使用手册-Docker

环境安装

# 操作系统版本:linux CentOS 7.2 64 3.10.0-514.6.2.el7.x86_64

# 添加包的来源
$ yum install epel-release –y
$ yum clean all
$ yum list

# 安装并且运行
$ yum install docker-io –y
$ systemctl start docker

# 检查安装结果
$ docker info

# 操作系统版本:win7 64
# 安装:http://www.runoob.com/docker/windows-docker-install.html
# https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html
# 遇到问题
# 问题:点击Docker出现windows 正在查找bash.exe。如果想亲自查找文件,请点击“浏览”的问题
# 解决:https://blog.csdn.net/A632189007/article/details/78601213
# 参考:https://help.aliyun.com/document_detail/51853.html?spm=a2c4g.11186623.6.819.Mez5Ng

# 操作系统版本:win10 64
# 安装:https://segmentfault.com/a/1190000007875949

改安装源

# 情景:由于docker主机在外国,安装好之后我们需要更改下源,不然下载image的时候会很慢.

# 国内镜像:
daoclound

服务管理

# 操作系统:linux
# 运行
$ systemctl start docker
# 停止
$ systemctl stop docker
# 重启
$ systemctl restart docker

# 操作系统:win

查看帮助

$ docker

镜像管理

# 查找
#2 语法:docker search [OPTIONS] TERM
#2 描述:Search the Docker Hub for images
#2 参数:
#3 条件过滤:-f
#3 美化输出:--format
#3 最大记录:--limit
#3 不截输出:--no-trunc
$ docker search httpd

# 下拉(下载;获取)
#2 语法:docker pull [OPTIONS] NAME[:TAG|@DIGEST]
#2 描述:Pull an image or a repository from a registry
#2 参数:
#3 获取所有:-a
#3 跳过验证:--disable-content-trust
$ docker pull registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5

# 修改
#2 创建标签
#3 语法:docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
#3 描述:Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
$ docker tag  registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5:latest aliweb:v1

# 查看
#2 列出镜像
#3 语法:docker images [OPTIONS] [REPOSITORY[:TAG]]
#3 描述:List images
#3 参数:
#4 显示所有:-a
#4 显示算法:--digests
#4 条件过滤:-f
#4 美化输出:--format
#4 不截输出:--no-trunc
#4 仅显编号:-q
$ docker images
$ docker images  --digests --no-trunc
$ docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)

#2 镜像历史
#3 语法: docker history [OPTIONS] IMAGE
#3 描述:Show the history of an image
#3 参数:
#4 某种格式:--format
#4 人读格式:-H
#4 只显编号:-q
$ docker history b961582107fc


# 删除
#2 语法: docker rmi [OPTIONS] IMAGE [IMAGE...]
#2 描述:Remove one or more images
#2 参数:
#3 强制删除:-f, --force      Force removal of the image
#3 留未标父:--no-prune   Do not delete untagged parents
$ docker  rmi  -f  registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
$ docker  rmi  -f  2cb0d9787c4d
$ docker  rmi  -f  b961582107fc
# 删除所有
$ docker rm $(docker ps -aq)

# 创建
# ##############################################s
#方式1 :从 Docker Hub 获取已有镜像并更新
#2 启动容器
$ docker run -t -i training/sinatra /bin/bash
$ docker run -it ubuntu bash
#2 安装应用:在容器中添加 json 应用
$ gem install json
//#2 退出容器 
//# $ exit #退出时关闭容器
//# #2 启动容器
//$ docker run -d training/sinatra /bin/bash
#2 退出容器 
$ Ctrl+P+Q #退出时不关容器
#2 查看容器
$ docker ps
#2 提交更新
#3 语法: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
#3 描述:Create a new image from a container's changes
#3 参数:
#4 镜像作者:-a(--author)
#4 配置文件:-c( --change)
#4 注释信息:-m(--message)
#4 退出容器:-p( --pause)
$ docker commit -m "Added json gem" -a "Docker Newbee" 2d3c7afae625 ouruser/sinatra:v2
#2 查看镜像:验证是否成功
$ docker images
# ##############################################e
# ##############################################s
#方式2 :本地制作一个

# 制作
#2 准备内容:dockerfile
# vim Dockerfile 
FROM apachephp:v1  #声明基础镜像来源
MAINTAINER DTSTACK #声明镜像的拥有者
RUN mkdir /dtstact #容器运行前执命令
 # 由于Dockerfile文件不能超过127行,因此当命令较多时建议写到脚本中执行
ENTRYPOINT ping www.aliyun.com #开机启动命令,此处最后一个命令需要是可在前台持续执行的命令,否则容器后台运行时会因为命令执行完而退出。

