環(huán)境安裝
# 操作系統(tǒng)版本:linux CentOS 7.2 64 3.10.0-514.6.2.el7.x86_64
# 添加包的來源
$ yum install epel-release –y
$ yum clean all
$ yum list
# 安裝并且運行
$ yum install docker-io –y
$ systemctl start docker
# 檢查安裝結果
$ docker info
# 操作系統(tǒng)版本:win7 64
# 安裝:http://www.runoob.com/docker/windows-docker-install.html
# https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html
# 遇到問題
# 問題:點擊Docker出現(xiàn)windows 正在查找bash.exe。如果想親自查找文件,請點擊“瀏覽”的問題
# 解決:https://blog.csdn.net/A632189007/article/details/78601213
# 參考:https://help.aliyun.com/document_detail/51853.html?spm=a2c4g.11186623.6.819.Mez5Ng
# 操作系統(tǒng)版本:win10 64
# 安裝:https://segmentfault.com/a/1190000007875949
改安裝源
# 情景:由于docker主機在外國,安裝好之后我們需要更改下源,不然下載image的時候會很慢.
# 國內鏡像:
daoclound
服務管理
# 操作系統(tǒng):linux
# 運行
$ systemctl start docker
# 停止
$ systemctl stop docker
# 重啟
$ systemctl restart docker
# 操作系統(tǒng):win
查看幫助
$ docker
鏡像管理
# 查找
#2 語法:docker search [OPTIONS] TERM
#2 描述:Search the Docker Hub for images
#2 參數(shù):
#3 條件過濾:-f
#3 美化輸出:--format
#3 最大記錄:--limit
#3 不截輸出:--no-trunc
$ docker search httpd
# 下拉(下載;獲取)
#2 語法:docker pull [OPTIONS] NAME[:TAG|@DIGEST]
#2 描述:Pull an image or a repository from a registry
#2 參數(shù):
#3 獲取所有:-a
#3 跳過驗證:--disable-content-trust
$ docker pull registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
# 修改
#2 創(chuàng)建標簽
#3 語法:docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
#3 描述:Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
$ docker tag registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5:latest aliweb:v1
# 查看
#2 列出鏡像
#3 語法:docker images [OPTIONS] [REPOSITORY[:TAG]]
#3 描述:List images
#3 參數(shù):
#4 顯示所有:-a
#4 顯示算法:--digests
#4 條件過濾:-f
#4 美化輸出:--format
#4 不截輸出:--no-trunc
#4 僅顯編號:-q
$ docker images
$ docker images --digests --no-trunc
$ docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
#2 鏡像歷史
#3 語法: docker history [OPTIONS] IMAGE
#3 描述:Show the history of an image
#3 參數(shù):
#4 某種格式:--format
#4 人讀格式:-H
#4 只顯編號:-q
$ docker history b961582107fc
# 刪除
#2 語法: docker rmi [OPTIONS] IMAGE [IMAGE...]
#2 描述:Remove one or more images
#2 參數(shù):
#3 強制刪除:-f, --force Force removal of the image
#3 留未標父:--no-prune Do not delete untagged parents
$ docker rmi -f registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
$ docker rmi -f 2cb0d9787c4d
$ docker rmi -f b961582107fc
# 刪除所有
$ docker rm $(docker ps -aq)
# 創(chuàng)建
# ##############################################s
#方式1 :從 Docker Hub 獲取已有鏡像并更新
#2 啟動容器
$ docker run -t -i training/sinatra /bin/bash
$ docker run -it ubuntu bash
#2 安裝應用:在容器中添加 json 應用
$ gem install json
//#2 退出容器
//# $ exit #退出時關閉容器
//# #2 啟動容器
//$ docker run -d training/sinatra /bin/bash
#2 退出容器
$ Ctrl+P+Q #退出時不關容器
#2 查看容器
$ docker ps
#2 提交更新
#3 語法: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
#3 描述:Create a new image from a container's changes
#3 參數(shù):
#4 鏡像作者:-a(--author)
#4 配置文件:-c( --change)
#4 注釋信息:-m(--message)
#4 退出容器:-p( --pause)
$ docker commit -m "Added json gem" -a "Docker Newbee" 2d3c7afae625 ouruser/sinatra:v2
#2 查看鏡像:驗證是否成功
$ docker images
# ##############################################e
# ##############################################s
#方式2 :本地制作一個
# 制作
#2 準備內容:dockerfile
# vim Dockerfile
FROM apachephp:v1 #聲明基礎鏡像來源
MAINTAINER DTSTACK #聲明鏡像的擁有者
RUN mkdir /dtstact #容器運行前執(zhí)命令
# 由于Dockerfile文件不能超過127行,因此當命令較多時建議寫到腳本中執(zhí)行
ENTRYPOINT ping www.aliyun.com #開機啟動命令,此處最后一個命令需要是可在前臺持續(xù)執(zhí)行的命令,否則容器后臺運行時會因為命令執(zhí)行完而退出。
#2 構建鏡像
#3 語法: docker build [OPTIONS] PATH | URL | -
#3 描述:Build an image from a Dockerfile
#3 參數(shù):
#4 域名映射:--add-host list Add a custom host-to-IP mapping (host:ip)
#4 構時變量:--build-arg list Set build-time variables
#4 緩存位置:--cache-from strings Images to consider as cache sources
#4 內容壓縮:--compress Compress the build context using gzip
#4 跳過驗證:--disable-content-trust Skip image verification (default true)
#4 配置文件:-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
#4 移除容器:--force-rm Always remove intermediate containers
#4 編號文件: --iidfile string Write the image ID to the file
#4 設置標簽:--label list Set metadata for an image
#4 內存限制: -m, --memory bytes Memory limit
#4 限內開關:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
#4 網(wǎng)絡模式: --network string Set the networking mode for the RUN instructions during build (default "default")
#4 關閉緩存:--no-cache Do not use cache when building the image
#4 自動更新:--pull Always attempt to pull a newer version of the image
#4 移除容器:--rm Remove intermediate containers after a successful build (default true)
#4 安全選項:--security-opt strings Security options
