容器化企业级应用
1、容器化部署企业级应用
1.1:使用docker容器化部署企业级应用必要性
- 有利于快速实现企业级应用部署
- 有利于快速实现企业级应用恢复
1.2:使用docker容器化部署企业级应用
hub.docker.com 地址查看
2、容器实现nginx部署
2.1、运行nginx应用容器-1 不暴露端口
不在docker host 暴露端口
[root@centen7-10-hehe ~ 09:50:59]$ docker run -d --name nginx_test -v /some/content:/usr/share/nginx/html:ro nginx:latest
5d0520f4775a6a2906cc2ac289f8dffcc450ae4fde6892a0ac97cf0635a86d4a
[root@centen7-10-hehe ~ 10:38:28]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d0520f4775a nginx:latest "/docker-entrypoint.…" 9 seconds ago Up 8 seconds 80/tcp nginx_test
2b79aeaa77bc centos:7 "bash" 19 hours ago Up 50 minutes lucid_moser
fcd3051c7222 nginx "/docker-entrypoint.…" 20 hours ago Exited (255) 2 hours ago 80/tcp clever_swirles
[root@centen7-10-hehe ~ 10:38:36]$ docker inspect 5d0520f477 |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
[root@centen7-10-hehe ~ 10:39:22]$ curl 172.17.0.3
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.29.0</center>
</body>
</html>
[root@centen7-10-hehe ~ 10:39:53]$ echo "nginx in docker is start" > /some/content/index.html
查看容器内是否共享此文件
[root@centen7-10-hehe ~ 10:44:14]$ docker exec -it nginx_test ls /usr/share/nginx/html
index.html
[root@centen7-10-hehe ~ 10:41:01]$ curl 172.17.0.3
nginx in docker is start
2.2、运行nginx应用容器-2 端口暴露
在docker host暴露80端口
[root@centen7-10-hehe ~ 10:46:42]$ docker run -d --name 01nginx -p 80:80 -v /some/content-port:/usr/share/nginx/html:ro nginx:latest
177efb0eda8bc87340510d04cf997931856b8a1c175350650ea7ca6d24064a61
[root@centen7-10-hehe ~ 10:48:59]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
177efb0eda8b nginx:latest "/docker-entrypoint.…" 11 seconds ago Up 11 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp 01nginx
5d0520f4775a nginx:latest "/docker-entrypoint.…" 10 minutes ago Up 10 minutes 80/tcp nginx_test
内部访问
[root@centen7-10-hehe ~ 10:51:06]$ docker inspect 177efb0eda8b |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
[root@centen7-10-hehe ~ 10:51:47]$ curl 172.17.0.2
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.29.0</center>
</body>
</html>
[root@centen7-10-hehe ~ 10:53:04]$ echo "test nginx port" > /some/content-port/index.html
[root@centen7-10-hehe ~ 10:53:33]$ docker exec -it 01nginx ls /usr/share/nginx/html
index.html
[root@centen7-10-hehe ~ 10:54:32]$ curl 172.17.0.2
test nginx port
暴露80端口 可以在任意可以连接的地址上通过80端口访问 如下通过浏览器访问宿主机地址 端口80 即可跳转容器内部
测试端口暴露 外部连接
端口查看
[root@centen7-10-hehe ~ 10:54:59]$ ss -anput |grep ':80'
tcp LISTEN 0 128 *:80 *:* users:(("docker-proxy",pid=4190,fd=4))
tcp LISTEN 0 128 :::80 :::* users:(("docker-proxy",pid=4196,fd=4))
2.3、运行nginx应用容器-3
挂载配置文件,需要创建1个nginx容器, 把配置文件复制出来修改后使用
查看容器运行的进程,work进程根据CPU的核心数量一致
查看进程
[root@centen7-10-hehe ~ 11:33:15]$ docker top 01nginx
UID PID PPID C STIME TTY TIME CMD
root 4230 4209 0 10:48 ? 00:00:00 nginx: master process nginx -g daemon off;
101 4273 4230 0 10:48 ? 00:00:00 nginx: worker process
101 4274 4230 0 10:48 ? 00:00:00 nginx: worker process
创建nginx配置文件修改目录
[root@centen7-10-hehe ~ 11:34:22]$ docker cp 01nginx:/etc/nginx/nginx.conf /opt/nginx_conf/
Successfully copied 0B to /opt/nginx_conf/
no such directory
不存在目录 重新创建目录后cp
[root@centen7-10-hehe ~ 11:35:45]$ mkdir -p /opt/nginx_conf/
[root@centen7-10-hehe ~ 11:36:05]$ docker cp 01nginx:/etc/nginx/nginx.conf /opt/nginx_conf/
Successfully copied 2.56kB to /opt/nginx_conf/
验证
[root@centen7-10-hehe ~ 11:36:07]$ cd /opt/nginx_conf/
[root@centen7-10-hehe nginx_conf 11:38:31]$ ll
总用量 4
-rw-r--r-- 1 root root 644 6月 25 01:34 nginx.conf
修改配置文件,把进程数的auto,修改为4
[root@centen7-10-hehe nginx_conf 11:38:33]$ vim nginx.conf
修改
worker_processes 4;
重新启动容器
[root@centen7-10-hehe nginx_conf 11:40:10]$ docker run -d \
> -p 82:80 --name nginx_conf \
> -v /opt/nginx_index/:/usr/share/nginx/html:ro \
> -v /opt/nginx_conf/nginx.conf:/etc/nginx/nginx.conf:ro \
> nginx
269512c417688efb297132623f85a08180892d288efc4d79a8e58bb4eba58bb0
查看work进程是否变成4个
[root@centen7-10-hehe nginx_conf 11:44:05]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
269512c41768 nginx "/docker-entrypoint.…" 44 seconds ago Up 44 seconds 0.0.0.0:82->80/tcp, :::82->80/tcp nginx_conf
177efb0eda8b nginx:latest "/docker-entrypoint.…" 55 minutes ago Up 55 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp 01nginx
5d0520f4775a nginx:latest "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp nginx_test
[root@centen7-10-hehe nginx_conf 11:44:49]$ docker top nginx_conf
UID PID PPID C STIME TTY TIME CMD
root 5345 5324 0 11:44 ? 00:00:00 nginx: master process nginx -g daemon off;
101 5390 5345 0 11:44 ? 00:00:00 nginx: worker process
101 5391 5345 0 11:44 ? 00:00:00 nginx: worker process
101 5392 5345 0 11:44 ? 00:00:00 nginx: worker process
101 5393 5345 0 11:44 ? 00:00:00 nginx: worker process
读取容器中的配置文件
[root@centen7-10-hehe nginx_conf 11:46:42]$ docker exec -it nginx_conf cat /etc/nginx/nginx.conf
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log notice;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
3、容器实现tomcat部署
3.1 不暴露端口运行
下载tomcat镜像
[root@centen7-10-hehe nginx_conf 13:36:51]$ docker pull tomcat
Using default tag: latest
latest: Pulling from library/tomcat
32f112e3802c: Pull complete
ea8f5ca39c1a: Pull complete
a4f9b8cc7730: Pull complete
4e45d9955da7: Pull complete
59425f3d7529: Pull complete
66c77c59c8e6: Pull complete
4f4fb700ef54: Pull complete
ccaa96572930: Pull complete
Digest: sha256:52a7c268ce41e6717ca94a57f1afdf35cd04f6dc515e769d7b0a5424a0e1315a
Status: Downloaded newer image for tomcat:latest
docker.io/library/tomcat:latest
[root@centen7-10-hehe nginx_conf 13:43:04]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos test e06036673477 22 hours ago 204MB
nginx latest 22bd15417453 8 days ago 192MB
tomcat latest 9ca267cc83c7 2 weeks ago 468MB
mysql 5.7 5107333e08a8 19 months ago 501MB
elasticsearch 7.17.0 6fe993d6e7ed 3 years ago 612MB
centos 7 eeb6ee3f44bd 3 years ago 204MB
运行容器 --rm 运行结束后删除
[root@centen7-10-hehe ~ 13:58:03]$ docker run -d --rm tomcat:latest
9d8041a25a0732c8ad200fcb1312a2471dcc789cdd618607fae6e0a5462e6340
查看容器
[root@centen7-10-hehe ~ 14:02:04]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9d8041a25a07 tomcat:latest "catalina.sh run" 13 seconds ago Up 12 seconds 8080/tcp eager_poincare
查看IP
[root@centen7-10-hehe ~ 14:04:20]$ docker inspect 9d8041 |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.5",
"IPAddress": "172.17.0.5",
验证地址访问 查看服务,运行的是Tomcat11.0版本
[root@centen7-10-hehe ~ 14:04:35]$ curl 172.17.0.5:8080
<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/11.0.9</h3></body></html>
3.2 暴露端口运行
[root@centen7-10-hehe ~ 14:06:53]$ docker run -d -p 8081:8080 tomcat:latest
8965e0c13fced48f283144114ce2894f65b59e281013fe719e5401b8e12394e6
[root@centen7-10-hehe ~ 14:07:12]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8965e0c13fce tomcat:latest "catalina.sh run" 6 seconds ago Up 6 seconds 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp beautiful_sammet
9d8041a25a07 tomcat:latest "catalina.sh run" 5 minutes ago Up 5 minutes 8080/tcp eager_poincare
站点内容为空
[root@centen7-10-hehe ~ 14:07:18]$ docker exec 8965 ls /usr/local/tomcat/webapps
[root@centen7-10-hehe ~ 14:10:10]$
3.3 暴露端口及添加网站文件
关闭上面容器后重新生成
[root@centen7-10-hehe ~ 14:18:41]$ docker run -d -p 8082:8080 -v /opt/tomcat-server:/usr/local/tomcat/webapps/ROOT tomcat:latest
665ba502ff3676e08977754a82f22223ec3dc75f5cb00e7b2f733c64a063ff82
写入访问路径文件
[root@centen7-10-hehe ~ 14:12:14]$ echo "tomcat running" > /opt/tomcat-server/index.html
验证容器文件
[root@centen7-10-hehe ~ 14:21:05]$ docker exec 665ba502f ls /usr/local/tomcat/webapps/ROOT/
index.html
外部访问测试
4、容器实现mysql部署
4.1 单节点部署
启动数据库容器
[root@centen7-10-hehe ~ 14:24:16]$ docker run -p 3306:3306 \
> --name mysql_01 \
> -v /opt/mysql/log:/var/log/mysql \
> -v /opt/mysql/data:/var/lib/mysql \
> -v /opt/mysql/conf:/etc/mysql/conf.d \
> -e MYSQL_ROOT_PASSWORD=root \
> -d \
> mysql:5.7
9878211291c3446e2ce69fffa00f8001f4f90ac7ff412f7993f9f91bc57a5b35
[root@centen7-10-hehe ~ 14:26:05]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9878211291c3 mysql:5.7 "docker-entrypoint.s…" 13 seconds ago Up 11 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_01
665ba502ff36 tomcat:latest "catalina.sh run" 6 minutes ago Up 6 minutes 0.0.0.0:8082->8080/tcp, :::8082->8080/tcp dazzling_curie
通过容器中客户端直接访问
[root@centen7-10-hehe ~ 14:26:17]$ docker exec -it mysql_01 mysql -uroot -proot
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.44 MySQL Community Server (GPL)
Copyright (c) 2000, 2023, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.01 sec)
在宿主机上访问
新开窗口 下载mariadb
[root@centen7-10-hehe ~ 14:27:47]$ yum install -y mariadb
然后通过3306端口访问跳转到容器mysql
[root@centen7-10-hehe ~ 14:28:25]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.44 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
MySQL [(none)]>
验证连接
验证是否是同一连接
[root@centen7-10-hehe ~ 14:26:17]$ docker exec -it mysql_01 mysql -uroot -proot
......
容器连接创建db
mysql> create database testdb;
Query OK, 1 row affected (0.00 sec)
宿主机连接验证是否有创建testdb
[root@centen7-10-hehe ~ 14:28:25]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
......
