Docker笔记整理
文章目录docker历史docker能做什么Docker的安装Docker的基本组成安装Docker阿里云镜像加速回顾Hello-World底层原理Docker的常用命令帮助命令镜像命令容器命令常用其他命令总结实战练习可视化docker 镜像commit镜像容器数据卷使用数据卷安装MySQL具名和匿名挂载初识DockerFile数据卷容器DockerFileDockerFile介绍DockerFi
docker历史
2010年,几个年轻人,在美国成立dotcloud ,做一些pass云服务。
lxc有关的容器技术,他们将自己的技术容器化
聊聊docker
Docker是基于GO语言开发的!开源项目!
官网:https://www.docker.com/
文档地址:https://docs.docker.com/ 超级详细
仓库地址:https://hub.docker.com/
docker能做什么
之前的虚拟技术
虚拟技术的缺点
- 占用资源多
- 冗余步骤多
- 启动慢
容器化技术
容器化技术不是模拟的一个完整的操作系统
Docker和虚拟机之间的区别
- 传统虚拟机虚拟出一套完整的硬件,运行一套完整的虚拟环境,在操作系统上运行安装软件
- 容器直接运行在内核中,容器没有自己的内核,也没有虚拟硬件,所以轻便
- 每个容器间相互隔离,每个容器都有属于自己的文件系统,互不影响
DevOps(开发、运维)
更快速的运维部署
传统应用:一堆文档,安装运行
Docker:打包镜像发布测试,一键运行
更便捷的升级和扩缩容
使用docker之后,发布应用就像搭积木一样
项目打包为镜像,可以在其他环境直接运行
更简单的运维
在容器化后,开发环境、测试环境高度一致
更高效的资源利用
Docker是内核虚拟化,在一个物理机上可以运行多个容器实例,服务器性能可以压榨到极致
Docker的安装
Docker的基本组成
镜像(images)
Docker镜像是一个模板,可以通过这个模板创建容器服务,tomcat—>run—>tomcat01容器(提供服务器),通过这个镜像可以创建多个容器
容器(container)
Docker利用容器技术运行通过镜像创建的应用
启动、删除基本命令
仓库(repository)
存放镜像的地方!
共有仓库和私有仓库!
Docker Hub(默认是国外的)
阿里云…都有这些仓库(配置镜像加速)
安装Docker
环境准备
- 会一点点linux基础
- CentOS 7
- 使用XShell链接远程服务器
环境查看
#系统内核3.10以上
[root@izuf6cn5k7l8xuxojhszqbz ~]# uname -r
3.10.0-862.14.4.el7.x86_64
#系统版本
[root@izuf6cn5k7l8xuxojhszqbz /]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
安装
帮助文档:https://docs.docker.com/engine/install/centos/
# 1.卸载旧版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
# 2.下载需要的安装包
yum install -y yum-utils
# 3.设置镜像仓库
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo #默认是国外的十分慢
yum-config-manager
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #推荐使用阿里云的
# 更新yum相关索引
yum makecache faste
# 4.安装Docker相关内容 docker-ce社区版 ee企业版
yum install docker-ce docker-ce-cli containerd.io
# 5.启动docker
sudo systemctl start docker
# 6.使用docker version查看是否安装成功
# 7. hello-world
docker run hello-world
# 8. 查看下载的hello-world这个镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
了解卸载docker
# 1.卸载依赖
yum remove docker-ce docker-ce-cli containerd.io
# 2.删除资源
rm -rf /var/lib/docker
#/var/lib/docker docker的默认工作路径
阿里云镜像加速
-
登陆阿里云找到容器服务
-
镜像加速地址
-
配置使用
sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://0b56c32l.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
回顾Hello-World
底层原理
Docker 是一个Client-Server的系统,Docker的守护进程运行在主机上,通过Socket从客户端访问
DockerServer接受DockerClient命令
Docker为什么比VM运行更快?
- Docker有比虚拟机更少的抽象层
- Docker用的是宿主机的内核
Docker的常用命令
帮助命令
docker version # 显示Docker的版本信息
docker info # 显示Docker的系统信息,包括镜像和容器的数量
docker 命令 --help # 帮助命令
帮助文档地址:https://docs.docker.com/engine/reference/run/
镜像命令
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
# 解释
REPOSITORY 镜像仓库源
TAG 镜像标签
IMAGE ID 镜像ID
CREATE 镜像创建时间
SIZE 镜像大小
# 可选向
Options:
-a, --all # 列出所有镜像
-q, --quiet # 只显示镜像ID
docker search搜索镜像
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
mariadb MariaDB is a community-developed fork of MyS… 3694 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 736 [OK]
percona Percona Server is a fork of the MySQL relati… 511 [OK]
# 可选项
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
mariadb MariaDB is a community-developed fork of MyS… 3694 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 736 [OK]
percona Percona Server is a fork of the MySQL relati… 511 [OK]
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql --filter=stars=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
docker pull 下载镜像
# docker pull 镜像名[:tag]
docker pull mysql
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker pull mysql
Using default tag: latest # 如果不写tag,默认就是latest
latest: Pulling from library/mysql
bb79b6b2107f: Pull complete # 分层下载,docker images的核心,联合文件系统
49e22f6fb9f7: Pull complete
842b1255668c: Pull complete
9f48d1f43000: Pull complete
c693f0615bce: Pull complete
8a621b9dbed2: Pull complete
0807d32aef13: Pull complete
9eb4355ba450: Pull complete
6879faad3b6c: Pull complete
164ef92f3887: Pull complete
6e4a6e666228: Pull complete
d45dea7731ad: Pull complete
Digest: sha256:86b7c83e24c824163927db1016d5ab153a9a04358951be8b236171286e3289a4 #签名
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址
删除镜像 docker rmi
docker rmi -f 8e85dd5c3255 # 删除指定镜像
docker rmi -f 容器ID 容器ID 容器ID 容器ID# 删除多个镜像
docker rmi -f ${docker images -aq} # 删除全部镜像
容器命令
说明:只有新建镜像才能创建容器,Linux,下载一个CentOS来学习
docker pull centos
新建容器并启动
docker run [可选参数] image
# 参数说明
--name # 指定容器名字
-it # 使用交互方法,进入后台查看内容
-d # 后台运行
-p # 指定端口8080:8080
-p 主机端口:容器端口(最常用主机端口和容器端口的映射)
-p ip:主机端口:容器端口
-p 容器端口
容器端口
-P # 随机分配端口
# 测试,启动并进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -it kibana:6.4.0 /bin/bash
bash-4.2$ [root@izuf6cn5k7l8xuxojhszqbz /]#
