How to install and configure docker?
This article supplements the webinar series on deploying and managing containerized workloads in the cloud. This series introduces the basics of containers, including container lifecycle management, deploying multi-container applications, scaling workloads, and understanding Kubernetes, as well as highlighting best practices for running stateful applications.
This tutorial covers the concepts and commands introduced in the first part of this series, "Getting Started with Containers."
Introduction
Docker is a platform for deploying and managing containerized applications. Containers are popular among developers, administrators, and devops engineers because of the flexibility they provide.
Docker has three basic components:
Docker engine Docker tool Docker registry
Docker Engine provides the core functionality for managing containers. It interfaces with the underlying Linux operating system to expose simple APIs to handle the container lifecycle.
Docker Tools is a set of command line tools that interact with the API exposed by Docker Engine. They are used to run containers, create new images, configure storage and networking, and perform many more operations that affect the container lifecycle.
Docker Registry is where container images are stored. Each image can have multiple versions identified by unique tags. User pulls existing images from the registry and pushes new images. Docker Hub is a managed registry managed by Docker, Inc. It is also possible to run the registry in its own environment to keep the images closer to the engine.
By the end of this tutorial, you will have installed Docker on a DigitalOcean Droplet, managed containers, processed images, added persistence, and set up a private registry.
Prerequisites
To follow this tutorial you will need:
Set up an Ubuntu 16.04 droplet following the Ubuntu 16.04 Initial Server Setup tutorial, which includes a sudo non-root user and A firewall.
Docker Hub Account . This overview of Docker Hub will help you get started.
By default, the docker command requires root permissions. However, it is possible to execute commands without the sudo prefix by running docker as the docker user in the docker group.
To configure your Droplet this way, run the command sudo usermod -aG docker ${USER} . This will add the current user to the docker group. Then, run the command su - ${USER} to apply the new group membership.
This tutorial expects your server to be configured to run docker commands without the sudo prefix.
Step 1 - Install Docker
After SSH into the Droplet, run the following command to delete all docker-related packages that may have been installed, and then install Docker from the official repository :
sudo apt-get remove docker docker-engine docker.io sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -sudo apt-key fingerprint 0EBFCD88sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"sudo apt-get update sudo apt-get install -y docker-ce
After installing Docker, verify the installation using the following command:
docker info
The above command shows the details of the Docker Engine deployed in the environment. The next command will verify that the Docker Tools are installed and configured correctly. It should print the versions of the Docker engine and tools.
docker version
Step 2 - Launch the Container
Docker containers are launched from an existing image stored in the registry. Images in Docker can be stored in private or public repositories. Private repositories require users to authenticate before pulling images. Public images can be accessed by anyone.
To search for an image named hello-world, run the following command:
docker search hello-world
There may be multiple images matching the name hello-world. Choose the largest star, this shows the pop of the image.
Check the available images in your local environment using the following command:
docker images
Since we haven't rolled out any containers yet, there won't be any images. We can now download the image and run it locally:
docker pull hello-world docker run hello-world
If we execute the docker run command without dragging the image, Docker Engine will first pull the image and then run it. Running the docker images command again shows that we have the hello-world image available locally.
Let's start a more meaningful container: an Apache web server.
docker run -p 80:80 --name web -d httpd
You may notice additional options passed to the docker run command. Here’s an explanation of these switches:
-p – This tells the Docker engine to expose the container’s port 80 on the host’s port 80. Since Apache listens on port 80, we need to expose it on the host port. --name - This switch assigns a name to our running container. If we omit this, Docker Engine will assign a random name.
-d - This option instructs the Docker engine to run the container in detached mode. Without this, the container will start in the foreground, blocking access to the shell. By pushing the container into the background, we can continue to use the shell while the container is still running.
要验证我们的容器是否确实在后台运行,请尝试以下命令:
docker ps
输出显示名为web的容器正在运行,端口80映射到主机端口80 。
现在访问Web服务器:
curl localhost
让我们停止并用下面的命令删除正在运行的容器:
docker stop web docker rm web
运行docker ps再次确认容器已被终止。
第3步 - 添加存储到容器
容器是短暂的,这意味着当容器终止时,存储在容器内的任何东西都将丢失。 要将数据保存在容器的寿命之外,我们需要将容器附加到容器中。 卷是主机文件系统的目录。
首先在主机上创建一个新目录:
mkdir htdocs
现在,让我们用一个新开关启动容器来挂载htdocs目录,并将其指向Apache Web服务器的文档根目录:
docker run -p 80:80 --name web -d -v $PWD/htdocs:/usr/local/apache2/htdocs httpd
-v开关将容器中的htdocs目录指向主机的文件系统。 对这个目录所做的任何更改都将在两个位置都可见。
通过运行以下命令从容器中访问目录:
docker exec -it web /bin/bash
该命令以交互模式将我们的终端连接到容器的外壳。 你应该看到你现在被丢在容器内。
导航到htdocs文件夹并创建一个简单的HTML文件。 最后退出shell返回主机:
cd /usr/local/apache2/htdocs echo '<h1>Hello World from Container</h1>' > index.htmlexit
再次执行curl localhost命令显示Web服务器正在返回我们创建的页面。
我们不仅可以从主机访问这个文件,但我们也可以修改它:
cd htdocs cat index.html echo '<h1>Hello World from Host</h1>' | sudo tee index.html >/dev/null
再次运行curl localhost ,确认Web服务器正在提供从主机创建的最新页面。
使用以下命令终止容器。 ( -f迫使Docker先停止而不停止。)
docker rm -f web
第4步 - 建立图像
除了从注册表中运行现有的图像,我们可以创建自己的图像,并将其存储在注册表中。
您可以从现有的容器中创建新的图像。 首先提交对容器所做的更改,然后将图像标记并推送到注册表。
让我们再次启动httpd容器并修改默认文档:
docker run -p 80:80 --name web -d httpd docker exec -it web /bin/bash cd htdocs echo '<h1>Welcome to my Web Application</h1>' > index.htmlexit
该容器现在运行一个自定义的index.html 。 你可以使用curl localhost来验证它。
在我们提交更改后的容器之前,最好停止它。 停止后,我们将运行commit命令:
docker stop web docker commit web doweb
使用docker images命令确认图像的创建。 它显示了我们刚刚创建的doweb图像。
要在Docker Hub中标记和存储此映像,请运行以下命令将映像推送到公共注册表:
docker login docker tag your_docker_hub_username/doweb docker push
您可以通过从浏览器或命令行在Docker Hub中搜索来验证新映像。
第5步 - 启动私人注册表
可以在私人环境中运行注册表以保持图像更加安全。 它也减少了Docker引擎和映像库之间的延迟。
Docker Registry是一个可以像任何其他容器一样启动的容器。 由于注册表拥有多个图像,因此最好将存储卷附加到该图像上。
docker run -d -p 5000:5000 --restart=always --name registry -v $PWD/registry:/var/lib/registry registry
请注意,容器是在后台启动的,端口5000暴露, registry目录映射到主机文件系统。 您可以通过执行docker ps命令来验证容器正在运行。
我们现在可以标记一个本地图像,并将其推送到私人注册表。 我们首先从Docker Hub中取出busybox容器并对其进行标记。
docker pull busybox docker tag busybox localhost:5000/busybox docker images
以前的命令确认busybox容器现在用localhost:5000标记,所以将图像推送到私有注册表。
docker push localhost:5000/busybox
将图像推送到本地注册表,让我们尝试从环境中删除它,并从注册表中拉回。
docker rmi -f localhost:5000/busybox docker images docker pull localhost:5000/busybox docker images
我们经历了拉动图像,标记,推送到本地注册表,最后拉回来的整个圈子。
可能有些情况下您想要在专用主机中运行私有注册表。 在不同的机器上运行的Docker引擎会与远程注册表进行通信,以获取和推送图像。
由于注册表不安全,我们需要修改Docker引擎的配置以启用对不安全注册表的访问。 为此,编辑位于/etc/docker/daemon.json
的daemon.json文件。 创建文件,如果它不存在。
添加以下条目:
编辑/etc/docker/daemon.json
{
"insecure-registries" : ["REMOTE_REGISTRY_HOST:5000"]}
将REMOTE_REGISTRY_HOST
替换为远程注册表的主机名或IP地址。 重新启动Docker引擎以确保应用配置更改。
结论
本教程帮助您开始使用Docker。 它涵盖了安装,容器管理,映像管理,存储和私有注册表等基本概念。 本系列即将发布的会议和文章将帮助您超越Docker的基础知识。
相关参考:docker教程
The above is the detailed content of How to install and configure docker. For more information, please follow other related articles on the PHP Chinese website!