服務器是ubuntu server 14.04,內核:3.13.0-32-generic , 硬件是dell R520
一、安裝
方法一:
通過系統自帶包安裝
Ubuntu 14.04 版本系統中已經自帶了 Docker 包,可以直接安裝。
$ sudo apt-get update
$ sudo apt-get install -y docker.io
$ sudo ln -sf /usr/bin/docker.io /usr/local/bin/docker
$ sudo sed -i '$acomplete -F _docker docker' /etc/bash_completion.d/docker.io
方法二:
通過Docker源安裝最新版本
要想安裝最新版本的Docker需要使用Docker源來安裝
# apt-get -y install apt-transport-https
# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
# bash -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list"
# apt-get update
# apt-get -y install lxc-docker
# docker -v //查看docker版本
# ps -ef | grep docker
root 17311 1 0 Feb13 ? 00:00:43 /usr/bin/docker -d
2、下載tar包並加入鏡像裏
一般下載鏡像的時候,都是先docker search p_w_picpath_name,然後docker pull p_w_picpath_name
但由於最近GFW屏蔽了網絡,在現在的時候會出現以下錯誤,根本pull不了鏡像。
Pull ingrepository centos
2014
/05/19
13:35:11 Gethttps:
//cdn-registry-1
.docker.io
/v1/repositories/library/centos/tags
:
read
tcp162.159.253.251:443: connection timed out
所以爲了解決此問題,我就從別的地方下載了打包好的tar(後邊會解釋然後自己打包的),然後使用docker load導入先下載(有centos與ubuntu)
wget http://docker.widuu.com/ubuntu.tar
wget http:
//docker
.widuu.com
/centos
.
tar
加入到鏡像裏
#docker load -i centos.
tar
#docker load -i ubuntu.
tar
查看鏡像列表
#docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
<none> <none> 607347d2a946 3 months ago 300.2 MB
ubuntu
/widuu
latest 963b9d0e10ba 3 monthsago 155 MB
給centos的改個名
#docker tag 607 centos:latest
#docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos latest 607347d2a946 3 months ago 300.2 MB
ubuntu
/widuu
latest 963b9d0e10ba 3 monthsago 155 MB
測試鏡像是否可用
#docker run centos /bin/echo "hello,i'm centos system"
hello,i'mcentos system
#docker run ubuntu/widuu /bin/echo "hello,i'm ubuntu system"
hello,i'mubuntu system
使用交換模式
#docker run -i -t centos /bin/bash
bash
-4.1
#ifconfig
eth0 Link encap:Ethernet HWaddr BA:08:86:7F:F8:48
inet addr:172.17.0.4 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::b808:86ff:fe7f:f848
/64Scope
:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:6 errors:0 dropped:2overruns:0 frame:0
TX packets:2 errors:0 dropped:0overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:488 (488.0 b) TX bytes:168 (168.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1
/128
Scope:Host
UP LOOPBACK RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0overruns:0 frame:0
TX packets:0 errors:0 dropped:0overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
bash
-4.1
# exit
退出有2種方式,一種是完全退出,使用exit;另外一中是不完全退出,使用ctrl-p與ctrl-q
這樣你不是完全退出了,但容器狀態還是存在。
可用使用docker attach CONTAINER ID來重新進入。
如果你是完全退出了,docker容器狀態顯示Exited,需要重新啓動docker容器,在使用attach進入.
