docker(复件)

docker02 ~]# history
6 yum -y install docker-engine-selinux-1.12.1-1.el7.centos.noarch.rpm
7 yum -y install docker-engine-1.12.1-1.el7.centos.x86_64.rpm

56 docker help run
57 docker run -it centos /bin/bash
#############################################################################
虚拟机docker01和虚拟机docker02

[root@docker02 ~]# docker run -itd nginx
显示如下：
ad6f4ce6369d3f3368ccd0fb57f43912f4de557928c56b054bd17ff58ed6940f

[root@docker02 ~]# docker run -it nginx /bin/bash 新开一个nginx容器
root@03f810afcd4f:/# cat /etc/debian_version 进入容器之后，查看当前版本信息
8.6 当前版本8.6

root@03f810afcd4f:/# exit 退出
exit

[root@docker02 ~]# curl http://172.17.0.2/
... ...
<title>Welcome to nginx!</title>
... ...

[root@docker02 ~]# docker inspect nginx 查看镜像的信息
其中这段是定义环境变量
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],

下面这段是镜像启动程序的默认命令
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"/bin/bash\"]"
],
#############################################################################
虚拟机docker01和虚拟机docker02

[root@docker02 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 11 weeks ago 1.154 MB
... ...

[root@docker02 ~]# docker rmi busybox:latest 无法删除正在运行容器的镜像，会报错
Error response from daemon: conflict: unable to remove repository reference "busybox:latest" (must force) - container 8af256541d52 is using its referenced image 59788edf1f3e

[root@docker02 ~]# docker rmi registry:latest 只能删除没有运行容器的镜像registry:latest。删除时，要指定名字和标签。
Untagged: registry:latest
Deleted: sha256:d1fd7d86a8257f3404f92c4474fb3353076883062d64a09232d95d940627459d
Deleted: sha256:4d765aea84ce4f56bd623e4fd38dec996a259af3418e2466d0e2067ed0ae8aa6
Deleted: sha256:5d385be69c9c4ce5538e12e6e677727ebf19ca0afaff6f035d8043b5e413003a
Deleted: sha256:adb712878b60bd7ed8ce661c91eb3ac30f41b67bfafed321395863051596a8e9
Deleted: sha256:55a50a618c1b76f784b0b68a0b3d70db93b353fb03227ea6bd87f794cad92917
Deleted: sha256:e53f74215d12318372e4412d0f0eb3908e17db25c6185f670db49aef5271f91f

[root@docker02 ~]# ls -i 查看当前目录所有文档的i节点
1048655 busybox.tar
... ...

[root@docker02 ~]# ln busybox.tar abc 给busybox.tar创建一个硬连接abc
[root@docker02 ~]# ls -i 可以看到busybox.tar和硬连接abc的i节点是一样的
1048655 abc
1048655 busybox.tar
... ...

[root@docker02 ~]# rm -rf abc 删除硬连接abc

[root@docker02 ~]# ls -i 可以看到删除了硬连接abc之后，源文件busybox.tar还是存在的，i节点不变
1048655 busybox.tar
... ...

[root@docker02 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 11 weeks ago 1.154 MB
... ...

[root@docker02 ~]# docker tag busybox:latest aa:bb 可以复制和busybox:latest一样的镜像aa:bb，他们2个是独立的镜像！
[root@docker02 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
aa bb 59788edf1f3e 11 weeks ago 1.154 MB
busybox latest 59788edf1f3e 11 weeks ago 1.154 MB
... ...

[root@docker02 ~]# docker run -it aa:bb 也能正常运行一个新容器aa:bb，如果用exit退出，会直接关闭这个容器，但并没有删除该镜像。
/ # ls 可以正常使用
bin dev etc home proc root sys tmp usr var
/ # exit 退出

[root@docker02 ~]# docker rmi aa:bb 删除没有运行容器的镜像aa:bb。它之前复制的源镜像busybox:latest不会被删除，他们是独立的！
Untagged: aa:bb

# docker images 可以看到镜像aa:bb已经被删掉了
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 11 weeks ago 1.154 MB
... ...
##################################################################################################################

# cat /usr/lib/systemd/system/sshd.service
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.service
Wants=sshd-keygen.service

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s

[Install]
WantedBy=multi-user.target

[root@docker02 ~]# systemctl stop sshd
[root@docker02 ~]# cat /etc/sysconfig/sshd
# Configuration file for the sshd service.

