docker的部署及使用
1.安裝docker
1.查看系統環境:
[root@bogon ~]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@bogon ~]# uname -r
3.10.0-514.el7.x86_64
[root@bogon ~]# systemctl stop firewalld
[root@bogon ~]# systemctl disable firewalld
[root@bogon ~]# setenforce 0
2.安裝docker
[root@bogon ~]# yum install -y docker
4.啟動docker並設置開機自啟
[root@bogon ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
5.更改docker鏡像源(默認會去國外官方站點下載,可能會慢也有被攔截的風險,所以改成國內的)
[root@bogon ~]# docker deamon –help
上述命令可以查看到下面文件中需要添加參數的幫助信息。
[root@bogon ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd-current --registry-mirror=https://a14c78qe.mirror.aliyuncs.com \
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
6.加載下文件
[root@bogon ~]# systemctl daemon-reload
7.啟動docker
[root@bogon ~]# systemctl start docker
Docker啟動報錯解決方案:
啟動不成功會提示去哪裏看報錯,如下:
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
[root@bogon ~]# journalctl -xe
#仔細看報錯文件,如果是如下報錯:
-- Unit docker.service has begun starting up.
8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.529170789+08:00" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
8月 28 16:42:20 bogon dockerd-current[3316]: time="2018-08-28T16:42:20.542715409+08:00" level=info msg="libcontainerd: new containerd process, pid: 3321"
8月 28 16:42:22 bogon dockerd-current[3316]: Error starting daemon: SELinux is not supported with the overlay2 graph driver on this kernel. Either boot into a newer kernel or disable selinux in docker (--selin
8月 28 16:42:22 bogon systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
8月 28 16:42:22 bogon systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
解決方法:
修改下面配置文件內容
[root@bogon ~]# vim /etc/sysconfig/docker
#下面內容中添加×××部分
OPTIONS=‘--selinux-enabled=false --log-driver=journald --signature-verification=false‘
修改後再次啟動就可以了
8.docker啟動後查看下狀態:
[root@bogon ~]# systemctl status docker
#下面綠色部分說明啟動沒有問題
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2018-08-28 16:46:06 CST; 5min ago
Docs: http://docs.docker.com
Main PID: 3390 (dockerd-current)
CGroup: /system.slice/docker.service
├─3390 /usr/bin/dockerd-current --registry-mirror=https://a14c78qe.mirror.aliyuncs.com --ad...
└─3395 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-co...
8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.866842623+08:00" level=info...ds"
8月 28 16:46:05 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.868038662+08:00" level=info...t."
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:05.999481830+08:00" level=info...se"
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.180906259+08:00" level=info...ss"
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.281198675+08:00" level=info...e."
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.285045777+08:00" level=warn...ix"
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334406287+08:00" level=info...on"
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.334428391+08:00" level=info...3.1
8月 28 16:46:06 bogon systemd[1]: Started Docker Application Container Engine.
8月 28 16:46:06 bogon dockerd-current[3390]: time="2018-08-28T16:46:06.370242046+08:00" level=info...ck"
Hint: Some lines were ellipsized, use -l to show in full.
2.docker簡單操作
鏡像的下載
[root@bogon ~]# docker pull alpine
Using default tag: latest
Trying to pull repository docker.io/library/alpine ...
