docker历史
2010年,几个年轻人,在美国成立dotcloud ,做一些pass云服务。
lxc有关的容器技术,他们将自己的技术容器化
聊聊docker
Docker是基于GO语言开发的!开源项目!
官网:https://www.docker.com/
文档地址:https://docs.docker.com/ 超级详细
仓库地址:https://hub.docker.com/
docker能做什么
之前的虚拟技术
虚拟技术的缺点
- 占用资源多
- 冗余步骤多
- 启动慢
容器化技术
容器化技术不是模拟的一个完整的操作系统
Docker和虚拟机之间的区别
- 传统虚拟机虚拟出一套完整的硬件,运行一套完整的虚拟环境,在操作系统上运行安装软件
- 容器直接运行在内核中,容器没有自己的内核,也没有虚拟硬件,所以轻便
- 每个容器间相互隔离,每个容器都有属于自己的文件系统,互不影响
DevOps(开发、运维)
更快速的运维部署
传统应用:一堆文档,安装运行
Docker:打包镜像发布测试,一键运行
更便捷的升级和扩缩容
使用docker之后,发布应用就像搭积木一样
项目打包为镜像,可以在其他环境直接运行
更简单的运维
在容器化后,开发环境、测试环境高度一致
更高效的资源利用
Docker是内核虚拟化,在一个物理机上可以运行多个容器实例,服务器性能可以压榨到极致
Docker的安装
Docker的基本组成
镜像(images)
Docker镜像是一个模板,可以通过这个模板创建容器服务,tomcat—>run—>tomcat01容器(提供服务器),通过这个镜像可以创建多个容器
容器(container)
Docker利用容器技术运行通过镜像创建的应用
启动、删除基本命令
仓库(repository)
存放镜像的地方!
共有仓库和私有仓库!
Docker Hub(默认是国外的)
阿里云…都有这些仓库(配置镜像加速)
安装Docker
环境准备
- 会一点点linux基础
- CentOS 7
- 使用XShell链接远程服务器
环境查看
#系统内核3.10以上
[root@izuf6cn5k7l8xuxojhszqbz ~]# uname -r
3.10.0-862.14.4.el7.x86_64
#系统版本
[root@izuf6cn5k7l8xuxojhszqbz /]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
安装
帮助文档:https://docs.docker.com/engine/install/centos/
# 1.卸载旧版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
# 2.下载需要的安装包
yum install -y yum-utils
# 3.设置镜像仓库
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo #默认是国外的十分慢
yum-config-manager
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #推荐使用阿里云的
# 更新yum相关索引
yum makecache faste
# 4.安装Docker相关内容 docker-ce社区版 ee企业版
yum install docker-ce docker-ce-cli containerd.io
# 5.启动docker
sudo systemctl start docker
# 6.使用docker version查看是否安装成功
# 7. hello-world
docker run hello-world
# 8. 查看下载的hello-world这个镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
了解卸载docker
# 1.卸载依赖
yum remove docker-ce docker-ce-cli containerd.io
# 2.删除资源
rm -rf /var/lib/docker
#/var/lib/docker docker的默认工作路径
阿里云镜像加速
-
登陆阿里云找到容器服务
-
镜像加速地址
-
配置使用
sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://0b56c32l.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
回顾Hello-World
底层原理
Docker 是一个Client-Server的系统,Docker的守护进程运行在主机上,通过Socket从客户端访问
DockerServer接受DockerClient命令
Docker为什么比VM运行更快?
- Docker有比虚拟机更少的抽象层
- Docker用的是宿主机的内核
Docker的常用命令
帮助命令
docker version # 显示Docker的版本信息
docker info # 显示Docker的系统信息,包括镜像和容器的数量
docker 命令 --help # 帮助命令
帮助文档地址:https://docs.docker.com/engine/reference/run/
镜像命令
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
# 解释
REPOSITORY 镜像仓库源
TAG 镜像标签
IMAGE ID 镜像ID
CREATE 镜像创建时间
SIZE 镜像大小
# 可选向
Options:
-a, --all # 列出所有镜像
-q, --quiet # 只显示镜像ID
docker search搜索镜像
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
mariadb MariaDB is a community-developed fork of MyS… 3694 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 736 [OK]
percona Percona Server is a fork of the MySQL relati… 511 [OK]
# 可选项
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
mariadb MariaDB is a community-developed fork of MyS… 3694 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 736 [OK]
percona Percona Server is a fork of the MySQL relati… 511 [OK]
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker search mysql --filter=stars=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 10075 [OK]
docker pull 下载镜像
# docker pull 镜像名[:tag]
docker pull mysql
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker pull mysql
Using default tag: latest # 如果不写tag,默认就是latest
latest: Pulling from library/mysql
bb79b6b2107f: Pull complete # 分层下载,docker images的核心,联合文件系统
49e22f6fb9f7: Pull complete
842b1255668c: Pull complete
9f48d1f43000: Pull complete
c693f0615bce: Pull complete
8a621b9dbed2: Pull complete
0807d32aef13: Pull complete
9eb4355ba450: Pull complete
6879faad3b6c: Pull complete
164ef92f3887: Pull complete
6e4a6e666228: Pull complete
d45dea7731ad: Pull complete
Digest: sha256:86b7c83e24c824163927db1016d5ab153a9a04358951be8b236171286e3289a4 #签名
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址
删除镜像 docker rmi
docker rmi -f 8e85dd5c3255 # 删除指定镜像
docker rmi -f 容器ID 容器ID 容器ID 容器ID# 删除多个镜像
docker rmi -f ${docker images -aq} # 删除全部镜像
容器命令
说明:只有新建镜像才能创建容器,Linux,下载一个CentOS来学习
docker pull centos
新建容器并启动
docker run [可选参数] image
# 参数说明
--name # 指定容器名字
-it # 使用交互方法,进入后台查看内容
-d # 后台运行
-p # 指定端口8080:8080
-p 主机端口:容器端口(最常用主机端口和容器端口的映射)
-p ip:主机端口:容器端口
-p 容器端口
容器端口
-P # 随机分配端口
# 测试,启动并进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -it kibana:6.4.0 /bin/bash
bash-4.2$ [root@izuf6cn5k7l8xuxojhszqbz /]#
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -it centos /bin/bash
# 查看容器内的CentOS,基本版本很多功能都不完善
[root@a87299a142d9 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
# 从容器中退回主机
[root@a87299a142d9 /]# exit
exit
[root@izuf6cn5k7l8xuxojhszqbz /]# ls
