Docker _容器，架构原理，常用命令

Posted 2021-07-27 CSR-kkk

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了Docker _容器，架构原理，常用命令相关的知识，希望对你有一定的参考价值。

文章目录

Docker
优点
Docker 与虚拟机的区别
Docker 架构
Docker 运行原理
底层原理
Docker 命令
命令小结

Docker

Docker 是一个开源的应用容器引擎，基于Go语言开发

Docker 让开发者打包应用以及依赖包到一个轻量级、可移植的容器中，然后发布到任何流行的系统

优点

快速交付应用：加快打包时间，加快测试，加快发布，缩短开发及运行代码之间的周期
复杂环境管理，应用隔离：不同软件运行环境兼容依赖问题，开发环境/测试环境/线上环境保持一致
轻量级：对于系统内核，一个docker只是一个进程，一个系统可以运行上千个容器

Docker 与虚拟机的区别

容器与容器之间只是进程的隔离，虚拟机是完全的资源隔离
docker启动是秒级或者更短，虚拟机的启动可能需要分钟级别
容器使用宿主操作系统的内核，虚拟机使用完全独立的内核

Docker 架构

在这里插入图片描述

Docker 镜像：Docker Images，每个镜像都可能依赖一个或多个下层的镜像组成的另一个镜像，AUFS文件系统
Docker 仓库：Docker Registry，集中存放镜像的地方
Docker 容器：Docker Containers，镜像运行后的进程

Docker 运行原理

在这里插入图片描述

底层原理

docker 如何工作？

Docker 是一个 Client-Server 结构的系统，docker守护进程运行在宿主机上，通过Socket从客户端访问。

DockerServer 接收 Client-Server 的指令
在这里插入图片描述

Docker 命令

常用命令

帮助文档地址：https://docs.docker.com/reference/

命令	说明
基本命令
docker version	docker 版本信息
docker info	docker 系统信息
docker --help	帮助命令
—
镜像管理
docker images	查看所有镜像
docker search busybox	搜索镜像
docker pull busybox:latest	拉取下载
docker save busybox > busybox.tar	导出
docker load < busybox.tar	导入
docker rmi -f [busybox:latest] / [id]	删除指定镜像
docker rmi -f $(docker images -aq)	删除全部镜像
docker tag busybox:latest busybox:test	更改镜像名
docker history busybox:latest	查看镜像创建历史
—
容器管理
docker run -d --name=busybox busybox:latest ping 114.114.114.114	运行容器
docker ps [-a]	查看运行的容器
docker top busybox	查看容器中运行的进程
docker stats busybox	查看资源占用
docker start /restart /stop /kill busybox	容器
docker pause / unpause busybox	暂停容器
docker rm -f busybox	强制删除容器
docker exec -it busybox ls	执行命令
docker exec -it {容器名称} /bin/bash	进入容器
docker cp busybox:/etc/hosts hosts	复制文件
docker logs -f busybox	查看容器日志
docker inspect busybox	查看容器/镜像元信息
docker inspect -f ‘{{.Id}}’ busybox	格式化输出
docker diff busybox	查看容器内文件结构

容器命令

新建容器并启动:

docker run [可选参数] image

参数：
--name=[name]   容器名字
-d				后台运行
-it				交互式运行，进入容器查看内容
-p				指定容器端口  -p 8080:8080
	-p 主机端口:容器端口（常用）
	-p 容器端口
	容器端口
-P				随机指定端口


测试：
启动并进入容器
[root@localhost docker]# docker run -it centos /bin/bash
[root@0d6bc51c1a81 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var

从容器退回主机 （停止运行容器退出）
[root@0d6bc51c1a81 /]# exit
exit
[root@localhost docker]# 

不停止运行退出exit
Ctrl+P+Q
[root@f3116e051806 /]# [root@localhost docker]#

列出运行的容器

docker ps  [可选参数]	列出当前正在运行的容器

参数：
-a			列出当前运行的容器+历史运行过的容器
-n=<数字>	列出最新创建的前n个容器
-q			只列出当前运行的容器编号
-aq			列出当前运行以及运行过的容器编号


[root@localhost docker]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost docker]# docker ps -a
CONTAINER ID   IMAGE                     COMMAND                  CREATED             STATUS                          PORTS     NAMES
0d6bc51c1a81   centos                    "/bin/bash"              3 minutes ago       Exited (0) About a minute ago             gracious_euler
b2dd66d87998   centos                    "/bin/bash"              3 minutes ago       Exited (130) 3 minutes ago                boring_pascal
dc669bca69f5   hello-world               "/hello"                 About an hour ago   Exited (0) About an hour ago              peaceful_morse
3575d3e83144   jenkins/jenkins:lts       "/sbin/tini -- /usr/…"   5 days ago          Exited (143) 2 days ago                   jenkins2
cc774ec82fb2   bitnami/mariadb:10.3.22   "/opt/bitnami/script…"   6 days ago          Exited (1) 6 days ago                     mariadb
e4cfb8d38359   nginx:1.17.9              "nginx -g 'daemon of…"   6 days ago          Exited (0) 5 days ago                     my_nginx
[root@localhost docker]#

删除容器

docker rm 容器id						删除指定的容器，不能删除正在运行的容器
docker rm -f $(docker ps -aq)		删除所有的容器
docker ps -a -q |xargs docker rm	删除所有容器

启动，停止容器

docker start 容器id			启动容器
docker restart 容器id		重启容器
docker stop 容器id			停止当前正在运行的容器
docker kill 容器id			强制停止当前运行的容器

常用其他命令

后台启动容器

docker run -d 镜像名

[root@localhost docker]# docker run -d centos
c0f44254ca53ab21a4affd5126ce8bd20465a18d85851cc7c388276fe48e3a43
[root@localhost docker]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost docker]# 

问题：docker ps时，发现centos已停止
常见的坑--> 容器要后台运行，必须有一个前台进程

查看日志

docker logs -t -f --tail <数量> 容器id		发现没有日志

参数：
-tf				显示日志
--tail number 	显示日志条数

查看容器进程信息

docker top 容器id

[root@localhost ~]# docker ps
CONTAINER ID   IMAGE     COMMAND       CREATED          STATUS         PORTS     NAMES
b2dd66d87998   centos    "/bin/bash"   43 minutes ago   Up 2 seconds             boring_pascal
[root@localhost ~]# docker top b2dd66d87998
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                6193                6173                0                   01:42               pts/0               00:00:00            /bin/bash
[root@localhost ~]#

查看镜像元数据

docker inspect 容器id

[root@localhost ~]# docker inspect b2dd66d87998
[
    {
        "Id": "b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8",
        "Created": "2021-06-10T08:00:01.315306844Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 6193,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2021-06-10T08:42:59.033396717Z",
            "FinishedAt": "2021-06-10T08:00:26.741284232Z"
        },
        "Image": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55",
        "ResolvConfPath": "/var/lib/docker/containers/b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8/hostname",
        "HostsPath": "/var/lib/docker/containers/b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8/hosts",
        "LogPath": "/var/lib/docker/containers/b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8/b2dd66d87998aeea93225c23ccbfacc89d5e2d41a22c21e7a7236ee8e5466be8-json.log",
        "Name": "/boring_pascal",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "host",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "KernelMemory": 0,
            "KernelMemoryTCP": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": null,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/6a462229645848e4a889c962f7b498c17817b28521cc2850c38fd9c30daa745a-init/diff:/var/lib/docker/overlay2/4e36358b2cb5f80acaaf18d81ce6fe5ac3ee394ce5918d2362aca6b9d74526d4/diff",
                "MergedDir": "/var/lib/docker/overlay2/6a462229645848e4a889c962f7b498c17817b28521cc2850c38fd9c30daa745a/merged",
                "UpperDir": "/var/lib/docker/overlay2/6a462229645848e4a889c962f7b498c17817b28521cc2850c38fd9c30daa745a/diff",
                "WorkDir": "/var/lib/docker/overlay2/6a462229645848e4a889c962f7b498c17817b28521cc2850c38fd9c30daa745a/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "b2dd66d87998",
            "Domainname": "",
            "User": "",
            "AttachStdin": true,
            "AttachStdout": true,
            "AttachStderr": true,
            "Tty": true,
            "OpenStdin": true,
            "StdinOnce": true,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "Image": "centos",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "org.label-schema.build-date": "20201204",
                "org.label-schema.license": "GPLv2",
                "org.label-schema.name": "CentOS Base Image",
                "org.label-schema.schema-version": "1.0",
                "org.label-schema.vendor": "CentOS"
            }
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "5037381fa548cc2cdcdf96db2089a0d11957f47b034d0edcae6070b99a52d446",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/5037381fa548",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "1a213b44e2c027f9e958a7cfa4af074c90bc7c64d2c92e209f2beeb5930d574b",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "02:42:ac:11:00:02",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "e11626ab4135b54b0fa8febd14fee5234463fc6a5551a7cd86671883339c2407",
                    "EndpointID": "1a213b44e2c027f9e958a7cfa4af074c90bc7c64d2c92e209f2beeb5930d574b",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }
        }
    }
]
[root@localhost ~]#

