前言
对于理论可以看我之前的博客
链接: https://blog.csdn.net/m0_47219942/article/details/108684100.
一:环境准备
- 关闭防火墙和核心防护
[root@localhost yum.repos.d]# systemctl stop firewalld.service
[root@localhost yum.repos.d]# setenforce 0
[root@localhost yum.repos.d]# vim /etc/selinux/config
SELINUX=disabled
- 安装依赖包
[root@localhost ~]# yum install -y yum-utils device-mappeer-persistent-data lvm2
'yum-utils提供了yum-config-manager'
'device mapper存储驱动城区需要device-mapper-persistent-tata和lvm2'
'device mapper是linux2.6内核中支持逻辑卷管理的通用设备映射机制,它为实现用于存储资源管理的块设备驱动提供了一个高度模块化的内核架构'
- 设置阿里云镜像源
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@localhost yum.repos.d]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
已加载插件:fastestmirror, langpacks
adding repo from: http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
[root@localhost yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo docker-ce.repo
- 安装docker-ce
[root@localhost yum.repos.d]# yum install -y docker-ce
- 启动服务
[root@localhost yum.repos.d]# systemctl start docker.service
[root@localhost yum.repos.d]# systemctl enable docker.service
- 镜像加速
[root@localhost yum.repos.d]# cd /etc/docker/
[root@localhost docker]# ls
key.json
[root@localhost docker]# tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://yu1vx79j.mirror.aliyuncs.com"]
}
EOF
[root@localhost docker]# ls
daemon.json key.json
[root@localhost docker]# systemctl daemon-reload
[root@localhost docker]# systemctl restart docker
- 网络优化
[root@localhost docker]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1 '开启路由转发功能'
[root@localhost docker]# sysctl -p
net.ipv4.ip_forward = 1
[root@localhost docker]# service network restart
[root@localhost docker]# systemctl restart docker
二:镜像的常规操作
- 查看版本
[root@localhost docker]# docker -v '查看简化版'
Docker version 19.03.13, build 4484c46d9d
[root@localhost docker]# docker version '详细查看版本情况'
- 搜索镜像:
docker search 镜像名称
(公有仓库)
[root@localhost docker]# docker search nginx
'STATS表示星级,星级越高,说明下载的越多,越完整'
- 下载镜像:
docker pull 镜像名称
[root@localhost docker]# docker pull nginx '下载nginx镜像'
[root@localhost docker]# docker pull busybox '在下busybox'
- 查看已有镜像:
docker images
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 7 days ago 133MB
busybox latest 6858809bf669 9 days ago 1.23MB
- 获取镜像详细信息:
docker inspect 镜像ID
或者docker inspect repository:TAG
[root@localhost docker]# docker inspect 7e4d58f0e5f3
[root@localhost docker]# docker inspect nginx:latest
- 镜像下载完存放在:
/var/lib/docker
,下载的文件信息:/var/lib/docker/image/overlay2/repositories.json
[root@localhost docker]# cat /var/lib/docker/image/overlay2/repositories.json
- 为镜像添加新标签:
docker tag 仓库名:原标签 仓库名:新标签
(并不是修改原有的,而是有点像硬链接,做别名)
[root@localhost docker]# docker tag nginx:latest nginx:web
[root@localhost docker]# docker images |grep nginx
nginx latest 7e4d58f0e5f3 7 days ago 133MB
nginx web 7e4d58f0e5f3 7 days ago 133MB
- 删除标签:
docker rmi 仓库名:标签
[root@localhost docker]# docker rmi nginx:web
Untagged: nginx:web
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 7 days ago 133MB
busybox latest 6858809bf669 9 days ago 1.23MB
- 删除镜像:
docker rmi 镜像id
,删除镜像id后此镜像所有的标签都删除
[root@localhost docker]# docker rmi 7e4d58f0e5f3
Error response from daemon: conflict: unable to delete 7e4d58f0e5f3 (must be forced) - image is referenced in multiple repositories
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 7 days ago 133MB
nginx web 7e4d58f0e5f3 7 days ago 133MB
busybox latest 6858809bf669 9 days ago 1.23MB
[root@localhost docker]# docker rmi nginx:web
