docker
docker基本操作
# 验证是否安装成功
docker info
# 查看docker版本
docker --version
# 启动docker服务
sudo service docker start
sudo systemctl start docker
# 列出运行的docker
docker ps
查看docker资源使用
docker stats
序列化输出dockerps
alias dockerps='docker ps -a --format "table \t\t\t"'
docker ps format
docker ps -a --format "table \t\t\t\t\t\t"
docker ps -a --format "table \t\t\t\t"
docker镜像构建
# 使用当前目录的 Dockerfile 创建镜像,标签为 runoob/ubuntu:v1。
docker build -t runoob/ubuntu:v1 .
# 通过 -f Dockerfile 文件的位置:
docker build -f /path/to/a/Dockerfile .
# 镜像构建代理
docker build . \
--build-arg "HTTP_PROXY=http://proxy.example.com:8080/" \
--build-arg "HTTPS_PROXY=http://proxy.example.com:8080/" \
--build-arg "NO_PROXY=localhost,127.0.0.1,.example.com" \
-t your/image:tag
# Dockerfile 代理设置
FROM golang:1.12
ENV http_proxy "http://172.17.0.1:1087"
ENV HTTP_PROXY "http://172.17.0.1:1087"
ENV https_proxy "http://172.17.0.1:1087"
ENV HTTPS_PROXY "http://172.17.0.1:1087"
RUN curl www.google.com --max-time 3
docker容器启动
# 进入docker服务
docker exec -it 243c32535da7 /bin/bash
# 启动docker容器,容器内部端口5000,对外访问端口5001
docker run -d -p 5001:5000 training/webapp
# 查看指定容器端口映射到宿主机的端口号
docker port bf08b7f2cd89
# 查看日志
docker logs -f bf08b7f2cd89
# 查看日志的最后部分
docker logs -f --tail 1000 <container_name>
# 查看容器进程
docker top wizardly_chandrasekhar
# 查看Docker的底层信息
docker inspect wizardly_chandrasekhar
# 删除容器
docker rm wizardly_chandrasekhar
# 后台启动docker(centos:v1 image名)
docker run -d centos:v1
# 列出最近一次启动的容器
docker ps -l
# 检索镜像
docker search image_name
# 显示镜像历史
docker history image_name
# 普通用户授权docker
sudo usermod -aG docker user
sudo service docker restart
# 启动一个或多个已经被停止的容器
docker start [id]
# 停止一个运行中的容器
docker stop [id]
# 重启容器
docker restart [id]
# 导出容器
docker export 1e560fca3906 > ubuntu.tar
# 导入镜像
cat docker/ubuntu.tar | docker import - test/ubuntu:v1
# 查看docker ipaddress
docker inspect [id] | grep "IPAddress"
docker 镜像管理
images文件管理
# 列出本机的所有 image 文件。
docker image ls
# 删除 image 文件
docker image rm [imageName]
# image 文件从仓库抓取到本地
docker image pull library/hello-world
# docker 中国官方源加速
docker pull registry.docker-cn.com/library/ubuntu:16.04
# 使用docker info查看root位置
docker info
修改docker镜像存储位置
# 停止docker服务
systemctl stop docker
# 修改/lib/systemd/system/docker.service
# FROM:
ExecStart=/usr/bin/docker daemon -H fd://
# TO:
ExecStart=/usr/bin/docker daemon -g /new/path/docker -H fd://
# reload systemd daemon
systemctl daemon-reload
# start docker daemon
systemctl start docker
container 容器管理
# 运行 image 其中-i启动交互式,-t是分配一个tty
docker run -it --rm ubuntu bash
# 80端口映射 [-p hostPort:containerPort]
docker run -p 80:80 -t -i linode/lamp /bin/bash
docker container run \
# --rm停止运行后,自动删除容器文件
--rm \
# --name容器的名字叫做wordpress
--name wordpress \
# --volume将当前目录($PWD)映射到容器的/var/www/html(Apache 对外访问的默认目录)
--volume "$PWD/":/var/www/html \
php:5.6-apache
# -d 以Daemonized模式运动(后台运行)
docker run --name webserver -d -p 4000:80 nginx
# 查看正在运行的容器
docker container ls -l
# 查看所有容器
docker container ls --all
# 终止容器
docker container kill [containID]
# 删除容器
docker rm [containerID]
# 启动已经存在的容器
docker container start [containerID]
# 终止容器运行
docker container stop [containerID]
# 查看docker容器的log输出
docker logs [containerID]
