RHCSA
第一章
课程环境
2023-05-27
维护系统时间
时期
[root@foundation0 /]# timedatectl
Local time: Sat 2023-05-27 10:46:52 CST
Universal time: Sat 2023-05-27 02:46:52 UTC
RTC time: Sat 2023-05-27 02:46:53
Time zone: Asia/Shanghai (CST, +0800)
System clock synchronized: no
NTP service: active
RTC in local TZ: no
时间同步
ntp
chrony
journalctl
Ipv4/6
nmcli
nmtui
hostname
scp
ftp
sftp
rsync
ipv4
rpm
yum
repo
文件系统
mount
lsof查询占用
locate
find
-perm 按照权限查找
-size 按文件大小查找
虚拟机添加网卡
在终端输入virt-manager回车,双击
2023-05-28
shell
脚本第一行:#!/bin/bash
第二行:尽可能声明PATH路径
单引号:保留字面值,原封不动输出
双引号:遇到特殊字符会优先处理,并把处理结果输出
反撇:必须死可执行命令,把执行的结果输出
$? 测试是否执行成功
$0 查看当前执行的shell
条件测试
grep
^root 查询root开头
root$查询root结尾
tuned性能调优
cron
计划任务:crond
分时日月周
crontab
进程优先级(-20~19)-20优先级最高
nice
ACL(处理不同用户有不同权限)
mask用来规定对象的最高权限
facl
2023-06-03
第五章 selinux
mv 移动保持原标签
cp 移动保持目的标签
移动和复制的结果不一样,mv更快
启动selinux
setenforce 1 启动
setenforce 0 关闭
查看文件标签
ll -Z file
查看更改情况
semanage
[root@foundation0 /]# ls -Z /home/
unconfined_u:object_r:user_home_dir_t:s0 kiosk
unconfined_u:object_r:user_home_dir_t:s0 zz
unconfined_u:object_r:home_root_t:s0 readme.txt
sealert
更改文件标签
chcon -t user_tmp_t file 直接更改文件标签
semanage fcontext -a -t user_tmp_t /filetest 写入数据库配置更改文件标签(需要restart
管理基本存储
磁盘分区
MBR/GPT
分区工具
Fdisk/gdisk/parted/mkfs/mount/(/tc/fstab)
fdisk xxx
查看分区
[root@serverb /]# fdisk -l
Disk /dev/vda: 10 GiB, 10737418240 bytes, 20971520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 7E3CDFD9-E4C6-44E5-B774-8875B5C717C5
Device Start End Sectors Size Type
/dev/vda1 2048 4095 2048 1M BIOS boot
/dev/vda2 4096 208895 204800 100M EFI System
/dev/vda3 208896 20969471 20760576 9.9G Linux filesystem
Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: C964E69F-F24C-4C06-AE4C-AFC378BC5621
Device Start End Sectors Size Type
/dev/vdb1 2048 10485726 10483679 5G Linux filesystem
/dev/vdb2 34 2047 2014 1007K Linux filesystem
Partition table entries are not in disk order.
Disk /dev/vdc: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/vdd: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@serverb /]# fdisk -l
Disk /dev/vda: 10 GiB, 10737418240 bytes, 20971520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 7E3CDFD9-E4C6-44E5-B774-8875B5C717C5
Device Start End Sectors Size Type
/dev/vda1 2048 4095 2048 1M BIOS boot
/dev/vda2 4096 208895 204800 100M EFI System
/dev/vda3 208896 20969471 20760576 9.9G Linux filesystem
Disk /dev/vdb: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: C964E69F-F24C-4C06-AE4C-AFC378BC5621
Device Start End Sectors Size Type
/dev/vdb1 2048 10485726 10483679 5G Linux filesystem
/dev/vdb2 34 2047 2014 1007K Linux filesystem
Partition table entries are not in disk order.
