Docker高级
2023年12月8日大约 38 分钟约 7576 字
容器数据卷
介绍
Docker将运用与运行的环境打包形成容器运行, Docker容器产生的数据,如果不通过docker commit生成新的镜像,使得数据做为镜像的一部分保存下来, 那么当容器删除后,数据自然也就没有了。 为了能保存数据在Docker中我们使用卷。 卷就是目录或文件,存在于一个或多个容器中,由Docker挂载到容器,但卷不属于联合文件系统(Union FileSystem),因此能够绕过联合文件系统提供一些用于持续存储或共享数据的特性。 数据卷的特点:
- 数据卷可在容器之间共享或重用数据
- 卷中的更改可以直接生效
- 数据卷中的更改不会包含在镜像的更新中
- 数据卷的生命周期一直持续到没有容器使用它为止
简单使用
# 直接使用命令来挂载 -v
docker run -it -v 主机内目录:容器内目录 镜像名/id
[root@Docker ~]# cd /home
[root@Docker home]# ls
lzw test.java
[root@Docker home]# docker run -it -v /home/ceshi:/home centos /bin/bash
[root@Docker ceshi]# docker inspect d1447b4d5d49
。。。
"Mounts": [
{
"Type": "bind",
"Source": "/home/ceshi",# 主机内地址
"Destination": "/home", # docekr容器内地址
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
。。。
# 容器内
[root@d1447b4d5d49 /]# cd /home
[root@d1447b4d5d49 home]# ls
[root@d1447b4d5d49 home]# touch test.java
# 容器外
[root@Docker ceshi]# ls
test.java
# 容器内 停止容器
[root@d1447b4d5d49 home]# exit
exit
# 容器外 宿主机新增/修改文件
[root@Docker ceshi]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@Docker ceshi]# vim test2.java
Hello linux update
# 容器内 启动容器,容器内数据依旧是同步的
[root@Docker home]# docker start d1447b4d5d49
d1447b4d5d49
[root@Docker home]# docker attach d1447b4d5d49
[root@d1447b4d5d49 /]# cd /home
[root@d1447b4d5d49 home]# ls
test.java test2.java
[root@d1447b4d5d49 home]# cat test2.java
Hello linux update好处:修改只需要在本地修改即可,容器内会自动同步!
MySQL容器建立数据卷同步数据
在Linux下的MySQL默认的数据文档存储目录为/var/lib/mysql,默认的配置文件的位置/etc/mysql/conf.d,为了确保MySQL镜像或容器删除后,不会造成的数据丢失,下面建立数据卷保存MySQL的数据和文件。
# 运行容器,需要做数据挂载 # 安装启动mysql,需要配置密码
-d 后台运行
-p 端口映射
-v 数据卷挂载
-e 环境配置
--name 容器名字
[root@Docker home]# docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql01 mysql:5.7
81514929bce44cda5c966cffbde06a6ccbe8ddbb9d11e088f63bfa730442ed71
# 启动成功后,在本地测试连接
[root@Docker ~]# cd /home
[root@Docker home]# ls
ceshi lzw mysql test.java
[root@Docker home]# cd mysql/
[root@Docker mysql]# ls
conf data
[root@Docker mysql]# cd data/
[root@Docker data]# ls
auto.cnf client-key.pem ib_logfile1 private_key.pem sys
ca-key.pem ib_buffer_pool ibtmp1 public_key.pem
ca.pem ibdata1 mysql server-cert.pem
client-cert.pem ib_logfile0 performance_schema server-key.pem使用navicat创建个 test 数据库
[root@Docker data]# ls
auto.cnf client-key.pem ib_logfile1 private_key.pem sys
ca-key.pem ib_buffer_pool ibtmp1 public_key.pem test
ca.pem ibdata1 mysql server-cert.pem
client-cert.pem ib_logfile0 performance_schema server-key.pem常用命令
# 创建数据卷
[root@Docker ~]# docker volume create xxx
# 查看所有的数据卷
[root@Docker ~]# docker volume ls
# 查看指定数据卷的信息
[root@Docker ~]# docker volume inspect xxx具名和匿名挂载
匿名挂载 匿名挂载就是在指定数据卷的时候,不指定容器路径对应的主机路径,这样对应映射的主机路径就是默认的路径/var/lib/docker/volumes/中自动生成一个随机命名的文件夹。
# 匿名挂载
docker run -d -P --name 名字 -v 容器内路径 镜像名/id具名挂载(常用) 具名挂载,就是指定文件夹名称,区别于指定路径挂载,这里的指定文件夹名称是在Docker指定的默认数据卷路径下的。通过docker volume ls命令可以查看当前数据卷的目录情况。 [root@Docker ~]# docker run -d -P --name 名字 -v 卷名:容器内路径 镜像名/id 匿名挂载,具名挂载,指定路径挂载的命令区别如下
-v 容器内路径 #匿名挂载
-v 卷名:容器内路径 #具名挂载
-v /宿主机路径:容器内路径 #指定路径挂载拓展 ro —— readonly 只读。说明这个路径只能通过宿主机来操作,容器内部是无法操作! rw ----- readwrite 可读可写。
初识DockerFile
Dockerfile是用来构建docker镜像的构建文件。命令脚本
[root@Docker home]# mkdir docker-test-volume
[root@Docker home]# cd docker-test-volume/
[root@Docker docker-test-volume]# pwd
/home/docker-test-volume
# ------
# 创建一个dockerfile文件
# 写一个脚本,通过这个脚本可以生成一个镜像,镜像是一层一层的,脚本是一个个的命令,每个命令都是一层。(指令大写)
[root@Docker docker-test-volume]# vim dockerfile1
FROM centos
VOLUME ["/volume01","/volume02"]
CMD echo "----end----"
CMD /bin/bash
