docker基础
linux namespace机制可参考:http://www.infoq.com/cn/artic…
linux cgroups机制可参考:http://www.infoq.com/cn/artic…
docker服务安装
宿主机系统与docker版本选型
从现有的系统来看centos7对虚拟化的支持相对来说更完美,对于docker的版本当然是最新的版本功能更完善;故选择 Centos7+docker最新版本
kernel升级
现象描述:系统死机
原因描述:centos7.1默认安装的内核为3.10版本,对于运行少量的容器来说不存在任何问题,当运行容器的数量增多时(比如100台)就会发现容器运行一段时间后操作系统会死机,导致整个物理机不可用,经研究发现将系统内核升级到4.2即可解决此问题。
解决方案:
查看系统当前内核版本
[root@docker6 ~]# uname -a
Linux docker6.stg.1qianbao.com 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
升级kernel至4.2
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum install http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml
grub2-set-default 0
重启操作系统
reboot
再次查看kernel版本
[root@docker6 ~]# uname -a
Linux docker6 4.2.1-1.el7.elrepo.x86_64 #1 SMP Mon Sep 21 20:01:19 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
如需卸载可使用
yum remove kernel-ml
安装docker
配置yum源
[root@docker6 ~]# vim /etc/yum.repos.d/docker.repo
[docker-epel]
name=docker-epel
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
gpgcheck=0
亦可下载相关rpm包至服务器安装。
安装docker
[root@docker6 ~]# yum install docker -y
Loaded plugins: fastestmirror
Repository 'moosefs' is missing name in configuration, using id
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
.......
Complete!
启动docker服务
[root@docker6 ~]# systemctl start docker.service
查看docker版本
[root@docker6 ~]# docker -v
Docker version 1.7.1, build 786b29d/1.7.1
拉取docker镜像
本处使用自定仓储,使用时请根据实际情况修改
搜索仓储里面的镜像
如果仓储不是https协议需在docker服务参数中使用--insecure-registry=xxoo.com
添加至信任列表,并重启服务
[root@docker6 ~]# docker search 1qianbao.com/jboss
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
1qianbao.com 1qianbao.com/library/centos6.5_jboss 0
1qianbao.com 1qianbao.com/library/centos6.5_jboss_base 0
1qianbao.com 1qianbao.com/library/jboss 0
1qianbao.com 1qianbao.com/library/jboss_logstash 0
拉取到本地
[root@docker6 ~]# docker pull 1qianbao.com/jboss
Using default tag: latest
512b1dcc52f6: Download complete
0757207a8bea: Download complete
bf839298b71b: Download complete
15661f85a6fd: Download complete
d4f8087e2cbc: Download complete
7aebe5484289: Download complete
35bd70dfe627: Download complete
070eee356b7c: Download complete
6559d408744a: Download complete
d9406fd1f731: Download complete
Status: Downloaded newer image for 1qianbao.com/jboss:latest
查看本地镜像
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
1qianbao.com/jboss latest 512b1dcc52f6 7 weeks ago 832.8 MB
创建一个容器
[root@docker6 ~]# docker run -id -h test_hostname --name test_conftainer_name 1qianbao.com/jboss /bin/bash
2744cb820ec0b2d8a80d347df3d6631703822841066954ad1dbd3ba779fb09c2
[root@docker6 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2744cb820ec0 1qianbao.com/jboss "/bin/bash" 59 seconds ago Up 58 seconds 22/tcp test_conftainer_name
[root@docker6 ~]# docker exec test_conftainer_name whoami
root
查看容器信息
[root@docker6 ~]# docker inspect test_conftainer_name
[
{
"Id": "2744cb820ec0b2d8a80d347df3d6631703822841066954ad1dbd3ba779fb09c2",
"Created": "2017-03-09T08:18:35.542367209Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 41307,
"ExitCode": 0,
"Error": "",
"StartedAt": "2017-03-09T08:18:35.942277675Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "512b1dcc52f663dcc136570f64793fa1a7f4dbb69024e4704a055ef90104ec6f",
.......
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LxcConf": [],
"Memory": 0,
"MemorySwap": 0,
"CpuShares": 0,
"CpuPeriod": 0,
"CpusetCpus": "",
.......
]
自定义服务启动参数
修改配置文件
[root@docker4 ~]# cat /etc/sysconfig/docker
# /etc/sysconfig/docker
# Modify these options if you want to change the way the docker daemon runs
OPTIONS='--selinux-enabled=false --storage-driver=devicemapper --storage-opt dm.basesize=100G --insecure-registry=1qianbao.com -b br0 -H unix:///var/run/docker.sock -H tcp://0.0.0.0:9999'
参数详解
--storage-driver=devicemapper #使用devicemapper方式驱动,驱动模式详细介绍可参照[http://blog.csdn.net/qq_26923057/article/details/52351731][3]
--storage-opt dm.basesize=100G #为每个容器分配100G磁盘空间
--selinux-enabled=false #容器内禁用selinux
--insecure-registry=1qianbao.com #指定http协议访问的仓储地址
-H unix:///var/run/docker.sock #指定docker服务的socket文件位置,可供其它应用通过socket形式访问
-H tcp://0.0.0.0:9999 #指定docker服务remote api端口,可通过docker-py远程连接访问
-b br0 #容器网络使用桥接形式,桥接至本机br0网卡
修改完毕后,重启docker服务即可
容器资源限制
内存限制
-m, --memory="" #限制容器使用的物理内存,单位可以为k, m, g等
--memory-swap="" #限制容器物理内存+swap缓存总和的大小,单位可以为k, m, g等
实例:
[root@docker6 ~]# docker run -id -m 4g --memory-swap=4g -h test_hostname --name test_conftainer_name 1qianbao.com/jboss /bin/bash
2b4dbf2a3d2a146d2958210b783ad7a4fee413c0399757d43464a8a9802bb446
[root@docker6 ~]# docker inspect test_conftainer_name | grep-i 'mem'
"Memory": 4294967296,
"MemorySwap": 4294967296,
"CpusetMems": "",
"MemorySwappiness": -1,
CPU限制
--cpu-shares=0 #设置CPU利用率权重,默认为1024
--cpu-period=0 #限制容器的CPU使用周期。一般--cpu-period配合--cpu-quota一起使用。例如cpu-period为100ms,cpu-quota为200ms,表示最多可以使用2个cpu;默认值为100ms
--cpuset-cpus="" #绑定指定容器使用指定CPU,默认使用所有cpu核心
--cpu-quota=0 #与--cpu-period配合使用
实例:
[root@docker6 ~]# docker run -id --cpu-shares=100 --cpu-period=100000 --cpu-quota=200000 -h test_hostname_cpu --name test_conftainer_cpu 1qianbao.com/jboss /bin/bash
8f1894bf1550f929d10164b3f538af66d7e5922611b58556f5baeea91dfd1c97
[root@docker6 ~]# docker inspect test_conftainer_cpu | grep -i cpu
"Name": "/test_conftainer_cpu",
"CpuShares": 100,
"CpuPeriod": 100000,
"CpusetCpus": "",
"CpusetMems": "",
"CpuQuota": 200000,
"Hostname": "test_hostname_cpu",
[root@docker6 ~]# docker exec -it test_conftainer_cpu /bin/bash
[root@test_hostname_cpu /]# cat high_cpu.sh
#!/bin/bash
while :
do
let '1+1'
done
[root@test_hostname_cpu /]# bash high_cpu.sh &
[1] 2105
[root@test_hostname_cpu /]# bash high_cpu.sh &
[2] 2106
[root@test_hostname_cpu /]# bash high_cpu.sh &
[3] 2107
[root@test_hostname_cpu /]# ps -ef | grep high_cpu
root 2105 18 70 17:08 ? 00:00:22 bash high_cpu.sh
root 2106 18 67 17:08 ? 00:00:20 bash high_cpu.sh
root 2107 18 68 17:08 ? 00:00:19 bash high_cpu.sh
root 2111 18 0 17:08 ? 00:00:00 grep high_cpu
[root@docker6 ~]# docker stats test_conftainer_cpu
CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O
test_conftainer_cpu 200.04% 15.09 MB/270.4 GB 0.01% 648 B/648 B
服务调优
内核调优
现象描述:网络高延时、丢包
原因描述:单台宿主机运行百台以上容器时,对宿主机的压力相应增加,其中网络方面表现最为明显;
以ARP为例:容器使用br0的网络与外面通信,这样每台容器都会将arp信息缓存下来,如果100台容器分别将网关、宿主机这两条信息存入ARP缓存表,那么物理机上的arp缓存表就有200条;而系统默认的arp缓存条目为128条,所以将导致一部分arp信息被覆盖掉。如果容器间进行频繁的网络通信,就会表现出大量的延时甚至丢包。
