镜像
docker image ls --help 查看帮助文档
docker image ls -f 过滤器,是个好东西。虽然目前没发现好在哪里...
列出所有镜像
[admin@centos7 ~]$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest d1165f221234 2 months ago 13.3kB
镜像体积
[admin@centos7 ~]$ docker system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 1 0 13.34kB 13.34kB (100%)
Containers 0 0 0B 0B
Local Volumes 0 0 0B 0B
Build Cache 0 0 0B 0B
列出虚悬镜象
[admin@centos7 ~]$ docker image ls -f dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
删除镜像
docker image rm 可根据镜像ID,标签,摘要删除
利用docker image ls配合删除,如 docker image rm $(docker image ls -q redis)
遇到的问题
- 提示有容器正在运行不能删除
[admin@centos7 ~]$ docker image rm $(docker image ls -q nginx)
Error response from daemon: conflict: unable to delete 19486213a479 (cannot be forced) - image is being used by running container acf4ac2e29af
Error response from daemon: conflict: unable to delete d1a364dc548d (cannot be forced) - image has dependent child images
try: 停止容器
[admin@centos7 ~]$ docker container stop acf4ac2e29af
acf4ac2e29af
[admin@centos7 ~]$ docker container stop f041072b1682
f041072b1682
- 提示有容器存在不能删除
[admin@centos7 ~]$ docker image rm $(docker image ls -q nginx)
Error response from daemon: conflict: unable to delete 19486213a479 (must be forced) - image is being used by stopped container acf4ac2e29af
Error response from daemon: conflict: unable to delete d1a364dc548d (cannot be forced) - image has dependent child images
try :删除容器
docker container prune
再次删除 - 成功
定制镜像
利用commit理解构建镜像【最好不要用!!!】
docker run --name webserver -d -p 80:80 nginx
通过localhost访问 (若是虚拟机,通过ip访问。获取ip:ifconfig -a)
尝试修改首页内容:
[admin@centos7 ~]$ docker exec -it webserver bash
root@f041072b1682:/# echo '<h1>hello,world!!!<h1>' > /usr/share/nginx/html/index.html
root@f041072b1682:/# exit
exit
为什么不要用commit?
- 不仅更改了目标文件,很多无关的文件也被改动了,臃肿
- 黑箱操作,除了制作者知道“做了什么”,其他人根本不知道
Dockerfile
docker run --name webserver -d -p 80:80 nginx
创建Dockerfile
mkdir mynginx
cd mynginx
cat>>Dockerfile
FROM nginx
RUN echo '<h1>helo,docker.</h1>' > /usr/share/nginx/html/index.html
【ctrl+d 退出】
构建镜像(请注意v3后面有个.,不要遗漏了)
docker build -t nginx:v3 .
运行
docker run --name web2 -d -p 81:80 nginx:v3
通过localhost访问 (若是虚拟机,通过ip访问。获取ip:ifconfig -a)
和docker commit的区别(个人理解,不确定是否有误)
docker commit是在原来镜像的基础上修改并提交 从而构建新镜像,而Dockerfile不会修改原来的镜像。(通过docker history nginx:latest 和 docker history nginx:v3 查看可得知)
构建上下文
Docker 构建上下文就是 Docker 客户端上传给服务端的 tar 文件解压后的内容,也即
docker build命令行后面指定路径下的文件。
从上述这句话简单理解为“.”即为上下文路径。
“上下文”这个概念还不太好理解,请阅读原文
容器
新建并启动
前提: 没有指定镜像ubuntu 18.04
docker run ubuntu:18.04 /bin/echo 'Hello world'
可以看到没有指定镜像,会自动从registry下载,然后利用镜像创建并启动容器,执行容器并自动终止容器
查看容器信息
docker container ls
获取容器输出信息
docker container logs [container ID or NAMES]
后台运行(守护态)容器
docker run -d ubuntu:18.04 /bin/echo 'Hello world' 自动终止容器
终止容器
docker container stop
启动容器
docker container start
重启 docker container restart
查看所有容器(包含终止状态的)
docker container ls -a
进入容器
docker exec or docker attach
推荐使用exec,因为执行exit不会终止容器
删除容器
docker container rm
清除所有终止状态的容器
docker container prune
使用网络
外部访问容器
-P: 随机映射一个端口到内部容器开放的网络端口
假设随机端口号为“32768”,以nginx为例:
比如nginx ,默认端口为80 ,那执行docker run -d -P nginx后系统会自动分配端口号32768映射到80-p: 指定映射的端口号并且一个指定端口只能绑定一个容器
docker run -p ip:hostPort:containerPort指定映射使用一个特定地址
docker run -p ip::containerPort映射指定地址的任意端口(系统自动分配)
docker run -p hostPort:containerPort
访问多个端口配置:
docker run -d
-p 80:80
-p 443:443
nginx:alpine
查看端口配置
[admin@centos7 ~]$ docker port ee
3306/tcp -> 0.0.0.0:3306
3306/tcp -> :::3306
"ee"是container的ID前两位
使用docker inspect ee还可以看到容器自己的内部网络和ip地址
[
{
"Id": "eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f",
"Created": "2021-05-28T08:28:01.688452011Z",
"Path": "/entrypoint.sh",
"Args": [
"mysqld"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 9397,
"ExitCode": 0,
"Error": "",
