Docker Remote API配置与使用

Docker Remote API配置与使用

Docker 常见端口

端口 作用
2375 未加密的docker socket,远程root无密码访问主机
2376 tls加密套接字,很可能这是您的CI服务器4243端口作为https 443端口的修改
2377 群集模式套接字,适用于群集管理器,不适用于docker客户端
5000 docker注册服务
4789/7946 覆盖网络

Docker Remote API开启

  • “unix:///var/run/docker.sock”:unix socket,本地客户端将通过这个来连接 Docker Daemon

  • “tcp://0.0.0.0:2375”:tcp socket,表示允许任何远程客户端通过 2375 端口连接 Docker Daemon

  • /usr/lib/systemd/system/docker.service,配置远程访问:-H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

# 主要是在[Service]这个部分
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --containerd=/run/containerd/containerd.sock 
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

# 重启
	systemctl daemon-reload
	systemctl restart docker
  • 修改daemon.json的配置
# 修改/etc/docker/daemon.json
{
  "hosts": ["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"]
}

# 使用这种方式,需要去掉/usr/lib/systemd/system/docker.service中关于 -H的选项,否则会报错
ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock
  • 查看开启后的端口监听状态
[root@VM-0-3-centos ~]# ss -tunlp | grep docker
tcp    LISTEN     0      128    [::]:2375               [::]:*                   users:(("dockerd",pid=2974,fd=9))

Docker Remote API使用

Docker 客户端使用

  • -H为连接目标主机docker服务
  • 查看docker版本
[root@VM-0-3-centos ~]# docker -H tcp://0.0.0.0:2375 version
Client:
 Version:           20.10.16
 API version:       1.41
 Go version:        go1.17.10
 Git commit:        aa7e414
 Built:             Thu May 12 09:14:28 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:03:33 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
  • 查看镜像包
[root@VM-0-3-centos ~]# docker -H tcp://0.0.0.0:2375 image ls
REPOSITORY   TAG       IMAGE ID       CREATED         SIZE
centos       7         eeb6ee3f44bd   19 months ago   204MB
busybox      1.28      8c811b4aec35   4 years ago     1.15MB

Docker Remote API使用

官方提供API链接:https://docs.docker.com/engine/api/

​ Docker Remote API是一个取代远程命令行界面(rcli)的REST API。本文中,我们将使用命令行工具cURL来处理url相关操作。cURL可以发送请求、获取以及发送数据、检索信息

  • 容器列表 获取所有容器的清单:GET /containers/json
  • 创建新容器。命令如下:POST /containers/create
  • 监控容器。使用容器id获取该容器底层信息:GET /containers/(id)/json
  • 进程列表。获取容器内进程的清单:GET /containers/(id)/top
  • 容器日志。获取容器的标准输出和错误日志:GET /containers/(id)/logs
  • 导出容器。导出容器内容:GET /containers/(id)/export
  • 启动容器。如下:POST /containers/(id)/start
  • 停止容器。命令如下:POST /containers/(id)/stop
  • 重启容器,如下:POST /containers/(id)/restart
  • 终止容器:POST /containers/(id)/kill
# 获取容器信息
[root@VM-0-3-centos ~]# curl localhost:2375/containers/json
[{"Id":"1f91c52e2e09ec95cf0b0b00cc4c2e0b7cc61abe310dabf8d04d8d16dc69062d","Names":["/busy_visvesvaraya"],"Image":"busybox","ImageID":"sha256:7cfbbec8963d8f13e6c70416d6592e1cc10f47a348131290a55d43c3acab3fb9","Command":"sleep 10000","Created":1681625640,"Ports":[],"Labels":{},"State":"running","Status":"Up 2 seconds","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"b5c5f41568a8ba0385567dfa4e36d100c8341766a28c5dee56b56886521d2b2f","EndpointID":"b81b5b01ba1aa52961b18de8071783e1c3b6d57fbed9cc9380fa2ef0ab117dcf","Gateway":"172.18.0.1","IPAddress":"172.18.0.4","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:12:00:04","DriverOpts":null}}},"Mounts":[]},{"Id":"5f3af0db7d04a007993ac661b50dca3275037a9575c63b374e4837336eba3f48","Names":["/trusting_liskov"],"Image":"busybox","ImageID":"sha256:7cfbbec8963d8f13e6c70416d6592e1cc10f47a348131290a55d43c3acab3fb9","Command":"sleep 10000","Created":1681625639,"Ports":[],"Labels":{},"State":"running","Status":"Up 3 seconds","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"b5c5f41568a8ba0385567dfa4e36d100c8341766a28c5dee56b56886521d2b2f","EndpointID":"a8f618d7b5b7ef0bb09ad05cc8b04b806fc72d7f274e7d63d71ae4f06695faf4","Gateway":"172.18.0.1","IPAddress":"172.18.0.3","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:12:00:03","DriverOpts":null}}},"Mounts":[]},{"Id":"4d0b96d44e2acc067c7b32c45a20afc5f5dceade8afb2097f6cf41666296da7e","Names":["/bold_einstein"],"Image":"busybox","ImageID":"sha256:7cfbbec8963d8f13e6c70416d6592e1cc10f47a348131290a55d43c3acab3fb9","Command":"sleep 10000","Created":1681625637,"Ports":[],"Labels":{},"State":"running","Status":"Up 5 seconds","HostConfig":{"NetworkMode":"default"},"NetworkSettings":{"Networks":{"bridge":{"IPAMConfig":null,"Links":null,"Aliases":null,"NetworkID":"b5c5f41568a8ba0385567dfa4e36d100c8341766a28c5dee56b56886521d2b2f","EndpointID":"91945b28dbfd8f7ac888024eba27d807fdc62fbd8926d1fc4ca6f63ed2c4903a","Gateway":"172.18.0.1","IPAddress":"172.18.0.2","IPPrefixLen":16,"IPv6Gateway":"","GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"MacAddress":"02:42:ac:12:00:02","DriverOpts":null}}},"Mounts":[]}]

你可能感兴趣的:(Docker,docker,运维,linux,容器)