Docker入门

本文最后更新于:2023年7月11日 晚上

1. Docker 概述

开源

思想来自集装箱

隔离:Docker核心思想,打包装箱,每个箱子都是互相隔离的


在容器技术出来之前,使用的是虚拟机技术

虚拟机: 在windows中装一个VmWare,通过软件可以虚拟出来一代或多台, 但过于笨重

虚拟机也属于虚拟化技术,Docker容器技术,也是一种虚拟化技术

1
2
vm: linux centos原生镜像(相当于一台电脑) , 隔离,需要开启多个虚拟机 (,耗时)
docker: 隔离,镜像 (秒级启动)

Docker基于Go语言开发 ,开源项目

文档地址:https://docs.docker.com/

仓库地址:https://hub.docker.com/

Docker能干嘛?
  1. 虚拟机技术:

    1. 资源占用
    2. 冗余步骤多
    3. 启动慢
  2. 容器化技术

    容器化技术不是模拟一个完整的操作系统

  3. 比较不同

    1. 传统虚拟机,虚拟出一条硬件,运行一个完整的操作系统,然后再这个系统上安装和运行软件
    2. 容器内的应用直接运行在宿主机的内容,容器是没有自己的内核,也没有虚拟我们的硬件,所以轻便
    3. 每个容器互相隔离,每个容器内都有一个属于自己的文件系统,互不影响
  4. Docker优点

    DevOps(开发 、 运维)

    1. 应用更快速的交付和部署

      传统:一堆帮助文档安装程序

      Docker: 打包镜像发布测试,一件运行

    2. 更便捷的升级和扩缩容

      项目打包成一个镜像,扩展 服务器A 、 服务器B

    3. 更简单的系统运维

      在容器化之后,开发测试环境都是高度一致的

    4. 更高效的计算资源利用

      Docker 是内核级别的虚拟化,可以在一个物理机上运行很多个容器实例


Docker 安装

基本组成:
  1. 镜像(image): docker镜像好比一个模板,可以通过这个模板来创建容器服务,tomcat镜像==> run ==> tomcat01容器(提供服务器),通过这个镜像可以创建多个容器(最终服务运行或者项目运行就是在容器中)
  2. 容器(container):Docker利用容器技术,独立运行一个或者一组项目,通过镜像来创建,可以理解成建议的linux系统
  3. 仓库(repository): 存放镜像的地方,仓库分为公有仓库和私有仓库
环境查看
1
2
3
4
# 系统内核需要 3.10 以上
[root@f434 /]# uname -r
3.10.0-957.el7.x86_64

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 系统版本
[root@f434 /]# cat /etc/os-release
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"


卸载旧版本
1
yum remove docker*
需要的安装包
1
yum install -y yum-utils
设置镜像仓库(aliyun)
1
2
3
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装Docker (docker-ce --> 社区版 docker-ee --> 企业版)
1
2
3
4
# 更新软件包索引
yum makechache fast

yum install docker-ce docker-ce-cli containerd.io
启动docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
systemctl start docker

# 查看版本
docker version
[root@f434 /]# docker version
Client: Docker Engine - Community
Version: 24.0.2
API version: 1.43
Go version: go1.20.4
Git commit: cb74dfc
Built: Thu May 25 21:55:21 2023
OS/Arch: linux/amd64
Context: default

Server: Docker Engine - Community
Engine:
Version: 24.0.2
API version: 1.43 (minimum version 1.12)
Go version: go1.20.4
Git commit: 659604f
Built: Thu May 25 21:54:24 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.21
GitCommit: 3dce8eb055cbb6872793272b4f20ed16117344f8
runc:
Version: 1.1.7
GitCommit: v1.1.7-0-g860f061
docker-init:
Version: 0.19.0
GitCommit: de40ad0

运行案例
1
docker run hello-world
查看下载的hello-world 镜像
1
2
3
4
[root@f434 /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest 9c7a54a9a43c 7 weeks ago 13.3kB

卸载Docker
1
2
3
4
5
# 卸载依赖
yum remove docker-ce docker-ce-cli containerd.io

# 删除资源 (/var/lib/docker为docker的默认工作路径)
rm -rf /var/lib/docker
aliyun镜像加速
1
# 1.登录阿里云找到容器服务
回顾hello-wolrd

run的运行流程图

image-20230626175630910

底层原理

Docker是怎样工作的?

