技术标签: Docker 容器 运维 linux docker网络模式 docker
目录
(1)docker run 镜像名,container可省略
(1)示例
[root@localhost ~]# docker search httpd
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 4512 [OK]
clearlinux/httpd httpd HyperText Transfer Protocol (HTTP) ser… 5
paketobuildpacks/httpd 0
vulhub/httpd 0
jitesoft/httpd Apache httpd on Alpine linux. 0
openquantumsafe/httpd Demo of post-quantum cryptography in Apache … 0
wodby/httpd 0
avenga/httpd-static 0
dockette/httpdump 0
betterweb/httpd 0
dockette/apache Apache / HTTPD 1 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 45
manageiq/httpd Container with httpd, built on CentOS for Ma… 1 [OK]
centos/httpd-24-centos8 1
dockerpinata/httpd 1
19022021/httpd-connection_test This httpd image will test the connectivity … 0
publici/httpd httpd:latest 1 [OK]
centos/httpd 36 [OK]
httpdocker/kubia 0
e2eteam/httpd 0
manasip/httpd 0
httpdss/archerysec ArcherySec repository 0 [OK]
solsson/httpd-openidc mod_auth_openidc on official httpd image, ve… 2 [OK]
patrickha/httpd-err 0
hypoport/httpd-cgi httpd-cgi 2 [OK]
(2)可选参数
--automated | 只列出automated build类型的镜像 |
--no-trunc | 显示完整的镜像描述 |
-f <匹配条件> | 只列出收藏数不小于条件的镜像 |
(3)各列参数含义
NAME | 镜像名称 |
DESCRIPTION | 镜像说明 |
STARS | 点赞数量,越多越受欢迎 |
OFFICIAL | OK表示是docker官方发布的 |
AUTOMATED | 是否是自动构建的 |
(1)docker pull从docker镜像仓库获取镜像,添加-a参数表示拉去所有匹配的镜像
[root@localhost ~]# docker pull nginx:1.14-alpine #alpine表示构建容器小镜像的发行版本
1.14-alpine: Pulling from library/nginx
bdf0201b3a05: Pull complete
3d0a573c81ed: Pull complete
8129faeb2eb6: Pull complete
3dc99f571daf: Pull complete
Digest: sha256:485b610fefec7ff6c463ced9623314a04ed67e3945b9c08d7e53a47f6d108dc7
Status: Downloaded newer image for nginx:1.14-alpine
docker.io/library/nginx:1.14-alpine
(2)标记本地镜像,将它放进某一仓库
[root@localhost ~]# docker tag nginx:1.14-alpine /data/nginx:v1 #tag指定镜像标签
(3)查看镜像层数
[root@localhost ~]# docker history nginx:1.14-alpine
IMAGE CREATED CREATED BY SIZE COMMENT
8a2fb25a19f5 4 years ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 4 years ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B
<missing> 4 years ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 4 years ago /bin/sh -c #(nop) COPY file:ebf4f0eb33621cc0… 1.09kB
<missing> 4 years ago /bin/sh -c #(nop) COPY file:4c82b9f10b84c567… 643B
<missing> 4 years ago /bin/sh -c GPG_KEYS=B0F4253373F8F6F510D42178… 10.5MB
<missing> 4 years ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.14.2 0B
<missing> 4 years ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 4 years ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B
<missing> 4 years ago /bin/sh -c #(nop) ADD file:2e3a37883f56a4a27… 5.53MB
(1)查看,默认只显示顶层
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.14-alpine 8a2fb25a19f5 4 years ago 16MB
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.14-alpine 8a2fb25a19f5 4 years ago 16MB
[root@localhost ~]# docker image ls nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.14-alpine 8a2fb25a19f5 4 years ago 16MB
[root@localhost ~]# docker image --help
Usage: docker image COMMAND
Manage images
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Download an image from a registry
push Upload an image to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
REPOSITORY | 镜像的仓库源 |
TAG | 镜像的标签 |
IMAGE ID | 镜像ID |
CREATED | 镜像创建时间 |
SIZE | 镜像大小 |
镜像大小说明:docker image ls显示的是镜像拉去到本地后展开的大小(即展开后各层占空间总合),不是在docker hub中的压缩状态的大小,而且这个大小并非四=是实际消耗的硬盘空间大小。
(2)显示没有仓库名,没有标签的“虚悬镜像”,这些镜像可以放心删除
