目錄
一、概述
二、Docker的安裝
三、Docker的的常用命令
- 3.1 鏡像常用指令練習(xí)
- 3.2 容器常用指令練習(xí)
一堪澎、概述
什么是容器
容器技術(shù)已經(jīng)成為應(yīng)用程序封裝和交付的核心技術(shù)
容器技術(shù)的核心有以下幾個(gè)內(nèi)核技術(shù)組成:
--Cgroups(Control Groups) 資源管理
--NameSpace 進(jìn)程隔離
--SElinux 安全
由于在物理機(jī)上實(shí)施隔離,啟動(dòng)一個(gè)容器,可以像啟動(dòng)一個(gè)進(jìn)程一樣快速
什么是Docker
Docker是完整的一套容器管理系統(tǒng)
Docker提供了一組命令,讓用戶更加方便直接地使用容器技術(shù),而不需要過多關(guān)心底層內(nèi)核技術(shù)
Docker優(yōu)點(diǎn)
相比于傳統(tǒng)的虛擬化技術(shù),容器更加簡潔高效
傳統(tǒng)虛擬機(jī)需要給每個(gè)VM安裝操作系統(tǒng)
容器使用的共享公共庫和程序
Docker缺點(diǎn)
容器的隔離性沒有虛擬化強(qiáng)
共用Linux內(nèi)核,安全性有先天缺陷
SElinux難以駕馭
監(jiān)控容器和容器排錯(cuò)是挑戰(zhàn)
二、Docker的安裝
安裝前準(zhǔn)備
操作系統(tǒng) Linux CentOS 7.5
關(guān)閉防火墻(不是必須,避免引發(fā)一些防火墻導(dǎo)致的問題)
系統(tǒng)版本
[root@docker01 ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
Docker的安裝可以通過配置yum源或下載安裝包安裝以下通過yum源方式安裝
1.配置yum源 安裝docker
打開官網(wǎng)找到適配系統(tǒng)的yum源 按提示安裝即可,yum源站點(diǎn)在國外如果因?yàn)榫W(wǎng)絡(luò)原因安裝失敗,換成下載安裝包安裝
官網(wǎng):https://docs.docker.com/engine/install/centos/
$ sudo yum install -y yum-utils
$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
$ sudo yum install docker-ce docker-ce-cli containerd.io
[root@docker01 ~]# systemctl restart docker //開啟docker服務(wù)
[root@docker01 ~]# systemctl status docker //查看docker服務(wù)狀態(tài)
[root@docker01 ~]# systemctl enable docker //開啟docker服務(wù)開機(jī)啟動(dòng)
[root@docker01 ~]# ifconfig //有docker0說明環(huán)境部署完成
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:d5:18:74:94 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
三味滞、Docker的的常用命令
Docker鏡像常用命令
docker images 查看鏡像列表
docker history 查看鏡像制作歷史
docker inspect 查看鏡像底層信息
docker pull 下載鏡像
docker push 上傳鏡像
docker rmi 刪除本地鏡像
docker save 鏡像另存為tar包
docker load 使用tar包導(dǎo)入鏡像
docker search 搜索鏡像
docker tag 修改鏡像名稱和標(biāo)簽
Docker容器常用命令有哪些
docker run 運(yùn)行容器
docker ps 查看容器列表
docker stop 關(guān)閉容器
docker start 啟動(dòng)容器
docker restart 重啟容器
docker attach|exec 進(jìn)入容器
docker inspect 查看容器底層信息
docker top 查看容器進(jìn)程列表
docker rm 刪除容器
3.1 鏡像常用指令練習(xí)
默認(rèn)的鏡像倉庫為官方鏡像倉庫,上傳下載都會受到網(wǎng)絡(luò)速度的限制,為了方便管理鏡像,后期我們需要在本地搭建鏡像倉庫
1)搜索鏡像
[root@docker01 ~]# docker search nginx //搜索鏡像 帶OK 的是官方鏡像 更安全
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 13768 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1879 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 787 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS… 128
......
[root@docker01 ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 6202 [OK]
ansible/centos7-ansible Ansible on Centos7 132 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 121 [OK]
......
