1.docker安装
1.1移除旧版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
1.2安装yum-utils获取yum-config-manager
[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
若有报错编辑报错文件添加这个
import sys
reload(sys)
sys.setdefaultencoding('utf-8')
1.3通过yum-config-manager获取docker-ce.repo
https://download.docker.com/linux/centos/docker-ce.repo
[root@localhost yum.repos.d]# ll
total 44
-rw-r--r--. 1 root root 1664 Oct 23 2020 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 Oct 23 2020 CentOS-CR.repo
-rw-r--r--. 1 root root 649 Oct 23 2020 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 314 Oct 23 2020 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 Oct 23 2020 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 Oct 23 2020 CentOS-Sources.repo
-rw-r--r--. 1 root root 8515 Oct 23 2020 CentOS-Vault.repo
-rw-r--r--. 1 root root 616 Oct 23 2020 CentOS-x86_64-kernel.repo
-rw-r--r--. 1 root root 1919 Apr 3 08:54 docker-ce.repo
1.4安装docker-ce
yum repolist
yum list | grep docker-ce
yum -y install docker-ce
systemctl enable docker
systemctl start docker
docker version
[root@localhost yum.repos.d]# docker version
Client: Docker Engine - Community
Version: 20.10.14
API version: 1.41
Go version: go1.16.15
Git commit: a224086
Built: Thu Mar 24 01:49:57 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.14
API version: 1.41 (minimum version 1.12)
Go version: go1.16.15
Git commit: 87a90dc
Built: Thu Mar 24 01:48:24 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.11
GitCommit: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc:
Version: 1.0.3
GitCommit: v1.0.3-0-gf46b6ba
docker-init:
Version: 0.19.0
GitCommit: de40ad0
2.启动容器
2.1查看本地镜像
[root@localhost ~]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@localhost ~]#
2.2本地没有镜像,需要去search镜像
docker search centos
2.3下载镜像到本地
docker pull centos
docker /images
2.4运行容器
[root@localhost ~]# docker run -it --name=c1 centos:latest /bin/bash
[root@a3cd94942439 /]#
2.5查看运行中的容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3cd94942439 centos:latest "/bin/bash" 19 minutes ago Exited (0) 17 minutes ago c1
[root@localhost ~]#
3.docker daemon管理
3.1关闭docker daemon
[root@localhost ~]# systemctl stop docker
Warning: Stopping docker.service, but it can still be activated by:
docker.socket
[root@localhost ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Sun 2022-04-03 09:16:48 EDT; 1min 5s ago
Docs: https://docs.docker.com
Process: 2044 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=0/SUCCESS)
Main PID: 2044 (code=exited, status=0/SUCCESS)
3.2修改docker daemon配置文件
如果想使用/etc/docker/daemon.json管理docker daemon,默认情况下,/etc/docker目录中并没有daemon.json
文件,添加后会导致docker daemon无法启动,在添加daemon.json文件之前,请先修改如下文件内容:
vim /usr/lib/systemd/system/docker.service
修改前
#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
修改后
ExecStart=/usr/bin/dockerd
3.3修改完后加载配置文件、重新开启守护进程
systemctl daemon-reload
systemctl start docker
3.4添加配置文件对docker daemon配置、daemon.json文件
添加该文件
[root@localhost ~]# cat /etc/docker/daemon.json
{
"hosts": ["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"]
}
查看看、重启服务
ls /var/run/docker.sock
systemctl restart docker
[root@localhost ~]# netstat -nltp |grep 2375
tcp6 0 0 :::2375 :::* LISTEN 2741/dockerd
3.5实例远程连接
[root@localhost ~]# docker -H 远程容器主机 version
4.容器镜像传输
4.1获取本地容器镜像打包
latest表示版本,
docker save -o centos.tar centos:latest
4.2传输到别的机器
scp centos.tar 192.168.145.251:/root
4.3导入到本地目录
docker load -i centos.tar
4.4启动容器
docker run -it --name=c1 centos:latest /bin/bash
或者
docker container run -it --name=c2 centos:latest /bin/bash
5.启动一个运行httpd服务的容器
5.1启动一个容器、在容器中安装httpd
docker run -it --name=c1 centos:latest /bin/bash
yum -y install httpd
安装的时候有报错:因为是centos8,和语言环境原因
cd /etc/yum.repos.d
vi CentOS-Linux-BaseOS.repo
[baseos]
name=CentOS Linux $releasever - BaseOS
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=BaseOS&infra=$infra
#baseurl=http://mirror.centos.org/$contentdir/$releasever/BaseOS/$basearch/os/
baseurl=https://vault.centos.org/centos/$releasever/BaseOS/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
vi CentOS-Linux-AppStream.repo
[appstream]
name=CentOS Linux $releasever - AppStream
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=AppStream&infra=$infra
#baseurl=http://mirror.centos.org/$contentdir/$releasever/AppStream/$basearch/os/
baseurl=https://vault.centos.org/centos/$releasever/AppStream/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
安装语言包
dnf install glibc-langpack-en
在执行安装httpd
yum -y install httpd
启动
/usr/sbin/httpd -k start
遇到报错
解决AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using local
修改httpd配置
vim /etc/httpd/conf/httpd.conf
#ServerName www.example.com:80
改为
ServerName localhost:80
curl http://localhost
5.2基于容器生成文件导入为容器镜像
docker export -o centos-httpd.tar c1
[root@localhost ~]# ls
anaconda-ks.cfg centos-httpd.tar centos.tar
