Docker学习笔记 —— Docker管理容器
Posted 爱敲代码的三毛
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Docker学习笔记 —— Docker管理容器相关的知识,希望对你有一定的参考价值。
文章目录
Docker管理容器
1. 容器&镜像&仓库&daemon&client之间的关系
- docker客户端下达命令到 docker daemon
- docker daemon 下载 (到镜像仓库下载镜像到本地)
- docker daemon 生成容器
2. 启动容器
验证是否有镜像在本地
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
本地没有镜像,需要去seacrch镜像
仓库:dockerhub
[root@docker ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 7330 [OK]
下载镜像到本地
[root@docker ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
a1d0c7532777: Pull complete
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 12 months ago 231MB
运行容器
# 运行一个命令在centos镜像容器中,容器名为test
[root@docker ~]# docker run -it --name=test centos:latest /bin/bash
[root@3335fd83cd10 /]#
-i:交互式操作
-t:终端
centos:latest :centos的latest版本镜像
/bin/bash:放在镜像名后的是命令,这里我们希望有个交互式 Shell,因此用的是 /bin/bash。
--name: 容器名
[root@3335fd83cd10 /]# ps
PID TTY TIME CMD
1 pts/0 00:00:00 bash
15 pts/0 00:00:00 ps
[root@3335fd83cd10 /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
4: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
3.docker daemon管理
- 远程管理docker daemon充分条件
1.可以把 docker client与docker daemon分开部署
2.可以通过第三方软件管理docker daemon创建的容器
第一步:关闭docker daemon
修改docker配置文件前,请先关闭docker守护进程
[root@docker ~]# systemctl stop docker
第二步:修改docker daemon配置文件
如果想使用/etc/docker/daemon.json管理docker daemon,默认情况下,/etc/docker目录中并没有daemon.json文件,添加后会导致docker daemon无法启动,在添加daemon.json文件之前,请先修改如下文件内容:
[root@docker ~]# cp /usr/lib/systemd/system/docker.service /usr/lib/systemd/system/docker.service.bak
[root@docker ~]# vim /usr/lib/systemd/system/docker.service
修改前:
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
# #删除-H(含)后面所有内容
修改后:
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd
第三步:加载配置文件
修改完成后,一定要加载此配置文件
[root@docker ~]# systemctl daemon-reload
第四步:第四步:重新开启docker守护进程
[root@docker ~]# systemctl start docker
第五步:添加配置文件对docker daemon配置
通过/etc/docker/daemon.json文件对docker守护进程文件进行配置
[root@docker ~]# cd /etc/docker/
[root@docker docker]# vim daemon.json
"hosts": ["tcp://0.0.0.0:2480","unix:///var/run/docker.sock"]
[root@docker docker]# systemctl restart docker
[root@docker docker]# ss -anput | grep ":2375"
tcp LISTEN 0 128 [::]:2375 [::]:* users:(("dockerd",pid=17729,fd=9))
docker daemon默认侦听使用的是unix格式,侦听文件:UNIX:///run/docker.sock,添加tcp://0.0.0.0:2375
可实现远程管理
第六步:实例远程连接方法
在另外一台机器上安装docker操作
# docker -H 远程容器主机 version
注意:不要在命令行后面添加端口
[root@localhost ~]# docker -H 192.168.44.100 images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 12 months ago 231MB
[root@localhost ~]# docker -H 192.168.44.100 version
Client: Docker Engine - Community
Version: 20.10.18
API version: 1.41
Go version: go1.18.6
Git commit: b40c2f6
Built: Thu Sep 8 23:14:08 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.18
API version: 1.41 (minimum version 1.12)
Go version: go1.18.6
Git commit: e42327a
Built: Thu Sep 8 23:12:21 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.8
GitCommit: 9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
4. docker命令行
管理类命令是对普通命令的一个分类加以补充
[root@docker ~]# docker --help
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env
var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands: # 管理类
app* Docker App (Docker Inc., v0.9.1-beta3)
builder Manage builds
buildx* Docker Buildx (Docker Inc., v0.9.1-docker)
config Manage Docker configs
container Manage containers
context Manage contexts
image Manage images
manifest Manage Docker image manifests and manifest lists
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
scan* Docker Scan (Docker Inc., v0.17.0)
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands: # 普通命令
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
To get more help with docker, check out our guides at https://docs.docker.com/go/guides/
5. docker命令行实现容器管理
容器镜像获取
- 系统镜像
- 应用镜像
搜索镜像(dockerhub)
普通命令
搜索centos镜像
[root@docker ~]# docker search centos
管理类命令
无
获取镜像(pull)
从镜像仓库拉取镜像到本地
普通命令
[root@docker ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Image is up to date for centos:latest
docker.io/library/centos:latest
管理命令
[root@docker ~]# docker image pull centos
Using default tag: latest
latest: Pulling from library/centos
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Image is up to date for centos:latest
docker.io/library/centos:latest
打包传输镜像
[root@docker ~]# images
-bash: images: command not found
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker save --help
Usage: docker save [OPTIONS] IMAGE [IMAGE...]
