Docker知识
Docker安装
docker的官方网站:https://www.docker.com/
docker镜像的网站:https://hub.docker.com/
docker安装网址:https://docs.docker.com/engine/install/centos/
卸载老版本
$>>sudo apt remove docker docker-engine docker.io containerd runc
Ubuntu安装
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
#添加 GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
#验证
sudo apt-key fingerprint 0EBFCD88
#添加仓库
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
#再更新
sudo apt-get update
#安装
sudo apt-get install docker-ce docker-ce-cli containerd.io
#1、如果没有docker用户组,创建
sudo groupadd docker
#2、把普通用户添加到docker用户组中
sudo gpasswd -a $USER docker
#3、更新docker用户组
newgrp docker
#4、重启docker
sudo service docker restart
Windows安装
mac安装
centos安装
yum install -y yum-utils
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-nightly
yum install docker-ce docker-ce-cli containerd.io
systemctl start docker
deepin安装
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
#添加 GPG key
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
#验证
sudo apt-key fingerprint 0EBFCD88
#添加仓库
vim /etc/apt/sources.list
#添加
deb [arch=amd64] https://download.docker.com/linux/debian jessie stable
#再更新
sudo apt-get update
#安装
sudo apt-get install docker-ce docker-ce-cli containerd.io
## docker默认情况下是root运行
## 设置普通用户可以运行docker
#1、如果没有docker用户组,创建
sudo groupadd docker
#2、把普通用户添加到docker用户组中
sudo gpasswd -a $USER docker
#3、更新docker用户组
newgrp docker
#4、重启docker
sudo service docker restart
设置阿里云镜像加速器
https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://k80hx2w5.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
Docker 命令
docker 镜像下的命令
docker images
查看镜像下的内容
-a 查看所有的镜像
-q 查看进行的id
-aq 查看所有的镜像id
sun@sun:/etc/docker$ docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Options:
-a, --all Show all images (default hides intermediate images)
--digests Show digests
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print images using a Go template
--no-trunc Don't truncate output
-q, --quiet Only show numeric IDs
docker search
搜索镜像
sun@sun:/etc/docker$ docker search --help
Usage: docker search [OPTIONS] TERM
Search the Docker Hub for images
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print search using a Go template
--limit int Max number of search results (default 25)
--no-trunc Don't truncate output
搜索mysql的所有镜像
-f 过滤条件 查找大于等于3000stars的镜像
docker pull
安装镜像
docker pull centos # 安装centos的镜像---默认下载最新版本
docker pull centos:7.0 #安装指定版本的镜像
docker rmi
docker rmi 镜像id或者镜像名称
docker rmi -f $(docker images -qa) #删除全部镜像
options:
Usage: docker rmi [OPTIONS] IMAGE [IMAGE...]
Remove one or more images
Options:
-f, --force Force removal of the image #强制删除
--no-prune Do not delete untagged parents
删除镜像
sun@sun:/etc/docker$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 831691599b88 2 weeks ago 215MB
hello-world latest bf756fb1ae65 6 months ago 13.3kB
sun@sun:/etc/docker$ docker rmi bf756fb1ae65
Untagged: hello-world:latest
Untagged: hello-world@sha256:d58e752213a51785838f9eed2b7a498ffa1cb3aa7f946dda11af39286c3db9a9
Deleted: sha256:bf756fb1ae65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b
Deleted: sha256:9c27e219663c25e0f28493790cc0b88bc973ba3b1686355f221c38a36978ac63
sun@sun:/etc/docker$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 831691599b88 2 weeks ago 215MB
docker history
查看指定镜像的创建历史
Usage: docker history [OPTIONS] IMAGE
Show the history of an image
Options:
--format string Pretty-print images using a Go template
-H, --human Print sizes and dates in human readable format (default true)
--no-trunc Don't truncate output
-q, --quiet Only show numeric IDs
sun@sun:/etc/docker$ docker history centos
IMAGE CREATED CREATED BY SIZE COMMENT
831691599b88 2 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:84700c11fcc969ac0… 215MB
docker tag
标记本地镜像,将其归入某一仓库
sun@sun:/etc/docker$ docker tag --help
Usage: docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
$ docker tag centos qqqq5566/centos:1.0
sun@sun:/etc/docker$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 831691599b88 2 weeks ago 215MB
qqqq5566/centos 1.0 831691599b88 2 weeks ago 215MB
docker save
将指定镜像保存成tar归档文件
sun@sun:/etc/docker$ docker save --help
Usage: docker save [OPTIONS] IMAGE [IMAGE...]