# ------
[root@Docker docker-test-volume]# cat dockerfile1
FROM centos
VOLUME ["/volume01","/volume02"]
CMD echo "----end----"
CMD /bin/bash
[root@Docker docker-test-volume]# docker build -f dockerfile1 -t lzw/centos:1.0 .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM centos
---> 5d0da3dc9764
Step 2/4 : VOLUME ["/volume01","/volume02"]
---> Running in c3c326145e4a
Removing intermediate container c3c326145e4a
---> aee64cb803da
Step 3/4 : CMD echo "----end----"
---> Running in 623ee6b549b0
Removing intermediate container 623ee6b549b0
---> f1070d1df5fd
Step 4/4 : CMD /bin/bash
---> Running in cc879a8e6758
Removing intermediate container cc879a8e6758
---> 8878616edc11
Successfully built 8878616edc11
Successfully tagged lzw/centos:1.0# 启动自己写的容器
[root@Docker docker-test-volume]# docker run -it 8878616edc11 /bin/bash
# 容器内创建个文件
[root@4e4b7c36901d /]# cd volume01
[root@4e4b7c36901d volume01]# touch container.txt
[root@4e4b7c36901d volume01]# ls
container.txt
[root@Docker data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e4b7c36901d 8878616edc11 "/bin/bash" 4 minutes ago Up 4 minutes romantic_panini
# 查看卷挂载的路径,确实是匿名挂载
[root@Docker data]# docker inspect 4e4b7c36901d
。。。
"Mounts": [
{
"Type": "volume",
"Name": "f257f6e6a1ecb3cefea2d37958b6ff7c9c8db6b44fdd2c5c6af0c0174efc2454",
"Source": "/var/lib/docker/volumes/f257f6e6a1ecb3cefea2d37958b6ff7c9c8db6b44fdd2c5c6af0c0174efc2454/_data",
"Destination": "/volume02",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "c92a88b147e06b7ed3c3118d54fdc10017fb45c54dc38ca35e74e6553d9ac4d0",
"Source": "/var/lib/docker/volumes/c92a88b147e06b7ed3c3118d54fdc10017fb45c54dc38ca35e74e6553d9ac4d0/_data",
"Destination": "/volume01",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
。。。# 测试刚才的文件是否同步出去了
[root@Docker data]# cd /var/lib/docker/volumes/c92a88b147e06b7ed3c3118d54fdc10017fb45c54dc38ca35e74e6553d9ac4d0/_data
[root@Docker _data]# ls
container.txt数据卷容器
容器数据卷是指建立数据卷,来同步多个容器间的数据,实现容器间的数据同步。 
[root@Docker /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
lzw/centos 1.0 8878616edc11 17 minutes ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos latest 5d0da3dc9764 11 months ago 231MB
# 启动docker02
[root@Docker /]# docker run -it --name docker01 lzw/centos:1.0
[root@f10f851b5d5a /]# ls
bin etc lib lost+found mnt proc run srv tmp var volume02
dev home lib64 media opt root sbin sys usr volume01
[root@f10f851b5d5a /]# ls -l
total 0
lrwxrwxrwx. 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x. 5 root root 360 Aug 23 03:18 dev
drwxr-xr-x. 1 root root 66 Aug 23 03:18 etc
drwxr-xr-x. 2 root root 6 Nov 3 2020 home
lrwxrwxrwx. 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------. 2 root root 6 Sep 15 2021 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 2020 media
drwxr-xr-x. 2 root root 6 Nov 3 2020 mnt
drwxr-xr-x. 2 root root 6 Nov 3 2020 opt
dr-xr-xr-x. 241 root root 0 Aug 23 03:18 proc
dr-xr-x---. 2 root root 162 Sep 15 2021 root
drwxr-xr-x. 11 root root 163 Sep 15 2021 run
lrwxrwxrwx. 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 3 2020 srv
dr-xr-xr-x. 13 root root 0 Aug 21 09:44 sys
drwxrwxrwt. 7 root root 171 Sep 15 2021 tmp
drwxr-xr-x. 12 root root 144 Sep 15 2021 usr
drwxr-xr-x. 20 root root 262 Sep 15 2021 var
drwxr-xr-x. 2 root root 6 Aug 23 03:18 volume01
drwxr-xr-x. 2 root root 6 Aug 23 03:18 volume02
ctrl+p+q
[root@f10f851b5d5a /]# [root@Docker /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED PORTS NAMES
