Docker CLI 命令行介绍
Docker Version
Windows (Intel芯片)
Server 的 OS/Arch: linux/amd64
是因为Windows内置的hyper-V或者wsl2的虚拟机,是搭载的Linux系统,把docker的服务端放到了虚拟机中。
$ docker version
Client: Docker Engine - Community
Cloud integration: 1.0.12
Version: 20.10.5
API version: 1.41
Go version: go1.13.15
Git commit: 55c4c88
Built: Tue Mar 2 20:14:53 2021
OS/Arch: windows/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.5
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 363e9a8
Built: Tue Mar 2 20:15:47 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.4
GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc:
Version: 1.0.0-rc93
GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Linux(Intel芯片)
$ docker version
Client: Docker Engine - Community
Version: 20.10.0
API version: 1.41
Go version: go1.13.15
Git commit: 7287ab3
Built: Tue Dec 8 18:59:40 2020
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.0
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: eeddea2
Built: Tue Dec 8 18:57:45 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Mac (Intel芯片)
$ docker version
Client: Docker Engine - Community
Cloud integration: 1.0.9
Version: 20.10.5
API version: 1.41
Go version: go1.13.15
Git commit: 55c4c88
Built: Tue Mar 2 20:13:00 2021
OS/Arch: darwin/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.5
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 363e9a8
Built: Tue Mar 2 20:15:47 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker命令行的基本使用
docker + 管理的对象(比如容器,镜像) + 具体操作(比如创建,启动,停止,删除)
例如:
- docker image pull nginx 拉取一个叫nginx的docker image镜像
- docker container stop web 停止一个叫web的docker container容器
Image 镜像 vs Container 容器
image镜像
- Docker image是一个 read-only 文件 只读
- 这个文件包含文件系统,源码,库文件,依赖,工具等一些运行application所需要的文件
- 可以理解成一个模板
- docker image具有分层的概念
container容器
- “一个运行中的docker image”
- 实质是复制image并在image最上层加上一层 read-write 的层 (称之为 container layer 容器层)
- 基于同一个image可以创建多个container
image layer为不可动的底层模块,只读。根据底层模块可以创建多个container layer,可读写
docker image的获取
- 自己制作
- 从registry拉取(比如docker hub)
容器的基本操作
操作 | 命令(全) | 命令(简) |
---|---|---|
容器的创建 | docker container run [image name] | docker run [image name] |
容器的列出(up) | docker container ls | docker ps |
容器的列出(up和exit) | docker container ls -a | docker ps -a |
容器的停止 | docker container stop [name or ID] | docker stop [container name or ID] |
容器的删除 | docker container rm [name or ID] | docker rm [container name or ID] |
创建第一个容器
联网操作
没有从本地库找到,就会直接从docker官方库拉取
记得配置国内源,官方源有时候连不上。国内源配置教程
容器container ID是hash值,start/stop/rm的时候只需要写前几位就可以,不用写全container ID
$ docker container run nginx
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
343fd4031609 nginx "/docker-entrypoint.…" 6 seconds ago Up 5 seconds 80/tcp xenodochial_clarke
$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
343fd4031609 nginx "/docker-entrypoint.…" 14 seconds ago Up 13 seconds 80/tcp xenodochial_clarke
$ docker container stop 34
34
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
343fd4031609 nginx "/docker-entrypoint.…" 29 seconds ago Exited (0) 5 seconds ago xenodochial_clarke
d9095daa8bcf nginx "/docker-entrypoint.…" 28 minutes ago Exited (0) 28 minutes ago suspicious_shamir
$ docker container rm 34
34
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d9095daa8bcf nginx "/docker-entrypoint.…" 28 minutes ago Exited (0) 28 minutes ago suspicious_shamir
$
docker container 命令小技巧
批量停止
$ docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cd3a825fedeb nginx "/docker-entrypoint.…" 7 seconds ago Up 6 seconds 80/tcp mystifying_leakey
269494fe89fa nginx "/docker-entrypoint.…" 9 seconds ago Up 8 seconds 80/tcp funny_gauss
34b68af9deef nginx "/docker-entrypoint.…" 12 seconds ago Up 10 seconds 80/tcp interesting_mahavira
