centos7安装docker和应用

    技术2024-11-10  11

    centos7 docker安装

    卸载旧版本安装docker启动docker配置阿里云镜像加速运行hello-world查看版本显示本地镜像删除本地镜像 拉取镜像新建并启动容器添加容器卷查看镜像和容器退出容器回到正在运行的容器关闭容器启动容器删除容器 查看容器日志查看docker容器的日志查看容器里面的进程查看容器内部的细节从容器cp文件到主机上小总结常用命令 1、Docker更新发布Nginx配置&发布代码启动多台容器查询容器ipsanjianke修改nginx目录和显示内容三剑客命令过滤配置文件的#和空行awk命令sed命令grep命令 2、Docker实战Tomcat WEB容器&多实例tomcat8查询镜像查询目录docker查询过滤查询 运行tomcat容器nginx和tomcat负载均衡动静分离3 基于Docker WEB管理Docker容器安装web管理容器用web管理创建容器访问用web管理创建的容器创建centos7云主机commit自定义镜像用新镜像启动云主机启动10台云主机 LNMPphp

    卸载旧版本

    较旧的Docker版本称为docker或docker-engine。如果已安装这些程序,请卸载它们以及相关的依赖项。

    yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine

    安装docker

    设置存储库 安装yum-utils软件包(提供yum-config-manager 实用程序)并设置稳定的存储库。

    [root@zheng yum.repos.d]# yum install -y yum-utils [root@zheng ~]# yum-config-manager \ > --add-repo \ > https://download.docker.com/linux/centos/docker-ce.repo Loaded plugins: fastestmirror adding repo from: https://download.docker.com/linux/centos/docker-ce.repo grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo repo saved to /etc/yum.repos.d/docker-ce.repo

    要先安装依赖,不然安装docker引擎的时候会报错

    [root@zheng yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo [root@zheng yum.repos.d]# yum install epel-release -y [root@zheng yum.repos.d]# yum install container-selinux -y

    安装docker引擎有两种方式 1、安装最新版本的Docker Engine和容器 2、在存储库列出可用版本,然后选择版本安装

    1、安装最新版本的Docker Engine和容器

    yum install docker-ce docker-ce-cli containerd.io -y 如果提示您接受GPG密钥,请验证指纹是否匹配 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35,如果是,则接受它。

    2、要安装特定版本的Docker Engine,请在存储库中列出可用版本,然后选择并安装

    列出并排序您存储库中可用的版本。此示例按版本号(从高到低)对结果进行排序。

    [root@zheng yum.repos.d]# yum list docker-ce --showduplicates | sort -r Loading mirror speeds from cached hostfile Loaded plugins: fastestmirror docker-ce.x86_64 3:19.03.9-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.8-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.7-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.6-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.5-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.4-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.3-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.2-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.1-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.12-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.11-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.10-3.el7 docker-ce-stable docker-ce.x86_64 3:19.03.0-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.9-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.8-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.7-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.6-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.5-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.4-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.3-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.2-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable docker-ce.x86_64 18.06.3.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.2.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable Available Packages

    该软件包名称是软件包名称(docker-ce)加上版本字符串(第二列),从第一个冒号(:)一直到第一个连字符,并用连字符(-)分隔。例如,docker-ce-18.09.1。 $ sudo yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io

    [root@zheng]# yum install docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io -y

    启动docker

    [root@zheng yum.repos.d]# systemctl start docker

    配置阿里云镜像加速

    https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

    进入阿里云的官网,可以复用淘宝的账号登录,然后找到容器镜像服务,每个人的加速器地址都不一样,配置完重启一下docker,如果不配置镜像加速的话,只能去国外的网站拉去镜像,会非常慢

    [root@zheng ~]# vi /etc/docker/daemon.json { "registry-mirrors": ["https://hi7fg5eg.mirror.aliyuncs.com"] } "/etc/docker/daemon.json" [New] 3L, 67C written [root@zheng ~]# systemctl daemon-reload [root@zheng ~]# systemctl restart docker

    运行hello-world

    配置完镜像加速以后,运行hello-world测试一下

    [root@zheng ~]# docker run hello-world Unable to find image 'hello-world:latest' locally **/ 这行是在本地无法找到hello-world镜像** latest: Pulling from library/hello-world **/ 去下载hello-world镜像并运行** 0e03bdcc26d7: Pull complete **/ 拉取完成** Digest: sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. **/ 这段表明已经安装成功** To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/ **/ 这个是一个测试用的小脚本,输出这个以后,hello-world停止运行,容器自动退出**

    查看版本

    查询docker的版本

    [root@zheng ~]# docker version Client: Docker Engine - Community Version: 19.03.9 API version: 1.40 Go version: go1.13.10 Git commit: 9d988398e7 Built: Fri May 15 00:25:27 2020 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 19.03.9 API version: 1.40 (minimum version 1.12) Go version: go1.13.10 Git commit: 9d988398e7 Built: Fri May 15 00:24:05 2020 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.2.13 GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc: Version: 1.0.0-rc10 GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd docker-init: Version: 0.18.0 GitCommit: fec3683

    显示本地镜像

    latest是最新版本的意思 docker images -q #只显示镜像id image ID

    [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE hello-world latest bf756fb1ae65 6 months ago 13.3kB [root@zheng ~]# docker images -q bf756fb1ae65

    删除本地镜像

    删除hello-world镜像 ,删除多个的话每个镜像ID中间加空格 删除全部本地镜像 docker rmi -f $(docker images -qa)

    [root@zheng ~]# docker rmi -f bf756fb1ae65 Untagged: hello-world:latest Untagged: hello-world@sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9 Deleted: sha256:bf756fb1ae65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b

    拉取镜像

    从docker hub拉取需要的镜像,这里拉取centos、Nginx、Tomcat镜像 先查询镜像 docker search

    **# OFFICIAL 显示ok 就是官方的镜像 AUTOMATED 显示ok就是私人的 stars 就是类似于点赞数** [root@zheng ~]# docker search tomcat # 查询tomcat所有镜像 NAME DESCRIPTION STARS OFFICIAL AUTOMATED tomcat Apache Tomcat is an open source implementati… 2770 [OK] tomee Apache TomEE is an all-Apache Java EE certif… 79 [OK] dordoka/tomcat Ubuntu 14.04, Oracle JDK 8 and Tomcat 8 base… 54 [OK] bitnami/tomcat Bitnami Tomcat Docker Image 35 [OK] kubeguide/tomcat-app Tomcat image for Chapter 1 28 consol/tomcat-7.0 Tomcat 7.0.57, 8080, "admin/admin" 17 [OK] cloudesire/tomcat Tomcat server, 6/7/8 15 [OK] aallam/tomcat-mysql Debian, Oracle JDK, Tomcat & MySQL 13 [OK] arm32v7/tomcat Apache Tomcat is an open source implementati… 10 rightctrl/tomcat CentOS , Oracle Java, tomcat application ssl… 6 [OK] maluuba/tomcat7-java8 Tomcat7 with java8. 5 unidata/tomcat-docker Security-hardened Tomcat Docker container. 4 [OK] amd64/tomcat Apache Tomcat is an open source implementati… 2 jelastic/tomcat An image of the Tomcat Java application serv… 2 arm64v8/tomcat Apache Tomcat is an open source implementati… 2 fabric8/tomcat-8 Fabric8 Tomcat 8 Image 2 [OK] camptocamp/tomcat-logback Docker image for tomcat with logback integra… 1 [OK] 99taxis/tomcat7 Tomcat7 1 [OK] ppc64le/tomcat Apache Tomcat is an open source implementati… 1 oobsri/tomcat8 Testing CI Jobs with different names. 1 i386/tomcat Apache Tomcat is an open source implementati… 1 picoded/tomcat7 tomcat7 with jre8 and MANAGER_USER / MANAGER… 0 [OK] s390x/tomcat Apache Tomcat is an open source implementati… 0 cfje/tomcat-resource Tomcat Concourse Resource 0 secoresearch/tomcat-varnish Tomcat and Varnish 5.0 0 [OK] **# 添加 -s 50 显示stars大于50的 筛选用** [root@zheng ~]# docker search -s 50 tomcat Flag --stars has been deprecated, use --filter=stars=3 instead NAME DESCRIPTION STARS OFFICIAL AUTOMATED tomcat Apache Tomcat is an open source implementati… 2770 [OK] tomee Apache TomEE is an all-Apache Java EE certif… 79 [OK] dordoka/tomcat Ubuntu 14.04, Oracle JDK 8 and Tomcat 8 base… 54 [OK]

    然后从docker hub仓库拉取镜像 进入https://hub.docker.com 可以查询想要的镜像 这里搜索Tomcat 可以看到有很多的版本 docker pull tomcat 可以直接拉取镜像,但是默认拉取的是最新版本的,也就是latest版本 如果要拉取想要的版本需要咋后面接着输入 :(版本号)

    [root@zheng ~]# docker pull tomcat:10.0 / 拉取一下10.0版本的tomcat 10.0: Pulling from library/tomcat e9afc4f90ab0: Pull complete 989e6b19a265: Pull complete af14b6c2f878: Pull complete 5573c4b30949: Pull complete fb1a405f128d: Pull complete 612a9f566fdc: Pull complete cf63ebed1142: Pull complete fbb20561cd50: Pull complete 2a0672e369eb: Pull complete 2a36b86a9d67: Pull complete Digest: sha256:164e16cb29833134ab657ac87733bb716dc6c2cc8c162cd2b247cd631a97769b Status: Downloaded newer image for tomcat:10.0 docker.io/library/tomcat:10.0 # TAG显示的就是版本号,Tomcat是10.0版本的,hello-world是latest,最新版本的 [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat 10.0 0d691b180bd5 3 weeks ago 647MB hello-world latest bf756fb1ae65 6 months ago 13.3kB

    tomcat 拉取完了,接下来拉取centos和Nginx的镜像

    下载第一个 [root@zheng ~]# docker search -s 50 nginx Flag --stars has been deprecated, use --filter=stars=3 instead NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13418 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1830 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 780 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 118 bitnami/nginx Bitnami nginx Docker Image 86 [OK] tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 81 [OK] alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 70 [OK] jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 68 nginxdemos/hello NGINX webserver that serves a simple page co… 55 [OK] # 拉取Nginx [root@zheng ~]# docker pull nginx Using default tag: latest latest: Pulling from library/nginx 8559a31e96f4: Pull complete 8d69e59170f7: Pull complete 3f9f1ec1d262: Pull complete d1f5ff4f210d: Pull complete 1e22bfa8652e: Pull complete Digest: sha256:21f32f6c08406306d822a0e6e8b7dc81f53f336570e852e25fbe1e3e3d0d0133 Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest # 查询centos7的镜像,选择130的那个,直接复制镜像名称就好了 [root@zheng ~]# docker search centos7 NAME DESCRIPTION STARS OFFICIAL AUTOMATED ansible/centos7-ansible Ansible on Centos7 130 [OK] paigeeworld/centos7 Centos7 with apache, iperf3, nmap, ssh 5 flyceek/centos7-jdk centos7-jdk 5 [OK] # 拉取centos7镜像 [root@zheng ~]# docker pull ansible/centos7-ansible Using default tag: latest latest: Pulling from ansible/centos7-ansible 45a2e645736c: Pull complete 1c3acf573616: Pull complete edcb61e55ccc: Pull complete cbae31bad30a: Pull complete aacbdb1e2a62: Pull complete fdeea4fb835c: Pull complete Digest: sha256:39eff7d56b96530d014083cd343f7314c23acbd1ecf37eb75a71a2f6584d0b02 Status: Downloaded newer image for ansible/centos7-ansible:latest docker.io/ansible/centos7-ansible:latest # 查询本地镜像 [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat 10.0 0d691b180bd5 3 weeks ago 647MB nginx latest 2622e6cca7eb 3 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB

    新建并启动容器

    用centos7的镜像启动一个容器实例 OPTIONS --选项 IMAGE --镜像ID COMMAND --命令 ARG --参数 -i 以交互的模式运行容器,通常与-t一起使用 -t 为容器重新分配一个伪输入终端,就是tty,通常与-i一起使用 –volume , -v: 绑定一个卷

    [root@zheng ~]# docker run -it --name centos7 688353a31fde [root@e49fe8572bd3 ansible]# 输入启动容器命令以后终端就变成了docker容器的终端

    添加容器卷

    Docker容器数据卷-Volume详解

    Docker中的数据可以存储在类似于虚拟机磁盘的介质中,在Docker中称为数据卷(Data Volume)。数据卷可以用来存储Docker应用的数据,也可以用来在Docker容器间进行数据共享。数据卷呈现给Docker容器的形式就是一个目录,支持多个容器间共享,修改也不会影响镜像。使用Docker的数据卷,类似在系统中使用 mount 挂载一个文件系统。操作Docker数据卷,需要理解以下几点: ============================================================================ 1)一个数据卷是一个特别指定的目录,该目录利用容器的UFS文件系统可以为容器提供一些稳定的特性或者数据共享。数据卷可以在多个容器之间共享。 ============================================================================ 2)创建数据卷,只要在docker run命令后面跟上-v参数即可创建一个数据卷,当然也可以跟多个-v参数来创建多个数据卷,当创建好带有数据卷的容器后,就可以在其他容器中通过–volumes-froms参数来挂载该数据卷了,而不管该容器是否运行。也可以在Dockerfile中通过VOLUME指令来增加一个或者多个数据卷。 ============================================================================ 3)如果有一些数据想在多个容器间共享,或者想在一些临时性的容器中使用该数据,那么最好的方案就是你创建一个数据卷容器,然后从该临时性的容器中挂载该数据卷容器的数据。这样,即使删除了刚开始的第一个数据卷容器或者中间层的数据卷容器,只要有其他容器使用数据卷,数据卷都不会被删除的。 ============================================================================ 4)不能使用docker export、save、cp等命令来备份数据卷的内容,因为数据卷是存在于镜像之外的。备份方法: 创建一个新容器,挂载数据卷容器,同时挂载一个本地目录,然后把远程数据卷容器的数据卷通过备份命令备份到映射的本地目录里面。如下: docker run --rm --volumes-from DATA -v $(pwd):/backup busybox tar cvf /backup/backup.tar /data ============================================================================ 5)可以把一个本地主机的目录当做数据卷挂载在容器上,同样是在docker run后面跟-v参数,不过-v后面跟的不再是单独的目录了,它是[host-dir]:[container-dir]:[rw|ro]这样格式的,其中host-dir是一个绝对路径的地址,如果host-dir不存在,则docker会创建一个新的数据卷,如果host-dir存在,但是指向的是一个不存在的目录,则docker也会创建该目录,然后使用该目录做数据源。

    Docker Volume数据卷可以实现: -> 绕过“拷贝写”系统,以达到本地磁盘IO的性能,(比如运行一个容器,在容器中对数据卷修改内容,会直接改变宿主机上的数据卷中的内容,所以是本地磁盘IO的性能,而不是先在容器中写一份,最后还要将容器中的修改的内容拷贝出来进行同步。) -> 绕过“拷贝写”系统,有些文件不需要在docker commit打包进镜像文件。 -> 数据卷可以在容器间共享和重用数据 -> 数据卷可以在宿主和容器间共享数据 -> 数据卷数据改变是直接修改的 -> 数据卷是持续性的,直到没有容器使用它们。即便是初始的数据卷容器或中间层的数据卷容器删除了,只要还有其他的容器使用数据卷,那么里面的数据都不会丢失。

    Docker数据持久化: 容器在运行期间产生的数据是不会写在镜像里面的,重新用此镜像启动新的容器就会初始化镜像,会加一个全新的读写入层来保存数据。如果想做到数据持久化,Docker提供数据卷(Data volume)或者数据容器卷来解决问题,另外还可以通过commit提交一个新的镜像来保存产生的数据。

    -v 后面接的宿主机目录和container容器目录可以直接用这个命令新建

    容器退出以后也可以共享 从宿主机忘目录存放数据 开启容器就可以看到数据是同步的了

    [root@zheng ~]# docker run -it -v /myDataVolume:/dataVolumeContainer centos7-cloud [root@b16cb4b53012 ~]# cd / [root@b16cb4b53012 /]# ll total 16 -rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin drwxr-xr-x. 2 root root 6 Jul 15 10:23 dataVolumeContainer ##容器内的数据卷 drwxr-xr-x. 5 root root 360 Jul 15 10:23 dev drwxr-xr-x. 1 root root 66 Jul 15 10:23 etc drwxr-xr-x. 2 root root 6 Nov 5 2016 home lrwxrwxrwx. 1 root root 7 Dec 14 2016 lib -> usr/lib lrwxrwxrwx. 1 root root 9 Dec 14 2016 lib64 -> usr/lib64 drwx------. 2 root root 6 Dec 14 2016 lost+found drwxr-xr-x. 2 root root 6 Nov 5 2016 media drwxr-xr-x. 2 root root 6 Nov 5 2016 mnt drwxr-xr-x. 1 root root 21 Dec 19 2016 opt dr-xr-xr-x. 153 root root 0 Jul 15 10:23 proc dr-xr-x---. 1 root root 27 Jul 14 07:14 root drwxr-xr-x. 1 root root 34 Jul 14 07:49 run lrwxrwxrwx. 1 root root 8 Dec 14 2016 sbin -> usr/sbin drwxr-xr-x. 2 root root 6 Nov 5 2016 srv dr-xr-xr-x. 13 root root 0 Jul 1 12:15 sys drwxrwxrwt. 7 root root 132 Dec 14 2016 tmp drwxr-xr-x. 1 root root 81 Dec 14 2016 usr drwxr-xr-x. 1 root root 54 Dec 14 2016 var [root@zheng ~]# cd / [root@zheng /]# ll total 24 lrwxrwxrwx. 1 root root 7 Jun 29 12:48 bin -> usr/bin dr-xr-xr-x. 4 root root 4096 Jun 29 12:55 boot drwxr-xr-x. 20 root root 3220 Jul 1 08:15 dev drwxr-xr-x. 81 root root 8192 Jul 15 06:14 etc drwxr-xr-x. 2 root root 6 Nov 5 2016 home lrwxrwxrwx. 1 root root 7 Jun 29 12:48 lib -> usr/lib lrwxrwxrwx. 1 root root 9 Jun 29 12:48 lib64 -> usr/lib64 drwxr-xr-x. 2 root root 6 Nov 5 2016 media drwxr-xr-x. 3 root root 19 Jun 29 12:58 mnt drwxr-xr-x. 2 root root 6 Jul 15 06:23 myDataVolume ##宿主机的数据卷 drwxr-xr-x. 4 root root 46 Jul 10 10:02 opt dr-xr-xr-x. 154 root root 0 Jul 1 08:15 proc dr-xr-x---. 4 root root 4096 Jul 14 07:55 root drwxr-xr-x. 25 root root 760 Jul 13 02:07 run lrwxrwxrwx. 1 root root 8 Jun 29 12:48 sbin -> usr/sbin drwxr-xr-x. 2 root root 6 Nov 5 2016 srv dr-xr-xr-x. 13 root root 0 Jul 1 08:15 sys drwxrwxrwt. 8 root root 4096 Jul 15 06:23 tmp drwxr-xr-x. 13 root root 155 Jun 29 12:48 usr drwxr-xr-x. 20 root root 278 Jul 10 10:01 var

    查询一下

    [root@zheng /]# docker inspect b16cb4b53012

    前面是宿主机目录 后面是容器目录 rw(读写权限是true) 测试一下

    现在宿主机创建一个txt文件 去容器查看一下看看是否可以修改 也可以添加权限让他只读 设置完只读以后只可以在宿主机上读写,容器内只能查看不能修改 [root@zheng myDataVolume]# docker run -it -v /myDataVolume:/dataVolumeContainer:ro centos7-cloud

    [root@zheng /]# cd myDataVolume/ [root@zheng myDataVolume]# echo "zzzzzzzzzzzzzzz" >1.txt [root@b16cb4b53012 /]# cd dataVolumeContainer/ [root@b16cb4b53012 dataVolumeContainer]# ll total 4 -rw-r--r--. 1 root root 16 Jul 15 10:58 1.txt [root@b16cb4b53012 dataVolumeContainer]# cat 1.txt zzzzzzzzzzzzzzz [root@b16cb4b53012 dataVolumeContainer]# vi 1.txt [root@b16cb4b53012 dataVolumeContainer]# cat 1.txt dsad zzzzzzzzzzzzzzz

    查看镜像和容器

    查看docker的本地镜像

    [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat 10.0 0d691b180bd5 3 weeks ago 647MB nginx latest 2622e6cca7eb 3 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB > Options: -a, --all Show all images (default hides intermediate images) --digests Show digests -f, --filter filter Filter output based on conditions provided --format string Pretty-print images using a Go template --no-trunc Don't truncate output -q, --quiet Only show numeric IDs

    查看容器

    [root@zheng ~]# docker ps -a # 显示所有的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" About an hour ago Up 11 minutes centos7-2 60ec67bc76c9 688353a31fde "/bin/bash" 5 hours ago Exited (137) 34 minutes ago centos-1 91504e77188f 688353a31fde "/bin/bash" 8 hours ago Up 9 minutes centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 9 minutes ago pedantic_tereshkova [root@zheng ~]# docker ps -l # 显示最近创建的容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 30a8a5c2c058 688353a31fde "/bin/bash" 24 seconds ago Up 23 seconds centos7-test [root@zheng ~]# docker ps -n 2 # 显示最近创建的n个容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 30a8a5c2c058 688353a31fde "/bin/bash" 38 seconds ago Up 37 seconds centos7-test e8300e9d697c 688353a31fde "/bin/bash" About a minute ago Exited (0) 51 seconds ago centos7 [root@zheng ~]# docker ps -qn 2 # 显示最近创建n个容器的容器ID 30a8a5c2c058 e8300e9d697c > Options: -a, --all Show all containers (default shows just running) -f, --filter filter Filter output based on conditions provided --format string Pretty-print containers using a Go template -n, --last int Show n last created containers (includes all states) (default -1) -l, --latest Show the latest created container (includes all states) --no-trunc Don't truncate output -q, --quiet Only display numeric IDs -s, --size Display total file sizes

    退出容器

    [root@e49fe8572bd3 ansible]# [root@zheng ~]# ctrl +p+q 容器不停止退出 [root@e49fe8572bd3 ansible]# exit exit 容器停止再退出

    回到正在运行的容器

    不创建新的进程 回到关闭伪终端却没有关闭的容器 docker attch 容器id

    [root@zheng ~]# docker attach e49fe8572bd3

    创建新的进程 进入到容器内部并将 命令/脚本 执行的结果返回到宿主机 docker exec -it 容器ID bashShell(命令)

    [root@zheng ~]# docker exec -it 60ec67bc76c9 ls -al / total 16 drwxr-xr-x. 1 root root 6 Jul 6 07:23 . drwxr-xr-x. 1 root root 6 Jul 6 07:23 .. -rwxr-xr-x. 1 root root 0 Jul 6 07:23 .dockerenv -rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin . . . .

    也可以用exec这个命令进去输入

    [root@zheng ~]# docker exec -it 2fcb2b9cb610 /bin/bash [root@2fcb2b9cb610 ansible]# ls -l / total 16 -rw-r--r--. 1 root root 15712 Dec 14 2016 anaconda-post.log lrwxrwxrwx. 1 root root 7 Dec 14 2016 bin -> usr/bin drwxr-xr-x. 5 root root 340 Jul 7 07:09 dev drwxr-xr-x. 1 root root 66 Jul 7 03:05 etc drwxr-xr-x. 2 root root 6 Nov 5 2016 home lrwxrwxrwx. 1 root root 7 Dec 14 2016 lib -> usr/lib lrwxrwxrwx. 1 root root 9 Dec 14 2016 lib64 -> usr/lib64 drwx------. 2 root root 6 Dec 14 2016 lost+found drwxr-xr-x. 2 root root 6 Nov 5 2016 media drwxr-xr-x. 2 root root 6 Nov 5 2016 mnt drwxr-xr-x. 1 root root 21 Dec 19 2016 opt dr-xr-xr-x. 119 root root 0 Jul 7 07:09 proc dr-xr-x---. 1 root root 18 Dec 19 2016 root drwxr-xr-x. 10 root root 130 Dec 14 2016 run lrwxrwxrwx. 1 root root 8 Dec 14 2016 sbin -> usr/sbin drwxr-xr-x. 2 root root 6 Nov 5 2016 srv dr-xr-xr-x. 13 root root 0 Jul 1 12:15 sys drwxrwxrwt. 7 root root 132 Dec 14 2016 tmp drwxr-xr-x. 1 root root 69 Dec 14 2016 usr drwxr-xr-x. 1 root root 41 Dec 14 2016 var

    关闭容器

    把正在运行的容器直接关闭或者杀死

    stop等于正常关机,速度较慢

    [root@zheng ~]# docker stop 91504e77188f 91504e77188f [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 37 minutes ago Exited (0) 16 minutes ago centos7-2 60ec67bc76c9 688353a31fde "/bin/bash" 4 hours ago Up 3 hours centos-1 91504e77188f 688353a31fde "/bin/bash" 7 hours ago /显示退出 Exited (137) 10 seconds ago centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 days ago pedantic_tereshkova

    杀死速度很快,等于强制拔电源关机

    [root@zheng ~]# docker kill 60ec67bc76c9 60ec67bc76c9 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 40 minutes ago Exited (0) 19 minutes ago centos7-2 60ec67bc76c9 688353a31fde "/bin/bash" 4 hours ago Exited (137) About a minute ago centos-1 91504e77188f 688353a31fde "/bin/bash" 7 hours ago Exited (137) 3 minutes ago centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 days ago pedantic_tereshkova

    启动容器

    启动和重启容器,适合以关闭的容器或者需要重启的容器

    [root@zheng ~]# docker start e49fe8572bd3 e49fe8572bd3 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 44 minutes ago Up 3 seconds centos7-2 [root@zheng ~]# docker restart e49fe8572bd3 e49fe8572bd3 [root@zheng ~]# docker restart 91504e77188f 91504e77188f [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" About an hour ago Up About a minute centos7-2 91504e77188f 688353a31fde "/bin/bash" 7 hours ago Up 1 second centos7

    删除容器

    先查询一下都有哪些容器,然后删除一个已经关闭的容器

    [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2 60ec67bc76c9 688353a31fde "/bin/bash" 6 hours ago Exited (137) 2 hours ago centos-1 91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova [root@zheng ~]# docker rm 60ec67bc76c9 # 这里删除的是一个已经exited(关闭)的容器了 60ec67bc76c9 [root@zheng ~]# docker ps -a # 查询到已经没有容器id为60ec67bc76c9的了,成功删除 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2 91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova

    删除多个容器 这里删除掉两个正在运行的容器 可以看到出错,因为是运行的,需要加-f参数强制删除

    [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e49fe8572bd3 688353a31fde "/bin/bash" 3 hours ago Up 2 hours centos7-2 91504e77188f 688353a31fde "/bin/bash" 9 hours ago Up 2 hours centos7 c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova [root@zheng ~]# docker rm 91504e77188f e49fe8572bd3 Error response from daemon: You cannot remove a running container 91504e77188fb62e52f8dd163fc918990bdb457efd3e0f0d673dc6dff1dcf755. Stop the container before attempting removal or force remove Error response from daemon: You cannot remove a running container e49fe8572bd387538d2fa0677021b5614d5016a3881ef326d41ee4c7a405a3da. Stop the container before attempting removal or force remove [root@zheng ~]# docker rm -f 91504e77188f e49fe8572bd3 91504e77188f e49fe8572bd3 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c1be53cd79b1 hello-world "/hello" 2 days ago Exited (0) 2 hours ago pedantic_tereshkova

    删除所有容器

    两个方法 docker rm -f $(docker ps -a -q) docker ps -a -q |xargs docker rm -f

    [root@zheng ~]# docker rm -f $(docker ps -a -q) 30a8a5c2c058 e8300e9d697c c1be53cd79b1 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ebb03ad6c800 0d691b180bd5 "catalina.sh run" 4 minutes ago Up 2 seconds 8080/tcp tomcat 740e4110b5b5 688353a31fde "/bin/bash" 4 minutes ago Up 4 minutes centos7 [root@zheng ~]# docker ps -a -q |xargs docker rm Error response from daemon: You cannot remove a running container ebb03ad6c80020b467724e4c45eeaa733c735aa16ec564595008e6b36a29bfa6. Stop the container before attempting removal or force remove Error response from daemon: You cannot remove a running container 740e4110b5b5c34712f7efd8b3cc085b3bca64adf28b8a0e92bb445a83fca746. Stop the container before attempting removal or force remove [root@zheng ~]# docker ps -a -q |xargs docker rm -f ebb03ad6c800 740e4110b5b5

    查看容器日志

    以后台模式运行一个centos7的容器 查看 容器状态 ps -a 启动容器以后发现容器已经退出,没有在运行 重要:docker容器后台运行,必须要有一个前台进程 容器运行的命令如果不是那些一直挂起的命令 (比如top,tail)就会自动退出 这是docker机制的问题,比如web容器,以Nginx为例,正常情况下,我们配置启动服务只需要启动systemctl start nginx 但是这样nginx是后台进程模式运行,导致docker前台没有运行的应用,这样的容器启动后,会立即自杀因为他觉得没有事情可以做 解决方案是将要运行的程序以前台进程的形式运行

    [root@zheng ~]# docker run -d 688353a31fde e2339b419fd9d15f04c242ea9a9ed4ac6a6788f846d4039038d5edd8f4f628f8 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e2339b419fd9 688353a31fde "/bin/bash" 4 seconds ago Exited (0) 3 seconds ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 18 minutes ago Exited (137) 50 seconds ago brave_robinson

    -d 以后台的形式运行 /bin/sh -c 和sudo差不多,但是sudo只给后面第一个命令的root权限,所以会出错,它可以让 bash 将一个字串作为完整的命令来执行,这样就可以将 sudo 的影响范围扩展到整条命令 “while true;do echo hello zheng;sleep 2;done” shell脚本编程 每两秒钟打印一句话,一直持续打印 while true; 死循环 让输出一直打印到控制台上面,让前台一直有一个响应,这样后台运行的时候docker就不会自动关闭了 运行容器以后查看一下进程看到容器已经 UP(启动了)

    [root@zheng ~]# docker run -d 688353a31fde /bin/sh -c "while true;do echo hello zheng;sleep 2;done" ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 46 seconds ago Up 46 seconds wizardly_swanson e2339b419fd9 688353a31fde "/bin/bash" 2 hours ago Exited (0) 2 hours ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 2 hours ago Exited (137) 2 hours ago brave_robinson

    查看docker容器的日志

    刚才在后台启动完centos7以后,在宿主机查看 -t 带时间戳 -f 不间断输出

    [root@zheng ~]# docker logs -t -f ddef8923d614 2020-07-07T05:16:15.465635597Z hello zheng 2020-07-07T05:16:17.467532595Z hello zheng 2020-07-07T05:16:19.468746000Z hello zheng 2020-07-07T05:16:21.470288646Z hello zheng 2020-07-07T05:16:23.471481544Z hello zheng 2020-07-07T05:16:25.473195926Z hello zheng 2020-07-07T05:16:27.474099869Z hello zheng 2020-07-07T05:16:29.475547154Z hello zheng 2020-07-07T05:16:31.476821709Z hello zheng 12020-07-07T05:16:33.478236038Z hello zheng 2020-07-07T05:16:35.479875418Z hello zheng 2020-07-07T05:16:37.481587229Z hello zheng ^C

    打印后几行日志

    [root@zheng ~]# docker logs -t --tail 5 ddef8923d614 2020-07-07T06:32:10.263470406Z hello zheng 2020-07-07T06:32:12.264883309Z hello zheng 2020-07-07T06:32:14.266447915Z hello zheng 2020-07-07T06:32:16.267286639Z hello zheng 2020-07-07T06:32:18.268794668Z hello zheng

    查看容器里面的进程

    docker top命令+容器ID

    [root@zheng ~]# docker top ddef8923d614 UID PID PPID C STIME TTY TIME CMD root 15884 15868 0 00:54 ? 00:00:00 /bin/sh -c while true;do echo hello zheng;sleep 2;done root 19451 15884 0 02:49 ? 00:00:00 sleep 2

    查看容器内部的细节

    可以看到输出了一大堆东西,id创建时间,路径,执行的东西都有

    [root@zheng ~]# docker inspect ddef8923d614 [ { "Id": "ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb", "Created": "2020-07-07T04:54:44.286353951Z", "Path": "/bin/sh", "Args": [ "-c", "while true;do echo hello zheng;sleep 2;done" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 15884, "ExitCode": 0, "Error": "", "StartedAt": "2020-07-07T04:54:44.65814733Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:688353a31fdee02a966d1f83e9210f77b5a63baaaacbedb81ca35f6231cfeb6c", "ResolvConfPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/resolv.conf", "HostnamePath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/hostname", "HostsPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/hosts", "LogPath": "/var/lib/docker/containers/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb/ddef8923d6148182efc3ff0bf450e3a033a95eda5e4d855a0d27ac05488136fb-json.log", "Name": "/wizardly_swanson", "RestartCount": 0, "Driver": "overlay2", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "", "ExecIDs": null, "HostConfig": { "Binds": null, "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "default", "PortBindings": {}, "RestartPolicy": { "Name": "no", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "Capabilities": null, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "private", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": [], "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DeviceRequests": null, "KernelMemory": 0, "KernelMemoryTCP": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": null, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": [ "/proc/asound", "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware" ], "ReadonlyPaths": [ "/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger" ] }, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8-init/diff:/var/lib/docker/overlay2/96c7598ef412a28e92e33cf0f448f4ad67f25d9890ce685ad84d5aa5c3ccd324/diff:/var/lib/docker/overlay2/a1af987dd36be1c0deda5ccc95a26f4f26fd338081c53b43fd6512609c216361/diff:/var/lib/docker/overlay2/38f9a6e6b61b1638aa1b6568d5775241a33bcf0138522eccfb8907f0c35d73c6/diff:/var/lib/docker/overlay2/8c58881b11ab25c2315c03ebb46f2e37af2facd7111ad84f6b7ee4d12cee14aa/diff:/var/lib/docker/overlay2/dd6adb17ffe6eaf631548b0439a247bf5fda9302014796a729500237f4fc1886/diff:/var/lib/docker/overlay2/ef314a5ec0c0ec265d4c082a62ed3844a04fd92250b001768022ab7a5d95f9f9/diff", "MergedDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/merged", "UpperDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/diff", "WorkDir": "/var/lib/docker/overlay2/b92ee9f126056474144aeba87ad29353e316c3ff126d16d9fa45df0e02d7ebd8/work" }, "Name": "overlay2" }, "Mounts": [], "Config": { "Hostname": "ddef8923d614", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/opt/ansible/ansible/bin:/bin:/usr/bin:/sbin:/usr/sbin", "PYTHONPATH=/opt/ansible/ansible/lib", "ANSIBLE_LIBRARY=/opt/ansible/ansible/library" ], "Cmd": [ "/bin/sh", "-c", "while true;do echo hello zheng;sleep 2;done" ], "Image": "688353a31fde", "Volumes": null, "WorkingDir": "/opt/ansible/ansible", "Entrypoint": null, "OnBuild": null, "Labels": { "build-date": "20161214", "license": "GPLv2", "name": "CentOS Base Image", "vendor": "CentOS" } }, "NetworkSettings": { "Bridge": "", "SandboxID": "3acd4dba5290d1e1c633ce5d98fd1ea3cadb530816207c63b7a3191e4856a4e6", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": {}, "SandboxKey": "/var/run/docker/netns/3acd4dba5290", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "de2aea99578a59480950b6209243ff6f82cb28bd76d63ecee9005d52ec86c61f", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "02:42:ac:11:00:02", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "36e5166b57f3053ab12d83bb4b9da99f7b42d53c5c6dc140d4bf5e382d3c4180", "EndpointID": "de2aea99578a59480950b6209243ff6f82cb28bd76d63ecee9005d52ec86c61f", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:02", "DriverOpts": null } } } } ]

    从容器cp文件到主机上

    docker cp 容器id:容器内路径 目的主机路径

    [root@zheng ~]# docker exec -it 2fcb2b9cb610 /bin/bash [root@2fcb2b9cb610 ansible]# cd /tmp/ [root@2fcb2b9cb610 tmp]# ll total 4 -rwx------. 1 root root 827 Dec 14 2016 ks-script-LRoSA2 -rw-------. 1 root root 0 Dec 14 2016 yum.log [root@2fcb2b9cb610 tmp]# cd / [root@2fcb2b9cb610 /]# cd /tmp/ [root@2fcb2b9cb610 tmp]# ll total 4 -rwx------. 1 root root 827 Dec 14 2016 ks-script-LRoSA2 -rw-------. 1 root root 0 Dec 14 2016 yum.log [root@2fcb2b9cb610 tmp]# cat yum.log [root@2fcb2b9cb610 tmp]# read escape sequence [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 4 hours ago Up 21 minutes brave_robinson [root@zheng ~]# docker cp 2fcb2b9cb610:/tmp/yum.log /root/zheng [root@zheng ~]# ll total 32 -rw-r--r--. 1 root root 0 Jul 3 09:46 --add-repo -rw-------. 1 root root 1264 Jun 29 12:51 anaconda-ks.cfg -rw-r--r--. 1 root root 25548 Apr 7 2017 mysql57-community-release-el7-10.noarch.rpm -rw-------. 1 root root 0 Dec 14 2016 zheng

    小总结

    常用命令

    1、Docker更新发布Nginx配置&发布代码

    1)基于Docker虚拟化平台,从0开始创建了一台Nginx WEB容器(轻量级的虚拟机),启动Nginx容器服务,通过浏览器访问Nginx容器中发布的默认网站代码

    和之前的步骤一样  Run,全新创建并且启动一台新容器;  -i,interactive打开交互模式;  -t,tty打开登录终端;  -d,detach后台运行;  -p,publish发布端口,将宿主机80映射至容器的80(DNAT+IPtables);  --name,指定或者自定义容器的名称;  --privileged,开启超级特权模式,支持更多的指令操作。

    [root@zheng ~]# docker run -itd --name nginx --privileged -p 80:80 nginx:latest [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fb354eae612b nginx "/docker-entrypoint.…" 26 hours ago Up 26 hours 0.0.0.0:80->80/tcp nginx b45e02789fe3 tomcat "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8888->8080/tcp tomcat ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago wizardly_swanson e2339b419fd9 688353a31fde "/bin/bash" 3 days ago Exited (0) 2 days ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago brave_robinson

    查看端口映射 -t 要操作的表,默认值:fileter -L 列出链中或所有链中的规则 -n 地址和端口的数字输出 –line-numbers 列出时打印行号

    [root@zheng ~]# iptables -t nat -L -n --line-numbers Chain PREROUTING (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 2 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:80 3 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080 Chain DOCKER (2 references) num target prot opt source destination 1 RETURN all -- 0.0.0.0/0 0.0.0.0/0 2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.3:80 3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080

    启动多台容器

    这里是引用

    [root@zheng ~]# for i in $(seq 1 3);do docker run -itd --name=nginx$i --privileged -p 80$i:80 nginx:latest ;done e6c84d9d8cc28dda009be9fdfefbf9fe7adfd8b4cc33dcab4ca7d5a28650dca1 094cfa5b32818434bc8363293bb4187893028ff82cad0b4d619735abbf509840 0442290e7a375fbffd5f65699fcac98ed963582365b5abc1a37280e6ba48c15a [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0442290e7a37 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:803->80/tcp nginx3 094cfa5b3281 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:802->80/tcp nginx2 e6c84d9d8cc2 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:801->80/tcp nginx1 ce569a33b4d6 tomcat:latest "catalina.sh run" 22 minutes ago Up 22 minutes 0.0.0.0:8888->8080/tcp tomcat fb354eae612b nginx "/docker-entrypoint.…" 27 hours ago Up 27 hours 0.0.0.0:80->80/tcp nginx ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago wizardly_swanson e2339b419fd9 688353a31fde "/bin/bash" 3 days ago Exited (0) 2 days ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 3 days ago Exited (137) 2 days ago brave_robinson

    在查询一下端口

    [root@zheng ~]# iptables -t nat -L -n --line-numbers Chain PREROUTING (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 2 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:80 3 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:8080 4 MASQUERADE tcp -- 172.17.0.4 172.17.0.4 tcp dpt:80 5 MASQUERADE tcp -- 172.17.0.5 172.17.0.5 tcp dpt:80 6 MASQUERADE tcp -- 172.17.0.6 172.17.0.6 tcp dpt:80 7 MASQUERADE tcp -- 172.17.0.7 172.17.0.7 tcp dpt:80 Chain DOCKER (2 references) num target prot opt source destination 1 RETURN all -- 0.0.0.0/0 0.0.0.0/0 2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:172.17.0.3:80 3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8888 to:172.17.0.2:8080 4 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:801 to:172.17.0.4:80 5 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:802 to:172.17.0.5:80 6 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:803 to:172.17.0.6:80 7 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:800 to:172.17.0.7:80

    查询容器ip

    简易查询 查询容器id tail -1 显示一行,不加这个会把所有ipaddress都显示 -a 不忽略2进制 -i 忽略大小写 docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1

    [root@zheng ~]# docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1 "IPAddress": "172.17.0.7",

    只显示容器ip docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”

    [root@zheng ~]# docker inspect 9fcbb7d99434 |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" 172.17.0.7

    批量查询容器id -a 不忽略2进制 -i 忽略大小写 -o 只显示匹配PATTERN 部分 -E 将样式为延伸的正则表达式来使用

    for i in $(docker ps -aq);do docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done

    [root@zheng ~]# for i in $(docker ps -aq);do docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done 172.17.0.7 172.17.0.6 172.17.0.5 172.17.0.4 172.17.0.2 172.17.0.3

    容器id和容器一起显示 在do后面加上 echo $i ; for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”; done 没显示ip的是没有启动的

    [root@zheng ~]# for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}"; done 9fcbb7d99434 172.17.0.7 0442290e7a37 172.17.0.6 094cfa5b3281 172.17.0.5 e6c84d9d8cc2 172.17.0.4 ce569a33b4d6 172.17.0.2 fb354eae612b 172.17.0.3 ddef8923d614 e2339b419fd9 2fcb2b9cb610

    刚才那样看不方便,让容器id和ip显示在一行 最后加上 |sed ‘N;s/\n/ /g’ for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}”; done|sed ‘N;s/\n/ /g’

    [root@zheng ~]# for i in $(docker ps -aq) ;do echo $i ;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}"; done|sed 'N;s/\n/ /g' 9fcbb7d99434 172.17.0.7 0442290e7a37 172.17.0.6 094cfa5b3281 172.17.0.5 e6c84d9d8cc2 172.17.0.4 ce569a33b4d6 172.17.0.2 fb354eae612b 172.17.0.3 ddef8923d614 e2339b419fd9 2fcb2b9cb610

    在后面添加想要输出的信息 让他输出root账户 密码 配置 和 名字,自己填写 |awk ‘{print $0 “root 123 2cpu 4G 40G zheng”}’ for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done |sed ‘N;s/\n/ /g’|awk ‘{print $0 “root 123 2cpu 4G 40G zheng”}’

    [root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 "root 123 2cpu 4G 40G zheng"}' 9fcbb7d99434 172.17.0.7root 123 2cpu 4G 40G zheng 0442290e7a37 172.17.0.6root 123 2cpu 4G 40G zheng 094cfa5b3281 172.17.0.5root 123 2cpu 4G 40G zheng e6c84d9d8cc2 172.17.0.4root 123 2cpu 4G 40G zheng ce569a33b4d6 172.17.0.2root 123 2cpu 4G 40G zheng fb354eae612b 172.17.0.3root 123 2cpu 4G 40G zheng ddef8923d614 e2339b419fd9root 123 2cpu 4G 40G zheng 2fcb2b9cb610root 123 2cpu 4G 40G zheng

    这次我们用输出的数据做成表格 |sed ‘s/ /,/g’ >> 123.csv 把空格变成逗号 然后输出到123.csv文件中 print $0 后面的空格都要控制成一个,然后root前面也加一个空格,要不然会跟之前的连在一起 for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE “([0-9]{1,3}.){3}[0-9]{1,3}” ;done |sed ‘N;s/\n/ /g’|awk ‘{print $0 " root 123 2cpu 4G 40G zheng"}’ |sed ‘s/ /,/g’ >> 123.csv

    先在屏幕上输出一遍,在写入文件,没什么错误,除了最底下没有开启的容器 [root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 " root 123 2cpu 4G 40G zheng"}' |sed 's/ /,/g' 9fcbb7d99434,172.17.0.7,root,123,2cpu,4G,40G,zheng 0442290e7a37,172.17.0.6,root,123,2cpu,4G,40G,zheng 094cfa5b3281,172.17.0.5,root,123,2cpu,4G,40G,zheng e6c84d9d8cc2,172.17.0.4,root,123,2cpu,4G,40G,zheng ce569a33b4d6,172.17.0.2,root,123,2cpu,4G,40G,zheng fb354eae612b,172.17.0.3,root,123,2cpu,4G,40G,zheng ddef8923d614,e2339b419fd9,root,123,2cpu,4G,40G,zheng 2fcb2b9cb610,root,123,2cpu,4G,40G,zheng #输出正确写入123.csv文件中 [root@zheng ~]# for i in $(docker ps -aq);do echo $i;docker inspect $i |grep -ai ipaddr |tail -1 |grep -aioE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done |sed 'N;s/\n/ /g'|awk '{print $0 " root 123 2cpu 4G 40G zheng"}' |sed 's/ /,/g' >> 123.csv # 编辑文件,在最上方写上表头,每个对应的 [root@zheng ~]# vi 123.csv 容器ID,容器IP,用户名,密码,cpu,内存,硬盘,所属 9fcbb7d99434,172.17.0.7,root,123,2cpu,4G,40G,zheng 0442290e7a37,172.17.0.6,root,123,2cpu,4G,40G,zheng 094cfa5b3281,172.17.0.5,root,123,2cpu,4G,40G,zheng e6c84d9d8cc2,172.17.0.4,root,123,2cpu,4G,40G,zheng ce569a33b4d6,172.17.0.2,root,123,2cpu,4G,40G,zheng fb354eae612b,172.17.0.3,root,123,2cpu,4G,40G,zheng ddef8923d614,e2339b419fd9,root,123,2cpu,4G,40G,zheng 2fcb2b9cb610,root,123,2cpu,4G,40G,zheng #然后把文件cp到ftp目录下 [root@zheng ~]# cp 123.csv /opt/zheng-computer/

    然后再本地浏览器登录一下ftp就能下载了 下载完用wps打开

    把所有容器全都删除掉 for i in $(命令);do (命令) ;done ;do开头,;done结束

    [root@zheng ~]# for i in $(docker ps -aq);do docker rm -f $i ;done 9fcbb7d99434 0442290e7a37 094cfa5b3281 e6c84d9d8cc2 ce569a33b4d6 fb354eae612b ddef8923d614 e2339b419fd9 2fcb2b9cb610 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

    sanjianke修改nginx目录和显示内容

    先创建一个nginx容器

    [root@zheng ~]# docker run -itd --name Nginx --privileged -p 801:80 nginx:latest ea13343b3169b2339090e547b48acf1c05f691ac28718d23b36fd45f09f0a5fb

    将nginx容器发布目录修改成 /data/webapps/www/ 查询容器ID 连接容器 搜索nginx主配置文件 find / -name nginx.conf

    [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 0.0.0.0:801->80/tcp Nginx # $(docker ps -aq) 因为只有一台容器,就用的这个 [root@zheng ~]# docker exec -it $(docker ps -aq) /bin/bash root@ea13343b3169:/# find / -name nginx.conf # 查询nginx主配置文件 /etc/nginx/nginx.conf root@ea13343b3169:/# cd /etc/nginx/ root@ea13343b3169:/etc/nginx# vi nginx.conf #容器版没有vi这个命令 bash: vi: command not found root@ea13343b3169:/etc/nginx# more -15 nginx.conf #显示15行一页 user nginx; #用户 worker_processes 1; #工作进程 error_log /var/log/nginx/error.log warn; #日志 pid /var/run/nginx.pid; #pid号 events { #全局 worker_connections 1024; #每个工作连接数 } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; #include引用,这个目录下面还有很多的配置文件 include /etc/nginx/conf.d/*.conf; }

    上面的配置文件没有看到server和server_name,没有这个是没法办发布的 所以这个配置文件没有用 切换到/etc/nginx/conf.d/目录下查询配置文件

    root@ea13343b3169:/etc/nginx# cd /etc/nginx/conf.d/ root@ea13343b3169:/etc/nginx/conf.d# ll bash: ll: command not found root@ea13343b3169:/etc/nginx/conf.d# ls default.conf root@ea13343b3169:/etc/nginx/conf.d# more -15 default.conf server { #从这可以看到有server也有server_name listen 80; listen [::]:80; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { #lication / 是网站的根目录,是浏览器访问的url地址的起始位置 root /usr/share/nginx/html; #这里的root指令就是发布目录 index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }

    三剑客命令过滤配置文件的#和空行

    awk命令

    可以看到这个配置文件有很多的#行和空行,接下来可以给他去掉,不想去掉的话可以直接跳过

    先用awk匹配#号行,只看带#号的

    root@ea13343b3169:/etc/nginx/conf.d# awk '/#/' default.conf #charset koi8-r; #access_log /var/log/nginx/host.access.log main; #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #}

    加一个!反义 只显示不带#号的

    root@ea13343b3169:/etc/nginx/conf.d# awk '!/#/' default.conf server { listen 80; listen [::]:80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }

    后面加awk三剑客命令 显示空行是 ^开头 $结尾 加个!转义词转义就是不显示空

    root@ea13343b3169:/etc/nginx/conf.d# awk '!/#/' default.conf|awk '!/^$/' server { listen 80; listen [::]:80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }

    sed命令

    '/#/d’是删除#行 a :新增, a 的后面可以接字串,而这些字串会在新的一行出现(目前的下一行)~ c :取代, c 的后面可以接字串,这些字串可以取代 n1,n2 之间的行! d :删除,因为是删除啊,所以 d 后面通常不接任何咚咚; i :插入, i 的后面可以接字串,而这些字串会在新的一行出现(目前的上一行); p :打印,亦即将某个选择的数据印出。通常 p 会与参数 sed -n 一起运行~ s :取代,可以直接进行取代的工作哩!通常这个 s 的动作可以搭配正规表示法!例如 1,20s/old/new/g 就是啦!

    root@ea13343b3169:/etc/nginx/conf.d# sed '/#/d' default.conf |sed '/^$/d' server { listen 80; listen [::]:80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }

    grep命令

    -a 或 --text : 不要忽略二进制的数据。 -i 或 --ignore-case : 忽略字符大小写的差别。 -v 或 --revert-match : 显示不包含匹配文本的所有行。 -E 或 --extended-regexp : 将样式为延伸的正则表达式来使用。 “#|^$” #号和空行

    root@ea13343b3169:/etc/nginx/conf.d# grep -aivE "#|^$" default.conf server { listen 80; listen [::]:80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } }

    通过以上操作获取到默认发布目录 root /usr/share/nginx/html; 用sed -i 替换目录 i :插入, i 的后面可以接字串,而这些字串会在新的一行出现(目前的上一行);

    root@ea13343b3169:/etc/nginx/conf.d# sed -i 's#/usr/share/nginx/html#/data/webapps/www/#g' default.conf

    然后重启nginx服务使其生效 然后先测试一下 在平滑重启

    root@ea13343b3169:/etc/nginx/conf.d# /usr/sbin/nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

    这个时候克隆一个新的会话窗口 去下载一个index百度首页

    [root@zheng tmp]# wget http://www.baidu.com --2020-07-11 00:10:15-- http://www.baidu.com/ Resolving www.baidu.com (www.baidu.com)... failed: Name or service not known. wget: unable to resolve host address ‘www.baidu.com’ [root@zheng tmp]# route add default gw 192.168.100.2 [root@zheng tmp]# wget http://www.baidu.com --2020-07-11 00:10:27-- http://www.baidu.com/ Resolving www.baidu.com (www.baidu.com)... 61.135.169.121, 61.135.169.125, 2408:80f0:410c:1d:0:ff:b07a:39af, ... Connecting to www.baidu.com (www.baidu.com)|61.135.169.121|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 2381 (2.3K) [text/html] Saving to: ‘index.html’ 100%[===================================================>] 2,381 --.-K/s in 0s 2020-07-11 00:10:27 (568 MB/s) - ‘index.html’ saved [2381/2381] [root@zheng tmp]# ll total 12 -rw-r--r--. 1 root root 2381 Jul 11 00:10 index.html

    然后用docker exec命令创建一个刚才写的目录/data/webapps/www/ 从宿主机docker cp到容器中的这个目录 然后再用docker exec ls -l查询一下有没有index.html文件

    [root@zheng tmp]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ea13343b3169 nginx:latest "/docker-entrypoint.…" 2 hours ago Up 2 hours 0.0.0.0:801->80/tcp Nginx [root@zheng tmp]# docker exec ea13343b3169 mkdir -p /data/webapps/www/ [root@zheng tmp]# docker cp index.html ea13343b3169:/data/webapps/www/ [root@zheng tmp]# docker exec ea13343b3169 ls -l /data/webapps/www/ total 4 -rw-r--r--. 1 root root 2381 Jul 11 04:10 index.html [root@zheng tmp]#

    也可以vi 修改一下index.html文件在cp到容器里 访问一下nginx端口就可以看到了

    2、Docker实战Tomcat WEB容器&多实例

    1)Tomcat和Nginx是开源、免费的WEB服务器软件,用于发布网站代码的,提供网页信息服务,用户通过浏览器可以实现页面的访问。Tomcat除了可以处理静态网页之外,还可以处理动态网页。 2)Nginx WEB软件不能直接处理动态网页,Nginx官方宣称其处理静态网页的并发能力可以达到5w/s,相当于Apache、Tomcat WEB整体性能的5-10倍。在企业生产环境中,Nginx+Tomcat整合一起使用,Nginx负责处理静态网页,而Tomcat只负责动态网页处理。  静态网页 静态网页一般是跟后端数据库不发生交互的网页,其网页内容很少更新或者几乎不更新,网页文件后缀命名通常是以.htm、.html、.xml等结尾的。  动态网页 动态网页一般是跟后端数据库发生交互的网页,其网页内容经常更新或者随着后端数据库内容变化而更新,网页文件后缀命名通常是以.asp、.jsp、.php等结尾的。 3)基于Docker虚拟化平台,创建一台Tomcat WEB容器,要求Tomcat容器默认启动Tomcat服务,同时对外监听8080端口,用户通过浏览器可以页面的访问

    运行一个tomcat容器实例 -p端口映射 把docker容器里tomcat 8080端口映射到虚拟机8888端口

    [root@zheng ~]# docker run -it -p 8888:8080 --name tomcat 6055d4d564e1 WARNING: IPv4 forwarding is disabled. Networking will not work. docker: Error response from daemon: driver failed programming external connectivity on endpoint tomcat (013a9c6ea0f09208660b204ec3e6ee96f1f76546635619826e2fddf8c0e8d930): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 8888 -j DNAT --to-destination 172.17.0.3:8080 ! -i docker0: iptables: No chain/target/match by that name. (exit status 1)). ERRO[0000] error waiting for container: context canceled [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b45e02789fe3 tomcat "catalina.sh run" 52 seconds ago Created tomcat ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 24 hours ago Exited (137) 22 hours ago wizardly_swanson e2339b419fd9 688353a31fde "/bin/bash" 25 hours ago Exited (0) 22 hours ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 26 hours ago Up 22 hours brave_robinson

    这里有两个问题 WARNING: IPv4 forwarding is disabled. Networking will not work. Error response from daemon: driver failed programming external connectivity on endpoint tomcat 第一个WARNING 需要开启内核转发 第二ERROR docker服务启动时定义的自定义链DOCKER由于某种原因被清掉 重启docker服务及可重新生成自定义链DOCKER 报错以后查询容器状态显示创建

    [root@zheng ~]# vi /etc/sysctl.conf #添加这三行 net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0 "/etc/sysctl.conf" 15L, 543C written [root@zheng ~]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0 [root@zheng ~]# systemctl restart docker # 重新启动容器 [root@zheng ~]# docker start b45e02789fe3 b45e02789fe3 [root@zheng ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b45e02789fe3 tomcat "catalina.sh run" About a minute ago Up 4 seconds 0.0.0.0:8888->8080/tcp tomcat ddef8923d614 688353a31fde "/bin/sh -c 'while t…" 24 hours ago Exited (137) 22 hours ago wizardly_swanson e2339b419fd9 688353a31fde "/bin/bash" 25 hours ago Exited (0) 22 hours ago pedantic_galois 2fcb2b9cb610 688353a31fde "/bin/sh -c 'while t…" 26 hours ago Exited (137) 20 seconds ago brave_robinson

    启动成功,从本地浏览器访问tomcat 访问失败 我们换一个镜像,用tomcat8镜像

    tomcat8

    先搜索tomcat8镜像 选择第一个下载

    #查询 [root@zheng ~]# docker search tomcat8 NAME DESCRIPTION STARS OFFICIAL AUTOMATED ashince/tomcat8 Tomcat GUI Manager pre-configured docker ima… 5 podbox/tomcat8 2 [OK] dockerbase/tomcat8 Docker Base: Tomcat8 - https://github.com/do2 [OK] #拉取 [root@zheng ~]# docker pull ashince/tomcat8 Using default tag: latest latest: Pulling from ashince/tomcat8 06b22ddb1913: Pull complete 336c28b408ed: Pull complete 1f3e6b8d80c3: Pull complete aeac59510475: Pull complete b01db8bd8540: Pull complete f7f398af5fea: Pull complete 1c5595fa1317: Pull complete e1a6cc83dc3d: Pull complete 9efe1c932022: Pull complete eef936b7f842: Pull complete 3c1e71063aec: Pull complete 51a92f92973b: Pull complete 988c2bc01b91: Pull complete 49c5aa6cc2d3: Pull complete ec10702f1c41: Pull complete d79f676217c9: Pull complete 7e3835cd050f: Pull complete 2395475694e7: Pull complete ab971e749eb3: Pull complete 8259de60a10f: Pull complete Digest: sha256:4d3f4e20320d6c9f0c44c16f63a18f80f9092827bbb4a762bbb4f4d26f7abf3a Status: Downloaded newer image for ashince/tomcat8:latest docker.io/ashince/tomcat8:latest

    查询镜像

    查询目录

    [root@zheng ~]# ls -l /var/lib/docker/image/overlay2/ total 4 drwx------. 4 root root 58 Jul 3 23:06 distribution drwx------. 4 root root 37 Jul 3 11:45 imagedb drwx------. 5 root root 45 Jul 3 23:06 layerdb -rw-------. 1 root root 1631 Jul 11 04:24 repositories.json

    docker查询

    [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat latest 6055d4d564e1 4 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB nginx latest 2622e6cca7eb 4 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB

    过滤查询

    [root@zheng ~]# docker images |grep -ai tomcat tomcat latest 6055d4d564e1 4 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB

    运行tomcat容器

    –name可以加可以不加,但是名字得不一样 -p 一个8080,一个8081

    [root@zheng ~]# docker run -itd -p 8080:8080 --privileged --name tomcat8 ashince/tomcat8 b99dfc28679dbe5585f9b922f4fe44366d70ac5aa37f7ecc3dcc7f4d4416324e [root@zheng ~]# docker run -itd -p 8081:8080 --privileged --name tomcat8-1 ashince/tomcat8 5fbc290fc3d6fba2a43143cad9a3778ed8344cbdeab6fcb1a5a301c3f815a369 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 5 seconds ago Up 3 seconds 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 29 seconds ago Up 28 seconds 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 6 hours ago Up 6 hours 0.0.0.0:801->80/tcp Nginx

    查询一下tomcat容器ip [root@zheng ~]# for i in $(docker ps |grep -ai tomcat |awk '{print $1}');do echo $i;docker inspect $i|grep -ai ipaddr |tail -1|awk -F\" '{print $4}' ;done |sed 'N;s/\n/ /g' 5fbc290fc3d6 172.17.0.4 b99dfc28679d 172.17.0.3

    nginx和tomcat负载均衡

    首先查询nginx的容器id 然后把容器内nginx的配置文件cp到宿主机上 在宿主机编辑nginx配置文件完成以后在cp回nginx容器 然后重启nginx 浏览器登录nginx端口就会发现页面不是之前的百度的首页了 变成了tomcat页面 负载均衡就做完了

    [root@zheng ~]# docker ps |grep -ai nginx ea13343b3169 nginx:latest "/docker-entrypoint.…" 7 hours ago Up 7 hours 0.0.0.0:801->80/tcp Nginx [root@zheng ~]# docker cp ea13343b3169:/etc/nginx/conf.d/default.conf . [root@zheng ~]# grep -aivE "#|^$" default.conf server { listen 80; listen [::]:80; server_name localhost; location / { root /data/webapps/www/; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /data/webapps/www/; } }

    把输出的语句替换到配置文件,然后改成如下配置

    #把这里输出的结果复制到cp下来的nginx配置文件中替换掉,然后再加上一些配置 upstream tomcat_web { server 172.17.0.3:8080 weight=100 max_fails=2 fail_timeout=15; server 172.17.0.3:8081 weight=100 max_fails=2 fail_timeout=15; } server { listen 80; listen [::]:80; server_name localhost; location / { root /data/webapps/www/; index index.html index.htm; proxy_pass http://tomcat_web; proxy_set_header host $host; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /data/webapps/www/; } }

    修改好配置文件以后再cp回容器 然后重启nginx

    [root@zheng ~]# docker cp default.conf ea13343b3169:/etc/nginx/conf.d/ [root@zheng ~]# docker exec ea13343b3169 nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@zheng ~]# docker exec ea13343b3169 nginx -s reload 2020/07/11 09:35:02 [notice] 72#72: signal process started

    访问nginx页面 输入之前nginx的端口801 可以看到已经不是之前的百度首页了 替换成了tomcat

    动静分离

    把之前cp到宿主机的配置文件vi打开再添加配置文件 expires 30d; 30天 改完配置文件以后cp会容器 然后重启nginx服务

    [root@zheng ~]# vi default.conf upstream tomcat_web { server 172.17.0.3:8080 weight=100 max_fails=2 fail_timeout=15; server 172.17.0.3:8081 weight=100 max_fails=2 fail_timeout=15; } server { listen 80; listen [::]:80; server_name localhost; location / { root /data/webapps/www/; index index.html index.htm; proxy_pass http://tomcat_web; proxy_set_header host $host; } location ~ .*\.(html|htm|js|css|jpg|png|txt|doc|gif|jpeg)$ { root /data/webapps/www; expires 30d; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /data/webapps/www/; } }

    [root@zheng ~]# docker cp default.conf ea13343b3169:/etc/nginx/conf.d/ [root@zheng ~]# docker exec ea13343b3169 nginx -s reload 2020/07/11 10:36:02 [notice] 78#78: signal process started

    访问一下看看是不是会报错404 这里不知道为什么没有报错

    3 基于Docker WEB管理Docker容器

    通常来讲,开发人员和管理人员默认通过命令行来创建及运行Docker容器,但Docker的Remote API让他们可以通过充分利用REST(代表性状态传输协议)的API,运行相同的命令。 DockerUI也是基于API方式管理宿主机的Docker引擎。Docker UI Web前端程序让你可以处理通常通过Web浏览器的命令行来管理的许多任务。 主机上的所有容器都可以通过仅仅一条连接来处理,该项目几乎没有任何依赖关系。该软件目前仍在大力开发之中,但是它采用麻省理工学院(MIT)许可证,所以可以免费地重复使用。 Docker UI不包含任何内置的身份验证或安全机制,所以务必将任何公之于众的DockerUI连接放在用密码来保护的系统后面。

    安装web管理容器

    1)下载Docker UI镜像; 只需要在宿主机pull相关的镜像即可,指令如下: docker pull uifd/ui-for-docker docker images

    [root@zheng ~]# docker pull uifd/ui-for-docker Using default tag: latest latest: Pulling from uifd/ui-for-docker 841194d080c8: Pull complete Digest: sha256:fe371ff5a69549269b24073a5ab1244dd4c0b834cbadf244870572150b1cb749 Status: Downloaded newer image for uifd/ui-for-docker:latest docker.io/uifd/ui-for-docker:latest [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat latest 6055d4d564e1 4 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB nginx latest 2622e6cca7eb 4 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB

    2)启动docker-UI服务,并且映射9090至容器9090;

    [root@zheng ~]# docker run -it -d --name docker-web -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock docker.io/uifd/ui-for-docker 50932f1a7b168da40389d62f70ec15334fcb0c7d718f5911b4b150022c88e2c2 [root@zheng ~]# docker ps |grep docker 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 16 seconds ago Up 15 seconds 0.0.0.0:9000->9000/tcp docker-web ea13343b3169 nginx:latest "/docker-entrypoint.…" 9 hours ago Up 9 hours 0.0.0.0:801->80/tcp Nginx

    登录页面可以查看各种信息 端口9000

    用web管理创建容器

    用web管理来启动一台容器 点击images镜像 选择一个镜像点击

    填写参数以后就可以创建成功了,设置映射端口

    访问用web管理创建的容器

    成功了!!

    创建centos7云主机

    之前下载过centos7的docker镜像了可以直接运行

     Run,全新创建并且启动一台新容器;  -i,interactive打开交互模式;  -t,tty打开登录终端;  -d,detach后台运行;  -p,publish发布端口,将宿主机80映射至容器的80(DNAT+IPtables);  --name,指定或者自定义容器的名称;  --privileged,开启超级特权模式,支持更多的指令操作。

    [root@zheng ~]# docker search centos7 NAME DESCRIPTION STARS OFFICIAL AUTOMATED ansible/centos7-ansible Ansible on Centos7 132 [OK] [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> 263200eeef11 2 days ago 447MB tomcat latest 6055d4d564e1 7 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB nginx latest 2622e6cca7eb 4 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB [root@zheng ~]# docker run -itd --privileged --name centos7-cloud -p 6022:22 ansible/centos7-ansible 3ca6bba2a824c96dee590ecbb8d4a752959e2a0c1c7829b56ab5ef07d213fa9f # 第一条centos7云主机 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 36 minutes ago Up 35 minutes 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 2 days ago Up 2 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx

    然后查询一下ip地址做一下映射 在查询一下映射 新建一个会话窗口 连接docker创建的容器 ip是宿主机的ip 端口号改成创建的时候映射的6022端口

    [root@zheng ~]# docker inspect 3ca6bba2a824 |grep -ai ipaddr |tail -1 "IPAddress": "172.17.0.7", # -c3 ping3次以后停止 [root@zheng ~]# ping -c3 172.17.0.7 PING 172.17.0.7 (172.17.0.7) 56(84) bytes of data. 64 bytes from 172.17.0.7: icmp_seq=1 ttl=64 time=0.029 ms 64 bytes from 172.17.0.7: icmp_seq=2 ttl=64 time=0.041 ms 64 bytes from 172.17.0.7: icmp_seq=3 ttl=64 time=0.039 ms --- 172.17.0.7 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.029/0.036/0.041/0.007 ms [root@zheng ~]# iptables -t nat -L -n --line-numbers Chain PREROUTING (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination 1 DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) num target prot opt source destination 1 MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 2 MASQUERADE tcp -- 172.17.0.2 172.17.0.2 tcp dpt:80 3 MASQUERADE tcp -- 172.17.0.3 172.17.0.3 tcp dpt:8080 4 MASQUERADE tcp -- 172.17.0.4 172.17.0.4 tcp dpt:8080 5 MASQUERADE tcp -- 172.17.0.5 172.17.0.5 tcp dpt:9000 6 MASQUERADE tcp -- 172.17.0.6 172.17.0.6 tcp dpt:80 7 MASQUERADE tcp -- 172.17.0.7 172.17.0.7 tcp dpt:22 Chain DOCKER (2 references) num target prot opt source destination 1 RETURN all -- 0.0.0.0/0 0.0.0.0/0 2 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:801 to:172.17.0.2:80 3 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 to:172.17.0.3:8080 4 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8081 to:172.17.0.4:8080 5 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:9000 to:172.17.0.5:9000 6 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:805 to:172.17.0.6:80 7 DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6022 to:172.17.0.7:22 从这能看到6022映射到centos容器的22端口

    连接不了 用telnet和ssh试一下

    [root@zheng ~]# telnet 172.17.0.7 22 -bash: telnet: command not found [root@zheng ~]# ssh 0l 172.17.0.2 ssh: Could not resolve hostname 0l: Name or service not known

    应该是防火墙或者是端口的问题 去容器里看一下 先安装一下net-tools工具 因为这个云主机是centos。自带yum源 默认可以上外网,所以能安装这个工具

    [root@zheng ~]# docker exec -it 3ca6bba2a824 /bin/bash [root@3ca6bba2a824 ansible]# [root@3ca6bba2a824 ansible]# cd [root@3ca6bba2a824 ~]# yum install net-tools -y [root@3ca6bba2a824 ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.7 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:07 txqueuelen 0 (Ethernet) RX packets 3906 bytes 18730389 (17.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3260 bytes 182405 (178.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    修改一下yum源 现在在安装软件就会比之前快了