f10f851b5d5a lzw/centos:1.0 "/bin/sh -c /bin/bash" 2 minutes ago es docker01
# 启动docker02
[root@Docker /]# docker run -it --name docker02 --volumes-from docker01 lzw/centos:1.0
[root@dc4df8c2ca5f /]# ls -l
total 0
lrwxrwxrwx. 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x. 5 root root 360 Aug 23 03:21 dev
drwxr-xr-x. 1 root root 66 Aug 23 03:21 etc
drwxr-xr-x. 2 root root 6 Nov 3 2020 home
lrwxrwxrwx. 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------. 2 root root 6 Sep 15 2021 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 2020 media
drwxr-xr-x. 2 root root 6 Nov 3 2020 mnt
drwxr-xr-x. 2 root root 6 Nov 3 2020 opt
dr-xr-xr-x. 237 root root 0 Aug 23 03:21 proc
dr-xr-x---. 2 root root 162 Sep 15 2021 root
drwxr-xr-x. 11 root root 163 Sep 15 2021 run
lrwxrwxrwx. 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 3 2020 srv
dr-xr-xr-x. 13 root root 0 Aug 21 09:44 sys
drwxrwxrwt. 7 root root 171 Sep 15 2021 tmp
drwxr-xr-x. 12 root root 144 Sep 15 2021 usr
drwxr-xr-x. 20 root root 262 Sep 15 2021 var
drwxr-xr-x. 2 root root 6 Aug 23 03:18 volume01
drwxr-xr-x. 2 root root 6 Aug 23 03:18 volume02
# 进入docker01
[root@Docker ~]# docker attach f10f851b5d5a
[root@f10f851b5d5a /]# cd volume01
[root@f10f851b5d5a volume01]# ls
[root@f10f851b5d5a volume01]# touch docker01
# 进入docker02,docker01创建的数据同步到了docker02
[root@dc4df8c2ca5f /]# cd volume01
[root@dc4df8c2ca5f volume01]# ls
docker01
ctrl+p+q
# 启动docker03
[root@dc4df8c2ca5f volume01]# [root@Docker /]# docker run -it --name docker03 --volumes-from docker01 lzw/centos:1.0
[root@5e791361fc4f /]# cd volume01
[root@5e791361fc4f volume01]# ls
docker01
[root@5e791361fc4f volume01]# touch docker03
# 在docker01查看
[root@f10f851b5d5a volume01]# ls
docker01 docker03
# 测试,可以删除docker01容器,查看一下docker02和docker03
# 还可以访问docekr01文件
# 备份机制容器之间配置信息的传递,数据卷容器的声明周期一直持续到没有容器使用为止。
DockerFile
介绍
Dockerfile是用来构建Docker镜像的文本文件,也可以说是命令参数脚本。docker build命令用于从Dockerfile构建镜像。可以在docker build命令中使用-f标志指向文件系统中任何位置的Dockerfile。 Docker镜像发布的步骤: 1、编写一个dockerfile文件 2、docker build 构建成为一个镜像 3、docker run 镜像 4、docker push 镜像(发布镜像到DockerHub、阿里云镜像仓库) 
DockerFile指令
| 指令 | 说明 |
|---|---|
| FROM | 指定基础镜像 |
| MAINTAINER | 镜像是谁写的,姓名+邮箱 |
| RUN | 镜像构建的时候需要运行的命令 |
| ADD | 将本地文件添加到容器中,tar类型文件会自动解压(网络压缩资源不会被解压),可以访问网络资源,类似wget |
| WORKDIR | 镜像的工作目录 |
| VOLUME | 挂载的目录 |
| EXPOSE | 保留端口配置 |
| CMD | 指定这个容器启动的时候要运行的命令(只有最后一个会生效) |
| EMTRYPOINT | 指定这个容器启动的时候要运行的命令,可以追加命令 |
| ONBUILD | 当构建一个被继承DockerFile,这个时候就会运行ONBUILD的指令,触发指令 |
| COPY | 功能类似ADD,但是是不会自动解压文件,也不能访问网络资源 |
| ENV | 构建的时候设置环境变量 |
DockerFile构建过程
Dockerfile 一般分为四部分:基础镜像信息、维护者信息、镜像操作指令和容器启动时执行指令,’#’ 为 Dockerfile 中的注释。 关于DockerFile文件的脚本注意点有: 1、每个保留关键字(指令)都必须是大写字母 2、文件中的指令从上到下顺序执行,第一个指令必须是FROM 3、# 号表示注释 4、每一个指令都会创建提交一个新的镜像层,并提交! 关于Dockerfile指令的详细语法解释:Dockerfile文件详解 Dockerfile指令介绍的官方文档:https://docs.docker.com/engine/reference/builder/
构建自己的centos
[root@Docker home]# mkdir dockerfile
[root@Docker home]# ls
ceshi dockerfile docker-test-volume lzw mysql test.java
[root@Docker home]# cd dockerfile/
[root@Docker dockerfile]# ls
# 1.编写Dockerfile文件
[root@Docker dockerfile]# vim mydockerfile-centos
文件开始
FROM centos:7
MAINTAINER LiAng <2545721422@qq.com>
ENV MYPATH /usr/local
WORKDIR $MYPATH
RUN yum -y install vim
RUN yum -y install net-tools
EXPOSE 80
CMD echo $MYPATH
CMD echo "-----end-----"
CMD /bin/bash
文件结束
# 2.通过这个文件构建镜像
# 命令 docker build -f dockerfile文件路径 -t 镜像名[:版本号] .(这里有个小点.)
[root@Docker dockerfile]# docker build -f mydockerfile-centos -t mycentos:0.1 .
