目录
一、概述
Docker是一个用于开发,交付和运行应用程序的开放平台。Docker使您能够将应用程序与基础架构分开,从而可以快速交付软件。
Docker是一个开源的应用容器引擎,让开发者可以打包方式封装应用以及依赖包到一个可移植的镜像中,然后发布到任何流行的.inux或者windows机器上,也可以实现虚拟化。容器是完全使用沙箱机制(隔离机制),相互之间不会有任何接口。
docker三要素:容器、镜像、仓库。
二、名称空间
cgroup(资源管理)和namespaces两者构成了docker底层原理,结合控制管理了6个名称空间资源。
| 名称空间 | 含义 |
|---|---|
| pid | 进程隔离(PID: 进程ID) |
| net | 管理网络接口(NET: 网络) |
| ipc | 管理访问TPC资源(TPC:进程问通信) |
| mnt | 管理文件系统挂载点(MNT: mount) |
| uts | 隔离内核和版本标识符。(UTS: Unix时 间共享系统) |
| user | 操作进程的用户和用户组 |
三、Docker的意义
docker把容器化技术做成了标准化平台CAAS (docker统一/指定了容器化技术的标准化平台)
docker引擎统一了基础设施环境:docker环境。
docker引擎统一了程序打包(装箱)方式。
docker引擎统一了程序部署(运行)方式:docker容器基于镜像,运行为容器(可运行的环境)实现了一次构建、多次、多处使用。
四、控制组
Linux上的Docker引擎还依赖丁另一种称为控制组( cqroups)的技术。cxqroup将应用程序限制为一组特定的资源。控制组允许Docker Engine将可用的硬件资为共享给容器,并有选择地实施限制和约束。例如,您可以限制特定容器可用的内存。
五、部署
一、环境配置
[root@localhost ~]# hostnamectl set-hostname docker #修改主机名
[root@localhost ~]# su
[root@docker ~]# yum install -y yum-utils \
device-mapper-persistent-data \ #存储驱动
lvm2 #控制工具
#设置阿里云镜像源
[root@docker ~]# cd /etc/yum.repos.d/
[root@docker ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@docker yum.repos.d]# yum install -y docker-ce #安装docker开源版
[root@docker yum.repos.d]# systemctl start docker
[root@docker yum.repos.d]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
二、镜像加速
https://3hftxm5s.mirror.aliyuncs.com
#登录https://help.aliyun.com/document_detail/60750.html
#登录容器镜像控制台,在左侧导航栏选择镜像工具 > 镜像加速器,在镜像加速器页面就会显示为您独立分配的加速器地址。
[root@docker yum.repos.d]# mkdir -p /etc/docker
[root@docker yum.repos.d]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "registry-mirrors": ["https://3hftxm5s.mirror.aliyuncs.com"]
> }
> EOF
[root@docker yum.repos.d]# systemctl daemon-reload
[root@docker yum.repos.d]# systemctl restart docker
三、网络优化
[root@docker yum.repos.d]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
[root@docker yum.repos.d]# sysctl -p
net.ipv4.ip_forward = 1
[root@docker yum.repos.d]# systemctl restart network
[root@docker yum.repos.d]# systemctl restart docker
ps:优化配置
[root@docker docker]# vim /etc/docker/daemon.json
{
"graph": "/data/docker", #数据目录
"storage-driver": "overlay2", #存储引擎(overlayfs:文件系统,解决docker镜像分层)
"insecure-registries": [" registry.access.redhat.com", "quary.io"] #私有仓库位置
"registry-mirrors": ["https://3hftxm5s.mirror.aliyuncs.com"] #镜像加速
"bip": "172.7.5.1/24", #docker网络;控制网段的位置;需要创建新的网桥,系统默认的docker0是不变的
"exec-opts": ["native.cgroupdriver-systemd"], #启动时候的额外参数(驱动)
"live-restore":true #当docker容器引擎挂掉的时候,使用docker跑起来的容器还能运行(分离)
}
[root@docker docker]# systemctl daemon-reload
[root@docker docker]# systemctl restart docker
四、docker基础操作
#查看正在运行容器列表
[root@docker docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#查看所有容器(包含正在运行和已停止的)
[root@docker docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#查看镜像列表
[root@docker docker]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@docker docker]# docker images(常用)
REPOSITORY TAG IMAGE ID CREATED SIZE
#查看docker版本
[root@docker docker]# docker -v
Docker version 20.10.8, build 3967b7d
[root@docker docker]# docker version #查看详尽信息
Client: Docker Engine - Community #客户端
Version: 20.10.8 #docker引擎版本
API version: 1.41 #API版本
Go version: go1.16.6 #Go语言版本
Git commit: 3967b7d
Built: Fri Jul 30 19:55:49 2021 #创建时间
OS/Arch: linux/amd64 #操作系统/版本
Context: default #连接方式(默认)
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.8
API version: 1.41 (minimum version 1.12)
Go version: go1.16.6
Git commit: 75249d8
Built: Fri Jul 30 19:54:13 2021
OS/Arch: linux/amd64
Experimental: false
containerd: #容器
Version: 1.4.9 #容器版本
GitCommit: e25210fe30a0a703442421b0f60afac609f950a3
runc: 运行时容器
Version: 1.0.1
GitCommit: v1.0.1-0-g4144b63
docker-init: #初始化
Version: 0.19.0
GitCommit: de40ad0
[root@docker docker]# docker info #查看docker详细信息(此命令可以查看到docker中容器运行个数以及镜像个数等等)
五、镜像操作
1、运行镜像
[root@docker docker]# docker run hello-world #运行holle-world镜像
ps:run有两层操作:①pull拉取镜像 ②开启镜像
[root@docker docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a8412ff6e97a hello-world "/hello" 3 minutes ago Exited (0) 3 minutes ago distracted_chatelet
