[root@vm1 ~]# yum -y remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
[root@vm1 ~]# curl -o /etc/yum.repos.d/docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
[root@vm1 ~]# sed -i ‘s@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g‘ /etc/yum.repos.d/docker-ce.repo
[root@vm1 ~]# yum -y install docker-ce
[root@vm1]# ip a
...................................
3.docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:45:c5:bf:bf brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
firewall-cmd --permanent --zone=trusted --add-interface=docker0
firewall-cmd --reload
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
EOF
可以通过 docker COMMAND --help 来查看这些命令的具体用法。
[root@vm1 ~]# docker search --help
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print search using a Go template
--limit int Max number of search results (default 25)
--no-trunc Don‘t truncate output
[root@vm1 ~]# docker search --limit 3 nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 14242 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1933 [OK]
bitnami/nginx Bitnami nginx Docker Image 93 [OK]
## docker pull [选项] [Docker Registry 地址[:端口号]/]仓库名[:标签]
[root@vm1 ~]# docker pull --help
Options:
-a, --all-tags Download all tagged images in the repository
--disable-content-trust Skip image verification (default true)
--platform string Set platform if server is multi-platform capable
-q, --quiet
[root@vm1 yum.repos.d]# docker pull ubuntu:latest
Using default tag: latest
latest: Pulling from library/ubuntu
da7391352a9b: Pull complete
14428a6d4bcd: Pull complete
2c2d948710f2: Pull complete
Digest: sha256:c95a8e48bf88e9849f3e0f723d9f49fa12c5a00cfc6e60d2bc99d87555295e4c
Status: Downloaded newer image for ubuntu:latest
docker.io/library/ubuntu:latest
[root@vm1 ~]# docker push ubuntu:latest --help
Usage: docker push [OPTIONS] NAME[:TAG]
Options:
-a, --all-tags Push all tagged images in the repository
--disable-content-trust Skip image signing (default true)
-q, --quiet Suppress verbose output
[root@vm1 ~]# docker login --help
Options:
-p, --password string Password
--password-stdin Take the password from stdin
-u, --username string Username
[root@vm1 ~]# docker login -u xpengzong
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@vm1 ~]# docker logout
Removing login credentials for https://index.docker.io/v1/
[root@vm1 ~]# docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
Options:
-a, --all Show all images (default hides intermediate images)
--digests Show digests
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print images using a Go template
--no-trunc Don‘t truncate output
-q, --quiet Only show image IDs
[root@vm1 ~]# docker images -q
ae2feff98a0c
dd85cdbb9987
f643c72bc252
[root@vm1 ~]# docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
[root@vm1 ~]# docker images --no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest sha256:ae2feff98a0cc5095d97c6c283dcd33090770c76d63877caa99aefbbe4343bdd 2 weeks ago 133MB
httpd latest sha256:dd85cdbb99877b73f0de2053f225af590ab188d79469eebdb23ec2d26d0d10e8 3 weeks ago 138MB
ubuntu latest sha256:f643c72bc25212974c16f3348b3a898b1ec1eb13ec1539e10a103e6e217eb2f1 5 weeks ago 72.9MB
[root@vm1 ~]# docker images --format "{{.ID}}: {{.Repository}}"
ae2feff98a0c: nginx
dd85cdbb9987: httpd
f643c72bc252: ubuntu
[root@vm1 ~]# docker image --help
Usage: docker image COMMAND
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images ## 类似docker images
prune Remove unused images ## 删除仓库,标签为<none>的镜像
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
[root@vm1 ~]# docker build --help
Usage: docker build [OPTIONS] PATH | URL | -
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
--build-arg list Set build-time variables
--cache-from strings Images to consider as cache sources
--cgroup-parent string Optional parent cgroup for the container
--compress Compress the build context using gzip
--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--disable-content-trust Skip image verification (default true)
-f, --file string Name of the Dockerfile (Default is ‘PATH/Dockerfile‘)
--force-rm Always remove intermediate containers
--iidfile string Write the image ID to the file
--isolation string Container isolation technology
--label list Set metadata for an image
-m, --memory bytes Memory limit
--memory-swap bytes Swap limit equal to memory plus swap: ‘-1‘ to enable unlimited swap
--network string Set the networking mode for the RUN instructions during build (default "default")
--no-cache Do not use cache when building the image
--pull Always attempt to pull a newer version of the image
-q, --quiet Suppress the build output and print image ID on success
--rm Remove intermediate containers after a successful build (default true)
--security-opt strings Security options
--shm-size bytes Size of /dev/shm
-t, --tag list Name and optionally a tag in the ‘name:tag‘ format
--target string Set the target build stage to build.
--ulimit ulimit Ulimit options (default [])
[root@vm1 ~]# docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Options:
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Set commit message for imported image
--platform string Set platform if server is multi-platform capable
[root@vm1 ~]# docker load --help
Usage: docker load [OPTIONS]
Options:
-i, --input string Read from tar archive file, instead of STDIN
-q, --quiet Suppress the load output
[root@vm1 ~]# docker save --help
Usage: docker save [OPTIONS] IMAGE [IMAGE...]