7513949674fc nginx "/docker-entrypoint.…" 13 seconds ago Up 12 seconds 80/tcp kind_nobel
方法1:
$ docker container rm cd3 269 34b 751
但是有大量的容器,方法1就非常费事了,就要使用方法2
方法2:
列出所有的 container ID 的方法
docker container ps -aq
再去批量停止
$ docker container stop $(docker container ps -aq)
cd3a825fedeb
269494fe89fa
34b68af9deef
7513949674fc
$ docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cd3a825fedeb nginx "/docker-entrypoint.…" 30 seconds ago Exited (0) 2 seconds ago mystifying_leakey
269494fe89fa nginx "/docker-entrypoint.…" 32 seconds ago Exited (0) 2 seconds ago funny_gauss
34b68af9deef nginx "/docker-entrypoint.…" 35 seconds ago Exited (0) 2 seconds ago interesting_mahavira
7513949674fc nginx "/docker-entrypoint.…" 36 seconds ago Exited (0) 2 seconds ago kind_nobel
批量删除
和批量停止类似,可以使用
docker container rm $(docker container ps -aq)
注意:无法删除正在运行的容器,想要删除,可以先停止再删除。或者强制删除,添加 -f
docker system prune -a -f 可以快速对系统进行清理,删除停止的容器,不用的image,等等
容器的attached和detached模式
前台执行 attached模式
PS C:\Users\柏杉> docker container run -p 8080:80 nginx
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/01/11 21:57:43 [notice] 1#1: using the "epoll" event method
2022/01/11 21:57:43 [notice] 1#1: nginx/1.21.5
2022/01/11 21:57:43 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2022/01/11 21:57:43 [notice] 1#1: OS: Linux 5.4.72-microsoft-standard-WSL2
2022/01/11 21:57:43 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/01/11 21:57:43 [notice] 1#1: start worker processes
2022/01/11 21:57:43 [notice] 1#1: start worker process 31
2022/01/11 21:57:43 [notice] 1#1: start worker process 32
2022/01/11 21:57:43 [notice] 1#1: start worker process 33
2022/01/11 21:57:43 [notice] 1#1: start worker process 34
2022/01/11 21:57:43 [notice] 1#1: start worker process 35
2022/01/11 21:57:43 [notice] 1#1: start worker process 36
2022/01/11 21:57:43 [notice] 1#1: start worker process 37
2022/01/11 21:57:43 [notice] 1#1: start worker process 38
172.17.0.1 - - [11/Jan/2022:21:58:18 +0000] "GET / HTTP/1.1" 200 615 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
2022/01/11 21:58:18 [error] 31#31: *2 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 172.17.0.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "127.0.0.1:8080", referrer: "http://127.0.0.1:8080/"
172.17.0.1 - - [11/Jan/2022:21:58:18 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://127.0.0.1:8080/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
后台执行 detached模式
PS C:\Users\柏杉> docker run -d -p 80:80 nginx
48e323da192216241aed5df3ee926060f977680472a2d91073fe2803a0df3ab3
attach 后台执行查看日志:
注意:Ctrl + c 在Linux上attach执行,会把容器给停止了,但是Windows上 Ctrl + c 是无效了,被拦截了
PS C:\Users\柏杉> docker attach 48e
172.17.0.1 - - [11/Jan/2022:22:10:07 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
查看容器logs
PS C:\Users\柏杉> docker run -d -p 80:80 nginx
4c35faf1ceb8955d98fb88659c2fad9a30e3f51c947964284eca3b0b45dd344e
PS C:\Users\柏杉> docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4c35faf1ceb8 nginx "/docker-entrypoint.…" 7 seconds ago Up 6 seconds 0.0.0.0:80->80/tcp busy_diffie
PS C:\Users\柏杉> docker logs 4c35
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2022/01/11 22:17:43 [notice] 1#1: using the "epoll" event method
2022/01/11 22:17:43 [notice] 1#1: nginx/1.21.5
2022/01/11 22:17:43 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2022/01/11 22:17:43 [notice] 1#1: OS: Linux 5.4.72-microsoft-standard-WSL2
2022/01/11 22:17:43 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2022/01/11 22:17:43 [notice] 1#1: start worker processes
2022/01/11 22:17:43 [notice] 1#1: start worker process 31
2022/01/11 22:17:43 [notice] 1#1: start worker process 32
