docker中的容器:
Open Container-initiative
由Linux基金会主导于2015年6月创立
旨在围绕容器格式和运行时制定一个开放的工业化标准
包含两个规格
运行时规范(runtime-spec)
形象规范(image-spec)
打开容器格式
runC是一个CLI工具,用于根据OCI规范生成和运行容器
容器作为runC的子进程启动,可以嵌入到各种其他系统中,而不需要运行守护进程
runC是基于libcontainer构建的,同样的容器技术为数百万的Docker引擎安装提供了动力
docker提供了一个专门容纳容器镜像的站点:https://hub.docker.com
为什么镜像仓库名字是Registry而不是repository?在docker中仓库的名字是以应用的名称取名的。
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的。
当你使用docker时,你正在创建和使用镜像、容器、网络、卷、插件和其他对象。
镜像
映像是一个只读模板,它带有创建docker容器的指令。
通常,一个映像基于另一个映像,并具有一些额外的自定义。
您可以创建自己的映像,也可以只使用其他人创建并在注册表中发布的映像。
容器
容器是映像的可运行实例。
您可以通过docker API或CLI创建、运行、停止、移动或删除容器。
您可以将容器连接到一个或多个网络,将存储连接到它,甚至根据它的当前状态创建一个新映像。
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1919 100 1919 0 0 3748 0 --:--:-- --:--:-- --:--:-- 3740
[root@localhost yum.repos.d]# ls
CentOS-Stream-AppStream.repo CentOS-Stream-Media.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-PowerTools.repo
CentOS-Stream-Debuginfo.repo CentOS-Stream-RealTime.repo
CentOS-Stream-Extras.repo docker-ce.repo
CentOS-Stream-HighAvailability.repo
// 改成清华大学的源
[root@localhost yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo
[root@localhost ~]# yum clean all
28 文件已删除
[root@localhost ~]# yum makecache
[root@localhost ~]# yum -y install docker-ce
ocker-ce的配置文件是/etc/docker/daemon.json,此文件默认不存在,需要我们手动创建并进行配置,而docker的加速就是通过配置此文件来实现的。
docker的加速有多种方式:
[root@localhost ~]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@localhost ~]# ls /etc/docker/
key.json
[root@localhost ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "registry-mirrors": ["https://arq8p4a6.mirror.aliyuncs.com"]
> }
> EOF
{
"registry-mirrors": ["https://arq8p4a6.mirror.aliyuncs.com"]
}
//重启生效
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 20.10.11
API version: 1.41
Go version: go1.16.9
Git commit: dea9396
Built: Thu Nov 18 00:36:58 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.11
API version: 1.41 (minimum version 1.12)
Go version: go1.16.9
Git commit: 847da18
Built: Thu Nov 18 00:35:20 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@localhost ~]# docker info
···················
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://arq8p4a6.mirror.aliyuncs.com/ <--------加速器
Live Restore Enabled: false
命令 | 功能 |
---|---|
docker search | 在Docker Hub中搜索镜像 |
docker pull | 从注册表中拉出映像或存储库 |
docker images | 列出镜像 |
docker create | 创建一个新的容器 |
docker start | 启动一个或多个停止的容器 |
docker run | 在新容器中运行命令 |
docker attach | 连接到正在运行的容器上 |
docker ps | 列出容器 |
docker logs | 获取容器的日志 |
docker restart | 重新启动容器 |
docker stop | 停止一个或多个正在运行的容器 |
docker kill | 杀死一个或多个正在运行的容器 |
docker rm | 删除一个或多个容器 |
docker exec | 在正在运行的容器中运行命令 |
docker info | 显示系统范围的信息 |
docker inspect | 返回有关Docker对象的信息 |
[root@localhost ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 15899 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2098 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 819 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 285
linuxserver/nginx An Nginx container, brought to you by LinuxS… 160
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 146 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 144 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 110 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co… 79 [OK]
privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 60 [OK]
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 57
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 54
nginxproxy/nginx-proxy Automated Nginx reverse proxy for docker con… 28
staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 25 [OK]
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 22
schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK]
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 16
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13
bitwarden/nginx The Bitwarden nginx web server acting as a r… 11
flashspys/nginx-static Super Lightweight Nginx Image 11 [OK]
mailu/nginx Mailu nginx frontend 9 [OK]
webdevops/nginx Nginx container 9 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 3 [OK]
wodby/nginx Generic nginx 1 [OK]
arnau/nginx-gate Docker image with Nginx with Lua enabled on … 1 [OK]
[root@localhost ~]# docker pull nginx:1.20.2
