-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathdocker.html
More file actions
218 lines (192 loc) · 67.6 KB
/
docker.html
File metadata and controls
218 lines (192 loc) · 67.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
<!DOCTYPE html>
<html lang="zh-CN" data-theme="light">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<meta name="generator" content="VuePress 2.0.0-beta.53" />
<meta name="theme" content="VuePress Theme Hope" />
<meta property="og:url" content="https://wintrysec.github.io/docker.html"><meta property="og:site_name" content="网络安全知识库"><meta property="og:title" content="Git手册 & Docker微服务构建"><meta property="og:type" content="article"><meta property="og:locale" content="zh-CN"><link rel="icon" href="/favicon.ico"><link rel="icon" href="/assets/icon/chrome-mask-512.png" type="image/png" sizes="512x512"><link rel="icon" href="/assets/icon/chrome-mask-192.png" type="image/png" sizes="192x192"><link rel="icon" href="/assets/icon/chrome-512.png" type="image/png" sizes="512x512"><link rel="icon" href="/assets/icon/chrome-192.png" type="image/png" sizes="192x192"><link rel="manifest" href="/manifest.webmanifest" crossorigin="use-credentials"><meta name="theme-color" content="#46bd87"><link rel="apple-touch-icon" href="/assets/icon/apple-icon-152.png"><meta name="apple-mobile-web-app-capable" content="yes"><meta name="apple-mobile-web-app-status-bar-style" content="black"><meta name="msapplication-TileImage" content="/assets/icon/ms-icon-144.png"><meta name="msapplication-TileColor" content="#ffffff"><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, viewport-fit=cover"><title>Git手册 & Docker微服务构建 | 网络安全知识库</title><meta name="description" content="网络安全知识库,渗透测试,web安全,攻防对抗,安全开发,golang,vue3,sqlmap,burpsuite,sql注入,nmap,metasploit,cobaltstrike">
<style>
:root {
--bg-color: #fff;
}
html[data-theme="dark"] {
--bg-color: #1d2025;
}
html,
body {
background: var(--bg-color);
}
</style>
<script>
const userMode = localStorage.getItem("vuepress-theme-hope-scheme");
const systemDarkMode =
window.matchMedia &&
window.matchMedia("(prefers-color-scheme: dark)").matches;
if (userMode === "dark" || (userMode !== "light" && systemDarkMode)) {
document.querySelector("html").setAttribute("data-theme", "dark");
}
</script>
<link rel="preload" href="/assets/style.9d4e7cd8.css" as="style" /><link rel="stylesheet" href="/assets/style.9d4e7cd8.css" />
<link rel="modulepreload" href="/assets/app.3b9f01e1.js"><link rel="modulepreload" href="/assets/docker.html.eac580a1.js"><link rel="modulepreload" href="/assets/_plugin-vue_export-helper.cdc0426e.js"><link rel="modulepreload" href="/assets/docker.html.28a503e8.js">
</head>
<body>
<div id="app"><!--[--><!--[--><!--[--><span tabindex="-1"></span><a href="#main-content" class="skip-link sr-only">Skip to content</a><!--]--><div class="theme-container no-sidebar has-toc"><!--[--><!--[--><header class="navbar"><div class="navbar-left"><button class="toggle-sidebar-button" title="Toggle Sidebar"><span class="icon"></span></button><!--[--><!----><!--]--><a href="/" class="brand"><img class="logo" src="/logo.svg" alt="网络安全知识库"><!----><span class="site-name hide-in-pad">网络安全知识库</span></a><!--[--><!----><!--]--></div><div class="navbar-center"><!--[--><!----><!--]--><nav class="nav-links"><div class="nav-item hide-in-mobile"><a href="/" class="nav-link" aria-label="项目主页"><span class="icon iconfont icon-home"></span>项目主页<!----></a></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="计算机网络"><span class="title"><span class="icon iconfont icon-router"></span>计算机网络</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/network/tcp.html" class="nav-link" aria-label="TCP/IP"><!---->TCP/IP<!----></a></li><li class="dropdown-item"><a href="/network/http.html" class="nav-link" aria-label="HTTP"><!---->HTTP<!----></a></li><li class="dropdown-item"><a href="/network/https.html" class="nav-link" aria-label="HTTPS"><!---->HTTPS<!----></a></li><li class="dropdown-item"><a href="/network/dns.html" class="nav-link" aria-label="DNS"><!---->DNS<!----></a></li><li class="dropdown-item"><a href="/network/IP%E7%9B%B8%E5%85%B3%E5%8D%8F%E8%AE%AE.html" class="nav-link" aria-label="IP相关协议"><!---->IP相关协议<!----></a></li><li class="dropdown-item"><a href="/network/Wireshark.html" class="nav-link" aria-label="Wireshark抓包"><!---->Wireshark抓包<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="Linux系统"><span class="title"><span class="icon iconfont icon-linux"></span>Linux系统</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/Linux%E6%9B%B4%E6%8D%A2%E6%9B%B4%E6%96%B0%E6%BA%90.html" class="nav-link" aria-label="Linux更换更新源"><!---->Linux更换更新源<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/Linux%E5%B8%B8%E7%94%A8%E5%91%BD%E4%BB%A4.html" class="nav-link" aria-label="Linux常用命令"><!---->Linux常用命令<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/%E7%94%A8%E6%88%B7%E7%AE%A1%E7%90%86.html" class="nav-link" aria-label="用户管理"><!---->用户管理<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/%E8%BF%9B%E7%A8%8B%E7%AE%A1%E7%90%86.html" class="nav-link" aria-label="进程管理"><!---->进程管理<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/%E7%BD%91%E7%BB%9C%E7%AE%A1%E7%90%86.html" class="nav-link" aria-label="网络管理"><!---->网络管理<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/%E8%AE%A1%E5%88%92%E4%BB%BB%E5%8A%A1.html" class="nav-link" aria-label="计划任务"><!---->计划任务<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/%E5%BC%80%E6%9C%BA%E5%90%AF%E5%8A%A8%E9%A1%B9.html" class="nav-link" aria-label="开机启动项"><!---->开机启动项<!----></a></li><li class="dropdown-item"><a href="/Linux%E7%B3%BB%E7%BB%9F/Linux%E5%AE%88%E6%8A%A4%E8%BF%9B%E7%A8%8B.html" class="nav-link" aria-label="Linux守护进程"><!---->Linux守护进程<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="Web安全"><span class="title"><span class="icon iconfont icon-chrome"></span>Web安全</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="SQL注入漏洞"><!---->SQL注入漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/XSS%E8%B7%A8%E7%AB%99%E8%84%9A%E6%9C%AC%E6%94%BB%E5%87%BB.html" class="nav-link" aria-label="XSS跨站脚本攻击"><!---->XSS跨站脚本攻击<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="文件上传漏洞"><!---->文件上传漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/%E6%96%87%E4%BB%B6%E5%8C%85%E5%90%AB%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="文件包含漏洞"><!---->文件包含漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="命令执行漏洞"><!---->命令执行漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="请求伪造漏洞"><!---->请求伪造漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/XXE%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="XXE注入漏洞"><!---->XXE注入漏洞<!----></a></li><li class="dropdown-item"><a href="/Web%E5%AE%89%E5%85%A8/%E9%80%BB%E8%BE%91%E6%BC%8F%E6%B4%9E.html" class="nav-link" aria-label="会话劫持和会话固定漏洞"><!---->会话劫持和会话固定漏洞<!----></a></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="武器库"><span class="title"><span class="icon iconfont icon-frame"></span>武器库</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><h4 class="dropdown-subtitle"><span>在线工具</span></h4><ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="https://xssor.io/" rel="noopener noreferrer" target="_blank" aria-label="XSS'OR" class="nav-link"><span class="icon iconfont icon-dart"></span>XSS'OR<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-subitem"><a href="https://www.revshells.com/" rel="noopener noreferrer" target="_blank" aria-label="反弹shell" class="nav-link"><span class="icon iconfont icon-creative"></span>反弹shell<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-subitem"><a href="https://www.shentoushi.top/av/av.php" rel="noopener noreferrer" target="_blank" aria-label="杀软比对" class="nav-link"><span class="icon iconfont icon-discover"></span>杀软比对<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-subitem"><a href="https://wintrysec.github.io/ChaVuln/" rel="noopener noreferrer" target="_blank" aria-label="Goby红队漏洞库" class="nav-link"><span class="icon iconfont icon-debug"></span>Goby红队漏洞库<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li></ul></li><li class="dropdown-item"><h4 class="dropdown-subtitle"><span>渗透神器</span></h4><ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="/tools/../fscan.html" rel="noopener noreferrer" target="_blank" aria-label="fscan" class="nav-link"><span class="icon iconfont icon-anonymous"></span>fscan<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></li><li class="dropdown-subitem"><a href="/tools/nuclei.html" class="nav-link" aria-label="nuclei"><!---->nuclei<!----></a></li><li class="dropdown-subitem"><a href="/tools/nmap.html" class="nav-link" aria-label="nmap"><!---->nmap<!----></a></li><li class="dropdown-subitem"><a href="/tools/SQLmap.html" class="nav-link" aria-label="SQLmap"><!---->SQLmap<!----></a></li><li class="dropdown-subitem"><a href="/tools/BurpSuite.html" class="nav-link" aria-label="BurpSuite"><!---->BurpSuite<!----></a></li><li class="dropdown-subitem"><a href="/tools/CobaltStrike.html" class="nav-link" aria-label="CobaltStrike"><!---->CobaltStrike<!----></a></li></ul></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="攻防对抗"><span class="title"><span class="icon iconfont icon-hot"></span>攻防对抗</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><h4 class="dropdown-subtitle"><span>攻击方</span></h4><ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E4%BA%92%E8%81%94%E7%BD%91%E4%BE%A7%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86.html" class="nav-link" aria-label="互联网侧信息收集"><!---->互联网侧信息收集<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/Getshell%E6%9D%83%E9%99%90%E8%8E%B7%E5%8F%96.html" class="nav-link" aria-label="Getshell权限获取"><!---->Getshell权限获取<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87-Linux.html" class="nav-link" aria-label="权限提升-Linux"><!---->权限提升-Linux<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87-Windows.html" class="nav-link" aria-label="权限提升-Windows"><!---->权限提升-Windows<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87-%E6%95%B0%E6%8D%AE%E5%BA%93.html" class="nav-link" aria-label="权限提升-数据库"><!---->权限提升-数据库<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E7%BB%B4%E6%8C%81-Linux%E5%90%8E%E9%97%A8.html" class="nav-link" aria-label="权限维持-Linux后门"><!---->权限维持-Linux后门<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E7%BB%B4%E6%8C%81-Windows%E5%90%8E%E9%97%A8.html" class="nav-link" aria-label="权限维持-Windows后门"><!---->权限维持-Windows后门<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9D%83%E9%99%90%E7%BB%B4%E6%8C%81%E6%8A%80%E5%B7%A7.html" class="nav-link" aria-label="权限维持技巧"><!---->权限维持技巧<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%9E%84%E5%BB%BA%E9%80%9A%E9%81%93%E6%BC%AB%E6%B8%B8%E5%86%85%E7%BD%91.html" class="nav-link" aria-label="构建通道漫游内网"><!---->构建通道漫游内网<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%A8%AA%E5%90%91%E7%A7%BB%E5%8A%A8-%E5%86%85%E7%BD%91%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86.html" class="nav-link" aria-label="横向移动-内网信息收集"><!---->横向移动-内网信息收集<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%A8%AA%E5%90%91%E7%A7%BB%E5%8A%A8-%E6%9C%AC%E6%9C%BA%E5%87%AD%E8%AF%81%E8%8E%B7%E5%8F%96.html" class="nav-link" aria-label="横向移动-本机凭证获取"><!---->横向移动-本机凭证获取<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%A8%AA%E5%90%91%E7%A7%BB%E5%8A%A8-IPC%E5%91%BD%E5%90%8D%E7%AE%A1%E9%81%93.html" class="nav-link" aria-label="横向移动-IPC命名管道"><!---->横向移动-IPC命名管道<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%A8%AA%E5%90%91%E7%A7%BB%E5%8A%A8-%E6%9D%83%E9%99%90%E6%8B%93%E5%B1%95%E6%96%B9%E5%BC%8F.html" class="nav-link" aria-label="横向移动-权限拓展方式"><!---->横向移动-权限拓展方式<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E6%B8%85%E7%90%86%E6%88%98%E5%9C%BA%E5%8F%8D%E6%BA%AF%E6%BA%90-%E6%97%A5%E5%BF%97%E5%A4%84%E7%90%86.html" class="nav-link" aria-label="清理战场反溯源-日志处理"><!---->清理战场反溯源-日志处理<!