Docker/Podman基础应用

Docker/Podman基础应用

  • 1.镜像
    • 1.1拉取镜像
    • 1.2查看本机镜像
    • 1.3查看某个本地镜像详情
    • 1.4 搜索远端仓库镜像
    • 1.5 删除本地镜像
    • 1.6 创建本地镜像
    • 1.7 上传本地镜像
  • 2.容器
    • 2.1 创建容器
    • 2.2 启动未运行的容器
    • 2.3 新建并运行容器
    • 2.4 终止容器
    • 2.5 进入容器
    • 2.6 删除容器
    • 2.7 容器迁移
  • 3.仓库
    • 3.1 在仓库搜索镜像
    • 3.2 创建私有镜像仓库
    • 3.3 podman客户端配置http支持
  • 4.数据管理
    • 4.1 数据卷
      • 4.1.1创建一个容器内的数据卷,不挂载宿主机目录
      • 4.1.2创建一个容器内的数据卷,挂载一个宿主机目录
    • 4.2 数据卷容器
      • 4.2.1创建一个数据卷容器
      • 4.2.2挂载容器中的数据卷
  • 5.网络管理
    • 5.1 端口映射实现容器访问
      • 5.1.1 绑定宿主机任意端口
      • 5.1.2 绑定宿主机固定端口
      • 5.1.3 绑定宿主机某个地址的固定端口
      • 5.1.4 绑定宿主机某个地址的任意一个端口
      • 5.1.5 查询容器端口映射配置
    • 5.2 容器间网络通信

1.镜像

Docker镜像类似于虚拟机镜像,他是一个已经打包好的系统文件,一个镜像可以包含一个完整的操作系统(例如,CenOS),也可以只包含一个中间件(例如ngxin)。我们可以把操作系统安装文件ISO理解为镜像,而且是只读的。

1.1拉取镜像

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker pull nginx
Trying to pull registry.access.redhat.com/nginx...
  unsupported: This repo requires terms acceptance and is only available on registry.redhat.io
Trying to pull registry.fedoraproject.org/nginx...
  manifest unknown: manifest unknown
Trying to pull registry.centos.org/nginx...
  manifest unknown: manifest unknown
Trying to pull docker.io/library/nginx...
Getting image source signatures
Copying blob f9dc69acb465 done
Copying blob 54fec2fa59d0 done
Copying blob 4ede6f09aefe done
Copying config 602e111c06 done
Writing manifest to image destination
Storing signatures
602e111c06b6934013578ad80554a074049c59441d9bcd963cb4a7feccede7a5

1.2查看本机镜像

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/nginx   latest   602e111c06b6   2 days ago   131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

