Docker_学习笔记

目录

[toc]


01 什么是云计算?

云计算是一种按量付费的模式,它的底层主要通过虚拟化来实现。


云计算的服务类型?
云服务只是一个统称,可以分成三大类。

云服务三大类

上图转自:(http://www.ruanyifeng.com/blogimg/asset/2017/bg2017072301.jpg)


  • IaaS:基础设施服务,Infrastructure-as-a-service。(kvm openstack)
  • PaaS:平台服务,Platform-as-a-service。(docker k8s)
  • SaaS:软件服务,Software-as-a-service。(运维+开发)


[图片上传失败...(image-c054ca-1576387477923)]
上图转自(http://www.mobanhu.com/upload_files/qrcode/256810111314151619202223242.jpg)


02 什么是容器?

容器是在隔离的环境中运行的一个进程,如果进程停止,容器终止,这个隔离的环境,拥有自己的系统文件,ip地址,主机名,进程管理。
容器还是一个软件的打包技术。


程序:软件,代码
进程:正在运行的程序
协程:线程


03 容器和虚拟机的区别(优势)

虚拟机的开机启动流程(特点):

  • 1:按下电源开关,bios自检
  • 2:选择启动项,选择启动设备
  • 3:加载引导程序 mbr (grub) gpt(UEFI) grub启动菜单 操作系统类型 内核路径
  • 4:加载linux内核(初始化硬件)
  • 5:启动系统的第一个进程/sbin/init ,初始化系统
  • 6:应用程序


容器(特点):共用宿主机内核,一开始就启动第一个进程


image

上图转自(https://images2018.cnblogs.com/blog/1337265/201805/1337265-20180511172324561-1553907087.png)


容器相对于虚拟化的优势:启动快,损耗少,性能高,轻量级
容器相对于虚拟机的劣势:如果宿主机是linux,容器必须linux系统


虚拟机:10台宿主机 可跑100台虚拟机
容器:5台宿主机 可跑100个容器


04 容器的发展历史

  • a: chroot 切换根目录

  • b:lxc (linux container)
    采用的技术:namespace用于“资源隔离”,cgroup用于“资源限制”(本来限制进程使用的硬件资源)
    类似传统的虚拟机。第一个进程 /sbin/init,先初始化系统,再运行服务nginx

  • c:docker容器
    采用的技术:namespace用于“资源隔离”,cgroup用于“资源限制”
    更轻量,第一个进程直接启动服务:如nginx


05 Docker的五大概念

镜像,容器,仓库,存储,网络


06 Docker的发展史

docker版本:

  • 初版:docker engine。第一版1.0,最终版1.13
  • 社区版:docker-ce。第一版:17.03(2017年3月)
  • 企业版:docker-ee

07 docker的安装

系统版本:CentOS Linux release 7.6.1810 (Core)
Docker版本:19.03.5


虚拟机:
10.0.0.100 docker01-h-100
10.0.0.101 docker02-h-101


第一步:安装aliyun镜像源
docker01-h-100与docker02-h-101

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache

第二步:安装docker-ce
docker01-h-100与docker02-h-101

# step 1: 安装必要的一些系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2

# Step 2: 添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

# Step 3: 更新并安装Docker-CE
yum makecache fast
yum -y install docker-ce

# Step 4: 开启 Docker 服务并设定开机自启动
systemctl enable docker
systemctl start docker

第三步:验证
docker01-h-100与docker02-h-101

$ docker version
Client: Docker Engine - Community
 Version:           19.03.5
 API version:       1.40
 Go version:        go1.12.12
 Git commit:        633a0ea
 Built:             Wed Nov 13 07:25:41 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.5
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.12
  Git commit:       633a0ea
  Built:            Wed Nov 13 07:24:18 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.10
  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339
 runc:
  Version:          1.0.0-rc8+dev
  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

08 体验docker容器

docker软件架构为cs架构,client和server


方法1:
将镜像直接上传nginx
docker01-h-100与docker02-h-101

mkdir /root/docker_image/
cd /root/docker_image/
# 将 docker_nginx.tar.gz 上传至 /root/docker_image/

docker load -i docker_nginx.tar.gz 
docker run -d -p 80:80 nginx


方法2:
在线直接启动nginx镜像
docker01-h-100与docker02-h-101

docker run -d -p 80:80 nginx


验证1:
通过curl查看版本

$ curl -I 10.0.0.100
HTTP/1.1 200 OK
Server: nginx/1.17.5
Date: Tue, 26 Nov 2019 14:39:10 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 22 Oct 2019 14:30:00 GMT
Connection: keep-alive
ETag: "5daf1268-264"
Accept-Ranges: bytes

验证2:
直接浏览器访问http://10.0.0.100


09 镜像的管理命令

  • docker search 搜索镜像(优先选官方镜像,其次选择start数量多的)
$ docker search alpine
NAME                                   DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
alpine                                 A minimal Docker image based on Alpine Linux…   5864                [OK]                
mhart/alpine-node                      Minimal Node.js built on Alpine Linux           445                                     
anapsix/alpine-java                    Oracle Java 8 (and 7) with GLIBC 2.28 over A…   430                                     [OK]
frolvlad/alpine-glibc                  Alpine Docker image with glibc (~12MB)          220                                     [OK]
gliderlabs/alpine                      Image based on Alpine Linux will help you wi…   180                    
  • docker image pull 镜像名称:版本 下载指定的镜像
    缩写:docker pull
$ docker image pull alpine
Using default tag: latest
latest: Pulling from library/alpine
89d9c30c1d48: Pull complete 
Digest: sha256:c19173c5ada610a5989151111163d28a67368362762534d8a8121ce95cf2bd5a
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest

$ docker image pull alpine:3.8
3.8: Pulling from library/alpine
c87736221ed0: Pull complete 
Digest: sha256:04696b491e0cc3c58a75bace8941c14c924b9f313b03ce5029ebbc040ed9dcd9
Status: Downloaded newer image for alpine:3.8
docker.io/library/alpine:3.8
  • docker image push 上传镜像
    缩写:docker push

  • docker image ls
    说明:查看镜像列表
    缩写:docker images

$ docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              540a289bab6c        5 weeks ago         126MB
alpine              latest              965ea09ff2eb        5 weeks ago         5.55MB
alpine              3.8                 dac705114996        8 months ago        4.41MB
  • docker image save 镜像名称:版本 -o 镜像压缩包的路径
    说明:镜像的导出
    缩写:docker save
$ docker image save alpine:3.8 -o /root/docker_image/docker_alpine3.8.tar.gz
  • docker image load -i 镜像压缩包的路径
    说明:镜像的导入
    缩写:docker load
$ docker image load -i /root/docker_image/docker_alpine3.8.tar.gz
d9ff549177a9: Loading layer [==================================================>]  4.671MB/4.671MB
Loaded image: alpine:3.8
  • docker image rm nginx:latest
    说明:删除镜像
    缩写:docker rmi
$ docker image rm alpine:3.8
Untagged: alpine:3.8
Untagged: alpine@sha256:04696b491e0cc3c58a75bace8941c14c924b9f313b03ce5029ebbc040ed9dcd9
Deleted: sha256:dac7051149965716b0acdcab16380b5f4ab6f2a1565c86ed5f651e954d1e615c
Deleted: sha256:d9ff549177a94a413c425ffe14ae1cc0aa254bc9c7df781add08e7d2fba25d27
  • docker image tag ID号 rock:v1
    说明:给镜像打标签
    缩写:docker tag
$ docker image import docker_alpine3.8.tar.gz 
sha256:4b1b7fc88220e19f650a76bb0d39ab1fe9bae89c4c14c07dfe2736bf169a2ffb
$ docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
<none>              <none>              4b1b7fc88220        9 seconds ago       4.67MB
nginx               latest              540a289bab6c        5 weeks ago         126MB
alpine              latest              965ea09ff2eb        5 weeks ago         5.55MB
alpine              3.8                 dac705114996        8 months ago        4.41MB
$ docker image tag 4b1b7fc88220 rock:v1
$ docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
rock                v1                  4b1b7fc88220        48 seconds ago      4.67MB
nginx               latest              540a289bab6c        5 weeks ago         126MB
alpine              latest              965ea09ff2eb        5 weeks ago         5.55MB
alpine              3.8                 dac705114996        8 months ago        4.41MB

10 容器的管理命令

  • docker container run -d nginx:latest
    说明:创建并启动一个容器
    备注:该命令相当于docker container create + docker container start
docker run 参数:
-d   后台运行
-p   端口映射
-it  分配一个交互式的终端(it:interactive tty)
-v   将宿主机目录挂载到容器中
# 后台运行
$ docker container run -d nginx:latest
a5e3030fd9a21985630c86906571cf5d6e1d444b9966764dbcc8b2deaedc179e

# 端口映射
$ docker container run -d -p 88:80 nginx:latest
fe1bdd08cb5a7a67fa65c0ed3fcb75d51ee415f363fb7c17b8b894b31409aa65

$ docker container run -d -p 89:80 -p 9000:9000 nginx:latest
6468773ed77feabb218d6ccfcca5dda5b6b594333d4c65640eb2865b2000c98a

# 分配一个交互式的终端
[root@docker01-h-100 docker_image]# docker run -it centos:6.9 
[root@5fffa151eb6d /]# cat /etc/redhat-release 
CentOS release 6.9 (Final)
[root@5fffa151eb6d /]# exit
exit

# 将宿主机目录挂载到容器中
$ docker run -d -p 90:80 -v /root/project/xiaoniao:/usr/share/nginx/html nginx:latest 
82a6d786da946dfebcef67c60ef777fa59dc617570436871653c8680874405bd
# 浏览器:http://10.0.0.100:90
[root@docker01-h-100 project]# docker exec -it 82a6d786da94 /bin/bash
root@82a6d786da94:/# ls -l /usr/share/nginx/html/
total 232
-rw-r--r-- 1 root root 15329 Aug  2  2014 2000.png
-rw-r--r-- 1 root root 51562 Aug  2  2014 21.js
-rw-r--r-- 1 root root   254 Aug  2  2014 icon.png
drwxr-xr-x 2 root root   102 Aug  8  2014 img
-rw-r--r-- 1 root root  3049 Dec  1 07:54 index.html
-rw-r--r-- 1 root root 63008 Aug  2  2014 sound1.mp3
-rw-r--r-- 1 root root 91014 Nov 16 10:41 xiaoniaofeifei.zip
  • docker container start ID号或name
    说明:启动容器

  • docker container stop ID号或name
    说明:停止容器

  • docker container kill
    说明:强制停止容器(慎用

  • docker container ls -a
    说明:查看所有容器

# 查看正在处于运行状态的容器
$ docker container ls
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                        NAMES
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   25 minutes ago      Up 25 minutes       0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
fe1bdd08cb5a        nginx:latest        "nginx -g 'daemon of…"   29 minutes ago      Up 29 minutes       0.0.0.0:88->80/tcp                           musing_lamport
a5e3030fd9a2        nginx:latest        "nginx -g 'daemon of…"   37 minutes ago      Up 37 minutes       80/tcp                                       clever_elbakyan

# 查看所有的容器
$ docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                                        NAMES
5fffa151eb6d        centos:6.9          "/bin/bash"              17 minutes ago      Exited (0) 8 minutes ago                                                zen_bhabha
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   26 minutes ago      Up 26 minutes              0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
fe1bdd08cb5a        nginx:latest        "nginx -g 'daemon of…"   30 minutes ago      Up 30 minutes              0.0.0.0:88->80/tcp                           musing_lamport
a5e3030fd9a2        nginx:latest        "nginx -g 'daemon of…"   38 minutes ago      Up 38 minutes              80/tcp                                       clever_elbakyan
6a54429657be        nginx               "nginx -g 'daemon of…"   3 days ago          Exited (0) 3 days ago                                                   boring_swanson
0dc1b90f0966        nginx               "nginx -g 'daemon of…"   3 days ago          Exited (0) 3 days ago                                                   gifted_spence

# 查看最后一个创建的容器(-l last)
[root@docker01-h-100 docker_image]# docker container ls -a -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                        NAMES
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   57 minutes ago      Up 57 minutes       0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
  • docker container rm ID号
    说明:默认删除非启动状态的容器(可以删除多个容器)
[root@docker01-h-100 docker_image]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS                                        NAMES
5fffa151eb6d        centos:6.9          "/bin/bash"              30 minutes ago      Exited (0) 21 minutes ago                                                zen_bhabha
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   39 minutes ago      Up 39 minutes               0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
fe1bdd08cb5a        nginx:latest        "nginx -g 'daemon of…"   42 minutes ago      Up 42 minutes               0.0.0.0:88->80/tcp                           musing_lamport
a5e3030fd9a2        nginx:latest        "nginx -g 'daemon of…"   51 minutes ago      Up 51 minutes               80/tcp                                       clever_elbakyan
6a54429657be        nginx               "nginx -g 'daemon of…"   3 days ago          Exited (0) 3 days ago                                                    boring_swanson
0dc1b90f0966        nginx               "nginx -g 'daemon of…"   3 days ago          Exited (0) 3 days ago                                                    gifted_spence
[root@docker01-h-100 docker_image]# docker container rm 0dc1b90f0966
0dc1b90f0966
[root@docker01-h-100 docker_image]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS                                        NAMES
5fffa151eb6d        centos:6.9          "/bin/bash"              30 minutes ago      Exited (0) 21 minutes ago                                                zen_bhabha
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   39 minutes ago      Up 39 minutes               0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
fe1bdd08cb5a        nginx:latest        "nginx -g 'daemon of…"   43 minutes ago      Up 43 minutes               0.0.0.0:88->80/tcp                           musing_lamport
a5e3030fd9a2        nginx:latest        "nginx -g 'daemon of…"   51 minutes ago      Up 51 minutes               80/tcp                                       clever_elbakyan
6a54429657be        nginx               "nginx -g 'daemon of…"   3 days ago          Exited (0) 3 days ago                                                    boring_swanson
  • docker container exec -it 1e966bd48fb3 /bin/bash
    说明:进入正在运行的容器(分配一个新的终端)
# 格式
docker exec -it 容器的id/名字 /bin/bash(/bin/sh)
[root@docker01-h-100 docker_image]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                        NAMES
6468773ed77f        nginx:latest        "nginx -g 'daemon of…"   48 minutes ago      Up 48 minutes       0.0.0.0:9000->9000/tcp, 0.0.0.0:89->80/tcp   nervous_bose
fe1bdd08cb5a        nginx:latest        "nginx -g 'daemon of…"   51 minutes ago      Up 51 minutes       0.0.0.0:88->80/tcp                           musing_lamport
a5e3030fd9a2        nginx:latest        "nginx -g 'daemon of…"   About an hour ago   Up About an hour    80/tcp                                       clever_elbakyan
[root@docker01-h-100 docker_image]# docker container exec -it 6468773ed77f /bin/bash
root@6468773ed77f:/# exit
exit
  • docker container attach 7d9f9f980cba
    说明:使用相同的终端
[root@docker01-h-100 xiaoniao]# docker container ls -l -a 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                          PORTS               NAMES
9942e0cc9735        centos:6.9          "/bin/bash"         31 minutes ago      Exited (0) About a minute ago                       recursing_satoshi

[root@docker01-h-100 ~]# docker container start 9942e0cc9735
9942e0cc9735
[root@docker01-h-100 ~]# docker attach 9942e0cc9735
[root@9942e0cc9735 /]# history 

  • docker container cp xiaoniao 5a1ccc8b81c5:/usr/share/nginx/html
    说明:将宿主机的文件上传至容器中(此法不推荐)
# 创建一个nginx容器
$ docker run -d -p 80:80 nginx:latest
07758b5ae91587c5293c388e7d5ca8d6b8ff1da5ef95a1e2d75923572a2f91cd

