1、安装docker,如何系统可以上网可直接执行下面命令安装,一般建议先下载下来,再安装。如果不能上网需配置本地yum源安装。
[root@realhost ~]# wget https://get.docker.com/rpm/1.7.1/centos-6/RPMS/x86_64/docker-engine-1.7.1-1.el6.x86_64.rpm
[root@realhost ~]# ls
docker-engine-1.7.1-1.el6.x86_64.rpm
[root@realhost ~]# yum -y install docker-engine-1.7.1-1.el6.x86_64.rpm
2、配置docker镜像地址
[root@realhost docker]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://hub.docker.com/"]
}
3、重启使其生效
systemctl daemon-reload //daemon-reload: 重新加载某个服务的配置文件,如果新安装了一个服务,归属于 systemctl 管理,要是新服务的服务程序配置文件生效,需重新加载。
systemctl restart docker //重启docker
4、docker使用
在仓库搜索名称包含centos的镜像:
docker search [OPTIONS] TERM
[root@realhost docker]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5906 [OK]
ansible/centos7-ansible Ansible on Centos7 128 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos ... 114 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC sessi... 112 [OK]
centos/mysql-57-centos7 MySQL 5.7 SQL database server 72
imagine10255/centos6-lnmp-php56 centos6-lnmp-php56 58 [OK]
tutum/centos Simple CentOS docker image with SSH access 45
centos/postgresql-96-centos7 PostgreSQL is an advanced Object-Relationa... 43
kinogmt/centos-ssh CentOS with SSH 29 [OK]
pivotaldata/centos-gpdb-dev CentOS image for GPDB development. Tag nam... 11
guyton/centos6 From official centos6 container with full ... 10 [OK]
从dockerhub拉取指定镜像:
执行pull命令的时候要写完整的名字,比如"ansible/centos7-ansible"。用户名/ 镜像名
[root@realhost docker]# docker pull ansible/centos7-ansible
latest: Pulling from ansible/centos7-ansible
447de4861266: Pull complete
c8a989a71b21: Pull complete
88d499419caa: Pull complete
1601aad7ffae: Pull complete
09f436fef846: Pull complete
1d2685d3711f: Pull complete
c21291d0910c: Pull complete
6b9e6c6f63b7: Pull complete
4ba6ed5fa591: Pull complete
f86b7d032b03: Pull complete
3690474eb5b4: Already exists
0a444b299d5a: Already exists
a04895de1996: Already exists
08e1d80f2b80: Already exists
4ef929f1a369: Already exists
Digest: sha256:00284f8b7f0fb02bbcc99cf720a512f4c1e26404b59b6ea52fc255bd12d0a7fd
Status: Downloaded newer image for ansible/centos7-ansible:latest
3、docker images 查看镜像信息列表
[root@realhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
centos latest 495a24dc98e8 10 weeks ago 237.1 MB
smartentry/centos latest 66fc76b7e507 4 months ago 219.5 MB
ansible/centos7-ansible latest f86b7d032b03 3 years ago 447.2 MB
4、运行docker容器:
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@realhost docker]# docker run -it smartentry/centos /bin/bash
smartentry> running main program(UID=0 GID=0 USER=root)
[root@6dfe5360dd61 /]#
[root@6dfe5360dd61 /]# ifconfig
bash: ifconfig: command not found
[root@6dfe5360dd61 /]# pwd
/
[root@6dfe5360dd61 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
5、docker ps -a 查看运行中的所有容器
[root@realhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6dfe5360dd61 smartentry/centos "/sbin/smartentry.sh 9 minutes ago Exited (0) 3 minutes ago sick_meitner
docker run命令参数详解:
常用选项说明
-d, --detach=false
, 指定容器运行于前台还是后台,默认为false-i, --interactive=false
, 打开STDIN,用于控制台交互-t, --tty=false
, 分配tty设备,该可以支持终端登录,默认为false-u, --user=""
, 指定容器的用户-a, --attach=[]
, 登录容器(必须是以docker run -d启动的容器)-w, --workdir=""
, 指定容器的工作目录-c, --cpu-shares=0
, 设置容器CPU权重,在CPU共享场景使用-e, --env=[]
, 指定环境变量,容器中可以使用该环境变量-m, --memory=""
, 指定容器的内存上限-P, --publish-all=false
, 指定容器暴露的端口-p, --publish=[]
, 指定容器暴露的端口-h, --hostname=""
, 指定容器的主机名-v, --volume=[]
, 给容器挂载存储卷,挂载到容器的某个目录--volumes-from=[]
, 给容器挂载其他容器上的卷,挂载到容器的某个目录--cap-add=[]
, 添加权限,权限清单详见:http://linux.die.net/man/7/capabilities--cap-drop=[]
, 删除权限,权限清单详见:http://linux.die.net/man/7/capabilities--cidfile=""
, 运行容器后,在指定文件中写入容器PID值,一种典型的监控系统用法--cpuset=""
, 设置容器可以使用哪些CPU,此参数可以用来容器独占CPU--device=[]
, 添加主机设备给容器,相当于设备直通--dns=[]
, 指定容器的dns服务器--dns-search=[]
, 指定容器的dns搜索域名,写入到容器的/etc/resolv.conf文件--entrypoint=""
, 覆盖image的入口点--env-file=[]
, 指定环境变量文件,文件格式为每行一个环境变量--expose=[]
, 指定容器暴露的端口,即修改镜像的暴露端口--link=[]
, 指定容器间的关联,使用其他容器的IP、env等信息--lxc-conf=[]
, 指定容器的配置文件,只有在指定--exec-driver=lxc时使用--name=""
, 指定容器名字,后续可以通过名字进行容器管理,links特性需要使用名字--net="bridge"
, 容器网络设置:- bridge 使用docker daemon指定的网桥
- host //容器使用主机的网络
- container:NAME_or_ID >//使用其他容器的网路,共享IP和PORT等网络资源
- none 容器使用自己的网络(类似--net=bridge),但是不进行配置
--privileged=false
, 指定容器是否为特权容器,特权容器拥有所有的capabilities--restart="no"
, 指定容器停止后的重启策略:- no:容器退出时不重启
- on-failure:容器故障退出(返回值非零)时重启
- always:容器退出时总是重启
--rm=false
, 指定容器停止后自动删除容器(不支持以docker run -d启动的容器)--sig-proxy=true
, 设置由代理接受并处理信号,但是SIGCHLD、SIGSTOP和SIGKILL不能被代理
docker命令:
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an image
images List images
import Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container
pause Pause all processes within a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
ps List containers
pull Pull an image or a repository from a Docker registry server
push Push an image or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image to a tar archive
search Search for an image on the Docker Hub
start Start a stopped container
stats Display a stream of a containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
常用docker仓库地址
Docker Hub: https://hub.docker.com/
Quay: https://quay.io/search