docker基础用法
什么是dock
docker中的容器:
lxc --> libcontainer --> runC
OCI&OCF
OCI
Open Container-initiative (开放式集装箱倡议)
- 由Linux基金会主导于2015年6月创立
- 旨在围绕容器格式和运行时制定一个开放的工业化标准
- contains two specifications包含两种规格
- the Runtime Specification(runtime-spec)运行时规范
- the Image Specification(image-spec)图像规格
OCF
Open Container Format
runC is a CLI tool for spawning and running containers according to the OCI specification (runC是一个CLI工具,用于根据OCI规范生成和运行容器)
- Containers are started as a child process of runC and can be embedded into various other systems without having to run a daemon 容器作为runC的子进程启动,可以嵌入到各种其他系统中,而不必运行守护进程
- runC is built on libcontainer, the same container technology powering millions of Docker Engine installations runC是基于libcontainer构建的,同样的容器技术支持数百万的Docker引擎安装
docker提供了一个专门容纳容器镜像的站点:https://hub.docker.com
##docker架构
Client 客户端
Docker 是一个客户端-服务器(C/S)架构程序。Docker 客户端只需要向 Docker 服务器或者守护进程发出请求,服务器或者守护进程将完成所有工作并返回结果。Docker 提供了一个命令行工具 Docker 以及一整套 RESTful API。你可以在同一台宿主机上运行 Docker 守护进程和客户端,也可以从本地的 Docker 客户端连接到运行在另一台宿主机上的远程 Docker 守护进程。
Host 主机(Docker 引擎)
一个物理或者虚拟的机器用于执行 Docker 守护进程和容器。
- Image 镜像
什么是 Docker 镜像?简单的理解,Docker 镜像就是一个 Linux 的文件系统(Root FileSystem),这个文件系统里面包含可以运行在 Linux 内核的程序以及相应的数据。
通过镜像启动一个容器,一个镜像就是一个可执行的包,其中包括运行应用程序所需要的所有内容:包含代码,运行时间,库,环境变量和配置文件等。
Docker 把 App 文件打包成为一个镜像,并且采用类似多次快照的存储技术,可以实现:
多个 App 可以共用相同的底层镜像(初始的操作系统镜像);
App 运行时的 IO 操作和镜像文件隔离;
通过挂载包含不同配置/数据文件的目录或者卷(Volume),单个 App 镜像可以用来运行无数个不同业务的容器。 - Container 容器
镜像(Image)和容器(Container)的关系,就像是面向对象程序设计中的类和实例一样,镜像是静态的定义,容器是镜像运行时的实体。容器可以被创建、启动、停止、删除、暂停等。
Registry 注册中心
Docker 用 Registry 来保存用户构建的镜像。Registry 分为公共和私有两种。Docker 公司运营公共的 Registry 叫做 Docker Hub。用户可以在 Docker Hub 注册账号,分享并保存自己的镜像。
Docker 公司提供了公共的镜像仓库 https://hub.docker.com(Docker 称之为 Repository)提供了庞大的镜像集合供使用。
一个 Docker Registry 中可以包含多个仓库(Repository);每个仓库可以包含多个标签(Tag);每个标签对应一个镜像。
通常,一个仓库会包含同一个软件不同版本的镜像,而标签对应该软件的各个版本。我们可以通过 <仓库名>:<标签> 的格式来指定具体是这个软件哪个版本的镜像。如果不给出标签,将以 latest 作为默认标签。
docker镜像与镜像仓库
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的。
##docker对象
When you use docker, you are creating and using images, containers, networks, volumes, pluginns, and other objects.
- IMAGES
- An image is a read-only template with instructions for creating a docker container.
- Often, an image is based on another image, with some additional customization.
- You might create your own images or you might only use those created by others and published in a registry.
- CONTAINERS
- A conntainer is a runnable instance of an image.
- You can create, run, stop, move, or delete a container using the docker API or CLI.
- You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state.
当您使用docker时,您正在创建和使用映像、容器、网络、卷、插件和其他对象。
- IMAGES
- 图像图像是一个只读模板,包含创建docker容器的说明。
- 通常,一个图像基于另一个图像,并进行一些额外的定制。
- 您可以创建自己的图像,也可以只使用他人创建并在注册表中发布的图像。
- CONTAINERS
- 容器容器是一个图像的可运行实例。
- 您可以使用docker API或CLI创建、运行、停止、移动或删除容器。
- 您可以将容器连接到一个或多个网络,为其附加存储,甚至基于其当前状态创建新的映像。
安装及使用docker
docker安装
[root@zzz ~]# cd /etc/yum.repos.d/
[root@zzz yum.repos.d]# mount /dev/cdrom /mnt/
mount: /mnt: WARNING: device write-protected, mounted read-only.
[root@zzz yum.repos.d]# yum install -y wget
[root@zzz yum.repos.d]# wget -O docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo?spm=a2c6h.25603864.0.0.7fd94ca5yz5SG0
--2022-08-04 02:00:05-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo?spm=a2c6h.25603864.0.0.7fd94ca5yz5SG0
Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 43.224.184.231, 45.253.17.217, 43.224.184.227, ...
Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|43.224.184.231|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2081 (2.0K) [application/octet-stream]
Saving to: ‘docker-ce.repo’
docker-ce.repo 100%[===================================================>] 2.03K --.-KB/s in 0.01s
2022-08-04 02:00:05 (208 KB/s) - ‘docker-ce.repo’ saved [2081/2081]
[root@zzz yum.repos.d]# ll
total 8
-rw-r--r--. 1 root root 2081 Aug 3 13:14 docker-ce.repo
-rw-r--r--. 1 root root 137 Jul 2 02:10 xx.repo
[root@zzz ~]# yum install -y docker-ce
启动,设置开启自启
[root@zzz ~]# systemctl start docker
[root@zzz ~]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@zzz ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2022-08-04 02:14:57 CST; 1min 43s ago
Docs: https://docs.docker.com
Main PID: 12442 (dockerd)
Tasks: 7
Memory: 35.5M
CGroup: /system.slice/docker.service
└─12442 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
- docker cn
- 中国科技大学加速器
- 阿里云加速器(需要通过阿里云开发者平台注册帐号,免费使用个人私有的加速器)
使用阿里云加速器
https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors (需要注册账户)
[root@zzz ~]# sudo mkdir -p /etc/docker
[root@zzz ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://bydymp6j.mirror.aliyuncs.com"]
}
[root@zzz ~]# sudo systemctl daemon-reload
[root@zzz ~]# sudo systemctl restart docker
docker常用操作
| 命令 | 功能 | 解释 |
|---|---|---|
| docker search | Search the Docker Hub for images | 在 Docker 中心搜索映像 |
| docker pull | Pull an image or a repository from a registry | 从注册表中拉取映像或存储库 |
| docker images | List images | 列出图像 |
| docker create | Create a new conntainer | 创建新的容器 |
| docker start | Start one or more stopped containers | 启动一个或多个已停止的容器 |
| docker run | Run a command in a new container | 在新容器中运行命令 |
| docker attach | Attach to a runninng container | 连接到运行容器 |
| docker ps | List containers | 列出容器 |
| docker logs | Fetch the logs of a container | 获取容器的日志 |
| docker restart | Restart a container | 重新启动容器 |
| docker stop | Stop one or more running containers | 停止一个或多个正在运行的容器 |
| docker kill | Kill one or more running containers | 杀死一个或多个正在运行的容器 |
| docker rm | Remove onne or more containers | 删除容器或更多容器 |
| docker exec | Run a command in a running container | 在正在运行的容器中运行命令 |
| docker info | Display system-wide information | 显示系统范围的信息 |
| docker inspect | Return low-level information on Docker objects | 查看容器的低级信息(详细信息) |
- docker search 在 Docker 中心搜索映像
[root@zzz ~]# docker search java
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
node Node.js is a JavaScript-based platform for s… 11750 [OK]
tomcat Apache Tomcat is an open source implementati… 3371 [OK]
openjdk "Vanilla" builds of OpenJDK (an open-source … 3366 [OK]
java DEPRECATED; use "openjdk" (or other JDK impl… 1976 [OK]
ghost Ghost is a free and open source blogging pla… 1529 [OK]
couchdb CouchDB is a database that uses JSON for doc… 482 [OK]
jetty Jetty provides a Web server and javax.servle… 384 [OK]
amazoncorretto Corretto is a no-cost, production-ready dist… 223 [OK]
groovy Apache Groovy is a multi-faceted language fo… 130 [OK]
circleci/node Node.js is a JavaScript-based platform for s… 129
ibmjava Official IBM® SDK, Java™ Technology Edition … 100 [OK]
tomee Apache TomEE is an all-Apache Java EE certif… 97 [OK]
ibmcom/ibmjava IBM® SDK, Java™ Technology Edition Docker Im… 20
bitnami/java Bitnami Java Docker Image 10 [OK]
appdynamics/java-agent Java Agent for Kubernetes 6
amazon/aws-lambda-java AWS Lambda base images for Java 6
circleci/java This image is for internal use 2
openwhisk/java8action Apache OpenWhisk runtime for Java 8 Actions 2
circleci/java-nginx Java+nginx image. This image is for internal… 1
ibmcom/java-acceleration-amd64 0
kasmweb/java-dev Ubuntu Java development desktop for Kasm Wor… 0
ibmcom/java-websphere-traditional 0
airbyte/java-datadog-tracer-base 0
datadog/dd-trace-java-docker-build Docker container to build Java APM Tracer 0 [OK]
cockroachdb/postgres-test An environment to run the CockroachDB accept… 0 [OK]
[root@zzz ~]#
- docker pull 从注册表中拉取映像或存储库
[root@zzz ~]# docker pull java
Using default tag: latest
latest: Pulling from library/java
5040bd298390: Pull complete
fce5728aad85: Pull complete
76610ec20bf5: Pull complete
60170fec2151: Pull complete
e98f73de8f0d: Pull complete
11f7af24ed9c: Pull complete
49e2d6393f32: Pull complete
bb9cdec9c7f3: Pull complete
Digest: sha256:c1ff613e8ba25833d2e1940da0940c3824f03f802c449f3d1815a66b7f8c0e9d
Status: Downloaded newer image for java:latest
docker.io/library/java:latest
- docker images 列出图像
[root@zzz ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 3218b38490ce 7 months ago 516MB
ubuntu latest ba6acccedd29 9 months ago 72.8MB
java latest d23bdf5b1b1b 5 years ago 643MB
- docker create 创建新的容器
[root@zzz ~]# docker create --name my mysql
599fc24ea0bf635b397779b126576d2abe7b269c4b8f4f6ab3aa2ba919f2589f
- docker start 启动一个或多个已停止的容器
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 8 seconds ago Created web
[root@zzz ~]# docker start web
web
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 27 seconds ago Up 3 seconds 80/tcp web
[root@zzz ~]#
- docker run 在新容器中运行命令
[root@zzz ~]# docker run -it -d --name web1 -p80:80 httpd /bin/bash
252432a0b6a6821bca27f204aad2f016aeddea9064e7fdc46a93401087697987
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
252432a0b6a6 httpd "/bin/bash" 10 seconds ago Up 8 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp web1
[root@zzz ~]#
- docker attach 连接到运行容器
[root@zzz ~]# docker attach web1
root@252432a0b6a6:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@252432a0b6a6:/usr/local/apache2#
- docker ps 列出容器
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- docker logs 获取容器的日志
[root@zzz ~]# docker logs web
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Thu Aug 04 18:58:22.182474 2022] [mpm_event:notice] [pid 1:tid 139912958491968] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
[Thu Aug 04 18:58:22.182689 2022] [core:notice] [pid 1:tid 139912958491968] AH00094: Command line: 'httpd -D FOREGROUND'
[root@zzz ~]#
- docker restart 重新启动容器
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 24 minutes ago Exited (137) 20 minutes ago web
[root@zzz ~]# docker restart web
web
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 25 minutes ago Up 5 seconds 80/tcp web
[root@zzz ~]#
- docker stop 停止一个或多个正在运行的容器
[root@zzz ~]# docker stop web
web
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 3 minutes ago Exited (0) 3 seconds ago web
[root@zzz ~]#
- docker kill 杀死一个或多个正在运行的容器
[root@zzz ~]# docker start web
web
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 4 minutes ago Up 5 seconds 80/tcp web
[root@zzz ~]# docker kill web
web
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0fbbd5643e58 httpd "httpd-foreground" 4 minutes ago Exited (137) 3 seconds ago web
[root@zzz ~]#
- docker rm 删除容器或更多容器
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
599fc24ea0bf mysql "docker-entrypoint.s…" 17 minutes ago Exited (1) 4 seconds ago my
[root@zzz ~]# docker rm my
my
[root@zzz ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- docker exec 在正在运行的容器中运行命令
[root@zzz ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
252432a0b6a6 httpd "/bin/bash" 8 minutes ago Up 2 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp web1
[root@zzz ~]# docker exec -it web1 /bin/bash
root@252432a0b6a6:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@252432a0b6a6:/usr/local/apache2#
- docker info 显示系统范围的信息
[root@zzz ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 2
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc version: v1.1.2-0-ga916309
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-193.el8.x86_64
Operating System: CentOS Linux 8 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.758GiB
Name: zzz
ID: M5ZY:2NDC:XUPC:UL7R:GK7D:HVBT:IBDA:AT2B:UMLR:D3KT:LV5L:EZIW
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://bydymp6j.mirror.aliyuncs.com/
Live Restore Enabled: false
- docker inspect 查看容器的低级信息(详细信息)
[root@zzz ~]# docker inspect web
[
{
"Id": "0fbbd5643e585a0d1a1e16c7ed33744c147fa94b634b378e0434edb12c0ec087",
"Created": "2022-08-04T18:57:59.61263064Z",
"Path": "httpd-foreground",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 137,
"Error": "",
"StartedAt": "2022-08-04T19:02:10.258406351Z",
"FinishedAt": "2022-08-04T19:02:25.95483598Z"
····
····
····
····
扫一扫
911
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
