docker常用命令
搜索镜像
指定版本号搜索
[root@apache ~]# docker search centos:7.6 NAME DESCRIPTION STARS OFFICIAL AUTOMATED xuwenfeng1225/centos7_jdk8 build in centos:7.6.1810 and jdk1.8.0_211 0 how2j/centos7_tools centos:7.6.1810 + iproute ftp bind-utils ne… 0 how2j/centos7_tools_ftp centos:7.6.1810 + iproute ftp bind-utils ne… 0 how2j/centos7_tools_ftp_java_tomcat8 centos:7.6.1810 + iproute ftp bind-utils ne… 0
不指定版本号
[root@apache ~]# docker search centos NAME DESCRIPTION STARS OFFICIAL AUTOMATED centos The official build of CentOS. 6588 [OK] ansible/centos7-ansible Ansible on Centos7 134 [OK] consol/centos-xfce-vnc Centos container with "headless" VNC session… 129 [OK] jdeathe/centos-ssh OpenSSH / Supervisor / EPEL/IUS/SCL Repos - … 118 [OK]
下载镜像
从镜像参考下载镜像到本地
语法格式:
docker pull [OPTIONS] NAME[:TAG|@DIGEST] docker pull 仓库地址:端口/项目名/镜像名:tag(版本号)
[root@apache ~]# docker pull busybox Using default tag: latest latest: Pulling from library/busybox b71f96345d44: Pulling fs layer
查看本地镜像
[root@apache overlay2]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE busybox latest 69593048aa3a 2 days ago 1.24MB nginx latest d1a364dc548d 2 weeks ago 133MB busybox 1.33 d3cd072556c2 3 weeks ago 1.24MB ubuntu latest 7e0aa2d69a15 6 weeks ago 72.7MB
REPOSITORY 仓库名
TAG 镜像版本号
IMAGE ID 镜像ID
CREATED 镜像创建时间
SIZE 镜像大小
镜像导入/导出
将镜像从本地导出为一个压缩文件,可以在其他服务器导入进行使用
方法1
# docker save nginx -o /opt/nginx_img.tar.gz # ll /opt/nginx_img.tar.gz -rw-------. 1 root root 137383424 Jun 10 15:40 /opt/nginx_img.tar.gz
方法2
# docker save nginx > /opt/nginx_img1.tar.gz # ll /opt/ total 268328 -rw-r--r--. 1 root root 137383424 Jun 10 15:44 nginx_img1.tar.gz -rw-------. 1 root root 137383424 Jun 10 15:44 nginx_img.tar.gz
查看导出的镜像文件结构
# tar tf /opt/nginx_img.tar.gz 29b95120fdeb4c1818632797e6d1631399258ac70f80e95bde7c3d7c558a2ccc/ 29b95120fdeb4c1818632797e6d1631399258ac70f80e95bde7c3d7c558a2ccc/VERSION 29b95120fdeb4c1818632797e6d1631399258ac70f80e95bde7c3d7c558a2ccc/json 29b95120fdeb4c1818632797e6d1631399258ac70f80e95bde7c3d7c558a2ccc/layer.tar 512c574e43ebdc10af47041862c9afc54880d2569f8ad7641ae426b081cb7ade/ 512c574e43ebdc10af47041862c9afc54880d2569f8ad7641ae426b081cb7ade/VERSION 512c574e43ebdc10af47041862c9afc54880d2569f8ad7641ae426b081cb7ade/json 512c574e43ebdc10af47041862c9afc54880d2569f8ad7641ae426b081cb7ade/layer.tar 9c51babab55ad036ab2ca6ce5843b64e78103b9128a7eda80ecb49984fb62446/ 9c51babab55ad036ab2ca6ce5843b64e78103b9128a7eda80ecb49984fb62446/VERSION 9c51babab55ad036ab2ca6ce5843b64e78103b9128a7eda80ecb49984fb62446/json 9c51babab55ad036ab2ca6ce5843b64e78103b9128a7eda80ecb49984fb62446/layer.tar c61c9017ace5135108b617d5ae248ec423604bb1f6b28523eac3658e1c65e0d3/ c61c9017ace5135108b617d5ae248ec423604bb1f6b28523eac3658e1c65e0d3/VERSION c61c9017ace5135108b617d5ae248ec423604bb1f6b28523eac3658e1c65e0d3/json c61c9017ace5135108b617d5ae248ec423604bb1f6b28523eac3658e1c65e0d3/layer.tar ca4553880ac778512954e1ea06fe6cd4d881732eb94016a59f7a8149e06dca63/ ca4553880ac778512954e1ea06fe6cd4d881732eb94016a59f7a8149e06dca63/VERSION ca4553880ac778512954e1ea06fe6cd4d881732eb94016a59f7a8149e06dca63/json ca4553880ac778512954e1ea06fe6cd4d881732eb94016a59f7a8149e06dca63/layer.tar d0e292fa6125269fd4b73109ca0772d21becc66e5f1fc117b927038bfb943560/ d0e292fa6125269fd4b73109ca0772d21becc66e5f1fc117b927038bfb943560/VERSION d0e292fa6125269fd4b73109ca0772d21becc66e5f1fc117b927038bfb943560/json