Docker常规操作

释放双眼,带上耳机,听听看~!

Docker 安装

1.卸载老版本docker

yum remove docker \
                  docker-common \
                  docker-selinux \
                  docker-engine

2.设置yum仓库

yum install -y yum-utils \
  device-mapper-persistent-data \
  lvm2

yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

3.安装Docker-ce
使用命令yum list docker-ce –showduplicates | sort -r来查看目前可供安装的docker版本

yum list docker-ce --showduplicates | sort -r
 * updates: mirrors.aliyun.com
Loading mirror speeds from cached hostfile
Loaded plugins: fastestmirror
Installed Packages
 * extras: mirrors.aliyun.com
 * epel: fedora.cs.nctu.edu.tw
docker-ce.x86_64            3:18.09.0-3.el7                    docker-ce-stable 
docker-ce.x86_64            18.06.1.ce-3.el7                   docker-ce-stable 
docker-ce.x86_64            18.06.1.ce-3.el7                   @docker-ce-stable
docker-ce.x86_64            18.06.0.ce-3.el7                   docker-ce-stable 
docker-ce.x86_64            18.03.1.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            18.03.0.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.12.1.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.12.0.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.09.1.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.09.0.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.06.2.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.06.1.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.06.0.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.03.3.ce-1.el7                   docker-ce-stable 
docker-ce.x86_64            17.03.2.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.03.1.ce-1.el7.centos            docker-ce-stable 
docker-ce.x86_64            17.03.0.ce-1.el7.centos            docker-ce-stable 
 * base: mirrors.aliyun.com
Available Packages

以下安装选其一即可
指定安装18.06.1.ce版本
yum install -y docker-ce-18.06.1.ce
安装最新稳定版本
yum install docker-ce -y

4.修改pull images时的加速文件

[root@docker-node1 /]# mkdir /etc/docker                   #/etc/docker在docker未启动的时候是不存在的
[root@docker-node1 /]# vim /etc/docker/daemon.json         #创建该json加速文件,在此使用的是163的加速代理
{
 "registry-mirrors": ["http://hub-mirror.c.163.com"]        
}

Docker 基础命令

[root@docker-node1 /]# systemctl start docker
[root@docker-node1 /]# systemctl enable docker
[root@docker-node1 /]# docker version                       #查看Docker版本信息
Client:                                                     #Docker Client版本信息
 Version:           18.06.1-ce                              #Docker版本为18.06.1-ce为社区版
 API version:       1.38                                    #API远程管理版本为1.38
 Go version:        go1.10.3                                #Go版本为1.10.3
 Git commit:        e68fc7a
 Built:             Tue Aug 21 17:23:03 2018                #该版本发布时间
 OS/Arch:           linux/amd64                             #系统信息
 Experimental:      false

