docker的基础用法
说明:
Docker使用C/S体系的架构,Docker客户端与Docker守护进程通信,Docker守护进程负责构建,运行和分发Docker容器。Docker客户端和守护进程可以在同一个系统上运行,也可以将Docker客户端连接到远程Docker守护进程。Docker客户端和守护进程使用REST API通过unix套接字或网络接口进行通信。
下面是Docker核心组件及元素说明:
-
Docker Daemon : dockerd,用来监听Docker API的请求和管理Docker对象,比如镜像、容器、网络和Volume。
-
Docker Client : docker,docker client是我们和Docker进行交互的最主要的方式方法,比如我们可以通过docker run 命令来运行一个容器,然后我们的docker client会把命令发送给上面的Dockerd,主它来负责处理。
-
Docker Registry : 用来存储Docker镜像的仓库,Docker hub是官方提供的一个公共仓库,而且Docker默认也是从Docker Hub上查找镜像的。当然你也可以很方便的运行一个私有仓库,当我们使用docker pull或者docker run命令时,就会从我们配置的docker镜像仓库中去拉取镜像,使用docker push时,会将我们构建的镜像推送到对应的镜像仓库中。
-
**Images : ** 镜像,镜像是一个只读模板 ,带有创建docker容器的说明。一般来说,镜像会基于另外的一些基础镜像构建并加上一些额外的自定义功能。比如你可以构建一个基于centos的镜像,然后在这个基础镜像上面安装一个Nginx应用,这样就可以构建成属于我们自己的镜像了。
-
**Containers : ** 容器,容器是一个镜像的运行实例。可以使用Docker REST API或者CLI来操作容器。容器的实质是进程,但与直接在宿主机执行的进程不同,容器进行运行于属于自己独立的命名空间。因此容器可以拥有自己的root文件系统、自己的网络配置、自己的进程空间,甚至自己的用户id空间。容器内的进程是运行在一个隔离的环境里,使用起来,就好像在一个独立于宿主的系统下操作一样。这种特性使得容器封装的应用比直接在宿主机运行更多案例。
docker安装
[root@localhost ~]# cat /etc/redhat-release
CentOS Stream release 8
#安装些依赖的工具
[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
# 1.yum-utils:提供了yum-config-manager工具
# 2.device mapper:是Linux内核中支持逻辑卷管理的通用设备映射机制,为实现用于存储资源管理的块设备驱动提供了一个高度模块化的内核架构
# 3.device mapper存储驱动程序需要device-mapper-persistent-data和lvm2
[root@localhost ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
添加仓库自:https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@localhost ~]# ls /etc/yum.repos.d/
CentOS-Stream-AppStream.repo CentOS-Stream-Media.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-PowerTools.repo
CentOS-Stream-Debuginfo.repo CentOS-Stream-RealTime.repo
CentOS-Stream-Extras.repo docker-ce.repo
CentOS-Stream-HighAvailability.repo
[root@localhost ~]# sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
[root@localhost ~]# yum makecache
[root@localhost ~]# yum -y install docker-ce
[root@localhost ~]# rpm -qa |grep docker
docker-scan-plugin-0.9.0-3.el8.x86_64
docker-ce-rootless-extras-20.10.11-3.el8.x86_64
docker-ce-20.10.11-3.el8.x86_64
docker-ce-cli-20.10.11-3.el8.x86_64
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
- docker.cn
- 中国科技大学加速器
- 阿里云加速器(需要通过阿里云开发者平台注册登录帐号,免费使用个人私有的加速器:控制台–>左上角"三"–>容器服务–>-->容器镜像服务–>镜像工具–>镜像加速)
[root@localhost ~]# systemctl start docker
[root@localhost ~]# ls /etc/docker/
key.json
[root@localhost ~]# cat > /etc/docker/daemon.json <<EOF
> {
> "registry-mirrors": ["https://wn5c7d7w.mirror.aliyuncs.com"]
> }
> EOF
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 20.10.11
API version: 1.41
Go version: go1.16.9
Git commit: dea9396
Built: Thu Nov 18 00:36:58 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.11
API version: 1.41 (minimum version 1.12)
Go version: go1.16.9
Git commit: 847da18
Built: Thu Nov 18 00:35:20 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.6.3-docker)
scan: Docker Scan (Docker Inc., v0.9.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.11
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-257.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.559GiB
Name: localhost.localdomain
ID: C64O:HAJ5:K3PW:JNP7:BD5Z:VQUQ:PPM2:H7TN:U47O:NOBU:YBRH:52FV
