1. dokcer 命令
搜索镜像
[root@master11 ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 6014 [OK]
下载镜像
[root@master11 ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
8a29a15cefae: Pull complete
Digest: sha256:fe8d824220415eed5477b63addf40fb06c3b049404242b31982106ac204f6700
Status: Downloaded newer image for centos:latest
[root@master11 ~]# dokcer image ls
-bash: dokcer: command not found
[root@master11 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nextcloud latest ca728001dde3 12 days ago 726MB
centos latest 470671670cac 4 months ago 237MB
导出镜像
[root@master11 ~]# docker save centos:latest -o /opt/centos:latest.tar.gz
[root@master11 ~]# ls /opt/centos\:latest.tar.gz
/opt/centos:latest.tar.gz
[root@master11 ~]# scp -P 2222 /opt/centos\:latest.tar.gz root@172.16.62.12:/opt/
导入镜像
[root@mster12 opt]# docker load < /opt/centos:latest.tar.gz
0683de282177: Loading layer [==================================================>] 244.9MB/244.9MB
Loaded image: centos:latest
[root@mster12 opt]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 470671670cac 4 months ago 237MB
启动镜像
[root@mster12 opt]# docker run -it centos
[root@1e3ca461d166 /]#
删除容器
[root@mster12 bin]# docker kill 1e3ca461d166
1e3ca461d166
[root@mster12 bin]# docker rm 1e3ca461d166
1e3ca461d166
删除镜像
[root@mster12 bin]# docker rmi 470671670cac
Untagged: centos:latest
Deleted: sha256:470671670cac686c7cf0081e0b37da2e9f4f768ddc5f6a26102ccd1c6954c1ee
Deleted: sha256:0683de2821778aa9546bf3d3e6944df779daba1582631b7ea3517bb36f9e4007
[root@mster12 bin]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
vmware/redis-photon v1.5.3 dfa8231f015a 20 months ago 214MB
获取运行参数帮助
[root@mster12 bin]# docker deamon --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
命令总结
# docker load -i centos-latest.tar.xz #导入本地镜像
# docker save > /opt/centos.tar #centos #导出镜像
# docker rmi 镜像 ID/镜像名称 #删除指定 ID 的镜像,通过镜像启动容器的时 候镜像不能被删除,除非将容器全部关闭
# docker rm 容器 ID/容器名称 #删除容器 # docker rm 容器 ID/容器名-f #强制删除正在运行的容器
2 docker基础
1.从镜像启动一个容器
[root@node13 data]# docker run -it centos:latest
Unable to find image 'centos:latest' locally
latest: Pulling from library/centos
8a29a15cefae: Pull complete
Digest: sha256:fe8d824220415eed5477b63addf40fb06c3b049404242b31982106ac204f6700
Status: Downloaded newer image for centos:latest
[root@3a39bf5c50d1 /]#
//查看
[root@node13 data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a39bf5c50d1 centos:latest "/bin/bash" 25 seconds ago Up 24 seconds pensive_archimedes
2.显示正在运行的容器
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a39bf5c50d1 centos:latest "/bin/bash" About a minute ago Up About a minute pensive_archimedes
84fee6c7172f vmware/harbor-jobservice:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days harbor-jobservice
fc336db84ed5 vmware/harbor-ui:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-ui
9bd49d773a55 vmware/harbor-db:v1.5.3 "/usr/local/bin/dock…" 7 days ago Up 7 days (healthy) 3306/tcp harbor-db
2a4938594b14 vmware/registry-photon:v2.6.2-v1.5.3 "/entrypoint.sh serv…" 7 days ago Up 7 days (healthy) 5000/tcp registry
843614f02328 vmware/harbor-adminserver:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-adminserver
ac863e4e9940 vmware/redis-photon:v1.5.3 "docker-entrypoint.s…" 7 days ago Up 7 days 6379/tcp redis
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
3.显示所有容器:
包括当前正在运行以及已经关闭的所有容器
[root@node13 data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a39bf5c50d1 centos:latest "/bin/bash" 2 minutes ago Up 2 minutes pensive_archimedes
7433f35c531c busybox:latest "sh" 5 minutes ago Exited (127) 3 minutes ago practical_buck
84fee6c7172f vmware/harbor-jobservice:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days harbor-jobservice
d2a846442dc0 vmware/nginx-photon:v1.5.3 "nginx -g 'daemon of…" 7 days ago Exited (137) 6 days ago nginx
fc336db84ed5 vmware/harbor-ui:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-ui
9bd49d773a55 vmware/harbor-db:v1.5.3 "/usr/local/bin/dock…" 7 days ago Up 7 days (healthy) 3306/tcp harbor-db
2a4938594b14 vmware/registry-photon:v2.6.2-v1.5.3 "/entrypoint.sh serv…" 7 days ago Up 7 days (healthy) 5000/tcp registry
843614f02328 vmware/harbor-adminserver:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-adminserver
ac863e4e9940 vmware/redis-photon:v1.5.3 "docker-entrypoint.s…" 7 days ago Up 7 days 6379/tcp redis
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
a6da2761e195 69d3d58fedcf "/bin/sh -c 'cd /usr…" 7 days ago Exited (1) 7 days ago quizzical_brattain
1c45eadf3686 redis:4-alpine "docker-entrypoint.s…" 8 days ago Exited (0) 8 days ago kvstor1
4.删除运行中的容器:
即使容正在运行当中,也会被强制删除掉
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3a39bf5c50d1 centos:latest "/bin/bash" 3 minutes ago Up 3 minutes pensive_archimedes
84fee6c7172f vmware/harbor-jobservice:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days harbor-jobservice
fc336db84ed5 vmware/harbor-ui:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-ui
9bd49d773a55 vmware/harbor-db:v1.5.3 "/usr/local/bin/dock…" 7 days ago Up 7 days (healthy) 3306/tcp harbor-db
2a4938594b14 vmware/registry-photon:v2.6.2-v1.5.3 "/entrypoint.sh serv…" 7 days ago Up 7 days (healthy) 5000/tcp registry
843614f02328 vmware/harbor-adminserver:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-adminserver
ac863e4e9940 vmware/redis-photon:v1.5.3 "docker-entrypoint.s…" 7 days ago Up 7 days 6379/tcp redis
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
//-f 强制删除
[root@node13 data]# docker rm -f 3a39bf5c50d1
3a39bf5c50d1
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
84fee6c7172f vmware/harbor-jobservice:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days harbor-jobservice
fc336db84ed5 vmware/harbor-ui:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-ui
9bd49d773a55 vmware/harbor-db:v1.5.3 "/usr/local/bin/dock…" 7 days ago Up 7 days (healthy) 3306/tcp harbor-db
2a4938594b14 vmware/registry-photon:v2.6.2-v1.5.3 "/entrypoint.sh serv…" 7 days ago Up 7 days (healthy) 5000/tcp registry
843614f02328 vmware/harbor-adminserver:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-adminserver
ac863e4e9940 vmware/redis-photon:v1.5.3 "docker-entrypoint.s…" 7 days ago Up 7 days 6379/tcp redis
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@node13 data]#
批量删除镜像为
docker rmi $(docker image ls | grep "none" | awk '{print $3}')
随机映射端
[root@node13 data]# docker pull nginx:latest
latest: Pulling from library/nginx
afb6ec6fdc1c: Pull complete
b90c53a0b692: Pull complete
11fa52a0fdc0: Pull complete
Digest: sha256:6fff55753e3b34e36e24e37039ee9eae1fe38a6420d8ae16ef37c92d1eb26699
Status: Downloaded newer image for nginx:latest
[root@node13 data]# docker run -p docker.io/nginx
"docker run" requires at least 1 argument.
See 'docker run --help'.
