Docker介绍
官网 www.docker.com
github https://github.com/docker/docker.github.io
开源的容器引擎,可以让开发者打包应用以及依赖的库,然后发布到任何流行的linux发行版上,移植很方便
由go语言编写,基于apache2.0协议发布
基于linux kernel,要想在win下运行需要借助一个vm(虚拟机)来实现
自2013年开始,近些年发展迅猛
docker从1.13x开始,版本分为社区版ce和企业版ee,并且基于年月的时间线形式,当前最新稳定版为17.09 参考
http://blog.csdn.net/chenhaifeng2016/article/details/68062414
docker和传统的虚拟化比较
docker核心概念:
镜像,是一个只读的模板,类似于安装系统用到的那个iso文件,我们通过镜像来完成各种应用的部署。
容器,镜像类似于操作系统,而容器类似于虚拟机本身。它可以被启动、开始、停止、删除等操作,每个容器都是相互隔离的。
仓库,存放镜像的一个场所,仓库分为公开仓库和私有仓库。 最大的公开仓库是Docker hub(hub.docker.com),国内公开仓库(dockerpool.com)
安装docker
先下载一个repo的yum源:
[root@shuai-01 ~]# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker.repo
不下载yum源也可以用本地的yum安装,只不过会版本比较老。
安装docker:
[root@shuai-01 ~]# yum install -y docker-ce
启动docker:
[root@shuai-01 ~]# systemctl start docker
[root@shuai-01 ~]# ps aux |grep docker
root 3168 4.6 5.0 592564 50040 ? Ssl 12:53 0:00 /usr/bin/dockerd
root 3174 1.6 2.7 317248 27720 ? Ssl 12:53 0:00 docke-containerd --config /var/run/docker/containerd/containerd.toml
root 3316 0.0 0.0 112680 976 pts/0 R+ 12:53 0:00 grep --color=auto docker
docker会在启动时候自动添加一些iptables规则,最好将iptables规则保存起来。而且,作为docker服务器,一般不要动这台机器上的iptables规则。一旦弄疵了规则,docker服务就要重启,重启完服务还得重启容器。
镜像管理
docker下载一个centos镜像:
[root@shuai-01 ~]# docker pull centos
这个是在docker官方下载的镜像。在国外,可能下载速度回比较慢。可以通过配置docker加速器加快下载速度。
配置docker加速器:
[root@shuai-01 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://dhq9bx4f.mirror.aliyuncs.com"]
}
这个URL是加速器地址,可以到阿里云申请。
配置完成之后。从起docker服务,下载镜像就会快些。
查看镜像:
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
名字 , 标签 , 唯一标识 ,创建时间 ,大小
搜索一下镜像:
[root@shuai-01 ~]# docker search jumpserver
这个就可以根据你得需要,去选择下载镜像。
给镜像打标签:
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
[root@shuai-01 ~]# docker tag centos shuailinux_centos
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
shuailinux_centos latest 5182e96772bf 2 months ago 200MB
[root@shuai-01 ~]# docker tag centos tset:111
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
shuailinux_centos latest 5182e96772bf 2 months ago 200MB
tset 111 5182e96772bf 2 months ago 200MB
centos latest 5182e96772bf 2 months ago 200MB
把镜像启动成容器:
[root@shuai-01 ~]# docker run -itd centos
cf4d1603dde4724819fda9a54eaacc96ae2702dcb0aec61e8a05f0e804d18095
-i : 让容器的标准输入打开 -t : 分配一个伪终端 -d : 标识后台启动
查看运行的容器,-a : 查看所有容器
[root@shuai-01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cf4d1603dde4 centos "/bin/bash" 12 seconds ago Up 4 seconds gracious_lalande
删除指定镜像:
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
shuailinux_centos latest 5182e96772bf 2 months ago 200MB
tset 111 5182e96772bf 2 months ago 200MB
[root@shuai-01 ~]# docker rmi tset
Error: No such image: tset
[root@shuai-01 ~]# docker rmi tset:111
Untagged: tset:111
[root@shuai-01 ~]# docker rmi shuailinux_centos
Untagged: shuailinux_centos:latest
通过容器创建镜像
进入到一个启动的容器里:
[root@shuai-01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cf4d1603dde4 centos "/bin/bash" 6 hours ago Up 6 hours gracious_lalande
[root@shuai-01 ~]# docker exec -it cf4d16 bash
[root@cf4d1603dde4 /]# ls
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
在容器里面,也是可以运行一些命令,还可以使用yum.
