1、了解虚拟机和容器的区别
虚拟机的构成:php
- 虚拟硬件(CPU、内存、磁盘、网络)
- 镜像(安装系统)
容器的构成:
3. 进程,能够经过杀死和开启进程来控制容器
4. 容器能够理解成一种环境,能够运行一种服务,也能够运行一种系统
html
虚拟技术两大生态圈:linux
- OpenStack ----虚拟机
- Kubernetes ----容器
虚拟机和容器的区别:nginx
| 虚拟机 | 容器 | |
|---|---|---|
| 资源占用 | 资源占用多 | 资源占用少 |
| 启动时间 | 30~60秒 | 毫秒级别 |
| 安全性 | 系统隔离,安全性高 | 内核共享,安全性低 |
| 弹性扩展 | 执行时间长(虚拟机建立后还须要再安装系统) | 执行时间短(容器直接再开一个进程) |
2、Docker概述
Docker核心概念web
- 镜像
◆ 一个面向Docker容器引擎的只读模板 - 容器
◆ 从镜像建立的运行实例 - 仓库
◆集中保存镜像的地方
Docker是什么?redis
- 是一种轻量级的“虚拟机”
- 在Linux容器里运行应用的开源工具
Docker的使用场景:docker
- 打包应用程序简化部署
- 可脱离底层硬件任意迁移
● 例:服务器从腾讯云迁移到阿里云
CentOS安装Docker的两种方式:apache
- 使用CURL得到Docker的安装脚本进行安装
- 使用YUM仓库来安装Docker
3、安装Docker
1.安装依赖包
[root@localhost ~]# yum -y install yum-utils device-mapper-persistent-data lvm2 #yum-utils 提供了yum-config-manager程序命令(后面用来添加docker的镜像源) #device mapper 存储驱动程序须要device-mapper-persistent-data 和 lvm2 逻辑卷,它为实现用于存储资源管理的快设备驱动提供了一个高度模块化的内核架构
2.设置阿里镜像源
[root@localhost ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo [root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost yum.repos.d]# ls ##多出了docker-ce的yum库 CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo *docker-ce.repo*
3.安装Docker-CE
[root@localhost ~]# yum install -y docker-ce ##安装docker-ce [root@localhost ~]# systemctl start docker [root@localhost ~]# systemctl status docker ● docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2020-11-09 22:40:26 CST; 9s ago Docs: https://docs.docker.com Main PID: 2073 (dockerd) Memory: 41.9M
4、docker常规操做
1.镜像加速(提升镜像下载速度)
阿里云提供免费的镜像加速服务,在阿里云官网注册阿里帐号后能够领取加速地址
json
2.优化网络
[root@localhost docker]# vi /etc/sysctl.conf net.ipv4.ip_forward = 1 ##开启路由转发功能 [root@localhost docker]# sysctl -p net.ipv4.ip_forward = 1 [root@localhost docker]# systemctl restart network [root@localhost docker]# systemctl restart docker [root@localhost docker]# docker version ##查看版本信息 Client: Docker Engine - Community Version: 19.03.13 API version: 1.40 Go version: go1.13.15 Git commit: 4484c46d9d Built: Wed Sep 16 17:03:45 2020 OS/Arch: linux/amd64 Experimental: false ……省略部分
3.镜像操做
[root@localhost ~]# docker search nginx ##查找上架的镜像,查找出的镜像会根据星级热度(STARS)进行排名,下载次数越多,热度越高 NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13981 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1906 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 791 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 128 jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 109 tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 103 [OK] bitnami/nginx Bitnami nginx Docker Image 90 [OK] alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 80 [OK] jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 66 [OK] [root@localhost ~]# docker pull nginx ##下载nginx镜像,结合pull选项。 