Docker-java 在java中连接Docker (一)--简单连接

黄涵畅
2023-12-01

环境

centos7

开始

想要在java中还是在其他方式访问dockerAPI都需要设置一个端口

运行以下命令:进入docker.service

vi /lib/systemd/system/docker.service

找到Execstart=/usr/bin/dockerd后加上-H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock  退出并且保存

运行以下命令:

systemctl daemon-reload

service docker restart//重启启动docker

systemctl stats docker//可以查看相关内容,看看2375是否已经设置好

运行:netstat -nlp |grep 2375 可以查看2375是否已经被监听

如果你是阿里的云服务器这种,应该需要在安全组中加入2375或者其他的操作。

如果是在本地搭建的虚拟机,则需要把防火墙关闭或者在防火墙中开启相应端口以供外部使用(我用的是centos7)以下引用的是:https://www.cnblogs.com/moxiaoan/p/5683743.html 此博文详细介绍了如何在防火墙中添加一个端口

1.
启动: systemctl start firewalld
关闭: systemctl stop firewalld
查看状态: systemctl status firewalld 
开机禁用  : systemctl disable firewalld
开机启用  : systemctl enable firewalld
那怎么开启一个端口呢
添加
firewall-cmd --zone=public --add-port=2375/tcp --permanent    (--permanent永久生效,没有此参数重启后失效)
重新载入
firewall-cmd --reload
查看
firewall-cmd --zone= public --query-port=2375/tcp
删除
firewall-cmd --zone= public --remove-port=2375/tcp --permanent

2.systemctl是CentOS7的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体。
启动一个服务:systemctl start firewalld.service
关闭一个服务:systemctl stop firewalld.service
重启一个服务:systemctl restart firewalld.service
显示一个服务的状态:systemctl status firewalld.service
在开机时启用一个服务:systemctl enable firewalld.service
在开机时禁用一个服务:systemctl disable firewalld.service
查看服务是否开机启动:systemctl is-enabled firewalld.service
查看已启动的服务列表:systemctl list-unit-files|grep enabled
查看启动失败的服务列表:systemctl --failed

3.配置firewalld-cmd

查看版本: firewall-cmd --version
查看帮助: firewall-cmd --help
显示状态: firewall-cmd --state
查看所有打开的端口: firewall-cmd --zone=public --list-ports
更新防火墙规则: firewall-cmd --reload
查看区域信息:  firewall-cmd --get-active-zones
查看指定接口所属区域: firewall-cmd --get-zone-of-interface=eth0
拒绝所有包:firewall-cmd --panic-on
取消拒绝状态: firewall-cmd --panic-off
查看是否拒绝: firewall-cmd --query-panic

这时可以通过java来访问docker了,或者可以在浏览器的地址栏中访问docker了

在浏览器地址栏中访问:http://xxx.xxx.xxx.xxx:2375/info 返回的数据是以json的格式展示 ,IP地址为centos机器的IP地址,如果是云服务器则是公网IP地址。

具体在地址栏中还有哪些操作可以参考官方文档:https://docs.docker.com/engine/api/v1.29/#operation/ContainerAttach

{"ID":"MID4:FUBP:XWQB:TBNV:LPLN:IUIU:32MG:HBYM:6O2K:HBUW:257R:7DY4","Containers":1,"ContainersRunning":0,"ContainersPaused":0,"ContainersStopped":1,"Images":1,"Driver":"overlay2","DriverStatus":[["Backing Filesystem","xfs"],["Supports d_type","true"],["Native Overlay Diff","true"]],"SystemStatus":null,"Plugins":{"Volume":["local"],"Network":["bridge","host","macvlan","null","overlay"],"Authorization":null,"Log":["awslogs","fluentd","gcplogs","gelf","journald","json-file","logentries","splunk","syslog"]},"MemoryLimit":true,"SwapLimit":true,"KernelMemory":true,"CpuCfsPeriod":true,"CpuCfsQuota":true,"CPUShares":true,"CPUSet":true,"IPv4Forwarding":true,"BridgeNfIptables":true,"BridgeNfIp6tables":true,"Debug":false,"NFd":25,"OomKillDisable":true,"NGoroutines":48,"SystemTime":"2018-08-30T10:31:01.298068483+08:00","LoggingDriver":"json-file","CgroupDriver":"cgroupfs","NEventsListener":0,"KernelVersion":"3.10.0-862.el7.x86_64","OperatingSystem":"CentOS Linux 7 (Core)","OSType":"linux","Architecture":"x86_64","IndexServerAddress":"https://index.docker.io/v1/","RegistryConfig":{"AllowNondistributableArtifactsCIDRs":[],"AllowNondistributableArtifactsHostnames":[],"InsecureRegistryCIDRs":["127.0.0.0/8"],"IndexConfigs":{"docker.io":{"Name":"docker.io","Mirrors":["https://tpp5ie36.mirror.aliyuncs.com/"],"Secure":true,"Official":true}},"Mirrors":["https://tpp5ie36.mirror.aliyuncs.com/"]},"NCPU":4,"MemTotal":1910075392,"GenericResources":null,"DockerRootDir":"/var/lib/docker","HttpProxy":"","HttpsProxy":"","NoProxy":"","Name":"ywh","Labels":[],"ExperimentalBuild":false,"ServerVersion":"18.06.1-ce","ClusterStore":"","ClusterAdvertise":"","Runtimes":{"runc":{"path":"docker-runc"}},"DefaultRuntime":"runc","Swarm":{"NodeID":"","NodeAddr":"","LocalNodeState":"inactive","ControlAvailable":false,"Error":"","RemoteManagers":null},"LiveRestoreEnabled":false,"Isolation":"","InitBinary":"docker-init","ContainerdCommit":{"ID":"468a545b9edcd5932818eb9de8e72413e616e86e","Expected":"468a545b9edcd5932818eb9de8e72413e616e86e"},"RuncCommit":{"ID":"69663f0bd4b60df09991c08812a60108003fa340","Expected":"69663f0bd4b60df09991c08812a60108003fa340"},"InitCommit":{"ID":"fec3683","Expected":"fec3683"},"SecurityOptions":["name=seccomp,profile=default"]}

在java中访问:

在Docker官方文档有介绍:https://docs.docker.com/develop/sdk/#unofficial-libraries 翻到最后可以看到有一些不是官方的(Unofficial libraries)

我用的是java语言(docker-java),可相应的选择不同语言

首先在docker-java的github上官方推荐的连接方式:https://github.com/docker-java/docker-java

docker-java推荐使用maven项目引入相关的jar包依赖:

<dependency>
      <groupId>com.github.docker-java</groupId>
      <artifactId>docker-java</artifactId>
      <!-- use latest version https://github.com/docker-java/docker-java/releases -->
      <version>3.X.Y</version>
</dependency>

但是我的项目是普通的javaweb项目,所以无法使用maven来进行管理和下载jar包,我尝试建立一个新的maven项目把docker-java相关jar包下载好以后在本地仓库中一一放到我的项目中,这样也可以来使用docker-java(大概是48个jar包,有点多啊。。)

如果你想通过最简单的方式连接docker-api的时候只需要在你的宿主机上设置端口然后使用以下连接方式,我设置的是2375端口号

DockerClient dockerClient = DockerClientBuilder.getInstance("tcp://xxx.xxx.xxx.xxx:2375").build();
Info info = dockerClient.infoCmd().exec();
System.out.println(info);

这种最简单的连接方式是有漏洞的,存在暴露端口的危害,更安全的连接方式请查看我下一篇文章

 类似资料: