运行交互式的容器:
[iyunv@elk02 ~]# docker run -i -t ubuntu:15.10 /bin/bash
root@66d539b6313e:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
- -t:在新容器内指定一个伪终端或终端。
- -i:允许你对容器内的标准输入 (STDIN) 进行交互
启动容器(后台模式):
[iyunv@elk02 ~]# docker run -d ubuntu:15.10 /bin/sh -c "while true; do echo hello world; sleep 1; done"
5a2a7609bb50410323b30532988422412a0bd76f7ca36a7b79fc7dfd58348402
[iyunv@elk02 ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a2a7609bb50 ubuntu:15.10 "/bin/sh -c 'while tr" 5 seconds ago Up 3 seconds tiny_shaw
[iyunv@elk02 ~]# docker logs 5a2a7609bb50
hello world
hello world
hello world
hello world
hello world
hello world
hello world
hello world
hello world
hello world
hello world
hello world
…
进入容器:
[iyunv@elk01 conf]# docker exec -i -t 0321912df6c1 /bin/bash
root@0321912df6c1:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
停止容器:
[iyunv@elk01 ~]# docker stop 5a2a7609bb50
5a2a7609bb50
[iyunv@elk02 ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5a2a7609bb50 ubuntu:15.10 "/bin/sh -c 'while tr" 4 minutes ago Exited (137) 6 seconds ago tiny_shaw
网络端口映射:
[iyunv@elk01 sysconfig]# docker run -d -P training/webapp python app.py
6ab91fee56ff81c3ee71f89dfad0ed6439aaf698c563b4b90d9355f5231a8240
You have mail in /var/spool/mail/root
[iyunv@elk01 sysconfig]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6ab91fee56ff training/webapp:latest "python app.py" 6 seconds ago Up 6 seconds 0.0.0.0:32778->5000/tcp furious_rosalind
- -d:让容器在后台运行。
- -P:将容器内部使用的网络端口映射到我们使用的主机上。
- -p:指定需要绑定的端口号
查看网络端口映射:docker port
[iyunv@elk01 sysconfig]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2bb2ed1f9867 training/webapp:latest "python app.py" 9 minutes ago Up 9 minutes 0.0.0.0:5000->5000/tcp high_mcclintock
[iyunv@elk01 sysconfig]# docker port 2bb2ed1f9867 #可以使用容器ID或者名字
5000/tcp -> 0.0.0.0:5000
[iyunv@elk01 sysconfig]# docker port high_mcclintock
5000/tcp -> 0.0.0.0:5000
查看正在运行的容器:
[iyunv@elk01 sysconfig]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2bb2ed1f9867 training/webapp:latest "python app.py" 7 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp high_mcclintock
- -l,--latest=false:查看最后创建的容器(包含没有启动的容器)
查看容器的应用日志:
和tail -f一样
[iyunv@elk01 sysconfig]# docker logs -f 2bb2ed1f9867
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
10.11.102.12 - - [03/Nov/2017 06:52:49] "GET / HTTP/1.1" 200 -
10.11.102.12 - - [03/Nov/2017 06:52:49] "GET /favicon.ico HTTP/1.1" 404 -
检查WEB应用程序:
使用 docker inspect 来查看Docker的底层信息。它会返回一个 JSON 文件记录着 Docker 容器的配置和状态信息。
[iyunv@elk01 sysconfig]# docker inspect 2bb2ed1f9867
[{
"AppArmorProfile": "",
"Args": [
"app.py"
],
"Config": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"python",
"app.py"
],
…
删除容器:
容器必须先停止,才能删除
[iyunv@elk01 sysconfig]# docker rm 2bb2ed1f9867
Error response from daemon: Conflict, You cannot remove a running container. Stop the container before attempting removal or use -f
FATA[0000] Error: failed to remove one or more containers
[iyunv@elk01 sysconfig]# docker stop 2bb2ed1f9867
2bb2ed1f9867
[iyunv@elk01 sysconfig]# docker rm 2bb2ed1f9867
2bb2ed1f9867
列出本地所有镜像:
[iyunv@elk01 sysconfig]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
镜像的仓库源 镜像的标签 镜像ID 镜像创建时间 镜像大小
yehaifeng/learn 6.7 a0318133f1fa 2 weeks ago 190.6 MB
yehaifeng/ubuntu v4 6b416869c565 2 weeks ago 137.2 MB
docker.io/mysql 5.6 dd751b1fac67 2 weeks ago 299 MB
docker.io/httpd latest fe37d22f8f5f 3 weeks ago 177.3 MB
docker.io/ubuntu latest bd92ca350bbd 3 weeks ago 122 MB
docker.io/nginx latest 2ecc072be0ec 3 weeks ago 108.3 MB
docker.io/debian jessie de2958a3c124 3 weeks ago 123.4 MB
docker.io/centos 6.7 27c25e48cd03 7 weeks ago 190.6 MB
