Docker第二回(Docker的使用)
一、使用Docker的限制
1、要想使用linux容器,内核版本要高于3.8以上,并且至少在linux内核级要支持两种技术,namespaces和CGroups。接着借助于在用户空间组织一些工具,利用内核级所提供的这些技术, 从而实现容器运行的目的,Docker在容器运行使用简化的道路上又近了一步,Docker提供了镜像,而且是分层构建联合挂载的方式,使得容器技术的使用更加被简化。后来在Docker的主导下,又有了OCI和OCF标准。
OCI(Open Container Initiative):由Linux基金会主导于2015年6月创立,OCI定义了容器运行时的标准,
OCI有两部分组成:
the Runtime Specification:运行时标准
the image Specification:镜像格式标准
OCF(Open Container Format):runC是Docker按照开放容器格式标准(OCF)制定的一种具体实现,runC是从Docker的libcontainer中迁移而来的,实现了容器启停,资源隔离等功能,Docker默认提供了docker-runc实现。
二、Docker的镜像
默认Docker的镜像是集中放置在Docker Hub上的,docker在创建容器时,Docker会先检查本地是否有镜像,如果没有会到docker hub上去下载指定的镜像到本地,并且下载下来的镜像在容器使用结束后不会删除,镜像是不可修改的,只能重构。下面是docker的整体架构
三、Docker的安装及使用
3.1、依赖及基础环境:
1、64 bits CPU
2、Linux Kernel 3.10+
3、 Linux Kernel cgroups and namespaces
3.2、centos 7安装方式
1、extras repository;默认centos7的yum仓库extras就有docker,版本比较老,下载新版本的docker的yum仓库
[root@MiWiFi-R3L-srv ~]# cd /etc/yum.repos.d/
[root@MiWiFi-R3L-srv yum.repos.d]# wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
[root@MiWiFi-R3L-srv yum.repos.d]# sed -i 's#https://download.docker.com#https://mirrors.tuna.tsinghua.edu.cn/docker-ce#g' docker-ce.repo
[root@MiWiFi-R3L-srv yum.repos.d]# yum update
[root@MiWiFi-R3L-srv yum.repos.d]# yum install docker-ce
2、docker-ce的配置文件;需要手动创建
[root@MiWiFi-R3L-srv yum.repos.d]# mkdir /etc/docker/
[root@MiWiFi-R3L-srv docker]# echo -e '{\n\t"registry-mirrors": ["https://registry.docker-cn.com"]\n}' >/etc/docker/daemon.json
[root@MiWiFi-R3L-srv docker]# systemctl start docker.service
[root@MiWiFi-R3L-srv docker]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.06.1-ce
Storage Driver: overlay2 # docker要实现分层构建,联合挂载。必须使用这种文件系统来支持。在centos7.4以前用的是device mapper,这种是lvm的实现,在docker上性能极差,还不稳定,已经废弃。
......
......
......在能看到上面的一系列信息,说明docker已经安装成功并可以使用了
3、docker 仓库格式
[root@MiWiFi-R3L-srv docker]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 10034 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con?? 1440 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of?? 633 [OK]
jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as p?? 428 [OK]
kong Open-source Microservice & API Management la?? 237 [OK]
webdevops/php-nginx Nginx with PHP-FPM 117 [OK]
kitematic/hello-world-nginx A light-weight nginx container that demonstr?? 112
zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server wi?? 74 [OK]
bitnami/nginx Bitnami nginx Docker Image 58 [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 48 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS?? 42
tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 23 [OK]
blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK]
wodby/drupal-nginx Nginx for Drupal container image 11 [OK]
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n?? 8
webdevops/nginx Nginx container 8 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co?? 8 [OK]
centos/nginx-112-centos7 Platform for running nginx 1.12 or building ?? 5
1science/nginx Nginx Docker images that include Consul Temp?? 4 [OK]
travix/nginx NGinx reverse proxy 2 [OK]
mailu/nginx Mailu nginx frontend 2 [OK]
pebbletech/nginx-proxy nginx-proxy sets up a container running ngin?? 2 [OK]
toccoag/openshift-nginx Nginx reverse proxy for Nice running on same?? 1 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 0 [OK]
wodby/nginx Generic nginx 0 [OK]
上面列表中,没有/分隔开的仓库是顶级仓库,一般是docker hub官方的。带/分隔开的是个人用户创建的镜像
4、启动一个docker镜像
docker run命令启动容器时会先在本地仓库查找镜像,如果没有在去docker hub仓库中下载镜像并启动
[root@MiWiFi-R3L-srv docker]# docker container run --name nginx1 -d nginx:stable
Unable to find image 'nginx:stable' locally # 说明本地仓库中没有nginx:stable镜像
stable: Pulling from library/nginx
f17d81b4b692: Pull complete
3df1ab0a1750: Pull complete
576b56a453df: Pull complete
Digest: sha256:8b600a4d029481cc5b459f1380b30ff6cb98e27544fc02370de836e397e34030
Status: Downloaded newer image for nginx:stable # 从docker hub仓库中下载nginx:stable镜像成功
d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1
[root@MiWiFi-R3L-srv docker]# docker container ls # 查看正在运行的容器,发现nginx:stable已经正常运行
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d5eb28ecbc5c nginx:stable "nginx -g 'daemon of?? 4 minutes ago Up 4 minutes 80/tcp nginx1
查看正在运行的容器详细信息
[root@MiWiFi-R3L-srv docker]# docker container inspect nginx1
[
{
"Id": "d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1",
"Created": "2018-10-31T13:45:39.761183953Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 30605,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-10-31T13:45:40.064902138Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ecc98fc2f376d6560311b66d6958e4350a5a485ee07aa2d1235842d0bce440da",
"ResolvConfPath": "/var/lib/docker/containers/d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1/hostname",
"HostsPath": "/var/lib/docker/containers/d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1/hosts",
"LogPath": "/var/lib/docker/containers/d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1/d5eb28ecbc5cbe86fb430c4098361b7199c9147e79c06096868746dc638ebec1-json.log",
"Name": "/nginx1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "shareable",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable"