Docker basic commands and detailed deployment (version 20)

One, Docker overview

■ What
is Docker ● Is a lightweight "virtual machine"
● Open source tool for running applications in Linux containers

■ The difference between Docker and virtual machine

■ Docker usage scenarios
● Packaged applications to simplify deployment
● Free migration from the underlying hardware
● Example: server migration from Tencent Cloud to Alibaba Cloud

1.1, Docker's core concept and installation method

■ Docker core concept
● Mirror (read-only template)
◆ A read-only template for Docker container engine
● Container
◆ Running instances created from the mirror
● Warehouse
◆ The place where the mirror is stored centrally

■ Two ways to install Docker on CentOS
● Use CURL to get the Docker installation script to install
● Use YUM warehouse to install Docker

1.2, docker architecture

• The default Client and DOCKER_HOST are in the same host, assuming that the Registry is a public mirror (on another server)
• After installing the docker engine locally, it will help install the server and client
• The server is working in the background as a daemon process, and the client is working in the foreground
• The server will build and read the image in the background, (the image can be downloaded from the remote end), and Images will build the image into a container and run it.
• Execute create commands, download commands, and run commands on the client's terminal to tell the server exactly what operations to perform

Two, Docker deployment

2.1, install dependent packages

[root@docker ~]# yum -y install yum-utils device-mapper-persistent-data lvm2
#yum-utils yum仓库的工具
#device-mapper docker的引擎	
#lvm2 lvm的一种加强性管理工具

2.2. Set up Alibaba Cloud image (acceleration)

[root@docker ~]# cd /etc/yum.repos.d
[root@mysql yum.repos.d]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

2.3, install docker-ce community edition

[root@docker yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@docker yum.repos.d]# yum -y install docker-ce
[root@docker ~]# systemctl start docker   #启动docker
[root@docker ~]# systemctl enable docker  #设置开机自启

2.4, set mirror acceleration

[root@docker ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
    
    
>   "registry-mirrors": ["https://xxxxxx.mirror.aliyuncs.com"]
> }
> EOF
{
    
    
  "registry-mirrors": ["https://76ipfsjf.mirror.aliyuncs.com"]
}
[root@docker ~]# systemctl daemon-reload    #开启守护进程（服务端）
[root@docker ~]# systemctl restart docker      #重启docker的客户端

2.5, network optimization

[root@docker ~]# vim /etc/sysctl.conf           #开启路由转发

[root@docker ~]# sysctl -p
[root@docker ~]# systemctl restart network
[root@docker ~]# systemctl restart docker

#docker配置文件
{
    
    
"graph": "/data/docker",          #数据目录
"storage-driver": " overlay2",   #存储引擎
"insecure-registries": ["registry.access.redhat.com"," quary.io"]    #私有仓库
"registry-mirrors": ["https://q"]        #镜像加速
"bip": "172.7.5.1/24",                     #docker网络（面试题—如何永久配置docker网络地址，就是在daemon.json 里面配置"bip"字段）
"exec-opts": ["native.cgroupdriver=systemd"],        #启动时候的额外参数(驱动)
"live-restore": true           #当docker容器引擎挂掉的时候，使用docker跑起来的容器还能运行（分离)
}
docker容器网络生产经验
docker 的网络建议和宿主机的IP“对照”
比如宿主机10.2.5.6容器的地址就可以修改为172.5.6.1，这样方便在故障发生时，更容易定位故障节点位置

2.6, docker image operation

[root@docker ~]# docker run hello-world
注：docker run
1、先检测本地是否有镜像
2、本地没有该镜像，则会向镜像仓库拉取这个镜像
3、先create、再start把该镜像的容器运行起来
Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

■ Analysis

• The docker client client is connected to the server (the server runs in the form of a daemon in the operating system) typical C/S architecture
• The image is downloaded from the docker hub by the daemon of the docker server
• The server creates a new container, and then starts a container from the pulled image, and the container executes the script/executable program so that we can view/use
• The docker server returns these information flows (transmissions) to the client and displays them, (displayed on the terminal)
• Docker client can be in many forms, such as the terminal where the "docker" command tool is located

2.6.1, query docker version (two ways)

[root@docker ~]# docker version

[root@docker ~]# docker info

2.6.2, search mirror

[root@docker ~]# docker search nginx

2.6.3, download mirror

docker pull 镜像名称
例如：docker pull nginx
[root@docker ~]# docker pull nginx

[root@docker ~]# docker images   #查看镜像列表

[root@docker ~]# docker inspect f6d0b4767a6c    #获取镜像信息
[root@docker ~]# docker tag nginx:latest nginx:lnmp   #给镜像添加标签
[root@docker ~]# docker images

[root@docker ~]# docker rmi nginx:lnmp   #删除标签

2.6.4, mirror export and import

docker save -o 文件名 镜像名
示例：
docker save -o nginx nginx:latest
[root@docker docker]# docker save -o nginx nginx:latest
[root@docker docker]# ls
daemon.json  key.json  nginx

[root@docker docker]# docker rmi nginx:latest
[root@docker docker]# docker images
[root@docker docker]# docker load < nginx    #导入镜像
[root@docker docker]# docker images

■ Note: In use scenarios, in some production environments, companies do not directly use docker private warehouses, but store them in an ftp server, upload and download on demand

2.7, container operation

2.7.1, query container

[root@docker docker]# docker ps -a

2.7.2, create a container

[root@docker docker]# docker create -it nginx:latest /bin/bash
# -i:让容器的标准输入保持打开
# -t:分配一个伪终端
# /bin/bash 给予执行环境

2.7.3, start the container

[root@docker docker]# docker start ec05ddece00d

2.7.4, start the container (one-time execution)

[root@docker docker]# docker run centos:7 /usr/bin/bash -c ls /

2.7.5, stop the container

[root@docker docker]# docker stop ec05ddece00d

2.7.6, continuous background operation

[root@docker docker]# docker run -d centos:7 /bin/bash -c "while true;do echo hello;done"

2.8, enter the container

2.8.1, use run

[root@docker docker]# docker run -it nginx:latest /bin/bash

■ Exit:
1, Ctrl+d
2, exit

2.8.2, exec (container must be running normally)

[root@docker docker]# docker exec -it ec05ddece00d /bin/bash

2.8.3, container export

[root@docker docker]# docker export ec05ddece00d > nginx_1
[root@docker docker]# ls

2.8.4. Container import (image generation)

[root@docker docker]# cat nginx_1 | docker import - nginx:latest

2.9, delete the container

[root@docker docker]# docker rm 7510b623832b  #这个命令无法删除正在运行的容器，rm -f 可以强制删除

2.9.1, batch delete

[root@docker docker]# docker ps -a | awk '{print docker rm "$1"}' | bash

2.9.2. Batch delete containers in "exit" status

[root@docker docker]# for i in `docker ps -a | grep -i exit | awk '{print $1}'`; do docker rm -f $i;done #过滤异常退出的容器

2.9.3, batch close running containers

[root@docker ~]# for i in `docker ps -a | grep -i up | awk '{print $1}'`; do docker stop $i;done