[root@localhost ~]# docker import -m httpd centos-httpd.tar centos-httpd:v1
sha256:261068bcb384c6924815c362183658a0d4c9c3f9b55b3f0738e059b4e51e09c0
[root@localhost ~]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 261068bcb384 30 seconds ago 302MB
centos latest 5d0da3dc9764 6 months ago 231MB
[root@localhost ~]# docker history centos-httpd:v1
IMAGE CREATED CREATED BY SIZE COMMENT
261068bcb384 About a minute ago 302MB httpd
[root@localhost ~]# docker run -it --name=c2 centos-httpd:v1 /bin/bash
[root@a3a76864170d /]# httpd -k start
curl http://localhost
制作centos镜像
[root@localhost ~]# docker import -m centos_bzv1.tar centos_bzv1:v1
open centos_bzv1:v1: no such file or directory
[root@localhost ~]# docker import -m centos centos_bzv1.tar centos_bzv1:v1
sha256:d24a27be47fc8456c9a860554b3842b79dbc3c474612484c3ed88436e470e037
[root@localhost ~]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_bzv1 v1 d24a27be47fc 6 seconds ago 302MB
centos-httpd v1 261068bcb384 30 minutes ago 302MB
centos latest 5d0da3dc9764 6 months ago 231MB
5.3查看容器IP地址
方法一 容器内部查看
[root@a3a76864170d /]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
方法二 审查容器
[root@localhost ~]# docker inspect c2
[
{
"Id": "a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7",
"Created": "2022-04-04T00:39:11.158593769Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4676,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-04-04T00:39:11.608078759Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:261068bcb384c6924815c362183658a0d4c9c3f9b55b3f0738e059b4e51e09c0",
"ResolvConfPath": "/var/lib/docker/containers/a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7/hostname",
"HostsPath": "/var/lib/docker/containers/a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7/hosts",
"LogPath": "/var/lib/docker/containers/a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7/a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7-json.log",
"Name": "/c2",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/ebaad116900b8fe833db2623093daafaceb183900a105ab70a417821413f1d27-init/diff:/var/lib/docker/overlay2/097dadf87355159a330ab7d72d86e724072b89698778488ffe0102d04eed7c07/diff",
"MergedDir": "/var/lib/docker/overlay2/ebaad116900b8fe833db2623093daafaceb183900a105ab70a417821413f1d27/merged",
"UpperDir": "/var/lib/docker/overlay2/ebaad116900b8fe833db2623093daafaceb183900a105ab70a417821413f1d27/diff",
"WorkDir": "/var/lib/docker/overlay2/ebaad116900b8fe833db2623093daafaceb183900a105ab70a417821413f1d27/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "a3a76864170d",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": null,
"Cmd": [
"/bin/bash"
],
"Image": "centos-httpd:v1",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "627a770da5455131d1ded308aacce4eae436bd539b193f541eecd5d92ea12040",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/627a770da545",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "0bc0cd14540c25d4f93c3cf6dd9df3e70447d3154c15c90e89be5eb6b45f661a",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "751680ae681f1a49f2f8d55a528183d438cb38b4db0acfe69c2ee2161e5e4056",
"EndpointID": "0bc0cd14540c25d4f93c3cf6dd9df3e70447d3154c15c90e89be5eb6b45f661a",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
}
}
]
方法三 在容器外执行容器内命令
docker exec c2 ip a s
查看运行中的容器
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3a76864170d centos-httpd:v1 "/bin/bash" 5 minutes ago Up 5 minutes c2
a3cd94942439 centos:latest "/bin/bash" 12 hours ago Up 26 minutes c1
5.4容器的停止与删除
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3a76864170d centos-httpd:v1 "/bin/bash" 5 minutes ago Up 5 minutes c2
a3cd94942439 centos:latest "/bin/bash" 12 hours ago Up 26 minutes c1
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# docker stop a3cd94942439
a3cd94942439
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3a76864170d centos-httpd:v1 "/bin/bash" 7 minutes ago Up 7 minutes c2
[root@localhost ~]# docker start a3cd94942439
a3cd94942439
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3a76864170d centos-httpd:v1 "/bin/bash" 7 minutes ago Up 7 minutes c2
a3cd94942439 centos:latest "/bin/bash" 12 hours ago Up 4 seconds c1
[root@localhost ~]# docker rm c2
Error response from daemon: You cannot remove a running container a3a76864170d7650f53deff8836da5291945436e1bc91a32185782ac1104f2b7. Stop the container before attempting removal or force remove
[root@localhost ~]# docker stop c2
c2
[root@localhost ~]# docker rm c2
c2
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a3cd94942439 centos:latest "/bin/bash" 12 hours ago Up 33 seconds c1
进入容器
docker exec -it c1 /bin/bash
5.5容器端口映射
[root@localhost ~]# docker run -it -p 80:80 --name c3 centos:latest /bin/bash
[root@0ec42d6f03cc /]#
[root@a3cd94942439 /]# yum -y install httpd iproute
Last metadata expiration check: 0:44:17 ago on Mon 04 Apr 2022 12:25:28 AM UTC.