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
[root@node13 data]# docker run -P docker.io/nginx
172.16.62.10 - - [31/May/2020:23:23:36 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-"
2020/05/31 23:23:37 [error] 6#6: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 172.16.62.10, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "172.16.62.13:32768"
172.16.62.10 - - [31/May/2020:23:23:37 +0000] "GET /favicon.ico HTTP/1.1" 404 154 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-"
#查看端口
[root@node13 data]# ss -ntl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 *:*
LISTEN 0 128 *:2222 *:*
LISTEN 0 128 :::2222 :::*
LISTEN 0 128 :::32768 :::*
[root@node13 data]# lsof -i:32768
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr 19151 root 4u IPv6 40958098 0t0 TCP *:filenet-tms (LISTEN)
[root@node13 data]#
- 访问测试
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-zgtYrMGH-1594571437015)(0A85813671A940C6AC90F576810C8A51)]
#随机端口映射,其实是默认从 32768 开始
指定端口映射:
- 方式 1:本地端口 81 映射到容器 80 端口:
docker run -p81:80 --name Nginx_test nginx:latest
- 方式2 本地 IP:本地端口:容器端口
[root@node13 data]# docker run -d -p 172.16.62.13:82:80 --name Nginx_test_port2 nginx:latest
b257c4ae4e224780ad6aaf03e9bb90742e5172b72cfcce1862286be4f9be0ba9
[root@node13 data]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 *:*
LISTEN 0 128 *:2222 *:*
LISTEN 0 128 172.16.62.13:82 *:*
LISTEN 0 128 :::2222 :::*
[root@node13 data]#
- 方式 3:本地 IP:本地随机端口:容器端口
[root@node13 data]# docker run -d -p 172.16.62.13::80 --name Nginx_test_port3 nginx:latest
198524e0fef7fd4a5e8054e2ad8ca872c4175b5b517b14ea0329488f8003f25c
[root@node13 data]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 *:*
LISTEN 0 128 *:2222 *:*
LISTEN 0 128 172.16.62.13:82 *:*
LISTEN 0 128 172.16.62.13:32768 *:*
LISTEN 0 128 :::2222 :::*
[root@node13 data]#
- 方式 4:本机 ip:本地端口:容器端口/协议,默认为 tcp 协议
[root@node13 data]# docker run -d -p 172.16.62.13:83:80/udp --name Nginx_test_port4 nginx:latest
85f54d81bbfffce607a02c5232808e68b297126d91215fea7c0370e9ecc4cadb
[root@node13 data]# ss -tunl
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 172.16.62.13:83 *:*
udp UNCONN 0 0 127.0.0.1:323 *:*
udp UNCONN 0 0 ::1:323 :::*
tcp LISTEN 0 128 127.0.0.1:1514 *:*
tcp LISTEN 0 128 *:2222 *:*
tcp LISTEN 0 128 172.16.62.13:82 *:*
tcp LISTEN 0 128 172.16.62.13:32768 *:*
tcp LISTEN 0 128 :::2222 :::*
[root@node13 data]#
- 方式 5:一次性映射多个端口+协议
[root@node13 data]# docker run -d -p 85:80/tcp -p 443:443/tcp -p 53:53/udp --name Nginx_test_port5 nginx:latest
12b70fbe8e2085c451267ef6b671ab31649d3d9d71a6ca97862633480f5bc3d6
[root@node13 data]# ss -tunl
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 172.16.62.13:83 *:*
udp UNCONN 0 0 127.0.0.1:323 *:*
udp UNCONN 0 0 :::53 :::*
udp UNCONN 0 0 ::1:323 :::*
tcp LISTEN 0 128 127.0.0.1:1514 *:*
tcp LISTEN 0 128 *:2222 *:*
tcp LISTEN 0 128 172.16.62.13:82 *:*
tcp LISTEN 0 128 172.16.62.13:32768 *:*
tcp LISTEN 0 128 :::2222 :::*
tcp LISTEN 0 128 :::85 :::*
tcp LISTEN 0 128 :::443 :::*
[root@node13 data]#
-查看运行的容器和映射端口
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
12b70fbe8e20 nginx:latest "nginx -g 'daemon of…" 41 seconds ago Up 40 seconds 0.0.0.0:53->53/udp, 0.0.0.0:443->443/tcp, 0.0.0.0:85->80/tcp Nginx_test_port5
85f54d81bbff nginx:latest "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp, 172.16.62.13:83->80/udp Nginx_test_port4
198524e0fef7 nginx:latest "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 172.16.62.13:32768->80/tcp Nginx_test_port3
b257c4ae4e22 nginx:latest "nginx -g 'daemon of…" 5 minutes ago Up 5 minutes 172.16.62.13:82->80/tcp Nginx_test_port2
84fee6c7172f vmware/harbor-jobservice:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days harbor-jobservice
fc336db84ed5 vmware/harbor-ui:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-ui
9bd49d773a55 vmware/harbor-db:v1.5.3 "/usr/local/bin/dock…" 7 days ago Up 7 days (healthy) 3306/tcp harbor-db
2a4938594b14 vmware/registry-photon:v2.6.2-v1.5.3 "/entrypoint.sh serv…" 7 days ago Up 7 days (healthy) 5000/tcp registry
843614f02328 vmware/harbor-adminserver:v1.5.3 "/harbor/start.sh" 7 days ago Up 7 days (healthy) harbor-adminserver
ac863e4e9940 vmware/redis-photon:v1.5.3 "docker-entrypoint.s…" 7 days ago Up 7 days 6379/tcp redis
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@node13 data]#
#查看nginx容器访问日志
[root@node13 data]# docker logs Nginx_test_port3
172.16.62.10 - - [31/May/2020:23:40:44 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-"
// -f 持续查看
[root@node13 data]# docker logs -f Nginx_test_port3
172.16.62.10 - - [31/May/2020:23:40:44 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-"
172.16.62.10 - - [31/May/2020:23:40:45 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" "-"
查看容器已经映射的端口
[root@node13 data]# docker port Nginx_test_port5
443/tcp -> 0.0.0.0:443
53/udp -> 0.0.0.0:53
80/tcp -> 0.0.0.0:85
[root@node13 data]#
[root@node13 data]#
[root@node13 data]#
[root@node13 data]#
自定义容器名称
[root@node13 data]# docker run -it --name nginx_test1 nginx:latest
后台启动容器
root@node13 data]# docker run -d -P --name nginx_test1 nginx:latest
973d04ee0d9934205ec8532577653746690f763cb94d254d24d6037fff2eac54
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
973d04ee0d99 nginx:latest "nginx -g 'daemon of…" 7 seconds ago Up 6 seconds 0.0.0.0:32769->80/tcp
创建并进入容器
root@node13 data]# docker run -it --name t_centos centos:latest
[root@5f199d4ef86b /]# ifconfig
bash: ifconfig: command not found
[root@5f199d4ef86b /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
134: eth0@if135: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:07 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.7/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@5f199d4ef86b /]# ping 172.17.0.1
PING 172.17.0.1 (172.17.0.1) 56(84) bytes of data.
64 bytes from 172.17.0.1: icmp_seq=1 ttl=64 time=0.200 ms
^C
--- 172.17.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.200/0.200/0.200/0.000 ms
[root@5f199d4ef86b /]# ping 172.17.0.2
PING 172.17.0.2 (172.17.0.2) 56(84) bytes of data.
