什么是docker
Docker的思想来自于集装箱,集装箱作用是什么?在一艘大船上,可以把货物规整的摆放起来。并且各种各样的货物被集装箱标准化了,集装箱和集装箱之间不会互相影响。那么我就不需要专门运送水果的船和专门运送化学品的船了。只要这些货物在集装箱里封装的好好的,那我就可以用一艘大船把他们都运走,docker就是集装箱。
docker中的容器:
- lxc --> libcontainer --> runC
OCI和OCF
OCI(Open Container-initiative) 开源容器规范
- 由Linux基金会主导于2015年6月创立
- 旨在围绕容器格式和运行时制定一个开放的工业化标准
- 包含两个规范
一个运行时规范(runtime-spec)
一个镜像规范(image-spec)
OCF(Open Container Format)开源容器格式
runC是一个命令行工具,用于根据OCI规范创建和生成容器等操作
- 容器是作为runC的子进程启动的,并且不需要运行守护进程就可以在各种系统中运行
- runC是建立在libcontainer之上的,同样的容器技术驱动了数以百万计的docker引擎安装
docker提供了一个专门容纳容器镜像的站点:https://hub.docker.com
docker镜像和镜像仓库的关系
在docker中仓库的名字是以应用的名字取名的
- tag是应用的版本号
- latest为最新版本
- stable为稳定版
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的。
docker架构
一般client和server端都在同一台主机上
client端使用各种docker命令来管理容器
server端可以存在多个容器、镜像和本地存储
registry中可以提供不同系统类型的镜像
工作流程
首先,客户端使用docker命令
服务端检测到命令后,先查看本地是否存在所操作的镜像
若没有所操作的镜像, 则从hub.docker上拉取镜像到本地
此时本地已经有了所操作的镜像,则直接执行操作
docker的工作原理
docker是一个C/S架构,用来管理容器的工具,docker的守护进程运行在主机上,荣光socket的方式来通信。
服务端通过socket接收客户端的指令,收到指令后则会执行这个命令,docker通过修改namespaces(命名空间)的系统调用参数来建立容器的边界,以来划分容器。
docker通过CGroups(控制组)来管理(限制)一个容器的资源的占用情况,以免容器之间的资源抢占的情况。
docker对象
当你使用docker时,你能创建、使用和管理镜像、容器、网络、存储卷、插件和其它对象。
镜像
- 镜像是一个用来创建容器的只读模板
- 通常,一个镜像的制作基于另一个系统镜像,并进行一些定制的操作,如安装并启动某个服务
- 可以自己创建镜像,也可以使用别人创建的镜像拉取到本地使用(建议使用官方镜像)
容器
- 容器是一个运行中的镜像
- 可以在API接口中或者命令行上来创建、运行、停止、移动和删除你的容器
- 可以将容器连接到一个或多个网络中,为其附加存储卷甚至根据当前的状态创建一个新镜像
docker的安装
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Stream-AppStream.repo CentOS-Stream-Media.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-PowerTools.repo
CentOS-Stream-Debuginfo.repo CentOS-Stream-RealTime.repo
CentOS-Stream-Extras.repo docker-ce.repo
CentOS-Stream-HighAvailability.repo
[root@localhost yum.repos.d]# cat docker-ce.repo
[docker-ce]
name=docker-ce
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/8/x86_64/stable/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[root@localhost ~]# yum -y install docker-ce
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,/etc/docker目录是在docker启动之后生成的,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
- docker cn
- 中国科技大学加速器
- 阿里云加速器(需要通过阿里云开发者平台注册帐号,免费使用个人私有的加速器)
[root@localhost ~]# systemctl start docker
[root@localhost ~]# cat > /etc/docker/daemon.json <<EOF
>
> {
>
> "registry-mirrors": ["https://wflrfh1i.mirror.aliyuncs.com"]
>
> }
>
> EOF
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
scan: Docker Scan (Docker Inc., v0.8.0)
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 1
Server Version: 20.10.7
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 7eba5930496d9bbe375fdf71603e610ad737d2b2
runc version: v1.0.0-0-g84113ee
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-257.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 780.4MiB
Name: localhost.localdomain
ID: UBMF:3BPP:S3V7:EEAI:6W4U:IWIR:V5J3:BB56:XFKT:P7RC:VS7W:EEMN
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://wflrfh1i.mirror.aliyuncs.com
Live Restore Enabled: false
docker基础命令的应用
| 命令 | function | 功能 |
|---|---|---|
| docker search | Search the Docker Hub for images | 用来在docker hub上查找镜像 |
| docker pull | Pull an image or a repository from a registry | 用来在docker上拉取指定镜像 |
| docker images | List images | 用来查看当前系统镜像信息 |
| docker create | Create a new conntainer | 用来创建容器 |
| docker start | Start one or more stopped containers | 用来启动一个或多个容器 |
| docker run | Run a command in a new container | 在本地没有镜像的情况下自动拉取镜像并且创建、启动容器 |
| docker attach | Attach to a runninng container | 用来进入一个指定的容器 |
| docker ps | List containers | 用来查看系统中容器的信息 |
| docker logs | Fetch the logs of a container | 用来查看系统中容器的日志 |
| docker restart | Restart a container | 用来重启指定的容器 |
| docker stop | Stop one or more running containers | 用来停止指定的容器 |
| docker kill | Kill one or more running containers | 用来杀死指定容器的进程 |
| docker rm | Remove onne or more containers | 用来删除容器 |
| docker exec | Run a command in a running container | 用来进入一个指定的容器并且可以执行命令 |
| docker info | Display system-wide information | 用来查看docker工具的详细信息 |
| docker inspect | Return low-level information on Docker objects | 用来查看指定对象的详细信息 |
