Docker common operation instructions

1. Docker image operation

1. Display Mirroring

docker images

Show all images (including intermediate layers)

docker images -a

show image ID

docker images -q

combination

docker images -qa

Display summary information about an image

docker images --digests

Show full image information

docker images --no-trunc

2. Search mirror

docker search XX

3. Download mirror

docker pull XX

Download the specified version

docker pull XX:版本

4. Delete the image

docker rmi 镜像名称:版本

force delete

docker rmi -f 镜像名称:版本

Delete multiple spaces separated by spaces

docker rmi -f 镜像名称:版本 镜像名称:版本

clear all

docker rmi -f $(docker images -qa)

2. Docker container operation

1. Create and start the container
--name=“new container name”: specify a name for the container:
-i: run the container in interactive mode, usually used with -t
-t: reassign a pseudo-input terminal for the container, usually Used with -i
-d: run the container in the background and return the container ID;
-P: random port mapping, the internal port of the container is randomly mapped to the port of the host
-p: specified port mapping, the format is: host (host) port: container port

docker run -it -p 8888:8080 tomcat

random port

docker run -it -P tomcat

docker run -it --name (alias) image ID to run a container, take an alias, run in interactive mode, and assign a pseudo-terminal
daemon:

docker run -di --name(别名) 镜像ID

Commonly used:

docker run -it --name 别名 -d -p 8888:8080 镜像ID

Map command:

docker run --name 容器名称 -d -p (服务器端口):(Docker端口) image-name
docker run --name tomcattest7 -d -p 8888:8080 镜像ID

2. List containers
List running containers

docker ps

show all containers

docker ps -a

View stopped containers

docker ps -f status=exited

3. Exit the container
The container stops exiting

exit 

Container does not stop exiting

Ctrl+P+Q

4. Enter the container

docker attach 容器ID or 容器名

5. Start the container

docker start 容器ID or 容器名

6. Restart the container

docker restart 容器ID or 容器名

7. Stop the container

docker stop容器ID or 容器名 

Kill the process directly

docker kill 容器ID or 容器名

8. Delete the container

docker rm 容器ID or 容器名

force delete

docker rm -f 容器ID or 容器名

Delete multiple spaces separated by spaces

docker rm -f 容器ID or 容器名 容器ID or 容器名

 clear all

docker rm -f $(docker ps -qa)

9. Enter the running container

docker exec -it 容器名称 或者 容器ID 
docker exec -it edbef195b590 
docker exec -it edbef195b590 /bin/bash

10. The webapps directory is empty when tomcat starts and cannot be accessed externally . There are things we need under webapps.dist
. Enter the container directory

docker exec -it 容器ID /bin/bash

Modify webapps to webapps2

mv webapps webapps2

Modify webapps.dist to webapps

mv webapps.dist webapps

11. Submit the runtime container as a mirror image

docker commit -a='作者' -m='备注' 运行时容器ID 新镜像名称:TAG(版本)

12. Push the image to the hub server
Step 1:
https://hub.docker.com/ Register to get the docker id and password
kaylove/abcd1234
Step 2:
We use docker login to log in to the hub server
Step 3:
docker push push

docker push 本地镜像名称:TAG(版本)

13. Push to Aliyun
Step 1:
Enter: https://cr.console.aliyun.com Aliyun mirror console, the mirror console password is set separately;
Step 2:
Enter the console, we first create a namespace, and then create Mirror image;
Create a personal instance
Create a namespace
Create a mirror warehouse
docker Command operation
1) Log in to Alibaba Cloud Docker Registry

sudo docker login [email protected] registry.cn-shenzhen.ali
yuncs.com

The user name used to log in is the full name of the Alibaba Cloud account, and the password is the password set when the service is activated.
You can modify the credential password on the Access Credentials page.
2) Pull the image from Registry

sudo docker pull registry.cn-shenzhen.aliyuncs.com/kayluo/tomcat:[镜像版本号]

3) Push the image to Registry

sudo docker login --username=kay.5****@qq.com registry.cn-shenzhen.aliyuncs.com
sudo docker tag [ImageId] registry.cn-shenzhen.aliyuncs.com/kayluo/tomcat:[镜像版本号]
sudo docker push registry.cn-shenzhen.aliyuncs.com/kayluo/tomcat:[镜像版本号]

--Please replace the [ImageId] and [Image Version Number] parameters in the example according to the actual image information.
14. View the container log
Enter the directory: /var/lib/docker/containers/
. The end of the log is the log

3. Docker container directory mount

1. Grammar

docker run -it -v  /宿主机目录:/容器目录 镜像ID
docker run -it -v /home/testData:/cData 2173a72bba6b
docker run --name tomcattest7 -d -p 8888:8080 -v /home/testData:/cData 镜像ID

2. Mount multiple directories

docker run -it -v /宿主机目录:/容器目录 -v /宿主机目录2:/容器目录2  镜像名

Note:
If you are synchronizing a multi-level directory, there may be a prompt of insufficient permissions;
this is because the security module selinux in Centos7 has banned permissions, we need to add --privileged=true to solve the problem that the mounted directory does not have permissions The problem;

docker run --name tomcattest7 -d -p 8888:8080 -v /home/testData:/cData 镜像ID --privileged=true

3. Mount the read-only directory

docker run -it -v  /宿主机目录:/容器目录:ro 镜像ID
docker run --name tomcattest7 -d -p 8888:8080 -v /home/testData:/cData:ro 镜像ID

Four, Docker common software installation

1. Tomcat installation and mounting
Step 1: Run the container docker run -it --name alias -d -p 8888:8080 image ID

docker exec -it 容器ID /bin/bash
mv webapps webapps2
mv webapps.dist webapps
exit

Step 2: Create a new tomcat directory under the home directory of the host, copy the conf and webapps in the container to the host 

docker cp  容器id:/usr/local/tomcat/conf  /home/tomcat/conf/  
docker cp  容器id:/usr/local/tomcat/webapps  /home/tomcat/webapps/  

Step 3: Mount the webapp, logs, and conf in the tomcat in the container to the tomcat directory of the host machine, which is convenient for uploading code, synchronizing persistent logs, and configuring tomcat; turn off the container, and start the container:

docker run -d --name 别名 -p 80:8080 -v /home/tomcat/conf/:/usr/local/tomcat/conf/  -v /home/tomcat/webapps/:/usr/local/tomcat/webapps/ -v /home/tomcat/logs/:/usr/local/tomcat/logs/   镜像名称

Step 4: Configure tomcat server.xml and upload the war package synchronously
under the <Host node
<Context path="" docBase="/usr/local/tomcat/webapps/WebTest" debug="0" reloadable="true" / > 2. Installation and mounting of mysql5.7
Step 1: Run the container
Step 2: Create a new mysql directory under the home directory in the host, copy the conf and webapps in the container to the host

docker cp  容器id:/etc/mysql/conf.d  /home/mysql/
docker cp  容器id:/var/log  /home/mysql/
docker cp  容器id:/var/lib/mysql  /home/mysql/ 

Turn off the container and start it again with the mount
Step 3: Mount the webapp, logs, and conf in the mysql container in the container to the tomcat directory of the host machine, which is convenient for uploading code, synchronizing persistent logs, and conveniently configuring tomcat

docker run --name 别名 -itd -p 3306:3306 -v /home/mysql/conf/:/etc/mysql/conf.d/ -v /home/mysql/log/:/var/log -v /home/mysql/mysql/:/var/lib/mysql/ -e MYSQL_ROOT_PASSWORD=123456  镜像ID

Step 4: Use sqlyog to connect to the database in the docker, and import the sql script. 
Note: the database connection address in the running project must write the virtual IP address where the mysql container in the docker is located; the communication IP between the containers;
view the container meta information:

docker inspect 容器ID

Find IPAddress: the corresponding address

Five, Docker migration and backup

When we develop, we often customize the image, and then submit the image as a commit to the local warehouse, but when we publish it to the client server, we can use the above mentioned to get the official hub or Alibaba Cloud, but some confidential projects are Public network storage is prohibited, so we can only achieve it through docker image backup and migration;
backup image:

docker save -o 备份镜像的名称  源镜像名称:tag版本
docker save -o mytomcat7.1.tar tomcat7:7.1

The backup is in the current path
to restore the image:

docker load -i 镜像文件
docker load -i mytomcat7.1.tar

6. Docker File

1). Introduction
Dockerfile is a script composed of a series of commands and parameters. These commands are applied to the base image of the operating system (centos or Ubuntu) and finally create a new image; we mentioned earlier to modify the
configuration file manually. , or adding or deleting file directories to build a new image; this manual method is cumbersome, error-prone, and cannot be reused; here we talk about Dockerfile, using scripts
to build automation, reusability, and high efficiency The method of creating mirror images is the preferred method for enterprise-level development;
in the software system development life cycle, Dockerfile is used to build mirror images;
1. For developers: it can provide a completely consistent development environment for the development team;
2. For testers : You can directly take the image built during development or build a new image through the Dockerfile file to start working;
3. For operation and maintenance personnel: During deployment, seamless migration of applications can be achieved.
2). The common command of Dockerfile
FROM image_name:tag defines which base image is used to start the build process

