1)看docker的进程树:
ps axjf
[root@localhost ~]# docker run -d busybox ping baidu.com
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
[root@localhost ~]#
[root@localhost ~]# systemctl start docker
[root@localhost ~]#
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
[root@localhost ~]# docker run -d busybox ping baidu.com
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
ee153a04d683: Pull complete
Digest: sha256:9f1003c480699be56815db0f8146ad2e22efea85129b5b5983d0e0fb52d9ab70
Status: Downloaded newer image for busybox:latest
ebb7c712dea23c035ae4bb3260db8217ef69ae2723258ab159e14e531fdbb18d
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ps -ef | grep docker
root 1711 1 1 15:20 ? 00:00:02 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 1906 1709 0 15:21 ? 00:00:00 containerd-shim -namespace moby -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/moby/ebb7c712dea23c035ae4bb3260db8217ef69ae2723258ab159e14e531fdbb18d -address /run/containerd/containerd.sock -containerd-binary /usr/bin/containerd -runtime-root /var/run/docker/runtime-runc
root 1965 1642 0 15:23 pts/0 00:00:00 grep --color=auto docker
[root@localhost ~]#
[root@localhost ~]# ps axjf -p 1711
PPID PID PGID SID TTY TPGID STAT UID TIME COMMAND
……
1 1709 1709 1709 ? -1 Ssl 0 0:01 /usr/bin/containerd
1709 1906 1906 1709 ? -1 Sl 0 0:00 \_ containerd-shim -namespace moby -workdir /var/lib/containerd/
1906 1921 1921 1921 ? -1 Ss 0 0:00 \_ ping baidu.com
1 1711 1711 1711 ? -1 Ssl 0 0:02 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd
[root@localhost ~]#
说明:docker client 将命令传给docker engine,本地有镜像则用本地的,没有则从image repository拉取。docker engine通知containerd进程创建容器,containerd启动shim创建容器,runC提供文件系统以提供容器运行环境。
设置开机自启动:
[root@localhost test]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
2)内部组件
Namespace 命名空间 -> 容器内部只能看到自己的进程,不能看到宿主机的进程
CGroup 控制组 -> 对资源限制,如CPU、内存、网络等
UnionFS 联合文件系统 -> 镜像中的目录结构的分层
3)kill 所有容器:
docker rm -f $(docker ps -q -a)
其中,-q, --quiet Only display numeric IDs
例如,# docker ps -a -q,打印结果为 d96a8a2382a8
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebb7c712dea2 busybox "ping baidu.com" 23 minutes ago Up 23 minutes agitated_brahmagupta
[root@localhost ~]#
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest db8ee88ad75f 2 weeks ago 1.22MB
hello-world latest fce289e99eb9 7 months ago 1.84kB
[root@localhost ~]#
[root@localhost ~]# docker rm -f $(docker ps -q -a)
ebb7c712dea2
c38ba80a5520
a7fe13e2c182
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
[root@localhost ~]# docker ps --help
Usage: docker ps [OPTIONS]
List containers
Options:
-a, --all Show all containers (default shows just running)
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print containers using a Go template
-n, --last int Show n last created containers (includes all states) (default -1)
-l, --latest Show the latest created container (includes all states)
--no-trunc Don't truncate output
-q, --quiet Only display numeric IDs
-s, --size Display total file sizes
4)docker pull 很慢,可以在 Docker 守护进程启动时传入 --registry-mirror 参数
为了永久性保留更改,可以修改 /etc/docker/daemon.json 文件的 registry-mirrors 键值。
[root@localhost ~]# cat /etc/docker/daemon.json
{
"registry-mirrors":["https://registry.docker-cn.com"]
}
[root@localhost ~]#
[root@localhost ~]# vi /etc/docker/daemon.json
[root@localhost ~]#
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
[root@localhost ~]#
[root@localhost ~]# dcoker pull nginx
-bash: dcoker: command not found
[root@localhost ~]#
[root@localhost ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
f5d23c7fed46: Pull complete
918b255d86e5: Pull complete
8c0120a6f561: Pull complete
Digest: sha256:eb3320e2f9ca409b7c0aa71aea3cf7ce7d018f03a372564dbdb023646958770b
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost ~]#
参考:docker加速 阿里云镜像地址,使用方式 https://blog.csdn.net/qq_28410283/article/details/81433674
5)镜像由多层构成,可以用 docker history 查看
docker image history nginx 和 docker history nginx 的返回结果一样~
[root@localhost ~]# docker history nginx
IMAGE CREATED CREATED BY SIZE COMMENT
e445ab08b2be 2 weeks ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B
<missing> 2 weeks ago /bin/sh -c #(nop) EXPOSE 80 0B
<missing> 2 weeks ago /bin/sh -c ln -sf /dev/stdout /var/log/nginx… 22B
<missing> 2 weeks ago /bin/sh -c set -x && addgroup --system -… 56.6MB
<missing> 2 weeks ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV NJS_VERSION=0.3.3 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.17.2 0B
<missing> 2 weeks ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B
<missing> 4 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 4 weeks ago /bin/sh -c #(nop) ADD file:71ac26257198ecf6a… 69.2MB
6)容器是在镜像的基础上添加一个读写层。以CentOS 7为例,镜像存储在 /var/lib/docker/overlay2,存有镜像每一层的数据。
说明:overlay2是存储驱动
学习的课程传送门 -> https://ke.qq.com/course/366769