docker 架构:
docker 安装前期准备:
安装centos7 ,不要在centos6
[root@node01 yum.repos.d]# uname -a
Linux node01 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@node01 yum.repos.d]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
下载docker-repo:
[root@node01 yum.repos.d]# pwd /etc/yum.repos.d
[root@node01 yum.repos.d]# wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo [root@node01 yum.repos.d]# ls CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo docker-ce.repo
通过vi docker-ce.repo 发现,里面的源并不是国内的,所以需要改下(全局替换):
:%s@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@
最终结果如下:
[root@node01 yum.repos.d]# cat docker-ce.repo
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
[root@node01 ~]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
docker-ce-stable | 3.5 kB 00:00:00
(1/2): docker-ce-stable/x86_64/updateinfo | 55 B 00:00:00
(2/2): docker-ce-stable/x86_64/primary_db | 20 kB 00:00:00
repo id repo name status
base/7/x86_64 CentOS-7 - Base 10,019
docker-ce-stable/x86_64 Docker CE Stable - x86_64 28
extras/7/x86_64 CentOS-7 - Extras 321
updates/7/x86_64 CentOS-7 - Updates 647
repolist: 11,015
安装docker:
[root@node01 ~]# yum install -y docker-ce
========================================================================================================================= Package Arch Version Repository Size ========================================================================================================================= Installing: docker-ce x86_64 3:18.09.1-3.el7 docker-ce-stable 19 M Installing for dependencies: audit-libs-python x86_64 2.8.4-4.el7 base 76 k checkpolicy x86_64 2.5-8.el7 base 295 k container-selinux noarch 2:2.74-1.el7 extras 38 k containerd.io x86_64 1.2.2-3.el7 docker-ce-stable 22 M docker-ce-cli x86_64 1:18.09.1-3.el7 docker-ce-stable 14 M libcgroup x86_64 0.41-20.el7 base 66 k libsemanage-python x86_64 2.5-14.el7 base 113 k libtool-ltdl x86_64 2.4.2-22.el7_3 base 49 k policycoreutils-python x86_64 2.5-29.el7 base 456 k python-IPy noarch 0.75-6.el7 base 32 k setools-libs x86_64 3.3.8-4.el7 base 620 k Updating for dependencies: audit x86_64 2.8.4-4.el7 base 250 k audit-libs x86_64 2.8.4-4.el7 base 100 k libselinux x86_64 2.5-14.1.el7 base 162 k libselinux-python x86_64 2.5-14.1.el7 base 235 k libselinux-utils x86_64 2.5-14.1.el7 base 151 k libsemanage x86_64 2.5-14.el7 base 151 k libsepol x86_64 2.5-10.el7 base 297 k policycoreutils x86_64 2.5-29.el7 base 916 k selinux-policy noarch 3.13.1-229.el7_6.6 updates 483 k selinux-policy-targeted noarch 3.13.1-229.el7_6.6 updates 6.9 M Transaction Summary ========================================================================================================================= Install 1 Package (+11 Dependent packages) Upgrade ( 10 Dependent packages)
Docker安装方法:
docker双发行版:
docker-ee
docker-ce
moby
1、CentOS Extras Repo
2、Docker-CE
下载:https://download.docker.com/
仓库配置文件:https://download.docker.com/linux/centos/docker-ce.repo
Docker组件:
docker程序环境:
环境配置文件:
/etc/sysconfig/docker-network
/etc/sysconfig/docker-storage
/etc/sysconfig/docker
Unit File:
/usr/lib/systemd/system/docker.service
Docker Registry配置文件:
/etc/containers/registries.conf
docker-ce:
配置文件:/etc/docker/daemon.json
Docker镜像加速:
docker cn
阿里云加速器
中国科技大学
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
注册阿里云账号,专用加速器地址获得路径:
https://cr.console.aliyun.com/#/accelerator
创建加速docker 镜像加速:
[root@node01 ~]# mkdir /etc/docker
[root@node01 ~]# vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
启动docker:
[root@node01 ~]# systemctl start docker.service
docker 相关命令:
[root@node01 ~]# docker Usage: docker [OPTIONS] COMMAND A self-sufficient runtime for containers Options: --config string Location of client config files (default "/root/.docker") -D, --debug Enable debug mode -H, --host list Daemon socket(s) to connect to -l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info") --tls Use TLS; implied by --tlsverify --tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem") --tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem") --tlskey string Path to TLS key file (default "/root/.docker/key.pem") --tlsverify Use TLS and verify the remote -v, --version Print version information and quit Management Commands: builder Manage builds config Manage Docker configs container Manage containers engine Manage the docker engine image Manage images network Manage networks node Manage Swarm nodes plugin Manage plugins secret Manage Docker secrets service Manage services stack Manage Docker stacks swarm Manage Swarm system Manage Docker trust Manage trust on Docker images volume Manage volumes Commands: attach Attach local standard input, output, and error streams to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container diff Inspect changes to files or directories on a container's filesystem events Get real time events from the server exec Run a command in a running container export Export a container's filesystem as a tar archive history Show the history of an image images List images import Import the contents from a tarball to create a filesystem image info Display system-wide information inspect Return low-level information on Docker objects kill Kill one or more running containers load Load an image from a tar archive or STDIN login Log in to a Docker registry logout Log out from a Docker registry logs Fetch the logs of a container pause Pause all processes within one or more containers port List port mappings or a specific mapping for the container ps List containers pull Pull an image or a repository from a registry push Push an image or a repository to a registry rename Rename a container restart Restart one or more containers rm Remove one or more containers rmi Remove one or more images run Run a command in a new container save Save one or more images to a tar archive (streamed to STDOUT by default) search Search the Docker Hub for images start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop one or more running containers tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE top Display the running processes of a container unpause Unpause all processes within one or more containers update Update configuration of one or more containers version Show the Docker version information wait Block until one or more containers stop, then print their exit codes Run 'docker COMMAND --help' for more information on a command.
