centos7安装docker和应用
centos7 docker安装
- 卸载旧版本
- 安装docker
- 启动docker
- 配置阿里云镜像加速
- 运行hello-world
- 查看版本
-
- 显示本地镜像
- 删除本地镜像
- 拉取镜像
- 新建并启动容器
-
- 添加容器卷
- 查看镜像和容器
- 退出容器
- 回到正在运行的容器
- 关闭容器
- 启动容器
- 删除容器
- 查看容器日志
- 查看docker容器的日志
- 查看容器里面的进程
- 查看容器内部的细节
- 从容器cp文件到主机上
- 小总结
-
- 常用命令
- 1、Docker更新发布Nginx配置&发布代码
-
- 启动多台容器
- 查询容器ip
- sanjianke修改nginx目录和显示内容
- 三剑客命令过滤配置文件的#和空行
-
- awk命令
- sed命令
- grep命令
- 2、Docker实战Tomcat WEB容器&多实例
-
- tomcat8
-
- 查询镜像
-
- 查询目录
- docker查询
- 过滤查询
- 运行tomcat容器
- nginx和tomcat负载均衡
- 动静分离
- 3 基于Docker WEB管理Docker容器
- 安装web管理容器
- 用web管理创建容器
- 访问用web管理创建的容器
- 创建centos7云主机
- commit自定义镜像
-
- 用新镜像启动云主机
- 启动10台云主机
- LNMP
-
- php
卸载旧版本
较旧的Docker版本称为docker或docker-engine。如果已安装这些程序,请卸载它们以及相关的依赖项。
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
安装docker
设置存储库
安装yum-utils软件包(提供yum-config-manager 实用程序)并设置稳定的存储库。
[root@zheng yum.repos.d]# yum install -y yum-utils
[root@zheng ~]# yum-config-manager \
> --add-repo \
> https://download.docker.com/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
要先安装依赖,不然安装docker引擎的时候会报错
[root@zheng yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@zheng yum.repos.d]# yum install epel-release -y
[root@zheng yum.repos.d]# yum install container-selinux -y
安装docker引擎有两种方式
1、安装最新版本的Docker Engine和容器
2、在存储库列出可用版本,然后选择版本安装
1、安装最新版本的Docker Engine和容器
yum install docker-ce docker-ce-cli containerd.io -y
如果提示您接受GPG密钥,请验证指纹是否匹配 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35,如果是,则接受它。
2、要安装特定版本的Docker Engine,请在存储库中列出可用版本,然后选择并安装
列出并排序您存储库中可用的版本。此示例按版本号(从高到低)对结果进行排序。
[root@zheng yum.repos.d]# yum list docker-ce --showduplicates | sort -r
Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror
docker-ce.x86_64 3:19.03.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.4-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.3-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.12-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.11-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.10-3.el7 docker-ce-stable
docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.4-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable
docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable
docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable
Available Packages
该软件包名称是软件包名称(docker-ce)加上版本字符串(第二列),从第一个冒号(:)一直到第一个连字符,并用连字符(-)分隔。例如,docker-ce-18.09.1。
$ sudo yum install docker-ce-docker-ce-cli- containerd.io
[root@zheng]# yum install docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io -y
启动docker
[root@zheng yum.repos.d]# systemctl start docker
配置阿里云镜像加速
https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
进入阿里云的官网,可以复用淘宝的账号登录,然后找到容器镜像服务,每个人的加速器地址都不一样,配置完重启一下docker,如果不配置镜像加速的话,只能去国外的网站拉去镜像,会非常慢
[root@zheng ~]# vi /etc/docker/daemon.json
{
"registry-mirrors": ["https://hi7fg5eg.mirror.aliyuncs.com"]
}
"/etc/docker/daemon.json" [New] 3L, 67C written
[root@zheng ~]# systemctl daemon-reload
[root@zheng ~]# systemctl restart docker
运行hello-world
配置完镜像加速以后,运行hello-world测试一下
[root@zheng ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally **/ 这行是在本地无法找到hello-world镜像**
latest: Pulling from library/hello-world **/ 去下载hello-world镜像并运行**
0e03bdcc26d7: Pull complete **/ 拉取完成**
Digest: sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
**/ 这段表明已经安装成功**
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
**/ 这个是一个测试用的小脚本,输出这个以后,hello-world停止运行,容器自动退出**
查看版本
查询docker的版本
[root@zheng ~]# docker version
Client: Docker Engine - Community
Version: 19.03.9
API version: 1.40
Go version: go1.13.10
Git commit: 9d988398e7
Built: Fri May 15 00:25:27 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.9
API version: 1.40 (minimum version 1.12)
Go version: go1.13.10
Git commit: 9d988398e7
Built: Fri May 15 00:24:05 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
显示本地镜像
latest是最新版本的意思
docker images -q #只显示镜像id image ID
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest bf756fb1ae65 6 months ago 13.3kB
[root@zheng ~]# docker images -q
bf756fb1ae65
删除本地镜像
删除hello-world镜像 ,删除多个的话每个镜像ID中间加空格
删除全部本地镜像 docker rmi -f $(docker images -qa)
[root@zheng ~]# docker rmi -f bf756fb1ae65
Untagged: hello-world:latest
Untagged: hello-world@sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9
Deleted: sha256:bf756fb1ae65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b
拉取镜像
从docker hub拉取需要的镜像,这里拉取centos、Nginx、Tomcat镜像
先查询镜像 docker search
**# OFFICIAL 显示ok 就是官方的镜像 AUTOMATED 显示ok就是私人的 stars 就是类似于点赞数**
[root@zheng ~]# docker search tomcat # 查询tomcat所有镜像
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
tomcat Apache Tomcat is an open source implementati… 2770 [OK]
tomee Apache TomEE is an all-Apache Java EE certif… 79 [OK]
dordoka/tomcat Ubuntu 14.04, Oracle JDK 8 and Tomcat 8 base… 54 [OK]
bitnami/tomcat Bitnami Tomcat Docker Image 35 [OK]
kubeguide/tomcat-app Tomcat image for Chapter 1 28
consol/tomcat-7.0 Tomcat 7.0.57, 8080, "admin/admin" 17 [OK]
cloudesire/tomcat Tomcat server, 6/7/8 15 [OK]
aallam/tomcat-mysql Debian, Oracle JDK, Tomcat & MySQL 13 [OK]
arm32v7/tomcat Apache Tomcat is an open source implementati… 10
rightctrl/tomcat CentOS , Oracle Java, tomcat application ssl… 6 [OK]
maluuba/tomcat7-java8 Tomcat7 with java8. 5
unidata/tomcat-docker Security-hardened Tomcat Docker container. 4 [OK]
amd64/tomcat Apache Tomcat is an open source implementati… 2
jelastic/tomcat An image of the Tomcat Java application serv… 2
arm64v8/tomcat Apache Tomcat is an open source implementati… 2
fabric8/tomcat-8 Fabric8 Tomcat 8 Image 2 [OK]
camptocamp/tomcat-logback Docker image for tomcat with logback integra… 1 [OK]
99taxis/tomcat7 Tomcat7 1 [OK]
ppc64le/tomcat Apache Tomcat is an open source implementati… 1
oobsri/tomcat8 Testing CI Jobs with different names. 1
i386/tomcat Apache Tomcat is an open source implementati… 1
picoded/tomcat7 tomcat7 with jre8 and MANAGER_USER / MANAGER… 0 [OK]
s390x/tomcat Apache Tomcat is an open source implementati… 0
cfje/tomcat-resource Tomcat Concourse Resource 0
secoresearch/tomcat-varnish Tomcat and Varnish 5.0 0 [OK]
**# 添加 -s 50 显示stars大于50的 筛选用**
[root@zheng ~]# docker search -s 50 tomcat
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
tomcat Apache Tomcat is an open source implementati… 2770 [OK]
tomee Apache TomEE is an all-Apache Java EE certif… 79 [OK]
dordoka/tomcat Ubuntu 14.04, Oracle JDK 8 and Tomcat 8 base… 54 [OK]
然后从docker hub仓库拉取镜像
进入https://hub.docker.com 可以查询想要的镜像
这里搜索Tomcat 可以看到有很多的版本
docker pull tomcat 可以直接拉取镜像,但是默认拉取的是最新版本的,也就是latest版本
如果要拉取想要的版本需要咋后面接着输入 :(版本号)
[root@zheng ~]# docker pull tomcat:10.0 / 拉取一下10.0版本的tomcat
10.0: Pulling from library/tomcat
e9afc4f90ab0: Pull complete
989e6b19a265: Pull complete
af14b6c2f878: Pull complete
5573c4b30949: Pull complete
fb1a405f128d: Pull complete
612a9f566fdc: Pull complete
cf63ebed1142: Pull complete
fbb20561cd50: Pull complete
2a0672e369eb: Pull complete
2a36b86a9d67: Pull complete
Digest: sha256:164e16cb29833134ab657ac87733bb716dc6c2cc8c162cd2b247cd631a97769b
Status: Downloaded newer image for tomcat:10.0
docker.io/library/tomcat:10.0
# TAG显示的就是版本号,Tomcat是10.0版本的,hello-world是latest,最新版本的
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat 10.0 0d691b180bd5 3 weeks ago 647MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
tomcat 拉取完了,接下来拉取centos和Nginx的镜像
下载第一个
[root@zheng ~]# docker search -s 50 nginx
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 13418 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1830 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 780 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS… 118
bitnami/nginx Bitnami nginx Docker Image 86 [OK]
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 81 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 70 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 68
nginxdemos/hello NGINX webserver that serves a simple page co… 55 [OK]
# 拉取Nginx
[root@zheng ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
8559a31e96f4: Pull complete
8d69e59170f7: Pull complete
3f9f1ec1d262: Pull complete
d1f5ff4f210d: Pull complete
1e22bfa8652e: Pull complete
Digest: sha256:21f32f6c08406306d822a0e6e8b7dc81f53f336570e852e25fbe1e3e3d0d0133
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
# 查询centos7的镜像,选择130的那个,直接复制镜像名称就好了
[root@zheng ~]# docker search centos7
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ansible/centos7-ansible Ansible on Centos7 130 [OK]
paigeeworld/centos7 Centos7 with apache, iperf3, nmap, ssh 5
flyceek/centos7-jdk centos7-jdk 5 [OK]
# 拉取centos7镜像
[root@zheng ~]# docker pull ansible/centos7-ansible
Using default tag: latest
latest: Pulling from ansible/centos7-ansible
45a2e645736c: Pull complete
1c3acf573616: Pull complete
edcb61e55ccc: Pull complete
cbae31bad30a: Pull complete
aacbdb1e2a62: Pull complete
fdeea4fb835c: Pull complete
Digest: sha256:39eff7d56b96530d014083cd343f7314c23acbd1ecf37eb75a71a2f6584d0b02
Status: Downloaded newer image for ansible/centos7-ansible:latest
docker.io/ansible/centos7-ansible:latest
# 查询本地镜像
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat 10.0 0d691b180bd5 3 weeks ago 647MB
nginx latest 2622e6cca7eb 3 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
新建并启动容器
用centos7的镜像启动一个容器实例
OPTIONS --选项 IMAGE --镜像ID COMMAND --命令 ARG --参数
-i 以交互的模式运行容器,通常与-t一起使用
-t 为容器重新分配一个伪输入终端,就是tty,通常与-i一起使用
–volume , -v: 绑定一个卷
[root@zheng ~]# docker run -it --name centos7 688353a31fde
[root@e49fe8572bd3 ansible]# 输入启动容器命令以后终端就变成了docker容器的终端
添加容器卷
Docker容器数据卷-Volume详解
Docker中的数据可以存储在类似于虚拟机磁盘的介质中,在Docker中称为数据卷(Data Volume)。数据卷可以用来存储Docker应用的数据,也可以用来在Docker容器间进行数据共享。数据卷呈现给Docker容器的形式就是一个目录,支持多个容器间共享,修改也不会影响镜像。使用Docker的数据卷,类似在系统中使用 mount 挂载一个文件系统。操作Docker数据卷,需要理解以下几点:
============================================================================
1)一个数据卷是一个特别指定的目录,该目录利用容器的UFS文件系统可以为容器提供一些稳定的特性或者数据共享。数据卷可以在多个容器之间共享。
============================================================================
2)创建数据卷,只要在docker run命令后面跟上-v参数即可创建一个数据卷,当然也可以跟多个-v参数来创建多个数据卷,当创建好带有数据卷的容器后,就可以在其他容器中通过–volumes-froms参数来挂载该数据卷了,而不管该容器是否运行。也可以在Dockerfile中通过VOLUME指令来增加一个或者多个数据卷。
============================================================================
3)如果有一些数据想在多个容器间共享,或者想在一些临时性的容器中使用该数据,那么最好的方案就是你创建一个数据卷容器,然后从该临时性的容器中挂载该数据卷容器的数据。这样,即使删除了刚开始的第一个数据卷容器或者中间层的数据卷容器,只要有其他容器使用数据卷,数据卷都不会被删除的。
============================================================================
4)不能使用docker export、save、cp等命令来备份数据卷的内容,因为数据卷是存在于镜像之外的。备份方法: 创建一个新容器,挂载数据卷容器,同时挂载一个本地目录,然后把远程数据卷容器的数据卷通过备份命令备份到映射的本地目录里面。如下:
docker run --rm --volumes-from DATA -v $(pwd):/backup busybox tar cvf /backup/backup.tar /data
============================================================================
5)可以把一个本地主机的目录当做数据卷挂载在容器上,同样是在docker run后面跟-v参数,不过-v后面跟的不再是单独的目录了,它是[host-dir]:[container-dir]:[rw|ro]这样格式的,其中host-dir是一个绝对路径的地址,如果host-dir不存在,则docker会创建一个新的数据卷,如果host-dir存在,但是指向的是一个不存在的目录,则docker也会创建该目录,然后使用该目录做数据源。
Docker Volume数据卷可以实现:
-> 绕过“拷贝写”系统,以达到本地磁盘IO的性能,(比如运行一个容器,在容器中对数据卷修改内容,会直接改变宿主机上的数据卷中的内容,所以是本地磁盘IO的性能,而不是先在容器中写一份,最后还要将容器中的修改的内容拷贝出来进行同步。)
-> 绕过“拷贝写”系统,有些文件不需要在docker commit打包进镜像文件。
-> 数据卷可以在容器间共享和重用数据
-> 数据卷可以在宿主和容器间共享数据
-> 数据卷数据改变是直接修改的
-> 数据卷是持续性的,直到没有容器使用它们。即便是初始的数据卷容器或中间层的数据卷容器删除了,只要还有其他的容器使用数据卷,那么里面的数据都不会丢失。Docker数据持久化:
容器在运行期间产生的数据是不会写在镜像里面的,重新用此镜像启动新的容器就会初始化镜像,会加一个全新的读写入层来保存数据。如果想做到数据持久化,Docker提供数据卷(Data
volume)或者数据容器卷来解决问题,另外还可以通过commit提交一个新的镜像来保存产生的数据。
-v 后面接的宿主机目录和container容器目录可以直接用这个命令新建
容器退出以后也可以共享
从宿主机忘目录存放数据
开启容器就可以看到数据是同步的了
[root@zheng ~]# docker run -it -v /myDataVolume:/dataVolumeContainer centos7-cloud
[root@b16cb4b53012 ~]# cd /
[root@b16cb4b53012 /]# ll
total 16
-rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log
lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin
drwxr-xr-x. 2 root root 6 Jul 15 10:23 dataVolumeContainer ##容器内的数据卷
drwxr-xr-x. 5 root root 360 Jul 15 10:23 dev
drwxr-xr-x. 1 root root 66 Jul 15 10:23 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 home
lrwxrwxrwx. 1 root root 7 Dec 14 2016 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Dec 14 2016 lib64 -> usr/lib64
drwx------. 2 root root 6 Dec 14 2016 lost+found
drwxr-xr-x. 2 root root 6 Nov 5 2016 media
drwxr-xr-x. 2 root root 6 Nov 5 2016 mnt
drwxr-xr-x. 1 root root 21 Dec 19 2016 opt
dr-xr-xr-x. 153 root root 0 Jul 15 10:23 proc
dr-xr-x---. 1 root root 27 Jul 14 07:14 root
drwxr-xr-x. 1 root root 34 Jul 14 07:49 run
lrwxrwxrwx. 1 root root 8 Dec 14 2016 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 5 2016 srv
dr-xr-xr-x. 13 root root 0 Jul 1 12:15 sys
drwxrwxrwt. 7 root root 132 Dec 14 2016 tmp
drwxr-xr-x. 1 root root 81 Dec 14 2016 usr
drwxr-xr-x. 1 root root 54 Dec 14 2016 var
[root@zheng ~]# cd /
[root@zheng /]# ll
total 24
lrwxrwxrwx. 1 root root 7 Jun 29 12:48 bin -> usr/bin
dr-xr-xr-x. 4 root root 4096 Jun 29 12:55 boot
drwxr-xr-x. 20 root root 3220 Jul 1 08:15 dev
drwxr-xr-x. 81 root root 8192 Jul 15 06:14 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 home
lrwxrwxrwx. 1 root root 7 Jun 29 12:48 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Jun 29 12:48 lib64 -> usr/lib64
drwxr-xr-x. 2 root root 6 Nov 5 2016 media
drwxr-xr-x. 3 root root 19 Jun 29 12:58 mnt
drwxr-xr-x. 2 root root 6 Jul 15 06:23 myDataVolume ##宿主机的数据卷
drwxr-xr-x. 4 root root 46 Jul 10 10:02 opt
dr-xr-xr-x. 154 root root 0 Jul 1 08:15 proc
dr-xr-x---. 4 root root 4096 Jul 14 07:55 root
drwxr-xr-x. 25 root root 760 Jul 13 02:07 run
lrwxrwxrwx. 1 root root 8 Jun 29 12:48 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 5 2016 srv
dr-xr-xr-x. 13 root root 0 Jul 1 08:15 sys
drwxrwxrwt. 8 root root 4096 Jul 15 06:23 tmp
drwxr-xr-x. 13 root root 155 Jun 29 12:48 usr
drwxr-xr-x. 20 root root 278 Jul 10 10:01 var
查询一下
[root@zheng /]# docker inspect b16cb4b53012
前面是宿主机目录
后面是容器目录
rw(读写权限是true)
测试一下
现在宿主机创建一个txt文件
去容器查看一下看看是否可以修改
也可以添加权限让他只读
设置完只读以后只可以在宿主机上读写,容器内只能查看不能修改
[root@zheng myDataVolume]# docker run -it -v /myDataVolume:/dataVolumeContainer:ro centos7-cloud
[root@zheng /]# cd myDataVolume/
[root@zheng myDataVolume]# echo "zzzzzzzzzzzzzzz" >1.txt
[root@b16cb4b53012 /]# cd dataVolumeContainer/
[root@b16cb4b53012 dataVolumeContainer]# ll
total 4
-rw-r--r--. 1 root root 16 Jul 15 10:58 1.txt
[root@b16cb4b53012 dataVolumeContainer]# cat 1.txt
zzzzzzzzzzzzzzz
[root@b16cb4b53012 dataVolumeContainer]# vi 1.txt
[root@b16cb4b53012 dataVolumeContainer]# cat 1.txt
dsad zzzzzzzzzzzzzzz
查看镜像和容器
查看docker的本地镜像
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat 10.0 0d691b180bd5 3 weeks ago 647MB
nginx latest 2622e6cca7eb 3 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
> Options:
-a, --all Show all images (default hides intermediate images)
--digests Show digests
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print images using a Go template
--no-trunc Don't truncate output
-q, --quiet Only show numeric IDs
查看容器
[root@zheng ~]# docker ps -a # 显示所有的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" About an hour ago Up 11 minutes centos7-2
60ec67bc76c9 688353a31fde "/bin/bash" 5 hours ago Exited (137) 34 minutes ago centos-1
91504e77188f 688353a31fde "/bin/bash" 8 hours ago Up 9 minutes centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 9 minutes ago pedantic_tereshkova
[root@zheng ~]# docker ps -l # 显示最近创建的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
30a8a5c2c058 688353a31fde "/bin/bash" 24 seconds ago Up 23 seconds centos7-test
[root@zheng ~]# docker ps -n 2 # 显示最近创建的n个容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
30a8a5c2c058 688353a31fde "/bin/bash" 38 seconds ago Up 37 seconds centos7-test
e8300e9d697c 688353a31fde "/bin/bash" About a minute ago Exited (0) 51 seconds ago centos7
[root@zheng ~]# docker ps -qn 2 # 显示最近创建n个容器的容器ID
30a8a5c2c058
e8300e9d697c
> Options:
-a, --all Show all containers (default shows just running)
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print containers using a Go template
-n, --last int Show n last created containers (includes all states) (default -1)
-l, --latest Show the latest created container (includes all states)
--no-trunc Don't truncate output
-q, --quiet Only display numeric IDs
-s, --size Display total file sizes
退出容器
[root@e49fe8572bd3 ansible]# [root@zheng ~]# ctrl +p+q 容器不停止退出
[root@e49fe8572bd3 ansible]# exit
exit 容器停止再退出
回到正在运行的容器
不创建新的进程
回到关闭伪终端却没有关闭的容器
docker attch 容器id
[root@zheng ~]# docker attach e49fe8572bd3
创建新的进程
进入到容器内部并将 命令/脚本 执行的结果返回到宿主机
docker exec -it 容器ID bashShell(命令)
[root@zheng ~]# docker exec -it 60ec67bc76c9 ls -al /
total 16
drwxr-xr-x. 1 root root 6 Jul 6 07:23 .
drwxr-xr-x. 1 root root 6 Jul 6 07:23 ..
