Docker goes from understanding practice to underlying principles (6-1)｜Basic introduction to Docker containers + detailed command explanations

Preface

So the blogger here has some columns full of useful information!

The first is a summary of the blogger’s high-quality blogs. The blogs in this column are all written by the blogger with the most care. They are full of useful information. I hope it will be helpful to everyone.

• Summary of high-quality blogs

Then there is the column that the blogger spends the most time on recently, "Docker from Realization to Practice to Underlying Principles". I hope everyone will pay more attention to it!

• Docker goes from recognition to practice to underlying principles

---

What is a container

In layman's terms, a container is the running entity of an image. The image is a static read-only file, while the container has a writable file layer required at runtime, and the process in the container is in a running state. That is, the container runs the real application process. Containers have five states: initially created, running, stopped, paused, and deleted. Although the essence of a container is a process running on the host, the container has its own independent namespace isolation and resource limitations. In other words, inside the container, you cannot see the process, environment variables, network and other information on the host. This is the essential difference between the container and the process running directly on the host. A container is a runnable instance created based on an image and exists independently. One image can create multiple containers. When running a containerized environment, a read-write copy of this file system is actually created inside the container. This adds a container layer that allows modification of the entire copy of the image.

Container life cycle

1. created: initial creation state
2. running: running status
3. stopped: stopped state
4. paused: paused state
5. deleted: deleted status

Command control state transition

• docker run: Create a container and start running immediately and enter the running state;

• docker start: Container changes to running state;

• docker stop: The container will enter the stopped state;

• docker kill: When the container fails (crash), execute kill (power off) and the container will enter the stopped state. This operation is easy to lose data and is not recommended unless necessary;

• docker restart: Restart the container and the container enters the running state;

• docker pause: The container enters the paused state;

• docker unpause: Cancel the paused state and the container enters the running state;

• docker rm: Delete the container and the container enters the deleted state.

• killed by out-of-memory(Terminated due to insufficient memory): The host memory is exhausted, also known as OOM: Unplanned termination. At this time, the container that consumes the most memory needs to be killed.

• container process exitde(Abnormal termination): After the container is terminated, the Should restart? selection operation will be entered:

  • yes needs to be restarted, and the container executes the start command to enter the running state.
  • no does not require restarting, the container will enter the stopped state.

Detailed explanation of container commands

Command list

Order	Alias	Function
docker create	docker container create	Create container
docker run	docker container run	Run container
docker attach	docker container attach	Connect to a running container
docker commit	docker container commmit	Submit image as container
docker cp	docker container cp	Copy between container and host
docker diff	docker container diff	Check for changes to the file structure in the container
docker exec	docker container exec	Execute command in running container
docker export	docker container export	Export container as tar
docker container inspect		View container details
docker kill	docker container kill	kill container
docker logs	docker container logs	View log
docker ps	docker container ls docker container list docker container ps	View running processes
docker pause	docker container pause	pause process
docker port	docker container port	Check the port mapping of the container
docker container prune		Remove stopped containers
docker rename	docker container rename	double naming container
docker restart	docker container restart	Restart container
docker rm	docker container rm docker container remove	Delete container
docker start	docker container start	Start container
docker stats	docker container stats	View resource usage information
docker stop	docker container stop	Stop container
docker top	docker container top	Check the resource usage of a container
docker unpause	docker container unpause	Continue running the container
docker update	docker container update	Update container configuration
docker wait	docker container wait	Prevents one or more containers from stopping and then prints the exit code

docker create

docker create [OPTIONS] IMAGE [COMMAND] [ARG...]

The parameters are basically the same as docker run.

-i: 以交互模式运行容器，通常与 -t 同时使用；
-P: 随机端口映射，容器内部端口随机映射到主机的端口
-p: 指定端口映射，格式为：主机(宿主)端口:容器端口
-t: 为容器重新分配一个伪输入终端，通常与 -i 同时使用；
--name="nginx-lb": 为容器指定一个名称；
-h "mars": 指定容器的 hostname；
-e username="ritchie": 设置环境变量；
--cpuset-cpus="0-2" / --cpuset-cpus="0,1,2": 绑定容器到指定 CPU 运行；
-m :设置容器使用内存最大值；
--network="bridge": 指定容器的网络连接类型；
--link=[]: 添加链接到另一个容器；
--volume , -v: 绑定一个卷
--rm :shell 退出的时候自动删除容器
--restart:自动重启

docker logs

docker logs [OPTIONS] CONTAINER

parameter

-f, --follow: 跟踪日志输出
--since : 显示某个开始时间的所有日志
-t, --timestamps : 显示时间戳
--tail : 仅列出最新 N 条容器日志

Start a container first.

