Docker 考试实验题

①宿主机器使用阿里云YUM源

②宿主机器安装好docker-ce服务并启动

③指定docker数据存储目录，并配置加速器

mkdir -p /data/docker

mkdir -p /etc/docker

curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s https://registry.docker-cn.com

 

1、实验环境：

操作系统：CentOS-7-x86_64-Everything-1804.iso

Keepalived0+Docker0：192.168.1.43 hostname docker0 VIP：192.168.1.100

Keepalived1+Docker1：192.168.1.44 hostname docker1 VIP：192.168.1.100

Keepalived2+Docker2：192.168.1.45 hostname docker2 VIP：192.168.1.100

MySQL：192.168.1.46 hostname mysql

NFS：192.168.1.47 hostname nfs

 

在Docker0上创建本地registry

[root@Docker0 ~]# docker pull registry:2

[root@Docker0 ~]# docker run -itd -p 5000:5000 --restart=always -v /opt/data/registry/:/var/lib/registry/ --name registry registry:2

[root@Docker0 ~]# vim /usr/lib/systemd/system/docker.service

第13行 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.43:5000 -H unix://

[root@Docker0 ~]# systemctl daemon-reload

[root@Docker0 ~]# systemctl restart docker

Docker1和Docker2同样修改

[root@Docker1 ~]# vim /usr/lib/systemd/system/docker.service

 

第13行 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.43:5000 -H unix://

[root@Docker1 ~]# systemctl daemon-reload

[root@Docker1 ~]# systemctl restart docker

[root@Docker2 ~]# vim /usr/lib/systemd/system/docker.service

 

第13行 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.43:5000 -H unix://

[root@Docker2 ~]# systemctl daemon-reload

[root@Docker2 ~]# systemctl restart docker

 

2、目录结构

/root/dockerfile/

├── nginx

│   ├── Dockerfile

│   ├── nginx-1.15.5.tar.gz

│   └── nginx.conf

└── php

├── Dockerfile

└── php-7.2.11.tar.gz

 

3、包准备

[root@docker0 ~]# wget http://nginx.org/download/nginx-1.15.5.tar.gz

[root@docker0 ~]# wget -O php-7.2.11.tar.gz http://cn2.php.net/get/php-7.2.11.tar.gz/from/this/mirror

[root@docker0 ~]# cp nginx-1.15.5.tar.gz /root/dockerfile/nginx/

[root@docker0 ~]# cp php-7.2.11.tar.gz /root/dockerfile/php/

[root@docker0 ~]# mount -t vboxsf Share /mnt/

[root@docker0 ~]# cp /mnt/nginx.conf ~/dockerfile/nginx/

 

4、构建PHP镜像

[root@localhost Desktop]# vim /root/dockerfile/php/Dockerfile

 

FROM centos:latest
MAINTAINER Dowan Xuan
ENV TIME_ZOME Asia/Shanghai
ARG PV="php-7.2.11"

ADD $PV.tar.gz /tmp
RUN yum -y install gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel bison \
    && mkdir /data \
    && cd /tmp/$PV \
    && ./configure --prefix=/data/php \
        --with-config-file-path=/data/php/etc \
        --with-gd --with-mysqli \
        --with-openssl --with-zlib --with-curl \
        --with-jpeg-dir --with-png-dir --with-iconv \
        --enable-fpm --enable-zip --enable-mbstring \
    && make -j 4 \
    && make install \
    && cp /data/php/etc/php-fpm.conf.default /data/php/etc/php-fpm.conf \
    && cp /data/php/etc/php-fpm.d/www.conf.default /data/php/etc/php-fpm.d/www.conf \
    && sed -i '/;daemonize/a\daemonize = no' /data/php/etc/php-fpm.conf \
    && sed -i 's/127.0.0.1/0.0.0.0/g' /data/php/etc/php-fpm.d/www.conf \
    && echo "${TIME_ZOME}" > /etc/timezone \
    && ln -sf /usr/share/zoneinfo/${TIME_ZOME} /etc/localtime \
    && rm -rf /tmp/php* \
    && yum clean all \
    && yum -y remove gcc gcc-c++ make

WORKDIR /data/php/
EXPOSE 9000
CMD ["sbin/php-fpm","-c","etc/php-fpm.conf"]

[root@localhost ~]# cd /root/dockerfile/php/

[root@localhost php]# docker build -t php:7.2.11 .

