Docker入门进阶
学习资料:
【狂神说Java】Docker最新超详细版教程通俗易懂_哔哩哔哩_bilibili
文章目录
1、容器数据卷
1.1、什么是容器数据卷
docker的理念回顾
将应用和环境打包成一个镜像
数据?如果数据都在容器中,那么我们容器删除,数据就会丢失!需求:数据可以持久化
MySQL,容器删除了,删库跑路!需求:MySQL数据可以存储在本地!
容器之间可以有一个数据共享的技术!Docker容器中产生的数据,同步到本地!
这就是卷技术!目录的挂载,将我们容器内的目录,挂载到Linux上面!
使用卷技术的原因:容器的持久化和同步操作!容器间也是可以数据共享的!
1.2、使用数据卷
挂载后 主机目录和容器目录共享一个目录资源,容器目录也可以理解为是主机目录的快捷方式
方式一 :直接使用命令挂载 -v
# -v, --volume list 绑定挂载卷
docker run -it -v 主机目录:容器目录
# 通过 查看挂载
docker inspect 容器id
1、挂载并进入命令行/bin/bash
docker run -it -v /home/ceshi:/home centos /bin/bash
[root@Agustletmen ~]# docker run -it -v /home/ceshi:/home centos /bin/bash
[root@Agustletmen home]# ls
ceshi kk.java test test.java www
2、查看挂载
docker inspect 【容器id】
测试文件的同步(在主机上改动,观察容器变化)
容器
主机
也可以从主机同步到容器
是一个双向绑定的过程
好处:我们以后修改容器配置只需要在本地修改即可,容器内会自动同步。
1.3、安装Mysql
1、获取mysql镜像
[root@Agustletmen /]# docker pull mysql:5.7
2、运行容器,挂载倆个数据目录,配置密码-e MYSQL_ROOT_PASSWORD=password
# 启动
# -d 后台运行
# -p 端口映射
# -v 数据卷挂载
# -e 环境配置
# --name 容器名字
[root@Agustletmen /]# docker run -d -p 9200:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7
# 启动成功之后,我们在本地使用sql可视化工具来测试是否运行正常
# 连接到服务器的9200--和容器内的3306映射
------------------------------------------------------------------------------
# 注意,这里的-v 端口映射可以映射原来的3306
[root@Agustletmen /]# docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql
3、测试连接,在windows上用数据库连接工具测试连接mysql容器·
4、文件目录映射成功
5、linux中,一个数据库对应一个目录,一个数据表对应一个文件
成功看到test目录
1.4、具名挂载和匿名挂载
1.4.1、匿名挂载
1、匿名挂载就是不指定主机目录进行挂载(没有给卷(主机目录)起名就是匿名)
# -v 容器内路径!
docker run -d -P --name nginx01 -v /etc/nginx nginx
----------------------------------------------------------------------------------
[root@Agustletmen /]# docker run -d -P --name nginx01 -v /etc/nginx nginx
cea26a64e8df744e1ffc43a3809361e509d1a11394ebef52f07636685521b284
2、查看所有的volume(卷)的情况
[root@Agustletmen /]# docker volume --help
Usage: docker volume COMMAND
Manage volumes
Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove all unused local volumes
rm Remove one or more volumes
Run 'docker volume COMMAND --help' for more information on a command.
----------------------------------------------------------------------------------
[root@Agustletmen /]# docker volume ls
DRIVER VOLUME NAME
local 52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac
local 0692acb6e53ee9da29eae6b034c47feebcf9009a2d2745b90b837771a9d61e31
local f81fb68c61eac7a93f92e256a6f0ed2e6a05d660e0e0b77805b6da163e1e0213
#这些字符串就代表匿名卷(目录),是匿名挂载
3、指定卷来查看挂载
[root@Agustletmen /]# docker volume ls
DRIVER VOLUME NAME
local 52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac
local 0692acb6e53ee9da29eae6b034c47feebcf9009a2d2745b90b837771a9d61e31
local f81fb68c61eac7a93f92e256a6f0ed2e6a05d660e0e0b77805b6da163e1e0213
local juming-nginx
[root@Agustletmen /]# docker volume inspect 52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac
[
{
"CreatedAt": "2022-05-07T20:19:55+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac/_data",
"Name": "52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac",
"Options": null,
"Scope": "local"
}
]
1.4.2、具名挂载
1、具名挂载就是指定了主机目录进行挂载(有给卷(主机目录)起名就是具名(有具体的名))
[root@Agustletmen /]# docker run -d -P --name nginx02 -v juming-nginx:/ect/nginx nginx
96cb922c14fe62d5a3298515d8efae6f5de51bac4239f45eb4b1e49e1aa4dd95
2、查看所有的volume(卷)的情况
[root@Agustletmen /]# docker volume ls
DRIVER VOLUME NAME
local 52bf1fef20a9cd57fdb2733ff948e2c659f29d45c9d90768f771f9ca55d9d6ac
local 0692acb6e53ee9da29eae6b034c47feebcf9009a2d2745b90b837771a9d61e31
local f81fb68c61eac7a93f92e256a6f0ed2e6a05d660e0e0b77805b6da163e1e0213
local juming-nginx
3、指定卷来查看挂载
[root@Agustletmen /]# docker volume inspect juming-nginx
[
{
"CreatedAt": "2022-05-08T11:04:42+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/juming-nginx/_data",
"Name": "juming-nginx",
"Options": null,
"Scope": "local"
}
]
所有的docker容器内的卷,没有指定绝对路径的目录的情况下都是在/var/lib/docker/volumes/xxxx/_data下.
拓展
通过 -v 容器内路径: ro rw 改变读写权限
ro #readonly 只读
rw #readwrite 可读可写
docker run -d -P --name nginx05 -v juming:/etc/nginx:ro nginx
docker run -d -P --name nginx05 -v juming:/etc/nginx:rw nginx
ro 只要看到ro就说明这个路径只能通过宿主机来操作,容器内部是无法操作!
2、初始Dockerfile
什么是Dockerfile
Dockerfile 是用来构建docker镜像的构建文件,是一段命令脚本。
创建Dockerfile
2.1、创建docker的测试目录
[root@Agustletmen home]# mkdir docker-test-volume
2.2、创建dockerfile1脚本文件,通过这个脚本可以生成镜像,
dockerfile1脚本文件内容分析:
# 文件中的内容 指令(大写) 参数
# 镜像是一层一层的,这里的每个命令,就是镜像的一层!
FROM centos # 指定镜像
VOLUME ["volume01","volume02"] # 挂载目录
CMD echo "----end----" # CMD 执行命令行命令
CMD /bin/bash
# 以上:wq保存
[root@Agustletmen docker-test-volume]# cat dockerfile1
FROM centos
VOLUME ["volume01","volume02"]
CMD echo "---end---"
CMD /bin/bash
2.3、执行Dockerfile脚本文件,构建镜像
[root@Agustletmen docker-test-volume]# docker build -f dockerfile1 -t qx/centos .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM centos
---> 5d0da3dc9764
Step 2/4 : VOLUME ["volume01","volume02"]
---> Running in d498c0c44e03
Removing intermediate container d498c0c44e03
---> 63abf7145d67
Step 3/4 : CMD echo "---end---"
---> Running in 503556d0efd5
Removing intermediate container 503556d0efd5
---> 2ed5db878944
Step 4/4 : CMD /bin/bash
---> Running in f1540f87146c
Removing intermediate container f1540f87146c
---> 1287388b5493
Successfully built 1287388b5493
Successfully tagged qx/centos:latest
------------------------------------------------------------------------------------
[root@Agustletmen docker-test-volume]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
qx/centos latest 1287388b5493 47 seconds ago 231MB
nginx latest 605c77e624dd 4 months ago 141MB
tomcat latest fb5657adc892 4 months ago 680MB
redis latest 7614ae9453d1 4 months ago 113MB
mysql 5.7 c20987f18b13 4 months ago 448MB
centos latest 5d0da3dc9764 7 months ago 231MB
2.4、启动镜像,查看容器
[root@Agustletmen docker-test-volume]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
qx/centos latest 1287388b5493 47 seconds ago 231MB
nginx latest 605c77e624dd 4 months ago 141MB
tomcat latest fb5657adc892 4 months ago 680MB
redis latest 7614ae9453d1 4 months ago 113MB
mysql 5.7 c20987f18b13 4 months ago 448MB
centos latest 5d0da3dc9764 7 months ago 231MB
------------------------------------------------------------------------------------
[root@Agustletmen docker-test-volume]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
qx/centos latest 1287388b5493 5 minutes ago 231MB
nginx latest 605c77e624dd 4 months ago 141MB
tomcat latest fb5657adc892 4 months ago 680MB
redis latest 7614ae9453d1 4 months ago 113MB
mysql 5.7 c20987f18b13 4 months ago 448MB
centos latest 5d0da3dc9764 7 months ago 231MB
[root@Agustletmen docker-test-volume]# docker run -it 1287388b5493 /bin/bash
------------------------------------------------------------------------------------
[root@17f19913d5d0 /]# ls -l
total 56
lrwxrwxrwx 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x 5 root root 360 May 8 05:29 dev
drwxr-xr-x 1 root root 4096 May 8 05:29 etc
drwxr-xr-x 2 root root 4096 Nov 3 2020 home
lrwxrwxrwx 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------ 2 root root 4096 Sep 15 2021 lost+found
drwxr-xr-x 2 root root 4096 Nov 3 2020 media
drwxr-xr-x 2 root root 4096 Nov 3 2020 mnt
drwxr-xr-x 2 root root 4096 Nov 3 2020 opt
dr-xr-xr-x 111 root root 0 May 8 05:29 proc
dr-xr-x--- 2 root root 4096 Sep 15 2021 root
drwxr-xr-x 11 root root 4096 Sep 15 2021 run
lrwxrwxrwx 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Nov 3 2020 srv
dr-xr-xr-x 13 root root 0 May 8 05:29 sys
drwxrwxrwt 7 root root 4096 Sep 15 2021 tmp
drwxr-xr-x 12 root root 4096 Sep 15 2021 usr
drwxr-xr-x 20 root root 4096 Sep 15 2021 var
# 自己挂载的目录volume01、volume02, 即是数据卷目录
drwxr-xr-x 2 root root 4096 May 8 05:29 volume01
drwxr-xr-x 2 root root 4096 May 8 05:29 volume02
这个卷和外部一定有一个同步的目录,(匿名挂载)
查看这个匿名挂载
[root@Agustletmen home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e1756bd49df 1287388b5493 "/bin/bash" About a minute ago Up About a minute pedantic_goodall
2c4b1bc54e01 mysql:5.7 "docker-entrypoint.s…" 3 hours ago Up 3 hours 33060/tcp, 0.0.0.0:9200->3306/tcp, :::9200->3306/tcp mysql01
[root@Agustletmen home]# docker inspect 9e1756bd49df
已同步
[root@Agustletmen home]# cd /var/lib/docker/volumes/0d5dded3bf1053999639b223418bb688d323516a0c4e619e7178ba37394e09da
[root@Agustletmen 0d5dded3bf1053999639b223418bb688d323516a0c4e619e7178ba37394e09da]# ls
_data
[root@Agustletmen 0d5dded3bf1053999639b223418bb688d323516a0c4e619e7178ba37394e09da]# cd _data/
[root@Agustletmen _data]# ls
container.txt
[root@Agustletmen _data]#
3、数据卷容器
容器挂载数据卷,实现容器间的数据同步和资源共享!
