0
点赞
收藏
分享

微信扫一扫

Kubernetes学习笔记(CKA)

一葉_code 2023-06-01 阅读 78

1、容器技术

1、安装docker

1.1 准备软件仓库

# 准备软件仓库
[root@rocky ~]# cat /etc/yum.repos.d/Rocky.repo
[BaseOS]
name=BaseOS
baseurl=https://mirrors.aliyun.com/rockylinux/9.2/BaseOS/x86_64/os/
gpgcheck=0
enabled=1

[AppStream]
name=AppStream
baseurl=https://mirrors.aliyun.com/rockylinux/9.2/AppStream/x86_64/os/
gpgcheck=0
enabled=1

[HighAvailability]
name=HighAvailability
baseurl=https://mirrors.aliyun.com/rockylinux/9.2/HighAvailability/x86_64/os/
gpgcheck=0
enabled=1

[EPEL]
name=EPEL
baseurl=https://mirrors.aliyun.com/epel/9/Everything/x86_64/
gpgcheck=0
enabled=1

1.2 安装docker

安装docker,本次实验使用Rocky9作为基础,故默认安装软件为podman-docker

yum -y install docker

查看docker版本

[root@rocky ~]# podman -v
podman version 4.4.1

2、镜像管理

2.1 查找镜像

docker search 镜像名

[root@rocky ~]# docker search rockylinux

2.2 拉取镜像

docker pull 镜像

[root@rocky ~]# docker pull docker.io/library/rockylinux:9

2.3 列出镜像

docker image ls/list

[root@rocky ~]# docker image list
REPOSITORY                     TAG         IMAGE ID      CREATED        SIZE
docker.io/dokken/rockylinux-8  latest      652a653ce2a1  15 hours ago   377 MB
docker.io/library/rockylinux   8           4e97feadb276  4 days ago     204 MB
docker.io/library/rockylinux   9           eeea865f4111  4 days ago     181 MB
docker.io/library/nginx        latest      f9c14fe76d50  6 days ago     147 MB
docker.io/library/ubuntu       latest      3b418d7b466a  5 weeks ago    80.3 MB
docker.io/library/centos       latest      5d0da3dc9764  20 months ago  239 MB

2.4 给镜像打标签

docker tag 镜像:tag 镜像:新tag

[root@rocky ~]# docker tag docker.io/library/rockylinux:8 docker.io/library/rockylinux:rocky8

2.5 删除镜像

docker rmi 镜像名/镜像ID

[root@rocky ~]# docker rmi docker.io/library/rockylinux:rocky8
Untagged: docker.io/library/rockylinux:rocky8

2.6 导出镜像

docker save 镜像名/镜像ID > 文件

[root@rocky ~]# docker save docker.io/library/rockylinux:9 > rocky9.tar

2.7 导入镜像

docker load -i 镜像文件

# 删除镜像
[root@rocky ~]# docker rmi docker.io/library/rockylinux:9
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Untagged: docker.io/library/rockylinux:9
Deleted: eeea865f4111bd48e16801554f44adf2db2fa4cb87a98ff7470d6de6be49fc15

# 导入镜像
[root@rocky ~]# podman load -i rocky9.tar
Getting image source signatures
Copying blob bb25ee446163 done
Copying config eeea865f41 done
Writing manifest to image destination
Storing signatures
Loaded image: docker.io/library/rockylinux:9

3、容器管理

3.1 查看容器

[root@rocky ~]# docker  ps
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES

3.2 创建容器

创建一个名为rocky8的容器

[root@rocky ~]# docker run --name rocky8 docker.io/library/rockylinux:8

创建一个长时间运行容器

[root@rocky ~]# docker run -it --name rocky9 docker.io/library/rockylinux:9 bash
[root@f568df922041 /]#

创建后台运行的容器

[root@rocky ~]# docker run -itd --name rocky9 docker.io/library/rockylinux:9 bash

3.4 关闭、启动、重启容器

docker stop 容器名

[root@rocky ~]# docker stop rocky9
[root@rocky ~]# docker start rocky9
[root@rocky ~]# docker restart rocky9

3.5 进入容器

docker exec -it 容器名 bash

[root@rocky ~]# docker exec -it rocky9 bash
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
[root@b937013685ae /]#
# 不建议这种方式进入容器!!!
[root@rocky ~]# podman attach rocky9

3.6 删除容器

删除容器之前必须要停止容器,不然会报错

[root@rocky ~]# docker stop rocky9
[root@rocky ~]# docker rm rocky9
[root@rocky ~]# docker rm rocky8

3.7 始终运行容器

增加一个选项--restart=always

[root@rocky ~]# docker run -itd --restart=always --name rocky9 docker.io/library/rockylinux:9 bash
6b4448bcf070fdf3ccd5f1e5507b9a167ce3f08fd91c8a73f67a024e8930a04a

3.8 强制删除正在运行容器

docker rm -f 容器名/容器ID

[root@rocky ~]# docker rm -f 6b4448bcf070
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
6b4448bcf070

3.9 创建临时容器

临时容器:退出容器后自动删除

[root@rocky ~]# docker run -it --rm --name rocky9 docker.io/library/rockylinux:9 bash
[root@577ec59fe199 /]# exit
exit
[root@rocky ~]# docker ps -a
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES

3.10 指定容器运行命令

docker run -it --name XX 容器名 [命令]

[root@rocky ~]# docker run -it --rm --name rocky9 docker.io/library/rockylinux:9 sleep 3
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.