----></a></li></ul></li><li class="dropdown-item"><h4 class="dropdown-subtitle"><span>防守方</span></h4><ul class="dropdown-subitem-wrapper"><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/%E5%BA%94%E6%80%A5%E5%93%8D%E5%BA%94%E4%BA%8B%E4%BB%B6%E5%A4%84%E7%90%86%E6%B5%81%E7%A8%8B.html" class="nav-link" aria-label="应急响应事件处理流程"><!---->应急响应事件处理流程<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/Linux%E5%BA%94%E6%80%A5%E5%93%8D%E5%BA%94.html" class="nav-link" aria-label="Linux应急响应"><!---->Linux应急响应<!----></a></li><li class="dropdown-subitem"><a href="/%E6%94%BB%E9%98%B2%E5%AF%B9%E6%8A%97/Windows%E5%BA%94%E6%80%A5%E5%93%8D%E5%BA%94.html" class="nav-link" aria-label="Windows应急响应"><!---->Windows应急响应<!----></a></li></ul></li></ul></button></div></div><div class="nav-item hide-in-mobile"><div class="dropdown-wrapper"><button class="dropdown-title" type="button" aria-label="域渗透"><span class="title"><span class="icon iconfont icon-anonymous"></span>域渗透</span><span class="arrow"></span><ul class="nav-dropdown"><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%9F%9F%E7%8E%AF%E5%A2%83%E4%BB%8B%E7%BB%8D.html" class="nav-link" aria-label="域环境介绍"><!---->域环境介绍<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%9F%9F%E5%86%85%E7%BD%91%E5%8D%8F%E8%AE%AE.html" class="nav-link" aria-label="域内网协议"><!---->域内网协议<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%9F%9F%E4%BF%A1%E6%81%AF%E6%94%B6%E9%9B%86.html" class="nav-link" aria-label="域信息收集"><!---->域信息收集<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%9F%9F%E6%8E%A7%E8%8E%B7%E5%8F%96%E6%96%B9%E5%BC%8F.html" class="nav-link" aria-label="域控获取方式"><!---->域控获取方式<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%93%88%E5%B8%8C%E4%BC%A0%E9%80%92%E6%94%BB%E5%87%BB.html" class="nav-link" aria-label="哈希传递攻击"><!---->哈希传递攻击<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E7%A5%A8%E6%8D%AE%E4%BC%A0%E9%80%92%E6%94%BB%E5%87%BB.html" class="nav-link" aria-label="票据传递攻击"><!---->票据传递攻击<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/NTLM%E4%B8%AD%E7%BB%A7%E6%94%BB%E5%87%BB.html" class="nav-link" aria-label="NTLM中继攻击"><!---->NTLM中继攻击<!----></a></li><li class="dropdown-item"><a href="/%E5%9F%9F%E6%B8%97%E9%80%8F/%E5%A7%94%E6%B4%BE%E6%94%BB%E5%87%BB.html" class="nav-link" aria-label="委派攻击"><!---->委派攻击<!----></a></li></ul></button></div></div></nav><!--[--><!----><!--]--></div><div class="navbar-right"><!--[--><!----><!--]--><!----><div class="nav-item"><a class="repo-link" href="https://github.com/wintrysec" target="_blank" rel="noopener noreferrer" aria-label="GitHub"><svg xmlns="http://www.w3.org/2000/svg" class="icon github-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="github icon" style="width:1.25rem;height:1.25rem;vertical-align:middle;"><path d="M511.957 21.333C241.024 21.333 21.333 240.981 21.333 512c0 216.832 140.544 400.725 335.574 465.664 24.49 4.395 32.256-10.07 32.256-23.083 0-11.69.256-44.245 0-85.205-136.448 29.61-164.736-64.64-164.736-64.64-22.315-56.704-54.4-71.765-54.4-71.765-44.587-30.464 3.285-29.824 3.285-29.824 49.195 3.413 75.179 50.517 75.179 50.517 43.776 75.008 114.816 53.333 142.762 40.79 4.523-31.66 17.152-53.377 31.19-65.537-108.971-12.458-223.488-54.485-223.488-242.602 0-53.547 19.114-97.323 50.517-131.67-5.035-12.33-21.93-62.293 4.779-129.834 0 0 41.258-13.184 134.912 50.346a469.803 469.803 0 0 1 122.88-16.554c41.642.213 83.626 5.632 122.88 16.554 93.653-63.488 134.784-50.346 134.784-50.346 26.752 67.541 9.898 117.504 4.864 129.834 31.402 34.347 50.474 78.123 50.474 131.67 0 188.586-114.73 230.016-224.042 242.09 17.578 15.232 33.578 44.672 33.578 90.454v135.85c0 13.142 7.936 27.606 32.854 22.87C862.25 912.597 1002.667 728.747 1002.667 512c0-271.019-219.648-490.667-490.71-490.667z"></path></svg></a></div><div class="nav-item hide-in-mobile"><button id="appearance-switch"><svg xmlns="http://www.w3.org/2000/svg" class="icon auto-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="auto icon" style="display:block;"><path d="M512 992C246.92 992 32 777.08 32 512S246.92 32 512 32s480 214.92 480 480-214.92 480-480 480zm0-840c-198.78 0-360 161.22-360 360 0 198.84 161.22 360 360 360s360-161.16 360-360c0-198.78-161.22-360-360-360zm0 660V212c165.72 0 300 134.34 300 300 0 165.72-134.28 300-300 300z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon dark-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="dark icon" style="display:none;"><path d="M524.8 938.667h-4.267a439.893 439.893 0 0 1-313.173-134.4 446.293 446.293 0 0 1-11.093-597.334A432.213 432.213 0 0 1 366.933 90.027a42.667 42.667 0 0 1 45.227 9.386 42.667 42.667 0 0 1 10.24 42.667 358.4 358.4 0 0 0 82.773 375.893 361.387 361.387 0 0 0 376.747 82.774 42.667 42.667 0 0 1 54.187 55.04 433.493 433.493 0 0 1-99.84 154.88 438.613 438.613 0 0 1-311.467 128z"></path></svg><svg xmlns="http://www.w3.org/2000/svg" class="icon light-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="light icon" style="display:none;"><path d="M952 552h-80a40 40 0 0 1 0-80h80a40 40 0 0 1 0 80zM801.88 280.08a41 41 0 0 1-57.96-57.96l57.96-58a41.04 41.04 0 0 1 58 58l-58 57.96zM512 752a240 240 0 1 1 0-480 240 240 0 0 1 0 480zm0-560a40 40 0 0 1-40-40V72a40 40 0 0 1 80 0v80a40 40 0 0 1-40 40zm-289.88 88.08-58-57.96a41.04 41.04 0 0 1 58-58l57.96 58a41 41 0 0 1-57.96 57.96zM192 512a40 40 0 0 1-40 40H72a40 40 0 0 1 0-80h80a40 40 0 0 1 40 40zm30.12 231.92a41 41 0 0 1 57.96 57.96l-57.96 58a41.04 41.04 0 0 1-58-58l58-57.96zM512 832a40 40 0 0 1 40 40v80a40 40 0 0 1-80 0v-80a40 40 0 0 1 40-40zm289.88-88.08 58 57.96a41.04 41.04 0 0 1-58 58l-57.96-58a41 41 0 0 1 57.96-57.96z"></path></svg></button></div><form class="search-box" role="search"><input type="search" autocomplete="off" spellcheck="false" value><!----></form><!--[--><!----><!--]--><button class="toggle-navbar-button" aria-label="Toggle Navbar" aria-expanded="false" aria-controls="nav-screen"><span class="button-container"><span class="button-top"></span><span class="button-middle"></span><span class="button-bottom"></span></span></button></div></header><!----><!