一、docker詳解
1.1、Docker的介紹
Docker是一個開源的應用容器引擎,使用Go語言開發,基於Linux內核的cgroup,namespace,Union FS等技術,對應用進程進行封裝隔離,並且 獨立於宿主機與其他進程,這種運行時封裝的狀態稱為容器。 Docker早起版本實現是基於LXC,並進一步對其封裝,包括文件系統、網絡互聯、鏡像管理等方面,極大簡化了容器管理。從0.7版本以后開始去 除LXC,轉為自行研發的libcontainer,從1.11版本開始,進一步演進為使用runC和containerd。 Docker理念是將應用及依賴包打包到一個可移植的容器中,可發布到任意Linux發行版Docker引擎上。使用沙箱機制運行程序,程序之間相互隔離。
1.2、docker的體系架構
Containerd:是一個簡單的守護進程,使用runC管理容器。向Docker Engine提
供接口。
Shim:只負責管理一個容器。
runC:是一個輕量級的工具,只用來運行容器。 
1.4、docker的內部組件
1. Namespaces 命名空間,Linux內核提供的一種對進程資源隔離的機制,例如進程、網絡、掛載點等資源。 2. CGroups 控制組,Linux內核提供的一種限制進程資源的機制;例如CPU、內存等資源。 3. UnionFS 聯合文件系統,支持將不同位置的目錄掛載到同一虛擬文件系統,形成一種分層的模型。
1.5、虛擬機與容器區別
以 KVM 舉例,與 Docker 對比 啟動時間 Docker秒級啟動,KVM分鍾級啟動。 輕量級 容器鏡像大小通常以M為單位,虛擬機以G為單位。 容器資源占用小,要比虛擬機部署更快速。 性能 容器共享宿主機內核,系統級虛擬化,占用資源少,沒有Hypervisor層開銷,容器性能基本接近物理機; 虛擬機需要Hypervisor層支持,虛擬化一些設備,具有完整的GuestOS,虛擬化開銷大,因而降低性能,沒有容器性能好。 安全性 由於共享宿主機內核,只是進程級隔離,因此隔離性和穩定性不如虛擬機,容器具有一定權限訪問宿主機內核,存在一定安全隱患。 使用 要求 KVM基於硬件的完全虛擬化,需要硬件CPU虛擬化技術支持; 容器共享宿主機內核,可運行在主流的Linux發行版,不用考慮CPU是否支持虛擬化技術。
1.6、docker 的應用場景
場景一:節省項目環境部署時間 1. 單項目打包 2. 整套項目打包 3. 新開源技術試用 場景二:環境一致性 場景三:持續集成 場景四:微服務 場景五:彈性伸縮 參看: https://blog.51cto.com/lizhenliang/1978081
1.7、在Centos7.x安裝docker
CentOS7
# 安裝依賴包 yum install -y yum-utils device-mapper-persistent-data lvm2 # 添加Docker軟件包源 yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo # 更新yum包索引 yum makecache fast # 安裝Docker CE yum install docker-ce -y # 啟動 systemctl start docker # 卸載 yum remove docker-ce rm -rf /var/lib/docker 官方安裝文檔: https://docs.docker.com/engine/installation/linux/docker- ce/centos/#docker-ee-customers
1.8、鏡像加速什么是鏡像?
簡單說,Docker鏡像是一個不包含Linux內核而又精簡的Linux操作系統。
鏡像從哪里來?
Docker Hub是由Docker公司負責維護的公共注冊中心,包含大量的容器鏡像,Docker工具默認從這個公共鏡像庫下載鏡像。
https://hub.docker.com/explore
默認是國外的源,下載會慢,建議配置國內鏡像倉庫:
# vi /etc/docker/daemon.json
{
"registry-mirrors": [ "https://registry.docker-cn.com"]
}
----
重啟一下:
systemctl restart docker
1.9、鏡像與容器的關系
鏡像不是一個單一的文件,而是有多層構成。我們可以通過docker history <ID/NAME> 查 看鏡像中各層內容及大小,每層對應着Dockerfile中的一條指令。Docker鏡像默認存儲在 /var/lib/docker/<storage-driver>中。 容器其實是在鏡像的最上面加了一層讀寫層,在運行容器里做的任何文件改動,都會寫 到這個讀寫層。如果容器刪除了,最上面的讀寫層也就刪除了,改動也就丟失了。 Docker使用存儲驅動管理鏡像每層內容及可讀寫層的容器層。
2.0、存儲驅動
2.1、鏡像命令
二、docker常用命令
2.1、查看版本
[root@ansible-server ~]# docker --version Docker version 18.09.6, build 481bc77156
2.2、查看幫助
[root@ansible-server ~]# docker --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
2.3、查看鏡像分層
[root@ansible-server ~]# docker image history nginx:latest IMAGE CREATED CREATED BY SIZE COMMENT 53f3fd8007f7 2 weeks ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B <missing> 2 weeks ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B <missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 80 0B <missing> 2 weeks ago /bin/sh -c ln -sf /dev/stdout /var/log/nginx… 22B <missing> 2 weeks ago /bin/sh -c set -x && apt-get update && apt… 54.1MB <missing> 2 weeks ago /bin/sh -c #(nop) ENV NJS_VERSION=1.15.12.0… 0B <missing> 2 weeks ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.15.12… 0B <missing> 2 weeks ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B <missing> 2 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B <missing> 2 weeks ago /bin/sh -c #(nop) ADD file:fcb9328ea4c115670… 55.3MB
2.4、查看鏡像的詳細信息
查看鏡像的詳細信息
[root@ansible-server ~]# docker image inspect nginx
[
{
"Id": "sha256:53f3fd8007f76bd23bf663ad5f5009c8941f63828ae458cef584b5f85dc0a7bf",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
省略部分......
