Docker知识

Posted sunshenggang

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Docker知识相关的知识,希望对你有一定的参考价值。

Docker安装

docker的官方网站:https://www.docker.com/

docker镜像的网站:https://hub.docker.com/

docker安装网址:https://docs.docker.com/engine/install/centos/

卸载老版本

$>>sudo apt remove docker docker-engine docker.io containerd runc

Ubuntu安装

 sudo apt-get update
 sudo apt-get install     apt-transport-https     ca-certificates     curl     gnupg-agent     software-properties-common
#添加 GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
#验证
sudo apt-key fingerprint 0EBFCD88

#添加仓库
sudo add-apt-repository    "deb [arch=amd64] https://download.docker.com/linux/ubuntu    $(lsb_release -cs)    stable"
#再更新
sudo apt-get update
#安装
sudo apt-get install docker-ce docker-ce-cli containerd.io




#1、如果没有docker用户组,创建
sudo groupadd docker
#2、把普通用户添加到docker用户组中
sudo gpasswd -a $USER docker
#3、更新docker用户组
newgrp docker
#4、重启docker
sudo service docker restart

Windows安装

mac安装

centos安装

yum install -y yum-utils
yum-config-manager     --add-repo     https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-nightly
yum install docker-ce docker-ce-cli containerd.io
systemctl start docker

deepin安装

 sudo apt-get update
 sudo apt-get install     apt-transport-https     ca-certificates     curl     gnupg-agent     software-properties-common
#添加 GPG key
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
#验证
sudo apt-key fingerprint 0EBFCD88

#添加仓库
vim /etc/apt/sources.list
#添加
deb [arch=amd64] https://download.docker.com/linux/debian jessie stable
#再更新
sudo apt-get update
#安装
sudo apt-get install docker-ce docker-ce-cli containerd.io

## docker默认情况下是root运行
## 设置普通用户可以运行docker





#1、如果没有docker用户组,创建
sudo groupadd docker
#2、把普通用户添加到docker用户组中
sudo gpasswd -a $USER docker
#3、更新docker用户组
newgrp docker
#4、重启docker
sudo service docker restart

设置阿里云镜像加速器

https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-‘EOF‘
{
  "registry-mirrors": ["https://k80hx2w5.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

Docker 命令

docker 镜像下的命令

docker images

查看镜像下的内容

-a 查看所有的镜像

-q 查看进行的id

-aq 查看所有的镜像id

sun@sun:/etc/docker$ docker images --help

Usage:	docker images [OPTIONS] [REPOSITORY[:TAG]]

List images

Options:
  -a, --all             Show all images (default hides intermediate images)
      --digests         Show digests
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print images using a Go template
      --no-trunc        Don‘t truncate output
  -q, --quiet           Only show numeric IDs

docker search

搜索镜像

sun@sun:/etc/docker$ docker search --help

Usage:	docker search [OPTIONS] TERM

Search the Docker Hub for images

Options:
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print search using a Go template
      --limit int       Max number of search results (default 25)
      --no-trunc        Don‘t truncate output

搜索mysql的所有镜像

-f 过滤条件 查找大于等于3000stars的镜像

docker pull

安装镜像

docker pull centos # 安装centos的镜像---默认下载最新版本
docker pull centos:7.0  #安装指定版本的镜像

docker rmi

docker rmi 镜像id或者镜像名称

docker rmi -f $(docker images -qa) #删除全部镜像

options:

Usage:	docker rmi [OPTIONS] IMAGE [IMAGE...]

