docker命令
centos7开启流向转发
cat <<EOF > /etc/sysctl.d/docker.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.ip_forward=1
EOF
sysctl -p /etc/sysctl.d/docker.conf
# 卸载旧版本,如果是新机器可以忽略这一步,因为centos还没自带docker服务。
yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotatedocker-selinux docker-engine-selinux docker-engine
# 安装依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
# 添加docker源
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 安装docker
yum install docker-ce
获取镜像
运行镜像,生成容器
# 查看docker运行状态
docker version
Client: Docker Engine - Community
Version: 26.1.4
API version: 1.45
Go version: go1.21.11
Git commit: 5650f9b
Built: Wed Jun 5 11:32:04 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 26.1.4
API version: 1.45 (minimum version 1.24)
Go version: go1.21.11
Git commit: de5c9cf
Built: Wed Jun 5 11:31:02 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.33
GitCommit: d2d58213f83a351ca8f528a95fbd145f5654e957
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0
# 查看docker 进程运行状态
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
60d09dbb8294 nginx "/docker-entrypoint.…" 8 minutes ago Up 8 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp distracted_merkle
# 查看docker 信息
docker info
Client: Docker Engine - Community
Version: 26.1.4
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.14.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.27.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 14
Running: 1
Paused: 0
Stopped: 13
Images: 7
Server Version: 26.1.4
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: d2d58213f83a351ca8f528a95fbd145f5654e957
runc version: v1.1.12-0-g51d5e94
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 3.10.0-1062.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.84GiB
Name: localhost.localdomain
ID: 03ef3dc9-4181-4536-a4ee-df4345b32139
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://do.nark.eu.org/
https://dc.j8.work/
https://docker.m.daocloud.io/
https://dockerproxy.com/
https://docker.mirrors.ustc.edu.cn/
https://docker.nju.edu.cn/
Live Restore Enabled: false
# docker info |grep Root
Docker Root Dir: /var/lib/docker
cd /var/lib/docker/image/overlay2/imagedb
# docker镜像存储目录
cd /var/lib/docker/image/overlay2/imagedb/content/sha256
087c6d900ed47694396ba00e7ccd53fe797c05cbe9ec4b07fbe134d99ab4a66d
35a88802559dd2077e584394471ddaa1a2c5bfd16893b829ea57619301eb3908
5107333e08a87b836d48ff7528b1e84b9c86781cc9f1748bbc1b8c42a870d933
5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6
7ce93a845a8a98c89bd58a5e45fe71277ca5f52177c88046858a6a0af969ba74
a72860cb95fd59e9c696c66441c64f18e66915fa26b249911e83c3854477ed9a
f610b9395a59ebe082cdb57eaaf308ef3f49a15babaf7edd469246d97984d969
docker images
ITORY TAG IMAGE ID CREATED SIZE
tomcat latest 087c6d900ed4 2 days ago 470MB
wordpress latest f610b9395a59 2 weeks ago 686MB
mysql latest 7ce93a845a8a 2 weeks ago 586MB
nginx latest a72860cb95fd 7 weeks ago 188MB
ubuntu latest 35a88802559d 2 months ago 78.1MB
mysql 5.7 5107333e08a8 8 months ago 501MB
centos latest 5d0da3dc9764 2 years ago 231MB
#json镜像配置文件
cat 087c6d900ed47694396ba00e7ccd53fe797c05cbe9ec4b07fbe134d99ab4a66d
# 开启一个交互式终端
# -it 开启一个交互式终端 --rm 容器退出时删除该容器
docker run -it -rm centos bash
# docker 查看本地镜像
docker images
docker image ls
# docker 搜索 nginx
docker search nginx
# docker下载nginx 默认加载最新版本
docker pull nginx
#docker下载centos7.8.2003
docker pull centos:7.8.2003