MySQL [(none)]> show databases;\
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| testdb |
+--------------------+
5 rows in set (0.00 sec)可以直接查看到有刚刚添加的school数据库。
4.2 主从复制集群部署
4.2.1主节点部署
清理容器
[root@centen7-10-hehe ~ 14:52:29]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9878211291c3 mysql:5.7 "docker-entrypoint.s…" 43 minutes ago Up 43 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_01
665ba502ff36 tomcat:latest "catalina.sh run" 50 minutes ago Up 50 minutes 0.0.0.0:8082->8080/tcp, :::8082->8080/tcp dazzling_curie
[root@centen7-10-hehe ~ 15:09:41]$ docker stop 665ba502ff36 9878211291c3
665ba502ff36
9878211291c3
[root@centen7-10-hehe ~ 15:09:57]$ docker rm 9878211291c3 665ba502ff36
9878211291c3
665ba502ff36
[root@centen7-10-hehe ~ 15:10:09]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
创建容器
docker run -p 3306:3306 \
--name mysql_master \
-v /opt/mysql_master/log:/var/log/mysql \
-v /opt/mysql_master/data:/var/lib/mysql \
-v /opt/mysql_master/conf:/etc/mysql/conf.d \
-e MYSQL_ROOT_PASSWORD=root \
-d \
mysql:5.7
验证
[root@centen7-10-hehe ~ 15:16:53]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8eb73148954c mysql:5.7 "docker-entrypoint.s…" 53 seconds ago Up 52 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_master
验证登录
[root@centen7-10-hehe ~ 15:16:54]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.44 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]>
主节点配置
[root@centen7-10-hehe ~ 15:18:16]$ vim /opt/mysql_master/conf/my.cnf
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
skip-name-resolve
server_id=1
log-bin=mysql-bin
read-only=0
binlog-do-db=school
replicate-ignore-db=mysql
replicate-ignore-db=sys
replicate-ignore-db=information_schema
replicate-ignore-db=performance_schema从节点部署
link用法 主机名:别名
[root@centen7-10-hehe ~ 15:18:42]$ docker run -d -p 3307:3306 \
> --name mysql_slave \
> -v /opt/mysql_slave/log:/var/log/mysql \
> -v /opt/mysql_slave/data:/var/lib/mysql \
> -v /opt/mysql_slave/conf:/etc/mysql/conf.d \
> -e MYSQL_ROOT_PASSWORD=root \
> --link mysql_master:mysql_master \
> mysql:5.7
42d0c962f24bf49d780edbc81ecf91abeb1b4a506ac19ec4a3001992b152187e
[root@centen7-10-hehe ~ 15:23:28]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
42d0c962f24b mysql:5.7 "docker-entrypoint.s…" 6 seconds ago Up 5 seconds 33060/tcp, 0.0.0.0:3307->3306/tcp, :::3307->3306/tcp mysql_slave
8eb73148954c mysql:5.7 "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_master
从节点配置
[root@centen7-10-hehe ~ 15:24:56]$ vim /opt/mysql_slave/conf/my.cnf
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
skip-name-resolve
server_id=2
log-bin=mysql-bin
read-only=1
binlog-do-db=school
replicate-ignore-db=mysql
replicate-ignore-db=sys
replicate-ignore-db=information_schema
replicate-ignore-db=performance_schemamaster节点配置
主节点登录
[root@centen7-10-hehe ~ 15:28:19]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
Welcome to the MariaDB monitor. Commands
......
创建权限 并刷新权限
MySQL [(none)]> grant replication slave on *.* to 'baackup'@'%' identified by '123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)
MySQL [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)
MySQL [(none)]>
重启服务
[root@centen7-10-hehe nginx_conf 15:31:50]$ docker restart mysql_master
mysql_master
查看状态
[root@centen7-10-hehe nginx_conf 15:32:14]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
42d0c962f24b mysql:5.7 "docker-entrypoint.s…" 9 minutes ago Up 9 minutes 33060/tcp, 0.0.0.0:3307->3306/tcp, :::3307->3306/tcp mysql_slave
8eb73148954c mysql:5.7 "docker-entrypoint.s…" 16 minutes ago Up 32 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_master
重新登录查看
[root@centen7-10-hehe nginx_conf 15:32:47]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.44-log MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
5 rows in set (0.00 sec)
MySQL [(none)]> show master status\G
*************************** 1. row ***************************
File: mysql-bin.000005
Position: 306
Binlog_Do_DB: school
Binlog_Ignore_DB:
Executed_Gtid_Set:
1 row in set (0.00 sec)
ERROR: No query specified
slave节点配置
[root@centen7-10-hehe ~ 15:34:14]$ docker restart mysql_slave
mysql_slave
[root@centen7-10-hehe ~ 15:34:47]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
42d0c962f24b mysql:5.7 "docker-entrypoint.s…" 11 minutes ago Up 11 seconds 33060/tcp, 0.0.0.0:3307->3306/tcp, :::3307->3306/tcp mysql_slave
8eb73148954c mysql:5.7 "docker-entrypoint.s…" 18 minutes ago Up 2 minutes 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql_master
登录从数据库
[root@centen7-10-hehe ~ 15:57:41]$ mysql -h 10.1.8.10 -uroot -proot -P3307
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.44-log MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
MySQL [(none)]> stop slave;
Query OK, 0 rows affected (0.00 sec)
MySQL [(none)]> change master to master_host='mysql_master',master_user='baackup',master_password='123456',master_log_file='mysql-bin.000005',master_log_pos=306,master_port=3306;
Query OK, 0 rows affected, 2 warnings (0.00 sec)
MySQL [(none)]> start slave;
Query OK, 0 rows affected (0.00 sec)
MySQL [(none)]> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: mysql_master
Master_User: baackup
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000005
Read_Master_Log_Pos: 306
Relay_Log_File: 42d0c962f24b-relay-bin.000002
Relay_Log_Pos: 320
Relay_Master_Log_File: mysql-bin.000005
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB: mysql,sys,information_schema,performance_schema
Replicate_Do_Table:
.....
验证MySQL集群可用性
[root@centen7-10-hehe nginx_conf 15:56:54]$ mysql -h 10.1.8.10 -uroot -proot -P 3306
......
主库创建school同步数据库 设置只能同步此库 所以需要创建此库
MySQL [(none)]> create database school;
Query OK, 1 row affected (0.00 sec)
MySQL [(none)]>
从库登录验证是否存在
[root@centen7-10-hehe nginx_conf 15:56:54]$ mysql -h 10.1.8.10 -uroot -proot -P 3307
.......
