- 帮助命令
- 镜像命令
- 容器命令
- 命令: docker run -d 镜像名
- 问题:运行docker ps时,发现后台启动的centos容器停止了
- 常见的坑,docker 容器使用后台进程,就必须要有一个前台进程,docker发现没有应用(前台应用)了,就会自动停止
- 命令: docker top 容器id
- 我们的容器通常都是使用后台方式运行的,此时我们需要进入容器,比如说修改一些配置
- 方法一: docker exec -it 容器id BashShell
- 测试
- 方式二: docker attach 容器id
- docker exec ## 进入容器后开启一个新的终端,可以在里面操作
- docker attach ## 进入容器正在执行的终端,不会启动新的进程
- 命令小节
- 作业练习
- 可视化管理
帮助命令
docker version # docker版本信息docker info # 显示docker的系统信息,包括镜像容器的数量docker 命令 --help # 帮助命令
还可以查询在线文档:https://docs.docker.com/reference/
镜像命令
docker images
查看所有本地的主机上的镜像
root@kylin:~# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEhello-world latest bf756fb1ae65 7 months ago 13.3kB#解释REPOSITORY 镜像的仓库源TAG 镜像的标签IMAGE ID 镜像的IDCREATED 镜像的创建时间SIZE 镜像的大小#可选项-a, --all #列出所有的镜像-q, --quiet #只列出镜像的id
docker search 搜索镜像
root@kylin:~# docker search mysqlNAME DESCRIPTION STARS OFFICIAL AUTOMATEDmysql MySQL is a widely used, open-source relation… 9806 [OK]mariadb MariaDB is a community-developed fork of MyS… 3581 [OK]mysql/mysql-server Optimized MySQL Server Docker images. Create… 719# 可选项--filter=STARS=3000 #搜索出来的镜像就是stars大于3000的
docker pull 下载镜像
#下载镜像 docker pull mysql =等价于= docker pull docker.io/library/mysql:latestroot@kylin:~# docker pull mysqlUsing default tag: latest #如果不写 TAG ,默认就是latestlatest: Pulling from library/mysqlbf5952930446: Pull complete #分成下载,docker image的核心,联合文件系统8254623a9871: Pull complete938e3e06dac4: Pull completeea28ebf28884: Pull completef3cef38785c2: Pull complete894f9792565a: Pull complete1d8a57523420: Pull complete6c676912929f: Pull completeff39fdb566b4: Pull completefff872988aba: Pull complete4d34e365ae68: Pull complete7886ee20621e: Pull completeDigest: sha256:c358e72e100ab493a0304bda35e6f239db2ec8c9bb836d8a427ac34307d074ed #签名Status: Downloaded newer image for mysql:latestdocker.io/library/mysql:latest #真实地址#指定版本下载root@kylin:~# docker pull mysql:5.7 #指定版本为5.75.7: Pulling from library/mysqlbf5952930446: Already exists8254623a9871: Already exists938e3e06dac4: Already exists #已经存在的就不用下载了ea28ebf28884: Already existsf3cef38785c2: Already exists894f9792565a: Already exists1d8a57523420: Already exists5f09bf1d31c1: Pull complete1b6ff254abe7: Pull complete #下载不存在的74310a0bf42d: Pull completed398726627fd: Pull completeDigest: sha256:da58f943b94721d46e87d5de208dc07302a8b13e638cd1d24285d222376d6d84Status: Downloaded newer image for mysql:5.7docker.io/library/mysql:5.7
docker rmi 删除镜像
docker rmi -f [DockerID | Docker Repository:TAG|...] #删除(多个)指定的镜像docker rmi -f $(docker images -aq) #删除全部的镜像
容器命令
注意:有了镜像才可以创建容器
先拉取一个镜像
docker pull centos
新建容器并启动