1.3查看某个本地镜像详情

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker inspect nginx
[
    {
        "Id": "602e111c06b6934013578ad80554a074049c59441d9bcd963cb4a7feccede7a5",
        "Digest": "sha256:86ae264c3f4acb99b2dee4d0098c40cb8c46dcf9e1148f05d3a51c4df6758c12",
        "RepoTags": [
            "docker.io/library/nginx:latest"
        ],
        "RepoDigests": [
            "docker.io/library/nginx@sha256:86ae264c3f4acb99b2dee4d0098c40cb8c46dcf9e1148f05d3a51c4df6758c12",
            "docker.io/library/nginx@sha256:cccef6d6bdea671c394956e24b0d0c44cd82dbe83f543a47fdc790fadea48422"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2020-04-23T13:03:01.355887897Z",
        "Config": {
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.17.10",
                "NJS_VERSION=0.3.9",
                "PKG_RELEASE=1~buster"
            ],
            "Cmd": [
                "nginx",
                "-g",
                "daemon off;"
            ],
            "Labels": {
                "maintainer": "NGINX Docker Maintainers "
            },
            "StopSignal": "SIGTERM"
        },
        "Version": "18.09.7",
        "Author": "",
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 130614008,
        "VirtualSize": 130614008,
        "GraphDriver": {
            "Name": "overlay",
            "Data": {
                "LowerDir": "/home/javadm/.local/share/containers/storage/overlay/c16ab5432290c07f1b51f534014942ef173c4f0bf2cf22bcc0429bcc0be55b67/diff:/home/javadm/.local/share/containers/storage/overlay/c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13/diff",
                "UpperDir": "/home/javadm/.local/share/containers/storage/overlay/d8f92083a7db6237a7010074b6bc0d79efce69301be7e5afe7cdd2a4acd8d680/diff",
                "WorkDir": "/home/javadm/.local/share/containers/storage/overlay/d8f92083a7db6237a7010074b6bc0d79efce69301be7e5afe7cdd2a4acd8d680/work"
            }
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13",
                "sha256:216cf33c0a2877e88bd687ced2d05331f442b8490962469220a3a63bf2aad3b0",
                "sha256:b3003aac411c1d650bc4e3757ad96afe8f98a99b81c4e760e09c6542ee674289"
            ]
        },
        "Labels": {
            "maintainer": "NGINX Docker Maintainers "
        },
        "Annotations": {},
        "ManifestType": "application/vnd.docker.distribution.manifest.v2+json",
        "User": "",
        "History": [
            {
                "created": "2020-04-23T00:20:32.126556976Z",
                "created_by": "/bin/sh -c #(nop) ADD file:9b8be2b52ee0fa31da1b6256099030b73546253a57e94cccb24605cd888bb74d in / "
            },
            {
                "created": "2020-04-23T00:20:32.391326355Z",
                "created_by": "/bin/sh -c #(nop)  CMD [\"bash\"]",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:02:24.647346893Z",
                "created_by": "/bin/sh -c #(nop)  LABEL maintainer=NGINX Docker Maintainers ",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:02:24.951828955Z",
                "created_by": "/bin/sh -c #(nop)  ENV NGINX_VERSION=1.17.10",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:02:25.259326754Z",
                "created_by": "/bin/sh -c #(nop)  ENV NJS_VERSION=0.3.9",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:02:25.59142152Z",
                "created_by": "/bin/sh -c #(nop)  ENV PKG_RELEASE=1~buster",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:02:59.072951853Z",
                "created_by": "/bin/sh -c set -x     && addgroup --system --gid 101 nginx     && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos \"nginx user\" --shell /bin/false --uid 101 nginx     && apt-get update     && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates     &&     NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62;     found='';     for server in         ha.pool.sks-keyservers.net         hkp://keyserver.ubuntu.com:80         hkp://p80.pool.sks-keyservers.net:80         pgp.mit.edu     ; do         echo \"Fetching GPG key $NGINX_GPGKEY from $server\";         apt-key adv --keyserver \"$server\" --keyserver-options timeout=10 --recv-keys \"$NGINX_GPGKEY\" && found=yes && break;     done;     test -z \"$found\" && echo >&2 \"error: failed to fetch GPG key $NGINX_GPGKEY\" && exit 1;     apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/*     && dpkgArch=\"$(dpkg --print-architecture)\"     && nginxPackages=\"         nginx=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE}         nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE}     \"     && case \"$dpkgArch\" in         amd64|i386)             echo \"deb https://nginx.org/packages/mainline/debian/ buster nginx\" >> /etc/apt/sources.list.d/nginx.list             && apt-get update             ;;         *)             echo \"deb-src https://nginx.org/packages/mainline/debian/ buster nginx\" >> /etc/apt/sources.list.d/nginx.list                         && tempDir=\"$(mktemp -d)\"             && chmod 777 \"$tempDir\"                         && savedAptMark=\"$(apt-mark showmanual)\"                         && apt-get update             && apt-get build-dep -y $nginxPackages             && (                 cd \"$tempDir\"                 && DEB_BUILD_OPTIONS=\"nocheck parallel=$(nproc)\"                     apt-get source --compile $nginxPackages             )                         && apt-mark showmanual | xargs apt-mark auto > /dev/null             && { [ -z \"$savedAptMark\" ] || apt-mark manual $savedAptMark; }                         && ls -lAFh \"$tempDir\"             && ( cd \"$tempDir\" && dpkg-scanpackages . > Packages )             && grep '^Package: ' \"$tempDir/Packages\"             && echo \"deb [ trusted=yes ] file://$tempDir ./\" > /etc/apt/sources.list.d/temp.list             && apt-get -o Acquire::GzipIndexes=false update             ;;     esac         && apt-get install --no-install-recommends --no-install-suggests -y                         $nginxPackages                         gettext-base     && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list         && if [ -n \"$tempDir\" ]; then         apt-get purge -y --auto-remove         && rm -rf \"$tempDir\" /etc/apt/sources.list.d/temp.list;     fi"
            },
            {
                "created": "2020-04-23T13:03:00.368933408Z",
                "created_by": "/bin/sh -c ln -sf /dev/stdout /var/log/nginx/access.log     && ln -sf /dev/stderr /var/log/nginx/error.log"
            },
            {
                "created": "2020-04-23T13:03:00.732751286Z",
                "created_by": "/bin/sh -c #(nop)  EXPOSE 80",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:03:01.05357517Z",
                "created_by": "/bin/sh -c #(nop)  STOPSIGNAL SIGTERM",
                "empty_layer": true
            },
            {
                "created": "2020-04-23T13:03:01.355887897Z",
                "created_by": "/bin/sh -c #(nop)  CMD [\"nginx\" \"-g\" \"daemon off;\"]",
                "empty_layer": true
            }
        ]
    }
]