64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.184 ms
^C
--- 172.17.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.184/0.184/0.184/0.000 ms
[root@5f199d4ef86b /]#
单次运行:
- 容器退出后自动删除 --rm 参数
[root@node13 data]# docker run -it --rm --name t_centos_delete centos:latest
[root@59d0109b2fe6 /]# ifconfig
bash: ifconfig: command not found
[root@59d0109b2fe6 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
136: eth0@if137: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:07 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.7/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
[root@59d0109b2fe6 /]#
传递运行命令:
- 容器需要有一个前台运行的进程才能保持容器的运行,通过传递运行参数是一种方式,另外也可以在构建镜像的时候指定容器启动时运行的前台命令
root@node13 data]# docker run -d -it centos /usr/bin/tail -f '/etc/hosts'
55b2836d4d6fffe2b9f089ccdc363182accc539a812ed3bb5e54f39742bf0cfd
[root@node13 data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
55b2836d4d6f centos "/usr/bin/tail -f /e…" 13 seconds ago Up 12 seconds
容器的启动和关闭
[root@node13 data]# docker stop 55b2836d4d6f
55b2836d4d6f
[root@node13 data]#
[root@node13 data]#
[root@node13 data]# docker start 55b2836d4d6f
55b2836d4d6f
[root@node13 data]#
进入到正在运行的容器:
1.使用 attach 命令
- 使用方式为 docker attach 容器名,attach 类似于 vnc,操作会在各个容器界面
显示,所有使用此方式进入容器的操作都是同步显示的且 exit 后容器将被关
闭,且使用 exit 退出后容器关闭,不推荐使用,需要进入到有 shell 环境的容
器,比如 centos 为例
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-Gs1x059W-1594571437016)(BDE55F18271E4CC1A699DC11B91FA0C6)]
2.使用 exec 命令
[root@node13 ~]# docker exec -it harbor-log /bin/bash
root [ / ]# exit
exit
[root@node13 ~]# docker ps | grep harbor-log
2bcdbbf08cfa vmware/harbor-log:v1.5.3 "/bin/sh -c /usr/loc…" 7 days ago Up 7 days (healthy) 127.0.0.1:1514->10514/tcp harbor-log
3.使用 nsenter 命令
[root@node13 ~]# docker inspect -f "{{.NetworkSettings.IPAddress}}" 973d04ee0d99
172.17.0.6
[root@node13 ~]#
[root@node13 ~]#
4.脚本方式进入容器
[root@node13 tmp]# ./dokcer-in.sh 973d04ee0d99
mesg: ttyname failed: No such device
root@973d04ee0d99:/# hostname
973d04ee0d99
root@973d04ee0d99:/# exit
logout
[root@node13 tmp]# more dokcer-in.sh
#!/bin/bash
docker_in(){
NAME_ID=$1
PID=$(docker inspect -f "{{.State.Pid}}" ${NAME_ID})
nsenter -t ${PID} -m -u -i -n -p
}
docker_in $1
[root@node13 tmp]#
查看容器内部的 hosts 文件
[root@node13 tmp]# docker run -it --name t_centos3 centos:latest /bin/bash
[root@51e67fe2d37a /]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.7 51e67fe2d37a
[root@51e67fe2d37a /]# ifconfig
bash: ifconfig: command not found
[root@51e67fe2d37a /]# hostname
51e67fe2d37a
[root@51e67fe2d37a /]#
//默认会将实例的ID添加到自己的hosts文件
批量关闭正在运行的容器
root@node13 tmp]# docker stop $(docker ps -a -q)
51e67fe2d37a
78666ee1555e
625858d579f5
5f199d4ef86b
973d04ee0d99
12b70fbe8e20
85f54d81bbff
198524e0fef7
b257c4ae4e22
69688118dadb
e10d0b0b4155
7433f35c531c
84fee6c7172f
d2a846442dc0
fc336db84ed5
9bd49d773a55
2a4938594b14
843614f02328
ac863e4e9940
2bcdbbf08cfa
a6da2761e195
