Docker的基本信息查询与安装
安装docker和相关依赖性:
本机直接使用rhel7.3的yum源,可以通过yum安装直接解决依赖性
yum install docker-engine-17.03.1.ce-1.el7.centos.x86_64.rpm
docker-engine-selinux-17.03.1.ce-1.el7.centos.noarch.rpm
打开服务
[root@foundation1 mnt]# systemctl start docker.service
检查docker版本
[root@foundation1 ~]# docker version
Client:
Version: 17.03.1-ce
API version: 1.27
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.1-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Experimental: false
查看当前docker中的镜像
[root@foundation1 mnt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
查看容器ip地址
在服务机上执行 ip addr
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:43:50:21:54 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:43ff:fe50:2154/64 scope link
valid_lft forever preferred_lft forever
可以看到服务机给docker分配了一个地址
查看docker宿主机的信息
[root@foundation1 ~]# docker info
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 1
Server Version: 17.03.1-ce
Storage Driver: overlay
Backing Filesystem: xfs
Supports d_type: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.2 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.588 GiB
Name: foundation1.ilt.example.com
ID: ZJ67:6H2U:X2VE:KS3A:UU3Z:6XMY:ZXFZ:M44V:3SIX:IIMB:JZ75:MB5U
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
docker镜像的导入和使用
使用现有的镜像进行导入
[root@foundation1 mnt]# docker load -i rhel7.tar
e1f5733f050b: Loading layer [==================================================>] 147.1 MB/147.1 MB
[root@foundation1 mnt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 latest 0a3eb3fde7fd 4 years ago 140 MB
查看存在的容器
[root@foundation1 mnt]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
添加并运行容器
[root@foundation1 mnt]# docker run -it --name vm1 rhel7 bash
bash-4.2# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
bash-4.2#
(ctrl+pq将容器打入后台 ctrl+d将容器关闭不打入后台)
查看当前存在的容器(-a代表将所有的容器显示出来)
[root@foundation1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
149b3af6782e rhel7 "bash" 10 minutes ago Exited (0) 6 minutes ago vm1
添加网络源导入镜像
这里使用阿里云的加速器
在www.aliyun.com进行注册,得到自己的镜像加速器地址
根据文档创建自己的镜像仓库
创建成功后可以进行查找对应的镜像
[root@foundation1 ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 9315 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker c... 1385 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable ... 609 [OK]
jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as... 396 [OK]
kong Open-source Microservice & API Management ... 215 [OK]
webdevops/php-nginx Nginx with PHP-FPM 111 [OK]
kitematic/hello-world-nginx A light-weight nginx container that demons... 108
zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server ... 63 [OK]
bitnami/nginx Bitnami nginx Docker Image 57 [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 43 [OK]
linuxserver/nginx An Nginx container, brought to you by Linu... 38
tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 20 [OK]
blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK]
nginxdemos/nginx-ingress NGINX Ingress Controller for Kubernetes . ... 11
wodby/drupal-nginx Nginx for Drupal container image 10 [OK]
webdevops/nginx Nginx container 8 [OK]
nginxdemos/hello NGINX webserver that serves a simple page ... 8 [OK]
centos/nginx-18-centos7 Platform for running nginx 1.8 or building... 7
centos/nginx-112-centos7 Platform for running nginx 1.12 or buildin... 4
1science/nginx Nginx Docker images that include Consul Te... 4 [OK]
pebbletech/nginx-proxy nginx-proxy sets up a container running ng... 2 [OK]
travix/nginx NGinx reverse proxy 1 [OK]
toccoag/openshift-nginx Nginx reverse proxy for Nice running on sa... 1 [OK]
mailu/nginx Mailu nginx frontend 1 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 0 [OK]
拉取想要的镜像
[root@foundation1 ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
be8881be8156: Pull complete
32d9726baeef: Pull complete
87e5e6f71297: Pull complete
Digest: sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
Status: Downloaded newer image for nginx:latest
查看得到的镜像
[root@foundation1 ~]# docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest c82521676580 3 weeks ago 109 MB
运行并使用对应的容器
[root@foundation1 ~]# docker run -d --name vm2 nginx
822960e130d6016f24f6473bd6c50e39091d044ce229292547c87c71f4c6844b
[root@foundation1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
822960e130d6 nginx "nginx -g 'daemon ..." About a minute ago Up About a minute 80/tcp vm2
通过 docker inspect vm2命令可以查看对应的地址
可以看到vm2对应的ip为172.17.0.2
通过访问对应的ip可以查看到他的发布内容
如果想直接在物理机中推送想发布的内容
(1)本地传送
vim index.html # 编辑发布内容
docker cp index.html vm2:/usr/share/nginx/html/ # 拷贝到镜像nginx的发布目录中
(2)本地目录挂载到容器
mkdir /tmp/docker/web/
vim index.html
1 <h1>server1</h1>
docker rm -f vm2 # 删除vm2
docker run -d --name vm2 -v /tmp/docker/web/:/usr/share/nginx/html/ nginx
#将/tmp/docker/web/挂载到客户端的/usr/share/nginx/html/
以后当你想更改发布目录时候,可以直接在服务端进行更改
Dockerfile文件的编写
- Dockerfile
Dockerfile是一个文本格式的配置文件,用户可以使用Dockerfile快速创建自定义的镜像。
Dockerfile由一行行命令语句组成,基本一行命令就代表镜像封装中的一层,其中每一条指令都创建镜像的一层。
Dockerfile一般分为四部分:基础镜像信息、维护者信息、镜像操作指令和容器启动时执行指令。- 其指令的具体信息如下:
- FROM
格式为FROM < image > 或FROM< image >:< tag >。
第一条指令必须为FROM指令。并且,如果在同一个Dockerfile中创建多个镜像时,可以使用多个FROM指令(每个镜像一一次)。- MAINTAINER
格式为MAINTAINER < name >, 指定维护者信息。- RUN
格式为RUN < command > 或RUN [ “executable”, “param1”, “param2”]。
前者将在shell终端中运行命令,即/bin/sh -C ;后者则使用exec执行。指定使用其他终端可以通过第二种方式实现,例如RUN[“/bin/bash”,”-C”,”echohello”]。每条 RUN指令将在当前镜像基础上执行指定命令,并提交为新的镜像。当命令较长时可以使用\来换行。- CMD
支持三种格式:
CMD [“executable”, “param1”, “param2”]使用exec执行,推荐方式。
CMD command param1 param2 在/bin/sh中执行,提供给需要交互的应用。
CMD [“param1”, “param2”]提供给ENTRYPOINT的默认参数。
指定启动容器时执行的命令,每个Dockerfile只能有一-条CMD命令。如果指定了多条
命令,只有最后一条会被执行。
如果用户启动容器时候指定了运行的命令,则会覆盖掉CMD指定的命令。- EXPOSE
格式为EXPOSE < port > [< port >…]。
例如:EXPOSE 22 80 8443
告诉Docker服务端容器暴露的端口号,供互联系统使用。在启动容器时需要通过-P,Docker主机会自动分配一个端口转发到指定的端口;使用-P,则可以具体指定哪个本地端口映射过来。- COPY
格式为COPY < src > < dest >。
复制本地主机的< src > (为Dockerfile所在目录的相对路径,文件或目录)为容器中的< dest >。目标路径不存在时,会自动创建。
当使用本地目录为源目录时,推荐使用COPY。- ENTRYPOINT
有两种格式:
ENTRYPOINT [ “executable”, “param1”, “param2”]
ENTRYPOINT command param1 param2 ( shell中执行)。
配置容器启动后执行的命令,并且不可被docker run 提供的参数覆盖。
每个Dockerfile中只能有一个ENTRYPOINT,当指定多个ENTRYPOINT时,只有最后一个生效。- VOLUME
格式为VOLUME [“/data”]。
创建-一个可以从本地主机或其他容器挂载的挂载点,一般用来存放数据库和需要保持的数据等。
可以对原始的镜像文件对服务进行封装
(1)封装一个带有httpd服务的rhel7镜像
mkdir /tmp/docker/
vim /tmp/docker/Dockerfile
FROM rhel7 # 原始镜像是rhel7并且将它放在本地
ENV HOSTNAME server1 # hostname为server1
EXPOSE 80 # 端口为80
COPY dvd.repo /etc/yum.repos.d/dvd.repo # 将该目录下的dvd.repo复制到客户端
RUN rpmdb --rebuilddb && yum install -y httpd && yum clean all
# 清除yum缓存,安装httpd,修复rpmdb
VOLUME ["/var/www/html"]
CMD ["/usr/sbin/httpd","-D","FOREGROUND"]
# 打开httpd服务-D 是全局文件/etc/sysconfig/httpd中的打开参数
开始封装
[root@foundation1 docker]# ls
Dockerfile dvd.repo rhel7.tar web
[root@foundation1 docker]# docker build -t rhel7:v1 .
Sending build context to Docker daemon 147.1 MB
Step 1/7 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/7 : ENV HOSTNAME server1
---> Running in a447994d5356
---> b0f6ecd074c6
Removing intermediate container a447994d5356
Step 3/7 : EXPOSE 80
---> Running in bec43549aea6
---> 6b4fe48b25d2
Removing intermediate container bec43549aea6
Step 4/7 : COPY dvd.repo /etc/yum.repos.d/dvd.repo
---> 5109d752a8fa
Removing intermediate container 5b29afd936ed
Step 5/7 : RUN rpmdb --rebuilddb && yum install -y httpd && yum clean all
---> Running in c9008423f7d7
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-45.el7 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-45.el7 for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: libsystemd-daemon.so.0(LIBSYSTEMD_DAEMON_31)(64bit) for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-45.el7.x86_64
--> Processing Dependency: libsystemd-daemon.so.0()(64bit) for package: httpd-2.4.6-45.el7.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-45.el7 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
---> Package redhat-logos.noarch 0:70.0.3-6.el7 will be installed
---> Package systemd-libs.x86_64 0:219-30.el7 will be installed
--> Processing Dependency: libdw.so.1()(64bit) for package: systemd-libs-219-30.el7.x86_64
--> Running transaction check
---> Package elfutils-libs.x86_64 0:0.166-2.el7 will be installed
--> Processing Dependency: elfutils-libelf(x86-64) = 0.166-2.el7 for package: elfutils-libs-0.166-2.el7.x86_64
--> Processing Dependency: libelf.so.1(ELFUTILS_1.7)(64bit) for package: elfutils-libs-0.166-2.el7.x86_64
--> Running transaction check
---> Package elfutils-libelf.x86_64 0:0.158-3.el7 will be updated
---> Package elfutils-libelf.x86_64 0:0.166-2.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
httpd x86_64 2.4.6-45.el7 rhel-dvd 1.2 M
Installing for dependencies:
apr x86_64 1.4.8-3.el7 rhel-dvd 103 k
apr-util x86_64 1.5.2-6.el7 rhel-dvd 92 k
elfutils-libs x86_64 0.166-2.el7 rhel-dvd 262 k
httpd-tools x86_64 2.4.6-45.el7 rhel-dvd 84 k
mailcap noarch 2.1.41-2.el7 rhel-dvd 31 k
redhat-logos noarch 70.0.3-6.el7 rhel-dvd 13 M
systemd-libs x86_64 219-30.el7 rhel-dvd 367 k
Updating for dependencies:
elfutils-libelf x86_64 0.166-2.el7 rhel-dvd 208 k
Transaction Summary
================================================================================
Install 1 Package (+7 Dependent packages)
Upgrade ( 1 Dependent package)
Total download size: 15 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
--------------------------------------------------------------------------------