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| school |
| sys |
+--------------------+
5 rows in set (0.00 sec)
如果同步失败
1 登录从数据库 关闭同步 退出后 重启主从数据库容器
[root@centen7-10-hehe ~ 15:46:42]$ mysql -h 10.1.8.10 -uroot -proot -P3307
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.7.44-log MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> stop slave;
Query OK, 0 rows affected (0.00 sec)
MySQL [(none)]> exit
Bye
主从都重启 恢复初始状态 如果增加数据记得删除后重启
[root@centen7-10-hehe ~ 15:46:56]$ docker restart mysql_slave
重新配置从库即可
2 账号密码错误 导致io同步连接失败
查看账号密码是否输入错误导致5、容器实现ElasticSearch+Kibana
ElasticSearch
下载es镜像
[root@centen7-10-hehe ~ 16:15:18]$ docker pull elasticsearch:7.17.0
7.17.0: Pulling from library/elasticsearch
Digest: sha256:332c6d416808f6e9a2cbcbe0170d9a9bb14bfe772180d37de5084c223dd8948b
Status: Image is up to date for elasticsearch:7.17.0
docker.io/library/elasticsearch:7.17.0
创建配置文件目录
[root@centen7-10-hehe ~ 16:18:25]$ mkdir -p /opt/es/config
创建数据文件目录
[root@centen7-10-hehe ~ 16:19:02]$ mkdir -p /opt/es/data
创建监听端口资源
[root@centen7-10-hehe ~ 16:19:07]$ echo "http.host: 0.0.0.0" >> /opt/es/config/elasticsearch.yml
开启权限
[root@centen7-10-hehe ~ 16:19:16]$ chmod -R 777 /opt/es/
启动容器
[root@centen7-10-hehe ~ 16:19:23]$ docker run -d -p 9200:9200 -p 9300:9300 --name elasticsearch \
> -e "discovery.type=single-node" \
> -e ES_JAVA_OPTS="-Xms64m -Xmx512m" \
> -v /opt/es/config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml \
> -v /opt/es/data:/usr/share/elasticsearch/data \
> -v /opt/es/plugins:/usr/share/elasticseach/plugins \
> elasticsearch:7.17.0
844c7d3e249d9ee8dab9960c6727851327718bad417228991e8ac10c25b821f6
查看容器
[root@centen7-10-hehe ~ 16:30:35]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
844c7d3e249d elasticsearch:7.17.0 "/bin/tini -- /usr/l…" 4 minutes ago Up 4 minutes 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp elasticsearch
访问验证
Kibana
下载镜像
docker pull kibana:7.17.0
启动容器 对应监听elasticserach 端口地址
[root@centen7-10-hehe ~ 09:46:22]$ docker run --name kibana -d -e ELASTICSEARCH_HOSTS=http://10.1.8.10:9200 -p 5601:5601 kibana:7.17.0
96e23745c5c76f446b89263bd77c6bdba9d1a43155b42646827546931ab8a6e3
6、容器实现Redis部署
运行redis容器
创建配置文件目录
[root@centen7-10-hehe ~ 10:14:59]$ mkdir -p /opt/redis/conf
创建配置文件
[root@centen7-10-hehe ~ 10:15:17]$ touch /opt/redis/conf/redis.conf
下载镜像并运行容器 redis-server 启动redis /etc/redis/redis.conf 加载redis配置文件
[root@centen7-10-hehe ~ 10:16:09]$ docker run -p 6379:6379 --name redis -v /opt/redis/data:/data -v /opt/redis/conf/:/etc/redis -d redis redis-server /etc/redis/redis.conf
Unable to find image 'redis:latest' locally
latest: Pulling from library/redis
59e22667830b: Pull complete
563069fa03b4: Pull complete
49031c033a72: Pull complete
c645e9c24a26: Pull complete
ab52a92c7961: Pull complete
4f4fb700ef54: Pull complete
550e4087f9e6: Pull complete
Digest: sha256:f957ce918b51f3ac10414244bedd0043c47db44a819f98b9902af1bd9d0afcea
Status: Downloaded newer image for redis:latest
168c64aac25056552f2af7d98217cb7e91abee0e344bf10bca9f61d3e20d4d7f
查看容器
[root@centen7-10-hehe ~ 10:23:55]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
168c64aac250 redis "docker-entrypoint.s…" 27 seconds ago Up 26 seconds 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp
验证,使用客户端进行连接
首先获取ip地址
[root@centen7-10-hehe ~ 10:24:21]$ docker inspect 168c64aac250 |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.4",
"IPAddress": "172.17.0.4",
使用redis-cli连接测试
[root@centen7-10-hehe ~ 10:27:05]$ docker run -it redis:latest redis-cli -h 172.17.0.4
172.17.0.4:6379> set name zhangsan
OK
172.17.0.4:6379> get name
"zhangsan"
172.17.0.4:6379>
Redis集群
方式:三主,三从
三主:实现数据分片
三从:实现数据备份
确保环境 删除当前redis镜像
[root@centen7-10-hehe ~ 10:35:23]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3974ceb39f91 redis:latest "docker-entrypoint.s…" 23 minutes ago Exited (0) 16 minutes ago laughing_davinci
168c64aac250 redis "docker-entrypoint.s…" 27 minutes ago Up 27 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp redis
96e23745c5c7 kibana:7.17.0 "/bin/tini -- /usr/l…" About an hour ago Up About an hour 0.0.0.0:5601->5601/tcp, :::5601->5601/tcp kibana
844c7d3e249d elasticsearch:7.17.0 "/bin/tini -- /usr/l…" 18 hours ago Up About an hour 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp, 0.0.0.0:9300->9300/tcp, :::9300->9300/tcp elasticsearch
[root@centen7-10-hehe ~ 10:51:11]$ docker ps -a |awk '{print "docker stop " $1}' |bash
Error response from daemon: No such container: CONTAINER
3974ceb39f91
168c64aac250
96e23745c5c7
844c7d3e249d
[root@centen7-10-hehe ~ 10:51:47]$ docker ps -a |awk '{print "docker rm " $1}' |bash
Error response from daemon: No such container: CONTAINER
3974ceb39f91
168c64aac250
96e23745c5c7
844c7d3e249d
[root@centen7-10-hehe ~ 10:51:51]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
创建集群脚本 rdis版本为5.7.0 可以更改其他版本
[root@centen7-10-hehe ~ 10:55:43]$ vim redis-cluster1.sh
for port in $(seq 8001 8006); \
do \
mkdir -p /mydata/redis/node-${port}/conf
touch /mydata/redis/node-${port}/conf/redis.conf
cat << EOF >/mydata/redis/node-${port}/conf/redis.conf
port ${port}
cluster-enabled yes
cluster-config-file nodes.conf
cluster-node-timeout 5000
cluster-announce-ip 10.1.8.10
cluster-announce-port ${port}
cluster-announce-bus-port 1${port}
appendonly yes
EOF
docker run -p ${port}:${port} -p 1${port}:1${port} --name redis-${port} \
-v /mydata/redis/node-${port}/data:/data \
-v /mydata/redis/node-${port}/conf/redis.conf:/etc/redis/redis.conf \
-d redis:5.0.7 redis-server /etc/redis/redis.conf; \
done
解释
cluster-config-file nodes.conf 指定配置文件位置是自带的 但是需要指定
执行脚本
[root@centen7-10-hehe ~ 10:57:34]$ sh redis-cluster1.sh
Unable to find image 'redis:5.0.7' locally
5.0.7: Pulling from library/redis
68ced04f60ab: Pull complete
7ecc253967df: Pull complete
765957bf98d4: Pull complete
52f16772e1ca: Pull complete
2e43ba99c3f3: Pull complete
d95576c71392: Pull complete
Digest: sha256:938ee5bfba605cc85f9f52ff95024e9a24cf5511ba6f1cbc68ec9d91a0432125
Status: Downloaded newer image for redis:5.0.7
a32806667bd455a7438b1b7c0623e8dbab0f160689afaf023544641045519e44
64a06b5b15abb10b37e0971e56f12bc406a9a11ef93d683b7eed43bbece885d1
934d72893ad6bd1175b78b430d1de890c12aca3758d9c9724d77cdc37f296c79
84c6d65949123377056d7ae34009fb668fae763cf1075aee4d482b61da173ddd
8811ad8ab0cc4fcf3be67794cd4e510f219a300856ea564708b0cbbb9242283d
4ee55c351fee0318b51d45db47cae1026708a976ea27b46f13bb0b3be14763bf
验证容器情况 6个容器启动
[root@centen7-10-hehe ~ 10:59:54]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4ee55c351fee redis:5.0.7 "docker-entrypoint.s…" 35 seconds ago Up 34 seconds 0.0.0.0:8006->8006/tcp, :::8006->8006/tcp, 6379/tcp, 0.0.0.0:18006->18006/tcp, :::18006->18006/tcp redis-8006
8811ad8ab0cc redis:5.0.7 "docker-entrypoint.s…" 35 seconds ago Up 34 seconds 0.0.0.0:8005->8005/tcp, :::8005->8005/tcp, 6379/tcp, 0.0.0.0:18005->18005/tcp, :::18005->18005/tcp redis-8005
84c6d6594912 redis:5.0.7 "docker-entrypoint.s…" 36 seconds ago Up 35 seconds 0.0.0.0:8004->8004/tcp, :::8004->8004/tcp, 6379/tcp, 0.0.0.0:18004->18004/tcp, :::18004->18004/tcp redis-8004
934d72893ad6 redis:5.0.7 "docker-entrypoint.s…" 37 seconds ago Up 36 seconds 0.0.0.0:8003->8003/tcp, :::8003->8003/tcp, 6379/tcp, 0.0.0.0:18003->18003/tcp, :::18003->18003/tcp redis-8003
64a06b5b15ab redis:5.0.7 "docker-entrypoint.s…" 37 seconds ago Up 36 seconds 0.0.0.0:8002->8002/tcp, :::8002->8002/tcp, 6379/tcp, 0.0.0.0:18002->18002/tcp, :::18002->18002/tcp redis-8002
a32806667bd4 redis:5.0.7 "docker-entrypoint.s…" 38 seconds ago Up 37 seconds 0.0.0.0:8001->8001/tcp, :::8001->8001/tcp, 6379/tcp, 0.0.0.0:18001->18001/tcp, :::18001->18001/tcp redis-8001
进入任意1个容器
--cluster-replicas 1 表示一个副本 有一个主就有一个从
--cluster-replicas 2 每个主节点配置2个副本节点
[root@centen7-10-hehe ~ 11:38:53]$ docker exec -it redis-8001 bash
root@a32806667bd4:/data# redis-cli --cluster create 10.1.8.10:8001 10.1.8.10:8002 10.1.8.10:8003 10.1.8.10:8004 10.1.8.10:8005 10.1.8.10:8006 --cluster-replicas 1
>>> Performing hash slots allocation on 6 nodes...