。。。
。。。
Successfully built f438f070a046
Successfully tagged mycentos:0.1
# 3.测试运行
# (1) 工作目录修改为 /usr/local
# (2) 可以使用 ifconfig 和 pwd 命令
[root@Docker dockerfile]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mycentos 0.1 f438f070a046 4 minutes ago 623MB
lzw/centos 1.0 8878616edc11 4 hours ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos 7 eeb6ee3f44bd 11 months ago 204MB
centos latest 5d0da3dc9764 11 months ago 231MB
[root@Docker dockerfile]# docker run -it mycentos:0.1
[root@90041c3ce177 local]# pwd
/usr/local
[root@90041c3ce177 local]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.4 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:04 txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@90041c3ce177 local]# vim test# 列出本地进行的变更历史
[root@Docker dockerfile]# docker history f438f070a046
IMAGE CREATED CREATED BY SIZE COMMENT
f438f070a046 8 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "/bin… 0B
63bc0ce23b51 8 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
ae2f7705d524 8 minutes ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "echo… 0B
cf319886180c 8 minutes ago /bin/sh -c #(nop) EXPOSE 80 0B
b69d4ca1380d 8 minutes ago /bin/sh -c yum -y install net-tools 182MB
9ed35242ab7a 8 minutes ago /bin/sh -c yum -y install vim 237MB
113d028d1ba7 8 minutes ago /bin/sh -c #(nop) WORKDIR /usr/local 0B
7c0a7a1f5246 8 minutes ago /bin/sh -c #(nop) ENV MYPATH=/usr/local 0B
2a121798ffce 8 minutes ago /bin/sh -c #(nop) MAINTAINER LiAng <2545721… 0B
eeb6ee3f44bd 11 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 11 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 11 months ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4… 204MBRUN,CMD和ENTRYPOINT的区别
RUN命令与CMD命令的区别在哪里? 简单说,RUN命令在 image 文件的构建阶段执行,执行结果都会打包进入 image 文件;CMD命令则是在容器启动后执行。另外,一个 Dockerfile 可以包含多个RUN命令,但是只能有一个CMD命令。 注意,指定了CMD命令以后,docker container run命令就不能附加命令了(比如前面的/bin/bash),否则它会覆盖CMD命令。 原文链接:https://blog.csdn.net/huangjhai/article/details/120278039
CMD #指定容器启动的时候要运行的命令,只有最后一个会生效,可被替代
ENTRYPOINT #指定容器启动的时候要运行的命令,命令可以追加测试CMD命令
# 编写dockerfile文件
[root@Docker dockerfile]# vim dockerfile-cmd-test
文件开始
FROM centos
CMD ["ls","-a"]
文件结束
# 构建镜像
[root@Docker dockerfile]# docker build -f dockerfile-cmd-test -t cmdtest .
Sending build context to Docker daemon 3.072kB
Step 1/2 : FROM centos
---> 5d0da3dc9764
Step 2/2 : CMD ["ls","-a"]
---> Running in c7b0acaa1ee2
Removing intermediate container c7b0acaa1ee2
---> aeed102d492f
Successfully built aeed102d492f
Successfully tagged cmdtest:latest
# run运行,发现 ls -a 生效了
[root@Docker dockerfile]# docker run aeed102d492f
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
# 想追加一个命令 -l ls -al
[root@Docker dockerfile]# docker run aeed102d492f -l
docker: Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "-l": executable file not found in $PATH: unknown.
ERRO[0000] error waiting for container: context canceled
#由于使用的是 CMD指令,命令无追加,-l取代了原本的ls -a,而-l命令不存在所以报错测试 ENTRYPOINT
[root@Docker dockerfile]# vim dockerfile-cmd-entrypoint
文件开始
FROM centos
ENTRYPOINT ["ls","-a"]
文件结束
[root@Docker dockerfile]#
[root@Docker dockerfile]# docker build -f dockerfile-cmd-entrypoint -t entrypoint-test .
Sending build context to Docker daemon 4.096kB
Step 1/2 : FROM centos
---> 5d0da3dc9764
Step 2/2 : ENTRYPOINT ["ls","-a"]
---> Running in e18a28971236
Removing intermediate container e18a28971236
---> 0fe895df8b53
Successfully built 0fe895df8b53
Successfully tagged entrypoint-test:latest
[root@Docker dockerfile]# docker run 0fe895df8b53
.
..
.dockerenv
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
# 追加命令,是直接拼接 ENTRYPOINT 命令的后面
[root@Docker dockerfile]# docker run 0fe895df8b53 -l
total 0
drwxr-xr-x. 1 root root 6 Aug 23 07:26 .
drwxr-xr-x. 1 root root 6 Aug 23 07:26 ..
-rwxr-xr-x. 1 root root 0 Aug 23 07:26 .dockerenv
lrwxrwxrwx. 1 root root 7 Nov 3 2020 bin -> usr/bin
drwxr-xr-x. 5 root root 340 Aug 23 07:26 dev
drwxr-xr-x. 1 root root 66 Aug 23 07:26 etc
drwxr-xr-x. 2 root root 6 Nov 3 2020 home
lrwxrwxrwx. 1 root root 7 Nov 3 2020 lib -> usr/lib
lrwxrwxrwx. 1 root root 9 Nov 3 2020 lib64 -> usr/lib64
drwx------. 2 root root 6 Sep 15 2021 lost+found
drwxr-xr-x. 2 root root 6 Nov 3 2020 media
drwxr-xr-x. 2 root root 6 Nov 3 2020 mnt
drwxr-xr-x. 2 root root 6 Nov 3 2020 opt
dr-xr-xr-x. 242 root root 0 Aug 23 07:26 proc
dr-xr-x---. 2 root root 162 Sep 15 2021 root
drwxr-xr-x. 11 root root 163 Sep 15 2021 run
lrwxrwxrwx. 1 root root 8 Nov 3 2020 sbin -> usr/sbin
drwxr-xr-x. 2 root root 6 Nov 3 2020 srv
dr-xr-xr-x. 13 root root 0 Aug 21 09:44 sys
drwxrwxrwt. 7 root root 171 Sep 15 2021 tmp
drwxr-xr-x. 12 root root 144 Sep 15 2021 usr
drwxr-xr-x. 20 root root 262 Sep 15 2021 var制作tomcat镜像
- 准备镜像文件tomcat、jdk压缩包
[root@Docker lzw]# ls
apache-tomcat-8.5.59.tar.gz 公共 视频 文档 音乐
jdk-8u212-linux-x64.tar.gz 模板 图片 下载 桌面
[root@Docker lzw]# touch readme.txt- 编写dockerfile文件,文件名使用官方命名:Dockerfile ,build的时候会默认寻找当前目录下的文件,不需要使用-f参数指定
[root@Docker lzw]# vim Dockerfile
文件开始
FROM centos:7
MAINTAINET LiAng<2545721422@qq.com>
COPY readme.txt /usr/local/readme.txt
ADD jdk-8u212-linux-x64.tar.gz /usr/local/
ADD apache-tomcat-8.5.59.tar.gz /usr/local/
RUN yum -y install vim
ENV MYPATH /usr/local
WORKDIR $MYPATH
ENV JAVA_HOME /usr/local/jdk1.8.0_212
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /usr/local/apache-tomcat-8.5.59
ENV CATALINA_BASH /usr/local/apache-tomcat-8.5.59
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:CATALINA_HOME/bin
EXPOSE 8080
CMD /usr/local/apache-tomcat-8.5.59/bin/startup.sh && tail -F /usr/local/apache-tomcat-8.5.59/bin/logs/catalina.out
文件结束- 使用该Dockerfile构建镜像
[root@Docker lzw]# docker build -t diytomcat .
。。。
Successfully built 0a4664c025c9
Successfully tagged diytomcat:latest- 启动生成的镜像,构建Tomcat容器
[root@Docker lzw]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
diytomcat latest 0a4664c025c9 About a minute ago 862MB
entrypoint-test latest 0fe895df8b53 19 minutes ago 231MB
cmdtest latest aeed102d492f 26 minutes ago 231MB
mycentos 0.1 f438f070a046 42 minutes ago 623MB
lzw/centos 1.0 8878616edc11 5 hours ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos 7 eeb6ee3f44bd 11 months ago 204MB
centos latest 5d0da3dc9764 11 months ago 231MB
[root@Docker lzw]# docker run -d -p 9090:8080 --name lzwtomcat -v /home/lzw/tomcat/test:/usr/local/apache-tomcat-8.5.59/webapps/test -v /home/lzw/tomcat/tomcatlogs/:/usr/local/apache-tomcat-8.5.59/logs diytomcat
6fb61b189d99938e92fb4ae9f21c64d8d01520d7e50c752eb868b0473d24ab56
[root@Docker tomcat]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6fb61b189d99 diytomcat "/bin/sh -c '/usr/lo…" About a minute ago Up About a minute 0.0.0.0:9090->8080/tcp, :::9090->8080/tcp lzwtomcat
[root@Docker tomcat]# docker exec -it 6fb61b189d99 /bin/bash
[root@6fb61b189d99 local]# ls
apache-tomcat-8.5.59 etc include lib libexec sbin src
bin games jdk1.8.0_212 lib64 readme.txt share
[root@6fb61b189d99 local]# pwd
/usr/local本地测试
[root@Docker tomcat]# curl localhost:9090
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Apache Tomcat/8.5.59</title>
<link href="favicon.ico" rel="icon" type="image/x-icon" />
<link href="favicon.ico" rel="shortcut icon" type="image/x-icon" />
<link href="tomcat.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
<div id="navigation" class="curved container">
<span id="nav-home"><a href="https://tomcat.apache.org/">Home</a></span>
<span id="nav-hosts"><a href="/docs/">Documentation</a></span>
<span id="nav-config"><a href="/docs/config/">Configuration</a></span>
<span id="nav-examples"><a href="/examples/">Examples</a></span>
<span id="nav-wiki"><a href="https://wiki.apache.org/tomcat/FrontPage">Wiki</a></span>
<span id="nav-lists"><a href="https://tomcat.apache.org/lists.html">Mailing Lists</a></span>
<span id="nav-help"><a href="https://tomcat.apache.org/findhelp.html">Find Help</a></span>
<br class="separator" />
</div>
<div id="asf-box">
<h1>Apache Tomcat/8.5.59</h1>
</div>
<div id="upper" class="curved container">
<div id="congrats" class="curved container">
<h2>If you're seeing this, you've successfully installed Tomcat. Congratulations!</h2>
</div>
<div id="notice">
<img src="tomcat.png" alt="[tomcat logo]" />
<div id="tasks">
<h3>Recommended Reading:</h3>
<h4><a href="/docs/security-howto.html">Security Considerations How-To</a></h4>
<h4><a href="/docs/manager-howto.html">Manager Application How-To</a></h4>
<h4><a href="/docs/cluster-howto.html">Clustering/Session Replication How-To</a></h4>
</div>
</div>
<div id="actions">
<div class="button">
<a class="container shadow" href="/manager/status"><span>Server Status</span></a>
</div>
<div class="button">
<a class="container shadow" href="/manager/html"><span>Manager App</span></a>
</div>
<div class="button">
<a class="container shadow" href="/host-manager/html"><span>Host Manager</span></a>
</div>
</div>
<br class="separator" />
</div>
<div id="middle" class="curved container">
<h3>Developer Quick Start</h3>
<div class="col25">
<div class="container">
<p><a href="/docs/setup.html">Tomcat Setup</a></p>
<p><a href="/docs/appdev/">First Web Application</a></p>
</div>
</div>
<div class="col25">
<div class="container">
<p><a href="/docs/realm-howto.html">Realms & AAA</a></p>
<p><a href="/docs/jndi-datasource-examples-howto.html">JDBC DataSources</a></p>
</div>
</div>
<div class="col25">
<div class="container">
<p><a href="/examples/">Examples</a></p>
</div>
</div>
<div class="col25">
<div class="container">
<p><a href="https://wiki.apache.org/tomcat/Specifications">Servlet Specifications</a></p>
<p><a href="https://wiki.apache.org/tomcat/TomcatVersions">Tomcat Versions</a></p>
</div>
</div>
<br class="separator" />
</div>
<div id="lower">
<div id="low-manage" class="">
<div class="curved container">
<h3>Managing Tomcat</h3>
<p>For security, access to the <a href="/manager/html">manager webapp</a> is restricted.
