Docker部署及使用

1.安裝docker

1.查看系統(tǒng)環(huán)境：

[root@bogon ~]# cat /etc/redhat-release

CentOS Linux release 7.3.1611 (Core)

[root@bogon ~]# uname -r

3.10.0-514.el7.x86_64

[root@bogon ~]# systemctl stop firewalld

[root@bogon ~]# systemctl disable firewalld

[root@bogon ~]# setenforce 0

2.安裝docker

[root@bogon ~]# yum install -y docker

3.docker和OpenStack對比表

4.啟動docker并設(shè)置開機自啟

[root@bogon ~]# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

5.更改docker鏡像源(默認(rèn)會去國外官方站點下載，可能會慢也有被攔截的風(fēng)險，所以改成國內(nèi)的)

[root@bogon ~]# docker deamon –help

上述命令可以查看到下面文件中需要添加參數(shù)的幫助信息。

[root@bogon ~]# vim /usr/lib/systemd/system/docker.service

#在文件里添加×××部分，×××部分地址需要登錄阿里云獲取

ExecStart=/usr/bin/dockerd-current –registry-mirror=https://a14c78qe.mirror.aliyuncs.com

–add-runtime docker-runc=/usr/libexec/docker/docker-runc-current

6.加載下文件

[root@bogon ~]# systemctl daemon-reload

7.啟動docker

[root@bogon ~]# systemctl start docker

Docker啟動報錯解決方案：

啟動不成功會提示去哪里看報錯，如下：

[root@bogon ~]# systemctl start docker

Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

[root@bogon ~]# journalctl -xe

#仔細(xì)看報錯文件，如果是如下報錯：

— Unit docker.service has begun starting up.

8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.529170789+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"

8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.542715409+08:00" level=info msg="libcontainerd: new containerd process, pid: 3321"

8月 28 16:42:22 bogon dockerd-current[3316]: Error starting daemon: SELinux is not supported with the overlay2 graph driver on this kernel. Either boot into a newer kernel or disable selinux in docker (–selin

8月 28 16:42:22 bogon systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE

8月 28 16:42:22 bogon systemd[1]: Failed to start Docker Application Container Engine.

— Subject: Unit docker.service has failed

解決方法：

修改下面配置文件內(nèi)容

[root@bogon ~]# vim /etc/sysconfig/docker

#下面內(nèi)容中添加×××部分

OPTIONS='–selinux-enabled=false –log-driver=journald –signature-verification=false'

修改后再次啟動就可以了

8.docker啟動后查看下狀態(tài)：

[root@bogon ~]# systemctl status docker

#下面綠色部分說明啟動沒有問題

● docker.service – Docker Application Container Engine

Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)

Active: active (running) since 二 2018-08-28 16:46:06 CST; 5min ago

Docs: http://docs.docker.com

Main PID: 3390 (dockerd-current)

CGroup: /system.slice/docker.service

├─3390 /usr/bin/dockerd-current –registry-mirror=https://a14c78qe.mirror.aliyuncs.com –ad…

└─3395 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-co…

8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.866842623+08:00" level=info…ds"

8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.868038662+08:00" level=info…t."

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.999481830+08:00" level=info…se"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.180906259+08:00" level=info…ss"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.281198675+08:00" level=info…e."

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.285045777+08:00" level=warn…ix"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334406287+08:00" level=info…on"

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334428391+08:00" level=info…3.1

8月 28 16:46:06 bogon systemd[1]: Started Docker Application Container Engine.

8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.370242046+08:00" level=info…ck"

Hint: Some lines were ellipsized, use -l to show in full.