Master[0] -> Slots 0 - 5460
Master[1] -> Slots 5461 - 10922
Master[2] -> Slots 10923 - 16383
Adding replica 10.1.8.10:8005 to 10.1.8.10:8001
Adding replica 10.1.8.10:8006 to 10.1.8.10:8002
Adding replica 10.1.8.10:8004 to 10.1.8.10:8003
>>> Trying to optimize slaves allocation for anti-affinity
[WARNING] Some slaves are in the same host as their master
M: 7c8ae10703ee40a787a971a4eedabfafe7424bb5 10.1.8.10:8001
slots:[0-5460] (5461 slots) master
M: 570b32730b28a060406298e018b0e9ed807d39d2 10.1.8.10:8002
slots:[5461-10922] (5462 slots) master
M: 1bd73934d072f6b525e2d2659751822553d915a7 10.1.8.10:8003
slots:[10923-16383] (5461 slots) master
S: 76f054a0c91820dc78f61ea1de353928d8d17d61 10.1.8.10:8004
replicates 570b32730b28a060406298e018b0e9ed807d39d2
S: c91e6ceebf9d00ac21c2f89f4a5c9427578a3278 10.1.8.10:8005
replicates 1bd73934d072f6b525e2d2659751822553d915a7
S: 89c508b3e66fca3feef3088dd4b566a6d8ceca75 10.1.8.10:8006
replicates 7c8ae10703ee40a787a971a4eedabfafe7424bb5
Can I set the above configuration? (type 'yes' to accept): yes
>>> Nodes configuration updated
>>> Assign a different config epoch to each node
>>> Sending CLUSTER MEET messages to join the cluster
Waiting for the cluster to join
...
>>> Performing Cluster Check (using node 10.1.8.10:8001)
M: 7c8ae10703ee40a787a971a4eedabfafe7424bb5 10.1.8.10:8001
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 89c508b3e66fca3feef3088dd4b566a6d8ceca75 10.1.8.10:8006
slots: (0 slots) slave
replicates 7c8ae10703ee40a787a971a4eedabfafe7424bb5
M: 1bd73934d072f6b525e2d2659751822553d915a7 10.1.8.10:8003
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: c91e6ceebf9d00ac21c2f89f4a5c9427578a3278 10.1.8.10:8005
slots: (0 slots) slave
replicates 1bd73934d072f6b525e2d2659751822553d915a7
M: 570b32730b28a060406298e018b0e9ed807d39d2 10.1.8.10:8002
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
S: 76f054a0c91820dc78f61ea1de353928d8d17d61 10.1.8.10:8004
slots: (0 slots) slave
replicates 570b32730b28a060406298e018b0e9ed807d39d2
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
7、容器的镜像构建
容器镜像获取的方法
主要有以下几种:
1:在DockerHub直接下载
2:把操作系统中文件系统打包为容器镜像
3:把正在运行的容器打包为容器镜像,即docker commit
4:通过Dockerfile实现容器镜像的自定义及生成
获取镜像方法应用
1:在DockerHub直接下载
docker pull centos:latest
docker pull nginx:latest2:把操作系统中文件系统打包为容器镜像
安装最小化操作系统
把操作系统中文件系统进行打包
在新安装的主机操作
[root@localhost-hehe ~ 13:58:44]$ tar --numeric-owner --exclude=/proc --exclude=/sys -cvf centos7.tar /
传给另个虚拟机 存在docker环境的虚拟机
[root@localhost-hehe ~ 14:02:16]$ ll
总用量 2096772
-rw-------. 1 root root 1243 7月 24 13:52 anaconda-ks.cfg
-rw-r--r--. 1 root root 1416560640 7月 24 14:02 centos7.tar
[root@localhost-hehe ~ 14:02:19]$ scp centos7.tar root@10.1.8.10:/root/
The authenticity of host '10.1.8.10 (10.1.8.10)' can't be established.
ECDSA key fingerprint is SHA256:XHgrRYQiZ0YIK3Tb9nE7otVwaEWYcw+YQh8eCnwgBgo.
