Appreciate life and record it

Docker

 1332  3    
Docker

Docker

安装

https://docs.docker.com/engine/install/debian/

1
2
3
4
5

liuliancao@liuliancao:~/nomad$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
liuliancao@liuliancao:~/nomad$ echo   "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
liuliancao@liuliancao:~/nomad$ sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io -y

docker三大要素

容器 (Container):镜像的运行时 镜像 (Image): 静态的文件 仓库 (Registry): 放镜像的仓库

镜像

操作系统镜像 ubuntu, debian, centos, alpine

镜像拉取 

1

docker pull nginx:alpine

运行容器 

1
2
3
4
5

root@master1:~# docker run --name liuliancao-nginx-alpine -d nginx:alpine 
2037c29cbaf0cee76922b46b24133c807dcea5250d670f019e5d39bae2e6c082
root@master1:~# docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS     NAMES
2037c29cbaf0   nginx:alpine   "/docker-entrypoint.…"   10 seconds ago   Up 10 seconds   80/tcp    liuliancao-nginx-alpine

容器执行命令

docker exec -it 容器名字 COMMAND

1
2
3
4
5
6
7
8

root@master1:~# docker exec -it  liuliancao-nginx-alpine "ls"
bin                   media                 srv
dev                   mnt                   sys
docker-entrypoint.d   opt                   tmp
docker-entrypoint.sh  proc                  usr
etc                   root                  var
home                  run
lib                   sbin

进入容器

docker exec -it 名字 /bin/sh

1
2

root@master1:~# docker exec -it  liuliancao-nginx-alpine /bin/sh
/ #

docker attach

编写docker file

官方文档build

1
2
3
4
5
6

root@master1:~/test# cat Dockerfile 
# syntax=docker/dockerfile:1
FROM debian
COPY sources.list /etc/apt/
RUN apt-get update && apt-get install nginx -y
CMD ["/usr/sbin/nginx","-g","daemon off;"]

构建本地镜像 

1
2
3

docker help build
Usage:  docker build [OPTIONS] PATH | URL | -
docker build . -t my-nginx:v1 -f Dockerfile

从本地镜像创建并测试 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

建议刚开始不要加-d参数,并且注意-d不要放后面


root@master1:~/test# docker run --name liuliancao-nginx-custom  -p 8081:80 -d my-nginx:v1 
e0259d158af2e7a919f6b0456f5b3eb37d1f423f2946da63cc84398b52e2ff8e
root@master1:~/test# curl localhost:8081
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

导出导入镜像 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

  docker help save

  docker root@master1:~/flask#
  
docker help save

  Usage:  docker save [OPTIONS] IMAGE [IMAGE...]

  Save one or more images to a tar archive (streamed to STDOUT by default)

  Options:
    -o, --output string   Write to a file, instead of STDOUT


docker save -o xxx.tar repository:tag


docker help load

root@master1:~/flask# docker help load

Usage:  docker load [OPTIONS]

Load an image from a tar archive or STDIN

Options:
  -i, --input string   Read from tar archive file, instead of STDIN
  -q, --quiet          Suppress the load output

docker load -i xxx.tar

查看镜像变更历史 

1
2
3
4
5
6
7
8

root@master1:~/flask# docker history my-nginx:v1 
IMAGE          CREATED          CREATED BY                                      SIZE      COMMENT
21e7e9a304bd   16 minutes ago   /bin/sh -c #(nop)  CMD ["/usr/sbin/nginx" "-…   0B        
f82ab96e75f8   16 minutes ago   /bin/sh -c #(nop)  EXPOSE 80                    0B        
ab9665e39fe9   15 hours ago     /bin/sh -c apt-get update && apt-get install…   105MB     
ac3c017c13b7   15 hours ago     /bin/sh -c #(nop) COPY file:6e964609d9d66af9…   412B      
6f4986d78878   11 months ago    /bin/sh -c #(nop)  CMD ["bash"]                 0B        
<missing>      11 months ago    /bin/sh -c #(nop) ADD file:c03517c5ddbed4053…   124MB

镜像仓库搭建

建议参考文档https://docs.docker.com/registry/

创建registry 5000后端 

1

docker run -d   -p 5000:5000   --restart=always   --name registry   -v /mnt/registry:/var/lib/registry   registry:2

申请证书

我这个是let's encrypt的,注意nginx要配置一个server_name

1

certbot run -d registry.liuliancao.com

本地打下tag 

1

root@master1:~# docker image tag hello-world:v1 registry.liuliancao.com/hello-world

推送到registry

可能报413, nginx配置添加下client_max_body_size 200m即可。

1
2
3
4
5
6
7
8
9

root@master1:~# docker push registry.liuliancao.com/hello-world
Using default tag: latest
The push refers to repository [registry.liuliancao.com/hello-world]
fdc315e7c792: Pushed 
ae878b880a73: Pushing [==================================================>]  4.666MB/4.666MB
5da34e066cb5: Preparing 
d61eb9f01119: Pushing [==================================================>]  3.072kB
11936051f93b: Pushing [>                                                  ]  525.3kB/123.9MB
error parsing HTTP 413 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body>\r\n<center><h1>413 Request Entity Too Large</h1></center>\r\n<hr><center>nginx/1.18.0</center>\r\n</body>\r\n</html>\r\n"
1
2
3
4
5
6
7
8
9

root@master1:~# docker push registry.liuliancao.com/hello-world
Using default tag: latest
The push refers to repository [registry.liuliancao.com/hello-world]
fdc315e7c792: Layer already exists 
ae878b880a73: Pushed 
5da34e066cb5: Pushed 
d61eb9f01119: Layer already exists 
11936051f93b: Pushed 
latest: digest: sha256:0e8d7d7cfa0d1a37f6757019c6d81583842cbbea66d8039a81794cb843eee55e size: 1367

从registry拉取 

1
2
3
4
5
6

root@master1:~# docker pull registry.liuliancao.com/hello-world
Using default tag: latest
latest: Pulling from hello-world
Digest: sha256:0e8d7d7cfa0d1a37f6757019c6d81583842cbbea66d8039a81794cb843eee55e
Status: Image is up to date for registry.liuliancao.com/hello-world:latest
registry.liuliancao.com/hello-world:latest

删除镜像 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

docker help rmi
root@slave1:~# docker help rmi

Usage:  docker rmi [OPTIONS] IMAGE [IMAGE...]

Remove one or more images

Options:
  -f, --force      Force removal of the image
      --no-prune   Do not delete untagged parents

启动容器

docker help run

指定名字

–name

端口映射

-p 宿主机端口:容器端口

指定内存

–memory

指定cpu个数

–cpus NUMBER

指定主机名

–hostname HOSTNAME

添加环境变量

–env list

自动启动

–restart always

daemon形式启动不交互

-d

挂载容器目录

-v 宿主机目录:容器目录

主机和容器之间copy数据

双向的

1
2
3
4

root@master1:~# echo "hello,world!" > hello.txt
root@master1:~# docker cp hello.txt registry:/tmp/
root@master1:~# docker exec registry cat /tmp/hello.txt
hello,world!

compose

https://docs.docker.com/compose/ https://docs.docker.com/compose/install/other/

1

curl -SL https://github.com/docker/compose/releases/download/v2.15.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

docker compose销毁 

1
2

docker-compose -f xxx.yml stop
docker-compose -f xx.yml rm -v

参考文档