

    四、dockerfile语法

    1)最简单的Dockerfile语法,制作镜像

    [root@Mysql ~]# mkdir img1
[root@Mysql ~]# cd img1/
创建镜像文件Dockerfile文件
[root@Mysql img1]# vim Dockerfile
[root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/            # 注意index.html 需要在当前目录

[root@Mysql img1]# cat index.html 
<h1>Busybox httpd server</h1>
<h2>Hello world</h1>

[root@Mysql img1]# docker build -t tinyhttpd:v0.1-1 /root/img1/        # 启动镜像
[root@Mysql img1]# docker image ls |grep tinyhttpd
tinyhttpd                v0.1-1              080174d7d1a9        About a minute ago   1.2MB
    View Code

     编辑被拷贝的index.html

    [root@Mysql img1]# cat index.html 
<h1>Busybox httpd server</h1>
<h2>Hello world</h1>
    View Code

    根据制作的镜像的启动容器,检验是否有文件

    [root@Mysql img1]# docker run --name tinyweb1 --rm tinyhttpd:v0.1-1 cat /data/web/html/index.html
<h1>Busybox httpd server</h1>
<h2>Hello world</h1>
    View Code

     2)镜像文件的修改,新增不同路径的拷贝内容

    [root@Mysql img1]# cp -r /etc/yum.repos.d/ ./
[root@Mysql img1]# ls yum.repos.d/
CentOS-Base.repo  CentOS-Debuginfo.repo  CentOS-Media.repo    CentOS-Vault.repo
CentOS-CR.repo    CentOS-fasttrack.repo  CentOS-Sources.repo  docker-ce.repo
[root@Mysql img1]# vim Dockerfile 
[root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
[root@Mysql img1]# docker build -t tinyhttpd:v0.1-2 /root/img1/
    View Code

     检验是否被拷贝进去

    [root@Mysql img1]# docker run --name tinyweb1 --rm tinyhttpd:v0.1-2 ls /etc/yum.repos.d/
CentOS-Base.repo
CentOS-CR.repo
CentOS-Debuginfo.repo
CentOS-Media.repo
CentOS-Sources.repo
CentOS-Vault.repo
CentOS-fasttrack.repo
docker-ce.repo
    View Code

     3)add用法

    以nginx为例

    3.1)ADD后面加链接地址,通过链接地址下载

    复制其链接地址 http://nginx.org/download/nginx-1.15.8.tar.gz 

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
    cat Dockerfile

     检验add效果

    docker run --name tinyweb1 --rm tinyhttpd:v0.1-3 ls /usr/local/src
    View Code

     3.2)ADD加本地文件,本地文件实现拷贝效果

    [root@Mysql img1]# cat  Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
ADD nginx-1.15.8.tar.gz /usr/local/src/
[root@Mysql img1]# docker build -t tinyhttpd:v0.1-4 ./
    View Code

     3.3)指明工作目录。WORKDIR 

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
WORKDIR /usr/local/
ADD nginx-1.15.8.tar.gz ./src/
    View Code

     4)创建存储卷。VOLUME 

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
WORKDIR /usr/local/
ADD nginx-1.15.8.tar.gz ./src/
VOLUME /data/mysql
    View Code

     

    5.1)暴露端口,端口仅可被宿主机访问

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
COPY index.html /data/web/html/
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
WORKDIR /usr/local/
ADD nginx-1.15.8.tar.gz ./src/
VOLUME /data/mysql
EXPOSE 80/tcp
    EXPOSE

     检验端口是否可以被外界访问

    启动:

    docker run --name tinyweb1 --rm tinyhttpd:v0.1-5 /bin/httpd -f -h /data/web/html

    docker inspect tinyweb1查看ip

    [root@Mysql img1]# curl 172.17.0.6
<h1>Busybox httpd server</h1>
<h2>Hello world</h1>

    但暴露的端口也只有宿主机能访问,没有做端口映射

    [root@Mysql img1]# docker port tinyweb1   没有查到端口
[root@Mysql img1]# docker kill tinyweb1

     5.2)启动时加上 -P

    [root@Mysql img1]# docker run --name tinyweb1 --rm -P tinyhttpd:v0.1-5 /bin/httpd -f -h /data/web/html