3.11 创建容器使用变量

加入-e参数指定变量

[root@rocky ~]# docker run -it -e var1=10 -e var2=20 --rm --name rocky9 docker.io/library/rockylinux:9 bash
[root@8b08438f1eaa /]# echo $var1
10
[root@8b08438f1eaa /]# echo $var2
20

3.12 容器端口映射

# 默认端口随机映射,指定端口映射

# 启动nginx
docker pull nginx
docker run -d --name web-nginx --restart always -p 80:80 nginx

# 类似启动httpd
docker pull httpd
docker run -d --name web-apache --restart always -p 80:80 httpd

Kubernetes学习笔记(CKA)_podman

3.13 创建Mysql容器

# 拉取mysql容器
docker pull mysql

# 初始化密码root,初始化数据库mmx
docker run -d --name mysql-db --restart=always -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE=mmx mysql

# 安装Mariadb客户端
yum -y install mariadb

# 查看容器地址
docker inspect mysql-db | grep -i ipaddress
#=======================================#
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
               "IPAddress": "10.88.0.26",
                         "IPAddress": "10.88.0.26",
#=======================================#

# 登陆mysql
[root@rocky ~]# mysql -uroot -proot -h10.88.0.26
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 8.0.33 MySQL Community Server - GPL

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MySQL [(none)]>
MySQL [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mmx                |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.003 sec)

3.14 主机文件复制到容器

# docker cp 文件路径 容器名:/容器路径
docker cp /etc/hosts mysql-db:/opt

# 测试
[root@rocky ~]# docker cp /etc/hosts mysql-db:/opt/
[root@rocky ~]# docker exec mysql-db ls /opt/
hosts

3.15 容器文件复制到主机

# docker cp 容器名:/容器路径 文件路径
docker cp mysql-db:/opt/hosts hosts

# 测试
[root@rocky ~]# docker cp mysql-db:/opt/hosts hosts
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
[root@rocky ~]# ls
anaconda-ks.cfg  hosts  rocky9.tar

3.16 查看容器属性

docker inspect 容器名

[root@rocky ~]# docker inspect mysql-db

3.17 数据卷使用

持久化保存容器数据

[root@rocky ~]# ls
anaconda-ks.cfg  hosts  rocky9.tar
[root@rocky ~]# mkdir data
[root@rocky ~]# mv rocky9.tar data/
[root@rocky ~]# docker run -itd --name rocky --restart=always -v data  rockylinux:9
b06278f30ba62a18c2e3db191f1735ca480f35c4ab96ea8d3f195ff94a468fce
# 复制一份数据到/root/data
[root@rocky ~]# docker cp /etc/hosts rocky:/root/data

# 验证配置文件
[root@rocky ~]# podman inspect rocky | grep -i mount -A 5
...
"Source": "/var/lib/containers/storage/volumes/4c797404ac05854373949a7119bee85bf370652a49b0bcda7b7eac356c9b50ad/_data",
"Destination": "/root/data/",

# 在主机中可以找到
[root@rocky data]# cd /var/lib/containers/storage/volumes/4c797404ac05854373949a7119bee85bf370652a49b0bcda7b7eac356c9b50ad/_data/
[root@rocky _data]# ls
hosts
[root@rocky _data]# cat hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
...

# 验证挂载
[root@rocky ~]# docker exec rocky ls ~/data/
[root@rocky ~]# docker exec rocky bash
[root@rocky ~]# ls
anaconda-ks.cfg  data  hosts
[root@rocky ~]# cd data/
[root@rocky data]# ls
rocky9.tar

3.18 指定目录挂载数据卷

[root@rocky ~]# docker run -itd --name rocky2 --restart=always -v ./data:/root/data:rw  rockylinux:9

# 验证
[root@rocky ~]# podman inspect rocky2 | grep -i mount -A 5
          "MountLabel": "system_u:object_r:container_file_t:s0:c788,c826",
          "ProcessLabel": "system_u:system_r:container_t:s0:c788,c826",
          "AppArmorProfile": "",
          "EffectiveCaps": [
               "CAP_CHOWN",
               "CAP_DAC_OVERRIDE",
--
          "Mounts": [
               {
                    "Type": "bind",
                    "Source": "/root/data",
                    "Destination": "/root/data",
                    "Driver": "",

