环境:CentOS 6.5 64位
https://registry.hub.docker.com/
https://www.gitbook.com/book/yeasy/docker_practice/details Docker —— 从入门到实践
此版本现在安装运行有一定的问题,建议到此链接docker初学跟我来
1
2
|
docker安装
# yum install docker-io 最新为1.5的版本
|
如果没有安源,先安装http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
# service docker restart
# ps aux|grep docker |grep -v grep
root 2470 1.4 2.0 365780 15640 pts
/0
Sl 17:17 0:00
/usr/bin/docker
-d
# docker --help #查看docker的命令
# docker info
# docker version
Client version: 1.5.0
Client API version: 1.17
Go version (client): go1.3.3
Git commit (client): a8a31ef
/1
.5.0
OS
/Arch
(client): linux
/amd64
Server version: 1.5.0
Server API version: 1.17
Go version (server): go1.3.3
Git commit (server): a8a31ef
/1
.5.0
|
安装一个centos容器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# docker search ubuntu #搜索ubuntu镜像
[root@manager ~]
# docker search centos #搜索centos镜像
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 1024 [OK]
ansible
/centos7-ansible
Ansible on Centos7 42 [OK]
tutum
/centos
Centos image with SSH access. For the root... 13 [OK]
blalor
/centos
Bare-bones base CentOS 6.5 image 9 [OK]
[root@manager ~]
# docker pull tutum/centos #拉取一个docker镜像到本地
Pulling repository tutum
/centos
8daafe0f270b: Download complete
6941bfcbbfca: Download complete
41459f052977: Download complete
fd44297e2ddb: Download complete
e22c88592c50: Download complete
ffce4358d6e4: Download complete
5f0574f254a5: Download complete
77ad887d94d4: Download complete
009a97f615dc: Download complete
1d9e8ea240cb: Download complete
1f071815e864: Download complete
Status: Downloaded newer image
for
tutum
/centos
:latest
[root@manager ~]
# docker images #查看镜像,这样就可以了
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
tutum
/centos
latest 8daafe0f270b 13 days ago 292.2 MB
|
下面说docker容器的运行,ssh登录进去
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
[root@manager ~]
# docker run -it tutum/centos /bin/bash #开始运行一个docker
[root@4c7fb1a01e9a /]
# ls #根目录下有个run.sh,是开启ssh服务的
bin etc lib lost+found mnt proc run sbin srv tmp var
dev home lib64 media opt root run.sh set_root_pw.sh sys usr
[root@81b5869f7934 /]
# cat run.sh
#!/bin/bash
if
[
"${AUTHORIZED_KEYS}"
!=
"**None**"
];
then
echo
"=> Found authorized keys"
mkdir
-p
/root/
.
ssh
chmod
700
/root/
.
ssh
touch
/root/
.
ssh
/authorized_keys
chmod
600
/root/
.
ssh
/authorized_keys
IFS=$
'\n'
arr=$(
echo
${AUTHORIZED_KEYS} |
tr
","
"\n"
)
for
x
in
$arr
do
x=$(
echo
$x |
sed
-e
's/^ *//'
-e
's/ *$//'
)
cat
/root/
.
ssh
/authorized_keys
|
grep
"$x"
>
/dev/null
2>&1
if
[ $? -
ne
0 ];
then
echo
"=> Adding public key to /root/.ssh/authorized_keys: $x"
echo
"$x"
>>
/root/
.
ssh
/authorized_keys
fi
done
fi
if
[ ! -f /.root_pw_set ];
then
/set_root_pw
.sh
fi
exec
/usr/sbin/sshd
-D
[root@81b5869f7934 /]
# cat set_root_pw.sh
#!/bin/bash
if
[ -f /.root_pw_set ];
then
echo
"Root password already set!"
exit
0
fi
PASS=${ROOT_PASS:-$(pwgen -s 12 1)}
_word=$( [ ${ROOT_PASS} ] &&
echo
"preset"
||
echo
"random"
)
echo
"=> Setting a ${_word} password to the root user"
echo
"root:$PASS"
| chpasswd
echo
"=> Done!"
