------
- Linux环境初始化
最小化安装 CentOS-7-x86_64-Minimal-1804
http://mirrors.huaweicloud.com/repository/centos/7.5.1804/isos/x86_64/CentOS-7-x86_64-Minimal-1804.iso
root@Docker-10.10.10.10[17:08:19]$ cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
root@Docker-10.10.10.10[17:08:23]$
基础命令安装
yum install wget -y
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache
yum install net-tools.x86_64 vim ntpdate lrzsz nc util-linux bind-utils -y
root@Docker-10.10.10.10[17:06:15]$ cat .bashrc
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
export PS1="\[\033[01;31m\]\u\[\033[00m\]@\[\033[01;32m\]Docker-10.10.10.10\[\033[00m\][\[\033[01;33m\]\t\[\033[00m\]]$ "
export HISTTIMEFORMAT="`whoami` : %F %T : "
root@Docker-10.10.10.10[17:06:22]$
CentOS7 更改网卡名称
root@Docker-10.10.10.10[17:05:59]$ cat cat /etc/sysconfig/network-scripts/ifcfg-eth0
cat: cat: No such file or directory
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=10.10.10.10
NETMASK=255.255.255.0
GATEWAY=10.0.0.1
DNS1=114.114.114.114
root@Docker-10.10.10.10[17:06:15]$
root@Docker-10.10.10.10[17:06:39]$ cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet net.ifnames=0 biosdevname=0"
GRUB_DISABLE_RECOVERY="true"
root@Docker-10.10.10.10[17:06:51]$
grub2-mkconfig -o /boot/grub2/grub.cfg
同步时间
ntpdate ntp1.aliyun.com && hwclock -w
- 准备Docker环境
去阿里云镜像站下载docker的rpm包
https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/Packages/
yum install https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/Packages/docker-ce-18.03.1.ce-1.el7.centos.x86_64.rpm -y
开启docker进程
root@Docker-10.10.10.10[17:15:20]$ systemctl start docker
root@Docker-10.10.10.10[17:15:25]$
root@Docker-10.10.10.10[17:15:27]$ ps -ef |grep docker
root 1659 1 2 17:15 ? 00:00:00 /usr/bin/dockerd
root 1664 1659 1 17:15 ? 00:00:00 docker-containerd --config /var/run/docker/containerd/containerd.toml
root 1782 1364 0 17:15 pts/0 00:00:00 grep --color=auto docker
root@Docker-10.10.10.10[17:15:31]$
root@Docker-10.10.10.10[17:15:32]$
root@Docker-10.10.10.10[17:15:32]$ systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
root@Docker-10.10.10.10[17:15:38]$
root@Docker-10.10.10.10[17:38:17]$ systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2018-07-08 17:36:26 CST; 1min 54s ago
Docs: https://docs.docker.com
Main PID: 855 (dockerd)
Tasks: 18
Memory: 128.3M
CGroup: /system.slice/docker.service
├─855 /usr/bin/dockerd
└─981 docker-containerd --config /var/run/docker/containerd/containerd.toml
Jul 08 17:36:23 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:23+08:00" level=info msg="containerd successfully...ainerd
Jul 08 17:36:23 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:23.714759313+08:00" level=info msg="[graphdriver]...rlay2"
Jul 08 17:36:23 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:23.723602316+08:00" level=info msg="Graph migrati...conds"
Jul 08 17:36:23 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:23.726831905+08:00" level=info msg="Loading conta...tart."
Jul 08 17:36:26 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:26.206173642+08:00" level=info msg="Default bridg...dress"
Jul 08 17:36:26 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:26.794765977+08:00" level=info msg="Loading conta...done."
Jul 08 17:36:26 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:26.894991358+08:00" level=info msg="Docker daemon...3.1-ce
Jul 08 17:36:26 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:26.900692376+08:00" level=info msg="Daemon has co...ation"
Jul 08 17:36:26 localhost.localdomain dockerd[855]: time="2018-07-08T17:36:26.920132741+08:00" level=info msg="API listen on....sock"
Jul 08 17:36:26 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
root@Docker-10.10.10.10[17:38:21]$
root@Docker-10.10.10.10[17:23:40]$ docker version
Client:
Version: 18.03.1-ce
API version: 1.37
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:20:16 2018
OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm
Server:
Engine:
Version: 18.03.1-ce
API version: 1.37 (minimum version 1.12)
Go version: go1.9.5
Git commit: 9ee9f40
Built: Thu Apr 26 07:23:58 2018
OS/Arch: linux/amd64
Experimental: false
root@Docker-10.10.10.10[17:23:43]$
root@Docker-10.10.10.10[17:16:01]$ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.03.1-ce
Storage Driver: overlay2 # 存储引擎
Backing Filesystem: xfs
Supports d_type: true # 文件分层功能, CentOS7.2是不支持 d_type 的
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc # Docker自己开发的容器runtime
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.685GiB
Name: localhost.localdomain
ID: OTD5:6LOL:X73Z:JX5J:B567:B23R:Z5P6:I3EP:HKVD:JUQZ:TLYU:NZDZ
Docker Root Dir: /var/lib/docker # Docker数据根目录
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
root@Docker-10.10.10.10[17:16:03]$
docker service :/usr/lib/systemd/system/docker.service
docker启动后会生成一个docker0的网卡,用于桥接网络到宿主机:
root@Docker-10.10.10.10[17:24:23]$ ifconfig docker0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ec:85:98:bd txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@Docker-10.10.10.10[17:24:30]$
xfs_info 查看磁盘是否支持 ftype
root@Docker-10.10.10.10[17:27:41]$ xfs_info /
meta-data=/dev/sda3 isize=512 agcount=4, agsize=1310720 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0 spinodes=0
data = bsize=4096 blocks=5242880, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
root@Docker-10.10.10.10[17:27:49]$
重启下服务器
root@Docker-10.10.10.10[17:39:05]$ docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.03.1-ce
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.685GiB
Name: localhost.localdomain
ID: OTD5:6LOL:X73Z:JX5J:B567:B23R:Z5P6:I3EP:HKVD:JUQZ:TLYU:NZDZ
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled # 需要开启,以支持 ipv4 转发
WARNING: bridge-nf-call-ip6tables is disabled # 需要开启,以支持 ipv6 转发
root@Docker-10.10.10.10[17:39:08]$
root@Docker-10.10.10.10[17:39:08]$ sysctl -a |grep bridge-nf-call
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.docker0.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
root@Docker-10.10.10.10[17:40:13]$
root@Docker-10.10.10.10[17:42:51]$ tail -2 /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
root@Docker-10.10.10.10[17:42:55]$
root@Docker-10.10.10.10[17:43:14]$ sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
root@Docker-10.10.10.10[17:43:17]$
搜索镜像
root@Docker-10.10.10.10[17:44:02]$ docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 8966 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1357 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 586 [OK]
jrcs/letsencrypt-nginx-proxy-companion LetsEncrypt container to use with nginx as p… 385 [OK]
kong Open-source Microservice & API Management la… 203 [OK]
webdevops/php-nginx Nginx with PHP-FPM 106 [OK]
kitematic/hello-world-nginx A light-weight nginx container that demonstr… 102
zabbix/zabbix-web-nginx-mysql Zabbix frontend based on Nginx web-server wi… 58 [OK]
bitnami/nginx Bitnami nginx Docker Image 54 [OK]
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 36 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS… 36
tobi312/rpi-nginx NGINX on Raspberry Pi / armhf 20 [OK]
nginxdemos/nginx-ingress NGINX Ingress Controller for Kubernetes . Th… 11
wodby/drupal-nginx Nginx for Drupal container image 9 [OK]
blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 9 [OK]
webdevops/nginx Nginx container 8 [OK]
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 6
1science/nginx Nginx Docker images that include Consul Temp… 4 [OK]
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 3
pebbletech/nginx-proxy nginx-proxy sets up a container running ngin… 2 [OK]
behance/docker-nginx Provides base OS, patches and stable nginx f… 2 [OK]
toccoag/openshift-nginx Nginx reverse proxy for Nice running on same… 1 [OK]