2.5、下載鏡像
[root@ansible-server ~]# docker image pull nginx:1.11 1.11: Pulling from library/nginx 6d827a3ef358: Pull complete f8f2e0556751: Pull complete 5c9972dca3fd: Pull complete 451b9524cb06: Pull complete Digest: sha256:e6693c20186f837fc393390135d8a598a96a833917917789d63766cab6c59582 Status: Downloaded newer image for nginx:1.11
2.6、刪除鏡像
查看並刪除鏡像 [root@ansible-server ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 53f3fd8007f7 2 weeks ago 109MB nginx 1.11 5766334bdaa0 2 years ago 183MB
[root@ansible-server ~]# docker image rm nginx:1.11 Untagged: nginx:1.11 Untagged: nginx@sha256:e6693c20186f837fc393390135d8a598a96a833917917789d63766cab6c59582 Deleted: sha256:5766334bdaa0bc37f1f0c02cb94c351f9b076bcffa042d6ce811b0fd9bc31f3b Deleted: sha256:1fcf2d3addf02c3b6add24c7b0993038f7e3eee616b10e671e25440e03bc7697 Deleted: sha256:51c56cdbb9306c4d6f2da2b780924f3b926bd13d15a4f6693a5175690e288436 Deleted: sha256:ec9a826666cfa5df0471f716145da63294019c09a5f2e31613122b57df8f7ce0 Deleted: sha256:5d6cbe0dbcf9a675e86aa0fbedf7ed8756d557c7468d6a7c64bde7fa9e029636
2.7、給鏡像打tag
#給鏡像打tag,再查看 [root@ansible-server ~]# docker tag nginx:1.11 nginx:v1 [root@ansible-server ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 53f3fd8007f7 2 weeks ago 109MB nginx 1.11 5766334bdaa0 2 years ago 183MB nginx v1 5766334bdaa0 2 years ago 183MB
2.8、導出鏡像
[root@ansible-server ~]# docker image save nginx:1.11 >nginx1.11.tar [root@ansible-server ~]# du -sh nginx1.11.tar 182M nginx1.11.tar
2.9、導入鏡像
#刪除這個已存在的鏡像 [root@ansible-server ~]# docker rmi nginx:1.11 Untagged: nginx:1.11 #再導入鏡像 [root@ansible-server ~]# docker load <nginx1.11.tar Loaded image: nginx:1.11 #查看鏡像 [root@ansible-server ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 53f3fd8007f7 2 weeks ago 109MB nginx 1.11 5766334bdaa0 2 years ago 183MB nginx v1 5766334bdaa0 2 years ago 183MB
3.0、運行一個容器
[root@ansible-server ~]# docker run -itd nginx b8ecef224d29f0eaece24c9406e88207491443ab6beb053eb560dce2171b8b4a #查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b8ecef224d29 nginx "nginx -g 'daemon of…" 9 seconds ago Up 6 seconds 80/tcp affectionate_feistel
3.1、導出一個正在運行的容器(備注:導出后就變成了一個鏡像文件)
[root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b8ecef224d29 nginx "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp affectionate_feistel [root@ansible-server ~]# docker export b8ecef224d29 >nginx.tar [root@ansible-server ~]# du -sh nginx.tar 107M nginx.tar
3.2、導入鏡像
[root@ansible-server ~]# docker image import nginx.tar nginx:self
sha256:bbf50008d2bfb21486bb723cb9779ac04e854ee7e8176529d433941527a10fb9
[root@ansible-server ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx self 594fc0cf36b0 58 seconds ago 108MB
nginx latest 53f3fd8007f7 2 weeks ago 109MB
nginx 1.11 5766334bdaa0 2 years ago 183MB
nginx v1 5766334bdaa0 2 years ago 183MB
三、容器管理
3.1、查看容器命令
[root@ansible-server ~]# docker container --help Usage: docker container COMMAND Manage containers Commands: attach Attach local standard input, output, and error streams to a running container commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container diff Inspect changes to files or directories on a container's filesystem exec Run a command in a running container export Export a container's filesystem as a tar archive inspect Display detailed information on one or more containers kill Kill one or more running containers logs Fetch the logs of a container ls List containers pause Pause all processes within one or more containers port List port mappings or a specific mapping for the container prune Remove all stopped containers rename Rename a container restart Restart one or more containers rm Remove one or more containers run Run a command in a new container start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop one or more running containers top Display the running processes of a container unpause Unpause all processes within one or more containers update Update configuration of one or more containers wait Block until one or more containers stop, then print their exit codes Run 'docker container COMMAND --help' for more information on a command.