# docker删除镜像
docker rmi 镜像名称或IMAGE ID
# docker 运行nginx镜像
# -d后台运行
# -p 端口映射nat
docker run -d -p 80:80 nginx
访问10.0.17.100
# docker 停止容器进程
docker ps -a # 查看容器进程
docker stop 容器id
docker start 容器id
进入容器
# 开启nginx容器
docker run -d -p 80:80 nginx
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
60d09dbb8294 nginx "/docker-entrypoint.…" 12 seconds ago Up 11 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp distracted_merkle
# 进入nginx容器
docker exec -it 60d09dbb8294 bash
查看镜像
# 查看镜像
docker images
#查看具体镜像
docker images centos
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 2 years ago 231MB
# 只列出镜像id
docker images -q
087c6d900ed4
f610b9395a59
7ce93a845a8a
a72860cb95fd
35a88802559d
5107333e08a8
5d0da3dc9764
# 格式化显示
docker images --format "{{.ID}}--{{.Repository}}"
087c6d900ed4--tomcat
f610b9395a59--wordpress
7ce93a845a8a--mysql
a72860cb95fd--nginx
35a88802559d--ubuntu
5107333e08a8--mysql
5d0da3dc9764--centos
# 表格显示
docker images --format "table{{.ID}}\t{{.Repository}}\t{{.Tag}}"
IMAGE ID REPOSITORY TAG
087c6d900ed4 tomcat latest
f610b9395a59 wordpress latest
7ce93a845a8a mysql latest
a72860cb95fd nginx latest
35a88802559d ubuntu latest
5107333e08a8 mysql 5.7
5d0da3dc9764 centos latest
删除镜像
docker pull hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
docker images hello-world
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest d2c94e258dcb 15 months ago 13.3kB
# 根据镜像名字 id 摘要删除
# 被删除的容器不得有依赖的容器记录 若有先删除依赖容器
docker rmi hello-world
Error response from daemon: conflict: unable to remove repository reference "hello-world" (must force) - container 53604df97b49 is using its referenced image d2c94e258dcb
# 查看依赖容器
docker ps -a
# 删除容器记录
docker rm 57a8e5c54ad5
#删除镜像
docker rmi hello-world
#根据id删除 id前三位即可
docker rmi d2c
镜像管理
# 列出所有镜像
docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest 087c6d900ed4 2 days ago 470MB
wordpress latest f610b9395a59 2 weeks ago 686MB
mysql latest 7ce93a845a8a 2 weeks ago 586MB
nginx latest a72860cb95fd 7 weeks ago 188MB
ubuntu latest 35a88802559d 2 months ago 78.1MB
mysql 5.7 5107333e08a8 8 months ago 501MB
centos latest 5d0da3dc9764 2 years ago 231MB
# 列出所有id
docker images -aq
087c6d900ed4
f610b9395a59
7ce93a845a8a
a72860cb95fd
35a88802559d
5107333e08a8
5d0da3dc9764
# 列出所有镜像
echo `docker images -aq`
087c6d900ed4 f610b9395a59 7ce93a845a8a a72860cb95fd 35a88802559d 5107333e08a8 5d0da3dc9764
# 删除centos镜像
docker rmi centos:latest
# 批量删除镜像
docker rmi echo `docker images -aq`
# 批量删除容器
docker rm echo `docker ps -aq`
# 导出镜像
# 默认镜像没有vim 在容器内安装vim
# 提交镜像,导出镜像为压缩文件,可以发给其他人用
docker images
docker image save centos > /opt/centos7.tgz
ls /opt/
centos7.tgz containerd rh
# 删除所有容器
docker rm `docker ps -aq`
# 保存镜像
docker image load -i /opt/centos7.tgz
74ddd0ec08fa: Loading layer 238.6MB/238.6MB
Loaded image: centos:latest
# 查看镜像详细信息
docker image inspect centos
容器管理
# docker run 创建容器+启动
# warning 容器内的进程必须处于前台运行状态,否则容器就会直接退出
# 如果容器内什么也没做,容器也会挂掉
# 运行nginx基础镜像时,没有运行任何程序,因此容器直接挂掉
# 容器内必须有一个进程在前台运行
#linux后台运行命令
ping qq.com&
#调出前台显示
fg1
# 运行容器且进入容器内
docker run -it centos bash
#直接使用容器ping qq.com
docker run centos ping qq.com
#运行一个docker ps -a能看到的容器
# -d 参数 让容器在后台跑着(针对宿主机而言)
# 返回容器id
[root@localhost ~]# docker run -d centos ping qq.com
929ba811a5deb1eccaa34c2ad243327c46c9153cd488d44b01d7108643265ca7
docker ps
[root@localhost ~]# docker run -d nginx
de48598a16e121562a92c5ef59169e9d898509b88071fa11bd1ecd137646edaf
