目录
一.建立私有仓库
docker原生仓库的基本原理
- docker镜像可以托管到docker hub中,和将代码库托管到github是一样的原理。有时候我们需要在部门或者团队内部共享docker镜像,我们就可以搭建私有仓库。
- 仓库的原理:Docker模型的核心部分是有效的利用分层镜像的机制,镜像可以通过分层来进行继承,基于基础镜像,可以制作各种具体应用的镜像。不同的Docker容器可以共享一些基础的文件系统层,同时再加上自己独有的改动层,大大提高了存储的效率。由于最终镜像是以压缩包的方式静态存储在服务器端,这种存储适用于对象存储
- 使用docker pull 获取镜像的过程
- registry是docker官方提供的一个创建镜像仓库的模板
搭建docker私有仓库
- 下载registry镜像
[root@cloud ~]# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
486039affc0a: Pull complete
ba51a3b098e6: Pull complete
8bb4c43d6c8e: Pull complete
6f5f453e5f2d: Pull complete
42bc10b72f42: Pull complete
Digest: sha256:7d081088e4bfd632a88e3f3bcd9e007ef44a796fddfe3261407a3f9f04abe1e7
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest
[root@cloud ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry latest 708bc6af7e5e 8 weeks ago 25.8MB
[root@cloud ~]#
- 创建私有仓库的容器
-
上传镜像到私有仓库
##提供上传路径,允许http协议
[root@cloud ~]# cat /etc/docker/daemon.json
{
"insecure-registries": ["123.57.242.90:5000"],
"registry-mirrors": ["https://dnntzrw4.mirror.aliyuncs.com"]
}
[root@cloud ~]#
##重启docker服务
[root@cloud ~]# systemctl daemon-reload
[root@cloud ~]# systemctl restart docker.service
##由于重启的docker服务,容器也被关闭了,所以需要开启容器
[root@cloud ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
68c26f96d0aa registry "/entrypoint.sh /etc…" 52 minutes ago Exited (2) About a minute ago my_registry
[root@cloud ~]# docker start my_registry
my_registry
##修改上传镜像的标签
[root@cloud ~]# docker tag nginx:latest 123.57.242.90.5000/nginx:registry
[root@cloud ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
123.57.242.90:5000/nginx registry 6678c7c2e56c 2 weeks ago 127MB
nginx latest 6678c7c2e56c 2 weeks ago 127MB
registry latest 708bc6af7e5e 8 weeks ago 25.8MB
##上传镜像
[root@cloud ~]# docker push 123.57.242.90:5000/nginx
The push refers to repository [123.57.242.90:5000/nginx]
55a77731ed26: Pushed
71f2244bc14d: Pushed
f2cb0ecef392: Pushed
registry: digest: sha256:3936fb3946790d711a68c58be93628e43cbca72439079e16d154b5db216b58da size: 948
- 验证镜像是否上传成功
[root@cloud ~]# curl -XGET http://123.57.242.90:5000/v2/_catalog
{"repositories":["httpd","nginx"]}
[root@cloud ~]#
在客户端下载私有仓库的镜像
- 修改下载路径
[root@192 ~]# cat /etc/docker/daemon.json
{
"insecure-registries": ["123.57.242.90:5000"]
}
[root@192 ~]# systemctl restart docker
[root@192 ~]# systemctl daemon-reload
- 从私有仓库中下载镜像
[root@192 ~]# docker pull 123.57.242.90:5000/httpd
Using default tag: latest
latest: Pulling from httpd
68ced04f60ab: Pull complete
35d35f1e0dc9: Pull complete
8a918bf0ae55: Pull complete
d7b9f2dbc195: Pull complete
d56c468bde81: Pull complete
Digest: sha256:d3df077ec2ddbe0a62279c672b9c792055b96f6d22ed1e45371bcd70393730f9
Status: Downloaded newer image for 123.57.242.90:5000/httpd:latest
123.57.242.90:5000/httpd:latest
[root@192 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos system 33857c283613 8 days ago 237MB
123.57.242.90:5000/httpd latest c5a012f9cf45 3 weeks ago 165MB
[root@192 ~]#
二.端口映射
- -p(小写)可以指定主机端口映射的容器端口
[root@cloud ~]# docker run -d -p 1234:80 nginx
f16c533aaedec01792502805911b9590443dff2a066b7b68a96f4a19f039391f
[root@cloud ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f16c533aaede nginx "nginx -g 'daemon of…" 5 seconds ago Up 5 seconds 0.0.0.0:1234->80/tcp determined_keldysh
[root@cloud ~]#
- -P(大写)随机映射端口(docker端口依据具体的镜像服务)
[root@cloud ~]# docker run -d -P nginx
69d7a2c3c53da494d7949c88bbc7add433033fec8b76413adfcfbb9a9d45d42c
[root@cloud ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
69d7a2c3c53d nginx "nginx -g 'daemon of…" 7 seconds ago Up 6 seconds 0.0.0.0:32768->80/tcp eloquent_bhabha
f16c533aaede nginx "nginx -g 'daemon of…" 10 minutes ago Up 10 minutes 0.0.0.0:1234->80/tcp determined_keldysh
[root@cloud ~]#
三.容器互联(基于centos镜像)
- 创建容器web1并且运行(web1并不能ping通web2)
[root@cloud ~]# docker run -itd -P --name web1 centos /bin/bash
79dfbe5f84b5be0c67d88543cb6adc84c4e13fb40c04fab3c23de4c8ff4d626e
- 创建容器web2,关联web1,并且运行
[root@cloud ~]# docker run -itd -P --name web2 --link web1:web1 centos /bin/bash
08ae11baf2ad11489f4e8bcbe10e3ee51ef063a2cf31ab0e2d584b96942b908f
[root@cloud ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
08ae11baf2ad centos "/bin/bash" 4 seconds ago Up 3 seconds web2
79dfbe5f84b5 centos "/bin/bash" 37 seconds ago Up 37 seconds web1
- 进入web2容器测试web1
[root@cloud ~]# docker exec -it web2 /bin/bash
[root@08ae11baf2ad /]# ping web1
PING web1 (172.18.0.2) 56(84) bytes of data.
64 bytes from web1 (172.18.0.2): icmp_seq=1 ttl=64 time=0.126 ms
64 bytes from web1 (172.18.0.2): icmp_seq=2 ttl=64 time=0.068 ms
64 bytes from web1 (172.18.0.2): icmp_seq=3 ttl=64 time=0.067 ms
64 bytes from web1 (172.18.0.2): icmp_seq=4 ttl=64 time=0.075 ms
64 bytes from web1 (172.18.0.2): icmp_seq=5 ttl=64 time=0.087 ms
^C
--- web1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4ms
rtt min/avg/max/mdev = 0.067/0.084/0.126/0.024 ms