Disk /dev/vdc: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/vdd: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Help:
DOS (MBR)
a toggle a bootable flag
b edit nested BSD disklabel
c toggle the dos compatibility flag
Generic
d delete a partition
F list free unpartitioned space
l list known partition types
n add a new partition
p print the partition table
t change a partition type
v verify the partition table
i print information about a partition
Misc
m print this menu
u change display/entry units
x extra functionality (experts only)
Script
I load disk layout from sfdisk script file
O dump disk layout to sfdisk script file
Save & Exit
w write table to disk and exit
q quit without saving changes
Create a new label
g create a new empty GPT partition table
G create a new empty SGI (IRIX) partition table
o create a new empty DOS partition table
s create a new empty Sun partition table
mkfs 硬盘格式化
写入mount
df -h
管理交换分区
mkswap
swapon /sdb1 #打开交换分区
swapoff /sdb1 #关闭交换分区
逻辑卷管理
LVM管理
pv - vg - lv
2023-06-04
高级存储管理
Stratis存储池
VDO压缩存储和删除重复数据
瘦文件系统,用有限的物理存储对外输出超大文件系统
底层为设备,/dev/vdb 存储池
vdo去重和压缩场景:大量重复数据
vdo创建的fstab挂载通过man vdo
第九章 访问NFS网络
NFS服务器搭建
查看别人给你共享的文件
showmount -e
#在servera服务端
[root@servera ~]# yum install -y nfs-utils
Last metadata expiration check: 1:42:58 ago on Sun 04 Jun 2023 07:03:31 PM CST.
Package nfs-utils-1:2.3.3-31.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera ~]# mkdir /floder
[root@servera ~]# vim /etc/exports
[root@servera ~]# yum install -y nfs-utils
Last metadata expiration check: 1:42:58 ago on Sun 04 Jun 2023 07:03:31 PM CST.
Package nfs-utils-1:2.3.3-31.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera ~]# mkfor /floder
-bash: mkfor: command not found
[root@servera ~]# mkdir /floder
[root@servera ~]# vim /etc/exports
[root@servera ~]#
#在serverb 客户端
[root@foundation0 ~]# ssh root@serverb
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Sun Jun 4 20:43:27 2023 from 172.25.250.250
[root@serverb ~]# mkdir /flodermount
[root@serverb zfk]# mount -t nfs servera:/folder /flodermount
创建自动挂载
autofs
第10章 控制启动进程
配置文件
systemd : /usr
target
##############主动进入特定target步骤##############
1,重启
2,在开始菜单找到招呢工程操作系统菜单,按e
3,找到以'linux’开头的行,追加systemd.unit=emergency.target
console =0
4,ctrl x #启动系统
5,输入root密码进入系统维护
6,以读写模式挂载
mount -o remount,rw /sysroot
exit
exit
操作系统继续启动--->自动重启
##############重置root口令##############
1,重启
2,在开始菜单找到招呢工程操作系统菜单,按e
3,找到以'linux’开头的行,追加 rd.break
4,ctrl x #启动系统
mount -o remount,rw /sysroot
chroot /sysroot#
2023-06-10
管理网络安全
selinux和firewall
linux防火墙
public 默认区域,拒绝除与出站有关的通信或预定义服务
防火墙配置
firewall-manager
配置文件
/etc/firewalld
/usr/lib/friewalld
firewall管理工具:firewalld
特点:语法全拼
runtime单次生效,permanent永久生效
图形化配置工具:firewall-config
命令行配置工具:firewall-cmd
selinux
SELINUX有端口标记,一个服务想要监听端口,SELINUX必须同意
查看某个端口在哪个标记上关联 semanage port -l |grep NUMBER
添加一个端口到某个标记 semangae port -a- t xxx_t -p TCP/UDP NUMBERS
安装操作系统
手工安装
1,需要有iso
iso目录:/content/rhel8.2/x86_64/isos/rhel-8.2-x86_64-dvd.iso
自动配置操作系统,用servera作为安装服务器
[root@workstation ~]# ssh root@servera
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Sat Jun 10 20:02:20 2023
[root@servera ~]# yum install -y dhcp-server
Last metadata expiration check: 1:04:58 ago on Sat 10 Jun 2023 08:09:55 PM CST.
