上传文件至 'Docker-compose-MD'
This commit is contained in:
parent
90b851a5d5
commit
b5559f5186
|
@ -0,0 +1,434 @@
|
||||||
|
<h1><center>初始Docker</center></h1>
|
||||||
|
|
||||||
|
**作者:行癫(盗版必究)**
|
||||||
|
|
||||||
|
------
|
||||||
|
|
||||||
|
## 一:容器简介
|
||||||
|
|
||||||
|
#### 1.Docker之logo
|
||||||
|
|
||||||
|
<img src="https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20220613223124564.png" alt="image-20220613223124564" style="zoom:50%;" />
|
||||||
|
|
||||||
|
容器其实是一种沙盒技术。顾名思义,沙盒就是能够像一个集装箱一样,把你的应用"装"起来的技术。这样,应用与应用之间,就因为有了边界而不至于相互干扰;而被装进集装箱的应用,也可以被方便地搬来搬去,这其实是 PaaS 最理想的状态。
|
||||||
|
|
||||||
|
#### 2.云计算服务类型
|
||||||
|
|
||||||
|
基础设施即服务IaaS
|
||||||
|
|
||||||
|
平台即服务PaaS
|
||||||
|
|
||||||
|
软件即服务SaaS
|
||||||
|
|
||||||
|
注意:
|
||||||
|
|
||||||
|
IAAS:指把IT基础设施作为一种服务通过网络对外提供,并根据用户对资源的实际使用量或占用量进行计费的一种服务模式
|
||||||
|
|
||||||
|
PaaS:为开发人员提供了一个框架,使他们可以基于它创建自定义应用程序。所有服务器,存储和网络都可以由企业或第三方提供商进行管理,而开发人员可以负责应用程序的管理
|
||||||
|
|
||||||
|
SaaS:提供商为企业搭建信息化所需要的所有网络基础设施及软件、硬件运作平台,并负责所有前期的实施、后期的维护等一系列服务,企业无需购买软硬件、建设机房、招聘IT人员,即可通过互联网使用信息系统。就像打开自来水龙头就能用水一样,企业根据实际需要,向SaaS提供商租赁软件服务
|
||||||
|
|
||||||
|
#### 3.容器的本质
|
||||||
|
|
||||||
|
容器的本质是进程,容器就是未来云计算系统中的进程
|
||||||
|
|
||||||
|
#### 4.容器和虚拟化对比
|
||||||
|
|
||||||
|
容器是应用程序层的抽象,将代码和依赖项打包在一起。多个容器可以在同一台计算机上运行,并与其他容器共享OS内核,每个容器在用户空间中作为隔离的进程运行。容器占用的空间少于VM,可以处理更多的应用程序,并且需要的VM和操作系统更少
|
||||||
|
|
||||||
|
<img src="https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/image-20220613223852295.png" alt="image-20220613223852295" style="zoom:50%;" />
|
||||||
|
|
||||||
|
#### 5.Docker基本概念
|
||||||
|
|
||||||
|
Docker系统有两个程序:docker服务端和docker客户端
|
||||||
|
|
||||||
|
Docker服务端:
|
||||||
|
|
||||||
|
是一个服务进程,管理着所有的容器
|
||||||
|
|
||||||
|
Docker客户端:
|
||||||
|
|
||||||
|
是docker服务端的远程控制器,可以用来控制docker的服务端进程
|
||||||
|
|
||||||
|
#### 6.Docker的优势
|
||||||
|
|
||||||
|
###### 交付物标准化
|
||||||
|
|
||||||
|
Docker是软件工程领域的"标准化"交付组件,最恰到好处的类比是"集装箱";集装箱将零散、不易搬运的大量物品封装成一个整体,集装箱更重要的意义在于它提供了一种通用的封装货物的标准,卡车、火车、货轮、桥吊等运输或搬运工具采用此标准,隧道、桥梁等也采用此标准。以集装箱为中心的标准化设计大大提高了物流体系的运行效率
|
||||||
|
|
||||||
|
注意:
|
||||||
|
|
||||||
|
传统的软件交付物包括:应用程序、依赖软件安装包、配置说明文档、安装文档、上线文档等非标准化组件
|
||||||
|
|
||||||
|
Docker的标准化交付物称为"镜像",它包含了应用程序及其所依赖的运行环境,大大简化了应用交付的模式
|
||||||
|
|
||||||
|
###### 一次构建,多次交付
|
||||||
|
|
||||||
|
类似于集装箱的"一次装箱,多次运输",Docker镜像可以做到"一次构建,多次交付"。当涉及到应用程序多副本部署或者应用程序迁移时,更能体现Docker的价值
|
||||||
|
|
||||||
|
###### 应用隔离
|
||||||
|
|
||||||
|
集装箱可以有效做到货物之间的隔离,使化学物品和食品可以堆砌在一起运输。Docker可以隔离不同应用程序之间的相互影响,但是比虚拟机开销更小;总之,容器技术部署速度快,开发、测试更敏捷;提高系统利用率,降低资源成本
|
||||||
|
|
||||||
|
#### 7.Docker核心组件
|
||||||
|
|
||||||
|
Docker 镜像 - Docker images
|
||||||
|
|
||||||
|
Docker 仓库 - Docker registeries
|
||||||
|
|
||||||
|
Docker 容器 - Docker containers
|
||||||
|
|
||||||
|
#### 8.Docker仓库
|
||||||
|
|
||||||
|
用来保存镜像,可以理解为代码控制中的代码仓库。同样的,Docker 仓库也有公有和私有的概念
|
||||||
|
|
||||||
|
公有的 Docker 仓库名字是 Docker Hub
|
||||||
|
|
||||||
|
###### 库:registry
|
||||||
|
|
||||||
|
公有库:
|
||||||
|
|
||||||
|
Docker-hub Daocloud ali 网易蜂巢
|
||||||
|
|
||||||
|
私有库:
|
||||||
|
|
||||||
|
公司内部使用(自己部署)
|
||||||
|
|
||||||
|
###### 分类:
|
||||||
|
|
||||||
|
操作系统名称 centos ubuntu
|
||||||
|
|
||||||
|
应用名称 nginx tomcat mysql
|
||||||
|
|
||||||
|
###### Tag:
|
||||||
|
|
||||||
|
表示镜像版本
|
||||||
|
|
||||||
|
#### 9.Docker镜像
|
||||||
|
|
||||||
|
Docker 镜像是 Docker 容器运行时的只读模板,每一个镜像由一系列的层 (layers) 组成
|
||||||
|
|
||||||
|
每一个镜像都可能依赖于由一个或多个下层的组成的另一个镜像,下层那个镜像是上层镜像的父镜像
|
||||||
|
|
||||||
|
###### 镜像名称:
|
||||||
|
|
||||||
|
仓库名称+镜像分类+tag名称(镜像版本)
|
||||||
|
|
||||||
|
###### 完整镜像名称:
|
||||||
|
|
||||||
|
docker.io/nginx:v1
|
||||||
|
|
||||||
|
docker.io/nginx:latest
|
||||||
|
|
||||||
|
daocloud.io/centos:6
|
||||||
|
|
||||||
|
###### 镜像ID:
|
||||||
|
|
||||||
|
64位的id号
|
||||||
|
|
||||||
|
例如:e6ea68648f0cd70c8d77c79e8cd4c17f63d587815afcf274909b591cb0e417ab
|
||||||
|
|
||||||
|
###### 基础镜像:
|
||||||
|
|
||||||
|
一个没有任何父镜像的镜像,谓之基础镜像
|
||||||
|
|
||||||
|
###### 注意:
|
||||||
|
|
||||||
|
Registry中镜像是通过Repository来组织的,而每个Repository又包含了若干个Image。Registry包含一个或多个Repository
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/0.png)
|
||||||
|
|
||||||
|
#### 10.Docker容器
|
||||||
|
|
||||||
|
Docker 容器和文件夹很类似,一个Docker容器包含了所有的某个应用运行所需要的环境
|
||||||
|
|
||||||
|
每一个 Docker 容器都是从 Docker 镜像创建的;Docker 容器可以运行、开始、停止、移动和删除
|
||||||
|
|
||||||
|
每一个 Docker 容器都是独立和安全的应用平台,Docker 容器是 Docker 的运行部分
|
||||||
|
|
||||||
|
## 二:容器安装部署
|
||||||
|
|
||||||
|
#### 1.Docker版本
|
||||||
|
|
||||||
|
Docker-ce
|
||||||
|
|
||||||
|
Docker-ee
|
||||||
|
|
||||||
|
#### 2.Docker安装
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 git
|
||||||
|
[root@xingdian ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
|
||||||
|
[root@xingdian ~]# yum install docker-ce -y
