一、docker平台组成
docker最核心的组件是:镜像、容器、仓库
二、常用基础命令
1、镜像操作
(1)拉取镜像
查找指定镜像:docker search + 镜像名字
[root@client ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos DEPRECATED; The official build of CentOS. 7627 [OK]
kasmweb/centos-7-desktop CentOS 7 desktop for Kasm Workspaces 40
bitnami/centos-base-buildpack Centos base compilation image 0 [OK]
couchbase/centos7-systemd centos7-systemd images with additional debug… 8 [OK]
continuumio/centos5_gcc5_base 3
datadog/centos-i386 0
dokken/centos-7 CentOS 7 image for kitchen-dokken 5
dokken/centos-8 CentOS 8 image for kitchen-dokken 3
spack/centos7 CentOS 7 with Spack preinstalled 1
dokken/centos-6 EOL: CentOS 6 image for kitchen-dokken 0
atlas/centos7-atlasos ATLAS CentOS 7 Software Development OS 0
couchbase/centos-72-java-sdk 0
spack/centos6 CentOS 6 with Spack preinstalled 1
couchbase/centos-72-jenkins-core 0
ustclug/centos Official CentOS Image with USTC Mirror 0
couchbase/centos-70-sdk-build 0
couchbase/centos-69-sdk-build 0
couchbase/centos-69-sdk-nodevtoolset-build 0
eclipse/centos_jdk8 CentOS, JDK8, Maven 3, git, curl, nmap, mc, … 5 [OK]
dokken/centos-stream-8 4
adoptopenjdk/centos7_build_image 1
corpusops/centos-bare https://github.com/corpusops/docker-images/ 0
dokken/centos-stream-9 6
corpusops/centos centos corpusops baseimage 0
adoptopenjdk/centos6_build_image 0拉取镜像:docker pull + 名字:tag (不加tag则默认为latest,也可以自己指定tag版本)
[root@client ~]# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
Digest: sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest(2)查看镜像
查看本地镜像文件:docker images 或者 docker image ls
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest 28faf67102d4 3 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
nginx latest 605c77e624dd 19 months ago 141MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB
[root@client ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest 28faf67102d4 3 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
nginx latest 605c77e624dd 19 months ago 141MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB只列出镜像id:docker images -aq
[root@client ~]# docker images -aq
28faf67102d4
5bc38c82d272
605c77e624dd
ba6acccedd29
5d0da3dc9764格式化显示,关键参数--format
[root@client ~]# docker images --format "{{.ID}}--{{.Repository}}"
28faf67102d4--my_nginx
5bc38c82d272--client/my_vim
605c77e624dd--nginx
ba6acccedd29--ubuntu
5d0da3dc9764--centos
[root@client ~]#
[root@client ~]# docker images --format "{{.ID}}****{{.Repository}}"
28faf67102d4****my_nginx
5bc38c82d272****client/my_vim
605c77e624dd****nginx
ba6acccedd29****ubuntu
5d0da3dc9764****centos
以表格形式显示
[root@client ~]# docker images --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}"
IMAGE ID REPOSITORY TAG
28faf67102d4 my_nginx latest
5bc38c82d272 client/my_vim latest
605c77e624dd nginx latest
ba6acccedd29 ubuntu latest
5d0da3dc9764 centos latest查看镜像的详细信息:docker image inspect + 镜像id
[root@client ~]# docker image inspect 5d0
[
{
"Id": "sha256:5d0da3dc976460b72c77d94c8a1ad043720b0416bfc16c52c45d4847e53fadb6",
"RepoTags": [
"centos:latest"
],
"RepoDigests": [],
"Parent": "",
"Comment": "",
"Created": "2021-09-15T18:20:05.184694267Z",
....................
................
}
}
](3)删除镜像
删除镜像:docker rmi + 名字/id(指定id前三位即可)(被删除的镜像如果有依赖的容器记录,得先删除容器才能删除镜像)
[root@client ~]# docker rmi nginx
Untagged: nginx:latest
Untagged: nginx@sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Deleted: sha256:605c77e624ddb75e6110f997c58876baa13f8754486b461117934b24a9dc3a85(4)导入与导出
导出镜像:docker image save 镜像名 -o 目标目录下的文件
[root@client ~]# mkdir img_backup
[root@client ~]# docker image save centos -o /root/img_backup/centos.bak
[root@client ~]# ll /root/img_backup/
total 232992
-rw------- 1 root root 238581248 Aug 17 08:25 centos.bak导入镜像:docker image load -i 目标镜像文件
#先删除centos镜像
[root@client ~]# docker rmi centos
Untagged: centos:latest
Untagged: centos@sha256:a27fd8080b517143cbbbab9dfb7c8571c40d67d534bbdee55bd6c473f432b177
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest 28faf67102d4 3 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
#导入镜像文件
[root@client ~]# docker image load -i /root/img_backup/centos.bak
Loaded image: centos:latest
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
my_nginx latest 28faf67102d4 3 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB
2、容器操作
查看docker服务的详细信息:docker info
[root@client ~]# docker info
Client: Docker Engine - Community
Version: 24.0.5
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
.......
.......
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://8xpk5wnt.mirror.aliyuncs.com/
Live Restore Enabled: false(1)容器的运行与删除
运行容器:docker run命令
常用选项:
| -t | 打开一个终端,像使用交换机一样使用容器 |
| -i | 交互式访问 |
| --name | 给容器命名 |
| --network | 指定网络 |
| -rm | 停止容器,则自动删除容器 |
| -d | 后台运行容器,返回容器ID |
| -p(小写) | 端口映射,格式为:主机/宿主端口:容器端口 |
| -P(大写) | 随机端口映射,不需要指定,容器内部的端口映射到主机随机的端口 |
a.容器运行示例1:
以交互式进入、打开终端并以bash进程运行一个容器
该容器是运行centos镜像生成的容器实例,可以发现也能用一些基础命令,如ls,使用命令exit即可退出
[root@client ~]# docker run -it centos bash
[root@2f9cbbe467c4 /]#
[root@2f9cbbe467c4 /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@2f9cbbe467c4 /]# exit
exit
查看容器:docker ps
不加 -a 则查看的是正在运行的容器,目前没有正在运行的容器;加上 -a 则可以看到刚才运行过的所有容器
[root@client ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2f9cbbe467c4 centos "bash" 44 minutes ago Exited (0) 42 minutes ago trusting_stonebrakerb.容器运行示例2:
我们给新运行的容器命名为test1,然后退出容器没有用exit,但是容器却还在运行,这是因为我用的ctrl+p+q退出的,这样的退出方式不会停止容器的运行
[root@client ~]# docker run -it --name test1 centos bash
[root@5d38ff8d0ab4 /]#
[root@5d38ff8d0ab4 /]#
[root@5d38ff8d0ab
[root@client ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d38ff8d0ab4 centos "bash" 44 seconds ago Up 44 seconds test1
我们用exec命令即可进入正在运行的容器
[root@client ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d38ff8d0ab4 centos "bash" 5 minutes ago Up 5 minutes test1
[root@client ~]# docker exec -it 5d3 bash
[root@5d38ff8d0ab4 /]#
[root@5d38ff8d0ab4 /]# exit
exit其他docker run的常用选项大家可以自行再去尝试,例如-d后台运行等,我就不一一演示完了
停止容器:docker stop + 容器id
运行一个停止的容器:docker start + 容器id
[root@client ~]# docker stop 5d3
5d3
[root@client ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESc.删除容器
接下来删除容器:docker rm + 容器id
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d38ff8d0ab4 centos "bash" 9 minutes ago Exited (0) 2 minutes ago test1
447edf2e6536 centos "--name test1 bash" 10 minutes ago Created angry_jones
2f9cbbe467c4 centos "bash" 58 minutes ago Exited (0) 56 minutes ago trusting_stonebraker
[root@client ~]# docker rm 5d3
5d3
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
447edf2e6536 centos "--name test1 bash" 10 minutes ago Created angry_jones
2f9cbbe467c4 centos "bash" 59 minutes ago Exited (0) 57 minutes ago trusting_stonebrake删除全部的容器:docker rm $(docker ps -aq)
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
447edf2e6536 centos "--name test1 bash" 11 minutes ago Created angry_jones
2f9cbbe467c4 centos "bash" About an hour ago Exited (0) 58 minutes ago trusting_stonebraker
[root@client ~]# docker rm $(docker ps -qa)
447edf2e6536
2f9cbbe467c4
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@client ~]#
(2)容器其他相关信息查看
查看容器日志:docker logs + 容器id
[root@client ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
11822e8c3b38 centos "bash" 6 minutes ago Exited (0) 2 minutes ago trusting_hawking
[root@client ~]# docker logs 118
[root@11822e8c3b38 /]# exit
exit
[root@11822e8c3b38 /]# exit
[root@client ~]# 查看容器运行的详细信息: docker container inspect + 容器id
[root@client ~]# docker container inspect 118
[
{
"Id": "11822e8c3b388ebea6abcdde10896db5c11aa35a5f3493a4e467bb5c55bd413c",
"Created": "2023-08-17T09:50:58.019924688Z",
"Path": "bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
.................................
................................
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
查看容器端口转发情况:docker port + 容器id
#拉取nginx镜像
[root@client ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
a2abf6c4d29d: Already exists
a9edb18cadd1: Already exists
589b7251471a: Already exists
186b1aaa4aa6: Already exists
b4df32aa5a72: Already exists
a0bcbecc962e: Already exists
Digest: sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
#运行镜像生成容器,-p指定端口映射
[root@client ~]# docker run -d -p 85:80 nginx
f82c0d54593c96daf2e9b0652dc8bf35d5bfc2003158d6abfaa143d8dd38bc87
#查看端口转发情况
[root@client ~]# docker port f82
80/tcp -> 0.0.0.0:85
80/tcp -> [::]:85
#也可以使用大写的P来使用随机端口映射
[root@client ~]# docker run -d -P nginx
11c630580399c409247b990cb94130129e1e3d485928130fbd6864c6e3720ed3
#使用命令就可以知道随机的端口号是49153
[root@client ~]# docker port 11c
80/tcp -> 0.0.0.0:49153
80/tcp -> [::]:49153
[root@client ~]#
(3)容器的提交
示例:运行基础的centos镜像,在容器内安装vim,然后提交新的镜像。通过运行新的镜像再运行出来的容器,默认就携带了vim了
[root@client ~]# docker run -it centos bash
[root@651c0fe0e77d /]# yum install vim -y提交容器:docker commit 容器id 新的镜像名
#提交容器,并命名为client/my_vim
[root@client ~]# docker commit 651c0fe0e77d client/my_vim
sha256:5bc38c82d2726cf303b96bf4ad65166f7112ee0b350bf5d1f5d394b8b721b4ed
#新的镜像因为下载了vim之类的。所以肯定比基础的centos镜像大
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
client/my_vim latest 5bc38c82d272 12 seconds ago 233MB
nginx latest 605c77e624dd 19 months ago 141MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB后面再去运行这个提交的新镜像,就会默认携带vim了
三、dockerfile的制作
1、dockerfile的主要组成部分
基础镜像信息(如:FROM centos:xxx)
制作镜像操作指令(如:RUN yum install xxx -y)
容器启动时执行指令(如:CMD ["/bin/bash"])
2、dockerfile指令
| FROM | 指定基础镜像 |
| MAINTAINER | 指定维护者信息 |
| RUN | 后面跟想要执行的命令 |
| ADD | 拷贝文件,会自动解压,官方推荐使用COPY |
| COPY | 复制文件,对文件不做任何修改,完全一样 |
| WORKDIR | 设置当前工作目录 |
| VOLUME | 设置卷,挂载主机目录 |
| EXPOSE | 指定对外的端口 |
| CMD | 指定容器启动之后要执行的 |
| ENV | 环境变量 |
| ENTRYPOINT | 容器启动后执行的命令(与CMD存在区别) |
CMD ["/bin/bash"] =>等同于命令行的直接操作 docker run -it centos bash
CMD ["cat","/etc/os-release"] => 等同于命令行的直接操作 docker run -it centos cat /etc/os-release
tips:ENTRYPOINT和CMD的区别?
作用都是指定容器启动程序以及参数; 但是当指定了ENTRYPOINT之后,CMD指令的语义就有了变化,是把CMD的内容当作参数传递给了ENTRYPOINT指令
3、dockerfile制作过程
下面以一个简单的nginx案例来演示
(1)编写dockerfile脚本文件
[root@client ~]# mkdir docker_test
[root@client ~]# cd docker_test/
[root@client docker_test]# vim Dockerfile
#编辑以下内容到Dockerfile中
FROM nginx
RUN echo "this is a dockerfile test" > /usr/share/nginx/html/index.html
#保存退出
(2)构建dockerfile
docker build .
如果不想用构建过的缓存可以这样:docker build --no-cache .
注意,两个命令后面都跟上的是点“.”
#构建
[root@client docker_test]# docker build .
[+] Building 1.0s (5/6) docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 120B 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load metadata for docker.io/library/nginx:latest 0.0s
=> CACHED [1/2] FROM docker.io/library/nginx 0.9s
=> [2/2] RUN echo "this is a dockerfile test" > /usr/share/nginx/html/index.html 0.9s
=> exporting to image 0.0s
=> => exporting layers 0.0s
=> => writing image sha256:9a0b6b17263f50ee29b2587ceea32dc79c23f53dc8b4b4935b563f0bfd7b8836 0.0s
#查看新构建的镜像,默认是没有名字的,REPOSITORY和TAG都是<none>
[root@client docker_test]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 9a0b6b17263f 31 seconds ago 141MB
my_nginx latest 28faf67102d4 4 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
nginx latest 605c77e624dd 19 months ago 141MB
redhat/ubi8-minimal latest 0e1c0c70dbc5 20 months ago 103MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB
#更改新镜像的名字:docker tag 镜像id 所取镜像名
[root@client docker_test]# docker tag 9a0 nginx_test
#然后就可以查看到一个叫nginx_test的镜像啦
[root@client docker_test]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx_test latest 9a0b6b17263f About a minute ago 141MB
my_nginx latest 28faf67102d4 4 days ago 141MB
client/my_vim latest 5bc38c82d272 4 days ago 233MB
nginx latest 605c77e624dd 19 months ago 141MB
redhat/ubi8-minimal latest 0e1c0c70dbc5 20 months ago 103MB
ubuntu latest ba6acccedd29 22 months ago 72.8MB
centos latest 5d0da3dc9764 23 months ago 231MB
[root@client docker_test]# (3)运行新镜像
运行刚才生成的新镜像,生成一个容器实例
#我们后台运行(-d),随便用一个88号端口来做端口映射(-p)
[root@client docker_test]# docker run -d -p 88:80 nginx_test
a23faeb0353b5e77d0ddcc097332a3e1d2f15c1498c0d8c77b2e050c7a2c7712
[root@client docker_test]# (4)检测
通过主机的ip加上刚才的88号端口,到浏览器查看
测试成功,最后,看到这里,相信你已经年薪80w+了,恭喜您!