Users are defined in:</p>
<pre>$CATALINA_HOME/conf/tomcat-users.xml</pre>
<p>In Tomcat 8.5 access to the manager application is split between
different users. <a href="/docs/manager-howto.html">Read more...</a></p>
<h4><a href="/docs/RELEASE-NOTES.txt">Release Notes</a></h4>
<h4><a href="/docs/changelog.html">Changelog</a></h4>
<h4><a href="https://tomcat.apache.org/migration.html">Migration Guide</a></h4>
<h4><a href="https://tomcat.apache.org/security.html">Security Notices</a></h4>
</div>
</div>
<div id="low-docs" class="">
<div class="curved container">
<h3>Documentation</h3>
<h4><a href="/docs/">Tomcat 8.5 Documentation</a></h4>
<h4><a href="/docs/config/">Tomcat 8.5 Configuration</a></h4>
<h4><a href="https://wiki.apache.org/tomcat/FrontPage">Tomcat Wiki</a></h4>
<p>Find additional important configuration information in:</p>
<pre>$CATALINA_HOME/RUNNING.txt</pre>
<p>Developers may be interested in:</p>
<ul>
<li><a href="https://tomcat.apache.org/bugreport.html">Tomcat 8.5 Bug Database</a></li>
<li><a href="/docs/api/index.html">Tomcat 8.5 JavaDocs</a></li>
<li><a href="https://github.com/apache/tomcat/tree/8.5.x">Tomcat 8.5 Git Repository at GitHub</a></li>
</ul>
</div>
</div>
<div id="low-help" class="">
<div class="curved container">
<h3>Getting Help</h3>
<h4><a href="https://tomcat.apache.org/faq/">FAQ</a> and <a href="https://tomcat.apache.org/lists.html">Mailing Lists</a></h4>
<p>The following mailing lists are available:</p>
<ul>
<li id="list-announce"><strong><a href="https://tomcat.apache.org/lists.html#tomcat-announce">tomcat-announce</a>
Important announcements, releases, security vulnerability notifications. (Low volume).</strong>
</li>
<li><a href="https://tomcat.apache.org/lists.html#tomcat-users">tomcat-users</a>
User support and discussion
</li>
<li><a href="https://tomcat.apache.org/lists.html#taglibs-user">taglibs-user</a>
User support and discussion for <a href="https://tomcat.apache.org/taglibs/">Apache Taglibs</a>
</li>
<li><a href="https://tomcat.apache.org/lists.html#tomcat-dev">tomcat-dev</a>
Development mailing list, including commit messages
</li>
</ul>
</div>
</div>
<br class="separator" />
</div>
<div id="footer" class="curved container">
<div class="col20">
<div class="container">
<h4>Other Downloads</h4>
<ul>
<li><a href="https://tomcat.apache.org/download-connectors.cgi">Tomcat Connectors</a></li>
<li><a href="https://tomcat.apache.org/download-native.cgi">Tomcat Native</a></li>
<li><a href="https://tomcat.apache.org/taglibs/">Taglibs</a></li>
<li><a href="/docs/deployer-howto.html">Deployer</a></li>
</ul>
</div>
</div>
<div class="col20">
<div class="container">
<h4>Other Documentation</h4>
<ul>
<li><a href="https://tomcat.apache.org/connectors-doc/">Tomcat Connectors</a></li>
<li><a href="https://tomcat.apache.org/connectors-doc/">mod_jk Documentation</a></li>
<li><a href="https://tomcat.apache.org/native-doc/">Tomcat Native</a></li>
<li><a href="/docs/deployer-howto.html">Deployer</a></li>
</ul>
</div>
</div>
<div class="col20">
<div class="container">
<h4>Get Involved</h4>
<ul>
<li><a href="https://tomcat.apache.org/getinvolved.html">Overview</a></li>
<li><a href="https://tomcat.apache.org/source.html">Source Repositories</a></li>
<li><a href="https://tomcat.apache.org/lists.html">Mailing Lists</a></li>
<li><a href="https://wiki.apache.org/tomcat/FrontPage">Wiki</a></li>
</ul>
</div>
</div>
<div class="col20">
<div class="container">
<h4>Miscellaneous</h4>
<ul>
<li><a href="https://tomcat.apache.org/contact.html">Contact</a></li>
<li><a href="https://tomcat.apache.org/legal.html">Legal</a></li>
<li><a href="https://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
<li><a href="https://www.apache.org/foundation/thanks.html">Thanks</a></li>
</ul>
</div>
</div>
<div class="col20">
<div class="container">
<h4>Apache Software Foundation</h4>
<ul>
<li><a href="https://tomcat.apache.org/whoweare.html">Who We Are</a></li>
<li><a href="https://tomcat.apache.org/heritage.html">Heritage</a></li>
<li><a href="https://www.apache.org">Apache Home</a></li>
<li><a href="https://tomcat.apache.org/resources.html">Resources</a></li>
</ul>
</div>
</div>