Using default tag: latest ……省略部分 1966ea362d23: Pull complete Digest: sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest [root@localhost ~]# cd /var/lib/docker/image/overlay2/ 镜像信息存在/var/lib/docker/image/overlay2/repositories.json 文件中 [root@localhost overlay2]# ls distribution imagedb layerdb repositories.json [root@localhost overlay2]# cat repositories.json { "Repositories":{ "nginx":{ "nginx:latest":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1","nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b":"sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1"}} [root@localhost ~]# docker images ##镜像列表中有nginx镜像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost overlay2]# docker inspect c39a868aad02 ##docker inspect 镜像ID,能够查看镜像的详细信息 [ { "Id": "sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1", "RepoTags": [ "nginx:latest" ], "RepoDigests": [ "nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b" ], "Parent": "", "Comment": "", "Created": "2020-11-05T18:21:10.923474978Z", "Container": "16434ccbe2eab08b0e7e63149c390b8a346c8cf92899ba6063c1b2653628f3c1", "ContainerConfig": { "Hostname": "16434ccbe2ea",
添加镜像标签(至关于添加别名,镜像ID不变)vim
[root@localhost ~]# docker images ##查看镜像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker tag nginx:latest nginx:new ##修改nginx镜像标签latest为new [root@localhost ~]# docker images ##再次查看镜像列表,多出了一个镜像名 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB
镜像删除(两种方式:1.基于"镜像名:标签"删除,2.基于镜像ID删除)
格式:docker rmi 镜像ID或者镜像名
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi c39a868aad02 #0#'当该镜像ID存在多个镜像名时,是没法使用镜像ID删除镜像的,会报以下错误' Error response from daemon: conflict: unable to delete c39a868aad02 (must be forced) - image is referenced in multiple repositories [root@localhost ~]# docker rmi nginx:latest #0# 结合rmi,删除标签为latest的镜像 Untagged: nginx:latest [root@localhost ~]# docker images #0#查看镜像列表,删除成功 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB nginx new c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi c39a868aad02 ## 当该镜像只有一个映射关系时(即只有一个镜像名),两种方法均可以删除镜像 Untagged: nginx:new Untagged: nginx@sha256:aeade65e99e5d5e7ce162833636f692354c227ff438556e5f3ed0335b7cc2f1b Deleted: sha256:c39a868aad02a383c7e490e0fc4a5b0217f667f2de764bc2755e315a5adf64a1 Deleted: sha256:1af47386c12cb24b362bd785e71058ab675fbdcbda8e7a7ba0dd10c3cff75a2a Deleted: sha256:25ee02f9e42f8cdca7ca8bc522cb69ac4a86a55401818a13c7a01e52a81894fe Deleted: sha256:b1d2bc3292aa3d64794f99d2885d35b454993b4af24ad350a969d27925db7ebb Deleted: sha256:4216e20d59f9fc90bccdd14493452532806d4803a25514366de2a9c5560624d0 Deleted: sha256:d0fe97fa8b8cefdffcef1d62b65aba51a6c87b6679628a2b50fc6a7a579f764c [root@localhost ~]# docker images #0#再次查看镜像列表,删除成功 REPOSITORY TAG IMAGE ID CREATED SIZE
保存镜像到文件中
[root@localhost ~]# docker pull nginx #0#从新下载nginx镜像 [root@localhost ~]# docker images #0#查看镜像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]#docker save -o /opt/nginx.img nginx:latest ##save表示保存,-o指输出到文件中,将nginx:latest镜像保存到/opt/nginx.img文件中 [root@localhost ~]# ls -lh /opt/ #0#看到新生成的镜像文件 total 131M drwx--x--x 4 root root 28 Nov 9 22:40 containerd -rw------- 1 root root 131M Nov 10 03:05 nginx.img #0#文件被进行了微压缩 drwxrwxr-x 6 root root 334 Oct 27 14:49 redis-5.0.10 drwxr-xr-x. 2 root root 6 Mar 26 2015 rh
将导出的镜像文件中的镜像导入到镜像列表(有两种方式导入)
