热门标签
热门文章
- 12024年最全最新golang语言面试题总结(三)_golang多态面试题,Golang社招面经分享_golang面试题2024
- 2炒美股有什么要求,买美股要什么条件_炒美股需要什么条件
- 3Navicat平替软件汇总,各种数据库连接软件
- 4VHDL数据类型 &自定义数据类型_vhdl subtype
- 5人工智能商业应用成功的六大必要条件_决定人工智能项目是否成功的因素包括以下哪些选项?
- 6深入解析 Python 中的 self 关键字_self python关键字
- 7阿里云公共DNS免费版自9月30日开始限速 企业或商业场景需使用付费版_阿里云公共 dns 将对免费解析请求进行限速,对个人用户有没有影响
- 8使用Ethersjs构建以太坊Dapp的精彩旅程
- 9【记录】使用transformers从头开始训练bert_datasets transformers从零开始训练bert
- 10后端系统开发之——创建SpringBoot工程_b.建立你的后端spring boot工程,并创建你的controller,按照前端发送请求的格式,
当前位置: article > 正文
Docker/Podman基础应用_manifest unknown: manifest unknown
作者:码创造者 | 2024-07-25 03:52:08
赞
踩
manifest unknown: manifest unknown
1.镜像
Docker镜像类似于虚拟机镜像,他是一个已经打包好的系统文件,一个镜像可以包含一个完整的操作系统(例如,CenOS),也可以只包含一个中间件(例如ngxin)。我们可以把操作系统安装文件ISO理解为镜像,而且是只读的。
1.1拉取镜像
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker pull nginx Trying to pull registry.access.redhat.com/nginx... unsupported: This repo requires terms acceptance and is only available on registry.redhat.io Trying to pull registry.fedoraproject.org/nginx... manifest unknown: manifest unknown Trying to pull registry.centos.org/nginx... manifest unknown: manifest unknown Trying to pull docker.io/library/nginx... Getting image source signatures Copying blob f9dc69acb465 done Copying blob 54fec2fa59d0 done Copying blob 4ede6f09aefe done Copying config 602e111c06 done Writing manifest to image destination Storing signatures 602e111c06b6934013578ad80554a074049c59441d9bcd963cb4a7feccede7a5
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
1.2查看本机镜像
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest 602e111c06b6 2 days ago 131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
1.3查看某个本地镜像详情
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker inspect nginx [ { "Id": "602e111c06b6934013578ad80554a074049c59441d9bcd963cb4a7feccede7a5", "Digest": "sha256:86ae264c3f4acb99b2dee4d0098c40cb8c46dcf9e1148f05d3a51c4df6758c12", "RepoTags": [ "docker.io/library/nginx:latest" ], "RepoDigests": [ "docker.io/library/nginx@sha256:86ae264c3f4acb99b2dee4d0098c40cb8c46dcf9e1148f05d3a51c4df6758c12", "docker.io/library/nginx@sha256:cccef6d6bdea671c394956e24b0d0c44cd82dbe83f543a47fdc790fadea48422" ], "Parent": "", "Comment": "", "Created": "2020-04-23T13:03:01.355887897Z", "Config": { "ExposedPorts": { "80/tcp": {} }, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.17.10", "NJS_VERSION=0.3.9", "PKG_RELEASE=1~buster" ], "Cmd": [ "nginx", "-g", "daemon off;" ], "Labels": { "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>" }, "StopSignal": "SIGTERM" }, "Version": "18.09.7", "Author": "", "Architecture": "amd64", "Os": "linux", "Size": 130614008, "VirtualSize": 130614008, "GraphDriver": { "Name": "overlay", "Data": { "LowerDir": "/home/javadm/.local/share/containers/storage/overlay/c16ab5432290c07f1b51f534014942ef173c4f0bf2cf22bcc0429bcc0be55b67/diff:/home/javadm/.local/share/containers/storage/overlay/c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13/diff", "UpperDir": "/home/javadm/.local/share/containers/storage/overlay/d8f92083a7db6237a7010074b6bc0d79efce69301be7e5afe7cdd2a4acd8d680/diff", "WorkDir": "/home/javadm/.local/share/containers/storage/overlay/d8f92083a7db6237a7010074b6bc0d79efce69301be7e5afe7cdd2a4acd8d680/work" } }, "RootFS": { "Type": "layers", "Layers": [ "sha256:c2adabaecedbda0af72b153c6499a0555f3a769d52370469d8f6bd6328af9b13", "sha256:216cf33c0a2877e88bd687ced2d05331f442b8490962469220a3a63bf2aad3b0", "sha256:b3003aac411c1d650bc4e3757ad96afe8f98a99b81c4e760e09c6542ee674289" ] }, "Labels": { "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>" }, "Annotations": {}, "ManifestType": "application/vnd.docker.distribution.manifest.v2+json", "User": "", "History": [ { "created": "2020-04-23T00:20:32.126556976Z", "created_by": "/bin/sh -c #(nop) ADD file:9b8be2b52ee0fa31da1b6256099030b73546253a57e94cccb24605cd888bb74d in / " }, { "created": "2020-04-23T00:20:32.391326355Z", "created_by": "/bin/sh -c #(nop) CMD [\"bash\"]", "empty_layer": true }, { "created": "2020-04-23T13:02:24.647346893Z", "created_by": "/bin/sh -c #(nop) LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>", "empty_layer": true }, { "created": "2020-04-23T13:02:24.951828955Z", "created_by": "/bin/sh -c #(nop) ENV NGINX_VERSION=1.17.10", "empty_layer": true }, { "created": "2020-04-23T13:02:25.259326754Z", "created_by": "/bin/sh -c #(nop) ENV NJS_VERSION=0.3.9", "empty_layer": true }, { "created": "2020-04-23T13:02:25.59142152Z", "created_by": "/bin/sh -c #(nop) ENV PKG_RELEASE=1~buster", "empty_layer": true }, { "created": "2020-04-23T13:02:59.072951853Z", "created_by": "/bin/sh -c set -x && addgroup --system --gid 101 nginx && adduser --system --disabled-login --ingroup nginx --no-create-home --home /nonexistent --gecos \"nginx user\" --shell /bin/false --uid 101 nginx && apt-get update && apt-get install --no-install-recommends --no-install-suggests -y gnupg1 ca-certificates && NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; found=''; for server in ha.pool.sks-keyservers.net hkp://keyserver.ubuntu.com:80 hkp://p80.pool.sks-keyservers.net:80 pgp.mit.edu ; do echo \"Fetching GPG key $NGINX_GPGKEY from $server\"; apt-key adv --keyserver \"$server\" --keyserver-options timeout=10 --recv-keys \"$NGINX_GPGKEY\" && found=yes && break; done; test -z \"$found\" && echo >&2 \"error: failed to fetch GPG key $NGINX_GPGKEY\" && exit 1; apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* && dpkgArch=\"$(dpkg --print-architecture)\" && nginxPackages=\" nginx=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-xslt=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-geoip=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-njs=${NGINX_VERSION}.${NJS_VERSION}-${PKG_RELEASE} \" && case \"$dpkgArch\" in amd64|i386) echo \"deb https://nginx.org/packages/mainline/debian/ buster nginx\" >> /etc/apt/sources.list.d/nginx.list && apt-get update ;; *) echo \"deb-src https://nginx.org/packages/mainline/debian/ buster nginx\" >> /etc/apt/sources.list.d/nginx.list && tempDir=\"$(mktemp -d)\" && chmod 777 \"$tempDir\" && savedAptMark=\"$(apt-mark showmanual)\" && apt-get update && apt-get build-dep -y $nginxPackages && ( cd \"$tempDir\" && DEB_BUILD_OPTIONS=\"nocheck parallel=$(nproc)\" apt-get source --compile $nginxPackages ) && apt-mark showmanual | xargs apt-mark auto > /dev/null && { [ -z \"$savedAptMark\" ] || apt-mark manual $savedAptMark; } && ls -lAFh \"$tempDir\" && ( cd \"$tempDir\" && dpkg-scanpackages . > Packages ) && grep '^Package: ' \"$tempDir/Packages\" && echo \"deb [ trusted=yes ] file://$tempDir ./\" > /etc/apt/sources.list.d/temp.list && apt-get -o Acquire::GzipIndexes=false update ;; esac && apt-get install --no-install-recommends --no-install-suggests -y $nginxPackages gettext-base && apt-get remove --purge --auto-remove -y ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list && if [ -n \"$tempDir\" ]; then apt-get purge -y --auto-remove && rm -rf \"$tempDir\" /etc/apt/sources.list.d/temp.list; fi" }, { "created": "2020-04-23T13:03:00.368933408Z", "created_by": "/bin/sh -c ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log" }, { "created": "2020-04-23T13:03:00.732751286Z", "created_by": "/bin/sh -c #(nop) EXPOSE 80", "empty_layer": true }, { "created": "2020-04-23T13:03:01.05357517Z", "created_by": "/bin/sh -c #(nop) STOPSIGNAL SIGTERM", "empty_layer": true }, { "created": "2020-04-23T13:03:01.355887897Z", "created_by": "/bin/sh -c #(nop) CMD [\"nginx\" \"-g\" \"daemon off;\"]", "empty_layer": true } ] } ]
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
1.4 搜索远端仓库镜像
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker search mysql INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED redhat.com registry.access.redhat.com/rhscl/mysql-57-rhel7 Docker image for running MySQL 5.7 server. T... 0 redhat.com registry.access.redhat.com/rhscl/mysql-56-rhel7 MySQL 5.6 SQL database server 0 redhat.com registry.access.redhat.com/openshift3/mysql-55-rhel7 MySQL 5.5 SQL database server 0 redhat.com registry.access.redhat.com/openshift3/mysql-apb Ansible Playbook Bundle application definiti... 0 redhat.com registry.access.redhat.com/rhmap45/mysql Provides an extension to the RHSCL MySQL ima... 0 redhat.com registry.access.redhat.com/rhmap44/mysql Provides an extension to the RHSCL MySQL Doc... 0 redhat.com registry.access.redhat.com/rhmap42/mysql Provides an extension to the RHSCL MySQL Doc... 0 redhat.com registry.access.redhat.com/rhmap43/mysql Provides an extension to the RHSCL MySQL Doc... 0 redhat.com registry.access.redhat.com/rhmap46/mysql Provides an extension to the RHSCL MySQL ima... 0 redhat.com registry.access.redhat.com/rhmap47/mysql Provides an extension to the RHSCL MySQL ima... 0 redhat.com registry.access.redhat.com/rhscl/mysql-80-rhel7 This container image provides a containerize... 