3.2、創建容器常用選項
3.3、創建一個容器
#創建一個重命名為bs的容器
[root@ansible-server ~]# docker container run -itd --name bs busybox
27080338dabb3d76d3a5864999e2085240d3a6e9c7ef201bd91f9d18c0167969
#查看容器
[root@ansible-server ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
27080338dabb busybox "sh" 49 seconds ago Up 47 seconds bs
d5ee27264bd3 alpine "/bin/sh" 3 minutes ago Exited (0) About a minute ago focus
b8ecef224d29 nginx "nginx -g 'daemon of…" 45 minutes ago Up 45 minutes 80/tcp affec
#進入容器中
[root@ansible-server ~]# docker container attach bs
/ # ls
bin dev etc home proc root sys tmp usr var
/ # ps -ef
PID USER TIME COMMAND
1 root 0:00 sh
8 root 0:00 ps -ef
/ # ifconfig
eth0 Link encap:Ethernet HWaddr 02:42:AC:11:00:03
inet addr:172.17.0.3 Bcast:172.17.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:648 (648.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
/ # echo "123" >>/etc/hosts
/ # tail -1 /etc/hosts
123
/ # exit #退出容器,同時終端也會並閉。
3.4、進入容器命令
[root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 27080338dabb busybox "sh" 15 minutes ago Up 4 minutes bs [root@ansible-server ~]# docker exec -it bs sh / # ls bin dev etc home proc root sys tmp usr var / #
3.5、運行容器,映射端口80到8088上面。
#運行容器,映射端口80到8088上面。 [root@ansible-server ~]# docker container run -itd -p 8080:80 --name nginx02 nginx 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c #查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 71beefd3446a nginx "nginx -g 'daemon of…" 17 seconds ago Up 15 seconds 0.0.0.0:8080->80/tcp nginx02 #訪問這個容器 59.47.71.220:8080 返回結果: Welcome to nginx!
3.6、查看容器的日志(備注:日志會輸出到控制台)
#查看容器的日志(備注:日志會輸出到控制台) [root@ansible-server ~]# docker logs nginx02 98.142.138.176 - - [23/May/2019:02:59:08 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-" 2019/05/23 02:59:09 [error] 6#6: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 98.142.138.176, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "59.47.71.229:8080", referrer: "http://59.47.71.229:8080/" 98.142.138.176 - - [23/May/2019:02:59:09 +0000] "GET /favicon.ico HTTP/1.1" 404 556 "http://59.47.71.229:8080/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-" #容器日志保存地址 [root@ansible-server ~]# ls /var/lib/docker/containers/ 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c #進入日志目錄,查看訪問日志 [root@ansible-server containers]# cd 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c/ [root@ansible-server 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c]# ll total 28 -rw-r-----. 1 root root 1751 May 23 11:08 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c-json.log drwx------. 2 root root 6 May 23 10:57 checkpoints -rw-------. 1 root root 2900 May 23 10:57 config.v2.json -rw-r--r--. 1 root root 1463 May 23 10:57 hostconfig.json -rw-r--r--. 1 root root 13 May 23 10:57 hostname -rw-r--r--. 1 root root 174 May 23 10:57 hosts drwx------. 3 root root 17 May 23 10:57 mounts -rw-r--r--. 1 root root 76 May 23 10:57 resolv.conf -rw-r--r--. 1 root root 71 May 23 10:57 resolv.conf.hash
#查看訪問日志 [root@ansible-server 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c]# tail 71beefd3446a4db2cf316c5ca6611256fd77a3e49494e89838c59e520ebfac4c-json.log {"log":"98.142.138.176 - - [23/May/2019:02:59:08 +0000] \"GET / HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36\" \"-\"\r\n","stream":"stdout","time":"2019-05-23T02:59:08.9258795Z"} {"log":"2019/05/23 02:59:09 [error] 6#6: *2 open() \"/usr/share/nginx/html/favicon.ico\" failed (2: No such file or directory), client: 98.142.138.176, server: localhost, request: \"GET /favicon.ico HTTP/1.1\", host: \"59.47.71.229:8080\", referrer: \"http://59.47.71.229:8080/\"\r\n","stream":"stdout","time":"2019-05-23T02:59:09.7594971Z"} {"log":"98.142.138.176 - - [23/May/2019:02:59:09 +0000] \"GET /favicon.ico HTTP/1.1\" 404 556 \"http://59.47.71.229:8080/\" \"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36\" \"-\"\r\n","stream":"stdout","time":"2019-05-23T02:59:09.7595791Z"} {"log":"98.142.138.176 - - [23/May/2019:03:08:10 +0000] \"GET / HTTP/1.1\" 304 0 \"-\" \"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36\" \"-\"\r\n","stream":"stdout","time":"2019-05-23T03:08:10.0499976Z"} {"log":"98.142.138.176 - - [23/May/2019:03:08:12 +0000] \"GET / HTTP/1.1\" 304 0 \"-\" \"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36\" \"-\"\r\n","stream":"stdout","time":"2019-05-23T03:08:12.8716702Z"} {"log":"98.142.138.176 - - [23/May/2019:03:08:15 +0000] \"GET / HTTP/1.1\" 304 0 \"-\" \"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36\" \"-\"\r\n","stream":"stdout","time":"2019-05-23T03:08:15.1182369Z"}
3.7、--restart=always:指的是服務退出,始終會重啟容器
#清理所有容器 [root@ansible-server ~]# docker stop $(docker ps -a -q);docker rm $(docker ps -a -q) 4aff4bb376dd eb53d76f4778 27080338dabb d5ee27264bd3 b8ecef224d29 4aff4bb376dd eb53d76f4778 27080338dabb d5ee27264bd3 b8ecef224d29
#刪除所有鏡像
[root@ansible-server ~]# docker rmi $(docker images -q)
#運行容器(--restart=always:指的是服務退出,始終會重啟容器) [root@ansible-server ~]# docker container run -itd -p 8080:80 --name nginx02 --restart=always nginx 1372e859b8e8bff473f2d242a50e0f51f96dabd325800ae3504aabf3e041af55 #查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1372e859b8e8 nginx "nginx -g 'daemon of…" 5 seconds ago Up 3 seconds 0.0.0.0:8080->80/tcp nginx02
3.8、限制容器使用CPU資源
[root@ansible-server ~]# docker container run -itd --cpus 1 --name nginx01 nginx 2d801ef7a76d913124b77e42d14da6722d138501600d076beec1a734642dbf99 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2d801ef7a76d nginx "nginx -g 'daemon of…" 6 seconds ago Up 4 seconds 80/tcp nginx01
3.9、限制內存使用率
[root@ansible-server ~]# docker container run -itd --memory 512m --name nginx02 nginx ea65f58c0e55a38019480c4c75a76e71ee129d310e279e5adea73ac792f1a04e [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ea65f58c0e55 nginx "nginx -g 'daemon of…" 8 seconds ago Up 5 seconds 80/tcp nginx02 2d801ef7a76d nginx "nginx -g 'daemon of…" 4 minutes ago Up 4 minutes 80/tcp n
4.0、查看容器資源利用率
[root@ansible-server ~]# docker container stats nginx02 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS ea65f58c0e55 nginx02 0.00% 1.359MiB / 512MiB 0.27% 648B / 0B 0B / 0B 2
4.1、 查看所有容器IP地址
[root@ansible-server ~]# docker inspect --format='{{.Name}} - {{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $(docker ps -aq)
/composelnmp_nginx_1 -
/thirsty_ptolemy - 172.17.0.3
/composelnmp_php_1 - 172.22.0.2
/composelnmp_mysql_1 - 172.22.0.3
/grafana - 172.23.0.4
/cadvisor - 172.23.0.3
/influxdb - 172.23.0.2
四、管理容器常用命令
4.1、刪除容器和鏡像
#刪除所有容器 docker stop $(docker ps -a -q);docker rm $(docker ps -a -q) #刪除所有鏡像 [root@ansible-server ~]# docker rmi -f `docker images -q`
4.2、進入容器
法一: [root@ansible-server ~]# docker exec -it nginx02 bash root@ea65f58c0e55:/# exit 法二: [root@ansible-server ~]# docker exec -it nginx02 sh # ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var 法三: [root@ansible-server ~]# docker run -it centos /bin/bash
4.3、commit :把容器打包成鏡像
#下載鏡像 [root@ansible-server ~]# docker pull centos Using default tag: latest latest: Pulling from library/centos 8ba884070f61: Pull complete Digest: sha256:b40cee82d6f98a785b6ae35748c958804621dc0f2194759a2b8911744457337d Status: Downloaded newer image for centos:latest [root@ansible-server ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos latest 9f38484d220f 2 months ago 202MB #進入鏡像 [root@ansible-server ~]# docker run -it centos /bin/bash #在容器中安裝vim [root@2ffc3f732d99 /]# yum install vim -y [root@2ffc3f732d99 /]# exit #查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c1e98c693e84 centos "/bin/bash" 49 seconds ago Up 46 seconds dreamy_dirac #把容器打包成鏡像: [root@ansible-server ~]# docker commit c1e98c693e84 centos-vim sha256:8377fdf51ec1d46dbb79e96a73e47d72c4be2c4f51ba23969ecea23d0a22b3a8 #查看鏡像 [root@ansible-server ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos-vim latest 8377fdf51ec1 5 seconds ago 202MB centos latest 9f38484d220f 2 months ago 202MB
