【Docker学习之五】Docker自定义镜像示例
环境
docker-ce-19.03.1-3.el7.x86_64
centos 7
一、创建centos+jdk+tomcat镜像
对于公用的容器比如,tomcat、nginx、mysql等应用组件可以直接使用官方的容器,不必自己创建;如果需要创建自定义容器,需要下载对应软件官网tar包进行挂载。
1、准备基础镜像和tar包
使用centos7作为基础镜像
[root@node105 ~]# docker pull centos:7 [root@node105 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos 7 67fa590cfc1c 4 days ago 202MB [root@node105 src]# cd /usr/local/src && ll total 186528 -rw-r--r--. 1 root root 9722154 Aug 25 15:47 apache-tomcat-8.5.45.tar.gz -rw-r--r--. 1 root root 181260798 Aug 25 15:45 jdk-8u65-linux-x64.tar.gz
2、创建Dockerfile
[root@node105 src]# vi centos-jdk-tomcat-Dockerfile #使用的基础镜像 FROM centos:7 #作者信息 MAINTAINER cac2020 "cac2020@163.com" #使用ADD指令会直接对tar.gz进行解压缩,不用再单独的tar解压jdk了 ADD jdk-8u65-linux-x64.tar.gz /usr/local ADD apache-tomcat-8.5.45.tar.gz /usr/local #添加环境变量 ENV JAVA_HOME /usr/local/jdk1.8.0_65 ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ENV CATALINA_HOME /usr/local/apache-tomcat-8.5.45 ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin #暴露8080端口 EXPOSE 8080 #启动时运行tomcat CMD ["/usr/local/apache-tomcat-8.5.45/bin/catalina.sh","run"]
3、使用Dockerfile创建镜像
[root@node105 src]# docker build -t centos-jdk-tomcat:0.0.1 . -f centos-jdk-tomcat-Dockerfile Sending build context to Docker daemon 191MB Step 1/10 : FROM centos:7 ---> 67fa590cfc1c Step 2/10 : MAINTAINER cac2020 "cac2020@163.com" ---> Running in b48a9a1c9456 Removing intermediate container b48a9a1c9456 ---> cf88aebfb290 Step 3/10 : ADD jdk-8u65-linux-x64.tar.gz /usr/local ---> a80fd8584d3e Step 4/10 : ADD apache-tomcat-8.5.45.tar.gz /usr/local ---> 3951fd837bd5 Step 5/10 : ENV JAVA_HOME /usr/local/jdk1.8.0_65 ---> Running in 8ea280c20bbe Removing intermediate container 8ea280c20bbe ---> 5e2c39e6b557 Step 6/10 : ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ---> Running in 7dfbb7d72fd6 Removing intermediate container 7dfbb7d72fd6 ---> 2651de66a845 Step 7/10 : ENV CATALINA_HOME /usr/local/apache-tomcat-8.5.45 ---> Running in 490f9dd59d99 Removing intermediate container 490f9dd59d99 ---> 70ff0149c070 Step 8/10 : ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin ---> Running in 867f19619c72 Removing intermediate container 867f19619c72 ---> 8a1b71576d7b Step 9/10 : EXPOSE 8080 ---> Running in 13d2b33647d2 Removing intermediate container 13d2b33647d2 ---> 341bc406be44 Step 10/10 : CMD ["/usr/local/apache-tomcat-8.5.45/bin/catalina.sh","run"] ---> Running in 88f261af47f4 Removing intermediate container 88f261af47f4 ---> e77fdb372830 Successfully built e77fdb372830 Successfully tagged centos-jdk-tomcat:0.0.1 [root@node105 src]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos-jdk-tomcat 0.0.1 e77fdb372830 51 seconds ago 581MB centos 7 67fa590cfc1c 4 days ago 202MB
备注:
(1)-t 指定镜像的名称和tag;
(2)使用-f 指定要使用的dockerfile,如果不指定会寻找当前目录名为Dockerfile的文件
(3)上面有个 . ,这个表示当前目录,必不可少的
4、运行创建的镜像
交互方式:
#jdk
[root@node105 src]# docker run -d -it centos-jdk-tomcat:0.0.1 /bin/bash [root@node105 src]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ded73f70822e centos-jdk-tomcat:0.0.1 "/bin/bash" 6 seconds ago Up 4 seconds 8080/tcp happy_lumiere
注意:创建容器的时候一定要使用 -it /bin/bash这种方式,要不然jdk的容器起不来。
#tomcat [root@node105 src]# docker run -d -p 8080:8080 --name test-tomcat centos-jdk-tomcat:0.0.1 b40394ee475007969c8654e5b297f49a370d313655a8785ad3cda6a4dab81948 [root@node105 src]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b40394ee4750 centos-jdk-tomcat:0.0.1 "/usr/local/apache-t…" 6 seconds ago Up 5 seconds 0.0.0.0:8080->8080/tcp test-tomcat a74ccebbe32e centos-jdk-tomcat:0.0.1 "/bin/bash" 9 minutes ago Up 9 minutes 8080/tcp centos-jdk-tomcat [root@node105 src]#
