2024年8月22日

docker

[root@localhost ~]# cat << EOF | tee /etc/modules-load.d/k8s.conf

> overlay

> br_netfilter

> EOF

overlay

br_netfilter

[root@localhost ~]# modprobe overlay

[root@localhost ~]# modprobe br_netfilter

[root@localhost ~]#  cat << EOF | tee /etc/sysctl.d/k8s.conf

> net.bridge.bridge-nf-call-iptables = 1

> net.bridge.bridge-nf-call-ip6tables = 1

> net.ipv4.ip_forward = 1

> EOF

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-ip6tables = 1

net.ipv4.ip_forward = 1

[root@localhost ~]# sysctl --system

[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

[root@localhost ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

[root@localhost ~]# yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y

[root@localhost ~]# systemctl start docker            //启动服务

[root@localhost ~]# docker images                //查看现有镜像

REPOSITORY   TAG       IMAGE ID   CREATED   SIZE

[root@localhost ~]# docker search 镜像名         //搜索镜像

[root@localhost ~]# docker pull centos      //下载centos镜像，默认下载最新版本，这里看到下载不下来，那就设置docker镜像站

Using default tag: latest

latest: Pulling from library/centos

a1d0c7532777: Retrying in 1 second

error pulling image configuration: download failed after attempts=6: dial tcp 108.160.169.175:443: connect: connection refused

[root@localhost ~]# vim /etc/docker/daemon.json                              //配置docker镜像站

{

    "registry-mirrors": [

        "https://do.nark.eu.org",

        "https://dc.j8.work",

        "https://docker.m.daocloud.io",

        "https://dockerproxy.com",

        "https://docker.mirrors.ustc.edu.cn",

        "https://docker.nju.edu.cn"

    ]

}

[root@localhost ~]# systemctl restart docker                   //重启

[root@localhost ~]# docker search centos

[root@localhost ~]# docker pull centos

[root@localhost ~]# docker images                             //现在已经能查到centos镜像了

REPOSITORY   TAG       IMAGE ID       CREATED       SIZE

centos       latest    5d0da3dc9764   2 years ago   231MB

[root@localhost ~]# docker run -i -t --name=c0 centos:latest /bin/bash

[root@207ca7680ecc ~]# rm -rf /etc/yum.repos.d/*

[root@207ca7680ecc ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo

[root@207ca7680ecc ~]# yum clean all && yum makecache

[root@207ca7680ecc ~]# yum -y install httpd

[root@207ca7680ecc ~]# httpd -k start

[root@207ca7680ecc ~]# vim /usr/share/httpd/noindex/index.html

i am tdr

[root@207ca7680ecc ~]# curl localhost

i am tdr

打开另一台本机终端（终端2）

[root@localhost ~]# ps -aux | grep docker

root       4822  0.0  6.4 1636504 60440 ?       Ssl  12:00   0:09 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

root       5144  0.0  1.7 1453432 16600 pts/1   Sl+  14:18   0:00 docker run -i -t --name=c0 centos:latest /bin/bash

root       5662  0.0  0.1 112720   964 pts/2    S+   15:03   0:00 grep --color=auto docker

回到刚才的终端退出（终端1）

[root@207ca7680ecc ~]# exit

exit

[root@localhost ~]#

再回去查看（终端2）

[root@localhost ~]# ps -aux | grep docker

root       4822  0.0  6.5 1636504 60700 ?       Ssl  12:00   0:09 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

root       5688  0.0  0.1 112720   968 pts/2    S+   15:06   0:00 grep --color=auto docker

再回到原来的终端登陆（终端1）

[root@localhost ~]# docker start c0

c0

[root@localhost ~]# docker attach c0

[root@207ca7680ecc /]#

[root@207ca7680ecc /]# httpd -k start

[root@207ca7680ecc /]# curl localhost

i am tdr

[root@207ca7680ecc /]# exit                   //退出

exit

可以使用ctrl+p+q来退出但不结束进程

远程连接

1.检查状态

[root@localhost ~]# ls -lh /var/run/docker.sock                    //查看sock套接字，

srw-rw----.  1 root   docker    0 8月  22 11:22 docker.sock

[root@localhost ~]# netstat -lnput|grep 2375                 //要允许远程连接，需要有一个服务，使用端口来体现

2.设置允许远程管理

1）停用docker服务

[root@localhost ~]# systemctl stop docker

2）修改daemon.json文件

[root@localhost ~]# vim /etc/docker/daemon.json

{

    "registry-mirrors": [

        "https://do.nark.eu.org",

        "https://dc.j8.work",

        "https://docker.m.daocloud.io",

        "https://dockerproxy.com",

        "https://docker.mirrors.ustc.edu.cn",

        "https://docker.nju.edu.cn"

    ],

        "hosts": [

                "tcp://0.0.0.0:2375",

                "unix:///var/run/docker.sock"

        ]

}

3）修改docker配置文件

[root@localhost ~]# vim /usr/lib/systemd/system/docker.service

4）加载daemon.json文件

[root@localhost ~]# systemctl daemon-reload

5）启动服务

[root@localhost ~]# systemctl start docker

6）检查端口以及套接字文件

[root@localhost ~]# netstat -lnput|grep 2375

tcp6       0      0 :::2375                 :::*                    LISTEN      6450/dockerd  

[root@localhost ~]# ls -lh /var/run/docker.sock

srw-rw----. 1 root docker 0 8月  22 16:10 /var/run/docker.sock

3.使用远程连接管理docker

[root@localhost ~]# docker -H192.168.1.76 images                           //远程连接

REPOSITORY   TAG       IMAGE ID       CREATED       SIZE

centos       latest    5d0da3dc9764   2 years ago   231MB