#2 构建镜像
#3 语法: docker build [OPTIONS] PATH | URL | -
#3 描述:Build an image from a Dockerfile
#3 参数:
#4 域名映射:--add-host list           Add a custom host-to-IP mapping (host:ip)
#4 构时变量:--build-arg list          Set build-time variables
#4 缓存位置:--cache-from strings      Images to consider as cache sources
#4 内容压缩:--compress                Compress the build context using gzip
#4 跳过验证:--disable-content-trust   Skip image verification (default true)
#4 配置文件:-f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
#4 移除容器:--force-rm                Always remove intermediate containers
#4 编号文件: --iidfile string          Write the image ID to the file
#4 设置标签:--label list              Set metadata for an image
#4 内存限制:  -m, --memory bytes            Memory limit
#4 限内开关:--memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
#4 网络模式: --network string          Set the networking mode for the RUN instructions during build (default "default")
#4 关闭缓存:--no-cache                Do not use cache when building the image
#4 自动更新:--pull                    Always attempt to pull a newer version of the image
#4 移除容器:--rm                      Remove intermediate containers after a successful build (default true)
#4 安全选项:--security-opt strings    Security options
#4 指定标签:-t, --tag list                Name and optionally a tag in the 'name:tag' format
#4 指定阶段:--target string           Set the target build stage to build
$ docker build -t webcentos:v1 .   # . 是Dockerfile文件的路径,不能忽略
$ docker images                    #查看是否创建成功
$ docker run –d webcentos:v1       #后台运行容器
$ docker ps                        #查看当前运行中的容器
$ docker ps –a                     #查看所有容器,包括未运行中的
$ docker logs CONTAINER ID/IMAGE   #如未查看到刚才运行的容器,则用容器id或者名字查看启动日志排错
$ docker commit fb2844b6c070 dtstackweb:v1 #commit 后接容器id 和构建新镜像的名称和版本号。
$ docker images                    #列出本地(已下载的和本地创建的)镜像
$ docker push                      #将镜像推送至远程仓库,默认为 Docker Hub

#2 传到仓库:registry
docker login --username=dtstack_plus registry.cn-shanghai.aliyuncs.com #执行后输入镜像仓库密码
docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
docker push registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
# ##############################################e
# ##############################################s
#方式3 :从本地导入一个
# cat ubuntu-14.04-x86_64-minimal.tar.gz  |docker import - ubuntu:14.04
# docker images

# 存出:从本地仓库导出镜像到本地文件
# docker save -o ubuntu_14.04.tar ubuntu:14.04

# 载入:从本地文件导入镜像到本地仓库
# docker load --input ubuntu_14.04.tar
# 或
# udo docker load < ubuntu_14.04.tar

# 内核
#2 帮助:docker image --help
#2 语法:docker image COMMAND
#2 命令:
#3 从配构建
 # build       Build an image from a Dockerfile
#3 查看历史
 # history     Show the history of an image
#3 导入创建
 # import      Import the contents from a tarball to create a filesystem image

#3 载入
  load        Load an image from a tar archive or STDIN
#3 列出
  ls          List images
  inspect     Display detailed information on one or more images
#3 下载
  pull        Pull an image or a repository from a registry
#3 上传
  push        Push an image or a repository to a registry
#3 删除
#4 指定镜像
  rm          Remove one or more images
#4 删除未用
  prune       Remove unused images
#4 保存
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
#4 标签
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

Run 'docker image COMMAND --help' for more information on a command.

# 遇到问题
# 问题:删除镜像时提示image has dependent child images 错误
# 解决:docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
# 参考:https://blog.csdn.net/maxwell/article/details/78941552

容器管理

# 创建
#2 语法:docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Create a new container
#2 参数:
#3 域名映射: --add-host list                  Add a custom host-to-IP mapping (host:ip)
#3 绑入出错:-a, --attach list                    Attach to STDIN, STDOUT or STDERR
#3 添系兼容: --cap-add list                   Add Linux capabilities
#3 移系兼容: --cap-drop list                  Drop Linux capabilities
#3 编号文件:--cidfile string                 Write the container ID to the file
#3 添加主机:--device list                    Add a host device to the container
#3 限读频率:--device-read-bps list           Limit read rate (bytes per second) from a device (default [])
#3 限读频率:--device-read-iops list          Limit read rate (IO per second) from a device (default [])
#3 限写频率:--device-write-bps list          Limit write rate (bytes per second) to a device (default [])
#3 限写频率:--device-write-iops list         Limit write rate (IO per second) to a device (default [])
#3 跳过验证:--disable-content-trust          Skip image verification (default true)
#3 域名解服:--dns list                       Set custom DNS servers
#3 域名解参:--dns-option list                Set DNS options
#3 域名解域:--dns-search list                Set custom DNS search domains
#3 镜像入口:--entrypoint string              Overwrite the default ENTRYPOINT of the image
#3 环境变量:-e, --env list                       Set environment variables
#3 环境变量:--env-file list                  Read in a file of environment variables
#3 暴露端口:--expose list                    Expose a port or a range of ports
#3 添加群组:--group-add list                 Add additional groups to join
#3 健康检查:--health-cmd string              Command to run to check health
#3 健检周期:--health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
#3 健检通知:--health-retries int             Consecutive failures needed to report unhealthy
#3 健检通知: --health-start-period duration   Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
#3 健检超时:--health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
#3 主机名字:-h, --hostname string                Container host name
#3 容初始化:Run an init inside the container that forwards signals and reaps processes
#3 绑定输入:-i, --interactive                    Keep STDIN open even if not attached
# 主机地址:--ip string                      IPv4 address (e.g., 172.30.100.104)
# 主机地址:--ip6 string                     IPv6 address (e.g., 2001:db8::33)
--ipc string                     IPC mode to use
# 容器隔离:--isolation string               Container isolation technology
# 缓存限制:--kernel-memory bytes            Kernel memory limit
# 容器标签:-l, --label list                     Set meta data on a container
# 标签文件:--label-file list                Read in a line delimited file of labels
# 容器互联:--link list                      Add link to another container
# 容器互联:--link-local-ip list             Container IPv4/IPv6 link-local addresses
# 日志驱动:--log-driver string              Logging driver for the container
# 日驱选项:--log-opt list                   Log driver options
# 机器地址:--mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
# 缓存限制:--memory bytes                   Memory limit
# 缓存限制:--memory-reservation bytes       Memory soft limit
# 缓存限制:--memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
# 缓存限制:--memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
# 文件挂载:--mount mount                    Attach a filesystem mount to the container
# 容器名字:--name string                    Assign a name to the container
# 连接网络:--network string                 Connect a container to a network (default "default")
# 网络别名:--network-alias list             Add network-scoped alias for the container
# 健检关闭:--no-healthcheck                 Disable any container-specified HEALTHCHECK
--oom-kill-disable               Disable OOM Killer
--oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
# 容编前缀:--pid string                     PID namespace to use
# 容编限制:--pids-limit int                 Tune container pids limit (set -1 for unlimited)
# 扩展权限:--privileged                     Give extended privileges to this container
# 给主容端:-p, --publish list                   Publish a container's port(s) to the host
# 给主容端:-P, --publish-all                    Publish all exposed ports to random ports
# 文件只读:--read-only                      Mount the container's root filesystem as read only
# 重启策略:--restart string                 Restart policy to apply when a container exits (default "no")
# 退出删容:--rm                             Automatically remove the container when it exits
# 缓存目录:--runtime string                 Runtime to use for this container
# 安全选项:--security-opt list              Security Options
--shm-size bytes                 Size of /dev/shm
# 关容信号:--stop-signal string             Signal to stop a container (default "SIGTERM")
# 关容超时:--stop-timeout int               Timeout (in seconds) to stop a container
# 存驱选项:--storage-opt list               Storage driver options for the container
--sysctl map                     Sysctl options (default map[])
# 挂载目录:--tmpfs list                     Mount a tmpfs directory
-t, --tty                            Allocate a pseudo-TTY
# 非限列表:--ulimit ulimit                  Ulimit options (default [])
# 用户标识:-u, --user string                    Username or UID (format: [:])
# 用户名缀: --userns string                  User namespace to use
--uts string                     UTS namespace to use
# 绑数据卷:-v, --volume list                    Bind mount a volume
# 数卷驱动:--volume-driver string           Optional volume driver for the container
# 绑数据卷:--volumes-from list              Mount volumes from the specified container(s)
# 工作目录:-w, --workdir string                 Working directory inside the container
$ docker images
# 用仓库+标签确定镜像
$ docker create -it --name centos6_container centos:centos6
# docker create -it --name centos6_container 6a77ab6655b9 bash
$ docker ps -a
# 创数据卷+挂载目录+指定名字
docker create -it --name centos6_container -v /src/webapp:/opt/webapp centos:centos6