docker 拉取镜像文件:
[root@node01 ~]# docker image pull nginx:1.14-alpine
1.14-alpine: Pulling from library/nginx
cd784148e348: Pull complete
12b08f7ef616: Pull complete
65071a4e699c: Pull complete
9936647427be: Pull complete
Digest: sha256:e3f77f7f4a6bb5e7820e013fa60b96602b34f5704e796cfd94b561ae73adcf96
Status: Downloaded newer image for nginx:1.14-alpine
[root@node01 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.14-alpine c5b6f731fbc0 4 weeks ago 17.7MB
[root@node01 ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
57c14dd66db0: Pull complete
Digest: sha256:7964ad52e396a6e045c39b5a44438424ac52e12e4d5a25d94895f2058cb863a0
Status: Downloaded newer image for busybox:latest
[root@node01 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 3a093384ac30 3 weeks ago 1.2MB
nginx 1.14-alpine 5b6f731fbc0 4 weeks ago 17.7MB
插曲:
centos7 没有ifconfig 命令
[root@node01 ~]# ifconfig -bash: ifconfig: command not found
[root@node01 ~]# yum install net-tools -y
[root@node01 ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
25aa40638951 bridge bridge local
f718fe64d2fd host host local
182da0334b8f none null local
[root@node01 ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:53:39:c8:4b txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.55.200 netmask 255.255.255.0 broadcast 192.168.55.255
inet6 fe80::722c:874c:4b62:a09d prefixlen 64 scopeid 0x20<link>
inet6 fe80::db9:8d5c:fdea:9747 prefixlen 64 scopeid 0x20<link>
inet6 fe80::a5eb:cbbe:b661:9e8a prefixlen 64 scopeid 0x20<link>
ether 00:50:56:98:6e:f4 txqueuelen 1000 (Ethernet)
RX packets 46808 bytes 83382354 (79.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25718 bytes 1963999 (1.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 32 bytes 2592 (2.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32 bytes 2592 (2.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
运行docker:
[root@node01 ~]# docker run --name b1 -it busybox ###-it 表示交互式,busybox 是镜像名字,b1是容器名字
[root@node01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 2 minutes ago Up 2 minutes b1
b1 这个容器的ip地址是多少呢?
[root@node01 ~]# docker inspect b1
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "25aa40638951e65ebb9b86babb7ceb423d3ba7be79aa6066b1730444cfde0f8e",
"EndpointID": "9d78d9f2e22274b296722ccfe8f5d32538759ce84c5fa2a8162439f600a0d244",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
PID USER TIME COMMAND
1 root 0:00 sh
9 root 0:00 ps
/ # exit
[root@node01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@node01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS ORTS NAMES
01d04a908b5e busybox "sh" 9 minutes ago Exited (0) 9 seconds ago b1
[root@node01 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@node01 ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 11 minutes ago Exited (0) About a minute ago
再次启动容器:
[root@node01 ~]# docker container start --help
Usage: docker container start [OPTIONS] CONTAINER [CONTAINER...]
Start one or more stopped containers
Options:
-a, --attach Attach STDOUT/STDERR and forward signals
--detach-keys string Override the key sequence for detaching a container
-i, --interactive Attach container's STDIN
[root@node01 ~]# docker container start -ai b1
/ # ls
bin dev etc home proc root sys tmp usr var
查看:
[root@node01 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 15 minutes ago Up About a minute b1
容器的停止,查看,删除,再查看
[root@node01 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 19 minutes ago Up 5 minutes b1
[root@node01 ~]# docker container stop b1
b1
[root@node01 ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 20 minutes ago Exited (137) 4 seconds ago b1
[root@node01 ~]# docker container rm b1
b1
[root@node01 ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@node01 ~]#
[root@node01 ~]# docker run --name web1 -d nginx:1.14-alpine
4b236dea9d4771e5424e2970fc9bdfbd99e527b3e38e200fb08d541977288afa
假设现在想跑一个redis:
[root@node01 ~]# docker run --name kvstor1 -d redis:4-alpine ###https://hub.docker.com/
Unable to find image 'redis:4-alpine' locally
4-alpine: Pulling from library/redis
4fe2ade4980c: Pull complete
fb758dc2e038: Pull complete
989f7b0c858b: Pull complete
50b36025d3df: Pull complete
8d0bfcf36ab8: Pull complete
5c1333fecc92: Pull complete
Digest: sha256:83a686210acbcd4d3cb965773ae7a005564796b6281c39d309ef2ceb889e19f9
Status: Downloaded newer image for redis:4-alpine
334be3db178d91515ac245c8d45e18d7ded14ea19e19162bebe5a9294b9d7113
[root@node01 ~]# docker container exec -it kvstor1 /bin/sh
/data # ps
PID USER TIME COMMAND
1 redis 0:00 redis-server
12 root 0:00 /bin/sh
17 root 0:00 ps
/data # netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
tcp 0 0 :::6379 :::* LISTEN
/data # redis-cli
查看每个容器的日志:
[root@node01 ~]# docker container logs web1
[root@node01 ~]# docker container logs kvstor1
1:C 22 Jan 15:27:14.116 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 22 Jan 15:27:14.116 # Redis version=4.0.12, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 22 Jan 15:27:14.116 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 22 Jan 15:27:14.117 * Running mode=standalone, port=6379.
1:M 22 Jan 15:27:14.117 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 22 Jan 15:27:14.117 # Server initialized
1:M 22 Jan 15:27:14.117 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 22 Jan 15:27:14.117 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 22 Jan 15:27:14.117 * Ready to accept connections