docker 常用命令 docker-compose参数
日志: docker logs -t --since="2020-02-27T07:00:00" 4c04ea1238ab |less docker exec -it dbm-service bash
rpm -qa | grep -i 'docker' if [ $? == 0 ] ; then echo 'I: docker has been installed, skip installation' else yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine yum install -y yum-utils \ device-mapper-persistent-data \ epel-release \ lvm2 yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum install -y docker-ce-18.09.6-3.el7.x86_64 systemctl enable docker # change docker graph dir systemctl start docker systemctl stop docker test -d /var/lib/docker && mv /var/lib/docker /data/docker_lib # add config yum install -y jq if [ -f /etc/docker/daemon.json ] && [ "`cat /etc/docker/daemon.json`" != '' ]; then cat /etc/docker/daemon.json | jq '.graph="/data/docker_lib"' | tee /etc/docker/daemon.json else echo '{"graph":"/data/docker_lib","default-address-pools": [{"base":"172.17.0.0/16","size":24}]}' | jq . > /etc/docker/daemon.json fi systemctl start docker docker pull busybox docker run --rm busybox echo hello # add yw user to docker group, let yw user be able to use docker without sudo permission usermod -aG docker yw fi
1. 安装/升级Docker客户端 推荐安装1.10.0以上版本的Docker客户端,参考文档 docker-ce 2. 配置镜像加速器 针对Docker客户端版本大于 1.10.0 的用户 您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器 sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://qs335f5p.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
docker-compose中配置重启策略:
docker-compose: version: '2' services: database: build: ./mysql/ command: mysqld --user=root --verbose restart: always # docker-compose 关机或者重启docker同时重启容器restart always的配置 environment: MYSQL_DATABASE: "web_level3_sqli" MYSQL_USER: "web_level3_sqli" MYSQL_PASSWORD: "thisisasecurepassword123" MYSQL_ROOT_PASSWORD: "root" MYSQL_ALLOW_EMPTY_PASSWORD: "yes" web: build: ./www/ restart: always ports: - "12000:80" volumes: - ./www/src:/var/www/html links: - database - restart:always # 重启机制:手动停止容器使用docker kill容器后不会重启, # 在宿主机reboot之后,且docker已经配置了开机自启(sudo systemctl enable docker),此时设置了restart:always的服务会重启 #docker中的restart策略: 在运行docker容器时可以加如下参数来保证每次docker服务重启后容器也自动重启: docker run --restart=always 对于运行状态的容器则可以使用如下命令: docker update --restart=always <CONTAINER ID> https://docs.docker.com/config/containers/start-containers-automatically/ https://docs.docker.com/engine/reference/run/#restart-policies---restart $ docker run --restart=always redis This will run the redis container with a restart policy of always so that if the container exits, Docker will restart it. $ docker run --restart=on-failure:10 redis This will run the redis container with a restart policy of on-failure and a maximum restart count of 10. If the redis container exits with a non-zero exit status more than 10 times in a row Docker will abort trying to restart the container. Providing a maximum restart limit is only valid for the on-failure policy.