Remove one or more images

Options:
  -f, --force      Force removal of the image   #强制删除
      --no-prune   Do not delete untagged parents

删除镜像

sun@sun:/etc/docker$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              831691599b88        2 weeks ago         215MB
hello-world         latest              bf756fb1ae65        6 months ago        13.3kB

sun@sun:/etc/docker$ docker rmi bf756fb1ae65
Untagged: hello-world:latest
Untagged: hello-world@sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9
Deleted: sha256:bf756fb1ae65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b
Deleted: sha256:9c27e219663c25e0f28493790cc0b88bc973ba3b1686355f221c38a36978ac63
sun@sun:/etc/docker$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              831691599b88        2 weeks ago         215MB

docker history

查看指定镜像的创建历史

Usage:	docker history [OPTIONS] IMAGE

Show the history of an image

Options:
      --format string   Pretty-print images using a Go template
  -H, --human           Print sizes and dates in human readable format (default true)
      --no-trunc        Don‘t truncate output
  -q, --quiet           Only show numeric IDs
  
sun@sun:/etc/docker$ docker history centos
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
831691599b88        2 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/bash"]            0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop)  LABEL org.label-schema.sc…   0B                  
<missing>           2 weeks ago         /bin/sh -c #(nop) ADD file:84700c11fcc969ac0…   215MB     

docker tag

标记本地镜像,将其归入某一仓库

sun@sun:/etc/docker$ docker tag --help

Usage:	docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]

$ docker tag centos qqqq5566/centos:1.0
sun@sun:/etc/docker$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              latest              831691599b88        2 weeks ago         215MB
qqqq5566/centos     1.0                 831691599b88        2 weeks ago         215MB

docker save

将指定镜像保存成tar归档文件

sun@sun:/etc/docker$ docker save --help

Usage:	docker save [OPTIONS] IMAGE [IMAGE...]

Save one or more images to a tar archive (streamed to STDOUT by default)

Options:
  -o, --output string   Write to a file, instead of STDOUT  #输出到的文件

sun@sun:~/Documents/study$ docker save -o test.tar qqqq5566/centos:1.0
sun@sun:~/Documents/study$ ls
Docker.md  test.tar

docker load

导入使用docker save导出的镜像

sun@sun:~/Documents/study$ docker load --help

Usage:	docker load [OPTIONS]

Load an image from a tar archive or STDIN

Options:
  # -i  文件
  -i, --input string   Read from tar archive file, instead of STDIN
  -q, --quiet          Suppress the load output


sun@sun:~/Documents/study$ docker load -i test.tar 

docker import

从归档文件中创建镜像

sun@sun:~/Documents/study$ docker import --help

Usage:	docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]

Import the contents from a tarball to create a filesystem image

Options:
  # -c  应用docker指令创建镜像
  -c, --change list      Apply Dockerfile instruction to the created image 
  # -m 提交是说明的文字
  -m, --message string   Set commit message for imported image

#清空了docker下面的全部镜像
sun@sun:~/Documents/study$ docker images -a
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

#从test.tar 文件中创建镜像,命名为qqqq5566/centos:1.0
sun@sun:~/Documents/study$ docker import test.tar qqqq5566/centos:1.0
sha256:17396dff70313c6ccdf6fd5bc994b1ce9beaecad936bbb4fe8297169b67ed52b
sun@sun:~/Documents/study$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
qqqq5566/centos     1.0                 17396dff7031        4 seconds ago       223MB

docker login

登陆到一个Docker镜像仓库,如果未指定镜像仓库地址,默认为官方仓库 Docker Hub

sun@sun:~/Documents/study$ docker login --help
# SERVER是远程镜像仓库的server
Usage:	docker login [OPTIONS] [SERVER]

Log in to a Docker registry

Options:
  # -p  密码
  -p, --password string   Password
      --password-stdin    Take the password from stdin
  # -u 用户名
  -u, --username string   Username

#登录阿里云云的镜像远程仓库地址
sun@sun:~/Documents/study$ docker login --username=at6663z8i@aliyun.com registry.cn-hangzhou.aliyuncs.com
Password: 
WARNING! Your password will be stored unencrypted in /home/sun/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

docker logout

登出一个Docker镜像仓库,如果未指定镜像仓库地址,默认为官方仓库 Docker Hub

sun@sun:~/Documents/study$ docker logout --help
# SERVER是远程镜像仓库的server
Usage:	docker logout [SERVER]

