# docker images REPOSITORY TAG IMAGE ID CREATED SIZE
搜索镜像,如centos:
1
# docker search centos
默认国外源,下载慢,网好除外。
标识docker镜像,不标识默认最新版本,镜像名:版本号。
设置国内docker仓库,重启docker,注意站点是否改变:
1 2 3 4
# vim /etc/docker/daemon.json { "registry-mirrors": ["http://hub-mirror.c.163.com/"] }
1
# systemctl restart docker
下载镜像:
1 2 3 4
# docker pull centos:7 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos 7 eeb6ee3f44bd 2 years ago 204MB
镜像重命名:
1 2 3 4 5
# docker tag centos:7 hub-mirror.c.163.com/library/centos:7 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos 7 eeb6ee3f44bd 2 years ago 204MB hub-mirror.c.163.com/library/centos 7 eeb6ee3f44bd 2 years ago 204MB
导出镜像:
1 2 3
# docker save centos:7 > /tmp/centos7.tar # ls /tmp/centos7.tar /tmp/centos7.tar
删除所有镜像:
1 2 3 4
# docker rmi centos:7 # docker rmi hub-mirror.c.163.com/library/centos:7 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE
导入镜像:
1 2 3 4
# docker load < /tmp/centos7.tar # docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos 7 eeb6ee3f44bd 2 years ago 204MB
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cb15e574f7ef centos:7 "/bin/bash" 50 seconds ago Up 49 seconds vigorous_hypatia
返回旧窗口,退出容器,无法查询正在运行的容器,再次运行一个容器:
1 2 3 4
# exit # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES # docker run -it centos:7 /bin/bash
新建窗口,查看所有容器,包括已经退出的容器,现在有两个,一个运行,一个退出
1 2 3 4
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7aea6bcbee12 centos:7 "/bin/bash" 4 seconds ago Up 3 seconds eager_kalam cb15e574f7ef centos:7 "/bin/bash" About a minute ago Exited (0) 14 seconds ago vigorous_hypatia
查看容器详细信息,后面加运行容器的container id:
1
# docker inspect 7aea6bcbee12
查看停止容器额日志,显示在容器里敲的命令,以日志形式,没敲过命令返回为空
1 2 3 4 5
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7aea6bcbee12 centos:7 "/bin/bash" 26 seconds ago Up 25 seconds eager_kalam cb15e574f7ef centos:7 "/bin/bash" About a minute ago Exited (0) 36 seconds ago vigorous_hypatia # docker logs cb15e574f7ef
删除退出的容器,运行的容器无法删除,接container id:
1 2 3 4 5 6
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8fe020919d9e centos:7 "/bin/bash" 3 minutes ago Up 3 minutes romantic_albattani 803a3fc867f2 centos:7 "/bin/bash" 5 minutes ago Exited (0) 3 minutes ago cranky_lederberg # docker rm cb15e574f7ef cb15e574f7ef
强制删除,开着的容器也能删除:
1 2 3 4
# docker rm -f 7aea6bcbee12 7aea6bcbee12 # docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
启动后台运行容器,容器永久运行,退出shell终端不退退出容器:
1 2
# docker run -d centos:7 /bin/bash -c "while true; do echo "docker"; sleep 5; done" 7d7880eb571aebb35b8683b1c61c9b443662469d9a4f0b304921870e87d17200
-c后带脚本,每5秒输出docker。
1 2 3 4 5 6 7 8 9 10
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7d7880eb571a centos:7 "/bin/bash -c 'while…" 10 seconds ago Up 9 seconds festive_knuth
# docker exec -it 7d7880eb571a /bin/bash # ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11692 1364 ? Ss 15:33 0:00 /bin/bash -c while true; root 13 0.3 0.0 11828 1896 pts/0 Ss 15:34 0:00 /bin/bash root 27 0.0 0.0 4364 348 ? S 15:34 0:00 sleep 5 root 28 0.0 0.0 51732 1700 pts/0 R+ 15:34 0:00 ps aux # exit
停止容器:
1 2 3 4 5 6 7 8
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7d7880eb571a centos:7 "/bin/bash -c 'while…" 56 seconds ago Up 55 seconds festive_knuth
# docker stop 7d7880eb571a 7d7880eb571a # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
# docker run -it centos:7 /bin/bash # yum install -y net-tools # ifconfig # vi /usr/bin/run while true; do echo "running" sleep 5 done
1
# chmod +x /usr/bin/run
新建窗口,在宿主机使用commit命令制作容器镜像:
1 2 3 4 5