--]--><!----><div class="toggle-sidebar-wrapper"><span class="arrow left"></span></div><aside class="sidebar"><!--[--><!----><!--]--><ul class="sidebar-links"></ul><!--[--><!----><!--]--></aside><!--[--><main class="page" id="main-content"><!--[--><!----><nav class="breadcrumb disable"></nav><div class="page-title"><h1><!---->Git手册 & Docker微服务构建</h1><div class="page-info"><span class="author-info" aria-label="作者🖊" data-balloon-pos="down"><svg xmlns="http://www.w3.org/2000/svg" class="icon author-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="author icon"><path d="M649.6 633.6c86.4-48 147.2-144 147.2-249.6 0-160-128-288-288-288s-288 128-288 288c0 108.8 57.6 201.6 147.2 249.6-121.6 48-214.4 153.6-240 288-3.2 9.6 0 19.2 6.4 25.6 3.2 9.6 12.8 12.8 22.4 12.8h704c9.6 0 19.2-3.2 25.6-12.8 6.4-6.4 9.6-16 6.4-25.6-25.6-134.4-121.6-240-243.2-288z"></path></svg><span><a class="author-item" href="https://wintrysec.github.io" target="_blank" rel="noopener noreferrer">张天师</a></span><span property="author" content="张天师"></span></span><!----><!----><span class="reading-time-info" aria-label="阅读时间⌛" data-balloon-pos="down"><svg xmlns="http://www.w3.org/2000/svg" class="icon timer-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="timer icon"><path d="M799.387 122.15c4.402-2.978 7.38-7.897 7.38-13.463v-1.165c0-8.933-7.38-16.312-16.312-16.312H256.33c-8.933 0-16.311 7.38-16.311 16.312v1.165c0 5.825 2.977 10.874 7.637 13.592 4.143 194.44 97.22 354.963 220.201 392.763-122.204 37.542-214.893 196.511-220.2 389.397-4.661 5.049-7.638 11.651-7.638 19.03v5.825h566.49v-5.825c0-7.379-2.849-13.981-7.509-18.9-5.049-193.016-97.867-351.985-220.2-389.527 123.24-37.67 216.446-198.453 220.588-392.892zM531.16 450.445v352.632c117.674 1.553 211.787 40.778 211.787 88.676H304.097c0-48.286 95.149-87.382 213.728-88.676V450.445c-93.077-3.107-167.901-81.297-167.901-177.093 0-8.803 6.99-15.793 15.793-15.793 8.803 0 15.794 6.99 15.794 15.793 0 80.261 63.69 145.635 142.01 145.635s142.011-65.374 142.011-145.635c0-8.803 6.99-15.793 15.794-15.793s15.793 6.99 15.793 15.793c0 95.019-73.789 172.82-165.96 177.093z"></path></svg><span>大约 10 分钟</span><meta property="timeRequired" content="PT10M"></span></div><hr></div><div class="toc-place-holder"><aside id="toc"><div class="toc-header">此页内容</div><div class="toc-wrapper"><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#git手册" class="router-link-active router-link-exact-active toc-link level2">Git手册</a></li><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#基本设置" class="router-link-active router-link-exact-active toc-link level3">基本设置</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#远程仓库" class="router-link-active router-link-exact-active toc-link level3">远程仓库</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#更新远程仓库" class="router-link-active router-link-exact-active toc-link level3">更新远程仓库</a></li><!----><!--]--></ul><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#docker微服务构建" class="router-link-active router-link-exact-active toc-link level2">Docker微服务构建</a></li><ul class="toc-list"><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#centos7安装docker" class="router-link-active router-link-exact-active toc-link level3">Centos7安装Docker</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#镜像" class="router-link-active router-link-exact-active toc-link level3">镜像</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#容器" class="router-link-active router-link-exact-active toc-link level3">容器</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#dockerfile定制镜像" class="router-link-active router-link-exact-active toc-link level3">Dockerfile定制镜像</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#docker-compose" class="router-link-active router-link-exact-active toc-link level3">docker-compose</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#网络管理" class="router-link-active router-link-exact-active toc-link level3">网络管理</a></li><!----><!--]--><!--[--><li class="toc-item"><a aria-current="page" href="/docker.html#上传到docker-hub" class="router-link-active router-link-exact-active toc-link level3">上传到Docker Hub</a></li><!----><!--]--></ul><!--]--></ul></div></aside></div><!----><div class="theme-hope-content"><h2 id="git手册" tabindex="-1"><a class="header-anchor" href="#git手册" aria-hidden="true">#</a> Git手册</h2><h3 id="基本设置" tabindex="-1"><a class="header-anchor" href="#基本设置" aria-hidden="true">#</a> 基本设置</h3><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">git</span> config <span class="token parameter variable">--list</span> <span class="token comment">#查看配置信息</span>
<span class="token function">git</span> config <span class="token parameter variable">--global</span> user.name <span class="token string">"wintrysec"</span> <span class="token comment">#配置用户信息-用户名</span>
<span class="token function">git</span> config <span class="token parameter variable">--global</span> user.email <span class="token string">"wintrysec@gmail.com"</span> <span class="token comment">#配置用户信息-邮箱</span>
<span class="token function">git</span> init <span class="token comment">#初始化版本控制</span>
<span class="token function">git</span> <span class="token function">add</span> <span class="token builtin class-name">.</span> <span class="token comment">#添加文件追踪</span>
<span class="token function">git</span> commit <span class="token parameter variable">-m</span> <span class="token string">"这里是说明消息"</span> <span class="token comment">#提交文件</span>
