容器技術之Docker基礎入門

1874發表於2020-05-22

  前文我們瞭解了下LXC的基礎用法以及圖形管理工具LXC WEB Panel的簡單使用,有興趣的朋友可以參考https://www.cnblogs.com/qiuhom-1874/p/12904188.html;今天這篇隨筆主要是想把docker的相關的基礎知識梳理一下;

  一、docker和LXC

  首先我們來說一下docker和傳統LXC容器有什麼不同。傳統LXC是將核心的資源用名稱空間的方式將其不同容器的資源,虛擬成多份;使得每個容器間的資源相互隔離;在前邊我們也提到過LXC只是容器的一種客戶端工具;真正實現容器的是核心功能;而docker和LXC沒有本質的不同,都是容器的客戶端工具;LXC是使用核心的功能將不同容器間的資源相互隔離,而docker是LXC上的另一種封裝;LXC在建立容器時,依賴一個模板,而docker建立容器時,依賴映象;

  從上面的圖可看出,LXC容器裡跑了很多程式,而docker是一個容器跑一個程式,以及該程式的子程式;LXC更像是系統級容器,而docker更像是程式級容器或者說應用程式級容器;

  在docker容器裡通常只會有一個程式和該程式的子程式,通常該程式的程式編號為1,這也就說明了如果docker容器裡程式編號為1的程式宕了,那麼該容器也就隨之宕掉;docker的映象是採用的一種“分層構建,聯合掛載”的方式實現;將不同功能的映象通過一定的層次結構進行掛載,組合成一個新的映象;在docker啟動為容器時,它會在該映象的最上層加上一個可寫層;這使得我們可以在容器內部修改某些資料;而儲存修改後的資料只會對當前容器有效,如果在用同一映象啟動為其他容器時,我們修改的資料在後面的容器是不存在的,原因就是映象的每一層都是隻讀的;只有映象執行為容器時才會有一層可寫層,而該可寫層只針對該容器生效;

  二、docker的架構

  docker是C/S架構,對於客戶端來說主要是docker的命令和其他工具呼叫docker API;服務端主要是docker守護程式;客戶端和服務端是基於http或https協議進行通訊;和我們傳統的其他服務不同的是,docker的服務端沒有監聽在TCP或UDP的某個套接字上;它通常是監聽在unix sock 套接字上(預設是/var/run/docker.sock),這也意味著客戶端和服務端必須在同一主機上;執行docker容器的過程是這樣的;客戶端通過API呼叫或者命令鍵入通過http或https協議將命令傳送給docker服務端,docker服務端收到命令後,它首先要檢查本地倉庫是否有對應版本的映象,如果有它就會直接將其執行成容器;如果沒有它會去指定的rigistry(存放映象倉庫的倉庫)中找對應的映象倉庫,然後再去找對應的版本的映象,通過https協議將其下載到本地倉庫中,然後再將其啟動為容器;預設情況不指定rigistry的地址時,預設是到dockerhub.com中找對應的映象倉庫中的對應版本映象;如果沒有指定映象的版本,預設會去找latest版本(最新版本);從上面的過程可以看到docker執行成容器,最核心的是映象,沒有映象就不可能執行容器;我們可以把映象理解成應用程式,就好比我們要在電腦上執行某個應用,前提是我們要先安裝好應用程式才行;其實docker的映象就是將應用程式和應用程式依賴的庫、檔案、環境打包在一起;

  三、docker的安裝

  1、配置yum倉庫,預設centos7的extras庫裡有docker的包,但是版本太低了,如果要使用較新版本的docker可以用阿里雲的映象倉庫;配置方法請參考https://developer.aliyun.com/mirror/docker-ce?spm=a2c6h.13651102.0.0.3e221b11mqdEEz

  2、安裝docker-ce

[root@node1 yum.repos.d]# yum install -y docker-ce
Loaded plugins: fastestmirror
docker-ce-stable                                         | 3.5 kB     00:00     
docker-ce-stable/x86_64/primary_db                         |  42 kB   00:00     
Loading mirror speeds from cached hostfile
 * base: mirrors.cn99.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package docker-ce.x86_64 3:19.03.9-3.el7 will be installed
……省略部分內容
Installed:
  docker-ce.x86_64 3:19.03.9-3.el7                                              

