docker
目录
-
Docker 概述
-
Docker 安装
-
Docker 命令
- 镜像命令
- 容器命令
- 操作命令
- ...
-
Docker镜像
-
容器数据卷
-
DockerFile
-
Docker网络原理
-
IDEA整合
-
DockerCompose
-
DockerSwarm
-
CI\CD Jenkins
Docker 概述
Docker能干什么
之前的虚拟机技术
虚拟机技术:
- 资源占用多
- 冗余步骤多
- 启动慢
比较docker 和虚拟机的不同
- 传统虚拟机虚拟出一个硬件,运行一个完整的系统。然后在这个系统上面运行和安装软件
- 容器内的内容直接运行在宿主机的内核,容器没有自己的内核,他没有自己的硬件,所以轻便了。
- 每个容器间是互相割离的 ,每个容器都有自己的文件系统,互不影响 。
应用更快速的交付和部署
- 传统:一堆帮助文档安装程序
- Docker: 打包镜像,发布测试、一件运行。
Docker 安装
Docker 基本组成
镜像 image :好比一个模板,通过模板来创建容器服务。通过镜像可以创建多个容器:
容器 continer 利用容器技术运行一组或者一个应用。通过镜像来创建 。启动、停止、删除 。
仓库 repository:存放镜像的地方,分为私有和公有。
安装Docker
系统版本:centos 7
参考链接
1. 卸载旧的版本
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
2. 安装需要的安装包
yum install -y yum-utils
3. 设置镜像仓库
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
# 注 上面是国外的,十分慢 ,下面我们改用国内的
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 更新yum 缓存
yum makecache
4. 安装docker 相关的内容 ce社区版 ee 企业版
yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y
5. 启动docker
systemctl start docker
systemctl enable docker
6. 验证
docker version
7. hello-world
docker run hello-world
8. 查看镜像
docker images
9. 卸载
yum remove docker-ce docker-ce-cli containerd.io docker-compose-plugin
sudo rm -rf /var/lib/docker # 默认工作路径
sudo rm -rf /var/lib/containerd
docker run 运行行程图
底层原理
Docker 是怎么工作的
Docker 是C/S架构,Docker 的守护进程运行在主机上,通过socket从客户端访问
Docker Server 收到Docker Client 的指令,就会执行这个命令
Docker为什么比虚拟机快
- docker 有着比虚拟机更少的抽象层
- docker 利用的是宿主机的内核,vm利用的是guest os
- 新建容器的时候,不需要像虚拟机一样加载内核
虚拟机是分钟级别的,docker是秒级的
docker 的常用命令
帮助命令
docker version # 版本信息
docker info # 系统信息,包括镜像和容器的数量
docker --help # 帮助命令
帮助文档链接 https://docs.docker.com/engine/reference/commandline/docker/
镜像命令
docker images
https://docs.docker.com/engine/reference/commandline/images/
docker images -aq
拉取镜像
docker pull mysql
docker pull mysql:5.7
删除镜像
docker rmi -f d410f4167eea
docker rmi -f d410f4167eea 7484689f290f
docker rmi -f $(docker images -qa)
容器命令
先有镜像才能有容器
docker pull centos
[root@lifei-docker ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use (host|private)
'host': Run the container in the Docker host's cgroup namespace
'private': Run the container in its own private cgroup namespace
'': Use the cgroup namespace as configured by the
default-cgroupns-mode option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting
health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--pull string Pull image before running ("always"|"missing"|"never") (default "missing")
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
docker run [可选参数] image
参数说明
- --name
- -d 后台方式
- -it 交互方式
- -p 指定容器端口 -p 80:80 主机端口:容器端口
-p ip 主机端口:容器端口
-p 容器端口
主机端口 - -P 随机端口
docker run -it centos /bin/bash # 启动并进入容器
docker ps # 查看当时正在运行的窗口
docker ps -a # 查看所有容器
docker ps -a -n=1 # 显示最近一次创建的容器
docker ps -a -n=1 -q
退出容器
exit # 直接退出并停止容器
ctrl+p+q 退出容器不停止
删除容器
docker rm id # 不能删除正在运行的容器
docker rm -f $(docker ps -aq)
docker ps -aq|docker rm -f
启动和停止容器
docker start 容器id
docker restart 容器id
docker stop 容器id
docker kill 容器id
常用的其他命令
docker run -d centos # 后台启动 因为没有前台应用会自动停止
[root@lifei-docker ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g.
2013-01-02T13:23:37Z) or relative (e.g. 42m for 42
minutes)
-n, --tail string Number of lines to show from the end of the logs
(default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g.
2013-01-02T13:23:37Z) or relative (e.g. 42m for 42
minutes)
docker logs -f -t dbcec07ab12b
docker logs -f -t --tail 10 dbcec07ab12b
docker top dbcec07ab12b # 查看容器进程
docker inspect dbcec07ab12b
查看容器的元数据
[root@lifei-docker ~]# docker inspect dbcec07ab12b
[
{
"Id": "dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee",
"Created": "2023-01-07T15:10:07.229542039Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 466,
"ExitCode": 0,
"Error": "",
"StartedAt": "2023-01-07T15:21:12.871058901Z",
"FinishedAt": "2023-01-07T15:18:15.376865581Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee/hostname",
"HostsPath": "/var/lib/docker/containers/dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee/hosts",
"LogPath": "/var/lib/docker/containers/dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee/dbcec07ab12bc84a8470482f6a8fc6501a64fcdc769297bbfb48513ab87a2bee-json.log",
"Name": "/tender_ganguly",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/4b51ef9bfab8bab91fa506e0f4e334cb8ffd9948ae981869aafcce18d3eb715e-init/diff:/var/lib/docker/overlay2/b56a5c4020e5b11a7029a534d7b5c7c288abb08b052c6218738b43c5d56f123a/diff",
"MergedDir": "/var/lib/docker/overlay2/4b51ef9bfab8bab91fa506e0f4e334cb8ffd9948ae981869aafcce18d3eb715e/merged",
"UpperDir": "/var/lib/docker/overlay2/4b51ef9bfab8bab91fa506e0f4e334cb8ffd9948ae981869aafcce18d3eb715e/diff",
"WorkDir": "/var/lib/docker/overlay2/4b51ef9bfab8bab91fa506e0f4e334cb8ffd9948ae981869aafcce18d3eb715e/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "dbcec07ab12b",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "e24f8b9fcf2d08bf69846cd52c3ef602d55a93f3c8a1ae5dfc8598c2071e4483",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/e24f8b9fcf2d",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "6e5d745d01028843149d7d1c56f1ce93b6cd71b794619473d33348e59969af26",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "74b7206be3d88a2fe4d24737dd13a4c0de1882f0366c5dd9e6b5b435cff0f2e9",
"EndpointID": "6e5d745d01028843149d7d1c56f1ce93b6cd71b794619473d33348e59969af26",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入容器
docker exec -it 容器id /bin/bash #进入容器后开启一个新的终端
docker attach 容器id # 进入容器正在执行的终端,不会启动新进程
从容器内拷贝文件到主机上
docker cp 容器id:容器内路径 主机路径
docker cp 主机路径 容器id:容器内路径
作业
1.创建nginx
docker run -d --name nginx01 -p:3345:80 nginx
2.tomcat
docker run -it --rm tomcat:9.0 # --rm表示用完即删除
3. es+kibana
es 暴露端口多
es 耗内存
es 数据需要放置到安全目录
# 创建并启动
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:8.5.3
# 启动之后 发现 非常 卡
docker stats 查看cpu 状态
可视化面板
参考链接
docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer-ce:latest
Docker 镜像
镜像是什么
镜像是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,它包含运行某个软件的所有内容,包括代码、运行时时,库、环境变量和配置文件。
所有的应用直接打包docker 镜像,就可以直接跑起来
如何得到镜像
- 从远程仓库下载
- 朋友拷贝给你
- 自己制作
Docker 镜像加载原理
UnionFS(联合文件系统)
UnionFS(联合文件系统) 是一种轻量级高性能的文件系统,它支持对文件系统的修改作为一次提交来一层一层的叠加。同时可以将不同目录挂载到同一个虚拟文件系统下。union文件是docker镜像的基础,镜像可以通过分层来继承,基于基础环境(没有父镜像),可以制作各种具体镜像。
docker镜像实际上是由一层一层的文件系统组成,这种层级的文件叫UnionFS
Docker 镜像默认都是只读的,当容器启动时,一个新的可写层被加载到镜像的顶部
这一层就是我们通常所说的容器层,容器之下的都是镜像层。
commit镜像
# 和git 原理类似
docker commit -m="描述信息" -a="作者" 容器id 目标镜像名:[tag]
容器数据卷
什么是容器数据卷
数据持久化
容器之间可以有一个数据共享的技术,Docker产生的数据同步到本地
使用数据卷
docker run -it -v 主机目录:容器目录 -p 主机端口:容器端口 镜像名
docker run -it -p 80:80 -v /home/centoc:/home --name=centostest centos /bin/bash
实战安装mysql
# 获取镜像
docker pull mysql:5.7
# 运行容器 需要做数据挂载 初始化需要密码
docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7
具名挂载和匿名挂载
# 匿名挂载
-v 容器内路径
docker run -d -P -v /etc/nginx --name nginx01 nginx
[root@lifei-docker ~]# docker volume ls
DRIVER VOLUME NAME
local 36eb87abbcdfa4391979a993997f15f5edb89ed9742ec1ed76611b6d270cb9ac
[root@lifei-docker ~]# docker volume --help
Usage: docker volume COMMAND
Manage volumes
Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove all unused local volumes
rm Remove one or more volumes
Run 'docker volume COMMAND --help' for more information on a command.
[root@lifei-docker ~]# docker volume ls
DRIVER VOLUME NAME
local 36eb87abbcdfa4391979a993997f15f5edb89ed9742ec1ed76611b6d270cb9ac
# 具名挂载
[root@lifei-docker ~]# docker run -d -P -v jumingnginx:/etc/nginx --name nginx02 nginx
34f8971feeef8971da664623aca361c282201b3f1771a9929906f94b497c1995
[root@lifei-docker ~]# docker volume ls
DRIVER VOLUME NAME
local 36eb87abbcdfa4391979a993997f15f5edb89ed9742ec1ed76611b6d270cb9ac
local jumingnginx
[root@lifei-docker ~]# docker volume inspect jumingnginx
[
{
"CreatedAt": "2023-01-07T20:56:08-05:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/jumingnginx/_data",
"Name": "jumingnginx",
"Options": null,
"Scope": "local"
}
]
# 所有的docker容器卷没有指定目录的情况下,都会存在
/var/lib/docker/volumes/ 目录上面
通过具名挂载可以很方便地找到卷,大多数情况都使用具名挂载
挂载方法
-v 容器内路径 #匿名挂载
-v 卷名:容器内路径 #具名挂载
-v 宿主机路径:容器内路径 #指定路径挂载
拓展
改变读写权限
# 一旦设置了权限,容器对我们挂载出来的内容就有限定,针对容器
docker run -d -P --name nginx02 -v jumpingnginx:/etc/nginx:ro nginx #只读
docker run -d -P --name nginx02 -v jumpingnginx:/etc/nginx:rw nginx #可写
初识Dockerfile
DockerFile
DockerFile 就是用来构建Docker 镜像的构建文件
通过脚本生成镜像,镜像是一层一层的,脚本就是一个一个的命令,每个命令都是一层
# 创建并进入目录
[root@lifei-docker home]# mkdir docker-test-volume
[root@lifei-docker home]# cd docker-test-volume/
[root@lifei-docker docker-test-volume]# ls
# 编写文件内容
[root@lifei-docker docker-test-volume]# vi dockerfile1
[root@lifei-docker docker-test-volume]# cat dockerfile1
FROM centos
VOLUME ["volume01","volume02"]
CMD echo "---end---"
CMD /bin/bash
[root@lifei-docker docker-test-volume]# docker build -f dockerfile1 -t lifei/centos .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM centos
---> 5d0da3dc9764
Step 2/4 : VOLUME ["volume01"]
---> Running in 111d17c6dc85
Removing intermediate container 111d17c6dc85
---> b8231eaff628
Step 3/4 : CMD echo "---end---"
---> Running in c1d2619f8c87
Removing intermediate container c1d2619f8c87
---> 5dc9a78c9570
Step 4/4 : CMD /bin/bash
---> Running in 1629250c2c2a
Removing intermediate container 1629250c2c2a
---> 8c7d1547bb5b
Successfully built 8c7d1547bb5b
Successfully tagged lifei/centos:latest
数据卷容器
启动3个容器,通过自己写的镜像启动
docker run -it --name docker01 lifei/centos
# 数据共享,只要有一个容器还在,数据就不会丢失
结论
- 容器之间可以使用数据卷做配置信息的传递,数据卷的生命周期一直持续到没人使用为止。
- 但是一旦你持久化到本地,本地的数据是不会删除的。
Docker File
Docker 介绍
用来构建docker镜像的文件 !命令参数脚本
构建步骤
- 编写一个dockerfile 文件
- docker build构建一个镜像
- docker run 运行镜像
- docker push 发布镜像(Dockerhub、阿里云)
DockerFile的构建过程
**基础知识 **
每个保留关键字都是大写字母
执行从上到下顺序执行
表示注释
每个指定都会创建一个新的镜像层并提交
dockerFile 是面向开发的,发布项目,做镜像
Docker镜像逐渐成为了企业交付的标准,必须要掌握
Dockerfile 指令
CMD 指定容器要启动的命令,只有最后一个会生效,可被替代
ENTRYPOINT 指定容器要启动的命令,可以直接追回命令
ONBUILD # 当建一个被继承Dockfile 这个 时候 就会运行onbuild命令,触发指定
COPY # 类似ADD 将文件拷贝镜像中
ENV # 构建的时候设置环境变量
实战测试
Docker hub中99% 的镜像都是通过scratch构建的,然后配置需要的软件和配置来加载
创建一个自己的centos
[root@lifei-docker dockerfile]# cat /home/dockerfile/mydockerfile-centos
FROM centos:centos7
MAINTAINER lifei<lifei@aa.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "___end___"
CMD /bin/bash
docker build -f mydockerfile-centos -t mycentos:0.1 .
查看容器的构建过程
docker history mycentos:0.1
CMD 和ENTRYPOINT 的区别
测试CMD
# 构建文件
[root@lifei-docker dockerfile]# cat dockfile-cmd-test
FROM centos:centos7
MAINTAINER lifei<lifei@aa.com>
CMD ["ls" ,"-a"]
# 生成镜像
docker build -f dockfile-cmd-test -t dockfile-cmd-test .
# 启动带参数 -l
docker run 7b3eac8a5faf -l
[root@lifei-docker dockerfile]# docker run 7b3eac8a5faf -l
docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "-l": executable file not found in $PATH: unknown.
# 在 cmd 下面 -l 替换了 ls -a
测试 entrypoint
[root@lifei-docker dockerfile]# cat dockfile-cmd-entrypoint
FROM centos:centos7
ENTRYPOINT ["ls","-a"]
docker build -f dockfile-cmd-entrypoint -t dockfile-cmd-entrypoint .
# 追回命令直接增加在entrypoint 后面的
[root@lifei-docker dockerfile]# docker run dockfile-cmd-entrypoint -l
total 12
drwxr-xr-x. 1 root root 6 Jan 8 06:00 .
drwxr-xr-x. 1 root root 6 Jan 8 06:00 ..
-rwxr-xr-x. 1 root root 0 Jan 8 06:00 .dockerenv
-rw-r--r--. 1 root root 12114 Nov 13 2020 anaconda-post.log
lrwxrwxrwx. 1 root root 7 Nov 13 2020 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Jan 8 06:00 dev
drwxr-xr-x. 1 root root 66 Jan 8 06:00 etc
drwxr-xr-x. 2 root root 6 Apr 11 2018 home
lrwxrwxrwx. 1 root root 7 Nov 13 2020 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 13 2020 lib64 -> usr/lib64
drwxr-xr-x. 2 root root 6 Apr 11 2018 media
drwxr-xr-x. 2 root root 6 Apr 11 2018 mnt
drwxr-xr-x. 2 root root 6 Apr 11 2018 opt
dr-xr-xr-x. 134 root root 0 Jan 8 06:00 proc
dr-xr-x---. 2 root root 114 Nov 13 2020 root
drwxr-xr-x. 11 root root 148 Nov 13 2020 run
lrwxrwxrwx. 1 root root 8 Nov 13 2020 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Apr 11 2018 srv
dr-xr-xr-x. 13 root root 0 Jan 6 13:36 sys
drwxrwxrwt. 7 root root 132 Nov 13 2020 tmp
drwxr-xr-x. 13 root root 155 Nov 13 2020 usr
drwxr-xr-x. 18 root root 238 Nov 13 2020 var
实战 tomcat 镜像
# 准备镜像文件 tomcat 压缩包 jdk压缩包
[root@lifei-docker tomcat]# ls /root/tomcat/ -l
总用量 156872
-rw-r--r--. 1 root root 10929702 7月 4 2019 apache-tomcat-9.0.22.tar.gz
-rw-r--r--. 1 root root 149697219 1月 8 01:17 jdk-8u351-linux-x64.tar.gz
# 编写文件Dockerfile 文件
[root@lifei-docker tomcat]# cat /root/tomcat/Dockerfile
FROM centos:centos7
MAINTAINER lifei<lifei@xxx.com>
COPY readme.txt /usr/local/readme.txt
ADD jdk-8u351-linux-x64.tar.gz /usr/local
ADD apache-tomcat-9.0.22.tar.gz /user/local
RUN yum -y install vim
ENV MYPATH /usr/local
WORKDIR $MYPATH
ENV JAVA_HOME /usr/local/jdk1.8.0_351
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.22
ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.22
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
EXPOSE 8080
CMD /usr/local/apache-tomcat-9.0.22/bin/startup.sh && tail -f /usr/local/apache-tomcat-9.0.22/bin/logs/cataline.out
# 构建镜像
docker build -t diytomcat .
docker run -d -p 9090:8080 --name diy-tomcat -v /root/tomcat/test:/usr/local/apache-tomcat-9.0.22/webapps/test -v /root/tomcat/tomcatlogs/:/usr/local/apache-tomcat-9.0.22/logs diytomcat
发布镜像
DockerHub
1.注册帐号
2.确定帐号可以登陆
3.提交镜像
[root@lifei-docker tomcat]# docker login --help
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry.
If no server is specified, the default is defined by the daemon.
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
docker login -u lifei
docker tag diytomcat lifei/diytomcat:2.0
docker push lifei/diytomcat:2.0
注:也可以发阿里云空间发布,在导航里面可以找到 镜像服务->命名空间->创建
小结
Docker网络
原理
- 我们每启动一个docker容器,docker 就会给docker 容器分配一个ip.我们只要安装docker ,就会有一个docker0,使用的技术为evth-pair技术 。
- 我们发现这个容器带来的网卡是一对一对出现的,
- eth-pair 就是一对虚拟设备接口,他们都是成对出现的,一段连着协议 ,一段彼此相连
- 正因为这个技术,evth-pair充当桥梁,连接各种网络设备
- openstack docker ovs 的连接,都是使用的evth-pair技术
结论
所有容器不指定网络的情况下都是使用docker0路由的,docker0 会给我们的容器分配一个默认的可用ip
Docker 使用的是linux的桥接,宿主机是docker容器的网桥docker0
Docker中所有的网格接口都是虚拟的,虚拟的转发效率高。
只要容器删除,对应的网桥一对就没了
link
# 新建容器时添加 --link 参数
[root@lifei-docker ~]# docker run -it --name centos7-2 --link centos7-1 centos:centos7 /bin/bash
# 正向可以ping 通,实际是在/etc/hosts文件添加记录
[root@lifei-docker ~]# docker exec -it centos7-2 ping centos7-1
PING centos7-1 (172.17.0.3) 56(84) bytes of data.
64 bytes from centos7-1 (172.17.0.3): icmp_seq=1 ttl=64 time=0.109 ms
64 bytes from centos7-1 (172.17.0.3): icmp_seq=2 ttl=64 time=0.035 ms
^C
--- centos7-1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.035/0.072/0.109/0.037 ms
# 反向不可以ping通
[root@lifei-docker ~]# docker exec -it centos7-1 ping centos7-2
ping: centos7-2: Name or service not known
[root@lifei-docker ~]# docker network inspect 74b7206be3d8
[
{
"Name": "bridge",
"Id": "74b7206be3d88a2fe4d24737dd13a4c0de1882f0366c5dd9e6b5b435cff0f2e9",
"Created": "2023-01-06T00:58:07.890574499-05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"081415c443e60ed0ca9ae7fc7c0c47d8aaf14628f76343b24ad770862a1ae77d": {
"Name": "tomcat01",
"EndpointID": "99b604193506a25b19384bddc109b45e969d87fa50d448a5c2dbda8ce49cbddd",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"a8a1a953cc3f6db0926742ca06096ddf08887a5d26640633504e256fc8a47316": {
"Name": "centos7-2",
"EndpointID": "a84e7d067b8305d48fdc53820b323d99200e42fc0dcc53132c5d11ec44abdb1c",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
},
"c2c4963ea1d8e953260f9fc4fdb236b9c5e2c5cf4d16526877bbdf3aed6c3937": {
"Name": "centos7-1",
"EndpointID": "642aa18b6791ff8a11c340af7e9a0d774494a708b55db38eb72a42321331b147",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
自定义网络
容器互联
网络模式
- 桥接 默认
- none:不配置网络
- host:和宿主机共享
- continer 容器网络连通 (用的少!局限性很大)
测试
# --net bridge 是默认的,可以不写
docker run -it --name centos7-2 --net bridge /bin/bash
# docker0的特点,默认的,域名是不能访问的 --link 可以打通连接
# 创建自定义网络 ,--driver bridge 是默认的,可以不写
docker network create --driver bridge --subnet 192.168.1.0/24 --gateway 192.168.1.1 mynet
# 创建容器指定网络
[root@lifei-docker ~]# docker run -it --name centos7-1 --network mynet centos:centos7 /bin/bash
[root@d0fbba131709 /]# [root@lifei-docker ~]#
[root@lifei-docker ~]#
[root@lifei-docker ~]# docker run -it --name centos7-2 --network mynet centos:centos7 /bin/bash
# 在容器内可以直接使用hostname 进行访问
[root@fe3dda5d0ed4 /]# ping centos7-2
PING centos7-2 (192.168.1.3) 56(84) bytes of data.
64 bytes from fe3dda5d0ed4 (192.168.1.3): icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from fe3dda5d0ed4 (192.168.1.3): icmp_seq=2 ttl=64 time=0.019 ms
64 bytes from fe3dda5d0ed4 (192.168.1.3): icmp_seq=3 ttl=64 time=0.015 ms
^C
--- centos7-2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.015/0.022/0.034/0.009 ms
[root@fe3dda5d0ed4 /]# ping centos7-1
PING centos7-1 (192.168.1.2) 56(84) bytes of data.
64 bytes from centos7-1.mynet (192.168.1.2): icmp_seq=1 ttl=64 time=0.094 ms
64 bytes from centos7-1.mynet (192.168.1.2): icmp_seq=2 ttl=64 time=0.034 ms
^C
--- centos7-1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.034/0.064/0.094/0.030 ms
我们自定义的docker 网络维护好了对应关系,推荐我们平时这样使用网络 。
网络连通
root@lifei-docker ~]# docker network connect --help
Usage: docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings Add network-scoped alias for the container
--driver-opt strings driver options for the network
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--link list Add link to another container
--link-local-ip strings Add a link-local address for the container
[root@lifei-docker ~]# docker network connect mynet centos7-3
实战 REDIS 集群部署
1. 创建网络
docker network create redis --subnet 172.38.0.0/24
创建新建docker 脚本
[root@lifei-docker ~]# cat redis.sh
#!/bin/bash
for port in $(seq 1 6)
do
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port 6379
bind 0.0.0.0
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 172.38.0.1${port}
cluster-announce-port 6379
cluster-announce-bus-port 16379
appendonly yes
EOF
docker run -p 637${port}:6379 -p 1637${port}:16379 --name redis-${port} \
-v /mydata/redis/node-${port}/data:/data \
-v /mydata/redis/node-${port}/conf/redis.conf:/etc/redis/redis.conf \
-d --net redis --ip 172.38.0.1${port} redis:5.0.9-alpine3.11 redis-server /etc/redis/redis.conf
done
[root@lifei-docker ~]# docker exec -it redis-1 /bin/sh
/data # redis-cli --cluster create 172.38.0.11:6379 172.38.0.12:6379 172.38.0.13:6379 172.38.0.14:6379 172.38.0.15:6379 172.38.0.16:6379 --cluster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 172.38.0.15:6379 to 172.38.0.11:6379
Adding replica 172.38.0.16:6379 to 172.38.0.12:6379
Adding replica 172.38.0.14:6379 to 172.38.0.13:6379
M: 2ab98e3033d94a16934273cfb72bb0eba8a573ae 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
M: 11a563df991711893c6b9156154fe785f9f20aba 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
M: 185230f4e1d06df69217a164296bc71d94bb2f56 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
S: 5882e3209366f4b00a8fe7cc1bae8f759f43878f 172.38.0.14:6379
replicates 185230f4e1d06df69217a164296bc71d94bb2f56
S: b8ac1bace73925d6133d4bc191aef80db07c4ee6 172.38.0.15:6379
replicates 2ab98e3033d94a16934273cfb72bb0eba8a573ae
S: 6b619f79accdca45feea51ae25c84ba0da94952e 172.38.0.16:6379
replicates 11a563df991711893c6b9156154fe785f9f20aba
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
...
>>> Performing Cluster Check (using node 172.38.0.11:6379)
M: 2ab98e3033d94a16934273cfb72bb0eba8a573ae 172.38.0.11:6379
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 6b619f79accdca45feea51ae25c84ba0da94952e 172.38.0.16:6379
slots: (0 slots) slave
replicates 11a563df991711893c6b9156154fe785f9f20aba
S: 5882e3209366f4b00a8fe7cc1bae8f759f43878f 172.38.0.14:6379
slots: (0 slots) slave
replicates 185230f4e1d06df69217a164296bc71d94bb2f56
M: 185230f4e1d06df69217a164296bc71d94bb2f56 172.38.0.13:6379
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
M: 11a563df991711893c6b9156154fe785f9f20aba 172.38.0.12:6379
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
S: b8ac1bace73925d6133d4bc191aef80db07c4ee6 172.38.0.15:6379
slots: (0 slots) slave
replicates 2ab98e3033d94a16934273cfb72bb0eba8a573ae
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
/data # redis-c
redis-check-aof redis-check-rdb redis-cli
/data # redis-cli -c
127.0.0.1:6379> CLUSTER INFO
cluster_state:ok
cluster_slots_assigned:16384
cluster_slots_ok:16384
cluster_slots_pfail:0
cluster_slots_fail:0
cluster_known_nodes:6
cluster_size:3
cluster_current_epoch:6
cluster_my_epoch:1
cluster_stats_messages_ping_sent:184
cluster_stats_messages_pong_sent:185
cluster_stats_messages_sent:369
cluster_stats_messages_ping_received:180
cluster_stats_messages_pong_received:184
cluster_stats_messages_meet_received:5
cluster_stats_messages_received:369
127.0.0.1:6379> CLUSTER NODES
2ab98e3033d94a16934273cfb72bb0eba8a573ae 172.38.0.11:6379@16379 myself,master - 0 1673244343000 1 connected 0-5460
6b619f79accdca45feea51ae25c84ba0da94952e 172.38.0.16:6379@16379 slave 11a563df991711893c6b9156154fe785f9f20aba 0 1673244345112 6 connected
5882e3209366f4b00a8fe7cc1bae8f759f43878f 172.38.0.14:6379@16379 slave 185230f4e1d06df69217a164296bc71d94bb2f56 0 1673244345011 4 connected
185230f4e1d06df69217a164296bc71d94bb2f56 172.38.0.13:6379@16379 master - 0 1673244345000 3 connected 10923-16383
11a563df991711893c6b9156154fe785f9f20aba 172.38.0.12:6379@16379 master - 0 1673244344611 2 connected 5461-10922
b8ac1bace73925d6133d4bc191aef80db07c4ee6 172.38.0.15:6379@16379 slave 2ab98e3033d94a16934273cfb72bb0eba8a573ae 0 1673244344110 5 connected
Docker compose
容器编排
项目角度
compose 是Docker官方的开源项目,负责实现对Docker容器集群的快速编排。
项止角度将一组相关容器整合在一起,并按顺序启动。
定位是对于多个容器的编排和管理
docker-compose.yml 模板配置文件 用来定义一组相关联的应用容器项目
两个重要概念
项目 一组关联的应用容器组成的完整业务单元,在docker-compose.yml 中定义
服务 一个应用的容器,实际上可以包含若干个运行相同镜像容器的实例
compose 默认管理对象是项目,通过子命令对项目中的一组容器进行便捷的生命周期管理
compose项目由python编写,实际上调用了Docker 服务提供的API对容器进行管理,因此只需要所操作的平台支持DockerAPI,就可以在其上利用compose进行编排管理
只有linux平台上安装docker时没有安装docker-compose,mac 和 windows 均已经安装
安装方式
在线安装
参考链接 https://docs.docker.com/compose/install/other/
curl -SL https://github.com/docker/compose/releases/download/v2.14.2/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
第一个案例
1. 创建一个项目
mkdir ems
2. 在ems中创建一个docker-compose.yml 模板文件
[root@lifei-docker ems]# cat docker-compose.yml
version: "3.9"
services:
tomcat01:
container_name: tomcat01 #容器名字,不建议指定,使用项目名即可
image: tomcat:8.0 #镜像
ports:
- 8080:8080
tomcat02:
container_name: tomcat02
image: tomcat:8.0 #镜像
ports:
- 8081:8080
redis:
container_name: redis
image: redis:5.0.12
ports:
- 6379:6379
mysql:
container_name: mysql
image: mysql:5.7
ports:
- 3306:3306
environment: #代表给当前容器启动指定环境
#- "MYSQL_ROOT_PASSWORD=root"
- "MYSQL_ROOT_PASSWORD=123456"
volumes: #数据卷
#- /root/mysqldate1:/var/lib/mysql #挂载到指定目录
- mysqlData:/var/lib/mysql #创建卷,不过得需要在下面声名后才可以用
volumes:
mysqlData: # 声名数据卷别名
3. 启动
docker-compose up -d # 注意目录
docker-compose 中的模板命令
参考链接
能写在 docker-compose.yml 里面的指定
1. docker-compose.yml 支持的模板命令
build 指定,docker-compose 在启动容器之前,先根据dockerfile去构建镜像,然后根据构建的镜像启动容器,不能和image同时用。
command 指定,覆盖容器启动后默认执行的指定
container_name 指定容器的名称,不推荐使用
depends_on 解决容器启动的先后问题 #当前服务不会等待被依赖的服务完全启动。
environment 用来给容器启动,指定环境亦是,相当于docker run中的-e 指令
env_file 用来指定环境变量,指不过指定的是文件
expose 指定,用来指定构建镜像过程中,暴露的端口号 了解即可,不建议使用
image 指定启动容器使用的镜像,相当于docker run 使用的镜像名
networks 用来指定启动的容器使用的网桥
ports 用来指定容器和宿主机端口的映射
volumes 用来指定容器中目录和宿主机的映射
restart 用来指定docker 容器总是运行
另一个配置文件参考
[root@lifei-docker dangdang]# cat docker-compose.yaml
version: "3.8"
services:
tomcat:
image: tomcat:8.0
ports:
- "8080:8080"
networks:
- dangdang
apps:
build:
context: ../tomcat/ #指定Dockerfile目录
# dockfile: Dockerfile #指定Dockerfile文件名
ports:
- "8081:8080"
depends_on: # 注意服务不会等待完全启动
- tomcat
- mysql
networks:
- dangdang
mysql:
image: mysql:5.7
ports:
- 3306:3306
# environment:
#MYSQL_ROOT_PASSWORD: root
# - "MYSQL_ROOT_PASSWORD=root"
env_file:
- aa.env
networks:
- dangdang
networks:
dangdang:
docker compose 命令说明
docker-compose 尝试自动完成构建镜像、启动服务.
docker compose down [OPTIONS] #网桥移除,数据卷不移除
docker compose up [OPTIONS] [SERVICE]
docker exec 只能针对某一个服务id
docker-compose ps
cocker-compose restart
docker-compose rm [服务id] #删除所有停止的容器
docker-compose top [服务id]
docker-compose [unpause|pause] [服务id] #暂停恢复
docker-compose logs [SERVICE] -f
对于compose 对像来说,大部分命令既可以是项目本身,也可以是项目中的某个容器。如果没有特别说明就是项目
[root@lifei-docker dangdang]# docker-compose --help
Usage: docker compose [OPTIONS] COMMAND
Docker Compose
Options:
--ansi string Control when to print ANSI control characters ("never"|"always"|"auto") (default "auto")
--compatibility Run compose in backward compatibility mode
--env-file string Specify an alternate environment file.
-f, --file stringArray Compose configuration files
--parallel int Control max parallelism, -1 for unlimited (default -1)
--profile stringArray Specify a profile to enable
--project-directory string Specify an alternate working directory
(default: the path of the, first specified, Compose file)
-p, --project-name string Project name
Commands:
build Build or rebuild services
convert Converts the compose file to platform's canonical format
cp Copy files/folders between a service container and the local filesystem
create Creates containers for a service.
down Stop and remove containers, networks
events Receive real time events from containers.
exec Execute a command in a running container.
images List images used by the created containers
kill Force stop service containers.
logs View output from containers
ls List running compose projects
pause Pause services
port Print the public port for a port binding.
ps List containers
pull Pull service images
push Push service images
restart Restart service containers
rm Removes stopped service containers
run Run a one-off command on a service.
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show the Docker Compose version information
[root@lifei-docker dangdang]# docker-compose up --help
Usage: docker compose up [OPTIONS] [SERVICE...]
Docker swarm
docker swarm init # 初始化集群
docker swarm join-token worker # 生成加入swarm 集群 ,worker角色
docker swarm join-token manager # 生成加入swarm 集群,manager 角色
docker node # 此命令中能在manger 上面执行
docker service create -p 8080:8080 tomcat # 创建服务
docker service scale elastic_hermann=3 # 扩缩容
docker service rm elastic_hermann # 删除服务
浙公网安备 33010602011771号