#4 指定標簽:-t, --tag list Name and optionally a tag in the 'name:tag' format
#4 指定階段:--target string Set the target build stage to build
$ docker build -t webcentos:v1 . # . 是Dockerfile文件的路徑,不能忽略
$ docker images #查看是否創(chuàng)建成功
$ docker run –d webcentos:v1 #后臺運行容器
$ docker ps #查看當前運行中的容器
$ docker ps –a #查看所有容器,包括未運行中的
$ docker logs CONTAINER ID/IMAGE #如未查看到剛才運行的容器,則用容器id或者名字查看啟動日志排錯
$ docker commit fb2844b6c070 dtstackweb:v1 #commit 后接容器id 和構建新鏡像的名稱和版本號。
$ docker images #列出本地(已下載的和本地創(chuàng)建的)鏡像
$ docker push #將鏡像推送至遠程倉庫,默認為 Docker Hub
#2 傳到倉庫:registry
docker login --username=dtstack_plus registry.cn-shanghai.aliyuncs.com #執(zhí)行后輸入鏡像倉庫密碼
docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/dtstack123/test:[鏡像版本號]
docker push registry.cn-shanghai.aliyuncs.com/dtstack123/test:[鏡像版本號]
# ##############################################e
# ##############################################s
#方式3 :從本地導入一個
# cat ubuntu-14.04-x86_64-minimal.tar.gz |docker import - ubuntu:14.04
# docker images
# 存出:從本地倉庫導出鏡像到本地文件
# docker save -o ubuntu_14.04.tar ubuntu:14.04
# 載入:從本地文件導入鏡像到本地倉庫
# docker load --input ubuntu_14.04.tar
# 或
# udo docker load < ubuntu_14.04.tar
# 內核
#2 幫助:docker image --help
#2 語法:docker image COMMAND
#2 命令:
#3 從配構建
# build Build an image from a Dockerfile
#3 查看歷史
# history Show the history of an image
#3 導入創(chuàng)建
# import Import the contents from a tarball to create a filesystem image
#3 載入
load Load an image from a tar archive or STDIN
#3 列出
ls List images
inspect Display detailed information on one or more images
#3 下載
pull Pull an image or a repository from a registry
#3 上傳
push Push an image or a repository to a registry
#3 刪除
#4 指定鏡像
rm Remove one or more images
#4 刪除未用
prune Remove unused images
#4 保存
save Save one or more images to a tar archive (streamed to STDOUT by default)
#4 標簽
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
# 遇到問題
# 問題:刪除鏡像時提示image has dependent child images 錯誤
# 解決:docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
# 參考:https://blog.csdn.net/maxwell/article/details/78941552
容器管理
# 創(chuàng)建
#2 語法:docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Create a new container
#2 參數(shù):
#3 域名映射: --add-host list Add a custom host-to-IP mapping (host:ip)
#3 綁入出錯:-a, --attach list Attach to STDIN, STDOUT or STDERR
#3 添系兼容: --cap-add list Add Linux capabilities
#3 移系兼容: --cap-drop list Drop Linux capabilities
#3 編號文件:--cidfile string Write the container ID to the file
#3 添加主機:--device list Add a host device to the container
#3 限讀頻率:--device-read-bps list Limit read rate (bytes per second) from a device (default [])
#3 限讀頻率:--device-read-iops list Limit read rate (IO per second) from a device (default [])
#3 限寫頻率:--device-write-bps list Limit write rate (bytes per second) to a device (default [])
#3 限寫頻率:--device-write-iops list Limit write rate (IO per second) to a device (default [])
#3 跳過驗證:--disable-content-trust Skip image verification (default true)
#3 域名解服:--dns list Set custom DNS servers
#3 域名解參:--dns-option list Set DNS options
#3 域名解域:--dns-search list Set custom DNS search domains
#3 鏡像入口:--entrypoint string Overwrite the default ENTRYPOINT of the image
#3 環(huán)境變量:-e, --env list Set environment variables
#3 環(huán)境變量:--env-file list Read in a file of environment variables
#3 暴露端口:--expose list Expose a port or a range of ports
#3 添加群組:--group-add list Add additional groups to join
#3 健康檢查:--health-cmd string Command to run to check health
#3 健檢周期:--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
#3 健檢通知:--health-retries int Consecutive failures needed to report unhealthy
#3 健檢通知: --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
#3 健檢超時:--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
#3 主機名字:-h, --hostname string Container host name
#3 容初始化:Run an init inside the container that forwards signals and reaps processes
#3 綁定輸入:-i, --interactive Keep STDIN open even if not attached
