赞
踩
Docker是一个用于开发、发布和运行应用程序的开放平台。Docker使您能够将应用程序从基础设施中分离出来,从而可以快速交付软件。使用Docker,您可以像管理应用程序一样管理基础设施。通过利用Docker的方法来快速发布、测试和部署代码,可以显著减少编写代码和在生产环境中运行代码之间的延迟。
--简介来自官网
Docker的官方图标很容易帮我们理解Docker的作用:
Docker的官方图标很容易帮我们理解Docker的作用:
Docker的官网图标是一个抽象化的鲸鱼驮着一堆的集装箱。
在容器中运行的应用就像集装箱一样,不需要关注底层运行的环境,总能够通过任意平台达成应用运行的目的。
虽然Docker不是唯一的容器引擎,但在目前任然是最流行的,且市场占有率最大容器引擎。但随着K8s的最近一次更新,不在原生支持Docker,其霸主地位是否会被撼动,任不得知。
如简介所说的,Docker只是众多容器引擎中的一款,却不是唯一,所以不要认为Docker就是容器。Docker作为容器引擎,可以轻松的为任何应用创建一个轻量级的、可移植的、自给自足的容器。
而应用则可以在容器中运行。可以将容器认为是一个轻量级的虚拟机,而容器引擎是创建容器的应用。
其他常见容器引擎有:Rocket、podman、container。
容器化越来越受欢迎,因为容器具有以下特点:
容器 | 虚拟机 | |
---|---|---|
启动速度 | 秒级 | 分钟级 |
计算损耗 | 几乎没有 | 损耗30%-50% |
性能 | 接近原生 | 弱于 |
系统支撑量 | 上千 | 几十个 |
隔离性 | 资源隔离 | 完全隔离 |
docker本质就是宿主机的一个进程,docker是通过namespace实现资源隔离,通过cgroup实现资源限制,通过写时复制技术(copy-on-write)实现了高效的文件操作(类似虚拟机的磁盘比如分配500g并不是实际占用物理磁盘500g)。
其中namespace实现完成了容器化所需要的六项隔离:
Namespace | 系统调用参数 | 隔离内容 |
---|---|---|
UTS | CLONE_NEWUTS | 主机名与域名 |
IPC | CLONE_NEWIPC | 信号量、消息队列和共享内存 |
PID | CLONE_NEWPID | 进程编号 |
Network | CLONE_NEWNET | 网络设备、网络栈、端口等等 |
Mount | CLONE_NEWNS | 挂载点(文件系统) |
User | CLONE_NEWUSER | 用户和用户组 |
Docker的镜像是创建容器的基础,类似虚拟机的快照,可以理解为一个面向Docker容器引擎的只读模板。通过镜像启动一个容器,一个镜像是一个可执行的包,其中包括运行应用程序所需要的所有内容包含代码,运行时间,库、环境变量、和配置文件。
Docker镜像也是一 个压缩包,只是这个压缩包不只是可执行文件,环境部署脚本,它还包含了完整的操作系统。因为大部分的镜像都是基于某个操作系统来构建。
所以很轻松的就可以构建本地和远端一样的环境,这也是Docker镜像的精髓。
容器是镜像的可运行实例。您可以使用Docker API或CLI创建、启动、停止、移动或删除容器。您可以将一个容器连接到一个或多个网络,将存储附加到它,甚至根据它的当前状态创建一个新的镜像。
可以把容器看做是要给简易版的linux环境(包括root用户权限、镜像空间、用户空间和网络空间等)和运行在其中的应用程序。
存放镜像的地方
目前 Docker 只能支持 64 位系统。 systemctl stop firewalld.service setenforce 0 #安装依赖包 yum install -y yum-utils device-mapper-persistent-data lvm2 -------------------------------------------------------------------------------------------- yum-utils:提供了 yum-config-manager 工具。 device mapper: 是Linux内核中支持逻辑卷管理的通用设备映射机制, 它为实现用于存储资源管理的块设备驱动提供了一个高度模块化的内核架构。 device mapper存储驱动程序需要 device-mapper-persistent-data 和 lvm2。 -------------------------------------------------------------------------------------------- #设置阿里云镜像源 yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo #安装 Docker-CE并设置为开机自动启动 yum install -y docker-ce systemctl start docker.service systemctl enable docker.service #查看 docker 版本信息 docker version
1.前置准备
2.依赖包安装
3.配置阿里镜像源
4.安装docker-CE
5.配置自动启动
#获取安装脚本
curl https://get.docker.com > /tmp/install.sh
#无论何时执行未知脚本都是有风险的事情,所以在执行脚本前可以先查看脚本是否包含恶意代码。
cat /tmp/install.sh
...
#赋予执行权限
chmod +x /tmp/install.sh
#执行脚本
/tmp/install.sh
这个脚本会先做数个检查,然后用适合你的系统的包安装 Docker。如果它发现系统缺少了 一些安全和文件系统功能所需要的依赖关系,还会把它们一并安装。 如果你完全不想使用安装程序,或者希望使用一个安装程序未提供的 Docker 版本,也可以在 Docker 网站下载二进制文件。这样做的缺点是它不会检查依赖关系,并且以 后需要手动安装更新。有关二进制文件的更多信息和下载链接,参见 Docker Binary 网页 (https://docs.docker.com/engine/installation/binaries/)
1.获取脚本
2.赋予执行权限
3.执行脚本
[root@local ~]# docker search nginx #默认显示前25个镜像
[root@local ~]#
[root@local ~]# docker search --limit 5 nginx #显示前5个镜像
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 16985 [OK]
bitnami/nginx Bitnami nginx Docker Image 131 [OK]
ubuntu/nginx Nginx, a high-performance reverse proxy & we… 52
bitnami/nginx-ingress-controller Bitnami Docker Image for NGINX Ingress Contr… 18 [OK]
kasmweb/nginx An Nginx image based off nginx:alpine and in… 1
[root@local ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
b85a868b505f: Pull complete
f4407ba1f103: Pull complete
4a7307612456: Pull complete
935cecace2a0: Pull complete
8f46223e4234: Pull complete
fe0ef4c895f5: Pull complete
Digest: sha256:10f14ffa93f8dedf1057897b745e5ac72ac5655c299dade0aa434c71557697ea
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@local ~]#
[root@local ~]# docker pull nginx:1.20.1
1.20.1: Pulling from library/nginx # 指定版本下载
默认上传到 docker Hub 官方公共仓库,需要注册使用公共仓库的账号。
可以使用 docker login 命令来输入用户名、密码和邮箱来完成注册和登录。
在上传镜像之前,还需要先对本地镜像添加新的标签,然后再使用 docker push 命令进行上传。
[root@local ~]# docker tag nginx:latest nginx:web #添加新的标签
[root@local ~]# docker login #登录公共仓库
Username:
password:
[root@local ~]# docker push docker push nginx:web #上传镜像
[root@local ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 55f4b40fe486 28 hours ago 142MB
# 可以看见如果原有镜像有标签,会新增一条标签记录 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 55f4b40fe486 28 hours ago 142MB [root@local ~]# docker tag 55f4b40fe486 canyun:latest [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun latest 55f4b40fe486 29 hours ago 142MB nginx latest 55f4b40fe486 29 hours ago 142MB # 可以对一个镜像进行多次打标签 [root@local ~]# docker tag 55f4b40fe486 canyun:1.20 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun 1.20 55f4b40fe486 29 hours ago 142MB canyun latest 55f4b40fe486 29 hours ago 142MB nginx latest 55f4b40fe486 29 hours ago 142MB
#当一个镜像有多个标签时,可以删除其中指定的标签 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun 1.20 55f4b40fe486 29 hours ago 142MB canyun latest 55f4b40fe486 29 hours ago 142MB nginx latest 55f4b40fe486 29 hours ago 142MB [root@local ~]# docker rmi canyun:1.20 # docker rmi 仓库名称:标签名 Untagged: canyun:1.20 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun latest 55f4b40fe486 29 hours ago 142MB nginx latest 55f4b40fe486 29 hours ago 142MB #docker rmi 镜像ID号 会彻底删除该镜像 [root@local ~]# docker rmi 55f4b40fe486 #普通删除无法删除 Error response from daemon: conflict: unable to delete 55f4b40fe486 (must be forced) - image is referenced in multiple repositories [root@local ~]# docker rmi 55f4b40fe486 -f Untagged: canyun:latest Untagged: nginx:latest Untagged: nginx@sha256:10f14ffa93f8dedf1057897b745e5ac72ac5655c299dade0aa434c71557697ea Deleted: sha256:55f4b40fe486a5b734b46bb7bf28f52fa31426bf23be068c8e7b19e58d9b8deb Deleted: sha256:5f58fed9b4d8e6c09cdc42eed6de6df7a7e35b40d92c98f30f8ecad4960fb7a0 Deleted: sha256:8bb72c1d014292ebf1ae348a77624c536e766757356c6dbb0de75122a94b445d Deleted: sha256:cc9ac0adbded956d924bcf6c26ffbc93ea070019be1437d204b530a033ff4b16 Deleted: sha256:30f210588f35917f0edb5a2465db7ad60e4ef3b6ac74fe155474e14e6f0995c5 Deleted: sha256:5ecd5431cf49a2a11115844de1e7b23b9535be8789add9ab50973867db5f7d36 Deleted: sha256:08249ce7456a1c0613eafe868aed936a284ed9f1d6144f7d2d08c514974a2af9 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE
[root@local ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tomcat2 zuixing 4813a0e5f815 10 days ago 480MB
tomcat3 new 4813a0e5f815 10 days ago 480MB
tomcat latest 4813a0e5f815 10 days ago 480MB
# 指定库名称和标签导出
[root@local ~]# docker save tomcat2:zuixing -o /tmp/canyun_docker_tomcat.tar.gz
[root@local ~]# ls /tmp
canyun_docker_tomcat.tar.gz
……………………
# 指定镜像id导出
[root@local ~]# docker save 4813a0e5f815 -o /tmp/canyun_docker_tomcat2.tar.gz
[root@local ~]# ls /tmp
canyun_docker_tomcat2.tar.gz
canyun_docker_tomcat.tar.gz
#先删除所有镜像 [root@local ~]# docker rmi 4813a0e5f815 -f Untagged: tomcat2:zuixing Untagged: tomcat3:new Untagged: tomcat:latest Untagged: tomcat@sha256:8ece5eebda93ab45acf77b237f5564b3c558d0ce782c2f4302796043a621662f Deleted: sha256:4813a0e5f815c2f686a8e41d879735dc1ba1c2dc3b059223e9d0467e4fbf48ae Deleted: sha256:6263f68f8705cf7609f607c8d619c5151425126082ce197600039913c232a1fb Deleted: sha256:c905f33549a11869176f6697bd7b20e076c018e04532bdf0ae45e1308f969933 Deleted: sha256:6e6af734a6437c86a45e0ce53da33fae0cadf54504eb4753a6fd1a879ef9b88d Deleted: sha256:f415aa1e1cc2befb567a9de49e61a5ae64017c088f0f9af7db6853a0ea9b0bd4 Deleted: sha256:dd96e1d720e7faae18ba9749c7a76ec07c39438cea3b4524c8e51c0a97e4c169 Deleted: sha256:8ea98ddb7c7042ae259a9b82cbd8e2ed0c365d9fc0889010e72772e2e7fff9a3 Deleted: sha256:af7ed92504ae4c20128a0f01048d41d467fef5c795c38d0defdb998a187ed1d4 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE #按标签导出的镜像导入 [root@local ~]# docker image load -i /tmp/canyun_docker_tomcat.tar.gz af7ed92504ae: Loading layer [==================================================>] 75.15MB/75.15MB 4f00b42da09e: Loading layer [==================================================>] 58.8MB/58.8MB 169f6a3fe055: Loading layer [==================================================>] 329.6MB/329.6MB 75cd1080d2c5: Loading layer [==================================================>] 2.56kB/2.56kB 8ec4a98c4d98: Loading layer [==================================================>] 3.072kB/3.072kB 5d16e43bd609: Loading layer [==================================================>] 22.87MB/22.87MB b6fb9d3b2bd3: Loading layer [==================================================>] 2.048kB/2.048kB Loaded image: tomcat2:zuixing [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat2 zuixing 4813a0e5f815 10 days ago 480MB #按镜像id导出的镜像导入 [root@local ~]# docker image load -i /tmp/canyun_docker_tomcat2.tar.gz af7ed92504ae: Loading layer [==================================================>] 75.15MB/75.15MB 4f00b42da09e: Loading layer [==================================================>] 58.8MB/58.8MB 169f6a3fe055: Loading layer [==================================================>] 329.6MB/329.6MB 75cd1080d2c5: Loading layer [==================================================>] 