安裝及配置docker(基於Ubuntu)
sasurai@ubuntu:~$ sudo apt install docker.io
sasurai@ubuntu:~$ docker version
Client:
Version: 19.03.2
API version: 1.40
Go version: go1.12.9
Git commit: 6a30dfca03
Built: Mon Sep 16 03:56:22 2019
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 19.03.2
API version: 1.40 (minimum version 1.12)
Go version: go1.12.9
Git commit: 6a30dfca03
Built: Wed Sep 11 22:45:55 2019
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.10-0ubuntu1
GitCommit:
runc:
Version: spec: 1.0.1-dev
GitCommit:
docker-init:
Version: 0.18.0
GitCommit:
設置爲阿里雲的鏡像加速器
sudo vim /etc/docker/daemon.json
內容如下:
{
"registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]
}
重啓docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
免sudo使用docker命令
# 將當前用戶加入docker組
sudo gpasswd -a $USER docker
註銷該用戶後,重新登錄該用戶
網上還有一種修改如下:
// 新增docker組(如果不存在docker組)
sudo groupadd docker
// docker組中加入當前用戶
sudo usermod -aG docker $USER
// 重啓docker服務
sudo systemctl restart docker
也有稍微帶了一點說明的如下:
Docker守候進程綁定的是一個unix socket,而不是TCP端口。這個套接字默認的屬主是root,其他是用戶可以使用sudo命令來訪問這個套接字文件。因爲這個原因,docker服務進程都是以root帳號的身份運行的。當docker進程啓動的時候,會設置該套接字可以被docker這個分組的用戶讀寫。
但是少了一個驗證的環節,/var/run/docker.sock
的具體權限如下:
# socket文件權限
sasurai@ubuntu:~$ ll /var/run/docker.sock
srw-rw---- 1 root docker 0 Nov 18 01:05 /var/run/docker.sock=
# docker命令權限
sasurai@ubuntu:~$ ll `which docker`
-rwxr-xr-x 1 root root 89057216 Sep 11 15:45 /usr/bin/docker*
從以上權限可看出:
對/var/run/docker.sock
,其他用戶無讀寫權限,只有docker組用戶和root用戶可以讀寫。而對docker
命令來說,任何用戶都可以運改命令,但是並不一定都能通過該命令操作/var/run/docker.sock
。
拉取MySQL鏡像
可用的標籤如下:
- 8.0.18, 8.0, 8, latest
- 5.7.28, 5.7, 5
- 5.6.46, 5.6
這裏選擇5.7版本的MySQL數據庫:docker pull mysql:5.7
將MySQL跑起來
最簡單的方式:
docker run \ # Run a command in a new container
--name mysql-master \ # Assign a name to the container
-e MYSQL_ROOT_PASSWORD=mysql-master \ # Set environment variables
-p 3306:3306 \ # Publish a container's port(s) to the host
mysql:5.7 # 鏡像名稱:版本號
環境變量
-
MYSQL_ROOT_PASSWORD
:強制要求的,會在容器創建時將root用戶密碼設置成改變量的值。沒有啓動會報錯,如下所示:yangyu@ubuntu:~$ docker run --name mysql-master2 -p 3307:3307 mysql:5.7 2019-11-19 06:16:27+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.28-1debian9 started. 2019-11-19 06:16:27+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql' 2019-11-19 06:16:27+00:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 5.7.28-1debian9 started. 2019-11-19 06:16:27+00:00 [ERROR] [Entrypoint]: Database is uninitialized and password option is not specified You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD
-
MYSQL_DATABASE
:可選項。會在容器創建的時候創建改數據庫。如果有指定用戶名和密碼,會將該用戶設置成改數據庫的超級用戶。 -
MYSQL_USER
,MYSQL_PASSWORD
:可選項。容器創建時創建該用戶。
掛載自定義配置文件
docker run --name some-mysql \
-v /my/custom:/etc/mysql/conf.d \ # Bind mount a volume
-e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:tag
疑問
docker run
與docker container run
之間是什麼關係?
CLI restructured
Docker has grown many features over the past couple years and the Docker CLI now has a lot of commands (40 at the time of writing). Some, like build or run are used a lot, some are more obscure, like pause or history. The many top-level commands clutters help pages and makes tab-completion harder.
In Docker 1.13, we regrouped every command to sit under the logical object it’s interacting with. For example list and startof containers are now subcommands of docker container and history is a subcommand of docker image.
docker container list
docker container start
docker image history
These changes let us clean up the Docker CLI syntax, improve help text and make Docker simpler to use. The old command syntax is still supported, but we encourage everybody to adopt the new syntax.
from : https://www.docker.com/blog/whats-new-in-docker-1-13/
簡而言之,兩者等效,但是後者是命令重構之後的寫法,更推薦後面的寫法。同時,還有很多其他類似的命令如:docker start
與docker container start
,也是同樣的道理。但是感覺前面的命令不用敲container
,用起來還是蠻香的。