1c45eadf3686
[root@node13 tmp]#
批量强制关闭正在运行的容器:
[root@node13 tmp]# docker kill $(docker ps -a -q)
51e67fe2d37a
78666ee1555e
625858d579f5
5f199d4ef86b
973d04ee0d99
12b70fbe8e20
85f54d81bbff
198524e0fef7
b257c4ae4e22
69688118dadb
e10d0b0b4155
7433f35c531c
2bcdbbf08cfa
1c45eadf3686
Error response from daemon: Cannot kill container: 84fee6c7172f: Container 84fee6c7172f7862ad917d8f29d00f7ca3a4801abcc3c44546c99fb41437ae9d is not running
Error response from daemon: Cannot kill container: d2a846442dc0: Container d2a846442dc06ce0b2d3fd0194c09a918b749ca290019bea1af750dafeec0646 is not running
Error response from daemon: Cannot kill container: fc336db84ed5: Container fc336db84ed5b7f87c83ed7afdb55ec9d877cc1a860c148c4dc477abdeed9397 is not running
Error response from daemon: Cannot kill container: 9bd49d773a55: Container 9bd49d773a5568c218f0714972980697dc4bc56f073eac8571cadc5526b63f26 is not running
Error response from daemon: Cannot kill container: 2a4938594b14: Container 2a4938594b1492581172e26f08d1cf812386107e4822fd2a21e98c553df2d9e5 is not running
Error response from daemon: Cannot kill container: 843614f02328: Container 843614f023286bff96c14735173ed8954b946a97e51009b8a080fc5afbd14823 is not running
Error response from daemon: Cannot kill container: ac863e4e9940: Container ac863e4e9940c72f08ebe7f7c427a5c290b3a196b6f96521bb17836203a81319 is not running
Error response from daemon: Cannot kill container: a6da2761e195: Container a6da2761e19548300b1455f7d3484ae1700e2cba3bad898ef1de7823f8995adf is not running
[root@node13 tmp]#
批量删除已退出容器
[root@node13 tmp]# docker rm -f docker ps -aq -f status=exited
51e67fe2d37a
78666ee1555e
625858d579f5
5f199d4ef86b
973d04ee0d99
12b70fbe8e20
85f54d81bbff
198524e0fef7
b257c4ae4e22
69688118dadb
e10d0b0b4155
7433f35c531c
84fee6c7172f
d2a846442dc0
fc336db84ed5
9bd49d773a55
2a4938594b14
843614f02328
ac863e4e9940
2bcdbbf08cfa
a6da2761e195
1c45eadf3686
批量删除所有容器:
[root@node13 tmp]# docker rm -f $(docker ps -a q)
指定容器 DNS:
- Dns 服务,默认采用宿主机的 dns 地址
- 一是将 dns 地址配置在宿主机
- 二是将参数配置在 docker 启动脚本里面 –dns=223.5.5.5
[root@node13 tmp]# docker run -it --rm --dns 223.5.5.5 centos bash
[root@1e5ae7af7630 /]# cat /etc/resolv.conf
nameserver 223.5.5.5
[root@1e5ae7af7630 /]#
3.制作JAVA镜像
step 1制作centos-base镜像
1.Dockerfile
[root@node14 centos]# more Dockerfile
## Base centos 7.8.2003
FROM centos:7.8.2003
MAINTAINER jack liu<11096843@qq.com>
RUN yum install epel-release -y && yum install vim iotop bc gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel zip unzip zlib-devel net-tools lrzsz tree ntpdate telnet
lsof tcpdump wget libevent libevent-devel bc systemd-devel bash-completion traceroute -y && useradd nginx -u 2019 && useradd tomcat -u 2020 && rm -rf /etc/localtime && ln -sv /usr/share/z
oneinfo/Asia/Shanghai /etc/localtime
[root@node14 centos]#
build image
Dependency Updated:
systemd.x86_64 0:219-73.el7_8.6 systemd-libs.x86_64 0:219-73.el7_8.6
Complete!