[root@localhost ~]# docker image ls -f dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@localhost ~]# docker image prune #删除虚悬镜像
(3)显示包括中间层镜像在内的所有镜像,中间层镜像不能删除
[root@localhost ~]# docker image ls -a
(4)查看镜像的详细信息
[root@localhost ~]# docker image inspect nginx:1.14-alpine
(5)其他可选参数
-q | 只显示镜像ID |
--no-trunc | 显示完整的镜像信息 |
--f <匹配条件> | 显示满足条件的镜像 |
使用“>”或“-o”参数指定导出镜像位置,需要导出的镜像可以为多个,在指定导出的文件名后缀为“.tar.gz”时可以让文件直接压缩
[root@localhost ~]# docker image save nginx > docker-nginx.tar.gz
[root@localhost ~]# ll
total 16860
-rw-r--r-- 1 root root 0 Jul 23 09:59 abc
-rw-------. 1 root root 1386 Jul 23 09:02 anaconda-ks.cfg
-rw-r--r-- 1 root root 17258496 Aug 20 20:25 docker-nginx.tar.gz
(1)指定拉取时的名称,也可以通过ID删除
[root@localhost ~]# docker image rm nginx:1.14-alpine
#rm或rmi
(2)可选参数
-f | 强制删除 |
-l | 删除容器间的网络连接,并非容器本身 |
-v | 删除与容器关联的卷 |
-i指定先前导出的镜像文件,可加“-q”参数精简输出信息
[root@localhost ~]# docker image load -i docker-nginx.tar.gz
[root@localhost ~]# docker container --help
Usage: docker container COMMAND
Manage containers
Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
exec Execute a command in a running container
export Export a container's filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Create and run a new container from an image
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.
[root@localhost ~]# docker container run -d -p 80:80 nginx:1.14-alpine
d2a903c987ac122186f950b55fc5716564aec096f5ad2376e285853638ce718c
[root@localhost ~]# docker ps #查询容器运行状态
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2a903c987ac nginx:1.14-alpine "nginx -g 'daemon of…" 10 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp dreamy_cerf
[root@localhost ~]# docker port dreamy_cerf #查看docker端口映射,这个名字在启动时没有指定时会自动创建一个,通过docker ps查询
80/tcp -> 0.0.0.0:80
80/tcp -> [::]:80
注:容器内的第一个进程必须一致处于运行状态,否则容器将退出
-t | 打开一个终端来使用容器 |
-i | 交互式访问 |
-d | 后台运行容器,返回容器ID,不后台运行则会一直占用终端 |
-p | 端口映射,将容器内服务的端口映射在宿主机的指定端口,“宿主机端口:容器端口” |
-P | 随机端口映射,容器内部端口随机映射到主机的端口 |
--name | 容器名字 |
--network | 指定网络 |
--rm | 容器停止即自动删除 |
docker stop/kill 容器名,kill可以像Linux杀进程一样使用信号控制(-s参数 信号)
-a | 附加到当前终端 |
-i | 交互式激活进入 |
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2a903c987ac nginx:1.14-alpine "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp dreamy_cerf
[root@localhost ~]# docker inspect dreamy_cerf
[root@localhost ~]# docker inspect dreamy_cerf | grep -i address
"LinkLocalIPv6Address": "",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"IPAddress": "172.17.0.2",
"MacAddress": "02:42:ac:11:00:02",
"IPAddress": "172.17.0.2",
"GlobalIPv6Address": "",
"MacAddress": "02:42:ac:11:00:02",
[root@localhost ~]# curl 172.17.0.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@localhost ~]# docker logs dreamy_cerf
172.17.0.1 - - [20/Aug/2023:13:32:50 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [20/Aug/2023:13:33:10 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [20/Aug/2023:13:34:53 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [20/Aug/2023:13:44:23 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
[root@localhost ~]# docker exec -it dreamy_cerf /bin/sh #指定运行环境
/ # ls /
bin etc lib mnt proc run srv tmp var
dev home media opt root sbin sys usr
/ # exit #exit退出
[root@localhost ~]# docker exec dreamy_cerf echo hello
hello
-d | 在后台运行命令 |
-e | 设置环境变量 |
-i | 交互式 |
-t | 打开一个终端 |
(1)docker kill 容器名
(2)docker rm (-f)容器名,(强制)删除容器
(3)docker rm -f `docker ps -a -q`,强制删除所有容器
(4)docker container prune,删除处于终止状态的容器
数据卷——类似于Linux文件系统中目录的挂载,docker镜像中被指定为挂载点的目录里的文件会隐藏,只显示挂载着数据卷。数据卷在容器间共享,可重用,数据卷的修改动态会立即生效,其更新不会影响到镜像。
