容器(3)--Docker 的使用
Docker 容器的使用

1) Docker客户端
[root@localhost ~]# docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with
"docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
attach Attach local standard input, output, and error streams to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Export a container's filesystem as a tar archive
history Show the history of an image
images List images
import Import the contents from a tarball to create a filesystem image
info Display system-wide information
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
login Log in to a Docker registry
logout Log out from a Docker registry
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container
save Save one or more images to a tar archive (streamed to STDOUT by default)
search Search the Docker Hub for images
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
version Show the Docker version information
wait Block until one or more containers stop, then print their exit codes
Run 'docker COMMAND --help' for more information on a command.
2)Docker Daemon守护进程
Docker daemon 是服务器组件,以 Linux 后台服务的方式运行,是 Docker 最核心的后台进程,我们也把它称为守护进程。它负责响应来自 Docker Client 的请求,然后将这些请求翻译成系统调用完成容器管理操作。该进程会在后台启动一个 API Server ,负责接收由 Docker Client 发送的请求,接收到的请求将通过Docker daemon 内部的一个路由分发调度,由具体的函数(API)来执行请求。这是Docker与现在最新Docker技术的差别。新的Podman等技术已经不需要守护进程了。
[root@localhost ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2020-02-27 08:43:39 CST; 20min ago
Docs: https://docs.docker.com
Main PID: 7131 (dockerd)
Tasks: 15
Memory: 46.2M
CGroup: /system.slice/docker.service
├─7131 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
└─7663 /usr/bin/docker-proxy -proto tcp -host-ip -host-port 8080 -container-ip -container-port 8080
2月 27 08:43:32 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:32.242121633+08:00" level=info msg="[graphdriver] using prior sto...erlay2"
2月 27 08:43:33 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:33.169044485+08:00" level=info msg="Loading containers: start."
2月 27 08:43:36 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:36.063072177+08:00" level=info msg="Removing stale sandbox a8dd68...4b20c)"
2月 27 08:43:36 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:36.109893697+08:00" level=warning msg="Error (Unable to complete ...ng...."
2月 27 08:43:36 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:36.263524728+08:00" level=info msg="Default bridge (docker0) is a...ddress"
2月 27 08:43:38 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:38.867209826+08:00" level=info msg="Loading containers: done."
2月 27 08:43:39 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:39.089586541+08:00" level=info msg="Docker daemon" commit=369ce74...19.03.6
2月 27 08:43:39 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:39.090205814+08:00" level=info msg="Daemon has completed initialization"
2月 27 08:43:39 localhost.localdomain dockerd[7131]: time="2020-02-27T08:43:39.568201180+08:00" level=info msg="API listen on /var/run/docker.sock"
2月 27 08:43:39 localhost.localdomain systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.

3)Docker 镜像与容器的基本操作
一 镜像操作
[root@localhost ~]# docker image --help
Usage: docker image COMMAND
Manage images
build Build an image from a Dockerfile
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Display detailed information on one or more images
load Load an image from a tar archive or STDIN
ls List images
prune Remove unused images
pull Pull an image or a repository from a registry
push Push an image or a repository to a registry
rm Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
docker pull 镜像名:tag #默认为latest
docker pull busybox
docker image ls
docker history 镜像名称 --no-trunc 全部显示
方法一: docker load -i 压缩包
方法二: docker load < 压缩包
方法一: docker save 镜像名 > 压缩包
方法二: docker save 镜像名 -o 压缩包
docker search 镜像名
docker image rm 镜像名/id
docker rmi 镜像名/ID
docker rmi -f $(docker images) 删除所有镜像
docker inspect 镜像名
docker tag 镜像:tag 镜像1:tag1
[root@localhost ~]# docker container --help
Usage: docker container COMMAND
Manage containers
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
exec Run a command in a running container
export Export a container's filesystem as a tar archive
inspect Display detailed information on one or more containers
kill Kill one or more running containers
logs Fetch the logs of a container
ls List containers
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
prune Remove all stopped containers
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
run Run a command in a new container
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
Run 'docker container COMMAND --help' for more information on a command.
docker run
--rm 退出自动删除该容器
-it 交互运行容器
--restart=always 容器挂掉自动重启
--link 添加连接到另外一个容器
docker ps 正在运行的容器
-a 全部容器
-aq 只显示id
docker rm 容器名字/id
批量删除 docker rm $(docker ps -aq)
docker stop 容器名/id
docker inspect 容器名/id
docker stats 容器名/id
docker logs 容器名/id
-f 监测
docker rename oldname newname
docker exec/attach
docker exec/attach -it 容器名/id /bin/bash
docker attach 退出终端会导致容器的停止。
docker exec:推荐大家使用 docker exec命令,因为此退出容器终端,不会导致容器的停止。
docker exec 容器名/id 命令
复制宿主机文件到容器 docker cp 文件 容器名/id:路径
复制容器内文件到宿主机 docker cp 容器名/id:文件 目标路径
docker diff 容器名/id