[root@a3cd94942439 /]# echo "197-0.2-webpage" >> /var/www/html/index.html
[root@a3cd94942439 /]# httpd -k start
[root@a3cd94942439 /]# curl http://172.17.0.2
197-0.2-webpage
[root@a3cd94942439 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
16: eth0@if17: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
#在容器主机上访问容器IP
[root@localhost ~]# curl http://172.17.0.2
197-0.2-webpage
笔记本访问
#如果仅定义了容器的端口,那么容器主机会随机添加映射端口到容器80端口,随机端口大于或等于32768
[root@localhost ~]# docker run -it -p 80 --name=a1 centos_bzv1:v1 /bin/bash
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a31c4803667e centos_bzv1:v1 "/bin/bash" 6 seconds ago Exited (0) 2 seconds ago a1
fcca0b8b586f centos_bzv1:v1 "/bin/bash" 7 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp c1
[root@localhost ~]# docker start a1
a1
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a31c4803667e centos_bzv1:v1 "/bin/bash" 20 seconds ago Up 2 seconds 0.0.0.0:49154->80/tcp, :::49154->80/tcp a1
fcca0b8b586f centos_bzv1:v1 "/bin/bash" 7 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp c1
#使用容器主机的某一IP地址上的端口做随机映射
[root@localhost ~]# docker run -it -p 192.168.12.22::80 --name=a101 centos_bzv1:v1 /bin/bash
[root@f732fafa28a3 /]# exit
[root@localhost ~]# docker start a101
a101
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f732fafa28a3 centos_bzv1:v1 "/bin/bash" 20 seconds ago Up 2 seconds 192.168.12.22:49155->80/tcp a101
a31c4803667e centos_bzv1:v1 "/bin/bash" 2 minutes ago Up 2 minutes 0.0.0.0:49154->80/tcp, :::49154->80/tcp a1
fcca0b8b586f centos_bzv1:v1 "/bin/bash" 9 minutes ago Up 9 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp c1
5.6容器使用Docker Host存储数据
5.6.1创建存储目录
mkdir /opt/cvolume
5.6.2运行容器并挂载上述目录
[root@localhost ~]# docker run -it -v /opt/cvolume:/data --name=cunchu centos_bzv1:v1 /bin/bash
[root@e7cb3fcfc70a /]# ls
bin data dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
5.6.3运行在容器中的http服务,使用docker host的/web目录中的网页文件,并能够在doker host上进行修改,修改后立即生效。
在主机
[root@localhost ~]# mkdir /web
[root@localhost ~]# echo "web" >> /web/index.html
[root@localhost ~]# docker run -it -p 8080:80/tcp -v /web:/var/www/html --name c200 centos_bzv1:v1 /bin/bash
在容器
[root@e7bd31a6e910 /]# ls /var/www/html
index.html
[root@e7bd31a6e910 /]# /usr/sbin/httpd -k start
在笔记本
5.6.4同步容器与docker host时间
容器时间
[root@e7bd31a6e910 /]# date
Mon Apr 4 02:03:46 UTC 2022
[root@e7bd31a6e910 /]#
本地时间
[root@localhost ~]# date
Mon Apr 4 10:04:23 CST 2022
方法一在创建的时候
docker run -it -v /etc/localtime:/etc/localtime centos:latest /bin/bash
方法二复制主机文件到容器
[root@localhost Asia]# docker cp /usr/share/zoneinfo/Asia/Shanghai c200:/etc/
到容器修改
mv /etc/Shanghai /etc/localtime
date
5.6.5在容器外执行容器内命令
[root@localhost ~]# docker exec c200 ls /
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
5.6.6 容器间互联(–link)
第一步:创建被依赖容器
[root@localhost ~]# docker run -it --name c202 centos:latest /bin/bash
[root@42635a4f0ea4 /]#
第二步:创建依赖于源容器的容器
[root@localhost ~]# docker run --link c202:mysqldb -it --name c203 centos:latest /bin/bash
[root@5b3e70c6574d /]# ping mysqldb
PING mysqldb (172.17.0.6) 56(84) bytes of data.
