1. Introduction to docker-compose
docker-compose
As dokcer
an official orchestration tool, it allows users to quickly create and manage docker
container-based application clusters by writing a simple template file . Achieve docker
rapid orchestration of container clusters. We know that Dockerfile
template files allow users to easily define a separate application container. However, in daily work, we often encounter situations that require multiple containers to cooperate with each other to complete a certain task. For example, to implement a web project, in addition to the web
server container itself, it is often necessary to add a back-end database service container, and even include a load balancing container.
And Compose can meet such needs, it allows users to define a set of related application containers as a project through a separate docker-compose.yml
template file )YAML格式
project
There are 2 important concepts in Compose:
1) Service service: An application container can actually contain several container instances running the same image.
2) Project: a completed business unit composed of a group of associated application containers, defined in the docker-compose.yml file.
2. docker-compose installation
Download Docker-compose binary file and add execute permission
[root@docker ~]# wget https://github.com/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m`- O /usr/local/bin/docker-compose
[root@docker ~]# chmod +x /usr/local/bin/docker-compose
[root@docker ~]# docker-compose --version
docker-compose version
docker-compose version 1.23.2, build 1110ad01
docker-py version: 3.6.0
CPython version: 3.6.7
OpenSSL version: OpenSSL 1.1.0f 25 May 2017
3. Compose command
For Compose
most of the commands, the object can be either the project itself or the service or container in the project. If there is no special explanation, the command object will be the project, which means that all services in the project will be affected by the command. docker-compose
The basic format of the command is as follows:
Usage:
docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...]
docker-compose -h|--help
Options:
-f, --file FILE 指定使用的Compose模板文件,默认为docker-compose.yml,可多次指定;
-p, --project-name NAME 指定项目名称,默认将使用所在目录名称作为项目名 ;
--verbose 输出更多调试信息;
-v, --version 打印版本信息;
Commands:
build 构建项目中的服务容器
help 获得一个命令的帮助
images 列出所有镜像
kill 通过发送SIGKILL信号来强制停止服务容器
logs 查看服务器容器的输出
pause 暂停一个服务容器
port 打印某个容器的端口所映射的公共端口
ps 列出项目中目前的所有容器
pull 拉取服务依赖的镜像
push 推送服务依赖的镜像
restart 重启项目中的服务
rm 删除所有的服务器容器(停止状态中的)
run 在指定服务上执行一个命令
scale 设置指定服务运行的容器个数
start 启动已经存在的服务容器
stop 停止已经处于运行状态的容器,但不删除它
top 展示运行的进程
unpause 恢复处于暂停状态中的服务
up 自动完成包括构建镜像、创建服务、启动服务并关联服务相关容器的一系列操作
version 打印docker-compose的版本信息
4. Compose template file
The template file is Compose
the core of the use , and there are many design keyword keywords. The default template file name is docker-compose.yml
and the format is YAML
format. Examples:
version: "2"
service:
webapp:
image: examplses/web
ports:
- "80:80"
volumes:
- "/data"
Note that each service must automatically build and generate an image by image
specifying the image or build
command required Dockerfile
). If the build
instruction is used , Dockerfile
the options set in (for example: CMD、EXPOSE、VOLUME、ENV
etc.) will be automatically obtained without docker-compose.yml
setting again in. The following are the main instructions and functions of the template:
1) build instruction
Dockerfile
The path of the specified folder can be absolute path, or relative docker-compose.yml
file path. ) Compose
Will use it to automatically build this image, and then use this image:
build: /path/to/build/dir
2)cap_add,cap_drop
Specifies the kernel capabilities of the container capacity
) allocation. For example, letting the container have all the capabilities can be specified as:
cap_add:
- ALL
The NET_ADMIN
ability to remove can be specified as:
cap_drop:
- NET_ADMIN
3)command
Override the default command executed after the container starts:
command: echo "hello world"
4)cgroup_parent
Specifying the parent cgroup group means that the resource limits of the group will be inherited. For example, a cgroup
group is created as cgroups_1
:
cgroup_parent: cgroups_1
5)container_name
Specify the container name. By default, the format "Project Name_Service Name_Serial Number" will be used. E.g:
container_name: docker-web-container
指定容器名称后,该服务将无法进行扩展,因为Docker不允许多个容器具有相同的名称。
6)devices
Specify the device mapping relationship, for example:
devices:
- "/dev/ttyUSB1:/dev/ttyUSB0"
7)dns
Custom DNS server. It can be a value or a list, for example:
dns: 8.8.8.8
dns:
- 8.8.8.8
- 114.114.114.114
8)dns_search
Configure the DNS search domain. It can be a value or a list, for example:
dns_search: example.com
dns_search:
- domain1.example.com
- domain2.example.com
9)dockerfile
If necessary, specify the additional Dockerfile file of the compiled image, which can be specified by this instruction, for example:
this instruction cannot be used with image, otherwise Compose does not know which instruction to generate the final service image.
dockerfile: Dockerfile-alternate
10)env_file
Get the environment variables from the file, which can be a separate file path or list.