# 启动
#2 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Start one or more stopped containers
#2 参数:
#3 绑定输出:-a
#3 覆拆卸钥: --detach-keys string
#3 绑定输入:-i
$ docker start apache
$ docker start ubuntu
$ docker start ubuntu -i


# 进入
#2 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#2 描述:Run a command in a running container
 -d, --detach               Detached mode: run command in the background
      --detach-keys string   Override the key sequence for detaching a container
  -e, --env list             Set environment variables
  -i, --interactive          Keep STDIN open even if not attached
      --privileged           Give extended privileges to the command
  -t, --tty                  Allocate a pseudo-TTY
  -u, --user string          Username or UID (format: [:])
  -w, --workdir string       Working directory inside the container


# 进入
#2 方式1:关闭的容器
#3 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#3 描述:Start one or more stopped containers

#2 方式2:运行中容器
#3 语法:docker attach [OPTIONS] CONTAINER
#3 描述:Attach local standard input, output, and error streams to a running container
#3 参数:
#4 莫绑输入: --no-stdin
#4 覆拆卸钥: --detach-keys string
#4 代理信号:--sig-proxy
$ docker attach apache
#2 方式3:运行中容器
#3 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#3 描述:Run a command in a running container
#3 参数:

#4 示例:docker container attach $(docker ps -l --format=' {{.ID}}')

# 退出
#2 方式1:关闭容器
$ exit 
#2 方式2:不关容器
$ Ctrl+P+Q

# 停止
#2 语法:docker stop [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Stop one or more running containers
#2 参数
#3 延迟几秒:-t int
$ docker stop apache
$ docker stop ubuntu -t 15

#2 语法:docker kill [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Kill one or more running containers
#2 参数:
#3 发送信号:-s string

# 移除
#2 语法:docker rm [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Remove one or more containers
#2 参数:
#3 强制删除:-f
#3 删数链接:-l
#3 删数据卷:-v
#2 停止状态
$ docker rm apache
#2 运行状态
$ docker rm -f apache
$ docker rm -f ubuntu
$ docker rm -f 2d3c7afae625 


# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/enter.html

# 导出(备份)
#2 语法: docker export [OPTIONS] CONTAINER
#2 描述:Export a container's filesystem as a tar archive
#2 参数:
#3 文件名字:-o string
$ docker export apache > ubuntu.tar
$ docker export apache -o ubuntu.tar

# 导入(恢复)
#2 语法:docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
#2 描述:Import the contents from a tarball to create a filesystem image
#2 参数:
#3 配置文件:-c, --change list      Apply Dockerfile instruction to the created image
 #3 注释信息:-m, --message string   Set commit message for imported image
$ cat ubuntu.tar | sudo docker import - test/ubuntu:v1.0


# 运行
#2 语法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Run a command in a new container
#2 参数:
#3 后台运行:-d
#3 端口映射:-p
#3 环境变量:-e
#3 缓存大小:-m
#3 交互终端:-it
#3 主机名字:-h
#3 退出关闭:-rm
#3 工作目录:-w
#3 容器名字:--name
# 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
$ docker run -d --name ubuntu 9b9cb95443b5 bash
$ docker run -it ubuntu 9b9cb95443b5 bash


