认识docker
认识docker
一 、什么是docker?
docker是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。
二、docker组成架构
docker的架构模式是C/S架构,采用远程API来管理和创建Docker容器。
docker 包括三个基本的概念:
- 镜像(image):镜像是一种轻量级、可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件。它包含运行某个软件所需的所有内容,包括代码、运行时、库、环境变量和配置文件。相当于一个模板,通过这个模板来创建容器服务,可以通过一个镜像创建多个容器。
- 容器(container):镜像是静态的定义,容器是镜像运行时的实体。容器可以被创建、启动、停止、删除、暂停等。
- 仓库(repository):仓库用来保存镜像,分为国内仓库和国外仓库。
三、安装Docker
3.1 安装
# 1、卸载旧版本docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
# 2、需要安装包
yum install -y yum-utils
# 3、设置镜像仓库
sudo yum-config-manager \
--add-repo \ https://download.docker.com/linux/centos/docker-ce.repo
注意: 使用官方源地址比较慢,采用国内阿里云镜像安装
sudo yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 更新yum软件包的索引
yum makecache fast
# 4、安装docker相关的依赖 docker-ce社区版本
yum install docker-ce docker-ce-cli containerd.io
选择指定版本的docker engine-community
yum list docker-ce --showduplicates | sort -r
docker-ce.x86_64 3:18.09.1-3.el7 docker-ce-stable
docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable
docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable
yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io docker-compose-plugin
# 5、 启动docker
systemctl start docker
# 6 、查看docker是否安装成功
docker version
# 7、卸载docker
卸载依赖
yum remove docker-ce docker-ce-cli containerd.io
删除资源
sudo rm -rf /var/lib/docker
sudo rm -rf /var/lib/containerd
docker run hello-world
查看hello-world镜像
3.2 阿里云镜像加速
1、找到镜像加速服务
2、找到镜像加速地址
3、配置使用
创建一个目录
sudo mkdir -p /etc/docker
编写配置文件
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://y2hzel0q.mirror.aliyuncs.com"]
}
EOF
重新加载
sudo systemctl daemon-reload
重启
sudo systemctl restart docker
3.3 hello-world执行流程
四、docker底层原理
4.1 docker是如何工作的?
docker是一个client - service结构系统,docker的守护进程在主机上,通过socket从客户端访问,守护进程是客户端接受命令并管理运行在主机上的容器。
简单来说:客户端 —> 发送命令 ----> 守护进程接收命令 ----> 执行命令 —> 管理容器
4.2 Docker为什么比VM快?
- docker有着比虚拟机更少的抽象层
- docker利用的是宿主机的内核,而VM利用的是Guest OS。
新建一个容器的时候,docker不需要像虚拟机一样重新加载一个操作系统的内核;虚拟机是加载Guest OS,这是属于分钟级别的,而docker是利用宿主机的操作系统,省略了这个复杂的过程,这是属于秒级别的。
4.3 docker常用命令
帮助命令
docker version # 显示docker的版本信息
docker info # 显示docker的系统信息,包括镜像和容器数量
docker 命令 --help # 帮助命令
帮助文档的地址:
https://docs.docker.com/reference/
1、镜像命令
1、docker images # 查询所有本地主机上的镜像
[root@gitShile /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest d1165f221234 14 months ago 13.3kB
# 详情注解
REPOSITORY 镜像的仓库源
TAG 镜像标签
IMAGE ID 镜像id
CREATED 镜像创建时间
SIZE 镜像大小
# 可选项
-a, --all 列出所有镜像
-q, --quiet 显示镜像的id
2、docker search 搜索镜像
[root@gitShile /]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 12529 [OK]
mariadb MariaDB Server is a high performing open sou… 4822 [OK]
percona Percona Server is a fork of the MySQL relati… 575 [OK]
# 通过搜索来进行过滤
--filter=STARS=5000 # 搜素出来的镜像就是STARS大于5000的
[root@gitShile /]# docker search mysql --filter=STARS=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 12530 [OK]
[root@gitShile /]# docker search mysql --filter=STARS=3000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 12530 [OK]
mariadb MariaDB Server is a high performing open sou… 4823 [OK]
3、docker pull下载镜像
#下载镜像
docker pull 镜像名[:tag]
# 安装最新版本的mysql
[root@gitShile /]# docker pull mysql
Using default tag: latest # 如果不写tag,默认是最新版本
latest: Pulling from library/mysql
72a69066d2fe: Pull complete # 分层下载,docker image的核心,联合文件系统
93619dbc5b36: Pull complete
99da31dd6142: Pull complete
626033c43d70: Pull complete
37d5d7efb64e: Pull complete
ac563158d721: Pull complete
d2ba16033dad: Pull complete
688ba7d5c01a: Pull complete