0 centos.org registry.centos.org/centos/mysql-56-centos7 0 centos.org registry.centos.org/centos/mysql-57-centos7 0 centos.org registry.centos.org/centos/mysql-80-centos7 0 docker.io docker.io/library/mysql MySQL is a widely used, open-source relation... 9412 [OK] docker.io docker.io/mysql/mysql-server Optimized MySQL Server Docker images. Create... 688 [OK] docker.io docker.io/circleci/mysql MySQL is a widely used, open-source relation... 19 docker.io docker.io/bitnami/mysql Bitnami MySQL Docker Image 39 [OK] docker.io docker.io/mysql/mysql-cluster Experimental MySQL Cluster Docker images. Cr... 66 docker.io docker.io/schickling/mysql-backup-s3 Backup MySQL to S3 (supports periodic backup... 29 [OK] docker.io docker.io/centos/mysql-57-centos7 MySQL 5.7 SQL database server 74 docker.io docker.io/ansibleplaybookbundle/mysql-apb An APB which deploys RHSCL MySQL 2 [OK] docker.io docker.io/deitch/mysql-backup REPLACED! Please use http://hub.docker.com/r... 41 [OK] docker.io docker.io/centos/mysql-56-centos7 MySQL 5.6 SQL database server 19 docker.io docker.io/arey/mysql-client Run a MySQL client from a docker container 13 [OK] docker.io docker.io/mysql/mysql-router MySQL Router provides transparent routing be... 15 docker.io docker.io/library/mariadb MariaDB is a community-developed fork of MyS... 3392 [OK] docker.io docker.io/centurylink/mysql Image containing mysql. Optimized to be link... 61 [OK] docker.io docker.io/linuxserver/mysql A Mysql container, brought to you by LinuxSe... 25 docker.io docker.io/openshift/mysql-55-centos7 DEPRECATED: A Centos7 based MySQL v5.5 image... 6 docker.io docker.io/widdpim/mysql-client Dockerized MySQL Client (5.7) including Curl... 0 [OK] docker.io docker.io/prom/mysqld-exporter 27 [OK] docker.io docker.io/tutum/mysql Base docker image to run a MySQL database se... 34 docker.io docker.io/jelastic/mysql An image of the MySQL database server mainta... 1 docker.io docker.io/fradelg/mysql-cron-backup MySQL/MariaDB database backup using cron tas... 6 [OK] docker.io docker.io/databack/mysql-backup Back up mysql databases to... anywhere! 15 docker.io docker.io/devilbox/mysql Retagged MySQL, MariaDB and PerconaDB offici... 3 docker.io docker.io/monasca/mysql-init A minimal decoupled init container for mysql 0 docker.io docker.io/genschsa/mysql-employees MySQL Employee Sample Database 5 [OK] [javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
1.5 删除本地镜像
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest 602e111c06b6 2 days ago 131 MB
registry.access.redhat.com/rhscl/mysql-57-rhel7 latest 60726b33a00a 6 months ago 448 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker rmi registry.access.redhat.com/rhscl/mysql-57-rhel7
Untagged: registry.access.redhat.com/rhscl/mysql-57-rhel7:latest
Deleted: 60726b33a00a2c3be60e25c3270a34a9b147db86602f05a71988a1c92a70cebc
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest 602e111c06b6 2 days ago 131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
docker rmi 后面跟tag名称时,只会根据tag名称删除,后面跟镜像ID时会尝试删除所有该ID的镜像。
如果该镜像已经被运行了容器,删除镜像前需要先删除容器。
1.6 创建本地镜像
待续
1.7 上传本地镜像
待续
2.容器
Docker容器类似于一个轻量级的隔离环境,他包含一个简易版的Linux系统环境(root用户权限、进程空间、用户空间和网络空间)。容器可以理解为通过镜像加载好的一个操作系统环境,镜像是只读的,但是上层有一个面对用户的层,可以有写权限。容器也可以理解为镜像的一个实例化对象。
2.1 创建容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker create -it docker.io/library/nginx
e8af9225bedbc74fd79ea1736af3472b8ec900a4d807e7459a69c7b84ca067f1
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8af9225bedb docker.io/library/nginx:latest nginx -g daemon o... About a minute ago Created thirsty_raman
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
创建一个容器后,默认是未运行的,需要手工启动它。
2.2 启动未运行的容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8af9225bedb docker.io/library/nginx:latest nginx -g daemon o... About a minute ago Created thirsty_raman
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker start e8af9225bedb
e8af9225bedbc74fd79ea1736af3472b8ec900a4d807e7459a69c7b84ca067f1
- 1
- 2
- 3
- 4
- 5
2.3 新建并运行容器
新建一个自动停止的容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run ubuntu /bin/echo 'Hello China'
Hello China
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f3aa14575d05 docker.io/library/ubuntu:latest /bin/echo Hello C... 4 seconds ago Exited (0) 4 seconds ago elated_galois
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
运行一个ubuntu容器,并使用echo打印一个字符串。