-rwxr-xr-x. 1 root root 0 Jul 6 07:23 .dockerenv
-rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log
lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin
.
.
.
.
也可以用exec这个命令进去输入
[root@zheng ~]# docker exec -it 2fcb2b9cb610 /bin/bash
[root@2fcb2b9cb610 ansible]# ls -l /
total 16
-rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log
lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Jul 7 07:09 dev
drwxr-xr-x. 1 root root 66 Jul 7 03:05 etc
drwxr-xr-x. 2 root root 6 Nov 5 2016 home
lrwxrwxrwx. 1 root root 7 Dec 14 2016 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Dec 14 2016 lib64 -> usr/lib64
drwx------. 2 root root 6 Dec 14 2016 lost+found
drwxr-xr-x. 2 root root 6 Nov 5 2016 media
drwxr-xr-x. 2 root root 6 Nov 5 2016 mnt
drwxr-xr-x. 1 root root 21 Dec 19 2016 opt
dr-xr-xr-x. 119 root root 0 Jul 7 07:09 proc
dr-xr-x---. 1 root root 18 Dec 19 2016 root
drwxr-xr-x. 10 root root 130 Dec 14 2016 run
lrwxrwxrwx. 1 root root 8 Dec 14 2016 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 5 2016 srv
dr-xr-xr-x. 13 root root 0 Jul 1 12:15 sys
drwxrwxrwt. 7 root root 132 Dec 14 2016 tmp
drwxr-xr-x. 1 root root 69 Dec 14 2016 usr
drwxr-xr-x. 1 root root 41 Dec 14 2016 var
关闭容器
把正在运行的容器直接关闭或者杀死
stop等于正常关机,速度较慢
[root@zheng ~]# docker stop 91504e77188f
91504e77188f
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 37 minutes ago Exited (0) 16 minutes ago centos7-2
60ec67bc76c9 688353a31fde "/bin/bash" 4 hours ago Up 3 hours centos-1
91504e77188f 688353a31fde "/bin/bash" 7 hours ago /显示退出 Exited (137) 10 seconds ago centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 days ago pedantic_tereshkova
杀死速度很快,等于强制拔电源关机
[root@zheng ~]# docker kill 60ec67bc76c9
60ec67bc76c9
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 40 minutes ago Exited (0) 19 minutes ago centos7-2
60ec67bc76c9 688353a31fde "/bin/bash" 4 hours ago Exited (137) About a minute ago centos-1
91504e77188f 688353a31fde "/bin/bash" 7 hours ago Exited (137) 3 minutes ago centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 days ago pedantic_tereshkova
启动容器
启动和重启容器,适合以关闭的容器或者需要重启的容器
[root@zheng ~]# docker start e49fe8572bd3
e49fe8572bd3
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 44 minutes ago Up 3 seconds centos7-2
[root@zheng ~]# docker restart e49fe8572bd3
e49fe8572bd3
[root@zheng ~]# docker restart 91504e77188f
91504e77188f
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" About an hour ago Up About a minute centos7-2
91504e77188f 688353a31fde "/bin/bash" 7 hours ago Up 1 second centos7
删除容器
先查询一下都有哪些容器,然后删除一个已经关闭的容器
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2
60ec67bc76c9 688353a31fde "/bin/bash" 6 hours ago Exited (137) 2 hours ago centos-1
91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova
[root@zheng ~]# docker rm 60ec67bc76c9 # 这里删除的是一个已经exited(关闭)的容器了
60ec67bc76c9
[root@zheng ~]# docker ps -a # 查询到已经没有容器id为60ec67bc76c9的了,成功删除
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2
91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova
删除多个容器
这里删除掉两个正在运行的容器
可以看到出错,因为是运行的,需要加-f参数强制删除
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2
91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova
[root@zheng ~]# docker rm 91504e77188f e49fe8572bd3
Error response from daemon: You cannot remove a running container 91504e77188fb62e52f8dd163fc918990bdb457efd3e0f0d673dc6dff1dcf755. Stop the container before attempting removal or force remove
Error response from daemon: You cannot remove a running container e49fe8572bd387538d2fa0677021b5614d5016a3881ef326d41ee4c7a405a3da. Stop the container before attempting removal or force remove
[root@zheng ~]# docker rm -f 91504e77188f e49fe8572bd3
91504e77188f
e49fe8572bd3
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova
删除所有容器
两个方法
docker rm -f $(docker ps -a -q)
docker ps -a -q |xargs docker rm -f
[root@zheng ~]# docker rm -f $(docker ps -a -q)
30a8a5c2c058
e8300e9d697c
c1be53cd79b1
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebb03ad6c800 0d691b180bd5 "catalina.sh run" 4 minutes ago Up 2 seconds 8080/tcp tomcat
740e4110b5b5 688353a31fde "/bin/bash" 4 minutes ago Up 4 minutes centos7
[root@zheng ~]# docker ps -a -q |xargs docker rm
Error response from daemon: You cannot remove a running container ebb03ad6c80020b467724e4c45eeaa733c735aa16ec564595008e6b36a29bfa6. Stop the container before attempting removal or force remove
Error response from daemon: You cannot remove a running container 740e4110b5b5c34712f7efd8b3cc085b3bca64adf28b8a0e92bb445a83fca746. Stop the container before attempting removal or force remove
[root@zheng ~]# docker ps -a -q |xargs docker rm -f
ebb03ad6c800
740e4110b5b5
查看容器日志
以后台模式运行一个centos7的容器
查看 容器状态 ps -a
启动容器以后发现容器已经退出,没有在运行
重要:docker容器后台运行,必须要有一个前台进程
容器运行的命令如果不是那些一直挂起的命令 (比如top,tail)就会自动退出
这是docker机制的问题,比如web容器,以Nginx为例,正常情况下,我们配置启动服务只需要启动systemctl start nginx
但是这样nginx是后台进程模式运行,导致docker前台没有运行的应用,这样的容器启动后,会立即自杀因为他觉得没有事情可以做
解决方案是将要运行的程序以前台进程的形式运行
[root@zheng ~]# docker run -d 688353a31fde
e2339b419fd9d15f04c242ea9a9ed4ac6a6788f846d4039038d5edd8f4f628f8
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2339b419fd9 688353a31fde "/bin/bash" 4 seconds ago Exited (0) 3 seconds ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 18 minutes ago Exited (137) 50 seconds ago brave_robinson
-d 以后台的形式运行
/bin/sh -c 和sudo差不多,但是sudo只给后面第一个命令的root权限,所以会出错,它可以让 bash 将一个字串作为完整的命令来执行,这样就可以将 sudo 的影响范围扩展到整条命令
“while true;do echo hello zheng;sleep 2;done” shell脚本编程
每两秒钟打印一句话,一直持续打印
while true; 死循环
让输出一直打印到控制台上面,让前台一直有一个响应,这样后台运行的时候docker就不会自动关闭了
运行容器以后查看一下进程看到容器已经 UP(启动了)
[root@zheng ~]# docker run -d 688353a31fde /bin/sh -c "while true;do echo hello zheng;sleep 2;done"
ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 46 seconds ago Up 46 seconds wizardly_swanson
e2339b419fd9 688353a31fde "/bin/bash" 2 hours ago Exited (0) 2 hours ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 2 hours ago Exited (137) 2 hours ago brave_robinson
查看docker容器的日志
刚才在后台启动完centos7以后,在宿主机查看
-t 带时间戳
-f 不间断输出
[root@zheng ~]# docker logs -t -f ddef8923d614
2020-07-07T05:16:15.465635597Z hello zheng
2020-07-07T05:16:17.467532595Z hello zheng
2020-07-07T05:16:19.468746000Z hello zheng
2020-07-07T05:16:21.470288646Z hello zheng
2020-07-07T05:16:23.471481544Z hello zheng
2020-07-07T05:16:25.473195926Z hello zheng
2020-07-07T05:16:27.474099869Z hello zheng
2020-07-07T05:16:29.475547154Z hello zheng
2020-07-07T05:16:31.476821709Z hello zheng
12020-07-07T05:16:33.478236038Z hello zheng
2020-07-07T05:16:35.479875418Z hello zheng
2020-07-07T05:16:37.481587229Z hello zheng
^C
打印后几行日志
[root@zheng ~]# docker logs -t --tail 5 ddef8923d614
2020-07-07T06:32:10.263470406Z hello zheng
2020-07-07T06:32:12.264883309Z hello zheng
2020-07-07T06:32:14.266447915Z hello zheng
2020-07-07T06:32:16.267286639Z hello zheng
2020-07-07T06:32:18.268794668Z hello zheng
查看容器里面的进程
docker top命令+容器ID
[root@zheng ~]# docker top ddef8923d614
UID PID PPID C STIME TTY TIME CMD
root 15884 15868 0 00:54 ? 00:00:00 /bin/sh -c while true;do echo hello zheng;sleep 2;done
root 19451 15884 0 02:49 ? 00:00:00 sleep 2
查看容器内部的细节
可以看到输出了一大堆东西,id创建时间,路径,执行的东西都有
[root@zheng ~]# docker inspect ddef8923d614
[
{
"Id": "ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb",
"Created": "2020-07-07T04:54:44.286353951Z",
"Path": "/bin/sh",
"Args": [
"-c",
"while true;do echo hello zheng;sleep 2;done"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 15884,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-07-07T04:54:44.65814733Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:688353a31fdee02a966d1f83e9210f77b5a63baaaacbedb81ca35f6231cfeb6c",
"ResolvConfPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/hostname",
"HostsPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/hosts",
"LogPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb-json.log",
"Name": "/wizardly_swanson",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {
}
},
"NetworkMode": "default",
"PortBindings": {