|
||||||
|
以上是安装最新版本,如果需要指定版本安装,见下面命令:
|
||||||
|
|
||||||
|
查看docker版本:
|
||||||
|
[root@xingdian ~]# yum list docker-ce --showduplicates
|
||||||
|
指定版本安装:
|
||||||
|
[root@xingdian ~]# yum install docker-ce-20.10.2.ce -y
|
||||||
|
|
||||||
|
启动服务并做开机启动:
|
||||||
|
[root@xingdian ~]# systemctl enable docker
|
||||||
|
[root@xingdian ~]# systemctl start docker
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 3.Docker查看
|
||||||
|
|
||||||
|
###### 查看安装版本:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@master ~]# docker -v
|
||||||
|
Docker version 20.10.16, build aa7e414
|
||||||
|
```
|
||||||
|
|
||||||
|
###### 查看docker运行状态:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@master ~]# docker info
|
||||||
|
Client:
|
||||||
|
Context: default
|
||||||
|
Debug Mode: false
|
||||||
|
Plugins:
|
||||||
|
app: Docker App (Docker Inc., v0.9.1-beta3)
|
||||||
|
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
|
||||||
|
scan: Docker Scan (Docker Inc., v0.17.0)
|
||||||
|
|
||||||
|
Server:
|
||||||
|
Containers: 33
|
||||||
|
Running: 16
|
||||||
|
Paused: 0
|
||||||
|
Stopped: 17
|
||||||
|
Images: 12
|
||||||
|
Server Version: 20.10.16
|
||||||
|
Storage Driver: overlay2
|
||||||
|
Backing Filesystem: xfs
|
||||||
|
Supports d_type: true
|
||||||
|
Native Overlay Diff: true
|
||||||
|
userxattr: false
|
||||||
|
Logging Driver: json-file
|
||||||
|
Cgroup Driver: cgroupfs
|
||||||
|
Cgroup Version: 1
|
||||||
|
Plugins:
|
||||||
|
Volume: local
|
||||||
|
Network: bridge host ipvlan macvlan null overlay
|
||||||
|
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
|
||||||
|
Swarm: inactive
|
||||||
|
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
|
||||||
|
Default Runtime: runc
|
||||||
|
Init Binary: docker-init
|
||||||
|
containerd version: 212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
|
||||||
|
runc version: v1.1.1-0-g52de29d
|
||||||
|
init version: de40ad0
|
||||||
|
Security Options:
|
||||||
|
seccomp
|
||||||
|
Profile: default
|
||||||
|
Kernel Version: 3.10.0-1160.el7.x86_64
|
||||||
|
Operating System: CentOS Linux 7 (Core)
|
||||||
|
OSType: linux
|
||||||
|
Architecture: x86_64
|
||||||
|
CPUs: 2
|
||||||
|
Total Memory: 3.701GiB
|
||||||
|
Name: master
|
||||||
|
ID: VQQL:HVIY:NPF2:OPE6:SQK7:ZRGZ:RQVG:3XKX:MLMD:OYT5:OZKP:FRYW
|
||||||
|
Docker Root Dir: /var/lib/docker
|
||||||
|
Debug Mode: false
|
||||||
|
Registry: https://index.docker.io/v1/
|
||||||
|
Labels:
|
||||||
|
Experimental: false
|
||||||
|
Insecure Registries:
|
||||||
|
192.168.18.230:80
|
||||||
|
127.0.0.0/8
|
||||||
|
Live Restore Enabled: false
|
||||||
|
```
|
||||||
|
|
||||||
|
## 三:国内镜像仓库的使用
|
||||||
|
|
||||||
|
#### 1.国内镜像站
|
||||||
|
|
||||||
|
https://www.daocloud.io
|
||||||
|
|
||||||
|
#### 2.国外镜像站
|
||||||
|
|
||||||
|
https://hub.docker.com
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/0-16551326599845.png)
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/0-16551326919458.png)
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/0-165513272390511.png)
|
||||||
|
|
||||||
|
#### 3.镜像加速器
|
||||||
|
|
||||||
|
使用 Docker 的时候,需要经常从官方获取镜像,但是由于显而易见的网络原因,拉取镜像的过程非常耗时,严重影响使用 Docker 的体验。因此 DaoCloud 推出了加速器工具解决这个难题,通过智能路由和缓存机制,极大提升了国内网络访问 Docker Hub 的速度,目前已经拥有了广泛的用户群体,并得到了 Docker 官方的大力推荐
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/0-165513277255814.png)
|
||||||
|
|
||||||
|
#### 4.登陆登出Docker Hub
|
||||||
|
|
||||||
|
登录到自己的Docker register,需有Docker Hub的注册账号
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker login
|
||||||
|
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
|
||||||
|
Username: 17343051369
|
||||||
|
Password:
|
||||||
|
Login Succeeded
|
||||||
|
|
||||||
|
logout Log out from a Docker registry
|
||||||
|
退出登录
|
||||||
|
# docker logout
|
||||||
|
Remove login credentials for https://index.docker.io/v1/
|
||||||
|
```
|
||||||
|
|
||||||
|
## 四:Docker使用
|
||||||
|
|
||||||
|
#### 1.镜像操作
|
||||||
|
|
||||||
|
查看centos所有的镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker search centos
|
||||||
|
```
|
||||||
|
|
||||||
|
注意:
|
||||||
|
|
||||||
|
凡是镜像大于100的显示出来,小于100的不显示
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker search centos --filter=stars=100
|
||||||
|
OFFICIAL [OK]代表官方的
|
||||||
|
AUTOMATED [OK]代表完整的镜像
|
||||||
|
```
|
||||||
|
|
||||||
|
拉取镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker pull centos
|
||||||
|
[root@xingdian ~]# docker pull daocloud.io/library/centos:7.8.2003
|
||||||
|
```
|
||||||
|
|
||||||
|
查看本地镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker image list
|
||||||
|
[root@xingdian ~]# docker images
|
||||||
|
[root@xingdian ~]# docker image ls
|
||||||
|
```
|