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://wn5c7d7w.mirror.aliyuncs.com/ # 加速已配置成功
Live Restore Enabled: false
docker常用操作
命令 | 功能 |
---|---|
docker search | Search the Docker Hub for images (在Docker Hub中搜索图像) |
docker pull | Pull an image or a repository from a registry (从注册表中拉出映像或存储库) |
docker images | List images (图片列表) |
docker create | Create a new conntainer (创建一个新的容器) |
docker start | Start one or more stopped containers (启动一个或多个停止的容器) |
docker run | Run a command in a new container (在新容器中运行命令) |
docker attach | Attach to a runninng container (附加到一个运行的容器) |
docker ps | List containers (列表容器) |
docker logs | Fetch the logs of a container (获取容器的日志) |
docker restart | Restart a container (重启一个容器) |
docker stop | Stop one or more running containers (停止一个或多个运行中的容器) |
docker kill | Kill one or more running containers (杀死一个或多个运行中的容器) |
docker rm | Remove onne or more containers (删除一个或多个容器) |
docker exec | Run a command in a running container (在运行容器中运行命令) |
docker info | Display system-wide information (显示整个系统的信息) |
docker inspect | Return low-level information on Docker objects(返回Docker对象的低级信息) |
docker event state
docker操作示例
搜索镜像
[root@localhost ~]# docker search httpd
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 3784 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 40
centos/httpd 34 [OK]
arm32v7/httpd The Apache HTTP Server Project 10
......
拉取镜像
# 语法:docker pull [OPTIONS](选项) NAME[:TAG|@DIGEST]
[root@localhost ~]# docker pull httpd:latest
latest: Pulling from library/httpd
eff15d958d66: Pull complete
ba1caf8ba86c: Pull complete
ab86dc02235d: Pull complete
0d58b11d2867: Pull complete
e88da7cb925c: Pull complete
Digest: sha256:1d71eef54c08435c0be99877c408637f03112dc9f929fba3cccdd15896099b02
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latest
查看镜像
# 语法:docker images [OPTIONS] [REPOSITORY[:TAG]]
选项:
-a 显示所有
-q 只显示镜像id
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest ad17c88403e2 12 days ago 143MB
创建容器
# 语法:docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@localhost ~]# docker create httpd
8596ac176bd95c8f347b48a8c645ec83e49ff63d39b2aca5103e1278103aeadd
查看容器
# 语法:docker ps [OPTIONS]
选项:
-a 查看所有
-n 显示最近创建的容器
-l 显示最新创建的容器
-q 只显示容器id
-s 显示总大小
[root@localhost ~]# docker ps # 查看正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker ps -as # 查看所有显示总大小
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
8596ac176bd9 httpd "httpd-foreground" About a minute ago Created pensive_ramanujan 0B (virtual 143MB)
启动容器
# 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
[root@localhost ~]# docker start 8596ac176bd9 #通过 docker ps -as 查看容器id
8596ac176bd9
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8596ac176bd9 httpd "httpd-foreground" 2 minutes ago(启动时间)Up 10 seconds 80/tcp pensive_ramanujan
杀死容器
# 语法:docker kill [OPTIONS] CONTAINER [CONTAINER...]
[root@localhost ~]# docker kill 8596ac176bd9
8596ac176bd9
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8596ac176bd9 httpd "httpd-foreground" 6 minutes ago Exited (137) 19 seconds ago(19秒前关闭) pensive_ramanujan
在容器中运行命令
#语法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
选项:
-i 交互模式
-t 指定登录终端
-d 后台运行
....
