Docker —- 配置与安装

# 安装 docker 
[root@www-jfedu-net ~]# yum -y install docker*

# 导入 centos 报错(centos 需要使用 import 方法导入 load 会出错)
[root@localhost src]# docker load <centos6_8.tar 
open /var/lib/docker/tmp/docker-import-137848643/bin/json: no such file or directory
[root@localhost src]# docker import centos6_8.tar 修改导入语句
sha256:2c8be292358a147e0f5f0b9bf31b9eb5274dfe9ac71edf222f031b43773043f7
# ----------导入镜像 并命名
[root@localhost src]# cat centos6_8.tar | docker import - centos68
--------------------------------------
导入镜像 
docker load
docker load < centos68_new_save.tar
docker import
cat centos68_new.tar | docker import - centos68_new_export # 使用 export 导出的镜像(默认参数丢失),导入后启动需要添加默认参数

# 提交镜像-打包
docker commit 681222ce632d
导出镜像 ec67dc5513c3(镜像id)
docker save
docker save ec67dc5513c3 >centos68_new_save.tar # commit 提交完成后,才可以用 save 导出,默认参数不会丢失,导出的镜像包较大

docker export
docker export 681222ce632d > centos68_new.tar # 打包镜像到其他主机 使用 export 导出的镜像(默认参数丢失),导入后启动需要添加默认参数

修改镜像名称
docker tag 镜像id 要修改的名称
如:docker tag 3f8a4339aadd nginx

删除镜像
docker rmi 3f8a4339aadd

启动 docker 容器  itd interactive tty daemon it(终端交互模式) centos 镜像启动时需要添加启动参数 /bin/bash 在后台启动
docker run -itd 给容器添加端口 物理机端口:容器端口 给容器添加名称 容器名称 # docker 容器 端口映射模式
docker run -itd -p 80:80 --name=jfedu_nginx nginx
docker run -itd --net=bridge --name=jfedu_001 centos68 /bin/bash # 启动时默认添加的模式是桥接模式,可以不用写。这个可以改为 host 主机模式

查看容器
当前运行中的  docker ps
当前所有容器  docker ps -a

进入容器 docker exec -it 容器id(或者容器名称) /bin/bash
docker exec -it f64eef850ceb /bin/bash

销毁容器
docker ps -aq | xargs docker rm -f

启动 centos68 容器永久运行
docker run -itd -p 80:80 -p 6022:22 centos68 /bin/bash

启动容器
docker start thirsty_bassi # 容器的名字
进入 centos68 容器
docker exec -it 3021094201c5 /bin/bash

容器主机显示异常 没有基础的环境变量
bash-4.1# \cp /etc/skel/.bash* /root/
bash-4.1# su
[root@3021094201c5 /]# 

# 停止 docker 容器 该命令会导致 centos6*的主机崩溃重启,之后容器会被损坏,无法使用 centos7* 则正常
docker ps -aq | xargs docker stop

# 杀掉容器
[root@localhost ~]# docker kill b82af9bb0755

批量启动容器 nginx 
for i in `seq 86 96`;do docker run -itd -p $i:80 nginx ;done
# 批量启动容器 centos6
[root@www-jfedu-net ~]# docker ps -aq | xargs docker start

批量删除容器 nginx
docker ps -a | grep nginx | awk '{print $1}' | xargs docker rm -f
[root@localhost ~]# docker rm b82af9bb0755

查看 docker 中开启的端口
docker exec 613604f76a35 netstat -ntlp

查看容器的ip
docker inspect 613604f76a35 | grep -i ipaddr

# 启动 centos68 容器开启超级权限 (开启超级权限参数 --privileged)
docker run -itd --privileged -p 80:80 -p 6022:22 centos68 /bin/bash

# 启动 centos68 容器中的 sshd
[root@localhost ~]# docker exec -it a94310b98338 /bin/bash
bash-4.1# service sshd start
Starting sshd: [ OK ]
bash-4.1# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 711/sshd 
tcp 0 0 :::80 :::* LISTEN 27/httpd 
tcp 0 0 :::22 :::* LISTEN 711/sshd 
bash-4.1#

# 创建容器的时候,提示网络不在工作
[root@localhost ~]# docker run -itd centos68 /bin/bash
WARNING: IPv4 forwarding is disabled. Networking will not work.
393922eeb279c54baa29d1e45b031554eed19380054abe108560766a24001023
[root@localhost ~]# vim /usr/lib/sysctl.d/00-system.conf
net.ipv4.ip_forward=1 # 添加内容
[root@localhost ~]# service network restart # 重启网络之后,重新创建的容器不会再有问题

# 查看容器的使用情况
[root@localhost src]# docker inspect Docker_1_3 | more

# 查看 docker 容量
[root@localhost src]# fdisk -l
...
磁盘 /dev/mapper/docker-253:0-16784505-pool:107.4 GB, 107374182400 字节,209715200 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节


磁盘 /dev/mapper/docker-253:0-16784505-fd8f094cc445056d6d9719b902307411e9a5cc6d6cd4d7a4a52f044fb6498cf3:21.5 GB, 21474836480 字节,41943040 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节


磁盘 /dev/mapper/docker-253:0-16784505-d5a252bac0c9b728193f451df4d7bf756d88e7067050d13a3d2208ae30e3e3f8:21.5 GB, 21474836480 字节,41943040 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节

# Docker 空间初始化目录
[root@localhost metadata]# cd /var/lib/docker/devicemapper/metadata # 这里面的文件,已经把 docker 的容量定死
[root@localhost metadata]# ll
总用量 24
-rw-------. 1 root root 88 1月 31 22:39 base
-rw-------. 1 root root 89 1月 31 22:40 c7c3ba4ccacc36c0710ceaad88114731d8516020b6cfb6093f4d2735318b1fc0
-rw-------. 1 root root 105 1月 31 22:39 deviceset-metadata
-rw-------. 1 root root 90 2月 1 12:42 df826166fdb097db0e6836be615c489c741e2777f2f613d88200d32e73d4529c
-rw-------. 1 root root 90 2月 1 12:42 df826166fdb097db0e6836be615c489c741e2777f2f613d88200d32e73d4529c-init
-rw-------. 1 root root 121 2月 1 12:42 transaction-metadata
[root@localhost metadata]#

修改 Docker 的 ip 实现桥接模式,实现跟物理机同网段,不再需要端口映射,解决物理机端口不够用的问题

(测试主机CentOS Linux release 7.3.1611 (Core) 路由器ip 192.168.1.254 )

[root@localhost network-scripts]# yum install bridge* -y
[root@localhost network-scripts]# vi ifcfg-ens32 # 做好备份
DEVICE=ens32
BOOTPROTO=none
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
BRIDGE="br0"
IPADDR=192.168.1.1
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
USERCTL=no
[root@localhost network-scripts]# vi ifcfg-br0
DEVICE="br0"
BOOTPROTO=none
IPV6INIT=no
NM_CONTROLLED=no
ONBOOT=yes
TYPE="Bridge"
IPADDR=192.168.1.1
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
USERCTL=no
[root@localhost network-scripts]# vi /etc/sysconfig/docker-network
# /etc/sysconfig/docker-network
DOCKER_NETWORK_OPTIONS="-b=br0"
[root@localhost network-scripts]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@localhost network-scripts]# service network restart
[root@localhost network-scripts]# ifconfig # br0  ip 地址为制定的 ip; ens32 ip地址没有,则docker 桥接网卡配置成功
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.1  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::250:56ff:fe2d:138e  prefixlen 64  scopeid 0x20
        ether 00:50:56:2d:13:8e  txqueuelen 1000  (Ethernet)
        RX packets 79  bytes 6593 (6.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 51  bytes 6262 (6.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:6e:8d:a1:27  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::250:56ff:fe2d:138e  prefixlen 64  scopeid 0x20
        ether 00:50:56:2d:13:8e  txqueuelen 1000  (Ethernet)
        RX packets 727918  bytes 1004071794 (957.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 114830  bytes 8635847 (8.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10
        loop  txqueuelen 1  (Local Loopback)
        RX packets 164  bytes 13024 (12.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 164  bytes 13024 (12.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost network-scripts]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos68 latest 91e5739b0b66 17 hours ago 643.5 MB
[root@localhost network-scripts]# docker run -itd centos68 /bin/bash # 启动时不再需要-p参数,使用端口映射
a94310b98338cb61a10d921be8669f155d553020e0c43d56d21e34a651b35619
[root@localhost network-scripts]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
a94310b98338        centos68            "/bin/bash"         About a minute ago   Up About a minute                       pedantic_carson
[root@localhost network-scripts]# docker exec -it a94310b98338 /bin/bash # 查看启动的 docker ip
bash-4.1# ifconfig
eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:02  
          inet addr:192.168.1.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:c0ff:fea8:102/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:59 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:5569 (5.4 KiB)  TX bytes:1232 (1.2 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

bash-4.1# service httpd restart # 浏览器通过 192.168.1.2 访问Apache 发布目录,显示成功
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.1.2 for ServerName
 [ OK ]
bash-4.1#
bash-4.1# service sshd restart # 使用 linux 连接工具,可以连接 192.168.1.2
Stopping sshd: [FAILED]
Starting sshd: [ OK ]
bash-4.1#
[root@localhost network-scripts]# for i in `docker ps -aq`;do docker exec $i ifconfig eth0;done # 查看所有容器的ip
[root@localhost network-scripts]# for i in `docker ps -aq`;do docker exec $i /etc/init.d/sshd restart;done # 启动所有容器的sshd
[root@localhost network-scripts]# ssh -l root 192.168.1.6 # 通过 ip 登陆到创建的容器
[root@localhost network-scripts]# ifconfig docker0 down # 关掉docker0
[root@localhost network-scripts]# brctl delbr docker0 # 删除docker0
[root@localhost ~]# vi /etc/rc.d/rc.local # 如果启动后 docker0 还在,可以添加到系统启动脚本中

自动化启动部署容器,分配 CPU 内存  也称为资源隔离

https://pan.baidu.com/s/1o9bLmmY 脚本链接

docker run -itd --privileged --cpuset-cpus=${CPU1}-${CPU2} -m ${MEM}m --net=none --name=$NAME $IMAGES /bin/bash

[root@localhost ~]# docker run -itd --cpuset-cpus=0-1 -m 512m centos68 /bin/bash # 0-0 分配 1 个CPU;0-1 分配 2 个CPU
34ab34a31a93b438f4a80260362f1712563404f624b8390583ceeb911fe21f10
[root@localhost ~]# docker stats 5900990140a5 # 查看容器状态使用情况实时
[root@localhost ~]# docker stats 5900990140a5 --no-stream # 查看容器状态使用情况直接打印出来
[root@localhost ~]# docker stats 5900990140a5 --no-stream | awk '{print $2}' # 统计 CPU 的值
[root@localhost ~]# git clone https://github.com/jpetazzo/pipework # 安装 pipework 工具
正克隆到 'pipework'...
remote: Counting objects: 501, done.
remote: Total 501 (delta 0), reused 0 (delta 0), pack-reused 501
接收对象中: 100% (501/501), 172.97 KiB | 7.00 KiB/s, done.
处理 delta 中: 100% (264/264), done.
[root@localhost ~]# ls
anaconda-ks.cfg docker_vmlist_2250.csv docker_vmlist.csv pipework
[root@localhost ~]# cp ~/pipework/pipework /usr/local/bin/
[root@localhost ~]# sh auto_pipework_new_jf_nginx.sh 1 1 # 创建 1 核 1 G 内存的容器
[root@localhost ~]# ll docker_vmlist* # 记录自动化脚本创建的容器配置,下载后使用 excel 打开
docker_vmlist_2302.csv docker_vmlist.csv 
[root@localhost ~]#

Docker 虚拟机网络模式   —- Host 模式

[root@localhost ~]# docker run -itd --net=host --name=jfedu_001 centos68 /bin/bash
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b82af9bb0755 centos68 "/bin/bash" 22 minutes ago Up 21 minutes jfedu_001
[root@localhost ~]# docker exec -it b82af9bb0755 /bin/bash
bash-4.1# vim /etc/ssh/sshd_config # 修改容器的 sshd 端口,不修改会和主机 22 端口冲突
Port 2222
bash-4.1# service sshd start
-bash-4.1# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name 
tcp 0 0 0.0.0.0:2222 0.0.0.0:* LISTEN 49/sshd 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - 
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN - 
tcp 0 0 :::2222 :::* LISTEN 49/sshd 
tcp 0 0 :::22 :::* LISTEN - 
tcp 0 0 ::1:25 :::* LISTEN - 
bash-4.1# ssh -p 2222 -l root 192.168.1.1
-bash-4.1# /etc/init.d/httpd start # 启动 docker 容器的apache 需要关闭主机的防火墙或者指定防火墙规则
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
 [ OK ]
[root@localhost ~]# firewall-cmd --add-port 80/tcp # 打开主机防火墙的 80/tcp 端口,浏览器可以访问 Apache
success
[root@localhost ~]# firewall-cmd --add-port 2222/tcp # 打开主机防火墙的 2222/tcp 端口,使容器可以通过外部工具连接
success
[root@localhost ~]#

Docker 虚拟机网络模式   —- 配置静态 ip

[root@localhost ~]# docker run -itd --name=jf1 --privileged centos68 /bin/bash # 使用默认方式运行一个容器 + 超级权限
b54aeb57b1cbb14cc55be97c12c89c2bf2d52b9b0172904b81001c680b14a05f
[root@localhost ~]# docker run -itd --name=jf2 --privileged centos68 /bin/bash
90ad051e1328d45476c4ae5f65244a08df97dda9c6266f3dc63247047e28f11a
[root@localhost ~]# docker run -itd --name=jf3 --privileged centos68 /bin/bash
ae6d9572cccf046312b0757d661243627ea3c7ea370083626aefdcdebe23904d
[root@localhost ~]# for i in `docker ps -aq`;do docker inspect $i | grep -i ipadd;done # 批量查看容器ip
 "SecondaryIPAddresses": null,
 "IPAddress": "192.168.1.4",
 "IPAddress": "192.168.1.4",
 "SecondaryIPAddresses": null,
 "IPAddress": "192.168.1.3",
 "IPAddress": "192.168.1.3",
 "SecondaryIPAddresses": null,
 "IPAddress": "192.168.1.2",
 "IPAddress": "192.168.1.2",
[root@localhost ~]# for i in `docker ps -aq`;do docker inspect $i | grep -i ipadd | tail -1;done # 批量查看容器ip
 "IPAddress": "192.168.1.4",
 "IPAddress": "192.168.1.3",
 "IPAddress": "192.168.1.2",
[root@localhost ~]# for i in `docker ps -aq`;do echo $i;docker inspect $i | grep -i ipadd | tail -1;done # 批量查看容器ip
ae6d9572cccf
 "IPAddress": "192.168.1.4",
90ad051e1328
 "IPAddress": "192.168.1.3",
b54aeb57b1cb
 "IPAddress": "192.168.1.2",
[root@localhost ~]# docker exec b54aeb57b1cb ifconfig eth0 # 查看单个容器ip
eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:02  
          inet addr:192.168.1.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:c0ff:fea8:102/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1062 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:86923 (84.8 KiB)  TX bytes:992 (992.0 b)
[root@localhost ~]# docker stop jf1
jf1
[root@localhost ~]# docker stop jf2
jf2
[root@localhost ~]# docker stop jf3
jf3
[root@localhost ~]# docker start jf3
jf3
[root@localhost ~]# docker exec jf3 ifconfig eth0 # 当前容器重启后 ip 会改变
eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:02  
          inet addr:192.168.1.2  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::42:c0ff:fea8:102/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:22 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1808 (1.7 KiB)  TX bytes:648 (648.0 b)
[root@localhost ~]# docker exec -it jf3 /bin/bash
bash-4.1# cd /etc/sysconfig/network-scripts/
bash-4.1# vim ifcfg-eth0 # 修改容器 ip ,添加文件 ifcfg-eth0
bash-4.1# cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Ethernet
IPADDR=192.168.1.4
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
USERCTL=no
bash-4.1# hostname www-jfedu-net-vm # 修改主机名
bash-4.1# cp /etc/skel/.bash* /root/
bash-4.1# su
[root@www-jfedu-net-vm network-scripts]# cd
[root@www-jfedu-net-vm ~]# vim /etc/sysconfig/network # 编辑网络文件
NETWORKING=yes
HOSTNAME=www-jfedu-net-vm
[root@www-jfedu-net-vm ~]# /etc/init.d/network restart # 重启网络
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: Determining if ip address 192.168.1.4 is already in use for device eth0...
 [ OK ]
[root@www-jfedu-net-vm ~]# ifconfig | grep 192
 inet addr:192.168.1.4 Bcast:192.168.1.255 Mask:255.255.255.0
# 但是重启 docker 容器后,ip 会改变
一、重启 docker后,重启网络
[root@localhost ~]# docker exec jf3 /etc/init.d/network restart
二、创建 docker 时,不指定网络,使用 pipework 配置网络。重启 docker,ip 会丢失,需要启动时再配置一个ip
[root@localhost ~]# docker run -itd --name=jf4 --net=none --privileged centos68 /bin/bash
[root@localhost ~]# pipework br0 jf4 192.168.1.188/24@191.168.1.1
[root@localhost ~]# docker exec jf4 ifconfig eth1
eth1      Link encap:Ethernet  HWaddr 5E:DA:70:91:9F:B7  
          inet addr:192.168.1.188  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::5cda:70ff:fe91:9fb7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:914 (914.0 b)  TX bytes:690 (690.0 b)

[root@localhost ~]# docker exec jf4 /etc/init.d/sshd restart
Stopping sshd: [FAILED]
Starting sshd: [ OK ]
[root@localhost ~]# docker exec jf4 netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 
tcp 0 0 :::22 :::* LISTEN 
[root@localhost ~]# ssh -l root 192.168.1.188
-bash-4.1# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.071 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.081 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.100 ms
^C
--- 192.168.1.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2496ms
rtt min/avg/max/mdev = 0.071/0.084/0.100/0.012 ms
-bash-4.1# ping www.baidu.com
PING www.a.shifen.com (111.13.100.91) 56(84) bytes of data.
64 bytes from 111.13.100.91: icmp_seq=1 ttl=52 time=20.7 ms
From 192.168.1.1 icmp_seq=2 Redirect HostFrom 192.168.1.1: icmp_seq=2 Redirect Host(New nexthop: 192.168.1.254)
64 bytes from 111.13.100.91: icmp_seq=2 ttl=52 time=20.6 ms
64 bytes from 111.13.100.91: icmp_seq=3 ttl=52 time=32.0 ms
64 bytes from 111.13.100.91: icmp_seq=4 ttl=52 time=19.6 ms

Docker 磁盘扩容

[root@localhost src]# fdisk -l # 查看 docker 容量 默认是10G
...
磁盘 /dev/mapper/docker-253:0-378-pool:107.4 GB, 107374182400 字节,209715200 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节


磁盘 /dev/mapper/docker-253:0-378-e5f3a1d16ce39180dfa2aa05411ffa371b8c6bef0ea9f8bae904e2b16fe15868:10.7 GB, 10737418240 字节,20971520 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节


磁盘 /dev/mapper/docker-253:0-378-877a88ef9da3b7adf3a2b03532773932d8b842b0f22c5b177f75b627d7d788de:10.7 GB, 10737418240 字节,20971520 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节


[root@localhost ~]# cd /etc/sysconfig/
[root@localhost sysconfig]# vim docker
docker docker-network docker-storage docker-storage-setup 
[root@localhost sysconfig]# vim docker-storage
...
DOCKER_STORAGE_OPTIONS="--storage-opt dm.basesize=20G"

# Docker 空间初始化目录
[root@localhost metadata]# cd /var/lib/docker/devicemapper/metadata # 这里面的文件,已经把 docker 的容量定死,直接修改参数,不起作用
[root@localhost metadata]# ll
总用量 24
-rw-------. 1 root root 88 1月 31 22:39 base
-rw-------. 1 root root 89 1月 31 22:40 c7c3ba4ccacc36c0710ceaad88114731d8516020b6cfb6093f4d2735318b1fc0
-rw-------. 1 root root 105 1月 31 22:39 deviceset-metadata
-rw-------. 1 root root 90 2月 1 12:42 df826166fdb097db0e6836be615c489c741e2777f2f613d88200d32e73d4529c
-rw-------. 1 root root 90 2月 1 12:42 df826166fdb097db0e6836be615c489c741e2777f2f613d88200d32e73d4529c-init
-rw-------. 1 root root 121 2月 1 12:42 transaction-metadata
[root@localhost docker]# cd /var/lib/docker
[root@localhost docker]# ls
containers devicemapper image network swarm tmp trust volumes
[root@localhost docker]# service docker stop
Redirecting to /bin/systemctl stop docker.service
[root@localhost docker]# rm -rf *
[root@localhost docker]# service docker start
Redirecting to /bin/systemctl start docker.service
[root@localhost src]# ls
auto_pipework_new_jf_nginx.sh centos6_8.tar ifcfg-ens32.bak ifcfg-ens32.bak1
[root@localhost src]# cat centos6_8.tar | docker import - centos68
sha256:269fdac3a0a5a309ac7f2c4642646eb35bc13c0ef70adca71d99fb618e545210
[root@localhost src]# docker run -itd centos68 /bin/bash
c7b71d0a195ae445975f4e6db574ee782775568ca46566667424e85b769f8f47
[root@localhost src]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c7b71d0a195a centos68 "/bin/bash" 59 seconds ago Up 58 seconds sleepy_saha
[root@localhost src]# fdisk -l
磁盘 /dev/mapper/docker-253:0-36782485-c23d6e9654dd823d6a085b85b7c5f165ba273aa2cc248f4b5a6aa858fe66e2d7:21.5 GB, 21474836480 字节,41943040 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):65536 字节 / 65536 字节