View the currently running containers.

[root@ALiCentos7:~]$ docker ps -a
CONTAINER ID   IMAGE          COMMAND                  CREATED              STATUS              PORTS                                   NAMES
e8a7b485c2ae   nginx:1.21.4   "/docker-entrypoint.…"   About a minute ago   Up About a minute   0.0.0.0:8080->80/tcp, :::8080->80/tcp   mywebsite1

View the log.

-fOption to output results in real time.

docker attach

Connect to a running container.

docker attach [OPTIONS] CONTAINER

--sig-proxy : 是否将所有信号代理，默认是 true，如果设置为 false，退出的话不会影响容器，否则退出会导致容器退出。

It's easy to understand, it is connected to a container.

On this bash, we can receive the io information of this container. If we do this ^C, the container will also be killed.

In other words, after attaching it, the container can receive the signal sent by this bash.

However, if brought on --sig-proxy, the signal will be proxied.

docker exec

Execute commands in the container.

docker exec [OPTIONS] CONTAINER COMMAND [ARG...]

parameter

-d : 分离模式: 在后台运行
-i : 即使没有附加也保持 STDIN 打开
-t : 分配一个伪终端
-e : 设置环境变量
-u, --user : 指定用户 "<name|uid>[:<group|gid>]"
-w, --workdir: 指定工作目录

Practice.

docker start 和 docker stop

It's very simple, just look at the example.

But docker stopthere are parameters.

-s : 发送的信号

docker restart

Restart container

docker restart [OPTIONS] CONTAINER [CONTAINER...]

-s : 发送信号

docker kill

Force quit container

parameter:-s :发送的信号

• docker stop sends SIGTERMa signal, docker kill sends SIGKILLa signal

docker killWill kill a container more violently.

docker top

View process information running in the container and supports ps command parameters.

docker top CONTAINER [ps OPTIONS]

/bin/bashThe container does not necessarily have a terminal to interactively execute commands when it is running top , and the container does not necessarily have topcommands that can be used docker topto view the processes running in the container.

docker stats

Displays the usage of container resources, including: CPU, memory, network I/O, etc.

docker stats [OPTIONS] [CONTAINER...]

parameter

--all , -a : 显示所有的容器，包括未运行的。
--format : 指定返回值的模板文件。如 table,json
--no-stream : 展示当前状态就直接退出了，不再实时更新。
--no-trunc : 不截断输出。

docker container inspect

View container details

docker container inspect [OPTIONS] CONTAINER [CONTAINER...]

parameter

-f : 指定返回值的模板文件。如 table、json
-s : 显示总的文件大小。

Can be redirected to a .jsonfile.

docker container inspect mywebsite > mywebsite_docker_tmp.json

docker port

Used to list port mappings for a specified container, or to find a PRIVATE_PORT NAT to the public.

docker port CONTAINER [PRIVATE_PORT[/PROTO]]

docker cp

Copy files between container and host

docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH

docker diff

docker diff CONTAINER

docker commit

Create a new image from the container.

docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]

parameter

-a : 提交的镜像作者；
-c : 使用 Dockerfile 指令来创建镜像；可以修改启动指令
-m : 提交时的说明文字；
-p : 在 commit 时，将容器暂停

docker commit mywebsite mywebsite-yufc:v1.0

docker pause 和 docker unpause

Pause all processes in the container.

docker pause CONTAINER [CONTAINER...]

docker rm

Remove stopped containers.

docker rm [OPTIONS] CONTAINER [CONTAINER...]

key parameter:

-f : 通过 SIGKILL 信号强制删除一个运行中的容器

docker wait

Blocks the run until the container stops, then prints out its exit code.

docker wait CONTAINER [CONTAINER...]

First run a container, then exit and have docker waitthe exit code printed.

docker rename

Rename a container

docker rename CONTAINER NEW_NAME

docker container prune

docker container prune [OPTIONS]

parameter

-f, --force : 不提示是否进行确认

docker update

Update container configuration

docker update [OPTIONS] CONTAINER [CONTAINER...]

parameter

--cpus ：cpu 数量
--cpuset-cpus : 使用哪些 cpu
--memory : 内存限制
--memory-swap ：交换内存
--cpu-period : 是用来指定容器对 CPU 的使用要在多长时间内做一次重新分配
--cpu-quota ：是用来指定在这个周期内，最多可以有多少时间用来跑这个容器