Docker基本概念
Docker daemon
Docker守护进程(dockerd)侦听Docker API请求,并管理Docker对象,如镜像、容器、网络和卷。
Docker client
Docker客户端(Docker)是许多Docker用户与Docker交互的主要方式。当使用诸如docker run之类的命令时,客户端将这些命令发送给dockerd, dockerd将执行这些命令。
Image
镜像文件是一个只读模板,带有创建Docker容器的指令。通常,一个镜像是基于另一个镜像的,还需要进行一些额外的定制。例如,您可以构建一个基于ubuntu镜像的镜像,安装Apache web服务器和其他应用程序,以及应用程序运行所需的配置细节。
可以创建自己的镜像,也可以只使用其他人创建并发布在镜像仓库中的镜像。
构建自己的镜像,需要创建一个Dockerfile,该文件具有简单的语法,用于定义创建镜像并运行镜像所需的步骤。Dockerfile中的每条指令都在镜像中创建一个层。当更改Dockerfile并重新构建镜像时,只会重新构建那些已更改的层。与其他虚拟化技术相比,这是镜像如此轻量级、小巧和快速的部分原因。
Container
容器是镜像的运行实例。使用Docker API或CLI创建、启动、停止或删除容器。可以将容器连接到一个或多个网络,将存储附加到其中,也可以根据其当前状态创建一个新镜像。
Registry
Docker镜像仓库存储Docker镜像。Docker Hub是任何人都可以使用的公共镜像仓库,默认情况下,Docker被配置为在Docker Hub上查找镜像。也可以搭建私有镜像仓库
Docker守护进程可以直接与主操作系统进行通信,为各个Docker容器分配资源;它还可以将容器与主操作系统隔离,并将各个容器互相隔离。虚拟机启动需要数分钟,而Docker容器可以在数毫秒内启动。由于没有臃肿的从操作系统,Docker可以节省大量的磁盘空间以及其他系统资源。
docker镜像层
Docker存储驱动历史
Docker目前支持的greph driver包括:
AUFS 只读层+读写层 mount> 宿主机的union挂载点, 作为容器的根目录。
只读层就是镜像,读写层是执行docker run时新增的容器层, 对容器的修改就是对union挂载点的修改,只影响读写层。
直接修改宿主机的挂载点,也就是修改容器的根目录,当需要修改一个文件时,AUFS创建该文件的一个副本,使用CoW将文件从只读层复制到可写层进行修改,结果也保存在可写层。在Docker中,底下的只读层就是image,可写层就是Container。结构如下图所示:
docker的工作流程图
基于容器制作镜像
//先启动httpd容器
[root@localhost ~]# docker start 888d5b269a24
888d5b269a24
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d3d04e8871ad ubuntu "/bin/bash" 17 hours ago Exited (129) 17 hours ago busy_kare
888d5b269a24 httpd "httpd-foreground" 19 hours ago Up 2 seconds 80/tcp cool_yonath
1cd34665c1c3 httpd "httpd-foreground" 19 hours ago Exited (0) 19 hours ago sharp_bassi
//在运行的容器中执行命令
[root@localhost ~]# docker exec -it 888d5b269a24 /bin/bash
root@888d5b269a24:/usr/local/apache2#
//下载busybox镜像
[root@localhost ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
d60bca25ef07: Pulling fs layer
d60bca25ef07: Pull complete Digest: sha256:49dae530fd5fee674a6b0d3da89a380fc93746095e7eca0f1b70188a95fd5d71
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
//查看本地所有镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest a77dce18d0ec 6 days ago 1.24MB
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
//删除所有容器
[root@localhost ~]# docker rm $(docker ps -aq)
//查看所有容器的id
[root@localhost ~]# docker ps -aq
888d5b269a24
//启动并进入busybox的命令行并设置
[root@localhost ~]# docker run --name b2 -it busybox /bin/sh/ #
//完成后就删掉
[root@localhost ~]# docker run --name b5 -it --rm busybox /bin/sh
/ # / # mkdir data //创建data目录
/ # echo 'nihao' > data/abcd
在创建镜像时,我们不能关闭容器,必须使其处于运行状态,所以我们必须要另起一个终端,然后执行
//暂停镜像
[root@localhost ~]# docker commit -p b5
sha256:dc599143e95bcddd84ee7204a61a4905c09e8d4144113ce5d3d095b84180e646
//查看新建的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> dc599143e95b 2 minutes ago 1.24MB
busybox latest a77dce18d0ec 6 days ago 1.24MB
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
//重命名 跟自己的账户一致
[root@localhost ~]# docker tag dc599143e95b 3091530433/busybox:v0.10
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
3091530433/busybox v0.10 dc599143e95b 7 minutes ago 1.24MB
busybox latest a77dce18d0ec 6 days ago 1.24MB
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
//登录docker账户
[root@localhost ~]# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: 3091530433
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
//上传镜像
[root@localhost ~]# docker push 3091530433/busybox:v0.10
The push refers to repository [docker.io/3091530433/busybox]
9a143e2b70e6: Pushed
1dad141bdb55: Mounted from libv0.10: digest: sha256:78d12d2a403f114512c493da22171dc655f7049bf81fdfb924aca974e47f7bed size: 734
//删除镜像
[root@localhost ~]# docker rmi 3091530433/busybox:v0.10
Untagged: 3091530433/busybox:v0.10
Untagged: 3091530433/busybox@sha256:78d12d2a403f114512c493da22171dc655f7049bf81fdfb924aca974e47f7bed
Deleted: sha256:dc599143e95bcddd84ee7204a61a4905c09e8d4144113ce5d3d095b84180e646
