一、制作自定义镜像
1.1 、基于centos镜像应用commit创立新的镜像文件
1 ) 应用镜像启动容器
[root@docker01 ~]# docker run -it docker.io/centos[root@19def71b0bd4 /]# ifconfig //默认没有装置net-tools等工具bash: ifconfig: command not found2)装置测试软件
[root@19def71b0bd4 /]# yum -y install net-tools iproute psmisc vim-enhanced[root@19def71b0bd4 /]# ifconfigeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)......[root@docker01 ~]# exit3 ) 另存为另外一个镜像
[root@docker01 ~]# docker ps -aq19def71b0bd4[root@docker01 ~]# docker start 19def71b0bd4 //能够简写为19,要保障唯一性[root@docker01 ~]# docker commit 19de docker.io/myos:latest //另存为镜像为myos:latestsha256:349b5158c391cb47c34fad6592a4e3eec2978501485048dc4d95f722275b190e[root@docker01 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEmyos latest 349b5158c391 9 seconds ago 273MBnginx latest 7e4d58f0e5f3 4 weeks ago 133MBbusybox latest 6858809bf669 4 weeks ago 1.23MBcentos latest 0d120b6ccaa8 2 months ago 215MBcentos v2 0d120b6ccaa8 2 months ago 215MB[root@docker01 ~]# docker run -it docker.io/myos:latest //应用新镜像启动已装置net-tools等工具[root@03b80f6d88d2 /]# ifconfigeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 01.2、基于centos镜像应用Dockerfile文件创建一个新的镜像文件
Dockerfile语法格局:
– FROM:根底镜像
– MAINTAINER:镜像创建者信息(阐明)
– EXPOSE:凋谢的端口
– ENV:设置环境变量
– ADD:复制文件到镜像
– RUN:制作镜像时执行的命令,能够有多个
– WORKDIR:定义容器默认工作目录
– CMD:容器启动时执行的命令,仅能够有一条CMD
创立一个Apache的镜像文件
[root@docker01 ~]# mkdir build[root@docker01 ~]# cd build/[root@docker01 build]# cp /etc/yum.repos.d/local.repo ./ //(非必须) 如果须要用本地yum源装置,能够把yum源配置拷贝到本目录下.留神yum源和docker镜像零碎版本是否匹配,[root@docker01 build]# vim Dockerfile //Dockerfile文件第一个字母要大写FROM docker.io/centos:latestRUN yum -y install httpdENV EnvironmentFile=/etc/sysconfig/httpdWORKDIR /var/www/html/EXPOSE 80EXPOSE 443CMD ["/usr/sbin/httpd","-DFOREGROUND"][root@docker01 build]# docker build -t docker.io/myos:http . //新建myos:http 镜像 留神最初有个" . " 代表本目录下 须要期待一段时间实现软件的装置Sending build context to Docker daemon 2.048kBStep 1/7 : FROM docker.io/centos:latest......Successfully built bd023206dc22Successfully tagged myos:http[root@docker01 build]# docker images //查看新建的镜像myos:http REPOSITORY TAG IMAGE ID CREATED SIZEmyos http bd023206dc22 About a minute ago 254MBmyos latest 349b5158c391 36 minutes ago 273MBnginx latest 7e4d58f0e5f3 4 weeks ago 133MBbusybox latest 6858809bf669 4 weeks ago 1.23MBcentos latest 0d120b6ccaa8 2 months ago 215MBcentos v2 0d120b6ccaa8 2 months ago 215MB[root@docker01 build]# docker run -d docker.io/myos:http //启动容器30c77c9434a9cec33476f114fb3ce571426f57d9cdba5f34bdbafcec91590c72[root@docker01 build]# docker inspect 30 //查看容器IP[root@docker01 build]# curl 172.17.0.3 //查看httpd是否工作
二、创立公有镜像仓库
- 在Docker1上创立公有仓库
- 上传镜像到 docker1
- 在 docker2 上配置应用 docker1 的公有仓库
- 在 docker2 上应用 docker1 的近程仓库启动容器步骤
1)定义一个公有仓库
