Introduction to Docker
Docker An open source application container engine that allows developers to package their applications and dependencies into a portable container and then publish them to any popular application. Linux Virtualization can also be achieved on machines. Containers are completely sandboxed with no interfaces (similar to each other)
app for the iPhone. With almost no performance overhead, it is easy to run in machine and data centers. Most importantly, they do not depend on any language, framework, or system.
Baidu Encyclopedia
premise
First, your Centos system must be 64-bit, regardless of the version. And the kernel version is at least 3.10 or more.
Use the following commands to view your kernel version:
$ uname -r
3.10.0-229.el7.x86_64
- 1
- 2
- 1
- 2
Finally, it is recommended that you update your system, because the latest kernel may fix some bug s in the old version.
install
Installation with yum
Log in with users with sudo or root privileges.
Make sure your yum package is updated
$ sudo yum update
- 1
- 1
Adding yum warehouse
$ sudo tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
Install the Docker package
$ sudo yum install docker-engine
- 1
- 1
- Open docker deamon
$ sudo service docker start
- 1
- 1
Verify that docker was successfully installed
$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from hello-world
a8219747be10: Pull complete
91c95931e552: Already exists
hello-world:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:aa03e5d0d5553b4c3473e89c8619cf79df368babd1.7.1cf5daeb82aab55838d
Status: Downloaded newer image for hello-world:latest
Hello from Docker.
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(Assuming it was not already locally available.)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
For more examples and ideas, visit:
http://docs.docker.com/userguide/
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
Start-up self-start
$ sudo chkconfig docker on
- 1
- 1
uninstall
List the packages you installed
$ yum list installed | grep docker
yum list installed | grep docker
docker-engine.x86_64 1.7.1-1.el7 @/docker-engine-1.7.1-1.el7.x86_64.rpm
- 1
- 2
- 3
- 1
- 2
- 3
Delete installation packages
$ sudo yum -y remove docker-engine.x86_64
- 1
- 1
Delete mirrors/containers, etc.
$ rm -rf /var/lib/docker
Centos7 opens or closes the firewall (this is an important step, otherwise when the local container binds to the host port to provide services, other local containers cannot access the service)
sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0
Sudo firewall-cmd -- permanent -- zone = trusted -- add-port = XXXX / tcp# xxxxx to the port number you want
sudo firewall-cmd --reload
Close firewall:
System CTL stop firewalld. service # stop firewall
System CTL disable firewalld. service # disable firewall boot
firewall-cmd --state # View the default firewall status (not running after closing, running after opening)
Iptables firewall (where iptables are installed, configure below) vi/etc/sysconfig/iptables# Edit firewall configuration file # sampleconfiguration for iptables service # you can edit thismanually or use system-config-firewall # please do not askus to add additional ports/services to this default configuration *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT[0:0] :OUTPUT ACCEPT[0:0] -A INPUT -m state--state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -jACCEPT -A INPUT -i lo -jACCEPT -A INPUT -p tcp -mstate --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -jACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080-j ACCEPT -A INPUT -j REJECT--reject-with icmp-host-prohibited -A FORWARD -jREJECT --reject-with icmp-host-prohibited COMMIT wq! # Save and Exit
Note: Ports 80 and 8080 are used as examples. The *** section is generally added above or below the line'-A INPUT-p TCP-M state-state NEW-m tcp-dport 22-j ACCEPT', and be sure not to add it to the last line, otherwise the firewall will not take effect after reboot. System CTL restart iptables. service # Finally restart the firewall to make the configuration effective System ctlenable iptables. service # Set up firewall boot