通过run命令创建一个新的容器(container)
命令格式:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
参数选项说明
参数选项 | 描述 | |
--add-host | 添加自定义主机到IP的映射 (格式:host:IP) ,例如: $ docker run --add-host=docker:10.180.0.1 --rm -it debian root@f38c87f2a42d:/# ping docker PING docker (10.180.0.1): 48 data bytes 56 bytes from 10.180.0.1: icmp_seq=0 ttl=254 time=7.600 ms | |
--attach , -a | 登录容器,关联到stdin stdout或stderr,例如:
| |
--blkio-weight | Block IO(相对权重),介于10和1000之间,或0以禁用(默认为0 | |
--blkio-weight-device | Block IO重量(相对设备重量) | |
--cap-add | 添加权限 | |
--cap-drop | 删除权限 | |
--cgroup-parent | 容器的可选父cgroup | |
--cidfile | 运行容器后,在指定文件中写入容器PID值,一种典型的监控系统用法 | |
--cpu-count | CPU计数(仅限Windows) | |
--cpu-percent | CPU百分比(仅限Windows) | |
--cpu-period | 限制CPU CFS(完全公平调度程序)周期 | |
--cpu-quota | 限制CPU CFS(完全公平调度程序)配额 | |
--cpu-rt-period | 以微秒为单位限制CPU实时周期 | |
--cpu-rt-runtime | 以微秒为单位限制CPU实时运行时间 | |
--cpu-shares , -c | 设置容器CPU权重,在CPU共享场景使用 | |
--cpus | 可以使用的CPU数目 | |
--cpuset-cpus | 设置容器可以使用哪些CPU,此参数可以用来容器独占CPU (0-3, 0,1) | |
--cpuset-mems | MEMs in which to allow execution (0-3, 0,1) | |
--detach , -d | 指定容器运行于后台,并打印容器ID。其默认值为false | |
--detach-keys | Override the key sequence for detaching a container | |
--device | 添加主机设备给容器,相当于设备直通 | |
--device-cgroup-rule | Add a rule to the cgroup allowed devices list | |
--device-read-bps | Limit read rate (bytes per second) from a device | |
--device-read-iops | Limit read rate (IO per second) from a device | |
--device-write-bps | Limit write rate (bytes per second) to a device | |
--device-write-iops | Limit write rate (IO per second) to a device | |
--disable-content-trust | true | Skip image verification |
--dns | 指定容器的dns服务器 | |
--dns-opt | Set DNS options | |
--dns-option | Set DNS options | |
--dns-search | 指定容器的dns搜索域名,写入到容器的/etc/resolv.conf文件 | |
--entrypoint | 覆盖image的入口点 | |
--env , -e | 指定环境变量,容器中可以使用该环境变量 | |
--env-file | 指定环境变量文件,文件格式为每行一个环境变量 | |
--expose | 指定容器暴露的端口,即修改镜像的暴露端口 | |
--group-add | Add additional groups to join | |
--health-cmd | Command to run to check health | |
--health-interval | Time between running the check (ms|s|m|h) (default 0s) | |
--health-retries | Consecutive failures needed to report unhealthy | |
--health-start-period | API 1.29+ Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) | |
--health-timeout | Maximum time to allow one check to run (ms|s|m|h) (default 0s) | |
--help | Print usage | |
--hostname , -h | 指定容器的主机名 | |
--init | API 1.25+ Run an init inside the container that forwards signals and reaps processes | |
--interactive , -i | 打开STDIN,用于控制台交互。即使未连接,也保持stdin打开 | |
--io-maxbandwidth | Maximum IO bandwidth limit for the system drive (Windows only) | |
--io-maxiops | Maximum IOps limit for the system drive (Windows only) | |
--ip | IPv4 address (e.g., 172.30.100.104) | |
--ip6 | IPv6 address (e.g., 2001:db8::33) | |
--ipc | IPC mode to use | |
--isolation | Container isolation technology | |
--kernel-memory | Kernel memory limit | |
--label , -l | Set meta data on a container | |
--label-file | Read in a line delimited file of labels | |
--link | 指定容器间的关联,使用其他容器的IP、env等信息 | |
--link-local-ip | Container IPv4/IPv6 link-local addresses | |
--log-driver | Logging driver for the container | |
--log-opt | Log driver options | |
--mac-address | Container MAC address (e.g., 92:d0:c6:0a:29:33) | |
--memory , -m | 指定容器的内存上限 | |
--memory-reservation | 指定容器的内存软上限 | |
--memory-swap | Swap limit equal to memory plus swap: ‘-1’ to enable unlimited swap | |
--memory-swappiness | -1 | Tune container memory swappiness (0 to 100) |
--mount | Attach a filesystem mount to the container | |
--name | 给容器分配名字,后续可以通过名字进行容器管理,links特性需要使用名字 | |
--net | 容器网络设置,链接容器到一个网络。有如下值:
| |
--net-alias | Add network-scoped alias for the container | |
--network | Connect a container to a network | |
--network-alias | Add network-scoped alias for the container | |
--no-healthcheck | Disable any container-specified HEALTHCHECK | |
--oom-kill-disable | Disable OOM Killer | |
--oom-score-adj | Tune host’s OOM preferences (-1000 to 1000) | |
--pid | PID namespace to use | |
--pids-limit | Tune container pids limit (set -1 for unlimited) | |
--platform | experimental (daemon)API 1.32+ Set platform if server is multi-platform capable | |
--privileged | 指定容器是否为特权容器,特权容器拥有所有的capabilities | |
--publish , -p | 暴露容器的端口给主机 | |
--publish-all , -P | 将所有公开端口发布到随机端口 | |
--read-only | Mount the container’s root filesystem as read only | |
--restart | no | 指定容器停止后的重启策略:
|
--rm | 指定容器停止后自动删除容器 | |
--runtime | Runtime to use for this container | |
--security-opt | Security Options | |
--shm-size | Size of /dev/shm | |
--sig-proxy | true | 设置由代理接受并处理信号,但是SIGCHLD、SIGSTOP和SIGKILL不能被代理 |
--stop-signal | SIGTERM | Signal to stop a container |
--stop-timeout | API 1.25+ Timeout (in seconds) to stop a container | |
--storage-opt | Storage driver options for the container | |
--sysctl | Sysctl options | |
--tmpfs | Mount a tmpfs directory | |
--tty , -t | 分配tty设备,该可以支持终端登录,默认值为false | |
--ulimit | Ulimit options | |
--user , -u | 指定容器的用户或UID (格式: <name|uid>[:<group|gid>]) | |
--userns | User namespace to use | |
--uts | UTS namespace to use | |
--volume , -v | 给容器挂载存储卷,挂载到容器的某个目录 | |
--volume-driver | Optional volume driver for the container | |
--volumes-from | 给容器挂载其他容器上的卷,挂载到容器的某个目录 | |
--workdir , -w | 指定容器里的工作目录 |