docker 创建容器与管理容器
创建容器的选项
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 | [root@mast ~]# docker container run --helpUsage: docker container run [OPTIONS] IMAGE [COMMAND] [ARG...]Run a command in a new containerOptions: --add-host list Add a custom host-to-IP mapping (host:ip) -a, --attach list Attach to STDIN, STDOUT or STDERR --blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) --blkio-weight-device list Block IO weight (relative device weight) (default []) --cap-add list Add Linux capabilities --cap-drop list Drop Linux capabilities --cgroup-parent string Optional parent cgroup for the container --cidfile string Write the container ID to the file --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota --cpu-rt-period int Limit CPU real-time period in microseconds --cpu-rt-runtime int Limit CPU real-time runtime in microseconds -c, --cpu-shares int CPU shares (relative weight) --cpus decimal Number of CPUs --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) -d, --detach Run container in background and print container ID --detach-keys string Override the key sequence for detaching a container --device list Add a host device to the container --device-cgroup-rule list Add a rule to the cgroup allowed devices list --device-read-bps list Limit read rate (bytes per second) from a device (default []) --device-read-iops list Limit read rate (IO per second) from a device (default []) --device-write-bps list Limit write rate (bytes per second) to a device (default []) --device-write-iops list Limit write rate (IO per second) to a device (default []) --disable-content-trust Skip image verification (default true) --dns list Set custom DNS servers --dns-option list Set DNS options --dns-search list Set custom DNS search domains --entrypoint string Overwrite the default ENTRYPOINT of the image -e, --env list Set environment variables --env-file list Read in a file of environment variables --expose list Expose a port or a range of ports --group-add list Add additional groups to join --health-cmd string Command to run to check health --health-interval duration Time between running the check (ms|s|m|h) (default 0s) --health-retries int Consecutive failures needed to report unhealthy --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) --health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) --help Print usage -h, --hostname string Container host name --init Run an init inside the container that forwards signals and reaps processes -i 交互式, --interactive Keep STDIN open even if not attached --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --ipc string IPC mode to use --isolation string Container isolation technology --kernel-memory bytes Kernel memory limit -l, --label list Set meta data on a container --label-file list Read in a line delimited file of labels --link list Add link to another container --link-local-ip list Container IPv4/IPv6 link-local addresses --log-driver string Logging driver for the container --log-opt list Log driver options --mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) -m, --memory bytes Memory limit --memory-reservation bytes Memory soft limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) --mount mount Attach a filesystem mount to the container --name string Assign a name to the container --network string Connect a container to a network (default "default") --network-alias list Add network-scoped alias for the container --no-healthcheck Disable any container-specified HEALTHCHECK --oom-kill-disable Disable OOM Killer --oom-score-adj int Tune host's OOM preferences (-1000 to 1000) --pid string PID namespace to use --pids-limit int Tune container pids limit (set -1 for unlimited) --privileged Give extended privileges to this container -p, --publish list Publish a container's port(s) to the host -P, --publish-all Publish all exposed ports to random ports --read-only Mount the container's root filesystem as read only --restart string Restart policy to apply when a container exits (default "no") --rm Automatically remove the container when it exits --runtime string Runtime to use for this container --security-opt list Security Options --shm-size bytes Size of /dev/shm --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") --stop-timeout int Timeout (in seconds) to stop a container --storage-opt list Storage driver options for the container --sysctl map Sysctl options (default map[]) --tmpfs list Mount a tmpfs directory -t, --tty 分配一个伪终端 Allocate a pseudo-TTY --ulimit ulimit Ulimit options (default []) -u, --user string Username or UID (format: <name|uid>[:<group|gid>]) --userns string User namespace to use --uts string UTS namespace to use -v, --volume list Bind mount a volume --volume-driver string Optional volume driver for the container --volumes-from list Mount volumes from the specified container(s) -w, --workdir string Working directory inside the container |
