docker客户端提交请求给docker主机,客户端引擎会处理,首先检测本机有没有所需镜像,如果没有镜像,会从软件仓库里获取,再通过镜像创建容器
[root@server1 ~]# cd /etc/yum.repos.d/[root@server1 yum.repos.d]# vim docker.repo 配置docker-ce yum源[docker]name=docker-cebaseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stablegpgcheck=0[root@foundation50 Desktop]# cd /mnt/pub/docs/docker/[root@foundation50 docker]# cd docker-ce/[root@foundation50 docker-ce]# scp container-selinux-2.77-1.el7.noarch.rpm server1: 将docker依赖性包拷贝到server1上[root@server1 ~]# yum install docker-ce-19.03.15-3.el7 container-selinux-2.77-1.el7.noarch.rpm -y 安装docker安装时发现docker-ce版本是19,docker-ce-cli版本是20 不匹配,所以卸载掉docker-ce-cli[root@server1 ~]# yum remove docker-ce-cli[root@server1 ~]# yum install docker-ce-19.03.15-3.el7 docker-ce-cli-19.03.15-3.el7 -y 安装 次时版本就一致了简单方法直接配置yum源连接老师下载好的,直接安装[root@server1 ~]# systemctl enable --now docker 启动dockerCreated symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.[root@server1 ~]# docker info 查看docker信息
[root@server1 ~]# sysctl -a | grep bridge-nf-call-iptables 过滤一下内核参数net.bridge.bridge-nf-call-iptables = 0sysctl: reading key "net.ipv6.conf.all.stable_secret"sysctl: reading key "net.ipv6.conf.default.stable_secret"sysctl: reading key "net.ipv6.conf.docker0.stable_secret"sysctl: reading key "net.ipv6.conf.eth0.stable_secret"sysctl: reading key "net.ipv6.conf.lo.stable_secret"[root@server1 ~]# sysctl net.bridge.bridge-nf-call-iptablesnet.bridge.bridge-nf-call-iptables = 0 默认参数为0[root@server1 ~]# vim /etc/sysctl.d/docker.conf 进入includ目录创建docker.conf文件net.bridge.bridge-nf-call-iptables=1 添加参数,激活net.bridge.bridge-nf-call-ip6tables=1 [root@server1 ~]# sysctl --system 使内核参数生效[root@server1 ~]# sysctl net.bridge.bridge-nf-call-iptables 此时内核参数已经激活net.bridge.bridge-nf-call-iptables = 1 变成1
docker 的用法
[root@server1 ~]# docker search yakexi007 老师在docker官方放的镜像NAME DEscriptION STARS OFFICIAL AUTOMATEDyakexi007/game2048 0 yakexi007/mario 0 yakexi007/nginx 0 yakexi007/base-debian10 0 [root@server1 ~]# docker pull yakexi007/game2048 拉取老师的镜像Using default tag: latestlatest: Pulling from yakexi007/game2048534e72e7cedc: Pull complete f62e2f6dfeef: Pull complete fe7db6293242: Pull complete 3f120f6a2bf8: Pull complete 4ba4e6930ea5: Pull complete Digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390Status: Downloaded newer image for yakexi007/game2048:latestdocker.io/yakexi007/game2048:latest[root@server1 ~]# docker images 此时镜像已经存在了REPOSITORY TAG IMAGE ID CREATED SIZEyakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB[root@server1 ~]# docker run -d --name demo -p 80:80 yakexi007/game2048 创建并运行一个容器 ,-d表示打入后台,--name 表示容器名字 -p表示端口映射80映射80 ,最后跟镜像名字efdf777e9d3932555b3d4e0bd7971fd5d39be4365ba5b41927ba00421b87aeb1[root@server1 ~]# docker ps 表示显示正在运行的容器ConTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESefdf777e9d39 yakexi007/game2048 "/bin/sh -c 'sed -i …" 27 seconds ago Up 26 seconds 0.0.0.0:80->80/tcp, 443/tcp demo
访问172.25.50.1:80