64 bytes from mysqldb (172.17.0.6): icmp_seq=1 ttl=64 time=0.104 ms
64 bytes from mysqldb (172.17.0.6): icmp_seq=2 ttl=64 time=0.125 ms
64 bytes from mysqldb (172.17.0.6): icmp_seq=3 ttl=64 time=0.124 ms
64 bytes from mysqldb (172.17.0.6): icmp_seq=4 ttl=64 time=0.124 ms
^C
--- mysqldb ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 0.104/0.119/0.125/0.011 ms
[root@5b3e70c6574d /]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.6 mysqldb 42635a4f0ea4 c202
172.17.0.7 5b3e70c6574d
停止并新建容器,用于抢占c202的IP
[root@localhost ~]# docker stop c202 c203
c202
c203
[root@localhost ~]# docker run -it centos /bin/bash
[root@aa475dc1cfdb /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
44: eth0@if45: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:06 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.6/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@aa475dc1cfdb /]#
启动c202及c203
[root@localhost ~]# docker start c202
c202
[root@localhost ~]# docker start c203
c203
[root@localhost ~]# docker exec c203 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.7 mysqldb 42635a4f0ea4 c202
172.17.0.8 5b3e70c6574d
6.docker容器镜像
容器与镜像之间的关系:
docker client 向docker daemon发起创建容器的请求
docker daemon查找有无客户端需要的镜像
如无,则到容器的镜像仓库中下载需要的镜像
拿到容器镜像后,启动容器
6.1制作基础镜像
6.1.1打包操作系统的根目录
排除/proc及/sys、/var/lib/docker
tar --numeric-owner --exclude=/proc --exclude=/sys --exclude=/var/lib/docker -cvf centos7u6.tar /
6.1.2把获取的根打包文件导入Docker Host中
[root@localhost ~]# docker import centos7u6.tar centos7u6:v1
sha256:d71ae14f7326e957ca9d7d3761b12c6e1bdc825f940b88c393f00af4e4537702
[root@localhost ~]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7u6 v1 d71ae14f7326 17 seconds ago 3.01GB
centos_bzv1 v1 d24a27be47fc 3 hours ago 302MB
centos-httpd v1 261068bcb384 3 hours ago 302MB
centos latest 5d0da3dc9764 6 months ago 231MB
6.1.3使用基础镜像启动容器
[root@localhost ~]# docker run -it --name=centos7 centos7u6:v1 /bin/bash
[root@758b35b39d48 /]#
6.2应用镜像制作
6.2.1使用commit提交镜像
在基础镜像运行的容器中安装应用,此例使用httpd
yum -y install httpd
使用commit命令对正在运行的容器提交为一个应用镜像
[root@localhost ~]# docker commit centos7 centos7u6_httpd:v1
sha256:35bdca97223ded8d787a7cff549b7869d6fbd5a1ea3dc347cd6f7b70e5c8be5a
[root@localhost ~]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7u6_httpd v1 35bdca97223d 29 seconds ago 3.22GB
centos7u6 v1 d71ae14f7326 5 minutes ago 3.01GB
centos_bzv1 v1 d24a27be47fc 3 hours ago 302MB
centos-httpd v1 261068bcb384 4 hours ago 302MB
centos latest 5d0da3dc9764 6 months ago 231MB
使用应用镜像
[root@localhost ~]# docker run -it --name=os7_httpd centos7u6_httpd:v1 /bin/bash
[root@bd47ddf3b1e6 /]# exit
[root@localhost ~]# docker start os7_httpd
os7_httpd
[root@localhost ~]# docker exec -it os7_httpd /bin/bash
[root@bd47ddf3b1e6 /]#
[root@bd47ddf3b1e6 /]#
[root@bd47ddf3b1e6 /]#
[root@bd47ddf3b1e6 /]# echo "ttt" >> /var/www/html/index.html
[root@bd47ddf3b1e6 /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.6. Set the 'ServerName' directive globally to suppress this message
[root@bd47ddf3b1e6 /]# curl http://localhost
ttt
6.2.2使用Dockerfile创建应用镜像
Dockfile原理
在Dockerfile定义所要执行的命令,使用docker build创建镜像,过程中会按照Dockerfile所定义的内容打开临时性容
器(使用docker commit进行提交),把Dockerfile文件中的命令全部执行完成,就得到了一个容器应用镜像。
执行命令越多,最终得到的容器应用镜像越大,所以要做优化
Dockerfile关键字
- FROM(指定基础/image)
- MAINTAINER(用来指定镜像创建者信息)
- RUN (运行命令)
- CMD(设置container启动时执行的操作)
- ENTRYPOINT(设置container启动时执行的操作)
- USER(设置container容器的用户)
- EXPOSE(指定容器需要映射到宿主机器的端口)
- ENV(用于设置环境变量)
- ADD(从src复制文件到container的dest路径)
- VOLUME(指定挂载点)
- WORKDIR(切换目录)
6.2.2.1Dockerfile应用案例
1、通过Dockerfile创建一个可以在启动容器时就直接启动httpd应用的镜像
步骤:
-
创建一个目录,用于存储Dockerfile所使用的文件
-
在此目录中创建Dockerfile文件及制作镜像所使用到的文件
-
在此此目录中使用docker build创建镜像(读取Dockerfile文件)
-
使用创建的镜像启动容器
思考:
- 基础镜像是谁?centos7u6
- 安装httpd
- yum -y install httpd
- 安装完成后如何启动httpd? 编写一个把httpd启动的脚本文件
- 把httpd放在前端执行还是后端执行?前端
- 暴露端口?tcp80
- 添加一个测试文件,用于验证httpd是否可用?