# 拷贝文件进入目录
[root@rocky ~]# docker cp /etc/hosts rocky:/root/data

# 查看目录
[root@rocky ~]# ls data/
hello.txt  hosts  rocky9.tar

3.19 卷挂载权限问题

权限

表示

读写

rw

只读

ro

# 可读写
docker run -itd --name rocky2 --restart=always -v ./data:/root/data:rw  rockylinux:9

# 只读
docker run -itd --name rocky2 --restart=always -v ./data:/root/data:ro  rockylinux:9

3.20 卷挂载无法访问问题

# 注意,SELinux未关闭的情况下,需要手动指定SELinux,此时就能正确查看目录
[root@rocky ~]# chcon -t container_file_t data/
[root@rocky ~]# ls -ldZ data/
drw-r--r--. 2 root root unconfined_u:object_r:container_file_t:s0 54  6月  1 01:18 data/
[root@rocky ~]# docker exec rocky2 ls /root/data
hello.txt
hosts
rocky9.tar

# 临时指定 SELinux 上下文
chcon -R -t <TYPE>:<ROLE>:<USER> /path/to/directory

# 永久指定 SELinux 上下文
semanage fcontext -a -t <TYPE>:<ROLE>:<USER> /path/to/directory
restorecon -R /path/to/directory

4、 docker网络

4.1 查看默认网络

[root@rocky ~]# podman network ls
NETWORK ID    NAME        DRIVER
2f259bab93aa  podman      bridge

4.2 查看默认网络详细信息

[root@rocky ~]# podman network inspect 2f259bab93aa
[
     {
          "name": "podman",
          "id": "2f259bab93aaaaa2542ba43ef33eb990d0999ee1b9924b557b7be53c0b7a1bb9",
          "driver": "bridge",
          "network_interface": "podman0",
          "created": "2023-06-01T01:40:09.916525151+08:00",
          "subnets": [
               {
                    "subnet": "10.88.0.0/16",
                    "gateway": "10.88.0.1"
               }
          ],
          "ipv6_enabled": false,
          "internal": false,
          "dns_enabled": false,
          "ipam_options": {
               "driver": "host-local"
          }
     }
]

4.3 创建新的docker网络

[root@rocky ~]# podman network create -d bridge --subnet 10.0.0.0/24 mynet
mynet

# 验证
[root@rocky ~]# podman network ls
NETWORK ID    NAME        DRIVER
190cafd3b01c  mynet       bridge
2f259bab93aa  podman      bridge
[root@rocky ~]# podman network inspect 190cafd3b01c
[
     {
          "name": "mynet",
          "id": "190cafd3b01c4db9105ffabed3def2b4141bcc77ff746fabc7793dd713df9378",
          "driver": "bridge",
          "network_interface": "podman1",
          "created": "2023-06-01T01:41:28.750774771+08:00",
          "subnets": [
               {
                    "subnet": "10.0.0.0/24",
                    "gateway": "10.0.0.1"
               }
          ],
          "ipv6_enabled": false,
          "internal": false,
          "dns_enabled": true,
          "ipam_options": {
               "driver": "host-local"
          }
     }
]

4.4 删除docker网络

[root@rocky ~]# podman network rm mynet
mynet

4.5 创建新容器连接到新建网络

# 创建网络
[root@rocky ~]# podman network create -d bridge --subnet 10.0.0.0/24 mynet
mynet

# 创建容器,使用mynet网络
[root@rocky ~]# docker run --net=mynet -it --name rocky-mynet --restart=always rockylinux:9

# 验证是否已经是10.0.0.0/24网段网络
[root@rocky ~]# podman inspect rocky-mynet | grep -i ipaddress
               "IPAddress": "",
                         "IPAddress": "10.0.0.2",

5、容器互联

WordPress是使用PHP语言开发的博客平台,可以通过与Mysql数据库建立连接搭建自己的博客平台

5.1 查看Mysql数据网络地址

# 查看Mysql数据网络地址
[root@rocky ~]# podman inspect mysql-db | grep -i ipaddress
               "IPAddress": "10.88.0.26",
                         "IPAddress": "10.88.0.26",

5.2 拉取WordPress镜像

# 拉取WordPress镜像
docker pull wordpress

5.3 创建容器

# 创建WordPress容器,公开其端口以接受服务请求
docker run -itd --name blog --restart=always \
-e WORDPRESS_DB_HOST=10.88.0.26 \
-e WORDPRESS_DB_USER=root \
-e WORDPRESS_DB_PASSWORD=root \
-e WORDPRESS_DB_NAME=mmx \
-p 80:80 wordpress

5.4 预览图

Kubernetes学习笔记(CKA)_podman_02

举报

相关推荐

0 条评论