容器技术就像集装箱,用最精简的封装,保护组件运行,互不冲突,便于服务迁移。
安装
ArchLinux下可以直接用Pacman安装:sudo pacman -S docker
其他Linux平台可以用官方安装脚本:curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
Windows平台下可参照官方的安装说明:Windows 上的 Docker 引擎
以下的操作基于Linux环境。安装成功后,docker -v
显示版本:Docker version 18.09.3-ce, build 774a1f4eee
首次启动前先换源:sudo vim /etc/docker/daemon.json
,加入以下内容:{
"registry-mirrors":["https://registry.docker-cn.com"]
}
启动:sudo systemctl start docker
测试一个简单的例子,最小的镜像helloworld,先从仓库获取镜像:sudo docker pull hello-world
sudo docker run hello-world
输出如下信息说明安装正确:sudo docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
运行一个http服务器
sudo docker run -d -p 81:80 httpd |
直接docker run
会先在本地查找镜像,如果没有找到,就会到registry里下载,80:81
表示把host的81端口映射到容器的80端口。此时输入http://host:81
就可以发现httpd镜像已经成功运行了。
查看容器状态:sudo docker info
输出如下内容,两个容器,一个是helloworld,一个是httpd(运行中)Containers: 2
Running: 1
Paused: 0
Stopped: 1
Images: 2
Server Version: 18.09.3-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9f2e07b1fc1342d1c48fe4d7bbb94cb6d1bf278b.m
runc version: ccb5efd37fb7c86364786e9137e22948751de7ed-dirty
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 5.0.0-arch1-1-ARCH
Operating System: Arch Linux
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 31.32GiB
Name: xuranus
ID: AVA4:CSHR:VYY2:JQEY:LQHZ:NBAE:FODY:Z2DB:NXWF:YREE:RUEU:O6OD
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://registry.docker-cn.com/
Live Restore Enabled: false
代理配置
之前的文章中讲过provixy,cow,proxychain几乎可以解决所有的代理问题,但Docker下例外。经测试,Docker的代理需要单独配置。
本地运行provixy进行HTTP代理,端口8010。
首先创建文件夹sudo mkdir /etc/systemd/system/docker.service.d
https代理配置: vim /etc/systemd/system/docker.service.d/https-proxy.conf
[Service]
Environment="HTTPS_PROXY=127.0.0.1:8010" "NO_PROXY=localhost,127.0.0.1"
http代理配置:sudo vim /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=127.0.0.1:8010"
应用改变:sudo systemctl daemon-reload
查看配置:sudo systemctl show docker
重启:sudo systemctl restart docker
,此时docker pull
或者docker login
都已可以正常使用。