bin dev get-docker.sh ifstat-1.1.tar.gz lost+found mydata root srv usr
boot dubbo-governance.log home lib media opt run sys var
d etc ifstat-1.1 lib64 mnt proc sbin tmp zookeeper.out
[root@izuf6cn5k7l8xuxojhszqbz /]#
# 查看镜像元数据
[root@izuf6cn5k7l8xuxojhszqbz /]# docker inspect b96481cf196e
[
{
"Id": "b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386",
"Created": "2020-10-20T01:00:24.252614556Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 12492,
"ExitCode": 0,
"Error": "",
"StartedAt": "2020-10-20T02:00:50.534736639Z",
"FinishedAt": "2020-10-20T02:00:50.11175616Z"
},
"Image": "sha256:0d120b6ccaa8c5e149176798b3501d4dd1885f961922497cd0abef155c869566",
"ResolvConfPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/hostname",
"HostsPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/hosts",
"LogPath": "/var/lib/docker/containers/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386/b96481cf196efa193fd2981636b7d1a71ea7a7379ce46b5b603b6520c05c1386-json.log",
"Name": "/xenodochial_cerf",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {
}
},
"NetworkMode": "default",
"PortBindings": {
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Capabilities": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5-init/diff:/var/lib/docker/overlay2/e88cb8fc7bd56dd63cbb631a8babb55716e65fb3705e0e5c2e0d5da2e6e7737b/diff",
"MergedDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/merged",
"UpperDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/diff",
"WorkDir": "/var/lib/docker/overlay2/0ee9111d7dc3c174492b9aa2f3254982ed4b5f42ce5afb7d95cde986ef4472d5/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "b96481cf196e",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20200809",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "2e09d9086aeb52e6a6d5a7ada9b6c8531c0f7b322ccf6532cf169d3ba9756eab",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
},
"SandboxKey": "/var/run/docker/netns/2e09d9086aeb",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "63ef5e1ec21bc8973355b716d8dfa42e192efc0f1750ef18947b4f9d1410e512",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:04",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "adb8cb6caa43e42b2f3963607bf576207abb4a6a2b76c43f3907503f17dbdad9",
"EndpointID": "63ef5e1ec21bc8973355b716d8dfa42e192efc0f1750ef18947b4f9d1410e512",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:04",
"DriverOpts": null
}
}
}
}
]
[root@izuf6cn5k7l8xuxojhszqbz /]#
退出容器
exit # 退出并停止容器
ctrl + P + Q # 退出但不停止容器
列出所有Docker运行容器
docker ps
# 参数
无参数 # 列出当前运行的容器
-a # 列出当前运行的容器+历史运行的容器
-n=? # 显示最近创建的容器
-q # 只显示容器的编号
删除容器
docker rm 容器ID # 删除容器但是不能删除运行的容器,如果强制删除rm -f
docker rm -f ${docker ps -qa} # 删除所有容器
docker ps -qa | xargs docker rm # 删除所有容器
启动和停止容器
docker start 容器ID # 启动容器
docker restart 容器ID # 重启容器
docker stop 容器ID # 停止容器
docker kill 容器ID # 强制停止当前容器
常用其他命令
Docker进程相关命令
systemctl start docker # 启动Docker容器
systemctl stop docker # 停止Docker容器
systemctl restart docker # 重启Docker容器
systemctl status docker # 查看Docker容器状态
systemctl enable docker # 设置Docker开机自启
docker top 容器ID # 查看容器进程信息
[root@izuf6cn5k7l8xuxojhszqbz /]# docker top 0a01905d64f5
UID PID PPID C STIME TTY TIME CMD
root 16217 16201 0 12:21 pts/0 00:00:00 /bin/bash
[root@izuf6cn5k7l8xuxojhszqbz /]#
后台启动命令
# docker run -d 镜像名
# 问题docker ps 发现CentOS停止运行
# docker后台运行就必须有一个前台进程,docker发现没有应用就会自动停止
# nginx发现自己没有提供服务就会停止运行,就是没有程序
查看日志命令
docker logs -f -t --tail nubmer 容器ID
# 显示日志
- ft # 显示日志
--tail number # 显示日志和行数
[root@izuf6cn5k7l8xuxojhszqbz /]# docker logs -f -t --tail 10 d50135d540e2
进入当前正在运行的容器
# 通常容器都是后台运行方式,经常需要进入容器,修改一些配置
# 方式一
docker exec -it 容器ID
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bc3159d51302 kibana:6.4.0 "/bin/bash" 34 minutes ago Up 34 minutes 5601/tcp romantic_euclid
abe8d2653a16 elasticsearch:6.4.0 "/usr/local/bin/dock…" 35 minutes ago Up 35 minutes 9200/tcp, 9300/tcp elastic_ellis
89059be6a599 logstash:6.4.0 "/usr/local/bin/dock…" 36 minutes ago Up 36 minutes 5044/tcp, 9600/tcp nostalgic_einstein
059363cf2047 0346349a1a64 "/bin/bash" 46 minutes ago Up 46 minutes 80/tcp, 443/tcp nginx
edb16178fcae centos "/bin/bash" About an hour ago Up About an hour nostalgic_allen
a956dc76e579 redis "docker-entrypoint.s…" 3 months ago Up About an hour 0.0.0.0:6379->6379/tcp redis
635d1b7ad286 mysql:5.7 "docker-entrypoint.s…" 3 months ago Up About an hour 0.0.0.0:3306->3306/tcp, 33060/tcp mysql
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it 635d1b7ad286 /bin/bash
root@635d1b7ad286:/#
# 方式二
docker attach 容器ID # 进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker attach 635d1b7ad286
[root@izuf6cn5k7l8xuxojhszqbz /]# ...
# 两种方式的区别
docker exec -it 容器ID # 进入容器并开启一个新的终端
docker attach 容器ID # 进入正在执行的终端,并不会开启新的进程
从容器内拷贝文件到主机
docker cp
# 进入docker容器内
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it edb16178fcae /bin/bash
[root@edb16178fcae /]# cd /home
[root@edb16178fcae home]# ls
# 在容器内home创建文件
[root@edb16178fcae home]# touch test.java
# 退出容器
[root@edb16178fcae home]# exit
exit
[root@izuf6cn5k7l8xuxojhszqbz /]# ls
bin d dubbo-governance.log get-docker.sh ifstat-1.1 lib lost+found mnt opt root sbin sys usr zookeeper.out
boot dev etc home ifstat-1.1.tar.gz lib64 media mydata proc run srv tmp var
# 将docker内创建的文件拷贝到主机目录下
[root@izuf6cn5k7l8xuxojhszqbz /]# docker cp edb16178fcae:/home/test.java /home
[root@izuf6cn5k7l8xuxojhszqbz /]# cd home
[root@izuf6cn5k7l8xuxojhszqbz home]# ls
admin es FastDFS hadoop mysql oracle test.java
[root@izuf6cn5k7l8xuxojhszqbz home]#
# 拷贝是一个手动过程,将来可以使用-v 卷的技术字段关联容器目录和主机目录 /home /home
总结
实战练习
Docker 安装Ninx
# docker search nginx # 搜索镜像
# docker pull nginx:1.1.0 # 下载指定版本镜像
# 查看镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 0d120b6ccaa8 2 months ago 215MB
redis latest 235592615444 4 months ago 104MB
mysql 5.7 9cfcce23593a 4 months ago 448MB
rabbitmq 3.7.15-management f05c3eb3cf91 15 months ago 179MB
hello-world latest fce289e99eb9 21 months ago 1.84kB
mongo 3.2 fb885d89ea5c 23 months ago 300MB
logstash 6.4.0 13b7a09abaf8 2 years ago 670MB
kibana 6.4.0 a7e4cd1a7b45 2 years ago 667MB
elasticsearch 6.4.0 1ac676545731 2 years ago 791MB
nginx 1.10 0346349a1a64 3 years ago 182MB
# 参数解释
# -d 后台运行
# --name 为容器命名
# -p 主机端口:容器端口
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name ngnix01 -p 3344:80 nginx:1.10
fe9479484c55a8aa62719a65cf146c14ce9bfadf5e20090afcb8e38703ac2bec
[root@izuf6cn5k7l8xuxojhszqbz /]# curl localhost:3344
# 进入容器
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it ngnix01 /bin/bash
root@fe9479484c55:/# whereis nginx
nginx: /usr/sbin/nginx /usr/lib/nginx /etc/nginx /usr/share/nginx /usr/share/man/man8/nginx.8.gz /usr/share/man/man3/nginx.3pm.gz
root@fe9479484c55:/# cd /etc/nginx
root@fe9479484c55:/etc/nginx# ls
conf.d fastcgi_params koi-utf koi-win mime.types modules nginx.conf scgi_params uwsgi_params win-utf
root@fe9479484c55:/etc/nginx#
Docker 安装Tomcat
# docker pull tomcat:9.0 下载镜像tomcat9
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name tomcat9 -p 3355:8080 tomcat:9.0
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it tomcat9 /bin/bash
root@5f17e0823840:/usr/local/tomcat# ls
BUILDING.txt LICENSE README.md RUNNING.txt conf logs temp webapps.dist
CONTRIBUTING.md NOTICE RELEASE-NOTES bin lib native-jni-lib webapps work
root@5f17e0823840:/usr/local/tomcat# cd webapps
root@5f17e0823840:/usr/local/tomcat/webapps# ls
root@5f17e0823840:/usr/local/tomcat/webapps#
Docker 安装Es+kibana
# ES暴露端口多
# ES十分耗内存
# ES的目录一般要存放安全目录挂载
# --net somenetwork网络配置
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:tag
# 查看docker stats
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPS="-Xms64m -Xms512m" elasticsearch:tag
可视化
-
portainer(先用这个)
docker run -d -p 8088:9000 \ --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer -
Rancher(CI/CD再用)
docker 镜像
commit镜像
docker commit 提交容器成为一个新的副本
# 命令和git原理类似
docker commit -m="提交描述信息" -a="作者" 容器ID 目标镜像:[TAG]
