一.docker基本概念和框架
1.docker簡介
docker:將引用程序自動部署到容器
2. docker info 顯示docker 信息
3.docker Linux安裝方法
並將當前用戶加入docker用戶組,不必須用sudo開頭
docker安裝后報錯
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
原因:沒有啟動docker,
我也出現過類似的錯誤。
因為,我忘記啟動docker這個服務了。
service docker start
su root # 先切換到root用戶, 再執行以下命令
systemctl enable docker # 開機自動啟動dockersystemctl start docker # 啟動docker
systemctl restart docker # 重啟dokcer
4.docker架構
5.docker 常用命令
docker images : 查看本地所有的images
docker run nginx :
docker run centos echo hello world: 測試輸出hello world
docker run -p 8080:80 -d daocloud.io/nginx: 返回字符串是容器ID, -p:端口映射,將容器的nginx 80端口映射到本地的8080端口,-d :直接返回,將這container左右守護進程執行
docker ps: 查看當前正在運行的 container (容器)
docker ps -a: 列出所有的容器
docker stop 容器ID: 停止一個容器::docker stop 22d8634c6efd
docker cp 本地文件 容器ID:// 容器內部文件路徑 : 將本地文件拷貝到容器內: docker cp index.html 467d613d5dfc://usr/share/nginx/html
docker commit : 將鏡像的修改保存到存儲庫REPOSITORY : docker commit -m 'fun' 503309d830a3 gninx-fun (存儲庫名稱)
docker rm 容器id:刪除容器前,做好先docker stop 容器id,停止容器,再刪除,或者直接強制刪除 docker rm -f
docker rmi 鏡像ID: 刪除鏡像
6.Dockerfile 文件(最簡單的)
第一行: alpine 是 docker 的 base鏡像,基礎的,非常小
第二行:共享者名稱
第三行:命令
touch Dockerfile 新建dockerfile 文件
vi Dockerfile 編輯文件,內容如上面截圖
docker build -t lxw_docker . : 創建鏡像,-t 標簽為 lxw_docker , . (點號)
docker run lxw_docker :運行鏡像
docker images lxw_docker : 查看鏡像
這是在vagrant 虛擬機中創建的
7.復雜的dockerfile
Dockerfile 文件內容,測試前,將本地的nginx關閉
FROM ubuntu
MAINTAINER endlif
RUN sed -i 's/archive.ubuntu.com/mirrors.ustc.edu.cn/g' /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y nginx
COPY index.html /var/www/html
ENTRYPOINT [ "/usr/sbin/nginx","-g","daemon off;"]
EXPOSE 80
8.鏡像分層
9.volume
volume: 提供獨立於容器之外的持久化存儲.
(1)
docker inspect nginx #檢查nginx容器
[vagrant@vagrant-centos7 test2]$ docker inspect nginx
[
{
"Id": "bae848ec476cc327dccb3a5cb93b786a5cee9c4adcd5da4c959faf822083dd59",
"Created": "2020-12-14T11:31:49.52902238Z",
"Path": "/docker-entrypoint.sh",
"Args": [
"nginx",
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 29142,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-12-14T11:31:50.129772198Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:7baf28ea91eb59a68b3b3a82873d413dc9f1b6e0b89d5ad627ad80154f546be5",
"ResolvConfPath": "/var/lib/docker/containers/bae848ec476cc327dccb3a5cb93b786a5cee9c4adcd5da4c959faf822083dd59/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/bae848ec476cc327dccb3a5cb93b786a5cee9c4adcd5da4c959faf822083dd59/hostname",
"HostsPath": "/var/lib/docker/containers/bae848ec476cc327dccb3a5cb93b786a5cee9c4adcd5da4c959faf822083dd59/hosts",
"LogPath": "",
"Name": "/nginx",
"RestartCount": 0,
"Driver": "overlay2",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "journald",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "docker-runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": -1,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Name": "overlay2",
"Data": {
"LowerDir": "/var/lib/docker/overlay2/07e26d34d9360163aeddbe756eb79db129ae1f63d36b25c4cf8d867a6e022cd0-init/diff:/var/lib/docker/overlay2/ca1df088685fa10ff008f12db08cd2179e1f0ac61f99e44314c02c5683508117/diff:/var/lib/docker/overlay2/740b55f713fd65c520fcd6bea511a9b407f1c1103264d11f162bd7fdd0ea3a51/diff:/var/lib/docker/overlay2/003b68af3d1b557c0864915ec9bd73f192c03f55f2f0f357555fccf135b7844c/diff:/var/lib/docker/overlay2/2c13effef20d3177b9dd405bb40d52339fc85702db2cda654adfe0d07bf521d6/diff:/var/lib/docker/overlay2/d17444d07fb87dcb1bf24f1e3dbce1d244a288b3c03110096db3b2697a77473d/diff",
"MergedDir": "/var/lib/docker/overlay2/07e26d34d9360163aeddbe756eb79db129ae1f63d36b25c4cf8d867a6e022cd0/merged",
"UpperDir": "/var/lib/docker/overlay2/07e26d34d9360163aeddbe756eb79db129ae1f63d36b25c4cf8d867a6e022cd0/diff",
"WorkDir": "/var/lib/docker/overlay2/07e26d34d9360163aeddbe756eb79db129ae1f63d36b25c4cf8d867a6e022cd0/work"
}
},
"Mounts": [
{
"Type": "volume",
"Name": "82022623df94214224c22945123d04499d3fc634fa24d429c0d8e61795adc640",
"Source": "/var/lib/docker/volumes/82022623df94214224c22945123d04499d3fc634fa24d429c0d8e61795adc640/_data",
"Destination": "/usr/share/nginx/html",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "bae848ec476c",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.19.5",
"NJS_VERSION=0.4.4",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": {
"/usr/share/nginx/html": {}
},
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "90ad68aa2593da3dcc18b834bc8b27455e5062f0f7e5564ce77168ca5c49398f",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/90ad68aa2593",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "1fd13415a275178a8f71f1eae36092990280abdaca3f5ecf6e4a855939d2f13f",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "fea61ddfddcfe8544c3338793b1fc6bcc8e1fc99cf2786cdb9720cfffacc2679",
"EndpointID": "1fd13415a275178a8f71f1eae36092990280abdaca3f5ecf6e4a855939d2f13f",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03"
}
}
}
}
]
[vagrant@vagrant-centos7 test2]$
(2)本地環境的映射,
(3)掛載
[vagrant@vagrant-centos7 test3]$ docker run -it --volumes-from data_container ubuntu /bin/bash #掛載命令,關鍵步驟
root@d93c0d677ec8:/# mount #Linux mount命令是經常會使用到的命令,它用於掛載Linux系統外的文件。
overlay on / type overlay (rw,relatime,lowerdir=/var/lib/docker/overlay2/l/JEETT2OEJI3NWUGKSGR56LG7AA:/var/lib/docker/overlay2/l/RHXFR5QEFQWBH42UZECNDVSN3O:/var/lib/docker/overlay2/l/2FHWJWZCFN2JZWETMCF6FKO2DU:/var/lib/docker/overlay2/l/FMSRH63BM2BQSE4U7DOKKIUVE3,upperdir=/var/lib/docker/overlay2/276a49526415ce8f1a9145d402c228f169ef75679af968b5ec7723e92466604b/diff,workdir=/var/lib/docker/overlay2/276a49526415ce8f1a9145d402c228f169ef75679af968b5ec7723e92466604b/work)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev type tmpfs (rw,nosuid,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666)
sysfs on /sys type sysfs (ro,nosuid,nodev,noexec,relatime)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,relatime,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (ro,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/cpuacct,cpu type cgroup (ro,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/cpuset type cgroup (ro,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/pids type cgroup (ro,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/perf_event type cgroup (ro,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/net_prio,net_cls type cgroup (ro,nosuid,nodev,noexec,relatime,net_prio,net_cls)
cgroup on /sys/fs/cgroup/memory type cgroup (ro,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (ro,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/blkio type cgroup (ro,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/freezer type cgroup (ro,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/devices type cgroup (ro,nosuid,nodev,noexec,relatime,devices)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
192.168.33.1:/Users/liutao/Desktop/vagrant/docker-test/test3/data on /var/mydata type nfs #容器內外映射關系(rw,relatime,vers=3,rsize=8192,wsize=8192,namlen=255,hard,proto=udp,timeo=11,retrans=3,sec=sys,mountaddr=192.168.33.1,mountvers=3,mountport=879,mountproto=udp,local_lock=none,addr=192.168.33.1)
/dev/sda2 on /etc/resolv.conf type xfs (rw,relatime,attr2,inode64,noquota)
/dev/sda2 on /etc/hostname type xfs (rw,relatime,attr2,inode64,noquota)
/dev/sda2 on /etc/hosts type xfs (rw,relatime,attr2,inode64,noquota)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=65536k)
/dev/sda2 on /run/secrets type xfs (rw,relatime,attr2,inode64,noquota)
devpts on /dev/console type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
proc on /proc/bus type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/fs type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/irq type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sys type proc (ro,nosuid,nodev,noexec,relatime)