 

5、构建Nginx镜像

[root@localhost php]# vim /root/dockerfile/nginx/Dockerfile

 

FROM centos:latest
MAINTAINER Dowan Xuan
ENV TIME_ZOME Asia/Shanghai
ARG NV="nginx-1.15.5"

COPY nginx.conf /data/nginx/conf/
ADD $NV.tar.gz /tmp
RUN yum -y install gcc gcc-c++ make openssl-devel pcre-devel \
        && mkdir -p /data \
        && cd /tmp/$NV \
        && ./configure --prefix=/data/nginx \
        && make -j 2 \
        && make install \
        && echo "${TIME_ZOME}" > /etc/timezone \
        && ln -sf /usr/share/zoneinfo/${TIME_ZOME} /etc/localtime \
        && rm -rf /tmp/nginx* \
        && yum clean all \
        && yum -y remove gcc gcc-c++ make

WORKDIR /data/nginx/
EXPOSE 80
CMD ["./sbin/nginx","-g","daemon off;"]

[root@localhost php]# vim /root/dockerfile/nginx/nginx.conf

 

    server {
        listen       80;
        server_name  localhost;

        location / {
            root   html;
            index  index.html index.htm index.php;      #添加index.php
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;

        location ~ \.php$ {
            root           html;
            fastcgi_pass   php:9000;        #php容器的名称和端口号
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;     #这里使用root指定的路径
            include        fastcgi_params;
        }

[root@localhost php]# cd /root/dockerfile/nginx/

[root@localhost nginx]# docker build -t nginx:1.15.5 .

 

6、使用docker network来替代docker run --link

创建自定义bridge LNMP

[root@localhost ~]# docker network create lnmp

[root@localhost ~]# docker network ls

NETWORK ID NAME DRIVER SCOPE

3908d113825c bridge bridge local

803138c62a0d host host local

9585807678da lnmp bridge local

6fae54a0d0c3 none null local

 

7、创建volume container

[root@localhost ~]# docker create --name vc_data \

-v /data/nginx/html:/data/nginx/html \

-v /data/php/log:/data/php/var/log \

-v /data/nginx/logs:/data/nginx/logs \

busybox

 

8、创建启动脚本

[root@localhost ~]# vim docker_lnmp.sh

 

#!/bin/bash
function php()
{
    docker run --name php --restart=always --net lnmp \
    --volumes-from vc_data \
    -d php:7.2.11
}

function nginx()
{
    docker run --name nginx --restart=always --net lnmp -p 80:80 \
    --volumes-from vc_data \
    -d nginx:1.15.5
}
$1

[root@localhost ~]# sh docker_lnmp.sh php

[root@localhost ~]# sh docker_lnmp.sh nginx

[root@localhost ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

0d589ccb585d nginx:1.15.5 "./sbin/nginx -g '..." 26 seconds ago Restarting (1) 9 seconds ago nginx

66d99fa85120 php:7.2.11 "sbin/php-fpm -c e..." 29 seconds ago Restarting (78) 11 seconds ago php

 

9、制作镜像并且上传

[root@docker0 ~]# docker commit 0d589ccb585d nginx:kaoshi

[root@docker0 ~]# docker commit 66d99fa85120 php:kaoshi

[root@docker0 ~]# docker tag nginx:kaoshi 192.168.1.43:5000/nginx:kaoshi

[root@docker0 ~]# docker tag php:kaoshi 192.168.1.43:5000/php:kaoshi

[root@docker0 ~]# docker push 192.168.1.43:5000/nginx:kaoshi

[root@docker0 ~]# docker push 192.168.1.43:5000/php:kaoshi

 

10、

MySQL：192.168.1.46

MySQL端使用阿里云yum安装，启动服务

[root@mysql ~]# yum list installed | grep mysql

[root@mysql ~]# wget http://repo.mysql.com/mysql-community-release-el6-5.noarch.rpm

