linux容器相关技术及操作

Docker系列之二:常用命令解析

2019-02-23  本文已影响3人  小六的昵称已被使用

title: Docker系列之二:常用命令解析
categories: Docker
tags:
- Docker
timezone: Asia/Shanghai
date: 2019-02-01


版本

[root@localhost home]# docker --version
Docker version 18.09.0, build 4d60db4

快捷键

CTRL + p + q    退出一个容器,并保持容器继续运行
CTRL + d        退出一个容器,并终止容器的运行

目录:

docker run
docker build
docker images
docker image

docker search:在Docker Hub中搜索image

[root@centos181001 ~]# docker search --help
Usage:  docker search [OPTIONS] TERM
Search the Docker Hub for images
Options:
  -f, --filter filter   Filter output based on conditions provided
                        根据提供的条件过滤输出
      --format string   Pretty-print search using a Go template
                        格式化输出
      --limit int       Max number of search results (default 25)
                        最大搜索结果数(默认25)
      --no-trunc        Don't truncate output
                        不要截断输出

docker run

[root@centos181001 home]# docker run --help
Usage:  docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
      --add-host list                  Add a custom host-to-IP mapping (host:ip)
  -a, --attach list                    Attach to STDIN, STDOUT or STDERR
                                        指定标准输入输出内容类型,可选 STDIN/STDOUT/STDERR 三项;

      --blkio-weight uint16            Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
      --blkio-weight-device list       Block IO weight (relative device weight) (default [])
      --cap-add list                   Add Linux capabilities
      --cap-drop list                  Drop Linux capabilities
      --cgroup-parent string           Optional parent cgroup for the container
      --cidfile string                 Write the container ID to the file
      --cpu-period int                 Limit CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int                  Limit CPU CFS (Completely Fair Scheduler) quota
      --cpu-rt-period int              Limit CPU real-time period in microseconds
      --cpu-rt-runtime int             Limit CPU real-time runtime in microseconds
  -c, --cpu-shares int                 CPU shares (relative weight)
      --cpus decimal                   Number of CPUs
      --cpuset-cpus string             CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string             MEMs in which to allow execution (0-3, 0,1)
  -d, --detach                         Run container in background and print container ID
                                        后台运行容器,并返回容器ID;

      --detach-keys string             Override the key sequence for detaching a container
      --device list                    Add a host device to the container
      --device-cgroup-rule list        Add a rule to the cgroup allowed devices list
      --device-read-bps list           Limit read rate (bytes per second) from a device (default [])
      --device-read-iops list          Limit read rate (IO per second) from a device (default [])
      --device-write-bps list          Limit write rate (bytes per second) to a device (default [])
      --device-write-iops list         Limit write rate (IO per second) to a device (default [])
      --disable-content-trust          Skip image verification (default true)
      --dns list                       Set custom DNS servers
                                        dns 8.8.8.8: 指定容器使用的DNS服务器,默认和宿主一致;

      --dns-option list                Set DNS options
      --dns-search list                Set custom DNS search domains
      --entrypoint string              Overwrite the default ENTRYPOINT of the image
  -e, --env list                       Set environment variables
                                              -e username="ritchie": 设置环境变量;

      --env-file list                  Read in a file of environment variables
                                        --env-file=[]: 从指定文件读入环境变量;

      --expose list                    Expose a port or a range of ports
                                        --expose=[]: 开放一个端口或一组端口;

      --group-add list                 Add additional groups to join
      --health-cmd string              Command to run to check health
      --health-interval duration       Time between running the check (ms|s|m|h) (default 0s)
      --health-retries int             Consecutive failures needed to report unhealthy
      --health-start-period duration   Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
      --health-timeout duration        Maximum time to allow one check to run (ms|s|m|h) (default 0s)
      --help                           Print usage
                                        打印此信息

  -h, --hostname string                Container host name
                                        -h "mars": 指定容器的hostname;

      --init                           Run an init inside the container that forwards signals and reaps processes
  -i, --interactive                    Keep STDIN open even if not attached
                                        以交互模式运行容器,通常与 -t 同时使用

      --ip string                      IPv4 address (e.g., 172.30.100.104)
      --ip6 string                     IPv6 address (e.g., 2001:db8::33)
      --ipc string                     IPC mode to use
      --isolation string               Container isolation technology
      --kernel-memory bytes            Kernel memory limit
  -l, --label list                     Set meta data on a container
      --label-file list                Read in a line delimited file of labels
      --link list                      Add link to another container
                                        --link=[]: 添加链接到另一个容器;