d0e292fa6125269fd4b73109ca0772d21becc66e5f1fc117b927038bfb943560/layer.tar d1a364dc548d5357f0da3268c888e1971bbdb957ee3f028fe7194f1d61c6fdee.json manifest.json repositories # cat manifest.json [{"Config":"d1a364dc548d5357f0da3268c888e1971bbdb957ee3f028fe7194f1d61c6fdee.json","RepoTags":["nginx:latest"],"Layers":["29b95120fdeb4c1818632797e6d1631399258ac70f80e95bde7c3d7c558a2ccc/layer.tar","9c51babab55ad036ab2ca6ce5843b64e78103b9128a7eda80ecb49984fb62446/layer.tar","512c574e43ebdc10af47041862c9afc54880d2569f8ad7641ae426b081cb7ade/layer.tar","ca4553880ac778512954e1ea06fe6cd4d881732eb94016a59f7a8149e06dca63/layer.tar","d0e292fa6125269fd4b73109ca0772d21becc66e5f1fc117b927038bfb943560/layer.tar","c61c9017ace5135108b617d5ae248ec423604bb1f6b28523eac3658e1c65e0d3/layer.tar"]}]
导入镜像
# rsync 10.0.0.30:/opt/*.gz /opt # docker load < /opt/nginx_img.tar.gz 02c055ef67f5: Loading layer [==================================================>] 72.53MB/72.53MB 766fe2c3fc08: Loading layer [==================================================>] 64.8MB/64.8MB 83634f76e732: Loading layer [==================================================>] 3.072kB/3.072kB 134e19b2fac5: Loading layer [==================================================>] 4.096kB/4.096kB 5c865c78bc96: Loading layer [==================================================>] 3.584kB/3.584kB 075508cf8f04: Loading layer [==================================================>] 7.168kB/7.168kB Loaded image: nginx:latest # docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest d1a364dc548d 2 weeks ago 133MB
第二种
# docker load -i nginx_img1.tar.gz Loaded image: nginx:latest
容器操作基础命令
语法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
[root@apache ~]# docker run busybox:1.33 /bin/echo "hello world" hello world [root@apache ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e915b67e5da3 busybox:1.33 "/bin/echo 'hello wo…" 10 seconds ago Exited (0) 9 seconds ago suspicious_hawking
从镜像运行一个容器(ctrl +p+q退出容器不注销)
# docker run -it busybox /bin/sh
/ #
显示运行中的容器
[root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 34ae4f7fed24 busybox "/bin/sh" 2 minutes ago Up 2 minutes reverent_fermat
显示所有容器
[root@apache ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 34ae4f7fed24 busybox "/bin/sh" 2 minutes ago Up 2 minutes reverent_fermat 02ed66229a34 busybox "/bin/bash" 2 minutes ago Created pedantic_hugle 51c6c41aff64 busybox "bash" 3 minutes ago Created upbeat_davinci e915b67e5da3 busybox:1.33 "/bin/echo 'hello wo…" 18 minutes ago Exited (0) 18 minutes ago suspicious_hawking
删除运行中的容器
[root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 34ae4f7fed24 busybox "/bin/sh" 22 minutes ago Up 22 minutes reverent_fermat
[root@apache ~]# docker rm -f 34ae4f7fed24 34ae4f7fed24
端口映射
随机端口映射
[root@apache ~]# docker run -P nginx
新终端查看端口映射(端口范围从32768-65535)
[root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1308f253fda2 nginx "/docker-entrypoint.…" 26 seconds ago Up 26 seconds 0.0.0.0:32768->80/tcp gifted_fermi
访问测试
[root@apache ~]# curl -I 10.0.0.30:32768 HTTP/1.1 200 OK Server: nginx/1.21.0
指定端口映射
1、宿主机81端口映射到容器的80端口
[root@apache ~]# docker run -itd -p 81:80 --name test nginx 171e2b9e3dbacde0d487b408a5aa245e2945781d6c414814ea7a67ba8e593c5f [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 171e2b9e3dba nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 0.0.0.0:81->80/tcp test