[root@docker6 ~]# cat /proc/sys/net/ipv4/neigh/default/gc_thresh1 #系统默认的ARP缓存条目
128
[root@docker6 ~]# cat /proc/sys/net/ipv4/neigh/default/gc_thresh2 #系统ARP条目值的软限制
512
[root@docker6 ~]# cat /proc/sys/net/ipv4/neigh/default/gc_thresh3 #系统ARP条目值的硬限制
1024
解决方案:
修改系统内核参数
[root@docker6 ~]# vim /etc/sysctl.conf
# System default settings live in /usr/lib/sysctl.d/00-system.conf.
# To override those settings, enter new settings here, or in an /etc/sysctl.d/<name>.conf file
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward=1
net.ipv4.neigh.default.gc_thresh1=25600
net.ipv4.neigh.default.gc_thresh2=51200
net.ipv4.neigh.default.gc_thresh3=102400
net.core.rmem_default = 2097152
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.core.wmem_default = 2097152
net.ipv4.neigh.default.base_reachable_time = 172800
net.ipv4.neigh.default.gc_stale_time = 172800
kernel.msgmax=65536
kernel.msgmnb=65536
重启或执行如下命令使之生效
[root@docker6 ~]# sysctl -p
ulimit调优
现象描述:容器启动服务时资源耗尽
原因描述:大宿主机情况下,多个容器并行启动多进程或多线程服务时大量消耗文件句柄导致资源耗尽。
解决方案:修改系统对普通用户的nproc
限制
[root@docker6 ~]# cat /etc/security/limits.d/20-nproc.conf
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
#* soft nproc 4096
root soft nproc unlimited
检测宿主机最大打开的句柄数可使用:for i in {1..200000};do sleep 2000 & done;
data资源池调优
docker服务启动的时候默认会创建一个107.4G的data文件,而后启动的容器的所有更改内容全部存储至这个data文件中;也就是说当容器内产生的相关data数据超过107.4G后容器就再也没有多余的空间可用,从而导致所有容器的根目录变为只读!
宿主机的docker info信息如下
[root@docker6 ~]# docker info
Data file: /dev/loop0
Data Space Used: 2.749 GB
Data Space Total: 107.4 GB
Data Space Available: 104.6 GB
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
解决方案:使用磁盘分区、lvs逻辑卷、虚拟大文件替换data池文件
本例中使用虚拟大文件替换data池文件,步骤如下:
[root@docker6 ~]# cat init_docker.sh
#!/bin/bash
echo "stop docker service"
service docker stop
echo "delete the docker data pool"
/bin/rm -rf /var/lib/docker/
echo "create docker data pool"
mkdir -p /var/lib/docker/devicemapper/devicemapper/
dd if=/dev/zero bs=1G count=0 of=/var/lib/docker/devicemapper/devicemapper/data seek=1500
dd if=/dev/zero bs=1G count=0 of=/var/lib/docker/devicemapper/devicemapper/metadata seek=2
#clear veth net
ifconfig | grep veth | awk -F ':' '{print $1}' | while read LINE;do ip link delete $LINE;done
echo "start docker service"
service docker start
[root@docker6 ~]# bash init_docker.sh
执行上述命令后,docker info信息如下
[root@docker6 ~]# docker info | grep Data
Data file: /dev/loop2
Data Space Used: 1.821 GB
Data Space Total: 1.611 TB
Data Space Available: 1.491 TB
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
制作镜像文件
基于YUM源制作镜像
如要制作centos6版本镜像,宿主机必须也为centos6系统;同理制作centos7惊险需在centos7版本宿主机上执行
制作镜像脚本如下:
[root@testmanager ~]# cat create_base_container.sh
#!/bin/bash
yum_config=/etc/yum.conf
if [ -f /etc/dnf/dnf.conf ] && command -v dnf &> /dev/null; then
yum_config=/etc/dnf/dnf.conf
alias yum=dnf
fi
target=$(mktemp -d --tmpdir $(basename $0).XXXXXX)
set -x
mkdir -m 755 "$target"/dev
mknod -m 600 "$target"/dev/console c 5 1
mknod -m 600 "$target"/dev/initctl p
mknod -m 666 "$target"/dev/full c 1 7
mknod -m 666 "$target"/dev/null c 1 3
mknod -m 666 "$target"/dev/ptmx c 5 2
mknod -m 666 "$target"/dev/random c 1 8
mknod -m 666 "$target"/dev/tty c 5 0
mknod -m 666 "$target"/dev/tty0 c 4 0
mknod -m 666 "$target"/dev/urandom c 1 9
mknod -m 666 "$target"/dev/zero c 1 5
if [ -d /etc/yum/vars ]; then
mkdir -p -m 755 "$target"/etc/yum
cp -a /etc/yum/vars "$target"/etc/yum/
fi
function clear_repo(){
rm -f "$target"/etc/yum.repos.d/*
cp /etc/yum.repos.d/*.repo "$target"/etc/yum.repos.d/
}
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y groupinstall 'Core'
clear_repo
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y groupinstall 'Base'
clear_repo
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y groupinstall 'Chinese Support'
clear_repo
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y install tar bind-utils wget man sysstat pexpect vim telnet net-tools mysql unzip zip tcpdump lrzsz openssh-clients expect pexpect
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y reinstall rpm-libs
yum -c "$yum_config" --installroot="$target" --releasever=/ --setopt=tsflags=nodocs --setopt=group_package_types=mandatory -y clean all
cat > "$target"/etc/sysconfig/network <<EOF
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOF
cat > "$target"/etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
TYPE=Ethernet
EOF
/bin/cp "$target"/usr/share/zoneinfo/Asia/Shanghai "$target"/etc/localtime
/bin/rm -f "$target"/var/lib/rpm/__db*
sed -i '/1024/d' "$target"/etc/security/limits.d/90-nproc.conf
echo 'ZONE="Asia/Shanghai"' > "$target"/etc/sysconfig/clock
echo 'UTC=False' >> "$target"/etc/sysconfig/clock
#root password is uplooking
password='$6$ZTypyZdt$0.qmfnMd3W5bCFfXjJ2FPPDxxZBVrxd5WYFeEyYfIEwyRXrQtHHztQdNwWjEwCiCPxiTzuTJmns3G7R5q5Y1W.'
sed -i "s#root:\*#root:${password}#" "$target"/etc/shadow
sed -i 's/#UseDNS yes/UseDNS no/' "$target"/etc/ssh/sshd_config
for file in "$target"/etc/{redhat,system}-release
do
if [ -r "$file" ]; then
version="$(sed 's/^[^0-9\]*\([0-9.]\+\).*$/\1/' "$file")"
break
fi
done
version=latest
if [ -z "$version" ]; then
echo >&2 "warning: cannot autodetect OS version, using '$name' as tag"
version=$name
fi
tar --numeric-owner -c -C "$target" . | docker import - $name:$version
docker run -i -t --rm $name:$version /bin/bash -c 'echo success'
rm -rf "$target"
执行结果如下:
[root@testmanager ~]# bash create_base_container.sh centos6.5_base_image
+ mkdir -m 755 /tmp/create_base_container.sh.vVacHy/dev
+ mknod -m 600 /tmp/create_base_container.sh.vVacHy/dev/console c 5 1
+ mknod -m 600 /tmp/create_base_container.sh.vVacHy/dev/initctl p
+ mknod -m 666 /tmp/create_base_container.sh.vVacHy/dev/full c 1 7
+ mknod -m 666 /tmp/create_base_container.sh.vVacHy/dev/null c 1 3
+ mknod -m 666 /tmp/create_base_container.sh.vVacHy/dev/ptmx c 5 2
........
