centos8.0 docker ngnix

期待着20132025-02-17 20:57

问题1:镜像拉取不下来,用DAO云加速器

问题2:ngnix镜像不能运行, 无法检索OCI运行时错误 ,更新包yum update libseccomp

问题3:docker run -v 目录有ngninx.conf 或conf.d 等 .特殊字符,报无效格式 docker: invalid reference format. . , 不要用 \ 换行,用一行运行

想到之前装为知等容器时都是单行命令,删掉\及换行后正常完成安装。

在CentOS上使用Docker来运行Nginx是一个常见的做法,因为它提供了快速、一致的环境配置方式,并且可以很容易地扩展。下面是如何通过Docker来运行Nginx的步骤:

1. 安装Docker

首先,确保你的CentOS系统上已经安装了Docker。如果还没有安装,你可以通过以下命令来安装Docker:

复制代码
复制代码

sudo yum install -y yum-utils

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install -y docker-ce docker-ce-cli containerd.io

centos 8

注如果安装报如下错误:

复制代码 
Error:
 Problem 1: problem with installed package podman-1.0.5-1.gitf604175.module_el8.0.0+194+ac560166.x86_64
  - package podman-1.0.5-1.gitf604175.module_el8.0.0+194+ac560166.x86_64 requires runc, but none of the providers can be installed
  - package podman-2.2.1-7.module_el8.3.0+699+d61d9c41.x86_64 requires runc >= 1.0.0-57, but none of the providers can be installed
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - cannot install the best candidate for the job
  - package runc-1.0.0-56.rc5.dev.git2abd837.module_el8.3.0+569+1bada2e4.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-64.rc10.module_el8.3.0+479+69e2ae26.x86_64 is filtered out by modular filtering
 Problem 2: problem with installed package buildah-1.5-3.gite94b4f9.module_el8.0.0+58+91b614e7.x86_64
  - package buildah-1.5-3.gite94b4f9.module_el8.0.0+58+91b614e7.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package buildah-1.16.7-4.module_el8.3.0+699+d61d9c41.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package docker-ce-3:20.10.6-3.el8.x86_64 requires containerd.io >= 1.4.1, but none of the providers can be installed
  - package containerd.io-1.4.3-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.3.0+699+d61d9c41.x86_64
  - cannot install the best candidate for the job
  - package containerd.io-1.4.3-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 conflicts with runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 obsoletes runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-55.rc5.dev.git2abd837.module_el8.0.0+58+91b614e7.x86_64
  - package runc-1.0.0-56.rc5.dev.git2abd837.module_el8.3.0+569+1bada2e4.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-64.rc10.module_el8.3.0+479+69e2ae26.x86_64 is filtered out by modular filtering
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

需要执行如下命令, 再重新执行安装命令

复制代码 
sudo yum erase podman buildah

sudo systemctl start docker

sudo systemctl enable docker

2. 运行Nginx容器

安装完Docker后,你可以通过以下命令来运行一个Nginx容器:

复制代码
复制代码 
docker pull nginx

如果报错

sudo mkdir -p /etc/docker

sudo tee /etc/docker/daemon.json <<EOF

{

"registry-mirrors": [

"https://docker.m.daocloud.io",

"https://hub-mirror.c.163.com",

"https://mirror.ccs.tencentyun.com",

"https://noohub.ru"

]

}

EOF

sudo systemctl daemon-reload

sudo systemctl restart docker

复制代码 
vim /etc/docker/daemon.json

2.重启docker服务

重启进程

复制代码 
sudo systemctl daemon-reload

重启服务

复制代码 
sudo systemctl restart docker

然后再拉取,就成功了!

docker pull nginx:latest

docker pull nginx:1.24

docker pull hub-mirror.c.163.com/library/nginx:latest

docker run -itd --name nginx -p 8088:80 nginx:latest

docker run --name my-nginx -p 8080:80 -d nginx

docker run --name my-nginx -p 8088:80 -d nginx:1.24

docker run -d --name my-nginx -p 8088:80 nginx

docker run --name nginx -p 8088:80 -d nginx

docker 下载nginx报错记录,及解决办法。

原因:

该错误是指错误创建容器,无法检索OCI运行时错误

由于我们的docker,没有runc这个运行工具,导致无法启动容器

解决:

1. 查看runc是否存在

复制代码 
docker version
  1. 查看runc是否存在

docker version

版本号会出现runc版本,没有则表示该工具不存在在需手动安装。

  1. 查看runc版本

runc --version

这里可能会报错:runc: symbol lookup error: runc: undefined symbol: seccomp_api_get

这个错误信息表明 runc 在运行时找不到 seccomp_api_get 符号,这通常是由于系统缺少必要的库或库版本不兼容导致的。

runc 工具依赖于其他软件包, libseccomp

  1. 查看libseccomp 是否存在

在 CentOS/RHEL 上:

rpm -qa | grep libseccomp

我的版本为libseccomp-2.3.3-3.el8.x86_64

次版本太旧无法支持runc运行,我们更新此版本

  1. 更新 libseccomp

sudo yum update libseccomp

root@fd-frwechat-b219 docker\]# docker version Client: Docker Engine - Community Version: 26.1.3 API version: 1.45 Go version: go1.21.10 Git commit: b72abbb Built: Thu May 16 08:34:39 2024 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 26.1.3 API version: 1.45 (minimum version 1.24) Go version: go1.21.10 Git commit: 8e96db1 Built: Thu May 16 08:33:34 2024 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.32 GitCommit: 8b3b7ca2e5ce38e8f31a34f35b2b68ceb8470d89 docker-init: Version: 0.19.0 GitCommit: de40ad0 版本号会出现runc版本,没有则表示该工具不存在在需手动安装 \[root@fd-frwechat-b219 docker\]# runc --version runc: symbol lookup error: runc: undefined symbol: seccomp_api_get \[root@fd-frwechat-b219 docker\]# rpm -qa \| grep libseccomp libseccomp-2.3.3-3.el8.x86_64 \[root@fd-frwechat-b219 docker\]# sudo yum update libseccomp Last metadata expiration check: 1:46:52 ago on Mon 17 Feb 2025 08:50:08 AM CST. Dependencies resolved. ================================================================================================================================================================================================================================================================ Package Architecture Version Repository Size ================================================================================================================================================================================================================================================================ Upgrading: libseccomp x86_64 2.5.1-1.el8 BaseOS 71 k Transaction Summary ================================================================================================================================================================================================================================================================ Upgrade 1 Package Total download size: 71 k Is this ok \[y/N\]: y Downloading Packages: libseccomp-2.5.1-1.el8.x86_64.rpm 384 kB/s \| 71 kB 00:00 ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 371 kB/s \| 71 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Upgrading : libseccomp-2.5.1-1.el8.x86_64 1/2 Running scriptlet: libseccomp-2.5.1-1.el8.x86_64 1/2 Cleanup : libseccomp-2.3.3-3.el8.x86_64 2/2 Running scriptlet: libseccomp-2.3.3-3.el8.x86_64 2/2 Verifying : libseccomp-2.5.1-1.el8.x86_64 1/2 Verifying : libseccomp-2.3.3-3.el8.x86_64 2/2 Upgraded: libseccomp-2.5.1-1.el8.x86_64 Complete! \[root@fd-frwechat-b219 docker\]# docker version Client: Docker Engine - Community Version: 26.1.3 API version: 1.45 Go version: go1.21.10 Git commit: b72abbb Built: Thu May 16 08:34:39 2024 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: Version: 26.1.3 API version: 1.45 (minimum version 1.24) Go version: go1.21.10 Git commit: 8e96db1 Built: Thu May 16 08:33:34 2024 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.32 GitCommit: 8b3b7ca2e5ce38e8f31a34f35b2b68ceb8470d89 runc: Version: 1.1.12 GitCommit: v1.1.12-0-g51d5e94 docker-init: Version: 0.19.0 GitCommit: de40ad0 \[root@fd-frwechat-b219 docker\]# ### 6. 重启docker 后,启动nginx systemctl restart docker docker run -d --name my-nginx -p 8088:80 nginx docker run -p 9002:80 --name nginx -v /home/nginx/conf/nginx.conf:/etc/nginx/nginx.conf -v /home/nginx/conf/conf.d:/etc/nginx/conf.d -v /home/nginx/log:/var/log/nginx -v /home/nginx/html:/usr/share/nginx/html -d nginx:latest #### 4. 删除并重新创建容器 如果上述方法都不行,尝试删除现有的容器并重新创建可能是一个解决方案: docker rm my-nginx docker run -d --name my-nginx \[其他参数\] 镜像名 ``` ``` `docker rm my-nginx` `docker run -d --name my-nginx [其他参数] 镜像名` 这个命令做了几件事: * `--name my-nginx`:给容器命名为`my-nginx`。 * `-p 8080:80`:将容器的80端口映射到宿主机的8080端口。这样,你可以通过访问宿主机的8080端口来访问Nginx。 * `-d`:以后台模式运行容器。 * `nginx`:使用官方的Nginx镜像。 #### 3. 验证Nginx是否运行 你可以通过访问宿主机的8080端口来验证Nginx是否正常运行: ``` ``` ``` ``` `curl http://localhost:8080` 你应该会看到Nginx的默认欢迎页面。 #### 4. 自定义Nginx配置 如果你需要自定义Nginx的配置,你可以创建一个自定义的`nginx.conf`文件,并将其挂载到容器中。例如: ``` ``` `mkdir /path/to/nginx-conf` `echo 'server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } }' > /path/to/nginx-conf/nginx.conf` `docker run --name my-nginx -p 8080:80 -v /path/to/nginx-conf:/etc/nginx/conf.d -d nginx` 这里,`-v /path/to/nginx-conf:/etc/nginx/conf.d`将宿主机的`/path/to/nginx-conf`目录挂载到容器的`/etc/nginx/conf.d`目录,这样容器就会使用这个目录下的`nginx.conf`文件作为其配置文件。 2.创建配置文件 创建挂载目录 mkdir -p /home/ffadmin/nginx/conf.d mkdir -p /home/ffadmin/nginx/logs 启动容器将配置文件复制到宿主机目录中 # 启动容器 docker run --name nginx -p 80:80 -d nginx # 复制容器配置文件 docker cp nginx:/etc/nginx/nginx.conf /home/ffadmin/nginx docker cp nginx:/etc/nginx/conf.d /home/ffadmin/nginx docker cp nginx:/usr/share/nginx/html /home/ffadmin/nginx docker cp nginx:/etc/ssl /home/ffadmin/nginx/conf.d ------------------------------------------------ 1 2 3 4 5 6 停止容器并删除 docker stop nginx docker rm nginx 1 2 3. 修改配置文件 前置条件: 1,域名DNS解析, 2,SSL证书放置到/home/nginx/ssl目录下 2,SSL证书放置到/home/ffadmin/nginx/conf.d/ssl目录下 3,服务器防火墙指定ip的443, 80 端口正常开启 3,服务器防火墙指定ip的443, 8088 端口正常开启 因为/home/nginx/config/nginx.conf中:include引入了/etc/nginx/conf.d/\*.conf 故直接对 /home/nginx/conf.d/default.conf 进行配置 server { # https 监听端口 listen 443 ssl; # 监听域名 server_name xxx.com; root /var/www/xxx.com; index index.html index.htm; # 引入证书 ssl_certificate /etc/nginx/ssl/xxx.com.pem; ssl_certificate_key /etc/nginx/ssl/xxx.com.key; # 引入证书 用相对路径 /etc/nginx/conf.d/ssl ssl_certificate ssl/xxx.com.pem; ssl_certificate_key ssl/xxx.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; # 默认80端口转发 location / { proxy_pass http://127.0.0.1:18080/; } # 域名后缀转发https:xxx.com/xxx location /xxx/ { proxy_pass http://127.0.0.1:8801/; proxy_set_header X-Forwarded-Scheme http; proxy_redirect off; proxy_set_header Host $host:$server_port; proxy_set_header X-Real_IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; } } server { # https 监听端口 listen 80; # 监听域名 server_name xxx.com; #rewrite \^(.\*)$ https://$host$1 permanent; rewrite \^(.\*) https://$server_name$1 permanent; } 4.启动Nginx 容器 这里的Nginx与转发目标在一个服务器上,故直接采用host模式 如果不在一个服务器上,可自行将 --net=host 替换为http和https端口映射 -p 443:443 -p 80:80 docker run --name nginx --net=host \\ -v /home/ffadmin/nginx/html:/usr/share/nginx/html \\ -v /home/ffadmin/nginx/nginx.conf:/etc/nginx/nginx.conf/ \\ -v /home/ffadmin/nginx/conf.d:/etc/nginx/conf.d \\ -v /home/ffadmin/nginx/logs:/var/log/nginx/ \\ --privileged=true \\ -d --restart=always nginx docker run --name nginx -p 443:443 -p 8088:80 \\ -v /home/ffadmin/nginx/html:/usr/share/nginx/html \\ -v /home/ffadmin/nginx/nginx.conf:/etc/nginx/nginx.conf \\ -v /home/ffadmin/nginx/conf.d:/etc/nginx/conf.d \\ -v /home/ffadmin/nginx/logs:/var/log/nginx \\ --privileged=true \\ -d --restart=always nginx 报错 docker: invalid reference format. . 换成一行 docker run --name nginx -p 443:443 -p 8088:80 -v /home/ffadmin/nginx/html:/usr/share/nginx/html -v /home/ffadmin/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/ffadmin/nginx/conf.d:/etc/nginx/conf.d -v /home/ffadmin/nginx/logs:/var/log/nginx --privileged=true -d --restart=always nginx #### 5、查看目录挂载是否成功 docker inspect nginx #### 5. 管理Nginx容器 一旦你的Nginx容器运行起来,你可以使用以下命令来管理它: * 停止容器:`docker stop my-nginx` * 启动容器:`docker start my-nginx` * 重启容器:`docker restart my-nginx` * 查看容器日志:`docker logs my-nginx` 通过这些步骤,你可以在CentOS上使用Docker轻松地运行和管理Nginx。 七、安装成功后常用命令 #运行docker进程 sudo systemctl start docker #查看docker容器状态 sudo systemctl status docker #查看容器镜像 docker image ls #查看容器 docker ps -a #运行镜像容器 docker run --name 容器名 -d 镜像id #修改容器 docker update --restart=always 镜像id #进入容器 docker exec -it 容器标识 bash find / -name "关键词"

