docker容器所有操作、创建私有仓库
目录
一、创建容器与运行容器
1、创建容器
2、启动容器(后面加镜像:标签或者唯一ID都可以)
3、容器的运行与终止
4、容器的进入
5、容器的导出与导入
6、容器的删除
7、文件复制
8、查看容器资源使用率
9、查看容器进程状态
10、更新容器配置
二、创建私有仓库
首先我们下载2个镜像
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 89da1fb6dcb9 4 days ago 187 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
一、创建容器与运行容器
1、创建容器
命令格式:docker create [选项]… 镜像运行的程序
常用选项:
- -i 让容器的输入保持打开
- -t 让Docker 分配一个伪终端
- -d 守护进程形式运行
[root@docker ~]# docker create -it centos /bin/bash
6378f7d6b7b64647b298aa1e0f449008b9f16aa33102ef04eb0207b5345b9a44
[root@docker ~]# docker create -it nginx /bin/bash
95a23b8b40db774871a0fb11622d8f4dd6fbbb0a2dffff250a0e8f3e25fbbe33
使用docker create 命令创建新容器后会返回一个唯一的ID。
可以使用docker ps 命令来查看所有容器的运行状态。添加-a 选项可以列出系统中所有容器状态。
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
95a23b8b40db nginx "/docker-entrypoin..." About a minute ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" About a minute ago Created
2、启动容器(后面加镜像:标签或者唯一ID都可以)
[root@docker ~]# docker start 63
63
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6378f7d6b7b6 centos "/bin/bash" 5 minutes ago Up 18 seconds pensive_ramanujan
容器启动后,可以看到容器状态一栏已经变为UP,表示容器已经处于启动状态。如果用户想创建并启动容器,可以直接执行docker run 命令,等同于先执行docker create 命令,再执行docker start 命令。需要注意只要后面的命令运行结束,容器就会停止。
当利用docker run 来创建容器时,Docker 在后台的标准运行过程是这样的:检查本地是否存在指定的镜像,当镜像不存在时,会从公有仓库下载;利用镜像创建并启动一个容器;分配一个文件系统给容器,在只读的镜像层外面挂载一层可读写层;从宿主主机配置的网桥接口中桥接一个虚拟机接口到容器中;分配一个地址池中的IP 地址给容器;执行用户指定的应用程序;执行完毕后容器被终止运行。
例如,创建容器并启动执行一条shell 命令:
[root@docker ~]# docker run centos /bin/bash -c ls /
bin
dev
etc
home
lib
lib64
lost+found
media
mnt
opt
proc
root
run
sbin
srv
sys
tmp
usr
var
这和在本地直接执行命令几乎没有区别。
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0454f6b4f72a centos "/bin/bash -c ls /" 37 seconds ago Exited (0) 36 seconds ago priceless_allen
95a23b8b40db nginx "/docker-entrypoin..." 8 minutes ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" 8 minutes ago Up 3 minutes pensive_ramanujan
查看容器的运行状态,可以看出容器在执行完”/usr/bin/bash -c ls” 命令之后就停止了。
有时候需要在后台持续的运行这个容器,就需要让docker 容器在守护态形式在后台进行运行。可以在docker run 命令之后添加-d 选项来实现。但是需要注意容器所运行的程序不能结束。
例如,下面的容器会持续在后台进行运行:
[root@docker ~]# docker run -d nginx /bin/bash -c "while true;do echo hello;done"
0dc772fb4b0bf50bb28d24a17bb7292b5fdca65043eac044408d210a55d1da1a
docker ps查看容器,-a 查看所有容器,-q 只查看容器ID
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0dc772fb4b0b nginx "/docker-entrypoin..." About a minute ago Up About a minute 80/tcp sad_lovelace
0454f6b4f72a centos "/bin/bash -c ls /" 5 minutes ago Exited (0) 5 minutes ago priceless_allen
95a23b8b40db nginx "/docker-entrypoin..." 13 minutes ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" 13 minutes ago Up 8 minutes pensive_ramanujan
查看容器的运行状态,可以看出容器始终处于UP,运行状态。
查看容器内的输出
[root@docker ~]# docker logs 0dc
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
hello
3、容器的运行与终止
如果需要终止运行的容器,可以使用docker stop 命令完成。
命令格式:docker stop 容器的ID/名称
[root@docker ~]# docker stop 0dc772
0dc772
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0dc772fb4b0b nginx "/docker-entrypoin..." 5 minutes ago Exited (137) 12 seconds ago sad_lovelace
0454f6b4f72a centos "/bin/bash -c ls /" 10 minutes ago Exited (0) 10 minutes ago priceless_allen
95a23b8b40db nginx "/docker-entrypoin..." 17 minutes ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" 18 minutes ago Up 13 minutes pensive_ramanujan
查看容器的运行状态,可以看出容器处于Exited,终止状态。
4、容器的进入
需要进入容器进行相应操作时,可以使用docker exec 命令或者docker attach命令进入运行着的容器。
命令格式:docker exec -it 容器ID/名称/bin/bash
其中,-i 选项表示让容器的输入保持打开;
-t 选项表示让Docker 分配一个伪终端。
例如:进入正在运行着的容器6378f7d6b7b6:
[root@docker ~]# docker exec -it 6378 /bin/bash
[root@6378f7d6b7b6 /]# exit
exit
用户可以通过所创建的终端来输入命令,通过exit 命令退出容器。
通过Ctrl+pq命令退出容器并保证容器在后台继续运行。
[root@docker ~]# docker exec -it 6378 /bin/bash
[root@6378f7d6b7b6 /]# [root@docker ~]#
5、容器的导出与导入
用户可以将任何一个Docker 容器从一台机器迁移到另一台机器。在迁移过程中,首先需要将已经创建好的容器导出为文件,可以使用docker export 命令实现,无论这个容器是处于运行状态还是停止状态均可导出。导出之后可将导出文件传输到其他机器,通过相应的导入命令实现容器的迁移。
命令格式:docker export 容器ID/名称>文件名
例如,导出6378f7d6b7b6容器到文件centos-exp:
[root@docker ~]# docker run -it centos /bin/bash
[root@f42a370c51a3 /]# touch crushlinux
[root@docker ~]# docker export 6378f7d6b7b6 > centos-exp
[root@docker ~]# ls -l centos-exp
-rw-r--r--. 1 root root 238593536 8月 1 17:07 centos-exp
导出的文件从A 机器拷贝到B 机器,之后使用docker import 命令导入,成为镜像。
命令格式:cat 文件名| docker import – 生成的镜像名称:标签
例如,导入文件centos7.tar成为本地镜像:
[root@docker ~]# cat centos-exp | docker import - centos:exp
sha256:14812a0ba3a67af42fd9e7af600a72648fc2d19267fbdb8696b2e1b4cbc88228
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos exp 14812a0ba3a6 About a minute ago 231 MB
docker.io/nginx latest 89da1fb6dcb9 4 days ago 187 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
6、容器的删除
docker start|stop|restart|kill //运行已停止的容器|停止一个正在运行的容器|重启一个容器|杀死一个正在运行的容器
可以使用docker rm 命令将一个已经终止状态的容器进行删除。
命令格式:docker rm 容器ID/名称
例如,删除ID 号为f42a370c51a3的容器:
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f42a370c51a3 centos "/bin/bash" About an hour ago Exited (127) 28 minutes ago determined_newton
0dc772fb4b0b nginx "/docker-entrypoin..." About an hour ago Exited (137) About an hour ago sad_lovelace
0454f6b4f72a centos "/bin/bash -c ls /" About an hour ago Exited (0) About an hour ago priceless_allen
95a23b8b40db nginx "/docker-entrypoin..." About an hour ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" About an hour ago Up About an hour pensive_ramanujan
[root@docker ~]# docker rm -f f42a370c51a3
f42a370c51a3
如果删除一个正在运行的容器,可以添加-f 选项强制删除,但是建议先将容器停止再做删除操作。
Docker 默认的存储目录为/var/lib/docker,Docker的镜像、容器、日志等内容全部都存储在此,可以单独使用大容量的分区来存储这些内容,并且一般选择建立LVM 逻辑卷。从而避免Docker 运行过程中存储目录容量不足。
7、文件复制
将主机/root/anaconda-ks.cfg目录拷贝到容器6378f7d6b7b6的/tmp目录下
[root@docker ~]# docker cp /root/anaconda-ks.cfg 6378f7d6b7b6:/tmp
[root@docker ~]# docker attach 6378f7d6b7b6
[root@6378f7d6b7b6 /]# ls /tmp
anaconda-ks.cfg ks-script-4luisyla ks-script-o23i7rc2 ks-script-x6ei4wuu
8、查看容器资源使用率
[root@docker ~]# docker stats
9、查看容器进程状态
[root@docker ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
40e239cff508 nginx "/docker-entrypoin..." 3 minutes ago Up 3 minutes 80/tcp agitated_meitner
0dc772fb4b0b nginx "/docker-entrypoin..." About an hour ago Exited (137) About an hour ago sad_lovelace
0454f6b4f72a centos "/bin/bash -c ls /" About an hour ago Exited (0) About an hour ago priceless_allen
95a23b8b40db nginx "/docker-entrypoin..." 2 hours ago Created hopeful_boyd
6378f7d6b7b6 centos "/bin/bash" 2 hours ago Exited (0) 7 minutes ago pensive_ramanujan
[root@docker ~]# docker top 40
UID PID PPID C STIME TTY TIME CMD
root 2913 2897 8 17:28 ? 00:00:15 /bin/bash -c while true;do echo hello;done
10、更新容器配置
--restart=always #在docker服务重启时自动启动容器
[root@docker ~]# docker update --restart=always 40
40
二、创建私有仓库
仓库(Repository)是集中存放镜像的地方。
仓库注册服务器才是存放仓库具体的服务器(Registry),每个服务器上都可以放置多个仓库,而每个仓库下可以放置多个镜像,每个镜像上可以运行多个容器,每个容器上可以跑一个应用或应用组。
仓库自身可以分为:公共仓库和私有仓库
- 官方仓库: http://hub.docker.com
- 国内仓库: http://dl.dockerpool.com
安装docker后,可以通过官方提供的registry镜像部署一套本地的私有仓库环境
[root@docker ~]# mkdir -p /opt/data/registry
[root@docker ~]# docker run -d --restart=always -p 5000:5000 -v /opt/data/registry:/tmp/registry registry
Unable to find image 'registry:latest' locally
Trying to pull repository docker.io/library/registry ...