1.4 搜索远端仓库镜像

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker search mysql
INDEX        NAME                                                   DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
redhat.com   registry.access.redhat.com/rhscl/mysql-57-rhel7        Docker image for running MySQL 5.7 server. T...   0
redhat.com   registry.access.redhat.com/rhscl/mysql-56-rhel7        MySQL 5.6 SQL database server                     0
redhat.com   registry.access.redhat.com/openshift3/mysql-55-rhel7   MySQL 5.5 SQL database server                     0
redhat.com   registry.access.redhat.com/openshift3/mysql-apb        Ansible Playbook Bundle application definiti...   0
redhat.com   registry.access.redhat.com/rhmap45/mysql               Provides an extension to the RHSCL MySQL ima...   0
redhat.com   registry.access.redhat.com/rhmap44/mysql               Provides an extension to the RHSCL MySQL Doc...   0
redhat.com   registry.access.redhat.com/rhmap42/mysql               Provides an extension to the RHSCL MySQL Doc...   0
redhat.com   registry.access.redhat.com/rhmap43/mysql               Provides an extension to the RHSCL MySQL Doc...   0
redhat.com   registry.access.redhat.com/rhmap46/mysql               Provides an extension to the RHSCL MySQL ima...   0
redhat.com   registry.access.redhat.com/rhmap47/mysql               Provides an extension to the RHSCL MySQL ima...   0
redhat.com   registry.access.redhat.com/rhscl/mysql-80-rhel7        This container image provides a containerize...   0
centos.org   registry.centos.org/centos/mysql-56-centos7                                                              0
centos.org   registry.centos.org/centos/mysql-57-centos7                                                              0
centos.org   registry.centos.org/centos/mysql-80-centos7                                                              0
docker.io    docker.io/library/mysql                                MySQL is a widely used, open-source relation...   9412    [OK]
docker.io    docker.io/mysql/mysql-server                           Optimized MySQL Server Docker images. Create...   688                [OK]
docker.io    docker.io/circleci/mysql                               MySQL is a widely used, open-source relation...   19
docker.io    docker.io/bitnami/mysql                                Bitnami MySQL Docker Image                        39                 [OK]
docker.io    docker.io/mysql/mysql-cluster                          Experimental MySQL Cluster Docker images. Cr...   66
docker.io    docker.io/schickling/mysql-backup-s3                   Backup MySQL to S3 (supports periodic backup...   29                 [OK]
docker.io    docker.io/centos/mysql-57-centos7                      MySQL 5.7 SQL database server                     74
docker.io    docker.io/ansibleplaybookbundle/mysql-apb              An APB which deploys RHSCL MySQL                  2                  [OK]
docker.io    docker.io/deitch/mysql-backup                          REPLACED! Please use http://hub.docker.com/r...   41                 [OK]
docker.io    docker.io/centos/mysql-56-centos7                      MySQL 5.6 SQL database server                     19
docker.io    docker.io/arey/mysql-client                            Run a MySQL client from a docker container        13                 [OK]
docker.io    docker.io/mysql/mysql-router                           MySQL Router provides transparent routing be...   15
docker.io    docker.io/library/mariadb                              MariaDB is a community-developed fork of MyS...   3392    [OK]
docker.io    docker.io/centurylink/mysql                            Image containing mysql. Optimized to be link...   61                 [OK]
docker.io    docker.io/linuxserver/mysql                            A Mysql container, brought to you by LinuxSe...   25
docker.io    docker.io/openshift/mysql-55-centos7                   DEPRECATED: A Centos7 based MySQL v5.5 image...   6
docker.io    docker.io/widdpim/mysql-client                         Dockerized MySQL Client (5.7) including Curl...   0                  [OK]
docker.io    docker.io/prom/mysqld-exporter                                                                           27                 [OK]
docker.io    docker.io/tutum/mysql                                  Base docker image to run a MySQL database se...   34
docker.io    docker.io/jelastic/mysql                               An image of the MySQL database server mainta...   1
docker.io    docker.io/fradelg/mysql-cron-backup                    MySQL/MariaDB database backup using cron tas...   6                  [OK]
docker.io    docker.io/databack/mysql-backup                        Back up mysql databases to... anywhere!           15
docker.io    docker.io/devilbox/mysql                               Retagged MySQL, MariaDB and PerconaDB offici...   3
docker.io    docker.io/monasca/mysql-init                           A minimal decoupled init container for mysql      0
docker.io    docker.io/genschsa/mysql-employees                     MySQL Employee Sample Database                    5                  [OK]
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

1.5 删除本地镜像

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY                                        TAG      IMAGE ID       CREATED        SIZE
docker.io/library/nginx                           latest   602e111c06b6   2 days ago     131 MB
registry.access.redhat.com/rhscl/mysql-57-rhel7   latest   60726b33a00a   6 months ago   448 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker rmi registry.access.redhat.com/rhscl/mysql-57-rhel7
Untagged: registry.access.redhat.com/rhscl/mysql-57-rhel7:latest
Deleted: 60726b33a00a2c3be60e25c3270a34a9b147db86602f05a71988a1c92a70cebc
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/nginx   latest   602e111c06b6   2 days ago   131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

docker rmi 后面跟tag名称时,只会根据tag名称删除,后面跟镜像ID时会尝试删除所有该ID的镜像。
如果该镜像已经被运行了容器,删除镜像前需要先删除容器。

1.6 创建本地镜像

待续

1.7 上传本地镜像

待续

2.容器

Docker容器类似于一个轻量级的隔离环境,他包含一个简易版的Linux系统环境(root用户权限、进程空间、用户空间和网络空间)。容器可以理解为通过镜像加载好的一个操作系统环境,镜像是只读的,但是上层有一个面对用户的层,可以有写权限。容器也可以理解为镜像的一个实例化对象。

