Centos7.4-docker安装部署实战

目录

1、实验环境... 1

1.2、配置网络... 1

2、安装docker软件... 1

3、Docker镜像操作... 3

4、docker容器操作... 10

5、制作镜像... 15

6、数据卷管理... 24

7、网络通信... 32

8、构建nginx镜像... 34

 

1、实验环境

1.1、一台CentOS7.4虚机

root@SIMS_INIT[/root]#cat /etc/redhat-release

CentOS Linux release 7.5.1804 (Core)

root@SIMS_INIT[/root]#uname -a

Linux SIMS_INIT 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

root@SIMS_INIT[/root]#

1.2、配置网络

请确保可以上外网。

root@SIMS_INIT[/root]#ping www.baidu.com

PING www.a.shifen.com (112.80.248.75) 56(84) bytes of data.

64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=1 ttl=57 time=1.91 ms

64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=2 ttl=57 time=2.70 ms

64 bytes from 112.80.248.75 (112.80.248.75): icmp_seq=3 ttl=57 time=2.69 ms

^C

--- www.a.shifen.com ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2002ms

rtt min/avg/max/mdev = 1.915/2.436/2.700/0.373 ms

root@SIMS_INIT[/root]#

1.3、虚机ip配置

Centos7.4-docker安装部署实战_第1张图片

2、安装docker软件

2.1、配置yum源

mount /soft/iso/CentOS-7-x86_64-Everything-1804.iso /mnt

vi /etc/yum.repos.d/CentOS-Local.repo

新增如下内容:

[Local]

name=Local Yum

baseurl=file:///mnt/

gpgcheck=1

gpgkey=file:///mnt/RPM-GPG-KEY-CentOS-7

enable=1

 

[docker-repo]

name=Docker Repository

baseurl=https://yum.dockerproject.org/repo/main/centos/7/

enable=1

gpgcheck=1

gpgkey=https://yum.dockerproject.org/gpg

该文件CentOS-Local.repo没有的话新增即可。

2.2、更新yum源

yum clean all

yum update

yum update会执行较长时间,需要在网络上下载。

2.3、安装docker软件

root@SIMS_INIT[/etc/yum.repos.d]#yum install -y docker-engine

2.4、检查docker安装

root@SIMS_INIT[/etc/yum.repos.d]#rpm -qa |grep docker

docker-engine-selinux-17.05.0.ce-1.el7.centos.noarch

docker-engine-17.05.0.ce-1.el7.centos.x86_64

2.5、启动以及开机自启动

root@SIMS_INIT[/etc/yum.repos.d]#systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

root@SIMS_INIT[/etc/yum.repos.d]# systemctl start docker

root@SIMS_INIT[/etc/yum.repos.d]#

2.6、查看docker版本

root@SIMS_INIT[/etc/yum.repos.d]#docker version

Client:

 Version:      17.05.0-ce

 API version:  1.29

 Go version:   go1.7.5

 Git commit:   89658be

 Built:        Thu May  4 22:06:25 2017

 OS/Arch:      linux/amd64

 

Server:

 Version:      17.05.0-ce

 API version:  1.29 (minimum version 1.12)

 Go version:   go1.7.5

 Git commit:   89658be

 Built:        Thu May  4 22:06:25 2017

 OS/Arch:      linux/amd64

 Experimental: false

3、Docker镜像操作

Docker镜像是创建容器的基础,类似虚拟机的快照,可以理解为是一个面向Docker容器引擎的只读模板,比如:一个镜像可以是一个完整CentOS操作系统环境,称为一个CentOS镜像;可以是一个安装了MySQL的应用程序,称之为一个MySQL镜像等等
Docker提供了简单的机制来创建和更新现有的镜像,用户也可以从网卡下载已经做好的应用镜像来直接使用

3.1、搜索镜像

命令语法:docker search 关键字 //用来搜索远端官方仓库中的共享镜像

root@SIMS_INIT[/root]#docker search lamp

NAME                                   DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED

linode/lamp                            LAMP on Ubuntu 14.04.1 LTS Container            169                 

tutum/lamp                             Out-of-the-box LAMP image (PHP+MySQL)           115                 

greyltc/lamp                           a super secure, up-to-date and lightweight...   95                   [OK]

mattrayner/lamp                        A simple LAMP docker image running the pre...   91                   [OK]

fauria/lamp                            Modern, developer friendly LAMP stack. Inc...   55                   [OK]

janes/alpine-lamp                      lamp base on alpine linux                       39                   [OK]

nickistre/ubuntu-lamp                  LAMP server on Ubuntu                           28                   [OK]

nickistre/centos-lamp                  LAMP on centos setup                            27                   [OK]

dgraziotin/lamp                                                                        11                   [OK]

lioshi/lamp                            Docker image for LAMP + MySql under debian      10                   [OK]

nickistre/ubuntu-lamp-wordpress        LAMP on Ubuntu with wp-cli installed            9                    [OK]

nickistre/ubuntu-lamp-xdebug           LAMP on Ubuntu with xdebug installed            5                    [OK]

theodotos/ubuntu-lamp                  A LAMP (Linux/Apache/MariaDB/PHP) image ba...   4                   

sminnee/silverstripe-lamp              Docker image for SilverStripe LAMP stack t...   4                   

gizra/drupal-lamp                      A base LAMP docker file for drupal projects.    3                    [OK]

nickistre/centos-lamp-wordpress        LAMP on CentOS setups with wp-cli installed     3                    [OK]

shelleyma/lampp2                       lampp from github                               2                    [OK]

ready2order/lamp                       LAMP                                            1                   

lead4good/lamp-php                     LAMP Stack PHP                                  1                    [OK]

aariacarterweir/lamp-gitftp            LAMP Stack with node and git-ftp:latest.        1                   

lead4good/lamp-mysql                   LAMP-Stack MySQL                                0                    [OK]

thinkiq/lamp                           ThinkIQ Lamp image                              0                    [OK]

gregnuj/cyclops-lamp                   Cyclops LAMP server                             0                    [OK]

lampson0505/ubuntu-phy                 An Ubuntu image with teamd for network int...   0                   

davefx/trusty-lamp-selenium-headless   Ubuntu 14.04 system with configured LAMP s...   0                    [OK]

NAME:镜像名称
DESCRIPTION:描述
STARS:星级
OFFICIAL:是否官方创建
AUTOMATED:是否主动创建

root@SIMS_INIT[/root]#docker search lamp -f stars=10

NAME                    DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED

linode/lamp             LAMP on Ubuntu 14.04.1 LTS Container            169                 

tutum/lamp              Out-of-the-box LAMP image (PHP+MySQL)           115                 

greyltc/lamp            a super secure, up-to-date and lightweight...   95                   [OK]

mattrayner/lamp         A simple LAMP docker image running the pre...   91                   [OK]

fauria/lamp             Modern, developer friendly LAMP stack. Inc...   55                   [OK]

janes/alpine-lamp       lamp base on alpine linux                       39                   [OK]

nickistre/ubuntu-lamp   LAMP server on Ubuntu                           28                   [OK]

nickistre/centos-lamp   LAMP on centos setup                            27                   [OK]

dgraziotin/lamp                                                         11                   [OK]

lioshi/lamp             Docker image for LAMP + MySql under debian      10                   [OK]