步骤:
1.创建目录
[root@localhost ~]# mkdir test && ll test
total 0
2.进入目录并创建用于启动httpd的脚本文件
[root@localhost test]# pwd
/root/test
[root@localhost test]# ll
total 12
-rw-r--r--. 1 root root 256 Apr 4 12:29 Dockerfile
-rw-r--r--. 1 root root 13 Apr 4 12:25 index.html
-rw-r--r--. 1 root root 64 Apr 4 12:25 run-httpd.sh
[root@localhost test]# cat run-httpd.sh
#!/bin/bash
rm -rf /run/httpd/*
exec /sbin/httpd -D FOREGROUND
[root@localhost test]# cat index.html
It's work!!!
[root@localhost test]# cat Dockerfile
FROM centos7u6:v1
MAINTAINER "ly@ly@163.com"
RUN yum clean all
RUN rpm --rebuilddb && yum -y install httpd
ADD run-httpd.sh /run-httpd.sh
RUN chmod -v +x /run-httpd.sh
ADD index.html /var/www/html/
EXPOSE 80
WORKDIR /
CMD ["/bin/bash","/run-httpd.sh"]
使用docker build创建镜像,注意命令最后有一个点,点表示当前目录
[root@localhost test]# docker build -t centos7u6-base-httpd:v1 .
Sending build context to Docker daemon 4.096kB
Step 1/10 : FROM centos7u6:v1
---> d71ae14f7326
Step 2/10 : MAINTAINER "ly@ly@163.com"
---> Running in e4ebcdad8d16
Removing intermediate container e4ebcdad8d16
---> 7ddd84296e02
Step 3/10 : RUN yum clean all
---> Running in 279d11a19879
Cleaning repos: base docker-ce-stable extras updates
Removing intermediate container 279d11a19879
使用上述创建的应用容器启动容器
docker run -d centos7u6-base-httpd:v1
验证容器及httpd是否可用
在容器查看IP
[root@localhost test]# docker exec -it 12f238be9776 /bin/bash
[root@12f238be9776 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
70: eth0@if71: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@12f238be9776 /]# exit
[root@localhost test]# curl http://172.17.0.3
It's work!!!
替代原网站内容案例
[root@localhost ~]# mkdir /wwwroot
[root@localhost ~]# echo "wwwroot" >> /wwwroot/index.html
[root@localhost ~]# docker run -d -v /wwwroot:/var/www/html centos7u6-base-httpd:v1
c3304ec613935d6bfa2b74e6000e072454c27ce1e28c9fdfb1828a1ca9478d80
[root@localhost ~]# docker exec -it c33 /bin/bash
[root@c3304ec61393 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
72: eth0@if73: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.4/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@localhost ~]# curl http://172.17.0.4
wwwroot
2、把nginx应用容器化
要求:
1、通过基础镜像做nginx应用镜像
2、使用nginx应用镜像启动容器时,nginx要求启动
3、验证nginx服务是否启动
步骤:
1、使用哪一个基础 centos:latest
2、需要使用epel YUM源
3、安装nginx
4、修改nginx配置文件,主要用于关闭daemon后台运行
5、验证使用的测试页面
创建目录
mkdir nginxtest && cd nginxtest/
创建测试文件
echo 'nginx s running!!!' >> index.html
使用docker build创建nginx应用镜像
[root@localhost nginxtest]# docker build -t centos-nginx:v1 .
启动容器验证nginx服务是否自动开启
[root@localhost nginxtest]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-nginx v1 0260ebfaedd8 11 minutes ago 3.45GB
[root@localhost nginxtest]# curl http://172.17.0.3
nginx s running!!!