<br class="separator" />
</div>
<p class="copyright">Copyright ©1999-2022 Apache Software Foundation. All Rights Reserved</p>
</div>
</body>
</html>
发布项目(由于做了卷挂载,直接在本地编写项目)
发布镜像到DockerHub
1.登录https://hub.docker.com/ DockerHub官网进行注册 2.进行登录,docker login -u 用户名
[root@Docker ~]# docker login -u liangwill
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded3.使用docker push命令推送镜像到DockerHub上的仓库
[root@Docker ~]# docker tag 0a4664c025c9 liangwill/diytomcat:1.0
[root@Docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liangwill/diytomcat 1.0 0a4664c025c9 20 hours ago 862MB
diytomcat latest 0a4664c025c9 20 hours ago 862MB
entrypoint-test latest 0fe895df8b53 20 hours ago 231MB
cmdtest latest aeed102d492f 20 hours ago 231MB
mycentos 0.1 f438f070a046 20 hours ago 623MB
lzw/centos 1.0 8878616edc11 24 hours ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos 7 eeb6ee3f44bd 11 months ago 204MB
centos latest 5d0da3dc9764 11 months ago 231MB
[root@Docker ~]# docker push liangwill/diytomcat:1.0
The push refers to repository [docker.io/liangwill/diytomcat]
7194682377ea: Pushed
1bb8d59f6980: Pushed
e8600e69fa52: Pushed
4acf1c4d7e52: Pushed
174f56854903: Pushed
1.0: digest: sha256:9655375069593bc4cecb72d4943fd63fc344594fc8f0507b398d9c483e47fe46 size: 1373因为push的时候,镜像名前面需要加上用户名(liangwill是我的用户名。如果用户名不是当前登录用户则会拒绝push请求),所以需要使用命令docker tag 镜像名 新的镜像名复制出一份镜像重新打个Tag。
发布镜像到阿里云容器服务
1.登录阿里云,找到容器镜像服务 2.创建命名空间 
3.创建镜像仓库 
5.根据操作指南操作 
[root@Docker ~]# docker login --username=aliyun1503091426 registry.cn-hangzhou.aliyuncs.com
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
[root@Docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liangwill/diytomcat 1.0 0a4664c025c9 20 hours ago 862MB
diytomcat latest 0a4664c025c9 20 hours ago 862MB
entrypoint-test latest 0fe895df8b53 20 hours ago 231MB
cmdtest latest aeed102d492f 21 hours ago 231MB
mycentos 0.1 f438f070a046 21 hours ago 623MB
lzw/centos 1.0 8878616edc11 25 hours ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos 7 eeb6ee3f44bd 11 months ago 204MB
centos latest 5d0da3dc9764 11 months ago 231MB
[root@Docker ~]# docker tag 0a4664c025c9 registry.cn-hangzhou.aliyuncs.com/lzwny/liangtest-diycentos:1.1
[root@Docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liangwill/diytomcat 1.0 0a4664c025c9 20 hours ago 862MB
diytomcat latest 0a4664c025c9 20 hours ago 862MB
registry.cn-hangzhou.aliyuncs.com/lzwny/liangtest-diycentos 1.1 0a4664c025c9 20 hours ago 862MB
entrypoint-test latest 0fe895df8b53 20 hours ago 231MB
cmdtest latest aeed102d492f 21 hours ago 231MB
mycentos 0.1 f438f070a046 21 hours ago 623MB
lzw/centos 1.0 8878616edc11 25 hours ago 231MB
mysql 5.7 c20987f18b13 8 months ago 448MB
centos 7 eeb6ee3f44bd 11 months ago 204MB
centos latest 5d0da3dc9764 11 months ago 231MB
[root@Docker ~]# docker push registry.cn-hangzhou.aliyuncs.com/lzwny/liangtest-diycentos:1.1
The push refers to repository [registry.cn-hangzhou.aliyuncs.com/lzwny/liangtest-diycentos]
7194682377ea: Mounted from lzwny/linagtest-diycentos
1bb8d59f6980: Mounted from lzwny/linagtest-diycentos
e8600e69fa52: Mounted from lzwny/linagtest-diycentos
4acf1c4d7e52: Mounted from lzwny/linagtest-diycentos
174f56854903: Mounted from lzwny/linagtest-diycentos
1.1: digest: sha256:9655375069593bc4cecb72d4943fd63fc344594fc8f0507b398d9c483e47fe46 size: 1373
小结
Docker网络
清空所有环境,再学习 
# 运行容器
[root@Docker ~]# docker run -d -P --name tomcat01 tomcat:7.0
# 发现容器启动的时候会得到一个 eth0@if79 ip地址,docker分配的
[root@Docker ~]# docker exec -it tomcat01 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
261: eth0@if262: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
# linux可以ping通 docker 容器内部
[root@Docker ~]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.150 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.079 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.196 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.189 ms
^C
--- 172.17.0.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.079/0.153/0.196/0.048 ms原理
我们每启动一个docker容器,docker就会给容器分配一个默认的可用ip,我们只要安装了docker,就会有一个网卡docker0(bridge)。网卡采用桥接模式,并使用veth-pair技术(veth-pair就是一堆虚拟设备接口,成对出现,一段连着协议,一段彼此相连,充当一个桥梁。)。 这时我们退出容器,回到主机再次观察主机的ip地址,发现多了一对网卡