2、本地IP:本地端口 映射到容器的端口
[root@apache ~]# docker run -itd -p 10.0.0.30:81:80 --name test nginx 62c9c86372d56f40558256ef251953be334fb9177bcfaa0fbc0638880a25ea97 [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 62c9c86372d5 nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 10.0.0.30:81->80/tcp test
3、本地IP:本地随机端口映射到容器的端口
[root@apache ~]# docker run -itd -p 10.0.0.30::80 --name test nginx b4ea559f1707bbea62f46fa1f7414e63c25f8ce4cbe01c636dac4608c32a4764 [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b4ea559f1707 nginx "/docker-entrypoint.…" 3 seconds ago Up 3 seconds 10.0.0.30:32768->80/tcp test
4、本机ip:本地端口:容器端口/协议,默认为tcp协议
[root@apache ~]# docker run -itd -p 10.0.0.30:99:80/udp --name test nginx 158c913022673813a29b80841cab5b79d0abd20e60ad3bc6f148ae15c6a20b23 [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 158c91302267 nginx "/docker-entrypoint.…" 2 seconds ago Up 2 seconds 80/tcp, 10.0.0.30:99->80/udp test
5、一次性映射多个端口+协议
[root@apache ~]# docker run -itd -p 86:80/tcp -p 443:443/tcp -p 53:53/udp --name test nginx 0320535af2257db38b66ec64e0eee4f8465f8a88c597700460a3b87f0608a0df [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0320535af225 nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 0.0.0.0:53->53/udp, 0.0.0.0:443->443/tcp, 0.0.0.0:86->80/tcp test
查看容器访问日志
一次性查看
[root@apache ~]# docker logs test
永久查看
[root@apache ~]# docker logs -f test
[root@apache ~]# docker attach test ## 使用此命令时,退出需要ctrl+p+q,否则容器也随之退出
查看容器已经映射的端口
# docker port test 53/udp -> 0.0.0.0:53 80/tcp -> 0.0.0.0:86 443/tcp -> 0.0.0.0:443
单次运行容器
[root@apache ~]# docker run -it --rm --name test busybox /bin/sh / # exit [root@apache ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
进入运行中的容器
1、attach命令
attach 类似于vnc,操作会在各个容器界面显示,所有使用此方式进入容器的操作都是同步显示的且exit后容器将被关闭,且使用exit退出后容器关闭,不推荐使用,需要进入到有shell环境的容器
[root@apache ~]# docker run -it --name test busybox /bin/sh / # ls bin dev etc home proc root sys tmp usr var 第二个终端查看 [root@apache ~]# docker attach test / # ls bin dev etc home proc root sys tmp usr var 第一个终端退出容器 [root@apache ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0e50812c7ff6 busybox "/bin/sh" About a minute ago Exited (0) 5 seconds ago test
2、exec命令
执行单次命令与进入容器,不是很推荐此方式,虽然exit退出容器还在运行
[root@apache ~]# docker run -itd --name test busybox 951c701f9861a79b417fa7c25dcaa32a856c1654e0c0383e4603e623fa439dee [root@apache ~]# docker exec -it test sh / # ls bin dev etc home proc root sys tmp usr var / # exit [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 951c701f9861 busybox "sh" 40 seconds ago Up 39 seconds test
3、nsenter
推荐使用此方式,nsenter命令需要通过PID进入到容器内部,不过可以使用docker inspect获取到容器的PID:
# yum install util-linux -y
运行容器
[root@apache ~]# docker run -itd --name test busybox 21dd5d3506f5312b05c2ce922a44d8249e3cc22b6ee0795bf5226de74f36e354 [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 21dd5d3506f5 busybox "sh" 4 seconds ago Up 3 seconds test
查看容器pid
[root@apache ~]# docker inspect -f '{{.State.Pid}}' test 2292
进入容器
[root@apache ~]# nsenter -t 2292 -m -u -i -n -p nsenter: failed to execute /bin/bash: No such file or directory [root@apache ~]# nsenter -t 2292 -m -u -i -n -p /bin/sh / # ls bin dev etc home proc root sys tmp usr var / # exit [root@apache ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 21dd5d3506f5 busybox "sh" 14 minutes ago Up 14 minutes test
使用脚本管理
