Docker 速查手册 - 霜冷的秘密基地

Docker 速查手册

日常琐碎 0 评

总览:目前记录到docker基本操作 - 最后记录时间 2021.11.1
【镜像下载删除 | 容器创建删除、运行、停止和部署服务,打包制作镜像 | docker状态查看】

查看当前运行的docker容器

[root@centos ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
02d364180dc0 centos "/bin/bash -c 'while…" 8 minutes ago Up 8 minutes eager_allen
96d0394de1c6 centos "/bin/bash" 15 minutes ago Up 15 minutes naughty_dubinsky

查看全部image的id

[root@centos ~]# docker images -qa
5d0da3dc9764

运行docker容器,并shell脚本添加日志

[root@centos ~]# docker run -d centos /bin/bash -c "while true;do echo smilesl;sleep 1;done"
02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784

-d:后台运行

查看02d364180dc0的日志

[root@centos ~]# docker logs -tf --tail 10 02d364180dc0
2021-10-05T02:25:13.979798130Z smilesl
2021-10-05T02:25:14.988382119Z smilesl
2021-10-05T02:25:15.996476846Z smilesl
2021-10-05T02:25:17.004454731Z smilesl
2021-10-05T02:25:18.012606094Z smilesl
2021-10-05T02:25:19.021039112Z smilesl
2021-10-05T02:25:20.028529621Z smilesl
2021-10-05T02:25:21.036183200Z smilesl
2021-10-05T02:25:22.043407725Z smilesl
2021-10-05T02:25:23.050600150Z smilesl

-tf:显示日志
--tail:显示日志条数

查看容器中的进程

[root@centos ~]# docker top 02d364180dc0
UID PID PPID C STIME TTY TIME CMD
root 3116 3096 0 10:24 ? 00:00:00 /bin/bash -c while true;do echo smilesl;sleep 1;done
root 3702 3116 0 10:31 ? 00:00:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/sleep 1

