Docker基础入门
本篇文章可以让docker初学者学会使用基本的命令,重点在
常用命令
这部分,针对大多数非运维人员已经足够使用了,比如做网络安全的,做开发的人群,如果想学习进阶的Docker知识,比如制作镜像,docker-compose管理容器,Docker网络等内容,可以查看我的另一篇文章 Docker进阶
文章目录
1.安装Docker(CentOS7及以上的系统)
#1.卸载原来的Docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
#2.需要安装的包
yum install -y yum-utils
#3.设置镜像仓库
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo #默认是国外的
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #推荐使用阿里云镜像仓库
#更新yum软件包的索引
yum makecache fast
#4.安装Docker相关的东西
yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
#5.启动Docker
systemctl start docker
#6.使用docker version查看是否安装成功
#7.测试HelloWorld
docker run hello-world
#8.查看一下下载的hello-world镜像
docker images
2.卸载Docker(了解)
#1.卸载依赖
remove docker-ce docker-ce-cli containerd.io
#2.删除资源
rm -rf /var/lib/docker
rm -rf /var/lib/containerd
#/var/lib/docker (docker的默认工作路径)
3.测试helloworld遇到的错误与解决方案
执行 docker run hello-world命令遇到如下错误 (dns解析错误)
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Head "https://registry-1.docker.io/v2/library/hello-world/manifests/latest": Get "https://auth.docker.io/token?scope=repository%3Alibrary%2Fhello-world%3Apull&service=registry.docker.io": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers).
解决方案:
dns解析错误
在/etc/resolv.conf
#添加谷歌的dns域名解析地址:
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver localdomain
保存后重启下docker命令:
systemctl restart docker
4.常用命令
1.镜像命令
docker images 查看所有本地主机上的镜像
docker search 搜索镜像
[root@localhost Hadoop]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 12505 [OK]
mariadb MariaDB Server is a high performing open sou… 4810 [OK]
mysql/mysql-server Optimized MySQL Server Docker images. Create… 925 [OK]
#可选项,通过搜索来过滤
--filter=STARS=3000 #搜索STARS大于3000的镜像
[root@localhost Hadoop]# docker search mysql --filter=STARS=3000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 12505 [OK]
mariadb MariaDB Server is a high performing open sou… 4810 [OK]
docker pull 下载镜像
#下载镜像 docker pull 镜像名 [:tag]
docker pull mysql #如果不写tag,默认就是下载最近的(latest)
#指定版本下载(先去docker hub找版本)
docker pull mysql:8.0.29
docker rmi 删除镜像
docker rmi -f 镜像id #删除指定的镜像
docker rmi -f 镜像id 镜像id 镜像id #删除多个镜像
docker rmi -f $(docker images -aq) #删除所有镜像
2.容器命令
说明:有了镜像才可以创建容器,linux,下载一个centos镜像来测试学习
docker pull centos
新建容器并启动
docker run [可选参数] image
#参数说明
--name="Name" #容器名字 tomcat01 tomcat02,用来区分容器
-d #后台方式运行
-it #使用交互方式运行,进入容器查看内容
-p #指定容器的端口 -p 8080:8080
-p 主机ip:主机端口:容器端口
-p 主机端口:容器端口(常用)
-p 容器端口
容器端口
-P #随机指定端口
#测试,启动并进入容器
[root@localhost Hadoop]# docker run -it centos /bin/bash
[root@004b2393c0e2 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
#退出容器
[root@004b2393c0e2 /]# exit
exit
列出所有运行的容器(docker ps)
#docker ps命令
#列出当前正在运行的容器
-a #列出当前正在运行的容器+运行过的容器
-n=? #显示最近创建的容器
-q #只显示容器的编号
[root@localhost Hadoop]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost Hadoop]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e05f2fc56588 centos "/bin/bash" 21 seconds ago Exited (0) 18 seconds ago nervous_wiles
ac454b75de3b centos "/bin/bash" 49 seconds ago Exited (0) 48 seconds ago frosty_goldwasser
8a298cb7df93 centos "/bin/bash" About a minute ago Exited (127) 55 seconds ago mystifying_bartik
004b2393c0e2 centos "/bin/bash" 4 minutes ago Exited (127) 2 minutes ago clever_nightingale
b9b0335ada57 hello-world "/hello" 12 hours ago Exited (0) 12 hours ago objective_germain
48db1538e911 hello-world "/hello" 12 hours ago Exited (0) 12 hours ago hopeful_lederberg
090bc3b037a1 hello-world "/hello" 12 hours ago Exited (0) 12 hours ago gallant_ardinghelli
退出容器
exit #直接容器停止并退出
Ctrl+P+Q #容器不停退出
注意:exec命令进入容器后exit退出,容器不会停止运行
删除容器
docker rm 容器id #不能删除正在运行的容器,如果要强制删除,rm -f
docker rm 容器id 容器id 容器id #删除多个容器
docker rm -f $(docker ps -aq) #删除所有容器
docker ps -a -q|xargs docker rm #利用管道符,删除所有容器
启动和停止容器的操作
docker start 容器id #启动容器
docker restart 容器id #重启容器
docker stop 容器id #停止当前正在运行的容器
docker kill 容器id #强制停止当前的容器
3.常用的其他命令(重要)
后台启动命令
#命令 docker run -d 镜像名!