新建一个打开伪终端和标准输入的容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -t -i ubuntu /bin/bash
root@7e6725eeaa64:/# ps -a
PID TTY TIME CMD
8 pts/0 00:00:00 ps
root@7e6725eeaa64:/# pwd
/
root@7e6725eeaa64:/#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
其中,-t选项让Docker分配一个伪终端,-i让容器的标准输入保持打开。用户可以输入exit或CTRL+D退出容器,容器自动关闭,状态为已关闭状态。
2.4 终止容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker stop 7e6725eeaa64
7e6725eeaa64ef9980fb9cbbb40e01d2f146443f1d1421066cd1ac17455e946e
- 1
- 2
2.5 进入容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -idt ubuntu
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5c3d7064054 docker.io/library/ubuntu:latest /bin/bash 4 seconds ago Up 4 seconds ago compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker exec -it f5c3d7064054 /bin/bash
root@f5c3d7064054:/# ps
PID TTY TIME CMD
8 pts/1 00:00:00 bash
15 pts/1 00:00:00 ps
root@f5c3d7064054:/# pwd
/
root@f5c3d7064054:/#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
使用exec 进入到一个容器,并启动一个bash
2.6 删除容器
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5c3d7064054 docker.io/library/ubuntu:latest /bin/bash 8 minutes ago Up 8 minutes ago compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker stop f5c3d7064054
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5c3d7064054 docker.io/library/ubuntu:latest /bin/bash 8 minutes ago Exited (0) 3 seconds ago compassionate_swanson
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker rm f5c3d7064054
f5c3d70640540d3264b30773f4f411606f4d2b3d55b4405d77b340fa618f015c
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
一般建议stop容器,再删除容器,最后确认删除了。
2.7 容器迁移
容器导出到一个文件
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5ce4afcbf5d6 docker.io/library/ubuntu:latest /bin/bash 2 minutes ago Up 2 minutes ago trusting_dubinsky
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker export 5ce >ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ ll
total 74452
-rw-r--r-- 1 javadm javgrp 76237312 Apr 25 23:58 ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ du -sh ubuntu_run_1.tar
73M ubuntu_run_1.tar
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ pwd
/home/javadm
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
容器从文件导入
[javadm@instance-2 ~]$ ll total 74452 -rw-r--r--. 1 javadm javgrp 76237312 Apr 26 03:04 ubuntu_run_1.tar [javadm@instance-2 ~]$ cat ubuntu_run_1.tar |docker import - test/ubuntu:v1.0 Getting image source signatures Copying blob cef6a2dabb47 done Copying config 7b5308bcc5 done Writing manifest to image destination Storing signatures 7b5308bcc59de8ccc8acbbf4ca424364ae4bfbec44b0700ca3c8eddf855b4bbb [javadm@instance-2 ~]$ docker image list REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/test/ubuntu v1.0 7b5308bcc59d About a minute ago 76.2 MB [javadm@instance-2 ~]$ docker run -it 7b5308bcc59d /bin/bash root@e66a42e9bc02:/# cd /tmp/ root@e66a42e9bc02:/tmp# ll total 4 drwxrwxrwt. 2 root root 28 Apr 25 15:56 ./ drwxr-xr-x. 2 root root 6 Apr 26 03:09 ../ -rw-r--r--. 1 root root 12 Apr 25 15:57 file_at_docker root@e66a42e9bc02:/tmp# cat file_at_docker hello world root@e66a42e9bc02:/tmp# exit exit ERRO[0145] unable to close namespace: "close /proc/25407/ns/user: bad file descriptor" [javadm@instance-2 ~]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e66a42e9bc02 docker.io/test/ubuntu:v1.0 /bin/bash 2 minutes ago Exited (0) 5 seconds ago focused_gagarin [javadm@instance-2 ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
cat ubuntu_run_1.tar |docker import - test/ubuntu:v1.0 通过文件导入镜像,然后使用docker run运行该镜像,会自动生成一个容器。
3.仓库
Docker仓库,类似于代码仓库,是Docker集中存放镜像文件的地方。我们可以把存放ISO镜像光盘的书架,理解为仓库。目前最大的Docker仓库是Docker Hub,里面存放了大量的镜像供用户下载。
3.1 在仓库搜索镜像
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker search ansible
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
redhat.com registry.access.redhat.com/cloudforms46/cfme-openshift-embedded-ansible Ansible Automation image that provides Ansib... 0
redhat.com registry.access.redhat.com/ansible-runner-11/ansible-runner Ansible Runner is a component for reliable, ... 0
redhat.com registry.access.redhat.com/openshift3/apb-tools Ansible Playbook Bundle (APB) tools to assis... 0
redhat.com registry.access.redhat.com/ansible-tower-34/ansible-tower-messaging Red Hat Ansible Tower is a fully-featured au... 0
redhat.com registry.access.redhat.com/ansible-tower-34/ansible-tower-memcached Red Hat Ansible Tower is a fully-featured au... 0
......