3.1、启动父容器docker01
[root@Agustletmen ~]# docker run -it --name docker01 qx/centos
3.2、启动容器docker02并挂载到父容器docker01的共享卷,命令--volumes-from 容器列表
[root@Agustletmen ~]# docker run -it --name docker02 --volumes-from docker01 qx/centos
[root@2c11c416854a /]# ls -l
total 56
lrwxrwxrwx 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x 5 root root 360 May 8 05:46 dev
drwxr-xr-x 1 root root 4096 May 8 05:46 etc
drwxr-xr-x 2 root root 4096 Nov 3 2020 home
lrwxrwxrwx 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------ 2 root root 4096 Sep 15 2021 lost+found
drwxr-xr-x 2 root root 4096 Nov 3 2020 media
drwxr-xr-x 2 root root 4096 Nov 3 2020 mnt
drwxr-xr-x 2 root root 4096 Nov 3 2020 opt
dr-xr-xr-x 127 root root 0 May 8 05:46 proc
dr-xr-x--- 2 root root 4096 Sep 15 2021 root
drwxr-xr-x 11 root root 4096 Sep 15 2021 run
lrwxrwxrwx 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Nov 3 2020 srv
dr-xr-xr-x 13 root root 0 May 8 05:29 sys
drwxrwxrwt 7 root root 4096 Sep 15 2021 tmp
drwxr-xr-x 12 root root 4096 Sep 15 2021 usr
drwxr-xr-x 20 root root 4096 Sep 15 2021 var
drwxr-xr-x 2 root root 4096 May 8 05:44 volume01
drwxr-xr-x 2 root root 4096 May 8 05:44 volume02
--------------------------------------------------------------------------------------------
# docker01的volume01中创建一个文件
[root@ef1fa959c564 /]# cd volume01
[root@ef1fa959c564 volume01]# ls
[root@ef1fa959c564 volume01]# touch docker01.txt
[root@ef1fa959c564 volume01]# ls
docker01.txt
[root@ef1fa959c564 volume01]#
--------------------------------------------------------------------------------------------
# 查看docker02的volume01,发现docker01创建的文件同步过来了
[root@2c11c416854a /]# cd volume01
[root@2c11c416854a volume01]# ls
docker01.txt
[root@2c11c416854a volume01]#
--------------------------------------------------------------------------------------------
# 同理,在docker02创建的文件也会同步到docker01中
docker01容器中
docker02容器中
这里的docker01就是叫数据卷容器
再加个docker03试试,也有docker01和docker02已经创建的文件
[root@Agustletmen ~]# docker run -it --name docker03 --volumes-from docker01 qx/centos
[root@50edf6994d7b /]# ls
bin etc lib lost+found mnt proc run srv tmp var volume02
dev home lib64 media opt root sbin sys usr volume01
[root@50edf6994d7b /]# cd volume01
[root@50edf6994d7b volume01]# ls
docker01.txt docker02.txt
在docker03创建的文件也会同步到docker01和docker02中
# docker03
[root@50edf6994d7b volume01]# touch docker03.txt
[root@50edf6994d7b volume01]# ls
docker01.txt docker02.txt docker03.txt
[root@50edf6994d7b volume01]#
--------------------------------------------------------------------------------------------
# docker02
[root@2c11c416854a volume01]# ls
docker01.txt docker02.txt docker03.txt
[root@2c11c416854a volume01]#
--------------------------------------------------------------------------------------------
[root@ef1fa959c564 volume01]# ls
docker01.txt docker02.txt docker03.txt
[root@ef1fa959c564 volume01]#
通过 --volumes-from 实现容器之间的数据共享
3.3、小结
- docker03创建的文件docker01、docker02也同步共享;
- 删除docker01,docker02和docker03依旧保持数据同步和资源共享,其中docker01之前所创建的文件也还存在与docker02与docker03中;
- 容器挂载后双向资源绑定,双向拷贝。
3.4、案例:Mysql容器实现数据同步
1、启动mysql01,绑定端口3306,配置密码-e MYSQL_ROOT_PASSWORD=password,挂载卷-v
docker run -it --name mysql01 -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 -v /etc/mysql/conf.d -v /var/lib/mysql mysql:5.7
2、启动mysql02(绑定端口9200)、mysql03(绑定端口9300)
# mysql02
docker run -it --name mysql02 --volumes-from mysql01 -p 9200:3306 -e MYSQL_ROOT_PASSWORD=123456 -v /etc/mysql/conf.d -v /var/lib/mysql mysql:5.7
# mysql03
docker run -it --name mysql03 --volumes-from mysql01 -p 9300:3306 -e MYSQL_ROOT_PASSWORD=123456 -v /etc/mysql/conf.d -v /var/lib/mysql mysql:5.7
三个数据会实现数据的共享与同步
结论
- 容器之间的配置信息的传递,数据卷容器的生命周期一直持续到没有容器使用为止。
- 但是一旦你持久化到了本地,这个时候,本地的数据是不会删除的!
4、Dockerfile(重点)
4.1、Dockerfile介绍
dockerfile是用来构建docker镜像的文件!命令参数脚本!
构建步骤:
- 编写一个dockerfile文件
- docker build 构建称为一个镜像
- docker run运行镜像
- docker push发布镜像(DockerHub 、阿里云仓库)
官方的镜像
官方仓库搜索:https://hub.docker.com/_/centos
点击版本跳转到Github,看到dockerfile文件:
docker 99%的镜像都是从FROM scratch(基础镜像)开始
很多官方镜像都是基础包,很多功能没有,我们通常会自己搭建自己的镜像!
官方既然可以制作镜像,那我们也可以!
4.2、DockerFile构建过程
DockerFile脚本文件语法
1、每个保留关键字(指令)都是必须是大写字母
2、执行从上到下顺序
3、# 表示注释
4、每一个指令都会创建提交一个新的镜像曾,并提交!
Dockerfile
-
Dockerfile是面向开发的,我们以后要发布项目,做镜像,就需要编写dockerfile文件,这个文件十分简单!
-
Docker镜像逐渐成企业交付的标准,必须要掌握!
-
DockerFile:构建文件,定义了一切的步骤,源代码
-
DockerImages:通过DockerFile构建生成的镜像,最终发布和运行产品。
-
Docker容器:容器就是镜像运行起来提供服务。
4.3、Docker的指令
| 指令 | 解释 | 小写 |
|---|---|---|
| FROM | 基础镜像,一切从这里开始构建 | from |
| MAINTAINER | 镜像是谁写的, 姓名+邮箱(翻译:维护人员) | maintainer |
| RUN | 镜像构建的时候需要运行的命令 | run |
| ADD | 步骤,tomcat镜像,这个tomcat压缩包!添加内容 添加同目录 | add |
| WORKDIR | 镜像的工作目录 | workdir |
| VOLUME | 挂载的目录 | volume |
| EXPOSE | 保留端口配置(开放的端口) | expose |
| CMD | 指定这个容器启动的时候要运行的命令,只有最后一个会生效,可被替代。 | cmd |
| ENTRYPOINT | 指定这个容器启动的时候要运行的命令,可以追加命令(入口点) | entrypoint |
| ONBUILD | 当构建一个被继承 DockerFile 这个时候就会运行ONBUILD的指令,触发指令。 | onbuild |
| COPY | 类似ADD,将我们文件拷贝到镜像中 | copy |
| ENV | 构建的时候设置环境变量! | env |
4.4、Dockerfile实战
Docker Hub 中99%的镜像都是从这个基础镜像过来的 (FROM scratch),然后配置需要的软件和配置来进行构建
4.4.1、创建一个自己的centos镜像
官方的centos许多命令都没有,所以我们创建一个自己的centos镜像
4.4.1.1、创建工作目录
[root@Agustletmen home]# mkdir dockerfile
[root@Agustletmen home]# ls
ceshi dockerfile docker-test-volume kk.java mysql test test.java www
[root@Agustletmen home]# cd dockerfile
[root@Agustletmen dockerfile]#
4.4.1.2、编写Dockerfile文件 (文件名:mydockerfile-centos)
FROM centos:7.9.2009
MAINTAINER qx<3066686488@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "-----end----"
CMD /bin/bash
[root@Agustletmen dockerfile]# cat mydockerfile-centos
FROM centos:7.9.2009
MAINTAINER qx<3066686488@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "-----end----"
CMD /bin/bash
4.4.1.3、通过这个文件构建镜像
# 通过这个文件构建镜像
# 命令docker build -f dockerfile文件路径 -t 镜像名:[tag] .
docker build -f /home/dockerfile/mydockerfile-centos -t mycentos:0.1 .