Dependency Installed:
  audit-libs-python.x86_64 0:2.8.5-4.el7                                        
  checkpolicy.x86_64 0:2.5-8.el7                                                
  container-selinux.noarch 2:2.119.1-1.c57a6f9.el7                              
  containerd.io.x86_64 0:1.2.13-3.2.el7                                         
  docker-ce-cli.x86_64 1:19.03.9-3.el7                                          
  libcgroup.x86_64 0:0.41-21.el7                                                
  libsemanage-python.x86_64 0:2.5-14.el7                                        
  policycoreutils-python.x86_64 0:2.5-34.el7                                    
  python-IPy.noarch 0:0.75-6.el7                                                
  setools-libs.x86_64 0:3.3.8-4.el7                                             

Dependency Updated:
  audit.x86_64 0:2.8.5-4.el7                                                    
  audit-libs.x86_64 0:2.8.5-4.el7                                               
  libselinux.x86_64 0:2.5-15.el7                                                
  libselinux-python.x86_64 0:2.5-15.el7                                         
  libselinux-utils.x86_64 0:2.5-15.el7                                          
  libsemanage.x86_64 0:2.5-14.el7                                               
  libsepol.x86_64 0:2.5-10.el7                                                  
  policycoreutils.x86_64 0:2.5-34.el7                                           
  selinux-policy.noarch 0:3.13.1-266.el7                                        
  selinux-policy-targeted.noarch 0:3.13.1-266.el7                               

Complete!
[root@node1 yum.repos.d]# 

  3、啟動docker

[root@node1 yum.repos.d]# systemctl start docker

  4、新增docker加速器

[root@node1 yum.repos.d]# cd /etc/docker/
[root@node1 docker]# cat >> daemon.json << EOF
> {
>   "registry-mirrors": ["https://cyr1uljt.mirror.aliyuncs.com","https://registry.docker-cn.com"]
> }
> EOF
[root@node1 docker]# cat daemon.json 
{
  "registry-mirrors": ["https://cyr1uljt.mirror.aliyuncs.com","https://registry.docker-cn.com"]
}
[root@node1 docker]# systemctl daemon-reload
[root@node1 docker]# systemctl restart docker
[root@node1 docker]

  4、驗證docker的版本以及加速器地址

[root@node1 docker]# docker version
Client: Docker Engine - Community
 Version:           19.03.9
 API version:       1.40
 Go version:        go1.13.10
 Git commit:        9d988398e7
 Built:             Fri May 15 00:25:27 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.9
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.10
  Git commit:       9d988398e7
  Built:            Fri May 15 00:24:05 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683
[root@node1 docker]# docker info
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.9
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-693.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 3.686GiB
 Name: node1
 ID: T6OZ:HBP6:Q5UV:RVBY:RCHM:DX3A:4JWY:QY55:OUEX:NRMN:BMRZ:UGCU
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://cyr1uljt.mirror.aliyuncs.com/
  https://registry.docker-cn.com/
 Live Restore Enabled: false

[root@node1 docker]# 

  提示:可以看到我們安裝的docker版本是19.03.9的版本;新增到兩條加速器都在registry mirrors中出現了;到此docker的安裝和配置就基本完成了;接下來我們來說說一下docker的使用;

   四、docker的映象

  1、獲取映象

  前面我們說了要想執行docker就必須得有一映象,映象是docker容器的最核心之一;那麼我們怎麼去下載倉庫裡的映象呢?docker image pull這個命令是直接從dockerhub倉庫中直接下載映象到本地,首先我們來看看docker image pull 這個命令的幫助文件吧

[root@node1 ~]# docker image pull --help

Usage:  docker image pull [OPTIONS] NAME[:TAG|@DIGEST]

Pull an image or a repository from a registry

Options:
  -a, --all-tags                Download all tagged images in the repository
      --disable-content-trust   Skip image verification (default true)
      --platform string         Set platform if server is multi-platform
                                capable
  -q, --quiet                   Suppress verbose output
[root@node1 ~]# 

  提示:從上面的幫助資訊我們可以瞭解到,這個命令後面必須要跟一個映象的名稱,表示從dockerhub倉庫中下載指定名稱的映象到本地;其中映象的名稱是name:tag的格式,如果只寫了映象名稱,預設會下載該映象的最新版本;其中-a表示下載指定映象倉庫中的所有映象; --disable-content-trust表示忽略映象的驗證預設是忽略的;-q表示安靜模式,不輸出多餘的下載資訊;