      --link-local-ip list             Container IPv4/IPv6 link-local addresses
      --log-driver string              Logging driver for the container
      --log-opt list                   Log driver options
      --mac-address string             Container MAC address (e.g., 92:d0:c6:0a:29:33)
  -m, --memory bytes                   Memory limit
                                        -m :设置容器使用内存最大值;

      --memory-reservation bytes       Memory soft limit
      --memory-swap bytes              Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --memory-swappiness int          Tune container memory swappiness (0 to 100) (default -1)
      --mount mount                    Attach a filesystem mount to the container
      --name string                    Assign a name to the container
                                        --name="nginx-lb": 为容器指定一个名称;

      --network string                 Connect a container to a network (default "default")
      --network-alias list             Add network-scoped alias for the container
      --no-healthcheck                 Disable any container-specified HEALTHCHECK
      --oom-kill-disable               Disable OOM Killer
      --oom-score-adj int              Tune host's OOM preferences (-1000 to 1000)
      --pid string                     PID namespace to use
      --pids-limit int                 Tune container pids limit (set -1 for unlimited)
      --privileged                     Give extended privileges to this container
  -p, --publish list                   Publish a container's port(s) to the host
                                        端口映射,格式为:主机(宿主)端口:容器端口

  -P, --publish-all                    Publish all exposed ports to random ports
                                        将所有公开的端口发布到随机端口

      --read-only                      Mount the container's root filesystem as read only
      --restart string                 Restart policy to apply when a container exits (default "no")
      --rm                             Automatically remove the container when it exits
                                        容器退出时自动移除

      --runtime string                 Runtime to use for this container
      --security-opt list              Security Options
                                        安全选项

      --shm-size bytes                 Size of /dev/shm
      --sig-proxy                      Proxy received signals to the process (default true)
      --stop-signal string             Signal to stop a container (default "SIGTERM")
      --stop-timeout int               Timeout (in seconds) to stop a container
      --storage-opt list               Storage driver options for the container
      --sysctl map                     Sysctl options (default map[])
      --tmpfs list                     Mount a tmpfs directory
  -t, --tty                            Allocate a pseudo-TTY
                                              

      --ulimit ulimit                  Ulimit options (default [])
  -u, --user string                    Username or UID (format: <name|uid>[:<group|gid>])
      --userns string                  User namespace to use
      --uts string                     UTS namespace to use
  -v, --volume list                    Bind mount a volume
                                        绑定一个卷

      --volume-driver string           Optional volume driver for the container
      --volumes-from list              Mount volumes from the specified container(s)
  -w, --workdir string                 Working directory inside the container
  
示例:
运行一个docker并进入容器
docker run -it centos /bin/bash

运行一个docker,并保持后台运行,不进入容器
docker run -itd centos /bin/bash

运行一个容器并返回容器ID,同时保持后台运行不退出
docker run -d centos

运行一个容器,并在容器退出的时候自动删除
docker run -it --rm 9b65eb17913a

docker attach:进入到一个容器

[root@centos181001 ~]# docker attach --help
Usage:  docker attach [OPTIONS] CONTAINER
Attach local standard input, output, and error streams to a running container
Options:
      --detach-keys string   Override the key sequence for detaching a container
      --no-stdin             Do not attach STDIN
                            不要附上STDIN
      --sig-proxy            Proxy all received signals to the process (default true
                            代理所有收到的进程信号(默认为真)

docker container

[root@centos181001 ~]# docker container --help
Usage:  docker container COMMAND
Manage containers
Commands:
  attach      Attach local standard input, output, and error streams to a running container
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  inspect     Display detailed information on one or more containers
  kill        Kill one or more running containers
  logs        Fetch the logs of a container
  ls          List containers
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  prune       Remove all stopped containers
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  run         Run a command in a new container
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  wait        Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.

docker container attach(进入到一个容器)(等于docker attach)

docker container commit(根据容器的更改创建新image)(等于docker commit)

docker container cp(在容器和本地文件系统之间复制文件/文件夹)

[root@centos181001 ~]# docker container cp --help
Usage:  docker container cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
    docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
Copy files/folders between a container and the local filesystem
Options:
  -a, --archive       Archive mode (copy all uid/gid information)
                        存档模式(复制所有uid / gid信息)
  -L, --follow-link   Always follow symbol link in SRC_PATH
                        始终遵循SRC_PATH中的符号链接

示例:

docker container start:启动一个或多个已停止的容器

[root@centos181001 ~]# docker container start --help
Usage:  docker container start [OPTIONS] CONTAINER [CONTAINER...]
Start one or more stopped containers
Options:
  -a, --attach               Attach STDOUT/STDERR and forward signals
                            连接STDOUT / STDERR并转发信号
      --detach-keys string   Override the key sequence for detaching a container
  -i, --interactive          Attach container's STDIN

示例:
docker container start

docker ps(列出容器)

[root@centos181001 ~]# docker ps --help
Usage:  docker ps [OPTIONS]
List containers
Options:
  -a, --all             Show all containers (default shows just running)
                        列出所有容器(默认只显示正在运行的)
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print containers using a Go template
                        格式化输出
  -n, --last int        Show n last created containers (includes all states) (default -1)
                        显示最后创建的容器(包括所有状态)(默认为-1)
  -l, --latest          Show the latest created container (includes all states)               显示最新创建的容器(包括所有状态)
      --no-trunc        Don't truncate output
                        不要截断输出
  -q, --quiet           Only display numeric IDs
                        只显示CONTAINER ID
  -s, --size            Display total file sizes
                        显示容器总文件大小

docker commit:根据容器的更改创建新image

[root@centos181001 ~]# docker commit --help
Usage:  docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
Create a new image from a container's changes
Options:
  -a, --author string    Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
                        作者信息
  -c, --change list      Apply Dockerfile instruction to the created image
                        
  -m, --message string   Commit message
                        提交信息
  -p, --pause            Pause container during commit (default true)
                        在提交期间暂停容器(默认为true)

示例:
docker commit 1ff50d9bf8af centos_vim:1.0

docker build:从Dockerfile构建映像(此命令等于:docker image build)

Usage:  docker build [OPTIONS] PATH | URL | -
    使用-构建:
        docker build - < Dockerfile
        docker build - < context.tar.gz
    
    URL参数可以引用三种类型的资源:Git仓库,预打包的tarball上下文和纯文本文件。

Build an image from a Dockerfile
Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      
      --build-arg list          Set build-time variables
                                设置构建时变量

      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --compress                Compress the build context using gzip
                                使用gzip压缩构建上下文

      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
                                默认跳过对生成的image的测试,设置该选项,将对镜像进行验证

  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
                                指定Dockerfile的路径,默认:'PATH/Dockerfile'

      --force-rm                Always remove intermediate containers
                                总是删除掉中间环节的容器

      --iidfile string          Write the image ID to the file
                                写入image ID到文件

      --isolation string        Container isolation technology
                                容器隔离技术

      --label list              Set metadata for an image
                                为生成的镜像设置metadata

  -m, --memory bytes            Memory limit
                                默认启动一个 container,对于容器的内存是没有任何限制的。
                                
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
                                构建image的时候不要使用缓存,默认false

      --pull                    Always attempt to pull a newer version of the image
                                在构建image的时候总是尝试pull镜像的最新版本

  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
                                成功构建后删除中间容器(默认为true)

      --security-opt strings    Security options
                                安全选项

      --shm-size bytes          Size of /dev/shm
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])

示例:
使用当前目录的Dockerfile生成image并查看
docker build -t centos_tengine:1.0 .
docker image ls centos_tengine

docker images

此命令等于:docker image ls

docker image

[root@centos181001 home]# docker image push --help
Usage:  docker image push [OPTIONS] NAME[:TAG]
Push an image or a repository to a registry
Options:
      --disable-content-trust   Skip image signing (default true)
[root@centos181001 home]# docker image --help
Usage:  docker image COMMAND
Manage images
Commands:
  build       Build an image from a Dockerfile
  history     Show the history of an image
  import      Import the contents from a tarball to create a filesystem image
  inspect     Display detailed information on one or more images
  load        Load an image from a tar archive or STDIN
  ls          List images
  prune       Remove unused images
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rm          Remove one or more images
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

Run 'docker image COMMAND --help' for more information on a command.

build:从Dockerfile构建映像(等同于docker build)

history:查看指定image的创建历史

Usage:  docker image history [OPTIONS] IMAGE
Show the history of an image
Options:
      --format string   Pretty-print images using a Go template
                        格式化输出
  -H, --human           Print sizes and dates in human readable format (default true)
                        以人类可读格式打印尺寸和日期(默认为true)
      --no-trunc        Don't truncate output
                        不要截断输出(长IMAGE ID格式)
  -q, --quiet           Only show numeric IDs
                        只显示IMAGE ID

示例:
docker image history httpd:latest
docker image history db7b8a965358
docker image history --no-trunc db7b8a965358
docker image history -q db7b8a965358

import:根据export出的tar文件创建一个镜像.

Usage:  docker image import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
Import the contents from a tarball to create a filesystem image
Options:
  -c, --change list      Apply Dockerfile instruction to the created image
  -m, --message string   Set commit message for imported image

示例:
docker image import /home/nginx.tar nginx:latest
    这里需要指定新镜像的名字和标签,否则会显示<none>

inspect:显示一个或多个image的详细信息

Usage:  docker image inspect [OPTIONS] IMAGE [IMAGE...]
Display detailed information on one or more images
Options:
  -f, --format string   Format the output using the given Go template
                        格式化输出
示例:
docker image inspect 42b4762643dc
docker image inspect nginx
docker image inspect nginx:latest
docker image inspect nginx:latest hello-world

load:从tar归档文件或者标准输入流载入iamge

Usage:  docker image load [OPTIONS]
Load an image from a tar archive or STDIN
Options:
  -i, --input string   Read from tar archive file, instead of STDIN
                       从tar归档文件中读取,而不是STDIN
  -q, --quiet          Suppress the load outp

示例:
docker image load -i /home/nginx.tar

ls:列出image(此命令等于docker images)

Usage:  docker image ls [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
  ls, images, list
Options:
  -a, --all             Show all images (default hides intermediate images)
                        显示所有图像(默认隐藏中间图像)
      --digests         Show digests
                        显示摘要(可以显示镜像大小等信息)同时不要截断输出(显示长IMAGE ID格式)
  -f, --filter filter   Filter output based on conditions provided
                        根据提供的条件过滤输出
      --format string   Pretty-print images using a Go template
                        格式化输出
      --no-trunc        Don't truncate output
                        不要截断输出(显示长IMAGE ID格式)
  -q, --quiet           Only show numeric IDs
                        仅显示IMAGE ID
示例:
docker image ls nginx
docker image ls
docker image ls -a
docker image ls --digests
docker image ls --no-trunc
docker image ls -q

prune:删除未使用的image

Usage:  docker image prune [OPTIONS]
Remove unused images
默认情况下,只会清理 dangling 镜像。
悬挂镜像是一种特殊的镜像,这种镜像既没有仓库名也没有标签,他们的值都为
一般来说,虚悬镜像已经失去了存在的价值,是可以随意删除的
dangling经常可以用以下命令查看:docker image ls -f dangling=true

Options:
  -a, --all             Remove all unused images, not just dangling ones
                        通过 -a 标志可以删除没有被已有容器使用的所有镜像:而不只是删除悬空镜像
      --filter filter   Provide filter values (e.g. 'until=<timestamp>')
                        提供过滤器
                        
  -f, --force           Do not prompt for confirmation
                        强制删除,不提示确认
示例:
docker image prune
docker image prune -a
docker image prune -a -f

pull:拉取镜像

Usage:  docker image pull [OPTIONS] NAME[:TAG|@DIGEST]
Options:
  -a, --all-tags                Download all tagged images in the repository
      --disable-content-trust   Skip image verification (default true)
                                拉取所有版本

示例:
docker image pull nginx
docker image pull -a nginx

push:推送iamge到仓库

Usage:  docker image push [OPTIONS] NAME[:TAG]
Options:跳过图像签名
  --disable-content-trust   Skip image signing (default true)

示例:
docker image push hello-world:1.0

rm:删除一个或多个image

Usage:  docker image rm [OPTIONS] IMAGE [IMAGE...]
Aliases:
  rm, rmi, remove

Options:强制删除
  -f, --force      Force removal of the image
      --no-prune   Do not delete untagged parents

示例:
docker image rm hello-world:2.0 hello-world:latest

save:将一个或多个图像保存到tar存档(默认情况下流式传输到STDOUT)

Usage:  docker save [OPTIONS] IMAGE [IMAGE...]
Options:
        -o, --output string   Write to a file, instead of STDOUT

示例:
docker save -o /home/hello-world.tar hello-world
docker save -o /home/hello-world.tar hello-world:2.0
docker save -o /home/hello-world.tar fce289e99eb9

tag:为image打标签

Usage:  docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]

示例:
docker image tag hello-world hello-world:2.0
上一篇 下一篇

猜你喜欢

热点阅读