(1)创建数据卷
[root@localhost ~]# docker volume create vol1
vol1
[root@localhost ~]# docker volume ls
DRIVER VOLUME NAME
local vol1
(2)查看指定数据卷的信息
[root@localhost ~]# docker volume inspect vol1
[
{
"CreatedAt": "2023-08-20T21:58:06+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/vol1/_data",
"Name": "vol1",
"Options": null,
"Scope": "local"
}
]
(3)启动一个挂载数据卷的容器
数据卷本地目录挂载以及使用“--volumes-from”新容器从现有容器挂载已有数据卷
#通过-v指定数据卷,可以在卷名前加上路径表示将卷挂载到本地目录
#:前是本地目录路径,:后是容器目录路径,表示将两处的目录挂载到一起,可以实现共享
[root@localhost docker1]# docker volume ls
DRIVER VOLUME NAME
local vol1
local vol2
[root@localhost docker1]# docker run -it -v /docker1:/vol2 nginx:1.14-alpine /bin/sh
/ # ls
bin etc lib mnt proc run srv tmp var
dev home media opt root sbin sys usr vol2
[root@localhost docker1]# ll
total 4
-rw-r--r-- 1 root root 6 Aug 21 12:38 a.txt
/ # cd vol2/
/vol2 # ls
a.txt
/vol2 # cat a.txt
hello #本地目录挂载完成
#新容器挂载已有容器的已有卷
[root@localhost ~]# docker run -itd --volumes-from quirky_ramanujan --name db1 nginx:1.14-alpine
31b2b8a7a31803aa8d239667491212991cf44cdcf909f460990d8440ed3d0e57
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED S
31b2b8a7a318 nginx:1.14-alpine "nginx -g 'daemon of…" 44 seconds ago U
2cee63a76808 nginx:1.14-alpine "/bin/sh" 13 minutes ago U
[root@localhost ~]# docker exec -it db1 /bin/sh
/ # ls
bin etc lib mnt proc run srv tmp var
dev home media opt root sbin sys usr vol2
/ # cd vol2/
/vol2 # ls
a.txt
/vol2 # cat a.txt
hello
(4)删除数据卷
可以直接删除卷,也可以在删除容器时加“-v”参数同时删除数据卷
[root@localhost ~]# docker volume rm 卷名
(5)删除无主数据卷
[root@localhost ~]# docker volume prune
(6)查看镜像、容器、数据卷占用空间
[root@localhost ~]# docker system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 1 1 16.03MB 0B (0%) #镜像
Containers 5 2 14B 0B (0%) #容器
Local Volumes 1 1 1.149kB 0B (0%) #数据卷
Build Cache 0 0 0B 0B
(1)简介
如图所示,docker完整安装后会自动创建一个docker0网桥,不指定网络模式的情况下,docker程序默认将程序与docker0虚拟网桥连接,通过docker0来与宿主机通信。每运行一个docker都会在主机中产生对应的虚拟veth网卡设备,运行的docker都是和docker0虚拟网桥位于同一网段,docker0的地址作为docker的网关地址
bridge模式下主机和docker,docker与docker之间可以互相通信
(2)演示
运行两个容器,不指定网络模式情况下默认是bridge模式
[root@localhost ~]# docker run -d -P --name web1 nginx:1.14-alpine
46dfb334cc76f59cfdb1cafcdea0bbc7b59626607f4f42441a4a579a256fa6fd
[root@localhost ~]# docker run -d -P --name web2 nginx:1.14-alpine
e98078ffd26a37861dc0eb3e66d87a75bbe6d070917fd0970282372245acf8e2
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e98078ffd26a nginx:1.14-alpine "nginx -g 'daemon of…" 10 seconds ago Up 10 seconds 0.0.0.0:32770->80/tcp, :::32770->80/tcp web2
46dfb334cc76 nginx:1.14-alpine "nginx -g 'daemon of…" 18 seconds ago Up 17 seconds 0.0.0.0:32769->80/tcp, :::32769->80/tcp web1
在主机中自动生成了两个veth设备
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b7:d0:79 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.190/24 brd 192.168.2.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::c0a0:564:e1a7:2b9c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:e5:5e:06:6a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e5ff:fe5e:66a/64 scope link
valid_lft forever preferred_lft forever
15: veth57180bd@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 6a:f0:0e:99:2e:b9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::68f0:eff:fe99:2eb9/64 scope link
valid_lft forever preferred_lft forever
17: veth8e2b70d@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 8e:72:5f:e8:b0:c5 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::8c72:5fff:fee8:b0c5/64 scope link
valid_lft forever preferred_lft forever
