简述:
Docker的容器技术可以在一台主机上轻松为任何应用创建一个轻量级的、可移植的、自给自足的容器。通过这种容器打包应用程序,意味着简化了重新部署、调试这些琐碎的重复工作,极大的提高了工作效率。例如:项目从腾讯云迁移阿里云,如果采用了Docker容器技术,迁移只需要在新的云服务器上启动项目需要的容器即可。
随着云计算和DevOps生态圈的蓬勃发展,产生了大量优秀的系统和软件。软件开发人员可以自由选择各种软件应用环境。但同时带来的问题就是需要维护一个非常庞大的开发(Dev)、测试(Test)、预上线(UAT)和生产环境(Pro)。面对这种情况,Docker容器技术横空出世、提供了简单、灵活、高效的解决方案,不需要过多地改变现有的使用习惯,就可以和已有的工具进行整合。因此,掌握Docker相关技术也是途径云计算的必经之路。
Docker是在Linux容器里运行应用的开源容器管理工具,可以理解为轻量级的“虚拟机”。它诞生于 2013 年初,最初是 DotCloud 公司内部商业版项目,后来更换架构师,此架构师将Docker进行了开源,导致Docker使用人员增多。基于 Google公司推出的 Go(Golang) 语言开发。该项目后来加入了Linux基金会,遵从了Apache 2.0协议进行推广,项目代码在 GitHub(https://github.com/docker)上进行维护。
Docker 自开源后受到广泛的业内人士及社区的关注,以至于DotCloud公司后来都改名为 Docker Inc。RedHat系列系统从 RHEL6.5 版本开始支持 Docker;Google 也在其 PaaS 产品中广泛应用。
官方网站:Docker: Accelerated, Containerized Application Development
环境:选择虚拟化引擎
关闭防火墙规则
[root@localhost ~]# iptables -F
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
yum安装docker
[root@localhost yum.repos.d]# yum -y install docker
启动并设置开机启动
[root@localhost yum.repos.d]# systemctl start docker
[root@localhost yum.repos.d]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost yum.repos.d]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64
Experimental: false
安装docker-ce
[root@localhost yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
--2023-07-31 13:39:06-- http://mirrors.aliyun.com/repo/Centos-7.repo
正在解析主机 mirrors.aliyun.com (mirrors.aliyun.com)... 42.202.211.87, 42.202.211.96, 124.238.244.137, ...
正在连接 mirrors.aliyun.com (mirrors.aliyun.com)|42.202.211.87|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:2523 (2.5K) [application/octet-stream]
正在保存至: “/etc/yum.repos.d/CentOS-Base.repo”
100%[=============================================================>] 2,523 --.-K/s 用时 0s
2023-07-31 13:39:06 (257 MB/s) - 已保存 “/etc/yum.repos.d/CentOS-Base.repo” [2523/2523])
[root@localhost yum.repos.d]# yum -y install yum-utils device-mapper-persistent-data lvm2
[root@localhost yum.repos.d]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@localhost yum.repos.d]# ll
-rw-r--r--. 1 root root 2081 7月 31 13:43 docker-ce.repo
[root@localhost yum.repos.d]# yum -y install docker-ce
[root@localhost yum.repos.d]# systemctl start docker
[root@localhost yum.repos.d]# systemctl enable docker
阿里云镜像加速
[root@localhost yum.repos.d]# cat << END > /etc/docker/daemon.json
> {
> "registry-mirrors":[ "https://nyakyfun.mirror.aliyuncs.com" ]
> }
> END
[root@localhost yum.repos.d]# vim /etc/docker/daemon.json
{
"registry-mirrors":[ "https://nyakyfun.mirror.aliyuncs.com" ]
}
[root@localhost yum.repos.d]# systemctl daemon-reload
[root@localhost yum.repos.d]# systemctl restart docker
查看基本信息
[root@localhost yum.repos.d]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-209.git7d71120.el7.centos.x86_64
Go version: go1.10.3
Git commit: 7d71120/1.13.1
Built: Wed Mar 2 15:25:43 2022
OS/Arch: linux/amd64
Experimental: false
查看详细信息
[root@localhost yum.repos.d]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.13.1
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: 8891bca22c049cd2dcf13ba2438c0bac8d7f3343 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
selinux
Kernel Version: 3.10.0-1160.92.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 1
Total Memory: 3.682 GiB
Name: localhost.localdomain
ID: U54H:7JJ6:COSW:UIMR:LSNL:FP7H:NANJ:NJPQ:K6FZ:3DMR:J26D:LWRR
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://nyakyfun.mirror.aliyuncs.com
Live Restore Enabled: false
Registries: docker.io (secure)
Docker镜像操作
搜索镜像 命令格式:docker search 关键字
下载nginx镜像
[root@localhost ~]# docker pull nginx
Using default tag: latest
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
a2abf6c4d29d: Pull complete
a9edb18cadd1: Pull complete
589b7251471a: Pull complete
186b1aaa4aa6: Pull complete
b4df32aa5a72: Pull complete
a0bcbecc962e: Pull complete
Digest: sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Status: Downloaded newer image for docker.io/nginx:latest
下载centos镜像
[root@localhost ~]# docker pull centos
Using default tag: latest
Trying to pull repository docker.io/library/centos ...
