在docker容器里通常只會有一個進程和該進程的子進程,通常該進程的進程編號為1,這也就說明瞭如果docker容器里進程編號為1的進程宕了,那麼該容器也就隨之宕掉;docker的鏡像是採用的一種“分層構建,聯合掛載”的方式實現;將不同功能的鏡像通過一定的層次結構進行掛載,組合成一個新的鏡像;在do... ...
前文我們瞭解了下LXC的基礎用法以及圖形管理工具LXC WEB Panel的簡單使用,有興趣的朋友可以參考https://www.cnblogs.com/qiuhom-1874/p/12904188.html;今天這篇隨筆主要是想把docker的相關的基礎知識梳理一下;
一、docker和LXC
首先我們來說一下docker和傳統LXC容器有什麼不同。傳統LXC是將內核的資源用名稱空間的方式將其不同容器的資源,虛擬成多份;使得每個容器間的資源相互隔離;在前邊我們也提到過LXC只是容器的一種客戶端工具;真正實現容器的是內核功能;而docker和LXC沒有本質的不同,都是容器的客戶端工具;LXC是使用內核的功能將不同容器間的資源相互隔離,而docker是LXC上的另一種封裝;LXC在創建容器時,依賴一個模板,而docker創建容器時,依賴鏡像;
從上面的圖可看出,LXC容器里跑了很多進程,而docker是一個容器跑一個進程,以及該進程的子進程;LXC更像是系統級容器,而docker更像是進程級容器或者說應用程式級容器;
在docker容器里通常只會有一個進程和該進程的子進程,通常該進程的進程編號為1,這也就說明瞭如果docker容器里進程編號為1的進程宕了,那麼該容器也就隨之宕掉;docker的鏡像是採用的一種“分層構建,聯合掛載”的方式實現;將不同功能的鏡像通過一定的層次結構進行掛載,組合成一個新的鏡像;在docker啟動為容器時,它會在該鏡像的最上層加上一個可寫層;這使得我們可以在容器內部修改某些數據;而保存修改後的數據只會對當前容器有效,如果在用同一鏡像啟動為其他容器時,我們修改的數據在後面的容器是不存在的,原因就是鏡像的每一層都是只讀的;只有鏡像運行為容器時才會有一層可寫層,而該可寫層只針對該容器生效;
二、docker的架構
docker是C/S架構,對於客戶端來說主要是docker的命令和其他工具調用docker API;服務端主要是docker守護進程;客戶端和服務端是基於http或https協議進行通信;和我們傳統的其他服務不同的是,docker的服務端沒有監聽在TCP或UDP的某個套接字上;它通常是監聽在unix sock 套接字上(預設是/var/run/docker.sock),這也意味著客戶端和服務端必須在同一主機上;運行docker容器的過程是這樣的;客戶端通過API調用或者命令鍵入通過http或https協議將命令發送給docker服務端,docker服務端收到命令後,它首先要檢查本地倉庫是否有對應版本的鏡像,如果有它就會直接將其運行成容器;如果沒有它會去指定的rigistry(存放鏡像倉庫的倉庫)中找對應的鏡像倉庫,然後再去找對應的版本的鏡像,通過https協議將其下載到本地倉庫中,然後再將其啟動為容器;預設情況不指定rigistry的地址時,預設是到dockerhub.com中找對應的鏡像倉庫中的對應版本鏡像;如果沒有指定鏡像的版本,預設會去找latest版本(最新版本);從上面的過程可以看到docker運行成容器,最核心的是鏡像,沒有鏡像就不可能運行容器;我們可以把鏡像理解成應用程式,就好比我們要在電腦上運行某個應用,前提是我們要先安裝好應用程式才行;其實docker的鏡像就是將應用程式和應用程式依賴的庫、文件、環境打包在一起;
三、docker的安裝
1、配置yum倉庫,預設centos7的extras庫里有docker的包,但是版本太低了,如果要使用較新版本的docker可以用阿裡雲的鏡像倉庫;配置方法請參考https://developer.aliyun.com/mirror/docker-ce?spm=a2c6h.13651102.0.0.3e221b11mqdEEz;
2、安裝docker-ce
[root@node1 yum.repos.d]# yum install -y docker-ce Loaded plugins: fastestmirror docker-ce-stable | 3.5 kB 00:00 docker-ce-stable/x86_64/primary_db | 42 kB 00:00 Loading mirror speeds from cached hostfile * base: mirrors.cn99.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com Resolving Dependencies --> Running transaction check ---> Package docker-ce.x86_64 3:19.03.9-3.el7 will be installed ……省略部分內容 Installed: docker-ce.x86_64 3:19.03.9-3.el7 Dependency Installed: audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 container-selinux.noarch 2:2.119.1-1.c57a6f9.el7 containerd.io.x86_64 0:1.2.13-3.2.el7 docker-ce-cli.x86_64 1:19.03.9-3.el7 libcgroup.x86_64 0:0.41-21.el7 libsemanage-python.x86_64 0:2.5-14.el7 policycoreutils-python.x86_64 0:2.5-34.el7 python-IPy.noarch 0:0.75-6.el7 setools-libs.x86_64 0:3.3.8-4.el7 Dependency Updated: audit.x86_64 0:2.8.5-4.el7 audit-libs.x86_64 0:2.8.5-4.el7 libselinux.x86_64 0:2.5-15.el7 libselinux-python.x86_64 0:2.5-15.el7 libselinux-utils.x86_64 0:2.5-15.el7 libsemanage.x86_64 0:2.5-14.el7 libsepol.x86_64 0:2.5-10.el7 policycoreutils.x86_64 0:2.5-34.el7 selinux-policy.noarch 0:3.13.1-266.el7 selinux-policy-targeted.noarch 0:3.13.1-266.el7 Complete! [root@node1 yum.repos.d]#
3、啟動docker