[root@localhost ~]# docker images #0#查看镜像列表 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi nginx:latest #0#删除镜像 [root@localhost ~]# docker images #0#列表为空 REPOSITORY TAG IMAGE ID CREATED SIZE //方式一:load < [root@localhost ~]# docker load </opt/nginx.img #0#导入到镜像列表 d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB 2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB 2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB 7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: nginx:latest [root@localhost ~]# docker images #0#查看列表,镜像成功导入回来 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB [root@localhost ~]# docker rmi nginx:latest #0#再次删除镜像 //方法二:load -i [root@localhost ~]# docker load -i /opt/nginx.img d0fe97fa8b8c: Loading layer [==================================================>] 72.49MB/72.49MB 2baf69a23d7a: Loading layer [==================================================>] 64.54MB/64.54MB 2f57e21e4365: Loading layer [==================================================>] 3.072kB/3.072kB aee208b6ccfb: Loading layer [==================================================>] 4.096kB/4.096kB 7b5417cae114: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: nginx:latest [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB
4.容器操做
建立容器
格式:docker create -it 镜像 /bin/bash
[root@localhost ~]# docker ps -a #0#查看全部容器,如今为空 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@localhost ~]# docker create -it nginx:latest /bin/bash #0#建立容器,后面加上/bin/bash提供bash环境,方便下次进入容器中进行操做 fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295 [root@localhost ~]# docker ps -a #0#再次查看,有一个新的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 seconds ago Created friendly_zhukovsky [root@localhost ~]# docker ps -a #0#此时状态是被建立状态,还未启动 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 6 minutes ago Created friendly_zhukovsky
启动容器
格式:docker start 容器ID
[root@localhost ~]# docker start fc33df602e20 #0#“docker start 容器ID”命令来启动容器,开启后位“UP”状态 fc33df602e20 [root@localhost ~]# docker ps -a #0#容器启动成功,为Up状态,而且开通了80容器端口 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 13 minutes ago Up About a minute 80/tcp friendly_zhukovsky
关闭容器
格式:docker stop 容器ID
处于up状态的容器会一直占用资源,能够利用stop关闭容器,须要时在开启
[root@localhost ~]# docker stop fc33df602e20 #0#结合stop命令关闭容器 fc33df602e20 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Exited (0) 2 seconds ago friendly_zhukovsky
删除容器
格式:docker rm 容器ID
注意:
- 当镜像存在于容器中时,是没法被删除的(不管容器处于任何状态),只有先删除容器,才能删除对应的镜像
- 运行中的容器没法被删除,必须先中止
[root@localhost ~]# docker images #0#查看镜像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker ps -a #0#查看容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 19 minutes ago Up 17 minutes clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker rmi centos:7 ##镜像存在于容器中时删除会报错 Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8 [root@localhost ~]# docker stop a66dfe602b99 ##中止容器 a66dfe602b99 [root@localhost ~]# docker rmi centos:7 ##再次删除仍是会报一样的错误 Error response from daemon: conflict: unable to remove repository reference "centos:7" (must force) - container a66dfe602b99 is using its referenced image 7e6257c9f8d8 [root@localhost ~]# docker