第一阶段:基本篇\01.Docker基本概念和框架等\05.Docker客户端和守护进程

Docker 的C/S模式

user <-> docker client 客户端 <-命令与执行结果-> docker server 守护进程

Remote API

RESTful 风格API STDIN、STDOUT、STDERROR

user <-> docker client 客户端 <-remote api-> docker server 守护进程

Docker 官方的 Remote API Reference:

https://docs.docker.com/develop/sdk/

连接方式

  • unix:///var/run/docker.sock # 默认
  • tcp://host:port
  • fd://sockedfd
user <-> docker client 客户端 <-socket-> docker server 守护进程
ps -ef | grep docker
docker version
[root@xiexianbin_cn ~]# nc -U /var/run/docker.sock 
GET /info HTTP/1.0

HTTP/1.0 200 OK
Api-Version: 1.32
Content-Type: application/json
Docker-Experimental: false
Ostype: linux
Server: Docker/17.09.1-ce (linux)
Date: Sun, 17 Dec 2017 06:09:41 GMT

{"ID":"6G27:SBCK:TKAI:V753:UMKB:F32I:ZB3T:X5OF:NWKP:F4O4:LEGX:6HP6","Containers":0,"ContainersRunning":0,"ContainersPaused":0,"ContainersStopped":0,"Images":1,"Driver":"overlay","DriverStatus":[["Backing Filesystem","xfs"],["Supports d_type","true"]],"SystemStatus":null,"Plugins":{"Volume":["local"],"Network":["bridge","host","macvlan","null","overlay"],"Authorization":null,"Log":["awslogs","fluentd","gcplogs","gelf","journald","json-file","logentries","splunk","syslog"]},"MemoryLimit":true,"SwapLimit":true,"KernelMemory":true,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CPUShares":true,"CPUSet":true,"IPv4Forwarding":true,"BridgeNfIptables":true,"BridgeNfIp6tables":true,"Debug":false,"NFd":19,"OomKillDisable":true,"NGoroutines":29,"SystemTime":"2017-12-17T01:09:41.723696777-05:00","LoggingDriver":"json-file","CgroupDriver":"cgroupfs","NEventsListener":0,"KernelVersion":"3.10.0-514.el7.x86_64","OperatingSystem":"CentOS Linux 7 (Core)","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","RegistryConfig":{"AllowNondistributableArtifactsCIDRs":[],"AllowNondistributableArtifactsHostnames":[],"InsecureRegistryCIDRs":["127.0.0.0/8"],"IndexConfigs":{"docker.io":{"Name":"docker.io","Mirrors":["https://i71btyn2.mirror.aliyuncs.com/"],"Secure":true,"Official":true}},"Mirrors":["https://i71btyn2.mirror.aliyuncs.com/"]},"NCPU":2,"MemTotal":6137266176,"GenericResources":null,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":"","Name":"localhost.localdomain","Labels":null,"ExperimentalBuild":false,"ServerVersion":"17.09.1-ce","ClusterStore":"","ClusterAdvertise":"","Runtimes":{"runc":{"path":"docker-runc"}},"DefaultRuntime":"runc","Swarm":{"NodeID":"","NodeAddr":"","LocalNodeState":"inactive","ControlAvailable":false,"Error":"","RemoteManagers":null},"LiveRestoreEnabled":false,"Isolation":"","InitBinary":"docker-init","ContainerdCommit":{"ID":"06b9cb35161009dcb7123345749fef02f7cea8e0","Expected":"06b9cb35161009dcb7123345749fef02f7cea8e0"},"RuncCommit":{"ID":"3f2f8b84a77f73d38244dd690525642a72156c64","Expected":"3f2f8b84a77f73d38244dd690525642a72156c64"},"InitCommit":{"ID":"949e6fa","Expected":"949e6fa"},"SecurityOptions":["name=seccomp,profile=default"]}

Docker 守护进程的配置和操作

查看守护进程

ps -ef | grep docker
sudo status docker

使用 systemctl 命令管理

systemctl start docker
systemctl stop docker
systemctl status docker

Docker 的启动选项

docker -d [OPTIONS]

运行相关:

-D, --debug=false
 -e, --exec-driver="native"
 -g, --graph="/var/lib/docker"
 --icc=true
 -l,--log-level="info"
 --label=[]
 -p, --pidfile="/var/run/docker.pid"

Docker服务器连接相关:

 -G, --group="docker"
 -H, --host=[]
 --tls=false
 --tlscacert=".docker/ca.pem"
 --tlscert=".docker/cert.pem"
 --tlskey=".docker/key.pem"
 --tlsverify=false

RemoteAPI 相关:

--api-enable-cors=false

存储相关:

-s,storage-driver=""
--selinux-enabled=false
--storage-opt=[]

registry相关:

--insecure-registry=[]
--registry-mirror=[]

网络设置相关:

--ip=0.0.0.0
--ip-forward=true
--ip-masq=true
--iptalbes=true
--ipv6=false
--mtu=0

Docker 启动配置文件

/etc/default/docker

DOCKER_OPTS="    Lable k1=v1"
systemctl restart docker
ps -ef | grep docker
docker info

Docker的远程访问

环境准备

  • 第二天安装Docker的服务器
  • 修改Docker守护进程启动选项,区别服务器
  • 保证client API 与 server API 版本一致

docker 服务端口:2375

使用环境变量

export DOCKER_HOST=”tcp://ip:2375”

docker info

docker 的 -H 可以保存多个参数值