Docker鏡像管理
鏡像的結(jié)構(gòu)
img
docker鏡像是一個典型的分層結(jié)構(gòu)
只有最上面一層是可寫的 其他都是只讀的固化到鏡像的
每次推送都是增量的
img
鏡像名稱的結(jié)構(gòu)
${registry_ name}/${repository. name}/${image. name}:${tag. name}
例如:
docker.io/library/alpine:3.10.1
登陸到dokcer.io
[root@alice ~]# docker login docker.io
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: mmdghh
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@alice ~]#
查看已經(jīng)登陸的信息
[root@alice ~]# cat /root/.docker/config.json
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "5bCP5LiR56uf5Zyo5oiR6Lqr6L65"
}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.09.5 (linux)"
}
}[root@alice ~]#
注: 此處的密碼可以用echo "5bCP5LiR56uf5Zyo5oiR6Lqr6L65" |base64 -d 進行解碼
搜索鏡像
[root@alice ~]# docker search alpine
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
alpine A minimal Docker image based on Alpine Linux… 7047 [OK]
mhart/alpine-node Minimal Node.js built on Alpine Linux 478
anapsix/alpine-java Oracle Java 8 (and 7) with GLIBC 2.28 over A… 466 [OK]
frolvlad/alpine-glibc Alpine Docker image with glibc (~12MB) 251 [OK]
gliderlabs/alpine Image based on Alpine Linux will help you wi… 183
alpine/git A simple git container running in alpine li… 161 [OK]
mvertes/alpine-mongo light MongoDB container 117 [OK]
yobasystems/alpine-mariadb MariaDB running on Alpine Linux [docker] [am… 79 [OK]
alpine/socat Run socat command in alpine container 62 [OK]
kiasaki/alpine-postgres PostgreSQL docker image based on Alpine Linux 45 [OK]
davidcaste/alpine-tomcat Apache Tomcat 7/8 using Oracle Java 7/8 with… 43 [OK]
jfloff/alpine-python A small, more complete, Python Docker image … 38 [OK]
byrnedo/alpine-curl Alpine linux with curl installed and set as … 34 [OK]
hermsi/alpine-sshd Dockerize your OpenSSH-server with rsync and… 32 [OK]
zenika/alpine-chrome Chrome running in headless mode in a tiny Al… 27 [OK]
hermsi/alpine-fpm-php FPM-PHP 7.0 to 8.0, shipped along with tons … 25 [OK]
etopian/alpine-php-wordpress Alpine WordPress Nginx PHP-FPM WP-CLI 24 [OK]
bashell/alpine-bash Alpine Linux with /bin/bash as a default she… 18 [OK]
davidcaste/alpine-java-unlimited-jce Oracle Java 8 (and 7) with GLIBC 2.21 over A… 13 [OK]
roribio16/alpine-sqs Dockerized ElasticMQ server + web UI over Al… 11 [OK]
spotify/alpine Alpine image with `bash` and `curl`. 11 [OK]
cfmanteiga/alpine-bash-curl-jq Docker Alpine image with Bash, curl and jq p… 6 [OK]
ellerbrock/alpine-mysql-client MySQL Client based on Alpine Linux 1 [OK]
bushrangers/alpine-caddy Alpine Linux Docker Container running Caddys… 1 [OK]
dwdraju/alpine-curl-jq Alpine Docker Image with curl, jq, bash 0 [OK]
[root@alice ~]#
拉取鏡像
如果不指定tag 默認下載最新版本 latest
[root@alice ~]# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
801bfaa63ef2: Pull complete
Digest: sha256:3c7497bf0c7af93428242d6176e8f7905f2201d8fc5861f45be7a346b5f23436
Status: Downloaded newer image for alpine:latest
[root@alice ~]#
也可以指定版本下載
[root@alice ~]# docker pull alpine:3.10.3
3.10.3: Pulling from library/alpine
89d9c30c1d48: Pull complete
Digest: sha256:c19173c5ada610a5989151111163d28a67368362762534d8a8121ce95cf2bd5a
Status: Downloaded newer image for alpine:3.10.3
[root@alice ~]# docker pull docker.io/library/alpine:3.10.3
3.10.3: Pulling from library/alpine
Digest: sha256:c19173c5ada610a5989151111163d28a67368362762534d8a8121ce95cf2bd5a
Status: Image is up to date for alpine:3.10.3
[root@alice ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
alpine 3.10.3 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]#
如果使用官方的docker.io 可以不寫前面的docker.io/library/ 因為默認就是公開的 如果是自己的或者其他倉庫 需要寫全
給鏡像打tag(標簽)
[root@alice ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
alpine 3.10.3 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]# docker tag 965ea09ff2eb docker.io/mmdghh/alpine:v3.10.3
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
alpine 3.10.3 965ea09ff2eb 14 months ago 5.55MB
mmdghh/alpine v3.10.3 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]#
IMAGE ID一樣的話說明鏡像是一樣的 前面的tag只是一個指針 就像軟鏈接
推送到遠程倉庫
[root@alice ~]# docker push docker.io/mmdghh/alpine:v3.10.3
The push refers to repository [docker.io/mmdghh/alpine]
77cae8ab23bf: Mounted from library/alpine
received unexpected HTTP status: 504 Gateway Time-out
[root@alice ~]# vim /etc/docker/daemon.json
[root@alice ~]# docker push docker.io/mmdghh/alpine:v3.10.3
The push refers to repository [docker.io/mmdghh/alpine]
77cae8ab23bf: Mounted from library/alpine
Head https://registry-1.docker.io/v2/mmdghh/alpine/blobs/sha256:965ea09ff2ebd2b9eeec88cd822ce156f6674c7e99be082c7efac3c62f3ff652: net/http: TLS handshake timeout
[root@alice ~]# docker push docker.io/mmdghh/alpine:v3.10.3
The push refers to repository [docker.io/mmdghh/alpine]
77cae8ab23bf: Mounted from library/alpine
Post https://registry-1.docker.io/v2/mmdghh/alpine/blobs/uploads/: net/http: TLS handshake timeout
[root@alice ~]# docker push docker.io/mmdghh/alpine:v3.10.3
The push refers to repository [docker.io/mmdghh/alpine] # 能推送的原因是之前登陸過了
77cae8ab23bf: Layer already exists
v3.10.3: digest: sha256:e4355b66995c96b4b468159fc5c7e3540fcef961189ca13fee877798649f531a size: 528
[root@alice ~]#
前面幾次都失敗了 因為網(wǎng)絡(luò)不穩(wěn)定
推送后可以在網(wǎng)頁看到對應(yīng)的鏡像
img
img
推送一個latest版本
[root@alice ~]# docker tag 965ea09ff2eb docker.io/mmdghh/alpine:latest
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
alpine 3.10.3 965ea09ff2eb 14 months ago 5.55MB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
mmdghh/alpine v3.10.3 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]# docker push docker.io/mmdghh/alpine:latest
The push refers to repository [docker.io/mmdghh/alpine]
77cae8ab23bf: Layer already exists # 這層已經(jīng)存在 不會重復推送(增量)
latest: digest: sha256:e4355b66995c96b4b468159fc5c7e3540fcef961189ca13fee877798649f531a size: 528
[root@alice ~]#
img
刪除鏡像
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
alpine 3.10.3 965ea09ff2eb 14 months ago 5.55MB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
mmdghh/alpine v3.10.3 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]# docker rmi 965ea09ff2eb
Error response from daemon: conflict: unable to delete 965ea09ff2eb (must be forced) - image is referenced in multiple repositories #這個ID有多個tag 所以需要用-f 來刪除
[root@alice ~]# docker rmi -f 965ea09ff2eb
Untagged: alpine:3.10.3
Untagged: alpine@sha256:c19173c5ada610a5989151111163d28a67368362762534d8a8121ce95cf2bd5a 先去掉tag再刪除
Untagged: mmdghh/alpine:latest
Untagged: mmdghh/alpine:v3.10.3
Untagged: mmdghh/alpine@sha256:e4355b66995c96b4b468159fc5c7e3540fcef961189ca13fee877798649f531a
Deleted: sha256:965ea09ff2ebd2b9eeec88cd822ce156f6674c7e99be082c7efac3c62f3ff652
Deleted: sha256:77cae8ab23bf486355d1b3191259705374f4a11d483b24964d2f729dd8c076a0
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
[root@alice ~]#
上面的刪除操作只是刪除了本地的鏡像,不會對遠程倉庫的鏡像產(chǎn)生影響
img
[root@alice ~]# docker pull docker.io/mmdghh/alpine
Using default tag: latest
latest: Pulling from mmdghh/alpine
89d9c30c1d48: Pull complete
Digest: sha256:e4355b66995c96b4b468159fc5c7e3540fcef961189ca13fee877798649f531a
Status: Downloaded newer image for mmdghh/alpine:latest
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]#
容器的基本操作
查看所有容器
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5895a16fb3d hello-world "/hello" 34 seconds ago Exited (0) 33 seconds ago hopeful_edison
[root@alice ~]#
啟動容器(運行鏡像)
docker run是日常用的最頻繁用的命令之一烛谊,同樣也是較為復雜的命令之一
命令格式: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
OPTIONS :選項
-i
:表示啟動-一個可交互的容器风响, 并持續(xù)打開標準輸入
-t
:表示使用終端關(guān)聯(lián)到容器的標準輸入輸出上
-d
:表示將容器放置后臺運行
--rm
:退出后即刪除容器
--name
:表示定義容器唯一名稱
IMAGE
:表示要運行的鏡像
COMMAND
:表示啟動容器時要運行的命令*
ARG
:參數(shù)
交互式啟動容器
[root@alice ~]# docker run -it mmdghh/alpine:latest
/ #
/ # ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
47: eth0@if48: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:18:26:02 brd ff:ff:ff:ff:ff:ff
inet 172.24.38.2/24 brd 172.24.38.255 scope global eth0 # 之前/etc/docker/daemon.json寫了網(wǎng)段地址
valid_lft forever preferred_lft forever
/ # [root@alice ~]#
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
facbbda54346 mmdghh/alpine:latest "/bin/sh" 2 minutes ago Exited (130) 6 seconds ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 18 minutes ago Exited (0) 18 minutes ago hopeful_edison
[root@alice ~]#
這里退出之后容器就掛了 因為init為1的進程沒有夯住 執(zhí)行完就退出了
非交互式啟動容器
[root@alice ~]# docker run -d --name alpine_sleep docker.io/mmdghh/alpine:latest /bin/sleep 300
ac75ed049d2a2a3020310a3bb24496d4c72aae76a4a71449cb3c37c589df9395
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ac75ed049d2a mmdghh/alpine:latest "/bin/sleep 300" 21 seconds ago Up 20 seconds alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 12 minutes ago Exited (130) 9 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 27 minutes ago Exited (0) 27 minutes ago hopeful_edison
[root@alice ~]#
這里有進程夯住之后 容器就不會掛掉了
在宿主機查看進程
[root@alice ~]# ps aux |grep sleep|grep -v grep
root 20957 0.0 0.0 1540 248 ? Ss 16:30 0:00 /bin/sleep 300
[root@alice ~]#
docker用了宿主機的內(nèi)核 所以雖然是隔離的 但是在宿主機仍然可以查看到docker的進程 而且有自己的pid
進入容器
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 33 seconds ago Up 32 seconds alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 18 minutes ago Exited (130) 16 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 33 minutes ago Exited (0) 33 minutes ago hopeful_edison
[root@alice ~]# docker exec -it 06fbbee401aa /bin/sh
/ # ps aux
PID USER TIME COMMAND
1 root 0:00 /bin/sleep 300
6 root 0:00 /bin/sh
11 root 0:00 ps aux
/ #
[root@alice ~]# docker exec -it alpine_sleep /bin/sh # 也可以使用容器的名稱進入
/ #
容器的啟動/停止/重啟
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 2 minutes ago Up 2 minutes alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 20 minutes ago Exited (130) 17 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 35 minutes ago Exited (0) 35 minutes ago hopeful_edison
[root@alice ~]# docker stop 06fbbee401aa
06fbbee401aa
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 2 minutes ago Exited (137) 4 seconds ago alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 20 minutes ago Exited (130) 18 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 36 minutes ago Exited (0) 36 minutes ago hopeful_edison
[root@alice ~]# docker start 06fbbee401aa
06fbbee401aa
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 3 minutes ago Up 1 second alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 21 minutes ago Exited (130) 18 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 36 minutes ago Exited (0) 36 minutes ago hopeful_edison
[root@alice ~]# docker restart 06fbbee401aa
06fbbee401aa
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 3 minutes ago Up 3 seconds alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 21 minutes ago Exited (130) 19 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 36 minutes ago Exited (0) 36 minutes ago hopeful_edison
[root@alice ~]# docker restart alpine_sleep # 可以用名字也可以用ID
alpine_sleep
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 4 minutes ago Up 3 seconds alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 22 minutes ago Exited (130) 19 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 37 minutes ago Exited (0) 37 minutes ago hopeful_edison
[root@alice ~]#
在宿主機和容器之間傳輸文件
docker cp container_id:/tmp/xxx.txt .
刪除容器
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 5 minutes ago Up About a minute alpine_sleep
facbbda54346 mmdghh/alpine:latest "/bin/sh" 23 minutes ago Exited (130) 21 minutes ago nostalgic_bartik
f5895a16fb3d hello-world "/hello" 39 minutes ago Exited (0) 39 minutes ago hopeful_edison
[root@alice ~]# docker rm facbbda54346
facbbda54346
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
06fbbee401aa mmdghh/alpine:latest "/bin/sleep 300" 5 minutes ago Up About a minute alpine_sleep
f5895a16fb3d hello-world "/hello" 39 minutes ago Exited (0) 39 minutes ago hopeful_edison
[root@alice ~]# docker rm 06fbbee401aa # 正在運行的容器需要用-f 來強制刪除
Error response from daemon: You cannot remove a running container 06fbbee401aaad02da272f920dcb264d539187121f962c6bb3dea5acb90321dd. Stop the container before attempting removal or force remove
[root@alice ~]# docker rm -f 06fbbee401aa
06fbbee401aa
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f5895a16fb3d hello-world "/hello" 39 minutes ago Exited (0) 39 minutes ago hopeful_edison
[root@alice ~]#
刪除所有未在運行的容器
docker rmdocker ps -a -q``
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9072af8ca86b mmdghh/alpine:latest "/bin/sh" 55 seconds ago Exited (0) 54 seconds ago nifty_dirac
a21628344d61 mmdghh/alpine:latest "/bin/sleep 30" About a minute ago Exited (0) 31 seconds ago blissful_varahamihira
9c494e9667b9 mmdghh/alpine:latest "/bin/sleep 300" About a minute ago Up About a minute alpine_sleep
f5895a16fb3d hello-world "/hello" 42 minutes ago Exited (0) 42 minutes ago hopeful_edison
[root@alice ~]# docker ps -a -q
9072af8ca86b
a21628344d61
9c494e9667b9
f5895a16fb3d
[root@alice ~]# docker rm `docker ps -a -q`
9072af8ca86b
a21628344d61
f5895a16fb3d
Error response from daemon: You cannot remove a running container 9c494e9667b9b560563d64fbbe245b881985c910ccb721dba5df906688d5280f. Stop the container before attempting removal or force remove
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9c494e9667b9 mmdghh/alpine:latest "/bin/sleep 300" About a minute ago Up About a minute alpine_sleep
[root@alice ~]#
如果需要刪除所有容器 包括正在進行的容器,加上-f即可(慎重)
保存鏡像
[root@alice ~]# docker run -d --name alpine_sleep docker.io/mmdghh/alpine:latest /bin/sleep 300s
c3d1aa7a1bc2df47f47621f16e420883b334ef8e242349f1f734ad9cb4533968
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3d1aa7a1bc2 mmdghh/alpine:latest "/bin/sleep 300s" 5 seconds ago Up 4 seconds alpine_sleep
[root@alice ~]# docker exec -it c3d1aa7a1bc2 /bin/sh
/ # ls
bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # echo "hello world" >1.txt
/ # ls
1.txt bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # [root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3d1aa7a1bc2 mmdghh/alpine:latest "/bin/sleep 300s" 45 seconds ago Up 44 seconds alpine_sleep
[root@alice ~]# docker run -it docker.io/mmdghh/alpine:latest /bin/sh
/ # ls
bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ #
寫入到容器的文件并不會保存在鏡像里
-p 保存到執(zhí)行命令這一時刻的內(nèi)容 之后更新的不會報錯
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3d1aa7a1bc2 mmdghh/alpine:latest "/bin/sleep 300s" 5 minutes ago Up 4 minutes alpine_sleep
[root@alice ~]# docker commit -p alpine_sleep docker.io/mmdghh/alpine:v_1.txt
sha256:11be5214792460b1e258a6d6e7dbca5dccfddce0d438c0ad9b04d78b147006e0
[root@alice ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mmdghh/alpine v_1.txt 11be52147924 8 seconds ago 5.55MB
alpine latest 389fef711851 3 weeks ago 5.58MB
hello-world latest bf756fb1ae65 12 months ago 13.3kB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice ~]# docker run -it docker.io/mmdghh/alpine:v_1.txt /bin/sh
/ # ls
1.txt bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # cat 1.txt
hello world
/ # [root@alice ~]#
導入導出鏡像
導出: docker save image_name/image_id > xxx.tar
導入: docker load -i xxx.tar 或 docker load < xxx.tar
tip: 如果你導出的時候名稱用了:記得導入的時候用\轉(zhuǎn)義
[root@alice tmp]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mmdghh/alpine v_1.txt 11be52147924 10 minutes ago 5.55MB
alpine latest 389fef711851 3 weeks ago 5.58MB
hello-world latest bf756fb1ae65 12 months ago 13.3kB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice tmp]# docker save 11be52147924 > mmdghh_alpine_v_1.txt.tar
[root@alice tmp]# ll mmdghh_alpine_v_1.txt.tar
-rw-r--r-- 1 root root 5829632 Jan 10 17:18 mmdghh_alpine_v_1.txt.tar
[root@alice tmp]# docker rmi mmdghh/alpine:v_1.txt -f
Untagged: mmdghh/alpine:v_1.txt
Deleted: sha256:11be5214792460b1e258a6d6e7dbca5dccfddce0d438c0ad9b04d78b147006e0
[root@alice tmp]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest 389fef711851 3 weeks ago 5.58MB
hello-world latest bf756fb1ae65 12 months ago 13.3kB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice tmp]# docker load < mmdghh_alpine_v_1.txt.tar
Loaded image ID: sha256:11be5214792460b1e258a6d6e7dbca5dccfddce0d438c0ad9b04d78b147006e0
[root@alice tmp]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 11be52147924 12 minutes ago 5.55MB
alpine latest 389fef711851 3 weeks ago 5.58MB
hello-world latest bf756fb1ae65 12 months ago 13.3kB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice tmp]# docker tag 11be52147924 docker.io/mmdghh/alpine:v_1.txt
[root@alice tmp]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mmdghh/alpine v_1.txt 11be52147924 12 minutes ago 5.55MB
alpine latest 389fef711851 3 weeks ago 5.58MB
hello-world latest bf756fb1ae65 12 months ago 13.3kB
mmdghh/alpine latest 965ea09ff2eb 14 months ago 5.55MB
[root@alice tmp]# docker run -it docker.io/mmdghh/alpine:v_1.txt /bin/sh
/ # ls
1.txt bin dev etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # cat 1.txt
hello world
/ #
查看容器日志
docker logs container_id/``container_name [-f]
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee20554ab3e9 mmdghh/alpine:v_1.txt "/bin/sh" 5 minutes ago Exited (130) 12 seconds ago sharp_hopper
8735b44becfe mmdghh/alpine:v_1.txt "/bin/sh" 16 minutes ago Exited (0) 16 minutes ago pensive_mclean
f2123463239b mmdghh/alpine:v_1.txt "/bin/sh" 18 minutes ago Exited (0) 18 minutes ago happy_bartik
c3d1aa7a1bc2 mmdghh/alpine:latest "/bin/sleep 300s" 25 minutes ago Exited (0) 19 minutes ago alpine_sleep
[root@alice ~]# docker logs ee20554ab3e9
查看容器的詳細信息
docker inspect container_name/container_di
下面有例子
args
端口映射
-p host_port:container_port
[root@alice ~]# docker pull nginx:1.12.2
1.12.2: Pulling from library/nginx
f2aa67a397c4: Pull complete
e3eaf3d87fe0: Pull complete
38cb13c1e4c9: Pull complete
Digest: sha256:72daaf46f11cc753c4eab981cbf869919bd1fee3d2170a2adeac12400f494728
Status: Downloaded newer image for nginx:1.12.2
[root@alice ~]# docker images |grep nginx
nginx 1.12.2 4037a5562b03 2 years ago 108MB
[root@alice ~]# docker run -d --name nginx -p 83:80 nginx:1.12.2
6ce9e4bb303b754a576d3bf587e0aaec7e3749a3d20f1e40f43c734b28196c67
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6ce9e4bb303b nginx:1.12.2 "nginx -g 'daemon of…" 4 seconds ago Up 3 seconds 0.0.0.0:83->80/tcp nginx
[root@alice ~]#
img
掛載目錄
-v host_path:container_path
[root@alice ~]# docker pull nginx:1.12.2
1.12.2: Pulling from library/nginx
f2aa67a397c4: Pull complete
e3eaf3d87fe0: Pull complete
38cb13c1e4c9: Pull complete
Digest: sha256:72daaf46f11cc753c4eab981cbf869919bd1fee3d2170a2adeac12400f494728
Status: Downloaded newer image for nginx:1.12.2
[root@alice ~]# docker images |grep nginx
nginx 1.12.2 4037a5562b03 2 years ago 108MB
[root@alice ~]# docker run -d --name nginx -p 83:80 nginx:1.12.2
6ce9e4bb303b754a576d3bf587e0aaec7e3749a3d20f1e40f43c734b28196c67
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6ce9e4bb303b nginx:1.12.2 "nginx -g 'daemon of…" 4 seconds ago Up 3 seconds 0.0.0.0:83->80/tcp nginx
[root@alice ~]#
[root@alice ~]# mkdir html
[root@alice ~]# cd html/
[root@alice html]# wget www.baidu.com -O index.html
--2021-01-10 17:54:31-- http://www.baidu.com/
Resolving www.baidu.com (www.baidu.com)... 220.181.38.149, 220.181.38.150
Connecting to www.baidu.com (www.baidu.com)|220.181.38.149|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2381 (2.3K) [text/html]
Saving to: ‘index.html’
100%[===================================================================================================================>] 2,381 --.-K/s in 0s
2021-01-10 17:54:31 (264 MB/s) - ‘index.html’ saved [2381/2381]
[root@alice html]# cat index.html
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css><title>百度一下丹禀,你就知道</title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus></span><span class="bg s_btn_wr"><input type=submit id=su value=百度一下 class="bg s_btn"></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新聞</a> <a href=http://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地圖</a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>視頻</a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>貼吧</a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登錄</a> </noscript> <script>document.write('<a + encodeURIComponent(window.location.href+ (window.location.search === "" ? "?" : "&")+ "bdorz_come=1")+ '" name="tj_login" class="lb">登錄</a>');</script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;">更多產(chǎn)品</a> </div> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com>關(guān)于百度</a> <a href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>©2017 Baidu <a href=http://www.baidu.com/duty/>使用百度前必讀</a> <a href=http://jianyi.baidu.com/ class=cp-feedback>意見反饋</a> 京ICP證030173號 <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>
[root@alice html]# docker run -d --name nginx_with_baidu -p 84:80 -v /root/html:/usr/share/nginx/html nginx:1.12.2
acf79798ce19fdb6e584723d0ab1cc057508082466f6b9be92acc19eca737699
[root@alice html]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acf79798ce19 nginx:1.12.2 "nginx -g 'daemon of…" 7 seconds ago Up 5 seconds 0.0.0.0:84->80/tcp nginx_with_baidu
6ce9e4bb303b nginx:1.12.2 "nginx -g 'daemon of…" 6 minutes ago Up 6 minutes 0.0.0.0:83->80/tcp nginx
[root@alice html]# docker exec -it acf79798ce19 /bin/bash
root@acf79798ce19:/# ls /usr/share/nginx/html/
index.html
img
查看掛載的詳細信息
[root@alice html]# docker inspect nginx_with_baidu |grep -A 9 'Mounts'
"Mounts": [
{
"Type": "bind",
"Source": "/root/html",
"Destination": "/usr/share/nginx/html",
"Mode": "",
"RW": true,
"Propagation": "rprivate"
}
],
[root@alice html]#
傳遞環(huán)境變量
-e ``variate_name=``variate_value
[root@alice ~]# docker run --rm -e E_OPTS=qwert docker.io/mmdghh/alpine:latest printenv
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=62db172fe9da
E_OPTS=qwert
HOME=/root
[root@alice ~]# docker run --rm -e E_OPTS=qwert -e C_OPTS=12345 docker.io/mmdghh/alpine:latest printenv #傳遞多個變量
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=3ac265a1cf85
E_OPTS=qwert
C_OPTS=12345
HOME=/root
[root@alice ~]#
容器內(nèi)下載軟件
紅帽系 yum
debian系 apt-get
alpine apt
進入容器并且下載
[root@alice ~]# docker exec -it nginx_with_baidu /bin/bash
root@acf79798ce19:/# curl
bash: curl: command not found
root@acf79798ce19:/# exit
[root@alice ~]# docker exec -it nginx_with_baidu /bin/bash
root@acf79798ce19:/# tee /etc/apt/sources.list << EOF
> deb http://mirrors.163.com/debian/ jessie main non-free contrib
> deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib
> EOF
deb http://mirrors.163.com/debian/ jessie main non-free contrib
deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib
root@acf79798ce19:/# cat /etc/apt/sources.list
deb http://mirrors.163.com/debian/ jessie main non-free contrib
deb http://mirrors.163.com/debian/ jessie-updates main non-free contrib
root@acf79798ce19:/# apt-get update && apt-get install curl -y
Ign:1 http://mirrors.163.com/debian jessie InRelease
Get:2 http://mirrors.163.com/debian jessie-updates InRelease [16.3 kB]
Get:3 http://mirrors.163.com/debian jessie Release [77.3 kB]
Get:4 http://mirrors.163.com/debian jessie Release.gpg [1652 B]
Get:5 http://mirrors.163.com/debian jessie/main amd64 Packages [9098 kB]
Get:6 http://mirrors.163.com/debian jessie/non-free amd64 Packages [101 kB]
Get:7 http://mirrors.163.com/debian jessie/contrib amd64 Packages [59.2 kB]
Fetched 9353 kB in 1s (4951 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ca-certificates krb5-locales libcurl3 libffi6 libgmp10 libgnutls-deb0-28 libgssapi-krb5-2 libhogweed2 libidn11 libk5crypto3 libkeyutils1 libkrb5-3
libkrb5support0 libldap-2.4-2 libnettle4 libp11-kit0 librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libssh2-1 libssl1.0.0 libtasn1-6 openssl
Suggested packages:
gnutls-bin krb5-doc krb5-user libsasl2-modules-otp libsasl2-modules-ldap libsasl2-modules-sql libsasl2-modules-gssapi-mit
| libsasl2-modules-gssapi-heimdal
The following NEW packages will be installed:
ca-certificates curl krb5-locales libcurl3 libffi6 libgmp10 libgnutls-deb0-28 libgssapi-krb5-2 libhogweed2 libidn11 libk5crypto3 libkeyutils1 libkrb5-3
libkrb5support0 libldap-2.4-2 libnettle4 libp11-kit0 librtmp1 libsasl2-2 libsasl2-modules libsasl2-modules-db libssh2-1 libssl1.0.0 libtasn1-6 openssl
0 upgraded, 25 newly installed, 0 to remove and 1 not upgraded.
Need to get 7883 kB of archives.
After this operation, 15.2 MB of additional disk space will be used.