rm a66dfe602b99 #0#先删除容器 a66dfe602b99 [root@localhost ~]# docker rmi centos:7 ##以后删除镜像,就能成功删除了 Untagged: centos:7 Untagged: centos@sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b Deleted: sha256:7e6257c9f8d8d4cdff5e155f196d67150b871bbe8c02761026f803a704acb3e9 Deleted: sha256:613be09ab3c0860a5216936f412f09927947012f86bfa89b263dfa087a725f81 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 2 hours ago Up 1 second 80/tcp friendly_zhukovsky [root@localhost ~]# docker rm fc33df602e20 #0#删除运行中的容器会报错 Error response from daemon: You cannot remove a running container fc33df602e20f90b62e39690978c1f648bed3c6167e15facbed96bd36a8e1295. Stop the container before attempting removal or force remove
docker run执行指令后直接关闭容器(-c:指定指令)
- docker run结合-c指令,会自动检查镜像,没有就建立,有就继续建立容器,并执行-c指定的指令,执行完毕后关闭容器(至关于完成了镜像下载,容器建立,开启容器并执行指令,关闭容器这几个步骤的集合)
- 执行完指令就释放资源
- 适用于并发式的计算,数据分析,数据筛查,数据过滤
[root@localhost ~]# docker run centos:7 /bin/bash -c ls / ##docker run自动识别镜像和容器(无则建立)并执行指令 Unable to find image 'centos:7' locally ##先检查是否有镜像,没有 7: Pulling from library/centos ##下载镜像 75f829a71a1c: Pull complete Digest: sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b Status: Downloaded newer image for centos:7 anaconda-post.log bin ##执行 ls / 查看根目录的指令 dev etc ……省略部分 [root@localhost ~]# docker ps -a ##查看容器信息,处于Exited状态,且返回值为0,执行完指令直接释放资源 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b7f81177db4f centos:7 "/bin/bash -c ls /" 3 minutes ago Exited (0) 3 minutes ago nice_lederberg
docker run后 -c 指定一个while死循环指令,能够实现后台一直运行
[root@promote ~]# docker run centos:7 /bin/bash -c "while :;do echo hello && sleep 2;done" #0#docker run -c 指定死循环 [root@promote ~]# docker ps -a ##查看容器状态,一直处于up状态,COMMAND指令死循环。 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 86c37e78a339 centos:7 "/bin/bash -c 'while…" 57 seconds ago Up 56 seconds charming_tu docker stop 86c37e78a339 ##关闭容器,结束死循环 [root@localhost ~]# docker exec 12ab522157ec /bin/bash ##关闭的容器是没法进入的 Error response from daemon: Container 12ab522157ecb285d05284a4d54e8dd9e5896bab2fb1af9e730313fee35215d8 is not running
导出容器到文件(结合export选项)
格式:docker export 容器ID >文件
- 注意:处于Up状态下的容器也是能够执行导出操做的
[root@localhost ~]# docker ps -a ##容器处于Up状态 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 1 second 80/tcp friendly_zhukovsky docker export fc33df602e20 >/opt/nginx-c.img ##将容器导出到/opt/nginx-c.img文件中 [root@localhost ~]# ll -h /opt/nginx-c.img -rw-r--r-- 1 root root 130M Nov 10 06:33 /opt/nginx-c.img
导入容器(容器的导入只会生成镜像,而不会建立容器)
[root@localhost ~]# cat /opt/nginx-c.img |docker import - nginx:web sha256:79222cd5cf4e7312fb660f9a5788e75e39fa83b2c71565b168f325d6db96b2d3 [root@localhost ~]# docker images ##生成了新的镜像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx web 79222cd5cf4e 3 minutes ago 131MB nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker ps -a ##并无生成新的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Up 10 minutes 80/tcp friendly_zhukovsky
5.容器的批量处理
批量删除容器
