docker
Namespaces 命名空间,是linux内核提供的一种对进程资源隔离的机制,比如网络,进程,挂载点等
CGroup 对资源进行限制,防止cpu或内存用的过多等
ls -l /sys/fs/cgroup/
虚拟机与docker区别
虚拟机是在硬件基础上通过hypervisor虚拟出硬件,比如虚拟出多个cpu等....
docker是在操作系统上的进程,共享宿主机内核,docker上有文件系统,库文件等,,,
docker history nginx:latest
查看镜像层
-
docker容器的网络访问
一, 指定映射(docker 会自动添加一条iptables规则来实现端口映射)
启动docker后会有个docker0的网卡,docker把网关指向docker0 通过内核转发上外网
docker网络主要依赖于iptables
[root@docker01 ~]# iptables -t nat -L -n
[root@docker01 ~]# tcpdump port 80 -nn -i docker0
[root@docker01 ~]# tcpdump port 81 -nn -i eth0
二. docker网络端口设置的5种方法
-p hostPo rt:containerPort
-p ip:hostPort:containerPort
-p ip::containerPort(随机端口)
-p hostPort:containerPort:udp
-p 81:80 –p 443:443 可以指定多个-p
1, docker 端口映射
把宿主机的端口81映射到docker的80
[root@docker01 ~]# docker run -d -p 81:80 nginx:latest
2, -p ip:hostPort:containerPort
[root@docker01 yum.repos.d]# ifconfig eth0:1 10.0.0.100/24 up
[root@docker01 yum.repos.d]# docker run -d -p 10.0.0.11:80:80 nginx:latest
23f1620839e3c06810500f6712edf5def2674af25f9d2921ef6f2b56713636ff
[root@docker01 yum.repos.d]# docker run -d -p 10.0.0.100:80:80 nginx:latest
8ae65d993f00e16bd4e814f22a5648351572fc2aa2a8da4281b3976062bc940b
3. -p ip::containerPort(随机端口)
[root@docker01 ~]# docker run -d -p 10.0.0.100::80 nginx:latest
4. -p 81:80 –p 443:443 可以指定多个-p
5. 随机映射
docker run -P (随机端口)
[root@docker01 ~]# docker run -d -P nginx:latest
三. 数据卷(文件或目录)
把宿主机的文件,挂载到docker nginx里
mkdir /opt/xiaoniao
把程序放到 /opt/xiaoniao/下
语法: docker run -d -p 80:80 -v 宿主机文件目录:docker nginx容器站点目录 nginx:latest
[root@docker01 ~]# docker run -d -p 80:80 -v /opt/xiaoniao:/usr/share/nginx/html nginx:latest
数据卷容器
-
共享挂载
[root@docker01 ~]# docker run -d -p 81:80 --volumes-from 其他容器名nginx:latest
[root@docker01 ~]# docker run -d -p 81:80 --volumes-from gracious_stallman nginx:latest
四, 基于nginx启动一个容器,监听80和81,访问80,出现nginx默认首页,访问81,出现小鸟
-p 指定多个端口
-v指定多个文件 挂载配置文件
1.在/opt下创建nginx 配置文件
[root@docker01 ~]# cat /opt/xiaoniao.conf
server {
listen 81;
server_name localhost;
location / {
root /opt/xiaoniao;
index index.html index.htm;
}
}
2.启动容器
docker run -d -p 宿主机端口:dockernginx端口 -p 81:81 -v宿主机nginx配置文件: docker nginx配置文件 -v /opt/xiaoniao:/opt/xiaoniao nginx:latest
docker run -d -p 80:80 -p 81:81 -v /opt/xiaoniao.conf:/etc/nginx/conf.d/xiaoniao.conf -v /opt/xiaoniao:/opt/xiaoniao nginx:latest
3.测试
浏览器访问10.0.0.11出现nginx欢迎界面
访问10.0.0.11:81出现小鸟
[root@docker01 opt]# docker exec -it elated_proskuriakova /bin/bash
-v 指定的 配置文件在docker nginx 被挂载了
root@08b0fa4b91b8:/# cat /etc/nginx/conf.d/xiaoniao.conf
server {
listen 81;
server_name localhost;
location / {
root /opt/xiaoniao;
index index.html index.htm;
}
}
五,手动将容器保存为镜像
手动制作镜像步骤
启动一个容器,安装服务
把刚才安装好服务的容器,提交为镜像
测试
1):基于容器制作镜像
1 echo '192.168.20.200 mirrors.aliyun.com' >>/etc/hosts
2 curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
3 yum install openssh-server -y
4 /etc/init.d/sshd start
5 echo 123456|passwd --stdin root
6 docker run -d -p 1122:22 cnetos:6.9 -p 1122 暴露端口,防止端口冲突+
7 windows连接测试
shell ssh 10.0.0.11 1022 直接连接容器
8 提交镜像 docker commit 容器id或者容器的名字 新的镜像名字[:版本号可选]
docker commit docker 5cef7c611c35 centos6.9_ssh:v1
9 查看
docker images
vi /init.sh
#!/bin/bash
/etc/init.d/httpd start
/usr/sbin/sshd -D
chmod +x /init.sh
2)将容器提交为镜像
docker commit oldboy centos6-ssh-httpd:v1
3)测试镜像功能是否可用
六,dockerfile
企业使用容器,写dockerfile就是基本功
dockerfile主要组成部分:
基础镜像信息 FROM:centos:6.9
制作镜像操作指令 RUN yum install openssh-server -y
容器启动时执行的初始命令 CMD ["/bin/bash"]
七 centos6 构建ssh_httpd
创建目录准备构建镜像
dockerfile 文件的名字必须叫dockerfile
[root@docker01 opt]# mkdir dockerfile
[root@docker01 opt]# cd dockerfile
[root@docker01 dockerfile]# mkdir centos6.9_ssh
[root@docker01 dockerfile]# cd centos6.9_ssh
[root@docker01 centos6.9_ssh]# vim dockerfile
[root@docker01 ~]# cat /opt/dockerfile/centos6.9_ssh/dockerfile
FROM centos:6.9 依赖的基础镜像
RUN yum install openssh-server -y RUN 执行的命令
RUN /etc/init.d/sshd start && echo "12345" | passwd --stdin root
CMD ["/usr/sbin/sshd","-D"] 启动后运行 卡住的命令 传参 用 , " 参数"
构建镜像
[root@docker01 centos6.9_ssh]# docker run -d -p 1033:22 centos6.9_ssh:v1
docker images查看已经存到仓库
启动容器
[root@docker01 centos6.9_ssh]# docker run -d -p 1033:22 centos6.9_ssh:v1
进入容器
[root@docker01 centos6.9_ssh]# ssh root@10.0.0.11 -p 1033
八,构建centos7 ssh httpd镜像
[root@docker01 ~]# docker search centos
[root@docker01 opt]# mkdir dockerfile
[root@docker01 opt]# cd dockerfile
mkdir centos_init
[root@docker01 centos7_init]# vim dockerfile
[root@docker01 ~]# cat /opt/dockerfile/centos7_init/dockerfile
FROM centos:latest
RUN curl -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
RUN yum -y install iproute
RUN yum install openssh-server -y
RUN yum -y install httpd
RUN yum install vim wget bash-completion lrzsz nmap nc tree htop iftop net-tools -y
RUN echo "12345" | passwd --stdin root
RUN ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ADD init.sh /init.sh
CMD ["/bin/bash","/init.sh"]
CMD ["/usr/sbin/init"]
[root@docker01 centos7_init]# cat init.sh
#!/bin/bash
systemctl start sshd
systemctl start httpd
/usr/sbin/sshd -D
构建镜像并运行
docker image build -t centos7_ssh_httpd:v1 .
docker run --privileged -d -p 1888:80 -p 1222:22 centos7_ssh_httpd:v1
登陆测试
[root@docker01 ~]# ssh root@10.0.0.11 -p 1222
九, 基于 centos7 构建 随机端口
docker image build -t centos_expose:v1 .
docker run --privileged -d -P centos_expose:v1
十., workdir 工作目录
[root@docker01 dok]# cat dockerfile
FROM centos:latest
RUN curl -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
RUN yum -y install iproute openssh-server httpd vim wget bash-completion php php-cli unzip php-mbstring php-gd
RUN echo "12345" | passwd --stdin root
WORKDIR /var/www/html/
RUN curl -O http://static.kodcloud.com/update/download/kodexplorer4.36.zip
RUN unzip kodexplorer4.36.zip
RUN chmod -R 777 /var/www/html/
EXPOSE 22 80
ADD init.sh /init.sh
CMD ["/bin/bash","/init.sh"]
CMD ["/usr/sbin/init"]
[root@docker01 ~]# cat /opt/dockerfile/dok/init.sh
#!/bin/bash
systemctl start httpd
tail -F /var/log/httpd/access_log
构建
docker run --privileged -d -p 80:80 dok:v1
docker exec -it elastic_lehmann /bin/bash
在dockerfile 里所有的路径都是在 workdir 指定的目录下
十一,构建tomcat
[root@db01 tomcat]# cat dockerfile
FROM docker.io/centos:7.4.1708
RUN yum -y install jave-1.8.0-openjdk-devel tomcat tomcat-docs-webapp tomcat-admin-webapps tomcat-webapps && \
yum clean all
EXPOSE 8080/tcp
CMD source /etc/sysconfig/tomcat && /usr/libexec/tomcat/server start
docker build ./ -t docker.io/tomcat:v2
docker run --name tc2 -d -P -p 8080:8080 docker.io/tomcat:v2
docker exec -it tomcat:v2 /bin/bash
十二, nginx 反代tomcat
docker run --name tc1 -d -P -p 8080:8080 docker.io/tomcat:v2
docker inspect tc1
"NetworkID": "75c1e3cc4c51a55c63d49c092e37e504d2163a9dd489553d8bb12c591a97098f",
"EndpointID": "12cce43d64c7cdcfe952c51984f42b0f4a42d9a95567a147175ed752e97f6d75",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
}
]
[root@db01 snginx]# cat dockerfile
FROM docker.io/centos:7.4.1708
RUN curl -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
ADD tc1.conf /etc/nginx/conf.d/
ADD nginx.repo /etc/yum.repos.d/
ENV path=/bin:/sbin:/usr/bin:/usr/sbin
RUN yum -y install nginx net-tools
EXPOSE 80/tcp
ADD init.sh /init.sh
CMD ["/bin/bash","/init.sh"]
CMD ["/usr/sbin/init"]
cat tc1.conf
server {
listen 80;
server_name ng.ng.com;
location / {
proxy_pass http://tc1.db01.com:8080/;
}
}
docker build ./ -t docker.io/nginx:v3
docker run --name nt1 -P -p 80:80 -d --add-host ng.ng.com:172.17.0.2 docker.io/nginx:v3
测试:
[root@db01 ~]# curl -I http://ng.ng.com:8080
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Sun, 24 Mar 2019 15:25:33 GMT
十三, docker卷管理
docker volume ls 查看卷
docker volume create 创建卷
docker inspect nginx-vol 查看卷详情
用卷创建容器
docker run -d -it -p 88:80 --name=nginx-test --mount src=nginx-vol dst=/usr/share/nginx/html nginx1
docker run -d -it --name=nginx-test --mount src=nginx-vol dst=/usr/share/nginx/html nginx
nginx 容器中的/usr/share/nginx/html的内容在 宿主机docker /var/lib/docker/volome/_data里 容器删了之后,文件保存在_date里
删除卷
docker volume rm nginx-vol
注意: 如果没有指定卷,会自动创建,建议使用--mount 创建
示例
创建1个nginx卷,用与挂载nginx
[root@db01 centos7]# docker volume create nginx-vol
nginx-vol
[root@db01 centos7]# docker volume ls
DRIVER VOLUME NAME
local nginx-vol
[root@db01 centos7]# docker volume inspect nginx-vol
[
{
"CreatedAt": "2019-04-05T16:27:47+08:00", #创建时间
"Driver": "local",
"Labels": {},
"Mountpoint": "/var/lib/docker/volumes/nginx-vol/_data", #挂载点
"Name": "nginx-vol",
"Options": {},
"Scope": "local"
}
]
启动容器
docker run -d -it -p 88:80 --name=nginx-test --mount src=nginx-vol dst=/usr/share/nginx/html nginx
--mount src=创建的卷(持久化与宿主机目录关联)
查看nginx-vol目录有nginx安装时的首页文件等.....
[root@db01 snginx]# ll /var/lib/docker/volumes/nginx-vol/_data/
total 12
-rw-r--r-- 1 root root 494 Mar 26 22:04 50x.html
-rw-r--r-- 1 root root 19 Apr 5 17:27 aaa.html
-rw-r--r-- 1 root root 612 Mar 26 22:04 index.html
十四 ,管理应用程序数据 --mount type=bind
docker run --name=nginx-test -d -it -p 88:80 --mount type=bind,src=/app/www,dst=/usr/share/nginx/html nginx:latest
src指定的目录要事先存在,
dst指定的目录里面的内容会隐藏掉,适用于war ,jar包挂载 nfs共享等,直接挂载宿主机目录
验证绑定
docker inspect nginx-test
注意:
1.如果src指定的源目录不存在,会报错,
2.如果dest目录非空,目录里的东西会被隐藏
上传docker镜像到 docker hub
宿主机创建挂载目录
mkdir /app/wwwroot -p
unzip wordpress.unzip 解压到 /app/wwwroot
创建nginx容器
docker run --name=nginx-test -d -it -p 88:80 --mount type=bind,src=/app/wwwroot,dst=/usr/share/nginx/html nginx
十五,官方进行lnmp 运行wrodpress
创建网络lnmp
docker network lnmp
创建myslq容器
docker run -itd \
--name lnmp_mysql \
--net lnmp \
-p 3306:3306 \
--mount src=mysql-vol,dst=/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=123456 \
mysql --character-set-server=utf8
ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456';
flush privileges;
创建数据库
docker exec lnmp_mysql sh \
-c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e "create database wp"'
[root@db01 ~]# mysql -uroot -p123456 -h 10.0.0.51
docker logs lnmp_mysql
docker top lnmp_mysql
创建php容器
docker run -itd \
--name lnmp_web \
--net lnmp -p 88:80 \
--mount type=bind,src=/app/wwwroot,dst=/var/www/html richarvey/nginx-php-fpm
浏览器10.0.0.51:88/wordpress 就可以访问wrodpress了
同一自定义网络里可用容器名通信
常用的数据,使用数据卷,因为常访问的数据放在容器里是经过一层驱动.性能会下降, 是docker优化的一部分
十六 ,自定义docker 运行wordpress
php dockerfile
[root@db01 php]# cat Dockerfile
FROM centos7.4_ssh_base:v1
#RUN yun install -y gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel
RUN yum install -y zlib libjpeg freetype libpng gd curl zlib-devel \
libxml2-devel libjpeg-devel freetype-devel libpng-devel gd-devel \
curl-devel libjpeg-turbo-devel libcurl-devel libxslt-devel \
libmcrypt-devel mhash mcrypt perl openssl-devel libacl-devel install gcc gcc-c++ \
systemtap-sdt-devel libzip-devel systemtap-sdt-devel make \ && yum clean all && rm -fr /var/cache/yum/*
ADD php-7.2.8.tar.gz /tmp/
RUN cd /tmp/php-7.2.8 && \
./configure --prefix=/usr/local/php \
--enable-calendar \
--enable-sysvsem \
--enable-sysvshm \
--enable-sysvmsg \
--enable-bcmath \
--enable-exif \
--enable-ftp \
--enable-mbstring \
--enable-sockets \
--enable-dtrace \
--enable-soap \
--enable-zip \
--enable-mbregex \
--enable-inline-optimization \
--enable-pcntl \
--enable-pdo \
--enable-opcache \
--enable-xml \
--enable-libzip \
--enable-maintainer-zts \
--enable-fpm \
--enable-mysqlnd \
--with-iconv-dir=/usr/local/libiconv \
--with-gettext \
--with-libxml-dir \
--with-zlib \
--with-kerberos=/usr \
--with-openssl \
--with-mhash \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-gd \
--with-fpm-acl \
--disable-rpath && \
make && make install && \
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \
sed -i "81a daemonize = no" /usr/local/php/etc/php-fpm.conf && \
cp /usr/local/php/etc/php-fpm.d/www.conf.default /usr/local/php/etc/php-fpm.d/www.conf && \
sed -i "s/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/g" /usr/local/php/etc/php-fpm.d/www.conf && \
cp /tmp/php-7.2.8/php.ini-production /usr/local/php/lib/php.ini && \
cp /tmp/php-7.2.8/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm && chmod +x /etc/init.d/php-fpm && \
rm -fr /tmp/php-7.2.8* && yum clean all
WORKDIR /usr/local/php
EXPOSE 9000
CMD ["./sbin/php-fpm","-c","/usr/local/php/etc/php-fpm.conf"]
#构建
[root@db01 php]docker build -t php7.2.8:v3 .
# 查看
[root@db01 php]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
php7.2.8 v3 a1e5da9f7c61 About an hour ago 788MB
# 运行
docker run -itd \
--name lnmp_php \
--net lnmp \
--mount type=bind,src=/app/wwwroot,dst=/usr/local/nginx/html \
php7.2.8:v1
nginx dockerfile
docker
FROM centos7.4_ssh_base:v1
RUN yum install -y gcc gcc-c++ make openssl-devel pcre-devel && yum clean all && rm -fr /var/cache/yum/*
ADD nginx-1.14.2.tar.gz /tmp
RUN cd /tmp/nginx-1.14.2 && \
./configure --prefix=/usr/local/nginx \
--with-http_stub_status_module \
--with-http_ssl_module && \
make && make install && \
rm -fr /tmp/nginx-1.14.2/*
WORKDIR /usr/local/nginx
EXPOSE 80
CMD ["./sbin/nginx","-g","daemon off;"]
构建
docker bulid -t nginx nginx-1.14:v1 .
启动
docker run -itd \
--name=lnmp_nginx \
--net lnmp -p 188:80 \
-v /root/dockefile/runtime/nginx/word.conf:/usr/local/nginx/conf/nginx.conf \
--mount type=bind,src=/app/wwwroot,dst=/usr/local/nginx/html \
nginx-1.14:v1
浏览器测试
mysql dockerfile
[root@db01 mysql4]# cat dockerfile
FROM centos7.4_ssh_base:v1
ADD mysql-5.6.40.tar.gz /opt/
RUN yum install -y cmake make gcc gcc-c++ ncurses-devel autoconf && yum clean all && rm -fr /var/cache/yum/* \
&& useradd mysql -s /sbin/nologin/ -M && mkdir /application && cd /opt/mysql-5.6.40/ && cmake . -DCMAKE_INSTALL_PREFIX=/application/mysql-5.6.40 \
-DMYSQL_DATADIR=/application/mysql-5.6.40/data \
-DMYSQL_UNIX_ADDR=/application/mysql-5.6.40/tmp/mysql.sock \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_EXTRA_CHARSETS=all \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_FEDERATED_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 \
-DWITH_ZLIB=bundled \
-DWITH_SSL=bundled \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_EMBEDDED_SERVER=1 \
-DENABLE_DOWNLOADS=1 \
-DWITH_DEBUG=0 && \
make && make install && \
rm -fr /opt/* && \
ln -s /application/mysql-5.6.40/ /application/mysql && \
cp /application/mysql/support-files/mysql.server /etc/init.d/mysqld && chmod +x /etc/init.d/mysqld && \
mkdir /application/mysql-5.6.40/tmp && \
chown -R mysql.mysql /application/mysql-5.6.40/ && \
chown -R mysql.mysql /application/mysql && \
cd /application/mysql/scripts && ./mysql_install_db --user=mysql --basedir=/application/mysql --datadir=/application/mysql/data
COPY docker-entrypoint.sh /usr/local/bin/
ENV PATH=/application/mysql/bin:$PATH
RUN ln -s /usr/local/bin/docker-entrypoint.sh /entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["/application/mysql/bin/mysqld_safe"]
构建镜像
docker build -t mysql:v2 .
启动
docker run -itd --name lnmp_mysql --net lnmp -p 3306:3306 --mount src=mysql-vol,dst=/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 mysql-5.6.40:v2
docker exec -it lnmp_mysql bash
mysql
mysql> create database wp;
mysql> grant all on *.* to root@'%' identified by '123456';
mysql> flush privileges;
/** WordPress数据库的名称 */
define('DB_NAME', 'wp');
/** MySQL数据库用户名 */
define('DB_USER', 'root');
/** MySQL数据库密码 */
define('DB_PASSWORD', '123456');
/** MySQL主机 */
define('DB_HOST', 'lnmp_mysql');
/** 创建数据表时默认的文字编码 */
十七Tomcat
[root@db01 tomcat7]# cat dockerfile
FROM centos7.4_ssh_base:v1
ADD jdk-8u151-linux-x64.tar.gz /usr/local/
ADD apache-tomcat-7.0.78.tar.gz /usr/local/
ENV JAVA_HOME=/usr/local/jdk1.8.0_151
ENV PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
ENV CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
ENV CATALINA_BASE=/usr/local/tomcat
ENV PATH=$CATALINA_BASE/bin:$PATH
RUN ln -s /usr/local/apache-tomcat-7.0.78 /usr/local/tomcat && \
ln -s /usr/local/jdk1.8.0_151 /usr/local/jdk
#COPY context.xml server.xml /usr/local/apache-tomcat-7.0.78/conf/
WORKDIR /usr/local/tomcat/lib/
#COPY commons-pool2-2.6.0.jar jedis-2.5.2.jar tomcat-redis-session-manager-2.0.0.jar /usr/local/tomcat/lib/
EXPOSE 8080
WORKDIR /usr/local/tomcat
CMD ["./bin/catalina.sh","run"]
创建 src 目录用户挂载tomcat站点,与 容器/usr/local/apache-tomcat-7.0.78/webapps 关联
mkdir /app/webapps/test -p
[root@db01 ~]# cat /app/webapps/test/index.jsp
<html>
<head><title>TomcatA</title></head>
<body>
<h1><font color="blue">TomcatA.linuxinfo.top</font></h1>
<tablealign="centre" border="1">
<tr>
<td>SessionID</td>
<% session.setAttribute("linuxinfo.top","linuxinfo.top");%>
<td><%=session.getId() %></td>
</tr>
<tr>
<td>Createdon</td>
<td><%=session.getCreationTime() %></td>
</tr>
</table>
</body>
</html>
构建
[root@db01 tomcat7]# docker build -t tomcat7:v1 .
运行
docker run -itd \
--name=tomcat \
-p 8080:8080 \
--mount type=bind,src=/app/webapps/,dst=/usr/local/apache-tomcat-7.0.78/webapps \
tomcat7:v1
浏览器访问测试
十八,Tomcat-redis-session
[root@db01 tomcat-redis]# cat dockerfile
FROM centos7.4_ssh_base:v1
ADD pak1/jdk-8u151-linux-x64.tar.gz /usr/local/
ADD pak1/apache-tomcat-7.0.78.tar.gz /usr/local/
ENV JAVA_HOME=/usr/local/jdk1.8.0_151
ENV PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
ENV CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar
ENV CATALINA_BASE=/usr/local/tomcat
ENV PATH=$CATALINA_BASE/bin:$PATH
RUN ln -s /usr/local/apache-tomcat-7.0.78 /usr/local/tomcat && \
ln -s /usr/local/jdk1.8.0_151 /usr/local/jdk
COPY context.xml server.xml /usr/local/apache-tomcat-7.0.78/conf/
COPY pak1 /usr/local/tomcat/lib/
WORKDIR /usr/local/tomcat/lib/
EXPOSE 8080
WORKDIR /usr/local/tomcat
CMD ["./bin/catalina.sh","run"]
所有的软件包
tomcat jdk
序列化包3个,序列化包制作 连接 https://www.cnblogs.com/john5yang/p/10575887.html
[root@db01 pak1]# ls
commons-pool2-2.6.0.jar jedis-2.5.2.jar tomcat-redis-session-manager-2.0.0.jar
[root@db01 tomcat-redis]# ls pak
apache-tomcat-7.0.78.tar.gz jdk-8u151-linux-x64.tar.gz
[root@db01 ~]# cat /app/webapps/test/index.jsp
创建测试页
[root@db01 ~]# cat /app/webappsB/test/index.jsp
<html>
<head><title>TomcatB</title></head>
<body>
<h1><font color="red">TomcatB.linuxinfo.top</font></h1>
<tablealign="centre" border="1">
<tr>
<td>SessionID</td>
<% session.setAttribute("linuxinfo.top","linuxinfo.top");%>
<td><%=session.getId() %></td>
</tr>
<tr>
<td>Createdon</td>
<td><%=session.getCreationTime() %></td>
</tr>
</table>
</body>
</html>
[root@db01 ~]# cat /app/webapps/test/index.jsp
<%@ page language="java" %> <html> <head><title>TomcatA</title></head> <body> <h1><font color="blue">TomcatA.linuxinfo.top</font></h1> <table align="centre" border="1"> <tr> <td>Session ID</td> <% session.setAttribute("linuxinfo.top","linuxinfo.top"); %> <td><%= session.getId() %></td> <tr> <td>Created on</td> <td><%= session.getCreationTime() %></td> </tr> </table> </body> </html>
tomcat配置文件
[root@db01 ~]# cat dockefile/runtime/tomcat-redis/context.xml
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to Youz under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- The contents of this file will be loaded for each web application --> <Context> <!-- Default set of monitored resources --> <WatchedResource>WEB-INF/web.xml</WatchedResource> <!-- Uncomment this to disable session persistence across Tomcat restarts --> <!-- <Manager pathname="" /> --> <!-- Uncomment this to enable Comet connection tacking (provides events on session expiration as well as webapp lifecycle) --> <!-- <Valve className="org.apache.catalina.valves.CometConnectionManagerValve" /> --> <Valve className="com.orangefunction.tomcat.redissessions.RedisSessionHandlerValve" /> <Manager className="com.orangefunction.tomcat.redissessions.RedisSessionManager" host="10.0.0.51" port="6379" password='123' database="0" maxInactiveInterval="60" /> </Context>
[root@db01 ~]# cat dockefile/runtime/tomcat-redis/server.xml
<?xml version='1.0' encoding='utf-8'?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- Note: A "Server" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/server.html --> <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> <!-- Security listener. Documentation at /docs/config/listeners.html <Listener className="org.apache.catalina.security.SecurityListener" /> --> <!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html --> <Listener className="org.apache.catalina.core.JasperListener" /> <!-- Prevent memory leaks due to use of particular java/javax APIs--> <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> <!