自定义镜像 自定义仓库 存储持久化
Top
NSD CLOUD DAY07
1 案例1:制作自定义镜像
1.1 问题
本案例要求制作自定义镜像:
- 基于centos镜像使用commit创建新的镜像文件
- 基于centos镜像使用Dockerfile文件创建一个新的镜像文件
1.2 步骤
实现此案例需要按照如下步骤进行。
步骤一:使用镜像启动容器
1)在该容器基础上修改yum源
- [[email protected] docker_images]# docker run -it centos
- [[email protected]d07ecd7e345 /]# rm -rf /etc/yum.repos.d/*
- [[email protected] /]# vi /etc/yum.repos.d/dvd.repo
- [dvd]
- name=dvd
- baseurl=ftp://192.168.1.254/system
- enabled=1
- gpgcheck=0
- [[email protected] /]# yum clean all
- [[email protected] /]# yum repolist
2)安装测试软件
- [[email protected]d07ecd7e345 /]# yum -y install net-tools iproute psmisc vim-enhanced
3)ifconfig查看
- [[email protected]d07ecd7e345 /]# ifconfig
- eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
- inet 172.17.0.3 netmask 255.255.0.0 broadcast 0.0.0.0
- inet6 fe80::42:acff:fe11:3 prefixlen 64 scopeid 0x20<link>
- ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
- RX packets 2488 bytes 28317945 (27.0 MiB)
- RX errors 0 dropped 0 overruns 0 frame 0
- TX packets 1858 bytes 130264 (127.2 KiB)
- TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- [[email protected]d07ecd7e345 /]# exit
- exit
步骤二:另存为另外一个镜像
1)创建新建镜像
- [[email protected] docker_images]# docker start 8d07ecd7e345
- //可以简写为8d,要保证唯一性
- 8d07ecd7e345
- [[email protected] docker_images]# docker commit 8d07ecd7e345 myos:v1
- sha256:ac3f9c2e8c7e13db183636821783f997890029d687b694f5ce590a473ad82c5f
2)查看新建的镜像,如图-1所示:
图-1
3)验证新建镜像
- [[email protected] docker_images]# docker run -it myos:v1
- [[email protected]c7b4664bf /]# ifconfig
- eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
- inet 172.17.0.6 netmask 255.255.0.0 broadcast 0.0.0.0
- inet6 fe80::42:acff:fe11:6 prefixlen 64 scopeid 0x20<link>
- ether 02:42:ac:11:00:06 txqueuelen 0 (Ethernet)
- RX packets 0 bytes 0 (0.0 B)
- RX errors 0 dropped 0 overruns 0 frame 0
- TX packets 7 bytes 578 (578.0 B)
- TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
步骤三:使用Dockerfile文件创建一个新的镜像文件
Dockerfile语法格式:
– FROM:基础镜像
– MAINTAINER:镜像创建者信息(说明)
– EXPOSE:开放的端口
– ENV:设置环境变量
– ADD:复制文件到镜像
– RUN:制作镜像时执行的命令,可以有多个
– WORKDIR:定义容器默认工作目录
– CMD:容器启动时执行的命令,仅可以有一条CMD
1)创建一个Apache的镜像文件
- [[email protected] ~]# mkdir oo
- [[email protected] ~]# cd oo
- [[email protected] oo]# touch Dockerfile //Dockerfile文件第一个字母要大写
- [[email protected] oo]# cp /etc/yum.repos.d/local.repo ./
- [[email protected] oo]# vi Dockerfile
- FROM myos:v1
- RUN yum -y install httpd
- ENV EnvironmentFile=/etc/sysconfig/httpd
- WORKDIR /var/www/html/ //定义容器默认工作目录
- RUN echo "test" > /var/www/html/index.html
- EXPOSE 80 //设置开放端口号
- CMD ["/usr/sbin/httpd", "-DFOREGROUND"]
- [[email protected] oo]# docker build -t myos:http .
