当要使用 docker api 查询信息的时候,我们需要修改 docker 的配置文件,添加一条 OPTIONS 来使得 api 功能可以使用,请把添加的 OPTIONS 参数以文本形式提交到答题框。
Vi /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false -H unix:///var/run/docker.sock -H tcp://0.0.0.0:2375'
在 server 节点使用 netstat 命令查询仓库监听端口号,查询完毕后通过 lsof 命令(如命令不存在则手工安装)查询使用此端口号的进程。将以上所有操作命 令和输出结果以文本形式提交到答题框。
Netstat
Lsof -i:端口号
在 server 节点通过 netstat 命令(如命令不存在则手工安装)查询 docker镜像仓库 PID,使用 top 命令查询上一步查询到的 PID 的资源使用情况。将以上所有操作命令和输出结果以文本形式提交到答题框。
[root@registry ~]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 724/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 802/master
tcp6 0 0 :::5000 :::* LISTEN 21423/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 724/sshd
tcp6 0 0 ::1:25 :::* LISTEN 802/master
[root@registry ~]# top -p 21423
top - 07:26:24 up 35 days, 3:06, 1 user, load average: 0.00, 0.01, 0.05
Tasks: 1 total, 0 running, 1 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 2049396 total, 118648 free, 127892 used, 1802856 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 1721968 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
21423 root 20 0 253880 16520 7592 S 0.0 0.8 2:57.51 exe
在 server 节点通过 docker 命令查询 docker registry 容器最后几条日志,将以上所有操作命令和输出结果以文本形式提交到答题框。
docker logs -f -t --tail X 71f37b7d7a59
在 server 节点,查询 rancher/server 容器的进程号,建立命名空间/var/run/netns 并与 rancher/server 容器进行连接,通过 ip netns 相关命令查询该容器的 ip,将以上操作命令及检查结果填入答题框。
[root@server opt]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
71f37b7d7a59 271f7878a277 "/usr/bin/s6-svscan /" About an hour ago Up About an hour 3306/tcp, 0.0.0.0:80->8080/tcp tender_carson
[root@server opt]# docker inspect -f '{{.State.Pid}}' 71f37b7d7a59
1951
[root@server opt]# mkdir -p /var/run/netns[root@server opt]# ln -s /proc/1951/ns/net /var/run/netns/1951[root@server opt]# ip netns
1951
[root@server opt]# ip netns exec 1951 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
[root@server opt]#
在 server 节点查询当前 cgroup 的挂载情况,将以上操作命令及检查结果填入答题框。
[root@registry ~]# mount -t cgroup
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
# docker run -itdP -e MYSQL_ROOT_PASSWORD=xd_root -p 13306:3306 192.168.200.12:5000/mariadb:latest# docker exec -it 8998a53f34da /bin/bash# mysql -uroot -pxd_root
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
Server version: 10.1.19-MariaDB-1~jessie mariadb.org binary distribution
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.Type'help;' or '\h'for help.Type'\c' to clear the current input statement.
MariaDB [(none)]> create database xd_db;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> grant all privileges on xd_db.* to 'xiandian'@'%' identified by 'xd_pass';
Query OK, 0 rows affected (0.00 sec)# mysql -uxiandian -pxd_pass -h172.17.0.66 -e "show databases;"+--------------------+| Database |+--------------------+| information_schema || xd_db |+--------------------+
在 server 节点将 mysql 镜像导出,导出名称为 mysql_images.tar,放在/media 目录下,导出后,查看目录,将以上操作命令及检查结果以文本形式填入答题框。
在 server 节点,使用 docker 命令查询 rancher/server 容器的进程,将以上操作命令及检查结果以文本形式填入答题框。
docker top CONTAINERID
在 server 节点,使用 docker 命令查列出 rancher/server 容器内发生变化的文件和目录,将以上操作命令及检查结果以文本形式填入答题框。
# docker diff 4bffd6c930b5
C /run
C /run/mysqld
C /run/mysqld/mysqld.pid
C /run/mysqld/mysqld.sock
C /service
C /service/cattle
C /service/cattle/supervise
C /service/cattle/supervise/status
C /service/mysql
C /service/mysql/supervise
C /service/mysql/supervise/status
C /service/mysql/supervise/control
C /usr
C /usr/local
C /usr/local/bin
A /usr/local/bin/docker-machine-driver-packet
C /root
C /root/.bash_history
C /etc
C /etc/mysql
C /etc/mysql/my.cnf
C /tmp
C /tmp/hsperfdata_root