travix/nginx NGinx reverse proxy 1 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 0 [OK]
mailu/nginx Mailu nginx frontend 0 [OK]
root@Docker-10.10.10.10[17:44:21]$
默认是从国外网站搜索,比较慢,阿里云提供了一个镜像加速器:
docker镜像加速器:https://9916w1ow.mirror.aliyuncs.com
root@Docker-10.10.10.10[17:47:41]$ pwd
/etc/docker
root@Docker-10.10.10.10[17:47:42]$
root@Docker-10.10.10.10[17:47:42]$ cat daemon.json
{
"registry-mirrors": ["https://9916w1ow.mirror.aliyuncs.com"]
}
root@Docker-10.10.10.10[17:47:44]$
systemctl daemon-reload
systemctl restart docker
下载一个nginx镜像
root@Docker-10.10.10.10[17:51:07]$ docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
683abbb4ea60: Pull complete
a470862432e2: Pull complete
977375e58a31: Pull complete
Digest: sha256:a65beb8c90a08b22a9ff6a219c2f363e16c477b6d610da28fe9cba37c2c3a2ac
Status: Downloaded newer image for nginx:latest
root@Docker-10.10.10.10[17:51:42]$
pull下载的镜像在本地存放的位置
root@Docker-10.10.10.10[18:02:44]$ pwd
/var/lib/docker
root@Docker-10.10.10.10[18:02:44]$
root@Docker-10.10.10.10[18:02:45]$ ll image/overlay2/
total 4
drwx------. 4 root root 58 Jul 8 17:51 distribution
drwx------. 4 root root 37 Jul 8 17:15 imagedb
drwx------. 4 root root 31 Jul 8 17:51 layerdb
-rw-------. 1 root root 271 Jul 8 17:51 repositories.json
root@Docker-10.10.10.10[18:02:48]$ ll image/overlay2/layerdb/
total 0
drwxr-xr-x. 5 root root 222 Jul 8 17:51 sha256
drwxr-xr-x. 2 root root 6 Jul 8 17:51 tmp
root@Docker-10.10.10.10[18:02:51]$ ll image/overlay2/layerdb/sha256/
total 0
drwx------. 2 root root 85 Jul 8 17:51 2e64c3f9dc3c0c5768f17267f86846b6fba97792bfd22b6e77a2bf93cd9ccef2
drwx------. 2 root root 85 Jul 8 17:51 4e235fb8cfa4355abbe18ebc45cf080c7f096cca340df84ec8b4dead162590cc
drwx------. 2 root root 71 Jul 8 17:51 9c46f426bcb704beffafc951290ee7fe05efddbc7406500e7d0a3785538b8735
root@Docker-10.10.10.10[18:02:53]$
root@Docker-10.10.10.10[18:02:53]$ tree image/overlay2/layerdb/sha256/
image/overlay2/layerdb/sha256/
├── 2e64c3f9dc3c0c5768f17267f86846b6fba97792bfd22b6e77a2bf93cd9ccef2
│ ├── cache-id
│ ├── diff
│ ├── parent
│ ├── size
│ └── tar-split.json.gz
├── 4e235fb8cfa4355abbe18ebc45cf080c7f096cca340df84ec8b4dead162590cc
│ ├── cache-id
│ ├── diff
│ ├── parent
│ ├── size
│ └── tar-split.json.gz
└── 9c46f426bcb704beffafc951290ee7fe05efddbc7406500e7d0a3785538b8735
├── cache-id
├── diff
├── size
└── tar-split.json.gz
3 directories, 14 files
root@Docker-10.10.10.10[18:02:58]$
查看已经下载好的镜像
root@Docker-10.10.10.10[17:57:13]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 3c5a05123222 41 hours ago 109MB
root@Docker-10.10.10.10[17:57:14]$
查看nginx镜像的构建历史
root@Docker-10.10.10.10[18:03:44]$ docker history nginx
IMAGE CREATED CREATED BY SIZE COMMENT
3c5a05123222 41 hours ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 41 hours ago /bin/sh -c #(nop) STOPSIGNAL [SIGTERM] 0B
<missing> 41 hours ago /bin/sh -c #(nop) EXPOSE 80/tcp 0B
<missing> 41 hours ago /bin/sh -c ln -sf /dev/stdout /var/log/nginx… 22B
<missing> 41 hours ago /bin/sh -c set -x && apt-get update && apt… 53.7MB
<missing> 41 hours ago /bin/sh -c #(nop) ENV NJS_VERSION=1.15.1.0.… 0B
<missing> 41 hours ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.15.1-… 0B
<missing> 41 hours ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 11 days ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 11 days ago /bin/sh -c #(nop) ADD file:28fbc9fd012eef727… 55.3MB
root@Docker-10.10.10.10[18:03:50]$
导入自己制作的镜像:
docker load -i /path/to/yourimage
删除镜像
root@Docker-10.10.10.10[18:26:23]$ docker rmi 49f7960eb7e4
Untagged: centos:latest
Untagged: centos@sha256:b67d21dfe609ddacf404589e04631d90a342921e81c40aeaf3391f6717fa5322
Deleted: sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5
Deleted: sha256:bcc97fbfc9e1a709f0eb78c1da59caeb65f43dc32cd5deeb12b8c1784e5b8237
root@Docker-10.10.10.10[18:26:34]$
启动并进入容器
root@Docker-10.10.10.10[19:16:43]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 3c5a05123222 42 hours ago 109MB
redis latest 71a81cb279e3 11 days ago 83.4MB
mysql latest 8d99edb9fd40 11 days ago 445MB
ubuntu latest 113a43faa138 4 weeks ago 81.2MB
centos latest 49f7960eb7e4 4 weeks ago 200MB
fedora latest cc510acfcd70 2 months ago 253MB
root@Docker-10.10.10.10[19:16:45]$
root@Docker-10.10.10.10[19:16:46]$ docker run -it --name 71centos -p 10.10.10.10::80 centos bash
[root@285590cea747 /]#
[root@285590cea747 /]#
也可以在容器名称后面指定版本号
docker run -it --rm --name 71centos centos:latest bash
