docker的部署及使用

Docker部署及使用

1.安装docker

1.查看系统环境：

[root@bogon ~]# cat /etc/redhat-release

CentOS Linux release 7.3.1611 (Core)

[root@bogon ~]# uname -r

3.10.0-514.el7.x86_64

[root@bogon ~]# systemctl stop firewalld

[root@bogon ~]# systemctl disable firewalld

[root@bogon ~]# setenforce 0

2.安装docker

[root@bogon ~]# yum install -y docker

3.docker和OpenStack对比表

4.启动docker并设置开机自启

[root@bogon ~]# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

5.更改docker镜像源(默认会去国外官方站点下载，可能会慢也有被拦截的风险，所以改成国内的)

[root@bogon ~]# docker deamon –help

上述命令可以查看到下面文件中需要添加参数的帮助信息。

[root@bogon ~]# vim /usr/lib/systemd/system/docker.service

#在文件里添加×××部分，×××部分地址需要登录阿里云获取

ExecStart=/usr/bin/dockerd-current –registry-mirror=https://a14c78qe.mirror.aliyuncs.com

–add-runtime docker-runc=/usr/libexec/docker/docker-runc-current

6.加载下文件

[root@bogon ~]# systemctl daemon-reload

7.启动docker

[root@bogon ~]# systemctl start docker

Docker启动报错解决方案：

启动不成功会提示去哪里看报错，如下：

[root@bogon ~]# systemctl start docker

Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

[root@bogon ~]# journalctl -xe

#仔细看报错文件，如果是如下报错：

— Unit docker.service has begun starting up.

8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.529170789+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"

8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.542715409+08:00" level=info msg="libcontainerd: new containerd process, pid: 3321"

8月 28 16:42:22 bogon dockerd-current[3316]: Error starting daemon: SELinux is not supported with the overlay2 graph driver on this kernel. Either boot into a newer kernel or disable selinux in docker (–selin

8月 28 16:42:22 bogon systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE

8月 28 16:42:22 bogon systemd[1]: Failed to start Docker Application Container Engine.

— Subject: Unit docker.service has failed

解决方法：

修改下面配置文件内容

[root@bogon ~]# vim /etc/sysconfig/docker

#下面内容中添加×××部分

OPTIONS='–selinux-enabled=false –log-driver=journald –signature-verification=false'

修改后再次启动就可以了

8.docker启动后查看下状态：

[root@bogon ~]# systemctl status docker

#下面绿色部分说明启动没有问题

● docker.service – Docker Application Container Engine

Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)

Active: active (running) since 二 2018-08-28 16:46:06 CST; 5min ago

Docs: http://docs.docker.com

Main PID: 3390 (dockerd-current)

CGroup: /system.slice/docker.service

├─3390 /usr/bin/dockerd-current –registry-mirror=https://a14c78qe.mirror.aliyuncs.com –ad…

└─3395 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-co…

8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.866842623+08:00" level=info…ds"

8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.868038662+08:00" level=info…t."

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.999481830+08:00" level=info…se"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.180906259+08:00" level=info…ss"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.281198675+08:00" level=info…e."

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.285045777+08:00" level=warn…ix"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334406287+08:00" level=info…on"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334428391+08:00" level=info…3.1

8月 28 16:46:06 bogon systemd[1]: Started Docker Application Container Engine.

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.370242046+08:00" level=info…ck"

Hint: Some lines were ellipsized, use -l to show in full.