进入当前运行的容器

方式一：
docker exec -it 容器id bash/Shell

[root@localhost ~]# docker exec -it b2dd66d87998 /bin/bash
[root@b2dd66d87998 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@b2dd66d87998 /]# ps -ef
UID         PID   PPID  C STIME TTY          TIME CMD
root          1      0  0 08:42 pts/0    00:00:00 /bin/bash
root         15      0  0 08:49 pts/1    00:00:00 /bin/bash
root         31     15  0 08:50 pts/1    00:00:00 ps -ef

方式二：
docker attach 容器id
执行当前代码
[root@localhost ~]# docker attach b2dd66d87998

区别：
docker exec 		进入容器后开启新的终端，可以在里面操作（常用）
docker attach		进入容器正在执行的终端，不会启动新的进程

从容器内拷贝文件到主机

docker cp 容器id:容器路径 目的主机路径

拷贝是手动执行，可以使用 -v 卷的技术，实现自动同步

# 查看主机目录
[root@localhost home]# ls
ant.java  centos7  demo.txt

# 进入容器内部
[root@localhost home]# docker attach 56d6993f2767
[root@56d6993f2767 /]# cd /home/
[root@56d6993f2767 home]# ls

# 在容器内新建文件
[root@56d6993f2767 home]# touch cont.java
[root@56d6993f2767 home]# ls
cont.java
[root@56d6993f2767 home]# exit
exit
[root@localhost home]# docker ps -a
CONTAINER ID   IMAGE                     COMMAND                  CREATED             STATUS                     PORTS     NAMES
56d6993f2767   centos                    "/bin/bash"              3 minutes ago       Exited (0) 9 seconds ago             nervous_colden

# 将文件拷贝到主机
[root@localhost home]# docker cp 56d6993f2767:/home/cont.java /home
[root@localhost home]# ls
ant.java  centos7  cont.java  demo.txt
[root@localhost home]#

命令小结

Commands:
  attach      当前shell下 attach连接指定运行容器			Attach  to a running container 					
  build       通过Dockerfile 定制镜像						Build an image from a Dockerfile					
  commit      提交当前容器为新的镜像						Create a new image from a container's changes		
  cp          从容器中拷贝指定文件或目录到宿主机中			Copy files/folders between a container and the local filesystem	
  create      创建一个新的容器，但不启动					Create a new container							
  diff        查看容器的变化								Inspect changes to files or directories on a container's filesystem	
  events      从 docker服务 获取实时事件					Get real time events from the server				
  exec        进入运行的容器执行命令						Run a command in a running container				
  export      将容器的文件系统导出为tar存档(对应import)		Export a container's filesystem as a tar archive	
  history     镜像形成历史								Show the history of an image						
  images      列出系统当前镜像								List images										
  import      从tar包中导入内容以创建文件系统映像(对应export)	Import the contents from a tarball to create a filesystem image	
  info        显示系统的信息								Display system-wide information					
  inspect     查看容器详细信息								Return low-level information on Docker objects	
  kill        终止一个或多个正在运行的容器					Kill one or more running containers				
  load        从tar包加载一个镜像							Load an image from a tar archive or STDIN			
  login       登录docker注册表							Log in to a Docker registry						
  logout      从Docker注册表注销							Log out from a Docker registry					
  logs        获取一个容器的日志							Fetch the logs of a container						
  pause       暂停一个或多个容器中的所有进程					Pause all processes within one or more containers	
  port        列出端口映射或容器的特定映射					List port mappings or a specific mapping for the container	
  ps          列出正在运行的容器							List containers									
  pull        从docker镜像源服务器拉取指定镜像或库镜像		Pull an image or a repository from a registry		
  push        推送指定镜像或库镜像到docker镜像源服务器		Push an image or a repository to a registry		
  restart     重启容器									Restart one or more containers					
  rm          移除一个或多个容器							Remove one or more containers						
  rmi         移除一个或多个镜像 运行中的容器加-f 强制移除		Remove one or more images							
  run         创建一个新容器运行命令						Run a command in a new container					
  save        保存一个镜像或多个镜像为 tar 包				Save one or more images to a tar archive			
  search      在docker hub 中搜索镜像						Search the Docker Hub for images					
  start       启动一个或多个容器							Start one or more stopped containers				
  stats       显示容器资源使用统计的实时流					Display a live stream of container(s) resource usage statistics	
  stop        停止一个或多个运行的容器						Stop one or more running containers				
  tag         创建一个指向SOURCE_IMAGE的标记TARGET_IMAGE	Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE	
  top         显示容器的运行进程							Display the running processes of a container		
  unpause     取消暂停一个或多个容器中的所有进程				Unpause all processes within one or more containers	
  update      更新一个或多个容器的配置						Update configuration of one or more containers	
  version     显示Docker版本信息							Show the Docker version information				
  wait        阻塞直到一个或多个容器停止，打印退出代码			Block until one or more containers stop, then print their exit codes

在这里插入图片描述