學習筆記-Docker入門
文章目錄
Docker入門
Docker概述
技能列表
- Docker概述
- Docker安裝
- 映象命令
- 容器命令
- 操作命令
- …
- Docker映象!
- 容器資料卷!
- DockerFile
- Docker網路原理
- Docker Compose
- Docker Swarm
- CI\CD jenkins
docker run image
本地尋找映象,判斷是否存在,若沒有從Docker Hub下載,Docker Hub 可以找到,下載映象,回至本地映象倉庫,運行當前映象。
工作目錄
/var/lib/docker/
C\S結構,Docker Daemon(守護程序)執行在宿主機器上,客戶機藉助Socket訪問Server;Server負責接收,執行指令。
[外鏈圖片轉存失敗,源站可能有防盜鏈機制,建議將圖片儲存下來直接上傳(img-PW8WujYr-1609034086723)(Docker.assets/image-20201222213050171.png)]
Docker擁有更少的抽象層,docker利用的是Host的核心,vm需要Guest OS!
[外鏈圖片轉存失敗,源站可能有防盜鏈機制,建議將圖片儲存下來直接上傳(img-eDqOWylI-1609034086726)(Docker.assets/image-20201222214233615.png)]
阿里內網加速
- 安裝/升級Docker客戶端
推薦安裝1.10.0以上版本的Docker客戶端,參考文件 docker-ce
- 配置映象加速器(AlibabaCloud)
針對Docker客戶端版本大於 1.10.0 的使用者
您可以通過修改daemon配置檔案/etc/docker/daemon.json來使用加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json << -'EOF'
{
"registry-mirrors": ["https://abe2v8fb.mirror.aliyuncs.com"] 別複製,不同主機內網地址不同,阿里控制檯獲取
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
docker命令
[外鏈圖片轉存失敗,源站可能有防盜鏈機制,建議將圖片儲存下來直接上傳(img-Y8BUx9BX-1609034086727)(Docker.assets/image-20201225101902259.png)]
狀態類命令
docker run -it --name hw hello-world[:15.20] /bin/bash
-i : 允許對容器內地STDIN互動
-t : 在建立定容器內指定終端
–name : 為容器指定名字
[:15.20] : 版本號
/bin/bash or /bin/sh or any starting process command : 互動式命令,表示載入容器後執行bash
[[email protected] ~]# docker run -itd centos top
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ff53fa142c7c centos "top" 4 seconds ago Up 3 seconds festive_swanson
docker中必須要保持一個程序的執行,要不然整個容器啟動後就會馬上kill itself
docker run -d hello-world -c "while true; do echo hello-world; sleep 1; done"
-d : daemon以守護程序方式工作
-c : 啟動容器時執行的命令
以靜態方式檢視所有存在過的容器
[[email protected] ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a0bdd2d75ba7 hello-world "/bin/bash -c 'while…" 20 seconds ago Created sleepy_albattani
a77a692408f0 hello-world "-c 'while true; do …" 2 minutes ago Created vigilant_panini
以動態方式檢視執行中的容器
[[email protected] ~]# docker top --help
Usage: docker top CONTAINER [ps OPTIONS]
Status狀態有7種:
- created(已建立)
- restarting(重啟中)
- running 或 Up(執行中)
- removing(遷移中)
- paused(暫停)
- exited(停止)
- dead(死亡)
docker run images_name
執行一個映象
docker stop container_id
終止容器程序
docker start container_id
啟動容器
docker rm [-f] container_id
移除容器
docker restart <container_id>
重啟容器
docker kill <container_id>
殺死容器程序
在使用 -d 引數時,容器啟動後會進入後臺。此時想要進入容器,可以通過以下指令進入:
-
docker attach
-
Attach local standard input, output, and error streams to a running container
-
Usage:
docker attach [OPTIONS] CONTAINER
-
exit 容器則容器停止(ctrl+p+q可退出而不停止)
-
[[email protected] ~]# docker attach 9cb2c6310220
[[email protected] /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
- docker exec:推薦使用 docker exec 命令,因為此退出容器終端,不會導致容器的停止;但是,attach是進入容器當前終端,而exec會在容器內生成新的終端
- Run a command in a running container
- Usage:
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
[[email protected] ~]# docker exec 9cb2c6310220 ps
PID TTY /*Teletype控制終端*/ TIME CMD
22 ? 00:00:00 ps
拷貝檔案
[[email protected] ~]# docker cp 9fffc87fbc0a:/home/ /home/centos_docker
[[email protected] ~]# cd /home/
[[email protected] home]# ls
aliyun aliyun-cli-linux-latest-amd64.solitairetheme8 centos_docker fastcgi.php log.txt memcached redis www
- Usage: **
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
**容器內檔案至宿主機
**docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
**宿主機到容器內 - Copy files/folders between a container and the local filesystem
匯出和匯入容器
