Docker第一周作业笔记
namespace的类型及功能
namespace是Linux内核提供的功能,每个docker容器运行在同一个docker主进程中,并且共用同一个宿主机的内核,各容器之间的文件系统,网络空间,进程空间等不受干扰。
| 隔离类型 | 功能 |
|---|---|
| MNT Namespace | 提供磁盘挂载点和文件系统的隔离能力 |
| IPC Namespace(Inter-Process Communication) | 提供进程间通信的隔离能力 |
| UTS Namespace(UNIX Timesharing System) | 提供主机名隔离能力 |
| PID Namespace(Process Identification) | 提供进程隔离能力 |
| Net Namespace(network) | 提供网络隔离能力 |
| User Namespace(user) | 提供用户隔离能力 |
| Time Namespace | 提供时间隔离能力 |
| Syslog Namespace | 提供syslog隔离能力 |
| Control group (cgroup) Namespace | 提供进程所属的控制组的身份隔离 |
MNT Namespace
提供磁盘挂载点和文件系统的隔离
1 宿主机是使用了chroot技术把容器锁定到一个指定的运行目录里面并作为容器的根运行环境
2 每个容器都要有独立的根文件系统,容器不能访问宿主机的根文件系统
IPC Namespace
提供进程间通信的隔离
IPC namespce隔离进程间通信资源(同一个IPCnamespace的进程可实现内存等资源共享,但是不同的
IPC namespace则严格隔离)
UTS Namespace
提供主机名隔离
使得一个容器拥有属于自己hostname标识,这个主机名标识独立于宿主机系统和其上的其他容器
PID Namespace
提供进程隔离
Linux系统中,有一个PID为1的进程(init/systemd)是其他所有进程的父进程,那么在每个容器内也
要有一个父进程来管理其下属的子进程,那么多个容器的进程通过PID namespace进程隔离
Net Namespace
提供网络隔离
每一个容器都类似于虚拟机一样有自己的网卡、监听端口、TCP/IP协议栈等,docker使用network namespace启动一个vethX接口,这样你的容器将拥有它自己的桥接ip地址,通常是docker0,而docker0实质就是Linux的虚拟网桥,网桥是在OSI七层模型的数据链路层的网络设备,通过mac地址对网络进行划分,并且在不同网络直接传递数据。
User Namespace
提供用户隔离
允许在各个宿主机的各个容器空间内创建相同的用户名以及相同的用户UID和GID,只是会把用户的作用范围限制在每个容器内,即A容器和B容器可以有相同的用户名称和ID的账户,但是此用户的有效范围仅是当前容器内,不能访问另外一个容器内的文件系统,即相互隔离、互不影响
Time Namespace
提供时间隔离
为每个容器之间提供时间隔离,各容器也与宿主机的时间隔离
Syslog Namespace
提供syslog隔离能力
为每个容器之间提供系统日志的隔离,各容器也与宿主机的的日志隔离
Control group (cgroup) Namespace
提供进程所属的控制组的身份隔离
在一个容器,如果不对其做任何资源限制,则宿主机会允许其占用无限大的内存空间,有时候会因为代码bug程序会一直申请内存,直到把宿主机内存占完,为了避免此类的问题出现,宿主机有必要对容器进行资源分配限制,比如CPU、内存等,Linux Cgroups的全称是Linux Control Groups,它最主要的作用,就是限制一个进程组能够使用的资源上限,包括CPU、内存、磁盘、网络带宽等等。此外,还能够对进程进行优先级设置,以及将进程挂起和恢复等操作。
# Cgroups在内核层默认已经开启,从centos和ubuntu 对比结果来看,内核较新的ubuntu 支持的功能更多。 [root@node01 ~]# cat /boot/config-3.10.0-1160.el7.x86_64 | grep MEM | grep CG | grep -v '^#' CONFIG_MEMCG=y CONFIG_MEMCG_SWAP=y CONFIG_MEMCG_SWAP_ENABLED=y CONFIG_MEMCG_KMEM=y
低级容器运行时与高级容器运行时
High-Level:高级运行时提供基于API的远程管理操作,客户端可以通过高级别运行时管理容器的整个生命周期(创建、删除、重启、
停止),高级别运行时并不真正直接运行容器,而是调用低级别运行时运行,比如dockerd、containerd都是高级别运行时。
Low-Level :接受高级别运行时的指令,按照响应的指令运行容器,因此低级别运行时真是运行容器的
地方,例如runc。Docker 存储引擎
Overlay:UnionFS文件系统,Linux内核3.18后支持。
overlay2: Overlay的升级版,到目前为止,所有Linux发行版推荐使用的存储类型。
devicemapper:是CentOS和RHEL的早期使用的存储驱动程序,因为之前的内核版本较低不支持overlay2,但是当前较新版本的CentOS和RHEL现在已经支持overlay2,因此推荐使用overlay2。
ZFS(Sun-2005)/btrfs(Oracle-2007):目前没有广泛使用。
vfs: 用于测试环境,适用于无法使用copy-on-write文件系统的情况。 此存储驱动程序的性能很差,通常不建议用于生产。
AUFS(Another UnionFS): 是早期的一种UnionFS文件系统的实现,是Docker 18.06及更早版本使用的存储引擎。
https://docs.docker.com/storage/storagedriver/select-storage-driver/
安装Docker
# 参照阿里云(<https://developer.aliyun.com/mirror/docker-ce?spm=a2c6h.13651102.0.0.57e31b11fU5EIo>) # step 1: 安装必要的一些系统工具 yum install -y yum-utils device-mapper-persistent-data lvm2 # Step 2: 添加软件源信息 yum-config-manager --add-repo <https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo> # Step 3 sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo # Step 4: 重新生成yum缓存 yum makecache fast yum -y install docker-ce # 查看可以安装的版本 # --showduplicates 显示副本 [root@node01 yum.repos.d]# yum list docker-ce.x86_64 --showduplicates | sort -r Loading mirror speeds from cached hostfile Loaded plugins: fastestmirror docker-ce.x86_64 3:24.0.2-1.el7 docker-ce-stable docker-ce.x86_64 3:24.0.1-1.el7 docker-ce-stable docker-ce.x86_64 3:24.0.0-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.6-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.5-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.4-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.3-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.2-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.1-1.el7 docker-ce-stable docker-ce.x86_64 3:23.0.0-1.el7 docker-ce-stable docker-ce.x86_64 