[root@localhost ~]# docker commit -m "CP webapps.dist TO webapps" -a "zhujinwei" 872f64d6e21b tomcat001:zhu1.0
sha256:31eca1babd3ae0921c412b36db3f5be744b904469458dff50eb54f29c176bd3c
#可以看到新生成的镜像比之前的镜像要大
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat001 zhu1.0 31eca1babd3a 13 seconds ago 654MB #新镜像
portainer/portainer latest 580c0e4e98b0 3 weeks ago 79.1MB
tomcat 9 040bdb29ab37 2 months ago 649MB #之前的镜像
nginx latest f6d0b4767a6c 2 months ago 133MB
centos latest 300e315adb2f 4 months ago 209MB
elasticsearch 7.6.2 f29a1ee41030 12 months ago 791MB
#命令:docker run -it -v 主机目录:容器目录 容器ID /bin/bash
[root@localhost home]# docker run -it -v /home/ceshi:/home 300e315adb2f /bin/bash
#容器内新增文件会同步到主机内挂载的目录
#主机内对文件进行操作会同步到容器内
#mysql配置文件目录为/etc/mysql/conf.d;mysql数据存在位置为/var/lib/mysql
[root@localhost /]# docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD="123456" --name mysql02 mysql:5.7
57bb2a16b6e0d5a7255bef1a03caf29ed1f2c317ccbb101c6daf65978d7ff4a2
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57bb2a16b6e0 mysql:5.7 "docker-entrypoint.s…" 7 seconds ago Up 3 seconds 33060/tcp, 0.0.0.0:3310->3306/tcp mysql02
343a2803ea1a portainer/portainer "/portainer" 42 hours ago Up 6 minutes 0.0.0.0:8088->9000/tcp kind_wiles
#查看宿主机是否有以上两个目录
[root@localhost home]# ls
ceshi mysql
[root@localhost home]# cd mysql
[root@localhost mysql]# ls
conf data
#查看data目录可以查看已经同步的mysql文件
[root@localhost data]# ls
auto.cnf ca.pem client-key.pem ibdata1 ib_logfile1 mysql private_key.pem server-cert.pem sys
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile0 ibtmp1 performance_schema public_key.pem server-key.pem
#可以查看目录中出现test数据库
[root@localhost data]# ls
auto.cnf ca.pem client-key.pem ibdata1 ib_logfile1 mysql private_key.pem server-cert.pem sys
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile0 ibtmp1 performance_schema public_key.pem server-key.pem test
#删除容器后,宿主机同步的数据不会删除
1、删除容器
[root@localhost /]# docker rm -f 57bb2a16b6e0
57bb2a16b6e0
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
343a2803ea1a portainer/portainer "/portainer" 42 hours ago Up 13 minutes 0.0.0.0:8088->9000/tcp kind_wiles
2、查看宿主机文件未被删除
[root@localhost /]# cd /home/mysql/data
[root@localhost data]# ls
auto.cnf ca.pem client-key.pem ibdata1 ib_logfile1 mysql private_key.pem server-cert.pem sys
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile0 ibtmp1 performance_schema public_key.pem server-key.pem test
1、使用命令进行匿名挂载 docker run -d -v 容器内路径 容器ID
[root@localhost data]# docker run -d -v /etc/nginx nginx
fe177e1294655f4d69c5be30920811135eb488e9b35ee5ffe55b78181999a4dd
2、查看所有valume的情况,
[root@localhost data]# docker volume ls
DRIVER VOLUME NAME
local 78087ade28bbc8bb50f5c51fdc07d61958c75d1ee099a8ed6799985d0353c797//nginx卷name
local f53ccccea51ae8bc75120e5c220dde8486b54299907e9b0c192b6c5d406dcbc5
3、查看容器的详细信息,找到volume相关信息
[root@localhost data]# docker inspect fe177e129465
"Mounts": [
{
"Type": "volume",
"Name": "78087ade28bbc8bb50f5c51fdc07d61958c75d1ee099a8ed6799985d0353c797",//与上方查看所有的卷信息可以对应上
"Source": "/var/lib/docker/volumes/78087ade28bbc8bb50f5c51fdc07d61958c75d1ee099a8ed6799985d0353c797/_data",
"Destination": "/etc/nginx",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
1、使用具名挂载
#命令为 docker run -d -v 宿主机路径:容器内路径 容器名
[root@localhost data]# docker run -d -v nginxconf:/etc/nginx --name nginx02 nginx
4bd3df4df74b300fa36beeca520a169971bef1e70cff02cd9c6c42a7b7894b27
[root@localhost data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4bd3df4df74b nginx "/docker-entrypoint.…" 7 seconds ago Up 6 seconds 80/tcp nginx02
fe177e129465 nginx "/docker-entrypoint.…" 10 minutes ago Up 10 minutes 80/tcp laughing_neumann
343a2803ea1a portainer/portainer "/portainer" 42 hours ago Up 30 minutes 0.0.0.0:8088->9000/tcp kind_wiles
2、使用docker volume ls查看所有的容器卷信息,可以查看到具名挂载的信息
[root@localhost data]# docker volume ls
DRIVER VOLUME NAME
local 78087ade28bbc8bb50f5c51fdc07d61958c75d1ee099a8ed6799985d0353c797
local f53ccccea51ae8bc75120e5c220dde8486b54299907e9b0c192b6c5d406dcbc5
local nginxconf
3、使用命令查看容器卷挂载信息
[root@localhost data]# docker volume inspect nginxconf
[
{
"CreatedAt": "2021-04-13T02:05:40-04:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/nginxconf/_data",
"Name": "nginxconf",
"Options": null,
"Scope": "local"
}
]
4、docker中所有没有指定路径的容器卷全部放在/var/lib/docker/volumes/****
[root@localhost /]# cd /var/lib/docker
[root@localhost docker]# ls
buildkit containers image network overlay2 plugins runtimes swarm tmp trust volumes
[root@localhost docker]# cd volumes
[root@localhost volumes]# ls
78087ade28bbc8bb50f5c51fdc07d61958c75d1ee099a8ed6799985d0353c797 metadata.db
backingFsBlockDev nginxconf
f53ccccea51ae8bc75120e5c220dde8486b54299907e9b0c192b6c5d406dcbc5
匿名挂载 -v 容器路径
具名挂载 -v 卷名:容器路径
路径挂载 -v /宿主机路径:容器路径
扩展:
[root@localhost data]# docker run -d -v nginxconf:/etc/nginx:ro --name nginx02 nginx //ro为只读,该文件只能通过宿主机修改
[root@localhost data]# docker run -d -v nginxconf:/etc/nginx:rw --name nginx02 nginx //默认为可读写
1、创建dockerfile文件,编写脚本
FROM centos
VOLUME["volume1","volume2"]
CMD echo"-----END------"
CMD /bin/bash
2、执行dockerfile文件
[root@localhost docker_test_volume]# docker build -f /home/docker_test_volume/dockerfile1 -t zhujinwei/centos .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM centos
---> 300e315adb2f
Step 2/4 : VOLUME ["volume1","volume2"]
---> Running in 314179cc3ff8
Removing intermediate container 314179cc3ff8
---> cd37f76ec5ab
Step 3/4 : CMD echo"-----END------"
---> Running in 0bc7091d8eb0
Removing intermediate container 0bc7091d8eb0
---> b98f1d226667
Step 4/4 : CMD /bin/bash
---> Running in 25696e1a1e3e
Removing intermediate container 25696e1a1e3e
---> 46a031751df8
Successfully built 46a031751df8
Successfully tagged zhujinwei/centos:latest
#查看创建成功的镜像
[root@localhost docker_test_volume]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
zhujinwei/centos latest 46a031751df8 51 seconds ago 209MB
tomcat001 zhu1.0 31eca1babd3a 42 hours ago 654MB
<none> <none> bd431ca8553c 2 days ago 667MB
mysql 5.7 450379344707 3 days ago 449MB
portainer/portainer latest 580c0e4e98b0 3 weeks ago 79.1MB
tomcat 9 040bdb29ab37 2 months ago 649MB
nginx latest f6d0b4767a6c 3 months ago 133MB
centos latest 300e315adb2f 4 months ago 209MB
elasticsearch 7.6.2 f29a1ee41030 12 months ago 791MB
3、进入镜像内部可以查看到挂载的目录,并创建一个文件
[root@localhost docker_test_volume]# docker run -it zhujinwei/centos /bin/bash
[root@b5fc943fb5e2 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var volume1 volume2
#在volume1中创建文件
[root@b5fc943fb5e2 volume1]# ls
test.txt
4、进入宿主机查看对应目录是否有该文件
[root@localhost ~]# docker inspect b5fc943fb5e2
#查看挂载的目录
"Mounts": [
{
"Type": "volume",
"Name": "4ddf47f2884a1ce90ac91281c96140a915abbba6dec220e1d56b495aa05cd155",
"Source": "/var/lib/docker/volumes/4ddf47f2884a1ce90ac91281c96140a915abbba6dec220e1d56b495aa05cd155/_data",
"Destination": "volume1",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "61231ec5c19dfcc5b438c6e947208551cbd907d22cf72acc7ffd871943105070",
"Source": "/var/lib/docker/volumes/61231ec5c19dfcc5b438c6e947208551cbd907d22cf72acc7ffd871943105070/_data",
"Destination": "volume2",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
#进入该目录可以查看到文件
[root@localhost ~]# cd /var/lib/docker/volumes/4ddf47f2884a1ce90ac91281c96140a915abbba6dec220e1d56b495aa05cd155/_data
[root@localhost _data]# ls
test.txt
#dockerfile文件四部曲
1、编写dockerfile文件
2、使用 build命令创建镜像
3、使用 run命令跑镜像
4、使用 push命令发布镜像,发布到镜像仓库或者阿里云仓库
DockerFile:dockerfile定义了所有的步骤
DockerImages:dockerfile文件创建镜像,最总发布和运行的产品
Docker容器:镜像运行起来提供服务器
1、编写dockerfile文件
[root@localhost dockerfile]# cat mycentos
FROM centos
MAINTAINER jinwei<863917565@qq.com>
ENV WORKPATH /usr/local
WORKDIR $WORKPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $WORKPATH
CMD echo "-----END--------"
CMD /bin/bash
[root@localhost dockerfile]# ls
mycentos
2、创建镜像
[root@localhost dockerfile]# docker build -f mycentos -t mycentos:1.0.1 .
Successfully built 5c70bafa4248
Successfully tagged mycentos:1.0.1
3、运行镜像测试
[root@localhost dockerfile]# docker run -it mycentos:1.0.1 /bin/bash
[root@398d9547e1b2 local]# vim
[root@398d9547e1b2 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 8 bytes 656 (656.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
4、docker history 镜像名 //可以查看镜像的历史
#创建dockerfile文件
FROM centos
CMD ["ls","-a"]
# cmd命令后追加-l,报错
[root@localhost dockerfile]# docker run testcmd
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@localhost dockerfile]# docker run testcmd -a
docker: Error response from daemon: OCI runtime create failed: container_linux.go:367: starting container process caused: exec: "-a": executable file not found in $PATH: unknown.
1、编写dockerfile文件
[root@localhost dockerfile]# cat dockerfile-entrypoint
FROM centos
ENTRYPOINT ["ls","-a"]
2、创建镜像
[root@localhost dockerfile]# docker build -f dockerfile-entrypoint -t testentrypoint .
Sending build context to Docker daemon 4.096kB
Step 1/2 : FROM centos
---> 300e315adb2f
Step 2/2 : ENTRYPOINT ["ls","-a"]
---> Running in 97645d7355cf
Removing intermediate container 97645d7355cf
---> d9405fac9c67
Successfully built d9405fac9c67
Successfully tagged testentrypoint:latest
3、运行镜像
[root@localhost dockerfile]# docker run d9405fac9c67
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
# 在命令后面添加-l,可以直接运行
[root@localhost dockerfile]# docker run d9405fac9c67 -l
total 0
drwxr-xr-x. 1 root root 6 Apr 14 03:06 .
drwxr-xr-x. 1 root root 6 Apr 14 03:06 ..
-rwxr-xr-x. 1 root root 0 Apr 14 03:06 .dockerenv
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Apr 14 03:06 dev
drwxr-xr-x. 1 root root 66 Apr 14 03:06 etc
drwxr-xr-x. 2 root root 6 Nov 3 15:22 home
lrwxrwxrwx. 1 root root 7 Nov 3 15:22 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 15:22 lib64 -> usr/lib64
drwx------. 2 root root 6 Dec 4 17:37 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 15:22 media
drwxr-xr-x. 2 root root 6 Nov 3 15:22 mnt
drwxr-xr-x. 2 root root 6 Nov 3 15:22 opt
dr-xr-xr-x. 132 root root 0 Apr 14 03:06 proc
dr-xr-x---. 2 root root 162 Dec 4 17:37 root
drwxr-xr-x. 11 root root 163 Dec 4 17:37 run
lrwxrwxrwx. 1 root root 8 Nov 3 15:22 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 3 15:22 srv
dr-xr-xr-x. 13 root root 0 Apr 14 00:51 sys
drwxrwxrwt. 7 root root 145 Dec 4 17:37 tmp
drwxr-xr-x. 12 root root 144 Dec 4 17:37 usr
drwxr-xr-x. 20 root root 262 Dec 4 17:37 var
CMD在后面追加的命令,执行最后一个
ENTRYPOINT命令可以在后面追加命令
1、准备镜像文件
[root@localhost tomcat]# ls
apache-tomcat-9.0.22.tar.gz jdk-8u11-linux-x64.tar.gz readme.txt
2、编写Dockerfile文件
[root@localhost tomcat]# vi Dockerfile
FROM centos
MAINTAINER jinwei<863917565@qq.com>
COPY readme.txt /usr/local/readme.txt
ADD apache-tomcat-9.0.22.tar.gz /usr/local
ADD jdk-8u11-linux-x64.tar.gz /usr/local
RUN yum -y install vim
ENV MYPATH /usr/local
WORKDIR $MYPATH
ENV JAVA_HOME /usr/local/jdk1.8.0_11
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-9.0.22
ENV CATALINA_BASH /usr/local/apache-tomcat-9.0.22
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/bin:$CATALINA_HOME/lib
EXPOSE 8080
CMD /usr/local/apache-tomcat-9.0.22/bin/startup.sh && tail -F /usr/local/apache-tomcat-9.0.22/bin/logs/catalina.out
3、构建镜像(名字为官方命名(Dockerfile))
[root@localhost tomcat]# docker build -t diytomcat .
Sending build context to Docker daemon 170MB
Step 1/15 : FROM centos
---> 300e315adb2f
Step 2/15 : MAINTAINER jinwei<863917565@qq.com>
---> Using cache
---> e7bd2e637d5c
Step 3/15 : COPY readme.txt /usr/local/readme.txt
---> 9ac5fcc8cc80
Step 4/15 : ADD apache-tomcat-9.0.22.tar.gz /usr/local
---> 19fc5a81b24f
Step 5/15 : ADD jdk-8u11-linux-x64.tar.gz /usr/local
---> da2d34a2ad88
Step 6/15 : RUN yum -y install vim
---> Running in 72cc034bfbdb
4、运行镜像
[root@localhost tomcat]# docker run -d -p 9999:8080 -v /home/zhujinwei/build/tomcat/test:/usr/local/apache-tomcat-9.0.22/webapps/test -v /home/zhujinwei/build/tomcat/tomcatlogs/:/usr/local/apache-tomcat-9.0.22/logs 8e6058fc0df9
5、测试是否可以运行
[root@localhost tomcat]# curl localhost:9999
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Apache Tomcat/9.0.22</title>
<link href="favicon.ico" rel="icon" type="image/x-icon" />
<link href="favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="tomcat.css" rel="stylesheet" type="text/css" />
</head>
<body>
1、创建dockerhub镜像
# 网址:https://registry.hub.docker.com/
2、在服务器上登陆账号
[root@localhost ~]# docker login -u dockershuaige
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
3、使用命令发布镜像
[root@localhost ~]# docker push diycentos:4.0.1
The push refers to repository [docker.io/library/diycentos]
5f8f82715f96: Preparing
9bd0d5435698: Preparing
7c448c640657: Preparing
237ea0193db3: Preparing
2653d992f4ef: Preparing
1、登陆到阿里云容器服务中
[root@localhost ~]# docker login --username=huzhuxia18888 registry.cn-hangzhou.aliyuncs.com
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
2、使用命令发布到阿里云中
#使用命令对修改镜像的tag
[root@localhost ~]# docker tag 8e6058fc0df9 registry.cn-hangzhou.aliyuncs.com/learn_01/learn_hub_01/diycnetos:1.0.0
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
diycentos 4.0.1 8e6058fc0df9 22 hours ago 607MB
registry.cn-hangzhou.aliyuncs.com/learn_01/learn_hub_01/diycnetos 1.0.0 8e6058fc0df9 22 hours ago 607MB
#使用push命令上传到阿里云仓库