docker commit -a="steven" -m="add webapps app" 5f17e0823840 tomcat02:1.0.0
容器数据卷
使用数据卷
方式一:使用命令挂载 -v
docker run -d -it -v 主机目录:容器目录 -p 主机端口:容器端口 --name 容器名字
[root@izuf6cn5k7l8xuxojhszqbz home]# docker run -it -v /home/ceshi:/home centos /bin/bash
测试文件同步
好处修改只需要在主机修改即可,容器内会自动同步
安装MySQL
# 获取镜像
[root@izuf6cn5k7l8xuxojhszqbz /]# docker pull mysql:5.7
# 运行容器需要挂载!#安装启动MySQL,需要设置密码,要注意
# 启动MySQL
-d 后台运行
-p 端口映射
-v 数据卷挂载
-e 环境配置
--name 容器名字
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=09091995aq --name mysql5.7 mysql:5.7
# 启动成功后,用Navicat链接测试
# 在本地创建数据库,查看映射路径
具名和匿名挂载
# 匿名挂载
# -v 查看容器内路径
docker run -d --name nginx01 -v /etc/nginx nginx
# 查看卷 volume
[root@izuf6cn5k7l8xuxojhszqbz /]# docker volume ls
DRIVER VOLUME NAME
local 843c675d3d847a6c57927c79a5886559482bf4916118f91627bfa35ebbbec45b
# 这种就是匿名挂载 -v 只写了容器内的路径,没有写主机路径
# 具名挂载
[root@izuf6cn5k7l8xuxojhszqbz /]# docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx nginx:1.10
1c70f133efdc35f9ce52ddafc7e128d88e833290e3815e2c8f1e5c2699319eb7
[root@izuf6cn5k7l8xuxojhszqbz /]# docker volume ls
DRIVER VOLUME NAME
local juming_nginx
所有的docker在没有指定目录的情况下默认放在:/var/lib/docker/volumes/xxx/_data目录下
# 具名挂载、匿名挂载、指定目录挂载
-v 容器内路径 # 匿名挂载
-v 容器名字:/容器内路径 # 具名挂载
-v 主机路径::/容器内路径 # 指定路径挂载
拓展
# 通过 -v 容器内路径控制读写权限
# ro readonly 只读
# rw readwrite 读写
docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx:ro nginx:1.10
docker run -d --name nginx1.10 -p 3344:80 -v juming_nginx:/etc/nginx:rw nginx:1.10
# ro只能通过主机修改配置,容器内无法改变
初识DockerFile
DockerFile构建Docker镜像文件!命令脚本体验
# 创建DockerFile文件,名字可以随意,建议就用dockefile
# 文件中的内容 指令(大写) 参数
FROM centos
VOLUME ['volume01','volume02']
CMD echo '-----------end-------------'
CMD /bin/bash
# 这里的每个命令就是docker镜像的一层
启动自己的镜像
查看卷挂在路径:docker inspect 容器ID
数据卷容器
多个MySQL同步数据
docker run -it --name 容器名字 --volumes-from 父容器名字 镜像名称:版本号
docker run -it --name docker02 --volumes-from docker01 stevenyin/centos:1.10
DockerFile
DockerFile介绍
DockerFile是用来构建docker镜像的文件!命令参数脚本
构建步骤
- 编写dockerfile脚本文件
- 通过docker build -f dockerfile路径 -t 镜像名称(stevenyin/centos:1.1.0) .
- 运行镜像 docker run
- 发布镜像 docker push(DockerHub、阿里云镜像仓库)
查看一下官方是怎做的
DockerFile构建过程
基础知识
- 每一个保留关键字(指令)都必须是大写
- 从上到下依次执行
- #代表注释
- 每一条指令都会构建一个镜像层
dockerfile是面向开发的,以后发布项目,做镜像就需要编写dockerfile文件
步骤
- DockerFile:构建文件,定义步骤,相当于源代码
- DockerImages:通过DockerFile构建生成镜像,最终发布和运行产品
- DockerContainer:容器就是为镜像运行提供环境
DockerFile指令
FROM # 基础镜像一切从这里构建
MAINNTAINER # 镜像是谁写的,作者+邮箱
RUN # 镜像构建是需要运行的命令
ADD # tomcat镜像,tomcat是一个压缩包,添加内容
WORKDIR # 镜像工作目录
VOLUME # 目录挂载,挂载卷
EXPOSE # 暴漏端口
CMD # 指定容器启动时需要运行的命令,只有最后一个命令会生效,可被替代
ENTRYPOINT # 指定容器启动时需要运行的命令,可以命令追加
ONBUILD # 当运行一个被继承的 DockerFile 会触发ONBUILD
COPY # 类似于ADD,将文件拷贝到容器中
ENV # 设置环境变量
构建centos
# 1.编写配置文件dockerfile文件
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# vim mydockerfile-centos
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# cat mydockerfile-centos
FROM centos
MAINTAINER steven<[email protected]>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD $MYPATH
CMD echo "------end------"
CMD /bin/bash
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
# 2.通过文件构建镜像
# 命令 docker build -f dockerfile -t 镜像:[tag] .
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker build -f /home/dockerfile/mydockerfile-centos -t stevenyin/centos:1.11 .