2.docker簡單操作

鏡像的下載

[root@bogon ~]# docker pull alpine

Using default tag: latest

Trying to pull repository docker.io/library/alpine …

latest: Pulling from docker.io/library/alpine

8e3ba11ec2a2: Pull complete

Digest: sha256:7043076348bf5040220df6ad703798fd8593a0918d06d3ce30c6c93be117e430

Status: Downloaded newer image for docker.io/alpine:latest

鏡像的搜索，如下搜索一個nginx鏡像

[root@bogon ~]# docker search nginx

INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED

docker.io docker.io/nginx Official build of Nginx. 9370 [OK]

docker.io docker.io/jwilder/nginx-proxy Automated Nginx reverse proxy for docker c… 1388 [OK]

docker.io docker.io/richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable … 609 [OK]

docker.io docker.io/jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as… 396 [OK]

docker.io docker.io/kong Open-source Microservice & API Management … 219 [OK]

docker.io docker.io/webdevops/php-nginx Nginx with PHP-FPM 111 [OK]

docker.io docker.io/kitematic/hello-world-nginx A light-weight nginx container that demons… 108

docker.io docker.io/zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server … 63 [OK]

docker.io docker.io/bitnami/nginx Bitnami nginx Docker Image 57 [OK]

docker.io docker.io/1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 43 [OK]

docker.io docker.io/linuxserver/nginx An Nginx container, brought to you by Linu… 38

docker.io docker.io/tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 20 [OK]

docker.io docker.io/blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK]

docker.io docker.io/nginxdemos/nginx-ingress NGINX Ingress Controller for Kubernetes . … 11

docker.io docker.io/wodby/drupal-nginx Nginx for Drupal container image 10 [OK]

docker.io docker.io/nginxdemos/hello NGINX webserver that serves a simple page … 8 [OK]

docker.io docker.io/webdevops/nginx Nginx container 8 [OK]

下載nginx鏡像：

[root@bogon ~]# docker pull nginx

查看本地鏡像：

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/nginx latest c82521676580 4 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

鏡像的導(dǎo)出：

[root@bogon ~]# docker save nginx >/tmp/nginx.tar.gz

[root@bogon ~]# ls /tmp/

nginx.tar.gz

鏡像刪除操作

[root@bogon ~]# docker rmi nginx

Untagged: nginx:latest

Untagged: docker.io/nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424

Deleted: sha256:c82521676580c4850bb8f0d72e47390a50d60c8ffe44d623ce57be521bca9869

Deleted: sha256:2c1f65d17acf8759019a5eb86cc20fb8f8a7e84d2b541b795c1579c4f202a458

Deleted: sha256:8f222b457ca67d7e68c3a8101d6509ab89d1aad6d399bf5b3c93494bbf876407

Deleted: sha256:cdb3f9544e4c61d45da1ea44f7d92386639a052c620d1550376f22f5b46981af

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

導(dǎo)入鏡像導(dǎo)入：

[root@bogon ~]# docker load < /tmp/nginx.tar.gz

cdb3f9544e4c: Loading layer 58.44 MB/58.44 MB

a8c4aeeaa045: Loading layer 54.24 MB/54.24 MB

08d25fa0442e: Loading layer 3.584 kB/3.584 kB

Loaded image: docker.io/nginx:latest

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

docker.io/nginx latest c82521676580 4 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

docker鏡像啟動：(run其實是兩個命令的結(jié)合，一個是create,創(chuàng)建容器，一個是run運行容器)

[root@bogon ~]# docker run alpine sh

上述這樣啟動是免交互的相當(dāng)于后臺運行。

[root@bogon ~]# docker run -it alpine sh

/ #

#加上-it后會啟動鏡像并進(jìn)入到鏡像內(nèi)。

/ # cd /tmp/

/tmp # ls

/tmp # mkdir abc

/tmp # touch 111

/tmp # ls

111 abc

/tmp # exit

#可以在容器里進(jìn)行操作，exit退出，容器退出即關(guān)閉，想退出不關(guān)閉，按住ctrl按下p按下q就可以退出不關(guān)閉。

查看正在運行的容器：

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

顯示所有的容器，不管是否在運行。

[root@bogon ~]# docker ps -a

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

212334d5b4e6 alpine "sh" 21 minutes ago Exited (0) 18 minutes ago stupefied_mclean

939f8d7c326a alpine "sh" 22 minutes ago Exited (0) 22 minutes ago keen_ramanujan

刪除容器：

[root@bogon ~]# docker rm 212334d5b4e6 939f8d7c326a

#rm后面加上容器的ID，運行中的容器刪除時會報錯，需要在rm后面加上-f強制刪除

212334d5b4e6

939f8d7c326a

運行nginx容器：

[root@bogon ~]# docker run -it –name mynginx nginx

#–name：給運行的容器指定個名稱，默認(rèn)會隨機起個名，不好識別

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

8c39a0d44943 nginx "nginx -g 'daemon …" 56 seconds ago Up 55 seconds 80/tcp mynginx

