Docker 官网 的示例中基本上采用的是Ubuntu来作为环境的,但大部分企业相比来说还是采用RedHat/CentOS 系列的比较多,故这里整理了一篇从yum源方式制作自己干净简单的Docker镜像开始,一步一步构建具有SSH功能,Java/Tomcat环境,用Supervisor来启动并监控服务,最后构建具有Oracle等企业应用服务的完整Docker镜像。
环境准备
Mac环境
我的电脑是Mac OS X,故使用brew来安装 Boot2docker 来运行docker,安装过程中会从亚马逊下载Boot2docker ISO镜像,需要用VPN翻墙。另前期需要安装好VirtuBox 这个虚拟机软件。
启动boot2docker
1
2
3
4
MacBookPro:~ hzchenkj$boot2docker start
Waiting for VM and Docker daemon to start...
......
MacBookPro:~ hzchenkj$export DOCKER_HOST=tcp://192.168 .59.103 :2376
然后查看下docker的版本:
1
2
3
4
5
6
7
8
9
10
MacBookPro:hzchenkj$ docker version
Client version: 1.3 .0
Client API version: 1.15
Go version (client): go1.3.3
Git commit (client): c78088f
OS/Arch (client): darwin/amd64
Server version: 1.3 .0
Server API version: 1.15
Go version (server): go1.3.3
Git commit (server): c78088f
Linux环境(CentOS)
1 配置epel yum,使用国内的repo访问速度比较快
1
2
3
4
cd /etc/yum.repos.d/
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6 .repo
rpm -ivh http://mirrors.aliyun.com/epel/6 Server/x86_64/epel-release-6 -8 .noarch.rpm
2 yum更新
1
yum clean all && yum makecache && yum update -y
3 安装docker并启动docker服务
1
2
3
4
5
6
7
8
9
10
11
12
13
yum install docker-io
service docker start
chkconfig docker on
docker version
[root@master ~]
Client version: 1.1 .2
Client API version: 1.13
Go version (client): go1.2.2
Git commit (client): d84a070/1.1 .2
Server version: 1.1 .2
Server API version: 1.13
Go version (server): go1.2.2
Git commit (server): d84a070/1.1 .2
测试docker
1
2
3
$ docker run base /bin/echo hello world
hello world
看起来简单,但后台做了很多的事情: 1 Generated a new LXC container 2 Created a new file system 3 Mounted a read/write layer 4 Allocated network interface 5 Setup IP 6 Setup NATing 7 Executed the process in the container 8 Captured it’s output 9 Printed to screen
10 Stopped the container
构建CentOS基础镜像
使用 febootstrap 从yum源 构建简洁的CentOS 镜像 (由于Mac上没有febootstrap,在Linux环境上安装并制作基础镜像,然后导入到Mac上运行)
1
2
3
yum -y install febootstrap
febootstrap -i bash -i wget -i yum -i iputils -i iproute -i man -i vim-minimal centos65 centos65-image http://mirrors.aliyun.com/centos/6.5 /os/x86_64/
制作Docker镜像,镜像名字是centos6-base
1
cd centos65-image && tar -c .|docker import - centos65-base
查看镜像列表
1
2
3
4
$docker images
[root@master centos65-image]
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos65-base latest 0 b1acae7bfea 18 seconds ago 292.3 MB
导出该基础镜像备份,可以使用save或者export命令
1
2
3
4
5
6
$docker save centos65-base > /tmp/centos65-base-save.tar
$tar zcvf centos65-base-save.tar.gz centos65-base-save.tar
$docker export 6 c5563 > /tmp/centos65-base-export.tar
$docker images --tree
export 导出的是容器当用所用的镜像内容. save 保存的是所有这个镜像的版本记录,包括一些历史数据.
另外整理记录两个常用的命令:
1
2
$docker rm $(docker ps -q -a ) 一次性删除所有的容器,
$docker rmi $(docker images -q) 一次性删除所有的镜像
到另外一台docker主机导入,此处是Mac环境
1
2
MacBookPro:~ hzchenkj$docker load < /tmp/centos65-base.tar
MacBookPro:~ hzchenkj$$docer images
构建CentOS SSH服务镜像
制作可以ssh登陆的Docker镜像,名字是centos6-ssh,先创建目录
1
2
mkdir -p ~/docker/centos65-ssh
cd ~/docker/centos65-ssh
Dockerfile 创建文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
FROM centos65-base
MAINTAINER hzchenkj <hzchenkj@163 .com>
RUN rpm -ivh http://mirrors.aliyun.com/epel/6 Server/x86_64/epel-release-6 -8 .noarch.rpm
RUN yum -y install openssh-server supervisor
RUN rm -rf /var/cache/yum/
RUN ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key
RUN ssh-keygen -q -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key
RUN sed -ri 's/session required pam_loginuid.so/#session required pam_loginuid.so/g' /etc/pam.d/sshd
RUN mkdir -p /root/.ssh && chown root.root /root && chmod 700 /root/.ssh
RUN echo 'root:123456' | chpasswd
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
ADD supervisord.conf /etc/supervisord.conf
EXPOSE 8080 22
CMD supervisord -c /etc/supervisord.conf
supervisord.conf 使用supervisord服务
1
2
3
4
[supervisord]
nodaemon=true
[program:sshd]
command=/usr/sbin/sshd -D
开始构建
1
2
3
4
5
6
7
8
9
10
11
12
[jun@master centos65-ssh]$docker build -t centos65-ssh ~/docker/centos65-ssh
Sending build context to Docker daemon 4.096 kB
Sending build context to Docker daemon
Step 0 : FROM centos65-base
---> 0 b1acae7bfea
Step 1 : MAINTAINER hzchenkj <hzchenkj@163 .com>
---> Running in fdac76e3148b
---> d927b5f78971
Removing intermediate container fdac76e3148b
Step 2 : RUN yum -y install openssh-server
---> Running in e3dcbd612317
可以看到centos65-ssh 镜像
1
2
3
4
[jun@master centos65-ssh]$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos65-ssh latest 166 d41113466 13 seconds ago 311.3 MB
centos65-base latest 6 f5454ae061a 6 minutes ago 311.3 MB
运行镜像centos65-ssh ,暴露端口(docker run -d -P centos65-ssh)
1
2
3
4
5
[jun@master centos65-ssh]$ docker run -d -p 127.0 .0.1 :33301 :22 centos65-ssh
867187 ab245f3edf79a4d422f9ac8be549baebf1367f7badfdf35de1c8005e1c
[jun@master centos65-ssh]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
867187 ab245f centos65-ssh:latest /bin/sh -c 'supervis 3 seconds ago Up 2 seconds 8080/tcp, 127.0.0.1:33301->22/tcp elegant_wilson
ssh登陆容器:
1
2
3
4
5
6
7
[jun@master ~]$ ssh root@127.0 .0.1 -p 33301
The authenticity of host '[127.0.0.1]:33301 ([127.0.0.1]:33301)' can't be established.
RSA key fingerprint is f4:f3:2c:21:a0:df:1e:00:a2:e0:e6:e4:ae:a1:0e:70.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0 .0.1 ]:33301 ' (RSA) to the list of known hosts.
root@127.0.0.1's password:
-bash-4.1
关闭容器
1
2
3
[jun@master centos65-ssh]$ docker stop 867187 ab245f
867187 ab245f
[jun@master centos65-ssh]$
后面使用这个centos65-ssh 来做基础的镜像,来构建Tomcat和Oracle 镜像