# 查看
# 容器列表
#2 语法: docker ps [OPTIONS]
#2 描述:List containers
#2 参数:
#3 显示所有:-a
#3 条件过滤:-f
#3 美化输出:--format
#3 最新几条:-n
#3 最新一条:-l
#3 不截输出:--no-trunc
#3 仅显编号:-q
#3 显示大小:-s
$ docker ps
$ docker ps -n 5
$ docker ps -l
$ docker ps --no-trunc
$ docker ps -q
$ docker ps -s


#2 流的状态
#3 语法:docker stats [OPTIONS] [CONTAINER...]
#3 描述:Display a live stream of container(s) resource usage statistics
#3 参数:


#2 端口列表
#3 语法:docker port CONTAINER [PRIVATE_PORT[/PROTO]]
#3 描述:List port mappings or a specific mapping for the container
$ docker port 0fb4a58d3982 #?
$ docker port apache #?
$ docker port ubuntu

#2 容器日志
#3 语法: docker logs [OPTIONS] CONTAINER
#3 描述:Fetch the logs of a container
#3 参数:
#4 内容细节:--details
#4 按照日志:-f
#4 从某时起:--since string
#4 最后几行:--tail string
#4 显示时间:-t
#4 在某时前:--until string
$ docker logs -f apache
$ docker logs 2d3c7afae625
$ docker logs ubuntu

#2 底层信息
#3 语法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#3 描述:Return low-level information on Docker objects
#3 参数:
#4 美化输出:-f string
#4 显示大小:-c
#4 指定格式:--type string
$ docker inspect apache
$ docker inspect ubuntu

#2 列出进程
#3 语法: docker top CONTAINER [ps OPTIONS]
#3 描述:Display the running processes of a container

#2 文件差异
#3 语法: docker diff CONTAINER
#3 描述:Inspect changes to files or directories on a container's 

# 修改
# 重新命名
#2 语法:docker rename CONTAINER NEW_NAME
#2 描述:Rename a container

# 重新启动
#2 语法: docker restart [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Restart one or more containers
#2 参数:
#3 延迟几秒:-t int


# 暂停进程
#2 语法: docker pause CONTAINER [CONTAINER...]
#2 描述:Pause all processes within one or more containers

# 启动进程
#2 语法:docker unpause CONTAINER [CONTAINER...]
#2 描述:Unpause all processes within one or more containers


# 更新配置
#2 语法:docker update [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Update configuration of one or more containers
#2 参数:
      --blkio-weight uint16        Block IO (relative weight), between 10 and 1000, or 0 to disable
                                   (default 0)
      --cpu-period int             Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int              Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int          Limit the CPU real-time period in microseconds
      --cpu-rt-runtime int         Limit the CPU real-time runtime in microseconds
  -c, --cpu-shares int             CPU shares (relative weight)
      --cpus decimal               Number of CPUs
      --cpuset-cpus string         CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string         MEMs in which to allow execution (0-3, 0,1)
      --kernel-memory bytes        Kernel memory limit
  -m, --memory bytes               Memory limit
      --memory-reservation bytes   Memory soft limit
      --memory-swap bytes          Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --restart string             Restart policy to apply when a container exits

##################################s
# 使用容器制作镜像
# steps-01:进入容器
#2 交互终端
$ docker run –ti e121d5f99e1e /bin/bash
#2 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
#2 正在运行
$ docker exec -ti apache /bin/bash

# steps-02:修改容器

# steps-03:创建镜像
#2 将容器做成镜像
# 语法:docker commit containerID/containerName  newImageName:tag
# 描述:Create a new image from a container's changes
# 参数:
# 镜像作者: -a, --author string    Author (e.g., "John Hannibal Smith ")
# 配置文件: -c, --change list      Apply Dockerfile instruction to the created image
# 注释备注: -m, --message string   Commit message
# 暂停进程:-p, --pause            Pause container during commit (default true)
# 示例:
$ docker commit 4c8066cd8c01 apachephp:v1

# 参考:https://www.cnblogs.com/SzeCheng/p/6822905.html

仓库管理

# 官方仓库(公共仓库)
#2 注册
#3 语法:docker login [OPTIONS] [SERVER]
#3 参数:
#4 指定密码:-p string
#4 指定账户:-u string
#4 输入输密:--password-stdin
#3 注册成功后,本地用户目录的 .dockercfg 中将保存用户的认证信息。
$ docker login


#2 登录
$ docker login

#2 注销
#3 语法:docker logout [SERVER]
$ docker logout

# 基本操作
#2 搜索
$ sudo docker search centos
#2 下载
$ sudo docker pull centos
#2 上传
$ docker push

# 自动创建

# 基础镜像:由 Docker 公司创建、验证、支持、提供。这样的镜像往往使用单个单词作为名字。
# 用户镜像:由 Docker 的用户创建并维护的,往往带有用户名称前缀。比如 tianon/centos 镜像

# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dockerhub.html

# 私有仓库
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html

# 配置文件


搭建私库

# 搭建(服务器)
#2 安装镜像:docker-registry
#2 运行容器: docker-registry
docker run -d -p 5000:5000 registry
#3 指定配置文件的位置:
-v /home/user/registry-conf:/registry-conf
#3 指定上传镜像的存放目录:
-v /opt/data/registry:/tmp/registry


# 使用(客户端)
# 安装软件
$ sudo yum install -y python-devel libevent-devel python-pip gcc xz-devel
$ sudo python-pip install docker-registry
# 修改配置
$ cp config/config_sample.yml config/config.yml
# 启动容器
$ sudo gunicorn -c contrib/gunicorn.py docker_registry.wsgi:application
# 验证查看
$ curl ...

# 搜索镜像
$ docker images
$ docker tag ba58 192.168.7.26:5000/test

# 上传镜像
$ docker push 192.168.7.26:5000/test

# 下载镜像
$ docker pull 192.168.7.26:5000/test

# 查看镜像
$ curl http://192.168.7.26:5000/v1/search

# 批量上传
$ wget https://github.com/yeasy/docker_practice/raw/master/_local/push_images.sh; sudo chmod a+x push_images.sh
$ ./push_images.sh ubuntu:latest centos:centos7


# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/local_repo.html

配置文件


参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/config.html

管数据卷

# 用途
1. 绕过“拷贝写”系统,以达到本地磁盘IO的性能,(比如运行一个容器,在容器中对数据卷修改内容,会直接改变宿主机上的数据卷中的内容,所以是本地磁盘IO的性能,而不是先在容器中写一份,最后还要将容器中的修改的内容拷贝出来进行同步。) 
2. 绕过“拷贝写”系统,有些文件不需要在docker commit打包进镜像文件。 
3. 在多个容器之间共享目录 :使用数据卷容器
4. 在宿主和容器间共享目录 
5. 在宿主和容器间共享文件


# 创建
# 语法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 方式1:使用 -v 标记
# docker run -d -P --name web -v /webapp training/webapp python app.py
#3 create a container
$ docker images
$ docker run --name data -v /opt/data -t -i docker.io/ubuntu /bin/bash

#3 do in container
$ cd /opt/data
$ ls
$ echo "123" > 123
$ echo "123123" > 123123
$ ls

#3 do in the vm 
# $ exit #退出时关闭容器
$ Ctrl+P+Q #退出时不关容器
$ docker ps
$ docker inspect data|grep /var/lib/docker/volumes
$ sudo ls /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data
$ sudo su
$ echo "asdhfjashdfjk" >> /mnt/sda1/var/lib/docker/volumes/5887b7a4de662e531b6bdc32aa4a69a90fc841199133b3dd00315cb9b87f08b3/_data/123

#3 do in container
# $ docker start -i data #exit时用
$ docker attach data
$ ls /opt/data
$ cat /opt/data/123

#2 方式2:也可在 Dockerfile 中使用 VOLUME 
# 添加一个或者多个新的卷到由该镜像创建的任意容器

# 挂载
# 挂载目录:-v
# docker run -d -P --name web -v /src/webapp:/opt/webapp training/webapp python app.py
# 指定权限::ro
#2 只读::ro
# docker run -d -P --name web -v /src/webapp:/opt/webapp:ro training/webapp python app.py
#2 读写:

# 挂载文件:-v
# docker run --rm -it -v ~/.bash_history:/.bash_history ubuntu /bin/bash
# 后台运行:-d
# 端口映射:-p
# 环境变量:-v
# 缓存大小:-m
# 交互终端:-it
# 主机名字:-h
# 退出关闭:-rm
# 工作目录:-w
# 容器名字:--name

# 备份
# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
# tar /backup/backup.tar (待查看命令)

# 恢复
# docker run -v /dbdata --name dbdata2 ubuntu /bin/bash
# docker run --volumes-from dbdata2 -v $(pwd):/backup busybox tar xvf
/backup/backup.tar

# 迁移

# 查看
#2 语法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#2 语法:grep [-HhnlLoqvsriwFE] [-m N] [-A/B/C N] PATTERN/-e PATTERN.../-f FILE [FILE]..
# docker inspect data|grep /var/lib/docker/volumes

# 删除
# 方式1:删除容器时
# docker rm -v
# 方式2:运行容器时
# docker run --rm

# 创建数据卷容器
# docker run -d -v /dbdata --name dbdata training/postgres echo Data-only container for postgres

# 使用数据卷容器
# docker run -d --volumes-from dbdata --name db1 training/postgres

# 参考:https://www.cnblogs.com/kevingrace/p/6238195.html
# https://blog.csdn.net/u013246898/article/details/53133220
# https://www.cnblogs.com/sawyerlsy/p/7273161.html

访问控制

# 容器访问外部网络:'端口映射'
#2 前提条件
#3 需要本地系统的转发支持
#4 查防火墙
$ sudo sysctl net.ipv4.ip_forward
#4 开防火墙
$ sudo sysctl -w net.ipv4.ip_forward=1
#2 简单示例
$ sudo docker run -d -P training/webapp python app.py
$ sudo docker ps -l
$ sudo docker logs -f nostalgic_boyd

# 默认协议所有地址随机端口
sudo docker run -d -P training/webapp python app.py
# 默认协议所有地址指定端口
$ sudo docker run -d -p 5000:5000 training/webapp python app.py
# 默认协议指定地址随机端口
$ sudo docker run -d -p 127.0.0.1::5000 training/webapp python app.py
# 默认协议指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000 training/webapp python app.py
# 指定协议指定地址指定端口
$ sudo docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py
# 标记多个地址或者多个端口
$ sudo docker run -d -p 5000:5000  -p 3000:80 training/webapp python app.py
# 查看本地与容器的端口映射
$ docker port nostalgic_boyd 5000

