docker部署和常用操作
安装及使用docker
docker安装
//配置国内阿里云的源
[root@localhost yum.repos.d]# rm -rf *
[root@localhost yum.repos.d]# ls
[root@localhost yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2495 100 2495 0 0 21324 0 --:--:-- --:--:-- --:--:-- 21324
[root@localhost yum.repos.d]# ls
CentOS-Base.repo
[root@localhost yum.repos.d]# dnf -y install vim wget
CentOS-8.5.2111 - Base - mirrors.aliyun.com 4.0 MB/s | 4.6 MB 00:01
CentOS-8.5.2111 - Extras - mirrors.aliyun.com 139 kB/s | 10 kB 00:00
CentOS-8.5.2111 - AppStream - mirrors.aliyun.com 4.2 MB/s | 8.4 MB 00:02
软件包 vim-enhanced-2:8.0.1763-16.el8_5.12.x86_64 已安装。
依赖关系解决。
======================================================================================
软件包 架构 版本 仓库 大小
======================================================================================
安装:
wget x86_64 1.19.5-10.el8 AppStream 734 k
安装依赖关系:
libmetalink x86_64 0.1.3-7.el8 base 32 k
事务概要
======================================================================================
安装 2 软件包
总下载:766 k
安装大小:2.8 M
下载软件包:
(1/2): libmetalink-0.1.3-7.el8.x86_64.rpm 791 kB/s | 32 kB 00:00
(2/2): wget-1.19.5-10.el8.x86_64.rpm 2.3 MB/s | 734 kB 00:00
--------------------------------------------------------------------------------------
总计 2.4 MB/s | 766 kB 00:00
运行事务检查
事务检查成功。
运行事务测试
事务测试成功。
运行事务
准备中 : 1/1
安装 : libmetalink-0.1.3-7.el8.x86_64 1/2
安装 : wget-1.19.5-10.el8.x86_64 2/2
运行脚本: wget-1.19.5-10.el8.x86_64 2/2
验证 : libmetalink-0.1.3-7.el8.x86_64 1/2
验证 : wget-1.19.5-10.el8.x86_64 2/2
已安装:
libmetalink-0.1.3-7.el8.x86_64 wget-1.19.5-10.el8.x86_64
完毕!
[root@localhost yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@localhost yum.repos.d]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
CentOS-8.5.2111 - Base - mirrors.aliyun.com 82 kB/s | 3.9 kB 00:00
CentOS-8.5.2111 - Extras - mirrors.aliyun.com 39 kB/s | 1.5 kB 00:00
CentOS-8.5.2111 - AppStream - mirrors.aliyun.com 112 kB/s | 4.3 kB 00:00
epel-release-latest-8.noarch.rpm 289 kB/s | 23 kB 00:00
依赖关系解决。
======================================================================================
软件包 架构 版本 仓库 大小
======================================================================================
安装:
epel-release noarch 8-15.el8 @commandline 23 k
事务概要
======================================================================================
安装 1 软件包
总计:23 k
安装大小:32 k
下载软件包:
运行事务检查
事务检查成功。
运行事务测试
事务测试成功。
运行事务
准备中 : 1/1
安装 : epel-release-8-15.el8.noarch 1/1
运行脚本: epel-release-8-15.el8.noarch 1/1
验证 : epel-release-8-15.el8.noarch 1/1
已安装:
epel-release-8-15.el8.noarch
完毕!
[root@localhost yum.repos.d]# sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
[root@localhost yum.repos.d]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel.repo epel-testing.repo
epel-modular.repo epel-testing-modular.repo
//下载阿里云里面的docker-ce.repo
[root@localhost yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
--2022-04-24 07:27:40-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
正在解析主机 mirrors.aliyun.com (mirrors.aliyun.com)... 111.48.71.115, 111.48.71.116, 111.48.71.117, ...
正在连接 mirrors.aliyun.com (mirrors.aliyun.com)|111.48.71.115|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:2081 (2.0K) [application/octet-stream]
正在保存至: “docker-ce.repo”
docker-ce.repo 100%[=======================>] 2.03K --.-KB/s 用时 0s
2022-04-24 07:27:40 (92.4 MB/s) - 已保存 “docker-ce.repo” [2081/2081])
[root@localhost yum.repos.d]# ls //可以看到已经下载完成
CentOS-Base.repo epel-modular.repo epel-testing-modular.repo
docker-ce.repo epel.repo epel-testing.repo
[root@localhost yum.repos.d]# cd
[root@localhost ~]# dnf makecache //建立缓存
CentOS-8.5.2111 - Base - mirrors.aliyun.com 75 kB/s | 3.9 kB 00:00
CentOS-8.5.2111 - Extras - mirrors.aliyun.com 63 kB/s | 1.5 kB 00:00
CentOS-8.5.2111 - AppStream - mirrors.aliyun.com 118 kB/s | 4.3 kB 00:00
Docker CE Stable - x86_64 117 kB/s | 23 kB 00:00
Extra Packages for Enterprise Linux 8 - x86_64 4.1 MB/s | 11 MB 00:02
Extra Packages for Enterprise Linux Modular 8 - x86_6 2.6 MB/s | 1.0 MB 00:00
元数据缓存已建立。
[root@localhost ~]# dnf list all | grep docker //过滤docker
containerd.io.x86_64 1.5.11-3.1.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.14-3.el8 docker-ce-stable
docker-ce-cli.x86_64 1:20.10.14-3.el8 docker-ce-stable
docker-ce-rootless-extras.x86_64 20.10.14-3.el8 docker-ce-stable
docker-compose-plugin.x86_64 2.3.3-3.el8 docker-ce-stable
docker-scan-plugin.x86_64 0.17.0-3.el8 docker-ce-stable
pcp-pmda-docker.x86_64 5.3.1-5.el8 AppStream
podman-docker.noarch 3.3.1-9.module_el8.5.0+988+b1f0b741 AppStream
python-docker-tests.noarch 5.0.0-2.el8 epel
python2-dockerpty.noarch 0.4.1-18.el8 epel
python3-docker.noarch 5.0.0-2.el8 epel
python3-dockerpty.noarch 0.4.1-18.el8 epel
standard-test-roles-inventory-docker.noarch 4.10-1.el8 epel
[root@localhost ~]# dnf -y install docker-ce //安装docker最新版本
//设置开机自启
[root@localhost ~]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@localhost ~]# systemctl status docker //查看状态
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: di>
Active: active (running) since Sun 2022-04-24 07:39:32 EDT; 8s ago
Docs: https://docs.docker.com
Main PID: 4890 (dockerd)
Tasks: 8
Memory: 29.2M
CGroup: /system.slice/docker.service
└─4890 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.s>
4月 24 07:39:31 localhost.localdomain dockerd[4890]: time="2022-04-24T07:39:31.193612>
4月 24 07:39:31 localhost.localdomain dockerd[4890]: time="2022-04-24T07:39:31.193632>
4月 24 07:39:31 localhost.localdomain dockerd[4890]: time="2022-04-24T07:39:31.193761>
4月 24 07:39:32 localhost.localdomain dockerd[4890]: time="2022-04-24T07:39:32.135829>
[root@localhost ~]# ls /etc/docker/ //这时可以看到自动生成一个docker目录
key.json
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
- docker cn
- 中国科技大学加速器
- 阿里云加速器(需要通过阿里云开发者平台注册帐号,免费使用个人私有的加速器)
需要创建一个阿里云账号然后点击控制台
点击左上角的三条杠,找到容器服务里面的容器镜像服务,然后找到镜像工具里面的镜像加速器
选择我们用的CentOS版本
[root@localhost ~]# vi daemon.json //复制粘贴配置一个文件
[root@localhost ~]# cat daemon.json
{
"registry-mirrors": ["https://7fh8zy6l.mirror.aliyuncs.com"]
}
[root@localhost ~]# systemctl daemon-reload //重启docaker服务
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker info //查看docker状态
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.14
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc version: v1.0.3-0-gf46b6ba
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-365.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.744GiB
Name: localhost.localdomain
ID: PHFK:HHSO:OII6:RR7X:GJPM:GSKG:DWRJ:O2RZ:ZPOT:SZYM:UBVL:EGHL
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors: //看到这个网址说明docker加速器服务配置成功
https://7fh8zy6l.mirror.aliyuncs.com/
Live Restore Enabled: false
[root@localhost ~]# ls /var/lib/docker/ //查看版本号
buildkit image overlay2 runtimes tmp volumes
containers network plugins swarm trust
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 20.10.14
API version: 1.41
Go version: go1.16.15
Git commit: a224086
Built: Thu Mar 24 01:47:44 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.14
API version: 1.41 (minimum version 1.12)
Go version: go1.16.15
Git commit: 87a90dc
Built: Thu Mar 24 01:46:10 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.11
GitCommit: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc:
Version: 1.0.3
GitCommit: v1.0.3-0-gf46b6ba
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker常用操作
//搜索镜像
[root@localhost ~]# docker search httpd
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 3976 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 44
centos/httpd 35 [OK]
hypoport/httpd-cgi httpd-cgi 2 [OK]
solsson/httpd-openidc mod_auth_openidc on official httpd image, ve… 2 [OK]
manageiq/httpd Container with httpd, built on CentOS for Ma… 1 [OK]
lead4good/httpd-fpm httpd server which connects via fcgi proxy h… 1 [OK]
dockerpinata/httpd 1
publici/httpd httpd:latest 1 [OK]
dariko/httpd-rproxy-ldap Apache httpd reverse proxy with LDAP authent… 1 [OK]
inanimate/httpd-ssl A play container with httpd, ssl enabled, an… 1 [OK]
//拉取镜像
[root@localhost ~]# docker pull httpd //后面如果没接版本号默认拉取最新版本
Using default tag: latest
latest: Pulling from library/httpd
a2abf6c4d29d: Pull complete
dcc4698797c8: Pull complete
41c22baa66ec: Pull complete
67283bbdd4a0: Pull complete
d982c879c57e: Pull complete
Digest: sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latest
[root@localhost ~]# docker images //查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 4 months ago 144MB
//创建容器
[root@localhost ~]# docker create --name game -p 80:80 httpd
00d3369deb69d48ad961cb886dcffb4733b22fdd3289f910cc4038bb46b042ab
[root@localhost ~]# docker ps -a //加-a 能查看未启动的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 9 seconds ago Created game
[root@localhost ~]# docker ps //默认查看启动的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker start game //启动容器
game
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 2 minutes ago Up 7 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp game
//关闭防火墙,此时游览器可以访问
[root@localhost ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# setenforce 0
//关闭容器
[root@localhost ~]# docker stop 00d3369deb69
00d3369deb69
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 8 minutes ago Exited (0) 57 seconds ago game
[root@localhost ~]# docker start game
Error response from daemon: driver failed programming external connectivity on endpoint game (b031ce4f3e114b83de889359823959e08a6b9d4d8b57b5299afa6e9812e25483): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 80 -j DNAT --to-destination 172.17.0.2:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1))
Error: failed to start containers: game
[root@localhost ~]# systemctl start firewalld //此时需要打开防火墙才能打开容器
[root@localhost ~]# docker start game
game
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 10 minutes ago Up 22 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp game
[root@localhost ~]# firewall-cmd --add-rich-rule 'rule family=ipv4 source address=0.0.0.0/0 service name=http accept' --permanent //添加防火墙协议
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="0.0.0.0/0" service name="http" accept
//显示附带协议成功
//容器重启命令
[root@localhost ~]# docker restart game
game
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 16 minutes ago Up 10 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp game
//结束容器进程命令
[root@localhost ~]# docker kill game
game
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d3369deb69 httpd "httpd-foreground" 18 minutes ago Exited (137) 9 seconds ago game
//查看日志
[root@localhost ~]# docker logs game
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Sun Apr 24 12:11:38.447141 2022] [mpm_event:notice] [pid 1:tid 139924745203008] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Sun Apr 24 12:11:38.447382 2022] [core:notice] [pid 1:tid 139924745203008] AH00094: Command line: 'httpd -D FOREGROUND'
172.17.0.1 - - [24/Apr/2022:12:14:31 +0000] "GET /favicon.ico HTTP/1.1" 404 196
[Sun Apr 24 12:16:17.224736 2022] [mpm_event:notice] [pid 1:tid 139924745203008] AH00492: caught SIGWINCH, shutting down gracefully
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Sun Apr 24 12:19:29.950359 2022] [mpm_event:notice] [pid 1:tid 140665187192128] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Sun Apr 24 12:19:29.952150 2022] [core:notice] [pid 1:tid 140665187192128] AH00094: Command line: 'httpd -D FOREGROUND'
[Sun Apr 24 12:25:45.882621 2022] [mpm_event:notice] [pid 1:tid 140665187192128] AH00492: caught SIGWINCH, shutting down gracefully
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Sun Apr 24 12:25:47.659474 2022] [mpm_event:notice] [pid 1:tid 140500161318208] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Sun Apr 24 12:25:47.659802 2022] [core:notice] [pid 1:tid 140500161318208] AH00094: Command line: 'httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Sun Apr 24 12:28:46.657176 2022] [mpm_event:notice] [pid 1:tid 140178056428864] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Sun Apr 24 12:28:46.657329 2022] [core:notice] [pid 1:tid 140178056428864] AH00094: Command line: 'httpd -D FOREGROUND'
192.168.78.1 - - [24/Apr/2022:12:29:05 +0000] "GET / HTTP/1.1" 304 -
192.168.78.1 - - [24/Apr/2022:12:29:06 +0000] "GET / HTTP/1.1" 304 -
docker event state
容器运行流程
浙公网安备 33010602011771号