使用docker的一些基本操作
1. 安装docker,
启动docker 服务
2. 检查版本信息
3.
从docker hub搜索, 下载镜像
4. 启动container
5. container交互模式
6. 改变docker后台进程的监听端口
7. 连接到非默认端口或远程docker后台进程
8. 启动后台container
9. 查看运行或未运行的container
10. 控制container(停止,重启,删除等)
11. container net
12. container 端口映射
13. 保存container状态, (打包image)
14. 上传image到docker hub
1. 安装docker, 启动docker 服务
2. 检查版本信息
4. 启动container
5. 启动container交互模式
6. 改变docker后台进程的监听端口
7. 连接到非默认端口或远程docker后台进程
8. 启动后台container
9. 查看运行或未运行的container
10. 控制container(停止,重启,删除等)
11. container net
13. 保存container状态, (打包image)
14. 上传image到docker hub
[参考]
centos 6.x x64
首先要导入epel
https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F
yum install -y docker-io
centos 7.x x64
直接安装
yum install -y docker
[root@db-172-16-3-221 ~]# service docker start2. 检查版本信息
[root@db-172-16-3-221 ~]# docker info
Containers: 5
Images: 104
Storage Driver: devicemapper
Pool Name: docker-8:49-17826869-pool
Data file: /var/lib/docker/devicemapper/devicemapper/data
Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
Data Space Used: 2531.7 Mb
Data Space Total: 102400.0 Mb
Metadata Space Used: 4.1 Mb
Metadata Space Total: 2048.0 Mb
Execution Driver: native-0.2
Kernel Version: 2.6.32-431.el6.x86_64
Username: digoal
Registry: [https://index.docker.io/v1/]
3. 从docker hub搜索, 下载镜像
下载镜像不需要注册docker hub账号. 可以下载public images.
[root@db-172-16-3-221 ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 556 [OK]
........
[root@db-172-16-3-221 ~]# docker pull centos
Pulling repository centos
68edf809afe7: Download complete
504a65221a38: Download complete
87e5b6b3ccc1: Download complete
511136ea3c5a: Download complete
5b12ef8fd570: Download complete 4. 启动container
查看本地镜像, 如果不在本地, 会自动从docker hub下载到本地,
镜像是只读的, 可以基于镜像启动container
[root@db-172-16-3-221 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
digoal/postgres 9.3.5 a7ef5455170d 21 hours ago 212.9 MB
postgres 9.4 68b6ddf9ca08 8 days ago 213.6 MB
postgres 9.4-beta3 68b6ddf9ca08 8 days ago 213.6 MB
postgres 9.3.5 935836384c52 8 days ago 212.9 MB
postgres latest 935836384c52 8 days ago 212.9 MB
postgres 9.3 935836384c52 8 days ago 212.9 MB
postgres 9 935836384c52 8 days ago 212.9 MB
postgres 9.2 2a9ab0b9fa56 8 days ago 212.7 MB
postgres 9.2.9 2a9ab0b9fa56 8 days ago 212.7 MB
postgres 9.1.14 ee60947f6805 8 days ago 212.1 MB
postgres 9.1 ee60947f6805 8 days ago 212.1 MB
postgres 9.0 f29be88283f6 8 days ago 211.5 MB
postgres 9.0.18 f29be88283f6 8 days ago 211.5 MB
postgres 8 c57c14beb696 8 days ago 211 MB
postgres 8.4 c57c14beb696 8 days ago 211 MB
postgres 8.4.22 c57c14beb696 8 days ago 211 MB
postgres 9.4-beta2 bf872395e1d4 3 weeks ago 213.6 MB
centos centos5 504a65221a38 4 weeks ago 467.1 MB
centos centos6 68edf809afe7 4 weeks ago 212.7 MB
centos centos7 87e5b6b3ccc1 4 weeks ago 224 MB
centos latest 87e5b6b3ccc1 4 weeks ago 224 MB
启动container
用法 :
[root@db-172-16-3-221 ~]# docker help run
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
-a, --attach=[] Attach to stdin, stdout or stderr.
