Docker ~ 從入門到入坑。
文章目錄
- Docker ~ 從入門到入坑。
- 概述。
- Docker 為什麼出現。
- Docker 歷史。
- Docker 能做什麼。
- Docker 基本組成。
- Docker 安裝。
- Docker 卸載。
- 阿里雲鏡像加速。
- 底層原理。
- 常用命令。
- 幫助命令。
- 鏡像命令。
- docker images。
- docker search。
- docker pull。
- docker rmi。
- 容器命令。
- 列出所有運行的容器。
- 列出所有的容器。
- 退出容器。
- 刪除容器。
- 啓動和停止容器。
- 其他常用命令。
- 後台啓動容器。
- 查看日誌。
- 容器中的進程信息 ~ top。
- docker inspect。容器元數據。
- 進入當前正在運行的容器。docker exec / attach。
- 從容器內拷貝文件到主機。
- eg.
- 部署 Nginx。
- 部署 Tomcat。
- Elasticsearch + Kibana。
- -e ~ 環境參數。
- 使用 Kibana 連接 Elasticsearch。
- 可視化 ~ Rancher(CI/CD)。
- 可視化 ~ portainer。
- Docker 鏡像。
- Docker 鏡像加載原理。
- commit 鏡像。
- 容器數據卷。
- 使用命令掛載 -v。
- MySQL 數據。
- 具名掛載 & 匿名掛載。
- 匿名掛載。
- 具名掛載。
- 具名掛載 & 匿名掛載 & 指定路徑掛載。
- DockerFile。
- 數據卷容器。
- 多個數據庫實現數據共享。
- DockerFile。
- DockerFile 指令。
- 創建一個自己的 Centos。
- docker history。鏡像構建詳情。
- CMD & ENTRYPOINT。
- 製作 Tomcat Dokerfile。
- 發佈鏡像。
- 發佈到阿里雲鏡像。
- Docker 網絡。
- docker0。
- --link。
- docker network。
- 自定義網絡 ~ docker network。
- 自己創建一個 Docker network。
- 網絡連通。
- Redis 集羣。
- Spring Boot 微服務打包 Docker 鏡像。
概述。
Docker 為什麼出現。
一款產品,開發 ~ 上線,兩套環境。
“我在我的電腦上可以運行!”。
環境配置十分麻煩,每一台機器都要部署環境(集羣 Redis、ES、Hadoop)。費時費力。
傳統:開發 jar,運維來作。
現在:開發打包部署上線,一套流程做完。
java ~ apk ~ 發佈(應用商店)~ 張三使用 apk ~ 安裝即可用。
java ~ jar(+環境)~ 打包項目帶上環境(鏡像)~(Docker 倉庫:商店)~下載我們發佈的鏡像 ~ 直接運行即可。
Docker 的思想來自於集裝箱。
Docker 歷史。
2010 年,幾個年輕人,在美國成立了一家公司 DotCloud。做一些 PASS 雲計算服務,Linux 的有關的容器技術。他們將自己的技術(容器化技術)命名 Docker。
Docker 剛蛋生的時候,沒有引起行業注意。
↓ ↓ ↓
2013 開源。
2014 年 9 月,Docker 1.0 發佈。
在容器技術出來之前,虛擬機技術。
虛擬機:在 Windows 裝一個 VMWare,要虛擬一台電腦,笨重。
Docker:隔離,鏡像(最核心的環境 4M + jdk + MySQL)十分小巧,運行鏡像即可。
文檔:https://docs.docker.com/
倉庫:https://www.docker.com/products/docker-hub
Docker 能做什麼。
- 虛擬機技術。
資源佔用多。
冗餘步驟多。
啓動慢。
- 容器化技術。
- DevOps(開發、運維)。
- 應用更快速的交付和部署。
傳統:一堆幫助文檔,安裝程序。
Docker:打包鏡像發佈測試,一鍵運行。- 更便捷的升級和擴縮容。
Docker 部署應用就像搭積木一樣,項目打包為一個鏡像。- 更簡單的系統運維。
開發、測試環境高度一致。- 更高效的計算資源。
Docker 是內核級別的虛擬化,可以在一個物理機上運行很多容器實例。服務器的性能可以被壓榨到極致。
Docker 基本組成。
- 鏡像 image。
Docker 鏡像就好比一個模板,可以通過這個模板來創建容器服務,Tomcat 鏡像 --> run --> tomcat01容器(提供服務器),通過這個鏡像可以創建多個容器(最終服務運行或項目運行就是在容器中)。- 容器 container。
Docker 利用容器技術,獨立運行一個或一個組應用,通過鏡像來創建的。可以理解為一個簡易的 Linux 系統。- 倉庫 repository。
倉庫就是存放鏡像的地方。
倉庫分為共有倉庫和私有倉庫。
Docker Hub(默認,國外的)。
阿里雲,華為雲都有容器服務器。配置鏡像加速。
Docker 安裝。
https://docs.docker.com/engine/install/centos/
CentOS 7 安裝 Docker~並更換國內源。
[geek@192 tools_my]$ sudo docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Docker 卸載。
Uninstall Docker Engine
Uninstall the Docker Engine, CLI, and Containerd packages:
$ sudo yum remove docker-ce docker-ce-cli containerd.ioImages, containers, volumes, or customized configuration files on your host are not automatically removed. To delete all images, containers, and volumes:
$ sudo rm -rf /var/lib/dockerYou must delete any edited configuration files manually.
阿里雲鏡像加速。
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://********.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
底層原理。
Docker 是一個 Client - Server 結構的系統,Docker 的守護進程運行在主機上,通過 Socket 從客户端訪問。
Docker Server 接收到 Docker Client 的指令,就會執行這個命令。
- Docker 為什麼比虛擬機快?
Docker 有着比虛擬機更少的抽象層。
Docker 利用的是宿主機的內核,vm 需要是 Guest OS。
所以説,新建一個容器的時候,Docker 不需要像虛擬機一樣重新加載一個操作系統的內核,避免引導。虛擬機是加載 Guest OS,分鐘級別的,而 Docker 是利用宿主機的操作系統,省略了這個複雜的過程。
常用命令。
幫助命令。
docker version # 顯示 Docker 的版本信息。
docker info # 顯示 Docker 的系統信息,包括鏡像和容器的數量。
docker 命令 --help # 幫助命令。
[geek@192 ~]$ sudo docker
[sudo] password for geek:
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST
env var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.https://docs.docker.com/engine/reference/run/
鏡像命令。
docker images。
顯示本地所有鏡像。
[geek@192 ~]$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7.29 413be204e9c3 4 months ago 456MB
hello-world latest fce289e99eb9 20 months ago 1.84kB
REPOSITORY
TAG
IMAGE ID
CREATED
SIZE|
Name, shorthand
|
Default Description
|
|
–all , -a
|
Show all images (default hides intermediate images)
|
|
–digests
|
Show digests
|
|
–filter , -f
|
Filter output based on conditions provided
|
|
–format
|
Pretty-print images using a Go template
|
|
–no-trunc
|
Don’t truncate output
|
|
–quiet , -q
|
Only show numeric IDs
|
docker search。
搜索鏡像。
docker search [OPTIONS] TERM
Extended description
Search Docker Hub for images
For example uses of this command, refer to the examples section below.
Options
|
Name, shorthand
|
Default
|
Description
|
|
–automated (deprecated)
|
Only show automated builds
|
|
|
–filter, -f
|
Filter output based on conditions provided
|
|
|
–format
|
Pretty-print search using a Go template
|
|
|
–limit
|
25
|
Max number of search results
|
|
–no-trunc
|
Don’t truncate output
|
|
|
–stars , -s(deprecated)
|
Only displays with at least x stars
|
docker pull。
下載鏡像。
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
[geek@192 ~]$ sudo docker pull mysql
Using default tag: latest # 如果不寫 tag,默認下載最新版本 latest。
latest: Pulling from library/mysql
d121f8d1c412: Pulling fs layer # 分層下載。docker image 的核心,聯合文件系統。
[geek@192 ~]$ sudo docker pull mysql:5.7.29
5.7.29: Pulling from library/mysql
54fec2fa59d0: Already exists # 分層下載。docker image 的核心,聯合文件系統。
bcc6c6145912: Already exists
951c3d959c9d: Already exists
05de4d0e206e: Pull complete
319f0394ef42: Pull complete
d9185034607b: Pull complete
013a9c64dadc: Pull complete
58b7b840ebff: Pull complete
9b85c0abc43d: Pull complete
bdf022f63e85: Pull complete
35f7f707ce83: Pull complete
Digest: sha256:95b4bc7c1b111906fdb7a39cd990dd99f21c594722735d059769b80312eb57a7
Status: Downloaded newer image for mysql:5.7.29
docker.io/library/mysql:5.7.29
docker rmi。
刪除鏡像。
|
Name, shorthand
|
Default
|
Description
|
|
–force , -f
|
Force removal of the image
|
|
|
–no-prune
|
Do not delete untagged parents
|
docker rmi -f 鏡像 id # 刪除指定的鏡像。
docker rmi -f 鏡像 id 鏡像 id 鏡像 id # 刪除多個鏡像。
docker rmi -f $(docker images -aq) # 刪除全部鏡像。
容器命令。
有了鏡像才可以創建容器。
docker pull centos
docker run --help
docker run [可選參數] image
–name=“容器名”
-d ~ 後台方式運行。
-it ~ 使用交互方式運行,進入容器查看內容。
-p ~ 指定容器端口。
-p ip:主機端口:容器端口。
-p 主機端口:容器端口。(常用)。
-p 容器端口(不需要外部訪問,容器內部端口)。
容器端口。
-P ~ 隨機端口。
列出所有運行的容器。
docker ps
列出所有的容器。
docker ps -a
-n=? # 列出最近創建的容器。
-q # 只顯示容器的編號。
退出容器。
exit # 容器停止並退出。
Ctrl + P + Q # 容器不停止退出。
刪除容器。
docker rm 容器 id。
docker rm -f $(docker ps -aq)
docker ps -a -q | xargs docker rm
啓動和停止容器。
docker start 容器 id。
docker stop 容器 id。
docker restart 容器 id。
docker kill 容器 id。 # 強制。
其他常用命令。
後台啓動容器。
docker run -d centos// 問題。docker ps 發現 centos 停止了。
Docker 容器使用後台運行,就必須要有一個前台進程。docker 發現沒有前台應用,就會自動停止該容器。
eg. Nginx。
查看日誌。
[geek@192 ~]$ sudo docker logs --help
[sudo] password for geek:
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for
42 minutes)
--tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m
for 42 minutes)docker logs -tf -tail 10 容器 id。
容器中的進程信息 ~ top。
docker top 容器 id。
[geek@192 ~]$ sudo docker top be45da4c5b93
UID PID PPID C STIME TTY TIME CMD
polkitd 7501 7486 0 22:33 ? 00:00:01 mysqld
docker inspect。容器元數據。
[geek@192 ~]$ sudo docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type[geek@192 ~]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be45da4c5b93 413be204e9c3 "docker-entrypoint.s…" 4 months ago Up 29 minutes 33060/tcp, 0.0.0.0:3307->3306/tcp mysql_geek
[geek@192 ~]$ sudo docker inspect be45da4c5b93
[
{
"Id": "be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877",
"Created": "2020-04-06T22:15:58.597019498Z",
"Path": "docker-entrypoint.sh",
"Args": [
"mysqld"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 7501,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-08-27T14:33:34.678287048Z",
"FinishedAt": "2020-08-27T14:00:12.753590425Z"
},
"Image": "sha256:413be204e9c34f31476a0680b6521873fb519c749693b181228ff47492a7fe3b",
"ResolvConfPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/hostname",
"HostsPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/hosts",
"LogPath": "/var/lib/docker/containers/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877/be45da4c5b93d8d82753dce660fdbf0184c117bdf72d9ee856665f481f623877-json.log",
"Name": "/mysql_geek",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"3306/tcp": [
{
"HostIp": "",
"HostPort": "3307"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6-init/diff:/var/lib/docker/overlay2/34435b08289bb58d920e294bdc084abb5e7bd8ca6eeeebeac585aa3d58bd1745/diff:/var/lib/docker/overlay2/a956e638e9365fa896fcacfa4819aa45b5126f6f774a33f1b4c22fb8915ea759/diff:/var/lib/docker/overlay2/c9cf19bd7db463e098c5c31c26b6709b78d7482116fc4239a3dcd66b277c8026/diff:/var/lib/docker/overlay2/19454098e97f64a4edc53cd3f5cef4e0ba0d2145a7927845586f2fd209ddaa1a/diff:/var/lib/docker/overlay2/9529736c0acd4d18a5a6540b8af98b2dcf9368948af7121850dd5f693c10a06b/diff:/var/lib/docker/overlay2/8cb480298f4e7d3f54b3ed365fb222e73e2a47b7128dcfc7902952569497a6a3/diff:/var/lib/docker/overlay2/7550a0aad73c643bca6a01239c3709aead185080b909bd7dab9257e5f3f0dfa8/diff:/var/lib/docker/overlay2/998e4a5bc1d6e6a124e25cb69155283da2cdf0472284bac785839be224a62d10/diff:/var/lib/docker/overlay2/49948aaa148f15b67fb990a88ee8aa1c36a311f5b45f3988fcad734a55e11475/diff:/var/lib/docker/overlay2/2462775172a6a17f6e925bb15e47c25c99bb785a83f56ff22e2afba745a024f9/diff:/var/lib/docker/overlay2/d00eb80fb1c1d284d5054c36176f3459e737194cf9b01af83fa2f150ef7b5141/diff",
"MergedDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/merged",
"UpperDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/diff",
"WorkDir": "/var/lib/docker/overlay2/b0db5ee46558d330232ea016336067d1890a948c10a74c5fbcc95ce84809c9b6/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559",
"Source": "/var/lib/docker/volumes/c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559/_data",
"Destination": "/var/lib/mysql",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "be45da4c5b93",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"MYSQL_ROOT_PASSWORD=root",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.7",
"MYSQL_MAJOR=5.7",
"MYSQL_VERSION=5.7.29-1debian10"
],
"Cmd": [
"mysqld"
],
"Image": "mysql:5.7.29",
"Volumes": {
"/var/lib/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "22742b719119538aa2cbe6996586f06fa966624f7017a68041b5fc3b01688e5a",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"3306/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "3307"
}
],
"33060/tcp": null
},
"SandboxKey": "/var/run/docker/netns/22742b719119",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "57d39a8070c00926eb6b93160f6929240f452e60b099f9875dd5f8c3de3e3747",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "38931101b374d0d8b7ff824e014421b6205795b47203d791b5f38c59d3e3cdc9",
"EndpointID": "57d39a8070c00926eb6b93160f6929240f452e60b099f9875dd5f8c3de3e3747",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
進入當前正在運行的容器。docker exec / attach。
docker exec -it 容器 id /bin/bash
docker attach 容器 id。
// # 正在執行的代碼。。。docker exec # 進入容器後開啓一個新的終端。
docker attach # 進入容器正在執行的終端。
從容器內拷貝文件到主機。
docker cp 容器 id :容器內路徑 目的主機路徑。
eg.
