安装docker和docker compose 脚本
1
2
3
4
| sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce-19.03.15-3.el7.$(uname -m) docker-ce-cli-19.03.15-3.el7.$(uname -m) containerd.io
sudo systemctl restart docker
|
把docker加入开机自启动 centos7
1
2
3
4
5
6
7
| sudo systemctl enable docker.service
docker -v
docker-compose -v
sudo curl -L "https://get.daocloud.io/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
|
docker 常用 CLI
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| # 过滤容器
docker ps -f "public=80"
docker ps -f "expose=8080"
docker ps -f "name=java*"
docker ps -l # 最近创建的容器
docker ps -n 5 # 最近创建的5条容器
docker pull --platform=arm64 nginx:latest # 拉取指定平台镜像
docker exec -it <container_id|name> /bin/bash # 进入容器
docker logs 87236df554a2 --tail 50 --follow # 查看容器Logs --tail 50最后五十行 ,--follow 跟随日志打印
docker inspect 87236df554a2 -f "\\" # 查看容器所在网络
docker images ls # 查看所有镜像
docker save killua99/coturn:latest -o coturn:arm64.tar # 保存镜像到本地
docker load -i coturn:arm64.tar -q # 载入镜像到本地
docker inspect <container_name|_id> | grep -i logpath # 查看保存在宿主机的的容器logs
docker tag IMAGE[:TAG] [REGISTRY_HOST[:REGISTRY_PORT]/]REPOSITORY[:TAG] # 标记镜像到镜像库
docker push [REGISTRY_HOST[:REGISTRY_PORT]/]REPOSITORY[:TAG] # 推送镜像
# 清理网络占用 ERROR endpoint with name xxxx already exists in network xxx-network
docker network disconnect --force <网络模式> <容器名>
|
docker daemon.js配置 vi /etc/docker/daemon.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| {
"registry-mirrors": [
"https://dockerhub.azk8s.cn",
"https://docker.mirrors.ustc.edu.cn",
"https://mirror.ccs.tencentyun.com",
"https://registry.docker-cn.com"
],
"insecure-registries": [
],
"data-root": "/data/docker",
"log-opts": {
"max-size": "200m",
"max-file": "5"
},
}
|
安装loki 插件
文档:https://grafana.com/docs/loki/latest/send-data/docker-driver/configuration/
1
2
3
4
5
6
7
8
| # 在线安装
docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions # 安装loki插件
docker plugin install miacis/loki-docker-driver:2.9.1 --alias loki --grant-all-permissions # arm64的镜像
# 离线安装,直接把有插件的/var/lib/docker/plugins 的文件夹拷贝过去,然后重启docker
|
如果使用loki插件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| {
"registry-mirrors": [
"https://99ycabo8.mirror.aliyuncs.com",
"https://dockerproxy.com",
"https://hub-mirror.c.163.com",
"https://dockerhub.azk8s.cn",
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com"
],
"max-concurrent-downloads": 10,
"max-concurrent-uploads": 10,
"log-driver": "loki",
"log-opts": {
"loki-url": "http://192.168.7.13:3100/loki/api/v1/push",
"keep-file": true,
"loki-retries": 3,
"loki-batch-size": "500",
"loki-min-backoff": "1s",
"loki-max-backoff": "3s",
"loki-timeout": "5s",
"max-size": "200m",
"max-file": "5"
},
"data-root": "/var/lib/docker",
"bip": "172.100.99.1/24",
"default-address-pools": [
{"base": "172.101.0.0/16", "size": 24}
]
}
|
如果是配置在docker-compose文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| # docker-compose 3.4以上 可以使用模板
version: "3.4"
x-logging:
&loki-logging
driver: loki
options:
loki-url: "http://YOUR_IP:3100/loki/api/v1/push"
keep-file: "true"
loki-retries: 3
loki-batch-size: "500"
loki-min-backoff: "1s"
loki-max-backoff: "3s"
loki-timeout: "5s"
max-size: "50m"
#loki-external-labels: "container_name=,labels_env=develop,labels_app=zhzf"
max-file: "10"
services:
host:
container_name: grafana
image: grafana/grafana
environment:
- TZ=Asia/Shanghai
- LANG=zh_CN.UTF-8
logging: *loki-logging
|
自定义网络
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
| services:
node-1:
image: webapp
deploy:
replicas: 1 # 启动的节点数
resources:
limits:
memory: 1g
networks:
my-network:
ipv4_address: 172.100.101.10 # 指定IP
ipv6_address: 2001:3984:3989::10
node-2:
image: webapp
networks:
- my-network # 自动分配
networks:
my-network:
ipam:
driver: default
config:
- subnet: "172.100.101.0/24"
- subnet: "2001:3984:3989::/64"
|
多台机器互通 (使用路由方法)
1
2
3
4
5
6
7
| docker network create --subnet=172.100.101.0/24 my-network # 创建网段
# 在docker-host-01主机添加到172.100.102.0/24网段的路由,指向docker-host-02的IP:192.168.61.2;
[root@docker-host-01 ~]# route add -net 172.100.102.0/24 gw 192.168.61.2
# 在docker-host-02主机添加到172.100.101.0/24网段的路由,指向docker-host-01的IP:192.168.61.1;
[root@docker-host-02 ~]# route add -net 172.100.101.0/24 gw 192.168.61.1
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| version: "3"
services:
host:
container_name: grafana
image: grafana/grafana
environment:
- TZ=Asia/Shanghai
- LANG=zh_CN.UTF-8
logging:
driver: loki
options:
loki-url: "http://YOUR_IP:3100/loki/api/v1/push"
keep-file: "true"
loki-batch-size: "500"
loki-min-backoff: "1s"
loki-max-backoff: "3s"
loki-timeout: "5s"
#loki-external-labels: "container_name=,labels_env=develop,labels_app=zhzf"
max-size: "50m"
max-file: "10"
|
重置docker的虚拟网桥
1
2
3
4
5
6
7
8
9
10
11
12
13
| # 安装bridge工具
yum install bridge-utils -y
systemctl stop docker
ifconfig docker0 down
## 删除docker0 网卡
brctl delbr docker0
docker -d
systemctl restart docker
sudo ifconfig br-59ec53121ef6 down
sudo brctl delbr br-59ec53121ef6
|
docker迁移/var/lib/docker安装目录
0.查看docker配置信息
docker info
1.停止docker服务
systemctl stop docker
2.新建docker目录
mkdir -p /data/docker
3.使用rsync迁移文件,加上参数-a,注意不要使用cp,否则已启动的容器迁移后会出现docker-entrypoint.sh文件权限问题
rsync -r -avz /var/lib/docker/ /data/docker/
4.配置vi /usr/lib/systemd/system/docker.service 指定到新的路径 -g /data/docker
1
2
3
| #找到下面这行
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock \
-g /data/docker
|
5.重新加载服务
1
2
3
| systemctl daemon-reload
systemctl restart docker
systemctl enable docker
|
6.确认迁移后的配置信息,镜像和容器
1
2
3
| docker info
docker images
docker ps -a
|
通过overlay2文件名找出容器
1
2
3
4
5
| # 1. 首先进入到 /var/lib/docker/overlay2 目录下,查看谁占用的较多
cd /var/lib/docker/overlay2
du -sc * | sort -rn | more
# 2. 通过目录名找出容器
docker ps -q | xargs docker inspect --format ', , , ' | grep "7d88ed59820d4c66b181c083b12bc669b01be3260437e977ed30340a83192ad3"
|
清理Docker容器日志脚本
1
2
3
4
5
6
7
8
9
| #!/bin/sh
echo "======== start clean docker containers logs ========"
logs=$(find /var/lib/docker/containers/ -name *-json.log) # 改成docker info的容器位置
for log in $logs
do
echo "clean logs : $log"
cat /dev/null > $log
done
echo "======== end clean docker containers logs ========"
|
docker二进制版本下载
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
| 说明:此种方式适用多种linux发行版,特别是内网环境,采用systemd管理服务的
#下载二进制离线压缩包
wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.8.tgz
wget https://download.docker.com/linux/static/stable/aarch64/docker-20.10.8.tgz
#解压文件
tar -zxvf docker-20.10.8.tgz
#将二进制文件拷贝到/usr/bin/
cp docker/* /usr/bin/
#注册到系统服务
vim /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd --graph /DATA/docker #指定docker存储目录
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
asksMax=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
#重载
systemctl daemon-reload
#启动服务并加入开机启动
systemctl start docker && systemctl enable docker
#检查
systemctl status docker
|
离线安装buildx 多环境包
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
| #1. 下载二进制包
wget https://github.com/docker/buildx/releases/download/v0.11.1/buildx-v0.11.1.linux-amd64
#2. 给文件改名和赋权,放到目标目录中
mv buildx-v0.11.1.linux-amd64 docker-buildx && \
chmod +x docker-buildx && \
mkdir -p ~/.docker/cli-plugins/ && \
mv docker-buildx ~/.docker/cli-plugins/
#3.验证
docker buildx version
#4. 增加多架构的支持,注意,需要更新linux内核4.8以上,才能使用多架构构建,使用uname -r查询(centos7.6 ISO默认是3.1内核)
docker run --privileged --rm tonistiigi/binfmt --install all
#docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
#5. 验证
docker buildx ls
NAME/NODE DRIVER/ENDPOINT STATUS PLATFORMS
default * docker
default default running linux/amd64, linux/386, linux/arm64, linux/riscv64, linux/ppc64le, linux/s390x, linux/arm/v7, linux/arm/v6
# 构建多架构镜像示例:
docker buildx create --bootstrap --use --name mybuilder --driver docker-container --driver-opt network=host
1. docker buildx build --platform linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/386,linux/ppc64le,linux/s390x -t az/hello . --push
2. docker buildx build --platform linux/amd64,linux/arm64/v8 -t az/hello . --push
# --push 推送 --load保存到本地
|
替换github.com使用代理
1
| sed -i "s#https://github.com#https://mirror.ghproxy.com/https://github.com#g" filename
|
docker网络重置
1
2
3
4
5
6
7
8
9
10
| # 1、停止 docker 守护进程
systemctl stop docker
yum -y install bridge-utils
# 2、关闭 docker 相关的虚拟网卡设备
ip link set docker0 down
# 或者 ifconfig docker0 down
# 3、删除 docker0 等桥接设备
sudo brctl delbr docker0
sudo brctl delbr br-0a43f8c7f8e2
|
使用镜像时替换源,并安装
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
| # alpine
FROM alpine:3.15
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories \
&& apk update \
&& apk add --no-cache git
# Debian10 buster
RUN echo " " > /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian/ buster main non-free contrib" >> /etc/apt/sources.list \
&& echo "deb-src http://mirrors.aliyun.com/debian/ buster main non-free contrib" >> /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian-security buster/updates main" >> /etc/apt/sources.list \
&& echo "deb-src http://mirrors.aliyun.com/debian-security buster/updates main" >> /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib" >> /etc/apt/sources.list \
&& echo "deb-src http://mirrors.aliyun.com/debian/ buster-updates main non-free contrib" >> /etc/apt/sources.list \
&& echo "deb http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib" >> /etc/apt/sources.list \
&& echo "deb-src http://mirrors.aliyun.com/debian/ buster-backports main non-free contrib" >> /etc/apt/sources.list
# Debian12 bookworm
RUN echo " " > /etc/apt/sources.list \
&& echo "deb https://mirrors.huaweicloud.com/debian/ bookworm main non-free non-free-firmware contrib" >> /etc/apt/sources.list \
&& echo "deb-src https://mirrors.huaweicloud.com/debian/ bookworm main non-free non-free-firmware contrib" >> /etc/apt/sources.list \
&& echo "deb https://mirrors.huaweicloud.com/debian-security/ bookworm-security main" >> /etc/apt/sources.list \
&& echo "deb-src https://mirrors.huaweicloud.com/debian-security/ bookworm-security main" >> /etc/apt/sources.list \
&& echo "deb https://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free non-free-firmware contrib" >> /etc/apt/sources.list \
&& echo "deb-src https://mirrors.huaweicloud.com/debian/ bookworm-updates main non-free non-free-firmware contrib" >> /etc/apt/sources.list \
&& echo "deb https://mirrors.huaweicloud.com/debian/ bookworm-backports main non-free non-free-firmware contrib" >> /etc/apt/sources.list \
&& echo "deb-src https://mirrors.huaweicloud.com/debian/ bookworm-backports main non-free non-free-firmware contrib" >> /etc/apt/sources.list
# Ubuntu
# 启动时使用 docker run --name alpine -d alpine:3.15 tail -f /dev/null ,强制镜像取消exit
|
dockerfile
挺说明详细一篇