# 查看最新的docker容器输出
docker logs -f --tail 10 [containerID]
# 进入一个正在运行的 docker 容器
docker exec -it [containerID] /bin/bash
# 从正在运行的 Docker 容器里面,将文件拷贝到本机
docker cp [containID]:[/path/to/file] ~/your/local/path
# 停用全部运行中的容器
docker stop $(docker ps -q)
# 重启全部的容器
docker restart $(docker ps -a -q)
# 删除全部容器
docker rm $(docker ps -aq)
# 查看容器的变化
docker diff [容器ID或容器名]
# 存储容器
docker commit [选项] <容器ID或容器名> [<仓库名>[:<标签>]]
docker commit \
--author "Joe Jiang <hijiangtao@gmail.com>" \
--message "modify: Nginx default page to Hello Docker" \
webserver \
nginx:v2
# 查看docker挂载信息
docker volume inspect [容器名]
Dockerfile
# Dockerfile
# 使用 Python 运行时作为基础镜像
FROM python:2.7-slim
# 设置 /app 为工作路径
WORKDIR /app
# 将当前目录所有内容复制到容器的 /app 目录下
ADD . /app
# 安装 requirements.txt 中指定的包
RUN pip install --trusted-host pypi.python.org -r requirements.txt
# 对容器外开放80端口
EXPOSE 80
# 定义环境变量
ENV NAME World
# 当容器启动时运行 app.py
CMD ["python", "app.py"]
Dockerfile例子
FROM python:3.7.3
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
RUN echo "Asia/Shanghai" > /etc/timezone
RUN mv /etc/apt/sources.list /etc/apt/sources.list.bak && \
echo "deb http://mirrors.aliyun.com/debian/ stretch main non-free contrib" >/etc/apt/sources.list && \
echo "deb-src http://mirrors.aliyun.com/debian/ stretch main non-free contrib" >>/etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian-security stretch/updates main" >>/etc/apt/sources.list && \
echo "deb-src http://mirrors.aliyun.com/debian-security stretch/updates main" >>/etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >>/etc/apt/sources.list && \
echo "deb-src http://mirrors.aliyun.com/debian/ stretch-updates main non-free contrib" >>/etc/apt/sources.list && \
echo "deb http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >>/etc/apt/sources.list && \
echo "deb-src http://mirrors.aliyun.com/debian/ stretch-backports main non-free contrib" >>/etc/apt/sources.list
RUN apt-get update && \
apt-get install -y vim && \
apt-get install -y openssh-server && \
rm -rf /var/lib/apt/lists/* && \
apt-get clean
RUN echo 'root:bjut2019' |chpasswd
RUN sed -ri 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config && \
sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config
RUN mkdir -p /var/run/sshd
EXPOSE 22
EXPOSE 5000
CMD ["/usr/sbin/sshd", "-D"]
COPY . /app
WORKDIR /app
RUN pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
ENTRYPOINT ["gunicorn"]
lamp docker
# create a temporary container for testing purposes
docker run -it --rm fauria/lamp bash
# create a container to debug a web app
docker run --rm -p 8080:80 -e LOG_STDOUT=true -e LOG_STDERR=true -e LOG_LEVEL=debug -v /my/data/directory:/var/www/html fauria/lamp
代理设置
proxy for Docker daemon systemd的系统代理(谨慎使用)
# create dir
/etc/systemd/system/docker.service.d
# create file
/etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://proxy.server:port"
Environment="HTTPS_PROXY=http://proxy.server:port"
Environment="NO_PROXY=localhost,127.0.0.1"
# Apply settings and restart Docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
docker compose代理设置
docker-compose build \
--build-arg http_proxy=http://proxy.exaple.com \
--build-arg https_proxy=http://proxy.exaple.com
build:
context: .