2)下載鏡像
[root@docker01 ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
d121f8d1c412: Pull complete
ebd81fc8c071: Pull complete
655316c160af: Pull complete
d15953c0e0f8: Pull complete
2ee525c5c3cc: Pull complete
Digest: sha256:c628b67d21744fce822d22fdcc0389f6bd763daac23a6b77147d0712ea7102d0
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
3)上傳鏡像 遠(yuǎn)程鏡像倉庫因?yàn)闆]有配置認(rèn)證 上傳被拒絕
[root@docker01 ~]# docker push docker.io/nginx
The push refers to repository [docker.io/library/nginx]
908cf8238301: Layer already exists
eabfa4cd2d12: Layer already exists
......
errors:
denied: requested access to the resource is denied
unauthorized: authentication required
4)查看鏡像列表
[root@docker01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 2 weeks ago 133MB
busybox latest 6858809bf669 2 weeks ago 1.23MB
centos latest 0d120b6ccaa8 6 weeks ago 215MB
5)導(dǎo)出鏡像
[root@docker01 ~]# docker save docker.io/nginx:latest -o nginx.tar
[root@docker01 ~]# ls
busybox.tar Desktop nginx.tar
6)刪除鏡像
[root@docker01 ~]# docker rmi docker.io/nginx
Untagged: nginx:latest
Untagged: nginx@sha256:c628b67d21744fce822d22fdcc0389f6bd763daac23a6b77147d0712ea7102d0
Deleted: sha256:7e4d58f0e5f3b60077e9a5d96b4be1b974b5a484f54f9393000a99f3b6816e3d
Deleted: sha256:eedfd37abc0b05520a719addf6675b372687fe9a2ed1746fa988335720d4376c
Deleted: sha256:4f052ddd517f6dc5b74d2f7d881838b8ec6a5e67ec7a1da8bbbe91e1e068ad3a
Deleted: sha256:5f78154d356577280e4ac0d9bf0d021d488828e57f953b011dcbadaecd539ce4
Deleted: sha256:db5783668220e16186080f3e9d69ad748aab8c72abb8e457f6fc45369461634b
Deleted: sha256:07cab433985205f29909739f511777a810f4a9aff486355b71308bb654cdc868
7)導(dǎo)入鏡像
[root@docker01 ~]# docker load -i nginx.tar
07cab4339852: Loading layer 72.49MB/72.49MB
f431d0917d41: Loading layer 64.31MB/64.31MB
60c688e8765e: Loading layer 3.072kB/3.072kB
eabfa4cd2d12: Loading layer 4.096kB/4.096kB
908cf8238301: Loading layer 3.584kB/3.584kB
Loaded image: nginx:latest
批量導(dǎo)入鏡像
[root@docker01 ~]# for i in *.tar; do docker load -i $i; done;
be8b8b42328a: Loading layer 1.45MB/1.45MB
Loaded image: busybox:latest
Loaded image: nginx:latest
[root@docker01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 12 days ago 133MB
busybox latest 6858809bf669 2 weeks ago 1.23MBM
8)查看centos鏡像歷史(制作過程)
[root@docker01 ~]# docker history docker.io/centos
IMAGE CREATED CREATED BY SIZE COMMENT
0d120b6ccaa8 6 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 6 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 6 weeks ago /bin/sh -c #(nop) ADD file:538afc0c5c964ce0d… 215MB
9)啟動(dòng)nginx的鏡像
[root@docker01 ~]# docker run -d docker.io/nginx
10)刪除鏡像樱蛤,啟動(dòng)容器時(shí)刪除鏡像會失敗钮呀,先刪除容器,再刪除鏡像
格式:docker rmi 鏡像名
[root@docker01 ~]# docker rmi nginx //刪除鏡像 報(bào)錯(cuò):
Error response from daemon: conflict: unable to remove repository reference "nginx" (must force) - container 47e0f88ff31ee is using its referenced image 7e4d58f0e5f3
[root@docker01 ~]# docker stop 47e //停止容器
47e
[root@docker01 ~]# docker rm 47e //再刪除容器
47e
[root@docker01 ~]# docker rmi docker.io/nginx //在刪除容器成功
[root@docker01 ~]# docker run -d docker.io/nginx //鏡像刪除后 運(yùn)行容器docker重新下載鏡像
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
d121f8d1c412: Pulling fs layer
ebd81fc8c071: Pulling fs layer
655316c160af: Download complete
d15953c0e0f8: Waiting
2ee525c5c3cc: Waiting
11)修改鏡像的名稱和標(biāo)簽,默認(rèn)標(biāo)簽為 v2
[root@docker01 ~]# docker tag docker.io/centos:latest docker.io/centos:v2
[root@docker01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 6858809bf669 2 weeks ago 1.23MB
centos latest 0d120b6ccaa8 6 weeks ago 215MB
centos v2 0d120b6ccaa8 6 weeks ago 215MB
12)查看鏡像的底層信息
[root@docker01 ~]# docker inspect docker.io/centos
[
{
"Id": "sha256:0d120b6ccaa8c5e149176798b3501d4dd1885f961922497cd0abef155c869566",
"RepoTags": [
"centos:latest",
"centos:v2"
],
......
