Preface
So the blogger here has some columns full of useful information!
The first is a summary of the blogger’s high-quality blogs. The blogs in this column are all written by the blogger with the most care. They are full of useful information. I hope it will be helpful to everyone.
Then there is the column that the blogger spends the most time on recently, "Docker from Realization to Practice to Underlying Principles". I hope everyone will pay more attention to it!
What is a container
In layman's terms, a container is the running entity of an image. The image is a static read-only file, while the container has a writable file layer required at runtime, and the process in the container is in a running state. That is, the container runs the real application process. Containers have five states: initially created, running, stopped, paused, and deleted. Although the essence of a container is a process running on the host, the container has its own independent namespace isolation and resource limitations. In other words, inside the container, you cannot see the process, environment variables, network and other information on the host. This is the essential difference between the container and the process running directly on the host. A container is a runnable instance created based on an image and exists independently. One image can create multiple containers. When running a containerized environment, a read-write copy of this file system is actually created inside the container. This adds a container layer that allows modification of the entire copy of the image.
Container life cycle
- created: initial creation state
- running: running status
- stopped: stopped state
- paused: paused state
- deleted: deleted status
Command control state transition
-
docker run
: Create a container and start running immediately and enter the running state; -
docker start
: Container changes to running state; -
docker stop
: The container will enter the stopped state; -
docker kill
: When the container fails (crash), execute kill (power off) and the container will enter the stopped state. This operation is easy to lose data and is not recommended unless necessary; -
docker restart
: Restart the container and the container enters the running state; -
docker pause
: The container enters the paused state; -
docker unpause
: Cancel the paused state and the container enters the running state; -
docker rm
: Delete the container and the container enters the deleted state. -
killed by out-of-memory
(Terminated due to insufficient memory): The host memory is exhausted, also known as OOM: Unplanned termination. At this time, the container that consumes the most memory needs to be killed. -
container process exitde
(Abnormal termination): After the container is terminated, the Should restart? selection operation will be entered:- yes needs to be restarted, and the container executes the start command to enter the running state.
- no does not require restarting, the container will enter the stopped state.
Detailed explanation of container commands
Command list
Order | Alias | Function |
---|---|---|
docker create | docker container create | Create container |
docker run | docker container run | Run container |
docker attach | docker container attach | Connect to a running container |
docker commit | docker container commmit | Submit image as container |
docker cp | docker container cp | Copy between container and host |
docker diff | docker container diff | Check for changes to the file structure in the container |
docker exec | docker container exec | Execute command in running container |
docker export | docker container export | Export container as tar |
docker container inspect | View container details | |
docker kill | docker container kill | kill container |
docker logs | docker container logs | View log |
docker ps | docker container ls docker container list docker container ps |
View running processes |
docker pause | docker container pause | pause process |
docker port | docker container port | Check the port mapping of the container |
docker container prune | Remove stopped containers | |
docker rename | docker container rename | double naming container |
docker restart | docker container restart | Restart container |
docker rm | docker container rm docker container remove |
Delete container |
docker start | docker container start | Start container |
docker stats | docker container stats | View resource usage information |
docker stop | docker container stop | Stop container |
docker top | docker container top | Check the resource usage of a container |
docker unpause | docker container unpause | Continue running the container |
docker update | docker container update | Update container configuration |
docker wait | docker container wait | Prevents one or more containers from stopping and then prints the exit code |
docker create
docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
The parameters are basically the same as docker run.
-i: 以交互模式运行容器,通常与 -t 同时使用;
-P: 随机端口映射,容器内部端口随机映射到主机的端口
-p: 指定端口映射,格式为:主机(宿主)端口:容器端口
-t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用;
--name="nginx-lb": 为容器指定一个名称;
-h "mars": 指定容器的 hostname;
-e username="ritchie": 设置环境变量;
--cpuset-cpus="0-2" / --cpuset-cpus="0,1,2": 绑定容器到指定 CPU 运行;
-m :设置容器使用内存最大值;
--network="bridge": 指定容器的网络连接类型;
--link=[]: 添加链接到另一个容器;
--volume , -v: 绑定一个卷
--rm :shell 退出的时候自动删除容器
--restart:自动重启
docker logs
docker logs [OPTIONS] CONTAINER
parameter
-f, --follow: 跟踪日志输出
--since : 显示某个开始时间的所有日志
-t, --timestamps : 显示时间戳
--tail : 仅列出最新 N 条容器日志
Start a container first.