启动一个容器并在前台运行
1 2 | [root@localhost ~]# docker run -it centos /bin/bash[root@4279c14287c1 /]# |
后台创建一个容器
1 2 3 4 5 | [root@localhost ~]# docker run -d centos 53dfa07e6f2c1f514cfe04c7943790692dd385e920ba56561c5b82160089fb33[root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES53dfa07e6f2c centos "/bin/bash" 3 seconds ago Exited (0) 2 seconds ago unruffled_pare |
创建容器并设置端口映射-p 将容器端口映射成指定端口
1 2 3 4 5 6 7 8 9 10 11 12 13 | [root@localhost ~]# docker run --name web -d -e test=123 -p 88:80 -h web nginx d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f[root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESd2394de6c3a1 nginx "nginx -g 'daemon of…" 15 seconds ago Up 11 seconds 0.0.0.0:88->80/tcp web[root@localhost ~]# ss -lntpState Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* users:(("sshd",pid=921,fd=3))LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1310,fd=13))LISTEN 0 128 :::22 :::* users:(("sshd",pid=921,fd=4))LISTEN 0 128 :::88 :::* users:(("docker-proxy",pid=19507,fd=4))LISTEN 0 100 ::1:25 :::* users:(("master",pid=1310,fd=14)) |
进入后台运行的容器
1 2 | [root@localhost ~]# docker exec -it web bashroot@web:/# <br> |
将容器端口映射成随机的端口 -P
1 2 3 4 5 6 7 8 9 10 11 | [root@localhost ~]# docker run -d --name web-1 -e test=chenxi -P -h cx nginxa3bdc2062cd738acc717da093c5de736c2170d88a9fd310e0c0de0c20fdb855f[root@localhost ~]# ss -lntpState Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:22 *:* users:(("sshd",pid=921,fd=3))LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1310,fd=13))LISTEN 0 128 :::32768 :::* users:(("docker-proxy",pid=19781,fd=4))LISTEN 0 128 :::22 :::* users:(("sshd",pid=921,fd=4))LISTEN 0 128 :::88 :::* users:(("docker-proxy",pid=19507,fd=4))LISTEN 0 100 ::1:25 :::* users:(("master",pid=1310,fd=14)) |
创建容器设置容器允许使用500m内存,允许使用600m的swap分区,并禁用oom-kill
1 2 3 4 | [root@localhost ~]# docker run --name web-9 --memory="500m" --memory-swap="600m" --oom-kill-disable -d -P nginx[root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES25aff37e7dd0 nginx "nginx -g 'daemon of…" 7 minutes ago Up 7 minutes 0.0.0.0:32769->80/tcp web-9 |
创建容器时设置容器最大使用一个半的cpu资源
1 2 3 4 5 6 | [root@localhost ~]# docker run -d --name web-cx --cpus="1.5" -P nginx 0771848dd42e79499e6c43e28cecea79f03b80bae56daf7e1aa2c140304c2789[root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES0771848dd42e nginx "nginx -g 'daemon of…" 15 seconds ago Up 12 seconds 0.0.0.0:32770->80/tcp web-cx |
创建容器时设置容器最多使用半个cpu
1 2 3 4 5 6 | [root@localhost ~]# docker run -d --name web-cx1 --cpus=".5" -P nginx 7638633dc06af3e335179e49b81a08959ec83e50362cb80f71188d652a86e37f[root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7638633dc06a nginx "nginx -g 'daemon of…" 4 seconds ago Up 2 seconds 0.0.0.0:32771->80/tcp web-cx1 |
动态查看容器的资源限制
1 | [root@localhost ~]# docker stats web-cx |
查看最后创建的一个容器
1 2 3 | [root@localhost ~]# docker ps -lCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7638633dc06a nginx "nginx -g 'daemon of…" 16 minutes ago Up 16 minutes 0.0.0.0:32771->80/tcp web-cx1 |
查看当前系统所有容器
1 2 3 4 5 6 7 8 9 10 11 | [root@localhost ~]# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7638633dc06a nginx "nginx -g 'daemon of…" 17 minutes ago Up 17 minutes 0.0.0.0:32771->80/tcp web-cx10771848dd42e nginx "nginx -g 'daemon of…" 20 minutes ago Up 20 minutes 0.0.0.0:32770->80/tcp web-cx25aff37e7dd0 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:32769->80/tcp web-9ab4b909c4e68 nginx "nginx -g 'daemon of…" About an hour ago Exited (0) About an hour ago cxa3bdc2062cd7 nginx "nginx -g 'daemon of…" 2 hours ago Up 2 hours 0.0.0.0:32768->80/tcp web-1d2394de6c3a1 nginx "nginx -g 'daemon of…" 2 hours ago Up 2 hours 0.0.0.0:88->80/tcp web53dfa07e6f2c centos "/bin/bash" 2 hours ago Exited (0) 2 hours ago unruffled_pare4279c14287c1 centos "/bin/bash" 2 hours ago Exited (127) 2 hours ago determined_chatterjeedc2a611dae83 centos "/bin/bash" 2 hours ago Created reverent_elion |
查看当前运行的容器
1 2 3 4 5 6 7 | [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES7638633dc06a nginx "nginx -g 'daemon of…" 19 minutes ago Up 19 minutes 0.0.0.0:32771->80/tcp web-cx10771848dd42e nginx "nginx -g 'daemon of…" 21 minutes ago Up 21 minutes 0.0.0.0:32770->80/tcp web-cx25aff37e7dd0 nginx "nginx -g 'daemon of…" About an hour ago Up About an hour 0.0.0.0:32769->80/tcp web-9a3bdc2062cd7 nginx "nginx -g 'daemon of…" 2 hours ago Up 2 hours 0.0.0.0:32768->80/tcp web-1d2394de6c3a1 nginx "nginx -g 'daemon of…" 2 hours ago Up 2 hours 0.0.0.0:88->80/tcp web |
查看容器详细信息