ECDSA key fingerprint is MD5:74:47:43:11:93:48:6b:e1:7f:fe:22:bc:f8:ce:a1:ac.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.1.8.10' (ECDSA) to the list of known hosts.
root@10.1.8.10's password:
centos7.tar 100% 1351MB 195.9MB/s 00:06
[root@localhost-hehe ~ 14:03:42]$
docker环境主机 操作
[root@centen7-10-hehe ~ 13:38:58]$ ll
总用量 2766424
-rw-------. 1 root root 1930 7月 17 14:14 anaconda-ks.cfg
-rw-r--r-- 1 root root 1416560640 7月 24 14:03 centos7.tar
-rw------- 1 root root 211688448 7月 23 09:49 centos_new.tar
-rw------- 1 root root 211703296 7月 23 09:33 centos_test.tar
-rwxr-xr-x. 1 root root 48 7月 21 12:00 cpu.sh
-rw-r--r--. 1 root root 1961 7月 17 14:19 initial-setup-ks.cfg
-rw-r--r-- 1 root root 519596032 7月 23 14:21 mysql_5.7.tar
-rw-r--r-- 1 root root 631 7月 24 10:56 redis-cluster1.sh
-rw------- 1 root root 473244160 7月 23 13:54 tomcat.tar
drwxr-xr-x. 2 root root 6 7月 17 14:23 公共
drwxr-xr-x. 2 root root 6 7月 17 14:23 模板
drwxr-xr-x. 2 root root 6 7月 17 14:23 视频
drwxr-xr-x. 2 root root 6 7月 17 14:23 图片
drwxr-xr-x. 2 root root 6 7月 17 14:23 文档
drwxr-xr-x. 2 root root 6 7月 17 14:23 下载
drwxr-xr-x. 2 root root 6 7月 17 14:23 音乐
drwxr-xr-x. 2 root root 6 7月 17 14:23 桌面
[root@centen7-10-hehe ~ 14:04:58]$ docker import centos7.tar centos7:v1.0
sha256:8e46deb7cd99aadc6231f78af8ad01efddf0b43c86eba0606a35250f9cbcb5f1
[root@centen7-10-hehe ~ 14:05:38]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7 v1.0 8e46deb7cd99 10 seconds ago 1.37GB
运行容器并进入输入命令测试
[root@centen7-10-hehe ~ 14:05:48]$ docker run -it centos7:v1.0 bash
自动进入容器
[root@78a81d2dae5f-hehe / 14:07:03]$ ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
26: eth0@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@78a81d2dae5f-hehe / 14:07:12]$
3:把正在运行的容器打包为容器镜像,即docker commit
进入centos7 容器 配置镜像源 并安装 成功后退出容器
[root@centen7-10-hehe ~ 14:35:00]$ docker attach centos
Error response from daemon: No such container: centos
[root@centen7-10-hehe ~ 14:36:20]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
78a81d2dae5f centos7:v1.0 "bash" 29 minutes ago Exited (0) About a minute ago musing_dirac
[root@centen7-10-hehe ~ 14:36:26]$ docker attach 78a81d2dae5f
You cannot attach to a stopped container, start it first
[root@centen7-10-hehe ~ 14:36:34]$ docker start 78a81d2dae5f
78a81d2dae5f
[root@centen7-10-hehe ~ 14:36:57]$ docker attach 78a81d2dae5f
[root@78a81d2dae5f-hehe / 14:36:57]$ mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
[root@78a81d2dae5f-hehe / 14:38:11]$ curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 3229 0 --:--:-- --:--:-- --:--:-- 3226
[root@78a81d2dae5f-hehe / 14:38:18]$ yum install -y httpd
退出容器
[root@78a81d2dae5f-hehe / 14:38:18]$ ctrl + p + q正在运行的容器打包为容器镜像
[root@centen7-10-hehe ~ 14:40:54]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
78a81d2dae5f centos7:v1.0 "bash" 33 minutes ago Up 4 minutes musing_dirac
[root@centen7-10-hehe ~ 14:41:00]$ docker commit 78a81d2dae5f centos7-httpd:v1
sha256:f22e949ee912852202634a30b98fb7bd7be563f0de2cea31999320e1ff44f2e5
[root@centen7-10-hehe ~ 14:41:24]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7-httpd v1 f22e949ee912 4 seconds ago 1.67GB
测试容器运行
[root@centen7-10-hehe ~ 14:41:28]$ docker run -it centos7-httpd:v1 bash
[root@6d5447e5b323-hehe / 14:42:23]$ rpm -qa |grep httpd
httpd-2.4.6-99.el7.centos.1.x86_64
httpd-tools-2.4.6-99.el7.centos.1.x86_64
查看首页面
[root@6d5447e5b323-hehe / 14:43:28]$ httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message'
[root@6d5447e5b323-hehe / 14:44:44]$ curl http://localhost
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Apache HTTP Server Test Page powered by CentOS</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<!-- Bootstrap -->
<link href="/noindex/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="noindex/css/open-sans.css" type="text/css" />
<style type="text/css"><!--
body {
font-family: "Open Sans", Helvetica, sans-serif;
font-weight: 100;
color: #ccc;
background: rgba(10, 24, 55, 1);
font-size: 16px;
}
h2, h3, h4 {
font-weight: 200;
}
h2 {
font-size: 28px;
}
.jumbotron {
margin-bottom: 0;
color: #333;
background: rgb(212,212,221); /* Old browsers */
background: radial-gradient(ellipse at center top, rgba(255,255,255,1) 0%,rgba(174,174,183,1) 100%); /* W3C */
}
.jumbotron h1 {
font-size: 128px;
font-weight: 700;
color: white;
text-shadow: 0px 2px 0px #abc,
0px 4px 10px rgba(0,0,0,0.15),
0px 5px 2px rgba(0,0,0,0.1),
0px 6px 30px rgba(0,0,0,0.1);
}
.jumbotron p {
font-size: 28px;
font-weight: 100;
}
.main {
background: white;
color: #234;
border-top: 1px solid rgba(0,0,0,0.12);
padding-top: 30px;
padding-bottom: 40px;
}
.footer {
border-top: 1px solid rgba(255,255,255,0.2);
padding-top: 30px;
}
--></style>
</head>
<body>
<div class="jumbotron text-center">
<div class="container">
<h1>Testing 123..</h1>
<p class="lead">This page is used to test the proper operation of the <a href="http://apache.org">Apache HTTP server</a> after it has been installed. If you can read this page it means that this site is working properly. This server is powered by <a href="http://centos.org">CentOS</a>.</p>
</div>
</div>
<div class="main">
<div class="container">
<div class="row">
<div class="col-sm-6">
<h2>Just visiting?</h2>
<p class="lead">The website you just visited is either experiencing problems or is undergoing routine maintenance.</p>
<p>If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail. In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person.</p>
<p>For example, if you experienced problems while visiting www.example.com, you should send e-mail to "webmaster@example.com".</p>
</div>
<div class="col-sm-6">
<h2>Are you the Administrator?</h2>
<p>You should add your website content to the directory <tt>/var/www/html/</tt>.</p>
<p>To prevent this page from ever being used, follow the instructions in the file <tt>/etc/httpd/conf.d/welcome.conf</tt>.</p>
<h2>Promoting Apache and CentOS</h2>
<p>You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS!</p>
<p><a href="http://httpd.apache.org/"><img src="images/apache_pb.gif" alt="[ Powered by Apache ]"></a> <a href="http://www.centos.org/"><img src="images/poweredby.png" alt="[ Powered by CentOS Linux ]" height="31" width="88"></a></p>
</div>
</div>
</div>
</div>
</div>
<div class="footer">
<div class="container">
<div class="row">
<div class="col-sm-6">
<h2>Important note:</h2>
<p class="lead">The CentOS Project has nothing to do with this website or its content,
it just provides the software that makes the website run.</p>
<p>If you have issues with the content of this site, contact the owner of the domain, not the CentOS project.
