docker的安装及image制作

docker安装

windows安装在另一篇随笔

centos安装

# 更改centos7默认的yum源，使用清华镜像

cd /etc/yum.repos.d
wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
# 

yum -y install vim 　　　　 

vim docker-ce.repo
:%s@https://download.docker.com/@https://mirrors.tuna.tsinghua.edu.cn/docker-ce/@ 
yum repolist
yum  -y  install docker-ce

 

当我们安装好docker后，默认主配置文件没有生成

#  /etc/docker/daemon.json

mkdir /etc/docker
vim /etc/docker/daemon.json

{
 "registry-mirrors": ["https://registry.docker-cn.com","https://duado9su.mirror.aliyuncs.com"]
}

#  镜像服务器
$ docker run -d -p 5000:5000 \
-e STANDALONE=false \
-e MIRROR_SOURCE=https://registry-1.docker.io \
-e MIRROR_SOURCE_INDEX=https://index.docker.io \
registry


 


#  国内
docker --registry-mirror=http://服务端ip地址:5000  -d 

 

systemctl start docker.service

 

 

[root@localhost vagrant]# docker
Usage:  docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
      --config string      Location of client config files (default "/root/.docker")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  builder     Manage builds
  config      Manage Docker configs
  container   Manage containers
  engine      Manage the docker engine
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information

[root@localhost vagrant]# docker info
Containers: 4
 Running: 0
 Paused: 0
 Stopped: 4
Images: 5
Server Version: 18.09.0
Storage Driver: devicemapper                 # 分层构建，联合挂载，必须建立在特殊的文件系统
 Pool Name: docker-253:0-33789307-pool
 Pool Blocksize: 65.54kB
 Base Device Size: 10.74GB
 Backing Filesystem: xfs
 Udev Sync Supported: true
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Data Space Used: 246.8MB
 Data Space Total: 107.4GB
 Data Space Available: 6.727GB
 Metadata Space Used: 995.3kB
 Metadata Space Total: 2.147GB
 Metadata Space Available: 2.146GB
 Thin Pool Minimum Free Space: 10.74GB
 Deferred Removal Enabled: true
 Deferred Deletion Enabled: true
 Deferred Deleted Device Count: 0
 Library Version: 1.02.107-RHEL7 (2015-10-14)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: c4446665cb9c30056f4998ed953e6d4ff22c7c39
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-327.4.5.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 615.2MiB
Name: localhost.localdomain
ID: B2VY:FO47:USXN:LXSE:V6YP:WW44:366C:7LE7:CC7V:HVFC:T3OL:WG6J
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: aceq2018
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Registry Mirrors:
 https://duado9su.mirror.aliyuncs.com/
Live Restore Enabled: false
Product License: Community Engine

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
WARNING: devicemapper: usage of loopback devices is strongly discouraged for production use.
         Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
[root@localhost vagrant]#

  inspect     Return low-level information on Docker objects　　　　　　# 查看某个容器的详细信息
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers　　　　# 删除容器
  rmi         Remove one or more images　　　　　　 # 删除镜像
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information

Client:
 Version:           18.09.0
 API version:       1.39
 Go version:        go1.10.4
 Git commit:        4d60db4
 Built:             Wed Nov  7 00:48:22 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.0
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.4
  Git commit:       4d60db4
  Built:            Wed Nov  7 00:19:08 2018
  OS/Arch:          linux/amd64
  Experimental:     false

  wait        Block until one or more containers stop, then print their exit codes
  Run 'docker COMMAND --help' for more information on a command.

docker run -it
-i    交互式界面
-t    开启一个终端
-d　　后台
-c    指定shell语法
docker run -d centos /bin/sh -c 'while true;do echo hello;sleep 1 ;done'

 

　　

 

依附容器           docker    attach
构建容器           docker    build
提交容器           docker    commit
复制文件至宿主机    docker    cp
创建容器           docker    create
查看容器变化        docker    diff
查看事件           docker    events
进入容器           docker    exec
导出镜像           docker    export
查看镜像历史        docker    history
查看本地镜像        docker    images
导入容器           docker    import
查看docker信息     docker    info
查看详细信息        docker    inspect
杀死容器            docker    kill
导入镜像            docker    load
登陆仓库            docker    login
登出仓库            docker    logout
查看容器日志        docker    logs
管理网络            docker  network
管理节点            docker    node
暂停容器            docker    pause
查看容器端口        docker    port
查看本地容器        docker    ps
拉取镜像            docker    pull
推送镜像            docker    push
容器重命名          docker    rename
重启容器            docker    restart
删除容器            docker    rm
删除镜像            docker    rmi
运行容器            docker    run
导出镜像            docker  save
搜索镜像            docker  search
管理服务            docker  service
启动容器            docker    start
查看容器状态        docker    status
停止容器            docker    stop
管理集群            docker    swarm
设置标签            docker    tag
查看容器进程        docker    top
恢复暂停容器        docker    unpause
更新容器            docker    update
查看版本            docker    version
管理数据卷          docker    volume
设置等待            docker  wait

 

 

 

  

docker镜像

apline是一个用来构建非常小的镜像文件的微型发型版，提供基础运行环境，但缺少调试工具

将来的镜像可能不会来自docker hub，其中的镜像可能不会满足我们的需求，---->自己编织--->私有registry

 

 

# docker pull <registry>[:<port>]/[<namespace>/]<name>:<tag>
# docker pull             quay.io/coreos/flannel:v0.010.0-amd64

docker    image    pull    nginx:1.14-apline　　　　# 来下版本为1.14-apline 的 nginx

docker run --name b1 -it busybox
docker run --name redis1  -d redis
本地没有镜像也不要紧，只要能搜到，    docker中运行的程序一定不能运行在后台
启动容器时，docker damon会试图从本地获取相关的镜像；本地没有将从registry中下载该镜像并保存到本地

docker的registry

 

Repository 
　　由某特定的docker镜像的所有迭代版本组成的镜像仓库
　　一个registry中可以存在多个repository
　　　　Repository 可分为顶层仓库和用户仓库
　　　　用户仓库名称格式为  用户名/仓库名
　　每个仓库可以包含多个Tag，每个标签对应一个镜像

Index
　　维护用户账户、镜像的校验以及公共命名空间的信息
　　相当于为registry提供了一个完成用户认证等功能的检索接口

 

 

Registry用于保存docker镜像，包括镜像的层次结构和元数据
用户可自建registry，也可以使用官方的docker hub

分类
Sponsor    registry     第三方的registry ,供客户和docker社区使用
Mirror 　 　Registry     第三方的registry，只让客户使用
Vendor 　 　registry     由发布Docker镜像的供应商提供的registry
Private 　　registry     通过设有防火墙和额外的安全层的私有实体提供的registry

 

 

docker  的Hub

 

 

docker镜像的制作

 

 

Dockerfile 专门制作镜像的

基于容器制作   commit   会把容器的可写层单独创建一个镜像

Docker Hub  automated  builds 内部还是调用的dockerfile

基于容器制作

 

给镜像添加标签

删除标签

docker image rm aceq2018/bbox:v0.0.1

 

当我创建完镜像后，发现默认命令还是基础镜像的命令

 

 

 

 

我们只需要在创建镜像的时候指定-c参数就可以修改了

 

 

推镜像到docker hub  

 

 

 

推到阿里云，阿里云控制台有教程，

 

 

密码是单独设置的

 

 

 

 

打包保存镜像

 

 

 

 

 

只要拷贝到了那台机器有docker就可以运行

  

加载镜像文件

 

 

缺陷：run的时候如果没有镜像还是到registry拉镜像，因此必须本地需要提前准备好