Docker是一个Client-Server结构的系统,Docker的守护进程运行在主机上,通过Socker从客户端访问

DockerServer 接收到Dockers-Client的指令,就会执行这个命令

image-20230626181117207

Docker为什么比VM快
  1. Docker有着比虚拟机更少的抽象层‘

  2. Docker 利用的宿主机的内核,VM需要的是Guest OS

    image-20230626181526578

  3. 新建一个容器的时候,Docker不需要像虚拟机一样重新加载一个操作系统内核,避免引导,虚拟机是加载 Guest OS , 分钟级别,而Docker是利用宿主机的操作系统,省略了虚拟机的复杂过程 ,秒级

Docker的常用命令

帮助命令

1
2
3
docker version          # 显示docker的版本信息
docker info # 显示docker的系统信息
docker command --help # 万能命令

帮助文档地址: https://docs.docker.com/engine/reference/

镜像命令

docker images 查看所有本地的主机上的镜像
1
2
3
4
5
6
7
8
9
10
11
12
13
14
[root@f434 /]# docker images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest 9c7a54a9a43c 7 weeks ago 13.3kB

#解释
REPOSITORY 镜像的仓库源
TAG 镜像的标签
IMAGE ID 镜像的ID
CREATED 镜像的创建时间
SIZE 镜像的大小

#可选项
-a, --all # 列出所有的镜像
-q, --quiet # 只显示镜像的ID
docker search 搜索镜像
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
docker search mysql
[root@f434 /]# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 14258 [OK]
mariadb MariaDB Server is a high performing open sou… 5449 [OK]
percona Percona Server is a fork of the MySQL relati… 616 [OK]
phpmyadmin phpMyAdmin - A web interface for MySQL and M… 827 [OK]
bitnami/mysql Bitnami MySQL Docker Image 90 [OK]


#可选项 通过收藏来过滤
-f, --filter filter Filter output based on conditions provided
--format string Pretty-print search using a Go template
--limit int Max number of search results
--no-trunc Don't truncate output
-filter=STARS=3000 #搜索出来的镜像就是STARS大于3000的


[root@f434 /]# docker search mysql --filter=stars=5000
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 14258 [OK]
mariadb MariaDB Server is a high performing open sou… 5449 [OK]
[root@f434 /]#

docker pull 下载镜像
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#下载镜像 docker pull 镜像名[:tag]
[root@f434 /]# docker pull mysql
Using default tag: latest # 如果不写 tag , 默认就是 latest
latest: Pulling from library/mysql
46ef68baacb7: Pull complete # 分层下载,docker image的核心,联合文件系统
94c1114b2e9c: Pull complete
ff05e3f38802: Pull complete
41cc3fcd9912: Pull complete
07bbc8bdf52a: Pull complete
6d88f83726a9: Pull complete
cf5c7d5d33f7: Pull complete
9db3175a2a66: Pull complete
feaedeb27fa9: Pull complete
cf91e7784414: Pull complete
b1770db1c329: Pull complete
Digest: sha256:15f069202c46cf861ce429423ae3f8dfa6423306fbf399eaef36094ce30dd75c # 签名(防伪标志)
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址

# docker pull mysql <===等价于===> docker pull docker.io/library/mysql:latest

#指定版本下载 docker pull mysql:5.7

[root@f434 /]# docker pull mysql:5.7
5.7: Pulling from library/mysql
70e9ff4420fb: Pull complete
7ca4383b183f: Pull complete
3e282e7651b1: Pull complete
1ffa0e0ca707: Pull complete
6eb790cf6382: Pull complete
2b7ffc37d8e9: Pull complete
4393c12228b9: Pull complete
389d2c130d52: Pull complete
e5df3caef94c: Pull complete
5c6aa409290d: Pull complete
faa350980ea9: Pull complete
Digest: sha256:bd873931ef20f30a5a9bf71498ce4e02c88cf48b2e8b782c337076d814deebde
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7

docker rmi 删除镜像
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
[root@f434 /]# docker rmi -f 镜像id                          # 删除指定的容器
[root@f434 /]# docker rmi -f 镜像id 镜像id 镜像id 镜像id # 删除多个容器
[root@f434 /]# docker rmi -f $(docker images -aq) # 删除所有容器


