Docker安装
- 安装环境
操作系统:Centos7.6
内核版本:3.10.0-957.21.2.el7.x86_64 - 安装步骤
- 配置国内阿里云docker仓库
[root@docker yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo- 查看当前支持的docker-ce版本
[root@docker yum.repos.d]# yum list docker-ce.x86_64 --showduplicates | sort -r * updates: mirrors.aliyun.com Loading mirror speeds from cached hostfile Loaded plugins: fastestmirror Installed Packages * extras: mirrors.aliyun.com docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.4-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable * base: mirrors.aliyun.com Available Packages [root@docker yum.repos.d]#- 安装docker-ce
[root@docker yum.repos.d]# yum -y install docker-ce 或者安装指定版本: [root@docker yum.repos.d]# yum -y install docker-ce-[VERSION]- 启动docker服务
[root@docker yum.repos.d]# systemctl start docker [root@docker yum.repos.d]# docker version Client: Version: 18.09.6 API version: 1.39 Go version: go1.10.8 Git commit: 481bc77156 Built: Sat May 4 02:34:58 2019 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.6 API version: 1.39 (minimum version 1.12) Go version: go1.10.8 Git commit: 481bc77 Built: Sat May 4 02:02:43 2019 OS/Arch: linux/amd64 Experimental: false [root@docker yum.repos.d]#- 配置镜像加速
[root@docker yum.repos.d]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://registry.docker-cn.com"] } [root@docker yum.repos.d]# systemctl restart docker
Dcoker常用操作:
- image常用操作
[root@docker ~]# docker image -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image COMMAND
Manage images
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
[root@docker ~]#
---------------------------
image 搜索
[root@docker ~]# docker search -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker search [OPTIONS] TERM
Search the Docker Hub for images
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print search using a Go template
--limit int Max number of search results (default 25)
--no-trunc Don't truncate output
[root@docker ~]#
示例:
[root@docker ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5413 [OK]
ansible/centos7-ansible Ansible on Centos7 121 [OK]
jdeathe/centos-ssh CentOS-6 6.10 x86_64 / CentOS-7 7.5.1804 x86… 110 [OK]
......
-------------------------------------
image 拉取
[root@docker ~]# docker image pull -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image pull [OPTIONS] NAME[:TAG|@DIGEST]
Pull an image or a repository from a registry
Options:
-a, --all-tags Download all tagged images in the repository
--disable-content-trust Skip image verification (default true)
[root@docker ~]#
示例:
[root@docker ~]# docker image pull centos:7
7: Pulling from library/centos
8ba884070f61: Pull complete
Digest: sha256:b5e66c4651870a1ad435cd75922fe2cb943c9e973a9673822d1414824a1d0475
Status: Downloaded newer image for centos:7
[root@docker ~]#
---------------------------------------
image 查看
[root@docker ~]# docker image ls -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image ls [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
ls, images, list
Options:
-a, --all Show all images (default hides intermediate images)
--digests Show digests
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print images using a Go template
--no-trunc Don't truncate output
-q, --quiet Only show numeric IDs
[root@docker ~]#
示例:
查看本机所有image
[root@docker ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
peaoguo/httpd v1.4 0006d47dbdd2 14 hours ago 1.22MB
peaoguoxu/httpd v1.4 0006d47dbdd2 14 hours ago 1.22MB
registry.cn-shenzhen.aliyuncs.com/peaoguo/httpd v1.4 0006d47dbdd2 14 hours ago 1.22MB
peaoguoxu/httpd v1.3 5c21014478e0 15 hours ago 1.22MB
peaoguoxu/httpd v1.1 f53dd9bef551 15 hours ago 1.22MB
peaoguoxu/httpd v1.0 f24b9507007f 15 hours ago 1.22MB
busybox latest e4db68de4ff2 5 days ago 1.22MB
nginx latest 719cd2e3ed04 9 days ago 109MB
centos 7 9f38484d220f 3 months ago 202MB
peaoguoxu/hello-dockerfile latest 05cf5fffb28c 8 months ago 1.15MB
nginx 1.12.2 4037a5562b03 13 months ago 108MB
查看当前主机指定image
[root@docker ~]# docker image ls centos
REPOSITORY TAG IMAGE ID CREATED SIZE
centos 7 9f38484d220f 3 months ago 202MB
[root@docker ~]#
-------------------------------------------
image 删除
[root@docker ~]# docker image rm -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image rm [OPTIONS] IMAGE [IMAGE...]