<span class="token function">git</span> status <span class="token comment">#查看当前修改状态</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="远程仓库" tabindex="-1"><a class="header-anchor" href="#远程仓库" aria-hidden="true">#</a> 远程仓库</h3><p>1、创建 SSH Key</p><p>【C盘—->用户/user—->Administrator(自己的用户名)】</p><p>看看有没有 .ssh 目录,如果有,再看看这个目录下有没有 <code>id_rsa</code> 和 <code>id_rsa.pub</code></p><p>如果已经有了,可直接跳到下一步。</p><p>如果没有,打开 Shell(Windows下打开Git Bash),创建 SSH Key</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>ssh-keygen <span class="token parameter variable">-t</span> rsa <span class="token parameter variable">-C</span> <span class="token string">"wintrysec@gmail.com"</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>2、登陆 GitHub,打开 “Settings”**</p><p>“SSH Keys” 页面,“New SSH key”,“粘贴公钥”</p><p>3、推送到远程仓库</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">git</span> push <span class="token parameter variable">-f</span> https://github.com/wintrysec/wintrysec.github.io.git master:gh-pages
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><h3 id="更新远程仓库" tabindex="-1"><a class="header-anchor" href="#更新远程仓库" aria-hidden="true">#</a> 更新远程仓库</h3><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">git</span> pull <span class="token comment">#拉取更新,每次必做防止团队合作干掉别人上传的代码</span>
<span class="token function">git</span> <span class="token function">add</span> <span class="token parameter variable">-A</span> <span class="token comment">#更新文件后添加追踪</span>
<span class="token function">git</span> commit <span class="token parameter variable">-m</span> <span class="token string">"deploy"</span> <span class="token comment">#提交文件和说明消息</span>
<span class="token function">git</span> status <span class="token comment">#查看当前修改状态</span>
<span class="token function">git</span> branch <span class="token comment">#查看当前分支</span>
<span class="token function">git</span> push <span class="token comment">#推送向远程仓库(已添加远程仓库情况下这样,否则用-f指定远程仓库)</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h2 id="docker微服务构建" tabindex="-1"><a class="header-anchor" href="#docker微服务构建" aria-hidden="true">#</a> Docker微服务构建</h2><div class="custom-container tip"><p class="custom-container-title">提示</p><p>Docker可以轻松的为应用创建一个轻量级、可移植、自给自足的容器,常用于Web应用自动化发布</p><p>与虚拟机相比,它以一种轻量级的方式实现了运行空间的隔离</p><p>如果物理机是一幢住宅楼,虚拟机就是大楼中的一户户套房,而容器技术就是套房里的一个个隔断。</p></div><h3 id="centos7安装docker" tabindex="-1"><a class="header-anchor" href="#centos7安装docker" aria-hidden="true">#</a> Centos7安装Docker</h3><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token comment"># yum-config-manager需要用这个包,安装docker官方源</span>
yum <span class="token function">install</span> <span class="token parameter variable">-y</span> yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache
yum <span class="token parameter variable">-y</span> <span class="token function">install</span> docker-ce docker-ce-cli containerd.io docker-compose-plugin
systemctl start <span class="token function">docker</span>
systemctl <span class="token builtin class-name">enable</span> <span class="token function">docker</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><details class="custom-container details"><summary>镜像加速</summary><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /etc/docker/
<span class="token function">cat</span> <span class="token operator">></span>/etc/docker/daemon.json<span class="token operator"><<</span> <span class="token string">EOF
{
"registry-mirrors": [
"https://docker-0.unsee.tech"
]
}
EOF</span>
systemctl daemon-reload <span class="token operator">&&</span> systemctl restart <span class="token function">docker</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div></details><h3 id="镜像" tabindex="-1"><a class="header-anchor" href="#镜像" aria-hidden="true">#</a> 镜像</h3><p>Docker 镜像是一个特殊的文件系统,除了提供容器运行时所需的程序、库、资源、配置等文件外;</p><p>还包含了一些为运行时准备的一些配置参数(如匿名卷、环境变量、用户等)</p><p>镜像不包含任何动态数据,其内容在构建之后也不会被改变。</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> search ubuntu <span class="token comment">#查找镜像</span>
<span class="token function">docker</span> pull ubuntu <span class="token comment">#拉取镜像(就是下载)</span>
<span class="token function">docker</span> images <span class="token comment">#查看所有Docker镜像</span>
<span class="token function">docker</span> <span class="token function">history</span> <span class="token comment">#查看镜像历史(有哪些层)</span>
<span class="token function">docker</span> system <span class="token function">df</span> <span class="token comment">#查看镜像、容器、数据卷所占用的空间</span>
<span class="token function">docker</span> rmi <span class="token parameter variable">-f</span> <span class="token function">id</span> <span class="token comment">#删除镜像</span>
<span class="token function">docker</span> rmi <span class="token parameter variable">-f</span> <span class="token variable"><span class="token variable">`</span><span class="token function">docker</span> images <span class="token parameter variable">-q</span><span class="token variable">`</span></span> <span class="token comment">#删除全部镜像</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="容器" tabindex="-1"><a class="header-anchor" href="#容器" aria-hidden="true">#</a> 容器</h3><details class="custom-container details"><summary>镜像和容器的区别</summary><p>镜像是静态的定义,容器是镜像运行时的实体,容器可以被创建、启动、停止、删除、暂停等;</p><p>容器的实质是进程,但与直接在宿主执行的进程不同,容器进程运行于属于自己的独立的命名空间</p><p>因此容器可以拥有自己的文件系统、自己的网络配置、自己的进程空间,甚至自己的用户ID空间</p><p>容器内的进程是运行在一个隔离的环境里,使用起来就好像是在一个独立于宿主的系统下操作一样</p></details><h4 id="容器命令选项" tabindex="-1"><a class="header-anchor" href="#容器命令选项" aria-hidden="true">#</a> 容器命令选项</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> <span class="token function">ps</span> <span class="token comment">#查看所有启动的容器(若查看所有的容器包括已经关闭,添加-a参数即可)</span>
<span class="token function">docker</span> <span class="token builtin class-name">exec</span> <span class="token parameter variable">-it</span> ID <span class="token function">bash</span> <span class="token comment">#进入一个正在运行的容器的shell,容器id前4位就行,或者容器名也行</span>
<span class="token builtin class-name">exit</span> <span class="token comment">#退出容器</span>
<span class="token function">docker</span> inspect ID <span class="token comment">#查看容器信息(数据卷等 -> "Mounts")</span>
<span class="token function">docker</span> stats ID <span class="token comment">#查看Docker状态</span>
<span class="token function">docker</span> logs ID <span class="token comment">#查看容器日志(报错和命令)</span>
<span class="token function">docker</span> stop ID <span class="token comment">#停止容器运行,写容器名也行,start是开启</span>