[root@node1 yum.repos.d]# systemctl start docker
4、添加docker加速器
[root@node1 yum.repos.d]# cd /etc/docker/ [root@node1 docker]# cat >> daemon.json << EOF > { > "registry-mirrors": ["https://cyr1uljt.mirror.aliyuncs.com","https://registry.docker-cn.com"] > } > EOF [root@node1 docker]# cat daemon.json { "registry-mirrors": ["https://cyr1uljt.mirror.aliyuncs.com","https://registry.docker-cn.com"] } [root@node1 docker]# systemctl daemon-reload [root@node1 docker]# systemctl restart docker [root@node1 docker]
4、驗證docker的版本以及加速器地址
[root@node1 docker]# docker version Client: Docker Engine - Community Version: 19.03.9 API version: 1.40 Go version: go1.13.10 Git commit: 9d988398e7 Built: Fri May 15 00:25:27 2020 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 19.03.9 API version: 1.40 (minimum version 1.12) Go version: go1.13.10 Git commit: 9d988398e7 Built: Fri May 15 00:24:05 2020 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.2.13 GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc: Version: 1.0.0-rc10 GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd docker-init: Version: 0.18.0 GitCommit: fec3683 [root@node1 docker]# docker info Client: Debug Mode: false Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 19.03.9 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 3.10.0-693.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 3.686GiB Name: node1 ID: T6OZ:HBP6:Q5UV:RVBY:RCHM:DX3A:4JWY:QY55:OUEX:NRMN:BMRZ:UGCU Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://cyr1uljt.mirror.aliyuncs.com/ https://registry.docker-cn.com/ Live Restore Enabled: false [root@node1 docker]#
提示:可以看到我們安裝的docker版本是19.03.9的版本;添加到兩條加速器都在registry mirrors中出現了;到此docker的安裝和配置就基本完成了;接下來我們來說說一下docker的使用;
四、docker的鏡像
1、獲取鏡像
前面我們說了要想運行docker就必須得有一鏡像,鏡像是docker容器的最核心之一;那麼我們怎麼去下載倉庫里的鏡像呢?docker image pull這個命令是直接從dockerhub倉庫中直接下載鏡像到本地,首先我們來看看docker image pull 這個命令的幫助文檔吧
[root@node1 ~]# docker image pull --help Usage: docker image pull [OPTIONS] NAME[:TAG|@DIGEST] Pull an image or a repository from a registry Options: -a, --all-tags Download all tagged images in the repository --disable-content-trust Skip image verification (default true) --platform string Set platform if server is multi-platform capable -q, --quiet Suppress verbose output [root@node1 ~]#
提示:從上面的幫助信息我們可以瞭解到,這個命令後面必須要跟一個鏡像的名稱,表示從dockerhub倉庫中下載指定名稱的鏡像到本地;其中鏡像的名稱是name:tag的格式,如果只寫了鏡像名稱,預設會下載該鏡像的最新版本;其中-a表示下載指定鏡像倉庫中的所有鏡像; --disable-content-trust表示忽略鏡像的驗證預設是忽略的;-q表示安靜模式,不輸出多餘的下載信息;
下載nginx鏡像
[root@node1 ~]# docker image pull nginx:stable-alpine stable-alpine: Pulling from library/nginx cbdbe7a5bc2a: Pull complete 6ade829cd166: Pull complete Digest: sha256:2668e65e1a36a749aa8b3a5297eee45504a4efea423ec2affcbbf85e31a9a571 Status: Downloaded newer image for nginx:stable-alpine docker.io/library/nginx:stable-alpine [root@node1 ~]#
提示:以上命令表示從dockerhub倉庫中下載nginx的stable-alpine版本的鏡像到本地;docker image pull這個命令等同docker pull,後者是以前老版本的用法,新版docker為了相容老版本的docker命令,所以保留了老版本的用法;如果要想從非官方鏡像倉庫中下載鏡像我們可以手動指定其他鏡像倉庫的地址;如下
[root@node1 ~]# docker image pull hub.c.163.com/public/ubuntu:14.04 14.04: Pulling from public/ubuntu f4ab0b34ba6a: Pull complete 2f0787dc0bfe: Pull complete 54c427d77362: Pull complete 51e87d5424ff: Pull complete 5dfa314e7290: Pull complete a3ed95caeb02: Pull complete Digest: sha256:ffc2fc66f8e0bfa4b417b817054d3ebec130c8db44342b8fa394e25779633257 Status: Downloaded newer image for hub.c.163.com/public/ubuntu:14.04 hub.c.163.com/public/ubuntu:14.04 [root@node1 ~]#
查看本地倉庫有哪些鏡像
[root@node1 ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]#
提示:docker image ls 該命令是查看本地倉庫中的鏡像,會把本地已有的鏡像列出來;等同docker images這個命令;從上面的信息可以看到我們本地有兩個鏡像
給鏡像打標簽
[root@node1 ~]# docker image tag --help Usage: docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG] Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE [root@node1 ~]#
提示:docker image tag 命令等同 docker tag
[root@node1 ~]# docker image ls REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]# docker image tag hub.c.163.com/public/ubuntu:14.04 163.com/ubuntu:14.04 [root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB 163.com/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]# docker tag 163.com/ubuntu:14.04 ub:14.04 [root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB 163.com/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB ub 14.04 2fe5c4bba1f9 4 years ago 237MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]#
提示:打標簽的本質就是在給鏡像去別名,從上面的信息可以看到163.com/ubuntu 、ub和hub.c.163.com/ubuntu這三個鏡像的ID都是相同的,這意味著這三個鏡像是指向同一鏡像的;
查看鏡像的詳細信息
[root@node1 ~]# docker image inspect nginx:stable-alpine [ { "Id": "sha256:ab94f84cc4744a5addf3c896206e1e666abde0eadc26990d640395cfacae24a5", "RepoTags": [ "nginx:stable-alpine" ], "RepoDigests": [ "nginx@sha256:2668e65e1a36a749aa8b3a5297eee45504a4efea423ec2affcbbf85e31a9a571" ], "Parent": "", "Comment": "", "Created": "2020-04-24T12:59:54.146056172Z", "Container": "5cdc5c83fb963292b8ae3ad7abae5069a88c76e51ae91dfb9f9d7fa604f088e6", "ContainerConfig": { "Hostname": "5cdc5c83fb96", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "80/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.18.0", "NJS_VERSION=0.4.0", "PKG_RELEASE=1" ], "Cmd": [ "/bin/sh", "-c", "#(nop) ", "CMD [\"nginx\" \"-g\" \"daemon off;\"]" ], "ArgsEscaped": true, "Image": "sha256:5d84a370ed482284aad8af6a5ea7bcca5a91c5bf7f8e061f2d336835cd724e6e", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "maintainer": "NGINX Docker Maintainers <[email protected]>" }, "StopSignal": "SIGTERM" }, "DockerVersion": "18.09.7", "Author": "", "Config": { "Hostname": "", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "80/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.18.0", "NJS_VERSION=0.4.0", "PKG_RELEASE=1" ], "Cmd": [ "nginx", "-g", "daemon off;" ], "ArgsEscaped": true, "Image": "sha256:5d84a370ed482284aad8af6a5ea7bcca5a91c5bf7f8e061f2d336835cd724e6e", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "maintainer": "NGINX Docker Maintainers <[email protected]>" }, "StopSignal": "SIGTERM" }, "Architecture": "amd64", "Os": "linux", "Size": 