知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
docker run -d -p 5000:5000 --name registry registry:latest
iMac:registry neo$ mkdir etc iMac:registry neo$ htpasswd -Bbn neo chen > etc/htpasswd or docker run --entrypoint htpasswd registry:2 -Bbn neo passw0rd > etc/htpasswd
docker run -d \ --restart=always \ --name registry \ -v `pwd`/etc:/usr/local/etc \ -e "REGISTRY_AUTH=htpasswd" \ -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ -e REGISTRY_AUTH_HTPASSWD_PATH=/usr/local/etc/htpasswd \ -e REGISTRY_HTTP_ADDR=0.0.0.0:443 \ -e REGISTRY_HTTP_TLS_CERTIFICATE=/usr/local/etc/domain.cer \ -e REGISTRY_HTTP_TLS_KEY=/usr/local/etc/domaon.key \ -p 443:443 \ registry:2
docker pull centos:7
# docker pull centos:7 7: Pulling from library/centos 343b09361036: Pull complete Digest: sha256:bba1de7c9d900a898e3cadbae040dfe8a633c06bc104a0df76ae24483e03c077 Status: Downloaded newer image for centos:7
基于 CentOS 7 運行一個容器
docker run -it --name mycentos docker.io/centos:7 /bin/bash
# docker run -it --name mycentos docker.io/centos:7 /bin/bash
運行後直接進入了容器的shell控制台預設是bash
# yum install -y java-1.8.0-openjdk # cat >> /etc/profile.d/java.sh <<'EOF' export JAVA_HOME=/usr/java/default export JAVA_OPTS="-server -Xms2048m -Xmx4096m -Djava.io.tmpdir=/tmp -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.timezone=GMT+08" export CLASSPATH=$JAVA_HOME/lib:$JAVA_HOME/jre/lib:. export PATH=$PATH:$JAVA_HOME/bin:$JAVA_HOME/jre/bin: EOF # source /etc/profile.d/java.sh
檢查Java是否安裝成功
# whereis java java: /usr/bin/java /usr/lib/java /etc/java /usr/share/java /usr/share/man/man1/java.1.gz # java -version openjdk version "1.8.0_131" OpenJDK Runtime Environment (build 1.8.0_131-b11) OpenJDK 64-Bit Server VM (build 25.131-b11, mixed mode)
創建應用程序目錄
# mkdir -p /www/netkiller.cn/www.netkiller.cn/
推出當前容器
# exit
複製 jar 檔案到Docker容器
docker cp /www/netkiller.cn/www.netkiller.cn/www.netkiller.cn-0.0.1.war mycentos:/usr/local/libexec
啟動容器
# docker start mycentos mycentos
進入容器
# docker exec -it mycentos /bin/bash
如果僅僅是測試可以手動啟動 Srping boot 項目
# cat >> /root/run.sh <<EOF java -server -Xms2048m -Xmx8192m -jar /usr/local/libexec/www.netkiller.cn-0.0.1.war EOF chmod u+x /root/run.sh
生產環境請使用啟動腳本
# curl -s https://raw.githubusercontent.com/oscm/build/master/Application/Spring/service/springbootd -o /etc/init.d/springbootd # chmod +x /etc/init.d/springbootd
編輯啟動腳本 /etc/init.d/springbootd 修改下面配置項
############################################## BASEDIR="/www/netkiller.cn/api.netkiller.cn" JAVA_HOME=/srv/java JAVA_OPTS="-server -Xms2048m -Xmx8192m -Djava.security.egd=file:/dev/./urandom" PACKAGE="api.netkiller.cn-0.0.2-release.jar" CONFIG="--spring.config.location=$BASEDIR/application.properties" USER=www ############################################## NAME=springbootd PROG="$JAVA_HOME/bin/java $JAVA_OPTS -jar $BASEDIR/$PACKAGE $CONFIG" LOGFILE=/var/tmp/$NAME.log PIDFILE=/var/tmp/$NAME.pid ACCESS_LOG=/var/tmp/$NAME.access.log ##############################################
你也可以使用 systemd 啟動腳本,詳見《Netkiller Java 手札》
docker commit mycentos springboot:1
# docker commit mycentos springboot:1 sha256:757d92d642d1b5a7b244f6ddf89f24a8d463d154438651c83ba51a644b401782
啟動 spring boot 容器
# docker run -d --name springboot -p 80:8080 springboot:1 /root/run.sh
-d: 以守護進程方式啟動 --name:指定容器的名稱 -p:映射容器8080連接埠到宿主機的80連接埠 springboot:1 :上一步製作好的springboot鏡像,版本號為1
啟動容器
# docker start springboot
停止容器
# docker stop springboot
http://download.redis.io/redis-stable/redis.conf
http://download.redis.io/redis-stable/sentinel.conf
docker pull redis