    检查端口

    [root@Mysql img1]# docker port tinyweb1
    80/tcp -> 0.0.0.0:32768

     6.1)环境变量 ENV

    COPY index.html ${DOC_ROOT:-/data/web/html/}   如果定义的环境变量没有值,则用后面的

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
ENV DOC_ROOT /data/web/html/
COPY index.html ${DOC_ROOT:-/data/web/html/}
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
WORKDIR /usr/local/
ADD nginx-1.15.8.tar.gz ./src/
VOLUME /data/mysql
EXPOSE 80/tcp
    View Code

    6.2)定义多个环境变量

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
ENV DOC_ROOT=/data/web/html/ 
    WEB_SERVER_PACKAGE="nginx-1.15.8"
COPY index.html ${DOC_ROOT:-/data/web/html/}
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/nginx-1.15.8.tar.gz /usr/local/src/
WORKDIR /usr/local/
ADD ${WEB_SERVER_PACKAGE}.tar.gz ./src/
VOLUME /data/mysql
EXPOSE 80/tcp
    View Code

     6.3)容器运行后输出环境变量

    [root@Mysql img1]# docker run --name tinyweb1 --rm -P tinyhttpd:v0.1-6 printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=634ff3a5d399
DOC_ROOT=/data/web/html/
WEB_SERVER_PACKAGE=nginx-1.15.8
HOME=/root

运行时,再次传变量,有的原变量会被替换
[root@Mysql img1]# docker run --name tinyweb1 --rm -P -e WEB_SERVER_PACKAGE=nginx-1.15.7 tinyhttpd:v0.1-6 printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=7dc972609f71
WEB_SERVER_PACKAGE=nginx-1.15.7
DOC_ROOT=/data/web/html/
HOME=/root
    View Code

     7.1)制作镜像时RUN 命令

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
ENV DOC_ROOT=/data/web/html/ 
    WEB_SERVER_PACKAGE="nginx-1.15.8.tar.gz"
COPY index.html ${DOC_ROOT:-/data/web/html/}
COPY yum.repos.d /etc/yum.repos.d/
ADD http://nginx.org/download/${WEB_SERVER_PACKAGE} /usr/local/src/
WORKDIR /usr/local/
# ADD ${WEB_SERVER_PACKAGE} ./src/
VOLUME /data/mysql/
EXPOSE 80/tcp
RUN cd /usr/local/src && 
    tar xf ${WEB_SERVER_PACKAGE}
    View Code

     7.2)命令测试

    [root@Mysql img1]# cat Dockerfile 
# Description:test image
FROM busybox:latest
MAINTAINER "Test <1257063655@qq.com>"
# LABEL maintainer="1257063655@qq.com"
ENV DOC_ROOT=/data/web/html/ 
    WEB_SERVER_PACKAGE="nginx-1.15.8.tar.gz"
COPY index.html ${DOC_ROOT:-/data/web/html/}
COPY yum.repos.d /etc/yum.repos.d/
# ADD http://nginx.org/download/${WEB_SERVER_PACKAGE} /usr/local/src/
WORKDIR /usr/local/
ADD ${WEB_SERVER_PACKAGE} ./src/
VOLUME /data/mysql/
EXPOSE 80/tcp
RUN cd /usr/local/src && 
    mv nginx-1.15.8 nginx

[root@Mysql img1]# docker build -t tinyhttpd:v0.2.1 ./
Sending build context to Docker daemon  1.051MB
Step 1/10 : FROM busybox:latest
 ---> 3a093384ac30
Step 2/10 : MAINTAINER "Test <1257063655@qq.com>"
 ---> Using cache
 ---> c04c090e9e40
Step 3/10 : ENV DOC_ROOT=/data/web/html/     WEB_SERVER_PACKAGE="nginx-1.15.8.tar.gz"
 ---> Using cache
 ---> 6832ee6cc92e
Step 4/10 : COPY index.html ${DOC_ROOT:-/data/web/html/}
 ---> Using cache
 ---> 45c2e54c0d74
Step 5/10 : COPY yum.repos.d /etc/yum.repos.d/
 ---> Using cache
 ---> 348917f42afe
Step 6/10 : WORKDIR /usr/local/
 ---> Using cache
 ---> df3d710f5ac9
Step 7/10 : ADD ${WEB_SERVER_PACKAGE} ./src/
 ---> Using cache
 ---> 83c0b4f691e4
Step 8/10 : VOLUME /data/mysql/
 ---> Using cache
 ---> c13d38f9b94b
Step 9/10 : EXPOSE 80/tcp
 ---> Using cache
 ---> 7bd7c1d365cf
Step 10/10 : RUN cd /usr/local/src &&     mv nginx-1.15.8 nginx
 ---> Running in 35f4b3aae6a1
Removing intermediate container 35f4b3aae6a1
 ---> 41413a7ce98a
Successfully built 41413a7ce98a
Successfully tagged tinyhttpd:v0.2.1
    View Code