也可以指定本地的IP地址,默认是0.0.0.0,即本地的所有ip地址都会映射过去
docker run -it -d -p 10.10.10.10:8080:80 3c5a05123222
也可以指定本地IP地址但不指定本地端口,即采用本地随机端口
docker run -it -d -p 10.10.10.10::80 3c5a05123222
-p 8080:80 # 本地的8080端口映射到容器的80端口
-P # 本地随机端口映射
--name <container name> # 指定容器名称,默认是随机生成的
--rm # 容器退出时候自动删除
nginx起来之后,本地会起来一个 8080端口:
root@Docker-10.10.10.10[18:28:42]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[18:32:59]$
访问本机的 8080 端口
[standby@cdn-m ~]# curl -I "http://10.10.10.10:8080"
HTTP/1.1 200 OK
Server: nginx/1.15.1
Date: Sun, 08 Jul 2018 10:38:00 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 03 Jul 2018 13:27:08 GMT
Connection: keep-alive
ETag: "5b3b79ac-264"
Accept-Ranges: bytes
[standby@cdn-m ~]#
root@Docker-10.10.10.10[18:36:33]$ docker run -i -t --name ngx_web --rm -p 8080:80 3c5a05123222 bash
root@48a55799b8a1:/#
root@48a55799b8a1:/#
root@48a55799b8a1:/# nginx
root@48a55799b8a1:/# 10.2.221.95 - - [08/Jul/2018:10:36:46 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; TheWorld 7)" "-"
2018/07/08 10:36:46 [error] 7#7: *3 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.2.221.95, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "10.10.10.10:8080"
10.2.221.95 - - [08/Jul/2018:10:36:46 +0000] "GET /favicon.ico HTTP/1.1" 404 169 "-" "-" "-"
root@48a55799b8a1:/#
查看当前运行的容器
root@Docker-10.10.10.10[18:39:47]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c7dae1d38ceb 3c5a05123222 "nginx -g 'daemon of…" 4 seconds ago Up 3 seconds 0.0.0.0:8080->80/tcp ngx_web
root@Docker-10.10.10.10[18:39:48]$
如果启动的时候不加 --rm 选项,那么容器退出时会遗留一些东西
root@Docker-10.10.10.10[18:41:02]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
28568ca1f8dd 3c5a05123222 "nginx -g 'daemon of…" 29 seconds ago Exited (0) 10 seconds ago ngx_web
root@Docker-10.10.10.10[18:41:03]$
删除遗留的容器
root@Docker-10.10.10.10[18:41:57]$ docker rm 28568ca1f8dd
28568ca1f8dd
root@Docker-10.10.10.10[18:42:10]$
root@Docker-10.10.10.10[18:42:11]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@Docker-10.10.10.10[18:42:12]$
启动容器并放到后台执行
root@Docker-10.10.10.10[18:41:56]$ docker run -i -t -d -p 8080:80 3c5a05123222
1c9e21d9ea762282aa7b45f589341ec275e1e9697bd248a5fb5fadf2c173cf73
root@Docker-10.10.10.10[18:43:53]$
root@Docker-10.10.10.10[18:44:20]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1c9e21d9ea76 3c5a05123222 "nginx -g 'daemon of…" 50 seconds ago Up 49 seconds 0.0.0.0:8080->80/tcp reverent_shirley
root@Docker-10.10.10.10[18:44:42]$
如果删除当前正在运行的容器会报错,需要加 -f 强制删除
root@Docker-10.10.10.10[18:47:34]$ docker rm 1c9e21d9ea76
Error response from daemon: You cannot remove a running container 1c9e21d9ea762282aa7b45f589341ec275e1e9697bd248a5fb5fadf2c173cf73. Stop the container before attempting removal or force remove
root@Docker-10.10.10.10[18:47:43]$
root@Docker-10.10.10.10[18:47:43]$ docker rm -f 1c9e21d9ea76
1c9e21d9ea76
root@Docker-10.10.10.10[18:47:55]$
root@Docker-10.10.10.10[18:47:55]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@Docker-10.10.10.10[18:47:57]$
-P 随机端口映射
root@Docker-10.10.10.10[18:52:49]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[18:52:51]$
root@Docker-10.10.10.10[18:52:54]$ docker run -it -d -P 3c5a05123222
270fcec68a5627d115847514fcd0978541ca6714442f8ed87e9954e435ae49b4
root@Docker-10.10.10.10[18:53:13]$
root@Docker-10.10.10.10[18:53:14]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::32768 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[18:53:15]$
查看指定容器的映射端口
root@Docker-10.10.10.10[18:54:15]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
270fcec68a56 3c5a05123222 "nginx -g 'daemon of…" About a minute ago Up About a minute 0.0.0.0:32768->80/tcp vibrant_curran
root@Docker-10.10.10.10[18:54:17]$
root@Docker-10.10.10.10[18:54:17]$ docker port 270fcec68a56
80/tcp -> 0.0.0.0:32768
root@Docker-10.10.10.10[18:54:24]$
再起一个nginx容器
root@Docker-10.10.10.10[18:55:31]$ docker run -it -d -P 3c5a05123222
1971939c23c0a3ce41bb054ed2cba0ed14b6167b57b086e5e7875fc274911bcf
root@Docker-10.10.10.10[18:55:36]$
root@Docker-10.10.10.10[18:55:43]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::32768 :::*
LISTEN 0 128 :::32769 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[18:55:44]$
root@Docker-10.10.10.10[18:56:27]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1971939c23c0 3c5a05123222 "nginx -g 'daemon of…" 53 seconds ago Up 53 seconds 0.0.0.0:32769->80/tcp inspiring_spence
270fcec68a56 3c5a05123222 "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 0.0.0.0:32768->80/tcp vibrant_curran