Unless you intended to visit CentOS.org, the CentOS Project does not have anything to do with this website,
the content or the lack of it.</p>
<p>For example, if this website is www.example.com, you would find the owner of the example.com domain at the following WHOIS server:</p>
<p><a href="http://www.internic.net/whois.html">http://www.internic.net/whois.html</a></p>
</div>
<div class="col-sm-6">
<h2>The CentOS Project</h2>
<p>The CentOS Linux distribution is a stable, predictable, manageable and reproduceable platform derived from
the sources of Red Hat Enterprise Linux (RHEL).<p>
<p>Additionally to being a popular choice for web hosting, CentOS also provides a rich platform for open source communities to build upon. For more information
please visit the <a href="http://www.centos.org/">CentOS website</a>.</p>
</div>
</div>
</div>
</div>
</div>
</body></html>
4:通过Dockerfile实现容器镜像的自定义及生成
Dockerfile介绍
Dockerfile是一种能够被Docker程序解释的剧本。Dockerfile由一条一条的指令组成,并且有自己的书
写格式和支持的命令。当我们需要在容器镜像中指定自己额外的需求时,只需在Dockerfile上添加或修
改指令,然后通过docker build生成我们自定义的容器镜像(image)。
Dockerfile指令
- 构建类指令
- 用于构建image
- 其指定的操作不会在运行image的容器上执行(FROM、MAINTAINER、RUN、ENV、ADD、COPY)
- 设置类指令
- 用于设置image的属性
- 其指定的操作将在运行image的容器中执行(CMD、ENTRYPOINT、USER、EXPOSE、VOLUME、WORKDIR、ONBUILD)
- 指令说明
案例应用
构建SSH镜像
环境准备
[root@centen7-10-hehe ~ 15:21:11]$ mkdir -p /docker_work/sshd
[root@centen7-10-hehe ~ 15:21:19]$ cd /docker_work/sshd
编写dockerfile文件 名称Dockerfile 会再当前位置自动识别
命令 -D 作用
具体功能解析
- 前台运行模式 (Foreground Mode)
- 默认情况下,sshd 会作为守护进程在后台运行
- -D 强制 SSH 服务器在前台运行
- 容器必要性:Docker 要求主进程在前台运行,否则容器会立即退出
- 禁止进程分离 (No Daemonization)
- 正常情况:sshd 会创建子进程并退出父进程
- 使用 -D:保持单个进程,不进行进程分叉
- 容器优势:使 Docker 能正确监控 SSH 服务状态
- 日志输出到标准错误 (Log to stderr)
- 所有日志直接输出到 stderr(标准错误)
- 容器优势:可通过 docker logs 直接查看 SSH 日志
docker logs <container-name>
Dockerflie编写
[root@centen7-10-hehe sshd 15:21:23]$ vim Dockerfile
# 基础镜像 FROM必须是第一层
FROM centos:7
# 描述性信息MAINTAINER
MAINTAINER This is project <he>
# 配置阿里云镜像源 方便使用yum 安装软件
RUN mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# 使用yum安装指令 升级yum 环境源
RUN yum update -y
RUN yum -y install openssh* net-tools lsof telnet passwd
# 只要是命令 都写RUN
RUN echo '123456' | passwd --stdin root
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
# 暴露端口
EXPOSE 22
# -D 以守护进程启动
CMD ["/usr/sbin/sshd" , "-D"]
构建镜像 点 【 . 】 自动识别当前目录下的Dockerfile
[root@centen7-10-hehe sshd 15:48:22]$ docker build -t centos_sshd:v1 .
[+] Building 1.9s (14/14) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 914B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [ 1/10] FROM docker.io/library/centos:7 0.0s
=> CACHED [ 2/10] RUN mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backu 0.0s
=> CACHED [ 3/10] RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Ce 0.0s
=> CACHED [ 4/10] RUN yum update -y 0.0s
=> CACHED [ 5/10] RUN yum -y install openssh* net-tools lsof telnet passwd 0.0s
=> CACHED [ 6/10] RUN echo '123456' | passwd --stdin root 0.0s
=> CACHED [ 7/10] RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config 0.0s
=> CACHED [ 8/10] RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key 0.0s
=> CACHED [ 9/10] RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd 0.0s
=> [10/10] RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh 0.7s
=> exporting to image 1.0s
=> => exporting layers 1.0s
=> => writing image sha256:370824e86bf457d54967e8fee60f067c757aa220c177af52b3c973fd85cf8b10 0.0s
=> => naming to docker.io/library/centos_sshd:v1
验证
[root@centen7-10-hehe ~ 15:48:50]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_sshd v1 370824e86bf4 About a minute ago 916MB
启动容器
-P 随机端口 通过查看为32768
[root@centen7-10-hehe ~ 15:50:12]$ docker run -d -P centos_sshd:v1
ccdf4b5604eeedb0333582287e34509cbed0459c28d55c79bed3014fb8cee113
[root@centen7-10-hehe ~ 16:09:07]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ccdf4b5604ee centos_sshd:v1 "/usr/sbin/sshd -D" 13 seconds ago Up 12 seconds 0.0.0.0:32768->22/tcp, :::32768->22/tcp loving_kare
验证 通过32768端口登录到容器
[root@centen7-10-hehe ~ 16:10:06]$ ssh localhost -p 32768
The authenticity of host '[localhost]:32768 ([::1]:32768)' can't be established.
RSA key fingerprint is SHA256:DaDOtzlz0lrX6We5yUVi3fcDG7wHnxsyRhsCabY0/7g.
RSA key fingerprint is MD5:69:fd:a8:c0:1d:9a:50:df:76:a8:a5:bc:26:72:bf:e2.
Are you sure you want to continue connecting (yes/no)? 'yes'
Warning: Permanently added '[localhost]:32768' (RSA) to the list of known hosts.
root@localhost's password: '123456'#脚本设置的密码
[root@ccdf4b5604ee ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 60 bytes 7089 (6.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 37 bytes 5587 (5.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@ccdf4b5604ee ~]# exit
logout
Connection to localhost closed.
验证ip
[root@centen7-10-hehe ~ 16:11:40]$ docker inspect ccdf4b5604ee |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
构建nginx镜像
环境准备
[root@centen7-10-hehe ~ 16:18:27]$ mkdir /docker_work/nginx
[root@centen7-10-hehe ~ 16:18:37]$ cd /docker_work/nginx
[root@centen7-10-hehe nginx 16:18:39]$ yum install tree -y
nginx源码包放入/docker_work/nginx/目录中
上传源码包
源码包上传到此位置
[root@centen7-10-hehe nginx 16:22:35]$ pwd
/docker_work/nginx
[root@centen7-10-hehe nginx 16:22:38]$ rz -E
rz waiting to receive.