Package dhcp-server-12:4.3.6-40.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp-server/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
[root@servera ~]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite '/etc/dhcp/dhcpd.conf'? y
[root@servera ~]# vim /etc/dhcp/dhcpd.conf
'删除26 27行以及36行以后的,并更改配置'
subnet 172.25.250.0 netmask 255.255.255.0 {
range 172.25.250.100 172.25.250.200;
option routers 172.25.250.254;
}
[root@servera ~]# systemctl restart dhcp
Failed to restart dhcp.service: Unit dhcp.service not found.
[root@servera ~]# systemctl restart dhcpd
[root@servera ~]# yum install tftp-server -y
Last metadata expiration check: 1:20:37 ago on Sat 10 Jun 2023 08:09:55 PM CST.
Dependencies resolved.
========================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================
Installing:
tftp-server x86_64 5.2-24.el8 rhel-8.2-for-x86_64-appstream-rpms 50 k
Transaction Summary
========================================================================================================================================
Install 1 Package
Total download size: 50 k
Installed size: 67 k
Downloading Packages:
tftp-server-5.2-24.el8.x86_64.rpm 263 kB/s | 50 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------
Total 258 kB/s | 50 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : tftp-server-5.2-24.el8.x86_64 1/1
Running scriptlet: tftp-server-5.2-24.el8.x86_64 1/1
Verifying : tftp-server-5.2-24.el8.x86_64 1/1
Installed:
tftp-server-5.2-24.el8.x86_64
Complete!
[root@servera ~]# yum install syslinux -y
Last metadata expiration check: 1:21:02 ago on Sat 10 Jun 2023 08:09:55 PM CST.
Dependencies resolved.
========================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================
Installing:
syslinux x86_64 6.04-4.el8 rhel-8.2-for-x86_64-baseos-rpms 579 k
Installing dependencies:
mtools x86_64 4.0.18-14.el8 rhel-8.2-for-x86_64-baseos-rpms 213 k
syslinux-nonlinux noarch 6.04-4.el8 rhel-8.2-for-x86_64-baseos-rpms 555 k
Transaction Summary
========================================================================================================================================
Install 3 Packages
Total download size: 1.3 M
Installed size: 3.0 M
Downloading Packages:
(1/3): mtools-4.0.18-14.el8.x86_64.rpm 2.3 MB/s | 213 kB 00:00
(2/3): syslinux-nonlinux-6.04-4.el8.noarch.rpm 4.8 MB/s | 555 kB 00:00
(3/3): syslinux-6.04-4.el8.x86_64.rpm 4.7 MB/s | 579 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------
Total 11 MB/s | 1.3 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : mtools-4.0.18-14.el8.x86_64 1/3
Running scriptlet: mtools-4.0.18-14.el8.x86_64 1/3
Installing : syslinux-nonlinux-6.04-4.el8.noarch 2/3
Installing : syslinux-6.04-4.el8.x86_64 3/3
Running scriptlet: syslinux-6.04-4.el8.x86_64 3/3
Verifying : mtools-4.0.18-14.el8.x86_64 1/3
Verifying : syslinux-6.04-4.el8.x86_64 2/3
Verifying : syslinux-nonlinux-6.04-4.el8.noarch 3/3
Installed:
mtools-4.0.18-14.el8.x86_64 syslinux-6.04-4.el8.x86_64 syslinux-nonlinux-6.04-4.el8.noarch
Complete!
[root@servera ~]# find / -name pxelinux.0
/usr/share/syslinux/pxelinux.0
[root@servera ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@servera ~]#
[root@servera ~]# find / -name pxelinux.0
/usr/share/syslinux/pxelinux.0
[root@servera ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@servera ~]# systemctl enable tftp --now
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket → /usr/lib/systemd/system/tftp.socket.