# 主機地址:--ip string IPv4 address (e.g., 172.30.100.104)
# 主機地址:--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
# 容器隔離:--isolation string Container isolation technology
# 緩存限制:--kernel-memory bytes Kernel memory limit
# 容器標簽:-l, --label list Set meta data on a container
# 標簽文件:--label-file list Read in a line delimited file of labels
# 容器互聯(lián):--link list Add link to another container
# 容器互聯(lián):--link-local-ip list Container IPv4/IPv6 link-local addresses
# 日志驅動:--log-driver string Logging driver for the container
# 日驅選項:--log-opt list Log driver options
# 機器地址:--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
# 緩存限制:--memory bytes Memory limit
# 緩存限制:--memory-reservation bytes Memory soft limit
# 緩存限制:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
# 緩存限制:--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
# 文件掛載:--mount mount Attach a filesystem mount to the container
# 容器名字:--name string Assign a name to the container
# 連接網(wǎng)絡:--network string Connect a container to a network (default "default")
# 網(wǎng)絡別名:--network-alias list Add network-scoped alias for the container
# 健檢關閉:--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
# 容編前綴:--pid string PID namespace to use
# 容編限制:--pids-limit int Tune container pids limit (set -1 for unlimited)
# 擴展權限:--privileged Give extended privileges to this container
# 給主容端:-p, --publish list Publish a container's port(s) to the host
# 給主容端:-P, --publish-all Publish all exposed ports to random ports
# 文件只讀:--read-only Mount the container's root filesystem as read only
# 重啟策略:--restart string Restart policy to apply when a container exits (default "no")
# 退出刪容:--rm Automatically remove the container when it exits
# 緩存目錄:--runtime string Runtime to use for this container
# 安全選項:--security-opt list Security Options
--shm-size bytes Size of /dev/shm
# 關容信號:--stop-signal string Signal to stop a container (default "SIGTERM")
# 關容超時:--stop-timeout int Timeout (in seconds) to stop a container
# 存驅選項:--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
# 掛載目錄:--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
# 非限列表:--ulimit ulimit Ulimit options (default [])
# 用戶標識:-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
# 用戶名綴: --userns string User namespace to use
--uts string UTS namespace to use
# 綁數(shù)據(jù)卷:-v, --volume list Bind mount a volume
# 數(shù)卷驅動:--volume-driver string Optional volume driver for the container
# 綁數(shù)據(jù)卷:--volumes-from list Mount volumes from the specified container(s)
# 工作目錄:-w, --workdir string Working directory inside the container
$ docker images
# 用倉庫+標簽確定鏡像
$ docker create -it --name centos6_container centos:centos6
# docker create -it --name centos6_container 6a77ab6655b9 bash
$ docker ps -a
# 創(chuàng)數(shù)據(jù)卷+掛載目錄+指定名字
docker create -it --name centos6_container -v /src/webapp:/opt/webapp centos:centos6
# 啟動
#2 語法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Start one or more stopped containers
#2 參數(shù):
#3 綁定輸出:-a
#3 覆拆卸鑰: --detach-keys string
#3 綁定輸入:-i
$ docker start apache
$ docker start ubuntu
$ docker start ubuntu -i
# 進入
#2 語法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#2 描述:Run a command in a running container
-d, --detach Detached mode: run command in the background
--detach-keys string Override the key sequence for detaching a container
-e, --env list Set environment variables
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
-w, --workdir string Working directory inside the container
# 進入
#2 方式1:關閉的容器
#3 語法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#3 描述:Start one or more stopped containers
#2 方式2:運行中容器
#3 語法:docker attach [OPTIONS] CONTAINER
#3 描述:Attach local standard input, output, and error streams to a running container
#3 參數(shù):
#4 莫綁輸入: --no-stdin
#4 覆拆卸鑰: --detach-keys string
#4 代理信號:--sig-proxy
$ docker attach apache
#2 方式3:運行中容器
#3 語法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#3 描述:Run a command in a running container
#3 參數(shù):
#4 示例:docker container attach $(docker ps -l --format=' {{.ID}}')
# 退出
#2 方式1:關閉容器
$ exit
#2 方式2:不關容器
$ Ctrl+P+Q
# 停止
#2 語法:docker stop [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Stop one or more running containers
#2 參數(shù)
#3 延遲幾秒:-t int
$ docker stop apache
$ docker stop ubuntu -t 15
#2 語法:docker kill [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Kill one or more running containers
#2 參數(shù):
#3 發(fā)送信號:-s string
# 移除
#2 語法:docker rm [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Remove one or more containers
#2 參數(shù):
#3 強制刪除:-f
#3 刪數(shù)鏈接:-l
#3 刪數(shù)據(jù)卷:-v
#2 停止狀態(tài)
$ docker rm apache
#2 運行狀態(tài)
$ docker rm -f apache
$ docker rm -f ubuntu
$ docker rm -f 2d3c7afae625
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/enter.html
# 導出(備份)
#2 語法: docker export [OPTIONS] CONTAINER
#2 描述:Export a container's filesystem as a tar archive
#2 參數(shù):
#3 文件名字:-o string
$ docker export apache > ubuntu.tar
$ docker export apache -o ubuntu.tar
# 導入(恢復)
#2 語法:docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
#2 描述:Import the contents from a tarball to create a filesystem image
