7.创建容器的常见选项

最新推荐文章于 2024-07-22 00:54:11 发布

云原生解决方案

最新推荐文章于 2024-07-22 00:54:11 发布

阅读量531

点赞数

分类专栏： docker 文章标签： docker centos 运维

本文链接：https://blog.csdn.net/weixin_46380571/article/details/107832471

版权

docker 专栏收录该内容

56 篇文章 0 订阅

订阅专栏

[root@docker nginx]# docker cantiner --help

Usage:	docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default
                           context set with "docker context use")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  builder     Manage builds
  config      Manage Docker configs
  container   Manage containers
  context     Manage contexts
  engine      Manage the docker engine
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

指令	描述
-i , --interactive	交互式
-t, --tty	分配一个伪终端
-a, --attach list	附加到运行的容器
–dns list	设置dns服务器
-e, --env list	设置环境变量
–env-file list	从文件读取环境变量
-p, --publisg-all	发布容器端口到主机
-h,–hostname string	设置容器的主机名
–ip string	指定容器ip 只能用于自定义网络
–link list	添加连接到另一个容器
–network	连接容器到一个网络
–mount mount	挂载宿主机分区到容器
-v, --volume list	挂载宿主机目录到容器
–restart string	容器退出时重启策略，默认no[always\|on failure]
–add-host list	添加其他主机到容器中/etc/hosts
-d, --detach	运行容器到后台

资源限制指令	描述
-m ,–memory	容器可以使用的最大内存量
–memory-swap	允许交换到磁盘的内存量
–memory-swappiness-<0-100>	容器使用swap分区交换的百分比（0-100,默认为-1）
–memory-reservation	内存软限制,docker检测主机容器争用或内存不足时所激活的软限制，使用此选项，值必须设置低于–memory，以使其优先
–oom-kill-disable	当宿主机内存不足时，内核会杀死容器中的进程。建议设置了-memory选项在禁用OOM。如果没有设置，主机可能会耗尽内存
–cpus	限制容器可以使用多少个可用的cpu资源
–cpuset-cpus	限制容器可以使用特定的CPU
–cpu-shares	此值设置为大于或小于默认1024值，以增加或减少容器的权重，并使其可以访问主机cpu周期的更大或更小比例

1.run创建容器

docker container run -itd  --name bs busybox
--name  指定一个名字
-itd 后端运行

2.进入容器

[root@docker nginx]# docker container attach bs   
/ # ls
bin   dev   etc   home  proc  root  sys   tmp   usr   var
/ # ps -ef   #和宿主机的进程是相互隔离的
PID   USER     TIME  COMMAND
    1 root      0:00 sh
    7 root      0:00 ps -ef
/ #exit
退出时容器停止

3.ctrl+p+q 退出容器不停止

[root@docker nginx]# docker start 88  
88
[root@docker nginx]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
88a770ae905d        busybox             "sh"                6 minutes ago       Up 2 seconds                            bs
[root@docker nginx]# docker container attach bs #进入容器
/ # read escape sequence   # ctrl+p+q 退出
[root@docker nginx]# docker ps   #查看容器
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
88a770ae905d        busybox             "sh"                7 minutes ago       Up About a minute                       bs

4.查看文件系统挂载的情况

[root@docker nginx]# docker container attach bs
/ # mount

#默认挂载三个文件
/dev/vda1 on /etc/resolv.conf type ext4 (rw,relatime,data=ordered)  #dns解析
/dev/vda1 on /etc/hostname type ext4 (rw,relatime,data=ordered)
/dev/vda1 on /etc/hosts type ext4 (rw,relatime,data=ordered)  #主机与ip对应的

#每次进行重启容器。都会将三个文件从宿主机进行挂载出来
#只要改任何一个文件 容器都不是生效的

/ # cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.2	88a770ae905d

#修改内容
/ # echo "123" > /etc/hosts
/ # cat /etc/hosts
123

#重启容器
[root@docker nginx]# docker container attach bs

#再次查看文件
/ # cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.2	88a770ae905d

exec. -a传入变量

docker container run -itd -e a=123 --name bs1 busybox

[root@docker nginx]# docker exec -it bs1 bash  #有的不支持bash 
OCI runtime exec failed: exec failed: container_linux.go:349: starting container process caused "exec: \"bash\": executable file not found in $PATH": unknown
[root@docker nginx]# docker exec -it bs1 sh  #用sh
/ # echo $a   #变量123通过-a的选项传入进来
123
/ #

-p

[root@docker nginx]# docker container run -itd -p 8080:80 --name nginx01 nginx
90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f
[root@docker nginx]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
90a8aef6356b        nginx               "/docker-entrypoint.…"   10 seconds ago      Up 9 seconds        0.0.0.0:8080->80/tcp   nginx01

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-NFwy0RCk-1596679167842)(/Users/yingliming/Desktop/截屏2020-07-13 下午7.56.02.png)]

