Docker的使用-基本操作

Docker 镜像的基础管理

中央仓库
  • 官方中央仓库:hub.docker.com
  • 国内镜像仓库:
    • 网易蜂巢:c.163yun.com/hub(需要登陆)
    • daoCloud:hub.daocloud.io
  • 私服仓库:
    • 需要在/etc/docker/daemon.json;添加配置项(具体配置详解下面)
    • 重启两个服务:
    systemctl daemon-reload
    systemctl restart docker
    
获取镜像
  • 基础镜像拉取
docker search centos //搜索
docker pull centos:6.9 //从hub拉取
docker pull nginx//默认最新,可以指定版本
  • 镜像查看
[root@localhost ~]# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              2622e6cca7eb        2 weeks ago         132MB
nginx               1.15                53f3fd8007f7        13 months ago       109MB
标识镜像唯一性的方法
  1. REPOSITORY:TAG

    nginx:1.15

  2. IMAGE ID(sha256:64位号码,默认只截取12位)

    53f3fd8007f7

[root@localhost ~]# docker image ls --no-trunc
REPOSITORY          TAG                 IMAGE ID                                                                  CREATED             SIZE
nginx               latest              sha256:2622e6cca7ebbb6e310743abce3fc47335393e79171b9d76ba9d4f446ce7b163   2 weeks ago         132MB
nginx               1.15                sha256:53f3fd8007f76bd23bf663ad5f5009c8941f63828ae458cef584b5f85dc0a7bf   13 months ago       109MB
镜像详细信息查看
[root@localhost ~]# docker image inspect 2622e6cca7eb
[root@localhost ~]# docker image inspect nginx:1.15 
只查看镜像的id
[root@localhost ~]# docker image ls -q
2622e6cca7eb
53f3fd8007f7
镜像的导入和导出
[root@localhost ~]# docker image save 2622e6cca7eb >/media/nginxDocker.tar
[root@localhost ~]# docker image ls -a
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               1.15                53f3fd8007f7        13 months ago       109MB
[root@localhost ~]# docker image load -i /media/nginxDocker.tar 
13cb14c2acd3: Loading layer [==================================================>]  72.49MB/72.49MB
d4cf327d8ef5: Loading layer [==================================================>]   63.8MB/63.8MB
7c7d7f446182: Loading layer [==================================================>]  3.072kB/3.072kB
9040af41bb66: Loading layer [==================================================>]  4.096kB/4.096kB
f978b9ed3f26: Loading layer [==================================================>]  3.584kB/3.584kB
Loaded image ID: sha256:2622e6cca7ebbb6e310743abce3fc47335393e79171b9d76ba9d4f446ce7b163
[root@localhost ~]# docker image ls -a
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
<none>              <none>              2622e6cca7eb        2 weeks ago         132MB
nginx               1.15                53f3fd8007f7        13 months ago       109MB
镜像的删除
[root@localhost ~]# docker image rm 2622e6cca7eb
Untagged: nginx:latest
Untagged: nginx@sha256:21f32f6c08406306d822a0e6e8b7dc81f53f336570e852e25fbe1e3e3d0d0133
Deleted: sha256:2622e6cca7ebbb6e310743abce3fc47335393e79171b9d76ba9d4f446ce7b163
Deleted: sha256:e86d1b8b130bec203609b4b1d7b851bd763fa16e513e5a3fa6102ebea23260e0
Deleted: sha256:8f9f007533543813bb1aef80b791a16e5e16c7cbbbc456a3a483d0fa7a9effcc
Deleted: sha256:e2c0065a77fee75795cdcf9f19a72f11769332423cd52ec9e19aacfb878aec8b
Deleted: sha256:059442698ef65fe8545e4fe9657988a10329b9c3663b368ae7ee0007a9c43949
Deleted: sha256:13cb14c2acd34e45446a50af25cb05095a17624678dbafbcc9e26086547c1d74
[root@localhost ~]# docker image rm -f nginx:1.15
Untagged: nginx:1.15
Untagged: nginx@sha256:23b4dcdf0d34d4a129755fc6f52e1c6e23bb34ea011b315d87e193033bcd1b68
Deleted: sha256:53f3fd8007f76bd23bf663ad5f5009c8941f63828ae458cef584b5f85dc0a7bf
[root@localhost ~]# docker image rm  `docker image ls -q`

Docker 容器的基础管理

交互式容器
[root@localhost ~]# docker container run -it 53f3fd8007f7 //指定image来运行container
[root@localhost ~]# docker container run -it --name="demo1"  53f3fd8007f7  //指定用户名启动,不指定的话自动生成
[root@localhost ~]# docker container ls
CONTAINER ID   IMAGE       COMMAND        CREATED             STATUS              PORTS               NAMES

STATUS:容器运行状态(Exited、Up)

注意交互式容器退出时按ctrl+P,Q,才可以保证使其在后台运行,而不会在退出时直接down掉

守护式容器
[root@localhost ~]# docker container run -d --name="demo"  53f3fd8007f7
a12716c0357e84cbb63e65f835fb6afa277e1a4ae3887364b42c414219c94388
[root@localhost ~]# docker container inspect demo //查看容器详细信息
容器的应用场景

