目录
前言
路漫漫而修远兮~
一、容器的演进(略)
只要会用就是成功
二、容器的组成
Docker通过客户端访问守护进程,从而操作Docker容器,而容器是通过镜像创建的,Docker镜像保存在Docker仓库中。
| Docker Client | 客户端 |
| Docker daemon | 守护进程 |
| Docker Image | 镜像 |
| Docker Container | 容器 |
| Docker Registry | 仓库 |
三、当前容器技术对比虚拟机的优劣势
- 节约成本:容器相比虚拟机约节省30%的成本
- 启动服务的时间更快(故障时服务重建的时间更少)
- 拥有快速部署(迁移)的能力
- 隔离性差:进程级别的隔离不如系统级别的隔离好
- 安全性相对虚拟机低
四、容器的隔离
Linux namespace是在当前运行的系统环境中创建(隔离)另一个进程的运行环境出来,并在此运行环境中将一些必要的系统全局资源进行虚拟化。进程可以运行在指定的namespace中,因此,namespace中的每个进程都认为自己拥有所有这些虚拟化的全局资源。
namespace实现资源隔离,cgroup实现资源分配控制
| IPC Namespace(Inter-Process Communication) | 提供进程间通信的隔离能力 |
| UTS Namespace(UNIX Timesharing System) | 提供主机名隔离能力 |
| PID Namespace(Process Identification) | 提供进程隔离能力 |
| Net Namespace(network) | 提供网络隔离能力 |
| User Namespace(user) | 提供用户隔离能力 |
| Time Namespace | 提供时间隔离能力 |
| Syslog Namespace | 提供syslog隔离能力 |
| cgroup Namespace(Control group) | 提供进程所属的控制组的身份隔离 |
五、容器的使用——Docker
1、Docker的安装
1.服务器能够连接网络的情况下,使用以下方法
Docker CE 软件仓库镜像使用帮助
docker-ce | 镜像站使用帮助 | 清华大学开源软件镜像站 | Tsinghua Open Source Mirror
- 卸载过去安装的docker,之前没有装则跳过
root@ubuntu2204-server2:~# for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do apt-get remove $pkg; done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'docker.io' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'docker-doc' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'docker-compose' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'podman-docker' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'containerd' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'runc' is not installed, so not removed
0 upgraded, 0 newly installed, 0 to remove and 56 not upgraded.
- 安装依赖文件:
root@ubuntu2204-server2:~# apt-get update
Hit:1 http://cn.archive.ubuntu.com/ubuntu jammy InRelease
Get:2 http://cn.archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:3 http://cn.archive.ubuntu.com/ubuntu jammy-backports InRelease [108 kB]
Get:4 http://cn.archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [773 kB]
Get:6 http://cn.archive.ubuntu.com/ubuntu jammy-updates/main Translation-en [197 kB]
Get:7 http://cn.archive.ubuntu.com/ubuntu jammy-updates/main amd64 c-n-f Metadata [15.3 kB]
Get:8 http://cn.archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [540 kB]
Get:9 http://cn.archive.ubuntu.com/ubuntu jammy-updates/restricted Translation-en [84.3 kB]
Get:10 http://cn.archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 c-n-f Metadata [512 B]
Get:11 http://cn.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [939 kB]
Get:12 http://cn.archive.ubuntu.com/ubuntu jammy-updates/universe Translation-en [200 kB]
Get:13 http://cn.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 c-n-f Metadata [20.6 kB]
Get:14 http://cn.archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [48.4 kB]
Get:15 http://cn.archive.ubuntu.com/ubuntu jammy-updates/multiverse Translation-en [11.6 kB]
Get:16 http://cn.archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 c-n-f Metadata [608 B]
Get:17 http://cn.archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages [546 kB]
Get:18 http://cn.archive.ubuntu.com/ubuntu jammy-security/main Translation-en [135 kB]
Get:19 http://cn.archive.ubuntu.com/ubuntu jammy-security/main amd64 c-n-f Metadata [10.3 kB]
Get:20 http://cn.archive.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [533 kB]
Get:21 http://cn.archive.ubuntu.com/ubuntu jammy-security/restricted Translation-en [83.7 kB]
Get:22 http://cn.archive.ubuntu.com/ubuntu jammy-security/restricted amd64 c-n-f Metadata [512 B]
Get:23 http://cn.archive.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [747 kB]
Get:24 http://cn.archive.ubuntu.com/ubuntu jammy-security/universe Translation-en [133 kB]
Get:25 http://cn.archive.ubuntu.com/ubuntu jammy-security/universe amd64 c-n-f Metadata [15.7 kB]
Get:26 http://cn.archive.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [35.9 kB]
Get:27 http://cn.archive.ubuntu.com/ubuntu jammy-security/multiverse amd64 c-n-f Metadata [248 B]
Fetched 5,408 kB in 13s (405 kB/s)
Reading package lists... Done
root@ubuntu2204-server2:~# apt-get install ca-certificates curl gnupg
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
ca-certificates is already the newest version (20230311ubuntu0.22.04.1).