docker event state
搜索镜像 docker search
[root@localhost ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 15222 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2052 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 816 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 224
linuxserver/nginx An Nginx container, brought to you by LinuxS… 150
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 137 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 125 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 102 [OK]
jasonrivers/nginx-rtmp Docker images to host RTMP streams using NGI… 92 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co… 70 [OK]
privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 56 [OK]
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 55
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 45
staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 24 [OK]
schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK]
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 19
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 15
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13
raulr/nginx-wordpress Nginx front-end for the official wordpress:f… 13 [OK]
bitwarden/nginx The Bitwarden nginx web server acting as a r… 11
flashspys/nginx-static Super Lightweight Nginx Image 10 [OK]
mailu/nginx Mailu nginx frontend 9 [OK]
sophos/nginx-vts-exporter Simple server that scrapes Nginx vts stats a… 7 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 2 [OK]
wodby/nginx Generic nginx 1 [OK]
下载镜像 docker pull
[root@localhost ~]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
33847f680f63: Already exists
d74938eee980: Pull complete
963cfdce5a0c: Pull complete
8d5a3cca778c: Pull complete
e06a573b193b: Pull complete
Digest: sha256:61e49dd08a51d6fc421ed257bd8eb461cf2d48269d9ab2b4ff5d4c69826c3c9c
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latest
地址 仓库 镜像:标签
查看镜像 docker images
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 08b152afcfae 5 days ago 133MB
httpd latest 73b8cfec1155 5 days ago 138MB
删除镜像 docker rm
根据id删除
[root@localhost ~]# docker rmi -f 73b8cfec1155
Untagged: httpd:latest
Untagged: httpd@sha256:61e49dd08a51d6fc421ed257bd8eb461cf2d48269d9ab2b4ff5d4c69826c3c9c
Deleted: sha256:73b8cfec11558fe86f565b4357f6d6c8560f4c49a5f15ae970a24da86c9adc93
Deleted: sha256:8dfdbde7a5f7b804884b5e1140b66cc78155416621e63369044f370278171f2a
Deleted: sha256:c4d64464b597b3d82b3a3bdb91979a70a8db3c707d484e54420573b33300f58c
Deleted: sha256:75b62cbb47406663192fa84a9fc496c5b3dec3b2f489a01a073587af9218ca7d
Deleted: sha256:1a75986150c7f76dac53856bced40beed6b7642e1686f11286325765f0c3b00c
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 08b152afcfae 5 days ago 133MB
根据软件名删除
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 08b152afcfae 5 days ago 133MB
[root@localhost ~]# docker rmi -f nginx
Untagged: nginx:latest
Untagged: nginx@sha256:8f335768880da6baf72b70c701002b45f4932acae8d574dedfddaf967fc3ac90
Deleted: sha256:08b152afcfae220e9709f00767054b824361c742ea03a9fe936271ba520a0a4b
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker start
[root@localhost ~]# docker start 8efa4fd01792
8efa4fd01792
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8efa4fd01792 httpd "httpd-foreground" 5 minutes ago Up 2 minutes 80/tcp admiring_noyce
docker stop
[root@localhost ~]# docker stop 8efa4fd01792
8efa4fd01792
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
docker logs
[root@localhost ~]# docker start 8efa4fd01792
8efa4fd01792
[root@localhost ~]# docker logs 8efa4fd01792
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Wed Jul 28 02:17:27.400981 2021] [mpm_event:notice] [pid 1:tid 140198665385088] AH00489: Apache/2.4.48 (Unix) configured -- resuming normal operations
[Wed Jul 28 02:17:27.401098 2021] [core:notice] [pid 1:tid 140198665385088] AH00094: Command line: 'httpd -D FOREGROUND'
[Wed Jul 28 02:17:49.075565 2021] [mpm_event:notice] [pid 1:tid 140198665385088] AH00491: caught SIGTERM, shutting down