# The server keys are automatically generated if they are missing.
# To change the automatic creation uncomment and change the appropriate
# line. Accepted key types are: DSA RSA ECDSA ED25519.
# The default is "RSA ECDSA ED25519"

# AUTOCREATE_SERVER_KEYS=""
# AUTOCREATE_SERVER_KEYS="RSA ECDSA ED25519"

# Do not change this option unless you have hardware random
# generator and you REALLY know what you are doing

SSH_USE_STRONG_RNG=0
# SSH_USE_STRONG_RNG=1
[root@docker02 ~]# /usr/sbin/sshd -D
^C
[root@docker02 ~]# /usr/sbin/sshd -D &
[1] 3621
[root@docker02 ~]# docker run -d redis
1019522fef20d454de656c4df29a807f7bccbc1c03688d482b691b1af3d4e166

# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1019522fef20 redis "docker-entrypoint.sh" About a minute ago Up About a minute 6379/tcp boring_franklin
[root@docker02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1019522fef20 redis "docker-entrypoint.sh" About a minute ago Up About a minute 6379/tcp boring_franklin
5d1a12913abd 59788edf1f3e "sh" 45 minutes ago Exited (0) 45 minutes ago peaceful_cray
b7c1c4c3c09f redis "docker-entrypoint.sh" About an hour ago Exited (0) About an hour ago drunk_swartz
1d6e132fcad6 redis "docker-entrypoint.sh" About an hour ago Exited (0) About an hour ago thirsty_cray
85116acd2d55 nginx "nginx -g 'daemon off" 2 hours ago Exited (0) 2 hours ago elegant_mestorf
9d091b4898dc nginx:latest "nginx -g 'daemon off" 2 hours ago Exited (0) 2 hours ago reverent_nobel
e40404f7c566 ubuntu:latest "/bin/bash" 2 hours ago Exited (0) About an hour ago grave_pike
8af256541d52 busybox:latest "/bin/bash" 2 hours ago Created cocky_pare
3985fd0dfffa centos "/bin/bash" 2 hours ago Exited (127) 2 hours ago adoring_ramanujan
7ca4bd3e3127 centos "/bin/bash" 2 hours ago Exited (0) 2 hours ago dreamy_heyrovsky
8bb45f2a0b8f centos "/bin/bash" 4 hours ago Exited (0) 3 hours ago ecstatic_meitner
0d3b6e4345ed centos "/bin/bash" 4 hours ago Exited (127) 4 hours ago thirsty_chandrasekhar
[root@docker02 ~]# docker ps -qa
1019522fef20
5d1a12913abd
b7c1c4c3c09f
1d6e132fcad6
85116acd2d55
9d091b4898dc
e40404f7c566
8af256541d52
3985fd0dfffa
7ca4bd3e3127
8bb45f2a0b8f
0d3b6e4345ed
[root@docker02 ~]#

# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1019522fef20 redis "docker-entrypoint.sh" 2 minutes ago Up 2 minutes 6379/tcp boring_franklin
[root@docker02 ~]# docker stop 1019522fef20
1019522fef20

# docker run -itd nginx
340bb89ac9640e5acfcd82552b584d7d2a1a6d61eb3c187e7b97193344b12317
[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 14 seconds ago Up 12 seconds 80/tcp, 443/tcp boring_goldstine
[root@docker02 ~]# curl -m 3 http://172.17.0.2/
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@docker02 ~]# docker stop 340bb89ac964
340bb89ac964
[root@docker02 ~]# curl -m 3 http://172.17.0.2/
curl: (28) Connection timed out after 3001 milliseconds
[root@docker02 ~]# # docker inspect 340bb89ac964
[
{
"Id": "340bb89ac9640e5acfcd82552b584d7d2a1a6d61eb3c187e7b97193344b12317",
... ...

# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 4 minutes ago Exited (0) 3 minutes ago boring_goldstine
1019522fef20 redis "docker-entrypoint.sh" 8 minutes ago Exited (0) 5 minutes ago boring_franklin
5d1a12913abd 59788edf1f3e "sh" 52 minutes ago Exited (0) 52 minutes ago peaceful_cray
b7c1c4c3c09f redis "docker-entrypoint.sh" About an hour ago Exited (0) About an hour ago drunk_swartz
1d6e132fcad6 redis "docker-entrypoint.sh" About an hour ago Exited (0) About an hour ago thirsty_cray
85116acd2d55 nginx "nginx -g 'daemon off" 2 hours ago Exited (0) 2 hours ago elegant_mestorf
9d091b4898dc nginx:latest "nginx -g 'daemon off" 2 hours ago Exited (0) 2 hours ago reverent_nobel
e40404f7c566 ubuntu:latest "/bin/bash" 2 hours ago Exited (0) About an hour ago grave_pike
8af256541d52 busybox:latest "/bin/bash" 2 hours ago Created cocky_pare
3985fd0dfffa centos "/bin/bash" 2 hours ago Exited (127) 2 hours ago adoring_ramanujan
7ca4bd3e3127 centos "/bin/bash" 2 hours ago Exited (0) 2 hours ago dreamy_heyrovsky
8bb45f2a0b8f centos "/bin/bash" 4 hours ago Exited (0) 3 hours ago ecstatic_meitner
0d3b6e4345ed centos "/bin/bash" 4 hours ago Exited (127) 4 hours ago thirsty_chandrasekhar