args:
- http_proxy=http://proxy.exaple.com
- https_proxy=http://proxy.exaple.com
# 代理设置
bamboo-server:
image: matisq/bamboo-server
ports:
- 8085:8085
- 54663:54663
links:
- postgres
environment:
BAMBOO_VERSION: ${BAMBOO_VERSION}
BAMBOO_HOME: /home/bamboo
BAMBOO_BAMBOO_SERVER_ID: bamboo-server
http_proxy: http://192.168.65.1:3128
https_proxy: http://192.168.65.1:3128
docker网络设置
network
# 创建新的docker网络
docker network create -d bridge my-net
docker network create --driver=bridge --subnet=192.161.0.0/16 monitor_net
# 运行两个容器并连接到 my-net 网络, 进入任一个容器,两者可以互相ping通
docker run -it --rm --name busybox1 --network my-net busybox sh
docker run -it --rm --name busybox2 --network my-net busybox sh
docker run -it --name <容器名> ---network monitor_net <镜像名>
# 列出所有docker网络
docker network ls
# 删除网络
docker network rm c520032c3d31
# 删除网桥
ip link del docker0 down
# Use the docker network prune command to remove all unused networks.
docker network prune
# 检查网络
docker network inspect [id]
docker 设置
docker换源
# 新建/etc/docker/daemon.json加入
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}
docker网段设置
# 新建/etc/docker/daemon.json加入
{
"debug": true,
# bridge0 网关设置
"bip": "172.19.153.1/24",
"default-address-pools":[
{
# 定义网络地址
"base": "172.19.31.0/8",
"size": 24
}
]
}
# start docker daemon
systemctl start docker
Docker镜像管理
# 查看docker硬盘使用情况
du -hs /var/lib/docker/
# 查看docker使用情况
docker system df
# 查看单个image、container大小
docker system df -v
# 清理docker文件
docker system prune -a
docker compose
docker-compose 操作
# Make sure you are in the same directory as docker-compose.yml
# 启动docker-compose
docker-compose up -d
# 关闭docker compose
docker compose stop
# 启动单个容器
docker-compose up -d clickhouse
docker-compose挂载容器配置文件时出现了问题,确实需要自定义config.xml和users.xml,建议先运行容器让它生成默认配置,然后复制出来修改,再重新挂载。
# 简化docker-compose.yml配置, 仅保留基本的运行配置:
# ClickHouse
clickhouse:
image: clickhouse/clickhouse-server:latest
container_name: cj_clickhouse
restart: always
ports:
- "8123:8123"
- "9000:9000"
volumes:
- ./clickhouse/db:/var/lib/clickhouse:rw
- /etc/localtime:/etc/localtime:ro
networks:
default:
aliases:
- clickhouse.cj.com
# 复制配置文件
docker cp cj_clickhouse:/etc/clickhouse-server/config.xml clickhouse/config.xml
docker cp cj_clickhouse:/etc/clickhouse-server/users.xml clickhouse/users.xml
# 然后更新docker-compose.yml添加这些配置文件的挂载:
# ClickHouse
clickhouse:
image: clickhouse/clickhouse-server:latest
container_name: cj_clickhouse
restart: always
ports:
- "8123:8123"
- "9000:9000"
volumes:
- ./clickhouse/db:/var/lib/clickhouse:rw
- ./clickhouse/config.xml:/etc/clickhouse-server/config.xml:rw
- ./clickhouse/users.xml:/etc/clickhouse-server/users.xml:rw
- /etc/localtime:/etc/localtime:ro
networks:
default:
aliases:
- clickhouse.cj.com
docker-compose.yaml
version: '2.2'
services:
# api 接口 6075
twe:
image: water_twe
container_name: twe
restart: always
ports:
- "6075:5000"
volumes:
- ./twe:/app
depends_on:
twe-mysql:
condition: service_started
twe-redis:
condition: service_started
twe-neo4j:
condition: service_started
geoserver:
condition: service_started
twe-postgis:
condition: service_started
links:
- twe-mysql
- twe-redis
- twe-neo4j
- geoserver
- twe-postgis
networks:
default:
aliases:
- api.water.bjut.com
# mysql
twe-mysql:
image: mysql:5.6
container_name: twe-mysql