Successfully built 502fedcf049b
Successfully tagged stevenyin/centos:1.11
查看docker构建镜像历史
# 查看docker 镜像构建历史
# docker history 镜像ID
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker history 502fedcf049b
IMAGE CREATED CREATED BY SIZE COMMENT
502fedcf049b 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
a77ba559c57e 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
32e6bf5b4d27 12 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "$MYP… 0B
5c37e637387e 12 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
b80d50163d6d 12 minutes ago /bin/sh -c yum -y install net-tools 22.8MB
c682c6f2c7e5 12 minutes ago /bin/sh -c yum -y install vim 57.2MB
a7a7c274e0db 13 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
2cd2577889b9 13 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
4c14c20e220e 13 minutes ago /bin/sh -c #(nop) MAINTAINER steven<yinhaoy… 0B
0d120b6ccaa8 2 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 2 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 2 months ago /bin/sh -c #(nop) ADD file:538afc0c5c964ce0d… 215MB
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
CMD和ENTRYPOINT的区别
CMD # 指定容器启动时需要运行的命令,只有最后一个命令会生效,可被替代
ENTRYPOINT # 指定容器启动时需要运行的命令,可以命令追加
CMD测试
# 1.编写dockerfile文件mydockerfile-cmd
FROM centos
CMD ["ls","-a"]
# 2.构建镜像
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker build -f mydockerfile-cmd -t stevenyin/cmd:1.10 .
# run运行,发现 ls -a 生效了
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/cmd:1.10
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
opt
root
run
sbin
srv
sys
tmp
usr
var
# 3. 想追加命令 -l ls -al
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/cmd:1.10 -l
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"-l\": executable file not found in $PATH": unknown.
# CMD情况下-l 替换了CMD ["ls","-a"] -l不是命令所以报错
ENTRYPOINT测试
# 1.编写DockerFile文件
FROM centos
ENTRYPOINT ["ls","-a"]
# 2.构建镜像
docker build -f mydockerfile-entrypoint -t stevenyin/entrypoint:1.10 .
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/entrypoint:1.10
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]# docker run stevenyin/entrypoint:1.10 -l
total 56
drwxr-xr-x 1 root root 4096 Oct 25 02:22 .
drwxr-xr-x 1 root root 4096 Oct 25 02:22 ..
-rwxr-xr-x 1 root root 0 Oct 25 02:22 .dockerenv
lrwxrwxrwx 1 root root 7 May 11 2019 bin -> usr/bin
drwxr-xr-x 5 root root 340 Oct 25 02:22 dev
drwxr-xr-x 1 root root 4096 Oct 25 02:22 etc
drwxr-xr-x 2 root root 4096 May 11 2019 home
lrwxrwxrwx 1 root root 7 May 11 2019 lib -> usr/lib
lrwxrwxrwx 1 root root 9 May 11 2019 lib64 -> usr/lib64
drwx------ 2 root root 4096 Aug 9 21:40 lost+found
drwxr-xr-x 2 root root 4096 May 11 2019 media
drwxr-xr-x 2 root root 4096 May 11 2019 mnt
drwxr-xr-x 2 root root 4096 May 11 2019 opt
dr-xr-xr-x 120 root root 0 Oct 25 02:22 proc
dr-xr-x--- 2 root root 4096 Aug 9 21:40 root
drwxr-xr-x 11 root root 4096 Aug 9 21:40 run
lrwxrwxrwx 1 root root 8 May 11 2019 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 May 11 2019 srv
dr-xr-xr-x 13 root root 0 Oct 24 02:53 sys
drwxrwxrwt 7 root root 4096 Aug 9 21:40 tmp
drwxr-xr-x 12 root root 4096 Aug 9 21:40 usr
drwxr-xr-x 20 root root 4096 Aug 9 21:40 var
[root@izuf6cn5k7l8xuxojhszqbz dockerfile]#
发布镜像
DockerHub
-
注册账号:https://hub.docker.com/
-
登录账号
[root@izuf6cn5k7l8xuxojhszqbz software]# docker login --help Usage: docker login [OPTIONS] [SERVER] Log in to a Docker registry. If no server is specified, the default is defined by the daemon. Options: -p, --password string Password --password-stdin Take the password from stdin -u, --username string Username [root@izuf6cn5k7l8xuxojhszqbz software]# [root@izuf6cn5k7l8xuxojhszqbz software]# docker login -u stevenyin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@izuf6cn5k7l8xuxojhszqbz software]# -
登录完毕后就可以提交镜像了,就是一部docker push
[root@izuf6cn5k7l8xuxojhszqbz software]# docker push stevenyin/centos:1.11
The push refers to repository [docker.io/stevenyin/centos]
5bf7e4a8471d: Pushed
bf760cbda826: Pushed
291f6e44771a: Layer already exists
digest1.11: digest: sha256:530a45736f79e50515baa5591fc76635184dd783089ec3e1ebb21c261137d8db size: 953
# 为镜像增加tag: docker tag stevenyin/centos:1.12
发布到阿里云镜像服务上
- 登陆阿里云
- 找到容器镜像服务
- 创建命名空间
- 创建容器镜像
-
推送镜像具体步骤