     7.3)根据命令yum安装nginx

    FROM centos
RUN yum -y install epel-release && yum makecache && yum install nginx -y
    View Code

     8.1)CMD命令的使用

    [root@Mysql img2]# cat Dockerfile
FROM busybox
LABEL maintainer="My <1257063655.qq.com>" app="httpd"

ENV WEB_DOC_ROOT="/data/web/html"
RUN mkdir -p $WEB_DOC_ROOT && 
    echo '<h1>hello world,httpd server</h1>' > ${WEB_DOC_ROOT}/index.html

CMD /bin/httpd -f -h ${WEB_DOC_ROOT}
[root@Mysql img2]# docker build -t tinyhttpd:v0.2-1 ./

     查看制作镜像的详细信息

     docker image inspect tinyhttpd:v0.2-1

    运行

    docker run --name tinyweb2 -it --rm -P tinyhttpd:v0.2-1 

    查看

    [root@Mysql ~]# docker exec -it tinyweb2 /bin/sh
/ # 
/ # ps
PID   USER     TIME  COMMAND
    1 root      0:00 /bin/httpd -f -h /data/web/html
    6 root      0:00 /bin/sh
   11 root      0:00 ps

     9)不会被覆盖的运行命令。ENTRYPOINT

    [root@Mysql img2]# cat Dockerfile 
FROM busybox
LABEL maintainer="My <1257063655.qq.com>" app="httpd"

ENV WEB_DOC_ROOT="/data/web/html"
RUN mkdir -p $WEB_DOC_ROOT && 
    echo '<h1>hello world,httpd server</h1>' > ${WEB_DOC_ROOT}/index.html

# CMD /bin/httpd -f -h ${WEB_DOC_ROOT}
# CMD ["/bin/sh","-c","/bin/httpd","-f","-h ${WEB_DOC_ROOT}"] # 有问题,不建议用
ENTRYPOINT /bin/httpd -f -h ${WEB_DOC_ROOT}
    View Code

     启动容器。docker run --name tinyweb2 -it --rm -P  tinyhttpd:v0.2-3 ls /data/    后面接的命令不会覆盖制作镜像用的命令。后面接的命令会被当做参数传给它

    10) 脚本启动nginx。使用传参的方法

    10.1)编辑脚本文件

    [root@Mysql img3]# cat entrypoint.sh 
#!/bin/sh
#
cat > /etc/nginx/conf.d/www.conf <<EOF
server {
    server_name ${HOSTNAME};
    listen ${IP:-0.0.0.0}:${PORT:-80};
    root ${NGX_DOC_ROOT:-/usr/share/nginx/html};
}
EOF

exec "$@"
    entrypoint.sh

    10.2)编辑首页文件

    [root@Mysql img3]# cat index.html 
<h1>
Hello world,study python
</h1>
    index.html

    10.3)编辑Dockerfile文件

    [root@Mysql img3]# cat Dockerfile 
FROM nginx:1.14-alpine
LABEL maintainer="my <125.7063655@qq.com>"

ENV NGX_DOC_ROOT="/data/web/html/"
ADD index.html ${NGX_DOC_ROOT}
ADD entrypoint.sh /bin/

CMD ["/usr/sbin/nginx","-g","daemon off;"]
ENTRYPOINT ["/bin/entrypoint.sh"]

    10.4)启动容器检验

    启动
[root@Mysql img3]# docker run --name myweb1 --rm -P myweb:v0.3-3


进入容器
[root@Mysql img3]# docker exec -it myweb1 /bin/sh
/ # cat /etc/nginx/conf.d/www.conf 
server {
    server_name 0e107f492212;
    listen 0.0.0.0:80;
    root /data/web/html;
}
/ # cat /data/web/html 
<h1>
Hello world,study python
</h1>
/ # netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN  
--------
/ # wget -O - -q localhost  本地明
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
         35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
-------------------------
/ # wget -O - -q 0e107f492212
<h1>
Hello world,study python
</h1>
    View Code