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8-init/diff:/var/lib/docker/overlay2/96c7598ef412a28e92e33cf0f448f4ad67f25d9890ce685ad84d5aa5c3ccd324/diff:/var/lib/docker/overlay2/a1af987dd36be1c0deda5ccc95a26f4f26fd338081c53b43fd6512609c216361/diff:/var/lib/docker/overlay2/38f9a6e6b61b1638aa1b6568d5775241a33bcf0138522eccfb8907f0c35d73c6/diff:/var/lib/docker/overlay2/8c58881b11ab25c2315c03ebb46f2e37af2facd7111ad84f6b7ee4d12cee14aa/diff:/var/lib/docker/overlay2/dd6adb17ffe6eaf631548b0439a247bf5fda9302014796a729500237f4fc1886/diff:/var/lib/docker/overlay2/ef314a5ec0c0ec265d4c082a62ed3844a04fd92250b001768022ab7a5d95f9f9/diff",
"MergedDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/merged",
"UpperDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/diff",
"WorkDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "ddef8923d614",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/opt/ansible/ansible/bin:/bin:/usr/bin:/sbin:/usr/sbin",
"PYTHONPATH=/opt/ansible/ansible/lib",
"ANSIBLE_LIBRARY=/opt/ansible/ansible/library"
],
"Cmd": [
"/bin/sh",
"-c",
"while true;do echo hello zheng;sleep 2;done"
],
"Image": "688353a31fde",
"Volumes": null,
"WorkingDir": "/opt/ansible/ansible",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"build-date": "20161214",
"license": "GPLv2",
"name": "CentOS Base Image",
"vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "3acd4dba5290d1e1c633ce5d98fd1ea3cadb530816207c63b7a3191e4856a4e6",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
},
"SandboxKey": "/var/run/docker/netns/3acd4dba5290",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "de2aea99578a59480950b6209243ff6f82cb28bd76d63ecee9005d52ec86c61f",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "36e5166b57f3053ab12d83bb4b9da99f7b42d53c5c6dc140d4bf5e382d3c4180",
"EndpointID": "de2aea99578a59480950b6209243ff6f82cb28bd76d63ecee9005d52ec86c61f",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
从容器cp文件到主机上
docker cp 容器id:容器内路径 目的主机路径
[root@zheng ~]# docker exec -it 2fcb2b9cb610 /bin/bash
[root@2fcb2b9cb610 ansible]# cd /tmp/
[root@2fcb2b9cb610 tmp]# ll
total 4
-rwx------. 1 root root 827 Dec 14 2016 ks-script-LRoSA2
-rw-------. 1 root root 0 Dec 14 2016 yum.log
[root@2fcb2b9cb610 tmp]# cd /
[root@2fcb2b9cb610 /]# cd /tmp/
[root@2fcb2b9cb610 tmp]# ll
total 4
-rwx------. 1 root root 827 Dec 14 2016 ks-script-LRoSA2
-rw-------. 1 root root 0 Dec 14 2016 yum.log
[root@2fcb2b9cb610 tmp]# cat yum.log
[root@2fcb2b9cb610 tmp]# read escape sequence
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 4 hours ago Up 21 minutes brave_robinson
[root@zheng ~]# docker cp 2fcb2b9cb610:/tmp/yum.log /root/zheng
[root@zheng ~]# ll
total 32
-rw-r--r--. 1 root root 0 Jul 3 09:46 --add-repo
-rw-------. 1 root root 1264 Jun 29 12:51 anaconda-ks.cfg
-rw-r--r--. 1 root root 25548 Apr 7 2017 mysql57-community-release-el7-10.noarch.rpm
-rw-------. 1 root root 0 Dec 14 2016 zheng
小总结
常用命令
1、Docker更新发布Nginx配置&发布代码
1)基于Docker虚拟化平台,从0开始创建了一台Nginx WEB容器(轻量级的虚拟机),启动Nginx容器服务,通过浏览器访问Nginx容器中发布的默认网站代码
和之前的步骤一样
Run,全新创建并且启动一台新容器;
-i,interactive打开交互模式;
-t,tty打开登录终端;
-d,detach后台运行;
-p,publish发布端口,将宿主机80映射至容器的80(DNAT+IPtables);
--name,指定或者自定义容器的名称;
--privileged,开启超级特权模式,支持更多的指令操作。
[root@zheng ~]# docker run -itd --name nginx --privileged -p 80:80 nginx:latest
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fb354eae612b nginx "/docker-entrypoint.…" 26 hours ago Up 26 hours 0.0.0.0:80->80/tcp nginx
b45e02789fe3 tomcat "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8888->8080/tcp tomcat
ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago wizardly_swanson
e2339b419fd9 688353a31fde "/bin/bash" 3 days ago Exited (0) 2 days ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago brave_robinson
查看端口映射
-t 要操作的表,默认值:fileter
-L 列出链中或所有链中的规则
-n 地址和端口的数字输出
–line-numbers 列出时打印行号
[root@zheng ~]# iptables -t nat -L -n --line-numbers
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
2 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:80
3 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080
Chain DOCKER (2 references)
num target prot opt source destination
1 RETURN all -- 0.0.0.0/0 0.0.0.0/0
2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.3:80
3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080
启动多台容器
这里是引用
[root@zheng ~]# for i in $(seq 1 3);do docker run -itd --name=nginx$i --privileged -p 80$i:80 nginx:latest ;done
e6c84d9d8cc28dda009be9fdfefbf9fe7adfd8b4cc33dcab4ca7d5a28650dca1
094cfa5b32818434bc8363293bb4187893028ff82cad0b4d619735abbf509840
0442290e7a375fbffd5f65699fcac98ed963582365b5abc1a37280e6ba48c15a
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0442290e7a37 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:803->80/tcp nginx3
094cfa5b3281 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:802->80/tcp nginx2
e6c84d9d8cc2 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:801->80/tcp nginx1
ce569a33b4d6 tomcat:latest "catalina.sh run" 22 minutes ago Up 22 minutes 0.0.0.0:8888->8080/tcp tomcat
fb354eae612b nginx "/docker-entrypoint.…" 27 hours ago Up 27 hours 0.0.0.0:80->80/tcp nginx
ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago wizardly_swanson
e2339b419fd9 688353a31fde "/bin/bash" 3 days ago Exited (0) 2 days ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago brave_robinson
在查询一下端口
[root@zheng ~]# iptables -t nat -L -n --line-numbers
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
2 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:80
3 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080
4 MASQUERADE tcp -- 172.17.0.4 172.17.0.4 tcp dpt:80
5 MASQUERADE tcp -- 172.17.0.5 172.17.0.5 tcp dpt:80
6 MASQUERADE tcp -- 172.17.0.6 172.17.0.6 tcp dpt:80
7 MASQUERADE tcp -- 172.17.0.7 172.17.0.7 tcp dpt:80
Chain DOCKER (2 references)
num target prot opt source destination
1 RETURN all -- 0.0.0.0/0 0.0.0.0/0
2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.3:80
3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080
4 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:801 to:172.17.0.4:80
5 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:802 to:172.17.0.5:80
6 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:803 to:172.17.0.6:80
7 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:800 to:172.17.0.7:80
查询容器ip
简易查询
查询容器id
tail -1 显示一行,不加这个会把所有ipaddress都显示
-a 不忽略2进制
-i 忽略大小写
docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1
[root@zheng ~]# docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1
"IPAddress": "172.17.0.7",
只显示容器ip
docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”
[root@zheng ~]# docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}"
172.17.0.7
批量查询容器id
-a 不忽略2进制
-i 忽略大小写
-o 只显示匹配PATTERN 部分
-E 将样式为延伸的正则表达式来使用for i in $(docker ps -aq);do docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done
[root@zheng ~]# for i in $(docker ps -aq);do docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done
172.17.0.7
172.17.0.6
172.17.0.5
172.17.0.4
172.17.0.2
172.17.0.3
容器id和容器一起显示
在do后面加上 echo $i ;
for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”; done
没显示ip的是没有启动的
[root@zheng ~]# for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}"; done
9fcbb7d99434
172.17.0.7
0442290e7a37
172.17.0.6
094cfa5b3281
172.17.0.5
e6c84d9d8cc2
172.17.0.4
ce569a33b4d6
172.17.0.2
fb354eae612b
172.17.0.3
ddef8923d614
e2339b419fd9
2fcb2b9cb610
刚才那样看不方便,让容器id和ip显示在一行
最后加上 |sed ‘N;s/\n/ /g’
for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”; done|sed ‘N;s/\n/ /g’
[root@zheng ~]# for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}"; done|sed 'N;s/\n/ /g'
9fcbb7d99434 172.17.0.7
0442290e7a37 172.17.0.6
094cfa5b3281 172.17.0.5
e6c84d9d8cc2 172.17.0.4
ce569a33b4d6 172.17.0.2
fb354eae612b 172.17.0.3
ddef8923d614 e2339b419fd9
2fcb2b9cb610
在后面添加想要输出的信息
让他输出root账户 密码 配置 和 名字,自己填写
|awk ‘{print $0 “root 123 2cpu 4G 40G zheng”}’
for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done |sed ‘N;s/\n/ /g’|awk ‘{print $0 “root 123 2cpu 4G 40G zheng”}’
[root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 "root 123 2cpu 4G 40G zheng"}'
9fcbb7d99434 172.17.0.7root 123 2cpu 4G 40G zheng
0442290e7a37 172.17.0.6root 123 2cpu 4G 40G zheng
094cfa5b3281 172.17.0.5root 123 2cpu 4G 40G zheng
e6c84d9d8cc2 172.17.0.4root 123 2cpu 4G 40G zheng