docker.io/hello-world latest bef02f2f6467 7 weeks ago 1.84 kB
docker.io/jiaxiangkong/jumpserver_docker 0.3.2 80e9ddba8da6 11 months ago 179.2 MB
docker.io/ubuntu 15.10 bfaaabeea063 15 months ago 137.2 MB
docker.io/training/webapp latest 02a8815912ca 2.472794 years ago 348.7 MB
docker.io/ubuntu 13.10 195eb90b5349 3.379130 years ago 184.5 MB
从镜像仓库查找下载镜像:
[iyunv@elk01 sysconfig]# docker search nginx #查找镜像
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/nginx Official build of Nginx. 7172 [OK]
docker.io docker.io/jwilder/nginx-prox Automated Nginx reverse proxy for docker c... 1159 [OK]
docker.io docker.io/richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable ... 468 [OK]
[iyunv@elk01 sysconfig]# docker pull nginx #下载镜像
latest: Pulling from docker.io/nginx
33e4f169980f: Pull complete
4732224668e2: Pull complete
d7a36ce98ade: Pull complete
d8b26cb8ad00: Pull complete
15fc5d030907: Pull complete
878f1c38771b: Pull complete
b18c56787b43: Pull complete
9c0ba5cb2724: Pull complete
2bbcf0f8fd73: Pull complete
6362f5ebce41: Pull complete
Digest: sha256:19d924bb7e9cfc412703c433e61803768cca7b2b8ef2ba1250be6647868a6acf
Status: Downloaded newer image for docker.io/nginx:latest
[iyunv@elk01 sysconfig]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
docker.io/nginx latest 6362f5ebce41 6 days ago 108.4 MB
docker.io/mysql 5.6 dd751b1fac67 2 weeks ago 299 MB
docker.io/jiaxiangkong/jumpserver_docker 0.3.2 80e9ddba8da6 11 months ago 179.2 MB
创建镜像:
当我们从docker镜像仓库中下载的镜像不能满足我们的需求时,我们可以通过以下两种方式对镜像进行更改。
1.从已经创建的容器中更新镜像,并且提交这个镜像
2.使用 Dockerfile 指令来创建一个新的镜像
更新镜像:
#更新镜像之前,我们需要使用镜像来创建一个容器。
[iyunv@elk01 sysconfig]# docker run -t -i ubuntu:15.10 /bin/bash
Unable to find image 'ubuntu:15.10' locally
15.10: Pulling from docker.io/ubuntu
8e40f6313e6b: Pull complete
e2224f46fc07: Pull complete
8c721b8e6e1c: Pull complete
a73b3adec5de: Pull complete
bfaaabeea063: Pull complete
Digest: sha256:cc767eb612212f9f5f06cd1f4e0821d781a5f83bc24d1182128a1088907d3825
Status: Downloaded newer image for docker.io/ubuntu:15.10
root@7ea24f7664d0:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
#在运行的容器内使用命令进行修改操作
root@7ea24f7664d0:/# apt-get update
Ign http://archive.ubuntu.com wily InRelease
Ign http://archive.ubuntu.com wily-updates InRelease
Ign http://archive.ubuntu.com wily-security InRelease
Ign http://archive.ubuntu.com wily Release.gpg
Ign http://archive.ubuntu.com wily-updates Release.gpg
Ign http://archive.ubuntu.com wily-security Release.gpg
Ign http://archive.ubuntu.com wily Release
…
#将修改好的副本提交docker仓库中,并指定版本为v2
[iyunv@elk01 sysconfig]# docker commit -m="has update" -a="runoob" 7ea24f7664d0 yehaifeng/ubuntu:v2
2f84022778678a442c943c19b492232a4b5867d853ed57e11d0246150dda9c28
[iyunv@elk01 sysconfig]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
yehaifeng/ubuntu v2 2f8402277867 4 seconds ago 137.2 MB
docker.io/nginx latest 6362f5ebce41 6 days ago 108.4 MB
docker.io/mysql 5.6 dd751b1fac67 2 weeks ago 299 MB
docker.io/jiaxiangkong/jumpserver_docker 0.3.2 80e9ddba8da6 11 months ago 179.2 MB
docker.io/ubuntu 15.10 bfaaabeea063 15 months ago 137.2 MB
- -m:提交的描述信息
- -a:指定镜像作者
- 7ea24f7664d0:容器ID
- yehaifeng/ubuntu:v2:指定要创建的目标镜像名
构建镜像docker build:
从零开始来创建一个新的镜像。为此,我们需要创建一个 Dockerfile 文件,其中包含一组指令来告诉 Docker 如何构建我们的镜像。
[iyunv@elk01 ~]# cat Dockerfile
FROM centos:6.7
MAINTAINER Fisher "fisher@sudops.com"
RUN /bin/echo 'root:123456' |chpasswd
RUN useradd runoob
RUN /bin/echo 'runoob:123456' |chpasswd
RUN /bin/echo -e "LANG=\"en_US.UTF-8\"" >/etc/default/local
EXPOSE 22
EXPOSE 80
CMD /usr/sbin/sshd –D
[iyunv@elk01 ~]# docker build -t runoob/centos:6.7 .
Sending build context to Docker daemon 952.9 MB
Sending build context to Docker daemon
Step 0 : FROM centos:6.7
---> a40ca4e3cce6
Step 1 : MAINTAINER Fisher "fisher@sudops.com"
---> Using cache
---> cc989d9b4629
Step 2 : RUN /bin/echo 'root:123456' |chpasswd
---> Using cache
---> fae1ea8b83c2
Step 3 : RUN useradd runoob
---> Using cache
---> 6085436fbfde
Step 4 : RUN /bin/echo 'runoob:123456' |chpasswd
---> Using cache
---> 2c98a6d8a31e
Step 5 : RUN /bin/echo -e "LANG=\"en_US.UTF-8\"" >/etc/default/local
---> Using cache
---> 3a4a92e7fe15
Step 6 : EXPOSE 22
---> Using cache
---> 35596241dcdf
Step 7 : EXPOSE 80
---> Using cache
---> 649b43f0fbd8
Step 8 : CMD /usr/sbin/sshd -D
---> Using cache
---> 3192d489e846
Successfully built 3192d489e846
[iyunv@elk01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
runoob/centos 6.7 3192d489e846 3 hours ago 190.6 MB
runoob/ubuntu v2 59b7bca5f46b 3 hours ago 179.9 MB
docker.io/centos 6.7 a40ca4e3cce6 2 days ago 190.6 MB
yehaifeng/ubuntu v2 2f8402277867 3 days ago 137.2 MB
docker.io/nginx latest 6362f5ebce41 9 days ago 108.4 MB
docker.io/mysql 5.6 dd751b1fac67 2 weeks ago 299 MB
docker.io/jiaxiangkong/jumpserver_docker 0.3.2 80e9ddba8da6 11 months ago 179.2 MB
docker.io/ubuntu 15.10 bfaaabeea063 15 months ago 137.2 MB
本地文件挂载:
[iyunv@elk01 conf]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
runoob/centos 6.7 3192d489e846 21 hours ago 190.6 MB
runoob/ubuntu v2 59b7bca5f46b 21 hours ago 179.9 MB
docker.io/centos 6.7 a40ca4e3cce6 3 days ago 190.6 MB
yehaifeng/ubuntu v2 2f8402277867 3 days ago 137.2 MB
docker.io/nginx latest 6362f5ebce41 10 days ago 108.4 MB
docker.io/mysql 5.6 dd751b1fac67 3 weeks ago 299 MB
docker.io/jiaxiangkong/jumpserver_docker 0.3.2 80e9ddba8da6 11 months ago 179.2 MB
docker.io/ubuntu 15.10 bfaaabeea063 15 months ago 137.2 MB
docker.io/training/webapp latest 02a8815912ca 2.483361 years ago 348.7 MB
[iyunv@elk01 nginx]# docker run -d -p 80:80 --name younginx -v $PWD/www/:/usr/share/nginx/html/ -v $PWD/logs/:/var/log/nginx/ -v $PWD/conf/nginx.conf:/etc/nginx/nginx.conf nginx
0321912df6c129e817a51cdb7de4ff8c6a2ae056cd2639ca9ac9b5032f4b8c26
#-v:将本地文件映射到容器中的文件
[iyunv@elk01 nginx]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0321912df6c1 nginx:latest "nginx -g 'daemon of 3 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp younginx
c11937cd9383 jiaxiangkong/jumpserver_docker:0.3.2 "/bin/sh -c /run.sh" 5 months ago Up 4 months 0.0.0.0:2222->22/tcp, 0.0.0.0:8888->80/tcp jms
docker --help:
[iyunv@elk01 conf]# docker --help
Usage: docker [OPTIONS] COMMAND [arg...]