+ '[' -z latest ']'
+ tar --numeric-owner -c -C /tmp/create_base_container.sh.vVacHy .
+ docker import - centos6.5_base_image:latest
94b212003e6acd1754442a7ce93279a8654c3122d46bbe79fd4ab077ebb1335f
+ docker run -i -t --rm centos6.5_base_image:latest /bin/bash -c 'echo success'
success
+ rm -rf /tmp/create_base_container.sh.vVacHy
查看制作的镜像:
[root@testmanager ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos6.5_base_image latest 94b212003e6a 4 minutes ago 438.6 MB
基于Dockerfile制作镜像
以制作nginx镜像为例:
编写nginx启动脚本
[root@testmanager docker_build_for_nginx]# cat start_nginx
#!/bin/bash
service nginx restart
/bin/bash
编写Dockerfile文件
[root@testmanager docker_build_for_nginx]# cat Dockerfile
FROM centos6.5_base_image
MAINTAINER shenpeng.roc@gmail.com
RUN yum install nginx -y
ADD start_nginx.sh /root/start_nginx.sh
EXPOSE 80
CMD ["/bin/bash /root/start_nginx.sh"]
制作镜像:
[root@testmanager docker_build_for_nginx]# docker build -t '1qianbao.com/nginx_test' .
Sending build context to Docker daemon 3.072 kB
Sending build context to Docker daemon
Step 0 : FROM centos6.5_base_image
---> 94b212003e6a
Step 1 : MAINTAINER shenpeng.roc@gmail.com
---> Running in 85d4b56471c5
---> c2a862a03b91
Removing intermediate container 85d4b56471c5
Step 2 : RUN yum install nginx -y
---> Running in 06864f81b09b
Loaded plugins: fastestmirror
Setting up Install Process
Resolving Dependencies
--> Running transaction check
........
Complete!
---> 2f7c48ade298
Removing intermediate container 06864f81b09b
Step 3 : ADD start_nginx.sh /root/start_nginx.sh
---> e2934b310453
Removing intermediate container e52c91bc10cb
Step 4 : EXPOSE 80
---> Running in 23722048bfd2
---> 44b7299c44f9
Removing intermediate container 23722048bfd2
Step 5 : CMD /bin/bash /root/start_nginx.sh
---> Running in dd73d04d5e66
---> f90eb2c8f500
Removing intermediate container dd73d04d5e66
Successfully built f90eb2c8f500
搭建registry仓储
安装registry软件包
[root@docker6 ~]# yum install docker-registry -y
仓储默认使用5000端口,配置项为REGISTRY_PORT
,配置文件内容如下:
[root@docker6 ~]# cat /etc/sysconfig/docker-registry
# The Docker registry configuration file
# DOCKER_REGISTRY_CONFIG=/etc/docker-registry.yml
# The configuration to use from DOCKER_REGISTRY_CONFIG file
SETTINGS_FLAVOR=local
# Address to bind the registry to
REGISTRY_ADDRESS=0.0.0.0
# Port to bind the registry to
REGISTRY_PORT=5000
# Number of workers to handle the connections
GUNICORN_WORKERS=8
启动仓储服务
[root@docker6 ~]# service docker-registry start
[root@docker6 ~]# netstat -antp | grep 5000
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 45148/python
上传镜像至仓储
docker-registry默认启动http协议,故需使用--insecure-registry=127.0.0.1:5000
选项添加信任;我的仓储搭建在本地所以使用127.0.0.1,可跟进实际情况修改,亦可使用域名
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
1qianbao.com/jboss latest 512b1dcc52f6 7 weeks ago 832.8 MB
[root@docker6 ~]# docker tag 1qianbao.com/jboss 127.0.0.1:5000/test_jboss
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
1qianbao.com/jboss latest 512b1dcc52f6 7 weeks ago 832.8 MB
