Docker學(xué)習(xí)筆記：Docker 基礎(chǔ)用法和命令幫助

一、Docker的基礎(chǔ)用法

Docker鏡像首頁，包括官方鏡像和其它公開鏡像

因為國情的原因，國內(nèi)下載 Docker HUB 官方的相關(guān)鏡像比較慢，可以使用 docker.cn 鏡像，鏡像保持和官方一致，關(guān)鍵是速度塊，推薦使用。

3.1 Search images

$ sudo docker search ubuntu

3.2 Pull images

$ sudo docker pull ubuntu # 獲取 ubuntu 官方鏡像 $ sudo docker images # 查看當(dāng)前鏡像列表

3.3 Running an interactive shell

$ sudo docker run -i -t ubuntu:14.04 /bin/bash

docker run - 運行一個容器
-t - 分配一個（偽）tty (link is external)
-i - 交互模式 (so we can interact with it)
ubuntu:14.04 - 使用 ubuntu 基礎(chǔ)鏡像 14.04
/bin/bash - 運行命令 bash shell

注: ubuntu 會有多個版本，通過指定 tag 來啟動特定的版本 [image]:[tag]

$ sudo docker ps # 查看當(dāng)前運行的容器, ps -a 列出當(dāng)前系統(tǒng)所有的容器 CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES6c9129e9df10        ubuntu:14.04        /bin/bash 6 minutes ago       Up 6 minutes                            cranky_babbage

3.4 相關(guān)快捷鍵

退出：Ctrl-Dorexit
detach：Ctrl-P + Ctrl-Q
attach:docker attach CONTAINER-ID

二、Docker 命令幫助

4.1 docker help

docker command

$ sudo docker   # docker 命令幫助Commands:    attach    Attach to a running container                 # 當(dāng)前 shell 下 attach 連接指定運行鏡像    build     Build an image from a Dockerfile              # 通過 Dockerfile 定制鏡像    commit    Create a new image from a container's changes # 提交當(dāng)前容器為新的鏡像    cp        Copy files/folders from the containers filesystem to the host path              # 從容器中拷貝指定文件或者目錄到宿主機中    create    Create a new container                        # 創(chuàng)建一個新的容器，同 run，但不啟動容器    diff      Inspect changes on a container's filesystem   # 查看 docker 容器變化    events    Get real time events from the server          # 從 docker 服務(wù)獲取容器實時事件    exec      Run a command in an existing container        # 在已存在的容器上運行命令    export    Stream the contents of a container as a tar archive                 # 導(dǎo)出容器的內(nèi)容流作為一個 tar 歸檔文件[對應(yīng) import ]    history   Show the history of an image                  # 展示一個鏡像形成歷史    images    List images                                   # 列出系統(tǒng)當(dāng)前鏡像    import    Create a new filesystem image from the contents of a tarball                # 從tar包中的內(nèi)容創(chuàng)建一個新的文件系統(tǒng)映像[對應(yīng) export]    info      Display system-wide information               # 顯示系統(tǒng)相關(guān)信息    inspect   Return low-level information on a container   # 查看容器詳細信息    kill      Kill a running container                      # kill 指定 docker 容器    load      Load an image from a tar archive              # 從一個 tar 包中加載一個鏡像[對應(yīng) save]    login     Register or Login to the docker registry server                 # 注冊或者登陸一個 docker 源服務(wù)器    logout    Log out from a Docker registry server         # 從當(dāng)前 Docker registry 退出    logs      Fetch the logs of a container                 # 輸出當(dāng)前容器日志信息    port      Lookup the public-facing port which is NAT-ed to PRIVATE_PORT              # 查看映射端口對應(yīng)的容器內(nèi)部源端口    pause     Pause all processes within a container        # 暫停容器    ps        List containers                               # 列出容器列表    pull      Pull an image or a repository from the docker registry server              # 從docker鏡像源服務(wù)器拉取指定鏡像或者庫鏡像    push      Push an image or a repository to the docker registry server              # 推送指定鏡像或者庫鏡像至docker源服務(wù)器    restart   Restart a running container                   # 重啟運行的容器    rm        Remove one or more containers                 # 移除一個或者多個容器    rmi       Remove one or more images                               # 移除一個或多個鏡像[無容器使用該鏡像才可刪除，否則需刪除相關(guān)容器才可繼續(xù)或 -f 強制刪除]    run       Run a command in a new container              # 創(chuàng)建一個新的容器并運行一個命令    save      Save an image to a tar archive                # 保存一個鏡像為一個 tar 包[對應(yīng) load]    search    Search for an image on the Docker Hub         # 在 docker hub 中搜索鏡像    start     Start a stopped containers                    # 啟動容器    stop      Stop a running containers                     # 停止容器    tag       Tag an image into a repository                # 給源中鏡像打標簽    top       Lookup the running processes of a container   # 查看容器中運行的進程信息    unpause   Unpause a paused container                    # 取消暫停容器    version   Show the docker version information           # 查看 docker 版本號    wait      Block until a container stops, then print its exit code                 # 截取容器停止時的退出狀態(tài)值Run 'docker COMMAND --help' for more information on a command.

docker option

Usage of docker:  --api-enable-cors=false                Enable CORS headers in the remote API                      # 遠程 API 中開啟 CORS 頭  -b, --bridge=""                        Attach containers to a pre-existing network bridge         # 橋接網(wǎng)絡(luò)                                           use 'none' to disable container networking  --bip=""                               Use this CIDR notation address for the network bridge's IP, not compatible with -b                                         # 和 -b 選項不兼容，具體沒有測試過  -d, --daemon=false                     Enable daemon mode                                         # daemon 模式  -D, --debug=false                      Enable debug mode                                          # debug 模式  --dns=[]                               Force docker to use specific DNS servers                   # 強制 docker 使用指定 dns 服務(wù)器  --dns-search=[]                        Force Docker to use specific DNS search domains            # 強制 docker 使用指定 dns 搜索域  -e, --exec-driver="native"             Force the docker runtime to use a specific exec driver     # 強制 docker 運行時使用指定執(zhí)行驅(qū)動器  --fixed-cidr=""                        IPv4 subnet for fixed IPs (ex: 10.20.0.0/16)                                           this subnet must be nested in the bridge subnet (which is defined by -b or --bip)  -G, --group="docker"                   Group to assign the unix socket specified by -H when running in daemon mode                                           use '' (the empty string) to disable setting of a group  -g, --graph="/var/lib/docker"          Path to use as the root of the docker runtime              # 容器運行的根目錄路徑  -H, --host=[]                          The socket(s) to bind to in daemon mode                    # daemon 模式下 docker 指定綁定方式[tcp or 本地 socket]                                           specified using one or more tcp://host:port, unix:///path/to/socket, fd://* or fd://socketfd.  --icc=true                             Enable inter-container communication                       # 跨容器通信  --insecure-registry=[]                 Enable insecure communication with specified registries (no certificate verification for HTTPS and enable HTTP fallback) (e.g., localhost:5000 or 10.20.0.0/16)  --ip="0.0.0.0"                         Default IP address to use when binding container ports     # 指定監(jiān)聽地址，默認所有 ip  --ip-forward=true                      Enable net.ipv4.ip_forward                                 # 開啟轉(zhuǎn)發(fā)  --ip-masq=true                         Enable IP masquerading for bridge's IP range  --iptables=true                        Enable Docker's addition of iptables rules                 # 添加對應(yīng) iptables 規(guī)則  --mtu=0                                Set the containers network MTU                             # 設(shè)置網(wǎng)絡(luò) mtu                                           if no value is provided: default to the default route MTU or 1500 if no default route is available  -p, --pidfile="/var/run/docker.pid"    Path to use for daemon PID file                            # 指定 pid 文件位置  --registry-mirror=[]                   Specify a preferred Docker registry mirror                    -s, --storage-driver=""                Force the docker runtime to use a specific storage driver  # 強制 docker 運行時使用指定存儲驅(qū)動  --selinux-enabled=false                Enable selinux support                                     # 開啟 selinux 支持  --storage-opt=[]                       Set storage driver options                                 # 設(shè)置存儲驅(qū)動選項  --tls=false                            Use TLS; implied by tls-verify flags                       # 開啟 tls  --tlscacert="/root/.docker/ca.pem"     Trust only remotes providing a certificate signed by the CA given here  --tlscert="/root/.docker/cert.pem"     Path to TLS certificate file                               # tls 證書文件位置  --tlskey="/root/.docker/key.pem"       Path to TLS key file                                       # tls key 文件位置  --tlsverify=false                      Use TLS and verify the remote (daemon: verify client, client: verify daemon) # 使用 tls 并確認遠程控制主機  -v, --version=false                    Print version information and quit                         # 輸出 docker 版本信息

4.2 docker search

$ sudo docker search --helpUsage: docker search TERMSearch the Docker Hub for images # 從 Docker Hub 搜索鏡像 --automated=false Only show automated builds  --no-trunc=false Don't truncate output  -s, --stars=0 Only displays with at least xxx stars

示例：

$ sudo docker search -s 100 ubuntu # 查找 star 數(shù)至少為 100 的鏡像，找出只有官方鏡像 start 數(shù)超過 100，默認不加 s 選項找出所有相關(guān) ubuntu 鏡像 NAME      DESCRIPTION                  STARS     OFFICIAL   AUTOMATEDubuntu    Official Ubuntu base image 425 [OK]