latest: Pulling from docker.io/library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for docker.io/centos:latest
查看所有镜像信息
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
查看指定镜像信息 命令格式:docker inspect 镜像名或镜像ID
为镜像添加标签(类似软连接)
[root@localhost ~]# docker tag nginx nginx:ttt
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
nginx ttt 605c77e624dd 19 months ago 141 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
删除
[root@localhost ~]# docker rmi nginx:ttt
Untagged: nginx:ttt
Untagged: docker.io/nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
把镜像存到本地文件
命令格式:docker save -o 存出镜像为本地文件 镜像名
[root@localhost ~]# docker save -o nginx-images nginx
[root@localhost ~]# ls
anaconda-ks.cfg nginx-images
验证
[root@localhost ~]# docker rmi nginx
Untagged: nginx:latest
Deleted: sha256:605c77e624ddb75e6110f997c58876baa13f8754486b461117934b24a9dc3a85
Deleted: sha256:b625d8e29573fa369e799ca7c5df8b7a902126d2b7cbeb390af59e4b9e1210c5
Deleted: sha256:7850d382fb05e393e211067c5ca0aada2111fcbe550a90fed04d1c634bd31a14
Deleted: sha256:02b80ac2055edd757a996c3d554e6a8906fd3521e14d1227440afd5163a5f1c4
Deleted: sha256:b92aa5824592ecb46e6d169f8e694a99150ccef01a2aabea7b9c02356cdabe7c
Deleted: sha256:780238f18c540007376dd5e904f583896a69fe620876cabc06977a3af4ba4fb5
Deleted: sha256:2edcec3590a4ec7f40cf0743c15d78fb39d8326bc029073b41ef9727da6c851f
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
[root@localhost ~]# docker load<nginx-images
2edcec3590a4: Loading layer 83.86 MB/83.86 MB
e379e8aedd4d: Loading layer 62 MB/62 MB
b8d6e692a25e: Loading layer 3.072 kB/3.072 kB
f1db227348d0: Loading layer 4.096 kB/4.096 kB
32ce5f6a5106: Loading layer 3.584 kB/3.584 kB
d874fd2bc83b: Loading layer 7.168 kB/7.168 kB
Loaded image: docker.io/nginx:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
Docker 容器操作
容器是Docker 的另一个核心概念,简单说,容器是镜像的一个运行实例,是独立运行
的一个或一组应用以及它们所必需的运行环境,包括文件系统、系统类库、shell 环境等。
镜像是只读模板,而容器会给这个只读模板一个额外的可写层。
下面将具体介绍围绕容器的具体操作。
1、创建容器与运行容器
Docker 的创建就是将镜像加载到容器的过程,Docker 的容器十分轻量级,用户可以随
时创建或者删除。新创建的容器默认处于停止状态,不运行任何程序,需要在其中发起一个
进程来启动容器,这个进程是该容器的唯一进程,所以当该进程结束的时候,容器也会完全
停止。停止的容器可以重新启动并保留原来的修改。可以使用docker create 命令新建一个容器。
命令格式:docker create [选项]… 镜像运行的程序
常用选项:
- -i 让容器的输入保持打开
- -t 让Docker 分配一个伪终端
- -d 守护进程形式运行
创建容器
[root@localhost ~]# docker create -it centos /bin/bash
98f68500e69567459fa7125cfcddbe309f18a51ba125ac3af6bb657103b89048
查看容器运行状态
使用docker create 命令创建新容器后会返回一个唯一的ID。a代表所有容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
98f68500e695 centos "/bin/bash" 26 seconds ago Created suspicious_franklin
启动容器
[root@localhost ~]# docker start 98f68500e695
98f68500e695
创建容器并执行一条shell命令
[root@localhost ~]# docker run centos /bin/bash -c ls /
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9497f8c130be centos "/bin/bash -c ls /" 36 seconds ago Exited (0) 35 seconds ago romantic_williams
98f68500e695 centos "/bin/bash" 3 minutes ago Up About a minute suspicious_franklin
后台运行容器