- [[email protected] oo]# docker run -d myos:http
- d9a5402709b26b42cd304c77be442559a5329dc784ec4f6c90e4abac1c88e206
- [[email protected] oo]# docker inspect d9
- [[email protected] oo]# curl 172.17.0.7
- test
2 案例2:创建私有镜像仓库
2.1 问题
本案例要求创建私有的镜像仓库:
- Docker主机:192.168.1.20
- 镜像仓库服务器:192.168.1.10
2.2 步骤
实现此案例需要按照如下步骤进行。
步骤一:自定义私有仓库
1)定义一个私有仓库
- [[email protected] oo]# vim /etc/docker/daemon.json //不写这个文件会报错
- {
- "insecure-registries" : ["192.168.1.10:5000"] //使用私有仓库运行容器
- }
- [[email protected] oo]# systemctl restart docker
- [[email protected] oo]# docker run -d -p 5000:5000 registry
- 273be3d1f3280b392cf382f4b74fea53aed58968122eff69fd016f638505ee0e
- [[email protected] oo]# curl 192.168.1.10:5000/v2/
- {} //出现括号
- [[email protected] oo]# docker tag busybox:latest 192.168.1.10:5000/busybox:latest
- //打标签
- [[email protected] oo]# docker push 192.168.1.10:5000/busybox:latest //上传
- [[email protected] oo]# docker tag myos:http 192.168.1.10:5000/myos:http
- [[email protected] oo]# docker push 192.168.1.10:5000/myos:http
2)在docker2上面启动
- [[email protected] ~]# scp 192.168.1.10:/etc/docker/daemon.json /etc/docker/
- [[email protected] ~]# systemctl restart docker
- [[email protected] ~]# docker images
- [[email protected] ~]# docker run -it 192.168.1.10:5000/myos:http /bin/bash
- //直接启动
步骤二:查看私有仓库
1)查看里面有什么镜像
- [[email protected] oo]# curl http://192.168.1.10:5000/v2/_catalog
- {"repositories":["busybox","myos"]}
2)查看里面的镜像标签
- [[email protected] oo]# curl http://192.168.1.10:5000/v2/busybox/tags/list
- {"name":"busybox","tags":["latest"]}
- [[email protected] oo]# curl http://192.168.1.10:5000/v2/myos/tags/list
- {"name":"myos","tags":["http"]}
3 案例3:NFS共享存储
3.1 问题
本案例要求创建NFS共享,能映射到容器里:
- 服务器创建NFS共享存储,共享目录为/content,权限为rw
- 客户端挂载共享,并将共享目录映射到容器中
3.2 方案
本方案要求需要一台NFS服务器(NFS用真机代替),ip为192.168.1.254,一台客户端docker1主机,ip为192.168.1.10,一台户端docker2主机,ip为192.168.1.20,实现客户端挂载共享,并将共享目录映射到容器中,docker1更新文件时,docker2实现同步更新,方案如图-2所示:
图-2
3.3 步骤
实现此案例需要按照如下步骤进行。
步骤一:配置NFS服务器
- [[email protected] ~]# yum -y install nfs-utils
- [[email protected] ~]# mkdir /content
- [[email protected] ~]# vim /etc/exports
- /content *(rw,no_root_squash)
- [[email protected] ~]# systemctl restart nfs-server.service
- [[email protected] ~]# systemctl restart nfs-secure.service
- [[email protected] ~]# exportfs -rv
- exporting *:/content
- [[email protected] ~]# chmod 777 /content
- [[email protected] ~]# echo 11 > /content/index.html
步骤二:配置客户端
- [[email protected] oo]# yum -y install nfs-utils
- [[email protected] oo]# systemctl restart nfs-server.service
- [[email protected] oo]# showmount -e 192.168.1.254
- Export list for 192.168.1.254:
- /content *
- [[email protected] ~]# mkdir /mnt/qq
- [[email protected] ~]# mount -t nfs 192.168.1.254:/content /mnt/qq
- [[email protected] ~]# ls /mnt/qq
- index.html
- [[email protected] ~]# cat /mnt/qq/index.html
- 11
- [[email protected] ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it myos:http
- 224248f0df5d795457c43c2a7dad0b7e5ec86abdc3f31d577e72f7929f020e01
- [[email protected] ~]# curl 192.168.1.10
- 11
- [[email protected] ~]# yum -y install nfs-utils
- [[email protected] ~]# showmount -e 192.168.1.254
- Export list for 192.168.1.254:
- /content *
- [[email protected] ~]# mkdir /mnt/qq
- [[email protected] ~]# mount -t nfs 192.168.1.254:/content /mnt/qq
- [[email protected] ~]# docker run -d -p 80:80 -v /mnt/qq:/var/www/html -it 192.168.1.10:5000/myos:http
- 00346dabec2c7a12958da4b7fee6551020249cdcb111ad6a1058352d2838742a
- [[email protected] ~]# curl 192.168.1.20
- 11
- [[email protected] ~]# touch /mnt/qq/a.sh
- [[email protected] ~]# echo 22 > /mnt/qq/index.html
- [[email protected] ~]#ls /mnt/qq/
- a.sh index.html
- [[email protected] ~]# cat /mnt/qq/index.html
- 22
4 案例4:创建自定义网桥
4.1 问题
本案例要求:
- 创建网桥设备docker01
- 设定网段为172.30.0.0/16