3:20.10.9-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.8-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.7-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.6-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.5-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.4-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.3-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.24-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.2-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.23-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.22-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.21-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.20-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.19-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.18-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.17-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.16-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.15-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.14-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.1-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.13-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.12-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.11-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.10-3.el7 docker-ce-stable docker-ce.x86_64 3:20.10.0-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.9-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.7-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.6-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.4-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.3-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.2-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.15-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.14-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.1-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.13-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.12-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.11-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.10-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.9-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.8-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.7-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.4-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable # yum install docker-ce, 这个就是安装最新版 # 指定版本安装 [root@node01 yum.repos.d]# yum install docker-ce-24.0.2-1 # Step 4: 开启Docker服务 [root@node01 yum.repos.d]# systemctl start docker [root@node01 yum.repos.d]# systemctl enable docker Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. # <https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors> # 配置阿里云的加速器的方法如下图 # 编写/etc/docker/daemon.json文件 # "storage-driver":"overlay2", -- 使用overlay2 # "exec-opts":["native.cgroupdriver=systemd"], 这个一定要配置,默认是cgroups [root@node01 yum.repos.d]# cat /etc/docker/daemon.json { "storage-driver":"overlay2", "registry-mirrors":["<https://d9yz3pz4.mirror.aliyuncs.com>"], "exec-opts":["native.cgroupdriver=systemd"], "live-restore":false, "log-opts":{ "max-file":"5", "max-size":"100m" } } [root@node01 yum.repos.d]# systemctl daemon-reload [root@node01 yum.repos.d]# systemctl restart docker [root@node01 yum.repos.d]# docker info Client: Docker Engine - Community Version: 24.0.2 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.10.5 Path: /usr/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.18.1 Path: /usr/libexec/docker/cli-plugins/docker-compose Server: **Containers: 0 # 当前主机运行的容器总数** **Running: 0 # 有几个容器是正在运行的 Paused: 0 # 有几个容器是暂停的 Stopped: 0 # 有几个容器是停止的** **Images: 0 # 当前服务器的镜像数** **Server Version: 24.0.2 # 服务端版本** **Storage Driver: overlay2 # 当前使用的存储引擎** **Backing Filesystem: xfs # 后端文件系统,即服务器的磁盘文件系统** **Supports d_type: true # 是否支持d_type, d_type就是镜像的分层存储, centos7.3以及以上需要才支持** Using metacopy: false **Native Overlay Diff: true #是否支持差异数据存储** **userxattr: false #是否在挂载文件系统启用对扩展用户属性的支持(如文件的 mime 类型、字符集或编码)** **Logging Driver: json-file #日志类型** **Cgroup Driver: systemd # Cgroups类型, 默认是cgroups, 修改/etc/docker/daemon.json文件修改为systemd** **Cgroup Version: 1 #Cgroup 版本** **Plugins: # 插件** **Volume: local #支持的卷插件** **Network: bridge host ipvlan macvlan null overlay # overlay夸主机通信** **Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog # 日志类型** Swarm: inactive **Runtimes: io.containerd.runc.v2 runc # 已安装的容器运行时** **Default Runtime: runc #默认使用的容器运行时** **Init Binary: docker-init #初始化容器的守护进程,即pid为1的进程** **containerd version: 3dce8eb055cbb6872793272b4f20ed16117344f8 # containerd 版本** **runc version: v1.1.7-0-g860f061 # runc版本** **init version: de40ad0 # init版本** **Security Options: #安全模块 seccomp #审计(操作)** **Profile: builtin #默认的配置文件** **Kernel Version: 3.10.0-1160.el7.x86_64 #宿主机内核版本 Operating System: CentOS Linux 7 (Core) #宿主机操作系统 OSType: linux #宿主机操作系统类型 Architecture: x86_64 #宿主机架构 CPUs: 2 #宿主机CPU数量 Total Memory: 3.682GiB #宿主机总内存 Name: node01 #宿主机hostname ID: d376b155-cc2e-4324-903c-5b3b1b664433 #宿主机ID Docker Root Dir: /var/lib/docker #宿主机数据保存目录 Debug Mode: false #client端是否开启debug** **Experimental: false #是否测试版 Insecure Registries: #非安全的镜像仓库 127.0.0.0/8 Registry Mirrors: <https://d9yz3pz4.mirror.aliyuncs.com/> Live Restore Enabled: false #是否开启活动重启(重启docker-daemon不关闭容器)** [root@node01 yum.repos.d]# docker version Client: Docker Engine - Community Version: 24.0.2 API version: 1.43 Go version: go1.20.4 Git commit: cb74dfc Built: Thu May 25 21:55:21 2023 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 24.0.2 API version: 1.43 (minimum version 1.12) Go version: go1.20.4 Git commit: 659604f Built: Thu May 25 21:54:24 2023 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.21 GitCommit: 3dce8eb055cbb6872793272b4f20ed16117344f8 runc: Version: 1.1.7 GitCommit: v1.1.7-0-g860f061 docker-init: Version: 0.19.0 GitCommit: de40ad0
Docker命令
镜像管理
# 搜索镜像 [root@node01 ~]# docker search centos NAME DESCRIPTION STARS OFFICIAL AUTOMATED centos DEPRECATED; The official build of CentOS. 7605 [OK] kasmweb/centos-7-desktop CentOS 7 desktop for Kasm Workspaces 38 bitnami/centos-base-buildpack Centos base compilation image 0 [OK] couchbase/centos7-systemd centos7-systemd images with additional debug… 8 [OK] continuumio/centos5_gcc5_base 3 datadog/centos-i386 0 dokken/centos-7 CentOS 7 image for kitchen-dokken 5 dokken/centos-8 CentOS 8 image for kitchen-dokken 3 spack/centos7 CentOS 7 with Spack preinstalled 1 dokken/centos-6 EOL: CentOS 6 image for kitchen-dokken 0 atlas/centos7-atlasos ATLAS CentOS 7 Software Development OS 0 couchbase/centos-72-java-sdk 0 spack/centos6 CentOS 6 with Spack preinstalled 1 ustclug/centos Official CentOS Image with USTC Mirror 0 couchbase/centos-72-jenkins-core 0 couchbase/centos-70-sdk-build 0 couchbase/centos-69-sdk-build 0 couchbase/centos-69-sdk-nodevtoolset-build 0 dokken/centos-stream-8 4 eclipse/centos_jdk8 CentOS, JDK8, Maven 3, git, curl, nmap, mc, … 5 [OK] adoptopenjdk/centos7_build_image 1 corpusops/centos-bare <https://github.com/corpusops/docker-images/> 0 dokken/centos-stream-9 6 corpusops/centos centos corpusops baseimage 0 adoptopenjdk/centos6_build_image 0 # 查看镜像 [root@node01 ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx alpine3.17 4937520ae206 3 weeks ago 41.4MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx alpine3.17 4937520ae206 3 weeks ago 41.4MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB # 下拉镜像 [root@node01 ~]# docker pull centos:7.9.2009 7.9.2009: Pulling from library/centos 2d473b07cdd5: Pull complete Digest: sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 Status: Downloaded newer image for centos:7.9.2009 docker.io/library/centos:7.9.2009 # 查看一个镜像的构建历史 [root@node01 ~]# docker history nginx:alpine3.17 IMAGE CREATED CREATED BY SIZE COMMENT 4937520ae206 3 weeks ago /bin/sh -c set -x && apkArch="$(cat /etc… 29.6MB <missing> 3 weeks ago /bin/sh -c #(nop) ENV NJS_VERSION=0.7.12 0B <missing> 3 weeks ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B <missing> 3 weeks ago /bin/sh -c #(nop) STOPSIGNAL SIGQUIT 0B <missing> 3 weeks ago /bin/sh -c #(nop) EXPOSE 80 0B <missing> 3 weeks ago /bin/sh -c #(nop) ENTRYPOINT ["/docker-entr… 0B <missing> 3 weeks ago /bin/sh -c #(nop) COPY file:e57eef017a414ca7… 4.62kB <missing> 3 weeks ago /bin/sh -c #(nop) COPY file:36429cfeeb299f99… 3.01kB <missing> 3 weeks ago /bin/sh -c #(nop) COPY file:d4375883ed5db364… 276B <missing> 3 weeks ago /bin/sh -c #(nop) COPY file:5c18272734349488… 2.12kB <missing> 3 weeks ago /bin/sh -c #(nop) COPY file:7b307b62e82255f0… 1.62kB <missing> 3 weeks ago /bin/sh -c set -x && addgroup -g 101 -S … 4.74MB <missing> 3 weeks ago /bin/sh -c #(nop) ENV PKG_RELEASE=1 0B <missing> 3 weeks ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.25.1 0B <missing> 3 weeks ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B <missing> 3 weeks ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B <missing> 3 weeks ago /bin/sh -c #(nop) ADD file:828b07e74c184e7f2… 7.05MB #显示镜像的详细信息 [root@node01 ~]# docker inspect hello-world [ { "Id": "sha256:feb5d9fea6a5e9606aa995e879d862b825965ba48de054caab5ef356dc6b3412", "RepoTags": [ "hello-world:latest" ], "RepoDigests": [ "hello-world@sha256:2498fce14358aa50ead0cc6c19990fc6ff866ce72aeb5546e1d59caac3d0d60f" ], "Parent": "", "Comment": "", "Created": "2021-09-23T23:47:57.442225064Z", "Container": "8746661ca3c2f215da94e6d3f7dfdcafaff5ec0b21c9aff6af3dc379a82fbc72", "ContainerConfig": { "Hostname": "8746661ca3c2", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/bin/sh", "-c", "#(nop) ", "CMD [\\"/hello\\"]" ], "Image": "sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": {} }, "DockerVersion": "20.10.7", "Author": "", "Config": { "Hostname": "", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/hello" ], "Image": "sha256:b9935d4e8431fb1a7f0989304ec86b3329a99a25f5efdc7f09f3f8c41434ca6d", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": null }, "Architecture": "amd64", "Os": "linux", "Size": 13256, "VirtualSize": 13256, "GraphDriver": { "Data": { "MergedDir": "/var/lib/docker/overlay2/10130f39bae42fd558ca9a64828b0e2915ac63eede0d7312ca090d67e9f39473/merged", "UpperDir": "/var/lib/docker/overlay2/10130f39bae42fd558ca9a64828b0e2915ac63eede0d7312ca090d67e9f39473/diff", "WorkDir": "/var/lib/docker/overlay2/10130f39bae42fd558ca9a64828b0e2915ac63eede0d7312ca090d67e9f39473/work" }, "Name": "overlay2" }, "RootFS": { "Type": "layers", "Layers": [ "sha256:e07ee1baac5fae6a26f30cabfe54a36d3402f96afda318fe0a96cec4ca393359" ] }, "Metadata": { "LastTagTime": "0001-01-01T00:00:00Z" } } ] # 给镜像重新打标签 [root@node01 ~]# docker tag centos:7.9.2009 centos:7.9 # 上传镜像到阿里云,先登录 [root@node01 ~]# docker login --username=西江sunrise registry.cn-hangzhou.aliyuncs.com # 查看docker的验证信息 [root@node01 ~]# cat /root/.docker/config.json { "auths": { "registry.cn-hangzhou.aliyuncs.com": { "auth": "xxxxxxxxxxxxxxx" } } } [root@node01 ~]# docker tag centos:7.9 registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx alpine3.17 4937520ae206 3 weeks ago 41.4MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB centos 7.9 eeb6ee3f44bd 21 months ago 204MB centos 7.9.2009 eeb6ee3f44bd 21 months ago 204MB registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx centos7.9 eeb6ee3f44bd 21 months ago 204MB centos latest 5d0da3dc9764 21 months ago 231MB [root@node01 ~]# docker push registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 The push refers to repository [registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx] 174f56854903: Pushed centos7.9: digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f size: 529 $ docker login --username=西江sunrise registry.cn-hangzhou.aliyuncs.com $ docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:[镜像版本号] $ docker push registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:[镜像版本号] $ docker pull registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:[镜像版本号] # 删除镜像 [root@node01 ~]# docker rmi registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 Untagged: registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 Untagged: registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx@sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f [root@node01 ~]# docker rmi eeb6ee3f44bd **Error response from daemon: conflict: unable to delete eeb6ee3f44bd (must be forced) - image is referenced in multiple repositories 镜像被多个存储库使用,需要加 -f** [root@node01 ~]# docker rmi eeb6ee3f44bd -f Untagged: centos:7.9 Untagged: centos:7.9.2009 Untagged: centos@sha256:9d4bcbbb213dfd745b58be38b13b996ebb5ac315fe75711bd618426a630e0987 