[root@mysql ~]# rpm -ivh mysql-community-release-el6-5.noarch.rpm

[root@mysql ~]# yum repolist all | grep mysql

[root@mysql ~]# yum install mysql-community-server -y

[root@mysql ~]# chkconfig mysqld on

[root@mysql ~]# systemctl restart mysqld

[root@mysql ~]# mysql_secure_installation

[root@mysql ~]# mysql -uroot -ptest123456

 

（1）创建MySQL测试帐号

mysql> create database test;

Query OK, 1 row affected (0.06 sec)

 

mysql> create database discuz;

Query OK, 1 row affected (0.09 sec)

 

mysql> create user 'test'@'192.168.1.%' identified by '123456';

Query OK, 0 rows affected (0.07 sec)

 

mysql> grant all privileges on test.* to 'test'@'192.168.1.%';

Query OK, 0 rows affected (0.07 sec)

 

mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)

 

（2）解压论坛安装文件

[root@localhost ~]# cp /mnt/Discuz_7.2_FULL_SC_UTF8.zip /root/Desktop

[root@localhost ~]# cd /root/Desktop

[root@localhost Desktop]# unzip Discuz_7.2_FULL_SC_UTF8.zip

[root@localhost Desktop]# mv upload/* /data/nginx/html/

[root@localhost Desktop]# chmod -R 777 /data/nginx/html/*

[root@localhost Desktop]# vim /data/nginx/html/install/index.php

 

//把 
  
set_magic_quotes_runtime(0); 
  
//替代成 
  
ini_set("magic_quotes_runtime",0);

[root@localhost ~]# docker restart nginx

 

（2）编写测试php文件

[root@localhost ~]# vim /data/nginx/html/test.php

 

";
    $conn = mysqli_connect("mysql","test","123456");
    if(!$conn){
        echo "连接数据库失败";
    }else{
        echo "连接数据库成功";
    }
    phpinfo();
?>

（3）宿主机器测试

[root@localhost ~]# firefox http://192.168.1.43/install/index.php

 

 

11、docker0、docker1、docker2分别安装keepalived

keepalived在docker0上设置为MASTER模式，VIP：192.168.1.100

keepalived在docker1上设置为MASTER模式，开启nopreempt非抢占，VIP：192.168.1.100

keepalived在docker2上设置为BACKUP模式

并且keepalived使用脚本/opt/chk_nginx.sh监控每台docker的80端口

 

①Keepalived0+Docker0：192.168.1.43 hostname docker0

图中的VIP 192.168.43.100为先前配置的，修改为192.168.1.100

 

②Keepalived1+Docker1：192.168.1.44 hostname docker1

图中的VIP 192.168.43.100为先前配置的，修改为192.168.1.100

③Keepalived2+Docker2：192.168.1.45 hostname docker2

图中的VIP 192.168.43.100为先前配置的，修改为192.168.1.100

使用VIP：192.168.1.100访问http测试成功

12、配置NFS实现docker和vc_data数据同步备份

NFS：192.168.1.47 hostname nfs

[root@localhost ~]# yum -y install nfs-utils rpc-bind

[root@localhost ~]# vim /etc/exports

/backup 192.168.1.0/24(rw,sync)

[root@localhost ~]# mkdir /backup/nginx/html -p

[root@localhost ~]# mkdir /backup/nginx/log -p

[root@localhost ~]# mkdir /backup/php/log -p

[root@localhost ~]# useradd -M -s /sbin/nologin nfssync

[root@localhost ~]# chown -R nfssync.nfssync /backup

[root@localhost ~]# systemctl restart rpc-bind

[root@localhost ~]# systemctl restart nfs

[root@localhost ~]# chkconfig rpc-bind on

[root@localhost ~]# chkconfig nfs on

配置rsync实现实时同步备份

docker0：192.168.1.43，其他两台docker相同

[root@localhos ~]# yum -y install nfs-utils rpc-bind

[root@localhost ~]# systemctl restart rpc-bind

[root@localhost ~]# systemctl restart nfs

[root@localhost ~]# mount -t nfs 192.168.1.43:/backup /data/

将此挂载点加入每台的/etc/fstab，实现自动挂载