相关推荐
2302_7995257417 分钟前
【Linux】su、su-、sudo、sudo -i、sudo su - 命令有什么区别?分别适用什么场景?
linux·运维·服务器
野生派蒙1 小时前
Linux:安装 CentOS 7(完整教程)
linux·运维·服务器·centos
努力努力再努力wz2 小时前
【Linux实践系列】:匿名管道收尾+完善shell外壳程序
linux·运维·服务器·c++
开发小能手-roy4 小时前
Ubuntu服务器性能调优指南:从基础工具到系统稳定性提升
linux·运维·服务器·ubuntu
涛涛讲AI4 小时前
wkhtmltopdf 实现批量对网页转为图片的好工具,快速实现大量卡片制作
linux·服务器·windows·windows效率工具
破刺不会编程4 小时前
什么是进程?
linux·运维·服务器
laimaxgg5 小时前
Docker Hub 创建私人镜像仓库
运维·服务器·docker·容器
.R^O^6 小时前
计算机知识
linux·服务器·网络·安全
sky.fly6 小时前
三层路由器,SSH远程登录访问路由器,通过telnet远程登录访问路由器(不安全),路由器的基本设置之多网络互联解决办法:单臂路由
服务器·网络·计算机网络·智能路由器
卡戎-caryon6 小时前
【Linux网络与网络编程】11.数据链路层mac帧协议&&ARP协议
linux·服务器·网络·笔记·tcp/ip·数据链路层
热门推荐
01我决定放弃搞 Java 了02RAG 实践- Ollama+RagFlow 部署本地知识库03DeepSeek各版本说明与优缺点分析04计算机视觉——基于 Yolov8 目标检测与 OpenCV 光流实现目标追踪05DeepSeek RAGFlow构建本地知识库系统06如何在WPS和Word/Excel中直接使用DeepSeek功能07Qt实现文件传输服务器端(图文详解+代码详细注释)08汽车上的各种质量:整备质量、总质量、装载质量、簧上质量、簧下质量09本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程10【FPGA】——DDS信号发生器设计