**Warning: **Anyone added to the 'docker' group is root equivalent. More information here and here.
如果你想用你的使用者账户(非root账户)来使用Docker,把你的账户加到Docker的群组中:
# gpasswd -a your_username docker
$ newgrp docker
Docker Daemon
预设会监听 Unix socket
。如果要让他监听特定的通讯埠号(端口),可以像下面这样修改,在 ExecStart
那一行加上 -H tcp://0.0.0.0:4243
。这样就可以提供给别人访问了。
# /etc/systemd/system/multi-user.target.wants/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/docker daemon -H fd:// -H tcp://0.0.0.0:4243
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
[Install]
WantedBy=multi-user.target
在你本地查看我机器上的镜像有哪些你可以这样:
$ docker -H 192.168.1.228:4243 images
REPOSITORY TAG IMAGE ID CREATED SIZE
rvm latest c6c0eb59f230 3 days ago 1.869 GB
ubuntu latest b72889fa879c 10 days ago 187.9 MB
oracle-daemon latest 61145c8def70 3 weeks ago 5.448 GB
假设你想借用我的 docker
环境来启动 leads
项目,由于项目不止 leads
,你也可以像我一样,三个简单脚本来完成这件是:
It works at ~ $ cat .bin/start_leads
#!/usr/bin/env bash
if [ -z $1 ]
then
start_r2_server ${0##*start_} 3003 ${0##*start_}
else
start_r2_server ${0##*start_} $1 ${0##*start_}
fi
把上面 start_leads
复制一份为 start_reach
即可启动 reach
项目了。
It works at ~ $ cat .bin/start_r2_server
#!/usr/bin/env bash
start_rvm_daemon $1 $2 $1 "ruby script/server -b 0.0.0.0 -p $2"
还可以把上面 start_r2_server
改动一下启动命令并保存为 start_r4_server
,来运行 rails 4
项目,例如 bidding_info
等。
It works at ~ $ cat .bin/start_rvm_daemon
#!/usr/bin/env bash
docker run --name $1 -d -p $2:$2 -v ~/Workspace/$3:/var/www/$3 rvm /bin/bash -c "source /etc/profile && cd /var/www/$3 && $4"
上面的约定是把项目文件保存到 ~/Workspace/
下,并映射到容器中 /var/www/
下。
接下来以 Ubuntu
为例,启动一个 docker
容器:
It works at ~ $ docker run -it --rm ubuntu /bin/bash
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
759d6771041e: Pull complete
8836b825667b: Pull complete
c2f5e51744e6: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:b4dbab2d8029edddfe494f42183de20b7e2e871a424ff16ffe7b15a31f102536
Status: Downloaded newer image for ubuntu:latest
root@6ad946588ee8:/#
我发现最近的国际惯例一般是用 nginx
来举例,由于上面我忘了开放端口出来,并且我还加了 --rm
,所以下面只是简单举个例子,完善起见,下面是在 Ubuntu
环境中安装并启动 nginx
的方法。
root@6ad946588ee8:/# apt-get install nginx
......
root@6ad946588ee8:/# /etc/init.d/nginx start
最后根据需要日后免不了常常 docker --help
或者 man docker
来继续学习 docker
使用方法:
It works at ~ $ docker --help
Usage: docker [OPTIONS] COMMAND [arg...]
docker daemon [ --help | ... ]
docker [ --help | -v | --version ]
A self-sufficient runtime for containers.
Options:
--config=~/.docker Location of client config files
-D, --debug Enable debug mode
-H, --host=[] Daemon socket(s) to connect to
-h, --help Print usage
-l, --log-level=info Set the logging level
--tls Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive or STDIN
login Register or log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
network Manage Docker networks
pause Pause all processes within a container
port List port mappings or a specific mapping for the CONTAINER
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart a container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save an image(s) to a tar archive
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Display the running processes of a container
unpause Unpause all processes within a container
update Update resources of one or more containers
version Show the Docker version information
volume Manage Docker volumes
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
上面已经把 docker
常用命令及其作用列举出来了。