--------------------------------------------------------------------------------------------
[root@Agustletmen dockerfile]# docker build -f /home/dockerfile/mydockerfile-centos -t mycentos:0.1 .
Step 5/10 : RUN yum -y install vim
---> Running in 71b82bf5f0ac
CentOS Linux 8 - AppStream 30 B/s | 38 B 00:01
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
The command '/bin/sh -c yum -y install vim' returned a non-zero code: 1
# 因为没有vim这个rpm包。vim命令在vim-ehanced这个包内。
yum失败的可以在yum之前加一个更新软件源
systemctl stop firewalld.service # 停止防火墙
百度了一通说因为centOS8于2021年12月31日停止了源的服务,而现在时间是2022年3月了,所以之前的方法都不行的原因所在(本质是源的问题)。
未具体指明 centos7 的镜像时,它会默认去找最新的镜像,然后就一直失败
将脚本中FROM centos改成指定版本FROM centos:FROM centos7
然后就成功了…
查看操作系统的版本
命令:cat /etc/redhat-release
具体操作查看:https://mp.csdn.net/mp_blog/creation/success/124649895
yum失败的可以在yum之前加一个更新软件源:https://mp.csdn.net/mp_blog/creation/success/124650686
注意:最后需要重启docker
systemctl restart docker
4.4.1.4、运行测试
# 直接进入工作目录
# ENV MYPATH /usr/local
# WORKDIR $MYPATH
[root@bbb761d1cf2e local]# pwd
/usr/local
--------------------------------------------------------------------------------------------
[root@bbb761d1cf2e local]# iconfig
bash: iconfig: command not found
[root@bbb761d1cf2e local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
--------------------------------------------------------------------------------------------
[root@bbb761d1cf2e local]# vim test #可用
对比原乡的centos,增加了vim以及ifconfig指令,以及pwd直接进入工作目录/usr/local
4.4.1.5、启动镜像
列出镜像的变更历史
docker history 镜像
[root@Agustletmen ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos 0.1 4f21cbf56ece 13 minutes ago 591MB
qx/centos latest 1287388b5493 4 hours ago 231MB
nginx latest 605c77e624dd 4 months ago 141MB
tomcat latest fb5657adc892 4 months ago 680MB
redis latest 7614ae9453d1 4 months ago 113MB
mysql 5.7 c20987f18b13 4 months ago 448MB
centos 7.9.2009 eeb6ee3f44bd 7 months ago 204MB
--------------------------------------------------------------------------------------------
[root@Agustletmen ~]# docker history 4f21cbf56ece
IMAGE CREATED CREATED BY SIZE COMMENT
4f21cbf56ece 13 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
3c0e004491b5 13 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
9f4f3866b085 13 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
447c90c89df6 13 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
9381b088a91d 13 minutes ago /bin/sh -c yum -y install net-tools 166MB
e189bef41d7d 14 minutes ago /bin/sh -c yum -y install vim 221MB
a66aa8ec7172 24 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
a23ce59321e3 24 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
ece7ed692267 24 minutes ago /bin/sh -c #(nop) MAINTAINER qx<3066686488@… 0B
eeb6ee3f44bd 7 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 7 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 7 months ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4… 204MB
4.4、CMD 和 ENTRYPOINT区别
- CMD : 指定这个容器启动的时候要运行的命令,只有最后一个会生效,可被替代。(替代的方式)
- ENTRYPOINT : 指定这个容器启动的时候要运行的命令,可以追加命令。(追加的方式)
4.4.1、测试cmd
4.4.1.1、编写dockerfile文件
[root@Agustletmen ~]# cat dockerfile-cmd-test
FROM centos:7.9.2009
CMD ["ls","-a"]
4.4.1.2、 构建镜像
docker build -f dockerfile-cmd-test -t cmd-test:0.1 .
[root@Agustletmen dockerfile]# docker build -f dockerfile-cmd-test -t cmdtest .
Sending build context to Docker daemon 3.072kB
Step 1/2 : FROM centos:7.9.2009
---> eeb6ee3f44bd
Step 2/2 : CMD ["ls","-a"]
---> Running in 8407f693b413
Removing intermediate container 8407f693b413
---> e96c865a0557
Successfully built e96c865a0557
Successfully tagged cmdtest:latest
4.4.1.3、运行镜像
# 发现我们的ls -a 命令生效
[root@Agustletmen dockerfile]# docker run e96c865a0557
.
..
.dockerenv
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
----------------------------------------------------------------------------------------
# 想追加一个命令 -l ls -al
[root@Agustletmen dockerfile]# docker run e96c865a0557 -l
docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "-l": executable file not found in $PATH: unknown.
# cmd的情况下 -l替换了CMD["ls","-a"]命令,而-l不是命令,所以报错
----------------------------------------------------------------------------------------
# 若要正确的执行,则...
[root@Agustletmen dockerfile]# docker run e96c865a0557 ls -al
total 64
drwxr-xr-x 1 root root 4096 May 8 09:31 .
drwxr-xr-x 1 root root 4096 May 8 09:31 ..
-rwxr-xr-x 1 root root 0 May 8 09:31 .dockerenv
-rw-r--r-- 1 root root 12114 Nov 13 2020 anaconda-post.log
lrwxrwxrwx 1 root root 7 Nov 13 2020 bin -> usr/bin
drwxr-xr-x 5 root root 340 May 8 09:31 dev
drwxr-xr-x 1 root root 4096 May 8 09:31 etc
drwxr-xr-x 2 root root 4096 Apr 11 2018 home
lrwxrwxrwx 1 root root 7 Nov 13 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 13 2020 lib64 -> usr/lib64
drwxr-xr-x 2 root root 4096 Apr 11 2018 media
drwxr-xr-x 2 root root 4096 Apr 11 2018 mnt
drwxr-xr-x 2 root root 4096 Apr 11 2018 opt
dr-xr-xr-x 124 root root 0 May 8 09:31 proc
dr-xr-x--- 2 root root 4096 Nov 13 2020 root
drwxr-xr-x 11 root root 4096 Nov 13 2020 run
lrwxrwxrwx 1 root root 8 Nov 13 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 May 8 05:29 sys
drwxrwxrwt 7 root root 4096 Nov 13 2020 tmp
drwxr-xr-x 13 root root 4096 Nov 13 2020 usr
drwxr-xr-x 18 root root 4096 Nov 13 2020 var
4.4.2、测试ENTRYPOINT
4.4.2.1、编写dockerfile文件
[root@Agustletmen dockerfile]# vim dockerdile-cmd-entrypoint
FROM centos
ENTRYPOINT ["ls","-a"]
4.4.2.2、构建镜像
[root@Agustletmen dockerfile]# docker build -f dockerfile-cmd-entrypoint -t entrypoint-test .
