Firewall Management at Docker
CentOS7 firewall installed by default firewalld
service firewall start
service firewall stop
service firewall restart
Port Management
firewall-cmd --permanent --add-port=8080-8085/tcp
firewall-cmd --reload
firewall-cmd --permanent --remove-port=8080-8085/tcp
View open ports and services
Firewall-cmd --permanent the ports --list-
Firewall-cmd --permanent --list-Services
centos7 stop service at
systemctl stop firewalld.service && systemctl disable firewalld.service
If you want to use iptables, then you need to install the iptables service:
yum install iptables-Services
systemctl enable iptables && systemctl enable ip6tables
systemctl Start iptables && systemctl Start ip6tables
Docker virtual machine architecture
All Docker create virtual instances share the same Linux kernel, the hardware footprint small, lightweight virtual machine belongs
Container is created out of the mirror virtual instance
Container used to run programs, read-write layer.
Setup for the mirror, is a read-only layer.
docker初始化
yum -y update
yum install -y docker
docker Virtual Machine Manager command
Mirror Installation
Mirroring is recommended to use domestic warehouse, such as DaoCloud, http: //www.daocloud.io/
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io
vim /etc/docker/daemon.json
{
"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]
}
sudo systemctl daemon-reload
sudo systemctl restart docker
Import and export Mirror
docker save java> /home/java.tar.gz Export
docker load </home/java.tar.gz introduced
docker images
docker rmi java
Start container
docker run -it (open container interface after startup) --name name container vessel name mirroring what program to run, run bash to start this container inside what kind of program, such as bash command line
RUN Expediting --name Myjava Docker ---- the bash Java
-p (port mapping) (host port) 9000: 8080 (port container)
-v (map) (the host directory) / home / project: / soft (container directory) --privileged (the highest authority)
docker pause and stop the container
docker pause container name
docker unpause container name
docker stop container name
docker start -i container name
Rename mirror
docker tag oldname newname