1. 登录阿里云Docker Registry $ sudo docker login --username=yinghaoye123aq registry.cn-shanghai.aliyuncs.com 用于登录的用户名为阿里云账号全名,密码为开通服务时设置的密码。 您可以在访问凭证页面修改凭证密码。 2. 从Registry中拉取镜像 $ sudo docker pull registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] 3. 将镜像推送到Registry $ sudo docker login --username=yinghaoye123aq registry.cn-shanghai.aliyuncs.com $ sudo docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] $ sudo docker push registry.cn-shanghai.aliyuncs.com/aliyun-stevenyin/stevenyin:[镜像版本号] 请根据实际镜像信息替换示例中的[ImageId]和[镜像版本号]参数。 4. 选择合适的镜像仓库地址 从ECS推送镜像时,可以选择使用镜像仓库内网地址。推送速度将得到提升并且将不会损耗您的公网流量。 如果您使用的机器位于VPC网络,请使用 registry-vpc.cn-shanghai.aliyuncs.com 作为Registry的域名登录。 5. 示例 使用"docker tag"命令重命名镜像,并将它通过专有网络地址推送至Registry。 $ sudo docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE registry.aliyuncs.com/acs/agent 0.7-dfb6816 37bb9c63c8b2 7 days ago 37.89 MB $ sudo docker tag 37bb9c63c8b2 registry-vpc.cn-shanghai.aliyuncs.com/acs/agent:0.7-dfb6816 使用 "docker push" 命令将该镜像推送至远程。 $ sudo docker push registry-vpc.cn-shanghai.aliyuncs.com/acs/agent:0.7-dfb6816
Docker 网络
理解Docker0
# [root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -p 3355:8080 --name tomcat9 tomcat:9.0
# 查看容器内网络地址 ip addr,启动后会发现有261: eth0@if262 IP地址
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
261: eth0@if262: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# linux 能不能ping通容器内部
[root@izuf6cn5k7l8xuxojhszqbz ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.086 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.060 ms
原理
- 每启动一个docker容器,docker就会给docker容器分配一个IP,只要安装docker就会产生docker0的桥接模式的网卡,使用的技术是evth-pair技术!
- 再次启动一个容器发现又多了一对网卡
# 容器带来的网卡都是一对一对的
# evth-pair就是一对虚拟的网络设备接口,他们都是成对出现的一端连着协议,另一端彼此相连
- 两个容器间可以ping通
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9 ping 172.17.0.3
# 容器间是可以ping通的
网络模型
在不指定网络的情况下,都是由docker0路由的,docker会默认分派一个可用的IP
docker 使用的是liunx中的桥接,宿主机是docker中的网桥,docker0
–link
# 不能通过服务名ping通另一个容器,只能通过IP
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9
ping: tomcat9: Name or service not known
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 通过--link可以通过容器名使容器间进行联通
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.2 --link tomcat9 tomcat:9.0
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.2 ping tomcat9
PING tomcat9 (172.17.0.2) 56(84) bytes of data.
64 bytes from tomcat9 (172.17.0.2): icmp_seq=1 ttl=64 time=0.095 ms
64 bytes from tomcat9 (172.17.0.2): icmp_seq=2 ttl=64 time=0.066 ms
64 bytes from tomcat9 (172.17.0.2): icmp_seq=3 ttl=64 time=0.064 ms
探究inspect
tomcat9.2是在本地配置了tomcat9
# 在hosts里配置,远离在这里发现
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it tomcat9.2 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 tomcat9 a3d12cff39da
172.17.0.4 7f5cb56cad3f
[root@izuf6cn5k7l8xuxojhszqbz /]#
本质探究: – link就是在hosts文件中增加了172.17.0.2 tomcat9 a3d12cff39da 的映射
局限:docker0不支持容器名访问
自定义网络
查看网络
网络模式
bridge:桥接网络docker(默认,自己创建也是有桥接模式)
none:不配置网络
host:和宿主机共享网络
container:容器内可以连通(用的少,不建议使用)
测试
# 直接启动 --net bridge 默认就是docker0
docker run -d -P --name tomcat9 --net bridge tomcat:9.0
# docker0不能通过域名访问,可以通过--link 连通
# 自定义网路
--driver bridge 桥接模式
--subnet 192.168.0.0/16 子网地址
--gateway 192.168.0.1 网关
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
36c4197f8b73de837495b148d4b95a2f03c6747608733a2b5d506b98c653f034
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
1edaf6a32eb9 bridge bridge local
18b32561b08d host host local
abdd0e9a3c22 mydata_default bridge local
36c4197f8b73 mynet bridge local
a7f1b5a0ad78 none null local
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 使用自定义网络启动容器
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.1 --net mynet tomcat:9.0
658aab97504ae8ee63204c78bd431fc37b41677c51121fa96c2041961d912a80
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker run -d -P --name tomcat9.2 --net mynet tomcat:9.0
97216395cd5188beab139a3f957019d42aa1b9da91a26d6b3cfd907fabc6b78f
# 查看自定义网络
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "36c4197f8b73de837495b148d4b95a2f03c6747608733a2b5d506b98c653f034",
"Created": "2020-10-25T21:45:21.745587216+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"658aab97504ae8ee63204c78bd431fc37b41677c51121fa96c2041961d912a80": {
"Name": "tomcat9.1",
"EndpointID": "168eb519cd776907149fd9d97121e0a068f2ea28a6b81e86cbac04b742d82721",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"97216395cd5188beab139a3f957019d42aa1b9da91a26d6b3cfd907fabc6b78f": {
"Name": "tomcat9.2",
"EndpointID": "00b1cc23a06c62087e7606b8b5286807ce0b7c3aca7d43a26cb8362147d10416",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
}
}
]
[root@izuf6cn5k7l8xuxojhszqbz ~]#
# 再次测试不使用--link也可以通过容器名访问
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9.2
PING tomcat9.2 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.065 ms
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.070 ms
64 bytes from tomcat9.2.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.066 ms
[root@izuf6cn5k7l8xuxojhszqbz ~]#
网络联通
# 网络联通 docker network connect 网络名 容器名
docker network connect mynet tomcat9.2.2
# 联通之后将tomcat9.1.1放入mynet网络下
# 一个容器两个IP
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker exec -it tomcat9.1 ping tomcat9.1.1
PING tomcat9.1.1 (192.168.0.4) 56(84) bytes of data.