00e060b6d11d: Pull complete
1c04857f594f: Pull complete
4d7cfa90e6ea: Pull complete
e0431212d27d: Pull complete
Digest: sha256:e9027fe4d91c0153429607251656806cc784e914937271037f7738bd5b8e7709 # 签名
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址
# 安装指定版本的mysql
[root@gitShile /]# docker pull mysql:5.7
5.7: Pulling from library/mysql
72a69066d2fe: Already exists
93619dbc5b36: Already exists
99da31dd6142: Already exists
626033c43d70: Already exists
37d5d7efb64e: Already exists
ac563158d721: Already exists
d2ba16033dad: Already exists
0ceb82207cd7: Pull complete
37f2405cae96: Pull complete
e2482e017e53: Pull complete
70deed891d42: Pull complete
Digest: sha256:f2ad209efe9c67104167fc609cca6973c8422939491c9345270175a300419f94
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7
# 查看镜像
[root@gitShile /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7 c20987f18b13 4 months ago 448MB
mysql latest 3218b38490ce 4 months ago 516MB
hello-world latest d1165f221234 14 months ago 13.3kB
4、docker rmi 删除镜像
[root@gitShile /]# docker rmi -f 镜像id # 删除指定的容器
[root@gitShile /]# docker rmi -f 镜像id 镜像id 镜像id # 删除多个容器
[root@gitShile /]# docker rmi -f $(docker images -aq) #删除全部容器
2、容器命令
说明:下载完镜像之后就可以创建容器,例如:下载centos镜像来测试
docker pull centos
1、docker run [可选参数] images 创建容器并启动
docker run [可选参数] images
#参数说明
--name="Name" 容器名字 tomcat01 tomcat02 tomcat03 用来区分不同的容器
-d 后台运行
-it 使用交互方式运行,进入容器查看内容
-p 指定容器的端口 -p 8080:8080
-p 主机端口:容器端口
-p 容器端口
-p ip:主机端口:容器端口
容器端口
-P 随机指定端口
# 测试,启动并进入容器
[root@gitShile /]# docker run -it centos /bin/bash
[root@e3b5a23a608e /]# ls 查看容器里的centos
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
#从容器中退回主机
[root@e3b5a23a608e /]# exit
2、docker ps 命令 列出所有的运行容器
# docker ps 命令
# 列出正在运行的容器
-a # 列出当前正在运行的容器 + 历史运行的容器
-n=? # 显示最近创建的容器
-q # 显示容器的编号
[root@gitShile /]# docker ps # 列出所有的运行容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@gitShile /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e3b5a23a608e centos "/bin/bash" 3 minutes ago Exited (0) About a minute ago happy_germain
392d8dc16f93 d1165f221234 "/hello" 3 days ago Exited (0) 3 days ago eloquent_tharp
380756ac8ef4 d1165f221234 "/hello" 2 weeks ago Exited (0) 2 weeks ago reverent_chandrasekhar
16e349161aa6 d1165f221234 "/hello" 13 months ago Exited (0) 13 months ago wizardly_boyd
退出容器
exit #直接容器停止并退出
Ctrl + P + Q # 退出容器不停止
#测试
[root@gitShile /]# docker run -it centos /bin/bash
[root@092cc098cf5e /]# [root@gitShile /]# ls
bin dev home lib64 media opt proc run srv tmp var
boot etc lib lost+found mnt patch root sbin sys usr www
[root@gitShile /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
092cc098cf5e centos "/bin/bash" 25 seconds ago Up 25 seconds happy_tesla
[root@gitShile /]#
3、 删除容器
docker rm 容器id #删除指定容器,不能删除正在运行的容器,如果强制删除,docker rm -f 命令
docker rm -f $(docker ps -aq) #删除所有容器
docker ps -a -q|xargs dockeer rm #删除所有容器
4、 启动和停止容器的操作
docker start 容器id # 启动容器
docker restart 容器id # 重启容器
docker stop 容器id # 停止当前正在运行的容器
docker kill 容器id # 强制停止当前容器
3、其他命令
1、后台启动容器
# 命令 docker run -d 镜像名
[root@gitShile /]# docker run -d centos
# 问题 当启动docker ps,发现centos停止
# 常见的坑,docker容器使用后台运行,就必须要有一个前台进程,docker发现没有应用,就会自动停止
# nginx,容器启动之后,发现自己没有提供服务,就会立刻停止,就是没有程序操作了。
2、查看日志 docker logs
docker logs -tf --tail 容器
# 编写一个shell脚本
[root@gitShile /]# docker run -d centos /bin/sh -c "while true;do echo shile;sleep 2;done"
# [root@gitShile /]# docker ps
CONTAINER ID IMAGE
ae63bc899612 centos
# 显示日志
-tf # 显示全部日志
--tail number # 要显示的日志条数