查看容器的元数据

[root@centos ~]# docker inspect 02d364180dc0

[
{
    "Id": "02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784",
    "Created": "2021-10-05T02:24:21.008617918Z",
    "Path": "/bin/bash",
    "Args": [
        "-c",
        "while true;do echo smilesl;sleep 1;done"
    ],
    "State": {
        "Status": "running",
        "Running": true,
        "Paused": false,
        "Restarting": false,
        "OOMKilled": false,
        "Dead": false,
        "Pid": 3116,
        "ExitCode": 0,
        "Error": "",
        "StartedAt": "2021-10-05T02:24:23.291318111Z",
        "FinishedAt": "0001-01-01T00:00:00Z"
    },
    "Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
    "ResolvConfPath": "/var/lib/docker/containers/02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784/resolv.conf",
    "HostnamePath": "/var/lib/docker/containers/02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784/hostname",
    "HostsPath": "/var/lib/docker/containers/02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784/hosts",
    "LogPath": "/var/lib/docker/containers/02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784/02d364180dc02139f6c296c88e81811d8016a056f5794f0a1df591be405b8784-json.log",
    "Name": "/eager_allen",
    "RestartCount": 0,
    "Driver": "overlay2",
    "Platform": "linux",
    "MountLabel": "",
    "ProcessLabel": "",
    "AppArmorProfile": "",
    "ExecIDs": null,
    "HostConfig": {
        "Binds": null,
        "ContainerIDFile": "",
        "LogConfig": {
            "Type": "json-file",
            "Config": {}
        },
        "NetworkMode": "default",
        "PortBindings": {},
        "RestartPolicy": {
            "Name": "no",
            "MaximumRetryCount": 0
        },
        "AutoRemove": false,
        "VolumeDriver": "",
        "VolumesFrom": null,
        "CapAdd": null,
        "CapDrop": null,
        "CgroupnsMode": "host",
        "Dns": [],
        "DnsOptions": [],
        "DnsSearch": [],
        "ExtraHosts": null,
        "GroupAdd": null,
        "IpcMode": "private",
        "Cgroup": "",
        "Links": null,
        "OomScoreAdj": 0,
        "PidMode": "",
        "Privileged": false,
        "PublishAllPorts": false,
        "ReadonlyRootfs": false,
        "SecurityOpt": null,
        "UTSMode": "",
        "UsernsMode": "",
        "ShmSize": 67108864,
        "Runtime": "runc",
        "ConsoleSize": [
            0,
            0
        ],
        "Isolation": "",
        "CpuShares": 0,
        "Memory": 0,
        "NanoCpus": 0,
        "CgroupParent": "",
        "BlkioWeight": 0,
        "BlkioWeightDevice": [],
        "BlkioDeviceReadBps": null,
        "BlkioDeviceWriteBps": null,
        "BlkioDeviceReadIOps": null,
        "BlkioDeviceWriteIOps": null,
        "CpuPeriod": 0,
        "CpuQuota": 0,
        "CpuRealtimePeriod": 0,
        "CpuRealtimeRuntime": 0,
        "CpusetCpus": "",
        "CpusetMems": "",
        "Devices": [],
        "DeviceCgroupRules": null,
        "DeviceRequests": null,
        "KernelMemory": 0,
        "KernelMemoryTCP": 0,
        "MemoryReservation": 0,
        "MemorySwap": 0,
        "MemorySwappiness": null,
        "OomKillDisable": false,
        "PidsLimit": null,
        "Ulimits": null,
        "CpuCount": 0,
        "CpuPercent": 0,
        "IOMaximumIOps": 0,
        "IOMaximumBandwidth": 0,
        "MaskedPaths": [
            "/proc/asound",
            "/proc/acpi",
            "/proc/kcore",
            "/proc/keys",
            "/proc/latency_stats",
            "/proc/timer_list",
            "/proc/timer_stats",
            "/proc/sched_debug",
            "/proc/scsi",
            "/sys/firmware"
        ],
        "ReadonlyPaths": [
            "/proc/bus",
            "/proc/fs",
            "/proc/irq",
            "/proc/sys",
            "/proc/sysrq-trigger"
        ]
    },
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/62e741cba5f11f0dc04b29e4c88bbb4d763ecd142dfa2874d5466cc7837302d5-init/diff:/var/lib/docker/overlay2/9498b6c2565d19049c190e8a914d8106d0b29751bf8f2b2bbf440341416570b8/diff",
            "MergedDir": "/var/lib/docker/overlay2/62e741cba5f11f0dc04b29e4c88bbb4d763ecd142dfa2874d5466cc7837302d5/merged",
            "UpperDir": "/var/lib/docker/overlay2/62e741cba5f11f0dc04b29e4c88bbb4d763ecd142dfa2874d5466cc7837302d5/diff",
            "WorkDir": "/var/lib/docker/overlay2/62e741cba5f11f0dc04b29e4c88bbb4d763ecd142dfa2874d5466cc7837302d5/work"
        },
        "Name": "overlay2"
    },
    "Mounts": [],
    "Config": {
        "Hostname": "02d364180dc0",
        "Domainname": "",
        "User": "",
        "AttachStdin": false,
        "AttachStdout": false,
        "AttachStderr": false,
        "Tty": false,
        "OpenStdin": false,
        "StdinOnce": false,
        "Env": [
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
        ],
        "Cmd": [
            "/bin/bash",
            "-c",
            "while true;do echo smilesl;sleep 1;done"
        ],
        "Image": "centos",
        "Volumes": null,
        "WorkingDir": "",
        "Entrypoint": null,
        "OnBuild": null,
        "Labels": {
            "org.label-schema.build-date": "20210915",
            "org.label-schema.license": "GPLv2",
            "org.label-schema.name": "CentOS Base Image",
            "org.label-schema.schema-version": "1.0",
            "org.label-schema.vendor": "CentOS"
        }
    },
    "NetworkSettings": {
        "Bridge": "",
        "SandboxID": "9fa2996dc34d05565e0fcc8f1849535e65d29cb447af5acdd5a1d5fd24c93240",
        "HairpinMode": false,
        "LinkLocalIPv6Address": "",
        "LinkLocalIPv6PrefixLen": 0,
        "Ports": {},
        "SandboxKey": "/var/run/docker/netns/9fa2996dc34d",
        "SecondaryIPAddresses": null,
        "SecondaryIPv6Addresses": null,
        "EndpointID": "04961dd59fb180953d40a978e91e853b9686adeacdba4c75f17a61288949820b",
        "Gateway": "172.17.0.1",
        "GlobalIPv6Address": "",
        "GlobalIPv6PrefixLen": 0,
        "IPAddress": "172.17.0.3",
        "IPPrefixLen": 16,
        "IPv6Gateway": "",
        "MacAddress": "02:42:ac:11:00:03",
        "Networks": {
            "bridge": {
                "IPAMConfig": null,
                "Links": null,
                "Aliases": null,
                "NetworkID": "4e3bfa968699fa7144231752a778ecbb163f37c6b97614e0745189df499fddf3",
                "EndpointID": "04961dd59fb180953d40a978e91e853b9686adeacdba4c75f17a61288949820b",
                "Gateway": "172.17.0.1",
                "IPAddress": "172.17.0.3",
                "IPPrefixLen": 16,
                "IPv6Gateway": "",
                "GlobalIPv6Address": "",
                "GlobalIPv6PrefixLen": 0,
                "MacAddress": "02:42:ac:11:00:03",
                "DriverOpts": null
            }
        }
    }
}