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
3.2 创建私有镜像仓库
本地新建私有仓库
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker run -idt -p 5000:5000 -v /tmp/data/registry:/tmp/registry registry
f10c2d0d3648c7aac72ef056f087f83447e3fa3aa3c3e80d801eca3c60a25792
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f10c2d0d3648 docker.io/library/registry:latest /etc/docker/regis... 5 seconds ago Up 5 seconds ago 0.0.0.0:5000->5000/tcp wonderful_keldysh
b7ed62ac0656 docker.io/library/registry:latest /etc/docker/regis... 10 minutes ago Exited (2) 2 minutes ago 0.0.0.0:5000->5000/tcp hungry_driscoll
- 1
- 2
- 3
- 4
- 5
- 6
将本机的镜像push到私有仓库
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker tag docker.io/library/nginx:latest 127.0.0.1:5000/test
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1:5000/test latest 602e111c06b6 2 days ago 131 MB
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$ podman push 127.0.0.1:5000/test
Getting image source signatures
Copying blob b3003aac411c done
Copying blob c2adabaecedb done
Copying blob 216cf33c0a28 done
Copying config 602e111c06 done
Writing manifest to image destination
Storing signatures
[javadm@iZj6cdyw9ivwn9a3j8q0nzZ ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
给本地镜像打个tag并push到私有仓库
将远程的私有库的镜像pull到本地仓库
[robin@instance-2 ~]$ podman pull 47.52.22.186:5000/ubuntu-robin2 --log-level=debug DEBU[0000] Using conmon: "/usr/bin/conmon" DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db DEBU[0000] Using graph driver overlay DEBU[0000] Using graph root /home/robin/.local/share/containers/storage DEBU[0000] Using run root /run/user/1000 DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes DEBU[0000] Set libpod namespace to "" DEBU[0000] Not configuring container store DEBU[0000] Initializing event backend journald DEBU[0000] using runtime "/usr/bin/runc" DEBU[0000] Using conmon: "/usr/bin/conmon" DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db DEBU[0000] Using graph driver overlay DEBU[0000] Using graph root /home/robin/.local/share/containers/storage DEBU[0000] Using run root /run/user/1000 DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes DEBU[0000] Set libpod namespace to "" DEBU[0000] [graphdriver] trying provided driver "overlay" DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false DEBU[0000] Initializing event backend journald DEBU[0000] using runtime "/usr/bin/runc" INFO[0000] running as rootless DEBU[0000] Using conmon: "/usr/bin/conmon" DEBU[0000] Initializing boltdb state at /home/robin/.local/share/containers/storage/libpod/bolt_state.db DEBU[0000] Using graph driver overlay DEBU[0000] Using graph root /home/robin/.local/share/containers/storage DEBU[0000] Using run root /run/user/1000 DEBU[0000] Using static dir /home/robin/.local/share/containers/storage/libpod DEBU[0000] Using tmp dir /run/user/1000/libpod/tmp DEBU[0000] Using volume path /home/robin/.local/share/containers/storage/volumes DEBU[0000] Set libpod namespace to "" DEBU[0000] Initializing event backend journald DEBU[0000] using runtime "/usr/bin/runc" DEBU[0000] parsed reference into "[overlay@/home/robin/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]47.52.22.186:5000/ubuntu-robin2:latest" Trying to pull 47.52.22.186:5000/ubuntu-robin2... DEBU[0000] reference rewritten from '47.52.22.186:5000/ubuntu-robin2:latest' to '47.52.22.186:5000/ubuntu-robin2:latest' DEBU[0000] Trying to pull "47.52.22.186:5000/ubuntu-robin2:latest" DEBU[0000] Credentials not found DEBU[0000] Using registries.d directory /etc/containers/registries.d for sigstore configuration DEBU[0000] Using "default-docker" configuration DEBU[0000] No signature storage configuration found for 47.52.22.186:5000/ubuntu-robin2:latest DEBU[0000] Looking for TLS certificates and private keys in /etc/docker/certs.d/47.52.22.186:5000 DEBU[0000] GET https://47.52.22.186:5000/v2/ DEBU[0000] Ping https://47.52.22.186:5000/v2/ err Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client (&url.Error{Op:"Get", URL:"https://47.52.22.186:5000/v2/", Err:(*errors.errorString)(0xc000373330)}) DEBU[0000] GET http://47.52.22.186:5000/v2/ DEBU[0000] Ping