Centos7.4-docker安装部署实战_第2张图片

3.2、获取镜像

命令语法:docker pull 镜像名称

root@SIMS_INIT[/root]#docker pull nickistre/centos-lamp

Centos7.4-docker安装部署实战_第3张图片

(等待时间有点漫长,不是网速的问题,是国外网站资源少,下载的都是最新的版本)

3.3、查看镜像

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#

REPOSITORY:镜像属于的仓库(名称)
TAG:镜像的标签信息,标记同一个仓库中的不同镜像,默认为latest
IMAGE ID:镜像的唯一ID号,唯一标识了该镜像
CREATED:镜像创建时间
SIZE:镜像大小
//还可以根据镜像的唯一标识ID号,获取镜像详细信息

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#docker inspect 0b8d572d1c7d

[

    {

        "Id": "sha256:0b8d572d1c7d20f8b2e86bb92517dd3a9e8f935194c7f48af5dc84984e7c5f44",

        "RepoTags": [

            "nickistre/centos-lamp:latest"

        ],

        "RepoDigests": [

            "nickistre/centos-lamp@sha256:6012dff0d5f805342d65e8eb3cae4e83e75bce16980915b165ef55d64866e91d"

        ],

        "Parent": "",

        "Comment": "",

        "Created": "2018-04-13T21:01:31.472818372Z",

        "Container": "25f7679db9909e1a5f63456ad2297c5eaaa8ca4c4f02991e678fc38af39e8762",

        "ContainerConfig": {

            "Hostname": "25f7679db990",

            "Domainname": "",

            "User": "",

            "AttachStdin": false,

            "AttachStdout": false,

            "AttachStderr": false,

            "ExposedPorts": {

                "22/tcp": {},

                "443/tcp": {},

                "80/tcp": {}

            },

            "Tty": false,

            "OpenStdin": false,

            "StdinOnce": false,

            "Env": [

                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

            ],

            "Cmd": [

                "/bin/sh",

                "-c",

                "#(nop) ",

                "CMD [\"supervisord\" \"-n\"]"

            ],

            "ArgsEscaped": true,

            "Image": "sha256:23865469389846bddf3e091a0484f8e28cad879295c6f8e3a839b05137c079fc",

            "Volumes": null,

            "WorkingDir": "",

            "Entrypoint": null,

            "OnBuild": [],

            "Labels": {}

        },

        "DockerVersion": "17.06.1-ce",

        "Author": "Nicholas Istre ",

        "Config": {

            "Hostname": "",

            "Domainname": "",

            "User": "",

            "AttachStdin": false,

            "AttachStdout": false,

            "AttachStderr": false,

            "ExposedPorts": {

                "22/tcp": {},

                "443/tcp": {},

                "80/tcp": {}

            },

            "Tty": false,

            "OpenStdin": false,

            "StdinOnce": false,

            "Env": [

                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

            ],

            "Cmd": [

                "supervisord",

                "-n"

            ],

            "ArgsEscaped": true,

            "Image": "sha256:23865469389846bddf3e091a0484f8e28cad879295c6f8e3a839b05137c079fc",

            "Volumes": null,

            "WorkingDir": "",

            "Entrypoint": null,

            "OnBuild": [],

            "Labels": null

        },

        "Architecture": "amd64",

        "Os": "linux",

        "Size": 546979929,

        "VirtualSize": 546979929,

        "GraphDriver": {

            "Data": {

                "RootDir": "/var/lib/docker/overlay/da29d2ee959d1ad2ac420a22701f2dba057115b86b1a27d7445766995de5a1c3/root"

            },

            "Name": "overlay"

        },

        "RootFS": {

            "Type": "layers",

            "Layers": [

                "sha256:da6517724f67fd4133a5bf508f7c79e20d8e2741c5b3264790d49db5e97c0e2e",

                "sha256:244de8069fbc70a188607a8dddab80ad8866a4e0bcb0b24f12aef0130ba307f2",

                "sha256:988e3cb5a27b1efc0c85c3d9b34b25322de3ce13267d647a869f9150cd3c3f7f",

                "sha256:38556f5b76216ba7518d1da1f2ea0c7ac147203833976c5a701fb36d71e17ec6",

                "sha256:e6eea089f108513a9af6006efe53cff5ef762bc4be503ce8eaa1c6c726cae2ed",

                "sha256:07d45adf0b976b610bfbbc6f9cc30a133d18f69262a9446bc280f542bd17d743",

                "sha256:a0753067e202b570fa8c70f86ae2e0510f82f2271a0d5c1db5cbb4f9a9210cc3",

                "sha256:9b9518d71f0ef4b967d786f7f40943658362af00b5e9f91f43053619b75bf07b",

                "sha256:11ed4ddf1f28ad2857c7b3f17eee8c349fd9011042cf563807493bbddb2f3f46",

                "sha256:fa3e2c4d1489e48588c4a08443edb471234a481dd52b341b211909d35e5787ca",

                "sha256:f874a4141753cd042dbdcfc0acb48c8239de9a1d42b4902defe79ea6042cfc62",

                "sha256:fabd844fa786a84bcd481f617becfbc31b85e927b4b24a56acc5283c1ad5ea76",

                "sha256:d31fcd4e52cffcbf6c8ff68a19609d4a7ae56e43f7ad41865dd7b1341ca70977",

                "sha256:2ccc0c68e26e5ac575aa7f7822638d547b5a3c703c73c004a40b19388f582bda",

                "sha256:385f382ed46ca3e95842ce6074deb140cc11784744882adea64e27a24eeddaa8"

            ]

        }

    }

]

3.4、为镜像添加多个名称和标签

命令语法:docker tag 名称:标签 新名称:新标签

root@SIMS_INIT[/soft/iso]# docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#docker tag nickistre/centos-lamp:latest centos:lamp

root@SIMS_INIT[/soft/iso]# docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

centos                  lamp                0b8d572d1c7d        12 months ago       547MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#

//名称与标签可以添加多个,ID号是唯一的

3.5、删除镜像

命令格式:docker rmi 名称:标签

//镜像没有使用才能删除成功,且只是删除一个镜像,同一个ID下的其它镜像不会被删除

或者:docker rmi 镜像ID号 (以ID号删除,会删除同一个ID下全部的镜像)

Docker rmi –f ID //永久删除

docker rmi -f $(docker images | grep "" | awk "{print \$3}") //删除所有没有使用的镜像

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

centos                  lamp                0b8d572d1c7d        12 months ago       547MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#docker rmi centos:lamp

