Docker基础(下)

Docker基础(下)

链接:https://pan.baidu.com/s/1u8Tg5qB4ZZHEK6GqCJkjwg
提取码:u8hb
复制这段内容后打开百度网盘手机App,操作更方便哦

5. 网络管理

5.1 容器网络模式

Docker支持5种网络模式

  • bridge :默认网络,Docker启动后默认创建一个docker0网桥,默认创建的容器也是添加到这个网桥中
  • host :容器不会获得一个独立的network namespace,而是与宿主机共用一个
  • none :获取独立的network namespace,但不为容器进行任何网络配置
  • container :与指定的容器使用同一个network namespace,网卡配置也都是相同的
  • 自定义:自定义网桥,默认与bridge网络一样

5.1.1 bridge网络类型

#安装bridge管理工具
[root@docker ~]# yum -y install bridge-utils
[root@docker ~]# rpm -qa bridge-utils
bridge-utils-1.5-9.el7.x86_64


#查看网桥状态
[root@docker ~]# brctl show
bridge name	bridge id		STP enabled	interfaces
br-5a08a644a2cf		8000.02422545f8bc	no		veth81c317b    #网桥br-br0绑定了两个虚拟网卡
							vethd7a3e4e
docker0		8000.02426397c060	no                             #网桥docker0绑定了一个虚拟网卡


#查看网络类型
[root@docker ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
e2fa9dde793d        bridge              bridge              local     #两个网桥类型的网络
0e3d0cd4f911        host                host                local
5a08a644a2cf        lnmp                bridge              local      #两个网桥类型的网络
c7527cab10af        none                null                local


#查看容器进程
[root@docker ~]# docker ps 
CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                   NAMES
6029f85c1c5f        centos:latest             "/bin/bash"              20 seconds ago      Up 18 seconds                                               test
2735b84c0c50        richarvey/nginx-php-fpm   "docker-php-entrypoi…"   22 minutes ago      Up 22 minutes       443/tcp, 9000/tcp, 0.0.0.0:88->80/tcp   lnmp_web
ec489c72bc68        mysql:5.6                 "docker-entrypoint.s…"   About an hour ago   Up About an hour    0.0.0.0:3306->3306/tcp                  lnmp_mysql
#查看容器lnmp_mysql的网络信息
[root@docker ~]# docker inspect lnmp_mysql | grep -A 15 "Networks"
            "Networks": {
                "lnmp": {             #网络类型lnmp
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "ec489c72bc68"
                    ],
                    "NetworkID": "8e6aa0ccb8a0f997c531b54b81ac6c243369ee7ba9fbefb63b4ea73d789ffc1b",
                    "EndpointID": "1315327c0917e5c853b7e4f9b62eed4659073e11690b021d9c2a4b74d7946a5e",
                    "Gateway": "172.18.0.1",     #网关172.18.0.1,这就是网桥br-8e6aa0ccb8a0
                    "IPAddress": "172.18.0.2",   #容器IP172.18.0.2
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:12:00:02",
#查看容器lnmp_web的网络信息
[root@docker ~]# docker inspect lnmp_web | grep -A 15 "Networks"
            "Networks": {
                "lnmp": {             #网络类型lnmp
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "2735b84c0c50"
                    ],
                    "NetworkID": "8e6aa0ccb8a0f997c531b54b81ac6c243369ee7ba9fbefb63b4ea73d789ffc1b",
                    "EndpointID": "99900f00b5cfc18f0bf5392bc36dc4a7a9dc7b14160c20443fe8440b42bd202d",
                    "Gateway": "172.18.0.1",     #网关172.18.0.1,这就是网桥br-8e6aa0ccb8a0
                    "IPAddress": "172.18.0.3",   #容器IP172.18.0.3
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:12:00:03",
#查看容器test的网络信息
[root@docker ~]# docker inspect test | grep -A 15 "Networks"
            "Networks": {
                "host": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "0e3d0cd4f91126344abfe25394cbe35afd0d231761d7d3ed1a8ced885282ca38",
                    "EndpointID": "60d499f6f902747dc54adb7f2b6b382d9f4742bbddd9c00da80970770f1a0bcf",
                    "Gateway": "",
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "",
                    "DriverOpts": null

5.1.2 host网络类型

#启动一个网络类型为host的容器
[root@docker ~]# docker run -dit --name test2 --network host centos:latest /bin/bash
cfa7a42eb5577bc961d35f6b70a9f908a1b85d5f24a00b1431fbfb367c14558b

[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                   NAMES
edd2ade7bfa1        centos:latest             "/bin/bash"              5 seconds ago       Up 4 seconds                                                test2
6029f85c1c5f        centos:latest             "/bin/bash"              5 minutes ago       Up 5 minutes                                                test
2735b84c0c50        richarvey/nginx-php-fpm   "docker-php-entrypoi…"   27 minutes ago      Up 27 minutes       443/tcp, 9000/tcp, 0.0.0.0:88->80/tcp   lnmp_web
ec489c72bc68        mysql:5.6                 "docker-entrypoint.s…"   About an hour ago   Up About an hour    0.0.0.0:3306->3306/tcp                  lnmp_mysql
#查看容器的ip
[root@docker ~]# docker exec test2 hostname -I     #这就是网络类型为host的容器,ip地址和docker宿主机完全一样
192.168.200.63 172.17.0.1 172.18.0.1 
[root@docker ~]# docker exec test hostname -I          #网桥类型容器
192.168.200.63  
[root@docker ~]# docker exec lnmp_mysql hostname -i    #网桥类型容器
172.18.0.2
[root@docker ~]# docker exec lnmp_web hostname -i      #网桥类型容器
172.18.0.3

5.1.3 none网络类型(用于建立与宿主机的桥接模式)

#启动一个网络类型为none的容器
[root@docker ~]# docker run -dit --name test3 --net none centos:latest
51a1472b653948b487eaf99dce51da2234d95c2b0f3cb8e858827eecc981d778

#查看容器IP地址
[root@docker ~]# docker exec test3 hostname -I

[root@docker ~]#

查询后发现,什么IP地址都没有,是的,none类型就是暂时不给容器指定网卡。

5.1.4 container网络类型

指定新容器使用指定容器的网卡

#启动一个容器,网络类型container,使用test容器的网卡
[root@docker ~]# docker run -dit --name test4 --net container:test centos:latest /bin/bash
912a23216bc62c4bf5c016c2caf080602d4167656ab0365019c5298161e8c765
[root@docker ~]# docker inspect test | grep -A 15 "Networks"
            "Networks": {
                "host": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "62a2e108597719dd0411b280e0bc06f316a92f07b9f1d7cd51bf03e990a02245",
                    "EndpointID": "a219dfc918e7d017f67331cf042a505571fc604a23d5ec8d43d43e7464efe4e7",
                    "Gateway": "",
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "",
                    "DriverOpts": null
                }

5.2 桥接宿主机网络与配置固定IP地址

5.2.1 建立网桥桥接到宿主机网络

image.png-174.6kB

#构建一个永久生效的网桥br0
[root@docker network-scripts]# pwd
/etc/sysconfig/network-scripts


[root@docker network-scripts]# cat ifcfg-ens32 
TYPE=Ethernet
BOOTPROTO=dhcp
NAME=ens32
DEVICE=ens32
ONBOOT=yes
BRIDGE=br0

[root@docker network-scripts]# cat ifcfg-br0 
TYPE=Bridge
BOOTPROTO=static
DEVICE=br0
ONBOOT=yes
IPADDR=192.168.200.63
NETMASK=255.255.255.0
GATEWAY=192.168.200.2
DNS1=192.168.200.2
[root@docker network-scripts]# service network restart
#查看网卡IP
[root@docker ~]# ifconfig ens32           #ens32网卡已经没有IP地址了
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 00:0c:29:1c:09:10  txqueuelen 1000  (Ethernet)
        RX packets 330510  bytes 465323560 (443.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 128645  bytes 8576682 (8.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


[root@docker ~]# ifconfig br0             #网桥br0代替了ens32
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.200.63  netmask 255.255.255.0  broadcast 192.168.200.255
        inet6 fe80::20c:29ff:fe1c:910  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:1c:09:10  txqueuelen 1000  (Ethernet)
        RX packets 146  bytes 14103 (13.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 85  bytes 12031 (11.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
[root@docker ~]# brctl show
bridge name	bridge id		STP enabled	interfaces
br-8e6aa0ccb8a0		8000.0242ac2767a3	no		veth3cda632
							vethee0e07f
br0		8000.000c291c0910	no		ens32   #网桥br0,桥接在了真实的物理网卡ens32上
docker0		8000.024235e4516f	no	

5.2.2 通过pipework工具配置容器固定IP

pipework工具下载地址:https://github.com/jpetazzo/pipework.git

#解压安装pipework工具
[root@docker ~]# yum -y install unzip
[root@docker ~]# rpm -qa unzip
unzip-6.0-19.el7.x86_64

[root@docker ~]# unzip pipework-master.zip
Archive:  pipework-master.zip
ae42f1b5fef82b3bc23fe93c95c345e7af65fef3
   creating: pipework-master/
 extracting: pipework-master/.gitignore  
  inflating: pipework-master/LICENSE  
  inflating: pipework-master/README.md  
  inflating: pipework-master/docker-compose.yml  
   creating: pipework-master/doctoc/
  inflating: pipework-master/doctoc/Dockerfile  
  inflating: pipework-master/pipework  
  inflating: pipework-master/pipework.spec  
[root@docker ~]# mv pipework-master /usr/local/
[root@docker ~]# ln -s /usr/local/pipework-master/pipework /usr/local/bin/
[root@docker ~]# which pipework
/usr/local/bin/pipework
#建立网络类型为none的容器,并通过pipework配置固定ip地址
[root@docker ~]# docker run -dit --name test5 --net none centos:latest /bin/bash
9b0b629ee6561069f255cd7c3453a13096beb139805ba24ccc6830091a4358f2
[root@docker ~]# pipework br0 test5 192.168.200.199/24@192.168.200.2  #设置容器固定IP为192.168.200.199网关192.168.200.2
[root@docker ~]# docker exec test5 hostname -I     #有IP了
192.168.200.199 

[root@docker ~]# ping 192.168.200.199       #宿主机ping能通
PING 192.168.200.199 (192.168.200.199) 56(84) bytes of data.
64 bytes from 192.168.200.199: icmp_seq=1 ttl=64 time=0.219 ms
^C
--- 192.168.200.199 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.219/0.219/0.219/0.000 ms
[root@docker ~]# docker exec -it test5 /bin/bash     #进入容器
[root@9b0b629ee656 /]# ping www.baidu.com            #能连接外网
PING www.a.shifen.com (220.181.112.244) 56(84) bytes of data.
64 bytes from 220.181.112.244 (220.181.112.244): icmp_seq=1 ttl=128 time=36.8 ms
^C
--- www.a.shifen.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 36.864/36.864/36.864/0.000 ms

通过windows宿主机ping虚拟机中的容器进程IP进行测试

image.png-23.5kB
综上,外部机器访问虚拟机中的容器进程也可以联通了

6. Docker的镜像制作

6.1 Dockerfile常用指令介绍

指令 描述
FROM 构建的新镜像是基于哪个镜像。例如:FROM centos:6
MAINTAINER 镜像维护者姓名或邮箱地址。例如:MAINTAINER Mr.yang
RUN 构建镜像时运行的Shell命令。 例如:RUN ["yum","install","httpd"]
或者RUN yum install httpd
CMD 运行容器时执行的Shell命令(可以被运行时传递的参数覆盖)。例如:CMD ["-c","/start.sh"]
或者CMD ["/usr/sbin/sshd","-D"]或者CMD /usr/sbin/sshd -D
EXPOSE 声明容器运行的服务端口。例如:EXPOSE 80 443
ENV 设置容器内环境变量。例如:ENV MYSQL_ROOT_PASSWORD 123456
ADD 拷贝文件或目录到镜像(可以自动解压缩或者下载)
例如:ADD ["src","dest"]或者ADD https://xxx.com/html.tar.gz /var/www/html
或者:ADD html.tar.gz /var/www/html
COPY 拷贝文件或目录到镜像(不能自动解压缩)。例如:COPY ./start.sh /start.sh
ENTRYPOINT 运行容器时执行的Shell命令(不能被运行时传递的参数覆盖)。例如:ENTRYPOINT ["/bin/bash","-c","/start.sh"]
或者ENTRYPOINT /bin/bash -c "/start.sh"
VOLUME 指定容器挂载点到宿主机自动生成的目录或其他容器
例如:VOLUME ["/var/lib/mysql"]
USER 为RUN,CMD和ENTRYPOINT执行命令指定运行用户
例如:USER Mr_yang
WORKDIR 为RUN,CMD,ENTRYPOINT,COPY和ADD设置工作目录(指定进入容器中默认被切换的目录)。
例如:WORKDIR /data
HEALTHCHECK 健康检查。例如:HEALTHCHECK --interval=5m --timeout=3s --retries=3
CMD curl -f http://localhost/ 11 exit 1
ARG 在构建镜像时指定一些参数。例如:ARG user

6.2 利用Dockerfile编写简单的nginxWeb镜像

#首先我们开启ipv4转发
[root@docker ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
[root@docker ~]# sysctl -p
net.ipv4.ip_forward = 1

#创建nginx的镜像目录
[root@docker ~]# mkdir -p dockerfile/lib/centos/nginx
[root@docker ~]# cd dockerfile/lib/centos/nginx/

#准备Dockerfile文件
[root@docker nginx]# cat Dockerfile 
FROM centos:7

MAINTAINER www.yunjisuan.com
RUN yum install -y gcc gcc-c++ make openssl-devel pcre-devel
ADD nginx-1.12.1.tar.gz /tmp

RUN cd /tmp/nginx-1.12.1 && \
       ./configure --prefix=/usr/local/nginx && \
       make -j 2 && \
       make install
RUN rm -rf /tmp/nginx-1.12.1* && yum clean all

COPY nginx.conf /usr/local/nginx/conf

WORKDIR /usr/local/nginx
EXPOSE 80
CMD ["./sbin/nginx", "-g", "daemon off;"]
#将事先准备好的nginx-1.12.1.tar.gz和nginx.conf配置文件拷贝到当前目录下
[root@docker nginx]# ls
Dockerfile  nginx-1.12.1.tar.gz  nginx.conf

#build基于nginx的docker镜像
[root@docker nginx]# docker build -t nginx:1 .
#以下省略若干。。。

[root@docker php]# docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
nginx                     1                   0d7f67d582d5        6 minutes ago       418MB
mysql                     5.6                 a46c2a2722b9        4 days ago          256MB
nginx                     latest              dbfc48660aeb        12 days ago         109MB
centos                    7                   75835a67d134        2 weeks ago         200MB
centos                    latest              75835a67d134        2 weeks ago         200MB
richarvey/nginx-php-fpm   latest              de1554d0b081        4 weeks ago         302MB

6.3 构建PHP网站平台镜像实战

现在我们创建一个PHP的docker镜像

#创建php的镜像目录
[root@docker nginx]# mkdir -p /root/dockerfile/lib/centos/php
[root@docker nginx]# cd /root/dockerfile/lib/centos/php/

#准备Dockerfile文件
[root@docker php]# cat Dockerfile 
FROM centos:7
MAINTAINER www.aliangedu.com
RUN yum install -y gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel
ADD php-5.6.31.tar.gz /tmp/

RUN cd /tmp/php-5.6.31 && \
    ./configure --prefix=/usr/local/php \
    --with-config-file-path=/usr/local/php/etc \
    --with-mysql --with-mysqli \
    --with-openssl --with-zlib --with-curl --with-gd \
    --with-jpeg-dir --with-png-dir --with-iconv \
    --enable-fpm --enable-zip --enable-mbstring && \
    make -j 4 && \
    make install && \
    cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \
    sed -i "s/127.0.0.1/0.0.0.0/" /usr/local/php/etc/php-fpm.conf && \
    sed -i "21a \daemonize = no" /usr/local/php/etc/php-fpm.conf
COPY php.ini /usr/local/php/etc

RUN rm -rf /tmp/php-5.6.31* && yum clean all

WORKDIR /usr/local/php
EXPOSE 9000
CMD ["./sbin/php-fpm", "-c", "/usr/local/php/etc/php-fpm.conf"]
#将事先准备好的php.ini文件及php-5.6.31.tar.gz拷贝到当前目录下
[root@docker php]# ls
Dockerfile  php-5.6.31.tar.gz  php.ini

#build基于php的docker镜像
[root@docker php]# docker build -t php:1 .
#以下省略若干。。。

[root@docker php]# docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
php                       1                   7931c95b2441        36 seconds ago      998MB
nginx                     1                   0d7f67d582d5        28 minutes ago      418MB
mysql                     5.6                 a46c2a2722b9        4 days ago          256MB
nginx                     latest              dbfc48660aeb        12 days ago         109MB
centos                    7                   75835a67d134        2 weeks ago         200MB
centos                    latest              75835a67d134        2 weeks ago         200MB
richarvey/nginx-php-fpm   latest              de1554d0b081        4 weeks ago         302MB