||||||
|
|
||||||
|
查看镜像详情:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker image inspect 镜像id
|
||||||
|
```
|
||||||
|
|
||||||
|
删除镜像:
|
||||||
|
|
||||||
|
注意:删除一个或多个,多个之间用空格隔开,可以使用镜像名称或id
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker rmi daocloud.io/library/mysql
|
||||||
|
强制删除:--force
|
||||||
|
如果镜像正在被使用中可以使用--force强制删除
|
||||||
|
[root@xingdian ~]# docker rmi docker.io/ubuntu:latest --force
|
||||||
|
```
|
||||||
|
|
||||||
|
删除所有镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker rmi $(docker images -q)
|
||||||
|
#-q查出所有id号
|
||||||
|
只查看所有镜像的id:
|
||||||
|
[root@xingdian ~]# docker images -q
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 2.容器操作
|
||||||
|
|
||||||
|
启动容器并指定名为server并放后台运行
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run --name server -it -d centos:latest /bin/bash
|
||||||
|
```
|
||||||
|
|
||||||
|
使用镜像 nginx:latest,以后台模式启动一个容器,将容器的 80 端口映射到主机的 80 端口,主机的目录 /data 映射到容器的 /data
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@blackmed ~]# docker run -p 80:80 -v /data:/data -d nginx:latest
|
||||||
|
```
|
||||||
|
|
||||||
|
使用镜像nginx:latest以交互模式启动容器,容器内执行/bin/bash命令
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@blackmed ~]# docker run -it nginx:latest /bin/bash
|
||||||
|
参数:
|
||||||
|
• -v:文件映射,格式为:主机目录:容器目录
|
||||||
|
• -d: 后台运行容器,并返回容器ID;
|
||||||
|
• -i: 以交互模式运行容器,通常与 -t 同时使用;
|
||||||
|
• -p: 端口映射,格式为:主机(宿主)端口:容器端口
|
||||||
|
• -t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用;
|
||||||
|
• --name="nginx-lb": 为容器指定一个名称;
|
||||||
|
• --dns 8.8.8.8: 指定容器使用的DNS服务器,默认和宿主一致;
|
||||||
|
• --dns-search example.com: 指定容器DNS搜索域名,默认和宿主一致;
|
||||||
|
• -h "mars": 指定容器的hostname;
|
||||||
|
• -e username="ritchie": 设置环境变量;
|
||||||
|
• --cpuset-cpus="0-2" or --cpuset-cpus="0,1,2": 绑定容器到指定CPU运行;
|
||||||
|
--privileged 以特权模式运行
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 3.查看容器
|
||||||
|
|
||||||
|
只查看运行状态的容器:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker ps
|
||||||
|
[root@xingdian ~]# docker ps -a
|
||||||
|
-a 查看所有容器
|
||||||
|
只查看所有容器id:
|
||||||
|
[root@xingdian ~]# docker ps -a -q
|
||||||
|
列出最近一次启动的容器
|
||||||
|
[root@xingdian ~]# docker ps -l
|
||||||
|
```
|
||||||
|
|
||||||
|
查看容器详细信息:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker inspect 1fbf6
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"Id": "1fbf6d9c50217c0f630fec1f98c6647e38e2371af94f2860d34674eeffd42f84",
|
||||||
|
"Created": "2020-08-12T15:52:39.064893415Z",
|
||||||
|
"Path": "/docker-entrypoint.sh",
|
||||||
|
"Args": [
|
||||||
|
"nginx",
|
||||||
|
"-g",
|
||||||
|
"daemon off;"
|
||||||
|
],
|
||||||
|
"State": {
|
||||||
|
"Status": "running",
|
||||||
|
"Running": true,
|
||||||
|
"Paused": false,
|
||||||
|
"Restarting": false,
|
||||||
|
容器信息很多,这里只粘贴了一部分
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 4.启动容器
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker start name
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 5.关闭容器
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker stop name
|
||||||
|
退出不关闭:
|
||||||
|
快捷键:ctrl +p+q
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 6.删除容器
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker rm 容器id或名称
|
||||||
|
要删除一个运行中的容器,添加 -f 参数
|
||||||
|
根据格式删除所有容器:
|
||||||
|
[root@xingdian ~]# docker rm $(docker ps -a -q)
|
||||||
|
```
|
|
@ -0,0 +1,371 @@
|
||||||
|
<h1><center>Docker应用</center></h1>
|
||||||
|
|
||||||
|
**作者:行癫(盗版必究)**
|
||||||
|
|
||||||
|
------
|
||||||
|
|
||||||
|
## 一:端口转发
|
||||||
|
|
||||||
|
容器:172.16.0.2 5000
|
||||||
|
|
||||||
|
client----->eth0:10.18.45.197------->172.16.0.2:5000
|
||||||
|
|
||||||
|
5000
|
||||||
|
|
||||||
|
使用端口转发解决容器端口访问问题
|
||||||
|
|
||||||
|
-p:
|
||||||
|
|
||||||
|
创建应用容器的时候,一般会做端口映射,这样是为了让外部能够访问这些容器里的应用。可以用多个-p指定多个端口映射关系
|
||||||
|
|
||||||
|
mysql应用端口转发:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
查看本地地址:
|
||||||
|
[root@xingdian ~]# ip a
|
||||||
|
ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
|
||||||
|
link/ether 00:0c:29:0a:5b:8b brd ff:ff:ff:ff:ff:ff
|
||||||
|
inet 192.168.245.134/24 brd 192.168.245.255 scope global dynamic ens33
|
||||||
|
valid_lft 1444sec preferred_lft 1444sec
|
||||||
|
```
|
||||||
|
|
||||||
|
运行容器:使用-p作端口转发,把本地3307转发到容器的3306,其他参数需要查看发布容器的页面提示
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run --name mysql1 -p 3307:3306 -e MYSQL_ROOT_PASSWORD=123 daocloud.io/library/mysql
|
||||||
|
```
|
||||||
|
|
||||||
|
通过本地IP:192.168.245.134的3307端口访问容器mysql1内的数据库,出现如下提示恭喜你
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian /]# mysql -u root -p123 -h 192.168.245.134 -P3307
|
||||||
|
Welcome to the MariaDB monitor. Commands end with ; or \g.
|
||||||
|
Your MySQL connection id is 3
|
||||||
|
Server version: 5.7.18 MySQL Community Server (GPL)
|
||||||
|
|
||||||
|
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
|
||||||
|
|
||||||
|
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
|
||||||
|
|
||||||
|
MySQL [(none)]>
|
||||||
|
```
|
||||||
|
|
||||||
|
## 二:部署私有仓库
|
||||||
|
|
||||||
|
仓库镜像,Docker hub官方已提供容器镜像registry,用于搭建私有仓库
|
||||||
|
|
||||||
|
拉取镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker pull daocloud.io/library/registry:latest
|
||||||
|
```
|
||||||
|
|
||||||
|
运行容器:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run --restart=always -d -p 5000:5000 daocloud.io/library/registry
|
||||||
|
```
|
||||||
|
|
||||||
|
注:如果创建容器不成功,报错防火墙,解决方案如下
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# systemctl stop firewalld
|
||||||
|
[root@xingdian ~]# systemctl restart docker
|
||||||
|
```
|
||||||
|
|
||||||
|
查看运行的容器:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker ps
|
||||||
|
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
|
||||||
|
1f444285bed8 daocloud.io/library/registry "/entrypoint.sh /etc/" 23 seconds ago Up 21 seconds 0.0.0.0:5000->5000/tcp elegant_rosalind
|
||||||
|
```
|
||||||
|
|
||||||
|
连接容器查看端口状态:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker exec -it 1f444285bed8 /bin/sh //这里是sh 不是bash
|
||||||
|
/ # netstat -antpl //查看5000端口是否开启(容器内查看)
|
||||||
|
Active Internet connections (only servers)
|
||||||
|
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
|
||||||
|
tcp 0 0 :::5000 :::* LISTEN 1/registry
|
||||||
|
Active UNIX domain sockets (only servers)
|
||||||
|
Proto RefCnt Flags Type State I-Node PID/Program name Path
|
||||||
|
```
|
||||||
|
|
||||||
|
在本机查看能否访问该私有仓库, 看看状态码是不是200:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian registry]# curl -I 127.0.0.1:5000
|
||||||
|
HTTP/1.1 200 OK
|
||||||
|
Cache-Control: no-cache
|
||||||
|
Date: Thu, 08 Oct 2020 05:34:32 GMT
|
||||||
|
```
|
||||||
|
|
||||||
|
为了方便,下载1个比较小的镜像,buysbox:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian registry]# docker pull busybox
|
||||||
|
```
|
||||||
|
|
||||||
|
上传前必须给镜像打tag 注明ip和端口:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker tag busybox 本机IP:端口/busybox
|
||||||
|
```
|
||||||
|
|
||||||
|
这是直接从官方拉的镜像,很慢:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker tag busybox 192.168.245.136:5000/busybox
|
||||||
|
```
|
||||||
|
|
||||||
|
下面这个Mysql是我测试的第二个镜像,从daocloud拉取的:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker tag daocloud.io/library/mysql 192.168.245.136:5000/daocloud.io/library/mysql
|
||||||
|
```
|
||||||
|
|
||||||
|
注意:
|
||||||
|
|
||||||
|
tag后面可以使用镜像名称也可以使用id,我这里使用的镜像名称,如果使用官方的镜像,不需要加前缀,但是daocloud.io的得加前缀
|
||||||
|
|
||||||
|
修改请求方式为http:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
默认为https,不改会报以下错误:
|
||||||
|
Get https://master.up.com:5000/v1/_ping: http: server gave HTTP response to HTTPS client
|
||||||
|
[root@xingdian ~]# vim /etc/docker/daemon.json
|
||||||
|
{ "insecure-registries":["192.168.245.136:5000"] }
|
||||||
|
重启docker:
|
||||||
|
[root@xingdian ~]# systemctl restart docker
|
||||||
|
```
|
||||||
|
|
||||||
|
上传镜像到私有仓库:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker push 192.168.245.136:5000/busybox
|
||||||
|
[root@xingdian ~]# docker push 192.168.245.136:5000/daocloud.io/library/mysql
|
||||||
|
```
|
||||||
|
|
||||||
|
查看私有仓库里的所有镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# curl 192.168.245.130:5000/v2/_catalog
|
||||||
|
{"repositories":["busybox"]}
|
||||||
|
```
|
||||||
|
|
||||||
|
查看私有仓库里的镜像版本:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@docker ~]# curl 10.11.67.110:5000/v2/busybox/tags/list
|
||||||
|
{"name":"busybox","tags":["v1","v2"]}
|
||||||
|
```
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@docker ~]# curl -XGET http://10.11.67.110:3000/v2/busybox/tags/list
|
||||||
|
{"name":"busybox","tags":["v1","v2"]}
|
||||||
|
查询镜像digest_hash,删除命令里边要填写的 镜像digest_hash 就是 查询结果里边 Docker-Content-Digest: 后边的内容
|
||||||
|
[root@docker ~]# curl --header "Accept:application/vnd.docker.distribution.manifest.v2+json" -I -XGET http://10.11.67.110:3000/v2/busybox/manifests/v1
|
||||||
|
HTTP/1.1 200 OK
|
||||||
|
Content-Length: 527
|
||||||
|
Content-Type: application/vnd.docker.distribution.manifest.v2+json
|
||||||
|
Docker-Content-Digest: sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc
|
||||||
|
Docker-Distribution-Api-Version: registry/2.0
|
||||||
|
Etag: "sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc"
|
||||||
|
X-Content-Type-Options: nosniff
|
||||||
|
Date: Thu, 12 Nov 2020 07:29:46 GMT
|
||||||
|
删除私有库镜像
|
||||||
|
进入/etc/docker/registry/config.yml添加,在stroage后面加
|
||||||
|
delete
|
||||||
|
enabled: true
|
||||||
|
修改完后重新启动容器
|
||||||
|
[root@docker ~]# curl -I -XDELETE http://10.11.67.110:3000/v2/busybox/manifests/sha256:c9249fdf56138f0d929e2080ae98ee9cb2946f71498fc1484288e6a935b5e5bc
|
||||||
|
HTTP/1.1 202 Accepted
|
||||||
|
Docker-Distribution-Api-Version: registry/2.0
|
||||||
|
X-Content-Type-Options: nosniff
|
||||||
|
Date: Thu, 12 Nov 2020 07:30:22 GMT
|
||||||
|
Content-Length: 0
|
||||||
|
查看镜像信息可以看到镜像的标签显示为空 null
|
||||||
|
[root@docker ~]# curl -XGET http://10.11.67.110:3000/v2/busybox/tags/list
|
||||||
|
{"name":"busybox","tags":null}
|
||||||
|
```
|
||||||
|
|
||||||
|
## 三:部署centos7容器应用
|
||||||
|
|
||||||
|
systemd 整合:
|
||||||
|
|
||||||
|
因为 systemd 要求 CAPSYSADMIN 权限,从而得到了读取到宿主机 cgroup 的能力,CentOS7 中已经用 fakesystemd 代替了 systemd 来解决依赖问题。 如果仍然希望使用 systemd,可用参考下面的 Dockerfile:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# vim Dockerfile
|
||||||
|
FROM daocloud.io/library/centos:7
|
||||||
|
MAINTAINER "xingdian" xingdian@qq.com
|
||||||
|
ENV container docker
|
||||||
|
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
|
||||||
|
RUN yum -y update; yum clean all; \
|
||||||
|
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
|
||||||
|
rm -f /lib/systemd/system/multi-user.target.wants/*;\
|
||||||
|
rm -f /etc/systemd/system/*.wants/*;\
|
||||||
|
rm -f /lib/systemd/system/local-fs.target.wants/*; \
|
||||||
|
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
|
||||||
|
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
|
||||||
|
rm -f /lib/systemd/system/basic.target.wants/*;\
|
||||||
|
rm -f /lib/systemd/system/anaconda.target.wants/*;
|
||||||
|
VOLUME [ "/sys/fs/cgroup" ]
|
||||||
|
CMD ["/usr/sbin/init"]
|
||||||
|
```
|
||||||
|
|
||||||
|
这个Dockerfile删除fakesystemd 并安装了 systemd
|
||||||
|
|
||||||
|
然后再构建基础镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build --rm -t local/c7-systemd .
|
||||||
|
```
|
||||||
|
|
||||||
|
为了使用像上面那样包含 systemd 的容器,需要创建一个类似下面的Dockerfile:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# vim Dockerfile
|
||||||
|
FROM local/c7-systemd
|
||||||
|
RUN yum -y install httpd; yum clean all; systemctl enable httpd.service
|
||||||
|
EXPOSE 80
|
||||||
|
CMD ["/usr/sbin/init"]
|
||||||
|
```
|
||||||
|
|
||||||
|
构建镜像:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build --rm -t local/c7-systemd-httpd .
|
||||||
|
```
|
||||||
|
|
||||||
|
运行包含 systemd 的应用容器:
|
||||||
|
|
||||||
|
为了运行一个包含 systemd 的容器,需要使用--privileged选项, 并且挂载主机的 cgroups 文件夹。 下面是运行包含 systemd 的 httpd 容器的示例命令:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run --privileged -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/c7-systemd-httpd
|
||||||
|
```
|
||||||
|
|
||||||
|
注意:上条命令不能添加/bin/bash,添加了会导致服务不可用,而且有些服务可能会发现之前提到的权限不够的问题,但是如果不加会运行在前台(没有用-d),可以用ctrl+p+q放到后台去
|
||||||
|
|
||||||
|
测试可用:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# elinks --dump http://docker //下面为apache默认页面
|
||||||
|
Testing 123..
|
||||||
|
This page is used to test the proper operation of the [1]Apache HTTP
|
||||||
|
server after it has been installed. If you can read this page it means
|
||||||
|
that this site is working properly. This server is powered by [2]CentOS.
|
||||||
|
```
|
||||||
|
|
||||||
|
## 四:固定容器IP
|
||||||
|
|
||||||
|
#### 1.容器网络
|
||||||
|
|
||||||
|
docker安装后,默认会创建三种网络类型,bridge、host和none
|
||||||
|
|
||||||
|
显示当前网络:
|
||||||
|
|
||||||
|
```
|
||||||
|
[root@xingdian ~]# docker network list
|
||||||
|
NETWORK ID NAME DRIVER SCOPE
|
||||||
|
90b22f633d2f bridge bridge local
|
||||||
|
e0b365da7fd2 host host local
|
||||||
|
da7b7a090837 none null local
|
||||||
|
```
|
||||||
|
|
||||||
|
bridge:网络桥接
|
||||||
|
|
||||||
|
默认情况下启动、创建容器都是用该模式,所以每次docker容器重启时会按照顺序获取对应ip地址,这就导致容器每次重启,ip都发生变化
|
||||||
|
|
||||||
|
none:无指定网络
|
||||||
|
|
||||||
|
启动容器时,可以通过network=none,docker容器不会分配局域网ip
|
||||||
|
|
||||||
|
host:主机网络
|
||||||
|
|
||||||
|
docker容器的网络会附属在主机上,两者是互通的
|
||||||
|
|
||||||
|
#### 2.创建固定ip容器
|
||||||
|
|
||||||
|
创建自定义网络类型,并且指定网段:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker network create --subnet=192.168.0.0/16 staticnet
|
||||||
|
```
|
||||||
|
|
||||||
|
通过docker network ls可以查看到网络类型中多了一个staticnet
|
||||||
|
|
||||||
|
使用新的网络类型创建并启动容器:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run -it --name userserver --net staticnet --ip 192.168.0.2 centos:6 /bin/bash
|
||||||
|
```
|
||||||
|
|
||||||
|
通过docker inspect可以查看容器ip为192.168.0.2,关闭容器并重启,发现容器ip并未发生改变
|
||||||
|
|
||||||
|
## 五:BUG整理
|
||||||
|
|
||||||
|
#### 1.基于centos7的docker容器出现的一个bug
|
||||||
|
|
||||||
|
centos7下部署的docker容器中启动服务,报错如下:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@a3c8baf6961e .ssh]# systemctl restart sshd.service
|
||||||
|
Failed to get D-Bus connection: Operation not permitted
|
||||||
|
```
|
||||||
|
|
||||||
|
这是centos7容器里面出现的一个BUG
|
||||||
|
|
||||||
|
即centos7镜像创建的容器里面安装服务后,不能用systemctl/service启动服务,centos6的容器里没有这个坑!可以通过使用其他的方式启动或者换用centos6的镜像来避免这个错误
|
||||||
|
|
||||||
|
解决方案如下:
|
||||||
|
|
||||||
|
原因是dbus-daemon没能启动。其实systemctl并不是不可以使用,可以将你的CMD设置为/usr/sbin/init即可
|
||||||
|
|
||||||
|
这样就会自动将dbus等服务启动起来。即采用 /usr/sbin/init自动启动dbus daemon;即把之前的容器关闭并删除(docker stop container-id),然后重新启动容器,注意:启动时一定要加上参数--privileged和/usr/sbin/init,如下
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@localhost ~]# docker run --privileged -it centos7:7.3.1611 /sbin/init
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 2.解决容器内字符集乱码问题
|
||||||
|
|
||||||
|
容器内操作:
|
||||||
|
|
||||||
|
1. 查找 .vimrc文件
|
||||||
|
|
||||||
|
通常有2个地方保存这个文件的:
|
||||||
|
|
||||||
|
在/etc/文件夹下面,是所有用户的vim配置
|
||||||
|
|
||||||
|
每个用户的开始登录的文件夹下面
|
||||||
|
|
||||||
|
2. 修改.vimrc文件
|
||||||
|
|
||||||
|
建议修改当前使用的用户下面,这样只会影响到当前用户
|
||||||
|
|
||||||
|
然后添加下面几行,保存后,重新登录即可
|
||||||
|
|
||||||
|
```shell
|
||||||
|
set fileencodings=utf-8,gb2312,gb18030,gbk,ucs-bom,cp936,latin1
|
||||||
|
set enc=utf8
|
||||||
|
set fencs=utf8,gbk,gb2312,gb18030
|
||||||
|
```
|
||||||
|
|
||||||
|
修改后如下:
|
||||||
|
|
||||||
|
![img](https://xingdian-image.oss-cn-beijing.aliyuncs.com/xingdian-image/TvBv8HgxAve_fExhZw5D_A.png)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,326 @@
|
||||||
|
<h1><center>Docker镜像构建</center></h1>
|
||||||
|
|
||||||
|
**作者:行癫(盗版必究)**
|
||||||
|
|
||||||
|
------
|
||||||
|
|
||||||
|
## 一:创建自己的镜像
|
||||||
|
|
||||||
|
#### 1.将容器的文件系统打包成tar包
|
||||||
|
|
||||||
|
将容器的文件系统打包成tar文件,也就是把正在运行的容器直接导出为tar包的镜像文件
|
||||||
|
|
||||||
|
导出:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
export
|
||||||
|
Export a container's filesystem as a tar archive
|
||||||
|
有两种方式(elated_lovelace为容器名):
|
||||||
|
第一种:
|
||||||
|
[root@xingdian ~]# docker export -o elated_lovelace.tar elated_lovelace
|
||||||
|
第二种:
|
||||||
|
[root@xingdian ~]# docker export 容器名称 > 镜像.tar
|
||||||
|
```
|
||||||
|
|
||||||
|
导入:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
导入镜像归档文件到其他宿主机:
|
||||||
|
import
|
||||||
|
Import the contents from a tarball to create a filesystem image
|
||||||
|
[root@xingdian ~]# docker import elated_lovelace.tar elated_lovelace:v1
|
||||||
|
```
|
||||||
|
|
||||||
|
注意:
|
||||||
|
|
||||||
|
如果导入镜像时没有起名字,随后可以单独起名字(没有名字和tag),可以手动加tag
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker tag 镜像ID mycentos:7
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 2.镜像迁移
|
||||||
|
|
||||||
|
保存一台宿主机上的镜像为tar文件,然后可以导入到其他的宿主机上
|
||||||
|
|
||||||
|
```shell
|
||||||
|
save
|
||||||
|
Save an image(s) to a tar archive
|
||||||
|
将镜像打包,与下面的load命令相对应
|
||||||
|
[root@xingdian ~]# docker save -o nginx.tar nginx
|
||||||
|
load
|
||||||
|
Load an image from a tar archive or STDIN
|
||||||
|
与上面的save命令相对应,将上面sava命令打包的镜像通过load命令导入
|
||||||
|
[root@xingdian ~]# docker load < nginx.tar
|
||||||
|
```
|
||||||
|
|
||||||
|
注:
|
||||||
|
|
||||||
|
tar文件的名称和保存的镜像名称没有关系
|
||||||
|
|
||||||
|
导入的镜像如果没有名称,自己打tag起名字
|
||||||
|
|
||||||
|
扩展:export和save的区别
|
||||||
|
|
||||||
|
export:相当于容器快照,容器快照文件将丢弃所有的历史记录和元数据信息
|
||||||
|
|
||||||
|
save:没有这个现象,就是完整的
|
||||||
|
|
||||||
|
#### 3.通过容器创建本地镜像
|
||||||
|
|
||||||
|
背景:
|
||||||
|
|
||||||
|
容器运行起来后,又在里面做了一些操作,并且要把操作结果保存到镜像里
|
||||||
|
|
||||||
|
方案:
|
||||||
|
|
||||||
|
使用 docker commit 指令,把一个正在运行的容器,直接提交为一个镜像。commit 是提交的意思,类似我要生成一个新的版本