[root@gitShile /]# docker logs -tf --tail 5 ae63bc899612
2022-05-10T13:31:24.748927269Z shile
2022-05-10T13:31:26.752139319Z shile
2022-05-10T13:31:28.754548815Z shile
2022-05-10T13:31:30.756758205Z shile
2022-05-10T13:31:32.759014331Z shile
3、查看容器里的进程信息
# 命令 docker top 容器id
[root@gitShile /]# docker top ae63bc899612
UID PID PPID
root 5220 5201
root 6264 5220
4、 查看镜像元数据 docker inspect
# 命令
docker inspect 容器id
[root@gitShile /]# docker inspect ae63bc899612
[
{
"Id": "ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8",
"Created": "2022-05-10T13:30:52.422182915Z",
"Path": "/bin/sh",
"Args": [
"-c",
"while true;do echo shile;sleep 2;done"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 5220,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-05-10T13:30:52.703161749Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8/hostname",
"HostsPath": "/var/lib/docker/containers/ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8/hosts",
"LogPath": "/var/lib/docker/containers/ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8/ae63bc899612f910550bfdd95acb5099608c645546fd34c23810bda7a58656e8-json.log",
"Name": "/goofy_banach",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/f0084e93ace968ca4648be3f2a3f762b42de766136936c778ceeb70b9d560c60-init/diff:/var/lib/docker/overlay2/249ce462f4ed5c3b29dfa37b866944c36a79fddd7dd5a68e77207197ea666ec6/diff",
"MergedDir": "/var/lib/docker/overlay2/f0084e93ace968ca4648be3f2a3f762b42de766136936c778ceeb70b9d560c60/merged",
"UpperDir": "/var/lib/docker/overlay2/f0084e93ace968ca4648be3f2a3f762b42de766136936c778ceeb70b9d560c60/diff",
"WorkDir": "/var/lib/docker/overlay2/f0084e93ace968ca4648be3f2a3f762b42de766136936c778ceeb70b9d560c60/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "ae63bc899612",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"while true;do echo shile;sleep 2;done"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "6f13522eda52667ca4f3abb34cbfe64a50863d619da19e4f03d88baecc7fb23a",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/6f13522eda52",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "b30f6df924420552a1a882e31b1526d64fffbfb89e2ff0afee118f170182b319",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "c36fa9f8abd0226211a2eff61f00d9e09ab509b5455c30cf401d656627eee6f5",
"EndpointID": "b30f6df924420552a1a882e31b1526d64fffbfb89e2ff0afee118f170182b319",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
5、进入当前正在运行的容器
# 通常容器都是后台方式运行的,需要进入容器,修改一些配置
#命令
docker exec -it 容器id bashshell
# 方式一
docker exec -it
-it 表示交互式方式运行
[root@gitShile /]# docker exec -it ed3a6f1dc734 /bin/bash
[root@ed3a6f1dc734 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@ed3a6f1dc734 /]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 14:05 pts/0 00:00:00 /bin/bash
root 16 0 0 14:06 pts/1 00:00:00 /bin/bash
root 31 16 0 14:06 pts/1 00:00:00 ps -ef
# 方式二
docker attach 容器id
[root@gitShile /]# docker attach ed3a6f1dc734
正在执行当前的代码...
# 两者之间区别
# docker exec # 进入容器后开启一个新的终端,可以在里面进行操作(比较常用)
# docker attach # 进入容器正在执行的终端,不会启动新的进程
6、从容器内拷贝文件到主机上
# 命令
docker cp 容器id:容器内路径 目的主机路径
[root@gitShile /]# docker attach ed3a6f1dc734
[root@ed3a6f1dc734 /]# cd /home
# 在容器里新建一个文件
[root@ed3a6f1dc734 home]# touch test.java
[root@ed3a6f1dc734 home]# ls
test.java
[root@ed3a6f1dc734 home]# exit
exit
[root@gitShile /]# cd /home/
# 将文件拷贝到主机上
[root@gitShile home]# docker cp ed3a6f1dc734:/home/test.java /home
[root@gitShile home]# ls
test.java
5993
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