restart: always
ports:
- "6076:3306"
environment:
MYSQL_ROOT_PASSWORD: 123456
volumes:
- ./mysql:/var/lib/mysql
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# mysql 在线管理 6077, 账号密码 root 123456
twe-phpmyadmin:
image: phpmyadmin/phpmyadmin
container_name: twe-phpmyadmin
restart: always
ports:
- "6077:80"
environment:
MYSQL_ROOT_PASSWORD: 123456
links:
- twe-mysql:db
networks:
default:
aliases:
- api.water.bjut.com
# redis
twe-redis:
image: redis:5
container_name: twe-redis
restart: always
ports:
- "6078:6379"
volumes:
- ./redis/twe:/data
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# neo4j 在线管理 7474,连接7687
twe-neo4j:
image: neo4j:3.5.14
container_name: twe-neo4j
restart: always
ports:
- "7474:7474"
- "7687:7687"
volumes:
- ./neo4j:/data
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# geoserver 在线管理 6079
geoserver:
image: oscarfonts/geoserver
container_name: geoserver
restart: always
ports:
- "6079:8080"
volumes:
- ./geoserver:/var/local/geoserver
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# / 接口文档,/pt 平台原型
twe-apache:
image: php:7.2-apache
container_name: twe-apache
restart: always
ports:
- "6081:80"
volumes:
- ./apache:/var/www/html
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# water brain 训练平台
twe-brain:
image: water_twe_brain
container_name: twe-brain
restart: always
ports:
- "6082:5000"
links:
- twe-mysql:db
- twe-redis
- twe-predict
depends_on:
twe-mysql:
condition: service_started
twe-redis:
condition: service_started
twe-predict:
condition: service_started
volumes:
- ./brain:/app
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# # celery predict 预测模型
twe-predict:
image: water_twe_predict
container_name: twe-predict
restart: always
ports:
- "6083:5000"
links:
- twe-redis-celery
depends_on:
twe-mysql:
condition: service_started
twe-redis-celery:
condition: service_started
volumes:
- ./predict:/app
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# # 污染管控模型
twe-calsp:
image: calsp
container_name: twe-calsp
restart: always
ports:
- "6074:5000"
links:
- twe-mysql
depends_on:
twe-mysql:
condition: service_started
volumes:
- ./calsp:/app
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# redis celery
twe-redis-celery:
image: redis:5
container_name: twe-redis-celery
restart: always
ports:
- "6084:6379"
volumes:
- ./redis/celery:/data
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
# web
twe-web:
image: tomcat:8-jdk8-corretto
container_name: twe-web
restart: always
ports:
- "6085:8080"
links:
- twe
- geoserver
- twe-mongo
volumes:
- ./tomcat:/usr/local/tomcat/webapps
- /etc/localtime:/etc/localtime
networks:
default:
aliases:
- api.water.bjut.com
twe-mongo:
image: mongo:4.4.2
container_name: twe-mongo
restart: always
ports:
- "27017:27017"
volumes:
- ./mongo:/data/db
networks:
default:
aliases:
- api.water.bjut.com
twe-postgis:
image: kartoza/postgis:13.0
container_name: twe-postgis
restart: always
ports:
- "25432:5432"
environment:
POSTGRES_USER: docker
POSTGRES_PASSWORD: bjut@2021
PASSWORD_AUTHENTICATION: md5
ALLOW_IP_RANGE: 0.0.0.0/0
volumes:
- ./postgres:/var/lib/postgresql
networks:
default:
aliases:
- api.water.bjut.com
networks:
default:
driver: bridge
ipam:
driver: default
config:
- subnet: 10.103.0.1/16