View the currently running containers.
[root@ALiCentos7:~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8a7b485c2ae nginx:1.21.4 "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:8080->80/tcp, :::8080->80/tcp mywebsite1
View the log.
-f
Option to output results in real time.
docker attach
Connect to a running container.
docker attach [OPTIONS] CONTAINER
--sig-proxy : 是否将所有信号代理,默认是 true,如果设置为 false,退出的话不会影响容器,否则退出会导致容器退出。
It's easy to understand, it is connected to a container.
On this bash, we can receive the io information of this container. If we do this ^C
, the container will also be killed.
In other words, after attaching it, the container can receive the signal sent by this bash.
However, if brought on --sig-proxy
, the signal will be proxied.
docker exec
Execute commands in the container.
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
parameter
-d : 分离模式: 在后台运行
-i : 即使没有附加也保持 STDIN 打开
-t : 分配一个伪终端
-e : 设置环境变量
-u, --user : 指定用户 "<name|uid>[:<group|gid>]"
-w, --workdir: 指定工作目录
Practice.
docker start 和 docker stop
It's very simple, just look at the example.
But docker stop
there are parameters.
-s : 发送的信号
docker restart
Restart container
docker restart [OPTIONS] CONTAINER [CONTAINER...]
-s : 发送信号
docker kill
Force quit container
parameter:-s :发送的信号
- docker stop sends
SIGTERM
a signal, docker kill sendsSIGKILL
a signal
docker kill
Will kill a container more violently.
docker top
View process information running in the container and supports ps command parameters.
docker top CONTAINER [ps OPTIONS]
/bin/bash
The container does not necessarily have a terminal to interactively execute commands when it is running top
, and the container does not necessarily have top
commands that can be used docker top
to view the processes running in the container.
docker stats
Displays the usage of container resources, including: CPU, memory, network I/O, etc.
docker stats [OPTIONS] [CONTAINER...]
parameter
--all , -a : 显示所有的容器,包括未运行的。
--format : 指定返回值的模板文件。如 table,json
--no-stream : 展示当前状态就直接退出了,不再实时更新。
--no-trunc : 不截断输出。
docker container inspect
View container details
docker container inspect [OPTIONS] CONTAINER [CONTAINER...]
parameter
-f : 指定返回值的模板文件。如 table、json
-s : 显示总的文件大小。
Can be redirected to a .json
file.
docker container inspect mywebsite > mywebsite_docker_tmp.json
docker port
Used to list port mappings for a specified container, or to find a PRIVATE_PORT NAT to the public.
docker port CONTAINER [PRIVATE_PORT[/PROTO]]
docker cp
Copy files between container and host
docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|-
docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH
docker diff
docker diff CONTAINER
docker commit
Create a new image from the container.
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
parameter
-a : 提交的镜像作者;
-c : 使用 Dockerfile 指令来创建镜像;可以修改启动指令
-m : 提交时的说明文字;
-p : 在 commit 时,将容器暂停
docker commit mywebsite mywebsite-yufc:v1.0
docker pause 和 docker unpause
Pause all processes in the container.
docker pause CONTAINER [CONTAINER...]
docker rm
Remove stopped containers.
docker rm [OPTIONS] CONTAINER [CONTAINER...]
key parameter:
-f : 通过 SIGKILL 信号强制删除一个运行中的容器
docker wait
Blocks the run until the container stops, then prints out its exit code.
docker wait CONTAINER [CONTAINER...]
First run a container, then exit and have docker wait
the exit code printed.
docker rename
Rename a container
docker rename CONTAINER NEW_NAME
docker container prune
docker container prune [OPTIONS]
parameter
-f, --force : 不提示是否进行确认
docker update
Update container configuration
docker update [OPTIONS] CONTAINER [CONTAINER...]
parameter
--cpus :cpu 数量
--cpuset-cpus : 使用哪些 cpu
--memory : 内存限制
--memory-swap :交换内存
--cpu-period : 是用来指定容器对 CPU 的使用要在多长时间内做一次重新分配
--cpu-quota :是用来指定在这个周期内,最多可以有多少时间用来跑这个容器