21314634, "VirtualSize": 21314634, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/e175dd426f8fc3b61248f51b13ebbcc0130de67cd0b604e6e5c2f4b5776b5568/diff", "MergedDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/merged", "UpperDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/diff", "WorkDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/work" }, "Name": "overlay2" }, "RootFS": { "Type": "layers", "Layers": [ "sha256:3e207b409db364b595ba862cdc12be96dcdad8e36c59a03b7b3b61c946a5741a", "sha256:34cf0e74977f5cabe21fd5465978f35ec87b57ed928745a0f2054bc7e1dcbcf9" ] }, "Metadata": { "LastTagTime": "0001-01-01T00:00:00Z" } } ] [root@node1 ~]#
提示:使用docker image inspect 命令可以獲取指定鏡像的詳細信息,包括製作作者、架構以及各層次的摘要信息等等信息;該命令等同docker inspect;上面命令返回了一個json格式的數據,很不方便我們查看某個欄位的信息,如果想要獲取某個欄位的信息我們可以使用-f選項來指定要查看的欄位;如下
[root@node1 ~]# docker image inspect -f "{{.Config.Cmd}}" nginx:stable-alpine [nginx -g daemon off;] [root@node1 ~]# docker image inspect -f "{{.RootFS}}" nginx:stable-alpine {layers [sha256:3e207b409db364b595ba862cdc12be96dcdad8e36c59a03b7b3b61c946a5741a sha256:34cf0e74977f5cabe21fd5465978f35ec87b57ed928745a0f2054bc7e1dcbcf9] } [root@node1 ~]# docker image inspect -f "{{.RootFS.Type}}" nginx:stable-alpine layers [root@node1 ~]#
提示:使用-f指定欄位需要註意,需要從"."開始,欄位名稱需要用雙大括弧括起來
查看鏡像歷史
[root@node1 ~]# docker image history nginx:stable-alpine IMAGE CREATED CREATED BY SIZE COMMENT ab94f84cc474 3 weeks ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B <missing> 3 weeks ago /bin/sh -c #(nop) STOPSIGNAL SIGTERM 0B <missing> 3 weeks ago /bin/sh -c #(nop) EXPOSE 80 0B <missing> 3 weeks ago /bin/sh -c set -x && addgroup -g 101 -S … 15.7MB <missing> 3 weeks ago /bin/sh -c #(nop) ENV PKG_RELEASE=1 0B <missing> 3 weeks ago /bin/sh -c #(nop) ENV NJS_VERSION=0.4.0 0B <missing> 3 weeks ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.18.0 0B <missing> 3 weeks ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B <missing> 4 weeks ago /bin/sh -c #(nop) CMD ["/bin/sh"] 0B <missing> 4 weeks ago /bin/sh -c #(nop) ADD file:b91adb67b670d3a6f… 5.61MB [root@node1 ~]#
提示:以上命令表示查看nginx:stable-alpine這個鏡像的歷史記錄,該命令顯示了各層鏡像都做了哪些操作;各層鏡像的創建信息;該命令等同docker history;
搜索鏡像
[root@node1 ~]# docker search nginx NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13212 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1806 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 775 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 113 bitnami/nginx Bitnami nginx Docker Image 83 [OK] tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 73 [OK] jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 61 nginxdemos/hello NGINX webserver that serves a simple page co… 49 [OK] jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 43 [OK] nginx/nginx-ingress NGINX Ingress Controller for Kubernetes 31 privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 25 [OK] schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 18 [OK] nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 16 centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 13 centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13 blacklabelops/nginx Dockerized Nginx Reverse Proxy Server. 