查看两个容器的IP地址
[root@localhost ~]# docker inspect web1 | grep -i ipaddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
[root@localhost ~]# docker inspect web2 | grep -i ipaddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
可以自定义网桥,自定义网桥网段会发生变化
[root@localhost ~]# docker network create -d bridge mybridge1
9a90056a032815f7a7016ca34e38456a3a494ec470d869bcaf55b54a04a11b3b
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
77e840367105 bridge bridge local
5e0d2b0cb5bd host host local
9a90056a0328 mybridge1 bridge local
b1f06c666e9b none null local
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b7:d0:79 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.190/24 brd 192.168.2.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::c0a0:564:e1a7:2b9c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:e5:5e:06:6a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:e5ff:fe5e:66a/64 scope link
valid_lft forever preferred_lft forever
15: veth57180bd@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 6a:f0:0e:99:2e:b9 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::68f0:eff:fe99:2eb9/64 scope link
valid_lft forever preferred_lft forever
17: veth8e2b70d@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 8e:72:5f:e8:b0:c5 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::8c72:5fff:fee8:b0c5/64 scope link
valid_lft forever preferred_lft forever
18: br-9a90056a0328: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:73:2f:84:71 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-9a90056a0328
valid_lft forever preferred_lft forever
(1)简介
host模式下,容器没有地理的网络命名空间(不会新增网卡设备),和宿主机共用网络命名空间,使用宿主机的IP和端口
(2)演示
运行一个容器,并且可以在容器内只看到和宿主机共用的IP
[root@localhost ~]# docker run -it -d -p 80:80 --name web1 --network host nginx:1.14-alpine
WARNING: Published ports are discarded when using host network mode
fde1b4af966fc7f774185cf5895be0876cd3d06c8576815f105b1e1d33512360
[root@localhost ~]# docker exec -it web1
"docker exec" requires at least 2 arguments.
See 'docker exec --help'.
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Execute a command in a running container
[root@localhost ~]# docker exec -it web1 /bin/sh
/ # ls
bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:b7:d0:79 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.190/24 brd 192.168.2.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::c0a0:564:e1a7:2b9c/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:e5:5e:06:6a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
/ # cd /usr/share/nginx/html/
/usr/share/nginx/html # ls
50x.html index.html
/usr/share/nginx/html # echo hello > index.html
[root@localhost ~]# curl 192.168.2.190
hello
(1)简介
指定这个模式下新运行的容器和已经存在的容器共享命名空间、IP、端口等,不和宿主机共享。可以理解为这两个容器之间在网络方面产生绑定关系,可以通过lo环回网卡设备通信。
(2)演示
[root@localhost ~]# docker run --name nginx1 -it --network container:web1 nginx:1.14-alpine
#web1为被共享的docker
none模式下,docker容器拥有自己的网络命名空间,此时不为任何docker容器进行网络配置,需要自定义网卡和IP等等。此模式下docker不参与网络通信,仅能访问本地环回接口,适用于无需网络的环境中的离线任务。
安装docker服务,配置镜像加速器
[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 #安装必要工具
[root@localhost~]#yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #新增源
[root@localhost ~]# sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo #修改源文件
[root@localhost ~]# yum makecache fast #更新
[root@localhost ~]# yum -y install docker-ce #安装docker-ce
[root@localhost ~]# yum list docker-ce.x86_64 --showduplicates | sort -r #可以通过这行命令找到自己想要安装的具体版本,默认是安装最新版本
[root@localhost ~]# systemctl start docker
[root@localhost ~]# docker version #查看docker版本
Client: Docker Engine - Community
Version: 24.0.5
API version: 1.43
Go version: go1.20.6
Git commit: ced0996
Built: Fri Jul 21 20:39:02 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 24.0.5
API version: 1.43 (minimum version 1.12)
Go version: go1.20.6
Git commit: a61e2b4
Built: Fri Jul 21 20:38:05 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.22
GitCommit: 8165feabfdfe38c65b599c4993d227328c231fca
runc:
Version: 1.1.8
GitCommit: v1.1.8-0-g82f18fe
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@localhost ~]# cd /etc/docker/
[root@localhost docker]# ll
total 0
[root@localhost docker]# vim daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
#使用的是中国科技大学的镜像加速器,也可以选择阿里云的
[root@localhost docker]# systemctl daemon-reload #重载配置并重启
[root@localhost docker]# systemctl restart docker
下载系统镜像(ubuntu和centos)
[root@localhost ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
[root@localhost ~]# docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
b237fe92c417: Pull complete
Digest: sha256:ec050c32e4a6085b423d36ecd025c0d3ff00c38ab93a3d71a460ff1c44fa6d77
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
基于下载的镜像创建两个容器(一个为名字全拼一个为名字首字母)
[root@localhost ~]# docker run -it --name sulibao -d -P ubuntu
b7d1e332cdad2844250054c4fc5c78856139af2117464843251d04974f0ec8d9
[root@localhost ~]# docker run -it --name slb -d -P centos
d51febc7bc7cc7673e5f539d3ed535fffbd1c72aed29ac838dfc59ce99380511
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d51febc7bc7c centos "/bin/bash" 27 seconds ago Up 26 seconds slb
b7d1e332cdad ubuntu "/bin/bash" 44 seconds ago Up 43 seconds sulibao
容器启动、停止和重启
[root@localhost ~]# docker stop slb
slb
[root@localhost ~]# docker stop sulibao
sulibao
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker restart slb
slb
[root@localhost ~]# docker restart sulibao
sulibao
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d51febc7bc7c centos "/bin/bash" About a minute ago Up 6 seconds slb
b7d1e332cdad ubuntu "/bin/bash" About a minute ago Up 2 seconds sulibao
查看正在运行的容器和所有容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d51febc7bc7c centos "/bin/bash" 6 minutes ago Up 5 minutes slb
b7d1e332cdad ubuntu "/bin/bash" 6 minutes ago Up 5 minutes sulibao
两种方法退出容器
交互模式下exit
[root@localhost ~]# docker exec -it slb /bin/sh
sh-4.4# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
sh-4.4# exit
exit
[root@localhost ~]#
交互模式下“ctrl+d”
[root@localhost ~]# docker exec -it sulibao /bin/sh
# ls
bin dev home lib32 libx32 mnt proc run srv tmp var
boot etc lib lib64 media opt root sbin sys usr
#
[root@localhost ~]#
连接到运行的容器
[root@localhost ~]# docker exec -it sulibao /bin/sh
# ls
bin dev home lib32 libx32 mnt proc run srv tmp var
boot etc lib lib64 media opt root sbin sys usr
查看容器或镜像的内部信息
[root@localhost ~]# docker inspect slb
[root@localhost ~]# docker inspect ubuntu:latest
如何查看所有镜像
[root@localhost ~]# docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 01f29b872827 2 weeks ago 77.8MB
centos latest 5d0da3dc9764 23 months ago 231MB
(1)使用mysql:5.6和owncloud镜像,构建一个个人网盘
[root@localhost ~]# docker pull mysql:5.6
[root@localhost ~]# docker pull owncloud
[root@localhost ~]# docker run -itd --name mydb --env MYSQL_ROOT_PASSWORD=SLB123 mysql:5.6
[root@localhost ~]# docker run -itd --name myweb -p 80:80 --link mydb:mydb owncloud
使用IP进行访问,用admin+运行容器时设置的密码登录
(2)安装搭建私有仓库Harbor
[root@localhost ~]# cd /usr/local/
[root@localhost local]# rz -E
rz waiting to receive.
[root@localhost local]# ll
total 651916
drwxr-xr-x. 2 root root 6 Apr 11 2018 bin
-rw-r--r-- 1 root root 59383631 Aug 20 15:59 docker-compose-linux-x86_64
drwxr-xr-x. 2 root root 6 Apr 11 2018 etc
drwxr-xr-x. 2 root root 6 Apr 11 2018 games
-rw-r--r-- 1 root root 608175520 Aug 20 16:01 harbor-offline-installer-v2.8.4.tgz
drwxr-xr-x. 2 root root 6 Apr 11 2018 include
drwxr-xr-x. 2 root root 6 Apr 11 2018 lib
drwxr-xr-x. 2 root root 6 Apr 11 2018 lib64
drwxr-xr-x. 2 root root 6 Apr 11 2018 libexec
drwxr-xr-x. 2 root root 6 Apr 11 2018 sbin
drwxr-xr-x. 5 root root 49 Jul 23 08:59 share
drwxr-xr-x. 2 root root 6 Apr 11 2018 src
[root@localhost local]# mv docker-compose-linux-x86_64 ./bin/docker-compose
[root@localhost local]# chmod +x /usr/local/bin/docker-compose
[root@localhost local]# docker-compose version
Docker Compose version v2.20.3
[root@localhost local]# tar -xf harbor-offline-installer-v2.8.4.tgz
[root@localhost harbor]# ll
total 597536
-rw-r--r-- 1 root root 3639 Aug 15 17:53 common.sh
-rw-r--r-- 1 root root 611834153 Aug 15 17:54 harbor.v2.8.4.tar.gz
-rw-r--r-- 1 root root 12499 Aug 15 17:53 harbor.yml.tmpl
-rwxr-xr-x 1 root root 2725 Aug 15 17:53 install.sh
-rw-r--r-- 1 root root 11347 Aug 15 17:53 LICENSE
-rwxr-xr-x 1 root root 1881 Aug 15 17:53 prepare
[root@localhost harbor]# cp harbor.yml.tmpl harbor.yml
[root@localhost harbor]# hostname
harborslb.com
[root@localhost harbor]# vim harbor.yml
更改hostname和端口,注释https加密访问部分的内容,下方的password后面用于登录
[root@localhost harbor]# ./install.sh
√----Harbor has been installed and started successfully.----
[root@localhost harbor]# docker-compose ls
NAME STATUS CONFIG FILES
harbor running(9) /usr/local/harbor/docker-compose.yml
(3)编写Dockerfile制作Web应用系统nginx镜像,生成镜像nginx:v1.1,并推送其到私有仓库,以下为具体要求:
[root@harborslb centos]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"],
"insecure-registries":["192.168.2.190:8080"]
}
[root@localhost centos]# ll
total 1056
drwxr-xr-x 2 root root 24 Aug 24 14:21 dest
-rw-r--r-- 1 root root 162 Aug 24 14:21 Dockerfile
-rw-r--r-- 1 root root 1073322 Aug 9 19:20 nginx-1.22.0.tar.gz
[root@localhost centos]# vim Dockerfile
FROM centos
MAINTAINER "sulibao <[email protected]>"
ADD nginx-1.22.0.tar.gz /centos
COPY dest /usr/share/nginx/html
EXPOSE 80
CMD ["nginx","-g","daemon off;"]
[root@localhost centos]# docker build -t nginx:v1.1 .
[+] Building 41.7s (8/8) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 201B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:latest 1.1s
=> [1/3] FROM docker.io/library/centos@sha256:a27fd8080b517143cbbbab9dfb7c8 40.0s
=> => resolve docker.io/library/centos@sha256:a27fd8080b517143cbbbab9dfb7c85 0.0s
=> => sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd 762B / 762B 0.0s
=> => sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3a 529B / 529B 0.0s
=> => sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c5 2.14kB / 2.14kB 0.0s
=> => sha256:a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1 83.52MB / 83.52MB 35.3s
=> => extracting sha256:a1d0c75327776413fa0db9ed3adcdbadedc95a662eb1d360dad8 4.5s
=> [internal] load build context 0.0s
=> => transferring context: 1.07MB 0.0s
=> [2/3] ADD nginx-1.22.0.tar.gz /centos 0.5s
=> [3/3] COPY dest /usr/share/nginx/html 0.0s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:7ae3a2d1a01c44857fa7946d9c4d83fb1b1d703ddbcebf4ed 0.0s
=> => naming to docker.io/library/nginx:v1.1 0.0s
[root@localhost centos]# docker tag nginx:v1.1 192.168.2.190:8080/nginx:v1.1
[root@harborslb centos]# docker login http://192.168.2.190:8080
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@harborslb centos]# docker push 192.168.2.190:8080/nginx:v1.1
[root@harborslb centos]# docker pull 192.168.2.190:8080/nginx:v1.1
[root@harborslb centos]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v1.1 7ae3a2d1a01c 2 hours ago 238MB
goharbor/harbor-exporter v2.8.4 b8d33e28ec68 8 days ago 97.7MB
goharbor/redis-photon v2.8.4 7b7324d651ca 8 days ago 120MB
goharbor/trivy-adapter-photon v2.8.4 91d8e9f0b21a 8 days ago 464MB
goharbor/notary-server-photon v2.8.4 a46f91560454 8 days ago 113MB
goharbor/notary-signer-photon v2.8.4 da66bd8d944b 8 days ago 110MB
goharbor/harbor-registryctl v2.8.4 805b38ca6bee 8 days ago 141MB
goharbor/registry-photon v2.8.4 756769e94123 8 days ago 79MB
goharbor/nginx-photon v2.8.4 375018db778b 8 days ago 116MB
goharbor/harbor-log v2.8.4 8a2045fb24d2 8 days ago 124MB
goharbor/harbor-jobservice v2.8.4 97808fc10f64 8 days ago 141MB
goharbor/harbor-core v2.8.4 c26fcd0714d8 8 days ago 164MB
goharbor/harbor-portal v2.8.4 4a8b0205c0f9 8 days ago 124MB
goharbor/harbor-db v2.8.4 5b8af16d7420 8 days ago 174MB
goharbor/prepare v2.8.4 bdbf974d86ce 8 days ago 166MB
mysql 5.6 dd3b2a5dcb48 20 months ago 303MB
owncloud latest 327bd201c5fb 4 years ago 618MB
[root@localhost lamp]# docker run --name mynginx -itd nginx:v1.1
3037a148018a4bbfe88c18526eed75fd82333facbf296a99dd04467456ac4e94
(4)Dockerfile快速搭建自己专属的LAMP环境,生成镜像lamp:v1.1,并推送到私有仓库,以下为具体要求:
[root@localhost lamp]# vim Dockerfile
FROM centos
MAINTAINER "sulibao <[email protected]>"
RUN yum -y install httpd mysql mysql-server php php-mysql php-gd
EXPOSE 80 3306
[root@localhost lamp]# docker build -t lamp:v1.1 .
