1、准备一台虚机
可以根据《VMware Workstation安装Ubuntu 22.04笔记》来准备虚拟机。完成后,根据需求安装必要的软件,并设置root权限进行登录。
sudo apt update
sudo apt install iputils-ping -y
sudo apt install vim -y
允许root ssh登录:
sudo passwd root
sudo vi /etc/ssh/sshd_config
...
#PermitRootLogin prohibit-password
PermitRootLogin yes <--新增配置
...
sudo /etc/init.d/ssh stop
sudo /etc/init.d/ssh start
sudo service ssh restart
其他相关信息:
root@host1:~# hostname
host1
root@host1:~# uname -a
Linux host1 5.15.0-117-generic #127-Ubuntu SMP Fri Jul 5 20:13:28 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
root@host1:~# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.4 LTS"
PRETTY_NAME="Ubuntu 22.04.4 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.4 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
root@host1:~#
root@host1:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:ba:cd:1a brd ff:ff:ff:ff:ff:ff
altname enp2s0
inet 10.0.20.61/24 brd 10.0.20.255 scope global ens32
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feba:cd1a/64 scope link
valid_lft forever preferred_lft forever
3: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:ba:cd:24 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet6 fe80::20c:29ff:feba:cd24/64 scope link
valid_lft forever preferred_lft forever
2、Docker安装
Docker是一个开源的软件平台,它允许你通过容器化技术来构建、测试和运行应用程序。容器化是一种轻量级、可移植的、自给自足的软件运行方式,它使得应用程序及其依赖项可以被打包在一起,从而简化了软件的部署和管理。
Docker为Ubuntu提供了一个官方的APT仓库,这使得在Ubuntu系统上安装Docker变得非常简单。以下是在Ubuntu 22.04上安装Docker的步骤:
- 更新包索引
更新本地包索引以确保安装的是最新版本的软件包。
root@host1:~# apt update
-
安装所需的软件包
root@host1:~# apt install -y apt-transport-https ca-certificates curl software-properties-common
apt-transport-https
: 这个软件包提供了通过 HTTPS 协议获取软件包的能力。ca-certificates
: 包含用于验证 HTTPS 连接的证书。curl
: 是一个命令行工具和库,用于传输数据,支持多种协议,包括 HTTP、HTTPS 和 FTP。software-properties-common
: 包含用于添加和管理软件源的工具。
-
添加 Docker 的官方 GPG 密钥到 Ubuntu 系统
root@host1:~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
root@host1:~# ls /usr/share/keyrings/docker-archive-keyring.gpg
/usr/share/keyrings/docker-archive-keyring.gpg
root@host1:~#
curl
: 是一个命令行工具,用于从或向服务器传输数据。-fsSL
: 选项组合:
-f
或-fail
:服务器返回失败的HTTP状态码时不显示错误。-s
或--silent
:静默或无输出模式。-S
或--show-error
:在出现问题时显示错误。-L
或--location
:跟随重定向。https://download.docker.com/linux/ubuntu/gpg
: 是 Docker 官方的 GPG 密钥的 URL。|
: 是管道操作符,将前一个命令的输出作为后一个命令的输入。sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
: 这个命令使用gpg
工具将通过管道接收到的密钥转换为二进制格式,并将其输出到指定的文件路径。
-
将 Docker 的官方软件源添加到 Ubuntu 的 APT 软件源列表中
root@host1:~# echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
执行这个命令后,Docker 的官方软件源将被添加到您的系统软件源列表中,APT 将能够从这个源安装 Docker。
-
在 Ubuntu 系统中安装 Docker CE(社区版)及其命令行接口(CLI)和 containerd.io 容器运行时:
root@host1:~# apt update
root@host1:~# apt install -y docker-ce docker-ce-cli containerd.io -
设置 Docker 服务在系统启动时自动启动
root@host1:~# systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
root@host1:~# -
显示当前安装的 Docker 版本信息
root@host1:~# docker --version
Docker version 27.1.1, build 6312585root@host1:~# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2024-08-06 02:27:10 UTC; 2min 49s ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Main PID: 2050 (dockerd)
Tasks: 10
Memory: 22.0M
CPU: 321ms
CGroup: /system.slice/docker.service
└─2050 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sockAug 06 02:27:09 host1 systemd[1]: Starting Docker Application Container Engine...