latest: Pulling from docker.io/library/alpine
8e3ba11ec2a2: Pull complete
Digest: sha256:7043076348bf5040220df6ad703798fd8593a0918d06d3ce30c6c93be117e430
Status: Downloaded newer image for docker.io/alpine:latest
鏡像的搜索,如下搜索一個nginx鏡像
[root@bogon ~]# docker search nginx
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/nginx Official build of Nginx. 9370 [OK]
docker.io docker.io/jwilder/nginx-proxy Automated Nginx reverse proxy for docker c... 1388 [OK]
docker.io docker.io/richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable ... 609 [OK]
docker.io docker.io/jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as... 396 [OK]
docker.io docker.io/kong Open-source Microservice & API Management ... 219 [OK]
docker.io docker.io/webdevops/php-nginx Nginx with PHP-FPM 111 [OK]
docker.io docker.io/kitematic/hello-world-nginx A light-weight nginx container that demons... 108
docker.io docker.io/zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server ... 63 [OK]
docker.io docker.io/bitnami/nginx Bitnami nginx Docker Image 57 [OK]
docker.io docker.io/1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 43 [OK]
docker.io docker.io/linuxserver/nginx An Nginx container, brought to you by Linu... 38
docker.io docker.io/tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 20 [OK]
docker.io docker.io/blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 12 [OK]
docker.io docker.io/nginxdemos/nginx-ingress NGINX Ingress Controller for Kubernetes . ... 11
docker.io docker.io/wodby/drupal-nginx Nginx for Drupal container image 10 [OK]
docker.io docker.io/nginxdemos/hello NGINX webserver that serves a simple page ... 8 [OK]
docker.io docker.io/webdevops/nginx Nginx container 8 [OK]
下載nginx鏡像:
[root@bogon ~]# docker pull nginx
查看本地鏡像:
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest c82521676580 4 weeks ago 109 MB
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
鏡像的導出:
[root@bogon ~]# docker save nginx >/tmp/nginx.tar.gz
[root@bogon ~]# ls /tmp/
nginx.tar.gz
鏡像刪除操作
[root@bogon ~]# docker rmi nginx
Untagged: nginx:latest
Untagged: docker.io/nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
Deleted: sha256:c82521676580c4850bb8f0d72e47390a50d60c8ffe44d623ce57be521bca9869
Deleted: sha256:2c1f65d17acf8759019a5eb86cc20fb8f8a7e84d2b541b795c1579c4f202a458
Deleted: sha256:8f222b457ca67d7e68c3a8101d6509ab89d1aad6d399bf5b3c93494bbf876407
Deleted: sha256:cdb3f9544e4c61d45da1ea44f7d92386639a052c620d1550376f22f5b46981af
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
導入鏡像導入:
[root@bogon ~]# docker load < /tmp/nginx.tar.gz
cdb3f9544e4c: Loading layer 58.44 MB/58.44 MB
a8c4aeeaa045: Loading layer 54.24 MB/54.24 MB
08d25fa0442e: Loading layer 3.584 kB/3.584 kB
Loaded image: docker.io/nginx:latest
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest c82521676580 4 weeks ago 109 MB
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
docker鏡像啟動:(run其實是兩個命令的結合,一個是create,創建容器,一個是run運行容器)
[root@bogon ~]# docker run alpine sh
上述這樣啟動是免交互的相當於後臺運行。
[root@bogon ~]# docker run -it alpine sh
/ #
#加上-it後會啟動鏡像並進入到鏡像內。
/ # cd /tmp/
/tmp # ls
/tmp # mkdir abc
/tmp # touch 111
/tmp # ls
111 abc
/tmp # exit
#可以在容器裏進行操作,exit退出,容器退出即關閉,想退出不關閉,按住ctrl按下p按下q就可以退出不關閉。
查看正在運行的容器:
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
顯示所有的容器,不管是否在運行。
[root@bogon ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
212334d5b4e6 alpine "sh" 21 minutes ago Exited (0) 18 minutes ago stupefied_mclean
939f8d7c326a alpine "sh" 22 minutes ago Exited (0) 22 minutes ago keen_ramanujan
刪除容器:
[root@bogon ~]# docker rm 212334d5b4e6 939f8d7c326a
#rm後面加上容器的ID,運行中的容器刪除時會報錯,需要在rm後面加上-f強制刪除
212334d5b4e6
939f8d7c326a
運行nginx容器:
[root@bogon ~]# docker run -it --name mynginx nginx
#--name:給運行的容器指定個名稱,默認會隨機起個名,不好識別
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8c39a0d44943 nginx "nginx -g ‘daemon ..." 56 seconds ago Up 55 seconds 80/tcp mynginx
顯示容器的詳細信息:
[root@bogon ~]# docker inspect mynginx (可以指定容器的ID號)
[
{
"Id": "8c39a0d449436812f7384cdad68dbb7cf303a20cf2e04f4360754e4941575c5d",
"Created": "2018-08-28T10:12:27.182865131Z",
"Path": "nginx",
"Args": [
"-g",
"daemon off;"
。。。。。。。。。。
最後幾行信息
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "44fcef1e4efb63b10dc5742f09d18848e25b235f5c2f7c38ad6d1a05d00946ba",
"EndpointID": "2b6d3969bfaffbbbbd166f694f7bf3e1fc5945195849cf12c45ee0906a010275",
"Gateway": "172.17.0.1", #網關
"IPAddress": "172.17.0.2", #Ip地址
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"
}
}
}
}
]
Curl 下ip地址看能否訪問:
[root@bogon ~]# curl 172.17.0.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
進入已經運行的容器中
[root@bogon ~]# docker attach mynginx
這種方法進入沒有bash終端,並且輸入信息其他終端也可以看見且無法直接退出,只有ctrl+p+q退出
[root@bogon ~]# docker exec -it mynginx sh
這種方式是比較推薦的,會提供一個指定的bash終端,可以做任意操作。
ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
#
[root@bogon ~]# docker run -it -d --name mynginx nginx
#-d:後臺運行,-d和-rm是沖突參數,只能
81a545910b0d1215fedc279ec38ff65a4a7ddbc7be1b8f37ed7b87fa8a6c244a
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81a545910b0d nginx "nginx -g ‘daemon ..." 7 seconds ago Up 6 seconds 80/tcp mynginx
查看docker裏面服務的訪問日誌:
[root@bogon ~]# docker logs mynginx
172.17.0.1 - - [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
[root@bogon ~]# docker logs -f mynginx
172.17.0.1 - - [28/Aug/2018:11:43:16 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [28/Aug/2018:11:44:50 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [28/Aug/2018:11:44:51 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
172.17.0.1 - - [28/Aug/2018:11:44:52 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"
#docker logs -f 類似於tailf日誌追蹤
3.Docker鏡像制作
1.下載centos鏡像:
[root@bogon ~]# docker pull centos
2.運行容器並進入容器裏:
[root@bogon ~]# docker run -it centos bash
[root@0fca23e3d80d /]#
3.默認沒有wget,先yum一個wget:
[root@0fca23e3d80d /]# yum install -y wget
4.切換成阿裏雲源
[root@0fca23e3d80d /]# cd /etc/yum
yum/ yum.conf yum.repos.d/
[root@0fca23e3d80d /]# cd /etc/yum
yum/ yum.conf yum.repos.d/
[root@0fca23e3d80d /]# cd /etc/yum.repos.d/
[root@0fca23e3d80d yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo
CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo
[root@0fca23e3d80d yum.repos.d]# rm -f *
[root@0fca23e3d80d yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
阿裏雲epel源;
[root@0fca23e3d80d yum.repos.d]# yum install -y epel-release
[root@0fca23e3d80d yum.repos.d]# ls
CentOS-Base.repo epel-testing.repo epel.repo
5.安裝nginx:
[root@0fca23e3d80d yum.repos.d]# yum install -y nginx
配置nginx
[root@0fca23e3d80d yum.repos.d]# vi /etc/nginx/nginx.conf
#添加×××部分
user nginx;
daemon off;
查看下docker commit幫助
[root@bogon ~]# docker commit --help
Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container‘s changes
Options:
-a, --author string Author (e.g., "John Hannibal Smith <[email protected]>")
-c, --change list Apply Dockerfile instruction to the created image (default [])
--help Print usage
-m, --message string Commit message
-p, --pause Pause container during commit (default true)
[root@bogon ~]# docker commit -m "add nginx images" mynginx liyongli/my_nginx
語法:-m後面是描述
Mynginx:運行的容器名
liyongli/my_nginx:鏡像名
查看本地鏡像會發現多一個×××部分的鏡像
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liyongli/my_nginx latest 66ff70d8a103 22 seconds ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
tag號默認是latest,在上述鏡像名後面加上×××部分tag就是你指定的liyongli/my_nginx:v1
[root@bogon ~]# docker commit -m "add nginx images" happy_perlman liyongli/my_nginx:v1
sha256:e6cdb103b333963c17a7ef185e0ec040b3f25c93e3aabaa152040b569cfbe804
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