[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

[root@docker02 ~]# docker start 3 提示3开头的id是有重复的
Error response from daemon: Multiple IDs found with provided prefix: 3985fd0dfffa71276c4de92049cec2621d45a5994508d35d158b02d221e4a158
Error: failed to start containers: 3

[root@docker02 ~]# docker start 34 因为id以33开头的id是唯一的，所以可以这样
34

[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 5 minutes ago Up 2 seconds 80/tcp, 443/tcp boring_goldstine

# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 10 minutes ago Up 4 minutes 80/tcp, 443/tcp boring_goldstine
1019522fef20 redis "docker-entrypoint.sh" 14 minutes ago Exited (0) 11 minutes ago boring_franklin
5d1a12913abd 59788edf1f3e "sh" 58 minutes ago Exited (0) 58 minutes ago peaceful_cray
b7c1c4c3c09f redis "docker-entrypoint.sh" 2 hours ago Exited (0) 2 hours ago drunk_swartz
1d6e132fcad6 redis "docker-entrypoint.sh" 2 hours ago Exited (0) 2 hours ago thirsty_cray
9d091b4898dc nginx:latest "nginx -g 'daemon off" 2 hours ago Exited (0) 2 hours ago reverent_nobel
e40404f7c566 ubuntu:latest "/bin/bash" 2 hours ago Exited (0) About an hour ago grave_pike
8af256541d52 busybox:latest "/bin/bash" 2 hours ago Created cocky_pare
3985fd0dfffa centos "/bin/bash" 2 hours ago Exited (127) 2 hours ago adoring_ramanujan
7ca4bd3e3127 centos "/bin/bash" 2 hours ago Exited (0) 2 hours ago dreamy_heyrovsky
8bb45f2a0b8f centos "/bin/bash" 4 hours ago Exited (0) 4 hours ago ecstatic_meitner
0d3b6e4345ed centos "/bin/bash" 4 hours ago Exited (127) 4 hours ago thirsty_chandrasekhar

[root@docker02 ~]# docker rm 0d 8b 7c 39 8a e4 9d 1d b7 5d 10 一次性删除很多容器
0d
8b
7c
39
8a
e4
9d
1d
b7
5d
10

[root@docker02 ~]# docker ps -a 现在只有一个容器了
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 12 minutes ago Up 6 minutes 80/tcp, 443/tcp boring_goldstine

[root@docker02 ~]# docker ps 现在只有一个容器活着
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
340bb89ac964 nginx "nginx -g 'daemon off" 12 minutes ago Up 6 minutes 80/tcp, 443/tcp boring_goldstine

# docker ps -q
340bb89ac964

# docker inspect -f '{{.NetworkSettings.IPAddress}}' 34
172.17.0.2
[root@docker02 ~]# docker inspect -f '{{.NetworkSettings.MacAddress}}' 34
02:42:ac:11:00:02

# docker run -it centos
[root@2877256d2ace /]# sleep 12345 &
[1] 14

另开终端
# ssh 192.168.3.31
# docker ps -q
2877256d2ace
340bb89ac964
[root@docker02 ~]# docker top 28
UID PID PPID C STIME TTY TIME CMD
root 4359 4346 0 16:58 pts/2 00:00:00 /bin/bash
root 4384 4359 0 16:58 pts/2 00:00:00 sleep 12345
[root@docker02 ~]# docker top 34
UID PID PPID C STIME TTY TIME CMD
root 3940 3927 0 16:39 pts/0 00:00:00 nginx: master process nginx -g daemon off;
104 3955 3940 0 16:39 pts/0 00:00:00 nginx: worker process

# docker rm 28 如果容器还在运行是无法删除的，会报错
Error response from daemon: You cannot remove a running container 2877256d2ace3317f664d9985c3a9708b171193749fd536a85894291ea42c724. Stop the container before attempting removal or use -f

