Docker container management
Create a container : docker create -it centos6 bash //This can create a container, but the container is not started, and docker ps cannot see it. You need docker ps -a to see
[root@awei-01 ~]# docker create -it centos6 bash 55a10d72564eecca7e11d9ed1d5950109e972a51a2c717102e7eca5a5d52f6df [root@awei-01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [#root You must add the "-a" option to see it, because it did not start CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 55a10d72564e centos6 "bash" 11 seconds ago Created elated_kepler [root@awei-01 ~]# docker exec -it 55a10d72564e bash ##Not started so I can't get in Error response from daemon: Container 55a10d72564eecca7e11d9ed1d5950109e972a51a2c717102e7eca5a5d52f6df is not running
Start the container : docker start container_id //After starting the container, you can use docker ps to see that if there is start, there is stop, and restart
[root@awei-01 ~]# docker start 55a10d72564e 55a10d72564e [root@awei-01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 55a10d72564e centos6 "bash" About a minute ago Up 11 seconds elated_kepler
ps: The docker run we used before is equivalent to create and then start
Enter the container and no longer run in the background: docker run -it centos bash
If you exit the container directly, docker ps will not be able to see it because it will not run in the background without the d option. If you exit with ctrl+d, you will exit directly. In this way, we can run some commands in a virtual terminal. Use the command exit or ctrl d to exit the bash, and the container will stop after exiting.
Run the container in the background : docker run -d plus the "-d" option allows the container to run in the background
You can also script an infinite loop (which is rarely used): docker run -d centos bash -c "while :; do echo "123"; sleep 2; done"
Custom name to start the container : docker run --name Custom name -itd to start the image bash //
[root@awei-01 ~]# docker run --name awei -itd centos6 bash d8ba554eae2df6254945e3ce21b09d9f252fba98fba13872ea31c69240ae364c [root@awei-01 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d8ba554eae2d centos6 "bash" 12 seconds ago Up 12 seconds awei 55a10d72564e centos6 "bash" 22 minutes ago Up 20 minutes elated_kepler
Can enter the container directly by name
[root@awei-01 ~]# docker exec -it awei bash [root@d8ba554eae2d /]#
Start the container and execute the command : docker run --rm -it centos bash -c "sleep 30" //--rm can delete the container directly after exiting, here the container will exit after executing the command
View container logs : docker logs container_id can get the running history information of the container, the usage is as follows
docker attach can enter a container running in the background, such as
docker attach container_id //But the attach command is not easy to use. For example, if we want to exit the terminal, we have to exit, so that the container will exit. There is another way
Enter the container
docker exec -it container_id bash //You can temporarily open a virtual terminal, and after exit, the container is still running
Delete container
docker rm container_id //container_id is checked when ps, so you can delete the container, if it is a running container, you can add -f
Export container
docker export container_id> file.tar // Export the container, which can be migrated to other machines and needs to be imported
Import container
cat file.tar |docker import-aming_test //This will generate a mirror of aming_test
Docker warehouse management
Because whether you are pulling the mirror or uploading the mirror by push, it is in the official public warehouse. For privacy, we can create our own private warehouse.
Create a private warehouse method:
Download the registry image: docker pull registry //registy is an official image provided by docker, which can run a container, and we can use it to create a local docker private warehouse.
Start the registry image as a container: docker run -d -p 5000:5000 registry //-p will map the port of the container to the host machine,: the left side is the host listening port, and the right side is the container listening port
[root@localhost ~]# docker run -d -p 5000:5000 registry WARNING: IPv4 forwarding is disabled. Networking will not work. b31501bfcb453be61b2d0da0589d9c0fbc36c4a954967deeb86d112552bc99c2 [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b31501bfcb45 registry "/entrypoint.sh /etc…" 40 seconds ago Up 19 seconds 0.0.0.0:5000->5000/tcp gifted_bhabha
Visit the warehouse : curl 127.0.0.1:5000/v2/_catalog //This warehouse is temporarily empty, you need to upload a mirror image
[root@localhost ~]# curl 127.0.0.1:5000/v2/_catalog {"repositories":[]}
How to upload the image to the private warehouse:
First tag the image you want to upload
Format: docker tag image name to be tagged Host IP: host port/tag name
docker tag centos6 192.168.238.128:5000/centos6 //Mark the tag, you must have the ip:port of the private warehouse
Push the marked image to the private warehouse
docker push 192.168.238.128:5000/centos6
At this time, it will not succeed and report an error (because he wants to use the https address by default)
[root@localhost ~]# docker push 192.168.238.128:5000/centos6 Using default tag: latest The push refers to repository [192.168.238.128:5000/centos6] Get https://192.168.238.128:5000/v2/: http: server gave HTTP response to HTTPS client
Change the configuration file and change vi /etc/docker/daemon.json// to the following parameters (the address of the private warehouse, because it uses https by default but we want to use http)
{ "insecure-registries":["192.168.18.128:5000"] }
重启docker:systemctl restart docker
Start registry: id of docker start registry
Push again
docker push 192.168.238.128:5000/centos
[root@localhost ~]# docker push 192.168.238.128:5000/centos6 Using default tag: latest The push refers to repository [192.168.238.128:5000/centos6] 0a2f11f7b1ef: Pushed latest: digest: sha256:aaa6c8af8eaa472d66066727f791c89fc3adff67495c5ae67b79fc7d0ec79bd8 size: 529
curl 127.0.0.1:5001/v2/_catalog //You can view the pushed image
[root@localhost ~]# curl 127.0.0.1:5000/v2/_catalog {"repositories":["centos6"]}
Other hosts download and use private warehouse methods :
You can also download the image you just uploaded to your own warehouse on other hosts. First, the server must have a docker program, and then docker pull group host ip: port/image name.