root@Docker-10.10.10.10[18:56:29]$
root@Docker-10.10.10.10[18:56:30]$ docker port 270fcec68a56
80/tcp -> 0.0.0.0:32768
root@Docker-10.10.10.10[18:56:31]$ docker port 1971939c23c0
80/tcp -> 0.0.0.0:32769
root@Docker-10.10.10.10[18:56:32]$
停止运行的容器
root@Docker-10.10.10.10[18:58:13]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1971939c23c0 3c5a05123222 "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 0.0.0.0:32769->80/tcp inspiring_spence
270fcec68a56 3c5a05123222 "nginx -g 'daemon of…" 5 minutes ago Up 5 minutes 0.0.0.0:32768->80/tcp vibrant_curran
root@Docker-10.10.10.10[18:58:17]$
root@Docker-10.10.10.10[18:58:17]$ docker stop 1971939c23c0
1971939c23c0
root@Docker-10.10.10.10[18:58:25]$ docker stop 270fcec68a56
270fcec68a56
root@Docker-10.10.10.10[18:58:30]$
root@Docker-10.10.10.10[18:58:31]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@Docker-10.10.10.10[18:58:33]$
随机端口映射和指定端口映射
root@Docker-10.10.10.10[19:03:16]$ docker run -it -d -P 3c5a05123222
ef6e76298aabdc75c375cd1f80ae2a8559cfe81e38050bab207b5ecbd6ac7e52
root@Docker-10.10.10.10[19:03:20]$
root@Docker-10.10.10.10[19:03:21]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::32770 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[19:03:26]$
root@Docker-10.10.10.10[19:03:51]$ docker run -it -d -p10.10.10.10:8080:80 3c5a05123222
abe37a96580fa7fcbaad7ffbdcea386fc31e9202805b12528d1881ba34ec50ca
root@Docker-10.10.10.10[19:03:58]$
root@Docker-10.10.10.10[19:03:59]$ docker run -it -d -p10.10.10.10::80 3c5a05123222
24bd45b8de8207ba224c7b0fa9df8e2de4730e23f90c509d18ac08bc259ec46e
root@Docker-10.10.10.10[19:04:04]$
root@Docker-10.10.10.10[19:04:05]$
root@Docker-10.10.10.10[19:04:05]$ ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 10.10.10.10:32768 *:*
LISTEN 0 128 10.10.10.10:8080 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::32770 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[19:04:08]$
注意::::32770 这个是ipv6地址,包含了ipv4
指定容器运行的协议(默认是tcp)
root@Docker-10.10.10.10[19:09:11]$ docker run -it -d -p10.10.10.10::80 -p 53:53/udp 3c5a05123222
5c49e862146801d45a29dc60e4dd0e835bf2bb3b73d51fe3d37e42b4ff78e8bb
root@Docker-10.10.10.10[19:09:25]$
root@Docker-10.10.10.10[19:09:26]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5c49e8621468 3c5a05123222 "nginx -g 'daemon of…" 2 seconds ago Up 1 second 0.0.0.0:53->53/udp, 10.10.10.10:32769->80/tcp vigorous_roentgen
root@Docker-10.10.10.10[19:09:27]$
root@Docker-10.10.10.10[19:09:32]$ ss -tunl
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 :::53 :::*
tcp LISTEN 0 128 10.10.10.10:32769 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 128 :::22 :::*
tcp LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[19:09:46]$
root@Docker-10.10.10.10[19:10:24]$ docker port 5c49e8621468
53/udp -> 0.0.0.0:53
80/tcp -> 10.10.10.10:32769
root@Docker-10.10.10.10[19:10:41]$
指定容器名称
root@Docker-10.10.10.10[19:12:33]$ docker run -it -d --name prism_web -p10.10.10.10:8080:80/tcp 3c5a05123222
fddf4f25ca2f495212ee9aba25ca178a105fa46b734287d9ea6180f722257e89
root@Docker-10.10.10.10[19:13:02]$
root@Docker-10.10.10.10[19:13:03]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fddf4f25ca2f 3c5a05123222 "nginx -g 'daemon of…" 3 seconds ago Up 2 seconds 10.10.10.10:8080->80/tcp prism_web
root@Docker-10.10.10.10[19:13:05]$
root@Docker-10.10.10.10[19:13:12]$ ss -tnlu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp LISTEN 0 128 10.10.10.10:8080 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 127.0.0.1:25 *:*
tcp LISTEN 0 128 :::22 :::*
tcp LISTEN 0 100 ::1:25 :::*
root@Docker-10.10.10.10[19:13:44]$
容器需要有一个前台运行的进程才能保持容器的运行,
通过传递运行参数是一种方式,
另外也可以在构建镜像的时候指定容器启动时运行的前台命令。
传递命令给指定容器
root@Docker-10.10.10.10[19:44:55]$ docker run -d centos:latest tail -f '/etc/hosts'
81686dce5dcd86e2e146b59d32bb24a10f312d8548a45d13bb56aae3d5e6bb74
root@Docker-10.10.10.10[19:45:05]$
root@Docker-10.10.10.10[19:45:06]$
root@Docker-10.10.10.10[19:45:06]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
81686dce5dcd centos:latest "tail -f /etc/hosts" 3 seconds ago Up 2 seconds relaxed_wiles
a76cf7e6677f ubuntu:latest "bash" 7 minutes ago Up 7 minutes 71ubuntu
4dd063982c8c centos:latest "bash" 19 minutes ago Up 19 minutes 71centos
root@Docker-10.10.10.10[19:45:08]$
运行并进入容器
root@Docker-10.10.10.10[19:25:04]$ docker run -it --rm --name 71centos centos:latest bash
[root@4dd063982c8c /]#
[root@4dd063982c8c /]# yum install net-tools vim -y
...