# [root@node1 yum.repos.d]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8035adc0beeb centos:7 "/bin/bash" 56 seconds ago Up 56 seconds interesting_liskov # docker commit 8035adc0beeb centos:if sha256:dcd9ec3cae44ea1915b7b304c8a9fb17a1b523141aade5f88d4be42d9722ad87
有一个新的镜像:
1 2 3 4 5
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos if dcd9ec3cae44 9 seconds ago 439MB centos 7 eeb6ee3f44bd 2 years ago 204MB # docker inspect centos:if
删除之前的容器:
1 2 3 4 5 6
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8035adc0beeb centos:7 "/bin/bash" About a minute ago Up About a minute interesting_liskov
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 184bff1ae325 centos:if "/bin/bash" 27 seconds ago Exited (0) 4 seconds ago vigorous_hermann # docker rm -f 184bff1ae325 184bff1ae325
tag如果没指定,默认就是latest。
dockerfile构建镜像实战
相关参数:
参数
说明
FROM
基于哪个基础镜像
MAINTAINER
代表维护者信息
COPY
往镜像里添加文件
RUN
运行命令构建镜像
ENTRYPOINT
镜像启动时运行的命令,不可替换
CMD
镜像启动时运行的命令,可替换
node1
替换centos7基础镜像中的yum源为阿里源,安装ifconfig命令:
1 2 3 4
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos if 00764b23a8e5 2 minutes ago 408MB centos 7 eeb6ee3f44bd 18 months ago 204MB
准备dockerfile文件:
1 2 3 4 5 6
# mkdir -p /docker/yum # vim /docker/yum/dockerfile FROM centos:7 MAINTAINER myname 123456@qq.com COPY CentOS-Base.repo /etc/yum.repos.d/ RUN yum install -y net-tools
# vim /docker/yum/CentOS-Base.repo # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # #
# docker build -t centos:mine /docker/yum/ --load # docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos mine b80e3ef6dbe9 2 minutes ago 439MB centos if dcd9ec3cae44 4 minutes ago 439MB centos 7 eeb6ee3f44bd 2 years ago 204MB
# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1ba33672cdcc centos:mine "/bin/bash" 23 seconds ago Exited (127) Less than a second ago sad_galois # docker rm -f 1ba33672cdcc 1ba33672cdcc
查看镜像信息:
1
# docker inspect centos:mine
dockerfile构建nginx镜像
默认nginx以daemon的方式启动,无永久运行的程序,容器会马上退出:
1
/usr/local/nginx/sbin/nginx
nginx使用永久运行的方式,要指定成这种方式:
1
/usr/local/nginx/sbin/nginx -g "daemon off;"
node1
创建nginx的dockerfile文件:
1
# mkdir -p /docker/nginx
1 2 3 4 5 6
# vim /docker/nginx/dockerfile FROM centos:7 COPY install.sh /docker/nginx/install.sh RUN sh /docker/nginx/install.sh COPY start /usr/bin/start ENTRYPOINT ["start"]
创建nginx安装脚本:
1 2 3 4 5 6 7 8
# vim /docker/nginx/install.sh yum install -y wget tar gcc gcc-c++ make pcre pcre-devel zlib zlib-devel cd /usr/local/src wget http://nginx.org/download/nginx-1.14.2.tar.gz tar -zxf nginx-1.14.2.tar.gz cd nginx-1.14.2 ./configure --prefix=/usr/local/nginx && make && make install \rm -rf /usr/local/src/*
创建启动脚本:
1 2 3
# vim /docker/nginx/start #!/bin/bash /usr/local/nginx/sbin/nginx -g "daemon off;"
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos nginx 7dbd7e8bbca1 12 seconds ago 540MB centos mine b80e3ef6dbe9 7 minutes ago 439MB centos 7 eeb6ee3f44bd 2 years ago 204MB # docker run -d centos:nginx 45c6595b2ef36030ace663275ee29f91ce5a63bff5f393fb909d90bd97e64dd7 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 45c6595b2ef3 centos:nginx "start" 6 seconds ago Up 5 seconds busy_chandrasekhar
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 45c6595b2ef3 centos:nginx "start" 44 seconds ago Up 43 seconds busy_chandrasekhar # docker rm -f 45c6595b2ef3 45c6595b2ef3
dockerfile构建redis镜像
node1
创建redis的dockerfile文件:
1 2 3 4 5 6 7 8
# mkdir -p /docker/redis # vim /docker/redis/dockerfile FROM centos:7 COPY install.sh /docker/redis/install.sh RUN sh /docker/redis/install.sh RUN sed -i -e 's/bind 127.0.0.1/bind 0.0.0.0/g' /usr/local/redis/conf/redis.conf COPY start /usr/bin/start CMD ["start"]
创建redis安装脚本:
1 2 3 4 5 6 7 8 9 10
# vim /docker/redis/install.sh yum install -y wget tar gcc gcc-c++ make openssl openssl-devel cmake cd /usr/local/src wget http://download.redis.io/releases/redis-4.0.9.tar.gz tar xzvf redis-4.0.9.tar.gz cd redis-4.0.9 make && make PREFIX=/usr/local/redis install mkdir -p /usr/local/redis/conf cp redis.conf /usr/local/redis/conf/ \rm -rf /usr/local/src/*
创建启动脚本:
1 2 3
# vim /docker/redis/start #!/bin/bash /usr/local/redis/bin/redis-server /usr/local/redis/conf/redis.conf
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos redis 036dc6b9be22 10 seconds ago 589MB centos nginx 7dbd7e8bbca1 3 minutes ago 540MB centos mine b80e3ef6dbe9 10 minutes ago 439MB centos 7 eeb6ee3f44bd 2 years ago 204MB # docker run -d centos:redis 9ed398aa72ee02560114ec0d321c450b68361c5b3b0f5db8b445ce2c927e6c3b # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9ed398aa72ee centos:redis "start" 15 seconds ago Up 15 seconds relaxed_kepler
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9ed398aa72ee centos:redis "start" About a minute ago Up About a minute relaxed_kepler # docker rm -f 9ed398aa72ee 9ed398aa72ee
nginx+redis多进程镜像
node1
创建多进程的dockerfile:
1 2 3 4 5 6 7 8 9
# mkdir -p /docker/multiproc # vim /docker/multiproc/dockerfile FROM centos:7 COPY install_nginx.sh install_redis.sh /docker/multiproc/ RUN sh /docker/multiproc/install_nginx.sh RUN sh /docker/multiproc/install_redis.sh COPY start /usr/bin/start RUN sed -i -e 's/bind 127.0.0.1/bind 0.0.0.0/g' /usr/local/redis/conf/redis.conf ENTRYPOINT ["start"]
copy行最后的路径,如果有两个及以上安装脚本,末尾要带/表示目录。
添加nginx脚本:
1 2 3 4 5 6 7 8
# vim /docker/multiproc/install_nginx.sh yum install -y wget tar gcc gcc-c++ make pcre pcre-devel zlib zlib-devel cd /usr/local/src wget http://nginx.org/download/nginx-1.14.2.tar.gz tar -zxf nginx-1.14.2.tar.gz cd nginx-1.14.2 ./configure --prefix=/usr/local/nginx && make && make install \rm -rf /usr/local/src/*
添加redis脚本:
1 2 3 4 5 6 7 8 9 10
# vim /docker/multiproc/install_redis.sh yum install -y wget tar gcc gcc-c++ make openssl openssl-devel cmake cd /usr/local/src wget http://download.redis.io/releases/redis-4.0.9.tar.gz tar xzvf redis-4.0.9.tar.gz cd redis-4.0.9 make && make PREFIX=/usr/local/redis install mkdir -p /usr/local/redis/conf cp redis.conf /usr/local/redis/conf/ \rm -rf /usr/local/src/*
创建启动脚本,多进程最后一个进程在后台,前面的进程在前台:
1 2 3 4
# vim /docker/multiproc/start #!/bin/bash /usr/local/nginx/sbin/nginx /usr/local/redis/bin/redis-server /usr/local/redis/conf/redis.conf
# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos multiproc fc67043c0d22 3 minutes ago 795MB centos redis 036dc6b9be22 7 minutes ago 589MB centos nginx 7dbd7e8bbca1 10 minutes ago 540MB centos mine b80e3ef6dbe9 17 minutes ago 439MB centos 7 eeb6ee3f44bd 2 years ago 204MB # docker run -d centos:multiproc f40fc3bf0057f450c5536ef0b4777a666db643a39ed55b499c942e1637133370 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f40fc3bf0057 centos:multiproc "start" 34 seconds ago Up 33 seconds sleepy_kepler
进入容器查看进程:
1 2 3 4 5 6 7 8 9
# docker exec -it f40fc3bf0057 /bin/bash # ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11688 1340 ? Ss 15:57 0:00 /bin/bash /usr/bin/start root 8 0.0 0.0 20548 608 ? Ss 15:57 0:00 nginx: master process /us root 9 0.0 0.0 41724 7912 ? Sl 15:57 0:00 /usr/local/redis/bin/redi nobody 10 0.0 0.0 20988 1048 ? S 15:57 0:00 nginx: worker process root 14 0.0 0.0 11828 1896 pts/0 Ss 15:59 0:00 /bin/bash root 28 0.0 0.0 51732 1728 pts/0 R+ 15:59 0:00 ps aux
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f40fc3bf0057 centos:multiproc "start" About a minute ago Up About a minute sleepy_kepler # docker rm -f f40fc3bf0057 f40fc3bf0057