2.56kB/2.56kB 8ec4a98c4d98: Loading layer [==================================================>] 3.072kB/3.072kB 5d16e43bd609: Loading layer [==================================================>] 22.87MB/22.87MB b6fb9d3b2bd3: Loading layer [==================================================>] 2.048kB/2.048kB Loaded image ID: sha256:4813a0e5f815c2f686a8e41d879735dc1ba1c2dc3b059223e9d0467e4fbf48ae [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE <none> <none> 4813a0e5f815 10 days ago 480MB #导入后库名与标签为none #指定标签导入 [root@local ~]# docker image import /tmp/canyun_docker_tomcat2.tar.gz canyun:latest sha256:a6af80e948be1a22dce978749dad35969bd7eef0aea4e3522098761d848e3535 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun latest a6af80e948be 4 seconds ago 486MB <none> <none> 4813a0e5f815 10 days ago 480MB 折叠
# 所谓的无效的镜像我们指的就是没有镜像名称和标签的 [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun latest a6af80e948be 4 seconds ago 486MB <none> <none> 4813a0e5f815 10 days ago 480MB [root@local ~]# docker image prune WARNING! This will remove all dangling images. Are you sure you want to continue? [y/N] Y Deleted Images: deleted: sha256:4813a0e5f815c2f686a8e41d879735dc1ba1c2dc3b059223e9d0467e4fbf48ae deleted: sha256:6263f68f8705cf7609f607c8d619c5151425126082ce197600039913c232a1fb deleted: sha256:c905f33549a11869176f6697bd7b20e076c018e04532bdf0ae45e1308f969933 deleted: sha256:6e6af734a6437c86a45e0ce53da33fae0cadf54504eb4753a6fd1a879ef9b88d deleted: sha256:f415aa1e1cc2befb567a9de49e61a5ae64017c088f0f9af7db6853a0ea9b0bd4 deleted: sha256:dd96e1d720e7faae18ba9749c7a76ec07c39438cea3b4524c8e51c0a97e4c169 deleted: sha256:8ea98ddb7c7042ae259a9b82cbd8e2ed0c365d9fc0889010e72772e2e7fff9a3 deleted: sha256:af7ed92504ae4c20128a0f01048d41d467fef5c795c38d0defdb998a187ed1d4 Total reclaimed space: 480.3MB [root@local ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE canyun latest a6af80e948be 2 minutes ago 486MB
[root@local ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
canyun latest a6af80e948be 20 hours ago 486MB
nginx latest 55f4b40fe486 2 days ago 142MB
[root@local ~]# docker create nginx:latest
c716cc6c39ae461283c9b14ee435d25358242b66705dca09c42f8f6c09b8f9ca
# 如果没有镜像则先下载镜像,然后创建容器
#新创建的容器默认处于停止状态,不运行任何程序,需要在其中发起一个进程来启动容器。
格式:docker create [选项] 镜像
常用选项:
-i:让容器的输入保持打开
-t:让 Docker 分配一个伪终端
[root@local ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c716cc6c39ae nginx:latest "/docker-entrypoint.…" 2 minutes ago Created friendly_zhukovsky
[root@local ~]# docker start c716cc6c39ae
c716cc6c39ae
[root@local ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c716cc6c39ae nginx:latest "/docker-entrypoint.…" 5 minutes ago Up 11 seconds 80/tcp friendly_zhukovsky
[root@local ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c716cc6c39ae nginx:latest "/docker-entrypoint.…" 5 minutes ago Up 11 seconds 80/tcp friendly_zhukovsky
[root@local ~]# docker stop c716cc6c39ae
c716cc6c39ae
[root@local ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@local ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c716cc6c39ae nginx:latest "/docker-entrypoint.…" 8 minutes ago Up 13 seconds 80/tcp friendly_zhukovsky
[root@local ~]# docker restart c716cc6c39ae
c716cc6c39ae
[root@local ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c716cc6c39ae nginx:latest "/docker-entrypoint.…" 8 minutes ago Up 6 seconds 80/tcp friendly_zhukovsky
[root@local ~]# docker run httpd
Unable to find image 'httpd:latest' locally
latest: Pulling from library/httpd
b85a868b505f: Already exists
f05e6391d558: Pull complete
95901502a360: Pull complete
2ea5a609d7db: Pull complete
3974bb700c53: Pull complete
Digest: sha256:886f273536ebef2239ef7dc42e6486544fbace3e36e5a42735cfdc410e36d33c
Status: Downloaded newer image for httpd:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.3. Set the 'ServerName' directive globally to suppress this message
[Sun Jun 26 02:23:31.265610 2022] [mpm_event:notice] [pid 1:tid 140465892928832] AH00489: Apache/2.4.54 (Unix) configured -- resuming normal operations
#基于id删除 [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8f8d730d975b tomcat "catalina.sh run" About a minute ago Up About a minute 8080/tcp beautiful_cori 48f971d85342 tomcat "-d" 3 minutes ago Created 8080/tcp sweet_hamilton 168f5d59a35d httpd "-d" 5 minutes ago Created 80/tcp strange_jones 207af9dd350f httpd "httpd-foreground" 5 minutes ago Exited (0) 5 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky [root@local ~]# docker rm 168f5d59a35d 168f5d59a35d [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8f8d730d975b tomcat "catalina.sh run" 2 minutes ago Up 2 minutes 8080/tcp beautiful_cori 48f971d85342 tomcat "-d" 4 minutes ago Created 8080/tcp sweet_hamilton 207af9dd350f httpd "httpd-foreground" 6 minutes ago Exited (0) 6 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky #基于名称删除 [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8f8d730d975b tomcat "catalina.sh run" 2 minutes ago Up 2 minutes 8080/tcp beautiful_cori 48f971d85342 tomcat "-d" 4 minutes ago Created 8080/tcp sweet_hamilton 207af9dd350f httpd "httpd-foreground" 6 minutes ago Exited (0) 6 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky [root@local ~]# docker rm sweet_hamilton sweet_hamilton [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8f8d730d975b tomcat "catalina.sh run" 4 minutes ago Up 4 minutes 8080/tcp beautiful_cori 207af9dd350f httpd "httpd-foreground" 8 minutes ago Exited (0) 8 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky # 批量删除容器 [root@local ~]# docker ps -a -q 8f8d730d975b 207af9dd350f c716cc6c39ae [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8f8d730d975b tomcat "catalina.sh run" 8 minutes ago Up 8 minutes 8080/tcp beautiful_cori 207af9dd350f httpd "httpd-foreground" 12 minutes ago Exited (0) 12 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky [root@local ~]# docker container rm -f `docker container ps -a -q` 8f8d730d975b 207af9dd350f c716cc6c39ae [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES nutes 8080/tcp beautiful_cori 207af9dd350f httpd "httpd-foreground" 12 minutes ago Exited (0) 12 minutes ago musing_goldwasser c716cc6c39ae nginx:latest "/docker-entrypoint.…" 19 hours ago Up 19 hours 80/tcp friendly_zhukovsky [root@local ~]# docker container rm -f `docker container ps -a -q` 8f8d730d975b 207af9dd350f c716cc6c39ae [root@local ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。