cndaqiang Web Linux DFT

Docker 学习笔记

2020-01-24
cndaqiang
RSS

概念

镜像模板
容器

安装

ubuntu
参考Docker Community Edition 镜像使用帮助

sudo apt-get remove docker docker-engine docker.io
sudo apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   $(lsb_release -cs) \
   stable"
#注,当在mint上安装时,lsb_release -cs返回的时mint的版本名,要替换成对应版本的ubuntu的版本名,如mint19应该改为
sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
   bionic \
   stable"
sudo apt-get update
sudo apt-get install docker-ce

查看版本

cndaqiang@girl:~$ docker -v
Docker version 19.03.5, build 633a0ea838

Windows&Mac
直接下载安装包即可Docker CE

镜像操作

拉取镜像

docker pull centos

具体版本/Tag:Tag

docker pull centos:7

更多版本/TagCentos Docker Official Images

查看镜像docker image ls

root@girl:/home/cndaqiang# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              470671670cac        7 days ago          237MB
centos              7                   5e35e350aded        2 months ago        203MB

删除镜像docker image rm IMAGE ID

docker image rm 470671670cac

也可以

#强制删除
docker rmi -f  ID
#强制删除所有 
docker rmi -f $(docker images -q)

由容器创建镜像 docker commit -m "提交注释" 容器名/ID 镜像名

示例

root@girl:/home/cndaqiang# docker commit -m "ssh" centos-ssh issh
sha256:321056ae417c60c48eb19fc3ea813be76d62ff71d48d5837cdba79b2f7c19a99
root@girl:/home/cndaqiang# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
issh                latest              321056ae417c        5 seconds ago       306MB
centos              7                   5e35e350aded        2 months ago        203MB

容器

创建容器

docker run 各种参数 --name 容器名 镜像名[:Tag] docker启动后执行的程序

root@girl:/home/cndaqiang# docker run -i -t --name centosInit centos:7 bash
[root@d8cfb1467e4b /]# 
[root@d8cfb1467e4b /]# exit #退出容器
exit

查看容器docker ps [-a]

-a显示所有容器,不-a仅显示在运行的容器

root@girl:/home/cndaqiang# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
d8cfb1467e4b        centos:7            "bash"              2 minutes ago       Exited (1) 56 seconds ago                       centosInit

启动已有容器

root@girl:/home/cndaqiang# docker start -i centosInit
[root@d8cfb1467e4b /]# 

在已启动的容器中在打开其他程序/增加接口

可用于调试

root@girl:/home/cndaqiang# docker exec  -it centosInit bash
[root@d8cfb1467e4b /]# 

关闭容器 docker container stop 容器名/ContainerID

docker container stop centosInit
docker container stop d8cfb1467e4b

删除容器 docker rm 容器名/ContainerID

root@girl:/home/cndaqiang# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
d8cfb1467e4b        centos:7            "bash"              13 minutes ago      Exited (137) 4 minutes ago                       centosInit
root@girl:/home/cndaqiang# docker rm centosInit
centosInit
root@girl:/home/cndaqiang# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

更多参数

参数 含义 示例
-i 可以输入进行交互 ` -i`
-t 终端交互 -t
-d 容器启动后在后台运行 -d
-p 主机端口:容器端口 映射主机端口到容器端口 -p 26122:22
-v 主机目录:容器目录 映射本地文件夹到容器目录 -v /Users/cndaqiang:/home/data , -v /f/docker/tdpwGo/home:/home/data
-h 容器内部的hostname ` -h “tdpwGo” `
-e 环境变量 -e HELLO=NO
--restart always docker启动后自动启动 --restart always
-m 限制可用内存 -m 50g
--cpus 限制使用的核数 --cpus 40
–-name 指定容器名称 --name centosInit
镜像名 指定使用镜像 centos:7
可执行应用/命令 指定容器启动使用的应用 bash/usr/sbin/sshd -D

-e环境变量示例

root@girl:/home/cndaqiang# docker run -ti -e HELLO=NO --name envtest centos:7 bash
[root@cf308377b45c /]# echo $HELLO
NO
[root@cf308377b45c /]# exit
exit

示例

创建支持ssh服务的容器

docker run -ti --name centos-ssh centos:7 bash
yum install openssh-server -y
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
#修改配置
vi /etc/ssh/sshd_config
#取消注释
38 PermitRootLogin yes
63 PasswordAuthentication yes