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
de48598a16e1 nginx "/docker-entrypoint.…" 5 seconds ago Up 3 seconds 80/tcp lucid_hoover
[root@localhost ~]# docker exec -it de48598a16e1 bash
root@de48598a16e1:/#
# 测试时可用以下命令
# -d 后台运行
# --rm 容器挂掉后自动删除
# --name 给容器起名字
docker run -d --rm --name ping centos ping qq.com
# 查看容器日志
[root@localhost ~]# docker run -d -p 80:80 nginx
aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d9524
5
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aac847867e7d nginx "/docker-entrypoint.…" 6 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp strange_poincare
[root@localhost ~]# docker logs aac
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2024/08/09 04:46:11 [notice] 1#1: using the "epoll" event method
2024/08/09 04:46:11 [notice] 1#1: nginx/1.27.0
2024/08/09 04:46:11 [notice] 1#1: built by gcc 12.2.0 (Debian 12.2.0-14)
2024/08/09 04:46:11 [notice] 1#1: OS: Linux 3.10.0-1062.el7.x86_64
2024/08/09 04:46:11 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2024/08/09 04:46:11 [notice] 1#1: start worker processes
2024/08/09 04:46:11 [notice] 1#1: start worker process 29
2024/08/09 04:46:11 [notice] 1#1: start worker process 30
2024/08/09 04:46:11 [notice] 1#1: start worker process 31
2024/08/09 04:46:11 [notice] 1#1: start worker process 32
[root@localhost ~]#
# 实时
docker logs -f 容器id
# 最后10行
docker logs -f 容器id | tail -10
# 进入正在进行的容器空间内
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aac847867e7d nginx "/docker-entrypoint.…" 2 minutes ago Up 2 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp strange_poincare
[root@localhost ~]# docker exec -it aac847867e7d bash
root@aac847867e7d:/#
# 查看容器详细信息
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aac847867e7d nginx "/docker-entrypoint.…" 4 minutes ago Up 4 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp strange_poincare
[root@localhost ~]# docker container inspect aac847867e7d
[
{
"Id": "aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245",
"Created": "2024-08-09T04:46:10.984160147Z",
"Path": "/docker-entrypoint.sh",
"Args": [
"nginx",
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 73208,
"ExitCode": 0,
"Error": "",
"StartedAt": "2024-08-09T04:46:11.840788846Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:a72860cb95fd59e9c696c66441c64f18e66915fa26b249911e83c3854477ed9a",
"ResolvConfPath": "/var/lib/docker/containers/aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245/hostname",
"HostsPath": "/var/lib/docker/containers/aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245/hosts",
"LogPath": "/var/lib/docker/containers/aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245/aac847867e7d7f6cc03dcbce567a074df0a7e43248cd765a7caff5f8a1d95245-json.log",
"Name": "/strange_poincare",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "80"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
38,
77
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/e5d103d1b326a91b2f816d516f9876f528470a099d5e5318fc315b46a6ef3af4-init/diff:/var/lib/docker/overlay2/1a831435c03cb14a92a1fb61a927478c9658bd0fc77f6cb452f199ccceb2fea1/diff:/var/lib/docker/overlay2/b401a525d96fab1398c96ab3372a2a249190f2bd32decb30b54382a893bebfc5/diff:/var/lib/docker/overlay2/2d09cfdbeed9e091bd6a453f8d527ca6ba4f735ea4ed51d57532d308f6bb4bf4/diff:/var/lib/docker/overlay2/d2e60a906732d52db4c672363a941910046aa2e0d6ad1c762d7b36e95e92469d/diff:/var/lib/docker/overlay2/dcb9c4e01ef8687d8cbede5e2c60dd0950068dcb302a479695109e23c9bae3ae/diff:/var/lib/docker/overlay2/75c425ba5bea72a3a60cc7ce9630d920ae0fb9868c9b5bc227e474219865c9a8/diff:/var/lib/docker/overlay2/0c074d15d63df3d5e9a99d8f46328879161dd6cc2758c8da1c2d7cda776fe043/diff",