#2 參數(shù):
#3 配置文件:-c, --change list Apply Dockerfile instruction to the created image
#3 注釋信息:-m, --message string Set commit message for imported image
$ cat ubuntu.tar | sudo docker import - test/ubuntu:v1.0
# 運行
#2 語法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Run a command in a new container
#2 參數(shù):
#3 后臺運行:-d
#3 端口映射:-p
#3 環(huán)境變量:-e
#3 緩存大小:-m
#3 交互終端:-it
#3 主機名字:-h
#3 退出關閉:-rm
#3 工作目錄:-w
#3 容器名字:--name
# 后臺運行+指定名字
$ docker run -d --name apache e121d5f99e1e
$ docker run -d --name ubuntu 9b9cb95443b5 bash
$ docker run -it ubuntu 9b9cb95443b5 bash
# 查看
# 容器列表
#2 語法: docker ps [OPTIONS]
#2 描述:List containers
#2 參數(shù):
#3 顯示所有:-a
#3 條件過濾:-f
#3 美化輸出:--format
#3 最新幾條:-n
#3 最新一條:-l
#3 不截輸出:--no-trunc
#3 僅顯編號:-q
#3 顯示大?。?s
$ docker ps
$ docker ps -n 5
$ docker ps -l
$ docker ps --no-trunc
$ docker ps -q
$ docker ps -s
#2 流的狀態(tài)
#3 語法:docker stats [OPTIONS] [CONTAINER...]
#3 描述:Display a live stream of container(s) resource usage statistics
#3 參數(shù):
#2 端口列表
#3 語法:docker port CONTAINER [PRIVATE_PORT[/PROTO]]
#3 描述:List port mappings or a specific mapping for the container
$ docker port 0fb4a58d3982 #?
$ docker port apache #?
$ docker port ubuntu
#2 容器日志
#3 語法: docker logs [OPTIONS] CONTAINER
#3 描述:Fetch the logs of a container
#3 參數(shù):
#4 內容細節(jié):--details
#4 按照日志:-f
#4 從某時起:--since string
#4 最后幾行:--tail string
#4 顯示時間:-t
#4 在某時前:--until string
$ docker logs -f apache
$ docker logs 2d3c7afae625
$ docker logs ubuntu
#2 底層信息
#3 語法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#3 描述:Return low-level information on Docker objects
#3 參數(shù):
#4 美化輸出:-f string
#4 顯示大?。?c
#4 指定格式:--type string
$ docker inspect apache
$ docker inspect ubuntu
#2 列出進程
#3 語法: docker top CONTAINER [ps OPTIONS]
#3 描述:Display the running processes of a container
#2 文件差異
#3 語法: docker diff CONTAINER
#3 描述:Inspect changes to files or directories on a container's
# 修改
# 重新命名
#2 語法:docker rename CONTAINER NEW_NAME
#2 描述:Rename a container
# 重新啟動
#2 語法: docker restart [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Restart one or more containers
#2 參數(shù):
#3 延遲幾秒:-t int
# 暫停進程
#2 語法: docker pause CONTAINER [CONTAINER...]
#2 描述:Pause all processes within one or more containers
# 啟動進程
#2 語法:docker unpause CONTAINER [CONTAINER...]
#2 描述:Unpause all processes within one or more containers
# 更新配置
#2 語法:docker update [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Update configuration of one or more containers
#2 參數(shù):
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable
(default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--restart string Restart policy to apply when a container exits
##################################s
# 使用容器制作鏡像
# steps-01:進入容器
#2 交互終端
$ docker run –ti e121d5f99e1e /bin/bash
#2 后臺運行+指定名字
$ docker run -d --name apache e121d5f99e1e
#2 正在運行
$ docker exec -ti apache /bin/bash
# steps-02:修改容器
# steps-03:創(chuàng)建鏡像
#2 將容器做成鏡像
# 語法:docker commit containerID/containerName newImageName:tag
# 描述:Create a new image from a container's changes
# 參數(shù):
# 鏡像作者: -a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
# 配置文件: -c, --change list Apply Dockerfile instruction to the created image
# 注釋備注: -m, --message string Commit message
# 暫停進程:-p, --pause Pause container during commit (default true)
# 示例:
$ docker commit 4c8066cd8c01 apachephp:v1
# 參考:https://www.cnblogs.com/SzeCheng/p/6822905.html
倉庫管理
# 官方倉庫(公共倉庫)
#2 注冊
#3 語法:docker login [OPTIONS] [SERVER]
#3 參數(shù):
#4 指定密碼:-p string
#4 指定賬戶:-u string
#4 輸入輸密:--password-stdin
#3 注冊成功后,本地用戶目錄的 .dockercfg 中將保存用戶的認證信息。
$ docker login
#2 登錄
$ docker login
#2 注銷
#3 語法:docker logout [SERVER]
$ docker logout
# 基本操作
#2 搜索
$ sudo docker search centos
#2 下載
$ sudo docker pull centos
#2 上傳
$ docker push
# 自動創(chuàng)建
# 基礎鏡像:由 Docker 公司創(chuàng)建、驗證、支持、提供。這樣的鏡像往往使用單個單詞作為名字。
# 用戶鏡像:由 Docker 的用戶創(chuàng)建并維護的,往往帶有用戶名稱前綴。比如 tianon/centos 鏡像
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dockerhub.html
# 私有倉庫
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html
# 配置文件
搭建私庫
# 搭建(服務器)
#2 安裝鏡像:docker-registry
#2 運行容器: docker-registry
docker run -d -p 5000:5000 registry
#3 指定配置文件的位置:
-v /home/user/registry-conf:/registry-conf
#3 指定上傳鏡像的存放目錄:
-v /opt/data/registry:/tmp/registry
# 使用(客戶端)
# 安裝軟件
$ sudo yum install -y python-devel libevent-devel python-pip gcc xz-devel
$ sudo python-pip install docker-registry
# 修改配置
$ cp config/config_sample.yml config/config.yml
# 啟動容器
$ sudo gunicorn -c contrib/gunicorn.py docker_registry.wsgi:application
# 驗證查看
$ curl ...
# 搜索鏡像
$ docker images
$ docker tag ba58 192.168.7.26:5000/test
# 上傳鏡像
$ docker push 192.168.7.26:5000/test
# 下載鏡像
$ docker pull 192.168.7.26:5000/test
# 查看鏡像
$ curl http://192.168.7.26:5000/v1/search
# 批量上傳
$ wget https://github.com/yeasy/docker_practice/raw/master/_local/push_images.sh; sudo chmod a+x push_images.sh
$ ./push_images.sh ubuntu:latest centos:centos7
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html
配置文件
參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/config.html
管數(shù)據(jù)卷
# 用途
1. 繞過“拷貝寫”系統(tǒng),以達到本地磁盤IO的性能,(比如運行一個容器,在容器中對數(shù)據(jù)卷修改內容,會直接改變宿主機上的數(shù)據(jù)卷中的內容,所以是本地磁盤IO的性能,而不是先在容器中寫一份,最后還要將容器中的修改的內容拷貝出來進行同步。)
2. 繞過“拷貝寫”系統(tǒng),有些文件不需要在docker commit打包進鏡像文件。
3. 在多個容器之間共享目錄 :使用數(shù)據(jù)卷容器
4. 在宿主和容器間共享目錄
5. 在宿主和容器間共享文件
# 創(chuàng)建
# 語法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 方式1:使用 -v 標記
# docker run -d -P --name web -v /webapp training/webapp python app.py
#3 create a container
$ docker images
$ docker run --name data -v /opt/data -t -i docker.io/ubuntu /bin/bash
#3 do in container
$ cd /opt/data
$ ls
$ echo "123" > 123
$ echo "123123" > 123123
$ ls
#3 do in the vm
# $ exit #退出時關閉容器
$ Ctrl+P+Q #退出時不關容器
$ docker ps
$ docker inspect data|grep /var/lib/docker/volumes
$ sudo ls /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data
$ sudo su
$ echo "asdhfjashdfjk" >> /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data/123
#3 do in container
# $ docker start -i data #exit時用
$ docker attach data
$ ls /opt/data
$ cat /opt/data/123
#2 方式2:也可在 Dockerfile 中使用 VOLUME
# 添加一個或者多個新的卷到由該鏡像創(chuàng)建的任意容器
# 掛載
# 掛載目錄:-v
# docker run -d -P --name web -v /src/webapp:/opt/webapp training/webapp python app.py
# 指定權限::ro
#2 只讀::ro
# docker run -d -P --name web -v /src/webapp:/opt/webapp:ro training/webapp python app.py
#2 讀寫:
# 掛載文件:-v
# docker run --rm -it -v ~/.bash_history:/.bash_history ubuntu /bin/bash
# 后臺運行:-d
# 端口映射:-p
# 環(huán)境變量:-v
# 緩存大小:-m
# 交互終端:-it
# 主機名字:-h
# 退出關閉:-rm
# 工作目錄:-w
# 容器名字:--name
# 備份
# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
# tar /backup/backup.tar (待查看命令)
# 恢復
# docker run -v /dbdata --name dbdata2 ubuntu /bin/bash
# docker run --volumes-from dbdata2 -v $(pwd):/backup busybox tar xvf
/backup/backup.tar
# 遷移
# 查看
#2 語法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#2 語法:grep [-HhnlLoqvsriwFE] [-m N] [-A/B/C N] PATTERN/-e PATTERN.../-f FILE [FILE]..