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -it centos /bin/bash
# 查看容器内的CentOS,基本版本很多功能都不完善
[root@a87299a142d9 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
# 从容器中退回主机
[root@a87299a142d9 /]# exit
exit
[root@izuf6cn5k7l8xuxojhszqbz /]# ls
bin dev get-docker.sh ifstat-1.1.tar.gz lost+found mydata root srv usr
boot dubbo-governance.log home lib media opt run sys var
d etc ifstat-1.1 lib64 mnt proc sbin tmp zookeeper.out
[root@izuf6cn5k7l8xuxojhszqbz /]#
# 查看镜像元数据
[root@izuf6cn5k7l8xuxojhszqbz /]# docker inspect b96481cf196e
[
{
"Id": "b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386",
"Created": "2020-10-20T01:00:24.252614556Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 12492,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-10-20T02:00:50.534736639Z",
"FinishedAt": "2020-10-20T02:00:50.11175616Z"
},
"Image": "sha256:0d120b6ccaa8c5e149176798b3501d4dd1885f961922497cd0abef155c869566",
"ResolvConfPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/hostname",
"HostsPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/hosts",
"LogPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386-json.log",
"Name": "/xenodochial_cerf",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5-init/diff:/var/lib/docker/overlay2/e88cb8fc7bd56dd63cbb631a8babb55716e65fb3705e0e5c2e0d5da2e6e7737b/diff",
"MergedDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/merged",
"UpperDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/diff",
"WorkDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "b96481cf196e",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20200809",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "2e09d9086aeb52e6a6d5a7ada9b6c8531c0f7b322ccf6532cf169d3ba9756eab",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/2e09d9086aeb",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "63ef5e1ec21bc8973355b716d8dfa42e192efc0f1750ef18947b4f9d1410e512",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:04",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "adb8cb6caa43e42b2f3963607bf576207abb4a6a2b76c43f3907503f17dbdad9",
"EndpointID": "63ef5e1ec21bc8973355b716d8dfa42e192efc0f1750ef18947b4f9d1410e512",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:04",
"DriverOpts": null
}
}
}
}
]
[root@izuf6cn5k7l8xuxojhszqbz /]#
退出容器
exit # 退出并停止容器
ctrl + P + Q # 退出但不停止容器
列出所有Docker运行容器
docker ps
# 参数
无参数 # 列出当前运行的容器
-a # 列出当前运行的容器+历史运行的容器
-n=? # 显示最近创建的容器
-q # 只显示容器的编号
删除容器
docker rm 容器ID # 删除容器但是不能删除运行的容器,如果强制删除rm -f
docker rm -f ${docker ps -qa} # 删除所有容器
docker ps -qa | xargs docker rm # 删除所有容器
启动和停止容器
docker start 容器ID # 启动容器
docker restart 容器ID # 重启容器
docker stop 容器ID # 停止容器
docker kill 容器ID # 强制停止当前容器
常用其他命令
Docker进程相关命令
systemctl start docker # 启动Docker容器
systemctl stop docker # 停止Docker容器
systemctl restart docker # 重启Docker容器
systemctl status docker # 查看Docker容器状态
systemctl enable docker # 设置Docker开机自启
docker top 容器ID # 查看容器进程信息
[root@izuf6cn5k7l8xuxojhszqbz /]# docker top 0a01905d64f5
UID PID PPID C STIME TTY TIME CMD
root 16217 16201 0 12:21 pts/0 00:00:00 /bin/bash
[root@izuf6cn5k7l8xuxojhszqbz /]#
后台启动命令
# docker run -d 镜像名
# 问题docker ps 发现CentOS停止运行
# docker后台运行就必须有一个前台进程,docker发现没有应用就会自动停止
# nginx发现自己没有提供服务就会停止运行,就是没有程序
查看日志命令
docker logs -f -t --tail nubmer 容器ID
# 显示日志
- ft # 显示日志
--tail number # 显示日志和行数
[root@izuf6cn5k7l8xuxojhszqbz /]# docker logs -f -t --tail 10 d50135d540e2
进入当前正在运行的容器
# 通常容器都是后台运行方式,经常需要进入容器,修改一些配置
# 方式一
docker exec -it 容器ID
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bc3159d51302 kibana:6.4.0 "/bin/bash" 34 minutes ago Up 34 minutes 5601/tcp romantic_euclid
abe8d2653a16 elasticsearch:6.4.0 "/usr/local/bin/dock…" 35 minutes ago Up 35 minutes 9200/tcp, 9300/tcp elastic_ellis
89059be6a599 logstash:6.4.0 "/usr/local/bin/dock…" 36 minutes ago Up 36 minutes 5044/tcp, 9600/tcp nostalgic_einstein
059363cf2047 0346349a1a64 "/bin/bash" 46 minutes ago Up 46 minutes 80/tcp, 443/tcp nginx
edb16178fcae centos "/bin/bash" About an hour ago Up About an hour nostalgic_allen
a956dc76e579 redis "docker-entrypoint.s…" 3 months ago Up About an hour 0.0.0.0:6379->6379/tcp redis
635d1b7ad286 mysql:5.7 "docker-entrypoint.s…" 3 months ago Up About an hour 0.0.0.0:3306->3306/tcp, 33060/tcp mysql
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it 635d1b7ad286 /bin/bash
root@635d1b7ad286:/#
# 方式二
docker attach 容器ID # 进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker attach 635d1b7ad286
[root@izuf6cn5k7l8xuxojhszqbz /]# ...
