?创作不易,来了的客官点点关注,收藏,订阅一键三连?😜??
前言
运维之基础——Linux。我是一个即将毕业的大学生,超超。如果你也在学习Linux,不妨跟着萌新超超一起学习Linux,拿下Linux,一起加油,共同努力,拿到理想offer!
系列文章
Linux——详解系统监控和常用命令(top free dstat)
Linux——超超讲解SSH的原理与SSH的实现!建议收藏?
总结
Docker 属于 Linux 容器的一种封装,提供简单易用的容器使用接口。它是目前最流行的?Linux?容器解决方案。本期内容为Docker第一期,通过本期内容将会掌握docker的基本概念、底层隔离机制、如何在Linux和Ubuntu上安装docker以及docker的简单使用。
目录
Docker是什么
参考链接:Docker详解链接
Docker 是一个开源的应用容器引擎,基于Go语言并遵从 Apache2.0 协议开源。
Docker 属于 Linux 容器的一种封装,提供简单易用的容器使用接口。它是目前最流行的?Linux?容器解决方案。
Docker 可以让开发者打包他们的应用以及依赖包到一个轻量级、可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。对容器进行管理。
容器是完全使用沙箱机制,相互之间不会有任何接口(类似 iPhone 的 app),更重要的是容器性能开销极低。
Docker 从 17.03 版本之后分为 CE(Community Edition: 社区版) 和 EE(Enterprise Edition: 企业版)。
注:
serverless:Serverless由开发者实现的服务端逻辑运行在无状态的计算容器中,它由事件触发, 完全被第三方管理,其业务层面的状态则被开发者使用的数据库和存储资源所记录。Serverless涵盖了很多技术,分为两类:FaaS(Function as a Service,函数即服务)和 BaaS(Backend as a Service,后端即服务)。
Docker与VMware
Docker相比于传统虚拟化方式具有的优势和劣势:
- docker?启动快速属于秒级别。虚拟机通常需要几分钟去启动
- docker?需要的资源更少,?docker?在操作系统级别进行虚拟化,?docker?容器和内核交互,几乎没有性能损耗,性能优于通过?Hypervisor?层与内核层的虚拟化
- docker?更轻量,?docker?的架构可以共用一个内核与共享应用程序库,所占内存极小。同样的硬件环境,?Docker?运行的镜像数远多于虚拟机数量,对系统的利用率非常高
- 高可用和可恢复性:?docker?对业务的高可用支持是通过快速重新部署实现的。虚拟化具备负载均衡,高可用,容错,迁移和数据保护等经过生产实践检验的成熟保障机制,?VMware?可承诺虚拟机?99.999%?高可用,保证业务连续性
- 快速创建、删除:虚拟化创建是分钟级别的,?Docker?容器创建是秒级别的,?Docker?的快速迭代性,决定了无论是开发、测试、部署都可以节约大量时间
- 交付、部署:虚拟机可以通过镜像实现环境交付的一致性,但镜像分发无法体系化。?Docker?在?Dockerfile?中记录了容器构建过程,可在集群中实现快速分发和快速部署
- (缺点)与虚拟机相比,?docker?隔离性更弱,?docker?属于进程之间的隔离,虚拟机可实现系统级别隔离
- (缺点)可管理性:?docker?的集中化管理工具还不算成熟。各种虚拟化技术都有成熟的管理工具,例如?VMware vCenter?提供完备的虚拟机管理能力
- (缺点)安全性:?docker?的安全性也更弱。?Docker?的租户?root?和宿主机?root?等同,一旦容器内的用户从普通用户权限提升为root权限,它就直接具备了宿主机的root权限,进而可进行无限制的操作。虚拟机租户?root?权限和宿主机的?root?虚拟机权限是分离的,并且虚拟机利用如?Intel?的?VT-d?和?VT-x?的?ring-1?硬件隔离技术,这种隔离技术可以防止虚拟机突破和彼此交互,而容器至今还没有任何形式的硬件隔离,这使得容器容易受到攻击
?Docker的基本概念
Docker?中包括三个基本的概念:镜像(image)、容器(container)、仓库(repository)
从下图可以直观地看到?Docker?的架构:
Docker?使用?C/S?结构,即客户端/服务器体系结构。?Docker?客户端与?Docker?服务器进行交互,Docker服务端负责构建、运行和分发?Docker?镜像。?Docker?客户端和服务端可以运行在一台机器上,也可以通过?RESTful?、?stock?或网络接口与远程?Docker?服务端进行通信。
这张图展示了?Docker?客户端、服务端和?Docker?仓库(即?Docker Hub?和?Docker Cloud?),默认情况下Docker?会在?Docker?中央仓库寻找镜像文件,这种利用仓库管理镜像的设计理念类似于?Git?,当然这个仓库是可以通过修改配置来指定的,甚至我们可以创建我们自己的私有仓库。
Image(镜像)
Docker?镜像可以看作是一个特殊的文件系统(打包的文件),除了提供容器运行时所需的程序、库、资源、配置等文件外,还包含了一些为运行时准备的一些配置参数(如匿名卷、环境变量、用户等)。
镜像不包含任何动态数据,其内容在构建之后也不会被改变。镜像(Image)就是一堆只读层(read-only layer)的统一视角,也许这个定义有些难以理解。
Container(容器)
容器?(container)?的定义和镜像?(image)?几乎一模一样,也是一堆层的统一视角,唯一区别在于容器的最上面那一层是可读可写的。(运行镜像的地方)
由于容器的定义并没有提及是否要运行容器,所以实际上,容器 = 镜像 + 读写层。
容器的三种状态:up、created、exited
Repository(仓库)
Docker?仓库是集中存放镜像文件的场所。
仓库又可以分为两种形式:public(公有仓库),private(私有仓库)
docker的常见文件
config.v2.json --> 存放容器的配置数据
json:javascript object notation,js对象简谱,是一种轻量级数据交换格式,格式用来描述数据
数据的形式:文本
数据的格式:key:value,结构清晰
非关系型数据、非结构化数据
/etc/resolv.conf --> 存放容器里的dns服务器的地址使用的是宿主机里的dns的配置
[root@docker etc]# cat resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.232.2/etc/hostname -->? 存放主机名
[root@docker docker]# cat /etc/hostname
docker/etc/hosts --> 对本机进行域名解析
[root@docker etc]# cat /etc/hosts
127.0.0.1?? localhost localhost.localdomain localhost4 localhost4.localdomain4
::1???????? localhost localhost.localdomain localhost6 localhost6.localdomain6/var/lib/docker/containers -->存放容器
[root@docker ~]# cd /var/lib/docker/containers/
[root@docker containers]# ls
1118734ea632e8537be012a61274c8d6ecd4027ba1a54a49db202463578e5663
2710b596777b80fc9755a43a4070494b6fb7d682a2fa895a91d690e63bfed04d
2c83a2d05e4ee8a885174e4b55bbe1ac1833df9aba82d86e824e44a43340e8e2
4cb9497e4b830a0eec6406d5be362adaf643982dc16a9cbcb68781b7d746bef2
58d99df640b7662f4ff625e7cde9d0e7f40250992f8fd1ad39bc48aeca162ddb/var/lib/docker --> 存放docker里的文件
docker底层的隔离机制
namespace(命名空间)
Namespace是内核的一个功能,用来给进程隔离一系列资源(网络、文件系统、进程等)资源
kernel lxl
LXC-Linux Containers,LXC是Linux containers的简称,是一种基于容器的操作系统层级的虚拟化技术。
LXC可以在操作系统层次上为进程提供的虚拟的执行环境,一个虚拟的执行环境就是一个容器。可以为容器绑定特定的cpu和memory节点,分配特定比例的cpu时间、IO时间,限制可以使用的内存大小(包括内存和是swap空间),提供device访问控制,提供独立的namespace(网络、pid、ipc、mnt、uts)。
Control Groups
Linux上的Docker Engine也依赖于另一种称为CGroup的技术。CGroups 最初叫Process Container,顾名思义就是将进程放到一个组里进行统一控制。后来改名叫Control Groups。CGroups 是 Control Groups 的缩写,它为资源管理提供了一个统一框架,可以把系统任务及其子任务整合到按资源等级划分的不同任务组内。并且对这些任务组实施不同的资源分配方案。CGroups可以限制、记录、隔离进程组所使用的物理资源(包括CPU、memory、I/O等)。
?容器的网络类型
[root@docker ~]# docker network ls
NETWORK ID???? NAME????? DRIVER??? SCOPE
a4c72e45bdf4?? bridge??? bridge??? local
e6aa050bc769?? host????? host????? local
9f11fcd6003d? ?none????? null????? local
Docker的安装
centos上的安装
步骤如下:?
