docker的基础应用
什么是docker
docker中的容器:
- lxc --> libcontainer --> runC
OCI&OCF
OCI
Open Container-initiative
- 由Linux基金会主导于2015年6月创立
- 旨在围绕容器格式和运行时制定一个开放的工业化标准
- contains two specifications
- the Runtime Specification(runtime-spec)
- the Image Specification(image-spec)
OCF
OCF
开源的容器格式(Open Container Format)
runC 是一个命令行工具,运行容器记录的一个标准
- 容器是以runC为子进程的方式启动,并且可以被其他的系统引用,不需要启动为守护模式进程
- runC 可以构建我们的容器,并且可以被数以百万的存储引擎使用
docker提供了一个专门容纳容器镜像的站点:https://hub.docker.com
docker架构
- 此图片中的三个大框从左到右为“客户端”“dockers主机”“仓库”(仓库位置可以是本地的,也可以是官方的)
- 客户端:任意一台有docker命令的主机都为客户端
- docker主机:安装了docker服务的主机
- 客户端和docker主机可以在一台主机里运行,仓库可以在另外一台主机运行
- 客户端里的docker命令交给docker主机的守护进程/服务进行镜像交互
- lmages镜像里如果有本地镜像不用执行docker pull命令,如果没有就执行docker pull命令从仓库里的镜像拉到本地里来,再用docker run命令在本地启动成Containers容器
- 每一个container容器都是运行在docker server(宿主机)上的,每一个container容器都是隔离的、独立的
- 每一个container容器相当于一个Linux操作系统,每一个container容器都有自己的ip地址,所以可以在不同的container上设置相同的端口号
docker镜像与镜像仓库
为什么镜像仓库名字是Registry而不是repository?在docker中仓库的名字是以应用的名称取名的。
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的。
Docker对象
当您使用docker时,您可以创建和使用镜像、容器、网络、存储卷、插件和其他对象。
- 镜像
- 一个镜像是只读的模板,是用来创建docker容器的
- 经常情况, 一个镜像是基于另外一个镜像生成的,加上一些特定的内同
- 您可以创建您自己的镜像,也可以使用别人在网站上传的镜像
- 容器
- 容器是一个用镜像运行的实例
- 您可以使用命令行模式或者API进行创建,运行,停止,移动,删除容器
- 您可以将容器连接到一个或多个网络,将存储连接到容器,甚至可以基于其当前状态创建新映像。
安装及使用docker
Docker安装
进入目录
[root@Raygussie ~]# cd /etc/yum.repos.d/
下载
[root@Raygussie yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1919 100 1919 0 0 1048 0 0:00:01 0:00:01 --:--:-- 1048 [root@Raygussie yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo [root@Raygussie yum.repos.d]# ls docker-ce.repo redhat.repo [root@Raygussie yum.repos.d]#
清理缓存
[root@Raygussie ~]# yum clean all
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
0 files removed
搜索
[root@Raygussie ~]# yum list all|grep docker
containerd.io.x86_64 1.4.3-3.1.el8 ocker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el8 ocker-ce-stable
docker-ce-cli.x86_64 1:20.10.3-3.el8 ocker-ce-stable
docker-ce-rootless-extras.x86_64 20.10.3-3.el8 ocker-ce-stable
安装docker-ce
[root@Raygussie yum.repos.d]# yum -y install docker-ce Updating Subscription Management repositories. Unable to read consumer identity This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Docker CE Stable - x86_64 2.1 kB/s | 3.5 kB 00:01 Dependencies resolved. ================================================================================== Package Arch Version Repository Size ================================================================================== Installing: docker-ce x86_64 3:20.10.3-3.el8 docker-ce-stable 27 M Upgrading: audit x86_64 3.0-0.17.20191104git1c2f876.el8 base 254 k 。。。。。。 Enabling module streams: container-tools rhel8 Transaction Summary ========================================= Install 17 Packages Upgrade 10 Packages 。。。。。。 (24/27): selinux-policy-3.14.3-54.el8_3.2.noarch. 729 kB/s | 622 kB 00:00 (25/27): selinux-policy-targeted-3.14.3-54.el8_3. 888 kB/s | 15 MB 00:17 (26/27): docker-ce-20.10.3-3.el8.x86_64.rpm 145 kB/s | 27 MB 03:07 (27/27): docker-ce-cli-20.10.3-3.el8.x86_64.rpm 175 kB/s | 33 MB 03:14 ------------------------------------------------------------------------- Total 630 kB/s | 119 MB 03:14 warning: /var/cache/dnf/docker-ce-stable-fa9dc42ab4cec2f4/packages/containerd.io-1.4.3-3.1.el8.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY Docker CE Stable - x86_64 1.1 kB/s | 1.6 kB 00:01 Importing GPG key 0x621E9F35: Userid : "Docker Release (CE rpm) <docker@docker.com>" Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35 From : https://download.docker.com/linux/centos/gpg Key imported successfully Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: libsepol-2.9-1.el8.x86_64 1/1 。。。。。。 python3-setools-4.3.0-2.el8.x86_64 containerd.io-1.4.3-3.1.el8.x86_64 docker-ce-cli-1:20.10.3-3.el8.x86_64 docker-ce-rootless-extras-20.10.3-3.el8.x86_64 Complete! [root@Raygussie yum.repos.d]#
启动docker
[root@Raygussie ~]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
查看docker状态