-c, --cpu-shares=0 CPU shares (relative weight)
--cidfile="" Write the container ID to the file
--cpuset="" CPUs in which to allow execution (0-3, 0,1)
-d, --detach=false Detached mode: Run container in the background, print new container id
--dns=[] Set custom dns servers
--dns-search=[] Set custom dns search domains
-e, --env=[] Set environment variables
--entrypoint="" Overwrite the default entrypoint of the image
--env-file=[] Read in a line delimited file of ENV variables
--expose=[] Expose a port from the container without publishing it to your host
-h, --hostname="" Container host name
-i, --interactive=false Keep stdin open even if not attached
--link=[] Add link to another container (name:alias)
--lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1"
-m, --memory="" Memory limit (format: <number><optional unit>, where unit = b, k, m or g)
--name="" Assign a name to the container
--net="bridge" Set the Network mode for the container
'bridge': creates a new network stack for the container on the docker bridge
'none': no networking for this container
'container:<name|id>': reuses another container network stack
'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
-P, --publish-all=false Publish all exposed ports to the host interfaces
-p, --publish=[] Publish a container's port to the host
format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort
(use 'docker port' to see the actual mapping)
--privileged=false Give extended privileges to this container
--rm=false Automatically remove the container when it exits (incompatible with -d)
--sig-proxy=true Proxify received signals to the process (even in non-tty mode). SIGCHLD is not proxied.
-t, --tty=false Allocate a pseudo-tty
-u, --user="" Username or UID
-v, --volume=[] Bind mount a volume (e.g., from the host: -v /host:/container, from docker: -v /container)
--volumes-from=[] Mount volumes from the specified container(s)
-w, --workdir="" Working directory inside the container
[root@db-172-16-3-221 ~]# docker run -d --name hello postgres:9.3.5
358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105
[root@db-172-16-3-221 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
358c3b256ed3 postgres:9 /docker-entrypoint.s 4 seconds ago Up 3 seconds 5432/tcp hello5. 启动container交互模式
[root@db-172-16-3-221 ~]# docker run -t -i --name hello123 postgres:9.3.5 /bin/bash
root@fc2bb8e60b49:/#6. 改变docker后台进程的监听端口
[root@db-172-16-3-221 ~]# service docker stop
Stopping docker: [ OK ]
使用docker -d启动后台服务.
[root@db-172-16-3-221 ~]# docker -d
2014/10/30 13:39:21 WARNING: You are running linux kernel version 2.6.32-431.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.8.0.
2014/10/30 13:39:21 docker daemon: 1.1.2 d84a070/1.1.2; execdriver: native; graphdriver:
[ce9e52b6] +job serveapi(unix:///var/run/docker.sock)
[ce9e52b6] +job initserver()
[ce9e52b6.initserver()] Creating server
2014/10/30 13:39:21 Listening for HTTP on unix (/var/run/docker.sock)
[ce9e52b6] +job init_networkdriver()
[ce9e52b6] -job init_networkdriver() = OK (0)
Loading containers: ..........[error] driver.go:140 Warning: error unmounting device ca64905e843ab439926406d19378d4c5c7419bb584a4379a39890efea63ce23e: UnmountDevice: device not-mounted id ca64905e843ab439926406d19378d4c5c7419bb584a4379a39890efea63ce23e
..[error] driver.go:140 Warning: error unmounting device 8238bc46c1dad147536006be4f08561b87ad014b59d928b8521263cd5b96cb4d: UnmountDevice: device not-mounted id 8238bc46c1dad147536006be4f08561b87ad014b59d928b8521263cd5b96cb4d
.[error] driver.go:140 Warning: error unmounting device aab6a732ddbc43e2cab846aede454c7a39342412852691982231d0e000eb5d0a: UnmountDevice: device not-mounted id aab6a732ddbc43e2cab846aede454c7a39342412852691982231d0e000eb5d0a
.[error] driver.go:140 Warning: error unmounting device 358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105: UnmountDevice: device not-mounted id 358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105
..[error] driver.go:140 Warning: error unmounting device 7c99c4f4a01f0640dd1f236d3f597269a22f922d5292119cddd23ace1f082fc0: UnmountDevice: device not-mounted id 7c99c4f4a01f0640dd1f236d3f597269a22f922d5292119cddd23ace1f082fc0
..[error] driver.go:140 Warning: error unmounting device edae35acc741902a34b26e66e567bc7a3639981dd38967620b08ccbb37f0223c: UnmountDevice: device not-mounted id edae35acc741902a34b26e66e567bc7a3639981dd38967620b08ccbb37f0223c
[ce9e52b6] +job release_interface(358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105)
No network information to release for 358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105
[ce9e52b6] -job release_interface(358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105) = ERR (1)
[error] driver.go:140 Warning: error unmounting device 358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105: UnmountDevice: device not-mounted id 358c3b256ed3eb2465b4bcdf95ffef6ab8449452d9b68dc26d22649965e22105
: done.
