Centos 6.5 安装和使用docker

基于本人一贯的习惯,关于“某某某是什么”这样的问题,请百度吧,会有更专业的人士,会比我说的更详细更深,这里我只给出本人亲历的安装和使用过程。

1.安装

先检查服务器环境,docker要求操作系统CentOS6以上,kernel 版本必须2.6.32-431或更高,即>=CentOS 6.5,运行docker时实际提示3.8.0及以上,必须64bit,32bit不支持docker。

[root@201 ~]# uname -r
2.6.32-642.1.1.el6.x86_64

docker的存储驱动是Device Mapper,看下你的驱动是否符合

[root@201 ~]# grep device-mapper /proc/devices
253 device-mapper

看来我们符合以上要求,然后开始安装。

对于centos 6.5 需要先安装源

[root@201 ~]# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

注意centos 6要安装的是docker-io来源于Fedora epel库,是第三方库,所以先要确保安装了epel

[root@201 ~]# rpm -q epel-release
epel-release-6-8.noarch

ok,我们已经安装过epel,然后yum一下,稍等片刻就安装成功

[root@201 ~]# yum install docker-io -y

如果系统是centos 7则不用以上步骤,并且安装包是docker而不是docker-io

[root@201 ~]# yum install docker -y
2.启动

启动守护进程

[root@201 ~]# service docker start

查看启动信息

[root@201 data]# docker info
Containers: 0
Images: 0
Storage Driver: devicemapper
 Pool Name: docker-253:0-286421-pool
 Pool Blocksize: 65.54 kB
 Backing Filesystem: extfs
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data Space Used: 305.7 MB
 Data Space Total: 107.4 GB
 Data Space Available: 3.536 GB
 Metadata Space Used: 729.1 kB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.147 GB
 Udev Sync Supported: true
 Deferred Removal Enabled: false
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.117-RHEL6 (2016-04-01)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 2.6.32-642.1.1.el6.x86_64
Operating System: <unknown>
CPUs: 1
Total Memory: 996.2 MiB
Name: 201.liberalman.cn
ID: BHFO:EYCF:XVAZ:J637:2LUV:RR6Y:UR7Z:MZ43:PR4N:CGUD:7EAJ:5SBI

设置开机启动

[root@201 ~]# chkconfig docker on

docker日志路径

/var/log/docker
3.实例测试
测试1

我们下载一个centos image

[root@201 data]# docker pull centos
latest: Pulling from centos
3690474eb5b4: Pull complete
342c399b9d0e: Pull complete
915b9d3c92fc: Downloading 23.78 MB/70.58 MB
915b9d3c92fc: Downloading 70.58 MB/70.58 MB
d5c89a2047c8: Download complete 
Digest: sha256:14bc8ca808518a2703b6eff1a5f3b7065d4b5d4b388b575ae6a27db8791ab19b
Status: Downloaded newer image for centos:latest

列出镜像,指定centos关键词看看我们下载的镜像

[root@201 data]# docker images centos
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
centos              latest              d5c89a2047c8        33 hours ago        196.7 MB

我们下载了一个近200M的镜像,好,运行container

[root@201 data]# docker run -i -t centos /bin/bash
[root@f41d95a52943 /]#

-t表示传递给容器tty终端,-i是interactive,表示可以交互。可以看到我的终端也由root@201 data变成了root@f41d95a52943,说明进入了容器的终端,要退出输入exit就可以。如果要新开一个终端进入我们之前启动的容器,先查询container id

[root@201 data]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
f41d95a52943        centos              "/bin/bash"         12 minutes ago      Up 12 minutes                           backstabbing_poincare

id是f41d95a52943然后在新终端中登录

docker exec -it f41d95a52943 /bin/bash

这样就可以登录了。

我们在docker中起了一个centos的最小系统,登录到此系统[root@f41d95a52943 /]后,查看下其ip地址,发现没有ifconfig命令,使用 yum install net-tools 安装后

[root@f41d95a52943 /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:acff:fe11:1  prefixlen 64  scopeid 0x20<link>
        ether 02:42:ac:11:00:01  txqueuelen 0  (Ethernet)
        RX packets 10375  bytes 12736213 (12.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5643  bytes 309098 (301.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

可以看到我们docker中的centos系统,分配了一个ip 172.17.0.1,对外ping百度等网站可以ping通!是不是到此就结束了呢,当重启container的时候,你就会发现,ifconfig命令又没有了,默认是不会为我们保存修改的,所以需要我们提交对image的修改。在宿主机中查询容器id,然后提交修改

查看刚运行过的容器
[root@201 ~]# docker ps -l
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS                     NAMES
4e108c90fa11        centos              "/bin/bash"         2 minutes ago       Up 2 minutes                                  ecstatic_franklin 
[root@201 ~]# docker start 4e108c90fa11
4e108c90fa11
然后连上去
[root@201 ~]# docker exec -it 4e108c90fa11 /bin/bash
安装net-tools包
[root@4e108c90fa11 /]# yum install net-tools -y
退出,在宿主机上提交评论
[root@201 ~]# docker commit -m="add net-tools packages,nclude ifconfig command" 4e108c90fa11
129d59168480299c786d0585e9eb74fdbde3dcd00ee2cd2815d11b7749e53ac7

好,现在重新启动刚才的container,连上去试试ifconfig,就会发现ifconfig已经保存在image中了。

测试2

宿主机上,我们在container上运行一个web服务器

[root@201 data]# docker run -d -P training/webapp python app.py
Unable to find image 'training/webapp:latest' locally
latest: Pulling from training/webapp
e9e06b06e14c: Pull complete 
02a8815912ca: Download complete 
Status: Downloaded newer image for training/webapp:latest
f0b7172ab3a14e6f078e7b01310a3b027e28234baf44f4f6f1aa68465e854f60

这个web应用为docker官方提供,本地没有,所以自动去仓库下载,很方便的实现image,code 共享,并且到处运行。
image都是分层的,所以更改后构建比较快速。

[root@201 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS                     NAMES
272a09b3f713        training/webapp     "python app.py"     About a minute ago   Up About a minute   0.0.0.0:32768->5000/tcp   serene_jang

看到web服务器将docker内部的5000端口映射到我们宿主机的的32768端口,同时我们在宿主机上查看ip信息

[root@201 ~]# ps -ef|grep docker-proxy|grep -v "grep"
root      3163  3041  0 10:56 pts/0    00:00:00 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 32768 -container-ip 172.17.0.1 -container-port 5000
[root@201 ~]# netstat -npl|grep 32768
tcp        0      0 :::32768                    :::*                        LISTEN      3163/docker-proxy 
[root@201 ~]# ifconfig
docker0   Link encap:Ethernet  HWaddr 82:EA:95:80:A9:F3  
          inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::c057:bbff:fe36:55cf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:612 (612.0 b)  TX bytes:468 (468.0 b)

eth0      Link encap:Ethernet  HWaddr 08:00:27:DD:0D:82  
          inet addr:192.168.1.201  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fedd:d82/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:304 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:46223 (45.1 KiB)  TX bytes:67929 (66.3 KiB)

宿主机的ip是192.168.1.201,我们访问这个web服务器,通过宿主机上的浏览器访问http://192.168.1.201:32768/,看到输出

Hello world!
4.制作属于自己的镜像

突发奇想,制作一个mysql镜像,然后在自己服务器上开一堆mysql的服务,提供不同端口来访问,搞个集群什么的,呵呵

首先创建一个目录/data/mysql,并创建一个Dockerfile文件,文件内容如下
vim Dockerfile

FROM centos6:centos6
MAINTAINER liberalman 
RUN yum install -y mysql-server

RUN service mysqld start &&\
        mysql -e "grant all privileges on *.* to 'socho'@'%' identified by 'Looks137';"&&\
        mysql -u root -e "show databases;"

VOLUME ["/data/volume1"]
EXPOSE 3306

注意:当初写此文的时候,在线拉取的mysql镜像还是5.6版本的,现在都成了5.7了,有读者反映上面的配置运行不通过,因为mysql 5.7开始,密码会随机保存到安装Mysql的用户根目录下创建一个.mysql_secret文件中,5.7.6之后更是保存到了mysqld.log中。所以目前这个配置已经不能用了,等我找到5.7之后的解决办法再更新,抱歉!
在Dockerfile所在目录下运行build命令来生成image文件,指定文件名mysql_test

[root@201 mysql]# docker build -t mysql_test ./
...
Starting mysqld:  [  OK  ]
Database
information_schema
mysql
test
...
Successfully built ac45bc85be5e
创建成功,查看镜像
[root@201 ~]# docker images mysql_test
REPOSITORY          TAG                 IMAGE ID            CREATED              VIRTUAL SIZE
mysql_test          latest              ac45bc85be5e        About a minute ago   374.3 MB