Untagged: nginx:web
[root@localhost docker]# docker rmi 7e4d58f0e5f3
Untagged: nginx:latest
Untagged: nginx@sha256:c628b67d21744fce822d22fdcc0389f6bd763daac23a6b77147d0712ea7102d0
Deleted: sha256:7e4d58f0e5f3b60077e9a5d96b4be1b974b5a484f54f9393000a99f3b6816e3d
Deleted: sha256:eedfd37abc0b05520a719addf6675b372687fe9a2ed1746fa988335720d4376c
Deleted: sha256:4f052ddd517f6dc5b74d2f7d881838b8ec6a5e67ec7a1da8bbbe91e1e068ad3a
Deleted: sha256:5f78154d356577280e4ac0d9bf0d021d488828e57f953b011dcbadaecd539ce4
Deleted: sha256:db5783668220e16186080f3e9d69ad748aab8c72abb8e457f6fc45369461634b
Deleted: sha256:07cab433985205f29909739f511777a810f4a9aff486355b71308bb654cdc868
'注意的是:在删除镜像之前需要先将别名的删除掉,否则会报错'
[root@localhost docker]# docker pull nginx '重新下载一下'
- 导出镜像(保存镜像)到相应目录:
docker save -o 相应目录 仓库名:标签
[root@localhost docker]# docker save -o /opt/nginx1 nginx:latest
[root@localhost docker]# ls /opt/
containerd nginx1 rh
- 导入镜像
- 方法1、
docker load < 镜像
- 方法2、
docker load --input 镜像
- 方法1、
[root@localhost docker]# docker load < /opt/nginx1
Loaded image: nginx:latest
[root@localhost docker]# docker load --input /opt/nginx1
Loaded image: nginx:latest
三:容器的常规操作
- 查看容器状态:
docker ps -a
- -a:列出所有的容器,包括未运行的容器
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- 创建容器:
docker create -it 仓库名:标签 登录环境
- -i:让容器的标准输入保持打开
- -t:让docker分配一个伪终端
[root@localhost docker]# docker create -it nginx:latest /bin/bash
aa57623d8a7d7c0bf0c8d4e47a73a488a515b1aff94a756d8277730d3f9b876b
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa57623d8a7d nginx:latest "/docker-entrypoint.…" 6 seconds ago Created mystifying_driscoll
- 启动容器:
docker start 容器id
[root@localhost docker]# docker start aa57623d8a7d
aa57623d8a7d
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa57623d8a7d nginx:latest "/docker-entrypoint.…" 4 minutes ago Up 7 seconds 80/tcp mystifying_driscoll
'看到up状态表示启动'
- 停止容器运行:
docker stop 容器id
[root@localhost docker]# docker stop aa57623d8a7d
当我们玩容器时,会产生一个docker0网卡,充当网关
[root@localhost docker]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:c6ff:fef0:f305 prefixlen 64 scopeid 0x20<link>
ether 02:42:c6:f0:f3:05 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1768 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
80端口为内部暴露端口,如果外部用户想要访问nginx,访问8080端口,通过进行docker0进行处理
client想要访问docker的话,并不会知道docker0地址,因为为私有地址,只能访问ens33地址通过路由表进行转发访问
-
登陆正在运行的容器
docker exec -it 容器id 环境
[root@localhost docker]# docker start aa57623d8a7d (一定要在up状态下登陆)
[root@localhost docker]# docker exec -it aa57623d8a7d /bin/bash
root@aa57623d8a7d:/#
root@aa57623d8a7d:/#
root@aa57623d8a7d:/# exit
exit
- 启动容器并执行命令(执行完自动退出):
docker run 镜像 环境 -c 命令(如果没哟镜像会自动下载)
[root@localhost docker]# docker pull centos:7
7: Pulling from library/centos
Digest: sha256:19a79828ca2e505eaee0ff38c2f3fd9901f4826737295157cc5212b7a372cd2b
Status: Image is up to date for centos:7
docker.io/library/centos:7
[root@localhost docker]# docker images
centos 7 7e6257c9f8d8 5 weeks ago 203MB
[root@localhost docker]# docker create -it centos:7 /bin/bash
387726b3e604646a8e1a881b3b35ed901bbe9bc77b1a268ffe5147d35a718a87
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
387726b3e604 centos:7 "/bin/bash" About a minute ago Created dazzling_liskov
[root@localhost docker]# docker start 387726b3e604
387726b3e604
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
387726b3e604 centos:7 "/bin/bash" About a minute ago Up 1 second dazzling_liskov