proc on /proc/sysrq-trigger type proc (ro,nosuid,nodev,noexec,relatime)
tmpfs on /proc/acpi type tmpfs (ro,relatime)
tmpfs on /proc/kcore type tmpfs (rw,nosuid,mode=755)
tmpfs on /proc/keys type tmpfs (rw,nosuid,mode=755)
tmpfs on /proc/timer_list type tmpfs (rw,nosuid,mode=755)
tmpfs on /proc/timer_stats type tmpfs (rw,nosuid,mode=755)
tmpfs on /proc/sched_debug type tmpfs (rw,nosuid,mode=755)
tmpfs on /proc/scsi type tmpfs (ro,relatime)
tmpfs on /sys/firmware type tmpfs (ro,relatime)
root@d93c0d677ec8:/# cd /var/mydata
root@d93c0d677ec8:/var/mydata# ll
total 0
drwxrwxr-x 2 501 dialout 64 Dec 14 12:50 ./
drwxr-xr-x 1 root root 19 Dec 14 12:53 ../
root@d93c0d677ec8:/var/mydata# touch whatever.txt #容器外
root@d93c0d677ec8:/var/mydata# exit
exit
[vagrant@vagrant-centos7 test3]$ ll
總用量 0
drwxrwxr-x 3 501 games 96 12月 14 20:56 data
[vagrant@vagrant-centos7 test3]$ ll data/ #容器外
總用量 0
-rw-r--r-- 1 501 games 0 12月 14 20:56 whatever.txt
[vagrant@vagrant-centos7 test3]$
10.registry 鏡像倉庫
國內的一些倉庫:
daocloud,aliyun,時速雲
10.1registry 實戰
docker push時即使賬戶密碼正確也顯示 [denied: requested access to the resource is denied]
Step1: login : https://hub.docker.com/
[root@test3 tool]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: shenghp
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded
Step2: 開始push 鏡像: 報錯:denied: requested access to the resource is denied
Step3: 看了網上的經驗,原來是tag 鏡像的時候,要加上自己docker hub 的用戶名:[root@test3 tool]# docker tag centos/php-70-centos7 shenghp/myphp
root@test3 tool]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos/php-70-centos7 latest 15d0338a3b42 4 weeks ago 601MB
shenghp/myphp latest 15d0338a3b42 4 weeks ago 601MBStep3: 繼續push:
[root@test3 tool]# docker push shenghp/myphp
成功,下面到網頁上看一下:
- 結果圖
實戰:
步驟一: docker search whaleasy #搜索whaleasy鏡像
步驟二: docker pull docker/whalesay #拉取whalesay鏡像
步驟三: docker images #查看鏡像
步驟四: docker tag docker.io/docker/whalesay lxw1844912514/whalesay #tag 鏡像名稱,創建一個一樣的whalesay鏡像(除了名字不一樣)
步驟五: docker push lxw1844912514/whalesay #將創建的whalesay鏡像推到dockerhub 個人倉庫
11.compose介紹
docker-compose:多容器app
curl -L https://github.com/docker/compose/releases/download/1.9.0/docker-compose-$(uname -s)-$(uname -m) > /usr/local/bin/docker-compose
12.docker compose實戰
Dockerfile 可以讓用戶管理一個單獨的應用容器;而 Compose 則允許用戶在一個模板(YAML 格式)中定義一組相關聯的應用容器(被稱為一個 project,即項目),例如一個 Web 服務容器再加上后端的數據庫服務容器等
docker-compose常用命令的含義:
build 本地創建鏡像
command 覆蓋缺省命令
depends_on 鏈接容器
ports 暴露端口
volumes 卷
up 啟動服務
stop 停止服務
rm 刪除服務中的各個容器
logs 觀察各個容器的日志
ps 列出服務相關的容器
使用方式
- docker-compose build // 創建容器
- docker-compose up // 啟動項目,可查看輸出信息
- docker-compose up -d // 啟動項目,后台執行
- docker-compose stop // 停止容器
- docker-compose rm // 刪除所有容器
- docker-compose logs // 觀察容器的日志
- docker-compose ps // 查看容器 網站首頁: http://localhost:80/ 或 http://localhost:2368/
后台管理頁: http://localhost:80/ghost
docker-compose up 的時候,日志報錯這個mysql的映射目錄沒有權限,但是我本地已經給777 了的,還需要改哪里嗎
db_1 | chown: changing ownership of '/var/lib/mysql/': Operation not permitted
解決方法:
在docker-compose.yml mysql容器部分添加 user:mysql
我的docker-compose.yml內容:
version: '2'
networks:
ghost:
services:
ghost-app:
build: ghost
networks:
- ghost
depends_on:
- db
ports:
- "2368:2368"
nginx:
build: nginx
networks:
- ghost
depends_on:
- ghost-app
ports:
- "80:80"
db:
image: "mysql:5.7.15"
networks:
- ghost
environment:
MYSQL_ROOT_PASSWORD: mysqlroot
MYSQL_USER: ghost
MYSQL_PASSWORD: ghost
volumes:
- $PWD/data:/var/lib/mysql
ports:
- "3306:3306"
user: mysql #添加這行即可其他問題參考(我這問題沒用這個): Docker啟動Mysql容器失敗,掛載時權限不足,chown:changing ownership of '/var/lib/mysql/':Permission denied
我是參考:https://github.com/laradock/laradock/issues/1007
有位兄弟,整個課程的介紹及代碼:https://github.com/endlif/GitCode/blob/master/docker/README.md
成功打開 本地 ghost 博 客系統:
