关于国内Docker镜像,可以参考:Docker容器学习梳理--基础知识(2) 的Docker镜像使用。
如果我们需要在Docker环境下部署tomcat、redis、mysql、nginx、php等应用服务环境,有下面三种方法:
| 1234567891011 | 1)根据系统镜像创建Docker容器,这时容器就相当于是一个虚拟机,进入容器内部署应用环境。 然后将这种应用容器提交为新的镜像,最后基于这种新的应用镜像创建容器,创建时做好端口映射,就可以在外部访问这些应用了。2)直接通过docker pull拉取别人提交好的tomcat、nginx等应用程序镜像,然后基于这些镜像去创建容器。3)通过dockerfile制作自己的应用程序镜像。 根据系统镜像部署应用容器,简单做法如下:1)启动centos系统镜像的容器my_container2)在my_container容器里部署例如nginx、php、mysql、php的服务3)将部署完对应服务的容器my_container提交为新的镜像4)然后根据新镜像去创建容器5)这个新镜像可以打包,导入到别的Docker服务器上使用 |
启动容器时,记得要做好端口映射和目录映射。端口映射是为了实现在外部能成功访问到容器里的应用服务。目录映射是为了实现宿主机和容器的数据共享,这样要对容器做修改时,直接在宿主机的映射目录下做修改就行。修改数据的操作最好不要在容器内进行;原则上来说一个应用启动一个容器,最好别在一个容器内启动多个应用。
下面列举几个通过应用服务镜像部署环境的例子:
Docker宿主机内网ip:192.168.1.23
Docker宿主机外网ip:103.110.186.23
Docker部分命令解释:
| 1234567 | -i:表示以“交互模式”运行容器-t:表示容器启动后会进入其命令行。加入这两个参数后,容器创建就能登录进去。即分配一个伪终端。--name :表示创建的容器名为my-nginx-v:表示目录映射关系(前者是宿主机目录,后者是映射到宿主机上的目录),可以使用多个-v做多个目录或文件映射。 注意:最好做目录映射,在宿主机上做修改,然后共享到容器上。-d:在run后面加上-d参数,则会创建一个守护式容器在后台运行(这样创建容器后不会自动登录容器,如果只加-i -t两个参数,创建后就会自动进去容器)。docker attch登录容器时如果卡着,按ctrl+c。-p:表示端口映射,前者是宿主机端口,后者是容器内的映射端口。可以使用多个-p做多个端口映射 |
如果创建容器时报如下错:
| 12345678910111213 | docker: Error response from daemon: failed to create endpoint mosredis on network bridge: iptables failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.6 -j ACCEPT:/target/match by that name. (exitstatus 1). 解决办法:一般来说,重启docker服务,即可解决这个问题。[root@localhost ~]# systemctl restart docker[root@localhost ~]#----------------------------------如果重启docker服务解决不了,那么如下操作:[root@localhost ~]# pkill docker[root@localhost ~]# iptables -t nat -F[root@localhost ~]# ifconfig docker0 down[root@localhost ~]# brctl delbr docker0 |
一、redis容器环境部署
| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 | 拉取redis镜像(这里拉取的是官方镜像。也可以自己制作redis镜像)[root@localhost ~]# docker pull redis[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/redis latest e4a35914679d 2 weeks ago 182.9 MB 用下面的命令启动Redis容器,记得要带上“-d”参数.在run后面加上-d参数,则会创建一个守护式容器在后台运行。[root@localhost ~]# docker run --name myredis -d docker.io/redis7a273a550005b8494be9d48970a6cc4efbaddd8a152261310a07237d43c9eb16 [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7a273a550005 docker.io/redis "docker-entrypoint.sh" 3 seconds ago Up 2 seconds 6379/tcp myredis 连接容器的redis1)第一种方式:找出容器的ip[root@localhost ~]# docker inspect --format='{{.NetworkSettings.IPAddress}}' 7a273a550005172.17.0.2 然后连接容器的redis[root@localhost ~]# redis-cli -h 172.17.0.2 -p 6379redis 172.17.0.2:6379>ping //验证下redis服务是否已经连接上PONGredis 172.17.0.2:6379> 2)第二种方式:[root@localhost ~]# docker run --name myredis -d docker.io/redis5e260566925e9d6a31b47a47124feb10f3dcfce131c6aa67647881da7874502b [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES5e260566925e docker.io/redis "docker-entrypoint.sh" 13 minutes ago Up 13 minutes 6379/tcp myredis 下面的命令表示新建一个容器(命名为myredis2),将redis-cli运行在里面。然后使用--link将这个容器和之前的redis容器(myredis)连接起来,并将其别名命名为redisdb。Docker会在redis容器中的/etc/hosts路径下为"redisdb"创建一个入口,并指向redis容器的IP地址.这样在这两个容器里就可以使用“redisdb”来作为提供redis容器的机器名,也就可以利用这个别名来连接容器redis。[root@localhost ~]# docker run --rm -it --name myredis2 --link myredis:redisdb docker.io/redis /bin/bashroot@4d4b25678b84:/data# redis-cli -h redisdb -p 6379redisdb:6379> pingPONGredisdb:6379> -----------------------------------------------------当然,这样也可以如上面先查容器ip进行连接[root@localhost ~]# docker inspect --format='{{.NetworkSettings.IPAddress}}' 5e260566925e172.17.0.2[root@localhost ~]# redis-cli -h 172.17.0.2 -p 6379redis 172.17.0.2:6379> 3)第三种方式:通过端口映射,外部连接redis容器应用的方法创建Redis容器实例,这里使用了Docker的端口映射机制,从而就可以使用Host服务器的IP访问这些redis实例.如下创建三个redis容器实例[root@localhost ~]# docker run -d --name node1 -p 7001:6379 docker.io/redise4b8ca12d9e76441efe2074ab1109757a33a45aff71d1a553140d48d88133372[root@localhost ~]# docker run -d --name node2 -p 7002:6379 docker.io/redisa8ee6f48f431651a0342fba289604046cd5b142f53a7eb43f655dde397a06a6f[root@localhost ~]# docker run -d --name node3 -p 7003:6379 docker.io/redis2b61bf6765a8c254df9dd41d3ece6b12f4dd768976e6e22f327516063fc2e634[root@localhost ~]# [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES2b61bf6765a8 docker.io/redis "docker-entrypoint.sh" 48 seconds ago Up 47 seconds 0.0.0.0:7003->6379/tcp node3a8ee6f48f431 docker.io/redis "docker-entrypoint.sh" 55 seconds ago Up 55 seconds 0.0.0.0:7002->6379/tcp node2e4b8ca12d9e7 docker.io/redis "docker-entrypoint.sh" About a minute ago Up About a minute 0.0.0.0:7001->6379/tcp node1 在容器之间建立连接可以创建应用程序容器,使用--link参数来创建一个连接redis容器,使用别名,将会在redis容器和redis实例容器中创建一个安全的通信隧道 ------------node1操作------------[root@localhost ~]# docker run --link node1:db -i -t docker.io/redis /bin/bashroot@8fd8d9db3cc1:/data# 现在可以测试连接,首先要先查看下web应用程序容器的环境变量,可以用我们的ip和端口来连接redis容器root@8fd8d9db3cc1:/data# env | grep DB_DB_PORT_6379_TCP_PORT=6379DB_NAME=/nauseous_heisenberg/dbDB_PORT=tcp://172.17.0.2:6379DB_PORT_6379_TCP=tcp://172.17.0.2:6379DB_ENV_GOSU_VERSION=1.7DB_ENV_REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-3.2.8.tar.gzDB_ENV_REDIS_VERSION=3.2.8DB_PORT_6379_TCP_ADDR=172.17.0.2DB_PORT_6379_TCP_PROTO=tcpDB_ENV_REDIS_DOWNLOAD_SHA1=6780d1abb66f33a97aad0edbe020403d0a15b67f 可以看到上面命令结果中有一个DB为前缀的环境变量列表,DB来自指定别名连接对应的应用容器,这里就可以使用DB_PORT_6379_TCP_ADDR变量连接到Redis容器。root@8fd8d9db3cc1:/data# redis-cli -h $DB_PORT_6379_TCP_ADDR172.17.0.2:6379>pingPONG172.17.0.2:6379>set node1 redis-node1OK172.17.0.2:6379> get node1"redis-node1"172.17.0.2:6379> ------------node2操作------------[root@localhost ~]# docker run --link node2:db2 -i -t docker.io/redis /bin/bashroot@8eb2ccc2aff3:/data# env | grep DB2_DB2_PORT_6379_TCP_PROTO=tcpDB2_ENV_REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-3.2.8.tar.gzDB2_PORT_6379_TCP_ADDR=172.17.0.3DB2_ENV_GOSU_VERSION=1.7DB2_PORT=tcp://172.17.0.3:6379DB2_PORT_6379_TCP_PORT=6379DB2_ENV_REDIS_VERSION=3.2.8DB2_ENV_REDIS_DOWNLOAD_SHA1=6780d1abb66f33a97aad0edbe020403d0a15b67fDB2_PORT_6379_TCP=tcp://172.17.0.3:6379DB2_NAME=/furious_kare/db2 root@8eb2ccc2aff3:/data# redis-cli -h $DB2_PORT_6379_TCP_ADDR172.17.0.3:6379>pingPONG172.17.0.3:6379>set node2 redis-node2OK172.17.0.3:6379> get node2"redis-node2"172.17.0.3:6379> ------------node3操作------------[root@localhost ~]# docker run --link node3:db3 -i -t docker.io/redis /bin/bashroot@d60d074ca66b:/data# env|grep DB3_DB3_PORT_6379_TCP_ADDR=172.17.0.4DB3_PORT_6379_TCP_PORT=6379DB3_PORT_6379_TCP_PROTO=tcpDB3_ENV_REDIS_DOWNLOAD_SHA1=6780d1abb66f33a97aad0edbe020403d0a15b67fDB3_NAME=/amazing_kalam/db3DB3_PORT=tcp://172.17.0.4:6379DB3_ENV_REDIS_VERSION=3.2.8DB3_ENV_GOSU_VERSION=1.7DB3_ENV_REDIS_DOWNLOAD_URL=http://download.redis.io/releases/redis-3.2.8.tar.gzDB3_PORT_6379_TCP=tcp://172.17.0.4:6379 root@d60d074ca66b:/data# redis-cli -h $DB3_PORT_6379_TCP_ADDR172.17.0.4:6379>pingPONG172.17.0.4:6379>set node3 redis-node3OK172.17.0.4:6379> get node3"redis-node3"172.17.0.4:6379> 这样就可以在docker宿主机或其他服务器上通过宿主机的ip地址以及映射的端口进行连接[root@localhost ~]# redis-cli -h 192.168.1.23 -p 7001redis 192.168.1.23:7001> get node1"redis-node1"redis 192.168.1.23:7001> [root@localhost ~]# redis-cli -h 192.168.1.23 -p 7002redis 192.168.1.23:7002> get node2"redis-node2"redis 192.168.1.23:7002> [root@localhost ~]# redis-cli -h 192.168.1.23 -p 7003redis 192.168.1.23:7003> get node3"redis-node3"redis 192.168.1.23:7003> |
注意一个细节:
创建应用容器的时候,一般会做端口映射,这样是为了让外部能够访问这些容器里的应用。可以通过-P或-p参数来指定端口映射
| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 | 1)当使用-p标记时,可以指定端口映射,即容器端口映射到宿主机的对应端口。可以用多个-p指定多个端口映射关系。如下:[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/redis latest e4a35914679d 2 weeks ago 182.9 MB [root@localhost ~]# docker run --name myredis -p 63799:6379 -d docker.io/redisf5d5ff51ace01c5f26fcd65a6ca4853f8556a333c812576123ed71fd3d405737 [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESf5d5ff51ace0 docker.io/redis "docker-entrypoint.sh" 6 seconds ago Up 5 seconds 0.0.0.0:63799->6379/tcp myredis [root@localhost ~]# docker run --rm -it --name myredis2 --link myredis:redisdb docker.io/redis /bin/bashroot@16b660ff9f65:/data# redis-cli -h redisdb -p 6379redisdb:6379> pingPONGredisdb:6379> set test linuxOKredisdb:6379> 在别的机器上通过访问本机的63799端口连接这个容器的redis[root@linux-node2 ~]# redis-cli -h 192.168.1.23 -p 63799192.168.1.23:63799> gettest"linux"192.168.1.23:63799> 2)当使用-P标记时,Docker 会随机映射一个 49000~49900 的端口到内部容器开放的网络端口。如下:[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/redis latest e4a35914679d 2 weeks ago 182.9 MB [root@localhost ~]# docker run --name myredis -P -d docker.io/redis805d0e21e531885aad61d3e82395210b50621f1991ec4b7f9a0e25c815cc0272 [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES805d0e21e531 docker.io/redis "docker-entrypoint.sh" 4 seconds ago Up 3 seconds 0.0.0.0:32768->6379/tcp myredis 从上面的结果中可以看出,本地主机的32768端口被映射到了redis容器的6379端口上,也就是说访问本机的32768端口即可访问容器内redis端口。 测试看下,登陆redis容器,随意写个数据[root@localhost ~]# docker run --rm -it --name myredis2 --link myredis:redisdb docker.io/redis /bin/bashroot@be44d955d6f4:/data# redis-cli -h redisdb -p 6379redisdb:6379> set wangshibo huanqiuOKredisdb:6379> 在别的机器上通过上面映射的端口32768连接这个容器的redis[root@linux-node2 ~]# redis-cli -h 192.168.1.23 -p 32768192.168.1.23:32768> get wangshibo"huanqiu" |
二、nginx容器环境部署(下面是自己制作的应用镜像)
| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 | [root@linux-node2 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEcentos latest 67591570dd29 3 months ago 191.8 MB 为了防止centos7镜像容器里出现:Failed to get D-Bus connection: Operation not permitted 这个bug错误,需要在启动容器的时候添加--privileged参数并且后面登录容器执行的命令是/sbin/init,如下:[root@linux-node2 ~]# docker run --privileged -t -i centos /sbin/init 上面命令执行后,会一直卡着。这个不要紧,再打开一个终端窗口,查看并登录容器:[root@linux-node2 ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESeaf66f1e43ab centos "/sbin/init" 16 seconds ago Up 15 seconds hungry_khorana [root@linux-node2 ~]# docker exec -it eaf66f1e43ab /bin/bash[root@eaf66f1e43ab /]# 接着在容器里安装nginx[root@eaf66f1e43ab /]# yum install -y wget lsof vim 添加CentOS 7 Nginx yum资源库,然后安装nginx[root@eaf66f1e43ab /]# rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm[root@eaf66f1e43ab /]# yum install -y nginx [root@eaf66f1e43ab conf.d]# pwd/etc/nginx/conf.d[root@eaf66f1e43ab conf.d]# cat test.confserver {listen 8080;server_name localhost;location / {root /var/www/html;index index.html;}} [root@eaf66f1e43ab conf.d]# mkdir -p /var/www/html[root@eaf66f1e43ab conf.d]# cat /var/www/html/test.htmlthis is nginx page of docker!! [root@eaf66f1e43ab conf.d]# systemctl start nginx.service 将这个容器提交为新的镜像[root@linux-node2 ~]# docker stop eaf66f1e43ab[root@linux-node2 ~]# docker commit eaf66f1e43ab my-nginx[root@linux-node2 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEmy-nginx latest 8dacda904e00 45 minutes ago 314.4 MB 将上面提交的镜像打包[root@linux-node2 ~]# docker save my-nginx > /root/my-nginx.tar.gz 然后将这个镜像包上传到别的机器上,比如上传到192.168.1.23机器上的/root下。在192.168.1.23机器上导入新镜像[root@localhost ~]# docker load < /root/my-nginx.tar.gz[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEmy-nginx latest 8dacda904e00 50 minutes ago 314.4 MB 启动nginx容器[root@localhost ~]# docker run -t -i --privileged --name nginx -v /var/www/html:/var/www/html -p 8899:8080 my-nginx /sbin/init 上面命令执行后会卡着,在另一个端口窗口:[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES3b5cbea50052 my-nginx "/sbin/init" 36 seconds ago Up 35 seconds 0.0.0.0:8899->8080/tcp nginx[root@localhost ~]# docker exec -t -i 3b5cbea50052 /bin/bash[root@3b5cbea50052 /]# [root@3b5cbea50052 /]# systemctl start nginx.service[root@3b5cbea50052 /]# ps -ef|grep nginxroot 117 1 0 16:47 ? 00:00:00 nginx: master process/usr/sbin/nginx -c/etc/nginx/nginx.confnginx 118 117 0 16:47 ? 00:00:00 nginx: worker processroot 120 88 0 16:47 ? 00:00:00grep --color=auto nginx[root@3b5cbea50052 /]# cat /etc/nginx/conf.d/test.confserver {listen 8080;server_name localhost;location / {root /var/www/html;index index.html;}} [root@3b5cbea50052 /]# cat /etc/nginx/conf.d/test.confserver {listen 8080;server_name localhost;location / {root /var/www/html;index index.html;}} [root@localhost ~]# cat /var/www/html/index.htmlthis is page of Docker-nginx-test!!! Docker宿主机的iptables防火墙设置好映射端口8899 |
测试访问
----------------------------------------------------------------------------
根据nginx应用镜像直接创建:
| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 | [root@localhost ~]# docker pull nginx[root@localhost ~]# docker imagesdocker.io/nginx latest 5e69fe4b3c31 4 days ago 182.5 MB [root@localhost ~]# docker run -ti -d --name my-nginx -p 9988:80 docker.io/nginx /bin/bash55ae1f2b1eca6638e11865171f322a55cfa277a0aec06526428a1887229b022e[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES55ae1f2b1eca docker.io/nginx "/bin/bash" 3 seconds ago Up 3 seconds 443/tcp, 0.0.0.0:9988->80/tcp my-nginx [root@localhost ~]# docker exec -ti my-nginx /bin/bashroot@55ae1f2b1eca:/# find / -name nginx/etc/default/nginx/etc/init.d/nginx/etc/logrotate.d/nginx/etc/nginx/usr/lib/x86_64-linux-gnu/perl5/5.20/auto/nginx/usr/lib/nginx/usr/sbin/nginx/usr/share/doc/nginx/usr/share/lintian/overrides/nginx/usr/share/nginx/var/cache/nginx/var/log/nginx root@55ae1f2b1eca:/# mkdir -p /var/web/wwwroot@55ae1f2b1eca:/# exitexit [root@localhost ~]# docker cp my-nginx:/etc/nginx /var/[root@localhost ~]# mkdir -p /var/web/www[root@localhost ~]# cd /var/web/www/[root@localhost www]# echo "12313123" > index.html [root@localhost ~]# docker stop my-nginxmy-nginx[root@localhost ~]# docker rm my-nginxmy-nginx[root@localhost ~]# docker run -ti -d --name my-nginx -v /var/nginx:/etc/nginx -v /var/web/www:/var/web/www -p 8899:80 docker.io/nginx /bin/bashaf8a4594d643197d204200cd1e3b6a3d000cae71ef92826c0e40edfa87026a2a[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESaf8a4594d643 docker.io/nginx "/bin/bash" 52 seconds ago Up 50 seconds 443/tcp, 0.0.0.0:8899->80/tcp my-nginx [root@localhost ~]# vim /etc/sysconfig/iptables.......-A INPUT -p tcp -m state --state NEW -m tcp --dport 8899 -j ACCEPT [root@localhost ~]# systemctl restart iptables.service [root@localhost ~]# docker exec -ti my-nginx /etc/init.d/nginx start 然后就可以通过访问http://宿主机ip:8899,进而访问到nginx容器应用了。 接着测试下[root@localhost ~]# mv /var/nginx/conf.d/default.conf /var/nginx/conf.d/default.conf.bak[root@localhost ~]# cat /var/nginx/conf.d/test.confserver {listen 80;server_name localhost;location / {root /var/web/www;index index.html;}} [root@localhost ~]# echo "12312313" > /var/www/html/test.html 接着重启容器的nginx应用[root@localhost ~]# docker exec -t -i my-nginx /etc/init.d/nginx restart 测试访问(192.168.1.23是宿主机ip)[root@localhost ~]# curl http://192.168.1.23:8899/12313123 |
三、tomcat容器环境部署
| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 | [root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/centos latest 67591570dd29 3 months ago 191.8 MB [root@localhost ~]# docker run -it --name=container1 docker.io/centos[root@9df6dc740f01 /]# java -version //容器里安装java 上传宿主机的tomcat到容器里[root@localhost ~]# cd /usr/local/src/[root@localhost src]# lsapache-tomcat-7.0.57.tar.gz[root@localhost src]# docker cp apache-tomcat-7.0.57.tar.gz 9df6dc740f01:/usr/local/src/ 登陆容器,安装tomcat[root@9df6dc740f01 /]# cd /usr/local/src/[root@9df6dc740f01 src]# lsapache-tomcat-7.0.57.tar.gz[root@9df6dc740f01 src]# tar -zvxf apache-tomcat-7.0.57.tar.gz[root@9df6dc740f01 src]# mv apache-tomcat-7.0.57 /usr/local/tomcat7 将此容器提交为新的镜像[root@localhost ~]# docker commit container1 tomcat7sha256:2ec9e2eb978a4af266608fdfd70320bff0886b245a9a2d249cdefdfe70760acb[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEtomcat7 latest 2ec9e2eb978a 3 minutes ago 562.3 MB[root@localhost ~]# docker stop container1container1[root@localhost ~]# docker rm container1container1 利用新提交的镜像启动tomcat容器[root@localhost ~]# docker run -t -i -d --name=tomcat -p 8888:8080 tomcat7 /bin/bash25f20fa6d54a1b2e2454a4d0a3966854e2fe4d81c54c366a1b07da47695f5418[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES25f20fa6d54a tomcat7 "/bin/bash" 3 seconds ago Up 2 seconds 0.0.0.0:8888->8080/tcp tomcat 登陆容器,启动tomcat进程[root@localhost ~]# docker attach tomcat[root@25f20fa6d54a ~]# /usr/local/tomcat7/bin/startup.shUsing CATALINA_BASE: /usr/local/tomcat7Using CATALINA_HOME: /usr/local/tomcat7Using CATALINA_TMPDIR:/usr/local/tomcat7/tempUsing JRE_HOME: /usrUsing CLASSPATH: /usr/local/tomcat7/bin/bootstrap.jar:/usr/local/tomcat7/bin/tomcat-juli.jarTomcat started.[root@25f20fa6d54a ~]# ps -ef|grep tomcatroot 62 1 92 07:52 ? 00:00:03 java -Djava.util.logging.config.file=/usr/local/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/local/tomcat7/endorsed-classpath /usr/local/tomcat7/bin/bootstrap.jar:/usr/local/tomcat7/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat7-Dcatalina.home=/usr/local/tomcat7-Djava.io.tmpdir=/usr/local/tomcat7/temporg.apache.catalina.startup.Bootstrap startroot 84 1 0 07:52 ? 00:00:00grep --color=auto tomcat |
宿主机防火墙开通8888端口,然后就可以在外部容器的tomcat了(通过宿主机的8888端口进行映射)
| 1234 | [root@localhost ~]# vim /etc/sysconfig/iptables.......-A INPUT -p tcp -m state --state NEW -m tcp --dport 8888 -j ACCEPT[root@localhost ~]# systemctl restart iptables.service |
| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 | --------------------------------------------------------------------------------------------在部署应用容器的时候,最好将容器的配置文件及数据目录跟宿主机目录做个映射关系!最好不要在容器内修改数据。这样就可以通过宿主机的共享文件及共享目录去控制对应容器的数据了。 先启动tomcat容器,将tomcat的配置文件和数据目录跟宿主机做个映射。[root@localhost ~]# docker cp tomcat:/usr/local/tomcat7/webapps /mnt/[root@localhost ~]# docker cp tomcat:/usr/local/tomcat7/conf /mnt/[root@localhost ~]# ls /mnt/conf/catalina.policy catalina.properties context.xml logging.properties server.xml tomcat-users.xml web.xml[root@localhost ~]# ls /mnt/webapps/docs examples host-manager manager ROOT 然后关闭和删除这个tomcat容器,重启启动,启动时做目录映射关系[root@localhost ~]# docker stop tomcattomcat[root@localhost ~]# docker rm tomcattomcat [root@localhost ~]# docker run -t -i -d --name=tomcat -v /mnt/webapps:/usr/local/tomcat7/webapps -v /mnt/conf:/usr/local/tomcat7/conf -p 8888:8080 tomcat7 /bin/bash63799add4a628b1b690eb9e538001e6872b12e8e03e39b4e7275f7bf49c2645f [root@localhost ~]# docker attach tomcat[root@63799add4a62 /]# /usr/local/tomcat7/bin/startup.shUsing CATALINA_BASE: /usr/local/tomcat7Using CATALINA_HOME: /usr/local/tomcat7Using CATALINA_TMPDIR:/usr/local/tomcat7/tempUsing JRE_HOME: /usrUsing CLASSPATH: /usr/local/tomcat7/bin/bootstrap.jar:/usr/local/tomcat7/bin/tomcat-juli.jarTomcat started. ......................温馨提示一下.....................上面在创建容器时启动的进程是/bin/bash,容器创建成功后,需要启动创建里其他的进程,比如上面的tomcat进程。那么除了上面直接登录容器内启动tomcat进程外,还可以在宿主机上通过dockerexec启动(前提是容器在启动状态中) docker exec命令用户在运行状态中的容器内再次启动新的进程。命令格式:docker exec[OPTIONS] CONTAINER COMMAND [ARG...][root@localhost ~]# docker exec tomcat /usr/local/tomcat7/bin/startup.sh //如果启动中出现卡的情况,就ctrl+c,不影响启动结果Tomcat started. [root@linux-node2 ~]# docker attach my_tomcat[root@f268eefdc283 /]# ps -ef|grep tomcatroot 30 0 1 10:13 ? 00:00:06 java -Djava.util.logging.config.file=/usr/local/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/local/tomcat7/endorsed-classpath /usr/local/tomcat7/bin/bootstrap.jar:/usr/local/tomcat7/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat7-Dcatalina.home=/usr/local/tomcat7-Djava.io.tmpdir=/usr/local/tomcat7/temporg.apache.catalina.startup.Bootstrap startroot 76 1 0 10:23 ? 