对于 CentOS6,可以使用 EPEL 库安装 Docker,命令如下 $ sudo yum install http://mirrors.yun-idc.com/epel/6/i386/epel-release-6-8.noarch.rpm $ sudo yum install docker-io CentOS7 CentOS7 系统 CentOS-Extras 库中已带 Docker,可以直接安装: $ sudo yum install docker 安装之后启动 Docker 服务,并让它随系统启动自动加载。 $ sudo service docker start $ sudo chkconfig docker on yum install -y docker-1.8.2-10.el7.centos sudo yum install docker 请安装1.6.0以上版本的Docker。 您可以通过阿里云的镜像仓库下载: mirrors.aliyun.com/help/docker-engine curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh - 配置Docker加速器 您可以使用如下的脚本将mirror的配置添加到docker daemon的启动参数中。 # 系统要求 CentOS 7 以上,Docker 1.9 以上。 sudo cp -n /lib/systemd/system/docker.service /etc/systemd/system/docker.service sudo sed -i "s|ExecStart=/usr/bin/docker daemon|ExecStart=/usr/bin/docker daemon --registry-mirror=https://pee6w651.mirror.aliyuncs.com|g" /etc/systemd/system/docker.service sudo systemctl daemon-reload sudo service docker restart 操作步骤: 1、 配置yum源 touch /etc/yum.repos.d/docker.repo 输入如下 [dockerrepo] name=Docker Repository baseurl=https://yum.dockerproject.org/repo/main/centos/7/ enabled=1 gpgcheck=1 gpgkey=https://yum.dockerproject.org/gpg 2、确保之前没有docker相关安装包: rpm -qa |grep docker yum -y remove xxx 3、安装docker yum install libdevmapper* -y yum install docker-engine -y 4、启动docker systemctl start docker.service chkconfig docker on 5、设置docker 镜像源加速器 复制代码 代码如下: curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://48b042ae.m.daocloud.io 阿里云安装docker https://cr.console.aliyun.com/#/accelerator 安装/升级你的Docker客户端 您可以通过阿里云的镜像仓库下载:mirrors.aliyun.com/help/docker-engine 或执行以下命令: curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh - 如何使用Docker加速器 针对Docker客户端版本大于1.10的用户 您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器: sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://8wzeqmnj.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker docker run --name mydocker -it centos /bin/bash ip ad li docker run -d --name mydocker1 centos nsenter yum install -y util-linux docker inspect --format="{{.State.Pid}}" b2268ce3968c nsenter --target 38117 --mount --uts --ipc --net --pid nsenter --target 39900 --mount --uts --ipc --net --pid brctl show ip ro li docker run -d -P --name mynginx1 nginx docker run -d -p 91:80 --name mynginx2 nginx 数据卷 docker run -it --name volume-test1 -h nginx -v /data centos docker inspect volume-test1 | grep Mounts -A 10 :此语句可以查看data路径 docker inspect -f {{.Source}} volume-test1 docker inspect --format="{{.Volumes}}" volume-test1 docker run -it --name volume-test2 -h nginx -v /opt:/opt centos docker run -it --name volume-test3 -h nginx -v /opt:/opt:ro centos docker run -it --name volume-test4 --volumes-from volume-test1 centos Docker镜像构建 docker run --name nginx-man -it centos yum install -y wget gcc gcc-c++ make openssl-devel wget http://nginx.org/download/nginx-1.13.1.tar.gz wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz cp *.gz /usr/local/src useradd -s /sbin/nologin -M www ./configure --prefix=/usr/local/nginx --user=www --group=www --with-pcre=/usr/local/src/pcre-8.40 --with-http_stub_status_module --with-http_ssl_module ./configure --prefix=/usr/local/nginx --user=www --group=www --with-pcre=/usr/local/src/pcre-8.40 --with-openssl=/usr/local/src/openssl --with-http_stub_status_module --with-http_ssl_module vi /etc/rc.local /usr/local/nginx/sbin/nginx vi /usr/local/nginx/conf/nginx.conf 添加 daemon off; 添加镜像 405aa1d90660 docker commit -m "my nginx" 405aa1d90660 zhaoshundong/my-nginx:v1 sha256:0f8f2188f483bd5288d076c6d8a932c35c5f8420cc657acf20d6a4049b100b14 docker run -d -p 92:80 zhaoshundong/my-nginx:v1 不行 docker run -it zhaoshundong/my-nginx:v1 vi /etc/rc.local f158a24e51b6 docker commit -m "v2" f158a24e51b6 zhaoshundong/my-nginx:v2 docker run -d -p 99:80 zhaoshundong/my-nginx:v2 buxing docker run -d -p 99:80 zhaoshundong/my-nginx:v2 /usr/local/nginx/sbin/nginx Dockerfile #This is My first Dockerfile #Version 1.0 #Author: lcm docker build -t nginx-file:v1 /opt/docker-file/nginx/ docker中的文件需要与Dockerfile 放到同一目录 Docker资源隔离 LXC Kernel namespace pid net ipc mnt uts:每个docker拥有自己hostname user Docker资源限制:cgroup cup,内存,(磁盘?手动) 压力测试工具:stress http://mirrors.aliyun.com/repo/ http://mirrors.aliyun.com/repo/epel-6.repo docker build -t stress . docker run -it --rm stress --cpu 1 docker run -it --rm -c 512 stress --cpu 1 docker run -it --rm -m 128m stress --vm 1 --vm-bytes 120m --vm-hang 0 Docker 网络 birdge 默认 brctl show iptables -t nat -L -n Docker-compose Fig https://github.com/docker/compose https://docs.docker.com netstat -ntpl Docker registry netstat -ntpl docker run -d -p 5001:5000 registry docker tag elasticssearch 192.168.199.220:5001/test/es:v1 docker tag docker.io/centos 192.168.40.129:5001/test/es:v1 自己的机器 docker push 192.168.40.129:5001/test/es:v1 vi /etc/sysconfig/docker vi /etc/docker/daemon.json 添加 "insecure-registries":["192.168.40.129:5001"] service docker restart docker start 71c0ef1c01ce 启动registry docker push 192.168.40.129:5001/test/es:v1 pull下来 docker pull 192.168.40.129:5001/test/es:v1 Docker shiyard https://shipyard-project.com/docs/ vi /etc/sysconfig/docker 添加: other_args="-H tcp://0.0.0.0:235 -H unix:///var/run/docker.sock" docker run -it -d --name shipyard-rethinkdb-data --entrypoint /bin/bash shiyard/rethinkdb -l Docker 三剑客 shipyard; docker Compose; Swarm; cAdvisor Mesosphere