5、验证
#jdk [root@node105 src]# docker exec -it a7 /bin/bash [root@a74ccebbe32e /]# java -version java version "1.8.0_65" Java(TM) SE Runtime Environment (build 1.8.0_65-b17) Java HotSpot(TM) 64-Bit Server VM (build 25.65-b01, mixed mode) [root@a74ccebbe32e /]# exit exit
#tomcat
参考:
使用Dockerfile方式创建镜像:
docker创建jdk镜像
从零开始构建一个centos+jdk7+tomcat7的镜像文件
使用-it交互方式一步一步设置最后commit创建镜像:
docker环境搭建centos+jdk+tomcat_CENTOS篇
二、supervisor
Docker 容器在启动的时候开启单个进程,比如,一个 ssh 或者 apache 的 daemon 服务。但我们经常需要在一个机器上开启多个服务,这可以有很多方法,最简单的就是把多个启动命令放到一个启动脚本里面,启动的时候直接启动这个脚本,另外就是安装进程管理工具,比如supervisor。使用进程管理工具 supervisor 来管理容器中的多个进程。使用 Supervisor 可以更好的控制、管理、重启我们希望运行的进程。
1、准备工作
(1)概念理解:
supervisor:要安装的软件的名称。
supervisord:装好supervisor软件后,supervisord用于启动supervisor服务。
supervisorctl:用于管理supervisor配置文件中program。
(2)软件安装:linux本地机器需要安装supervisor,源码安装或者yum安装或者python pip安装,这里使用yum安装
#centos7下yum安装supervisor [root@node105 local]# yum install epel-release [root@node105 local]# yum install -y supervisor # 开机自启动 [root@node105 local]# systemctl enable supervisord Created symlink from /etc/systemd/system/multi-user.target.wants/supervisord.service to /usr/lib/systemd/system/supervisord.service. # 启动supervisord服务 [root@node105 local]# systemctl start supervisord # 查看supervisord服务状态 [root@node105 local]# systemctl status supervisord ● supervisord.service - Process Monitoring and Control Daemon Loaded: loaded (/usr/lib/systemd/system/supervisord.service; enabled; vendor preset: disabled) Active: active (running) since Sun 2019-08-25 16:48:26 CST; 41s ago Process: 19056 ExecStart=/usr/bin/supervisord -c /etc/supervisord.conf (code=exited, status=0/SUCCESS) Main PID: 19057 (supervisord) Tasks: 1 Memory: 10.9M CGroup: /system.slice/supervisord.service └─19057 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf Aug 25 16:48:26 node105 systemd[1]: Starting Process Monitoring and Control Daemon... Aug 25 16:48:26 node105 systemd[1]: Started Process Monitoring and Control Daemon. # 查看是否存在supervisord进程 [root@node105 local]# ps -ef|grep supervisord root 19057 1 0 16:48 ? 00:00:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisord.conf root 19061 9949 0 16:50 pts/0 00:00:00 grep --color=auto supervisord [root@node105 local]#
2、容器中如何同时使用ssh和tomcat 服务
(1)创建Dockerfile文件
[root@node105 docker]# vi Dockerfile FROM centos:7 MAINTAINER cac2020 "cac2020@163.com" #ssh RUN yum install -y openssh openssh-server openssh-clients RUN mkdir /var/run/sshd RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key RUN sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config RUN sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config RUN /bin/echo 'root:123456' |chpasswd RUN /bin/sed -i 's/.*session.*required.*pam_loginuid.so.*/session optional pam_loginuid.so/g' /etc/pam.d/sshd RUN /bin/echo -e "LANG=\"en_US.UTF-8\"" > /etc/default/local #tomcat #使用ADD指令会直接对tar.gz进行解压缩,不用再单独的tar解压jdk了 ADD jdk-8u65-linux-x64.tar.gz /usr/local ADD apache-tomcat-8.5.45.tar.gz /usr/local #添加环境变量 ENV JAVA_HOME /usr/local/jdk1.8.0_65 ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar ENV CATALINA_HOME /usr/local/apache-tomcat-8.5.45 ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin RUN java -version #安装supervisor RUN yum install -y epel-release;yum -y install supervisor RUN mkdir -p /etc/supervisor/ COPY supervisord.conf /etc/supervisor/ #暴露 22和8080端口 EXPOSE 22 8080 #运行supervisord CMD supervisord -c /etc/supervisor/supervisord.conf