Save one or more images to a tar archive (streamed to STDOUT by default)
Options:
-o, --output string Write to a file, instead of STDOUT
# 打包镜像(也可以通过IMAGE ID打包)
[root@docker ~]# docker save -o centos.tar centos:latest
[root@docker ~]# ls
centos.tar
传输到另外一台机器
[root@docker ~]# scp centos.tar 192.168.44.150:/root/
The authenticity of host '192.168.44.100 (192.168.44.150)' can't be established.
ECDSA key fingerprint is SHA256:lv6Ct2Pe0nmV/L+HrcBoxowbywIueXoCOom6I2dD3fU.
ECDSA key fingerprint is MD5:8c:05:db:2e:ea:01:89:97:d5:87:4b:3f:f0:83:cf:1e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.44.150' (ECDSA) to the list of known hosts.
root@192.168.44.100's password:
centos.tar 100% 228MB 88.8MB/s 00:02
在另外一台机器上安装docker环境
[root@localhost ~]# docker load --help
Usage: docker load [OPTIONS]
Load an image from a tar archive or STDIN
Options:
-i, --input string Read from tar archive file, instead of STDIN
-q, --quiet Suppress the load output
# 导入命令
[root@localhost ~]# docker load -i centos.tar
74ddd0ec08fa: Loading layer [==================================================>] 238.6MB/238.6MB
Loaded image: centos:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 12 months ago 231MB
启动容器
启动容器运行一个bash命令的容器
[root@localhost ~]# docker run -it --name=centos1 centos:latest /bin/bash
[root@7692fb02aa29 /]# exit
exit
或者
[root@localhost ~]# docker container run -it --name=centos2 centos:latest /bin/bash
[root@9bf096f5761d /]# exit
启动一个运行httpd服务的容器
[root@localhost ~]# docker container run -it --name=http centos:latest /bin/bash
在容器中安装hhtpd
[root@3ff9bcdf3e6b ~]# yum install httpd -y
[root@3ff9bcdf3e6b ~]# /usr/sbin/httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
httpd (pid 144) already running
[root@3ff9bcdf3e6b]# echo "hello docker" >> /var/www/html/index.html
[root@3ff9bcdf3e6b]# curl http://localhost/index.html
hello docker
解决docker中的CtenOS8镜像无法使用yum
# cd /etc/yum.repos.d/
# sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
# sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
# yum makecache
基于容器生成文件导入为容器镜像
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3ff9bcdf3e6b centos:latest "/bin/bash" 38 minutes ago Up 38 minutes http
# http为刚才上面创建的容器名,也可以用容器id
[root@localhost ~]# docker export -o centos-httpd.tar http
[root@localhost ~]# ll
total 502832
-rw-------. 1 root root 276310528 Oct 3 00:34 centos-httpd.tar
[root@docker ~]# docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Options:
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Set commit message for imported image
--platform string Set platform if server is multi-platform capable
# 导入镜像,-m类似于注释
[root@docker ~]# docker import -m httpd应用镜像 centos-httpd.tar centos-httpd:v1
sha256:bec35d25ea77e2e62ec8f31b5ef608f34939d942daabca7a081d92c5663f5c77
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 7 seconds ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker history centos-httpd:v1
IMAGE CREATED CREATED BY SIZE COMMENT
bec35d25ea77 43 seconds ago 269MB httpd应用镜像
运行阿帕奇镜像
[root@docker ~]# docker run -it --name centos-httpd centos-httpd:v1 /bin/bash
[root@caa21637996a /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
# 可以看到和前面的内容是一样的
[root@caa21637996a /]# curl http://localhost/index.html
hello docker
查看容器Ip地址
[root@docker ~]# ip a
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:85:ef:e7:12 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:85ff:feef:e712/64 scope link
valid_lft forever preferred_lft forever
# 默认连接的网桥
查看方法1:直接在容器内ip a 查看
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 9 minutes ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker run -it --name=test centos-httpd:v1 /bin/bash
[root@e8204ea0c133 /]# ip a #
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0 #由docker0网桥分配
valid_lft forever preferred_lft forever
查看方法2:查看容器详细信息
[root@docker ~]# docker inspect test
.....
"Networks":
"bridge":
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "738d11b55a3d7848ad645cb43f899ae1cf2b5df267d1f3eb81a71e60f4f090c9",
"EndpointID": "b34195d3629554e911e022bd5f6a1d198a6af0d1fe4ad34e4f22d425999c2486",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
查看方法3:在容器外执行容器内命令
[root@docker ~]# docker exec test ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
停止运行中的容器
[root@docker ~]# docker ps #查看正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8204ea0c133 centos-httpd:v1 "/bin/bash" 6 minutes ago Up 6 minutes test
#停止一个正在运行的容器,d是容器ID简写,也可以写容器名称,但是ID要能够唯一识别
[root@docker ~]# docker stop e82
e82
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker ~]# docker ps --all # 查看所有容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8204ea0c133 centos-httpd:v1 "/bin/bash" 7 minutes ago Exited (0) 15 seconds ago test
caa21637996a centos-httpd:v1 "/bin/bash" 13 minutes ago Exited (0) 8 minutes ago centos-httpd
# 启动多个容器
[root@docker ~]# docker start e8 ca
e8
ca
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8204ea0c133 centos-httpd:v1 "/bin/bash" 8 minutes ago Up 14 seconds test
caa21637996a centos-httpd:v1 "/bin/bash" 14 minutes ago Up 14 seconds centos-httpd
# 关闭多个正在运行的容器
[root@docker ~]# docker stop test centos-httpd
test
centos-httpd
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
开启已停止的容器
启动
[root@docker ~]# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8204ea0c133 centos-httpd:v1 "/bin/bash" 11 minutes ago Exited (0) 2 minutes ago test
caa21637996a centos-httpd:v1 "/bin/bash" 18 minutes ago Exited (0) 2 minutes ago centos-httpd
[root@docker ~]# docker start test
test
进入容器
[root@docker ~]# docker attach --help
Usage: docker attach [OPTIONS] CONTAINER
Attach local standard input, output, and error streams to a running container
Options:
--detach-keys string Override the key sequence for detaching a container
--no-stdin Do not attach STDIN
--sig-proxy Proxy all received signals to the process (default true)
[root@docker ~]# docker attach test
[root@e8204ea0c133 /]#
删除已停止的容器
注意:容器在运行中是不能停止的
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8204ea0c133 centos-httpd:v1 "/bin/bash" 14 minutes ago Up 2 minutes test
[root@docker ~]# docker rm test
Error response from daemon: You cannot remove a running container e8204ea0c133aec17cb7e7ad47ea650d77531ac4f301300690614c9dd3f4a80f. Stop the container before attempting removal or force remove
停止后在删除
[root@docker ~]# docker stop test
test
[root@docker ~]# docker rm test
test
[root@docker ~]# docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
caa21637996a centos-httpd:v1 "/bin/bash" 22 minutes ago Exited (0) 6 minutes ago centos-httpd
容器端口映射
我们知道容器的ip网段默认生成的是172.12网段的,在容器的宿主机上是可以访问的,那么怎么让一个和宿主机在同一网段的另外一台机也能访问到该容器呢?
这就可以用端口映射了。
准备两台机器
主机名 | ip | 备注 |
---|---|---|
docker | 192.168.44.100 | 安装docker,创键一个容器,在容器安装http |
test | 192.168.44.150 | 用来访问docker主机的http容器的index.html文件 |
注意:关闭防火墙和SELinux
在docker上操作
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 39 minutes ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
# 端口映射
[root@docker ~]# docker run -it -p 80:80 --name=test-port centos-httpd:v1 /bin/bash
[root@70a5ad9c2560 /]# yum install -y httpd
[root@70a5ad9c2560 /]# echo "test httpd-port" > /var/www/html/index.html
[root@70a5ad9c2560 /]# httpd -k start
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[root@70a5ad9c2560 /]# curl http://172.17.0.2/index.html
test httpd-port
#在docker宿主机上访问容器ip
[root@docker ~]# curl http://172.17.0.2
test httpd-port
# 访问自己的80 端口
[root@docker ~]# curl http://192.168.44.100
test httpd-port
在test主机上访问docker主机的的80端口
# 最终访问到了docker主机容器中的httpd
[root@test ~]# curl http://192.168.44.100
test httpd-port
查看docker机器上的容器状态
# 可以看到物理机的80端口转发到了某一个容器的80端口上了
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
70a5ad9c2560 centos-httpd:v1 "/bin/bash" 20 minutes ago Up 20 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp test-port
如果主机上同时运行多个http服务的容器,端口怎么映射?
因为端口是稀缺资源
- TCP:1~65535
- UDP:1~65535
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 About an hour ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker run -it -p 80 --name test centos:latest /bin/bash
#如果仅定义了容器的端口,那么容器主机会随机添加映射端口到容器80端口,随机端口大于或等于32768
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b6d97eb9b396 centos:latest "/bin/bash" 7 seconds ago Up 6 seconds 0.0.0.0:49153->80/tcp, :::49153->80/tcp test
使用容器主机的某一IP地址上的端口做随机映射
如果机器上有多个网卡或者多个IP地址,就可以指定ip做随机映射,端口也是随机的
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 About an hour ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker run -it -p 192.168.44.100::80 --name=centos centos:latest /bin/bash
[root@1e4ec6b9e6af /]#
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e4ec6b9e6af centos:latest "/bin/bash" 5 seconds ago Up 4 seconds 192.168.44.100:49153->80/tcp centos
容器使用Docker Host存储数据
容器的数据持久化存储
第一步:在Dokcer Host 创建用于存储目录
[root@docker ~]# mkdir /opt/cvolume
第二步:运行容器并挂载上述目录
[root@docker ~]# docker run -it -v /opt/cvloume:/data --name=test centos:latest /bin/bash
[root@2cd56e044963 /]# ls /
bin dev home lib64 media opt root sbin sys usr
data(这个目录是创建容器时自动创建的) etc lib lost+found mnt proc run srv tmp var
示例:运行在容器中的http服务,使用docker host的/web目录中的网页文件,并能够在doker host上进行修改,修改后立即生效
第一步:创建/web并添加网页文件
[root@docker ~]# mkdir /web
[root@docker ~]# echo "test web" >> /web/index.html
第二步:启动容器对/web目录进行挂载
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos-httpd v1 bec35d25ea77 2 hours ago 269MB
centos latest 5d0da3dc9764 12 months ago 231MB
[root@docker ~]# docker run -it -p 8080:80/tcp -v /web:/var/www/html --name=centos-web centos:latest /bin/bash
[root@2b0c9dc8f6d9 /]# ls /var/www/html
index.html
# 安装httpd并启动
[root@2b0c9dc8f6d9 /]# yum install httpd -y
[root@2b0c9dc8f6d9 /]# httpd -k start
第三步:访问http(在docker主机访问自己的8080端口)
[root@docker ~]# curl http://192.168.44.100:8080
test web
再次添加内容测试
[root@docker ~]# echo "hello" >> /web/index.html
到容器里查看
[root@eb08ccaebac4 /]# cat /var/www/html/index.html
test web
hello
同样在容器里写入数据也会马上同步到宿主机docker上
[root@eb08ccaebac4 /]# echo "docker" >> /var/www/html/index.html
[root@docker ~]# cat /web/index.html
test web
hello
docker
同步容器与docker host时间
[root@docker ~]# docker run -it -v /etc/localtime:/etc/localtime centos:latest /bin/bash
[root@24aed789dbd5 /]# date
Sun Oct 2 19:07:27 CST 2022
在容器外执行容器内命令
# 在名为centos的容器里执行 ls命令
[root@docker ~]# docker exec centos ls
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
容器间互联(–link)
第一步:创建被依赖容器
[root@docker ~]# docker run -it --name=test centos:latest /bin/bash
[root@caa54f58490e /]#
第二步:创建依赖于源容器的容器
# test:mysqldb 给test容器起一个别名
[root@docker ~]# docker run --link test:mysqldb -it --name=web centos:latest /bin/bash
[root@57b694db72cd /]# cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 mysqldb caa54f58490e test
172.17.0.3 57b694db72cd
[root@57b694db72cd /]# ping mysqldb
PING mysqldb (172.17.0.2) 56(84) bytes of data.
64 bytes from mysqldb (172.17.0.2): icmp_seq=1 ttl=64 time=0.078 ms
64 bytes from mysqldb (172.17.0.2): icmp_seq=2 ttl=64 time=0.109 ms
64 bytes from mysqldb (172.17.0.2): icmp_seq=3 ttl=64 time=0.059 ms
第三步:验证
关闭容器
[root@docker ~]# docker stop test web
test
web
添加一个新的容器,用于抢占test的IP (172.17.0.2)
[root@docker ~]# docker run -it centos /bin/bash
[root@2f7557ecf96e /]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
46: eth0@if47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
先启动被依赖test容器,在启动web容器
[root@docker ~]# docker start test
test
[root@docker ~]# docker start web
web
[root@docker ~]# docker exec test cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 caa54f58490e
[root@docker ~]# docker exec web cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 mysqldb caa54f58490e test
172.17.0.4 57b694db72cd
是否能够ping通
[root@docker ~]# docker exec web ping test
PING mysqldb (172.17.0.3) 56(84) bytes of data.
64 bytes from mysqldb (172.17.0.3): icmp_seq=1 ttl=64 time=0以上是关于Docker学习笔记 —— Docker管理容器的主要内容,如果未能解决你的问题,请参考以下文章