Get:1 http://mirrors.163.com/debian jessie/main amd64 libssl1.0.0 amd64 1.0.1t-1+deb8u8 [1044 kB]
Get:2 http://mirrors.163.com/debian jessie/main amd64 libgmp10 amd64 2:6.0.0+dfsg-6 [253 kB]
Get:3 http://mirrors.163.com/debian jessie/main amd64 libnettle4 amd64 2.7.1-5+deb8u2 [176 kB]
Get:4 http://mirrors.163.com/debian jessie/main amd64 libhogweed2 amd64 2.7.1-5+deb8u2 [125 kB]
Get:5 http://mirrors.163.com/debian jessie/main amd64 libffi6 amd64 3.1-2+deb8u1 [20.2 kB]
Get:6 http://mirrors.163.com/debian jessie/main amd64 libp11-kit0 amd64 0.20.7-1 [81.2 kB]
Get:7 http://mirrors.163.com/debian jessie/main amd64 libtasn1-6 amd64 4.2-3+deb8u3 [49.2 kB]
Get:8 http://mirrors.163.com/debian jessie/main amd64 libgnutls-deb0-28 amd64 3.3.8-6+deb8u7 [696 kB]
Get:9 http://mirrors.163.com/debian jessie/main amd64 libkeyutils1 amd64 1.5.9-5+b1 [12.0 kB]
Get:10 http://mirrors.163.com/debian jessie/main amd64 libkrb5support0 amd64 1.12.1+dfsg-19+deb8u4 [59.4 kB]
Get:11 http://mirrors.163.com/debian jessie/main amd64 libk5crypto3 amd64 1.12.1+dfsg-19+deb8u4 [116 kB]
Get:12 http://mirrors.163.com/debian jessie/main amd64 libkrb5-3 amd64 1.12.1+dfsg-19+deb8u4 [303 kB]
Get:13 http://mirrors.163.com/debian jessie/main amd64 libgssapi-krb5-2 amd64 1.12.1+dfsg-19+deb8u4 [152 kB]
Get:14 http://mirrors.163.com/debian jessie/main amd64 libidn11 amd64 1.29-1+deb8u2 [136 kB]
Get:15 http://mirrors.163.com/debian jessie/main amd64 libsasl2-modules-db amd64 2.1.26.dfsg1-13+deb8u1 [67.1 kB]
Get:16 http://mirrors.163.com/debian jessie/main amd64 libsasl2-2 amd64 2.1.26.dfsg1-13+deb8u1 [105 kB]
Get:17 http://mirrors.163.com/debian jessie/main amd64 libldap-2.4-2 amd64 2.4.40+dfsg-1+deb8u4 [218 kB]
Get:18 http://mirrors.163.com/debian jessie/main amd64 librtmp1 amd64 2.4+20150115.gita107cef-1+deb8u1 [60.0 kB]
Get:19 http://mirrors.163.com/debian jessie/main amd64 libssh2-1 amd64 1.4.3-4.1+deb8u1 [125 kB]
Get:20 http://mirrors.163.com/debian jessie/main amd64 libcurl3 amd64 7.38.0-4+deb8u11 [260 kB]
Get:21 http://mirrors.163.com/debian jessie/main amd64 krb5-locales all 1.12.1+dfsg-19+deb8u4 [2649 kB]
Get:22 http://mirrors.163.com/debian jessie/main amd64 openssl amd64 1.0.1t-1+deb8u8 [664 kB]
Get:23 http://mirrors.163.com/debian jessie/main amd64 ca-certificates all 20141019+deb8u3 [207 kB]
Get:24 http://mirrors.163.com/debian jessie/main amd64 curl amd64 7.38.0-4+deb8u11 [201 kB]
Get:25 http://mirrors.163.com/debian jessie/main amd64 libsasl2-modules amd64 2.1.26.dfsg1-13+deb8u1 [101 kB]
Fetched 7883 kB in 1s (4228 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libssl1.0.0:amd64.
(Reading database ... 7027 files and directories currently installed.)
Preparing to unpack .../00-libssl1.0.0_1.0.1t-1+deb8u8_amd64.deb ...
Unpacking libssl1.0.0:amd64 (1.0.1t-1+deb8u8) ...
Selecting previously unselected package libgmp10:amd64.
Preparing to unpack .../01-libgmp10_2%3a6.0.0+dfsg-6_amd64.deb ...
Unpacking libgmp10:amd64 (2:6.0.0+dfsg-6) ...
Selecting previously unselected package libnettle4:amd64.
Preparing to unpack .../02-libnettle4_2.7.1-5+deb8u2_amd64.deb ...
Unpacking libnettle4:amd64 (2.7.1-5+deb8u2) ...
Selecting previously unselected package libhogweed2:amd64.
Preparing to unpack .../03-libhogweed2_2.7.1-5+deb8u2_amd64.deb ...
Unpacking libhogweed2:amd64 (2.7.1-5+deb8u2) ...
Selecting previously unselected package libffi6:amd64.
Preparing to unpack .../04-libffi6_3.1-2+deb8u1_amd64.deb ...
Unpacking libffi6:amd64 (3.1-2+deb8u1) ...
Selecting previously unselected package libp11-kit0:amd64.
Preparing to unpack .../05-libp11-kit0_0.20.7-1_amd64.deb ...
Unpacking libp11-kit0:amd64 (0.20.7-1) ...
Selecting previously unselected package libtasn1-6:amd64.
Preparing to unpack .../06-libtasn1-6_4.2-3+deb8u3_amd64.deb ...
Unpacking libtasn1-6:amd64 (4.2-3+deb8u3) ...
Selecting previously unselected package libgnutls-deb0-28:amd64.
Preparing to unpack .../07-libgnutls-deb0-28_3.3.8-6+deb8u7_amd64.deb ...
Unpacking libgnutls-deb0-28:amd64 (3.3.8-6+deb8u7) ...
Selecting previously unselected package libkeyutils1:amd64.
Preparing to unpack .../08-libkeyutils1_1.5.9-5+b1_amd64.deb ...
Unpacking libkeyutils1:amd64 (1.5.9-5+b1) ...
Selecting previously unselected package libkrb5support0:amd64.
Preparing to unpack .../09-libkrb5support0_1.12.1+dfsg-19+deb8u4_amd64.deb ...
Unpacking libkrb5support0:amd64 (1.12.1+dfsg-19+deb8u4) ...
Selecting previously unselected package libk5crypto3:amd64.
Preparing to unpack .../10-libk5crypto3_1.12.1+dfsg-19+deb8u4_amd64.deb ...
Unpacking libk5crypto3:amd64 (1.12.1+dfsg-19+deb8u4) ...
Selecting previously unselected package libkrb5-3:amd64.
Preparing to unpack .../11-libkrb5-3_1.12.1+dfsg-19+deb8u4_amd64.deb ...
Unpacking libkrb5-3:amd64 (1.12.1+dfsg-19+deb8u4) ...
Selecting previously unselected package libgssapi-krb5-2:amd64.
Preparing to unpack .../12-libgssapi-krb5-2_1.12.1+dfsg-19+deb8u4_amd64.deb ...
Unpacking libgssapi-krb5-2:amd64 (1.12.1+dfsg-19+deb8u4) ...
Selecting previously unselected package libidn11:amd64.
Preparing to unpack .../13-libidn11_1.29-1+deb8u2_amd64.deb ...
Unpacking libidn11:amd64 (1.29-1+deb8u2) ...
Selecting previously unselected package libsasl2-modules-db:amd64.
Preparing to unpack .../14-libsasl2-modules-db_2.1.26.dfsg1-13+deb8u1_amd64.deb ...
Unpacking libsasl2-modules-db:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Selecting previously unselected package libsasl2-2:amd64.
Preparing to unpack .../15-libsasl2-2_2.1.26.dfsg1-13+deb8u1_amd64.deb ...
Unpacking libsasl2-2:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Selecting previously unselected package libldap-2.4-2:amd64.
Preparing to unpack .../16-libldap-2.4-2_2.4.40+dfsg-1+deb8u4_amd64.deb ...
Unpacking libldap-2.4-2:amd64 (2.4.40+dfsg-1+deb8u4) ...
Selecting previously unselected package librtmp1:amd64.
Preparing to unpack .../17-librtmp1_2.4+20150115.gita107cef-1+deb8u1_amd64.deb ...
Unpacking librtmp1:amd64 (2.4+20150115.gita107cef-1+deb8u1) ...
Selecting previously unselected package libssh2-1:amd64.
Preparing to unpack .../18-libssh2-1_1.4.3-4.1+deb8u1_amd64.deb ...
Unpacking libssh2-1:amd64 (1.4.3-4.1+deb8u1) ...
Selecting previously unselected package libcurl3:amd64.
Preparing to unpack .../19-libcurl3_7.38.0-4+deb8u11_amd64.deb ...
Unpacking libcurl3:amd64 (7.38.0-4+deb8u11) ...
Selecting previously unselected package krb5-locales.
Preparing to unpack .../20-krb5-locales_1.12.1+dfsg-19+deb8u4_all.deb ...
Unpacking krb5-locales (1.12.1+dfsg-19+deb8u4) ...
Selecting previously unselected package openssl.
Preparing to unpack .../21-openssl_1.0.1t-1+deb8u8_amd64.deb ...
