Docker+Jenkins+Kubernetes学习笔记
Docker+Jenkins+Kubernetes
0、准备工作
修改云服务器主机名称
hostnamectl set-hostname "k-master" --static
获取服务器公有ip
curl http://ifconfig.io
生成ssh key
ssh-keygen -t ed25519 -C "xxxxx@xxxxx.com"
cat ~/.ssh/id_ed25519.pub
1、Docker
1.1、基本概念
Client:操作Docker主机的客户端/命令行/UI
Docker_Host:安装Docker的主机
Docker daemon:运行在Docker主机上的Docker后台程序
Registry:Dcoker镜像仓库(Docker Hub)
Images:Docker镜像
Containers:由镜像启动起来的程序(实例)
1.2、安装
移除之前版本的docker
yum remove docker \\docker-client \\docker-client-latest \\docker-common \\docker-latest \\docker-latest-logrotate \\docker-logrotate \\docker-engine
安装docker依赖
yum install -y yum-utils
设置yum源
# 国外
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# 国内
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
查看所有可用dokcer版本
[root@k8s-master ~]# yum list docker-ce --showduplicates | sort -r
Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror, langpacks
docker-ce.x86_64 3:23.0.3-1.el7 docker-ce-stable
docker-ce.x86_64 3:23.0.2-1.el7 docker-ce-stable
docker-ce.x86_64 3:23.0.1-1.el7 docker-ce-stable
docker-ce.x86_64 3:23.0.0-1.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.9-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.7-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.6-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.5-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.4-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.24-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.2-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.23-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.22-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.21-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.20-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.19-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.18-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.17-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.16-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.15-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.14-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.13-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.12-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.11-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.10-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.0-3.el7 docker-ce-stable
安装docker
# 安装最新版本
yum install docker-ce docker-ce-cli containerd.io
# 安装指定版本
yum install docker-ce-20.10.5-3.el7 docker-ce-cli-20.10.5-3.el7 containerd.io
测试
docker -v
启动
systemctl enable docker --now
1.3、卸载
停止服务
systemctl stop docker
卸载docker
yum remove docker-ce docker-ce-cli containerd.io
删除镜像
rm -rf /var/lib/dockerrm -rf /var/lib/containerd
1.4、配置镜像加速
容器镜像服务->镜像加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{"registry-mirrors": ["https://12sotewv.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
1.5、镜像命令
镜像尽量挑选版本带alpine(精简版)、slim(瘦身版)
1、查看镜像
# 查看镜像
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
#--------------------------------------参数--------------------------------------
# -a 显示所有镜像
# -q 只显示id
- REPOSITORY:镜像名称
- TAG:镜像版本
- IMAGE ID:镜像的id
- CREATED:镜像的创建时间
- SIZE:镜像的大小
2、拉取镜像
[root@k8s-master ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
bb263680fed1: Pull complete
258f176fd226: Pull complete
a0bc35e70773: Pull complete
077b9569ff86: Pull complete
3082a16f3b61: Pull complete
7e9b29976cce: Pull complete
Digest: sha256:6650513efd1d27c1f8a5351cbd33edf85cc7e0d9d0fcb4ffb23d8fa89b601ba8
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@k8s-master ~]# docker pull mysql:5.7
5.7: Pulling from library/mysql
e048d0a38742: Pull complete
c7847c8a41cb: Pull complete
351a550f260d: Pull complete
8ce196d9d34f: Pull complete
17febb6f2030: Pull complete
d4e426841fb4: Pull complete
fda41038b9f8: Pull complete
f47aac56b41b: Pull complete
a4a90c369737: Pull complete
97091252395b: Pull complete
84fac29d61e9: Pull complete
Digest: sha256:8cf035b14977b26f4a47d98e85949a7dd35e641f88fc24aa4b466b36beecf9d6
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
#--------------------------------------参数--------------------------------------
# 不声明版本,默认版本为latest
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 3f8a00f137a0 12 days ago 142MB
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
3、移除镜像
[root@k8s-master ~]# docker rmi nginx:latest
Untagged: nginx:latest
Untagged: nginx@sha256:6650513efd1d27c1f8a5351cbd33edf85cc7e0d9d0fcb4ffb23d8fa89b601ba8
Deleted: sha256:3f8a00f137a0d2c8a2163a09901e28e2471999fde4efc2f9570b91f1c30acf94
Deleted: sha256:ccfe545858415bccd69b8edff4da7344d782985f22ad4398bdaa7358d3388d15
Deleted: sha256:e34f63c02e162795cc8a2b43d1a3ff0ccd6d3456ce12aebb74452e252d1ecb8a
Deleted: sha256:cf7515030d4de4fb66994e0d9fccbaf19fcfbf46f7dad8cf895051750b840128
Deleted: sha256:1486739bc51436dd10d2bc1d45e130771c73d3aee35e49971905aa767d195342
Deleted: sha256:452008e5f3c114989bfc978a2829cf061f0868463f3553b4e20c964a41eda749
Deleted: sha256:4695cdfb426a05673a100e69d2fe9810d9ab2b3dd88ead97c6a3627246d83815
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
#--------------------------------------参数--------------------------------------
# docker rmi 镜像名称:镜像版本(不声明版本,默认版本为latest)
# -f 强制删除
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 2f66aad5324a 12 days ago 117MB
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
[root@VM-4-12-centos ~]# docker rmi 2f66aad5324a
Untagged: redis:latest
Untagged: redis@sha256:6a59f1cbb8d28ac484176d52c473494859a512ddba3ea62a547258cf16c9b3ae
Deleted: sha256:2f66aad5324aa9c60ecde39b98e85c5342212d290b50399d4ab01173b349fd42
Deleted: sha256:98ff323507c487cc05088a85a662a0e661cb1300e3acdccd702e16c597ef0816
Deleted: sha256:1e6f664c56497ac1cbe483d3957e25aaa10b7cb8b443c6abbf61c2951a02bddf
Deleted: sha256:2fcc15ff4a45cbab2c0cbb5d76ed1315959bb2cbae3707f67801a8c23ecca910
Deleted: sha256:5c8fb40c05b8edda1e3b30473768d50cff63f48e47845c587bf3f0a5920dccbc
Deleted: sha256:6b8d73641e09bcb724f5d6f947be2e1f3f629b2067c85b7bb28406e562eeb950
Deleted: sha256:4695cdfb426a05673a100e69d2fe9810d9ab2b3dd88ead97c6a3627246d83815
[root@k8s-master ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
#--------------------------------------参数--------------------------------------
# docker rmi 镜像ID
# 删除多个镜像:docker rmi -f 镜像ID 镜像ID 镜像ID 镜像ID
# 删除全部的镜像:docker rmi -f $(docker images -aq)
1.6、容器命令
1、查看运行中的docker容器
[root@k8s-master ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#--------------------------------------参数--------------------------------------
# -a :会列出当前服务器中所有的容器,无论是否在运行
# -s:会列出容器的文件大小(容器增加的大小/容器的虚拟大小)
# -q:仅列出CONTAINER ID 字段
# -l: 显示最后一个运行的容器(无论该容器目前处于什么状态)
# -n 数量x:显示最后 x 个运行容器,当x为1时和 -l 含义相同(无论该容器目前处于什么状态)
- CONTAINER ID:容器ID
- IMAGE:镜像名称
- COMMAND:运行容器时的命令
- CREATED:创建时间
- STATUS:状态
- created(已创建)
- restarting(重启中)
- running(运行中)
- removing(迁移中)
- paused(暂停)
- exited(停止)
- dead(死亡)
- PORTS:端口
- NAMES:容器的别名,在运行容器执行docker run 时可使用 --name进行指定
2、通过镜像运行容器
# 根据镜像创建容器(需要手动start)
docker create 镜像名:镜像版本
# 根据镜像创建容器(直接启动)
docker run 镜像名:镜像版本
[root@k8s-master /]# docker run -d nginx
127a6ca8f89d1a0e4eb188bead4682e17195468162b82831dea7e4ac8a545f36
[root@k8s-master /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
127a6ca8f89d nginx "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 80/tcp boring_taussig
#--------------------------------------参数--------------------------------------
# --name="Name" 指定容器名称
# -d 后台方式运行
# -it 使用交互方式运行,进入容器查看内容
# -p 指定容器的端口
# -p ip:主机端口:容器端口
# -p 主机端口:容器端口(常用)
# p 容器端口
# --rm 容器退出时删除容器
#----------------------------------分割线---------------------------------
# exit 退出容器(停止运行)
# ctrl+p+q退出容器(不停止运行)
3、启动容器
# 启动容器
docker start 容器id
# 继续运行容器
docker unpause 容器id
# 重启容器
docker restart 容器id
[root@k8s-master /]# docker start 127a6ca8f89d
127a6ca8f89d
[root@k8s-master /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
127a6ca8f89d nginx "/docker-entrypoint.…" 2 minutes ago Up 3 seconds 80/tcp boring_taussig
4、停止容器
# 停止容器
docker stop 容器id
# 暂停容器
docker pause 容器id
# 强制停止容器
docker ki11 容器id
[root@k8s-master /]# docker stop 127a6ca8f89d
127a6ca8f89d
[root@k8s-master /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
127a6ca8f89d nginx "/docker-entrypoint.…" 58 seconds ago Exited (0) 21 seconds ago boring_taussig
5、移除容器
[root@k8s-master /]# docker rm 127a6ca8f89d
127a6ca8f89d
[root@k8s-master /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
#--------------------------------------参数--------------------------------------
# -f 强制移除容器
6、端口映射
[root@k8s-master /]# docker run -d -p 88:80 nginx
18839e216c224a439006d7275d584aa647f6f6f564970bfe0e8712d0cadbe886
[root@k8s-master /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
18839e216c22 nginx "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:88->80/tcp, :::88->80/tcp infallible_chatelet
7、进入容器
#--------------------------------------参数--------------------------------------
# -f 强制移除容器[root@k8s-master /]# docker exec -it 18839e216c22 /bin/bash
root@18839e216c22:/# ls
bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@18839e216c22:/# cd /usr/share/nginx/html/
