Docker桥&存储卷管理

文章目录

Docker桥&存储卷管理
- 1. Docker桥
- 2. 存储卷
- - 2.1 数据卷容器

1. Docker桥

创建桥后，可以让容器使用指定的网段

# 创建容器，并让容器随着服务的的启动而启动
[root@localhost ~]# docker run -d --name web --restart=always httpd
772fd3e6685938f8db19a810c8e9a06d34f50da23c3b5228266b27905c01c62b

# 修改配置文件后可以指定docker0的默认网段
[root@localhost ~]# ip a s docker0
3: docker0:  mtu 1500 qdisc noqueue state UP group default 
    link/ether 02:42:ee:9e:f8:32 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:eeff:fe9e:f832/64 scope link 
       valid_lft forever preferred_lft forever

[root@localhost ~]# vim /etc/docker/daemon.json
{
     "registry-mirrors": ["https://j3m2itm3.mirror.aliyuncs.com"],
     "bip": "10.10.10.1/24"
}
[root@localhost ~]# ip a s docker0
3: docker0:  mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:ee:9e:f8:32 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.1/24 brd 10.10.10.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:eeff:fe9e:f832/64 scope link 
       valid_lft forever preferred_lft forever

# 新建桥，指定网段和网关
[root@localhost ~]# docker network create -d bridge --subnet "192.168.1.0/24" --gateway "192.168.1.1" br0
10499f9c0103701c946c0c441062803f8948ed5bde86ecbb61b4f1001e825ce2
[root@localhost ~]# docker network ls
NETWORK ID     NAME      DRIVER    SCOPE
10499f9c0103   br0       bridge    local
33cdefbba716   bridge    bridge    local
eb0336465bba   host      host      local
6e6079fddd34   none      null      local


# 使用br0创建容器b1
[root@localhost ~]# docker run -it --rm --name b1 --network br0 busybox
/ # ip a
1: lo:  mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
16: eth0@if17:  mtu 1500 qdisc noqueue 
    link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever

# 使用默认桥创建容器b2
[root@localhost ~]# docker run -it --rm --name b2 busybox
/ # ip a
1: lo:  mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
18: eth0@if19:  mtu 1500 qdisc noqueue 
    link/ether 02:42:0a:0a:0a:03 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.3/24 brd 10.10.10.255 scope global eth0
       valid_lft forever preferred_lft forever

新建的两个容器分别使用不同的网桥后网段分别不同，怎样让两个容器之间通信呢？

# 在两个容器中互相添加两个网桥的网卡
[root@localhost ~]# docker network connect bridge b1
[root@localhost ~]# docker network connect br0 b2

b1容器：

/ # ip a
1: lo:  mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
16: eth0@if17:  mtu 1500 qdisc noqueue 
    link/ether 02:42:c0:a8:01:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
22: eth1@if23:  mtu 1500 qdisc noqueue 
    link/ether 02:42:0a:0a:0a:04 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.4/24 brd 10.10.10.255 scope global eth1
       valid_lft forever preferred_lft forever
/ # 
/ # ping 10.10.10.3 -c 3
PING 10.10.10.3 (10.10.10.3): 56 data bytes
64 bytes from 10.10.10.3: seq=0 ttl=64 time=0.359 ms
64 bytes from 10.10.10.3: seq=1 ttl=64 time=0.092 ms
64 bytes from 10.10.10.3: seq=2 ttl=64 time=0.202 ms

--- 10.10.10.3 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.092/0.217/0.359 ms

b2容器：

/ # ip a
1: lo:  mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
18: eth0@if19:  mtu 1500 qdisc noqueue 
    link/ether 02:42:0a:0a:0a:03 brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.3/24 brd 10.10.10.255 scope global eth0
       valid_lft forever preferred_lft forever
20: eth1@if21:  mtu 1500 qdisc noqueue 
    link/ether 02:42:c0:a8:01:03 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.3/24 brd 192.168.1.255 scope global eth1
       valid_lft forever preferred_lft forever
/ # 
/ # ping 192.168.1.2 -c 3
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: seq=0 ttl=64 time=0.144 ms
64 bytes from 192.168.1.2: seq=1 ttl=64 time=0.087 ms
64 bytes from 192.168.1.2: seq=2 ttl=64 time=0.094 ms

--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.087/0.108/0.144 ms

[root@localhost ~]# docker network disconnect br0 b2

2. 存储卷

存储卷可以让宿主机和容器之间的数据建立绑定关系，绑定关系默认就已经建立

# 查看绑定目录位置
[root@localhost ~]# docker ps -a
CONTAINER ID   IMAGE     COMMAND              CREATED       STATUS       PORTS     NAMES
b9614eb44d54   httpd     "httpd-foreground"   2 hours ago   Up 2 hours   80/tcp    web
[root@localhost ~]# docker inspect web
......
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b-init/diff:/var/lib/docker/overlay2/70492911b2a668114334ce6803c249e7fe9ff62914f0a8c1b2948b58aca3e1c0/diff:/var/lib/docker/overlay2/48ee4b6d862b3dbbe247417a6e56453a0661c5da6bb598bb4e7efb409c0ba3a1/diff:/var/lib/docker/overlay2/f9fd9332c0d1fdd788c70c6715f0dac1178a6f8bfdf3c41932c4bddb011f9dfb/diff:/var/lib/docker/overlay2/519d9b9694a8a8016064530d71502fb10919f5b327db6d138282ad68bccec2a7/diff:/var/lib/docker/overlay2/426a47e95d7a3edc5dbd52a3578e90a6ba29f300396577b31a2cc7c0999b7a60/diff",
                "MergedDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/merged",
                "UpperDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/diff",
                "WorkDir": "/var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/work"
            },
......