1.卸载旧版本的docker
yum remove docker \
????????????????? docker-client \
????????????????? docker-client-latest \
????????????????? docker-common \
????????????????? docker-latest \
????????????????? docker-latest-logrotate \
????????????????? docker-logrotate \
????????????????? docker-engin2.添加仓库文件和docker官方提供的服务器(或阿里云服务器)
yum install -y yum-utils
yum-config-manager \
?? ?--add-repo \
?? ?https://download.docker.com/linux/centos/docker-ce.repo此步骤推荐:添加阿里云的:
yum-config-manager \
??? --add-repo \
??? http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
3.安装docker
yum install docker-ce docker-ce-cli containerd.io4.启动docker
systemctl start docker5.试运行
docker run hello-world
全过程:
[root@docker ~]# yum install -y yum-utils
[root@docker ~]# yum-config-manager \
> --add-repo\
> http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@docker ~]# yum install docker-ce docker-ce-cli containerd.io
[root@docker ~]# systemctl start docker
[root@docker ~]# docker run hello-world试运行结果:
Ubuntu上的安装
1. 更新系统里的所有能更新的软件,更新apt软件包索引并安装软件包,以允许apt通过HTTPS使用存储库?
lizhichao@chaochao:~$ sudo apt-get update
lizhichao@chaochao:~$ sudo apt-get install \
> apt-transport-https \
> ca-certificates \
> curl \
> gnupg \
> lsb-release2. 添加Docker的官方GPG密钥
lizhichao@chaochao:~$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg3.
lizhichao@chaochao:~$ echo \
?? ?> ? "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
?? ?> ? $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null4. 更新apt软件包索引,并安装最新版本的Docker Engine和containerd,或转至下一步安装特定版本
?
lizhichao@chaochao:~$ sudo apt-get update
lizhichao@chaochao:~$ ?sudo apt-get install docker-ce docker-ce-cli containerd.io5. 要安装特定版本的Docker Engine,然后试运行
lizhichao@chaochao:~$ systemctl start docker
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to start 'docker.service'.
Authenticating as: repchaochao (lizhichao)
Password:?
==== AUTHENTICATION COMPLETE ===
lizhichao@chaochao:~$ sudo docker run hello-world试运行效果图:
Docker的简单使用
docker进程的查看与关闭
查看docker进程:ps aux|grep docker
[root@docker ~]# ps aux|grep docker
root?????? 12363? 0.0? 4.7 1369628 86348 ??????? Ssl? 12:11?? 0:05 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root?????? 17331? 0.0? 0.0? 12324?? 996 pts/3??? S+?? 21:43?? 0:00 grep --color=auto docker关闭docker服务:kill -9 docker进程号
docker常用命令
查看docker版本:docker version
[root@docker web]# docker version
Client: Docker Engine - Community
?Version:?????????? 20.10.8
?API version:?????? 1.41
?Go version:??????? go1.16.6
?Git commit:??????? 3967b7d
?Built:???????????? Fri Jul 30 19:53:39 2021
?OS/Arch:?????????? linux/amd64
?Context:?????????? default
?Experimental:????? true
?
Server: Docker Engine - Community
?Engine:
? Version:????????? 20.10.8
? API version:????? 1.41 (minimum version 1.12)
? Go version:?????? go1.16.6
? Git commit:?????? 75249d8
? Built:??????????? Fri Jul 30 19:52:00 2021
? OS/Arch:????????? linux/amd64
? Experimental:???? false
?containerd:
? Version:????????? 1.4.9
? GitCommit:??????? e25210fe30a0a703442421b0f60afac609f950a3
?runc:
? Version:????????? 1.0.1
? GitCommit:??????? v1.0.1-0-g4144b63
?docker-init:
? Version:????????? 0.19.0
? GitCommit:??????? de40ad0?查看镜像:docker images
[root@docker web]# docker images
REPOSITORY????????? TAG?????? IMAGE ID?????? CREATED??????? SIZE
daocloud.io/nginx?? latest??? 6084105296a9?? 5 months ago?? 133MB
hello-world???????? latest??? d1165f221234?? 5 months ago?? 13.3kB?删除镜像:docker rmi 镜像名
[root@docker ~]# docker rmi mysql:latest
Untagged: mysql:latest
Untagged: mysql@sha256:8b928a5117cf5c2238c7a09cd28c2e801ac98f91c3f8203a8938ae51f14700fd
Deleted: sha256:c60d96bd2b771a8e3cae776e02e55ae914a6641139d963defeb3c93388f61707
Deleted: sha256:5c8c91273faab368a6d659156f2569fa9f40b0e0139222fdf9eef073df4b3797
Deleted: sha256:33d8196a776f42a16f10395b66f10f91443b1fb194bca2a9b8dfb0deff5babb8
Deleted: sha256:3ec63323025213e3cabf17ac7933506dc5520ec49226a9764418f77ea60d35c8
Deleted: sha256:1f129b005b51b049ac84ed0775b82096d480b7d9308a9a137697f37346562266
Deleted: sha256:80ed209bd0434faa1ce31fbaab8508124dddf8f6502c5736ee4b8e46697a8477查找docker里的镜像:docker search 镜像名
[root@docker web]# docker search nginx
NAME????????????????????????????? DESCRIPTION???????????????????????????????????? STARS???? OFFICIAL?? AUTOMATED
nginx???????????????????????????? Official build of Nginx.??????????????????????? 15297???? [OK]??????