touch
/.root_pw_set
echo
"========================================================================"
echo
"You can now connect to this CentOS container via SSH using:"
echo
""
echo
" ssh -p <port> root@<host>"
echo
"and enter the root password '$PASS' when prompted"
echo
""
echo
"Please remember to change the above password as soon as possible!"
echo
"========================================================================"
#需要对ssh配置做如下改动
[root@87d9ae33bd8b /]
# sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
[root@87d9ae33bd8b /]
# sed -ri 's/#UsePAM no/UsePAM no/g' /etc/ssh/sshd_config
#先不要退出
|
#这时候需要新开或复制一下这个ssh,进行下面操作:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
[root@manager ~]
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
87d9ae33bd8b
tutum
/centos
:latest
"/bin/bash"
About a minute ago Up About
a minute 22
/tcp
elegant_hodgkin
[root@manager ~]
# docker commit 87d9ae33bd8b new_centos
aaf36507c751aed68eb2589136cc5ade1b6f062a18fe00733a10afa3780e5c91
[root@manager ~]
# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
new_centos latest aaf36507c751 6 seconds ago 292.2 MB
[root@manager ~]
# docker run -d -p 0.0.0.0:2222:22 new_centos /run.sh
683198a36fcbb8d95cbe63d70c0daa1dc81d0bce9ebd304b731e20aef77cb0ff
[root@manager ~]
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
683198a36fcb
new_centos:latest
"/run.sh"
3 seconds ago Up 1
seconds 0.0.0.0:2222->22
/tcp
reverent_jang
[root@manager ~]
# docker logs 683198a36fcb 2>&1 |grep '^and enter'
and enter the root password
'I2ihX1Fj4Aq2'
when prompted
[root@manager ~]
# ssh -p 2222 root@localhost
root@localhost
's password: #密码即是上面写的'
I2ihX1Fj4Aq2'
[root@683198a36fcb ~]
# ls /
bin etc lib lost+found mnt proc run sbin srv tmp var
dev home lib64 media opt root run.sh set_root_pw.sh sys usr
|
为什么会有些麻烦?
原因在于如果你是Ubuntu的系统,直接就可以使用了;然而centos的系统需要在ssh配置里面把“UsePAM yes”禁用才可以ssh登录,刚开始一直卡到这里:
[root@manager ~]# ssh -p 2222 root@localhost
root@localhost's password:
Connection to localhost closed.
也可以先下载centos的镜像包,这样就不会出现问题:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
# wget https://github.com/tutumcloud/tutum-centos/archive/master.zip
# unzip tutum-centos-master.zip
# cd tutum-centos-master
# docker build -t tutum/centos:centos6 centos6
#这一步是构建docker镜像,是根据Dockerfile文件执行操作指令,可以根据自己的需求修改Dockerfile
# cat centos6/Dockerfile
FROM centos:centos6
MAINTAINER Feng Honglin <hfeng@tutum.co>
RUN yum -y
install
openssh-server epel-release && \
yum -y
install
pwgen && \
rm
-f
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
&& \
ssh
-keygen -q -N
""
-t dsa -f
/etc/ssh/ssh_host_dsa_key
&& \
ssh
-keygen -q -N
""
-t rsa -f
/etc/ssh/ssh_host_rsa_key
&& \
sed
-i
"s/#UsePrivilegeSeparation.*/UsePrivilegeSeparation no/g"
/etc/ssh/sshd_config
&& \
sed
-i
"s/UsePAM.*/UsePAM no/g"
/etc/ssh/sshd_config
ADD set_root_pw.sh
/set_root_pw
.sh
#把本地脚本复制到docker里面
ADD run.sh
/run
.sh
RUN
chmod
+x /*.sh
#执行命令
ENV AUTHORIZED_KEYS **None**
#设置环境变量
EXPOSE 22
#对外22端口
CMD [
"/run.sh"
]
# docker images #查看构建的docker镜像
|
1
2
3
4
5
6
7
|
#给docker的内存设置为最大100M,cpu使用率不超过50%,本地40000端口映射到docker的22端口
[root@manager ~]
# docker run -m 100m -c 512 -d -p 40000:22 new_centos /run.sh
566d0985af12d1a8aadfc39e94cf826a053347f1bec4084ee4b81476dcf4e7d1
