Docke 1.12 基礎篇:48條命令(4)
阿新 • • 發佈:2018-12-26
本文針對Docker1.12的48條命令,列出了container相關的18條,劃分未必精確。 接下來看看這些條命令都是怎麼用的。
container相關的命令
| 項番 | 命令 | 詳解 |
|---|---|---|
| No.1 | attach | Attach to a running container |
| No.3 | commit | Create a new image from a container’s changes |
| No.4 | cp | Copy files/folders between a container and the local filesystem |
| No.5 | create | Create a new container |
| No.7 | diff | Inspect changes on a container’s filesystem |
| No.9 | exec | Run a command in a running container |
| No.10 | export | Export a container’s filesystem as a tar archive |
| No.13 | import | Import the contents from a tarball to create a filesystem image |
| No.16 | kill | Kill one or more running containers |
| No.23 | pause | Pause all processes within one or more containers |
| No.29 | rename | Rename a container |
| No.30 | restart | Restart a container |
| No.31 | rm | Remove one or more containers |
| No.33 | run | Run a command in a new container |
| No.38 | start | Start one or more stopped containers |
| No.40 | stop | Stop one or more running containers |
| No.44 | unpause | Unpause all processes within one or more containers |
| No.48 | wait | Block until a container stops, then print its exit code |
狀態管理相關的命令
在上面的18條命令中,抽出9條有關container的狀態管理的命令來逐一確認。狀態管理是什麼,container的生老病死,建立/啟動/停止/刪除等等。
| 項番 | 命令 | 詳解 |
|---|---|---|
| No.5 | create | Create a new container |
| No.33 | run | Run a command in a new container |
| No.38 | start | Start one or more stopped containers |
| No.40 | stop | Stop one or more running containers |
| No.30 | restart | Restart a container |
| No.44 | unpause | Unpause all processes within one or more containers |
| No.23 | pause | Pause all processes within one or more containers |
| No.16 | kill | Kill one or more running containers |
| No.48 | wait | Block until a container stops, then print its exit code |
run
docker run可能是剛開始學習docker的除了docker images和docker ps之外用的最多的命令之一了。使用docker run可以使用image啟動一個container的例項。
[root@liumiaocn ~]# docker images |grep busybox
busybox latest 2b8fd9751c4c 3 months ago 1.093 MB
[root@liumiaocn ~]#執行一個busybox映象的container
[root@liumiaocn ~]# docker run -it busybox /bin/sh
/ # hostname
3efaa5538278
/ #可以使用同一個映象啟動多個不同的container,可牽強地像類和例項的關係。
[root@liumiaocn ~]# docker run -it busybox /bin/sh
/ # hostname
b847f7213021
/ #使用前面學到的docker ps來確認container狀態
[root@liumiaocn ~]# docker ps |grep busybox
b847f7213021 busybox "/bin/sh" 2 minutes ago Up 2 minutes loving_engelbart
3efaa5538278 busybox "/bin/sh" 3 minutes ago Up 2 minutes romantic_euclid
[root@liumiaocn ~]#諸如loving_engelbart是docker自動給container命的名稱,通過–name就可以制定想要的名稱,-i為互動的方式,-t是分配一個偽終端。dokcer run的option如下,通過簡單確認可以看到其出了-i -t這樣的option之外,建立container時候對IO/CPU/MEMORY的控制設定等等也都提供了介面,通過一個簡單的引數就能實現了,而不再像前面我們在介紹cgroups的時候限制一個CPU要折騰半天了。限於篇幅,又加上docker run或者create在實際使用的時候很多option都會被用到,僅在run的命令時列出option,剩餘的請自行docker 命令 –help。
| option | 說明 |
|---|---|
| –add-host value | Add a custom host-to-IP mapping (host:ip) (default []) |
| -a, –attach value | Attach to STDIN, STDOUT or STDERR (default []) |
| –blkio-weight value | Block IO (relative weight), between 10 and 1000 |
| –blkio-weight-device value | Block IO weight (relative device weight) (default []) |
| –cap-add value | Add Linux capabilities (default []) |
| –cap-drop value | Drop Linux capabilities (default []) |
| –cgroup-parent string | Optional parent cgroup for the container |
| –cidfile string | Write the container ID to the file |
| –cpu-percent int | CPU percent (Windows only) |
| –cpu-period int | Limit CPU CFS (Completely Fair Scheduler) period |
| –cpu-quota int | Limit CPU CFS (Completely Fair Scheduler) quota |
| -c, –cpu-shares int | CPU shares (relative weight) |
| –cpuset-cpus string | CPUs in which to allow execution (0-3, 0,1) |
| –cpuset-mems string | MEMs in which to allow execution (0-3, 0,1) |
| -d, –detach | Run container in background and print container ID |
| –detach-keys string | Override the key sequence for detaching a container |
| –device value | Add a host device to the container (default []) |
| –device-read-bps value | Limit read rate (bytes per second) from a device (default []) |
| –device-read-iops value | Limit read rate (IO per second) from a device (default []) |
| –device-write-bps value | Limit write rate (bytes per second) to a device (default []) |
| –device-write-iops value | Limit write rate (IO per second) to a device (default []) |
| –disable-content-trust | Skip image verification (default true) |
| –dns value | Set custom DNS servers (default []) |
| –dns-opt value | Set DNS options (default []) |
| –dns-search value | Set custom DNS search domains (default []) |
| –entrypoint string | Overwrite the default ENTRYPOINT of the image |
| -e, –env value | Set environment variables (default []) |
| –env-file value | Read in a file of environment variables (default []) |
| –expose value | Expose a port or a range of ports (default []) |
| –group-add value | Add additional groups to join (default []) |
| –health-cmd string | Command to run to check health |
| –health-interval duration | Time between running the check |
| –health-retries int | Consecutive failures needed to report unhealthy |
| –health-timeout duration | Maximum time to allow one check to run |
| –help | Print usage |
| -h, –hostname string | Container host name |
| -i, –interactive | Keep STDIN open even if not attached |
| –io-maxbandwidth string | Maximum IO bandwidth limit for the system drive (Windows only) |
| –io-maxiops uint | Maximum IOps limit for the system drive (Windows only) |
| –ip string | Container IPv4 address (e.g. 172.30.100.104) |
| –ip6 string | Container IPv6 address (e.g. 2001:db8::33) |
| –ipc string | IPC namespace to use |
| –isolation string | Container isolation technology |
| –kernel-memory string | Kernel memory limit |
| -l, –label value | Set meta data on a container (default []) |
| –label-file value | Read in a line delimited file of labels (default []) |
| –link value | Add link to another container (default []) |
| –link-local-ip value | Container IPv4/IPv6 link-local addresses (default []) |
| –log-driver string | Logging driver for the container |
| –log-opt value | Log driver options (default []) |
| –mac-address string | Container MAC address (e.g. 92:d0:c6:0a:29:33) |
| -m, –memory string | Memory limit |
| –memory-reservation string | Memory soft limit |
| –memory-swap string | Swap limit equal to memory plus swap: ‘-1’ to enable unlimited swap |
| –memory-swappiness int | Tune container memory swappiness (0 to 100) (default -1) |
| –name string | Assign a name to the container |
| –network string | Connect a container to a network (default “default”) |
| –network-alias value | Add network-scoped alias for the container (default []) |
| –no-healthcheck | Disable any container-specified HEALTHCHECK |
| –oom-kill-disable | Disable OOM Killer |
| –oom-score-adj int | Tune host’s OOM preferences (-1000 to 1000) |
| –pid string | PID namespace to use |
| –pids-limit int | Tune container pids limit (set -1 for unlimited) |
| –privileged | Give extended privileges to this container |
| -p, –publish value | Publish a container’s port(s) to the host (default []) |
| -P, –publish-all | Publish all exposed ports to random ports |
| –read-only | Mount the container’s root filesystem as read only |
| –restart string | Restart policy to apply when a container exits (default “no”) |
| –rm | Automatically remove the container when it exits |
| –runtime string | Runtime to use for this container |
| –security-opt value | Security Options (default []) |
| –shm-size string | Size of /dev/shm, default value is 64MB |
| –sig-proxy | Proxy received signals to the process (default true) |
| –stop-signal string | Signal to stop a container, SIGTERM by default (default “SIGTERM”) |
| –storage-opt value | Storage driver options for the container (default []) |
| –sysctl value | Sysctl options (default map[]) |
| –tmpfs value | Mount a tmpfs directory (default []) |
| -t, –tty | Allocate a pseudo-TTY |
| –ulimit value | Ulimit options (default []) |
| -u, –user string | Username or UID (format: |
| –userns string | User namespace to use |
| –uts string | UTS namespace to use |
| -v, –volume value | Bind mount a volume (default []) |
| –volume-driver string | Optional volume driver for the container |
| –volumes-from value | Mount volumes from the specified container(s) (default []) |
| -w, –workdir string | Working directory inside the container |
create
基本跟run一致。下面我們通過create建立一個nginx的container.下載nginx的映象。
[[email protected] ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
6a5a5368e0c2: Pull complete
4aceccff346f: Pull complete
c8967f302193: Pull complete
Digest: sha256:1ebfe348d131e9657872de9881fe736612b2e8e1630e0508c354acb0350a4566
Status: Downloaded newer image for nginx:latest
[[email protected] ~]#使用docker run啟動一個名為nginxtest 的nginxcontainer
[root@liumiaocn ~]# docker create --name=nginxtest -p 80:80 nginx
1e56ed7e1b922c225c612617591555757321ca0746a7477fcb665bb6848e2b70
[root@liumiaocn ~]#可以看到此時的container的狀態為created,port因為是執行期間container和host之間的mapping,皮之不存,port焉附,當然也不會有port資訊,前面在講解docker port的時候也說過需要對live的container執行就是這個道理。
[root@liumiaocn ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 38 seconds ago Created nginxtest
[root@liumiaocn ~]#start
用於啟動停止了或者剛剛建立了的container
[root@liumiaocn ~]# docker start nginxtest
nginxtest
[root@liumiaocn ~]#確認container結果
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 4 minutes ago Up 20 seconds 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]#確認nginx
stop
停止容器
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 6 minutes ago Up 2 minutes 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]# docker stop nginxtest
nginxtest
[root@liumiaocn ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 7 minutes ago Exited (0) 3 seconds ago nginxtest
[root@liumiaocn ~]#restart
再啟動容器
[root@liumiaocn ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 10 minutes ago Exited (0) 3 minutes ago nginxtest
[root@liumiaocn ~]# docker restart nginxtest
nginxtest
[root@liumiaocn ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" 10 minutes ago Up 2 seconds 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]#pause
pause用於將某container暫時停止
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up 50 minutes 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]# docker pause nginxtest
nginxtest
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up 50 minutes (Paused) 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]#可以看到pause後狀態提示為Paused,而且此時通過IE訪問nginx會一直處於載入階段
unpause
pause的反向行為。將暫停的container恢復
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up 57 minutes (Paused) 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]# docker unpause nginxtest
nginxtest
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up 57 minutes 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]#可以看到狀態已經恢復,而且一直在載入中的Nginx頁面隨著狀態的恢復也能重新訪問了。
wait 和 kill
wait用於等待某個container的終了,kill用於強制停止某個container
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up About an hour 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]# docker wait nginxtest執行了docker wait之後可以看到該程序一直不能返回,然後我們另外新開啟一個終端使用docker kill停止這個正在running狀態的container
[root@liumiaocn ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Up About an hour 0.0.0.0:80->80/tcp, 443/tcp nginxtest
[root@liumiaocn ~]# docker kill nginxtest
nginxtest
[root@liumiaocn ~]#隨著nginxtest被kill的同時,一直不能返回的docker wait程序也提示了終了code(137)後退出了。
[root@liumiaocn ~]# docker wait nginxtest
137
[root@liumiaocn ~]#結果確認
[root@liumiaocn ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e56ed7e1b92 nginx "nginx -g 'daemon off" About an hour ago Exited (137) 2 minutes ago nginxtest
[root@liumiaocn ~]#