Deleted: sha256:ee92afb3fef44a515708cb584ed9dd01cc718a654d3739f1f88fd2e87d168a30
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest a77dce18d0ec 6 days ago 1.24MB
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
//下载镜像并运行
[root@localhost ~]# docker run --rm -it 3091530433/busybox:v0.10 /bin/sh
Unable to find image '3091530433/busybox:v0.10' locally
v0.10: Pulling from 3091530433/busybox
d60bca25ef07: Already exists
44639c913717: Pull complete Digest: sha256:78d12d2a403f114512c493da22171dc655f7049bf81fdfb924aca974e47f7bed
Status: Downloaded newer image for 3091530433/busybox:v0.10
/ # ls
bin etc root usr
data home sys var
dev proc tmp
/ # cd data/
/data # cat abcd
nihao
//查看默认启动的什么
[root@localhost ~]# docker inspect e3ac8a35759
//查看监听端口
/ # netstat -antl
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
[root@localhost ~]# docker run --name a77dce18d0ec -it --rm busybox /bin/sh
/ # mkdir data
/ # cd data/
/data # echo 'hello test' > in
dex.html
//重新生成镜像并上传
[root@localhost ~]# docker commmit -c 'CMD ["/bin/httpd","-f","-h","/data"]' -p a77dce18d0ec 3091530433/busybox:v0.20
sha256:2dfd0dadbaf336eaf645c3388156465bbd559499fc0c2f220a26b7d8852e0bcd
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
3091530433/busybox v0.20 2dfd0dadbaf3 About a minute ago 1.24MB
3091530433/busybox v0.10 21669ea8d578 28 minutes ago 1.24MB
busybox latest a77dce18d0ec 6 days ago 1.24MB
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
使用新生成的镜像创建容器
[root@localhost ~]# docker push 3091530433/busybox:v0.20
The push refers to repository [docker.io/3091530433/busybox]
a488bb2ce3e7: Pushed
1dad141bdb55: Layer already exv0.20: digest: sha256:82f8c1dfb7785d1a69ecb7ce4c49e087571cf87361115d44fc5a01ec14309d0f size: 734
[root@localhost ~]# docker run 3091530433/busybox:v0.20
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c376d7d88fa6 3091530433/busybox:v0.20 "/bin/httpd -f -h /d…" 6 minutes ago Up 6 minutes vibrant_mendeleev
95cbde62c4f9 busybox "sh" 10 hours ago Exited (0) 10 hours ago a77dce18d0ec
74ead886d520 busybox "sh" 11 hours ago Exited (0) 10 hours ago b2
使用docker inspect命令查看c376d7d88fa6容器启动的默认进程是什么,以及其IP地址,然后用curl命令访问该IP,看是否能访问到网页
[root@localhost ~]# docker inspect c376d7d88fa6
....
"Cmd": [
"/bin/httpd",
"-f",
"-h",
"/data"
.....
[root@localhost ~]# curl 172.17.0.3
hell text
镜像的导入与导出
docker中我们使用docker save进行导出,使用docker load进行导入。
//复制镜像
[root@localhost ~]# docker tag 3091530433/busybox:v0.20 httpd:v0.30
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
3091530433/busybox v0.20 2dfd0dadbaf3 16 hours ago 1.24MB
httpd v0.30 2dfd0dadbaf3 16 hours ago 1.24MB
3091530433/busybox v0.10 21669ea8d578 16 hours ago 1.24MB
busybox latest a77dce18d0ec 7 days ago 1.24MB
nginx latest ae2feff98a0c 3 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
centos latest 300e315adb2f 4 weeks ago 209MB
//导入镜像
[root@localhost ~]# docker save -o httpd.tar httpd:v0.30
[root@localhost ~]# ls
anaconda-ks.cfg httpd.tar
[root@localhost ~]# docker rmi httpd:v0.30
Untagged: httpd:v0.30
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
3091530433/busybox v0.20 2dfd0dadbaf3 16 hours ago 1.24MB
3091530433/busybox v0.10 21669ea8d578 16 hours ago 1.24MB
busybox latest a77dce18d0ec 7 days ago 1.24MB
nginx latest ae2feff98a0c 3 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
centos latest 300e315adb2f 4 weeks ago 209MB
在已生成镜像的主机上执行docker save导出镜像
[root@localhost ~]# docker load -i httpd.tar
Loaded image: httpd:v0.30
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
3091530433/busybox v0.20 2dfd0dadbaf3 16 hours ago 1.24MB
httpd v0.30 2dfd0dadbaf3 16 hours ago 1.24MB
3091530433/busybox v0.10 21669ea8d578 16 hours ago 1.24MB
busybox latest a77dce18d0ec 7 days ago 1.24MB
nginx latest ae2feff98a0c 3 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
centos latest 300e315adb2f 4 weeks ago 209MB