  下載nginx映象

[root@node1 ~]# docker image pull nginx:stable-alpine
stable-alpine: Pulling from library/nginx
cbdbe7a5bc2a: Pull complete 
6ade829cd166: Pull complete 
Digest: sha256:2668e65e1a36a749aa8b3a5297eee45504a4efea423ec2affcbbf85e31a9a571
Status: Downloaded newer image for nginx:stable-alpine
docker.io/library/nginx:stable-alpine
[root@node1 ~]# 

  提示:以上命令表示從dockerhub倉庫中下載nginx的stable-alpine版本的映象到本地;docker image pull這個命令等同docker pull,後者是以前老版本的用法,新版docker為了相容老版本的docker命令,所以保留了老版本的用法;如果要想從非官方映象倉庫中下載映象我們可以手動指定其他映象倉庫的地址;如下

[root@node1 ~]# docker image pull hub.c.163.com/public/ubuntu:14.04       
14.04: Pulling from public/ubuntu
f4ab0b34ba6a: Pull complete 
2f0787dc0bfe: Pull complete 
54c427d77362: Pull complete 
51e87d5424ff: Pull complete 
5dfa314e7290: Pull complete 
a3ed95caeb02: Pull complete 
Digest: sha256:ffc2fc66f8e0bfa4b417b817054d3ebec130c8db44342b8fa394e25779633257
Status: Downloaded newer image for hub.c.163.com/public/ubuntu:14.04
hub.c.163.com/public/ubuntu:14.04
[root@node1 ~]# 

  檢視本地倉庫有哪些映象

[root@node1 ~]# docker image ls 
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# 

  提示:docker image ls 該命令是檢視本地倉庫中的映象,會把本地已有的映象列出來;等同docker images這個命令;從上面的資訊可以看到我們本地有兩個映象

  給映象打標籤

[root@node1 ~]# docker image tag --help

Usage:  docker image tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG]

Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
[root@node1 ~]#

  提示:docker image tag 命令等同 docker tag

[root@node1 ~]# docker image ls
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# docker image tag hub.c.163.com/public/ubuntu:14.04 163.com/ubuntu:14.04
[root@node1 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
163.com/ubuntu                14.04               2fe5c4bba1f9        4 years ago         237MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# docker tag 163.com/ubuntu:14.04 ub:14.04
[root@node1 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
163.com/ubuntu                14.04               2fe5c4bba1f9        4 years ago         237MB
ub                            14.04               2fe5c4bba1f9        4 years ago         237MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# 

  提示:打標籤的本質就是在給映象去別名,從上面的資訊可以看到163.com/ubuntu 、ub和hub.c.163.com/ubuntu這三個映象的ID都是相同的,這意味著這三個映象是指向同一映象的;

  檢視映象的詳細資訊

[root@node1 ~]# docker image inspect nginx:stable-alpine
[
    {
        "Id": "sha256:ab94f84cc4744a5addf3c896206e1e666abde0eadc26990d640395cfacae24a5",
        "RepoTags": [
            "nginx:stable-alpine"
        ],
        "RepoDigests": [
            "nginx@sha256:2668e65e1a36a749aa8b3a5297eee45504a4efea423ec2affcbbf85e31a9a571"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2020-04-24T12:59:54.146056172Z",
        "Container": "5cdc5c83fb963292b8ae3ad7abae5069a88c76e51ae91dfb9f9d7fa604f088e6",
        "ContainerConfig": {
            "Hostname": "5cdc5c83fb96",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.18.0",
                "NJS_VERSION=0.4.0",
                "PKG_RELEASE=1"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "CMD [\"nginx\" \"-g\" \"daemon off;\"]"
            ],
            "ArgsEscaped": true,
            "Image": "sha256:5d84a370ed482284aad8af6a5ea7bcca5a91c5bf7f8e061f2d336835cd724e6e",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
            },
            "StopSignal": "SIGTERM"
        },
        "DockerVersion": "18.09.7",
        "Author": "",
        "Config": {
            "Hostname": "",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.18.0",
                "NJS_VERSION=0.4.0",
                "PKG_RELEASE=1"
            ],
            "Cmd": [
                "nginx",
                "-g",
                "daemon off;"
            ],
            "ArgsEscaped": true,
            "Image": "sha256:5d84a370ed482284aad8af6a5ea7bcca5a91c5bf7f8e061f2d336835cd724e6e",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {
                "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
            },
            "StopSignal": "SIGTERM"
        },
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 21314634,
        "VirtualSize": 21314634,
        "GraphDriver": {
            "Data": {
                "LowerDir": "/var/lib/docker/overlay2/e175dd426f8fc3b61248f51b13ebbcc0130de67cd0b604e6e5c2f4b5776b5568/diff",
                "MergedDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/merged",
                "UpperDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/diff",
                "WorkDir": "/var/lib/docker/overlay2/eda604afa15f728fe10851129414b80826b909d1741a969eb3587dcd50bfe0da/work"
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:3e207b409db364b595ba862cdc12be96dcdad8e36c59a03b7b3b61c946a5741a",
                "sha256:34cf0e74977f5cabe21fd5465978f35ec87b57ed928745a0f2054bc7e1dcbcf9"
            ]
        },
        "Metadata": {
            "LastTagTime": "0001-01-01T00:00:00Z"
        }
    }
]
[root@node1 ~]#