1.20.2: Pulling from library/nginx
eff15d958d66: Pull complete
1f3e1e3ef6aa: Pull complete
231009cab23f: Pull complete
b2ef879f0046: Pull complete
5495a7eec709: Pull complete
ddde57a4eac9: Pull complete
Digest: sha256:6ce65dd1f3bf44fa60a0212f0f893b78a706f20f09c884b43de50037067d9f5d
Status: Downloaded newer image for nginx:1.20.2
docker.io/library/nginx:1.20.2
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.20.2 aedf7f31bdab 2 weeks ago 141MB
nginx latest ea335eea17ab 2 weeks ago 141MB
[root@localhost ~]# docker create nginx
ff261bf1d8b32b427a50e15944efc65163460faed52b0ad8223f7738d9739f83
[root@localhost ~]# docker create httpd
Unable to find image 'httpd:latest' locally
latest: Pulling from library/httpd
eff15d958d66: Already exists
ba1caf8ba86c: Pull complete
ab86dc02235d: Pull complete
0d58b11d2867: Pull complete
e88da7cb925c: Pull complete
Digest: sha256:1d71eef54c08435c0be99877c408637f03112dc9f929fba3cccdd15896099b02
Status: Downloaded newer image for httpd:latest
a618fa7b19d2a1a54260ba9aee3783e28ab2de5ffcef086a0bc9112c5e8be725
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest ad17c88403e2 12 days ago 143MB
nginx 1.20.2 aedf7f31bdab 2 weeks ago 141MB
nginx latest ea335eea17ab 2 weeks ago 141MB
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a618fa7b19d2 httpd "httpd-foreground" 29 seconds ago Created funny_wozniak
ff261bf1d8b3 nginx "/docker-entrypoint.…" 6 minutes ago Created stoic_bose
2e40024f59d8 nginx "/docker-entrypoint.…" 7 minutes ago Up 4 minutes 80/tcp sleepy_dubinsky
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ff261bf1d8b3 nginx "/docker-entrypoint.…" About a minute ago Created stoic_bose
2e40024f59d8 nginx "/docker-entrypoint.…" About a minute ago Created sleepy_dubinsky
[root@localhost ~]# docker start 2e40024f59d8
2e40024f59d8
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2e40024f59d8 nginx "/docker-entrypoint.…" 2 minutes ago Up 35 seconds 80/tcp sleepy_dubinsky
[root@localhost ~]# docker restart httpd
httpd
[root@localhost ~]# docker run -d --name httpd01 httpd
16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16480867b069 httpd "httpd-foreground" 42 seconds ago Up 39 seconds 80/tcp httpd01
2e40024f59d8 nginx "/docker-entrypoint.…" 9 minutes ago Up 7 minutes 80/tcp sleepy_dubinsky
[root@localhost ~]# docker logs 2e40024f59d8
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2021/12/01 15:05:37 [notice] 1#1: using the "epoll" event method
2021/12/01 15:05:37 [notice] 1#1: nginx/1.21.4
2021/12/01 15:05:37 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2021/12/01 15:05:37 [notice] 1#1: OS: Linux 4.18.0-257.el8.x86_64
2021/12/01 15:05:37 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2021/12/01 15:05:37 [notice] 1#1: start worker processes
2021/12/01 15:05:37 [notice] 1#1: start worker process 31
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16480867b069 httpd "httpd-foreground" 3 minutes ago Up 3 minutes 80/tcp httpd01
a618fa7b19d2 httpd "httpd-foreground" 6 minutes ago Created funny_wozniak
ff261bf1d8b3 nginx "/docker-entrypoint.…" 12 minutes ago Created stoic_bose
2e40024f59d8 nginx "/docker-entrypoint.…" 12 minutes ago Up 10 minutes 80/tcp sleepy_dubinsky
[root@localhost ~]# docker rm ff261bf1d8b3
ff261bf1d8b3
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16480867b069 httpd "httpd-foreground" 4 minutes ago Up 4 minutes 80/tcp httpd01
a618fa7b19d2 httpd "httpd-foreground" 6 minutes ago Created funny_wozniak
2e40024f59d8 nginx "/docker-entrypoint.…" 13 minutes ago Up 10 minutes 80/tcp sleepy_dubinsky
//取出id
[root@localhost ~]# docker ps -aq
f570e5f764fa
6eb43374d424
2f3ce2082fcd
ef554fb3f364
053fabe2ef8b
ec4343b6856c
16480867b069
a618fa7b19d2
2e40024f59d8
[root@localhost ~]# docker rm $(docker ps -aq)
f570e5f764fa
6eb43374d424
2f3ce2082fcd
ef554fb3f364
053fabe2ef8b
ec4343b6856c
a618fa7b19d2
[root@localhost ~]# docker exec -it httpd01 /bin/bash
root@16480867b069:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@16480867b069:/usr/local/apache2# cd conf/
root@16480867b069:/usr/local/apache2/conf# ls
extra httpd.conf magic mime.types original
root@16480867b069:/usr/local/apache2/conf# cd ..
root@16480867b069:/usr/local/apache2# exit
exit
[root@localhost ~]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.6.3-docker)
scan: Docker Scan (Docker Inc., v0.9.0)
Server:
Containers: 2
Running: 2
Paused: 0
Stopped: 0
Images: 4
Server Version: 20.10.11
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-257.el8.x86_64
Operating System: CentOS Stream 8
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.748GiB
Name: localhost.localdomain
ID: EJRD:OZWH:L6CQ:JGAH:M3JD:CJLY:STQK:ORTY:HNX7:BCKF:WBM3:2RE5
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://arq8p4a6.mirror.aliyuncs.com/
Live Restore Enabled: false
[root@localhost ~]# docker inspect 16480867b069
[
{
"Id": "16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af",
"Created": "2021-12-01T15:12:03.143572662Z",
"Path": "httpd-foreground",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 292989,
"ExitCode": 0,
"Error": "",
"StartedAt": "2021-12-01T15:12:05.848429157Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:ad17c88403e2cedd27963b98be7f04bd3f903dfa7490586de397d0404424936d",
"ResolvConfPath": "/var/lib/docker/containers/16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af/hostname",
"HostsPath": "/var/lib/docker/containers/16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af/hosts",
"LogPath": "/var/lib/docker/containers/16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af/16480867b0691d528eb7b89652b7e43a080b410460ae79f1eb0d0135cf2e63af-json.log",
"Name": "/httpd01",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/968eb5fe413e30713fed3440fb90a3db80966abad841e8544c537c3b73e4414b-init/diff:/var/lib/docker/overlay2/bdd357152f4eabf85e864c18c8045c25c8a4d757e028bdce77785e345befff30/diff:/var/lib/docker/overlay2/7fee41e67a7b6fbdaa04fdb44d3616b7fe173c3a1e8845972837797f7fad7481/diff:/var/lib/docker/overlay2/be77f22d1ea843d087952bf5a584dd123ffe2bc381bcf93b92571c51cf8d486f/diff:/var/lib/docker/overlay2/0f4e72d68df47ec671f222c11f529c816cd3c95e6b22a098c8fef0e4a0d67714/diff:/var/lib/docker/overlay2/3d6a6db40af7b52c21dd5f7ff2f476147f04d28444fd5adc945d3295d0e6b43b/diff",
"MergedDir": "/var/lib/docker/overlay2/968eb5fe413e30713fed3440fb90a3db80966abad841e8544c537c3b73e4414b/merged",
"UpperDir": "/var/lib/docker/overlay2/968eb5fe413e30713fed3440fb90a3db80966abad841e8544c537c3b73e4414b/diff",
"WorkDir": "/var/lib/docker/overlay2/968eb5fe413e30713fed3440fb90a3db80966abad841e8544c537c3b73e4414b/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "16480867b069",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HTTPD_PREFIX=/usr/local/apache2",
"HTTPD_VERSION=2.4.51",
"HTTPD_SHA256=20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4",
"HTTPD_PATCHES="
],
"Cmd": [
"httpd-foreground"
],
"Image": "httpd",
"Volumes": null,
"WorkingDir": "/usr/local/apache2",
"Entrypoint": null,
"OnBuild": null,
"Labels": {},
"StopSignal": "SIGWINCH"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "f0b9ffd80d7beb03933fdcc58d04702e175ef4a5ee333d1526a5a65da58ffac3",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/f0b9ffd80d7b",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "68c0c235d6efe1af34657ba50efb871682b78f12b42d50df083b804779214b4e",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8c3064017d45a1793f78cb07a4458e9028eb3125afc4515dba3b057b8de7fde5",
"EndpointID": "68c0c235d6efe1af34657ba50efb871682b78f12b42d50df083b804779214b4e",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
}
}
]