ca-certificates set to manually installed.
curl is already the newest version (7.81.0-1ubuntu1.10).
curl set to manually installed.
gnupg is already the newest version (2.2.27-3ubuntu2.1).
gnupg set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 66 not upgraded.
root@ubuntu2204-server2:~#
- 安装 GPG 证书并添加仓库
root@ubuntu2204-server2:~# install -m 0755 -d /etc/apt/keyrings
root@ubuntu2204-server2:~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
root@ubuntu2204-server2:~# chmod a+r /etc/apt/keyrings/docker.gpg
root@ubuntu2204-server2:~# echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
root@ubuntu2204-server2:~#
- 更新并安装docker-ce【默认安装最新版本docker】
root@ubuntu2204-server2:~# apt-get update
Get:1 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy InRelease [48.9 kB]
Get:2 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages [19.2 kB]
Hit:3 http://cn.archive.ubuntu.com/ubuntu jammy InRelease
Get:4 http://cn.archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu jammy-backports InRelease [108 kB]
Get:6 http://cn.archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:7 http://cn.archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages [546 kB]
Get:8 http://cn.archive.ubuntu.com/ubuntu jammy-security/main amd64 c-n-f Metadata [10.3 kB]
Get:9 http://cn.archive.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [43.4 kB]
Get:10 http://cn.archive.ubuntu.com/ubuntu jammy-security/multiverse Translation-en [9,124 B]
Fetched 1,014 kB in 6s (176 kB/s)
Reading package lists... Done
root@ubuntu2204-server2:~# apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
docker-ce-rootless-extras libltdl7 libslirp0 pigz slirp4netns
Suggested packages:
aufs-tools cgroupfs-mount | cgroup-lite
The following NEW packages will be installed:
containerd.io docker-buildx-plugin docker-ce docker-ce-cli docker-ce-rootless-extras docker-compose-plugin libltdl7 libslirp0 pigz slirp4netns
0 upgraded, 10 newly installed, 0 to remove and 66 not upgraded.
Need to get 111 MB of archives.
After this operation, 402 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 containerd.io amd64 1.6.21-1 [28.3 MB]
Get:2 http://cn.archive.ubuntu.com/ubuntu jammy/universe amd64 pigz amd64 2.6-1 [63.6 kB]
Get:3 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 docker-buildx-plugin amd64 0.10.5-1~ubuntu.22.04~jammy [26.1 MB]
Get:4 http://cn.archive.ubuntu.com/ubuntu jammy/main amd64 libltdl7 amd64 2.4.6-15build2 [39.6 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu jammy/main amd64 libslirp0 amd64 4.6.1-1build1 [61.5 kB]
Get:6 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 docker-ce-cli amd64 5:24.0.2-1~ubuntu.22.04~jammy [13.3 MB]
Get:7 http://cn.archive.ubuntu.com/ubuntu jammy/universe amd64 slirp4netns amd64 1.0.1-2 [28.2 kB]
Get:8 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 docker-ce amd64 5:24.0.2-1~ubuntu.22.04~jammy [22.9 MB]
Get:9 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 docker-ce-rootless-extras amd64 5:24.0.2-1~ubuntu.22.04~jammy [9,008 kB]
Get:10 https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 docker-compose-plugin amd64 2.18.1-1~ubuntu.22.04~jammy [10.9 MB]
Fetched 111 MB in 6s (19.1 MB/s)
Selecting previously unselected package pigz.
(Reading database ... 109494 files and directories currently installed.)
Preparing to unpack .../0-pigz_2.6-1_amd64.deb ...
Unpacking pigz (2.6-1) ...
Selecting previously unselected package containerd.io.
Preparing to unpack .../1-containerd.io_1.6.21-1_amd64.deb ...
Unpacking containerd.io (1.6.21-1) ...
Selecting previously unselected package docker-buildx-plugin.
Preparing to unpack .../2-docker-buildx-plugin_0.10.5-1~ubuntu.22.04~jammy_amd64.deb ...
Unpacking docker-buildx-plugin (0.10.5-1~ubuntu.22.04~jammy) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../3-docker-ce-cli_5%3a24.0.2-1~ubuntu.22.04~jammy_amd64.deb ...
Unpacking docker-ce-cli (5:24.0.2-1~ubuntu.22.04~jammy) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../4-docker-ce_5%3a24.0.2-1~ubuntu.22.04~jammy_amd64.deb ...
Unpacking docker-ce (5:24.0.2-1~ubuntu.22.04~jammy) ...
Selecting previously unselected package docker-ce-rootless-extras.
Preparing to unpack .../5-docker-ce-rootless-extras_5%3a24.0.2-1~ubuntu.22.04~jammy_amd64.deb ...
Unpacking docker-ce-rootless-extras (5:24.0.2-1~ubuntu.22.04~jammy) ...
Selecting previously unselected package docker-compose-plugin.
Preparing to unpack .../6-docker-compose-plugin_2.18.1-1~ubuntu.22.04~jammy_amd64.deb ...
Unpacking docker-compose-plugin (2.18.1-1~ubuntu.22.04~jammy) ...
Selecting previously unselected package libltdl7:amd64.
Preparing to unpack .../7-libltdl7_2.4.6-15build2_amd64.deb ...
Unpacking libltdl7:amd64 (2.4.6-15build2) ...
Selecting previously unselected package libslirp0:amd64.
Preparing to unpack .../8-libslirp0_4.6.1-1build1_amd64.deb ...
Unpacking libslirp0:amd64 (4.6.1-1build1) ...
Selecting previously unselected package slirp4netns.
Preparing to unpack .../9-slirp4netns_1.0.1-2_amd64.deb ...
Unpacking slirp4netns (1.0.1-2) ...
Setting up docker-buildx-plugin (0.10.5-1~ubuntu.22.04~jammy) ...
Setting up containerd.io (1.6.21-1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Setting up docker-compose-plugin (2.18.1-1~ubuntu.22.04~jammy) ...
Setting up libltdl7:amd64 (2.4.6-15build2) ...
Setting up docker-ce-cli (5:24.0.2-1~ubuntu.22.04~jammy) ...
Setting up libslirp0:amd64 (4.6.1-1build1) ...
Setting up pigz (2.6-1) ...
Setting up docker-ce-rootless-extras (5:24.0.2-1~ubuntu.22.04~jammy) ...
Setting up slirp4netns (1.0.1-2) ...
