避免进程之间的可能的影响,我们分别把不同环境的进程再不同的容器种运行。在同一台宿主机但又相互隔离—虚拟化技术,类似于装虚拟机,然后在系统上装虚拟机上装操作系统,再装环境。这样太麻烦,容器技术相应出现—直接在系统安装Dockers Engine并在其上安装环境。
满足隔离条件:
容器发展历程
Docker简介
2013年Docker正式发布,早在2010年,几个大胡子就在旧金山成立了一家Paas平台的公司—dotCloud。2013 年 3 月,dotCloud 公司的创始人之一,Docker 之父,28 岁的 Solomon Hykes 正式决定,将 Docker 项目开源。
Build Once, Run Anywhere.
—Solomon Hykes
- Docker基于容器技术的轻量级虚拟化解决方案
- Docker是容器引擎,为用户提供了创建和管理容器的便捷界面(包括命令行和API)
- 开源,基于Go语言实现
- 大部分厂商都支持
- 整套的容器管理的生态系统
Docker引擎主要有两个版本:企业版(EE)和社区版(CE)。
Docker安装和部署
安装
阿里云ECS
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# uname -a
Linux iZuf6g4e6vhdv58sz2z1klZ 4.18.0-193.28.1.el8_2.x86_64 #1 SMP Thu Oct 22 00:20:22 UTC 2020 x86\_64 x86\_64 x
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# getenforce
Disabled
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl stop firewalld
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# free -m
total used free shared buff/cache available
Mem: 1723 1115 139 3 468 440
Swap: 1024 301 723
# epel源
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install epel-release -y
Repository epel is listed more than once in the configuration
Last metadata expiration check: 2:47:33 ago on Wed 16 Jun 2021 03:07:22 PM CST.
Package epel-release-8-10.el8.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
# 安装docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install -y yum-utils
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum list docker-ce --showduplicate
Repository epel is listed more than once in the configuration
Docker CE Stable - x86_64 78 kB/s | 14 kB 00:00
Available Packages
docker-ce.x86_64 3:19.03.13-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.14-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.15-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.0-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.1-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.2-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.4-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.5-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.6-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.7-3.el8 docker-ce-stable
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install docker-ce -y
部署
# 开机自启动
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
# 启动docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl start docker
# 配置
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#vi /etc/docker/daemon.json
配置文件
{
"graph": "/mydata/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com", "quay.io"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com/"],
"bip": "172.17.0.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore":true
}
docker info
查看容器信息和启动是否正常
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl restart docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
scan: Docker Scan (Docker Inc., v0.8.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.7
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d
runc version: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-193.28.1.el8_2.x86_64
Operating System: CentOS Linux 8 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.683GiB
Name: iZuf6g4e6vhdv58sz2z1klZ
ID: T3TJ:BJTA:U5PY:ZX74:K57G:7CDR:RMCT:CSBG:JLFG:FXPQ:KUB6:MVJT
Docker Root Dir: /mydata/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
quay.io
registry.access.redhat.com
127.0.0.0/8
Registry Mirrors:
https://q2gr04ke.mirror.aliyuncs.com/
Live Restore Enabled: true
第一个命令hello world
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Docker典型的C/S架构引擎
To generate this message, Docker took the following steps:
The Docker client contacted the Docker daemon.
The Docker daemon pulled the “hello-world” image from the Docker Hub.
(amd64)The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
Docker的镜像管理
远端仓库
注册dockerhub: hub.docker.com/repositorie…
登录: docker login docker.io
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker login docker.io
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: dachongming
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#
# 信息存储在
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# cat /root/.docker/config.json
搜索镜像
docker search alpine
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker search alpine
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
alpine A minimal Docker image based on Alpine Linux… 7551 [OK]
mhart/alpine-node Minimal Node.js built on Alpine Linux 484
anapsix/alpine-java Oracle Java 8 (and 7) with GLIBC 2.28 over A… 470 [OK]
frolvlad/alpine-glibc Alpine Docker image with glibc (~12MB) 261 [OK]
alpine/git A simple git container running in alpine li… 183 [OK]
yobasystems/alpine-mariadb MariaDB running on Alpine Linux [docker] [am… 89 [OK]
alpine/socat Run socat command in alpine container 68 [OK]
davidcaste/alpine-tomcat Apache Tomcat 7/8 using Oracle Java 7/8 with… 44 [OK]
kiasaki/alpine-postgres PostgreSQL docker image based on Alpine Linux 44 [OK]
