学习笔记-搭建Docker

it2026-03-16 2

一、什么是容器？

容器技术已经成为应用程序封装和交付的核心技术

容器技术的核心有以下几个内核技术组成：

Cgroups(Control Groups) #资源管理NameSpace #进程隔离SElinux安全

由于是在物理机上实施隔离，启动一个容器，可以像启动一个进程一样快速

虚拟化必须要有操作系统

容器没操作系统

六大命名空间：主机名空间、文件系统、用户、网络、进程、信号向量

什么是docker?

实现容器的一种软件,docker是完整的一套轻量级容器管理系统,docker提供了一组命令,让用户更加方便直接地使用容器技术,而不需要过多关心底层内核技术

docker优点

相比于传统的虚拟化技术,容器更加简洁高效传统虚拟机需要给每个VM安装操作系统容器使用的共享公共库和程序

docker缺点

容器的隔离性没有虚拟化强公用Linux内核,安全性有先天缺陷SElinux难以驾驭监控容器和容器排错是挑战

环境准备

1、禁用 selinux [SELINUX=disabled]

[root@registry ~]# vim /etc/sysconfig/selinux SELINUX=disabled [root@registry ~]# getenforce Disabled

2、卸载防火墙 [yum -y remove firewalld-*]

[root@registry ~]# yum -y remove firewalld-*

3、docker软件安装包提取码：nprh

[root@registry ~]# cp -a docker /var/ftp/localrepo/ [root@registry ~]# cd /var/ftp/localrepo/ [root@registry localrepo]# createrepo --update .

4、准备云主机

主机ip地址最低配置registry172.31.78.1702CPU,2G内存node001172.31.78.1712CPU,2G内存node002172.31.78.1722CPU,2G内存node003172.31.78.1692CPU,2G内存

5、准备yum源（以下步骤所有node节点进行操作，此处以node001为例）

使node节点的yum源由registry提供 [root@node001 ~]# vim /etc/yum.repos.d/repo.repo [local_repo] name=localrepo baseurl=ftp://172.31.78.167/localrepo enabled=1 gpgcheck=0

在node节点验证软件包

[root@node001 ~]# yum makecache [root@node001 ~]# yum list docker-ce* Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Installed Packages docker-ce.x86_64 18.06.3.ce-3.el7 @local_repo [root@node001 ~]# yum -y install docker-ce*

开启路由转发

[root@node001 ~]# echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf [root@node001 ~]# sysctl -p net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 vm.swappiness = 0 net.ipv4.neigh.default.gc_stale_time = 120 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.default.arp_announce = 2 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_announce = 2 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.tcp_synack_retries = 2 kernel.sysrq = 1 net.ipv4.ip_forward = 1

起服务

[root@node002 ~]# systemctl enable --now docker # 激活同时启动docker服务 Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. [root@node002 ~]# ifconfig # 验证，能看见 docker0 docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:41:d1:0c:99 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.31.78.172 netmask 255.255.240.0 broadcast 172.31.79.255 ether 00:16:3e:12:b3:30 txqueuelen 1000 (Ethernet) RX packets 75855 bytes 109029284 (103.9 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 8987 bytes 1357333 (1.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@node002 ~]# docker version # 查看docker版本，没有报错 Client: Version: 18.06.3-ce API version: 1.38 Go version: go1.10.3 Git commit: d7080c1 Built: Wed Feb 20 02:26:51 2019 OS/Arch: linux/amd64 Experimental: false Server: Engine: Version: 18.06.3-ce API version: 1.38 (minimum version 1.12) Go version: go1.10.3 Git commit: d7080c1 Built: Wed Feb 20 02:28:17 2019 OS/Arch: linux/amd64 Experimental: false

开启FORWARD默认规则

[root@node001 ~]# vim /lib/systemd/system/docker.service # 在 ExecStart 下面添加 ExecStartPost=/sbin/iptables -P FORWARD ACCEPT [root@node001 ~]# systemctl daemon-reload [root@node001 ~]# systemctl restart docker [root@node001 ~]# iptables -nL FORWARD Chain FORWARD (policy ACCEPT) target prot opt source destination docker-USER all -- 0.0.0.0/0 0.0.0.0/0 docker-ISOLATION-STAGE-1 all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED docker all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

镜像管理&容器管理

docker镜像管理命令

镜像管理命令说明docker images查看本机镜像docker search 镜像名称从官方仓库查找镜像docker pull 镜像名称:标签下载镜像docker push 镜像名称:标签上传镜像docker save 镜像名称:标签 -o 备份镜像名称.tar备份镜像为tar包docker load -i 备份镜像名称导入备份的镜像文件docker rmi 镜像名称:标签删除镜像（必须先删除该镜像启动的所有容器）docker history 镜像名称:标签查看镜像的制作历史docker inspect 镜像名称:标签查看镜像的详细信息docker tag 镜像名称:标签新的镜像名称:新的标签创建新的镜像名称和标签docker tar相当于ln链接,不占用系统空间

导入 centos nginx redis ubuntu 四个镜像到 node 节点(使用 lftp 或 scp 均可)

[root@registry localrepo]# ls docker docker-images k8s repodata [root@node001 ~]# yum -y install lftp [root@node001 ~]# lftp 172.31.78.167 lftp 172.31.78.167:~> ls drwxr-xr-x 6 0 0 4096 Oct 19 05:52 localrepo drwxr-xr-x 2 0 0 4096 Apr 01 2020 pub lftp 172.31.78.167:/> cd localrepo/ lftp 172.31.78.167:/localrepo> ls drwxr-xr-x 2 0 0 4096 Oct 14 07:37 docker drwxr-xr-x 2 0 0 4096 Oct 19 05:53 docker-images drwxr-xr-x 4 0 0 4096 Oct 19 02:55 k8s drwxr-xr-x 2 0 0 4096 Oct 19 02:56 repodata lftp 172.31.78.167:/localrepo> mirror docker-images/ . Total: 1 directory, 6 files, 0 symlinks New: 6 files, 0 symlinks 180970096 bytes transferred To be removed: 6 directories, 8 files, 0 symlinks [root@node001 ~]# ls centos.tar.gz info.html info.php nginx.tar.gz redis.tar.gz ubuntu.tar.gz [root@node001 ~]# docker load -i centos.tar.gz [root@node001 ~]# docker load -i redis.tar.gz [root@node001 ~]# docker load -i ubuntu.tar.gz [root@node001 ~]# docker load -i nginx.tar.gz # 查看镜像 [root@node001 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE redis latest 82629e941a38 21 months ago 95MB nginx latest 42b4762643dc 21 months ago 109MB ubuntu latest 20bb25d32758 21 months ago 87.5MB centos latest 76d6bc25b8a5 2 years ago 200MB # 备份镜像 centos 到 tar 包 [root@node001 ~]# docker save centos:latest -o centos.tar # 删除镜像，不能删除已经创建容器的镜像 [root@node001 ~]# docker rmi ubuntu:latest # 查看镜像的详细信息 [root@node001 ~]# docker inspect centos:latest [ { "Id": "sha256:76d6bc25b8a5685072a1a99d9ac7c2e52dc3070081c872034a1889ca2d4bcf8c", "RepoTags": [ "centos:latest" ], "RepoDigests": [], "Parent": "", "Comment": "", "Created": "2018-10-09T18:20:34.032588496Z", "Container": "88a04a5d6cdb307c049d5a4053fbb504c0f956a2430a5f58bced4aea06c59c2e", "ContainerConfig": { "Hostname": "88a04a5d6cdb", "Domainname": "", ...... # 查看镜像的历史信息 [root@node001 ~]# docker history nginx:latest IMAGE CREATED CREATED BY SIZE COMMENT 42b4762643dc 21 months ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B <missing> 21 months ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B <missing> 21 months ago /bin/sh -c #(nop) EXPOSE 80 0B <missing> 21 months ago /bin/sh -c ln -sf /dev/stdout /var/log/nginx… 22B <missing> 21 months ago /bin/sh -c set -x && apt-get update && apt… 53.9MB <missing> 21 months ago /bin/sh -c #(nop) ENV NJS_VERSION=1.15.8.0.… 0B <missing> 21 months ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.15.8-… 0B <missing> 21 months ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B <missing> 21 months ago /bin/sh -c #(nop) CMD ["bash"] 0B <missing> 21 months ago /bin/sh -c #(nop) ADD file:a65337a57a064a79a… 55.3MB # 给镜像添加新的名词和标签 [root@node001 ~]# docker tag ubuntu:latest newubun:newlatest # ----------------------以下操作必须在一台可以访问互联网的机器上执行--------------------------- # 搜索镜像 [root@node001 ~]# docker search busybox NAME DESCRIPTION STARS OFFICIAL AUTOMATED busybox Busybox base image. 2014 [OK] progrium/busybox 70 [OK] radial/busyboxplus Full-chain, Internet enabled, busybox made f… 33 [OK] yauritux/busybox-curl Busybox with CURL 10 arm32v7/busybox Busybox base image. 8 armhf/busybox Busybox base image. 6 arm64v8/busybox Busybox base image. 4 odise/busybox-curl 4 [OK] s390x/busybox Busybox base image. 2 prom/busybox Prometheus Busybox docker base images 2 [OK] arm32v6/busybox Busybox base image. 2 joeshaw/busybox-nonroot Busybox container with non-root user nobody 2 aarch64/busybox Busybox base image. 2 i386/busybox Busybox base image. 2 p7ppc64/busybox Busybox base image for ppc64. 2 vukomir/busybox busybox and curl 1 spotify/busybox Spotify fork of https://hub.docker.com/_/bus… 1 ppc64le/busybox Busybox base image. 1 sou856099/busybox 0 amd64/busybox Busybox base image. 0 concourse/busyboxplus 0 arm32v5/busybox Busybox base image. 0 emccorp/busybox Busybox 0 e2eteam/busybox 0 ggtools/busybox-ubuntu Busybox ubuntu version with extra goodies 0 [OK] # 下载镜像 [root@node001 ~]# docker pull busybox docker.io/library/busybox:latest [root@node001 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE busybox latest f0b02e9d092d 5 days ago 1.23MB

docker容器管理命令

容器管理命令说明docker run -it(d) 镜像名称:标签启动命令创建启动并进入一个容器，后台容器使用参数 ddocker ps查看容器 -a 所有容器，包含未启动的，-q 只显示iddocker rm 容器ID-f 强制删除，支持命令重入docker start|stop|restart 容器id启动、停止、重启容器docker cp 本机文件路径容器id:容器内路径把本机文件拷贝到容器内（上传）docker cp 容器id:容器内路径本机文件路径把容器内文件拷贝到本机（下载）docker inspect 容器ID查看容器的详细信息docker attach 容器id进入容器的默认进程，退出后容器会关闭docker attach 容器id [ctrl+p, ctrl+q]进入容器以后，退出容器而不关闭容器的方法docker exec -it 容器id 启动命令进入容器新的进程，退出后容器不会关闭

docker run 启动一个新的容器

-i 交互式，-t 终端， -d 在后台启动

/bin/bash是容器内的命令，每一个容器都有一个默认的启动命令，可以用docker inspect的cmd字段查看容器本身默认的启动命令busybox，ubuntu，centos是交互式容器，Nginx，redis是服务器式容器，默认的启动命令是容器

默认启动服务

docker.io/redis 服务型容器docker.io/nginx 服务型容器想进入交互式后加"/bin/bash"

使用attach进入容器后,不能使用exit或者Ctrl+c退出终端,不然这个正在运行的终端就挂了,因为它的进程数pid只有1个必须使用Ctrl+pq 退出终端!!! 系统中有一个上帝 pid==1 （上帝仅仅用来排错，维护用exec命令）系统诞生出现上帝，如果上帝死亡，那么系统就挂掉了

# 在后台启动容器 [root@node001 ~]# docker run -itd nginx:latest bde8103e05c233a75b4e1df4d7fe4e8dd63a56e3f79eee243b1616400b6fcc49 # 在前台启动容器 [root@node001 ~]# docker run -it --name myos centos:latest /bin/bash [root@d48af17879e6 /]# ctrl+p, ctrl+q # 使用快捷键退出，保证容器不关闭 # 查看容器 [root@node001 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d48af17879e6 centos:latest "/bin/bash" About a minute ago Up About a minute myos bde8103e05c2 nginx:latest "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 80/tcp elastic_turing # 只查看id [root@node001 ~]# docker ps -q d48af17879e6 bde8103e05c2 # 查看所有容器，包含未启动的 [root@node001 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d48af17879e6 centos:latest "/bin/bash" 3 minutes ago Up 3 minutes myos bde8103e05c2 nginx:latest "nginx -g 'daemon of…" 4 minutes ago Up 4 minutes 80/tcp elastic_turing # 进入容器的默认进程 [root@node001 ~]# docker attach d48af17879e6 # 退出容器 [root@d48af17879e6 /]# exit # 退出后容器会关闭 exit 每一次执行docker run都会启动一个新的容器例：在容器内删掉/ ，再次在终端进入容器依旧可以执行命令 [root@d48af17879e6 ~]# rm -rf /* [root@d48af17879e6 ~]# ls #没有任何的命令，无法执行任何操作 bash: /usr/bin/ls: No such file or directory [root@node001 ~]# docker run -it docker.io/centos:latest /bin/bash #再次执行进入容器的命令 [root@28750a992e3c /]# ls #命令可以正常操作，但容器名和前一次的名字不同，docker run命令每次启动都会开启新的容器 bin etc lib media opt root sbin sys usr dev home lib64 mnt proc run srv tmp var # 查看容器详细信息 [root@node001 ~]# docker inspect bde # 可以缩写容器ID [ { "Id": "bde8103e05c233a75b4e1df4d7fe4e8dd63a56e3f79eee243b1616400b6fcc49", "Created": "2020-10-19T06:24:04.026872706Z", "Path": "nginx", "Args": [ "-g", "daemon off;" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, ...... "IPAddress": "172.17.0.2", ...... [root@node001 ~]# curl http://172.17.0.2 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> # 进入容器，查看路径 [root@node001 ~]# docker exec -it b /bin/bash # 使用exec进入容器的所有操作exit后都不会变,除非这个运行的容器被stop了 root@bde8103e05c2:/# cat -n /etc/nginx/conf.d/default.conf 19 root /usr/share/nginx/html; # 从容器内拷贝首页文件到宿主机，修改后拷贝回容器内 [root@node001 ~]# docker cp b:/usr/share/nginx/html/index.html ./index.html [root@node001 ~]# vim index.html <h1> hi,this is xiaotiantian's test goooooood luck! [root@node001 ~]# docker cp ./index.html b:/usr/share/nginx/html/index.html [root@node001 ~]# curl http://172.17.0.2 <h1> hi,this is xiaotiantian's test goooooood luck! # 删除容器 [root@node001 ~]# docker rm -f b # 删除以b开头ID号的容器,docker rm命令也可以删除容器，但不能删除正在运行的容器，如果要删除，就先stop停止服务或加-f选项强制执行 b [root@node001 ~]# docker ps -a # 查看所有容器 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d48af17879e6 centos:latest "/bin/bash" 22 minutes ago Exited (0) 15 minutes ago myos # 删除所有容器 [root@node001 ~]# docker rm -f $(docker ps -aq) d48af17879e6

容器内服务安装

[root@node001 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@node001 ~]# docker run -it --name myapache centos:latest [root@7193163acab5 /]# rm -f /etc/yum.repos.d/*.repo #---------------------不要退出这个终端，在另一个终端拷贝 yum 配置文件到容器-------------------- [root@node001 ~]# docker cp /etc/yum.repos.d/CentOS-Base.repo myapache:/etc/yum.repos.d/ #------------------------回到创建容器的终端继续执行命令-------------------------------------- [root@7193163acab5 /]# yum -y install net-tools httpd Complete! [root@7193163acab5 /]# echo "hello xiaotian" > /var/www/html/index.html [root@7193163acab5 /]# export LANG=C [root@7193163acab5 /]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255 ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 1731 bytes 37378676 (35.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1328 bytes 75001 (73.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@7193163acab5 /]# systemctl start httpd #此时起服务会报错 Failed to get D-Bus connection: Operation not permitted [root@node001 ~]# pstree -p #系统的上帝进程为systemd，在终端内使用systemctl命令其实是上帝进程执行 systemd(1)─┬─NetworkManager(755)─┬─{NetworkManager}(775) │ └─{NetworkManager}(782) ├─VGAuthService(665) [root@7193163acab5 /]# pstree -p #容器内的上帝进程为bash也就是本身 bash(1)---pstree(47) [root@7193163acab5 /]# rpm -ql httpd | grep service # 查看记录httpd服务的启动程序的文件 /usr/lib/systemd/system/htcacheclean.service [root@7193163acab5 /]# cat /usr/lib/systemd/system/httpd.service # 查看启动程序 [Service] Type=notify EnvironmentFile=/etc/sysconfig/httpd ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND # 启动服务 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful ExecStop=/bin/kill -WINCH ${MAINPID} [root@7193163acab5 /]# /usr/sbin/httpd -DFOREGROUND # 启动后如果报出以下问题，可以修改配置文件，也可以不用管 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message [root@7193163acab5 /]# vi /etc/httpd/conf/httpd.conf ServerName localhost:80 [root@7193163acab5 /]# /usr/sbin/httpd -DFOREGROUND # 启动服务后ctrl-p， ctrl-q 退出 [root@node001 ~]# curl http://172.17.0.2 hello xiaotian

打包镜像

自定义镜像：

docker commit：

使用镜像启动容器，在该容器基础上做修改另存为一个新镜像

创建自定义镜像

[root@node001 ~]# docker run -it centos:latest [root@6b5708c6e410 /]# yum repolist [root@6b5708c6e410 /]# rm -f /etc/yum.repos.d/*.repo # 如果虚拟机本机可以访问外网，可以使用以下方法进行添加yum源 [root@6b5708c6e410 /]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.huaweicloud.com/repo/CentOS-Base-7.repo # 本机无法访问外网，所以使用docker cp的方法添加yum源 [root@node001 ~]# docker cp /etc/yum.repos.d/CentOS-Base.repo 6://etc/yum.repos.d # 在另一个终端执行docker cp [root@6b5708c6e410 /]# yum install -y net-tools vim-enhanced tree bash-completion iproute psmisc && yum clean all # 回到容器的终端，下载软件包 [root@6b5708c6e410 /]# exit # 退出容器 exit [root@node001 ~]# docker commit 6 myod:latest # 打包镜像 sha256:631f6b81c82e79a11623b369daae8dae99f0a9f67b90fd2e0e7c85792a8b8c54

dockerfile打包镜像

dockerfile语法

语法指令语法说明FROM基础镜像RUN制作镜像时执行的命令，可以有多个ADD复制文件到镜像，自动解压COPY复制文件到镜像，不解压EXPOSE声明开放的端口ENV设置容器启动后的环境变量WORKDIR定义容器默认工作目录（等于cd）CMD容器启动时执行的命令，仅可以有一条CMD

使用dockerfile创建镜像

docker build -t 镜像名称:标签 dockerfile所在目录

制作apache镜像

CMD 指令可以查看 service 文件的启动命令 ExecStart（/lib/systemd/system/httpd.service）,CMD命令只可以有一条，例在终端上输入ls -l -a ,在dockerfile中CMD["/bin/ls","-l","-a"]

ENV 环境变量查询服务文件中的环境变量配置文件 EnvironmentFile 指定的文件内容

RUN相当于远程执行命令，远程时无法执行cd命令，在dockerfile中WORKDIR相当于cd命令

[root@node001 ~]# mkdir web ; cd web [root@node001 web]# vim dockerfile FROM myod:latest # 基础镜像myod，标签为latest RUN yum -y install httpd php # 制作镜像的命令 ENV LANG=C # 启动的环境变量 ADD test.tar.gz /var/www/html # 复制文件到镜像内，注：复制本地文件不能是绝对路径，只能是相对路径 WORKDIR /var/www/html # 工作目录 EXPOSE 80 # 开放端口 CMD ["/usr/sbin/httpd","-DFOREGROUND"] # 执行的命令 [root@node001 web]# mkdir {1..10}.test [root@node001 web]# ls 10.test 1.test 2.test 3.test 4.test 5.test 6.test 7.test 8.test 9.test dockerfile [root@node001 web]# tar -zcvf test.tar.gz *.test 10.test/ 1.test/ 2.test/ 3.test/ 4.test/ 5.test/ 6.test/ 7.test/ 8.test/ 9.test/ [root@node001 web]# ls 10.test 1.test 2.test 3.test 4.test 5.test 6.test 7.test 8.test 9.test dockerfile test.tar.gz [root@node001 web]# docker build -t myos:httpd . # 封装镜像 Successfully tagged myos:httpd

查看与验证镜像

[root@node001 web]# docker images # 查看镜像 REPOSITORY TAG IMAGE ID CREATED SIZE myos httpd b7b8c5d39b38 49 seconds ago 596MB myod latest 631f6b81c82e 35 minutes ago 457MB redis latest 82629e941a38 21 months ago 95MB nginx latest 42b4762643dc 21 months ago 109MB newubun newlatest 20bb25d32758 21 months ago 87.5MB ubuntu latest 20bb25d32758 21 months ago 87.5MB centos latest 76d6bc25b8a5 2 years ago 200MB [root@node001 web]# docker rm -f $(docker ps -aq) # 删除容器 6b5708c6e410 7193163acab5 [root@node001 web]# docker run -itd myos:httpd # 后台启动容器 c837007e48c46531919bc90c0b648c3d2eb6b97784b1975cc2e243708dbd5bbd [root@node001 web]# docker inspect c | grep "IPAddress" "SecondaryIPAddresses": null, "IPAddress": "172.17.0.2", "IPAddress": "172.17.0.2", [root@node001 web]# curl -I 172.17.0.2 # 查看服务是否为Apache HTTP/1.1 403 Forbidden Date: Mon, 19 Oct 2020 08:40:27 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT ETag: "1321-5058a1e728280" Accept-Ranges: bytes Content-Length: 4897 Content-Type: text/html; charset=UTF-8

制作php镜像

[root@node001 ~]# yum -y install php-fpm [root@node001 ~]# mkdir php ; cd php [root@node001 php]# cp /etc/php-fpm.d/www.conf ./ [root@node001 php]# vim www.conf 12: listen = 0.0.0.0:9000 24: ;listen.allowed_clients = 127.0.0.1 [root@node001 php]# cp /root/info.php . # 在前面的云盘软件包内有该文件 [root@node001 php]# vim dockerfile FROM myod:latest RUN yum -y install php-fpm COPY www.conf /etc/php-fpm.d/www.conf EXPOSE 9000 WORKDIR /usr/local/nginx/html COPY info.php info.php CMD ["/usr/sbin/php-fpm","--nodemonize"] [root@node001 php]# docker build -t myos:php-fpm . Successfully tagged myos:php-fpm [root@node001 php]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE myos php-fpm 87d6d2559112 About a minute ago 587MB myos httpd b7b8c5d39b38 24 minutes ago 596MB myod latest 631f6b81c82e About an hour ago 457MB redis latest 82629e941a38 21 months ago 95MB nginx latest 42b4762643dc 21 months ago 109MB newubun newlatest 20bb25d32758 21 months ago 87.5MB ubuntu latest 20bb25d32758 21 months ago 87.5MB centos latest 76d6bc25b8a5 2 years ago 200MB

制作nginx镜像

[root@node001 ~]# mkdir nginx;cd nginx [root@node001 nginx]# yum -y install gcc make pcre-devel openssl-devel [root@node001 nginx]# useradd nginx [root@node001 nginx]# ls # 上传nginx包 nginx-1.18.0.tar.gz [root@node001 nginx]# tar -xf nginx-1.18.0.tar.gz [root@node001 nginx]# cd nginx-1.18.0/ [root@node001 nginx-1.18.0]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module [root@node001 nginx-1.18.0]# make && make install [root@node001 nginx-1.18.0]# cd /usr/local/ [root@node001 local]# cp /root/info.* ./nginx/html/ [root@node001 local]# tar -zcf nginx.tar.gz nginx # 打包nginx目录 [root@node001 nginx]# cp /usr/local/nginx.tar.gz . [root@node001 nginx]# vim dockerfile FROM myod:latest RUN yum -y install pcre openssl && useradd nginx ADD nginx.tar.gz /usr/local EXPOSE 80 WORKDIR /usr/local/nginx/html CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off"] # 执行启动命令，以["","",""]形式相当于exec进入容器 [root@node001 nginx]# docker build -t myos:nginx . Successfully tagged myos:nginx [root@node001 nginx]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE myos nginx af9a004da132 About a minute ago 556MB myos php-fpm 87d6d2559112 About an hour ago 587MB myos httpd b7b8c5d39b38 2 hours ago 596MB myod latest 631f6b81c82e 2 hours ago 457MB redis latest 82629e941a38 21 months ago 95MB nginx latest 42b4762643dc 21 months ago 109MB newubun newlatest 20bb25d32758 21 months ago 87.5MB ubuntu latest 20bb25d32758 21 months ago 87.5MB centos latest 76d6bc25b8a5 2 years ago 200MB

对外发布

如果是云主机可以将公网ip绑定在该主机上

docker run -itd -p 宿主机端口:容器端口镜像名称:标签

# Apache服务 [root@node001 web]# docker run -itd -p 80:80 myos:httpd 80462e6ccdc285c5621f73d861f2b3e11297f47482c9fb0ec507e651a58cd64b [root@node001 web]# vim /var/www/html/index.html <h1> hi,xiaotian happy!!! [root@node001 web]# docker cp /var/www/html/index.html 8://var/www/html/index.html # 在命令行访问 [root@node001 web]# docker inspect 8 | grep "IPAddress" "SecondaryIPAddresses": null, "IPAddress": "172.17.0.2", "IPAddress": "172.17.0.2", [root@node001 web]# curl -I 172.17.0.2 HTTP/1.1 200 OK Date: Tue, 20 Oct 2020 02:23:44 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 Last-Modified: Tue, 20 Oct 2020 02:08:33 GMT ETag: "1a-5b210b5362a40" Accept-Ranges: bytes Content-Length: 26 Content-Type: text/html; charset=UTF-8 [root@node001 web]# curl 172.17.0.2 <h1> hi,xiaotian happy!!! # 在浏览器访问

# nginx服务，要先停止http服务哦 [root@node001 ~]# docker stop $(docker ps -aq) 80462e6ccdc2 ###################################################################################################### # 报错了哦！！！如果报错如下： [root@node001 ~]# docker run -it myos:nginx nginx: [emerg] unexpected end of parameter, expecting ";" in command line 上面提示缺少”;”，很有可能是使用方式导致nginx.conf出现问题。所以直接修改nginx.conf将daemon off的方式写入，算是一种暂定对应方法。 - 修改步骤： [root@node001 nginx]# vim dockerfile FROM myod:latest RUN yum -y install pcre openssl && useradd nginx ADD nginx.tar.gz /usr/local # 将封装的tar包导入到容器 RUN echo "daemon off" >> /usr/local/nginx/conf/nginx.conf # 将daemon off写入文件 EXPOSE 80 WORKDIR /usr/local/nginx/html CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off"] [root@node001 nginx]# docker ps -a # 删除镜像前先确保当镜像下没有容器是启动的 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 27ac0a011c0a myos:nginx "/usr/local/nginx/sb…" 9 minutes ago Exited (1) 9 minutes ago serene_tereshkova c837007e48c4 myos:httpd "/usr/sbin/httpd -DF…" 22 hours ago Up 4 hours 80/tcp competent_heisenberg [root@node001 nginx]# docker rm -f 2 # 删除当前镜像下的容器 2 [root@node001 nginx]# docker rmi myos:nginx # 删除镜像 Untagged: myos:nginx Deleted: sha256:af9a004da13205dc9baf4cf67648cd255ec5ee6c47fa602663e0c79c7b06f715 Deleted: sha256:3300c38105d26c9dfdc3d3b1aea3758fffa4f1dee08c5817abb6275d7f8f43f9 Deleted: sha256:ad28e4a88d3bd5f9bdb3b919c315b1586b79d8c35f93dbd21eae6a386c2def32 Deleted: sha256:896b695a71f823bc570e0c4b31650a15120277e18f152dce8b504cde04d02f18 Deleted: sha256:8db758fd1e858f5c62604b18c68cefd1b6762b4a2aa9a1ca97432224923967d0 Deleted: sha256:9b54c742dc484212cb9a3fc76a3894d0115c99f1e0163a05aaebcbc1ae833b69 Deleted: sha256:c6b19af4e4b9b3cd3611ac77ed66c5dbaa0c924f22eeb75dc1bb340fef7b747b [root@node001 nginx]# docker build -t myos:nginx . # 封装镜像 ########################################################################################################### [root@registry ~]# docker run -itd -p 80:80 myos:nginx # 后台启动nginx自定义镜像 baefad2e23e32d2309f7ea58f411233a1014adfc41990e5d3d60e86b4a2e2845 [root@registry ~]# docker inspect b | grep "IPAddress" "SecondaryIPAddresses": null, "IPAddress": "172.17.0.2", "IPAddress": "172.17.0.2", # 命令行访问 [root@registry ~]# curl -I 172.17.0.2 HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Tue, 20 Oct 2020 06:52:43 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Mon, 19 Oct 2020 09:24:22 GMT Connection: keep-alive ETag: "5f8d5b46-264" Accept-Ranges: bytes # 浏览器访问

网络架构间通信

#mermaid-svg-PhO6Z2ROoQsZD1dS .label{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);fill:#333;color:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .label text{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .node rect,#mermaid-svg-PhO6Z2ROoQsZD1dS .node circle,#mermaid-svg-PhO6Z2ROoQsZD1dS .node ellipse,#mermaid-svg-PhO6Z2ROoQsZD1dS .node polygon,#mermaid-svg-PhO6Z2ROoQsZD1dS .node path{fill:#ECECFF;stroke:#9370db;stroke-width:1px}#mermaid-svg-PhO6Z2ROoQsZD1dS .node .label{text-align:center;fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .node.clickable{cursor:pointer}#mermaid-svg-PhO6Z2ROoQsZD1dS .arrowheadPath{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .edgePath .path{stroke:#333;stroke-width:1.5px}#mermaid-svg-PhO6Z2ROoQsZD1dS .flowchart-link{stroke:#333;fill:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .edgeLabel{background-color:#e8e8e8;text-align:center}#mermaid-svg-PhO6Z2ROoQsZD1dS .edgeLabel rect{opacity:0.9}#mermaid-svg-PhO6Z2ROoQsZD1dS .edgeLabel span{color:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .cluster rect{fill:#ffffde;stroke:#aa3;stroke-width:1px}#mermaid-svg-PhO6Z2ROoQsZD1dS .cluster text{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);font-size:12px;background:#ffffde;border:1px solid #aa3;border-radius:2px;pointer-events:none;z-index:100}#mermaid-svg-PhO6Z2ROoQsZD1dS .actor{stroke:#ccf;fill:#ECECFF}#mermaid-svg-PhO6Z2ROoQsZD1dS text.actor>tspan{fill:#000;stroke:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .actor-line{stroke:grey}#mermaid-svg-PhO6Z2ROoQsZD1dS .messageLine0{stroke-width:1.5;stroke-dasharray:none;stroke:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .messageLine1{stroke-width:1.5;stroke-dasharray:2, 2;stroke:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS #arrowhead path{fill:#333;stroke:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .sequenceNumber{fill:#fff}#mermaid-svg-PhO6Z2ROoQsZD1dS #sequencenumber{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS #crosshead path{fill:#333;stroke:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .messageText{fill:#333;stroke:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .labelBox{stroke:#ccf;fill:#ECECFF}#mermaid-svg-PhO6Z2ROoQsZD1dS .labelText,#mermaid-svg-PhO6Z2ROoQsZD1dS .labelText>tspan{fill:#000;stroke:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .loopText,#mermaid-svg-PhO6Z2ROoQsZD1dS .loopText>tspan{fill:#000;stroke:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .loopLine{stroke-width:2px;stroke-dasharray:2, 2;stroke:#ccf;fill:#ccf}#mermaid-svg-PhO6Z2ROoQsZD1dS .note{stroke:#aa3;fill:#fff5ad}#mermaid-svg-PhO6Z2ROoQsZD1dS .noteText,#mermaid-svg-PhO6Z2ROoQsZD1dS .noteText>tspan{fill:#000;stroke:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .activation0{fill:#f4f4f4;stroke:#666}#mermaid-svg-PhO6Z2ROoQsZD1dS .activation1{fill:#f4f4f4;stroke:#666}#mermaid-svg-PhO6Z2ROoQsZD1dS .activation2{fill:#f4f4f4;stroke:#666}#mermaid-svg-PhO6Z2ROoQsZD1dS .mermaid-main-font{font-family:"trebuchet ms", verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .section{stroke:none;opacity:0.2}#mermaid-svg-PhO6Z2ROoQsZD1dS .section0{fill:rgba(102,102,255,0.49)}#mermaid-svg-PhO6Z2ROoQsZD1dS .section2{fill:#fff400}#mermaid-svg-PhO6Z2ROoQsZD1dS .section1,#mermaid-svg-PhO6Z2ROoQsZD1dS .section3{fill:#fff;opacity:0.2}#mermaid-svg-PhO6Z2ROoQsZD1dS .sectionTitle0{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .sectionTitle1{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .sectionTitle2{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .sectionTitle3{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .sectionTitle{text-anchor:start;font-size:11px;text-height:14px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .grid .tick{stroke:#d3d3d3;opacity:0.8;shape-rendering:crispEdges}#mermaid-svg-PhO6Z2ROoQsZD1dS .grid .tick text{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .grid path{stroke-width:0}#mermaid-svg-PhO6Z2ROoQsZD1dS .today{fill:none;stroke:red;stroke-width:2px}#mermaid-svg-PhO6Z2ROoQsZD1dS .task{stroke-width:2}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText{text-anchor:middle;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText:not([font-size]){font-size:11px}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutsideRight{fill:#000;text-anchor:start;font-size:11px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutsideLeft{fill:#000;text-anchor:end;font-size:11px}#mermaid-svg-PhO6Z2ROoQsZD1dS .task.clickable{cursor:pointer}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutsideLeft.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutsideRight.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText0,#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText1,#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText2,#mermaid-svg-PhO6Z2ROoQsZD1dS .taskText3{fill:#fff}#mermaid-svg-PhO6Z2ROoQsZD1dS .task0,#mermaid-svg-PhO6Z2ROoQsZD1dS .task1,#mermaid-svg-PhO6Z2ROoQsZD1dS .task2,#mermaid-svg-PhO6Z2ROoQsZD1dS .task3{fill:#8a90dd;stroke:#534fbc}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutside0,#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutside2{fill:#000}#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutside1,#mermaid-svg-PhO6Z2ROoQsZD1dS .taskTextOutside3{fill:#000}#mermaid-svg-PhO6Z2ROoQsZD1dS .active0,#mermaid-svg-PhO6Z2ROoQsZD1dS .active1,#mermaid-svg-PhO6Z2ROoQsZD1dS .active2,#mermaid-svg-PhO6Z2ROoQsZD1dS .active3{fill:#bfc7ff;stroke:#534fbc}#mermaid-svg-PhO6Z2ROoQsZD1dS .activeText0,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeText1,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeText2,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeText3{fill:#000 !important}#mermaid-svg-PhO6Z2ROoQsZD1dS .done0,#mermaid-svg-PhO6Z2ROoQsZD1dS .done1,#mermaid-svg-PhO6Z2ROoQsZD1dS .done2,#mermaid-svg-PhO6Z2ROoQsZD1dS .done3{stroke:grey;fill:#d3d3d3;stroke-width:2}#mermaid-svg-PhO6Z2ROoQsZD1dS .doneText0,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneText1,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneText2,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneText3{fill:#000 !important}#mermaid-svg-PhO6Z2ROoQsZD1dS .crit0,#mermaid-svg-PhO6Z2ROoQsZD1dS .crit1,#mermaid-svg-PhO6Z2ROoQsZD1dS .crit2,#mermaid-svg-PhO6Z2ROoQsZD1dS .crit3{stroke:#f88;fill:red;stroke-width:2}#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCrit0,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCrit1,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCrit2,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCrit3{stroke:#f88;fill:#bfc7ff;stroke-width:2}#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCrit0,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCrit1,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCrit2,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCrit3{stroke:#f88;fill:#d3d3d3;stroke-width:2;cursor:pointer;shape-rendering:crispEdges}#mermaid-svg-PhO6Z2ROoQsZD1dS .milestone{transform:rotate(45deg) scale(0.8, 0.8)}#mermaid-svg-PhO6Z2ROoQsZD1dS .milestoneText{font-style:italic}#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCritText0,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCritText1,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCritText2,#mermaid-svg-PhO6Z2ROoQsZD1dS .doneCritText3{fill:#000 !important}#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCritText0,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCritText1,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCritText2,#mermaid-svg-PhO6Z2ROoQsZD1dS .activeCritText3{fill:#000 !important}#mermaid-svg-PhO6Z2ROoQsZD1dS .titleText{text-anchor:middle;font-size:18px;fill:#000;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS g.classGroup text{fill:#9370db;stroke:none;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);font-size:10px}#mermaid-svg-PhO6Z2ROoQsZD1dS g.classGroup text .title{font-weight:bolder}#mermaid-svg-PhO6Z2ROoQsZD1dS g.clickable{cursor:pointer}#mermaid-svg-PhO6Z2ROoQsZD1dS g.classGroup rect{fill:#ECECFF;stroke:#9370db}#mermaid-svg-PhO6Z2ROoQsZD1dS g.classGroup line{stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS .classLabel .box{stroke:none;stroke-width:0;fill:#ECECFF;opacity:0.5}#mermaid-svg-PhO6Z2ROoQsZD1dS .classLabel .label{fill:#9370db;font-size:10px}#mermaid-svg-PhO6Z2ROoQsZD1dS .relation{stroke:#9370db;stroke-width:1;fill:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .dashed-line{stroke-dasharray:3}#mermaid-svg-PhO6Z2ROoQsZD1dS #compositionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #compositionEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #aggregationStart{fill:#ECECFF;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #aggregationEnd{fill:#ECECFF;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #dependencyStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #dependencyEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #extensionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS #extensionEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS .commit-id,#mermaid-svg-PhO6Z2ROoQsZD1dS .commit-msg,#mermaid-svg-PhO6Z2ROoQsZD1dS .branch-label{fill:lightgrey;color:lightgrey;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .pieTitleText{text-anchor:middle;font-size:25px;fill:#000;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .slice{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS g.stateGroup text{fill:#9370db;stroke:none;font-size:10px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS g.stateGroup text{fill:#9370db;fill:#333;stroke:none;font-size:10px}#mermaid-svg-PhO6Z2ROoQsZD1dS g.statediagram-cluster .cluster-label text{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS g.stateGroup .state-title{font-weight:bolder;fill:#000}#mermaid-svg-PhO6Z2ROoQsZD1dS g.stateGroup rect{fill:#ECECFF;stroke:#9370db}#mermaid-svg-PhO6Z2ROoQsZD1dS g.stateGroup line{stroke:#9370db;stroke-width:1}#mermaid-svg-PhO6Z2ROoQsZD1dS .transition{stroke:#9370db;stroke-width:1;fill:none}#mermaid-svg-PhO6Z2ROoQsZD1dS .stateGroup .composit{fill:white;border-bottom:1px}#mermaid-svg-PhO6Z2ROoQsZD1dS .stateGroup .alt-composit{fill:#e0e0e0;border-bottom:1px}#mermaid-svg-PhO6Z2ROoQsZD1dS .state-note{stroke:#aa3;fill:#fff5ad}#mermaid-svg-PhO6Z2ROoQsZD1dS .state-note text{fill:black;stroke:none;font-size:10px}#mermaid-svg-PhO6Z2ROoQsZD1dS .stateLabel .box{stroke:none;stroke-width:0;fill:#ECECFF;opacity:0.7}#mermaid-svg-PhO6Z2ROoQsZD1dS .edgeLabel text{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .stateLabel text{fill:#000;font-size:10px;font-weight:bold;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-PhO6Z2ROoQsZD1dS .node circle.state-start{fill:black;stroke:black}#mermaid-svg-PhO6Z2ROoQsZD1dS .node circle.state-end{fill:black;stroke:white;stroke-width:1.5}#mermaid-svg-PhO6Z2ROoQsZD1dS #statediagram-barbEnd{fill:#9370db}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-cluster rect{fill:#ECECFF;stroke:#9370db;stroke-width:1px}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-cluster rect.outer{rx:5px;ry:5px}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-state .divider{stroke:#9370db}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-state .title-state{rx:5px;ry:5px}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-cluster.statediagram-cluster .inner{fill:white}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-cluster.statediagram-cluster-alt .inner{fill:#e0e0e0}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-cluster .inner{rx:0;ry:0}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-state rect.basic{rx:5px;ry:5px}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-state rect.divider{stroke-dasharray:10,10;fill:#efefef}#mermaid-svg-PhO6Z2ROoQsZD1dS .note-edge{stroke-dasharray:5}#mermaid-svg-PhO6Z2ROoQsZD1dS .statediagram-note rect{fill:#fff5ad;stroke:#aa3;stroke-width:1px;rx:0;ry:0}:root{--mermaid-font-family: '"trebuchet ms", verdana, arial';--mermaid-font-family: "Comic Sans MS", "Comic Sans", cursive}#mermaid-svg-PhO6Z2ROoQsZD1dS .error-icon{fill:#522}#mermaid-svg-PhO6Z2ROoQsZD1dS .error-text{fill:#522;stroke:#522}#mermaid-svg-PhO6Z2ROoQsZD1dS .edge-thickness-normal{stroke-width:2px}#mermaid-svg-PhO6Z2ROoQsZD1dS .edge-thickness-thick{stroke-width:3.5px}#mermaid-svg-PhO6Z2ROoQsZD1dS .edge-pattern-solid{stroke-dasharray:0}#mermaid-svg-PhO6Z2ROoQsZD1dS .edge-pattern-dashed{stroke-dasharray:3}#mermaid-svg-PhO6Z2ROoQsZD1dS .edge-pattern-dotted{stroke-dasharray:2}#mermaid-svg-PhO6Z2ROoQsZD1dS .marker{fill:#333}#mermaid-svg-PhO6Z2ROoQsZD1dS .marker.cross{stroke:#333} :root { --mermaid-font-family: "trebuchet ms", verdana, arial;} #mermaid-svg-PhO6Z2ROoQsZD1dS { color: rgba(0, 0, 0, 0.75); font: ; } node001 容器1 容器2 共享网络 Nginx PHP 共享存储卷用户

实验步骤

[root@node001 ~]# mkdir -p /var/{webroot,webconf} [root@node001 ~]# cp info.php info.html /var/webroot [root@node001 ~]# cp /usr/local/nginx/conf/nginx.conf /var/webconf/ [root@node001 ~]# vim /var/webconf/nginx.conf # 开开启PHP location ~ \.php$ { root html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; include fastcgi.conf; } # 启动前端 nginx 服务，并映射共享目录和配置文件 [root@node001 ~]# docker run -itd --name nginx -p 80:80 -v /var/webconf/nginx.conf:/usr/local/nginx/conf/nginx.conf -v /var/webroot:/usr/local/nginx/html myos:nginx # -v映射目录或文件 8a631b473458659bd54ed9b4b51ada5520272e991ac740fe369b5b32f02bcd58 # 启动后端 php 服务，并映射共享目录 [root@node001 ~]# docker run -itd --network=container:nginx -v /var/webroot:/usr/local/nginx/html myos:php-fpm 5a219b36965f2c3cfa7b208b424e8c04bf7ab15e5743bbad84a48ab4e3ea5e53 [root@node001 ~]# docker inspect 8 | grep -aiE "ipadd" | tail -1 "IPAddress": "172.17.0.2", [root@node001 ~]# curl http://172.17.0.2/info.html <html> <marquee behavior="alternate"> <font size="12px" color=#00ff00>Hello World</font> </marquee> </html> [root@node001 ~]# curl http://172.17.0.2/info.php <pre> Array ( [REMOTE_ADDR] => 172.17.0.2 [REQUEST_METHOD] => GET [HTTP_USER_AGENT] => curl/7.29.0 [REQUEST_URI] => /info.php ) php_host: f705f89b45f9 1229

docker私有仓库

#mermaid-svg-0K6JMM41SsDCxZos .label{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);fill:#333;color:#333}#mermaid-svg-0K6JMM41SsDCxZos .label text{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .node rect,#mermaid-svg-0K6JMM41SsDCxZos .node circle,#mermaid-svg-0K6JMM41SsDCxZos .node ellipse,#mermaid-svg-0K6JMM41SsDCxZos .node polygon,#mermaid-svg-0K6JMM41SsDCxZos .node path{fill:#ECECFF;stroke:#9370db;stroke-width:1px}#mermaid-svg-0K6JMM41SsDCxZos .node .label{text-align:center;fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .node.clickable{cursor:pointer}#mermaid-svg-0K6JMM41SsDCxZos .arrowheadPath{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .edgePath .path{stroke:#333;stroke-width:1.5px}#mermaid-svg-0K6JMM41SsDCxZos .flowchart-link{stroke:#333;fill:none}#mermaid-svg-0K6JMM41SsDCxZos .edgeLabel{background-color:#e8e8e8;text-align:center}#mermaid-svg-0K6JMM41SsDCxZos .edgeLabel rect{opacity:0.9}#mermaid-svg-0K6JMM41SsDCxZos .edgeLabel span{color:#333}#mermaid-svg-0K6JMM41SsDCxZos .cluster rect{fill:#ffffde;stroke:#aa3;stroke-width:1px}#mermaid-svg-0K6JMM41SsDCxZos .cluster text{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);font-size:12px;background:#ffffde;border:1px solid #aa3;border-radius:2px;pointer-events:none;z-index:100}#mermaid-svg-0K6JMM41SsDCxZos .actor{stroke:#ccf;fill:#ECECFF}#mermaid-svg-0K6JMM41SsDCxZos text.actor>tspan{fill:#000;stroke:none}#mermaid-svg-0K6JMM41SsDCxZos .actor-line{stroke:grey}#mermaid-svg-0K6JMM41SsDCxZos .messageLine0{stroke-width:1.5;stroke-dasharray:none;stroke:#333}#mermaid-svg-0K6JMM41SsDCxZos .messageLine1{stroke-width:1.5;stroke-dasharray:2, 2;stroke:#333}#mermaid-svg-0K6JMM41SsDCxZos #arrowhead path{fill:#333;stroke:#333}#mermaid-svg-0K6JMM41SsDCxZos .sequenceNumber{fill:#fff}#mermaid-svg-0K6JMM41SsDCxZos #sequencenumber{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos #crosshead path{fill:#333;stroke:#333}#mermaid-svg-0K6JMM41SsDCxZos .messageText{fill:#333;stroke:#333}#mermaid-svg-0K6JMM41SsDCxZos .labelBox{stroke:#ccf;fill:#ECECFF}#mermaid-svg-0K6JMM41SsDCxZos .labelText,#mermaid-svg-0K6JMM41SsDCxZos .labelText>tspan{fill:#000;stroke:none}#mermaid-svg-0K6JMM41SsDCxZos .loopText,#mermaid-svg-0K6JMM41SsDCxZos .loopText>tspan{fill:#000;stroke:none}#mermaid-svg-0K6JMM41SsDCxZos .loopLine{stroke-width:2px;stroke-dasharray:2, 2;stroke:#ccf;fill:#ccf}#mermaid-svg-0K6JMM41SsDCxZos .note{stroke:#aa3;fill:#fff5ad}#mermaid-svg-0K6JMM41SsDCxZos .noteText,#mermaid-svg-0K6JMM41SsDCxZos .noteText>tspan{fill:#000;stroke:none}#mermaid-svg-0K6JMM41SsDCxZos .activation0{fill:#f4f4f4;stroke:#666}#mermaid-svg-0K6JMM41SsDCxZos .activation1{fill:#f4f4f4;stroke:#666}#mermaid-svg-0K6JMM41SsDCxZos .activation2{fill:#f4f4f4;stroke:#666}#mermaid-svg-0K6JMM41SsDCxZos .mermaid-main-font{font-family:"trebuchet ms", verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .section{stroke:none;opacity:0.2}#mermaid-svg-0K6JMM41SsDCxZos .section0{fill:rgba(102,102,255,0.49)}#mermaid-svg-0K6JMM41SsDCxZos .section2{fill:#fff400}#mermaid-svg-0K6JMM41SsDCxZos .section1,#mermaid-svg-0K6JMM41SsDCxZos .section3{fill:#fff;opacity:0.2}#mermaid-svg-0K6JMM41SsDCxZos .sectionTitle0{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .sectionTitle1{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .sectionTitle2{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .sectionTitle3{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .sectionTitle{text-anchor:start;font-size:11px;text-height:14px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .grid .tick{stroke:#d3d3d3;opacity:0.8;shape-rendering:crispEdges}#mermaid-svg-0K6JMM41SsDCxZos .grid .tick text{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .grid path{stroke-width:0}#mermaid-svg-0K6JMM41SsDCxZos .today{fill:none;stroke:red;stroke-width:2px}#mermaid-svg-0K6JMM41SsDCxZos .task{stroke-width:2}#mermaid-svg-0K6JMM41SsDCxZos .taskText{text-anchor:middle;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .taskText:not([font-size]){font-size:11px}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutsideRight{fill:#000;text-anchor:start;font-size:11px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutsideLeft{fill:#000;text-anchor:end;font-size:11px}#mermaid-svg-0K6JMM41SsDCxZos .task.clickable{cursor:pointer}#mermaid-svg-0K6JMM41SsDCxZos .taskText.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutsideLeft.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutsideRight.clickable{cursor:pointer;fill:#003163 !important;font-weight:bold}#mermaid-svg-0K6JMM41SsDCxZos .taskText0,#mermaid-svg-0K6JMM41SsDCxZos .taskText1,#mermaid-svg-0K6JMM41SsDCxZos .taskText2,#mermaid-svg-0K6JMM41SsDCxZos .taskText3{fill:#fff}#mermaid-svg-0K6JMM41SsDCxZos .task0,#mermaid-svg-0K6JMM41SsDCxZos .task1,#mermaid-svg-0K6JMM41SsDCxZos .task2,#mermaid-svg-0K6JMM41SsDCxZos .task3{fill:#8a90dd;stroke:#534fbc}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutside0,#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutside2{fill:#000}#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutside1,#mermaid-svg-0K6JMM41SsDCxZos .taskTextOutside3{fill:#000}#mermaid-svg-0K6JMM41SsDCxZos .active0,#mermaid-svg-0K6JMM41SsDCxZos .active1,#mermaid-svg-0K6JMM41SsDCxZos .active2,#mermaid-svg-0K6JMM41SsDCxZos .active3{fill:#bfc7ff;stroke:#534fbc}#mermaid-svg-0K6JMM41SsDCxZos .activeText0,#mermaid-svg-0K6JMM41SsDCxZos .activeText1,#mermaid-svg-0K6JMM41SsDCxZos .activeText2,#mermaid-svg-0K6JMM41SsDCxZos .activeText3{fill:#000 !important}#mermaid-svg-0K6JMM41SsDCxZos .done0,#mermaid-svg-0K6JMM41SsDCxZos .done1,#mermaid-svg-0K6JMM41SsDCxZos .done2,#mermaid-svg-0K6JMM41SsDCxZos .done3{stroke:grey;fill:#d3d3d3;stroke-width:2}#mermaid-svg-0K6JMM41SsDCxZos .doneText0,#mermaid-svg-0K6JMM41SsDCxZos .doneText1,#mermaid-svg-0K6JMM41SsDCxZos .doneText2,#mermaid-svg-0K6JMM41SsDCxZos .doneText3{fill:#000 !important}#mermaid-svg-0K6JMM41SsDCxZos .crit0,#mermaid-svg-0K6JMM41SsDCxZos .crit1,#mermaid-svg-0K6JMM41SsDCxZos .crit2,#mermaid-svg-0K6JMM41SsDCxZos .crit3{stroke:#f88;fill:red;stroke-width:2}#mermaid-svg-0K6JMM41SsDCxZos .activeCrit0,#mermaid-svg-0K6JMM41SsDCxZos .activeCrit1,#mermaid-svg-0K6JMM41SsDCxZos .activeCrit2,#mermaid-svg-0K6JMM41SsDCxZos .activeCrit3{stroke:#f88;fill:#bfc7ff;stroke-width:2}#mermaid-svg-0K6JMM41SsDCxZos .doneCrit0,#mermaid-svg-0K6JMM41SsDCxZos .doneCrit1,#mermaid-svg-0K6JMM41SsDCxZos .doneCrit2,#mermaid-svg-0K6JMM41SsDCxZos .doneCrit3{stroke:#f88;fill:#d3d3d3;stroke-width:2;cursor:pointer;shape-rendering:crispEdges}#mermaid-svg-0K6JMM41SsDCxZos .milestone{transform:rotate(45deg) scale(0.8, 0.8)}#mermaid-svg-0K6JMM41SsDCxZos .milestoneText{font-style:italic}#mermaid-svg-0K6JMM41SsDCxZos .doneCritText0,#mermaid-svg-0K6JMM41SsDCxZos .doneCritText1,#mermaid-svg-0K6JMM41SsDCxZos .doneCritText2,#mermaid-svg-0K6JMM41SsDCxZos .doneCritText3{fill:#000 !important}#mermaid-svg-0K6JMM41SsDCxZos .activeCritText0,#mermaid-svg-0K6JMM41SsDCxZos .activeCritText1,#mermaid-svg-0K6JMM41SsDCxZos .activeCritText2,#mermaid-svg-0K6JMM41SsDCxZos .activeCritText3{fill:#000 !important}#mermaid-svg-0K6JMM41SsDCxZos .titleText{text-anchor:middle;font-size:18px;fill:#000;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos g.classGroup text{fill:#9370db;stroke:none;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family);font-size:10px}#mermaid-svg-0K6JMM41SsDCxZos g.classGroup text .title{font-weight:bolder}#mermaid-svg-0K6JMM41SsDCxZos g.clickable{cursor:pointer}#mermaid-svg-0K6JMM41SsDCxZos g.classGroup rect{fill:#ECECFF;stroke:#9370db}#mermaid-svg-0K6JMM41SsDCxZos g.classGroup line{stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos .classLabel .box{stroke:none;stroke-width:0;fill:#ECECFF;opacity:0.5}#mermaid-svg-0K6JMM41SsDCxZos .classLabel .label{fill:#9370db;font-size:10px}#mermaid-svg-0K6JMM41SsDCxZos .relation{stroke:#9370db;stroke-width:1;fill:none}#mermaid-svg-0K6JMM41SsDCxZos .dashed-line{stroke-dasharray:3}#mermaid-svg-0K6JMM41SsDCxZos #compositionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #compositionEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #aggregationStart{fill:#ECECFF;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #aggregationEnd{fill:#ECECFF;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #dependencyStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #dependencyEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #extensionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos #extensionEnd{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos .commit-id,#mermaid-svg-0K6JMM41SsDCxZos .commit-msg,#mermaid-svg-0K6JMM41SsDCxZos .branch-label{fill:lightgrey;color:lightgrey;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .pieTitleText{text-anchor:middle;font-size:25px;fill:#000;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .slice{font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos g.stateGroup text{fill:#9370db;stroke:none;font-size:10px;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos g.stateGroup text{fill:#9370db;fill:#333;stroke:none;font-size:10px}#mermaid-svg-0K6JMM41SsDCxZos g.statediagram-cluster .cluster-label text{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos g.stateGroup .state-title{font-weight:bolder;fill:#000}#mermaid-svg-0K6JMM41SsDCxZos g.stateGroup rect{fill:#ECECFF;stroke:#9370db}#mermaid-svg-0K6JMM41SsDCxZos g.stateGroup line{stroke:#9370db;stroke-width:1}#mermaid-svg-0K6JMM41SsDCxZos .transition{stroke:#9370db;stroke-width:1;fill:none}#mermaid-svg-0K6JMM41SsDCxZos .stateGroup .composit{fill:white;border-bottom:1px}#mermaid-svg-0K6JMM41SsDCxZos .stateGroup .alt-composit{fill:#e0e0e0;border-bottom:1px}#mermaid-svg-0K6JMM41SsDCxZos .state-note{stroke:#aa3;fill:#fff5ad}#mermaid-svg-0K6JMM41SsDCxZos .state-note text{fill:black;stroke:none;font-size:10px}#mermaid-svg-0K6JMM41SsDCxZos .stateLabel .box{stroke:none;stroke-width:0;fill:#ECECFF;opacity:0.7}#mermaid-svg-0K6JMM41SsDCxZos .edgeLabel text{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .stateLabel text{fill:#000;font-size:10px;font-weight:bold;font-family:'trebuchet ms', verdana, arial;font-family:var(--mermaid-font-family)}#mermaid-svg-0K6JMM41SsDCxZos .node circle.state-start{fill:black;stroke:black}#mermaid-svg-0K6JMM41SsDCxZos .node circle.state-end{fill:black;stroke:white;stroke-width:1.5}#mermaid-svg-0K6JMM41SsDCxZos #statediagram-barbEnd{fill:#9370db}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-cluster rect{fill:#ECECFF;stroke:#9370db;stroke-width:1px}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-cluster rect.outer{rx:5px;ry:5px}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-state .divider{stroke:#9370db}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-state .title-state{rx:5px;ry:5px}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-cluster.statediagram-cluster .inner{fill:white}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-cluster.statediagram-cluster-alt .inner{fill:#e0e0e0}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-cluster .inner{rx:0;ry:0}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-state rect.basic{rx:5px;ry:5px}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-state rect.divider{stroke-dasharray:10,10;fill:#efefef}#mermaid-svg-0K6JMM41SsDCxZos .note-edge{stroke-dasharray:5}#mermaid-svg-0K6JMM41SsDCxZos .statediagram-note rect{fill:#fff5ad;stroke:#aa3;stroke-width:1px;rx:0;ry:0}:root{--mermaid-font-family: '"trebuchet ms", verdana, arial';--mermaid-font-family: "Comic Sans MS", "Comic Sans", cursive}#mermaid-svg-0K6JMM41SsDCxZos .error-icon{fill:#522}#mermaid-svg-0K6JMM41SsDCxZos .error-text{fill:#522;stroke:#522}#mermaid-svg-0K6JMM41SsDCxZos .edge-thickness-normal{stroke-width:2px}#mermaid-svg-0K6JMM41SsDCxZos .edge-thickness-thick{stroke-width:3.5px}#mermaid-svg-0K6JMM41SsDCxZos .edge-pattern-solid{stroke-dasharray:0}#mermaid-svg-0K6JMM41SsDCxZos .edge-pattern-dashed{stroke-dasharray:3}#mermaid-svg-0K6JMM41SsDCxZos .edge-pattern-dotted{stroke-dasharray:2}#mermaid-svg-0K6JMM41SsDCxZos .marker{fill:#333}#mermaid-svg-0K6JMM41SsDCxZos .marker.cross{stroke:#333} :root { --mermaid-font-family: "trebuchet ms", verdana, arial;} #mermaid-svg-0K6JMM41SsDCxZos { color: rgba(0, 0, 0, 0.75); font: ; } 容器服务器 node001 容器服务器 node002 镜像仓库

自定义私有仓库步骤：

安装私有仓库（服务端） yum install docker-distribution

启动私有仓库，并设置开机自启动 systemctl start docker-distribution systemctl enable docker-distribution

仓库配置文件及数据存储路径 /etc/docker-distribution/registry/config.yml /var/lib/registry

客户端配置：

修改配置文件 /etc/sysconfig/docker允许非加密方式访问仓库 ADD_REGISTRY=’–add-registry 仓库IP:5000’docker仓库地址 INSECURE_REGISTRY=’–insecure-registry 仓库IP:5000’

重启docker服务 systemctl restart docker

为镜像创建标签：

这里的地址要写上仓库主机的IP地址或者主机名docker tag 镜像：标签 IP：5000/镜像：latest

上传镜像：

上传镜像的标签内包含地址和端口号docker push IP：5000/镜像：latest

远程启动器（docker2）

配置/etc/sysconfig/dockerADD_REGISTRY=’–add-registry 仓库IP:5000’INSECURE_REGISTRY=’–insecure-registry 仓库IP:5000’

重启docker

重启docker服务systemctl restart docker

远程启动镜像

docker run -it [仓库IP：5000]/myos:latest

查看私有镜像仓库中的镜像名称

curl http://仓库IP：5000/v2/_catalog

查看某一仓库的标签

curl http://仓库IP：5000/v2//tags/list

私有仓库数据存储目录

/var/lib/registry

环境准备

主机ip地址配置registry172.31.78.1672CPU,2G（可以访问外网）node001172.31.78.1712CPU,2Gnode002172.31.78.1722CPU,2G [root@registry ~]# yum -y install docker-distribution [root@registry ~]# systemctl enable --now docker-distribution.service Created symlink from /etc/systemd/system/multi-user.target.wants/docker-distribution.service to /usr/lib/systemd/system/docker-distribution.service. [root@registry ~]# ss -nutlp | grep 5000 tcp LISTEN 0 128 [::]:5000 [::]:* users:(("registry",pid=32696,fd=3)) [root@registry ~]# curl http://172.31.78.167:5000/v2/_catalog {"repositories":[]}

docker客户端配置

所有node节点都需要配置，这里 node001，node002都要配置

native.cgroupdriver cgroup驱动，docker默认 cgroupfs

registry-mirrors 默认下载仓库，使用国内源能快一点

insecure-registries 私有仓库地址（重点）

1.停止所有容器 [root@node001 ~]# docker stop $(docker ps -aq) 2.配置/etc/sysconfig/docker -------------------------------------------------------------------------------- ps:打开/etc/sysconfig/docker配置文件发现改文件是新文件时，是因为在/lib/systemd/system/docker.service里面没有加载配置文件，可以进行如下操作： [root@node001 ~]# vim /lib/systemd/system/docker.service [Unit] Description=docker Application Container Engine Documentation=https://docs.docker.com After=network.target docker.socket Requires=docker.socket [Service] Type=notify EnvironmentFile=/etc/sysconfig/docker ExecStart=/usr/bin/dockerd $OPTIONS LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity MountFlags=slave [Install] WantedBy=multi-user.target [root@node001 ~]# vim /etc/sysconfig/docker # /etc/sysconfig/docker # Modify these options if you want to change the way the docker daemon runs OPTIONS='-H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock' docker_CERT_PATH=/etc/docker # If you want to add your own registry to be used for docker search and docker # pull use the ADD_REGISTRY option to list a set of registries, each prepended # with --add-registry flag. The first registry added will be the first registry # searched. # ADD_REGISTRY='--add-registry registry.access.redhat.com' # If you want to block registries from being used, uncomment the BLOCK_REGISTRY # option and give it a set of registries, each prepended with --block-registry # flag. For example adding docker.io will stop users from downloading images # from docker.io # BLOCK_REGISTRY='--block-registry' # If you have a registry secured with https but do not have proper certs # distributed, you can tell docker to not look for full authorization by # adding the registry to the INSECURE_REGISTRY line and uncommenting it. INSECURE_REGISTRY='--insecure-registry dl.dockerpool.com:5000' # On an SELinux system, if you remove the --selinux-enabled option, you # also need to turn on the docker_transition_unconfined boolean. # setsebool -P docker_transition_unconfined 1 # Location used for temporary files, such as those created by # docker load and build operations. Default is /var/lib/docker/tmp # Can be overriden by setting the following environment variable. # docker_TMPDIR=/var/tmp # Controls the /etc/cron.daily/docker-logrotate cron job status. # To disable, uncomment the line below. # LOGROTATE=false 重新加载配置，重启docker [root@node001 ~]# systemctl daemon-reload [root@node001 ~]# systemctl restart docker -------------------------------------------------------------------------------- [root@node001 ~]# vim /etc/sysconfig/docker 11 ADD_REGISTRY='--add-registry 172.31.78.167:5000' # 设置默认仓库为registry主机 22 INSECURE_REGISTRY='--insecure-registry 172.31.78.167:5000' 3.重启服务 [root@node001 ~]# systemctl restart docker 4.将文件同步给node002主机 [root@node001 ~]# yum -y install rsync [root@node002 ~]# yum -y install rsync [root@node001 ~]# rsync -av /etc/sysconfig/docker 172.31.78.172:/etc/sysconfig/ 5.重启node002主机docker服务 [root@node002 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@node002 ~]# cat /etc/sysconfig/docker | grep 172 ADD_REGISTRY='--add-registry 172.31.78.167:5000' INSECURE_REGISTRY='--insecure-registry 172.31.78.167:5000' [root@node002 ~]# systemctl restart docker 6.传镜像到仓库主机打标签：docker tag myos：latest 172.31.78.167:5000/myos:latest 上传镜像：docker push 172.31.78.167:5000/myos:latest 验证： curl http://172.31.78.167:5000/v2/_catalog 标签： curl http://172.31.78.167:5000/v2/myos/tags/list [root@node001 ~]# docker tag myos:httpd 172.31.78.167:5000/myos:httpd # 给本机的myos:httpd打个标签 [root@node001 ~]# docker push 172.31.78.167:5000/myos:httpd # 上传到镜像仓库 The push refers to repository [172.31.78.167:5000/myos] 81fd8e9665b8: Pushed b475f6e98f42: Pushed 6ae11db405e3: Pushed bcc97fbfc9e1: Pushed httpd: digest: sha256:87789a4ee1181908fcfce117617746cb987566c56c7d03bacaec4e40a449a13b size: 1160 [root@node001 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE myos nginx d052ae1c1170 2 days ago 570MB myos php-fpm 87d6d2559112 2 days ago 587MB 172.31.78.167:5000/myos httpd b7b8c5d39b38 2 days ago 596MB myos httpd b7b8c5d39b38 2 days ago 596MB myod latest 631f6b81c82e 3 days ago 457MB redis latest 82629e941a38 21 months ago 95MB nginx latest 42b4762643dc 21 months ago 109MB ubuntu latest 20bb25d32758 21 months ago 87.5MB newubun newlatest 20bb25d32758 21 months ago 87.5MB centos latest 76d6bc25b8a5 2 years ago 200MB -------------------------------------------------------------------------------- ps:如果在上传镜像时出现如下情况： Get https://172.31.78.167:5000/v2/: http: server gave HTTP response to HTTPS client 如果/etc/sysconfig/docker配置文件也修改，解决办法： [root@node001 ~]# vim /etc/docker/daemon.json { "exec-opts": ["native.cgroupdriver=systemd"], "registry-mirrors": ["https://hub-mirror.c.163.com"], "insecure-registries":["172.31.78.167:5000", "registry:5000"] } 重启服务 [root@node001 ~]# systemctl restart docker 7.访问验证 [root@node002 ~]# curl http://172.31.78.167:5000/v2/_catalog {"repositories":["myos"]} [root@node002 ~]# curl http://172.31.78.167:5000/v2/myos/tags/list {"name":"myos","tags":["httpd"]} [root@node002 ~]# docker run -it 172.31.78.167:5000/myos:httpd Unable to find image '172.31.78.167:5000/myos:httpd' locally newhttp: Pulling from myos 7dc0dca2b151: Pull complete 053292d6ec55: Pull complete cff5257333dd: Pull complete 33a6cf4f7e09: Pull complete 9251ff9c7060: Pull complete Digest: sha256:45d1296836bd9d4f95faf4251a49e491c3dcd96318d4d209042c5b7834672a4f Status: Downloaded newer image for 172.31.78.167:5000/myos:httpd [root@abde069eb267 html]# # 成功！Ctrl+p，Ctrl+q退出

最新回复(0)