docker容器技术
程序员文章站
2022-07-01 11:26:22
...
这里写自定义目录标题
1. 虚拟机和容器的对比
2. docker ce镜像
1. 制作rhel7.6的母盘
2. 虚拟机可以上网
3. https://developer.aliyun.com/mirror/docker-ce #阿里云的docke ce镜像部署
yum install wget -y
cd /etc/yum.repos.d/
yum install -y yum-utils device-mapper-persistent-data lvm2
# 只需要稳定版,其它的可以删除
[aaa@qq.com yum.repos.d]# cat docker-ce.repo
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
4. 解决docker-ce安装的依赖问题
需要container-selinux软件包
在阿里云上搜索软件包
根据依赖性报错显示下载2.74以上版本即可
5. 依赖性解决之后安装
yum install docker-ce container-selinux-2.77-1.el7.noarch.rpm -y
6. 启动docker
systemctl start docker
7. 查看docker的信息
[aaa@qq.com ~]# docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.8
Storage Driver: overlay2
Backing Filesystem: <unknown>
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.6 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 991.2MiB
Name: server1
ID: AWLX:4O4X:TVVI:UDQN:PZJX:MXV6:DMGZ:ZNN5:CYDX:KWBY:EH6X:7VRD
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
如果你有bridge的问题,解决方法:
[aaa@qq.com ~]# sysctl -a|grep bridge-nf-call-iptables
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.docker0.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
net.bridge.bridge-nf-call-iptables = 0
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
[aaa@qq.com ~]# cat /etc/sysctl.d/bridge.conf # 写入一下内容
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
[aaa@qq.com ~]# sysctl --system # 是刚才的bridge.conf文件生效
8. docker容器数据存放目录/var/lib/docker
[aaa@qq.com ~]# cd /var/lib/docker
[aaa@qq.com docker]# ls
builder containers network plugins swarm trust
buildkit image overlay2 runtimes tmp volumes
9. 安装bash包
[aaa@qq.com docker]# yum install -y bash-*
10. docker的镜像加速器
[aaa@qq.com ~]# docker images # 查看有哪些镜像
[aaa@qq.com ~]# docker pull nginx # 从官方下载nginx
docker pull nginx:1.16 # 指定nginx版本拉取
11. 配置加速器
申请阿里云帐号
找到阿里云容器镜像服务
配置镜像加速器
12. 搜索nginx
名字为nginx的为官方
[aaa@qq.com docker]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 12929 [OK]
13. 运行nginx
[aaa@qq.com docker]# docker run -d --name nginx nginx
ced3a2d654507b2c7a53123fafad125744c4cb1a887502df0adfeb23f23f260c
# 用ps查看确保nginx正在运行
[aaa@qq.com docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ced3a2d65450 nginx "nginx -g 'daemon of…" 7 seconds ago Up 5 seconds 80/tcp nginx
14. 查看docker给nginx分配的ip地址
[aaa@qq.com docker]# docker inspect nginx
"IPAddress": "172.17.0.2",
安装docker以后,会有一个docker的桥接
[aaa@qq.com docker]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:1d:77:96 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.1/24 brd 172.25.60.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe1d:7796/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:e9:ea:f5:63 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e9ff:feea:f563/64 scope link
valid_lft forever preferred_lft forever
安装查看桥接网络的软件
[aaa@qq.com docker]# yum install -y bridge-utils
[aaa@qq.com docker]# brctl show # 查看桥接
bridge name bridge id STP enabled interfaces
docker0 8000.0242e9eaf563 no vethf92557c
15. 测试:访问nginx
[aaa@qq.com docker]# curl 172.17.0.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1> # nginx部署成功
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
16. 外网访问nginx
[aaa@qq.com docker]# docker rm -f nginx # 释放容器
nginx
端口映射 80(表示宿主机的端口):80(容器内的端口)
[aaa@qq.com docker]# docker run -d --name nginx -p 80:80 nginx
d60e21fe5eea4c73dbee29fe540399a9ab98346542c00957c54bd04ff1f9e7f4
查看nginx信息
[aaa@qq.com docker]# docker history nginx:latest
IMAGE CREATED CREATED BY SIZE COMMENT
ed21b7a8aee9 5 days ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 5 days ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B
<missing> 5 days ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 5 days ago /bin/sh -c ln -sf /dev/stdout /var/log/nginx… 22B
<missing> 5 days ago /bin/sh -c set -x && addgroup --system -… 57.6MB
<missing> 5 days ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster 0B
<missing> 5 days ago /bin/sh -c #(nop) ENV NJS_VERSION=0.3.9 0B
<missing> 5 days ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.17.9 0B
<missing> 5 days ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 5 days ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 5 days ago /bin/sh -c #(nop) ADD file:d1f1b387a158136fb… 69.2MB
[aaa@qq.com docker]# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0
MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80
Chain DOCKER (2 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.2:80
[aaa@qq.com docker]# netstat -antlpe
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 22483 3039/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 23276 3251/master
tcp 0 0 172.25.60.1:22 172.25.60.250:48218 ESTABLISHED 0 50489 15752/sshd: aaa@qq.com
tcp6 0 0 :::80 :::* LISTEN 0 52993 17967/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 0 22492 3039/sshd
tcp6 0 0 ::1:25 :::* LISTEN 0 23277 3251/master
测试:可以直接通过虚拟机ip访问
17. 将下载之后的软件加载到docker中
docker load -i xxx
上一篇: docker三剑客:docker-compose做负载均衡
下一篇: 同时进入天堂