##首先多建立几个容器 [root@localhost ~]# docker create -it nginx:web /bin/bash 5394d441b796e35a5e6bacfe8a8cb0abb24e75170e2b6a7be2749a4bae4cabf5 [root@localhost ~]# docker create -it centos:7 /bin/bash 4d00a6509e24469f8206eed4cd8803461c1ef31353b543a6dd3ff5df6f8d6520 [root@localhost ~]# docker ps -a #0#有三个容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4d00a6509e24 centos:7 "/bin/bash" About a minute ago Created gracious_rosalind 5394d441b796 nginx:web "/bin/bash" About a minute ago Created happy_hawking fc33df602e20 nginx:latest "/docker-entrypoint.…" 3 hours ago Exited(0) 14 minutes 80/tcp friendly_zhukovsky [root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker rm " $1}' |bash ##批量删除容器 4d00a6509e24 5394d441b796 fc33df602e20 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
批量建立容器
[root@localhost ~]# docker images |awk 'NR!=1 {print "docker create -it " $3 " /bin/bash"}' |bash ##过滤出镜像ID并执行建立,实现批量建立 8c9a15a9d97ff593ae370468f04dd2e11f666df27ea130d6c5eabdb5c312eb7e 3ba2e19b89a07fa6f22cc63ab3fa0f3c8d60e54b9fbf4318e6a0c442c0ce4fac c34d3e800e29eeab0d304cde07d2b2dd0903a4c9a8028afe08b819793fad2c96 [root@localhost ~]# docker ps -a ##批量建立成功 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c34d3e800e29 7e6257c9f8d8 "/bin/bash" About a minute ago Created kind_jepsen 3ba2e19b89a0 c39a868aad02 "/docker-entrypoint.…" About a minute ago Created flamboyant_herschel 8c9a15a9d97f 79222cd5cf4e "/bin/bash" About a minute ago Created laughing_bardeen
批量开启容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker start " $1}' |bash ##批量开启 32c5a88d27af 3eb37149b0d7 4978744c8ca9 [root@localhost ~]# docker ps -a ##up状态,开启成功 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 32c5a88d27af 7e6257c9f8d8 "/bin/bash" 21 seconds ago Up 2 seconds sleepy_robinson 3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 21 seconds ago Up 1 second 80/tcp focused_pasteur 4978744c8ca9 79222cd5cf4e "/bin/bash" 21 seconds ago Up 1 second zealous_hofstadter
批量中止容器
[root@localhost ~]# docker ps -a |awk 'NR!=1 {print "docker stop " $1}' |bash 32c5a88d27af 3eb37149b0d7 4978744c8ca9 [root@localhost ~]# docker ps -a ##中止状态 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 32c5a88d27af 7e6257c9f8d8 "/bin/bash" 2 minutes ago Exited (137) 2 seconds ago sleepy_robinson 3eb37149b0d7 c39a868aad02 "/docker-entrypoint.…" 2 minutes ago Exited (0) 2 seconds ago focused_pasteur 4978744c8ca9 79222cd5cf4e "/bin/bash" 2 minutes ago Exited (0) 2 seconds ago zealous_hofstadter
6.docker0网卡分析
- 当安装了 decker-ce后,会自动生成一块docker0的网卡,用于管理docker容器,成为相似于全部容器的网关,构建出一个局域网管理全部容器。
- 也正由于这张网卡的出现,咱们才须要开启服务器的路由转发及NAT功能。
[root@localhost ~]# ifconfig #0#查看网卡信息 docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 inet6 fe80::42:c7ff:fe94:64b3 prefixlen 64 scopeid 0x20<link> ether 02:42:c7:94:64:b3 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 16 bytes 1970 (1.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 省略部分
