Docker 容器管理
目录:
- 创建容器常用选项
- 容器资源限制
- 管理容器常用命令
创建容器常用选项
| 命令 | 描述 |
|---|---|
| -i, –interactive | 交互式 |
| -t, –tty | 分配一个伪终端 |
| -d, –detach | 运行容器到后台 |
| -e, –env | 设置环境变量 |
| -p, –publish list | 发布容器端口到主机 |
| -P, –publish-all | 发布容器所有EXPOSE的端口到宿主机随机端口 |
| –name string | 指定容器名称 |
| -h, –hostname | 设置容器主机名 |
| –ip string | 指定容器IP,只能用于自定义网络 |
| –network | 连接容器到一个网络 |
| –mount mount | 将文件系统附加到容器 |
| -v, –volume list | 绑定挂载一个卷 |
| –restart string | 容器退出时重启策略,默认no,可选值:[always |
查看容器相关操作命令
[root@k8s-master ~]# docker container -help
unknown shorthand flag: 'e' in -elp
See 'docker container --help'.
Usage: docker container COMMAND
Manage containers
Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
exec Run a command in a running container
export Export a container's filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.
案例:
#下载nginx镜像
[root@k8s-master ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
afb6ec6fdc1c: Pull complete
dd3ac8106a0b: Pull complete
8de28bdda69b: Pull complete
a2c431ac2669: Pull complete
e070d03fd1b5: Pull complete
Digest: sha256:c870bf53de0357813af37b9500cb1c2ff9fb4c00120d5fe1d75c21591293c34d
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
#查看当前镜像列表
[root@k8s-master ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 4392e5dad77d 4 days ago 132MB
hello-world latest bf756fb1ae65 5 months ago 13.3kB
#创建运行一个容器
[root@k8s-master ~]# docker run -d -p 80:80 --name mynginx -h web -e prod=123 nginx
7c7bfa8a6b8308a51a6ea7bf7b7423c98ab7f77e36895efb70bf0194994da438
[root@k8s-master ~]#
#查看容器运行状态
[root@k8s-master ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7c7bfa8a6b83 nginx "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp mynginx
cf9000de7c0b centos "/bin/bash" 6 minutes ago Exited (0) 5 minutes ago kind_germain
a57414e73291 nginx "/docker-entrypoint.…" 7 minutes ago Exited (0) 7 minutes ago frosty_rhodes
6ad8d7c76e95 hello-world "/hello" 2 hours ago Exited (0) 2 hours ago inspiring_bose
#查看当前容器与镜像的区别
[root@k8s-master ~]# docker container diff 7c7bfa8a6b83
C /etc
C /etc/nginx
C /etc/nginx/conf.d
C /etc/nginx/conf.d/default.conf
C /run
A /run/nginx.pid
C /var
C /var/cache
C /var/cache/nginx
A /var/cache/nginx/client_temp
A /var/cache/nginx/fastcgi_temp
A /var/cache/nginx/proxy_temp
A /var/cache/nginx/scgi_temp
A /var/cache/nginx/uwsgi_temp
[root@k8s-master ~]#
#进入一个容器查看创建容器指定的hostname
[root@k8s-master ~]# docker exec -it 7c7bfa8a6b83 bin/bash
root@web:/# hostname
web
root@web:/#
root@web:/# ls
bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@web:/#
#退出容器
[root@cf9000de7c0b /]# exit
exit
[root@k8s-master ~]#
#容器重启策略,宿主机开机后自启动容器
[root@k8s-master ~]# docker run -d -p 81:80 --name mynginx2 -h web2 -e prod=1234 --restart always nginx
5e77a21defa20f146f2662418cbc7373d1a09421b82398ec258bdd6f227adbc8
[root@k8s-master ~]#
。。。。。。
容器资源限制
| 命令 | 描述 |
|---|---|
| -m,–memory | 容器可以使用的最大内存量 |
| –memory-swap | 允许交换到磁盘的内存量(物理内存不够用时临时使用swap大小) |
| –memory-swappiness=<0-100 | 容器使用SWAP分区交换的百分比(0-100,默认为-1) |
| –oom-kill-disable | 禁用OOM Killer(内存不足时找到最大的消耗内存杀掉) |
| –cpus | 可以使用的CPU数量 |
| –cpuset-cpus | 限制容器使用特定的CPU核心,如(0-3, 0,1) |
| –cpu-shares | CPU共享(相对权重) |
案例
内存限额: 允许容器最多使用500M内存和100M(–memory-swap 减去 --memory的大小)的Swap,并禁用 OOM Killer:
[root@k8s-master ~]# docker run -d -p 80:80 --name mynginx3 --memory="500m" --memory-swap="600m" --oom-kill-disable nginx
bef193c2d4a28921ec64346ae186ba02f8a7f52c1d46ebf6e76be1a170151ecb
#查看容器资源限制(默认是动态刷新)
[root@k8s-master ~]# docker stats mynginx3
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
bef193c2d4a2 mynginx3 0.00% 4.031MiB / 500MiB 0.81% 656B / 0B 0B / 0B 2
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
bef193c2d4a2 mynginx3 0.00% 4.031MiB / 500MiB 0.81% 656B / 0B 0B / 0B 2
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
bef193c2d4a2 mynginx3 0.00% 4.031MiB / 500MiB 0.81% 656B / 0B 0B / 0B 2
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
bef193c2d4a2 mynginx3 0.00% 4.031MiB / 500MiB 0.81% 656B / 0B 0B / 0B 2
#静态显示容器占用资源
[root@k8s-master ~]# docker stats --help
Usage: docker stats [OPTIONS] [CONTAINER...]
Display a live stream of container(s) resource usage statistics
Options:
-a, --all Show all containers (default shows just running)
--format string Pretty-print images using a Go template
--no-stream Disable streaming stats and only pull the first result
--no-trunc Do not truncate output
[root@k8s-master ~]# docker stats --no-stream mynginx3
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
bef193c2d4a2 mynginx3 0.00% 4.031MiB / 500MiB 0.81% 656B / 0B 0B / 0B 2
[root@k8s-master ~]#
#如果不限制内存大小默认占用linux内存大小,实际情况中需要每个容器需要资源限制运行
总大小3.7G
[root@k8s-master ~]# free -h
total used free shared buff/cache available
Mem: 3.7G 276M 2.1G 11M 1.3G 3.1G
Swap: 2.0G 0B 2.0G
#启动容器没有资源限制
[root@k8s-master ~]# docker run -d -p 81:80 --name mynginx2 nginx
28e3b09617d2c1e4cb5ff897a4eb32d66d842a6c603277fd99b01b3776618d11
#会占用全部内存使用
[root@k8s-master ~]# docker stats --no-stream mynginx2
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
28e3b09617d2 mynginx2 0.00% 1.383MiB / 3.683GiB 0.04% 656B / 0B 0B / 0B 2
CPU限额: 允许容器最多使用一个半的CPU:
[root@k8s-master ~]# docker run -d --name mynginx5 --cpus="1.5" nginx
e276bc413a9ec69f07bad57872283bd5724914114ba1f059a1befebc982d4a48
允许容器最多使用50%的CPU:
[root@k8s-master ~]# docker run -d --name mynginx6 --cpus=".5" nginx
2bf1244538f751144915c8ef05382b240b344a63af38d3794155c98159ab71cc
[root@k8s-master ~]#
。。。。。。
管理容器常用命令
| 命令 | 描述 |
|---|---|
| ls | 列出容器 |
| inpsect | 查看一个或多个容器详细信息 |
| exec | 在运行容器中执行命 |
| commit | 创建一个新镜像来自一个容器 |
| cp | 拷贝文件/文件夹到一个容器 |
| logs | 获取一个容器日志 |
| port | 列出或指定容器端口映射 |
| top | 显示一个容器运行的进程 |
| stop/start | 停止/启动一个或多个容器 |
| rm | 删除一个或多个容器 |
案例
#查询刚运行过的容器
[root@k8s-master ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
79b5cab6d470 hello-world "/hello" 10 seconds ago Exited (0) 9 seconds ago wonderful_poitras
[root@k8s-master ~]#
#查找所有的容器
[root@k8s-master ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