4.4.2.3、执行
[root@Agustletmen dockerfile]# docker build -f dockerdile-cmd-entrypoint -t entrypoint-test .
Sending build context to Docker daemon 4.096kB
Step 1/2 : FROM centos:7.9.2009
---> eeb6ee3f44bd
Step 2/2 : ENTRYPOINT ["ls","-a"]
---> Running in 82dcee6ee6ca
Removing intermediate container 82dcee6ee6ca
---> f5300821d8f0
Successfully built f5300821d8f0
Successfully tagged entrypoint-test:latest
[root@Agustletmen dockerfile]# docker run f5300821d8f0
.
..
.dockerenv
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@Agustletmen dockerfile]#
4.4.2.4、追加一个命令 -l
# 我们追加的命令是直接拼接在我们的 ENTRYPOINT 命令的后面
ls -al
[root@Agustletmen dockerfile]# docker run f5300821d8f0 -l #ls -al
total 64
drwxr-xr-x 1 root root 4096 May 8 11:43 .
drwxr-xr-x 1 root root 4096 May 8 11:43 ..
-rwxr-xr-x 1 root root 0 May 8 11:43 .dockerenv
-rw-r--r-- 1 root root 12114 Nov 13 2020 anaconda-post.log
lrwxrwxrwx 1 root root 7 Nov 13 2020 bin -> usr/bin
drwxr-xr-x 5 root root 340 May 8 11:43 dev
drwxr-xr-x 1 root root 4096 May 8 11:43 etc
drwxr-xr-x 2 root root 4096 Apr 11 2018 home
lrwxrwxrwx 1 root root 7 Nov 13 2020 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Nov 13 2020 lib64 -> usr/lib64
drwxr-xr-x 2 root root 4096 Apr 11 2018 media
drwxr-xr-x 2 root root 4096 Apr 11 2018 mnt
drwxr-xr-x 2 root root 4096 Apr 11 2018 opt
dr-xr-xr-x 118 root root 0 May 8 11:43 proc
dr-xr-x--- 2 root root 4096 Nov 13 2020 root
drwxr-xr-x 11 root root 4096 Nov 13 2020 run
lrwxrwxrwx 1 root root 8 Nov 13 2020 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Apr 11 2018 srv
dr-xr-xr-x 13 root root 0 May 8 05:29 sys
drwxrwxrwt 7 root root 4096 Nov 13 2020 tmp
drwxr-xr-x 13 root root 4096 Nov 13 2020 usr
drwxr-xr-x 18 root root 4096 Nov 13 2020 var
4.5、Tomcat镜像
4.5.1、准备镜像文件(tomcat压缩包 和 jdk压缩包 )
4.5.2、编写dokerfile文件,官方命名Dockerfile,build 会自动寻找,就不用-f 指定了
FROM centos:7.9.2009
MAINTAINER qx<3066686488@qq.com>
COPY readme.txt /usr/local/readme.txt
ADD apache-tomcat-9.0.35.tar.gz /usr/local/
ADD jdk-8u161-linux-x64.tar.gz /usr/local/
RUN yum -y install vim
ENV MYPATH /usr/local
WORKDIR $MYPATH
ENV JAVA_HOME /usr/local/jdk1.8.0_161
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.35
ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.35
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
EXPOSE 8080
CMD /usr/local/apache-tomcat-9.0.35/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.35/bin/logs/catalina.out
4.5.3、构造镜像
[root@Agustletmen kk]# docker build -t diytomcat .
[root@Agustletmen kk]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
diytomcat latest 95b3cd025f33 39 seconds ago 825MB
4.5.4、运行镜像
[root@Agustletmen kk]# docker run -d -p 8080:8080 --name qxtomcat -v /home/kk/tomcat/test:/usr/local/apache-tomcat-9.0.35/webapps/test -v /home/kk/tomcat/tomcatlogs/:/usr/local/apache-tomcat-9.0.35/logs diytomcat
90e57e059efe3920a49648aa8bf792b917cb1c77b186d1332354ca15658f61dc
4.5.5、访问测试
[root@Agustletmen kk]# docker exec -it 90e57e059efe3920 /bin/bash
[root@90e57e059efe local]#
--------------------------------------------------------------------------------------------
[root@90e57e059efe local]# ls
aegis apache-tomcat-9.0.35 etc include lib libexec sbin src
apache-tomcat-9.0.35 bin games jdk1.8.0_161 lib64 readme.txt share
[root@90e57e059efe local]# ls -l
total 60
drwxr-xr-x 3 root root 4096 May 8 13:38 aegis
drwxr-xr-x 1 root root 4096 May 8 13:37 apache-tomcat-9.0.35
drwxr-xr-x 4 root root 4096 May 8 13:38 apache-tomcat-9.0.58
drwxr-xr-x 2 root root 4096 Apr 11 2018 bin
drwxr-xr-x 2 root root 4096 Apr 11 2018 etc
drwxr-xr-x 2 root root 4096 Apr 11 2018 games
drwxr-xr-x 2 root root 4096 Apr 11 2018 include
drwxr-xr-x 8 10 143 4096 Dec 20 2017 jdk1.8.0_161
drwxr-xr-x 2 root root 4096 Apr 11 2018 lib
drwxr-xr-x 2 root root 4096 Apr 11 2018 lib64
drwxr-xr-x 2 root root 4096 Apr 11 2018 libexec
-rw-r--r-- 1 root root 0 May 8 12:13 readme.txt
drwxr-xr-x 2 root root 4096 Apr 11 2018 sbin
drwxr-xr-x 5 root root 4096 Nov 13 2020 share
drwxr-xr-x 2 root root 4096 Apr 11 2018 src
--------------------------------------------------------------------------------------------
本地访问
远程访问
在本地编写web.xml和index.jsp进行测试
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>hello. qx</title>
</head>
<body>
Hello World!<br/>
<%
System.out.println("-----my test web logs------");
%>
</body>
</html>
发现:项目部署成功, 可以直接访问ok!
4.5.6、发布项目(由于做了卷挂载,我们直接在本地编写项目就可以发布了!)
发现:项目部署成功,可以直接访问!
我们以后开发的步骤:需要掌握Dockerfile的编写!我们之后的一切都是使用docker镜像来发布运行!
4.6、发布My镜像到Docker Hub
Docker Hub
4.6.1、地址 注册自己的账号!