# docker inspect data|grep /var/lib/docker/volumes
# 刪除
# 方式1:刪除容器時
# docker rm -v
# 方式2:運行容器時
# docker run --rm
# 創(chuàng)建數(shù)據(jù)卷容器
# docker run -d -v /dbdata --name dbdata training/postgres echo Data-only container for postgres
# 使用數(shù)據(jù)卷容器
# docker run -d --volumes-from dbdata --name db1 training/postgres
# 參考:https://www.cnblogs.com/kevingrace/p/6238195.html
# https://blog.csdn.net/u013246898/article/details/53133220
# https://www.cnblogs.com/sawyerlsy/p/7273161.html
訪問控制
# 容器訪問外部網(wǎng)絡:'端口映射'
#2 前提條件
#3 需要本地系統(tǒng)的轉發(fā)支持
#4 查防火墻
$ sudo sysctl net.ipv4.ip_forward
#4 開防火墻
$ sudo sysctl -w net.ipv4.ip_forward=1
#2 簡單示例
$ sudo docker run -d -P training/webapp python app.py
$ sudo docker ps -l
$ sudo docker logs -f nostalgic_boyd
# 默認協(xié)議所有地址隨機端口
sudo docker run -d -P training/webapp python app.py
# 默認協(xié)議所有地址指定端口
$ sudo docker run -d -p 5000:5000 training/webapp python app.py
# 默認協(xié)議指定地址隨機端口
$ sudo docker run -d -p 127.0.0.1::5000 training/webapp python app.py
# 默認協(xié)議指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py
# 指定協(xié)議指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py
# 標記多個地址或者多個端口
$ sudo docker run -d -p 5000:5000 -p 3000:80 training/webapp python app.py
# 查看本地與容器的端口映射
$ docker port nostalgic_boyd 5000
# 備注:容器有自己的內部網(wǎng)絡和 ip 地址
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/port_mapping.html
# 各個容器之間訪問:容器互聯(lián)
#2 前提條件
#3 容器的網(wǎng)絡拓撲是否已經(jīng)互聯(lián)。默認情況下,所有容器都會被連接到 docker0 網(wǎng)橋上
#3 需要本地系統(tǒng)的轉發(fā)支持
#2 簡單示例
#3 建數(shù)據(jù)庫容器
$ sudo docker run -d --name db training/postgres
#3 刪除網(wǎng)頁容器
$ docker rm -f web
#3 創(chuàng)建網(wǎng)頁容器+建立容器鏈接
$ sudo docker run -d -P --name web --link db:db training/webapp python app.py
#3 查看容器連接
$ docker ps
#3 查看容器環(huán)境變量:通過env命令
$ sudo docker run --rm --name web2 --link db:db training/webapp env
#3 查看容器環(huán)境變量:通過hosts文件
cat /etc/hosts
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/linking.html
https://blog.csdn.net/ynhzdxc/article/details/70536695
https://blog.csdn.net/fighterandknight/article/details/72513814
# 訪問所有端口切換
# --icc=true
# 或在 /etc/default/docker 文件中配置 DOCKER_OPTS=--icc=true
# 設置訪問指定端口
端口映射
# 容器訪問外部實現(xiàn)
# 注釋:容器所有到外部網(wǎng)絡的連接,源地址都會被NAT成本地系統(tǒng)的IP地址。
# 注釋:這是使用 iptables 的源地址偽裝操作實現(xiàn)的。
# 查看主機的 NAT 規(guī)則
$ sudo iptables -t nat -nL
# 外部訪問容器實現(xiàn)
# 在 docker run 時候通過 -p 或 -P 參數(shù)來啟用
#2 查看主機的 NAT 規(guī)則
$ sudo iptables -t nat -nL
#2 指定端口
#2 指定地址:-p IP:host_port:container_port
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/con_port_mapping.html
域名管理
# 語法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
# 主機名字
# -h HOSTNAME or --hostname=HOSTNAME
# 注釋:設定容器的主機名字,它會被寫到容器內的 /etc/hostname 和 /etc/hosts。
# 主機別名
# --link=CONTAINER_NAME:ALIAS
# 情景:在創(chuàng)建容器的時候,添加一個其他容器的主機別名到 /etc/hosts 文件中
# 讓新容器的進程可以使用主機別名 ALIAS 就可以連接它。
# 指定容器dns服務器地址
# --dns=IP_ADDRESS
# 情景:添加 DNS 服務器地址到容器的 /etc/resolv.conf 中,讓容器用這個服務器來解析所有不在 /etc/hosts 中的主機名。
# 設定某容器的dns搜索域
# --dns-search=DOMAIN
# 容器默認的dsn配置文件
# 如果沒有指定容器的dns配置,Docker 會默認用主機上的 /etc/resolv.conf 來配置容器。
# 情景:宿主主機 DNS 信息發(fā)生更新后,所有 Docker 容器的 dns 配置通過 /etc/resolv.conf 文件立刻得到更新。
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dns.html
網(wǎng)橋管理
############################默認網(wǎng)橋
# 創(chuàng)建
# Docker 服務默認會創(chuàng)建一個 docker0 網(wǎng)橋(其上有一個 docker0 內部接口),
# 它在內核層連通了其他的物理或虛擬網(wǎng)卡,
# 這就將所有容器和本地主機都放到同一個物理網(wǎng)絡。
--bip=CIDR -- IP 地址加掩碼格式
--mtu=BYTES -- 接口允許接收的最大傳輸單元
# 查看
sudo brctl show
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/docker0.html
############################自定網(wǎng)橋
# 刪除
$ sudo service docker stop
$ sudo ip link set dev docker0 down
$ sudo brctl delbr docker0
# 創(chuàng)建
$ sudo brctl addbr bridge0
$ sudo ip addr add 192.168.5.1/24 dev bridge0
$ sudo ip link set dev bridge0 up
$ ip addr show bridge0 # 查看確認
# 配置:docker服務
echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker
# 啟動:docker服務
sudo service docker star
# 知識儲備:
# 查看橋接信息
brctl show
# 查看ip地址配置
ip addr
# 查看ip路由信息
ip route
# 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/bridge.html
############################自定網(wǎng)橋:win7環(huán)境
網(wǎng)絡流轉:win7->宿主機->容器
# 參考:https://blog.csdn.net/ynhzdxc/article/details/70536695
https://blog.csdn.net/qq_29245097/article/details/52996911
http://wiki.jikexueyuan.com/project/docker-technology-and-combat/pull.html
https://www.cnblogs.com/Leo_wl/p/5955414.html
https://www.cnblogs.com/SzeCheng/p/6822905.html
查看幫助
# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default