2.1 创建容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker create -it docker.io/library/nginx
e8af9225bedbc74fd79ea1736af3472b8ec900a4d807e7459a69c7b84ca067f1
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED             STATUS   PORTS  NAMES
e8af9225bedb  docker.io/library/nginx:latest  nginx -g daemon o...  About a minute ago  Created         thirsty_raman
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

创建一个容器后,默认是未运行的,需要手工启动它。

2.2 启动未运行的容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED             STATUS   PORTS  NAMES
e8af9225bedb  docker.io/library/nginx:latest  nginx -g daemon o...  About a minute ago  Created         thirsty_raman
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker start e8af9225bedb
e8af9225bedbc74fd79ea1736af3472b8ec900a4d807e7459a69c7b84ca067f1

2.3 新建并运行容器

新建一个自动停止的容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run ubuntu /bin/echo 'Hello China'
Hello China
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                            COMMAND               CREATED        STATUS                    PORTS  NAMES
f3aa14575d05  docker.io/library/ubuntu:latest  /bin/echo Hello C...  4 seconds ago  Exited (0) 4 seconds ago         elated_galois
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

运行一个ubuntu容器,并使用echo打印一个字符串。

新建一个打开伪终端和标准输入的容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -t -i ubuntu /bin/bash
root@7e6725eeaa64:/# ps -a
  PID TTY          TIME CMD
    8 pts/0    00:00:00 ps
root@7e6725eeaa64:/# pwd
/
root@7e6725eeaa64:/#

其中,-t选项让Docker分配一个伪终端,-i让容器的标准输入保持打开。用户可以输入exit或CTRL+D退出容器,容器自动关闭,状态为已关闭状态。

2.4 终止容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker stop 7e6725eeaa64
7e6725eeaa64ef9980fb9cbbb40e01d2f146443f1d1421066cd1ac17455e946e

2.5 进入容器

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -idt ubuntu
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                            COMMAND    CREATED        STATUS            PORTS  NAMES
f5c3d7064054  docker.io/library/ubuntu:latest  /bin/bash  4 seconds ago  Up 4 seconds ago         compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker exec -it f5c3d7064054 /bin/bash
root@f5c3d7064054:/# ps
  PID TTY          TIME CMD
    8 pts/1    00:00:00 bash
   15 pts/1    00:00:00 ps
root@f5c3d7064054:/# pwd
/
root@f5c3d7064054:/#

使用exec 进入到一个容器,并启动一个bash

2.6 删除容器


[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                            COMMAND    CREATED        STATUS            PORTS  NAMES
f5c3d7064054  docker.io/library/ubuntu:latest  /bin/bash  8 minutes ago  Up 8 minutes ago         compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker stop f5c3d7064054
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                            COMMAND    CREATED        STATUS                    PORTS  NAMES
f5c3d7064054  docker.io/library/ubuntu:latest  /bin/bash  8 minutes ago  Exited (0) 3 seconds ago         compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker rm f5c3d7064054
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

一般建议stop容器,再删除容器,最后确认删除了。

2.7 容器迁移

容器导出到一个文件

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                            COMMAND    CREATED        STATUS            PORTS  NAMES
5ce4afcbf5d6  docker.io/library/ubuntu:latest  /bin/bash  2 minutes ago  Up 2 minutes ago         trusting_dubinsky
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker export 5ce >ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ ll
total 74452
-rw-r--r-- 1 javadm javgrp 76237312 Apr 25 23:58 ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ du -sh ubuntu_run_1.tar
73M     ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ pwd
/home/javadm

容器从文件导入

[javadm@instance-2 ~]$ ll
total 74452
-rw-r--r--. 1 javadm javgrp 76237312 Apr 26 03:04 ubuntu_run_1.tar
[javadm@instance-2 ~]$ cat ubuntu_run_1.tar |docker import - test/ubuntu:v1.0
Getting image source signatures
Copying blob cef6a2dabb47 done
Copying config 7b5308bcc5 done
Writing manifest to image destination
Storing signatures
7b5308bcc59de8ccc8acbbf4ca424364ae4bfbec44b0700ca3c8eddf855b4bbb
[javadm@instance-2 ~]$ docker image list
REPOSITORY              TAG    IMAGE ID       CREATED              SIZE
docker.io/test/ubuntu   v1.0   7b5308bcc59d   About a minute ago   76.2 MB
[javadm@instance-2 ~]$ docker run -it 7b5308bcc59d /bin/bash
root@e66a42e9bc02:/# cd /tmp/
root@e66a42e9bc02:/tmp# ll
total 4
drwxrwxrwt. 2 root root 28 Apr 25 15:56 ./
drwxr-xr-x. 2 root root  6 Apr 26 03:09 ../
-rw-r--r--. 1 root root 12 Apr 25 15:57 file_at_docker
root@e66a42e9bc02:/tmp# cat file_at_docker
hello world
root@e66a42e9bc02:/tmp# exit
exit
ERRO[0145] unable to close namespace: "close /proc/25407/ns/user: bad file descriptor"
[javadm@instance-2 ~]$ docker ps -a
CONTAINER ID  IMAGE                       COMMAND    CREATED        STATUS                    PORTS  NAMES
e66a42e9bc02  docker.io/test/ubuntu:v1.0  /bin/bash  2 minutes ago  Exited (0) 5 seconds ago         focused_gagarin
[javadm@instance-2 ~]$

cat ubuntu_run_1.tar |docker import - test/ubuntu:v1.0 通过文件导入镜像,然后使用docker run运行该镜像,会自动生成一个容器。

