镜像管理
# 查找
#2 语法:docker search [OPTIONS] TERM
#2 描述:Search the Docker Hub for images
#2 参数:
#3 条件过滤:-f
#3 美化输出:--format
#3 最大记录:--limit
#3 不截输出:--no-trunc
$ docker search httpd
# 下拉(下载;获取)
#2 语法:docker pull [OPTIONS] NAME[:TAG|@DIGEST]
#2 描述:Pull an image or a repository from a registry
#2 参数:
#3 获取所有:-a
#3 跳过验证:--disable-content-trust
$ docker pull registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
# 修改
#2 创建标签
#3 语法:docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]
#3 描述:Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
$ docker tag registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5:latest aliweb:v1
# 查看
#2 列出镜像
#3 语法:docker images [OPTIONS] [REPOSITORY[:TAG]]
#3 描述:List images
#3 参数:
#4 显示所有:-a
#4 显示算法:--digests
#4 条件过滤:-f
#4 美化输出:--format
#4 不截输出:--no-trunc
#4 仅显编号:-q
$ docker images
$ docker images --digests --no-trunc
$ docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
#2 镜像历史
#3 语法: docker history [OPTIONS] IMAGE
#3 描述:Show the history of an image
#3 参数:
#4 某种格式:--format
#4 人读格式:-H
#4 只显编号:-q
$ docker history b961582107fc
# 删除
#2 语法: docker rmi [OPTIONS] IMAGE [IMAGE...]
#2 描述:Remove one or more images
#2 参数:
#3 强制删除:-f, --force Force removal of the image
#3 留未标父:--no-prune Do not delete untagged parents
$ docker rmi -f registry.cn-hangzhou.aliyuncs.com/lxepoo/apache-php5
$ docker rmi -f 2cb0d9787c4d
$ docker rmi -f b961582107fc
# 删除所有
$ docker rm $(docker ps -aq)
# 创建
# ##############################################s
#方式1 :从 Docker Hub 获取已有镜像并更新
#2 启动容器
$ docker run -t -i training/sinatra /bin/bash
$ docker run -it ubuntu bash
#2 安装应用:在容器中添加 json 应用
$ gem install json
//#2 退出容器
//# $ exit #退出时关闭容器
//# #2 启动容器
//$ docker run -d training/sinatra /bin/bash
#2 退出容器
$ Ctrl+P+Q #退出时不关容器
#2 查看容器
$ docker ps
#2 提交更新
#3 语法: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
#3 描述:Create a new image from a container's changes
#3 参数:
#4 镜像作者:-a(--author)
#4 配置文件:-c( --change)
#4 注释信息:-m(--message)
#4 退出容器:-p( --pause)
$ docker commit -m "Added json gem" -a "Docker Newbee" 2d3c7afae625 ouruser/sinatra:v2
#2 查看镜像:验证是否成功
$ docker images
# ##############################################e
# ##############################################s
#方式2 :本地制作一个
# 制作
#2 准备内容:dockerfile
# vim Dockerfile
FROM apachephp:v1 #声明基础镜像来源
MAINTAINER DTSTACK #声明镜像的拥有者
RUN mkdir /dtstact #容器运行前执命令
# 由于Dockerfile文件不能超过127行,因此当命令较多时建议写到脚本中执行
ENTRYPOINT ping www.aliyun.com #开机启动命令,此处最后一个命令需要是可在前台持续执行的命令,否则容器后台运行时会因为命令执行完而退出。
#2 构建镜像
#3 语法: docker build [OPTIONS] PATH | URL | -
#3 描述:Build an image from a Dockerfile
#3 参数:
#4 域名映射:--add-host list Add a custom host-to-IP mapping (host:ip)
#4 构时变量:--build-arg list Set build-time variables
#4 缓存位置:--cache-from strings Images to consider as cache sources
#4 内容压缩:--compress Compress the build context using gzip
#4 跳过验证:--disable-content-trust Skip image verification (default true)
#4 配置文件:-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile')
#4 移除容器:--force-rm Always remove intermediate containers
#4 编号文件: --iidfile string Write the image ID to the file
#4 设置标签:--label list Set metadata for an image
#4 内存限制: -m, --memory bytes Memory limit
#4 限内开关:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
#4 网络模式: --network string Set the networking mode for the RUN instructions during build (default "default")
#4 关闭缓存:--no-cache Do not use cache when building the image
#4 自动更新:--pull Always attempt to pull a newer version of the image
#4 移除容器:--rm Remove intermediate containers after a successful build (default true)
#4 安全选项:--security-opt strings Security options
#4 指定标签:-t, --tag list Name and optionally a tag in the 'name:tag' format
#4 指定阶段:--target string Set the target build stage to build
$ docker build -t webcentos:v1 . # . 是Dockerfile文件的路径,不能忽略
$ docker images #查看是否创建成功
$ docker run –d webcentos:v1 #后台运行容器
$ docker ps #查看当前运行中的容器
$ docker ps –a #查看所有容器,包括未运行中的
$ docker logs CONTAINER ID/IMAGE #如未查看到刚才运行的容器,则用容器id或者名字查看启动日志排错
$ docker commit fb2844b6c070 dtstackweb:v1 #commit 后接容器id 和构建新镜像的名称和版本号。
$ docker images #列出本地(已下载的和本地创建的)镜像
$ docker push #将镜像推送至远程仓库,默认为 Docker Hub
#2 传到仓库:registry
docker login --username=dtstack_plus registry.cn-shanghai.aliyuncs.com #执行后输入镜像仓库密码
docker tag [ImageId] registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
docker push registry.cn-shanghai.aliyuncs.com/dtstack123/test:[镜像版本号]
# ##############################################e
# ##############################################s
#方式3 :从本地导入一个
# cat ubuntu-14.04-x86_64-minimal.tar.gz |docker import - ubuntu:14.04
# docker images
# 存出:从本地仓库导出镜像到本地文件
# docker save -o ubuntu_14.04.tar ubuntu:14.04
# 载入:从本地文件导入镜像到本地仓库
# docker load --input ubuntu_14.04.tar
# 或
# udo docker load < ubuntu_14.04.tar
# 内核
#2 帮助:docker image --help
#2 语法:docker image COMMAND
#2 命令:
#3 从配构建
# build Build an image from a Dockerfile
#3 查看历史
# history Show the history of an image
#3 导入创建
# import Import the contents from a tarball to create a filesystem image
#3 载入
load Load an image from a tar archive or STDIN
#3 列出
ls List images
inspect Display detailed information on one or more images
#3 下载
pull Pull an image or a repository from a registry
#3 上传
push Push an image or a repository to a registry
#3 删除
#4 指定镜像
rm Remove one or more images
#4 删除未用
prune Remove unused images
#4 保存
save Save one or more images to a tar archive (streamed to STDOUT by default)
#4 标签
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
Run 'docker image COMMAND --help' for more information on a command.
# 遇到问题
# 问题:删除镜像时提示image has dependent child images 错误
# 解决:docker image inspect --format='{{.RepoTags}} {{.Id}} {{.Parent}}' $(docker image ls -q --filter since=8ac27ce8ee49)
# 参考:https://blog.csdn.net/maxwell/article/details/78941552
容器管理
# 创建
#2 语法:docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Create a new container
#2 参数:
#3 域名映射: --add-host list Add a custom host-to-IP mapping (host:ip)
#3 绑入出错:-a, --attach list Attach to STDIN, STDOUT or STDERR
#3 添系兼容: --cap-add list Add Linux capabilities
#3 移系兼容: --cap-drop list Drop Linux capabilities
#3 编号文件:--cidfile string Write the container ID to the file
#3 添加主机:--device list Add a host device to the container
#3 限读频率:--device-read-bps list Limit read rate (bytes per second) from a device (default [])
#3 限读频率:--device-read-iops list Limit read rate (IO per second) from a device (default [])
#3 限写频率:--device-write-bps list Limit write rate (bytes per second) to a device (default [])
#3 限写频率:--device-write-iops list Limit write rate (IO per second) to a device (default [])
#3 跳过验证:--disable-content-trust Skip image verification (default true)
#3 域名解服:--dns list Set custom DNS servers
#3 域名解参:--dns-option list Set DNS options
#3 域名解域:--dns-search list Set custom DNS search domains
#3 镜像入口:--entrypoint string Overwrite the default ENTRYPOINT of the image
#3 环境变量:-e, --env list Set environment variables
#3 环境变量:--env-file list Read in a file of environment variables
#3 暴露端口:--expose list Expose a port or a range of ports
#3 添加群组:--group-add list Add additional groups to join
#3 健康检查:--health-cmd string Command to run to check health
#3 健检周期:--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
#3 健检通知:--health-retries int Consecutive failures needed to report unhealthy
#3 健检通知: --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
#3 健检超时:--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
#3 主机名字:-h, --hostname string Container host name
#3 容初始化:Run an init inside the container that forwards signals and reaps processes
#3 绑定输入:-i, --interactive Keep STDIN open even if not attached
