一、配置 docker
本地源
[docker-ce-stable]
name=Docker CE Stable
baseurl=http://10.35.186.181/docker-ce-stable/
enabled=1
gpgcheck=0
配置阿里云Docker Yum源
yum install -y yum-utils device-mapper-persistent-data lvm2 git
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2、安装完成后启动
启动Docker服务:
#systemctl enable docker
#systemctl start docker
查看Docker版本
[root@localhost ~]# docker -v
Docker version 27.0.3, build 7d4bcd8
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 27.0.3
API version: 1.46
Go version: go1.21.11
Git commit: 7d4bcd8
Built: Sat Jun 29 00:04:07 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.0.3
API version: 1.46 (minimum version 1.24)
Go version: go1.21.11
Git commit: 662f78c
Built: Sat Jun 29 00:02:31 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.18
GitCommit: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc:
Version: 1.7.18
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0
查看docker运行状态
[root@localhost ~]# docker info
Client: Docker Engine - Community
Version: 27.0.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.15.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.28.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 4
Running: 0
Paused: 0
Stopped: 4
Images: 2
Server Version: 27.0.3
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc version: v1.1.13-0-g58aa920
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 5.14.0-427.13.1.el9_4.x86_64
Operating System: Rocky Linux 9.4 (Blue Onyx)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.703GiB
Name: localhost.localdomain
ID: bc83f6a9-af90-4cbf-aaad-f9025ff827e2
Docker Root Dir: /docker-data
Debug Mode: false
Username: fucancan987
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://do.nark.eu.org/
https://dc.j8.work/
https://pilvpemn.mirror.aliyuncs.com/
https://docker.m.daocloud.io/
https://dockerproxy.com/
https://docker.mirrors.ustc.edu.cn/
https://docker.nju.edu.cn/
Live Restore Enabled: false
3、生产 doker 的配置环境(加入多个国内镜像源)
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [
"https://do.nark.eu.org",
"https://dc.j8.work",
"https://pilvpemn.mirror.aliyuncs.com",
"https://docker.m.daocloud.io",
"https://dockerproxy.com",
"https://docker.mirrors.ustc.edu.cn",
"https://docker.nju.edu.cn"
],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
#注意:一定注意编码问题,出现错误---查看命令:journalctl -amu docker 即可发现错误
4、登入登出 docker hub
[root@localhost ~]# docker login
Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to er.com/ to create one.
You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is requitions using SSO. Learn more at https://docs.docker.com/go/access-tokens/
Username: fucancan987
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores
Login Succeeded
[root@localhost ~]# docker logout
Removing login credentials for https://index.docker.io/v1/
5、配置数据存放位置
vim /usr/lib/systemd/system/docker.service
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --data-root=/docker-data #加入此参数可以设定docker的文件目录位置,如果没有需要创建
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always配置保存完毕后需要初始化
systemctl daemon-reload
二、docker 操作
1、查看当前 docker 镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
rockylinux latest 210996f98b85 2 years ago 205MB
2、运行 docker 镜像
直接运行容器,推出后容器就会关闭
[root@localhost ~]# docker run -it rockylinux:latest /bin/bash
[root@5228639101f2 /]# ping www.baidu.com
PING www.a.shifen.com (183.2.172.185) 56(84) bytes of data.
64 bytes from 183.2.172.185 (183.2.172.185): icmp_seq=1 ttl=127 time=42.1 ms
64 bytes from 183.2.172.185 (183.2.172.185): icmp_seq=2 ttl=127 time=74.3 ms
^C
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 42.088/58.207/74.326/16.119 ms
[root@5228639101f2 /]# exit
exit
-d 后台运行容器
[root@localhost ~]# docker run -itd rockylinux:latest /bin/bash
93d642bf9d8d28206ffdf0f8ae3a8febc415d7428b28a89743c5804521327086
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93d642bf9d8d rockylinux:latest "/bin/bash" 59 seconds ago Up 58 seconds sharp_hertz
[root@localhost ~]# docker attach sharp_hertz
[root@93d642bf9d8d /]# exit
exit
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 12 minutes ago Up 12 minutes wizardly_ganguly
[root@localhost ~]# docker exec -it b46abdcb5d30 /bin/bash
3、停止 、删除 docker 镜像 stop rm
[root@localhost docker-data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 42 minutes ago Up 42 minutes wizardly_ganguly
[root@localhost docker-data]# docker stop b46abdcb5d30
b46abdcb5d30
[root@localhost docker-data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker-data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 43 minutes ago Exited (0) 13 seconds ago wizardly_ganguly
93d642bf9d8d rockylinux:latest "/bin/bash" 47 minutes ago Exited (0) 43 minutes ago sharp_hertz
5228639101f2 rockylinux:latest "/bin/bash" 48 minutes ago Exited (0) 47 minutes ago agitated_wu
f888743a2d22 rockylinux "/bin/bash" 5 hours ago Exited (127) 5 hours ago admiring_goldstine
2ea9b1b927ad nginx "/docker-entrypoint.…" 5 hours ago Exited (0) 5 hours ago some-nginx
04c1365e723c nginx:latest "/docker-entrypoint.…" 5 hours ago Exited (127) 5 hours ago confident_lamarr
a3cc60263ed6 nginx:latest "/docker-entrypoint.…" 5 hours ago Exited (0) 5 hours ago cranky_lamport
[root@localhost docker-data]# docker rm b46abdcb5d30
b46abdcb5d30
[root@localhost docker-data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93d642bf9d8d rockylinux:latest "/bin/bash" 47 minutes ago Exited (0) 44 minutes ago sharp_hertz
5228639101f2 rockylinux:latest "/bin/bash" 48 minutes ago Exited (0) 48 minutes ago agitated_wu
f888743a2d22 rockylinux "/bin/bash" 5 hours ago Exited (127) 5 hours ago admiring_goldstine
2ea9b1b927ad nginx "/docker-entrypoint.…" 5 hours ago Exited (0) 5 hours ago some-nginx
04c1365e723c nginx:latest "/docker-entrypoint.…" 5 hours ago Exited (127) 5 hours ago confident_lamarr
a3cc60263ed6 nginx:latest "/docker-entrypoint.…" 5 hours ago Exited (0) 5 hours ago cranky_lamport
[root@localhost docker-data]#
3、将 docker 镜像打包到本地 docker save
[root@localhost ~]# docker save rockylinux:latest > rockylinux_93.tar.gz
[root@localhost ~]# ls
rockylinux_93.tar.gz
4 、导入本地 docker 包
[root@localhost ~]# docker load -i rockylinux_93.tar.gz
65dbea0a4b39: Loading layer [==================================================>] 211.3MB/211.3MB
Loaded image: rockylinux:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rockylinux latest 210996f98b85 2 years ago 205MB
三、上传镜像
1、dockerhub 创建账户,创建一个镜像仓库
1.1 创建 tag 名
docker tag REPOSITORY:TAG your REPOSITORY:new tag
打一个 tag,告诉是你自己创建的镜像空间下的
[root@localhost docker-data]# docker tag rockylinux:9.3 fucancan987/practice:9.3
[root@localhost docker-data]# docker login
Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com/ to create one.