匯出容器
$ docker export -o hello-world.tar 9ead75336e51
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9ead75336e51 hello-world "/hello" 36 seconds ago Exited (0) 35 seconds ago wizardly_gates
22f9136e8c97 centos "/bin/bash" 9 minutes ago Up 9 minutes boring_jackson
[[email protected] ~]# docker export -o hello-world.tar 9ead75336e51
[[email protected] ~]# ls
anaconda-ks.cfg hello-world.tar
匯入容器快照
#本地檔案
$ cat docker/ubuntu.tar | docker import - test/ubuntu:v1
#通過url
$ docker import http://example.com/exampleimage.tgz example/imagerepo
[[email protected] ~]# cat hello-world.tar | docker import - import/hello-world:v1
[[email protected] ~]# docker import hello-world.tar hello-world:import
#注意:執行匯入的映象的時候必須帶command,否則啟動報如下錯誤
[[email protected] ~]# docker run hello-world:import `exec cmd`
sha256:fcf33f8a5101a658
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world import 25a329a88b17 About a minute ago 13.3kB
centos latest 300e315adb2f 2 weeks ago 209MB
hello-world latest bf756fb1ae65 11 months ago 13.3kB
打標籤
- Usage:
docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
[[email protected] ~]# docker image tag hello-world hello-world:v1
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 300e315adb2f 2 weeks ago 209MB
hello-world latest bf756fb1ae65 11 months ago 13.3kB
hello-world v1 bf756fb1ae65 11 months ago 13.3kB
批量處理
停用全部執行中的容器:
docker stop $(docker ps -q)
刪除全部容器:
docker rm $(docker ps -aq)
一條命令實現停用並刪除容器:
docker stop $(docker ps -q) & docker rm $(docker ps -aq)
日誌
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
Options:
--details Show extra details provided to logs
-f, --follow Follow log output #跟蹤日誌輸出
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes) #顯示某個開始時間的所有日誌
-n, --tail string Number of lines to show from the end of the logs (default "all")#僅列出最新N條容器 日誌
-t, --timestamps Show timestamps # 顯示時間戳
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
[[email protected] ~]# docker logs -f ff53
top - 15:54:17 up 34 days, 1:35, 0 users, load average: 0.42, 0.62, 0.69
Tasks: 1 total, 1 running, 0 sleeping, 0 stopped, 0 zombie
%Cpu(s): 7.0 us, 5.0 sy, 0.0 ni, 87.9 id, 0.2 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 3789.4 total, 166.6 free, 1034.6 used, 2588.2 buff/cache
MiB Swap: 1025.0 total, 1025.0 free, 0.0 used. 2409.6 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 20 0 49060 2188 1580 R 0.0 0.1 0:00.20 top
映象搜尋
Usage: docker search [OPTIONS] TERM
名稱,簡寫 | 預設 | 描述 |
---|---|---|
--automated | false | 僅顯示自動構建 |
--filter, -f | 根據提供的條件過濾輸出 | |
--limit | 25 | 最大搜索結果數 |
--no-trunc | false | 不要截斷輸出 |
--stars, -s | 0 | 只顯示至少有x顆星 |
[[email protected] ~]# docker search -f stars=100 centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 6336 [OK]
ansible/centos7-ansible Ansible on Centos7 132 [OK]
consol/centos-xfce-vnc Centos container with "headless" VNC session… 124 [OK]
jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 117 [OK]
執行一個 web 應用
[[email protected] ~]# docker pull training/webapp
Using default tag: latest
latest: Pulling from training/webapp
e190868d63f8: Pull complete
909cd34c6fd7: Pull complete
0b9bfabab7c1: Pull complete
a3ed95caeb02: Pull complete
10bbbc0fc0ff: Pull complete
fca59b508e9f: Pull complete
e7ae2541b15b: Pull complete
9dd97ef58ce9: Pull complete
a4c1b0cb7af7: Pull complete
Digest: sha256:06e9c1983bd6d5db5fba376ccd63bfa529e8d02f23d5079b8f74a616308fb11d
