文章目录
- 常用操作
- docker version
- docker search:Search the Docker Hub for images
- docker pull:Pull an image or a repository from a registry
- docker images:List images
- docker create:Create a new conntainer
- docker start:Start one or more stopped containers
- docker run:Run a command in a new container
- docker attach:Attach to a runninng container
- docker ps:List containers
- docker logs:Fetch the logs of a container
- docker restart:Restart a container
- docker stop:Stop one or more running containers
- docker kill:Kill one or more running containers
- docker rm:Remove onne or more containers
- docker exec:Run a command in a running container
- docker info:Display system-wide information
- docker inspect:Return low-level information on Docker objects
- 端口映射
常用操作
docker version
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 20.10.17
API version: 1.41
Go version: go1.17.11
Git commit: 100c701
Built: Mon Jun 6 23:03:11 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:01:29 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.6
GitCommit: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc:
Version: 1.1.2
GitCommit: v1.1.2-0-ga916309
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker search:Search the Docker Hub for images
[root@localhost ~]# docker search httpd
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 4106 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 44
centos/httpd 35 [OK]
solsson/httpd-openidc mod_auth_openidc on official httpd image, ve… 2 [OK]
clearlinux/httpd httpd HyperText Transfer Protocol (HTTP) ser… 2
hypoport/httpd-cgi httpd-cgi 2 [OK]
nnasaki/httpd-ssi SSI enabled Apache 2.4 on Alpine Linux 1
dockerpinata/httpd 1
jonathanheilmann/httpd-alpine-rewrite httpd:alpine with enabled mod_rewrite 1 [OK]
......
docker pull:Pull an image or a repository from a registry
[root@localhost ~]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
a2abf6c4d29d: Pull complete
dcc4698797c8: Pull complete
41c22baa66ec: Pull complete
67283bbdd4a0: Pull complete
d982c879c57e: Pull complete
Digest: sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latest
docker images:List images
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 7 months ago 144MB
docker create:Create a new conntainer
[root@localhost ~]# docker create --name web httpd
fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a
docker start:Start one or more stopped containers
[root@localhost ~]# docker start web
web
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe27e3df2fbb httpd "httpd-foreground" 4 minutes ago Up 57 seconds 80/tcp web
docker run:Run a command in a new container
[root@localhost ~]# docker run -d --name web2 -p 80:80 httpd
d68a5b9a36b5370bb5e0230b9afa433ecfc320987cd4bfc56c7585b947e574dc
docker attach:Attach to a runninng container
[root@localhost ~]# docker run -it --name web3 httpd /bin/bash
[root@localhost ~]# docker start web3
web3
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d15bb0b25e2 httpd "/bin/bash" About a minute ago Up About a minute 80/tcp web3
[root@localhost ~]# docker attach web3
root@6d15bb0b25e2:/usr/local/apache2#
docker ps:List containers
[root@localhost ~]# docker ps //正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker ps -a //全部容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe27e3df2fbb httpd "httpd-foreground" 2 minutes ago Created web
docker logs:Fetch the logs of a container
[root@localhost ~]# docker logs web2
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Thu Aug 04 09:29:56.148461 2022] [mpm_event:notice] [pid 1:tid 139676208962880] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Thu Aug 04 09:29:56.148669 2022] [core:notice] [pid 1:tid 139676208962880] AH00094: Command line: 'httpd -D FOREGROUND'
[Thu Aug 04 09:33:11.371243 2022] [mpm_event:notice] [pid 1:tid 139676208962880] AH00492: caught SIGWINCH, shutting down gracefully
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Thu Aug 04 09:38:00.204258 2022] [mpm_event:notice] [pid 1:tid 140273947393344] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Thu Aug 04 09:38:00.204439 2022] [core:notice] [pid 1:tid 140273947393344] AH00094: Command line: 'httpd -D FOREGROUND'
docker restart:Restart a container
[root@localhost ~]# docker restart web
web
docker stop:Stop one or more running containers
[root@localhost ~]# docker stop web
web
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe27e3df2fbb httpd "httpd-foreground" 5 minutes ago Exited (0) 10 seconds ago web
docker kill:Kill one or more running containers
[root@localhost ~]# docker run -d --name web2 -p 80:80 httpd
docker: Error response from daemon: Conflict. The container name "/web2" is already in use by container "b9e68c78c3247437cc95c4e6045bdb0f91080ec4c43719b992eb1368b0c342e1". You have to remove (or rename) that container to be able to reuse that name.
See 'docker run --help'.