jwilder/nginx-proxy?????????????? Automated Nginx reverse proxy for docker con…?? 2058???????????????? [OK]
richarvey/nginx-php-fpm?????????? Container running Nginx + PHP-FPM capable of…?? 815????????????????? [OK]
jc21/nginx-proxy-manager????????? Docker container for managing Nginx proxy ho…?? 228??docker下载镜像:docker pull 镜像名(指定版本则镜像名:版本号)默认去hubdocker下载
[root@docker web]# docker pull mysql
Using default tag: latest
latest: Pulling from library/mysql
33847f680f63: Pull complete
5cb67864e624: Pull complete
1a2b594783f5: Pull complete
b30e406dd925: Pull complete
48901e306e4c: Pull complete
603d2b7147fd: Pull complete
802aa684c1c4: Pull complete
715d3c143a06: Pull complete
6978e1b7a511: Pull complete
f0d78b0ac1be: Pull complete
35a94d251ed1: Pull complete
36f75719b1a9: Pull complete
Digest: sha256:8b928a5117cf5c2238c7a09cd28c2e801ac98f91c3f8203a8938ae51f14700fd
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest查看启动关闭删除docker内的容器:
查看:docker ps -a
启动:docker start 容器id/容器名
关闭:docker stop 容器id/容器名
删除:docker rm 容器id/容器名
[root@docker web]# docker ps -a
CONTAINER ID?? IMAGE?????????????? COMMAND????????????????? CREATED????????? STATUS??????????????????? PORTS?????????????????????????????????? NAMES
2c83a2d05e4e?? daocloud.io/nginx?? "/docker-entrypoint.…"?? 18 minutes ago?? Up 18 minutes???????????? 0.0.0.0:8000->80/tcp, :::8000->80/tcp?? chao-nginx-1
0a6d9d7570fa?? daocloud.io/nginx?? "/docker-entrypoint.…"?? 19 minutes ago?? Created?????????????????????????????????????????????????????????? chao-nginx-1.0
2b924c70c6f7?? daocloud.io/nginx?? "/docker-entrypoint.…"?? 19 minutes ago?? Created?????????????????????????????????????????????????????????? chaochao-nginx-1.0
2767770c2884?? daocloud.io/nginx?? "/docker-entrypoint.…"?? 21 minutes ago?? Created?????????????????????????????????????????????????????????? chaochao-nginx-1
8ceb4b84a918?? hello-world???????? "/hello"???????????????? 29 hours ago???? Exited (0) 29 hours ago?????????????????????????????????????????? vibrant_fermi创建容器
命令:docker run --name 容器名-d -p 端口号 镜像名
查看容器启动过程中的日志:docker logs
[root@docker web]# docker logs
"docker logs" requires exactly 1 argument.
See 'docker logs --help'.
?
Usage:? docker logs [OPTIONS] CONTAINER
?
Fetch the logs of a container进入容器内部:docker exec 选项 容器名 /bin/bash
[root@docker web]# docker exec -it chao-nginx-1 /bin/bash
# 进入容器内部并开启一个交互式的终端,运行/bin/bash
Ubuntu命令:sudo docker exec -it sc-nginx-2 /bin/bash
为什么进入容器后有的命令不能用?