# 宿主机将小鸟项目解包并上传至容器中
$ mkdir -p /root/project/xiaoniao
$ cd /root/project/xiaoniao
$ unzip xiaoniaofeifei.zip
$ cd /root/project/
$ docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
07758b5ae915        nginx:latest        "nginx -g 'daemon of…"   10 minutes ago      Up 10 minutes       0.0.0.0:80->80/tcp   hungry_merkle
$ docker container cp xiaoniao 07758b5ae915:/usr/share/nginx/html

# 使用浏览器打开:http://10.0.0.100/xiaoniao/

# 进入容器中查看对应目录
$ docker exec -it 07758b5ae915 /bin/bash
root@07758b5ae915:/# ls /usr/share/nginx/html/
50x.html  index.html  xiaoniao
root@07758b5ae915:/# ls /usr/share/nginx/html/xiaoniao/
2000.png  21.js  icon.png  img  index.html  sound1.mp3  xiaoniaofeifei.zip


注意:

  • 遇到的容器问题:为什么有的容器,起不来?
    如果想容器一直处于运行状态,需要让容器夯住(前台运行),并且提供服务。
# 例子
$ docker container run -d -it centos:6.9
  • 不是所有的镜像都是基于centos系统

11 手动制作docker镜像

11.1 单服务

a:启动一个基础的容器,在容器中安装服务

[root@docker01-h-100 ~]# docker run -it -p 80:80 centos:6.9
[root@9942e0cc9735 /]# $ curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
[root@9942e0cc9735 /]# $ curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@9942e0cc9735 /]# $ yum install nginx -y
[root@9942e0cc9735 /]# $ cd /usr/share/nginx/html/
[root@9942e0cc9735 /]# $ rm -fr *

[root@docker01-h-100 xiaoniao]# docker container cp xiaoniaofeifei.zip 9942e0cc9735:/usr/share/nginx/html/

[root@9942e0cc9735 /]# yum install unzip -y
[root@9942e0cc9735 /]# unzip xiaoniaofeifei.zip
[root@9942e0cc9735 /]# nginx

# 浏览器访问:http://10.0.0.100

# 最后退出
[root@9942e0cc9735 /]# exit

b:将装好服务的容器提交为镜像

[root@docker01-h-100 ~]# docker ps -a -l
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                          PORTS               NAMES
9942e0cc9735        centos:6.9          "/bin/bash"         48 minutes ago      Exited (0) About a minute ago                       recursing_satoshi


[root@docker01-h-100 ~]# docker container commit 9942e0cc9735 xiaoniao:v1
sha256:7cb0e8bd861736b9029e86bbe2c19cb71245be2e842134d64018c0d632d9699c

[root@docker01-h-100 ~]# docker image ls
REPOSITORY                                       TAG                 IMAGE ID            CREATED             SIZE
xiaoniao                                         v1                  7cb0e8bd8617        10 seconds ago      446MB

c:测试

[root@docker01-h-100 ~]# docker run -d -p 8080:80 xiaoniao:v1 nginx -g 'daemon off;'


11.2 双服务

安装可道云
a:启动一个基础的容器,在容器中安装服务

[root@docker01-h-100 ~]# docker run -it -p 80:80 centos:6.9
[root@00724e41ca12 /]# $ curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
[root@00724e41ca12 /]# $ curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@00724e41ca12 /]# $ yum install nginx -y
[root@00724e41ca12 /]# $ cd /usr/share/nginx/html/
[root@00724e41ca12 /]# $ rm -fr *

[root@docker01-h-100 kedaoyun]# docker container cp kodexplorer4.40.zip 00724e41ca12:/usr/share/nginx/html/

[root@00724e41ca12 html]# yum install unzip -y
[root@00724e41ca12 html]# unzip kodexplorer4.40.zip

[root@00724e41ca12 html]# yum install php-fpm php-mbstring php-gd -y
[root@00724e41ca12 html]# vi /etc/php-fpm.d/www.conf

修改/etc/php-fpm.d/www.conf

第39行:user = nginx
第41行:group = nginx
[root@00724e41ca12 html]# service php-fpm start
[root@00724e41ca12 html]# vi /etc/nginx/conf.d/default.conf

编辑/etc/nginx/conf.d/default.conf文件

server {
    listen       80 default_server;
    listen       [::]:80 default_server;
    server_name  _;
    root         /usr/share/nginx/html;
    index        index.php index.html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /usr/share/nginx/html$fastcgi_script_name;
        include        fastcgi_params;
    }

    location / {
    }
[root@00724e41ca12 html]# chown -R nginx:nginx .
[root@00724e41ca12 html]# nginx

# 浏览器访问:http://10.0.0.100

[root@00724e41ca12 html]# vi /init.sh

容器内创建并编辑/init.sh文件

#!/bin/bash
service php-fpm start
nginx -g 'daemon off;'
[root@00724e41ca12 html]# chmod +x /init.sh
[root@00724e41ca12 html]# exit

b:将装好服务的容器提交为镜像

[root@docker01-h-100 ~]# docker commit 00724e41ca12 kod:v1
sha256:3908396abb7d66611e011f13b347a163dc41673027812413d0a460d4377e660d

c:测试

[root@docker01-h-100 ~]# docker run -d -p 8080:80 kod:v1 /init.sh
45d9e4147f19ad45b1ab19263d3268f8bf02beb4aabe6681218fa273fbf12063

12 自动制作docker镜像

  • a:手动制作一次镜像,记录历史命令
  • b:根据历史命令,编写dockerfile
  • c:docker build 构建
  • d:测试

12.1 dockerfile基础指令

FROM  基础镜像
RUN   安装服务所需要的命令(不能有交互式的命令)
CMD   镜像的初始命令(容器运行时的初始命令)  可以被替换
["nginx","-g","daemon off;"]
nginx  -g  'daemon off;'

ADD   将当面目录下的文件拷贝镜像的指定目录(自动解压tar包)
WORKDIR 相当于cd,切换工作目录
EXPOSE  你需要暴露容器的端口(做端口映射)
ENV    环境变量
COPY  将当面目录下的文件拷贝镜像的指定目录(不解压tar包)
ENTRYPOINT 镜像的初始命令(容器运行时的初始命令) 不能被替换


12.2 dockerfile中的ADD指令

$ cd /opt/dockerfile/xiaoniao
# 将xiaoniaofeifei.zip放到此处并解压
$ ls
2000.png  21.js  dockerfile  icon.png  img  index.html  sound1.mp3

$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y
ADD . /usr/share/nginx/html

CMD ["nginx","-g","daemon off;"]

开始构建

$ docker build -t xiaoniao:v2 .

测试

[root@docker01-h-100 xiaoniao]# docker run -d -p 80:80 xiaoniao:v2
662b69f974717f5dee549dd909d1c2eb963f035334e1b1fd0dac7947ce6e3ade
[root@docker01-h-100 xiaoniao]# docker ps -a -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
662b69f97471        xiaoniao:v2         "nginx -g 'daemon of…"   6 seconds ago       Up 5 seconds        0.0.0.0:80->80/tcp   sad_haibt
[root@docker01-h-100 xiaoniao]# docker ps -a -l --no-trunc
CONTAINER ID                                                       IMAGE               COMMAND                    CREATED             STATUS              PORTS                NAMES
662b69f974717f5dee549dd909d1c2eb963f035334e1b1fd0dac7947ce6e3ade   xiaoniao:v2         "nginx -g 'daemon off;'"   2 minutes ago       Up 2 minutes        0.0.0.0:80->80/tcp   sad_haibt

# 浏览器访问:http://10.0.0.100


12.3 dockerfile中的WORKDIR指令

$ cd /opt/dockerfile/xiaoniao
$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y
RUN yum install unzip -y
WORKDIR /usr/share/nginx/html
RUN rm -fr *
RUN curl -o xiaoniao.zip http://10.0.0.200/xiaoniaofeifei.zip
RUN unzip xiaoniao.zip

CMD ["nginx","-g","daemon off;"]

开始构建

$ docker build -t xiaoniao:v3 .