# 两种方式的区别
docker exec -it 容器ID # 进入容器并开启一个新的终端
docker attach 容器ID # 进入正在执行的终端,并不会开启新的进程
从容器内拷贝文件到主机
docker cp
# 进入docker容器内
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it edb16178fcae /bin/bash
[root@edb16178fcae /]# cd /home
[root@edb16178fcae home]# ls
# 在容器内home创建文件
[root@edb16178fcae home]# touch test.java
# 退出容器
[root@edb16178fcae home]# exit
exit
[root@izuf6cn5k7l8xuxojhszqbz /]# ls
bin d dubbo-governance.log get-docker.sh ifstat-1.1 lib lost+found mnt opt root sbin sys usr zookeeper.out
boot dev etc home ifstat-1.1.tar.gz lib64 media mydata proc run srv tmp var
# 将docker内创建的文件拷贝到主机目录下
[root@izuf6cn5k7l8xuxojhszqbz /]# docker cp edb16178fcae:/home/test.java /home
[root@izuf6cn5k7l8xuxojhszqbz /]# cd home
[root@izuf6cn5k7l8xuxojhszqbz home]# ls
admin es FastDFS hadoop mysql oracle test.java
[root@izuf6cn5k7l8xuxojhszqbz home]#
# 拷贝是一个手动过程,将来可以使用-v 卷的技术字段关联容器目录和主机目录 /home /home
总结
实战练习
Docker 安装Ninx
# docker search nginx # 搜索镜像
# docker pull nginx:1.1.0 # 下载指定版本镜像
# 查看镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 0d120b6ccaa8 2 months ago 215MB
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
rabbitmq 3.7.15-management f05c3eb3cf91 15 months ago 179MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
mongo 3.2 fb885d89ea5c 23 months ago 300MB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
nginx 1.10 0346349a1a64 3 years ago 182MB
# 参数解释
# -d 后台运行
# --name 为容器命名
# -p 主机端口:容器端口
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name ngnix01 -p 3344:80 nginx:1.10
fe9479484c55a8aa62719a65cf146c14ce9bfadf5e20090afcb8e38703ac2bec
[root@izuf6cn5k7l8xuxojhszqbz /]# curl localhost:3344
# 进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it ngnix01 /bin/bash
root@fe9479484c55:/# whereis nginx
nginx: /usr/sbin/nginx /usr/lib/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz /usr/share/man/man3/nginx.3pm.gz
root@fe9479484c55:/# cd /etc/nginx
root@fe9479484c55:/etc/nginx# ls
conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf scgi_params uwsgi_params win-utf
root@fe9479484c55:/etc/nginx#
Docker 安装Tomcat
# docker pull tomcat:9.0 下载镜像tomcat9
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name tomcat9 -p 3355:8080 tomcat:9.0
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it tomcat9 /bin/bash
root@5f17e0823840:/usr/local/tomcat# ls
BUILDING.txt LICENSE README.md RUNNING.txt conf logs temp webapps.dist
CONTRIBUTING.md NOTICE RELEASE-NOTES bin lib native-jni-lib webapps work
root@5f17e0823840:/usr/local/tomcat# cd webapps
root@5f17e0823840:/usr/local/tomcat/webapps# ls
root@5f17e0823840:/usr/local/tomcat/webapps#
Docker 安装Es+kibana
# ES暴露端口多
# ES十分耗内存
# ES的目录一般要存放安全目录挂载
# --net somenetwork网络配置
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:tag
# 查看docker stats
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPS="-Xms64m -Xms512m" elasticsearch:tag
Docker安装MinIO
mkdir -p /data/minio/config
mkdir -p /data/minio/data
docker run -p 9000:9000 -p 9090:9090 \
--net=host \
--name minio \
-d --restart=always \
-e "MINIO_ACCESS_KEY=username" \
-e "MINIO_SECRET_KEY=password" \
-v /mydata/minio/data:/mydata/minio/data \
-v /mydata/minio/config:/mydata/minio/config \
minio/minio server \
/data --console-address ":9090" -address ":9000"
可视化
-
portainer(先用这个)
docker run -d -p 8088:9000 \ --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
-
Rancher(CI/CD再用)
docker 镜像
commit镜像
docker commit 提交容器成为一个新的副本
# 命令和git原理类似
docker commit -m="提交描述信息" -a="作者" 容器ID 目标镜像:[TAG]
docker commit -a="steven" -m="add webapps app" 5f17e0823840 tomcat02:1.0.0
容器数据卷
使用数据卷
方式一:使用命令挂载 -v
docker run -d -it -v 主机目录:容器目录 -p 主机端口:容器端口 --name 容器名字
[root@izuf6cn5k7l8xuxojhszqbz home]# docker run -it -v /home/ceshi:/home centos /bin/bash
测试文件同步
好处修改只需要在主机修改即可,容器内会自动同步
安装MySQL
# 获取镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker pull mysql:5.7
# 运行容器需要挂载!#安装启动MySQL,需要设置密码,要注意
# 启动MySQL
-d 后台运行
-p 端口映射
-v 数据卷挂载
-e 环境配置
--name 容器名字
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=09091995aq --name mysql5.7 mysql:5.7
# 启动成功后,用Navicat链接测试
# 在本地创建数据库,查看映射路径
具名和匿名挂载
# 匿名挂载
# -v 查看容器内路径
docker run -d --name nginx01 -v /etc/nginx nginx
# 查看卷 volume
[root@izuf6cn5k7l8xuxojhszqbz /]# docker volume ls
DRIVER VOLUME NAME
local 843c675d3d847a6c57927c79a5886559482bf4916118f91627bfa35ebbbec45b
# 这种就是匿名挂载 -v 只写了容器内的路径,没有写主机路径
# 具名挂载
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx nginx:1.10
1c70f133efdc35f9ce52ddafc7e128d88e833290e3815e2c8f1e5c2699319eb7
[root@izuf6cn5k7l8xuxojhszqbz /]# docker volume ls
DRIVER VOLUME NAME
local juming_nginx
所有的docker在没有指定目录的情况下默认放在:/var/lib/docker/volumes/xxx/_data目录下
# 具名挂载、匿名挂载、指定目录挂载
-v 容器内路径 # 匿名挂载
-v 容器名字:/容器内路径 # 具名挂载
-v 主机路径::/容器内路径 # 指定路径挂载
拓展
# 通过 -v 容器内路径控制读写权限
# ro readonly 只读
# rw readwrite 读写
docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx:ro nginx:1.10
docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx:rw nginx:1.10
# ro只能通过主机修改配置,容器内无法改变
初识DockerFile
DockerFile构建Docker镜像文件!命令脚本体验
# 创建DockerFile文件,名字可以随意,建议就用dockefile
# 文件中的内容 指令(大写) 参数
FROM centos
VOLUME ['volume01','volume02']
CMD echo '-----------end-------------'
CMD /bin/bash
# 这里的每个命令就是docker镜像的一层
启动自己的镜像
查看卷挂在路径:docker inspect 容器ID
数据卷容器
多个MySQL同步数据
docker run -it --name 容器名字 --volumes-from 父容器名字 镜像名称:版本号
docker run -it --name docker02 --volumes-from docker01 stevenyin/centos:1.10
DockerFile
DockerFile介绍
DockerFile是用来构建docker镜像的文件!命令参数脚本
构建步骤
- 编写dockerfile脚本文件
- 通过docker build -f dockerfile路径 -t 镜像名称(stevenyin/centos:1.1.0) .
