基于业务的驱动需求,需要重拾起docker的使用,之前一直没有把docker的使用在线上的环境上使用,近期有必要的进行线上环境的应用,有必要的再重新的鼓捣以下这个docker,加上接下来的对CICD的各自需求。所以有必要再进行整理一次,
之前接触docker,主要是在2010-10月份自己学的,
跨到现在也快7-8个月了,估计也更新了很多!
重新学的,很多东西我不回记录那么详细!很多理论的东西我也不会再叙述太多!哈哈 懒了!
1 基本概念篇
-
docker镜像 image:可以理解为一个做好的迷你系统ios文件一样,或做好一个样本模板,用来创建出容器实例对象的基础(类)
-
容器container:可以理解镜像的实例化的对象实例,基于镜像的基础上运行后的一个镜像实例
-
仓库repository :用于存放镜像的仓库
2 安装篇和初步使用
2.1 基础环境
Docker要求的系统内核高于3.10,查看系统版本信息
[root@localhost ~]# uname -r
3.10.0-514.el7.x86_64
[root@localhost ~]#
准备 更新的相关的yum包
[root@localhost ~]# yum update
或
yum makecache fast
更换设置YUM源设置:
[root@localhost ~]#yum-config-manager -add-repo
https://download.docker.com/linux/centos/docker-ce.repo
更换为阿里云:
[root@localhost ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
PS:因为我是本地自己搭建的虚拟机来学习的,再安全docker之前记得社会一下设置,避免安装的时候出现错误提示。
[root@localhost ~]# date
Wed Jul 29 11:25:29 CST 2020
[root@localhost ~]# date -s "2020-10-19 13:35:30"
Mon Oct 19 13:35:30 CST 2020
[root@localhost ~]# date
Mon Oct 19 13:35:31 CST 2020
2.2 详细步骤
1):删除旧版的数据(没安装过)
[root@localhost ~]# yum remove docker \
> docker-client \
> docker-client-latest \
> docker-common \
> docker-latest \
> docker-latest-logrotate \
> docker-logrotate \
> docker-selinux \
> docker-engine-selinux \
> docker-engine
Loaded plugins: fastestmirror
No Match for argument: docker
No Match for argument: docker-client
No Match for argument: docker-client-latest
No Match for argument: docker-common
No Match for argument: docker-latest
No Match for argument: docker-latest-logrotate
No Match for argument: docker-logrotate
No Match for argument: docker-selinux
No Match for argument: docker-engine-selinux
No Match for argument: docker-engine
No Packages marked for removal
2)第2步: 安装相关的依赖
[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
3): 配置YUN源:
[root@localhost ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror
adding repo from: http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
如果出现:
Loaded plugins: fastestmirror
执行:
yum makecache fast
或
yum clean metadata
补充:查看docker版本
yum list docker-ce --showduplicates | sort -r
4): 执行官方的安装脚本(安装的社区版滴)
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
或
```
yum install docker-ce docker-ce-cli containerd.io
```
5): 验证安装
[root@localhost ~]# docker --version
Docker version 20.10.7, build f0df350
[root@localhost ~]#
6): 配置开机启动
[root@localhost ~]# systemctl enable docker
7): 启动docker
systemctl start docker
8): 运行一个简单的示例容器:docker run hello-world
[root@localhost ~]# docker run hello-world
提示错误:
更新yum源后还是错,但是是另一种错误
上面情况应该是和网络有关系,因为本地的没有这个容器,所有会从 hub.docker.com/进行拉取,国内国外的网络问题吧! 这种情况你可以配置一下使用国内的云 不从hub.docker.com拉取!
别人提供的解决方案是(未实践,我的多拉几次他就好了!)或看下文的配置阿里云的加速镜像:
systemctl stop docker
echo "DOCKER_OPTS="$DOCKER_OPTS --registry-mirror=http://f2d6cb40.m.daocloud.io"" | sudo tee -a /etc/default/docker
service docker restart
9):查看所有的容器:
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d6087f654d9e hello-world "/hello" 4 minutes ago Exited (0) 4 minutes ago practical_wozniak
[root@localhost ~]#
10):列出所有在运行的容器信息
docker ps
11)总结运行容器示docker run hello-world 流程说明
-
1 执行docker run hello-world,再本机查找hello-world镜像
- 如果镜像存在,则已该镜像为模板生成容器实例运行
- 如果镜像不存在,则会去远程的 hub.docker.com/进行查询\
-
2 如远程仓库镜像查询,有无,有则拉取下载到本地,无则提示镜像不存在。
3 配置阿里云镜像加速
3.1 原因:
龟速和加速的区别。
3.2 详细步骤
1)登入阿里云镜像服务中心(需使用账号登入)
地址:cr.console.aliyun.com/cn-shenzhen…
2)获取地址:
3)按照要求修改OS的Docker配置文件
在/etc/docker/下查找daemon.json文件,没有这个文件的话则创建。并写入以下的内容:
[root@localhost ~]# nano /etc/docker/daemon.json
[root@localhost ~]#
写入的内容(注意地址使用你自己申请到的地址,xxxx数你自己的ID):
{
"registry-mirrors": ["https://xxxxxxxx.mirror.aliyuncs.com"]
}
4 ) 重启daemon
[root@localhost ~]#systemctl daemon-reload
5 ) 重启docker
[root@localhost ~]# systemctl restart docker
6 ) 查看修改的后docker信息
[root@localhost ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 1
Server Version: 19.03.13
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-514.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 976.5MiB
Name: localhost.localdomain
ID: TT6R:HUR2:3AQG:JLBU:CGAO:BG5T:LMC4:FYTX:PRGV:4D56:4TAN:BGFE
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://aiyf7r3a.mirror.aliyuncs.com/
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
[root@localhost ~]#
7 ) 测试拉取一个ubuntu:15.10的镜像
[root@localhost ~]# docker pull ubuntu:15.10
15.10: Pulling from library/ubuntu
7dcf5a444392: Pull complete
759aa75f3cee: Pull complete
3fa871dc8a2b: Pull complete
224c42ae46e7: Pull complete
Digest: sha256:02521a2d079595241c6793b2044f02eecf294034f31d6e235ac4b2b54ffc41f3
Status: Downloaded newer image for ubuntu:15.10
docker.io/library/ubuntu:15.10
[root@localhost ~]#
附加其他的对镜像的操作测试处理:
8) 查看本地的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest bf756fb1ae65 9 months ago 13.3kB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost ~]#
9)使用镜像跑一个示例 前台模式的启动
说明:/bin/echo "Hello world": 在启动的容器里执行的命令
[root@localhost ~]# docker run ubuntu:15.10 /bin/echo "Hello world"
Hello world
其他一些容器的基本的操作:
root@0a22083fa318:~# cd ll
bash: cd: ll: No such file or directory
root@0a22083fa318:~# cd ~
root@0a22083fa318:~# ll
total 8
drwx------. 2 root root 37 Jul 6 2016 ./
drwxr-xr-x. 1 root root 6 Oct 19 07:57 ../
-rw-r--r--. 1 root root 3106 Feb 20 2014 .bashrc
-rw-r--r--. 1 root root 140 Feb 20 2014 .profile
root@0a22083fa318:~# cd ..
root@0a22083fa318:/# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
root@0a22083fa318:/# eixt
bash: eixt: command not found
root@0a22083fa318:/# exit
exit
[root@localhost ~]# docker run -i -t ubuntu:15.10 /bin/bash
root@a2cc1c83603a:/# exit
10)前台模式的启动 查看的相关的容器情况
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a2cc1c83603a ubuntu:15.10 "/bin/bash" 26 seconds ago Exited (0) 24 seconds ago elated_cartwright
0a22083fa318 ubuntu:15.10 "/bin/bash" About a minute ago Exited (127) 29 seconds ago epic_galileo
e0069b97f043 ubuntu:15.10 "/bin/echo 'Hello wo…" 3 minutes ago Exited (0) 3 minutes ago intelligent_lamport
209fc9dd3324 hello-world "/hello" 56 minutes ago Exited (0) 56 minutes ago flamboyant_knuth
d6087f654d9e hello-world "/hello" 2 hours ago Exited (0) 2 hours ago practical_wozniak
11)后台的模式启动的容器实例
[root@localhost ~]# docker run -d ubuntu:15.10 /bin/sh -c "while true; do echo hello world; sleep 1; done"
f1b40b91bb48a2cc832412b9e71860a44cddcd4fa83a82db7b64fcc9c68ad82f
[root@localhost ~]#
12)再次查看容器的情况:
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f1b40b91bb48 ubuntu:15.10 "/bin/sh -c 'while t…" 3 minutes ago Up 3 minutes great_tereshkova
[root@localhost ~]#
13)停止容器:
[root@localhost ~]# docker stop f1b40b91bb48
f1b40b91bb48
[root@localhost ~]#
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
4 开启远程访问(非必要,注意安全问题)
Docker远程访问可以用于手续的,直接使用Pycharm等工具连接的到我们的Docker,然后直接的使用工具进行镜像的制作!
