OS + Centos7.6 docker

制作Docker image 有两种方式：

一是使用 Docker container，直接构建容器，再导出成 image 使用；

二是使用 Dockerfile，将所有动作写在文件中，再 build 成 image。Dockerfile 的方式非常灵活，推荐使用。

https://docs.docker.com/engine/reference/commandline/docker/

Command	Description
docker attach	Attach local standard input, output, and error streams to a running container
docker build	Build an image from a Dockerfile
docker builder	Manage builds
docker checkpoint	Manage checkpoints
docker commit	Create a new image from a container’s changes
docker config	Manage Docker configs
docker container	Manage containers
docker context	Manage contexts
docker cp	Copy files/folders between a container and the local filesystem
docker create	Create a new container
docker diff	Inspect changes to files or directories on a container’s filesystem
docker events	Get real time events from the server
docker exec	Run a command in a running container
docker export	Export a container’s filesystem as a tar archive
docker history	Show the history of an image
docker image	Manage images
docker images	List images
docker import	Import the contents from a tarball to create a filesystem image
docker info	Display system-wide information
docker inspect	Return low-level information on Docker objects
docker kill	Kill one or more running containers
docker load	Load an image from a tar archive or STDIN
docker login	Log in to a Docker registry
docker logout	Log out from a Docker registry
docker logs	Fetch the logs of a container
docker manifest	Manage Docker image manifests and manifest lists
docker network	Manage networks
docker node	Manage Swarm nodes
docker pause	Pause all processes within one or more containers
docker plugin	Manage plugins
docker port	List port mappings or a specific mapping for the container
docker ps	List containers
docker pull	Pull an image or a repository from a registry
docker push	Push an image or a repository to a registry
docker rename	Rename a container
docker restart	Restart one or more containers
docker rm	Remove one or more containers
docker rmi	Remove one or more images
docker run	Run a command in a new container
docker save	Save one or more images to a tar archive (streamed to STDOUT by default)
docker search	Search the Docker Hub for images
docker secret	Manage Docker secrets
docker service	Manage services
docker stack	Manage Docker stacks
docker start	Start one or more stopped containers
docker stats	Display a live stream of container(s) resource usage statistics
docker stop	Stop one or more running containers
docker swarm	Manage Swarm
docker system	Manage Docker
docker tag	Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
docker top	Display the running processes of a container
docker trust	Manage trust on Docker images
docker unpause	Unpause all processes within one or more containers
docker update	Update configuration of one or more containers
docker version	Show the Docker version information
docker volume	Manage volumes
docker wait	Block until one or more containers stop, then print their exit codes

CentOS 7 安装 docker 并搭建私有仓库

https://www.cnblogs.com/wtf0215-golang/p/5409184.html

docker_practice.pdf

http://wiki.cns*****.com/download/attachments/28845136/docker_practice.pdf

安装docker服务

[root@centos76 ~]# yum install docker

查看docker安装

[root@centos7 ~]# rpm -qa| grep docker
docker-client-1.13.1-162.git64e9980.el7.centos.x86_64
docker-common-1.13.1-162.git64e9980.el7.centos.x86_64
docker-1.13.1-162.git64e9980.el7.centos.x86_64
[root@centos7 ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)

启动docker服务

[root@centos76 ~]# /bin/systemctl start docker.service

[root@centos76 ~]# service docker start

查看docker服务 / 打印详细信息 -l 参数

[root@centos76 ~]# systemctl status docker.service -l

开机启动docker

[root@centos7 ~]# systemctl enable docker 或 /bin/systemctl enable docker.service

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

[root@centos7 ~]# docker --version

Docker version 1.13.1, build 64e9980/1.13.1
[root@centos7 ~]# docker version

修改docker仓库存储路径

修改1：开启Linux 内核转发

[root@centos7 ~]# echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

[root@centos7 ~]# sysctl -p 命令生效

修改2：修改docker仓库路径

[root@centos7 ~]# vim /etc/sysconfig/docker

OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'

修改为

OPTIONS='--selinux-enabled --graph=/home/lab/docker/images --log-driver=journald --signature-verification=false'

查看docker环境变量及存储路径

[root@centos7 ~]# docker info | grep "Dir"

WARNING: You're not using the default seccomp profile
Docker Root Dir: /home/lab/docker/images