'/etc/localtime' -> '/usr/share/zoneinfo/Asia/Shanghai'
Removing intermediate container 0e4c0439d6e1
---> 7428d467a6dc
Successfully built 7428d467a6dc
Successfully tagged centos-base:7.8.2003
[root@node14 centos]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-base 7.8.2003 7428d467a6dc 18 seconds ago 487MB
Step 2 制作jdk-base镜像
Dockerfile
[root@node14 jdk]# more Dockerfile
# base jdk
FROM centos-base:7.8.2003
MAINTAINER jack liu<jack_liu@qq.com>
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
测试JDK镜像正常
[root@245544e6d888 bin]# java -version
java version "1.8.0_212"
Java(TM) SE Runtime Environment (build 1.8.0_212-b10)
Java HotSpot(TM) 64-Bit Server VM (build 25.212-b10, mixed mode)
[root@245544e6d888 bin]# date
Sun Jun 7 12:51:27 CST 2020
[root@245544e6d888 bin]#
step3 制作tomcat-base镜像
Dockerfile
[root@node14 tomcat-base]# more Dockerfile
#tomcat base:8.5.212
FROM jdk-base:1.8.0.212
MAINTAINER jack liu<jack_liu@qq.com>
ADD apache-tomcat-8.5.39.tar.gz /apps
RUN ln -sv /apps/apache-tomcat-8.5.39 /apps/tomcat && mkdir -p /data/tomcat/webapps
[root@node14 tomcat-base]#
build image
[root@node14 tomcat-base]# ./build-command.sh
Sending build context to Docker daemon 9.676MB
Step 1/4 : FROM jdk-base:1.8.0.212
---> 459ca223506f
Step 2/4 : MAINTAINER jack liu<jack_liu@qq.com>
---> Using cache
---> beb157549e5a
Step 3/4 : ADD apache-tomcat-8.5.39.tar.gz /apps
---> Using cache
---> 3f0a534cce9a
Step 4/4 : RUN ln -sv /apps/apache-tomcat-8.5.39 /apps/tomcat
---> Using cache
---> 7e8e78650376
Successfully built 7e8e78650376
Successfully tagged tomcat-base:8.5.39
908MB
[root@node14 tomcat-base]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-base 8.5.39 7e8e78650376 5 minutes ago 908MB
## 测试tomcat镜像
[root@node14 rpm-gpg]# docker run -it --rm -p 8080:8080 tomcat-base:8.5.39 bash
[root@ad4605562e86 /]# /apps/tomcat/bin/catalina.sh run
- 测试
step4 制作tomcat-app1镜像
Dockerfile
[root@node14 tomcat-app1]# more Dockerfile
#tomcat-app1
FROM tomcat-base:8.5.39
MAINTAINER jack liu<jack_liu@qq.com>
ADD code.tar.gz /data/tomcat/webapps/app1
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
ADD server.xml /apps/tomcat/conf
RUN chown -R tomcat.tomcat /apps/apache-tomcat-8.5.39 /apps/tomcat /data/tomcat
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
[root@node14 tomcat-app1]#
build image
[root@node14 tomcat-app1]# bash build-command.sh
Sending build context to Docker daemon 14.34kB
Step 1/8 : FROM tomcat-base:8.5.39
---> 796b447b5cfd
Step 2/8 : MAINTAINER jack liu<jack_liu@qq.com>
---> Running in 809690e52158
Removing intermediate container 809690e52158
---> 44cef9f12552
Step 3/8 : ADD code.tar.gz /data/tomcat/webapps/app1
---> 5c48f2681685
Step 4/8 : ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
---> 07c363d64890
Step 5/8 : ADD server.xml /apps/tomcat/conf
---> fcbe7f431fbf
Step 6/8 : RUN chown -R tomcat.tomcat /apps/apache-tomcat-8.5.39 /apps/tomcat /data/tomcat
---> Running in 46c1b2c05308
Removing intermediate container 46c1b2c05308
---> 13465feb036b
Step 7/8 : EXPOSE 8080 8443
---> Running in 76a98e0e59af
Removing intermediate container 76a98e0e59af
---> f95d33ea7fe1
Step 8/8 : CMD ["/apps/tomcat/bin/run_tomcat.sh"]
---> Running in 8ce5cb74f354
Removing intermediate container 8ce5cb74f354
---> 314ecb531ec8
Successfully built 314ecb531ec8
Successfully tagged tomcat-app1:v1
启动容器
- 注意启动容器时不要加bash,否则bash会覆盖CMD命令,导致运行脚本命令无法运行
[root@node14 ~]# docker run -it --rm -p 8080:8080 tomcat-app1:v1
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /usr/local/jdk