Setting up docker-ce (5:24.0.2-1~ubuntu.22.04~jammy) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204-server2:~#
- 如果需安装指定版本dockers,则执行
apt-cache madison docker-ce #列出版本信息
apt-get -y install docker-ce=[指定版本] #指定版本安装root@ubuntu2204-server2:~# apt-cache madison docker-ce
docker-ce | 5:24.0.2-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:24.0.1-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:24.0.0-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.6-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.5-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.4-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.3-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.2-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.1-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:23.0.0-1~ubuntu.22.04~jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.24~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.23~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.22~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.21~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.20~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.19~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.18~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.17~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.16~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.15~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.14~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
docker-ce | 5:20.10.13~3-0~ubuntu-jammy | https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu jammy/stable amd64 Packages
2.服务器无法连接外部网络时,使用离线安装
- 根据主机型号,准备对应的安装包
https://mirrors.aliyun.com/docker-ce/linux/ubuntu/dists/jammy/pool/stable/amd64/root@ubuntu2204-server1:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.2 LTS"
root@ubuntu2204-server1:~# dpkg --print-architecture
amd64
root@ubuntu2204-server1:~#
- 上传包
- 安装命令
root@ubuntu2204-server1:/opt/docker# dpkg -i *.deb && apt-get -f install
Selecting previously unselected package containerd.io.
(Reading database ... 73998 files and directories currently installed.)
Preparing to unpack containerd.io_1.6.9-1_amd64.deb ...
Unpacking containerd.io (1.6.9-1) ...
Selecting previously unselected package docker-ce.
Preparing to unpack docker-ce_20.10.21~3-0~ubuntu-jammy_amd64.deb ...
Unpacking docker-ce (5:20.10.21~3-0~ubuntu-jammy) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack docker-ce-cli_20.10.21~3-0~ubuntu-jammy_amd64.deb ...
Unpacking docker-ce-cli (5:20.10.21~3-0~ubuntu-jammy) ...
Setting up containerd.io (1.6.9-1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Setting up docker-ce-cli (5:20.10.21~3-0~ubuntu-jammy) ...
Setting up docker-ce (5:20.10.21~3-0~ubuntu-jammy) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Processing triggers for man-db (2.10.2-1) ...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 62 not upgraded.
root@ubuntu2204-server1:/opt/docker#
- 启动docker,并查看docker版本信息
root@ubuntu2204-server1:/opt/docker# systemctl start docker
root@ubuntu2204-server1:/opt/docker# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.9.1-docker)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.21
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 1c90a442489720eec95342e1789ee8a5e1b9536f
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: default
cgroupns
Kernel Version: 5.15.0-75-generic
Operating System: Ubuntu 22.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 1.884GiB
Name: ubuntu2204-server1
ID: HRVQ:4PBX:ZNU3:B6YM:ERNL:HR5P:HSTZ:DWLQ:NIR2:GWKJ:YD7C:TPF5