"/home/docker/.docker")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level
("debug"|"info"|"warn"|"error"|"fatal")
(default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default
"/home/docker/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default
"/home/docker/.docker/cert.pem")
--tlskey string Path to TLS key file (default
"/home/docker/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
config Manage Docker configs
container Manage containers
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command
版本信息
# docker@default:~$ docker version
Client:
Version: 18.06.0-ce
API version: 1.38
Go version: go1.10.3
Git commit: 0ffa825
Built: Wed Jul 18 19:04:39 2018
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.06.0-ce
API version: 1.38 (minimum version 1.12)
Go version: go1.10.3
Git commit: 0ffa825
Built: Wed Jul 18 19:13:39 2018
OS/Arch: linux/amd64
Experimental: false
信息狀態(tài)
$ docker inspect ubuntu
[
{
"Id": "68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c",
"Created": "2018-07-29T14:29:11.525395261Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-07-29T14:29:12.520176898Z",
"FinishedAt": "2018-07-29T14:29:12.905744977Z"
},
"Image": "sha256:9b9cb95443b5f846cd3c8cfa3f64e63b6ba68de2618a08875a119c81a8f96698",
"ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/resolv.conf",
"HostnamePath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hostname",
"HostsPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hosts",
"LogPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c-json.log",
"Name": "/ubuntu",
"RestartCount": 0,
"Driver": "aufs",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "shareable",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": null,
"Name": "aufs"
},
"Mounts": [],
"Config": {
"Hostname": "68550c2b2628",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"ArgsEscaped": true,
"Image": "9b9cb95443b5",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "c67f46813c6e71b611a812cd3e7c06127f2a288fb83f085f11e869cfd8b680b6",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/c67f46813c6e",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "99c7a9910a515a5f3889ebbc9f99078399728cf8b12d79ec26e9e91c4dfb5e7f",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
全局信息
# 查看
$ docker info
# 容器
# 容器數(shù)量
Containers: 1
# 正在運行
Running: 1
# 正在暫停
Paused: 0
# 已經(jīng)停止
Stopped: 0
# 鏡像
# 鏡像數(shù)量
Images: 6
# 主機
# 主機版本
Server Version: 18.06.0-ce
# 驅動
# 驅動類型
Storage Driver: aufs
# 其根目錄
Root Dir: /mnt/sda1/var/lib/docker/aufs
# 后臺系統(tǒng)
Backing Filesystem: extfs
# 目錄數(shù)量
Dirs: 28
# 目錄權限
Dirperm1 Supported: true
# 日志驅動
Logging Driver: json-file
# 群組驅動
Cgroup Driver: cgroupfs
# 關于插件
Plugins:
#其數(shù)據(jù)卷
Volume: local
# 網(wǎng)絡
Network: bridge host macvlan null overlay
# 日志
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
# 集群
Swarm: inactive
# 緩存
Runtimes: runc
Default Runtime: runc
# 初始
Init Binary: docker-init
containerd version: d64c661f1d51c48782c9cec8fda7604785f93587
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
# 安全選項
Security Options:
seccomp
Profile: default
#
Kernel Version: 4.9.93-boot2docker
# 操作系統(tǒng)
Operating System: Boot2Docker 18.06.0-ce (TCL 8.2.1); HEAD : 1f40eb2 - Thu Jul 19 18:48:09 UTC 2018
# 系統(tǒng)類型
OSType: linux
# 特性
Architecture: x86_64
# 內核數(shù)量
CPUs: 1
Total Memory: 995.6MiB
# 用戶名字
Name: default
ID: UL72:EAQP:IIPC:XM3R:7CEB:FOAP:LXPL:SZAS:NLZ5:OXOT:YTGW:6N4K
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
provider=virtualbox
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
幫助
配置管理
Usage: docker config COMMAND
Manage Docker configs
Commands:
create Create a config from a file or STDIN
inspect Display detailed information on one or more configs
ls List configs
rm Remove one or more configs
Run 'docker config COMMAND --help' for more information on a command.
# 創(chuàng)建
Usage: docker config create [OPTIONS] CONFIG file|-
Create a config from a file or STDIN
Options:
-l, --label list Config labels
--template-driver string Template driver
# 查看
#2 列出文件
Usage: docker config ls [OPTIONS]
List configs
Aliases:
ls, list
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print configs using a Go template
-q, --quiet Only display IDs
#2 顯示詳情
Usage: docker config inspect [OPTIONS] CONFIG [CONFIG...]
Display detailed information on one or more configs
Options:
-f, --format string Format the output using the given Go template
--pretty Print the information in a human friendly format
# 移除
Usage: docker config rm CONFIG [CONFIG...]