-- Global JNDI resources Documentation at /docs/jndi-resources-howto.html --> <GlobalNamingResources> <!-- Editable user database that can also be used by UserDatabaseRealm to authenticate users --> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources> <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" at this level. Documentation at /docs/config/service.html --> <Service name="Catalina"> <!--The connectors can use a shared executor, you can define one or more named thread pools--> <!-- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/> --> <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> <!-- A "Connector" using the shared thread pool--> <!-- <Connector executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> --> <!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the BIO implementation that requires the JSSE style configuration. When using the APR/native implementation, the OpenSSL style configuration is required as described in the APR/native documentation --> <!-- <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> --> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). Documentation at /docs/config/engine.html --> <!-- You should set jvmRoute to support load-balancing via AJP ie : <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> --> <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> <!--For clustering, please take a look at documentation at: /docs/cluster-howto.html (simple how to) /docs/config/cluster.html (reference documentation) --> <!-- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> --> <!-- Use the LockOutRealm to prevent attempts to guess user passwords via a brute-force attack --> <Realm className="org.apache.catalina.realm.LockOutRealm"> <!-- This Realm uses the UserDatabase configured in the global JNDI resources under the key "UserDatabase". Any edits that are performed against this UserDatabase are immediately available for use by the Realm. --> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> </Realm> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <!-- SingleSignOn valve, share authentication between web applications Documentation at: /docs/config/valve.html --> <!-- <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> --> <!-- Access log processes all example. Documentation at: /docs/config/valve.html Note: The pattern used is equivalent to using pattern="common" --> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host> </Engine> </Service> </Server>
构建
[root@db01 ~]# docker build -t tomcatredis:v1 .
启动2个tomcat
[root@db01 tomcat-redis]# docker run -itd --name=tomcat -p 8080:8080 --mount type=bind,src=/app/webapps/,dst=/usr/local/apache-tomcat-7.0.78/webapps tomcat-redis:v1
[root@db01 tomcat-redis]# docker run -itd --name=tomcatB -p 8080:8080 --mount type=bind,src=/app/webapps/,dst=/usr/local/apache-tomcat-7.0.78/webapps tomcat-redis:v1
nginx 负载均衡测试:
docker 镜像导出
docker save httpd -o http.tar.gz 或者 docker save httpd -o http.tar
docker修改存储引擎
overlay2 依赖操作系统文件系统。查看dev/sda1的文件系统类型,是 ftype=0。要改成1 方法如下
xfs_info /dev/sda
xfs_info: /dev/sda is not a mounted XFS filesystem
[root@docker-01 ~]#xfs_info /dev/sda1
meta-data=/dev/sda1 isize=256 agcount=4, agsize=65536 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0 finobt=0
data = bsize=4096 blocks=262144, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
新加硬盘。指定ftype=1格式化,然后挂载
mkfs.xfs -n ftype=1 /dev/sdb
mount /dev/sdb
修改docke配置文件
vim /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -s orerlay2 -H fd:// --containerd=/run/containerd/containerd.sock
[root@docker-01 ~]##systemctl daemon-reload
[root@docker-01 ~]#systemctl restart docker.service
查看容器暴露的端口
[root@docker-01 ~]#docker port quirky_clarke
80/tcp -> 0.0.0.0:32769
wget模仿curl命令
wget -qO - 172.17.0.2
ubuntu