Configure the ip address of the /etc/docker/daemon.json configuration file, configure it as a warehouse server, and then you can pull it
Docker data management
Because your container is opened by a mirror, when you write new data or update new data in the container, if you delete the mirror or close the data, the data will be deleted, which is a certain risk
Solution: You can mount a directory of the host machine into the container, and then it will write to the host machine's disk when you write data
Mount the local directory to the container
docker run -tid -v /data/:/data centos bash //-v 用来指定挂载目录,:前面的/data/为宿主机本地目录,:后面的/data/为容器里的目录,会在容器中自动创建
挂载数据卷
其实我们挂载目录的时候,可以指定容器name,如果不指定就随机定义了。比如上面我们没有指定,它就生成了一个名字为relaxed_franklin,这个名字可以使用命令 docker ps 看最右侧一列
我们开启一个新的镜像,并指定一个之前可共享的容器:
docker run -itd --volumes-from 共享容器名 要启动的容器名 bash
--volumes-from:指定共享的容器名,其实就是一个数据卷容器 relaxed_franklin:容器名 aming123:新开启的容器叫什么
这样,我们使用aming123镜像创建了新的容器,并且使用了 relaxed_franklin 容器的数据卷
创建数据卷容器
有时候,我们需要多个容器之间相互共享数据,类似于linux里面的NFS,所以就可以搭建一个专门的数据卷容器,然后其他容器直接挂载该数据卷。
首先建立数据卷容器
-v选项:共享目录
docker run -itd -v /data/ --name testvol centos bash //注意这里的/data/是容器的/data目录,并非本地的/data/目录。这样加-v选项意思就是把容器的data目录共享出来
然后让其他容器挂载该数据卷
docker run -itd --volumes-from testvol aming123 bash
小结:-v选项的两种用法
第一种是挂载映射的作用:-v /data/:/data 把宿主机的data目录挂载到容器里的data目录上
第二种是把容器的某个盘共享出来:-v /data/ 把容器的data目录共享出来当数据卷使用
分享的目录是什么,那挂载的目录就是什么,我分享的是data目录,如果我其中一个容器是data,另一个想是home怎么办,做软连接
软连接:ln -s /data/ /home/
Docker数据卷的备份与恢复
适用于数据卷容器没有映射宿主机目录的情况下
备份
创建目录:mkdir /data/backup (宿主机)
docker run --volumes-from testvol -v /data/backup/:/backup centos tar cvf /backup/data.tar /data/
说明:首先我们需要使用testvol数据卷新开一个容器,同时我们还需要把本地的/vol_data_backup/目录挂载到该容器的/backup下,这样在容器中/backup目录里面新建的文件,我们就可以直接在/data/backup/目录中看到了。 然后再把/data/目录下面的文件打包到成data.tar文件放到/backup目录下面。
恢复
思路: 先新建一个数据卷容器,再建一个新的容器并挂载该数据卷容器,然后再把tar包解包。
新建数据卷容器:docker run -itd -v /data/ --name testvol2 centos bash
挂载数据卷新建容器,并解包:docker run --volumes-from testvol2 -v /data/backup/:/backup centos tar xf /backup/data.tar
1机器共享出/data/目录
2机器在开启的时候使用1镜像创建了新的容器,挂载了1机器的数据卷那么2机器上也会有1机器上共享出来的/data/目录
2机器在自己挂在一个目录(/backup)到宿主机上的一个目录(/data/backup/)
然后2机器把之前/data/目录的数据拷贝到/backup/下,/backup/自然也会映射到宿主机的/data/backup/