Log out from a Docker registry

注释

  • docker load 和docker import的区别
    docker load 不能重新给镜像命名,导出时什么名称和标签,导入一样,如果镜像存在就会导入失败;
    docker import 可以重新加载Dockerfile文件,也可以重新命名,不会影响原先的镜像

容器命令

docker ps

列出容器

sun@sun:~/Documents/study$ docker ps --help

Usage:	docker ps [OPTIONS]

List containers

Options:
  # -a  显示全部的容器
  -a, --all             Show all containers (default shows just running)
  # -f 过滤容器
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print containers using a Go template
  # -n  -n 5 列出最近创建的5个容器
  -n, --last int        Show n last created containers (includes all states) (default -1)
  # -l 显示最近创建的容器
  -l, --latest          Show the latest created container (includes all states)
      --no-trunc        Don‘t truncate output
  # -q 显示全部容器的id
  -q, --quiet           Only display numeric IDs
  -s, --size            Display total file sizes



## 例子
/*
* CONTAINER ID 容器id
* IMAGE  镜像ID
* COMMAND  启动容器是运行的命令
* CREATED  启动时间
* STATUS  容器状态
		created --已经创建
		restarting --重启中
		running  运行中
		removeing 迁移中
		paused 暂停
		exited 停止
		dead 死亡
* PORT 容器的端口和使用的链接类型(tcp/udp)
* NAMES 自动分配的容器名称
*/
sun@sun:~/Documents/study$ docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
a21e3cd1cab2        831691599b88        "/bin/bash"         2 minutes ago       Up 2 minutes                            pedantic_dijkstra

列出全部的容器ID

docker ps -qa

docker inspect

获取容器/镜像的元数据

docker inspect 容器ID或者容器名称

sun@sun:~/Documents/study$ docker inspect --help

Usage:	docker inspect [OPTIONS] NAME|ID [NAME|ID...]

Return low-level information on Docker objects

Options:
  -f, --format string   Format the output using the given Go template
  -s, --size            Display total file sizes if the type is container
      --type string     Return JSON for specified type

docker top

查看容器中运行的进程信息,支持ps命令参数

语法:

docker top CONTAINER [ps OPTIONS]

sun@sun:~/Documents/study$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
a21e3cd1cab2        831691599b88        "/bin/bash"         16 minutes ago      Up 16 minutes                           pedantic_dijkstra
sun@sun:~/Documents/study$ docker top a21e3cd1cab2
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                10248               10222               0                   11:04               pts/0               00:00:00            /bin/bash

docker attach

链接到正在运行中的容器

语法:

Usage:	docker attach [OPTIONS] CONTAINER

Attach local standard input, output, and error streams to a running container

Options:
      --detach-keys string   Override the key sequence for detaching a container
      --no-stdin             Do not attach STDIN
      --sig-proxy            Proxy all received signals to the process (default true)

使用:

sun@sun:~/Documents/study$ docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
a21e3cd1cab2        831691599b88        "/bin/bash"         19 minutes ago      Up 19 minutes                           pedantic_dijkstra
sun@sun:~/Documents/study$ docker attach a21e3cd1cab2
[root@a21e3cd1cab2 /]# ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
[root@a21e3cd1cab2 /]# 

docker run

创建一个新的容器并运行

语法:

docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

options的说明:

-i 以交互模式运行容器,通常与-t同时使用
-t 为容器重新分配一个伪输入终端
-d 后台运行容器,并返回容器ID
-P (大写P)随机端口映射
-p 指定端口映射,格式为:主机端口:容器端口
--name=容器名称  为容器指定一个名称
-v  绑定一个卷
--net=网络类型名称  默认网络类型名称bridge,指定容器的网络类型,支持bridge/host/none/container四中类型
-m 设置容器使用的内存大小
-e 设置环境变量
-w  指定工作目录