6.2.3容器镜像在docker host存储位置
从图中可以看出除了最上面的一层为读写层之外,下面的其他的层都是只读的镜像层,并且除了最下面的一层外,其
他的层都有会有一个指针指向自己下面的一层镜像。
Docker 的容器镜像和容器本身的数据都存放在服务器的 /var/lib/docker/ 这个路径下。不过不同的linux发行版存储
方式上有差别,比如,在ubuntu发行版上存储方式为AUFS,CentOS发行版上的存储方式为Overlay或Overlay2。
Overlay及Overlay2原理
OverlayFS将单个Linux主机上的两个目录合并成一个目录。这些目录被称为层,统一过程被称为联合挂载。
OverlayFS底层目录称为lowerdir, 高层目录称为upperdir。合并统一视图称为merged。当需要修改一个文件时,
使用CoW将文件从只读的Lower复制到可写的Upper进行修改,结果也保存在Upper层。在Docker中,底下的只读层
就是/image,可写层就是Container。
overlay2是overlay的改进版,只支持4.0以上内核添加了Multiple lower layers in overlayfs的特性,所以overlay2可
以直接造成muitiple lower layers不用像overlay一样要通过硬链接的方式(最大128层) centos的话支持3.10.0-514及
以上内核版本也有此特性,所以消耗更少的inode
6.3镜像仓库上传和下载
6.3.1创建自己的仓库
命令行登录docker报错
[root@localhost nginxtest]# docker login hub.docker.com
Username: ly201552y
Password:
Error response from daemon: login attempt to https://hub.docker.com/v2/ failed with status: 404 Not Found
[root@localhost nginxtest]#
执行以下命令
[root@localhost nginxtest]# docker login --username ly201552y --password 密码
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost nginxtest]#
登出
[root@localhost nginxtest]# docker logout
Removing login credentials for https://index.docker.io/v1/
[root@localhost nginxtest]#
6.3.2镜像上传,下载
给需要上传到公有仓库的容器镜像打标记
[root@localhost nginxtest]# docker login --username ly201552y --password 密码
[root@localhost nginxtest]# docker tag centos7u6-base-httpd:v1 ly201552y/centos:httpd_v1
[root@localhost nginxtest]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-nginx v1 0260ebfaedd8 3 hours ago 3.45GB
centos7u6-base-httpd v1 296c7a8e7d91 4 hours ago 3.22GB
ly201552y/centos httpd_v1 296c7a8e7d91 4 hours ago 3.22GB
centos7u6_httpd v1 35bdca97223d 6 hours ago 3.22GB
centos7u6 v1 d71ae14f7326 6 hours ago 3.01GB
centos_bzv1 v1 d24a27be47fc 9 hours ago 302MB
centos-httpd v1 261068bcb384 9 hours ago 302MB
centos latest 5d0da3dc9764 6 months ago 231MB
[root@localhost nginxtest]# docker push ly201552y/centos:httpd_v1
The push refers to repository [docker.io/ly201552y/centos]
b1b15ac11d63: Pushed
ffb111452e47: Pushed
ed04fd6f6b25: Pushed
794768549c18: Pushed
3be1db67a845: Pushed
a0e3ce00935d: Pushing [> ] 53.23MB/3.013GB
上传成功
下载
docker /images
docker logout
docker pull ly201552y/centos:httpd_v1
查看是否下载成功
docker /images
6.3.3配置镜像加速器
永久配置方法
第一步:修改/usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
#把上述行时行修改,修改如下:
ExecStart=/usr/bin/dockerd
第二步:在/etc/docker/daemon.json,改了之后有点慢啊
[root@localhost docker]# cat daemon.json
{
"hosts": ["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"],
"registry-mirrors": ["https://registry.docker-cn.com"]
}
第三步:重启docker daemon
systemctl daemon-reload
systemctl restart docker
第四步:验证加速器是否可用
docker pull ansible/centos7-ansible:latest
7.docker本地容器镜像仓库
作用
在局域内使用
方便与其它系统进行集成
上传下载大镜像时
7.1 使用registry容器镜像实现本地非安全镜像仓库
[root@localhost docker]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
40e059520d19: Pull complete
3b494d572400: Pull complete
88ce0e919729: Pull complete
0fec280ccc88: Pull complete
d637f99b7441: Pull complete
Digest: sha256:b1a51fda7f0115eab1989ae53fe6303afd9a15967496624b1aa822517f3a0a2b
Status: Downloaded newer /image for registry:latest
docker.io/library/registry:latest
创建用于挂载至registry镜像启动的仓库中,便于容器镜像持久保存
[root@localhost docker]# mkdir /opt/dockerregistry
启动容器获取镜像仓库
[root@localhost docker]# docker run -d -p 5000:5000 --restart=always -v /opt/dockerregistry:/var/lib/registry registry:latest
e7fb0c3a64e2b30401576ebb2c92bd854e47ccd1da50c2f42e76d7461bdc8796
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e7fb0c3a64e2 registry:latest "/entrypoint.sh /etc…" 43 seconds ago Up 42 seconds 0.0.0.0:5000->5000/tcp, :::5000->5000/tcp zen_almeida
验证是否用可
[root@localhost docker]# curl http://192.168.12.22:5000/v2/_catalog
{"repositories":[]}
[root@localhost docker]#
修改daemon.json
cat /etc/docker/daemon.json
{
"insecure-registries": ["http://192.168.12.22:5000"],