容器的多种网络模式实战
node1
桥接docker0添加端口映射。
运行一个nginx镜像,指定端口映射,外网端口:容器端口,端口一对一绑定,不能冲突:
1 2
# docker run -d -p 8080:80 centos:nginx c9026c831b852151141d0c69777b3cc5d7863c2d84119ae38daacea8eadf1f59
-p 外网端口:容器端口。
查看端口,进行测试:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
# netstat -tlunp | grep 8080 tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 117050/docker-proxy tcp6 0 0 :::8080 :::* LISTEN 117057/docker-proxy # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c9026c831b85 centos:nginx "start" 24 seconds ago Up 24 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp happy_colden # curl -I 127.0.0.1:8080 HTTP/1.1 200 OK Server: nginx/1.14.2 Date: Fri, 15 Dec 2023 16:00:35 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Fri, 15 Dec 2023 15:47:32 GMT Connection: keep-alive ETag: "657c7514-264" Accept-Ranges: bytes
进入容器进行观察日志:
1 2 3 4 5 6 7
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c9026c831b85 centos:nginx "start" 40 seconds ago Up 40 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp happy_colden
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c9026c831b85 centos:nginx "start" About a minute ago Up About a minute 0.0.0.0:8080->80/tcp, :::8080->80/tcp happy_colden # docker rm -f c9026c831b85 c9026c831b85
127.0.0.1:6381> info Server # Server redis_version:4.0.9 redis_git_sha1:00000000 redis_git_dirty:0 redis_build_id:19568f866346bc29 redis_mode:standalone os:Linux 3.10.0-1160.53.1.el7.x86_64 x86_64 arch_bits:64 multiplexing_api:epoll atomicvar_api:atomic-builtin gcc_version:4.8.5 process_id:9 run_id:b7012e926df3ab4dc75d5847f6035edeca0d0255 tcp_port:6379 uptime_in_seconds:75 uptime_in_days:0 hz:10 lru_clock:1744604 executable:/usr/local/redis/bin/redis-server config_file:/usr/local/redis/conf/redis.conf
127.0.0.1:6381> exit
删除容器:
1 2 3
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ff43d6867995 centos:multiproc "start" About a minute ago Up About a minute 0.0.0.0:8080->80/tcp, :::8080->80/tcp, 0.0.0.0:6381->6379/tcp, :::6381->6379/tcp wizardly_hellman
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 59f740fc18d8 centos:nginx "start" 25 seconds ago Up 25 seconds competent_clarke # docker rm -f 59f740fc18d8 59f740fc18d8
none模式,host网络启动nginx容器,关闭网络,只能进入容器操作:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
# docker run --net=none -d centos:nginx ace4611b903203a15b2146aafe01cd4173b185aa6db3c87a4109f7a40bc059ec # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ace4611b9032 centos:nginx "start" 5 seconds ago Up 4 seconds flamboyant_albattani
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0e172b1049a7 centos:nginx "start" 56 seconds ago Up 56 seconds tender_edison # docker rm -f 0e172b1049a7 0e172b1049a7 # ls /share/ apps logs
启动nginx容器,默认非特权模式:
1 2 3 4 5 6 7
# docker run -d -v /share/logs:/usr/local/nginx/logs -v /share/apps:/usr/local/nginx/html/apps centos:nginx a10fe24b67cf9bcf458d1aec555cc4d437dae6dba19142f4473a2b3e6fac4556 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a10fe24b67cf centos:nginx "start" 5 seconds ago Up 5 seconds kind_neumann # docker exec -it a10fe24b67cf /bin/bash # yum install -y net-tools
无法删除路由:
1 2 3 4 5 6 7 8
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 # route del default gw 172.17.0.1 SIOCDELRT: Operation not permitted # exit
删除容器:
1 2 3 4 5
