Docker基础(上)

Docker基础(上)

链接:https://pan.baidu.com/s/1KQjKml2OZAReYwOvpWD9XQ
提取码:6vo8
复制这段内容后打开百度网盘手机App,操作更方便哦

1. Docker简介,功能特性与应用场景

1.1 Docker简介

Docker是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的Linux机器上,也可以实现虚拟化,容器是完全使用沙箱机制,相互之间不会有任何接口。
一个完整的Docker有以下几个部分组成:

  • Docker Client 客户端
  • Docker Daemon 守护进程
  • Docker Image 镜像
  • Docker Container 容器

1.2 Docker功能特性

  • 隔离环境(系统,网络,文件系统)与应用
  • 解决依赖与版本问题
  • 易于分发,开箱即用
  • 节点与容器快速扩容
  • 镜像制作简单便捷,管理方便

(1)隔离

  • 通过cgroup(隔离和跟踪资源的使用)&
  • namespace(组与组之间隔离)来实现轻量级的进程隔离
  • 对于容器中运行的进程来说,自己独占了一个系统
  • 容器间网络,文件及其他资源都互相隔离

(2)版本与依赖

  • 传统模式下,多个不同环境或版本的项目需要部署在不同机器上,部署与后期维护管理复杂繁琐。
  • 使用Docker,通过多个不同版本或者环境的镜像,可以同时运行在一台机器上互不干扰,部署与后期维护简单方便。

(3)分发与使用

  • 镜像可以通过导入,导出,上传到镜像仓库等多种方式进行分发
  • 在启动了Docker的系统上直接使用docker run即可启动镜像,无需特别配置。

(4)扩容

  • 容器扩容简单方便
  • 扩容节点只需安装并启动Docker即可

(5)镜像制作

  • 镜像的灵魂Dockerfile
  • 使用Dockerfile进行指令控制
  • 基于Linux命令,易于理解,快速上手
  • 易于定制与修改

1.3 Docker应用场景

Docker通常应用于如下场景:

  • web应用的自动化打包和发布;
  • 自动化测试和持续集成,发布;
  • 应用服务,如MySQL,Redis等,通过Docker实现快速部署;
  • k8s私有云

场景1:多版本多种类系统与软件

image.png-209.3kB

场景2: 环境

image.png-297.1kB

场景3: 分发

image.png-238.8kB

2. Docker的安装

2.1 安装环境

#最小化安装Centos7.5
[root@docker ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core) 
[root@docker ~]# uname -r
3.10.0-862.14.4.el7.x86_64
#关闭防火墙和selinux
[root@docker ~]# systemctl stop firewalld
[root@docker ~]# systemctl disable firewalld
[root@docker ~]# setenforce 0
setenforce: SELinux is disabled

2.2 版本选择

  • Docker:17.03之后版本变为Docker CE
  • Docker CE :社区版,Community Edition
  • Docker EE
    企业版,Enterprise Edition
    收费版本,强调安全性,提供一些高级特性及商业支持

2.3 Docker安装:标准版本

特别提示:
centos7.5在搭建本地yum仓库的时候只需要修改
CentOS-Media.repo 文件即可(不需要将其他文件仍子目录里)
确保虚拟机能正常上网

[root@docker ~]# yum -y install docker
[root@docker ~]# rpm -qa docker
docker-1.13.1-75.git8633870.el7.centos.x86_64
[root@docker ~]# systemctl start docker      #启动docker进程
[root@docker ~]# systemctl enable docker     #加入docker开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

[root@docker ~]# docker ps    #查看封装在docker镜像中的正在运行的镜像进程
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES



[root@docker ~]# docker version
Client:
 Version:         1.13.1
 API version:     1.26
 Package version: docker-1.13.1-75.git8633870.el7.centos.x86_64
 Go version:      go1.9.4
 Git commit:      8633870/1.13.1
 Built:           Fri Sep 28 19:45:08 2018
 OS/Arch:         linux/amd64

Server:
 Version:         1.13.1
 API version:     1.26 (minimum version 1.12)
 Package version: docker-1.13.1-75.git8633870.el7.centos.x86_64
 Go version:      go1.9.4
 Git commit:      8633870/1.13.1
 Built:           Fri Sep 28 19:45:08 2018
 OS/Arch:         linux/amd64
 Experimental:    false

2.4 Docker安装:CE社区版

首先清理掉yum安装的docker标准版
这里有两种方式

#第一种清理docker方法
[root@docker ~]# yum -y remove docker
[root@docker ~]# rpm -qa docker
[root@docker ~]#
#第二种清理docker方法
[root@docker ~]# yum history list       #查看yum安装的历史列表
已加载插件:fastestmirror
ID     | 登录用户                 | 日期和时间       | 操作           | 变更数 
-------------------------------------------------------------------------------
     6 | root <root>              | 2018-10-22 14:25 | Install        |    1   
     5 | root <root>              | 2018-10-22 14:22 | Erase          |    1 EE
     4 | root <root>              | 2018-10-22 14:17 | Install        |   27 EE
     3 | root <root>              | 2018-10-20 21:29 | I, U           |  101   
     2 | root <root>              | 2018-10-20 21:26 | Install        |   52   
     1 | 系统 <空>                | 2018-10-20 21:05 | Install        |  415   
history list

[root@docker ~]# yum history info 6
已加载插件:fastestmirror
事务 ID: 6
起始时间    : Mon Oct 22 14:25:15 2018
启动 RPM 数据库     : 495:1c3b8c6ad09605ca1b188673bb554b71f98fc698
结束时间       :            14:25:20 2018 (5 秒)
结束 RPM 数据库      : 496:d141d348989de537000bed07bb8aa2abd39e68d2
用户           : root <root>
返回码    : 成功
命令行   : -y install docker
事务完成属主:
    已安装 rpm-4.11.3-32.el7.x86_64                        @anaconda
    已安装 yum-3.4.3-158.el7.centos.noarch                 @anaconda
    已安装 yum-plugin-fastestmirror-1.1.31-46.el7_5.noarch @updates
已变更的包:
    安装 docker-2:1.13.1-75.git8633870.el7.centos.x86_64 @extras
history info

[root@docker ~]# yum -y history undo 6   #进行yum安装操作回退
[root@docker ~]# rpm -qa docker
[root@docker ~]# 

特别提示: yum的回退安装很有用,接下来我们安装Docker的CE社区版

#安装依赖包
[root@docker ~]# yum -y install yum-utils device-mapper-persistent-data lvm2
[root@docker ~]# rpm -qa yum-utils device-mapper-persistent-data lvm2
device-mapper-persistent-data-0.7.3-3.el7.x86_64
yum-utils-1.1.31-46.el7_5.noarch
lvm2-2.02.177-4.el7.x86_64

#添加docker的CE版本的yum源配置文件
[root@docker ~]# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2424  100  2424    0     0    282      0  0:00:08  0:00:08 --:--:--   602
[root@docker ~]# ll /etc/yum.repos.d/docker-ce.repo 
-rw-r--r-- 1 root root 2424 10月 22 14:42 /etc/yum.repos.d/docker-ce.repo
#安装CE版本的docker
[root@docker ~]# yum -y install docker-ce
[root@docker ~]# rpm -qa docker-ce
docker-ce-18.06.1.ce-3.el7.x86_64

[root@docker ~]# systemctl start docker      #启动docker
[root@docker ~]# systemctl enable docker     #添加开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.


[root@docker ~]# docker version      #查看docker版本
Client:
 Version:           18.06.1-ce
 API version:       1.38
 Go version:        go1.10.3
 Git commit:        e68fc7a
 Built:             Tue Aug 21 17:23:03 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          18.06.1-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       e68fc7a
  Built:            Tue Aug 21 17:25:29 2018
  OS/Arch:          linux/amd64
  Experimental:     false

3. Docker的操作命令

3.0 添加docker国内镜像源

咱们首先要更改一下docker的默认源镜像下载地址(默认是从国外下载,很慢),我们需要添加国内的源地址

[root@docker ~]# vim /etc/docker/daemon.json
[root@docker ~]# cat /etc/docker/daemon.json
{
  "registry-mirrors":[ "https://registry.docker-cn.com" ]
}
[root@docker ~]# systemctl daemon-reload
[root@docker ~]# systemctl restart docker

镜像源推荐:https://blog.csdn.net/qq_19309473/article/details/121305970

3.1 Docker命令:search

用于从docker的官方公有镜像仓库查找镜像

(1)查看Docker Hub上公开的centos镜像

[root@docker ~]# docker search centos
NAME                               DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
centos                             The official build of CentOS.                   4834                [OK]
#...以下省略无数行.... 


特别说明:
Name:镜像的名字
DESCRIPTION:描述
STARS:星级(越高越好)
OFFICIAL:是否是官方发布的
AUTOMATED:是否自动化的

image.png-1515.9kB
(2)查找星级多于100的centos镜像

[root@docker ~]# docker search centos -f stars=100
NAME                      DESCRIPTION                     STARS               OFFICIAL            AUTOMATED
centos                    The official build of CentOS.   4834                [OK]                
ansible/centos7-ansible   Ansible on Centos7              118                                     [OK]

特别提示:
/:符号用于分割作者名称和镜像名称
ansible/centos7-ansible:ansible是作者名称,centos7-ansible是镜像名称

(3)多条件查找--filter

#查找官方发布的,星级大于100的centos镜像
[root@docker ~]# docker search centos --filter is-official=true --filter stars=100
NAME                DESCRIPTION                     STARS               OFFICIAL            AUTOMATED
centos              The official build of CentOS.   4834                [OK]  

3.2 Docker命令:pull

用于从Docker Hub上下载公有镜像

#查找符合条件的hello-world镜像
[root@docker ~]# docker search hello-world --filter is-official=true --filter stars=100 
NAME                DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
hello-world         Hello World! (an example of minimal Dockeriz…   694                 [OK] 


#下载目标hello-world镜像
[root@docker ~]# docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
d1725b59e92d: Pull complete 
Digest: sha256:0add3ace90ecb4adbf7777e9aacf18357296e799f81cabc9fde470971e499788
Status: Downloaded newer image for hello-world:latest         下载成功latest是标记tag


#下载目标centos:7镜像
[root@docker 7]# docker pull centos:7
7: Pulling from library/centos
aeb7866da422: Pull complete 
Digest: sha256:67dad89757a55bfdfabec8abd0e22f8c7c12a1856514726470228063ed86593b
Status: Downloaded newer image for centos:7
  #网速不好的话,需要点时间耐心等待

3.3 Docker命令:images

#用于本地镜像的查看
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos              7                   75835a67d134        12 days ago         200MB
hello-world         latest              4ab4c602aa5e        6 weeks ago         1.84kB

特别说明:
REPOSITORY:镜像仓库(下边罗列的都是本地已有镜像名称)
TAG:镜像的标记(为了区分同名镜像)
IMAGES ID:镜像的ID号
CREATED:此镜像的创建时间
SIZE:此镜像的大小

3.4 Docker命令:build

用于本地自定义镜像的构建,需要创建Dockerfile文件(具体写法后面会讲)

#创建Dockerfile文件的存储目录
[root@docker ~]# mkdir -p /root/dockerfile/lib/centos/7
[root@docker ~]# cd /root/dockerfile/lib/centos/7

#创建docker.sh脚本
[root@docker 7]# vim docker.sh 
[root@docker 7]# cat docker.sh 
#!/bin/bash
while true
do
    echo "welcome"
    sleep 5
done

#创建Dockerfile配置文件,文件名称必须为Dockerfile,第一个字母必须大写
[root@docker 7]# vim Dockerfile 
[root@docker 7]# cat Dockerfile 
FROM centos                           #从centos源镜像的基础上进行构建

LABEL MAINTATNER="Mr.yang.com"        #作者的名称

RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime   #RUN:在镜像构建过程中运行命令
ADD docker.sh /home/test/      #从本地系统中把docker.sh文件添加到构建中的镜像的/home/test/目录下
RUN chmod +x /home/test/docker.sh     #在镜像构建过程中运行命令
CMD ["/home/test/docker.sh"]          #构建镜像完成时,最后执行的命令
#根据Dockfile配置文件构建一个自定义镜像
[root@docker 7]# docker build -t Mr.yang/centos7:1 .      #-t 指定镜像名称  :1  设定镜像的tag标记
Sending build context to Docker daemon  3.072kB
Step 1/6 : FROM centos
latest: Pulling from library/centos
Digest: sha256:67dad89757a55bfdfabec8abd0e22f8c7c12a1856514726470228063ed86593b
Status: Downloaded newer image for centos:latest
 ---> 75835a67d134
Step 2/6 : LABEL MAINTATNER="Mr.yang.com"
 ---> Running in fa269f986e54
Removing intermediate container fa269f986e54
 ---> 66ad376d42cf
Step 3/6 : RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
 ---> Running in 0c91a7dd6db4
'/etc/localtime' -> '/usr/share/zoneinfo/Asia/Shanghai'
Removing intermediate container 0c91a7dd6db4
 ---> e1443698a3d2
Step 4/6 : ADD docker.sh /home/test/
 ---> c46f0f1b3454
Step 5/6 : RUN chmod +x /home/test/docker.sh
 ---> Running in e5ab6ec5afff
Removing intermediate container e5ab6ec5afff
 ---> 5666c086dbf9
Step 6/6 : CMD ["/home/test/docker.sh"]
 ---> Running in 152a935d86c9
Removing intermediate container 152a935d86c9
 ---> f1c34c7f90da
Successfully built f1c34c7f90da         #构建成功
Successfully tagged Mr.yang/centos7:1


[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        21 seconds ago      200MB
centos              7                   75835a67d134        12 days ago         200MB
centos              latest              75835a67d134        12 days ago         200MB
hello-world         latest              4ab4c602aa5e        6 weeks ago         1.84kB

3.5 Docker命令:run

#运行一个本地镜像
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        5 minutes ago       200MB
centos              7                   75835a67d134        12 days ago         200MB
centos              latest              75835a67d134        12 days ago         200MB
hello-world         latest              4ab4c602aa5e        6 weeks ago         1.84kB
[root@docker 7]# docker run -d -it f1c34c7f90da /bin/bash
e23b31eb73b2cbf24470f34611f2bf6fad7080d0cbd816441a824911d99f27a0

特别提示:
docker run:运行一个指定的images id
-d:放在后台运行
-i:可以进行命令交互
-t:制作一个伪终端用于登陆
f1c34c7f90da:镜像的ID,可以简写成f1c

3.6 Docker命令:ps

#查看已经运行的镜像的进程
[root@docker 7]# docker ps -a 
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         About a minute ago   Up About a minute                       xenodochial_keller

特别提示:
STATUS:进程的状态,UP表示正在运行中,EXIT表示已经退出了。

3.7 Docker命令:attach

#从本地系统中切入到某个STATUS状态是UP的镜像进程里
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         8 minutes ago       Up 8 minutes                            xenodochial_keller

[root@docker 7]# docker attach e23b31eb73b2    #切入到容器号e23b31eb73b2的镜像进程里
[root@e23b31eb73b2 /]# ls           #已经进入容器里了
anaconda-post.log  dev  home  lib64  mnt  proc  run   srv  tmp  var
bin                etc  lib   media  opt  root  sbin  sys  usr
[root@e23b31eb73b2 /]# exit         #退出容器
exit

[root@docker 7]# docker ps -a       #容器的进程的STATUS已经处于EXIT状态(之前是后台运行的,切入进去后执行exit就等于手动退出了)
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         9 minutes ago       Exited (0) 22 seconds ago                       xenodochial_keller

3.8 Docker命令:stop

#用于停止一个正在运行着的容器进程
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         13 minutes ago      Exited (0) 4 minutes ago                       xenodochial_keller


#再次在后台启动一个镜像
[root@docker 7]# docker run -d -it f1c34c7f90da /bin/bash
9be1dd5a15e465183fe9153569957ead7049c3c23dc92d64a0e90e8ccd610532
[root@docker 7]# docker ps -a      #增加了一个容器进程
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         22 seconds ago      Up 6 seconds                                   hardcore_babbage
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         15 minutes ago      Exited (0) 6 minutes ago                       xenodochial_keller


#停止一个运行着的容器进程
[root@docker 7]# docker stop 9be1dd5a15e4
9be1dd5a15e4
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS                       PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         About a minute ago   Exited (137) 7 seconds ago                       hardcore_babbage
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         16 minutes ago       Exited (0) 7 minutes ago                         xenodochial_keller

3.9 Docker命令:start

#用于启动一个已经停止了的容器进程
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         11 minutes ago      Exited (137) 9 minutes ago                       hardcore_babbage
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         26 minutes ago      Exited (0) 17 minutes ago                        xenodochial_keller

[root@docker 7]# docker start 9be1dd5a15e4
9be1dd5a15e4

[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         11 minutes ago      Up 5 seconds                                    hardcore_babbage
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         26 minutes ago      Exited (0) 17 minutes ago                       xenodochial_keller

3.10 Docker命令:rm

#用于删除一个已经停止了的容器进程
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                      PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         12 minutes ago      Up 48 seconds                                   hardcore_babbage
e23b31eb73b2        f1c34c7f90da        "/bin/bash"         27 minutes ago      Exited (0) 18 minutes ago                       xenodochial_keller
[root@docker 7]# docker rm e23b31eb73b2
e23b31eb73b2
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         12 minutes ago      Up About a minute                       hardcore_babbage


[root@docker 7]# docker rm 9be1dd5a15e4    #注意运行中的容器进程需要先stop,才能删除
Error response from daemon: You cannot remove a running container 9be1dd5a15e465183fe9153569957ead7049c3c23dc92d64a0e90e8ccd610532. Stop the container before attempting removal or force remove

3.11 Docker命令:rmi

#用于删除一个未用作容器启动的本地镜像
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        35 minutes ago      200MB
centos              7                   75835a67d134        12 days ago         200MB
centos              latest              75835a67d134        12 days ago         200MB
hello-world         latest              4ab4c602aa5e        6 weeks ago         1.84kB
[root@docker 7]# docker rmi -f 4ab4c602aa5e   #-f 强制删除(即便被占用)
Untagged: hello-world:latest
Untagged: hello-world@sha256:0add3ace90ecb4adbf7777e9aacf18357296e799f81cabc9fde470971e499788
Deleted: sha256:4ab4c602aa5eed5528a6620ff18a1dc4faef0e1ab3a5eddeddb410714478c67f
Deleted: sha256:428c97da766c4c13b19088a471de6b622b038f3ae8efa10ec5a37d6d31a2df0b
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        38 minutes ago      200MB
centos              7                   75835a67d134        12 days ago         200MB
centos              latest              75835a67d134        12 days ago         200MB
[root@docker 7]# docker rmi f1c34c7f90da    #但要注意,被用作容器启动的镜像是不能删除的(需先rm删除容器进程)
Error response from daemon: conflict: unable to delete f1c34c7f90da (cannot be forced) - image is being used by running container 9be1dd5a15e4
[root@docker 7]# docker rmi -f f1c34c7f90da   #强行删除被容器进程占用的镜像也是不行的
Error response from daemon: conflict: unable to delete f1c34c7f90da (cannot be forced) - image is being used by running container 9be1dd5a15e4
[root@docker 7]# docker ps -a        #查看容器进程,被占用中
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         19 minutes ago      Up 8 minutes                            hardcore_babbage

3.12 Docker命令:commit

#将一个更改过的容器进程的容器状态保存为一个新的镜像
[root@docker ~]# docker ps -a       #查看启动的容器进程
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         19 hours ago        Up 8 seconds                            hardcore_babbage

[root@docker ~]# docker attach 9be1dd5a15e4     #切入容器进程
[root@9be1dd5a15e4 /]# ls
anaconda-post.log  dev  home  lib64  mnt  proc  run   srv  tmp  var
bin                etc  lib   media  opt  root  
[root@9be1dd5a15e4 /]# mkdir yunjisuan      #在容器进程里创建yunjisuan目录
[root@9be1dd5a15e4 /]# ls
anaconda-post.log  dev  home  lib64  mnt  proc  run   srv  tmp  var
bin                etc  lib   media  opt  root  sbin  sys  usr  yunjisuan
[root@9be1dd5a15e4 /]# exit    #退出容器进程
exit


[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         19 hours ago        Exited (0) 5 seconds ago                       hardcore_babbage
[root@docker ~]# docker commit 9be1dd5a15e4 Mr.yang/centos:2      #将更改后的容器进程保存为一个新的镜像
sha256:5d878e838b0e7d461ea6d1182f77377d6e32ea2f6ba0a8698ccce6633ca8b57b
[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      2                   5d878e838b0e        12 seconds ago      200MB           #保存成功
Mr.yang/centos7     1                   f1c34c7f90da        20 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB
#启动新保存的镜像
[root@docker ~]# docker run -d -it 5d878e838b0e /bin/bash
c7cd70a9b8968b171596c4b571978aca62b30eba76028002742eca98c594e7e3

[root@docker ~]# docker ps -a       #查看新镜像的容器进程
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
c7cd70a9b896        5d878e838b0e        "/bin/bash"         7 seconds ago       Up 6 seconds                                   admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         19 hours ago        Exited (0) 5 minutes ago                       hardcore_babbage

[root@docker ~]# docker attach c7cd70a9b896     #切入新镜像的容器进程
[root@c7cd70a9b896 /]# ls -d yunjisuan   #我们发现之前创建的目录仍旧存在
yunjisuan

3.13 Docker命令:exec

#用于从本地操作系统上直接向容器进程发布执行命令并返回结果
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 8 seconds                                       admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage
[root@docker ~]# docker exec c7cd70a9b896 ls /tmp/     #查看容器进程里的/tmp目录下所有内容
ks-script-7RxiSx
yum.log
[root@docker ~]# docker exec c7cd70a9b896 ls -d /yunjisuan     #查看容器进程里/yunjisuan目录
/yunjisuan

3.14 Docker命令:cp

#用于在容器进程和本地系统之间复制文件
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 2 minutes                                       admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage


[root@docker ~]# docker exec c7cd70a9b896 ls /tmp/      #向容器进程发布命令
ks-script-7RxiSx
yum.log
[root@docker ~]# docker cp c7cd70a9b896:/tmp/yum.log .     #将指定容器进程的/tmp/yum.log复制到当前目录下
[root@docker ~]# ls
anaconda-ks.cfg  dockerfile  yum.log      #已经复制过来了
[root@docker ~]# docker cp anaconda-ks.cfg c7cd70a9b896:/tmp/    #将本地文件复制到容器进程里
[root@docker ~]# docker exec c7cd70a9b896 ls /tmp/
anaconda-ks.cfg     #复制成功 
ks-script-7RxiSx
yum.log

3.15 Docker命令:create

#用于创建一个容器进程,但是并不启动它
[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      2                   5d878e838b0e        About an hour ago   200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB

[root@docker ~]# docker create -it 5d878e838b0e      #创建一个镜像的容器进程,但不直接启动
29e483bab044c79e448280393f73841a6205c41beba81016cebf9b2987831b73
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
29e483bab044        5d878e838b0e        "/bin/bash"         8 seconds ago       Created                                            elegant_boyd         #创建状态并未启动
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 7 minutes                                       admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage


[root@docker ~]# docker start 29e483bab044      #启动容器进程
29e483bab044
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
29e483bab044        5d878e838b0e        "/bin/bash"         41 seconds ago      Up 3 seconds                                       elegant_boyd
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 7 minutes                                       admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage

3.16 Docker命令:diff

#查看容器进程与源镜像做对比,发生了改变的文件或文件夹
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
29e483bab044        5d878e838b0e        "/bin/bash"         2 minutes ago       Up 2 minutes                                       elegant_boyd
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 9 minutes                                       admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage


[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      2                   5d878e838b0e        About an hour ago   200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB


[root@docker ~]# docker run -d -it 5d878e838b0e       #启动一个镜像的容器进程
df3f9a0f26f5f693fc75567c50a1425dc621dc4e60bcc4f5b362d5235a23c8a4
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
df3f9a0f26f5        5d878e838b0e        "/bin/bash"         14 seconds ago      Up 13 seconds                                      pedantic_lamarr
29e483bab044        5d878e838b0e        "/bin/bash"         3 minutes ago       Up 2 minutes                                       elegant_boyd
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Up 10 minutes                                      admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         20 hours ago        Exited (0) About an hour ago                       hardcore_babbage
[root@docker ~]# docker attach df3f9a0f26f5      #切入容器进程
[root@df3f9a0f26f5 /]# cd yunjisuan/
[root@df3f9a0f26f5 yunjisuan]# pwd
/yunjisuan
[root@df3f9a0f26f5 yunjisuan]# touch {1..10}     #在容器进程中创建文件
[root@df3f9a0f26f5 yunjisuan]# ls
1  10  2  3  4  5  6  7  8  9
[root@df3f9a0f26f5 yunjisuan]# exit              #退出容器进程
exit

[root@docker ~]# docker diff df3f9a0f26f5        #查看容器进程的变化
C /root
C /root/.bash_history
C /yunjisuan
A /yunjisuan/6
A /yunjisuan/9
A /yunjisuan/1
A /yunjisuan/3
A /yunjisuan/4
A /yunjisuan/5
A /yunjisuan/10
A /yunjisuan/2
A /yunjisuan/7
A /yunjisuan/8

3.17 Docker命令:events

#时时监测容器的变化情况
[root@docker ~]# docker events
2018-10-23T13:39:21.689536505+08:00 container export df3f9a0f26f5f693fc75567c50a1425dc621dc4e60bcc4f5b362d5235a23c8a4 (MAINTATNER=Mr.yang.com, image=5d878e838b0e, name=pedantic_lamarr, org.label-schema.build-date=20181006, org.label-schema.license=GPLv2, org.label-schema.name=CentOS Base Image, org.label-schema.schema-version=1.0, org.label-schema.vendor=CentOS)

前台时时监控容器的变化若要检测,需要另外再起一个窗口进行操作

3.18 Docker命令:export

#将容器进程的文件系统导出到本地
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                         PORTS               NAMES
df3f9a0f26f5        5d878e838b0e        "/bin/bash"         14 minutes ago      Exited (0) 4 minutes ago                           pedantic_lamarr
29e483bab044        5d878e838b0e        "/bin/bash"         17 minutes ago      Up 16 minutes                                      elegant_boyd
c7cd70a9b896        5d878e838b0e        "/bin/bash"         About an hour ago   Exited (0) 4 minutes ago                           admiring_mirzakhani
9be1dd5a15e4        f1c34c7f90da        "/bin/bash"         21 hours ago        Exited (0) About an hour ago                       hardcore_babbage

[root@docker ~]# docker export df3f9a0f26f5 > test.tar   #将容器进程导出成一个tar包
[root@docker ~]# ls
anaconda-ks.cfg  dockerfile  test.tar  yum.log

3.19 Docker命令:import

#用于将export导出的文件系统创建为一个镜像
[root@docker ~]# ls
anaconda-ks.cfg  dockerfile  test.tar  yum.log
[root@docker ~]# docker import test.tar Mr.yang/centos:3    
#将导出的tar包文件系统生成一个新的镜像
sha256:b65d73ace4a227ff7cc908d3dc16efbdb36b266dc5c72c943ebf1dc9c643b5e6

[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED              SIZE
Mr.yang/centos      3                   b65d73ace4a2        About a minute ago   200MB
Mr.yang/centos      2                   5d878e838b0e        About an hour ago    200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago         200MB
centos              7                   75835a67d134        13 days ago          200MB
centos              latest              75835a67d134        13 days ago 

3.20 Docker命令:history

#用于查看一个镜像的历史修改纪录
[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        3 minutes ago       200MB
Mr.yang/centos      2                   5d878e838b0e        About an hour ago   200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB


[root@docker ~]# docker history b65d73ace4a2
IMAGE               CREATED             CREATED BY          SIZE                COMMENT
b65d73ace4a2        4 minutes ago                           200MB               Imported from -


[root@docker ~]# docker history 5d878e838b0e
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
5d878e838b0e        About an hour ago   /bin/bash                                       27B                 
f1c34c7f90da        21 hours ago        /bin/sh -c #(nop)  CMD ["/home/test/docker.s…   0B                  
5666c086dbf9        21 hours ago        /bin/sh -c chmod +x /home/test/docker.sh        63B                 
c46f0f1b3454        21 hours ago        /bin/sh -c #(nop) ADD file:5bd1c2d39928ac84c…   63B                 
e1443698a3d2        21 hours ago        /bin/sh -c ln -sfv /usr/share/zoneinfo/Asia/…   33B                 
66ad376d42cf        21 hours ago        /bin/sh -c #(nop)  LABEL MAINTATNER=Mr.yang.…   0B                  
75835a67d134        13 days ago         /bin/sh -c #(nop)  CMD ["/bin/bash"]            0B                  
<missing>           13 days ago         /bin/sh -c #(nop)  LABEL org.label-schema.sc…   0B                  
<missing>           13 days ago         /bin/sh -c #(nop) ADD file:fbe9badfd2790f074…   200MB 

3.21 Docker命令:info

#用于查看当前操作系统的docker运行信息
[root@docker ~]#  docker info
Containers: 4     #容器进程4个
 Running: 1       #正在运行状态的容器1个
 Paused: 0
 Stopped: 3
Images: 8         #一共有8个镜像
Server Version: 18.06.1-ce
Storage Driver: overlay2
 Backing Filesystem: xfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-862.14.4.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 974.5MiB
Name: docker
ID: IJPB:LRPV:KIZL:KV47:SAFH:4XGP:V2AQ:OHLP:GGGS:4P62:2JNW:53I4
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Registry Mirrors:
 https://registry.docker-cn.com/
Live Restore Enabled: false

3.22 Docker命令:inspect

#查看某个镜像的详细信息
[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        7 minutes ago       200MB
Mr.yang/centos      2                   5d878e838b0e        About an hour ago   200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB

[root@docker ~]# docker inspect b65d73ace4a2
[
    {
        "Id": "sha256:b65d73ace4a227ff7cc908d3dc16efbdb36b266dc5c72c943ebf1dc9c643b5e6",
        "RepoTags": [
            "Mr.yang/centos:3"
        ],
        "RepoDigests": [],
        "Parent": "",
        "Comment": "Imported from -",
        "Created": "2018-10-23T05:42:00.363147266Z",
        "Container": "",
        "ContainerConfig": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": null,
            "Cmd": null,
            "Image": "",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": null
        },
        "DockerVersion": "18.06.1-ce",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": null,
            "Cmd": null,
            "Image": "",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": null
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 200375237,
        "VirtualSize": 200375237,
        "GraphDriver": {
            "Data": {
                "MergedDir": "/var/lib/docker/overlay2/d7bde3ef8531dfb1e20c8f8d3b48647888f7e6813d89879ec58d0ccc249a1124/merged",
                "UpperDir": "/var/lib/docker/overlay2/d7bde3ef8531dfb1e20c8f8d3b48647888f7e6813d89879ec58d0ccc249a1124/diff",
                "WorkDir": "/var/lib/docker/overlay2/d7bde3ef8531dfb1e20c8f8d3b48647888f7e6813d89879ec58d0ccc249a1124/work"
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:2da447cadf068676e408e1ac84c720a1c6d892ae72fbcf86ba00bed0ac29790a"
            ]
        },
        "Metadata": {
            "LastTagTime": "2018-10-23T13:42:00.367989964+08:00"
        }
    }
]

3.23 Docker命令:kill

#强行停止一个或多个正在运行状态的容器进程
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
df3f9a0f26f5        5d878e838b0e        "/bin/bash"         28 minutes ago      Up About a minute                       pedantic_lamarr
29e483bab044        5d878e838b0e        "/bin/bash"         32 minutes ago      Up 31 minutes                           elegant_boyd

[root@docker ~]# docker kill df3f9a0f26f5
df3f9a0f26f5

[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
df3f9a0f26f5        5d878e838b0e        "/bin/bash"         28 minutes ago      Exited (137) 2 seconds ago                       pedantic_lamarr
29e483bab044        5d878e838b0e        "/bin/bash"         32 minutes ago      Up 31 minutes                                    elegant_boyd

3.24 Docker命令:save

用于将一个镜像的文件系统导出到本地(export导出的是容器)

#重新build一个镜像
[root@docker ~]# cd dockerfile/lib/centos/7/
[root@docker 7]# docker build -t test:1 .
Sending build context to Docker daemon  3.072kB
Step 1/6 : FROM centos
 ---> 75835a67d134
Step 2/6 : LABEL MAINTATNER="Mr.yang.com"
 ---> Using cache
 ---> 66ad376d42cf
Step 3/6 : RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
 ---> Using cache
 ---> e1443698a3d2
Step 4/6 : ADD docker.sh /home/test/
 ---> Using cache
 ---> c46f0f1b3454
Step 5/6 : RUN chmod +x /home/test/docker.sh
 ---> Using cache
 ---> 5666c086dbf9
Step 6/6 : CMD ["/home/test/docker.sh"]
 ---> Using cache
 ---> f1c34c7f90da
Successfully built f1c34c7f90da
Successfully tagged test:1
[root@docker 7]# docker images       #save导出test:1这个镜像(也可以用id号)
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        17 minutes ago      200MB
Mr.yang/centos      2                   5d878e838b0e        2 hours ago         200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
test                1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB

[root@docker 7]# docker save test:1 > test.tar
[root@docker 7]# ls
Dockerfile  docker.sh  test.tar

3.25 Docker命令:load

#用于将save导出到本地的tar包,重新加载为镜像(和源镜像的名字标识完全一样)
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        21 minutes ago      200MB
Mr.yang/centos      2                   5d878e838b0e        2 hours ago         200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
test                1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB


[root@docker 7]# docker rmi test:1
Untagged: test:1


[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        22 minutes ago      200MB
Mr.yang/centos      2                   5d878e838b0e        2 hours ago         200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB
[root@docker 7]# docker load < test.tar        #将之前test:1这个镜像的save备份导入系统
Loaded image: test:1

[root@docker 7]# docker images                 #和原来的镜像
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos      3                   b65d73ace4a2        23 minutes ago      200MB
Mr.yang/centos      2                   5d878e838b0e        2 hours ago         200MB
Mr.yang/centos7     1                   f1c34c7f90da        21 hours ago        200MB
test                1                   f1c34c7f90da        21 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB

3.26 Docker命令:logs

#用于输出一个容器进程内的操作日志
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        22 hours ago        200MB
test                1                   f1c34c7f90da        22 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES


[root@docker 7]# docker run -d -it test:1
1bf64c93e7a102f529abde72c142cd902ccc0f42067ee9fad075c905d5c9dfe4
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
1bf64c93e7a1        test:1              "/home/test/docker.sh"   4 seconds ago       Up 3 seconds                            elegant_blackwell


[root@docker 7]# docker logs 1bf64c93e7a1
welcome
welcome
welcome
welcome
welcome
welcome
[root@docker 7]# docker logs --tail 2 1bf64c93e7a1   #只显示容器日志的后2行
welcome
welcome

3.27 Docker命令:pause && unpause

#用于将一个或多个容器的进程暂停和恢复
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
1bf64c93e7a1        test:1              "/home/test/docker.sh"   2 minutes ago       Up 2 minutes                            elegant_blackwell
[root@docker 7]# docker pause 1bf64c93e7a1          #暂停容器进程
1bf64c93e7a1
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                  PORTS               NAMES
1bf64c93e7a1        test:1              "/home/test/docker.sh"   2 minutes ago       Up 2 minutes (Paused)                       elegant_blackwell


[root@docker 7]# docker unpause 1bf64c93e7a1        #恢复容器进程
1bf64c93e7a1
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
1bf64c93e7a1        test:1              "/home/test/docker.sh"   3 minutes ago       Up 3 minutes                            elegant_blackwell

3.28 Docker命令:port

#用于列出一个容器的端口映射及协议
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
test                1                   f1c34c7f90da        22 hours ago        200MB
Mr.yang/centos7     1                   f1c34c7f90da        22 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB
[root@docker 7]# docker run -d -it -p 2222:22 test:1    #启动一个镜像的容器进程 -p 指定本地2222端口映射到容器的22端口
a4bf8c27421dea3c5b0515bcbf088e0e549bd0d391c73885d793dfb8c45cb1f2


[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   5 seconds ago       Up 3 seconds        0.0.0.0:2222->22/tcp   silly_bohr
1bf64c93e7a1        test:1              "/home/test/docker.sh"   5 minutes ago       Up 5 minutes                               elegant_blackwell
[root@docker 7]# docker port a4bf8c27421d      #查看容器进程的端口映射及协议
22/tcp -> 0.0.0.0:2222

3.29 Docker命令:rename

#给容器进程重命名
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   2 minutes ago       Up 2 minutes        0.0.0.0:2222->22/tcp   silly_bohr
1bf64c93e7a1        test:1              "/home/test/docker.sh"   7 minutes ago       Up 7 minutes                               elegant_blackwell

[root@docker 7]# docker rename silly_bohr Mr.yang
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   2 minutes ago       Up 2 minutes        0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   7 minutes ago       Up 7 minutes                               elegant_blackwell

3.30 Docker命令:restart

#重启一个容器进程
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   5 minutes ago       Up 5 minutes        0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   10 minutes ago      Up 10 minutes                              elegant_blackwell

[root@docker 7]# docker restart a4bf8c27421d
a4bf8c27421d
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   6 minutes ago       Up 14 seconds       0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   11 minutes ago      Up 11 minutes                              elegant_blackwell

3.31 Docker命令:stats

#用于时时输出容器的资源使用情况
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   6 minutes ago       Up 49 seconds       0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   11 minutes ago      Up 11 minutes                              elegant_blackwell

[root@docker 7]# docker stats a4bf8c27421d

image.png-9.6kB

#--no-tream只输出一次
[root@docker 7]# docker stats a4bf8c27421d --no-stream
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT   MEM %               NET I/O             BLOCK I/O           PIDS
a4bf8c27421d        Mr.yang             0.00%               288KiB / 974.5MiB   0.03%               648B / 0B           0B / 0B             2

3.32 Docker命令:tag

#用于从一个指定的镜像创建另外一个镜像
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        23 hours ago        200MB
test                1                   f1c34c7f90da        23 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB 
[root@docker 7]# docker tag test:1 test:2    #我们可以指定名字:标志来创建
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        23 hours ago        200MB
test                1                   f1c34c7f90da        23 hours ago        200MB
test                2                   f1c34c7f90da        23 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB
[root@docker 7]# docker rmi test:2
Untagged: test:2
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
test                1                   f1c34c7f90da        23 hours ago        200MB
Mr.yang/centos7     1                   f1c34c7f90da        23 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB


[root@docker 7]# docker tag f1c34c7f90da test:2         #我们也可以指定image id来创建
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
Mr.yang/centos7     1                   f1c34c7f90da        23 hours ago        200MB
test                1                   f1c34c7f90da        23 hours ago        200MB
test                2                   f1c34c7f90da        23 hours ago        200MB
centos              7                   75835a67d134        13 days ago         200MB
centos              latest              75835a67d134        13 days ago         200MB

3.33 Docker命令:top

#用于显示指定容器的进程信息
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   22 minutes ago      Up 17 minutes       0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   28 minutes ago      Up 28 minutes                              elegant_blackwell


[root@docker 7]# docker top a4bf8c27421d
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                3446                3432                0                   15:14               ?                   00:00:00            /bin/bash /home/test/docker.sh
root                3993                3446                0                   15:31               ?                   00:00:00            sleep 5

3.34 Docker命令:update

#用于调整一个或多个容器的启动配置
[root@docker 7]# docker update --help

Usage:	docker update [OPTIONS] CONTAINER [CONTAINER...]

Update configuration of one or more containers

Options:
      --blkio-weight uint16        Block IO (relative weight), between 10 and 1000, or 0 to disable
                                   (default 0)
      --cpu-period int             Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int              Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int          Limit the CPU real-time period in microseconds
      --cpu-rt-runtime int         Limit the CPU real-time runtime in microseconds
  -c, --cpu-shares int             CPU shares (relative weight)
      --cpus decimal               Number of CPUs
      --cpuset-cpus string         CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string         MEMs in which to allow execution (0-3, 0,1)
      --kernel-memory bytes        Kernel memory limit
  -m, --memory bytes               Memory limit
      --memory-reservation bytes   Memory soft limit
      --memory-swap bytes          Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --restart string             Restart policy to apply when a container exits

3.35 Docker命令:version and wait

version用于显示docker的版本信息
wait用于捕捉一个或多个容器的退出状态,并返回退出状态码

#显示docker版本信息
[root@docker 7]# docker version
Client:
 Version:           18.06.1-ce
 API version:       1.38
 Go version:        go1.10.3
 Git commit:        e68fc7a
 Built:             Tue Aug 21 17:23:03 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          18.06.1-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       e68fc7a
  Built:            Tue Aug 21 17:25:29 2018
  OS/Arch:          linux/amd64
  Experimental:     false
#监听容器的退出状态并返回状态码
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES
a4bf8c27421d        test:1              "/home/test/docker.sh"   25 minutes ago      Up 19 minutes       0.0.0.0:2222->22/tcp   Mr.yang
1bf64c93e7a1        test:1              "/home/test/docker.sh"   30 minutes ago      Up 30 minutes                              elegant_blackwell

[root@docker 7]# docker wait a4bf8c27421d   #需要在开一个窗口stop这个容器进程再查看
137


[root@docker ~]# docker stop a4bf8c27421d
a4bf8c27421d

3.36 Docker命令:login && logout && push

  • login用于登陆docker hub官方公有仓库
  • logout用于登出docker hub官方公有仓库
  • push用于将本地镜像提交到docker hub

由于docker hub国内已经无法注册,因此无法演示上述内容
DockerHub官方公有镜像仓库:https://hub.docker.com/

4.管理应用程序数据

4.1 Volume和Bind Mount

将Docker主机数据挂载到容器


Docker提供三种不同方式将数据从宿主机挂载到容器中:volumes,bind

  • mounts和tmpfs。
  • volumes:Docker管理宿主机文件系统的一部分(/var/lib/docker/volumes)
  • bind mounts:可以存储在宿主机系统的任意位置
  • tmpfs:挂载存储在宿主机系统的内存中,而不会写入宿主机的文件系统

image.png-41.9kB

4.1.1 Volume

#创建一个卷
[root@docker 7]# docker volume create nginx-vol
nginx-vol
[root@docker 7]# docker volume ls
DRIVER              VOLUME NAME
local               nginx-vol

[root@docker 7]# docker volume inspect nginx-vol
[
    {
        "CreatedAt": "2018-10-24T15:18:01+08:00",    #创建时间
        "Driver": "local",          #驱动
        "Labels": {},
        "Mountpoint": "/var/lib/docker/volumes/nginx-vol/_data",      #挂载点
        "Name": "nginx-vol",        #卷名
        "Options": {},
        "Scope": "local"
    }
]
#下载一个nginx官方镜像
[root@docker 7]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
f17d81b4b692: Pull complete 
d5c237920c39: Pull complete 
a381f92f36de: Pull complete 
Digest: sha256:b73f527d86e3461fd652f62cf47e7b375196063bbbd503e853af5be16597cb2e
Status: Downloaded newer image for nginx:latest

[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              dbfc48660aeb        8 days ago          109MB
centos              latest              75835a67d134        2 weeks ago         200MB

[root@docker 7]# docker run -dit --name=nginx-test --mount src=nginx-vol,dst=/usr/share/nginx/html nginx
89bfd1e8ae758f1b30b248210afe7230ad0a6d1cfad1a291cf90f226418957ed
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS               NAMES
89bfd1e8ae75        nginx               "nginx -g 'daemon of…"   About a minute ago   Up About a minute   80/tcp              nginx-test


特别说明:
--name:容器的名字
--mount:挂载
src:源卷的名字
dst:挂载到容器中的路径
#向容器中的挂载目录创建文件,查看是否挂载成功
[root@docker 7]# docker exec nginx-test touch /usr/share/nginx/html/test.txt
[root@docker 7]# docker exec nginx-test ls /usr/share/nginx/html/
50x.html
index.html
test.txt           #有了
[root@docker 7]# ls /var/lib/docker/volumes/nginx-vol/_data/
50x.html  index.html  test.txt    #成功
#清理容器进程
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
89bfd1e8ae75        nginx               "nginx -g 'daemon of…"   About an hour ago   Up About an hour    80/tcp              nginx-test
[root@docker 7]# docker stop nginx-test
nginx-test
[root@docker 7]# docker rm nginx-test
nginx-test
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@dcker 7]# ls /var/lib/docker/volumes/nginx-vol/_data/
50x.html  index.html  test.txt    #清理容器后,挂载的卷的数据仍旧存在
#重新启动镜像nginx的容器进程
[root@docker 7]# docker run -dit --name nginx-test -p 88:80 --mount src=nginx-vol,dst=/usr/share/nginx/html nginx
3fa5a3ce380e3fd582774d8202ffcbf7eba8b6e695528402dc00702a348585f8

[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
3fa5a3ce380e        nginx               "nginx -g 'daemon of…"   7 seconds ago       Up 6 seconds        0.0.0.0:88->80/tcp   nginx-test


特别提示:docker run的-p参数:指定端口的映射,88:80的意思就是将宿主机88端口的访问映射到容器进程的80端口

现在我们通过浏览器访问宿主机的88端口,进而访问容器进程的80端口
http://192.168.200.63:88

image.png-25.2kB

#在数据卷nginx-vol里换一个网页在访问
[root@docker 7]# docker exec nginx-test echo "welcome to yunjisuan" > /var/lib/docker/volumes/nginx-vol/_data/index.html
[root@docker 7]# docker exec nginx-test cat /usr/share/nginx/html/index.html
welcome to yunjisuan

image.png-6.7kB
现在我们在启动一个镜像nginx的进程,让两个nginx的容器进程公用一个数据卷nginx-vol

[root@docker 7]#  docker run -dit --name nginx-test2 -p 89:80 --mount src=nginx-vol,dst=/usr/share/nginx/html nginx
d4315737080f58107cc3e12ad443c3ea9f56be5421e054f1cf5a42ee3063c7a2

[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
d4315737080f        nginx               "nginx -g 'daemon of…"   3 seconds ago       Up 1 second         0.0.0.0:89->80/tcp   nginx-test2
756185ec0f0c        nginx               "nginx -g 'daemon of…"   5 minutes ago       Up 5 minutes        0.0.0.0:88->80/tcp   nginx-test

我们用浏览器访问docker宿主机的89端口
http://192.168.200.63:89

image.png-6.8kB

4.1.2 Bind Mounts

[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
d4315737080f        nginx               "nginx -g 'daemon of…"   5 minutes ago       Up 5 minutes        0.0.0.0:89->80/tcp   nginx-test2
756185ec0f0c        nginx               "nginx -g 'daemon of…"   10 minutes ago      Up 10 minutes       0.0.0.0:88->80/tcp   nginx-test


[root@docker 7]# docker run -dit --name nginx-test3 -p 90:80 --mount type=bind,src=/var/lib/docker/volumes/nginx-vol/_data,dst=/usr/share/nginx/html nginx
f735972634827d41a58e7139514d9c8443abd76b557e49141e0e6acbe7bf2292


[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                NAMES
f73597263482        nginx               "nginx -g 'daemon of…"   3 seconds ago       Up 1 second         0.0.0.0:90->80/tcp   nginx-test3
d4315737080f        nginx               "nginx -g 'daemon of…"   5 minutes ago       Up 5 minutes        0.0.0.0:89->80/tcp   nginx-test2
756185ec0f0c        nginx               "nginx -g 'daemon of…"   10 minutes ago      Up 10 minutes       0.0.0.0:88->80/tcp   nginx-test

我们用浏览器访问docker宿主机的90端口
http://192.168.200.63:90

image.png-6.8kB
特别提示: bind mounts可以挂载宿主机上的任意目录,而volume先得创建后才能挂载

4.2 实战容器部署LNMP网站平台

首先我们下载一个wordpress博客wget https://cn.wordpress.org/wordpress-4.7.4-zh_CN.tar.gz

4.2.1 创建MySQL数据库容器

#下载MySQL5.6版本镜像
[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              dbfc48660aeb        9 days ago          109MB
centos              latest              75835a67d134        2 weeks ago         200MB

[root@docker 7]# docker pull mysql:5.6
5.6: Pulling from library/mysql
f17d81b4b692: Already exists 
c691115e6ae9: Pull complete 
41544cb19235: Pull complete 
254d04f5f66d: Pull complete 
4fe240edfdc9: Pull complete 
b79c3b745cc6: Pull complete 
c6ebcbee59b1: Pull complete 
f07692414bc1: Pull complete 
0d34369684f4: Pull complete 
b6c15fa1d9de: Pull complete 
db940c78ebb4: Pull complete 
Digest: sha256:0ae5d57a7b349384bb46bc7f6b73c21d2806b02bbb99554684e78b700094ab62
Status: Downloaded newer image for mysql:5.6

[root@docker 7]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
mysql               5.6                 085b9b6ec8a9        9 days ago          256MB
nginx               latest              dbfc48660aeb        9 days ago          109MB
centos              latest              75835a67d134        2 weeks ago         200MB
#创建一个自定义网络
[root@docker 7]# docker network create lnmp
5a08a644a2cf04227ea8e618f79bc5a961fc95a9b442dac36e5d6b52101530e8
[root@docker 7]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
e2fa9dde793d        bridge              bridge              local
0e3d0cd4f911        host                host                local
5a08a644a2cf        lnmp                bridge              local     #有了(默认驱动为网桥)
c7527cab10af        none                null                local

#启动MySQL数据库容器
[root@docker 7]# docker run -dit --name lnmp_mysql --network lnmp -p 3306:3306 --mount src=mysql-vol,dst=/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123123 mysql:5.6 --character-set-server=utf8
9cc9fa151a745409f8ef89612644a37f618196c63b3767d5e2e08d191242fed6
[root@docker 7]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
9cc9fa151a74        mysql:5.6           "docker-entrypoint.s…"   4 seconds ago       Up 3 seconds        0.0.0.0:3306->3306/tcp   lnmp_mysql

特别提示:

  • 自定义网络lnmp如果不提前创建的话,在启动容器进程时会报错
  • 如果没有提前pull好mysql:5.6那么容器在启动时会自动下载对应镜像
  • 如果没有提前docker volume create mysql-vol,那么容器启动时会自动创建
#查看容器lnmp_mysql的日志输出
[root@docker 7]# docker logs lnmp_mysql
#以下省略若干。。。

#查看容器里启动的进程
[root@docker 7]# docker top lnmp_mysql
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
polkitd             2142                2128                0                   09:07               pts/0               00:00:00            mysqld --character-set-server=utf8

4.2.2 向容器里的Mysql创建一个库

[root@docker 7]# docker exec lnmp_mysql sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e"create database wp"'
Warning: Using a password on the command line interface can be insecure.

4.2.3 在docker宿主机上安装mysql的客户端通过端口映射访问容器内的mysql

因为已经将mysql容器的3306端口映射到了docker宿主机的3306,因此我们访问本地即可

#安装mysql客户端
[root@docker 7]# yum -y install mysql
[root@docker 7]# which mysql
/usr/bin/mysql

#查看本机IP地址
[root@docker 7]# hostname -I | xargs -n1 | head -1
192.168.200.63

#远程方式连接docker宿主机的3306端口
[root@docker 7]# mysql -h192.168.200.63 -P3306 -uroot -p123123 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.6.41 MySQL Community Server (GPL)

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MySQL [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| wp                 |           #已经创建wp库了
+--------------------+
4 rows in set (0.30 sec)

4.2.4 创建nginx+PHP环境容器

#创建一个网页目录
[root@docker ~]# mkdir -p /app/wwwroot
[root@docker ~]# ll -d /app/wwwroot
drwxr-xr-x 2 root root 6 10月 26 10:26 /app/wwwroot

#下载richarvey/nginx-php-fpm镜像
[root@docker ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
mysql               5.6                 085b9b6ec8a9        9 days ago          256MB
nginx               latest              dbfc48660aeb        9 days ago          109MB
centos              latest              75835a67d134        2 weeks ago         200MB
[root@docker ~]# docker pull richarvey/nginx-php-fpm
#以下省略若干。。。

[root@docker ~]# docker images
REPOSITORY                TAG                 IMAGE ID            CREATED             SIZE
mysql                     5.6                 085b9b6ec8a9        9 days ago          256MB
nginx                     latest              dbfc48660aeb        9 days ago          109MB
centos                    latest              75835a67d134        2 weeks ago         200MB
richarvey/nginx-php-fpm   latest              de1554d0b081        4 weeks ago         302MB
#启动richarvey/nginx-php-fpm镜像的容器
[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
9cc9fa151a74        mysql:5.6           "docker-entrypoint.s…"   About an hour ago   Up About an hour    0.0.0.0:3306->3306/tcp   lnmp_mysql

[root@docker ~]# docker run -dit --name lnmp_web --network lnmp -p 88:80 --mount type=bind,src=/app/wwwroot,dst=/var/www/html richarvey/nginx-php-fpm
332c45fd0d12fbe379ae9ea527894276f70ba5c6e57f291f2513032b0afd342f

[root@docker ~]# docker ps -a
CONTAINER ID        IMAGE                     COMMAND                  CREATED             STATUS              PORTS                                   NAMES
332c45fd0d12        richarvey/nginx-php-fpm   "docker-php-entrypoi…"   7 seconds ago       Up 3 seconds        443/tcp, 9000/tcp, 0.0.0.0:88->80/tcp   lnmp_web
9cc9fa151a74        mysql:5.6                 "docker-entrypoint.s…"   About an hour ago   Up About an hour    0.0.0.0:3306->3306/tcp                  lnmp_mysql

4.2.5 解压wordpress到网页目录/app/wwwroot下

[root@docker ~]# ls
anaconda-ks.cfg  dockerfile  wordpress-4.7.4-zh_CN.tar.gz
[root@docker ~]# tar xf wordpress-4.7.4-zh_CN.tar.gz -C /app/wwwroot/
[root@docker ~]# cd /app/wwwroot/
[root@docker wwwroot]# ls
wordpress

4.2.6 博客wordpress访问测试

通过浏览器进行docker宿主机的88端口的访问测试 http://192.168.200.63:88/wordpress


特别提示:如果在访问时,出现以下情况

image.png-29.8kB

#如果出现连接不上的情况,那么请按顺序执行以下命令一遍
[root@docker wwwroot]# systemctl stop firewalld
[root@docker wwwroot]# systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
[root@docker wwwroot]# iptables -F
[root@docker wwwroot]# iptables -P FORWARD ACCEPT
[root@docker wwwroot]# iptables -P INPUT ACCEPT
[root@docker wwwroot]# iptables -P OUTPUT ACCEPT

如果没有意外此时访问浏览器,就可出现下述内容

image.png-68.9kB

特别提示:
如果多次连续访问同一网页,那么浏览器有可能默认去掉指定的端口
因此,若还是访问不到,请查看是否指定了88端口