容器运行的系统没有安装相关文件
容器上不了网的问题的解决方法
临时开启路由功能
echo 1 >/proc/sys/net/ipv4/ip_forward
[root@docker ~]# echo 1 >/proc/sys/net/ipv4/ip_forwardrd
[root@docker ~]#service docker? restart? #重启docker ,会到iptables里去添加相关规则
永久开启:
[root@sc-docker ~]# vim /etc/sysctl.conf
添加:net.ipv4.ip_forward = 1
永久添加后效果:
[root@docker ~]# docker run -it --cpu-shares 30 -m 1000000000? -d --name lizhichao3 -p 8090:68 centos:7?
af39a6babd1c58a2094d633ffbc24aaf78bc786c66165b75cb449b2703346f49
[root@docker ~]# docker exec -it lizhichao3 /bin/bash
[root@af39a6babd1c /]# ping www.baidu.com
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=127 time=27.5 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=2 ttl=127 time=33.8 ms
^C
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 27.590/30.718/33.846/3.128 ms
[root@docker ~]# docker container
Usage(用法): docker container COMMAND
Manage containers
Commands:
? attach????? Attach local standard input, output, and error streams to a running container
? commit????? Create a new image from a container's changes
? cp????????? Copy files/folders between a container and the local filesystem
? create????? Create a new container
? diff??????? Inspect changes to files or directories on a container's filesystem
? exec??????? Run a command in a running container
? export????? Export a container's filesystem as a tar archive
? inspect???? Display detailed information on one or more containers
? kill??????? Kill one or more running containers
? logs??????? Fetch the logs of a container
? ls????????? List containers
? pause?????? Pause all processes within one or more containers
? port??????? List port mappings or a specific mapping for the container
? prune?????? Remove all stopped containers
? rename????? Rename a container
? restart???? Restart one or more containers
??rm????????? Remove one or more containers
? run???????? Run a command in a new container
? start?????? Start one or more stopped containers
? stats?????? Display a live stream of container(s) resource usage statistics
? stop??????? Stop one or more running containers
? top???????? Display the running processes of a container
? unpause???? Unpause all processes within one or more containers
? update????? Update configuration of one or more containers
? wait??????? Block until one or more containers stop, then print their exit codes
?
Run 'docker container COMMAND --help' for more information on a command.限制新建容器的资源使用
[root@docker ~]# docker run -it -cpu-share 30 -m 1000000000? -d --name lizhichao3 -p 8090:68 centos:7?container网络链接模式创建
创建网络:
[root@docker ~]# docker network create --driver bridge chaochao
14acf3f246ee634fd9fe0b58cfc4a50d594e7ed613fc9c1fe1fba8f1198ef518
[root@docker ~]# docker network ls
NETWORK ID???? NAME?????? DRIVER??? SCOPE
a4c72e45bdf4?? bridge???? bridge??? local
14acf3f246ee?? chaochao?? bridge??? local
e6aa050bc769?? host?????? host????? local
9f11fcd6003d?? none?????? null????? local
2f24912725f7?? sc???????? bridge??? local
[root@docker ~]# docker run -d --name chao-network-1 --network chaochao -p 6666:80 nginx
a7f87369ac1cbe02d31971d8896122c0e0247463f1e10144b97800f1df2c05f1
[root@docker ~]# docker run -d --name chao-network-1.1 --network chaochao -p 6677:80 nginx
cb9fd0eced6cdf7f7075d6e3b09caf9764313a95681fe4e913dc9525592ecdc6导出镜像,传递到另一台机器上(笔者从Ubuntu导到centos)
导出官方下载的镜像
从ubuntu导出:
lizhichao@chaochao:~$ sudo scp ubuntu-chao.tar root@192.168.232.132:/root?
#scp传递到另外一台服务器上
The authenticity of host '192.168.232.132 (192.168.232.132)' can't be established.