Server:                                                     #Docker Server版本信息
 Engine:
  Version:          18.06.1-ce
  API version:      1.38 (minimum version 1.12)
  Go version:       go1.10.3
  Git commit:       e68fc7a
  Built:            Tue Aug 21 17:25:29 2018
  OS/Arch:          linux/amd64
  Experimental:     false
[root@docker-node1 /]# 
[root@docker-node1 /]# docker info              #查看docker系统的详细信息
Containers: 0                                   #容器数量
 Running: 0                                     #正在运行的容器数
 Paused: 0                                      #暂停的容器数量
 Stopped: 0                                     #停止的容器数量
Images: 0                                       #镜像数量
Server Version: 18.06.1-ce                      #Docker Server版本信息
Storage Driver: overlay2                        #docker文件系统
 Backing Filesystem: xfs                        #docker文件系统是建立在本地文件系统之上,xfs为本地文件系统
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs                         #Cgroups控制硬件资源系统
Plugins:                                        #插件
 Volume: local                                  #存储卷插件
 Network: bridge host macvlan null overlay      #网络插件
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog      #日志插件
Swarm: inactive                                 #Docker Swarm管理工具状态
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e        
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
 seccomp
  Profile: default
Kernel Version: 3.10.0-862.el7.x86_64           #系统内核版本
Operating System: CentOS Linux 7 (Core)         #系统版本
OSType: linux                                   #系统类型
Architecture: x86_64                            #系统结构
CPUs: 1                                         #CPU数量
Total Memory: 974.6MiB                          #内存大小
Name: docker-node1.cn                           #主机名称
ID: C5EI:6LOP:PZZB:H3OU:5JRP:QWXK:3XD6:ZOLZ:KYP3:45TH:H64X:3O5T
Docker Root Dir: /var/lib/docker                #Docker根目录
Debug Mode (client): false                      #Docker Clinet的Debug模块状态
Debug Mode (server): false                      #Docker Server的Debug模块状态
Registry: https://index.docker.io/v1/           #Docker仓库API地址
Labels:                                         #最新版本
Experimental: false
Insecure Registries:
 127.0.0.0/8
Registry Mirrors:                               #Docker仓库镜像加速地址
 http://hub-mirror.c.163.com/
Live Restore Enabled: false
[root@docker-node1 /]# systemctl status docker
[root@docker-node1 /]# ps -ef|grep docker
[root@docker-node1 /]# ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:23:99:3d brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.5/24 brd 192.168.56.255 scope global noprefixroute dynamic eth0
       valid_lft 1745sec preferred_lft 1745sec
    inet6 fd15:4ba5:5a2b:1008:f851:f8bb:7c36:f1d2/64 scope global noprefixroute dynamic 
       valid_lft 86371sec preferred_lft 14371sec
    inet6 fe80::e086:4982:4713:11c1/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:b0:20:51:2b brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0              #Docker启动会自动创建一个网卡与物理地址是联通的,该网卡被称为 nat桥 
   valid_lft forever preferred_lft forever
    [root@docker-node1 /]# du -sh /var/lib/docker/*             #Docker的镜像及一些数据都在此目录下
    16K /var/lib/docker/builder
    56K /var/lib/docker/buildkit
    24K /var/lib/docker/containerd
    0   /var/lib/docker/containers
    4.0K /var/lib/docker/image
    32K /var/lib/docker/network
    0   /var/lib/docker/overlay2
    0   /var/lib/docker/plugins
    0   /var/lib/docker/runtimes
    0   /var/lib/docker/swarm
    0   /var/lib/docker/tmp
    0   /var/lib/docker/trust
    24K /var/lib/docker/volumes

Docker 命令汇总

Docker版本信息

1. docker info:查看Docker详细信息
2. docker version:查看Docker版本信息

Docker本地镜像管理命令

1. docker images ls:查看本地镜像
2. docker save -o nginx.tar nginx:把nginx镜像导出为nginx.tar,导出的镜像必须以 .tar结尾
3. 镜像导入的三种方法
    1) docker load --input nginx.tar 
    2) docker load < nginx.tar 
    3) docker import nginx.tar nginx
4. docker rmi nginx:删除本地镜像,有时候可能会报错是因为该镜像被容器使用,所以要删除关联的容器
5. docker history nginx:查看Nginx镜像的创建历史
6. docker tag nginx nginx:v3:给nginx镜像加上标签,以便分类

Docker镜像仓库

1. docker search <COMMAND>:搜索镜像
2. docker pull <COMMAND>:下载镜像
3. docker login -u user -p passwd:登录到镜像仓库地址,如果未指定,默认登录到 Docker Hub
4. docker logout:登出该仓库
5. docker push <自己镜像仓库名> nginx:上传本地镜像nginx到镜像仓库中

Docker容器操作命令

docker ps [OPTIONS]:不加选项只显示正在运行的容器
OPTIONS说明:
* -a:显示所有容器,包括未运行的
* -f:根据条件过滤显示内容
* -l:显示最近创建的容器
* -n:列出最近创建的N个容器
* -q:静默模式,只显示容器编号
* -s:显示总的文件大小
docker inspect [OPTIONS] nginx:获取容器|镜像的元数据
OPTION说明:
* -f:指定返回值的模版文件
* -s:显示总文件的大小
* --type:为指定类型返回JSON
docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' centos       #获取正在运行容器centos的IP地址
docker top centos:查看容器centos的进程信息
docker logs [OPTIONS] [容器名|容器ID]:查看容器日志信息
OPTIONS说明:
* -f:跟踪日志输出
* -t:显示时间戳
* --since:显示某个开始时间的所有日志
* --tail:仅列出最新N条容器日志
docker logs -f centos               #跟踪容器centos的日志输出
1. docker wait centos:阻塞容器运行直到容器停止,然后打印出它的退出代码!
2. docker export -o centos-`date +%Y-%m-%d`.tar centos:导出centos镜像
3. docker port [OPTIONS] [容器名]:列出指定容器的端口映射
4. docker port nginx:查看容器nginx的端口影响情