7.查看日志

[root@docker nginx]# docker logs 90
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
219.143.183.130 - - [13/Jul/2020:11:55:31 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "-"
2020/07/13 11:55:31 [error] 28#28: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 219.143.183.130, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "121.199.30.165:8080", referrer: "http://121.199.30.165:8080/"
219.143.183.130 - - [13/Jul/2020:11:55:31 +0000] "GET /favicon.ico HTTP/1.1" 404 153 "http://121.199.30.165:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" "-"
106.14.6.194 - - [13/Jul/2020:11:55:50 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (macintosh; mac os safari) Mac OS Safari" "-"
[root@docker nginx]#


#日志还存放在这里
[root@docker nginx]# ls /var/lib/docker/containers/
0f646d20ccb6f54c8b700bd9a4aa2d3f8c5781065e4c49fa7c9b06dbe2e59ec8
6ded32348de2659d66acad2bd3abcc79b15f1ea0564ea10627ac756f67f2a74d
7c77ab4e80fb490496b5c1f00bc93d6a4a6299e830544fd49368ce1cfedbb6eb
88a770ae905de23320e33aeb6bb9062e651fb096ef102fb9029c7dbf7349d9e8
8e6de4d9c136f031b27e4bdadf880b2ff401d1a8d0ae95460799437e25e7df29
90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f
9dc1611db1ed657cf9585a2b88924c2831bc373bf17688d375ab4cab4298731a
[root@docker nginx]# ls /var/lib/docker/containers/90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f/

#控制台的输出到这个log里面，磁盘越来愈大 ，看一下日志控制台是不是越来越多了
90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f-json.log hostconfig.json  mounts
checkpoints                                                                hostname         resolv.conf
config.v2.json                                                             hosts            resolv.conf.hash
[root@docker nginx]#


#日志是json格式
[root@docker nginx]# tail /var/lib/docker/containers/90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f/90a8aef6356b8e47d3e8a0abe86164855f991b22e03a7bfae4d4f154becb617f-json.log
{"log":"/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/\r\n","stream":"stdout","time":"2020-07-13T11:53:28.146854608Z"}
{"log":"/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh\r\n","stream":"stdout","time":"2020-07-13T11:53:28.150305983Z"}
{"log":"10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf\r\n","stream":"stdout","time":"2020-07-13T11:53:28.156529644Z"}
{"log":"10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf\r\n","stream":"stdout","time":"2020-07-13T11:53:28.182247249Z"}
{"log":"/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh\r\n","stream":"stdout","time":"2020-07-13T11:53:28.182526775Z"}
{"log":"/docker-entrypoint.sh: Configuration complete; ready for start up\r\n","stream":"stdout","time":"2020-07-13T11:53:28.185494449Z"}
{"log":"219.143.183.130 - - [13/Jul/2020:11:55:31 +0000] \"GET / HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15\" \"-\"\r\n","stream":"stdout","time":"2020-07-13T11:55:31.039140223Z"}
{"log":"2020/07/13 11:55:31 [error] 28#28: *2 open() \"/usr/share/nginx/html/favicon.ico\" failed (2: No such file or directory), client: 219.143.183.130, server: localhost, request: \"GET /favicon.ico HTTP/1.1\", host: \"121.199.30.165:8080\", referrer: \"http://121.199.30.165:8080/\"\r\n","stream":"stdout","time":"2020-07-13T11:55:31.20857839Z"}
{"log":"219.143.183.130 - - [13/Jul/2020:11:55:31 +0000] \"GET /favicon.ico HTTP/1.1\" 404 153 \"http://121.199.30.165:8080/\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15\" \"-\"\r\n","stream":"stdout","time":"2020-07-13T11:55:31.208613401Z"}
{"log":"106.14.6.194 - - [13/Jul/2020:11:55:50 +0000] \"GET / HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (macintosh; mac os safari) Mac OS Safari\" \"-\"\r\n","stream":"stdout","time":"2020-07-13T11:55:50.069680628Z"}
[root@docker nginx]#

8.restart

[root@docker nginx]# docker container run -itd -p 8081:80 --name nginx02 --restart=always nginx
c740a992c572cc77847e16cef7d732fc724630baf2c89818d4c1d82c34548548

9.资源限制cpu

[root@docker nginx]# docker container run --help|grep cpu
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs   #！！！！！
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)

[root@docker nginx]# docker container run -itd --cpus 1 --name nginx03 nginx
fb9dacd721377f68555e8cb9381b4acbe65b263fd527b0c2cc58e8312aaf0ae5

--cpus 限制容器使用多少个可用的cpu资源

10.资源限制内存

[root@docker nginx]# docker container run -itd --memory 512m --name nginx04 nginx
ead5aab459f11a8b1497ce3b2ff748ff5f61050bfff744a76aee9f751141e88a

那么swap交换分区使用的就是2倍

11.实时输出资源的利用率

docker container stats nginx04

CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT   MEM %               NET I/O             BLOCK I/O           PIDS
ead5aab459f1        nginx04             0.00%               2.379MiB / 512MiB   0.46%               0B / 0B             0B / 0B             2