[root@Raygussie ~]# systemctl status docker ● docker.service - Docker Application Container Engine Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset> Active: active (running) since Fri 2021-02-26 03:58:26 CST; 2min 3s ago Docs: https://docs.docker.com Main PID: 13865 (dockerd) Tasks: 11 Memory: 47.5M CGroup: /system.slice/docker.service └─13865 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/contain> Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784359660+08:> Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784464350+08:> Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784715063+08:> Feb 26 03:58:25 Raygussie dockerd[13865]: time="2021-02-26T03:58:25.060643063+08:> Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.201491271+08:> Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.489748836+08:> Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.530920550+08:> Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.531179856+08:> Feb 26 03:58:26 Raygussie systemd[1]: Started Docker Application Container Engine. Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.571104822+08:> lines 1-20/20 (END)
docker加速
docker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
- docker cn
- 中国科技大学加速器
- 阿里云加速器(需要通过阿里云开发者平台注册帐号,免费使用个人私有的加速器)
设置加速器
编辑 [root@Raygussie ~]# vi /etc/docker/daemon.json { "registry-mirrors": ["https://zyva0762.mirror.aliyuncs.com"] } 重启rocker [root@Raygussie ~]# systemctl daemon-reload [root@Raygussie ~]# systemctl restart docker 查看docker状态 [root@Raygussie ~]# docker info Client: Context: default Debug Mode: false Plugins: app: Docker App (Docker Inc., v0.9.1-beta3) buildx: Build with BuildKit (Docker Inc., v0.5.1-docker) Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 20.10.3 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc Default Runtime: runc Init Binary: docker-init containerd version: 269548fa27e0089a8b8278fc4fc781d7f65a939b runc version: ff819c7e9184c13b7c2607fe6c30ae19403a7aff init version: de40ad0 Security Options: seccomp Profile: default Kernel Version: 4.18.0-80.el8.x86_64 Operating System: Red Hat Enterprise Linux 8.0 (Ootpa) OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 3.827GiB Name: Raygussie ID: 22AQ:HFL6:ZLSE:4CW5:ARD2:Z6RN:4SQV:GKOD:HVPN:PJDP:NIJK:XQGJ Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://zyva0762.mirror.aliyuncs.com/ Live Restore Enabled: false WARNING: No blkio weight support WARNING: No blkio weight_device support
docker常用操作
| 命令 | 功能 |
|
docker search |
在官网上搜索镜像 |
| docker pull | 下载官网的镜像,不加版本号默认下载最新版本 |
| docker images | 查看已有镜像 |
| docker create | 创建一个容器 |
| docker start | 启动容器 |
| docker run | 运行容器 |
| docker attach | 进入容器 |
| docker ps | 查看正在运行的容器 |
| docker logs | 查看容器日志 |
| docker restart | 重启容器 |
| docker stop | 停止容器运行 |
| docker kill | 强制终止容器(不推荐) |
| docker rm | 删除容器 |
| docker exec | 进入容器 |
| docker info | 查看docker整个的信息 |
| docker inspect | 查看容器的各种信息 |
演示:
- docker search
[root@Raygussie ~]# docker search httpd NAME DESCRIPTION STARS OFFICIAL AUTOMATED httpd The Apache HTTP Server Project 3371 [OK] centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 36 centos/httpd 33 [OK] polinux/httpd-php Apache with PHP in Docker (Supervisor, CentO… 4 [OK] salim1983hoop/httpd24 Dockerfile running apache config 2 [OK] lead4good/httpd-fpm httpd server which connects via fcgi proxy h… 1 [OK] solsson/httpd-openidc mod_auth_openidc on official httpd image, ve… 1 [OK] 。。。。。。
- docker pull
[root@Raygussie ~]# docker pull httpd Using default tag: latest latest: Pulling from library/httpd a076a628af6f: Pull complete e444656f7792: Pull complete 0ec35e191b09: Pull complete 4aad5d8db1a6: Pull complete eb1da3ea630f: Pull complete Digest: sha256:2fab99fb3b1c7ddfa99d7dc55de8dad0a62dbe3e7c605d78ecbdf2c6c49fd636 Status: Downloaded newer image for httpd:latest docker.io/library/httpd:latest
- docker images
[root@Raygussie ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE httpd latest 683a7aad17d3 6 weeks ago 138MB
- docker create