[root@4dd063982c8c /]#
查看容器的ip地址
[root@4dd063982c8c /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 2903 bytes 31034278 (29.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2788 bytes 198116 (193.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@4dd063982c8c /]#
查看宿主机的内核版本
root@Docker-10.10.10.10[19:38:59]$ uname -r
3.10.0-862.el7.x86_64
root@Docker-10.10.10.10[19:39:04]$
查看Ubuntu容器的内核版本
root@Docker-10.10.10.10[19:37:37]$ docker run -it --rm --name 71ubuntu ubuntu:latest bash
root@a76cf7e6677f:/#
root@a76cf7e6677f:/#
root@a76cf7e6677f:/# cat /etc/issue
Ubuntu 18.04 LTS \n \l
root@a76cf7e6677f:/# uname -r
3.10.0-862.el7.x86_64
root@a76cf7e6677f:/#
内核版本是一样的,所以容器使用的是宿主机的内核,容器本身没有内核。
所以镜像里面没有包含内核,只是包含了一些基础的环境。
所以容器是轻量级的虚拟化,这一点和虚拟机不同。
进入正在运行的容器
首先准备一个ubuntu容器:
root@Docker-10.10.10.10[19:54:15]$ docker run -it --rm --name 71ubuntu_v2 ubuntu:latest bash
root@514d35ddb15c:/#
root@514d35ddb15c:/# apt-get update
Get:1 http://security.ubuntu.com/ubuntu bionic-security InRelease [83.2 kB]
Get:2 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Get:3 http://security.ubuntu.com/ubuntu bionic-security/universe Sources [7096 B]
Get:4 http://security.ubuntu.com/ubuntu bionic-security/multiverse amd64 Packages [1075 B]
Get:5 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [41.2 kB]
Get:6 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [138 kB]
Get:7 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:8 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic/universe Sources [11.5 MB]
Get:10 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages [11.3 MB]
Get:11 http://archive.ubuntu.com/ubuntu bionic/restricted amd64 Packages [13.5 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic/multiverse amd64 Packages [186 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages [1344 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-updates/universe Sources [45.2 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [142 kB]
Get:16 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [220 kB]
Get:17 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 Packages [3679 B]
Get:18 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 Packages [2807 B]
Fetched 25.5 MB in 8s (3063 kB/s)
Reading package lists... Done
root@514d35ddb15c:/#
root@514d35ddb15c:/# apt-get install net-tools -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
net-tools
0 upgraded, 1 newly installed, 0 to remove and 10 not upgraded.
Need to get 194 kB of archives.
After this operation, 803 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic/main amd64 net-tools amd64 1.60+git20161116.90da8a0-1ubuntu1 [194 kB]
Fetched 194 kB in 2s (94.6 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package net-tools.
(Reading database ... 4035 files and directories currently installed.)
Preparing to unpack .../net-tools_1.60+git20161116.90da8a0-1ubuntu1_amd64.deb ...
Unpacking net-tools (1.60+git20161116.90da8a0-1ubuntu1) ...
Setting up net-tools (1.60+git20161116.90da8a0-1ubuntu1) ...