- 运行镜像 docker run
- 发布镜像 docker push(DockerHub、阿里云镜像仓库)
查看一下官方是怎做的
DockerFile构建过程
基础知识
- 每一个保留关键字(指令)都必须是大写
- 从上到下依次执行
- #代表注释
- 每一条指令都会构建一个镜像层
dockerfile是面向开发的,以后发布项目,做镜像就需要编写dockerfile文件
步骤
- DockerFile:构建文件,定义步骤,相当于源代码
- DockerImages:通过DockerFile构建生成镜像,最终发布和运行产品
- DockerContainer:容器就是为镜像运行提供环境
DockerFile指令
FROM # 基础镜像一切从这里构建
MAINNTAINER # 镜像是谁写的,作者+邮箱
RUN # 镜像构建是需要运行的命令
ADD # tomcat镜像,tomcat是一个压缩包,添加内容
WORKDIR # 镜像工作目录
VOLUME # 目录挂载,挂载卷
EXPOSE # 暴漏端口
CMD # 指定容器启动时需要运行的命令,只有最后一个命令会生效,可被替代
ENTRYPOINT # 指定容器启动时需要运行的命令,可以命令追加
ONBUILD # 当运行一个被继承的 DockerFile 会触发ONBUILD
COPY # 类似于ADD,将文件拷贝到容器中
ENV # 设置环境变量
构建centos
# 1.编写配置文件dockerfile文件
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# vim mydockerfile-centos
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# cat mydockerfile-centos
FROM centos
MAINTAINER steven<yinhaoye@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD $MYPATH
CMD echo "------end------"
CMD /bin/bash
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
# 2.通过文件构建镜像
# 命令 docker build -f dockerfile -t 镜像:[tag] .
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker build -f /home/dockerfile/mydockerfile-centos -t stevenyin/centos:1.11 .
Successfully built 502fedcf049b
Successfully tagged stevenyin/centos:1.11
查看docker构建镜像历史
# 查看docker 镜像构建历史
# docker history 镜像ID
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker history 502fedcf049b
IMAGE CREATED CREATED BY SIZE COMMENT
502fedcf049b 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
a77ba559c57e 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
32e6bf5b4d27 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "$MYP… 0B
5c37e637387e 12 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
b80d50163d6d 12 minutes ago /bin/sh -c yum -y install net-tools 22.8MB
c682c6f2c7e5 12 minutes ago /bin/sh -c yum -y install vim 57.2MB
a7a7c274e0db 13 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
2cd2577889b9 13 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
4c14c20e220e 13 minutes ago /bin/sh -c #(nop) MAINTAINER steven<yinhaoy… 0B
0d120b6ccaa8 2 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 2 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 2 months ago /bin/sh -c #(nop) ADD file:538afc0c5c964ce0d… 215MB
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
CMD和ENTRYPOINT的区别
CMD # 指定容器启动时需要运行的命令,只有最后一个命令会生效,可被替代
ENTRYPOINT # 指定容器启动时需要运行的命令,可以命令追加
CMD测试
# 1.编写dockerfile文件mydockerfile-cmd
FROM centos
CMD ["ls","-a"]
# 2.构建镜像
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker build -f mydockerfile-cmd -t stevenyin/cmd:1.10 .
# run运行,发现 ls -a 生效了
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/cmd:1.10
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
opt
root
run
sbin
srv
sys
tmp
usr
var
# 3. 想追加命令 -l ls -al
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/cmd:1.10 -l
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"-l\": executable file not found in $PATH": unknown.
# CMD情况下-l 替换了CMD ["ls","-a"] -l不是命令所以报错
ENTRYPOINT测试
# 1.编写DockerFile文件
FROM centos
ENTRYPOINT ["ls","-a"]
# 2.构建镜像
docker build -f mydockerfile-entrypoint -t stevenyin/entrypoint:1.10 .
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/entrypoint:1.10
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/entrypoint:1.10 -l
total 56
drwxr-xr-x 1 root root 4096 Oct 25 02:22 .
drwxr-xr-x 1 root root 4096 Oct 25 02:22 ..