http://47.52.22.186:5000/v2/ status 200 DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/manifests/latest DEBU[0000] Using blob info cache at /home/robin/.local/share/containers/cache/blob-info-cache-v1.boltdb DEBU[0000] IsRunningImageAllowed for image docker:47.52.22.186:5000/ubuntu-robin2:latest DEBU[0000] Using default policy section DEBU[0000] Requirement 0: allowed DEBU[0000] Overall: allowed DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01 DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01 Getting image source signatures DEBU[0000] Manifest has MIME type application/vnd.docker.distribution.manifest.v2+json, ordered candidate list [application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.v1+prettyjws, application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v1+json] DEBU[0000] ... will first try using the original manifest unmodified DEBU[0000] [graphdriver] trying provided driver "overlay" DEBU[0000] overlay: mount_program=/usr/bin/fuse-overlayfs DEBU[0000] backingFs=xfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:d1ccda578660acdc3df1251fb5feec3b6456be5e0c903ba85063de4c936ec070 DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:d1ccda578660acdc3df1251fb5feec3b6456be5e0c903ba85063de4c936ec070 DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:78a54e4c2391d5ac21011f1368ec928e69c46a1a1f52f4ba0e1566e7881b406d DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:78a54e4c2391d5ac21011f1368ec928e69c46a1a1f52f4ba0e1566e7881b406d DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:738c524be39b5f4fa54032fb2b389df9d8ed922519711fab633a2771d348866f DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:738c524be39b5f4fa54032fb2b389df9d8ed922519711fab633a2771d348866f DEBU[0000] Downloading /v2/ubuntu-robin2/blobs/sha256:7961e061339529159a00915f94a586e461100b2aaf331021342a580b7d30d79d DEBU[0000] GET http://47.52.22.186:5000/v2/ubuntu-robin2/blobs/sha256:7961e061339529159a00915f94a586e461100b2aaf331021342a580b7d30d79d DEBU[0000] Detected compression format gzip DEBU[0000] Using original blob without modification DEBU[0000] Detected compression format gzip DEBU[0000] Using original blob without modification DEBU[0000] Detected compression format gzip DEBU[0000] Using original blob without modification DEBU[0000] Detected compression format gzip DEBU[0000] Using original blob without modification Copying blob 738c524be39b done Copying blob d1ccda578660 done Copying blob 78a54e4c2391 done Copying blob 7961e0613395 done DEBU[0044] No compression detected DEBU[0044] Using original blob without modification Copying config 1d622ef86b done Writing manifest to image destination Storing signatures DEBU[0044] setting image creation date to 2020-04-24 01:07:51.928109369 +0000 UTC DEBU[0044] reusing image ID "1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01" DEBU[0044] set names of image "1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01" to [47.52.22.186:5000/ubuntu-robin2:latest docker.io/library/ubuntu:latest] DEBU[0044] saved image metadata "{\"signatures-sizes\":{\"sha256:f7886a8214857ddcb06b4b3117185850b34aba270b494aa30b9f57f0e8a25de7\":[]}}" DEBU[0044] parsed reference into "[overlay@/home/robin/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]47.52.22.186:5000/ubuntu-robin2:latest" 1d622ef86b138c7e96d4f797bf5e4baca3249f030c575b9337638594f2b63f01 [robin@instance-2 ~]$ docker image list REPOSITORY TAG IMAGE ID CREATED SIZE 47.52.22.186:5000/ubuntu-robin2 latest 1d622ef86b13 2 days ago 76.3 MB docker.io/library/ubuntu latest 1d622ef86b13 2 days ago 76.3 MB registry.centos.org/centos latest 0d53c857b224 3 months ago 210 MB [robin@instance-2 ~]$ [javadm@instance-2 ~]$ docker run -it 1d62 /bin/bash root@d5e33abf1f91:/# pwd / root@d5e33abf1f91:/# whoami root root@d5e33abf1f91:/#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
3.3 podman客户端配置http支持
参考:https://computingforgeeks.com/create-docker-container-registry-with-podman-letsencrypt/
默认情况下,podman客户端使用https设置,如果pull或者push调用的仓库是http的,就会报错
[javadm@instance-2 ~]$ podman pull 47.52.22.186:5000/ubuntu-robin2
Trying to pull 47.52.22.186:5000/ubuntu-robin2...
Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client
Error: error pulling image "47.52.22.186:5000/ubuntu-robin2": unable to pull 47.52.22.186:5000/ubuntu-robin2: unable to pull image: Error initializing source docker://47.52.22.186:5000/ubuntu-robin2:latest: error pinging docker registry 47.52.22.186:5000: Get https://47.52.22.186:5000/v2/: http: server gave HTTP response to HTTPS client
[javadm@instance-2 ~]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
我们可以这样对客户端开启http
[robin@instance-2 ~]$ cat /etc/containers/registries.conf
[registries.insecure]
registries = ['myregistry.local','47.52.22.186:5000']
- 1
- 2
- 3
默认情况下,这个registries=[]
4.数据管理
docker容器运行的时候,内部肯定会产生数据,默认情况下docker内部的磁盘会自动映射到宿主机的磁盘,但是我们不知道数据放在哪。我们想查看容器内的数据,一般都要登陆到容器中查看。不过,早就有人考虑到这个问题了,实现了容器内数据管理的多种方式。
4.1 数据卷
数据卷的使用,类似于linux下对目录或文件进行mount的操作。
4.1.1创建一个容器内的数据卷,不挂载宿主机目录
[javadm@aliyun-hk2 ~]$ docker run -idt -p 8080:8080 -v /webapp /home/javadm/webapp docker.io/library/nginx /bin/bash
Error: unable to pull /home/javadm/webapp: error getting default registries to try: invalid reference format
[javadm@aliyun-hk2 ~]$ docker run -idt -p 8080:8080 -v /webapp docker.io/library/nginx /bin/bash
24122d338c8bcc8e3e631778823629e7b963e25ddacf597c7017407474244472
[javadm@aliyun-hk2 ~]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
24122d338c8b docker.io/library/nginx:latest /bin/bash 8 seconds ago Up 8 seconds ago 0.0.0.0:8080->8080/tcp nifty_heisenberg
f10c2d0d3648 docker.io/library/registry:latest /etc/docker/regis... 5 hours ago Up About an hour ago 0.0.0.0:5000->5000/tcp wonderful_keldysh
[javadm@aliyun-hk2 ~]$ docker exec -it 24122d338c8b /bin/bash
root@24122d338c8b:/# pwd
/
root@24122d338c8b:/# whoami
root
root@24122d338c8b:/# ls /webapp/
root@24122d338c8b:/#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
使用-v参数创建一个docker内的数据卷。
4.1.2创建一个容器内的数据卷,挂载一个宿主机目录
[javadm@aliyun-hk2 ~]$ docker run -idt -p 8081:80 -v /home/javadm/webapp:/opt/webapp docker.io/library/nginx /bin/bash 7dee9a3bbb1414df18032fa15019b593a77789fe279969236f99c9cc6f3a91a6 [javadm@aliyun-hk2 ~]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 7dee9a3bbb14 docker.io/library/nginx:latest /bin/bash 4 seconds ago Up 4 seconds ago 0.0.0.0:8081->80/tcp frosty_mirzakhani [javadm@aliyun-hk2 ~]$ ls ./webapp/ [javadm@aliyun-hk2 ~]$ docker exec -it 7dee9a3bbb14 /bin/bash root@7dee9a3bbb14:/# cd /opt/webapp/ root@7dee9a3bbb14:/opt/webapp# echo hello >file_at_docker_7dee9a3bbb14 root@7dee9a3bbb14:/opt/webapp# cat file_at_docker_7dee9a3bbb14 hello root@7dee9a3bbb14:/opt/webapp# exit exit [javadm@aliyun-hk2 ~]$ ls ./webapp/file_at_docker_7dee9a3bbb14 ./webapp/file_at_docker_7dee9a3bbb14 [javadm@aliyun-hk2 ~]$ cat ./webapp/file_at_docker_7dee9a3bbb14 hello
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
将宿主机/home/javadm/webapp目录映射到容器内/opt/webapp
4.2 数据卷容器
数据卷容器相当于通过单独的一个容器创建一个网路存储,然后别的docker可以直接挂载这个网络存储并且使用它。
4.2.1创建一个数据卷容器
[javadm@aliyun-hk2 webapp]$ docker run -it -v /dbdata --name dbdata ubuntu
root@3bd825b8e4f2:/# cd /dbdata/
root@3bd825b8e4f2:/dbdata# ll
total 0
drwxr-xr-x 2 root root 6 Apr 26 13:02 ./
drwxr-xr-x 2 root root 6 Apr 26 13:02 ../
root@3bd825b8e4f2:/dbdata# touch dbdata_file1
root@3bd825b8e4f2:/dbdata# touch dbdata_file2
root@3bd825b8e4f2:/dbdata# exit
exit
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
其实就是启动一个普通容器,并创建一个数据卷而已。
4.2.2挂载容器中的数据卷
[javadm@aliyun-hk2 webapp]$ docker run -it --volumes-from dbdata --name db1 ubuntu
root@d419826cd3ef:/# ls /dbdata/
dbdata_file1 dbdata_file2
root@d419826cd3ef:/# cat /dbdata/dbdata_file1
root@d419826cd3ef:/# cat /dbdata/dbdata_file2
root@d419826cd3ef:/# exit
exit
[javadm@aliyun-hk2 webapp]$ docker run -it --volumes-from dbdata --name db2 ubuntu
root@3002361bdf97:/# ls /dbdata/
dbdata_file1 dbdata_file2
root@3002361bdf97:/#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
使用–volumes-from dbdata挂载容器dbdata中的数据卷。
对比下来我觉得数据卷使用更简单、高效,每次让数据卷挂载到宿主机目录是个不错的选择,宿主机这个目录最好选择可靠性高的存储,例如nas等。
5.网络管理
讲完了容器数据管理,再来讲讲容器的网络管理。默认情况下,容器外无法访问容器内的网络服务,所以这个时候可以通过端口映射实现外部访问。
5.1 端口映射实现容器访问
5.1.1 绑定宿主机任意端口
[javadm@aliyun-hk2 webapp]$ docker run -idt -P docker.io/library/nginx
c042bcdc21acdab92acb29c0b06c17e75bfe068457c5ab02a85e3e97d4ed530f
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c042bcdc21ac docker.io/library/nginx:latest nginx -g daemon o... 6 seconds ago Up 6 seconds ago 0.0.0.0:41641->80/tcp wonderful_black
58a78ef4645e docker.io/library/nginx:latest nginx -g daemon o... About a minute ago Exited (0) 39 seconds ago 0.0.0.0:8080->80/tcp nginx-test1
[javadm@aliyun-hk2 webapp]$
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c042bcdc21ac docker.io/library/nginx:latest nginx -g daemon o... 6 seconds ago Up 6 seconds ago 0.0.0.0:41641->80/tcp wonderful_black
[javadm@aliyun-hk2 webapp]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
使用-P参数会将宿主机任意5位数的端口映射到容器内的web服务端口,例如80.