Remove one or more images
Aliases:
rm, rmi, remove
Options:
-f, --force Force removal of the image
--no-prune Don't delete untagged parents
[root@docker ~]#
示例:[root@docker ~]# docker image rm nginx:1.12.2
Untagged: nginx:1.12.2
Untagged: nginx@sha256:72daaf46f11cc753c4eab981cbf869919bd1fee3d2170a2adeac12400f494728
Deleted: sha256:4037a5562b030fd80ec889bb885405587a52cfef898ffb7402649005dfda75ff
Deleted: sha256:8b8d76e24d92203bae8c1184f5c94f607c92e87ff5f836780f0d1301e4073111
Deleted: sha256:19f98a1ae65cc06a1f35e86ff4a7894c7f8fab2313a35503166233d470ff3752
Deleted: sha256:d626a8ad97a1f9c1f2c4db3814751ada64f60aed927764a3f994fcd88363b659
注意在删除前确保当前镜像没有container使用,否则会报错。
--------------------------------------------
image 打标
[root@docker ~]# docker image tag -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
[root@docker ~]#
示例:
[root@docker ~]# docker image tag centos:7 registry.cn-shenzhen.aliyuncs.com/peaoguo/centos:7
---------------------------------------------
image 打包
[root@docker ~]# docker image save -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image save [OPTIONS] IMAGE [IMAGE...]
Save one or more images to a tar archive (streamed to STDOUT by default)
Options:
-o, --output string Write to a file, instead of STDOUT
示例:
[root@docker ~]# docker image save -o mydockers.tar.gz peaoguo/httpd:v1.4 busybox:latest
mydockers.tar.gz
[root@docker ~]#
---------------------------------------
image 加载
[root@docker ~]# docker image load -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image load [OPTIONS]
Load an image from a tar archive or STDIN
Options:
-i, --input string Read from tar archive file, instead of STDIN
-q, --quiet Suppress the load output
[root@docker ~]#
示例:
[root@docker ~]# docker image load -i mydockers.tar.gz
Loaded image: peaoguo/httpd:v1.4
Loaded image: busybox:latest
[root@docker ~]#
image 制作
network常用配置
自定义docker0 bridge网络属性:/etc/docker/daemon.json文件
{
"bip": "192.168.0.0/16",
"default-gateway": "192.168.1.1",
"dns": ["114.114.114.114","8.8.8.8"],
"hosts":["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"]
}
注意:如果添加hosts参数时 确保docker.service 文件中
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
-H fd:// 参数去掉
添加桥接网络
[root@docker0 ~]# docker network create --subnet "192.168.0.1/24" --gateway "192.168.0.1" mybridge
创建一个只有回环地址的容器
[root@docker0 ~]# docker container run -it --network none --rm --name b1 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
/ #
创建一个共享主机地址的容器
[root@docker0 ~]# docker container run -it --network host --rm --name b1 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
link/ether 00:50:56:8f:7a:01 brd ff:ff:ff:ff:ff:ff
inet 10.193.116.90/24 brd 10.193.116.255 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::78dc:454e:948:7be1/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 02:42:e6:aa:0e:0f brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e6ff:feaa:e0f/64 scope link
valid_lft forever preferred_lft forever
26: docker1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
link/ether 02:42:ce:df:a4:60 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/24 brd 192.168.0.255 scope global docker1
valid_lft forever preferred_lft forever
/ #
创建两个容器共享一个网络命名空间
[root@docker1 ~]# docker container run -it --network docker1 --name b1 --rm busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:00:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/16 brd 192.168.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
[root@docker1 docker]# docker container run -it --network container:b1 --rm --name b2 busybox
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue
link/ether 02:42:c0:a8:00:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/16 brd 192.168.255.255 scope global eth0
valid_lft forever preferred_lft forever
/ #
- 通过Dockerfile创建镜像
有时候官方提供的docker镜像,不适合我们的应用,这时就需要进行镜像的制作,以下主要通过官方进行镜像修改来创建自己的docker镜像,并搭建LNMP实现WordPress
- nginx镜像制作
Dockerfile文件
FROM centos
LABEL maintainer="peaguo <mail@peaoguo.com>" app="nginx"
ADD epel.repo /etc/yum.repos.d/
RUN yum -y install nginx && yum clean all
ADD server.conf /etc/nginx/conf.d/
EXPOSE 80
CMD ["nginx","-g","daemon off;"]
vim server.conf
server {
listen 80;
server_name www.mywp.com;
location / {
root /data/www;
index index.php index.html index.htm;
}
location ~ \.php$ {
root /data/www;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
- php镜像制作
Dockerfile文件
FROM centos
LABEL maintainer="peaguo <mail@peaoguo.com>" app="php-fpm"
ADD epel.repo /etc/yum.repos.d/
RUN yum -y install php-fpm php-mysql && yum clean all
EXPOSE 9000
CMD ["php-fpm"]
- mariadb镜制作
FROM centos
LABEL maintainer="peaguo <mail@peaoguo.com>" app="mariadb"
ADD epel.repo /etc/yum.repos.d/
RUN yum -y install mariadb-server && yum clean all
ENV MARIADB_USER root
ENV MARIADB_PASS 123456
##让容器支持中文
ENV LC_ALL en_US.UTF-8
##初始化数据库
ADD db_init.sh /root/db_init.sh
RUN chmod 775 /root/db_init.sh
RUN /root/db_init.sh
EXPOSE 3306
ADD run.sh /root/run.sh
RUN chmod 775 /root/run.sh
CMD ["/root/run.sh"]
vim db_init.sh
#!/bin/bash
#
mysql_install_db --user=mysql
sleep 3
mysqld_safe &
sleep 3
mysql -e "use mysql; grant all privileges on *.* to '$MARIADB_USER'@'%' identified by '$MARIADB_PASS' with grant option;"
h=$(hostname)
mysql -e "use mysql; update user set password=password('$MARIADB_PASS') where user='$MARIADB_USER' and host='$h';"
mysql -e "flush privileges;"
vim run.sh
#!/bin/bash
mysqld_safe
使用这个脚本制作的镜像有个问题是无法外挂磁盘,后续带改进
我们这里直接可以使用官方的 mairadb镜像
- 手动运行容器:
运行容器顺序一般是先启用mariadb,然后启用php,最后启用nginx,但是这里我们将三个容器使用nginx容器的网络命名空间,这里先启动nginx容器。
1、运行web服务
[root@docker1 ~]# docker container run -it --name myweb --hostname www.mywp.com -v /data/web/wordpress/:/data/www -p 80:80 --rm centos-nginx:v0.3
2、运行php容器
[root@docker1 ~]# docker container run -it --name myphp --rm --network container:myweb -v /data/web/wordpress/:/data/www/ centos-php:v0.1
3、运行mariadb容器,这里使用官方容器
[root@docker1 ~]# docker container run -it --name mysql --network container:myweb -e MYSQL_ALLOW_EMPTY_PASSWORD=yes -v /data/mysql/:/var/lib/mysql/ --rm mariadb:latest
* 访问WordPress
1、首先在解压 WordPress程序文件至docker主机/data/web/wordpress文件中
2、docker主机dns能正常访问www.mywp.com域名,可以编辑hosts文件实现
- 创建docker-compose文件
[root@docker1 ~]# vim lnmp.yml
version: '3.3'
services:
nginx:
image: centos-nginx:v0.3
ports:
- "80:80"
expose:
- "80"
volumes:
- /data/web/wordpress:/data/www/
php:
image: centos-php:v0.1
volumes:
- /data/web/wordpress:/data/www/
depends_on:
- nginx
network_mode: "service:nginx"
mysql:
image: mariadb
volumes:
- /data/mysql:/var/lib/mysql/
environment:
- MYSQL_ALLOW_EMPTY_PASSWORD=yes
depends_on:
- nginx
network_mode: "service:nginx"
- 运行和停止
运行
[root@docker1 ~]# docker-compose -f lnmp.yml up -d
Starting root_nginx_1 ... done
Starting root_mysql_1 ... done
Starting root_php_1 ... done
[root@docker1 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8290afdd99e5 mariadb "docker-entrypoint.s…" 7 minutes ago Up 21 seconds root_mysql_1
5de54f8cb243 centos-php:v0.1 "php-fpm" 7 minutes ago Up 21 seconds root_php_1
3084b02c0d5c centos-nginx:v0.3 "nginx -g 'daemon of…" 7 minutes ago Up 21 seconds 0.0.0.0:80->80/tcp root_nginx_1
[root@docker1 ~]#
停止
[root@docker1 ~]# docker-compose -f lnmp.yml stop
Stopping root_mysql_1 ... done
Stopping root_php_1 ... done
Stopping root_nginx_1 ... done
[root@docker1 ~]#