3.仓库

Docker仓库,类似于代码仓库,是Docker集中存放镜像文件的地方。我们可以把存放ISO镜像光盘的书架,理解为仓库。目前最大的Docker仓库是Docker Hub,里面存放了大量的镜像供用户下载。

3.1 在仓库搜索镜像

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker search ansible
INDEX        NAME                                                                           DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
redhat.com   registry.access.redhat.com/cloudforms46/cfme-openshift-embedded-ansible        Ansible Automation image that provides Ansib...   0
redhat.com   registry.access.redhat.com/ansible-runner-11/ansible-runner                    Ansible Runner is a component for reliable, ...   0
redhat.com   registry.access.redhat.com/openshift3/apb-tools                                Ansible Playbook Bundle (APB) tools to assis...   0
redhat.com   registry.access.redhat.com/ansible-tower-34/ansible-tower-messaging            Red Hat Ansible Tower is a fully-featured au...   0
redhat.com   registry.access.redhat.com/ansible-tower-34/ansible-tower-memcached            Red Hat Ansible Tower is a fully-featured au...   0
......

3.2 创建私有镜像仓库

本地新建私有仓库

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -idt -p 5000:5000 -v /tmp/data/registry:/tmp/registry registry
f10c2d0d3648c7aac72ef056f087f83447e3fa3aa3c3e80d801eca3c60a25792
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID  IMAGE                              COMMAND               CREATED         STATUS                    PORTS                   NAMES
f10c2d0d3648  docker.io/library/registry:latest  /etc/docker/regis...  5 seconds ago   Up 5 seconds ago          0.0.0.0:5000->5000/tcp  wonderful_keldysh
b7ed62ac0656  docker.io/library/registry:latest  /etc/docker/regis...  10 minutes ago  Exited (2) 2 minutes ago  0.0.0.0:5000->5000/tcp  hungry_driscoll

将本机的镜像push到私有仓库

[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker tag docker.io/library/nginx:latest 127.0.0.1:5000/test
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY                          TAG      IMAGE ID       CREATED        SIZE
127.0.0.1:5000/test                 latest   602e111c06b6   2 days ago     131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ podman push 127.0.0.1:5000/test
Getting image source signatures
Copying blob b3003aac411c done
Copying blob c2adabaecedb done
Copying blob 216cf33c0a28 done
Copying config 602e111c06 done
Writing manifest to image destination
Storing signatures
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$

