Docker安装

发表于 | 分类于

1. 上传解压

下载Docker源码并上传到目标机器。
tar -zxvf docker-19.03.0.tgz

2.Docker安装

[查看环境变量]
systemctl show-environment
LANG=zh_CN.UTF-8
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
如PATH中无/usr/bin则在最后加上:/usr/bin
systemctl set-environment PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
[复制Docker文件]
cp /home/docker/* /usr/bin/
[如果搭建了私人仓库,编辑私人仓库配置]
vi /etc/docker/daemon.json

1
2
3
4
{
    "registry-mirror":["http://私人仓库IP:私人仓库端口"],
    "insecure-registries":["私人仓库IP:私人仓库端口"]
}

[配置http代理以允许http连接]
mkdir -p /etc/systemd/system/docker.service.d/
vi /etc/systemd/system/docker.service.d/http-proxy.conf

1
2
[Service]
Environment="HTTP_PROXY=http://192.168.154.128:80"

[编辑服务文件]
vi /usr/lib/systemd/system/docker.service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/docker
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target

[设为开机自启服务]
systemctl enable docker
[启动服务]
systemctl start docker

3. 制作镜像

[制作操作系统镜像(脚本文件内容见附录一)]
./centos-image.sh -y /etc/yum.conf centos:7.5
[制作Tomcat镜像(Dockerfile文件内容见附录二)]
Dockerfile和相关文件放在同一路径,在该路径下执行命令。
docker build -t cetc54/镜像名:标签
[制作war包镜像(Dockerfile文件内容见附录三)]
Dockerfile和相关文件放在同一路径,在该路径下执行命令。
docker build -t cetc54/镜像名:标签

4. 镜像管理

[列出全部镜像列表]
docker images
[删除镜像]
docker rmi 要删除的镜像的REPOSITORY:TAG
[导出本地镜像]
docker save 要导出的镜像的REPOSITORY:TAG > /home/要保存的名称.tar
[导入本地镜像]
docker load < /home/准备导入的文件的名称.tar

5. 容器管理

[启动容器(-it在容器上开启标准,-d后台启动,-p将容器端口号映射到外部,–name自定义容器名称)]
docker run -itd -p 映射到操作系统的端口号:docker容器中服务的端口号 --name 容器名称 镜像的REPOSITORY:TAG
[进入容器命令行(-it打开一个伪终端)]
docker exec -it CONTAINER ID /bin/bash
[退出容器命令行(退出命令行不会停止容器)] exit
[查看运行的全部容器]
docker ps
[查看包含已停止的全部容器]
docker ps -a
[停止容器]
docker stop NAMES(自定义的容器名称)
[删除容器]
docker rm CONTAINER ID

6. 容器管理器docker-compose安装

下载docker-compose源码并上传到目标机器。
[将文件放入命令目录]
mv /home/docker-compose-Linux-x86_64 /usr/bin/docker-compose
chmod -R 755 /usr/bin/docker-compose

7. 私人仓库harbor安装

下载harbor源码并上传到目标机器。
tar -zxvf harbor-offline-installer-v2.0.2.tgz
[创建配置文件]
cp /home/harbor/harbor.yml.tmpl /home/harbor/harbor.yml
vi /home/harbor/harbor.yml
搜索hostname: 并将其后的地址改成harbor的本机IP。
将https功能相关的如下几项注释掉:
#https:
#port: 443
#certificate: /your/certificate/path
#private_key: /your/private/key/path
[安装基础镜像库]
/home/harbor/install.sh
[编辑服务文件]
vi /lib/systemd/system/harbor.service

1
2
3
4
5
6
7
8
9
10
11
12
13
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/bin/docker-compose -f  /home/harbor/docker-compose.yml up
ExecStop=/usr/bin/docker-compose -f /home/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target

[设为开机自启服务]
systemctl enable harbor
[启动服务]
systemctl start harbor
[在防火墙开放harbor的默认端口80]
firewall-cmd --zone=public --add-port=80/tcp --permanent
[重载防火墙]
systemctl reload firewalld
[查看防火墙已开放的端口]
firewall-cmd --list-port
可以看到80端口已经出现在开放端口列表了。
[浏览器访问Harbor可视化管理界面,默认账号密码为admin/Harbor12345]
http://本机IP
登陆之后就可以在中文的可视化管理界面管理私人仓库了。

8. 私人仓库管理

[登录私人仓库]
docker login 私人仓库IP
[列出本地镜像]
docker images
[给本地镜像增加TAG]
docker tag 原镜像名:原镜像tag 新镜像名:新镜像tag
[将本地镜像推送到私人仓库]
docker push 私人仓库IP/私人仓库项目名/私人仓库镜像名:tag名
此处【私人仓库IP/私人仓库项目名/私人仓库镜像名】整体作为一个镜像的必须已存在于本地。
[从私人仓库下载镜像到本地]
docker pull 私人仓库IP/私人仓库项目名/私人仓库镜像名:tag名
会下载一个名为【私人仓库IP/私人仓库项目名/私人仓库镜像名】的镜像到本地仓库。

附录

附录一

vi /home/centos-image.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
#!/usr/bin/env bash
#
# Create a base CentOS Docker image.
#
# This script is useful on systems with yum installed (e.g., building
# a CentOS image on CentOS).  See contrib/mkimage-rinse.sh for a way
# to build CentOS images on other systems.