Save one or more images to a tar archive (streamed to STDOUT by default)
Options:
-o, --output string Write to a file, instead of STDOUT #输出到的文件
sun@sun:~/Documents/study$ docker save -o test.tar qqqq5566/centos:1.0
sun@sun:~/Documents/study$ ls
Docker.md test.tar
docker load
导入使用docker save导出的镜像
sun@sun:~/Documents/study$ docker load --help
Usage: docker load [OPTIONS]
Load an image from a tar archive or STDIN
Options:
# -i 文件
-i, --input string Read from tar archive file, instead of STDIN
-q, --quiet Suppress the load output
sun@sun:~/Documents/study$ docker load -i test.tar
docker import
从归档文件中创建镜像
sun@sun:~/Documents/study$ docker import --help
Usage: docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Options:
# -c 应用docker指令创建镜像
-c, --change list Apply Dockerfile instruction to the created image
# -m 提交是说明的文字
-m, --message string Set commit message for imported image
#清空了docker下面的全部镜像
sun@sun:~/Documents/study$ docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
#从test.tar 文件中创建镜像,命名为qqqq5566/centos:1.0
sun@sun:~/Documents/study$ docker import test.tar qqqq5566/centos:1.0
sha256:17396dff70313c6ccdf6fd5bc994b1ce9beaecad936bbb4fe8297169b67ed52b
sun@sun:~/Documents/study$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
qqqq5566/centos 1.0 17396dff7031 4 seconds ago 223MB
docker login
登陆到一个Docker镜像仓库,如果未指定镜像仓库地址,默认为官方仓库 Docker Hub
sun@sun:~/Documents/study$ docker login --help
# SERVER是远程镜像仓库的server
Usage: docker login [OPTIONS] [SERVER]
Log in to a Docker registry
Options:
# -p 密码
-p, --password string Password
--password-stdin Take the password from stdin
# -u 用户名
-u, --username string Username
#登录阿里云云的镜像远程仓库地址
sun@sun:~/Documents/study$ docker login --username=at6663z8i@aliyun.com registry.cn-hangzhou.aliyuncs.com
Password:
WARNING! Your password will be stored unencrypted in /home/sun/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
docker logout
登出一个Docker镜像仓库,如果未指定镜像仓库地址,默认为官方仓库 Docker Hub
sun@sun:~/Documents/study$ docker logout --help
# SERVER是远程镜像仓库的server
Usage: docker logout [SERVER]
Log out from a Docker registry
注释
- docker load 和docker import的区别
docker load 不能重新给镜像命名,导出时什么名称和标签,导入一样,如果镜像存在就会导入失败;
docker import 可以重新加载Dockerfile文件,也可以重新命名,不会影响原先的镜像
容器命令
docker ps
列出容器
sun@sun:~/Documents/study$ docker ps --help
Usage: docker ps [OPTIONS]
List containers
Options:
# -a 显示全部的容器
-a, --all Show all containers (default shows just running)
# -f 过滤容器
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print containers using a Go template
# -n -n 5 列出最近创建的5个容器
-n, --last int Show n last created containers (includes all states) (default -1)
# -l 显示最近创建的容器
-l, --latest Show the latest created container (includes all states)
--no-trunc Don't truncate output
# -q 显示全部容器的id
-q, --quiet Only display numeric IDs
-s, --size Display total file sizes
## 例子
/*
* CONTAINER ID 容器id
* IMAGE 镜像ID
* COMMAND 启动容器是运行的命令
* CREATED 启动时间
* STATUS 容器状态
created --已经创建
restarting --重启中
running 运行中
removeing 迁移中
paused 暂停
exited 停止
dead 死亡
* PORT 容器的端口和使用的链接类型(tcp/udp)
* NAMES 自动分配的容器名称
*/
sun@sun:~/Documents/study$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a21e3cd1cab2 831691599b88 "/bin/bash" 2 minutes ago Up 2 minutes pedantic_dijkstra
列出全部的容器ID
docker ps -qa
docker inspect
获取容器/镜像的元数据
docker inspect 容器ID或者容器名称
sun@sun:~/Documents/study$ docker inspect --help
Usage: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string Format the output using the given Go template
-s, --size Display total file sizes if the type is container
--type string Return JSON for specified type
docker top
查看容器中运行的进程信息,支持ps命令参数
语法:
docker top CONTAINER [ps OPTIONS]
sun@sun:~/Documents/study$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a21e3cd1cab2 831691599b88 "/bin/bash" 16 minutes ago Up 16 minutes pedantic_dijkstra
sun@sun:~/Documents/study$ docker top a21e3cd1cab2
UID PID PPID C STIME TTY TIME CMD
root 10248 10222 0 11:04 pts/0 00:00:00 /bin/bash
docker attach
链接到正在运行中的容器
语法:
Usage: docker attach [OPTIONS] CONTAINER
Attach local standard input, output, and error streams to a running container
Options:
--detach-keys string Override the key sequence for detaching a container
--no-stdin Do not attach STDIN
--sig-proxy Proxy all received signals to the process (default true)
使用:
sun@sun:~/Documents/study$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a21e3cd1cab2 831691599b88 "/bin/bash" 19 minutes ago Up 19 minutes pedantic_dijkstra
sun@sun:~/Documents/study$ docker attach a21e3cd1cab2
[root@a21e3cd1cab2 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
[root@a21e3cd1cab2 /]#
docker run
创建一个新的容器并运行
语法:
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
options的说明:
-i 以交互模式运行容器,通常与-t同时使用
-t 为容器重新分配一个伪输入终端
-d 后台运行容器,并返回容器ID
-P (大写P)随机端口映射
-p 指定端口映射,格式为:主机端口:容器端口
--name=容器名称 为容器指定一个名称
-v 绑定一个卷
--net=网络类型名称 默认网络类型名称bridge,指定容器的网络类型,支持bridge/host/none/container四中类型
-m 设置容器使用的内存大小
-e 设置环境变量
-w 指定工作目录
使用:
sun@sun:~/Documents/study$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
qqqq5566/centos 1.0 831691599b88 2 weeks ago 215MB
sun@sun:~/Documents/study$ docker run --name centos01 -p 8080:80 -it qqqq5566/centos:1.0 /bin/bash
sun@sun:~/Documents/study$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
038116fac822 qqqq5566/centos:1.0 "/bin/bash" 47 seconds ago Up 46 seconds 0.0.0.0:8080->80/tcp centos01
a21e3cd1cab2 831691599b88 "/bin/bash" 34 minutes ago Up 34 minutes pedantic_dijkstra
docker rm
删除容器
语法:
docker rm [OPTIONS] CONTAINER [CONTAINER...]
options说明:
-f 强制删除
-l 移除容器间的网络链接
-v 删除与容器关联的卷
实例:
docker rm -f db01 db02 #强制删除容器db02 db01
docker rm $(docker ps -aq) #删除所有已经通知的容器
docker start/stop/restart
docker start 启动一个或多个已经被停止的容器
docker start [OPTIONS] CONTAINER [CONTAINER...]
docker stop 停止一个运行中的容器
docker stop [OPTIONS] CONTAINER [CONTAINER...]
-t int #几秒后重启
docker restart 重启容器
docker restart [OPTIONS] CONTAINER [CONTAINER...]
-t int #几秒后重启
docker cp
用于容器与主机之间的数据拷贝
语法:
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
实例:
### 将主机的Docker.md文件拷贝到容器中的home目录下面
sun@sun:~/Documents/study$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
892bf55d0b63 qqqq5566/centos:1.0 "/bin/bash" About a minute ago Up About a minute centos01
sun@sun:~/Documents/study$ sudo docker cp Docker.md 892bf55d0b63:/home
#将主机的study目录拷贝的容器中,目录重命名为www目录
sudo docker cp /home/sun/Documents/study 892bf55d0b63:/www
### 将容器中的www目录,拷贝到主机中
sudo docker cp 892bf55d0b63:/www /home/sun/Documents/
docker commit
从容器创建一个新的镜像
sun@sun:~/Documents/study$ docker commit --help
Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container's changes
Options:
-a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
-c, --change list Apply Dockerfile instruction to the created image
-m, --message string Commit message
-p, --pause Pause container during commit (default true)
实例:
#docker commit 容器ID 新的镜像:tag
docker commit 5449bbb54373 qqqq5566/myubuntu:0.1
挂卷
docker run -v [主机目录:]容器目录
匿名挂卷
匿名挂卷的意思是不知道主叫目录,只要容器目录
通过 docker inspect 容器id 查看映射的目录
docker run -p 8080:80 -v /etc -it qqqq5566/centos:1.0 /bin/bash
具名挂卷
具名挂着生成的目录在/var/lib/docker/volumes/test
docker run -p 8080:80 -v test:/etc -it qqqq5566/centos:1.0 /bin/bash
挂卷到指定的主叫目录
docker run -p 8080:80 -v /home/sun/Documents/study/etc:/etc -it qqqq5566/centos:1.0 /bin/bash
Docker实战
Dockerfile
命令解释
注意:命令必须是大写
#FROM 指明构建的镜像来自于那个基础镜像
FROM centos
#MAINTAINER 指明镜像维护者及其联系方式
MAINTAINER sun<sun_sheng_gang@163.com>
#RUN 构建镜像时运行的shell命令
RUN yum install httpd
#CMD 启动容器时执行的Shell命令
CMD ["ls","-l"]
# EXPOSE 声明容器运行的服务端口
EXPOSE 80 443
#ENV 设置环境变量
ENV MYSQL_ROOT_PASSWORD 123456
ENV JAVA_HOME /usr/local/jdk1.8.0_45
#ADD 拷贝文件或者目录到镜像中
ADD html.tar.gz /var/www/html
ADD https://xxxx/html.tar.gz /var/www/html #如果是URL会自动下载
#COPY 拷贝文件或者目录到镜像中
COPY ./start.sh /start.sh
#ENTRYPOINT 启动容器时执行的Shell命令
ENTRYPOINT ["/bin/bash"]
#VOLUME 指定容器挂载点到主机自动生成的目录中
VOLUME ["/var/lib/mysql"]
#WORKDIR 设置工作目录
WORKDIR /usr/local
Dockerfile实战
FROM centos
WORKDIR /usr/local
COPY ./Docker.md /usr/local/
RUN yum -y install vim
RUN yum -y install net-tools
CMD echo "----sunccess------"
生成镜像
docker build -f dockerfile -t qqqq5566/mycentos:0.1 .
Docker 网络
sun@sun:~/Documents/study$ docker network --help
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
sun@sun:~/Documents/study$
新建网络
docker network create -d bridge test-net
sun@sun:~/Documents/study$ docker network create --help
Usage: docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable Enable manual container attachment
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which copying the configuration
--config-only Create a configuration only network
-d, --driver string Driver to manage the Network (default "bridge")
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal Restrict external access to the network
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
#创建一个桥接网络,名称为test-net
sun@sun:~/Documents/study$ docker network create -d bridge test-net
dd3c148ccc9972aae2171efd5e8b602f099537057955deacd0f2ae93a4018aed
Docker 网络实战
docker run -itd --name test1 --network test-net centos
docker run -itd --name test2 --network test-net centos
docker run -itd --name test3 --network test-net centos
docker exec test1 ping test2
docker exec test1 ping test3
Compose
Compose 是用于定义和运行多容器Docker的应用程序工具。
创建docker-compose.yml配置文件
指令参考:
version 指定yml依从的compose那个版本
build 指定为构建镜像上下文路径
depends_on 设置依赖关系
Composer实战
Dockerfile文件
FROM golang
ENV GO111MODULE on
ENV GOPROXY https://mirrors.aliyun.com/goproxy
COPY . /go/src/docker_golang_test
WORKDIR /go/src/docker_golang_test/
RUN go build -o main
EXPOSE 8080
RUN chmod +x main
ENTRYPOINT [ "./main" ]
version: "2"
services:
web:
build: .
ports:
- "8080:8080"
# command:
# - ["./main"]
# volumes:
# - /home/sun/Desktop/golang/docker_golang_test:/go/src/docker_golang_test
depends_on: #依赖
- mysql
networks: #网络
- app-network
mysql:
image: mysql:5.7 #mysql使用的镜像
environment:
MYSQL_ROOT_PASSWORD: "root" #root的用户名
MYSQL_DATABASE: "sun" #初始化一个数据库
ports:
- "3306"
networks:
- app-network
networks: #指定网络
app-network:
driver: bridge
这样在golang的容器中就可以直接使用mysql代替ip地址