PS:该方法千万不要在生产环境,否则100%被挖矿!!!!!!!!!!!!!
步骤
- 1)编辑docker的宿主机文件/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
- 2)修改内容:
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
- 3)更新修改
[root@localhost web_statistics]# systemctl daemon-reload
-
- 重启docker服务
[root@localhost web_statistics]# systemctl restart docker
-
- 测试访问情况
[root@localhost web_statistics]# curl http://localhost:2375/version
{"Platform":{"Name":"Docker Engine - Community"},"Components":[{"Name":"Engine","Version":"19.03.13","Details":{"ApiVersion":"1.40","Arch":"amd64","BuildTime":"2020-09-16T17:02:21.000000000+00:00","Experimental":"false","GitCommit":"4484c46d9d","GoVersion":"go1.13.15","KernelVersion":"3.10.0-1127.19.1.el7.x86_64","MinAPIVersion":"1.12","Os":"linux"}},{"Name":"containerd","Version":"1.3.7","Details":{"GitCommit":"8fba4e9a7d01810a393d5d25a3621dc101981175"}},{"Name":"runc","Version":"1.0.0-rc10","Details":{"GitCommit":"dc9208a3303feef5b3839f4323d9beb36df0a9dd"}},{"Name":"docker-init","Version":"0.18.0","Details":{"GitCommit":"fec3683"}}],"Version":"19.03.13","ApiVersion":"1.40","MinAPIVersion":"1.12","GitCommit":"4484c46d9d","GoVersion":"go1.13.15","Os":"linux","Arch":"amd64","KernelVersion":"3.10.0-1127.19.1.el7.x86_64","BuildTime":"2020-09-16T17:02:21.000000000+00:00"}
[root@localhost web_statistics]#
- 6)外网访问
5 一些常用命令
5.1常见DOCKER 基本命令:
- 启动Docker: systemctl start docker
- 重启Docker: systemctl restart docker
- 停止Docker: systemctl stop docker
- 开机启动Docker: systemctl enable docker
- 关闭Docker开机启动: systemctl disable docker.service
- 守护进程重启Docker: systemctl daemon-reload
- 查看DOCKER版本信息: docker version
- 查看DOCKER信息: docker info
番外补充:
- 查看是否设置开机启动列表: systemctl list-unit-files | grep enable
5.2常见DOCKER操作镜像 基本命令:
## 本地镜像:
- docker images 参数说明:
- docker images --no-trunc
- docker images --digests
## 镜像搜索 docker serach
- docker search redis --automated
- docker search redis --no-trunc
##下载Redis官方最新镜像,相当于:docker pull redis:latest
docker pull redis
##下载仓库所有Redis镜像
docker pull -a redis
##单个镜像删除,相当于:docker rmi redis:latest
docker rmi redis
##强制删除(针对基于镜像有运行的容器进程)
docker rmi -f redis
##多个镜像删除,不同镜像间以空格间隔
docker rmi -f redis tomcat nginx
##删除本地全部镜像
docker rmi -f $(docker images -q)
# 常见DOCKER操作容器:
- 容器的创建并启动 docker run - it XXXXX
- 查看容器的进程情况: docker ps
- 容器的推出: exit 或 ctrl+p+q
- 进入容器: docker attach 容器ID 或 容器名称
- 启动容器:docker start 容器ID 或 容器名称
- 重启容器:docker restart 容器ID 或 容器名称
- 停止容器:docker kill 容器ID 或 容器名称
- 强制删除容器:docker rm -f 容器ID 或 容器名称
##新建并启动容器,参数:-i 以交互模式运行容器;-t 为容器重新分配一个伪输入终端;--name 为容器指定一个名称
docker run -i -t --name mycentos
##后台启动容器,参数:-d 已守护方式启动容器
docker run -d mycentos
##启动一个或多个已经被停止的容器
docker start redis
##重启容器
docker restart redis
##进入容器---运行的容器不会退出
docker exec -i -t centos /bin/bash
##查看正在运行的容器
docker ps
##查看正在运行的容器的ID
docker ps -q
##查看正在运行+历史运行过的容器
docker ps -a
##显示运行容器总文件大小
docker ps -s
##停止一个运行中的容器
docker stop redis
##杀掉一个运行中的容器
docker kill redis
##删除一个已停止的容器
docker rm redis
##删除一个运行中的容器
docker rm -f redis
##删除多个容器
docker rm -f $(docker ps -a -q)