[root@localhost Hadoop]# docker run -d centos
04e01d701d9d1f8133dde975c153ef7a8dd9822fac28793313588e42c9db8b58
#问题: docker ps,发现centos停止了
#常见的坑:docker容器使用后台运行,就必须要有一个前台进程,docker发现没有应用,就会自动停止
#nginx,容器启动之后,发现自己没有提供服务,就会立刻停止
查看日志
docker logs -f -t --tail 10 (10条日志) 容器id #注意,--tail后面要加上日志数量
如果没有--tail则不需要加数量
启动的centos容器,没有日志,需要自己编写脚本
#编写shell脚本
[root@localhost Hadoop]# docker run -d centos /bin/sh -c "while true;do echo yuanboss;sleep 1;done"
#显示日志
-tf #显示日志(t表示时间戳,f表示持续输出日志)
--tail number #要显示日志条数
[root@localhost Hadoop]# docker logs -ft --tail 10 90ee76997750
查看容器中的进程信息
#命令 docker top 容器id
[root@localhost Hadoop]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
90ee76997750 centos "/bin/sh -c 'while t…" 15 minutes ago Up 15 minutes distracted_morse
[root@localhost Hadoop]# docker top 90ee76997750
UID PID PPID
ID C STIME TTY TIME CMD
root 18509 18489 0 11:07 ?
root 20064 18509 0 11:23 ?
查看镜像的元数据
[root@localhost Hadoop]# docker inspect 90ee76997750
[
{
"Id": "90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c",
"Created": "2022-05-03T03:07:49.592021299Z",
"Path": "/bin/sh",
"Args": [
"-c",
"while true;do echo yuanboss;sleep 1;done"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 18509,
"ExitCode": 0,
"Error": "",
"StartedAt": "2022-05-03T03:07:49.891033003Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c/hostname",
"HostsPath": "/var/lib/docker/containers/90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c/hosts",
"LogPath": "/var/lib/docker/containers/90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c/90ee769977502079a961ee71a2312f2ffe7749de3532a6251ec46efaf807ef9c-json.log",
"Name": "/distracted_morse",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/77f29633f647807277ae1b944755d732693f3f5b8f5289fe9356f185bc5d293d-init/diff:/var/lib/docker/overlay2/40213d84c015c868a9c7c0b110a38c09b2b8959b1353a8dd4dd2cb7c95259ff0/diff",
"MergedDir": "/var/lib/docker/overlay2/77f29633f647807277ae1b944755d732693f3f5b8f5289fe9356f185bc5d293d/merged",
"UpperDir": "/var/lib/docker/overlay2/77f29633f647807277ae1b944755d732693f3f5b8f5289fe9356f185bc5d293d/diff",
"WorkDir": "/var/lib/docker/overlay2/77f29633f647807277ae1b944755d732693f3f5b8f5289fe9356f185bc5d293d/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "90ee76997750",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"while true;do echo yuanboss;sleep 1;done"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "6b222d4b43b69c8771f367e57a23cd5e679d81ff4d192e43fd6203ad2ed870ff",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/6b222d4b43b6",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "14a485fccde6004b3db2bf7720dd3100ba3f73a041ae5d76e60b51c242856d7f",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "3e019c6f939c9035136334705e4d5a858ad2f5bee731a75a517daf9f6d09ad0f",
"EndpointID": "14a485fccde6004b3db2bf7720dd3100ba3f73a041ae5d76e60b51c242856d7f",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入当前正在运行的容器
#我们通常容器都是使用后台方式运行的,需要进入容器,修改一些配置
#命令
docker exec -it 容器id bashshell
#测试
[root@localhost Hadoop]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
90ee76997750 centos "/bin/sh -c 'while t…" 40 minutes ago Up 40 minutes distracted_morse
[root@localhost Hadoop]# docker exec -it 90ee76997750 /bin/bash
[root@90ee76997750 /]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 03:07 ? 00:00:01 /bin/sh -c while true;do echo yuanboss;sleep 1;done
root 2471 0 0 03:48 pts/0 00:00:00 /bin/bash
root 2513 1 0 03:49 ? 00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 1
root 2514 2471 0 03:49 pts/0 00:00:00 ps -ef
#方式二
docker attach 容器id
[root@localhost Hadoop]# docker attach 90ee76997750
正在执行当前代码...