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a10fe24b67cf centos:nginx "start" 44 seconds ago Up 43 seconds kind_neumann # docker rm -f a10fe24b67cf a10fe24b67cf
添加特权模式,可以删除路由:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
# docker run --privileged=true -d centos:nginx d7f26169719e9ee1328628a7fe42f6ad8eb679a1e505c7e24389f192f980be17 # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d7f26169719e centos:nginx "start" 5 seconds ago Up 4 seconds youthful_brahmagupta
# docker exec -it d7f26169719e /bin/bash # yum install -y net-tools # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 # route del default gw 172.17.0.1 # ping www.baidu.com ping: www.baidu.com: Name or service not known # exit
删除容器:
1 2 3 4 5
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d7f26169719e centos:nginx "start" 35 seconds ago Up 34 seconds youthful_brahmagupta # docker rm -f d7f26169719e d7f26169719e
compose的安装和入门实战
compose说明:
docker命令操作容器比较麻烦。
docker compose可以把容器的命令写入配置文件中,操作容器更加方便。
node1
下载安装compose:
1 2 3 4 5 6 7 8 9 10
# yum install -y python36 # pip3 install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple/ # pip3 install docker-compose -i https://pypi.tuna.tsinghua.edu.cn/simple/ docker-compose # docker-compose version /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend docker-compose version 1.29.2, build unknown docker-py version: 5.0.3 CPython version: 3.6.8 OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
# cd /docker/compose/redis/ # docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "redis_default" with the default driver Creating redis_redis_1 ... done # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 87a08426bf95 centos:redis "start" 6 seconds ago Up 5 seconds redis_redis_1
# docker exec -it 87a08426bf95 /bin/bash # ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11688 1340 ? Ss 16:10 0:00 /bin/bash /usr/bin/start root 7 0.0 0.0 41724 7912 ? Sl 16:10 0:00 /usr/local/redis/bin/redi root 11 0.2 0.0 11828 1904 pts/0 Ss 16:10 0:00 /bin/bash root 25 0.0 0.0 51732 1720 pts/0 R+ 16:10 0:00 ps aux # /usr/local/redis/bin/redis-cli info Server # Server redis_version:4.0.9 redis_git_sha1:00000000 redis_git_dirty:0 redis_build_id:c0215ab40c660531 redis_mode:standalone os:Linux 3.10.0-1160.53.1.el7.x86_64 x86_64 arch_bits:64 multiplexing_api:epoll atomicvar_api:atomic-builtin gcc_version:4.8.5 process_id:6 run_id:0ac34b41b8eb4f58b843c17589c07c60e0110ab6 tcp_port:6379 uptime_in_seconds:93 uptime_in_days:0 hz:10 lru_clock:1746508 executable:/usr/local/redis/bin/redis-server config_file:/usr/local/redis/conf/redis.conf # exit
查看docker-compose容器状态:
1 2 3 4 5 6
# docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- redis_redis_1 start Up
停止并删除容器:
1 2 3 4 5 6 7 8
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping redis_redis_1 ... done Removing redis_redis_1 ... done Removing network redis_default # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
关闭、启动容器:
1 2 3 4 5
# docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "redis_default" with the default driver Creating redis_redis_1 ... done
1 2 3 4 5 6
# docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- redis_redis_1 start Up
1 2 3 4
# docker-compose stop /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping redis_redis_1 ... done
1 2 3 4 5 6
# docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports ------------------------------------------ redis_redis_1 start Exit 137
1 2 3 4
# docker-compose start /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Starting redis ... done
1 2 3 4 5 6
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping redis_redis_1 ... done Removing redis_redis_1 ... done Removing network redis_default
# cd /docker/compose/nginx/ # docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "nginx_default" with the default driver Creating nginx_nginx_1 ... done
1 2 3 4 5 6
# docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- nginx_nginx_1 start Up
1 2 3
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2d50e096aec6 centos:nginx "start" 34 seconds ago Up 34 seconds nginx_nginx_1
# cd /docker/compose/nginx/ # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- nginx_nginx_1 start Up
1 2 3 4 5 6 7 8 9 10 11
# docker-compose exec nginx bash /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend # ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 16:13 ? 00:00:00 /bin/bash /usr/bin/start root 7 1 0 16:13 ? 00:00:00 nginx: master process /usr/local/nginx/sb nobody 8 7 0 16:13 ? 00:00:00 nginx: worker process root 24 0 0 16:15 pts/0 00:00:00 bash root 38 24 0 16:15 pts/0 00:00:00 ps -ef # exit
1 2 3 4 5 6
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping nginx_nginx_1 ... done Removing nginx_nginx_1 ... done Removing network nginx_default
docker-compose管理多个容器:
1 2 3 4 5 6 7 8 9
# mkdir -p /docker/compose/multi # cd /docker/compose/multi/ # vim /docker/compose/multi/docker-compose.yml version: '2' services: redis: image: centos:redis nginx: image: centos:nginx
1 2 3 4 5 6 7 8 9 10 11 12 13
# docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "multi_default" with the default driver Creating multi_nginx_1 ... done Creating multi_redis_1 ... done # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- multi_nginx_1 start Up multi_redis_1 start Up
进入容器:
1 2 3 4 5 6 7 8 9 10 11
# docker-compose exec nginx bash /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend # ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 16:16 ? 00:00:00 /bin/bash /usr/bin/start root 7 1 0 16:16 ? 00:00:00 nginx: master process /usr/local/nginx/sb nobody 8 7 0 16:16 ? 00:00:00 nginx: worker process root 9 0 0 16:16 pts/0 00:00:00 bash root 22 9 0 16:16 pts/0 00:00:00 ps -ef # exit
1 2 3 4 5 6 7 8
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend Stopping multi_redis_1 ... done Stopping multi_nginx_1 ... done Removing multi_redis_1 ... done Removing multi_nginx_1 ... done Removing network multi_default
# docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "multi_default" with the default driver Creating multi_nginx_1 ... done Creating multi_redis_1 ... done # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports ------------------------------------------------------------------------------------------- multi_nginx_1 start Up 0.0.0.0:9090->80/tcp,:::9090->80/tcp,0.0.0.0:8080->80/tcp ,:::8080->80/tcp multi_redis_1 start Up 0.0.0.0:6379->6379/tcp,:::6379->6379/tcp # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 93418b9e7665 centos:redis "start" 46 seconds ago Up 46 seconds 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp multi_redis_1 60efff39c05a centos:nginx "start" 46 seconds ago Up 46 seconds 0.0.0.0:8080->80/tcp, 0.0.0.0:9090->80/tcp, :::8080->80/tcp, :::9090->80/tcp multi_nginx_1
# redis-cli -p 6379 info Server # Server redis_version:4.0.9 redis_git_sha1:00000000 redis_git_dirty:0 redis_build_id:f5edc56b84d57a4e redis_mode:standalone os:Linux 3.10.0-1160.el7.x86_64 x86_64 arch_bits:64 multiplexing_api:epoll atomicvar_api:atomic-builtin gcc_version:4.8.5 process_id:7 run_id:42955c015a5b8abc6937d2c13f93ac2a1d421adb tcp_port:6379 uptime_in_seconds:86 uptime_in_days:0 hz:10 lru_clock:8158305 executable:/usr/local/redis/bin/redis-server config_file:/usr/local/redis/conf/redis.conf
1 2 3 4 5 6 7 8