Deleted: sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9 Deleted: sha256:174f5685490326fc0a1c0f5570b8663732189b327007e47ff13d2ca59673db02 # 下拉镜像 [root@node01 ~]# docker pull registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 centos7.9: Pulling from lgx-sunrise/lgx 2d473b07cdd5: Pull complete Digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f Status: Downloaded newer image for registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx:centos7.9 # save 保存镜像 [root@node01 ~]# docker save nginx:alpine3.17 -o /data/images/nginx-alpine3.17.tar [root@node01 ~]# ll /data/images/nginx-alpine3.17.tar -rw------- 1 root root 43249152 Jul 6 23:58 /data/images/nginx-alpine3.17.tar [root@node01 ~]# [root@node01 ~]# docker save nginx:alpine3.17 > /data/images/nginx-alpine.tar [root@node01 ~]# ll /data/images/nginx-alpine.tar -rw-r--r-- 1 root root 43249152 Jul 7 00:01 /data/images/nginx-alpine.tar [root@node01 ~]# docker load -i /data/images/nginx-alpine.tar 3dab9f8bf2d2: Loading layer [==================================================>] 7.338MB/7.338MB bc09720137db: Loading layer [==================================================>] 5.612MB/5.612MB cb411529b86f: Loading layer [==================================================>] 3.584kB/3.584kB e7766bc830a8: Loading layer [==================================================>] 4.608kB/4.608kB 2530717ff0bb: Loading layer [==================================================>] 2.56kB/2.56kB d9f50eaf56fa: Loading layer [==================================================>] 5.12kB/5.12kB 1b22827e15b4: Loading layer [==================================================>] 7.168kB/7.168kB bdea7c663e86: Loading layer [==================================================>] 30.23MB/30.23MB Loaded image: nginx:alpine3.17 [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx alpine3.17 4937520ae206 3 weeks ago 41.4MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx centos7.9 eeb6ee3f44bd 21 months ago 204MB centos latest 5d0da3dc9764 21 months ago 231MB # 如果导入镜像不加tag,tag会变成latest,命令如下,此时如果有一个原来的镜像恰恰是nginx:lastest,且镜像id和import的id不一样的时候,则原来的奖项的tag会出现none,如下 # 这时就删了重新拉镜像的吧 [root@node01 ~]# docker import /data/images/nginx-alpine3.17.tar.gz nginx sha256:7a2bc8c6aab68a8a89274037044c217e28285cd274fe1bac8f6a21e3b2312630 [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 7a2bc8c6aab6 3 seconds ago 43.2MB nginx **<none>** 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx centos7.9 eeb6ee3f44bd 21 months ago 204MB centos latest 5d0da3dc9764 21 months ago 231MB # 如果import不跟 镜像名:tag, 会变成none:none,此时 docker image prune -f 可以删掉 [root@node01 ~]# docker import /data/images/nginx-alpine3.17.tar.gz sha256:376990e6298d955ae1a3d4afa6233d9423f877a0f67014aa80838040381c28f2 [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> 376990e6298d 55 seconds ago 43.2MB nginx 1.5 da83c9570419 3 minutes ago 43.2MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx centos7.9 eeb6ee3f44bd 21 months ago 204MB centos latest 5d0da3dc9764 21 months ago 231MB # 未被任何容器引用的镜像 # 所有标签都被删除的镜像 # 由于构建过程中出现错误而被标记为“”的镜像 # docker image prune -f # docker image prune -- 需要手动输入y # 使用docker image prune -f可以删除 [root@node01 ~]# docker image prune -f Deleted Images: **deleted: sha256:376990e6298d955ae1a3d4afa6233d9423f877a0f67014aa80838040381c28f2** Total reclaimed space: 0B
容器管理
# docker run 选项: -d 后台执行 -it 交互式方式 --name 指定名称 -v 挂载 -p 指定端口 -e 指定变量
[root@node01 ~]# docker run -it nginx:alpine3.17 sh / # / # ls bin etc mnt run tmp dev home opt sbin usr docker-entrypoint.d lib proc srv var docker-entrypoint.sh media root sys docker attach 63fbc2d5a3ec # attach进入容器后操作会在多窗口同步且退出后其它终端也会 一起退出。 # commit # c97288bc15ae 容器id # -a 作者 # -m 描述信息 # -c dockerFile的命令 Apply Dockerfile instruction to the created image [root@node01 ~]# docker commit -a "lgx" -m "v2" c97288bc15ae centos:7.9.2009-word sha256:537b72c85a8e77514d8685e0bd51efb1f3e629106f5e650c96c4b1cc1616e510 # 宿主机拷贝到容器 [root@node01 ~]# docker cp word2.txt 0da18b4731e8:/data/text/word2.txt Successfully copied 2.05kB to 0da18b4731e8:/data/text/word2.txt # 容器的文件拷贝到宿主机 [root@node01 ~]# docker cp 0da18b4731e8:/data/text/word.txt ./ Successfully copied 2.05kB to /root/./ #获取dockerd的实时事件,创建删除容器等操作 [root@node01 ~]# docker events # 推进入到容器执行命令操作,推荐使用此方式, bash或者sh [root@node01 ~]# docker run -it centos bash # 将容器文件的导出成tar.gz格式 [root@node01 ~]# docker export 0da18b4731e8 -o centos.tar.gz # docker import 压缩包 镜像名:tag -- 不能省略,否则出现none [root@node01 ~]# docker import centos.tar.gz centos:7.9-gz sha256:3c16a86338ec7d0307ec6270f5008699c1e514586a9cac43bca87b84e71f3c15 [root@node01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos 7.9-gz 3c16a86338ec 5 seconds ago 233MB centos 7.9.2009-word 537b72c85a8e 33 minutes ago 233MB nginx alpine3.17 4937520ae206 3 weeks ago 41.4MB nginx latest 605c77e624dd 18 months ago 141MB mysql latest 3218b38490ce 18 months ago 516MB hello-world latest feb5d9fea6a5 21 months ago 13.3kB registry.cn-hangzhou.aliyuncs.com/lgx-sunrise/lgx centos7.9 eeb6ee3f44bd 21 months ago 204MB centos latest 5d0da3dc9764 21 months ago 231MB [root@node01 ~]# docker run -it centos:7.9-gz bash [root@adb85c7ae285 /]# ^C [root@adb85c7ae285 /]# exit [root@node01 ~]# # 对比容器和镜像有差异的文件或目录 [root@node01 ~]# docker diff 0da18b4731e8 C /data C /data/text A /data/text/word2.txt # 创建一个新的容器且创建后的容器处于退出状态 docker create -it --name test1 nginx:1.20.2 # 强制关闭所有运行中的容器 docker kill $(docker ps -a) # 正常关闭所有运行的容器 [root@node01 ~]# docker stop `docker ps -q` 6a54298c77d6 dd9c5e3e80f6 ce128e56911a a9b9c36994d6 54a82fd5351d # 正常退出 docker stop <容器id> [root@node01 ~]# docker stop 3bccad58f36a 3bccad58f36a docker login #登录镜像仓库 docker logout #登出镜像仓库 #持续查看容器标准输出和错误输出的日志 [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3bccad58f36a nginx:1.20.2 "/docker-entrypoint.…" 3 seconds ago Up 2 seconds 80/tcp flamboyant_jennings [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# docker logs -f 3bccad58f36a /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 2023/07/06 17:37:35 [notice] 1#1: using the "epoll" event method 2023/07/06 17:37:35 [notice] 1#1: nginx/1.20.2 2023/07/06 17:37:35 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6) 2023/07/06 17:37:35 [notice] 1#1: OS: Linux 3.10.0-1160.el7.x86_64 2023/07/06 17:37:35 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2023/07/06 17:37:35 [notice] 1#1: start worker processes 2023/07/06 17:37:35 [notice] 1#1: start worker process 31 2023/07/06 17:37:35 [notice] 1#1: start worker process 32 # 列出容器,加上-a是列出包含为运行的所有容器 [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a977555af233 nginx:1.20.2 "/docker-entrypoint.…" 3 seconds ago Up 2 seconds 80/tcp tender_liskov 1456916fba8c nginx:1.20.2 "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 80/tcp magical_tesla c7877c09b8c7 nginx:1.20.2 "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 80/tcp distracted_pasteur [root@node01 ~]# docker pause a977555af233 a977555af233 [root@node01 ~]# docker ps -a | grep a977555af233 a977555af233 nginx:1.20.2 "/docker-entrypoint.…" About a minute ago Up About a minute (Paused) 80/tcp tender_liskov # 取暂停容器 [root@node01 ~]# docker unpause a977555af233 a977555af233 # 重命名镜像 [root@node01 ~]# docker rename a977555af233 nginx-lgx [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a977555af233 nginx:1.20.2 "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 80/tcp nginx-lgx 1456916fba8c nginx:1.20.2 "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 80/tcp magical_tesla c7877c09b8c7 nginx:1.20.2 "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 80/tcp distracted_pasteur # 重启容器 [root@node01 ~]# docker restart a977555af233 a977555af233 # 强制删除正在运行的容器 [root@node01 ~]# docker rm -f a977555af233 a977555af233 #批量删除已退出容器 [root@node01 ~]# docker rm `docker ps -aq -f status=exited` 6a54298c77d6 dd9c5e3e80f6 ce128e56911a # run -it 运行, ctrl + p + q 退出容器,但是容器仍然运行 [root@node01 ~]# docker run -it centos:7.9-gz bash [root@49b47c6f3bcd /]# [root@node01 ~]# [root@node01 ~]# [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 49b47c6f3bcd centos:7.9-gz "bash" 8 seconds ago Up 7 seconds elastic_shamir 1456916fba8c nginx:1.20.2 "/docker-entrypoint.