"MergedDir": "/var/lib/docker/overlay2/e5d103d1b326a91b2f816d516f9876f528470a099d5e5318fc315b46a6ef3af4/merged",
"UpperDir": "/var/lib/docker/overlay2/e5d103d1b326a91b2f816d516f9876f528470a099d5e5318fc315b46a6ef3af4/diff",
"WorkDir": "/var/lib/docker/overlay2/e5d103d1b326a91b2f816d516f9876f528470a099d5e5318fc315b46a6ef3af4/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "aac847867e7d",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.27.0",
"NJS_VERSION=0.8.4",
"NJS_RELEASE=2~bookworm",
"PKG_RELEASE=2~bookworm"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "392535f6ba976b9d0f2e6468faffbc44dfb66ef1fb062766a12d217ba897af20",
"SandboxKey": "/var/run/docker/netns/392535f6ba97",
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "80"
},
{
"HostIp": "::",
"HostPort": "80"
}
]
},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "07cdb94e41a738b76950f05a313c587fb5da8ebdf3c72126abe2b73efde990e3",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "02:42:ac:11:00:02",
"NetworkID": "fdcc3f91e9fb3c82ccf2fb2c12cf4840adf82b5f586400ae6d15f6920e5535bf",
"EndpointID": "07cdb94e41a738b76950f05a313c587fb5da8ebdf3c72126abe2b73efde990e3",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]
[root@localhost ~]#
# 容器的端口映射
# -d后台运行nginx --name 名字是nginxTest 端口映射宿主机的85端口 访问容器内80端口
docker run -d --name nginxTest -p 85:80 nginx
# 查看容器
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5035caa059ea nginx "/docker-entrypoint.…" 47 seconds ago Up 46 seconds 0.0.0.0:85->80/tcp, :::85->80/tcp nginxTest
#查看容器端口转发情况
[root@localhost ~]# docker port nginxTest
80/tcp -> 0.0.0.0:85
80/tcp -> [::]:85
# 随机端口映射 -P 随机访问宿主机的空闲端口,映射到容器内打开的端口
[root@localhost ~]# docker run -d --name nginxRandomPort -P nginx
801133c4f09749eb3bdbcb3e5b10bb83de8b19428c197499667cbd8565d63c37
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
801133c4f097 nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 0.0.0.0:32768->80/tcp, :::32768->80/tcp nginxRandomPort
# 容器的提交
[root@localhost ~]# docker run -it centos bash
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
68d4a526ac9f centos "bash" 59 seconds ago Exited (0) 19 seconds ago goofy_kirch
[root@localhost ~]# docker commit goofy_kirch testcommit
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testcommit latest 689620116651 14 seconds ago 231MB
tomcat latest 087c6d900ed4 2 days ago 470MB
wordpress latest f610b9395a59 2 weeks ago 686MB
mysql latest 7ce93a845a8a 2 weeks ago 586MB
nginx latest a72860cb95fd 7 weeks ago 188MB
ubuntu latest 35a88802559d 2 months ago 78.1MB
mysql 5.7 5107333e08a8 8 months ago 501MB
centos latest 5d0da3dc9764 2 years ago 231MB
dockerfile用于构建docker镜像
FROM (指定基础镜像)
MAINTAINER (指定维护者信息,可以没有)
RUN (在命令前面加上RUN即可)
ADD 添加宿主机的文件到容器内,还多了一个自动解压的功能
COPY 作用和ADD是一样的,都是拷贝宿主机的文件到容器内亚
WORKDIR (设置当前工作目录)
VOLUME (设置卷,挂载主机目录)
EXPOSE (指定对外的端口)
CMD (指定容器启动后的要干的事情)
dockerfile构建一个nginx镜像,可以运行nginx服务,修改主页内容
vi Dockerflie
FROM nginx
RUN echo 'this is my docker images nginx service' > /usr/share/nginx/html/index.html
# 构建dockfile
docker build -t my-nginx:1.0 .
# 运行该镜像
docker run -d -p 80:80 my-nginx:1.0
# 查看nginx
[root@localhost docker]# curl 10.0.17.100
this is my docker images nginx service
COPY
# COPY指令从宿主机复制文件/目录到新的一层镜像内
如
copy test.py /home/
# 支持多个文件,以及通配符形式复制,语法要满足Golang的filepath.Match
# 将test*文件 及/tmp/下开头为cc的txt文件copy至/home/
copy test* /tmp/yum?.yumtx. /home/
# COPY指令能够保留源文件的元数据,如权限,访问时间等等,这点很重要
ADD
# 特性和COPY基本一致,不过多了些功能
# 1.源文件是一个URL,此时docker引擎会下载该链接,放入目标路径,且权限自动设置为600,若这不是期望结果,还能增加一层RUN指令进行调整
# 2.源文件是一个URL,且是一个压缩包,不会自动解压缩,也得单独用RUN指令解压
# 3.源文件是一个压缩文件,且是gzip,bzip2,xz,tar情况,ADD指令会自动解压缩该文件到目标路径
CMD
# 用法,注意是双引号
# CMD[“参数1”,“参数2"]
# centos
CMD ["bin/bash"]
# 直接进入vim
docker run -it ubuntu_vim vim
#查看centos镜像版本
docker run -it centos cat /etc/redhat-release
CentOS Linux release 8.4.2105
[root@localhost docker]# docker run -it centos cat /etc/os-release
NAME="CentOS Linux"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Linux 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-8"
CENTOS_MANTISBT_PROJECT_VERSION="8"
# 在指定了entrypoint指令后,用CMD指定具体的参数
# docker不是虚拟机,容器就是一个进程,既然是进程,那么程序在启动的时候需要指定些运行参数,这就是CMD指令作用
# 例如centos镜像默认的CMD是/bin/bash,直接docker run -it centos会直接进入bash解释器。
也可以启动容器时候,指定参数,docker run -it centos cat /etc/os-releasea
# CMD运行she11命令,也会被转化为she11形式
# 例如
CMD echo SPATH
# 会被转化为
CMD ["sh","echo SPATH"]
容器内运行程序
这里要注意的是,docker不是虚拟机的概念,虚拟机里的程序运行,基本上都是在后台运行,利用systemct运行,但是容器内没有后台进程的概念,必须在前台运行。
容器就是为了主进程而存在的,主进程如果退出了,容器也就失去意义,自动退出。
例如有一个经典问题
CMD systemctl start nginx
# 这样的写法是错误的,容器会立即退出
# 因为systemctl start nginx是希望以守护进程形式启动nginx,且CMD命令会转化为
CMD ["sh","-c","systemctl start nginx"]
# 这样的命令主进程是sh解释器,执行完毕后立即结束了,因此容器也就退出了。
# 容器内程序需要再前台运行,使用nginx原生命令 nginx -g 'daemon off;';
# 因此正确的做法应该是CMD["nginx","-g","daemon off;"]
ENTRYPOINT
和RUN指令一样,分为两种格式
• exec
• shell
作用和CMD一样,都是在指定容器启动程序以及参数。
当指定了ENTRYPOINT之后,CMD指令的语义就有了变化,而是把CMD的内容当作参数传递给ENTRYPOINT指令。
实际用法
1.准备好dockerfile
[root@dockere1 y_docker]# cat Dockerfile
FROM ubuntu
RUN apt update && apt install curl -y
CMD ["curl","-s","http://ipinfo.io/ip"]
2.构建镜像
docker build . -t ubuntu_curl:lastest
3.查看结果
4.检查镜像
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu_curl lastest 520144fe0293 41 seconds ago 133MB
5.运行镜像,生成容器记录,没有前台运行
[root@localhost docker]# docker run ubuntu_curl:lastest
27.189.23.12
6.传入参数
[root@localhost docker]# curl http://ipinfo.io/ip -I
HTTP/1.1 405 Method Not Allowed
date: Sat, 10 Aug 2024 12:22:43 GMT
content-type: text/plain; charset=utf-8
Content-Length: 18
allow: GET, OPTIONS
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
