docker教案
一、安装docker
1.1 环境选择
1.1.2 容器需要管理工具、runtime 和操作系统,我们的选择如下:
- 管理工具 - Docker Engine,Docker 最流行使用最广泛。
- runtime - runc,Docker 的默认 runtime
- 操作系统 - CentOS Stream8
1.1.3 安装操作系统
基于 CentOS-Stream-8模板制作.pdf 这个实验手册做出来的模板克隆一个虚拟机命名为docker,并配置
静态IP 192.168.108.30,主机名改为docker
bash
[root@localhost ~]# hostnamectl set-hostname docker
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual
ipv4.addresses 192.168.108.30/24 ipv4.gateway 192.168.108.2 ipv4.dns
192.168.108.2 autoconnect yes
[root@localhost ~]# nmcli con up ens1601.2 安装 Docker
1.2.1 安装必要工具
bash
# devicemapper 存储驱动已经在 docker 18.09 版本中被废弃,所以在后续的安Docker装中无需安装
devicemapper支持。
[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
vim
[root@localhost ~]# yum-config-manager --add-repo
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/dockerce.repo
[root@localhost
~]# yum makecache
Docker CE Stable - x86_64
57 kB/s | 66 kB 00:01
CentOS Stream 8 - BaseOS
8.3 kB/s | 3.9 kB 00:00
CentOS Stream 8 - AppStream
9.8 kB/s | 4.4 kB 00:00
Metadata cache created.1.2.2 allinone部署
安装软件
bash
[root@docker ~]# yum install -y docker-ce1.2.3 配置服务
bash
[root@docker ~]# systemctl enable docker.service --now1.2.4 验证安装
查看docker版本
bash
[root@docker ~]# docker --version
Docker version 26.1.3, build b72abbb1.2.5 验证docker状态
bash
[root@docker ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor
preset: disabled)
Active: active (running) since Wed 2025-09-03 13:51:07 CST; 36s ago
Docs: https://docs.docker.com
Main PID: 1813 (dockerd)
Tasks: 10
Memory: 135.7M
CGroup: /system.slice/docker.service
└─1813 /usr/bin/dockerd -H fd:// --
containerd=/run/containerd/containerd.sock二、配置镜像加速器(华为云)
去华为云官网配置地址
bash
# WWW.huaweicloud.com 创建出来的自己的华为云镜像加速器
{
"registry-mirrors": [ "https://019e0631343179d8a40e9fc7553ac824.mirror.swr.myhuaweicloud.com" ]
}
[root@docker ~ 14:19:08]# vim /etc/docker/daemon.json
bash
[root@docker ~ 14:19:08]# cat /etc/docker/daemon.json
{
"registry-mirrors": [ "https://019e0631343179d8a40e9fc7553ac824.mirror.swr.myhuaweicloud.com" ]
}
# 按"Esc",输入:wq保存并退出。
# 重启容器引擎
[root@docker ~ 14:16:50]# systemctl restart docker
# 确认配置结果
[root@docker ~ 14:16:55]# docker info
Client: Docker Engine - Community
Version: 26.1.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.14.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.27.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 26.1.3
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 8b3b7ca2e5ce38e8f31a34f35b2b68ceb8470d89
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 4.18.0-553.6.1.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.549GiB
Name: docker
ID: 34074b80-3e84-4358-a80b-b728b68c69f6
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://019e0631343179d8a40e9fc7553ac824.mirror.swr.myhuaweicloud.com/
Live Restore Enabled: false2.1 运行第一个容器
环境就绪,马上运行第一个容器,执行命令:
bash
[root@docker ~ 14:17:00]# docker run hello-world
Unable to find image 'hello-world:latest' locally # !!!!!!!!!!!!
latest: Pulling from library/hello-world
4f55086f7dd0: Pull complete #### !!!!!!!!!!!!!!!!
Digest: sha256:f9078146db2e05e794366b1bfe584a14ea6317f44027d10ef7dad65279026885
Status: Downloaded newer image for hello-world:latest
Hello from Docker! ##### !!!!!!!!!!!!!!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/2.2 其过程可以简单的描述为:
- 从本地查找hello-wrold镜像,没找到
- 从 Docker Hub 下载hello-world镜像。
- 启动hello-world容器。
2.3 清空刚才的实验环境:
bash
[root@docker ~ 14:22:16]# docker rm -f $(docker ps -aq)
b239d988404f
199a04ded9b1 #删除所有容器
[root@docker ~ 14:26:10]# docker rmi -f hello-world
Untagged: hello-world:latest
Untagged: hello-world@sha256:f9078146db2e05e794366b1bfe584a14ea6317f44027d10ef7dad65279026885
Deleted: sha256:e2ac70e7319a02c5a477f5825259bd118b94e8b02c279c67afa63adab6d8685b
Deleted: sha256:897b3f2a7c1bc2f3d02432f7892fe31c6272c521ad4d70257df624504a3238b4 #删除镜像hello-world2.4 此刻docker环境没有问题了,关机拍摄快照 !!!
三 、docker C/S分离部署
基于 CentOS-Stream-8模板制作.pdf 这个实验手册做出来的模板克隆虚拟机命名为docker_client和
docker_server
3.1 docker server端配置
配置ip 192.168.108.30
配置hostname docker_server
bash
[root@localhost ~]# hostnamectl set-hostname docker_server
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual
ipv4.addresses 192.168.108.30/24 ipv4.gateway 192.168.108.2 ipv4.dns
192.168.108.2 autoconnect yes
[root@localhost ~]# nmcli con up ens1603.1.1 安装软件
bash
[root@docker_server ~ 15:04:46]# yum install -y yum-utils device-mapper-persistent-data lvm2 vim
Last metadata expiration check: 2:47:43 ago on Fri 08 May 2026 12:17:11 PM CST.
Package yum-utils-4.0.21-25.el8.noarch is already installed.
Package device-mapper-persistent-data-0.9.0-7.el8.x86_64 is already installed.
Package lvm2-8:2.03.14-14.el8.x86_64 is already installed.
Package vim-enhanced-2:8.0.1763-19.el8.4.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@docker_server ~ 15:05:15]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@docker_server ~ 15:05:40]# yum makecache
[root@docker_server ~ 15:05:57]# yum install -y docker-ce
Last metadata expiration check: 0:00:14 ago on Fri 08 May 2026 03:05:56 PM CST.
Package docker-ce-3:26.1.3-1.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@docker_server ~ 15:06:32]# systemctl enable docker.service --now
[root@docker_server ~ 15:07:16]# vim /etc/docker/daemon.json
[root@docker_server ~ 15:07:30]# cat /etc/docker/daemon.json
{
"registry-mirrors": [ "https://019e0631343179d8a40e9fc7553ac824.mirror.swr.myhuaweicloud.com" ]
}
# 按"Esc",输入:wq保存并退出。
#重启容器引擎
[root@docker_server ~ 15:07:49]# systemctl restart docker3.1.2 配置服务
bash
[root@docker_server ~ 15:08:40]# vim /usr/lib/systemd/system/docker.service
# 在ExecStart参数中最后添加 -H tcp://0.0.0.0:2375,docker默认监听2375
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
-H tcp://0.0.0.0:2375
[root@docker_server ~ 15:10:34]# systemctl daemon-reload
[root@docker_server ~ 15:10:47]# systemctl restart docker.service
[root@docker_server ~ 15:11:24]# systemctl stop firewalld3.1.3 验证
bash
[root@docker_server ~ 15:11:40]# yum install lsof
[root@docker_server ~ 15:12:07]# lsof -i :2375
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dockerd 2244 root 3u IPv6 39455 0t0 TCP *:docker (LISTEN)3.2 docker_client端
配置ip 192.168.108.31
bash
[root@localhost ~]# hostnamectl set-hostname docker_client
[root@localhost ~]# nmcli connection modify ens160 ipv4.method manual
ipv4.addresses 192.168.108.31/24 ipv4.gateway 192.168.108.2 ipv4.dns
192.168.108.2 autoconnect yes
[root@localhost ~]# nmcli con up ens1603.1 只安装docker客户端
bash
root@docker_client ~ 15:03:37]# yum install -y yum-utils device-mapper-persistent-data lvm2 vim
Last metadata expiration check: 2:56:01 ago on Fri 08 May 2026 12:17:11 PM CST.
Package yum-utils-4.0.21-25.el8.noarch is already installed.
Package device-mapper-persistent-data-0.9.0-7.el8.x86_64 is already installed.
Package lvm2-8:2.03.14-14.el8.x86_64 is already installed.
Package vim-enhanced-2:8.0.1763-19.el8.4.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@docker_client ~ 15:13:14]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@docker_client ~ 15:13:25]# yum makecache
[root@docker_client ~ 15:13:37]# yum install -y docker-ce-cli
Last metadata expiration check: 0:00:17 ago on Fri 08 May 2026 03:13:36 PM CST.
Package docker-ce-cli-1:26.1.3-1.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!3.2 验证
bash
[root@docker_client ~ 15:13:54]# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
4f55086f7dd0: Pull complete
Digest: sha256:f9078146db2e05e794366b1bfe584a14ea6317f44027d10ef7dad65279026885
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
# client端连接server端执行命令
[root@docker_client ~ 15:14:16]# docker -H 192.168.108.30 run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
4f55086f7dd0: Pull complete
Digest: sha256:f9078146db2e05e794366b1bfe584a14ea6317f44027d10ef7dad65279026885
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
[root@docker_client ~ 15:15:01]# docker -H 192.168.108.30 images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest e2ac70e7319a 6 weeks ago 10.1kB
#这里也可以切换到Server端查看现象说明:client只做管理,image和container存储在server端。