Docker 小筆記

Docker 小筆記 === > ref: > **官方安裝指南** > https://docs.docker.com/engine/install/centos/ > https://docs.docker.com/compose/install/ --- ## 執行階段 #### image ``` # 列出 image 清單 docker image ls # 刪除 image docker image rm [IMAGE ID] # 刪除 <none> 標籤的 images docker rmi $(docker images -f "dangling=true" -q) # 刪除未使用的 images docker image prune -f ``` #### 從image生成容器 ``` # docker run [OPTIONS] IMAGE [COMMAND] [ARG...] docker run -d -p 8088:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer ``` > [參數說明](https://docs.docker.com/engine/reference/commandline/run/) -d : 背景執行 -p : port forwarding -v : volume 對映容器內的 image 資料 -e k=v : 傳參數給容器 --rm : docker stop 時自動刪除容器 --privileged : 容器有訪問主機所有設備的權限 --name : 設定 container 名稱 #### 容器 ``` #列出 container docker ps -a #刪除指定 docker container rm [Container Id] #刪除全部 docker container stop $(docker container ls -aq) && docker system prune –af --volumes ``` #### 看容器 log ``` docker logs [container name] --tail 50 -f --timestamps ``` #### 進入容器並執行 ``` docker exec -it [Container ID or Name] sh ``` #### network ``` docker network ls docker network inspect [NETWORK ID] ``` #### 背景執行 ``` docker-compose -d ``` #### 刪除之前的容器、網路。 ``` docker-compose -f docker-compose.yml down ``` #### 從容器內複製檔案到主機 ``` docker cp [Container ID or Name]:"/src_path" "/dest_path" ``` #### cmd ``` // build、create、start docker-compose up // stop、rm docker-comopse down ``` --- ## windows 安裝 [說明](https://docs.microsoft.com/zh-tw/windows/wsl/install-win10#step-4---download-the-linux-kernel-update-package) 1. 下載並安裝 [https://hub.docker.com/editions/community/docker-ce-desktop-windows](https://hub.docker.com/editions/community/docker-ce-desktop-windows) 2. 啟用功能 ``` dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart ``` 3. 將 WSL 2 設定為預設版本 ``` wsl --set-default-version 2 ``` --- ## CentOS 安裝 #### 移除舊版本(option) ``` $ sudo yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-engine sudo yum remove docker-ce docker-ce-cli containerd.io sudo rm -rf /var/lib/docker ``` #### yum更新 ``` yum update ``` #### 安裝需要的軟體 > yum-util 提供yum-config-manager功能 ``` yum install -y yum-utils ``` #### 設置yum來源 ``` yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo ``` #### 安裝docker ``` yum install docker-ce docker-ce-cli containerd.io -y ``` #### 啟動並加入開機啟動 ``` systemctl start docker; systemctl enable docker; ``` #### 安裝 docker-compose 並更新 ``` sudo yum install epel-release -y &&\ sudo curl -L "https://github.com/docker/compose/releases/download/1.27.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose &&\ sudo chmod +x /usr/local/bin/docker-compose &&\ docker-compose --version ``` --- ## 移除 ``` sudo rm /usr/local/bin/docker-compose ``` --- ## 啟用 Docker RestAPI [Docker RestAPI SPEC](https://docs.docker.com/engine/api/v1.41/) 如果是用 systemcel 啟動的話 ``` vi /lib/systemd/system/docker.service --- # 找到 ExecStart 這行, 並加入 -H=tcp://0.0.0.0:2375, 如下 ExecStart=/usr/bin/dockerd -H=fd:// -H=tcp://0.0.0.0:2375 --- # 重啟 docker systemctl restart docker ``` --- ## 私有倉庫 Docker Registry #### 啟動 [官方image](https://hub.docker.com/_/registry) 已經更新到2.7.1版(但是hash與2相同??) ``` docker run -d -p 5000:5000 -v /home/user1/storage:/var/lib/registry --name registry registry:2 ``` 用 docker-compose 方式啟動 ``` version: '3.3' services: # 管理registry的web介面 registry_web: container_name: registry_web restart: always image: parabuzzle/craneoperator:latest environment: - "REGISTRY_HOST=service.cloudx.local" - "REGISTRY_PORT=5000" - "REGISTRY_PROTOCOL=http" - "SSL_VERIFY=false" - "ALLOW_REGISTRY_LOGIN=true" - "REGISTRY_ALLOW_DELETE=true" ports: - 3000:80 registry: # registry 本體 container_name: registry restart: always image: registry:2 environment: - "REGISTRY_STORAGE_DELETE_ENABLED=true" ports: - 5000:5000 volumes: # - ./config/config.yml:/etc/docker/registry/config.yml:ro - ./data:/var/lib/registry ``` #### 使用 ``` #對現有image打上tag #e.g. docker tag webapi 35.222.101.178:5000/webpai docker tag [local_image] [registry_host]/[server_image] docker push [registry_host]/[server_image] docker pull [registry_host]/[server_image] ``` push/pull 前需修改 docker 設定 > 出現下列錯誤的話 > Get [registry_host]/v2/: http: server gave HTTP response to HTTPS client windows 用 docker desktop 設定後重啟 docker ![](https://i.imgur.com/TwmF6QH.png) 或是修改設定檔案, 預設路徑 C:\Users\\%USERNAME%\\.docker\daemon.json linux 預設沒有daemon.json 需要自己建立 ``` vi /etc/docker/daemon.json --- { "insecure-registries": ["registry.cloudx.com.tw:8000"] } --- # 重啟 docker systemctl restart docker ``` 可使用 rest api 來查詢倉庫的 images [官方文件](https://docs.docker.com/registry/spec/api/) ``` # Listing Repositories GET /v2/_catalog # Listing Image Tags GET /v2/<name>/tags/list ``` --- ## Portainer (Docker可視化管理工具) > [官方安装说明](https://documentation.portainer.io/archive/1.23.2/deployment/) ``` docker run -d -p 9000:9000 -p 8000:8000 \ --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock \ -v /var/portainer/data:/data portainer/portainer ``` 要使用docker api來增加外部endpoint的話, 目標要先啟用 [docker restapi](#啟用-Docker-RestAPI) --- ## shipyard (Docker可視化管理工具) [官方部屬教學](https://shipyard-project.com/deploy/) > 很複雜, 建議直接走 docker-compose 的方式 ``` vi /var/shipyard/docker-compose.yml ``` ``` version: '2' services: rethinkdb: container_name: shipyard-rethinkdb image : rethinkdb discovery: container_name: shipyard-discovery image : microbox/etcd command : -name discovery ports : - 4001:4001 - 7001:7001 proxy: container_name: shipyard-proxy image : shipyard/docker-proxy:latest ports : - 2375:2375 volumes : - /var/run/docker.sock:/var/run/docker.sock swarm-manager: container_name: shipyard-swarm-manager image : swarm:latest command : manage --host tcp://0.0.0.0:3375 etcd://discovery:4001 swarm-agent: container_name: shipyard-swarm-agent image : swarm:latest command : join --addr proxy:2375 etcd://discovery:4001 controller: container_name: shipyard-controller image : shipyard/shipyard:latest command : server -d tcp://swarm-manager:3375 links : - rethinkdb - swarm-manager ports : - 8080:8080 ``` ``` docker-compose up -d ``` > 預設帳密為 admin shipyard --- ### 建立一個base image ``` # FROM scratch # FROM busybox FROM alpine:latest # 安裝壓縮及解壓縮 RUN apk add --no-cache --upgrade bash && \ apk add postgresql-libs libpq zip unzip tree RUN mkdir app COPY ./ ./app RUN zip app.zip app/* # 啟動時解壓縮並覆蓋目錄 CMD ["unzip", "-o", "app.zip"] # 每10秒ping一次自己, 達到服務不中斷 # CMD ["ping", "-i", "10", "localhost"] ```