1.rhel7虚拟机的封装
基本和8是一样的,配置yum源,配置ip(7的yum和8不太一样,不需要写APPSTREAM等,直接指向目录即可)
安装一些常用的软件如vim,lftp,bash-*
火墙和selinux关闭。
接下来就是虚拟机的克隆
[root@westos Desktop]# cd /var/lib/libvirt/images/
镜像所在目录
[root@westos images]# virt-sysprep -d rhel7.6-new
清理缓存
libguestfs-tools
压缩之前需要装这个
[root@westos images]# virt-sparsify --compress rhel7.6-new.qcow2 new.qcow2
[root@westos images]# du -sh new.qcow2
552M new.qcow2
压缩后就552M
[root@westos images]# rm -rf rhel7.6-new.qcow2
把原始21G的镜像删除
[root@westos images]# qemu-img create -f qcow2 -b new.qcow2 demo1
通过母盘创建新子镜像
以后就用子镜像创建虚拟机即可。
2.什么是docker?
docker好比传统的货运集装箱
为镜像打包提供了一种标准,集装箱是有标准的。
docker是管理容器的引擎
docker为应用打包、部署平台,而非简单的虚拟化技术。
传统虚拟化需要有操作系统,但是容器不需要,容器共享的是宿主机的操作系统。
安全性VM天生比容器强
容器启动快,耗费资源少
虚拟机存储镜像较大,容器镜像很小。
docker容器的优势:一次构建,可以在任何地方运行
3.docker的安装
由于yum源没有配成功,我使用阿里云镜像作为yum源
[root@server1 ~]# cat /etc/yum.repos.d/docker.repo
[docker]
name=docker-ce
baseurl=http://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/
gpgcheck=0
enabled=1
解决了一堆依赖性问题
wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm
wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/slirp4netns-0.4.3-4.el7_8.x86_64.rpm
wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm
wget https://src.fedoraproject.org/rpms/slirp4netns.git#1958b3b2d0a05683df0ac8044de5a929b91ca3d4
wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm
wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/fuse3-libs-3.6.1-4.el7.x86_64.rpm
一些依赖性的解决,以后也许会用得上
yum install docker-ce -y
systemctl enable --now docker.service
docker info
查看docker的信息
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
docker 的桥接有问题,需要解决
[root@server1 ~]# sysctl -a |grep bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 0
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.docker0.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
过滤一下参数
warning不会影响容器的运行但是可能会影响到容器的网络。
解决方法:
[root@server1 ~]# cd /etc/sysctl.d/
[root@server1 sysctl.d]# vim docker.conf
[root@server1 sysctl.d]# cat docker.conf
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
sysctl --system
使之生效
Registry: https://index.docker.io/v1/
在docker info中可以看到,仓库直接指向官方
[root@server1 sysctl.d]# docker pull nginx
尝试拉取nginx
可以设置加速器
[root@server1 sysctl.d]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 15007 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2035 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 814 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 200
linuxserver/nginx An Nginx container, brought to you by LinuxS… 147
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 130 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 118 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 99 [OK]
bitnami/nginx Bitnami nginx Docker Image 97 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co… 70 [OK]
privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 55 [OK]
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 55
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 37
staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 23 [OK]
schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK]
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 18
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 15
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13
bitwarden/nginx The Bitwarden nginx web server acting as a r… 11
flashspys/nginx-static Super Lightweight Nginx Image 10 [OK]
bitnami/nginx-ingress-controller Bitnami Docker Image for NGINX Ingress Contr… 9 [OK]
mailu/nginx Mailu nginx frontend 8 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 2 [OK]
wodby/nginx Generic nginx 1 [OK]
centos/nginx-110-centos7 Platform for running nginx 1.10 or building … 0
直接以软件名为名字的就是官方的
[root@server1 sysctl.d]# docker search yakexi007
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
yakexi007/game2048 0
yakexi007/mario 0
yakexi007/nginx 0
拉取一个2048游戏试试
[root@server1 sysctl.d]# docker pull yakexi007/game2048
Using default tag: latest
latest: Pulling from yakexi007/game2048
534e72e7cedc: Pull complete
f62e2f6dfeef: Pull complete
fe7db6293242: Pull complete
3f120f6a2bf8: Pull complete
4ba4e6930ea5: Pull complete
Digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390
Status: Downloaded newer image for yakexi007/game2048:latest
docker.io/yakexi007/game2048:latest
拉取成功
[root@server1 sysctl.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yakexi007/game2048 latest 19299002fdbe 4 years ago 55.5MB
镜像已经到位
[root@server1 sysctl.d]# docker history yakexi007/game2048:latest
IMAGE CREATED CREATED BY SIZE COMMENT
19299002fdbe 4 years ago /bin/sh -c #(nop) CMD ["/bin/sh" "-c" "sed … 0B
<missing> 4 years ago /bin/sh -c #(nop) EXPOSE 80/tcp 0B
<missing> 4 years ago /bin/sh -c #(nop) COPY dir:cb74e9c037a3d501c… 600kB
<missing> 4 years ago /bin/sh -c #(nop) MAINTAINER Golfen Guo <go… 0B
<missing> 4 years ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 4 years ago /bin/sh -c #(nop) EXPOSE 443/tcp 80/tcp 0B
<missing> 4 years ago /bin/sh -c #(nop) COPY file:d15ceb73c6ea776c… 1.1kB
<missing> 4 years ago /bin/sh -c #(nop) COPY file:af94db45bb7e4b8f… 643B
<missing> 4 years ago /bin/sh -c GPG_KEYS=B0F4253373F8F6F510D42178… 50.1MB
<missing> 4 years ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.11.7 0B
<missing> 4 years ago /bin/sh -c #(nop) MAINTAINER NGINX Docker M… 0B
<missing> 4 years ago /bin/sh -c #(nop) ADD file:7afbc23fda8b0b387… 4.8MB
docker history可以查看拉取时候的端口
[root@server1 sysctl.d]# docker run -d --name demo -p 80:80
run 运行开启,-d 打入后台,–name 起一个名字 -p 端口,第一个80是宿主机的80端口第二个80是镜像的80端口
[root@server1 sysctl.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be1f2c9df05c yakexi007/game2048 "/bin/sh -c 'sed -i …" 19 seconds ago Up 19 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp demo
显示当前运行的容器
输入自己的宿主机的IP,发现2048游戏