导图社区 Docker
docker基础教程,Docker 使您能够将应用程序与基础架构分开,从而可以快速交付软件。借助 Docker,您可以与管理应用程序相同的方式来管理基础架构。通过利用 Docker 的方法来快速交付,测试和
编辑于2022-11-07 14:58:29 广东Docker
基础控制/配置
docker run -d -p 80:80 docker/getting-started
-d
run the container in detached mode (in the background)
-p 80:80
map port 80 of the host to port 80 in the container
docker/getting-started
the image to use
docker build -t getting-started .
go to the app directory with the Dockerfile and using the docker build command.
Dockerfile
FROM node:12-alpine # Adding build tools to make yarn install work on Apple silicon / arm64 machines RUN apk add --no-cache python2 g++ make WORKDIR /app COPY . . RUN yarn install --production CMD ["node", "src/index.js"]
we wanted to start from the node:12-alpine image. But, since we didn't have that on our machine, that image needed to be downloaded.
we copied in our application and used yarn to install our application's dependencies. The CMD directive specifies the default command to run when starting a container from this image
a text-based script of instructions that is used to create a container image
-t flag tags our image.
. tells that Docker should look for the Dockerfile in the current directory.
Updating our Source
rebuild
docker ps
Get the ID of the container
docker stop <the-container-id>
stop the container
docker rm <the-container-id>
remove a container
docker rm -f <the-container-id>
stop and remove a container in a single command by adding the "force" flag
docker run -d ubuntu bash -c "shuf -i 1-10000 -n 1 -o /data.txt && tail -f /dev/null"
starting a bash shell
picks a single random number and writes it to /data.txt
watching a file to keep the container running
docker exec <container-id> cat /data.txt
查看对应容器data文档生成情况
镜像发布
docker login -u YOUR-USER-NAME
Login to the Docker Hub
docker tag getting-started YOUR-USER-NAME/getting-started
give the getting-started image a new name
docker push YOUR-USER-NAME/getting-started
docker run -dp 3000:3000 YOUR-USER-NAME/getting-started
数据持久化
Named Volumes
docker volume create todo-db
Create a named volume
docker run -dp 3000:3000 -v todo-db:/etc/todos getting-started
Bind Mounts
docker run -dp 3000:3000 \ -w /app -v "$(pwd):/app" \ node:12-alpine \ sh -c "yarn install && yarn run dev"
MAC系统指令
docker run -dp 3000:3000 \ -w /app -v "$(pwd):/app" \ node:12-alpine \ sh -c "apk add --no-cache python2 g++ make && yarn install && yarn run dev"
-w /app - sets the container's present working directory where the command will run from
-v "$(pwd):/app" - bind mount (link) the host's present getting-started/app directory to the container's /app directory. Note: Docker requires absolute paths for binding mounts, so in this example we use pwd for printing the absolute path of the working directory
node:12-alpine - the image to use. Note that this is the base image for our app from the Dockerfile
sh -c "yarn install && yarn run dev" - the command. We're starting a shell using sh (alpine doesn't have bash) and running yarn install to install all dependencies and then running yarn run dev
Comparisons
容器连接
Create network
docker network create todo-app
Start a MySQL
docker run -d \ --network todo-app --network-alias mysql \ -v todo-mysql-data:/var/lib/mysql \ -e MYSQL_ROOT_PASSWORD=secret \ -e MYSQL_DATABASE=todos \ mysql:5.7
docker run -d \ --network todo-app --network-alias mysql --platform linux/amd64\ -v todo-mysql-data:/var/lib/mysql \ -e MYSQL_ROOT_PASSWORD=secret \ -e MYSQL_DATABASE=todos \ mysql:5.7
verify it connects
docker exec -it <mysql-container-id> mysql -p
Connecting to MySQL
nicolaka/netshoot
for troubleshooting or debugging networking issues
docker run -it --network todo-app nicolaka/netshoot
dig mysql
connect the container
docker run -dp 3000:3000 \ -w /app -v "$(pwd):/app" \ --network todo-app \ -e MYSQL_HOST=mysql \ -e MYSQL_USER=root \ -e MYSQL_PASSWORD=secret \ -e MYSQL_DB=todos \ node:12-alpine \ sh -c "yarn install && yarn run dev"
docker run -dp 3000:3000 \ -w /app -v "$(pwd):/app" \ --network todo-app \ -e MYSQL_HOST=mysql \ -e MYSQL_USER=root \ -e MYSQL_PASSWORD=secret \ -e MYSQL_DB=todos \ node:12-alpine \ sh -c "apk --no-cache --virtual build-dependencies add python2 make g++ && yarn install && yarn run dev"
容器组合
Creating Compose File
docker-compose.yml
version: "3.8" services: app: image: node:12-alpine command: sh -c "yarn install && yarn run dev" ports: - 3000:3000 working_dir: /app volumes: - ./:/app environment: MYSQL_HOST: mysql MYSQL_USER: root MYSQL_PASSWORD: secret MYSQL_DB: todos mysql: image: mysql:5.7 volumes: - todo-mysql-data:/var/lib/mysql environment: MYSQL_ROOT_PASSWORD: secret MYSQL_DATABASE: todos volumes: todo-mysql-data:
docker-compose up -d
docker-compose logs -f
-f flag "follows"
docker-compose down
实践
Security Scanning
docker scan getting-started
Image Layering
docker image history getting-started
Layer Caching
using the build cache
FROM node:12-alpine # Adding build tools to make yarn install work on Apple silicon / arm64 machines RUN apk add --no-cache python2 g++ make WORKDIR /app COPY . . RUN yarn install --production CMD ["node", "src/index.js"]
FROM node:12-alpine # Adding build tools to make yarn install work on Apple silicon / arm64 machines RUN apk add --no-cache python2 g++ make WORKDIR /app COPY package.json yarn.lock ./ RUN yarn install --production COPY . . CMD ["node", "src/index.js"]
Multi-Stage Builds
Separate build-time dependencies from runtime dependencies
Reduce overall image size by shipping only what your app needs to run