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=1 ttl=64 time=0.101 ms
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=2 ttl=64 time=0.073 ms
64 bytes from tomcat9.1.1.mynet (192.168.0.4): icmp_seq=3 ttl=64 time=0.082 ms
[root@izuf6cn5k7l8xuxojhszqbz ~]#
实战部署Redis集群
for port in $(seq 1 6);\
do \
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.30.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
done
# 启动reids容器
docker run -p 6371:6379 -p 16371:16379 --name redis-1 \
-v /mydata/redis/node-1/data:/data \
-v /mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.11 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6372:6379 -p 16372:16379 --name redis-2 \
-v /mydata/redis/node-2/data:/data \
-v /mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.12 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6373:6379 -p 16373:16379 --name redis-3 \
-v /mydata/redis/node-3/data:/data \
-v /mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.13 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6374:6379 -p 16374:16379 --name redis-4 \
-v /mydata/redis/node-4/data:/data \
-v /mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.14 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6375:6379 -p 16375:16379 --name redis-5 \
-v /mydata/redis/node-5/data:/data \
-v /mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.15 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
docker run -p 6376:6379 -p 16376:16379 --name redis-6 \
-v /mydata/redis/node-6/data:/data \
-v /mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.30.0.16 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
# 创建集群
[root@izuf6cn5k7l8xuxojhszqbz /]# docker exec -it redis-1 /bin/sh
/data # redis-cli --cluster create 172.30.0.11:6379 172.30.0.12:6379 172.30.0.13:6379 172.30.0.14:6379 172.30.0.15:6379 172.30.0.16:6379 --c
luster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.30.0.15:6379 to 172.30.0.11:6379
Adding replica 172.30.0.16:6379 to 172.30.0.12:6379
Adding replica 172.30.0.14:6379 to 172.30.0.13:6379
M: 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379
slots:[0-5460] (5461 slots) master
M: 039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379
slots:[5461-10922] (5462 slots) master
M: f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379
replicates f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6
S: 20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379
replicates 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd
S: a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379
replicates 039ee87ac86de914417233448396a3c089669a2b
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
..
>>> Performing Cluster Check (using node 172.30.0.11:6379)
M: 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379
slots: (0 slots) slave
replicates 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd
S: 534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379
slots: (0 slots) slave
replicates f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6
M: 039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379
slots: (0 slots) slave
replicates 039ee87ac86de914417233448396a3c089669a2b
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
/data #
# 测试集群
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:480
cluster_stats_messages_pong_sent:475
cluster_stats_messages_sent:955
cluster_stats_messages_ping_received:470
cluster_stats_messages_pong_received:480
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:955
127.0.0.1:6379> cluster nodes
20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379@16379 slave 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 0 1603708641983 5 connected
534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379@16379 slave f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 0 1603708641000 4 connected
96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379@16379 myself,master - 0 1603708640000 1 connected 0-5460
039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379@16379 master - 0 1603708640580 2 connected 5461-10922
f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379@16379 master - 0 1603708640000 3 connected 10923-16383
a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379@16379 slave 039ee87ac86de914417233448396a3c089669a2b 0 1603708640000 6 connected
127.0.0.1:6379> set a b
-> Redirected to slot [15495] located at 172.30.0.13:6379
OK
172.30.0.13:6379> get a
^C
/data # redis-cli -c
127.0.0.1:6379> get a
-> Redirected to slot [15495] located at 172.30.0.14:6379
"b"
172.30.0.14:6379> cluster nodes
534e73cf9cd34bac9d43fce82cdb2e1be90d9fdf 172.30.0.14:6379@16379 myself,master - 0 1603708963000 7 connected 10923-16383
a7562cb7fa1cda8321295b12e3ffc3d844665cce 172.30.0.16:6379@16379 slave 039ee87ac86de914417233448396a3c089669a2b 0 1603708964000 2 connected
039ee87ac86de914417233448396a3c089669a2b 172.30.0.12:6379@16379 master - 0 1603708964000 2 connected 5461-10922
f9de7fd7bf12f7a10ac24155b6b4d8fef6d61ad6 172.30.0.13:6379@16379 master,fail - 1603708902628 1603708901000 3 connected
96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 172.30.0.11:6379@16379 master - 0 1603708965564 1 connected 0-5460
20fe1f4923f790377cbaffaf99f9d45558bbd017 172.30.0.15:6379@16379 slave 96d6e1f4ad84f8c9101401bea7408f97e6c56bcd 0 1603708964563 1 connected
172.30.0.14:6379>
docker搭建集群完成!
