Docker学习(7) Docker容器
Docker容器——简介
- 容器是镜像的运行时实例
- 启动容器使用docker container run 命令
lhf@lhf-virtual-machine:~$ docker container run -it ubuntu /bin/bash
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
22e816666fd6: Pull complete
079b6d2a1e53: Pull complete
11048ebae908: Pull complete
c58094023a2e: Pull complete
Digest: sha256:a7b8b7b33e44b123d7f997bd4d3d0a59fafc63e203d17efedf09ff3f6f516152
Status: Downloaded newer image for ubuntu:latest
root@0cfde51e6cf0:/#
- -it 参数:使当前终端连接到容器的shell终端之上。
- 容器会随着运行应用的退出而终止。
- 启动一个容器并运行sleep命令休眠10秒,然后退出
lhf@lhf-virtual-machine:~$ docker container run alpine:latest sleep 10
- 停止容器:docker container stop
- 开启容器:docker container start
- 杀死容器:docker container rm
Docker容器——详解
容器VS虚拟机
- 虚拟机是占用宿主机的物理资源:如CPU,RAM、存储,将物理资源资源划分为虚拟资源
- 容器:OS占用全部硬件资源,在OS之上,需要安装容器引擎。容器引擎可以获取系统资源:比如进程树、文件系统及网络桟、、
-
- 将系统分割为安全且相互隔离的系统结构,称之为容器。
- 虚拟机:硬件虚拟化——将硬件物理资源划分为虚拟资源
- 容器:操作系统虚拟化——将操作系统资源划分为虚拟资源
虚拟机的额外开销
- 虚拟机模型将底层硬件资源划分为虚拟机当中。每个虚拟机的操作系统都会造成额外的开销。
- 容器模型在宿主操作系统中运行单个内核。——容器与宿主机共享一个操作系统/内核,所有只消耗一个OS的损耗。
检查Docker Daemon
- 登录到docker主机的第一件事情就是检查docker是否正常运行
lhf@lhf-virtual-machine:~$ docker version
Client: Docker Engine - Community
Version: 19.03.4
API version: 1.40
Go version: go1.12.10
Git commit: 9013bf583a
Built: Fri Oct 18 15:53:51 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.4
API version: 1.40 (minimum version 1.12)
Go version: go1.12.10
Git commit: 9013bf583a
Built: Fri Oct 18 15:52:23 2019
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.2.10
GitCommit: b34a5c8af56e510852c35414db4c1f4fa6172339
runc:
Version: 1.0.0-rc8+dev
GitCommit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
docker-init:
Version: 0.18.0
GitCommit: fec3683
- 如果普通用户使用docker遇到权限问题——通过添加docker组解决
-
- usermon -aG docker
- usermon -aG docker
启动一个简单容器
- 启动ubuntu容器
lhf@lhf-virtual-machine:~$ docker container run -it ubuntu:latest /bin/bash
root@931328b30484:/#
- 当输入完命令,敲回车后。docker的运行流程
- Docker客户端选择合适的API来调用docker daemon
- docker daemon接受命令来搜索本地docker缓存,观察是否有命令请求的镜像。
- 一旦镜像拉取到本地,daemon后创建容器并运行指定的应用。
容器进程
- 启动ubuntu容器时,让容器运行Bash Shell (/bin/bash)
- 是Bash Shell 成为ubuntu容器中运行且唯一运行的进程
- 查看进程
root@931328b30484:/# ps -elf
F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD
4 S root 1 0 0 80 0 - 4627 wait 16:49 pts/0 00:00:00 /bin/bash
4 R root 15 1 0 80 0 - 8600 - 16:56 pts/0 00:00:00 ps -elf
容器的生命周期
- 容器可以做持久化数据
- 创建一个名为percy的容器,验证容器持久化
lhf@lhf-virtual-machine:~$ docker container run --name percy -it ubuntu:latest /bin/bash
root@4b56ad9da088:/# cd /tmp
root@4b56ad9da088:/tmp# ls -l
total 0
root@4b56ad9da088:/tmp# echo "docker container run" > newfile
root@4b56ad9da088:/tmp# ls -l
total 4
-rw-r--r-- 1 root root 21 Oct 26 17:01 newfile
root@4b56ad9da088:/tmp# cat newfile
docker container run
- 退出容器并关闭再启动查看
lhf@lhf-virtual-machine:~$ docker container run --name percy -it ubuntu:latest /bin/bash
root@5656283002d8:/# lhf@lhf-virtual-machine:~$
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5656283002d8 ubuntu:latest "/bin/bash" 10 seconds ago Up 9 seconds percy