顯示容器的詳細(xì)信息：

[root@bogon ~]# docker inspect mynginx (可以指定容器的ID號)

[

{

"Id": "8c39a0d449436812f7384cdad68dbb7cf303a20cf2e04f4360754e4941575c5d",

"Created": "2018-08-28T10:12:27.182865131Z",

"Path": "nginx",

"Args": [

"-g",

"daemon off;"

。。。。。。。。。。

最后幾行信息

"Networks": {

"bridge": {

"IPAMConfig": null,

"Links": null,

"Aliases": null,

"NetworkID": "44fcef1e4efb63b10dc5742f09d18848e25b235f5c2f7c38ad6d1a05d00946ba",

"EndpointID": "2b6d3969bfaffbbbbd166f694f7bf3e1fc5945195849cf12c45ee0906a010275",

"Gateway": "172.17.0.1", #網(wǎng)關(guān)

"IPAddress": "172.17.0.2", #Ip地址

"IPPrefixLen": 16,

"IPv6Gateway": "",

"GlobalIPv6Address": "",

"GlobalIPv6PrefixLen": 0,

"MacAddress": "02:42:ac:11:00:02"

}

}

}

}

]

Curl 下ip地址看能否訪問：

[root@bogon ~]# curl 172.17.0.2

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and

working. Further configuration is required.

For online documentation and support please refer to

nginx.org.

Commercial support is available at

nginx.com.

Thank you for using nginx.

進(jìn)入已經(jīng)運行的容器中

[root@bogon ~]# docker attach mynginx

這種方法進(jìn)入沒有bash終端，并且輸入信息其他終端也可以看見且無法直接退出，只有ctrl+p+q退出

[root@bogon ~]# docker exec -it mynginx sh

這種方式是比較推薦的，會提供一個指定的bash終端，可以做任意操作。

ls

bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var

#

[root@bogon ~]# docker run -it -d –name mynginx nginx

#-d：后臺運行，-d和-rm是沖突參數(shù)，只能

81a545910b0d1215fedc279ec38ff65a4a7ddbc7be1b8f37ed7b87fa8a6c244a

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

81a545910b0d nginx "nginx -g 'daemon …" 7 seconds ago Up 6 seconds 80/tcp mynginx

查看docker里面服務(wù)的訪問日志：

[root@bogon ~]# docker logs mynginx

172.17.0.1 – – [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

[root@bogon ~]# docker logs -f mynginx

172.17.0.1 – – [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:50 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:51 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

172.17.0.1 – – [28/Aug/2018:11:44:52 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

#docker logs -f 類似于tailf日志追蹤

3.Docker鏡像制作

1.下載centos鏡像：

[root@bogon ~]# docker pull centos

2.運行容器并進(jìn)入容器里：

[root@bogon ~]# docker run -it centos bash

[root@0fca23e3d80d /]#

3.默認(rèn)沒有wget，先yum一個wget：

[root@0fca23e3d80d /]# yum install -y wget

4.切換成阿里云源

[root@0fca23e3d80d /]# cd /etc/yum

yum/ yum.conf yum.repos.d/

[root@0fca23e3d80d /]# cd /etc/yum

yum/ yum.conf yum.repos.d/

[root@0fca23e3d80d /]# cd /etc/yum.repos.d/

[root@0fca23e3d80d yum.repos.d]# ls

CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo

CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo

[root@0fca23e3d80d yum.repos.d]# rm -f *

[root@0fca23e3d80d yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

阿里云epel源;

[root@0fca23e3d80d yum.repos.d]# yum install -y epel-release

[root@0fca23e3d80d yum.repos.d]# ls

CentOS-Base.repo epel-testing.repo epel.repo

5.安裝nginx：

[root@0fca23e3d80d yum.repos.d]# yum install -y nginx

配置nginx

[root@0fca23e3d80d yum.repos.d]# vi /etc/nginx/nginx.conf

#添加×××部分

user nginx;

daemon off;

查看下docker commit幫助

[root@bogon ~]# docker commit –help

Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

Create a new image from a container's changes

Options:

-a, –author string Author (e.g., "John Hannibal Smith ")

-c, –change list Apply Dockerfile instruction to the created image (default [])

–help Print usage

-m, –message string Commit message

-p, –pause Pause container during commit (default true)

[root@bogon ~]# docker commit -m "add nginx images" mynginx liyongli/my_nginx

語法：-m后面是描述

Mynginx：運行的容器名

liyongli/my_nginx：鏡像名

查看本地鏡像會發(fā)現(xiàn)多一個×××部分的鏡像

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

liyongli/my_nginx latest 66ff70d8a103 22 seconds ago 408 MB

docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB

docker.io/nginx latest c82521676580 5 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

tag號默認(rèn)是latest，在上述鏡像名后面加上×××部分tag就是你指定的liyongli/my_nginx:v1

[root@bogon ~]# docker commit -m "add nginx images" happy_perlman liyongli/my_nginx:v1

sha256:e6cdb103b333963c17a7ef185e0ec040b3f25c93e3aabaa152040b569cfbe804

[root@bogon ~]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

liyongli/my_nginx v1 e6cdb103b333 4 seconds ago 408 MB

liyongli/my_nginx latest 66ff70d8a103 4 minutes ago 408 MB

docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB

docker.io/nginx latest c82521676580 5 weeks ago 109 MB

docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB

啟動自己做的鏡像：

[root@bogon ~]# docker run -d –name mnginx liyongli/my_nginx nginx

–name:運行容器的描述

liyongli/my_nginx：鏡像名

nginx：運行的服務(wù)名

5a15d9986e8f460ff047ab716f809309a7e828218986d95df7749b1115b33953

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

5a15d9986e8f liyongli/my_nginx "nginx" 11 seconds ago Up 10 seconds mnginx

0fca23e3d80d centos "bash" About an hour ago Up About an hour happy_perlman

Docker網(wǎng)絡(luò)

Docker端口映射：

[root@bogon ~]# docker run -d –name mnginx -P nginx

#-P：端口映射

dc1c5779e7b9f0146376da4bcad1827fe2f80c1fac39c21b7076ce65e4446d51

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

dc1c5779e7b9 nginx "nginx -g 'daemon …" 7 seconds ago Up 6 seconds 0.0.0.0:32768->80/tcp mnginx

將隨機產(chǎn)生一個端口映射到容器里的80

訪問驗證：

[root@bogon ~]# docker run –name my_nginx -d -p 80:80 liyongli/my_nginx nginx

liyongli/my_nginx：鏡像名

nginx：鏡像里的服務(wù)

#-p:指定80端口去映射docker上的80

c826a3ea327a0f2957c9f4181af8d4408e8d7de1ebee645def8e07891afc2757

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

c826a3ea327a liyongli/my_nginx "nginx" 12 seconds ago Up 11 seconds 0.0.0.0:80->80/tcp my_nginx

訪問測試：

注：默認(rèn)采用tcp，想換成UDP，需要在端口后面加上協(xié)議(如下×××部分)

[root@bogon ~]# docker run –name my_nginx -d -p 80:80/udp liyongli/my_nginx nginx

46f6b91ed321ed0fd0cf2e638a68d859207e7ff4dc33c02d7d299e258200496f

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

46f6b91ed321 liyongli/my_nginx "nginx" 2 seconds ago Up 2 seconds 0.0.0.0:80->80/udp my_nginx

指定端口和IP映射：

[root@bogon ~]# docker run –name my_nginx -d -p 127.0.0.1:80:80 liyongli/my_nginx nginx

7266e28a7f4b7a1a38f41b55ccf33136f3f7867081e0d1369f662a6292d9fc0a

[root@bogon ~]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

7266e28a7f4b liyongli/my_nginx "nginx" 21 seconds ago Up 21 seconds 127.0.0.1:80->80/tcp my_nginx

訪問測試，外面的瀏覽器訪問不到了：

本地curl訪問：

[root@bogon ~]# curl 127.0.0.1:80