Docker容器(一)

Docker容器

4.1 運(yùn)行容器

[root@docker01 ~]# docker run centos pwd
/
[root@docker01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                          PORTS               NAMES
a7f729d0ee39        centos              "pwd"               About a minute ago   Exited (0) About a minute ago                       sleepy_shannon

4.1.1 容器后臺(tái)運(yùn)行

參數(shù) 說(shuō)明
-d 后臺(tái)運(yùn)行
/bin/bash -c "while true;do sleep 1;done" while語(yǔ)句讓bash不會(huì)退出 
[root@docker01 ~]# docker run -d centos /bin/bash -c "while true;do sleep 1;done"
97202faac0b3fd6f6689de4b055d270d4ab43e77fac23b168ced57aed3551f7f
[root@docker01 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
97202faac0b3        centos              "/bin/bash -c 'whi..."   20 seconds ago      Up 19 seconds                           distracted_roentgen
參數(shù) 說(shuō)明
--name 指定容器名稱
start/stop 啟動(dòng)或停止容器
pause/unpause 暫?;蚧謴?fù)容器
restart(always、on-failure:3) 重啟容器 

[root@docker01 ~]# docker run --name=centos_hello centos /bin/echo "Hello"
Hello
[root@docker01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS               NAMES
82806f7a2b93        centos              "/bin/echo Hello"        17 seconds ago      Exited (0) 17 seconds ago                       centos_hello
[root@docker01 ~]# docker start centos_hello
centos_hello

[root@docker01 ~]# docker run -d --restart=always httpd

4.1.2 進(jìn)入容器方法

參數(shù) 說(shuō)明
attach 直接進(jìn)入容器啟動(dòng)命令的終端,不會(huì)啟動(dòng)新的進(jìn)程。
exec 在容器中打開(kāi)新的終端,并且可以啟動(dòng)新的進(jìn)程。 
[root@docker01 ~]# docker run -d centos /bin/bash -c "while true;do sleep 1;echo hello;done"
79003a8a467a1a4134cf5f0c4bc646319bf5f4b6208f126f4805f87482b7aa07
[root@docker01 ~]# docker attach 79003a8a467a1a4134cf5f0c4bc646319bf5f4b6208f126f4805f87482b7aa07
hello
hello
hello
hello
#可通過(guò)Ctrl+p,然后Ctrl+q組合鍵退出

[root@docker01 ~]# docker run -d centos /bin/bash -c "while true;do sleep 1;echo hello;done"
76da0eba3cc9fc769ac418f16bd63c2845eb8fee2618088ec023022e11f25a93
[root@docker01 ~]# docker exec -it 76da0eba3cc9fc769ac418f16bd63c2845eb8fee2618088ec023022e11f25a93 bash

如果想在終端查看啟動(dòng)命令的輸出用attach,其他情況exec。

4.1.3 運(yùn)行容器最佳實(shí)踐

服務(wù)器容器(-d 后臺(tái)運(yùn)行,如需排查問(wèn)題exec -it進(jìn)入)

工具類容器(run -it 臨時(shí)環(huán)境)

4.2 刪除容器

#docker rm 容器ID
[root@docker01 ~]# docker ps 
CONTAINER ID        IMAGE               COMMAND              CREATED             STATUS              PORTS               NAMES
ab76beae0172        httpd               "httpd-foreground"   6 minutes ago       Up About a minute   80/tcp              gracious_brattain
[root@docker01 ~]# docker stop ab76beae0172
ab76beae0172
[root@docker01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                        PORTS               NAMES
ab76beae0172        httpd               "httpd-foreground"       7 minutes ago       Exited (0) 9 seconds ago                          gracious_brattain
[root@docker01 ~]# docker rm ab76beae0172
ab76beae0172

4.3 刪除鏡像

#docker rmi 鏡像ID
[root@docker01 ~]# docker images
REPOSITORY                          TAG                 IMAGE ID            CREATED             SIZE
docker.io/httpd                     latest              19459a872194        4 weeks ago         154 MB
jzhang0451/centos_apache            v1                  80b2eee15b08        2 months ago        346 MB
docker.io/nginx                     latest              e445ab08b2be        2 months ago        126 MB
docker.io/centos                    latest              9f38484d220f        7 months ago        202 MB
docker.io/registry                  2                   f32a97de94e1        7 months ago        25.8 MB
docker.io/hello-world               latest              fce289e99eb9        9 months ago        1.84 kB
docker.io/centos/mysql-56-centos7   latest              8ef375298394        17 months ago       407 MB
[root@docker01 ~]# docker rmi fce289e99eb9
Untagged: docker.io/hello-world:latest
Untagged: docker.io/hello-world@sha256:b8ba256769a0ac28dd126d584e0a2011cd2877f3f76e093a7ae560f2a5301c00
Deleted: sha256:fce289e99eb9bca977dae136fbe2a82b6b7d4c372474c9235adc1741675f587e
Deleted: sha256:af0b15c8625bb1938f1d7b17081031f649fd14e6b233688eea3c5483994a66a3

4.4 資源限制

4.4.1 內(nèi)存限額

參數(shù) 說(shuō)明
-m或--memory 設(shè)置內(nèi)存使用限額
--memory-swap 設(shè)置內(nèi)存+swap的使用限額 
[root@docker01 ~]# docker run -it -m 100M --memory-swap=100M centos

#測(cè)試鏡像
[root@docker01 ~]# docker run -it -m 100M --memory-swap=100M docker.io/progrium/stress --vm 1 --vm-bytes 200M
stress: info: [1] dispatching hogs: 0 cpu, 0 io, 1 vm, 0 hdd
stress: dbug: [1] using backoff sleep of 3000us
stress: dbug: [1] --> hogvm worker 1 [6] forked
stress: dbug: [6] allocating 209715200 bytes ...
stress: dbug: [6] touching bytes in strides of 4096 bytes ...
stress: FAIL: [1] (416) <-- worker 6 got signal 9
stress: WARN: [1] (418) now reaping child worker processes
stress: FAIL: [1] (422) kill error: No such process
stress: FAIL: [1] (452) failed run completed in 0s

4.4.2 CPU限額

參數(shù) 說(shuō)明
-c或--cpu-shares 設(shè)置CPU的權(quán)重
--cpu 設(shè)置工作線程數(shù)量(當(dāng)前只有一顆CPU,1個(gè)線程就能將CPU壓滿) 
[root@docker01 ~]# docker run -it -c 1024 centos

#測(cè)試鏡像
單獨(dú)SSH通道:
[root@docker01 ~]# docker run --name container_A -it -c 1024 docker.io/progrium/stress --cpu 1
stress: info: [1] dispatching hogs: 1 cpu, 0 io, 0 vm, 0 hdd
stress: dbug: [1] using backoff sleep of 3000us
stress: dbug: [1] --> hogcpu worker 1 [6] forked

單獨(dú)SSH通道:
[root@docker01 ~]#  docker run --name container_B -it -c 512 docker.io/progrium/stress --cpu 1
stress: info: [1] dispatching hogs: 1 cpu, 0 io, 0 vm, 0 hdd
stress: dbug: [1] using backoff sleep of 3000us
stress: dbug: [1] --> hogcpu worker 1 [6] forked

單獨(dú)SSH通道:
[root@docker01 ~]# top
top - 12:21:45 up 9 min,  3 users,  load average: 1.65, 0.62, 0.25
Tasks: 110 total,   3 running, 107 sleeping,   0 stopped,   0 zombie
%Cpu(s): 99.7 us,  0.3 sy,  0.0 ni,  0.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
KiB Mem :  1863224 total,  1458196 free,   159508 used,   245520 buff/cache
KiB Swap:  1048572 total,  1048572 free,        0 used.  1500368 avail Mem 

   PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+ COMMAND                                                                
  7610 root      20   0    7304    100      0 R 66.4  0.0   1:36.97 stress                                                                 
  7697 root      20   0    7304     96      0 R 33.2  0.0   0:25.19 stress                                                                 
  7515 root      20   0  161360   6196   4792 S  0.3  0.3   0:00.11 sshd                                                                   
  7614 root      20   0       0      0      0 S  0.3  0.0   0:00.16 kworker/0:3 

單獨(dú)SSH通道:
[root@docker01 ~]# docker pause container_A
container_A
[root@docker01 ~]# docker pause container_B
container_B

4.4.3 Block IO帶寬限額

參數(shù) 說(shuō)明
--blkio-weight 設(shè)置權(quán)重權(quán)
--device-read-bps 限制讀某個(gè)設(shè)備的bps
--device-write-bps 限制寫(xiě)某個(gè)設(shè)備的bps
--device-read-iops 限制讀某個(gè)設(shè)備的iops
--device-write-iops 限制寫(xiě)某個(gè)設(shè)備的iops

bps(byte per second,每秒讀寫(xiě)的數(shù)據(jù)量)

iops(io per second,每秒IO的次數(shù))

#測(cè)試鏡像
[root@docker01 ~]# docker run -it --device-write-bps /dev/sda:30MB centos
[root@efbdee8c0921 /]# time dd if=/dev/zero of=test.out bs=1M count=800 oflag=direct
800+0 records in
800+0 records out
838860800 bytes (839 MB) copied, 26.6203 s, 31.5 MB/s

real    0m26.631s
user    0m0.011s
sys 0m0.422s
[root@efbdee8c0921 /]# 

[root@docker01 ~]# docker run -it centos
[root@b96e8fa4a4b7 /]# time dd if=/dev/zero of=test.out bs=1M count=800 oflag=direct
800+0 records in
800+0 records out
838860800 bytes (839 MB) copied, 0.534064 s, 1.6 GB/s

real    0m0.537s
user    0m0.004s
sys 0m0.339s
[root@b96e8fa4a4b7 /]#

4.5 實(shí)現(xiàn)容器的底層技術(shù)

4.5.1 cgroup資源限制

[root@docker01 ~]# ls /sys/fs/cgroup/
blkio  cpuacct      cpuset   freezer  memory   net_cls,net_prio  perf_event  systemd
cpu    cpu,cpuacct  devices  hugetlb  net_cls  net_prio

4.5.2 namespace資源隔離

參數(shù) 說(shuō)明
Mount 文件系統(tǒng),容器擁有自己的/目錄。
UTS 讓容器擁有自己的hostname。啟動(dòng)容器時(shí)可以能過(guò) -h 指定。
IPC 讓容器擁有自己的共享內(nèi)存和信號(hào)量來(lái)實(shí)現(xiàn)進(jìn)程間通信。
PID 讓容器擁有自己的進(jìn)程號(hào)。
Network 讓容器擁有自己的獨(dú)立網(wǎng)卡、IP、路由等資源。
User 讓容器能夠管理自己的用戶。
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容