2.docker简单操作

镜像的下载

[root@bogon ~]# docker pull alpine

Using default tag: latest

Trying to pull repository docker.io/library/alpine …

latest: Pulling from docker.io/library/alpine

8e3ba11ec2a2: Pull complete

Digest: sha256:7043076348bf5040220df6ad703798fd8593a0918d06d3ce30c6c93be117e430

Status: Downloaded newer image for docker.io/alpine:latest

镜像的搜索，如下搜索一个nginx镜像

[root@bogon ~]# docker search nginx

INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED

docker.io docker.io/nginx Official build of Nginx. 9370 [OK]

docker.io docker.io/jwilder/nginx-proxy Automated Nginx reverse proxy for docker c… 1388 [OK]

docker.io docker.io/richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable … 609 [OK]

docker.io docker.io/jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as… 396 [OK]

docker.io docker.io/kong Open-source Microservice & API Management … 219 [OK]

docker.io docker.io/webdevops/php-nginx Nginx with PHP-FPM 111 [OK]

docker.io docker.io/kitematic/hello-world-nginx A light-weight nginx container that demons… 108

docker.io docker.io/zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server … 63 [OK]

docker.io docker.io/bitnami/nginx Bitnami nginx Docker Image 57 [OK]

docker.io docker.io/1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 43 [OK]

docker.io docker.io/linuxserver/nginx An Nginx container, brought to you by Linu… 38

docker.io docker.io/tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 20 [OK]

docker.io docker.io/blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK]

docker.io docker.io/nginxdemos/nginx-ingress NGINX Ingress Controller for Kubernetes . … 11

docker.io docker.io/wodby/drupal-nginx Nginx for Drupal container image 10 [OK]

docker.io docker.io/nginxdemos/hello NGINX webserver that serves a simple page … 8 [OK]

docker.io docker.io/webdevops/nginx Nginx container 8 [OK]

下载nginx镜像：

[root@bogon ~]# docker pull nginx

查看本地镜像：

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/nginx latest c82521676580 4 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

镜像的导出：

[root@bogon ~]# docker save nginx >/tmp/nginx.tar.gz

[root@bogon ~]# ls /tmp/

nginx.tar.gz

镜像删除操作

[root@bogon ~]# docker rmi nginx

Untagged: nginx:latest

Untagged: docker.io/nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424

Deleted: sha256:c82521676580c4850bb8f0d72e47390a50d60c8ffe44d623ce57be521bca9869

Deleted: sha256:2c1f65d17acf8759019a5eb86cc20fb8f8a7e84d2b541b795c1579c4f202a458

Deleted: sha256:8f222b457ca67d7e68c3a8101d6509ab89d1aad6d399bf5b3c93494bbf876407

Deleted: sha256:cdb3f9544e4c61d45da1ea44f7d92386639a052c620d1550376f22f5b46981af

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

导入镜像导入：

[root@bogon ~]# docker load < /tmp/nginx.tar.gz

cdb3f9544e4c: Loading layer 58.44 MB/58.44 MB

a8c4aeeaa045: Loading layer 54.24 MB/54.24 MB

08d25fa0442e: Loading layer 3.584 kB/3.584 kB

Loaded image: docker.io/nginx:latest

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/nginx latest c82521676580 4 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

docker镜像启动：(run其实是两个命令的结合，一个是create,创建容器，一个是run运行容器)

[root@bogon ~]# docker run alpine sh

上述这样启动是免交互的相当于后台运行。

[root@bogon ~]# docker run -it alpine sh

/ #

#加上-it后会启动镜像并进入到镜像内。

/ # cd /tmp/

/tmp # ls

/tmp # mkdir abc

/tmp # touch 111

/tmp # ls

111 abc

/tmp # exit

#可以在容器里进行操作，exit退出，容器退出即关闭，想退出不关闭，按住ctrl按下p按下q就可以退出不关闭。

查看正在运行的容器：

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

显示所有的容器，不管是否在运行。

[root@bogon ~]# docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

212334d5b4e6 alpine "sh" 21 minutes ago Exited (0) 18 minutes ago stupefied_mclean

939f8d7c326a alpine "sh" 22 minutes ago Exited (0) 22 minutes ago keen_ramanujan

删除容器：

[root@bogon ~]# docker rm 212334d5b4e6 939f8d7c326a

#rm后面加上容器的ID，运行中的容器删除时会报错，需要在rm后面加上-f强制删除

212334d5b4e6

939f8d7c326a

运行nginx容器：

[root@bogon ~]# docker run -it –name mynginx nginx

#–name：给运行的容器指定个名称，默认会随机起个名，不好识别

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

8c39a0d44943 nginx "nginx -g 'daemon …" 56 seconds ago Up 55 seconds 80/tcp mynginx