-rwxr-xr-x 1 root root 0 Oct 25 02:22 .dockerenv
lrwxrwxrwx 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x 5 root root 340 Oct 25 02:22 dev
drwxr-xr-x 1 root root 4096 Oct 25 02:22 etc
drwxr-xr-x 2 root root 4096 May 11 2019 home
lrwxrwxrwx 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------ 2 root root 4096 Aug 9 21:40 lost+found
drwxr-xr-x 2 root root 4096 May 11 2019 media
drwxr-xr-x 2 root root 4096 May 11 2019 mnt
drwxr-xr-x 2 root root 4096 May 11 2019 opt
dr-xr-xr-x 120 root root 0 Oct 25 02:22 proc
dr-xr-x--- 2 root root 4096 Aug 9 21:40 root
drwxr-xr-x 11 root root 4096 Aug 9 21:40 run
lrwxrwxrwx 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 May 11 2019 srv
dr-xr-xr-x 13 root root 0 Oct 24 02:53 sys
drwxrwxrwt 7 root root 4096 Aug 9 21:40 tmp
drwxr-xr-x 12 root root 4096 Aug 9 21:40 usr
drwxr-xr-x 20 root root 4096 Aug 9 21:40 var
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
发布镜像
DockerHub
-
注册账号:https://hub.docker.com/
-
登录账号
[root@izuf6cn5k7l8xuxojhszqbz software]# docker login --help Usage: docker login [OPTIONS] [SERVER] Log in to a Docker registry. If no server is specified, the default is defined by the daemon. Options: -p, --password string Password --password-stdin Take the password from stdin -u, --username string Username [root@izuf6cn5k7l8xuxojhszqbz software]# [root@izuf6cn5k7l8xuxojhszqbz software]# docker login -u stevenyin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@izuf6cn5k7l8xuxojhszqbz software]#
-
登录完毕后就可以提交镜像了,就是一部docker push
[root@izuf6cn5k7l8xuxojhszqbz software]# docker push stevenyin/centos:1.11
The push refers to repository [docker.io/stevenyin/centos]
5bf7e4a8471d: Pushed
bf760cbda826: Pushed
291f6e44771a: Layer already exists
digest1.11: digest: sha256:530a45736f79e50515baa5591fc76635184dd783089ec3e1ebb21c261137d8db size: 953
# 为镜像增加tag: docker tag stevenyin/centos:1.12
发布到阿里云镜像服务上
- 登陆阿里云
- 找到容器镜像服务
- 创建命名空间
- 创建容器镜像
-
推送镜像具体步骤
1. 登录阿里云Docker Registry $ sudo docker login --username=yinghaoye123aq registry.cn-shanghai.aliyuncs.com 用于登录的用户名为阿里云账号全名,密码为开通服务时设置的密码。 您可以在访问凭证页面修改凭证密码。 2. 从Registry中拉取镜像 $ sudo docker pull registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] 3. 将镜像推送到Registry $ sudo docker login --username=yinghaoye123aq registry.cn-shanghai.aliyuncs.com $ sudo docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] $ sudo docker push registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] 请根据实际镜像信息替换示例中的[ImageId]和[镜像版本号]参数。 4. 选择合适的镜像仓库地址 从ECS推送镜像时,可以选择使用镜像仓库内网地址。推送速度将得到提升并且将不会损耗您的公网流量。 如果您使用的机器位于VPC网络,请使用 registry-vpc.cn-shanghai.aliyuncs.com 作为Registry的域名登录。 5. 示例 使用"docker tag"命令重命名镜像,并将它通过专有网络地址推送至Registry。 $ sudo docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE registry.aliyuncs.com/acs/agent 0.7-dfb6816 37bb9c63c8b2 7 days ago 37.89 MB $ sudo docker tag 37bb9c63c8b2 registry-vpc.cn-shanghai.aliyuncs.com/acs/agent:0.7-dfb6816 使用 "docker push" 命令将该镜像推送至远程。 $ sudo docker push registry-vpc.cn-shanghai.aliyuncs.com/acs/agent:0.7-dfb6816
Docker 网络
理解Docker0
# [root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -p 3355:8080 --name tomcat9 tomcat:9.0
# 查看容器内网络地址 ip addr,启动后会发现有261: eth0@if262 IP地址
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
261: eth0@if262: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# linux 能不能ping通容器内部
[root@izuf6cn5k7l8xuxojhszqbz ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.086 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.060 ms
原理
- 每启动一个docker容器,docker就会给docker容器分配一个IP,只要安装docker就会产生docker0的桥接模式的网卡,使用的技术是evth-pair技术!
- 再次启动一个容器发现又多了一对网卡
# 容器带来的网卡都是一对一对的
# evth-pair就是一对虚拟的网络设备接口,他们都是成对出现的一端连着协议,另一端彼此相连
- 两个容器间可以ping通
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9 ping 172.17.0.3
# 容器间是可以ping通的
网络模型
在不指定网络的情况下,都是由docker0路由的,docker会默认分派一个可用的IP
docker 使用的是liunx中的桥接,宿主机是docker中的网桥,docker0
–link
# 不能通过服务名ping通另一个容器,只能通过IP
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9
ping: tomcat9: Name or service not known
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 通过--link可以通过容器名使容器间进行联通
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.2 --link tomcat9 tomcat:9.0
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.2 ping tomcat9
PING tomcat9 (172.17.0.2) 56(84) bytes of data.