Unpacking openssl (1.0.1t-1+deb8u8) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../22-ca-certificates_20141019+deb8u3_all.deb ...
Unpacking ca-certificates (20141019+deb8u3) ...
Selecting previously unselected package curl.
Preparing to unpack .../23-curl_7.38.0-4+deb8u11_amd64.deb ...
Unpacking curl (7.38.0-4+deb8u11) ...
Selecting previously unselected package libsasl2-modules:amd64.
Preparing to unpack .../24-libsasl2-modules_2.1.26.dfsg1-13+deb8u1_amd64.deb ...
Unpacking libsasl2-modules:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Setting up libssl1.0.0:amd64 (1.0.1t-1+deb8u8) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Setting up libsasl2-modules-db:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Setting up libsasl2-2:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Setting up libtasn1-6:amd64 (4.2-3+deb8u3) ...
Setting up libgmp10:amd64 (2:6.0.0+dfsg-6) ...
Setting up libssh2-1:amd64 (1.4.3-4.1+deb8u1) ...
Setting up krb5-locales (1.12.1+dfsg-19+deb8u4) ...
Setting up libnettle4:amd64 (2.7.1-5+deb8u2) ...
Setting up openssl (1.0.1t-1+deb8u8) ...
Setting up libffi6:amd64 (3.1-2+deb8u1) ...
Setting up libkeyutils1:amd64 (1.5.9-5+b1) ...
Setting up libsasl2-modules:amd64 (2.1.26.dfsg1-13+deb8u1) ...
Setting up ca-certificates (20141019+deb8u3) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base .) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Updating certificates in /etc/ssl/certs... 174 added, 0 removed; done.
Setting up libidn11:amd64 (1.29-1+deb8u2) ...
Setting up libhogweed2:amd64 (2.7.1-5+deb8u2) ...
Setting up libkrb5support0:amd64 (1.12.1+dfsg-19+deb8u4) ...
Setting up libp11-kit0:amd64 (0.20.7-1) ...
Setting up libgnutls-deb0-28:amd64 (3.3.8-6+deb8u7) ...
Setting up libk5crypto3:amd64 (1.12.1+dfsg-19+deb8u4) ...
Setting up librtmp1:amd64 (2.4+20150115.gita107cef-1+deb8u1) ...
Setting up libldap-2.4-2:amd64 (2.4.40+dfsg-1+deb8u4) ...
Setting up libkrb5-3:amd64 (1.12.1+dfsg-19+deb8u4) ...
Setting up libgssapi-krb5-2:amd64 (1.12.1+dfsg-19+deb8u4) ...
Setting up libcurl3:amd64 (7.38.0-4+deb8u11) ...
Setting up curl (7.38.0-4+deb8u11) ...
Processing triggers for ca-certificates (20141019+deb8u3) ...
Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d....done.
root@acf79798ce19:/# curl -k https://www.baidu.com
<!DOCTYPE html>
<!--STATUS OK--><html> <head><meta http-equiv=content-type content=text/html;charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet type=text/css href=https://ss1.bdstatic.com/5eN1bjq8AAUYm2zgoY3K/r/www/cache/bdorz/baidu.min.css><title>百度一下状勤,你就知道</title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt value maxlength=255 autocomplete=off autofocus=autofocus></span><span class="bg s_btn_wr"><input type=submit id=su value=百度一下 class="bg s_btn" autofocus></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews class=mnav>新聞</a> <a href=https://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com name=tj_trmap class=mnav>地圖</a> <a href=http://v.baidu.com name=tj_trvideo class=mnav>視頻</a> <a href=http://tieba.baidu.com name=tj_trtieba class=mnav>貼吧</a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u=http%3A%2F%2Fwww.baidu.com%2f%3fbdorz_come%3d1 name=tj_login class=lb>登錄</a> </noscript> <script>document.write('<a + encodeURIComponent(window.location.href+ (window.location.search === "" ? "?" : "&")+ "bdorz_come=1")+ '" name="tj_login" class="lb">登錄</a>');
</script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;">更多產(chǎn)品</a> </div> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com>關(guān)于百度</a> <a href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>©2017 Baidu <a href=http://www.baidu.com/duty/>使用百度前必讀</a> <a href=http://jianyi.baidu.com/ class=cp-feedback>意見反饋</a> 京ICP證030173號 <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>
安裝好后commit并且推送到倉庫
[root@alice ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acf79798ce19 nginx:1.12.2 "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:84->80/tcp nginx_with_baidu
6ce9e4bb303b nginx:1.12.2 "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:83->80/tcp nginx
[root@alice ~]# docker commit -p acf79798ce19 mmdghh/nginx:curl
sha256:84b7a98f5ee209f0139febe7cac04a7edaaca7254ddf1c043e8ac779504204ba
[root@alice ~]# docker push docker.io/mmdghh/nginx:curl
The push refers to repository [docker.io/mmdghh/nginx]
bbadc5b62281: Pushed
4258832b2570: Mounted from library/nginx
683a28d1d7fd: Pushed
d626a8ad97a1: Mounted from library/nginx
curl: digest: sha256:f86f97bacf0ff37e3cc09f98dfb8153c486ee1e8bb9caad5046ed6aa58c43c50 size: 1160
[root@alice ~]#
img
dockerfile
Dockerfile 是一個文本文件,其內(nèi)包含了一條條的 指令(Instruction)双泪,每一條指令構(gòu)建一層持搜,因此每一條指令的內(nèi)容,就是描述該層應(yīng)當如何構(gòu)建焙矛。
注: 本文中大部分來自《Docker從入門到實踐》如有難懂的地方請移駕原書地址
dockerfile的編寫
在一個空白目錄中葫盼,建立一個文本文件,并命名為 Dockerfile:
$ mkdir mynginx
$ cd mynginx
$ touch Dockerfile
其內(nèi)容為
FROM nginx
RUN echo '<h1>Hello, Docker!</h1>' > /usr/share/nginx/html/index.html
注意事項
由于dockerfile中每一個指令都會建立一層村斟,每一個 RUN 的行為剪返,會新建立一層,在其上執(zhí)行這些命令邓梅,執(zhí)行結(jié)束后脱盲,commit 這一層的修改,構(gòu)成新的鏡像日缨。鏡像是多層存儲钱反,每一層的東西并不會在下一層被刪除,會一直跟隨著鏡像匣距。因此鏡像構(gòu)建時面哥,一定要確保每一層只添加真正需要添加的東西,任何無關(guān)的東西都應(yīng)該清理掉毅待。(安裝包尚卫、緩存等)
Dockerfile 支持 Shell 類的行尾添加 \ 的命令換行方式,以及行首 # 進行注釋的格式尸红。良好的格式吱涉,比如換行刹泄、縮進、注釋等怎爵,會讓維護特石、排障更為容易,這是一個比較好的習慣鳖链。
eg:
FROM debian:stretch
RUN buildDeps='gcc libc6-dev make wget' \
&& apt-get update \
&& apt-get install -y $buildDeps \
&& wget -O redis.tar.gz "http://download.redis.io/releases/redis-5.0.3.tar.gz" \
&& mkdir -p /usr/src/redis \
&& tar -xzf redis.tar.gz -C /usr/src/redis --strip-components=1 \
&& make -C /usr/src/redis \
&& make -C /usr/src/redis install \
&& rm -rf /var/lib/apt/lists/* \
&& rm redis.tar.gz \
&& rm -r /usr/src/redis \
&& apt-get purge -y --auto-remove $buildDeps
構(gòu)建鏡像
命令格式為docker build [選項] <上下文路徑/URL/->
在 Dockerfile 文件所在目錄執(zhí)行:
[root@supercomputer]# docker build -t nginx:v3 .