  提示:使用docker image inspect 命令可以獲取指定映象的詳細資訊,包括製作作者、架構以及各層次的摘要資訊等等資訊;該命令等同docker inspect;上面命令返回了一個json格式的資料,很不方便我們檢視某個欄位的資訊,如果想要獲取某個欄位的資訊我們可以使用-f選項來指定要檢視的欄位;如下

[root@node1 ~]# docker image inspect -f "{{.Config.Cmd}}" nginx:stable-alpine
[nginx -g daemon off;]
[root@node1 ~]# docker image inspect -f "{{.RootFS}}" nginx:stable-alpine          
{layers [sha256:3e207b409db364b595ba862cdc12be96dcdad8e36c59a03b7b3b61c946a5741a sha256:34cf0e74977f5cabe21fd5465978f35ec87b57ed928745a0f2054bc7e1dcbcf9] }
[root@node1 ~]# docker image inspect -f "{{.RootFS.Type}}" nginx:stable-alpine
layers
[root@node1 ~]# 

  提示:使用-f指定欄位需要注意,需要從"."開始,欄位名稱需要用雙大括號括起來

  檢視映象歷史

[root@node1 ~]# docker image history  nginx:stable-alpine           
IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
ab94f84cc474        3 weeks ago         /bin/sh -c #(nop)  CMD ["nginx" "-g" "daemon…   0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  STOPSIGNAL SIGTERM           0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  EXPOSE 80                    0B                  
<missing>           3 weeks ago         /bin/sh -c set -x     && addgroup -g 101 -S …   15.7MB              
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV PKG_RELEASE=1            0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV NJS_VERSION=0.4.0        0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  ENV NGINX_VERSION=1.18.0     0B                  
<missing>           3 weeks ago         /bin/sh -c #(nop)  LABEL maintainer=NGINX Do…   0B                  
<missing>           4 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/sh"]              0B                  
<missing>           4 weeks ago         /bin/sh -c #(nop) ADD file:b91adb67b670d3a6f…   5.61MB              
[root@node1 ~]# 

  提示:以上命令表示檢視nginx:stable-alpine這個映象的歷史記錄,該命令顯示了各層映象都做了哪些操作;各層映象的建立資訊;該命令等同docker history;