6.4 创建nginx-php网络环境,并启动容器

#创建一个叫做lnmp的网络
[root@docker nginx]# pwd
/root/dockerfile/lib/centos/nginx
[root@docker nginx]# docker network create lnmp
[root@docker nginx]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
bc8c06ed1eed        bridge              bridge              local
62a2e1085977        host                host                local
8e6aa0ccb8a0        lnmp                bridge              local
ce66b6969fb3        none                null                local

#创建nginx-php网页挂载目录
[root@docker nginx]# mkdir -p /app/wwwroot
#启动php容器
[root@docker nginx]# docker run -dit --name lnmp_php --network lnmp --mount type=bind,src=/app/wwwroot/,dst=/usr/local/nginx/html php:1
eb27c64f89251d196044859a8bff1a290cc3c5c1a46123282cca831cbc829928
[root@docker nginx]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
eb27c64f8925        php:1               "./sbin/php-fpm -c /…"   3 seconds ago       Up 2 seconds        9000/tcp            lnmp_php
[root@docker nginx]# docker exec lnmp_php hostname -I
172.18.0.2 
#启动nginx容器
[root@docker php]# pwd
/root/dockerfile/lib/centos/php
[root@docker php]# docker run -dit --name lnmp_nginx -p 888:80 --network lnmp --mount type=bind,src=/app/wwwroot,dst=/usr/local/nginx/html nginx:1
e0d855274f1c08d0aa2e9bd9fe8ca4cb727f6932a08530f2834070b3ce76f5cf
[root@docker php]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                 NAMES
e0d855274f1c        nginx:1             "./sbin/nginx -g 'da…"   5 seconds ago        Up 4 seconds        0.0.0.0:888->80/tcp   lnmp_nginx
eb27c64f8925        php:1               "./sbin/php-fpm -c /…"   About a minute ago   Up About a minute   9000/tcp              lnmp_php
#创建测试页面php.info
[root@docker ~]# echo "<?php phpinfo();?>" > /app/wwwroot/index.php
[root@docker ~]# cat /app/wwwroot/index.php
<?php phpinfo();?>

最后通过浏览器进行访问测试http://192.168.200.63:888

image.png-83.3kB

6.5 构建JAVA网站环境镜像实战

#创建java镜像构建存储目录
[root@docker ~]# mkdir -p dockerfile/lib/centos/tomcat
[root@docker ~]# cd dockerfile/lib/centos/tomcat/

#将所需软件包拷贝到当前目录下
[root@docker tomcat]# ls
apache-tomcat-8.0.46.tar.gz  Dockerfile  jdk-8u45-linux-x64.tar.gz  server.xml

#筹备Dockerfile
[root@docker tomcat]# cat Dockerfile 
FROM centos:7
MAINTAINER www.aliangedu.com 

ADD jdk-8u45-linux-x64.tar.gz /usr/local
ENV JAVA_HOME /usr/local/jdk1.8.0_45

ADD apache-tomcat-8.0.46.tar.gz /usr/local
COPY server.xml /usr/local/apache-tomcat-8.0.46/conf

RUN rm -f /usr/local/*.tar.gz

WORKDIR /usr/local/apache-tomcat-8.0.46
EXPOSE 8080
ENTRYPOINT ["./bin/catalina.sh", "run"]
#build基于tomcat的镜像
[root@docker tomcat]# docker build -t tomcat:1 .
#以下省略若干。。。

#创建网页挂载目录
[root@docker tomcat]# mkdir -p /app/webapps

#启动tomcat的容器进程
[root@docker tomcat]# docker run -dit --name=tomcat -p 8080:8080 --mount type=bind,src=/app/webapps/,dst=/usr/local/apache-tomcat-8.0.46/webapps tomcat:1
5f452c7180f1362a063f4dce7e03d52c9f14f66d6a4106ff5b7dadbe86b4914a

#查看容器进程
[root@docker tomcat]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
5f452c7180f1        tomcat:1            "./bin/catalina.sh r…"   15 seconds ago      Up 14 seconds       0.0.0.0:8080->8080/tcp   tomcat
e0d855274f1c        nginx:1             "./sbin/nginx -g 'da…"   9 minutes ago       Up 9 minutes        0.0.0.0:888->80/tcp      lnmp_nginx
eb27c64f8925        php:1               "./sbin/php-fpm -c /…"   10 minutes ago      Up 10 minutes       9000/tcp                 lnmp_php
#创建网站测试页
[root@docker tomcat]# mkdir -p /app/webapps/ROOT
[root@docker tomcat]# echo "welcome to yunjisuan" >> /app/webapps/ROOT/index.html
[root@docker tomcat]# cat /app/webapps/ROOT/index.html 
welcome to yunjisuan

然后我们用浏览器访问8080端口http://192.168.200.63:8080
image.png-7.2kB
特别提示:

tomcat有三种启动方式:

  • 直接启动./startup.sh
  • 作为服务启动 nohup ./startup.sh &
  • 控制台动态输出方式启动./catalina.sh run动态地显示tomcat后台的控制台输出信息,Ctrl+C后退出并关闭服务

构建镜像的Dockerfile里的最后一步启动的进程不能是后台模式,否则容器直接退出。因此,nginxWeb镜像构建时,用CMD ["./sbin/nginx", "-g", "daemon off;"]方式进行启动

7. Docker企业实战案例一:整套项目一键打包部署

7.1 Docker Compose用法

7.1.1 介绍

Compose是一个定义和管理多容器的工具,使用Python语言编写。使用Compose配置文件描述多个容器应用的架构,比如使用什么镜像,数据卷,网络,映射端口等;然后一条命令管理所有服务,比如启动,停止,重启等。

7.1.2 安装

下载docker-compose-linux-x86_64.zip

[root@docker ~]# ll docker-compose-linux-x86_64.zip
-rw-r--r-- 1 root root 8733389 10月 29 10:35 docker-compose-linux-x86_64.zip
[root@docker ~]# which unzip
/usr/bin/unzip
[root@docker ~]# unzip docker-compose-linux-x86_64.zip
Archive:  docker-compose-linux-x86_64.zip
  inflating: docker-compose 

[root@docker ~]# ll docker-compose
-rw-r--r-- 1 root root 8858496 8月  31 2017 docker-compose
[root@docker ~]# chmod +x docker-compose
[root@docker ~]# mv docker-compose /usr/bin/
[root@docker ~]# which docker-compose
/usr/bin/docker-compose

7.1.3 YAML文件格式及编写注意事项

YAML是一种标记语言很直观的数据序列化格式,可读性高。类似于XML数据描述语言,语法比XML简单的很多。
YAML数据结构通过缩进来表示,连续的项目通过减号来表示,键值对用冒号分隔,数组用中括号括起来,hash用花括号括起来。


YAML文件格式注意事项:

  • 不支持制表符tab键缩进,需要使用空格缩进
  • 通常开头缩进2个空格
  • 字符后缩进1个空格,如冒号,逗号,横杆
  • 用井号注释
  • 如果包含特殊字符用单引号引起来
  • 布尔值(true,false,yes,no,on,off)必须用引号括起来,这样分析器会将他们解释为字符串。

配置文件常用字段

字段 描述
build 下级字段dockerfile:指定Dockerfile文件名
下级字段context;构建镜像上下文路径
image 指定镜像
command 执行命令,覆盖默认命令
container_name 指定容器名称
deploy 指定部署和运行服务相关配置,只能在Swarm模式使用
environment 添加环境变量
networks 加入网络,引用顶级networks下条目
ports 暴露端口,与-p相同,但端口不能低于60
volumes 挂载宿主机路径或命名卷。如果是命名卷在顶级volumes定义卷名称
restart 重启策略,默认no,always
hostname 容器主机名

常用命令

字段 描述
build 重新构建服务
ps 列出容器
up 创建和启动容器
exec 在容器里执行命令
scale 指定一个服务容器启动数量
top 显示容器进程
logs 查看容器输出
down 删除容器,网络,数据卷和镜像
stop/start/restart 停止/启动/重启服务

例如:

[root@docker ~]# cat docker-compose.yml 
version: '3'
services:
  nginx:
    hostname: nginx
    build:
      context: ./nginx
      dockerfile: Dockerfile
    ports:
      - 81:80
    networks:
      - lnmp
    volumes:
      - ./wwwroot:/usr/local/nginx/html

  php:
    hostname: php
    build:
      context: ./php
      dockerfile: Dockerfile
    networks:
      - lnmp
    volumes:
      - ./wwwroot:/usr/local/nginx/html

  mysql:
    hostname: mysql
    image: mysql:5.6
    ports:
      - 3306:3306
    networks:
      - lnmp
    volumes:
      - ./mysql/conf:/etc/mysql/conf.d
      - ./mysql/data:/var/lib/mysql
    command: --character-set-server=utf8
    environment:
      MYSQL_ROOT_PASSWORD: 123456
      MYSQL_DATABASE: wordpress
      MYSQL_USER: user
      MYSQL_PASSWORD: user123

networks:
  lnmp:

7.2 一键部署LNMP网站平台实战

#查看compose_lnmp包
[root@docker ~]# tree compose_lnmp/
compose_lnmp/
├── docker-compose.yml       #docker-compose启动接口文件
├── mysql
│   ├── conf
│   │   └── my.cnf           #mysql配置文件
│   └── data                 #待挂载mysql数据目录
├── nginx
│   ├── Dockerfile           #自定义nginx的Docker镜像配置文件
│   ├── nginx-1.12.1.tar.gz  #源码包
│   └── nginx.conf           #nginx配置文件
├── php
│   ├── Dockerfile           #自定义php的Docker镜像配置文件
│   ├── php-5.6.31.tar.gz    #源码包
│   └── php.ini              #php解析器配置文件  
└── wwwroot                  #nginx容器和php容器待挂载的网页目录
    └── index.php            #网页测试文件
6 directories, 9 files


#一键部署LNMP
[root@docker ~]# cd compose_lnmp/
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml up
#以下省略若干。。。

浏览器访问:http://192.168.200.63:81/index.php
image.png-82.3kB

#一键查看所有部署的容器进程
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml ps
       Name                      Command               State           Ports          
-------------------------------------------------------------------------------------
composelnmp_mysql_1   docker-entrypoint.sh --cha ...   Up      0.0.0.0:3306->3306/tcp 
composelnmp_nginx_1   ./sbin/nginx -g daemon off;      Up      0.0.0.0:81->80/tcp     
composelnmp_php_1     ./sbin/php-fpm -c /usr/loc ...   Up      9000/tcp 


#一键终止所有部署的容器进程
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml stop
Stopping composelnmp_nginx_1 ... done
Stopping composelnmp_php_1   ... done
Stopping composelnmp_mysql_1 ... done


#一键查看所有部署的容器进程
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml ps
       Name                      Command               State    Ports 
---------------------------------------------------------------------
composelnmp_mysql_1   docker-entrypoint.sh --cha ...   Exit 0         
composelnmp_nginx_1   ./sbin/nginx -g daemon off;      Exit 0         
composelnmp_php_1     ./sbin/php-fpm -c /usr/loc ...   Exit 0  


#一键清理所有部署的容器进程
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml down
Removing composelnmp_nginx_1 ... done
Removing composelnmp_php_1   ... done
Removing composelnmp_mysql_1 ... done
Removing network composelnmp_lnmp
[root@docker compose_lnmp]# docker-compose -f docker-compose.yml ps
Name   Command   State   Ports 
------------------------------

7.3 一键部署Nginx反向代理Tomcat集群实战

#查看compose_nginx_tomcat包
[root@docker ~]# tree compose_nginx_tomcat/
compose_nginx_tomcat/
├── docker-compose.yml
├── mysql
│   ├── conf
│   │   └── my.cnf  #mysql的配置文件
│   └── data        #待挂载mysql数据目录
├── nginx
│   ├── Dockerfile      #自定义镜像配置文件
│   ├── nginx-1.12.1.tar.gz #源码包
│   └── nginx.conf          #nginx配置文件
├── tomcat
│   ├── apache-tomcat-8.0.46.tar.gz #源码包
│   ├── Dockerfile      #自定义镜像配置文件
│   └── server.xml      #tomcat配置文件
└── webapps         
    └── ROOT
        └── index.html  #网页测试文件
7 directories, 9 files
#查看docker-compose的启动接口文件
[root@docker ~]# cat compose_nginx_tomcat/docker-compose.yml 
version: '3'
services:
  nginx:
    hostname: nginx
    build:
      context: ./nginx
      dockerfile: Dockerfile
    ports:
      - 82:80
    networks:
      - lnmt
    volumes:
      - ./webapps:/opt/webapps

  tomcat01:
    hostname: tomcat01
    build: ./tomcat
    networks:
      - lnmt
    volumes:
      - /usr/local/jdk1.8.0_45:/usr/local/jdk1.8.0_45
      - ./webapps:/usr/local/apache-tomcat-8.0.46/webapps

  tomcat02:
    hostname: tomcat02
    build: ./tomcat
    networks:
      - lnmt
    volumes:
      - /usr/local/jdk1.8.0_45:/usr/local/jdk1.8.0_45
      - ./webapps:/usr/local/apache-tomcat-8.0.46/webapps

  mysql:
    hostname: mysql
    image: mysql:5.6
    ports:
      - 3307:3306
    networks:
      - lnmt
    volumes:
      - ./mysql/conf:/etc/mysql/conf.d
      - ./mysql/data:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: 123456
      MYSQL_DATABASE: db
      MYSQL_USER: user
      MYSQL_PASSWORD: user123

networks:
  lnmt:
#由于tomcat容器进程需要挂载docker宿主机本地的java环境
#所以在docker宿主机本地安装jdk-8u45-linux-x64.tar.gz
[root@docker ~]# ll jdk-8u45-linux-x64.tar.gz
-rw-r--r-- 1 root root 173271626 10月 29 12:09 jdk-8u45-linux-x64.tar.gz
[root@docker ~]# tar xf jdk-8u45-linux-x64.tar.gz -C /usr/local
[root@docker ~]# ll -d /usr/local/jdk1.8.0_45
drwxr-xr-x 8 10 143 255 4月  11 2015 /usr/local/jdk1.8.0_45


#一键部署ngxin+tomcat反向代理集群
[root@docker ~]# cd compose_nginx_tomcat/
[root@docker compose_nginx_tomcat]# pwd
/root/compose_nginx_tomcat
[root@docker compose_nginx_tomcat]# docker-compose -f docker-compose.yml up
#以下省略若干。。。

浏览器访问:http://192.168.200.63:82
image.png-5.8kB

[root@docker ~]# docker-compose -f compose_nginx_tomcat/docker-compose.yml ps
            Name                          Command             State           Ports          
--------------------------------------------------------------------------------------------
composenginxtomcat_mysql_1      docker-entrypoint.sh mysqld   Up      0.0.0.0:3307->3306/tcp 
composenginxtomcat_nginx_1      ./sbin/nginx -g daemon off;   Up      0.0.0.0:82->80/tcp     
composenginxtomcat_tomcat01_1   ./bin/catalina.sh run         Up      8080/tcp               
composenginxtomcat_tomcat02_1   ./bin/catalina.sh run         Up      8080/tcp               


[root@docker ~]# docker-compose -f compose_nginx_tomcat/docker-compose.yml stop
Stopping composenginxtomcat_mysql_1    ... done
Stopping composenginxtomcat_tomcat01_1 ... done
Stopping composenginxtomcat_tomcat02_1 ... done
Stopping composenginxtomcat_nginx_1    ... done


[root@docker ~]# docker-compose -f compose_nginx_tomcat/docker-compose.yml ps
            Name                          Command              State     Ports 
------------------------------------------------------------------------------
composenginxtomcat_mysql_1      docker-entrypoint.sh mysqld   Exit 0           
composenginxtomcat_nginx_1      ./sbin/nginx -g daemon off;   Exit 0           
composenginxtomcat_tomcat01_1   ./bin/catalina.sh run         Exit 143         
composenginxtomcat_tomcat02_1   ./bin/catalina.sh run         Exit 143         


[root@docker ~]# docker-compose -f compose_nginx_tomcat/docker-compose.yml down
Removing composenginxtomcat_mysql_1    ... done
Removing composenginxtomcat_tomcat01_1 ... done
Removing composenginxtomcat_tomcat02_1 ... done
Removing composenginxtomcat_nginx_1    ... done
Removing network composenginxtomcat_lnmt


[root@docker ~]# docker-compose -f compose_nginx_tomcat/docker-compose.yml ps
Name   Command   State   Ports 
------------------------------