Total 58 MB/s | 15 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : apr-1.4.8-3.el7.x86_64 1/10
Installing : apr-util-1.5.2-6.el7.x86_64 2/10
Installing : httpd-tools-2.4.6-45.el7.x86_64 3/10
Updating : elfutils-libelf-0.166-2.el7.x86_64 4/10
Installing : elfutils-libs-0.166-2.el7.x86_64 5/10
Installing : systemd-libs-219-30.el7.x86_64 6/10
Installing : redhat-logos-70.0.3-6.el7.noarch 7/10
Installing : mailcap-2.1.41-2.el7.noarch 8/10
Installing : httpd-2.4.6-45.el7.x86_64 9/10
Cleanup : elfutils-libelf-0.158-3.el7.x86_64 10/10
/sbin/ldconfig: Cannot lstat /lib64/libelf-0.158.so: No such file or directory
Verifying : systemd-libs-219-30.el7.x86_64 1/10
Verifying : elfutils-libs-0.166-2.el7.x86_64 2/10
Verifying : apr-1.4.8-3.el7.x86_64 3/10
Verifying : mailcap-2.1.41-2.el7.noarch 4/10
Verifying : redhat-logos-70.0.3-6.el7.noarch 5/10
Verifying : apr-util-1.5.2-6.el7.x86_64 6/10
Verifying : httpd-tools-2.4.6-45.el7.x86_64 7/10
Verifying : httpd-2.4.6-45.el7.x86_64 8/10
Verifying : elfutils-libelf-0.166-2.el7.x86_64 9/10
Verifying : elfutils-libelf-0.158-3.el7.x86_64 10/10
Installed:
httpd.x86_64 0:2.4.6-45.el7
Dependency Installed:
apr.x86_64 0:1.4.8-3.el7 apr-util.x86_64 0:1.5.2-6.el7
elfutils-libs.x86_64 0:0.166-2.el7 httpd-tools.x86_64 0:2.4.6-45.el7
mailcap.noarch 0:2.1.41-2.el7 redhat-logos.noarch 0:70.0.3-6.el7
systemd-libs.x86_64 0:219-30.el7
Dependency Updated:
elfutils-libelf.x86_64 0:0.166-2.el7
Complete!
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Cleaning repos: rhel-dvd
Cleaning up everything
---> ab6477746b96
Removing intermediate container c9008423f7d7
Step 6/7 : VOLUME /var/www/html
---> Running in 790605695e3c
---> 4c6a12f89a05
Removing intermediate container 790605695e3c
Step 7/7 : CMD /usr/sbin/httpd -D FOREGROUND
---> Running in 477718ea5b87
---> ab4f6e5a1f81
Removing intermediate container 477718ea5b87
Successfully built ab4f6e5a1f81
#封装的时候是逐层封装,不建议写太多的层数
[root@foundation1 docker]# docker images #可以看到封装好的v1
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v1 ab4f6e5a1f81 3 minutes ago 169 MB
nginx latest c82521676580 3 weeks ago 109 MB
rhel7 latest 0a3eb3fde7fd 4 years ago 140 MB
(2).封装一个带有ssh服务的镜像
编辑Dockerfile文件
vim Dockerfile
FROM rhel7
ENV HOSTNAME server2
MAINTAINER redhat@localhost
EXPOSE 22
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpmdb --rebuilddb && yum install -y openssh-server && yum install -y openssh-clients yum clean all && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:redhat | chpasswd
[root@foundation1 file]# ls
Dockerfile dvd.repo rhel7.tar
[root@foundation1 file]# docker build -t rhel7:v2 .
Sending build context to Docker daemon 147.1 MB
Step 1/6 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/6 : ENV HOSTNAME server2
---> Running in bb56cfcda8c6
---> de1fc83e0a39
Removing intermediate container bb56cfcda8c6
Step 3/6 : MAINTAINER redhat@localhost
---> Running in f68044000dea
---> 15371a152442
Removing intermediate container f68044000dea
Step 4/6 : EXPOSE 22
---> Running in 7cb8ecee13ad
---> 1c3df82e0b0d
Removing intermediate container 7cb8ecee13ad
Step 5/6 : COPY dvd.repo /etc/yum.repos.d/dvd.repo
---> 0eaff1f4fe28
Removing intermediate container e67fe0303470
Step 6/6 : RUN rpmdb --rebuilddb && yum install -y openssh-server && yum install -y openssh-clients yum clean all && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:redhat | chpasswd
---> Running in 028293b1bac0
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
Resolving Dependencies
--> Running transaction check
---> Package openssh-server.x86_64 0:6.6.1p1-31.el7 will be installed
--> Processing Dependency: openssh = 6.6.1p1-31.el7 for package: openssh-server-6.6.1p1-31.el7.x86_64
--> Processing Dependency: fipscheck-lib(x86-64) >= 1.3.0 for package: openssh-server-6.6.1p1-31.el7.x86_64
--> Processing Dependency: libfipscheck.so.1()(64bit) for package: openssh-server-6.6.1p1-31.el7.x86_64
--> Processing Dependency: libwrap.so.0()(64bit) for package: openssh-server-6.6.1p1-31.el7.x86_64
--> Running transaction check
---> Package fipscheck-lib.x86_64 0:1.4.1-5.el7 will be installed
--> Processing Dependency: /usr/bin/fipscheck for package: fipscheck-lib-1.4.1-5.el7.x86_64
---> Package openssh.x86_64 0:6.6.1p1-31.el7 will be installed
---> Package tcp_wrappers-libs.x86_64 0:7.6-77.el7 will be installed
--> Running transaction check
---> Package fipscheck.x86_64 0:1.4.1-5.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 6.6.1p1-31.el7 rhel-dvd 440 k
Installing for dependencies:
fipscheck x86_64 1.4.1-5.el7 rhel-dvd 21 k
fipscheck-lib x86_64 1.4.1-5.el7 rhel-dvd 11 k
openssh x86_64 6.6.1p1-31.el7 rhel-dvd 437 k
tcp_wrappers-libs x86_64 7.6-77.el7 rhel-dvd 66 k
Transaction Summary
================================================================================
Install 1 Package (+4 Dependent packages)
Total download size: 975 k
Installed size: 2.5 M
Downloading packages:
--------------------------------------------------------------------------------
Total 10 MB/s | 975 kB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : fipscheck-lib-1.4.1-5.el7.x86_64 1/5
Installing : fipscheck-1.4.1-5.el7.x86_64 2/5
Installing : openssh-6.6.1p1-31.el7.x86_64 3/5
Installing : tcp_wrappers-libs-7.6-77.el7.x86_64 4/5
Installing : openssh-server-6.6.1p1-31.el7.x86_64 5/5
Verifying : openssh-server-6.6.1p1-31.el7.x86_64 1/5
Verifying : openssh-6.6.1p1-31.el7.x86_64 2/5
Verifying : tcp_wrappers-libs-7.6-77.el7.x86_64 3/5
Verifying : fipscheck-1.4.1-5.el7.x86_64 4/5
Verifying : fipscheck-lib-1.4.1-5.el7.x86_64 5/5
Installed:
openssh-server.x86_64 0:6.6.1p1-31.el7
Dependency Installed:
fipscheck.x86_64 0:1.4.1-5.el7 fipscheck-lib.x86_64 0:1.4.1-5.el7
openssh.x86_64 0:6.6.1p1-31.el7 tcp_wrappers-libs.x86_64 0:7.6-77.el7
Complete!
Skipping unreadable repository '///etc/yum.repos.d/rhel7.repo'
No package clean available.
No package all available.
Resolving Dependencies
--> Running transaction check
---> Package openssh-clients.x86_64 0:6.6.1p1-31.el7 will be installed
--> Processing Dependency: libedit.so.0()(64bit) for package: openssh-clients-6.6.1p1-31.el7.x86_64
---> Package yum.noarch 0:3.4.3-118.el7 will be updated
---> Package yum.noarch 0:3.4.3-150.el7 will be an update
--> Processing Dependency: python-urlgrabber >= 3.10-8 for package: yum-3.4.3-150.el7.noarch
--> Running transaction check
---> Package libedit.x86_64 0:3.0-12.20121213cvs.el7 will be installed
---> Package python-urlgrabber.noarch 0:3.10-4.el7 will be updated
---> Package python-urlgrabber.noarch 0:3.10-8.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-clients x86_64 6.6.1p1-31.el7 rhel-dvd 642 k
Updating:
yum noarch 3.4.3-150.el7 rhel-dvd 1.2 M
Installing for dependencies:
libedit x86_64 3.0-12.20121213cvs.el7 rhel-dvd 92 k
Updating for dependencies:
python-urlgrabber noarch 3.10-8.el7 rhel-dvd 108 k
Transaction Summary
================================================================================
Install 1 Package (+1 Dependent package)
Upgrade 1 Package (+1 Dependent package)
Total download size: 2.0 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
--------------------------------------------------------------------------------
Total 21 MB/s | 2.0 MB 00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : python-urlgrabber-3.10-8.el7.noarch 1/6
Installing : libedit-3.0-12.20121213cvs.el7.x86_64 2/6
Installing : openssh-clients-6.6.1p1-31.el7.x86_64 3/6
Updating : yum-3.4.3-150.el7.noarch 4/6
Cleanup : yum-3.4.3-118.el7.noarch 5/6
Cleanup : python-urlgrabber-3.10-4.el7.noarch 6/6
Verifying : libedit-3.0-12.20121213cvs.el7.x86_64 1/6
Verifying : yum-3.4.3-150.el7.noarch 2/6
Verifying : python-urlgrabber-3.10-8.el7.noarch 3/6
Verifying : openssh-clients-6.6.1p1-31.el7.x86_64 4/6
Verifying : python-urlgrabber-3.10-4.el7.noarch 5/6
Verifying : yum-3.4.3-118.el7.noarch 6/6
Installed:
openssh-clients.x86_64 0:6.6.1p1-31.el7
Dependency Installed:
libedit.x86_64 0:3.0-12.20121213cvs.el7
Updated:
yum.noarch 0:3.4.3-150.el7
Dependency Updated:
python-urlgrabber.noarch 0:3.10-8.el7
Complete!
---> d350c218d84a
Removing intermediate container 028293b1bac0
Successfully built d350c218d84a
编译成功以后运行
docker run -it --name vm3 rhel7:v2 bash
bash-4.2# ssh [email protected]
The authenticity of host '172.25.254.1 (172.25.254.1)' can't be established.
ECDSA key fingerprint is 32:f0:d4:85:da:39:64:2b:02:15:97:ca:e4:ab:82:28.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.254.1' (ECDSA) to the list of known hosts.
[email protected]'s password:
Last failed login: Mon Aug 20 17:41:14 CST 2018 on tty2
There was 1 failed login attempt since the last successful login.
Last login: Mon Aug 20 17:20:13 2018
(3)将ssh和httpd集成在一个容器中
[root@foundation12 docker]# vim Dockerfile
FROM rhel7
EXPOSE 80 22 #监控80和22端口
COPY dvd.repo /etc/yum.repos.d/dvd.repo
RUN rpm --rebuilddb && yum install -y httpd openssh-server openssh-clients supervisor && yum clean all && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:westos |chpasswd
#需要安装supervisor让它去启动两个服务
COPY supervisord.conf /etc/supervisord.conf #配置文件
CMD ["/usr/bin/supervisord"] #启动
supervisor
编写yum源
[root@foundation12 docker]# vim dvd.repo
[dve]
name=rhel7.3
baseurl=http://172.25.12.250/rhel7.3
gpgcheck=0
[docker]
name=docker
baseurl=http://172.25.254.250/pub/docker #需要一些依赖性和supervisor
gpgcheck=0
编写supervisord的配置文件
[supervisord]
nodaemon=true
[program:sshd]
command=/usr/sbin/sshd -D
[program:httpd]
command=/usr/sbin/httpd
#配置文件中将两个服务启动
#构建镜像
[root@foundation12 docker]# docker build -t rhel7:v3 .
Sending build context to Docker daemon 8.192 kB
Step 1/6 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/6 : EXPOSE 80 22
---> Using cache
---> 400e2db0d34e
Step 3/6 : COPY dvd.repo /etc/yum.repos.d/dvd.repo
---> Using cache
---> 518df83bd38e
Step 4/6 : RUN rpm --rebuilddb && yum install -y httpd openssh-server openssh-clients supervisor && yum clean all && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" && ssh-keygen -q -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N "" && ssh-keygen -q -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && echo root:westos |chpasswd
---> Using cache
---> d7d2c6fc0908
Step 5/6 : COPY supervisord.conf /etc/supervisord.conf
---> c3134c069afc
Removing intermediate container 7c17db7e0b45
Step 6/6 : CMD /usr/bin/supervisord
---> Running in 3b57c1a9e7b3
---> d3e38ab3c664
Removing intermediate container 3b57c1a9e7b3
Successfully built d3e38ab3c664
#运行,并将/tmp/docker/web挂载到容器的/var/www/html下
docker run -d --name vm1 -v /tmp/docker/web:/var/www/html rhel7:v3
8065abddb20ee76ed65570c4d5ce160df4235830346f774f373f98aaa553bf1b
[root@foundation12 docker]# docker inspect vm1
关于 CMD 和ENTRYPOINT
CMD
[root@foundation12 test]# vim Dockerfile
FROM rhel7
CMD echo "hello world"
[root@foundation12 test]# docker build -t rhel7:v4 .
Sending build context to Docker daemon 2.048 kB
Step 1/2 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/2 : CMD echo "hello world"
---> Running in 133e49e7c542
---> 4e6baddcc78e
Removing intermediate container 133e49e7c542
Successfully built 4e6baddcc78e
[root@foundation12 test]# docker run --rm rhel7:v4
hello world
[root@foundation12 test]# docker run --rm rhel7:v4 echo westos 后面跟命令可以覆盖CMD
westos
ENTRYPOINT
[root@foundation12 test]# vim Dockerfile
FROM rhel7
ENTRYPOINT echo "hello world"
[root@foundation12 test]# docker build -t rhel7:v4 .
Sending build context to Docker daemon 2.048 kB
Step 1/2 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/2 : ENTRYPOINT echo "hello world"
---> Running in aa74c1918e63
---> 9b230c36de85
Removing intermediate container aa74c1918e63
Successfully built 9b230c36de85
[root@foundation12 test]# docker run --rm rhel7:v4
hello world
[root@foundation12 test]# docker run --rm rhel7:v4 echo westos 不可覆盖
hello world
CMD 和ENTRYPOINT一块使用
[root@foundation12 test]# vim Dockerfile
FROM rhel7
ENTRYPOINT ["/bin/echo","hello"]
CMD ["world"]
[root@foundation12 test]# docker build -t rhel7:v4 .
Sending build context to Docker daemon 2.048 kB
Step 1/3 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/3 : ENTRYPOINT /bin/echo hello
---> Running in efe5110d57bb
---> be62be31f6f8
Removing intermediate container efe5110d57bb
Step 3/3 : CMD world
---> Running in baf6915f6234
---> 78bea72527fa
Removing intermediate container baf6915f6234
Successfully built 78bea72527fa
[root@foundation12 test]# docker run --rm rhel7:v4
hello world
[root@foundation12 test]# docker run --rm rhel7:v4 westos
hello westos
传递变量
[root@foundation12 test]# vim Dockerfile
FROM rhel7
ENV name westos
ENTRYPOINT ["/bin/sh","-c","echo $name"]
[root@foundation12 test]# docker build -t rhel7:v4 .
Sending build context to Docker daemon 2.048 kB
Step 1/3 : FROM rhel7
---> 0a3eb3fde7fd
Step 2/3 : ENV name westos
---> Running in 6d242a4ac985
---> 27d507c30508
Removing intermediate container 6d242a4ac985
Step 3/3 : ENTRYPOINT /bin/sh -c echo $name
---> Running in 5b4a9eabf229
---> 3560eb5cb068
Removing intermediate container 5b4a9eabf229
Successfully built 3560eb5cb068
[root@foundation12 test]# docker run --rm rhel7:v4 westos
westos
关于容器的控制
[root@foundation12 mnt]# docker run -it --name vm1 --privileged=true ubuntu
#--privileged=true表示给它所有的权限,真正的root用户
root@ae37882f908f:/# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
60: eth0@if61: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
root@ae37882f908f:/# ip link set down eth0
root@ae37882f908f:/# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
60: eth0@if61: <BROADCAST,MULTICAST> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 scope global eth0
valid_lft forever preferred_lft forever