MAINTAINER user_info declares mirror maintainer information

LABEL key value Image description meta information (multiple items can be written)

ENV key value Set environment variables (multiple entries can be written)

RUN command The command that needs to be run when building the container (multiple entries can be written)

WORKDIR path_dir Set the default working directory of the terminal login

EXPOSE port The port exposed by the current container

ADD source_dir/file dest_dir/file Copy the host's file into the container. If it is a compressed file, it will be automatically decompressed after copying. source_dir: the current directory,
usually the directory where the dockerFile file is placed file dest_dir: the directory file
to be generated
:file name

COPY source_dir/file dest_dir/file is similar to ADD, but if there is a compressed file, it cannot be decompressed

VOLUME creates a mount point that can be mounted from the local host or other containers, generally used to store databases and data that needs to be kept, etc.

CMD specifies the command to run when the container starts. If there are multiple CMDs, the last one will take effect. In
exec mode and shell mode,
CMD specifies the command to run when the container starts. If there are multiple CMDs, the last one will take effect.
Syntax format:    

CMD <command> 或
CMD ["<executeable>","<param1>","<param2>",...] 
CMD ["<param1>","<param2>",...]

ENTRYPOINT Specifies the command to run when the container starts ONBUILD The command to run when building an inherited DockerFile, the onbuild of the parent image is triggered after the parent image is inherited by the child image. You can understand ONBUILD as a trigger.
When writing Dockerfile, other commands are for its own image service, only ONBUILD is for sub-image service;
simple example: parent image Dockerfile:

FROM centos
ONBUILD RUN yum -y install vim
CMD /bin/bash

Submirrors are simpler:

FROM parent

Just one sentence;
when building a sub-mirror, the ONBUILD of the parent mirror will be triggered, and the sub-mirror will directly install vim; in
practical applications, generally ONBUILD executes some things that the parent mirror cannot execute temporarily, such as some COPY, ADD, you can To start some services, the parent image is used as a template, which only provides basic support, and then the specific implementation is the sub-image operation.
3).Dockerfile Build custom centos
Write Dockerfile: the file name is myCentosDockerfile without suffix

FROM centos
MAINTAINER kaytest
LABEL name="kaytest CentOS Image" \
    build-date="20191112"
ENV WORKPATH /home/
WORKDIR $WORKPATH
RUN yum -y install net-tools
RUN yum -y install vim
EXPOSE 80
CMD /bin/bash

Build:
Enter the linux cd /home/ directory to create a dockerfile folder, put the dockerFile file just written into it,
enter the dockerfile directory cd /home/dockerfile/

docker build -f DockerfileName -t 镜像名:TAG .
docker build -f myCentosDockerFile -t kaytestcentos:1.0 .

Note: The image name must be in lowercase, you can use /. At the end, you need to add a space and end with an English period.
Run: docker run -it mirror ID
view mirror history docker history mirror ID
4).Dockerfile build custom tomcat
write Dockerfile: file name is myTomcatDockerfile do not add suffix

FROM centos
MAINTAINER kaytomcattest
LABEL name="kay Tomcat Image" \
build-date="20191115"
COPY  copyright.txt /home/copyright.txt
ADD server-jre-8u151-linux-x64.tar.gz /home/
ADD apache-tomcat-8.5.37.tar.gz /home/
ENV WORKPATH /home/apache-tomcat-8.5.37/
WORKDIR $WORKPATH
ENV JAVA_HOME /home/jdk1.8.0_151
ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
ENV CATALINA_HOME /home/apache-tomcat-8.5.37/
ENV CATALINA_BASE /home/apache-tomcat-8.5.37/
ENV PATH $PATH:$JAVA_HOME/bin:$CATALINA_HOME/lib:$CATALINA_HOME/bin
EXPOSE 8080
CMD ["/home/apache-tomcat-8.5.37/bin/catalina.sh","run"]

Build:
Enter the linux cd /home/ directory to create a dockerfile folder, put the dockerFile file just written in it, put the copyright.txt file in it, put the server-jre-8u151-linux-x64.tar.gz file in it, Put the apache-tomcat-8.5.37.tar.gz file in,
enter the dockerfile directory cd /home/dockerfile/

docker build -f DockerfileName -t 镜像名:TAG .
docker build -f myTomcatDockerFile -t kaytesttomcat:1.0 .