使用:

sun@sun:~/Documents/study$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
qqqq5566/centos     1.0                 831691599b88        2 weeks ago         215MB
sun@sun:~/Documents/study$ docker run --name centos01 -p 8080:80 -it qqqq5566/centos:1.0 /bin/bash
sun@sun:~/Documents/study$ sudo docker ps
CONTAINER ID        IMAGE                 COMMAND             CREATED             STATUS              PORTS                  NAMES
038116fac822        qqqq5566/centos:1.0   "/bin/bash"         47 seconds ago      Up 46 seconds       0.0.0.0:8080->80/tcp   centos01
a21e3cd1cab2        831691599b88          "/bin/bash"         34 minutes ago      Up 34 minutes                              pedantic_dijkstra

docker rm

删除容器

语法:

	docker rm [OPTIONS] CONTAINER [CONTAINER...]

options说明:

-f  强制删除
-l  移除容器间的网络链接
-v  删除与容器关联的卷

实例:

docker rm -f db01 db02  #强制删除容器db02 db01

docker rm $(docker ps -aq)  #删除所有已经通知的容器

docker start/stop/restart

docker start 启动一个或多个已经被停止的容器

docker start [OPTIONS] CONTAINER [CONTAINER...]

docker stop 停止一个运行中的容器

docker stop [OPTIONS] CONTAINER [CONTAINER...]
-t int  #几秒后重启

docker restart 重启容器

docker restart [OPTIONS] CONTAINER [CONTAINER...]
-t int  #几秒后重启

docker cp

用于容器与主机之间的数据拷贝

语法:

docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH

实例:

### 将主机的Docker.md文件拷贝到容器中的home目录下面

sun@sun:~/Documents/study$ sudo docker ps
CONTAINER ID        IMAGE                 COMMAND             CREATED              STATUS              PORTS               NAMES
892bf55d0b63        qqqq5566/centos:1.0   "/bin/bash"         About a minute ago   Up About a minute                       centos01
sun@sun:~/Documents/study$ sudo docker cp Docker.md 892bf55d0b63:/home

#将主机的study目录拷贝的容器中,目录重命名为www目录

sudo docker cp /home/sun/Documents/study 892bf55d0b63:/www


### 将容器中的www目录,拷贝到主机中
sudo docker cp 892bf55d0b63:/www  /home/sun/Documents/

docker commit

从容器创建一个新的镜像

sun@sun:~/Documents/study$ docker commit --help

Usage:	docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

Create a new image from a container‘s changes

Options:
  -a, --author string    Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
  -c, --change list      Apply Dockerfile instruction to the created image
  -m, --message string   Commit message
  -p, --pause            Pause container during commit (default true)

实例:

#docker commit 容器ID  新的镜像:tag
docker commit 5449bbb54373 qqqq5566/myubuntu:0.1

挂卷

docker run -v [主机目录:]容器目录

匿名挂卷

匿名挂卷的意思是不知道主叫目录,只要容器目录

通过 docker inspect 容器id 查看映射的目录

docker run -p 8080:80 -v /etc -it qqqq5566/centos:1.0  /bin/bash

具名挂卷

具名挂着生成的目录在/var/lib/docker/volumes/test

docker run -p 8080:80 -v test:/etc -it qqqq5566/centos:1.0  /bin/bash

挂卷到指定的主叫目录

docker run -p 8080:80 -v /home/sun/Documents/study/etc:/etc -it qqqq5566/centos:1.0  /bin/bash

Docker实战

Dockerfile

命令解释

注意:命令必须是大写

#FROM  指明构建的镜像来自于那个基础镜像
FROM centos

#MAINTAINER  指明镜像维护者及其联系方式
MAINTAINER sun<sun_sheng_gang@163.com>

#RUN 构建镜像时运行的shell命令
RUN yum install httpd

#CMD  启动容器时执行的Shell命令
CMD ["ls","-l"]

# EXPOSE  声明容器运行的服务端口
EXPOSE 80 443

#ENV  设置环境变量
ENV MYSQL_ROOT_PASSWORD  123456
ENV JAVA_HOME /usr/local/jdk1.8.0_45

#ADD 拷贝文件或者目录到镜像中
ADD html.tar.gz /var/www/html
ADD https://xxxx/html.tar.gz /var/www/html  #如果是URL会自动下载

