docker
1.安装过程:
如果已经安装过客户端,先进行清理
sudo yum -y remove docker docker-common container-selinux
sudo yum -y remove docker-selinux
安装之前,先更新仓库,添加仓库源地址
sudo yum install -y yum-utils
sudo yum-config-manager \
--add-repo \
https://docs.docker.com/engine/installation/linux/repo_files/centos/docker.repo
如果添加仓库失败,可以先执行
sudo yum-config-manager --enable docker-testing
或者
sudo yum-config-manager --disable docker-testing
sudo yum-config-manager --enable docker-testing
安装docker之前,先更新包索引
sudo yum makecache fast
安装docker,可以先列出所有版本,选择需要版本安装
yum list docker-engine.x86_64 --showduplicates |sort -r
sudo yum -y install docker-engine-<VERSION_STRING>
也可以直接安装最新版
sudo yum -y install docker-engine
启动docker
sudo systemctl start docker
启动helloword测试镜像,没有会自动下载
sudo docker run hello-world
更新docker,先更新包索引,然后安装
sudo yum makecache fast
sudo yum -y upgrade docker-engine
卸载docker
sudo yum -y remove docker-engine
sudo rm -rf /var/lib/docker
如果不想每次都用sudo来获取管理员权限,可以建立用户组
sudo groupadd docker //新建组
sudo usermod -aG docker $USER //添加用户
docker run hello-world //测试
2.配置dockers开机启动
systemd(RHEL, CentOS, Fedora, Ubuntu 16.04 and higher)
sudo systemctl enable docker 开机自启动
sudo systemctl disable docker 取消开机自启动
upstart(Ubuntu 14.10 and below)
默认开机自启动,可以通过以下方法关闭
echo manual | sudo tee /etc/init/docker.override
chkconfi(Oracle Linux 6)
sudo chkconfig docker on
3.查看docker信息
sudo docker version
sudo docker info
4.数据卷
//创建数据卷
sudo docker run --name data -v /data -t -i centos /bin/bash
//可以找到host主机挂载数据卷对应的目录
docker inspect data
//将主机根目录下的Source文件夹作为共享目录挂载到container根下的web文件夹
sudo docker run --name web -v /source/:/web -t -i centos /bin/bash
//同上,只是挂载文件夹只读
sudo docker run --rm --name test -v /source/:/test:ro -t -i centos /bin/bash
5.容器命名
sudo docker run -d -t -i --name test centos bash
持久化镜像
docker save -o webapp.tar 6fae60ef3446
持久化容器
docker export 6fae60ef3446 > webapp.tar
DockerFile的使用
dockerFile相当于Linux中的shell脚本和window批处理文件,通过自动化的脚本程序自动生成所需的镜像文件
docker build -t <待生成的镜像名> <dockerfile所在的文件路径>
ENV 设置环境变量
ADD 往里面拷贝东西
RUN 运行镜像中的命令
EXPOSE 暴露端口
CMD 启动时执行命令,可替代性
源镜像在文件中通过From来指定
6.docker help
Usage: docker COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-D, --debug Enable debug mode
--help Print usage
-H, --host list Daemon socket(s) to connect to (default [])
-l, --log-level string Set the logging level ("debug", "info", "warn", "error", "fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
container Manage containers
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
volume Manage volumes
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
例子一:鲸语者
docker run docker/whalesay cowsay boo-boo
Dockerfile脚本
FROM docker/whalesay:latest
RUN apt-get -y update && apt-get install -y fortunes
CMD /usr/games/fortune -a | cowsay
生成
docker build -t docker-whale .
生成container并启动
docker run docker-whale
container启动方式指定的不同,效果不同。
docker中网络的配置
既然docker是一个虚拟化的轻量解决方案,那么自然我们要考虑它的隔离性和通信问题,如何访问它是我们应用docker的最终问题。
run容器时通过-P或-p指定绑定端口,如果不指定,docker会随机映射一个49000~49900的端口至容器内部开放的网络端口
-p可以指定要映射的端口,并且,在一个指定端口上只能绑定一个容器。
ip:hostPort:containerPort 映射指定地址的特定端口
ip::containerPort 映射指定地址的任意端口
hostPort:containerPort 映射所有地址端口,可以-p多次指定
容器互联
--link 链接容器:链接别名