在这里插入图片描述


前言

在实际的docker 操作中,我们会遇到各种各样的问题:

1.连接不上网络该咋办?
2.如何去创建和使用卷呢?
3.什么是volume 和 mount?

那么我们该如何解决呢?
别着急,接下来由我一 一解答哈!

更新了哦😯!!!!!

快去看啊哈!!!!!


提示:以下是本篇文章正文内容,下面案例可供参考

一、容器上不了网的问题的解决方法:

开启路由功能
echo 1 >/proc/sys/net/ipv4/ip_forward
[root@sc-docker ~]# echo 1 >/proc/sys/net/ipv4/ip_forward
[root@sc-docker ~]#service docker  restart  重启docker ,会到iptables里去添加相关规则
临时
[root@sc-docker ~]# echo 1 >/proc/sys/net/ipv4/ip_forward
[root@sc-docker ~]#
永久:
	[root@sc-docker ~]# vim /etc/sysctl.conf

net.ipv4.ip_forward = 1
[root@sc-docker ~]# sysctl  -p
net.ipv4.ip_forward = 1
[root@sc-docker ~]#

1.启动容器限制容器可以使用的cpu和内存资源**

cpu-shares 30 限制使用cpu
cpu的计算资源: 1 --》1000份 --》1m
1s -->1000ms

不管你有多少个核心,都是看做一个整体来计算
8核 --》1 --》30m
-m 100000000  限制内存  byte
	--memory bytes
[root@sc-docker ~]# docker run -it --cpu-shares 30 -m 100000000 -d --name luojiajun11 centos:7

[root@sc-docker ~]# docker run -it --cpu-shares 30 -m 100000000 -d --name luojiajun11 centos:7
a28681b066cd4c6e598006761119f3aa47296ad6d8fa502dfbed5247e7899bde
[root@sc-docker ~]# docker container inspect luojiajun11

oom --》out of memory 内存溢出
====

2.问题:如何限制一个进程可以使用多少cpu和多少内存?

创建一个容器,让这个进程在容器里run,这样可以限制容器所使用的cpu和内存,从而可以达到限制这个进程的cpu和内存的使用。

3.docker 容器起的mysql,可以使用root用户直接去连接

[root@firewall 8-13]# cat snat_dnat.sh
#!/bin/bash

#open  route function
echo 1 >/proc/sys/net/ipv4/ip_forward

#clear iptables rules
iptables -F
iptables -t nat -F
iptables -P INPUT ACCEPT

#start snat
#iptables -t nat -A POSTROUTING -s 192.168.170.0/24 -o ens33 -j SNAT --to-source 192.168.0.204
iptables -t nat -A POSTROUTING -s 192.168.170.0/24 -o ens33 -j MASQUERADE

#dnat
#dnat web
iptables -t nat -A PREROUTING -i ens33 -d 192.168.0.204 -p tcp --dport 80 -j DNAT --to-destination 192.168.170.1:80

#dnat mysql 192.168.170.2
iptables -t nat -A PREROUTING -i ens33 -d 192.168.0.204 -p tcp --dport 3306 -j DNAT --to-destination 192.168.170.2:3306

#dnat mysql 192.168.170.1 docker
iptables -t nat -A PREROUTING -i ens33 -d 192.168.0.204 -p tcp --dport 3309 -j DNAT --to-destination 192.168.170.1:3306
[root@firewall 8-13]#
====

二、volume + mount 问题

1.容器的数据保存-数据持久化 (data persistence )

数据持久化 --》保存到磁盘里
容器 --》进程
单进程思想–》容器

[root@sc-docker ~]# ps aux|grep containerd-shi
root       27539  0.0  0.4 712176 17216 ?        Sl   12:15   0:01 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 69eb9fc6eef84d79b1e006598d3808bdafd9ed7a3994bd707a0a54b7b918ff0d -address /run/containerd/containerd.sock
root       27820  0.0  0.4 713328 18512 ?        Sl   13:01   0:01 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 3ea804c5dd0cf36d641eeaf9dfdad7ce7b273c2d5187159207a3fdcb66f554cc -address /run/containerd/containerd.sock
root       28225  0.0  0.4 713584 18652 ?        Sl   14:41   0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 822a3a150d08e0b42c08fe3879f797b4598b364f4a77f3f38f289aa793016772 -address /run/containerd/containerd.sock
root       28341  0.0  0.4 713328 17708 ?        Sl   14:50   0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 3af5f37ee5925249aa6d0fd51c7b6cb7689a8aaf4b054e64f472303e5206f9b0 -address /run/containerd/containerd.sock
root       28446  0.0  0.5 713328 19960 ?        Sl   14:52   0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id a9db103780634654c8958d9c3103e76a45935d03708822e174383d4c905d2fc8 -address /run/containerd/containerd.sock
root       28530  0.0  0.4 713328 18104 ?        Sl   14:53   0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id c604138fd8f9a69970e4ebaa10b2d5c9391d8f4e715671aaa6d9e6173a8dd29e -address /run/containerd/containerd.sock
root       28774  0.0  0.4 713328 16648 ?        Sl   15:14   0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id a28681b066cd4c6e598006761119f3aa47296ad6d8fa502dfbed5247e7899bde -address /run/containerd/containerd.sock
root       28969  0.0  0.0  12348  1148 pts/0    S+   15:55   0:00 grep --color=auto containerd-shi
[root@sc-docker ~]# ps aux|grep containerd-shi|wc -l
8
[root@sc-docker ~]#
=====

2.volume + mount

volumes 数据卷 --》存放数据的地方
Mount 挂载

创建卷,查看卷,使用卷

[root@sc-docker sc-web]# docker run -d --name xuzz-2 -p 7789:80 -v /sc-web/:/usr/share/nginx/html/ nginx
b63a108a9eb82aa324106aa20094ae7e5c2a347baee3e390de594aa4c8485ca0
[root@sc-docker sc-web]# docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS          PORTS   NAMES
b63a108a9eb8   nginx          "/docker-entrypoint.…"   2 seconds ago   Up 1 second     0.0.0.0:7789->80/tcp, :::7789->80/tcp   xuzz-2
e9602a507295   nginx          "/docker-entrypoint.…"   3 minutes ago   Up 3 minutes    0.0.0.0:7788->80/tcp, :::7788->80/tcp   xuzz-1
a4078e1a7ea1   mysql:5.7.35   "docker-entrypoint.s…"   23 hours ago    Up 17 minutes   0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   sc-mysql-1
[root@sc-docker sc-web]#
创建卷
[root@sc-docker sc-web]# docker volume create sc
sc
[root@sc-docker sc-web]#
查看卷
[root@sc-docker _data]# docker volume ls
DRIVER    VOLUME NAME
local     a112a3c96f69a0df6e0be0dd156d8752c79d42a48917ea13c5a7f239c39056f0
local     sc
[root@sc-docker _data]#
[root@sc-docker _data]# docker volume inspect sc 查看卷的路径
[
    {
        "CreatedAt": "2021-08-12T16:30:30+08:00",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/sc/_data",
        "Name": "sc",
        "Options": {},
        "Scope": "local"
    }
]
[root@sc-docker _data]# cp /sc-web/* .
[root@sc-docker _data]# ls
feng.jpg  index.html  sc.html  xiong.jpg
[root@sc-docker _data]#
[root@sc-docker _data]#

使用卷:  容器去使用卷

docker run -d \
  --name fan-nginx-1 \
  --mount source=sc,target=/usr/share/nginx/html  \
  -p 7790:80 \
  nginx:latest

使用docker 来运行

 [root@sc-docker _data]# docker run -d   --name fan-nginx-1   --mount source=sc,target=/usr/share/nginx/html -p 7790:80   nginx:latest
ed4d7192e658d9f327ebee8bcdaaedb36f78dffe0c5666d32b7b3c831343fbaa
[root@sc-docker _data]#
docker run -d   --name wangll-nginx-1   --mount source=sc,target=/usr/share/nginx/html -p 7791:80   nginx:latest


docker run -d \
  --name xuzz-3 \
  -v sc:/usr/share/nginx/html \
  nginx:latest

  docker run -d --name xuzz-2 -p 7789:80 -v /sc-web/:/usr/share/nginx/html/ nginx

3.练习:

1.创建一个卷: sanchuang,在sanchuang卷里创建一个index.html首页文件,内容welcome to sanchuang
2.创建2个容器名字自己定义:rose-1 rose-2,启动nginx,使用sanchuang这个卷
3.测试访问

具体操作:

(1)创建卷,并且往卷里新建文件index.html

[root@sc-docker _data]# docker volume ls
DRIVER    VOLUME NAME
local     a112a3c96f69a0df6e0be0dd156d8752c79d42a48917ea13c5a7f239c39056f0
local     sc
[root@sc-docker _data]# docker volume create sanchuang
sanchuang
[root@sc-docker _data]# docker volume ls
DRIVER    VOLUME NAME
local     a112a3c96f69a0df6e0be0dd156d8752c79d42a48917ea13c5a7f239c39056f0
local     sanchuang
local     sc
[root@sc-docker _data]# docker volume inspect sanchaung
[]
Error: No such volume: sanchaung
[root@sc-docker _data]# docker volume inspect sanchuang
[
    {
        "CreatedAt": "2021-08-12T17:16:26+08:00",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/sanchuang/_data",
        "Name": "sanchuang",
        "Options": {},
        "Scope": "local"
    }
]
[root@sc-docker _data]#
[root@sc-docker _data]# cd /var/lib/docker/volumes/sanchuang/_data/
[root@sc-docker _data]# ls
[root@sc-docker _data]# vim index.html
[root@sc-docker _data]# cat index.html
welcome to sanchuang
[root@sc-docker _data]#

(2)启动容器使用卷

[root@sc-docker _data]# docker run -d --name rose-nginx-1 -p 6688:80 --mount source=sanchuang,target=/usr/share/nginx/html nginx
2d269942c411213d41b63bb1596113b7eb854313beb05e14101a1dfbc4448896
[root@sc-docker _data]# docker run -d --name rose-nginx-2 -p 6689:80 --mount source=sanchuang,target=/usr/share/nginx/html nginx
75db457a31e0c36caeddcedce84bb1171d06c9afed2d01d4e176a5f0a1ea1731
[root@sc-docker _data]# docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED             STATUS             PORTS          NAMES
75db457a31e0   nginx          "/docker-entrypoint.…"   4 seconds ago       Up 3 seconds       0.0.0.0:6689->80/tcp, :::6689->80/tcp          rose-nginx-2
2d269942c411   nginx          "/docker-entrypoint.…"   20 seconds ago      Up 19 seconds      0.0.0.0:6688->80/tcp, :::6688->80/tcp          rose-nginx-1
efec9667c9d1   nginx:latest   "/docker-entrypoint.…"   42 minutes ago      Up 42 minutes      0.0.0.0:7791->80/tcp, :::7791->80/tcp          wangll-nginx-1
ed4d7192e658   nginx:latest   "/docker-entrypoint.…"   46 minutes ago      Up 46 minutes      0.0.0.0:7790->80/tcp, :::7790->80/tcp          fan-nginx-1
b63a108a9eb8   nginx          "/docker-entrypoint.…"   56 minutes ago      Up 56 minutes      0.0.0.0:7789->80/tcp, :::7789->80/tcp          xuzz-2
e9602a507295   nginx          "/docker-entrypoint.…"   About an hour ago   Up About an hour   0.0.0.0:7788->80/tcp, :::7788->80/tcp          xuzz-1
a4078e1a7ea1   mysql:5.7.35   "docker-entrypoint.s…"   24 hours ago        Up About an hour   0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   sc-mysql-1
[root@sc-docker _data]#

三.为什么有些容器启动的时候需要使用 -it 有些不需要?

答: centos7或者Ubuntu的基础镜像,在启动的时候,
FROM scratch
ADD ubuntu-focal-oci-amd64-root.tar.gz /
CMD [“bash”] --》容器启动的时候运行的程序是bash
运行程序:
在前台运行,容器就会一直运行 --》状态up
在后台运行或者程序运行完成后,容器就会退出 --》Exited

[root@sc-docker-server yihe]# cat Dockerfile
FROM busybox
WORKDIR /
ENV bsg yihe

CMD ["/bin/sh","-c","echo sanchuang;sleep 120;echo ok"]
[root@sc-docker-server yihe]#
[root@sc-docker-server yihe]# docker build -t liuzhiwen-1 .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM busybox
 ---> 69593048aa3a
Step 2/4 : WORKDIR /
 ---> Running in 91a9656d37cd
Removing intermediate container 91a9656d37cd
 ---> 082532aa28b2
Step 3/4 : ENV bsg yihe
 ---> Running in e98af2f5e345
Removing intermediate container e98af2f5e345
 ---> 96a1ce8ca021
Step 4/4 : CMD ["/bin/sh","-c","echo sanchuang;sleep 120;echo ok"]
 ---> Running in 8632471866f6
Removing intermediate container 8632471866f6
 ---> 38d5452f4e4c
Successfully built 38d5452f4e4c
Successfully tagged liuzhiwen-1:latest
[root@sc-docker-server yihe]# docker images
REPOSITORY                 TAG         IMAGE ID       CREATED          SIZE
liuzhiwen-1                latest      38d5452f4e4c   14 seconds ago   1.24MB

[root@sc-docker-server yihe]# docker run -d --name liuzhiwen-1 liuzhiwen-1
051d93caaecbc3a3f0c2a3c5c803305d1744303b593255b638175c9f76f14a97
[root@sc-docker-server yihe]# docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS        PORTS               NAMES
051d93caaecb   liuzhiwen-1    "/bin/sh -c 'echo sa…"   2 seconds ago   Up 1 second               liuzhiwen-1
f1d0ff67eda9   sc-zhengbo-1   "bash"                   5 hours ago     Up 5 hours               zhengbo-1
43d7ba23726e   sc-ubuntu-1    "bash"                   6 hours ago     Up 6 hours               feng-2
c918a318e274   sc-node-js-1   "docker-entrypoint.s…"   6 hours ago     Up 6 hours    0.0.0.0:3000->3000/tcp, :::3000->3000/tcp              sc-node-js-1
a4078e1a7ea1   mysql:5.7.35   "docker-entrypoint.s…"   7 days ago      Up 3 hours    0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp   sc-mysql-1
[root@sc-docker-server yihe]# docker top liuzhiwen-1
UID                 PID                 PPID                C                   STIME               TTY                 TIME               CMD
root                40704               40684               0                   16:46               ?                   00:00:00            /bin/sh -c echo sanchuang;sleep 120;echo ok
root                40734               40704               0                   16:46               ?                   00:00:00            sleep 120
[root@sc-docker-server yihe]#

四.Linux set命令

set指令能设置所使用shell的执行方式,可依照不同的需求来做设置。
语法
set [±abCdefhHklmnpPtuvx]
参数说明:
-e  若指令传回值不等于0,则立即退出shell。
-u  当执行时使用到未定义过的变量,则显示错误信息。
-x  执行指令后,会先显示该指令的执行过程及所下的参数。

五.容器使用宿主机里的网站数据

1. 使用volume方式来解决

[root@sc-docker-server web]# docker run -dp 3391:80 -v /web:/usr/local/nginx1/html  --name sc-yihe-nginx-2  sanchuang-nginx:1.0
52ecb99fd61d91f44856a175bad7d35112455644c561c20deb16d0378fe5413d
[root@sc-docker-server web]# docker ps
CONTAINER ID   IMAGE                 COMMAND                  CREATED         STATUS         PORTS                       NAMES
52ecb99fd61d   sanchuang-nginx:1.0   "nginx -g 'daemon of…"   4 seconds ago   Up 2 seconds   0.0.0.0:3391->80/tcp, :::3391->80/tcp                  sc-yihe-nginx-2