#COPY  拷贝文件或者目录到镜像中
COPY ./start.sh /start.sh

#ENTRYPOINT  启动容器时执行的Shell命令
ENTRYPOINT ["/bin/bash"]

#VOLUME  指定容器挂载点到主机自动生成的目录中
VOLUME ["/var/lib/mysql"]

#WORKDIR  设置工作目录
WORKDIR /usr/local

Dockerfile实战

FROM centos

WORKDIR /usr/local
COPY ./Docker.md /usr/local/
RUN yum -y install vim
RUN yum -y install net-tools

CMD echo "----sunccess------"

生成镜像

docker build -f dockerfile -t qqqq5566/mycentos:0.1 .

Docker 网络

sun@sun:~/Documents/study$ docker network --help

Usage:	docker network COMMAND

Manage networks

Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks

Run ‘docker network COMMAND --help‘ for more information on a command.
sun@sun:~/Documents/study$ 

新建网络

docker network create -d bridge test-net

sun@sun:~/Documents/study$ docker network create --help

Usage:	docker network create [OPTIONS] NETWORK

Create a network

Options:
      --attachable           Enable manual container attachment
      --aux-address map      Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
      --config-from string   The network from which copying the configuration
      --config-only          Create a configuration only network
  -d, --driver string        Driver to manage the Network (default "bridge")
      --gateway strings      IPv4 or IPv6 Gateway for the master subnet
      --ingress              Create swarm routing-mesh network
      --internal             Restrict external access to the network
      --ip-range strings     Allocate container ip from a sub-range
      --ipam-driver string   IP Address Management Driver (default "default")
      --ipam-opt map         Set IPAM driver specific options (default map[])
      --ipv6                 Enable IPv6 networking
      --label list           Set metadata on a network
  -o, --opt map              Set driver specific options (default map[])
      --scope string         Control the network‘s scope
      --subnet strings       Subnet in CIDR format that represents a network segment
#创建一个桥接网络,名称为test-net
sun@sun:~/Documents/study$ docker network create -d bridge test-net
dd3c148ccc9972aae2171efd5e8b602f099537057955deacd0f2ae93a4018aed

Docker 网络实战

docker run -itd --name test1 --network test-net centos
docker run -itd --name test2 --network test-net centos
docker run -itd --name test3 --network test-net centos

docker exec test1 ping test2
docker exec test1 ping test3

Compose

Compose 是用于定义和运行多容器Docker的应用程序工具。

创建docker-compose.yml配置文件

指令参考:

version  指定yml依从的compose那个版本
build  指定为构建镜像上下文路径
depends_on  设置依赖关系

Composer实战

Dockerfile文件

FROM golang

ENV GO111MODULE on
ENV GOPROXY https://mirrors.aliyun.com/goproxy



COPY . /go/src/docker_golang_test
WORKDIR /go/src/docker_golang_test/

RUN go build -o main



EXPOSE 8080

RUN chmod +x main

ENTRYPOINT [ "./main" ]



version: "2"
services: 
    web:
        build: .
        ports: 
            - "8080:8080"
        # command: 
        #     - ["./main"]
        # volumes: 
        #     - /home/sun/Desktop/golang/docker_golang_test:/go/src/docker_golang_test
        depends_on: #依赖
            - mysql
        networks: #网络
            - app-network
    mysql:
        image: mysql:5.7 #mysql使用的镜像
        environment: 
            MYSQL_ROOT_PASSWORD: "root" #root的用户名
            MYSQL_DATABASE: "sun" #初始化一个数据库
        
        ports: 
            - "3306"
        networks: 
            - app-network
networks: #指定网络
    app-network:
        driver: bridge 

这样在golang的容器中就可以直接使用mysql代替ip地址



以上是关于Docker知识的主要内容,如果未能解决你的问题,请参考以下文章

markdown [Docker] Docker片段列表和命令#linux #docker #snippets

Tweepy - 排除转推

markdown docker-compose片段

sh Docker片段

使用docker需要知道的基础知识

《Docker 源码分析》全球首发啦!