docker中redis的持久化:
https://hub.docker.com/_/redis?tab=description
redis:
image: redis
ports:
- "6379:6379"
container_name: test-redis-compose
restart: always
#启动redis服务并添加密码为:123456,并开启redis的持久化
command: redis-server --requirepass 123456 --appendonly yes
#docker-compose的版本 version: '3' #定义服务 services: #服务名称,可随意定义 backend: build: #dockerfile的路径 context: backend #dockerfile的名称 dockerfile: Dockerfile #相当于docker run -v的作用 volumes: - "./jar:/opt/test" #容器名称 container_name: test-backend-compose #该服务依赖的其他服务,该配置选项可修改启动顺序 depends_on: - mysql - redis - rabbitmq ports: - "8082:8082" frontend: build: context: frontend dockerfile: Dockerfile ports: - "4010:4010" container_name: test-frontend-compose mysql: build: context: mysql dockerfile: Dockerfile ports: - "3306:3306" #相当于docker run命令中的-e environment: MYSQL_ROOT_PASSWORD: root #初始化的数据库名称 MYSQL_DATABASE: test container_name: test-mysql-compose restart: always #数据卷映射关系,把本机的./mysql/db目录映射到容器中的/var/lib/mysql volumes: - "./mysql/db/:/var/lib/mysql" #该选项中的命令会覆盖Dockfile中的CMD中的命令.lower_case_table_names参数是为了表名不区分大小写,default-authentication-plugin是8.0中密码加密策略不同带来的链接问题,如果不用8.0可不加此选项 command: mysqld --lower_case_table_names=1 --default-authentication-plugin=mysql_native_password redis: image: redis ports: - "6379:6379" container_name: test-redis-compose restart: always #启动redis服务并添加密码为:123456,并开启redis的持久化 command: redis-server --requirepass 123456 --appendonly yes rabbitmq: image: rabbitmq:management ports: - "5672:5672" - "15672:15672" container_name: test-rabbitmq-compose environment: #rabbitmq的初始用户名 RABBITMQ_DEFAULT_USER: admin #rabbitmq的初始密码 RABBITMQ_DEFAULT_PASS: 123456 #指定使用的网络,此处是使用已经提前创建好的自定义网络 #网络创建命令:docker network create -d bridge --subnet 172.50.0.0/16 cooperationassociation #--subnet指定网段 -d指定连接方式,最后的cooperationassociation为网络名称 #使用新的指定网络是为了防止网段占用完,这样会导致启动容器时XShell会自动退出,且本地用不了访问不了服务(服务器已有大量连接时可能会出现) #查看网段占用情况的命令:route -n networks: default: external: name: cooperationassociation
https://www.jianshu.com/p/528fa4d62ace
docker-compose控制启动顺序:
https://www.jianshu.com/p/9446f210e327 https://blog.csdn.net/hu_zhenghui/article/details/79819209
java业务最小化Dockerfile
FROM alpine:3.12 #https://www.cnblogs.com/xiaobao2/p/11468778.html #https://www.jianshu.com/p/e59ce295e79f RUN echo "https://mirror.tuna.tsinghua.edu.cn/alpine/v3.9/main/" > /etc/apk/repositories && \ apk --no-cache add ca-certificates wget && \ wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \ wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.30-r0/glibc-2.30-r0.apk && \ wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.30-r0/glibc-bin-2.30-r0.apk && \ wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.30-r0/glibc-i18n-2.30-r0.apk && \ apk add glibc-bin-2.30-r0.apk glibc-i18n-2.30-r0.apk glibc-2.30-r0.apk && \ rm -rf *.apk && rm -rf /var/cache/apk/* ADD jdk.tar.gz /usr/java/jdk/ ADD maven/apache-maven-3.5.4-bin.tar.gz /var/lib/ RUN ln -s /var/lib/apache-maven-3.5.4/bin/mvn /usr/bin/mvn ENV JAVA_HOME /usr/java/jdk ENV PATH ${PATH}:${JAVA_HOME}/bin RUN echo 'http://dl-cdn.alpinelinux.org/alpine/latest-stable/community' >> /etc/apk/repositories && apk --no-cache add docker && rm -rf /var/cache/apk/* COPY maven/settings.xml /var/lib/apache-maven-3.5.4/conf/ COPY git/* /root/.ssh/ COPY kube/kubeconfig-* /root/.kube/ COPY kube/kubectl /usr/bin/ RUN chmod 400 ~/.ssh/config && chmod 400 ~/.ssh/id_git && echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config \ && git config --global user.name zhenai-ci && git config --global user.email zhenai-ci@zhenai.com \ && git config --global push.default simple \ && export LC_ALL=en_US.UTF-8 && export LANG=en_US.UTF-8 #RUN yum install -y docker WORKDIR /build RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime COPY scripts/* /build/ RUN mkdir /build/logs CMD /build/prepare.sh