# vim dckr_ent.sh #!/bin/bash docker_in(){ NAME_ID=$1 PID=$(docker inspect -f "{{.State.Pid}}" ${NAME_ID}) nsenter -t ${PID} -m -u -i -n -p /bin/sh } docker_in $1 # chmod +x dckr_ent.sh
容器的生命周期
1、批量关闭正在运行的容器(正常关闭)
# docker stop `docker ps -qa` 21dd5d3506f5
2、批量强制关闭正在运行的容器(强制关闭)
# docker kill `docker ps -qa` 21dd5d3506f5
3、批量删除已退出容器
# docker rm -f `docker ps -aq -f status=exited` 21dd5d3506f5
4、批量删除所有容器
# docker rm -f $(docker ps -a -q)
启动容器时指定DNS
# docker run -it --name test --dns=223.5.5.5 busybox / # cat /etc/resolv.conf nameserver 223.5.5.5
查看容器构建命令
语法
docker history [OPTIONS] IMAGE
参数
--no-trunc 查看完整命令
[root@node1 ~]# docker history --format {{.CreatedBy}} --no-trunc=true 50fe74b50e0d|sed "s/\/bin\/sh\ -c\ \#(nop)\ //g"
CMD ["nginx" "-g" "daemon off;"]
STOPSIGNAL SIGQUIT
EXPOSE 80
ENTRYPOINT ["/docker-entrypoint.sh"]
COPY file:09a214a3e07c919af2fb2d7c749ccbc446b8c10eb217366e5a65640ee9edcc25 in /docker-entrypoint.d
COPY file:0fd5fca330dcd6a7de297435e32af634f29f7132ed0550d342cad9fd20158258 in /docker-entrypoint.d
COPY file:0b866ff3fc1ef5b03c4e6c8c513ae014f691fb05d530257dfffd07035c1b75da in /docker-entrypoint.d
COPY file:65504f71f5855ca017fb64d502ce873a31b2e0decd75297a8fb0a287f97acf92 in /
/bin/sh -c set -x && addgroup --system --gid 101 nginx && adduser --system --disabled-login --ingroup nginx --no-create-home ommends --no-install-suggests -y gnupg1 ca-certificates && NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; found=' $server"; apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && breakremove -y gnupg1 && rm -rf /var/lib/apt/lists/* && dpkgArch="$(dpkg --print-architecture)" && nginxPackages=" nginx=$G_RELEASE} nginx-module-image-filter=${NGINX_VERSION}-${PKG_RELEASE} nginx-module-njs=${NGINX_VERSION}+${NJS_VERSION}ginx" >> /etc/apt/sources.list.d/nginx.list && apt-get update ;; *) echo "deb-src https:/ && chmod 777 "$tempDir" && savedAptMark="$(apt-mark showmanual)" && apt-get upNS="nocheck parallel=$(nproc)" apt-get source --compile $nginxPackages ) && a && ls -lAFh "$tempDir" && ( cd "$tempDir" && dpkg-scanpackages . > Packages ) && grep '^Packa apt-get -o Acquire::GzipIndexes=false update ;; esac && apt-get install --no-install-recommends --no-installve --purge --auto-remove -y && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list && if [ -n "$tempDir" ]; then ar/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log && mkdir /docker-entrypoint.d
ENV PKG_RELEASE=1~bullseye
ENV NJS_VERSION=0.7.0
ENV NGINX_VERSION=1.20.2
LABEL maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
CMD ["bash"]
ADD file:09675d11695f65c55efdc393ff0cd32f30194cd7d0fbef4631eebfed4414ac97 in /
清理个别容器空间占用
需要用到存储目录 /var/lib/docker/overlay2
# du -sh /var/lib/docker/overlay2/*|sort -rn|awk '$1~/...M$/{print}'
format格式:进程pid、容器ID、容器名、存储work路径
# docker ps -qa| xargs docker inspect --format '{{.State.Pid}}, {{.Id}}, {{.Name}}, {{.GraphDriver.Data.WorkDir}}'|grep "对应的大文件名"
清理docker容器占用的磁盘等
可以用于清理磁盘,删除关闭的容器、无用的数据卷和网络,以及dangling镜像(即无tag的镜像)
语法: docker system prune
参数:-a 可以将没有容器使用Docker镜像都删掉。注意,这两个命令会把你暂时关闭的容器,以及暂时没有用到的Docker镜像都删掉,慎用
# docker system prune WARNING! This will remove: - all stopped containers - all networks not used by at least one container - all dangling images - all dangling build cache Are you sure you want to continue? [y/N]
posted on 2021-06-11 13:45 hopeless-dream 阅读(222) 评论(0) 编辑 收藏 举报
