本文详细介绍了Docker容器的发展历程,包括lxc、libcontainer到runC的变化,以及开放容器倡议(OCI)和开放容器格式(OCF)的标准。Docker提供了镜像仓库,如Docker Hub,用于存储和分享镜像。文章还阐述了镜像与容器之间的关系,以及如何在CentOS上安装和配置Docker,包括设置Docker加速器。最后,列举了多个Docker常用命令,如创建、运行、管理容器和镜像,以及查看Docker信息等。
docker
docker中的容器:
- lxc --> libcontainer --> runC
OCI&OCF
OCI
开放容器倡议
- 由Linux基金会主导于2015年6月创立
- 旨在围绕容器格式和运行时制定一个开放的工业化标准
- contains two specifications
the Runtime Specification(runtime-spec)
the Image Specification(image-spec)
OCF
开放容器格式
runC is a CLI tool for spawning and running containers according to the OCI specification
- 容器作为 runC 的子进程启动,可以嵌入到各种其他系统中,而无需运行守护进程
- runC 建立在 libcontainer 之上,同样的容器技术为数百万个 Docker 引擎安装提供支持
docker提供了一个专门容纳容器镜像的站点:https://hub.docker.com/.
docker镜像与镜像仓库
镜像仓库名字为registry,在docker中仓库的名字是以应用的名称取名的。
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的。
docker对线
当您使用 docker 时,您正在创建和使用图像、容器、网络、卷、插件和其他对象。
IMAGES
- 图像是一个只读模板,其中包含创建 docker 容器的说明。
- 通常,一个图像基于另一个图像,并带有一些额外的自定义。
- 您可以创建自己的映像,也可以仅使用其他人创建并在注册表中发布的映像。
CONTAINERS
- 容器是图像的可运行实例。
- 您可以使用 docker API 或 CLI 创建、运行、停止、移动或删除容器。
- 您可以将容器连接到一个或多个网络,为其附加存储,甚至可以根据其当前状态创建新映像
docker的安装
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
[root@localhost yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo
[root@localhost ~]# yum -y install docker-ce
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
docker cn
中国科技大学加速器
阿里云加速器(需要通过阿里云开发者平台注册帐号,免费使用个人私有的加速器)
[root@localhost ~]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@localhost ~]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/"]
}
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker info
···
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://docker.mirrors.ustc.edu.cn/
Live Restore Enabled: false
docker常用命令
docker 查看Docker基本信息、命令列表
[root@localhost ~]# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default
context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
app* Docker App (Docker Inc., v0.9.1-beta3)
builder Manage builds
buildx* Build with BuildKit (Docker Inc., v0.6.3-docker)
config Manage Docker configs
container Manage containers
context Manage contexts
image Manage images
manifest Manage Docker image manifests and manifest lists
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
scan* Docker Scan (Docker Inc., v0.9.0)
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
To get more help with docker, check out our guides at https://docs.docker.com/go/guides/
docker info查看Docker信息
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.6.3-docker)
scan: Docker Scan (Docker Inc., v0.9.0)
······
docker version查看Docker版本信息
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 20.10.11
API version: 1.41
Go version: go1.16.9
Git commit: dea9396
Built: Thu Nov 18 00:36:58 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.11
API version: 1.41 (minimum version 1.12)
Go version: go1.16.9
Git commit: 847da18
Built: Thu Nov 18 00:35:20 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker search搜索镜像 镜像仓库.
[root@localhost ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 15893 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2098 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 819 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 285
······
docker pull拉取镜像
[root@localhost ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
eff15d958d66: Pull complete
1e5351450a59: Pull complete
2df63e6ce2be: Pull complete
9171c7ae368c: Pull complete
020f975acd28: Pull complete
266f639b35ad: Pull complete
Digest: sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
docker images查看已安装的镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ea335eea17ab 2 weeks ago 141MB
docker run 运行一个容器,自动拉取镜像、自动创建容器、自动运行
docker run [options] image [command]
options:
-a stdin: 指定标准输入输出内容类型,可选stdin/stdout/stderr
-i: 以交互模式运行容器,通常与-t同时使用
-t: 为容器重新分配一个伪输入终端
-d: 运行一个容器,在后台运行或者打印容器id
-P: 随机端口映射,容器内部端口随机映射到主机的端口
-p: 指定端口映射,例:宿主机端口:容器端口
--name: 为容器指定一个名称
--dns: 指定容器使用的DNS服务器
-v: 绑定一个卷
[root@localhost ~]# docker run -itd --name nginx1 nginx
0fbb5c053e4be1f8bf06b2ad544c8e22de9009d2949bd5381d3c3ac9188a3377
docker create创建一个新容器,不运行
[root@localhost ~]# docker create --name nginx2 nginx
b80f60f520bf46cea6fd5d0c6c0df97dc28a69a60996148fa508c182a8806140
docker ps列出正在运行的容器docker ps -a这样可列出所有容器
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbb5c053e4b nginx "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp nginx1
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b80f60f520bf nginx "/docker-entrypoint.…" 15 minutes ago Created nginx2
0fbb5c053e4b nginx "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp nginx1
docker start开启一个或多个已经关闭的容器
[root@localhost ~]# docker start b80f60f520bf
b80f60f520bf
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b80f60f520bf nginx "/docker-entrypoint.…" 16 minutes ago Up 5 seconds 80/tcp nginx2
0fbb5c053e4b nginx "/docker-entrypoint.…" About an hour ago Up About an hour 80/tcp nginx1
docker stop 停止容器
[root@localhost ~]# docker stop 0fbb5c053e4b
0fbb5c053e4b
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b80f60f520bf nginx "/docker-entrypoint.…" 18 minutes ago Up 2 minutes 80/tcp nginx2
docker kill杀掉容器
[root@localhost ~]# docker kill b80f60f520bf
b80f60f520bf
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]#
docker attach连接到正在运行的容器上
[root@localhost ~]# docker attach nginx1
docker exec进入容器
[root@localhost ~]# docker exec -it /bin/bash nginx1
Error: No such container: /bin/bash
[root@localhost ~]# docker exec -it nginx1 /bin/bash
root@0fbb5c053e4b:/# ls
bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var
boot docker-entrypoint.d etc lib media opt root sbin sys usr
docker logs查看容器日志
[root@localhost ~]# docker logs nginx1
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
······
docker rm删除容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b80f60f520bf nginx "/docker-entrypoint.…" About an hour ago Exited (137) 10 minutes ago nginx2
0fbb5c053e4b nginx "/docker-entrypoint.…" 2 hours ago Exited (0) 44 minutes ago nginx1
9bf5e5ab90f6 nginx "/docker-entrypoint.…" 2 hours ago Exited (0) 2 hours ago angry_booth
[root@localhost ~]# docker rm 9bf5e5ab90f6
9bf5e5ab90f6
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b80f60f520bf nginx "/docker-entrypoint.…" About an hour ago Exited (137) 10 minutes ago nginx2
0fbb5c053e4b nginx "/docker-entrypoint.…" 2 hours ago Exited (0) 45 minutes ago nginx1
docker rmi删除镜像
# 当容器正在运行镜像不能删除
[root@localhost ~]# docker rmi -f nginx
Untagged: nginx:latest
Untagged: nginx@sha256:097c3a0913d7e3a5b01b6c685a60c03632fc7a2b50bc8e35bcaa3691d788226e
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> ea335eea17ab 2 weeks ago 141MB
[root@localhost ~]#
docker event state
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