4.6.2、确定这个账号可以登录
[root@Agustletmen ~]# docker login --help
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
------------------------------------------------------------------------------------------
# 登录成功
[root@Agustletmen ~]# docker login -u [用户名]
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
4.6.3、登录完毕就可以在提交镜像了,就是一步docker pull
# push到我们的服务器上
[root@Agustletmen ~]# docker push diytomcat
Using default tag: latest
The push refers to repository [docker.io/library/diytomcat]
7a9cf744cf66: Preparing
c9df6f93b331: Preparing
e9ccbde0f3be: Preparing
aae5953e109a: Preparing
174f56854903: Preparing
denied: requested access to the resource is denied # 拒绝
# push镜像的问题?
[root@Agustletmen ~]# docker push diytomcat
Using default tag: latest
The push refers to repository [docker.io/library/diytomcat]
denied: requested access to the resource is denied
# 解决,增加一个tag
docker tag [镜像id] chenmuke/diytomcat:1.0
# 发布成功
[root@Agustletmen kk]# docker tag 162589cfe96d chenmuke/diytomcat:1.0
[root@Agustletmen kk]# docker push chenmuke/diytomcat:1.0
aa5e35c983ea: Pushing 60.1MB/221.2MB
a5c23e4ced73: Pushing 44.77MB/384.5MB
a5c23e4ced73: Pushing 43.1MB/384.5MB
aa5e35c983ea: Pushing 62.33MB/221.2MB
a5c23e4ced73: Pushing 49.23MB/384.5MB
aa5e35c983ea: Pushed
a5c23e4ced73: Pushing 231.4MB/384.5MB
a5c23e4ced73: Pushing 349.4MB/384.5MB
a5c23e4ced73: Pushed
174f56854903: Pushed
1.0: digest: sha256:0c34175435f7c2f9a0197d70cd4390ebc3fbe2675842f9a38e2a0b47e7ac1f34 size: 1373
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-eE8La1Ok-1652100279845)(C:\Users\30666\AppData\Roaming\Typora\typora-user-images\image-20220509133801722.png)]
4.7、发布到阿里云镜像服务上
4.7.1、登录阿里云
4.7.2、找到容器镜像服务
4.7.3、创建命名空间
4.7.4、创建容器镜像
点击仓库名称,参考官方文档即可
总结
5、Docker网络
清空所有环境
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-lCcYJdfG-1652100279847)(C:\Users\30666\AppData\Roaming\Typora\typora-user-images\image-20220509135330752.png)]
5.1、理解Docker0
tomcat无法使用ip addr以及ping的可以看一下文章
Docker在官网下载Tomcat镜像,执行ip addr报错
三个网络
# 问题: docker是如何处理容器网络访问的?
[root@Agustletmen ~]# docker run -d -P --name tomcat01 tomcat
22b2277cb4b45cfab5ef8e6a91754d4bd4b55904fdd74878a584c80297e468dc
--------------------------------------------------------------------------------------------
# 查看容器内部的网络地址 ip addr
# 发现容器启动的时候得到一个 eth0@if155 ip地址,docker分配的!
[root@Agustletmen ~]# docker exec -it tomcat01 ip addr
1:lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
154: eth0@if155: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
--------------------------------------------------------------------------------------------
# 思考: linux 能不能ping通容器?
root@22b2277cb4b4:/usr/local/tomcat# ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.043 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.053 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.054 ms
64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.058 ms
64 bytes from 172.17.0.3: icmp_seq=5 ttl=64 time=0.054 ms
# linux 可以 ping 通docker容器内部!
原理
我们每启动一个docker容器, docker就会给docker容器分配一个ip, 我们只要安装了docker,就会有一个网卡 docker0桥接模式,使用的技术是veth-pair技术!
再次测试 ip addr,并且再启动一个容器测试, 发现又多了一对网卡
# 我们发现这个容器带来网卡,都是一对对的
# veth-pair 就是一对的虚拟设备接口,他们都是成对出现的,一端连着协议,一端彼此相连
# 正因为有这个特性,veth-pair充当一个桥梁, 连接各种虚拟网络设备
# OpenStac, Docker容器之间的链接,OVS的链接, 都是使用veth-pair技术
测试tomcat01和tomcat02之间是否可以ping通
[root@Agustletmen kk]# docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
154: eth0@if155: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@Agustletmen kk]# docker exec -it tomcat02 ping 172.17.0.3
PING 172.17.0.3 (172.17.0.3) 56(84) bytes of data.
64 bytes from 172.17.0.3: icmp_seq=1 ttl=64 time=0.094 ms
64 bytes from 172.17.0.3: icmp_seq=2 ttl=64 time=0.091 ms
64 bytes from 172.17.0.3: icmp_seq=3 ttl=64 time=0.092 ms
64 bytes from 172.17.0.3: icmp_seq=4 ttl=64 time=0.089 ms
结论:容器与容器之间是可以相互ping通的!
绘制一个网络模型图
结论:tomcat01和tomcat02是共用的一个路由器docker0
所有容器不指定网络的情况下,都是docker0路由的,doucker会给我们的容器分配一个默认的可用IP
小结
Docker使用的是Linux的桥接,宿主机中是一个Docker容器的网桥docker0
Docker中的所有的网络接口都是虚拟的,虚拟的转发效率高!(内网传递文件!)
只要容器删除,对应的网桥一对就没有了!
5.2、 --link
思考一个场景,我们编写了一个微服务,database url =ip; 项目不重启,数据ip换掉了,我们希望可以处理这个问题,可以按名字来进行访问容器
[root@Agustletmen ~]# docker exec -it tomcat02 ping tomcat01
ping: tomcat01: Name or service not known
# 如何可以解决呢?
# 通过--link既可以解决网络连通问题
[root@Agustletmen ~]# docker exec -it tomcat03 ping tomcat02
PING tomcat02 (172.17.0.4) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.4): icmp_seq=1 ttl=64 time=0.133 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=2 ttl=64 time=0.081 ms
64 bytes from tomcat02 (172.17.0.4): icmp_seq=3 ttl=64 time=0.092 ms
# 反向可以ping通吗?
[root@Agustletmen ~]# docker exec -it tomcat02 ping tomcat03
ping: tomcat03: Name or service not known
探究:inspect!
这个tomcat03就是在本地配置了tomcat02的配置
# 查看 hosts 配置 在这里发现原理
[root@Agustletmen ~]# docker exec -it tomcat03 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.4 tomcat02 7118d20ebdb0
172.17.0.5 00cbb3f37f52
--link 就是在我们的host配置中增加了一个172.17.0.4 tomcat02 7118d20ebdb0
我们现在玩Docker已经不建议使用–link了!