root@18839e216c22:/usr/share/nginx# vim index.html
bash: vim: command not found
root@18839e216c22:/usr/share/nginx/html# echo "<h1>welcome to lianxin</h1>" > index.html
root@18839e216c22:/usr/share/nginx/html# exit
exit
#--------------------------------------参数--------------------------------------
# --privileged 容器最高权限
8、提交容器改变
[root@k8s-master /]# docker commit -m="index.html change" -a="lianxin" 18839e216c22 lnginx:0.1
sha256:eb2b6543a33bdc5cb395936fe39bd7bc6b5d2bfbd844633e7afcb5fb6bca8125
[root@k8s-master /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
lnginx 0.1 eb2b6543a33b 9 seconds ago 142MB
redis latest 2f66aad5324a 12 days ago 117MB
nginx latest 3f8a00f137a0 12 days ago 142MB
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
centos centos7 eeb6ee3f44bd 17 months ago 204MB
如果命令提交多次出现none的镜像,可以使用命令清除游离镜像
docker image prune
9、容器保存
保存为tar文件(export/import主要针对与容器,save/load主要针对于镜像)
[root@k8s-master ~]# docker save -o lnginx.tar lnginx:0.1
[root@k8s-master ~]# ls
lnginx.tar
#--------------------------------------tar文件使用--------------------------------------
# docker load -i lnginx.tar
推送到远程仓库
[root@VM-4-12-centos ~]# docker login -uxumeng1019
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded
#--------------------------------------分割线--------------------------------------
# docker logou:登出
#--------------------------------------分割线--------------------------------------
[root@VM-4-12-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
lnginx 0.1 eb2b6543a33b 25 minutes ago 142MB
redis latest 2f66aad5324a 12 days ago 117MB
nginx latest 3f8a00f137a0 12 days ago 142MB
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
centos centos7 eeb6ee3f44bd 17 months ago 204MB
[root@VM-4-12-centos ~]# docker tag lnginx:0.1 xumeng1019/lnginx:1.0
[root@VM-4-12-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
lnginx 0.1 eb2b6543a33b 28 minutes ago 142MB
xumeng1019/lnginx 1.0 eb2b6543a33b 28 minutes ago 142MB
redis latest 2f66aad5324a 12 days ago 117MB
nginx latest 3f8a00f137a0 12 days ago 142MB
mysql 5.7 be16cf2d832a 2 weeks ago 455MB
centos centos7 eeb6ee3f44bd 17 months ago 204MB
[root@VM-4-12-centos ~]# docker push xumeng1019/lnginx:1.0
The push refers to repository [docker.io/xumeng1019/lnginx]
23af71e8b850: Pushed
3ea1bc01cbfe: Pushed
a76121a5b9fd: Pushed
2df186f5be5c: Pushed
21a95e83c568: Pushed
81e05d8cedf6: Pushed
4695cdfb426a: Pushed
1.0: digest: sha256:fc7a7e98bb370a6b63f90d1e1fe10ec2305af8f0ede397284c4ab386161ec78f size: 1778
#--------------------------------------登录后账户密码存储位置--------------------------------------
# /root/.docker/config.json.
10、挂载
bind mount:-v后面直接跟绝对路径
[root@k8s-master ~]# docker run -d --name="lnginx" -p 88:80 -v /root/lnginx/html:/usr/share/nginx/html nginx
a2c2346b2d60b6c3bf37b6affe2329af3726eebd3e82bcb64b59e2f3a371d617
[root@k8s-master ~]# echo "welcome to lianxin" > ./lnginx/html/index.html
volume(推荐):-v后面跟卷名(具名卷)或空(匿名卷)
[root@k8s-master ~]# docker run -d -p 81:80 --name nginx1 -v nginx:/usr/share/nginx/html nginx