[root@localhost src]#

Docker 磁盘扩容 挂载本地目录  优点:1、可以作为数据的持久化;2、作为数据共享(多个虚拟机访问物理机的同一数据)

[root@localhost ~]# mkdir -p /data/20180118
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c7b71d0a195a centos68 "/bin/bash" 10 minutes ago Up 10 minutes sleepy_saha
[root@localhost ~]# docker run -itd --privileged -v /data/20180118/:/data/ centos68 /bin/bash
937c0d091c8093119f18949938d8d608b2feb9d9c6f090376c91f8d4f14eee55
[root@localhost ~]# cd /data/20180118/
[root@localhost 20180118]# touch jfedu.txt
[root@localhost 20180118]# docker ps 
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
681222ce632d centos68 "/bin/bash" 32 seconds ago Up 31 seconds stupefied_knuth
c7b71d0a195a centos68 "/bin/bash" 20 minutes ago Up 20 minutes sleepy_saha
[root@localhost 20180118]# docker exec -it 681222ce632d /bin/bash
bash-4.1# cd /data/
bash-4.1# ls
jfedu.txt
bash-4.1# mkdir www.01wneo.xin
bash-4.1# ls
jfedu.txt www.01wneo.xin
bash-4.1# exit
exit
[root@localhost 20180118]# docker stop 681222ce632d # 停止 docker 后,在 docker中创建的文件依然可以看见
681222ce632d
[root@localhost 20180118]# ls
jfedu.txt www.01wneo.xin
[root@localhost 20180118]#

Docker DockerFile 的使用

[root@localhost ~]# cd /data/
[root@localhost data]# mkdir docker
[root@localhost data]# cd docker/
[root@localhost docker]# ls
[root@localhost docker]# vim DockerFile
# 设置基本的镜像,后续命令都以这个镜像为基础
FROM centos68:latest
# 作者信息
MAINTAINER JFEDU.NET
# RUN命令会在上面指定的镜像里执行任何命令
# RUN yum install passwd openssl openssh-server -y
RUN echo 'root' | passwd --stdin root
# RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' # 密钥
# RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' # 会话的限制
# RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd # 会话的限制
# RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh # 创建目录
RUN yum install wget -y
RUN mkdir -p /root/nginx
RUN cd /root/nginx;wget -c http://nginx.org/download/nginx-1.12.2.tar.gz
# 暴露ssh端口22
EXPOSE 22
# 设定运行镜像时的默认命令:输出ip,并以daemon方式启动sshd
CMD ip addr ls br0 | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+';/usr/sbin/sshd -D
[root@localhost docker]# ip addr ls br0 | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+';
192.168.1.1
[root@localhost docker]# docker ps -aq | xargs docker rm -f
c7b71d0a195a
[root@localhost docker]# clear
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker]# clear
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos68 latest b69741841e36 35 seconds ago 643.5 MB
docker.io/centos latest ff426288ea90 3 weeks ago 207.2 MB
docker.io/google/cadvisor latest 75f88e3ec333 8 weeks ago 62.18 MB
[root@localhost docker]# cat DockerFile
# 设置基本的镜像,后续命令都以这个镜像为基础
FROM centos68:latest
# 作者信息
MAINTAINER JFEDU.NET
# RUN命令会在上面指定的镜像里执行任何命令
# RUN yum install passwd openssl openssh-server -y
RUN echo 'root' | passwd --stdin root
# RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' # 密钥
# RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' # 会话的限制
# RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd # 会话的限制
# RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh # 创建目录
RUN yum install wget -y
RUN mkdir -p /root/nginx
RUN cd /root/nginx;wget -c http://nginx.org/download/nginx-1.12.2.tar.gz
# 暴露ssh端口22
EXPOSE 22
# 设定运行镜像时的默认命令:输出ip,并以daemon方式启动sshd
CMD ip addr ls br0 | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+';/usr/sbin/sshd -D
[root@localhost docker]# docker build -t centos68:ssh - < DockerFile 
Sending build context to Docker daemon  2.56 kB
Step 1 : FROM centos:latest
 ---> ff426288ea90
Step 2 : MAINTAINER JFEDU.NET
 ---> Running in d2cd4d65bb97
 ---> 4e44dd868502
Removing intermediate container d2cd4d65bb97
Step 3 : RUN echo 'root' | passwd --stdin root
 ---> Running in df0869f63b2a
Changing password for user root.
passwd: all authentication tokens updated successfully.
 ---> b210101605cf
Removing intermediate container df0869f63b2a
Step 4 : RUN yum install wget -y
 ---> Running in b3963c1c928d
Loaded plugins: fastestmirror, ovl
http://ftp.sjtu.edu.cn/centos/7.4.1708/os/x86_64/repodata/repomd.xml: [Errno 14] curl#7 - "Failed to connect to 2001:da8:8000:6023::230: Network is unreachable"
Trying other mirror.
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.nju.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-15.el7_4.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package       Arch            Version                   Repository        Size
================================================================================
Installing:
 wget          x86_64          1.14-15.el7_4.1           updates          547 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 547 k
Installed size: 2.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/updates/packages/wget-1.14-15.el7_4.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for wget-1.14-15.el7_4.1.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 Package    : centos-release-7-4.1708.el7.centos.x86_64 (@CentOS)
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : wget-1.14-15.el7_4.1.x86_64                                  1/1 
install-info: No such file or directory for /usr/share/info/wget.info.gz
  Verifying  : wget-1.14-15.el7_4.1.x86_64                                  1/1 

Installed:
  wget.x86_64 0:1.14-15.el7_4.1                                                 

Complete!
 ---> e799d16aea91
Removing intermediate container b3963c1c928d
Step 5 : RUN mkdir -p /root/nginx
 ---> Running in 834947c34334
 ---> 00aadb73fbf2
Removing intermediate container 834947c34334
Step 6 : RUN cd /root/nginx;wget -c http://nginx.org/download/nginx-1.12.2.tar.gz
 ---> Running in 14bc8fe99e11
--2018-02-02 07:37:45--  http://nginx.org/download/nginx-1.12.2.tar.gz
Resolving nginx.org (nginx.org)... 206.251.255.63, 95.211.80.227, 2606:7100:1:69::3f, ...
Connecting to nginx.org (nginx.org)|206.251.255.63|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 981687 (959K) [application/octet-stream]
Saving to: 'nginx-1.12.2.tar.gz'

     0K .......... .......... .......... .......... ..........  5% 20.2K 45s
    50K .......... .......... .......... .......... .......... 10% 38.5K 32s
   100K .......... .......... .......... .......... .......... 15% 29.0K 30s
   150K .......... .......... .......... .......... .......... 20% 14.5K 34s
   200K .......... .......... .......... .......... .......... 26% 11.2K 38s
   250K .......... .......... .......... .......... .......... 31% 21.1K 35s
   300K .......... .......... .......... .......... .......... 36% 55.0K 29s
   350K .......... .......... .......... .......... .......... 41% 57.5K 25s
   400K .......... .......... .......... .......... .......... 46% 63.5K 21s
   450K .......... .......... .......... .......... .......... 52% 76.6K 17s
   500K .......... .......... .......... .......... .......... 57% 25.3K 16s
   550K .......... .......... .......... .......... .......... 62% 14.0K 15s
   600K .......... .......... .......... .......... .......... 67% 36.8K 12s
   650K .......... .......... .......... .......... .......... 73% 53.6K 10s
   700K .......... .......... .......... .......... .......... 78% 54.9K 8s
   750K .......... .......... .......... .......... .......... 83% 30.5K 6s
   800K .......... .......... .......... .......... .......... 88% 43.6K 4s
   850K .......... .......... .......... .......... .......... 93% 56.6K 2s
   900K .......... .......... .......... .......... .......... 99% 44.2K 0s
   950K ........                                              100% 1.17M=33s

  18-02-02 07:38:19 (29.4 KB/s) - 'nginx-1.12.2.tar.gz' saved [981687/981687]
▽
 ---> d02738a28eb3
Removing intermediate container 14bc8fe99e11
Step 7 : EXPOSE 22
 ---> Running in c99cf43efeb8
 ---> 0040d69e9742
Removing intermediate container c99cf43efeb8
Step 8 : CMD ip addr ls br0 | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+';/usr/sbin/sshd -D
 ---> Running in 069c71c79907
 ---> 6d0856ab47b0
Removing intermediate container 069c71c79907
Successfully built 6d0856ab47b0
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos68 ssh aa5a446c8f42 46 seconds ago 725.3 MB
centos68 latest b69741841e36 3 minutes ago 643.5 MB
docker.io/centos latest ff426288ea90 3 weeks ago 207.2 MB
docker.io/google/cadvisor latest 75f88e3ec333 8 weeks ago 62.18 MB
[root@localhost docker]# docker run -itd centos68:ssh
a4cd06bf6477aa17e6dfb75616f5bb21ff16684a7581087335d098f29faa6360
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f8df7c178b2e centos68:ssh "/bin/sh -c 'ip addr " About a minute ago Up About a minute 22/tcp compassionate_stonebraker
[root@localhost docker]# docker inspect f8df7c178b2e | grep -i ipa
 "SecondaryIPAddresses": null,
 "IPAddress": "192.168.1.2",
 "IPAMConfig": null,
 "IPAddress": "192.168.1.2",
[root@localhost docker]# ssh -l root 192.168.1.2
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
RSA key fingerprint is 0e:10:19:9a:02:64:02:9b:bf:74:4a:91:0e:97:7c:d0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.2' (RSA) to the list of known hosts.
root@192.168.1.2's password: 
Last login: Fri Feb 2 16:45:15 2018 from 192.168.1.100
-bash-4.1# ls
jfedu.net nginx nginx-1.10.2.tar.gz readme.txt
-bash-4.1# cd nginx
-bash-4.1# ls
nginx-1.12.2.tar.gz
-bash-4.1# du -sh nginx-1.12.2.tar.gz
960K nginx-1.12.2.tar.gz
[root@localhost docker]# cp DockerFile /root/
[root@localhost docker]# cd
[root@localhost ~]# ll
总用量 653360
-rw-------. 1 root root 1245 1月 26 17:46 anaconda-ks.cfg
-rw-r--r--. 1 root root 0 2月 2 12:38 centos68_new_save.tar
-rw-r--r--. 1 root root 669024256 2月 1 18:25 centos68_new.tar
-rw-r--r--. 1 root root 946 2月 2 16:55 DockerFile
-rw-r--r--. 1 root root 211 1月 26 23:02 docker_vmlist_2302.csv
-rw-r--r--. 1 root root 233 1月 26 23:02 docker_vmlist.csv
drwxr-xr-x. 4 root root 145 1月 26 22:54 pipework
[root@localhost ~]# vim DockerFile # DockerFile 生成 docker 镜像,包含 lnmp
# RUN yum install passwd openssl openssh-server -y
# RUN ssh-keygen -q -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N '' # 密钥
# RUN ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' # 会话的限制
# RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd # 会话的限制
# RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh # 创建目录
RUN yum install wget -y
# 设置基本的镜像,后续命令都以这个镜像为基础
FROM centos68:latest
# 作者信息
MAINTAINER JFEDU.NET
# RUN命令会在上面指定的镜像里执行任何命令
RUN echo 'root' | passwd --stdin root
RUN mkdir -p /root/nginx
RUN yum install httpd httpd-devel php php-devel php-mysql mysql-server mysql mysql-devel -y
RUN cd /root/;tar -xzf nginx-1.10.2.tar.gz;cd nginx-1.10.2;./configure --prefix=/usr/local/nginx;make;make install
# 暴露ssh端口22
EXPOSE 22
# 设定运行镜像时的默认命令:输出ip,并以daemon方式启动sshd
CMD ip addr ls br0 | awk '{print $2}' | egrep -o '([0-9]+\.){3}[0-9]+';/usr/sbin/sshd -D
[root@localhost ~]#

 

 

发表评论

zh_CNChinese
zh_CNChinese