[root@Docker ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:02:41:77 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.111/24 brd 192.168.10.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::d35d:aeb9:93eb:be87/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:55:1d:47 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:55:1d:47 brd ff:ff:ff:ff:ff:ff
5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:0e:dc:53:1e brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:eff:fedc:531e/64 scope link
valid_lft forever preferred_lft forever
262: veth2f258a6@if261: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f2:86:cc:54:d3:18 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::f086:ccff:fe54:d318/64 scope link
valid_lft forever preferred_lft forever再次启动一个容器
[root@Docker ~]# docker run -d -P --name tomcat02 tomcat:7.0
638f9b384e8a685239a1f312bebed1e4f1e0eb1416bca49681e52bde76f7852b
[root@Docker ~]# docker exec -it tomcat02 ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
263: eth0@if264: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
# 又多了一对网卡
[root@Docker ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:02:41:77 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.111/24 brd 192.168.10.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::d35d:aeb9:93eb:be87/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:55:1d:47 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
link/ether 52:54:00:55:1d:47 brd ff:ff:ff:ff:ff:ff
5: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:0e:dc:53:1e brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:eff:fedc:531e/64 scope link
valid_lft forever preferred_lft forever
262: veth2f258a6@if261: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether f2:86:cc:54:d3:18 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::f086:ccff:fe54:d318/64 scope link
valid_lft forever preferred_lft forever
264: veth7abc6dc@if263: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 9a:3c:e0:a2:a4:d0 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::983c:e0ff:fea2:a4d0/64 scope link
valid_lft forever preferred_lft forever测试 tomcat01 和 tomcat02 是否可以ping通
[root@Docker ~]# docker exec -it tomcat02 ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.138 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.072 ms
64 bytes from 172.17.0.2: icmp_seq=3 ttl=64 time=0.082 ms
64 bytes from 172.17.0.2: icmp_seq=4 ttl=64 time=0.083 ms
^C
--- 172.17.0.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.072/0.093/0.138/0.028 ms容器和容器之间可以互相ping通的 
Tomcat01和Tomcat02都使用公用的路由器docker0。所有的容器不指定网络下,都是由docker0路由的,Docker会给我们容器默认分配一个随机的可用IP地址。
小结
Docker 使用的是 Linux 的桥接,宿主机中是一个Docker容器的网桥 docker0。 
Docker中的所有的网络接口都是虚拟的。只要容器删除,容器对应的网桥也会删除。
Docker打包Python项目
准备 python项目
python_demo
- Dockerfile
- README.md
- requirements.txt
- main.py
如果有虚拟环境,先进入到 venv/Script
activate # 使用虚拟环境
pip freeze > requirements.txt # 把当前虚拟环境中的库的版本信息保存到 requirements.txt文件然后把 requirements.txt 文件移动到项目根目录位置
可能遇到的问题
.\activate : 无法加载文件 D:\Work\Demo\fofa_service_provider\venv\Scripts\activate.ps1,因为在此系统上禁止运行脚本 https://blog.csdn.net/m0_37794269/article/details/125277058
编写Dockerfile
将Dcokerfile文件置于项目根目录下,文件内容如下 使用清华镜像源
FROM python:3.7
WORKDIR ./work
ADD . .
RUN pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple/
CMD ["python", "./main.py"]生成 Docker 镜像
在项目根目录下按住 Shift+鼠标右键 打开powershell
docker build -t test:v1 .
发布镜像
在 https://hub.docker.com/ 创建仓库,名字和上面镜像名一致(test) 然后
docker login -u username # 登录自己账号
docker tag test:v1 username/test:v1 # 新建一个tag,名字必须跟你注册账号一样
docker push username/test:v1 # 推上去Linux使用镜像
docker login -u liangwill # 先登录
docker pull liangwill/fofa_service_provider:v1 # 拉取
报错
Failed to establish a new connection: [Errno -3] Temporary failure in name resolution
vim /etc/resolv.conf
# Generated by NetworkManager
nameserver 180.76.76.76
nameserver 8.8.8.8vi /etc/docker/daemon.json # 修改docker的dns配置
####################
{
"registry-mirrors": ["https://mirror.baidubce.com","https://docker.mirrors.ustc.edu.cn","https://1z6kznch.mirror.aliyuncs.com"],
"dns": ["8.8.8.8","114.114.114.114"]
}# 重启docker
systemctl restart docker
# 容器内查看dns
cat /etc/resolv.conf