容器技术 Docker 应用
1. Dockerfile # 1 年内 肯定生产上会使用 90%
FROM alpine # 构建自己镜像的一基础镜像
LABEL key1=value1 # 给镜像添加元数据信息的
ADD src dist # 把宿主机的文件,复制到镜像中,并且支持直接解压
COPY src dist 通上,但是不支持自动解压,官方推荐
WORKDIR dir # 指定了再构建镜像的时候的工作目录(切换执行命令时的当前目录)
USER user_name # 是指定了在构建镜像过程中执行指令的用户,用户必须存在
HEALTHCHECK test CMD 健康检查的 shell 命令 # 用于检查容器内部服务是否健康
ONBUILD COPY . / # 当其他镜像以 此镜像作为基础镜像时,所要执行的命令
ENTRYPOINT /docker-entrypoint.sh # 执行运行容器时候的默认命令,
# 不会被覆盖掉
CMD # 执行运行容器时候的默认命令或者参数,会被运行容器时候的命令覆盖掉
# ENTRYPOINT CMD
2. docker compose 生产上使用率 40%
docker-compose 单机容器编排工具,不能跨主机
k8s 多机集群的容器编排工具,可以跨主机
docker-compose.yml
属性:
version: "3" # 版本号,不用的版本支持不同的属性
services:
redis: # 声明的服务名,本质上是一个容器
image: redis:alpine
# build: ./dir # 指定了构建镜像的 Dockerfile 目录所在的位置
ports:
- "6379:6379" # 宿主机端口:容器端口
command: redis-server # 执行的默认命令,一般不需要
environment:
key1: value1
KEY2: value2
healthcheck:
test: CMD redis-cli ping && echo 0 || echo 1
interval: 3s
timeout: 4s
retries: 3
networks:
- net1
- net2
networks:
net1:
net2:
一、顶级 Volumes
映射本地目录到容器目录下
1.配置
[root@Docker ~]# mkdir volumes
[root@Docker ~]# cd volumes/
[root@Docker volumes]# vim docker-compose.yml
[root@Docker volumes]# cat docker-compose.yml
version: "3.8"
services:
web1:
image: nginx
volumes:
- type: bind # bind volume tmpfile
source: /root/volumes/nginx/index.html
target: /usr/share/nginx/html/index.html
- type: bind
source: ./nginx/conf/default.conf
target: /etc/nginx/conf.d/default.conf
[root@Docker volumes]# mkdir -p nginx/conf
[root@Docker volumes]# vim nginx/index.html
[root@Docker volumes]# cat nginx/index.html
Hello Neko
[root@Docker volumes]# ls
docker-compose.yml nginx
[root@Docker volumes]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
78a5ad12a07d nginx "/docker-entrypoint.…" 2 days ago Exited (0) 2 days ago healthcheck_web1_1
[root@Docker volumes]# docker start 78a5ad12a07d
78a5ad12a07d
[root@Docker volumes]# docker cp 78a5ad12a07d:/etc/nginx/conf.d/default.conf .
[root@Docker volumes]# mv default.conf nginx/conf/
[root@Docker volumes]# vim nginx/conf/default.conf
server {
listen 8000;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
...
2.启动
[root@Docker volumes]# docker-compose up -d
Creating volumes_web1_1 ... done
[root@Docker volumes]# docker-compose ps
Name Command State Ports
----------------------------------------------------------------
volumes_web1_1 /docker-entrypoint.sh ngin ... Up 80/tcp
[root@Docker volumes]# docker-compose exec web1 bash
root@146364e0c842:/# curl 127.0.0.1:8000
Hello Neko
二、数据卷 挂载
1.配置
[root@Docker volumes]# docker-compose down -v
Stopping volumes_web1_1 ... done
Removing 0087e4120800_volumes_db_1 ... done
Removing volumes_web1_1 ... done
Removing network volumes_default
Removing volume volumes_mysql-data
[root@Docker volumes]# vim docker-compose.yml
[root@Docker volumes]# cat docker-compose.yml
version: "3.8"
services:
web1:
image: nginx
volumes:
- type: bind # bind volume tmpfile
source: /root/volumes/nginx/index.html
target: /usr/share/nignx/html/index.html
- type: bind
source: ./nginx/conf/default.conf
target: /etc/nginx/conf.d/default.conf
db:
image: mysql
environment:
MYSQL_ROOT_PASSWORD: Neko@123
volumes:
- type: volume
source: mysql-data # 只写定义过的数据卷名称
target: /var/lib/mysql/
volumes:
# 和定义networks 一样的格式,必须是字典格式
mysql-data:
2.启动
[root@Docker volumes]# docker-compose up -d
Creating network "volumes_default" with the default driver
Creating volume "volumes_mysql-data" with default driver
Creating volumes_web1_1 ... done
Creating volumes_db_1 ... done
[root@Docker volumes]# docker-compose ps
Name Command State Ports
-----------------------------------------------------------------------------
volumes_db_1 docker-entrypoint.sh mysqld Up 3306/tcp, 33060/tcp
volumes_web1_1 /docker-entrypoint.sh ngin ... Up 80/tcp
[root@Docker volumes]# docker volume ls
DRIVER VOLUME NAME
local 3fbd8f6afdcec11c486019c513121b26ed42334caf0b0e3c762a8bc6c0d88770
local 11d025419296b8ccaeae67385113b46b9230edbb1fb8624b0134b7b22017be6f
local 76b78a5277539b9ada1f16033975cb7a0d8829cef541b1ff5b2ad314f34b9ce8
local 82f4291404beeef9e51e9cb7e3605d2771777a4cedf5cf17b6d06513bd66be83
local 900449a326af023045ef9fa89e3dd6874ca7bf464f6ed0b69862a84938f75ef4
local aca694cb2beebfbc9af251586277f1bc69c378aa0d399e7af5047873b39eba0b
local d79295e6910700a3fc4bd99137d3f57a5c13dfe27e0a819a312651cb8d1ff58d
local mysql-data
local neko_vol
local volumes_mysql-data
三、系统限制 sysctls
1.配置
[root@Docker ~]# mkdir sysctls-ulimits
[root@Docker ~]# cd sysctls-ulimits/
[root@Docker sysctls-ulimits]# vim docker-compose.yml
[root@Docker sysctls-ulimits]# cat docker-compose.yml
version: "3.8"
services:
web1:
image: centos
stdin_open: true
tty: true
sysctls: # 凡是之前通过 sysctl -w 设置的参数都可以在此设置
net.core.somaxconn: 1024
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
2.启动
[root@Docker sysctls-ulimits]# docker-compose up -d
Creating network "sysctls-ulimits_default" with the default driver
Creating sysctls-ulimits_web1_1 ... done
[root@Docker sysctls-ulimits]# docker-compose ps
Name Command State Ports
--------------------------------------------------
sysctls-ulimits_web1_1 /bin/bash Up
[root@Docker sysctls-ulimits]# docker-compose exec web1 bash
[root@a59d34556450 /]# ulimit -a
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 11216
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 20000
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 65535
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited