Docker Client可以通过API或Socket连接到Docker Server(守护进程),下面介绍如何配置Docker守护进程从而支持Docker Client的连接。
Docker 的C/S模式
user <-> docker client 客户端 <-命令与执行结果-> docker server 守护进程
Remote API
RESTful 风格API
STDIN、STDOUT、STDERROR
user <-> docker client 客户端 <-remote api-> docker server 守护进程
Docker 官方的 Remote API Reference:
https://docs.docker.com/develop/sdk/
连接方式
- unix:///var/run/docker.sock # 默认
- tcp://host:port
- fd://sockedfd
user <-> docker client 客户端 <-socket-> docker server 守护进程
ps -ef | grep docker
docker version
[root@xiexianbin_cn ~]# nc -U /var/run/docker.sock
GET /info HTTP/1.0
HTTP/1.0 200 OK
Api-Version: 1.32
Content-Type: application/json
Docker-Experimental: false
Ostype: linux
Server: Docker/17.09.1-ce (linux)
Date: Sun, 17 Dec 2017 06:09:41 GMT
{"ID":"6G27:SBCK:TKAI:V753:UMKB:F32I:ZB3T:X5OF:NWKP:F4O4:LEGX:6HP6","Containers":0,"ContainersRunning":0,"ContainersPaused":0,"ContainersStopped":0,"Images":1,"Driver":"overlay","DriverStatus":[["Backing Filesystem","xfs"],["Supports d_type","true"]],"SystemStatus":null,"Plugins":{"Volume":["local"],"Network":["bridge","host","macvlan","null","overlay"],"Authorization":null,"Log":["awslogs","fluentd","gcplogs","gelf","journald","json-file","logentries","splunk","syslog"]},"MemoryLimit":true,"SwapLimit":true,"KernelMemory":true,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CPUShares":true,"CPUSet":true,"IPv4Forwarding":true,"BridgeNfIptables":true,"BridgeNfIp6tables":true,"Debug":false,"NFd":19,"OomKillDisable":true,"NGoroutines":29,"SystemTime":"2017-12-17T01:09:41.723696777-05:00","LoggingDriver":"json-file","CgroupDriver":"cgroupfs","NEventsListener":0,"KernelVersion":"3.10.0-514.el7.x86_64","OperatingSystem":"CentOS Linux 7 (Core)","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","RegistryConfig":{"AllowNondistributableArtifactsCIDRs":[],"AllowNondistributableArtifactsHostnames":[],"InsecureRegistryCIDRs":["127.0.0.0/8"],"IndexConfigs":{"docker.io":{"Name":"docker.io","Mirrors":["https://i71btyn2.mirror.aliyuncs.com/"],"Secure":true,"Official":true}},"Mirrors":["https://i71btyn2.mirror.aliyuncs.com/"]},"NCPU":2,"MemTotal":6137266176,"GenericResources":null,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":"","Name":"localhost.localdomain","Labels":null,"ExperimentalBuild":false,"ServerVersion":"17.09.1-ce","ClusterStore":"","ClusterAdvertise":"","Runtimes":{"runc":{"path":"docker-runc"}},"DefaultRuntime":"runc","Swarm":{"NodeID":"","NodeAddr":"","LocalNodeState":"inactive","ControlAvailable":false,"Error":"","RemoteManagers":null},"LiveRestoreEnabled":false,"Isolation":"","InitBinary":"docker-init","ContainerdCommit":{"ID":"06b9cb35161009dcb7123345749fef02f7cea8e0","Expected":"06b9cb35161009dcb7123345749fef02f7cea8e0"},"RuncCommit":{"ID":"3f2f8b84a77f73d38244dd690525642a72156c64","Expected":"3f2f8b84a77f73d38244dd690525642a72156c64"},"InitCommit":{"ID":"949e6fa","Expected":"949e6fa"},"SecurityOptions":["name=seccomp,profile=default"]}
Docker 守护进程的配置和操作
查看守护进程
ps -ef | grep docker
sudo status docker
使用 systemctl 命令管理
systemctl start docker
systemctl stop docker
systemctl status docker
Docker 的启动选项
docker -d [OPTIONS]
运行相关:
-D, --debug=false
-e, --exec-driver="native"
-g, --graph="/var/lib/docker"
--icc=true
-l,--log-level="info"
--label=[]
-p, --pidfile="/var/run/docker.pid"
Docker服务器连接相关:
-G, --group="docker"
-H, --host=[]
--tls=false
--tlscacert=".docker/ca.pem"
--tlscert=".docker/cert.pem"
--tlskey=".docker/key.pem"
--tlsverify=false
RemoteAPI 相关:
--api-enable-cors=false
存储相关:
-s,storage-driver=""
--selinux-enabled=false
--storage-opt=[]
registry相关:
--insecure-registry=[]
--registry-mirror=[]
网络设置相关:
--ip=0.0.0.0
--ip-forward=true
--ip-masq=true
--iptalbes=true
--ipv6=false
--mtu=0
Docker 启动配置文件
/etc/default/docker
DOCKER_OPTS=" Lable k1=v1"
systemctl restart docker
ps -ef | grep docker
docker info
Docker的远程访问
环境准备
- 第二天安装Docker的服务器
- 修改Docker守护进程启动选项,区别服务器
- 保证client API 与 server API 版本一致
docker 服务端口:2375
使用环境变量
export DOCKER_HOST="tcp://ip:2375"
docker info
docker 的 -H 可以保存多个参数值