If the Compose template file is specified by docker-compose -f FILE, the path of the variable in env_file will be based on the path of the template file. If there is a conflict between the name of the variable and the environment directive, the convention will prevail and the latter shall prevail:
env_file: .env
env_file:
- ./common.env
- ./apps/web.env
- ./opt/secrets.env
环境变量文件中每一行都必须符合格式,支持#开头的注释行:
11)environment
Set environment variables, you can use array or dictionary format. A variable with only a given name will automatically obtain the value of the corresponding variable on the host running Compose, which can be used to prevent the disclosure of unnecessary data. E.g:
environment:
RACK_ENV: development
SESSION_SECRET
或者:
environment:
- RACK_ENV=development
- SESSION_SECRET
12)expose
The port is exposed, but not mapped to the host machine, and only allowed to be accessed by the linked service. Only internal ports can be specified as parameters, as follows:
expose:
- "3000"
- "8000"
13)extends
Expand based on other template files. For example, we already have a webapp service and define a basic template file as common.yml, as shown below:
# common.yml
webapp:
build: ./webapp
environment:
- DEBUG=false
- SEND_EMAILS=false
Write a new development.yml file and use the webapp service in common.yml to expand:
#development.yml
web:
extends:
file: common.yml
service: webapp
ports:
- "8000:8000"
links:
- db
environment:
- DEBUG=true
db:
image: postgres
development.yml will automatically inherit the webapp service and environment variable definitions in common.yml. Pay attention to the following points when using extends:
1. Avoid circular dependencies, such as A depends on B, B depends on C, and C depends on A
2. extends does not inherit the container and data volume resources defined in links and volume_from.
Under normal circumstances, it is recommended to define only some mirror and environment variables that can be shared in the basic template, and specify application variables, links, data volumes, and other information in the extended template.
14)external_links
Link to external containers in docker-compose.yml, or even external containers not managed by Compose. Parameter format is similar to links
external_links:
- redis_1
- project_db_1:mysql
- project_db_1:postgresql
15)extra_hosts
Similar to the –add-host parameter in Docker, specify additional host name mapping information, for example:
extra_hosts:
- "googledns:8.8.8.8"
- "dockerhub:52.1.157.61"
会在启动后的服务容器中/etc/hosts文件中添加以下2个条目:
8.8.8.8 googledns
52.1.157.61 dockerhub
16)image
Specify the image name or image ID. If the image does not exist locally, Compose will try to pull the image.
image: centos
image: nginx
17)labels
Add Docker metadata information to the container. For example, you can add auxiliary information to the container:
labels:
com.startupteam.description: "webapp for a startup team"
com.startupteam.department: "devops department"
com,startupteam.release: "rc3 for v1.0"
18)links
Link to containers in other services. Use the service name as an alias), or "service name: service alias" such as SERVICE: ALIAS), such a format is acceptable, for example:
links:
- db
- db:database
- redis
使用的别名会将自动在服务容器中的/etc/hosts里创建。例如:
172.17.2.186 db
172.17.2.186 database
172.17.2.187 redis
所连接容器中相应的环境变量也将创建
19)log_driver
Similar to the –log-driver parameter in Docker, specifies the log driver type. Three types of log drivers are currently supported:
log_driver: "json-file"
log_driver: "syslog"
log_driver: "none"
20)log_opt
Log-driven related parameters. E.g:
log_driver: "syslog"
log_opt:
syslog-address: "tcp://192.168.0.42:123"
21)net
Set the network mode. Parameters are similar to docker client's --net parameters
net: "bridge"
net: "none"
net: "container:[name or id]"
net: "host"
22)pid
Share the process namespace with the host system. Open the option between the container, and between the container and the host system can be accessed and operated by process ID:
pid: "host"
23)ports
Expose port information. Use the "host: container" format, or just specify the port of the container. The host will randomly select the port):
ports:
- "3000"
- "8000:8000"
- "49100:22"
- "127.0.0.1:8081:8081"
当使用"HOST:CONTAINER"格式来映射端口时,如果你使用的容器端口小于60并且没有放到引号里,可能会得到错误结果,因为YAML会自动解析xx:yy这种数字格式为60进制。为了避免这种问题的出现,建议数字串都用引号包括起来的字符串格式。
24)security_opt
Specify the default attribute of container template label) mechanism (user, role, type, level, etc.). For example, the user name and role name of the configuration label:
security_opt:
- label:user:USER
- label:role:ROLE
25)ulimits
Specify the ulimits limit value of the container, for example, specify the maximum number of processes as 65535, and specify the soft limit of 20000 for the number of file handles. The application can be modified at any time, and cannot exceed the hard limit.
ulimits:
nproc:65535
nofile:
soft:20000
hard:40000
26)volumes
The path setting of the data volume. You can set the host path HOST: CONTAINER) or add the access mode HOST: CONTAINER: ro). The path in this instruction supports relative paths. E.g:
volumes:
- /var/lib/mysql
- cache/:/tmp/cache
- ~/configs:/etc/configs/:ro
27)volumes_driver
Newer versions of Docker support plug-in drivers for data volumes. Users can use a third-party driver to create a data volume, and then use the name to access it. At this time, you can specify the drive through volumes_driver:
volume_driver: mydriver
28)volumes_from
Mount its data volume from another service or container:
volumes_from:
- service_name
- container_name