Untagged: centos:lamp

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#

3.6、存出镜像和载入镜像

存出镜像:将镜像保存成本地文件,这一过程叫作存出镜像,可以使用docker save命令进行操作。之后就可以拷贝该文件到其他机器。

命令格式:docker save –o 存储文件名 存储的镜像

root@SIMS_INIT[/soft/iso]#docker save -o lamp nickistre/centos-lamp

//将本地的nickistre/centos-lamp镜像存出为文件lamp

时间较长,耐心等待。

docker rmi nickistre/centos-lamp

//删除nickistre/centos-lamp镜像

我这里就nickistre/centos-lamp这一个镜像,就不删除了。

载入镜像:将本地存出镜像文件导入到镜像库,这一过程叫作载入镜像。使用docker load或者docker –input进行载入操作

命令格式:docker load < 存出的文件

root@SIMS_INIT[/soft/iso]#ll

total 9654560

-rw-r--r-- 1 root root 9322668032 Sep  6  2018 CentOS-7-x86_64-Everything-1804.iso

-rw------- 1 root root  563599360 Apr 19 17:04 lamp

root@SIMS_INIT[/soft/iso]#docker load < lamp

镜像上传

//本地存储的镜像越来越多,就需要指定一个专门的地方存放这些镜像—仓库
命令格式:docker push 名称:标签

4、docker容器操作

Docker容器是从镜像创建的运行实例,它可以被启动、停止和删除。所创建的每一个容器都是相互隔离、互不可见的,可以保证平台的安全性。还可以把容器看作是一个简易版的Linux环境,Docker利用容器来运行和隔离应用。
容器是Docker的另一个核心概念。简单说,容器是镜像的一个运行实例,是独立运行的一个或一组应用以及它们所必需的运行环境,包括文件系统、系统类库、shell环境等。镜像是只读模板,而容器会给这个只读模板一个额外的可写层。

4.1容器的创建与启动

4.1.1、创建容器

容器的创建就是将镜像加载到容器的过程

命令格式:docker create [选项] 镜像 运行的程序

常用选项:
-i:让容器的输入保持打开
-t:让Docker分配一个伪终端

docker create -it nickistre/centos-lamp /bin/bash

//创建容器,默认是没有运行的

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

root@SIMS_INIT[/soft/iso]#docker create -it nickistre/centos-lamp /bin/bash

0b42207f4d4c6e15c053d12b2b02e7688fc0a9dac46fba42ea441739f20f2251

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS               NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         7 seconds ago       Created                                 xenodochial_booth

4.1.2、查询容器

docker ps –a

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS               NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         7 seconds ago       Created                                 xenodochial_booth

//查看容器的运行情况,关注ID(唯一的)

CONTAINER ID:容器的ID号(唯一的)
IMAGE:加载的镜像
COMMAND:运行的程序
CREATED:创建时间
STATUS:目前所处的状态
PORTS:端口映射

root@SIMS_INIT[/soft/iso]# docker ps

CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

root@SIMS_INIT[/soft/iso]#

//查看运行中的容器

4.1.3、启动

命令格式:docker start 容器的ID/名称

root@SIMS_INIT[/soft/iso]#docker start 0b42207f4d4c

0b42207f4d4c

root@SIMS_INIT[/soft/iso]# docker ps

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         3 minutes ago       Up 3 seconds        22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#

4.1.4、创建并启动

命令格式:docker run [选项] 镜像 运行的程序
等同于先执行docker create命令,再执行docker start命令。需要注意只要后面的命令运行结束,容器就会停止。
[root@localhost ~]# docker run centos:lamp /bin/bash -c ls /

//创建容器的并启动执行一条shell命令,命令完成容器就停止

root@SIMS_INIT[/soft/iso]#docker run nickistre/centos-lamp /bin/bash -c ls /

bin

boot

dev

etc

home

lib

lib64

lost+found

media

mnt

opt

proc

root

sbin

selinux

srv

sys

tmp

usr

var

4.1.5、容器的暂停运行

命令格式:docker pasuse 容器的ID

root@SIMS_INIT[/soft/iso]#docker pause 0b42207f4d4c

0b42207f4d4c

4.1.6、取消容器暂停运行

root@SIMS_INIT[/soft/iso]#docker unpause 0b42207f4d4c

0b42207f4d4c

root@SIMS_INIT[/soft/iso]#docker ps

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         11 minutes ago      Up 7 minutes        22/tcp, 80/tcp, 443/tcp   xenodochial_booth

4.2、容器的运行终止

命令格式:docker stop 容器的ID/名称

root@SIMS_INIT[/soft/iso]#docker ps

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         12 minutes ago      Up 9 minutes        22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#docker stop 0b42207f4d4c

0b42207f4d4c

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND               CREATED             STATUS                       PORTS               NAMES

ebd2998beafb        nickistre/centos-lamp   "/bin/bash -c ls /"   6 minutes ago       Exited (0) 6 minutes ago                         optimistic_bartik

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"           13 minutes ago      Exited (137) 3 seconds ago                       xenodochial_booth

root@SIMS_INIT[/soft/iso]#

4.3、容器的进入

命令格式:docker exec –it 容器ID/名称 /bin/bash

root@SIMS_INIT[/soft/iso]#docker exec -it 0b42207f4d4c /bin/bash

[root@0b42207f4d4c /]#

4.4、容器的导出与生成镜像

4.4.1、导出

将已经创建好的容器导出为文件,无论这个容器是处于运行状态还是停止状态均可导出。
命令格式:docker export 容器ID/名称 > 文件名

root@SIMS_INIT[/soft/iso]#docker export 0b42207f4d4c >centos_lamp

4.4.2、将容器文件生成镜像

命令格式:cat 文件名 | docker import – 生成的镜像名称:标签

root@SIMS_INIT[/soft/iso]#cat centos_lamp | docker import - centos1:latest

sha256:618a28de761879192f3afb24a6ce21eebe9954e91b65b684de75af1b784d7b83

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED              SIZE

centos1                 latest              618a28de7618        About a minute ago   472MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago        547MB

root@SIMS_INIT[/soft/iso]#

4.5、容器的删除

命令格式:docker rm 容器ID/名称

Docker rm –f 容器ID/名称 //强制删除运行中的容器,不建议

4.5.1、删除已停止的容器

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND               CREATED             STATUS                      PORTS                     NAMES

ebd2998beafb        nickistre/centos-lamp   "/bin/bash -c ls /"   17 minutes ago      Exited (0) 17 minutes ago                             optimistic_bartik

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"           25 minutes ago      Up 10 minutes               22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#docker rm ebd2998beafb

ebd2998beafb

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         25 minutes ago      Up 10 minutes       22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#

4.5.2、删除运行中的容器

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

95fa6247a137        centos1                 "/bin/bash"         32 seconds ago      Up 12 seconds                                 sharp_euclid

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         29 minutes ago      Up 14 minutes       22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#docker stop 95fa6247a137

95fa6247a137

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED              STATUS                      PORTS                     NAMES

95fa6247a137        centos1                 "/bin/bash"         About a minute ago   Exited (137) 1 second ago                             sharp_euclid

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         30 minutes ago       Up 15 minutes               22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#docker rm 95fa6247a137

95fa6247a137

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         30 minutes ago      Up 15 minutes       22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/soft/iso]#

5、制作镜像

5.1、基于现有镜像制作

将原始镜像加入容器并运行-》在原始镜像中部署各种服务-》退出容器-》使用下面命令将容器生成新的镜像实质就是把一个容器里面运行的程序以及该程序的运行环境打包起来生成新的镜像。

命令格式: docker commit [选项] 容器ID/名称 仓库名称:[标签]

常用选项:
-m:说明信息
-a:作用信息
-p:生成过程中停止容器的运行

5.1.1、运行一个容器

root@SIMS_INIT[/soft/iso]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         36 minutes ago      Up 21 minutes       22/tcp, 80/tcp, 443/tcp   xenodochial_booth

5.1.2、登陆并部署应用

5.1.3、创建镜像

root@SIMS_INIT[/soft/iso]#docker commit -m "remark" -a "test" 0b42207f4d4c centos2:latest

sha256:366e6c6b11aa5b65ff6d53f2ed8e8f4a7e0f2092358e84a52a4a07c9b3792e3d

root@SIMS_INIT[/soft/iso]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE

centos2                 latest              366e6c6b11aa        5 seconds ago       547MB

centos1                 latest              618a28de7618        15 minutes ago      472MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago       547MB

root@SIMS_INIT[/soft/iso]#

5.2、基于本地模板创建

参考4.4节部分。

5.3、基于dockerfile创建

5.3.1、建立工作目录

root@SIMS_INIT[/soft/iso]#mkdir /apache

root@SIMS_INIT[/soft/iso]#cd /apache

5.3.2、 创建并编写dockerfile文件

root@SIMS_INIT[/apache]#vi dockerfile

#基于的基础镜像为centos

FROM centos

#维护该镜像的用户信息

MAINTAINER The Centos Project

#镜像操作指令安装apache软件包

#RUN yum -y update

//此处注意,由于我的centos镜像版本是最新的7.3,所以不需要更新,如果是7.3以下的版本,这里需要打开,自动更新到7.3,否则后面会有报错

RUN yum -y install httpd

#开启80端口

EXPOSE 80

#复制网站首页文件

ADD index.html /var/www/html/index.html

#将执行脚本复制到镜像中

ADD run.sh /run.sh

RUN chmod 755 /run.sh

#启动容器时执行脚本

CMD ["/run.sh"]

保存退出。

5.3.3、编写执行脚本内容

root@SIMS_INIT[/apache]#vi run.sh

#!/bin/bash

rm -rf /run/httpd/*

//清理httpd的缓存

exec /usr/sbin/apachectl -D FOREGROUND

//启动apache服务

保存退出。

5.3.4、创建测试页面

root@SIMS_INIT[/apache]#vi index.html

This is test!

保存退出。

5.3.5、使用dockerfile生成镜像

命令格式:docker build [选项] 路径

常用选项:-t  //指定镜像的标签信息

root@SIMS_INIT[/apache]#docker build -t httpd:centos .

Sending build context to Docker daemon   16.9kB

Step 1/8 : FROM centos

latest: Pulling from library/centos

8ba884070f61: Pull complete

Digest: sha256:8d487d68857f5bc9595793279b33d082b03713341ddec91054382641d14db861

Status: Downloaded newer image for centos:latest

 ---> 9f38484d220f

Step 2/8 : MAINTAINER The Centos Project

 ---> Running in 825dae1d795b

 ---> 68194fe789de

Removing intermediate container 825dae1d795b

Step 3/8 : RUN yum -y install httpd

 ---> Running in 440b220893ff

Loaded plugins: fastestmirror, ovl

Determining fastest mirrors

 * base: ftp.sjtu.edu.cn

 * extras: mirror.jdcloud.com

 * updates: mirror.jdcloud.com

Dependency Installed:

  apr.x86_64 0:1.4.8-3.el7_4.1                                                  

  apr-util.x86_64 0:1.5.2-6.el7                                                

  centos-logos.noarch 0:70.0.6-3.el7.centos                                    

  httpd-tools.x86_64 0:2.4.6-88.el7.centos                                      

  mailcap.noarch 0:2.1.41-2.el7                                                

 

Complete!

 ---> 93e5017f12e0

Removing intermediate container 440b220893ff

Step 4/8 : EXPOSE 80

 ---> Running in af6bb2ac6765

 ---> 7a2e04fa76c3

Removing intermediate container af6bb2ac6765

Step 5/8 : ADD index.html /var/www/html/index.html

 ---> b78fcb54b639

Removing intermediate container cad1db9ce919

Step 6/8 : ADD run.sh /run.sh

 ---> f70a920702ea

Removing intermediate container f6321c943e20

Step 7/8 : RUN chmod 755 /run.sh

 ---> Running in cacc676cdb4f

 ---> 622a9f4078c2

Removing intermediate container cacc676cdb4f

Step 8/8 : CMD /run.sh

 ---> Running in a376b3fef2ce

 ---> fdad167d588f

Removing intermediate container a376b3fef2ce

Successfully built fdad167d588f

Successfully tagged httpd:centos

查看生成完的镜像:

5.3.6、使用新的镜像运行容器

root@SIMS_INIT[/apache]#docker run -d -p 9000:80 httpd:centos

2ff6e3c166e920313f0f840c004a051cbba8626a16349235b72d012b90d4d267

root@SIMS_INIT[/apache]#docker ps –a

CONTAINER ID        IMAGE                   COMMAND             CREATED             STATUS              PORTS                     NAMES

2ff6e3c166e9        httpd:centos            "/run.sh"           9 seconds ago       Up 8 seconds        0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"         4 hours ago         Up 4 hours          22/tcp, 80/tcp, 443/tcp   xenodochial_booth

//用-p选项实现将本地端口9000映射到容器中的80端口

5.3.7、浏览器访问

浏览器访问http://10.45.11.118:9000

Centos7.4-docker安装部署实战_第4张图片

5.4、Ssh公钥验证

基于dockerfile生成镜像

注意:需要联网

5.4.1、建立工作目录,创建公钥

root@SIMS_INIT[/root]#mkdir sshd

//创建公钥,一路回车,不要设置密码

root@SIMS_INIT[/root]#ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:CpnPyaIb/gKAkyZlIYU5XlfuNLU+n/BHUZW9dtnsy/U root@SIMS_INIT

The key's randomart image is:

+---[RSA 2048]----+

|.+o.  .. .     .=|

|+.o. .. . .   ...|

|o=. .  + .   . .+|

|*o   oo o     .++|

|+.  +  .S+   ....|

|.    = o  = o   o|

| .. . *    + .. +|

| ..o .      .  oE|

|  ++.            |

+----[SHA256]-----+

root@SIMS_INIT[/root]#

root@SIMS_INIT[/root]#cat .ssh/id_rsa.pub > sshd/authorized_keys

root@SIMS_INIT[/root]#cd sshd

5.4.2、创建并编写Dockerfile文件

root@SIMS_INIT[/root]#cd sshd

root@SIMS_INIT[/root/sshd]#vi Dockerfile

FROM centos1

MAINTAINER The Centos Project

RUN yum install -y openssh-server

RUN mkdir -p /var/run/sshd

RUN mkdir -p /root/.ssh

RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd

ADD authorized_keys /root/.ssh/authorized_keys

ADD run.sh /run.sh

RUN chmod 775 /run.sh

EXPOSE 22

CMD [ "/usr/sbin/init"]

CMD ["/run.sh"]

保存退出。

5.4.3、编写执行脚本

root@SIMS_INIT[/root/sshd]#vi run.sh

#/bin/bash

/usr/sbin/sshd –D

保存退出。

5.4.4、生成镜像

root@SIMS_INIT[/root/sshd]#docker build -t sshd:centos .