<span class="token function">docker</span> <span class="token function">rm</span> ID <span class="token comment">#删除容器</span>
<span class="token function">docker</span> <span class="token function">rm</span> <span class="token variable"><span class="token variable">`</span><span class="token function">docker</span> <span class="token function">ps</span> <span class="token parameter variable">-a</span> <span class="token parameter variable">-q</span><span class="token variable">`</span></span> <span class="token comment">#删除所有已经关闭的容器,-f能把正在运行的也关闭</span>
<span class="token function">docker</span> update <span class="token parameter variable">--restart</span><span class="token operator">=</span>always 容器ID <span class="token comment">#给某个容器添加宿主机开机自启动</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="启动一个容器" tabindex="-1"><a class="header-anchor" href="#启动一个容器" aria-hidden="true">#</a> 启动一个容器</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> run <span class="token parameter variable">-it</span> <span class="token parameter variable">-d</span> <span class="token parameter variable">--name</span> ubuntu_wintry <span class="token parameter variable">-p</span> <span class="token number">8088</span>:80 ubuntu
<span class="token comment">#运行Docker镜像</span>
<span class="token comment">#-d 守护态运行,不直接把执行命令的结果输出在当前宿主机下</span>
<span class="token comment">#--name参数为自定义容器名</span>
<span class="token comment">#-p参数为指定端口映射、后者为容器的端口(我们访问Docker的宿主机8080端口)</span>
<span class="token comment">#成功后台运行后会返回一个容器的id,只需要记住前两位即可</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="与宿主机传输文件" tabindex="-1"><a class="header-anchor" href="#与宿主机传输文件" aria-hidden="true">#</a> 与宿主机传输文件</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token comment">#Docker到宿主机</span>
<span class="token function">docker</span> <span class="token function">cp</span> vpn:/opt/vpnserver/vpn_server.config /root/vpn_server.config
<span class="token comment">#宿主机到Docker</span>
<span class="token function">docker</span> <span class="token function">cp</span> vpn_server.config vpn:/opt/vpnserver/
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="dockerfile定制镜像" tabindex="-1"><a class="header-anchor" href="#dockerfile定制镜像" aria-hidden="true">#</a> Dockerfile定制镜像</h3><p>Dockerfile用来创建一个自定义的镜像,包含了用户指定的软件依赖等,用于从无到有的构建镜;</p><p>把每一层修改、安装、构建、操作的命令都写入一个脚本,用这个脚本来构建、定制镜像。</p><p>可以解决镜像无法重复的问题、镜像构建透明性的问题、体积的问题。</p><h4 id="from指定基础镜像" tabindex="-1"><a class="header-anchor" href="#from指定基础镜像" aria-hidden="true">#</a> FROM指定基础镜像</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>FROM ubuntu <span class="token comment">#指定基础镜像</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div></div></div><p>除了选择现有镜像为基础镜像外,Docker 还存在一个特殊的镜像,名为 <strong>scratch</strong>;这个镜像是虚拟的概念,并不实际存在,它表示一个空白的镜像;如果以 <strong>scratch</strong> 为基础镜像的话,意味着你不以任何镜像为基础,接下来所写的指令将作为镜像第一层开始存在;对于 Linux 下静态编译的程序来说,并不需要有操作系统提供运行时支持,所需的一切库都已经在可执行文件里了;因此直接 <strong>FROM scratch</strong> 会让镜像体积更加小巧,使用 Go 语言开发的应用很多会使用这种方式来制作镜像。</p><h4 id="run执行命令" tabindex="-1"><a class="header-anchor" href="#run执行命令" aria-hidden="true">#</a> RUN执行命令</h4><p>Dockerfile 每一个 <strong>RUN</strong> 的行为,都会新建立一层构成新的镜像,这样会使镜像非常臃肿。</p><p>正确的写法应该这样:</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>RUN <span class="token assign-left variable">buildDeps</span><span class="token operator">=</span><span class="token string">'gcc libc6-dev make wget'</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">apt-get</span> update <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">apt-get</span> <span class="token function">install</span> <span class="token parameter variable">-y</span> <span class="token variable">$buildDeps</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">wget</span> <span class="token parameter variable">-O</span> redis.tar.gz <span class="token string">"http://download.redis.io/releases/redis-5.0.3.tar.gz"</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">mkdir</span> <span class="token parameter variable">-p</span> /usr/src/redis <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">tar</span> <span class="token parameter variable">-xzf</span> redis.tar.gz <span class="token parameter variable">-C</span> /usr/src/redis --strip-components<span class="token operator">=</span><span class="token number">1</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">make</span> <span class="token parameter variable">-C</span> /usr/src/redis <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">make</span> <span class="token parameter variable">-C</span> /usr/src/redis <span class="token function">install</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">rm</span> <span class="token parameter variable">-rf</span> /var/lib/apt/lists/* <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">rm</span> redis.tar.gz <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">rm</span> <span class="token parameter variable">-r</span> /usr/src/redis <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">apt-get</span> purge <span class="token parameter variable">-y</span> --auto-remove <span class="token variable">$buildDeps</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>首先这些命令只有一个目的,就是编译、安装 redis 可执行文件;因此没有必要建立很多层,这是一层能解决的事情。使用 && 将各个所需命令串联起来,Dockerfile支持行尾添加 \的命令换行方式,以及行首 #进行注释的格式。</p><p>最后添加了清理工作的命令,删除了为了编译构建所需要的软件,清理了所有下载、展开的文件,并且还清理了apt缓存文件。这是很重要的一步,镜像是多层存储,每一层的东西并不会在下一层被删除,会一直跟随着镜像因此镜像构建时,一定要确保每一层只添加真正需要添加的东西,任何无关的东西都应该清理掉</p><h4 id="构建镜像" tabindex="-1"><a class="header-anchor" href="#构建镜像" aria-hidden="true">#</a> 构建镜像</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> build <span class="token parameter variable">-t</span> ubuntu:v1 <span class="token builtin class-name">.</span>