部署 Nginx。
sudo docker run -d --name nginx01 -p 3344:80 nginx
-d ~ 後台運行。
–name ~ 容器命名。
-p ~ 宿主機端口:容器內部端口。
sudo docker run -d --name nginx01 -p 3344:80 nginx
部署 Tomcat。
官方。
$ docker run -it --rm tomcat:9.0
// 我們之前啓動都是後台,停止了容器後,容器還是可以查到的。
docker run -it --rm,一般用來測試,用完即刪除。docker run -d -p 3355:8080 --name tomcat01 tomcat
[geek@192 ~]$ sudo docker exec -it tomcat01 bash
root@12e7591a8ba0:/usr/local/tomcat# ll
bash: ll: command not found
root@12e7591a8ba0:/usr/local/tomcat# ls
BUILDING.txt LICENSE README.md RUNNING.txt conf logs temp webapps.dist
CONTRIBUTING.md NOTICE RELEASE-NOTES bin lib native-jni-lib webapps work
root@12e7591a8ba0:/usr/local/tomcat# ls webapps–> 閹割了的。默認最小鏡像。
實際上是藏在了
root@12e7591a8ba0:/usr/local/tomcat# ls webapps.dist/
ROOT docs examples host-manager managercp
root@12e7591a8ba0:/usr/local/tomcat# cp -r webapps.dist/* webapps/
# 就可以了。
Elasticsearch + Kibana。
ES 暴露的端口很多。
ES 十分耗內存。
ES 的數據一般需要放置到安全目錄。掛載。sudo docker run -d --name elasticsearch --net somenetwork -p 9200:9200 -p 9300:9300 -e “discovery.type=single-node” elasticsearch:7.6.2
docker status # 查詢 CPU 狀態。
-e ~ 環境參數。
[geek@192 ~]$ sudo docker run -d --name elasticsearch_my -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms64m -Xmx512m" elasticsearch:7.6.2
c2fcf4c8d46eaf6a8a687f7fd0ed46acd99c17dc9b044694eb818e57fd6fe896
[geek@192 ~]$ curl localhost:9200
{
"name" : "c2fcf4c8d46e",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "xOgyKNJYS6qAjAp14Gd80A",
"version" : {
"number" : "7.6.2",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date" : "2020-03-26T06:34:37.794943Z",
"build_snapshot" : false,
"lucene_version" : "8.4.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
使用 Kibana 連接 Elasticsearch。
可視化 ~ Rancher(CI/CD)。
可視化 ~ portainer。
https://www.portainer.io/installation/
// $ docker volume create portainer_data
$ sudo docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce
Docker 鏡像。
鏡像是一種輕量級、可執行的獨立軟件包,用來打包軟件運行環境和基於運行環境開發的軟件,它包含運行某個軟件所需的所有內容,包括代碼、運行時、庫、環境變量和配置文件。
所有的應用,直接打包 Docker 鏡像,就可以直接跑起來。
得到鏡像方式。
- 從遠程倉庫下載。
- 朋友拷貝。
- 自己製作。DockerFile。
Docker 鏡像加載原理。
- UnionFS(聯合文件系統)。
UnionFS(聯合文件系統):Union 文件系統(UnionFS)是一種分層、輕量級並且高性能的文件系統,ta 支持對文件系統的修改作為一次提交來一層層的疊加,同時可以將不同目錄掛載到同一個虛擬文件系統下(unite several directories into a single virtual filesystem)。 Union 文件系統是 Docker 鏡像的基礎。鏡像可以通過分層來進行繼承,基於基礎鏡像(沒有父鏡像),可以製作各種具體的應用鏡像。
特性:一次同時加載多個文件系統,但從外面看起來,只能到一個文件系統,聯合加載會把各層文件系統疊加起來,這樣最終的文件系統會包含所有底層的文件和目錄。
- Docker 鏡像加載原理。
docker 的鏡像實際上由一層一層的文件系統組成,這種層級的文件系統 UnionFS 。
bootfs(boot file system)主要包含 bootloader 和 kernel。bootloader 主要是引導加載 kernel,Linux 剛啓動時會加載 bootfs 文件系統,在 Docker 鏡像的最底層是 bootfs。這一層與我們典型的 Linux/Unix 系統是一樣的,包含 boot 加載器和內核。當 boot 加載完成之後整個內核就都在內存中了,此時內存的使用權已由 bootfs 轉交給內核,此時系統也會卸載 bootfs 。
rootfs (root file system) ,Gbootfs 之上。包含的就是典型 Linux 系統中的 /dev, /proc, /bin, /etc 等標準目錄和文件。rootfs 就是各種不同的悍作系統發行版, 比如 Ubuntu,Centos 等等。
對於一個精簡的 OS,rootfs 可以很小,只需要包含最基本的命令,工具和程序庫就可以了,因為底層直接用 Host 的 kernel,自己只需要提供 rootfs 就可以了。由此可見對於不同的 linux 發行版,bootfs 基本是一致的,rootfs 會有差別,因此不同的發行版可以共用 bootfs。
commit 鏡像。
docker commit -m=“提交的描述信息。” -a=“作者” 容器id 目標鏡像名:【tag】
容器數據卷。
將應用和環境打包成一個鏡像。
數據?如果數據在容器中,容器刪除了,數據就會丟失。
↓ ↓ ↓
需求:數據持久化。
容器之間數據共享。Docker 容器中產生的數據,同步到本地。
↓ ↓ ↓
卷技術。目錄的掛載,將容器內的目錄掛載到 Linux 上。
容器的持久化和同步操作,容器間也是可以數據共享的。
volume
n. 體積;容積;容量;量;額;音量;響度
使用命令掛載 -v。
docker run -it -v /home/test:/home centos /bin/bash
(宿主機目錄:容器中目錄)。docker inspect 容器 id
可以查看 “Mounts”: {} 信息。
MySQL 數據。
sudo docker run -d -p 3307:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
https://hub.docker.com/_/mysql
Start a mysql server instance
Starting a MySQL instance is simple:
$ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:tag
… where some-mysql is the name you want to assign to your container, my-secret-pw is the password to be set for the MySQL root user and tag is the tag specifying the MySQL version you want. See the list above for relevant tags.
具名掛載 & 匿名掛載。
匿名掛載。
-v 只寫了容器內路徑,沒有寫容器外路徑。
-v 容器內路徑。
sudo docker run -d -P --name nginx01 -v /etc/nginx nginx
查詢所有卷的情況。
sudo docker volume ls
[geek@192 home]$ sudo docker run -d -P --name nginx02 -v /etc/nginx nginx
d2dcf546680909c706dd3a99b258f7c197df09dce3f9b6d2bf765ccd6352996e
[geek@192 home]$ sudo docker volume ls
DRIVER VOLUME NAME
local 26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
local 489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
local af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
local c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
local c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
local portainer_dataVOLUME NAME (…)~ 匿名掛載。
具名掛載。
-v 卷名:容器內路徑。
[geek@192 home]$ sudo docker run -d -P --name nginx01 -v juming-nginx:/etc/nginx nginx
b51e5ff1e5eed7416d1ff319912abf26f99765379ad63adfbf06386ad030ffcd
[geek@192 home]$ sudo docker volume ls
DRIVER VOLUME NAME
local 26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
local 489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
local af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
local c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
local c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
local juming-nginx
local portainer_data所有 Docker 容器內的卷,沒有指定目錄的情況下都是在 /var/lib/docker/volumes/。
[geek@192 home]$ sudo docker volume inspect juming-nginx
[
{
"CreatedAt": "2020-08-28T04:49:02+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/juming-nginx/_data",
"Name": "juming-nginx",
"Options": null,
"Scope": "local"
}
]
[geek@192 home]$ sudo ls /var/lib/docker
[sudo] password for geek:
builder buildkit containers image network overlay2 plugins runtimes swarm tmp trust volumes
[geek@192 home]$ sudo ls /var/lib/docker/volumes
26e2e8983157124a7b1b22c9065d2632b21e9f74285a59dda8e8c50208db7060
489a715c27862b4cd02d07dcd3bc426b8275e2e95aa1e909f2559c166d1a8637
af0464e09659ec3f603f21dc510f7e796c2641b034eed920dad1bbf7dee7aa09
c472cb9f164c403ad8225073e2c64600ccf31ee0cf81cd5cd65fee1b1ae36b96
c7f8b6a9062ee284710b8d3f60eab7ce5da5642f5ca5c1500ece8dd0f2473559
juming-nginx
metadata.db
portainer_data
具名掛載 & 匿名掛載 & 指定路徑掛載。
-v 容器內路徑 ~ 匿名掛載。
-v 卷名:容器內路徑 ~ 具名掛載。
-v /宿主機路徑:容器內路徑 ~ 指定路徑掛載。
通過 -v 容器內路徑:ro rw 改變主讀寫權限。
ro readonly # 只讀。只能通過宿主機改變。
rw readwrite # 可讀可寫。docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx:ro nginx
DockerFile。
用來構建 Docker 鏡像的構建文件。
[geek@192 home]$ sudo vim dockerfile1
[sudo] password for geek:
[geek@192 home]$ cat dockerfile1
from centos
volume ["volume01", "volume02"]
cmd echo " ~ ~ ~ ~ ~ ~ ~ end ~ ~ ~ ~ ~ ~ ~ "
cmd /bin/bashdocker build -f dockerfile -t geek/centos .
[root@192 docker_my]# sudo docker build -f dockerfile1 -t geek/centos .