下载镜像

[root@centos7 ~]# docker pull centos:centos7

或

[root@centos7 ~]# docker image pull centos:centos8

查看镜像

[root@centos7 ~]# docker images

docker run-d-p2222:22--nametestsoar/centos:7.1以镜像soar/centos:7.1创建名为test的容器，并以后台模式运行，并做端口映射到宿主机2222端口，P参数重启容器宿主机端口会发生改变

docker start/stopid/ name启动/停止某个容器
docker attach id进入某个容器(使用exit退出后容器也跟着停止运行)
docker exec -tiid启动一个伪终端以交互式的方式进入某个容器（使用exit退出后容器不停止运行）
docker run --nametest -tiubuntu /bin/bash复制ubuntu容器并且重命名为test且运行，然后以伪终端交互式方式进入容器，运行bash
docker build-tsoar/centos:7.1.通过当前目录下的docker file创建一个名为soar/centos:7.1的镜像

docker 命令

https://zhuanlan.zhihu.com/p/98982041

查看本地镜像
[root@centos7 docker]# docker images
查看运行容器
[root@centos7 docker]# docker ps 
查看所有容器
[root@centos7 docker]# docker ps -a
启动新的容器
[root@centos7 docker]# docker images
[root@centos7 docker]# docker run <IMAGE ID>
[root@centos7 docker]# docker run -itd -p 8081:80 --name <IMAGE ID> <NEW IMAGE ID> /bin/bash
启动已有容器
[root@centos7 docker]# docker images
[root@centos7 docker]# docker start <IMAGE ID>
[root@centos7 docker]# docker start -ia -p 8081:80 --name <IMAGE ID> <NEW IMAGE ID> /bin/bash
启动所有容器
[root@centos7 docker]# docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)
[root@centos7 docker]# docker start $(docker ps -qa)
重新命名容器
[root@centos7 docker]# docker rename <CONTAINER ID> 新容器名
进入单个容器
[root@centos7 docker]# docker exec -it <CONTAINER ID> /bin/bash
或
[root@centos7 docker]# docker exec -it <NAMES> /bin/bash
停止所有容器
[root@centos7 docker]# docker stop $(docker ps -qa | awk '{ print $1}' | tail -n +2)
[root@centos7 docker]# docker stop $(docker ps -qa)
删除单个容器
[root@centos7 docker]# docker rm "CONTAINER ID"
删除所有容器
[root@centos7 docker]# docker stop $(docker ps -qa) & docker rm $(docker ps -aq)
或
[root@centos7 docker]# docker stop $(docker ps -qa) & docker rm $(docker ps -a | awk '{ print $1}' | tail -n +2)
重新命名镜像
[root@centos7 docker]# docker tag IMAGEID REPOSITORY:TAG
删除单个镜像
查询镜像
[root@centos7 docker]# docker images
REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
docker.io/registry      2                   2d4f4b5309b1        8 weeks ago         26.2 MB
开始删除
[root@centos7 docker]# docker rmi <IMAGEID>
或
[root@centos7 docker]# docker rmi <REPOSITORY:TAG>
或
[root@centos7 docker]# docker image rm <IMAGEID>
删除所有镜像（慎用） 
[root@centos7 docker]# docker rm $(docker images)
或
[root@centos7 docker]# docker image rm $(docker image ls -aq)
或
[root@centos7 docker]# docker rmi $(docker images | awk '{print $3}' |tail -n +2)
或
[root@centos7 docker]# docker stop $(docker ps -a -q) && docker system prune --all --force
删除数据卷
[root@centos7 docker]# docker volume rm $(docker volume ls -q)
删除network
[root@centos7 docker]# docker network rm $(docker network ls -q)
导出某个镜像
[root@centos7 docker]# docker save <IMAGE ID> -o /home/lab/docker/myimages.tar 
导入某个镜像
[root@centos7 docker]# docker load < /home/lab/docker/myimages.tar
容器应用自动启动
https://blog.csdn.net/wang_magento/article/details/100763622
文件：/opt/start.sh
内容：

#!/bin/sh
source /etc/profile
/usr/sbin/nginx
/opt/apache-tomcat-9.0.37/bin/startup.sh

#保留一个终端，防止容器自动退出
/bin/bash

赋权 chmod 777 /opt/start.sh

保存镜像：docker commit

启动容器：

docker镜像打包

https://www.cnblogs.com/xcsn/p/12121421.html

3 制作新镜像

1 将修改后的容器重新打包成镜像

docker commit [containerID] [ImageName]:[Version]

