环境安装
# 操作系统版本:linux CentOS 7.2 64 3.10.0-514.6.2.el7.x86_64
# 添加包的来源
$ yum install epel-release –y
$ yum clean all
$ yum list
# 安装并且运行
$ yum install docker-io –y
$ systemctl start docker
# 检查安装结果
$ docker info
# 操作系统版本:win7 64
# 安装:http://www.runoob.com/docker/windows-docker-install.html
# https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html
# 遇到问题
# 问题:点击Docker出现windows 正在查找bash.exe。如果想亲自查找文件,请点击“浏览”的问题
# 解决:https://blog.csdn.net/A632189007/article/details/78601213
# 参考:https://help.aliyun.com/document_detail/51853.html?spm=a2c4g.11186623.6.819.Mez5Ng
# 操作系统版本:win10 64
# 安装:https://segmentfault.com/a/1190000007875949
改安装源
# 情景:由于docker主机在外国,安装好之后我们需要更改下源,不然下载image的时候会很慢.
# 国内镜像:
daoclound
服务管理
# 操作系统:linux
# 运行
$ systemctl start docker
# 停止
$ systemctl stop docker
# 重启
$ systemctl restart docker
# 操作系统:win
查看帮助
$ docker
镜像管理
# 查找
#2 语法:docker search [OPTIONS] TERM
#2 描述:Search the Docker Hub for images
#2 参数:
#3 条件过滤:-f
#3 美化输出:--format
#3 最大记录:--limit
#3 不截输出:--no-trunc
$ docker search httpd
# 下拉(下载;获取)
#2 语法:docker pull [OPTIONS] NAME[:TAG|@DIGEST]
#2 描述:Pull an image or a repository from a registry
#2 参数:
#3 获取所有:-a
#3 跳过验证:--disable-content-trust
$ docker pull registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
# 修改
#2 创建标签
#3 语法:docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
#3 描述:Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
$ docker tag registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5:latest aliweb:v1
# 查看
#2 列出镜像
#3 语法:docker images [OPTIONS] [REPOSITORY[:TAG]]
#3 描述:List images
#3 参数:
#4 显示所有:-a
#4 显示算法:--digests
#4 条件过滤:-f
#4 美化输出:--format
#4 不截输出:--no-trunc
#4 仅显编号:-q
$ docker images
$ docker images --digests --no-trunc
$ docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
#2 镜像历史
#3 语法: docker history [OPTIONS] IMAGE
#3 描述:Show the history of an image
#3 参数:
#4 某种格式:--format
#4 人读格式:-H
#4 只显编号:-q
$ docker history b961582107fc
# 删除
#2 语法: docker rmi [OPTIONS] IMAGE [IMAGE...]
#2 描述:Remove one or more images
#2 参数:
#3 强制删除:-f, --force Force removal of the image
#3 留未标父:--no-prune Do not delete untagged parents
$ docker rmi -f registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
$ docker rmi -f 2cb0d9787c4d
$ docker rmi -f b961582107fc
# 删除所有
$ docker rm $(docker ps -aq)
# 创建
# ##############################################s
#方式1 :从 Docker Hub 获取已有镜像并更新
#2 启动容器
$ docker run -t -i training/sinatra /bin/bash
$ docker run -it ubuntu bash
#2 安装应用:在容器中添加 json 应用
$ gem install json
//#2 退出容器
//# $ exit #退出时关闭容器
//# #2 启动容器
//$ docker run -d training/sinatra /bin/bash
#2 退出容器
$ Ctrl+P+Q #退出时不关容器
#2 查看容器
$ docker ps
#2 提交更新
#3 语法: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
#3 描述:Create a new image from a container's changes
#3 参数:
#4 镜像作者:-a(--author)
#4 配置文件:-c( --change)
#4 注释信息:-m(--message)
#4 退出容器:-p( --pause)
$ docker commit -m "Added json gem" -a "Docker Newbee" 2d3c7afae625 ouruser/sinatra:v2
#2 查看镜像:验证是否成功
$ docker images
# ##############################################e
# ##############################################s
#方式2 :本地制作一个
# 制作
#2 准备内容:dockerfile
# vim Dockerfile
FROM apachephp:v1 #声明基础镜像来源
MAINTAINER DTSTACK #声明镜像的拥有者
RUN mkdir /dtstact #容器运行前执命令
# 由于Dockerfile文件不能超过127行,因此当命令较多时建议写到脚本中执行
ENTRYPOINT ping www.aliyun.com #开机启动命令,此处最后一个命令需要是可在前台持续执行的命令,否则容器后台运行时会因为命令执行完而退出。
#2 构建镜像
#3 语法: docker build [OPTIONS] PATH | URL | -
#3 描述:Build an image from a Dockerfile
#3 参数:
#4 域名映射:--add-host list Add a custom host-to-IP mapping (host:ip)
#4 构时变量:--build-arg list Set build-time variables
#4 缓存位置:--cache-from strings Images to consider as cache sources
#4 内容压缩:--compress Compress the build context using gzip
#4 跳过验证:--disable-content-trust Skip image verification (default true)
#4 配置文件:-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
#4 移除容器:--force-rm Always remove intermediate containers
#4 编号文件: --iidfile string Write the image ID to the file
#4 设置标签:--label list Set metadata for an image
#4 内存限制: -m, --memory bytes Memory limit
#4 限内开关:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
#4 网络模式: --network string Set the networking mode for the RUN instructions during build (default "default")
#4 关闭缓存:--no-cache Do not use cache when building the image
#4 自动更新:--pull Always attempt to pull a newer version of the image
#4 移除容器:--rm Remove intermediate containers after a successful build (default true)
#4 安全选项:--security-opt strings Security options
#4 指定标签:-t, --tag list Name and optionally a tag in the 'name:tag' format
#4 指定阶段:--target string Set the target build stage to build
$ docker build -t webcentos:v1 . # . 是Dockerfile文件的路径,不能忽略
$ docker images #查看是否创建成功
$ docker run –d webcentos:v1 #后台运行容器
$ docker ps #查看当前运行中的容器
$ docker ps –a #查看所有容器,包括未运行中的
$ docker logs CONTAINER ID/IMAGE #如未查看到刚才运行的容器,则用容器id或者名字查看启动日志排错
$ docker commit fb2844b6c070 dtstackweb:v1 #commit 后接容器id 和构建新镜像的名称和版本号。
$ docker images #列出本地(已下载的和本地创建的)镜像
$ docker push #将镜像推送至远程仓库,默认为 Docker Hub
#2 传到仓库:registry
docker login --username=dtstack_plus registry.cn-shanghai.aliyuncs.com #执行后输入镜像仓库密码
docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
docker push registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
# ##############################################e
# ##############################################s
#方式3 :从本地导入一个
# cat ubuntu-14.04-x86_64-minimal.tar.gz |docker import - ubuntu:14.04
# docker images
# 存出:从本地仓库导出镜像到本地文件
# docker save -o ubuntu_14.04.tar ubuntu:14.04
# 载入:从本地文件导入镜像到本地仓库
# docker load --input ubuntu_14.04.tar
# 或
# udo docker load < ubuntu_14.04.tar
# 内核
#2 帮助:docker image --help
#2 语法:docker image COMMAND
#2 命令:
#3 从配构建
# build Build an image from a Dockerfile
#3 查看历史
# history Show the history of an image
#3 导入创建
# import Import the contents from a tarball to create a filesystem image
#3 载入
load Load an image from a tar archive or STDIN
#3 列出
ls List images
inspect Display detailed information on one or more images
#3 下载
pull Pull an image or a repository from a registry
#3 上传
push Push an image or a repository to a registry
#3 删除
#4 指定镜像
rm Remove one or more images
#4 删除未用
prune Remove unused images
#4 保存
save Save one or more images to a tar archive (streamed to STDOUT by default)
#4 标签
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
# 遇到问题
# 问题:删除镜像时提示image has dependent child images 错误
# 解决:docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
# 参考:https://blog.csdn.net/maxwell/article/details/78941552
容器管理
# 创建
#2 语法:docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Create a new container
#2 参数:
#3 域名映射: --add-host list Add a custom host-to-IP mapping (host:ip)
#3 绑入出错:-a, --attach list Attach to STDIN, STDOUT or STDERR
#3 添系兼容: --cap-add list Add Linux capabilities
#3 移系兼容: --cap-drop list Drop Linux capabilities
#3 编号文件:--cidfile string Write the container ID to the file
#3 添加主机:--device list Add a host device to the container
#3 限读频率:--device-read-bps list Limit read rate (bytes per second) from a device (default [])
#3 限读频率:--device-read-iops list Limit read rate (IO per second) from a device (default [])
#3 限写频率:--device-write-bps list Limit write rate (bytes per second) to a device (default [])
#3 限写频率:--device-write-iops list Limit write rate (IO per second) to a device (default [])
#3 跳过验证:--disable-content-trust Skip image verification (default true)
#3 域名解服:--dns list Set custom DNS servers
#3 域名解参:--dns-option list Set DNS options
#3 域名解域:--dns-search list Set custom DNS search domains
#3 镜像入口:--entrypoint string Overwrite the default ENTRYPOINT of the image
#3 环境变量:-e, --env list Set environment variables
#3 环境变量:--env-file list Read in a file of environment variables
#3 暴露端口:--expose list Expose a port or a range of ports
#3 添加群组:--group-add list Add additional groups to join
#3 健康检查:--health-cmd string Command to run to check health
#3 健检周期:--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
#3 健检通知:--health-retries int Consecutive failures needed to report unhealthy
#3 健检通知: --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
#3 健检超时:--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
#3 主机名字:-h, --hostname string Container host name
#3 容初始化:Run an init inside the container that forwards signals and reaps processes
#3 绑定输入:-i, --interactive Keep STDIN open even if not attached
# 主机地址:--ip string IPv4 address (e.g., 172.30.100.104)
# 主机地址:--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
# 容器隔离:--isolation string Container isolation technology
# 缓存限制:--kernel-memory bytes Kernel memory limit
# 容器标签:-l, --label list Set meta data on a container
# 标签文件:--label-file list Read in a line delimited file of labels
# 容器互联:--link list Add link to another container
# 容器互联:--link-local-ip list Container IPv4/IPv6 link-local addresses
# 日志驱动:--log-driver string Logging driver for the container
# 日驱选项:--log-opt list Log driver options
# 机器地址:--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
# 缓存限制:--memory bytes Memory limit
# 缓存限制:--memory-reservation bytes Memory soft limit
# 缓存限制:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
# 缓存限制:--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
# 文件挂载:--mount mount Attach a filesystem mount to the container
# 容器名字:--name string Assign a name to the container
# 连接网络:--network string Connect a container to a network (default "default")
# 网络别名:--network-alias list Add network-scoped alias for the container
# 健检关闭:--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
# 容编前缀:--pid string PID namespace to use
# 容编限制:--pids-limit int Tune container pids limit (set -1 for unlimited)
# 扩展权限:--privileged Give extended privileges to this container
# 给主容端:-p, --publish list Publish a container's port(s) to the host
# 给主容端:-P, --publish-all Publish all exposed ports to random ports
# 文件只读:--read-only Mount the container's root filesystem as read only
# 重启策略:--restart string Restart policy to apply when a container exits (default "no")
# 退出删容:--rm Automatically remove the container when it exits
# 缓存目录:--runtime string Runtime to use for this container
# 安全选项:--security-opt list Security Options
--shm-size bytes Size of /dev/shm
# 关容信号:--stop-signal string Signal to stop a container (default "SIGTERM")
# 关容超时:--stop-timeout int Timeout (in seconds) to stop a container
# 存驱选项:--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
# 挂载目录:--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
# 非限列表:--ulimit ulimit Ulimit options (default [])
# 用户标识:-u, --user string Username or UID (format: [:])
# 用户名缀: --userns string User namespace to use
--uts string UTS namespace to use
# 绑数据卷:-v, --volume list Bind mount a volume
# 数卷驱动:--volume-driver string Optional volume driver for the container
# 绑数据卷:--volumes-from list Mount volumes from the specified container(s)
# 工作目录:-w, --workdir string Working directory inside the container
$ docker images
# 用仓库+标签确定镜像
$ docker create -it --name centos6_container centos:centos6
# docker create -it --name centos6_container 6a77ab6655b9 bash
$ docker ps -a
# 创数据卷+挂载目录+指定名字
docker create -it --name centos6_container -v /src/webapp:/opt/webapp centos:centos6
# 启动
#2 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Start one or more stopped containers
#2 参数:
#3 绑定输出:-a
#3 覆拆卸钥: --detach-keys string
#3 绑定输入:-i
$ docker start apache
$ docker start ubuntu
$ docker start ubuntu -i
# 进入
#2 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#2 描述:Run a command in a running container
-d, --detach Detached mode: run command in the background
--detach-keys string Override the key sequence for detaching a container
-e, --env list Set environment variables
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user string Username or UID (format: [:])
-w, --workdir string Working directory inside the container
# 进入
#2 方式1:关闭的容器
#3 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#3 描述:Start one or more stopped containers
#2 方式2:运行中容器
#3 语法:docker attach [OPTIONS] CONTAINER
#3 描述:Attach local standard input, output, and error streams to a running container
#3 参数:
#4 莫绑输入: --no-stdin
#4 覆拆卸钥: --detach-keys string
#4 代理信号:--sig-proxy
$ docker attach apache
#2 方式3:运行中容器
#3 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#3 描述:Run a command in a running container
#3 参数:
#4 示例:docker container attach $(docker ps -l --format=' {{.ID}}')
# 退出
#2 方式1:关闭容器
$ exit
#2 方式2:不关容器
$ Ctrl+P+Q
# 停止
#2 语法:docker stop [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Stop one or more running containers
#2 参数
#3 延迟几秒:-t int
$ docker stop apache
$ docker stop ubuntu -t 15
#2 语法:docker kill [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Kill one or more running containers
#2 参数:
#3 发送信号:-s string
# 移除
#2 语法:docker rm [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Remove one or more containers
#2 参数:
#3 强制删除:-f
#3 删数链接:-l
#3 删数据卷:-v
#2 停止状态
$ docker rm apache
#2 运行状态
$ docker rm -f apache
$ docker rm -f ubuntu
$ docker rm -f 2d3c7afae625
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/enter.html
# 导出(备份)
#2 语法: docker export [OPTIONS] CONTAINER
#2 描述:Export a container's filesystem as a tar archive
#2 参数:
#3 文件名字:-o string
$ docker export apache > ubuntu.tar
$ docker export apache -o ubuntu.tar
# 导入(恢复)
#2 语法:docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
#2 描述:Import the contents from a tarball to create a filesystem image
#2 参数:
#3 配置文件:-c, --change list Apply Dockerfile instruction to the created image
#3 注释信息:-m, --message string Set commit message for imported image
$ cat ubuntu.tar | sudo docker import - test/ubuntu:v1.0
# 运行
#2 语法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Run a command in a new container
#2 参数:
#3 后台运行:-d
#3 端口映射:-p
#3 环境变量:-e
#3 缓存大小:-m
#3 交互终端:-it
#3 主机名字:-h
#3 退出关闭:-rm
#3 工作目录:-w
#3 容器名字:--name
# 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
$ docker run -d --name ubuntu 9b9cb95443b5 bash
$ docker run -it ubuntu 9b9cb95443b5 bash
# 查看
# 容器列表
#2 语法: docker ps [OPTIONS]
#2 描述:List containers
#2 参数:
#3 显示所有:-a
#3 条件过滤:-f
#3 美化输出:--format
#3 最新几条:-n
#3 最新一条:-l
#3 不截输出:--no-trunc
#3 仅显编号:-q
#3 显示大小:-s
$ docker ps
$ docker ps -n 5
$ docker ps -l
$ docker ps --no-trunc
$ docker ps -q
$ docker ps -s
#2 流的状态
#3 语法:docker stats [OPTIONS] [CONTAINER...]
#3 描述:Display a live stream of container(s) resource usage statistics
#3 参数:
#2 端口列表
#3 语法:docker port CONTAINER [PRIVATE_PORT[/PROTO]]
#3 描述:List port mappings or a specific mapping for the container
$ docker port 0fb4a58d3982 #?
$ docker port apache #?
$ docker port ubuntu
#2 容器日志
#3 语法: docker logs [OPTIONS] CONTAINER
#3 描述:Fetch the logs of a container
#3 参数:
#4 内容细节:--details
#4 按照日志:-f
#4 从某时起:--since string
#4 最后几行:--tail string
#4 显示时间:-t
#4 在某时前:--until string
$ docker logs -f apache
$ docker logs 2d3c7afae625
$ docker logs ubuntu
#2 底层信息
#3 语法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#3 描述:Return low-level information on Docker objects
#3 参数:
#4 美化输出:-f string
#4 显示大小:-c
#4 指定格式:--type string
$ docker inspect apache
$ docker inspect ubuntu
#2 列出进程
#3 语法: docker top CONTAINER [ps OPTIONS]
#3 描述:Display the running processes of a container
#2 文件差异
#3 语法: docker diff CONTAINER
#3 描述:Inspect changes to files or directories on a container's
# 修改
# 重新命名
#2 语法:docker rename CONTAINER NEW_NAME
#2 描述:Rename a container
# 重新启动
#2 语法: docker restart [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Restart one or more containers
#2 参数:
#3 延迟几秒:-t int
# 暂停进程
#2 语法: docker pause CONTAINER [CONTAINER...]
#2 描述:Pause all processes within one or more containers
# 启动进程
#2 语法:docker unpause CONTAINER [CONTAINER...]
#2 描述:Unpause all processes within one or more containers
# 更新配置
#2 语法:docker update [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Update configuration of one or more containers
#2 参数:
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable
(default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--restart string Restart policy to apply when a container exits
##################################s
# 使用容器制作镜像
# steps-01:进入容器
#2 交互终端
$ docker run –ti e121d5f99e1e /bin/bash
#2 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
#2 正在运行
$ docker exec -ti apache /bin/bash
# steps-02:修改容器
# steps-03:创建镜像
#2 将容器做成镜像
# 语法:docker commit containerID/containerName newImageName:tag
# 描述:Create a new image from a container's changes
# 参数:
# 镜像作者: -a, --author string Author (e.g., "John Hannibal Smith ")
# 配置文件: -c, --change list Apply Dockerfile instruction to the created image
# 注释备注: -m, --message string Commit message
# 暂停进程:-p, --pause Pause container during commit (default true)
# 示例:
$ docker commit 4c8066cd8c01 apachephp:v1
# 参考:https://www.cnblogs.com/SzeCheng/p/6822905.html
仓库管理
# 官方仓库(公共仓库)
#2 注册
#3 语法:docker login [OPTIONS] [SERVER]
#3 参数:
#4 指定密码:-p string
#4 指定账户:-u string
#4 输入输密:--password-stdin
#3 注册成功后,本地用户目录的 .dockercfg 中将保存用户的认证信息。
$ docker login
#2 登录
$ docker login
#2 注销
#3 语法:docker logout [SERVER]
$ docker logout
# 基本操作
#2 搜索
$ sudo docker search centos
#2 下载
$ sudo docker pull centos
#2 上传
$ docker push
# 自动创建
# 基础镜像:由 Docker 公司创建、验证、支持、提供。这样的镜像往往使用单个单词作为名字。
# 用户镜像:由 Docker 的用户创建并维护的,往往带有用户名称前缀。比如 tianon/centos 镜像
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dockerhub.html
# 私有仓库
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html
# 配置文件
搭建私库
# 搭建(服务器)
#2 安装镜像:docker-registry
#2 运行容器: docker-registry
docker run -d -p 5000:5000 registry
#3 指定配置文件的位置:
-v /home/user/registry-conf:/registry-conf
#3 指定上传镜像的存放目录:
-v /opt/data/registry:/tmp/registry
# 使用(客户端)
# 安装软件
$ sudo yum install -y python-devel libevent-devel python-pip gcc xz-devel
$ sudo python-pip install docker-registry
# 修改配置
$ cp config/config_sample.yml config/config.yml
# 启动容器
$ sudo gunicorn -c contrib/gunicorn.py docker_registry.wsgi:application
# 验证查看
$ curl ...
# 搜索镜像
$ docker images
$ docker tag ba58 192.168.7.26:5000/test
# 上传镜像
$ docker push 192.168.7.26:5000/test
# 下载镜像
$ docker pull 192.168.7.26:5000/test
# 查看镜像
$ curl http://192.168.7.26:5000/v1/search
# 批量上传
$ wget https://github.com/yeasy/docker_practice/raw/master/_local/push_images.sh; sudo chmod a+x push_images.sh
$ ./push_images.sh ubuntu:latest centos:centos7
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html
配置文件
参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/config.html
管数据卷
# 用途
1. 绕过“拷贝写”系统,以达到本地磁盘IO的性能,(比如运行一个容器,在容器中对数据卷修改内容,会直接改变宿主机上的数据卷中的内容,所以是本地磁盘IO的性能,而不是先在容器中写一份,最后还要将容器中的修改的内容拷贝出来进行同步。)
2. 绕过“拷贝写”系统,有些文件不需要在docker commit打包进镜像文件。
3. 在多个容器之间共享目录 :使用数据卷容器
4. 在宿主和容器间共享目录
5. 在宿主和容器间共享文件
# 创建
# 语法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 方式1:使用 -v 标记
# docker run -d -P --name web -v /webapp training/webapp python app.py
#3 create a container
$ docker images
$ docker run --name data -v /opt/data -t -i docker.io/ubuntu /bin/bash
#3 do in container
$ cd /opt/data
$ ls
$ echo "123" > 123
$ echo "123123" > 123123
$ ls
#3 do in the vm
# $ exit #退出时关闭容器
$ Ctrl+P+Q #退出时不关容器
$ docker ps
$ docker inspect data|grep /var/lib/docker/volumes
$ sudo ls /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data
$ sudo su
$ echo "asdhfjashdfjk" >> /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data/123
#3 do in container
# $ docker start -i data #exit时用
$ docker attach data
$ ls /opt/data
$ cat /opt/data/123
#2 方式2:也可在 Dockerfile 中使用 VOLUME
# 添加一个或者多个新的卷到由该镜像创建的任意容器
# 挂载
# 挂载目录:-v
# docker run -d -P --name web -v /src/webapp:/opt/webapp training/webapp python app.py
# 指定权限::ro
#2 只读::ro
# docker run -d -P --name web -v /src/webapp:/opt/webapp:ro training/webapp python app.py
#2 读写:
# 挂载文件:-v
# docker run --rm -it -v ~/.bash_history:/.bash_history ubuntu /bin/bash
# 后台运行:-d
# 端口映射:-p
# 环境变量:-v
# 缓存大小:-m
# 交互终端:-it
# 主机名字:-h
# 退出关闭:-rm
# 工作目录:-w
# 容器名字:--name
# 备份
# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
# tar /backup/backup.tar (待查看命令)
# 恢复
# docker run -v /dbdata --name dbdata2 ubuntu /bin/bash
# docker run --volumes-from dbdata2 -v $(pwd):/backup busybox tar xvf
/backup/backup.tar
# 迁移
# 查看
#2 语法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#2 语法:grep [-HhnlLoqvsriwFE] [-m N] [-A/B/C N] PATTERN/-e PATTERN.../-f FILE [FILE]..
# docker inspect data|grep /var/lib/docker/volumes
# 删除
# 方式1:删除容器时
# docker rm -v
# 方式2:运行容器时
# docker run --rm
# 创建数据卷容器
# docker run -d -v /dbdata --name dbdata training/postgres echo Data-only container for postgres
# 使用数据卷容器
# docker run -d --volumes-from dbdata --name db1 training/postgres
# 参考:https://www.cnblogs.com/kevingrace/p/6238195.html
# https://blog.csdn.net/u013246898/article/details/53133220
# https://www.cnblogs.com/sawyerlsy/p/7273161.html
访问控制
# 容器访问外部网络:'端口映射'
#2 前提条件
#3 需要本地系统的转发支持
#4 查防火墙
$ sudo sysctl net.ipv4.ip_forward
#4 开防火墙
$ sudo sysctl -w net.ipv4.ip_forward=1
#2 简单示例
$ sudo docker run -d -P training/webapp python app.py
$ sudo docker ps -l
$ sudo docker logs -f nostalgic_boyd
# 默认协议所有地址随机端口
sudo docker run -d -P training/webapp python app.py
# 默认协议所有地址指定端口
$ sudo docker run -d -p 5000:5000 training/webapp python app.py
# 默认协议指定地址随机端口
$ sudo docker run -d -p 127.0.0.1::5000 training/webapp python app.py
# 默认协议指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py
# 指定协议指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py
# 标记多个地址或者多个端口
$ sudo docker run -d -p 5000:5000 -p 3000:80 training/webapp python app.py
# 查看本地与容器的端口映射
$ docker port nostalgic_boyd 5000
# 备注:容器有自己的内部网络和 ip 地址
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/port_mapping.html
# 各个容器之间访问:容器互联
#2 前提条件
#3 容器的网络拓扑是否已经互联。默认情况下,所有容器都会被连接到 docker0 网桥上
#3 需要本地系统的转发支持
#2 简单示例
#3 建数据库容器
$ sudo docker run -d --name db training/postgres
#3 删除网页容器
$ docker rm -f web
#3 创建网页容器+建立容器链接
$ sudo docker run -d -P --name web --link db:db training/webapp python app.py
#3 查看容器连接
$ docker ps
#3 查看容器环境变量:通过env命令
$ sudo docker run --rm --name web2 --link db:db training/webapp env
#3 查看容器环境变量:通过hosts文件
cat /etc/hosts
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/linking.html
https://blog.csdn.net/ynhzdxc/article/details/70536695
https://blog.csdn.net/fighterandknight/article/details/72513814
# 访问所有端口切换
# --icc=true
# 或在 /etc/default/docker 文件中配置 DOCKER_OPTS=--icc=true
# 设置访问指定端口
端口映射
# 容器访问外部实现
# 注释:容器所有到外部网络的连接,源地址都会被NAT成本地系统的IP地址。
# 注释:这是使用 iptables 的源地址伪装操作实现的。
# 查看主机的 NAT 规则
$ sudo iptables -t nat -nL
# 外部访问容器实现
# 在 docker run 时候通过 -p 或 -P 参数来启用
#2 查看主机的 NAT 规则
$ sudo iptables -t nat -nL
#2 指定端口
#2 指定地址:-p IP:host_port:container_port
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/con_port_mapping.html
域名管理
# 语法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
# 主机名字
# -h HOSTNAME or --hostname=HOSTNAME
# 注释:设定容器的主机名字,它会被写到容器内的 /etc/hostname 和 /etc/hosts。
# 主机别名
# --link=CONTAINER_NAME:ALIAS
# 情景:在创建容器的时候,添加一个其他容器的主机别名到 /etc/hosts 文件中
# 让新容器的进程可以使用主机别名 ALIAS 就可以连接它。
# 指定容器dns服务器地址
# --dns=IP_ADDRESS
# 情景:添加 DNS 服务器地址到容器的 /etc/resolv.conf 中,让容器用这个服务器来解析所有不在 /etc/hosts 中的主机名。
# 设定某容器的dns搜索域
# --dns-search=DOMAIN
# 容器默认的dsn配置文件
# 如果没有指定容器的dns配置,Docker 会默认用主机上的 /etc/resolv.conf 来配置容器。
# 情景:宿主主机 DNS 信息发生更新后,所有 Docker 容器的 dns 配置通过 /etc/resolv.conf 文件立刻得到更新。
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dns.html
网桥管理
############################默认网桥
# 创建
# Docker 服务默认会创建一个 docker0 网桥(其上有一个 docker0 内部接口),
# 它在内核层连通了其他的物理或虚拟网卡,
# 这就将所有容器和本地主机都放到同一个物理网络。
--bip=CIDR -- IP 地址加掩码格式
--mtu=BYTES -- 接口允许接收的最大传输单元
# 查看
sudo brctl show
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/docker0.html
############################自定网桥
# 删除
$ sudo service docker stop
$ sudo ip link set dev docker0 down
$ sudo brctl delbr docker0
# 创建
$ sudo brctl addbr bridge0
$ sudo ip addr add 192.168.5.1/24 dev bridge0
$ sudo ip link set dev bridge0 up
$ ip addr show bridge0 # 查看确认
# 配置:docker服务
echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker
# 启动:docker服务
sudo service docker star
# 知识储备:
# 查看桥接信息
brctl show
# 查看ip地址配置
ip addr
# 查看ip路由信息
ip route
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/bridge.html
############################自定网桥:win7环境
网络流转:win7->宿主机->容器
# 参考:https://blog.csdn.net/ynhzdxc/article/details/70536695
https://blog.csdn.net/qq_29245097/article/details/52996911
http://wiki.jikexueyuan.com/project/docker-technology-and-combat/pull.html
https://www.cnblogs.com/Leo_wl/p/5955414.html
https://www.cnblogs.com/SzeCheng/p/6822905.html
查看帮助
# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default
"/home/docker/.docker")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level
("debug"|"info"|"warn"|"error"|"fatal")
(default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default
"/home/docker/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default
"/home/docker/.docker/cert.pem")
--tlskey string Path to TLS key file (default
"/home/docker/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
config Manage Docker configs
container Manage containers
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command
版本信息
# docker@default:~$ docker version
Client:
Version: 18.06.0-ce
API version: 1.38
Go version: go1.10.3
Git commit: 0ffa825
Built: Wed Jul 18 19:04:39 2018
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: 18.06.0-ce
API version: 1.38 (minimum version 1.12)
Go version: go1.10.3
Git commit: 0ffa825
Built: Wed Jul 18 19:13:39 2018
OS/Arch: linux/amd64
Experimental: false
信息状态
$ docker inspect ubuntu
[
{
"Id": "68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c",
"Created": "2018-07-29T14:29:11.525395261Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2018-07-29T14:29:12.520176898Z",
"FinishedAt": "2018-07-29T14:29:12.905744977Z"
},
"Image": "sha256:9b9cb95443b5f846cd3c8cfa3f64e63b6ba68de2618a08875a119c81a8f96698",
"ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/resolv.conf",
"HostnamePath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hostname",
"HostsPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hosts",
"LogPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c-json.log",
"Name": "/ubuntu",
"RestartCount": 0,
"Driver": "aufs",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "shareable",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DiskQuota": 0,
"KernelMemory": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": 0,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/asound",
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": null,
"Name": "aufs"
},
"Mounts": [],
"Config": {
"Hostname": "68550c2b2628",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"ArgsEscaped": true,
"Image": "9b9cb95443b5",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "c67f46813c6e71b611a812cd3e7c06127f2a288fb83f085f11e869cfd8b680b6",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/c67f46813c6e",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "99c7a9910a515a5f3889ebbc9f99078399728cf8b12d79ec26e9e91c4dfb5e7f",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
全局信息
# 查看
$ docker info
# 容器
# 容器数量
Containers: 1
# 正在运行
Running: 1
# 正在暂停
Paused: 0
# 已经停止
Stopped: 0
# 镜像
# 镜像数量
Images: 6
# 主机
# 主机版本
Server Version: 18.06.0-ce
# 驱动
# 驱动类型
Storage Driver: aufs
# 其根目录
Root Dir: /mnt/sda1/var/lib/docker/aufs
# 后台系统
Backing Filesystem: extfs
# 目录数量
Dirs: 28
# 目录权限
Dirperm1 Supported: true
# 日志驱动
Logging Driver: json-file
# 群组驱动
Cgroup Driver: cgroupfs
# 关于插件
Plugins:
#其数据卷
Volume: local
# 网络
Network: bridge host macvlan null overlay
# 日志
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
# 集群
Swarm: inactive
# 缓存
Runtimes: runc
Default Runtime: runc
# 初始
Init Binary: docker-init
containerd version: d64c661f1d51c48782c9cec8fda7604785f93587
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
# 安全选项
Security Options:
seccomp
Profile: default
#
Kernel Version: 4.9.93-boot2docker
# 操作系统
Operating System: Boot2Docker 18.06.0-ce (TCL 8.2.1); HEAD : 1f40eb2 - Thu Jul 19 18:48:09 UTC 2018
# 系统类型
OSType: linux
# 特性
Architecture: x86_64
# 内核数量
CPUs: 1
Total Memory: 995.6MiB
# 用户名字
Name: default
ID: UL72:EAQP:IIPC:XM3R:7CEB:FOAP:LXPL:SZAS:NLZ5:OXOT:YTGW:6N4K
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
provider=virtualbox
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
帮助
配置管理
Usage: docker config COMMAND
Manage Docker configs
Commands:
create Create a config from a file or STDIN
inspect Display detailed information on one or more configs
ls List configs
rm Remove one or more configs
Run 'docker config COMMAND --help' for more information on a command.
# 创建
Usage: docker config create [OPTIONS] CONFIG file|-
Create a config from a file or STDIN
Options:
-l, --label list Config labels
--template-driver string Template driver
# 查看
#2 列出文件
Usage: docker config ls [OPTIONS]
List configs
Aliases:
ls, list
Options:
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print configs using a Go template
-q, --quiet Only display IDs
#2 显示详情
Usage: docker config inspect [OPTIONS] CONFIG [CONFIG...]
Display detailed information on one or more configs
Options:
-f, --format string Format the output using the given Go template
--pretty Print the information in a human friendly format
# 移除
Usage: docker config rm CONFIG [CONFIG...]
Remove one or more configs
Aliases:
rm, remove
容器管理
Usage: docker container COMMAND
Manage containers
Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
exec Run a command in a running container
export Export a container's filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.
镜像管理
Usage: docker image COMMAND
Manage images
Commands:
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
网络管理
Usage: docker network COMMAND
Manage networks
Commands:
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks
Run 'docker network COMMAND --help' for more information on a command.
节点管理
Usage: docker node COMMAND
Manage Swarm nodes
Commands:
demote Demote one or more nodes from manager in the swarm
inspect Display detailed information on one or more nodes
ls List nodes in the swarm
promote Promote one or more nodes to manager in the swarm
ps List tasks running on one or more nodes, defaults to current node
rm Remove one or more nodes from the swarm
update Update a node
Run 'docker node COMMAND --help' for more information on a command.
插件管理
Usage: docker plugin COMMAND
Manage plugins
Commands:
create Create a plugin from a rootfs and configuration. Plugin data directory must contain config.json and rootfs directory.
disable Disable a plugin
enable Enable a plugin
inspect Display detailed information on one or more plugins
install Install a plugin
ls List plugins
push Push a plugin to a registry
rm Remove one or more plugins
set Change settings for a plugin
upgrade Upgrade an existing plugin
Run 'docker plugin COMMAND --help' for more information on a command.
加密管理
Usage: docker secret COMMAND
Manage Docker secrets
Commands:
create Create a secret from a file or STDIN as content
inspect Display detailed information on one or more secrets
ls List secrets
rm Remove one or more secrets
Run 'docker secret COMMAND --help' for more information on a command.
服务管理
Usage: docker service COMMAND
Manage services
Commands:
create Create a new service
inspect Display detailed information on one or more services
logs Fetch the logs of a service or task
ls List services
ps List the tasks of one or more services
rm Remove one or more services
rollback Revert changes to a service's configuration
scale Scale one or multiple replicated services
update Update a service
Run 'docker service COMMAND --help' for more information on a command.
栈的管理
Usage: docker stack [OPTIONS] COMMAND
Manage Docker stacks
Options:
--orchestrator string Orchestrator to use (swarm|kubernetes|all)
Commands:
deploy Deploy a new stack or update an existing stack
ls List stacks
ps List the tasks in the stack
rm Remove one or more stacks
services List the services in the stack
Run 'docker stack COMMAND --help' for more information on a command.
集群管理
Usage: docker swarm COMMAND
Manage Swarm
Commands:
ca Display and rotate the root CA
init Initialize a swarm
join Join a swarm as a node and/or manager
join-token Manage join tokens
leave Leave the swarm
unlock Unlock swarm
unlock-key Manage the unlock key
update Update the swarm
Run 'docker swarm COMMAND --help' for more information on a command.
系统管理
Usage: docker system COMMAND
Manage Docker
Commands:
df Show docker disk usage
events Get real time events from the server
info Display system-wide information
prune Remove unused data
Run 'docker system COMMAND --help' for more information on a command.
信任管理
Usage: docker trust COMMAND
Manage trust on Docker images
Management Commands:
key Manage keys for signing Docker images
signer Manage entities who can sign Docker images
Commands:
inspect Return low-level information about keys and signatures
revoke Remove trust for an image
sign Sign an image
Run 'docker trust COMMAND --help' for more information on a command.
管数据卷
Usage: docker volume COMMAND
Manage volumes
Commands:
create Create a volume
inspect Display detailed information on one or more volumes
ls List volumes
prune Remove all unused local volumes
rm Remove one or more volumes
Run 'docker volume COMMAND --help' for more information on a command.
配置文件
# 结构
# 指令:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/instructions.html
# 创建镜像:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/build_image.html
底层实现
# 基本架构:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/arch.html
# 命令空间
#2 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/namespace.html
# 控制小组
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/cgroups.html
# 文件系统
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/ufs.html
# 容器格式
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/container_format.html
# 网络实现
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/network.html
组合项目
# 简介:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/intro.html
#安装
#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/install.html
# 使用
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/usage.html
#命令
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/commands.html
# 配置
#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/yaml_file.html
实例
使用示例
# 前段开发者的docker之旅:nginx
# steps-01:编写 Dockerfile
# steps-02:构建 Docker Image
# steps-03:部署 Docker Image
# 全栈开发者的docker之旅:nodejs
# 后端开发者的docker之旅:nodejs
# 后端开发者的docker之旅:php
# 目录挂载-win7:https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html
# 搭建开发环境:nodejs
# https://segmentfault.com/a/1190000007955073
# 搭建开发环境:php
# https://segmentfault.com/a/1190000006802383
# https://segmentfault.com/a/1190000013020851
# 搭建开发环境:lnmp
# https://segmentfault.com/a/1190000011908990
# 搭建开发环境:java
# https://segmentfault.com/a/1190000006843830
# 搭建集群环境:ELK
# https://segmentfault.com/a/1190000004411703
# 搭建集群环境:redis
# https://segmentfault.com/a/1190000004353368
# 参考:http://guide.daocloud.io/dcs/hello-docker-9153901.html
# http://guide.daocloud.io/dcs/hello-dockernode-js-9153948.html