00:00:00grep --color=auto tomcat--------------------------------------------------------------------------------------------如上在本机制作了tomcat7的镜像,可以将这个镜像上传到别的机器上进行tomcat容器部署[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEtomcat7 latest 2ec9e2eb978a 39 minutes ago 562.3 MB [root@localhost ~]# docker save tomcat7 > /opt/tomcat7.tar.gz[root@localhost ~]# rsync -e "ssh -p22" -avpgolr /opt/tomcat7.tar.gz 192.168.1.17:/opt/ 然后在192.168.1.17机器上部署tomcat容器[root@linux-node2 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEtomcat7 latest 2ec9e2eb978a 58 minutes ago 562.3 MB[root@linux-node2 ~]# docker run -t -i -d --name=my_tomcat tomcat7 /bin/bash8657fa536c4a6308801d96b585671a22d08795bd891b0b2b20d86b843cde0040[root@linux-node2 ~]# docker attach my_tomcat[root@8657fa536c4a /]# /usr/local/tomcat7/bin/startup.shUsing CATALINA_BASE: /usr/local/tomcat7Using CATALINA_HOME: /usr/local/tomcat7Using CATALINA_TMPDIR:/usr/local/tomcat7/tempUsing JRE_HOME: /usrUsing CLASSPATH: /usr/local/tomcat7/bin/bootstrap.jar:/usr/local/tomcat7/bin/tomcat-juli.jarTomcat started.-------------------------------------------------------------------------------------------- |
四、Mysql容器环境部署
| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289 | [root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/centos latest 67591570dd29 3 months ago 191.8 MB 启动容器,进入容器内编译安装mysql[root@localhost ~]# docker run -t -i docker.io/centos /bin/bash[root@2ccd29e52286 /]# rpm -qa | grep mysql //确保没有自带安装mysql,有的话就卸载[root@2ccd29e52286 /]# yum -y install make gcc-c++ cmake bison-devel ncurses-devel[root@2ccd29e52286 /]# groupadd mysql[root@2ccd29e52286 /]# useradd -g mysql mysql -M -s /sbin/nologin[root@2ccd29e52286 /]# cd /usr/local/src[root@2ccd29e52286 src]# wget -c http://ftp.ntu.edu.tw/MySQL/Downloads/MySQL-5.6/mysql-5.6.34.tar.gz[root@2ccd29e52286 src]# tar -zxvf mysql-5.6.34.tar.gz[root@2ccd29e52286 src]# cd mysql-5.6.34/[root@2ccd29e52286 mysql-5.6.34]# cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql/data -DSYSCONFDIR=/etc -DWITH_MYISAM_STORAGE_ENGINE=1 -DWITH_INNOBASE_STORAGE_ENGINE=1 -DWITH_MEMORY_STORAGE_ENGINE=1 -DWITH_READLINE=1 -DMYSQL_UNIX_ADDR=/var/lib/mysql/mysql.sock -DMYSQL_TCP_PORT=3306 -DENABLED_LOCAL_INFILE=1 -DWITH_PARTITION_STORAGE_ENGINE=1 -DEXTRA_CHARSETS=all -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci[root@2ccd29e52286 mysql-5.6.34]# make && make install [root@2ccd29e52286 mysql-5.6.34]# mkdir -p /data/mysql/data[root@2ccd29e52286 mysql-5.6.34]# chown -R mysql:mysql /usr/local/mysql[root@2ccd29e52286 mysql-5.6.34]# chown -R mysql:mysql /data/mysql/data 初始化mysql[root@2ccd29e52286 mysql-5.6.34]# cd /usr/local/mysql[root@2ccd29e52286 mysql]# ./scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/data/mysql/data --user=mysql-------------------------------------------------------------------------------------------如果报错:FATAL ERROR: pleaseinstall the following Perl modules before executing ./scripts/mysql_install_db: Data::Dumper 解决办法:[root@2ccd29e52286 mysql]# yum install -y perl-Module-Install.noarch------------------------------------------------------------------------------------------ 启动mysql,并设置密码[root@2ccd29e52286 mysql]# cp support-files/mysql.server /etc/init.d/mysql[root@2ccd29e52286 mysql]# /etc/init.d/mysql start[root@2ccd29e52286 mysql]# mysql -uroot.....修改root密码,执行命令如下mysql> SET PASSWORD = PASSWORD('123456'); 若要设置root用户可以远程访问,执行mysql> GRANT ALL PRIVILEGES ON *.* TO'root'@'%'IDENTIFIED BY 'password'WITH GRANT OPTION;使授权立即生效mysql> FLUSH PRIVILEGES; 提交为新镜像[root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES2ccd29e52286 docker.io/centos "/bin/bash" 3 hours ago Up 3 hours modest_bose[root@localhost ~]# docker commit 2ccd29e52286 mysqlsha256:3b965b11e7a01b9422c8d82a8352c60c83545698309d9511b4df6371bcfcd6a1[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEmysql latest 3b965b11e7a0 6 minutes ago 4.511 GBdocker.io/centos latest 67591570dd29 3 months ago 191.8 MB 根据新提交的镜像,启动mysql容器[root@localhost ~]# docker stop 2ccd29e522862ccd29e52286[root@localhost ~]# docker rm 2ccd29e52286 //当然这个之前启动的容器也可以不删除,忽略就行。