A self-sufficient runtime for linux containers.
Options:
--add-registry=[] Registry to query before a public one
--api-cors-header= Set CORS headers in the remote API
-b, --bridge= Attach containers to a network bridge
--bip= Specify network bridge IP
--block-registry=[] Don't contact given registry
--confirm-def-push=true Confirm a push to default registry
-D, --debug=false Enable debug mode
-d, --daemon=false Enable daemon mode
--default-ulimit=[] Set default ulimits for containers
--dns=[] DNS server to use
--dns-search=[] DNS search domains to use
-e, --exec-driver=native Exec driver to use
--fixed-cidr= IPv4 subnet for fixed IPs
--fixed-cidr-v6= IPv6 subnet for fixed IPs
-G, --group=docker Group for the unix socket
-g, --graph=/var/lib/docker Root of the Docker runtime
-H, --host=[] Daemon socket(s) to connect to
-h, --help=false Print usage
--icc=true Enable inter-container communication
--insecure-registry=[] Enable insecure registry communication
--ip=0.0.0.0 Default IP when binding container ports
--ip-forward=true Enable net.ipv4.ip_forward
--ip-masq=true Enable IP masquerading
--iptables=true Enable addition of iptables rules
--ipv6=false Enable IPv6 networking
-l, --log-level=info Set the logging level
--label=[] Set key=value labels to the daemon
--log-driver=json-file Containers logging driver
--mtu=0 Set the containers network MTU
-p, --pidfile=/var/run/docker.pid Path to use for daemon PID file
--registry-mirror=[] Preferred Docker registry mirror
-s, --storage-driver= Storage driver to use
--selinux-enabled=false Enable selinux support
--storage-opt=[] Set storage driver options
--tls=false Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify=false Use TLS and verify the remote
-v, --version=false Print version information and quit
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an image
images List images
import Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
pause Pause all processes within a container
ps List containers
pull Pull an image or a repository from a Docker registry server
push Push an image or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image to a tar archive
search Search for an image on the Docker Hub
start Start a stopped container
stats Display a stream of a containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
View Code docker run --hep:
[iyunv@elk01 conf]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
-a, --attach=[] Attach to STDIN, STDOUT or STDERR
--add-host=[] Add a custom host-to-IP mapping (host:ip)
-c, --cpu-shares=0 CPU shares (relative weight)
--cap-add=[] Add Linux capabilities
--cap-drop=[] Drop Linux capabilities
--cgroup-parent= Optional parent cgroup for the container
--cidfile= Write the container ID to the file
--cpuset-cpus= CPUs in which to allow execution (0-3, 0,1)
-d, --detach=false Run container in background and print container ID
--device=[] Add a host device to the container
--dns=[] Set custom DNS servers
--dns-search=[] Set custom DNS search domains
-e, --env=[] Set environment variables
--entrypoint= Overwrite the default ENTRYPOINT of the image
--env-file=[] Read in a file of environment variables
--expose=[] Expose a port or a range of ports
-h, --hostname= Container host name
--help=false Print usage
-i, --interactive=false Keep STDIN open even if not attached
--ipc= IPC namespace to use
-l, --label=[] Set meta data on a container
--label-file=[] Read in a line delimited file of labels
--link=[] Add link to another container
--log-driver= Logging driver for container
--lxc-conf=[] Add custom lxc options
-m, --memory= Memory limit
--mac-address= Container MAC address (e.g. 92:d0:c6:0a:29:33)
--memory-swap= Total memory (memory + swap), '-1' to disable swap
--name= Assign a name to the container
--net=bridge Set the Network mode for the container
-P, --publish-all=false Publish all exposed ports to random ports
-p, --publish=[] Publish a container's port(s) to the host
--pid= PID namespace to use
--privileged=false Give extended privileges to this container
--read-only=false Mount the container's root filesystem as read only
--restart=no Restart policy to apply when a container exits
--rm=false Automatically remove the container when it exits
--security-opt=[] Security Options
--sig-proxy=true Proxy received signals to the process
-t, --tty=false Allocate a pseudo-TTY
-u, --user= Username or UID (format: <name|uid>[:<group|gid>])
--ulimit=[] Ulimit options
-v, --volume=[] Bind mount a volume
--volumes-from=[] Mount volumes from the specified container(s)
-w, --workdir= Working directory inside the container
View Code |
QQ群⑧:
窥视卡
雷达卡
发表于 2017-11-20 19:14:07
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