docker 的 6 种状态
- Created: 已经被创建, 但是还未启动, (docker ps -a 可查, docker ps 不可查)
- Running: 运行中
- Paused: 暂停
- Restarting: 正在重启
- Exited: 之前运行过, 现在停止的状态
- Destroyed: 容器被删除
生命周期
创建容器
# 示例: 运行一个名为 test-ngx 的容器, 开启特权模式, 开启守护进程模式, 本机 8080 端口映射容器 80 端口, 关闭即删除
docker run -itd --name test-ngx --rm --privileged -p 8080:80 nginx:lts
参数解析
参数 | 解析 |
---|---|
–name | 给容器定义名称 |
–rm | docker stop 即执行删除 |
–privileged | 特权模式, 会对性能有一定提升, 并且解决权限问题 |
-d | 守护进程模式 |
-p | -p 8080:80, 将宿主机 8080 端口, 映射到容器 80 端口 -p 80, 将宿主机任意端口(49000~49900), 映射到容器 80 端口 -p 127.0.0.01:8080:80, 带 IP 地址映射 -p 127.0.0.1::80, 带 IP 地址随机映射 -p 888:888/udp, 映射 UDP 端口 |
-P | 根据 dockerfile expose 关键字映射端口 |
-v | 挂载磁盘 |
-e | 指定环境变量, -e ‘web_port=8080’ |
-u | 指定启动用户 |
-w | 指定工作目录 |
设置命名空间
参数 | 解析 |
---|---|
–net=host | 网络改为主机模式, 默认为 bridge, 不需要指定-p, 容器和宿主机复用端口 |
–pid=host | |
–utc=host | |
–ipc=host | |
userns=host |
维护操作
操作相关
# creat, 执行成功后状态为 Create, 容器并未启动, 需要 start
docker create ..
# start, 容器从 Exited --> Running
docker start [docker_name|docker_id]
# stop, 容器从 Running --> Exited
docker stop [docker_name|docker_id]
# 进入容器进行操作
docker exec -it docker_name /bin/bash
# 为容器重命名
docker rename docker_name new_docker_name
# 宿主机和容器间进行复制
docker cp path docker_name:docker_path # 宿主机复制到容器内
docker cp docker_name:docker_path path # 容器内复制到宿主机
# 删除容器
docker rm [docker_name|docker_id] # 正常情况下, 先停止后删除
docker rm -f [docker_name|docker_id] # 可在 Running 状态强制删除
docker rm `docker ps -qa` # 删除所有容器
查看信息相关
# 查看容器简单信息
docker ps # 查看已经开启的容器# 查看所有(包括关闭)的容器
docker ps -a # 查看所有(包括关闭)的容器
docker ps -qa # 查看所有容器id
# 查看容器中的端口映射到宿主机的信息
docker port docker_name 80 # 会根据 -p 的设置进行显示
# 查看 docker 的 top 信息
docker top [docker_name|docker_id]
# 直接查看容器日志
docker logs [docker_name|docker_id]
docker logs --tail 10 docker_name # 查看最后 10 条
docker logs -f docker_name # 动态查看
# 查看具体信息, 容器和镜像都可以使用
[root@192-168-248-75 ~]# docker inspect test-expose-nginx
[
{
"Id": "sha256:230498be7c9ae761b4579ec7ab5ad6e69898943ce2b0672ba9c9bee8d39de9ec",
"RepoTags": [
"test-expose-nginx:latest"
],
"RepoDigests": [],
"Parent": "sha256:62d49f9bab67f7c70ac3395855bf01389eb3175b374e621f6f191bf31b54cd5b",
"Comment": "",
"Created": "2021-04-28T07:40:29.455497195Z",
"Container": "800881ce348ec33b1883e1452e203ba58fb91813c46021a91a1091415e94a09c",
"ContainerConfig": {
"Hostname": "800881ce348e",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"443/tcp": {},
"80/tcp": {},
"8080/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.19.10",
"NJS_VERSION=0.5.3",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"EXPOSE 443 8080"
],
"Image": "sha256:62d49f9bab67f7c70ac3395855bf01389eb3175b374e621f6f191bf31b54cd5b",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"DockerVersion": "18.06.1-ce",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"443/tcp": {},
"80/tcp": {},
"8080/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.19.10",
"NJS_VERSION=0.5.3",
"PKG_RELEASE=1~buster"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "sha256:62d49f9bab67f7c70ac3395855bf01389eb3175b374e621f6f191bf31b54cd5b",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 133117205,
"VirtualSize": 133117205,
"GraphDriver": {
"Data": {
"LowerDir": "/thc/apps/docker/overlay2/1617f2391f66b834726522c44fe744bd9023f7e738f1ed99fa86c767ff284f53/diff:/thc/apps/docker/overlay2/0336ba3c7f432420b8447bf646de5527144789e97716c260633255335bf68cc4/diff:/thc/apps/docker/overlay2/2b3631cb415e85b3c9f6145c246ad0849b37617731d27459a090e1082f389711/diff:/thc/apps/docker/overlay2/97b9ed71860ba948d4e07ee32ea928d3de89b70245fda193ee529b93ea2e0ffc/diff:/thc/apps/docker/overlay2/8351f73fe3cf09d8e494654a5c31a97ba217b13445948caf048da38dbfdb7a66/diff",
"MergedDir": "/thc/apps/docker/overlay2/3a577e5b08376483782e977c7898ec43b07e68e8ba019f0ac990d4483a4fa91b/merged",
"UpperDir": "/thc/apps/docker/overlay2/3a577e5b08376483782e977c7898ec43b07e68e8ba019f0ac990d4483a4fa91b/diff",
"WorkDir": "/thc/apps/docker/overlay2/3a577e5b08376483782e977c7898ec43b07e68e8ba019f0ac990d4483a4fa91b/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:7e718b9c0c8c2e6420fe9c4d1d551088e314fe923dce4b2caf75891d82fb227d",
"sha256:4dc529e519c4390939b1616595683c89465782bb7d9fc7b90b30cc1e95bc723a",
"sha256:23c959acc3d0eb744031aef67adf6ceb5120a19c8869727d588f7d9dabd75b09",
"sha256:15aac1be5f02f2188ab40430b28a5f79be1bcb805db315bbe4d70f70aeabaa36",
"sha256:974e9faf62f1a3c3210e3904420ffec1dc351b756ac33024f2dd2683bf44c370",
"sha256:64ee8c6d0de0cfd019841b29c8cb18f4ab38e4687f7784866b840d5b2c31c8b9"
]
},
"Metadata": {
"LastTagTime": "2021-04-28T15:40:29.476788319+08:00"
}
}
]
# 支持对输出信息进行格式化, 并且支持多容器查询
[root@192-168-248-75 ~]# docker inspect test-expose-nginx:latest --format "{{.Config.ExposedPorts}}"
map[443/tcp:{} 80/tcp:{} 8080/tcp:{}]
关于 stop 和 kill
- docker stop 命令执行的时候, 会先向容器中PID为1的进程发送系统信号 SIGTERM, 然后等待容器中的应用程序终止执行
- 如果等待时间达到超时时间(默认为 10 秒, 用户可以使用 -t 参数指定超时时长), 会继续发送SIGKILL的系统信号强行kill掉进程
- 在容器中的应用程序, 可以选择忽略和不处理SIGTERM信号, 一旦达到超时时间, 程序就会被系统强行kill掉.
- 因为SIGKILL信号是直接发往系统内核的,应用程序没有机会去处理它
- docker kill 就是直接发送 SIGKILL 信号