    / # netstat -tnl
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN

    10.5)启动容器时再增加端口参数,测试

    添加端口
[root@Mysql img3]# docker run --name myweb1 --rm -P -e "PORT=8080"  myweb:v0.3-4
/ # [root@Mysql img3]# docker exec -it myweb1 /bin/sh
/ # netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN

     11)健康检查。HEALTHCHECK 健康检查,不太清楚。

    [root@Mysql img3]# cat Dockerfile 
FROM nginx:1.14-alpine
LABEL maintainer="my <125.7063655@qq.com>"

ENV NGX_DOC_ROOT="/data/web/html/"
ADD index.html ${NGX_DOC_ROOT}
ADD entrypoint.sh /bin/

EXPOSE 80/tcp

HEALTHCHECK --start-period=3s CMD wget -o - -q http://${IP:-0.0.0.0}:${PORT:-80}/

CMD ["/usr/sbin/nginx","-g","daemon off;"]
ENTRYPOINT ["/bin/entrypoint.sh"]
    View Code

     12.1) ARG常量传参的用法

    [root@Mysql img3]# cat Dockerfile 
FROM nginx:1.14-alpine

ARG author="my <125.7063655@qq.com>"
LABEL maintainer="${author}"

ENV NGX_DOC_ROOT="/data/web/html/"
ADD index.html ${NGX_DOC_ROOT}
ADD entrypoint.sh /bin/

EXPOSE 80/tcp

HEALTHCHECK --start-period=3s CMD wget -o - -q http://${IP:-0.0.0.0}:${PORT:-80}/

CMD ["/usr/sbin/nginx","-g","daemon off;"]
ENTRYPOINT ["/bin/entrypoint.sh"]
    View Code

    替换定义的常量

    docker build -t myweb:v0.3-7 ./ 
替换定义的默认值 author="pony <pony@qq.com>"
docker build --build-arg author="pony <pony@qq.com>"  -t myweb:v0.3-8 ./

     13)ONBUILD  。根据ONBUILD  创建的镜像,其他dockerfile引用此镜像创建镜像时,会触发执行ONBUILD  里面的指令

    FROM nginx:1.14-alpine

ARG author="my <125.7063655@qq.com>"
LABEL maintainer="${author}"

ENV NGX_DOC_ROOT="/data/web/html/"
ADD index.html ${NGX_DOC_ROOT}
ADD entrypoint.sh /bin/

EXPOSE 80/tcp

HEALTHCHECK --start-period=3s CMD wget -o - -q http://${IP:-0.0.0.0}:${PORT:-80}/

ONBUILD ADD  http://repo.webtatic.com/yum/el6/latest.rpm /usr/local/src/

CMD ["/usr/sbin/nginx","-g","daemon off;"]
ENTRYPOINT ["/bin/entrypoint.sh"]
    View Code

     14)GitHub里面有很大dockerfile文件

    五、resistry使用

    [root@Mysql img3]# yum info docker-registry
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.shu.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
可安装的软件包
名称    :docker-registry
架构    :x86_64
版本    :0.9.1
发布    :7.el7
大小    :123 k
源    :extras/7/x86_64
简介    : Registry server for Docker
网址    :https://github.com/docker/docker-registry
协议    : ASL 2.0
描述    : Registry server for Docker (hosting/delivering of repositories and images).
    yum info docker-registry

     1)在服务端安装resistry 私有仓库

    [root@Mysql img3]# yum info docker-registry
[root@Mysql img3]# yum install docker-registry -y    安装
[root@Mysql img3]# rpm -ql docker-distribution        查看安装生成的文件
/etc/docker-distribution/registry/config.yml        主配置文件
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry
[root@Mysql registry]# systemctl start docker-distribution        启动服务
[root@Mysql registry]# netstat -lntup|grep registry
tcp6       0      0 :::5000                 :::*                    LISTEN      22359/registry
    yum install docker-registry -y