给本地镜像打个tag并push到私有仓库

将远程的私有库的镜像pull到本地仓库

[robin@instance-2 ~]$ podman pull 47.52.22.186:5000/ubuntu-robin2 --log-level=debug
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/robin/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000
DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] Not configuring container store
DEBU[0000] Initializing event backend journald
DEBU[0000] using runtime "/usr/bin/runc"
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/robin/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000
DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] [graphdriver] trying provided driver "overlay"
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs
DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false
DEBU[0000] Initializing event backend journald
DEBU[0000] using runtime "/usr/bin/runc"
INFO[0000] running as rootless
DEBU[0000] Using conmon: "/usr/bin/conmon"
DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db
DEBU[0000] Using graph driver overlay
DEBU[0000] Using graph root /home/robin/.local/share/containers/storage
DEBU[0000] Using run root /run/user/1000
DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod
DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp
DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes
DEBU[0000] Set libpod namespace to ""
DEBU[0000] Initializing event backend journald
DEBU[0000] using runtime "/usr/bin/runc"
DEBU[0000] parsed reference into "[overlay@/home/robin/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]47.52.22.186:5000/ubuntu-robin2:latest"
Trying to pull 47.52.22.186:5000/ubuntu-robin2...
DEBU[0000] reference rewritten from '47.52.22.186:5000/ubuntu-robin2:latest' to '47.52.22.186:5000/ubuntu-robin2:latest'
DEBU[0000] Trying to pull "47.52.22.186:5000/ubuntu-robin2:latest"
DEBU[0000] Credentials not found
DEBU[0000] Using registries.d directory /etc/containers/registries.d for sigstore configuration
DEBU[0000]  Using "default-docker" configuration
DEBU[0000]  No signature storage configuration found for 47.52.22.186:5000/ubuntu-robin2:latest
DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/47.52.22.186:5000
DEBU[0000] GET https://47.52.22.186:5000/v2/
DEBU[0000] Ping https://47.52.22.186:5000/v2/ err Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client (&url.Error{Op:"Get", URL:"https://47.52.22.186:5000/v2/", Err:(*errors.errorString)(0xc000373330)})
DEBU[0000] GET http://47.52.22.186:5000/v2/
DEBU[0000] Ping http://47.52.22.186:5000/v2/ status 200
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/manifests/latest
DEBU[0000] Using blob info cache at /home/robin/.local/share/containers/cache/blob-info-cache-v1.boltdb
DEBU[0000] IsRunningImageAllowed for image docker:47.52.22.186:5000/ubuntu-robin2:latest
DEBU[0000]  Using default policy section
DEBU[0000]  Requirement 0: allowed
DEBU[0000] Overall: allowed
DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01
Getting image source signatures
DEBU[0000] Manifest has MIME type application/vnd.docker.distribution.manifest.v2+json, ordered candidate list [application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.v1+prettyjws, application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v1+json]
DEBU[0000] ... will first try using the original manifest unmodified
DEBU[0000] [graphdriver] trying provided driver "overlay"
DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs
DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false
DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:d1ccda578660acdc3df1251fb5feec3b6456be5e0c903ba85063de4c936ec070
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:d1ccda578660acdc3df1251fb5feec3b6456be5e0c903ba85063de4c936ec070
DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:78a54e4c2391d5ac21011f1368ec928e69c46a1a1f52f4ba0e1566e7881b406d
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:78a54e4c2391d5ac21011f1368ec928e69c46a1a1f52f4ba0e1566e7881b406d
DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:738c524be39b5f4fa54032fb2b389df9d8ed922519711fab633a2771d348866f
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:738c524be39b5f4fa54032fb2b389df9d8ed922519711fab633a2771d348866f
DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:7961e061339529159a00915f94a586e461100b2aaf331021342a580b7d30d79d
DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:7961e061339529159a00915f94a586e461100b2aaf331021342a580b7d30d79d
DEBU[0000] Detected compression format gzip
DEBU[0000] Using original blob without modification
DEBU[0000] Detected compression format gzip
DEBU[0000] Using original blob without modification
DEBU[0000] Detected compression format gzip
DEBU[0000] Using original blob without modification
DEBU[0000] Detected compression format gzip
DEBU[0000] Using original blob without modification
Copying blob 738c524be39b done
Copying blob d1ccda578660 done
Copying blob 78a54e4c2391 done
Copying blob 7961e0613395 done
DEBU[0044] No compression detected
DEBU[0044] Using original blob without modification
Copying config 1d622ef86b done
Writing manifest to image destination
Storing signatures
DEBU[0044] setting image creation date to 2020-04-24 01:07:51.928109369 +0000 UTC
DEBU[0044] reusing image ID "1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01"
DEBU[0044] set names of image "1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01" to [47.52.22.186:5000/ubuntu-robin2:latest docker.io/library/ubuntu:latest]
DEBU[0044] saved image metadata "{\"signatures-sizes\":{\"sha256:f7886a8214857ddcb06b4b3117185850b34aba270b494aa30b9f57f0e8a25de7\":[]}}"
DEBU[0044] parsed reference into "[overlay@/home/robin/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]47.52.22.186:5000/ubuntu-robin2:latest"
1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01
[robin@instance-2 ~]$ docker image list
REPOSITORY                        TAG      IMAGE ID       CREATED        SIZE
47.52.22.186:5000/ubuntu-robin2   latest   1d622ef86b13   2 days ago     76.3 MB
docker.io/library/ubuntu          latest   1d622ef86b13   2 days ago     76.3 MB
registry.centos.org/centos        latest   0d53c857b224   3 months ago   210 MB
[robin@instance-2 ~]$
[javadm@instance-2 ~]$ docker run -it 1d62 /bin/bash
root@d5e33abf1f91:/# pwd
/
root@d5e33abf1f91:/# whoami
root
root@d5e33abf1f91:/#

3.3 podman客户端配置http支持

参考:https://computingforgeeks.com/create-docker-container-registry-with-podman-letsencrypt/
默认情况下,podman客户端使用https设置,如果pull或者push调用的仓库是http的,就会报错


[javadm@instance-2 ~]$  podman pull 47.52.22.186:5000/ubuntu-robin2
Trying to pull 47.52.22.186:5000/ubuntu-robin2...
  Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client
Error: error pulling image "47.52.22.186:5000/ubuntu-robin2": unable to pull 47.52.22.186:5000/ubuntu-robin2: unable to pull image: Error initializing source docker://47.52.22.186:5000/ubuntu-robin2:latest: error pinging docker registry 47.52.22.186:5000: Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client
[javadm@instance-2 ~]$

我们可以这样对客户端开启http

[robin@instance-2 ~]$ cat /etc/containers/registries.conf
[registries.insecure]
registries = ['myregistry.local','47.52.22.186:5000']

默认情况下,这个registries=[]

4.数据管理

docker容器运行的时候,内部肯定会产生数据,默认情况下docker内部的磁盘会自动映射到宿主机的磁盘,但是我们不知道数据放在哪。我们想查看容器内的数据,一般都要登陆到容器中查看。不过,早就有人考虑到这个问题了,实现了容器内数据管理的多种方式。