79b5cab6d470 hello-world "/hello" 58 seconds ago Exited (0) 58 seconds ago wonderful_poitras
6bec9470bd9b nginx "/docker-entrypoint.…" 5 minutes ago Up 5 minutes 0.0.0.0:80->80/tcp mynginx
[root@k8s-master ~]#
#列出全部正在运行的容器
[root@k8s-master ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6bec9470bd9b nginx "/docker-entrypoint.…" 6 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp mynginx
#创建一个新的镜像来源与一个容器内
查看当前容器
[root@k8s-master ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6bec9470bd9b nginx "/docker-entrypoint.…" 6 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp mynginx
#进入nginx容器
[root@k8s-master ~]# docker exec -it 6bec9470bd9b bash
#创建4个文件夹
root@6bec9470bd9b:/# touch {1..4}
#查看文件夹
root@6bec9470bd9b:/# ls
1 2 3 4 bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
#退出
root@6bec9470bd9b:/# exit
#创建一个新的镜像
[root@k8s-master ~]# docker commit mynginx web01:v1.0
sha256:ddc180bf76daa8d7ef3e5908da53a0c6d5951e255fce5bd69d53ac6f2dab720f
#查看新创建的镜像
[root@k8s-master ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
web01 v1.0 ddc180bf76da 2 minutes ago 132MB
nginx latest 4392e5dad77d 4 days ago 132MB
centos latest 470671670cac 4 months ago 237MB
hello-world latest bf756fb1ae65 5 months ago 13.3kB
#运行新创建的容器镜像
[root@k8s-master ~]# docker run -d -p 82:80 --name mynginx2 web01:v1.0
dfa810018e45d33d921cf691550641438222e65b97dc26df9eb9a10227a59879
#查看刚刚创建的容器
[root@k8s-master ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dfa810018e45 web01:v1.0 "/docker-entrypoint.…" 6 seconds ago Up 5 seconds 0.0.0.0:82->80/tcp mynginx2
#进入容器查看是否存在4个文件夹
[root@k8s-master ~]# docker exec -it dfa810018e45 bash
#查看新镜像包含创建的4个文件夹,由此操作完毕!
root@dfa810018e45:/# ls
1 2 3 4 bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@dfa810018e45:/#
#复制宿主机文件到容器内部
[root@k8s-master ~]# docker container ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dfa810018e45 web01:v1.0 "/docker-entrypoint.…" 7 minutes ago Up 7 minutes 0.0.0.0:82->80/tcp mynginx2
79b5cab6d470 hello-world "/hello" 18 minutes ago Exited (0) 18 minutes ago wonderful_poitras
6bec9470bd9b nginx "/docker-entrypoint.…" 23 minutes ago Up 23 minutes 0.0.0.0:80->80/tcp mynginx
[root@k8s-master ~]# docker cp hello.tar mynginx:/
[root@k8s-master ~]# docker exec -it mynginx bash
root@6bec9470bd9b:/# ls
1 2 3 4 bin boot dev docker-entrypoint.d docker-entrypoint.sh etc hello.tar home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
root@6bec9470bd9b:/#
#查看容器运行日志
[root@k8s-master ~]# docker logs dfa810018e45
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: IPv6 listen already enabled, exiting
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
#容器运行的进程
[root@k8s-master ~]# docker top dfa810018e45
UID PID PPID C STIME TTY TIME CMD
root 25723 25706 0 16:23 ? 00:00:00 nginx: master process nginx -g daemon off;
101 25767 25723 0 16:23 ? 00:00:00 nginx: worker process
[root@k8s-master ~]#
。。。。。。。
更多的命令,查看命令手册即可
docker run --help
docker ps --help
docker container --help
…