[+] Building 5.0s (6/6) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 199B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 3.7s
=> [1/2] FROM docker.io/library/centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8 0.0s
=> CACHED [2/2] RUN yum -y install httpd mysql mysql-server php php-mysql php-gd 0.0s
=> exporting to image 1.3s
=> => exporting layers 1.3s
=> => writing image sha256:27d9fbc1eb61eed01309bb6f987c2c041c6efefa1eb27b3318ea1ea18745ab99 0.0s
=> => naming to docker.io/library/lamp:v1.1 0.0s
[root@localhost lamp]# docker push lamp:v1.1 192.168.2.190:8080/lamp:v1.1
[root@localhost lamp]# docker pull 192.168.2.190:8080/lamp:v1.1
[root@localhost lamp]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
lamp v1.1 27d9fbc1eb61 3 minutes ago 569MB
nginx v1.1 7ae3a2d1a01c 2 hours ago 238MB
goharbor/harbor-exporter v2.8.4 b8d33e28ec68 8 days ago 97.7MB
goharbor/redis-photon v2.8.4 7b7324d651ca 8 days ago 120MB
goharbor/trivy-adapter-photon v2.8.4 91d8e9f0b21a 8 days ago 464MB
goharbor/notary-server-photon v2.8.4 a46f91560454 8 days ago 113MB
goharbor/notary-signer-photon v2.8.4 da66bd8d944b 8 days ago 110MB
goharbor/harbor-registryctl v2.8.4 805b38ca6bee 8 days ago 141MB
goharbor/registry-photon v2.8.4 756769e94123 8 days ago 79MB
goharbor/nginx-photon v2.8.4 375018db778b 8 days ago 116MB
goharbor/harbor-log v2.8.4 8a2045fb24d2 8 days ago 124MB
goharbor/harbor-jobservice v2.8.4 97808fc10f64 8 days ago 141MB
goharbor/harbor-core v2.8.4 c26fcd0714d8 8 days ago 164MB
goharbor/harbor-portal v2.8.4 4a8b0205c0f9 8 days ago 124MB
goharbor/harbor-db v2.8.4 5b8af16d7420 8 days ago 174MB
goharbor/prepare v2.8.4 bdbf974d86ce 8 days ago 166MB
mysql 5.6 dd3b2a5dcb48 20 months ago 303MB
owncloud latest 327bd201c5fb 4 years ago 618MB
[root@localhost lamp]# docker run --name mylamp -itd lamp:v1.1
9ec40c703103b6dcea549b528028a3e46fb783bb84f0e93e91ef096b86d21e4b
文章浏览阅读6.3k次,点赞2次,收藏10次。摘要: 背景 随着近几年物联网的发展,时序数据迎来了一个不小的爆发。从DB-Engines上近两年的数据库类型增长趋势来看,时序数据库的增长是非常迅猛的。在去年我花了比较长的时间去了解了一些开源时序数据库,写了一个系列的文章(综述、HBase系、Cassandra系、InfluxDB、Prometheus),感兴趣的可以浏览。背景随着近几年物联网的发展,时序数据迎来了一个不小的爆发。从DB..._tablestore 时间类型处理
文章浏览阅读5.7k次,点赞8次,收藏49次。可以编译成功但是运行时段错误查找原因应该是ROS noetic版本中自带的OpenCV4和VINS-mono中需要使用的OpenCV3冲突的问题。为了便于查找问题,我只先编译feature_tracker包。解决思路历程:o想着把OpenCV4相关的库移除掉,但是发现编译feature_tracker的时候仍然会关联到Opencv4的库,查找原因是因为cv_bridge是依赖opencv4的,这样导致同时使用了opencv3和opencv4,因此运行出现段错误。oo进一步想着(1)把vins-mon_uabntu20.04安装vins-mono
文章浏览阅读3.6k次,点赞3次,收藏12次。创龙TL6748开发板中,EMIFA模块使用默认的PLL0_SYSCLK3时钟,使用AISgen for D800K008工具加载C6748配置文件C6748AISgen_456M_config(Configuration files,在TL_TMS6748/images文件夹下),由图可以看到DIV3等于4,注意这里的DIV3就是实际的分频值(x),而不是写入相应PLL寄存器的值(x-1)。_tms 6748
文章浏览阅读5.9k次,点赞4次,收藏13次。转载请说明出处:eigen稀疏矩阵拼接(块操作)eigen稀疏矩阵拼接(块操作)关于稀疏矩阵的块操作:参考官方链接 However, for performance reasons, writing to a sub-sparse-matrix is much more limited, and currently only contiguous sets of columns..._稀疏矩阵拼接
文章浏览阅读946次,点赞19次,收藏19次。波束形成是天线阵列信号处理中的一项关键技术,它通过对来自不同方向的信号进行加权求和,来增强特定方向的信号并抑制其他方向的干扰。本文介绍了两种基于 Capon 和信号子空间的变形算法,即最小方差无失真响应 (MVDR) 算法和最小范数算法,用于实现波束形成。这些算法通过优化波束形成权重向量,来最小化波束形成输出的方差或范数,从而提高波束形成性能。引言波束形成在雷达、声纳、通信和医学成像等众多应用中至关重要。它可以增强目标信号,抑制干扰和噪声,提高系统性能。
文章浏览阅读1.1w次,点赞4次,收藏3次。使用API ,向我的服务器发送了POST。_uni-app解决post请求403 forbidden
文章浏览阅读2.2k次。一,问题 nginx反向代理后,在应用中取得的ip都是反向代理服务器的ip,取得的域名也是反向代理配置的url的域名,解决该问题,需要在nginx反向代理配置中添加一些配置信息,目的将客户端的真实ip和域名传递到应用程序中。二,解决 Nginx服务器增加转发配置 proxy_set_header Host $host;_nginx获取到的是交换机的ip
文章浏览阅读1.4k次。Wireshark TCP数据包跟踪 还原图片 WinHex简单应用 _wireshark抓包还原图片
文章浏览阅读1.5k次。Win8下安装VS2012时,蓝屏,报错WHEA_UNCORRECTABLE_ERROR(P.S.新的BSOD挺有创意":("),Google之,发现[via]需要BIOS中禁用Intel C-State,有严重Bug的嫌疑哦原因有空再看看..._win8.1 whea_uncorrectable_error蓝屏代码
文章浏览阅读919次,点赞21次,收藏22次。科大讯飞是一家专业从事智能语音及语音技术研究、软件及芯片产品开发、语音信息服务的软件企业,语音技术实现了人机语音交互,使人与机器之间沟通变得像人与人沟通一样简单。语音技术主要包括语音合成和语音识别两项关键技术。此外,语音技术还包括语音编码、音色转换、口语评测、语音消噪和增强等技术,有着广阔的应用。_科大讯飞培训案例
文章浏览阅读4.7k次。Perl是一个高阶程式语言,由 Larry Wall和其他许多人所写,融合了许多语言的特性。它主要是由无所不在的 C语言,其次由 sed、awk,UNIX shell 和至少十数种其他的工具和语言所演化而来。Perl对 process、档案,和文字有很强的处理、变换能力,ActivePerl是一个perl脚本解释器。其包含了包括有 Perl for Win32、Perl for ISAPI、PerlScript、Perl。_perl下载
文章浏览阅读5.4k次。最近由于在学习SQL2008,所以需要使用VS2008太耍一下关于SQL2008的新特性,尤其是Entity Framework。VS2008和SQL2008我都更新成英文版了。接下来安装VS2008的Sp1补丁,MS又使用了很恶心的网络安装,下载的Sp1才450K,然后网络安装过程中就要下载几百兆的安装文件,万恶的网络安装,光下载就花了我1个多小时。接下来就开始安装了,不到1分钟,直接报错,安装_vs2008 sp1