    2)推送文件,拉取文件测试

    [root@Centos7pvz2 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               1.14-alpine         8a2fb25a19f5        9 days ago          16MB
[root@Centos7pvz2 ~]# docker tag nginx:1.14-alpine pvz2.test.com:5000/nginx:1.15-alpine    # 打标记为自己的仓库镜像
[root@Centos7pvz2 ~]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
pvz2.test.com:5000/nginx  1.15-alpine         8a2fb25a19f5        9 days ago            16MB
nginx                     1.14-alpine         8a2fb25a19f5        9 days ago            16MB
[root@Centos7pvz2 ~]# cat /etc/docker/daemon.json         # 修改docker拉取服务信息
{
    "registry-mirrors": ["https://4mii0w1b.mirror.aliyuncs.com","https://registry.docker-cn.com"],
    "insecure-registries": ["pvz2.test.com:5000"]
}
[root@Centos7pvz2 ~]# systemctl restart docker  重启docker
[root@Centos7pvz2 ~]# cat /etc/hosts    # 配置主机解析文件
192.168.10.28 pvz2.test.com

[root@Centos7pvz2 ~]# docker push pvz2.test.com:5000/nginx:1.15-alpine    # 将本地镜像推向仓库
The push refers to repository [pvz2.test.com:5000/nginx]
076c58d2644f: Pushed 
b2cbae4b8c15: Pushed 
5ac9a5170bf2: Pushed 
a464c54f93a9: Pushed 
1.15-alpine: digest: sha256:a3a0c4126587884f8d3090efca87f5af075d7e7ac8308cffc09a5a082d5f4760 size: 1153

另一台机器拉取镜像
[root@node02 ~]# cat /etc/docker/daemon.json
{
    "registry-mirrors": ["https://4mii0w1b.mirror.aliyuncs.com","https://registry.docker-cn.com"],
    "insecure-registries": ["pvz2.test.com:5000"]
}
[root@Centos7pvz2 ~]# systemctl restart docker
[root@Centos7pvz2 ~]# cat /etc/hosts    # 配置主机解析文件
192.168.10.28 pvz2.test.com
[root@node02 ~]# docker pull pvz2.test.com:5000/nginx:1.15-alpine    # 拉取镜像
1.15-alpine: Pulling from nginx
bdf0201b3a05: Pull complete 
3d0a573c81ed: Pull complete 
8129faeb2eb6: Pull complete 
3dc99f571daf: Pull complete 
Digest: sha256:a3a0c4126587884f8d3090efca87f5af075d7e7ac8308cffc09a5a082d5f4760
Status: Downloaded newer image for pvz2.test.com:5000/nginx:1.15-alpine
[root@node02 ~]#
    View Code

    3)服务端可查看客户端推送过来的镜像文件

    [root@Centos7pvz2 ~]# ll /var/lib/registry/docker/registry/v2/repositories/
总用量 0
drwxr-xr-x 5 root root 55 4月  19 16:50 nginx

     六、单机多容器编排

     

    七、harbor安装(仓库网站安装)

    1)安装说明

    1)官网
https://github.com/goharbor/harbor
2)安装说明
https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md
3)下载安装包
https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.4.tgz

    2)修改配置文件

     3)启动服务 ./install.sh   需要docker-compose(1.7.1以上的版本)

    3.1 )安装docker-compose。注意该安装方式版本 为 docker-compose version 1.24.0, build 0aa5906 。经过测试,也可以运行

    ./install.sh结束后,80端口和443端口被监听

    4)访问  http://192.168.10.28/harbor/sign-in

    用户:admin

    密码:harbor12345 / Harbor12345 官方文档有说明(harbor.cfg)

    登录进来。先创建用户管理,仓库管理

    5)创建用户

    6)创建仓库

    7)切换账号,新建项目

    8)推送docker镜像文件

    [root@Centos7pvz2 harbor]# cat /etc/docker/daemon.json 
{
    "registry-mirrors": ["https://4mii0w1b.mirror.aliyuncs.com","https://registry.docker-cn.com"],
    "insecure-registries": ["pvz2.test.com"]
}
[root@Centos7pvz2 harbor]# systemctl restart docker
[root@Centos7pvz2 harbor]# docker tag goharbor/harbor-db:v1.7.4 pvz2.test.com/devel/harbor-db:v1.7.4
[root@Centos7pvz2 harbor]# docker tag goharbor/harbor-adminserver:v1.7.4 pvz2.test.com/devel/harbor-adminserver:v1.7.4
[root@Centos7pvz2 harbor]# docker image ls|grep pvz2.test.com/devel
pvz2.test.com/devel/harbor-adminserver   v1.7.4              5706c65d65dc        7 weeks ago         72.3MB
pvz2.test.com/devel/harbor-db            v1.7.4              08d163f732f3        7 weeks ago         136MB
[root@Centos7pvz2 harbor]# docker login pvz2.test.com  登录服务器