]

进入当前运行的容器

[root@centos ~]# docker exec -it 02d364180dc0 /bin/bash
[root@02d364180dc0 /]#

-it 交互模式
/bin/bash 控制权限

进入当前运行的容器的正在执行的终端

[root@centos ~]# docker attach 02d364180dc0
smilesl
smilesl
smilesl
...
smilesl

拷贝(复制)容器内的文件到主机上

[root@centos ~]# docker cp f6d9122ac1e9:/home/test.c ./
[root@centos ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg test.c

删除所有的docker容器

[root@centos ~]# docker rm -f $(docker ps -aq)
02d364180dc0
96d0394de1c6
77af547b3d0c
fe133cb29db0

部署一个nginx容器,本机5555端口映射到容器80端口,命名为nginx01

[root@centos ~]# docker run -d --name nginx01 -p 5555:80 nginx:1.18.0
306cbaa789cd0b8ebc5516efe5f7d6084c5646f87c78db0e4587a5db802e453f

启动和关闭docker

[root@centos ~]# docker stop 306cbaa789cd
306cbaa789cd
[root@centos ~]# docker start 306cbaa789cd
306cbaa789cd

查看容器占用CPU和内存等状态

docker stats

CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
306cbaa789cd nginx01 0.00% 2.652MiB / 1.777GiB 0.15% 656B / 0B 8.59MB / 0B 2

安装docker的图形化管理后台partainer

[root@centos ~]# docker run -d -p 8088:9000
--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
Unable to find image 'portainer/portainer:latest' locally
latest: Pulling from portainer/portainer
94cfa856b2b1: Pull complete
49d59ee0881a: Pull complete
a2300fd28637: Extracting [=====================> ] 10.49MB/23.92MB

docker提交镜像 | -a作者 -m描述 8be038ce6c81镜像实例 nginx_test:1.0提交的名字

[root@localhost ~]# docker commit -a="SmileSL" -m="Use of the docker of commit command" 8be038ce6c81 nginx_test:1.0
sha256:b882fc138e1d3f0b7883957f0b43b173d1a991b2fe1937984592a163c182c45a

数据卷绑定(挂载) - 配置mysql

-e    MYSQL_ROOT_PASSWORD=moyans    配置mysql密码
-v    主机目录:容器目录            绑定数据卷
注意:
cmd连接 mysql -h centos虚拟机IP -u root -p -P 3310
删除容器后,数据依旧不会丢失,实现了数据持久化

[root@localhost /]# docker run -d -p 3310:3306 -v /home/mysql/conf:/etc/mysql/conf.d -v /home/mysql/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=moyans --name mysql01 mysql:5.7
e27ac3af1a6804a93463288912b72067b3bca97feb7c17af14bde58d04fb28c6

  • 匿名挂载
    -v 没有指定容器外地址
    [root@localhost ~]# docker run -d -P --name nginx01 -v /etc/nginx nginx
  • 具名挂载
    -v 卷名:路径
    [root@localhost ~]# docker run -d -P --name nginx01 -v vol-name:/etc/nginx nginx

[扩展]

//ro(read only) | 只能在宿主机中操作,容器内无法修改
//rw(read write) | 默认权限
docker run -d -P --name nginx01 -v vol-name:/etc/nginx:ro nginx

查看所有卷的情况

docker volumn
//查看指定卷
[root@localhost ~]# docker volume inspect vol-name

[
    {
        "CreatedAt": "2021-10-10T10:31:16+08:00",
        "Driver": "local",
        "Labels": null,
        "Mountpoint": "/var/lib/docker/volumes/vol-name/_data",
        "Name": "vol-name",
        "Options": null,
        "Scope": "local"
    }
]

ps:没有指定目录下,挂载在了 /var/lib/docker/volumes/vol-name/_data

dockerfile

FROM centos:7
ADD apache-tomcat-8.5.72.tar.gz /root
ADD jdk-8u301-linux-x64.tar.gz /root
ENV JAVA_HOME /root/jdk-8u301/bin
ENV PATH $JAVA_HOME:$PATH
CMD 'echo --CMD--'
CMD ["/root/apache-tomcat-8.5.72/bin/catalina.sh", "run"]
EXPOSE 8080
  • FROM:指定原镜像
  • ADD:添加文件并解压到指定目录
  • ENV:配置环境变量
  • CMD:创建容器后执行命令
  • EXPOSE:开放内部端口

挂载父容器 - 容器数据同步

[root@localhost ~]# docker run -it --name docker02 --volumes-from docker01 centos:latest

  • --volumes-from 挂载到父容器

上传push镜像 - 阿里云仓库

[root@localhost ~]# docker login --username=uid registry.cn-hangzhou.aliyuncs.com
[root@localhost ~]# docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/space_smilesl/hub_smilesl:[镜像版本号]
[root@localhost ~]# docker push registry.cn-hangzhou.aliyuncs.com/space_smilesl/hub_smilesl:[镜像版本号]

Docker小结 - 流程图

截屏2021-11-01下午9.40.14.png

[=]Docker网络

原理
1.每启动一个docker容器,docker就会给其分配一个ip和一个evth-pair网卡
2.安装docker后会有一个虚拟的docker0网卡【网关】
3.使用的是evth-pair技术,连接容器和外部宿主机
4.容器删除,虚拟veth网卡也会删除

截屏2021-11-01下午10.24.26.png

link添加hosts解析 - 单向连通

[root@localhost ~]# docker run -d --name='tomcat1' --link tomcat tomcat:smile
// 可以直接ping同通tomcat容器名,但是tomcat不能ping同tomcat1【未配置hosts】
[root@localhost ~]# docker exec -it tomcat1 ping tomcat
PING tomcat (172.17.0.2) 56(84) bytes of data.
64 bytes from tomcat (172.17.0.2): icmp_seq=1 ttl=64 time=0.182 ms
64 bytes from tomcat (172.17.0.2): icmp_seq=2 ttl=64 time=0.075 ms
^C
--- tomcat ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.075/0.128/0.182/0.054 ms
// 查看容器hosts
[root@localhost ~]# docker exec -it tomcat1 cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 tomcat cccaefd52038
172.17.0.3 e9bf9039c213

注意:使用docker network ls /docker inspect查看网络/容器配置

网络模式

  • bridge:桥接模式(默认)
  • none:不配置网络
  • host:和主机共享网络
  • container:容器网络连接(局限大,使用少)

创建自定义网络 - 网络互通

[root@localhost ~]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 testnet
84727fa7ac04ea5ac310f60acd93527bfb7151e99d7efec1d370ec021ea5acc3
// 查看配置的网络
[root@localhost ~]# docker network inspect testnet

[
{
    "Name": "testnet",
    "Id": "84727fa7ac04ea5ac310f60acd93527bfb7151e99d7efec1d370ec021ea5acc3",
    "Created": "2021-11-01T23:05:46.417148119+08:00",
    "Scope": "local",
    "Driver": "bridge",
    "EnableIPv6": false,
    "IPAM": {
        "Driver": "default",
        "Options": {},
        "Config": [
            {
                "Subnet": "192.168.0.0/16",
                "Gateway": "192.168.0.1"
            }
        ]
    },
    "Internal": false,
    "Attachable": false,
    "Ingress": false,
    "ConfigFrom": {
        "Network": ""
    },
    "ConfigOnly": false,
    "Containers": {},
    "Options": {},
    "Labels": {}
}
]
注:run容器时使用--net参数指定网络,例如->`docker run -d --net testnet tomcat:smile` 

连通net网络和容器

Usage: docker network connect [OPTIONS] NETWORK CONTAINER

《汇编语言》王爽 - 1-3章基础
快来做第一个评论的人吧~
0:00