liyongli/my_nginx v1 e6cdb103b333 4 seconds ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 4 minutes ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
啟動自己做的鏡像:
[root@bogon ~]# docker run -d --name mnginx liyongli/my_nginx nginx
--name:運行容器的描述
liyongli/my_nginx:鏡像名
nginx:運行的服務名
5a15d9986e8f460ff047ab716f809309a7e828218986d95df7749b1115b33953
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a15d9986e8f liyongli/my_nginx "nginx" 11 seconds ago Up 10 seconds mnginx
0fca23e3d80d centos "bash" About an hour ago Up About an hour happy_perlman
Docker網絡
Docker端口映射:
[root@bogon ~]# docker run -d --name mnginx -P nginx
#-P:端口映射
dc1c5779e7b9f0146376da4bcad1827fe2f80c1fac39c21b7076ce65e4446d51
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dc1c5779e7b9 nginx "nginx -g ‘daemon ..." 7 seconds ago Up 6 seconds 0.0.0.0:32768->80/tcp mnginx
將隨機產生一個端口映射到容器裏的80
訪問驗證:
[root@bogon ~]# docker run --name my_nginx -d -p 80:80 liyongli/my_nginx nginx
liyongli/my_nginx:鏡像名
nginx:鏡像裏的服務
#-p:指定80端口去映射docker上的80
c826a3ea327a0f2957c9f4181af8d4408e8d7de1ebee645def8e07891afc2757
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c826a3ea327a liyongli/my_nginx "nginx" 12 seconds ago Up 11 seconds 0.0.0.0:80->80/tcp my_nginx
訪問測試:
註:默認采用tcp,想換成UDP,需要在端口後面加上協議(如下×××部分)
[root@bogon ~]# docker run --name my_nginx -d -p 80:80/udp liyongli/my_nginx nginx
46f6b91ed321ed0fd0cf2e638a68d859207e7ff4dc33c02d7d299e258200496f
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
46f6b91ed321 liyongli/my_nginx "nginx" 2 seconds ago Up 2 seconds 0.0.0.0:80->80/udp my_nginx
指定端口和IP映射:
[root@bogon ~]# docker run --name my_nginx -d -p 127.0.0.1:80:80 liyongli/my_nginx nginx
7266e28a7f4b7a1a38f41b55ccf33136f3f7867081e0d1369f662a6292d9fc0a
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7266e28a7f4b liyongli/my_nginx "nginx" 21 seconds ago Up 21 seconds 127.0.0.1:80->80/tcp my_nginx
訪問測試,外面的瀏覽器訪問不到了:
本地curl訪問:
[root@bogon ~]# curl 127.0.0.1:80
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Test Page for the Nginx HTTP Server on Fedora</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/<![CDATA[/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
第二種制作鏡像的方法:
此方法快速方便,但不規範,可用於測試環境
[root@bogon ~]# docker commit c6907664eaa6 mysqlserver
語法:docker commit 運行停止的容器ID 鏡像名
sha256:5fa23cedfee037c1645f446b8d5e11d67419c93e89c73cf81a28386a403e8407
[root@bogon ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysqlserver latest 5fa23cedfee0 9 seconds ago 484 MB
127.0.0.1:6000/zhouhao/nginx latest a8ddb97e410c 3 days ago 429 MB
<none> <none> 6ebd2e131385 3 days ago 429 MB
liyongli/my_nginx v1 e6cdb103b333 4 days ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 4 days ago 408 MB
docker.io/mysql latest 29e0ae3b69b9 2 weeks ago 484 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/registry 2 b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/registry latest b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/alpine latest 11cd0b38bc3c 8 weeks ago 4.41 MB
4.docker之間互相通信:
- 先運行兩臺容器
[root@bogon ~]# docker run -d --name web1 -p 80:80 liyongli/my_nginx nginx
e79fa7dd7157cd69b87dd125743a711996679c03698d8079421adb697d132f72
[root@bogon ~]# docker run -d --name web2 --link web1 -p 8080:80 liyongli/my_nginx nginx
#--link:是指與哪臺容器進行通信,後面跟上容器名即可
27a7ebdb7f74ff28deb70b425d591043301dcd83dd15d25056dd6f981d2ae603
[root@bogon ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
27a7ebdb7f74 liyongli/my_nginx "nginx" 7 seconds ago Up 6 seconds 0.0.0.0:8080->80/tcp web2
e79fa7dd7157 liyongli/my_nginx "nginx" About a minute ago Up 59 seconds 0.0.0.0:80->80/tcp web1
2.進入web2查看下host文件:
[root@bogon ~]# docker exec -it web2 sh
sh-4.2# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 web1 e79fa7dd7157
172.17.0.3 27a7ebdb7f74
會發現多出web1 的解析
3.ping測試:
sh-4.2# ping web1
PING web1 (172.17.0.2) 56(84) bytes of data.