显示容器的详细信息：

[root@bogon ~]# docker inspect mynginx (可以指定容器的ID号)

[

{

"Id": "8c39a0d449436812f7384cdad68dbb7cf303a20cf2e04f4360754e4941575c5d",

"Created": "2018-08-28T10:12:27.182865131Z",

"Path": "nginx",

"Args": [

"-g",

"daemon off;"

。。。。。。。。。。

最后几行信息

"Networks": {

"bridge": {

"IPAMConfig": null,

"Links": null,

"Aliases": null,

"NetworkID": "44fcef1e4efb63b10dc5742f09d18848e25b235f5c2f7c38ad6d1a05d00946ba",

"EndpointID": "2b6d3969bfaffbbbbd166f694f7bf3e1fc5945195849cf12c45ee0906a010275",

"Gateway": "172.17.0.1", #网关

"IPAddress": "172.17.0.2", #Ip地址

"IPPrefixLen": 16,

"IPv6Gateway": "",

"GlobalIPv6Address": "",

"GlobalIPv6PrefixLen": 0,

"MacAddress": "02:42:ac:11:00:02"

}

}

}

}

]

Curl 下ip地址看能否访问：

[root@bogon ~]# curl 172.17.0.2

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and

working. Further configuration is required.

For online documentation and support please refer to

nginx.org.

Commercial support is available at

nginx.com.

Thank you for using nginx.

进入已经运行的容器中

[root@bogon ~]# docker attach mynginx

这种方法进入没有bash终端，并且输入信息其他终端也可以看见且无法直接退出，只有ctrl+p+q退出

[root@bogon ~]# docker exec -it mynginx sh

这种方式是比较推荐的，会提供一个指定的bash终端，可以做任意操作。

ls

bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var

#

[root@bogon ~]# docker run -it -d –name mynginx nginx

#-d：后台运行，-d和-rm是冲突参数，只能

81a545910b0d1215fedc279ec38ff65a4a7ddbc7be1b8f37ed7b87fa8a6c244a

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

81a545910b0d nginx "nginx -g 'daemon …" 7 seconds ago Up 6 seconds 80/tcp mynginx

查看docker里面服务的访问日志：

[root@bogon ~]# docker logs mynginx

172.17.0.1 – – [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

[root@bogon ~]# docker logs -f mynginx

172.17.0.1 – – [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:50 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:51 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:52 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

#docker logs -f 类似于tailf日志追踪

3.Docker镜像制作

1.下载centos镜像：

[root@bogon ~]# docker pull centos

2.运行容器并进入容器里：

[root@bogon ~]# docker run -it centos bash

[root@0fca23e3d80d /]#

3.默认没有wget，先yum一个wget：

[root@0fca23e3d80d /]# yum install -y wget

4.切换成阿里云源

[root@0fca23e3d80d /]# cd /etc/yum

yum/ yum.conf yum.repos.d/

[root@0fca23e3d80d /]# cd /etc/yum

yum/ yum.conf yum.repos.d/

[root@0fca23e3d80d /]# cd /etc/yum.repos.d/

[root@0fca23e3d80d yum.repos.d]# ls

CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo

CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo

[root@0fca23e3d80d yum.repos.d]# rm -f *

[root@0fca23e3d80d yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

阿里云epel源;

[root@0fca23e3d80d yum.repos.d]# yum install -y epel-release

[root@0fca23e3d80d yum.repos.d]# ls

CentOS-Base.repo epel-testing.repo epel.repo

5.安装nginx：

[root@0fca23e3d80d yum.repos.d]# yum install -y nginx

配置nginx

[root@0fca23e3d80d yum.repos.d]# vi /etc/nginx/nginx.conf

#添加×××部分

user nginx;

daemon off;