f1951befcf50cfd0a42e3f23811881cb62f14f939ed4882f4dbbb8d2fb86c762
[root@k8s-master ~]# docker volume ls
DRIVER VOLUME NAME
local nginx
[root@k8s-master ~]# docker inspect nginx1
"Mounts": [{"Type": "volume","Name": "nginx","Source": "/var/lib/docker/volumes/nginx/_data","Destination": "/usr/share/nginx/html","Driver": "local","Mode": "z","RW": true,"Propagation": ""}],
[root@k8s-master _data]# docker run -d -p 82:80 --name nginx2 -v /usr/share/nginx/html nginx
19b1edd2270d7cce4b3df8e5f4710f37f8f3cd71f611c53c30fa2f07b52a8319
[root@k8s-master _data]# docker volume ls
DRIVER VOLUME NAME
local 145d59e5522f058fe86faa58f126e44a09a97ba22b020f6c96a2c9b27a7fcf5e
local nginx
[root@k8s-master _data]# docker inspect nginx2
"Mounts": [{"Type": "volume","Name": "145d59e5522f058fe86faa58f126e44a09a97ba22b020f6c96a2c9b27a7fcf5e","Source": "/var/lib/docker/volumes/145d59e5522f058fe86faa58f126e44a09a97ba22b020f6c96a2c9b27a7fcf5e/_data","Destination": "/usr/share/nginx/html","Driver": "local","Mode": "","RW": true,"Propagation": ""}],
11、容器日志
[root@k8s-master conf]# docker logs a2c2346b2d60
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/02/21 17:27:58 [notice] 1#1: using the "epoll" event method
2023/02/21 17:27:58 [notice] 1#1: nginx/1.23.3
2023/02/21 17:27:58 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2023/02/21 17:27:58 [notice] 1#1: OS: Linux 3.10.0-1160.71.1.el7.x86_64
2023/02/21 17:27:58 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2023/02/21 17:27:58 [notice] 1#1: start worker processes
2023/02/21 17:27:58 [notice] 1#1: start worker process 29
2023/02/21 17:27:58 [notice] 1#1: start worker process 30
2023/02/21 17:27:58 [notice] 1#1: start worker process 31
2023/02/21 17:27:58 [notice] 1#1: start worker process 32
2023/02/21 17:27:58 [notice] 1#1: start worker process 33
2023/02/21 17:27:58 [notice] 1#1: start worker process 34
2023/02/21 17:27:58 [notice] 1#1: start worker process 35
2023/02/21 17:27:58 [notice] 1#1: start worker process 36
2023/02/21 17:28:02 [error] 30#30: *1 directory index of "/usr/share/nginx/html/" is forbidden, client: 183.195.74.46, server: localhost, request: "GET / HTTP/1.1", host: "150.158.24.200:88"
183.195.74.46 - - [21/Feb/2023:17:28:02 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" "-"
183.195.74.46 - - [21/Feb/2023:17:29:05 +0000] "GET / HTTP/1.1" 200 19 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" "-"
92.118.39.82 - - [21/Feb/2023:17:30:52 +0000] "GET / HTTP/1.1" 200 19 "-" "-" "-"
92.118.39.82 - - [21/Feb/2023:17:30:53 +0000] "GET /cgi-bin/downloadFlile.cgi HTTP/1.1" 404 153 "-" "Hello World" "-"
2023/02/21 17:30:53 [error] 33#33: *5 open() "/usr/share/nginx/html/cgi-bin/downloadFlile.cgi" failed (2: No such file or directory), client: 92.118.39.82, server: localhost, request: "GET /cgi-bin/downloadFlile.cgi HTTP/1.1", host: "150.158.24.200:88"
#--------------------------------------参数--------------------------------------
# -f 跟踪日志
12、文件复制
[root@k8s-master ~]# docker cp a2c2346b2d60:/etc/nginx/nginx.conf /lnginx/conf/