[root@Raygussie ~]# docker create httpd:2.4-alpine e92a84c778e7768db0194a224283beed3ae778db85ae5114c8da752537af1baf
- docker start
[root@Raygussie ~]# docker start e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e92a84c778e7 httpd:2.4-alpine "httpd-foreground" 6 minutes ago Up 6 seconds 80/tcp heuristic_mahavira
- docker run
[root@Raygussie ~]# docker run httpd:latest AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message [Thu Feb 25 20:45:29.243123 2021] [mpm_event:notice] [pid 1:tid 140395745399936] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations [Thu Feb 25 20:45:29.243445 2021] [core:notice] [pid 1:tid 140395745399936] AH00094: Command line: 'httpd -D FOREGROUND'
- docker attach
[root@Raygussie ~]# docker attach f59f43d50ef8 172.17.0.1 - - [25/Feb/2021:21:01:49 +0000] "GET / HTTP/1.1" 200 45 172.17.0.1 - - [25/Feb/2021:21:01:51 +0000] "GET / HTTP/1.1" 200 45 172.17.0.1 - - [25/Feb/2021:21:01:52 +0000] "GET / HTTP/1.1" 200 45 172.17.0.1 - - [25/Feb/2021:21:01:52 +0000] "GET / HTTP/1.1" 200 45
- docker ps
[root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@Raygussie ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e92a84c778e7 httpd:2.4-alpine "httpd-foreground" 5 minutes ago Created heuristic_mahavira
- docker logs
[root@Raygussie ~]# docker logs e9c0d6e23563 AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message [Thu Feb 25 20:46:47.589331 2021] [mpm_event:notice] [pid 1:tid 139711880459392] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations [Thu Feb 25 20:46:47.589499 2021] [core:notice] [pid 1:tid 139711880459392] AH00094: Command line: 'httpd -D FOREGROUND' [Thu Feb 25 20:47:18.936443 2021] [mpm_event:notice] [pid 1:tid 139711880459392] AH00491: caught SIGTERM, shutting down
- docker restar
[root@Raygussie ~]# docker start e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker restart e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e92a84c778e7 httpd:2.4-alpine "httpd-foreground" 9 minutes ago Up 8 seconds 80/tcp heuristic_mahavira
- docker stop
[root@Raygussie ~]# docker stop e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- docker kill
[root@Raygussie ~]# docker kill e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- docker rm
[root@Raygussie ~]# docker rm e92a84c778e7 e92a84c778e7 [root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@Raygussie ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@Raygussie ~]# docker rm -f e606ff8a6905
e606ff8a6905
[root@Raygussie ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- docker exec
[root@Raygussie ~]# docker exec -it 2f51f41d2b26 /bin/bash root@2f51f41d2b26:/usr/local/apache2# ls bin build cgi-bin conf error htdocs icons include logs modules root@2f51f41d2b26:/usr/local/apache2# cd bin/ root@2f51f41d2b26:/usr/local/apache2/bin# ls ab checkgid envvars-std htdbm httpd rotatelogs apachectl dbmmanage fcgistarter htdigest httxt2dbm suexec apxs envvars htcacheclean htpasswd logresolve root@2f51f41d2b26:/usr/local/apache2/bin# exit exit [root@Raygussie ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2f51f41d2b26 httpd "httpd-foreground" About a minute ago Up About a minute 80/tcp unruffled_lewin
- docker info
[root@Raygussie ~]# docker info Client: Context: default Debug Mode: false Plugins: app: Docker App (Docker Inc., v0.9.1-beta3) buildx: Build with BuildKit (Docker Inc., v0.5.1-docker) Server: Containers: 3 Running: 0 Paused: 0 Stopped: 3 Images: 2 Server Version: 20.10.3 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local
。。。。。。
- docker inspect
[root@Raygussie ~]# docker inspect a8974fc34766 [ { "Id": "a8974fc347662586624c959a93d8c639767387d92d93fa65659e88d236d38e8a", "Created": "2021-02-25T20:44:19.761464715Z", "Path": "httpd-foreground", "Args": [], "State": { "Status": "created", "Running": false, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 0, "ExitCode": 0, "Error": "", "StartedAt": "0001-01-01T00:00:00Z", "FinishedAt": "0001-01-01T00:00:00Z" }, 。。。。。。