#设置免密登陆
ssh-keygen
#填入用户id_rsa.pub
vi ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

把容器转为镜像

root@girl:/home/cndaqiang# docker commit -m "ssh" centos-ssh issh
sha256:321056ae417c60c48eb19fc3ea813be76d62ff71d48d5837cdba79b2f7c19a99
root@girl:/home/cndaqiang# docker image ls
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
issh                latest              321056ae417c        5 seconds ago       306MB
centos              7                   5e35e350aded        2 months ago        203MB

用镜像重新创造容器,并默认后台启动sshd,做好端口映射

[root@girl:/home/cndaqiang# docker run -d -p 20022:22 --name centos-ssh2 issh /usr/sbin/sshd -D 
73ece08750f87c84f5c5d8bbf9b0ffb35f55354d5c1bfff687e1f579dc6c4c7b

连接

cndaqiang@girl:~$ ssh root@127.0.0.1 -p 20022
The authenticity of host '[127.0.0.1]:20022 ([127.0.0.1]:20022)' can't be established.
ECDSA key fingerprint is SHA256:nOPDU94OeHYRT4tT1JKLNHanbMaSrpqg49WBb+p+p1I.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:20022' (ECDSA) to the list of known hosts.
[root@73ece08750f8 ~]# 

ubuntu-vnc Docker

项目地址:https://hub.docker.com/r/dorowu/ubuntu-desktop-lxde-vnc

docker pull dorowu/ubuntu-desktop-lxde-vnc

启动

docker run -dti --name ubuntu-vnc \
        -p 10080:80 -e HTTP_PASSWORD=password \
        -p 15900:5900       \
        -v /dev/shm:/dev/shm \
        -v /Users/cndaqiang:/home/data \
        dorowu/ubuntu-desktop-lxde-vnc

网页账户root,密码password

gitLAB

参考 使用docker运行gitlab服务
docker gitlab 重置 root 密码

安装

sudo docker pull gitlab/gitlab-ce

启动

dir=$PWD/gitlab
mkdir $dir
mkdir $dir/config
mkdir $dir/config2
mkdir $dir/data
mkdir $dir/log

docker run -d --name gitlab \
    --restart always \
    -p 622:22 -p 680:680 -p 688:80 \
    -v $dir/config:/etc/gitlab    \
    -v $dir/config2:/opt/gitlab/embedded/service/gitlab-rails/config/
    -v $dir/data:/var/opt/gitlab  \
    -v $dir/log:/var/log/gitlab   \
    gitlab/gitlab-ce

访问http://ip:688 (第一次启动速度有点慢,多等) image 2023-12-11:新版本直接就是登录界面,用root,密码下面方式获取

root@mommint:/opt/docker# docker ps
CONTAINER ID   IMAGE              COMMAND             CREATED         STATUS                            PORTS                                                                                                                      NAMES
1cb7290d6eb6   gitlab/gitlab-ce   "/assets/wrapper"   2 minutes ago   Up 2 minutes (health: starting)   443/tcp, 0.0.0.0:680->680/tcp, :::680->680/tcp, 0.0.0.0:622->22/tcp, :::622->22/tcp, 0.0.0.0:688->80/tcp, :::688->80/tcp   gitlab
root@mommint:/opt/docker# docker exec -it 1cb7290d6eb6 bash
root@1cb7290d6eb6:/# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: cEWxXSKxE1MGWGRRV72NAl88YKX+MNiYH/WzHXXDj1E=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

若无法设置root密码,可以重置

root@5ae2530380d1:/# gitlab-rails console
--------------------------------------------------------------------------------
 Ruby:         ruby 2.7.2p137 (2020-10-01 revision 5445e04352) [x86_64-linux]
 GitLab:       14.0.2 (bac4ee4a9e2) FOSS
 GitLab Shell: 13.19.0
 PostgreSQL:   12.6
--------------------------------------------------------------------------------
Loading production environment (Rails 6.1.3.2)
irb(main):001:0> user = User.where(id:1).first
=> #<User id:1 @root>
irb(main):002:0> user.password="cndaqiang"
=> "cndaqiang"
irb(main):003:0> user.save!
Enqueued ActionMailer::MailDeliveryJob (Job ID: 3ca6fe83-4b30-4c9d-b615-920ded1c874c) to Sidekiq(mailers) with arguments: "DeviseMailer", "password_change", "deliver_now", {:args=>[#<GlobalID:0x00007f281cf93378 @uri=#<URI::GID gid://gitlab/User/1>>]}
=> true