64 bytes from tomcat9 (172.17.0.2): icmp_seq=1 ttl=64 time=0.095 ms
64 bytes from tomcat9 (172.17.0.2): icmp_seq=2 ttl=64 time=0.066 ms
64 bytes from tomcat9 (172.17.0.2): icmp_seq=3 ttl=64 time=0.064 ms
探究inspect
tomcat9.2是在本地配置了tomcat9
# 在hosts里配置,远离在这里发现
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it tomcat9.2 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 tomcat9 a3d12cff39da
172.17.0.4 7f5cb56cad3f
[root@izuf6cn5k7l8xuxojhszqbz /]#
本质探究: – link就是在hosts文件中增加了172.17.0.2 tomcat9 a3d12cff39da 的映射
局限:docker0不支持容器名访问
自定义网络
查看网络
网络模式
bridge:桥接网络docker(默认,自己创建也是有桥接模式)
none:不配置网络
host:和宿主机共享网络
container:容器内可以连通(用的少,不建议使用)
测试
# 直接启动 --net bridge 默认就是docker0
docker run -d -P --name tomcat9 --net bridge tomcat:9.0
# docker0不能通过域名访问,可以通过--link 连通
# 自定义网路
--driver bridge 桥接模式
--subnet 192.168.0.0/16 子网地址
--gateway 192.168.0.1 网关
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
36c4197f8b73de837495b148d4b95a2f03c6747608733a2b5d506b98c653f034
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
1edaf6a32eb9 bridge bridge local
18b32561b08d host host local
abdd0e9a3c22 mydata_default bridge local
36c4197f8b73 mynet bridge local
a7f1b5a0ad78 none null local
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 使用自定义网络启动容器
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.1 --net mynet tomcat:9.0
658aab97504ae8ee63204c78bd431fc37b41677c51121fa96c2041961d912a80
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.2 --net mynet tomcat:9.0
97216395cd5188beab139a3f957019d42aa1b9da91a26d6b3cfd907fabc6b78f
# 查看自定义网络
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "36c4197f8b73de837495b148d4b95a2f03c6747608733a2b5d506b98c653f034",
"Created": "2020-10-25T21:45:21.745587216+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"658aab97504ae8ee63204c78bd431fc37b41677c51121fa96c2041961d912a80": {
"Name": "tomcat9.1",
"EndpointID": "168eb519cd776907149fd9d97121e0a068f2ea28a6b81e86cbac04b742d82721",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"97216395cd5188beab139a3f957019d42aa1b9da91a26d6b3cfd907fabc6b78f": {
"Name": "tomcat9.2",
"EndpointID": "00b1cc23a06c62087e7606b8b5286807ce0b7c3aca7d43a26cb8362147d10416",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 再次测试不使用--link也可以通过容器名访问
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9.2
PING tomcat9.2 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.066 ms
[root@izuf6cn5k7l8xuxojhszqbz ~]#
网络联通
# 网络联通 docker network connect 网络名 容器名
docker network connect mynet tomcat9.2.2
# 联通之后将tomcat9.1.1放入mynet网络下
# 一个容器两个IP
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9.1.1
PING tomcat9.1.1 (192.168.0.4) 56(84) bytes of data.
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=1 ttl=64 time=0.101 ms
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=2 ttl=64 time=0.073 ms
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=3 ttl=64 time=0.082 ms
[root@izuf6cn5k7l8xuxojhszqbz ~]#
实战部署Redis
安装单机版Redis
1.下载镜像
docker pull redis
2.创建挂载的目录和配置文件
mkdir -p /mydata/redis/conf
[root@iZwz9hw4qywrrl4vj6o0j1Z ~]# cd /mydata/redis/conf/
[root@iZwz9hw4qywrrl4vj6o0j1Z conf]# touch redis.conf
3.启动redis
# 结果
[root@iZwz9hw4qywrrl4vj6o0j1Z conf]# docker run -p 6379:6379 --name redis -v /mydata/redis/redis.conf:/etc/redis/redis.conf -v /mydata/redis/data:/data -d redis redis-server /etc/redis/redis.conf --appendonly yes
4.命令解释
命令解释
-p 6379:6379 端口映射:前表示主机部分,:后表示容器部分。
–name myredis 指定该容器名称,查看和进行操作都比较方便。
-v 挂载目录,规则与端口映射相同。
-d redis 表示后台启动redis
redis-server /etc/redis/redis.conf 以配置文件启动redis,加载容器内的conf文件,最终找到的是挂载的目录/usr/local/docker/redis.conf
appendonly yes 开启redis 持久化
- 进入redis
[root@iZwz9hw4qywrrl4vj6o0j1Z conf]# docker exec -it redis redis-cli
实战部署Redis集群
for port in $(seq 1 6);\
do \
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.30.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
done
# 启动reids容器
docker run -p 6371:6379 -p 16371:16379 --name redis-1 \
-v /mydata/redis/node-1/data:/data \
-v /mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.11 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6372:6379 -p 16372:16379 --name redis-2 \
-v /mydata/redis/node-2/data:/data \
-v /mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.12 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6373:6379 -p 16373:16379 --name redis-3 \
-v /mydata/redis/node-3/data:/data \
-v /mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.13 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6374:6379 -p 16374:16379 --name redis-4 \
-v /mydata/redis/node-4/data:/data \
-v /mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.14 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6375:6379 -p 16375:16379 --name redis-5 \
-v /mydata/redis/node-5/data:/data \
-v /mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.15 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6376:6379 -p 16376:16379 --name redis-6 \
-v /mydata/redis/node-6/data:/data \
-v /mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.16 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
# 创建集群
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it redis-1 /bin/sh
/data # redis-cli --cluster create 172.30.0.11:6379 172.30.0.12:6379 172.30.0.13:6379 172.30.0.14:6379 172.30.0.15:6379 172.30.0.16:6379 --c
luster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.30.0.15:6379 to 172.30.0.11:6379
Adding replica 172.30.0.16:6379 to 172.30.0.12:6379
Adding replica 172.30.0.14:6379 to 172.30.0.13:6379
M: 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379
slots:[0-5460] (5461 slots) master
M: 039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379
slots:[5461-10922] (5462 slots) master
M: f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379
replicates f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6
S: 20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379
replicates 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd
S: a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379
replicates 039ee87ac86de914417233448396a3c089669a2b
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
..