[root@localhost ~]# docker pull centos:7 ##下载CentOS7的镜像 [root@localhost ~]# docker images ##有CentOS7的镜像 REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest c39a868aad02 4 days ago 133MB centos 7 7e6257c9f8d8 3 months ago 203MB [root@localhost ~]# docker create -it centos:7 /bin/bash ##生成镜像为CentOS7的容器 a66dfe602b9951b918759af6167fbcf941c947ac80f3c71438a546352a3c165d [root@localhost ~]# docker ps -a #0#查看centos7容器的ID CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 43 seconds ago Created clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker start a66dfe602b99 #0#开启容器 a66dfe602b99 [root@localhost ~]# docker ps -a #0#up状态,成功开启 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a66dfe602b99 centos:7 "/bin/bash" 3 minutes ago Up 41 seconds clever_mestorf fc33df602e20 nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp friendly_zhukovsky [root@localhost ~]# docker exec -it a66dfe602b99 /bin/bash ##进入容器 [root@a66dfe602b99 /]# [root@a66dfe602b99 /]# yum -y install net-tools #0#下载的是最下内核镜像,所以想要使用ifconfig,须要安装net工具 [root@a66dfe602b99 /]# ifconfig #0#查看容器ip,伪终端的本地ip为172.17.0.3 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet) RX packets 4182 bytes 11991770 (11.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3565 bytes 197037 (192.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@a66dfe602b99 /]# route -n #0#网关是docker0网卡地址 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 [root@a66dfe602b99 /]# exit exit
5、建立Docker镜像
1.Docker镜像
- 应用发布的标准格式
- 支撑一个Docker容器的运行
2.Docker镜像的建立方法
- 基于已有镜像建立
- 基于本地模板建立
- 基于Dockerfile建立 (最为经常使用)
3.基于已有镜像建立镜像
基于已有镜像建立
- 将容器里面运行的程序及运行环境打包生成新的镜像
格式:docker comnit [选项] 容器ID/名称仓库名称:[标签]
-m:说明信息
-a:做者信息
-p:生成过程当中中止容器的运行
[root@localhost ~]# docker ps -a ##有一个正在运行的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5772e1528cac centos:7 "/bin/bash" 29 minutes ago Up 29 minutes suspicious_pare [root@localhost ~]# docker exec -ti 5772e1528cac /bin/bash [root@5772e1528cac /]# echo "hello" >/opt/test.txt #0#建立一个文件,至关于对容器内镜像进行了修改 [root@5772e1528cac /]# cat /opt/test.txt hello [root@5772e1528cac /]# exit ##退出容器 exit [root@localhost ~]# docker commit -m "new" -a "ltp" 5772e1528cac centos:new #0#建立修改后的新镜像 sha256:e36096f9a92239753857cfb4c33c6d1347a389632a3f7a22cc9a420499632bcd [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos new e36096f9a922 8 seconds ago 203MB nginx web 79222cd5cf4e About an hour ago 131MB
4.基于本地模板建立
基于本地模板建立
- 经过导入操做系统模板文件生成新的镜像
- 使用wget命令导入为本地镜像
wget http://download.openvz.org/template/precreated-7.0-x86-minimal.tar.gz - 导入成功后可查看本地镜像信息
docker images lgrep new
[root@localhost ~]# wget http://download.openvz.org/template/precreated/debian-7.0-x86-minimal.tar.gz ##下载镜像模板 ……省略部分 100%[============================================================================>] 88,436,521 2.43MB/s in 37s [root@localhost ~]# ls debian-7.0-x86-minimal.tar.gz [root@localhost ~]# cat debian-7.0-x86-minimal.tar.gz |docker import - debian:new ##容器导入的方式生成新镜像 sha256:0e3a830144d7305d263d846fe1c596a8f4c2ea1d5ea0de0d2c6967af23c096e6 [root@localhost ~]# docker images ##有新镜像产生 REPOSITORY TAG IMAGE ID CREATED SIZE debian new 0e3a830144d7 9 seconds ago 215MB
5.基于Dockerfile建立镜像
基于Dockerfile建立
- Dockerfile是由一组指令组成的文件Dockerfile结构四部分
● 基础镜像信息
● 维护者信息
● 镜像操做指令
● 容器启动时执行指令 - Dockerfile每行支持一条指令,每条指令可携带多个参数,支持使用以“#"号开头的注释