3.2 容器常用指令練習(xí)
1)查看容器列表
[root@docker01 ~]# docker ps //查看后面運(yùn)行容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
47edcb784521 nginx "/docker-entrypoint.…" 55 seconds ago Up 54 seconds 80/tcp funny_faraday
[root@docker01 ~]# docker ps -q //查看后面運(yùn)行容器只顯示ID
47edcb784521
d1129361c6b1
[root@docker01 ~]# docker ps -a //查看所有容器包括沒有啟動(dòng)的
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
47edcb784521 nginx "/docker-entrypoint.…" About a minute ago Up About a minute 80/tcp funny_faraday
d1129361c6b1 centos "/bin/bash" 57 minutes ago Up 4 minutes blissful_poitras
45065a8f9abe centos "/bin/bash" 23 hours ago Exited (130) 23 hours ago relaxed_heisenberg
[root@docker01 ~]# docker ps -qa //只顯示所有容器ID
47edcb784521
d1129361c6b1
45065a8f9abe
2)啟動(dòng)centos鏡像生成一個(gè)容器
docker run -it 是交互 -itd是放入后臺運(yùn)行 像類似nginx的服務(wù)啟動(dòng)后沒有輸入 后面加 /bin/bash 交互的命令可不用加默認(rèn) latest /bin/bash會自動(dòng)補(bǔ)齊
[root@docker01 ~]# docker run -it docker.io/centos /bin/bash
[root@d1129361c6b1 /]# yum repolist //看查默認(rèn)的yum源 注意命令行前面變成了[root@d1129361c6b1 /] 說明已經(jīng)在容器里了
Failed to set locale, defaulting to C.UTF-8
repo id repo name
AppStream CentOS-8 - AppStream
BaseOS CentOS-8 - Base
extras CentOS-8 - Extras
[root@d1129361c6b1 /]# yum -y install net-tools //安裝軟件
[root@d1129361c6b1 /]# exit //退出
exit
3)連接容器 并保持后臺運(yùn)行 attach|exec
[root@docker01 ~]# docker ps //查看后臺運(yùn)行的容器 發(fā)現(xiàn)容器也跟著退出了
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
方式1 attach 按ctrl+p+q退出
[root@docker01 ~]# docker start d1 //開啟容器
d1
[root@docker01 ~]# docker attach d1 // attach進(jìn)入進(jìn)程,退出會關(guān)閉 按ctrl+p+q退出 可以保留程序
[root@d1129361c6b1 /]# read escape sequence
[root@docker01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1129361c6b1 centos "/bin/bash" About an hour ago Up 48 seconds blissful_poitras
方式2 exec
其中,-t 選項(xiàng)讓Docker分配一個(gè)偽終端(pseudo-tty)并綁定到容器的標(biāo)準(zhǔn)輸入上
-i 則讓容器的標(biāo)準(zhǔn)輸入保持打開
在交互模式下,用戶可以通過所創(chuàng)建的終端來輸入命令
[root@docker01 ~]# docker exec -it d1 /bin/bash
[root@d1129361c6b1 /]# exit
exit
[root@docker01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1129361c6b1 centos "/bin/bash" About an hour ago Up 10 seconds blissful_poitras
4)查看容器進(jìn)程列表
[root@docker01 ~]# docker top d1
UID PID PPID C STIME TTY TIME CMD
root 21336 21318 0 16:36 pts/0 00:00:00 /bin/bash
5)修改nginx的顯示內(nèi)容
[root@docker01 ~]# docker exec -it 47 /bin/bash
[root@47edcb784521:/# nginx -T /usr/share/nginx/html/
nginx: invalid option: "/usr/share/nginx/html/" //查找并顯示結(jié)果
[root@47edcb784521:/# echo aaa >/usr/share/nginx/html/index.html //修改主頁顯示的內(nèi)容
[root@47edcb784521:/# cat /usr/share/nginx/html/index.html
aaa
5)過濾查看mac和ip地址
[root@docker01 ~]# docker inspect -f '{{.NetworkSettings.MacAddress}}' 47
02:42:ac:11:00:03
[root@docker01 ~]# docker inspect -f '{{.NetworkSettings.IPAddress}}' 47
172.17.0.3
[root@docker01 ~]# curl 172.17.0.3
aaa