[root@localhost ~]# cd /var/lib/docker/overlay2/52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b/
[root@localhost 52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b]# ls
diff  link  lower  merged  work
[root@localhost 52d97583084437c3f5f6b509be5154537c9c92fdcb172321851feb889eb67b4b]# cd merged/
[root@localhost merged]# ls		//此处为容器的根目录
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

# 创建一个容器，此时目录没有文件
[root@localhost ~]# docker run -it --rm --name t1 -v /data busybox
/ # ls data/

# 再另开一个终端，进入容器目录位置创建文件
[root@localhost ~]# docker inspect t1
......

        "Mounts": [
            {
                "Type": "volume",
                "Name": "6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7",
                "Source": "/var/lib/docker/volumes/6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7/_data",
                "Destination": "/data",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
......
[root@localhost ~]# cd /var/lib/docker/volumes/6623418db9c8ad779886bd8908abe756994400f4c71222903e649e7471f296d7/_data
[root@localhost _data]# touch f1
[root@localhost _data]# ls
f1

如果容器删除了，那么绑定位置的目录也会清空

# 文件已经同步到容器中
/ # ls data/
f1
/ # exit

绑定指定的目录

# 指定挂载目录位置
[root@localhost ~]# docker run -it --rm --name t2 -v /web:/data busybox
/ # ls data/
/ # ls data/
index.html
/ # cat /data/index.html 
hello world

# 已同步至宿主机
[root@localhost ~]# echo 'hello world' > /web/index.html
[root@localhost ~]# ls /web/
index.html

# 容器删除后数据依然存在
/ # exit
[root@localhost ~]# docker run -it --rm --name t3 -v /web:/data busybox
/ # 
/ # cat /data/index.html 
hello world

上传网站

# 下载源码网站并解压上传
[root@localhost ~]# ls
anaconda-ks.cfg  html5大气医院网站源码.zip 
[root@localhost ~]# unzip html5大气医院网站源码.zip
[root@localhost ~]# mv html5大气医院网站源码/* /web/

# 默认是读写权限(rw)，修改权限为只读(ro)后容器内就无法修改
[root@localhost ~]# docker run -d --rm --name t4 -v /web:/usr/local/apache2/htdocs:ro -p 80:80 httpd
f49de83ff7dd60764922a403077edb68ce4bc21c5e0d895a5fd44f9149ce8c84
[root@localhost ~]# ss -antl
State      Recv-Q      Send-Q           Local Address:Port           Peer Address:Port     Process     
LISTEN     0           128                    0.0.0.0:22                  0.0.0.0:*                    
LISTEN     0           128                    0.0.0.0:80                  0.0.0.0:*                    
LISTEN     0           128                       [::]:22                     [::]:*                    
LISTEN     0           128                       [::]:80                     [::]:*
[root@localhost ~]# docker exec -it t4 /bin/sh
# cd htdocs     
# ls
chuzhen.html  index.html    js		  keshiys.html	  news.html	 rongyu.html  ys.html
css	      jianjie.html  keshi.html	  kexue.html	  newslist.html  test	      zhuanjia.html
images	      jiuzhen.html  keshimx.html  kexuelist.html  pic		 uploadfiles
# mkdir abc
mkdir: cannot create directory 'abc': Read-only file system

2.1 数据卷容器

如果需要共享持续更新的数据，可以用一个容器专门供其他容器挂载使用

# 创建容器并指定挂载位置
[root@localhost ~]# docker run -itd --name dbdata -v /dbdata busybox
b728c3716939f54e9b93b4285b31d58814d4b581bcff32f934aeb6671ac03851
[root@localhost ~]# docker run -d --name db1 --volumes-from dbdata busybox
53f23583971c7487db44b83257b390016ed217bed45f1a5dc7a78503d2ca9bf6
[root@localhost ~]# docker run -d --name db2 --volumes-from dbdata busybox
5f2243a5848bea1fcb600d9c3271ec55c07f9d51b7e049d05812115ae927a2f5

[root@localhost ~]# docker exec -it dbdata /bin/sh
/ # touch /dbdata/test

[root@localhost ~]# docker exec -it db1 /bin/sh
/ # ls dbdata/
test

[root@localhost ~]# docker exec -it db2 /bin/sh
/ # ls dbdata/
test

Docker桥&存储卷管理

Linux相关栏目本月热门文章