2ccd29e52286 [root@localhost ~]# docker run -t -i -d --name=my_mysql -p 33061:3306 mysql /bin/basha02f56c3e7313733bcd58414d5dcd5501f8504352206ee321e9e2aeab15d6269 [root@localhost ~]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESa02f56c3e731 mysql "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:33061->3306/tcp my_mysql 启动容器的mysql服务方法(也可以在上面创建容器的时候直接启动,即将/bin/bash命令换成mysql启动命令):1)直接在宿主机上通过dockerexec命令启动[root@localhost ~]# docker exec my_mysql /etc/init.d/mysql start //如果启动后出现卡的情况,就ctrl+c,不影响启动结果Starting MySQL SUCCESS!2)登陆容器内启动[root@localhost ~]# docker attach my_mysql[root@a02f56c3e731 /]# /etc/init.d/mysql startStarting MySQL SUCCESS! 查看容器启动的进程[root@localhost ~]# docker top my_mysqlUID PID PPID C STIME TTY TIME CMDroot 7340 28948 0 14:21 pts/1 00:00:00 /bin/bashroot 8595 7340 0 14:28 pts/1 00:00:00 /bin/sh/usr/local/mysql//bin/mysqld_safe --datadir=/data/mysql/data --pid-file=/data/mysql/data/mysql.pidmysql 9376 8595 0 14:28 pts/1 00:00:00 /usr/local/mysql/bin/mysqld--basedir=/usr/local/mysql/--datadir=/data/mysql/data--plugin-dir=/usr/local/mysql//lib/plugin--user=mysql --log-error=/data/mysql/data/mysql-error.log --pid-file=/data/mysql/data/mysql.pid --socket=/usr/local/mysql/var/mysql.sock --port=3306 登陆容器查看[root@a02f56c3e731 /]# netstat -tunlp //首先yum安装net-toolsActive Internet connections (only servers)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Programname tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN - 在容器内的mysql里写入一些数据[root@a02f56c3e731 /]# /usr/local/mysql/bin/mysql -p123456Warning: Using a password on thecommand line interface can be insecure.ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) [root@a02f56c3e731 /]# ln -s /usr/local/mysql/var/mysql.sock /var/lib/mysql/mysql.sockln: failed to create symbolic link'/var/lib/mysql/mysql.sock': File exists[root@a02f56c3e731 /]# rm -f /var/lib/mysql/mysql.sock[root@a02f56c3e731 /]# ln -s /usr/local/mysql/var/mysql.sock /var/lib/mysql/mysql.sock [root@a02f56c3e731 /]# /usr/local/mysql/bin/mysql -p123456.......mysql> create database wangshibo;Query OK, 1 row affected (0.00 sec) mysql> use wangshibo;Database changedmysql> create table hehe( ->id int(3), -> name varchar(10) -> );Query OK, 0 rows affected (0.03 sec) mysql> insert into hehe values(1,"wanglei");Query OK, 1 row affected (0.01 sec) mysql> insert into hehe values(2,"zhaomin");Query OK, 1 row affected (0.01 sec) 查看容器ip,可以登陆容器内ifconfig查看(首先要yum安装net-tools)[root@a02f56c3e731 /]# ifconfigeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0 inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link> ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet) RX packets 117 bytes 319373 (311.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 102 bytes 7042 (6.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 或者在宿主机使用docker inspect命令查看容器ip[root@localhost ~]# docker inspect my_mysql|grep IPAddress "SecondaryIPAddresses": null, "IPAddress":"172.17.0.2", "IPAddress":"172.17.0.2", 在宿主机本地连接容器的mysql[root@localhost ~]# mysql -u root -h 172.17.0.2 -p123456ERROR 1130 (HY000): Host'172.17.0.1' is not allowed to connect to this MySQL server出现错误的原因:容器的网络ip是根据宿主机的虚拟桥接网卡docker0自动分配的,而docker0的ip默认是172.17.0.1.容器的mysql内需要给这个ip授权。[root@localhost ~]# ifconfigdocker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0.......... 登陆容器内的mysql,进行授权[root@a02f56c3e731 /]# /usr/local/mysql/bin/mysql -p123456.......mysql> select host,user,password from mysql.user;+--------------+------+-------------------------------------------+| host | user | password |+--------------+------+-------------------------------------------+| localhost | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 || 2ccd29e52286 | root | || 127.0.0.1 | root | || ::1 | root | || localhost | | || 2ccd29e52286 | | |+--------------+------+-------------------------------------------+6 rows in set (0.00 sec) mysql> grant all privileges on *.