Options:
-o, --output string Write to a file, instead of STDOUT
[root@vm1 ~]# docker history --help
Usage: docker history [OPTIONS] IMAGE
Options:
--format string Pretty-print images using a Go template
-H, --human Print sizes and dates in human readable format (default true)
--no-trunc Don‘t truncate output
-q, --quiet Only show image IDs
[root@vm1 ~]# docker history ubuntu:latest
IMAGE CREATED CREATED BY SIZE COMMENT
f643c72bc252 5 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 5 weeks ago /bin/sh -c mkdir -p /run/systemd && echo ‘do… 7B
<missing> 5 weeks ago /bin/sh -c [ -z "$(apt-get indextargets)" ] 0B
<missing> 5 weeks ago /bin/sh -c set -xe && echo ‘#!/bin/sh‘ > /… 811B
<missing> 5 weeks ago /bin/sh -c #(nop) ADD file:4f15c4475fbafb3fe… 72.9MB
[root@vm1 ~]# docker tag --help
Usage: docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
[root@vm1 ~]# docker tag ubuntu:latest ubuntu:new
[root@vm1 ~]# docker images ubuntu
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
ubuntu new f643c72bc252 5 weeks ago 72.9MB
删除行为分为两类,一类是 Untagged,另一类是 Deleted。并非所有的 docker [image] rmi 都会产生删除镜像的行为,有可能仅仅是取消了某个标签而已。当该镜像所有的标签都被取消了,该镜像很可能会失去了存在的意义,因此会触发删除行为。
[root@vm1 ~]# docker rmi --help
Usage: docker rmi [OPTIONS] IMAGE [IMAGE...]
Options:
-f, --force Force removal of the image
--no-prune Do not delete untagged parents
[root@vm1 ~]# docker rmi ubuntu:new
Untagged: ubuntu:new
[root@vm1 ~]# docker images
RPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ae2feff98a0c 2 weeks ago 133MB
httpd latest dd85cdbb9987 3 weeks ago 138MB
ubuntu latest f643c72bc252 5 weeks ago 72.9MB
[root@vm1 ~]# docker create --help
Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@vm1 ~]# docker create --name myhttpd httpd:latest
6e87940db6252f75b3b42296025b5eb4c6e7d875c3be24df8dccb4550a4a75ae
[root@vm1 ~]# docker start myhttpd
myhttpd
[root@vm1 ~]# curl 172.17.0.2
<html><body><h1>It works!</h1></body></html>
root@vm1 ~]# docker stop myhttpd
myhttpd
[root@vm1 ~]# curl 172.17.0.2
curl: (7) Failed to connect to 172.17.0.2 port 80: No route to host
[root@vm1 ~]# docker restart myhttpd
myhttpd
[root@vm1 ~]# curl 172.17.0.2
<html><body><h1>It works!</h1></body></html>
[root@vm1 ~]# docker pause --help
Usage: docker pause CONTAINER [CONTAINER...]
[root@vm1 ~]# docker kill --help
Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...]
Kill one or more running containers
Options:
-s, --signal string Signal to send to the container (default "KILL")
[root@vm1 ~]# docker kill -s KILL myhttpd
myhttpd
[root@vm1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@vm1 ~]# docker rm --help
Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
Options:
-f, --force Force the removal of a running container (uses SIGKILL)
-l, --link Remove the specified link
-v, --volumes Remove anonymous volumes associated with the container
[root@vm1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b074a635d737 httpd:latest "httpd-foreground" 56 seconds ago Created myhttpd
[root@vm1 ~]# docker rm myhttpd
myhttpd
[root@vm1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@vm1 ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
options:
-a stdin: 指定标准输入输出内容类型,可选 STDIN/STDOUT/STDERR 三项;
-d: 后台运行容器,并返回容器ID;
-i: 以交互模式运行容器,通常与 -t 同时使用;
-P: 随机端口映射,容器内部端口随机映射到主机的端口
-p: 指定端口映射,格式为:主机(宿主)端口:容器端口
-t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用;
--name="nginx-lb": 为容器指定一个名称;
.........................................
##运行后会卡住
[root@vm1 ~]# docker run --name mynginx -p 80:80 nginx:latest
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
172.17.0.1 - - [04/Jan/2021:14:55:49 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.61.1" "-"
##另一个终端
[root@vm1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@vm1 ~]# curl 172.17.0.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
##此时还可以访问宿主机的80端口
[wisan@fyj ~]$ curl 192.168.225.127
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
............................................
