Docker installation and common command arrangement
-
- 1. Introduction to Docker
- 2. Docker environment installation
- 3. Common commands for Docker images
-
- 3.1. Search mirror
- 3.2. Download image
- 3.3. List mirrors
- 3.4, delete the image
- 3.5, package image
- 3.6. Import image
- 3.7, container packaging
- 3.8. Import container
- 3.9, push image
- 3.10. Create and start a container
- 3.11. List containers
- 3.12. Stop the container
- 3.13. Forcibly stop the container
- 3.14. Start the container
- 3.15, enter the container
- 3.16. Exit the container
- 3.17. Delete container
- 3.18. View container logs
- 3.19. Modify the startup method of the container
- 3.20. Synchronize host time to container
- 3.21. Check container resource usage
- 3.22. View container disk usage
- 3.23. View all networks
- 3.24. Create an external network
- 3.25. Create an external network
- 3.26. View the metadata of the container/image
- 3.27. Copy files
- 4. There are 7 container states
- 5. All network modes
1. Introduction to Docker
Docker is an open source application container engine that allows developers to package applications and dependencies into a portable image, and then publish it to any popular Linux or Windows machine. Using Docker makes it easier to package, test, and deploy applications.
2. Docker environment installation
2.1. Remove previous docker related packages
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
2.2. Configure yum source
sudo yum install -y yum-utils
sudo yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2.3. Install docker
sudo yum install -y docker-ce docker-ce-cli containerd.io
2.4, start
systemctl enable docker --now
2.5. Configuration acceleration
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://5cn52dc7.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
3. Common commands for Docker images
3.1. Search mirror
docker search tomcat
3.2. Download image
docker pull tomcat
3.3. List mirrors
docker images
3.4, delete the image
- Specify the name to delete the image:
docker rmi tomcat
- Delete mirror by name (mandatory):
docker rmi -f tomcat
- Remove all unreferenced images:
docker rmi `docker images | grep none | awk '{print $3}'`
- Force delete all mirrors:
docker rmi -f $(docker images)
3.5, package image
docker save -o /root/xxx.tar <name>
3.6. Import image
docker load -i /root/xxx.tar
3.7, container packaging
docker export -o /root/xx.tar <name>
3.8. Import container
docker import xx.tar <name>:latest
3.9, push image
# 登录Docker Hub
docker login
# 给本地镜像打标签为远程仓库名称
docker tag consul:latest linshengqian/consul:v1.0
# 推送到远程仓库
docker push linshengqian/consul:v1.0
3.10. Create and start a container
docker run -p 80:80 --name nginx \
-e TZ="Asia/Shanghai" \
-v /mydata/nginx/html:/usr/share/nginx/html \
-d nginx:1.17.0
- –name="Name": specify the container name, and then you can operate the container through the container name;
- -e: Set the environment variable of the container, here is the time zone;
- -v: mount the files on the host to the host, the format is: host file directory:container file directory;
- -d: Indicates that the container runs in the background.
- –network : specify the network
- -P: random port mapping (capital P)
- -p: Map the host and container ports, specify the port mapping, the format is: host port: container port, (lowercase p)
- ip:hostPort:containerPort
- ip::containerPort
- hostPort:containerPort (commonly used)
- containerPort
3.11. List containers
- List running containers:
docker ps
- List all containers, including non-running ones:
-a
docker ps -a
- List recently created containers:
-l
docker ps -l
- Total file size of the running container:
-s
docker ps -s
- Filter the displayed content based on conditions:
-f
docker ps -f name=mysql
3.12. Stop the container
$ContainerName
Represents the container name and $ContainerId
the container ID. You can use the command of the container name, and basically support the use of the container ID:
docker stop $ContainerName(or $ContainerId)
3.13. Forcibly stop the container
docker kill $ContainerName
3.14. Start the container
docker start $ContainerName
3.15, enter the container
-
method one:
docker attach $ContainerName(or $ContainerId)
attach 直接进入容器启动命令的终端,不会启动新的进程
-
Method 2: Designate a user to enter the container
docker exec -it --user root $ContainerName(or $ContainerId)
exec 是在容器中打开新的终端,并且可以启动新的进程
-
Method three:
- First query the container
pid
:
docker inspect --format "{
{.State.Pid}}" $ContainerName
- Enter the container according to the pid of the container:
nsenter --target "$pid" --mount --uts --ipc --net --pid
3.16. Exit the container
exit # 容器停止退出
ctrl+P+Q # 容器不停止退出
3.17. Delete container
- Delete the specified container:
docker rm $ContainerName
- Forcibly delete the specified container:
docker rm -f $ContainerName
- Force delete all containers;
docker rm -f $(docker ps -a -q)
- Delete containers by name wildcards, such as deleting
redis-
containers that start with a name:
docker rm `docker ps -a | grep redis-* | awk '{print $1}'`
- Delete all closed containers:
docker ps -a | grep Exit | cut -d ' ' -f 1 | xargs docker rm
3.18. View container logs
- View all logs generated by the container:
docker logs $ContainerName
- Dynamically view the logs generated by the container:
docker logs -f $ContainerName
3.19. Modify the startup method of the container
- Change the container startup method to always
docker update --restart always $ContainerName
或
docker container update --restart=always $ContainerName
3.20. Synchronize host time to container
docker cp /etc/localtime $ContainerName:/etc/
3.21. Check container resource usage
- View the resource usage status of the specified container, such as cpu, memory, network, and io status:
docker stats $ContainerName
- Check the resource usage of all containers:
docker stats -a
3.22. View container disk usage
docker system df
3.23. View all networks
docker network ls
3.24. Create an external network
docker network create -d bridge $NetworkName
3.25. Create an external network
docker inspect $NetworkName
3.26. View the metadata of the container/image
docker inspect $ContainerName(or $ContainerId)
3.27. Copy files
- container to host
docker cp $ContainerName(or $ContainerId):/home/f1 /home
- host to container
docker cp /home/licence.txt $ContainerName(or $ContainerId):/home
4. There are 7 container states
- created
- restarting
- running
- removing (migration)
- paused
- exited
- dead
5. All network modes
network mode | configuration | illustrate |
---|---|---|
bridge mode | –net=bridge | Default, creates a new network stack for containers on the Docker bridge docker0 |
none mode | –net=none | Without configuring the network, users can enter the container later and configure it by themselves |
container mode | – net=container:name/id | A container shares a Network namespace with another container. The pod in kubernetes is multiple containers sharing a Network namespace |
host mode | –net=host | The container and the host share the Network namespace |
host mode | –net=custom network | The user defines the network by using the network-related commands, and can specify the network defined by himself when creating the container |
Some of these command options can only be configured when the Docker service is started, and cannot take effect immediately.
-b BRIDGE
or--bridge=BRIDGE
Specify the bridge mounted by the container--bip=CIDR
Customize the mask of docker0-H SOCKET
Or--host=SOCKET
the channel where the Docker server receives commands--icc=true|false
Whether to support communication between containers--ip-forward=true|false
Please see the communication between containers below--iptables=true|false
Whether to allow Docker to add iptables rules--mtu=BYTES
MTU in container networking
The following 2 command options can be specified either when starting the service or when starting the container. The specified value when the Docker service is started will become the default value, and docker run
the default value can be overridden in subsequent executions.
--dns=IP_ADDRESS
Use specified DNS server--dns-search=DOMAIN
Specify DNS search domain
These last options are only docker run
used at execution time as it is specific to the content of the container.
-
-h HOSTNAME
or--hostname=HOSTNAME
configure the container hostname -
--link=CONTAINER_NAME:ALIAS
Adding a connection to another container -
--net=bridge|none|container:NAME_or_ID|host
Configure the bridge mode of the container -
-p SPEC
or--publish=SPEC
map the container port to the host host -
-P or --publish-all=true|false
Map all ports of the container to the host
In the docker network, there are three core concepts: Sandbox, Network, and Endpoint .
- The sandbox provides the container's virtual network stack, that is, the contents of port sockets, IP routing tables, firewalls, etc. The container network is isolated from the host network, forming a completely independent container network environment.
- The network can be understood as a virtual subnet inside docker, and participants in the network can see each other and communicate. The virtual network of docker is also isolated from the host network, and its purpose is mainly to form a secure communication environment between containers.
- An endpoint is a hole in a container or network wall whose main purpose is to form a controlled entry and exit from a closed network environment. When the endpoint of the container is paired with the endpoint of the network, it is like building a bridge between the two, and data transmission can be carried out.