我的命令,打包后并查看

docker commit 12b89974bc2b wscore3:v1
docker images

将容器保存为新的镜像,并添加提交人信息和说明信息。

docker commit -a "ws" -m "wscore3v1" 12b89974bc2b wscore3:v1

参数说明
-a :提交的镜像作者；
-c :使用Dockerfile指令来创建镜像；
-m :提交时的说明文字；
-p :在commit时，将容器暂停。

centos删除docker0虚拟网卡

https://my.oschina.net/qiongtaoli/blog/902207

# 停止docker服务
service docker stop
# 用ip命令使docker0网卡down掉
ip link set dev docker0 down
# 删除网卡
brctl delbr docker0

docker默认配置文件

[root@centos7 docker]# vim /etc/sysconfig/docker

# /etc/sysconfig/docker
# --icc=false 表示禁止容器互联
# --graph=/home/lab/docker/images 自定义容器地址
# --log-driver==journald 默认日志打印路径
# Modify these options if you want to change the way the docker daemon runs
# OPTIONS='--selinux-enabled --graph=/home/lab/docker/images --log-driver=journald --signature-verification=false'
OPTIONS='--selinux-enabled --graph=/home/lab/docker/images --signature-verification=false'
if [ -z "${DOCKER_CERT_PATH}" ]; then
    DOCKER_CERT_PATH=/etc/docker
fi

# Do not add registries in this file anymore. Use /etc/containers/registries.conf
# instead. For more information reference the registries.conf(5) man page.

# Location used for temporary files, such as those created by
# docker load and build operations. Default is /var/lib/docker/tmp
# Can be overriden by setting the following environment variable.
# DOCKER_TMPDIR=/var/tmp

# Controls the /etc/cron.daily/docker-logrotate cron job status.
# To disable, uncomment the line below.
# LOGROTATE=false

# docker-latest daemon can be used by starting the docker-latest unitfile.
# To use docker-latest client, uncomment below lines
#DOCKERBINARY=/usr/bin/docker-latest
#DOCKERDBINARY=/usr/bin/dockerd-latest
#DOCKER_CONTAINERD_BINARY=/usr/bin/docker-containerd-latest
#DOCKER_CONTAINERD_SHIM_BINARY=/usr/bin/docker-containerd-shim-latest

问题1 ：

[root@centos7 ~]# docker run -i -t b5b4d78bc90c /bin/bash
/bin/bash: error while loading shared libraries: libtinfo.so.5: cannot open shared object file: Permission denied

[root@centos7 ~]# docker run -i -t 831691599b88 /bin/bash
/bin/bash: error while loading shared libraries: libtinfo.so.6: cannot open shared object file: Permission denied

解决1：

Fedora 28 报 error while loading shared libraries: libtinfo.so.5 解决办法

https://www.cnblogs.com/xieshangxi/p/12418899.html

问题2：java ecchart 生成中文图表时，docker环境的jboss发布应用xxx.war后，应用功能中，图表展示中文乱码。

解决2：docker 容器添加中文字体环境。

curl ftp://10.100.251.51/packages/fonts/simsun.zip -o /tmp/a92ee7ef67af4386bddce3849bba7c47; echo A|unzip /tmp/a92ee7ef67af4386bddce3849bba7c47 -d /usr/share/; fc-cache; rm -f /tmp/a92ee7ef67af4386bddce3849bba7c47

curl ftp://10.100.251.51/packages/fonts/jasperreports打印字体.zip -o /tmp/e41f473432e647f8a1172878cdcdee9f; echo A|unzip /tmp/e41f473432e647f8a1172878cdcdee9f -d /usr/share/; fc-cache; rm -f /tmp/e41f473432e647f8a1172878cdcdee9f

问题3：

[root@centos7 overlay2]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
images8081 latest 92628310ee91 35 minutes ago 542 MB

[root@centos7 overlay2]# docker save images8081 /home/lab/docker/store/images8081.tar
Cowardly refusing to save to a terminal. Use the -o flag or redirect.

解决3：缺乏导出参数 -o，加上就好了。

[root@centos7 overlay2]# docker save images8081 -o /home/lab/docker/store/images8081.tar

问题4：镜像删除失败

[root@centos7 overlay2]# docker images

REPOSITORY TAG IMAGE ID CREATED SIZE

images8081 v20200901 c24a586ed820 31 seconds ago 898 MB

images8081 v20200827 ce324bc77c1d 4 days ago 870 MB

[root@centos7 overlay2]# docker rmi ce324bc77c1d

Error response from daemon: conflict: unable to delete ce324bc77c1d (cannot be forced) - image has dependent child images

Error response from daemon: conflict: unable to remove repository reference "images8081:v20200901_2" (must force) - container 00f3bfe34c9f is using its referenced image 2bc960eacf13

解决4：

https://www.cnblogs.com/111testing/p/11208086.html

方法一：强制删除镜像失败，原因: 是因为TAG的问题，即有其他 image FROM 了这个 image如下

[root@centos7 overlay2]# docker rmi -f ce324bc77c1d

Error response from daemon: conflict: unable to delete ce324bc77c1d (cannot be forced) - image has dependent child images

方法二：先查询依赖

[root@centos7 overlay2]# docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=XXX) # XXX指镜像ID

然后根据根据TAG删除容器

[root@centos7 overlay2]# docker rmi REPOSITORY:TAG

end