"registry-mirrors": ["https://s27w6kze.mirror.aliyuncs.com","https://registry.docker-cn.com"]
}
重载
systemctl daemon-reload
systemctl restart docker
[root@localhost docker]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-nginx v1 0260ebfaedd8 6 hours ago 3.45GB
centos7u6-base-httpd v1 296c7a8e7d91 7 hours ago 3.22GB
ly201552y/centos httpd_v1 296c7a8e7d91 7 hours ago 3.22GB
centos7u6_httpd v1 35bdca97223d 9 hours ago 3.22GB
centos7u6 v1 d71ae14f7326 9 hours ago 3.01GB
centos_bzv1 v1 d24a27be47fc 12 hours ago 302MB
centos-httpd v1 261068bcb384 12 hours ago 302MB
registry latest d3241e050fc9 5 days ago 24.2MB
centos latest 5d0da3dc9764 6 months ago 231MB
[root@localhost docker]# docker tag centos:latest 192.168.12.22:5000/centos:v1
[root@localhost docker]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-nginx v1 0260ebfaedd8 6 hours ago 3.45GB
centos7u6-base-httpd v1 296c7a8e7d91 7 hours ago 3.22GB
ly201552y/centos httpd_v1 296c7a8e7d91 7 hours ago 3.22GB
centos7u6_httpd v1 35bdca97223d 9 hours ago 3.22GB
centos7u6 v1 d71ae14f7326 9 hours ago 3.01GB
centos_bzv1 v1 d24a27be47fc 12 hours ago 302MB
centos-httpd v1 261068bcb384 12 hours ago 302MB
registry latest d3241e050fc9 5 days ago 24.2MB
192.168.12.22:5000/centos v1 5d0da3dc9764 6 months ago 231MB
centos latest 5d0da3dc9764 6 months ago 231MB
[root@localhost docker]# docker push 192.168.12.22:5000/centos:v1
The push refers to repository [192.168.12.22:5000/centos]
74ddd0ec08fa: Pushing [=================> ] 81.04MB/231.3MB
74ddd0ec08fa: Pushed
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529
看centos在哪
[root@localhost docker]# tree -R /opt/dockerregistry
/opt/dockerregistry
└── docker
└── registry
└── v2
├── blobs
│ └── sha256
│ ├── 5d
│ │ └── 5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6
│ │ └── data
│ └── a1
│ ├── a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
│ │ └── data
│ └── a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad82bb913f8a1d1
│ └── data
└── repositories
└── centos
├── _layers
│ └── sha256
│ ├── 5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6
│ │ └── link
│ └── a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad82bb913f8a1d1
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
│ │ └── link
│ └── tags
│ └── v1
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
│ └── link
└── _uploads
27 directories, 8 files
#在其它主机中使用此镜像仓库
#第一步修改:/usr/lib/systemd/system/docker.service
#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd
#第二步创建:/etc/docker/daemon.json
#添加内容: “insecure-registries”: [“http://192.168.12.22:5000”]
#第三步:重启 systemctl daemon-reload;systemctl restart docker
#第四步:下载容器镜像
docker pull 192.168.12.22:5000/centos:v1
7.2(error)使用registry容器镜像实现本地基于用户名和密码访问的非安全镜像仓库
7.2.1添加用户
[root@localhost ~]# mkdir -p /opt/data/auth
entrypoint:入口点
有报错终止
[root@localhost ~]# docker run --entrypoint htpasswd registry:latest -Bbn ly 123456 >>/opt/data/auth/htpasswd
docker: Error response from daemon: failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: exec: "htpasswd": executable file not found in $PATH: unknown.
ERRO[0000] error waiting for container: context canceled
7.3使用Harbor实现本地通过web进行管理的非安全仓库
7.3.1工具准备
1.使用docker-compose工具进行启动
2.准备安装docker-compose有工具-pip
3.pip类似于yum,用于批量安装python模块及解决python模块依赖
pip工具准备
yum -y install epel-release
yum -y install python2-pip
pip install --upgrade pip
docker-compose工具准备
pip install docker-compose
安装失败一直报错
执行以下
yum install -y python3-pip
pip3 install --upgrade pip
在执行安装
pip3 install docker-compose
7.3.2获取harbor
解压
[root@localhost ~]# tar xf harbor-offline-installer-v1.8.2.tgz
[root@localhost ~]# cd harbor
[root@localhost harbor]# ls
harbor.v1.8.2.tar.gz harbor.yml install.sh LICENSE prepare
配置 harbor.yml
[root@localhost harbor]# cat harbor.yml |egrep "hostname|harbor_admin_password"