- 启动nginx容器,nginx容器桥接docker01设备
- 映射真实机8080端口与容器的80端口
4.2 步骤
实现此案例需要按照如下步骤进行。
步骤一:新建Docker网络模型
1)新建docker1网络模型
- [[email protected] ~]# docker network create --subnet=172.30.0.0/16 docker01
- c9cf26f911ef2dccb1fd1f670a6c51491e72b49133246f6428dd732c44109462
- [[email protected] ~]# docker network list
- NETWORK ID NAME DRIVER SCOPE
- bc189673f959 bridge bridge local
- 6622752788ea docker01 bridge local
- 53bf43bdd584 host host local
- ac52d3151ba8 none null local
- [[email protected] ~]# ip a s
- [[email protected] ~]# docker network inspect docker01
- [
- {
- "Name": "docker01",
- "Id": "c9cf26f911ef2dccb1fd1f670a6c51491e72b49133246f6428dd732c44109462",
- "Scope": "local",
- "Driver": "bridge",
- "EnableIPv6": false,
- "IPAM": {
- "Driver": "default",
- "Options": {},
- "Config": [
- {
- "Subnet": "172.30.0.0/16"
- }
- ]
- },
- "Internal": false,
- "Containers": {},
- "Options": {},
- "Labels": {}
- }
- ]
2)使用自定义网桥启动容器
- [[email protected] ~]# docker run --network=docker01 -id nginx
3)端口映射
- [[email protected] ~]# docker run -p 8080:80 -id nginx
- e523b386f9d6194e53d0a5b6b8f5ab4984d062896bab10639e41aef657cb2a53
- [[email protected] ~]# curl 192.168.1.10:8080
步骤二:扩展实验
1)新建一个网络模型docker02
- [[email protected] ~]# docker network create --driver bridge docker02
- //新建一个 名为docker02的网络模型
- 5496835bd3f53ac220ce3d8be71ce6afc919674711ab3f94e6263b9492c7d2cc
- [[email protected] ~]# ifconfig
- //但是在用ifconfig命令查看的时候,显示的名字并不是docker02,而是br-5496835bd3f5
- br-5496835bd3f5: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
- inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
- ether 02:42:89:6a:a2:72 txqueuelen 0 (Ethernet)
- RX packets 8 bytes 496 (496.0 B)
- RX errors 0 dropped 0 overruns 0 frame 0
- TX packets 8 bytes 496 (496.0 B)
- TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- [[email protected] ~]# docker network list //查看显示docker02(查看加粗字样)
- NETWORK ID NAME DRIVER SCOPE
- bc189673f959 bridge bridge local
- 5496835bd3f5 docker02 bridge local
- 53bf43bdd584 host host local
- ac52d3151ba8 none null local
2)若要解决使用ifconfig命令可以看到docker02的问题,可以执行以下几步命令
- [[email protected] ~]# docker network list //查看docker0的NETWORK ID(加粗字样)
- NETWORK ID NAME DRIVER SCOPE
- bc189673f959 bridge bridge local
- 5496835bd3f5 docker02 bridge local
- 53bf43bdd584 host host local
- ac52d3151ba8 none null local
3)查看16dc92e55023的信息,如图-3所示:
- [[email protected] ~]# docker network inspect bc189673f959
图-3
4)查看图片的倒数第六行有"com.docker.network.bridge.name": "docker0"字样
5)把刚刚创建的docker02网桥删掉
- [[email protected] ~]# docker network rm docker02 //删除docker02
- docker02
- [[email protected] ~]# docker network create \
- docker02 -o com.docker.network.bridge.name=docker02
- //创建docker02网桥
- 648bd5da03606d5a1a395c098662b5f820b9400c6878e2582a7ce754c8c05a3a
- [[email protected] ~]# ifconfig //ifconfig查看有docker02
- docker02: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
- inet 172.18.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
- ether 02:42:94:27:a0:43 txqueuelen 0 (Ethernet)
- RX packets 0 bytes 0 (0.0 B)
- RX errors 0 dropped 0 overruns 0 frame 0
- TX packets 0 bytes 0 (0.0 B)
- TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
6)若想在创建docker03的时候自定义网段(之前已经创建过docker01和02,这里用docker03),执行以下命令
- [[email protected] ~]# docker network create docker03 --subnet=172.30.0.0/16 -o com.docker.network.bridge.name=docker03
- f003aa1c0fa20c81e4f73c12dcc79262f1f1d67589d7440175ea01dc0be4d03c
- [[email protected] ~]# ifconfig //ifconfig查看,显示的是自己定义的网段
- docker03: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
- inet 172.30.0.1 netmask 255.255.0.0 broadcast 0.0.0.0
- ether 02:42:27:9b:95:b3 txqueuelen 0 (Ethernet)
- RX packets 0 bytes 0 (0.0 B)
- RX errors 0 dropped 0 overruns 0 frame 0
- TX packets 0 bytes 0 (0.0 B)
- TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0