Docker 札记

奇技淫巧

境内快速安装docker环境

# curl  -sSfL get.docker.io -o get_docker.sh
# bash  get_docker.sh --mirror Aliyun

官方的安装脚本中,只支持两个加速镜像:

  • AzureChinaCloud
  • Aliyun

docker卷使用例子

比如数据目录挂载目录为/data,将redis的数据目录挂载至/data/dbs/redis,可以通过以下思路来实现:

  1. 创建数据存储
docker volume create --name redis-vol -o type=none -o device=/data/dbs/redis -o o=bind
  1. 创建docker-compose
version: '2.3'
services:
  redis:
    image: redis:latest
    container_name: redis-server
    restart: always
    networks:
	  - redis
    volumes:
      - redis-vol:/data
    ports:
      - "6379:6379"
    command: redis-server --appendonly yes --requirepass "H3yuncom"

volumes:
  redis-vol:
      external: true

networks:
  redis:
    external:
      name: redis-net
	  
# docker network create --driver=bridge --subnet 10.88.1.0/25 --gateway 10.88.1.1 --opt "com.docker.network.bridge.name"="br0" redis-net

使用自定义网桥

创建网桥

yum -y install bridge-utils  # RHEL
apt-get install bridge-utils # Debian


删除docker0网桥

ip link set docker0 down
brctl delbr docker0
iptables -t nat -F POSTROUTING

自定网桥

{
  "bridge": "br0",
  "bip": "192.168.1.5/24",
  "fixed-cidr": "192.168.1.5/25",
  "mtu": 1500,
  "default-gateway": "10.20.1.1",
  "dns": ["10.20.1.2","10.20.1.3"]
}

常见错误

/tmp目录无exec 权限导致docker-compose 库不能正常加载

$ docker-compose ps
docker-compose: error while loading shared libraries: libz.so.1: failed to map segment from shared object: Operation not permitted

解决:

sudo mount /tmp -o remount,exec