[root@centen7-10-hehe nginx 16:22:41]$ ll
-rw-r--r-- 1 root root 1280111 7月 16 17:19 nginx-1.28.0.tar.gz
编写 Dockerfile内容
[root@centen7-10-hehe nginx 16:39:17]$ vim Dockerfile
#基于基础镜像
FROM centos:7
#用户信息
MAINTAINER This is nginx <he>
# 添加环境包
# 配置阿里云镜像源 方便使用yum 安装软件
RUN mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# 使用yum安装指令 升级yum 环境源
RUN yum update -y
# 安装依赖包
RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make
# 创建用户nginx
RUN useradd -M -s /sbin/nologin nginx
# 添加源码包并完成解压缩 后面是解压位置
ADD nginx-1.28.0.tar.gz /usr/local/src
# 指定WORKDIR工作路径 压缩路径+文件名称
WORKDIR /usr/local/src/nginx-1.28.0
# 编译位置
RUN ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
# 指定环境路径
ENV PATH /usr/local/nginx/sbin:$PATH
# 指定暴露端口
EXPOSE 80
EXPOSE 443
# 在配置文件中关闭守护进程 因为容器的守护进程端口会冲突
RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf
# 添加脚本文件run.sh的方式启动
ADD run.sh /run.sh
RUN chmod 755 /run.sh
CMD ["/run.sh"]
编写启动脚本
[root@centen7-10-hehe nginx 16:39:15]$ cat run.sh
#!/bin/bash
/usr/local/nginx/sbin/nginx
查看nginx目录结构
[root@centen7-10-hehe nginx 16:36:22]$ tree ./
./
├── Dockerfile
├── nginx-1.28.0.tar.gz
└── run.sh
0 directories, 3 files
构建镜像
[root@centen7-10-hehe nginx 16:37:50]$ docker build -t nginx:file .
[+] Building 85.5s (17/17) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.24kB 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [ 1/12] FROM docker.io/library/centos:7 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 1.28MB 0.0s
=> CACHED [ 2/12] RUN mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backu 0.0s
=> CACHED [ 3/12] RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Ce 0.0s
=> CACHED [ 4/12] RUN yum update -y 0.0s
=> [ 5/12] RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make 71.5s
=> [ 6/12] RUN useradd -M -s /sbin/nologin nginx 0.9s
=> [ 7/12] ADD nginx-1.28.0.tar.gz /usr/local/src 0.2s
=> [ 8/12] WORKDIR /usr/local/src/nginx-1.28.0 0.0s
=> [ 9/12] RUN ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_ 10.9s
=> [10/12] RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf 0.9s
=> [11/12] ADD run.sh /run.sh 0.1s
=> [12/12] RUN chmod 755 /run.sh 0.5s
=> exporting to image 0.5s
=> => exporting layers 0.4s
=> => writing image sha256:09b6f9b72841ee63dfab9a8b954527759b2f80253ea895a73376c8e14db3a789 0.0s
=> => naming to docker.io/library/nginx:file 运行容器
查看镜像
[root@centen7-10-hehe nginx 16:42:18]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx file 09b6f9b72841 3 minutes ago 916MB
运行容器
[root@centen7-10-hehe nginx 16:42:22]$ docker run -d -P nginx:file
a7b8b722e3abff3f26546c4c173c50fd0c005eba9d9e316aa08b388620ce9a4a
查看容器状态
[root@centen7-10-hehe nginx 16:43:11]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a7b8b722e3ab nginx:file "/run.sh" 15 seconds ago Up 14 seconds 0.0.0.0:32770->80/tcp, :::32770->80/tcp, 0.0.0.0:32769->443/tcp, :::32769->443/tcp strange_easley
访问32770端口 跳转容器访问 http://10.1.8.10:32770/
构建Tomcat镜像
环境准备
[root@centen7-10-hehe nginx 17:08:00]$ mkdir /docker_work/tomcat
[root@centen7-10-hehe nginx 17:08:17]$ cd /docker_work/tomcat
把jdk-8u91-linux-x64.tar.gz 、apache-tomcat-8.5.16.tar.gz放入/docker_work/tomcat目录中
编写dockerfile文件
[root@centen7-10-hehe tomcat 17:13:46]$ rz -E
rz waiting to receive.
[root@centen7-10-hehe tomcat 17:13:48]$ rz -E
rz waiting to receive.
[root@centen7-10-hehe tomcat 17:16:43]$ ls
apache-tomcat-8.5.16.tar.gz Dockerfile jdk-8u91-linux-x64.tar.gz
[root@centen7-10-hehe tomcat 17:17:25]$ vim Dockerfile
FROM centos:7
MAINTAINER This is tomcat <hehe>
# 添加源码包并完成解压缩 后面是解压位置
ADD jdk-8u91-linux-x64.tar.gz /usr/local
# # 指定WORKDIR工作路径 压缩路径+文件名称
WORKDIR /usr/local/
RUN mv jdk1.8.0_91 /usr/local/java
# 部署java环境变量
ENV JAVA_HOME /usr/local/java
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-8.5.16.tar.gz /usr/local
WORKDIR /usr/local/
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8
EXPOSE 8080
#CMD ["/usr/local/tomcat8/bin/catalina.sh","run"]
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
构建镜像
[root@centen7-10-hehe tomcat 17:28:00]$ docker build -t tomcat:file .
[+] Building 8.7s (12/12) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 800B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> CACHED [1/7] FROM docker.io/library/centos:7 0.0s
=> [internal] load build context 0.6s
=> => transferring context: 190.83MB 0.6s
=> [2/7] ADD jdk-8u91-linux-x64.tar.gz /usr/local 1.9s
=> [3/7] WORKDIR /usr/local/ 0.0s
=> [4/7] RUN mv jdk1.8.0_91 /usr/local/java 3.2s
=> [5/7] ADD apache-tomcat-8.5.16.tar.gz /usr/local 1.1s
=> [6/7] WORKDIR /usr/local/ 0.1s
=> [7/7] RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8 0.8s
=> exporting to image 0.8s
=> => exporting layers 0.8s
=> => writing image sha256:43bc4d1e4e466ca936a390db74e2d8acb793a945392ae422d60e5ffa1993c7eb 0.0s
=> => naming to docker.io/library/tomcat:file 查看镜像
[root@centen7-10-hehe tomcat 17:29:33]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat file 43bc4d1e4e46 About a minute ago 960MB
运行容器
[root@centen7-10-hehe tomcat 17:30:06]$ docker run -d --name web1 -p 1111:8080 tomcat:file
4b0fa8e7c5601000b4ded43c7745ca26b455930ca4f8cbc493dfcb0416ae8e45
查看容器
[root@centen7-10-hehe tomcat 17:31:00]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4b0fa8e7c560 tomcat:file "/usr/local/tomcat8/…" 10 seconds ago Up 9 seconds 0.0.0.0:1111->8080/tcp, :::1111->8080/tcp web1