Docker生命周期管理命令

docker run [OPTIONS] IMAGE [容器名称]
OPTIONS说明:
* -a stdin:指定标准输入输出内容类型,可选STDIN|STDOUT|STDERR三项
* -d:后台运行容器,并返回容器ID
* -P:将容器内的某端口映射到宿主机的任意端口
* -p:将容器内的某端口指定映射到宿主机的某端口
* -v:将宿主机的某目录指定映射到容器的某目录
* -i:以交互式运行容器,通常与-t同时使用
* -t:为该容器分配一个伪终端,通常与-i同时使用
* --name nginx:为容器指定一个名称为nginx
* --dns 8.8.8.8:指定容器使用的DNS服务器,默认不指定和宿主机一致
* --dns-search example.com:指定容器DNS搜索域名,默认和宿主机一致
* -h "localhost":指定容器的hostname
* -e username=“ritchie”:设置环境变量
* --env-file[]:从指令读入环境变量
* --cpuset="0-2" or --cpuset="0,1,2":绑定容器到指定CPU运行
* -m:设置容器使用的内存最大值
* --net="bridge":指定容器的网络连接类型,支持bridge/host/none/container,四种类型
* --link=[]:添加链接到另一容器
* --expose=[]:开放一个端口或一组端口

实例:

[root@docker-node1 /]# docker run --name mycentos -d centos:latest                  #后台启动容器并起名为mycentos
[root@docker-node1 /]# docker run -P -d centos:latest                               #使用镜像centos启动容器并将该容器的80端口随机映射到宿主机的任意端口
[root@docker-node1 /]# docker run -p 80:80 -v /data:/data -d centos:latest          #使用镜像centos启动容器并将容器的80端口映射到宿主机的80端口,主机目录的/data映射到容器的/data
[root@docker-node1 /]# docker run -p 127.0.0.1:80:8080/tcp centos bash              #使用镜像centos启动容器并将容器的8080端口绑定到本地主机的80端口
[root@docker-node1 /]# docker run -it centos:latest /bin/bash                       #使用镜像centos以交互式启动容器

Docker启动|关闭|重启命令

1. docker start centos
2. docker stop centos
3. docker restart centos

Docker kill命令

1. docker kill [OPTIONS] [容器]
OPTIONS说明:
* -s:向容器发送一个信号
2. docker kill -s  KILL d96a8184c192

Docker rm 命令

1. docker rm [OPTIONS] [容器]
OPTIONS说明:
* -f:通过SLGKILL信号强制删除一个运行中的容器
* -l:移除容器间的网络连接,而非容器本身
* -v:删除与容器无关的卷
2. docker rm -f centos

Docker pause/unpause命令

docker pause centos     #暂停centos容器中的所有进程
docker unpause centos   #恢复centos容器中的所有进程

Docker create 命令

docker create --name mycentos centos:latest     #创建一个新的容器但不启动它

Docker exec 命令

1. docker exec [OPTIONS] [容器] [命令]
* OPTIONS说明:
* -d:分离模式,在后台运行
* -i:即使没有附加也保持STDIN打开
* -t:分配一个伪终端
2. docker exec -it mycentos /bin/sh /root/xuwl.sh           #在容器mycentos交互模式中运行容器中/root/xuwl.sh脚本
3. docker exec -it mycentos /bin/bash                       #在容器的mycentos中开启一个交互模式的伪终端

Docker 镜像管理

搜索镜像

语法:docker search [image]
docker search centos

下载镜像

语法:docker pull [image_NAME]

[root@code-01 ~]# docker pull centos
Using default tag: latest
Trying to pull repository docker.io/library/centos ...
latest: Pulling from docker.io/library/centos
7dc0dca2b151: Pull complete
Digest: sha256:b67d21dfe609ddacf404589e04631d90a342921e81c40aeaf3391f6717fa5322
Status: Downloaded newer image for docker.io/centos:latest
[root@code-01 ~]# docker pull nginx
Using default tag: latest
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
be8881be8156: Pull complete
32d9726baeef: Pull complete
87e5e6f71297: Pull complete
Digest: sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
Status: Downloaded newer image for docker.io/nginx:latest
[root@code-01 ~]# docker images             #列出本地所有镜像
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/nginx     latest              c82521676580        3 days ago          109 MB
docker.io/centos    latest              49f7960eb7e4        7 weeks ago         200 MB