自定义网络!不使用Docker0!
Docker0的问题:它不支持容器名链接访问!
5.3、自定义网络
查看所有的docker网络
网络模式
- bridge: 桥接模式,桥接 docker 默认,自己创建的也是用brdge模式
- none: 不配置网络
- host: 和宿主机共享网络
- container:容器网络连通!(用的少, 局限很大)
测试
# 我们直接启动的命令 默认有 --net bridge 而这个就是我们的docker0
[root@Agustletmen ~]# docker run -d -P --name tomcat01 tomcat
[root@Agustletmen ~]# docker run -d -P --name tomcat01 --net bridge tomcat
# docker0 特定 默认,域名不能访问,--link可以打通连接,当时比较麻烦
# 我们可以自定义一个网络!
# --driver bridge 桥接
# --subnet 192.168.0.0/1 子网地址 192.168.0.2 ~ 192.168.255.255
# --gateway 192.168.0.1 网关,路由器地址
[root@Agustletmen ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
fcf905ddf4da0432e6082d982709f21122e40d93ad517214ebae88691edb3e50
[root@Agustletmen ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
3196eda46a46 bridge bridge local
43df728acf9f host host local
fcf905ddf4da mynet bridge local
c5e663a596ff none null local
我们自己创建的网络就ok了!
在自己创建的网络里面启动两个容器
[root@Agustletmen ~]# docker run -d -P --name tomcat-net-01 --net mynet tomcat
8d33398d8a78347c449e8ee66fa87a60381fd2298a7ae45bca07156b4663b093
[root@Agustletmen ~]# docker run -d -P --name tomcat-net-02 --net mynet tomcat
fd5c63570d9ace63006b49e07f0231183d1b43bca24084006b0e7503d1e89470
[root@Agustletmen ~]# docker inspect mynet
[
{
"Name": "mynet",
"Id": "fcf905ddf4da0432e6082d982709f21122e40d93ad517214ebae88691edb3e50",
"Created": "2022-05-09T15:32:32.199790374+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {
},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"8d33398d8a78347c449e8ee66fa87a60381fd2298a7ae45bca07156b4663b093": {
"Name": "tomcat-net-01",
"EndpointID": "db3c3e7106361166d85dae736b484dafb4f0003b1b84e0474e99b21c4cb8e302",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
},
"fd5c63570d9ace63006b49e07f0231183d1b43bca24084006b0e7503d1e89470": {
"Name": "tomcat-net-02",
"EndpointID": "e37a122b7b8e2d6e5289191d1e3158d845bca27d6f80cc43d2da65fb0883bc8b",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
}
},
"Options": {
},
"Labels": {
}
}
]
# 再次测试ping连接
# 现在不适用 --link也可以使用 ping 名字
# 而且双向都可以ping
[root@Agustletmen ~]# docker exec -it tomcat-net-01 ping 192.168.0.3
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=64 time=0.085 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=64 time=0.065 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=64 time=0.063 ms
------------------------------------------------------------------------------------------
[root@Agustletmen ~]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.057 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.059 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.074 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=4 ttl=64 time=0.083 ms
我们自定义的网络docker都已经帮我们维护好了对应的关系,推荐我们平时这样使用网络
好处:
- redis - 不同的集群使用不同的网络,保证集群时安全和健康的
- mysql - 不同的集群使用不同的网络,保证集群时安全和健康的
5.4、网络连通
[root@Agustletmen ~]# docker run -d -P --name tomcat01 tomcat
7118cab1a6efce565b5555dd72de56fa9f30017aada88700ef095e45d43bd085
[root@Agustletmen ~]# docker run -d -P --name tomcat02 tomcat
eb6575c7545c5961912c261440b4396c2f54636df630a93dcf1ce630025c798e
测试打通tomcat01和mynet
[root@Agustletmen ~]# docker network connect mynet tomcat01
# 测试打通tomcat01 到 mynet
# 连通之后就是讲tomcat01 放到了mynet网路下
# 一个容器两个ip地址:
# 阿里云服务器,公网ip,私网ip
# tomcat01连通,有connect
[root@Agustletmen ~]# docker exec -it tomcat01 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.098 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.080 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.072 ms
--------------------------------------------------------------------------------------------
# tomcat02依旧无法连通,没有connect
[root@Agustletmen ~]# docker exec -it tomcat02 ping tomcat-net-01
ping: tomcat-net-01: Name or service not known
--------------------------------------------------------------------------------------------
[root@Agustletmen ~]# docker network connect mynet tomcat02
[root@Agustletmen ~]# docker exec -it tomcat02 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.106 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.069 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.076 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=4 ttl=64 time=0.106 ms
结论:假设要跨网络 操作别人,就要使用docker network connect连通.....!
5.5、部署Redis集群
# 创建网卡
docker network create redis --subnet 172.38.0.0/16
# 通过脚本创建六个redis配置
for port in $(seq 1 6); \
do \
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.38.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
done
# 创建结点1
docker run -p 6371:6379 -p 16371:16379 --name redis-1 \
-v /mydata/redis/node-1/data:/data \
-v /mydata/redis/node-1/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.11 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
#创建结点2
docker run -p 6372:6379 -p 16372:16379 --name redis-2 \
-v /mydata/redis/node-2/data:/data \
-v /mydata/redis/node-2/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.12 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
#创建结点3
docker run -p 6373:6379 -p 16373:16379 --name redis-3 \
-v /mydata/redis/node-3/data:/data \
-v /mydata/redis/node-3/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.13 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
#创建结点4
docker run -p 6374:6379 -p 16374:16379 --name redis-4 \
-v /mydata/redis/node-4/data:/data \
-v /mydata/redis/node-4/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.14 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
#创建结点5
docker run -p 6375:6379 -p 16375:16379 --name redis-5 \
-v /mydata/redis/node-5/data:/data \
-v /mydata/redis/node-5/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.15 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
#创建结点6
docker run -p 6376:6379 -p 16376:16379 --name redis-6 \
-v /mydata/redis/node-6/data:/data \
-v /mydata/redis/node-6/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.16 redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
# 创建集群
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.3
8.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-r
eplicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: 9e06e807213a188a1c6c02a7fcc4150c766d7c2e 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: fe4a0fed86e8c0ac912a830b028da406127483fc 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: c2666dbc353b2f7ebb679250e73053d942fc4170 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 9b9d54ed658da0f0cf78c2f535826f200641e74c 172.38.0.14:6379
replicates c2666dbc353b2f7ebb679250e73053d942fc4170
S: 9439ea45481b5e44406ca41b57649549b0a6174c 172.38.0.15:6379
replicates 9e06e807213a188a1c6c02a7fcc4150c766d7c2e
S: e6a1d68fbd470b639f4f30348ca6ff7b251a0a40 172.38.0.16:6379
replicates fe4a0fed86e8c0ac912a830b028da406127483fc
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
.....