# 备注:容器有自己的内部网络和 ip 地址
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/port_mapping.html


# 各个容器之间访问:容器互联
#2 前提条件
#3 容器的网络拓扑是否已经互联。默认情况下,所有容器都会被连接到 docker0 网桥上
#3 需要本地系统的转发支持
#2 简单示例
#3 建数据库容器
$ sudo docker run -d --name db training/postgres
#3 删除网页容器
$ docker rm -f web
#3 创建网页容器+建立容器链接
$ sudo docker run -d -P --name web --link db:db training/webapp python app.py
#3 查看容器连接
$ docker ps

#3 查看容器环境变量:通过env命令
$ sudo docker run --rm --name web2 --link db:db training/webapp env
#3 查看容器环境变量:通过hosts文件
 cat /etc/hosts

# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/linking.html

https://blog.csdn.net/ynhzdxc/article/details/70536695
https://blog.csdn.net/fighterandknight/article/details/72513814

# 访问所有端口切换
# --icc=true
# 或在 /etc/default/docker 文件中配置 DOCKER_OPTS=--icc=true


# 设置访问指定端口

端口映射

# 容器访问外部实现
# 注释:容器所有到外部网络的连接,源地址都会被NAT成本地系统的IP地址。
# 注释:这是使用 iptables 的源地址伪装操作实现的。
# 查看主机的 NAT 规则
$ sudo iptables -t nat -nL

# 外部访问容器实现
# 在 docker run 时候通过 -p 或 -P 参数来启用

#2 查看主机的 NAT 规则
$ sudo iptables -t nat -nL


#2 指定端口

#2 指定地址:-p IP:host_port:container_port

# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/con_port_mapping.html

域名管理

# 语法: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
# 主机名字
# -h HOSTNAME or --hostname=HOSTNAME
# 注释:设定容器的主机名字,它会被写到容器内的 /etc/hostname 和 /etc/hosts。

# 主机别名
# --link=CONTAINER_NAME:ALIAS
# 情景:在创建容器的时候,添加一个其他容器的主机别名到 /etc/hosts 文件中
# 让新容器的进程可以使用主机别名 ALIAS 就可以连接它。

# 指定容器dns服务器地址
# --dns=IP_ADDRESS
# 情景:添加 DNS 服务器地址到容器的 /etc/resolv.conf 中,让容器用这个服务器来解析所有不在 /etc/hosts 中的主机名。

# 设定某容器的dns搜索域
# --dns-search=DOMAIN

# 容器默认的dsn配置文件
# 如果没有指定容器的dns配置,Docker 会默认用主机上的 /etc/resolv.conf 来配置容器。
# 情景:宿主主机 DNS 信息发生更新后,所有 Docker 容器的 dns 配置通过 /etc/resolv.conf 文件立刻得到更新。

# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/dns.html

网桥管理

############################默认网桥
# 创建
# Docker 服务默认会创建一个 docker0 网桥(其上有一个 docker0 内部接口),
# 它在内核层连通了其他的物理或虚拟网卡,
# 这就将所有容器和本地主机都放到同一个物理网络。

--bip=CIDR -- IP 地址加掩码格式
--mtu=BYTES -- 接口允许接收的最大传输单元

# 查看
sudo brctl show
# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/docker0.html

############################自定网桥
# 删除
$ sudo service docker stop
$ sudo ip link set dev docker0 down
$ sudo brctl delbr docker0

# 创建
$ sudo brctl addbr bridge0
$ sudo ip addr add 192.168.5.1/24 dev bridge0
$ sudo ip link set dev bridge0 up
$ ip addr show bridge0 # 查看确认

# 配置:docker服务
echo 'DOCKER_OPTS="-b=bridge0"' >> /etc/default/docker
# 启动:docker服务
sudo service docker star

# 知识储备:
# 查看桥接信息
brctl show
# 查看ip地址配置
ip addr
# 查看ip路由信息
ip route

# 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/bridge.html

############################自定网桥:win7环境
网络流转:win7->宿主机->容器

# 参考:https://blog.csdn.net/ynhzdxc/article/details/70536695

https://blog.csdn.net/qq_29245097/article/details/52996911

http://wiki.jikexueyuan.com/project/docker-technology-and-combat/pull.html

https://www.cnblogs.com/Leo_wl/p/5955414.html

https://www.cnblogs.com/SzeCheng/p/6822905.html

查看帮助

# docker

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default
                           "/home/docker/.docker")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level
                           ("debug"|"info"|"warn"|"error"|"fatal")
                           (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default
                           "/home/docker/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default
                           "/home/docker/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default
                           "/home/docker/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  config      Manage Docker configs
  container   Manage containers
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command

版本信息


# docker@default:~$ docker version
Client:
 Version:           18.06.0-ce
 API version:       1.38
 Go version:        go1.10.3
 Git commit:        0ffa825
 Built:             Wed Jul 18 19:04:39 2018
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          18.06.0-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       0ffa825
  Built:            Wed Jul 18 19:13:39 2018
  OS/Arch:          linux/amd64
  Experimental:     false

信息状态

$ docker inspect ubuntu
[
    {
        "Id": "68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c",
        "Created": "2018-07-29T14:29:11.525395261Z",
        "Path": "/bin/bash",
        "Args": [],
        "State": {
            "Status": "exited",
            "Running": false,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 0,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2018-07-29T14:29:12.520176898Z",
            "FinishedAt": "2018-07-29T14:29:12.905744977Z"
        },
        "Image": "sha256:9b9cb95443b5f846cd3c8cfa3f64e63b6ba68de2618a08875a119c81a8f96698",
        "ResolvConfPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/resolv.conf",
        "HostnamePath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hostname",
        "HostsPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/hosts",
        "LogPath": "/mnt/sda1/var/lib/docker/containers/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c/68550c2b2628204fd7c2b71c6cf1210a75023830af541a30381a7c736e390c9c-json.log",
        "Name": "/ubuntu",
        "RestartCount": 0,
        "Driver": "aufs",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "default",
            "PortBindings": {},
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "CapAdd": null,
            "CapDrop": null,
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "shareable",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "ConsoleSize": [
                0,
                0
            ],
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": null,
            "BlkioDeviceWriteBps": null,
            "BlkioDeviceReadIOps": null,
            "BlkioDeviceWriteIOps": null,
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DiskQuota": 0,
            "KernelMemory": 0,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": false,
            "PidsLimit": 0,
            "Ulimits": null,
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/acpi",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware"
            ],
            "ReadonlyPaths": [
                "/proc/asound",
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": null,
            "Name": "aufs"
        },
        "Mounts": [],
        "Config": {
            "Hostname": "68550c2b2628",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/bash"
            ],
            "ArgsEscaped": true,
            "Image": "9b9cb95443b5",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "c67f46813c6e71b611a812cd3e7c06127f2a288fb83f085f11e869cfd8b680b6",
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "Ports": {},
            "SandboxKey": "/var/run/docker/netns/c67f46813c6e",
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "",
            "Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "",
            "IPPrefixLen": 0,
            "IPv6Gateway": "",
            "MacAddress": "",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "99c7a9910a515a5f3889ebbc9f99078399728cf8b12d79ec26e9e91c4dfb5e7f",
                    "EndpointID": "",
                    "Gateway": "",
                    "IPAddress": "",
                    "IPPrefixLen": 0,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "",
                    "DriverOpts": null
                }
            }
        }
    }
]

全局信息

# 查看
$ docker info

# 容器
# 容器数量
Containers: 1
# 正在运行
 Running: 1
# 正在暂停
 Paused: 0
# 已经停止
 Stopped: 0

# 镜像
# 镜像数量
Images: 6
# 主机
# 主机版本
Server Version: 18.06.0-ce

# 驱动
# 驱动类型
Storage Driver: aufs
# 其根目录
 Root Dir: /mnt/sda1/var/lib/docker/aufs
# 后台系统
 Backing Filesystem: extfs
# 目录数量
 Dirs: 28
# 目录权限
 Dirperm1 Supported: true

# 日志驱动
Logging Driver: json-file

# 群组驱动
Cgroup Driver: cgroupfs

# 关于插件
Plugins:
#其数据卷
 Volume: local
# 网络
 Network: bridge host macvlan null overlay
# 日志
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
# 集群
Swarm: inactive
# 缓存
Runtimes: runc
Default Runtime: runc
# 初始
Init Binary: docker-init
containerd version: d64c661f1d51c48782c9cec8fda7604785f93587
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683

# 安全选项
Security Options:
 seccomp
  Profile: default
# 
Kernel Version: 4.9.93-boot2docker
# 操作系统
Operating System: Boot2Docker 18.06.0-ce (TCL 8.2.1); HEAD : 1f40eb2 - Thu Jul 19 18:48:09 UTC 2018
# 系统类型
OSType: linux
# 特性
Architecture: x86_64
# 内核数量
CPUs: 1
Total Memory: 995.6MiB
# 用户名字
Name: default
ID: UL72:EAQP:IIPC:XM3R:7CEB:FOAP:LXPL:SZAS:NLZ5:OXOT:YTGW:6N4K
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
 provider=virtualbox
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

帮助

配置管理

Usage:  docker config COMMAND

Manage Docker configs

Commands:
  create      Create a config from a file or STDIN
  inspect     Display detailed information on one or more configs
  ls          List configs
  rm          Remove one or more configs

Run 'docker config COMMAND --help' for more information on a command.

# 创建
Usage:  docker config create [OPTIONS] CONFIG file|-

Create a config from a file or STDIN

Options:
  -l, --label list               Config labels
      --template-driver string   Template driver

# 查看
#2 列出文件
Usage:  docker config ls [OPTIONS]

List configs

Aliases:
  ls, list

Options:
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print configs using a Go template
  -q, --quiet           Only display IDs

#2 显示详情
Usage:  docker config inspect [OPTIONS] CONFIG [CONFIG...]

Display detailed information on one or more configs

Options:
  -f, --format string   Format the output using the given Go template
      --pretty          Print the information in a human friendly format

# 移除
Usage:  docker config rm CONFIG [CONFIG...]

Remove one or more configs

Aliases:
  rm, remove

容器管理

Usage:  docker container COMMAND

Manage containers

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  inspect     Display detailed information on one or more containers
  kill        Kill one or more running containers
  logs        Fetch the logs of a container
  ls          List containers
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  prune       Remove all stopped containers
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  run         Run a command in a new container
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker container COMMAND --help' for more information on a command.

镜像管理

Usage:  docker image COMMAND

Manage images

Commands:
  build       Build an image from a Dockerfile
  history     Show the history of an image
  import      Import the contents from a tarball to create a filesystem image
  inspect     Display detailed information on one or more images
  load        Load an image from a tar archive or STDIN
  ls          List images
  prune       Remove unused images
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rm          Remove one or more images
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

Run 'docker image COMMAND --help' for more information on a command.

网络管理

Usage:  docker network COMMAND

Manage networks

Commands:
  connect     Connect a container to a network
  create      Create a network
  disconnect  Disconnect a container from a network
  inspect     Display detailed information on one or more networks
  ls          List networks
  prune       Remove all unused networks
  rm          Remove one or more networks

Run 'docker network COMMAND --help' for more information on a command.

节点管理

Usage:  docker node COMMAND

Manage Swarm nodes

Commands:
  demote      Demote one or more nodes from manager in the swarm
  inspect     Display detailed information on one or more nodes
  ls          List nodes in the swarm
  promote     Promote one or more nodes to manager in the swarm
  ps          List tasks running on one or more nodes, defaults to current node
  rm          Remove one or more nodes from the swarm
  update      Update a node

Run 'docker node COMMAND --help' for more information on a command.

插件管理

Usage:  docker plugin COMMAND

Manage plugins

Commands:
  create      Create a plugin from a rootfs and configuration. Plugin data directory must contain config.json and rootfs directory.
  disable     Disable a plugin
  enable      Enable a plugin
  inspect     Display detailed information on one or more plugins
  install     Install a plugin
  ls          List plugins
  push        Push a plugin to a registry
  rm          Remove one or more plugins
  set         Change settings for a plugin
  upgrade     Upgrade an existing plugin

Run 'docker plugin COMMAND --help' for more information on a command.

加密管理

Usage:  docker secret COMMAND

Manage Docker secrets

Commands:
  create      Create a secret from a file or STDIN as content
  inspect     Display detailed information on one or more secrets
  ls          List secrets
  rm          Remove one or more secrets

Run 'docker secret COMMAND --help' for more information on a command.

服务管理

Usage:  docker service COMMAND

Manage services

Commands:
  create      Create a new service
  inspect     Display detailed information on one or more services
  logs        Fetch the logs of a service or task
  ls          List services
  ps          List the tasks of one or more services
  rm          Remove one or more services
  rollback    Revert changes to a service's configuration
  scale       Scale one or multiple replicated services
  update      Update a service

Run 'docker service COMMAND --help' for more information on a command.

栈的管理

Usage:  docker stack [OPTIONS] COMMAND

Manage Docker stacks

Options:
      --orchestrator string   Orchestrator to use (swarm|kubernetes|all)

Commands:
  deploy      Deploy a new stack or update an existing stack
  ls          List stacks
  ps          List the tasks in the stack
  rm          Remove one or more stacks
  services    List the services in the stack

Run 'docker stack COMMAND --help' for more information on a command.

集群管理

Usage:  docker swarm COMMAND

Manage Swarm

Commands:
  ca          Display and rotate the root CA
  init        Initialize a swarm
  join        Join a swarm as a node and/or manager
  join-token  Manage join tokens
  leave       Leave the swarm
  unlock      Unlock swarm
  unlock-key  Manage the unlock key
  update      Update the swarm

Run 'docker swarm COMMAND --help' for more information on a command.

系统管理

Usage:  docker system COMMAND

Manage Docker

Commands:
  df          Show docker disk usage
  events      Get real time events from the server
  info        Display system-wide information
  prune       Remove unused data

Run 'docker system COMMAND --help' for more information on a command.

信任管理

Usage:  docker trust COMMAND

Manage trust on Docker images

Management Commands:
  key         Manage keys for signing Docker images
  signer      Manage entities who can sign Docker images

Commands:
  inspect     Return low-level information about keys and signatures
  revoke      Remove trust for an image
  sign        Sign an image

Run 'docker trust COMMAND --help' for more information on a command.

管数据卷

Usage:  docker volume COMMAND

Manage volumes

Commands:
  create      Create a volume
  inspect     Display detailed information on one or more volumes
  ls          List volumes
  prune       Remove all unused local volumes
  rm          Remove one or more volumes

Run 'docker volume COMMAND --help' for more information on a command.

配置文件

# 结构
# 指令:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/instructions.html
# 创建镜像:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/build_image.html

底层实现

# 基本架构:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/arch.html

# 命令空间
#2 参考:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/namespace.html

# 控制小组
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/cgroups.html

# 文件系统
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/ufs.html

# 容器格式
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/container_format.html

# 网络实现
#2 http://wiki.jikexueyuan.com/project/docker-technology-and-combat/network.html

组合项目

# 简介:http://wiki.jikexueyuan.com/project/docker-technology-and-combat/intro.html
#安装
#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/install.html

# 使用
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/usage.html

#命令
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/commands.html

# 配置

#http://wiki.jikexueyuan.com/project/docker-technology-and-combat/yaml_file.html

实例

使用示例

# 前段开发者的docker之旅:nginx
# steps-01:编写 Dockerfile

# steps-02:构建 Docker Image

# steps-03:部署 Docker Image

# 全栈开发者的docker之旅:nodejs

# 后端开发者的docker之旅:nodejs

# 后端开发者的docker之旅:php

# 目录挂载-win7:https://www.cnblogs.com/jinjiangongzuoshi/p/6538321.html

# 搭建开发环境:nodejs
# https://segmentfault.com/a/1190000007955073

# 搭建开发环境:php
# https://segmentfault.com/a/1190000006802383
# https://segmentfault.com/a/1190000013020851

# 搭建开发环境:lnmp
# https://segmentfault.com/a/1190000011908990

# 搭建开发环境:java
# https://segmentfault.com/a/1190000006843830

# 搭建集群环境:ELK
# https://segmentfault.com/a/1190000004411703

# 搭建集群环境:redis
# https://segmentfault.com/a/1190000004353368


# 参考:http://guide.daocloud.io/dcs/hello-docker-9153901.html
# http://guide.daocloud.io/dcs/hello-dockernode-js-9153948.html

你可能感兴趣的:(使用手册-Docker)