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
root@ubuntu2204-server1:/opt/docker#
2、Docker基础命令
1.镜像管理
- docker image --hell
root@ubuntu2204-server1:~# docker image --help
Usage: docker image COMMAND
Manage images
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
- docker pull tomcat #拉取镜像
root@ubuntu2204-server1:~# docker pull tomcat
Using default tag: latest
latest: Pulling from library/tomcat
9d19ee268e0d: Pull complete
f2b566cb887b: Pull complete
b375e6654ef5: Pull complete
19452d1108a6: Pull complete
b82f37793aff: Pull complete
e960c730c507: Pull complete
dfc7aede9468: Pull complete
Digest: sha256:78d8d4b34b5570ee63ffaeeb2cc53e8d403b2dc921c611cecf0c198d7a0eea1e
Status: Downloaded newer image for tomcat:latest
docker.io/library/tomcat:latest
- docker pull ubuntu:14.04 #拉取指定版本
root@ubuntu2204-server1:~# docker pull ubuntu:14.04
14.04: Pulling from library/ubuntu
2e6e20c8e2e6: Pull complete
0551a797c01d: Pull complete
512123a864da: Pull complete
Digest: sha256:64483f3496c1373bfd55348e88694d1c4d0c9b660dee6bfef5e12f43b9933b30
Status: Downloaded newer image for ubuntu:14.04
docker.io/library/ubuntu:14.04
- docker images #列出所以镜像
root@ubuntu2204-server1:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat latest ee38ad613bc2 35 hours ago 475MB
ubuntu 14.04 13b66b487594 2 years ago 197MB
ubuntu 15.10 9b9cb95443b5 6 years ago 137MB
- docker rmi ubuntu:14.04 #删除镜像
root@ubuntu2204-server1:~# docker rmi ubuntu:14.04
Untagged: ubuntu:14.04
Untagged: ubuntu@sha256:64483f3496c1373bfd55348e88694d1c4d0c9b660dee6bfef5e12f43b9933b30
Deleted: sha256:13b66b487594a1f2b75396013bc05d29d9f527852d96c5577cc4f187559875d0
Deleted: sha256:e08f4f554d8df6b04f441fcdfe207b6314d3c709daa2b1ef66f79bbfb529b8c4
Deleted: sha256:c28d0c854fd56736ef4456e3c1c4276a28159751dc13fd1b340bd38d69473f7e
Deleted: sha256:f2fa9f4cf8fd0a521d40e34492b522cee3f35004047e617c75fadeb8bfd1e6b7
- 创建镜像
~# docker exec -it c255cc623854 bash
# apt-get update
# exit
~# docker commit -m="update20230707" c255cc623854 tomcat:zezehu
~# docker images
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c255cc623854 tomcat "catalina.sh run" 25 minutes ago Up 25 minutes 0.0.0.0:9999->8080/tcp, :::9999->8080/tcp laughing_kapitsa
038a95ff5859 tomcat "catalina.sh run" 35 minutes ago Up 35 minutes 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp stupefied_dhawan
root@ubuntu2204-server1:~# docker exec -it c255cc623854 bash
root@c255cc623854:/usr/local/tomcat# apt-get update
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:2 http://security.ubuntu.com/ubuntu jammy-security/multiverse amd64 Packages [53.6 kB]
Get:3 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [688 kB]
Get:4 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [947 kB]
Get:5 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [690 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [108 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages [1,792 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy/multiverse amd64 Packages [266 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy/universe amd64 Packages [17.5 MB]
Get:12 http://archive.ubuntu.com/ubuntu jammy/restricted amd64 Packages [164 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy-updates/restricted amd64 Packages [697 kB]
Get:14 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1,200 kB]
Get:15 http://archive.ubuntu.com/ubuntu jammy-updates/multiverse amd64 Packages [59.5 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [983 kB]
Get:17 http://archive.ubuntu.com/ubuntu jammy-backports/universe amd64 Packages [25.5 kB]