[ce9e52b6.initserver()] Creating pidfile
[ce9e52b6.initserver()] Setting up signal traps
[ce9e52b6] -job initserver() = OK (0)
[ce9e52b6] +job acceptconnections()
[ce9e52b6] -job acceptconnections() = OK (0)
删除一个container 可以看到 docker 控制台的输出 :
[root@db-172-16-3-221 ~]# docker rm b3e755c4b710
b3e755c4b710
控制台输出
2014/10/30 13:41:10 DELETE /v1.13/containers/b3e755c4b710
[ce9e52b6] +job container_delete(b3e755c4b710)
[ce9e52b6] -job container_delete(b3e755c4b710) = OK (0)
启动docker server时改变docker监听 :
-H, --host=[unix:///var/run/docker.sock]: tcp://[host:port] to bind or unix://[/path/to/socket] to use. The
socket(s) to bind to in daemon mode specified using one or more tcp://host:port, unix:///path/to/socket, fd://*
or fd://socketfd.
例如
[root@db-172-16-3-221 ~]# docker -d -H tcp://0.0.0.0:9999 -H unix:///tmp/.docker.9999.sock
2014/10/30 13:51:30 WARNING: You are running linux kernel version 2.6.32-431.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.8.0.
2014/10/30 13:51:30 docker daemon: 1.1.2 d84a070/1.1.2; execdriver: native; graphdriver:
[bb265d31] +job serveapi(tcp://0.0.0.0:9999, unix:///tmp/.docker.9999.sock)
[bb265d31] +job initserver()
[bb265d31.initserver()] Creating server
2014/10/30 13:51:30 Listening for HTTP on tcp (0.0.0.0:9999)
2014/10/30 13:51:30 /!\ DON'T BIND ON ANOTHER IP ADDRESS THAN 127.0.0.1 IF YOU DON'T KNOW WHAT YOU'RE DOING /!\
2014/10/30 13:51:30 Listening for HTTP on unix (/tmp/.docker.9999.sock)
[bb265d31] +job init_networkdriver()
[bb265d31] -job init_networkdriver() = OK (0)
Loading containers: ......: done.
[bb265d31.initserver()] Creating pidfile
[bb265d31.initserver()] Setting up signal traps
[bb265d31] -job initserver() = OK (0)
[bb265d31] +job acceptconnections()
[bb265d31] -job acceptconnections() = OK (0)7. 连接到非默认端口或远程docker后台进程
例如, 连接到监听为9999端口的docker server :
[root@db-172-16-3-221 ~]# docker -H 127.0.0.1:9999 ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES8. 启动后台container
[root@db-172-16-3-221 ~]# docker help run
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
-d, --detach=false Detached mode: Run container in the background, print new container id
例如 :
[root@db-172-16-3-221 ~]# docker -H 127.0.0.1:9999 run -d postgres:9.3.5
611a769c1c468d11178a341959109dc0ee3ae581edb2103cf8e1379e8cc077c89. 查看运行或未运行的container
[root@db-172-16-3-221 ~]# docker -H 127.0.0.1:9999 ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
611a769c1c46 postgres:9 /docker-entrypoint.s 17 seconds ago Up 16 seconds 5432/tcp mad_ritchie
358c3b256ed3 postgres:9 /docker-entrypoint.s 18 minutes ago Exited (0) 15 minutes ago 5432/tcp elegant_brattain
ca64905e843a postgres:9 /docker-entrypoint.s 27 hours ago Exited (0) 15 minutes ago 5432/tcp determined_rosalind
aab6a732ddbc postgres:9 /docker-entrypoint.s 44 hours ago Exited (0) 15 minutes ago 5432/tcp jolly_fermi
edae35acc741 postgres:9 /docker-entrypoint.s 44 hours ago Exited (0) 15 minutes ago 5432/tcp kickass_poincare
7c99c4f4a01f postgres:9 /docker-entrypoint.s 44 hours ago Exited (0) 15 minutes ago 5432/tcp hopeful_tesla
8238bc46c1da postgres:9 /docker-entrypoint.s 44 hours ago Exited (0) 15 minutes ago 5432/tcp prickly_bohr 10. 控制container(停止,重启,删除等)
[root@db-172-16-3-221 ~]# docker stop be885c1251cc
be885c1251cc
[root@db-172-16-3-221 ~]# docker restart be885c1251cc
be885c1251cc
[root@db-172-16-3-221 ~]# docker stop be885c1251cc
be885c1251cc
[root@db-172-16-3-221 ~]# docker kill be885c1251cc
be885c1251cc
[root@db-172-16-3-221 ~]# docker rm be885c1251cc
be885c1251cc
11. container net
[root@db-172-16-3-221 ~]# docker help run
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
--dns=[] Set custom dns servers
--dns-search=[] Set custom dns search domains
--net="bridge" Set the Network mode for the container
'bridge': creates a new network stack for the container on the docker bridge
'none': no networking for this container
'container:<name|id>': reuses another container network stack
'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
启动container时指定即可.
如果要让DOCKER服务端自动改写iptables运行container访问外网, 可以使用--net="host"
例如 :
[root@db-172-16-3-221 ~]# docker run -t -i --rm --net="host" centos:centos7 /bin/bash
bash-4.2# ping www.baidu.com
PING www.a.shifen.com (115.239.210.27) 56(84) bytes of data.
64 bytes from 115.239.210.27: icmp_seq=1 ttl=56 time=2.44 ms
64 bytes from 115.239.210.27: icmp_seq=2 ttl=56 time=2.40 ms
12. container 端口映射
docker help run
-P, --publish-all=false Publish all exposed ports to the host interfaces
-p, --publish=[] Publish a container's port to the host
format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort
(use 'docker port' to see the actual mapping)
动态映射
[root@db-172-16-3-221 ~]# docker run -d -P postgres:9.3.5
d76f1559ca83a649895a841ddc2366169d958ff14fb65efc6d276bdeeeb9f1b0
[root@db-172-16-3-221 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d76f1559ca83 postgres:9 /docker-entrypoint.s 3 seconds ago Up 1 seconds 0.0.0.0:49153->5432/tcp kickass_wilson
指定本地端口
[root@db-172-16-3-221 ~]# docker run -d -p 0.0.0.0:9999:5432/tcp postgres:9.3.5
4cc03cffa249aee4992287228273c88521e41699b4295afa73ace5716ff844bc
[root@db-172-16-3-221 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4cc03cffa249 postgres:9 /docker-entrypoint.s 4 seconds ago Up 2 seconds 0.0.0.0:9999->5432/tcp stupefied_euclid 13. 保存container状态, (打包image)
如果对container做了一些修改, 例如安装了一些包, 并且想在下次运行container时不需要重复安装这个动作, 那么可以把当前的container保存为image, 下次启动时启动保存的image即可.
例如 :
首先启动一个container, 命名为digoal123
[root@db-172-16-3-221 ~]# docker run --net="host" -t -i --name="digoal123" centos:centos7 /bin/bash
bash-4.2# yum install -y vim
打包帮助
[root@db-172-16-3-221 ~]# docker help commit
Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container's changes
-a, --author="" Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
-m, --message="" Commit message
-p, --pause=true Pause container during commit
打包, 放到本地 digoal/postgres:digoal123_vim
[root@db-172-16-3-221 ~]# docker commit -a "digoal" -m "install vim" -p digoal123 digoal/postgres:digoal123_vim
1ac234066815825d8a79931d11d45624a242d67a29ad3d3789b56b577fa51a91
接下来可以允许该image, 可以看到vim已经安装好了
[root@db-172-16-3-221 ~]# docker run -t -i --rm digoal/postgres:digoal123_vim /bin/bash
bash-4.2# which vim
/usr/bin/vim14. 上传image到docker hub
这个首先要注册docker hub账号, 然后login.
[root@db-172-16-3-221 ~]# docker login
Username: digoal
Password:
Email: xxx@xx.xx
Login Succeeded
最后就是上传
[root@db-172-16-3-221 ~]# docker push digoal/postgres:digoal123_vim[参考]