Note: The image name must be in lowercase, you can use /. At the end, you need to add a space and then end with an English period.
Run: Refer to Mount Run
5).Dockerfile build custom redis
Write Dockerfile: the file name is myRedisDockerfile without adding a suffix

#
# Dockerfile for Redis-4.0.2
#
FROM centos:7
MAINTAINER kaytest
RUN yum clean all
RUN yum -y update
# Install libs
RUN yum install deltarpm rpm make tar gcc gcc-c++ epel-release -y

RUN mkdir -p /home/work/apps/
RUN mkdir -p /var/log/redis/
# Copy Redis tar.gz and auto uncompress
ADD redis-4.0.2.tar.gz /home/work/apps
ADD etc/redis.conf /etc/redis.conf

#COPY supervisord.conf /etc/supervisord.conf
VOLUME ["/home/work/apps/","/var/log/redis/"]
# Install redis
WORKDIR /home/work/apps/redis-4.0.2/
RUN make
RUN make && make install

#CMD ["/usr/bin/supervisord"]
CMD redis-server /etc/redis.conf

# Expose ports.
EXPOSE 6379

Construction:
Enter the linux cd /home/ directory to create a dockerfile folder, put the dockerFile file just written into it, put the etc folder in the past including the redis.conf file inside, and put redis-4.0.2.tar.gz in the past and
enter dockerfile directory cd /home/dockerfile/

docker build -f DockerfileName -t 镜像名:TAG .
docker build -f myTomcatDockerFile -t kaytestredis:1.0 .

Note: The image name must be in lowercase, you can use /. At the end, you need to add a space and then end with a period in English.
Run: Refer to Mount Run
6). Dockerfile realizes container volume through VOLUME,
which is similar to the previous -v command, and mounts the container directory and the host directory

VOLUME['/home/v1','/home/v2']

Note: The startup command -v host directory: container volume directory is used to mount the container volume directory.
However, when defining the Dockerfile, there is no guarantee that there is such a specific directory on all hosts,
so in the Dockerfile definition , you can only specify the container volume directory;
write Dockerfile: the file name is myCentosDockerfile without adding a suffix

FROM centos
VOLUME ["/home/v1","/home/v2"]
CMD /bin/bash

Build: Refer to the above
Run: Daemon run

docker run -di --name(别名) 镜像ID

Test:
After running, we enter the home directory of the container and find two container volume directories, v1 and v2;

docker exec -it 容器ID /bin/bash/
cd /home/

Then we use the docker inspect container ID to check the host directory corresponding to the container volume generated by default; under the Mounts node, the general directory is empty, corresponding to the /home/v1 directory of the container.
Through creating and modifying files, we found that synchronization can be achieved without any problems; in
my opinion, to realize container volumes, it is still necessary to use the -v startup command mentioned above, using the dockerfile method, which is more fucked, and the host directory cannot be customized; 7
) The difference and connection between .CMD and ENTRYPOINT 1.
The difference and connection between CMD and ENTRYPOINT in DockerFile CMD and
ENTRYPOINT are executed when the container starts; both support exec and shell methods; general usage is a single CMD, or first ENTRYPOINT, combined with the latter CMD;
if there are multiple CMDs, with command parameters when starting, it will overwrite the previous CMD command, and the last command will take effect, so when we usually use CMD, there is a situation where a single CMD command is Yes, the startup command does not take parameters;
we mainly learn the common usage; let's test it;
first look at the dockerfile of tomcat's official image;

Since there are multiple CMD commands, they will be overwritten, and only the last one will be executed; so we test the startup;

There is nothing wrong with starting without parameters like this, and tomcat can start normally;

But if we add parameters such as /bin/bash or ls -l

Then it will overwrite the CMD ["catalina.sh","run"] in the dockerfile, and tomcat will not execute it;

What is executed is the specific parameters brought during startup;

Let's look at the redis official dockerfile again;

This is the second common usage we are talking about. First create an ENTRYPOINT to execute the next execution command, and then follow it with CMD to splice the specific execution parameters; the
final execution is docker-entrypoint.sh redis-server;
after the above two cases , I believe everyone has a certain understanding of CMD, ENTRYPOINT;
let's take a look at the detailed syntax;

CMD syntax;

CMD ["executable","param1","param2"] (exec form, this is the preferred form)
CMD ["param1","param2"] (as default parameters to ENTRYPOINT)
CMD command param1 param2 (shell form)

The first usage: run an executable file and provide parameters.
The second usage: specify parameters for ENTRYPOINT.
The third usage (shell form): the command is executed in the "/bin/sh -c" method.