Sending build context to Docker daemon 2.048 kB
Step 1 : FROM nginx
---> e43d811ce2f4
Step 2 : RUN echo '<h1>Hello, Docker!</h1>' > /usr/share/nginx/html/index.html
---> Running in 9cdc27646c7b
---> 44aa4490ce2c
Removing intermediate container 9cdc27646c7b
Successfully built 44aa4490ce2c
在這里我們指定了最終鏡像的名稱 -t nginx:v3
上下文路徑
docker build 命令最后有一個 .姆蘸。. 表示當前目錄,但是這里的當前目錄指的并非是dockerfile所在的路徑docker build -t nginx:v3 . 中的這個 .芙委,實際上是在指定上下文的目錄逞敷,docker build 命令會將該目錄下的內(nèi)容打包交給 Docker 引擎以幫助構(gòu)建鏡像。
一般來說灌侣,應(yīng)該會將 Dockerfile 置于一個空目錄下推捐,或者項目根目錄下。如果該目錄下沒有所需文件顶瞳,那么應(yīng)該把所需文件復制一份過來玖姑。如果目錄下有些東西確實不希望構(gòu)建時傳給 Docker 引擎,那么可以用 .gitignore 一樣的語法寫一個 .dockerignore慨菱,該文件是用于剔除不需要作為上下文傳遞給 Docker 引擎的焰络。
Dockerfile 指令詳解
FROM 指定基礎(chǔ)鏡像
FROM 就是指定 基礎(chǔ)鏡像,因此一個 Dockerfile 中 FROM 是必備的指令符喝,并且必須是第一條指令闪彼。
除了選擇現(xiàn)有鏡像為基礎(chǔ)鏡像外,Docker 還存在一個特殊的鏡像协饲,名為 scratch畏腕。這個鏡像是虛擬的概念,并不實際存在茉稠,它表示一個空白的鏡像描馅。
FROM scratch
...
如果你以 scratch 為基礎(chǔ)鏡像的話, 意味著你不以任何鏡像為基礎(chǔ), 接下來所寫的指令將作為鏡像第一層開始存在.
不以任何系統(tǒng)為基礎(chǔ), 直接將可執(zhí)行文件復制進鏡像的做法并不罕見, 比如 swarm, etcd. 對于 Linux 下靜態(tài)編譯的程序來說, 并不需要有操作系統(tǒng)提供運行時支持, 所需的一切庫都已經(jīng)在可執(zhí)行文件里了, 因此直接 FROM scratch 會讓鏡像體積更加小巧. 使用 Go 語言 開發(fā)的應(yīng)用很多會使用這種方式來制作鏡像, 這也是為什么有人認為 Go 是特別適合容器微服務(wù)架構(gòu)的語言的原因之一.
RUN 執(zhí)行命令
shell 格式:RUN <命令>,就像直接在命令行中輸入的命令一樣
注意要簡化命令 避免多次使用run 并且在最后清理安裝包等 詳見:注意事項
COPY 復制文件
格式:
COPY [--chown=<user>:<group>] <源路徑>... <目標路徑>
COPY [--chown=<user>:<group>] ["<源路徑1>",... "<目標路徑>"]
COPY 指令將從構(gòu)建上下文目錄中 <源路徑> 的文件/目錄復制到新的一層的鏡像內(nèi)的 <目標路徑> 位置而线。比如:
COPY package.json /usr/src/app/
COPY hom* /mydir/
COPY hom?.txt /mydir/
<源路徑> 可以是多個铭污,甚至可以是通配符
<目標路徑> 可以是容器內(nèi)的絕對路徑,也可以是相對于工作目錄的相對路徑(工作目錄可以用 WORKDIR 指令來指定)膀篮。目標路徑不需要事先創(chuàng)建嘹狞,如果目錄不存在會在復制文件前先行創(chuàng)建缺失目錄。
注: 使用 COPY 指令誓竿,源文件的各種元數(shù)據(jù)都會保留磅网。比如讀、寫筷屡、執(zhí)行權(quán)限涧偷、文件變更時間等簸喂。
ADD 更高級的復制文件
ADD 指令和 COPY 的格式和性質(zhì)基本一致。如果 <源路徑> 為一個 tar 壓縮文件的話嫂丙,壓縮格式為 gzip, bzip2 以及 xz 的情況下娘赴,ADD 指令將會自動解壓縮這個壓縮文件到 <目標路徑> 去规哲。
因此在 COPY 和 ADD 指令中選擇的時候跟啤,可以遵循這樣的原則,所有的文件復制均使用 COPY 指令唉锌,僅在需要自動解壓縮的場合使用 ADD隅肥。
在使用該指令的時候還可以加上 --chown=<user>:<group> 選項來改變文件的所屬用戶及所屬組。
ADD --chown=55:mygroup files* /mydir/
ADD --chown=bin files* /mydir/
ADD --chown=1 files* /mydir/
ADD --chown=10:11 files* /mydir/
CMD 容器啟動命令
CMD 指令的格式和 RUN 相似袄简,也是兩種格式:
shell格式:CMD <命令>exec格式:CMD ["可執(zhí)行文件", "參數(shù)1", "參數(shù)2"...]參數(shù)列表格式:
CMD ["參數(shù)1", "參數(shù)2"...]腥放。在指定了ENTRYPOINT指令后,用CMD指定具體的參數(shù)绿语。
之前介紹容器的時候曾經(jīng)說過秃症,Docker 不是虛擬機,容器就是進程吕粹。既然是進程种柑,那么在啟動容器的時候,需要指定所運行的程序及參數(shù)匹耕。CMD 指令就是用于指定默認的容器主進程的啟動命令的聚请。
在運行時可以指定新的命令來替代鏡像設(shè)置中的這個默認命令,比如稳其,ubuntu 鏡像默認的 CMD 是 /bin/bash驶赏,如果我們直接 docker run -it ubuntu 的話,會直接進入 bash既鞠。我們也可以在運行時指定運行別的命令煤傍,如 docker run -it ubuntu cat /etc/os-release。這就是用 cat /etc/os-release 命令替換了默認的 /bin/bash 命令了嘱蛋,輸出了系統(tǒng)版本信息蚯姆。
在指令格式上,一般推薦使用 exec 格式浑槽,這類格式在解析時會被解析為 JSON 數(shù)組蒋失,因此一定要使用雙引號 ",而不要使用單引號桐玻。
如果使用 shell 格式的話篙挽,實際的命令會被包裝為 sh -c 的參數(shù)的形式進行執(zhí)行。比如:
CMD echo $HOME
在實際執(zhí)行中镊靴,會將其變更為:
CMD [ "sh", "-c", "echo $HOME" ]
這就是為什么我們可以使用環(huán)境變量的原因铣卡,因為這些環(huán)境變量會被 shell 進行解析處理链韭。
提到 CMD 就不得不提容器中應(yīng)用在前臺執(zhí)行和后臺執(zhí)行的問題。這是初學者常出現(xiàn)的一個混淆煮落。
Docker 不是虛擬機敞峭,容器中的應(yīng)用都應(yīng)該以前臺執(zhí)行,而不是像虛擬機蝉仇、物理機里面那樣旋讹,用 systemd 去啟動后臺服務(wù),容器內(nèi)沒有后臺服務(wù)的概念轿衔。
一些初學者將 CMD 寫為:
CMD service nginx start
然后發(fā)現(xiàn)容器執(zhí)行后就立即退出了沉迹。甚至在容器內(nèi)去使用 systemctl 命令結(jié)果卻發(fā)現(xiàn)根本執(zhí)行不了。這就是因為沒有搞明白前臺害驹、后臺的概念鞭呕,沒有區(qū)分容器和虛擬機的差異,依舊在以傳統(tǒng)虛擬機的角度去理解容器宛官。
對于容器而言葫松,其啟動程序就是容器應(yīng)用進程,容器就是為了主進程而存在的底洗,主進程退出腋么,容器就失去了存在的意義,從而退出枷恕,其它輔助進程不是它需要關(guān)心的東西党晋。
而使用 service nginx start 命令,則是希望 upstart 來以后臺守護進程形式啟動 nginx 服務(wù)徐块。而剛才說了 CMD service nginx start 會被理解為 CMD [ "sh", "-c", "service nginx start"]未玻,因此主進程實際上是 sh。那么當 service nginx start 命令結(jié)束后胡控,sh 也就結(jié)束了扳剿,sh 作為主進程退出了,自然就會令容器退出昼激。
正確的做法是直接執(zhí)行 nginx 可執(zhí)行文件庇绽,并且要求以前臺形式運行。比如:
CMD ["nginx", "-g", "daemon off;"]
ENTRYPOINT 入口點
ENTRYPOINT 的格式和 RUN 指令格式一樣橙困,分為 exec 格式和 shell 格式瞧掺。
ENTRYPOINT 的目的和 CMD 一樣,都是在指定容器啟動程序及參數(shù)凡傅。ENTRYPOINT 在運行時也可以替代辟狈,不過比 CMD 要略顯繁瑣,需要通過 docker run 的參數(shù) --entrypoint 來指定。
當指定了 ENTRYPOINT 后哼转,CMD 的含義就發(fā)生了改變明未,不再是直接的運行其命令,而是將 CMD 的內(nèi)容作為參數(shù)傳給 ENTRYPOINT 指令
ENTRYPOINT的兩種用法
ENTRYPOINT [ "curl", "-s", "https://ip.cn" ]
docker run myip -i # 相當于在后面加了參數(shù) 不會改變原來的命令
ENTRYPOINT ["docker-entrypoint.sh"] #此腳本要add進去并且添加執(zhí)行權(quán)限
CMD [ "redis-server" ]
執(zhí)行時候就是相當于執(zhí)行docker-entrypoint.sh redis-server
相當于帶參數(shù)的腳本 比如 mysql 類的數(shù)據(jù)庫壹蔓,可能需要一些數(shù)據(jù)庫配置趟妥、初始化的工作,這些工作要在最終的 mysql 服務(wù)器運行之前解決佣蓉。
參考鏈接:ENTRYPOINT入口點
ENV 設(shè)置環(huán)境變量
格式有兩種:
ENV <key> <value>ENV <key1>=<value1> <key2>=<value2>...
這個指令很簡單披摄,就是設(shè)置環(huán)境變量而已,無論是后面的其它指令偏螺,如 RUN行疏,還是運行時的應(yīng)用匆光,都可以直接使用這里定義的環(huán)境變量套像。
ENV VERSION=1.0 DEBUG=on \
NAME="Happy Feet" #有空格用引號
ARG 構(gòu)建參數(shù)
VOLUME 定義匿名卷
EXPOSE 暴露端口
格式為 EXPOSE <端口1> [<端口2>...]。
EXPOSE 指令是聲明運行時容器提供服務(wù)端口终息,這只是一個聲明夺巩,在運行時并不會因為這個聲明應(yīng)用就會開啟這個端口的服務(wù)。在 Dockerfile 中寫入這樣的聲明有兩個好處周崭,一個是幫助鏡像使用者理解這個鏡像服務(wù)的守護端口柳譬,以方便配置映射;另一個用處則是在運行時使用隨機端口映射時续镇,也就是 docker run -P 時美澳,會自動隨機映射 EXPOSE 的端口。
WORKDIR 指定工作目錄
格式為 WORKDIR <工作目錄路徑>摸航。
使用 WORKDIR 指令可以來指定工作目錄(或者稱為當前目錄)制跟,以后各層的當前目錄就被改為指定的目錄,如該目錄不存在酱虎,WORKDIR 會幫你建立目錄雨膨。
USER 指定當前用戶
格式:USER <用戶名>[:<用戶組>]
USER 指令和 WORKDIR 相似,都是改變環(huán)境狀態(tài)并影響以后的層读串。WORKDIR 是改變工作目錄聊记,USER 則是改變之后層的執(zhí)行 RUN, CMD 以及 ENTRYPOINT 這類命令的身份。
當然恢暖,和 WORKDIR 一樣排监,USER 只是幫助你切換到指定用戶而已,這個用戶必須是事先建立好的杰捂,否則無法切換舆床。
RUN groupadd -r redis && useradd -r -g redis redis
USER redis
RUN [ "redis-server" ]
如果以 root 執(zhí)行的腳本,在執(zhí)行期間希望改變身份琼娘,比如希望以某個已經(jīng)建立好的用戶來運行某個服務(wù)進程峭弟,不要使用 su 或者 sudo附鸽,這些都需要比較麻煩的配置,而且在 TTY 缺失的環(huán)境下經(jīng)常出錯瞒瘸。建議使用 gosu坷备。
# 建立 redis 用戶,并使用 gosu 換另一個用戶執(zhí)行命令
RUN groupadd -r redis && useradd -r -g redis redis
# 下載 gosu
RUN wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64" \
&& chmod +x /usr/local/bin/gosu \
&& gosu nobody true
# 設(shè)置 CMD情臭,并以另外的用戶執(zhí)行
CMD [ "exec", "gosu", "redis", "redis-server" ]
為什么要用gosu省撑?
- gosu啟動命令時只有一個進程,所以docker容器啟動時使用gosu俯在,那么該進程可以做到PID等于1竟秫;
- sudo啟動命令時先創(chuàng)建sudo進程,然后該進程作為父進程去創(chuàng)建子進程跷乐,1號PID被sudo進程占據(jù)肥败;
參考文章:docker與gosu
HEALTHCHECK 健康檢查
ONBUILD 為他人作嫁衣裳
鏡像優(yōu)化
此處筆記為簡單記錄 詳情請參閱附件
??Docker鏡像優(yōu)化:從1.16GB到22.4MB.html
第一步優(yōu)化:使用輕量化基礎(chǔ)鏡像
相較于基于其他 Linux 發(fā)行版(例如 Ubuntu)的鏡像,基于 Alpine 或 BusyBox 的鏡像非常小愕提。這是因為 Alpine 鏡像和類似的其他鏡像都經(jīng)過了優(yōu)化馒稍,其中僅包含最少的必須的軟件包。
第二步優(yōu)化:多階段構(gòu)建
通過多階段構(gòu)建浅侨,我們可以在 Dockerfile 中使用多個基礎(chǔ)鏡像纽谒,并將編譯成品、配置文件等從一個階段復制到另一個階段如输,這樣我們就可以丟棄不需要的東西鼓黔。
img
Docker的四種網(wǎng)絡(luò)模型
NAT(默認)
None
不使用網(wǎng)絡(luò)
使用方法
--net=none
多用于不對外提供網(wǎng)絡(luò)接口的服務(wù)
host
和宿主機共享一個網(wǎng)絡(luò)空間
使用方法
--net=host
聯(lián)合網(wǎng)絡(luò)
和另一個容器共享網(wǎng)絡(luò)空間
使用方法
--net=container:container_id