docker ps -a -q | xargs docker rm
## -l 移除容器间的网络连接,连接名为 db
docker rm -l db
## -v 删除容器,并删除容器挂载的数据卷
docker rm -v redis
docker version 查看DOCKER版本信息:
docker info 查看docker概要信息:
docker -v 可以查看 Docker 的版本
docker image --help
docker search imagename # 查找镜像
docker search --filter=stars=0 imagename # 仅显示指定星级以上的镜像,默认为 0,即输出所有镜像。
docker search --no-trunc imagename # 输出信息不截断,默认是截断的。
docker search --limit int imagename # 只返回多少个查询结果,默认为25
docker image pull centos = docker pull centos # 下载 centos 镜像
docker image pull -a # 下载在此分支的所有的镜像
docker image ls / docker images # 列出所有的镜像
docker image ls -a # 列出所有的镜像
docker image ls -f dangling=true # -f 过来,dangling=true 显示没有使用过的镜像
docker image ls --no-trunc # 对输出结果太长部分不进行截断,默认截断 加--no-trunc不截断。
docker image ls -q # 仅仅输出id信息
docker image history imagename # 查看镜像的构建过程
docker image history -q imagename # 仅仅输出id信息
docker image history --no-trunc imagename # 对输出结果太长部分不进行截断,默认截断 加--no-trunc不截断。
docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG] # 一个镜像可以对应多个标签,删除一个标签的镜像时,如果该镜像还对应着对个标签,则该镜像是不会被删除,类似于软链接
docker image inspect [OPTIONS] IMAGE [IMAGE...] # 显示一个或者多个镜像元信息。
docker image rm tagname # 删除镜像,一个镜像可以对应多个标签,删除一个标签的镜像时,如果该镜像还对应着对个标签,则该镜像是不会被删除的。假设我们一个镜像有a,b,c三个标签,我们删除 c 镜像就只会删除 c标签。当一个镜像只对应一个标签时,那时候删除,是会将镜像删除的。如果是删除id的话,如果该 id 对应的镜像有对应的容器在启动的话, 镜像是删除不了的,如果没有的话,但是有多个标签的话,是会一并删除的。
docker image rm -f tagname # 强制删除镜像
docker image prune # 移除所有未标记(TAG)的镜像
docker rm 容器
docker rmi tagname 镜像 # 删除镜像
docker stop $(docker ps -aq) #停止所有的容器
docker rm $(docker ps -aq) #删除所有的容器
docker rmi $(docker images -q) #删除所有的镜像
docker image prune --force --all或者docker image prune -f -a` # 删除所有不使用的镜像
docker container prune #删除所有停止的容器
docker update -m 1500M --memory-swap 1500M 897a6a09807a # Docker 修改正在运行的容器 -m 内存大小
docker logs --since="2016-07-01" --tail=10 mynginx # 查看容器mynginx从2016年7月1日后的最新10条日志
docker logs -t --since="2019-07-29T09:23:37" --until "2019-07-29T11:23:37" myrabbitmq # 查看某个时间段内的日志信息
6 安装docker-compose
yum install -y git
pip3 install docker-compose
或:
curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
curl -L "https://github.com/docker/compose/releases/download/1.28.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
然后修改执行权限
chmod +x /usr/local/bin/docker-compose
或者
yum install -y docker-compose
7 容器目录挂载
7.1 挂载作用
目录的挂载是为了解决容器内部的文件和外部的文件的互通,通过目录的挂载,可以同步相关的代码一级相关的配置修改,还有如日志双向的数据同步等。
7.2 挂载实现
单目录的挂载
[root@localhost ~]# docker run -it -v /宿主机目录:/容器主机的目录 镜像名(或镜像ID)
多目录的挂载
[root@localhost ~]# docker run -it -v /宿主机目录:/容器主机的目录 -v /宿主机目录:/容器主机的目录 镜像名(或镜像ID)
示例步骤
1):查询本地所有的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost ~]#
2:使用ubuntu镜像为例,进入ubuntu容器查看具体的信息,新建测试目录
[root@localhost ~]# docker run -it 9b9cb95443b5 /bin/bash
root@6199fa3fd9d1:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@6199fa3fd9d1:/# ^C
root@6199fa3fd9d1:/# mkdir ceshitongbu001
root@6199fa3fd9d1:/# ls
bin boot ceshitongbu001 dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@6199fa3fd9d1:/#
3:挂载宿主目录到容器内部的ceshitongbu001目录下
[root@localhost ~]# cd ..