"StartedAt": "2021-05-28T08:28:03.207678971Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:13efa2a210dd30a2f1249611a7b8bc17d27001ecd2431da849a985e5231ba565",
"ResolvConfPath": "/var/lib/docker/containers/eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f/hostname",
"HostsPath": "/var/lib/docker/containers/eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f/hosts",
"LogPath": "/var/lib/docker/containers/eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f/eef935e57bdba34f5543cb4b6c9a34cfddddf53aaaad503422a3064e85864a8f-json.log",
"Name": "/node1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"v1:/var/lib/mysql"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "net1",
"PortBindings": {
"3306/tcp": [
{
"HostIp": "",
"HostPort": "3306"
}
]
},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/6fa8747c4a52149185fd5251aeea7f343da837f651117867ea01f7ceb697981b-init/diff:/var/lib/docker/overlay2/7d43b4531453aef07cfee614fde8f7da3a202d72e7c385b06101f956ab3870c1/diff:/var/lib/docker/overlay2/c4c44ebbe8ce6c280d7db483cc7c5ed4284a7dcd486a78f90e2a6afc321bf663/diff:/var/lib/docker/overlay2/d58232ae5c870e11c60f0fbcb4597f7a4692699d078b8aad09273ad0ead26774/diff:/var/lib/docker/overlay2/ef892da0cb66ef59f05f21d1381afff688649651e4c963ff275b2a9f3e284df8/diff:/var/lib/docker/overlay2/aba250a727fa3eaceaaecfc82e55c1a8cb1767b819f06988cf1aa928c2bde26b/diff:/var/lib/docker/overlay2/6e42a40f4796686b01b70bd59c2cdf7e4b5f98ddba9e9f3735eadfd231b42fbc/diff:/var/lib/docker/overlay2/1ad2744dcd2088696f0edc44ae089d7ac4993e9ed33c3b6c7c0f10d4b4321144/diff:/var/lib/docker/overlay2/21f4fef789c645e7e5a0ad02e04b4f39389987c66b622038828845cbba368655/diff:/var/lib/docker/overlay2/0568bfa07d3c7650eaa2f3af5496dacf2d82b04529316f3cdc238887331cff07/diff:/var/lib/docker/overlay2/77733cfb761a741c5835e99dcfe141595ed76398ccbc92f1e98e8b41e48e1d65/diff:/var/lib/docker/overlay2/5a4fe2ddeec13136519be4936f23473948a61817cfcb4e207799680692a1f9a5/diff:/var/lib/docker/overlay2/1ee4980528b372ce550099e64aaa8e4de4de47be46c2cb236264f4c1030d309a/diff",
"MergedDir": "/var/lib/docker/overlay2/6fa8747c4a52149185fd5251aeea7f343da837f651117867ea01f7ceb697981b/merged",
"UpperDir": "/var/lib/docker/overlay2/6fa8747c4a52149185fd5251aeea7f343da837f651117867ea01f7ceb697981b/diff",
"WorkDir": "/var/lib/docker/overlay2/6fa8747c4a52149185fd5251aeea7f343da837f651117867ea01f7ceb697981b/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "v1",
"Source": "/var/lib/docker/volumes/v1/_data",
"Destination": "/var/lib/mysql",
"Driver": "local",
"Mode": "z",
"RW": true,
"Propagation": ""
},
{
"Type": "volume",
"Name": "536a960c78f5949c4797bd34fabafc7ce48b06bb44424076a1d41d8bb19ebe5d",
"Source": "/var/lib/docker/volumes/536a960c78f5949c4797bd34fabafc7ce48b06bb44424076a1d41d8bb19ebe5d/_data",
"Destination": "/var/log/mysql",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "eef935e57bdb",
"Domainname": "",
"User": "1001",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {},
"4567/tcp": {},
"4568/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"MYSQL_ROOT_PASSWORD=123456",
"CLUSTER_NAME=PXC",
"XTRABACKUP_PASSWORD=123456",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"PXC_VERSION=8.0.22-13.1",
"PXC_REPO=release",
"OS_VER=el8",
"FULL_PERCONA_XTRADBCLUSTER_VERSION=8.0.22-13.1.el8"
],
"Cmd": [
"mysqld"
],
"Image": "pxc",
"Volumes": {
"/var/lib/mysql": {},
"/var/log/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"/entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20201204",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS",
"org.opencontainers.image.authors": "info@percona.com"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "1e1d29e4ecf8d61c46caf473e09cb3bd6e3cab343406d5f41a22e282e9358ae4",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"3306/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "3306"