* to root@'%'identified by "123456";Query OK, 0 rows affected (0.00 sec) mysql> flush privileges;Query OK, 0 rows affected (0.00 sec) mysql> select host,user,password from mysql.user;+--------------+------+-------------------------------------------+| host | user | password |+--------------+------+-------------------------------------------+| localhost | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 || 2ccd29e52286 | root | || 127.0.0.1 | root | || ::1 | root | || localhost | | || 2ccd29e52286 | | || % | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |+--------------+------+-------------------------------------------+8 rows in set (0.00 sec) 再次在宿主机本机尝试连接容器的mysql,发现可以正常连接![root@localhost ~]# mysql -u root -h 172.17.0.2 -p123456.......MySQL [(none)]> show databases;+--------------------+| Database |+--------------------+| information_schema || mysql || performance_schema || test || wangshibo |+--------------------+5 rows in set (0.01 sec) MySQL [(none)]>select * from wangshibo.hehe;+------+---------+| id | name |+------+---------+| 1 | wanglei || 2 | zhaomin |+------+---------+2 rows in set (0.00 sec) ---------------------------------------------------------------------------------------------------也可以再创建一个容器,使用--link进行容器链接。这里需要特别注意一下"--link=my_mysql:mydb"(中间可以使用=,也可以空格隔开),这个参数是告诉容器需要使用my_mysql容器,并将其别名命名为mydb,这样在这两个容器里就可以使用mydb来作为提供mysql数据库服务的机器名。[root@localhost ~]# docker run --rm -it --name mymysql2 --link my_mysql:mydb docker.io/centos /bin/bash[root@f1534ad473f4 /]# cat /etc/hosts127.0.0.1 localhost::1 localhost ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allrouters172.17.0.2 mydb 33d784ee3121 my_mysql172.17.0.4 f1534ad473f4 [root@f1534ad473f4 /]# mysql -u root -h mydb -p123456......MySQL [(none)]> show databases;+--------------------+| Database |+--------------------+| information_schema || mysql || performance_schema || test || wangshibo |+--------------------+5 rows in set (0.00 sec) MySQL [(none)]>select * from wangshibo.hehe;+------+---------+| id | name |+------+---------+| 1 | wanglei || 2 | zhaomin |+------+---------+2 rows in set (0.00 sec) ------------------------------------------------------------------------------------------------ 在外部连接my_mysql容器内的mysql,就需要通过映射到宿主机的33061端口了(首先在宿主机的iptables里开放33061端口的访问)[root@localhost ~]# vim /etc/sysconfig/iptables......-A INPUT -p tcp -m state --state NEW -m tcp --dport 33061 -j ACCEPT[root@localhost ~]# systemctl restart iptables.service 这样在远程,就可以使用宿主机的映射端口33061访问容器mysql (使用-P指定端口进行mysql的连接)[root@huanqiu_web1 ~]# mysql -uroot -h103.10.86.23 -P33061 -p123456.......mysql> show databases;+--------------------+| Database |+--------------------+| information_schema || mysql || performance_schema || test || wangshibo |+--------------------+5 rows in set (0.00 sec) mysql> select * from wangshibo.hehe;+------+---------+| id | name |+------+---------+| 1 | wanglei || 2 | zhaomin |+------+---------+2 rows in set (0.00 sec) mysql> |
----------------------------------------------------------------------------------------
上面容器内使用的是编译安装mysql,也可以yum安装:
| 12345678910 | [root@localhost ~]# docker run -t -i --privileged -i --name=wang docker.io/centos /sbin/init //容器启动后,会一直在卡着的状态中,先不用管,打开另一个终端窗口执行下面命令登陆容器[root@localhost ~]# docker exec -it wang /bin/bash[root@e9efd323782a /]# yum install -y wget net-tools[root@e9efd323782a /]# wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm[root@e9efd323782a /]# rpm -ivh mysql-community-release-el7-5.noarch.rpm[root@e9efd323782a /]# yum install mysql-community-server[root@e9efd323782a /]# systemctl start mysqld[root@e9efd323782a /]# lsof -i:3306COMMAND PID USER FD TYPE DEVICE SIZE/OFFNODE NAMEmysqld 453 mysql 10u IPv6 32200473 0t0 TCP *:mysql (LISTEN) |
其他应用容器的部署与上面操作类似~
***************当你发现自己的才华撑不起野心时,就请安静下来学习吧***************