64 bytes from web1 (172.17.0.2): icmp_seq=1 ttl=64 time=0.142 ms
64 bytes from web1 (172.17.0.2): icmp_seq=2 ttl=64 time=0.091 ms
64 bytes from web1 (172.17.0.2): icmp_seq=3 ttl=64 time=0.091 ms
也能拼通,訪問沒有問題
sh-4.2# curl 172.17.0.2:80
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Test Page for the Nginx HTTP Server on Fedora</ti
上述的操作,連接互通是單向性的,web2可以連通web1但是web1連不上web2:
[root@bogon ~]# docker exec -it web1 sh
sh-4.2# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 e79fa7dd7157
Web1 的host文件並沒有解析。
解決容器名被更改如何還能連通:
[root@bogon ~]# docker run -d --name web2 --link web1:shop_nginx -p 8080:80 liyongli/my_nginx nginx
#增加×××部分相當於起個別名,這樣前面的web1可以隨意改動,只要後面不變就可以
d8f650859edd7d516f098a342931833ef3fe790531e02a05e29dbe1b567d383c
[root@bogon ~]# docker exec -it web2 bash
[root@d8f650859edd /]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 shop_nginx e79fa7dd7157 web1
172.17.0.3 d8f650859edd
查看docker支持的網絡類型:
[root@bogon ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
9d714af60380 bridge bridge local
fb92c872341e host host local
0901c10db04a none null local
Host:走的是物理機本地內網IP,默認使用本地IP,相對來說網絡穩定,只要同一網段,可以跨主機。但端口不能重復,
[root@bogon ~]# docker run -it --rm --net=host nginx
2018/08/30 07:25:56 [emerg] 1#1: bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
#提示80端口被占用
None:需要通過程序或者其他方法給容器配置IP,默認只有本地回環地址。
[root@bogon ~]# docker run -it --rm --net=none alpine sh
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
docker實現跨主機互聯:
1.修改下docker.service文件使其docker網段不同:
[root@bogon ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd-current --registry-mirror=https://a14c78qe.mirror.aliyuncs.com --bip=172.18.42.1/16 \
在配置文件中添加×××部分,指定IP地址段,×××部分改的是網關地址
2.重新加載配置文件並重啟docker
[root@bogon ~]# systemctl daemon-reload
[root@bogon ~]# systemctl restart docker
3.查看docker狀態是否正常
[root@bogon ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2018-08-30 15:52:34 CST; 11s ago
Docs: http://docs.docker.com
Main PID: 4145 (dockerd-current)
CGroup: /system.slice/docker.service
├─4145 /usr/bin/dockerd-current --registry-mirror=https://a14c78qe.mirror.aliyuncs.com --bi...
└─4149 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-co...
8月 30 15:52:33 bogon dockerd-current[4145]: time="2018-08-30T15:52:33.400672397+08:00" level=info...49"
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.586152872+08:00" level=info...ds"
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.587277463+08:00" level=info...t."
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.623423404+08:00" level=info...se"
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.860582020+08:00" level=info...e."
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.879169723+08:00" level=warn...ix"
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.976361022+08:00" level=info...on"
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.976387296+08:00" level=info...3.1
8月 30 15:52:34 bogon dockerd-current[4145]: time="2018-08-30T15:52:34.997355105+08:00" level=info...ck"
8月 30 15:52:34 bogon systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
4.查看ip,×××部分為上方改的,和改的一樣說明沒有問題
[root@bogon ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:29:85:5b brd ff:ff:ff:ff:ff:ff
inet 192.168.200.200/24 brd 192.168.200.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe29:855b/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:57:0e:e5:98 brd ff:ff:ff:ff:ff:ff
inet 172.18.43.1/24 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:57ff:fe0e:e598/64 scope link
valid_lft forever preferred_lft forever
第二臺的機器和上述一樣。
Node2的ip
[root@bogon ~]# ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:0f:6b:3a brd ff:ff:ff:ff:ff:ff
inet 192.168.200.201/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe0f:6b3a/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:0b:ba:3a:99 brd ff:ff:ff:ff:ff:ff
inet 172.17.42.1/24 scope global docker0
valid_lft forever preferred_lft forever
5.保證兩臺機器能夠互相通信:
[root@bogon ~]# ping 192.168.200.201
PING 192.168.200.201 (192.168.200.201) 56(84) bytes of data.
64 bytes from 192.168.200.201: icmp_seq=1 ttl=64 time=0.338 ms
64 bytes from 192.168.200.201: icmp_seq=2 ttl=64 time=0.403 ms
^C
--- 192.168.200.201 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.338/0.370/0.403/0.037 ms
[root@bogon ~]# ping 192.168.200.200
PING 192.168.200.200 (192.168.200.200) 56(84) bytes of data.
64 bytes from 192.168.200.200: icmp_seq=1 ttl=64 time=0.244 ms
^C
--- 192.168.200.200 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.244/0.244/0.244/0.000 ms
6.兩臺機器分別運行容器:
[root@bogon ~]# docker run -it --name node1 centos bash
#安裝相關網絡工具,默認沒有
[root@1af63485012b /]# yum install net-tools -y
第二臺機器也是一樣
[root@bogon ~]# docker run -it --name node2 centos bash
[root@3f346455006b /]# yum install -y net-tools
7.測試兩臺容器能否通信:
[root@1af63485012b /]# ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
[root@3f346455006b /]# ping 172.18.0.1
PING 172.18.0.1 (172.18.0.1) 56(84) bytes of data.
默認兩臺之間無法通信
5.Docker數據管理:
1.數據卷:
[root@bogon ~]# docker run -it --name node1 --rm -v /data centos bash
#--rm :退出容器即刪除
#-v :指定容器卷顯示在容器裏面的名字,默認是真機的/目錄
[root@f96cadd91776 /]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 17G 2.4G 15G 14% /
tmpfs 489M 0 489M 0% /dev
tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 2.4G 15G 14% /data
shm 64M 0 64M 0% /dev/shm
tmpfs 489M 0 489M 0% /proc/acpi
tmpfs 489M 0 489M 0% /proc/scsi
tmpfs 489M 0 489M 0% /sys/firmware
正確的用法:
[root@bogon ~]# mkdir /home/opt
[root@bogon ~]# docker run -it --name node1 --rm -v /home/opt:/opt centos bash
[root@a5dce0b1320d /]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 17G 2.4G 15G 14% /
tmpfs 489M 0 489M 0% /dev
tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 2.4G 15G 14% /opt
shm 64M 0 64M 0% /dev/shm
tmpfs 489M 0 489M 0% /proc/acpi
tmpfs 489M 0 489M 0% /proc/scsi
tmpfs 489M 0 489M 0% /sys/firmware
[root@a5dce0b1320d /]# cd /opt/
[root@a5dce0b1320d opt]# touch a
[root@a5dce0b1320d opt]# ls
a
[root@a5dce0b1320d opt]# exit
exit
[root@bogon ~]# ls /home/opt/
a
掛載真機的指定目錄(默認都是可讀寫的)
文件的掛載:(真機上的host文件被掛載上了,建議如果有需要,掛載文件掛載不常被改動的文件。)
[root@bogon ~]# docker run -it --name node1 --rm -v /etc/hosts:/opt/hosts centos bash
[root@e96915900ad9 /]# ls /opt/hosts
/opt/hosts
[root@e96915900ad9 /]# cat /opt/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
給掛載點設置成只讀權限:
[root@bogon ~]# docker run -it --name node1 --rm -v /etc/hosts:/opt/hosts:ro centos bash
[root@ac01a4cc01ee /]# echo "1111" >>/opt/hosts
bash: /opt/hosts: Read-only file system
這樣會比較安全。
2.數據卷容器:
創建第一個容器:
[root@bogon ~]# docker run -it -v /opt:/opt --name node1 centos bash
[root@680e78302bb6 /]# ls /opt/
[root@680e78302bb6 opt]# mkdir ppp
[root@680e78302bb6 opt]# ls
ppp
創建第二個容器:
[root@bogon ~]# docker run -it --name node2 --volumes-from node1 centos bash
#--volumes-from ;數據卷容器來自哪裏,後面跟上容器名
[root@37a43f150d4d /]# df -h
Filesystem Size Used Avail Use% Mounted on
overlay 17G 2.4G 15G 14% /
tmpfs 489M 0 489M 0% /dev
tmpfs 489M 0 489M 0% /sys/fs/cgroup
/dev/mapper/cl-root 17G 2.4G 15G 14% /opt
shm 64M 0 64M 0% /dev/shm
tmpfs 489M 0 489M 0% /proc/acpi
tmpfs 489M 0 489M 0% /proc/scsi
tmpfs 489M 0 489M 0% /sys/firmware
[root@37a43f150d4d /]# cd /opt/
[root@37a43f150d4d opt]# ls
ppp
註:即使將容器卷那個容器刪除或者關閉,容器卷依然有效
[root@bogon ~]# docker rm -fv 680e78302bb6
#-v :刪除容器的數據卷,不加-v只是將容器刪除,容器產生的數據還在硬盤裏。
6.Docker_file編寫:
註:dockerfile的文件名D必須大寫
[root@bogon ~]# mkdir docker
[root@bogon ~]# cd docker
[root@bogon docker]# vim Dockerfile
#This is dockerfile for nginx
#基於的鏡像是什麽,這裏采用centos,可以是本地也可以是官網的,本地沒有會從官網下載,若官網沒有會失敗。
FROM centos
#維護者信息
MAINTAINER zhouhao [email protected]
#相關操作,默認鏡像沒有epel源的,這裏給安裝epel
RUN rpm -ivh https://mirrors.aliyun.com/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
RUN yum install -y nginx
#ENV:增加環境變量,比如JAVA,TOMCAT,都會用到此項
#添加文件,index.html要和Dockerfile在同一目錄下
ADD index.html /usr/share/nginx/html/index.html
#配置文件中添加參數
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
#設置開放端口
EXPOSE 80
#執行命令
CMD ["nginx"]
[root@bogon docker]# vim index.html
<h1>This is ngnix<h1>
[root@bogon docker]# docker build -t zhouhao/nginx /root/docker/
查看鏡像
[root@bogon docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
zhouhao/nginx latest a8ddb97e410c About an hour ago 429 MB
<none> <none> 6ebd2e131385 About an hour ago 429 MB
liyongli/my_nginx v1 e6cdb103b333 30 hours ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 30 hours ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/alpine latest 11cd0b38bc3c 7 weeks ago 4.41 MB
運行下制作出來的nginx鏡像
[root@bogon docker]# docker run -it -d --name mnginx zhouhao/nginx
9b6d3bd599df08588ec0d77c2596932c28baaf47a9538e627f6a2e42bbcd264b
查看下容器的詳細信息
[root@bogon docker]# docker inspect mnginx
。。。。。。。。。。。。。。。
"EndpointID": "14e1914c63a667e098e17ae03a2613c5df0620efceb09bf58706da89ffdeea8a",
"Gateway": "172.18.42.1",
"IPAddress": "172.18.42.2",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:2a:02"
}
}
}
}
]
訪問測試下:
[root@bogon docker]# curl 172.18.42.2
<h1>This is ngnix<h1>
7.docker私有倉庫:
生成一個認證文件
[root@localhost opt]# mkdir auth
[root@localhost opt]# cd auth/
[root@localhost auth]# cd ../
[root@localhost opt]# docker run --entrypoint htpasswd registry:2 -Bbn zhouhao 123456 > auth/htpasswd
[root@localhost opt]# cat auth/htpasswd
zhouhao:$2y$05$GZ3y3GPCmp6anequ4TYh2OrJGmrnMBOmInuR1JrrxIDHf0E6myVqG
搭建倉庫:
[root@localhost opt]# docker run -d -p 6000:5000 --restart=always --name registry1 -v pwd
/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry
查看下倉庫是否在運行:
[root@localhost opt]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
559c4b6283b0 registry "/entrypoint.sh /e..." 23 minutes ago Up 22 minutes 0.0.0.0:6000->5000/tcp registry1
將鏡像上傳的倉庫中
#先要登錄
[root@localhost opt]# docker login 127.0.0.1:6000
Username: zhouhao
Password:
Login Succeeded
#登錄成功後才能上傳:
#打個標簽
[root@localhost opt]# docker tag a8ddb97e410c 127.0.0.1:6000/zhouhao/nginx
#a8ddb97e410c:鏡像的ID號
#上傳
[root@localhost opt]# docker push 127.0.0.1:6000/zhouhao/nginx
驗證:
#先刪除上傳的鏡像
[root@localhost opt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1:6000/zhouhao/nginx latest a8ddb97e410c 26 hours ago 429 MB
zhouhao/nginx latest a8ddb97e410c 26 hours ago 429 MB
<none> <none> 6ebd2e131385 26 hours ago 429 MB
liyongli/my_nginx v1 e6cdb103b333 2 days ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 2 days ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/registry 2 b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/registry latest b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/alpine latest 11cd0b38bc3c 8 weeks ago 4.41 MB
[root@localhost opt]# docker rmi -f a8ddb97e410c a8ddb97e410c
Untagged: 127.0.0.1:6000/zhouhao/nginx:latest
Untagged: 127.0.0.1:6000/zhouhao/nginx@sha256:2a1cad070e6076f26211cf421f4e602535ad2c1c9178356e5849da79f9bb9cfd
Untagged: zhouhao/nginx:latest
Deleted: sha256:a8ddb97e410ca1aa9e1a5302fcbc759da4c23175b11fe1837ccda1cc633d40f3
Deleted: sha256:f2e0a6f60b465336517be0b0a2698d208fa09162b4f3e6777efe271b4180cc72
Deleted: sha256:55525487441930ca00294e416a5ead6982b6e3e10b8c79132fe8a1cdc354fbba
Deleted: sha256:66e4a5bd55c9378bdf4ceae514f37d581e416df74853808cbf9a45b7018aafcd
Deleted: sha256:186e9eb4fe8f6df36b525a2dbe1e1141c3e2eec3a908543a685e13e6c9096b6e
Deleted: sha256:2da5317e2754c6af07a8ef8ab0bae487032abb5f204da8358cbfca4a6d9fddb1
Error response from daemon: No such image: a8ddb97e410c:latest
[root@localhost opt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 6ebd2e131385 26 hours ago 429 MB
liyongli/my_nginx v1 e6cdb103b333 2 days ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 2 days ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/registry 2 b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/registry latest b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/alpine latest 11cd0b38bc3c 8 weeks ago 4.41 MB
#將倉庫中的鏡像下載下來:
[root@localhost opt]# docker pull 127.0.0.1:6000/zhouhao/nginx
Using default tag: latest
Trying to pull repository 127.0.0.1:6000/zhouhao/nginx ...