这会创建一个在centos6系统上安装的mysql服务器,镜像名称是mysql_test,同时也会将centos6系统下载到本地来。好嘞,启动下

[root@201 ~]# docker run --name=mysqlserver -d -P mysql_test
a903be8b69fe540395e61a6cff3db16cf944ca1177cb581f7e591247a12b0737
[root@201 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED              STATUS              PORTS                     NAMES
a903be8b69fe        mysql_test         "/usr/bin/mysqld_saf   About a minute ago   Up About a minute   0.0.0.0:32769->3306/tcp   mysqlserver

容器内的数据库已经启动了,而且映射到宿主机32769端口,连接下

[root@201 mysql]# mysql -hlocalhost -uroot -P 32769            
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.1.73 Source distribution

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

连接正常,mysql可以用了。既然是用docker,我们就要体现它的牛逼之处,所以我要启动2个以上的mysql容器,以后用来做数据库集群也可以啊,哈哈

[root@201 ~]# docker run -p 3307:3306 --name=mysqlserver1 -d -P mysql_test1 
8126d375d2f832a0381704424b45669178bc718598c1c8fa8868587455df6fed
[root@201 ~]# docker run -p 3308:3306 --name=mysqlserver2 -d -P mysql_test  
ad920abde38b249e35600bf75f64bc44e7a007b399995e4e0fa17e7c9e5ed1a2
[root@201 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED              STATUS              PORTS                     NAMES
ad920abde38b        mysql_test         "/usr/bin/mysqld_saf   21 seconds ago      Up 20 seconds       0.0.0.0:3308->3306/tcp    mysqlserver2
8126d375d2f8        mysql_test         "/usr/bin/mysqld_saf   About a minute ago   Up About a minute   0.0.0.0:3307->3306/tcp    mysqlserver1        
a903be8b69fe        mysql_test         "/usr/bin/mysqld_saf   34 minutes ago       Up 34 minutes       0.0.0.0:32769->3306/tcp   mysqlserver

看吧,启动三个容器,分别按32769、3307、3308三个不同的端口连接都OK,数据库相互独立不影响。

做了以上的活还不够,如果真的要在生产环境中使用多个mysql,最好在Dockerfile文件中设置容器中mysql的datadir目录挂载宿主机目录下,以便将真实产生的数据写入到宿主机中,否则容器一关闭所有的数据就丢失了,当然不同容器挂载到宿主机中的目录一定要不同,千万不要数据混淆了

VOLUME ["/var/lib/mysql"]

好了,到此写了很多,先写到这里,接下来研究怎么做弹性伸缩和扩容!

5.docker命令

关闭容器
- docker stop 容器名
- docker kill 容器名

杀死所有正在运行的容器
- docker kill $(docker ps -a -q)

删除所有已经停止的容器
- docker rm $(docker ps -a

删除所有未打 dangling 标签的镜像
- docker rmi $(docker images -q -f dangling=true)

通过image id删除镜像
- docker rmi -f

删除所有镜像
- docker rmi $(docker images -q)

搜索和centos相关的镜像

[root@201 data]# docker search centos
NAME                          DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
centos                        The official build of CentOS.                   2453      [OK]       
jdeathe/centos-ssh            CentOS-6 6.8 x86_64 / CentOS-7 7.2.1511 x8...   26                   [OK]
nimmis/java-centos            This is docker images of CentOS 7 with dif...   13                   [OK]
million12/centos-supervisor   Base CentOS-7 with supervisord launcher, h...   12                   [OK]
consol/centos-xfce-vnc        Centos container with "headless" VNC sessi...   10                   [OK]
torusware/speedus-centos      Always updated official CentOS docker imag...   8                    [OK]
nickistre/centos-lamp         LAMP on centos setup                            4                    [OK]
...

查看运行中某个容器的进程,容器id是f41d95a52943

[root@201 data]# docker top f41d95a52943
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                5845                5388                0                   14:23               pts/2               00:00:00            /bin/bash

查询日志
- docker logs <容器id>

6.遇到问题

1.启动失败,查看日志文件后,发现
symbol dm_task_get_info_with_deferred_remove, version Base not defined in file libdevmapper.so.1.02 with link time reference

解决办法:执行:yum upgrade device-mapper-libs

2.Error response from daemon: Cannot start container d9bf569e3f0db33bc3d800cca4e6be1ccf7ac89e91951ba6486e3239f92516a5: [8] System error: mountpoint for cgroup not found

解决办法:因为cgroup在宿主机上没有挂载。

vim /etc/fstab

none /sys/fs/cgroup cgroup defaults 0 0

重启机器,docker也重启下即可

3.Conflict. The name “mysqlserver” is already in use by container 19a5ab1401f6

命名冲突问题,删掉

docker rm mysqlserver