查看下docker commit帮助

[root@bogon ~]# docker commit –help

Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

Create a new image from a container's changes

Options:

-a, –author string Author (e.g., "John Hannibal Smith ")

-c, –change list Apply Dockerfile instruction to the created image (default [])

–help Print usage

-m, –message string Commit message

-p, –pause Pause container during commit (default true)

[root@bogon ~]# docker commit -m "add nginx images" mynginx liyongli/my_nginx

语法：-m后面是描述

Mynginx：运行的容器名

liyongli/my_nginx：镜像名

查看本地镜像会发现多一个×××部分的镜像

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

liyongli/my_nginx latest 66ff70d8a103 22 seconds ago 408 MB

docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB

docker.io/nginx latest c82521676580 5 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

tag号默认是latest，在上述镜像名后面加上×××部分tag就是你指定的liyongli/my_nginx:v1

[root@bogon ~]# docker commit -m "add nginx images" happy_perlman liyongli/my_nginx:v1

sha256:e6cdb103b333963c17a7ef185e0ec040b3f25c93e3aabaa152040b569cfbe804

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

liyongli/my_nginx v1 e6cdb103b333 4 seconds ago 408 MB

liyongli/my_nginx latest 66ff70d8a103 4 minutes ago 408 MB

docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB

docker.io/nginx latest c82521676580 5 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

启动自己做的镜像：

[root@bogon ~]# docker run -d –name mnginx liyongli/my_nginx nginx

–name:运行容器的描述

liyongli/my_nginx：镜像名

nginx：运行的服务名

5a15d9986e8f460ff047ab716f809309a7e828218986d95df7749b1115b33953

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

5a15d9986e8f liyongli/my_nginx "nginx" 11 seconds ago Up 10 seconds mnginx

0fca23e3d80d centos "bash" About an hour ago Up About an hour happy_perlman

Docker网络

Docker端口映射：

[root@bogon ~]# docker run -d –name mnginx -P nginx

#-P：端口映射

dc1c5779e7b9f0146376da4bcad1827fe2f80c1fac39c21b7076ce65e4446d51

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

dc1c5779e7b9 nginx "nginx -g 'daemon …" 7 seconds ago Up 6 seconds 0.0.0.0:32768->80/tcp mnginx

将随机产生一个端口映射到容器里的80

访问验证：

[root@bogon ~]# docker run –name my_nginx -d -p 80:80 liyongli/my_nginx nginx

liyongli/my_nginx：镜像名

nginx：镜像里的服务

#-p:指定80端口去映射docker上的80

c826a3ea327a0f2957c9f4181af8d4408e8d7de1ebee645def8e07891afc2757

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

c826a3ea327a liyongli/my_nginx "nginx" 12 seconds ago Up 11 seconds 0.0.0.0:80->80/tcp my_nginx

访问测试：

注：默认采用tcp，想换成UDP，需要在端口后面加上协议(如下×××部分)

[root@bogon ~]# docker run –name my_nginx -d -p 80:80/udp liyongli/my_nginx nginx

46f6b91ed321ed0fd0cf2e638a68d859207e7ff4dc33c02d7d299e258200496f

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

46f6b91ed321 liyongli/my_nginx "nginx" 2 seconds ago Up 2 seconds 0.0.0.0:80->80/udp my_nginx

指定端口和IP映射：

[root@bogon ~]# docker run –name my_nginx -d -p 127.0.0.1:80:80 liyongli/my_nginx nginx

7266e28a7f4b7a1a38f41b55ccf33136f3f7867081e0d1369f662a6292d9fc0a

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

7266e28a7f4b liyongli/my_nginx "nginx" 21 seconds ago Up 21 seconds 127.0.0.1:80->80/tcp my_nginx

访问测试，外面的浏览器访问不到了：

本地curl访问：

[root@bogon ~]# curl 127.0.0.1:80