1. Docker是什麼
Docker 是一個開源的應用容器引擎,基於 Go 語言 並遵從Apache2.0協議開源。Docker 可以讓開發者打包他們的應用以及依賴包到一個輕量級、可移植的容器中,然後發佈到任何流行的 Linux 機器上,也可以實現虛擬化。容器是完全使用沙箱機制,相互之間不會有任何接口(類似 iPhone 的 app),容器性能開銷極低。
特點:像虛擬機但是更加依賴host machine,比之開銷更低,移植性更好
用Docker的logo來通俗解釋:鯨魚(或者是貨輪)是操作系統,應用程序看作是貨物,原本要將各種各樣形狀、尺寸不同的貨物放到大鯨魚上,你得爲每件貨物考慮怎麼安放(就是應用程序配套的環境),還得考慮貨物和貨物是否能疊起來(應用程序依賴的環境是否會衝突)。現在使用了集裝箱(容器)把每件貨物都放到集裝箱裏,這樣大鯨魚可以用同樣地方式安放、堆疊集裝了,省事省力。
2. Docker的Ubuntu配置
一個很好的教程 https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-16-04
需求:64bit Ubuntu + 內核>3.10 (用 uname -r 檢查) + non-root user + sudo 特權
安裝步驟:
1. add the GPG key for the official Docker repository to the system: 關於gpgkey教程: http://www.ruanyifeng.com/blog/2013/07/gpg.html
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 2. Add the Docker repository to APT sources list :
6. 檢測是否成功運行 查看docker的服務是否啓動
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"sudo apt-get updateapt-cache policy docker-cedocker-ce:
Installed: (none)
Candidate: 17.03.1~ce-0~ubuntu-xenial
Version table:
17.03.1~ce-0~ubuntu-xenial 500
500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
17.03.0~ce-0~ubuntu-xenial 500
500 https://download.docker.com/linux/ubuntu xenial/stable amd64 Packages
sudo apt-get install -y docker-ce6. 檢測是否成功運行 查看docker的服務是否啓動
sudo systemctl status dockerOutput
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2016-05-01 06:53:52 CDT; 1 weeks 3 days ago
Docs: https://docs.docker.com
Main PID: 749 (docker)
Installing Docker now gives you not just the Docker service (daemon) but also the docker command line utility, or the Docker client. We'll explore how to use the docker command later in this tutorial. 如果未啓動服務則使用以下代碼:
$ sudo systemctl enable docker
$ sudo systemctl start docker 查看是否安裝成功
$ docker run hello-world3. 避免sudo前綴
默認情況下, docker 命令會使用 Unix socket 與 Docker 引擎通訊。而只有 root 用戶和docker 組的用戶纔可以訪問 Docker 引擎的 Unix socket。出於安全考慮,一般 Linux 系統上不會直接使用 root 用戶。因此,更好地做法是將需要使用 docker 的用戶加入 docker用戶組。
0. 創建用戶組(此處爲docker)
$ sudo groupadd docker 1. add your username to the docker group:
sudo usermod -aG docker ${USER}su - ${USER}id -nGsammy sudo docker
If you need to add a user to the docker group that you're not logged in as, declare that username explicitly using:
sudo usermod -aG docker username 1. docker查看所有指令
docker
As of Docker 1.11.1, the complete list of available subcommands includes:
Output
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
network Manage Docker networks
pause Pause all processes within a container
port List port mappings or a specific mapping for the CONTAINER
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart a container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Display the running processes of a container
unpause Unpause all processes within a container
update Update configuration of one or more containers
version Show the Docker version information
volume Manage Docker volumes
wait Block until a container stops, then print its exit code
0. 其他問題:
a. 使用docker出現timeout錯誤
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
78445dd45222: Pulling fs layer
docker: error pulling image configuration: Get https://dseasb33srnrn.cloudfront.net/registry-v2/docker/registry/v2/blobs/sha256/48/48b5124b2768d2b917edcb640435044a97967015485e812545546cbed5cf0233/data?Expires=1490975964&Signature=OUmibCvoXIlDlmt-GF187GDtJySfLIHJdgfs~GTyzARgOPaVYLfU8kLKKFnS3NczD39-PtCdTxEMKmE0IigxpsmDQimidTyuqOIlac-wDGhrLPveHoKIUYZ9QP9hzzAvRyhci9wrsWJJkrsOz3ITUaNRDM3z9xHyyQi07WQGLiQ_&Key-Pair-Id=APKAJECH5M7VWIS5YZ6Q: dial tcp: lookup dseasb33srnrn.cloudfront.net on 192.168.65.1:53: read udp 192.168.65.2:55172->192.168.65.1:53: i/o timeout.
See 'docker run --help'.Solu: may be you are behind a firewall/proxy server. i was also behind my office firewall so i tried below steps which resolved this issue.
For setting up proxy for docker, please do the following:
(1). Create a systemd drop-in directory for the docker service:
$ mkdir -p /etc/systemd/system/docker.service.d
$ vim /etc/systemd/system/docker.service.d/http-proxy.conf [Service]
Environment="HTTP_PROXY=http://<allowed_proxy_ipv4_address>:<proxy_port_num>/" $ vim /etc/systemd/system/docker.service.d/https-proxy.conf [Service]
Environment="HTTPS_PROXY=https://<allowed_proxy_ipv4_address>:<proxy_port_num>/"(4). Restart Docker: $ sudo systemctl restart docker
(5). Verify that the configuration has been loaded: $ systemctl show --property=Environment docker