C /tmp/hsperfdata_root/8
A /tmp/jetty-0.0.0.0-8081-58488b81592773dcae114770406e3e1b-_-any-2649025364052028092.dir
在 server 节点,使用 docker 命令查看最后退出的容器的 ID,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
563d755fc48f nginx:latest "nginx -g 'daemon off" 15 hours ago Up 11 minutes 80/tcp, 0.0.0.0:1000->1000/tcp my
在 server 节点,将运行的 mysql 容器创建为镜像,完成后查询该镜像,将以上操作命令及检查结果以文本形式填入答题框。
# docker commit 8998a53f34da mysql:latest# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mariadb_new latest b8d391717ee1 6 seconds ago 389.9 MB
在 server 节点查询 registry 容器的 CPU、内存等统计信息,将以上操作命令及检查结果以文本形式填入答题框。
# docker stats 940568599bb2
CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O
940568599bb2 0.00% 155.4 MB / 2.099 GB 7.40% 276.5 kB / 131.5 MB 151.8 MB / 0 B
在 server 节点修改运行的 rancher/server 容器的名称,修改名称为xiandian_server,完成后查询容器列表,将以上操作命令及检查结果以文本形式填入答题框。
# docker cp /etc/yum.repos.d/local.repo 4bffd6c930b5:/opt# docker exec 4bffd6c930b5 ls /opt
在 server 节点,使用 docker 查询当前系统使用的卷组信息,将以上操作命令及检查结果以文本形式填入答题框
# docker volume ls
在 server 节点,使用 centos:latest 的镜像创建容器,容器挂载使用创建的xd_volume 卷组挂载到 root 分区,完成后通过 inspect 指定查看容器的挂载情况,将以上操作命令及检查结果以文本形式填入答题框。
Mkdir /xd_volume
Docker run -itdP -v /xd_volume:/root centos:latest
Docker inspect -f ‘{{.config.volume}}’ xxxxxxxxxxx
# docker volume ls
DRIVER VOLUME NAME
local 0f272e99d983c52b7a1099b47158f261a3c8ed3b69ad6857980328bb37469c25
local a4d71a18abf39258d66bd22e444d0b3740b1d09284035f0987d6faf4ee78ec17
local a94e079509a6e13d69989d6a3b1bd478640cd57e47de1147939ee5dca68fbc6e
local 1211eb76e9d7f6302cb2a17de5a0a1077df10d069d35bb30dc11bf515d64e15f
# cat DockerfileFROM 192.168.200.12:5000/centos-7
MAINTAINER Xiandian
RUN rm-fv /etc/yum.repos.d/*
ADD local.repo /etc/yum.repos.d/
RUN yum install -y java unzip
ENV LC_ALL en_US.UTF-8
ADD apache-tomcat.zip /root/apache-tomcat.zip
RUN unzip /root/apache-tomcat.zip -d /root/
EXPOSE 8080
RUN chmod u+x /root/apache-tomcat-6/bin/*
ADD index.html /root/apache-tomcat-6/webapps/ROOT/index.html
ENV CATALINA_HOME /root/apache-tomcat-6
CMD ${CATALINA_HOME}/bin/catalina.sh run
在 server 节点通过 docker api 查询 docker 的系统信息,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# curl -X GET http://localhost:2375/info | python -mjson.tool
在 server 节点通过 docker api 查询 docker 的版本,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# curl -X GET http://localhost:2375/version | python -mjson.tool% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 273 100 273 0 0 1804 0 --:--:----:--:----:--:-- 1807
{"ApiVersion": "1.24","Arch": "amd64","BuildTime": "2018-01-30T09:17:00.069703428+00:00","GitCommit": "3e8e77d/1.12.6","GoVersion": "go1.8.3","KernelVersion": "3.10.0-229.el7.x86_64","Os": "linux","PkgVersion": "docker-1.12.6-71.git3e8e77d.el7.centos.1.x86_64","Version": "1.12.6"}
在 server 节点通过 docker api 查询 docker 内所有容器,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# curl -X GET http://localhost:2375/containers/json?all=1[{"Id":"f6eb503cf7b7b5074e11de2b77fa6507656e70eabe85050194cd19081facb45f","Names":["/fervent_golick"],"Image":"rancher/server:v1.6.5","ImageID":"sha256:f89070da7581b401a04667ae33e2a6dea560cc43916342e4f128d4a1a025287b","Command":"/usr/bin/entry /usr/bin/s6-svscan /service","Created":1525768870,"Ports":[{"IP":"0.0.0.0","PrivatePort":8080,"PublicPort":8080,"Type":"tcp"},{"PrivatePort":3306,"Type":"tcp"}],"Labels":{},"State":"running","Status":"Up 4 minutes","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"85ad4cb278712b7bed9b46d34fd10a7f63e512e3122e84a9276c769e2a779ab0","EndpointID":"676a1c00df87799942d54affc70e9565dd593e9e42a8783ec2b59d73e0cde757","Gateway":"172.17.0.1","IPAddress":"172.17.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:11:00:02"}}},"Mounts":[{"Name":"b9be8311ac49a82ca9755368c5431c67fe065eac17547e741905404cb0cc8f15","Source":"/var/lib/docker/volumes/b9be8311ac49a82ca9755368c5431c67fe065eac17547e741905404cb0cc8f15/_data","Destination":"/var/lib/cattle","Driver":"local","Mode":"","RW":true,"Propagation":""},{"Name":"ee44b72e6030df6d3be4c497276fb77a6ca601c6b8004a43b8700c9a74a8212c","Source":"/var/lib/docker/volumes/ee44b72e6030df6d3be4c497276fb77a6ca601c6b8004a43b8700c9a74a8212c/_data","Destination":"/var/lib/mysql","Driver":"local","Mode":"","RW":true,"Propagation":""},{"Name":"312304393cd5cb08e59e1cba3bedb1300cf5a6c7798be566e5acf83b95ed2e28","Source":"/var/lib/docker/volumes/312304393cd5cb08e59e1cba3bedb1300cf5a6c7798be566e5acf83b95ed2e28/_data","Destination":"/var/log/mysql","Driver":"local","Mode":"","RW":true,"Propagation":""}]}]
在 server 节点通过 docker api 查询 docker 内所有镜像,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# curl -X GET http://localhost:2375/images/json[{"Id":"sha256:f89070da7581b401a04667ae33e2a6dea560cc43916342e4f128d4a1a025287b","ParentId":"","RepoTags":["192.168.200.107:5000/rancher/server:v1.6.5"],"RepoDigests":["192.168.200.107:5000/rancher/server@sha256:ff1289d72b6a711f1c205556ab9184e77ec37aa73a339c052dd221682666de92"],"Created":1517195642,"Size":984901875,"VirtualSize":984901875,"Labels":{}},{"Id":"sha256:a92c139758db4c89d0cdeaa641566d0cb3305f9f6d2dbd2ca50dd361c02328da","ParentId":"","RepoTags":["192.168.200.107:5000/tomcat:latest"],"RepoDigests":["192.168.200.107:5000/tomcat@sha256:90b2bee496f433123469c91586b19b6e4b1b0c417356ba0240bdcbea1b474a46"],"Created":1516741810,"Size":557380446,"VirtualSize":557380446,"Labels":null},{"Id":"sha256:3f8a4339aadda5897b744682f5f774dc69991a81af8d715d37a616bb4c99edf5","ParentId":"","RepoTags":["192.168.200.107:5000/nginx:latest"],"RepoDigests":["192.168.200.107:5000/nginx@sha256:926b086e1234b6ae9a11589c4cece66b267890d24d1da388c96dd8795b2ffcfb"],"Created":1514312221,"Size":108472156,"VirtualSize":108472156,"Labels":{"maintainer":"NGINX Docker Maintainers \[email protected]\u003e"}},{"Id":"sha256:26bd364f80bf23283c579400bab4bff2d0cd743fbe0df942ad714fbe50111e5b","ParentId":"","RepoTags":["192.168.200.107:5000/mysql:8.0"],"RepoDigests":["192.168.200.107:5000/mysql@sha256:c6a388006b8f706b031279a0102c3b454d9cbee74390a84f3735769f3070d07b"],"Created":1513045422,"Size":342538968,"VirtualSize":342538968,"Labels":null}]
在 server 节点通过 docker api 相关命令查询 rancher/server 镜像的具体信息,将以上操作命令及检查结果以文本形式填入答题框。
# curl -X GET http://localhost:2375/images/271f7878a277/json
根据提供的 tomcat 镜像,创建容器,使用该镜像,并创建/root/www1 目录,在 www1 目录下编写 index.jsp 文件,容器的默认项目地址连接到创建的 www1目录,要求访问 tomcat 的时候输出一句话为 this is Tomcat1,最后启动容器,并启动 tomcat 服务,使用 curl 命令查询 tomcat 的首页,将以上操作命令及检查结果以文本形式填入答题框。
mkdir /root/www1
vi /root/www1/index.jsp
<html>
<head>
<title>Tomcat2</title>
</head>
<body>
this is Tomcat1
</body>
</html>
docker run -itdPh tomcat --name tomcat -v /root/www1:/usr/local/tomcat/webapps/ROOT tomcat:latest /bin/bash
docker exec -it tomcat /bin/bash
root@tomcat1:/usr/local/tomcat# cd bin/
root@tomcat1:/usr/local/tomcat/bin# startup.sh
curl http://192.168.200.106:32772
在 server 节点,使用 docker 命令查看最近创建的 2 个容器的 id,将以上操作命令及检查结果以文本形式填入答题框。
[root@server ~]# docker ps -n 2
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
563d755fc48f nginx:latest "nginx -g 'daemon off" 15 hours ago Up 8 minutes 80/tcp, 0.0.0.0:1000->1000/tcp my
d32cb7cff76d rancher/server:v1.6.5 "/usr/bin/entry /usr/" 18 hours ago Up 8 minutes 3306/tcp, 0.0.0.0:8081->8080/tcp nauseous_booth