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: 9e06e807213a188a1c6c02a7fcc4150c766d7c2e 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
M: c2666dbc353b2f7ebb679250e73053d942fc4170 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
M: fe4a0fed86e8c0ac912a830b028da406127483fc 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
S: 9439ea45481b5e44406ca41b57649549b0a6174c 172.38.0.15:6379
slots: (0 slots) slave
replicates 9e06e807213a188a1c6c02a7fcc4150c766d7c2e
S: 9b9d54ed658da0f0cf78c2f535826f200641e74c 172.38.0.14:6379
slots: (0 slots) slave
replicates c2666dbc353b2f7ebb679250e73053d942fc4170
S: e6a1d68fbd470b639f4f30348ca6ff7b251a0a40 172.38.0.16:6379
slots: (0 slots) slave
replicates fe4a0fed86e8c0ac912a830b028da406127483fc
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
启动redis
/data # redis-cli -c
127.0.0.1:6379> cluster info
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:126
cluster_stats_messages_pong_sent:131
cluster_stats_messages_sent:257
cluster_stats_messages_ping_received:126
cluster_stats_messages_pong_received:126
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:257
127.0.0.1:6379> cluster nodes
c2666dbc353b2f7ebb679250e73053d942fc4170 172.38.0.13:6379@16379 master - 0 1652096997614 3 connected 10923-16383
fe4a0fed86e8c0ac912a830b028da406127483fc 172.38.0.12:6379@16379 master - 0 1652096996098 2 connected 5461-10922
9439ea45481b5e44406ca41b57649549b0a6174c 172.38.0.15:6379@16379 slave 9e06e807213a188a1c6c02a7fcc4150c766d7c2e 0 1652096996000 5 connected
9b9d54ed658da0f0cf78c2f535826f200641e74c 172.38.0.14:6379@16379 slave c2666dbc353b2f7ebb679250e73053d942fc4170 0 1652096997102 4 connected
e6a1d68fbd470b639f4f30348ca6ff7b251a0a40 172.38.0.16:6379@16379 slave fe4a0fed86e8c0ac912a830b028da406127483fc 0 1652096996599 6 connected
9e06e807213a188a1c6c02a7fcc4150c766d7c2e 172.38.0.11:6379@16379 myself,master - 0 1652096997000 1 connected 0-5460
127.0.0.1:6379> set name qx
-> Redirected to slot [5798] located at 172.38.0.12:6379
OK
197.38.0.16是172.38.0.12的从机
127.0.0.1:6379> set name qx
-> Redirected to slot [5798] located at 172.38.0.12:6379
OK
--------------------------------------------------------------------------------------------
[root@Agustletmen ~]# docker stop redis-2
--------------------------------------------------------------------------------------------
127.0.0.1:6379> get name
-> Redirected to slot [5798] located at 172.38.0.16:6379
"qx"
docker搭建redis集群完成
6、SpringBoot微服务打包Docker镜像
1.构建springboot项目
2.打包应用
3.编写Dockerfile
FROM java:8
COPY *.jar /app.jar
CMD ["--server.port=8080"]
EXPOSE 8080
ENTRYPOINT ["java","-jar","/app.jar"]
将Dockerfile以及jar包上传之 /home/idea目录下
4.构建镜像
[root@Agustletmen idea]# ls
Dockerfile springboot-docker-0.0.1-SNAPSHOT.jar
[root@Agustletmen idea]# docker build -t qx666 .
Sending build context to Docker daemon 17.55MB
Step 1/5 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/5 : COPY *.jar /app.jar
---> 99d0bdb81632
Step 3/5 : CMD ["--server.port=8080"]
---> Running in ce31c13897cc
Removing intermediate container ce31c13897cc
---> 423238a7e19c
Step 4/5 : EXPOSE 8080
---> Running in cf3b11c9e684
Removing intermediate container cf3b11c9e684
---> 55174b580640
Step 5/5 : ENTRYPOINT ["java","-jar","/app.jar"]
---> Running in 3a997cb8ad5a
Removing intermediate container 3a997cb8ad5a
---> d08bd824d0e4
Successfully built d08bd824d0e4
Successfully tagged qx666:latest
5.发布运行!
[root@Agustletmen idea]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b67858910214 qx666 "java -jar /app.jar …" About a minute ago Up About a minute 0.0.0.0:49163->8080/tcp, :::49163->8080/tcp qx-springboot-web
[root@Agustletmen idea]# curl localhost:49163
{
"timestamp":"2022-05-09T12:36:45.403+00:00","status":404,"error":"Not Found","path":"/"}
[root@Agustletmen idea]# curl localhost:49163/hello
hello,qx
远程访问(需要开启阿里云上的安全组配置)
5-1652100279854)]
将Dockerfile以及jar包上传之 /home/idea目录下
[外链图片转存中…(img-vrZyroq3-1652100279854)]
4.构建镜像
[root@Agustletmen idea]# ls
Dockerfile springboot-docker-0.0.1-SNAPSHOT.jar
[root@Agustletmen idea]# docker build -t qx666 .
Sending build context to Docker daemon 17.55MB
Step 1/5 : FROM java:8
8: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:8
---> d23bdf5b1b1b
Step 2/5 : COPY *.jar /app.jar
---> 99d0bdb81632
Step 3/5 : CMD ["--server.port=8080"]
---> Running in ce31c13897cc
Removing intermediate container ce31c13897cc
---> 423238a7e19c
Step 4/5 : EXPOSE 8080
---> Running in cf3b11c9e684
Removing intermediate container cf3b11c9e684
---> 55174b580640
Step 5/5 : ENTRYPOINT ["java","-jar","/app.jar"]
---> Running in 3a997cb8ad5a
Removing intermediate container 3a997cb8ad5a
---> d08bd824d0e4
Successfully built d08bd824d0e4
Successfully tagged qx666:latest
5.发布运行!
[root@Agustletmen idea]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b67858910214 qx666 "java -jar /app.jar …" About a minute ago Up About a minute 0.0.0.0:49163->8080/tcp, :::49163->8080/tcp qx-springboot-web
[root@Agustletmen idea]# curl localhost:49163
{
"timestamp":"2022-05-09T12:36:45.403+00:00","status":404,"error":"Not Found","path":"/"}
[root@Agustletmen idea]# curl localhost:49163/hello
hello,qx
远程访问(需要开启阿里云上的安全组配置)
[外链图片转存中…(img-oDrQDR4S-1652100279855)]