4.4、把文件從電腦中拷貝到容器中
#查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c1e98c693e84 centos "/bin/bash" 9 minutes ago Up 9 minutes dreamy_dirac #查看需要拷貝的文件 [root@ansible-server ~]# ll total 294828 -rw-r--r--. 1 root root 2656 May 18 16:26 nginx.conf #拷貝文件到容器中 [root@ansible-server ~]# docker container cp nginx.conf dreamy_dirac:/root #進入容器查看,是否有拷貝過來的文件 [root@ansible-server ~]# docker container exec dreamy_dirac ls /root anaconda-ks.cfg nginx.conf
#在容器中的文件重啟也不會丟失
[root@ansible-server ~]# docker restart dreamy_dirac
dreamy_dirac
4.5、查看容器日志
#下載並運行容器 [root@ansible-server ~]# docker container run -itd -p 8080:80 --name nginx02 nginx Unable to find image 'nginx:latest' locally latest: Pulling from library/nginx 743f2d6c1f65: Pull complete 6bfc4ec4420a: Pull complete 688a776db95f: Pull complete Digest: sha256:0e409e180983aea7972c92b0a8ae538d1d3c802fe3a8f795ad8049951894590a Status: Downloaded newer image for nginx:latest 7d5b76c0f8b20038eac1449daba79ded2da7ec41f448ca02252fda877f2ffa9a #查看容器 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7d5b76c0f8b2 nginx "nginx -g 'daemon of…" 29 seconds ago Up 26 seconds 0.0.0.0:8080->80/tcp nginx02 c1e98c693e84 centos "/bin/bash" 20 minutes ago Up 4 minutes dreamy_dirac #訪問容器的nginx [root@ansible-server ~]# curl 59.47.71.229:8080 <!DOCTYPE html> <html> <body> <h1>Welcome to nginx!</h1> </body> </html> #查看容器日志 [root@ansible-server ~]# docker logs nginx02 59.47.71.229 - - [23/May/2019:08:32:34 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-" 59.47.71.229 - - [23/May/2019:08:32:35 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
4.6、查看容器負載情況
[root@ansible-server ~]# docker stats nginx02 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 7d5b76c0f8b2 nginx02 0.00% 1.371MiB / 3.693GiB 0.04% 1.83kB / 2.46kB 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 7d5b76c0f8b2 nginx02 0.00% 1.371MiB / 3.693GiB 0.04% 1.83kB / 2.46kB 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 7d5b76c0f8b2 nginx02 0.00% 1.371MiB / 3.693GiB 0.04% 1.83kB / 2.46kB 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 7d5b76c0f8b2 nginx02 0.00% 1.371MiB / 3.693GiB 0.04% 1.83kB / 2.46kB 0B / 0B 2 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 7d5b76c0f8b2 nginx02 0.00% 1.371MiB / 3.693GiB 0.04% 1.83kB / 2.46kB 0B / 0B 2
4.7、查看容器的端口
[root@ansible-server ~]# docker port nginx02 80/tcp -> 0.0.0.0:8080
4.8、update
[root@ansible-server ~]# docker update --help
Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
Update configuration of one or more containers
Options:
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0
to disable (default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable
unlimited swap
--restart string Restart policy to apply when a container exits
示例:
[root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7d5b76c0f8b2 nginx "nginx -g 'daemon of…" 22 minutes ago Up 22 minutes 0.0.0.0:8080->80/tcp nginx02 c1e98c693e84 centos "/bin/bash" 42 minutes ago Up 26 minutes dreamy_dirac
#設置容器重啟策略 [root@ansible-server ~]# docker update --restart=always 7d5b76c0f8b2 7d5b76c0f8b2
五、Volume(數據卷)
5.1、將Docker主機數據掛載到容器
1、保證容器中的數據不丟失
2、原來容器中的數據,不能容器掛了,數據就拿不出來了。
掛載數據的三種方式:
1、volumes (常用)
[root@ansible-server ~]# ls /var/lib/docker/volumes/
metadata.db
#查看幫助
[root@ansible-server ~]# docker volume --help Usage: docker volume COMMAND Manage volumes Commands: create Create a volume inspect Display detailed information on one or more volumes ls List volumes prune Remove all unused local volumes rm Remove one or more volumes Run 'docker volume COMMAND --help' for more information on a command.
2、bind mounts (常用)
掛載在宿主機上面
3、tmpfs (不常用)
tmpfs是一種基於內存的文件系統,也叫臨時文件系統,tmpfs可以使用RAM,也可以使用swap分區存儲。它並不是一個塊設備,只要安裝就可以使用。是基本RAM的文件系統。
5.2、創建掛載卷,並掛載到容器中
#創建卷
[root@ansible-server ~]# docker volume create nginx-vo1
nginx-vo1
#卷存儲位置
[root@ansible-server ~]# docker volume ls
DRIVER VOLUME NAME
local nginx-vo1
#查看卷的詳細信息
[root@ansible-server ~]# docker volume inspect nginx-vo1
[
{
"CreatedAt": "2019-05-23T17:09:33+08:00",
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/nginx-vo1/_data",
"Name": "nginx-vo1",
"Options": {},
"Scope": "local"
}
]
#掛載卷
語法:
docker run -itd, nginx的名稱,--mount src=掛載的數據卷, dst=nginx網站的根目錄
[root@ansible-server ~]# docker run -itd --name=nginx-test --mount src=nginx-vo1,dst=/usr/share/nginx/html nginx
ef9087684fb9ffe8775895215e0bbb13d1a8ad39f5b30c93a171213522df10c5
#查看容器
[root@ansible-server ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ef9087684fb9 nginx "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 80/tcp nginx-test
7d5b76c0f8b2 nginx "nginx -g 'daemon of…" 45 minutes ago Exited (0) 22 minutes ago nginx02
c1e98c693e84 centos "/bin/bash" About an hour ago Up About an hour dreamy_dirac
#進入容器
[root@ansible-server ~]# docker exec -it nginx-test bash
root@ef9087684fb9:/#
#進入nginx網站根目錄
root@ef9087684fb9:/# cd /usr/share/nginx/html/
#創建一個文件
root@ef9087684fb9:/usr/share/nginx/html# touch 1.html
root@ef9087684fb9:/usr/share/nginx/html# ls
1.html 50x.html index.html
#查看容器外面宿主機目錄中是否有這幾個文件(備注:再開一個終端)
[root@ansible-server ~]# cd /var/lib/docker/volumes/nginx-vo1/_data/
[root@ansible-server _data]# ls
1.html 50x.html index.html
[root@ansible-server _data]# exit
5.3、演示容器刪除了,數據卷的數據還在
(備注:如果在容器中刪除了數據,那么本地也會跟着刪除)
#創建10個文件
root@ef9087684fb9:/usr/share/nginx/html# touch {1..10}.txt
root@ef9087684fb9:/usr/share/nginx/html# ls
1.txt 10.txt 2.txt 3.txt 4.txt 5.txt 50x.html 6.txt 7.txt 8.txt 9.txt index.html
root@ef9087684fb9:/usr/share/nginx/html# exit
exit
#刪除所有容器
[root@ansible-server ~]# docker rm -f $(docker ps -q -a)
ef9087684fb9
7d5b76c0f8b2
c1e98c693e84
#查看容器
[root@ansible-server ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#查看數據卷
[root@ansible-server _data]# cd /var/lib/docker/volumes/nginx-vo1/_data
[root@ansible-server _data]# ls
10.txt 1.txt 2.txt 3.txt 4.txt 50x.html 5.txt 6.txt 7.txt 8.txt 9.txt index.html
5.4、運行容器,增加端口,再通過本地數據卷中寫入一個a.html的文件。再用瀏覽器訪問他看是否可以打開
#再運行容器,增加端口 [root@ansible-server ~]# docker run -itd --name=nginx-test -p 8080:80 --mount src=nginx-vo1,dst=/usr/share/nginx/html nginx 7c82062a7435997717a938a252684ee5832caafe089d97ebf3948010951ae18a [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7c82062a7435 nginx "nginx -g 'daemon of…" 4 seconds ago Up 2 seconds 0.0.0.0:8080->80/tcp nginx-test #容器數據卷存儲目錄 [root@ansible-server _data]# cd /var/lib/docker/volumes/nginx-vo1/_data [root@ansible-server _data]# ls 10.txt 1.txt 2.txt 3.txt 4.txt 50x.html 5.txt 6.txt 7.txt 8.txt 9.txt index.html #創建一個html的文件 [root@ansible-server _data]# vi a.html <h>welcome nulige</n> #通過瀏覽器進行訪問 http://59.47.71.229:8080/a.html 返回結果: welcome nulige
5.5、實現數據卷共享他們的數據
#數據卷可以共享他們的數據 [root@ansible-server ~]# docker run -itd --name=nginx-test -p 8080:80 --mount src=nginx-vo1,dst=/usr/share/nginx/html nginx 7c82062a7435997717a938a252684ee5832caafe089d97ebf3948010951ae18a #本地數據卷目錄 [root@ansible-server _data]# cd /var/lib/docker/volumes/nginx-vo1/_data [root@ansible-server _data]# ls 50x.html index.html #創建一個文件 [root@ansible-server _data]# vi a.html <h>welcome nulige</n> #查看文件 [root@ansible-server _data]# ls 50x.html a.html index.html #通過再創建一個容器,共享上面這個數據卷。實現了數據共享,多個nginx服務都訪問同一個數據卷。這里有點像nginx訪問nfs共享文件夾的功能。 [root@ansible-server ~]# docker run -itd --name=nginx-test02 -p 8081:80 --mount src=nginx-vo1,dst=/usr/share/nginx/html nginx 6e984d5e99a43487e616e92d75a9e9c57c4da3a0d7f0833c37f46072c3673970 [root@ansible-server ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6e984d5e99a4 nginx "nginx -g 'daemon of…" 16 seconds ago Up 14 seconds 0.0.0.0:8081->80/tcp nginx-test02 7c82062a7435 nginx "nginx -g 'daemon of…" 43 minutes ago Up 43 minutes 0.0.0.0:8080->80/tcp nginx-test