4.1 数据卷

数据卷的使用,类似于linux下对目录或文件进行mount的操作。

4.1.1创建一个容器内的数据卷,不挂载宿主机目录

[javadm@aliyun-hk2 ~]$ docker run -idt -p 8080:8080 -v /webapp /home/javadm/webapp docker.io/library/nginx /bin/bash
Error: unable to pull /home/javadm/webapp: error getting default registries to try: invalid reference format
[javadm@aliyun-hk2 ~]$ docker run -idt -p 8080:8080 -v /webapp  docker.io/library/nginx /bin/bash
24122d338c8bcc8e3e631778823629e7b963e25ddacf597c7017407474244472
[javadm@aliyun-hk2 ~]$ docker ps
CONTAINER ID  IMAGE                              COMMAND               CREATED        STATUS                PORTS                   NAMES
24122d338c8b  docker.io/library/nginx:latest     /bin/bash             8 seconds ago  Up 8 seconds ago      0.0.0.0:8080->8080/tcp  nifty_heisenberg
f10c2d0d3648  docker.io/library/registry:latest  /etc/docker/regis...  5 hours ago    Up About an hour ago  0.0.0.0:5000->5000/tcp  wonderful_keldysh
[javadm@aliyun-hk2 ~]$ docker exec -it 24122d338c8b /bin/bash
root@24122d338c8b:/# pwd
/
root@24122d338c8b:/# whoami
root
root@24122d338c8b:/# ls /webapp/
root@24122d338c8b:/#

使用-v参数创建一个docker内的数据卷。

4.1.2创建一个容器内的数据卷,挂载一个宿主机目录

[javadm@aliyun-hk2 ~]$ docker run -idt -p 8081:80 -v /home/javadm/webapp:/opt/webapp  docker.io/library/nginx /bin/bash
7dee9a3bbb1414df18032fa15019b593a77789fe279969236f99c9cc6f3a91a6
[javadm@aliyun-hk2 ~]$ docker ps -a
CONTAINER ID  IMAGE                              COMMAND               CREATED         STATUS             PORTS                   NAMES
7dee9a3bbb14  docker.io/library/nginx:latest     /bin/bash             4 seconds ago   Up 4 seconds ago   0.0.0.0:8081->80/tcp    frosty_mirzakhani
[javadm@aliyun-hk2 ~]$ ls ./webapp/
[javadm@aliyun-hk2 ~]$ docker exec -it 7dee9a3bbb14 /bin/bash
root@7dee9a3bbb14:/# cd /opt/webapp/
root@7dee9a3bbb14:/opt/webapp# echo hello >file_at_docker_7dee9a3bbb14
root@7dee9a3bbb14:/opt/webapp# cat file_at_docker_7dee9a3bbb14
hello
root@7dee9a3bbb14:/opt/webapp# exit
exit
[javadm@aliyun-hk2 ~]$ ls ./webapp/file_at_docker_7dee9a3bbb14
./webapp/file_at_docker_7dee9a3bbb14
[javadm@aliyun-hk2 ~]$ cat ./webapp/file_at_docker_7dee9a3bbb14
hello

将宿主机/home/javadm/webapp目录映射到容器内/opt/webapp

4.2 数据卷容器

数据卷容器相当于通过单独的一个容器创建一个网路存储,然后别的docker可以直接挂载这个网络存储并且使用它。

4.2.1创建一个数据卷容器

[javadm@aliyun-hk2 webapp]$ docker run -it -v /dbdata --name dbdata ubuntu
root@3bd825b8e4f2:/# cd /dbdata/
root@3bd825b8e4f2:/dbdata# ll
total 0
drwxr-xr-x 2 root root 6 Apr 26 13:02 ./
drwxr-xr-x 2 root root 6 Apr 26 13:02 ../
root@3bd825b8e4f2:/dbdata# touch dbdata_file1
root@3bd825b8e4f2:/dbdata# touch dbdata_file2
root@3bd825b8e4f2:/dbdata# exit
exit

其实就是启动一个普通容器,并创建一个数据卷而已。

4.2.2挂载容器中的数据卷

[javadm@aliyun-hk2 webapp]$ docker run -it --volumes-from dbdata --name db1 ubuntu
root@d419826cd3ef:/# ls /dbdata/
dbdata_file1  dbdata_file2
root@d419826cd3ef:/# cat /dbdata/dbdata_file1
root@d419826cd3ef:/# cat /dbdata/dbdata_file2
root@d419826cd3ef:/# exit
exit
[javadm@aliyun-hk2 webapp]$ docker run -it --volumes-from dbdata --name db2 ubuntu
root@3002361bdf97:/# ls /dbdata/
dbdata_file1  dbdata_file2
root@3002361bdf97:/#