Aug 06 02:27:09 host1 dockerd[2050]: time="2024-08-06T02:27:09.804576515Z" level=info msg="Starting up"
Aug 06 02:27:09 host1 dockerd[2050]: time="2024-08-06T02:27:09.805423605Z" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf"
Aug 06 02:27:09 host1 dockerd[2050]: time="2024-08-06T02:27:09.886376001Z" level=info msg="Loading containers: start."
Aug 06 02:27:10 host1 dockerd[2050]: time="2024-08-06T02:27:10.259919206Z" level=info msg="Loading containers: done."
Aug 06 02:27:10 host1 dockerd[2050]: time="2024-08-06T02:27:10.278184800Z" level=info msg="Docker daemon" commit=cc13f95 containerd-snapshotter=false storage-driver=overlay2 version=27.1.1
Aug 06 02:27:10 host1 dockerd[2050]: time="2024-08-06T02:27:10.278390653Z" level=info msg="Daemon has completed initialization"
Aug 06 02:27:10 host1 dockerd[2050]: time="2024-08-06T02:27:10.319697168Z" level=info msg="API listen on /run/docker.sock"
Aug 06 02:27:10 host1 systemd[1]: Started Docker Application Container Engine.
root@host1:~# -
测试 Docker 是否正确安装
root@host1:~# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:1408fec50309afee38f3535383f5b09419e6dc0925bc69891e79d84cc4cdcec6
Status: Downloaded newer image for hello-world:latestHello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:
- The Docker client contacted the Docker daemon.
- The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64) - The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading. - The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/For more examples and ideas, visit:
https://docs.docker.com/get-started/root@host1:~#
3、Docker使用
3.1 docker pull 下载镜像
1、从Docker Hub(Docker的官方镜像仓库)下载标签为 22.04 的Ubuntu镜像:
root@host1:~# docker pull ubuntu:22.04
22.04: Pulling from library/ubuntu
3713021b0277: Pull complete
Digest: sha256:340d9b015b194dc6e2a13938944e0d016e57b9679963fdeb9ce021daac430221
Status: Downloaded newer image for ubuntu:22.04
docker.io/library/ubuntu:22.04
2、列出本地的Docker镜像:
root@host1:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 22.04 8a3cdc4d1ad3 5 weeks ago 77.9MB
hello-world latest d2c94e258dcb 15 months ago 13.3kB
3.2 docker run 启动容器
在Docker中创建并启动一个名为 test1
的新容器,使用 ubuntu:22.04
镜像,并提供一个交互式的bash shell:
root@host1:~# docker run --name test1 -it ubuntu:22.04 /bin/bash
root@33d9582b76bf:/# exit
exit
root@host1:~#
-it
:这是一个组合选项,-i
表示交互式,-t
表示分配一个伪终端。这个选项允许你与容器内的进程进行交互
/bin/bash
:这是容器启动后要运行的命令,即启动bash shell
执行这个命令后,Docker会做以下几件事:
- 检查本地是否有
ubuntu:22.04
镜像,如果没有,它会从Docker Hub下载这个镜像。 - 使用这个镜像创建一个新的容器,命名为
test1
。 - 启动容器,并提供一个交互式的bash shell,允许你执行命令和操作。
- 要退出终端,直接输入 exit。
启动容器,同时后台运行:
root@host1:~# docker run --name test2 -itd ubuntu:22.04 /bin/bash
13406586d37f4dceadf75d49643d401cbc806d81e48a085f54969e279ab593ee
3.3 docker ps 列出容器
列出所有容器,包括正在运行的和已经停止的容器:
root@host1:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" About a minute ago Up About a minute test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 23 minutes ago Exited (137) 4 seconds ago test1
6843deb526c2 hello-world "/hello" 11 hours ago Exited (0) 11 hours ago great_booth
root@host1:~#
只列出正在运行的容器:
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" About a minute ago Up About a minute test2
root@host1:~#
3.4 docker start启动已经停止的容器
root@host1:~# docker start test1
test1
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 2 minutes ago Up 2 minutes test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 24 minutes ago Up 4 seconds test1
root@host1:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 2 minutes ago Up 2 minutes test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 24 minutes ago Up 8 seconds test1
6843deb526c2 hello-world "/hello" 11 hours ago Exited (0) 11 hours ago great_booth