# The IP address or hostname to access admin UI and registry service.
hostname: reg.mydomain.com
# And when it enabled the hostname will no longer used
harbor_admin_password: Harbor12345
修改后
[root@localhost harbor]# cat harbor.yml |egrep "hostname|harbor_admin_password"
# The IP address or hostname to access admin UI and registry service.
hostname: 192.168.12.22
# And when it enabled the hostname will no longer used
harbor_admin_password: 123456
启动安装
[root@localhost harbor]# ./prepare
[root@localhost harbor]# ./install.sh
访问:admin/123456
http://192.168.12.22/harbor/sign-in
新建项目
7.3.2.1镜像上传下载操作
在docker宿主机配置非https连接,因为docker用https通讯,所以还需要做证书,太麻烦。配置"insecure-registries": [“harbor服务器IP”]来使用http通讯
{
"insecure-registries": ["http://192.168.12.22:5000"],
"registry-mirrors": ["https://s27w6kze.mirror.aliyuncs.com","https://registry.docker-cn.com"],
"insecure-registries": ["192.168.12.22"]
}
重载服务
systemctl restart docker
在docker宿主机登下载一个测试镜像,并tag成 harborIP/项目名/镜像名:TAG
[root@localhost harbor]# docker tag centos-httpd:v1 192.168.12.22/hahhah/centos-httpd:v1
7.3.2.2登陆服务器,并push上传镜像
登录有报错
[root@localhost harbor]# docker login 192.168.12.22 --username admin --password 123456
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "http://192.168.12.22/v2/": dial tcp 192.168.12.22:80: connect: connection refused
[root@localhost harbor]# docker login 192.168.12.22
Username: admin
Password:
Error response from daemon: Get "http://192.168.12.22/v2/": dial tcp 192.168.12.22:80: connect: connection refused
docker-compose ps查看有挂掉的
[root@localhost harbor]# docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------------------------
harbor-core /harbor/start.sh Up (healthy)
harbor-db /entrypoint.sh postgres Up (healthy) 5432/tcp
harbor-jobservice /harbor/start.sh Up
harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Exit 128
nginx nginx -g daemon off; Exit 128
redis docker-entrypoint.sh redis ... Up 6379/tcp
registry /entrypoint.sh /etc/regist ... Up (healthy) 5000/tcp
registryctl /harbor/start.sh Exit 137
重启服务解决
systemctl daemon-reload
systemctl restart docker
docker-compose down -v
docker-compose up -d
登录成功
[root@localhost harbor]# docker login 192.168.12.22 --username admin --password 123456
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost harbor]#
push镜像
[root@localhost harbor]# docker push 192.168.12.22/hahhah/centos-httpd:v1
The push refers to repository [192.168.12.22/hahhah/centos-httpd]
3b666007b409: Pushing [==========> ] 60.51MB/301.6MB
7.3.2.3浏览器界面验证
docker宿主机想要pull上传的镜像,可以这样做
删除镜像再重新从harbor仓库上下载
[root@localhost harbor]# docker rmi 192.168.12.22/hahhah/centos-httpd:v1
Untagged: 192.168.12.22/hahhah/centos-httpd:v1
Untagged: 192.168.12.22/hahhah/centos-httpd@sha256:cb8106cf575bb0f1b15b67414caede979a423b126378b3b0913a3d0dd856aca5
[root@localhost harbor]# docker /images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-nginx v1 0260ebfaedd8 8 hours ago 3.45GB
centos7u6-base-httpd v1 296c7a8e7d91 9 hours ago 3.22GB
ly201552y/centos httpd_v1 296c7a8e7d91 9 hours ago 3.22GB
centos7u6_httpd v1 35bdca97223d 10 hours ago 3.22GB
centos7u6 v1 d71ae14f7326 11 hours ago 3.01GB
centos_bzv1 v1 d24a27be47fc 13 hours ago 302MB
centos-httpd v1 261068bcb384 14 hours ago 302MB
registry latest d3241e050fc9 5 days ago 24.2MB
192.168.12.22:5000/centos v1 5d0da3dc9764 6 months ago 231MB
centos latest 5d0da3dc9764 6 months ago 231MB
goharbor/chartmuseum-photon v0.9.0-v1.8.2 e72f3e685a37 2 years ago 130MB
下载,可以复制pull 命令
[root@localhost harbor]# docker pull 192.168.12.22/hahhah/centos-httpd:v1
v1: Pulling from hahhah/centos-httpd
Digest: sha256:cb8106cf575bb0f1b15b67414caede979a423b126378b3b0913a3d0dd856aca5
Status: Downloaded newer /image for 192.168.12.22/hahhah/centos-httpd:v1
192.168.12.22/hahhah/centos-httpd:v1
自建仓库 优点: 网速好,安全性也好