root@514d35ddb15c:/#
root@514d35ddb15c:/# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 3040 bytes 25894317 (25.8 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2174 bytes 150088 (150.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@514d35ddb15c:/#
方式一:在宿主机上通过 exec 进入
root@Docker-10.10.10.10[19:58:23]$ docker exec -it 71ubuntu_v2 bash
root@514d35ddb15c:/#
root@514d35ddb15c:/# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 3040 bytes 25894317 (25.8 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2174 bytes 150088 (150.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@514d35ddb15c:/# cat /etc/issue
Ubuntu 18.04 LTS \n \l
root@514d35ddb15c:/#
这种方式退出后,原来的容器不会退出,仍然运行。
方式二:可以通过nsenter命令进入容器,这个需要安装 util-linux
nsenter命令需要通过PID进入到容器内部,但是需要获取容器的PID
查看容器的详细信息,返回结果是 json 格式
root@Docker-10.10.10.10[20:00:36]$ docker inspect 4dd063982c8c
[
{
"Id": "4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29",
"Created": "2018-07-08T11:25:13.607131352Z",
"Path": "bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 9980,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-07-08T11:25:13.908952033Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5",
"ResolvConfPath": "/var/lib/docker/containers/4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29/hostname",
"HostsPath": "/var/lib/docker/containers/4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29/hosts",
"LogPath": "/var/lib/docker/containers/4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29/4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29-json.log",
"Name": "/71centos",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": [
"ace76fc731906e68266f26e40a9be2b39ab0d1695c9ea1d7c0552f7192c40295",
"956241ab2d7364b21bf1462974c79aa3408e53ca161a044e5ca4b12f38e52531"
],
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": true,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "shareable",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/8423e28dea92e1ffd403e6328fed6b4e9e4620a1d8a8bf06760ef3c8f5ed0e74-init/diff:/var/lib/docker/overlay2/1be6984d713b9261b91501d23bffb4c6173ace83294706a88d9847557214623e/diff",
"MergedDir": "/var/lib/docker/overlay2/8423e28dea92e1ffd403e6328fed6b4e9e4620a1d8a8bf06760ef3c8f5ed0e74/merged",
"UpperDir": "/var/lib/docker/overlay2/8423e28dea92e1ffd403e6328fed6b4e9e4620a1d8a8bf06760ef3c8f5ed0e74/diff",
"WorkDir": "/var/lib/docker/overlay2/8423e28dea92e1ffd403e6328fed6b4e9e4620a1d8a8bf06760ef3c8f5ed0e74/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "4dd063982c8c",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"bash"
],
"Image": "centos:latest",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.schema-version": "= 1.0 org.label-schema.name=CentOS Base Image org.label-schema.vendor=CentOS org.label-schema.license=GPLv2 org.label-schema.build-date=20180531"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "a87fd3407016c29aaba89085caea71d430bc96efcf8704691f0357104c5a21fd",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/a87fd3407016",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "5c2fe2eeef18b56a66d926fc17e12f6311d2763b22a094d73c03cccad1d117ce",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "28e9bded01807c6dff7b59663827a5eb29db982ad66774078e7c2c9f2fcc876e",
"EndpointID": "5c2fe2eeef18b56a66d926fc17e12f6311d2763b22a094d73c03cccad1d117ce",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
root@Docker-10.10.10.10[20:00:58]$
比如取出容器的IP地址
root@Docker-10.10.10.10[20:03:24]$ docker inspect -f "{{.NetworkSettings.IPAddress}}" 4dd063982c8c
172.17.0.2
root@Docker-10.10.10.10[20:03:31]$
取其他信息
root@Docker-10.10.10.10[20:05:19]$ docker inspect -f "{{.Id}}" 4dd063982c8c
4dd063982c8c77ef4d1f310ad3bbc58485d8ef60188ae547dd43d76bbcdeea29
root@Docker-10.10.10.10[20:05:20]$ docker inspect -f "{{.Created}}" 4dd063982c8c
2018-07-08T11:25:13.607131352Z
root@Docker-10.10.10.10[20:05:23]$ docker inspect -f "{{.State.Running}}" 4dd063982c8c
true
root@Docker-10.10.10.10[20:05:25]$
获取容器的PID
root@Docker-10.10.10.10[20:06:00]$ docker inspect -f "{{.State.Pid}}" 4dd063982c8c
9980
root@Docker-10.10.10.10[20:06:06]$
通过nsenter命令进入运行中的容器,需要执行二进制命令的全路径
root@Docker-10.10.10.10[20:24:27]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
514d35ddb15c ubuntu:latest "bash" 30 minutes ago Up 30 minutes 71ubuntu_v2
4dd063982c8c centos:latest "bash" About an hour ago Up About an hour 71centos
root@Docker-10.10.10.10[20:24:29]$
root@Docker-10.10.10.10[20:24:35]$
root@Docker-10.10.10.10[20:24:35]$ docker inspect -f "{{.State.Pid}}" 71ubuntu_v2
12115
root@Docker-10.10.10.10[20:24:38]$
root@Docker-10.10.10.10[20:24:39]$ nsenter -t 12115 -m -u -i -n -p
mesg: ttyname failed: No such device
root@514d35ddb15c:/#
