Docker 笔记(2)

1
2
3
$ docker search ubuntu
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
ubuntu Ubuntu is a Debian-based Linux operating s... 5750 [OK]
Pull
1
2
3
4
5
6
7
8
9
10
11
12
13
14
#: 获取ubuntu官方镜像
$ docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
Digest: sha256:dd7808d8792c9841d0b460122f1acf0a2dd1f56404f8d1e56298048885e45535
Status: Image is up to date for ubuntu:latest

#: 查看镜像列表
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 5faba1a71ec4 4 days ago 407 MB
centos latest 98d35105a391 10 days ago 193 MB
nginx latest 6b914bbcb89e 3 weeks ago 182 MB
ubuntu latest 0ef2e08ed3fa 3 weeks ago 130 MB
Run
1
2
3
4
$ docker run -i -t -d ubuntu /bin/bash

#: 值得一提的是ubuntu等镜像存在多个版本,可以指定tag来启动特定的版本,例如:
docker run -i -t -d ubuntu:$tag /bin/bash
  1. run (运行一个容器)
  2. -t (分配一个(伪)tty (link is external))
  3. -i (交互模式 (so we can interact with it))
  4. -d (background)
  5. ubuntu (使用ubuntu镜像)
  6. /bin/bash (bash shell)
快捷键
  • 退出 (Ctrl-D or exit)
  • detach (Ctrl-P + Ctrl-Q)
  • attach (docker attach CONTAINER-ID)
Help
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Commands:
attach Attach to a running container # 当前 shell 下 attach 连接指定运行镜像
build Build an image from a Dockerfile # 通过 Dockerfile 定制镜像
commit Create a new image from a container's changes # 提交当前容器为新的镜像
cp Copy files/folders from the containers filesystem to the host path
# 从容器中拷贝指定文件或者目录到宿主机中
create Create a new container # 创建一个新的容器,同 run,但不启动容器
diff Inspect changes on a container's filesystem # 查看 docker 容器变化
events Get real time events from the server # 从 docker 服务获取容器实时事件
exec Run a command in an existing container # 在已存在的容器上运行命令
export Stream the contents of a container as a tar archive
# 导出容器的内容流作为一个 tar 归档文件[对应 import ]
history Show the history of an image # 展示一个镜像形成历史
images List images # 列出系统当前镜像
import Create a new filesystem image from the contents of a tarball
# 从tar包中的内容创建一个新的文件系统映像[对应 export]
info Display system-wide information # 显示系统相关信息
inspect Return low-level information on a container # 查看容器详细信息
kill Kill a running container # kill 指定 docker 容器
load Load an image from a tar archive # 从一个 tar 包中加载一个镜像[对应 save]
login Register or Login to the docker registry server
# 注册或者登陆一个 docker 源服务器
logout Log out from a Docker registry server # 从当前 Docker registry 退出
logs Fetch the logs of a container # 输出当前容器日志信息
port Lookup the public-facing port which is NAT-ed to PRIVATE_PORT
# 查看映射端口对应的容器内部源端口
pause Pause all processes within a container # 暂停容器
ps List containers # 列出容器列表
pull Pull an image or a repository from the docker registry server
# 从docker镜像源服务器拉取指定镜像或者库镜像
push Push an image or a repository to the docker registry server
# 推送指定镜像或者库镜像至docker源服务器
restart Restart a running container # 重启运行的容器
rm Remove one or more containers # 移除一个或者多个容器
rmi Remove one or more images
# 移除一个或多个镜像[无容器使用该镜像才可删除,否则需删除相关容器才可继续或 -f 强制删除]
run Run a command in a new container
# 创建一个新的容器并运行一个命令
save Save an image to a tar archive # 保存一个镜像为一个 tar 包[对应 load]
search Search for an image on the Docker Hub # 在 docker hub 中搜索镜像
start Start a stopped containers # 启动容器
stop Stop a running containers # 停止容器
tag Tag an image into a repository # 给源中镜像打标签
top Lookup the running processes of a container # 查看容器中运行的进程信息
unpause Unpause a paused container # 取消暂停容器
version Show the docker version information # 查看 docker 版本号
wait Block until a container stops, then print its exit code
# 截取容器停止时的退出状态值
Run 'docker COMMAND --help' for more information on a command.
Help images
1
2
3
4
5
6
7
8
9
10
11
$ docker images --help

Usage: docker images [OPTIONS] [NAME]

List images

-a, --all=false Show all images (by default filter out the intermediate image layers)
# -a 显示当前系统的所有镜像,包括过渡层镜像,默认 docker images 显示最终镜像,不包括过渡层镜像
-f, --filter=[] Provide filter values (i.e. 'dangling=true')
--no-trunc=false Don't truncate output
-q, --quiet=false Only show numeric IDs

Example:

1
2
3
4
5
$ docker images            # 显示当前系统镜像,不包括过渡层镜像
$ docker images -a # 显示当前系统所有镜像,包括过渡层镜像
$ docker images ubuntu # 显示当前系统 docker ubuntu 库中的所有镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 0ef2e08ed3fa 3 weeks ago 130 MB
Help Rmi
1
2
3
4
5
6
7
8
$ docker rmi --help

Usage: docker rmi IMAGE [IMAGE...]