<span class="token function">docker</span> build <span class="token punctuation">[</span>选项<span class="token punctuation">]</span> <span class="token operator"><</span>上下文路径/URL/-<span class="token operator">></span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><h4 id="指令详解" tabindex="-1"><a class="header-anchor" href="#指令详解" aria-hidden="true">#</a> 指令详解</h4><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code>COPY package.json /usr/src/
<span class="token comment">#从构建上下文目录中复制文件到新的一层的镜像内的 <目标路径> 位置</span>
CMD <span class="token punctuation">[</span><span class="token string">"nginx"</span>, <span class="token string">"-g"</span>, <span class="token string">"daemon off;"</span><span class="token punctuation">]</span>
<span class="token comment">#容器启动命令</span>
<span class="token comment">#直接执行 nginx 可执行文件,并且要求以前台形式运行,不能用service nginx start</span>
ENV <span class="token assign-left variable">VERSION</span><span class="token operator">=</span><span class="token number">1.0</span> <span class="token assign-left variable">NAME</span><span class="token operator">=</span><span class="token string">"Vuln Range"</span>
<span class="token comment">#ENV用来定义环境变量,用双引号把包含空格的引起来</span>
VOLUME /data
<span class="token comment">#匿名卷,运行时如果用户忘记了指定数据卷挂载位置,会自动挂载数据到/data目录</span>
<span class="token environment constant">USER</span> redis
<span class="token comment">#切换到指定用户,接下来会以这个用户权限执行RUN、CMD等命令</span>
<span class="token comment">#如果以 root 执行的脚本,在执行期间希望改变身份,比如希望以某个已经建立好的用户来运行某个服务进程</span>
<span class="token comment">#不要使用 su 或者 sudo,这些都需要比较麻烦的配置,而且在 TTY 缺失的环境下经常出错,建议使用 gosu</span>
<span class="token comment"># 建立 redis 用户,并使用 gosu 换另一个用户执行命令</span>
RUN <span class="token function">groupadd</span> <span class="token parameter variable">-r</span> redis <span class="token operator">&&</span> <span class="token function">useradd</span> <span class="token parameter variable">-r</span> <span class="token parameter variable">-g</span> redis redis
<span class="token comment">#下载 gosu</span>
RUN <span class="token function">wget</span> <span class="token parameter variable">-O</span> /usr/local/bin/gosu <span class="token string">"https://github.com/tianon/gosu/releases/download/1.12/gosu-amd64"</span> <span class="token punctuation">\</span>
<span class="token operator">&&</span> <span class="token function">chmod</span> +x /usr/local/bin/gosu <span class="token punctuation">\</span>
<span class="token operator">&&</span> gosu nobody <span class="token boolean">true</span>
<span class="token comment"># 设置 CMD,并以另外的用户执行</span>
CMD <span class="token punctuation">[</span> <span class="token string">"exec"</span>, <span class="token string">"gosu"</span>, <span class="token string">"redis"</span>, <span class="token string">"redis-server"</span> <span class="token punctuation">]</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="docker-compose" tabindex="-1"><a class="header-anchor" href="#docker-compose" aria-hidden="true">#</a> docker-compose</h3><p>默认的模板文件是 <code>docker-compose.yml</code></p><p>docker compose 是一个整合发布应用的利器,面向项目进行管理。</p><p>服务 (service):一个应用容器,实际上可以运行多个相同镜像的实例</p><p>项目 (project):由一组关联的应用容器组成的一个完整业务单元</p><div class="language-yaml line-numbers-mode" data-ext="yml"><pre class="language-yaml"><code><span class="token key atrule">version</span><span class="token punctuation">:</span> <span class="token string">'3'</span>
<span class="token key atrule">services</span><span class="token punctuation">:</span>
<span class="token key atrule">db</span><span class="token punctuation">:</span> <span class="token comment">#数据库服务</span>
image<span class="token punctuation">:</span> mysql<span class="token punctuation">:</span><span class="token number">8.0</span> <span class="token comment">#使用的镜像</span>
command<span class="token punctuation">:</span>
<span class="token punctuation">-</span><span class="token punctuation">-</span>default_authentication_plugin=mysql_native_password
<span class="token punctuation">-</span><span class="token punctuation">-</span>character<span class="token punctuation">-</span>set<span class="token punctuation">-</span>server=utf8mb4
<span class="token punctuation">-</span><span class="token punctuation">-</span>collation<span class="token punctuation">-</span>server=utf8mb4_unicode_ci
volumes<span class="token punctuation">:</span>
<span class="token punctuation">-</span> db_data<span class="token punctuation">:</span>/var/lib/mysql <span class="token comment">#用数据卷名称,设置数据卷所挂载路径</span>
restart<span class="token punctuation">:</span> always
environment<span class="token punctuation">:</span>
MYSQL_ROOT_PASSWORD<span class="token punctuation">:</span> root
MYSQL_DATABASE<span class="token punctuation">:</span> web<span class="token punctuation">-</span>bug
<span class="token key atrule">web-bug</span><span class="token punctuation">:</span> <span class="token comment">#Web服务</span>
depends_on<span class="token punctuation">:</span>
<span class="token punctuation">-</span> db
image<span class="token punctuation">:</span> wintrysec/web<span class="token punctuation">-</span>bug <span class="token comment">#使用的镜像</span>
ports<span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token string">"80:80"</span>
restart<span class="token punctuation">:</span> always
environment<span class="token punctuation">:</span>
DB_HOST<span class="token punctuation">:</span> db<span class="token punctuation">:</span><span class="token number">3306</span>
DB_USER<span class="token punctuation">:</span> root
DB_PASSWORD<span class="token punctuation">:</span> root
<span class="token key atrule">volumes</span><span class="token punctuation">:</span> <span class="token comment">#如果上边挂载数据卷的路径为数据卷名称,必须在文件中配置数据卷</span>
db_data<span class="token punctuation">:</span>
<span class="token punctuation">-</span> <span class="token string">"web-bug.sql"</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>YAML 语言基本语法规则如下</p><ul><li>大小写敏感</li><li>使用缩进表示层级关系</li><li>缩进时不允许使用Tab键,只允许使用空格。</li><li>缩进的空格数目不重要,只要相同层级的元素左侧对齐即可</li><li>每个散列项<strong>冒号</strong>和<strong>值</strong>之间至少有一个空格!</li></ul><p><a href="http://nodeca.github.io/js-yaml/" target="_blank" rel="noopener noreferrer">在线书写YAML(自动检测语法)<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a></p><h3 id="网络管理" tabindex="-1"><a class="header-anchor" href="#网络管理" aria-hidden="true">#</a> 网络管理</h3><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> network <span class="token function">ls</span> <span class="token comment">#列出已有docker网络</span>
