什么是Docker
dock安装配置
安装条件 You will need RHEL 6.5 or higher, with a RHEL 6 kernel version 2.6.32-431
or higher as this has specific kernel fixes to allow Docker to work.
eple源安装 #rpm -Uvh http://ftp.sjtu.edu.cn/fedora/epel/6/i386/epel-release-6-8.noarch.rpm #yum -y install docker-io #rpm -qa docker-io docker-io-1.7.1-2.el6.x86_64
修改镜像存放路径(按需,默认/var/lib/docker/)
#mkdir /dockerdata
#vi /etc/sysconfig/docker
other_args="--graph=/dockerdata"
# cp -r /var/lib/docker/* /dockerdata/
#/etc/init.d/docker start
镜像管理相关命令
#docker search centos 查找镜像
#docker pull centos 下载镜像
#docker rmi 删除镜像
#docker images 查看镜像
容器管理相关命令
docker run --name -h hostname 启动容器
docker stop CONTAINER ID 停止容器
docker ps [-a显示所有 ] [-l最近一个] 查看容器
docker rm 删除容器
docker exec /docker attach( 进不去导致容器停止) 进入容器
nsenter(unix-util包) 访问另外个进程名字空间
运行一个容器
# docker run centos /bin/echo "hello" #执行完命令后容器就退出
hello
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8a111bfc5490 centos "/bin/echo hello" 4 seconds ago Exited (0) 4 seconds ago stoic_noyce
运行一个容器并进入
#docker run -it --name mydocker1 centos /bin/bash
-t - 分配一个(伪)tty (link is external)
-i - 交互模式 (so we can interact with it)
centos - 使用 centos镜像
/bin/bash - 运行命令 bash shell
[root@eae3bf3b91e6 /]# exit #进入容器后退出
#docker ps -a #可以看到exit后容器也退出
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eae3bf3b91e6 centos "/bin/bash" 35 seconds ago Exited (0) 3 seconds ago mydocker1
8a111bfc5490 centos "/bin/echo hello" 2 minutes ago Exited (0) 2 minutes ago stoic_noyce
接下来玩一下nginx容器
# docker pull nginx
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
nginx latest 61d205ea917c 9 days ago 182.5 MB
centos latest bac949ce964b 3 weeks ago 192.5 MB
#在nginx镜像上创建一个名为mynginx1的容器 -d daemon
# docker run -d --name mynginx1 nginx
7ffaad7d60b9b1a3b93276682d5b0e30126d9d7f80e8e26c67a84c3851bf071e
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7ffaad7d60b9 nginx "nginx -g 'daemon of About a minute ago Up About a minute 80/tcp, 443/tcp mynginx1
eae3bf3b91e6 centos "/bin/bash" 11 minutes ago Exited (0) 10 minutes ago mydocker1
8a111bfc5490 centos "/bin/echo hello" 12 minutes ago Exited (0) 12 minutes ago stoic_noyce
进入容器
# docker attach 7ffaad7d60b9 无法进入,ctrl c后,容器也停止
#docker start 7ffaad7d60b9 将容器启动,换种方式
# docker inspect --format "{{.State.Pid}}" mynginx1
9301
===================================================================================
# ps -ef | grep nginx
root 9301 7947 0 11:17 ? 00:00:00 nginx: master process nginx -g
# docker inspect --format "{{.State.Pid}}" 7ffaad7d60b9
9301
===================================================================================
# nsenter --target 9301 --mount --uts --ipc --net --pid
root@7ffaad7d60b9:/# 已经进入到mynginx1容器,退出后容器不会退出
root@7ffaad7d60b9:/# ip ad
19: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:06 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.6/16 scope global eth0
inet6 fe80::42:acff:fe11:6/64 scope link
valid_lft forever preferred_lft forever
21: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
nsenter(unix-util包)访问另外个进程名字空间
Usage: nsenter [options] <program> [args...]
Options:
-t, --target <pid> target process to get namespaces from
-m, --mount [=<file>] enter mount namespace
-u, --uts [=<file>] enter UTS namespace (hostname etc)
-i, --ipc [=<file>] enter System V IPC namespace
-n, --net [=<file>] enter network namespace
-p, --pid [=<file>] enter pid namespace
-r, --root [=<dir>] set the root directory
-w, --wd [=<dir>] set the working directory
-F, --no-fork do not fork before exec'ing <program>
docker网路访问
# iptables -L -t nat (默认做了nat,所以网络通)
# ifconfig docker0
docker0 Link encap:Ethernet HWaddr 5E:70:09:88:61:5B
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::1819:93ff:fe59:28d1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1900 (1.8 KiB) TX bytes:468 (468.0 b)
root@7ffaad7d60b9:/# ip ro mynginx1容器
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.6
default via 172.17.42.1 dev eth0
主机与容器的端口映射
随机映射
docker run -P
指定映射
docker run -p hostPort:containerPort 主机端口:容器端口
docker run -p ip:hostPort:containerPort 主机多个ip时
docker run -p ip:: containerPort 随机
docker run -p hostPort:containerPort -p hostPort:containerPort 多个映射
# docker run -d -P --name mynginx2 nginx
8f016ed6d76f47a59565ded710f5862834ca23dd45e152763deda128e77aaafc
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8f016ed6d76f nginx "nginx -g 'daemon of 4 seconds ago Up 3 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp mynginx2
7ffaad7d60b9 nginx "nginx -g 'daemon of 28 minutes ago Up 20 minutes 80/tcp, 443/tcp mynginx1
==访问宿主机的32768端口即容器的80端口
# docker run -d -p 8080:80 --name mynginx3 nginx
15799cec6c5ccaea185feb9482dd5e0873e330387f393a075871a0da2ec2ca80
[root@node87 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
15799cec6c5c nginx "nginx -g 'daemon of 5 seconds ago Up 4 seconds 443/tcp, 0.0.0.0:8080->80/tcp mynginx3
8f016ed6d76f nginx "nginx -g 'daemon of 3 minutes ago Up 3 minutes 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp mynginx2
7ffaad7d60b9 nginx "nginx -g 'daemon of 31 minutes ago Up 24 minutes 80/tcp, 443/tcp mynginx1
docker资源隔离 (LXC (容器技术)Kernel namespace)
docker网络
docker数据管理
docker镜像构建
手动构建
dockerfile构建
手动构建nginx镜像
dockerfile构建
docker registry
原文链接:https://www.cnblogs.com/gtms/p/6671417.html
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