[root@localhost /]# ls
bin boot data dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@localhost /]# mkdir suzhuceshi0001
root@localhost /]# ls
bin boot data dev etc home lib lib64 media mnt opt proc root run sbin srv suzhuceshi0001 sys tmp usr var
[root@localhost /]#
执行挂载
[root@localhost /]# docker run -it -v suzhuceshi0001/:/ceshitongbu001 9b9cb95443b5
docker: Error response from daemon: create suzhuceshi0001/: "suzhuceshi0001/" includes invalid characters for a local volume name, only "[a-zA-Z0-9][a-zA-Z0-9_.-]" are allowed. If you intended to pass a host directory, use absolute path.
See 'docker run --help'.
[root@localhost /]#
错误2:
[root@localhost /]# docker run -it -v suzhuceshi0001/:ceshitongbu001/ 9b9cb95443b5
docker: Error response from daemon: invalid volume specification: 'suzhuceshi0001/:ceshitongbu001/': invalid mount config for type "volume": invalid mount path: 'ceshitongbu001/' mount path must be absolute.
See 'docker run --help'.
处理
显示文件路径必须完整(即:以“/”开头)
[root@localhost /]# docker run -it -v /suzhuceshi0001/:/ceshitongbu001/ 9b9cb95443b5
root@509bd82ac9b4:/#
4:外部编辑修改文件,然后查看容器内部的文件信息
5:容器同步到外部
#其他补充挂载容器目录可读写性 如:容器内的ceshitongbu001下的内容都不运行修改
[root@localhost ~]# docker run -it -v /宿主机目录:/容器主机的目录:ro 镜像名(或镜像ID)
#实践:
[root@localhost /]# docker run -it -v /suzhuceshi0001/:/ceshitongbu001/:ro 9b9cb95443b5
root@c6aa103b9b79:/# cd ceshitongbu001/
root@c6aa103b9b79:/ceshitongbu001# touch sdsds.tex
touch: cannot touch 'sdsds.tex': Read-only file system
root@c6aa103b9b79:/ceshitongbu001# touch sdsds.tet
touch: cannot touch 'sdsds.tet': Read-only file system
root@c6aa103b9b79:/ceshitongbu001#
7.2 文件拷贝——容器和宿主主机的之间相互拷贝
来源:www.runoob.com/docker/dock…
将主机/www/runoob目录拷贝到容器96f7f14e99ab的/www目录下。
docker cp /www/runoob 96f7f14e99ab:/www/
将主机/www/runoob目录拷贝到容器96f7f14e99ab中,目录重命名为www。
docker cp /www/runoob 96f7f14e99ab:/www
将容器96f7f14e99ab的/www目录拷贝到主机的/tmp目录中。
docker cp 96f7f14e99ab:/www /tmp/
8 Nginx容器部署静态页面和redis的安装部署
8.1 nginx实践结果:
把前后端分类的后台页面部署并访问
环境
win10下+虚拟主机+docker
番外篇:
可以使用 在线:labs.play-with-docker.com/
步骤
- 1)拉取镜像(不加对于的版本的默认是最新的版本)
[root@localhost /]# docker pull nginx:latest
- 2)查看本地的镜像信息是否已拉取成功
[root@localhost /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
- 3)端口映射且启动服务
[root@localhost /]# docker run -di -p 80:80 nginx
a90e1eb657cb544f1c0f1fdd0445b355a4c992c7b03aed73b0601d880b624894
或者指定容器别名
[root@localhost /]# docker run -di --name mynginx -p 80:80 nginx
88343f5b3a3c120b5e1f2fa2ff5998da50729cf4466c0106bc04cfe3fb12d7ed
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
88343f5b3a3c nginx "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp mynginx
[root@localhost /]#
- 4)访问对应服务
- 5)把Vue打包好的页面HTML文件拷贝到宿主主机上(可以直接上传整个dist)
文件同步
- 6)查看Nginx容器内部的目录结构
[root@localhost /]# docker exec -it mynginx /bin/bash
root@88343f5b3a3c:/# ls
bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@88343f5b3a3c:/# dir
bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@88343f5b3a3c:/#
镜像把Nginx安装到了etc的下面
root@88343f5b3a3c:/# cd etc/
root@88343f5b3a3c:/etc# ls
adduser.conf ca-certificates.conf dpkg group- hosts ld.so.cache login.defs nginx passwd rc2.d resolv.conf shadow- systemd
alternatives cron.daily environment gshadow init.d ld.so.conf logrotate.d nsswitch.conf passwd- rc3.d rmt shells terminfo
apt debconf.conf fonts gshadow- inputrc ld.so.conf.d machine-id opt profile rc4.d securetty skel timezone
bash.bashrc debian_version fstab gss issue ldap mke2fs.conf os-release profile.d rc5.d security ssl ucf.conf
bindresvport.blacklist default gai.conf host.conf issue.net libaudit.conf motd pam.conf rc0.d rc6.d selinux subgid update-motd.d
ca-certificates deluser.conf group hostname kernel localtime mtab pam.d rc1.d rcS.d shadow subuid xattr.conf
root@88343f5b3a3c:/etc# ^C
root@88343f5b3a3c:/etc# cd nginx
root@88343f5b3a3c:/etc/nginx# cat nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
root@88343f5b3a3c:/etc/nginx#
- 6)查看Nginx配置信息对于的--- include /etc/nginx/conf.d/*.conf;
root@88343f5b3a3c:/etc/nginx/conf.d# cd /etc/nginx/conf.d/
root@88343f5b3a3c:/etc/nginx/conf.d# dir
default.conf
root@88343f5b3a3c:/etc/nginx/conf.d#
查看default.conf
root@88343f5b3a3c:/etc/nginx/conf.d# cat default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
root@88343f5b3a3c:/etc/nginx/conf.d#
- 7)查看Nginx默认配置目录信息 /usr/share/nginx/html;
[root@localhost ~]# docker exec -it mynginx /bin/bash
root@88343f5b3a3c:/# cd /usr/share/nginx/html/
root@88343f5b3a3c:/usr/share/nginx/html# ls
50x.html index.html
root@88343f5b3a3c:/usr/share/nginx/html#
- 8)替换对应的目录 把dist 下的文件拷贝到容器对于的/usr/share/nginx/html下
直接的替换目录也可以,修改具体的名称之后,拷贝整个的目录到/usr/share/nginx/html下
[root@localhost data]# mv dist html
[root@localhost data]# ls
backup bak ceshi html jiao QQpro www wwwroot wwwroot2
[root@localhost data]#
覆盖
root@localhost data]# docker cp html mynginx:/usr/share/nginx/
[root@localhost data]#
- 9)查看访问情况
- 10)关闭容器再查看访问情况
8.2 redis实践结果
安装部署redis后,实现对应的外网连接
步骤
- 1)拉取镜像
[root@localhost data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost data]#
本地以及有一个redis 4.0.14
- 2) 启动redis容器
[root@localhost data]# docker run -di --name myredis -p 6379:6379 191c4017dcdd
8bd4c69fec011f7ecfacd55e398116dc82b5ce8ba4f2b7bf0d21b8a1f63b8b01
[root@localhost data]#
- 3) 外部链接redis容器
9 镜像的迁移和备份
应用场景
1:把某个服务器上的镜像迁移到另一台服务器上,导入保存为文件,然后再进行恢复回一个镜像 2:对现有的运行的容器进行配置修改或升级之后,重新生成一个新的镜像,基于新的镜像创建为修改后的容器
实践
##把运行了的容器打包保存为新的镜像
docker commit 容器 新的镜像名称
说明: 上一节中我们的部署来我们的后台网站地址把它放到容器内部,这种也算是对容器的修改,那现在我们需要直接把修改后的容器打包会心动的镜像,后续其他服务器可以直接的拉取镜像,然后运行容器即可
###步骤:
- 1)打包新的镜像
提交修改
[root@localhost data]# docker commit mynginx newmynginx
sha256:cd903b9a327f6e622336dd1306001d26c7d398da6eb82a045afd8b10e2f443e6
查看当前镜像
[root@localhost data]# docker imsges
docker: 'imsges' is not a docker command.
See 'docker --help'
[root@localhost data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
newmynginx latest cd903b9a327f 11 seconds ago 146MB
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost data]#
-2 )测试新生成的镜像的运行
默认80端口已经被占用,所以修改修改映射的端口
[root@localhost data]# docker run -di --name mynxgin_houtai -p 81:80 newmynginx
577f20eff3f633452199ec74617192a75bc34543b2f7fa75e57ebbe36da56b7e
[root@localhost data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
577f20eff3f6 newmynginx "/docker-entrypoint.…" 6 seconds ago Up 6 seconds 0.0.0.0:81->80/tcp mynxgin_houtai
8bd4c69fec01 191c4017dcdd "docker-entrypoint.s…" 21 minutes ago Up 21 minutes 0.0.0.0:6379->6379/tcp myredis
88343f5b3a3c nginx "/docker-entrypoint.…" About an hour ago Up About a minute 0.0.0.0:80->80/tcp mynginx
[root@localhost data]#
- 3)访问
- 4)镜像备份导出
docker save -o 导出的文件命名的名称.tar 需要导出镜像的名称
如:
[root@localhost data]# docker save -o houtaiquandian.tar newmynginx
[root@localhost data]# ls
backup bak ceshi houtaiquandian.tar html jiao QQpro www wwwroot wwwroot2
[root@localhost data]#
最终生成了
houtaiquandian.tar
- 5)镜像导入 前提,我们试一试把先用一些的镜像都删除
1:先把基于之前镜像所运行的容器给删除
停止容器
[root@localhost data]# docker stop mynginx
[root@localhost data]# docker stop mynxgin_houtai
然后删除容器:
[root@localhost data]# docker rm mynginx
mynginx
[root@localhost data]# docker rm mynxgin_houtai
mynxgin_houtai
[root@localhost data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
newmynginx latest cd903b9a327f 21 minutes ago 146MB
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost data]#
删除镜像:
[root@localhost data]# docker rmi newmynginx
Untagged: newmynginx:latest
Deleted: sha256:cd903b9a327f6e622336dd1306001d26c7d398da6eb82a045afd8b10e2f443e6
Deleted: sha256:a0328d3ea0d485f161cf1e7c38fc7f79dd6815272967e9a4d768c0cf614f4ad7
[root@localhost data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost data]#
查看已删除了newmynginx 的镜像
执行恢复或说导入
[root@localhost data]# docker load -i houtaiquandian.tar
2bfa788663b7: Loading layer [==================================================>] 13.35MB/13.35MB
Loaded image: newmynginx:latest
[root@localhost data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
newmynginx latest cd903b9a327f 24 minutes ago 146MB
tomcat latest 891fcd9c5b3a 2 weeks ago 647MB
nginx latest f35646e83998 3 weeks ago 133MB
redis 4.0.14 191c4017dcdd 6 months ago 89.3MB
hell02 latest bf756fb1ae65 10 months ago 13.3kB
centos centos7.1.1503 e1430271e2f9 20 months ago 212MB
ubuntu 15.10 9b9cb95443b5 4 years ago 137MB
[root@localhost data]#
导入成功后发现 newmynginx 的镜像又恢复了!
- 6)继续运行测试
[root@localhost data]# docker run -di --name daorunginx -p 80:80 newmynginx
cb252d0bb06e54abe65468f08a9decb0b4b3760a689c62264a7c5e0000431739
[root@localhost data]#
测试访问正常
总结:
以上仅仅是个人结合自己的实际需求,做学习的实践笔记!如有笔误!欢迎批评指正!感谢各位大佬!
结尾
END
简书:www.jianshu.com/u/d6960089b…
公众号:微信搜【小儿来一壶枸杞酒泡茶】
小钟同学 | 文 【原创】【欢迎一起学习交流】| QQ:308711822