[root@localhost ~]# docker push registry.cn-hangzhou.aliyuncs.com/learn_01/learn_hub_01/diycnetos:1.0.0
The push refers to repository [registry.cn-hangzhou.aliyuncs.com/learn_01/learn_hub_01/diycnetos]
5f8f82715f96: Mounted from learn_01/learn_hub_01
9bd0d5435698: Mounted from learn_01/learn_hub_01
7c448c640657: Mounted from learn_01/learn_hub_01
237ea0193db3: Mounted from learn_01/learn_hub_01
2653d992f4ef: Mounted from learn_01/learn_hub_01
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 //本机回环地址
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 //网卡地址,需注意和eth0的区别
link/ether 00:0c:29:50:5a:33 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.18/24 brd 192.168.43.255 scope global noprefixroute dynamic ens33
valid_lft 741sec preferred_lft 741sec
inet6 2409:8946:24e:df47:dfdb:2a96:d767:a9b1/64 scope global noprefixroute dynamic
valid_lft 3519sec preferred_lft 3519sec
inet6 fe80::f1cc:ca66:4756:ebc9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default //docker网络地址
link/ether 02:42:36:08:10:9a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:36ff:fe08:109a/64 scope link
valid_lft forever preferred_lft forever
1、运行容器,使用ip addr命令查看容器的ip
[root@localhost ~]# docker exec -it a0ccdd7ffd63 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
2、使用ping命令可以成功ping通
[root@localhost ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.232 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.277 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.142 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.142 ms
### 解决问题:容器运行后提示WARNING: IPv4 forwarding is disabled. Networking will not work.
[root@localhost ~]# docker run -d -P --name tomcat01 tomcat
Unable to find image ‘tomcat:latest‘ locally
latest: Pulling from library/tomcat
bd8f6a7501cc: Pull complete
44718e6d535d: Pull complete
efe9738af0cb: Pull complete
f37aabde37b8: Pull complete
b87fc504233c: Pull complete
8bf93eef8c9e: Pull complete
a62c27841e77: Pull complete
3b23560b24c9: Pull complete
168537fce8fb: Pull complete
6643b79f9364: Pull complete
Digest: sha256:a655be865e9f62d6d2ed3823c7382a2d77d0a034eb17714bbf2a514c3f620717
Status: Downloaded newer image for tomcat:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
a0ccdd7ffd6338b9804a9b3868556cb1443eafc8bea8810a20546273da27c88a
解决方法
vim /etc/sysctl.conf
#配置转发
net.ipv4.ip_forward=1
#重启服务,让配置生效
systemctl restart network
#查看是否成功,如果返回为“net.ipv4.ip_forward = 1”则表示成功
sysctl net.ipv4.ip_forward
————————————————
#我们安装过docker后,宿主机会有一个dockers0网络,每创建一个容器,就会给容器分配一个ip
容器内:
root@2c3d1a8c6f92:/usr/local/tomcat# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
14: eth0@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default //容器内IP地址
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
宿主机内:
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:50:5a:33 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.18/24 brd 192.168.43.255 scope global noprefixroute dynamic ens33
valid_lft 3112sec preferred_lft 3112sec
inet6 2409:894b:4910:3431:f8d7:e101:ed55:3ec5/64 scope global noprefixroute dynamic
valid_lft 3527sec preferred_lft 3527sec
inet6 fe80::f1cc:ca66:4756:ebc9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:36:08:10:9a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:36ff:fe08:109a/64 scope link
valid_lft forever preferred_lft forever
15: veth8c8d1cc@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default //宿主机内IP
link/ether 3a:c5:81:c8:e0:63 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::38c5:81ff:fec8:e063/64 scope link
valid_lft forever preferred_lft forever
#总结:
1、容器内和宿主机的ip成对出现
2、使用evth-pair,一对虚拟设备接口,他们是成对出现的,一段连接协议,一段连接彼此
3、evth-pair充当桥梁,连接各种虚拟网络
4、openstac、docker容器之间的连接、ovs的连接,都是使用evth-pair技术
#两个容器之间可以ping通
[root@localhost ~]# docker exec -it 2afc2984123e ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=1.15 ms
64 bytes from 172.17.0.1: icmp_seq=2 ttl=64 time=0.100 ms
64 bytes from 172.17.0.1: icmp_seq=3 ttl=64 time=0.140 ms
^Z64 bytes from 172.17.0.1: icmp_seq=4 ttl=64 time=0.140 ms
#使用link命令连接tomcat02
[root@localhost ~]# docker run -d -P --name tomcat04 --link tomcat02 tomcat
98375c38768151004f6765a54e900cd84ef467f7826bb4342cd06f7b9b1dd849
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
98375c387681 tomcat "catalina.sh run" 16 seconds ago Up 13 seconds 0.0.0.0:49160->8080/tcp tomcat04
2afc2984123e bd431ca8553c "catalina.sh run" 58 minutes ago Up 58 minutes 0.0.0.0:49159->8080/tcp tomcat03
2c3d1a8c6f92 tomcat "catalina.sh run" 2 hours ago Up About an hour 0.0.0.0:49156->8080/tcp tomcat02
#连接后ping容器名可以直接ping通
[root@localhost ~]# docker exec -it 98375c387681 ping tomcat02
PING tomcat02 (172.17.0.2) 56(84) bytes of data.
64 bytes from tomcat02 (172.17.0.2): icmp_seq=1 ttl=64 time=0.219 ms
64 bytes from tomcat02 (172.17.0.2): icmp_seq=2 ttl=64 time=0.155 ms
64 bytes from tomcat02 (172.17.0.2): icmp_seq=3 ttl=64 time=0.064 ms
64 bytes from tomcat02 (172.17.0.2): icmp_seq=4 ttl=64 time=0.087 ms
^Z64 bytes from tomcat02 (172.17.0.2): icmp_seq=5 ttl=64 time=0.104 ms
64 bytes from tomcat02 (172.17.0.2): icmp_seq=6 ttl=64 time=0.119 ms
#原理:在hosts文件中做了映射
[root@localhost ~]# docker exec -it 98375c387681 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 tomcat02 2c3d1a8c6f92
172.17.0.4 98375c387681
#docke的三种网络模式
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
27210157df7f bridge bridge local
d1cc175ef2ad host host local
b7b6f0969e93 none null local
birdge:桥接模式
host:主机模式
none:不设置模式
container:容器模式(不建议使用)
#docker网络配置
[root@localhost ~]# docker run -d -P --network bridge tomcat
[root@localhost ~]# docker run -d -P tomcat
注:以上两个命令同样的效果
docker0网络:默认为bridge模式,域名无法ping通,--link可以让其ping通
#自定义网络
1、创建网络命令
[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 mynet
8af0b0bb7c6ebba6cca983b86a3b9a855e7c078d086ece7aa151dfea076be9a3
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
27210157df7f bridge bridge local
d1cc175ef2ad host host local
8af0b0bb7c6e mynet bridge local
b7b6f0969e93 none null local
2、查看网络配置
[root@localhost ~]# docker network inspect mynet
[
{
"Name": "mynet",
"Id": "8af0b0bb7c6ebba6cca983b86a3b9a855e7c078d086ece7aa151dfea076be9a3",
"Created": "2021-04-18T22:45:09.43838593-04:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
# 创建两个容器,mynet网络下会出现容器的配置
1、创建两个容器
[root@localhost ~]# docker run -d -P --name tomcat-net-01 --network mynet tomcat
ed69d3985dc9b91d5413a7a62a21bb62f30404fd35576e965c00d9c97e22d18c
[root@localhost ~]# docker run -d -P --name tomcat-net-02 --network mynet tomcat
6de88a0768e32e612b8eda4aaefd2602b54d7e0f34814ae523f2e410950b5654
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6de88a0768e3 tomcat "catalina.sh run" 3 seconds ago Up 2 seconds 0.0.0.0:49156->8080/tcp tomcat-net-02
ed69d3985dc9 tomcat "catalina.sh run" 13 seconds ago Up 12 seconds 0.0.0.0:49155->8080/tcp tomcat-net-01
2、查看mynet配置,会出现创建的两个容器的
[root@localhost ~]# docker network inspect mynet
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"6de88a0768e32e612b8eda4aaefd2602b54d7e0f34814ae523f2e410950b5654": {
"Name": "tomcat-net-02",
"EndpointID": "e31a6c04f8c7efb642881afa7b74e8d4df6757b977b1f32e7b34a0cbdc74f035",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"ed69d3985dc9b91d5413a7a62a21bb62f30404fd35576e965c00d9c97e22d18c": {
"Name": "tomcat-net-01",
"EndpointID": "fade8b179f1d2d798fef5bb33da17976c7a0f3d33339d4b86c69592b186e8a21",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
3、ping两个容器的域名查看是否可以ping通
[root@localhost ~]# docker exec -it tomcat-net-01 ping tomcat-net-02
PING tomcat-net-02 (192.168.0.3) 56(84) bytes of data.