测试

[root@docker01-h-100 xiaoniao]# docker run -d -p 81:80 xiaoniao:v3
[root@docker01-h-100 xiaoniao]# docker exec -it a620020cc0d5 /bin/bash
[root@a620020cc0d5 html]# pwd
/usr/share/nginx/html

# 浏览器访问:http://10.0.0.100:81


12.4 dockerfile中的EXPOSE指令

$ cd /opt/dockerfile/xiaoniao
$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y
RUN yum install unzip -y
WORKDIR /usr/share/nginx/html
RUN rm -fr *
RUN curl -o xiaoniao.zip http://10.0.0.200/xiaoniaofeifei.zip
RUN unzip xiaoniao.zip
EXPOSE 80

CMD ["nginx","-g","daemon off;"]

开始构建

$ docker build -t xiaoniao:v4 .

测试

[root@docker01-h-100 xiaoniao]# docker run -d -P xiaoniao:v4
[root@docker01-h-100 xiaoniao]# docker container ls -a -l
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                   NAMES
926cc84e873b        xiaoniao:v4         "nginx -g 'daemon of…"   21 seconds ago      Up 20 seconds       0.0.0.0:32768->80/tcp   nostalgic_engelbart

# 浏览器访问:http://10.0.0.100:32768


12.5 dockerfile中的ENV指令

$ cd /opt/dockerfile/vsftp
$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

ENV version=2.2.2
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN yum install vsftpd-$version -y

开始构建

$ docker build -t vsftpd:v1 .

测试

[root@docker01-h-100 vsftp]# docker run -it vsftpd:v1 printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=bb3ebff344a2
TERM=xterm
version=2.2.2
HOME=/root


12.6 dockerfile中的ENTRYPOINT指令

$ cd /opt/dockerfile/xiaoniao
$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y
RUN yum install unzip -y
WORKDIR /usr/share/nginx/html
RUN rm -fr *
RUN curl -o xiaoniao.zip http://10.0.0.200/xiaoniaofeifei.zip
RUN unzip xiaoniao.zip
EXPOSE 80

ENTRYPOINT ["nginx","-g","daemon off;"]

开始构建

$ docker build -t xiaoniao:v5 .

测试

[root@docker01-h-100 xiaoniao]# docker run -d xiaoniao:v5 lalala
9de30c3ec4b63782a07d21fb3526a26fb5180c99f4f0e0a5ef6fb52112e55651
[root@docker01-h-100 xiaoniao]# docker container ls -a -l --no-trunc
CONTAINER ID                                                       IMAGE               COMMAND                           CREATED             STATUS                     PORTS               NAMES
9de30c3ec4b63782a07d21fb3526a26fb5180c99f4f0e0a5ef6fb52112e55651   xiaoniao:v5         "nginx -g 'daemon off;' lalala"   2 minutes ago       Exited (1) 2 minutes ago                       hardcore_johnson


12.7 单服务

宿主机:

cd /opt/
mkdir dockerfile
cd dockerfile
mkdir centos-nginx
cd centos-nginx/
vim dockerfile

创建并编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y

CMD ["nginx","-g","daemon off;"]

开始构建

[root@docker01-h-100 centos-nginx]# docker image build -t centos_nginx:v1 /opt/dockerfile/centos-nginx/
或
[root@docker01-h-100 centos-nginx]# docker image build -t centos_nginx:v1 .

# 构建时采用加速方式(实验室环境)
docker image build --network=host -t centos_nginx:v1 .
或
docker image build --network=host -t centos_nginx:v1 /opt/dockerfile/centos-nginx/
# --network=host 采用宿主的hosts文件  "192.168.13.120  mirrors.aliyun.com" >>/etc/hosts

开始测试

[root@docker01-h-100 centos-nginx]# docker run -d -p 80:80 centos_nginx:v1
[root@docker01-h-100 centos-nginx]# docker ps -a -l --no-trunc
CONTAINER ID                                                       IMAGE               COMMAND                    CREATED             STATUS              PORTS                NAMES
e48b41b095768a9f4c1b5a39f5a63a87350ebc990d2e03383faa8bfc6393386b   centos_nginx:v1     "nginx -g 'daemon off;'"   2 minutes ago       Up 2 minutes        0.0.0.0:80->80/tcp   crazy_kepler

# 浏览器访问:http://10.0.0.100


12.8 双服务

宿主机:

cd /opt/dockerfile/kod

# 先从之前手动创建的镜像中拷取文件出来
[root@docker01-h-100 kod]# docker run -it kod:v1 /bin/bash
[root@dd5b8dfaa6e3 /]# ls /init.sh 
/init.sh
[root@dd5b8dfaa6e3 /]# ls /etc/php-fpm.d/www.conf
/etc/php-fpm.d/www.conf
[root@dd5b8dfaa6e3 /]# ls /etc/nginx/conf.d/default.conf
/etc/nginx/conf.d/default.conf
[root@dd5b8dfaa6e3 /]# exit
exit
[root@docker01-h-100 kod]# docker cp dd5b8dfaa6e3:/init.sh .
[root@docker01-h-100 kod]# docker cp dd5b8dfaa6e3:/etc/php-fpm.d/www.conf .
[root@docker01-h-100 kod]# docker cp dd5b8dfaa6e3:/etc/nginx/conf.d/default.conf .
[root@docker01-h-100 kod]# ls
default.conf  init.sh  www.conf

vim dockerfile

创建并编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
RUN curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
RUN yum install nginx -y

RUN yum install unzip php-fpm php-mbstring php-gd -y

WORKDIR /usr/share/nginx/html/
RUN rm -fr *
RUN curl -o kodexplorer4.40.zip http://10.0.0.200/kodexplorer4.40.zip

RUN unzip kodexplorer4.40.zip
RUN chown -R nginx:nginx .

COPY www.conf /etc/php-fpm.d/www.conf
COPY default.conf /etc/nginx/conf.d/default.conf
COPY init.sh /init.sh
EXPOSE 80
ENTRYPOINT ["/init.sh"]

开始构建

[root@docker01-h-100 centos-nginx]# docker build -t kod:v2 .

开始测试

[root@docker01-h-100 kod]# docker run -d -P kod:v2 lalala
a4ade3c4ac30100cf3ef2ca08470f7f62da816aa7efd1db90b0b4dad1a3948bc

[root@docker01-h-100 kod]# docker ps -a -l --no-trunc
CONTAINER ID                                                       IMAGE               COMMAND             CREATED             STATUS              PORTS                   NAMES
a4ade3c4ac30100cf3ef2ca08470f7f62da816aa7efd1db90b0b4dad1a3948bc   kod:v2              "/init.sh lalala"   13 seconds ago      Up 13 seconds       0.0.0.0:32770->80/tcp   practical_elion

# 浏览器访问:http://10.0.0.100:32770


12.9 优化镜像容量

将12.6的dockerfile文件优化

$ cd /opt/dockerfile/xiaoniao
$ vim dockerfile

编辑dockerfile文件

FROM centos:6.9

RUN curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo && \
 curl -o  /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo && \
 yum install nginx unzip -y && yum clean all
WORKDIR /usr/share/nginx/html
RUN rm -fr * && \
 curl -o xiaoniao.zip http://10.0.0.200/xiaoniaofeifei.zip && \
 unzip xiaoniao.zip && rm -fr xiaoniao.zip
EXPOSE 80
ENTRYPOINT ["nginx","-g","daemon off;"]

开始构建

$ docker build -t xiaoniao:v6 .