Remove one or more configs
Aliases:
rm, remove
容器管理
Usage: docker container COMMAND
Manage containers
Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
exec Run a command in a running container
export Export a container's filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.
鏡像管理
Usage: docker image COMMAND
Manage images
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
網(wǎng)絡管理
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
節(jié)點管理
Usage: docker node COMMAND
Manage Swarm nodes
Commands:
demote Demote one or more nodes from manager in the swarm
inspect Display detailed information on one or more nodes
ls List nodes in the swarm
promote Promote one or more nodes to manager in the swarm
ps List tasks running on one or more nodes, defaults to current node
rm Remove one or more nodes from the swarm
update Update a node
Run 'docker node COMMAND --help' for more information on a command.
插件管理
Usage: docker plugin COMMAND
Manage plugins
Commands:
create Create a plugin from a rootfs and configuration. Plugin data directory must contain config.json and rootfs directory.
disable Disable a plugin
enable Enable a plugin
inspect Display detailed information on one or more plugins
install Install a plugin
ls List plugins
push Push a plugin to a registry
rm Remove one or more plugins
set Change settings for a plugin
upgrade Upgrade an existing plugin
Run 'docker plugin COMMAND --help' for more information on a command.
加密管理
Usage: docker secret COMMAND
Manage Docker secrets
Commands:
create Create a secret from a file or STDIN as content
inspect Display detailed information on one or more secrets
ls List secrets
rm Remove one or more secrets
Run 'docker secret COMMAND --help' for more information on a command.
服務管理
Usage: docker service COMMAND
Manage services
Commands:
create Create a new service
inspect Display detailed information on one or more services
logs Fetch the logs of a service or task
ls List services
ps List the tasks of one or more services
rm Remove one or more services
rollback Revert changes to a service's configuration
scale Scale one or multiple replicated services
update Update a service
Run 'docker service COMMAND --help' for more information on a command.
棧的管理
Usage: docker stack [OPTIONS] COMMAND
Manage Docker stacks
Options:
--orchestrator string Orchestrator to use (swarm|kubernetes|all)
Commands:
deploy Deploy a new stack or update an existing stack
ls List stacks
ps List the tasks in the stack
rm Remove one or more stacks
services List the services in the stack
Run 'docker stack COMMAND --help' for more information on a command.
集群管理
Usage: docker swarm COMMAND
Manage Swarm
Commands:
ca Display and rotate the root CA
init Initialize a swarm
join Join a swarm as a node and/or manager
join-token Manage join tokens
leave Leave the swarm
unlock Unlock swarm
unlock-key Manage the unlock key
update Update the swarm
Run 'docker swarm COMMAND --help' for more information on a command.
系統(tǒng)管理
Usage: docker system COMMAND
Manage Docker
Commands:
df Show docker disk usage
events Get real time events from the server
info Display system-wide information
prune Remove unused data
Run 'docker system COMMAND --help' for more information on a command.
信任管理
Usage: docker trust COMMAND
Manage trust on Docker images
Management Commands:
key Manage keys for signing Docker images
signer Manage entities who can sign Docker images
Commands:
inspect Return low-level information about keys and signatures
revoke Remove trust for an image
sign Sign an image
Run 'docker trust COMMAND --help' for more information on a command.
管數(shù)據(jù)卷
Usage: docker volume COMMAND
Manage volumes
Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove all unused local volumes
rm Remove one or more volumes
Run 'docker volume COMMAND --help' for more information on a command.
配置文件
# 結構
# 指令:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/instructions.html
# 創(chuàng)建鏡像:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/build_image.html
底層實現(xiàn)
# 基本架構:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/arch.html
# 命令空間
#2 參考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/namespace.html
# 控制小組
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/cgroups.html
# 文件系統(tǒng)
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/ufs.html
# 容器格式
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/container_format.html
# 網(wǎng)絡實現(xiàn)
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/network.html
組合項目
# 簡介:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/intro.html
#安裝
#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/install.html
# 使用
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/usage.html
#命令
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/commands.html
# 配置
#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/yaml_file.html
實例
使用示例
# 前段開發(fā)者的docker之旅:nginx
# steps-01:編寫 Dockerfile
# steps-02:構建 Docker Image
# steps-03:部署 Docker Image
# 全棧開發(fā)者的docker之旅:nodejs
# 后端開發(fā)者的docker之旅:nodejs
# 后端開發(fā)者的docker之旅:php
# 目錄掛載-win7:https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html
# 搭建開發(fā)環(huán)境:nodejs
# https://segmentfault.com/a/1190000007955073
# 搭建開發(fā)環(huán)境:php
# https://segmentfault.com/a/1190000006802383
# https://segmentfault.com/a/1190000013020851
# 搭建開發(fā)環(huán)境:lnmp
# https://segmentfault.com/a/1190000011908990
# 搭建開發(fā)環(huán)境:java
# https://segmentfault.com/a/1190000006843830
# 搭建集群環(huán)境:ELK
# https://segmentfault.com/a/1190000004411703
# 搭建集群環(huán)境:redis
# https://segmentfault.com/a/1190000004353368
# 參考:http://guide.daocloud.io/dcs/hello-docker-9153901.html
# http://guide.daocloud.io/dcs/hello-dockernode-js-9153948.html