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 | [root@localhost ~]# docker inspect web[ { "Id": "d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f", "Created": "2019-02-22T02:09:09.984595885Z", "Path": "nginx", "Args": [ "-g", "daemon off;" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 19532, "ExitCode": 0, "Error": "", "StartedAt": "2019-02-22T02:09:12.789486607Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:f09fe80eb0e75e97b04b9dfb065ac3fda37a8fac0161f42fca1e6fe4d0977c80", "ResolvConfPath": "/var/lib/docker/containers/d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f/resolv.conf", "HostnamePath": "/var/lib/docker/containers/d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f/hostname", "HostsPath": "/var/lib/docker/containers/d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f/hosts", "LogPath": "/var/lib/docker/containers/d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f/d2394de6c3a11151bfc1697493a8012a132763b2bfa045b55d7f657704e47f6f-json.log", "Name": "/web", "RestartCount": 0, "Driver": "overlay2", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "", "ExecIDs": [ "cad7ed32fa3444fb65f4dcf7007ce4af807b57554cb20325c57e38bc0ca4601c" ], "HostConfig": { "Binds": null, "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "default", "PortBindings": { "80/tcp": [ { "HostIp": "", "HostPort": "88" } ] }, "RestartPolicy": { "Name": "no", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "shareable", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": [], "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DiskQuota": 0, "KernelMemory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": 0, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": [ "/proc/asound", "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware" ], "ReadonlyPaths": [ "/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger" ] }, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/036314137e1525f686243ae5d6fd2861ab91e41d7bad36ac8a416aadb50e5302-init/diff:/var/lib/docker/overlay2/1491a86a89f7d4721b73639455d75fb153bc12c6cdaee687039d2e9317215741/diff:/var/lib/docker/overlay2/808c5a465c27497cb57ea709b083e855b6e11e2efa70887b1e3d6f2ece944ab3/diff:/var/lib/docker/overlay2/97f2bebcc1413f092415377b6d7e31dec473bd074f23afcde2d2394c65feed65/diff", "MergedDir": "/var/lib/docker/overlay2/036314137e1525f686243ae5d6fd2861ab91e41d7bad36ac8a416aadb50e5302/merged", "UpperDir": "/var/lib/docker/overlay2/036314137e1525f686243ae5d6fd2861ab91e41d7bad36ac8a416aadb50e5302/diff", "WorkDir": "/var/lib/docker/overlay2/036314137e1525f686243ae5d6fd2861ab91e41d7bad36ac8a416aadb50e5302/work" }, "Name": "overlay2" }, "Mounts": [], "Config": { "Hostname": "web", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "80/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "test=123", "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.15.8-1~stretch", "NJS_VERSION=1.15.8.0.2.7-1~stretch" ], "Cmd": [ "nginx", "-g", "daemon off;" ], "ArgsEscaped": true, "Image": "nginx", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>" }, "StopSignal": "SIGTERM" }, "NetworkSettings": { "Bridge": "", "SandboxID": "fe9ee0aed5e4eb0b9813211dc2d5fb27ee4bf03ea613b50e9c67d2e6d2204beb", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": { "80/tcp": [ { "HostIp": "0.0.0.0", "HostPort": "88" } ] }, "SandboxKey": "/var/run/docker/netns/fe9ee0aed5e4", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "1ebbb49fc6565721fdb915fc659f4c5c5cb62c4b7b2190ad9a9aac3b3dbb2f0d", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "02:42:ac:11:00:02", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "3b2c8016eb022a0e3a9896ff22b7aee66d3034fef8b301b91dc791ff184eef13", "EndpointID": "1ebbb49fc6565721fdb915fc659f4c5c5cb62c4b7b2190ad9a9aac3b3dbb2f0d", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.2", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:02", "DriverOpts": null } } } }] |
交互式进入容器
1 2 | [root@localhost ~]# docker exec -it web bashroot@web:/# |
利用容器创建镜像
1 2 3 4 5 6 7 | [root@localhost ~]# docker commit web nginx:web4sha256:58f1e3f2b46e047322fb302ca87d4c3748f02ba3609bac222ec7122937b0b030[root@localhost ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEnginx web4 58f1e3f2b46e 28 seconds ago 109MBnginx latest f09fe80eb0e7 2 weeks ago 109MBcentos latest 1e1148e4cc2c 2 months ago 202MB |
从宿主机往容器里复制文件
1 2 3 4 5 | [root@localhost ~]# docker cp nginx-1.15.8.tar.gz web:/[root@localhost ~]# docker exec -it web ls /1 bin etc lib64 nginx-1.15.8.tar.gz root srv usr12 boot home media opt run sys var123 dev lib mnt proc sbin tmp |
查看指定容器里的进程
1 2 3 4 5 | [root@localhost ~]# docker top webUID PID PPID C STIME TTY TIME CMDroot 19532 19514 0 10:09 ? 00:00:00 nginx: master process nginx -g daemon off;101 19565 19532 0 10:09 ? 00:00:00 nginx: worker processroot 19734 19514 0 10:11 pts/0 00:00:00 bash |
草都可以从石头缝隙中长出来更可况你呢
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· C#/.NET/.NET Core优秀项目和框架2025年2月简报
· 葡萄城 AI 搜索升级:DeepSeek 加持,客户体验更智能
· 什么是nginx的强缓存和协商缓存
· 一文读懂知识蒸馏