[root@cf4d1603dde4 /]# ifconfig
bash: ifconfig: command not found
[root@cf4d1603dde4 /]# ip add
bash: ip: command not found
[root@cf4d1603dde4 /]# yum install -y net-tools
这个IP是docker自己搞得IP
[root@cf4d1603dde4 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 5529 bytes 13443112 (12.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3683 bytes 202645 (197.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
你在本机系统里查看网卡会有docker专用的网卡。
[root@shuai-01 ~]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:1ff:fe28:f453 prefixlen 64 scopeid 0x20<link>
ether 02:42:01:28:f4:53 txqueuelen 0 (Ethernet)
RX packets 3683 bytes 151083 (147.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5521 bytes 13442464 (12.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth0b66efc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::4097:2fff:fe59:66d7 prefixlen 64 scopeid 0x20<link>
ether 42:97:2f:59:66:d7 txqueuelen 0 (Ethernet)
RX packets 3683 bytes 202645 (197.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5529 bytes 13443112 (12.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
把容器创建成镜像:
docker commit -m “change somth” -a “somebody info” container_id new_image_name //container_id通过docker ps -a获取,后面的new_image_name为新镜像名字
例如: docker commit -m “install net-tools” -a “Aming” 2c74d574293f centos_with_nettool 这个命令有点像svn的提交,-m 加一些改动信息,-a 指定作者相关信息 2c74d这一串为容器id,再后面为新镜像的名字
[root@shuai-01 ~]# docker commit -m "install net-tools" -a "shuai" cf4d1603dde4 centos-with-net
sha256:cea798f6bbf6f28ed79d4eef50ee18cdde1a6e9aad7ed03931b8c644d8b37393
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-with-net latest cea798f6bbf6 11 seconds ago 299MB
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
将新建的镜像运行起来:可以直接运行ifconfig命令
[root@shuai-01 ~]# docker run -itd centos-with-net bash
8749952da5172bf1bb3e72e577b501b45bd377311a874c95c12f3718b8909f1a
[root@shuai-01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8749952da517 centos-with-net "/bin/bash" 14 seconds ago Up 7 seconds cranky_swartz
cf4d1603dde4 centos "/bin/bash" 7 hours ago Up 7 hours gracious_lalande
[root@shuai-01 ~]# docker exec -it 8749952da517 bash
[root@8749952da517 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker使用模板创建镜像
先下载一个模板:
[root@shuai-01 ~]# wget https://download.openvz.org/template/precreated/centos-6-x86-minimal.tar.gz
把模板导成镜像文件:
[root@shuai-01 ~]# cat centos-6-x86-minimal.tar.gz |docker import - centos6
sha256:64326114b1eff608e49f436acd1a4058478b6ebbd5c222368e26bc6352228b87
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6 latest 64326114b1ef 18 seconds ago 512MB
centos-with-net latest cea798f6bbf6 About an hour ago 299MB
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
启动制作的镜像:
[root@shuai-01 ~]# docker run -itd centos6 bash
0850110acb986d32e365206446e133c4a94d1f00ee2e3926d5ef9a9578b8e646
[root@shuai-01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0850110acb98 centos6 "bash" 17 seconds ago Up 10 seconds compassionate_cori
8749952da517 centos-with-net "/bin/bash" About an hour ago Up About an hour cranky_swartz
cf4d1603dde4 centos "/bin/bash" 8 hours ago Up 8 hours gracious_lalande
[root@shuai-01 ~]# docker exec -it 0850110acb98 bash
把镜像导出来为一个文件:
[root@shuai-01 ~]# docker save -o centos7_with_nettools.tar centos-with-net
[root@shuai-01 ~]# du -sh centos7_with_nettools.tar
294M centos7_with_nettools.tar
用文件恢复镜像:
删掉镜像前要先停掉容器
[root@shuai-01 ~]# docker rm -f 8749952da517
8749952da517
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6 latest 64326114b1ef 14 minutes ago 512MB
centos-with-net latest cea798f6bbf6 About an hour ago 299MB
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
[root@shuai-01 ~]# docker rmi cea798f6bbf6
Untagged: centos-with-net:latest
Deleted: sha256:cea798f6bbf6f28ed79d4eef50ee18cdde1a6e9aad7ed03931b8c644d8b37393
Deleted: sha256:fabc68085404013af1f36dc08e6449d536557206ff47fc4e1565c4702d3659d9
从保存文件中导入镜像:
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6 latest 64326114b1ef 14 minutes ago 512MB
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
[root@shuai-01 ~]# docker load < centos7_with_nettools.tar
c9e25e335de2: Loading layer 99.07MB/99.07MB
Loaded image: centos-with-net:latest
[root@shuai-01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos6 latest 64326114b1ef 16 minutes ago 512MB
centos-with-net latest cea798f6bbf6 About an hour ago 299MB
ubuntu latest cd6d8154f1e1 4 weeks ago 84.1MB
centos latest 5182e96772bf 2 months ago 200MB
docker push image_name //可以把自己的镜像传到dockerhub官方网站上去,但前提是需要先注册一个用户