Sending build context to Docker daemon 2.048kB
Step 1/4 : from centos
latest: Pulling from library/centos
3c72a8ed6814: Pull complete
Digest: sha256:76d24f3ba3317fa945743bb3746fbaf3a0b752f10b10376960de01da70685fbd
Status: Downloaded newer image for centos:latest
---> 0d120b6ccaa8
Step 2/4 : volume ["volume01", "volume02"]
---> Running in 277b718b809d
Removing intermediate container 277b718b809d
---> dfa0fa8cc0e2
Step 3/4 : cmd echo "~~~end~~~"
---> Running in b37dd2e5eb21
Removing intermediate container b37dd2e5eb21
---> 99450a70efa2
Step 4/4 : cmd /bin/bash
---> Running in 08600e6c2e77
Removing intermediate container 08600e6c2e77
---> 451f7a75e694
Successfully built 451f7a75e694
Successfully tagged geek/centos:latestdocker inspect 容器id
假設構建鏡像時沒有掛載卷,要手動掛載 -v 卷名:容器內路徑。
數據卷容器。
[root@192 docker_my]# sudo docker run -it --name docker01 geek/centos
Ctrl + P + Q(大寫狀態下)退出當前容器但不關閉。
docker run -it --name docker02 --volumes-from docker01 centos
啓動第二個鏡像,同步第一個的數據。
[root@192 docker_my]# sudo docker run -it --name docker02 --volumes-from docker01 geek/centos
[root@50a6da234a39 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02- 進入 docker01 touch 一個文件。
[root@192 docker_my]# sudo docker attach docker01
[root@e8335036b13a /]# ls
bin dev docker01 etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@e8335036b13a /]# cd volume01
[root@e8335036b13a volume01]# touch docker01- docker 02 查看。
[root@192 docker_my]# sudo docker attach docker02
[root@50a6da234a39 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume01 volume02
[root@50a6da234a39 /]# cd volume01
[root@50a6da234a39 volume01]# ls
docker01
多個數據庫實現數據共享。
sudo docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=root --name mysql01 mysql:5.7
sudo docker run -d -p 3311:3306 -e MYSQL_ROOT_PASSWORD=root --name mysql02 --volumes-from mysql01 mysql:5.7
容器之間的配置信息傳遞,數據卷容器生命週期一直秩序到沒用容器使用為止。
DockerFile。
DockerFile 是用來構建 docker 鏡像的文件。命令參數腳本。
步驟。
- 編寫一個 dockerfile 文件。
- docker build 構建成為一個鏡像。
- docker run 運行鏡像。
- docker push 發佈鏡像(DockerHub、阿里雲鏡像倉庫)。
每個保留關鍵字(指令)都必須是大寫字母。
指令從上到下順序執行。
# 表示註釋。
每一個指令都會創建提交一個新的鏡像層,並提交。
Dockerfile 是面向開發的。我們以後要發佈項目,做鏡像,就需要編寫 Dockerfile 文件。
Docker 鏡像逐漸成為企業交付的標準。
DockerFile ~ 構建文件,定義了一切的基礎,源代碼。
DockerImage ~ 通過 DockerFile 構建生成的鏡像,最終發佈和運行的產品。
Docker 容器 ~ 鏡像運行起來提供服務器。
DockerFile 指令。
- FROM
這個鏡像的媽媽是誰?
基礎鏡像,一切從這裏開始。 - MAINTAINER
誰負責養 ta。維護者信息。姓名 + 郵箱。 - RUN
鏡像構建時候需要執行的命令。
你想讓 ta 幹啥。(在命令前加上 RUN 即可)。 - ADD
給 ta 點創業基金。(COPY 文件,會自動解壓)。
Tomcat 鏡像,Tomcat 壓縮包。 - WORKDIR
我是 cd,今天剛化了妝。 - VOLUME
給 ta 一個存放行李的地方。設置卷,掛載主機目錄。 - EXPOSE
ta 要打開的門是啥。指定對外的端口。 - RUN
奔跑吧。 - CDM
容器啓動時要運行的命令。只有最後一個會生效,可被替代。 - ENTRYPOINT
容器啓動時要運行的命令。可追加命令。 - ONBUILD
當構建一個被繼承的 DockerFile,會運行 ONBUILD 指令。 - COPY
類似 ADD 命令。將文件拷貝到鏡像。 - ENV
構建時設置環境變量。
創建一個自己的 Centos。
https://hub.docker.com/_/scratch
FROM scratch
This image is most useful in the context of building base images (such as debian and busybox) or super minimal images (that contain only a single binary and whatever it requires, such as hello-world).
As of Docker 1.5.0 (specifically, docker/docker#8827), FROM scratch is a no-op in the Dockerfile, and will not create an extra layer in your image (so a previously 2-layer image will be a 1-layer image instead).
From https://docs.docker.com/engine/userguide/eng-image/baseimages/:
You can use Docker’s reserved, minimal image, scratch, as a starting point for building containers. Using the scratch “image” signals to the build process that you want the next command in the Dockerfile to be the first filesystem layer in your image.
While scratch appears in Docker’s repository on the hub, you can’t pull it, run it, or tag any image with the name scratch. Instead, you can refer to it in your Dockerfile. For example, to create a minimal container using scratch:
FROM scratch
COPY hello /
CMD ["/hello"]- 編寫 DockerFile 文件。
[geek@192 docker_my]$ cat geekdockerfile-centos
FROM centos
MAINTAINER geek<YifanLiGeek@gmail.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo MYPATH
CMD echo " ~ ~ ~ end ~ ~ ~ "
CMD /bin/bash- 構建鏡像。
[geek@192 docker_my]$ sudo docker build -f geekdockerfile-centos -t geekcentos:1.0 .
[sudo] password for geek:
Sending build context to Docker daemon 3.072kB
Step 1/10 : FROM centos
---> 0d120b6ccaa8
Step 2/10 : MAINTAINER geek<YifanLiGeek@gmail.com>
---> Running in 7a6a8439f554
Removing intermediate container 7a6a8439f554
---> 59e173e7c4d0
Step 3/10 : ENV MYPATH /usr/local
---> Running in 9f8ae4f21974
Removing intermediate container 9f8ae4f21974
---> 8f16e7d0dee3
Step 4/10 : WORKDIR $MYPATH
---> Running in 2edf61a0944c
Removing intermediate container 2edf61a0944c
---> 82fe516a0098
Step 5/10 : RUN yum -y install vim
---> Running in a10739bb0bd6
CentOS-8 - AppStream 801 kB/s | 5.8 MB 00:07
CentOS-8 - Base 329 kB/s | 2.2 MB 00:06
CentOS-8 - Extras 11 kB/s | 8.1 kB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-13.el8 AppStream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-15.el8 AppStream 39 k
vim-common x86_64 2:8.0.1763-13.el8 AppStream 6.3 M
vim-filesystem noarch 2:8.0.1763-13.el8 AppStream 48 k
which x86_64 2.21-12.el8 BaseOS 49 k
Transaction Summary
================================================================================
Install 5 Packages
Total download size: 7.8 M
Installed size: 31 M
Downloading Packages:
(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 116 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-13.el8.noarch.rp 123 kB/s | 48 kB 00:00
(3/5): which-2.21-12.el8.x86_64.rpm 133 kB/s | 49 kB 00:00
(4/5): vim-enhanced-8.0.1763-13.el8.x86_64.rpm 239 kB/s | 1.4 MB 00:05
(5/5): vim-common-8.0.1763-13.el8.x86_64.rpm 605 kB/s | 6.3 MB 00:10
--------------------------------------------------------------------------------
Total 677 kB/s | 7.8 MB 00:11
CentOS-8 - AppStream 711 kB/s | 1.6 kB 00:00
warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/gpm-libs-1.20.7-15.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-12.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-13.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-13.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-13.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-13.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-13.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-13.el8.noarch 4/5
Verifying : which-2.21-12.el8.x86_64 5/5
Installed:
gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-13.el8.x86_64
vim-enhanced-2:8.0.1763-13.el8.x86_64 vim-filesystem-2:8.0.1763-13.el8.noarch
which-2.21-12.el8.x86_64
Complete!
Removing intermediate container a10739bb0bd6
---> 18140b90867c
Step 6/10 : RUN yum -y install net-tools
---> Running in f7ecade2e25a
Last metadata expiration check: 0:00:27 ago on Sun Sep 27 11:44:55 2020.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
net-tools x86_64 2.0-0.51.20160912git.el8 BaseOS 323 k
Transaction Summary
================================================================================
Install 1 Package
Total download size: 323 k
Installed size: 1.0 M
Downloading Packages:
net-tools-2.0-0.51.20160912git.el8.x86_64.rpm 262 kB/s | 323 kB 00:01
--------------------------------------------------------------------------------
Total 172 kB/s | 323 kB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Running scriptlet: net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Verifying : net-tools-2.0-0.51.20160912git.el8.x86_64 1/1
Installed:
net-tools-2.0-0.51.20160912git.el8.x86_64
Complete!
Removing intermediate container f7ecade2e25a
---> d37dcf6d3fb6
Step 7/10 : EXPOSE 80
---> Running in 8345ea0cbfc2
Removing intermediate container 8345ea0cbfc2
---> a4d0c5f4c818
Step 8/10 : CMD echo MYPATH
---> Running in ec4321339933
Removing intermediate container ec4321339933
---> fcecaec0b0cf
Step 9/10 : CMD echo " ~ ~ ~ end ~ ~ ~ "
---> Running in edbba0ef11bd
Removing intermediate container edbba0ef11bd
---> 1276d020e5dc
Step 10/10 : CMD /bin/bash
---> Running in 6c684095a302
Removing intermediate container 6c684095a302
---> e7171d8d341f
Successfully built e7171d8d341f
Successfully tagged geekcentos:1.0
[geek@192 docker_my]$- 可以進入使用。
[geek@192 docker_my]$ sudo docker run -it geekcentos:1.0
[root@aebce65180c4 local]# pwd
/usr/local
[root@aebce65180c4 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.4 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:04 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@aebce65180c4 local]# vim test
[root@aebce65180c4 local]#
docker history。鏡像構建詳情。
[geek@192 docker_my]$ sudo docker history geekcentos:1.0
IMAGE CREATED CREATED BY SIZE COMMENT
e7171d8d341f 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
1276d020e5dc 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
fcecaec0b0cf 5 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
a4d0c5f4c818 5 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
d37dcf6d3fb6 5 minutes ago /bin/sh -c yum -y install net-tools 22.8MB
18140b90867c 6 minutes ago /bin/sh -c yum -y install vim 57.2MB
82fe516a0098 6 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
8f16e7d0dee3 6 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
59e173e7c4d0 6 minutes ago /bin/sh -c #(nop) MAINTAINER geek<YifanLiGe… 0B
0d120b6ccaa8 6 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 6 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 6 weeks ago /bin/sh -c #(nop) ADD file:538afc0c5c964ce0d… 215MB[geek@192 docker_my]$ sudo docker history mysql:5.7
IMAGE CREATED CREATED BY SIZE COMMENT
ef08065b0a30 2 weeks ago /bin/sh -c #(nop) CMD ["mysqld"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 3306 33060 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["docker-entry… 0B
<missing> 2 weeks ago /bin/sh -c ln -s usr/local/bin/docker-entryp… 34B
<missing> 2 weeks ago /bin/sh -c #(nop) COPY file:7cbb26bbdb8e71b3… 13.2kB
<missing> 2 weeks ago /bin/sh -c #(nop) VOLUME [/var/lib/mysql] 0B
<missing> 2 weeks ago /bin/sh -c { echo mysql-community-server m… 313MB
<missing> 2 weeks ago /bin/sh -c echo "deb http://repo.mysql.com/a… 55B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV MYSQL_VERSION=5.7.31-… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV MYSQL_MAJOR=5.7 0B
<missing> 2 weeks ago /bin/sh -c set -ex; key='A4A9406876FCBD3C45… 2.61kB
<missing> 2 weeks ago /bin/sh -c apt-get update && apt-get install… 52.2MB
<missing> 2 weeks ago /bin/sh -c mkdir /docker-entrypoint-initdb.d 0B
<missing> 2 weeks ago /bin/sh -c set -eux; savedAptMark="$(apt-ma… 4.17MB
<missing> 2 weeks ago /bin/sh -c #(nop) ENV GOSU_VERSION=1.12 0B
<missing> 2 weeks ago /bin/sh -c apt-get update && apt-get install… 9.34MB
<missing> 2 weeks ago /bin/sh -c groupadd -r mysql && useradd -r -… 329kB
<missing> 2 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:e7407f2294ad23634… 69.2MB
CMD & ENTRYPOINT。
- CDM
容器啓動時要運行的命令。只有最後一個會生效,可被替代。 - ENTRYPOINT
容器啓動時要運行的命令。可追加命令。
[geek@192 docker_my]$ sudo vim dockerfile-cmd-test
[sudo] password for geek:
[geek@192 docker_my]$ cat dockerfile-cmd-test
from centos
cmd ["ls", "-a"]
[geek@192 docker_my]$ sudo docker build -f dockerfile-cmd-test -t cmdtest .
Sending build context to Docker daemon 4.096kB
Step 1/2 : from centos
---> 0d120b6ccaa8
Step 2/2 : cmd ["ls", "-a"]
---> Running in f65d2334921a
Removing intermediate container f65d2334921a
---> 8c37ba39e701
Successfully built 8c37ba39e701
Successfully tagged cmdtest:latest- 執行,命令生效。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var- 加命令參數,報錯。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701 -l
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"-l\": executable file not found in $PATH": unknown.
// 需要完整命令。
[geek@192 docker_my]$ sudo docker run 8c37ba39e701 ls -l
total 0
lrwxrwxrwx. 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Sep 27 12:15 dev
drwxr-xr-x. 1 root root 66 Sep 27 12:15 etc
drwxr-xr-x. 2 root root 6 May 11 2019 home
lrwxrwxrwx. 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------. 2 root root 6 Aug 9 21:40 lost+found
drwxr-xr-x. 2 root root 6 May 11 2019 media
drwxr-xr-x. 2 root root 6 May 11 2019 mnt
drwxr-xr-x. 2 root root 6 May 11 2019 opt
dr-xr-xr-x. 129 root root 0 Sep 27 12:15 proc
dr-xr-x---. 2 root root 162 Aug 9 21:40 root
drwxr-xr-x. 11 root root 163 Aug 9 21:40 run
lrwxrwxrwx. 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 May 11 2019 srv
dr-xr-xr-x. 13 root root 0 Sep 27 05:38 sys
drwxrwxrwt. 7 root root 145 Aug 9 21:40 tmp
drwxr-xr-x. 12 root root 144 Aug 9 21:40 usr
drwxr-xr-x. 20 root root 262 Aug 9 21:40 var- ENTRYPOINT。
容器啓動時要運行的命令。可追加命令。- ENTRYPOINT
容器啓動時要運行的命令。可追加命令。
[geek@192 docker_my]$ sudo vim dockerfile-cmd-entrypoint
[geek@192 docker_my]$ cat dockerfile-cmd-entrypoint
from centos
entrypoint ["ls", "-a"]
[geek@192 docker_my]$ sudo docker build -f dockerfile-cmd-entrypoint -t entrypoint-test .
Sending build context to Docker daemon 5.12kB
Step 1/2 : from centos
---> 0d120b6ccaa8
Step 2/2 : entrypoint ["ls", "-a"]
---> Running in 49dd42d79208
Removing intermediate container 49dd42d79208
---> 5f296513ccf5
Successfully built 5f296513ccf5
Successfully tagged entrypoint-test:latest
[geek@192 docker_my]$ sudo docker run 5f296513ccf5
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var- 追加命令參數。
[geek@192 docker_my]$ sudo docker run 5f296513ccf5 -l
total 0
drwxr-xr-x. 1 root root 6 Sep 27 12:20 .
drwxr-xr-x. 1 root root 6 Sep 27 12:20 ..