交互式容器:工具类;开发,测试,临时性任务

守护式容器:网络服务

容器的启动、关闭、连接
  1. 守护式容器的关闭和启动
[root@localhost ~]# docker container stop demo
demo
[root@localhost ~]# docker container  ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS               NAMES
a12716c0357e        53f3fd8007f7        "nginx -g 'daemon of…"   8 minutes ago       Exited (0) 5 seconds ago                        demo
[root@localhost ~]# docker container start demo
demo
[root@localhost ~]# docker container  ls -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS               NAMES
a12716c0357e        53f3fd8007f7        "nginx -g 'daemon of…"   10 minutes ago      Up 3 seconds                80/tcp              demo
  1. 交互式容器的关闭和启动
[root@localhost ~]# docker container stop demo1
[root@localhost ~]# docker container start -i demo1
  1. 容器的连接方式
[root@localhost ~]# docker container attach demo
//子进程的方式登录,在已有的工作容器中生成子进程,做登录,可以用于容器的调试,退出时也不会影响当前容器
[root@localhost ~]# docker container exec -it  demo /bin/bash  
root@a12716c0357e:/# 
  1. 容器的前台和后台运行
  1. ctrl+P,Q attach调用到前台
  1. 让程序前台一直允许(夯在前台);制作守护式容器时,常用此方法

开启个docker,打开consul的可视化web界面查看注册的服务;

[root@localhost ~]# docker run -d --name="consuldemo2" -p 8500:8500 consul agent -server -bootstrap -ui -client 0.0.0.0
a6a4898572f6ee93eb71da5002b47c863203bbf5a06a403109e86f889701f77b

-server:表示以服务端的方式开启

-bootstrap:指定自己为leader不需要经过选举

-ui:启动一个内置管理的web界面

-client 0.0.0.0:指定客户端可以访问的IP

容器的删除
[root@localhost ~]# docker container rm `docker container ls -q`  //只能删除stop的容器
Error response from daemon: You cannot remove a running container 978f4cbad5fdff9564927fd276054961e307da44f715163356c1116cfe23e5c2. Stop the container before attempting removal or force remove
Error response from daemon: You cannot remove a running container bc338f9a0b28d3bdad05017ed016495260345626b8f247fb282ee0afd0bb2560. Stop the container before attempting removal or force remove
[root@localhost ~]# docker container rm `docker container ls -qf status=exited `//删除指定状态的容器
a12716c0357e
4f4d330fdc52
daa1d08c1f63
96c397696bfc
98c782a638e9
efeb8685799d
df6e77d42b9e
9785f702c1f8
015d2bf4c9b5
c580c9e97914
容器的网络映射
  1. 指定映射(dokcker 自动添加一条iptables规则来实现端口映射)
-p hostPort:containerPort
-p ip:hostPort:containerPort
-p ip::containerPort//(随机端口:32768-60999)
-p hostPort:containerPort/udp
-p 81:80 -p 443:443 //多端口映射
  1. 随机映射
docker run -p 80
[root@localhost ~]# docker container run -d -p 8000:80 --name="test" nginx:1.14
[root@localhost ~]# docker container run -d -p 192.168.241.129:8000:80 --name="test" nginx:1.14
[root@localhost ~]# docker container run -d -p 80 --name="test" nginx:1.14
[root@localhost ~]# docker container run -d -p 192.168.241.129::80 --name="test" nginx:1.14
容器的其他管理
docker ps -a -q //=docer container ls -a -q
docker top 8e07217a381f //=docker container top 8e07217a381f

查看日志

[root@localhost ~]# docker logs test
192.168.241.1 - - [30/Jun/2020:04:42:50 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"
[root@localhost ~]# docker logs -tf test
2020-06-30T04:42:50.272233587Z 192.168.241.1 - - [30/Jun/2020:04:42:50 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"
[root@localhost ~]# docker logs -t test
2020-06-30T04:42:50.272233587Z 192.168.241.1 - - [30/Jun/2020:04:42:50 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"
[root@localhost ~]# docker logs -tf --tail 3 test
2020-06-30T04:42:51.192872914Z 192.168.241.1 - - [30/Jun/2020:04:42:51 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"
2020-06-30T04:42:51.363250310Z 192.168.241.1 - - [30/Jun/2020:04:42:51 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"
2020-06-30T04:43:00.583430633Z 192.168.241.1 - - [30/Jun/2020:04:43:00 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "-"

制作本地局域网的yum源

  1. 安装vsftpd软件

    yum install -y vsftpd
    
  2. 启动ftp

    systemctl enable vsftpd //将vsftpd加入到开机自动启动的服务中
    systemctl start vsftpd  //开启服务
    
  3. 上传系统到虚拟机

  4. 配置yum仓库

    [root@localhost ftp]# mount -o loop /mnt/hgfs/www/yum_sources/CentOS-6.9-x86_64-bin-DVD1.iso /var/ftp/centos0.0/   //将目标系统挂载到ftp访问目录中
    
  5. windows 验证

ftp://192.168.241.129/centos0.0/

Docker构建私有registry

构建的私有registry 也是放在容器中的

  1. 建立registry容器
[root@localhost docker]# docker container run -d -p 5000:5000 --restart=always --name="registry" -v /opt/registry:/var/lib/registry registry
Unable to find image 'registry:latest' locally
latest: Pulling from library/registry
cbdbe7a5bc2a: Pull complete 
47112e65547d: Pull complete 
46bcb632e506: Pull complete 
c1cc712bcecd: Pull complete 
3db6272dcbfa: Pull complete 
Digest: sha256:8be26f81ffea54106bae012c6f349df70f4d5e7e2ec01b143c46e2c03b9e551d
Status: Downloaded newer image for registry:latest
306e8e455a7f5ea001cf93446b61acb4aa0e305b75b2de1710b90670c41d79be

–restart=always 命令是当docker重启时会自动启动该容器;不会因为关闭重启docker而导致容器关闭

  1. 修改配置文件

    [root@localhost ~]# cat /etc/docker/daemon.json 
    {
      "registry-mirrors": ["https://registry.docker-cn.com","http://hub-mirror.c.163.com"],//指定镜像下载源(官方是外网,所以需要用中文镜像网站)
      "insecure-registries":["192.168.241.129:5000"]//注册本地registry的下载地址
    }
    
    
  2. 制作本地镜像并push到私有registry中

    这边标记本地nginx:latest镜像,将其归入指定仓库

    [root@localhost ~]# docker tag nginx:latest 197.128.241.129:5000/wzbwzt/nginx:v1//这边前面是registry地址+项目名+具体镜像名
    
    [root@localhost ~]# docker image ls 
    REPOSITORY                          TAG                 IMAGE ID            CREATED             SIZE
    registry                            latest              2d4f4b5309b1        13 days ago         26.2MB
    197.128.241.129:5000/wzbwzt/nginx   v1                  53f3fd8007f7        14 months ago       109MB
    nginx                               1.15                53f3fd8007f7        14 months ago       109MB
    nginx                               1.14                295c7be07902        15 months ago       109MB
    centos                              6.9                 2199b8eb8390        15 months ago       195MB
    

    push到本地registry

    [root@localhost ~]# docker push 192.168.241.129:5000/wzbwzt/nginx:v1
    The push refers to repository [192.168.241.129:5000/wzbwzt/nginx]
    f978b9ed3f26: Pushed 
    9040af41bb66: Pushed 
    7c7d7f446182: Pushed 
    d4cf327d8ef5: Pushed 
    13cb14c2acd3: Pushed 
    v1: digest: sha256:0efad4d09a419dc6d574c3c3baacb804a530acd61d5eba72cb1f14e1f5ac0c8f size: 1362
    
  3. 异地进行pull镜像

[root@localhost ~]# docker pull 192.168.241.129:5000/wzbwzt/nginx:v1

本地仓库加安全验证

往registry中推送image需要先验证

  1. 下载httpd-tool做账号密码验证
[root@localhost ~]# yum install -y httpd-tools
[root@localhost ~]# mkdir /opt/registry-auth
[root@localhost opt]# htpasswd -Bbn wzb 123123 > /opt/registry-auth/htpasswd
[root@localhost registry-auth]# cat htpasswd 
wzb:$2y$05$BGrfbP4JgEA7OhRQs/vAIOmatL3/rURjjod1RTuC3O.UFJqsaNU0G

  1. 生成带密钥功能的registry容器
[root@localhost ~]# docker  run -d -p 5000:5000 --name="registry-auth" -v /opt/registry-auth/:/auth/ -v /opt/registry/:/var/lib/registry  -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry 
WARNING: IPv4 forwarding is disabled. Networking will not work.
22c0397455c87e0517e53834ce082c1c43abd997f0f487e6e95b39e377633ef3
//-e 后面跟的是配置参数
  1. push镜像需要先验证(pull不需要)
[root@localhost ~]# docker push 192.168.241.129:5000/wzbwzt/nginx:v1
The push refers to repository [192.168.241.129:5000/wzbwzt/nginx]
f978b9ed3f26: Preparing 
9040af41bb66: Preparing 
7c7d7f446182: Preparing 
d4cf327d8ef5: Preparing 
13cb14c2acd3: Preparing 
no basic auth credentials
//显示无验证
[root@localhost ~]# docker login 192.168.241.129:5000 //登录
Username: wzb
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@localhost ~]# docker push 192.168.241.129:5000/wzb/nginx:v2  //推送
The push refers to repository [192.168.241.129:5000/wzb/nginx]
f978b9ed3f26: Mounted from wzbwzt/nginx 
9040af41bb66: Mounted from wzbwzt/nginx 
7c7d7f446182: Mounted from wzbwzt/nginx 
d4cf327d8ef5: Mounted from wzbwzt/nginx 
13cb14c2acd3: Mounted from wzbwzt/nginx 
v2: digest: sha256:0efad4d09a419dc6d574c3c3baacb804a530acd61d5eba72cb1f14e1f5ac0c8f size: 1362
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值