Status: Downloaded newer image for training/webapp:latest
[[email protected] ~]# docker run -d -P training/webapp python app.py
5d6100ff5bc275d4d6dc222047ae068c4c2dd30a923916cf2f490d261b8a2e20
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d6100ff5bc2 training/webapp "python app.py" 4 seconds ago Up 3 seconds 0.0.0.0:32768->5000/tcp focused_mestorf
[[email protected] ~]# docker run -d -p 5000:5000 training/webapp[/udp] python app.py
dbd2e62e8ef75febeb58c916d3b74c42f6ebadf2a0ba103e37ef5b5bb7438060
[[email protected] ~]# docker port 97cf182c867d
5000/tcp -> 0.0.0.0:80
[[email protected] ~]# docker logs -t --details 97cf182c867d
2020-12-25T02:28:37.966887108Z * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
2020-12-25T02:28:45.655452961Z 192.168.56.1 - - [25/Dec/2020 02:28:45] "GET /favicon.ico HTTP/1.1" 404 -
2020-12-25T02:28:46.687248424Z 192.168.56.1 - - [25/Dec/2020 02:28:46] "GET /favicon.ico HTTP/1.1" 404 -
2020-12-25T02:28:50.040089655Z 192.168.56.1 - - [25/Dec/2020 02:28:50] "GET / HTTP/1.1" 200 -
2020-12-25T02:28:50.458071205Z 192.168.56.1 - - [25/Dec/2020 02:28:50] "GET /favicon.ico HTTP/1.1" 404 -
2020-12-25T02:30:21.927939969Z 192.168.56.1 - - [25/Dec/2020 02:30:21] "GET / HTTP/1.1" 200 -
2020-12-25T02:32:10.484857726Z 192.168.56.1 - - [25/Dec/2020 02:32:10] "GET / HTTP/1.1" 200 -
2020-12-25T02:32:11.444579995Z 192.168.56.1 - - [25/Dec/2020 02:32:11] "GET / HTTP/1.1" 200 -
[[email protected] ~]# show clock
-bash: show: command not found
[[email protected] ~]# clock
Fri 25 Dec 2020 10:34:13 AM CST -0.756723 seconds
#web記錄的是UTC世界協調時間,與本時區時間相差8小時,分析日誌前要做本地化處理
docker top <container_id>
:來檢視容器內部執行的程序
docker inspect <container_id>
:檢視Docker容器的底層資訊
引數說明:
- **-d:**讓容器在後臺執行。
- **-P:**將容器內部使用的網路埠隨機對映到我們使用的宿主主機上。
- -p:將容器內的使用埠對映到宿主機的指定埠。(宿主機:容器)
- 0.0.0.0:與客戶機有關的所有網絡卡
- /udp:預設繫結tcp埠,可以指定/udp埠
Docker Network
[[email protected] ~]# docker network create -d bridge test-net
fbfcbd297c600efcb4c326faef1c7b7f0ae9b61c3387b82392f1ee3b77e2037c
[[email protected] ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
58b30159c818 bridge bridge local
61b059bcd34c host host local
999fcaff2725 none null local
fbfcbd297c60 test-net bridge local
#使用指定網路執行
[[email protected] ~]# docker run -itd --name test1 --network test-net centos /bin/bash
7a223d7000663c68d731a8419211d17c1fcc9a453c7197c6376b2f10d55c4a34
[[email protected] ~]# docker run -itd --name test2 --network test-net centos /bin/bash
4f51f2f5ab058e4e38ec000009b129e2fe373b73d834d48f380bf720e862d197
[[email protected] ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4f51f2f5ab05 centos "/bin/bash" 6 seconds ago Up 5 seconds test2
7a223d700066 centos "/bin/bash" 14 seconds ago Up 13 seconds test1
[[email protected] ~]# docker exec -it test1 /bin/bash
[[email protected] /]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
17: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:12:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.18.0.2/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
[[email protected] ~]# docker exec -it test2 /bin/bash
[[email protected] /]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
19: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:12:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.18.0.3/16 brd 172.18.255.255 scope global eth0
valid_lft forever preferred_lft forever
[[email protected] /]# ping 172.18.0.2
PING 172.18.0.2 (172.18.0.2) 56(84) bytes of data.