jfloff/alpine-python A small, more complete, Python Docker image … 41 [OK]
byrnedo/alpine-curl Alpine linux with curl installed and set as … 34 [OK]
zenika/alpine-chrome Chrome running in headless mode in a tiny Al… 34 [OK]
hermsi/alpine-sshd Dockerize your OpenSSH-server with rsync and… 33 [OK]
hermsi/alpine-fpm-php FPM-PHP 7.0 to 8.0, shipped along with tons … 25 [OK]
etopian/alpine-php-wordpress Alpine WordPress Nginx PHP-FPM WP-CLI 25 [OK]
bashell/alpine-bash Alpine Linux with /bin/bash as a default she… 18 [OK]
davidcaste/alpine-java-unlimited-jce Oracle Java 8 (and 7) with GLIBC 2.21 over A… 13 [OK]
roribio16/alpine-sqs Dockerized ElasticMQ server + web UI over Al… 13 [OK]
spotify/alpine Alpine image with `bash` and `curl`. 11 [OK]
cfmanteiga/alpine-bash-curl-jq Docker Alpine image with Bash, curl and jq p… 6 [OK]
bushrangers/alpine-caddy Alpine Linux Docker Container running Caddys… 1 [OK]
ellerbrock/alpine-mysql-client MySQL Client based on Alpine Linux 1 [OK]
apteno/alpine-jq Weekly build of alpine image with curl, wget… 1
dwdraju/alpine-curl-jq Alpine Docker Image with curl, jq, bash 1 [OK]
goodguykoi/alpine-curl-internal simple alpine image with curl installed no C… 1 [OK]
也可在dockerhub上搜索,有可视化界面
下载一个镜像
docker pull alpine
docker pull alpine 默认下载最新版
docker pull alpine:3.10.1 下载指定tag
docker pull docker.io/library/alpine:3.10.1 完整路径,其他仓库不可省,只有dockerhub可省
镜像结构: registry_name/repository_name/image_name:tag_name
例如:docker.io/library/alpine:3.10.1
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
5843afab3874: Pull complete
Digest: sha256:234cb88d3020898631af0ccbbcca9a66ae7306ecd30c9720690858c1b007d2a0
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
查看本地镜像
docker image ls
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest d4ff818577bc 14 hours ago 5.6MB
hello-world latest d1165f221234 3 months ago 13.3kB
给镜像打标签
docker tag IMAGE ID registry_name/repository_name/image_name:tag_name
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker tag d4ff818577bc docker.io/dachongming/alpine:v3.14.0
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
dachongming/alpine v3.14.0 d4ff818577bc 14 hours ago 5.6MB
alpine latest d4ff818577bc 14 hours ago 5.6MB
hello-world latest d1165f221234 3 months ago 13.3kB
推送镜像
docker push docker.io/dachongming/alpine:v3.14.0
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker push docker.io/dachongming/alpine:v3.14.0
The push refers to repository [docker.io/dachongming/alpine]
72e830a4dff5: Mounted from library/alpine
v3.14.0: digest: sha256:1775bebec23e1f3ce486989bfc9ff3c4e951690df84aa9f926497d82f2ffca9d size: 528
删除镜像
docker rmi docker.io/dachongming/alpine:v3.14.0
只是删除标签
docker rmi -f IMAGE ID
强制删除所有
docker hub 上依然存在,想再有,直接pull即可
镜像只第一次拉取比较多,以后每次只拉取增量部分.
Docker容器的基本操作
查看本地的容器进程
docker ps -a
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#
启动容器(运行镜像)
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
OPTIONS:选项
-i:表示启动一个可交互的容器,并持续打开标准输入
-t:表示使用终端关联到容器的标准输入输出上
-d:表示将容器放置在后台运行
-rm:退出后即删除容器
-name:表示定义容器唯一名称
IMAGE:表示要运行的镜像
COMMAND:表示启动容器时要运行的命令
- 交互式启动一个容器
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -it docker.io/dachongming/alpine:v3.14.0 /bin/sh
/ # cat /etc/issue
Welcome to Alpine Linux 3.14
Kernel \r on an \m (\l)
/ # exit
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#
- 非交互式启动一个容器
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -rm docker.io/dachongming/alpine:v3.14.0 /bin/echo hello
- 后台运行
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -d docker.io/dachongming/alpine:v3.14.0 /bin/sleep 300
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
50d3d748b4f2 dachongming/alpine:v3.14.0 "/bin/sleep 300" 4 seconds ago Up 3 seconds nervous_lumiere
aaed2bd3a058 dachongming/alpine:v3.14.0 "/bin/sh" 10 minutes ago Exited (0) 9 minutes ago nervous_allen
d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler
进入容器
docker exec -ti CONTAINER ID /bin/sh
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker exec -ti --name myalphin 50d3d748b4f2 /bin/sh
/ # cat /etc/issue
Welcome to Alpine Linux 3.14
Kernel \r on an \m (\l)
/ #
停止容器
docker stop CONTAINER ID
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker stop 50d3d748b4f2
50d3d748b4f2
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
50d3d748b4f2 dachongming/alpine:v3.14.0 "/bin/sleep 300" 4 minutes ago Exited (137) 14 seconds ago nervous_lumiere
aaed2bd3a058 dachongming/alpine:v3.14.0 "/bin/sh" 15 minutes ago Exited (0) 14 minutes ago nervous_allen
d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler
重启
docker restart CONTAINER ID
删除容器
docker rm CONTAINER ID
or
docker rm -f CONTAINER_NAME
写入文件持久保存
docker commit -p CONTAINER ID docker.io/dachongming/alpine:v3.14.0_with_1.txt
导入/导出镜像
- 导出
docker save IMAGE_ID > name:tag.tar
- 导入
docker load < name\:tag.tar
查看容器的日志
docker logs CONTAINER_ID
Docker容器的高级操作
下载Nginx镜像
docker pull nginx:tag
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
69692152171a: Pull complete
30afc0b18f67: Pull complete
596b1d696923: Pull complete