2.创建volume danyonghuan

[root@sc-docker-server web]# docker volume create danyonghuan
danyonghuan
[root@sc-docker-server web]# docker volume ls
DRIVER    VOLUME NAME
local     danyonghuan
local     e40cbe20d54605ce2530798bfe167b105b0fb1ac48d2e437128f985d7440cf07
local     sanchuang
local     sc
local     shiyaling
[root@sc-docker-server web]# docker volume inspect danyonghuan
[
    {
        "CreatedAt": "2021-08-18T17:10:36+08:00",
        "Driver": "local",
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/danyonghuan/_data",
        "Name": "danyonghuan",
        "Options": {},
        "Scope": "local"
    }
]

3.拷贝/web下的网页的内容到数据卷danyonghuan对应的目录下

[root@sc-docker-server web]# cp /web/* /var/lib/docker/volumes/danyonghuan/_data/ -r
[root@sc-docker-server web]#

4.启动容器使用卷

[root@sc-docker-server web]# docker run -dp 3392:80 --name sc-yihe-nginx-3 --mount source=danyonghuan,target=/usr/local/nginx1/html sanchuang-nginx:1.0
0708d3d523e7fafd32dbd6c0710b5222f9b2ec4c4b26a63ceadf3d1dfe6a3f50
[root@sc-docker-server web]# docker ps
CONTAINER ID   IMAGE                 COMMAND                  CREATED          STATUS          PORTS                         NAMES
0708d3d523e7   sanchuang-nginx:1.0   "nginx -g 'daemon of…"   4 seconds ago    Up 3 seconds    0.0.0.0:3392->80/tcp, :::3392->80/tcp                  sc-yihe-nginx-3
52ecb99fd61d   sanchuang-nginx:1.0   "nginx -g 'daemon of…"   5 minutes ago    Up 5 minutes    0.0.0.0:3391->80/tcp, :::3391->80/tcp                  sc-yihe-nginx-2
de5472545b7a   sanchuang-nginx:1.0   "nginx -g 'daemon of…"   13 minutes ago   Up 13 minutes   0.0.0.0:3390->80/tcp, :::3390->80/tcp                  sc-yihe-nginx-1
[root@sc-docker-server web]#

5.将网站的数据做到镜像里

[root@sc-docker-server nginx]# cat Dockerfile
FROM centos:7
ENV NGINX_VERSION 1.21.1
ENV AUTHOR sanchuang
LABEL maintainer="cali<695811769@qq.com>"
RUN mkdir /nginx
WORKDIR /nginx
COPY . /nginx
RUN set -ex; \
    bash  install_nginx.sh ; \
    yum install vim iputils  net-tools iproute -y
EXPOSE 80
ENV PATH=/usr/local/nginx1/sbin:$PATH

STOPSIGNAL SIGQUIT
COPY  web/*  /usr/local/nginx1/html/             ---》拷贝网站代码到镜像里nginx的网页根目录
CMD ["nginx","-g","daemon off;"]

6.生成镜像

[root@sc-docker-server nginx]# docker build -t sanchaung-nginx:2.0 .

7.生成镜像

[root@sc-docker-server nginx]# docker run -dp 3393:80 --name sc-yihe-nginx-4 sanchaung-nginx:2.0
71b7173bb7a2d2f5f1485f4234cb65a75b505f1fe6154497bf3084d3e2a278e2
[root@sc-docker-server nginx]# docker ps
CONTAINER ID   IMAGE                 COMMAND                  CREATED          STATUS          PORTS                         NAMES
71b7173bb7a2   sanchaung-nginx:2.0   "nginx -g 'daemon of…"   3 seconds ago    Up 2 seconds    0.0.0.0:3393->80/tcp, :::3393->8

总结

1.这里出现的问题都是面试中的经典考题,可以好好整理一下答案.

2.对于volume 和 mount 的实验,创建和挂载卷的操作是经常使用的,可以做做练习熟练一下.

3.如果你看到这里了,麻烦👍 + 关注哈,感谢支持,码字不易,谢谢理解.*

在这里插入图片描述

Logo

为开发者提供学习成长、分享交流、生态实践、资源工具等服务,帮助开发者快速成长。

更多推荐