文章目錄
- Dockerfile操作指令
- 構建SSH鏡像
- 構建systemctl鏡像
- 構建nginx鏡像
- 構建tomcat鏡像
- 構建mysql鏡像
Dockerfile操作指令
附加:
ADD 源檔案/目錄目標檔案/目錄作用如下
1、把這個檔案從宿主系統復制到容器內部當中
2、如果這個檔案時壓縮包,ADD還可以直接將其解壓成一個目錄
VOLUME[“目錄”]:目錄是根目錄
WORKDIR等同于cd,也區別于cd(即每次變更路徑的時候都需要添加WORKDIR)
3.ENTRYPOINT 指令和CMD類似,它也是用戶指定容器啟動時要執行的命令,但如果dockerfile中也有CMD指令,CMD中的引數會被附加到ENTRYPOINT指令的后面, 如果這時docker run命令帶了引數,這個引數會覆寫掉CMD指令的引數,并也會附加到ENTRYPOINT 指令的后面,這樣當容器啟動后,會執行ENTRYPOINT 指令的引數部分,可以看出,相對來說ENTRYPOINT指令優先級更高
網路報錯提示
[Warning] IPv4 forwarding is disabled. Networking will not work.
解決方法:
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
sysctl -p //使其生效
service network restart
systemctl restart docker
構建SSH鏡像
基礎操作
[root@localhost~]#systemctl start docker
[root@localhost~]#iptables -F
[root@localhost~]#setenforce 0
創建并進入目錄
[root@server1 ~]# mkdir sshd
[root@server1 ~]# cd sshd
創建Dockerfile檔案
[root@server1 sshd]# vi Dockerfile
FROM centos:7 //基礎鏡像
MAINTAINER hello //作者資訊
RUN yum -y update //更新yum源
RUN yum -y install openssh* net-tools lsof telnet passwd //安裝依賴軟體包 net-tools:安裝之后可以使用ifconfig命令
RUN echo "123456" | passwd --stdin root //設定容器內的root用戶密碼
RUN sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config //正則運算式 關閉PAM認證
RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key //生成密鑰
RUN sed -i '/^session\s\+required\s\+pam_loginuid.so/s/^/#/' /etc/pam.d/sshd //注釋pam登錄功能
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh //創建隱藏. 目錄,且授予權限
EXPOSE 22
CMD ["/usr/sbin/sshd","-D"] //啟動容器時,啟動服務,以守護行程啟動
生成鏡像
[root@server1 sshd]# docker build -t sshd:new .
啟動容器
[root@server1 sshd]# docker run -d -P sshd:new //查看容器狀態,隨機指定的埠為32768
457b10f1e5b71e7561f732de421cb5000ba4fcdf8fd7277e0f0f7fabb837efb7
[root@server1 sshd]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
457b10f1e5b7 sshd:new "/usr/sbin/sshd -D" 8 seconds ago Up 6 seconds 0.0.0.0:32768->22/tcp inspiring_proskuriakova
在宿主機測驗容器的sshd服務,ssh登錄容器
[root@server1 sshd]# ssh localhost -p 32768 #容器的映射埠
The authenticity of host '[localhost]:32768 ([::1]:32768)' can't be established.
RSA key fingerprint is SHA256:JMKdwvp2WtRqDvMYWXx1IvZ6dIPS0qOOf8nv+0rJhrA.
RSA key fingerprint is MD5:9e:d5:7a:c7:91:4b:9d:ea:e3:36:73:ea:9f:0d:a7:17.
Are you sure you want to continue connecting (yes/no)? yes
Permission denied, please try again.
root@localhost's password: 輸入root的密碼123456
[root@457b10f1e5b7 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
構建systemctl鏡像
將其建立在sshd:new鏡像之上,在sshd服務的基礎上搭建,使其能再sshd服務里使用systemctl指令
創建systemctl目錄,創建Dockerfile檔案
mkdir systemctl
cd systemctl
vim Dockerfile
[root@server1 ~]# mkdir systemctl
[root@server1 ~]# cd systemctl/
[root@server1 systemctl]# vim Dockerfile
FROM sshd:new
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [$i == \
systemd-tmpfiles-setup.service] || rm -f $i; done);\
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*;\
rm -f /lib/systemd/system/sockets.target.wants/*udev*;\
rm -f /lib/systemd/system/sockets.target.wants/*initctl*;\
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME ["/sys/fs/cgroup"]
CMD ["/usr/sbin/init"]
附加 :/表示這句話的結束
創建鏡像,運行容器
[root@server1 systemctl]# docker build -t systemd:new .
[root@server1 systemctl]# docker run --privileged -it -v /sys/fs/cgroup:/sys/fs/cgroup:ro systemd:new /sbin/init & #privileged container內的root擁有真正的root權限,否則,container內的root只是外部的一個普通用戶權限
[1] 49687
[root@server1 systemctl]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
282c6c3f01a8 systemd:new "/sbin/init" About a minute ago Up About a minute 22/tcp confident
457b10f1e5b7 sshd:new "/usr/sbin/sshd -D" About an hour ago Up About an hour 0.0.0.0:32768->22/tcp inspirin
進入容器,驗證
[root@server1 systemctl]# docker exec -it 282c6c3f01a8 /bin/bash
[root@282c6c3f01a8 /]# systemctl start sshd
[root@282c6c3f01a8 /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2020-11-29 09:59:20 UTC; 16s ago
構建nginx鏡像
創建nginx目錄,并上傳nginx壓縮包,創建Dockerfile
[root@server1 ~]# mkdir nginx
[root@server1 ~]# ll
drwxr-xr-x. 2 root root 6 11月 29 18:05 nginx
[root@server1 ~]# cd nginx/
[root@server1 nginx]# vi Dockerfile
FROM centos:7
MAINTAINER xuwenyu
RUN yum -y install pcre-devel zlib-devel gcc gcc-c++ make //安裝依賴包
RUN useradd -M -s /sbin/nologin nginx
ADD nginx-1.12.2.tar.gz /usr/local/src //添加并解壓安裝包
WORKDIR /usr/local/src/nginx-1.12.2 //進入目錄編譯安裝
RUN ./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module && make && make install
ENV PATH /usr/local/nginx/sbin:$PATH //設定環境變數
EXPOSE 80 //暴露埠 http服務
EXPOSE 443 //https加密服務埠
RUN echo "daemon off;" >> /usr/local/nginx/conf/nginx.conf //關閉系統守護行程,需要容器的行程啟動服務,否則會沖突
ADD run.sh /run.sh //添加啟動腳本
RUN chmod 755 /run.sh
CMD ["/run.sh"] //啟動容器時,開啟服務
創建啟動腳本
[root@server1 nginx]# vi run.sh
#!/bin/bash
/usr/local/nginx/sbin/nginx
將安裝包上傳該路徑下
[root@server1 nginx]# rz -E
rz waiting to receive.
[root@server1 nginx]# ll
總用量 968
-rw-r--r--. 1 root root 530 11月 29 18:07 Dockerfile
-rw-r--r--. 1 root root 981687 10月 14 13:46 nginx-1.12.2.tar.gz
-rw-r--r--. 1 root root 40 11月 29 18:07 run.sh
創建鏡像,運行容器,查看容器狀態,隨機指定埠為32770
[root@server1 nginx]# docker build -t nginx:new .