##同时也创建的这个容器
[root@vm1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c0c9456c81a6 nginx:latest "/docker-entrypoint.…" 7 minutes ago Exited (0) 23 seconds ago mynginx
[root@vm1 ~]# docker exec --help
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Options:
-d, --detach Detached mode: run command in the background
--detach-keys string Override the key sequence for detaching a container
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
-w, --workdir string Working directory inside the container
[root@vm1 ~]# docker run -it --name myubuntu ubuntu:latest
root@93ac0238f0b5:/# ls
bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@93ac0238f0b5:/#
##另外开启一个终端
[root@vm1 ~]# docker exec -it myubuntu /bin/echo hello
hello
[root@vm1 ~]# docker exec -it myubuntu /bin/bash
root@93ac0238f0b5:/# exit
exit
## exit退出时容器继续运行
[root@vm1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93ac0238f0b5 ubuntu:latest "/bin/bash" 3 minutes ago Up 3 minutes myubuntu
[root@vm1 ~]# docker ps --help
Usage: docker ps [OPTIONS]
Options:
-a, --all Show all containers (default shows just running)
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print containers using a Go template
-n, --last int Show n last created containers (includes all states) (default -1)
-l, --latest Show the latest created container (includes all states)
--no-trunc Don‘t truncate output
-q, --quiet Only display container IDs
-s, --size Display total file sizes
[root@vm1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e87940db625 httpd:latest "httpd-foreground" About a minute ago Created myhttpd
[root@vm1 ~]# docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
[root@vm1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e87940db625 httpd:latest "httpd-foreground" 5 minutes ago Created myhttpd
[root@vm1 ~]# docker inspect 6e87940db625|myhttpd
[
{
"Id": "6e87940db6252f75b3b42296025b5eb4c6e7d875c3be24df8dccb4550a4a75ae",
"Created": "2021-01-04T14:17:57.804700751Z",
"Path": "httpd-foreground",
"Args": [],
"State": {
.....................................................
"Networks": {
"bridge": {
..................................................
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
................................................
}
[root@vm1 ~]# docker top --help
Usage: docker top CONTAINER [ps OPTIONS]
[root@vm1 ~]# docker top myhttpd
UID PID PPID C STIME TTY TIME CMD
root 14099 14078 0 22:28 ? 00:00:00 httpd -DFOREGROUND
bin 14140 14099 0 22:28 ? 00:00:00 httpd -DFOREGROUND
bin 14141 14099 0 22:28 ? 00:00:00 httpd -DFOREGROUND
bin 14142 14099 0 22:28 ? 00:00:00
[root@vm1 ~]# docker attach --help
Usage: docker attach [OPTIONS] CONTAINER
Attach local standard input, output, and error streams to a running container
Options:
--detach-keys string Override the key sequence for detaching a container
--no-stdin Do not attach STDIN
--sig-proxy Proxy all received signals to the process (default true)
[root@vm1 ~]# docker attach myhttpd
##终止后,容器也会随之停止允许。不过若使用--sig-proxy=fasle,可以避免。
^C[Mon Jan 04 15:30:05.585055 2021] [mpm_event:notice] [pid 1:tid 139984462443648] AH00491: caught SIGTERM, shutting down
##另一个终端
[root@vm1 ~]# docker top myhttpd
UID PID PPID C STIME TTY TIME CMD
root 16434 16413 1 23:26 ? 00:00:00 httpd -DFOREGROUND
bin 16471 16434 0 23:26 ? 00:00:00 httpd -DFOREGROUND
bin 16472 16434 0 23:26 ? 00:00:00 httpd -DFOREGROUND
bin 16473 16434 0 23:26 ? 00:00:00 httpd -DFOREGROUND
[root@vm1 ~]# docker top myhttpd
Error response from daemon: Container 9968c21ea9623126f6090f26d424d955c8dfa1b641f27c6f6df75db48f1a3e0b is not running
[root@vm1 ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
-n, --tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
[root@vm1 ~]# docker logs myhttpd
AH00558: httpd: Could not reliably determine the server‘s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName‘ directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server‘s fully qualified domain name, using 172.17.0.2. Set the ‘ServerName‘ directive globally to suppress this message
[Mon Jan 04 15:22:25.668539 2021] [mpm_event:notice] [pid 1:tid 139848091227264] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations
[Mon Jan 04 15:22:25.669617 2021] [core:notice] [pid 1:tid 139848091227264] AH00094: Command line: ‘httpd -D FOREGROUND‘
172.17.0.1 - - [04/Jan/2021:15:23:00 +0000] "GET / HTTP/1.1" 200 45
[root@vm1 ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.0-docker)
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 3
Server Version: 20.10.1
Storage Driver: overlay2
Backing Filesystem: xfs
..........................
[root@vm1 ~]# docker version
Client: Docker Engine - Community
Version: 20.10.1
API version: 1.41
Go version: go1.13.15
Git commit: 831ebea
Built: Tue Dec 15 04:34:30 2020
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.1
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: f001486
Built: Tue Dec 15 04:32:21 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.19.0
GitCommit: de40ad0
原文:https://www.cnblogs.com/fyjpeng/p/14233304.html