ce569a33b4d6 172.17.0.2root 123 2cpu 4G 40G zheng
fb354eae612b 172.17.0.3root 123 2cpu 4G 40G zheng
ddef8923d614 e2339b419fd9root 123 2cpu 4G 40G zheng
2fcb2b9cb610root 123 2cpu 4G 40G zheng
这次我们用输出的数据做成表格
|sed ‘s/ /,/g’ >> 123.csv
把空格变成逗号 然后输出到123.csv文件中
print $0 后面的空格都要控制成一个,然后root前面也加一个空格,要不然会跟之前的连在一起
for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done |sed ‘N;s/\n/ /g’|awk ‘{print $0 " root 123 2cpu 4G 40G zheng"}’ |sed ‘s/ /,/g’ >> 123.csv
先在屏幕上输出一遍,在写入文件,没什么错误,除了最底下没有开启的容器
[root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 " root 123 2cpu 4G 40G zheng"}' |sed 's/ /,/g'
9fcbb7d99434,172.17.0.7,root,123,2cpu,4G,40G,zheng
0442290e7a37,172.17.0.6,root,123,2cpu,4G,40G,zheng
094cfa5b3281,172.17.0.5,root,123,2cpu,4G,40G,zheng
e6c84d9d8cc2,172.17.0.4,root,123,2cpu,4G,40G,zheng
ce569a33b4d6,172.17.0.2,root,123,2cpu,4G,40G,zheng
fb354eae612b,172.17.0.3,root,123,2cpu,4G,40G,zheng
ddef8923d614,e2339b419fd9,root,123,2cpu,4G,40G,zheng
2fcb2b9cb610,root,123,2cpu,4G,40G,zheng
#输出正确写入123.csv文件中
[root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 " root 123 2cpu 4G 40G zheng"}' |sed 's/ /,/g' >> 123.csv
# 编辑文件,在最上方写上表头,每个对应的
[root@zheng ~]# vi 123.csv
容器ID,容器IP,用户名,密码,cpu,内存,硬盘,所属
9fcbb7d99434,172.17.0.7,root,123,2cpu,4G,40G,zheng
0442290e7a37,172.17.0.6,root,123,2cpu,4G,40G,zheng
094cfa5b3281,172.17.0.5,root,123,2cpu,4G,40G,zheng
e6c84d9d8cc2,172.17.0.4,root,123,2cpu,4G,40G,zheng
ce569a33b4d6,172.17.0.2,root,123,2cpu,4G,40G,zheng
fb354eae612b,172.17.0.3,root,123,2cpu,4G,40G,zheng
ddef8923d614,e2339b419fd9,root,123,2cpu,4G,40G,zheng
2fcb2b9cb610,root,123,2cpu,4G,40G,zheng
#然后把文件cp到ftp目录下
[root@zheng ~]# cp 123.csv /opt/zheng-computer/
然后再本地浏览器登录一下ftp就能下载了
下载完用wps打开
把所有容器全都删除掉
for i in $(命令);do (命令) ;done
;do开头,;done结束
[root@zheng ~]# for i in $(docker ps -aq);do docker rm -f $i ;done
9fcbb7d99434
0442290e7a37
094cfa5b3281
e6c84d9d8cc2
ce569a33b4d6
fb354eae612b
ddef8923d614
e2339b419fd9
2fcb2b9cb610
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
sanjianke修改nginx目录和显示内容
先创建一个nginx容器
[root@zheng ~]# docker run -itd --name Nginx --privileged -p 801:80 nginx:latest
ea13343b3169b2339090e547b48acf1c05f691ac28718d23b36fd45f09f0a5fb
将nginx容器发布目录修改成 /data/webapps/www/
查询容器ID
连接容器
搜索nginx主配置文件 find / -name nginx.conf
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:801->80/tcp Nginx
# $(docker ps -aq) 因为只有一台容器,就用的这个
[root@zheng ~]# docker exec -it $(docker ps -aq) /bin/bash
root@ea13343b3169:/# find / -name nginx.conf # 查询nginx主配置文件
/etc/nginx/nginx.conf
root@ea13343b3169:/# cd /etc/nginx/
root@ea13343b3169:/etc/nginx# vi nginx.conf #容器版没有vi这个命令
bash: vi: command not found
root@ea13343b3169:/etc/nginx# more -15 nginx.conf #显示15行一页
user nginx; #用户
worker_processes 1; #工作进程
error_log /var/log/nginx/error.log warn; #日志
pid /var/run/nginx.pid; #pid号
events {
#全局
worker_connections 1024; #每个工作连接数
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
#include引用,这个目录下面还有很多的配置文件
include /etc/nginx/conf.d/*.conf;
}
上面的配置文件没有看到server和server_name,没有这个是没法办发布的
所以这个配置文件没有用
切换到/etc/nginx/conf.d/目录下查询配置文件
root@ea13343b3169:/etc/nginx# cd /etc/nginx/conf.d/
root@ea13343b3169:/etc/nginx/conf.d# ll
bash: ll: command not found
root@ea13343b3169:/etc/nginx/conf.d# ls
default.conf
root@ea13343b3169:/etc/nginx/conf.d# more -15 default.conf
server {
#从这可以看到有server也有server_name
listen 80;
listen [::]:80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
#lication / 是网站的根目录,是浏览器访问的url地址的起始位置
root /usr/share/nginx/html; #这里的root指令就是发布目录
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
三剑客命令过滤配置文件的#和空行
awk命令
可以看到这个配置文件有很多的#行和空行,接下来可以给他去掉,不想去掉的话可以直接跳过
先用awk匹配#号行,只看带#号的
root@ea13343b3169:/etc/nginx/conf.d# awk '/#/' default.conf
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
加一个!反义
只显示不带#号的
root@ea13343b3169:/etc/nginx/conf.d# awk '!/#/' default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
后面加awk三剑客命令
显示空行是
^开头 $结尾
加个!转义词转义就是不显示空
root@ea13343b3169:/etc/nginx/conf.d# awk '!/#/' default.conf|awk '!/^$/'
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
sed命令
'/#/d’是删除#行
a :新增, a 的后面可以接字串,而这些字串会在新的一行出现(目前的下一行)~
c :取代, c 的后面可以接字串,这些字串可以取代 n1,n2 之间的行!
d :删除,因为是删除啊,所以 d 后面通常不接任何咚咚;
i :插入, i 的后面可以接字串,而这些字串会在新的一行出现(目前的上一行);
p :打印,亦即将某个选择的数据印出。通常 p 会与参数 sed -n 一起运行~
s :取代,可以直接进行取代的工作哩!通常这个 s 的动作可以搭配正规表示法!例如 1,20s/old/new/g 就是啦!
root@ea13343b3169:/etc/nginx/conf.d# sed '/#/d' default.conf |sed '/^$/d'
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
grep命令
-a 或 --text : 不要忽略二进制的数据。
-i 或 --ignore-case : 忽略字符大小写的差别。
-v 或 --revert-match : 显示不包含匹配文本的所有行。
-E 或 --extended-regexp : 将样式为延伸的正则表达式来使用。
“#|^$” #号和空行
root@ea13343b3169:/etc/nginx/conf.d# grep -aivE "#|^$" default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
通过以上操作获取到默认发布目录
root /usr/share/nginx/html;
用sed -i 替换目录
i :插入, i 的后面可以接字串,而这些字串会在新的一行出现(目前的上一行);
root@ea13343b3169:/etc/nginx/conf.d# sed -i 's#/usr/share/nginx/html#/data/webapps/www/#g' default.conf
然后重启nginx服务使其生效
然后先测试一下
在平滑重启
root@ea13343b3169:/etc/nginx/conf.d# /usr/sbin/nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
这个时候克隆一个新的会话窗口
去下载一个index百度首页
[root@zheng tmp]# wget http://www.baidu.com
--2020-07-11 00:10:15-- http://www.baidu.com/
Resolving www.baidu.com (www.baidu.com)... failed: Name or service not known.
wget: unable to resolve host address ‘www.baidu.com’
[root@zheng tmp]# route add default gw 192.168.100.2
[root@zheng tmp]# wget http://www.baidu.com
--2020-07-11 00:10:27-- http://www.baidu.com/
Resolving www.baidu.com (www.baidu.com)... 61.135.169.121, 61.135.169.125, 2408:80f0:410c:1d:0:ff:b07a:39af, ...
Connecting to www.baidu.com (www.baidu.com)|61.135.169.121|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2381 (2.3K) [text/html]
Saving to: ‘index.html’
100%[===================================================>] 2,381 --.-K/s in 0s
2020-07-11 00:10:27 (568 MB/s) - ‘index.html’ saved [2381/2381]
[root@zheng tmp]# ll
total 12
-rw-r--r--. 1 root root 2381 Jul 11 00:10 index.html
然后用docker exec命令创建一个刚才写的目录/data/webapps/www/
从宿主机docker cp到容器中的这个目录
然后再用docker exec ls -l查询一下有没有index.html文件
[root@zheng tmp]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ea13343b3169 nginx:latest "/docker-entrypoint.…" 2 hours ago Up 2 hours 0.0.0.0:801->80/tcp Nginx
[root@zheng tmp]# docker exec ea13343b3169 mkdir -p /data/webapps/www/
[root@zheng tmp]# docker cp index.html ea13343b3169:/data/webapps/www/
[root@zheng tmp]# docker exec ea13343b3169 ls -l /data/webapps/www/
total 4
-rw-r--r--. 1 root root 2381 Jul 11 04:10 index.html
[root@zheng tmp]#
也可以vi 修改一下index.html文件在cp到容器里
访问一下nginx端口就可以看到了
2、Docker实战Tomcat WEB容器&多实例
1)Tomcat和Nginx是开源、免费的WEB服务器软件,用于发布网站代码的,提供网页信息服务,用户通过浏览器可以实现页面的访问。Tomcat除了可以处理静态网页之外,还可以处理动态网页。
2)Nginx WEB软件不能直接处理动态网页,Nginx官方宣称其处理静态网页的并发能力可以达到5w/s,相当于Apache、Tomcat WEB整体性能的5-10倍。在企业生产环境中,Nginx+Tomcat整合一起使用,Nginx负责处理静态网页,而Tomcat只负责动态网页处理。
静态网页
静态网页一般是跟后端数据库不发生交互的网页,其网页内容很少更新或者几乎不更新,网页文件后缀命名通常是以.htm、.html、.xml等结尾的。
动态网页
动态网页一般是跟后端数据库发生交互的网页,其网页内容经常更新或者随着后端数据库内容变化而更新,网页文件后缀命名通常是以.asp、.jsp、.php等结尾的。
3)基于Docker虚拟化平台,创建一台Tomcat WEB容器,要求Tomcat容器默认启动Tomcat服务,同时对外监听8080端口,用户通过浏览器可以页面的访问
运行一个tomcat容器实例
-p端口映射 把docker容器里tomcat 8080端口映射到虚拟机8888端口
[root@zheng ~]# docker run -it -p 8888:8080 --name tomcat 6055d4d564e1
WARNING: IPv4 forwarding is disabled. Networking will not work.
docker: Error response from daemon: driver failed programming external connectivity on endpoint tomcat (013a9c6ea0f09208660b204ec3e6ee96f1f76546635619826e2fddf8c0e8d930): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 8888 -j DNAT --to-destination 172.17.0.3:8080 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).
ERRO[0000] error waiting for container: context canceled
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b45e02789fe3 tomcat "catalina.sh run" 52 seconds ago Created tomcat
ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 24 hours ago Exited (137) 22 hours ago wizardly_swanson
e2339b419fd9 688353a31fde "/bin/bash" 25 hours ago Exited (0) 22 hours ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 26 hours ago Up 22 hours brave_robinson
这里有两个问题
WARNING: IPv4 forwarding is disabled. Networking will not work.
Error response from daemon: driver failed programming external connectivity on endpoint tomcat
第一个WARNING 需要开启内核转发
第二ERROR docker服务启动时定义的自定义链DOCKER由于某种原因被清掉
重启docker服务及可重新生成自定义链DOCKER
报错以后查询容器状态显示创建
[root@zheng ~]# vi /etc/sysctl.conf
#添加这三行
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
"/etc/sysctl.conf" 15L, 543C written
[root@zheng ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
[root@zheng ~]# systemctl restart docker
# 重新启动容器
[root@zheng ~]# docker start b45e02789fe3
b45e02789fe3
[root@zheng ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b45e02789fe3 tomcat "catalina.sh run" About a minute ago Up 4 seconds 0.0.0.0:8888->8080/tcp tomcat
ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 24 hours ago Exited (137) 22 hours ago wizardly_swanson
e2339b419fd9 688353a31fde "/bin/bash" 25 hours ago Exited (0) 22 hours ago pedantic_galois
2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 26 hours ago Exited (137) 20 seconds ago brave_robinson
启动成功,从本地浏览器访问tomcat
访问失败
我们换一个镜像,用tomcat8镜像
tomcat8
先搜索tomcat8镜像
选择第一个下载
#查询
[root@zheng ~]# docker search tomcat8
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ashince/tomcat8 Tomcat GUI Manager pre-configured docker ima… 5
podbox/tomcat8 2 [OK]
dockerbase/tomcat8 Docker Base: Tomcat8 - https://github.com/do… 2 [OK]
#拉取
[root@zheng ~]# docker pull ashince/tomcat8
Using default tag: latest
latest: Pulling from ashince/tomcat8
06b22ddb1913: Pull complete
336c28b408ed: Pull complete
1f3e6b8d80c3: Pull complete
aeac59510475: Pull complete
b01db8bd8540: Pull complete
f7f398af5fea: Pull complete
1c5595fa1317: Pull complete
e1a6cc83dc3d: Pull complete
9efe1c932022: Pull complete
eef936b7f842: Pull complete
3c1e71063aec: Pull complete
51a92f92973b: Pull complete
988c2bc01b91: Pull complete
49c5aa6cc2d3: Pull complete
ec10702f1c41: Pull complete
d79f676217c9: Pull complete
7e3835cd050f: Pull complete
2395475694e7: Pull complete
ab971e749eb3: Pull complete
8259de60a10f: Pull complete
Digest: sha256:4d3f4e20320d6c9f0c44c16f63a18f80f9092827bbb4a762bbb4f4d26f7abf3a
Status: Downloaded newer image for ashince/tomcat8:latest
docker.io/ashince/tomcat8:latest
查询镜像
查询目录
[root@zheng ~]# ls -l /var/lib/docker/image/overlay2/
total 4
drwx------. 4 root root 58 Jul 3 23:06 distribution
drwx------. 4 root root 37 Jul 3 11:45 imagedb
drwx------. 5 root root 45 Jul 3 23:06 layerdb
-rw-------. 1 root root 1631 Jul 11 04:24 repositories.json
docker查询
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 6055d4d564e1 4 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
nginx latest 2622e6cca7eb 4 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
过滤查询
[root@zheng ~]# docker images |grep -ai tomcat
tomcat latest 6055d4d564e1 4 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
运行tomcat容器
–name可以加可以不加,但是名字得不一样
-p 一个8080,一个8081
[root@zheng ~]# docker run -itd -p 8080:8080 --privileged --name tomcat8 ashince/tomcat8
b99dfc28679dbe5585f9b922f4fe44366d70ac5aa37f7ecc3dcc7f4d4416324e
[root@zheng ~]# docker run -itd -p 8081:8080 --privileged --name tomcat8-1 ashince/tomcat8
5fbc290fc3d6fba2a43143cad9a3778ed8344cbdeab6fcb1a5a301c3f815a369
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 5 seconds ago Up 3 seconds 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 29 seconds ago Up 28 seconds 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 6 hours ago Up 6 hours 0.0.0.0:801->80/tcp Nginx
查询一下tomcat容器ip
[root@zheng ~]# for i in $(docker ps |grep -ai tomcat |awk '{print $1}');do echo $i;docker inspect $i|grep -ai ipaddr |tail -1|awk -F\" '{print $4}' ;done |sed 'N;s/\n/ /g'
5fbc290fc3d6 172.17.0.4
b99dfc28679d 172.17.0.3
nginx和tomcat负载均衡
首先查询nginx的容器id
然后把容器内nginx的配置文件cp到宿主机上
在宿主机编辑nginx配置文件完成以后在cp回nginx容器
然后重启nginx
浏览器登录nginx端口就会发现页面不是之前的百度的首页了
变成了tomcat页面
负载均衡就做完了
[root@zheng ~]# docker ps |grep -ai nginx
ea13343b3169 nginx:latest "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:801->80/tcp Nginx
[root@zheng ~]# docker cp ea13343b3169:/etc/nginx/conf.d/default.conf .
[root@zheng ~]# grep -aivE "#|^$" default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/webapps/www/;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /data/webapps/www/;
}
}
把输出的语句替换到配置文件,然后改成如下配置
#把这里输出的结果复制到cp下来的nginx配置文件中替换掉,然后再加上一些配置
upstream tomcat_web {
server 172.17.0.3:8080 weight=100 max_fails=2 fail_timeout=15;
server 172.17.0.3:8081 weight=100 max_fails=2 fail_timeout=15;
}
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/webapps/www/;
index index.html index.htm;
proxy_pass http://tomcat_web;
proxy_set_header host $host;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /data/webapps/www/;
}
}
修改好配置文件以后再cp回容器
然后重启nginx
[root@zheng ~]# docker cp default.conf ea13343b3169:/etc/nginx/conf.d/
[root@zheng ~]# docker exec ea13343b3169 nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@zheng ~]# docker exec ea13343b3169 nginx -s reload
2020/07/11 09:35:02 [notice] 72#72: signal process started
访问nginx页面
输入之前nginx的端口801
可以看到已经不是之前的百度首页了
替换成了tomcat
动静分离
把之前cp到宿主机的配置文件vi打开再添加配置文件
expires 30d; 30天
改完配置文件以后cp会容器
然后重启nginx服务
[root@zheng ~]# vi default.conf
upstream tomcat_web {
server 172.17.0.3:8080 weight=100 max_fails=2 fail_timeout=15;
server 172.17.0.3:8081 weight=100 max_fails=2 fail_timeout=15;
}
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /data/webapps/www/;
index index.html index.htm;
proxy_pass http://tomcat_web;
proxy_set_header host $host;
}
location ~ .*\.(html|htm|js|css|jpg|png|txt|doc|gif|jpeg)$
{
root /data/webapps/www;
expires 30d;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /data/webapps/www/;
}
}
[root@zheng ~]# docker cp default.conf ea13343b3169:/etc/nginx/conf.d/
[root@zheng ~]# docker exec ea13343b3169 nginx -s reload
2020/07/11 10:36:02 [notice] 78#78: signal process started
访问一下看看是不是会报错404
这里不知道为什么没有报错
3 基于Docker WEB管理Docker容器
通常来讲,开发人员和管理人员默认通过命令行来创建及运行Docker容器,但Docker的Remote API让他们可以通过充分利用REST(代表性状态传输协议)的API,运行相同的命令。
DockerUI也是基于API方式管理宿主机的Docker引擎。Docker UI Web前端程序让你可以处理通常通过Web浏览器的命令行来管理的许多任务。
主机上的所有容器都可以通过仅仅一条连接来处理,该项目几乎没有任何依赖关系。该软件目前仍在大力开发之中,但是它采用麻省理工学院(MIT)许可证,所以可以免费地重复使用。
Docker UI不包含任何内置的身份验证或安全机制,所以务必将任何公之于众的DockerUI连接放在用密码来保护的系统后面。
安装web管理容器
1)下载Docker UI镜像;
只需要在宿主机pull相关的镜像即可,指令如下:
docker pull uifd/ui-for-docker
docker images
[root@zheng ~]# docker pull uifd/ui-for-docker
Using default tag: latest
latest: Pulling from uifd/ui-for-docker
841194d080c8: Pull complete
Digest: sha256:fe371ff5a69549269b24073a5ab1244dd4c0b834cbadf244870572150b1cb749
Status: Downloaded newer image for uifd/ui-for-docker:latest
docker.io/uifd/ui-for-docker:latest
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 6055d4d564e1 4 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
nginx latest 2622e6cca7eb 4 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB
2)启动docker-UI服务,并且映射9090至容器9090;
[root@zheng ~]# docker run -it -d --name docker-web -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock docker.io/uifd/ui-for-docker
50932f1a7b168da40389d62f70ec15334fcb0c7d718f5911b4b150022c88e2c2
[root@zheng ~]# docker ps |grep docker
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 16 seconds ago Up 15 seconds 0.0.0.0:9000->9000/tcp docker-web
ea13343b3169 nginx:latest "/docker-entrypoint.…" 9 hours ago Up 9 hours 0.0.0.0:801->80/tcp Nginx
登录页面可以查看各种信息
端口9000
用web管理创建容器
用web管理来启动一台容器
点击images镜像
选择一个镜像点击
填写参数以后就可以创建成功了,设置映射端口
访问用web管理创建的容器
成功了!!
创建centos7云主机
之前下载过centos7的docker镜像了可以直接运行
Run,全新创建并且启动一台新容器;
-i,interactive打开交互模式;
-t,tty打开登录终端;
-d,detach后台运行;
-p,publish发布端口,将宿主机80映射至容器的80(DNAT+IPtables);
--name,指定或者自定义容器的名称;
--privileged,开启超级特权模式,支持更多的指令操作。
[root@zheng ~]# docker search centos7
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ansible/centos7-ansible Ansible on Centos7 132 [OK]
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 263200eeef11 2 days ago 447MB
tomcat latest 6055d4d564e1 7 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
nginx latest 2622e6cca7eb 4 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB
[root@zheng ~]# docker run -itd --privileged --name centos7-cloud -p 6022:22 ansible/centos7-ansible
3ca6bba2a824c96dee590ecbb8d4a752959e2a0c1c7829b56ab5ef07d213fa9f
# 第一条centos7云主机
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 36 minutes ago Up 35 minutes 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
然后查询一下ip地址做一下映射
在查询一下映射
新建一个会话窗口
连接docker创建的容器
ip是宿主机的ip
端口号改成创建的时候映射的6022端口
[root@zheng ~]# docker inspect 3ca6bba2a824 |grep -ai ipaddr |tail -1
"IPAddress": "172.17.0.7",
# -c3 ping3次以后停止
[root@zheng ~]# ping -c3 172.17.0.7
PING 172.17.0.7 (172.17.0.7) 56(84) bytes of data.