5.1.2 绑定宿主机固定端口
[javadm@aliyun-hk2 webapp]$ docker run -idt -p 8081:80 docker.io/library/nginx
22812b7d5a01e3f169db27d3027029447adb8043dd76e6e08dd2fbb9f7e9d161
[javadm@aliyun-hk2 webapp]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
22812b7d5a01 docker.io/library/nginx:latest nginx -g daemon o... 5 seconds ago Up 5 seconds ago 0.0.0.0:8081->80/tcp sharp_hodgkin
c042bcdc21ac docker.io/library/nginx:latest nginx -g daemon o... 5 minutes ago Up 5 minutes ago 0.0.0.0:41641->80/tcp wonderful_black
58a78ef4645e docker.io/library/nginx:latest nginx -g daemon o... 6 minutes ago Exited (0) 5 minutes ago 0.0.0.0:8080->80/tcp nginx-test1
[javadm@aliyun-hk2 webapp]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
使用-p可以将宿主机某个固定的端口映射到容器内的固定端口,默认会绑定宿主机所有接口上的地址。
5.1.3 绑定宿主机某个地址的固定端口
[javadm@aliyun-hk2 webapp]$ docker run -idt -p 127.0.0.1:8083:80 docker.io/library/nginx 4c0f11253bb8df77eea55e02c24a168915b82da90bc6cf267373b3c35005e78b [javadm@aliyun-hk2 webapp]$ curl http://127.0.0.1:8083 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> [javadm@aliyun-hk2 webapp]$ curl http://47.52.22.186:8083 curl: (7) Failed to connect to 47.52.22.186 port 8083: Connection refused
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
这种情况下,只有会将宿主机固定的接口IP:port跟容器中的端口绑定。
5.1.4 绑定宿主机某个地址的任意一个端口
[javadm@aliyun-hk2 webapp]$ docker run --name nginx-test4 -idt -p 127.0.0.1::80 docker.io/library/nginx 1aea7a5e18dbf21893f8d1a1b6def15ff09ebdafdf3975b8a781669f94689a7e [javadm@aliyun-hk2 webapp]$ docker ps -a|grep nginx-test4 1aea7a5e18db docker.io/library/nginx:latest nginx -g daemon o... 18 seconds ago Up 18 seconds ago 127.0.0.1:41365->80/tcp nginx-test4 [javadm@aliyun-hk2 webapp]$ curl http://127.0.0.1:41365 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> [javadm@aliyun-hk2 webapp]$
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
使用-p ip::port后宿主机会分配任意一个端口并映射到宿主机端口。
5.1.5 查询容器端口映射配置
[javadm@aliyun-hk2 webapp]$ docker port nginx-test4
80/tcp -> 127.0.0.1:41365
- 1
- 2
docker port container_name
5.2 容器间网络通信
参考:https://www.redhat.com/sysadmin/container-networking-podman
[javadm@aliyun-hk2 webapp]$ podman run --name nginx-test5 -idt -P --rm --pod new:mypod docker.io/library/nginx
965432cabe0ad4df51b7ca86af978f6fc094b5b261b5738561bf7591c5036c60
[javadm@aliyun-hk2 webapp]$ podman run --name nginx-test6 -it --rm --pod mypod docker.io/library/nginx /bin/sh
#
- 1
- 2
- 3
- 4
podman已经抛弃了link,两个容器定义到同一个pod中,就可以共享信息了。
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0033799d538e docker.io/library/nginx:latest /bin/sh 23 seconds ago Up 23 seconds ago 0.0.0.0:41867->80/tcp nginx-test6
965432cabe0a docker.io/library/nginx:latest nginx -g daemon o... 2 minutes ago Up 2 minutes ago 0.0.0.0:41867->80/tcp nginx-test5
- 1
- 2
- 3
两个容器名字不一样,但是在一个pod。
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/码创造者/article/detail/878244
推荐阅读
相关标签