  搜尋映象

[root@node1 ~]# docker search nginx         
NAME                               DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
nginx                              Official build of Nginx.                        13212               [OK]                
jwilder/nginx-proxy                Automated Nginx reverse proxy for docker con…   1806                                    [OK]
richarvey/nginx-php-fpm            Container running Nginx + PHP-FPM capable of…   775                                     [OK]
linuxserver/nginx                  An Nginx container, brought to you by LinuxS…   113                                     
bitnami/nginx                      Bitnami nginx Docker Image                      83                                      [OK]
tiangolo/nginx-rtmp                Docker image with Nginx using the nginx-rtmp…   73                                      [OK]
jc21/nginx-proxy-manager           Docker container for managing Nginx proxy ho…   61                                      
nginxdemos/hello                   NGINX webserver that serves a simple page co…   49                                      [OK]
jlesage/nginx-proxy-manager        Docker container for Nginx Proxy Manager        43                                      [OK]
nginx/nginx-ingress                NGINX Ingress Controller for Kubernetes         31                                      
privatebin/nginx-fpm-alpine        PrivateBin running on an Nginx, php-fpm & Al…   25                                      [OK]
schmunk42/nginx-redirect           A very simple container to redirect HTTP tra…   18                                      [OK]
nginxinc/nginx-unprivileged        Unprivileged NGINX Dockerfiles                  16                                      
centos/nginx-112-centos7           Platform for running nginx 1.12 or building …   13                                      
centos/nginx-18-centos7            Platform for running nginx 1.8 or building n…   13                                      
blacklabelops/nginx                Dockerized Nginx Reverse Proxy Server.          13                                      [OK]
raulr/nginx-wordpress              Nginx front-end for the official wordpress:f…   12                                      [OK]
nginx/nginx-prometheus-exporter    NGINX Prometheus Exporter                       12                                      
sophos/nginx-vts-exporter          Simple server that scrapes Nginx vts stats a…   7                                       [OK]
mailu/nginx                        Mailu nginx frontend                            6                                       [OK]
bitwarden/nginx                    The Bitwarden nginx web server acting as a r…   5                                       
bitnami/nginx-ingress-controller   Bitnami Docker Image for NGINX Ingress Contr…   5                                       [OK]
wodby/nginx                        Generic nginx                                   1                                       [OK]
ansibleplaybookbundle/nginx-apb    An APB to deploy NGINX                          1                                       [OK]
centos/nginx-110-centos7           Platform for running nginx 1.10 or building …   0                                       
[root@node1 ~]# docker search  -s 500 nginx 
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME                      DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
nginx                     Official build of Nginx.                        13212               [OK]                
jwilder/nginx-proxy       Automated Nginx reverse proxy for docker con…   1806                                    [OK]
richarvey/nginx-php-fpm   Container running Nginx + PHP-FPM capable of…   775                                     [OK]
[root@node1 ~]# docker search  -s 5000 nginx
Flag --stars has been deprecated, use --filter=stars=3 instead
NAME                DESCRIPTION                STARS               OFFICIAL            AUTOMATED
nginx               Official build of Nginx.   13212               [OK]                
[root@node1 ~]# 

  提示:-s表示顯示指定數以上星級的映象

  刪除映象

[root@node1 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
ub                            14.04               2fe5c4bba1f9        4 years ago         237MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
163.com/ubuntu                14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# docker image rm 163.com/ubuntu:14.04
Untagged: 163.com/ubuntu:14.04
[root@node1 ~]# docker image rm ub:14.04            
Untagged: ub:14.04
[root@node1 ~]# docker images
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
nginx                         stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
hub.c.163.com/public/ubuntu   14.04               2fe5c4bba1f9        4 years ago         237MB
[root@node1 ~]# docker image rm hub.c.163.com/public/ubuntu:14.04
Untagged: hub.c.163.com/public/ubuntu:14.04
Untagged: hub.c.163.com/public/ubuntu@sha256:ffc2fc66f8e0bfa4b417b817054d3ebec130c8db44342b8fa394e25779633257
Deleted: sha256:2fe5c4bba1f935f179e83cd5354403d1231ffc9df9c1621967194410eaf8d942
Deleted: sha256:085e08b75e744804e23332efb202896749c4aff9433391a775607852d339c26e
Deleted: sha256:7f622f92c76a635c16f506bced3dc1641e9390a26ee9d8cb70f8616c3a21fbdf
Deleted: sha256:ae7b6867bb7b8f3a8235547e0634e7629b4008d807dc768064e760a91413a71f
Deleted: sha256:3eef796012f97f23ffdb11296f6b624a0db4b32eae986da589492b974e6eb596
Deleted: sha256:b268b9bd797e1d58a176fac2a338df41437e853beb5aaa8a4159227fc38c4b72
Deleted: sha256:89688d062a0607fb50d0955de8964659e66f1bb41164b2d2b473d1edd7d8af90
[root@node1 ~]# 

  提示:如果映象有多個標籤,指定其標籤名錶示刪除該標籤,只有當映象只有一個標籤是,才會把映象完全刪除;docker image rm 命令等同docker rmi命令;刪除映象除了可以指定的標籤來刪除映象外,還可以指定映象ID來刪除映象;

  將指定映象執行為容器

[root@node1 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               stable-alpine       ab94f84cc474        3 weeks ago         21.3MB
[root@node1 ~]# docker run --name n1 -d nginx:stable-alpine
1b404faab5ba4af597e38a998ad21bca61fe99583234b68882931d766c34ebf3
[root@node1 ~]# docker ps
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   6 seconds ago       Up 4 seconds        80/tcp              n1
[root@node1 ~]# 