Successfully copied 2.56kB to /lnginx/conf/
[root@k8s-master ~]# cd /lnginx/conf/
[root@k8s-master conf]# ls
nginx.conf
#--------------------------------------分割线--------------------------------------
# 反之亦然
# 把容器里的复制到外部
docker cp CONTAINER:path1 path2
# 把外部文件复制到容器里
docker cp path2 CONTAINER:path1
1.7、文件系统原理
1.8、Dockerfile
Dockerfile编写自己的docker镜像,一般由四部分组成
- 基础镜像信息
- 维护者信息
- 镜像操作指令
- 容器启动时执行指令
0、注释
# 这是dockerfile的注释
1、命令简介
| 指令 | 说明 |
|---|---|
| FROM | 指定基础镜像 |
| MAINTAINER | 指定开发者,被label取代了 |
| LABEL | 指定开发者等信息 |
| RUN | 指定构建镜像时执行的命令 |
| ENV | 指定环境变量,可以在运行时使用–env=传递参数 |
| ARG | 指定镜像构建的参数,可以在构建时使用–build-arg= 传递,会覆盖Dockerfile 中指定的同名参数 |
| ADD | 复制指定路径下的内容到容器中的dest路径下,路径为url会自动下载, 路径为tar文件,会自动解压 |
| COPY | 复制本地主机路径下的内容到镜像中的dest路径下,不会自动解压等 |
| WORKDIR | 配置工作目录,为后续的RUN、CMD、ENTRYPOINT指令配置工作目录 |
| VOLUME | 创建数据卷挂载点 |
| EXPOSE | 声明镜像内服务监听的端口 |
| CMD | 指定启动容器时默认的命令 |
| ENTRYPOINT | 指定镜像的默认入口.运行命令 v |
2、命令详解
FROM
指定基础镜像,必须为第一个命令
# 格式:FROM <image>FROM <image>:<tag>FROM <image>@<digest>
# 示例:FROM apline
# 注意事项:
# tag或digest是可选的,如果不使用这两个值时,会使用latest版本的基础镜像
Label
指定开发者等信息
# 格式:LABEL key=value key=value key=value
# 示例:LABEL MAINTAINER="xumeng" EMAIL="xumeng03@bilibili.com"
# 注意事项:
# 可以使用\\进行换行
RUN
指定构建镜像时执行的命令
#格式:RUN <command>RUN ["executable", "param1", "param2"]
#示例:RUN echo 'hello world'RUN ["echo",'hello world']
# 注意事项
# RUN <command>等同于RUN ["/bin/sh", "-c", "<command>"]
ENV
指定环境变量,可以在运行时使用–env=传递参数
#格式:ENV <key> <value> #<key>之后的所有内容均会被视为其<value>的组成部分,因此,一次只能设置一个变量ENV <key>=<value> <key>=<value> #可以设置多个变量
#示例:ENV myName John DoeENV myDog Rex The DogENV myCat="fluffy"
# 注意事项
# 使用方法:`RUN echo ${myName}`
# 运行 时指定env的值:--env myName=xumeng
ARG
指定镜像构建的参数,可以在构建时使用–build-arg = 传递,会覆盖Dockerfile 中指定的同名参数
#格式:ARG <name>[=<default value>]
#示例:ARG siteARG build_user=www
# 注意事项
# 使用方法:`RUN echo $msg`
# 构建时指定arg的值:--build-arg build_user=ccc
ADD
复制指定路径下的内容到容器中的dest路径下,路径为url会自动下载, 路径为tar文件,会自动解压
#格式:ADD <src>... <dest>ADD ["<src>",... "<dest>"] 用于支持包含空格的路径
#示例:ADD hom* /dest/ # 添加所有以"hom"开头的文件ADD hom?.txt /dest/ # ? 替代一个单字符,例如:"home.txt"ADD test relativeDir/ # 添加 "test" 到 `WORKDIR`/relativeDir/ADD test /absoluteDir/ # 添加 "test" 到 /absoluteDir/ADD https://github.com/redis/redis/archive/7.0.10.tar.gz /dest/
# 注意事项
# 下载和解压并不会同步进行
COPY
复制本地主机路径下的内容到镜像中的dest路径下,不会自动解压等
#格式:COPY <src>... <dest>COPY ["<src>",... "<dest>"] 用于支持包含空格的路径
#示例:COPY hom* /dest/ # 添加所有以"hom"开头的文件COPY hom?.txt /dest/ # ? 替代一个单字符,例如:"home.txt"COPY test relativeDir/ # 添加 "test" 到 `WORKDIR`/relativeDir/COPY test /absoluteDir/ # 添加 "test" 到 /absoluteDir/
WORKDIR
为Dockerfile中跟随它的所有 RUN,CMD,ENTRYPOINT,COPY,ADD 指令设置工作目录
可在Dockerfile中多次使用,如果提供了相对路径,则它将相对于上一个WORKDIR指令的路径
同时也可以为容器交互进入指定目录
#格式:WORKDIR /path/to/workdir
#示例:WORKDIR /a (这时工作目录为/a)WORKDIR b (这时工作目录为/a/b)WORKDIR c (这时工作目录为/a/b/c)
VOLUME
把容器的某些文件夹映射到主机外部
注意:VOLUME和-v命令后面对于卷内容的修改会被丢弃
#格式:VOLUME ["/path/to/dir"]
#示例:VOLUME ["/data"]VOLUME ["/var/www", "/var/log/apache2", "/etc/apache2"
EXPOSE
指定于外界交互的端口,但只是声明
#格式:EXPOSE <port> [<port>...]