[root@servera ~]# firewall-cmd --add-service=tftp
success
[root@servera ~]# firewall-cmd --add-service=tftp --permanent
success
[root@servera ~]# vim /etc/dhcp/dhcpd.conf
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
# This is a very basic subnet declaration.
subnet 172.25.250.0 netmask 255.255.255.0 {
range 172.25.250.100 172.25.250.200;
option routers 172.25.250.254;
next-server 172.25.250.10;
filename "pxelinux.0";
}
在foundation0中
[root@foundation0 ~]# cd /content/rhel8.2/x86_64/dvd/
[root@foundation0 dvd]#
[root@foundation0 dvd]# scp isolinux/* root@servera:/var/lib/tftpboot/
Warning: Permanently added 'servera,172.25.250.10' (ECDSA) to the list of known hosts.
boot.cat 100% 2048 339.3KB/s 00:00
boot.msg 100% 84 8.3KB/s 00:00
grub.conf 100% 321 95.8KB/s 00:00
initrd.img 100% 63MB 36.0MB/s 00:01
isolinux.bin 100% 38KB 1.1MB/s 00:00
isolinux.cfg 100% 3149 1.6MB/s 00:00
ldlinux.c32 100% 113KB 10.3MB/s 00:00
libcom32.c32 100% 176KB 19.3MB/s 00:00
libutil.c32 100% 22KB 8.7MB/s 00:00
memtest 100% 178KB 32.6MB/s 00:00
splash.png 100% 186 181.7KB/s 00:00
TRANS.TBL 100% 2885 1.6MB/s 00:00
vesamenu.c32 100% 26KB 16.2MB/s 00:00
vmlinuz 100% 8705KB 48.1MB/s 00:00
[root@foundation0 dvd]#
在servera中
[root@servera ~]# cd /var/lib/tftpboot/
[root@servera tftpboot]# mkdir pxelinux.cfg
[root@servera tftpboot]# cd isolinux.cfg pxelinux.cfg/default
-bash: cd: too many arguments
[root@servera tftpboot]# cp isolinux.cfg pxelinux.cfg/default
[root@servera tftpboot]# ls
boot.cat grub.conf isolinux.bin ldlinux.c32 libutil.c32 pxelinux.0 splash.png vesamenu.c32
boot.msg initrd.img isolinux.cfg libcom32.c32 memtest pxelinux.cfg TRANS.TBL vmlinuz
[root@servera tftpboot]#
[root@servera tftpboot]# vim pxelinux.cfg/default
==在64行修改文件==
http://172.25.254.250/rhel8.2/x86_64/dvd
label linux
menu label ^Install Red Hat Enterprise Linux 8.2
kernel vmlinuz
append initrd=initrd.img inst.stage2=http://172.25.254.250/rhel8.2/x86_64/dvd ks=http:/172.25.250.10/ks.cfg quiet
无人值守安装
[root@servera tftpboot]# yum install httpd -y
Last metadata expiration check: 0:04:33 ago on Sat 10 Jun 2023 10:50:57 PM CST.
Package httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera tftpboot]#
[root@servera tftpboot]# mv kickstart.txt /var/www/html/ks.cfg
mv: cannot stat 'kickstart.txt': No such file or directory
[root@servera tftpboot]#
[root@servera tftpboot]# systemctl enable httpd --now
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@servera tftpboot]#
[root@servera tftpboot]# firewall-cmd --add-service=http --permanent
success
[root@servera tftpboot]#
[root@servera tftpboot]# vim /var/lib/tftpboot/pxelinux.cfg/default
[root@servera tftpboot]#
配置文件
lang en_US
keyboard us
timezone Asia/Shanghai --utc
rootpw $2b$10$Pe1hytBQNoeMVvEk.f7v0.S6HfQu/Orgw1OCRBwy12weu1FdomekS --iscrypted
reboot
url --url=http://172.25.254.250/rhel8.2/x86_64/dvd
bootloader --append="rhgb quiet crashkernel=auto"
zerombr
clearpart --all --initlabel
autopart
network --bootproto=dhcp
firstboot --disable
selinux --enforcing
firewall --enabled
%packages
@^minimal-environment
kexec-tools
%end
vim /var/lib/tftpboot/pxelinux.cfg/default
label linux
menu label ^Install Red Hat Enterprise Linux 8.2
menu default
kernel vmlinuz
append initrd=initrd.img inst.stage2=http://172.25.254.250/rhel8.2/x86_64/dvd ks=http://172.25.250.10/ks.cfg quiet
2023-06-11
运行容器
[root@foundation0 ~]# sudo yum install -y yum-utils
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Last metadata expiration check: 0:00:55 ago on Sun 11 Jun 2023 11:03:16 AM CST.