镜像导出

语法:docker save -o [image].tar [image]
-o:指定导出名称,必须以 .tar结尾
image:指定需导出的镜像名称

[root@code-01 ~]# docker save -o centos.tar centos
[root@code-01 ~]# ls
anaconda-ks.cfg  centos.tar

删除本地镜像

语法:docker rmi [REPOSITORY|IMAGE ID]

[root@code-01 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/nginx     latest              c82521676580        3 days ago          109 MB
docker.io/centos    latest              49f7960eb7e4        7 weeks ago         200 MB
[root@code-01 ~]# docker rmi 49f7960eb7e4
Untagged: docker.io/centos:latest
Deleted: sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5
Deleted: sha256:bcc97fbfc9e1a709f0eb78c1da59caeb65f43dc32cd5deeb12b8c1784e5b8237
[root@code-01 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
docker.io/nginx     latest              c82521676580        3 days ago          109 MB
[root@code-01 ~]# docker rmi nginx
Untagged: nginx:latest
Untagged: docker.io/nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424
Deleted: sha256:c82521676580c4850bb8f0d72e47390a50d60c8ffe44d623ce57be521bca9869
Deleted: sha256:2c1f65d17acf8759019a5eb86cc20fb8f8a7e84d2b541b795c1579c4f202a458
Deleted: sha256:8f222b457ca67d7e68c3a8101d6509ab89d1aad6d399bf5b3c93494bbf876407
Deleted: sha256:cdb3f9544e4c61d45da1ea44f7d92386639a052c620d1550376f22f5b46981af
[root@code-01 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

镜像导入

1.语法:docker load –input [image].tar

[root@code-01 ~]# docker load --input centos.tar
bcc97fbfc9e1: Loading layer [==================================================>] 208.2 MB/208.2 MB
Loaded image: docker.io/centos:latest

2.语法:docker load < [image].tar

[root@code-01 ~]# docker load < nginx.tar
cdb3f9544e4c: Loading layer [==================================================>] 58.44 MB/58.44 MB
a8c4aeeaa045: Loading layer [==================================================>] 54.24 MB/54.24 MB
08d25fa0442e: Loading layer [==================================================>] 3.584 kB/3.584 kB
Loaded image: docker.io/nginx:latest

Docker 容器管理

创建容器

语法:docker run –name [CONTAINER NAME] -t -i -d [image]

[root@code-01 ~]# docker run --name dockerc -t -i -d centos /bin/bash
e968c0137775150c72299b8b6370a83db1cb0b4e62533f2f2447205c6a1c810d
[root@code-01 ~]# docker run --name dockerd -t -i -d centos /bin/bash
11f3e96045013c5e9e96a1e7b58772275b2446cc18c9c52207e96a5b1f7ada15
[root@code-01 ~]# docker run --name nginx -t -i -d nginx /bin/bash
398defba777bba256f856f50de7e2e64a6eda915180c062bc51130b4a36f2372
[root@code-01 ~]# docker ps -a                                  #查看所有容器(包含沉睡/退出状态的容器)
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
398defba777b        nginx               "/bin/bash"         3 seconds ago        Up 3 seconds        80/tcp              nginx
11f3e9604501        centos              "/bin/bash"         18 seconds ago       Up 17 seconds                           dockerd
e968c0137775        centos              "/bin/bash"         About a minute ago   Up About a minute                       dockerc