[root@docker01 ~]# yum install -y docker-distribution[root@docker01 ~]# systemctl start docker-distribution[root@docker01 ~]# systemctl enable docker-distribution[root@docker01 ~]# docker tag docker.io/busybox:latest 192.168.4.130:5000/docker.io/busybox:latest //打标签[root@docker01 ~]# docker tag docker.io/myos:http 192.168.4.130:5000/docker.io/myos:http[root@docker01 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE192.168.4.130:5000/docker.io/myos http bd023206dc22 About an hour ago 254MBmyos http bd023206dc22 About an hour ago 254MBmyos latest 349b5158c391 2 hours ago 273MBnginx latest 7e4d58f0e5f3 4 weeks ago 133MB192.168.4.130:5000/docker.io/busybox latest 6858809bf669 4 weeks ago 1.23MBbusybox latest 6858809bf669 4 weeks ago 1.23MBcentos latest 0d120b6ccaa8 2 months ago 215MBcentos v2 0d120b6ccaa8 2 months ago 215MB[root@docker01 ~]# docker push 192.168.4.130:5000/docker.io/busybox:latest //上传[root@docker01 ~]# docker push 192.168.4.130:5000/docker.io/myos:http2)客户端docker02配置
[root@docker02 ~]# vim /etc/sysconfig/dockerINSECURE_REGISTRY='--insecure-registry 192.168.4.130:5000' //指定docker1的地址ADD_REGISTRY='--add-registry 192.168.4.130:5000'[root@docker02 ~]# systemctl restart docker[root@docker02 ~]# docker run -it 192.168.4.130:5000/docker.io/myos:http /bin/bash //间接运行3) 查看公有仓库外面有什么镜像
[root@docker01 ~]# curl http://192.168.4.130:5000/v2/_catalog //查看外面有什么镜像{"repositories":["docker.io/busybox","docker.io/myos"]}[root@docker01 ~]# curl http://192.168.4.130:5000/v2/docker.io/busybox/tags/list //查看外面的镜像标签{"name":"docker.io/busybox","tags":["latest"]}[root@docker01 ~]# curl http://192.168.4.130:5000/v2/docker.io/myos/tags/list{"name":"docker.io/myos","tags":["http"]} 4) 删除仓库镜像[root@docker01 ~]# find / -name myos /var/lib/registry/docker/registry/v2/repositories/docker.io/myos //搜寻到镜像寄存地位[root@docker01 ~]# rm -fr /var/lib/registry/docker/registry/v2/repositories/docker.io/myos //删除仓库镜像[root@docker01 docker.io]# systemctl restart docker-distribution 三、NFS共享存储(长久化存储)
- 创立NFS共享,能映射到容器里:
- 服务器创立NFS共享存储,共享目录为/content,权限为rw
- 客户端挂载共享,并将共享目录映射到容器中
其中NFS服务器用一台192.168.4.100的虚拟机代替,一台客户端docker1主机,ip为192.168.4.130,一台户端docker2主机,ip为192.168.4.131,实现客户端挂载共享,并将共享目录映射到容器中,docker1更新文件时,docker2实现同步更新,计划如图所示:
[root@case100 ~]# yum -y install nfs-utils[root@case100 ~]# mkdir /content[root@case100 ~]# vim /etc/exports/content *(rw,no_root_squash)[root@case100 ~]# systemctl restart nfs-server.service[root@case100 ~]# systemctl restart nfs-secure.service[root@case100 ~]# exportfs -rv[root@case100 ~]# chmod 777 /content/[root@case100 ~]# echo docker.test > /content/index.html配置客户端docker01、docker02配置
[root@docker01 ~]# yum -y install nfs-utils[root@docker01 ~]# systemctl restart nfs-server.service[root@docker01 ~]# showmount -e 192.168.4.100Export list for 192.168.4.100:/content *[root@docker01 ~]# mkdir /mnt/qq/[root@docker01 ~]# mount -t nfs 192.168.4.100:/content /mnt/qq //正式环境记得增加到开机主动挂载[root@docker01 ~]# ls /mnt/qq/index.html[root@docker01 ~]# cat /mnt/qq/index.html docker.test[root@docker01 ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it docker.io/myos:http468ec9513151e5e5ac816bfc2b969df63fee7cf0757fca46961f4e336c064203[root@docker01 ~]# curl 192.168.4.130docker.test[root@docker02 ~]# yum -y install nfs-utils[root@docker02 ~]# showmount -e 192.168.4.100Export list for 192.168.4.100:/content *[root@docker02 ~]# mkdir /mnt/qq[root@docker02 ~]# mount -t nfs 192.168.4.100:/content /mnt/qq[root@docker02 ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it 192.168.4.130:5000/docker.io/myos:http8f0e1507e74cbec3b5fffd3df3815b31f4d241cc1a9300dab14730479d36b331[root@docker02 ~]# curl 192.168.4.131docker.test四、创立自定义网桥
- 启动4台容器
- 容器1 与 容器2 应用同一网桥可能互通
- 容器3 与 容器4 可能应用同一网桥可能互通
容器(12) 与 容器(34) 不能互通
[root@docker01 ~]# docker network list //查看默认的容器网络模型NETWORK ID NAME DRIVER SCOPEb7926da5de53 bridge bridge localf64fd4af1f92 host host local7619b9af5f4b none null local) 创立网络模型
[root@docker01 ~]# docker network create --subnet=10.10.10.0/24 docker01e8f95be8dcc827e99288d188e4e293254c9279de963303df0481db9af271acd6[root@docker01 ~]# docker network create --subnet=10.20.20.0/24 docker02d124856247074df4daa2aaaa251e3de828daf194a4c02a57c480f521b40f772d[root@docker01 ~]# docker network list NETWORK ID NAME DRIVER SCOPEb7926da5de53 bridge bridge locale8f95be8dcc8 docker01 bridge locald12485624707 docker02 bridge localf64fd4af1f92 host host local7619b9af5f4b none null local[root@docker01 ~]# ifconfig //也能够通过ifconfig查看br-d12485624707: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 10.20.20.1 netmask 255.255.255.0 broadcast 10.20.20.255 ether 02:42:5f:04:26:28 txqueuelen 0 (Ethernet)br-e8f95be8dcc8: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 10.10.10.1 netmask 255.255.255.0 broadcast 10.10.10.255 ether 02:42:dd:69:1e:e9 txqueuelen 0 (Ethernet)docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ed:76:be:ac txqueuelen 0 (Ethernet)) 应用刚创立的模型启动容器1 容器2
[root@docker01 ~]# docker run --network=docker01 -itd docker.io/myos2722164f8a541c83f725253bf12839aff94590b9731e1be3e8550c8bfac81feb[root@docker01 ~]# docker run --network=docker01 -itd docker.io/myos02b514179c657cbfb204ecb5f7ec0c87d9f682396b8a0d9898491b6024741df5[root@docker01 ~]# docker ps -aq02b514179c652722164f8a54[root@docker01 ~]# docker inspect 27 |egrep "IPAddress""IPAddress": "10.10.10.2",[root@docker01 ~]# docker ps -a xenodochial_wright[root@docker01 ~]# docker inspect 02 |egrep "IPAddress""IPAddress": "10.10.10.3",) 测 容器1 与 容器2 应用同一网桥可能互通
[root@docker01 ~]# docker exec -it 02b5 /bin/bash[root@02b514179c65 /]# ping 10.10.10.2- bytes from 10.10.10.2: icmp_seq=1 ttl=255 time=0.096 ms
- bytes from 10.10.10.2: icmp_seq=2 ttl=255 time=0.047 ms
`` ) 应用刚创立的模型启动容器3 容器4
[root@docker01 ~]# docker ps -qa85e33ce400faf777bbb45ddf02b514179c652722164f8a54[root@docker01 ~]# docker inspect 85 |egrep "IPAddress" "SecondaryIPAddresses": null, "IPAddress": "", "IPAddress": "10.20.20.3",[root@docker01 ~]# docker inspect f7 |egrep "IPAddress" "SecondaryIPAddresses": null, "IPAddress": "", "IPAddress": "10.20.20.2",- ) 测试
- 容器3 与 容器4 可能应用同一网桥可能互通
容器(12) 与 容器(34) 不能互通
[root@docker01 ~]# docker exec -it 85 /bin/bash[root@85e33ce400fa /]# ping 10.20.20.2- bytes from 10.20.20.2: icmp_seq=1 ttl=255 time=0.148 ms
- bytes from 10.20.20.2: icmp_seq=2 ttl=255 time=0.047 ms
- bytes from 10.20.20.2: icmp_seq=3 ttl=255 time=0.048 ms
[root@85e33ce400fa /]# ping 10.10.10.3 //失败 容器(12) 与 容器(34) 不能互通
PING 10.10.10.3 (10.10.10.3) 56(84) bytes of data.