64 bytes from 172.18.0.2: icmp_seq=1 ttl=64 time=0.040 ms
64 bytes from 172.18.0.2: icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from 172.18.0.2: icmp_seq=3 ttl=64 time=0.052 ms
^C
--- 172.18.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.040/0.048/0.052/0.005 ms
- -d:指定網路型別:bridge,overlay
為所有容器指定DNS
在宿主機的 /etc/docker/daemon.json 檔案中增加以下內容來設定全部容器的 DNS:
{
"dns" : [
"223.6.6.6",#Alibaba DNS
"114.114.114.114",
"8.8.8.8"
]
}
設定後,啟動容器的 DNS 會自動配置為 114.114.114.114 和 8.8.8.8。
配置完,需要重啟 docker 才能生效。
檢視容器的 DNS 是否生效可以使用以下命令,它會輸出容器的 DNS 資訊:
[[email protected] ~]# docker run -it --rm centos cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 223.6.6.6
引數說明:
- –rm : Automatically remove the container when it exits
手動指定容器的配置
如果只想在指定的容器設定 DNS,則可以使用以下命令:
$ docker run -it --rm -h host_ubuntu --dns=114.114.114.114 --dns-search=test.com ubuntu
引數說明:
–rm:容器退出時自動清理容器內部的檔案系統。
-h HOSTNAME 或者 --hostname=HOSTNAME: 設定容器的主機名,它會被寫到容器內的 /etc/hostname 和 /etc/hosts。
–dns=IP_ADDRESS: 新增 DNS 伺服器到容器的 /etc/resolv.conf 中,讓容器用這個伺服器來解析所有不在 /etc/hosts 中的主機名。
–dns-search=DOMAIN: 設定容器的搜尋域,當設定搜尋域為 .example.com 時,在搜尋一個名為 host 的主機時,DNS 不僅搜尋 host,還會搜尋 host.example.com。
Docker Hub
[[email protected] ~]# docker login
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 300e315adb2f 2 weeks ago 209MB
alifys/hello-world latest bf756fb1ae65 11 months ago 13.3kB
hello-world latest bf756fb1ae65 11 months ago 13.3kB
[[email protected] ~]# docker push alifys/hello-world:latest
[[email protected] ~]# docker pull alifys/hello-world
Using default tag: latest
latest: Pulling from alifys/hello-world
Digest: sha256:90659bf80b44ce6be8234e6ff90a1ac34acbeb826903b02cfa0da11c82cbc042
Status: Downloaded newer image for alifys/hello-world:latest
[[email protected] ~]# docker logout
commit
**docker commit:**從容器建立一個新的映象。
語法
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
OPTIONS說明:
- **-a:**提交的映象作者;
- **-c:**使用Dockerfile指令來建立映象;
- **-m:**提交時的說明文字;
- **-p:**在commit時,將容器暫停。
例項
將容器a404c6c174a2 儲存為新的映象,並新增提交人資訊和說明資訊。
[[email protected] ~]# docker commit -a "allfys" -m "commit hello-world:latest" 05b5671a6f4c hello-world:v1
sha256:1243b85f36c5801e83563561761e029bd71469bedf14d112f72b0c71beb11112
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world v1 1243b85f36c5 4 seconds ago 13.3kB
*-p:**在commit時,將容器暫停。
例項
將容器a404c6c174a2 儲存為新的映象,並新增提交人資訊和說明資訊。
[[email protected] ~]# docker commit -a "allfys" -m "commit hello-world:latest" 05b5671a6f4c hello-world:v1
sha256:1243b85f36c5801e83563561761e029bd71469bedf14d112f72b0c71beb11112
[[email protected] ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world v1 1243b85f36c5 4 seconds ago 13.3kB