lhf@lhf-virtual-machine:~$ docker container stop percy
percy
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
lhf@lhf-virtual-machine:~$ docker container start percy
percy
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5656283002d8 ubunt
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5656283002d8 ubuntu:latest "/bin/bash" About a minute ago Up 30 seconds percy
lhf@lhf-virtual-machine:~$ docker container exec -it percy bash
root@5656283002d8:/#
利用重启策略进行容器的自我修复
- 通常运行容器时配置好重启策略—— 可以在指定事件或者错误后来完成自我修复。
- 容器支持的重启策略包括:
-
-
- always
- unless-stopped
- on-failed
-
- always策略:除非容器被明确停止,否则容器会只有重启处于停止状态的容器
lhf@lhf-virtual-machine:~$ docker container run --name neversaydie -it --restart always alpine sh
/ # exit
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d41ee829e5b7 alpine "sh" 15 seconds ago Up 4 seconds neversaydie
- always和unless-stopped最大的区别,就是那些指定了--restart unless-stopped并处与stopped状态的容器,不会再docker daemon重启的时候重启
- on-failes 策略会在退出容器并返回值不是1 的时候重启
Web服务器实例
lhf@lhf-virtual-machine:~$ docker container run -d --name webserver -p 80:8080 nigelpoulton/pluralsight-docker-ci
Unable to find image 'nigelpoulton/pluralsight-docker-ci:latest' locally
latest: Pulling from nigelpoulton/pluralsight-docker-ci
Image docker.io/nigelpoulton/pluralsight-docker-ci:latest uses outdated schema1 manifest format. Please upgrade to a schema2 image for better future compatibility. More information at https://docs.docker.com/registry/spec/deprecated-schema-v1/
a3ed95caeb02: Pull complete
3b231ed5aa2f: Pull complete
7e4f9cd54d46: Pull complete
929432235e51: Pull complete
6899ef41c594: Pull complete
0b38fccd0dab: Pull complete
Digest: sha256:7a6b0125fe7893e70dc63b2c42ad779e5866c6d2779ceb9b12a28e2c38bd8d3d
Status: Downloaded newer image for nigelpoulton/pluralsight-docker-ci:latest
3167e2ac812bcb5d5ba605bd1ebeec9880e4272a8202a3a8ef8680cc3947ab00
lhf@lhf-virtual-machine:~$
-d参数:在后台运行。
-p参数:将docker主机的端口映射到容器内
开启网页查看
7.png
查看容器详情
- 使用命令docker container inspect来查看容器的启动时的应用列表
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3167e2ac812b nigelpoulton/pluralsight-docker-ci "/bin/sh -c 'cd /src…" 5 minutes ago Up 5 minutes 0.0.0.0:80->8080/tcp webserver
lhf@lhf-virtual-machine:~$ docker container inspect 3167e2ac812b
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "e20f36059636d1f85225d1ecc5db1163eea9acca6752b31d02a4f4636b5fad78",
"EndpointID": "f880825948dbbf3b84601603b1d51ae88b2c6343b01bb4a01ab633584a8fac26",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
快速清理
- 快速清理docker主机上全部运行的容器
lhf@lhf-virtual-machine:~$ docker container rm $(docker container ls -aq) -f
3167e2ac812b
lhf@lhf-virtual-machine:~$ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
容器——命令
docker container run:启动rongq
Ctrl-PQ:断开Shell与容器的连接
docker container ls:列出运行状态的容器
docker container exec:允许用户在运行状态的容器,启动一个新的进程。
docker container stop:停止运行中的容器。
docker container start:重启处于停止状态的容器。
docker container rm:删除停止状态的容器。
docker container inspect:显示容器的配置细节和运行时信息。