#exec 进入容器后开启一个新的终端,可以在里面操作(常用)
#attahc 进入容器正在执行的终端,不会启动新的进程
从容器内拷贝文件到主机上
#docker cp 容器id:容器内路径 目的主机路径
docker cp 2432bef98482:/home/test.java /home
#查看当前主机目录下
[root@localhost home]# ls
Hadoop yuan.java
#进入docker容器内部
[root@localhost home]# docker attach 2432bef98482
[root@2432bef98482 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@2432bef98482 /]# cd /home
[root@2432bef98482 home]# ls
#在容器内部新建一个文件
[root@2432bef98482 home]# touch test.java
[root@2432bef98482 home]# ls
test.java
[root@2432bef98482 home]# exit
exit
[root@localhost home]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost home]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2432bef98482 5d0da3dc9764 "/bin/bash" 3 minutes ago Exited (0) 10 seconds ago objective_nobel
#将容器内的文件拷贝到主机上
[root@localhost home]# docker cp 2432bef98482:/home/test.java /home
[root@localhost home]# ls
Hadoop test.java yuan.java
4.命令小结
attach Attach to a running container #当前shell下attach连接指定运行镜像
build Build an image from a Dockerfile #通过Dockerfile定制镜像
commit Create a new image from a container's changes #提交当前容器为新的镜像
cp Copy files/folders from a container to a HOSTDIR or to STDOUT #从容器中拷贝指定文件或者目录到宿主机中
create Create a new container #创建一个新的容器,同run 但不启动容器
diff Inspect changes on a container's filesystem #查看docker容器变化
events Get real time events from the server#从docker服务获取容器实时事件
exec Run a command in a running container#在已存在的容器上运行命令
export Export a container's filesystem as a tar archive #导出容器的内容流作为一个tar归档文件(对应import)
history Show the history of an image #展示一个镜像形成历史
rename Rename a container #重命名容器
restart Restart a running container #重启运行的容器
rm Remove one or more containers #移除一个或者多个容器
rmi Remove one or more images #移除一个或多个镜像(无容器使用该镜像才可以删除,否则需要删除相关容器才可以继续或者-f强制删除)
run Run a command in a new container #创建一个新的容器并运行一个命令
save Save an image(s) to a tar archive#保存一个镜像为一个tar包(对应load)
search Search the Docker Hub for images #在dockerhub中搜索镜像
start Start one or more stopped containers#启动容器
stats Display a live stream of container(s) resource usage statistics #统计容器使用资源
stop Stop a running container #停止容器
tag Tag an image into a repository #给源中镜像打标签
top Display the running processes of a container #查看容器中运行的进程信息
unpause Unpause all processes within a container #取消暂停容器
version Show the Docker version information#查看容器版本号
wait Block until a container stops, then print its exit code #截取容器停止时的退出状态值
5.部署Nginx
#下载镜像
docker pull nginx:1.21
#启动容器
docker run -d --name nginx01 -p 3344:80 fa5269854a5e
主机端口3344映射nginx的80端口
#测试访问主机的3344端口能否访问nginx
curl localhost:3344
#进入nginx01容器里面
docker exec -it 86eb85dc83cb /bin/bash
#查找nginx相关文件
whereis nginx
6.部署tomcat
#官方的使用
docker run -it --rm tomcat:9.0
#我们之前启动的都是后台的,停止了容器之后,容器还是可以看到,docker run -it --rm 是一般用来测试的,用完即删
#下载再启动
docker pull tomcat
#启动运行
docker run -d -p 3355:8080 --name tomcat01 tomcat
#测试访问没有问题:localhost:3355可以访问成功(404,因为webapps下面没有资源)
#进入容器
docker exec -it tomcat01 /bin/bash
#发现问题:1.Linux命令少了 2.webapps里面没有资源。
问题原因:阿里云镜像的原因,默认是最小镜像, 所有不必要的镜像都剔除了,以保证最小可运行的环境
7.部署Elasticsearch
#es暴露的端口很多
#es十分的耗内存
#es的数据一般需要放置到安全目录!挂载
# --net somenetwork?网路配置
#下载启动ElasticSearch
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
#启动之后 linux服务器就十分卡 docker stats 查看cpu的状态
#关闭es,增加内存限制,修改es配置文件, -e环境配置修改
docker run -d --name elasticsearch02 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node"
-e ES_JAVA_OPTS="-Xms256m -Xmx512m" elasticsearch:7.6.2
8.Portainer可视化面板安装
portainer
docker run -d -p 8088:9000 \
--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
什么是Portainer?
Docker图形化界面管理工具!提供一个后台面板供我们操作!
docker run -d -p 8088:9000 \
--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
访问测试:8088
9.commit镜像
docker commit 提交容器成为一个新的副本
#命令和git原理类似
docker commit -m="提交的描述信息" -a="作者" 容器id 目标镜像名:[TAG]
实战测试
#启动tomcat
#对tomcat进行操作
官方的tomcat的webapps是没有文件的,将webapps.dist下的所有文件拷贝到webapps下面
#commit这个容器,将这个容器提交成为一个镜像
#启动这个镜像
docker run -it -d -p 8080:8080 tomcat:1.0