You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is required for organizations using SSO. Learn more at https://docs.docker.com/go/access-tokens/Username: fucancan987
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-storesLogin Succeeded
[root@localhost docker-data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
practice 9.3 da8f2a99cf39 2 weeks ago 583MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
rockylinux latest 210996f98b85 2 years ago 205MB
推送到自己的镜像仓库
[root@localhost docker-data]# docker push practice:9.3
The push refers to repository [docker.io/library/practice]
44343de3ea1d: Preparing
denied: requested access to the resource is denied第一次默认推送推送失败,因为推送的命名空间是library,lirary是公共的、命名空间,没有推送的权限
[root@localhost docker-data]# docker push fucancan987/practice:9.3
The push refers to repository [docker.io/fucancan987/practice]
docker tag [IMAGE] 镜像仓库名/命名空间/REPOSITORY:【镜像版本号,可自定义】 ##打 tag
docker push 镜像仓库名/命名空间/REPOSITORY:【镜像版本号,可自定义】 ##上传
docker pull REPOSITORY:【镜像版本号,可自定义】 ##拉取
四、镜像管理
1、查找镜像 docker search image_name 【-f stars=number】
[root@localhost ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL
centos DEPRECATED; The official build of CentOS. 7744 [OK]
kasmweb/centos-7-desktop CentOS 7 desktop for Kasm Workspaces 45
rancher/os-centosconsole 0
bellsoft/liberica-openjdk-centos Liberica is a 100% open-source Java implemen… 4
bellsoft/liberica-openjre-centos Liberica is a 100% open-source Java implemen… 3
bitnami/centos-base-buildpack Centos base compilation image 0
kasmweb/core-centos-7 CentOS 7 base image for Kasm Workspaces 6
rancher/vm-centos 0
dokken/centos-7 CentOS 7 image for kitchen-dokken 10
spack/centos7 CentOS 7 with Spack preinstalled 2
dokken/centos-8 CentOS 8 image for use with Test Kitchen's k… 6
dokken/centos-6 EOL: CentOS 6 image for kitchen-dokken 0
dokken/centos-stream-8 EOL: CentOS Stream 8 image for use with Test… 5
ustclug/centos Official CentOS Image with USTC Mirror 0
dokken/centos-stream-9 CentOS Stream 9 image for use with Test Kitc… 10
atlas/centos7-atlasos ATLAS CentOS 7 Software Development OS 3
codecentric/springboot-maven3-centos STI builder image for building and running m… 13
spack/centos6 CentOS 6 with Spack preinstalled 1
apache/couchdbci-centos Apache CouchDB CI CentOS 0
vespaengine/vespa-build-centos7 Docker image for building Vespa on CentOS 7. 0
eclipse/centos_jdk8 CentOS, JDK8, Maven 3, git, curl, nmap, mc, … 5
corpusops/centos centos corpusops baseimage 0
corpusops/centos-bare https://github.com/corpusops/docker-images/ 0
cincproject/omnibus-centos CentOS Omnibus builder 0
starlingx/stx-centos StarlingX is an open source distributed clou… 0
##过滤点赞数大于100的镜像源
[root@localhost ~]# docker search centos -f stars=100
NAME DESCRIPTION STARS OFFICIAL
centos DEPRECATED; The official build of CentOS. 7744 [OK]
2、查看当前服务器镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
[root@localhost ~]# docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
3、拉取镜像信息 docker pull image_name:tagname
4、查看镜像详细信息 docker inspect image_name:tagname
5、删除镜像 docker rmi REPOSITORY:tagnam
有容器还在使用镜像会出现无法删除,此时需要强制删除镜像,删除过后,镜像释放自动清空
docker rmi -f REPOSITORY:tagname
6、删除所有镜像 docker rmi $(docker images -q)
显示所有的镜像id
[root@localhost ~]# docker images -q
da8f2a99cf39
da8f2a99cf39
6c54cbcf775a
fffffc90d343
fffffc90d343
fffffc90d343
9cc24f05f309
9cc24f05f309
9cc24f05f309
210996f98b85