root@514d35ddb15c:/# ifconfig eth0
-bash: ifconfig: command not found
root@514d35ddb15c:/# cat /etc/issue
-bash: cat: command not found
root@514d35ddb15c:/#
root@514d35ddb15c:/# /sbin/ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.3 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:03 txqueuelen 0 (Ethernet)
RX packets 3040 bytes 25894317 (25.8 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2174 bytes 150088 (150.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@514d35ddb15c:/# /bin/cat /etc/issue
Ubuntu 18.04 LTS \n \l
root@514d35ddb15c:/#
root@514d35ddb15c:/# exit
logout
root@Docker-10.10.10.10[20:25:05]$
批量关闭正在运行的容器
root@Docker-10.10.10.10[20:34:12]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
514d35ddb15c ubuntu:latest "bash" 39 minutes ago Up 39 minutes 71ubuntu_v2
4dd063982c8c centos:latest "bash" About an hour ago Up About an hour 71centos
root@Docker-10.10.10.10[20:34:17]$
root@Docker-10.10.10.10[20:34:17]$
root@Docker-10.10.10.10[20:34:17]$ docker ps -q
514d35ddb15c
4dd063982c8c
root@Docker-10.10.10.10[20:34:21]$
root@Docker-10.10.10.10[20:34:21]$ docker ps -q -a
514d35ddb15c
81686dce5dcd
ce87335fc15e
4dd063982c8c
root@Docker-10.10.10.10[20:34:25]$
root@Docker-10.10.10.10[20:34:26]$ docker stop `docker ps -q`
Killed
root@Docker-10.10.10.10[20:34:50]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@Docker-10.10.10.10[20:35:07]$
也可以强制关掉
docker kill $(docker ps -a -q)
批量删除所有容器
root@Docker-10.10.10.10[20:36:45]$ docker ps -q -a
81686dce5dcd
ce87335fc15e
root@Docker-10.10.10.10[20:36:49]$
root@Docker-10.10.10.10[20:36:49]$ docker rm `docker ps -q -a`
81686dce5dcd
ce87335fc15e
root@Docker-10.10.10.10[20:37:02]$
root@Docker-10.10.10.10[20:40:37]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
root@Docker-10.10.10.10[20:40:38]$
root@Docker-10.10.10.10[20:40:38]$ docker run -it -d --rm --name web01 -p 10.10.10.10:8080:80/tcp nginx
52b80f312231dd5a2a74e2812ee4a5a9f6470f5474cf5dc4d851774e60bfff0c
root@Docker-10.10.10.10[20:40:42]$
root@Docker-10.10.10.10[20:40:42]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
52b80f312231 nginx "nginx -g 'daemon of…" 2 seconds ago Up 1 second 10.10.10.10:8080->80/tcp web01
root@Docker-10.10.10.10[20:40:43]$
root@Docker-10.10.10.10[20:41:47]$ docker exec -it web01 bash
root@52b80f312231:/#
root@52b80f312231:/#
root@52b80f312231:/# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@52b80f312231:/#
root@52b80f312231:/# nginx -s reload
2018/07/08 12:42:14 [notice] 11#11: signal process started
root@52b80f312231:/#
root@52b80f312231:/#
容器使用的DNS
- 不指定就默认使用宿主机的DNS
root@Docker-10.10.10.10[21:10:17]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 114.114.114.114
root@Docker-10.10.10.10[21:10:20]$
root@Docker-10.10.10.10[21:10:21]$ docker run -it --rm 0a2bad7da9b5 bash
[root@4a598a5da66a /]#
[root@4a598a5da66a /]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 114.114.114.114
[root@4a598a5da66a /]#
[root@4a598a5da66a /]# exit
exit
root@Docker-10.10.10.10[21:10:39]$
- 指定容器的DNS
root@Docker-10.10.10.10[21:16:48]$ dig www.qq.com
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> www.qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53953
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.qq.com. IN A
;; ANSWER SECTION:
www.qq.com. 229 IN CNAME https.qq.com.
https.qq.com. 183 IN A 125.39.52.26
;; Query time: 11 msec
;; SERVER: 114.114.114.114#53(114.114.114.114)
;; WHEN: Sun Jul 08 21:16:51 CST 2018
;; MSG SIZE rcvd: 75
root@Docker-10.10.10.10[21:16:51]$
root@Docker-10.10.10.10[21:11:39]$ docker run -it --rm --dns 223.5.5.5 0a2bad7da9b5 bash
[root@33185c06b356 /]#
[root@33185c06b356 /]# cat /etc/resolv.conf
nameserver 223.5.5.5
[root@33185c06b356 /]#
[root@33185c06b356 /]# dig wwww.qq.com
bash: dig: command not found
[root@33185c06b356 /]#
[root@33185c06b356 /]# yum install bind-utils -y -q
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
warning: /var/cache/yum/x86_64/7/base/packages/bind-license-9.9.4-61.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for bind-license-9.9.4-61.el7.noarch.rpm is not installed
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@CentOS)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[root@33185c06b356 /]#
[root@33185c06b356 /]# dig wwww.qq.com
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> wwww.qq.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20405
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;wwww.qq.com. IN A
;; Query time: 90 msec
;; SERVER: 223.5.5.5#53(223.5.5.5)
;; WHEN: Sun Jul 08 13:15:52 UTC 2018
;; MSG SIZE rcvd: 29
[root@33185c06b356 /]#
[root@33185c06b356 /]#
[root@33185c06b356 /]# exit
exit
root@Docker-10.10.10.10[21:16:11]$
------