安装ZooKeeper
一、单机搭建
-
下载镜像
[root@izuf6cn5k7l8xuxojhszqbz ~]# docker pull zookeeper:3.5 -
创建数据挂载目录
/mydata/zookeeper/conf
/mydata/zookeeper/data
/mydata/zookeeper/datalog -
运行zookeeper
docker run -d --name zookeeper3.5 \ --restart always \ -p 2181:2181 -p 2888:2888 -p 3888:3888 \ -v /mydata/zookeeper/conf:/conf \ -v /mydata/zookeeper/data:/data \ -v /mydata/zookeeper/datalog:/datalog \ zookeeper:3.5 -
进入zookeeper容器
[root@izuf6cn5k7l8xuxojhszqbz zookeeper]# docker exec -it zookeeper3.5 /bin/bash root@1d0a2f5178b8:/apache-zookeeper-3.5.8-bin/bin# ls README.txt zkCli.cmd zkEnv.cmd zkServer-initialize.sh zkServer.sh zkTxnLogToolkit.sh zkCleanup.sh zkCli.sh zkEnv.sh zkServer.cmd zkTxnLogToolkit.cmd root@1d0a2f5178b8:/apache-zookeeper-3.5.8-bin/bin# ./zkCli.sh Connecting to localhost:2181 log4j:WARN No appenders could be found for logger (org.apache.zookeeper.ZooKeeper). log4j:WARN Please initialize the log4j system properly. log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info. Welcome to ZooKeeper! JLine support is enabled WATCHER:: WatchedEvent state:SyncConnected type:None path:null [zk: localhost:2181(CONNECTED) 0] create /test test Created /test [zk: localhost:2181(CONNECTED) 1] get /test test [zk: localhost:2181(CONNECTED) 2]
二、集群搭建
-
在/mydata/下创建zookeeper-cluster文件夹
mkdir zookeeper-cluster -
在/mydata/zookeeper-cluster下创建三个zookeeper0x文件夹
mkdir zookeeper01 mkdir zookeeper02 mkdir zookeeper03 -
每个zookeeper0x下建立如下
mkdir conf data datalog
- 在/mydata/zookeeper-cluster目录下创建docker-compose.yml文件并编写
touch docker-compose.yml //创建文件 vim docker-compose.yml //进入vim编译器编写docker-compose.yml文件
version: '3'#版本号固定写法 services: zoo1: image: zookeeper #使用的镜像 restart: always #宕机后自动重启 hostname: zoo1 #承载zookeeper容器的主机(父容器)名 可省略 container_name: zoo1 #容器名 privileged: true #使用该参数,container内的root拥有真正的root权 privileged启动的容器,可以看到很多host上的设备,并且可以执行mount。甚至允许你在docker容器中启动docker容器。 ports: #主机和容器的端口映射 - "2181:2181" volumes: #创建zookeeper容器在宿主机的挂载目录 - /mydata/zookeeper-cluster/zookeeper01/data:/data #数据 - /mydata/zookeeper-cluster/zookeeper01/datalog:/datalog #日志 - /mydata/zookeeper-cluster/zookeeper01/conf:/conf #配置文件 environment: #zookeeper3.4 和zookeeper 3.5在docker环境下搭建集群差异就在这里 #zoo1为容器名,也是主机名,意思为使用容器的内网通信(1)Zookeeper3.5 中指定的 ZOO_SERVERS 参数的 IP 地址和端口号后面多加了 “;2181 ”。(2)ZOO_SERVERS 指定ip时本机的ip地址写 0.0.0.0。 ZOO_MY_ID: 1 ZOO_SERVERS: server.1=0.0.0.0:2888:3888;2181 server.2=zoo2:2888:3888;2181 server.3=zoo3:2888:3888;2181 zoo2: image: zookeeper restart: always hostname: zoo2 container_name: zoo2 privileged: true ports: - "2182:2181" volumes: - /mydata/zookeeper-cluster/zookeeper02/data:/data - /mydata/zookeeper-cluster/zookeeper02/datalog:/datalog - /mydata/zookeeper-cluster/zookeeper02/conf:/conf environment: ZOO_MY_ID: 2 ZOO_SERVERS: server.1=zoo1:2888:3888;2181 server.2=0.0.0.0:2888:3888;2181 server.3=zoo3:2888:3888;2181 zoo3: image: zookeeper restart: always hostname: zoo3 container_name: zoo3 privileged: true ports: - "2183:2181" volumes: - /mydata/zookeeper-cluster/zookeeper03/data:/data - /mydata/zookeeper-cluster/zookeeper03/datalog:/datalog - /mydata/zookeeper-cluster/zookeeper03/conf:/conf environment: ZOO_MY_ID: 3 ZOO_SERVERS: server.1=zoo1:2888:3888;2181 server.2=zoo2:2888:3888;2181 server.3=0.0.0.0:2888:3888;2181- 运行docker-compose.yml文件
docker-compose up -d- 停止集群
docker-compose down- 查看创建好的zookeeper集群
docker ps 或在docker-compose.yml文件所在目录输入 docker-compose ps
Docker Compose
简介
Docker Compose 定义、运行、管理容器
A docker-compose.yml looks like this:
version: "3.8"
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
- logvolume01:/var/log
links:
- redis
redis:
image: redis
volumes:
logvolume01: {}
Compose概念
- 服务service,容器、应用(web、Redis、MySQL…)
- project(项目),一组关联的容器
安装
- 运行安装Compose
curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.5/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
- 给docker-compose可执行的权限
sudo chmod +x /usr/local/bin/docker-compose
- 快速开始:https://docs.docker.com/compose/gettingstarted/