Remove one or more images

-f, --force=false Force removal of the image # 强制移除镜像不管是否有容器使用该镜像
--no-prune=false Do not delete untagged parents # 不要删除未标记的父镜像
Help run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
$ docker run --help

Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container

-a, --attach=[] Attach to stdin, stdout or stderr.
-c, --cpu-shares=0 CPU shares (relative weight) # 设置 cpu 使用权重
--cap-add=[] Add Linux capabilities
--cap-drop=[] Drop Linux capabilities
--cidfile="" Write the container ID to the file # 把容器 id 写入到指定文件
--cpuset="" CPUs in which to allow execution (0-3, 0,1) # cpu 绑定
-d, --detach=false Detached mode: Run container in the background, print new container id # 后台运行容器
--device=[] Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc)
--dns=[] Set custom dns servers # 设置 dns
--dns-search=[] Set custom dns search domains # 设置 dns 域搜索
-e, --env=[] Set environment variables # 定义环境变量
--entrypoint="" Overwrite the default entrypoint of the image # ?
--env-file=[] Read in a line delimited file of ENV variables # 从指定文件读取变量值
--expose=[] Expose a port from the container without publishing it to your host # 指定对外提供服务端口
-h, --hostname="" Container host name # 设置容器主机名
-i, --interactive=false Keep stdin open even if not attached # 保持标准输出开启即使没有 attached
--link=[] Add link to another container (name:alias) # 添加链接到另外一个容器
--lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1"
-m, --memory="" Memory limit (format: <number><optional unit>, where unit = b, k, m or g) # 内存限制
--name="" Assign a name to the container # 设置容器名
--net="bridge" Set the Network mode for the container # 设置容器网络模式
'bridge': creates a new network stack for the container on the docker bridge
'none': no networking for this container
'container:<name|id>': reuses another container network stack
'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
-P, --publish-all=false Publish all exposed ports to the host interfaces # 自动映射容器对外提供服务的端口
-p, --publish=[] Publish a container's port to the host # 指定端口映射
format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort
(use 'docker port' to see the actual mapping)
--privileged=false Give extended privileges to this container # 提供更多的权限给容器
--restart="" Restart policy to apply when a container exits (no, on-failure[:max-retry], always)
--rm=false Automatically remove the container when it exits (incompatible with -d) # 如果容器退出自动移除和 -d 选项冲突
--security-opt=[] Security Options
--sig-proxy=true Proxify received signals to the process (even in non-tty mode). SIGCHLD is not proxied.
-t, --tty=false Allocate a pseudo-tty # 分配伪终端
-u, --user="" Username or UID # 指定运行容器的用户 uid 或者用户名
-v, --volume=[] Bind mount a volume (e.g., from the host: -v /host:/container, from docker: -v /container)
# 挂载卷
--volumes-from=[] Mount volumes from the specified container(s) # 从指定容器挂载卷
-w, --workdir="" Working directory inside the container # 指定容器工作目录

Example:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
$ docker images ubuntu
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu latest 0ef2e08ed3fa 3 weeks ago 130 MB

$ docker run -t -i -c 100 -m 512MB -h "ubuntu.test" -d --name="docker.test" ubuntu /bin/bash
# 创建一个 cpu 优先级为 100,内存限制 512MB,主机名为 ubuntu.test,名为 docker.test 后台运行 bash 的容器
7612da86a1100f0f42d28036103289206db0cf5a17ef9c4c200a41c490816b38
$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7612da86a110 ubuntu "/bin/bash" 28 seconds ago Up 27 seconds docker.test

$ docker attach docker.test
root@ubuntu:/# pwd
/
root@ubuntu:/# exit
start|stop|kill …
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
docker start CONTAINER [CONTAINER…]
#: 运行一个或多个停止的容器
docker stop CONTAINER [CONTAINER…]
#: 停掉一个或多个运行的容器 -t 选项可指定超时时间
docker kill [OPTIONS] CONTAINER [CONTAINER…]
#: 默认 kill 发送 SIGKILL 信号 -s 可以指定发送 kill 信号类型
docker restart [OPTIONS] CONTAINER [CONTAINER…]
#: 重启一个或多个运行的容器 -t 选项可指定超时时间
docker pause CONTAINER
#: 暂停一个容器,方便 commit
docker unpause CONTAINER
#: 继续暂停的容器
docker rm [OPTIONS] CONTAINER [CONTAINER…]
#: 移除一个或多个容器
-f, –force=false Force removal of running container
-l, –link=false Remove the specified link and not the underlying container
-v, –volumes=false Remove the volumes associated with the container
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
#: 提交指定容器为镜像
-a, –author=”” Author (e.g., “John Hannibal Smith hannibal@a-team.com”)
-m, –message=”” Commit message
-p, –pause=true Pause container during commit
#: 默认 commit 是暂停状态
docker inspect CONTAINER|IMAGE [CONTAINER|IMAGE…]
#: 查看容器或者镜像的详细信息
docker logs CONTAINER
#: 输出指定容器日志信息
-f, –follow=false Follow log output
#: 类似 tail -f
-t, –timestamps=false Show timestamps
–tail=”all” Output the specified number of lines at the end of logs (defaults to all logs)