[root@localhost ~]# docker run -it httpd /bin/sh
# ls
bin build cgi-bin conf error htdocs icons include logs modules
# ls bin
ab checkgid envvars-std htdbm httpd rotatelogs
apachectl dbmmanage fcgistarter htdigest httxt2dbm suexec
apxs envvars htcacheclean htpasswd logresolve
# exit
查看容器信息
# 语法:docker inspect [OPTIONS] NAME|ID [NAME|ID...]
选项:
-f,——format string使用给定的Go模板格式化输出
-s,——size如果是容器类型,则显示文件的总大小
——type string指定类型返回JSON
[root@localhost ~]# docker inspect 8596ac176bd9
.......
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "e6b7de4eb5e67fcbe4cbfe7a6c25d246fd31046933bc2857b3098f2d60302632",
"EndpointID": "fffa4341d90b29aaee924ce9d7a833626a30304b6538a2ee59bc70fee766d289",
"Gateway": "172.17.0.1", # 容器网关
"IPAddress": "172.17.0.2", # 容器IP
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
......
[root@localhost ~]# curl 172.17.0.2
<html><body><h1>It works!</h1></body></html>
获取日志
# 语法:docker logs [OPTIONS] CONTAINER
[root@localhost ~]# docker logs 8596ac176bd9
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Wed Dec 01 12:34:23.688219 2021] [mpm_event:notice] [pid 1:tid 140522495077696] AH00489: Apache/2.4.51 (Unix) configured -- resuming normal operations
[Wed Dec 01 12:34:23.688387 2021] [core:notice] [pid 1:tid 140522495077696] AH00094: Command line: 'httpd -D FOREGROUND'
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Wed Dec 01 12:41:54.056676 2021] [mpm_event:notice] [pid 1:tid 140258335927616] AH00489: Apache/2.4.51 (Unix) configured -- resuming normal operations
[Wed Dec 01 12:41:54.056827 2021] [core:notice] [pid 1:tid 140258335927616] AH00094: Command line: 'httpd -D FOREGROUND'
172.17.0.1 - - [01/Dec/2021:12:44:20 +0000] "GET / HTTP/1.1" 200 45
删除容器
(不能删除正在运行的容器)
[root@localhost ~]# docker stop 8596ac176bd9
8596ac176bd9
# 单个删除
[root@localhost ~]# docker rm 8596ac176bd9
8596ac176bd9
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
02d91fba60bd httpd "/bin/sh" 6 minutes ago Exited (0) 5 minutes ago thirsty_chaplygin
# 批量删除
[root@localhost ~]# docker rm $(docker ps -qa)
02d91fba60bd
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
在运行容器中运行命令
# 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
选项:
-d 后台运行
-i 交互模式
-t 指定登录
.....
[root@localhost ~]# docker create nginx
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
eff15d958d66: Already exists
1e5351450a59: Pull complete
2df63e6ce2be: Pull complete
9171c7ae368c: Pull complete
020f975acd28: Pull complete
266f639b35ad: Pull complete
Digest: sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
Status: Downloaded newer image for nginx:latest
be5d5064f88027c22445534736df9f2cb533c9628493d3a72ffdd3f8ff5ddba7
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be5d5064f880 nginx "/docker-entrypoint.…" 17 seconds ago Created amazing_cohen
[root@localhost ~]# docker start be5d5064f880
be5d5064f880
[root@localhost ~]# docker exec -it be5d5064f880 /bin/bash # 进入容器,执行命令
root@be5d5064f880:/# ls
bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var
boot docker-entrypoint.d etc lib media opt root sbin sys usr