<span class="token function">docker</span> network prune <span class="token parameter variable">-f</span> <span class="token comment">#删除所有未使用的网络(即对应容器已经删除的网络)</span>
<span class="token function">docker</span> network inspect bridge <span class="token comment">#显示一个或多个网络的详细信息</span>
<span class="token comment">#映射指到定地址的任意端口 (随机分配一个外部访问用的端口)</span>
<span class="token function">docker</span> run <span class="token parameter variable">-d</span> <span class="token parameter variable">-p</span> <span class="token number">127.0</span>.0.1::80 nginx
<span class="token comment">#查看端口映射配置</span>
<span class="token function">docker</span> port ID
<span class="token number">1</span>、创建一个Docker网络
<span class="token function">docker</span> network create <span class="token parameter variable">-d</span> bridge my-net
<span class="token number">2</span>、运行一个容器并连接到新建的 my-net 网络
<span class="token function">docker</span> run <span class="token parameter variable">-it</span> <span class="token parameter variable">--rm</span> <span class="token parameter variable">--name</span> busybox1 <span class="token parameter variable">--network</span> my-net busybox <span class="token function">sh</span>
<span class="token number">3</span>、打开新的终端,再运行一个容器并加入到 my-net 网络
<span class="token function">docker</span> run <span class="token parameter variable">-it</span> <span class="token parameter variable">--rm</span> <span class="token parameter variable">--name</span> busybox2 <span class="token parameter variable">--network</span> my-net busybox <span class="token function">sh</span>
<span class="token number">4</span>、证明容器互通,用其中一个容器,ping另外一个容器
容器访问控制
容器要想访问外部网络,需要本地系统的转发支持
<span class="token function">sysctl</span> <span class="token parameter variable">-w</span> <span class="token assign-left variable">net.ipv4.ip_forward</span><span class="token operator">=</span><span class="token number">1</span> <span class="token comment">#开启转发</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><h3 id="上传到docker-hub" tabindex="-1"><a class="header-anchor" href="#上传到docker-hub" aria-hidden="true">#</a> 上传到Docker Hub</h3><p>1、注册<a href="https://hub.docker.com/repository/docker/wintrysec/wintrysec-lab" target="_blank" rel="noopener noreferrer">Docker Hub<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span></a>账户</p><p>2、使用Docker hub账号在验证本地登录</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> login
<span class="token comment">#登录信息信息,保存在~/.docker/config.json文件里</span>
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div><p>3、注意事项</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token comment">#容器保存为镜像</span>
<span class="token function">docker</span> commit ec0f alioth:v1.0
<span class="token comment">#导出镜像</span>
<span class="token function">docker</span> save <span class="token parameter variable">-o</span> alioth.tar alioth:v1.0
<span class="token comment">#离线机器加载docker镜像</span>
<span class="token function">docker</span> load <span class="token parameter variable">-i</span> alioth.tar
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> images
<span class="token comment">#查看本地镜像,如果 Docker ID/仓库名 不是属于你的账户是上传不了的</span>
<span class="token comment">#当然可以更改,命令如下</span>
<span class="token function">docker</span> tag 镜像ID 用户名称/Ubuntu:新的标签名<span class="token punctuation">(</span>tag<span class="token punctuation">)</span>
<span class="token comment">#用这种方式,把使用这个ID的"容器"保存成型个新镜像</span>
<span class="token function">docker</span> commit <span class="token parameter variable">-a</span> <span class="token string">'新镜像'</span> 容器ID 用户名称/镜像名:标签
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div><div class="line-number"></div></div></div><p>4、将镜像推送到远程仓库</p><div class="language-bash line-numbers-mode" data-ext="sh"><pre class="language-bash"><code><span class="token function">docker</span> push 用户名/仓库名:tagname
<span class="token function">docker</span> push wintrysec/wintrysec-lab:tagname
</code></pre><div class="line-numbers" aria-hidden="true"><div class="line-number"></div><div class="line-number"></div></div></div></div><!----><footer class="page-meta"><div class="meta-item edit-link"><a href="https://github.com/wintrysec/edit/main/src/docker.md" rel="noopener noreferrer" target="_blank" aria-label="编辑此页" class="nav-link label"><!--[--><svg xmlns="http://www.w3.org/2000/svg" class="icon edit-icon" viewBox="0 0 1024 1024" fill="currentColor" aria-label="edit icon"><path d="M430.818 653.65a60.46 60.46 0 0 1-50.96-93.281l71.69-114.012 7.773-10.365L816.038 80.138A60.46 60.46 0 0 1 859.225 62a60.46 60.46 0 0 1 43.186 18.138l43.186 43.186a60.46 60.46 0 0 1 0 86.373L588.879 565.55l-8.637 8.637-117.466 68.234a60.46 60.46 0 0 1-31.958 11.229z"></path><path d="M728.802 962H252.891A190.883 190.883 0 0 1 62.008 771.98V296.934a190.883 190.883 0 0 1 190.883-192.61h267.754a60.46 60.46 0 0 1 0 120.92H252.891a69.962 69.962 0 0 0-69.098 69.099V771.98a69.962 69.962 0 0 0 69.098 69.098h475.911A69.962 69.962 0 0 0 797.9 771.98V503.363a60.46 60.46 0 1 1 120.922 0V771.98A190.883 190.883 0 0 1 728.802 962z"></path></svg><!--]-->编辑此页<span><svg class="external-link-icon" xmlns="http://www.w3.org/2000/svg" aria-hidden="true" focusable="false" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path><polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg><span class="external-link-icon-sr-only">open in new window</span></span><!----></a></div><!----><!----></footer><!----><!----><!----><!--]--></main><!--]--><!----><!--]--></div><!--]--><!----><!----><!--]--></div>
<script type="module" src="/assets/app.3b9f01e1.js" defer></script>
</body>
</html>