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping multi_redis_1 ... done Stopping multi_nginx_1 ... done Removing multi_redis_1 ... done Removing multi_nginx_1 ... done Removing network multi_default
# docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "multi_default" with the default driver Creating multi_redis_1 ... done Creating multi_nginx_1 ... done # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- multi_nginx_1 start Up multi_redis_1 start Up
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping multi_nginx_1 ... done Stopping multi_redis_1 ... done Removing multi_nginx_1 ... done Removing multi_redis_1 ... done Removing network multi_default
# cd /docker/compose/nginx/ # docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating nginx_nginx_1 ... done # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- nginx_nginx_1 start Up
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping nginx_nginx_1 ... done Removing nginx_nginx_1 ... done
启动多个容器:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
# cd /docker/compose/redis/ # docker-compose up -d --scale redis=3 /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "redis_default" with the default driver Creating redis_redis_1 ... done Creating redis_redis_2 ... done Creating redis_redis_3 ... done # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports --------------------------------------- redis_redis_1 start Up redis_redis_2 start Up redis_redis_3 start Up
默认进入第一个容器:
1 2 3 4
# docker-compose exec redis bash /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend # exit
指定进入容器:
1 2 3 4
# docker-compose exec --index=2 redis bash /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend # exit
1 2 3 4 5 6 7 8 9 10
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography (40.0) will be the last to support Python 3.6. from cryptography.hazmat.backends import default_backend Stopping redis_redis_3 ... done Stopping redis_redis_2 ... done Stopping redis_redis_1 ... done Removing redis_redis_3 ... done Removing redis_redis_2 ... done Removing redis_redis_1 ... done Removing network redis_default
harbor镜像仓库搭建实战
默认第三方镜像仓库在海外,不允许有太多私有镜像。
harbor镜像仓库安装需求:docker、docker-compose
harbor官网:https://github.com/goharbor/harbor/
node1
下载安装harbor:
1 2 3 4
# cd /usr/local/src/ # wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.0.tgz # tar -zxvf harbor-offline-installer-v1.8.0.tgz # mv harbor /usr/local/harbor
# /usr/local/harbor/install.sh # cd /usr/local/harbor/ # docker-compose ps /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Name Command State Ports ------------------------------------------------------------------------------------------------------------- harbor-core /harbor/start.sh Up (health: starting) harbor-db /entrypoint.sh postgres Up (health: starting) 5432/tcp harbor-jobservice /harbor/start.sh Up harbor-log /bin/sh -c /usr/local/bin/ ... Up (health: starting) 127.0.0.1:1514->10514/tcp harbor-portal nginx -g daemon off; Up (health: starting) 80/tcp nginx nginx -g daemon off; Up (health: starting) 0.0.0.0:80->80/tcp,:::80->80/tcp redis docker-entrypoint.sh redis ... Up 6379/tcp registry /entrypoint.sh /etc/regist ... Up (health: starting) 5000/tcp registryctl /harbor/start.sh Up (health: starting)
# docker-compose down /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Stopping nginx ... done Stopping harbor-portal ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping registry ... done Stopping registryctl ... done Stopping harbor-db ... done Stopping redis ... done Stopping harbor-log ... done Removing nginx ... done Removing harbor-portal ... done Removing harbor-jobservice ... done Removing harbor-core ... done Removing registry ... done Removing registryctl ... done Removing harbor-db ... done Removing redis ... done Removing harbor-log ... done Removing network harbor_harbor
1 2
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1 2 3 4 5 6 7 8 9 10 11 12 13
# docker-compose up -d /usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6. from cryptography.hazmat.backends import default_backend Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating registry ... done Creating registryctl ... done Creating harbor-db ... done Creating redis ... done Creating harbor-core ... done Creating harbor-jobservice ... done Creating harbor-portal ... done Creating nginx ... done
关闭注册功能:
系统管理—>配置管理—>允许自注册(关闭)
退出再次登录就没有注册功能了:
15.harbor镜像仓库的使用
node1
docker默认只允许访问https仓库,http仓库需要额外开启:
1 2 3 4 5
# vim /etc/docker/daemon.json { "registry-mirrors": ["http://hub-mirror.c.163.com/","http://10.80.10.1/"], "insecure-registries": ["http://10.80.10.1"] }
1
# systemctl restart docker
1 2
# cd /usr/local/harbor/ # docker-compose down && docker-compose up -d
镜像推送到自建仓库:
1 2 3 4
# docker tag centos:nginx 10.80.10.1/test/centos:nginx # docker images | grep centos | grep nginx 10.80.10.1/test/centos nginx 7dbd7e8bbca1 41 minutes ago 540MB centos nginx 7dbd7e8bbca1 41 minutes ago 540MB
# vim /etc/docker/daemon.json { "registry-mirrors": ["http://hub-mirror.c.163.com/","http://10.80.10.1/"], "insecure-registries": ["http://10.80.10.1"] }
1
# systemctl restart docker
拉取镜像:
1 2 3 4
# docker pull 10.80.10.1/test/centos:nginx # docker images REPOSITORY TAG IMAGE ID CREATED SIZE 10.80.10.1/test/centos nginx 7dbd7e8bbca1 44 minutes ago 540MB
node1
上传镜像:
1 2 3 4 5 6 7 8 9 10
# docker tag centos:7 10.80.10.1/test/centos:7 # docker images | grep centos centos multiproc fc67043c0d22 37 minutes ago 795MB centos redis 036dc6b9be22 41 minutes ago 589MB centos nginx 7dbd7e8bbca1 44 minutes ago 540MB 10.80.10.1/test/centos nginx 7dbd7e8bbca1 44 minutes ago 540MB centos mine b80e3ef6dbe9 52 minutes ago 439MB 10.80.10.1/test/centos 7 eeb6ee3f44bd 2 years ago 204MB centos 7 eeb6ee3f44bd 2 years ago 204MB # docker push 10.80.10.1/test/centos:7
修改为私有仓库:
项目—>test[项目名称]—>配置管理
1
项目仓库:公开(取消勾选)
node2
拉取私有镜像需要先登录:
1 2 3 4 5 6
# docker login 10.80.10.1 # docker pull 10.80.10.1/test/centos:7 # docker images REPOSITORY TAG IMAGE ID CREATED SIZE 10.80.10.1/test/centos nginx 7dbd7e8bbca1 45 minutes ago 540MB 10.80.10.1/test/centos 7 eeb6ee3f44bd 2 years ago 204MB
运行测试:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
# docker run -d 10.80.10.1/test/centos:nginx 83add4b4a42399aba02476cbba83c0a16071a436b120cf89a1cd77674de17ffb # docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 83add4b4a423 10.80.10.1/test/centos:nginx "start" 5 seconds ago Up 4 seconds friendly_gould # docker exec -it 83add4b4a4 /bin/bash # ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11688 1348 ? Ss 16:33 0:00 /bin/bash /usr/bin/start root 7 0.0 0.0 20548 1548 ? S 16:33 0:00 nginx: master process /usr/local/nginx/sbin/nginx -g daemon off; nobody 8 0.0 0.0 20988 1308 ? S 16:33 0:00 nginx: worker process root 9 0.0 0.0 11828 1900 pts/0 Ss 16:34 0:00 /bin/bash root 23 0.0 0.0 51732 1728 pts/0 R+ 16:34 0:00 ps aux # exit # docker rm -f 83add4b4a4 83add4b4a4