- 镜像的分红
- Dockerfile操做指令
| 指令 | 含义 |
|---|---|
| FROM 镜像 | 指定新镜像所基于的镜像,第一条指令必须为FROM指令,每建立一个镜像就须要一条FROM指令。 |
| MAINTAINER 名字 | 说明新镜像的维护人信息 |
| RUN 命令 | 在所基于的镜像上执行命令,并提交到新的镜像中 |
| CMD [“要运行的程序”,“参数1”,“参数2”] | 指令启动容器时要运行的命令或者脚本,Dockerfile只能有一条CMD命令,若是指定多条则只能最后一条被执行(注意,就算指定多条也不会有报错信息,可是无效) |
| EXPOSE 端口号 | 指定新镜像加载到Docker时要开启的端口(容器对外开放的端口) |
| ENV 环境变量 变量值 | 设置一个环境变量的值,会被后面的RUN使用 |
| ADD 源文件/目录 目标文件/目录 | 将源文件复制到目标文件,源文件要与Dockerfile位于相同目录中,或者是一个URL(容器外的文件拷贝到容器内) |
| COPY 源文件/目录 目标文件/目录 | 将本地主机上的文件/目录复制到目标地点,源文件/目录要与Dockerfile在相同的目录中(容器内部的拷贝) |
| VOLUME [“目录”] | 在容器中建立一个挂载点,将容器中的目录挂载到真机的目录上(宿主机共享出一个目录供容器使用) |
| USER 用户名/UID | 指定运行容器时的用户 |
| WORKDIR 路径 | 为后续的RUN、CMD、ENTRYPOINT指定工做目录(至关于容器内的cd,切换路径) |
| ONBUILD 命令 | 指定所生成的镜像做为一个基础镜像时所要运行的命令 |
| HEALTHCHECK | 健康检查 |
[root@localhost ~]# mkdir apache ##建立一个存放目录 [root@localhost ~]# cd apache/ [root@localhost apache]# vim Dockerfile #0#建立Dockerfile文件,注意,必定要是这个文件名,不能改 FROM centos:7 #基于的基础镜像 MAINTAINER The porject <cloud-ops@centos.org> #0#维护镜像的用户信息(自定义,能够不写) RUN yum -y update #0#更新yum仓库 RUN yum -y install httpd #0#镜像操做指令安装apache软件 EXPOSE 80 #开启80端口 ADD index.html /var/www/html/index.html #0#复制网站首页文件到容器/var/www/html/index.html ADD run.sh /run.sh #0#将执行脚本复制到镜像中 RUN chmod 755 /run.sh ##授予脚本执行权限 CMD ["/run.sh"] #0#启动容器时执行脚本 [root@localhost apache]# vim run.sh #!/bin/bash rm -rf /run/httpd/* #0#删除容器中原路httpd的缓存文件 exec /usr/sbin/apachectl -D FOREGROUND ##-D FOREGROUND 前台运行 [root@localhost apache]# echo "Hello Docker" > index.html #0#生成首页文件 [root@localhost apache]# docker build -t httpd:centos . #0#构建镜像,注意末尾有“.” ##Dockerfile构建镜像的方式是每执行一个操做就建立一个临时容器,操做完成后移除临时容器 Sending build context to Docker daemon 4.096kB Step 1/9 : FROM centos:7 ---> 7e6257c9f8d8 Step 2/9 : MAINTAINER The porject <cloud-ops@centos.org> ##描述信息 ---> Running in 42839a68eb21 ##'建立临时容器' Removing intermediate container 42839a68eb21 #0#完成后删除临时容器 ---> 1e0299f24408 Step 3/9 : RUN yum -y update #1#执行更新yum仓库 ---> Running in b5f6ede89a2c #1#再次建立临时容器,而后再移除 ……省略部分 Removing intermediate container 1a7c4de7d2c8 ---> 7a0a23b6969c Step 5/9 : EXPOSE 80 ---> Running in ee11b40f4b00 Removing intermediate container ee11b40f4b00 ---> 6089b87f70bb Step 6/9 : ADD index.html /var/www/html/index.html ---> 984532d2525b Step 7/9 : ADD run.sh /run.sh ---> 9fdecb3739c2 Step 8/9 : RUN chmod 755 /run.sh ---> Running in 65024462dcfc Removing intermediate container 65024462dcfc ---> b2c495c4490a Step 9/9 : CMD ["/run.sh"] ---> Running in ce777dd9f0e8 Removing intermediate container ce777dd9f0e8 ---> 07feb32493c4 Successfully built 07feb32493c4 Successfully tagged httpd:centos [root@localhost apache]# docker run -d -p 1216:80 httpd:centos #0#后台运行镜像,而且作端口映射 5b128cf5a4f1ae0ae1ded2d86249ae218a71e601d64ea0f106dac0584981c420 [root@localhost apache]# docker ps -a ##新生成的两个容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5b128cf5a4f1 httpd:centos "/run.sh" 3 minutes ago Up 3 minutes 0.0.0.0:1216->80/tcp frosty_visvesvaraya 5772e1528cac centos:7 "/bin/bash" 2 hours ago Up 2 hours suspicious_pare
访问测试(192.168.10.10:1216)