# 希望在容器内加入-I命令 curl http://ipinfo.io/ip -I
# 使用ENTRYPOINT
# 修改dockerfile
FROM ubuntu
RUN apt update && apt install curl -y
ENTRYPOINT ["curl","-s","http://ipinfo.io/ip"]
docker build .
docker tag 7fa56e9aa08c ubuntu_entrypoint
[root@localhost docker]# docker run ubuntu_entrypoint -I
HTTP/1.1 405 Method Not Allowed
date: Sat, 10 Aug 2024 12:28:08 GMT
content-type: text/plain; charset=utf-8
Content-Length: 18
allow: GET, OPTIONS
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
ARG和ENV
ENV设置环境变量
ENV无论在镜像构件时,还是容器运行时,该变量都可以使用
ENV NAME = "Noziroh"
ENV IP = "10.0.17.100"
ENV MYSQL_VERSION = 5.6
# 后续通过$NAME获取变量值
# 如:
RUN apt install -y mysql-$MYSQL_VERSIONARG设置环境变量
ARG设置环境变量
ARG设置环境变量,只用于构建镜像时使用,容器运行时消失
VOLUME
容器在运行时,应该保证在存储层不写入任何数据
推荐容器内产生的数据通过VOLUME挂载,写入宿主机目录中,进行维护
# 将容器内的 /opt文件夹 与宿主机的/opt文件夹做好映射关系,容器中写入/opt的数据都不会被容器记录
VOLUME /opt
#该容器运行时,这两个目录自动和宿主机的目录做好映射关系
FROM ubuntu
MAINTAINER Noziroh
VOLUME ["/opt","/mnt"]
docker run cd0379c4368d
docker inspect cd0379c4368d
[
{
"Id": "sha256:cd0379c4368d736f204d5d3906c92fe3ad671edf1c575f59405eb20c0f46ff51",
"RepoTags": [],
"RepoDigests": [],
"Parent": "",
"Comment": "buildkit.dockerfile.v0",
"Created": "2024-06-07T12:00:09.099611108Z",
"DockerVersion": "",
"Author": "Noziroh",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "",
"Volumes": {
"/mnt": {},
"/opt": {}
},
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.opencontainers.image.ref.name": "ubuntu",
"org.opencontainers.image.version": "24.04"
}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 78050118,
"GraphDriver": {
"Data": {
"MergedDir": "/var/lib/docker/overlay2/131745763af13ede326533335c2bc3b40c32d9061319bb49f2abe5823b235e2f/merged",
"UpperDir": "/var/lib/docker/overlay2/131745763af13ede326533335c2bc3b40c32d9061319bb49f2abe5823b235e2f/diff",
"WorkDir": "/var/lib/docker/overlay2/131745763af13ede326533335c2bc3b40c32d9061319bb49f2abe5823b235e2f/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:a30a5965a4f7d9d5ff76a46eb8939f58e95be844de1ac4a4b452d5d31158fdea"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
# 通过docker run -v参数,直接设置映射
EXPOSE
指定容器运行时对外提供的端口服务
帮助使用该镜像的人,快速理解该容器的端口业务
docker port 容器
docker run -p 宿主机端口:容器端口
# 随机宿主机端口:容器端口
docker run -P
WORKDIR
用于在dockerfile中,目录的切换,更改工作目录
# 进入容器后,直接在.opt目录下
WORKDIR /opt
USER
改变环境,用户切换用户
USER root
dockefile构建一个python网站
1.用python,基于flask web,开发网站,些后端网站代码
2.开发dockerfile,部署该代码,生成镜像
3.分享该镜像,docker run 该镜像跑网站
1.在宿主机上,准备目录,准备dockfile,代码
创建
cd ~/docker/
touch noziroh_flask.py