},
{
"HostIp": "::",
"HostPort": "3306"
}
],
"33060/tcp": null,
"4567/tcp": null,
"4568/tcp": null
},
"SandboxKey": "/var/run/docker/netns/1e1d29e4ecf8",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"net1": {
"IPAMConfig": {
"IPv4Address": "172.18.0.2"
},
"Links": null,
"Aliases": [
"eef935e57bdb"
],
"NetworkID": "2226ef15f47104900a44b7b3bdcea5baad7381cc3e105878fb1cc031983d4b1a",
"EndpointID": "11e532bc87067768bce63260fd751f861f17c34692c33014ff467d5d1c49649c",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.2",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
"DriverOpts": null
}
}
}
}
]
容器互联
-
新建网络
docker network create -d bridge my-net
-d指定网络类型,bridge,overlay(用于swarm mode) -
连接容器
docker run --network=my-net
原理: 连接到同一个网络的 容器 之间都可以互联
栗子
连接多个容器使用compose
配置DNS
- 配置全部容器的DNS(全局配置文件)
sudo vi /etc/docker/daemon.json
{
"dns" : [
"8.8.8.8"
]
}
配置后重启docker,此时所有容器会被关闭。
检查是否已生效
systemctl daemon-reload
systemctl restart docker
docker run -it --rm ubuntu:18.04 cat etc/resolv.conf
2.指定容器配置
docker run -h HOSTNAME 配置主机名
会被写入容器内的 /etc/hostname 和 /etc/hosts ,但是不会在容器外部被看到
docker run --dns=IP_ADDRESS 添加DNS服务器到容器的 /etc/resolv.conf
--dns-search=DOMAIN 设定容器的搜索域
注意,--dns 和 --dns-search 如果没有配置,默认使用主机的 /etc/resolv.conf 来配置容器
docker file
配置文件 /etc/docker/daemon.json
需要注意的点
- 删除镜像前 需要删除使用该镜像的所有容器
- 定制镜像,最后一步需要清除掉无关文件
问题
- 为什么镜像和使用该镜像的容器,DNS不是一样的呢?
[admin@centos7 ~]$ docker image ls -a
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 81bcf752ac3d 8 days ago 63.1MB
pxc latest 13efa2a210dd 2 months ago 560MB
[admin@centos7 ~]$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ade00ee0a5fc pxc "/entrypoint.sh mysq…" 2 hours ago Up 57 minutes 4567-4568/tcp, 33060/tcp, 0.0.0.0:3310->3306/tcp, :::3310->3306/tcp node6
[admin@centos7 ~]$ docker run -it --rm pxc:latest cat etc/resolv.conf
search localdomain com
nameserver 114.114.114.114
nameserver 8.8.8.8
[admin@centos7 ~]$ docker exec -it ade bash
bash-4.4$ cat etc/resolv.conf
search localdomain com
nameserver 127.0.0.11
options ndots:0
个人问题:
学习到这里其实突然有点茫然,该怎么去部署一个系统呢?
主要是学习dockerfile指令详解这一章节,不明白这些指令在实际场景中为什么要应用。
项目部署完整流程
前后端项目部署实战 - 原文博客
当前系统信息
docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
scan: Docker Scan (Docker Inc.)
Server:
Containers: 5
Running: 2
Paused: 0
Stopped: 3
Images: 3
Server Version: 20.10.6
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1160.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 972.3MiB
Name: centos7.com
ID: GK7Q:GLMK:ARGI:LDF6:PHRT:BC3Q:XTJJ:3THM:3C33:546F:GCN5:YGOD
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://hub-mirror.c.163.com/
https://mirror.baidubce.com/
Live Restore Enabled: false
docker image ls -a
[admin@centos7 ~]$ docker image ls -a
REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 18.04 81bcf752ac3d 8 days ago 63.1MB
pxc latest 13efa2a210dd 2 months ago 560MB
hello-world latest d1165f221234 2 months ago 13.3kB
docker container ls -a
[admin@centos7 ~]$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ade00ee0a5fc pxc "/entrypoint.sh mysq…" 2 hours ago Up 57 minutes 4567-4568/tcp, 33060/tcp, 0.0.0.0:3310->3306/tcp, :::3310->3306/tcp node6
05bdf7f9bc8e pxc "/entrypoint.sh mysq…" 2 hours ago Up 57 minutes 4567-4568/tcp, 33060/tcp, 0.0.0.0:3309->3306/tcp, :::3309->3306/tcp node5
615d10c29943 pxc "/entrypoint.sh mysq…" 2 hours ago Exited (137) 58 minutes ago node3
5ecac524b09b pxc "/entrypoint.sh mysq…" 2 hours ago Exited (137) 58 minutes ago node2
eef935e57bdb pxc "/entrypoint.sh mysq…" 2 hours ago Exited (137) 58 minutes ago node1
参考文档:
Docker--从入门到实践
上面的内容,主要还是一些知识点整理和个人的一些思考,权当参考,如有错误或者更好的建议,可以在评论区指正,不胜感激!