Docker学习(3)

Docker的安装

linux上安装Docker

• 基于Ubuntu版本的安装

• 网址：get.docker.com

$ wget -qO- https://get.docker.com/ | sh
# Executing docker install script, commit: f45d7c11389849ff46a6b4d94e0dd1ffebca32c1
+ sudo -E sh -c apt-get update -qq >/dev/null
+ sudo -E sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq apt-transport-https ca-certificates curl >/dev/null
+ sudo -E sh -c curl -fsSL "https://download.docker.com/linux/ubuntu/gpg" | apt-key add -qq - >/dev/null
+ sudo -E sh -c echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable" > /etc/apt/sources.list.d/docker.list
+ sudo -E sh -c apt-get update -qq >/dev/null
+ [ -n  ]
+ sudo -E sh -c apt-get install -y -qq --no-install-recommends docker-ce >/dev/null
+ sudo -E sh -c docker version
Client: Docker Engine - Community
 Version:           19.03.4
 API version:       1.40
 Go version:        go1.12.10
 Git commit:        9013bf583a
 Built:             Fri Oct 18 15:53:51 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.4
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.10
  Git commit:       9013bf583a
  Built:            Fri Oct 18 15:52:23 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.10
  GitCommit:        b34a5c8af56e510852c35414db4c1f4fa6172339
 runc:
  Version:          1.0.0-rc8+dev
  GitCommit:        3e425f80a8c931f88e6d94a8c831b9d5aa481657
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:

  sudo usermod -aG docker lhf

Remember that you will have to log out and back in for this to take effect!

WARNING: Adding a user to the "docker" group will grant the ability to run
         containers which can be used to obtain root privileges on the
         docker host.
         Refer to https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
         for more information.
lhf@lhf-virtual-machine:~$ sudo usermod -aG docker lhf

• 最后通过非root用户使用docker

$ sudo usermod -aG docker lhf
$ cat /etc/group | grep docker
docker:x:1001:lhf

• 查看docker是否安装成功

$ docker --version
Docker version 19.03.4, build 9013bf583a
$ docker system info
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.4
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
 runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
 init version: fec3683
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 4.15.0-45-generic
 Operating System: Ubuntu 16.04.6 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 962MiB
 Name: lhf-virtual-machine
 ID: LL5Q:6LHC:TMPA:IB7U:5OPG:4VFR:QZBL:TSVF:GC6J:CDPT:OIAD:7UGQ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No swap limit support

docker引擎(Engine)升级

• 需要重视升级操作的每个前置条件
• 包括容器配置了正确的重启策略
• 引擎的具体操作步骤

1. 停止docker守护进程
2. 移除旧版本dcoker
3. 安装新版docker
4. 配置新版本的docker为开机自启
5. 确保容器重启成功

在ubuntu16.4上升级Docker CE

• 查看版本

$ cat /etc/issue
Ubuntu 16.04.6 LTS \n \l

• 更新APT包列表

$ sudo apt-get update

• 卸载当前的docker

$ sudo apt-get remove -y docker docker-engine docker-ce docker.io

• 安装最近版的docker

$ wget -qO- https://get.docker.com/ | sh

• 将docker设置为开机自启动

$ sudo systemctl enable docker
Synchronizing state of docker.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable docker
$ sudo systemctl is-enabled docker
enabled

• 检查并确保每个容器和服务都已经重启成功

$ docker container ls
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
lhf@lhf-virtual-machine:~$ docker service ls

Docker存储驱动的选择

• 每个docker容器都有一个本地存储空间，用于保存层叠的镜像层以及挂载的容器文件系统。
• 默认情况下，容器的所有读写操作都发生在其镜像层或挂载的文件系统中，所以存储是容器的性能和稳定性的关键。
• 本地存储是通过存储驱动进行管理的。
• 存储驱动在上层抽象设计中都在采用了栈式镜像层和写时复制(Copy-on-Write)的设计思想，但是docker在linux底层支持几种不同的存储驱动的具体实现。
• 在linux上docker的存储驱动包括：AUFS、Ocerlay2、Device Mapper 、 btrfs 和ZFS
• 存储驱动的选择是 节点级别 的，所以每个docker主机只能选择一种存储驱动。

• 修改存储引擎配置

$ cat /etc/docker/deamon.json
{
    "storage-driver": "overlay2"
}

Device Mapper配置

• 存储驱动一般不需要或者很少配置
• Device Mapper需要合理的配置才能表现良好的性能
• 为了达到Device Mapper在生产环境中的最佳性能，需要将底层实现修改direct-lvm的模式
• direct-lvm这种模式通过使用基于裸块设备(Raw Block Device)的LVM精简池(LVM thin pool)来获得更好的性能。