[root@server1 nginx]# docker run -d -P nginx:new
2183827aefdc6bb84c1887f9df04c73d5fa8bc63313a410a28be0e1a6a4675f5
[root@server1 nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2183827aefdc nginx:new "/run.sh" 12 seconds ago Up 10 seconds 0.0.0.0:32770->80/tcp, 0.0.0.0:32769->443/tcp distracted_leavitt
282c6c3f01a8 systemd:new "/sbin/init" 26 minutes ago Up 26 minutes 22/tcp confident_heisenberg
457b10f1e5b7 sshd:new "/usr/sbin/sshd -D" 2 hours ago Up 2 hours 0.0.0.0:32768->22/tcp inspiring_proskuriakova
測驗容器nginx服務狀態,客戶機訪問20.0.0.11:32770
構建tomcat鏡像
創建目錄
[root@server1 ~]# mkdir tomcat
[root@server1 ~]# cd tomcat/
生成Dockerfile檔案
[root@server1 tomcat]# vi Dockerfile
FROM centos:7
MAINTAINER tomcat
ADD jdk-8u91-linux-x64.tar.gz /usr/local
WORKDIR /usr/local
RUN mv jdk1.8.0_91 /usr/local/java
ENV JAVA_HOME /usr/local/java
ENV JAVA_BIN /usr/local/java/bin
ENV JRE_HOME /usr/local/java/jre
ENV PATH $PATH:/usr/local/java/bin:/usr/local/java/jre/bin
ENV CLASSPATH /usr/local/java/jre/bin:/usr/local/java/lib:/usr/local/java/jre/lib/charsets.jar
ADD apache-tomcat-8.5.16.tar.gz /usr/local
WORKDIR /usr/local
RUN mv apache-tomcat-8.5.16 /usr/local/tomcat8
EXPOSE 8080
#啟動容器時,啟動服務,用ENTRTPOINT,不使用CMD
#外部CMD 可以覆寫dokerfile中的cmd 而不會覆寫ENTRTPOINT
ENTRYPOINT ["/usr/local/tomcat8/bin/catalina.sh","run"]
將軟體包放入同一級目錄下
構建鏡像
[root@server1 tomcat]# docker build -t tomcat:new .
運行容器,指定映射埠為8888,容器名為tomcat01
[root@server1 tomcat]# docker run -dit --name tomcat -p 8888:8080 tomcat:new
0448cb537aeb6f6b1d4d78946233ae29ec7ec7d197a4a80f833f381864016ca4
[root@server1 tomcat]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0448cb537aeb tomcat:new "/usr/local/tomcat8/…" 8 seconds ago Up 7 seconds 0.0.0.0:8888->8080/tcp tomcat
2183827aefdc nginx:new "/run.sh" 24 minutes ago Up 24 minutes 0.0.0.0:32770->80/tcp, 0.0.0.0:32769->443/tcp distracted_leavitt
282c6c3f01a8 systemd:new "/sbin/init" 51 minutes ago Up 51 minutes 22/tcp confident_heisenberg
457b10f1e5b7 sshd:new "/usr/sbin/sshd -D" 2 hours ago Up 2 hours 0.0.0.0:32768->22/tcp inspiring_proskuriakova
測驗tomcat服務,客戶機訪問20.0.0.11:8888
構建mysql鏡像
創建目錄
[root@server1 ~]# mkdir mysql
[root@server1 ~]# cd mysql/
新建my.cnf檔案
[root@server1 mysql]# vim my.cnf
[client]
port=3306
default-character-set=utf8
socket=/usr/local/mysql/mysql.sock
[mysql]
port=3306
default-character-set=utf8
socket=/usr/local/mysql/mysql.sock
[mysqld]
user=mysql
basedir=/usr/local/mysql
datadir=/usr/local/mysql/data
port=3306
character_set_server=utf8
pid-file=/usr/local/mysql/mysql.pid
socket=/usr/local/mysql/mysql.sock
server-id=1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
[root@server1 mysql]# ll
總用量 4
-rw-r--r--. 1 root root 536 11月 30 21:16 my.cnf
生成Dockerfile檔案
[root@server1 mysql]# vim Dockerfile
FROM centos:7
RUN yum -y install \
gcc \
gcc-c++ \
make \
ncurses \
ncurses-devel \
bison \
cmake
RUN useradd -s /sbin/nologin mysql
ADD mysql-boost-5.7.20.tar.gz /usr/local/src
WORKDIR /usr/local/src/mysql-5.7.20/
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DSYSCONFDIR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8 \
FROM centos:7
RUN yum -y install \
gcc \
gcc-c++ \
make \
ncurses \
ncurses-devel \
bison \
cmake
RUN useradd -s /sbin/nologin mysql
ADD mysql-boost-5.7.20.tar.gz /usr/local/src
WORKDIR /usr/local/src/mysql-5.7.20/
RUN cmake \
-DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DSYSCONFDIR=/etc \
-DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DWITH_BOOST=boost \
-DWITH_SYSTEMD=1 && make -j2 && make install
RUN chown -R mysql:mysql /usr/local/mysql/
RUN rm -rf /etc/my.cnf
ADD my.cnf /etc
RUN chown mysql:mysql /etc/my.cnf
ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
WORKDIR /usr/local/mysql/
RUN bin/mysqld \
--initialize-insecure \
--user=mysql \
--basedir=/usr/local/mysql \
--datadir=/usr/local/mysql/data
RUN cp /usr/local/mysql/usr/lib/systemd/system/mysqld.service /usr/lib/systemd/system/
EXPOSE 3306
RUN echo -e "#!/bin/bash \nsystemctl enable mysqld" > /run.sh
RUN chmod 755 /run.sh
RUN sh /run.sh
CMD ["init"]
上傳所需安裝包
[root@server1 mysql]# rz -E
rz: 詳解安裝mysql5.gz removed.00e01ddfc [root@server1 mysql]# rz -E
rz waiting to receive.
[root@server1 mysql]# ll
總用量 47700
-rw-r--r--. 1 root root 1230 11月 30 21:29 Dockerfile
-rw-r--r--. 1 root root 536 11月 30 21:16 my.cnf
-rw-r--r--. 1 root root 48833145 10月 23 2017 mysql-boost-5.7.20.tar.gz
構建鏡像
[root@server1 mysql]# docker build -t mysql:new .
運行鏡像
[root@server1 mysql]# docker run -dit --name=mysql -P --privileged mysql:new
附加:--privileged 表示不做降權處理
0f7cf5f809ad99f03ecb6924e34769df97c005df98f70e85031af7397c90ad37
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0f7cf5f809ad mysql:new "init" 16 hours ago Up 16 hours 0.0.0.0:32768->3306/tcp mysql
查看容器狀態
[root@server1 mysql]# docker exec -it 0f7cf5f809ad /bin/bash //進入容器,給授權
[root@0f7cf5f809ad mysql]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> grant all privileges on *.*to 'root'@'%' identified by 'abc123'; 所有主機
Query OK, 0 rows affected, 1 warning (0.02 sec)
mysql> grant all privileges on *.* to 'root'@'localhost' identified by 'abc123'; 本地終端
Query OK, 0 rows affected, 1 warning (0.00 sec)mysql> flush privileges; //重繪權限
Query OK, 0 rows affected (0.00 sec)
附加:grant sll:若用戶不存在,可以直接創建
驗證
退出容器后,在宿主機上進入資料庫
[root@server1 docker]# yum install mariadb* -y 提供mysql終端,也可以當作服務器
[root@server1 docker]# mysql -h 20.0.0.11 -u root -P 32768 -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> Ctrl-C -- exit!
Aborted
MySQL [(none)]> show databases; //查看并創建資料庫school,做測驗
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
MySQL [(none)]> create database school;
Query OK, 1 row affected (0.01 sec)
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| school |
| sys |
+--------------------+
5 rows in set (0.00 sec)
進入容器資料庫進行驗證:
[root@server1 ~]# docker exec -it 0f7cf5f809ad /bin/bash
[root@0f7cf5f809ad mysql]# mysql -uroot -p
Enter password: 密碼輸入為abc123
mysql> show databases; //發現有資料庫school生成
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| school |
| sys |
附加:僅供實驗參考,生產環境不建議使用,資料庫一般建立在裸金屬上
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/229962.html
標籤:其他
上一篇:centos7 安裝 nginx