docker入门
Centos7 安装docker
-
卸载旧版本
-
旧版本的 Docker 称为
docker或者docker-engine,使用以下命令卸载旧版本:
[root@VM-16-13-centos ~]# sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
- 使用 yum 安装
执行以下命令安装依赖包:
[root@VM-16-13-centos ~]# sudo yum install -y yum-utils
安装
[root@VM-16-13-centos ~]# sudo yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@VM-16-13-centos ~]# sudo sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
## 注意可能会有安装完 没有/etc/docker/daemon.json的情况
# 官方源
# $ sudo yum-config-manager \
# --add-repo \
# https://download.docker.com/linux/centos/docker-ce.repo
-
更新
yum软件源缓存,并安装docker-ce[root@VM-16-13-centos ~]# sudo yum install docker-ce docker-ce-cli containerd.io
Centos7 手动安装遇到问题:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
- 解决方法
进入 /etc/docker,没有daemon.json文件就自己新建一个:
[root@VM-16-13-centos ~]# cd /etc/docker
[root@VM-16-13-centos docker]# ls ## 注意用别的方法安装的 这个地方也可能没有daemon.json
key.json daemon.json
- 编辑daemon.json文件:地址替换为自己想用的 建议用国内镜像
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
- 重启docker
systemctl restart docker.service
脚本安装
###### centos7脚本安装 docker
[root@VM-16-13-centos ~]# curl -fsSL get.docker.com -o get-docker.sh #安装 脚本
[root@VM-16-13-centos ~]# sudo sh get-docker.sh --mirror Aliyun #使用阿里云镜像
# Executing docker install script, commit: 93d2499759296ac1f9c510605fef85052a2c32be
+ sh -c 'yum install -y -q yum-utils'
Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version
+ sh -c 'yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo'
Loaded plugins: fastestmirror, langpacks
adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
+ '[' stable '!=' stable ']'
+ sh -c 'yum makecache'
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
docker-ce-stable | 3.5 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
os | 3.6 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/13): docker-ce-stable/7/x86_64/updateinfo | 55 B 00:00:00
(2/13): docker-ce-stable/7/x86_64/primary_db | 75 kB 00:00:00
(3/13): docker-ce-stable/7/x86_64/filelists_db | 31 kB 00:00:00
(4/13): docker-ce-stable/7/x86_64/other_db | 123 kB 00:00:00
(5/13): epel/7/x86_64/prestodelta | 4.5 kB 00:00:00
(6/13): extras/7/x86_64/filelists_db | 277 kB 00:00:00
(7/13): extras/7/x86_64/other_db | 147 kB 00:00:00
(8/13): epel/7/x86_64/other_db | 3.4 MB 00:00:00
(9/13): os/7/x86_64/filelists_db | 7.2 MB 00:00:00
(10/13): os/7/x86_64/other_db | 2.6 MB 00:00:00
(11/13): updates/7/x86_64/other_db | 1.0 MB 00:00:00
(12/13): updates/7/x86_64/filelists_db | 7.8 MB 00:00:00
(13/13): epel/7/x86_64/filelists_db | 12 MB 00:00:01
Metadata Cache Created
+ '[' -n '' ']'
+ sh -c 'yum install -y -q docker-ce'
warning: /var/cache/yum/x86_64/7/docker-ce-stable/packages/docker-ce-20.10.14-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Public key for docker-ce-20.10.14-3.el7.x86_64.rpm is not installed
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm) <docker@docker.com>"
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
Warning: RPMDB altered outside of yum.
setsebool: SELinux is disabled.
+ version_gte 20.10
+ '[' -z '' ']'
+ return 0
+ sh -c 'yum install -y -q docker-ce-rootless-extras'
Package docker-ce-rootless-extras-20.10.14-3.el7.x86_64 already installed and latest version
================================================================================
To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh install
Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/
WARNING: Access to the remote API on a privileged Docker daemon is equivalent
to root access on the host. Refer to the 'Docker daemon attack surface'
documentation for details: https://docs.docker.com/go/attack-surface/
================================================================================
常见操作
[root@VM-16-13-centos ~]# systemctl enable docker #开机启动docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@VM-16-13-centos ~]# systemctl start docker #启动docker
[root@VM-16-13-centos ~]# docker pull hello-world #从 Docker 镜像仓库获取镜像
Using default tag: latest
latest: Pulling from library/hello-world
2db29710123e: Pull complete
Digest: sha256:bfea6278a0a267fad2634554f4f0c6f31981eea41c553fdf5a83e95a41d40c38
Status: Downloaded newer image for hello-world:latest
docker.io/library/hello-world:latest
[root@VM-16-13-centos ~]# docker image ls #列出镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
[root@VM-16-13-centos ~]# docker system df #查看镜像、容器、数据卷所占用的空间。
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 1 0 13.26kB 13.26kB (100%)
Containers 0 0 0B 0B
Local Volumes 0 0 0B 0B
Build Cache 0 0 0B 0B
[root@VM-16-13-centos ~]# docker image ls -f dangling=true #查看虚悬镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@VM-16-13-centos ~]# docker image prune #删除虚悬镜像
WARNING! This will remove all dangling images.