Dependencies resolved.
====================================================================================================
Package Architecture Version Repository Size
====================================================================================================
Installing:
yum-utils noarch 4.0.18-4.el8 ucf-rhel-8-for-x86_64-baseos-rpms 72 k
Transaction Summary
====================================================================================================
Install 1 Package
Total size: 72 k
Installed size: 22 k
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : yum-utils-4.0.18-4.el8.noarch 1/1
Running scriptlet: yum-utils-4.0.18-4.el8.noarch 1/1
Verifying : yum-utils-4.0.18-4.el8.noarch 1/1
Installed products updated.
Installed:
yum-utils-4.0.18-4.el8.noarch
Complete!
[root@foundation0 ~]# sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
[root@foundation0 ~]# sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Docker CE Stable - x86_64 26 kB/s | 46 kB 00:01
Dependencies resolved.
====================================================================================================
Package Arch Version Repository Size
====================================================================================================
Installing:
containerd.io x86_64 1.6.21-3.1.el8 docker-ce-stable 34 M
docker-buildx-plugin x86_64 0.10.5-1.el8 docker-ce-stable 12 M
docker-ce x86_64 3:24.0.2-1.el8 docker-ce-stable 24 M
docker-ce-cli x86_64 1:24.0.2-1.el8 docker-ce-stable 7.2 M
docker-compose-plugin x86_64 2.18.1-1.el8 docker-ce-stable 12 M
Installing dependencies:
container-selinux noarch 2:2.158.0-1.module+el8.4.0+10607+f4da7515
ucf-rhel-8-for-x86_64-appstream-rpms 51 k
docker-ce-rootless-extras x86_64 24.0.2-1.el8 docker-ce-stable 4.9 M
fuse-overlayfs x86_64 1.4.0-2.module+el8.4.0+10607+f4da7515
ucf-rhel-8-for-x86_64-appstream-rpms 72 k
fuse3 x86_64 3.2.1-12.el8 ucf-rhel-8-for-x86_64-baseos-rpms 50 k
fuse3-libs x86_64 3.2.1-12.el8 ucf-rhel-8-for-x86_64-baseos-rpms 94 k
libslirp x86_64 4.3.1-1.module+el8.4.0+10607+f4da7515
ucf-rhel-8-for-x86_64-appstream-rpms 69 k
slirp4netns x86_64 1.1.8-1.module+el8.4.0+10607+f4da7515
ucf-rhel-8-for-x86_64-appstream-rpms 51 k
Enabling module streams:
container-tools rhel8
Transaction Summary
====================================================================================================
Install 12 Packages
Total size: 94 M
Total download size: 94 M
Installed size: 362 M
Is this ok [y/N]: y
Downloading Packages:
(1/6): docker-buildx-plugin-0.10.5-1.el8.x86_64.rpm 222 kB/s | 12 MB 00:56
(2/6): docker-ce-24.0.2-1.el8.x86_64.rpm 356 kB/s | 24 MB 01:09
(3/6): docker-ce-cli-24.0.2-1.el8.x86_64.rpm 415 kB/s | 7.2 MB 00:17
(4/6): docker-ce-rootless-extras-24.0.2-1.el8.x86_64.rpm 673 kB/s | 4.9 MB 00:07
(5/6): docker-compose-plugin-2.18.1-1.el8.x86_64.rpm 484 kB/s | 12 MB 00:24
(6/6): containerd.io-1.6.21-3.1.el8.x86_64.rpm 315 kB/s | 34 MB 01:49
----------------------------------------------------------------------------------------------------
Total 878 kB/s | 94 MB 01:49
warning: /var/cache/dnf/docker-ce-stable-fa9dc42ab4cec2f4/packages/containerd.io-1.6.21-3.1.el8.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Docker CE Stable - x86_64 2.9 kB/s | 1.6 kB 00:00
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35
From : https://download.docker.com/linux/centos/gpg
Is this ok [y/N]: y
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch 1/12
Installing : container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch 1/12
Running scriptlet: container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch 1/12
Installing : docker-compose-plugin-2.18.1-1.el8.x86_64 2/12
Running scriptlet: docker-compose-plugin-2.18.1-1.el8.x86_64 2/12
Installing : containerd.io-1.6.21-3.1.el8.x86_64 3/12
Running scriptlet: containerd.io-1.6.21-3.1.el8.x86_64 3/12
Installing : libslirp-4.3.1-1.module+el8.4.0+10607+f4da7515.x86_64 4/12
Installing : slirp4netns-1.1.8-1.module+el8.4.0+10607+f4da7515.x86_64 5/12
Installing : fuse3-libs-3.2.1-12.el8.x86_64 6/12
Running scriptlet: fuse3-libs-3.2.1-12.el8.x86_64 6/12
Installing : fuse3-3.2.1-12.el8.x86_64 7/12
Installing : fuse-overlayfs-1.4.0-2.module+el8.4.0+10607+f4da7515.x86_64 8/12
Running scriptlet: fuse-overlayfs-1.4.0-2.module+el8.4.0+10607+f4da7515.x86_64 8/12
Installing : docker-buildx-plugin-0.10.5-1.el8.x86_64 9/12
Running scriptlet: docker-buildx-plugin-0.10.5-1.el8.x86_64 9/12
Installing : docker-ce-cli-1:24.0.2-1.el8.x86_64 10/12
Running scriptlet: docker-ce-cli-1:24.0.2-1.el8.x86_64 10/12
Installing : docker-ce-rootless-extras-24.0.2-1.el8.x86_64 11/12
Running scriptlet: docker-ce-rootless-extras-24.0.2-1.el8.x86_64 11/12
Installing : docker-ce-3:24.0.2-1.el8.x86_64 12/12
Running scriptlet: docker-ce-3:24.0.2-1.el8.x86_64 12/12
Running scriptlet: container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch 12/12
Running scriptlet: docker-ce-3:24.0.2-1.el8.x86_64 12/12
Verifying : containerd.io-1.6.21-3.1.el8.x86_64 1/12
Verifying : docker-buildx-plugin-0.10.5-1.el8.x86_64 2/12
Verifying : docker-ce-3:24.0.2-1.el8.x86_64 3/12
Verifying : docker-ce-cli-1:24.0.2-1.el8.x86_64 4/12
Verifying : docker-ce-rootless-extras-24.0.2-1.el8.x86_64 5/12
Verifying : docker-compose-plugin-2.18.1-1.el8.x86_64 6/12
Verifying : fuse3-3.2.1-12.el8.x86_64 7/12
Verifying : fuse3-libs-3.2.1-12.el8.x86_64 8/12
Verifying : container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch 9/12
Verifying : fuse-overlayfs-1.4.0-2.module+el8.4.0+10607+f4da7515.x86_64 10/12
Verifying : libslirp-4.3.1-1.module+el8.4.0+10607+f4da7515.x86_64 11/12
Verifying : slirp4netns-1.1.8-1.module+el8.4.0+10607+f4da7515.x86_64 12/12
Installed products updated.
Installed:
container-selinux-2:2.158.0-1.module+el8.4.0+10607+f4da7515.noarch
containerd.io-1.6.21-3.1.el8.x86_64
docker-buildx-plugin-0.10.5-1.el8.x86_64
docker-ce-3:24.0.2-1.el8.x86_64
docker-ce-cli-1:24.0.2-1.el8.x86_64
docker-ce-rootless-extras-24.0.2-1.el8.x86_64
docker-compose-plugin-2.18.1-1.el8.x86_64
fuse-overlayfs-1.4.0-2.module+el8.4.0+10607+f4da7515.x86_64
fuse3-3.2.1-12.el8.x86_64
fuse3-libs-3.2.1-12.el8.x86_64
libslirp-4.3.1-1.module+el8.4.0+10607+f4da7515.x86_64
slirp4netns-1.1.8-1.module+el8.4.0+10607+f4da7515.x86_64
Complete!