[root@f434 /]# docker rmi 91b53e2624b4
Untagged: mysql:latest
Untagged: mysql@sha256:15f069202c46cf861ce429423ae3f8dfa6423306fbf399eaef36094ce30dd75c
Deleted: sha256:91b53e2624b431e562ed9076a9a506c5e78387f2cb4dad5968fd51ade839baa1
Deleted: sha256:29fe1268c0126fd9958677211dc48660a1b1ab4ad95560a0974950feddafb488
Deleted: sha256:f271de7413df4881b2d3607b62453c1c06dd9064fc1d93c5b1d3608381b4b94d
Deleted: sha256:974dc031751c2282d328963dc22bfc52cc1cfca840091207026c3218d1b6dff0
Deleted: sha256:504a7a1d5454b3a4f46f81e2e25219d130302ffbdfe0f1cd0a161715f1926285
Deleted: sha256:cbfdbb307419ced9a481e2076c692a1e3ecb1da3e4069a8ea6486c2829e7d65d
Deleted: sha256:0cc534805f7a13b6a3e1c8853fc8e483c8805e8cfe7de93da140364f20627cb6
Deleted: sha256:6e01ff5e5d41ba0fdd448cef4d4acb3ca236ff967f93e14088232d6423ff8cd4
Deleted: sha256:c3e4c2eacde3a513df33b165fe0e0ee5a2b278c70f9e30545c6525891c116915
Deleted: sha256:3d55a06407299c38dc4b3ab7d5c9aeb050c7538121f9617fa3fb5fd3bc2af277
Deleted: sha256:91c495d5f32a501a8b966be1b97fbfc1df2810f7198de113b9b0d661c5e7714c
Deleted: sha256:fa499cc7379fed2c60f59713f71ddda8a68227be84f612f6c1d197e3da1bf4ae


# $(作为参数传递)
# -f 递归删除
[root@f434 /]# docker rmi -f $(docker images -aq)
Untagged: mysql:5.7
Untagged: mysql@sha256:bd873931ef20f30a5a9bf71498ce4e02c88cf48b2e8b782c337076d814deebde
Deleted: sha256:2be84dd575ee2ecdb186dc43a9cd951890a764d2cefbd31a72cdf4410c43a2d0
Deleted: sha256:6e73b9eb85de983b8f09dc8343a2f857446e3b8d6dfe524ef7229fa3a43429e9
Deleted: sha256:0598435d4168d38c687dc6eddb5c400a4d61c7473ae0075199149d2a267aa343
Deleted: sha256:c515cbd5c65ac47b8db1f823a1dc8b7dc6a2e48f71ce34afa982823a45638000
Deleted: sha256:6fca8af01449e3945162148d6779eff3d6ad5a2c3b03a2047189a2a80fd515a6
Deleted: sha256:e609b760ab615fc06e0f146d70bddd2237ef77492a09c70034d99dc418aedd78
Deleted: sha256:fb81140926f6e013a31b6fbd4642f70b81a2f164bd7922eb4f25d85bfb379323
Deleted: sha256:422c4721f357ead3754ea1b3a630d5334a93db6a5d3d41642778e50194e5e9b4
Deleted: sha256:3356622c341e34d779294e5c450424a43bd6f55538a1dbbbdd30489f33315764
Deleted: sha256:10213d78b510219f6cf8e143c99d29db6ba8dc6bea318ae9c812ea5948805b39
Deleted: sha256:82afa988bdb62c2f462d0d88e709afaf7b529cc944ea5197633c875e2a70636f
Deleted: sha256:616461b0543d6905f05f2b384bc403d268886c8845a6de09629a2b022388c830
Untagged: hello-world:latest
Untagged: hello-world@sha256:a13ec89cdf897b3e551bd9f89d499db6ff3a7f44c5b9eb8bca40da20eb4ea1fa
Deleted: sha256:9c7a54a9a43cca047013b82af109fe963fde787f63f9e016fdc3384500c2823d

容器命令

有了镜像才可以创建容器

以centos 为例 docker pull centos

新建容器并启动
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
docker run [可选参数] image

# 参数说明
--name="name" 容器名称 , 用来区分容器
-d 后台方式运行
-it 使用交互方式运行,进入容器查看内容
-P 指定容器的端口 -P 8080:8080
-P ip:主机端口:容器端口
-p 主机端口:容器端口
-p 容器端口
容器端口
-p 随即指定端口


# 测试 , 启动并进入容器
[root@f434 /]# docker run -it centos
[root@e4e4e5f586ab /]#


列出所有运行的容器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
# docker ps
# 列出当前正在运行的容器
-a # 列出当前正在运行的容器+带出历史运行过的容器
-n=? # 显示最近创建过的容器 -n=个数
-q # 只显示容器的编号

[root@f434 /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@f434 /]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2162ba1f41d6 91b53e2624b4 "docker-entrypoint.s…" 5 minutes ago Exited (1) 5 minutes ago unruffled_jackson



退出容器
1
2
3
4
5
6
7
8
9
10
11
exit          # 退出并停止容器
Ctrl + P + Q # 不停止并退出容器

[root@f434 /]# docker run -it centos
[root@d2d4fbb29ce2 /]#
[root@d2d4fbb29ce2 /]# [root@f434 /]#
[root@f434 /]#
[root@f434 /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2d4fbb29ce2 centos "/bin/bash" 15 seconds ago Up 14 seconds festive_mahavira

删除容器
1
2
3
docker rm 容器ID                      # 删除指定的容器 , 不能删除正在运行的容器 , 强制删除 rm -f
docker rm -f $(docker ps -qa) # 删除所有的容器
docker ps -a -q | xargs docker rm # 删除所有的容器
启动和停止容器的操作
1
2
3
4
docker start 容器ID     # 启动容器
docker restart 容器ID # 重启容器
docker stop 容器ID # 停止当前正在运行的容器
docker kill 容器ID # 强制停止当前容器

常用其他命令

后台启动容器
1
2
3
4
5
6
7
# 命令 docker run -d 镜像名
[root@f434 /]# docker run -d centos
504778e38c3cba76e1c7eeb65b4e027781df11b98080eab0b2d3c74d4c1d654a

# 问题:docker ps,发现 centos 停止
# docker 容器使用后台运行,容器内必须要有一个前台进程,docker没有发现,就会自动停止
# nginx, 容器启动后,发现没有提供服务,就会立刻停止,
查看日志
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
docker logs -t -f --tail 容器id  发现容器没有日志

# 尝试自己编写脚本
"while true; do echo f434; sleep 1;done"

# 查看容器ID
[root@f434 /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f133c7d76bf0 centos "/bin/sh -c 'while t…" 2 minutes ago Up 2 minutes exciting_gates


#显示日志
-ft # 显示日志
--tail number # 要显示日志的条数
[root@f434 /]# docker logs -t -f --tail 10 f133c7d76bf0
2023-06-26T13:13:26.906334949Z f434 sleep 1
2023-06-26T13:13:26.906336872Z f434 sleep 1
2023-06-26T13:13:26.906338849Z f434 sleep 1

查看容器中的进程信息
1
2
3
4
5
6
7
# top 命令

[root@f434 /]# docker top f133c7d76bf0
UID PID PPID C STIME TTY TIME CMD
root 9170 9150 99 21:04 ? 00:12:11 /bin/sh -c while true ; do echo f434 sleep 1; done
[root@f434 /]#

查看镜像的元数据
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208

[root@f434 /]# docker inspect f133c7d76bf0
[
{
"Id": "f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c",
"Created": "2023-06-26T13:04:56.741022173Z",
"Path": "/bin/sh",
"Args": [
"-c",
"while true ; do echo f434 sleep 1; done"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 9170,
"ExitCode": 0,
"Error": "",
"StartedAt": "2023-06-26T13:04:57.013701385Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"ResolvConfPath": "/var/lib/docker/containers/f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c/hostname",
"HostsPath": "/var/lib/docker/containers/f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c/hosts",
"LogPath": "/var/lib/docker/containers/f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c/f133c7d76bf05fb438ff6d51326f4516d086166e148407543fac9d55310bbe4c-json.log",
"Name": "/exciting_gates",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
27,
164
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/d95dc7cbe6338ef067d0535944dd647d00cc1d87f9aeb7678305f73cd611d039-init/diff:/var/lib/docker/overlay2/d699d3c8f20c014846d8071de63bf44c411aa10255a634ca88d200346969ca6c/diff",
"MergedDir": "/var/lib/docker/overlay2/d95dc7cbe6338ef067d0535944dd647d00cc1d87f9aeb7678305f73cd611d039/merged",
"UpperDir": "/var/lib/docker/overlay2/d95dc7cbe6338ef067d0535944dd647d00cc1d87f9aeb7678305f73cd611d039/diff",
"WorkDir": "/var/lib/docker/overlay2/d95dc7cbe6338ef067d0535944dd647d00cc1d87f9aeb7678305f73cd611d039/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "f133c7d76bf0",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/sh",
"-c",
"while true ; do echo f434 sleep 1; done"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20210915",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "4e6de510e4aa58b344a5b8ed87b0772c35648deec54dfa3bb9b4157ec70ff5d8",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/4e6de510e4aa",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "8ea3573db40507857d2a3ec1dd8cde68979249de19fbff8281acd2423c645c57",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "7c021d6754f952673d6a17cb0c3e883e82ef7a5cb6cce00a51bf5345b425a91a",
"EndpointID": "8ea3573db40507857d2a3ec1dd8cde68979249de19fbff8281acd2423c645c57",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]

进入当前正在运行的容器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# 通常容器都是使用后台方式运行的 ,需要进入容器,修改一些配置

#命令
docker exec -it 容器id bashshell
[root@f434 /]# docker exec -it f133c7d76bf0 /bin/bash
[root@f133c7d76bf0 /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var

# 方式二
docker attach 容器id

[root@f434 ~]# docker attach 67c2a48052dd
当前正在执行的代码......


# docker exec # 进入容器后开启一个新的终端 , 可以在里面执行操作
# docker attach # 进入容器正在执行的终端,不会启动新的进程
从容器内拷贝文件到主机上
1
2
3
4
5
6
docker cp

[root@f434 opt]# docker cp 67c2a48052dd:/opt/test.txt /opt/
Successfully copied 2.05kB to /opt/

# 拷贝为手动过程 ,之后使用 -v 卷的技术 ,可以实现

Docker镜像

轻量级可执行的独立软件包,用来打包软件运行环境和基于运行环境开发的软件,包含代码、运行时、库、环境变量等

Docker镜像加载原理

UnionFS(联合文件系统): 分层、轻量级并且高性能的文件系统,支持对文件系统的修改作为一次提交来一层层的叠加

commit镜像

1
2
3
4
5
6
7
8
9
10
docker commit 提交容器成为一个新的副本
docker commit -m="描述信息" -a="作者" 容器id 镜像名[:TAG]


[root@f434 ~]# docker commit -m="testCommit" -a="f434" fbe4b49251ed tommcatbywebapps:1.0
sha256:393993e891207ffb892a5493ceaced586be0bbe69db1ad8d104c7a7807c8ce7c
[root@f434 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
tommcatbywebapps 1.0 393993e89120 8 seconds ago 480MB


Docker 容器数据卷

目录的挂载,将我们容器内的目录,挂载到宿主机上

目的:容器的持久化和同步操作 , 实现各容器之间数据共享

使用

  1. 使用命令来直接挂载

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    docker -it -v 主机目录:容器内目录


    #测试 /home/test宿主机 /home容器
    [root@f434 ~]# docker run -it -v /home/test:/home centos /bin/bash

    [root@f434 test]# docker inspect 72e9c582a13d
    "Mounts": [
    {
    "Type": "bind",
    "Source": "/host/test", # 宿主机地址
    "Destination": "/home/test", # docker容器内地址
    "Mode": "",
    "RW": true,
    "Propagation": "rprivate"
    }
    ],


MySQL同步数据案例

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# 下载
docker pull mysql:5.7

# 运行容器 , 需要做数据挂载
# -d 后台运行
# -p 端口映射
# -v 数据挂载
# -e 环境配置
# --name 容器名称
[root@f434 ~]# docker run -d -p 3306:3306 -v /home/mysql/conf:/etc/mysql/conf.d \
-v /home/mysql/data:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=123456 \
--name mmysql57 mysql:5.7

具名和匿名挂载

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# 匿名挂载
# -v 容器内路径
# -P 随机分配宿主机端口
docker run -d -P --name nginx01 -v /etc/nginx nginx


# 查看所有卷(volume)的情况
[root@f434 data]# docker volume ls
DRIVER VOLUME NAME
local 43c1d4a4326bc5a74d5469068d51d1b8ca527068ace0ab87f6a0760d8867d931
local 261c75b7015347c2abd01543747f3941c32e16e5a44e4176166ddbfa71d8f6eb
local a5d2e7339a2c75db35407a4e84dedd439724e30ee8fa76cf6697546bd6efa268
# 匿名挂载 : 只写了容器内的路径 , 没有宿主机的路径


# 具名挂载
[root@f434 data]# docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx nginx
804a69b5a3cfc91338c4dfe1212ae33bbf5d776e1ed33ddcd1c4ff67ffef7bda
[root@f434 data]# docker volume ls
DRIVER VOLUME NAME
local juming-nginx
[root@f434 data]#

docker容器内的卷 , 没有指定目录的情况下都在 /var/lib/docker/volumes/xxxx/_data

通过具名挂载可以方便的找到一个卷 , 大多数情况下使用具名挂载

1
2
3
4
5
# 如何确定匿名挂载 / 具名挂载
-v 容器内路径 # 匿名挂载(/var/lib/docker/volumes/xxxxxxxxx)
-v 卷名:容器内路径 # 具名挂载(/var/lib/docker/volumes/卷名)
-v /宿主机路径:容器内路径 # 指定路径挂载

拓展

1
2
3
4
5
6
7
8
9
10
# 通过 -v 容器内路径:ro rw 改变读写权限

ro readonly 只读
rw readwrite 读写

[root@f434 data]# docker run -d -P --name nginx02 -v juming-nginx:/etc/ngin:ro nginx
[root@f434 data]# docker run -d -P --name nginx02 -v juming-nginx:/etc/nginx:rw nginx


# ro 只要看到ro就说明这个路径下的文件只能通过宿主机来修改 ,容器内无法修改

DockerFile初识

用来构建docker镜像的构建文件,命令脚本

通过这个脚本可以生成镜像,镜像是一层一层的,脚本对应一个个的命令,每个命令就是一层

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# 创建dockerfile文件
# 文件内容 指令(大写) 参数

FROM centos

VOLUME ["volume01" , "volume02"]

CMD echo "---------end----------"

CMD /bin/bash

# 每个命令就是镜像的一层


这种方式使用多,通常会构建自己的镜像

假设构建镜像时没有挂载卷 , 就手动挂载卷 -v 卷名:容器内路径

数据卷容器

1
2
3
4
5
6
# centos01
docker run -it --name centos01 centos
# centos02
docker run -it --name centos02 --volumes-from centos01 centos

# 被继承的容器删除后 , 其子类的数据不受影响

容器之间配置信息的传递,数据卷容器的生命周期一直持续到没有容器使用为止

但一到持久化到了本地,这个时候,本地数据不会被删除

DockerFile

dockerfile 是用来构建docker镜像的文件,命令参数脚本

构建步骤

  1. 编写dockerfile文件
  2. docker build 构建成为一个镜像
  3. docker run 运行镜像
  4. docker push 发布镜像(DockerHub , 阿里云镜像仓库)

DockerFile构建过程

1. 基础知识:
  1. 保留字(指令)建议大写
  2. 从上到下顺序执行
  3. #表示注释
  4. 每一个指令都会创建提交一个新的镜像层,并提交

image-20230705142853575

  1. dockerfile 是面向开发的,需要发布项目,做镜像就需要编写dockerfile文件,这个文件十分简单

DockerFile的指令

1
2
3
4
5
6
7
8
9
10
11
12
FROM         # 基础镜像,一切从这里开始构建
MAINTAINER # 镜像作者, 姓名 + 邮箱
RUN # 镜像构建时需要运行的命令
ADD # 添加内容(tomcat , mysql)
WORKDIR # 镜像的工作目录
VOLUME # 挂载的目录
EPOSE # 暴露端口
CMD # 容器启动后需要运行的命令 , 只有最后一条指令会生效 , 可以被替代
ENTRYPOINT # 容器启动后需要运行的命令,可以追加命令
ONBUILD # 构建一个继承dockerfile,就会执行ONBULILD指令,属于触发指令
COPY # 类似ADD,将文件拷贝到镜像中
ENV # 构建的时候设置环境变量

尝试

  1. 编写dockerfile文件

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    FROM centos:7

    MAINTAINER f434<3560597174@qq.com>

    ENV MYPATH /usr/local/src

    WORKDIR $MYPATH

    RUN yum install -y vim
    RUN yum install -y net-tools

    EXPOSE 80

    CMD echo $MYPATH
    CMD echo "-----success--------"
    CMD /bin/bash
  2. 构建镜像

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    # 命令 docker build -f dockerfile文件路径 -t 镜像名:[TAG]
    [root@slave2 docker-test-volume]# docker build -f dockerfilebycentos -t mycentos:1 .
    [+] Building 111.0s (8/8) FINISHED
    => [internal] load build definition from dockerfilebycentos 0.0s
    => => transferring dockerfile: 323B 0.0s
    => [internal] load .dockerignore 0.0s
    => => transferring context: 2B 0.0s
    => [internal] load metadata for docker.io/library/centos:7 3.8s
    => [1/4] FROM docker.io/library/centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4 16.2s
    => => resolve docker.io/library/centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4 0.0s
    => => sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4 1.20kB / 1.20kB 0.0s
    => => sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f 529B / 529B 0.0s
    => => sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9 2.75kB / 2.75kB 0.0s
    => => sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc 76.10MB / 76.10MB 10.2s
    => => extracting sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc 5.7s
    => [2/4] WORKDIR /usr/local/src 0.0s
    => [3/4] RUN yum install -y vim 87.3s
    => [4/4] RUN yum install -y net-tools 2.5s
    => exporting to image 1.2s
    => => exporting layers 1.2s
    => => writing image sha256:c242a45ec2c48d136bb676bc13772539cced4c75747533551dc6aa8f6ed5f3c6 0.0s
    => => naming to docker.io/library/mycentos:1

  3. 测试运行

    1
    2
    3
    [root@slave2 docker-test-volume]# docker run -it c242a45ec2c4
    [root@0a4b9d7785ee src]# pwd
    /usr/local/src
  4. 查看构建记录

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    [root@slave2 docker-test-volume]# docker history c242a45ec2c4
    IMAGE CREATED CREATED BY SIZE COMMENT
    c242a45ec2c4 9 minutes ago CMD ["/bin/sh" "-c" "/bin/bash"] 0B buildkit.dockerfile.v0
    <missing> 9 minutes ago CMD ["/bin/sh" "-c" "echo \"-----success----… 0B buildkit.dockerfile.v0
    <missing> 9 minutes ago CMD ["/bin/sh" "-c" "echo $MYPATH"] 0B buildkit.dockerfile.v0
    <missing> 9 minutes ago EXPOSE map[80/tcp:{}] 0B buildkit.dockerfile.v0
    <missing> 9 minutes ago RUN /bin/sh -c yum install -y net-tools # bu… 185MB buildkit.dockerfile.v0
    <missing> 9 minutes ago RUN /bin/sh -c yum install -y vim # buildkit 269MB buildkit.dockerfile.v0
    <missing> 10 minutes ago WORKDIR /usr/local/src 0B buildkit.dockerfile.v0
    <missing> 10 minutes ago ENV MYPATH=/usr/local/src 0B buildkit.dockerfile.v0
    <missing> 10 minutes ago MAINTAINER f434<3560597174@qq.com> 0B buildkit.dockerfile.v0
    <missing> 21 months ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
    <missing> 21 months ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
    <missing> 21 months ago /bin/sh -c #(nop) ADD file:b3ebbe8bd304723d4… 204MB

CMD 和 ENTRYPOINT的区别

1
2
CMD          # 容器启动后需要运行的命令 , 只有最后一条指令会生效 , 可以被替代
ENTRYPOINT # 容器启动后需要运行的命令,可以追加命令
比较
  1. CMD

    1
    2
    3
    FROM centos:7
    CMD ["ls" , "-a"]