>>> Performing Cluster Check (using node 172.30.0.11:6379)
M: 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379
slots: (0 slots) slave
replicates 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd
S: 534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379
slots: (0 slots) slave
replicates f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6
M: 039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379
slots: (0 slots) slave
replicates 039ee87ac86de914417233448396a3c089669a2b
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
/data #
# 测试集群
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:480
cluster_stats_messages_pong_sent:475
cluster_stats_messages_sent:955
cluster_stats_messages_ping_received:470
cluster_stats_messages_pong_received:480
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:955
127.0.0.1:6379> cluster nodes
20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379@16379 slave 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 0 1603708641983 5 connected
534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379@16379 slave f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 0 1603708641000 4 connected
96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379@16379 myself,master - 0 1603708640000 1 connected 0-5460
039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379@16379 master - 0 1603708640580 2 connected 5461-10922
f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379@16379 master - 0 1603708640000 3 connected 10923-16383
a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379@16379 slave 039ee87ac86de914417233448396a3c089669a2b 0 1603708640000 6 connected
127.0.0.1:6379> set a b
-> Redirected to slot [15495] located at 172.30.0.13:6379
OK
172.30.0.13:6379> get a
^C
/data # redis-cli -c
127.0.0.1:6379> get a
-> Redirected to slot [15495] located at 172.30.0.14:6379
"b"
172.30.0.14:6379> cluster nodes
534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379@16379 myself,master - 0 1603708963000 7 connected 10923-16383
a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379@16379 slave 039ee87ac86de914417233448396a3c089669a2b 0 1603708964000 2 connected
039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379@16379 master - 0 1603708964000 2 connected 5461-10922
f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379@16379 master,fail - 1603708902628 1603708901000 3 connected
96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379@16379 master - 0 1603708965564 1 connected 0-5460
20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379@16379 slave 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 0 1603708964563 1 connected
172.30.0.14:6379>
docker搭建集群完成!
安装ZooKeeper
一、单机搭建
-
下载镜像
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker pull zookeeper:3.5
-
创建数据挂载目录
/mydata/zookeeper/conf
/mydata/zookeeper/data
/mydata/zookeeper/datalog -
运行zookeeper
docker run -d --name zookeeper3.5 \ --restart always \ -p 2181:2181 -p 2888:2888 -p 3888:3888 \ -v /mydata/zookeeper/conf:/conf \ -v /mydata/zookeeper/data:/data \ -v /mydata/zookeeper/datalog:/datalog \ zookeeper:3.5
-
进入zookeeper容器
[root@izuf6cn5k7l8xuxojhszqbz zookeeper]# docker exec -it zookeeper3.5 /bin/bash root@1d0a2f5178b8:/apache-zookeeper-3.5.8-bin/bin# ls README.txt zkCli.cmd zkEnv.cmd zkServer-initialize.sh zkServer.sh zkTxnLogToolkit.sh zkCleanup.sh zkCli.sh zkEnv.sh zkServer.cmd zkTxnLogToolkit.cmd root@1d0a2f5178b8:/apache-zookeeper-3.5.8-bin/bin# ./zkCli.sh Connecting to localhost:2181 log4j:WARN No appenders could be found for logger (org.apache.zookeeper.ZooKeeper). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. Welcome to ZooKeeper! JLine support is enabled WATCHER:: WatchedEvent state:SyncConnected type:None path:null [zk: localhost:2181(CONNECTED) 0] create /test test Created /test [zk: localhost:2181(CONNECTED) 1] get /test test [zk: localhost:2181(CONNECTED) 2]
二、集群搭建
-
在/mydata/下创建zookeeper-cluster文件夹
mkdir zookeeper-cluster
-
在/mydata/zookeeper-cluster下创建三个zookeeper0x文件夹
mkdir zookeeper01 mkdir zookeeper02 mkdir zookeeper03
-
每个zookeeper0x下建立如下
mkdir conf data datalog
- 在/mydata/zookeeper-cluster目录下创建docker-compose.yml文件并编写
touch docker-compose.yml //创建文件 vim docker-compose.yml //进入vim编译器
编写docker-compose.yml文件
version: '3'#版本号固定写法 services: zoo1: image: zookeeper #使用的镜像 restart: always #宕机后自动重启 hostname: zoo1 #承载zookeeper容器的主机(父容器)名 可省略 container_name: zoo1 #容器名 privileged: true #使用该参数,container内的root拥有真正的root权 privileged启动的容器,可以看到很多host上的设备,并且可以执行mount。甚至允许你在docker容器中启动docker容器。 ports: #主机和容器的端口映射 - "2181:2181" volumes: #创建zookeeper容器在宿主机的挂载目录 - /mydata/zookeeper-cluster/zookeeper01/data:/data #数据 - /mydata/zookeeper-cluster/zookeeper01/datalog:/datalog #日志 - /mydata/zookeeper-cluster/zookeeper01/conf:/conf #配置文件 environment: #zookeeper3.4 和zookeeper 3.5在docker环境下搭建集群差异就在这里 #zoo1为容器名,也是主机名,意思为使用容器的内网通信(1)Zookeeper3.5 中指定的 ZOO_SERVERS 参数的 IP 地址和端口号后面多加了 “;2181 ”。(2)ZOO_SERVERS 指定ip时本机的ip地址写 0.0.0.0。 ZOO_MY_ID: 1 ZOO_SERVERS: server.1=0.0.0.0:2888:3888;2181 server.2=zoo2:2888:3888;2181 server.3=zoo3:2888:3888;2181 zoo2: image: zookeeper restart: always hostname: zoo2 container_name: zoo2 privileged: true ports: - "2182:2181" volumes: - /mydata/zookeeper-cluster/zookeeper02/data:/data - /mydata/zookeeper-cluster/zookeeper02/datalog:/datalog - /mydata/zookeeper-cluster/zookeeper02/conf:/conf environment: ZOO_MY_ID: 2 ZOO_SERVERS: server.1=zoo1:2888:3888;2181 server.2=0.0.0.0:2888:3888;2181 server.3=zoo3:2888:3888;2181 zoo3: image: zookeeper restart: always hostname: zoo3 container_name: zoo3 privileged: true ports: - "2183:2181" volumes: - /mydata/zookeeper-cluster/zookeeper03/data:/data - /mydata/zookeeper-cluster/zookeeper03/datalog:/datalog - /mydata/zookeeper-cluster/zookeeper03/conf:/conf environment: ZOO_MY_ID: 3 ZOO_SERVERS: server.1=zoo1:2888:3888;2181 server.2=zoo2:2888:3888;2181 server.3=0.0.0.0:2888:3888;2181