root@host1:~#
3.5 docker stop 停止容器
root@host1:~# docker stop test1
test1
3.6 docker restart 重启容器
root@host1:~# docker restart test1
test1
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 8 minutes ago Up 8 minutes test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 30 minutes ago Up 4 seconds test1
root@host1:~#
docker start和docker restart区别:
docker start
仅用于启动已经停止的容器,不会重新初始化容器的启动命令。docker restart
可以用于重启正在运行的容器,或者重新启动已经停止的容器,并且会重新执行容器的启动命令。使用场景:
- 如果你需要重新激活一个已经停止的容器,并且希望它从停止时的状态继续运行,使用
docker start
。- 如果你需要重置容器的状态,或者容器需要在重启时重新加载配置或执行初始化命令,使用
docker restart
。
3.7 docker attach进入容器
docker run -itd方式,启动容器会进入后台;或者docker start/restart,重新启动的容器也会进入后台。此时,要进入容器,可以使用docker attach,执行exit退出容器:
root@host1:~# docker attach test1
root@33d9582b76bf:/#
root@33d9582b76bf:/# exit
exit
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 13 minutes ago Up 13 minutes test2
root@host1:~#
3.8 docker exec进入容器
root@host1:~# docker start test1
test1
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 20 minutes ago Up 20 minutes test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 42 minutes ago Up 3 seconds test1
root@host1:~# docker exec -it 33d9582b76bf /bin/bash
root@33d9582b76bf:/#
root@33d9582b76bf:/# exit
exit
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 20 minutes ago Up 20 minutes test2
33d9582b76bf ubuntu:22.04 "/bin/bash" 43 minutes ago Up 42 seconds test1
root@host1:~#
使用docker exec进入容器,如果从这个容器退出,容器不会停止。
3.9 docker rm 删除容器
root@host1:~# docker rm -f test1
test1
root@host1:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13406586d37f ubuntu:22.04 "/bin/bash" 26 minutes ago Up 26 minutes test2
6843deb526c2 hello-world "/hello" 12 hours ago Exited (0) 12 hours ago great_booth
root@host1:~#
4、容器之间相互Ping通
1、进入容器test1/test2,并安装相应软件:
容器test1安装软件:
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6fb111b9b11 ubuntu:22.04 "/bin/bash" 3 seconds ago Up 3 seconds test1
13406586d37f ubuntu:22.04 "/bin/bash" 30 minutes ago Up 30 minutes test2
root@host1:~# docker exec -it e6fb111b9b11 /bin/bash
root@e6fb111b9b11:/# ip a
bash: ip: command not found
root@e6fb111b9b11:/# apt update
root@e6fb111b9b11:/# apt install iproute2
root@e6fb111b9b11:/# apt install inetutils-ping -y
root@e6fb111b9b11:/# exit
exit
容器test2安装软件:
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6fb111b9b11 ubuntu:22.04 "/bin/bash" 5 minutes ago Up 5 minutes test1
13406586d37f ubuntu:22.04 "/bin/bash" 35 minutes ago Up 35 minutes test2
root@host1:~#
root@host1:~# docker exec -it 13406586d37f /bin/bash
root@13406586d37f:/# apt update
2、查看容器ip地址信息,并相互ping
root@host1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6fb111b9b11 ubuntu:22.04 "/bin/bash" 10 minutes ago Up 10 minutes test1
13406586d37f ubuntu:22.04 "/bin/bash" 40 minutes ago Up 40 minutes test2
进入容器test1:
root@host1:~# docker exec -it e6fb111b9b11 /bin/bash
root@e6fb111b9b11:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
23: eth0@if24: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
root@e6fb111b9b11:/#
进入容器test2:
root@host1:~# docker exec -it 13406586d37f /bin/bash
root@13406586d37f:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
15: eth0@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
容器test2 ping 容器test1:
root@e6fb111b9b11:/# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2): 56 data bytes
64 bytes from 172.17.0.2: icmp_seq=0 ttl=64 time=0.061 ms
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.040 ms
64 bytes from 172.17.0.2: icmp_seq=2 ttl=64 time=0.033 ms
^C--- 172.17.0.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.033/0.045/0.061/0.000 ms
root@e6fb111b9b11:/#