Get:18 http://archive.ubuntu.com/ubuntu jammy-backports/main amd64 Packages [49.4 kB]
Fetched 25.7 MB in 17s (1,512 kB/s)
Reading package lists... Done
root@c255cc623854:/usr/local/tomcat# exit
exit
root@ubuntu2204-server1:~# docker commit -m="update20230707" c255cc623854 tomcat:zezehu
sha256:dc34d0340fdf7c80ee647acc21d0760b34a594100d537c81a93f9dcd9a75e3f6
root@ubuntu2204-server1:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat zezehu dc34d0340fdf 9 seconds ago 516MB
tomcat latest ee38ad613bc2 36 hours ago 475MB
ubuntu 15.10 9b9cb95443b5 6 years ago 137MB
root@ubuntu2204-server1:~#
2.容器管理
- docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
| -i | 以交互模式运行容器 |
| -t | 启动容器后,为容器分配一个命令行,通常与 -i 同时使用 ,-it |
| -v | 目录映射,容器目录挂载到宿主机目录, |
| -d | 后台运行该容器 |
| -p | 指定端口映射 |
| -P | 随机端口映射,容器内部默认,宿主机随机 |
| -u | 指定用户身份创建容器 |
| --name | 容器名字 |
| -m | 设置容器使用内存最大值 |
| -h | 指定容器的 hostname |
| -restart | docker重启后,容器是否自动重启 |
root@ubuntu2204-server1:~# docker run -it -d ubuntu:15.10
cbc4ab46c0024860126e81286ce48796c57d5492253a85ca61eba45717cb2e5e
~#docker run -d -p 8081:8080 tomcat #-p指定端口
root@ubuntu2204-server1:~# docker run -d -p 8081:8080 tomcat
038a95ff5859b2a8a7a0c249608f39b802379520d819dcb82c413e5fde07fcb4
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
038a95ff5859 tomcat "catalina.sh run" 7 seconds ago Up 5 seconds 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp stupefied_dhawan
fa78a4378e7a ubuntu:15.10 "/bin/bash" 6 minutes ago Up 6 minutes friendly_aryabhata
~#docker run -d -p 8082:8080 -i -v /home/tomcat/webapps:/usr/local/tomcat/webapps tomcat #-v把宿主机的目录映射到指定容器的指定目录
root@ubuntu2204-server1:~# docker run -d -p 8082:8080 -i -v /home/tomcat/webapps:/usr/local/tomcat/webapps tomcat
c255cc623854b1169e946323011fb8be2809b95d16e829ec67c3d9fd78699d1f
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c255cc623854 tomcat "catalina.sh run" 11 seconds ago Up 10 seconds 0.0.0.0:8082->8080/tcp, :::8082->8080/tcp laughing_kapitsa
038a95ff5859 tomcat "catalina.sh run" 10 minutes ago Up 10 minutes 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp stupefied_dhawan
fa78a4378e7a ubuntu:15.10 "/bin/bash" 16 minutes ago Up 16 minutes friendly_aryabhata
root@ubuntu2204-server1:~# cat > /home/tomcat/webapps/ceshi.txt
11111
^C
root@ubuntu2204-server1:~# docker exec -it c255cc623854 bash
root@c255cc623854:/usr/local/tomcat# ls
bin conf lib logs NOTICE RELEASE-NOTES temp webapps.dist
BUILDING.txt CONTRIBUTING.md LICENSE native-jni-lib README.md RUNNING.txt webapps work
root@c255cc623854:/usr/local/tomcat# cd webapps
root@c255cc623854:/usr/local/tomcat/webapps# ls
ceshi.txt
root@c255cc623854:/usr/local/tomcat/webapps# cat ceshi.txt
11111
root@c255cc623854:/usr/local/tomcat/webapps#
- docker ps #查看容器运行状态
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c79197183813 tomcat "catalina.sh run" 42 seconds ago Up 41 seconds 0.0.0.0:49153->8080/tcp, :::49153->8080/tcp tomcat
cbc4ab46c002 ubuntu:15.10 "/bin/bash" 7 minutes ago Up 7 minutes dreamy_kowalevski
- docker info #查看容器信息
root@ubuntu2204-server1:~# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.9.1-docker)
Server:
Containers: 8
Running: 3
Paused: 0
Stopped: 5
Images: 3
Server Version: 20.10.21
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 1c90a442489720eec95342e1789ee8a5e1b9536f
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: default
cgroupns
Kernel Version: 5.15.0-75-generic
Operating System: Ubuntu 22.04.2 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 1.884GiB
Name: ubuntu2204-server1
