容器是独立运行的一个或一组应用,是镜像运行时的实体。
容器与镜像的关系类似于面向对象编程中的对象与类
容器运行时会在只读的镜像层外面挂载一层可读写层
创建容器
1 新建容器
Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
Create a new container
-i:保持标准输入打开
-t:分配一个伪终端
--name:给容器起一个名字
sleep: 容器运行起来sleep 999s 达到夯住的效果!
[root@server01 ~]# docker create -it --name mybuntu ubuntu:16.04 sleep 999
f564b996880d45ec00eef17bd22c55430e876aff0af927dd81777d3fe778d58a
[root@server01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f564b996880d ubuntu:16.04 "sleep 999" 7 seconds ago Created
2 启动容器
Usage: docker start [OPTIONS] CONTAINER [CONTAINER...]
Start one or more stopped containers
[root@server01 ~]# docker start f564b996880d f564b996880d [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f564b996880d ubuntu:16.04 "sleep 999" 34 seconds ago Up 2 seconds
3 新建并启动容器
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
docker run 等价于docker create+ docker start
--rm:容器运行完退出时将自动删除该容器
docker run --name myubuntu_v4 --rm ubuntu:16.04 /bin/echo 'hello word' hello word
进入交互模式:
[root@server01 ~]# docker run -it --name myubuntu_v5 --rm ubuntu:16.04 /bin/bash root@8ef2e174d587:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@8ef2e174d587:/# ps PID TTY TIME CMD 1 pts/0 00:00:00 bash 11 pts/0 00:00:00 ps
docker run 后台运行流程:(到时候可以演示一个docker run centos镜像)
1 检查本地是否存在指定的镜像,不存在就从公有仓库下载
2 利用镜创建一个容器,并启动该容器
3 分配一个文件系统给容器,并在只读的镜像层外面挂载一层可读写层
4 从宿主主机配置的网桥接口中桥接一个虚拟接口到容器中去(veth5ac8640)
5 从网桥(dokcer0)的地址池配置一个ip地址给容器
6执行用户指定的应用程序
7 执行完毕后容器被自动终止
docker wait 应用场景:
docker run 时,无法正常执行容器命令,导致出错,直接退出!可以用docker wait 查看退出的错误代码
Usage: docker wait CONTAINER [CONTAINER...]
Block until one or more containers stop, then print their exit codes
[root@server01 ~]# docker run -it --name mynginx nginx 'ssssss' docker: Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "exec: \"ssssss\": executable file not found in $PATH": unknown. ERRO[0000] error waiting for container: context canceled [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b5794d384ca5 nginx "ssssss" 16 seconds ago Created 80/tcp mynginx [root@server01 ~]# docker wait b5794d384ca5 127
常见的错误代码:
125:通常是指定了不支持的docker命令参数
126:通常是权限的问题
127:容器内的命令无法找到
4 守护态运行容器
-d: 让docker容器在后台以守护态(daemonized)形式运行
容器启动后会返回一个唯一的id,通过docker ps -a 查看容器信息
[root@server01 ~]# docker run -d --name mynginx_v2 --rm nginx be0f4930a80df583e204ef3f59a3f9764140f425bd2f9271b17058ff622c6bf4 [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES be0f4930a80d nginx "nginx -g 'daemon of…" 5 seconds ago Up 4 seconds
5 查看容器输出
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
-f: 持续保持输出
-t:显示时间戳信息
[root@server01 ~]# docker run -d --rm centos /bin/sh -c "while true;do echo hello world;sleep 1;done" dcdfef0dae39bb379472893e442d0cf6a659113ef89ff25c378947cafe8b15f9 [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES dcdfef0dae39 centos "/bin/sh -c 'while t…" 13 seconds ago Up 12 seconds nifty_diffie [root@server01 ~]# docker logs -tf dcdfef0dae39 2020-03-07T05:05:24.623546790Z hello world 2020-03-07T05:05:25.636515320Z hello world 2020-03-07T05:05:26.642395711Z hello world 2020-03-07T05:05:27.649448425Z hello world 2020-03-07T05:05:28.668097132Z hello world 2020-03-07T05:05:29.677188699Z hello world
停止容器
1 暂停容器
docker pause
Usage: docker pause CONTAINER [CONTAINER...]
Pause all processes within one or more containers
1.2 恢复容器
docker unpause
Usage: docker unpause CONTAINER [CONTAINER...]
Unpause all processes within one or more containers
[root@server01 ~]# docker run -d -p 80:80 --name mynginx nginx 668ddb0f8598850761ddebd96914916a770217f47a4e79ab439e4f13bbc684dc [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 668ddb0f8598 nginx "nginx -g 'daemon of…" 9 seconds ago Up 7 seconds 0.0.0.0:80->80/tcp mynginx [root@server01 ~]# netstat -lptnu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp6 0 0 :::80 :::* LISTEN 30791/docker-proxy [root@server01 ~]# curl -I http://192.168.1.10/index.html HTTP/1.1 200 OK Server: nginx/1.17.9 [root@server01 ~]# docker pause mynginx mynginx [root@server01 ~]# curl -I http://192.168.1.10/index.html 无法访问了!! [root@server01 ~]# docker unpause mynginx mynginx [root@server01 ~]# curl -I http://192.168.1.10/index.html HTTP/1.1 200 OK Server: nginx/1.17.9
2 终止容器
2.1 docker stop
Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...]
Stop one or more running containers
Options:
-t, --time int Seconds to wait for stop before killing it (default 10)
该命令先想容器发送SIGTERM 信号,等待一段超时时间(10秒)后,在发送SIGKILL信号来终止容器
大部分程序接收到SIGTERM信号后,会先释放自己的资源,然后在停止。
[root@server01 ~]# docker stop mynginx mynginx [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 668ddb0f8598 nginx "nginx -g 'daemon of…" 10 minutes ago Exited (0) 11 seconds ago mynginx
2.2 docker kill
Usage: docker kill [OPTIONS] CONTAINER [CONTAINER...]
Kill one or more running containers
此命令直接发送SIGKILL信号强制终止容器
[root@server01 ~]# docker kill mynginx mynginx
进入容器
docker exec
[root@server01 ~]# docker exec -it mycentos_v1 /bin/bash
[root@292f00780c58 /]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
66: eth0@if67: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
删除容器
docker rm
Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
Remove one or more containers
-f:强行删除一个正在运行的容器
[root@server01 ~]# docker rm mycentos Error response from daemon: You cannot remove a running container a1fca316e1b17de7693798149de6612d433f22dc1c9f8325f65d6f3781012abb. Stop the container before attempting removal or force remove [root@server01 ~]# docker rm -f mycentos mycentos
导入和导出容器
应用场景:将容器从一个系统(主机)迁移到另外一个系统(主机)上时。
1 导出容器
docker export
Usage: docker export [OPTIONS] CONTAINER
Export a container's filesystem as a tar archive
-o:指定导出的文件名
[root@server01 ~]# docker run -d --name mynginx nginx
238f193a3c50ebee9b586f460094b0d89e12c1bbf9f4be29f24101e4481f580e
[root@server01 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
238f193a3c50 nginx "nginx -g 'daemon of…" 5 seconds ago Up 4 seconds 80/tcp mynginx
[root@server01 ~]# docker export -o nginx.tar mynginx
[root@server01 ~]# ll
-rw-------. 1 root root 128901632 3月 7 15:08 nginx.tar
2 导入容器
docker import 将导出的文件变成一个镜像
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
[root@server01 ~]# docker import ng.tar huazai007/nginx:v1 sha256:ab59a61471e9b7bae8403f26be31a7be2e1fcfad30129d17bc0c1bddb8715a43 [root@server01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE huazai007/nginx v1 ab59a61471e9 6 seconds ago 125MB [root@server01 ~]# docker run -d huazai007/nginx:v1 docker: Error response from daemon: No command specified. See 'docker run --help'. [root@server01 ~]# docker run -d huazai007/nginx:v1 sleep 10 eecb46704fcf8e72e41f7090dbb690e69d404635a405e9d2ff4d7c193747738b
注意:想要运行通过docker import 生成的镜像文件 ,在run 时 务必加上执行命令
docker load:导入镜像存储文件到本地镜像库(保存完整记录,体积大)
docker import:导入容器快照文件到本地镜像库(仅保存容器当时的快照状态,轻量)
查看容器
1 查看容器详情(包括容器ID,创建时间,路径,状态,镜像,配置等)
docker inspect
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
-f:指定输出格式
[root@server01 ~]# docker inspect -f {{.NetworkSettings.Networks.bridge.IPAddress}} mynginx
172.17.0.2
2 查看容器内进程
docker top
Usage: docker top CONTAINER [ps OPTIONS]
Display the running processes of a container
[root@server01 ~]# docker top mynginx UID PID PPID C STIME TTY TIME CMD root 33047 33030 0 15:18 ? 00:00:00 nginx: master process nginx -g daemon off; 101 33083 33047 0 15:18 ? 00:00:00 nginx: worker process
3 查看统计信息
docker stats
显示cpu,内存,存储,网络等使用情况的统计信息
Usage: docker stats [OPTIONS] [CONTAINER...]
Display a live stream of container(s) resource usage statistics
docker stats mynginx (实时刷新的)
其他容器命令
1 自动清除掉所有处于停止状态的容器
Usage: docker container prune [OPTIONS]
Remove all stopped containers
[root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 668ddb0f8598 nginx "nginx -g 'daemon of…" 16 minutes ago Exited (137) 2 seconds ago mynginx [root@server01 ~]# docker container prune WARNING! This will remove all stopped containers. Are you sure you want to continue? [y/N] y Deleted Containers: 668ddb0f8598850761ddebd96914916a770217f47a4e79ab439e4f13bbc684dc Total reclaimed space: 2B [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2 重启容器
Usage: docker restart [OPTIONS] CONTAINER [CONTAINER...]
Restart one or more containers
先终止,再重新启动!
[root@server01 ~]# docker restart mynginx mynginx
3 将本地路径下的文件复制到指定容器的指定路径下
docker cp
Usage:
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
Copy files/folders between a container and the local filesystem
将mynginx容器下的default.conf 文件复制到宿主机的/tmp目录下
[root@server01 ~]# docker cp mynginx:/etc/nginx/conf.d/default.conf /tmp/ [root@server01 ~]# ls /tmp/default.conf /tmp/default.conf
将宿主机/tmp/下的test 文件 复制到mynginx 容器的/tmp下
[root@server01 ~]# touch /tmp/test [root@server01 ~]# docker cp /tmp/test mynginx:/tmp/ [root@server01 ~]# docker exec -it mynginx /bin/bash root@fe22ba397db2:/# ls /tmp/ test
4 查看容器内文件系统的变更
docker container diff mynginx
C:表示create
A:表示append
[root@server01 ~]# docker container diff mynginx C /run A /run/nginx.pid C /var C /var/cache C /var/cache/nginx A /var/cache/nginx/scgi_temp A /var/cache/nginx/uwsgi_temp A /var/cache/nginx/client_temp
5 查看容器的端口映射情况
docker container port 容器名
[root@server01 ~]# docker run -d -p 80:80 --name mynginx_v2 nginx 767df9d67d99567f65dcc6d5a53373c54bc05652e38785642dc0926a19945275 [root@server01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 767df9d67d99 nginx "nginx -g 'daemon of…" 4 seconds ago Up 2 seconds 0.0.0.0:80->80/tcp mynginx_v2 [root@server01 ~]# docker container port mynginx_v2 80/tcp -> 0.0.0.0:80
6 更新容器的一些运行时配置
docker update
Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
Update configuration of one or more containers
更改前:
-cpu-quota: 限制cpu调度器CFS配额,单位为微妙,最小 1000;
completely:完全 fair:合理 scheduler:调度
[root@server01 ~]# docker inspect -f {{.HostConfig.CpuQuota}} mynginx
0
更改为:
限制总配额为1秒
[root@server01 ~]# docker update --cpu-quota 1000000 mynginx
mynginx
[root@server01 ~]# docker inspect -f {{.HostConfig.CpuQuota}} mynginx
1000000