测试

[root@docker01-h-100 xiaoniao]# docker run -d -P xiaoniao:v6
45e161b5c86a178572c3e5c472fa3070c527beeb415d7294f1a3c3f6bfaae4ae
[root@docker01-h-100 xiaoniao]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS                      PORTS                   NAMES
45e161b5c86a        xiaoniao:v6         "nginx -g 'daemon of…"   5 seconds ago        Up 4 seconds                0.0.0.0:32768->80/tcp   sweet_gould

# 浏览器访问:http://10.0.0.100:32770

比较v6与v7的大小

[root@docker01-h-100 xiaoniao]# docker image ls xiaoniao
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
xiaoniao            v6                  b26b82db7a31        17 seconds ago      355MB
xiaoniao            v5                  5531060931b0        47 hours ago        560MB
xiaoniao            v4                  527144eb17b2        2 days ago          560MB
xiaoniao            v3                  85c46d22e61e        2 days ago          560MB
xiaoniao            v2                  4c7f36954fe7        2 days ago          446MB
xiaoniao            v1                  7cb0e8bd8617        5 days ago          446MB

13 docker容器间的互联

  • docker run --link 名字:别名 # 此法为单方向互联

示例:

[root@docker02-h-101 ~]# docker run -d -it --name rock alpine:3.8
e683e3227dfc62ca1c9e3ebe926a60d3e0e7d136140654fa5886d660466ff573

[root@docker02-h-101 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
e683e3227dfc        alpine:3.8          "/bin/sh"           3 seconds ago       Up 2 seconds                            rock

[root@docker02-h-101 ~]# docker run -it --link rock:db alpine:3.8
/ # ping db
PING db (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.120 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.181 ms
^C
--- db ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.120/0.150/0.181 ms
/ # ping rock
PING rock (172.17.0.3): 56 data bytes
64 bytes from 172.17.0.3: seq=0 ttl=64 time=0.227 ms
64 bytes from 172.17.0.3: seq=1 ttl=64 time=0.067 ms
^C
--- rock ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.067/0.147/0.227 ms
/ # cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3  db e683e3227dfc rock
172.17.0.4  0538e941f87d

zabbix例子:

主机101:

# 导入镜像
[root@docker02-h-101 zabbix]# pwd
/root/docker_image/zabbix
[root@docker02-h-101 zabbix]# ls
docker-mysql-5.7.tar.gz  zabbix-java-gateway.tar.gz  zabbix-server-mysql.tar.gz  zabbix-web-nginx-mysql.tar.gz
[root@docker02-h-101 zabbix]# for n in `ls *.tar.gz`;do docker load -i $n;done

[root@docker02-h-101 zabbix]# docker image ls -a
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
nginx                           latest              540a289bab6c        6 weeks ago         126MB
alpine                          3.8                 dac705114996        9 months ago        4.41MB
zabbix/zabbix-server-mysql      latest              e36e7fa7e11a        3 years ago         106MB
zabbix/zabbix-web-nginx-mysql   latest              386dc9afc1c4        3 years ago         174MB
zabbix/zabbix-java-gateway      latest              4257519fd740        3 years ago         148MB
mysql                           5.7                 b7dc06006192        3 years ago         386MB

# 启动命令
docker run --name mysql-server -t \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      -d mysql:5.7 \
      --character-set-server=utf8 --collation-server=utf8_bin

docker run --name zabbix-java-gateway -t \
      -d zabbix/zabbix-java-gateway:latest

docker run --name zabbix-server-mysql -t \
      -e DB_SERVER_HOST="mysql-server" \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      -e ZBX_JAVAGATEWAY="zabbix-java-gateway" \
      --link mysql-server:mysql \
      --link zabbix-java-gateway:zabbix-java-gateway \
      -p 10051:10051 \
      -d zabbix/zabbix-server-mysql:latest

docker run --name zabbix-web-nginx-mysql -t \
      -e DB_SERVER_HOST="mysql-server" \
      -e MYSQL_DATABASE="zabbix" \
      -e MYSQL_USER="zabbix" \
      -e MYSQL_PASSWORD="zabbix_pwd" \
      -e MYSQL_ROOT_PASSWORD="root_pwd" \
      --link mysql-server:mysql \
      --link zabbix-server-mysql:zabbix-server \
      -p 80:80 \
      -d zabbix/zabbix-web-nginx-mysql:latest

[root@docker02-h-101 zabbix]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS              PORTS                               NAMES
8d091e8c2900        zabbix/zabbix-web-nginx-mysql:latest   "/bin/bash /run_zabb…"   11 seconds ago      Up 11 seconds       0.0.0.0:80->80/tcp, 443/tcp         zabbix-web-nginx-mysql
8b72d9df775f        zabbix/zabbix-server-mysql:latest      "/bin/bash /run_zabb…"   14 seconds ago      Up 13 seconds       162/udp, 0.0.0.0:10051->10051/tcp   zabbix-server-mysql
585d52c39586        zabbix/zabbix-java-gateway:latest      "/bin/bash /run_zabb…"   14 seconds ago      Up 14 seconds       10052/tcp                           zabbix-java-gateway
c721fcdac608        mysql:5.7                              "docker-entrypoint.s…"   15 seconds ago      Up 14 seconds       3306/tcp                            mysql-server

# 浏览器访问:http://10.0.0.101
# 管理员初始密码:Admin / zabbix

主机100:

# 安装zabbix客户端
[root@docker01-h-100 rpm]# pwd
/root/rpm
[root@docker01-h-100 rpm]# ls
zabbix-agent-3.2.0-1.el7.x86_64.rpm
[root@docker01-h-100 rpm]# rpm -ivh zabbix-agent-3.2.0-1.el7.x86_64.rpm
warning: zabbix-agent-3.2.0-1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID a14fe591: NOKEY
Preparing...                          ################################# [100%]
Updating / installing...
   1:zabbix-agent-3.2.0-1.el7         ################################# [100%]

[root@docker01-h-100 rpm]# vim /etc/zabbix/zabbix_agentd.conf

编辑zabbix_agentd.conf

第95行:Server=10.0.0.101

启动服务

[root@docker01-h-100 rpm]# systemctl start zabbix-agent.service

主机101:

zabbix管理设置界面:http://10.0.0.101
配置 - 主机 - 创建主机

主机:
    主机名称:10.0.0.100
    群组:Linux servers
    agent代理程序的接口:IP地址10.0.0.100
模板:
    链接指示器:Template OS Linux

# 等不及的话重启服务
[root@docker02-h-101 zabbix]# docker restart zabbix-server-mysql

监测中点最新数据就能看到数据

14 docker的私有仓库

14.1 不带认证

100宿主机(服务端):

# 先导入私有仓库镜像
[root@docker01-h-100 dockerfile]# pwd
/opt/dockerfile
[root@docker01-h-100 dockerfile]# docker load -i registry.tar.gz

# 直接启动
[root@docker01-h-100 dockerfile]# docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry  registry
cafb85d5bb902b768c490261983aaf4eecd313dbeee159285ff0959daa5aabfd

# --restart=always    宿主机重启后,该docker应用也跟着自动启动

101宿主机(客户端)

[root@docker02-h-101 ~]# vim /etc/docker/daemon.json

编辑/etc/docker/daemon.json(无论上传下载都要有)

{
  "insecure-registries": ["10.0.0.100:5000"],
  "registry-mirrors": ["https://registry.docker-cn.com"]
}
# registry-mirrors为镜像加速

重启docker服务

[root@docker02-h-101 ~]# systemctl restart docker

先打标签再推送

[root@docker02-h-101 ~]# docker tag alpine:3.8 10.0.0.100:5000/alpine:3.8
[root@docker02-h-101 ~]# docker push 10.0.0.100:5000/alpine
The push refers to repository [10.0.0.100:5000/alpine]
d9ff549177a9: Pushed 
3.8: digest: sha256:899a03e9816e5283edba63d71ea528cd83576b28a7586cf617ce78af5526f209 size: 528
[root@docker02-h-101 ~]#

100宿主机

# 查看刚才推送的镜像与版本
[root@docker01-h-100 dockerfile]# ls /opt/myregistry/docker/registry/v2/repositories/
alpine
[root@docker01-h-100 dockerfile]# ls /opt/myregistry/docker/registry/v2/repositories/alpine/_manifests/tags/
3.8

101宿主机(客户端)

# 从私有仓库下载镜像
[root@docker02-h-101 ~]# docker pull 10.0.0.100:5000/alpine:3.8
3.8: Pulling from alpine
Digest: sha256:899a03e9816e5283edba63d71ea528cd83576b28a7586cf617ce78af5526f209
Status: Image is up to date for 10.0.0.100:5000/alpine:3.8
10.0.0.100:5000/alpine:3.8

浏览器查看:

http://10.0.0.100:5000/v2/_catalog

国内的镜像广场:
时速云

# 下载公共外网的镜像
[root@docker02-h-101 ~]# docker pull index.tenxcloud.com/system_containers/fluentd-elk:v3.2.0
[root@docker02-h-101 ~]# docker pull daocloud.io/huangzhichong/alpine-cn:latest
latest: Pulling from huangzhichong/alpine-cn
0a8490d0dfd3: Pull complete 
8881e0c6b9b8: Pull complete 
Digest: sha256:57c79fbd51aac09ea307ba6ddbbb4cc60f49e015d261193bacff95f9fa39d88c
Status: Downloaded newer image for daocloud.io/huangzhichong/alpine-cn:latest
daocloud.io/huangzhichong/alpine-cn:latest


14.2 带认证

强哥的博客:docker私有仓库registry的使用

100宿主机(服务端):

[root@docker01-h-100 dockerfile]# yum install httpd-tools -y
[root@docker01-h-100 dockerfile]# mkdir /opt/registry-var/auth/ -p
[root@docker01-h-100 dockerfile]# htpasswd -Bbn oldboy 123456 >> /opt/registry-var/auth/htpasswd
[root@docker01-h-100 ~]# docker run -d -p 5001:5000 --restart=always --name registry_auth -v /opt/registry-var/auth/:/auth/ -v /opt/myregistry:/var/lib/registry -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
391d185fbde8a7f008a366fd50046aabb8d5471db7eca83101e5f43649868f30
[root@docker01-h-100 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                    NAMES
391d185fbde8        registry            "/entrypoint.sh /etc…"   47 seconds ago      Up 46 seconds              0.0.0.0:5001->5000/tcp   registry_auth

101宿主机(客户端)

[root@docker02-h-101 ~]# vim /etc/docker/daemon.json

编辑/etc/docker/daemon.json(无论上传下载都要有)

{
  "insecure-registries": ["10.0.0.100:5001"],
  "registry-mirrors": ["https://registry.docker-cn.com"]
}
# registry-mirrors为镜像加速

重启docker服务

[root@docker02-h-101 ~]# systemctl restart docker
# 登陆再上传
[root@docker02-h-101 ~]# docker login 10.0.0.100:5001
Username: oldboy
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

[root@docker02-h-101 .docker]# docker tag alpine:3.8 10.0.0.100:5001/alpine:3.8
[root@docker02-h-101 .docker]# docker push 10.0.0.100:5001/alpine
The push refers to repository [10.0.0.100:5001/alpine]
d9ff549177a9: Layer already exists 
3.8: digest: sha256:899a03e9816e5283edba63d71ea528cd83576b28a7586cf617ce78af5526f209 size: 528

退出

[root@docker02-h-101 .docker]# docker logout 10.0.0.100:5001
Removing login credentials for 10.0.0.100:5001

删除认证文件
[root@docker02-h-101 .docker]# rm -fr  /root/.docker/config.json


14.3 删除镜像(未做实验)

删除镜像
1)进入docker registry的容器中

docker exec -it registry /bin/sh
  1. 删除repo
rm -fr /var/lib/registry/docker/registry/v2/repositories/nginx
  1. 清楚掉blob
registry garbage-collect /etc/docker/registry/config.yml


14.4 Harbor 安装和使用

Harbor 1.8.0 仓库的安装和使用


15 docker容器编排(单机版docker-compose)

作用:一次性启动多个容器

配置文件:
docker-compose.yml(用于决定启动哪些容器)

版本参考:https://docs.docker.com/compose/compose-file/

相关命令:

docker-compose up -d(创建并启动)

docker-compose restart 单个服务名字
docker-compose restart(重启所有)

docker-compose stop(停止所有)
docker-compose stop 单个服务名字

docker-compose start (启动所有)
docker-compose start 单个服务名字

docker-compose down(停止并删除)


安装docker-compose(需要epel源)

[root@docker02-h-101 ~]# yum install docker-compose -y
[root@docker02-h-101 zabbix]# pwd
/opt/docker-compose/zabbix
[root@docker02-h-101 zabbix]# vim docker-compose.yaml

编辑yaml文件

version: '3'

services:
   mysql-server:
     image: mysql:5.7
     restart: always
     environment:
       MYSQL_ROOT_PASSWORD: root_pwd
       MYSQL_DATABASE: zabbix
       MYSQL_USER: zabbix
       MYSQL_PASSWORD: zabbix_pwd
     command: --character-set-server=utf8

   zabbix-java-gateway:
     image: zabbix/zabbix-java-gateway:latest
     restart: always

   zabbix-server:
     depends_on:
       - mysql-server
     image: zabbix/zabbix-server-mysql:latest
     restart: always
     environment:
       DB_SERVER_HOST: mysql-server
       MYSQL_DATABASE: zabbix
       MYSQL_USER: zabbix
       MYSQL_PASSWORD: zabbix_pwd
       MYSQL_ROOT_PASSWORD: root_pwd
       ZBX_JAVAGATEWAY: zabbix-java-gateway
     ports:
       - "10051:10051"

   zabbix-web-nginx-mysql:
     depends_on:
       - zabbix-server
     image: zabbix/zabbix-web-nginx-mysql:latest
     ports:
       - "80:80"
     restart: always
     environment:
       DB_SERVER_HOST: mysql-server
       MYSQL_DATABASE: zabbix
       MYSQL_USER: zabbix
       MYSQL_PASSWORD: zabbix_pwd
       MYSQL_ROOT_PASSWORD: root_pwd

启动docker-compose

[root@docker02-h-101 zabbix]# docker-compose up -d

查看状态

[root@docker02-h-101 zabbix]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS              PORTS                               NAMES
5e274626a917        zabbix/zabbix-web-nginx-mysql:latest   "/bin/bash /run_zabb…"   21 seconds ago      Up 20 seconds       0.0.0.0:80->80/tcp, 443/tcp         zabbix_zabbix-web-nginx-mysql_1
774cdef1c413        zabbix/zabbix-server-mysql:latest      "/bin/bash /run_zabb…"   22 seconds ago      Up 20 seconds       162/udp, 0.0.0.0:10051->10051/tcp   zabbix_zabbix-server_1
2089f645a34f        mysql:5.7                              "docker-entrypoint.s…"   23 seconds ago      Up 22 seconds       3306/tcp                            zabbix_mysql-server_1
9717d59f0d70        zabbix/zabbix-java-gateway:latest      "/bin/bash /run_zabb…"   23 seconds ago      Up 22 seconds       10052/tcp                           zabbix_zabbix-java-gateway_1
# 浏览器访问:http://10.0.0.101
# 管理员初始密码:Admin / zabbix

模拟异常:

# 先删除
[root@docker02-h-101 zabbix]# docker rm -f zabbix_zabbix-server_1
zabbix_zabbix-server_1

[root@docker02-h-101 zabbix]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS              PORTS                         NAMES
5e274626a917        zabbix/zabbix-web-nginx-mysql:latest   "/bin/bash /run_zabb…"   7 minutes ago       Up 7 minutes        0.0.0.0:80->80/tcp, 443/tcp   zabbix_zabbix-web-nginx-mysql_1
2089f645a34f        mysql:5.7                              "docker-entrypoint.s…"   7 minutes ago       Up 7 minutes        3306/tcp                      zabbix_mysql-server_1
9717d59f0d70        zabbix/zabbix-java-gateway:latest      "/bin/bash /run_zabb…"   7 minutes ago       Up 7 minutes        10052/tcp                     zabbix_zabbix-java-gateway_1

# 扩展
[root@docker02-h-101 zabbix]# docker-compose scale zabbix-server=1
WARNING: The scale command is deprecated. Use the up command with the --scale flag instead.
Creating zabbix_zabbix-server_1 ... done