5.6、沒有指定數據卷,他默認會創建數據庫
#沒有指定數據卷,他默認會自動創建數據卷 卷分類: 一種是:命名卷,自己指定的卷 一種是:匿名卷,系統默認創建的卷
#創建匿名卷
[root@ansible-server ~]# docker run -itd --name=nginx-test03 -p 8082:80 --mount src=,dst=/usr/share/nginx/html nginx bcbdee85ae6d005971649a802484dacc8b6aca6f96adf70ef4c4ba3dab32bee9
#查看卷 [root@ansible-server ~]# docker volume ls DRIVER VOLUME NAME local 92dbb978ec9d767fee49b1cdb440cd45ada36feb42b064132ba152150780fe67 #匿名卷 local nginx-vo1 #命名卷
5.7、通過bind掛載數據卷
示例:
#刪除容器
[root@ansible-server ~]# docker rm -f $(docker ps -q -a)
bcbdee85ae6d
6e984d5e99a4
7c82062a7435
#綁定系統中已經存在的卷,src=app,這個目錄必須存在,否則會報錯
加參數:type=bind
先創建一個文件夾
[root@ansible-server ~]# mkdir -p /app/wwwroot
再綁定到這個文件夾中
[root@ansible-server ~]# docker run -itd --name=nginx-test --mount type=bind,src=/app/wwwroot,dst=/usr/share/nginx/html nginx
02c1bdaab564b3add7bbe0ac9b289e616e4bc40c965ff9824188bb99ed1fccb2
[root@ansible-server ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
02c1bdaab564 nginx "nginx -g 'daemon of…" 5 seconds ago Up 3 seconds 80/tcp nginx-test
#進入容器
[root@ansible-server ~]# docker exec -it nginx-test bash
#查看mount是否掛載到/usr/share/nginx/html目錄
root@02c1bdaab564:/# mount
overlay on / type overlay (rw,relatime,seclabel,lowerdir=/var/lib/docker/overlay2/l/3QG6SC3NFVC6UJJQNVQGSHSCJV:/var/lib/docker/overlay2/l/IDJTHZBOQVLBQ7TISUNIWAAKS4:/var/lib/docker/overlay2/l/57TQY5XX7CMEROHBTYSQYNQTFY:/var/lib/docker/overlay2/l/FBBYWNRKKGDXOBECYPD3KFPUZN,upperdir=/var/lib/docker/overlay2/e7815303046019f7b9a48c1b1549bd46d25a5011aded5c61a4ca11620880f91d/diff,workdir=/var/lib/docker/overlay2/e7815303046019f7b9a48c1b1549bd46d25a5011aded5c61a4ca11620880f91d/work)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime,seclabel)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,perf_event)
cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,blkio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,cpuset)
cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,memory)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,cpuacct,cpu)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,net_prio,net_cls)
cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,devices)
cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,pids)
cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,freezer)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (ro,nosuid,nodev,noexec,relatime,seclabel,hugetlb)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime,seclabel)
/dev/mapper/centos-root on /etc/resolv.conf type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
/dev/mapper/centos-root on /etc/hostname type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
/dev/mapper/centos-root on /etc/hosts type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,seclabel,size=65536k)
/dev/mapper/centos-root on /usr/share/nginx/html type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
devpts on /dev/console type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=666)
proc on /proc/bus type proc (ro,relatime)
proc on /proc/fs type proc (ro,relatime)
proc on /proc/irq type proc (ro,relatime)
proc on /proc/sys type proc (ro,relatime)
proc on /proc/sysrq-trigger type proc (ro,relatime)
tmpfs on /proc/acpi type tmpfs (ro,relatime,seclabel)
tmpfs on /proc/kcore type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
tmpfs on /proc/keys type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
tmpfs on /proc/timer_list type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