docker run [可选参数] imageName# 参数说明--name="Name" 容器名字,例如:Tomcat01 Tomcat02 Tomcat03 (可以通过一个镜像启动多个容器)-d 后台方式运行-i 使用交互方式运行,进入容器查看内容-p 指定容器的端口 -p 8080:8080-p ip:主机端口:容器端口-p 主机端口:容器端口-p 容器端口容器端口-P 随机指定端口#举例:#测试:启动并进入容器root@kylin:~# docker run -it centos /bin/bash[root@23ac88ddce9c /]# ls #仔细看,主机名称变了.主机名就是容器ID,基础版本,命令不完善bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var#通过exit退出容器[root@23ac88ddce9c /]# exitexitroot@kylin:~#
列出所有的运行中的容器
docker ps# 不加参数,列出当前运行的容器-a # 列出 当前正在运行的容器+历史运行过的容器-n=? #显示最近创建的容器,n是个数,让他显示几个-q #只显示容器的编号(容器ID)举例:root@kylin:~# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES23ac88ddce9c centos "/bin/bash" 7 minutes ago Exited (127) 3 minutes ago recursing_brattain256394fc88b6 bf756fb1ae65 "/hello" 2 hours ago Exited (0) 2 hours ago boring_ishizaka8ee9a5fce36c bf756fb1ae65 "/hello" 4 hours ago Exited (0) 4 hours ago focused_wilburf8e654c7ec9a bf756fb1ae65 "/hello" 4 hours ago Exited (0) 4 hours ago boring_chateletroot@kylin:~#
退出容器
exit #容器直接停止并退出Ctrl + P + Q #容器不停止退出
删除容器
docker rm 容器ID #删除指定容器,不能删除正在运行的容器,除非使用 -f 参数docker rm -f $(docker ps -aq) #删除全部容器docker ps -a -q | xargs docker rm -f #删除全部容器
启动和停止容器的操作
docker start 容器id # 启动容器docker stop 容器id # 停止当前正在运行的容器docker restart 容器id # 重启容器docker kill 容器id # 强制停止当前容器
常用其他命令
后台启动容器
root@kylin:~# docker run -d centos 682170d085f07ded7d0f2699b2717c1a548f54916e40463f486dc2005afd5d00
问题:运行docker ps时,发现后台启动的centos容器停止了
常见的坑,docker 容器使用后台进程,就必须要有一个前台进程,docker发现没有应用(前台应用)了,就会自动停止
比如说:我们以后台方式启动了一个nginx,容器启动后,发现自己没有提供服务,就会立刻停止,就是没有程序了(nginx被停止了)
<a name="4a15fca2"></a>### 查看日志命令- docker logs [-f | --tail n] -t 容器id```shelldocker logs [-f | --tail n] -t 容器id#自己编写一段shell脚本root@kylin:~# docker run -d centos /bin/sh -c "while true;do echo hello_kylin;sleep 1 ;done"root@kylin:~# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES184a25f33373 centos "/bin/sh -c 'while t…" 1 second ago Up 1 second peaceful_wing#显示日志-f # 来一条输出一条-t # 时间戳--tail number # 要显示的日志条数root@kylin:~# docker logs --tail 10 -t 184a25f33373
查看容器中的进程信息
root@kylin:~# docker top 184a25f33373 UID PID PPID C STIME TTY TIME CMD root 26837 26802 0 15:37 ? 00:00:00 /bin/sh -c while true;do echo hello_kylin;sleep 1 ;done root 26967 26837 0 15:37 ? 00:00:00 /usr/bin/coreutils —coreutils-prog-shebang=sleep /usr/bin/sleep 1 root@kylin:~#
<a name="70b1e21e"></a>### 查看镜像的元数据- docker inspect 容器id```shell#命令: docker inspect 容器idroot@kylin:~# docker inspect efcdb5da3d6e[{"Id": "efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640","Created": "2020-08-07T07:37:10.150712929Z","Path": "/bin/sh","Args": ["-c","while true;do echo hello_kylin;sleep 1 ;done"],"State": {"Status": "running","Running": true,"Paused": false,"Restarting": false,"OOMKilled": false,"Dead": false,"Pid": 26837,"ExitCode": 0,"Error": "","StartedAt": "2020-08-07T07:37:10.552751362Z","FinishedAt": "0001-01-01T00:00:00Z"},"Image": "sha256:831691599b88ad6cc2a4abbd0e89661a121aff14cfa289ad840fd3946f274f1f","ResolvConfPath": "/var/lib/docker/containers/efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640/resolv.conf","HostnamePath": "/var/lib/docker/containers/efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640/hostname","HostsPath": "/var/lib/docker/containers/efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640/hosts","LogPath": "/var/lib/docker/containers/efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640/efcdb5da3d6e176392b53b8da6ef1633e5d13b5beb529ee835db6f98e1587640-json.log","Name": "/reverent_mclean","RestartCount": 0,"Driver": "overlay2","Platform": "linux","MountLabel": "","ProcessLabel": "","AppArmorProfile": "docker-default","ExecIDs": null,"HostConfig": {"Binds": null,"ContainerIDFile": "","LogConfig": {"Type": "json-file","Config": {}},"NetworkMode": "default","PortBindings": {},"RestartPolicy": {"Name": "no","MaximumRetryCount": 0},"AutoRemove": false,"VolumeDriver": "","VolumesFrom": null,"CapAdd": null,"CapDrop": null,"Capabilities": null,"Dns": [],"DnsOptions": [],"DnsSearch": [],"ExtraHosts": null,"GroupAdd": null,"IpcMode": "private","Cgroup": "","Links": null,"OomScoreAdj": 0,"PidMode": "","Privileged": false,"PublishAllPorts": false,"ReadonlyRootfs": false,"SecurityOpt": null,"UTSMode": "","UsernsMode": "","ShmSize": 67108864,"Runtime": "runc","ConsoleSize": [0,0],"Isolation": "","CpuShares": 0,"Memory": 0,"NanoCpus": 0,"CgroupParent": "","BlkioWeight": 0,"BlkioWeightDevice": [],"BlkioDeviceReadBps": null,"BlkioDeviceWriteBps": null,"BlkioDeviceReadIOps": null,"BlkioDeviceWriteIOps": null,"CpuPeriod": 0,"CpuQuota": 0,"CpuRealtimePeriod": 0,"CpuRealtimeRuntime": 0,"CpusetCpus": "","CpusetMems": "","Devices": [],"DeviceCgroupRules": null,"DeviceRequests": null,"KernelMemory": 0,"KernelMemoryTCP": 0,"MemoryReservation": 0,"MemorySwap": 0,"MemorySwappiness": null,"OomKillDisable": false,"PidsLimit": null,"Ulimits": null,"CpuCount": 0,"CpuPercent": 0,"IOMaximumIOps": 0,"IOMaximumBandwidth": 0,"MaskedPaths": ["/proc/asound","/proc/acpi","/proc/kcore","/proc/keys","/proc/latency_stats","/proc/timer_list","/proc/timer_stats","/proc/sched_debug","/proc/scsi","/sys/firmware"],"ReadonlyPaths": ["/proc/bus","/proc/fs","/proc/irq","/proc/sys","/proc/sysrq-trigger"]},"GraphDriver": {"Data": {"LowerDir": "/var/lib/docker/overlay2/f09da2d1405d4a179b08d07f411de6718ec4f18af5e74ffbe38f589833014abc-init/diff:/var/lib/docker/overlay2/bcbf6ee4f639ce394d8eac3304e8eaa22e0ccab8c7c237c1209f966a02020fbc/diff","MergedDir": "/var/lib/docker/overlay2/f09da2d1405d4a179b08d07f411de6718ec4f18af5e74ffbe38f589833014abc/merged","UpperDir": "/var/lib/docker/overlay2/f09da2d1405d4a179b08d07f411de6718ec4f18af5e74ffbe38f589833014abc/diff","WorkDir": "/var/lib/docker/overlay2/f09da2d1405d4a179b08d07f411de6718ec4f18af5e74ffbe38f589833014abc/work"},"Name": "overlay2"},"Mounts": [],"Config": {"Hostname": "efcdb5da3d6e","Domainname": "","User": "","AttachStdin": false,"AttachStdout": false,"AttachStderr": false,"Tty": false,"OpenStdin": false,"StdinOnce": false,"Env": ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd": ["/bin/sh","-c","while true;do echo hello_kylin;sleep 1 ;done"],"Image": "centos","Volumes": null,"WorkingDir": "","Entrypoint": null,"OnBuild": null,"Labels": {"org.label-schema.build-date": "20200611","org.label-schema.license": "GPLv2","org.label-schema.name": "CentOS Base Image","org.label-schema.schema-version": "1.0","org.label-schema.vendor": "CentOS"}},"NetworkSettings": {"Bridge": "","SandboxID": "5f66d3b8f7b753093ab05841bbdc09a5d197a895135882ba2e2108f9e92695c1","HairpinMode": false,"LinkLocalIPv6Address": "","LinkLocalIPv6PrefixLen": 0,"Ports": {},"SandboxKey": "/var/run/docker/netns/5f66d3b8f7b7","SecondaryIPAddresses": null,"SecondaryIPv6Addresses": null,"EndpointID": "c5f2d27fe408f1217d415e53500674a1021aae67a198be49525b7a27800382fc","Gateway": "172.17.0.1","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"IPAddress": "172.17.0.2","IPPrefixLen": 16,"IPv6Gateway": "","MacAddress": "02:42:ac:11:00:02","Networks": {"bridge": {"IPAMConfig": null,"Links": null,"Aliases": null,"NetworkID": "ccf4aa14b8dc58dd94d81c99dfaf19ca289c994012e89d5b58be9727932d40e8","EndpointID": "c5f2d27fe408f1217d415e53500674a1021aae67a198be49525b7a27800382fc","Gateway": "172.17.0.1","IPAddress": "172.17.0.2","IPPrefixLen": 16,"IPv6Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"MacAddress": "02:42:ac:11:00:02","DriverOpts": null}}}}]
进入当前正在运行的容器
方法一: docker exec -it 容器id BashShell
测试
root@kylin:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES efcdb5da3d6e centos “/bin/sh -c ‘while t…” 7 minutes ago Up 7 minutes reverent_mclean root@kylin:~# docker exec -it efcdb5da3d6e /bin/bash [root@efcdb5da3d6e /]#
方式二: docker attach 容器id
两种方法的区别:
docker exec ## 进入容器后开启一个新的终端,可以在里面操作
docker attach ## 进入容器正在执行的终端,不会启动新的进程
<a name="wM4wa"></a>### 从容器内拷贝文件到主机上- docker cp 容器id:容器内路径 目的主机路径```shell命令: docker cp 容器id:容器内路径 目的主机路径#测试:#在容器内新建文件 aaa.kkk[root@4be7c5a522b2 home]# ls[root@4be7c5a522b2 home]# touch aaa.kkk[root@4be7c5a522b2 home]# lsread escape sequence#在主机查看,然后将文件拷贝出来后再查看root@kylin:/home# lskylin.aroot@kylin:/home# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES4be7c5a522b2 centos "/bin/bash" 3 minutes ago Up 3 minutes stupefied_lehmannroot@kylin:/home# docker cp 4be7c5a522b2:/home/aaa.kkk .root@kylin:/home# lsaaa.kkk kylin.a#拷贝只是一个手动过程,未来我们使用 -v 卷的技术,可以实现自动同步
命令小节