使用–volumes-from dbdata挂载容器dbdata中的数据卷。

对比下来我觉得数据卷使用更简单、高效,每次让数据卷挂载到宿主机目录是个不错的选择,宿主机这个目录最好选择可靠性高的存储,例如nas等。

5.网络管理

讲完了容器数据管理,再来讲讲容器的网络管理。默认情况下,容器外无法访问容器内的网络服务,所以这个时候可以通过端口映射实现外部访问。

5.1 端口映射实现容器访问

5.1.1 绑定宿主机任意端口

[javadm@aliyun-hk2 webapp]$ docker run -idt -P docker.io/library/nginx
c042bcdc21acdab92acb29c0b06c17e75bfe068457c5ab02a85e3e97d4ed530f
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED             STATUS                     PORTS                  NAMES
c042bcdc21ac  docker.io/library/nginx:latest  nginx -g daemon o...  6 seconds ago       Up 6 seconds ago           0.0.0.0:41641->80/tcp  wonderful_black
58a78ef4645e  docker.io/library/nginx:latest  nginx -g daemon o...  About a minute ago  Exited (0) 39 seconds ago  0.0.0.0:8080->80/tcp   nginx-test1
[javadm@aliyun-hk2 webapp]$
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED             STATUS                     PORTS                  NAMES
c042bcdc21ac  docker.io/library/nginx:latest  nginx -g daemon o...  6 seconds ago       Up 6 seconds ago           0.0.0.0:41641->80/tcp  wonderful_black
[javadm@aliyun-hk2 webapp]$

使用-P参数会将宿主机任意5位数的端口映射到容器内的web服务端口,例如80.

5.1.2 绑定宿主机固定端口

[javadm@aliyun-hk2 webapp]$ docker run -idt -p 8081:80 docker.io/library/nginx
22812b7d5a01e3f169db27d3027029447adb8043dd76e6e08dd2fbb9f7e9d161
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS                    PORTS                  NAMES
22812b7d5a01  docker.io/library/nginx:latest  nginx -g daemon o...  5 seconds ago  Up 5 seconds ago          0.0.0.0:8081->80/tcp   sharp_hodgkin
c042bcdc21ac  docker.io/library/nginx:latest  nginx -g daemon o...  5 minutes ago  Up 5 minutes ago          0.0.0.0:41641->80/tcp  wonderful_black
58a78ef4645e  docker.io/library/nginx:latest  nginx -g daemon o...  6 minutes ago  Exited (0) 5 minutes ago  0.0.0.0:8080->80/tcp   nginx-test1
[javadm@aliyun-hk2 webapp]$

使用-p可以将宿主机某个固定的端口映射到容器内的固定端口,默认会绑定宿主机所有接口上的地址。

5.1.3 绑定宿主机某个地址的固定端口

[javadm@aliyun-hk2 webapp]$ docker run -idt -p 127.0.0.1:8083:80 docker.io/library/nginx
4c0f11253bb8df77eea55e02c24a168915b82da90bc6cf267373b3c35005e78b
[javadm@aliyun-hk2 webapp]$ curl http://127.0.0.1:8083



Welcome to nginx!



Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

[javadm@aliyun-hk2 webapp]$ curl http://47.52.22.186:8083 curl: (7) Failed to connect to 47.52.22.186 port 8083: Connection refused

这种情况下,只有会将宿主机固定的接口IP:port跟容器中的端口绑定。

5.1.4 绑定宿主机某个地址的任意一个端口

[javadm@aliyun-hk2 webapp]$ docker run --name nginx-test4 -idt -p 127.0.0.1::80 docker.io/library/nginx
1aea7a5e18dbf21893f8d1a1b6def15ff09ebdafdf3975b8a781669f94689a7e
[javadm@aliyun-hk2 webapp]$ docker ps -a|grep nginx-test4
1aea7a5e18db  docker.io/library/nginx:latest  nginx -g daemon o...  18 seconds ago  Up 18 seconds ago          127.0.0.1:41365->80/tcp  nginx-test4
[javadm@aliyun-hk2 webapp]$ curl http://127.0.0.1:41365



Welcome to nginx!



Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

[javadm@aliyun-hk2 webapp]$

使用-p ip::port后宿主机会分配任意一个端口并映射到宿主机端口。

5.1.5 查询容器端口映射配置

[javadm@aliyun-hk2 webapp]$ docker port nginx-test4
80/tcp -> 127.0.0.1:41365

docker port container_name

5.2 容器间网络通信

参考:https://www.redhat.com/sysadmin/container-networking-podman

[javadm@aliyun-hk2 webapp]$ podman run --name nginx-test5 -idt -P --rm --pod new:mypod docker.io/library/nginx
965432cabe0ad4df51b7ca86af978f6fc094b5b261b5738561bf7591c5036c60
[javadm@aliyun-hk2 webapp]$ podman run --name nginx-test6 -it --rm --pod mypod docker.io/library/nginx /bin/sh
#

podman已经抛弃了link,两个容器定义到同一个pod中,就可以共享信息了。

CONTAINER ID  IMAGE                           COMMAND               CREATED         STATUS                     PORTS                    NAMES
0033799d538e  docker.io/library/nginx:latest  /bin/sh               23 seconds ago  Up 23 seconds ago          0.0.0.0:41867->80/tcp    nginx-test6
965432cabe0a  docker.io/library/nginx:latest  nginx -g daemon o...  2 minutes ago   Up 2 minutes ago           0.0.0.0:41867->80/tcp    nginx-test5

两个容器名字不一样,但是在一个pod。

你可能感兴趣的:(docker)