13 [OK] raulr/nginx-wordpress Nginx front-end for the official wordpress:f… 12 [OK] nginx/nginx-prometheus-exporter NGINX Prometheus Exporter 12 sophos/nginx-vts-exporter Simple server that scrapes Nginx vts stats a… 7 [OK] mailu/nginx Mailu nginx frontend 6 [OK] bitwarden/nginx The Bitwarden nginx web server acting as a r… 5 bitnami/nginx-ingress-controller Bitnami Docker Image for NGINX Ingress Contr… 5 [OK] wodby/nginx Generic nginx 1 [OK] ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 1 [OK] centos/nginx-110-centos7 Platform for running nginx 1.10 or building … 0 [root@node1 ~]# docker search -s 500 nginx Flag --stars has been deprecated, use --filter=stars=3 instead NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13212 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1806 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 775 [OK] [root@node1 ~]# docker search -s 5000 nginx Flag --stars has been deprecated, use --filter=stars=3 instead NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13212 [OK] [root@node1 ~]#
提示:-s表示顯示指定數以上星級的鏡像
刪除鏡像
[root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB ub 14.04 2fe5c4bba1f9 4 years ago 237MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB 163.com/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]# docker image rm 163.com/ubuntu:14.04 Untagged: 163.com/ubuntu:14.04 [root@node1 ~]# docker image rm ub:14.04 Untagged: ub:14.04 [root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB hub.c.163.com/public/ubuntu 14.04 2fe5c4bba1f9 4 years ago 237MB [root@node1 ~]# docker image rm hub.c.163.com/public/ubuntu:14.04 Untagged: hub.c.163.com/public/ubuntu:14.04 Untagged: hub.c.163.com/public/ubuntu@sha256:ffc2fc66f8e0bfa4b417b817054d3ebec130c8db44342b8fa394e25779633257 Deleted: sha256:2fe5c4bba1f935f179e83cd5354403d1231ffc9df9c1621967194410eaf8d942 Deleted: sha256:085e08b75e744804e23332efb202896749c4aff9433391a775607852d339c26e Deleted: sha256:7f622f92c76a635c16f506bced3dc1641e9390a26ee9d8cb70f8616c3a21fbdf Deleted: sha256:ae7b6867bb7b8f3a8235547e0634e7629b4008d807dc768064e760a91413a71f Deleted: sha256:3eef796012f97f23ffdb11296f6b624a0db4b32eae986da589492b974e6eb596 Deleted: sha256:b268b9bd797e1d58a176fac2a338df41437e853beb5aaa8a4159227fc38c4b72 Deleted: sha256:89688d062a0607fb50d0955de8964659e66f1bb41164b2d2b473d1edd7d8af90 [root@node1 ~]#
提示:如果鏡像有多個標簽,指定其標簽名錶示刪除該標簽,只有當鏡像只有一個標簽是,才會把鏡像完全刪除;docker image rm 命令等同docker rmi命令;刪除鏡像除了可以指定的標簽來刪除鏡像外,還可以指定鏡像ID來刪除鏡像;
將指定鏡像運行為容器
[root@node1 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx stable-alpine ab94f84cc474 3 weeks ago 21.3MB [root@node1 ~]# docker run --name n1 -d nginx:stable-alpine 1b404faab5ba4af597e38a998ad21bca61fe99583234b68882931d766c34ebf3 [root@node1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 6 seconds ago Up 4 seconds 80/tcp n1 [root@node1 ~]#
提示:要想將指定鏡像運行成容器,需要使用docker run來運行;--name表示給容器起一個名稱,-d表示不占據現有終端,後臺運行;docker ps命令是查看當前系統正在運行的容器;該命令等同docker container ls ,如果想要查看當前系統所有容器運行情況,可以使用docker ps -a ,該命令會把運行狀態的容器和停止狀態的容器一併列出來;
查看剛纔創建容器的ip地址
[root@node1 ~]# docker container inspect -f "{{.NetworkSettings.IPAddress}}" n1 172.17.0.2 [root@node1 ~]#
提示:鏡像和容器的區別就是,鏡像是靜態的,容器是把鏡像運行起來就叫容器,換句話說容器就是鏡像的實例化產物;查看容器的詳細信息我們需要使用docker container inspect 該命令同docker image inspect 的用法類似,如果不用-f過濾欄位信息,它通常會顯示以json格式的所有信息;此時我們就可以使用瀏覽器訪問我們剛纔啟動的容器里的nginx服務了
[root@node1 ~]# elinks --dump http://172.17.0.2 Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to [1]nginx.org. Commercial support is available at [2]nginx.com. Thank you for using nginx. References Visible links 1. http://nginx.org/ 2. http://nginx.com/ [root@node1 ~]# curl -I http://172.17.0.2 HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Fri, 22 May 2020 09:00:56 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Tue, 21 Apr 2020 15:15:39 GMT Connection: keep-alive ETag: "5e9f0e1b-264" Accept-Ranges: bytes [root@node1 ~]#
提示:預設啟動的容器會把網路接入到docker0橋,該橋是一個nat橋,所以要想訪問到容器里的應用服務,需要用docker0橋所在主機去訪問(本機),除此之外也可以通過搭建代理或者用在docker0橋上的其他容器又或者將容器里服務的埠暴露給宿主機;
停止容器
[root@node1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" About a minute ago Up About a minute 80/tcp n2 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 20 minutes ago Up 20 minutes 80/tcp n1 [root@node1 ~]# docker container stop n1 n1 [root@node1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp n2 [root@node1 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp n2 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 21 minutes ago Exited (0) 7 seconds ago n1 [root@node1 ~]#
啟動容器
[root@node1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp n2 [root@node1 ~]# docker container start n1 n1 [root@node1 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes 80/tcp n2 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 22 minutes ago Up 2 seconds 80/tcp n1 [root@node1 ~]#
刪除容器
[root@node1 ~]# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 80/tcp n2 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 23 minutes ago Up About a minute 80/tcp n1 [root@node1 ~]# docker container rm n1 Error response from daemon: You cannot remove a running container 1b404faab5ba4af597e38a998ad21bca61fe99583234b68882931d766c34ebf3. Stop the container before attempting removal or force remove [root@node1 ~]# docker container stop n1 n1 [root@node1 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 4 minutes ago Up 4 minutes 80/tcp n2 1b404faab5ba nginx:stable-alpine "nginx -g 'daemon of…" 23 minutes ago Exited (0) 5 seconds ago n1 [root@node1 ~]# docker container rm n1 n1 [root@node1 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 4 minutes ago Up 4 minutes 80/tcp n2 [root@node1 ~]# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 444eb763efe0 nginx:stable-alpine "nginx -g 'daemon of…" 5 minutes ago Up 5 minutes 80/tcp n2 [root@node1 ~]#
提示:運行的容器是沒法直接刪除的,必須先停止容器才行;如果不停止容器要刪除容器可以使用-f選項來指定,當然通常我們都不建議這樣用;