…" 11 minutes ago Up 11 minutes 80/tcp magical_tesla c7877c09b8c7 nginx:1.20.2 "/docker-entrypoint.…" 11 minutes ago Up 11 minutes 80/tcp distracted_pasteur # run --name指定容器名 [root@node01 ~]# docker run -it --name centos-test centos:7.9-gz bash [root@234a2f2fb4ba /]# [root@node01 ~]# [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 234a2f2fb4ba centos:7.9-gz "bash" 11 seconds ago Up 10 seconds centos-test 49b47c6f3bcd centos:7.9-gz "bash" 2 minutes ago Up 2 minutes elastic_shamir 1456916fba8c nginx:1.20.2 "/docker-entrypoint.…" 13 minutes ago Up 13 minutes 80/tcp magical_tesla c7877c09b8c7 nginx:1.20.2 "/docker-entrypoint.…" 13 minutes ago Up 13 minutes 80/tcp distracted_pasteur # 创建多个容器并且指定端口映射 [root@node01 ~]# docker run -p 80:80/tcp -p 443:443/tcp -p 53:53/udp --name nginx-container-test1 nginx:1.20.2 /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 2023/07/06 17:58:48 [notice] 1#1: using the "epoll" event method 2023/07/06 17:58:48 [notice] 1#1: nginx/1.20.2 2023/07/06 17:58:48 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6) 2023/07/06 17:58:48 [notice] 1#1: OS: Linux 3.10.0-1160.el7.x86_64 2023/07/06 17:58:48 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2023/07/06 17:58:48 [notice] 1#1: start worker processes 2023/07/06 17:58:48 [notice] 1#1: start worker process 31 2023/07/06 17:58:48 [notice] 1#1: start worker process 32 # -d 后台运行容器, -p指定端口 [root@node01 ~]# docker run -d -p 80:80 --name nginx-container-test2 nginx:1.20.2 0aabace0474c50c94184313d93324f9bda875ec7e1fc1547d991b4a3c8649993 # 查看容器的端口映射 [root@node01 ~]# docker port 0aabace0474c 80/tcp -> 0.0.0.0:80 80/tcp -> [::]:80 # 单次运行容器,退出后容器删除 [root@node01 ~]# docker run -it --rm --name nginx-delete-test nginx:1.20.2 bash root@ba9d5cdc1312:/# ls bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var boot docker-entrypoint.d etc lib media opt root sbin sys usr root@ba9d5cdc1312:/# exit # docker run 在容器内运行命令 [root@node01 ~]# docker run centos:7.9-gz cat '/etc/hosts' 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.2 a1ebde28dd10 [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES # 启动已经退出的容器 [root@node01 ~]# docker start f17bf986ffd9 f17bf986ffd9 [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f17bf986ffd9 nginx:1.20.2 "/docker-entrypoint.…" 11 minutes ago Up 4 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:53->53/udp, :::53->53/udp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginx-container-test1 [root@node01 ~]# docker port f17bf986ffd9 53/udp -> 0.0.0.0:53 53/udp -> [::]:53 80/tcp -> 0.0.0.0:80 80/tcp -> [::]:80 443/tcp -> 0.0.0.0:443 443/tcp -> [::]:443 # 更新容器的资源 [root@node01 ~]# docker update f17bf986ffd9 --cpus 2 f17bf986ffd9 # 一直等待容器退出并显示容器的退出状态码 docker wait [root@node01 ~]# docker wait f17bf986ffd9 0
逻辑卷技术
[root@node01 ~]# docker volume create nginx-data nginx-data [root@node01 ~]# docker volume ls DRIVER VOLUME NAME local nginx-data [root@node01 ~]# docker run -it -d -p 80:80 -v nginx-data:/data nginx:1.20.2 66289ae06cf8e1d989835e8f27aa1e67b19d105ef0686805df4983a6d65540c7 [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 66289ae06cf8 nginx:1.20.2 "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, :::80->80/tcp relaxed_mcnulty [root@node01 ~]# docker exec -it 66289ae06cf8 bash root@66289ae06cf8:/# echo "nginx web" > /data/index.html root@66289ae06cf8:/# exit [root@node01 ~]# cat /var/lib/docker/volumes/nginx-data/_data/index.html nginx web
nginx多卷挂载
# nginx多卷挂载: # 先启动一个容器,将容器内/etc/nginx/nginx.conf 拷贝到 /data/nginx/conf/ 下 [root@node01 ~]# mkdir /data/nginx/conf -p [root@node01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 66289ae06cf8 nginx:1.20.2 "/docker-entrypoint.…" 7 minutes ago Up 7 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp relaxed_mcnulty [root@node01 ~]# [root@node01 ~]# docker cp 66289ae06cf8:/etc/nginx/nginx.conf /data/nginx/conf/ Successfully copied 2.56kB to /data/nginx/conf/ [root@node01 ~]# mkdir /data/testapp [root@node01 ~]# docker run -d --name web1 -v /data/testapp:/usr/share/nginx/html/testapp -v /data/nginx/conf/nginx.conf:/etc/nginx/nginx.conf:ro -p 81:80 nginx:1.20.2 4eec207568231ae42ac1124a241582c317d7234100a4fa5e346da7c11ca4dfd6 [root@node01 ~]# docker exec -it 4eec207568 bash root@4eec20756823:/# echo "aaa" >> /etc/nginx/nginx.conf bash: /etc/nginx/nginx.conf: Read-only file system
总结-v和-p