|
||||||
|
|
||||||
|
例子:
|
||||||
|
|
||||||
|
在容器内部新建了一个文件
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker exec -it 4ddf4638572d /bin/sh
|
||||||
|
root@4ddf4638572d:/app# touch test.txt
|
||||||
|
root@4ddf4638572d:/app# exit
|
||||||
|
# 将这个新建的文件提交到镜像中保存
|
||||||
|
[root@xingdian ~]# docker commit 4ddf4638572d xingdian/helloworld:v2
|
||||||
|
```
|
||||||
|
|
||||||
|
例子:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker commit -m "my images version1" -a "xingdian" 108a85b1ed99 daocloud.io/ubuntu:v2
|
||||||
|
sha256:ffa8a185ee526a9b0d8772740231448a25855031f25c61c1b63077220469b057
|
||||||
|
-m 添加注释
|
||||||
|
-a 作者
|
||||||
|
108a85b1ed99 容器环境id
|
||||||
|
daocloud.io/ubuntu:v2 镜像名称:hub的名称/镜像名称:tag
|
||||||
|
-p,–pause=true 提交时暂停容器运行
|
||||||
|
```
|
||||||
|
|
||||||
|
## 二:利用Dockerfile创建镜像
|
||||||
|
|
||||||
|
通过Dockerfile创建镜像,虽然可以自己制作 rootfs(根文件系统),但Docker 提供了一种更便捷的方式,叫作 Dockerfile
|
||||||
|
|
||||||
|
docker build命令用于根据给定的Dockerfile和上下文以构建Docker镜像
|
||||||
|
|
||||||
|
docker build语法:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build [OPTIONS] <PATH | URL | ->
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 1. 常用选项说明
|
||||||
|
|
||||||
|
```shell
|
||||||
|
--build-arg,设置构建时的变量
|
||||||
|
--no-cache,默认false。设置该选项,将不使用Build Cache构建镜像
|
||||||
|
--pull,默认false。设置该选项,总是尝试pull镜像的最新版本
|
||||||
|
--compress,默认false。设置该选项,将使用gzip压缩构建的上下文
|
||||||
|
--disable-content-trust,默认true。设置该选项,将对镜像进行验证
|
||||||
|
--file, -f,Dockerfile的完整路径,默认值为‘PATH/Dockerfile’
|
||||||
|
--isolation,默认--isolation="default",即Linux命名空间;其他还有process或hyperv
|
||||||
|
--label,为生成的镜像设置metadata
|
||||||
|
--squash,默认false。设置该选项,将新构建出的多个层压缩为一个新层,但是将无法在多个镜像之间共享新层;设置该选项,实际上是创建了新image,同时保留原有image。
|
||||||
|
--tag, -t,镜像的名字及tag,通常name:tag或者name格式;可以在一次构建中为一个镜像设置多个tag
|
||||||
|
--network,默认default。设置该选项,Set the networking mode for the RUN instructions during build
|
||||||
|
--quiet, -q ,默认false。设置该选项,Suppress the build output and print image ID on success
|
||||||
|
--force-rm,默认false。设置该选项,总是删除掉中间环节的容器
|
||||||
|
--rm,默认--rm=true,即整个构建过程成功后删除中间环节的容器
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 2. PATH | URL | -说明
|
||||||
|
|
||||||
|
给出命令执行的上下文
|
||||||
|
|
||||||
|
上下文可以是构建执行所在的本地路径,也可以是远程URL,如Git库、tarball或文本文件等。如果是Git库,如https://github.com/docker/rootfs.git#container:docker,则隐含先执行git clone --depth 1 --recursive,到本地临时目录;然后再将该临时目录发送给构建进程
|
||||||
|
|
||||||
|
构建镜像的进程中,可以通过ADD命令将上下文中的任何文件(注意文件必须在上下文中)加入到镜像中
|
||||||
|
|
||||||
|
-表示通过STDIN给出Dockerfile或上下文
|
||||||
|
|
||||||
|
示例:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build - < Dockerfile
|
||||||
|
```
|
||||||
|
|
||||||
|
说明:该构建过程只有Dockerfile,没有上下文
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build - < context.tar.gz
|
||||||
|
```
|
||||||
|
|
||||||
|
说明:其中Dockerfile位于context.tar.gz的根路径
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker build -t champagne/bbauto:latest -t champagne/bbauto:v2.1 .
|
||||||
|
[root@xingdian ~]# docker build -f dockerfiles/Dockerfile.debug -t myapp_debug .
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 3. 创建镜像所在的文件夹和Dockerfile文件
|
||||||
|
|
||||||
|
```shell
|
||||||
|
mkdir sinatra
|
||||||
|
cd sinatra
|
||||||
|
touch Dockerfile
|
||||||
|
```
|
||||||
|
|
||||||
|
在Dockerfile文件中写入指令,每一条指令都会更新镜像的信息
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# This is a comment
|
||||||
|
FROM daocloud.io/library/ubuntu
|
||||||
|
MAINTAINER xingdian xingdian@localhost.localdomain
|
||||||
|
RUN apt-get update && apt-get install -y ruby ruby-dev
|
||||||
|
```
|
||||||
|
|
||||||
|
格式说明:
|
||||||
|
|
||||||
|
每行命令都是以 INSTRUCTION statement 形式,就是命令+ 清单的模式。命令要大写,"#"是注解
|
||||||
|
|
||||||
|
FROM 命令是告诉docker 我们的镜像什么
|
||||||
|
|
||||||
|
MAINTAINER 是描述 镜像的创建人
|
||||||
|
|
||||||
|
RUN 命令是在镜像内部执行。就是说他后面的命令应该是针对镜像可以运行的命令
|
||||||
|
|
||||||
|
#### 4.创建镜像
|
||||||
|
|
||||||
|
命令:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker build -t xingdian/sinatra:v2 .
|
||||||
|
```
|
||||||
|
|
||||||
|
docker build 是docker创建镜像的命令
|
||||||
|
|
||||||
|
-t 是标识新建的镜像
|
||||||
|
|
||||||
|
sinatra是仓库的名称
|
||||||
|
|
||||||
|
:v2 是tag
|
||||||
|
|
||||||
|
"."是用来指明 我们的使用的Dockerfile文件当前目录
|
||||||
|
|
||||||
|
详细执行过程:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@master sinatra]# docker build -t xingdian/sinatra:v2 .
|
||||||
|
Sending build context to Docker daemon 2.048 kB
|
||||||
|
Step 1 : FROM daocloud.io/ubuntu:14.04
|
||||||
|
Trying to pull repository daocloud.io/ubuntu ...
|
||||||
|
14.04: Pulling from daocloud.io/ubuntu
|
||||||
|
f3ead5e8856b: Pull complete
|
||||||
|
Digest: sha256:ea2b82924b078d9c8b5d3f0db585297a5cd5b9c2f7b60258cdbf9d3b9181d828
|
||||||
|
---> 2ff3b426bbaa
|
||||||
|
Step 2 : MAINTAINER xingdian xingdian@localhost.localdomain
|
||||||
|
---> Running in 948396c9edaa
|
||||||
|
---> 227da301bad8
|
||||||
|
Removing intermediate container 948396c9edaa
|
||||||
|
Step 3 : RUN apt-get update && apt-get install -y ruby ruby-dev
|
||||||
|
...