-rwxr-xr-x. 1 root root 0 Sep 27 12:20 .dockerenv
lrwxrwxrwx. 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Sep 27 12:20 dev
drwxr-xr-x. 1 root root 66 Sep 27 12:20 etc
drwxr-xr-x. 2 root root 6 May 11 2019 home
lrwxrwxrwx. 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------. 2 root root 6 Aug 9 21:40 lost+found
drwxr-xr-x. 2 root root 6 May 11 2019 media
drwxr-xr-x. 2 root root 6 May 11 2019 mnt
drwxr-xr-x. 2 root root 6 May 11 2019 opt
dr-xr-xr-x. 129 root root 0 Sep 27 12:20 proc
dr-xr-x---. 2 root root 162 Aug 9 21:40 root
drwxr-xr-x. 11 root root 163 Aug 9 21:40 run
lrwxrwxrwx. 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 May 11 2019 srv
dr-xr-xr-x. 13 root root 0 Sep 27 05:38 sys
drwxrwxrwt. 7 root root 145 Aug 9 21:40 tmp
drwxr-xr-x. 12 root root 144 Aug 9 21:40 usr
drwxr-xr-x. 20 root root 262 Aug 9 21:40 var
製作 Tomcat Dokerfile。
- 準備 tomcat 和 jdk 壓縮包。
- 編寫 dockerfile 文件。官方命名
Dockerfile。build 會自動尋找這個文件,就不需要 -f 指定文件了。
[geek@192 tools_my]$ sudo vim Dockerfile
[sudo] password for geek:
[geek@192 tools_my]$ cat Dockerfilefrom centos
maintainer geek<YifanLiGeek@gmail.com>
copy readme.txt /usr/local/readme.txt
add jdk-8u241-linux-x64.tar.gz /usr/local
add apache-tomcat-9.0.38.tar.gz /usr/local
run yum -y install vim
env MYPATH /usr/local
workdir $MYPATH
env JAVA_HOME /usr/local/jdk1.8.0_241
env CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
env CATALINA_HOME /usr/local/apache-tomcat-9.0.38
env CATALINA_BASE /usr/local/apache-tomcat-9.0.38
env PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
expose 8080
cmd /usr/local/apache-tomcat-9.0.38/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.38/bin/logs/catalina.out[geek@192 docker_my]$ sudo docker build -t diytomcat .
Sending build context to Docker daemon 205.8MB
Step 1/15 : from centos
---> 0d120b6ccaa8
Step 2/15 : maintainer geek<YifanLiGeek@gmail.com>
---> Using cache
---> 59e173e7c4d0
Step 3/15 : copy readme.txt /usr/local/readme.txt
---> eb47195826b2
Step 4/15 : add jdk-8u241-linux-x64.tar.gz /usr/local
---> 867538925102
Step 5/15 : add apache-tomcat-9.0.38.tar.gz /usr/local
---> c497c5c1cb19
Step 6/15 : run yum -y install vim
---> Running in baa59aed44d6
CentOS-8 - AppStream 2.8 MB/s | 5.8 MB 00:02
CentOS-8 - Base 518 kB/s | 2.2 MB 00:04
CentOS-8 - Extras 4.1 kB/s | 8.1 kB 00:02
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
vim-enhanced x86_64 2:8.0.1763-13.el8 AppStream 1.4 M
Installing dependencies:
gpm-libs x86_64 1.20.7-15.el8 AppStream 39 k
vim-common x86_64 2:8.0.1763-13.el8 AppStream 6.3 M
vim-filesystem noarch 2:8.0.1763-13.el8 AppStream 48 k
which x86_64 2.21-12.el8 BaseOS 49 k
Transaction Summary
================================================================================
Install 5 Packages
Total download size: 7.8 M
Installed size: 31 M
Downloading Packages:
(1/5): gpm-libs-1.20.7-15.el8.x86_64.rpm 113 kB/s | 39 kB 00:00
(2/5): vim-filesystem-8.0.1763-13.el8.noarch.rp 143 kB/s | 48 kB 00:00
(3/5): vim-enhanced-8.0.1763-13.el8.x86_64.rpm 1.4 MB/s | 1.4 MB 00:00
(4/5): which-2.21-12.el8.x86_64.rpm 84 kB/s | 49 kB 00:00
(5/5): vim-common-8.0.1763-13.el8.x86_64.rpm 4.2 MB/s | 6.3 MB 00:01
--------------------------------------------------------------------------------
Total 2.8 MB/s | 7.8 MB 00:02
warning: /var/cache/dnf/AppStream-02e86d1c976ab532/packages/gpm-libs-1.20.7-15.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS-8 - AppStream 1.3 MB/s | 1.6 kB 00:00
Importing GPG key 0x8483C65D:
Userid : "CentOS (CentOS Official Signing Key) <security@centos.org>"
Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : which-2.21-12.el8.x86_64 1/5
Installing : vim-filesystem-2:8.0.1763-13.el8.noarch 2/5
Installing : vim-common-2:8.0.1763-13.el8.x86_64 3/5
Installing : gpm-libs-1.20.7-15.el8.x86_64 4/5
Running scriptlet: gpm-libs-1.20.7-15.el8.x86_64 4/5
Installing : vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-enhanced-2:8.0.1763-13.el8.x86_64 5/5
Running scriptlet: vim-common-2:8.0.1763-13.el8.x86_64 5/5
Verifying : gpm-libs-1.20.7-15.el8.x86_64 1/5
Verifying : vim-common-2:8.0.1763-13.el8.x86_64 2/5
Verifying : vim-enhanced-2:8.0.1763-13.el8.x86_64 3/5
Verifying : vim-filesystem-2:8.0.1763-13.el8.noarch 4/5
Verifying : which-2.21-12.el8.x86_64 5/5
Installed:
gpm-libs-1.20.7-15.el8.x86_64 vim-common-2:8.0.1763-13.el8.x86_64
vim-enhanced-2:8.0.1763-13.el8.x86_64 vim-filesystem-2:8.0.1763-13.el8.noarch
which-2.21-12.el8.x86_64
Complete!
Removing intermediate container baa59aed44d6
---> 52f81092e768
Step 7/15 : env MYPATH /usr/local
---> Running in 757ab2fde799
Removing intermediate container 757ab2fde799
---> ee4a54d9e1b5
Step 8/15 : workdir $MYPATH
---> Running in fceb9a3b8308
Removing intermediate container fceb9a3b8308
---> a23a98e63f82
Step 9/15 : env JAVA_HME /usr/local/jdk1.8.0_241
---> Running in fd4863abcc08
Removing intermediate container fd4863abcc08
---> 13ebbd91349c
Step 10/15 : env CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
---> Running in 3c6aaf9174ad
Removing intermediate container 3c6aaf9174ad
---> bbe127f3db64
Step 11/15 : env CATALINA_HOME /usr/local/apache-tomcat-9.0.38
---> Running in 5beccdaec8bc
Removing intermediate container 5beccdaec8bc
---> b624ffaf2a6c
Step 12/15 : env CATALINA_BASE /usr/local/apache-tomcat-9.0.38
---> Running in de92ff94de61
Removing intermediate container de92ff94de61
---> 7e9ffb9ea42d
Step 13/15 : env PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
---> Running in 2c02db50f557
Removing intermediate container 2c02db50f557
---> 8df2f1efd106
Step 14/15 : expose 8080
---> Running in a203cd3bf0ee
Removing intermediate container a203cd3bf0ee
---> a815a675b1af
Step 15/15 : cmd /usr/local/apache-tomcat-9.0.38/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.38/bin/logs/catalina.out
---> Running in 643d2ac55eb6
Removing intermediate container 643d2ac55eb6
---> 0ea70d093e7b
Successfully built 0ea70d093e7b
Successfully tagged diytomcat:latest[geek@192 docker_my]$ sudo docker run -d -p 9090:8080 --name geektomcat -v /home/geek/build/tomcat/test:/usr/local/apache-tomcat-9.0.38/webapps/test -v /home/geek/build/tomcat/tomcatlogs:/usr/local/apache-tomcat-9.0.38/logs diytomcat
[sudo] password for geek:
584bfb4a1c2720abf4bf590b714f66a5c55c3a6c71d59355ab83f833bef9ea5e
發佈鏡像。
[geek@192 ~]$ sudo docker login --help
[sudo] password for geek:
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username[geek@192 ~]$ sudo docker login -u lyfgeek
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded[geek@192 ~]$ sudo docker push diytomcat
sudo docker push geek/diytomcat
發佈到阿里雲鏡像。
Docker 網絡。
docker0。
sudo docker run -d -P --name tomcat01 tomcat
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever虛擬機可以 ping 通。
[geek@192 ~]$ ping -c 3 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.736 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.059 ms
--- 172.17.0.3 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 0.058/0.284/0.736/0.319 ms每啓動一個 docker 容器,docker 就會給 docker 容器分配一個 ip,我們只要安裝了 docker,就會有一個網卡 docker0。
橋接模式。使用的是 `veth-pair`` 技術。
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:8d:5f:fb:08 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:8dff:fe5f:fb08/64 scope link
valid_lft forever preferred_lft forever- 每啓動一個容器後,會多一個網卡。
容器內網卡。
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever宿主機網卡。
37: vethfa29654@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f6:0f:41:f3:ec:7b brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::f40f:41ff:fef3:ec7b/64 scope link
valid_lft forever preferred_lft forever有對應關係。37 ~ 36。
veth-pair 就是成對的虛擬設備接口,ta 們都是成對出現,一端連接着協議,一端連接彼此。
OpenStack,OVS,Docker 容器之間的連接都是使用 veth-pair 技術。
sudo docker run -d -P --name tomcat01 tomcat
sudo docker exec -it tomcat01 ip addrsudo docker run -d -P --name tomcat02 tomcat
sudo docker exec -it tomcat02 ip addr
[geek@192 ~]$ sudo docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
36: eth0@if37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[geek@192 ~]$ sudo docker exec -it tomcat02 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
38: eth0@if39: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever- 宿主機。
[geek@192 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:a7:c5:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.142.161/24 brd 192.168.142.255 scope global noprefixroute dynamic ens33
valid_lft 5429865sec preferred_lft 5429865sec
inet6 fe80::be3c:cd3d:4ef4:38c4/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:8d:5f:fb:08 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:8dff:fe5f:fb08/64 scope link
valid_lft forever preferred_lft forever
5: veth454806f@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 9a:f7:79:94:a6:d6 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::98f7:79ff:fe94:a6d6/64 scope link
valid_lft forever preferred_lft forever
37: vethfa29654@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f6:0f:41:f3:ec:7b brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::f40f:41ff:fef3:ec7b/64 scope link
valid_lft forever preferred_lft forever
39: veth2e9ce8c@if38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether a2:1b:35:6a:27:84 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::a01b:35ff:fe6a:2784/64 scope link
valid_lft forever preferred_lft forever共用一個路由器 docker0。
172.17.0.3/16
11111111.11111111.11111111.11111111
255.255.255.255
16 ~ 在 255.255. 下是同一網段。
可以分配 255.255.0.1 ~ 255.255.255.254 個 ip。
Docker 中所有的網絡接口都是虛擬的。虛擬的轉發效率高。
問題:mysql 容器 ip 不固定的情況下,ip 換了,怎麼通過名字訪問容器。
–link。
[geek@192 ~]$ sudo docker exec -it tomcat01 ping tomcat02
[sudo] password for geek:
ping: tomcat02: Name or service not known- 通過 --link 指定需要連通的容器。
[geek@192 ~]$ sudo docker run -d -P --name tomcat03 --link tomcat02 tomcat
f21254e5bf8ae2faa8c1ebe1216386f3af7c3990cba24d27b86ef07816d145a9
[geek@192 ~]$ sudo docker exec -it tomcat03 ping tomcat02
PING tomcat02 (172.17.0.4) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.4): icmp_seq=1 ttl=64 time=1.78 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=2 ttl=64 time=0.496 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=3 ttl=64 time=0.117 ms反向不能 ping 通。
sudo docker exec -it tomcat02 ping tomcat03
ping: tomcat03: Name or service not known
docker network。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
d9c358e6c89b none null local
[geek@192 ~]$ sudo docker network inspect 76de49ccecf8
[
{
"Name": "bridge",
"Id": "76de49ccecf840b34c1d0987998bd1639c6d7c73aa10b948638b7a530ef01ede",
"Created": "2020-09-27T14:05:02.258994481+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"0cc1df6854e9381778be9c1498fe684fa495642f6558f469dd9496931eaa3abc": {
"Name": "mysql_geek",
"EndpointID": "bab4b6ec511d42a16a73420a88c46fb80b67b4b6a81743946be2fc131bd247bf",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"97b0a19224b49e4d69b47ba00e14d63dc97318ecd1c7b0efbde291efc35be1d3": {
"Name": "tomcat02",
"EndpointID": "503d85c5335b1cc8c9e4f333b557394e9f05b5d2f9616bc3a833cba6f54549ff",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"b03c201ac7a98ca9bfd37c5ae9102d3f7a4ebb71ebc16e120cd8b2d334ae67d1": {
"Name": "tomcat01",
"EndpointID": "840ec23feb39efc4b04f61ed6f5038141a665a818a881517ecefac309f82b59e",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"f21254e5bf8ae2faa8c1ebe1216386f3af7c3990cba24d27b86ef07816d145a9": {
"Name": "tomcat03",
"EndpointID": "5387febc652ae42927d7d606116daaa28afb39eb34250478a74366244eb790db",
"MacAddress": "02:42:ac:11:00:05",
"IPv4Address": "172.17.0.5/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]本質:其實是修改了 host。
[geek@192 ~]$ sudo docker exec -it tomcat03 cat /etc/hosts
[sudo] password for geek:
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.4 tomcat02 97b0a19224b4
172.17.0.5 f21254e5bf8a
自定義網絡 ~ docker network。
- 查看 docker 所有網絡。
[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
d9c358e6c89b none null local- 網絡模式。
–net=bridge ~ 橋接 docker(默認)。在 Docker 網橋 docker0 上為容器創建新的網絡棧。
–net=none ~ 不配置網絡,用户可以稍後進入容器,自行配置。
–net=host ~ 和宿主機共享網絡。
–net=container:name/id ~ 容器網絡連通。(用的少,侷限很大)。容器和另外一個容器共享 network namespace。kubernetes 中的 pod 就是多個容器共享一個 network namespace。
–net=host ~ 容器和宿主機共享 Network namespace。
-net=自定義網絡 ~ 用户自定義。用户自己使用 network 相關命令定義網絡。創建容器時可以指定為自己定義的網絡。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networkssudo docker run -d -P --name tomcat01 tomcat
默認 --net bridge。
==
sudo docker run -d -P --name tomcat01 --net bridge tomcat
[geek@192 ~]$ sudo docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segmentdocker0 網絡的特點。
ta 是默認的。
域名訪問不通。
–link 域名可通,但是刪了又不行。
自己創建一個 Docker network。
sudo docker network create --driver bridge --gateway 192.169.0.1 --subnet 192.168.0.0/16
[geek@192 ~]$ sudo docker network create -d bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1
[geek@192 ~]$ sudo docker network ls
NETWORK ID NAME DRIVER SCOPE
76de49ccecf8 bridge bridge local
ec29149b6a96 host host local
effcb11190c0 mynet bridge local
d9c358e6c89b none null local–subnet 192.168.0.0/16
192.168.0.2 ~ 192.168.255.254
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {},
"Labels": {}
}
][geek@192 ~]$ sudo docker run -d -P --name tomcat-net-01 --net mynet tomcat
e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f
[geek@192 ~]$ sudo docker run -d -P --name tomcat-net-02 --net mynet tomcat
015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce": {
"Name": "tomcat-net-02",
"EndpointID": "b22b0b26623404ab255ec2f1836acc527444f17ee5df00ce06985e9212198d32",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f": {
"Name": "tomcat-net-01",
"EndpointID": "f469d5a66c629bcd47f21351be9422100a5089cfaf82b92ea72e2b9eaf20ec06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]- 可以通過容器名 ping。
[geek@192 ~]$ sudo docker exec -it tomcat-net-01 ping 192.168.0.1 -c 3
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.061 ms
64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.065 ms
--- 192.168.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 0.061/0.063/0.065/0.009 ms
[geek@192 ~]$ sudo docker exec -it tomcat-net-01 ping tomcat-net-02 -c 3
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.097 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.074 ms
--- tomcat-net-02 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 0.069/0.080/0.097/0.012 mstomcat-net-02 也可以 ping 通 tomcat-net-01。
網絡連通。
[geek@192 ~]$ sudo docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.[geek@192 ~]$ sudo docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
- 將 tomcat01 和 mynet 連通。
[geek@192 ~]$ sudo docker network connect mynet tomcat01
[geek@192 ~]$ sudo docker network inspect mynet
[
{
"Name": "mynet",
"Id": "effcb11190c0f0a9ee2db7787a3fe8394461632fc9501d8930fe388ebeb851c1",
"Created": "2020-09-28T01:06:52.989259998+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"015335e5c354fdaaac3ece68cbaf395308a6099fdcf634c95596ebe306be9dce": {
"Name": "tomcat-net-02",
"EndpointID": "b22b0b26623404ab255ec2f1836acc527444f17ee5df00ce06985e9212198d32",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"b03c201ac7a98ca9bfd37c5ae9102d3f7a4ebb71ebc16e120cd8b2d334ae67d1": {
"Name": "tomcat01",
"EndpointID": "3625c6b09b4b667a7bc5b3f5a4361c978434047dd3c78600420e594f59410ee3",
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"e3d0ec74cce10653f1a5e93c81c5abf4cea12254f0bf3c6e7191ef913fa8ba7f": {
"Name": "tomcat-net-01",
"EndpointID": "f469d5a66c629bcd47f21351be9422100a5089cfaf82b92ea72e2b9eaf20ec06",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
][geek@192 ~]$ sudo docker exec -it tomcat01 ping tomcat-net-01 -c 3
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.124 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.110 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.091 ms
--- tomcat-net-01 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.091/0.108/0.124/0.016 ms
Redis 集羣。
sudo docker rm -f $(docker ps -aq)
[geek@192 ~]$ sudo docker network create redis --subnet 172.38.0.0/16
0f4542f770770adbebf8b22b90d0296018c026e649525a8a181f16152f667200for port in $(seq 1 6)
do
mkdir -p /home/geek/geek/mydata/redis/node-${port}/conf
touch /home/geek/geek/mydata/redis/node-${port}/conf/redis.conf
cat << EOF > /home/geek/geek/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-announce-ip 172.38.0.1${port}
cluster-announce-bus-port 16379
appendonly yes
EOF
donesudo docker run -p 6371:6379 -p 16371:16379 --name redis-1 \
-v /home/geek/geek/mydata/redis/node-1/data \
-v /home/geek/geek/mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.11 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.confsudo docker run -p 6372:6379 -p 16372:16379 --name redis-2 \
-v /home/geek/geek/mydata/redis/node-2/data \
-v /home/geek/geek/mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.12 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.confsudo docker run -p 6373:6379 -p 16373:16379 --name redis-3 \
-v /home/geek/geek/mydata/redis/node-3/data \
-v /home/geek/geek/mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.13 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.confsudo docker run -p 6374:6379 -p 16374:16379 --name redis-4 \
-v /home/geek/geek/mydata/redis/node-4/data \
-v /home/geek/geek/mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.14 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.confsudo docker run -p 6375:6379 -p 16375:16379 --name redis-5 \
-v /home/geek/geek/mydata/redis/node-5/data \
-v /home/geek/geek/mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.15 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.confsudo docker run -p 6376:6379 -p 16376:16379 --name redis-6 \
-v /home/geek/geek/mydata/redis/node-6/data \
-v /home/geek/geek/mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.16 redis:5.0.9-alpine3.12 redis-server /etc/redis/redis.conf
- 創建集羣。
先進入一個容器。
[geek@192 ~]$ sudo docker exec -it redis-1 /bin/bash
OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "exec: \"/bin/bash\": stat /bin/bash: no such file or directory": unknown
[geek@192 ~]$ sudo docker exec -it redis-1 /bin/sh
/data # ls
appendonly.aof nodes.confredis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.
0.15:6379 172.38.0.16:6379 --cluster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: 77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: 16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379
replicates 16396919eb468bea0b696c7d6c34bf797f7e93f6
S: 2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379
replicates dcb8f253dfc1aed54ec272fb2f569034ea5e245a
S: 6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379
replicates 77f3c8bdde5f660c723a60db52429adda8aa11ec
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
..
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
M: 77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: 16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: 2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379
slots: (0 slots) slave
replicates dcb8f253dfc1aed54ec272fb2f569034ea5e245a
S: 95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379
slots: (0 slots) slave
replicates 16396919eb468bea0b696c7d6c34bf797f7e93f6
S: 6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379
slots: (0 slots) slave
replicates 77f3c8bdde5f660c723a60db52429adda8aa11ec
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered./data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:76
cluster_stats_messages_pong_sent:82
cluster_stats_messages_sent:158
cluster_stats_messages_ping_received:77
cluster_stats_messages_pong_received:76
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:158
127.0.0.1:6379> cluster nodes
77f3c8bdde5f660c723a60db52429adda8aa11ec 172.38.0.12:6379@16379 master - 0 1601231683259 2 connected 5461-10922
16396919eb468bea0b696c7d6c34bf797f7e93f6 172.38.0.13:6379@16379 master - 0 1601231684266 3 connected 10923-16383
2a42a4c3c0a5c8a1456cceabf55c323240c18297 172.38.0.15:6379@16379 slave dcb8f253dfc1aed54ec272fb2f569034ea5e245a 0 1601231684000 5 connected
dcb8f253dfc1aed54ec272fb2f569034ea5e245a 172.38.0.11:6379@16379 myself,master - 0 1601231682000 1 connected 0-5460
95bdaf227cc3538d276d34d9ad48f97f26aab022 172.38.0.14:6379@16379 slave 16396919eb468bea0b696c7d6c34bf797f7e93f6 0 1601231683000 4 connected
6902fb44092969a94c7a503559bad6cf9ec07a65 172.38.0.16:6379@16379 slave 77f3c8bdde5f660c723a60db52429adda8aa11ec 0 1601231685275 6 connected
127.0.0.1:6379> set name geek
-> Redirected to slot [5798] located at 172.38.0.12:6379
OK
172.38.0.12:6379>
Spring Boot 微服務打包 Docker 鏡像。
將寫好的項目 mvn package。
確保可以正常運行。
java -jar docker-demo-0.0.1-SNAPSHOT.jarFROM java:8
COPY *.jar app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app.jar"]將 jar 包和 Dockefile 拷貝到服務器。
[geek@192 idea]$ sudo docker build -t geek666 .
Sending build context to Docker daemon 16.55MB
Step 1/5 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/5 : COPY *.jar app.jar
---> c542b682ce04
Step 3/5 : CMD ["--server.port=8080"]
---> Running in cb4fe318aea1
Removing intermediate container cb4fe318aea1
---> 56b4e4949967
Step 4/5 : EXPOSE 8080
---> Running in ee4e4c67f8b1
Removing intermediate container ee4e4c67f8b1
---> 8e87d7c0c35c
Step 5/5 : ENTRYPOINT ["java", "-jar", "app.jar"]
---> Running in 447e82f763aa
Removing intermediate container 447e82f763aa
---> 72b4682c244c
Successfully built 72b4682c244c
Successfully tagged geek666:latest[geek@192 idea]$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
geek666 latest 72b4682c244c 33 seconds ago 660MBsudo docker run -d -P --name geek-springboot-web geek666
[geek@192 idea]$ sudo docker run -d -P --name geek-springboot-web geek666
511bbf57ef45b8cb6b2a34227d556e98ced8dabcecc3e9af5bdee88635dad29d
[geek@192 idea]$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
511bbf57ef45 geek666 "java -jar app.jar -…" 5 seconds ago Up 4 seconds 0.0.0.0:32778->8080/tcp geek-springboot-web- 正常訪問。
[geek@192 idea]$ curl localhost:32778
{"timestamp":"2020-09-27T20:12:38.150+00:00","status":404,"error":"Not Found","message":"","path":"/"}
[geek@192 idea]$ curl localhost:32778/hello
hello, geek.
[geek@192 idea]$# 指定基礎鏡像。
FROM ubuntu:16.04
# 配置環境變量,JDK 的安裝目錄。
ENV JAVA_DIR=/usr/local
# 拷貝 jdk 和 java 項目的包。
COPY ./jdk-8u241-linux-x64.tar.gz $JAVA_DIR/
COPY ./docker-demo-0.0.1-SNAPSHOT.jar /tmp/app.jar
# 安裝 JDK。
RUN cd $JAVA_DIR \
&& tar -xf ./jdk-8u241-linux-x64.tar.gz \
&& mv ./jdk1.8.0_241 ./java8
# 配置環境變量。
ENV JAVA_HOME=$JAVA_DIR/java8
ENV PATH=$PATH:$JAVA_HOME/bin
# 暴露端口。
EXPOSE 8090
# 入口,java 項目的啓動命令。
ENTRYPOINT java -jar /tmp/app.jarFROM java:8
COPY *.jar app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java", "-jar", "/app.jar"]FROM java:8-alpine
COPY ./app.jar /tmp/app.jar
EXPOSE 8090
ENTRYPOINT java -jar /tmp/app.jar
本文章為轉載內容,我們尊重原作者對文章享有的著作權。如有內容錯誤或侵權問題,歡迎原作者聯繫我們進行內容更正或刪除文章。