[root@docker02-h-101 zabbix]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS              PORTS                               NAMES
5696cf6464b4        zabbix/zabbix-server-mysql:latest      "/bin/bash /run_zabb…"   2 seconds ago       Up 1 second         162/udp, 0.0.0.0:10051->10051/tcp   zabbix_zabbix-server_1
5e274626a917        zabbix/zabbix-web-nginx-mysql:latest   "/bin/bash /run_zabb…"   7 minutes ago       Up 7 minutes        0.0.0.0:80->80/tcp, 443/tcp         zabbix_zabbix-web-nginx-mysql_1
2089f645a34f        mysql:5.7                              "docker-entrypoint.s…"   8 minutes ago       Up 7 minutes        3306/tcp                            zabbix_mysql-server_1
9717d59f0d70        zabbix/zabbix-java-gateway:latest      "/bin/bash /run_zabb…"   8 minutes ago       Up 7 minutes        10052/tcp                           zabbix_zabbix-java-gateway_1

附加例子(未做实验):
wordpress
https://docs.docker.com/compose/wordpress/


16 docker网络

16.1 默认网络

  • host:使用宿主机的网络,性能最高 端口不能冲突
  • none:不使用网络
  • container:与其他容器共用网络,端口不能冲突。主要为k8s中使用
  • bridge:nat转换 172.17.0.0/16 默认

创建范例:

# host类型 #
[root@docker01-h-100 ~]# docker run -it --network=host alpine:3.9
/ # hostname 
docker01-h-100
/ # ifconfig
docker0   Link encap:Ethernet  HWaddr 02:42:60:6E:5A:7B  
          inet addr:172.17.0.1  Bcast:172.17.255.255  Mask:255.255.0.0


# none类型 #
[root@docker01-h-100 ~]# docker run -it --network=none alpine:3.9
/ # hostname 
b2102b8dfc24
/ # ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


# container类型 #
# 先在none类型的容器中偷偷离开(按键ctrl + p --> ctrl +q)
/ # [root@docker01-h-100 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                    NAMES
b2102b8dfc24        alpine:3.9          "/bin/sh"                4 minutes ago       Up 4 minutes                                        quizzical_austin
[root@docker01-h-100 ~]# docker run -it --network container:b2102b8dfc24 alpine:3.9
/ # hostname 
b2102b8dfc24
/ # ifconfig
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

查看容器自身拥有的网络种类

[root@docker02-h-101 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
2f57a0bb3dbe        bridge              bridge              local
70ee693800de        host                host                local
4972003e7886        none                null                local
963d985f5825        zabbix_default      bridge              local

查看容器的网络类型

[root@docker02-h-101 ~]# docker container ls -a
CONTAINER ID        IMAGE                                  COMMAND                  CREATED             STATUS              PORTS                               NAMES
5696cf6464b4        zabbix/zabbix-server-mysql:latest      "/bin/bash /run_zabb…"   8 hours ago         Up 13 minutes       162/udp, 0.0.0.0:10051->10051/tcp   zabbix_zabbix-server_1
5e274626a917        zabbix/zabbix-web-nginx-mysql:latest   "/bin/bash /run_zabb…"   8 hours ago         Up 13 minutes       0.0.0.0:80->80/tcp, 443/tcp         zabbix_zabbix-web-nginx-mysql_1
2089f645a34f        mysql:5.7                              "docker-entrypoint.s…"   8 hours ago         Up 13 minutes       3306/tcp                            zabbix_mysql-server_1
9717d59f0d70        zabbix/zabbix-java-gateway:latest      "/bin/bash /run_zabb…"   8 hours ago         Up 13 minutes       10052/tcp                           zabbix_zabbix-java-gateway_1
[root@docker02-h-101 ~]# docker container inspect 5696cf6464b4


16.2 自建网络

范例:
第一步:自建一个名字为 rock 的 bridge 类型网络
第二步:根据自建网络创建一个容器

# 网络
[root@docker01-h-100 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
06dd2d885ed6        bridge              bridge              local
48c7831e04c6        host                host                local
dd692489f056        none                null                local

[root@docker01-h-100 ~]# docker network create --subnet 172.18.0.0/16 --gateway=172.18.0.1 -d bridge rock
e76e59153b529c5f9aca607f78f97452247911619bd47380a791509085395d42

[root@docker01-h-100 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
06dd2d885ed6        bridge              bridge              local
48c7831e04c6        host                host                local
dd692489f056        none                null                local
e76e59153b52        rock                bridge              local

[root@docker01-h-100 ~]# ifconfig
br-e76e59153b52: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255
        inet6 fe80::42:c1ff:fe96:8452  prefixlen 64  scopeid 0x20<link>
        ether 02:42:c1:96:84:52  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


# 容器
[root@docker01-h-100 ~]# docker run -it --network rock alpine:3.9 
/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:12:00:02  
          inet addr:172.18.0.2  Bcast:172.18.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1172 (1.1 KiB)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

/ # ping www.baidu.com
PING www.baidu.com (180.101.49.12): 56 data bytes
64 bytes from 180.101.49.12: seq=0 ttl=127 time=13.613 ms
64 bytes from 180.101.49.12: seq=1 ttl=127 time=12.563 ms
^C
--- www.baidu.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 12.563/13.088/13.613 ms


16.3 跨宿主机网络容器之间的通信overlay类型

要点:

  • 宿主机 主机名不能相同
  • consul:kv类型的存储数据库(key:value)


103宿主机(consul服务端)

# 安装consul容器,它用来存储ip地址的分配
[root@docker03-h-102 docker_image]# pwd
/root/docker_image
[root@docker03-h-102 docker_image]# docker load -i docker_progrium_consul.tar.gz
[root@docker03-h-102 docker_image]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
progrium/consul     latest              09ea64205e55        4 years ago         69.4 MB

[root@docker03-h-102 docker_image]# docker run -d -p 8500:8500 -h consul --name consul progrium/consul -server -bootstrap
920687010b146669f931e7f3cabaff59bee0b32bab72e11c7d0907a7d8145461

[root@docker03-h-102 docker_image]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                                                                            NAMES
920687010b14        progrium/consul     "/bin/start -serve..."   About a minute ago   Up About a minute   53/tcp, 53/udp, 8300-8302/tcp, 8400/tcp, 8301-8302/udp, 0.0.0.0:8500->8500/tcp   consul

# 浏览器访问:http://10.0.0.102:8500


100宿主机

[root@docker01-h-100 ~]# vim /etc/docker/daemon.json

编辑/etc/docker/daemon.json

{
  # 下述两行为私有仓库相关
  "insecure-registries": ["10.0.0.100:5000"],
  "registry-mirrors": ["https://registry.docker-cn.com"],
  # 下述三行为容器间通讯
  "hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
  "cluster-store": "consul://10.0.0.102:8500",
  "cluster-advertise": "10.0.0.100:2376"
}
[root@docker01-h-100 ~]# vim /usr/lib/systemd/system/docker.service

编辑/usr/lib/systemd/system/docker.service

第十四行:ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock

重启服务

[root@docker01-h-100 ~]# systemctl daemon-reload
[root@docker01-h-100 ~]# systemctl restart docker

# 浏览器访问:http://10.0.0.102:8500,key/Value中的node节点


101宿主机

[root@docker02-h-101 ~]# vim /etc/docker/daemon.json

编辑/etc/docker/daemon.json

{
  "insecure-registries": ["10.0.0.100:5000"],
  "registry-mirrors": ["https://registry.docker-cn.com"],
  "hosts":["tcp://0.0.0.0:2376","unix:///var/run/docker.sock"],
  "cluster-store": "consul://10.0.0.102:8500",
  "cluster-advertise": "10.0.0.101:2376"
}
[root@docker02-h-101 ~]# vim /usr/lib/systemd/system/docker.service

编辑/usr/lib/systemd/system/docker.service

第十四行:ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock

重启服务

[root@docker02-h-101 ~]# systemctl daemon-reload
[root@docker02-h-101 ~]# systemctl restart docker


创建overlay网络
100宿主机

[root@docker01-h-100 ~]# docker network create -d overlay --subnet 172.16.2.0/24 --gateway 172.16.2.254 ol1
b34d929dbdbdc85b68ba4b1b304aeb068b0155326f5b7c738e6cebb2990f95a9
[root@docker01-h-100 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
40d98ade0a84        bridge              bridge              local
48c7831e04c6        host                host                local
dd692489f056        none                null                local
b34d929dbdbd        ol1                 overlay             global
e76e59153b52        rock                bridge              local

