镜像编排

Dockerfile语法

CMD中的执行指令 放入前台运行 需要通过rpm -ql 包 | grep bao.service 看里面的启动命令

语法指令	语法说明
FROM	基础镜像
RUN	制作镜像时执行的命令，可以有多个
ADD	复制文件到镜像，自动解压
COPY	复制文件到镜像，不解压
EXPOSE	声明开放的端口
ENV	设置容器启动后的环境变量
WORKDIR	定义容器默认工作目录（等于cd）
CMD	容器启动时执行的命令，仅可以有一条CMD

mkdir apache
cd apache
vim Dockerfile
FROM mycentos:latest
RUN  yum install -y httpd php && yum clean all
ENV  LANG=C
ADD  myweb.tar.gz /var/www/html/
WORKDIR /var/www/html/
EXPOSE 80
CMD  ["/usr/sbin/httpd", "-DFOREGROUND"]


[root@docker-0002 apache]# docker build -t myapache:latest .
Successfully tagged myapache:latest

 

制作phpfpm镜像

mkdir pfp-fpm
cd php-fpm
vim Dockerfile
FROM mycentos:latest
RUN  yum install -y php-fpm && yum clean all
EXPOSE 9000
CMD ["/usr/sbin/php-fpm", "--nodaemonize"]

[root@docker php-fpm]# docker build -t myfpm:latest .
Successfully tagged myfpm:latest

制作nginx镜像

编译软件包 在真机上 通过 httpd通过

[root@docker-0002 ~]# useradd nginx
[root@docker-0002 ~]# yum install -y gcc make pcre-devel openssl-devel
[root@docker-0002 ~]# tar zxf nginx-1.17.6.tar.gz
[root@docker-0002 ~]# cd nginx-1.17.6/
[root@docker-0002 nginx-1.17.6]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module
[root@docker-0002 nginx-1.17.6]# make && make install
[root@docker-0002 nginx-1.17.6]# echo 'Nginx is running !' >/usr/local/nginx/html/index.html
制作镜像
[root@docker-0002 ~]# mkdir nginx
[root@docker-0002 ~]# cd nginx
[root@docker-0002 nginx]# tar czf nginx.tar.gz -C /usr/local nginx
[root@docker-0002 nginx]# vim Dockerfile 
FROM mycentos:latest
RUN  yum install -y pcre openssl && useradd nginx && yum clean all
ADD  nginx.tar.gz /usr/local/
WORKDIR /usr/local/nginx/html
EXPOSE 80
CMD  ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
[root@docker-0002 nginx]# docker build -t mynginx:latest .
Successfully tagged mynginx:latest

微服务

对外发布服务

docker run -itd -p 宿主机端口:容器端口 镜像名称:标签

容器共享卷

docker run -itd -v 宿主机对象:容器内对象 镜像名称:标签

就是NFS挂载

docker私有仓库

私有仓库配置

docker-distribution

/etc/docker-distribution/registry/config.yml

/var/lib/registry

默认端口5000

标签：http://仓库IP:5000/v2/_catalog

        curl http://registry:5000/v2/_catalog

名称：http://仓库IP:5000/v2/镜像名称:tags/list

        curl http://registry:5000/v2/library/myos/tags/list

仓库的下载按照写的顺序执行，前面的先找 

[root@registry ~]# yum install -y docker-distribution
[root@registry ~]# systemctl enable --now docker-distribution
[root@registry ~]# curl http://127.0.0.1:5000/v2/_catalog
{"repositories":[]}

客户端配置

[root@docker-0001 ~]# vim /etc/hosts
192.168.1.30	registry
[root@docker-0001 ~]# vim /etc/docker/daemon.json
{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "registry-mirrors": ["http://registry:5000","https://hub-mirror.c.163.com"],
    "insecure-registries":["192.168.1.30:5000","registry:5000"]
}
[root@docker-0001 ~]# docker rm -f $(docker ps -aq)
[root@docker-0001 ~]# systemctl restart docker

上传镜像

[root@docker-0001 ~]# docker tag myos:latest registry:5000/library/myos:latest
[root@docker-0001 ~]# docker push registry:5000/library/myos:latest
The push refers to repository [registry:5000/library/myos]
af5f00549b79: Pushed 
latest: digest: sha256:c130aafc1c2104f896ae03393740192d47 size: 527
[root@docker-0001 ~]# # 上传所有 myos 镜像
[root@docker-0001 ~]# docker tag centos:7 registry:5000/myimg/centos:7
[root@docker-0001 ~]# docker push registry:5000/myimg/centos:7
The push refers to repository [registry:5000/myimg/centos]
174f56854903: Pushed 
7: digest: sha256:dead07b4d8ed59d839686a31da35a3b532f size: 529

tag

docker tag 镜像名称:标签 registry:5000/library/镜像名称:标签

push

docker push registry:5000/library/myos:latest

pull下载

docker pull registry:5000/library/myos:v2009

验证测试

查看镜像名称： curl http://仓库IP:5000/v2/_catalog
查看镜像标签： curl http://仓库IP:5000/v2/镜像名称/tags/list

仓库中的 library 是默认路径，允许容器不需要指明地址

curl http://registry:5000/v2/library/myos/tags/list| python -m json.tool

以json的格式展示有哪些镜像

[root@docker-0002 ~]# vim /etc/hosts
192.168.1.30	registry
[root@docker-0002 ~]# vim /etc/docker/daemon.json
{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "registry-mirrors": ["http://registry:5000","https://hub-mirror.c.163.com"],
    "insecure-registries":["192.168.1.30:5000","registry:5000"]
}
[root@docker-0002 ~]# docker rm -f $(docker ps -aq)
[root@docker-0002 ~]# docker rmi -f $(docker images -aq)
[root@docker-0002 ~]# systemctl restart docker
# 查看镜像名称
[root@docker-0002 ~]# curl http://registry:5000/v2/_catalog
{"repositories":["library/myos","myimg/centos"]}
# 查看镜像标签
[root@docker-0002 ~]# curl http://registry:5000/v2/library/myos/tags/list
{"name":"library/myos","tags":["latest","httpd","phpfpm","nginx","v2009"]}
# 仓库中的 library 是默认路径，允许容器不需要指明地址
[root@docker-0002 ~]# docker run -it myos:v2009
[root@634766f788d6 /]# 
# 如果不是默认路径，运行容器需要指明镜像地址
[root@docker-0002 ~]# docker run -it registry:5000/myimg/centos:7
[root@2b7cd6d88a76 /]# 

docker rm -f $(docker ps -aq)

docker rmi -f $(docker images -aq)