ECDSA key fingerprint is SHA256:H9UmgdDuOZykWs7ysydLjxzCS2tyNNrbylAGIa6pBgc.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.232.132' (ECDSA) to the list of known hosts.
root@192.168.232.132's password:
ubuntu-chao.tar??????????????????????????????????????????????????????????????????? 100%?? 72MB? 44.0MB/s?? 00:01?在centos上面查看并接收:
[root@docker ~]# cd /root
[root@docker ~]# ls
anaconda-ks.cfg??ubuntu-chao.tar
[root@docker ~]# docker load -i ubuntu-chao.tar
7555a8182c42: Loading layer [==================================================>]??75.16MB/75.16MB
Loaded image: ubuntu:latest导出一个运行在容器里的镜像
从ubuntu导出:
lizhichao@chaochao:~$ sudo docker export -o ubuntu-chao2.tar ubuntu-chaochao-1
lizhichao@chaochao:~$ ls
ubuntu-chao2.tar? ubuntu-chao.tar
lizhichao@chaochao:~$ scp ubuntu-chao2.tar root@192.168.232.132:/root
root@192.168.232.132's password:
ubuntu-chao2.tar: Permission denied
lizhichao@chaochao:~$ sudo scp ubuntu-chao2.tar root@192.168.232.132:/root
root@192.168.232.132's password:
ubuntu-chao2.tar?????在centos上面查看并接收:
[root@docker ~]# docker import ubuntu-chao2.tar ubuntu-chaochao:2.0
sha256:67596afe27b527c0bd8e5c90005a60ea5ee8dc4ab11a031746578d8a8f41f61c
[root@docker ~]# docker images
REPOSITORY???????????????? TAG?????? IMAGE ID?????? CREATED???????? SIZE
ubuntu-chaochao??????????? 2.0?????? 67596afe27b5?? 4 seconds ago?? 72.8MB导出镜像总结:
静态:存放的镜像: docker save? ---> docker load
动态:运行在容器里的镜像:docker export --> docker import
思考
如何限制一个进程可以使用多少cpu和多少内存?
创建一个容器,让这个进程在容器里run,这样可以限制容器所使用的cpu和内存,从而可以达到限制这个进程的cpu和内存的使用。
为什么有的容器创建时候需要接-it有的不需要?
centos7或者Ubuntu的基础镜像,在启动的时候,需要加上-it
FROM scratch
ADD ubuntu-foval-oci-amd64-root.tar.gz/
CMD ["bash"]? #-->容器启动的时候运行的程序是bash
判断的关键在于运行程序是在后台还是前台。
在前台运行,容器会一直运行
在后台运行,在后台运行完后,容器就会停
练习
练习一:下载镜像
1.下载redis的镜像
docker?pull?redis?2.下载nginx的镜像
docker?pull?nginx3.查看你的机器里的所有的docker镜像
docker images4.停止下sc-nginx-cali-1容器
docker stop sc-nginx-cali-15.再次启动下sc-nginx-cali-1容器
docker start sc-nginx-cali-16.删除sc-nginx-cali-2~3容器
[root@docker?html]#?docker?rm?sc-nginx2
sc-nginx2
[root@docker?html]#?docker?rm?sc-nginx3
sc-nginx37.查看docker版本
docker version8.查找下mongodb的镜像,不下载
docker search mongodb
练习二:使用docker启动mysql
centos启动mysql
centos8里不需要安装mariadb-server
1.在宿主机上安装mariadb的客户端软件,获得mysql命令
yum? install? mariadb
2.启动mysql的容器
docker run --name sc-mysql-1 -e MYSQL_ROOT_PASSWORD='sc123456' -d -p 3306:3306? mysql:5.7.35
代码如下:
[root@docker web]# docker run --name chaochao-mysql-1 -e MYSQL_ROOT_PASSWORD='123456' -d -p 3306:3306? mysql:5.7.35
fb2798a41de84218932556fce998fc86673e330e01d602911fc725ed3b7251fb
[root@docker web]# docker ps -a
CONTAINER ID?? IMAGE?????????????? COMMAND????????????????? CREATED???????????? STATUS????????????????????? PORTS????????????????????????????????????????????????? NAMES
fb2798a41de8?? mysql:5.7.35??????? "docker-entrypoint.s…"?? 20 seconds ago????? Up 18 seconds?????????????? 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp?? chaochao-mysql-13.去访问(可以是其他的机器)
访问其他机器:mysql -h ip -uroot -p密码
-h 指定连接服务器的ip地址
注:若连不上,需要重启docker服务
[root@docker web]# mysql -h 192.168.0.17 -uroot -p123456
Welcome to the MariaDB monitor.? Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.35 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;? 查看有哪些数据库
+--------------------+
| Database?????????? |
+--------------------+
| information_schema |
| mysql????????????? |
| performance_schema |
| sys??????????????? |
+--------------------+
4 rows in set (0.002 sec)
MySQL [(none)]> exit 退出
Bye练习三:docker网络的练习
1.查看docker里有哪些网络类型,对应的命名空间
2.创建一个网络的命名空间叫lzc
3.创建2个centos7的容器,使用lzc这个网络命名空间
4.进入创建容器里面,查看下ip地址,互相ping下
5.创建一个使用默认的命名空间的容器,名字自己定义
6.进入新创建容器,ping使用lzc网络命名空间的容器,看是否可以ping通?