2022/01/11 22:17:43 [notice] 1#1: start worker process 33
2022/01/11 22:17:43 [notice] 1#1: start worker process 34
2022/01/11 22:17:43 [notice] 1#1: start worker process 35
2022/01/11 22:17:43 [notice] 1#1: start worker process 36
2022/01/11 22:17:43 [notice] 1#1: start worker process 37
2022/01/11 22:17:43 [notice] 1#1: start worker process 38
172.17.0.1 - - [11/Jan/2022:22:18:02 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:03 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:03 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:03 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:04 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:04 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
172.17.0.1 - - [11/Jan/2022:22:18:04 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" "-"
动态查看logs
添加 -f
docker logs -f 4c35
容器的交互式模式 shell
docker container run -it 创建一个容器并进入交互式模式
PS C:\Users\柏杉> docker container run -it ubuntu sh
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
7b1a6ab2e44d: Pull complete
Digest: sha256:626ffe58f6e7566e00254b638eb7e0f3b11d4da9675088f4781a50ae288f3322
Status: Downloaded newer image for ubuntu:latest
# ls
bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
# ps
PID TTY TIME CMD
1 pts/0 00:00:00 sh
9 pts/0 00:00:00 ps
# exit
PS C:\Users\柏杉>
docker container exec -it 在一个已经运行的容器里执行一个额外的command
> docker container run -d nginx
33d2ee50cfc46b5ee0b290f6ad75d724551be50217f691e68d15722328f11ef6
> docker container exec -it 33d sh
#
#
# ls
bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
#
# exit
容器和虚拟机 Container vs VM
容器不是Mini虚拟机
容器其实是进程Containers are just processes
容器中的进程被限制了对CPU内存等资源的访问
当进程停止后,容器就退出了
容器的进程process
以下是在Ubuntu20.04中演示,因Windows环境下的Docker和Linux具有一些差异。pstree 命令需要额外安装,可以使用 yum install psmisc 或者 sudo apt-get install psmisc 安装
➜ ~ docker container run -d nginx
57fe4033dd7e1e620a0b6a7b83b85d4f8f98772f0ce585624c384de254826fd0
➜ ~ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
57fe4033dd7e nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 80/tcp festive_proskuriakova
➜ ~ docker container top 57f
UID PID PPID C STIME TTY TIME CMD
root 7646 7625 0 12:14 ? 00:00:00 nginx: master process nginx -g daemon off;
systemd+ 7718 7646 0 12:14 ? 00:00:00 nginx: worker process
➜ ~
➜ ~
➜ ~ ps -aef --forest
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 May14 ? 00:00:00 /init
root 157 1 0 May14 ? 00:00:00 /init
root 523 157 0 May14 ? 00:02:32 \_ /usr/bin/dockerd -p /var/run/docker.pid
root 545 523 0 May14 ? 00:25:55 | \_ containerd --config /var/run/docker/containerd/containerd.toml --log-level info
root 7625 157 0 12:14 ? 00:00:00 \_ /usr/bin/containerd-shim-runc-v2 -namespace moby -id 57fe4033dd7e1e620a0b6a7b83b85d4f8f98772f0ce585624c384de254826fd0 -address /var/run/d
root 7646 7625 0 12:14 ? 00:00:00 \_ nginx: master process nginx -g daemon off;
systemd+ 7718 7646 0 12:14 ? 00:00:00 \_ nginx: worker process
root 6442 1 0 May18 ? 00:00:00 /init
root 6443 6442 0 May18 ? 00:00:00 \_ /init
penxiao 6444 6443 0 May18 pts/2 00:00:01 \_ -zsh
penxiao 7770 6444 0 12:15 pts/2 00:00:00 \_ ps -aef --forest
➜ ~
➜ ~ pstree -halps 7718
init,1
└─init,157
└─containerd-shim,7625 -namespace moby -id 57fe4033dd7e1e620a0b6a7b83b85d4f8f98772f0ce585624c384de254826fd0 -address /var/run/docker/containerd/containerd.sock
└─nginx,7646
└─nginx,7718
docker container run 背后发生了什么?
$ docker container run -d --publish 80:80 --name webhost nginx
- 在本地查找是否有nginx这个image镜像,但是没有发现
- 去远程的image registry查找nginx镜像(默认的registry是Docker Hub,可以配置国内源)
- 下载最新版本的nginx镜像 (nginx:latest 默认)
- 基于nginx镜像来创建一个新的容器,并且准备运行
- docker engine分配给这个容器一个虚拟IP地址
- 在宿主机上打开80端口并把容器的80端口转发到宿主机上
- 启动容器,运行指定的命令(这里是一个shell脚本去启动nginx)