[root@localhost ~]# docker run -d nginx /bin/bash -c "while true;do echo hello;done"
71dd7c6aad86aa4d2c69e1e175729c59f706e21c28ff340edfd7a7784d02c327
查看容器状态 -a是所有 -q只看容器id
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS
71dd7c6aad86 nginx "/docker-entrypoin..." 27 seconds ago Up 25 seconds
9497f8c130be centos "/bin/bash -c ls /" 3 minutes ago Exited (0) 3 minutes ago
98f68500e695 centos "/bin/bash" 5 minutes ago Up 4 minutes
查看容器输出 运行
[root@localhost ~]# docker logs 71dd7c6aad86
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
停止容器
[root@localhost ~]# docker stop 71dd7c6aad86
71dd7c6aad86
查看
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
71dd7c6aad86 nginx "/docker-entrypoin..." 3 minutes ago Exited (137) 11 seconds ago trusting_sammet
9497f8c130be centos "/bin/bash -c ls /" 6 minutes ago Exited (0) 6 minutes ago romantic_williams
98f68500e695 centos "/bin/bash" 8 minutes ago Up 7 minutes suspicious_franklin
进入容器
需要进入容器进行相应操作时,可以使用docker exec 命令或者docker attach命令进入运行着的容器。
命令格式:docker exec -it 容器ID/名称/bin/bash
其中,-i 选项表示让容器的输入保持打开;
-t 选项表示让Docker 分配一个伪终端。
[root@localhost ~]# docker exec -it 71dd7c6aad86 /bin/bash
root@71dd7c6aad86:/# exit
exit
保证容器后台运行
[root@localhost ~]# docker attach 容器id
容器的导出与导入
用户可以将任何一个Docker 容器从一台机器迁移到另一台机器。在迁移过程中,首先需要将已经创建好的容器导出为文件,可以使用docker export 命令实现,无论这个容器是处于运行状态还是停止状态均可导出。导出之后可将导出文件传输到其他机器,通过相应的导入命令实现容器的迁移。
命令格式:docker export 容器ID/名称>文件名
导出31328ac9cd33容器到文件centos-exp:
[root@localhost ~]# docker run -it centos /bin/bash
[root@31328ac9cd33 /]# touch crushilnux
[root@31328ac9cd33 /]# exit
exit
[root@localhost ~]# docker export 31328ac9cd33>centos-exp查看
[root@localhost ~]# ls -l centos-exp
-rw-r--r--. 1 root root 238594048 7月 31 14:26 centos-exp导出的文件从A 机器拷贝到B 机器,之后使用docker import 命令导入,成为镜像。
命令格式:cat 文件名| docker import – 生成的镜像名称:标签
例如,导入文件centos7.tar成为本地镜像:
[root@localhost ~]# cat centos-exp | docker import - centos:exp
sha256:c85e59d0ca2f97e3dce46185d92708f22839501bf7126e64929c243b5d65fd83
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos exp c85e59d0ca2f 19 seconds ago 231 MB
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
文件复制
将主机文件 拷贝到31328ac9cd33:/tmp 目录下
[root@localhost ~]# docker cp /root/anaconda-ks.cfg 31328ac9cd33:/tmp
[root@localhost ~]# docker start 31328ac9cd33
31328ac9cd33
[root@localhost ~]# docker attach 31328ac9cd33
[root@31328ac9cd33 /]# ls /tmp
anaconda-ks.cfg ks-script-4luisyla ks-script-o23i7rc2 ks-script-x6ei4wuu
查看容器资源使用率
[root@localhost ~]# docker stats
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
71dd7c6aad86 3.37% 268 KiB / 3.682 GiB 0.01% 2.62 kB / 656 B 0 B / 0 B 1
98f68500e695 0.00% 528 KiB / 3.682 GiB 0.01% 4.68 kB / 656 B 0 B / 0 B 1
查看容器进程状态
[root@localhost ~]# docker top 71dd7c6aad86
UID PID PPID C STIME TTY TIME CMD
root 9539 9525 7 14:18 ? 00:02:16 /bin/bash -c while true;do echo hello;done
更新容器配置
在docker服务重启时自动启动容器
[root@localhost ~]# docker update --restart=always 31328ac9cd33
31328ac9cd33