运行代码如下:
?
[root@docker ~]# docker network ls? #查看docker里有哪些网络类型,对应的命名空间
NETWORK ID???? NAME?????? DRIVER??? SCOPE
a4c72e45bdf4?? bridge???? bridge??? local
14acf3f246ee?? chaochao?? bridge??? local
e6aa050bc769?? host?????? host????? local
9f11fcd6003d?? none?????? null????? local
2f24912725f7?? sc???????? bridge??? local
[root@docker ~]# docker network create lzc? #创建一个网络的命名空间叫lzc
395e378e3a86952f522c605b5000e24f0c721b35b883e3e33e30a148c8c20705
[root@docker ~]# docker network ls
NETWORK ID???? NAME?????? DRIVER??? SCOPE
a4c72e45bdf4?? bridge???? bridge??? local
14acf3f246ee?? chaochao?? bridge??? local
e6aa050bc769?? host?????? host????? local
395e378e3a86?? lzc??????? bridge??? local
9f11fcd6003d?? none?????? null????? local
2f24912725f7?? sc???????? bridge??? local
[root@docker ~]# docker run -it -d --name lzc-centos-1 --network lzc -p 7001:7001 centos:7 #创建2个centos7的容器,使用lzc这个网络命名空间
c08240c5eb8b057ea030b61dd1bdf90ab99b7f00c9a0023a7eaebbeb069797ad
[root@docker ~]# docker run -it -d --name lzc-centos-2 --network lzc -p 7002:7002 centos:7? #创建2个centos7的容器,使用lzc这个网络命名空间
ac2918f6f40555228c8f496f395adce20e2607fb9cee55e8234f59e275b9ecc0
[root@docker ~]# docker network ls
NETWORK ID???? NAME?????? DRIVER??? SCOPE
a4c72e45bdf4?? bridge???? bridge??? local
14acf3f246ee?? chaochao?? bridge??? local
e6aa050bc769?? host?????? host????? local
395e378e3a86?? lzc??????? bridge??? local
9f11fcd6003d?? none?????? null????? local
2f24912725f7?? sc???????? bridge??? local
[root@docker ~]# docker run -it -d --name chao-centos-01 --network lzc centos:7
36e380a6248a8c43edf6e66c1167fb76d7d1cf6d4fc9586aea27c9a62a75630f
[root@docker ~]# docker run -it -d --name chao-centos-02 --network lzc centos:7
0a244305b9185be5e5cdebf5229a6598f79f57ac2392fb5f41bea1e5019815f0
[root@docker ~]# docker ps
CONTAINER ID?? IMAGE????????? COMMAND????????????????? CREATED????????? STATUS????????? PORTS?????????????????????????????????????????? NAMES
0a244305b918?? centos:7?????? "/bin/bash"????????????? 8 seconds ago??? Up 6 seconds??????????????????????????????????????????????????? chao-centos-02
36e380a6248a?? centos:7?????? "/bin/bash"????????????? 15 seconds ago?? Up 12 seconds?????????????????????????????????????????????????? chao-centos-01
ac2918f6f405?? centos:7?????? "/bin/bash"????????????? 16 minutes ago?? Up 16 minutes?? 0.0.0.0:7002->7002/tcp, :::7002->7002/tcp?????? lzc-centos-2
c08240c5eb8b?? centos:7?????? "/bin/bash"????????????? 16 minutes ago?? Up 16 minutes?? 0.0.0.0:7001->7001/tcp, :::7001->7001/tcp?????? lzc-centos-1
cb9fd0eced6c?? nginx????????? "/docker-entrypoint.…"?? 5 hours ago????? Up 5 hours????? 0.0.0.0:6677->80/tcp, :::6677->80/tcp?????????? chao-network-1.1
a7f87369ac1c?? nginx????????? "/docker-entrypoint.…"?? 5 hours ago????? Up 5 hours????? 0.0.0.0:6666->80/tcp, :::6666->80/tcp?????????? chao-network-1
7123e3a3b5c1?? nginx????????? "/docker-entrypoint.…"?? 6 hours ago????? Up 6 hours????? 80/tcp????????????????????????????????????????? chao-nginx-redis1