127.0.0.1:5000/test_jboss latest 512b1dcc52f6 7 weeks ago 832.8 MB
[root@docker6 ~]# docker push 127.0.0.1:5000/test_jboss
The push refers to a repository [127.0.0.1:5000/test_jboss] (len: 1)
Sending image list
Pushing repository 127.0.0.1:5000/test_jboss (1 tags)
0757207a8bea: Image successfully pushed
bf839298b71b: Image successfully pushed
15661f85a6fd: Image successfully pushed
d4f8087e2cbc: Image successfully pushed
7aebe5484289: Image successfully pushed
35bd70dfe627: Image successfully pushed
070eee356b7c: Image successfully pushed
6559d408744a: Image successfully pushed
d9406fd1f731: Image successfully pushed
512b1dcc52f6: Image successfully pushed
Pushing tag for rev [512b1dcc52f6] on {http://127.0.0.1:5000/v1/repositories/test_jboss/tags/latest}
从仓储拉取镜像:
先删除所有容器及镜像
[root@docker6 ~]# docker rmi 127.0.0.1:5000/test_jboss
Untagged: 127.0.0.1:5000/test_jboss:latest
[root@docker6 ~]# docker rmi 1qianbao.com/jboss
Untagged: 1qianbao.com/jboss:latest
Deleted: 512b1dcc52f663dcc136570f64793fa1a7f4dbb69024e4704a055ef90104ec6f
Deleted: d9406fd1f7318cd15f0248f8d72dc7945035848867c49350880aaf0b725138a9
Deleted: 6559d408744a0044acb96c6847016f1c2a49d9431b392d6aee10910d33643f81
Deleted: 070eee356b7cdcbdaf894ac47d1587593222e837476b7154a923cc413f8ddc76
Deleted: 35bd70dfe627069114ac98cdd495ddf674f1fc5ddad4318e72f9572475a60c8c
Deleted: 7aebe5484289372c37edf104f26ed76040fa52160b8beb15d3bfdc071383ea13
Deleted: d4f8087e2cbcafff60f4a6bb4f9612c094605cfa2999175b8efb26236d8b7d0a
Deleted: 15661f85a6fd2f7429384634a67a4c317e0474fde7f38e64eef7e28075dbc411
Deleted: bf839298b71b6b9530b992adaba8103e0ca19a0988deb76ea6a1c7e42f980e31
Deleted: 0757207a8bea0e10d2653d1e47af2f5c217e76623cd7ba827ff7747b97b9d3c7
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
[root@docker6 ~]# docker rmi 1qianbao.com/jboss
Untagged: 1qianbao.com/jboss:latest
Deleted: 512b1dcc52f663dcc136570f64793fa1a7f4dbb69024e4704a055ef90104ec6f
Deleted: d9406fd1f7318cd15f0248f8d72dc7945035848867c49350880aaf0b725138a9
Deleted: 6559d408744a0044acb96c6847016f1c2a49d9431b392d6aee10910d33643f81
Deleted: 070eee356b7cdcbdaf894ac47d1587593222e837476b7154a923cc413f8ddc76
Deleted: 35bd70dfe627069114ac98cdd495ddf674f1fc5ddad4318e72f9572475a60c8c
Deleted: 7aebe5484289372c37edf104f26ed76040fa52160b8beb15d3bfdc071383ea13
Deleted: d4f8087e2cbcafff60f4a6bb4f9612c094605cfa2999175b8efb26236d8b7d0a
Deleted: 15661f85a6fd2f7429384634a67a4c317e0474fde7f38e64eef7e28075dbc411
Deleted: bf839298b71b6b9530b992adaba8103e0ca19a0988deb76ea6a1c7e42f980e31
Deleted: 0757207a8bea0e10d2653d1e47af2f5c217e76623cd7ba827ff7747b97b9d3c7
[root@docker6 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
[root@docker6 ~]# docker pull 127.0.0.1:5000/test_jboss
Using default tag: latest
512b1dcc52f6: Pulling dependent layers
0757207a8bea: Downloading [======================> ] 64.03 MB/142.8 MB
0757207a8bea: Pulling metadata
......
如需使用TLS访问仓储可使用nginx在前端做一层代理
docker swarm集群
swarm集群详细文档请参照:https://docs.docker.com/engin…