[root@foundation0 ~]# rht-vmctl reset bastion -q
Powering off bastion..
Resetting bastion.
Creating virtual machine disk overlay for rh134-bastion-vda.qcow2
Starting bastion.
[root@foundation0 ~]#
[root@foundation0 ~]# sudo systemctl start docker
[root@foundation0 ~]# sudo systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@foundation0 ~]# sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
719385e32844: Pull complete
Digest: sha256:fc6cf906cbfa013e80938cdf0bb199fbdbb86d6e3e013783e5a766f50f5dbce0
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Docker常用命令
run Create and run a new container from an image
exec Execute a command in a running container
ps List containers
build Build an image from a Dockerfile
pull Download an image from a registry
push Upload an image to a registry
images List images
login Log in to a registry
logout Log out from a registry
search Search Docker Hub for images
version Show the Docker version information
info Display system-wide information
[root@foundation0 ~]# docker run -dit --name zfk centos /bin/bash
48162bb46794b2da041a84aed174043aa67849181dcb4d863d6492b225f1515f
[root@foundation0 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48162bb46794 centos "/bin/bash" 5 seconds ago Up 4 seconds zfk
[root@foundation0 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48162bb46794 centos "/bin/bash" 8 seconds ago Up 7 seconds zfk
[root@foundation0 ~]# bash
[root@foundation0 ~]# exit
exit
[root@foundation0 ~]# bash
[root@foundation0 ~]# exit
exit
[root@foundation0 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
48162bb46794 centos "/bin/bash" About a minute ago Up About a minute zfk
[root@foundation0 ~]# docker exec -it zfk /bin/bash
[root@48162bb46794 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@48162bb46794 /]# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Thread(s) per core: 1
Core(s) per socket: 2
Socket(s): 2
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 6
Model: 154
Model name: 12th Gen Intel(R) Core(TM) i7-12700H
Stepping: 3
CPU MHz: 2688.005
BogoMIPS: 5376.01
Virtualization: VT-x
Hypervisor vendor: VMware
Virtualization type: full
L1d cache: 48K
L1i cache: 32K
L2 cache: 1280K
L3 cache: 24576K
NUMA node0 CPU(s): 0-3
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon rep_good nopl xtopology tsc_reliable nonstop_tsc cpuid pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single ssbd ibrs ibpb stibp ibrs_enhanced tpr_shadow vnmi ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves arat umip pku ospke gfni vaes vpclmulqdq rdpid movdiri movdir64b fsrm md_clear flush_l1d arch_capabilities
[root@48162bb46794 /]# cat /etc/redhat-release
CentOS Linux release 8.4.2105
[root@48162bb46794 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@48162bb46794 /]# ping www.baidu.com
PING www.a.shifen.com (36.152.44.95) 56(84) bytes of data.
64 bytes from 36.152.44.95 (36.152.44.95): icmp_seq=1 ttl=127 time=73.7 ms
64 bytes from 36.152.44.95 (36.152.44.95): icmp_seq=2 ttl=127 time=52.4 ms
64 bytes from 36.152.44.95 (36.152.44.95): icmp_seq=3 ttl=127 time=50.7 ms
64 bytes from 36.152.44.95 (36.152.44.95): icmp_seq=4 ttl=127 time=59.6 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3033ms
rtt min/avg/max/mdev = 50.662/59.090/73.672/9.057 ms
[root@48162bb46794 /]# ifconfig
bash: ifconfig: command not found
[root@48162bb46794 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
32: eth0@if33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@48162bb46794 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@48162bb46794 /]# yum install -y tree
Failed to set locale, defaulting to C.UTF-8
CentOS Linux 8 - AppStream 19 B/s | 38 B 00:01
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
[root@48162bb46794 /]# exit
exit
[root@foundation0 ~]#
创建和管理