Sending build context to Docker daemon  4.096kB

Step 1/12 : FROM centos

 ---> 9f38484d220f

Step 2/12 : MAINTAINER The Centos Project

 ---> Using cache

 ---> 68194fe789de

Step 3/12 : RUN yum install -y openssh-server

 ---> Using cache

 ---> 250256bc44ad

Step 4/12 : RUN mkdir -p /var/run/sshd

 ---> Using cache

 ---> b5b0ac06e6e0

Step 5/12 : RUN mkdir -p /root/.ssh

 ---> Using cache

 ---> fee6d86c797d

Step 6/12 : RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd

 ---> Using cache

 ---> ff2f83ea02cc

Step 7/12 : ADD authorized_keys /root/.ssh/authorized_keys

 ---> 5dcb5d1d4b7b

Removing intermediate container ce70f50db8da

Step 8/12 : ADD run.sh /run.sh

 ---> be524e72310b

Removing intermediate container c1bf98289d3b

Step 9/12 : RUN chmod 775 /run.sh

 ---> Running in ff737d77122a

 ---> 226bb3ff1c09

Removing intermediate container ff737d77122a

Step 10/12 : EXPOSE 22

 ---> Running in 1bcaf8ba51b3

 ---> f1d438782e38

Removing intermediate container 1bcaf8ba51b3

Step 11/12 : CMD /usr/sbin/init

 ---> Running in 92260c1191e5

 ---> b6ffdfd93590

Removing intermediate container 92260c1191e5

Step 12/12 : CMD /run.sh

 ---> Running in 5c5794712f8a

 ---> 6c570b541644

Removing intermediate container 5c5794712f8a

Successfully built 6c570b541644

Successfully tagged sshd:centos

Centos7.4-docker安装部署实战_第5张图片

5.4.5、创建、启动容器

创建、启动容器,并且将ssh服务加入系统启动服务,该命令只适用于centos7以上版本

root@SIMS_INIT[/root/sshd]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED              SIZE

sshd                    centos              6c570b541644        About a minute ago   288MB

                                cd12b610cdea        17 minutes ago       472MB

httpd                   centos              fdad167d588f        About an hour ago    318MB

centos2                 latest              366e6c6b11aa        5 hours ago          547MB

centos1                 latest              618a28de7618        5 hours ago          472MB

centos                  latest              9f38484d220f        5 weeks ago          202MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago        547MB

root@SIMS_INIT[/root/sshd]#docker run --privileged -itd -p 2222:22 6c570b541644 /usr/sbin/init

605a995f0f61dc5ec086ee0b93ee83614862b225558e497a122b5b2d6ce5f009

root@SIMS_INIT[/root/sshd]#

root@SIMS_INIT[/root/sshd]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                      PORTS                     NAMES

605a995f0f61        6c570b541644            "/usr/sbin/init"         28 seconds ago      Up 28 seconds               0.0.0.0:2222->22/tcp      unruffled_lumiere

7661e9b17aeb        cd12b610cdea            "/bin/sh -c 'yum i..."   17 minutes ago      Exited (1) 16 minutes ago                             naughty_goldstine

236357d8eccf        cd12b610cdea            "/bin/sh -c 'yum i..."   18 minutes ago      Exited (1) 18 minutes ago                             vigilant_joliot

2ff6e3c166e9        httpd:centos            "/run.sh"                About an hour ago   Up About an hour            0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"              5 hours ago         Up 5 hours                  22/tcp, 80/tcp, 443/tcp   xenodochial_booth

5.4.6、进入新启动的容器

root@SIMS_INIT[/root/sshd]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                      PORTS                     NAMES

605a995f0f61        6c570b541644            "/usr/sbin/init"         2 minutes ago       Up 2 minutes                0.0.0.0:2222->22/tcp      unruffled_lumiere

7661e9b17aeb        cd12b610cdea            "/bin/sh -c 'yum i..."   19 minutes ago      Exited (1) 18 minutes ago                             naughty_goldstine

236357d8eccf        cd12b610cdea            "/bin/sh -c 'yum i..."   20 minutes ago      Exited (1) 20 minutes ago                             vigilant_joliot

2ff6e3c166e9        httpd:centos            "/run.sh"                About an hour ago   Up About an hour            0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"              5 hours ago         Up 5 hours                  22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/root/sshd]#docker exec -it 605a995f0f61 /bin/bash

[root@605a995f0f61 /]#

[root@605a995f0f61 /]# systemctl status sshd

● sshd.service - OpenSSH server daemon

   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)

   Active: active (running) since Mon 2019-04-22 07:58:45 UTC; 4min 48s ago

     Docs: man:sshd(8)

           man:sshd_config(5)

 Main PID: 1090 (sshd)

   CGroup: /docker/605a995f0f61dc5ec086ee0b93ee83614862b225558e497a122b5b2d6ce5f009/system.slice/sshd.service

           └─1090 /usr/sbin/sshd -D

           ‣ 1090 /usr/sbin/sshd -D

 

Apr 22 07:58:44 605a995f0f61 systemd[1]: Starting OpenSSH server daemon...

Apr 22 07:58:45 605a995f0f61 sshd[1090]: Server listening on 0.0.0.0 port 22.

Apr 22 07:58:45 605a995f0f61 sshd[1090]: Server listening on :: port 22.

Apr 22 07:58:45 605a995f0f61 systemd[1]: Started OpenSSH server daemon.

[root@605a995f0f61 /]#

注意:centos7以下不需要,只要使用以下命令:
docker run -itd -p 2222:22
6c570b541644 /bin/bash

5.4.7、安装initscripts

[root@605a995f0f61 /]# yum install initscripts –y

Installed:

  initscripts.x86_64 0:9.49.46-1.el7                                                                                                

 

Dependency Installed:

  iproute.x86_64 0:4.11.0-14.el7                   iptables.x86_64 0:1.4.21-28.el7      libmnl.x86_64 0:1.0.3-7.el7              

  libnetfilter_conntrack.x86_64 0:1.0.6-1.el7_3    libnfnetlink.x86_64 0:1.0.1-4.el7    sysvinit-tools.x86_64 0:2.88-14.dsf.el7  

 

Complete!

5.4.8、验证ssh

远程访问,不需要输入密码直接进入

root@SIMS_INIT[/root/sshd]#docker exec -it 605a995f0f61 /bin/bash

[root@605a995f0f61 /]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

34: eth0@if35: mtu 1500 qdisc noqueue state UP group default

    link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0

    inet 172.17.0.4/16 scope global eth0

       valid_lft forever preferred_lft forever

root@SIMS_INIT[/root]#ssh 172.17.0.4

The authenticity of host '172.17.0.4 (172.17.0.4)' can't be established.

ECDSA key fingerprint is SHA256:nKUhoyZ6prbwnLk9utBr8eklfBZHkYjBaVMeBOqYkWo.