# 主机地址:--ip string IPv4 address (e.g., 172.30.100.104)
# 主机地址:--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
# 容器隔离:--isolation string Container isolation technology
# 缓存限制:--kernel-memory bytes Kernel memory limit
# 容器标签:-l, --label list Set meta data on a container
# 标签文件:--label-file list Read in a line delimited file of labels
# 容器互联:--link list Add link to another container
# 容器互联:--link-local-ip list Container IPv4/IPv6 link-local addresses
# 日志驱动:--log-driver string Logging driver for the container
# 日驱选项:--log-opt list Log driver options
# 机器地址:--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
# 缓存限制:--memory bytes Memory limit
# 缓存限制:--memory-reservation bytes Memory soft limit
# 缓存限制:--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
# 缓存限制:--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
# 文件挂载:--mount mount Attach a filesystem mount to the container
# 容器名字:--name string Assign a name to the container
# 连接网络:--network string Connect a container to a network (default "default")
# 网络别名:--network-alias list Add network-scoped alias for the container
# 健检关闭:--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
# 容编前缀:--pid string PID namespace to use
# 容编限制:--pids-limit int Tune container pids limit (set -1 for unlimited)
# 扩展权限:--privileged Give extended privileges to this container
# 给主容端:-p, --publish list Publish a container's port(s) to the host
# 给主容端:-P, --publish-all Publish all exposed ports to random ports
# 文件只读:--read-only Mount the container's root filesystem as read only
# 重启策略:--restart string Restart policy to apply when a container exits (default "no")
# 退出删容:--rm Automatically remove the container when it exits
# 缓存目录:--runtime string Runtime to use for this container
# 安全选项:--security-opt list Security Options
--shm-size bytes Size of /dev/shm
# 关容信号:--stop-signal string Signal to stop a container (default "SIGTERM")
# 关容超时:--stop-timeout int Timeout (in seconds) to stop a container
# 存驱选项:--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
# 挂载目录:--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
# 非限列表:--ulimit ulimit Ulimit options (default [])
# 用户标识:-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
# 用户名缀: --userns string User namespace to use
--uts string UTS namespace to use
# 绑数据卷:-v, --volume list Bind mount a volume
# 数卷驱动:--volume-driver string Optional volume driver for the container
# 绑数据卷:--volumes-from list Mount volumes from the specified container(s)
# 工作目录:-w, --workdir string Working directory inside the container
$ docker images
# 用仓库+标签确定镜像
$ docker create -it --name centos6_container centos:centos6
# docker create -it --name centos6_container 6a77ab6655b9 bash
$ docker ps -a
# 创数据卷+挂载目录+指定名字
docker create -it --name centos6_container -v /src/webapp:/opt/webapp centos:centos6
# 启动
#2 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Start one or more stopped containers
#2 参数:
#3 绑定输出:-a
#3 覆拆卸钥: --detach-keys string
#3 绑定输入:-i
$ docker start apache
$ docker start ubuntu
$ docker start ubuntu -i
# 进入
#2 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#2 描述:Run a command in a running container
-d, --detach Detached mode: run command in the background
--detach-keys string Override the key sequence for detaching a container
-e, --env list Set environment variables
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
-w, --workdir string Working directory inside the container
# 进入
#2 方式1:关闭的容器
#3 语法:docker start [OPTIONS] CONTAINER [CONTAINER...]
#3 描述:Start one or more stopped containers
#2 方式2:运行中容器
#3 语法:docker attach [OPTIONS] CONTAINER
#3 描述:Attach local standard input, output, and error streams to a running container
#3 参数:
#4 莫绑输入: --no-stdin
#4 覆拆卸钥: --detach-keys string
#4 代理信号:--sig-proxy
$ docker attach apache
#2 方式3:运行中容器
#3 语法:docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
#3 描述:Run a command in a running container
#3 参数:
#4 示例:docker container attach $(docker ps -l --format=' {{.ID}}')
# 退出
#2 方式1:关闭容器
$ exit
#2 方式2:不关容器
$ Ctrl+P+Q
# 停止
#2 语法:docker stop [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Stop one or more running containers
#2 参数
#3 延迟几秒:-t int
$ docker stop apache
$ docker stop ubuntu -t 15
#2 语法:docker kill [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Kill one or more running containers
#2 参数:
#3 发送信号:-s string