- 运行docker-compose.yml文件
docker-compose up -d
- 停止集群
docker-compose down
- 查看创建好的zookeeper集群
docker ps 或在docker-compose.yml文件所在目录输入 docker-compose ps
Docker Compose
简介
Docker Compose 定义、运行、管理容器
A docker-compose.yml
looks like this:
version: "3.8"
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
- logvolume01:/var/log
links:
- redis
redis:
image: redis
volumes:
logvolume01: {}
Compose概念
- 服务service,容器、应用(web、Redis、MySQL…)
- project(项目),一组关联的容器
安装
- 运行安装Compose
curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.5/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
- 给docker-compose可执行的权限
sudo chmod +x /usr/local/bin/docker-compose
- 快速开始:https://docs.docker.com/compose/gettingstarted/
version: "3.5"
services:
mall4cloud-mysql:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/mysql:8.0.35
container_name: mall4cloud-mysql
restart: always
environment:
- MYSQL_ROOT_PASSWORD=80jpnH4.r5g
network_mode: "host"
expose:
- 3306
volumes:
- ./mysql/data:/var/lib/mysql
- ./mysql/conf.d:/etc/mysql/conf.d
- ./mysql/initdb:/docker-entrypoint-initdb.d
mall4cloud-minio:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/minio:RELEASE.2024-04-18T19-09-19Z
container_name: mall4cloud-minio
restart: always
command: server /data
network_mode: "host"
expose:
- 9000
volumes:
- ./minio/data:/data
environment:
- MINIO_ROOT_USER=admin
- MINIO_ROOT_PASSWORD=80jpnH4.r5g
mall4cloud-redis:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/redis:7.0
container_name: mall4cloud-redis
restart: always
network_mode: "host"
command: redis-server --requirepass 80jpnH4.r5g
expose:
- 6379
mall4cloud-nacos:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/nacos-server:v2.3.2
container_name: mall4cloud-nacos
restart: always
depends_on:
- mall4cloud-mysql
network_mode: "host"
expose:
- 8848
- 9848
- 9849
environment:
- JVM_XMS=256m
- JVM_XMX=256m
- MODE=standalone
- PREFER_HOST_MODE=hostname
- SPRING_DATASOURCE_PLATFORM=mysql
- MYSQL_SERVICE_HOST=192.168.1.46
- MYSQL_SERVICE_DB_NAME=mall4cloud_nacos
- MYSQL_SERVICE_USER=root
- MYSQL_SERVICE_PASSWORD=80jpnH4.r5g
- NACOS_AUTH_ENABLE=true
- NACOS_CORE_AUTH_PLUGIN_NACOS_TOKEN_SECRET_KEY=TWFsbDRqTWFsbDRjbG91ZE1hbGw0ak1hbGw0Y2xvdWRNYWxsNGpNYWxsNGNsb3Vk
- NACOS_CORE_AUTH_SERVER_IDENTITY_KEY=mall4jmall4jmall4jmall4jmall4jmall4jmall4jmall4j
- NACOS_CORE_AUTH_SERVER_IDENTITY_VALUE=mall4cloudmall4cloudmall4cloudmall4cloudmall4cloudmall4cloudmall4cloud
volumes:
- ./nacos/logs:/home/nacos/logs
mall4cloud-seata:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/seata-server:2.0.0
container_name: mall4cloud-seata
restart: always
network_mode: "host"
expose:
- 8091
- 7091
environment:
- TZ
- STORE_MODE=db
- SEATA_IP=192.168.1.46
- SEATA_PORT=8091
volumes:
- ./seata/application.yml:/seata-server/resources/application.yml
mall4cloud-elasticsearch:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/elasticsearch:7.17.21
container_name: mall4cloud-elasticsearch
restart: always
network_mode: "host"
expose:
- 9200
- 9300
environment:
- discovery.type=single-node
- ES_JAVA_OPTS=-Xms512m -Xmx512m
- ELASTICSEARCH_USERNAME=elastic
- ELASTIC_PASSWORD=hn02le.34lkdLKD
- xpack.security.enabled=true
volumes:
- ./elasticsearch/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
- ./elasticsearch/data:/usr/share/elasticsearch/data
- ./elasticsearch/plugins:/usr/share/elasticsearch/plugins
mall4cloud-canal:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/canal-server:v1.1.7
container_name: mall4cloud-canal
restart: always
network_mode: "host"
expose:
- 11111
volumes:
- ./canal/conf/example:/home/admin/canal-server/conf/example
- ./canal/conf/canal.properties:/home/admin/canal-server/conf/canal.properties
- ./canal/logs:/home/admin/canal-server/logs
mall4cloud-rocketmq-namesrv:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/rocketmq:5.2.0
container_name: mall4cloud-rocketmq-namesrv
restart: always
network_mode: "host"
expose:
- 9876
volumes:
- ./rocketmq/namesrv/logs:/home/rocketmq/logs
- ./rocketmq/namesrv/store:/home/rocketmq/store
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128M"
command: ["sh","mqnamesrv"]
mall4cloud-rocketmq-broker:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/rocketmq:5.2.0
container_name: mall4cloud-rocketmq-broker
restart: always
network_mode: "host"
expose:
- 10909
- 10911
volumes:
- ./rocketmq/broker/logs:/home/rocketmq/logs
- ./rocketmq/broker/store:/home/rocketmq/store
- ./rocketmq/broker/conf/broker.conf:/etc/rocketmq/broker.conf
environment:
JAVA_OPT_EXT: "-Duser.home=/home/rocketmq -Xms512M -Xmx512M -Xmn128M -XX:-AssumeMP"
command: ["sh","mqbroker","-c","/etc/rocketmq/broker.conf","-n","192.168.1.46:9876","autoCreateTopicEnable=true"]
depends_on:
- mall4cloud-rocketmq-namesrv
mall4cloud-rocketmq-dashboard:
image: registry.cn-hongkong.aliyuncs.com/mall4j-images/rocketmq-dashboard:1.0.1
container_name: mall4cloud-rocketmq-dashboard
restart: always
ports:
- 8180:8080
environment:
JAVA_OPTS: "-Drocketmq.namesrv.addr=192.168.1.46:9876 -Dcom.rocketmq.sendMessageWithVIPChannel=false"
depends_on:
- mall4cloud-rocketmq-namesrv
更多推荐
所有评论(0)