然后就可以用账户root,密码cndaqiang进行初始化配置了

配置

等待正常启动后然后关闭容器

恢复其他gitlab

此时可以选择删除当前gitlab数据,把之前gitlab的数据覆盖到相应路径,则恢复了之前的gitlab

新建gitlab

修改配置文件

config/gitlab.rb

取消注释/修改

#external_url 'http://10.127.6.47:680'
external_url 'http://girl:680'
#external_url决定网页上显示的路径,图片等的网址前缀,并不影响访问
#域名先不填了
gitlab_rails['gitlab_ssh_host'] = 'girl'
#这个影响的是网页上显示ssh的ip,不影响访问,这里只能填域名/ip,不能代端口,若不填就会如图
#访问的端口,可选  80-> 680
nginx['listen_port'] = 680

image

gitlab_rails['gitlab_email_from'] = 'gitcndaqiang@sina.com'
gitlab_rails['gitlab_email_display_name'] = 'GitLAB-cndaqiang'
gitlab_rails['gitlab_shell_ssh_port'] = 622
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.sina.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "gitcndaqiang"
gitlab_rails['smtp_password'] = "2608ddwpasswd2ab"
gitlab_rails['smtp_domain'] = "sina.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true

启动容器即可 以后只要容器相同,把数据拷贝过去就行了

2023-12-11 docker配置

dir=$PWD/gitlab
mkdir $dir
mkdir $dir/config
mkdir $dir/data
mkdir $dir/log

docker run -d --name gitlab \
    --restart always \
    -p 682:22 -p 680:680 -p 688:80 \
    -v $dir/config:/etc/gitlab    \
    -v $dir/data:/var/opt/gitlab  \
    -v $dir/log:/var/log/gitlab   \
    gitlab/gitlab-ce

#只修改了下面两个配置
root@mommint:/opt/docker/gitlab# grep 680 config/gitlab.rb
external_url 'http://10.127.1.27:680'
root@mommint:/opt/docker/gitlab# grep 682 config/gitlab.rb
gitlab_rails['gitlab_shell_ssh_port'] = 682

仪表盘http://10.127.1.27:680/admin

备注

找回密码可以验证邮箱设置是否合适 image config文件夹下面的文件的权限不要改动,尤其是ssh的,只有设置为600/400才能正常的clone和push

注意删除镜像后记得一并删除$dir/config

gitlab的wiki上传附件报错Server responded with 0 code.,域名端口等配置错误,修正后解决

管理员配置

root网页登陆,在setting里面禁止Sign-up restrictions(注册功能)

使用

在网页上新建Group,新建Project

cd existing_folder
git init
git remote add origin ssh://git@10.127.6.47:622/mycode/tdqe.git
git add .
git commit -m "Initial commit"
git push -u origin master

由于我已经有其他仓库了,实际执行为

git remote add girl ssh://git@girl:622/mycode/tdqe.git
#gir解析向10.127.6.47
git push -u girl master

再做个内网映射就可以了

配置git/设置默认仓库

git config -e

Docker-Pan:Filerun+AriaNg+Aria2实现离线下载及在线播放

docker pull jaegerdocker/pan

启动

docker run  -dti --name=cnqpan \
            -p 690:80 -p 698:6800 \
             -v /home/data/public/pandir/www:/var/www/html/system/data/default_home_folder \
             -v /data/public/pandir/data:/home/data \
             jaegerdocker/pan

设置权限777,不然不能读写,迷???

chmod 777 /data/public/pandir/data
chmod 777 /home/data/public/pandir/www

访问

#Filerun
http://192.168.1.125:690
#ariaNg
http://192.168.1.125:690/dweb

修改aira的端口为刚才映射的698端口 image

clouddrive挂载阿里云盘

项目地址clouddrive

dir=$PWD/clouddrive
mkdir $dir
mkdir $dir/config

docker run -d \
      --name clouddrive \
      --restart unless-stopped \
      -v /home/clouddriver_share:/CloudNAS:shared \
      -v $dir/config:/Config \
      --network host \
      --pid host\
     --privileged \
     --device /dev/fuse:/dev/fuse \
     cloudnas/clouddrive

网页访问ip:9798即可. 默认会挂载网盘路径/(所有网盘入口)到本地的/home/NFS/clouddriver_share/CloudDrive. 也可以自定义挂载到指定路径, 用户ID可选,这里我选择cndaqiang的PID

(python37) cndaqiang@mommint:/home/NFS/clouddriver_share$ df -h
Filesystem      Size  Used Avail Use% Mounted on
CloudFS         6.6T  2.3T  4.4T  35% /home/clouddriver_share/aliyun

快速比较云端和本地的文件是否一致

root@mommint:/home# diff <(tree -ni --noreport /home/clouddriver_share/aliyun/互联网文件/电子书/计算机技术-PDF书籍) <(tree -ni --noreport /home/D1/NFSD1/download/计算机技术-PDF书籍)
1c1
< /home/clouddriver_share/aliyun/互联网文件/电子书/计算机技术-PDF书籍
---
> /home/D1/NFSD1/download/计算机技术-PDF书籍

overlear

参考Overleaf搭建
目前还仅支持x86架构

cndaqiang@macmini ~$ docker pull sharelatex/sharelatex
cndaqiang@macmini ~$ cd /Volumes/Data/Docker/
cndaqiang@macmini Docker$ cat build.sh
ROOT=$PWD
mkdir $ROOT/sharelatex/ $ROOT/sharelatex/sharelatex_data/ $ROOT/sharelatex/mongo_data/ $ROOT/sharelatex/redis_data/
echo $ROOT/sharelatex/
curl -O https://raw.githubusercontent.com/sharelatex/sharelatex/master/docker-compose.yml

修改docker-compose.yml,端口和储存数据的地址

        ports:
            - 5080:80
        volumes:
            - /Volumes/Data/Docker/sharelatex_data:/var/lib/sharelatex
        volumes:
            - /Volumes/Data/Docker/mongo_data:/data/db
        volumes:
            - /Volumes/Data/Docker/redis_data:/data

补全功能

docker exec sharelatex tlmgr install scheme-full

局域网文件共享snapdrop

snapdrop

    git clone https://github.com/RobinLinus/snapdrop.git
    cd snapdrop
    #修改端口
    docker-compose up -d

其他

启动docker后自动运行容器

docker update --restart=no  CONTAINER ID
docker update --restart=always  CONTAINER ID

修改已配置好的docker参数

关闭docker

docker stop  d0d53d61a217
systemctl stop docker

修改config.v2.json,hostconfig.json

root@mommint:/var/lib/docker/containers/d0d53d61a2173b651e5b625bc65120301438237eb926d136c48d7afac94cba22# cd /var/lib/docker/containers/d0d53d61a2173b651e5b625bc65120301438237eb926d136c48d7afac94cba22
root@mommint:/var/lib/docker/containers/d0d53d61a2173b651e5b625bc65120301438237eb926d136c48d7afac94cba22# ls
checkpoints  config.v2.json  d0d53d61a2173b651e5b625bc65120301438237eb926d136c48d7afac94cba22-json.log  hostconfig.json  hostname  hosts  mounts  resolv.conf

启动docker

systemctl start docker
docker start d0d53d61a2173b651e5b625b

Dockerfile

利用Dockerfile构建镜像

cndaqiang@oracle:~/builddocker/base$ ls
Dockerfile
cndaqiang@oracle:~/builddocker/base$ docker build .

报错

wait until the container is running

容器不断重启,估计有错误

root@oracle:~/zerotier-planet# docker exec  -it ztncui bash
Error response from daemon: Container 44d5b440ac270fe10e9053e4636125c27a931a91ee24ead61f27fa15103ab403 is restarting, wait until the container is running

查看日志docker logs 容器名

root@oracle:~/zerotier-planet# docker logs ztncui
standard_init_linux.go:219: exec user process caused: exec format error

原来是在arm64架构上安装了x86的容器(?为什么不在安装的时候报错….)


本文首发于我的博客@cndaqiang.
本博客所有文章除特别声明外,均采用 CC BY-SA 4.0 协议 ,转载请注明出处!


目录

访客数据