[root@Centos7pvz2 harbor]# docker push pvz2.test.com/devel/harbor-adminserver:v1.7.4
[root@Centos7pvz2 harbor]# docker push pvz2.test.com/devel/harbor-db:v1.7.4

    查看服务端,文件存储的路径

    暂停容器服务

    继续运行

    docker资源

    启动测试,256M内存,2个进程

    docke stats 能查看容器资源

    八、最终环节,应用实战

    最终章。dokerfiles实战应用

     1)快速构建基础镜像

    cat Dockerfile 
#Docker from CentOS

# Base images
FROM centos


# who
MAINTAINER Mr.Cao 11111qq.com


# EPEL
add epel.repo /etc/yum.repos.d/

# Base pkg
RUN yum install -y wget mysql-devel supervisor git redis tree net-tools sudo psmisc && yum clean all

docker build -t test/centos:base .
    构建基础的Dockerfile

     1.2)基于基础镜像创建python环境

    cat Dockerfile
FROM test/centos:base

MAINTAINER Mr.Cao 11111qq.com

RUN yum install -y  python-devel python-pip supervisor

RUN pip install --upgrade pip

docker build -t test/python .
    View Code

     2)基于ssh管理的基础镜像

    cat Dockerfile
#Docker from CentOS

# Base images 
FROM centos


# who
MAINTAINER Mr.Cao 11111qq.com


# EPEL
add epel.repo /etc/yum.repos.d/

# Base pkg
RUN yum install -y openssh-clients openssl-devel openssh-server wget mysql-devel supervisor git redis tree net-tools sudo psmisc && yum clean all

# For SSHD
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
RUN echo "root:helloworld" | chpasswd

docker build -t test/centos-ssh:base .
    View Code

     2.1)基于ssh的Python环境

    cat Dockerfile
FROM test/centos-ssh

MAINTAINER Mr.Cao 11111qq.com

RUN yum install -y  python-devel python-pip supervisor

RUN pip install --upgrade pip

docker build -t test/python-ssh .
    View Code

     3)基于Python环境运行app

    supervisord.conf文件修改

    3.1) 编辑文件过程

    ================================================
cat app.py
from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello():
    return 'hello world'

if __name__ == '__main__':
    app.run(host="0.0.0.0",debug=True) 
==================
cat requirements.txt
flask
===================
cat app-supervisor.ini
[program:shop-api]
command=/usr/bin/python2.7 /opt/app.py
process_name=%(program_name)s
autostart=true
user=www
stdout_logfile=/tmp/app.log
stderr_logfile=/tmp/app.error


[program:sshd]
command=/usr/sbin/sshd -D
process_name=%(program_name)s
autostart=true

==================
cat Dockerfile
FROM test/python-ssh

MAINTAINER Mr.Cao 11111qq.com

RUN useradd -s /sbin/nologin -M www

ADD app.py /opt/app.py
ADD requirements.txt /opt/
ADD supervisord.conf /etc/supervisord.conf
ADD app-supervisor.ini /etc/supervisord.d/


RUN /usr/bin/pip2.7 install /opt/requirements.txt

# Port
EXPOSE 22 5000

# CMD
CMD ["/usr/bin/supervisord","-c","/etc/supervisord.conf"]
===============================================================
    View Code

     3.2)制作镜像,并启动应用服务

    docker build -t test/hello-api .
docker run --name hello-api -d -p 88:5000 -p 8022:22 test/hello-api
    View Code

    ssh服务可这样进入服务
  • 相关阅读:
    Powershell 的自己主动部署
    Python 爬虫批量下载美剧 from 人人影视 HR-HDTV
    c :函数指针具体解释
    云计算设计模式(二十二)——静态内容托管模式
    Bash 脚本 getopts为什么最后一个參数取不到
    清理SYSAUX表空间的WRH$_LATCH_CHILDREN表
    Linux配置防火墙,开启80port、3306port 可能会遇到的小问题
    Android v4包中的 SwipeRefreshLayout 官方的下拉刷新组件
    Nginx 笔记与总结(3)配置虚拟主机
    用SPSS做时间序列
  • 原文地址:https://www.cnblogs.com/linu/p/10389890.html
Copyright © 2011-2022 走看看