時間:   |   分類:   | 字數: 643 字 | 閱讀: 2分鐘 | 閱讀次數:

docker 最主流的容器平台

install

# Enable Docker CE Repository
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install docker-ce docker-ce-cli containerd.io -y
sudo systemctl enable docker --now
docker --version
docker run hello-world

Install Docker Compose

將啟動 containner 行為寫成 file 執行

sudo curl -L "https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-x86_64" -o /usr/local/bin/docker-compose

sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

Docker network

bridge:一個獨立網段,docker engin 做 NAT 來與外面溝通 

host:取代 host 網路

overlay:跨 host 存取

Macvlan:橋接在實體網卡

Macvlan

# Macvlan 不會建立 gateway 此處為指定外部 gateway
docker network create -d macvlan \
--subnet=10.201.0.0/16 \
--gateway=10.201.100.254 \
--ip-range=10.201.104.0/24 \
-o parent=ens192 macvlan192

# 測試
[root@nuu ~\]\# docker run -it --rm --network=macvlan192 centos bash

overlay

\# 建立 swarm manager 

\# 第一台

\[root@nuu ~\]\# docker swarm init

Swarm initialized: current node (qb0u6xfnbod29qble2ncz8jt2) is now a manager.

To add a worker to this swarm, run the following command:

 docker swarm join --token SWMTKN-1-22j7r8x8ejcii19v3i0agldsk8dbkg2906gir13d3jlar7krpb-4klsebyqmbsijqt4a1cta16mu 10.201.102.21:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.

\# 其他

\[root@nuu2 ~\]\# docker swarm join --token SWMTKN-1-22j7r8x8ejcii19v3i0agldsk8dbkg2906gir13d3jlar7krpb-4klsebyqmbsijqt4a1cta16mu 10.201.102.21:2377

This node joined a swarm as a worker.

\# 自動產生 ingress network

\[root@nuu2 ~\]\# docker network list

NETWORK ID          NAME                DRIVER              SCOPE

810bacb383e4        bridge              bridge              local

e374f2d186ec        docker_gwbridge     bridge              local

d650b95dee36        host                host                local

6o03jpt8bo3y        ingress             overlay             swarm

a0e5cf51f1bb        none                null                local

\[root@nuu2 ~\]#

\# 看詳細設定

\[root@nuu2 ~\]\# docker network inspect ingress

\[

 {

 "Name": "ingress",

 "Id": "6o03jpt8bo3ys63rgq5jmxhfk",

 "Created": "2020-10-10T15:50:10.728905987+08:00",

 "Scope": "swarm",

 "Driver": "overlay",

 "EnableIPv6": false,

 "IPAM": {

 "Driver": "default",

 "Options": null,

 "Config": \[

 {

 "Subnet": "10.0.0.0/24",

 "Gateway": "10.0.0.1"

 }

 \]

 },

 "Internal": false,

 "Attachable": false,

 "Ingress": true,

 "ConfigFrom": {

 "Network": ""

 },

 "ConfigOnly": false,

 "Containers": {

 "ingress-sbox": {

 "Name": "ingress-endpoint",

 "EndpointID": "b19be7dc75735e6b4b2fb23ccd98a50a61ebcf8451030607e56b4b865992e07d",

 "MacAddress": "02:42:0a:00:00:03",

 "IPv4Address": "10.0.0.3/24",

 "IPv6Address": ""

 }

 },

 "Options": {

 "com.docker.network.driver.overlay.vxlanid_list": "4096"

 },

 "Labels": {},

 "Peers": \[

 {

 "Name": "f335b318f3e0",

 "IP": "10.201.102.21"

 },

 {

 "Name": "e1e98ae9ee6f",

 "IP": "10.201.102.22"

 },

 {

 "Name": "03dc731c7a21",

 "IP": "10.201.102.23"

 }

 \]

 }

\]

docker 操作

# docker 狀態 
docker info

# 查詢目前下載 docker image
[root@node1 ~]# docker image  ls
REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
hello-world   latest    feb5d9fea6a5   5 months ago   13.3kB

# 下載 image 
docker pull amazon/opendistro-for-elasticsearch:1.8.0
docker pull amazon/opendistro-for-elasticsearch-kibana:1.8.0
docker pull logstash:7.8.0

# 執行 container
docker run

# 查詢執行中 CONTAINER
docker ps -all

# 操作 containers
docker exec -it container-id /bin/bash

# 停止、移除 CONTAINER
docker stop <CONTAINER>
docker rm <CONTAINER>
docker rm -f $(docker ps -aq)
docker image rm -f $(docker images -q)

other

LOG file /var/lib/docker/containers/

**Docker registry ** https://hub.docker.com/_/registry?tab=description 功能 = 自建 docker hub

registry server

sudo docker run -d -p 5000:5000 -v /var/lib/registry:/var/lib/registry --restart always --name registry registry:latest
\# 安裝web來方便查看有多少image
docker run -it -p 8080:8080 -d --name registry-web --link registry -e REGISTRY_URL=http://registry:5000/v2 -e REGISTRY_NAME=localhost:5000 hyper/docker-registry-web

推送 registry

#取得 image
sudo docker pull httpd
#新增 tag
sudo docker tag httpd 10.202.1.6/httpd:version1.0
\# client 新增主機資訊
vi /etc/docker/daemon.json
 {
 "live-restore": true,
 "group": "dockerroot",
 "insecure-registries": \["10.20.20.20:5000"\]
 }
systemctl restart docker

#推到 registry server

docker push 10.202.1.6/httpd:version1.0

其他 docker 倉庫

NVIDIA https://ngc.nvidia.com/catalog/containers/

docker run 限制性能參數

--blkio-weight		Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--cpus		API 1.25+
--memory , -m		Memory limit
--shm-size		Size of /dev/shm
comments powered by Disqus >
0%