4.3 docker info

$ sudo docker info Containers: 1 # 容器個數(shù) Images: 22 # 鏡像個數(shù) Storage Driver: devicemapper # 存儲驅(qū)動 Pool Name: docker-8:17-3221225728-pool Pool Blocksize: 65.54 kB Data file: /data/docker/devicemapper/devicemapper/data Metadata file: /data/docker/devicemapper/devicemapper/metadata Data Space Used: 1.83 GB Data Space Total: 107.4 GB Metadata Space Used: 2.191 MB Metadata Space Total: 2.147 GB Library Version: 1.02.84-RHEL7 (2014-03-26) Execution Driver: native-0.2 # 存儲驅(qū)動 Kernel Version: 3.10.0-123.el7.x86_64Operating System: CentOS Linux 7 (Core)

4.4 docker pull && docker push

$ sudo docker pull --help # pull 拉取鏡像 Usage: docker pull [OPTIONS] NAME[:TAG] Pull an image or a repository from the registry  -a, --all-tags=false Download all tagged images in the repository $ sudo docker push # push 推送指定鏡像 Usage: docker push NAME[:TAG] Push an image or a repository to the registry

示例：

$ sudo docker pull ubuntu # 下載官方 ubuntu docker 鏡像，默認下載所有 ubuntu 官方庫鏡像 $ sudo docker pull ubuntu:14.04 # 下載指定版本 ubuntu 官方鏡像

$ sudo docker push 192.168.0.100:5000/ubuntu # 推送鏡像庫到私有源[可注冊 docker 官方賬戶，推送到官方自有賬戶] $ sudo docker push 192.168.0.100:5000/ubuntu:14.04 # 推送指定鏡像到私有源

4.5 docker images

列出當(dāng)前系統(tǒng)鏡像

$ sudo docker images --helpUsage: docker images [OPTIONS] [NAME] List images  -a, --all=false Show all images (by default filter out the intermediate image layers) # -a 顯示當(dāng)前系統(tǒng)的所有鏡像，包括過渡層鏡像，默認 docker images 顯示最終鏡像，不包括過渡層鏡像 -f, --filter=[] Provide filter values (i.e. 'dangling=true') --no-trunc=false Don't truncate output  -q, --quiet=false Only show numeric IDs

示例：

$ sudo docker images # 顯示當(dāng)前系統(tǒng)鏡像，不包括過渡層鏡像 $ sudo docker images -a # 顯示當(dāng)前系統(tǒng)所有鏡像，包括過渡層鏡像 $ sudo docker images ubuntu # 顯示當(dāng)前系統(tǒng) docker ubuntu 庫中的所有鏡像 REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZEubuntu                     12.04               ebe4be4dd427 4 weeks ago         210.6 MBubuntu                     14.04               e54ca5efa2e9 4 weeks ago         276.5 MBubuntu                     14.04-ssh           6334d3ac099a 7 weeks ago         383.2 MB

4.6 docker rmi

刪除一個或者多個鏡像

$ sudo docker rmi --helpUsage: docker rmi IMAGE [IMAGE...] Remove one or more images  -f, --force=false Force removal of the image # 強制移除鏡像不管是否有容器使用該鏡像 --no-prune=false Do not delete untagged parents # 不要刪除未標記的父鏡像