latest: Pulling from docker.io/library/registry
79e9f2f55bf5: Pull complete
0d96da54f60b: Pull complete
5b27040df4a2: Pull complete
e2ead8259a04: Pull complete
3790aef225b9: Pull complete
Digest: sha256:169211e20e2f2d5d115674681eb79d21a217b296b43374b8e39f97fcf866b375
Status: Downloaded newer image for docker.io/registry:latest
b9c8306a6ef1bb2d64f2e5ff22db5946531077540c280729ca667d4e61f1df0f
[root@docker ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9c8306a6ef1 registry "/entrypoint.sh /e..." 50 seconds ago Up 49 seconds 0.0.0.0:5000->5000/tcp compassionate_yalow
准备测试镜像
[root@docker ~]# docker run -d -p 8000:80 nginx
1842b77d12aba6235f79839d76ab803956e513df4e0282033e46a2478d6d0d4c
[root@docker ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1842b77d12ab nginx "/docker-entrypoin..." 6 seconds ago Up 6 seconds 0.0.0.0:8000->80/tcp nervous_goldstine
[root@docker ~]# docker logs 18
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/08/02 06:01:57 [notice] 1#1: using the "epoll" event method
2023/08/02 06:01:57 [notice] 1#1: nginx/1.21.5
2023/08/02 06:01:57 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2023/08/02 06:01:57 [notice] 1#1: OS: Linux 3.10.0-1160.92.1.el7.x86_64
2023/08/02 06:01:57 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2023/08/02 06:01:57 [notice] 1#1: start worker processes
2023/08/02 06:01:57 [notice] 1#1: start worker process 30
2023/08/02 06:01:57 [notice] 1#1: start worker process 31
将修改过的nginx镜像做标记封装,准备上传到私有仓库
[root@docker ~]# docker tag nginx 192.168.147.136:5000/nginx-test
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.147.136:5000/nginx-test latest 605c77e624dd 19 months ago 141 MB
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/registry latest b8604a3fe854 20 months ago 26.2 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
[root@docker ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":[ "https://nyakyfun.mirror.aliyuncs.com" ],"insecure-registries":["192.168.147.136:5000"]
}
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
将镜像上传到私有仓库
[root@docker ~]# docker push 192.168.147.136:5000/nginx-test
The push refers to a repository [192.168.147.136:5000/nginx-test]
d874fd2bc83b: Pushed
32ce5f6a5106: Pushed
f1db227348d0: Pushed
b8d6e692a25e: Pushed
e379e8aedd4d: Pushed
2edcec3590a4: Pushed
latest: digest: sha256:ee89b00528ff4f02f2405e4ee221743ebc3f8e8dd0bfd5c4c20a2fa2aaa7ede3 size: 1570
从私有仓库中下载镜像到本地
[root@docker ~]# docker rmi 192.168.147.136:5000/nginx-test
Untagged: 192.168.147.136:5000/nginx-test:latest
Untagged: 192.168.147.136:5000/nginx-test@sha256:ee89b00528ff4f02f2405e4ee221743ebc3f8e8dd0bfd5c4c20a2fa2aaa7ede3
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/registry latest b8604a3fe854 20 months ago 26.2 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB
[root@docker ~]# docker pull 192.168.147.136:5000/nginx-test
Using default tag: latest
Trying to pull repository 192.168.147.136:5000/nginx-test ...
latest: Pulling from 192.168.147.136:5000/nginx-test
Digest: sha256:ee89b00528ff4f02f2405e4ee221743ebc3f8e8dd0bfd5c4c20a2fa2aaa7ede3
Status: Downloaded newer image for 192.168.147.136:5000/nginx-test:latest
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.147.136:5000/nginx-test latest 605c77e624dd 19 months ago 141 MB
docker.io/nginx latest 605c77e624dd 19 months ago 141 MB
docker.io/registry latest b8604a3fe854 20 months ago 26.2 MB
docker.io/centos latest 5d0da3dc9764 22 months ago 231 MB