#示例:EXPOSE 80 443EXPOSE 8080EXPOSE 11211/tcp 11211/udp
CMD
指定启动容器时默认的命令,可被替换(但常用于给ENTRYPOINT提供参数)
多个CMD前面的会被覆盖
#格式:CMD ["executable","param1","param2"] (执行可执行文件,优先)CMD ["param1","param2"] (设置了ENTRYPOINT,则直接调用ENTRYPOINT添加参数)CMD command param1 param2 (执行shell内部命令)
#示例:CMD echo "This is a test."CMD ["/usr/bin/wc","--help"]
ENTRYPOINT
指定启动容器时默认的命令,不可被替换
多个ENTRYPOINT前面的会被覆盖
#格式:ENTRYPOINT ["executable", "param1", "param2"] (可执行文件, 优先)ENTRYPOINT command param1 param2 (shell内部命令)
#示例:FROM ubuntuENTRYPOINT ["top", "-b"]CMD ["-c"]
3、构建镜像
[root@VM-4-11-centos vue-demo]# docker build -t vuedemo:0.1 .
#--------------------------------------参数--------------------------------------
# --build-arg build_user=ccc 设置镜像创建时的变量
# --no-cache 创建镜像的过程不使用缓存
# -t 镜像的名字及tag
4、Vue项目示例
项目链接:https://pan.baidu.com/s/1OMGYFPJLJVTd2SrnGj1Vxg?pwd=sw4l
FROM node:16.20.0-alpine as builder
COPY ./ /dest
WORKDIR /dest
RUN npm config set registry https://registry.npm.taobao.org/ && \\npm install && \\npm run buildFROM nginx:alpine3.17
COPY --from=builder /dest/dist /usr/share/nginx/html
EXPOSE 80
5、SpringCloud项目示例
项目链接:https://pan.baidu.com/s/1Zw9Z34qOoI2gVGMKB4fUpw?pwd=ufjx
FROM maven:3.6.0-alpine as builder
COPY ./ /dest
WORKDIR /dest
COPY settings.xml /usr/share/maven/conf/settings.xml
RUN mvn packageFROM openjdk:8-jdk-alpine
ENV appName=demo1
ENV appPort=10001
COPY --from=builder /dest/$appName/target/*.jar /app/$appName.jar
WORKDIR /app
RUN ls -l
EXPOSE $appPort
ENTRYPOINT ["sh", "-c", "java -jar $appName.jar"]
2、Jenkins
2.1、基本概念
2.2、安装
[root@VM-4-12-centos ~]# docker run \\
> -u root \\
> -d \\
> --name jenkins-blueocean \\
> -p 8080:8080 \\
> -p 50000:50000 \\
> -v jenkins-data:/var/jenkins_home \\
> -v /etc/localtime:/etc/localtime:ro \\
> -v /var/run/docker.sock:/var/run/docker.sock \\
> --restart=always \\
> jenkinsci/blueocean:1.25.0
f51d7917766657218f20356eb034697d657ba5ee19bfae6becd1162399af1522
安装后有时候还会出现jenkins与linux时间不一致,可以在Manage Jenkins->Script Console,执行下面命令
System.setProperty('org.apache.commons.jelly.tags.fmt.timeZone', 'Asia/Shanghai')
2.3、配置
http://150.158.24.200:8080/
获取密码
[root@VM-4-12-centos ~]# docker logs jenkins-blueocean
······
Jenkins initial setup is required. An admin user has been created and a password generated.
Please use the following password to proceed to installation:cea14606c83c459e8a78053cf8d7297cThis may also be found at: /var/jenkins_home/secrets/initialAdminPassword
······
自定义插件
暂不安装插件
创建管理员
实例配置
进入jenkins
2.4、插件
Jenkins->Manage Jenkins->Manage Plugins->Available
- Credentials Binding Plugin
- Git
- Gitee/Gitlab
- Pipeline
2.5、凭证
Jenkins->Manage Jenkins->Manage Credentials->global
1、username password类型
添加凭证
配置到项目(Freestyle project)
2、ssh key类型
添加凭证
配置到项目(Freestyle project)
2.6、Git Hook
项目开启webhook(一定要生成Gitee WebHook 密码)
gitee配置webhook(如果此时会提示403,检查下webhook密码)
