A, Docker use templates to create a mirror
First, download a template
http://download.openvz.org/template/precreated/
// download fast enough to download a template centos6 centos6-x86-minimal.tar.gz
[root@fuxi01 ~]# wget http://download.openvz.org/template/precreated/centos-6-x86-minimal.tar.gz
Introducing the mirror command:
CAT centos6-x86-# minimal.tar.gz | Docker Import - centos6 sha256: cdce38ce7fb223b243043be905be88f24635036cf850ceae013007f60a2dda51 # Docker ImagesRF Royalty Free // view the imported image # Docker RUN -itd centos6 bash 79ce4ee106cb84aadbc411489dafadd37d06a92e81b1682199b9e573c224ea6d [root @ fuxi01 ~] # Docker Exec -it 79ce4ee1 bash [root @ 79ce4ee106cb /] # CAT / etc / Issue // see its version of CentOS release 6.8 (Final) Kernel \ r ON AN \ m [root @ 79ce4ee106cb /] # uname -a Linux 79ce4ee106cb 3.10.0-693. Tue-Aug. 1 the SMP # el7.x86_64 22 is 21:09:27 2017 UTC the x86_64 the x86_64 the x86_64 the GNU / the Linux [@ 79ce4ee106cb the root /] Exit # [@ fuxi01 the root ~] # the uname -a the Linux fuxi01 3.10.0-693.el7.x86_64 the SMP Tue-Aug. 1 # 22 is 21:09 : 27 UTC 2017 x86_64 x86_64 x86_64 GNU / Linux
Thus, the kernel and the Linux kernel machine docker container is the same kernel 3.10.0, so that the docker container is based on the Linux kernel.
The existing mirrored, export to a file:
# docker save -o centos7_with_nettool.tar centos_with_net
After // save -o filename talk, talk image name. save and load a pair.
[root@fuxi01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 79ce4ee106cb centos6 "bash" 4 days ago Up 4 days kind_pasteur b15b83c7c7a2 centos_with_net "/bin/bash" 5 days ago Up 5 days infallible_lalande 7ae3b5eb6e41 ubuntu "/bin/bash" 12 days ago Up 12 days admiring_diffie 43aae89a76ae centos "/bin/bash" 13 days ago Up 13 days serene_kare [root@fuxi01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos6 latest cdce38ce7fb2 4 days ago 512MB centos_with_net latest 2803335f23a6 5 days ago 261MB ubuntu latest 549b9b86cb8d 3 weeks ago 64.2MB centos latest 0f3e07c0138f 3 months ago 220MB yw_centos latest 0f3e07c0138f 3 months ago 220MB [root@fuxi01 ~]# docker rm -f b15b83c7c7a2 b15b83c7c7a2 [root@fuxi01 ~]# docker rmi 2803335f23a6 Untagged: centos_with_net:latest Deleted: sha256:2803335f23a68731a68ffbc860d6e72c15feb2e922cc8aefb1e013fd174b604e Deleted: sha256:c7d34cfde22ae64c7556234eed73668e4a7b4b2803e51bde4cbbdbd25bb5a2cb
You can also use the file to restore a local mirror:
# docker load --input centos7_with_nettool.tar 或者 # docker load < centos7_with_nettool.tar # docker push image_name
docker push // can put your own image spread dockerhub official website go up, but only need to register a user, follow-up study it again if there is a demand.
Second, container management
# docker create -it centos6 bash
// This will create a container, but the container does not start, docker create the same as creating a virtual machine. And docker run essentially the same usage. After you create, you need to see a docker ps -a, the state is Created.
# docker start container_id
// After starting container can be used docker ps view, there have start stop, and restart.
Before docker run we use is equivalent to first create and then start
# docker run -it centos bash
Such entered a virtual terminal inside, we can run some commands, use the command exit or ctrl d to exit the bash, when exit the vessel will stop. Execution docker ps -a can see that it is Exited state of the state.
# Docker run -d allows the vessel to run in the background
比如:docker run -d centos bash -c "while :; do echo "123"; sleep 2; done"
# Docker run --name centos6_1 -itd centos6 bash // --name to container custom name, if not define, when docker ps NAMES far right is a random string. # Docker exec -it centos6_1 bash // write directly into the container can be defined by name, ID do not have to write it up. # Docker run --rm -it centos bash -c "sleep 30" // - rm lets delete the container exit, where the vessel will exit the command finishes. -c, execute commands in the container.
docker logs can get to run the historical information containers, used as follows:
docker logs container_id
[root@fuxi01 ~]# docker run -itd centos bash -c "echo 12345" 7c2e09481628fa13df86bdc858d2641ea094a88ee4fbdc0feeda6f3efa059048 [root@fuxi01 ~]# docker logs 7c2e09 12345
docker attach a container can enter the running in the background, such as
Docker attach container_id # // attach command but difficult to use, for example, we want to exit the terminal, you have to exit, so stop the vessel will exit, there is a way: # Docker Exec -it container_id bash // temporarily turn a virtual terminal, and after the exit, the vessel still running. Docker RM container_id # // container_id is docker ps -a time to see, so you can delete the container, if the container is running, you need to use rm -f. Docker Export container_id #> file.tar // export containers, you can migrate to other machines, you need to import, import a docker load --input. CAT file.tar # | Docker Import - aming_test // This will generate a mirror aming_test
Third, warehouse management
# docker pull registry
// download registry mirror, registy as a mirror docker official, we can use it to create a local docker private warehouse. When pulling registry if no accelerator will be very slow. Accelerator: /etc/docker/daemon.json
After the restart docker will stop all containers, all containers in order to automatically start the batch,
执行:systemctl restart docker && docker start $(docker ps -a -q)
docker in order to start all containers
# docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)
docker in order to close all containers
# docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)
# docker run -d -p 5000:5000 registry
// registry to start mirroring container, -p container port will be mapped to the host,: left listening port to host,: the right to monitor container port. Other ports can also write custom.
// To access the container port 80, you need to make a port mapping. For example, the container centos ip is 172.17.0.2, the IP is internal, but the host of 192.168.255.128 is external, while 80 container ports is to host can ping of.
# Curl 127.0.0.1:5000/v2/_catalog // can be accessed
{ "repositories": []}
What did not, we need to go a mirror spread to the warehouse, spread to the warehouse to see.
Let's put one of the mirrors uploaded to a private warehouse
# Docker tag centos 192.168.255.128:5000/centos // your experiences tag, above all IP host must be with a private warehouse ip: Port # Docker // to mark the Push 192.168.255.128:5000/centos mirror to be pushed to the private warehouse
At this point and will not succeed, Get https://192.168.255.128:5000/v2/: http: server gave HTTP response to HTTPS client error, here is https.
Solution:
Change the configuration file:
# vi /etc/docker/daemon.json //更改为这一条内容,之前的加速器需要删掉,不然push不成功。不使用HTTPS,使用HTTP。
{ "insecure-registries":["192.168.255.128:5000"] }
# systemctl restart docker
# docker ps -a //查看容器已经关闭,还需要启动
# docker start id //这里的id为registry容器id
再次push
# docker push 192.168.255.128:5000/centos
# curl 127.0.0.1:5000/v2/_catalog //可以查看到推送上来的镜像
{"repositories":["centos"]}
//这里的centos,就是在push的时候,最后面的字符串。
# docker tag ubuntu 192.168.255.128:5000/ubuntu //打标签,推送,就能在私有仓库查看到了。
# docker push 192.168.255.128:5000/ubuntu
# curl 127.0.0.1:5000/v2/_catalog
{"repositories":["centos","ubuntu"]}
新机器从私有仓库拉镜像:
先安装docker,然后定义仓库地址vi /etc/docker/daemon.json,启动docker,然后pull就可以了:
# docker pull 192.168.255.128:5000/ubuntu
//加上IP:port就是在私有仓库下载,不加就是在官方下载。
四、数据管理
容器是由镜像启动的,容器里产生的新数据,在容器停止或删除时,数据会一并消除,这样就意味数据有一定风险。所以想到一个办法,把宿主机的目录挂载到容器里去,这样即使容器被停止或删除,数据还是依然在宿主机的目录里。
1. 挂载本地的目录到容器里
# docker run -tid -v /data/:/data centos bash 266bc8cd6fe8fe57c919acddbd958a756bbbdeeb1d6cecf9a49938ee0cd746ab [root@fuxi01 ~]# ls /data change.log ftp gitroot mariadb mysql tomcat-instance user_passwd wwwroot [root@fuxi01 ~]# docker exec -it 266bc8c bash [root@266bc8cd6fe8 /]# ls /data change.log ftp gitroot mariadb mysql tomcat-instance user_passwd wwwroot [root@266bc8cd6fe8 /]# //这样,容器里的data目录和宿主机的data目录就是数据同步的了,更改也会同步。
//-v 用来指定挂载目录,:前面的/data/为宿主机本地目录,:后面的/data/为容器里的目录,会在容器中自动创建。
2. 挂载数据卷(--volumes-from)
其实我们挂载目录的时候,可以使用--name指定容器name,如果不指定就随机定义了。比如上面没有指定,它就生成了一个名字为heuristic_almeida,这个名字可以使用命令 docker ps 看最右侧一列。
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 266bc8cd6fe8 centos "bash" 23 hours ago Up 23 hours heuristic_almeida # docker run -itd --volumes-from heuristic_almeida centos6 bash 53ad0ecc0ea797915dd62ce03e886c05f86171136404b35a1f8049542cf57358
这样,我们使用centos6镜像创建了新的容器,并且把 heuristic_almeida 容器作为了数据卷,进入这个centos6的容器可以ls /data看到内容和centos的是一样的,centos容器的data目录是什么样的,它centos6这里就是什么样的,是关联在一起的。
3. 定义数据卷容器
有时候,我们需要多个容器之间相互共享数据,类似于linux里面的NFS,所以就可以搭建一个专门的数据卷容器,然后其他容器直接挂载该数据卷。
首先建立数据卷容器
# docker run -itd -v /data/ --name testvol centos bash
//注意这里的/data/是容器的/data目录,并非本地的/data/目录。 就是不需要宿主机的目录做映射。把这个目录共享出来,作为公共的目录。
然后让其他容器挂载该数据卷
# docker run -itd --volumes-from testvol centos6 bash