Docker & k8s - installation, deployment, image management, container operation and Dockerfile of docker
Container overview
Containers are a basic tool. Generally refers to any tool that can be used to contain other goods, which can be partially or completely closed and used to contain, store and transport goods. Objects can be placed in containers that protect their contents.
- Wikipedia
[the external chain image transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the image and upload it directly (img-cqhf3thk-1623918295171)( https://i.loli.net/2021/06/16/LeSrbjA4cqWMP2x.png )]
To avoid the possible impact between processes, we run processes in different environments in different containers. On the same host but isolated from each other - virtualization technology is similar to installing virtual machines, then installing virtual machines on the system, installing operating systems, and then installing the environment. This is too troublesome, and the container technology appears accordingly - directly install the Dockers Engine on the system and install the environment on it.
Meet the isolation conditions:
[external chain picture transfer failed. The source station may have anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-dvdyqgjk-1623918295173)( https://i.loli.net/2021/06/16/H96FSjqMVveJKbo.png )]
Development history of container
[the external chain picture transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-9q0dqssv-1623918295175)( https://i.loli.net/2021/06/16/CNYnW8Rql9hET5j.png )]
Docker introduction
Docker was officially released in 2013. As early as 2010, several beards established a Paas platform company - dotCloud in San Francisco. In March 2013, Solomon Hykes, 28, one of the founders of dotCloud and the father of docker, officially decided to open source the docker project.
Build Once, Run Anywhere.
—Solomon Hykes
- Docker lightweight virtualization solution based on container technology
- Docker is a container engine, which provides users with a convenient interface for creating and managing containers (including command line and API)
- Open source, based on Go language
- Most manufacturers support it
- Complete container management ecosystem
[external chain picture transfer failed. The source station may have anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-mh1bcaus-1623918295179)( https://i.loli.net/2021/06/16/DqhcjSpyJe4Bnwt.png )]
Docker engine mainly has two versions: enterprise version (EE) and community version (CE).
Docker installation and deployment
install
Alibaba cloud ECS
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# uname -a
Linux iZuf6g4e6vhdv58sz2z1klZ 4.18.0-193.28.1.el8_2.x86_64 #1 SMP Thu Oct 22 00:20:22 UTC 2020 x86_64 x86_64 x
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# getenforce
Disabled
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl stop firewalld
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# free -m
total used free shared buff/cache available
Mem: 1723 1115 139 3 468 440
Swap: 1024 301 723
# epel source
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install epel-release -y
Repository epel is listed more than once in the configuration
Last metadata expiration check: 2:47:33 ago on Wed 16 Jun 2021 03:07:22 PM CST.
Package epel-release-8-10.el8.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
# Install docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install -y yum-utils
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum list docker-ce --showduplicate
Repository epel is listed more than once in the configuration
Docker CE Stable - x86_64 78 kB/s | 14 kB 00:00
Available Packages
docker-ce.x86_64 3:19.03.13-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.14-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.15-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.0-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.1-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.2-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.4-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.5-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.6-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.7-3.el8 docker-ce-stable
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install docker-ce -y
deploy
# Power on self start [root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl enable docker Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service. # Start docker [root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl start docker # to configure [root@iZuf6g4e6vhdv58sz2z1klZ ~]#vi /etc/docker/daemon.json
configuration file
{
"graph": "/mydata/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com", "quay.io"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com/"],
"bip": "172.17.0.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore":true
}
docker info
Check whether the container information and startup are normal
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl restart docker [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker info Client: Context: default Debug Mode: false Plugins: app: Docker App (Docker Inc., v0.9.1-beta3) buildx: Build with BuildKit (Docker Inc., v0.5.1-docker) scan: Docker Scan (Docker Inc., v0.8.0) Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 20.10.7 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: systemd Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc Default Runtime: runc Init Binary: docker-init containerd version: d71fcd7d8303cbf684402823e425e9dd2e99285d runc version: b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7 init version: de40ad0 Security Options: seccomp Profile: default Kernel Version: 4.18.0-193.28.1.el8_2.x86_64 Operating System: CentOS Linux 8 (Core) OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 1.683GiB Name: iZuf6g4e6vhdv58sz2z1klZ ID: T3TJ:BJTA:U5PY:ZX74:K57G:7CDR:RMCT:CSBG:JLFG:FXPQ:KUB6:MVJT Docker Root Dir: /mydata/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: quay.io registry.access.redhat.com 127.0.0.0/8 Registry Mirrors: https://q2gr04ke.mirror.aliyuncs.com/ Live Restore Enabled: true
The first command is hello world
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
b8dfde127a29: Pull complete
Digest: sha256:9f6ad537c5132bcce57f7a0a20e317228d382c3cd61edae14650eec68b2b345c
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
Docker is a typical C/S architecture engine
To generate this message, Docker took the following steps:
- The Docker client contacted the Docker daemon.
- The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64) - The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading. - The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
[the external chain picture transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the picture and upload it directly (IMG tnsrpky2-1623918295180)( https://i.loli.net/2021/06/16/93znmkxobKBi6Cu.png )]
Image management of Docker
Remote warehouse
Register dockerhub: https://hub.docker.com/repositories
Login: docker login docker io
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker login docker.io Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username: dachongming Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@iZuf6g4e6vhdv58sz2z1klZ ~]# # Information stored in [root@iZuf6g4e6vhdv58sz2z1klZ ~]# cat /root/.docker/config.json
Search image
docker search alpine
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker search alpine NAME DESCRIPTION STARS OFFICIAL AUTOMATED alpine A minimal Docker image based on Alpine Linux... 7551 [OK] mhart/alpine-node Minimal Node.js built on Alpine Linux 484 anapsix/alpine-java Oracle Java 8 (and 7) with GLIBC 2.28 over A... 470 [OK] frolvlad/alpine-glibc Alpine Docker image with glibc (~12MB) 261 [OK] alpine/git A simple git container running in alpine li... 183 [OK] yobasystems/alpine-mariadb MariaDB running on Alpine Linux [docker] [am... 89 [OK] alpine/socat Run socat command in alpine container 68 [OK] davidcaste/alpine-tomcat Apache Tomcat 7/8 using Oracle Java 7/8 with... 44 [OK] kiasaki/alpine-postgres PostgreSQL docker image based on Alpine Linux 44 [OK] jfloff/alpine-python A small, more complete, Python Docker image ... 41 [OK] byrnedo/alpine-curl Alpine linux with curl installed and set as ... 34 [OK] zenika/alpine-chrome Chrome running in headless mode in a tiny Al... 34 [OK] hermsi/alpine-sshd Dockerize your OpenSSH-server with rsync and... 33 [OK] hermsi/alpine-fpm-php FPM-PHP 7.0 to 8.0, shipped along with tons ... 25 [OK] etopian/alpine-php-wordpress Alpine WordPress Nginx PHP-FPM WP-CLI 25 [OK] bashell/alpine-bash Alpine Linux with /bin/bash as a default she... 18 [OK] davidcaste/alpine-java-unlimited-jce Oracle Java 8 (and 7) with GLIBC 2.21 over A... 13 [OK] roribio16/alpine-sqs Dockerized ElasticMQ server + web UI over Al... 13 [OK] spotify/alpine Alpine image with `bash` and `curl`. 11 [OK] cfmanteiga/alpine-bash-curl-jq Docker Alpine image with Bash, curl and jq p... 6 [OK] bushrangers/alpine-caddy Alpine Linux Docker Container running Caddys... 1 [OK] ellerbrock/alpine-mysql-client MySQL Client based on Alpine Linux 1 [OK] apteno/alpine-jq Weekly build of alpine image with curl, wget... 1 dwdraju/alpine-curl-jq Alpine Docker Image with curl, jq, bash 1 [OK] goodguykoi/alpine-curl-internal simple alpine image with curl installed no C... 1 [OK]
You can also search on dockerhub with a visual interface
[the external chain image transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the image and upload it directly (img-w4opvpyk-1623918295181)( https://i.loli.net/2021/06/16/rvjOLZDUzypuRnl.png )]
Download an image
docker pull alpine
docker pull alpine downloads the latest version by default
docker pull alpine:3.10.1 download the specified tag
docker pull docker.io/library/alpine:3.10.1 full path. Other warehouses cannot be saved. Only dockerhub can be saved
Image structure: registry_name/repository_name/image_name:tag_name
For example: docker io/library/alpine:3.10.1
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker pull alpine Using default tag: latest latest: Pulling from library/alpine 5843afab3874: Pull complete Digest: sha256:234cb88d3020898631af0ccbbcca9a66ae7306ecd30c9720690858c1b007d2a0 Status: Downloaded newer image for alpine:latest docker.io/library/alpine:latest
View local mirror
docker image ls
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE alpine latest d4ff818577bc 14 hours ago 5.6MB hello-world latest d1165f221234 3 months ago 13.3kB
Label the image
docker tag IMAGE ID registry_name/repository_name/image_name:tag_name