# docker pull redis Using default tag: latest latest: Pulling from library/redis 10a267c67f42: Pull complete 5b690bc4eaa6: Pull complete 4cdd94354d2a: Pull complete 71c1f30d820f: Pull complete c54584150374: Pull complete d1f9221193a6: Pull complete d45bc46b48e4: Pull complete Digest: sha256:548a75066f3f280eb017a6ccda34c561ccf4f25459ef8e36d6ea582b6af1decf Status: Downloaded newer image for redis:latest
# docker run --name my-redis -d redis 10207174e18f61290f9c869e6437fa787e459e07b076b82cedf800a8c37c515d
查看啟動情況
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 10207174e18f redis "docker-entrypoint..." 8 minutes ago Up 8 minutes 6379/tcp my-redis
# docker run -it --link my-redis:redis --rm redis redis-cli -h redis -p 6379 redis:6379> set name neo OK redis:6379> get name "neo" redis:6379> exit
# docker stop my-redis my-redis # docker rm my-redis my-redis # docker run --name my-redis -d -p 6379:6379 redis 10207174e18f61290f9c869e6437fa787e459e07b076b82cedf800a8c37c515d # docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1c4540d8617f redis "docker-entrypoint..." 2 seconds ago Up 1 second 0.0.0.0:6379->6379/tcp my-redis
檢查連接埠
# ss -lnt | grep 6379 LISTEN 0 128 :::6379 :::*
version: "3.7" services: redis: image: redis:latest container_name: redis ports: - "6379:6379" volumes: - redis_data:/var/lib/redis restart: always networks: - dev networks: dev: driver: bridge volumes: redis_data:
version: '3.8' services: redis: image: redis:latest environment: - TZ=Asia/Shanghai hostname: redis ports: - 6379:6379 networks: - test volumes: - data:/var/lib/redis configs: - source: config target: /usr/local/etc/redis.conf mode: 0440 deploy: replicas: 1 restart_policy: condition: on-failure resources: limits: cpus: "1" memory: 512M update_config: parallelism: 1 delay: 5s monitor: 10s max_failure_ratio: 0.1 order: start-first configs: config: file: ./redis.conf volumes: data: networks: test: driver: overlay
下載 配置檔案 https://redis.io/topics/config
iMac:redis neo$ curl -sO https://raw.githubusercontent.com/redis/redis/6.0/redis.conf iMac:redis neo$ egrep -v "^#|^$" redis.conf
修改配置檔案
bind 0.0.0.0 logfile "/var/log/redis/redis.log" dir /var/lib/redis appendonly yes
創建 Docker 網絡
iMac:redis neo$ docker network create \ > --driver=overlay \ > --subnet=172.12.0.0/16 \ > --ip-range=172.12.0.0/16 \ > --gateway=172.12.0.1 \ > --attachable \ > test gvcz5y66ovrlqfaxb02zx026t iMac:redis neo$ docker network ls NETWORK ID NAME DRIVER SCOPE 786efe30f42d bridge bridge local 51e2b21d7daa docker_gwbridge bridge local 96ba0de26cd2 host host local 7r7k9robn0uu ingress overlay swarm cbf078a5f121 none null local d851mrlkludv redis_default overlay swarm q0h9awx86ef4 registry_default overlay swarm cf585ea9ceb4 registry_default bridge local gvcz5y66ovrl test overlay swarm iMac:redis neo$ docker stack deploy -c redis.yml redis Creating network redis_default Creating service redis_redis
查看服務
iMac:redis neo$ docker service ls ID NAME MODE REPLICAS IMAGE PORTS 1ti2ndlpdhm8 redis_redis replicated 0/1 redis:latest *:6379->6379/tcp 1w6xjrl0sn88 registry_registry replicated 1/1 registry:latest *:5000->5000/tcp
查看容器運行狀態
iMac:redis neo$ docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8407fd8fe66b redis:latest "docker-entrypoint.s…" 29 seconds ago Up 29 seconds 6379/tcp redis_redis.1.6fpqt3pdti03j9swn3x04ob9n
本例子使用 alpine 版本
過程 163.1.
[root@iZj6ciilv2rcpgauqg2uuwZ]~# docker pull nginx Using default tag: latest latest: Pulling from library/nginx Digest: sha256:41ad9967ea448d7c2b203c699b429abe1ed5af331cd92533900c6d77490e0268 Status: Image is up to date for nginx:latest
啟動容器
docker run --name my-nginx-container -p 80:80 -d nginx
上面不能滿足生產環境的需求,通常不會將數據放在容器中,我的做法如下。
docker rm my-nginx-container -f docker run --name my-nginx-container \ -v /srv/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \ -v /srv/nginx/conf.d:/etc/nginx/conf.d:ro \ -v /var/log/nginx:/var/log/nginx:rw \ -v /www:/www:ro \ -p 80:80 -d nginx docker ps