(2)配置supervisord.conf
[root@node105 docker]# vi supervisord.conf [unix_http_server] file=/var/run/supervisor/supervisor.sock ; (the path to the socket file) [supervisord] logfile=/var/run/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB) logfile_backups=10 ; (num of main logfile rotation backups;default 10) loglevel=info ; (log level;default info; others: debug,warn,trace) pidfile=/var/run/supervisor/supervisord.pid ; (supervisord pidfile;default supervisord.pid) nodaemon=true ; (start in foreground if true;default false) minfds=1024 ; (min. avail startup file descriptors;default 1024) minprocs=200 ; (min. avail process descriptors;default 200) [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket [program:sshd] command=/usr/sbin/sshd -D [program:tomcat] command=/usr/local/apache-tomcat-8.5.45/bin/catalina.sh run
注意:
在这里分号;是注释符号
serverurl=unix:///var/run/supervisor/supervisor.sock : 这个建议不要修改
nodaemon=true : 设置为true
command=/usr/local/apache-tomcat-8.5.45/bin/catalina.sh run :这个必须这样写(supervisor管理tomcat必须这样启动,其他方式好像都有问题)
[root@node105 docker]# pwd /usr/local/docker [root@node105 docker]# ll total 186520 -rw-r--r--. 1 root root 9722154 Aug 25 17:09 apache-tomcat-8.5.45.tar.gz -rw-r--r--. 1 root root 1269 Aug 25 17:02 Dockerfile -rw-r--r--. 1 root root 181260798 Aug 25 17:09 jdk-8u65-linux-x64.tar.gz -rw-r--r--. 1 root root 1106 Aug 25 17:08 supervisord.conf [root@node105 docker]#
(3)创建镜像
[root@node105 docker]# docker build -t centos-ssh-tomcat:v1 . [root@node105 docker]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos-ssh-tomcat v1 410de61dd6e6 21 seconds ago 852MB centos 7 67fa590cfc1c 4 days ago 202MB
(4)运行容器
[root@node105 docker]# docker run -d --name ssh-tomcat --restart=always -p 4426:22 -p 82:8080 centos-ssh-tomcat:v1 29e39686f8787e993f2f327983f26c3fefa1bacc1eeb0f261badb15f718a8dd7
(5)验证
#ssh
#ssh [root@node105 docker]# ssh localhost -p 4426 The authenticity of host '[localhost]:4426 ([::1]:4426)' can't be established. RSA key fingerprint is SHA256:cvH5wwrGfYnd/vbchFrrxycoZ7IkftRjJZSNsxzxIzc. RSA key fingerprint is MD5:be:08:5a:f3:76:27:1c:b4:f5:c5:3d:b7:42:84:39:16. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[localhost]:4426' (RSA) to the list of known hosts. root@localhost's password: [root@c1fce40e19f9 etc]# ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 09:23 ? 00:00:00 /usr/bin/python /usr/bin/supervisord -c /etc/supervisor/supervisord.conf root 8 1 0 09:23 ? 00:00:00 /usr/sbin/sshd -D root 9 8 0 09:24 ? 00:00:00 sshd: root@pts/0 root 11 9 0 09:24 pts/0 00:00:00 -bash root 28 11 0 09:25 pts/0 00:00:00 ps -ef [root@c1fce40e19f9 etc]# supervisorctl status sshd RUNNING pid 8, uptime 0:02:03 tomcat RUNNING pid 8, uptime 0:02:58 [root@c1fce40e19f9 etc]# exit logout Connection to localhost closed. [root@node105 docker]#
#tomcat
附加若干个应用场景:
1、如何使用镜像转成文件,然后拷贝到另外一台机器,再用这个文件制作镜像
(1)把镜像打包为tar文件
docker save -o xxx.tar 镜像名
(2)然后load文件制作镜像
docker load -i xxx.tar
2、如何用tar.gz包制作镜像:必须在基础镜像的基础之上制作新镜像
3、docker save和docker export的区别:
docker save保存的是镜像(image),docker export保存的是容器(container);
docker load用来载入镜像包,docker import用来载入容器包,但两者都会恢复为镜像;
docker load不能对载入的镜像重命名,而docker import可以为镜像指定新名称。
参考: