ali镜像加速
sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://ksvpjulq.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart dockerdocker自用镜像(mini)
sudo docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com sudo docker pull registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:7docker 私有镜像访问http需要添加
[root@node-1 ~]# cat /etc/docker/daemon.json { "insecure-registries":["10.0.1.10:5000"] }1) Dockerfile >>常用工具docker
cat >> Dockerfile <<eof FROM centos:7 RUN yum install -y \ vim bash-com* openssh-clients openssh-server iproute cronie;\ yum group install -y "Development Tools";yum clean all;\ localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \ ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ENV LANG=zh_CN.UTF-8 eof docker build . -t centos7-mini2) Dockerfile >>装了个mini化的docker
cat >> Dockerfile <<eof FROM centos:7 RUN yum install -y \ vim bash-com* openssh-clients openssh-server iproute cronie;\ yum group install -y "Minimal Install";yum clean all;\ localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && \ ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ENV LANG=zh_CN.UTF-8 eof docker build . -t centos7-mini使用docker (- - privileged /usr/sbin/init可以使用systemctl 报错 [root@real-kk ~]# docker run -tid -p 80:80 --privileged --name nginx --hostname nginx centos7-mini:7 /usr/sbin/init 957c1e3171fe02a8643b6d7b827e455cfff3ba511ea820c27a6e2e00b638194b docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused “process_linux.go:449: container init caused “write /proc/self/attr/keycreate: permission denied””: unknown. 【请尝试永久关闭selinux 重启主机,重启docker服务,】)
[root@real-kk ~]# docker run -tid -p 80:80 --privileged --name nginx --hostname nginx centos7-mini:7 /usr/sbin/init db8778bcc3c67aa08cca0730c2df9f03299cf2bc33be8d421e3f804cb7dee092 [root@real-kk ~]# docker exec -it nginx bash [root@nginx /]# systemctl UNIT LOAD ACTIVE SUB DESCRIPTION proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System dev-dm\x2d1.device loaded activating tentative /dev/dm-1 -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System etc-hostname.mount loaded active mounted /etc/hostname etc-hosts.mount loaded active mounted /etc/hosts etc-resolv.conf.mount loaded active mounted /etc/resolv.conf sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directo systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory W ● auditd.service loaded failed failed Security Auditing Service crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus firewalld.service loaded active running firewalld - dynamic firewall daemon getty@tty1.service loaded active running Getty on tty1 irqbalance.service loaded active running irqbalance daemon ● kdump.service loaded failed failed Crash recovery kernel arming ● network.service loaded failed failed LSB: Bring up/down networking NetworkManager-wait-online.service loaded active exited Network Manager Wait Online NetworkManager.service loaded active running Network Manager polkit.service loaded active running Authorization Manager ● postfix.service loaded failed failed Postfix Mail Transport Agent rhel-autorelabel-mark.service loaded active exited Mark the need to relabel after rebootrun 创建并运行 -i 交互式 -t 伪终端 -d 后台运行(docker在运行,不进入) –name 指定docker启动名kk –hostname 指定docker主机名kk –privileged=true 在docker内获取最高权限(不加,某些操作没权限) centos7-mini 自定义的镜像名字 bash 命令
create创建docker
[root@real-kk ~]# docker create -it --name web2 --hostname web2 --privileged=true centos7-mini bash [root@real-kk ~]# docker start web2 [root@real-kk ~]# docker exec -it web2 bash [root@web2 /]#删除docker
删除docker -f强制 docker rm -f xxx 删除镜像 docker image rm xxx打包docker镜像(换过yum仓库、安装过nginx服务) 重建docker会一起构建 记得添加权限 --privileged=true
[root@real-kk ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 18089cb6e4e3 centos7-mini "bash" 2 hours ago Up 2 hours server-lvs [root@real-kk ~]# docker commit -p server-lvs sha256:7a418b67d94e5c77207d10f4a56b973c2184e5ab386c85f206bd21b18f361530[root@real-kk ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> 7a418b67d94e 15 seconds ago 1.35GB [root@real-kk ~]# docker tag 7a41 nginx:yum [root@real-kk ~]# docker run -ti --name nginx --hostname nginx --privileged=true nginx:yum bash [root@nginx /]# nginx [root@nginx /]# netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 21/nginx: master pr [root@nginx /]# cd /etc/yum.repos.d/ [root@nginx yum.repos.d]# ls CentOS-Base.repo epel.repo nginx.repo镜像保存到ali仓库(已经装好的镜像)
docker push registry.cn-hangzhou.aliyuncs.com/<命名空间>/<应用镜像名>:<镜像版本> [root@real-kk ~]# docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com [root@real-kk ~]# docker tag 7a418b67d94e registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx [root@real-kk ~]# sudo docker push registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx The push refers to repository [registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini] 117bbd63dea1: Pushed a09765cc3795: Pushing [======================================> ] 573.7MB/748.9MB 613be09ab3c0: Pushed拉取docker-先登录-再拉取
[root@real-kk ~]# sudo docker login --username=sili1994 registry.cn-hangzhou.aliyuncs.com [root@real-kk ~]# docker pull registry.cn-hangzhou.aliyuncs.com/cetos7/centos7-mini:nginx