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Wed Jul 28 02:21:16.084828 2021] [mpm_event:notice] [pid 1:tid 139738367911040] AH00489: Apache/2.4.48 (Unix) configured -- resuming normal operations
[Wed Jul 28 02:21:16.084945 2021] [core:notice] [pid 1:tid 139738367911040] AH00094: Command line: 'httpd -D FOREGROUND'
[Wed Jul 28 02:24:19.250978 2021] [mpm_event:notice] [pid 1:tid 139738367911040] AH00492: caught SIGWINCH, shutting down gracefully
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Wed Jul 28 02:25:05.817036 2021] [mpm_event:notice] [pid 1:tid 140290318275712] AH00489: Apache/2.4.48 (Unix) configured -- resuming normal operations
[Wed Jul 28 02:25:05.817166 2021] [core:notice] [pid 1:tid 140290318275712] AH00094: Command line: 'httpd -D FOREGROUND'
docker exec 进入指定的容器进行命令操作
[root@localhost ~]# docker start 8efa4fd01792
8efa4fd01792
[root@localhost ~]# docker exec -it 8efa4fd01792 /bin/bash
root@8efa4fd01792:/usr/local/apache2# pwd
/usr/local/apache2
root@8efa4fd01792:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@8efa4fd01792:/usr/local/apache2# quit
bash: quit: command not found
root@8efa4fd01792:/usr/local/apache2# exit
exit
查看详细信息
[root@localhost ~]# docker inspect httpd
[
{
"Id": "sha256:73b8cfec11558fe86f565b4357f6d6c8560f4c49a5f15ae970a24da86c9adc93",
"RepoTags": [
"httpd:latest"
],
"RepoDigests": [
"httpd@sha256:61e49dd08a51d6fc421ed257bd8eb461cf2d48269d9ab2b4ff5d4c69826c3c9c"
],
"Parent": "",
"Comment": "",
"Created": "2021-07-22T09:34:28.400734351Z",
"Container": "ccd63b10f0b6ec72f33c91c38ced177f0df86dfed3a438cf202d8ed65a8e51ed",
"ContainerConfig": {
"Hostname": "ccd63b10f0b6",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HTTPD_PREFIX=/usr/local/apache2",
"HTTPD_VERSION=2.4.48",
"HTTPD_SHA256=1bc826e7b2e88108c7e4bf43c026636f77a41d849cfb667aa7b5c0b86dbf966c",
"HTTPD_PATCHES="
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"httpd-foreground\"]"
],
"Image": "sha256:b456625cc80b3e93693dbe38720cae99a92314dc708f22cae69f8d12854891d6",
"Volumes": null,
"WorkingDir": "/usr/local/apache2",
"Entrypoint": null,
"OnBuild": null,
"Labels": {},
"StopSignal": "SIGWINCH"
},
"DockerVersion": "20.10.7",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HTTPD_PREFIX=/usr/local/apache2",
"HTTPD_VERSION=2.4.48",
"HTTPD_SHA256=1bc826e7b2e88108c7e4bf43c026636f77a41d849cfb667aa7b5c0b86dbf966c",
"HTTPD_PATCHES="
],
"Cmd": [
"httpd-foreground"
],
"Image": "sha256:b456625cc80b3e93693dbe38720cae99a92314dc708f22cae69f8d12854891d6",
"Volumes": null,
"WorkingDir": "/usr/local/apache2",
"Entrypoint": null,
"OnBuild": null,
"Labels": null,
"StopSignal": "SIGWINCH"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 137838158,
"VirtualSize": 137838158,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/3179b066d3afc2398b720eee9bc6e21783c637dbf7ef170b9c8126f702818f94/diff:/var/lib/docker/overlay2/6215c774794179d40824cb9a9f385822b8c777e403cbbe934a36fe26f332b5fb/diff:/var/lib/docker/overlay2/9f769114d8245f1cf33d062272f1ad534b3a4f868c18933230aa660b0ebbb9b6/diff:/var/lib/docker/overlay2/00103a9f9e3c4974ef63126228ce94cc1a29129f39dfa8380bb2feffb1643936/diff",
"MergedDir": "/var/lib/docker/overlay2/2146e68b883edc0e9df93708d05fe4b82fcfec580f895c7b4a9c2ab393be34f4/merged",
"UpperDir": "/var/lib/docker/overlay2/2146e68b883edc0e9df93708d05fe4b82fcfec580f895c7b4a9c2ab393be34f4/diff",
"WorkDir": "/var/lib/docker/overlay2/2146e68b883edc0e9df93708d05fe4b82fcfec580f895c7b4a9c2ab393be34f4/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:814bff7343242acfd20a2c841e041dd57c50f0cf844d4abd2329f78b992197f4",
"sha256:0d97d41c4cc901804a01a969e6e45e9ce35e9f13a70c5ecf6bc9dbe8f5153843",
"sha256:ca4de55a791853f9fc12959ad94da3bc7a2ae32b7123983c5d78e248dbb13bd6",
"sha256:b2345f3bbdb296267d532be60734d14bb1d1240cc545b811c1dbcfc8068f1f13",
"sha256:c78f093a26b2a31307215f4220779b2a31a2ad02eb8ef125a8c9310a5d414ac6"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
338
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