[root@manager ~]
# docker ps #查看运行的docker CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESe10324ba99ca
centos:centos6
"/bin/bash"
38 minutes ago Up 38
minutes elegant_lalande
|
docker容器安装nginx
ssh进入容器后,安装一个nginx
1
2
3
4
5
|
# yum install nginx -y
# /usr/sbin/nginx
# ps aux|grep nginx
root 154 0.0 0.2 109392 2136 ? Ss 03:28 0:00 nginx: master process
/usr/sbin/nginx
nginx 155 0.0 0.3 109812 3000 ? S 03:28 0:00 nginx: worker process
|
到这里,大家应该就明白以后怎么继续做了,具体怎么配置docker的容器,生成自己定制的一套环境,大家各自大显身手,这篇是希望通过这些步骤明白docker具体的操作方法
tutum/centos 这个镜像也可以这么玩,先设定密码或者私钥:
# docker run -d -p 2222:22 -e ROOT_PASS='mypass' new_centos /run.sh
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fdf9c04e3d60 new_centos:latest "/run.sh" 5 seconds ago Up 3 seconds 0.0.0.0:2222->22/tcp determined_feynman
# ssh -p 2222 root@localhost
[root@fdf9c04e3d60 ~]# cat /etc/centos-release
CentOS Linux release 7.1.1503 (Core)
tutum/centos 差点忘说了,这个版本的容器是centos 7.1
或者用私钥登录
docker run -d -p 2222:22 -e AUTHORIZED_KEYS="`cat ~/.ssh/id_rsa.pub`" new_centos /run.sh
docker的常用命令
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
# docker pull <镜像名:tag> #拉取一个镜像
# docker images #查看images
# docker run -i -t image_name /bin/bash #交互式进入容器
# docker ps #查看运行的docker
# docker logs <镜像名:tag> #查看容器的logs
# docker start/stop/kill <镜像名:tag>
# docker rm $(docker ps -a -q) #删除所有容器
# docker rmi $(docker images | grep none | awk '{print $3}' | sort -r) #删除所有镜像
# docker build -t <镜像名> <Dockerfile路径> #构建自己的镜像
# docker cp 683198a36fcb:/run.sh . #从docker复制一个文件到当前目录
# docker save new_centos:latest > net_centos.tar #保存镜像
# docker load < net_centos.tar #载入镜像
# docker run --help #更多的命令自己查看一下,相当丰富
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp
Copy files
/folders
from a container's filesystem to the host path
create Create a new container
diff
Inspect changes on a container's filesystem
events Get real
time
events from the server
exec
Run a
command
in
a running container
export
Stream the contents of a container as a
tar
archive
history
Show the
history
of an image
images List images
import
Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill
Kill a running container
load Load an image from a
tar
archive
login Register or log
in
to a Docker registry server
logout
Log out from a Docker registry server
logs Fetch the logs of a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
pause Pause all processes within a container
ps
List containers
pull Pull an image or a repository from a Docker registry server
push Push an image or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm
Remove one or
more
containers
rmi Remove one or
more
images
run Run a
command
in
a new container
save Save an image to a
tar
archive
search Search
for
an image on the Docker Hub
start Start a stopped container
stats Display a live stream of one or
more
containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top
Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block
until
a container stops,
then
print its
exit
code
Run
'docker COMMAND --help'
for
more
information on a
command
|
http://yeasy.gitbooks.io/docker_practice/content/appendix_command/index.html