    问题: 不能直接追加参数 , 需要写全ls -al

  2. ENTRYPOINT

    1
    2
    FROM centos:7
    ENTRYPOINT ["ls"]

    可动态的追加参数

    1
    docker run centosbyentrypoint:1 -a

    制作tomcat镜像

    1. 镜像文件(tomcat , jdk)

      1
      2
      3
      4
      5
      6
      [root@slave2 soft]# 
      [root@slave2 soft]# ll
      total 200892
      -rw-r--r--. 1 root root 10717836 Jul 5 04:14 apache-tomcat-8.5.90.tar.gz
      -rw-r--r--. 1 root root 194990602 Jul 5 04:16 jdk-8u211-linux-x64.tar.gz

    2. 编写dockerfile文件

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      22
      23
      24
      25
      FROM centos:7
      MAINTAINER f434<2560597174@qq.com>

      ADD jdk-8u211-linux-x64.tar.gz /usr/local/src
      ADD apache-tomcat-8.5.90.tar.gz /usr/local/src

      RUN yum install -y vim

      ENV MYPATH /usr/local/src
      WORKDIR $MYPATH


      #jdk
      ENV JAVA_HOME /usr/local/src/jdk1.8.0_211
      ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar

      # tomcat
      ENV CATALINA_HOME /usr/local/src/apache-tomcat-8.5.90
      ENV CATALINA_BASH /usr/local/src/apache-tomcat-8.5.90

      ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA:_HOME/bin:$CATALINA_HOME/lib

      EXPOSE 8080

      CMD /usr/local/src/apache-tomcat-8.5.90/bin/startup.sh && tail -F /usr/lcoal/src/apache-tomcat-8.5.90/bin/logs/catalina.out
    3. 构建

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      [root@slave2 soft]# docker build -f /opt/soft/dockerfilebytomcat -t mytomcat:1 .
      [+] Building 92.8s (10/10) FINISHED
      => [internal] load .dockerignore 0.0s
      => => transferring context: 2B 0.0s
      => [internal] load build definition from dockerfilebytomcat 0.0s
      => => transferring dockerfile: 749B 0.0s
      => [internal] load metadata for docker.io/library/centos:7 0.9s
      => CACHED [1/5] FROM docker.io/library/centos:7@sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d648741 0.0s
      => [internal] load build context 0.8s
      => => transferring context: 205.76MB 0.7s
      => [2/5] ADD jdk-8u211-linux-x64.tar.gz /usr/local/src 3.1s
      => [3/5] ADD apache-tomcat-8.5.90.tar.gz /usr/local/src 0.2s
      => [4/5] RUN yum install -y vim 86.2s
      => [5/5] WORKDIR /usr/local/src 0.0s
      => exporting to image 1.5s
      => => exporting layers 1.5s
      => => writing image sha256:a34a00e6b38c0a00769499a1d8eb4d30b47649441b28ead1fb101fe7f29cf2b3 0.0s
      => => naming to docker.io/library/mytomcat:1
    4. 运行容器

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      12
      [root@slave2 soft]# docker run -it mytomcat:1
      Using CATALINA_BASE: /usr/local/src/apache-tomcat-8.5.90
      Using CATALINA_HOME: /usr/local/src/apache-tomcat-8.5.90
      Using CATALINA_TMPDIR: /usr/local/src/apache-tomcat-8.5.90/temp
      Using JRE_HOME: /usr/local/src/jdk1.8.0_211
      Using CLASSPATH: /usr/local/src/apache-tomcat-8.5.90/bin/bootstrap.jar:/usr/local/src/apache-tomcat-8.5.90/bin/tomcat-juli.jar
      Using CATALINA_OPTS:
      Tomcat started.
      tail: cannot open '/usr/lcoal/src/apache-tomcat-8.5.90/bin/logs/catalina.out' for reading: No such file or directory
      tail: cannot watch parent directory of '/usr/lcoal/src/apache-tomcat-8.5.90/bin/logs/catalina.out': No such file or directory
      tail: inotify cannot be used, reverting to polling


Docker入门
http://example.com/2023/07/02/Docker入门/
作者
F434
发布于
2023年7月2日
更新于
2023年7月11日
许可协议