    [root@3ca6bba2a824 ~]# cd /etc/yum.repos.d/ [root@3ca6bba2a824 yum.repos.d]# ll total 36 -rw-r--r--. 1 root root 1664 Nov 29 2016 CentOS-Base.repo -rw-r--r--. 1 root root 1309 Nov 29 2016 CentOS-CR.repo -rw-r--r--. 1 root root 649 Nov 29 2016 CentOS-Debuginfo.repo -rw-r--r--. 1 root root 630 Nov 29 2016 CentOS-Media.repo -rw-r--r--. 1 root root 1331 Nov 29 2016 CentOS-Sources.repo -rw-r--r--. 1 root root 2893 Nov 29 2016 CentOS-Vault.repo -rw-r--r--. 1 root root 314 Nov 29 2016 CentOS-fasttrack.repo -rw-r--r--. 1 root root 1056 Mar 31 2016 epel-testing.repo -rw-r--r--. 1 root root 957 Mar 31 2016 epel.repo [root@3ca6bba2a824 yum.repos.d]# mkdir bak [root@3ca6bba2a824 yum.repos.d]# mv * bak/ mv: cannot move 'bak' to a subdirectory of itself, 'bak/bak' [root@3ca6bba2a824 yum.repos.d]# ll total 0 drwxr-xr-x. 2 root root 229 Jul 14 06:33 bak [root@3ca6bba2a824 yum.repos.d]# cp bak/CentOS-Base.repo . [root@3ca6bba2a824 yum.repos.d]# ls CentOS-Base.repo bak

    查询一下网关 能不能ping通外网 查询版本 内核版本

    #查路由 [root@3ca6bba2a824 yum.repos.d]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.17.0.1 0.0.0.0 UG 0 0 0 eth0 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 #查版本 [root@3ca6bba2a824 yum.repos.d]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) #内核版本 [root@3ca6bba2a824 yum.repos.d]# uname -a Linux 3ca6bba2a824 3.10.0-514.el7.x86_64 #1 SMP Tue Nov 22 16:42:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux #ping外网 [root@3ca6bba2a824 yum.repos.d]# ping -c3 www.baidu.com PING www.a.shifen.com (61.135.169.125) 56(84) bytes of data. 64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=1 ttl=127 time=6.22 ms 64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=2 ttl=127 time=8.27 ms 64 bytes from 61.135.169.125 (61.135.169.125): icmp_seq=3 ttl=127 time=9.99 ms --- www.a.shifen.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 6.221/8.162/9.993/1.543 ms

    查询一下监听端口 没有监听,任何端口 所以刚才才会连接不了

    [root@3ca6bba2a824 yum.repos.d]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

    先安装一下服务 要不然没有这个sshd命令 输入错误,没有这个文件 进去宿主机吧文件拷贝到容器里在启动

    [root@3ca6bba2a824 yum.repos.d]# yum install openssh-server -y #启动sshd报错 [root@3ca6bba2a824 yum.repos.d]# /usr/sbin/sshd Could not load host key: /etc/ssh/ssh_host_rsa_key Could not load host key: /etc/ssh/ssh_host_ecdsa_key Could not load host key: /etc/ssh/ssh_host_ed25519_key sshd: no hostkeys available -- exiting. [root@3ca6bba2a824 yum.repos.d]# ll /usr/sbin/sshd -rwxr-xr-x. 1 root root 852856 Aug 9 2019 /usr/sbin/sshd [root@3ca6bba2a824 yum.repos.d]# ps -ef |grep sshd #没有sshd进程 root 127 14 0 07:02 pts/1 00:00:00 grep --color=auto sshd ##ctrl+p+q退出容器终端 [root@3ca6bba2a824 yum.repos.d]# read escape sequence [root@zheng ~]# cd /etc/ssh/ [root@zheng ssh]# ll total 276 -rw-r--r--. 1 root root 242153 Nov 11 2016 moduli -rw-r--r--. 1 root root 2208 Nov 11 2016 ssh_config -rw-------. 1 root root 4361 Nov 11 2016 sshd_config -rw-r-----. 1 root ssh_keys 227 Jun 29 12:55 ssh_host_ecdsa_key -rw-r--r--. 1 root root 162 Jun 29 12:55 ssh_host_ecdsa_key.pub -rw-r-----. 1 root ssh_keys 387 Jun 29 12:55 ssh_host_ed25519_key -rw-r--r--. 1 root root 82 Jun 29 12:55 ssh_host_ed25519_key.pub -rw-r-----. 1 root ssh_keys 1679 Jun 29 12:55 ssh_host_rsa_key -rw-r--r--. 1 root root 382 Jun 29 12:55 ssh_host_rsa_key.pub [root@zheng ssh]# docker cp /etc/ssh/ssh_host_rsa_key 3ca6bba2a824:/etc/ssh/ [root@zheng ssh]# docker cp /etc/ssh/ssh_host_ecdsa_key 3ca6bba2a824:/etc/ssh/ [root@zheng ssh]# docker cp /etc/ssh/ssh_host_ed25519_key 3ca6bba2a824:/etc/ssh/ [root@zheng ssh]# docker exit -it 3ca6bba2a824 /bin/bash

    再启动一下还是报错了,给的权限太大的意思,把权限设置成600

    [root@3ca6bba2a824 ansible]# /usr/sbin/sshd @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0640 for '/etc/ssh/ssh_host_rsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. key_load_private: bad permissions Could not load host key: /etc/ssh/ssh_host_rsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. key_load_private: bad permissions Could not load host key: /etc/ssh/ssh_host_ecdsa_key @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0640 for '/etc/ssh/ssh_host_ed25519_key' are too open. It is required that your private key files are NOT accessible by others. This private key will be ignored. key_load_private: bad permissions Could not load host key: /etc/ssh/ssh_host_ed25519_key sshd: no hostkeys available -- exiting. [root@3ca6bba2a824 ansible]# [root@3ca6bba2a824 ansible]# cd /etc/ssh/ [root@3ca6bba2a824 ssh]# ll total 592 -rw-r--r--. 1 root root 581843 Aug 9 2019 moduli -rw-r--r--. 1 root root 2276 Aug 9 2019 ssh_config -rw-r-----. 1 root input 227 Jun 29 16:55 ssh_host_ecdsa_key -rw-r-----. 1 root input 387 Jun 29 16:55 ssh_host_ed25519_key -rw-r-----. 1 root input 1679 Jun 29 16:55 ssh_host_rsa_key -rw-------. 1 root root 3907 Aug 9 2019 sshd_config [root@3ca6bba2a824 ssh]# chmod 600 ssh_host_ecdsa_key [root@3ca6bba2a824 ssh]# chmod 600 ssh_host_ed25519_key [root@3ca6bba2a824 ssh]# chmod 600 ssh_host_rsa_key [root@3ca6bba2a824 ssh]# /usr/sbin/sshd

    启动没有报错 ps -ef 过滤只显示sshd 查看一下端口 修改root密码

    第一行就是sshd进程 [root@3ca6bba2a824 ssh]# ps -ef |grep sshd root 212 0 0 07:49 ? 00:00:00 /usr/sbin/sshd root 214 193 0 07:50 pts/3 00:00:00 grep --color=auto sshd 看到了22端口 [root@3ca6bba2a824 ssh]# netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 212/sshd tcp6 0 0 :::22 :::* LISTEN 212/sshd 修改一个root密码,123 [root@3ca6bba2a824 ssh]# passwd Changing password for user root. New password: BAD PASSWORD: The password is shorter than 8 characters Retype new password: passwd: all authentication tokens updated successfully. [root@3ca6bba2a824 ssh]#

    再重新连接一下就可以了

    commit自定义镜像

    docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] OPTIONS说明:

    -a :提交的镜像作者;

    -c :使用Dockerfile指令来创建镜像;

    -m :提交时的说明文字;

    -p :在commit时,将容器暂停。 举例: docker commit -a “runoob.com” -m “my apache” a404c6c174a2 mymysql:v1

    [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 5 hours ago Up 5 hours 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx [root@zheng ~]# docker commit 3ca6bba2a824 centos7-cloud:latest sha256:76785adcedc87db63e80970c3ae8e130f77f825cf4797fdd26861dda5d7b85db 生成新镜像以后在查看 [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos7-cloud latest 76785adcedc8 4 seconds ago 573MB tomcat latest 6055d4d564e1 7 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB nginx latest 2622e6cca7eb 4 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB

    用新镜像启动云主机

    改一下名字和端口号 镜像用刚才创建的镜像 docker images 可以查看到

    [root@zheng ~]# docker run -itd --privileged --name centos7-cloud2 -p 6023:22 centos7-cloud 4a8d466df5fb877dc4ef1d49dbe423151eb31b5ff568eb3e5df7e818894a5f54 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4a8d466df5fb centos7-cloud "/bin/bash" 4 minutes ago Up 4 minutes 0.0.0.0:6023->22/tcp centos7-cloud2 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 6 hours ago Up 6 hours 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx

    运行容器以后要先用docker exec命令启动一下sshd服务 要不然会连接不了,默认不启动sshd 启动完服务查看一下端口 启动完了以后点击连接,端口号加1就可以登录了

    [root@zheng ~]# docker exec 4a8d466df5fb /usr/sbin/sshd [root@zheng ~]# docker exec 4a8d466df5fb netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 30/sshd tcp6 0 0 :::22 :::* LISTEN 30/sshd [root@zheng ~]# docker exec 4a8d466df5fb ps -ef |grep sshd root 30 0 0 09:43 ? 00:00:00 /usr/sbin/sshd

    启动10台云主机

    [root@zheng ~]# for i in $(seq 0 9);do docker run -itd --privileged --name=cloud0$i -p 600$i:22 centos7-cloud ;done d61561402ccbb03280b2aa703cba53b1d0a70b01c16acf3dd1d9f526eccc0294 bd995979ab085ece22ed35e9a02f26beb34ff3bc363164a5fa8ca7dbaece322e 6bd791e0e8cd7a4facdab95436ea6e8f8d2f61da34377e0a01b4458626f91172 c7e8792ce8fc914fc42d3f135c5e517bd1d646058c74469348eeab0e93b4c301 a27cbbcf2b82c872ce73234e27a17a10c981cf64f01bc4683ba6385e3f64e646 b1b9162f0d4dd875e4648365e05b47d74f9d2451619f3f0a11232b4fd191c7d2 845ec51b78ddd1d64ed44a0e71f85ff2d63c16872254cc6d97a7532183414959 1604e774d3e4e3407a0c4ecbcefe20d950bde82c5c87d5e962e98284f3418fa8 0381f63c7ca8cc5c6de238ea09c73c7cc5f0742979387a8f62497456bbd227ae e9ac3e216fa7cdfa1ee64cad3ba191b9542654f78480062e46a1200edeaf07a3 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e9ac3e216fa7 centos7-cloud "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:6009->22/tcp cloud09 0381f63c7ca8 centos7-cloud "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:6008->22/tcp cloud08 1604e774d3e4 centos7-cloud "/bin/bash" 8 seconds ago Up 7 seconds 0.0.0.0:6007->22/tcp cloud07 845ec51b78dd centos7-cloud "/bin/bash" 8 seconds ago Up 7 seconds 0.0.0.0:6006->22/tcp cloud06 b1b9162f0d4d centos7-cloud "/bin/bash" 9 seconds ago Up 8 seconds 0.0.0.0:6005->22/tcp cloud05 a27cbbcf2b82 centos7-cloud "/bin/bash" 9 seconds ago Up 8 seconds 0.0.0.0:6004->22/tcp cloud04 c7e8792ce8fc centos7-cloud "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:6003->22/tcp cloud03 6bd791e0e8cd centos7-cloud "/bin/bash" 10 seconds ago Up 9 seconds 0.0.0.0:6002->22/tcp cloud02 bd995979ab08 centos7-cloud "/bin/bash" 11 seconds ago Up 10 seconds 0.0.0.0:6001->22/tcp cloud01 d61561402ccb centos7-cloud "/bin/bash" 11 seconds ago Up 10 seconds 0.0.0.0:6000->22/tcp cloud00 4a8d466df5fb centos7-cloud "/bin/bash" About an hour ago Up About an hour 0.0.0.0:6023->22/tcp centos7-cloud2 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 7 hours ago Up 7 hours 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 2 days ago Up 2 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 2 days ago Up 2 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx

    这个时候光创建,但还是和之前的云主机一样无法连接,因为没有启动sshd 先过滤出cloud0刚才创建的10台云主机 然后把这个容器号复制进一个文件中 最后for i in语句执行

    [root@zheng ~]# docker ps |grep cloud0 e9ac3e216fa7 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6009->22/tcp cloud09 0381f63c7ca8 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6008->22/tcp cloud08 1604e774d3e4 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6007->22/tcp cloud07 845ec51b78dd centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6006->22/tcp cloud06 b1b9162f0d4d centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6005->22/tcp cloud05 a27cbbcf2b82 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6004->22/tcp cloud04 c7e8792ce8fc centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6003->22/tcp cloud03 6bd791e0e8cd centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6002->22/tcp cloud02 bd995979ab08 centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6001->22/tcp cloud01 d61561402ccb centos7-cloud "/bin/bash" 17 minutes ago Up 17 minutes 0.0.0.0:6000->22/tcp cloud00 [root@zheng ~]# vi container-id.txt e9ac3e216fa7 0381f63c7ca8 1604e774d3e4 845ec51b78dd b1b9162f0d4d a27cbbcf2b82 c7e8792ce8fc 6bd791e0e8cd bd995979ab08 d61561402ccb [root@zheng ~]# for i in $(cat container-id.txt);do docker exec $i /usr/sbin/sshd ;done

    批量启动成功

    批量查询云主机ip echo $i ----打印容器id grep -oE “([0-9]{1,3}.){3}[0-9]{1,3}” --正则表达式 sed ‘N;s/\n/ /g’ —意思是把换行符变成空格

    [root@zheng ~]# for i in $(cat container-id.txt);do echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;s/\n/ /g' e9ac3e216fa7 172.17.0.18 0381f63c7ca8 172.17.0.17 1604e774d3e4 172.17.0.16 845ec51b78dd 172.17.0.15 b1b9162f0d4d 172.17.0.14 a27cbbcf2b82 172.17.0.13 c7e8792ce8fc 172.17.0.12 6bd791e0e8cd 172.17.0.11 bd995979ab08 172.17.0.10 d61561402ccb 172.17.0.9

    给他加上宿主机ip 把中间的空格用逗号分隔开 然后倒入csv文件 通过ftp传到本机 用wps打开表格

    [root@zheng ~]# for i in $(cat container-id.txt);do echo 192.168.100.10 ;echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;s/\n/,/g' 192.168.100.10,e9ac3e216fa7 172.17.0.18,192.168.100.10 0381f63c7ca8,172.17.0.17 192.168.100.10,1604e774d3e4 172.17.0.16,192.168.100.10 845ec51b78dd,172.17.0.15 192.168.100.10,b1b9162f0d4d 172.17.0.14,192.168.100.10 a27cbbcf2b82,172.17.0.13 192.168.100.10,c7e8792ce8fc 172.17.0.12,192.168.100.10 6bd791e0e8cd,172.17.0.11 192.168.100.10,bd995979ab08 172.17.0.10,192.168.100.10 d61561402ccb,172.17.0.9 [root@zheng ~]# for i in $(cat container-id.txt);do echo 192.168.100.10 ;echo $i;docker inspect $i|grep -ai ipaddr|tail -1|grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}" ;done|sed 'N;N;s/\n/,/g' >>docker.csv [root@zheng ~]# vi docker.csv 宿主机ip,容器id,容器 192.168.100.10,e9ac3e216fa7,172.17.0.18 192.168.100.10,0381f63c7ca8,172.17.0.17 192.168.100.10,1604e774d3e4,172.17.0.16 192.168.100.10,845ec51b78dd,172.17.0.15 192.168.100.10,b1b9162f0d4d,172.17.0.14 192.168.100.10,a27cbbcf2b82,172.17.0.13 192.168.100.10,c7e8792ce8fc,172.17.0.12 192.168.100.10,6bd791e0e8cd,172.17.0.11 192.168.100.10,bd995979ab08,172.17.0.10 192.168.100.10,d61561402ccb,172.17.0.9 ~ "docker.csv" 11L, 427C written #复制到ftp目录下! [root@zheng ~]# cp docker.csv /opt/zheng-computer/

    删除掉,没用了

    [root@zheng ~]# docker rm -f $(cat container-id.txt) e9ac3e216fa7 0381f63c7ca8 1604e774d3e4 845ec51b78dd b1b9162f0d4d a27cbbcf2b82 c7e8792ce8fc 6bd791e0e8cd bd995979ab08 d61561402ccb [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4a8d466df5fb centos7-cloud "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:6023->22/tcp centos7-cloud2 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 10 hours ago Up 10 hours 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 3 days ago Up 3 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx

    LNMP

    1)根据如上的Docker构建CentOS云主机,CentOS7云主机创建成功,通过CRT远程登录22端口 2)基于CentOS7云主机构建LNMP WEB(Linux+Nginx+MYSQL+PHP)平台,并且发布Discuz门户网站

    [root@zheng ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE centos7-cloud latest d9870547b934 4 hours ago 573MB tomcat latest 6055d4d564e1 7 days ago 647MB tomcat 10.0 0d691b180bd5 4 weeks ago 647MB nginx latest 2622e6cca7eb 4 weeks ago 132MB hello-world latest bf756fb1ae65 6 months ago 13.3kB ashince/tomcat8 latest 02aedead27dd 23 months ago 314MB ansible/centos7-ansible latest 688353a31fde 3 years ago 447MB uifd/ui-for-docker latest 965940f98fa5 3 years ago 8.1MB [root@zheng ~]# docker run -itd --privileged --name=lnmp-cloud -p 80:80 -p 8022:22 centos7-cloud 9b91a70035f811ac64fae970ba949ff0b945cf91f1d70c0b10f8d52f9fc60e70 [root@zheng ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 9b91a70035f8 centos7-cloud "/bin/bash" 37 seconds ago Up 36 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:8022->22/tcp lnmp-cloud 4a8d466df5fb centos7-cloud "/bin/bash" 4 hours ago Up 4 hours 0.0.0.0:6023->22/tcp centos7-cloud2 3ca6bba2a824 ansible/centos7-ansible "/bin/bash" 10 hours ago Up 10 hours 0.0.0.0:6022->22/tcp centos7-cloud 29d023b574db 2622e6cca7eb "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:805->80/tcp nginx111 50932f1a7b16 uifd/ui-for-docker "/ui-for-docker" 3 days ago Up 3 days 0.0.0.0:9000->9000/tcp docker-web 5fbc290fc3d6 ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8081->8080/tcp tomcat8-1 b99dfc28679d ashince/tomcat8 "catalina.sh run" 3 days ago Up 3 days 0.0.0.0:8080->8080/tcp tomcat8 ea13343b3169 nginx:latest "/docker-entrypoint.…" 3 days ago Up 3 days 0.0.0.0:801->80/tcp Nginx [root@zheng ~]# docker exec 9b91a70035f8 /usr/sbin/sshd

    crt连接端口号进入

    yum install epel-release -y yum install nginx php php-fpm mariadb-server mariadb -y /usr/sbin/nginx

    启动完nginx访问80端口 但是不知道为什么访问80端口一直是ftp的界面 找不出问题就把这个容器删了重新建了一个新容器 步骤和上面一样,只不过80映射端口改成了9080

    [root@zheng ~]# docker run -itd --privileged --name=lnmp-cloud -p 9080:80 -p 8022:22 centos7-cloud [root@zheng ~]# docker exec bb6dac0dd3ce /usr/sbin/sshd [root@bb6dac0dd3ce ~]# yum install epel-release -y [root@bb6dac0dd3ce ~]# yum install nginx php php-fpm mariadb-server mariadb -y [root@bb6dac0dd3ce ~]# /usr/sbin/nginx

    访问9080端口 显示403是因为没有发布默认代码 修改一下显示页面

    [root@bb6dac0dd3ce ~]# cd /usr/share/nginx/html/ [root@bb6dac0dd3ce html]# ls 404.html 50x.html en-US icons img index.html nginx-logo.png poweredby.png [root@bb6dac0dd3ce html]# ll total 12 -rw-r--r--. 1 root root 3650 Oct 3 2019 404.html -rw-r--r--. 1 root root 3693 Oct 3 2019 50x.html lrwxrwxrwx. 1 root root 20 Jul 15 05:57 en-US -> ../../doc/HTML/en-US drwxr-xr-x. 2 root root 27 Jul 15 05:57 icons lrwxrwxrwx. 1 root root 18 Jul 15 05:57 img -> ../../doc/HTML/img lrwxrwxrwx. 1 root root 25 Jul 15 05:57 index.html -> ../../doc/HTML/index.html -rw-r--r--. 1 root root 368 Oct 3 2019 nginx-logo.png lrwxrwxrwx. 1 root root 14 Jul 15 05:57 poweredby.png -> nginx-logo.png [root@bb6dac0dd3ce html]# rm -rf * [root@bb6dac0dd3ce html]# ll total 0 [root@bb6dac0dd3ce html]# echo feifei!!! >index.html echo feifeill! >index.html

    php

    [root@bb6dac0dd3ce ~]# cd /etc/nginx/ [root@bb6dac0dd3ce nginx]# cp nginx.conf.default nginx.conf cp: overwrite 'nginx.conf'? y [root@bb6dac0dd3ce nginx]# vi nginx.conf

    修改

    65 location ~ \.php$ { 66 root /usr/share/nginx/html; 67 fastcgi_pass 127.0.0.1:9000; 68 fastcgi_index index.php; 69 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 70 include fastcgi_params; 71 }

    [root@bb6dac0dd3ce nginx]# nginx -s reload [root@bb6dac0dd3ce nginx]# nohup /usr/sbin/php-fpm $ [root@bb6dac0dd3ce nginx]# ps -ef |grep php root 247 22 0 06:29 pts/1 00:00:00 grep --color=auto php [root@bb6dac0dd3ce nginx]# ps -ef |grep nginx root 211 0 0 05:57 ? 00:00:00 nginx: master process /usr/sbin/nginx nginx 229 211 0 06:27 ? 00:00:00 nginx: worker process root 249 22 0 06:29 pts/1 00:00:00 grep --color=auto nginx [root@bb6dac0dd3ce nginx]# cd /usr/share/nginx/html/ [root@bb6dac0dd3ce html]# ls index.html [root@bb6dac0dd3ce html]# mv index.html index.php [root@bb6dac0dd3ce html]# vi index.php <?php phpinfo(); ?> "index.php" 3L, 20C written

    http://192.168.100.10:9080/index.php 不加php就能进入

    [root@bb6dac0dd3ce nginx]# vi /etc/nginx/nginx.conf 添加这一行

    [root@bb6dac0dd3ce html]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@bb6dac0dd3ce html]# nginx -s reload

    Processed: 0.023, SQL: 9