最新docker命令手冊
Command Line
Note: if you are using a remote Docker daemon, such as Boot2Docker, then do not type the
sudo
before thedocker
commands shown in the documentation's examples.
To list available commands, either run docker
with
no parameters or execute docker help
:
$ sudo docker
Usage: docker [OPTIONS] COMMAND [arg...]-H,--host=[]:The socket(s) to bind to in daemon mode, specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd.
A self-sufficient runtime forLinux containers....
Help
To list the help on any command just execute the command, followed by the --help
$ sudo docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND][ARG...]Run a command in a new container
-a,--attach=[]Attach to STDIN, STDOUT or STDERR.-c,--cpu-shares=0 CPU shares (relative weight)...
Option types
Single character command line options can be combined, so rather than typing docker
run -t -i --name test busybox sh
docker
run -ti --name test busybox sh
.
Boolean
Boolean options take the form -d=false
.
The value you see in the help text is the default value which is set if you do not specify that flag. If you specify a Boolean flag without a value, this will set the flag to true
,
irrespective of the default value.
For example, running docker run -d
will
set the value to true
, so your
container will run in "detached" mode, in the background.
Options which default to true
(e.g., docker
build --rm=true
) can only be set to the non-default value by explicitly setting them to false
:
$ docker build --rm=false.
Multi
Options like -a=[]
indicate they
can be specified multiple times:
$ sudo docker run -a stdin -a stdout -a stderr -i -t ubuntu /bin/bash
Sometimes this can use a more complex value string, as for -v
:
$ sudo docker run -v /host:/container example/mysql
Strings and Integers
Options like --name=""
expect
a string, and they can only be specified once. Options like -c=0
expect
an integer, and they can only be specified once.
daemon
Usage: docker [OPTIONS] COMMAND [arg...]
A self-sufficient runtime for linux containers.Options:--api-enable-cors=falseEnable CORS headers in the remote API
-b,--bridge=""Attach containers to a pre-existing network bridge
use'none' to disable container networking
--bip=""Usethis CIDR notation address for the network bridge's IP, not compatible with -b
-D, --debug=false Enable debug mode
-d, --daemon=false Enable daemon mode
--dns=[] Force Docker to use specific DNS servers
--dns-search=[] Force Docker to use specific DNS search domains
-e, --exec-driver="native" Force the Docker runtime to use a specific exec driver
--fixed-cidr="" IPv4 subnet for fixed IPs (e.g.: 10.20.0.0/16)
this subnet must be nested in the bridge subnet (which is defined by -b or --bip)
--fixed-cidr-v6="" IPv6 subnet for global IPs (e.g.: 2a00:1450::/64)
-G, --group="docker" Group to assign the unix socket specified by -H when running in daemon mode
use '' (the empty string) to disable setting of a group
-g, --graph="/var/lib/docker" Path to use as the root of the Docker runtime
-H, --host=[] The socket(s) to bind to in daemon mode or connect to in client mode, specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd.
--icc=true Allow unrestricted inter-container and Docker daemon host communication
--insecure-registry=[] Enable insecure communication with specified registries (disables certificate verification for HTTPS and enables HTTP fallback) (e.g., localhost:5000 or 10.20.0.0/16)
--ip=0.0.0.0 Default IP address to use when binding container ports
--ip-forward=true Enable net.ipv4.ip_forward and IPv6 forwarding if --fixed-cidr-v6 is defined. IPv6 forwarding may interfere with your existing IPv6 configuration when using Router Advertisement.
--ip-masq=true Enable IP masquerading for bridge's IP range
--iptables=trueEnableDocker's addition of iptables rules
--ipv6=false Enable Docker IPv6 support
-l, --log-level="info" Set the logging level (debug, info, warn, error, fatal)
--label=[] Set key=value labels to the daemon (displayed in `docker info`)
--mtu=0 Set the containers network MTU
if no value is provided: default to the default route MTU or 1500 if no default route is available
-p, --pidfile="/var/run/docker.pid" Path to use for daemon PID file
--registry-mirror=[] Specify a preferred Docker registry mirror
-s, --storage-driver="" Force the Docker runtime to use a specific storage driver
--selinux-enabled=false Enable selinux support. SELinux does not presently support the BTRFS storage driver
--storage-opt=[] Set storage driver options
--tls=false Use TLS; implied by --tlsverify flag
--tlscacert="/home/sven/.docker/ca.pem" Trust only remotes providing a certificate signed by the CA given here
--tlscert="/home/sven/.docker/cert.pem" Path to TLS certificate file
--tlskey="/home/sven/.docker/key.pem" Path to TLS key file
--tlsverify=false Use TLS and verify the remote (daemon: verify client, client: verify daemon)
-v, --version=false Print version information and quit
Options with [] may be specified multiple times.
The Docker daemon is the persistent process that manages containers. Docker uses the same binary for both the daemon and client. To run the daemon you provide the -d
flag.
To run the daemon with debug output, use docker
-d -D
.
Daemon socket option
The Docker daemon can listen for Docker Remote API requests via three different types of Socket: unix
,tcp
,
and fd
.
By default, a unix
domain socket
(or IPC socket) is created at /var/run/docker.sock
,
requiring eitherroot
permission,
or docker
group membership.
If you need to access the Docker daemon remotely, you need to enable the tcp
Socket.
Beware that the default setup provides un-encrypted and un-authenticated direct access to the Docker daemon - and should be secured either using the built in HTTPS
encrypted socket, or by putting a secure web proxy in front of it. You can listen on port 2375
on
all network interfaces with -H tcp://0.0.0.0:2375
,
or on a particular network interface using its IP address: -H
tcp://192.168.59.103:2375
. It is conventional to use port 2375
for
un-encrypted, and port 2376
for
encrypted communication with the daemon.
Note If you're using an HTTPS encrypted socket, keep in mind that only TLS1.0 and greater are supported. Protocols SSLv3 and under are not supported anymore for security reasons.
On Systemd based systems, you can communicate with the daemon via Systemd socket activation, usedocker
-d -H fd://
. Using fd://
will
work perfectly for most setups but you can also specify individual sockets: docker
-d -H fd://3
. If the specified socket activated files aren't found, then Docker will exit. You can find examples of using Systemd socket activation with Docker and Systemd in the Docker
source tree.
You can configure the Docker daemon to listen to multiple sockets at the same time using multiple -H
options:
# listen using the default unix socket, and on 2 specific IP addresses on this host.
docker -d -H unix:///var/run/docker.sock -H tcp://192.168.59.106 -H tcp://10.10.10.2
The Docker client will honor the DOCKER_HOST
environment
variable to set the -H
flag for
the client.
$ sudo docker -H tcp://0.0.0.0:2375 ps# or
$ export DOCKER_HOST="tcp://0.0.0.0:2375"
$ sudo docker ps
# both are equal
Setting the DOCKER_TLS_VERIFY
environment
variable to any value other than the empty string is equivalent to setting the --tlsverify
flag.
The following are equivalent:
$ sudo docker --tlsverify ps
# or
$ export DOCKER_TLS_VERIFY=1
$ sudo docker ps
The Docker client will honor the HTTP_PROXY
, HTTPS_PROXY
,
and NO_PROXY
environment variables
(or the lowercase versions thereof). HTTPS_PROXY
takes
precedence over HTTP_PROXY
. If
you happen to have a proxy configured with the HTTP_PROXY
or HTTPS_PROXY
environment
variables but still want to communicate with the Docker daemon over its default unix
domain
socket, setting the NO_PROXY
environment
variable to the path of the socket (/var/run/docker.sock
)
is required.
Daemon storage-driver option
The Docker daemon has support for several different image layer storage drivers: aufs
, devicemapper
,btrfs
and overlay
.
The aufs
driver is the oldest,
but is based on a Linux kernel patch-set that is unlikely to be merged into the main kernel. These are also known to cause some serious kernel crashes. However, aufs
is
also the only storage driver that allows containers to share executable and shared library memory, so is a useful choice when running thousands of containers with the same program or libraries.
The devicemapper
driver uses thin
provisioning and Copy on Write (CoW) snapshots. For each devicemapper graph location – typically /var/lib/docker/devicemapper
–
a thin pool is created based on two block devices, one for data and one for metadata. By default, these block devices are created automatically by using loopback mounts of automatically created sparse files. Refer to Storage
driver options below for a way how to customize this setup. ~jpetazzo/Resizing Docker containers with the Device Mapper plugin article
explains how to tune your existing setup without the use of options.
The btrfs
driver is very fast
for docker build
- but like devicemapper
does
not share executable memory between devices. Use docker
-d -s btrfs -g /mnt/btrfs_partition
.
The overlay
is a very fast union
filesystem. It is now merged in the main Linux kernel as of 3.18.0. Calldocker
-d -s overlay
to use it.
Note: It is currently unsupported on
btrfs
or any Copy on Write filesystem and should only be used overext4
partitions.
Storage driver options
Particular storage-driver can be configured with options specified with --storage-opt
flags.
The only driver accepting options is devicemapper
as
of now. All its options are prefixed with dm
.
Currently supported options are:
-
dm.basesize
Specifies the size to use when creating the base device, which limits the size of images and containers. The default value is 10G. Note, thin devices are inherently "sparse", so a 10G device which is mostly empty doesn't use 10 GB of space on the pool. However, the filesystem will use more space for the empty case the larger the device is.
Warning: This value affects the system-wide "base" empty filesystem that may already be initialized and inherited by pulled images. Typically, a change to this value will require additional steps to take effect:
$ sudo service docker stop $ sudo rm -rf /var/lib/docker $ sudo service docker start
Example use:
$ sudo docker -d --storage-opt dm.basesize=20G
-
dm.loopdatasize
Specifies the size to use when creating the loopback file for the "data" device which is used for the thin pool. The default size is 100G. Note that the file is sparse, so it will not initially take up this much space.
Example use:
$ sudo docker -d --storage-opt dm.loopdatasize=200G
-
dm.loopmetadatasize
Specifies the size to use when creating the loopback file for the "metadata" device which is used for the thin pool. The default size is 2G. Note that the file is sparse, so it will not initially take up this much space.
Example use:
$ sudo docker -d --storage-opt dm.loopmetadatasize=4G
-
dm.fs
Specifies the filesystem type to use for the base device. The supported options are "ext4" and "xfs". The default is "ext4"
Example use:
$ sudo docker -d --storage-opt dm.fs=xfs
-
dm.mkfsarg
Specifies extra mkfs arguments to be used when creating the base device.
Example use:
$ sudo docker -d --storage-opt "dm.mkfsarg=-O ^has_journal"
-
dm.mountopt
Specifies extra mount options used when mounting the thin devices.
Example use:
$ sudo docker -d --storage-opt dm
相關推薦
最新docker命令手冊
Command Line Note: if you are using a remote Docker daemon, such as Boot2Docker, then do not type the sudobefore the docker comma
docker 最新Dockerfile命令手冊
Dockerfile Reference Docker can build images automatically by reading the instructions from a Dockerfile. A Dockerfile is a text
docker 命令補全
sed con code 執行 isp pen nsenter yum ont 補全: 安裝docker自帶包: source /usr/share/bash-completion/completions/docker 缺少下面的包,TAB會報錯 yum install -
一些重要 Docker 命令的簡單介紹
刪除 可用 registry best spa stdin ring edit 重要 1. 拉取 Docker 鏡像 由於容器是由 Docker 鏡像構建的,首先我們需要拉取一個 docker 鏡像來開始。我們可以從 Docker Registry Hub 獲取所需的 do
Docker 命令行和後臺參數
top native within lookup .so btrfs bind amp 沒有 Docker官方為了讓用戶高速了解Docker,提供了一個交互式教程,旨在幫助用戶掌握Docker命令行的用法。Docker 命令行以下對Docker的命令清單進行簡單的介紹,具
docker命令查詢
fault 命名空間 logo oot systemd sel 規則 erl 刪除 Docker 命令查詢 基本語法Docker 命令有兩大類,客戶端命令和服務端命令。前者是主要的操作接口,後者用來啟動 Docker daemon。 客戶端命令:基本命令格式為 do
常用docker命令
service dock 註意 usr 鏡像 oot server git files 常用命令1. 查看容器的root用戶密碼 docker logs <容器名orID> 2>&1 | grep ‘^User: ‘ | tail -n1
Redis 學習之路 (010) - redis命令手冊
哈希 sts 集中 cluster htm second 不同 index scribe Redis 鍵(key) 命令 命令描述 Redis DEL 命令 該命令用於在 key 存在是刪除 key。 Redis Dump 命令 序列化給定 key ,並返回被
ubuntu安裝最新docker
docker安裝 ubuntu 不安裝舊版docker,如果有舊版可以先使用命令卸載。$ sudo apt-get remove docker docker-engine docker.io為了能更新docker,所以我選擇先安裝docker倉庫。(1)更新 $ sudo apt-get upd
Docker 命令查詢
login 指定 arc inux inter export 支持 splunk https 基本語法 Docker 命令有兩大類,客戶端命令和服務端命令。前者是主要的操作接口,後者用來啟動 Docker daemon。 客戶端命令:基本命令格式為 docker [OPT
從開發到部署會用到的 Docker 命令
從開發到部署會用到的 docker 命令本文的目的是理解容器開發在目標環境中部署的端到端流程,並列出這些操作所需的 Docker 命令。1. 介紹整個流程包括使用代碼、依賴軟件和配置來開發容器映像,在開發環境中運行和測試容器,將容器映像發布到 Docker Hub,以及最後的部署和在目標環境中運行容器。本文假
docker 命令總結
ges contain doc exp 添加文件 指定路徑 nbsp ase 拷貝文件 docker pull 獲取鏡像 docker build 建立鏡像 docker images 查看鏡像 docker run -d -p 8080:80 運行鏡像 do
docker命令行學習
5-0 同時 .com all 共享 mar 刪除 也會 remove docker命令行學習 docker run docker run --help:老實說這條最管用了 docker run -it:交互模式,允許控制臺輸出 docker run -d:detach,
docker命令
docker ges log size create contain docker命令 test -name 1.查看image [root@ ~]# docker imagesREPOSITORY TAG IMA
docker命令詳解
docker 雲計算 虛擬化 Docker常用命令詳解 docker ps 查看當前正在運行的容器 docker ps -a 查看所有容器的狀態 docker search seanlo 在docker index中搜索image(search) docker start/stop id/nam
8、《每天5分鐘玩轉Docker容器技術》學習-Docker命令info version
hostman cloudman cloud openstack docker a) docker info 命令查看docker系統信息。docker info [OPTIONS]a) docker version 命令docker version :顯示 Docker 版本信息。doc
11、《每天5分鐘玩轉Docker容器技術》學習-Docker命令之容器生命周期管理
hostman cloudman cloud openstack docker a) Docker create 命令docker create :創建一個新的容器但不啟動它docker create [OPTIONS] IMAGE [COMMAND] [ARG...]-a stdin:
12、《每天5分鐘玩轉Docker容器技術》學習-Docker命令之容器操作命令
hostman cloudman cloud openstack docker a) Docker ps 命令docker ps : 列出容器docker ps [OPTIONS]-a :顯示所有的容器,包括未運行的。-f :根據條件過濾顯示的內容。--format :指定返回值的模板文件
Docker操作手冊
Docker常用命令[鏡像]獲取鏡像sudo docker pull ubuntu 下載鏡像後利用鏡像創建一個容器sudo docker run -t -i ubuntu /bin/bash列出主機上已有的鏡像sudo docker images獲取鏡像的詳細信息sudo docker inspect ubu
Hadoop命令手冊
classname 分隔 ktr section 任務 hdf 不可 1.0 給定 原文地址:http://hadoop.apache.org/docs/r1.0.4/cn/commands_manual.html 概述 常規選項 用戶命令