4.7 docker run

$ sudo docker run --helpUsage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] Run a command in a new container  -a, --attach=[] Attach to stdin, stdout or stderr.  -c, --cpu-shares=0 CPU shares (relative weight) # 設(shè)置 cpu 使用權(quán)重 --cap-add=[] Add Linux capabilities  --cap-drop=[] Drop Linux capabilities  --cidfile="" Write the container ID to the file # 把容器 id 寫入到指定文件 --cpuset="" CPUs in which to allow execution (0-3, 0,1) # cpu 綁定 -d, --detach=false Detached mode: Run container in the background, print new container id # 后臺運行容器 --device=[] Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc) --dns=[] Set custom dns servers # 設(shè)置 dns --dns-search=[] Set custom dns search domains # 設(shè)置 dns 域搜索 -e, --env=[] Set environment variables # 定義環(huán)境變量 --entrypoint="" Overwrite the default entrypoint of the image # ？ --env-file=[] Read in a line delimited file of ENV variables # 從指定文件讀取變量值 --expose=[] Expose a port from the container without publishing it to your host # 指定對外提供服務(wù)端口 -h, --hostname="" Container host name # 設(shè)置容器主機名 -i, --interactive=false Keep stdin open even if not attached # 保持標準輸出開啟即使沒有 attached --link=[] Add link to another container (name:alias) # 添加鏈接到另外一個容器 --lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1" -m, --memory="" Memory limit (format: <number><optional unit>, where unit = b, k, m or g) # 內(nèi)存限制 --name="" Assign a name to the container # 設(shè)置容器名 --net="bridge" Set the Network mode for the container # 設(shè)置容器網(wǎng)絡(luò)模式 'bridge': creates a new network stack for the container on the docker bridge 'none': no networking for this container 'container:<name|id>': reuses another container network stack 'host': use the host network stack inside the container.  Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.  -P, --publish-all=false Publish all exposed ports to the host interfaces # 自動映射容器對外提供服務(wù)的端口 -p, --publish=[] Publish a container's port to the host             # 指定端口映射  format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort  (use 'docker port' to see the actual mapping) --privileged=false Give extended privileges to this container # 提供更多的權(quán)限給容器 --restart="" Restart policy to apply when a container exits (no, on-failure[:max-retry], always) --rm=false Automatically remove the container when it exits (incompatible with -d) # 如果容器退出自動移除和 -d 選項沖突 --security-opt=[] Security Options  --sig-proxy=true Proxify received signals to the process (even in non-tty mode). SIGCHLD is not proxied.  -t, --tty=false Allocate a pseudo-tty # 分配偽終端 -u, --user="" Username or UID # 指定運行容器的用戶 uid 或者用戶名 -v, --volume=[] Bind mount a volume (e.g., from the host: -v /host:/container, from docker: -v /container) # 掛載卷 --volumes-from=[] Mount volumes from the specified container(s) # 從指定容器掛載卷 -w, --workdir="" Working directory inside the container # 指定容器工作目錄

示例：

$ sudo docker images ubuntuREPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZEubuntu              14.04               e54ca5efa2e9 4 weeks ago         276.5 MB... ... $ sudo docker run -t -i -c 100 -m 512MB -h test1 -d --name="docker_test1" ubuntu /bin/bash # 創(chuàng)建一個 cpu 優(yōu)先級為 100，內(nèi)存限制 512MB，主機名為 test1，名為 docker_test1 后臺運行 bash 的容器 a424ca613c9f2247cd3ede95adfbaf8d28400cbcb1d5f9b69a7b56f97b2b52e5 $ sudo docker ps CONTAINER ID        IMAGE           COMMAND         CREATED             STATUS              PORTS       NAMESa424ca613c9f        ubuntu:14.04    /bin/bash 6 seconds ago       Up 5 seconds                    docker_test1 $ sudo docker attach docker_test1root@test1:/# pwd /root@test1:/# exit exit

關(guān)于cpu優(yōu)先級:

By default all groups have 1024 shares. A group with 100 shares will get a ~10% portion of the CPU time -archlinux cgroups

4.8 docker start|stop|kill... ...

docker start CONTAINER [CONTAINER...]
- # 運行一個或多個停止的容器
docker stop CONTAINER [CONTAINER...]
- # 停掉一個或多個運行的容器-t選項可指定超時時間
docker kill [OPTIONS] CONTAINER [CONTAINER...]
- # 默認 kill 發(fā)送 SIGKILL 信號-s可以指定發(fā)送 kill 信號類型
docker restart [OPTIONS] CONTAINER [CONTAINER...]
- # 重啟一個或多個運行的容器-t選項可指定超時時間
docker pause CONTAINER
- # 暫停一個容器，方便 commit
docker unpause CONTAINER
- # 繼續(xù)暫停的容器
docker rm [OPTIONS] CONTAINER [CONTAINER...]
- # 移除一個或多個容器
- -f, --force=false Force removal of running container
- -l, --link=false Remove the specified link and not the underlying container
- -v, --volumes=false Remove the volumes associated with the container
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
- # 提交指定容器為鏡像
- -a, --author="" Author (e.g., "John Hannibal Smith hannibal@a-team.com ")
- -m, --message="" Commit message
- -p, --pause=true Pause container during commit
  - # 默認 commit 是暫停狀態(tài)
docker inspect CONTAINER|IMAGE [CONTAINER|IMAGE...]
- # 查看容器或者鏡像的詳細信息
docker logs CONTAINER
- # 輸出指定容器日志信息
- -f, --follow=false Follow log output
  - # 類似 tail -f
- -t, --timestamps=false Show timestamps
- --tail="all" Output the specified number of lines at the end of logs (defaults to all logs)

本站僅提供存儲服務(wù)，所有內(nèi)容均由用戶發(fā)布，如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容，請點擊舉報。

开心六月综合激情婷婷|欧美精品成人动漫二区|国产中文字幕综合色|亚洲人在线成视频