启动关闭容器

[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
398defba777b        nginx               "/bin/bash"         3 seconds ago        Up 3 seconds        80/tcp              nginx
11f3e9604501        centos              "/bin/bash"         18 seconds ago       Up 17 seconds                           dockerd
e968c0137775        centos              "/bin/bash"         About a minute ago   Up About a minute                       dockerc
[root@code-01 ~]# docker restart dockerc
dockerc
[root@code-01 ~]# docker stop dockerd
dockerd
[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
398defba777b        nginx               "/bin/bash"         10 minutes ago      Up 10 minutes                80/tcp              nginx
11f3e9604501        centos              "/bin/bash"         10 minutes ago      Exited (137) 2 seconds ago                       dockerd
e968c0137775        centos              "/bin/bash"         11 minutes ago      Up 22 seconds                                    dockerc
[root@code-01 ~]# docker start dockerd
dockerd
[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
398defba777b        nginx               "/bin/bash"         10 minutes ago      Up 10 minutes       80/tcp              nginx
11f3e9604501        centos              "/bin/bash"         11 minutes ago      Up 4 seconds                            dockerd
e968c0137775        centos              "/bin/bash"         11 minutes ago      Up 41 seconds                           dockerc

杀死容器

语法:docker kill [ NAMES | CONTAINER ID ]

[root@code-01 ~]# docker kill nginx
nginx
[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
398defba777b        nginx               "/bin/bash"         14 minutes ago      Exited (137) 2 seconds ago                       nginx
11f3e9604501        centos              "/bin/bash"         14 minutes ago      Up 3 minutes                                     dockerd
e968c0137775        centos              "/bin/bash"         15 minutes ago      Up 4 minutes                                     dockerc
[root@code-01 ~]# docker kill 11f3e9604501
11f3e9604501
[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                        PORTS               NAMES
398defba777b        nginx               "/bin/bash"         14 minutes ago      Exited (137) 16 seconds ago                       nginx
11f3e9604501        centos              "/bin/bash"         14 minutes ago      Exited (137) 3 seconds ago                        dockerd
e968c0137775        centos              "/bin/bash"         15 minutes ago      Up 4 minutes                                      dockerc

删除容器

语法:docker rm [ NAMES | CONTAINER ID ]
语法:docker rm -f [ NAMES | CONTAINER ID ]

[root@code-01 ~]# docker rm nginx               # rm可以删除未在运行的容器
nginx
[root@code-01 ~]# docker rm dockerc             # 使用rm删除正在运行的容器时,报错如下
Error response from daemon: You cannot remove a running container e968c0137775150c72299b8b6370a83db1cb0b4e62533f2f2447205c6a1c810d. Stop the container before attempting removal or use -f
[root@code-01 ~]# docker rm -f dockerc          #使用 rm -f来强制删除此容器
dockerc
[root@code-01 ~]# docker ps -a                  #查看所有容器只剩下了一个
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         19 minutes ago      Exited (137) 4 minutes ago                       dockerd

进入容器

三种方式如下:
语法:docker attach [image]
语法:docker exec -it [ NAMES | CONTAINER ID ] /bin/bash
语法:nsenter工具

[root@code-01 ~]# docker ps -a                      #查看容器dockerd,结果并未在运行
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                        PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         44 minutes ago      Exited (137) 29 minutes ago                       dockerd
[root@code-01 ~]# docker start dockerd              #开启容器dockerd
dockerd
[root@code-01 ~]# docker ps -a                      #已开启
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         44 minutes ago      Up 13 seconds                           dockerd
[root@code-01 ~]# docker attach dockerd             #使用attach命令进入此容器
[root@11f3e9604501 /]# ps aux                       #已登录到该容器,并查看该容器进程
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.1  0.1  11820  1876 ?        Ss   11:16   0:00 /bin/bash
root         13  0.0  0.1  51708  1712 ?        R+   11:16   0:00 ps aux
[root@11f3e9604501 /]# exit                         #退出dockerd容器
exit
[root@code-01 ~]# docker ps -a                      #dockerd容器跟随着attach命令的退出而停止运行
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                    PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         44 minutes ago      Exited (0) 1 second ago                       dockerd
[root@code-01 ~]# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                    PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         44 minutes ago      Exited (0) 1 second ago                       dockerd
[root@code-01 ~]# docker exec -it dockerd /bin/bash         #进入该容器因为未启动而报一下错误
Error response from daemon: Container 11f3e96045013c5e9e96a1e7b58772275b2446cc18c9c52207e96a5b1f7ada15 is not running
[root@code-01 ~]# docker start dockerd
dockerd
[root@code-01 ~]# docker exec -it dockerd /bin/bash         #进入该容器
[root@11f3e9604501 /]# ps -aux
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.1  0.1  11820  1676 ?        Ss+  11:22   0:00 /bin/bash
root         13  0.2  0.1  11820  1896 ?        Ss   11:22   0:00 /bin/bash
root         25  0.0  0.1  51708  1712 ?        R+   11:22   0:00 ps -aux
[root@11f3e9604501 /]# exit             
exit
[root@code-01 ~]# docker ps -a                              #dockerd容器并没有因为终端退出而关闭自身
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         50 minutes ago      Up 16 seconds                           dockerd
[root@code-01 ~]# docker exec dockerd ps -aux               #还可以在容器外操作命令来查看容器内
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.0  0.1  11820  1676 ?        Ss+  11:22   0:00 /bin/bash
root         30  0.0  0.1  51708  1708 ?        Rs   11:25   0:00 ps -aux
[root@code-01 ~]# yum install util-linux -y             #nsenter工具是依赖在util-linux软件包内
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * epel: mirrors.ustc.edu.cn
Package util-linux-2.23.2-52.el7.x86_64 already installed and latest version
Nothing to do
[root@code-01 ~]# docker inspect -f "{{ .State.Pid}}" dockerd   #dockerd是容器名字,每一个容器都有.State.Pid
14835
[root@code-01 ~]# nsenter -t 14835 -m -u -i -n -p
解释nsenter指令中进程id之后的参数的含义:
* –t:target参数是指定进程ID 
* –m:mount参数是进去到mount namespace中 
* –u:uts参数是进入到uts namespace中 
* –i:ipc参数是进入到System V IPC namaspace中 
* –n:net参数是进入到network namespace中 
* –p:pid参数是进入到pid namespace中 
* –u:user参数是进入到user namespace中
[root@11f3e9604501 /]# ps aux           # -bash是nsenter所产生的进程,就算是我退出容器,因为 -bash还在运行,容器也不会自行退出
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.0  0.1  11820  1676 ?        Ss+  11:22   0:00 /bin/bash
root         34  0.2  0.1  15252  1980 ?        S    11:28   0:00 -bash
root         47  0.0  0.1  55140  1856 ?        R+   11:28   0:00 ps aux
[root@11f3e9604501 /]# exit
logout
[root@code-01 ~]# docker ps -a          #容器运行正常
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
11f3e9604501        centos              "/bin/bash"         56 minutes ago      Up 6 minutes                            dockerd

编写进入容器脚本

[root@code-01 ~]# cat docker.sh
#!/bin/bash
# Use nsenter to access docker
docker_in(){
  NAME_ID=$1
  PID=$(docker inspect -f "{{ .State.Pid }}" $NAME_ID)
  nsenter -t $PID -m -u -i -n -p
}
docker_in $1

容器日志查看

语法:docker logs [ NAMES | CONTAINER ID ]

[root@code-01 ~]# docker logs dockerd
[root@11f3e9604501 /]# ps aux
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.1  0.1  11820  1876 ?        Ss   11:16   0:00 /bin/bash
root         13  0.0  0.1  51708  1712 ?        R+   11:16   0:00 ps aux
[root@11f3e9604501 /]# exit
exit

Docker 文件日志

Docker的日志文件默认写入到/var/log/messages内
Docker的配置文件(CentOS7)

[root@code-01 ~]# cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target rhel-push-plugin.socket registries.service
Wants=docker-storage-setup.service
Requires=docker-cleanup.timer

[Service]
Type=notify
NotifyAccess=all
EnvironmentFile=-/run/containers/registries.conf
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStart=/usr/bin/dockerd-current \
          --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
          --default-runtime=docker-runc \
          --exec-opt native.cgroupdriver=systemd \
          --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
          --init-path=/usr/libexec/docker/docker-init-current \
          --seccomp-profile=/etc/docker/seccomp.json \
          $OPTIONS \
          $DOCKER_STORAGE_OPTIONS \
          $DOCKER_NETWORK_OPTIONS \
          $ADD_REGISTRY \
          $BLOCK_REGISTRY \
          $INSECURE_REGISTRY \
          $REGISTRIES
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal
KillMode=process

[Install]
WantedBy=multi-user.target
Ops工具

Docker原理深解

2019-1-10 14:38:42

Ops工具

Docker镜像管理

2019-1-11 21:51:50

0 条回复 A文章作者 M管理员
    暂无讨论,说说你的看法吧
个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索