Are you sure you want to continue? [y/N] y
Total reclaimed space: 0B
#### 再顺便多拉两个镜像
[root@VM-16-13-centos ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
c229119241af: Pull complete
2215908dc0a2: Pull complete
08c3cb2073f1: Pull complete
18f38162c0ce: Pull complete
10e2168f148a: Pull complete
c4ffe9532b5f: Pull complete
Digest: sha256:2275af0f20d71b293916f1958f8497f987b8d8fd8113df54635f2a5915002bf1
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@VM-16-13-centos ~]# docker pull redis
Using default tag: latest
latest: Pulling from library/redis
c229119241af: Already exists
bed41eb8190a: Pull complete
5e59eaa723f1: Pull complete
fd5ad7669819: Pull complete
566c064eef6e: Pull complete
20c7cfac25de: Pull complete
Digest: sha256:69a3ab2516b560690e37197b71bc61ba245aafe4525ebdece1d8a0bc5669e3e2
Status: Downloaded newer image for redis:latest
docker.io/library/redis:latest
[root@VM-16-13-centos ~]# docker image ls -a #-a 显示 中间层镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest bba24acba395 8 days ago 113MB
nginx latest 12766a6745ee 8 days ago 142MB
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
[root@VM-16-13-centos ~]# docker image ls hello* #列出部分镜像 要不写出全称 要不 用通配符 通配符
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
[root@VM-16-13-centos ~]# docker image ls -q #以特定格式显示
bba24acba395
12766a6745ee
feb5d9fea6a5
[root@VM-16-13-centos ~]# docker image ls --format "{{.ID}}: {{.Repository}}"
bba24acba395: redis
12766a6745ee: nginx
feb5d9fea6a5: hello-world
[root@VM-16-13-centos ~]# docker image ls --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}"
IMAGE ID REPOSITORY TAG
bba24acba395 redis latest
12766a6745ee nginx latest
feb5d9fea6a5 hello-world latest
删除一项服务
[root@VM-16-13-centos ~]# docker ps ##当你的容器非正常启动时可用 docker ps -a 看到
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2cb697601010 mongo "docker-entrypoint.s…" 7 days ago Up 7 days 0.0.0.0:32768->27017/tcp mongo
[root@VM-16-13-centos ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2cb697601010 mongo "docker-entrypoint.s…" 7 days ago Up 7 days 0.0.0.0:32768->27017/tcp mongo
[root@VM-16-13-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 3c3da61c4be0 22 hours ago 113MB
nginx latest fa5269854a5e 25 hours ago 142MB
mongo latest b21ad2afe409 9 days ago 700MB
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
启动容器
# docker run
#-d(后台运行容器) --可选
#-p(暴露端口 主机端口:容器端口) --可选
#--name(自己给容器起名字:镜像名字:版本号) --不加版本号时为最新版本
[root@VM-16-13-centos ~]# docker run -d -p 80:80 -p 443:443 --name docker-nginx nginx
#进入容器执行
[root@VM-16-13-centos ~]# docker exec -it docker-nginx /bin/bash #进入容器执行 attach
root@01b209f3c308:/# pwd #查看容器中当前目录位置
/
root@01b209f3c308:/# exit #退出容器
# docker --help #可查看docker命令
# 查看子命令
例如:
[root@VM-16-13-centos ~]# docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach # Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h)
(default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string #Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive #Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list #暴露容器的全部窗口luPublish a container's port(s) to the host
-P, --publish-all #Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm #Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty #Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list #Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
完整删除容器和镜像
# 容器名/容器ID 使用效果一样 镜像名/镜像ID 使用效果一样 -f 不建议使用
[root@VM-16-13-centos ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01b209f3c308 nginx "/docker-entrypoint.…" 18 minutes ago Up 18 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp docker-nginx
2cb697601010 mongo "docker-entrypoint.s…" 7 days ago Up 7 days 0.0.0.0:32768->27017/tcp mongo
[root@VM-16-13-centos ~]# docker stop docker-nginx #先停止 其实也可以直接强制删除但是不建议
docker-nginx
[root@VM-16-13-centos ~]# docker rm docker-nginx # -f 可以强制删除还是不建议
docker-nginx
[root@VM-16-13-centos ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2cb697601010 mongo "docker-entrypoint.s…" 7 days ago Up 7 days 0.0.0.0:32768->27017/tcp mongo
[root@VM-16-13-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 3c3da61c4be0 22 hours ago 113MB
nginx latest fa5269854a5e 25 hours ago 142MB
mongo latest b21ad2afe409 9 days ago 700MB
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
[root@VM-16-13-centos ~]# docker rmi fa5269854a5e #docker rmi nginx (镜像名/镜像ID ID都可以)
Untagged: nginx:latest
Untagged: nginx@sha256:6d701d83f2a1bb99efb7e6a60a1e4ba6c495bc5106c91709b0560d13a9bf8fb6
Deleted: sha256:fa5269854a5e615e51a72b17ad3fd1e01268f278a6684c8ed3c5f0cdce3f230b
Deleted: sha256:5a730c5c122e844d0933a20b7b2fda1fc3bd33987869dbd2b59396d80b0bcfca
Deleted: sha256:1c253cdf8e00753daf0cc7ce52d6e6371a1679db912912e6e854dd09ba8b4e97
Deleted: sha256:532887908ca58c17ffd4946a51bfa01dc897f4ebf25f69fc149736f4fd6e8366
Deleted: sha256:1c4fd4da0a6c4dec7037b57b8b24ca6a346209983cbe63264afe4e724a8a9976
Deleted: sha256:186315e6b3b440e7935f059ccdaea035e03ccdb3133bc87055a299469d51717c
[root@VM-16-13-centos ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
redis latest 3c3da61c4be0 23 hours ago 113MB
mongo latest b21ad2afe409 9 days ago 700MB
hello-world latest feb5d9fea6a5 6 months ago 13.3kB
还有Dockerfile docker-compose 把这些弄熟了就算是会用docker了 这还太基础还有很多细节的问题可以在日常的使用中遇到
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?
· 【译】Visual Studio 中新的强大生产力特性
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 【设计模式】告别冗长if-else语句:使用策略模式优化代码结构