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 dbebcf83f88b
172.16.62.14 node.haostack.com
##制作Dockerfile过程
## 修改tomcat配置路径
<Host name="localhost" appBase="/data/tomcat/webapps" (改成实际路径/data/) unpackWARs="true" autoDeploy="true">
##修改代码路径
[root@383ad9103acf /]# ll /data/tomcat/webapps/index.html
-rw-r--r-- 1 root root 12 Jun 7 18:01 /data/tomcat/webapps/index.html
[root@383ad9103acf /]#
##导出配置文件
sz /apps/tomcat/conf/server.xml
## 在去dockerfile修改
## 最终Dockerfile为
[root@node14 tomcat-app1]# more Dockerfile
#tomcat-app1
FROM tomcat-base:8.5.39
MAINTAINER jack liu<jack_liu@qq.com>
ADD code.tar.gz /data/tomcat/webapps/app1
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
ADD server.xml /apps/tomcat/conf
RUN chown -R tomcat.tomcat /apps/apache-tomcat-8.5.39 /apps/tomcat /data/tomcat
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
[root@node14 tomcat-app1]#
- 测试
step5 制作tomcat-app2镜像
Dockerfile
[root@node14 tomcat-app2]# more Dockerfile
#tomcat-app1
FROM tomcat-base:8.5.39
MAINTAINER jack liu<jack_liu@qq.com>
ADD code.tar.gz /data/tomcat/webapps/app2
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
ADD server.xml /apps/tomcat/conf
RUN chown -R tomcat.tomcat /apps/apache-tomcat-8.5.39 /apps/tomcat /data/tomcat
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
[root@node14 tomcat-app2]#
build image
Successfully built dee1bd23b8a1
Successfully tagged tomcat-app2:v1
[root@node14 tomcat-app2]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat-app2 v1 dee1bd23b8a1 5 seconds ago 921MB
启动容器
- 注意启动容器时不要加bash,否则bash会覆盖CMD命令,导致运行脚本命令无法运行
[root@node14 tmp]# docker run -it --rm -p 8082:8080 tomcat-app2:v1
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /usr/local/jdk
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 8c8bafccaffa
172.16.62.14 node.haostack.com
- 测试
4.制作HAProxy镜像
Dockerfile
[root@node14 haproxy]# more Dockerfile
#haproxy base image
FROM centos:7.8.2003
MAINTAINER jack liu<jack_liu@qq.com>
ADD haproxy-1.8.17.tar.gz /usr/local/src
RUN yum install systemd-devel make gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tc
pdump wget ntpdate -y && cd /usr/local/src/haproxy-1.8.17 && make ARCH=x86_64 TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/usr/local/hap
roxy && make install PREFIX=/usr/local/haproxy && cp haproxy /usr/sbin/ && mkdir /usr/local/haproxy/run
ADD haproxy.cfg /etc/haproxy/haproxy.cfg
ADD run_haproxy.sh /usr/bin/run_haproxy.sh
#EXPOSE 80 9999
CMD ["usr/bin/run_haproxy.sh"]
[root@node14 haproxy]#
启动容器
[root@node14 ~]# docker run -it -p 80:80 -p 9999:9999 centos-haprxoy:1.8.17
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.4 4e04697a00b9
测试
- 查看haproxy-status 状态
- 密码在 haproxy 中第一
- 默认的为haadmin/123456
实验5 架构图
1.在172.16.62.12上启动tomcat-app1
root@node12 harbor.haostack.com]# docker run -it -p 8081:8080 --rm --name tomcat-app1 harbor.haostack.com/baseimages/tomcat-app1:8.5.39
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /usr/local/jdk
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 0e9263a29464
172.16.62.14 node.haostack.com
2.在172.16.62.13上启动tomcat-app2
[root@node13 data]# docker run -it -p 8082:8080 --rm --name tomcat-app2 harbor.haostack.com/baseimages/tomcat-app2:8.5.39
Using CATALINA_BASE: /apps/tomcat
Using CATALINA_HOME: /apps/tomcat
Using CATALINA_TMPDIR: /apps/tomcat/temp
Using JRE_HOME: /usr/local/jdk
Using CLASSPATH: /apps/tomcat/bin/bootstrap.jar:/apps/tomcat/bin/tomcat-juli.jar
Tomcat started.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 7b037c139573
172.16.62.14 node.haostack.com
3.测试
检查haproxy-status状态