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9e68c78c324 httpd "httpd-foreground" 18 minutes ago Exited (0) 11 minutes ago web2
fe27e3df2fbb httpd "httpd-foreground" 30 minutes ago Up 23 minutes 80/tcp web
[root@localhost ~]# docker kill web2
Error response from daemon: Cannot kill container: web2: Container b9e68c78c3247437cc95c4e6045bdb0f91080ec4c43719b992eb1368b0c342e1 is not running
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9e68c78c324 httpd "httpd-foreground" 19 minutes ago Exited (0) 13 minutes ago web2
fe27e3df2fbb httpd "httpd-foreground" 31 minutes ago Up 25 minutes 80/tcp web
docker rm:Remove onne or more containers
//docker rm 不能删除正在运行的容器;docker rm -f 可以强制删除正在运行的容器
//docker rm -f $(docker ps -aq | head -7)
[root@localhost ~]# docker rm web2
web2
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe27e3df2fbb httpd "httpd-foreground" 33 minutes ago Up 27 minutes 80/tcp web
docker exec:Run a command in a running container
[root@localhost ~]# docker run -d --name web2 -p 80:80 httpd
4d14e56bc48475548e1c1bca09ee52584279f507b2aaf294d8f0ab0037892d1c
[root@localhost ~]# docker start web2
web2
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4d14e56bc484 httpd "httpd-foreground" 8 minutes ago Up 3 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp web2
[root@localhost ~]# docker exec -it web2 /bin/bash
root@4d14e56bc484:/usr/local/apache2#
docker info:Display system-wide information
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-257.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.748GiB
Name: localhost.localdomain
ID: HB3Q:U7HK:KLSX:TZIX:PAC6:IAC2:J5OE:3JC7:DCGK:YSHI:UJOR:PBW6
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://docker.mirrors.ustc.edu.cn/
Live Restore Enabled: false
docker inspect:Return low-level information on Docker objects
[root@localhost ~]# docker inspect web
[
{
"Id": "fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a",
"Created": "2022-08-04T08:44:08.683295533Z",
"Path": "httpd-foreground",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 2647,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-08-04T08:50:41.626262079Z",
"FinishedAt": "2022-08-04T08:49:39.296177932Z"
},
"Image": "sha256:dabbfbe0c57b6e5cd4bc089818d3f664acfad496dc741c9a501e72d15e803b34",
"ResolvConfPath": "/var/lib/docker/containers/fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a/hostname",
"HostsPath": "/var/lib/docker/containers/fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a/hosts",
"LogPath": "/var/lib/docker/containers/fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a/fe27e3df2fbbd9c47a7029361bd99df3cb8b12b13aa9c5a232ae80b3c802a95a-json.log",
"Name": "/web",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/7e98bc45786ac28c3d19bc2179636a8118d34929435dc7b0ccac174408a0f756-init/diff:/var/lib/docker/overlay2/607629dc20cf8220f06f1aead3f29b7a6b03d0dcf3b4885e673627e2cf0ebded/diff:/var/lib/docker/overlay2/ce3e9fe0a04c2b5e563b7d685924fa307cd8f17ef7eb06f3931fbb5d5f0b1f59/diff:/var/lib/docker/overlay2/6b77e02cfb8e4c463435f631a263242ecd5eb458cec5b5da1d6becb5cdd610c2/diff:/var/lib/docker/overlay2/bbfbc47bd35490c86268814d9f71ccc972d2a6a64b740aa50889568dbd2ef114/diff:/var/lib/docker/overlay2/fd6b4fe76b85bc0e83ed7d0880b31fd15aa4e8fc9ec674a4fcaf44cd9d99051a/diff",
"MergedDir": "/var/lib/docker/overlay2/7e98bc45786ac28c3d19bc2179636a8118d34929435dc7b0ccac174408a0f756/merged",
"UpperDir": "/var/lib/docker/overlay2/7e98bc45786ac28c3d19bc2179636a8118d34929435dc7b0ccac174408a0f756/diff",
"WorkDir": "/var/lib/docker/overlay2/7e98bc45786ac28c3d19bc2179636a8118d34929435dc7b0ccac174408a0f756/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "fe27e3df2fbb",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": true,
"AttachStderr": true,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HTTPD_PREFIX=/usr/local/apache2",
"HTTPD_VERSION=2.4.52",
"HTTPD_SHA256=0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9",
"HTTPD_PATCHES="
],
"Cmd": [
"httpd-foreground"
],
"Image": "httpd",
"Volumes": null,
"WorkingDir": "/usr/local/apache2",
"Entrypoint": null,
"OnBuild": null,
"Labels": {},
"StopSignal": "SIGWINCH"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "9fc75bc85380970e87503d9fa330682bd1048d9d15882a17e940139bc0db4a84",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/9fc75bc85380",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "6f857837772aa8d54bea1fcb3f9c25da84c5ee721a93c20b9cddc0d374d037ad",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8bff26d1c351747927f6bcfbe3d4ebc73badd149a91b5e1bc9e7e897a92bba45",
"EndpointID": "6f857837772aa8d54bea1fcb3f9c25da84c5ee721a93c20b9cddc0d374d037ad",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
端口映射
[root@localhost ~]# curl http://172.17.0.2
<html><body><h1>It works!</h1></body></html>
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[root@localhost ~]# docker run --name web2 -p 80:80 httpd
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Thu Aug 04 08:55:44.012731 2022] [mpm_event:notice] [pid 1:tid 139628455046464] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Thu Aug 04 08:55:44.013620 2022] [core:notice] [pid 1:tid 139628455046464] AH00094: Command line: 'httpd -D FOREGROUND'
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9e68c78c324 httpd "httpd-foreground" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, :::80->80/tcp web2
fe27e3df2fbb httpd "httpd-foreground" 13 minutes ago Up 6 minutes 80/tcp web
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# setenforce 0
//或配置防火墙规则
[root@localhost ~]# systemctl start firewalld
[root@localhost ~]# firewall-cmd --add-rich-rule 'rule family=ipv4 source address=0.0.0.0/0 service name=http accept' --permanent
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="0.0.0.0/0" service name="http" accept
防火墙
- iptables:CentOS6,默认放行
- firewalld:CentOS7、CentOS8,默认拒绝
- ebtables
内核版本
CentOS6 2.6.x
CentOS7 3.10.x
CentOS8 4.18.x
[root@localhost ~]# uname -r
4.18.0-257.el8.x86_64
[root@localhost ~]# cat /etc/redhat-release
CentOS Stream release 8