ID: HRVQ:4PBX:ZNU3:B6YM:ERNL:HR5P:HSTZ:DWLQ:NIR2:GWKJ:YD7C:TPF5
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
- docker exec -it c255cc623854 bash #进入指定容器
root@ubuntu2204-server1:~# docker exec -it c255cc623854 bash
root@c255cc623854:/usr/local/tomcat# ls
bin conf lib logs NOTICE RELEASE-NOTES temp webapps.dist
BUILDING.txt CONTRIBUTING.md LICENSE native-jni-lib README.md RUNNING.txt webapps work
- docker kill fa78a4378e7a #kill指定容器
docker kill $(docker ps -a -q) #强制关闭所有运行中的容器,高危命令
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c255cc623854 tomcat "catalina.sh run" 13 minutes ago Up 13 minutes 0.0.0.0:8082->8080/tcp, :::8082->8080/tcp laughing_kapitsa
038a95ff5859 tomcat "catalina.sh run" 23 minutes ago Up 23 minutes 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp stupefied_dhawan
fa78a4378e7a ubuntu:15.10 "/bin/bash" 30 minutes ago Up 30 minutes friendly_aryabhata
root@ubuntu2204-server1:~# docker kill fa78a4378e7a
fa78a4378e7a
root@ubuntu2204-server1:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c255cc623854 tomcat "catalina.sh run" 13 minutes ago Up 13 minutes 0.0.0.0:8082->8080/tcp, :::8082->8080/tcp laughing_kapitsa
038a95ff5859 tomcat "catalina.sh run" 23 minutes ago Up 23 minutes 0.0.0.0:8081->8080/tcp, :::8081->8080/tcp stupefied_dhawan
root@ubuntu2204-server1:~#
3、安装mysql并挂载数据目录
- docker run -d -p 3306:3306 --name mysqltest -v /data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=zezehu mysql:5.7
root@ubuntu2204-server1:~# mkdir -p /data/mysql
root@ubuntu2204-server1:~# ls -rtl /data/
total 4
drwxr-xr-x 2 root root 4096 Jul 7 18:40 mysql
root@ubuntu2204-server1:~#
root@ubuntu2204-server1:~# docker run -d -p 3306:3306 --name mysqltest -v /data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=zezehu mysql:5.7
2d3375de6c0909d3d54ba39158e14e9d2d4c03521fd15cfefafcc0247b1b667e
root@ubuntu2204-server1:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2d3375de6c09 mysql:5.7 "docker-entrypoint.s…" 9 seconds ago Up 8 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysqltest
root@ubuntu2204-server1:~# docker exec -it mysqltest bash
bash-4.2# cd /var/lib/mysql
bash-4.2# ls
auto.cnf ca.pem client-key.pem ib_logfile0 ibdata1 mysql performance_schema public_key.pem server-key.pem
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile1 ibtmp1 mysql.sock private_key.pem server-cert.pem sys
bash-4.2# pwd
/var/lib/mysql
bash-4.2# exit
exit
root@ubuntu2204-server1:~# cd /data/
root@ubuntu2204-server1:/data# ls
mysql
root@ubuntu2204-server1:/data# cd mysql/
root@ubuntu2204-server1:/data/mysql# ls
auto.cnf ca.pem client-key.pem ibdata1 ib_logfile1 mysql performance_schema public_key.pem server-key.pem
ca-key.pem client-cert.pem ib_buffer_pool ib_logfile0 ibtmp1 mysql.sock private_key.pem server-cert.pem sys
root@ubuntu2204-server1:/data/mysql#4、Docker的存储引擎
AUFS:(AnotherUnionFS)是一种 Union FS ,是文件级的存储驱动。所谓 UnionFS就是把不同物理位置的目录合并 mount 到同一个目录中。简单来说就是支持将不同目录挂载到一个虚拟文件系统下的。这种可以层层地叠加修改文件。无论底下有多少都是只读的,最上系统可写的。当需要修改一个文件时, AUFS 创建该文件的一个副本,使用 CoW 将文件从只读层复制到可写进行修改,结果也保存在Docker 中,底下的只读层就是 image,可写层就是 Container,是 Docker 18.06 及更早版本的首选存储驱动程序,在内核 3.13 上运行 Ubuntu 14.04 时不支持 overlay2
Overlay:一种 Union FS 文件系统, Linux 内核 3.18 后支持
overlay2: Overlay 的升级版,到目前为止,所有 Linux 发行版推荐使用的存储类 型,也是docker默认使用的存储引擎为overlay2,需要磁盘分区支持d-type功能,因此需要系统磁盘的额外支持
当前Docker的默认存储引擎是overlay2
5、随便记的东西
Backing Filesystem: extfs #docker 不支持ext2/ext3 的磁盘系统
Supports d_type: true #需要centos 7.3及以上版本,7.2以前的不支持
Cgroup Driver: systemd #Docker的Cgroup Driver:systemd;k8s 19.03及以前版本为Cgroups;当前k8s 默认支持systemd
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