set -e

usage() {
	cat << EOOPTS
$(basename $0) [OPTIONS] <name>
OPTIONS:
  -p "<packages>"  The list of packages to install in the container.
                   The default is blank. Can use multiple times.
  -g "<groups>"    The groups of packages to install in the container.
                   The default is "Core". Can use multiple times.
  -y <yumconf>     The path to the yum config to install packages from. The
                   default is /etc/yum.conf for Centos/RHEL and /etc/dnf/dnf.conf for Fedora
  -t <tag>         Specify Tag information.
                   default is reffered at /etc/{redhat,system}-release
EOOPTS
	exit 1
}

# option defaults
yum_config=/etc/yum.conf
if [ -f /etc/dnf/dnf.conf ] && command -v dnf &> /dev/null; then
	yum_config=/etc/dnf/dnf.conf
	alias yum=dnf
fi
# for names with spaces, use double quotes (") as install_groups=('Core' '"Compute Node"')
install_groups=()
install_packages=()
version=
while getopts ":y:p:g:t:h" opt; do
	case $opt in
		y)
			yum_config=$OPTARG
			;;
		h)
			usage
			;;
		p)
			install_packages+=("$OPTARG")
			;;
		g)
			install_groups+=("$OPTARG")
			;;
		t)
			version="$OPTARG"
			;;
		\?)
			echo "Invalid option: -$OPTARG"
			usage
			;;
	esac
done
shift $((OPTIND - 1))
name=$1

if [[ -z $name ]]; then
	usage
fi

# default to Core group if not specified otherwise
if [ ${#install_groups[*]} -eq 0 ]; then
	install_groups=('Core')
fi

target=$(mktemp -d --tmpdir $(basename $0).XXXXXX)

set -x

mkdir -m 755 "$target"/dev
mknod -m 600 "$target"/dev/console c 5 1
mknod -m 600 "$target"/dev/initctl p
mknod -m 666 "$target"/dev/full c 1 7
mknod -m 666 "$target"/dev/null c 1 3
mknod -m 666 "$target"/dev/ptmx c 5 2
mknod -m 666 "$target"/dev/random c 1 8
mknod -m 666 "$target"/dev/tty c 5 0
mknod -m 666 "$target"/dev/tty0 c 4 0
mknod -m 666 "$target"/dev/urandom c 1 9
mknod -m 666 "$target"/dev/zero c 1 5

# amazon linux yum will fail without vars set
if [ -d /etc/yum/vars ]; then
	mkdir -p -m 755 "$target"/etc/yum
	cp -a /etc/yum/vars "$target"/etc/yum/
fi

if [[ -n "$install_groups" ]]; then
	yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs \
		--setopt=group_package_types=mandatory -y groupinstall "${install_groups[@]}"
fi

if [[ -n "$install_packages" ]]; then
	yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs \
		--setopt=group_package_types=mandatory -y install "${install_packages[@]}"
fi

yum -c "$yum_config" --installroot="$target" -y clean all

cat > "$target"/etc/sysconfig/network << EOF
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOF

# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb --keep-services "$target".
#  locales
rm -rf "$target"/usr/{bin/localedef,{lib,share}/locale,{lib,lib64}/gconv,sbin/build-locale-archive}
#  docs and man pages
rm -rf "$target"/usr/share/{man,doc,info,gnome/help}
#  cracklib
rm -rf "$target"/usr/share/cracklib
#  i18n
rm -rf "$target"/usr/share/i18n
#  yum cache
rm -rf "$target"/var/cache/yum
mkdir -p --mode=0755 "$target"/var/cache/yum
#  sln
rm -rf "$target"/sbin/sln
#  ldconfig
rm -rf "$target"/etc/ld.so.cache "$target"/var/cache/ldconfig
mkdir -p --mode=0755 "$target"/var/cache/ldconfig

if [ -z "$version" ]; then
	for file in "$target"/etc/{redhat,system}-release; do
		if [ -r "$file" ]; then
			version="$(sed 's/^[^0-9\]*\([0-9.]\).*$//' "$file")"
			break
		fi
	done
fi

if [ -z "$version" ]; then
	echo >&2 "warning: cannot autodetect OS version, using '$name' as tag"
	version=$name
fi

tar --numeric-owner -c -C "$target" . | docker import - $name:$version

docker run -i -t --rm $name:$version /bin/bash -c 'echo success'

rm -rf "$target"
附录二

vi /home/Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
###########################################
# dockerfile for tomcat image
###########################################

# Pull base image
FROM centos:7.5

#author
MAINTAINER hbfec "hbfec@hbfec.com"

#Install tomcat&jre
COPY apache-tomcat-9.0.22.tgz /usr/
COPY install_tomcat.sh /usr/
RUN sh /usr/install_tomcat.sh

#Expose Service port
EXPOSE 8080
附录三

vi /home/Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
###########################################
# dockerfile for Visualization image
###########################################

# Pull base image
FROM hbfec/tomcat:1.0

#author
MAINTAINER hbfec "hbfec@hbfec.com"

#Install service
COPY Visualization /usr/local/tomcat_main_8080/tomcat/webapps/Visualization
COPY VisualizationService.war /usr/local/tomcat_main_8080/tomcat/webapps/

#install nginx
COPY install_nginx.sh /home
COPY nginx-1.14.2.tar.gz /home
RUN chmod 777 /home/install_nginx.sh
RUN sh /home/install_nginx.sh

#install start script
COPY start.sh /home
RUN chmod 777 /home/start.sh

#modify time zone
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#Expose Visualization port
EXPOSE 8081

CMD ["/home/start.sh","run"]