latest: Pulling from 127.0.0.1:6000/zhouhao/nginx
256b176beaff: Already exists
77b0a013ec06: Already exists
f9b1980a6dd6: Already exists
a5a9ce092668: Already exists
a24ee7e77c51: Already exists
Digest: sha256:2a1cad070e6076f26211cf421f4e602535ad2c1c9178356e5849da79f9bb9cfd
Status: Downloaded newer image for 127.0.0.1:6000/zhouhao/nginx:latest
[root@localhost opt]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1:6000/zhouhao/nginx latest a8ddb97e410c 26 hours ago 429 MB
<none> <none> 6ebd2e131385 26 hours ago 429 MB
liyongli/my_nginx v1 e6cdb103b333 2 days ago 408 MB
liyongli/my_nginx latest 66ff70d8a103 2 days ago 408 MB
docker.io/centos latest 5182e96772bf 3 weeks ago 200 MB
docker.io/nginx latest c82521676580 5 weeks ago 109 MB
docker.io/registry 2 b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/registry latest b2b03e9146e1 8 weeks ago 33.3 MB
docker.io/alpine latest 11cd0b38bc3c 8 weeks ago 4.41 MB
註意:其他docker主要要下載的話,docker要映射443端口
8Docker容器編排:
#先安裝epel源:
[root@localhost ~]# yum install -y epel-release
#安裝pip:
[root@localhost ~]# yum install -y python-pip
#安裝編排工具
[root@localhost ~]# pip install docker-compose
#編輯docker-compose.yml文件
[root@localhost compose]# vim docker-compose.yml
web1:
image: nginx
expose:
- 80
web2:
image:
expose: - 80
haproxy:
image: haproxy
volumes: - /opt/haproxy.cfg:/use/local/etc/haproxy/haproxy.cfg
links: - web1
- web2
ports: - "7777:1080"
- "80:80"
#運行
[root@localhost compose]# docker-compose up
9.docker運行MySQL
1.下載mysql鏡像:
docker pull mysql
2.運行mysql鏡像:×××部分設置默認密碼,必須設置否則會報錯
docker run -it -d --name mysqlserver -e MYSQL_ROOT_PASSWORD=123456 -p 192.168.200.200:3306:3306 mysql
3.進入容器內重新授權用戶密碼,否則主機登錄不上:
[root@bogon ~]# docker exec -it mysqlserver /bin/bash
root@d9aab9384ca6:/# mysql -uroot -p123456
mysql> ALTER USER ‘root‘@‘%‘ IDENTIFIED WITH mysql_native_password BY ‘123456‘;
mysql> flush privileges;
4.主機登錄驗證:
[root@bogon ~]# mysql -uroot -p123456 -h 192.168.200.200
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 8.0.12 MySQL Community Server - GPL
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
MySQL [(none)]>
[root@bogon ~]# yum install -y openvswitch
[root@bogon ~]# yum install -y bridge-utils
[root@bogon ~]# systemctl start openvswitch
[root@bogon ~]# systemctl status openvswitch
● openvswitch.service - Open vSwitch
Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; disabled; vendor preset: disabled)
Active: active (exited) since 二 2018-09-04 14:00:50 CST; 38s ago
Process: 3330 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 3330 (code=exited, status=0/SUCCESS)
9月 04 14:00:50 bogon systemd[1]: Starting Open vSwitch...
9月 04 14:00:50 bogon systemd[1]: Started Open vSwitch.
[root@bogon ~]# ovs-vsctl add-br br0
[root@bogon ~]# ovs-vsctl add-port br0 gre1 -- set interface gre1 type=gre option:remove_ip=192.168.200.200
[root@bogon ~]# brctl addif docker0 br0
[root@bogon ~]# ip link set dev br0 up
[root@bogon ~]# ip link set dev docker0 up
[root@bogon ~]# iptables -F
[root@bogon ~]# ip route add 172.18.0.0/16 dev docker0
docker的部署及使用