64 bytes from 172.17.0.7: icmp_seq=1 ttl=64 time=0.029 ms
64 bytes from 172.17.0.7: icmp_seq=2 ttl=64 time=0.041 ms
64 bytes from 172.17.0.7: icmp_seq=3 ttl=64 time=0.039 ms
--- 172.17.0.7 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.029/0.036/0.041/0.007 ms
[root@zheng ~]# iptables -t nat -L -n --line-numbers
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
2 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
3 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:8080
4 MASQUERADE tcp -- 172.17.0.4 172.17.0.4 tcp dpt:8080
5 MASQUERADE tcp -- 172.17.0.5 172.17.0.5 tcp dpt:9000
6 MASQUERADE tcp -- 172.17.0.6 172.17.0.6 tcp dpt:80
7 MASQUERADE tcp -- 172.17.0.7 172.17.0.7 tcp dpt:22
Chain DOCKER (2 references)
num target prot opt source destination
1 RETURN all -- 0.0.0.0/0 0.0.0.0/0
2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:801 to:172.17.0.2:80
3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 to:172.17.0.3:8080
4 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8081 to:172.17.0.4:8080
5 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9000 to:172.17.0.5:9000
6 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:805 to:172.17.0.6:80
7 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6022 to:172.17.0.7:22
从这能看到6022映射到centos容器的22端口
连接不了
用telnet和ssh试一下
[root@zheng ~]# telnet 172.17.0.7 22
-bash: telnet: command not found
[root@zheng ~]# ssh 0l 172.17.0.2
ssh: Could not resolve hostname 0l: Name or service not known
应该是防火墙或者是端口的问题
去容器里看一下
先安装一下net-tools工具
因为这个云主机是centos。自带yum源
默认可以上外网,所以能安装这个工具
[root@zheng ~]# docker exec -it 3ca6bba2a824 /bin/bash
[root@3ca6bba2a824 ansible]#
[root@3ca6bba2a824 ansible]# cd
[root@3ca6bba2a824 ~]# yum install net-tools -y
[root@3ca6bba2a824 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.7 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:07 txqueuelen 0 (Ethernet)
RX packets 3906 bytes 18730389 (17.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3260 bytes 182405 (178.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
修改一下yum源
现在在安装软件就会比之前快了
[root@3ca6bba2a824 ~]# cd /etc/yum.repos.d/
[root@3ca6bba2a824 yum.repos.d]# ll
total 36
-rw-r--r--. 1 root root 1664 Nov 29 2016 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Nov 29 2016 CentOS-CR.repo
-rw-r--r--. 1 root root 649 Nov 29 2016 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 630 Nov 29 2016 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Nov 29 2016 CentOS-Sources.repo
-rw-r--r--. 1 root root 2893 Nov 29 2016 CentOS-Vault.repo
-rw-r--r--. 1 root root 314 Nov 29 2016 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 1056 Mar 31 2016 epel-testing.repo
-rw-r--r--. 1 root root 957 Mar 31 2016 epel.repo
[root@3ca6bba2a824 yum.repos.d]# mkdir bak
[root@3ca6bba2a824 yum.repos.d]# mv * bak/
mv: cannot move 'bak' to a subdirectory of itself, 'bak/bak'
[root@3ca6bba2a824 yum.repos.d]# ll
total 0
drwxr-xr-x. 2 root root 229 Jul 14 06:33 bak
[root@3ca6bba2a824 yum.repos.d]# cp bak/CentOS-Base.repo .
[root@3ca6bba2a824 yum.repos.d]# ls
CentOS-Base.repo bak
查询一下网关
能不能ping通外网
查询版本
内核版本
#查路由
[root@3ca6bba2a824 yum.repos.d]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
#查版本
[root@3ca6bba2a824 yum.repos.d]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
#内核版本
[root@3ca6bba2a824 yum.repos.d]# uname -a
Linux 3ca6bba2a824 3.10.0-514.el7.x86_64 #1 SMP Tue Nov 22 16:42:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
#ping外网
[root@3ca6bba2a824 yum.repos.d]# ping -c3 www.baidu.com
PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data.
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=1 ttl=127 time=6.22 ms
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=2 ttl=127 time=8.27 ms
64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=3 ttl=127 time=9.99 ms
--- www.a.shifen.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 6.221/8.162/9.993/1.543 ms
查询一下监听端口
没有监听,任何端口
所以刚才才会连接不了
[root@3ca6bba2a824 yum.repos.d]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
先安装一下服务
要不然没有这个sshd命令
输入错误,没有这个文件
进去宿主机吧文件拷贝到容器里在启动
[root@3ca6bba2a824 yum.repos.d]# yum install openssh-server -y
#启动sshd报错
[root@3ca6bba2a824 yum.repos.d]# /usr/sbin/sshd
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.
[root@3ca6bba2a824 yum.repos.d]# ll /usr/sbin/sshd
-rwxr-xr-x. 1 root root 852856 Aug 9 2019 /usr/sbin/sshd
[root@3ca6bba2a824 yum.repos.d]# ps -ef |grep sshd #没有sshd进程
root 127 14 0 07:02 pts/1 00:00:00 grep --color=auto sshd
##ctrl+p+q退出容器终端
[root@3ca6bba2a824 yum.repos.d]# read escape sequence
[root@zheng ~]# cd /etc/ssh/
[root@zheng ssh]# ll
total 276
-rw-r--r--. 1 root root 242153 Nov 11 2016 moduli
-rw-r--r--. 1 root root 2208 Nov 11 2016 ssh_config
-rw-------. 1 root root 4361 Nov 11 2016 sshd_config
-rw-r-----. 1 root ssh_keys 227 Jun 29 12:55 ssh_host_ecdsa_key
-rw-r--r--. 1 root root 162 Jun 29 12:55 ssh_host_ecdsa_key.pub
-rw-r-----. 1 root ssh_keys 387 Jun 29 12:55 ssh_host_ed25519_key
-rw-r--r--. 1 root root 82 Jun 29 12:55 ssh_host_ed25519_key.pub
-rw-r-----. 1 root ssh_keys 1679 Jun 29 12:55 ssh_host_rsa_key
-rw-r--r--. 1 root root 382 Jun 29 12:55 ssh_host_rsa_key.pub
[root@zheng ssh]# docker cp /etc/ssh/ssh_host_rsa_key 3ca6bba2a824:/etc/ssh/
[root@zheng ssh]# docker cp /etc/ssh/ssh_host_ecdsa_key 3ca6bba2a824:/etc/ssh/
[root@zheng ssh]# docker cp /etc/ssh/ssh_host_ed25519_key 3ca6bba2a824:/etc/ssh/
[root@zheng ssh]# docker exit -it 3ca6bba2a824 /bin/bash
再启动一下还是报错了,给的权限太大的意思,把权限设置成600
[root@3ca6bba2a824 ansible]# /usr/sbin/sshd
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
key_load_private: bad permissions
Could not load host key: /etc/ssh/ssh_host_rsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
key_load_private: bad permissions
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
key_load_private: bad permissions
Could not load host key: /etc/ssh/ssh_host_ed25519_key
sshd: no hostkeys available -- exiting.
[root@3ca6bba2a824 ansible]#
[root@3ca6bba2a824 ansible]# cd /etc/ssh/
[root@3ca6bba2a824 ssh]# ll
total 592
-rw-r--r--. 1 root root 581843 Aug 9 2019 moduli
-rw-r--r--. 1 root root 2276 Aug 9 2019 ssh_config
-rw-r-----. 1 root input 227 Jun 29 16:55 ssh_host_ecdsa_key
-rw-r-----. 1 root input 387 Jun 29 16:55 ssh_host_ed25519_key
-rw-r-----. 1 root input 1679 Jun 29 16:55 ssh_host_rsa_key
-rw-------. 1 root root 3907 Aug 9 2019 sshd_config
[root@3ca6bba2a824 ssh]# chmod 600 ssh_host_ecdsa_key
[root@3ca6bba2a824 ssh]# chmod 600 ssh_host_ed25519_key
[root@3ca6bba2a824 ssh]# chmod 600 ssh_host_rsa_key
[root@3ca6bba2a824 ssh]# /usr/sbin/sshd
启动没有报错
ps -ef 过滤只显示sshd
查看一下端口
修改root密码
第一行就是sshd进程
[root@3ca6bba2a824 ssh]# ps -ef |grep sshd
root 212 0 0 07:49 ? 00:00:00 /usr/sbin/sshd
root 214 193 0 07:50 pts/3 00:00:00 grep --color=auto sshd
看到了22端口
[root@3ca6bba2a824 ssh]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 212/sshd
tcp6 0 0 :::22 :::* LISTEN 212/sshd
修改一个root密码,123
[root@3ca6bba2a824 ssh]# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@3ca6bba2a824 ssh]#
再重新连接一下就可以了
commit自定义镜像
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] OPTIONS说明:
-a :提交的镜像作者;
-c :使用Dockerfile指令来创建镜像;
-m :提交时的说明文字;
-p :在commit时,将容器暂停。
举例:
docker commit -a “runoob.com” -m “my apache” a404c6c174a2 mymysql:v1
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 5 hours ago Up 5 hours 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
[root@zheng ~]# docker commit 3ca6bba2a824 centos7-cloud:latest
sha256:76785adcedc87db63e80970c3ae8e130f77f825cf4797fdd26861dda5d7b85db
生成新镜像以后在查看
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7-cloud latest 76785adcedc8 4 seconds ago 573MB
tomcat latest 6055d4d564e1 7 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
nginx latest 2622e6cca7eb 4 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB
用新镜像启动云主机
改一下名字和端口号
镜像用刚才创建的镜像
docker images 可以查看到
[root@zheng ~]# docker run -itd --privileged --name centos7-cloud2 -p 6023:22 centos7-cloud
4a8d466df5fb877dc4ef1d49dbe423151eb31b5ff568eb3e5df7e818894a5f54
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a8d466df5fb centos7-cloud "/bin/bash" 4 minutes ago Up 4 minutes 0.0.0.0:6023->22/tcp centos7-cloud2
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 6 hours ago Up 6 hours 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
运行容器以后要先用docker exec命令启动一下sshd服务
要不然会连接不了,默认不启动sshd
启动完服务查看一下端口
启动完了以后点击连接,端口号加1就可以登录了
[root@zheng ~]# docker exec 4a8d466df5fb /usr/sbin/sshd
[root@zheng ~]# docker exec 4a8d466df5fb netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 30/sshd
tcp6 0 0 :::22 :::* LISTEN 30/sshd
[root@zheng ~]# docker exec 4a8d466df5fb ps -ef |grep sshd
root 30 0 0 09:43 ? 00:00:00 /usr/sbin/sshd
启动10台云主机
[root@zheng ~]# for i in $(seq 0 9);do docker run -itd --privileged --name=cloud0$i -p 600$i:22 centos7-cloud ;done
d61561402ccbb03280b2aa703cba53b1d0a70b01c16acf3dd1d9f526eccc0294
bd995979ab085ece22ed35e9a02f26beb34ff3bc363164a5fa8ca7dbaece322e
6bd791e0e8cd7a4facdab95436ea6e8f8d2f61da34377e0a01b4458626f91172
c7e8792ce8fc914fc42d3f135c5e517bd1d646058c74469348eeab0e93b4c301
a27cbbcf2b82c872ce73234e27a17a10c981cf64f01bc4683ba6385e3f64e646
b1b9162f0d4dd875e4648365e05b47d74f9d2451619f3f0a11232b4fd191c7d2
845ec51b78ddd1d64ed44a0e71f85ff2d63c16872254cc6d97a7532183414959
1604e774d3e4e3407a0c4ecbcefe20d950bde82c5c87d5e962e98284f3418fa8
0381f63c7ca8cc5c6de238ea09c73c7cc5f0742979387a8f62497456bbd227ae
e9ac3e216fa7cdfa1ee64cad3ba191b9542654f78480062e46a1200edeaf07a3
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e9ac3e216fa7 centos7-cloud "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:6009->22/tcp cloud09
0381f63c7ca8 centos7-cloud "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:6008->22/tcp cloud08
1604e774d3e4 centos7-cloud "/bin/bash" 8 seconds ago Up 7 seconds 0.0.0.0:6007->22/tcp cloud07
845ec51b78dd centos7-cloud "/bin/bash" 8 seconds ago Up 7 seconds 0.0.0.0:6006->22/tcp cloud06
b1b9162f0d4d centos7-cloud "/bin/bash" 9 seconds ago Up 8 seconds 0.0.0.0:6005->22/tcp cloud05
a27cbbcf2b82 centos7-cloud "/bin/bash" 9 seconds ago Up 8 seconds 0.0.0.0:6004->22/tcp cloud04
c7e8792ce8fc centos7-cloud "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:6003->22/tcp cloud03
6bd791e0e8cd centos7-cloud "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:6002->22/tcp cloud02
bd995979ab08 centos7-cloud "/bin/bash" 11 seconds ago Up 10 seconds 0.0.0.0:6001->22/tcp cloud01
d61561402ccb centos7-cloud "/bin/bash" 11 seconds ago Up 10 seconds 0.0.0.0:6000->22/tcp cloud00
4a8d466df5fb centos7-cloud "/bin/bash" About an hour ago Up About an hour 0.0.0.0:6023->22/tcp centos7-cloud2
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 7 hours ago Up 7 hours 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
这个时候光创建,但还是和之前的云主机一样无法连接,因为没有启动sshd
先过滤出cloud0刚才创建的10台云主机
然后把这个容器号复制进一个文件中
最后for i in语句执行
[root@zheng ~]# docker ps |grep cloud0
e9ac3e216fa7 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6009->22/tcp cloud09
0381f63c7ca8 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6008->22/tcp cloud08
1604e774d3e4 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6007->22/tcp cloud07
845ec51b78dd centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6006->22/tcp cloud06
b1b9162f0d4d centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6005->22/tcp cloud05
a27cbbcf2b82 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6004->22/tcp cloud04
c7e8792ce8fc centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6003->22/tcp cloud03
6bd791e0e8cd centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6002->22/tcp cloud02
bd995979ab08 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6001->22/tcp cloud01
d61561402ccb centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6000->22/tcp cloud00
[root@zheng ~]# vi container-id.txt
e9ac3e216fa7 0381f63c7ca8 1604e774d3e4 845ec51b78dd b1b9162f0d4d a27cbbcf2b82 c7e8792ce8fc 6bd791e0e8cd bd995979ab08 d61561402ccb
[root@zheng ~]# for i in $(cat container-id.txt);do docker exec $i /usr/sbin/sshd ;done
批量启动成功
批量查询云主机ip
echo $i ----打印容器id
grep -oE “([0-9]{1,3}.){3}[0-9]{1,3}” --正则表达式
sed ‘N;s/\n/ /g’ —意思是把换行符变成空格
[root@zheng ~]# for i in $(cat container-id.txt);do echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;s/\n/ /g'
e9ac3e216fa7 172.17.0.18
0381f63c7ca8 172.17.0.17
1604e774d3e4 172.17.0.16
845ec51b78dd 172.17.0.15
b1b9162f0d4d 172.17.0.14
a27cbbcf2b82 172.17.0.13
c7e8792ce8fc 172.17.0.12
6bd791e0e8cd 172.17.0.11
bd995979ab08 172.17.0.10
d61561402ccb 172.17.0.9
给他加上宿主机ip
把中间的空格用逗号分隔开
然后倒入csv文件
通过ftp传到本机
用wps打开表格
[root@zheng ~]# for i in $(cat container-id.txt);do echo 192.168.100.10 ;echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;s/\n/,/g'
192.168.100.10,e9ac3e216fa7
172.17.0.18,192.168.100.10
0381f63c7ca8,172.17.0.17
192.168.100.10,1604e774d3e4
172.17.0.16,192.168.100.10
845ec51b78dd,172.17.0.15
192.168.100.10,b1b9162f0d4d
172.17.0.14,192.168.100.10
a27cbbcf2b82,172.17.0.13
192.168.100.10,c7e8792ce8fc
172.17.0.12,192.168.100.10
6bd791e0e8cd,172.17.0.11
192.168.100.10,bd995979ab08
172.17.0.10,192.168.100.10
d61561402ccb,172.17.0.9
[root@zheng ~]# for i in $(cat container-id.txt);do echo 192.168.100.10 ;echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;N;s/\n/,/g' >>docker.csv
[root@zheng ~]# vi docker.csv
宿主机ip,容器id,容器
192.168.100.10,e9ac3e216fa7,172.17.0.18
192.168.100.10,0381f63c7ca8,172.17.0.17
192.168.100.10,1604e774d3e4,172.17.0.16
192.168.100.10,845ec51b78dd,172.17.0.15
192.168.100.10,b1b9162f0d4d,172.17.0.14
192.168.100.10,a27cbbcf2b82,172.17.0.13
192.168.100.10,c7e8792ce8fc,172.17.0.12
192.168.100.10,6bd791e0e8cd,172.17.0.11
192.168.100.10,bd995979ab08,172.17.0.10
192.168.100.10,d61561402ccb,172.17.0.9
~
"docker.csv" 11L, 427C written
#复制到ftp目录下!
[root@zheng ~]# cp docker.csv /opt/zheng-computer/
删除掉,没用了
[root@zheng ~]# docker rm -f $(cat container-id.txt)
e9ac3e216fa7
0381f63c7ca8
1604e774d3e4
845ec51b78dd
b1b9162f0d4d
a27cbbcf2b82
c7e8792ce8fc
6bd791e0e8cd
bd995979ab08
d61561402ccb
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a8d466df5fb centos7-cloud "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:6023->22/tcp centos7-cloud2
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 10 hours ago Up 10 hours 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 3 days ago Up 3 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
LNMP
1)根据如上的Docker构建CentOS云主机,CentOS7云主机创建成功,通过CRT远程登录22端口
2)基于CentOS7云主机构建LNMP WEB(Linux+Nginx+MYSQL+PHP)平台,并且发布Discuz门户网站
[root@zheng ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7-cloud latest d9870547b934 4 hours ago 573MB
tomcat latest 6055d4d564e1 7 days ago 647MB
tomcat 10.0 0d691b180bd5 4 weeks ago 647MB
nginx latest 2622e6cca7eb 4 weeks ago 132MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB
ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB
uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB
[root@zheng ~]# docker run -itd --privileged --name=lnmp-cloud -p 80:80 -p 8022:22 centos7-cloud
9b91a70035f811ac64fae970ba949ff0b945cf91f1d70c0b10f8d52f9fc60e70
[root@zheng ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9b91a70035f8 centos7-cloud "/bin/bash" 37 seconds ago Up 36 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:8022->22/tcp lnmp-cloud
4a8d466df5fb centos7-cloud "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:6023->22/tcp centos7-cloud2
3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 10 hours ago Up 10 hours 0.0.0.0:6022->22/tcp centos7-cloud
29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:805->80/tcp nginx111
50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 3 days ago Up 3 days 0.0.0.0:9000->9000/tcp docker-web
5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1
b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8
ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx
[root@zheng ~]# docker exec 9b91a70035f8 /usr/sbin/sshd
crt连接端口号进入
yum install epel-release -y
yum install nginx php php-fpm mariadb-server mariadb -y
/usr/sbin/nginx
启动完nginx访问80端口
但是不知道为什么访问80端口一直是ftp的界面
找不出问题就把这个容器删了重新建了一个新容器
步骤和上面一样,只不过80映射端口改成了9080
[root@zheng ~]# docker run -itd --privileged --name=lnmp-cloud -p 9080:80 -p 8022:22 centos7-cloud
[root@zheng ~]# docker exec bb6dac0dd3ce /usr/sbin/sshd
[root@bb6dac0dd3ce ~]# yum install epel-release -y
[root@bb6dac0dd3ce ~]# yum install nginx php php-fpm mariadb-server mariadb -y
[root@bb6dac0dd3ce ~]# /usr/sbin/nginx
访问9080端口
显示403是因为没有发布默认代码
修改一下显示页面
[root@bb6dac0dd3ce ~]# cd /usr/share/nginx/html/
[root@bb6dac0dd3ce html]# ls
404.html 50x.html en-US icons img index.html nginx-logo.png poweredby.png
[root@bb6dac0dd3ce html]# ll
total 12
-rw-r--r--. 1 root root 3650 Oct 3 2019 404.html
-rw-r--r--. 1 root root 3693 Oct 3 2019 50x.html
lrwxrwxrwx. 1 root root 20 Jul 15 05:57 en-US -> ../../doc/HTML/en-US
drwxr-xr-x. 2 root root 27 Jul 15 05:57 icons
lrwxrwxrwx. 1 root root 18 Jul 15 05:57 img -> ../../doc/HTML/img
lrwxrwxrwx. 1 root root 25 Jul 15 05:57 index.html -> ../../doc/HTML/index.html
-rw-r--r--. 1 root root 368 Oct 3 2019 nginx-logo.png
lrwxrwxrwx. 1 root root 14 Jul 15 05:57 poweredby.png -> nginx-logo.png
[root@bb6dac0dd3ce html]# rm -rf *
[root@bb6dac0dd3ce html]# ll
total 0
[root@bb6dac0dd3ce html]# echo feifei!!! >index.html
echo feifeill! >index.html
php
[root@bb6dac0dd3ce ~]# cd /etc/nginx/
[root@bb6dac0dd3ce nginx]# cp nginx.conf.default nginx.conf
cp: overwrite 'nginx.conf'? y
[root@bb6dac0dd3ce nginx]# vi nginx.conf
修改
65 location ~ \.php$ {
66 root /usr/share/nginx/html;
67 fastcgi_pass 127.0.0.1:9000;
68 fastcgi_index index.php;
69 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
70 include fastcgi_params;
71 }
[root@bb6dac0dd3ce nginx]# nginx -s reload
[root@bb6dac0dd3ce nginx]# nohup /usr/sbin/php-fpm $
[root@bb6dac0dd3ce nginx]# ps -ef |grep php
root 247 22 0 06:29 pts/1 00:00:00 grep --color=auto php
[root@bb6dac0dd3ce nginx]# ps -ef |grep nginx
root 211 0 0 05:57 ? 00:00:00 nginx: master process /usr/sbin/nginx
nginx 229 211 0 06:27 ? 00:00:00 nginx: worker process
root 249 22 0 06:29 pts/1 00:00:00 grep --color=auto nginx
[root@bb6dac0dd3ce nginx]# cd /usr/share/nginx/html/
[root@bb6dac0dd3ce html]# ls
index.html
[root@bb6dac0dd3ce html]# mv index.html index.php
[root@bb6dac0dd3ce html]# vi index.php
<?php
phpinfo();
?>
"index.php" 3L, 20C written
http://192.168.100.10:9080/index.php
不加php就能进入
[root@bb6dac0dd3ce nginx]# vi /etc/nginx/nginx.conf
添加这一行
[root@bb6dac0dd3ce html]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@bb6dac0dd3ce html]# nginx -s reload