vi noziroh_flask.py
#coding:utf8
from flask import Flask
app = Flask(__name__)
@app.route('/hello')
def Hello():
return "hello docker, I am Noziorh."
if __name__=="__main__":
app.run(host='0.0.0.0',port=8080)
2.创建dockerifle
vim ubuntu.sources
Types: deb
URIs: http://mirrors.tuna.tsinghua.edu.cn/ubuntu/
Suites: noble-security
Components: main universe restricted multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
# centos 更换源文件
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
touch Dockerfile
FROM ubuntu
COPY ubuntu.sources /etc/apt/sources.list.d/
COPY app.py /opt
RUN apt update
RUN apt install -y python3-flask
WORKDIR /opt
EXPOSE 8080
CMD ["python3","app.py"]
docker build . -t ubuntu_flask:lastest
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu_flask lastest 22a8dbf05daf 3 minutes ago 209MB
[root@localhost docker]# docker run ubuntu_flask:lastest
* Serving Flask app 'app'
* Debug mode: off
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
* Running on all addresses (0.0.0.0)
* Running on http://127.0.0.1:8080
* Running on http://172.17.0.2:8080
Press CTRL+C to quit
[root@localhost docker]# curl 172.17.0.2:8080
hello docker, I am Noziorh.
# --name docker ps 显示的名字为myflask
# -p 宿主机端口为90 映射容器8080
docker run -d --name myflask -p 90:8080 ubuntu_flask:lastest
# 浏览器
http://10.0.17.100:90/hello
hello docker, I am Noziorh.
# 使用centos镜像制作Dockerfile
# centos 更换源文件
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
vim Dockfile
FROM centos:7.9.2009
COPY app.py /opt
RUN curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
RUN yum makecache
RUN yum install -y python-devel
RUN yum install -y python3-pip
RUN pip3 install flask-i https://pypi.tuna.tsinghua.edu.cn/simple some-package
WORKDIR /opt
EXPOSE 8080
CMD ["python3","app.py"]
docker build -t centos_flask:lastest .
[root@localhost centos_dockerfile]# docker run centos_flask:lastest
* Serving Flask app 'app' (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: off
* Running on all addresses.
WARNING: This is a development server. Do not use it in a production deployment.
* Running on http://172.17.0.3:8080/ (Press CTRL+C to quit)
172.17.0.1 - - [11/Aug/2024 03:10:38] "GET / HTTP/1.1" 200 -
# 构建失败可以使用 --no-cache 完全重新构建
docker build --no-cache -t 'centos_flask:lastest'
# 修改网站内容
# 1.修改宿主机代码,修改dockerfile,重新构建image
# 2.进入运行中的容器内,修改代码,重启容器
docker exec -it 容器id前三位 bash
/opt 修改app.py
exit 退出容器
docker restart 容器id前三位
7335
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