docker start CONTAINER ID
docker attach CONTAINER ID
在宿主機ubuntu上面測試使用ssh進行連接docker容器
# docker run -i -t centos /bin/bash
bash
-4.1
#ifconfig
eth0 Link encap:Ethernet HWaddr BA:08:86:7F:F8:48
inet addr:172.17.0.4 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::b808:86ff:fe7f:f848
/64Scope
:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:6 errors:0 dropped:2overruns:0 frame:0
TX packets:2 errors:0 dropped:0overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:488 (488.0 b) TX bytes:168 (168.0 b)
爲docker容器裏面root修改密碼
bash
-4.1
#
passwd root
New password:
/usr/share/cracklib/pw_dict.pwd: No such file or directory
PWOpen: No such file or directory
解決方法:
# rpm -e cracklib-dicts --nodepsbash
-4.1
# rpm -e pam --nodepsbash
-4.1
# yum -y install cracklib-dicts pambash
-4.1
就可以成功了。bash
-4.1
#
passwd root
bash
-4.1
#
service sshd start
Starting sshd: [ OK ]bash
-4.1
# netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 :::22 :::* LISTEN
在docker容器上面上面進行ssh連接報下面錯誤
# ssh -l root 172.17.0.4
The authenticity of host '172.17.0.4 (172.17.0.4)' can't be established.
RSA key fingerprint is 9f:10:e8:9e:7c:a3:45:4e:ef:d0:19:f0:11:46:43:4e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.4' (RSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
解決方法:
bash
-4.1
# vim /etc/ssh/sshd_config
將PermitRootLogin no 改成 PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
bash
-4.1
#service sshd restart
bash
-4.1
#setenforce 0
bash
-4.1
# ssh -l root 172.17.0.4
Last login: Fri Jun 26 07:09:47 2015 from 172.17.0.4
[root@504d16302ad4 ~]#
發現登錄成功。
二、私有庫
由於GFW,所以玩docker沒辦法pull與push,並且爲了安全考慮,爲了解決就搭建了私有庫。
Docker 官方提供了 docker registry 的構建方法:https://github.com/docker/docker-registry
方法一,快速構建
快速構建 docker registry 通過以下兩步:
安裝 docker
運行 registry:
docker run -p 5000:5000 registry
這種方法通過 Docker hub 使用官方鏡像 https://registry.hub.docker.com/_/registry/
方法二,不使用容器構建registry
安裝必要的軟件
# apt-get install build-essential python-dev libevent-dev python-pip liblzma-dev gunicorn python-dev -y
配置 docker-registry
# pip install docker-registry
或者 使用 github clone 手動安裝
$ git clone https://github.com/dotcloud/docker-registry.git $ cd docker-registry/ $ cp config/config_sample.yml config/config.yml $ mkdir /data/registry -p $ pip install .
運行
# gunicorn -k gevent --max-requests 100 --graceful-timeout 3600 -t 3600 -b localhost:5000 -w 8 -D --access-logfile /tmp/gunicorn.log docker_registry.wsgi:application
客戶端推送鏡像到私有庫
1、 先註冊賬號
依次輸入你的賬號、密碼、email# docker login localhost:5000
2、給提交的鏡像打標籤
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 504d16302ad4 jdeathe/centos-ssh "/bin/bash" About an hour ago Up 42 minutes 22/tcp serene_bardeen # docker commit 504d16302ad4 centos:v1 b47276971c2db84bd76659da86a4ea5bda227f008c5004152232183066f20533 # docker p_w_picpaths REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE centos v1 b47276971c2d 7 seconds ago 376.8 MB jdeathe/centos-ssh latest b071db8f6e23 4 weeks ago 238 MB
3、推送到私有庫
# docker push localhost:5000/centos
The pushrefers to a repository [localhost:5000
/centos
] (len: 1)
Sendingp_w_picpath list
Pushingrepository localhost:5000
/centos
(1 tags)
Image384630bcda7c already pushed, skipping
Image607347d2a946 already pushed, skipping
5abf7cce3767:Image successfully pushed
Pushingtag
for
rev [5abf7cce3767] on{http:
//localhost
:5000
/v1/repositories/centos/tags/latest
}
# docker p_w_picpaths
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos v1 b47276971c2d About an hour ago 376.8 MB
localhost:5000/centos latest b47276971c2d About an hour ago 376.8 MB
jdeathe/centos-ssh latest b071db8f6e23 4 weeks ago 238 MB