[root@localhost docker]# docker stop 387726b3e604
387726b3e604
[root@localhost docker]# docker rm 387726b3e604
387726b3e604
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker]# docker run centos:7 /bin/bash -c ls /
anaconda-post.log
bin
dev
etc
home
lib
lib64
media
mnt
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a3cfa395801 centos:7 "/bin/bash -c ls /" 14 seconds ago Exited (0) 14 seconds ago heuristic_euler
'这一条命令是指docker pull,docker creait -it,docker start的结合,并且执行完成,直接关闭,状态为 Exited'
- 启动容器并执行命令(持续在后台运行):
[root@localhost docker]# docker run -d centos:7 /bin/bash -c "while true;do echo hello;done"
'while做了死循环'
- 容器导出
[root@localhost docker]# docker export 4a3cfa395801 > /opt/centos7
[root@localhost docker]# ls /opt/
centos7 containerd nginx001 rh
- 容器导入(会生成镜像,而不会创建容器):
[root@localhost docker]# cat /opt/centos7 |docker import - centos7.1
sha256:264eb1561b0b83b5ca6deb2b2716b4064574bd14de23aec99f030cc657a01b28
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7.1 latest 264eb1561b0b 7 seconds ago 203MB
nginx latest 7e4d58f0e5f3 7 days ago 133MB
busybox latest 6858809bf669 9 days ago 1.23MB
centos 7 7e6257c9f8d8 5 weeks ago 203MB
centos latest 7e6257c9f8d8 5 weeks ago 203MB
paigeeworld/centos7 latest 4cbe7aa905e7 6 years ago 382MB
[root@localhost docker]# ls /opt/
centos7 containerd nginx001 rh
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a3cfa395801 centos:7 "/bin/bash -c ls /" 52 minutes ago Exited (0) 12 minutes ago heuristic_euler
aa57623d8a7d nginx:latest "/docker-entrypoint.…" About an hour ago Up 11 minutes 80/tcp mystifying_driscoll
- 当容器运行或者容器在的时候,都不能删除镜像
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7e4d58f0e5f3 7 days ago 133MB
busybox latest 6858809bf669 9 days ago 1.23MB
centos 7 7e6257c9f8d8 5 weeks ago 203MB
centos latest 7e6257c9f8d8 5 weeks ago 203MB
paigeeworld/centos7 latest 4cbe7aa905e7 6 years ago 382MB
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a6b5f34dea0b paigeeworld/centos7 "/bin/bash -c 'while…" 15 minutes ago Exited (137) 10 minutes ago objective_keldysh
4a3cfa395801 centos:7 "/bin/bash -c ls /" 47 minutes ago Exited (0) 7 minutes ago heuristic_euler
aa57623d8a7d nginx:latest "/docker-entrypoint.…" About an hour ago Up 7 minutes 80/tcp mystifying_driscoll
[root@localhost docker]# docker rmi 7e4d58f0e5f3
Error response from daemon: conflict: unable to delete 7e4d58f0e5f3 (cannot be forced) - image is being used by running container aa57623d8a7d
- 删除容器(先停止容器在删除):
docker rm 容器id
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a6b5f34dea0b paigeeworld/centos7 "/bin/bash -c 'while…" 18 minutes ago Exited (137) 13 minutes ago objective_keldysh
4a3cfa395801 centos:7 "/bin/bash -c ls /" 49 minutes ago Exited (0) 10 minutes ago heuristic_euler
aa57623d8a7d nginx:latest "/docker-entrypoint.…" About an hour ago Up 9 minutes 80/tcp mystifying_driscoll
[root@localhost docker]# docker rm a6b5f34dea0b
a6b5f34dea0b
- 批量删除(未运行的)容器:
docker ps -a |awk '{print "docker rm "$1}'|bash
[root@localhost docker]# docker ps -a |awk '{print "docker rm "$1}'| bash
Error: No such container: CONTAINER
4a3cfa395801
Error response from daemon: You cannot remove a running container aa57623d8a7d7c0bf0c8d4e47a73a488a515b1aff94a756d8277730d3f9b876b. Stop the container before attempting removal or force remove
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aa57623d8a7d nginx:latest "/docker-entrypoint.…" About an hour ago Up 14 minutes 80/tcp mystifying_driscoll