[root@docker02 ~]# docker stop 28 先停止容器
28

[root@docker02 ~]# docker rm 28 就可以删除容器了
28

[root@docker02 ~]# docker ps -q
340bb89ac964

# docker stop 34
34

[root@docker02 ~]# docker ps -q

[root@docker01 ~]# docker rm $(docker stop $(docker ps -qa)) 一次性停止并删除查出来的所有容器

# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebaef1f07000 nginx "nginx -g 'daemon off" 11 seconds ago Up 9 seconds 80/tcp, 443/tcp distracted_ramanujan
340bb89ac964 nginx "nginx -g 'daemon off" 35 minutes ago Exited (0) 5 minutes ago boring_goldstine
[root@docker02 ~]# docker rm $(docker stop $(docker ps -qa))
ebaef1f07000
340bb89ac964
[root@docker02 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

 

# docker run -it nginx 如果想要退出容器，要一直摁住ctrl，然后摁p，再摁q
[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bf831430bdb6 nginx "nginx -g 'daemon off" 52 seconds ago Up 49 seconds 80/tcp, 443/tcp angry_curie
2f287c9d10d9 centos "/bin/bash" 4 minutes ago Up 4 minutes nostalgic_yonath
[root@docker02 ~]# docker attach bf
终端会停在这里，这是正常的

新开终端
# docker inspect bf
... ...
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
... ...

[root@docker02 ~]# curl http://172.17.0.3/
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
... ...

原来的终端会跳出新的信息
# docker attach bf
172.17.0.1 - - [21/Dec/2018:09:25:03 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0" "-"

如果想要退出容器，要一直摁住ctrl，然后摁p，再摁q

 

# docker ps -q

[root@docker02 ~]# docker run -itd centos
1d08be999a50840dbb98fa9514f7280c28b5392e1f5fd445f636bde0abd29014

[root@docker02 ~]# docker ps -q
1d08be999a50

[root@docker02 ~]# docker exec -it 1d bash

[root@1d08be999a50 /]# pstree -q 0
bash: pstree: command not found

[root@1d08be999a50 /]# rm -rf /etc/yum.repos.d/*
[root@1d08be999a50 /]# vi /etc/yum.repos.d/centos.repo
[root@1d08be999a50 /]# cat /etc/yum.repos.d/centos.repo
[centos]
name=centos
baseurl=ftp://192.168.3.254/CentOS7
enabled=1
gpgcheck=0
[root@1d08be999a50 /]# yum provides pstree
Loaded plugins: fastestmirror, ovl
centos | 3.6 kB 00:00:00
(1/2): centos/group_gz | 156 kB 00:00:00
(2/2): centos/primary_db | 5.7 MB 00:00:00
Determining fastest mirrors
centos/filelists_db | 6.7 MB 00:00:00
psmisc-22.20-15.el7.x86_64 : Utilities for managing processes on your system
Repo : centos
Matched from:
Filename : /usr/bin/pstree

[root@1d08be999a50 /]# yum -y install psmisc-22.20-15.el7.x86_64
[root@1d08be999a50 /]# pstree -p 0 可以看到是上帝下面运行的bash命令
?()-+-bash(1)
`-bash(13)---pstree(34)

[root@1d08be999a50 /]# exit
exit
[root@docker02 ~]# docker ps -q 容器还活着
1d08be999a50

[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1d08be999a50 centos "/bin/bash" 3 minutes ago Up 3 minutes zen_noyce

[root@docker02 ~]# docker ps -q
1d08be999a50

[root@docker02 ~]# docker attach 1d 这个命令很危险，相当于console连接，如果退出，会直接关闭容器，但还是存在的。
[root@1d08be999a50 /]# pstree -p 0 现在bash的进程就是上帝
?()---bash(1)---pstree(35)
[root@1d08be999a50 /]# exit 用attach进入容器，退出相当于让上帝直接去死
exit

[root@docker02 ~]# docker ps -q 已经查不到活着的容器了
[root@docker02 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

# docker ps -qa
1d08be999a50 这个容器还在，只是它停止服务了，相当于死了
... ...

 

 

 

kill -l 看信号
1)SIGNHUP重新读配置文件

 

ip a
ss -ltun
dpkg -l
dpkg -L
nginx -h
ningx -T

ADD 只支持本地路径

 

 

 

常见容器报错
[root@docker01 ~]# docker run -it centos
WARNING: IPv4 forwarding is disabled. Networking will not work.

[root@c8244ca03313 /]# exit
exit

[root@docker01 ~]# vi /usr/lib/sysctl.d/00-system.conf
# cat /usr/lib/sysctl.d/00-system.conf
# Kernel sysctl configuration file
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
net.ipv4.ip_forward=1 追加这行

[root@docker01 ~]# systemctl restart network
[root@docker01 ~]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

[root@docker01 ~]# docker run -it centos
[root@6a169e503f80 /]#