tmpfs on /proc/timer_stats type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
tmpfs on /proc/sched_debug type tmpfs (rw,nosuid,seclabel,size=65536k,mode=755)
tmpfs on /proc/scsi type tmpfs (ro,relatime,seclabel)
tmpfs on /sys/firmware type tmpfs (ro,relatime,seclabel)
#備注:通過bind掛載的容器,他會隱藏掉文件夾下面的內容
root@02c1bdaab564:/# cd /usr/share/nginx/html/
root@02c1bdaab564:/usr/share/nginx/html# ls
#再開一個終端
[root@ansible-server _data]# cd /app/wwwroot/
#往里面寫入點內容
[root@ansible-server wwwroot]# echo "<h>welcome nulige </h>" >index.html
[root@ansible-server wwwroot]# cat index.html
<h>welcome nulige</h>
#再到容器中查看
[root@ansible-server ~]# docker exec -it nginx-test bash
root@02c1bdaab564:/# cd /usr/share/nginx/html/
root@02c1bdaab564:/usr/share/nginx/html# ls
index.html
root@02c1bdaab564:/usr/share/nginx/html# cat index.html
<h>welcome nulige </h>
#bind的應用場景
1、用在tomcat的部署中,直接生成jar包,掛載到部署目錄中。 ls target/xxx.war jar
六、應用案例
6.1、搭建LNMP網站平台實戰
一、搭建LNMP網站平台(nginx+php+mysql) 1、創建網絡 [root@ansible-server ~]# docker network create lnmp #查看網絡 [root@ansible-server ~]# docker network ls NETWORK ID NAME DRIVER SCOPE b892a0991d9d bridge bridge local f5f547cc8686 host host local 35b5589b014b lnmp bridge local a480fd78ff5a none null local 2、創建Mysql數據庫容器 docker run -itd \ --name lnmp_mysql \ --net lnmp \ -p 3306:3306 \ --mount src=mysql-vol,dst=/var/lib/mysql \ -e MYSQL_ROOT_PASSWORD=123456 \ mysql --character-set-server=utf8 #查看數據卷 [root@ansible-server ~]# docker volume ls DRIVER VOLUME NAME local 92dbb978ec9d767fee49b1cdb440cd45ada36feb42b064132ba152150780fe67 local mysql-vol local nginx-vo1 #數據卷目錄存放地址 [root@ansible-server ~]# ls /var/lib/docker/volumes/mysql-vol/_data/ auto.cnf ca-key.pem ib_buffer_pool ibtmp1 performance_schema server-key.pem binlog.000001 ca.pem ibdata1 #innodb_temp private_key.pem sys binlog.000002 client-cert.pem ib_logfile0 mysql public_key.pem undo_001 binlog.index client-key.pem ib_logfile1 mysql.ibd server-cert.pem undo_002 #查看lnmp_mysql日志 [root@ansible-server ~]# docker logs lnmp_mysql #查看top [root@ansible-server ~]# docker top lnmp_mysql UID PID PPID C STIME TTY TIME CMD polkitd 5896 5879 2 11:07 pts/0 00:00:08 mysqld --character-set-server=utf8 3、創建所需數據庫 [root@ansible-server ~]# docker exec lnmp_mysql sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e "create database wordpress"' #提示密碼不安全 mysql: [Warning] Using a password on the command line interface can be insecure. #查看數據庫 [root@ansible-server ~]# docker exec lnmp_mysql sh -c 'exec mysql -uroot -p"123456" -h 59.47.71.229 -e "show databases;"' mysql: [Warning] Using a password on the command line interface can be insecure. Database information_schema mysql performance_schema sys wordpress 4、創建PHP環境容器(備注:鏡像中包括:nginx+php-fpm) docker run -itd \ --name lnmp_web \ --net lnmp \ -p 88:80 \ --mount type=bind,src=/app/wwwroot,dst=/var/www/html richarvey/nginx-php-fpm #查看容器 [root@ansible-server wordpress]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6de0d790b079 richarvey/nginx-php-fpm "docker-php-entrypoi…" 9 minutes ago Up 9 minutes 443/tcp, 9000/tcp, 0.0.0.0:88->80/tcp lnmp_web cee253e2ef97 mysql "docker-entrypoint.s…" 12 minutes ago Up 12 minutes 0.0.0.0:3306->3306/tcp, 33060/tcp lnmp_mysql 5、以wordpress博客為例測試 wget https://cn.wordpress.org/wordpress-4.7.4-zh_CN.tar.gz tar zxf wordpress-4.7.4-zh_CN.tar.gz -C /app/wwwroot #查看解壓文件 [root@ansible-server ~]# ls /app/wwwroot/ index.html wordpress [root@ansible-server wordpress]# iptables -I INPUT -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT [root@ansible-server wordpress]# service iptables save [root@ansible-server wordpress]# service iptables restart 6、瀏覽器測試訪問 http://59.47.71.229:88/wordpress #訪問后會跳轉到 http://59.47.71.229:88/wordpress/wp-admin/setup-config.php
#填寫信息
參考:
https://ke.qq.com/course/366769?taid=2769884539099313&dialog=1