一、docker架构
无论是C端还是S端都由docker一个程序提供,这个程序有很多子程序,其中有一个子程序的子命令叫daemon,表示运行为守护进程,因此我们运行docker daemon就表示把这台主机变为守护进程服务器,它可以监听在所谓的套接字之上,为了安全起见默认只提供本机的unix socket 文件套接字,
1、client端
2、server端,docker daemo守护进程,监听在套接字之上。docker支持三种类型套接字。
a、ip v4套接字:即IPv4 + 端口套接字
b、ip v6套接字 :即IPv6 + 端口套接字
c、unix socket file :监听在本地的文件上,此种方式只允许客户端为本地。
3、docker 版本
docker ee :docker 企业版
docker ce :docker 社区版
二、docker 镜像仓库
1、作用
a、提供镜像存储的仓库
b、提供用户获取镜像时的认证
c、提供当前服务器上所有可用镜像的索引
2、一个镜像仓库一般只用做一种应用
三、Docker 安装和使用
1、不建议centos yum源里面的docker源
2、docker 稳定版清华源
https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/x86_64/stable/repodata/
3、安装步骤
a、首先下载清华源docker repo文件:
[root@localhost yum.repos.d]# wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo --2019-03-22 23:17:50-- https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo Resolving mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)... 101.6.8.193, 2402:f000:1:408:8100::1 Connecting to mirrors.tuna.tsinghua.edu.cn (mirrors.tuna.tsinghua.edu.cn)|101.6.8.193|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 2424 (2.4K) [application/octet-stream] Saving to: ‘docker-ce.repo’ 100%[==================================================================================================================================>] 2,424 --.-K/s in 0s 2019-03-22 23:17:59 (485 MB/s) - ‘docker-ce.repo’ saved [2424/2424]
b、修改文件中链接为清华源仓库
[root@localhost yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo [root@localhost yum.repos.d]# more docker-ce.repo [docker-ce-stable] name=Docker CE Stable - $basearch baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg [docker-ce-stable-debuginfo] name=Docker CE Stable - Debuginfo $basearch baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/stable enabled=0 gpgcheck=1 gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
...
c、yum install -y docker-ce即可完成安装
d、制作镜像加速
增加docker配置文件并且配置加速链接。(列表中配置了cn加速连接,还可以配置阿里云加速等连接)
[root@localhost docker]# cat >> /etc/docker/daemon.json <<EOF > { > "registry-mirrors": ["https://guxaj7v7.mirror.aliyuncs.com","https://registry.docker-cn.com"] > } > EOF
e、启动docker 即可
[root@localhost log]# systemctl start docker [root@localhost log]# docker version Client: Version: 18.09.3 API version: 1.39 Go version: go1.10.8 Git commit: 774a1f4 Built: Thu Feb 28 06:33:21 2019 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.3 API version: 1.39 (minimum version 1.12) Go version: go1.10.8 Git commit: 774a1f4 Built: Thu Feb 28 06:02:24 2019 OS/Arch: linux/amd64 Experimental: false
f、要查看更详细的环境信息使用docker info即可
[root@localhost log]# docker info Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 1 Server Version: 18.09.3 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: e6b3f5632f50dbc4e9cb6288d911bf4f5e95b18e runc version: 6635b4f0c6af3810594d2770f662f34ddc15b40d init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 3.10.0-693.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 CPUs: 1 Total Memory: 1.781GiB Name: localhost.localdomain ID: Z7YJ:IMB4:5GCY:LZRC:33ER:7Y4A:VYN5:RZUK:VGRG:JULJ:Y5CM:HOLP Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://registry.docker-cn.com/ Live Restore Enabled: false Product License: Community Engine WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled
四、docker 常用操作
1、查找镜像:docker search,搜索docker 镜像 (没有 / 的为顶级仓库一般为docker官方的,有 / 的为用户仓库)
[root@localhost log]# docker search nginx NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 11101 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1567 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 694 [OK] jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as p… 494 [OK] webdevops/php-nginx Nginx with PHP-FPM 123 [OK] kitematic/hello-world-nginx A light-weight nginx container that demonstr… 123 zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server wi… 92 [OK] bitnami/nginx Bitnami nginx Docker Image 64 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 56 1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 49 [OK] tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 24 [OK] nginx/nginx-ingress NGINX Ingress Controller for Kubernetes 17 nginxdemos/hello NGINX webserver that serves a simple page co… 13 [OK] wodby/drupal-nginx Nginx for Drupal container image 12 [OK] blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK] schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 11 [OK] centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 10 centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 7 nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 4 1science/nginx Nginx Docker images that include Consul Temp… 4 [OK] mailu/nginx Mailu nginx frontend 3 [OK] travix/nginx NGinx reverse proxy 2 [OK] toccoag/openshift-nginx Nginx reverse proxy for Nice running on same… 1 [OK] ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 0 [OK] wodby/nginx
2、查看镜像docker images,docker镜像有最基础的alpine版本。并且busybox是一个很有意思的程序,它被链接成什么命令就可以被当做什么命令使用。
3、显示完整的镜像信息 docker images --no-trunc
[root@localhost log]# docker images --no-trunc REPOSITORY TAG IMAGE ID CREATED SIZE busybox latest sha256:d8233ab899d419c58cf3634c0df54ff5d8acc28f8173f09c21df4a07229e1205 5 weeks ago 1.2MB nginx 1.14-alpine sha256:66952fd0a8efa0598626fad89d3a0827bc24fc92c3adb576adbc9fd58606e1af 7 weeks ago 16MB centos 7 sha256:721823ac0277f52bcfd4933832d47ef0d5612191e92aef558291d5b3c15ceb35 7 months ago 284MB