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker tag d4ff818577bc docker.io/dachongming/alpine:v3.14.0 [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE dachongming/alpine v3.14.0 d4ff818577bc 14 hours ago 5.6MB alpine latest d4ff818577bc 14 hours ago 5.6MB hello-world latest d1165f221234 3 months ago 13.3kB
Push image
docker push docker.io/dachongming/alpine:v3.14.0
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker push docker.io/dachongming/alpine:v3.14.0 The push refers to repository [docker.io/dachongming/alpine] 72e830a4dff5: Mounted from library/alpine v3.14.0: digest: sha256:1775bebec23e1f3ce486989bfc9ff3c4e951690df84aa9f926497d82f2ffca9d size: 528
[external chain picture transfer failed. The source station may have anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-x7tdgusr-1623918295182)( https://i.loli.net/2021/06/16/1nfAkVWCNeH9EM8.png )]
delete mirror
docker rmi docker.io/dachongming/alpine:v3.14.0
Just delete labels
docker rmi -f IMAGE ID
Force delete all
docker hub still exists. If you want to have another one, just pull it
[external chain picture transfer failed. The source station may have anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-f3e9kscc-1623918295183)( https://i.loli.net/2021/06/16/18b5ni2VjtrSZhM.png )]
The image is pulled more for the first time, and then only the incremental part is pulled each time
Basic operations of Docker container
View local container processes
docker ps -a
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler [root@iZuf6g4e6vhdv58sz2z1klZ ~]#
Start container (run mirror)
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run --help Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] OPTIONS:option -i:Represents starting an interactive container,And continuously open the standard input -t:Indicates that the terminal is associated to the standard input and output of the container -d:Indicates that the container is placed to run in the background -rm:Delete container after exiting -name:Represents the unique name of the definition container IMAGE:Represents the image to run COMMAND:Indicates the command to run when starting the container
- Interactively launch a container
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -it docker.io/dachongming/alpine:v3.14.0 /bin/sh / # cat /etc/issue Welcome to Alpine Linux 3.14 Kernel \r on an \m (\l) / # exit [root@iZuf6g4e6vhdv58sz2z1klZ ~]#
- Non interactive launch of a container
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -rm docker.io/dachongming/alpine:v3.14.0 /bin/echo hello
- Background operation
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run -d docker.io/dachongming/alpine:v3.14.0 /bin/sleep 300 [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 50d3d748b4f2 dachongming/alpine:v3.14.0 "/bin/sleep 300" 4 seconds ago Up 3 seconds nervous_lumiere aaed2bd3a058 dachongming/alpine:v3.14.0 "/bin/sh" 10 minutes ago Exited (0) 9 minutes ago nervous_allen d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler
Enter container
docker exec -ti CONTAINER ID /bin/sh
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker exec -ti --name myalphin 50d3d748b4f2 /bin/sh / # cat /etc/issue Welcome to Alpine Linux 3.14 Kernel \r on an \m (\l) / #
Stop container
docker stop CONTAINER ID
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker stop 50d3d748b4f2 50d3d748b4f2 [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 50d3d748b4f2 dachongming/alpine:v3.14.0 "/bin/sleep 300" 4 minutes ago Exited (137) 14 seconds ago nervous_lumiere aaed2bd3a058 dachongming/alpine:v3.14.0 "/bin/sh" 15 minutes ago Exited (0) 14 minutes ago nervous_allen d3f98566b856 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago gallant_kepler
restart
docker restart CONTAINER ID
Delete container
docker rm CONTAINER ID
or
docker rm -f CONTAINER_NAME
Write file persistence
docker commit -p CONTAINER ID docker.io/dachongming/alpine:v3.14.0_with_1.txt
Import / export image
-
export
docker save IMAGE_ID > name:tag.tar
-
Import
docker load < name\:tag.tar
View container logs
docker logs CONTAINER_ID
Advanced operations of Docker container
Download Nginx image
docker pull nginx:tag