总结-v和-p
-v: 可以通过volume,目录直接挂载的方式将宿主机的目录和容器的目录联系起来,也可以通过ro的方式设置容器内的目录是只读的, 在对数据的安全性要求比较高的情况下使用挂载的方式,因为当容器退出时数据还是能够在宿主机中保留
-p 是将宿主机的端口映射到容器的端口,由于namespace的存在,容器的端口之间互相不干扰,但是宿主机的端口需要保证唯一,否则会报端口占用,启动一个容器时可以映射根据情况映射多个端口。docker创建MySQL容器并把数据保存到宿主机的/data/mysql
# 安装mysql [root@node01 ~]# wget <https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm> [root@node01 ~]# rpm -ivh mysql57-community-release-el7-9.noarch.rpm warning: mysql57-community-release-el7-9.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY Preparing... ################################# [100%] Updating / installing... 1:mysql57-community-release-el7-9 ################################# [100%] [root@node01 ~]# yum -y install mysql mysql-server --nogpgcheck # 运行mysql镜像 [root@node01 ~]# docker run -it -d -p 3306:3306 -v /data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7.38 # 进入容器查看ip [root@node01 ~]# docker exec -it 90e3003b3d40 bash bash-4.2# cat /etc/hosts 127.0.0.1 localhost ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 172.17.0.4 90e3003b3d40 # 在宿主机连接msyql,创建数据库 [root@node01 ~]# mysql -uroot -p123456 -h 172.17.0.4 mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \\g. Your MySQL connection id is 2 Server version: 5.7.38 MySQL Community Server (GPL) Copyright (c) 2000, 2023, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement. mysql> create database db1; Query OK, 1 row affected (0.00 sec) mysql> create database db2; Query OK, 1 row affected (0.00 sec) # 查看宿主机的目录和容器的目录 # 宿主机中 [root@node01 ~]# ll /data/mysql/ total 188484 -rw-r----- 1 polkitd input 56 Jul 7 02:41 auto.cnf -rw------- 1 polkitd input 1676 Jul 7 02:41 ca-key.pem -rw-r--r-- 1 polkitd input 1112 Jul 7 02:41 ca.pem -rw-r--r-- 1 polkitd input 1112 Jul 7 02:41 client-cert.pem -rw------- 1 polkitd input 1680 Jul 7 02:41 client-key.pem drwxr-x--- 2 polkitd input 20 Jul 7 03:01 db1 drwxr-x--- 2 polkitd input 20 Jul 7 03:01 db2 -rw-r----- 1 polkitd input 1318 Jul 7 02:41 ib_buffer_pool -rw-r----- 1 polkitd input 79691776 Jul 7 02:41 ibdata1 -rw-r----- 1 polkitd input 50331648 Jul 7 02:41 ib_logfile0 -rw-r----- 1 polkitd input 50331648 Jul 7 02:41 ib_logfile1 -rw-r----- 1 polkitd input 12582912 Jul 7 02:41 ibtmp1 drwxr-x--- 2 polkitd input 4096 Jul 7 02:41 mysql lrwxrwxrwx 1 polkitd input 27 Jul 7 02:41 mysql.sock -> /var/run/mysqld/mysqld.sock drwxr-x--- 2 polkitd input 8192 Jul 7 02:41 performance_schema -rw------- 1 polkitd input 1680 Jul 7 02:41 private_key.pem -rw-r--r-- 1 polkitd input 452 Jul 7 02:41 public_key.pem -rw-r--r-- 1 polkitd input 1112 Jul 7 02:41 server-cert.pem -rw------- 1 polkitd input 1680 Jul 7 02:41 server-key.pem drwxr-x--- 2 polkitd input 8192 Jul 7 02:41 sys # 容器中 bash-4.2# ls -l /var/lib/mysql total 188484 -rw-r----- 1 mysql mysql 56 Jul 6 18:41 auto.cnf -rw------- 1 mysql mysql 1676 Jul 6 18:41 ca-key.pem -rw-r--r-- 1 mysql mysql 1112 Jul 6 18:41 ca.pem -rw-r--r-- 1 mysql mysql 1112 Jul 6 18:41 client-cert.pem -rw------- 1 mysql mysql 1680 Jul 6 18:41 client-key.pem drwxr-x--- 2 mysql mysql 20 Jul 6 19:01 db1 drwxr-x--- 2 mysql mysql 20 Jul 6 19:01 db2 -rw-r----- 1 mysql mysql 1318 Jul 6 18:41 ib_buffer_pool -rw-r----- 1 mysql mysql 50331648 Jul 6 18:41 ib_logfile0 -rw-r----- 1 mysql mysql 50331648 Jul 6 18:41 ib_logfile1 -rw-r----- 1 mysql mysql 79691776 Jul 6 18:41 ibdata1 -rw-r----- 1 mysql mysql 12582912 Jul 6 18:41 ibtmp1 drwxr-x--- 2 mysql mysql 4096 Jul 6 18:41 mysql lrwxrwxrwx 1 mysql mysql 27 Jul 6 18:41 mysql.sock -> /var/run/mysqld/mysqld.sock drwxr-x--- 2 mysql mysql 8192 Jul 6 18:41 performance_schema -rw------- 1 mysql mysql 1680 Jul 6 18:41 private_key.pem -rw-r--r-- 1 mysql mysql 452 Jul 6 18:41 public_key.pem -rw-r--r-- 1 mysql mysql 1112 Jul 6 18:41 server-cert.pem -rw------- 1 mysql mysql 1680 Jul 6 18:41 server-key.pem drwxr-x--- 2 mysql mysql 8192 Jul 6 18:41 sys