101宿主机(无需创建)

[root@docker02-h-101 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
d9816afa2ce8        bridge              bridge              local
70ee693800de        host                host                local
4972003e7886        none                null                local
b34d929dbdbd        ol1                 overlay             global
963d985f5825        zabbix_default      bridge              local

# 查看100的容器是否有registry
[root@docker02-h-101 ~]# docker -H 10.0.0.100:2376 ps -a|grep "registry"
cafb85d5bb90        registry            "/entrypoint.sh /etc…"   39 hours ago        Up 21 minutes               0.0.0.0:5000->5000/tcp   registry

# 查看自己的容器是否有registry
[root@docker02-h-101 ~]# docker ps -a|grep "registry"


启动容器测试
100容器

[root@docker01-h-100 ~]# docker run -it --network ol1 --name rock01 10.0.0.100:5000/alpine:3.8 /bin/sh

101容器

[root@docker02-h-101 ~]# docker run -it --network ol1 --name rock02 10.0.0.100:5000/alpine:3.8 /bin/sh

# 直接ping rock01
/ # ping rock01
PING rock01 (172.16.2.1): 56 data bytes
64 bytes from 172.16.2.1: seq=0 ttl=64 time=0.451 ms
64 bytes from 172.16.2.1: seq=1 ttl=64 time=0.471 ms
64 bytes from 172.16.2.1: seq=2 ttl=64 time=0.438 ms
^C
--- rock01 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.438/0.453/0.471 ms
/ # 

/ # ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:AC:10:02:02  
          inet addr:172.16.2.2  Bcast:172.16.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1450  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:728 (728.0 B)  TX bytes:728 (728.0 B)

eth1      Link encap:Ethernet  HWaddr 02:42:AC:13:00:02  
          inet addr:172.19.0.2  Bcast:172.19.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1136 (1.1 KiB)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:4 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:230 (230.0 B)  TX bytes:230 (230.0 B)

/ # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.19.0.1      0.0.0.0         UG    0      0        0 eth1
172.16.2.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
172.19.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth1

注意:每个容器有两块网卡,eth0实现容器间的通讯,eth1实现容器访问外网

100容器
创建容器能通过对外访问

[root@docker01-h-100 ~]# docker run -d --network ol1 --name kod -p 90:80 kod:v2
d28449a26cc3cce33d982085fb8a7f199e94ec582fefe833b322e5e642f38b73

17 Docker监控

node-expoter(监控linux宿主机)与cadvisor(监控容器)安装在100与101
prometheus与grafana安装在102

100与101宿主机

# 导入node-exporter与cadisor
[root@docker02-h-101 docker_image]# docker load -i docker_monitor_node.tar.gz
975e03895fb7: Loading layer [==================================================>]  4.688MB/4.688MB
f9fe8137e4e3: Loading layer [==================================================>]  2.765MB/2.765MB
78f40987f0cd: Loading layer [==================================================>]  16.88MB/16.88MB
Loaded image: quay.io/prometheus/node-exporter:latest
cd7100a72410: Loading layer [==================================================>]  4.403MB/4.403MB
9ea477e6d99e: Loading layer [==================================================>]  33.09MB/33.09MB
66b3c2e84199: Loading layer [==================================================>]  32.88MB/32.88MB
Loaded image: google/cadvisor:latest

# 启动node-exporter
[root@docker02-h-101 docker_image]# docker run -d -p 9100:9100 -v "/:/host:ro,rslave" --name=node_exporter quay.io/prometheus/node-exporter --path.rootfs /host
89744ae8ca95ff8a5922fe8bf76d5f986a80bc689c0daf24d2aa933a6e7907c9

# 启动cadvisor
[root@docker02-h-101 docker_image]# docker run --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw --volume=/sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=8080:8080 --detach=true --name=cadvisor google/cadvisor:latest
1d49ed343d74bfc3ac9bbc8090c9e41319a6cd856a6b7690342b57ed4ff066e2

102宿主机(安装prometheus)

[root@docker03-h-102 ~]# cd /opt/
[root@docker03-h-102 opt]# ls
prometheus-2.12.0.linux-amd64.tar.gz
[root@docker03-h-102 opt]# tar xf prometheus-2.12.0.linux-amd64.tar.gz
[root@docker03-h-102 opt]# cd prometheus-2.12.0.linux-amd64/
[root@docker03-h-102 prometheus-2.12.0.linux-amd64]# vim prometheus.yml

编辑prometheus.yml

scrape_configs:
  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.
  - job_name: 'prometheus'
    static_configs:
    - targets: ['localhost:9090']
  - job_name: 'cadvisor'
    static_configs:
    - targets: ['10.0.0.100:8080','10.0.0.101:8080']
  - job_name: 'node'
    static_configs:
    - targets: ['10.0.0.100:9100','10.0.0.101:9100']

启动prometheus

[root@docker03-h-102 prometheus-2.12.0.linux-amd64]# nohup ./prometheus --config.file="prometheus.yml" >> /dev/null 2>&1 &

# 浏览器访问:http://10.0.0.102:9090
查看status下的target

102宿主机(安装grafana)

[root@docker03-h-102 package]# yum localinstall grafana-6.3.3-1.x86_64.rpm -y
[root@docker03-h-102 package]# systemctl start grafana-server.service
[root@docker03-h-102 package]# systemctl enable grafana-server.service

[root@docker03-h-102 package]# ss -tnlp
State       Recv-Q Send-Q                                 Local Address:Port                                                Peer Address:Port              
LISTEN      0      128                                                *:22                                                             *:*                   users:(("sshd",pid=6999,fd=3))
LISTEN      0      128                                               :::8500                                                          :::*                   users:(("docker-proxy-cu",pid=7433,fd=4))
LISTEN      0      128                                               :::22                                                            :::*                   users:(("sshd",pid=6999,fd=4))
LISTEN      0      128                                               :::3000                                                          :::*                   users:(("grafana-server",pid=7858,fd=6))
LISTEN      0      128                                               :::9090                                                          :::*                   users:(("prometheus",pid=7705,fd=7))

# 浏览器访问:http://10.0.0.102:3000/login
账号 / 密码:admin / admin

Configuration - DataSource中新建一个数据源选择prometheus - IP:10.0.0.102:9090
create - import - 选择导入文件grafana_docker_dashboard.json - option内的Prometheus中选择Prometheus

grafana出图模板

grafana主要配置工作:

  • 插件:zabbix插件
  • 数据源:prometheus
  • 模板:出图dashboard
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 213,014评论 6 492
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,796评论 3 386
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 158,484评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,830评论 1 285
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,946评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 50,114评论 1 292
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,182评论 3 412
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,927评论 0 268
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,369评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,678评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,832评论 1 341
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,533评论 4 335
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,166评论 3 317
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,885评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,128评论 1 267
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,659评论 2 362
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,738评论 2 351

推荐阅读更多精彩内容

  • Docker 学习目标: 掌握Docker基础知识,能够理解Docker镜像与容器的概念 完成Docker安装与启...
    执笔梦一场阅读 3,207评论 2 10
  • 一、Docker学习笔记 撸一门技术,必先登其官网,扒其皮,喝其血 官网地址:https://docs.docke...
    Waldeinsamkeit4阅读 556评论 1 4
  • 原文地址:LoveDev Docker相对于传统意义上的虚拟机最大的区别就在于传统虚拟机是虚拟出一套硬件后,再在上...
    KevinLive阅读 3,744评论 3 7
  • 【版权声明】本博客转载自汤小洋 一、Docker简介 1. Docker是什么? ​ 产生背景: 开发和运维之...
    云未声阅读 450评论 0 7
  • 一、组员:骆鑫鹏 李乐鸥 二、组义:刻意练习,提升执行力,获得重生 三、鸡血视频: 1.永不言败 2.命运 3.鹰...
    Martindy阅读 189评论 0 0