ECDSA key fingerprint is MD5:b0:7c:a0:8f:47:7d:19:0d:67:e7:f3:39:37:0f:9b:29.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '172.17.0.4' (ECDSA) to the list of known hosts.

[root@605a995f0f61 ~]#

6、数据卷管理

6.1、数据卷

数据卷是一个供容器使用的特殊目录,位于容器中,可将宿主机的目录挂载到数据卷上,对数据卷的修改操作立刻可见,并且更新数据不会影响镜像,从而实现数据在宿主机与容器之间的迁移。类似于Linux下对目录进行的mount操作

6.1.1、创建数据卷

在docker run命令中使用-v选项可以在容器内创建数据卷;

多次使用-v选项可创建多个数据卷;

使用--name选项可以给容器创建一个友好的自定义名称。

root@SIMS_INIT[/root]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                      PORTS                     NAMES

605a995f0f61        6c570b541644            "/usr/sbin/init"         21 minutes ago      Up 21 minutes               0.0.0.0:2222->22/tcp      unruffled_lumiere

7661e9b17aeb        cd12b610cdea            "/bin/sh -c 'yum i..."   38 minutes ago      Exited (1) 37 minutes ago                             naughty_goldstine

236357d8eccf        cd12b610cdea            "/bin/sh -c 'yum i..."   40 minutes ago      Exited (1) 39 minutes ago                             vigilant_joliot

2ff6e3c166e9        httpd:centos            "/run.sh"                2 hours ago         Up 2 hours                  0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"              6 hours ago         Up 5 hours                  22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/root]#docker run -v /mnt:/mnt:ro -itd --name www centos1 /bin/bash

6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838

root@SIMS_INIT[/root]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                      PORTS                     NAMES

6f76166936e1        centos1                 "/bin/bash"              3 seconds ago       Up 2 seconds                                          www

605a995f0f61        6c570b541644            "/usr/sbin/init"         21 minutes ago      Up 21 minutes               0.0.0.0:2222->22/tcp      unruffled_lumiere

7661e9b17aeb        cd12b610cdea            "/bin/sh -c 'yum i..."   38 minutes ago      Exited (1) 38 minutes ago                             naughty_goldstine

236357d8eccf        cd12b610cdea            "/bin/sh -c 'yum i..."   40 minutes ago      Exited (1) 39 minutes ago                             vigilant_joliot

2ff6e3c166e9        httpd:centos            "/run.sh"                2 hours ago         Up 2 hours                  0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"              6 hours ago         Up 5 hours                  22/tcp, 80/tcp, 443/tcp   xenodochial_booth

6.1.2、进入容器查看挂载情况

root@SIMS_INIT[/root]#docker exec -it 6f76166936e1 /bin/bash

[root@6f76166936e1 /]# cd /mnt

[root@6f76166936e1 mnt]# ls

CentOS_BuildTag  EULA  images    LiveOS    repodata              RPM-GPG-KEY-CentOS-Testing-7

EFI              GPL   isolinux  Packages  RPM-GPG-KEY-CentOS-7  TRANS.TBL

[root@6f76166936e1 mnt]#

查看本地mnt目录:

root@SIMS_INIT[/root]#cd /mnt

root@SIMS_INIT[/mnt]#ls

CentOS_BuildTag  EULA  images    LiveOS    repodata              RPM-GPG-KEY-CentOS-Testing-7

EFI              GPL   isolinux  Packages  RPM-GPG-KEY-CentOS-7  TRANS.TBL

root@SIMS_INIT[/mnt]#

内容是一致的。

6.1.3、查看容器信息

root@SIMS_INIT[/mnt]#docker inspect 6f76166936e1

[

    {

        "Id": "6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838",

        "Created": "2019-04-22T08:20:32.042682785Z",

        "Path": "/bin/bash",

        "Args": [],

        "State": {

            "Status": "running",

            "Running": true,

            "Paused": false,

            "Restarting": false,

            "OOMKilled": false,

            "Dead": false,

            "Pid": 44718,

            "ExitCode": 0,

            "Error": "",

            "StartedAt": "2019-04-22T08:20:32.323635413Z",

            "FinishedAt": "0001-01-01T00:00:00Z"

        },

        "Image": "sha256:618a28de761879192f3afb24a6ce21eebe9954e91b65b684de75af1b784d7b83",

        "ResolvConfPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/resolv.conf",

        "HostnamePath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/hostname",

        "HostsPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/hosts",

        "LogPath": "/var/lib/docker/containers/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838/6f76166936e11462e383fe0a63cebc3350b9970c5183f05431d69165039f8838-json.log",

        "Name": "/www",

        "RestartCount": 0,

        "Driver": "overlay",

        "MountLabel": "",

        "ProcessLabel": "",

        "AppArmorProfile": "",

        "ExecIDs": null,

        "HostConfig": {

            "Binds": [

                "/mnt:/mnt:ro"

            ],

            "ContainerIDFile": "",

            "LogConfig": {

                "Type": "json-file",

                "Config": {}

            },

            "NetworkMode": "default",

            "PortBindings": {},

            "RestartPolicy": {

                "Name": "no",

                "MaximumRetryCount": 0

            },

            "AutoRemove": false,

            "VolumeDriver": "",

            "VolumesFrom": null,

            "CapAdd": null,

            "CapDrop": null,

            "Dns": [],

            "DnsOptions": [],

            "DnsSearch": [],

            "ExtraHosts": null,

            "GroupAdd": null,

            "IpcMode": "",

            "Cgroup": "",

            "Links": null,

            "OomScoreAdj": 0,

            "PidMode": "",

            "Privileged": false,

            "PublishAllPorts": false,

            "ReadonlyRootfs": false,

            "SecurityOpt": null,

            "UTSMode": "",

            "UsernsMode": "",

            "ShmSize": 67108864,

            "Runtime": "runc",

            "ConsoleSize": [

                0,

                0

            ],

            "Isolation": "",

            "CpuShares": 0,

            "Memory": 0,

            "NanoCpus": 0,

            "CgroupParent": "",

            "BlkioWeight": 0,

            "BlkioWeightDevice": null,

            "BlkioDeviceReadBps": null,

            "BlkioDeviceWriteBps": null,

            "BlkioDeviceReadIOps": null,

            "BlkioDeviceWriteIOps": null,

            "CpuPeriod": 0,

            "CpuQuota": 0,

            "CpuRealtimePeriod": 0,

            "CpuRealtimeRuntime": 0,

            "CpusetCpus": "",

            "CpusetMems": "",

            "Devices": [],

            "DeviceCgroupRules": null,

            "DiskQuota": 0,

            "KernelMemory": 0,

            "MemoryReservation": 0,

            "MemorySwap": 0,

            "MemorySwappiness": -1,

            "OomKillDisable": false,

            "PidsLimit": 0,

            "Ulimits": null,

            "CpuCount": 0,

            "CpuPercent": 0,

            "IOMaximumIOps": 0,

            "IOMaximumBandwidth": 0

        },

        "GraphDriver": {

            "Data": {

                "LowerDir": "/var/lib/docker/overlay/51024c6a8a57b1c186b70f4d86e3cc626cc7b82da1a590e20ee62f9640cb7bbb/root",

                "MergedDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/merged",

                "UpperDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/upper",

                "WorkDir": "/var/lib/docker/overlay/5c93ad70b110df189026937060a86837db8913ed9733278f02eb2f56d8a90a12/work"

            },

            "Name": "overlay"

        },

        "Mounts": [

            {

                "Type": "bind",

                "Source": "/mnt",

                "Destination": "/mnt",

                "Mode": "ro",

                "RW": false,

                "Propagation": ""

            }

        ],

        "Config": {

            "Hostname": "6f76166936e1",

            "Domainname": "",

            "User": "",

            "AttachStdin": false,

            "AttachStdout": false,

            "AttachStderr": false,

            "Tty": true,

            "OpenStdin": true,

            "StdinOnce": false,

            "Env": null,

            "Cmd": [

                "/bin/bash"

            ],

            "Image": "centos1",

            "Volumes": null,

            "WorkingDir": "",

            "Entrypoint": null,

            "OnBuild": null,

            "Labels": {}

        },

        "NetworkSettings": {

            "Bridge": "",

            "SandboxID": "ead221db1c4249f6e1b5fa0b214cdcabfb087aa4b10b4083677d145137ceeb3a",

            "HairpinMode": false,

            "LinkLocalIPv6Address": "",

            "LinkLocalIPv6PrefixLen": 0,

            "Ports": {},

            "SandboxKey": "/var/run/docker/netns/ead221db1c42",

            "SecondaryIPAddresses": null,

            "SecondaryIPv6Addresses": null,

            "EndpointID": "6af782fd8eb0fd50a09b55f62e7ba85f61bd25a4ff22795c64a9965b2ebb6f54",

            "Gateway": "172.17.0.1",

            "GlobalIPv6Address": "",

            "GlobalIPv6PrefixLen": 0,

            "IPAddress": "172.17.0.5",

            "IPPrefixLen": 16,

            "IPv6Gateway": "",

            "MacAddress": "02:42:ac:11:00:05",

            "Networks": {

                "bridge": {

                    "IPAMConfig": null,

                    "Links": null,

                    "Aliases": null,

                    "NetworkID": "9e5c288c366026951c2f9504cc20a2dd0270e6021634e9a782caaf633399853e",

                    "EndpointID": "6af782fd8eb0fd50a09b55f62e7ba85f61bd25a4ff22795c64a9965b2ebb6f54",

                    "Gateway": "172.17.0.1",

                    "IPAddress": "172.17.0.5",

                    "IPPrefixLen": 16,

                    "IPv6Gateway": "",

                    "GlobalIPv6Address": "",

                    "GlobalIPv6PrefixLen": 0,

                    "MacAddress": "02:42:ac:11:00:05"

                }

            }

        }

    }

]

6.2、数据卷容器

用于不同的容器之间共享数据

6.2.1、创建数据卷容器

root@SIMS_INIT[/mnt]#docker run -itd -v /datevo --name dbdata centos2 /bin/bash

271b7219b08e8d43543da70c63de822640d91d9135b12d677270e83256a75759

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                         PORTS                     NAMES

271b7219b08e        centos2                 "/bin/bash"              10 seconds ago      Up 9 seconds                   22/tcp, 80/tcp, 443/tcp   dbdata

6f76166936e1        centos1                 "/bin/bash"              7 minutes ago       Up 7 minutes                                             www

605a995f0f61        6c570b541644            "/usr/sbin/init"         29 minutes ago      Up 29 minutes                  0.0.0.0:2222->22/tcp      unruffled_lumiere

7661e9b17aeb        cd12b610cdea            "/bin/sh -c 'yum i..."   45 minutes ago      Exited (1) 45 minutes ago                                naughty_goldstine

236357d8eccf        cd12b610cdea            "/bin/sh -c 'yum i..."   About an hour ago   Exited (1) About an hour ago                             vigilant_joliot

2ff6e3c166e9        httpd:centos            "/run.sh"                2 hours ago         Up 2 hours                     0.0.0.0:9000->80/tcp      sleepy_leavitt

0b42207f4d4c        nickistre/centos-lamp   "/bin/bash"              6 hours ago         Up 5 hours                     22/tcp, 80/tcp, 443/tcp   xenodochial_booth

root@SIMS_INIT[/mnt]#

6.2.2、查看卷容器

root@SIMS_INIT[/mnt]#docker exec -it 271b7219b08e /bin/bash

[root@271b7219b08e /]# ls

bin  boot  datevo  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  sbin  selinux  srv  sys  tmp  usr  var

[root@271b7219b08e /]#

6.2.3、挂载该卷到新容器

使用—volumes-from来挂载一个容器中的数据卷到一个新的容器

root@SIMS_INIT[/mnt]#docker run -it --volumes-from dbdata --name db1 centos2 /bin/bash

[root@930a3860d67c /]#

root@SIMS_INIT[/root/sshd]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                         PORTS                     NAMES

930a3860d67c        centos2                 "/bin/bash"              25 seconds ago      Up 25 seconds                  22/tcp, 80/tcp, 443/tcp   db1

271b7219b08e        centos2                 "/bin/bash"              5 minutes ago       Up 5 minutes                   22/tcp, 80/tcp, 443/tcp   dbdata

6.2.4、验证挂载

确保上述两个容器均已运行。

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                         PORTS                     NAMES

930a3860d67c        centos2                 "/bin/bash"              3 minutes ago       Exited (0) 3 seconds ago                                 db1

271b7219b08e        centos2                 "/bin/bash"              8 minutes ago       Up 8 minutes                   22/tcp, 80/tcp, 443/tcp   dbdata

任意进入一个容器:

root@SIMS_INIT[/mnt]#docker exec -it 930a3860d67c /bin/bash

[root@930a3860d67c /]# ls

bin  boot  datevo  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  sbin  selinux  srv  sys  tmp  usr  var

[root@930a3860d67c /]# cd datevo

[root@930a3860d67c datevo]# ls

[root@930a3860d67c datevo]# touch aaa.txt

[root@930a3860d67c datevo]# ls

aaa.txt

[root@930a3860d67c datevo]# exit

exit

root@SIMS_INIT[/mnt]#docker exec -it 271b7219b08e /bin/bash

[root@271b7219b08e /]# ls

bin  boot  datevo  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  sbin  selinux  srv  sys  tmp  usr  var

[root@271b7219b08e /]# cd datevo

[root@271b7219b08e datevo]# ls

aaa.txt

[root@271b7219b08e datevo]#

7网络通信

7.1、端口映射

选项:
-P:随机映射
-p:指定要映射的端口

7.1.1、指定端口映射

root@SIMS_INIT[/mnt]#docker run -d -p 9100:80 httpd:centos

110eb3d8bffea342ccbfba8a6f83317175540c4a58ea556cbc645e18a0cddf30

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED             STATUS                         PORTS                     NAMES

110eb3d8bffe        httpd:centos            "/run.sh"                2 seconds ago       Up 2 seconds                   0.0.0.0:9100->80/tcp      thirsty_bohr

Centos7.4-docker安装部署实战_第6张图片

7.1.2、随机端口映射

root@SIMS_INIT[/mnt]#docker run -d -P httpd:centos

33626307d1632a43401931f069b5a26488ebb7602e25be2908294a65a4eed32f

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                   COMMAND                  CREATED              STATUS                         PORTS                     NAMES

33626307d163        httpd:centos            "/run.sh"                3 seconds ago        Up 2 seconds                   0.0.0.0:9001->80/tcp      sharp_sinoussi

7.2、容器间通信

7.2.1、创建源容器

创建并运行容器取名web1,端口号自动映射

root@SIMS_INIT[/mnt]#docker run -itd -P --name web1 nickistre/centos-lamp:latest /bin/bash

56854d42962f1c70f308e986b8223b68da026dc2223cb61bdd8c7df855939d6d

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                          COMMAND             CREATED             STATUS              PORTS                                                               NAMES

56854d42962f        nickistre/centos-lamp:latest   "/bin/bash"         2 seconds ago       Up 1 second         0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp   web1

7.2.2、创建接收容器

创建并运行容器取名web2,链接到web1和其通信

root@SIMS_INIT[/mnt]#docker run -itd -P --name web2 --link web1:web1 nickistre/centos-lamp:latest

7fb25b8e191ee04c0acb78bb30ad3b650a126a7ec3f8196bf6c441598fa8ad40

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                          COMMAND             CREATED              STATUS              PORTS                                                               NAMES

7fb25b8e191e        nickistre/centos-lamp:latest   "supervisord -n"    2 seconds ago        Up 1 second         0.0.0.0:9007->22/tcp, 0.0.0.0:9006->80/tcp, 0.0.0.0:9005->443/tcp   web2

56854d42962f        nickistre/centos-lamp:latest   "/bin/bash"         About a minute ago   Up About a minute   0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp   web1

7.2.3测试容器互联通信

root@SIMS_INIT[/mnt]#docker ps -a

CONTAINER ID        IMAGE                          COMMAND             CREATED              STATUS              PORTS                                                               NAMES

7fb25b8e191e        nickistre/centos-lamp:latest   "supervisord -n"    2 seconds ago        Up 1 second         0.0.0.0:9007->22/tcp, 0.0.0.0:9006->80/tcp, 0.0.0.0:9005->443/tcp   web2

56854d42962f        nickistre/centos-lamp:latest   "/bin/bash"         About a minute ago   Up About a minute   0.0.0.0:9004->22/tcp, 0.0.0.0:9003->80/tcp, 0.0.0.0:9002->443/tcp   web1

0b42207f4d4c        nickistre/centos-lamp          "/bin/bash"         6 hours ago          Up 6 hours          22/tcp, 80/tcp, 443/tcp                                             xenodochial_booth

root@SIMS_INIT[/mnt]#docker exec -it 7fb25b8e191e /bin/bash

[root@7fb25b8e191e /]

[root@7fb25b8e191e /]# ping web1

PING web1 (172.17.0.4) 56(84) bytes of data.

64 bytes from web1 (172.17.0.4): icmp_seq=1 ttl=64 time=0.162 ms

64 bytes from web1 (172.17.0.4): icmp_seq=2 ttl=64 time=0.101 ms

64 bytes from web1 (172.17.0.4): icmp_seq=3 ttl=64 time=0.083 ms

^C

--- web1 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2096ms

rtt min/avg/max/mdev = 0.083/0.115/0.162/0.034 ms

root@SIMS_INIT[/root]#docker exec -it 0b42207f4d4c /bin/bash

[root@0b42207f4d4c /]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

10: eth0@if11: mtu 1500 qdisc noqueue state UP

    link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff

    inet 172.17.0.2/16 scope global eth0

       valid_lft forever preferred_lft forever

[root@7fb25b8e191e /]# ping 172.17.0.2

PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.

64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.276 ms

64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.443 ms

64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.148 ms

^C

--- 172.17.0.2 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2978ms

rtt min/avg/max/mdev = 0.148/0.289/0.443/0.120 ms

8构建nginx镜像

8.1创建工作目录

root@SIMS_INIT[/root]# mkdir nginx

root@SIMS_INIT[/root]#cd nginx

8.2、创建并编写dockerfile文件

root@SIMS_INIT[/root/nginx]#vi Dockerfile

FROM centos

MAINTAINER The Centos Project

RUN yum install -y epel-release

RUN yum install -y nginx

#ADD nginx.conf /etc/nginx/nginx.conf

#RUN echo "test page" >> /etc/nginx/nginx.conf

ADD run.sh /run.sh

RUN chmod 775 /run.sh

EXPOSE 80

保存退出。

8.3、创建并编写启动脚本

root@SIMS_INIT[/root/nginx]#vi run.sh

#!/bin/bash

/usr/sbin/nginx

保存退出。

8.4、Dockerfile生成镜像

root@SIMS_INIT[/root/nginx]#docker build -t nginx:centos .

Step 8/8 : CMD /run.sh

 ---> Running in 0fed87d3c716

 ---> 3d1ac1ac860e

Removing intermediate container 0fed87d3c716

Successfully built 3d1ac1ac860e

Successfully tagged nginx:centos

查看生成的镜像:

root@SIMS_INIT[/root/nginx]#docker images

REPOSITORY              TAG                 IMAGE ID            CREATED              SIZE

nginx                   centos              3d1ac1ac860e        About a minute ago   406MB

sshd                    centos              6c570b541644        2 hours ago          288MB

                                cd12b610cdea        2 hours ago          472MB

httpd                   centos              fdad167d588f        3 hours ago          318MB

centos2                 latest              366e6c6b11aa        6 hours ago          547MB

centos1                 latest              618a28de7618        6 hours ago          472MB

centos                  latest              9f38484d220f        5 weeks ago          202MB

nickistre/centos-lamp   latest              0b8d572d1c7d        12 months ago        547MB

8.5、创建、启动容器

创建、启动容器,映射到本机80端口,并且将nginx加入系统启动服务,该命令只适用于centos7以上版本

root@SIMS_INIT[/root/nginx]#docker run --privileged -itd -p 80:80 3d1ac1ac860e /usr/sbin/init

4299f767182f1d7e03c166436e1a1f729925d5502db62a8a19b386f149637999

root@SIMS_INIT[/root/nginx]#docker ps -a

CONTAINER ID        IMAGE                          COMMAND             CREATED             STATUS              PORTS                                                               NAMES

4299f767182f        3d1ac1ac860e                   "/usr/sbin/init"    7 seconds ago       Up 6 seconds        0.0.0.0:80->80/tcp                                                  dreamy_austin

8.6、登陆容器

root@SIMS_INIT[/root/nginx]#docker exec -it 4299f767182f /bin/bash

[root@4299f767182f /]# nginx

[root@4299f767182f html]# yum -y install net-tools

[root@4299f767182f html]# netstat -ntlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4229/nginx: master 

tcp6       0      0 :::80                   :::*                    LISTEN      4229/nginx: master 

[root@4299f767182f html]#

8.7、浏览器访问

浏览器访问http://10.45.11.118:80

Centos7.4-docker安装部署实战_第7张图片

你可能感兴趣的:(docker)