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=1 ttl=64 time=0.079 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=2 ttl=64 time=0.222 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=3 ttl=64 time=0.167 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=4 ttl=64 time=0.228 ms
^Z64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=5 ttl=64 time=0.079 ms
64 bytes from tomcat-net-02.mynet (192.168.0.3): icmp_seq=6 ttl=64 time=0.186 ms
^C
--- tomcat-net-02 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 15ms
rtt min/avg/max/mdev = 0.079/0.160/0.228/0.061 ms
#网络联通
1、创建两个docker0网络
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e7238ea45f60 tomcat "catalina.sh run" 12 seconds ago Up 10 seconds 0.0.0.0:49158->8080/tcp tomcat02
de1f0e2bc5ad tomcat "catalina.sh run" 23 seconds ago Up 21 seconds 0.0.0.0:49157->8080/tcp tomcat01
6de88a0768e3 tomcat "catalina.sh run" 14 minutes ago Up 14 minutes 0.0.0.0:49156->8080/tcp tomcat-net-02
ed69d3985dc9 tomcat "catalina.sh run" 14 minutes ago Up 14 minutes 0.0.0.0:49155->8080/tcp tomcat-net-01
2、使用网络联通命令
[root@localhost ~]# docker network connect mynet tomcat01
3、查看nynet网络变化
"Containers": {
"6de88a0768e32e612b8eda4aaefd2602b54d7e0f34814ae523f2e410950b5654": {
"Name": "tomcat-net-02",
"EndpointID": "e31a6c04f8c7efb642881afa7b74e8d4df6757b977b1f32e7b34a0cbdc74f035",
"MacAddress": "02:42:c0:a8:00:03",
"IPv4Address": "192.168.0.3/16",
"IPv6Address": ""
},
"de1f0e2bc5adadf1db0b6917063a4f94128062258f0c626c7e5cc281fe039bc3": {
"Name": "tomcat01",
"EndpointID": "504c03820f00734a389ae64d81f460a8e13a7720fa7e5e184fd47b1b030800a5", //将tomcat01添加到mynet容器中
"MacAddress": "02:42:c0:a8:00:04",
"IPv4Address": "192.168.0.4/16",
"IPv6Address": ""
},
"ed69d3985dc9b91d5413a7a62a21bb62f30404fd35576e965c00d9c97e22d18c": {
"Name": "tomcat-net-01",
"EndpointID": "fade8b179f1d2d798fef5bb33da17976c7a0f3d33339d4b86c69592b186e8a21",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16",
"IPv6Address": ""
}
},
4、查看tomcat-net-01和tomcat01是否可以ping通
[root@localhost ~]# docker exec -it tomcat01 ping tomcat-net-01
PING tomcat-net-01 (192.168.0.2) 56(84) bytes of data.
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=1 ttl=64 time=0.098 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=2 ttl=64 time=0.189 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=3 ttl=64 time=0.063 ms
^Z64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=4 ttl=64 time=0.084 ms
64 bytes from tomcat-net-01.mynet (192.168.0.2): icmp_seq=5 ttl=64 time=0.121 ms
^C
--- tomcat-net-01 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 6ms
rtt min/avg/max/mdev = 0.063/0.111/0.189/0.043 ms
原文:https://www.cnblogs.com/fightsun/p/14645466.html