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker pull nginx Using default tag: latest latest: Pulling from library/nginx 69692152171a: Pull complete 30afc0b18f67: Pull complete 596b1d696923: Pull complete febe5bd23e98: Pull complete 8283eee92e2f: Pull complete 351ad75a6cfa: Pull complete Digest: sha256:6d75c99af15565a301e48297fa2d121e15d80ad526f8369c526324f0f7ccb750 Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest
Port mapping
docker run --rm --name mynginx -d -p81:80 dachongming/nginx:latest
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker tag d1a364dc548d dachongming/nginx:latest [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker run --rm --name mynginx -d -p81:80 dachongming/nginx:latest 48c64b903bb2a260de104be1fa4c8597d291083d6edcff6b19f1a41d10ef7582 [root@iZuf6g4e6vhdv58sz2z1klZ ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 48c64b903bb2 dachongming/nginx:latest "/docker-entrypoint...." 6 seconds ago Up 4 seconds 0.0.0.0:81->80/tcp, :::81->80/tcp mynginx 50d3d748b4f2 dachongming/alpine:v3.14.0 "/bin/sleep 300" 18 hours ago Exited (137) 18 hours ago nervous_lumiere aaed2bd3a058 dachongming/alpine:v3.14.0 "/bin/sh" 18 hours ago Exited (0) 18 hours ago nervous_allen d3f98566b856 hello-world "/hello" 20 hours ago Exited (0) 20 hours ago gallant_kepler [root@iZuf6g4e6vhdv58sz2z1klZ ~]#
Enter in the browser: IP:81
[the external chain image transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the image and upload it directly (img-4xkck01h-1623918295184)( https://i.loli.net/2021/06/17/9aDR8PgHeruMSsc.png )]
Mount data volume
docker run -d --rm --name nginx_baidu -p81:80 -v/mydata/html:/usr/share/nginx/html dachongming/nginx:latest
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# cd /mydata/ [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# ls bill BlogLee blogleev2 docker [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# mkdir html [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# ls bill BlogLee blogleev2 docker html [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# wget www.baidu.com -O index.html --2021-06-17 14:50:48-- http://www.baidu.com/ Resolving www.baidu.com (www.baidu.com)... 112.80.248.76, 112.80.248.75 Connecting to www.baidu.com (www.baidu.com)|112.80.248.76|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 2381 (2.3K) [text/html] Saving to: 'index.html' index.html 100%[========================================>] 2.33K --.-KB/s in 0s 2021-06-17 14:50:48 (171 MB/s) - 'index.html' saved [2381/2381] [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# ls bill BlogLee blogleev2 docker html index.html [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# mv index.html ./html [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# ls bill BlogLee blogleev2 docker html [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# cd html/ [root@iZuf6g4e6vhdv58sz2z1klZ html]# LS -bash: LS: command not found [root@iZuf6g4e6vhdv58sz2z1klZ html]# ls index.html [root@iZuf6g4e6vhdv58sz2z1klZ html]# cat index.html [root@iZuf6g4e6vhdv58sz2z1klZ html]# docker run -d --rm --name nginx_baidu -p81:80 -v/mydata/html:/usr/share/nginx/html dachongming/nginx:latest ef46c492a7d8bb60311b56e6685c77e72eda70bac0ed702e85f1696763e5fcc8 [root@iZuf6g4e6vhdv58sz2z1klZ html]#
At this time, access: IP:81
[external chain picture transfer failed. The source station may have anti-theft chain mechanism. It is recommended to save the picture and upload it directly (img-zo87fa81-1623918295186)( https://i.loli.net/2021/06/17/EpilYuoeDNVFzjr.png )]
Passing environment variables
docker run --rm -e KEY=VALUE alpine:latest printenv
[root@iZuf6g4e6vhdv58sz2z1klZ html]# docker run --rm -e KEY=VALUE alpine:latest printenv PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=6075948f8101 KEY=VALUE HOME=/root [root@iZuf6g4e6vhdv58sz2z1klZ html]# docker run --rm alpine:latest printenv PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=ec1fbe854da2 HOME=/root [root@iZuf6g4e6vhdv58sz2z1klZ html]#
Install software (tools) in container
tee /etc/apt/sources.list << EOF deb http://mirrors.163.com/debian/ jessie main non-free contrib deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib EOF [root@iZuf6g4e6vhdv58sz2z1klZ html]# docker exec -ti nginx_baidu /bin/bash root@ef46c492a7d8:/# pwd / root@ef46c492a7d8:/# ls bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var boot docker-entrypoint.d etc lib media opt root sbin sys usr root@ef46c492a7d8:/# tee /etc/apt/sources.list << EOF > deb http://mirrors.163.com/debian/ jessie main non-free contrib > deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib > EOF deb http://mirrors.163.com/debian/ jessie main non-free contrib deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib root@ef46c492a7d8:/# apt-get update && apt-get install curl -y Ign:1 http://mirrors.163.com/debian jessie InRelease Get:2 http://mirrors.163.com/debian jessie-updates InRelease [16.3 kB] Get:3 http://mirrors.163.com/debian jessie Release [77.3 kB] Get:4 http://mirrors.163.com/debian jessie Release.gpg [1652 B] Err:2 http://mirrors.163.com/debian jessie-updates InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 Ign:4 http://mirrors.163.com/debian jessie Release.gpg Reading package lists... Done W: GPG error: http://mirrors.163.com/debian jessie-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 E: The repository 'http://mirrors.163.com/debian jessie-updates InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. W: GPG error: http://mirrors.163.com/debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1 E: The repository 'http://mirrors.163.com/debian jessie Release' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. root@ef46c492a7d8:/# curl curl: try 'curl --help' or 'curl --manual' for more information root@ef46c492a7d8:/#
Container lifecycle
- Detect whether the local image exists. If it does not exist, retrieve it from the remote warehouse
- Boot container with image
- Allocate a file system and mount a read-write layer outside the read-only image layer
- Bridge a virtual interface from the network interface configured by the host to the container
- Configure an ip address from the address pool to the container
- Execute user specified commands
- The container terminates after execution
[the external chain image transfer fails. The source station may have an anti-theft chain mechanism. It is recommended to save the image and upload it directly (img-an1y0uck-1623918295187)( https://i.loli.net/2021/06/17/f4PeNyIKiqsSFWj.png )]
Dockerfile build image
rule
- format
- #Notes
- The instruction (upper case) content (lower case) is actually case insensitive, but try to follow it
- Execute instructions in order from top to bottom
- The first non comment line must be the FROM instruction
4 sets of core Dockerfile instructions
Build: docker build- t docker. io/dachongming/nginx:myfile
-
USER/WORKDIR
Which user / cd is used to enter a directory
[root@iZuf6g4e6vhdv58sz2z1klZ html]# cd /mydata/ [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# mkdir dockerfile [root@iZuf6g4e6vhdv58sz2z1klZ mydata]# cd dockerfile/ [root@iZuf6g4e6vhdv58sz2z1klZ dockerfile]# ls '[root@iZuf6g4e6vhdv58sz2z1klZ dockerfile]# vim Dockerfile FROM docker.io/dachongming/nginx:latest USER nginx WORKDIR /usr/share/nginx/html # structure [root@iZuf6g4e6vhdv58sz2z1klZ dockerfile]# docker build . -t docker.io/dachongming/nginx:myfile Sending build context to Docker daemon 2.048kB Step 1/3 : FROM docker.io/dachongming/nginx:latest ---> d1a364dc548d Step 2/3 : USER nginx ---> Running in 050b6999cd9c Removing intermediate container 050b6999cd9c ---> 106250864654 Step 3/3 : WORKDIR /usr/share/nginx/html ---> Running in 616a745ff982 Removing intermediate container 616a745ff982 ---> 95fe2fbc39a9 Successfully built 95fe2fbc39a9 Successfully tagged dachongming/nginx:myfile [root@iZuf6g4e6vhdv58sz2z1klZ dockerfile]# docker run -rm -ti dachongming/nginx:myfile /bin/bash unknown shorthand flag: 'r' in -rm See 'docker run --help'. [root@iZuf6g4e6vhdv58sz2z1klZ dockerfile]# docker run --rm -ti dachongming/nginx:myfile /bin/bash nginx@8bd7d3174e01:/usr/share/nginx/html$ pwd /usr/share/nginx/html nginx@8bd7d3174e01:/usr/share/nginx/html$ whoami nginx nginx@8bd7d3174e01:/usr/share/nginx/html$
-
ADD/EXPOSE
Add file to container / exposed port
FROM docker.io/dachongming/nginx:latest ADD index.html /usr/share/nginx/html/index.html EXPOSE 80
-
RUN/ENV
Execute the command to install / environment variables in the image
FROM centos:7 ENV VER 9.9.4-74.e17_6.1 RUN yum install bind-$VER -y
-
CMD/ENTRYPOINT
Execute command when starting container/