  提示:要想將指定映象執行成容器,需要使用docker run來執行;--name表示給容器起一個名稱,-d表示不佔據現有終端,後臺執行;docker ps命令是檢視當前系統正在執行的容器;該命令等同docker container ls ,如果想要檢視當前系統所有容器執行情況,可以使用docker ps -a ,該命令會把執行狀態的容器和停止狀態的容器一併列出來;

  檢視剛才建立容器的ip地址

[root@node1 ~]# docker container inspect -f "{{.NetworkSettings.IPAddress}}"  n1 
172.17.0.2
[root@node1 ~]# 

  提示:映象和容器的區別就是,映象是靜態的,容器是把映象執行起來就叫容器,換句話說容器就是映象的例項化產物;檢視容器的詳細資訊我們需要使用docker container inspect 該命令同docker image inspect 的用法類似,如果不用-f過濾欄位資訊,它通常會顯示以json格式的所有資訊;此時我們就可以使用瀏覽器訪問我們剛才啟動的容器裡的nginx服務了

[root@node1 ~]# elinks --dump http://172.17.0.2
                               Welcome to nginx!

   If you see this page, the nginx web server is successfully installed and
   working. Further configuration is required.

   For online documentation and support please refer to [1]nginx.org.
   Commercial support is available at [2]nginx.com.

   Thank you for using nginx.

References

   Visible links
   1. http://nginx.org/
   2. http://nginx.com/
[root@node1 ~]# curl -I http://172.17.0.2
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 22 May 2020 09:00:56 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 21 Apr 2020 15:15:39 GMT
Connection: keep-alive
ETag: "5e9f0e1b-264"
Accept-Ranges: bytes

[root@node1 ~]# 

  提示:預設啟動的容器會把網路接入到docker0橋,該橋是一個nat橋,所以要想訪問到容器裡的應用服務,需要用docker0橋所在主機去訪問(本機),除此之外也可以通過搭建代理或者用在docker0橋上的其他容器又或者將容器裡服務的埠暴露給宿主機;

  停止容器

[root@node1 ~]# docker ps 
CONTAINER ID        IMAGE                 COMMAND                  CREATED              STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   About a minute ago   Up About a minute   80/tcp              n2
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   20 minutes ago       Up 20 minutes       80/tcp              n1
[root@node1 ~]# docker container stop n1
n1
[root@node1 ~]# docker ps
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes        80/tcp              n2
[root@node1 ~]# docker ps -a
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS                     PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes               80/tcp              n2
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   21 minutes ago      Exited (0) 7 seconds ago                       n1
[root@node1 ~]# 

  啟動容器

[root@node1 ~]# docker ps 
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes        80/tcp              n2
[root@node1 ~]# docker container start n1
n1
[root@node1 ~]# docker ps
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes        80/tcp              n2
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   22 minutes ago      Up 2 seconds        80/tcp              n1
[root@node1 ~]# 

  刪除容器

[root@node1 ~]# docker container ls
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   3 minutes ago       Up 3 minutes        80/tcp              n2
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   23 minutes ago      Up About a minute   80/tcp              n1
[root@node1 ~]# docker container rm n1
Error response from daemon: You cannot remove a running container 1b404faab5ba4af597e38a998ad21bca61fe99583234b68882931d766c34ebf3. Stop the container before attempting removal or force remove
[root@node1 ~]# docker container stop n1
n1
[root@node1 ~]# docker ps -a
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS                     PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   4 minutes ago       Up 4 minutes               80/tcp              n2
1b404faab5ba        nginx:stable-alpine   "nginx -g 'daemon of…"   23 minutes ago      Exited (0) 5 seconds ago                       n1
[root@node1 ~]# docker container rm n1
n1
[root@node1 ~]# docker ps -a
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   4 minutes ago       Up 4 minutes        80/tcp              n2
[root@node1 ~]# docker container ls
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS              PORTS               NAMES
444eb763efe0        nginx:stable-alpine   "nginx -g 'daemon of…"   5 minutes ago       Up 5 minutes        80/tcp              n2
[root@node1 ~]# 

  提示:執行的容器是沒法直接刪除的,必須先停止容器才行;如果不停止容器要刪除容器可以使用-f選項來指定,當然通常我們都不建議這樣用;

相關文章