- 1linux安装zookeeper详细步骤_yum安装zk客户端
- 2vue3实现页面的响应式解决方案_vue3 窗口变化时页面布局发生变化响应式怎么做
- 3Meta 发布 Llama3.1,一站教你如何推理、微调、部署大模型_llama3.1 推理代码
- 4React入门(一)之基本语法(内容较多)_react设置p标签格式
- 5如何使用 Mermaid、GitHub 和 VSCode 用代码创建关系图一_vscode mermaid
- 6【时间之外】你的算法需要备案吗?_调用第三方算力需要算法备案嘛
- 7大数据千亿级离线数仓项目第五天 指标统计/导出和工作流调度_千亿数据计算uv
- 8fasttext 文本分类_step by step带你fastText文本分类
- 9HiveSql--基本运算符实战及注意点总结_havesql加法语句
- 10行车百科系列之(三): 儿童安全乘车话题
Docker安装与使用_docker 18.06.3-ce
赞
踩
系统环境
- #防火墙关闭
- [root@n1 ~]# systemctl status firewalld.service
- ● firewalld.service - firewalld - dynamic firewall daemon
- Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
- Active: inactive (dead)
- Docs: man:firewalld(1)
-
- #selinux关闭
- [root@n1 ~]# getenforce
- Disabled
-
- #内核版本
- [root@n1 ~]# uname -r
- 3.10.0-862.el7.x86_64
-
- #版本
- [root@n1 ~]# cat /etc/redhat-release
- CentOS Linux release 7.5.1804 (Core)
- 注意:CentOS6无法安装,需打补丁
安装Docker
配置yum源
[root@n1 ~]# cd /etc/yum.repos.d/
[root@n1 yum.repos.d]# wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
[root@n1 yum.repos.d]# vim docker-ce.repo
#进入命令行模式,替换为清华镜像源,否则,下载会很慢
:%s#https://download.docker.com/#https://mirrors.tuna.tsinghua.edu.cn/docker-ce/#g
安装
注:安装最新的docker-ce时,写Dockerfile时关键字不变色,然后安装了以前的版本
docker-ce是社区版本
[root@n1 ~]# yum install docker-ce-18.06.3.ce-3.el7 -y
配置docker加速器
配置后拉取镜像速度更快
[root@n1 ~]# mkdir /etc/docker/
[root@n1 docker]# cat daemon.json
{
"registry-mirrors": ["https://xxxxxxxx.mirror.aliyuncs.com","https://registry.docker-cn.com"]
}
可以配置阿里云镜像加速
点击镜像加速器即可得到一个加速器地址
查看版本
启动docker
[root@n1 ~]# systemctl start docker.service
至此,安装完成
Docker命令使用
Docker命令
- 镜像操作:
- build Build an image from a Dockerfile
- commit Create a new image from a container's changes
- images List images
- load Load an image from a tar archive or STDIN
- pull Pull an image or a repository from a registry
- push Push an image or a repository to a registry
- rmi Remove one or more images
- search Search the Docker Hub for images
- tag Tag an image into a repository
- save 打包一个或多个镜像到name.tar (streamed to STDOUT by default)
- history 显示某镜像的历史
- inspect 获取镜像的详细信息
-
- 容器及其中应用的生命周期操作:
- create Create a new container (创建一个容器,不启动)
- kill Kill one or more running containers
- inspect Return low-level information on a container, image or task
- pause Pause all processes within one or more containers
- ps List containers
- rm Remove one or more containers (删除一个或者多个容器)
- rename Rename a container(更改容器名)
- restart Restart a container
- run Run a command in a new container (创建并启动一个容器)
- start Start one or more stopped containers (启动一个处于停止状态的容器)
- stats Display a live stream of container(s) resource usage statistics (显示容器实时的资源消耗信息)
- stop Stop one or more running containers (停止一个处于运行状态的容器)
- top Display the running processes of a container
- unpause Unpause all processes within one or more containers
- update Update configuration of one or more containers
- wait Block until a container stops, then print its exit code
- attach Attach to a running container
- exec Run a command in a running container
- port List port mappings or a specific mapping for the container
- logs 获取容器的日志
-
- 容器文件系统操作:
- cp Copy files/folders between a container and the local filesystem
- diff Inspect changes on a container's filesystem
- export Export a container's filesystem as a tar archive
- import Import the contents from a tarball to create a filesystem image
-
- Docker registry 操作:
- login Log in to a Docker registry.
- logout Log out from a Docker registry.
-
- Volume 操作
- volume Manage Docker volumes
-
- 网络操作
- network Manage Docker networks
-
- Swarm 相关操作
- swarm Manage Docker Swarm
- service Manage Docker services
- node Manage Docker Swarm nodes
-
- 系统操作:
- version Show the Docker version information
- events Get real time events from the server (持续返回docker 事件)
- info Display system-wide information (显示Docker 主机系统范围内的信息)
拉取镜像
[root@n1 ~]# docker pull centos:latest
“:”后跟标签,不加默认是latest
查看镜像列表
[root@n1 ~]# docker images
删除镜像
docker rmi centos:latest
使用此镜像创建容器,需把容器删除后,才能删除镜像,在这里先不删除
打包镜像
save
[root@n1 ~]# docker save -o centos.tar centos:latest
恢复镜像
[root@n1 ~]# docker load -i centos.tar
导出容器
[root@n1 ~]# docker export -o t1_c.tar t1
导入容器
导入后为一个镜像
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
[root@n1 ~]# docker import t1_c.tar centos:v1
docker save和docker export的区别:
- docker save保存的是镜像(image),docker export保存的是容器(container);
- docker load用来载入镜像包,docker import用来载入容器包,但两者都会恢复为镜像;
- docker load不能对载入的镜像重命名,而docker import可以为镜像指定新名称
详细了解见:https://blog.csdn.net/liukuan73/article/details/78089138
为镜像打标签
Usage: docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
[root@n1 ~]# docker tag centos:v1 centos:test
打标签后,只是标签变了,IMAGE_ID不变
复制文件<->容器
Usage: docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
复制文件到容器中
[root@n1 ~]# docker cp test.txt t1:/tmp/test.txt
搜索镜像
[root@n1 ~]# docker search centos
docker run
- cgroups 和 namespace 相关:
- --blkio-weight value Block IO (relative weight), between 10 and 1000
- --blkio-weight-device value Block IO weight (relative device weight) (default [])
- --cgroup-parent string Optional parent cgroup for the container
- --cpu-percent int CPU percent (Windows only)
- --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
- --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
- -c, --cpu-shares int CPU shares (relative weight)
- --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
- --cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
- --device-read-bps value Limit read rate (bytes per second) from a device (default [])
- --device-read-iops value Limit read rate (IO per second) from a device (default [])
- --device-write-bps value Limit write rate (bytes per second) to a device (default [])
- --device-write-iops value Limit write rate (IO per second) to a device (default [])
- --ipc string IPC namespace to use
- -m, --memory string Memory limit
- --memory-reservation string Memory soft limit
- --memory-swap string Swap limit equal to memory plus swap: '-1' to enable unlimited swap
- --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
- --kernel-memory string Kernel memory limit
- -u, --user string Username or UID (format: <name|uid>[:<group|gid>])
- --userns string User namespace to use
- --uts string UTS namespace to use
- -h, --hostname string Container host name
- --pid string PID namespace to use
- --pids-limit int Tune container pids limit (set -1 for unlimited)
- --isolation string Container isolation technology
- --io-maxbandwidth string Maximum IO bandwidth limit for the system drive (Windows only)
- --io-maxiops uint Maximum IOps limit for the system drive (Windows only)
-
- linux process capabilities 相关参数:
- --cap-add value Add Linux capabilities (default [])
- --cap-drop value Drop Linux capabilities (default [])
-
- 容器运行模式和环境相关:
- -d, --detach Run container in background and print container ID
- -e, --env value Set environment variables (default [])
- --env-file value Read in a file of environment variables (default [])
-
- DNS 相关:
- --dns value Set custom DNS servers (default [])
- --dns-opt value Set DNS options (default [])
- --dns-search value Set custom DNS search domains (default [])
-
- 健康检查相关:
- --health-cmd string Command to run to check health
- --health-interval duration Time between running the check
- --health-retries int Consecutive failures needed to report unhealthy
- --health-timeout duration Maximum time to allow one check to run
- --no-healthcheck Disable any container-specified HEALTHCHECK
-
- IP 和端口:
- --ip string Container IPv4 address (e.g. 172.30.100.104)
- --ip6 string Container IPv6 address (e.g. 2001:db8::33)
- -p, --publish value Publish a container's port(s) to the host (default [])
- -P(自动进行端口映射), --publish-all Publish all exposed ports to random ports
- --expose value Expose a port or a range of ports (default [])
- --mac-address string Container MAC address (e.g. 92:d0:c6:0a:29:33)
- --add-host value Add a custom host-to-IP mapping (host:ip) (default [])
-
- Volume 相关:
- -v, --volume value Bind mount a volume (default [])
- --volume-driver string Optional volume driver for the container
- --volumes-from value Mount volumes from the specified container(s) (default [])
- --storage-opt value Storage driver options for the container (default [])
-
- Network 有关:
- --network string Connect a container to a network (default "default")
- --network-alias value Add network-scoped alias for the container (default [])
- --link value Add link to another container (default [])
- --link-local-ip value Container IPv4/IPv6 link-local addresses (default [])
-
- 日志有关:
- --log-driver string Logging driver for the container
- --log-opt value Log driver options (default [])
-
- 交互性有关:
- -a, --attach value Attach to STDIN, STDOUT or STDERR (default [])
- -i, --interactive Keep STDIN open even if not attached
-
- OOM 有关:
- --oom-kill-disable Disable OOM Killer
- --oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
-
- 其它:
- --cidfile string Write the container ID to the file
- --detach-keys string Override the key sequence for detaching a container
- --device value Add a host device to the container (default [])
- --disable-content-trust Skip image verification (default true)
- --entrypoint string Overwrite the default ENTRYPOINT of the image
- --group-add value Add additional groups to join (default [])
- --help Print usage
- -l, --label value Set meta data on a container (default [])
- --label-file value Read in a line delimited file of labels (default [])
- --name string Assign a name to the container
- --privileged Give extended privileges to this container
- --read-only Mount the container's root filesystem as read only
- --restart string Restart policy to apply when a container exits (default "no")
- --rm Automatically remove the container when it exits
- --runtime string Runtime to use for this container
- --security-opt value Security Options (default [])
- --shm-size string Size of /dev/shm, default value is 64MB
- --sig-proxy Proxy received signals to the process (default true)
- --stop-signal string Signal to stop a container, SIGTERM by default (default "SIGTERM")
- --sysctl value Sysctl options (default map[])
- --tmpfs value Mount a tmpfs directory (default [])
- -t, --tty Allocate a pseudo-TTY
- --ulimit value Ulimit options (default [])
- -w, --workdir string Working directory inside the container
创建前台运行容器
[root@n1 ~]# docker run --name t1 --hostname test1 -it centos:latest /bin/bash
[root@test1 /]#
--name:设置容器名称
--hostname:设置容器主机名,进入容器后的hostname,不设置时,会显示容器ID
-i:保证容器中STDIN是开启的,可以输入
-t:为要创建的容器分配一个伪tty终端这样,新创建的容器才能提供一个交互式shell。
在这一切的背后又都发生了什么呢?
首先Docker会检查本地是否存在centos镜像,如果本地还没有该镜像的话,那么Docker就会连接官方维护的Docker Hub Registry,查看Docker Hub中是否有该镜像。Docker一旦找到该镜像,就会下载该镜像并将其保存到本地宿主机中。
随后,Docker在文件系统内部用这个镜像创建了一个新容器。该容器拥有自己的网络、IP地址,以及一个用来和宿主机进行通信的桥接网络接口。最后,我们告诉Docker在新容器中要运行什么命令,在本例中我们在容器中运行/bin/bash命令启动了一个Bash shell。
当容器创建完毕之后,Docker就会执行容器中的/bin/bash命令,这时就可以看到容器内的shell了
退出容器
容器退出后停止运行,但容器依然存在
查看容器
[root@n1 ~]# docker ps -a
-a:列出所有容器,不指定-a时,只列出正在运行的容器
-q:列出容器ID,-aq及列出所用容器ID
启动,停止,重启容器
[root@n1 ~]# docker start t1
[root@n1 ~]# docker stop t1
[root@n1 ~]# docker restart t1
启动容器后不会进入交互式界面,会后台运行
附着到容器
attach:附着到该容器的会话
[root@n1 ~]# docker attach t1
[root@test1 /]#
创建守护式容
除了这些交互式运行的容器(interactive container),也可以创建长期运行的容器。守护式容器(daemonized container)没有交互式会话,非常适合运行应用程序和服务。大多数时候我们都需要以守护式来运行我们的容器。
创建一个容器,执行while循环
[root@n1 ~]# docker run --name t2 -d centos:latest /bin/sh -c "while true; do echo hello world; sleep 1; done"
-d:后台运行,不添加,会一直在前台输出hello world
查看容器日志
[root@n1 ~]# docker logs t2
hello world
hello world
hello world
-f:后跟-f选项,会一直输出日志,像tail -f样
--tail n:会输出最后n行
-t:为每条日志加上时间戳
Docker日志驱动
控制Docker守护进程和容器所用的日志驱动,这可以通过--log-driver选项来实现。
指定syslog(或其他json-file),该选项将禁用docker logs命令,并且将所有容器的日志输出都重定向到Syslog。
[root@n1 ~]# docker run --name t3 --log-driver="syslog" -d centos /bin/sh -c "while true;do echo hello; seelp 1;done"
查看容器中的进程
[root@n1 ~]# docker top t3
UID PID PPID C STIME TTY TIME CMD
root 61149 61135 23 12:29 ? 00:00:21 /bin/sh -c while true;do echo hello; seelp 1;done
显示一个或多个容器的统计信息
[root@n1 ~]# docker stats t3
CPU、内存、网络I/O及存储I/O的性能和指标
参数会一直变动,ctrl+c结束
在容器中运行命令
exec
查看hosts文件
在容器内运行交互式命令
[root@n1 ~]# docker exec -it t3 /bin/bash
[root@644fd4f62918 /]# ls
自动重启容器
如果由于某种错误而导致容器停止运行,还可以通过--restart标志,让Docker自动重新启动该容器。--restart标志会检查容器的退出代码,并据此来决定是否要重启容器。默认的行为是Docker不会重启容器。
[root@n1 ~]# docker run --restart=always --name t4 -d centos /bin/sh -c "while true; do echo hello world; sleep 1; done"
获取跟多容器信息
inspect
[root@n1 ~]# docker inspect t4
-f,--format:选定查看结果
删除容器
rm
[root@n1 ~]# docker rm t1
t1
删除全部容器
[root@n1 ~]# docker rm `docker ps -aq`
为容器开启端口
创建一个守护进程,用while循环测试
[root@n1 ~]# docker run --name p1 -p 81:80 -d centos:latest /bin/sh -c "while true; do echo hello world; sleep 1; done"
-p:可以指定IP:LocalPort:ContainerPort
查看容器端口映射
[root@n1 ~]# docker port p1
80/tcp -> 0.0.0.0:81
其它重要的参数会在后边单独介绍~
