Docker 基本概念
- 什么是Docker?
Docker是一个轻量级的“虚拟机”,容器完全使用沙箱机制,相互之间不会有任何接口。是Linux容器里运行应用的开源工具。
- Docker与虚拟机的区别
- Docker主要构成
- Docker Client 客户端
- Docker Daemon 守护进程
- Docker Images 镜像
- Docker Container 容器
- Docker Registry 仓库
- Docker运作流程
Client ——> Daemon ——> Images (or Registry ——> Images)——> Containers
Client客户端下达指令,执行操作,下达到daemon守护进程,守护进程收到之后,如果想构建images镜像,守护进程直接把当前的容器环境制作成images镜像,images镜像不仅可以从当前的环境制作images镜像,也可以从指定的一个registry仓库中进行下载(也称为拉取),registry仓库也分为公共的官方仓库(便于全球使用docker的用户使用加载),和私有搭建的仓库。利用不同的imagers镜像直接生成不同的 containers容器。
- Docker的核心概念
Docker Images 镜像
Docker Container 容器
Docker Registry 仓库
- Docker 环境安装
首先关闭防火墙
systemctl stop firewalld #停止防火墙
systemctl disable firewalld #关闭防火墙自启动
setenforce 0 #关闭核心防护
#永久关闭核心防护功能
vim /etc/selinux/config
#把第7行的enforcing修改成disabled
#用正则修改
sed -i "7s/enforcing/disabled" /etc/selinux/config | cat /etc/selinux/config
- 安装部署Docker的环境包
yum install -y yum-utils device-mapper-persistent-data lvm2
#这里用的是阿里云镜像源
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#在阿里云的yum源中下载decker-ce(社区版)repo配置文件
#下载完repo配置文件之后,才能安装Docker-ce
#安装Docke-CE
yum install -y docker-ce
systemctl start docker.service #打开docker服务
systemctl enable docker.service #设置docker开机自启动服务
Docker 镜像操作
- 镜像加速
- 下列的"http://…"里的镜像加速地址可以通过阿里云官方服务器申请得到 https://help.aliyun.com/document_detail/60750.html
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://..."]
}
EOF
systemctl daemon-reload #重新加载
systemctl restart docker #重新启动docker服务
网络优化
vim /etc/sysctl.conf
net.ipv4.ip_forward=1 #开启数据包转发功能
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf #开启数据包转发功能
service network restart #重启网络服务
systemctl restart docker #重启docker
镜像常用命令
witch docker #查找存放路径
[root@192 ~]# which docker
/usr/bin/docker
docker version #查看版本
Client: Docker Engine - Community
Version: 19.03.8
API version: 1.40
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:27:04 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.8
API version: 1.40 (minimum version 1.12)
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:25:42 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
docker search 名称 #搜索镜像
[root@192 docker]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 12976 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1773 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 764 [OK]
linuxserver/nginx An Nginx container, brought to you by LinuxS… 105
bitnami/nginx Bitnami nginx Docker Image 82 [OK]
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 68 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 51
......内容省略
docker pull 名称 #下载镜像
[root@192 docker]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
c499e6d256d6: Pull complete
74cda408e262: Pull complete
ffadbd415ab7: Pull complete
Digest: sha256:282530fcb7cd19f3848c7b611043f82ae4be3781cb00105a1d593d7e6286b596
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
docker images #查看已下载镜像
[root@192 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ed21b7a8aee9 2 weeks ago 127MB
docker inspect 镜像ID #获取镜像信息
[root@192 overlay2]# docker inspect ed21b7a8aee9
[
{
"Id": "sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291",
"RepoTags": [
"nginx:latest"
],
"RepoDigests": [
"nginx@sha256:282530fcb7cd19f3848c7b611043f82ae4be3781cb00105a1d593d7e6286b596"
],
"Parent": "",
"Comment": "",
"Created": "2020-03-31T03:19:30.487069362Z",
"Container": "5c86b143cf5caec0aed5c331922c243f00600152ec0e9ecbe8531771562e72b8",
"ContainerConfig": {
"Hostname": "5c86b143cf5c",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
......内容省略
docker tag 镜像名称:镜像标签 镜像名称:镜像标签 #添加镜像标签
[root@192 overlay2]# docker tag nginx:latest nginx:web
[root@192 overlay2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ed21b7a8aee9 2 weeks ago 127MB
nginx web ed21b7a8aee9 2 weeks ago 127MB
docker rmi 镜像名称:镜像标签 #删除镜像
[root@192 overlay2]# docker rmi nginx:web
Untagged: nginx:web
[root@192 overlay2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ed21b7a8aee9 2 weeks ago 127MB
docker saved -o 文件名 镜像名 #镜像输出
[root@192 overlay2]# mkdir /abc
[root@192 overlay2]# cd /abc
[root@192 abc]# ls
[root@192 abc]# docker save -o nginx nginx:latest
[root@192 abc]# ls
nginx
[root@192 abc]# ls -lh nginx
-rw-------. 1 root root 125M 4月 15 07:48 nginx
docker load < 文件名 #镜像导入
[root@192 abc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ed21b7a8aee9 2 weeks ago 127MB
[root@192 abc]# ls
nginx
[root@192 abc]# ls -lh nginx
-rw-------. 1 root root 125M 4月 18 10:24 nginx
[root@192 abc]# docker rmi ed21b7a8aee9
Untagged: nginx:latest
Untagged: nginx@sha256:282530fcb7cd19f3848c7b611043f82ae4be3781cb00105a1d593d7e6286b596
Deleted: sha256:ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291
Deleted: sha256:8a305f371a6c3c445a1dfc500c1364743868a269ab8cdaf95902692e82168352
Deleted: sha256:d079ef06ec1f10a8050887365f9a940b39547ba6bcc46b16a463e740984f3223
Deleted: sha256:c3a984abe8a88059915bb6c7a1d249fd1ccc16d931334ac8816540b0eb686b45
[root@192 abc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@192 abc]# docker load < nginx
c3a984abe8a8: Loading layer 72.48MB/72.48MB
99134ec7f247: Loading layer 58.11MB/58.11MB
d37eecb5b769: Loading layer 3.584kB/3.584kB
Loaded image: nginx:latest
[root@192 abc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest ed21b7a8aee9 2 weeks ago 127MB
docker login #登录
docker push #上传
- 容器常用命令
docker create -it 镜像名称 终端 #容器创建
- -i 让容器的标准输入保持打开
- -t 让docker分配一个伪终端
[root@192 abc]# docker create -it nginx:latest /bin/bash
b64fae63823860866a2f24ef8dadfd6ccadb19dda42568b14d8c2e066f928819
docker ps -a #查看容器状态
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b64fae638238 nginx:latest "/bin/bash" 4 seconds ago Created vibrant_swartz
docker start 容器ID #启动容器
[root@192 abc]# docker start b64fae638238
b64fae638238
查看状态为up
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b64fae638238 nginx:latest "/bin/bash" 3 minutes ago Up 7 seconds 80/tcp vibrant_swartz
启动执行命令查看系统根目录
docker run 镜像 -c 所需要的指令
- -c command执行指令
docker run的执行过程包括了pull下载、create创建、start启动
如果有镜像,不会下载,直接加载这个镜像;如果没有镜像,会找仓库下载这个镜像
[root@192 abc]# docker run centos:7 /usr/bin/bash -c ls /
Unable to find image 'centos:7' locally
7: Pulling from library/centos
ab5ef0e58194: Already exists
Digest: sha256:4a701376d03f6b39b8c2a8f4a8e499441b0d567f9ab9d58e4991de4472fb813c
Status: Downloaded newer image for centos:7
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
[root@192 abc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest e791337790a6 46 hours ago 127MB
centos 7 5e35e350aded 5 months ago 203MB
[root@192 abc]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest e791337790a6 46 hours ago 127MB
centos 7 5e35e350aded 5 months ago 203MB
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" About a minute ago Exited (0) About a minute ago busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 11 minutes ago Up 8 minutes 80/tcp vibrant_swartz
docker stop 容器ID #终止运行
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" About a minute ago Exited (0) About a minute ago busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 11 minutes ago Up 8 minutes 80/tcp vibrant_swartz
[root@192 abc]# docker stop b64fae638238
b64fae638238
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS NAMES
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" 3 minutes ago Exited (0) 3 minut busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 13 minutes ago Exited (0) 7 secon vibrant_swartz
docker run -d 镜像名称 终端 -c 执行命令 #持续在后台执行
[root@192 abc]# docker run -d centos:7 /bin/bash -c "while true;do echo hello;done"
425906050c12ccd3a3bfd4f43add8b11de4f8238c14bc5ee2da0aa8937e6efb0
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
425906050c12 centos:7 "/bin/bash -c 'while…" 5 seconds ago Up 4 seconds eager_payne
第一种进入容器的方式
docker run -it 容器名称
[root@192 abc]# docker run -ti nginx:latest /bin/bash
root@fcd326a8e57a:/# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
第二种进入容器的方式
docker start 容器ID
当容器处于up状态的时候用exec进入
docker exec -it 容器ID 终端
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b64fae638238 nginx:latest "/bin/bash" 18 minutes ago Exited (0) 5 minutes ago vibrant_swartz
[root@192 abc]# docker start b64fae638238
b64fae638238
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b64fae638238 nginx:latest "/bin/bash" 19 minutes ago Up 4 seconds 80/tcp vibrant_swartz
[root@192 abc]# docker exec -it b64fae638238 /bin/bash
root@b64fae638238:/#
root@b64fae638238:/# exit
exit
[root@192 abc]#
docker export 容器ID > 文件名 #容器导出
[root@192 abc]# ls
nginx
[root@192 abc]# docker export b64fae638238 > nginx_c
[root@192 abc]# ls
nginx nginx_c
docker rm 容器ID #删除容器
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c875a3516d3e nginx:latest "/bin/bash" 12 minutes ago Exited (0) 12 minutes ago heuristic_jennings
425906050c12 centos:7 "/bin/bash -c 'while…" 14 minutes ago Exited (137) 13 minutes ago eager_payne
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" 20 minutes ago Exited (0) 20 minutes ago busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 29 minutes ago Up 11 minutes 80/tcp vibrant_swartz
[root@192 abc]# docker rm 425906050c12
425906050c12
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c875a3516d3e nginx:latest "/bin/bash" 12 minutes ago Exited (0) 12 minutes ago heuristic_jennings
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" 20 minutes ago Exited (0) 20 minutes ago busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 30 minutes ago Up 11 minutes 80/tcp vibrant_swartz
批量删除容器
docker ps -a | awk ‘{print "docker rm "$1}’ | bash
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c875a3516d3e nginx:latest "/bin/bash" 16 minutes ago Exited (0) 16 minutes ago heuristic_jennings
f6a800a8acc9 centos:7 "/usr/bin/bash -c ls…" 24 minutes ago Exited (0) 24 minutes ago busy_ardinghelli
b64fae638238 nginx:latest "/bin/bash" 34 minutes ago Up 15 minutes 80/tcp vibrant_swartz
[root@192 abc]# docker ps -a | awk '{print "docker rm "$1}' | bash
Error: No such container: CONTAINER
c875a3516d3e
f6a800a8acc9
Error response from daemon: You cannot remove a running container b64fae63823860866a2f24ef8dadfd6ccadb19dda42568b14d8c2e066f928819. Stop the container before attempting removal or force remove
[root@192 abc]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b64fae638238 nginx:latest "/bin/bash" 35 minutes ago Up 16 minutes 80/tcp vibrant_swartz
总结
镜像常用命令
witch docker #查找存放路径
docker version #查看版本
docker search 名称 #搜索镜像
docker pull 名称 #下载镜像
docker images #查看已下载镜像
docker inspect 镜像ID #获取镜像信息
docker tag 镜像名称:镜像标签 镜像名称:镜像标签 #添加镜像标签
docker rmi 镜像名称:镜像标签 #删除镜像
docker saved -o 文件名 镜像名 #镜像输出
docker load < 文件名 #镜像导入
docker login #登录
docker push #上传
容器常用命令
docker create -it 镜像名称 终端 #容器创建
docker ps -a #查看容器状态
docker start 容器ID #启动容器
docker run 镜像 -c 所需要的指令
docker stop 容器ID #终止运行
docker run -d 镜像名称 终端 -c 执行命令 #持续在后台执行
第一种进入容器的方式
docker run -it 容器名称
第二种进入容器的方式
docker start 容器ID
当容器处于up状态的时候用exec进入
docker exec -it 容器ID 终端
docker export 容器ID > 文件名 #容器导出
docker rm 容器ID #删除容器