Docker 入门&错误解决

Docker 是什么?

  • Docker 是一个开源的应用容器引擎,基于 Go 语言 并遵从 Apache2.0 协议开源。
  • Docker 可以让开发者打包他们的应用以及依赖包到一个轻量级、可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。
  • 容器是完全使用沙箱机制,相互之间不会有任何接口(类似 iPhone 的 app),更重要的是容器性能开销极低。

Docker 安装

具体步骤参考=>Docker 文档

(centOS 为例)=>官方 centOS 文档

如果电脑上有旧的 Docker,需要卸载:

$ sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-selinux \
                  docker-engine-selinux \
                  docker-engine

下载安装

推荐使用存储库:

$ sudo yum install -y yum-utils

$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

以上是官方存储库,比较慢,推荐使用以下镜像库:
阿里云:

$ sudo yum-config-manager \
    --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

清华大学镜像库:

$ sudo yum-config-manager \
    --add-repo \
    https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo

安装 Docker 主体

$ sudo yum install docker-ce docker-ce-cli containerd.io

如果弹出询问,请同意

启动 Docker

$ sudo systemctl start docker

测试

运行以下指令来测试 Docker 是否安装成功:

$ sudo docker run hello-world

成功的显示:

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:e7c70bb24b462baa86c102610182e3efcb12a04854e8c582838d92970a09f323
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

Docker 镜像库

推荐:
Docker 官方镜像库网站=>Docker Hub

阿里云镜像仓库=>https://cr.console.aliyun.com/cn-beijing/instances/images

DaoCloud 道客网络=>DaoCloud 镜像市场

Docker 启动、运行与关闭

以下均以部署 CTF 比赛/练习网站:h1ve 为例

如何找到你想要的镜像?

使用search可以以关键词搜索
例如:

docker search [关键词]
docker search h1ve

得到结果:

[root@iz2ze16udoizsbzprdhjgzz ~]# docker search h1ve
NAME                   DESCRIPTION         STARS               OFFICIAL            AUTOMATED
d0g3/h1ve                                  0
d0g3/h1ve-frp                              0
d0g3/h1ve-nginx                            0
lusky0706/h1ve                             0
lusky0706/h1ve-nginx                       0
lusky0706/h1ve-frp                         0

我们要找的就是第一条

拉取(下载)镜像

(如果慢,请换源)

docker pull [镜像名]
docker pull d0g3/h1ve
[root@iz2ze16udoizsbzprdhjgzz ~]# docker pull d0g3/h1ve
Using default tag: latest
latest: Pulling from d0g3/h1ve
aad63a933944: Pull complete
f229563217f5: Pull complete
71ded8122394: Pull complete
807d0888ee2e: Pull complete
95206a02ba21: Pull complete
0e9984f156f6: Pull complete
7e21289905da: Pull complete
cd1f0e7794ba: Pull complete
Digest: sha256:6b14a7429a8729640495af0416ad4988d0aae8ffa475deccd48af46e1fe617c5
Status: Downloaded newer image for d0g3/h1ve:latest
docker.io/d0g3/h1ve:latest

使用容器(非 web 应用)

启动:

docker run -it [镜像名] [命令]

退出:

exit

查看所有容器:

docker ps -a

进入容器:

docker attach <容器id>

删除容器:

docker rm -f <容器id>

使用容器(web 应用)

以 h1ve 为例

1.克隆项目

git clone https://github.com/D0g3-Lab/H1ve.git

国内仓库地址:

git clone https://gitee.com/rdd_233/H1ve.git

2.进入目录

cd H1ve

3.运行

docker-compose -f single.yml up -d

报错解决方式

-bash: docker-compose: 未找到命令

-bash: docker-compose: 未找到命令

安装 docker-compose

pip install docker-compose

等待安装完成显示下列提示及安装成功:

pyrsistent requires Python '>=3.5' but the running Python is 2.7.5

pyrsistent requires Python '>=3.5' but the running Python is 2.7.5
You are using pip version 9.0.1, however version 20.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
pip install --upgrade pip

ERROR: Package 'pyrsistent' requires a different Python: 2.7.5 not in '>=3.5'

ERROR: Package 'pyrsistent' requires a different Python: 2.7.5 not in '>=3.5'

查看版本:

pip install pyrsistent==?

更新 pyrsistent:

pip install pyrsistent==0.15.0

Python 2.7 reached the end of its life on January 1st

DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.

1.安装编译环境:

yum install gcc-c++ gcc make cmake zlib-devel bzip2-devel openssl-devel ncurse-devel libffi-devel -y

2.进入目录:

cd /tmp

3.下载 python3.7.3 安装包:

wget https://www.python.org/ftp/python/3.7.3/Python-3.7.3.tar.xz

4.解压:

tar Jxvf Python-3.7.3.tar.xz

5.进入目录:

cd Python-3.7.3

6.创建目录:

mkdir -p /usr/local/python3

7.配置:

./configure --prefix=/usr/local/python3 --enable-optimizations

8.安装:

make && make install

9.创建链接

ln -s /usr/local/python3/bin/python3.7 /usr/bin/python
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip

10.查看是否修改成功

python -v

出现以下即为成功(在一大段文字中间)(时间为当前时间):

Python 3.7.3 (default, Dec  5 2020, 11:48:33)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.

11.修改 yum

修改这几个:

vim /usr/bin/yum
vim /usr/libexec/urlgrabber-ext-down
vim /usr/sbin/firewalld
vim /usr/bin/firewall-cmd

修改这几个文件(vim 编辑方式见=>这个
将头部改为

#! /usr/bin/python2.7

归档文件中异常的 EOF

tar:归档文件中异常的 EOF

重新下载压缩包,或更换其他版本

ERROR: Command errored out with exit status 1:

 ERROR: Command errored out with exit status 1:
跟一大段红...
yum install gcc libffi-devel python-devel openssl-devel -y

ReadTimeoutError: HTTPSConnectionPool(host='pypi.python.org', port=443): Read timed out

ReadTimeoutError: HTTPSConnectionPool(host='pypi.python.org', port=443): Read timed out
pip --default-timeout=200 install -U docker-compose

....python2.7......

类似这样:

/usr/lib/python2.7/site-packages/paramiko/transport.py:33: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release.
  from cryptography.hazmat.backends import default_backend
Traceback (most recent call last):
  File "/usr/bin/docker-compose", line 5, in <module>
    from compose.cli.main import main
  File "/usr/lib/python2.7/site-packages/compose/cli/main.py", line 24, in <module>
    from ..config import ConfigurationError
  File "/usr/lib/python2.7/site-packages/compose/config/__init__.py", line 6, in <module>
    from .config import ConfigurationError
  File "/usr/lib/python2.7/site-packages/compose/config/config.py", line 51, in <module>
    from .validation import match_named_volumes
  File "/usr/lib/python2.7/site-packages/compose/config/validation.py", line 12, in <module>
    from jsonschema import Draft4Validator
  File "/usr/lib/python2.7/site-packages/jsonschema/__init__.py", line 33, in <module>
    import importlib_metadata as metadata
  File "/usr/lib/python2.7/site-packages/importlib_metadata/__init__.py", line 16, in <module>
    from ._compat import (
  File "/usr/lib/python2.7/site-packages/importlib_metadata/_compat.py", line 20, in <module>
    from backports.configparser import ConfigParser
ImportError: No module named configparser

解决方法:
列出所有 docker 包

pip list|grep docker
docker                             4.4.0
docker-compose                     1.26.2
dockerpty                          0.4.1

卸载这些包

pip uninstall <包名>

重新安装:

pip install docker-compose==1.23.2 -i http://pypi.douban.com/simple/ --trusted-host pypi.douban.com

参考博客:

一次 docker-compose 升级问题排查
搭建 H1ve-ctfd 以及如何部署题目
CTF 靶场搭建-H1ve


kamuXiY