# 移除
#2 语法:docker rm [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Remove one or more containers
#2 参数:
#3 强制删除:-f
#3 删数链接:-l
#3 删数据卷:-v
#2 停止状态
$ docker rm apache
#2 运行状态
$ docker rm -f apache
$ docker rm -f ubuntu
$ docker rm -f 2d3c7afae625
# http://wiki.jikexueyuan.com/project/docker-technology-and-combat/enter.html
# 导出(备份)
#2 语法: docker export [OPTIONS] CONTAINER
#2 描述:Export a container's filesystem as a tar archive
#2 参数:
#3 文件名字:-o string
$ docker export apache > ubuntu.tar
$ docker export apache -o ubuntu.tar
# 导入(恢复)
#2 语法:docker import [OPTIONS] file|URL|- [REPOSITORY[:TAG]]
#2 描述:Import the contents from a tarball to create a filesystem image
#2 参数:
#3 配置文件:-c, --change list Apply Dockerfile instruction to the created image
#3 注释信息:-m, --message string Set commit message for imported image
$ cat ubuntu.tar | sudo docker import - test/ubuntu:v1.0
# 运行
#2 语法:docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
#2 描述:Run a command in a new container
#2 参数:
#3 后台运行:-d
#3 端口映射:-p
#3 环境变量:-e
#3 缓存大小:-m
#3 交互终端:-it
#3 主机名字:-h
#3 退出关闭:-rm
#3 工作目录:-w
#3 容器名字:--name
# 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
$ docker run -d --name ubuntu 9b9cb95443b5 bash
$ docker run -it ubuntu 9b9cb95443b5 bash
# 查看
# 容器列表
#2 语法: docker ps [OPTIONS]
#2 描述:List containers
#2 参数:
#3 显示所有:-a
#3 条件过滤:-f
#3 美化输出:--format
#3 最新几条:-n
#3 最新一条:-l
#3 不截输出:--no-trunc
#3 仅显编号:-q
#3 显示大小:-s
$ docker ps
$ docker ps -n 5
$ docker ps -l
$ docker ps --no-trunc
$ docker ps -q
$ docker ps -s
#2 流的状态
#3 语法:docker stats [OPTIONS] [CONTAINER...]
#3 描述:Display a live stream of container(s) resource usage statistics
#3 参数:
#2 端口列表
#3 语法:docker port CONTAINER [PRIVATE_PORT[/PROTO]]
#3 描述:List port mappings or a specific mapping for the container
$ docker port 0fb4a58d3982 #?
$ docker port apache #?
$ docker port ubuntu
#2 容器日志
#3 语法: docker logs [OPTIONS] CONTAINER
#3 描述:Fetch the logs of a container
#3 参数:
#4 内容细节:--details
#4 按照日志:-f
#4 从某时起:--since string
#4 最后几行:--tail string
#4 显示时间:-t
#4 在某时前:--until string
$ docker logs -f apache
$ docker logs 2d3c7afae625
$ docker logs ubuntu
#2 底层信息
#3 语法: docker inspect [OPTIONS] NAME|ID [NAME|ID...]
#3 描述:Return low-level information on Docker objects
#3 参数:
#4 美化输出:-f string
#4 显示大小:-c
#4 指定格式:--type string
$ docker inspect apache
$ docker inspect ubuntu
#2 列出进程
#3 语法: docker top CONTAINER [ps OPTIONS]
#3 描述:Display the running processes of a container
#2 文件差异
#3 语法: docker diff CONTAINER
#3 描述:Inspect changes to files or directories on a container's
# 修改
# 重新命名
#2 语法:docker rename CONTAINER NEW_NAME
#2 描述:Rename a container
# 重新启动
#2 语法: docker restart [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Restart one or more containers
#2 参数:
#3 延迟几秒:-t int
# 暂停进程
#2 语法: docker pause CONTAINER [CONTAINER...]
#2 描述:Pause all processes within one or more containers
# 启动进程
#2 语法:docker unpause CONTAINER [CONTAINER...]
#2 描述:Unpause all processes within one or more containers
# 更新配置
#2 语法:docker update [OPTIONS] CONTAINER [CONTAINER...]
#2 描述:Update configuration of one or more containers
#2 参数:
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable
(default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--restart string Restart policy to apply when a container exits
##################################s
# 使用容器制作镜像
# steps-01:进入容器
#2 交互终端
$ docker run –ti e121d5f99e1e /bin/bash
#2 后台运行+指定名字
$ docker run -d --name apache e121d5f99e1e
#2 正在运行
$ docker exec -ti apache /bin/bash
# steps-02:修改容器
# steps-03:创建镜像
#2 将容器做成镜像
# 语法:docker commit containerID/containerName newImageName:tag
# 描述:Create a new image from a container's changes
# 参数:
# 镜像作者: -a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>")
# 配置文件: -c, --change list Apply Dockerfile instruction to the created image
# 注释备注: -m, --message string Commit message
# 暂停进程:-p, --pause Pause container during commit (default true)
# 示例:
$ docker commit 4c8066cd8c01 apachephp:v1
# 参考:https://www.cnblogs.com/SzeCheng/p/6822905.html
网友评论