Docker简介
- 官网 www.docker.com
- github https://github.com/docker/docker.github.io
- 开源的容器引擎,可以让开发者打包应用以及依赖的库,然后发布到任何流行的linux发行版上,移植很方便
- 由go语言编写,基于apache2.0协议发布
- 基于linux kernel,要想在win下运行需要借助一个vm(虚拟机)来实现
- 自2013年开始,近些年发展迅猛
- docker从1.13x开始,版本分为社区版ce和企业版ee,并且基于年月的时间线形式,当前最新稳定版为17.09 参考http://blog.csdn.net/chenhaifeng2016/article/details/68062414
安装Docker
下载repo的源:
[root@zhangfei ~]# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker.repo
[root@zhangfei ~]# yum install -y docker-ce
启动:
[root@zhangfei ~]# systemctl start docker
[root@zhangfei ~]# ps aux |grep docker
root 2989 0.3 4.9 494080 24340 ? Ssl 23:04 0:00 /usr/bin/dockerd
root 2992 0.0 1.2 265088 6172 ? Ssl 23:04 0:00 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --state-dir /var/run/docker/libcontainerd/containerd --shim docker-containerd-shim --runtime docker-runc
root 3127 0.0 0.1 112648 964 pts/0 R+ 23:05 0:00 grep --color=auto docker
[root@zhangfei ~]# iptables -nvL
Chain INPUT (policy ACCEPT 1051 packets, 372K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DOCKER-ISOLATION all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1025 packets, 372K bytes)
pkts bytes target prot opt in out source destination
Chain DOCKER (1 references)
pkts bytes target prot opt in out source destination
Chain DOCKER-ISOLATION (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DOCKER-USER (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
docker会生成很多规则,开启服务会自动生成
镜像管理
拉取centos镜像:
[root@zhangfei ~]# docker pull centos
若速度慢,可复制ssh通道然后添加加速器:
[root@zhangfei ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://dhq9bx4f.mirror.aliyuncs.com";]
}
查看有哪些镜像:
[root@zhangfei ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest d123f4e55e12 11 days ago 197MB
搜索镜像:
[root@zhangfei ~]# docker search jumpserver
记得重启:
[root@zhangfei ~]# systemctl restart docker
给镜像打标签(打完标签会生成另外一个镜像):
[root@zhangfei ~]# docker tag centos aminglinux_centos
[root@zhangfei ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
aminglinux_centos latest d123f4e55e12 11 days ago 197MB
centos latest d123f4e55e12 11 days ago 197MB
标识镜像:
[root@zhangfei ~]# docker tag centos test111:171104
[root@zhangfei ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest d123f4e55e12 11 days ago 197MB
test111 171104 d123f4e55e12 11 days ago 197MB
aminglinux_centos latest d123f4e55e12 11 days ago 197MB
把镜像启动为容器:
[root@zhangfei ~]# docker run -itd centos
73442367c1f5db80bad740ce623bc8c9316295ea75a32904a9c649200980f740
查看启动状态的容器:
[root@zhangfei ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
73442367c1f5 centos "/bin/bash" 6 seconds ago Up 5 seconds heuristic_brattain
查看全部容器(包括停止状态的):
[root@zhangfei ~]# docker ps -a
-i表示让容器的标准输入打开
-t表示分配一个伪终端
-d表示后台启动
要把-i -t -d 放到镜像名字前面
删除镜像:
[root@zhangfei ~]# docker rmi test111
Error: No such image: test111
报错是因为默认会找latest的tag
[root@zhangfei ~]# docker rmi test111:171104
Untagged: test111:171104