attach # 当前shell下attach连接指定运行镜像build # 通过dockerfile定制镜像commit # 提交当前容器为新的镜像cp # 从容器中拷贝指定文件或者目录到宿主机中create # 创建一个新的容器,同run 但不启动容器diff # 查看docker 容器变化events # 从docker 服务获取容器实时事件exec # 在已存在的容器上运行命令export # 导出容器的内容作为一个 tar 归档文件[对应import]history # 展示一个镜像形成历史images # 列出系统当前镜像import # 从tar包中的内容创建一个新的文件系统映像[对应export]info # 显示系统相关信息inspect # 查看容器详细信息kill # kill 指定容器load # 从一个tar 包中加载一个镜像[对应save]login # 注册或者登陆一个docker源服务器logout # 从当前docker registry退出logs # 输出当前容器日志信息port # 查看映射端口对应的容器内部源端口pause # 暂停容器ps # 列出容器列表pull # 从docker镜像源服务器拉取指定镜像或者库镜像push # 推送指定镜像或者库镜像至docker源服务器restart # 重启运行的容器rm # 移除一个或者多个容器rmi # 移除一个或多个镜像[无容器使用该镜像才可删除,否则需要删除相关容器才可继续或 -f 强制删除]run # 创建一个新的容器并运行一个命令save # 保存一个镜像为一个tar包[对应load]search # 在docker hub 中搜索镜像start # 启动容器stop # 停止容器tag # 给源中镜像打标签top # 查看容器中运行的进程信息unpause # 取消暂停容器version # 查看docker版本号wait # 截取容器停止时的退出状态值
作业练习
部署Nginx
搜索nginx (建议去网站搜索,这样可以看见详细信息)
docker search nginx
拉取 镜像
docker pull nginx
启动 容器
- -p 宿主机端口:容器内端口
docker run -d --name nginx01 -p 3344:80 nginx #3344是主机的端口,80的nginx的端口,这样形成一种映射关系,访问公网的3344就是访问nginx的80
运行测试
curl localhost:3344
进入容器
docker exec -it nginx01 /bin/bash
思考问题:我们每次改动nginx配置文件,都需要进入容器内部,十分麻烦,我要是可以在容器外部提供一个映射路径,达到在容器外部部署项目,容器外部修改文件,容器内部数据就可以自动修改? -v 数据卷技术
部署Tomcat
###注意tomcat官方的坑,文档的run语句加上了-rm,意思是用完就删除,这个是测试用的,真实环境中不要加-rm# 下载Tomcat镜像docker pull tomcat# 创建并启动Tomcat容器docker run -d -p 3355:8080 tomcat#测试访问没问题http://xx.xx.xx.xx:3355#进入容器docker exec -it 333e26b0b96c /bin/bash#发现问题: 1.Linux命令少了 2.没有webapps#这是由于阿里云的原因,默认是最小的镜像,所有不必要的都剔除了#保证最小可运行的环境
部署ES+kibana
# es 暴露的端口很多# es 十分的耗内存# es的数据一般需要放置到安全目录 ! 挂载# --net somenetwork ? 网络配置#启动 elasticsearchdocker run -d --name elasticsearch --net somenetwork -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:tag#启动了es,服务器就卡了# docker stats #查看docker CPU的状态CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDSf25d5269e305 elasticsearch02 0.30% 1.246GiB / 3.852GiB 32.34% 976B / 0B 0B / 0B 42es占用了1.24G!!!!!!#测试一下es是成功了root@kylin:/home# curl localhost:9200{"name" : "f25d5269e305","cluster_name" : "docker-cluster","cluster_uuid" : "MzkaGFUJQyKuTX_ZDcv_Pg","version" : {"number" : "7.6.2","build_flavor" : "default","build_type" : "docker","build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f","build_date" : "2020-03-26T06:34:37.794943Z","build_snapshot" : false,"lucene_version" : "8.4.0","minimum_wire_compatibility_version" : "6.8.0","minimum_index_compatibility_version" : "6.0.0-beta1"},"tagline" : "You Know, for Search"}#赶紧关闭es,然后增加内存限制docker run -d --name elasticsearch03 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms64m -Xmx512m" elasticsearch:7.6.2CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDSa56d5f35bf70 elasticsearch03 193.94% 302.8MiB / 3.852GiB 7.68% 766B / 0B 0B / 0B 27#增加了内存限制之后,明显内存占用少了
作业:将 ES 与 kibana 连接起来 docker网络原理
可视化管理
- portainer(暂时用这个)
- Rancher(推荐)
portainer是docker的可视化管理面板,提供一个后台供我们操作.
docker run -d -p 8088:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock --name prtainer-test --privileged=true portainer/portainer
若有收获,就点个赞吧
0 人点赞