4f06900d4788?? redis????????? "docker-entrypoint.s…"?? 6 hours ago????? Up 6 hours????? 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp?????? chao-redis-1
4cb9497e4b83?? nginx:latest?? "/docker-entrypoint.…"?? 3 days ago?????? Up 3 days?????? 0.0.0.0:8002->80/tcp, :::8002->80/tcp?????????? chao-nginx2
e88ca98c52cb?? nginx:latest?? "/docker-entrypoint.…"?? 3 days ago?????? Up 3 days?????? 0.0.0.0:8001->80/tcp, :::8001->80/tcp?????????? chao-nginx1
2710b596777b?? nginx:latest?? "/docker-entrypoint.…"?? 3 days ago?????? Up 3 days?????? 0.0.0.0:8060->80/tcp, :::8060->80/tcp?????????? lizhichao-nginx
58d99df640b7?? nginx????????? "/docker-entrypoint.…"?? 4 days ago?????? Up 4 days?????? 0.0.0.0:8070->80/tcp, :::8070->80/tcp?????????? lizhichao6
da8640cb3a98?? nginx????????? "/docker-entrypoint.…"?? 4 days ago?????? Up 4 days?????? 80/tcp, 0.0.0.0:9000->90/tcp, :::9000->90/tcp?? lizhichao13
[root@docker ~]# docker exec -it chao-centos-01 /bin/bash #进入容器环境
?[root@36e380a6248a /]# ip a?? #容器内有的命令无法使用,可以去查看容器详细信息
bash: ip: command not found
[root@docker containerd]# docker container inspect chao-centos-01|grep "IPAddress"
??????????? "SecondaryIPAddresses": null,
??????????? "IPAddress": "",
??????????????????? "IPAddress": "172.20.0.4",
[root@docker containerd]# docker container inspect chao-centos-02|grep "IPAddress"
??????????? "SecondaryIPAddresses": null,
??????????? "IPAddress": "",
??????????????????? "IPAddress": "172.20.0.5",
[root@docker containerd]#
[root@docker containerd]# docker exec -it chao-centos-01 /bin/bash ?#进入chao-centos-01环境
[root@36e380a6248a /]# ping 172.20.0.5? #chao-centos-01来ping另一个的IP地址
PING 172.20.0.5 (172.20.0.5) 56(84) bytes of data.
64 bytes from 172.20.0.5: icmp_seq=1 ttl=64 time=0.290 ms
64 bytes from 172.20.0.5: icmp_seq=2 ttl=64 time=0.120 ms
^C
--- 172.20.0.5 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1006ms
rtt min/avg/max/mdev = 0.120/0.205/0.290/0.085 ms
[root@36e380a6248a /]# ^C
[root@docker containerd]# docker exec -it chao-centos-02 /bin/bash #进入chao-centos-02环境
[root@0a244305b918 /]# ping 172.20.0.4?? # #chao-centos-01来ping另一个的IP地址
PING 172.20.0.4 (172.20.0.4) 56(84) bytes of data.
64 bytes from 172.20.0.4: icmp_seq=1 ttl=64 time=0.165 ms
64 bytes from 172.20.0.4: icmp_seq=2 ttl=64 time=0.137 ms
^C
--- 172.20.0.4 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1011ms
rtt min/avg/max/mdev = 0.137/0.151/0.165/0.014 ms
[root@0a244305b918 /]#
[root@docker containerd]# docker run -it -d --name chaochao01 centos:7? #创建一个使用默认的命名空间的容器,名字自己定义
b5e9fa1b2001d161e06ebec63062264e2fded6a8413970d79724b3a2ab12d13a
[root@docker containerd]# docker exec -it chaochao01 /bin/bash? #进入新创建容器,ping使用lzc网络命名空间的容器,看是否可以ping通
[root@b5e9fa1b2001 /]# ping 172.20.0.4
PING 172.20.0.4 (172.20.0.4) 56(84) bytes of data.
^C
--- 172.20.0.4 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1016ms
# ping不通
创作不易,客官点个赞,评论一下吧!超超和你一起加油?😜?