docker入门使用

1. docker安装

1.1 官网地址

https://docs.docker.com/install/linux/docker-ce/centos/

1.2 安装linux虚拟机

自己准备好两台可以 通讯的linux主机，建议使用虚拟机，具体安装，见我其他文章
vagrant+virtualBox新建centos7虚拟机

1.3 具体安装

01 进入centos7
	
02 卸载之前的docker
	sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine
                  
03 安装必要的依赖
	sudo yum install -y yum-utils \
    device-mapper-persistent-data \
    lvm2
04 设置docker仓库  
	sudo yum-config-manager \
      --add-repo \
      https://download.docker.com/linux/centos/docker-ce.repo
      
05 安装docker
	sudo yum install -y docker-ce docker-ce-cli containerd.io
	
06 启动docker
	sudo systemctl start docker
07 设置开机启动
	sudo systemctl enable docker
08 测试docker安装是否成功
	sudo docker run hello-world

• 镜像加速器：进入阿里云官网–>搜索‘容器镜像仓库’–>点击‘开通服务’–>进入镜像服务–>镜像工具–>镜像加速 【https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors】

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://***"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

2. 基础命令

docker --help

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default
                           "/root/.docker")
  -c, --context string     Name of the context to use to connect to the
                           daemon (overrides DOCKER_HOST env var and
                           default context set with "docker context use")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level
                           ("debug"|"info"|"warn"|"error"|"fatal")
                           (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default
                           "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default
                           "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default
                           "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  app*        Docker App (Docker Inc., v0.9.1-beta3)
  builder     Manage builds
  buildx*     Docker Buildx (Docker Inc., v0.8.2-docker)
  config      Manage Docker configs
  container   Manage containers
  context     Manage contexts
  image       Manage images
  manifest    Manage Docker image manifests and manifest lists
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  scan*       Docker Scan (Docker Inc., v0.17.0)
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

常用命令说明：

命令	说明
docker pull	拉取镜像，没有指定版本，则默认使用最近版本：docker pull tomcat:8
docker images	查看所有本地已经下载的docker镜像
docker rmi	移除镜像：docker rmi -f hello-world ; docker rmi -f tomcat:7
docker run -d --name my-tomcat -p 9090:8080 tomcat:8	运行容器，-d=后台运行 --name 容器名称 -p 宿主机端口:容器内部端口 镜像名称:镜像版本号
docker ps	查看运行的容器
docker exec -it containerid bash	-it 交互式查看指定的容器 ；/bin/bash bash 使用容器内部bash名称交互
docker logs -f containerid	在宿主机中查看容器的日志
docker rm -f $(docker ps -aq)	删除所有在运行的所有容器
docker rmi -f $(docker images -aq)	删除所有的image，如果有对应的容器在运行，需要先删除容器

3. pull镜像源

3.1 镜像制作

进入gitHub官网，搜索docker-library
https://github.com/docker-library/mysql 查看对应的dockerfile

#
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh"
#
# PLEASE DO NOT EDIT IT DIRECTLY.
#

FROM debian:buster-slim

# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql

RUN apt-get update && apt-get install -y --no-install-recommends gnupg dirmngr && rm -rf /var/lib/apt/lists/*

# add gosu for easy step-down from root
# https://github.com/tianon/gosu/releases
ENV GOSU_VERSION 1.14
RUN set -eux; \
	savedAptMark="$(apt-mark showmanual)"; \
	apt-get update; \
	apt-get install -y --no-install-recommends ca-certificates wget; \
	rm -rf /var/lib/apt/lists/*; \
	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
	apt-mark auto '.*' > /dev/null; \
	[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
	apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
	chmod +x /usr/local/bin/gosu; \
	gosu --version; \
	gosu nobody true

RUN mkdir /docker-entrypoint-initdb.d

RUN set -eux; \
	apt-get update; \
	apt-get install -y --no-install-recommends \
		openssl \
# FATAL ERROR: please install the following Perl modules before executing /usr/local/mysql/scripts/mysql_install_db:
# File::Basename
# File::Copy
# Sys::Hostname
# Data::Dumper
		perl \
		xz-utils \
		zstd \
	; \
	rm -rf /var/lib/apt/lists/*

RUN set -eux; \
# gpg: key 3A79BD29: public key "MySQL Release Engineering <mysql-build@oss.oracle.com>" imported
	key='859BE8D7C586F538430B19C2467B942D3A79BD29'; \
	export GNUPGHOME="$(mktemp -d)"; \
	gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \
	mkdir -p /etc/apt/keyrings; \
	gpg --batch --export "$key" > /etc/apt/keyrings/mysql.gpg; \
	gpgconf --kill all; \
	rm -rf "$GNUPGHOME"

ENV MYSQL_MAJOR 5.7
ENV MYSQL_VERSION 5.7.38-1debian10

RUN echo 'deb [ signed-by=/etc/apt/keyrings/mysql.gpg ] http://repo.mysql.com/apt/debian/ buster mysql-5.7' > /etc/apt/sources.list.d/mysql.list

# the "/var/lib/mysql" stuff here is because the mysql-server postinst doesn't have an explicit way to disable the mysql_install_db codepath besides having a database already "configured" (ie, stuff in /var/lib/mysql/mysql)
# also, we set debconf keys to make APT a little quieter
RUN { \
		echo mysql-community-server mysql-community-server/data-dir select ''; \
		echo mysql-community-server mysql-community-server/root-pass password ''; \
		echo mysql-community-server mysql-community-server/re-root-pass password ''; \
		echo mysql-community-server mysql-community-server/remove-test-db select false; \
	} | debconf-set-selections \
	&& apt-get update \
	&& apt-get install -y \
		mysql-server="${MYSQL_VERSION}" \
# comment out a few problematic configuration values
	&& find /etc/mysql/ -name '*.cnf' -print0 \
		| xargs -0 grep -lZE '^(bind-address|log)' \
		| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/' \
# don't reverse lookup hostnames, they are usually another container
	&& echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf \
	&& rm -rf /var/lib/apt/lists/* \
	&& rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld \
	&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
	&& chmod 1777 /var/run/mysqld /var/lib/mysql

VOLUME /var/lib/mysql

COPY docker-entrypoint.sh /usr/local/bin/
RUN ln -s usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
ENTRYPOINT ["docker-entrypoint.sh"]

EXPOSE 3306 33060
CMD ["mysqld"]

3.2 自定义image

3.2.1 image语法

• 关键词

关键词	说明
FROM	基于镜像Layer。eg: FROM tomcat:8
RUN	在容器中执行命令。eg: RUM groupadd -r mysql && useradd -r -g mysql mysql
ENV	在容器中添加环境变量。eg:ENV GOSU_VERSION 1.7
VOLUME	给宿主机和容器映射文件。eg: /var/lib/mysql
COPY	将宿主机的文件拷贝到容器中去。eg:COPY docker-entrypoint.sh /usr/local/bin/
ADD	同COPY，但是ADD会自动给容器中的文件做解压操作，更加方便
ENTRYPOINT	期望容器创建后去执行的脚本的命令或者脚本。eg:ENTRYPOINT [“docker-entrypoint.sh”]
CMD	同ENTRYPOINT，但是用户指定的内容ENTRYPOINT不会覆盖 ，CMD会覆盖
EXPOSE	默认将容器中的端口对宿主机暴露，也就是使用宿主机的该端口（33060），就如同访问主机的某个端口（3306）。eg: EXPOSE 3306 33060
MAINTAINER	容器维护信息，展示用。eg：MAINTAINER myimage
LABEL	标签。

3.2.2 制作image实战

• 准备一个spring boot简单项目
• 打包成一个jar (demo-0.0.1-SNAPSHOT.jar)
• 根据jar制作成一个image
• 启动容器，并测试访问

1、制作jar
idea项目
mvn clean package
2、拷贝jar到宿主机 /root/package/demo-0.0.1-SNAPSHOT.jar
3、创建一个dockerfile到 /root/package/
4、在/root/package/ 下执行: docker build -t test-docker-image .
5、查看镜像:docker images
6、运行容器：docker run -d --name my-customer-container -p 9090:8080 test-docker-image
7、查看启动的容器：docker ps

dockerfile

FROM openjdk:8
MAINTAINER myimage
LABEL name="test-docker-porject" version="1.0" author="tai ji jian ao yi"
COPY demo-0.0.1-SNAPSHOT.jar demo-0.0.1.jar
CMD ["java","-jar","demo-0.0.1.jar"]

4. push镜像

4.1 基本命令

docker项目数据保存在：/var/lib/docker

docker push test-docker-image

• push到哪个地方？
  默认推送到官网：hub.docker.com
• 宿主机需要登陆到对应的网站：docker login
• 推送到对应网站，需要对image添加上新的名称，用来跟其他image做区分（使用目录层级方式）

docker tag test-docker-image mydir/test-docker-image:v1.0
docker push mydir/test-docker-image:v1.0

4.2 push到阿里云

• 到阿里云创建账户
  并开通 <容器镜像服务>
  
• 登陆阿里云仓库，并push镜像

sudo docker login --username=**** registry.cn-hangzhou.ailyuns.com
docker tag test-docker-image registry.cn-hangzhou.ailyuns.com/mydir/test-docker-image:v1.0
docker push registry.cn-hangzhou.ailyuns.com/mydir/test-docker-image:v1.0

4.3 harbor私服搭建

• 下载harbor：github中下载
• 解压文件：

tar -zxvf harbor-offline-installer-v1.7.1.tgz

修改配置文件

cd harbor
vi harbor.cfg
hostname=192.168.31.10
ui_url_protocol=http
# 文件中有一个默认的用户名 密码

• 默认使用docker-compose启动
• sh install.sh