[root@docker docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest d1165f221234 6 months ago 13.3kB
2、删除操作
[root@docker docker]# docker rm `docker ps -aq` #批量删除容器,-a表示全部;-q表示只显示ID
a8412ff6e97a
[root@docker docker]# docker rmi d1165f221234 #删除镜像
Untagged: hello-world:latest
Untagged: hello-world@sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a5d2165a9898cd2dc0a1
Deleted: sha256:d1165f2212346b2bab48cb01c1e39ee8ad1be46b87873d9ca7a4e434980a7726
Deleted: sha256:f22b99068db93900abe17f7f5e09ec775c2826ecfe9db961fea68293744144bd
3、搜索镜像
[root@docker docker]# docker search nginx #搜索Nginx镜像
[root@docker docker]# docker search centos:7 #搜索centos7镜像
4、下载镜像
[root@docker docker]# docker pull nginx
5、查看镜像详尽信息
[root@docker docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 822b7ec2aaf2 25 hours ago 133MB
[root@docker docker]# docker inspect 822b7ec2aaf2
[
{
"Id": "sha256:822b7ec2aaf2122b8f80f9c7f45ca62ea3379bf33af4e042b67aafbf6eac1941",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
"nginx@sha256:a05b0cdd4fc1be3b224ba9662ebdf98fe44c09c0c9215b45f84344c12867002e"
],
"Parent": "",
"Comment": "",
"Created": "2021-09-03T07:40:16.355730864Z",
"Container": "367d32086ac12447d36e75c9b7acbe1b5156a34a91370b9200e68783be75506c",
"ContainerConfig": {
"Hostname": "367d32086ac1",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.1",
"NJS_VERSION=0.6.1",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"nginx\" \"-g\" \"daemon off;\"]"
],
"Image": "sha256:d4315787e4fec867791beba140dd0e44f657cb6e4a9d75c676c7946089c20da9",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"DockerVersion": "20.10.7",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.21.1",
"NJS_VERSION=0.6.1",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "sha256:d4315787e4fec867791beba140dd0e44f657cb6e4a9d75c676c7946089c20da9",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 133175493,
"VirtualSize": 133175493,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/0f3e7c9da467816f9a23c9e09b1facd31598323d37c8a288e2f77d6994b403b4/diff:/var/lib/docker/overlay2/a6b75d42678dfce6496b32e7f04436cac8f7da8bc91aa3a8a6ce31227c6f50fd/diff:/var/lib/docker/overlay2/c3bbcc2ed0fa420667cbefc0bbf2658e55fbd733bc92646ca26357584235b57a/diff:/var/lib/docker/overlay2/d26abf95b1b193e6fd14c4bd83b60cccea7a0978699a2472a498c5808ca2ed7f/diff:/var/lib/docker/overlay2/f4aa91cf71be2f31e2e160adc32f135bf11ffc2c9d688f06362566bb8f15e8bf/diff",
"MergedDir": "/var/lib/docker/overlay2/61ccc8b277d877c18a136216a3ad62c841be104e4e4c4ecf57323c60db82fd3c/merged",
"UpperDir": "/var/lib/docker/overlay2/61ccc8b277d877c18a136216a3ad62c841be104e4e4c4ecf57323c60db82fd3c/diff",
"WorkDir": "/var/lib/docker/overlay2/61ccc8b277d877c18a136216a3ad62c841be104e4e4c4ecf57323c60db82fd3c/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:d000633a56813933cb0ac5ee3246cf7a4c0205db6290018a169d7cb096581046",
"sha256:63b5f2c0d071d1ac41fe869b0f2321c3adec53d8d51b4a03017d865c38dd41f8",
"sha256:875b5b50454b905c1046c99ab65e403bf27400bf9c96c157332cda2538698dc2",
"sha256:ed94af62a494fbea70c27afcedea4c303817196b50e8dd98b5be88cd514aab01",
"sha256:8e58314e4a4fbd97b70bed2b4c5f4b2911ff7f3e3ee310be89fab1120768d533",
"sha256:d47e4d19ddecb22dc95d641e9c29192a2d13e8506bc60d1c8f6452685ed63634"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
6、创建镜像标签
[root@docker docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 822b7ec2aaf2 25 hours ago 133MB
[root@docker docker]# docker tag nginx:latest nginx:lnmp
[root@docker docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 822b7ec2aaf2 25 hours ago 133MB
nginx lnmp 822b7ec2aaf2 25 hours ago 133MB
7、删除镜像
[root@docker docker]# docker rmi nginx:lnmp
Untagged: nginx:lnmp
[root@docker docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 822b7ec2aaf2 25 hours ago 133MB
8、镜像导出
[root@docker docker]# docker save -o nginx_latest nginx:latest
9、镜像导入
[root@docker docker]# scp nginx_latest root@192.168.238.99:/opt
#另一台docker server
[root@localhost yum.repos.d]# cd /opt
[root@localhost opt]# ls
containerd nginx_latest rh
[root@localhost opt]# docker load < nginx_latest