ENTRYPOINT syntax;

ENTRYPOINT [“executable”, “param1”, “param2”] (exec 格式, 推荐)
ENTRYPOINT command param1 param2 (shell 格式)

We generally recommend using the exec format for official development; it is easy to use;

Let's take a look at the actual usage of CMD and ENTRYPOINT through some simple examples;
the first dockerfile 

FROM centos
CMD echo "abc"
#CMD ["/bin/echo", "defg"]

We can run the test to see the results, and remove the second CMD to see the results;
and run the command followed by the running parameters to see the results; we can understand that if there are multiple CMDs, only the last one will take effect;

The second dockerfile

FROM centos
ENTRYPOINT ["ls"]
CMD ["-l"]

For this dockerfile, we use ENTRYPOINT to execute an ls command and then add parameters to CMD, 
which is equivalent to the default parameter of CMD. If we need to change the parameters when starting, we can directly replace them;

Seven, Docker private warehouse

1. Introduction
Docker’s private warehouse is mainly used to store images within the enterprise. Compared with official warehouses and Alibaba Cloud warehouses, it has a higher level of confidentiality and security; 2. The first step in warehouse construction: pull the
private
warehouse image (private warehouse program itself is a mirror image)

docker pull registry

Step 2: Start the private warehouse container

docker run -di --name=myRegistry -p 5000:5000 registry

Step Three: Test

http://192.168.1.112:5000/v2/_catalog

See this instruction to start OK. Because there is no image in the warehouse, it is empty;

the fourth step:

sudo vi /etc/docker/daemon.json 修改daemon.json，让docker信任私有仓库地址
"insecure-registries": ["192.168.1.112:5000"]

​​​​​​​

Step 5: Restart docker after modifying the configuration;

systemctl restart docker

3. Private warehouse test
Step 1: mark this mirror as a mirror of a private warehouse

docker tag 镜像名:TAG 192.168.1.112:5000/仓库镜像名
docker tag tomcat:7 192.168.1.112:5000/mytomcat7

Step 2: Upload the image to the private warehouse

docker push 192.168.1.112:5000/mytomcat7

At this time, there is already this image in the private warehouse;
the third step: delete the 192.168.1.112:5000/mytomcat7 local warehouse image

docker rmi -f 192.168.1.112:5000/mytomcat7

Step 4: Pull the 192.168.1.112:5000/mytomcat7 image from the private warehouse and run it;

docker run -itd -p 8080:8080 192.168.1.112:5000/mytomcat7

Step 5: Browser runs http://192.168.1.112:8080 test

8. Docker  shipyard container (stop updating)

1. Pull the shipyard related image

docker pull shipyard/shipyard
docker pull swarm
docker pull shipyard/docker-proxy
docker pull alpine 
docker pull microbox/etcd 
docker pull rethinkdb

2. Build the shipyard container

docker run -ti -d --restart=always --name shipyard-rethinkdb rethinkdb

docker run -ti -d -p 4001:4001 -p 7001:7001 --restart=always --name shipyard-discovery microbox/etcd:latest -name discovery

docker run -ti 
-d -p 2375:2375 --hostname=$HOSTNAME 
--restart=always --name shipyard-proxy 
-v /var/run/docker.sock:/var/run/docker.sock 
-e PORT=2375 shipyard/docker-proxy:latest 

docker run -ti -d --restart=always --name shipyard-swarm-manager 
swarm:latest manage --host tcp://0.0.0.0:3375 etcd://<IP-OF-HOST>:4001

docker run -ti -d --restart=always --name shipyard-swarm-agent 
swarm:latest join --addr <ip-of-host>:2375 etcd://<ip-of-host>:4001 

docker run -ti -d --restart=always --name shipyard-controller --link 
shipyard-rethinkdb:rethinkdb --link shipyard-swarm-manager:swarm -
p 8888:8080 dockerclub/shipyard:latest server -d tcp://swarm:3375
注：替换 <IP-OF-HOST >为实际宿主机地址
访问shipyard<ip-of-host>：8080
默认用户名：admin 密码：shipyard

Install docker-compose 

yum install docker-compose

Execute docker-compose
to enter the same directory as docker-compose.yml

docker-compose up -d

Nine, Docker  portainer visualization official recommendation

1.

docker volume create portainer_data

2.

docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

3.

http://localhost:9000

4. Set the admin user password, you need to enter the same password twice

10. Docker operates commands on all images/containers (use with caution)

Start all container commands in docker

docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)

Close all container commands in docker

docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)

Delete all container commands in docker

docker rm $(docker ps -a | awk '{ print $1}' | tail -n +2)

Delete all images in docker

docker rmi $(docker images | awk '{print $3}' |tail -n +2)