|
||||||
|
Step 4 : RUN gem install sinatra
|
||||||
|
---> Running in 89234cb493d9
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 5.创建完成后,从镜像创建容器
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# docker run -t -i xingdian/sinatra:v2 /bin/bash
|
||||||
|
```
|
||||||
|
|
||||||
|
## 三:企业级Dockerfile文件构建容器
|
||||||
|
|
||||||
|
#### 1.Dockerfile文件构建nginx
|
||||||
|
|
||||||
|
```shell
|
||||||
|
[root@xingdian ~]# cat Dockerfile
|
||||||
|
FROM centos:7.2.1511
|
||||||
|
ENV TZ=Asia/Shanghai
|
||||||
|
ENV LANG=en_US.UTF-8
|
||||||
|
ENV LANGUAGE=en_US:en
|
||||||
|
ENV LC_ALL=en_US.UTF-8
|
||||||
|
RUN yum -y install gcc openssl openssl-devel pcre-devel zlib-devel make
|
||||||
|
ADD nginx-1.14.0.tar.gz /opt/
|
||||||
|
WORKDIR /opt/nginx-1.14.0
|
||||||
|
RUN ./configure --prefix=/opt/nginx
|
||||||
|
RUN make && make install
|
||||||
|
WORKDIR /opt/nginx
|
||||||
|
RUN rm -rf /opt/nginx-1.14.0
|
||||||
|
ENV NGINX_HOME=/opt/nginx
|
||||||
|
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/nginx/sbin
|
||||||
|
EXPOSE 80 443
|
||||||
|
CMD ["nginx", "-g", "daemon off;"]
|
||||||
|
注意:
|
||||||
|
Nginx的docker仓库原文说明如下:
|
||||||
|
If you add a custom CMD in the Dockerfile, be sure to include -g daemon off; in the CMD in order fornginx to stay in the foreground, so that Docker can track the process properly (otherwise your container will stop immediately after starting)!
|
||||||
|
Running nginx in debug mode
|
||||||
|
Images since version 1.9.8 come with nginx-debug binary that produces verbose output when using higher log levels. It can be used with simple CMD substitution:
|
||||||
|
$ docker run --name my-nginx -v /host/path/nginx.conf:/etc/nginx/nginx.conf:ro -d nginx nginx -g 'daemon off;'
|
||||||
|
Similar configuration in docker-compose.yml may look like this:
|
||||||
|
|
||||||
|
web:
|
||||||
|
image: nginx
|
||||||
|
volumes:
|
||||||
|
- ./nginx.conf:/etc/nginx/nginx.conf:ro
|
||||||
|
command: [nginx, '-g', 'daemon off;']
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 2.Dockerfile文件构建redis
|
||||||
|
|
||||||
|
```shell
|
||||||
|
FROM centos:7.2.1511
|
||||||
|
MAINTAINER qf
|
||||||
|
ENV TZ=Asia/Shanghai
|
||||||
|
ENV LANG=en_US.UTF-8
|
||||||
|
ENV LANGUAGE=en_US:en
|
||||||
|
ENV LC_ALL=en_US.UTF-8
|
||||||
|
RUN yum -y install gcc make
|
||||||
|
ADD redis-4.0.9.tar.gz /opt/
|
||||||
|
RUN cd /opt/ && mv redis-4.0.9 redis && cd /opt/redis && make && make install
|
||||||
|
RUN mkdir -p /opt/redis/logs && mkdir -p /opt/redis/data && mkdir -p /opt/redis/conf && cp /opt/redis/redis.conf /opt/redis/conf/ && cp /opt/redis/src/redis-trib.rb /usr/local/bin/
|
||||||
|
EXPOSE 6379
|
||||||
|
CMD ["redis-server","/opt/redis/conf/redis.conf"]
|
||||||
|
基于哨兵模式的redis镜像
|
||||||
|
FROM centos:7.2.1511
|
||||||
|
MAINTAINER redis4 jichujingxiang
|
||||||
|
ENV TZ=Asia/Shanghai
|
||||||
|
ENV LANG=en_US.UTF-8
|
||||||
|
ENV LANGUAGE=en_US:en
|
||||||
|
ENV LC_ALL=en_US.UTF-8
|
||||||
|
RUN yum -y install gcc make
|
||||||
|
ADD redis-4.0.9.tar.gz /opt/
|
||||||
|
ADD run.sh /
|
||||||
|
RUN cd /opt/ && mv redis-4.0.9 redis && cd /opt/redis && make && make install
|
||||||
|
RUN mkdir -p /opt/redis/logs && mkdir -p /opt/redis/data && mkdir -p /opt/redis/conf && cp /opt/redis/redis.conf /opt/redis/conf/ && cp /opt/redis/src/redis-trib.rb /usr/local/bin/ && cp /opt/redis/sentinel.conf /opt/redis/conf/ && chmod 777 /run.sh
|
||||||
|
EXPOSE 6379
|
||||||
|
CMD ["./run.sh"]
|
||||||
|
#cat /run.sh
|
||||||
|
#!/usr/bin/bash
|
||||||
|
#2018/10/24
|
||||||
|
#行癫
|
||||||
|
cd /opt/redis/src/
|
||||||
|
./redis-server /opt/redis/conf/redis.conf & #这一个要放在后台运行,不然下面的启动不了
|
||||||
|
./redis-sentinel /opt/redis/conf/sentinel.conf
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 3.Dockerfile文件构建jenkins
|
||||||
|
|
||||||
|
```shell
|
||||||
|
行癫(亲测)
|
||||||
|
FROM local/c7-systemd
|
||||||
|
ADD jdk-9.0.1_linux-x64_bin.tar.gz /usr/local/
|
||||||
|
ADD apache-tomcat-9.0.14.tar.gz /usr/local/
|
||||||
|
WORKDIR /usr/local/
|
||||||
|
ENV JAVA_HOME=/usr/local/java
|
||||||
|
ENV PATH=$JAVA_HOME/bin:$PATH
|
||||||
|
ENV CATALINA_HOME=/usr/local/tomcat
|
||||||
|
ENV export JAVA_HOME CATALINA_HOME PATH
|
||||||
|
RUN mv jdk-9.0.1 java && mv apache-tomcat-9.0.14 tomcat
|
||||||
|
COPY jenkins.war /usr/local/tomcat/webapps/
|
||||||
|
EXPOSE 8080
|
||||||
|
CMD ["/usr/local/tomcat/bin/catalina.sh","run"]
|
||||||
|
```
|
Loading…
Reference in New Issue