docker
安装
- 基于 Centos 8
yum install -y yum-utilsyum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- 可选
yum-config-manager --enable docker-ce-nightlyyum-config-manager --enable docker-ce-test
yum install docker-ce docker-ce-cli containerd.io- 启动:
systemctl start docker - 运行:
docker run hello-world - 卸载
- 卸载 docker 引擎、CLI 和容器等依赖:
yum remove docker-ce docker-ce-cli containerd.io - 卸载本地所有镜像、容器和卷等资源:
rm -rf /var/lib/docker, rm -rf /var/lib/containerd
概念
- 虚拟机与容器技术(Docker)的区别
- 虚拟机需要搭建一个完整的操作系统,虚拟机资源占用非常大,启动冗余步骤多,导致启动很慢。
- 容器化技术(Docker)不是一个完整的操作系统,是一个 Client-Server 结构的系统,通过 Socket 从客户端访问,通过守护进程直接运行宿主机内核,占用资源少,容器之间互相隔离,每个容器都有属于自己的文件系统互不影响,启动速度特别快。
- 镜像(image):模板,类似于类,可以通过这个模板创建容器实例提供服务。通过这个镜像可以实例化多个容器实例,提供多个服务。
- 容器(container):通过镜像来创建容器实例,一个容器就是一个应用,提供服务。
- 仓库(repository):存放镜像的仓库,分为公有仓库和私有仓库,Docker Hub 是默认的镜像仓库。
docker run hello-world 的原理
CLI
帮助
获取信息
docker version [OPTIONS]
- 说明:输出 docker 版本信息
- OPTIONS
- 使用
docker version --format '{{.Server.Version}}':输出 docker-server 的版本号docker version --format='{{.Client.Context}}':输出 docker-client 的上下文docker version --format '{{json .}}':输出 docker 的版本信息在一行对象的 JSON 文本
$ docker version
# 输出内容
Client:
Version: 19.03.8
API version: 1.40
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:21:11 2020
OS/Arch: darwin/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 19.03.8
API version: 1.40 (minimum version 1.12)
Go version: go1.12.17
Git commit: afacb8b
Built: Wed Mar 11 01:29:16 2020
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: v1.2.13
GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
$ docker version --format '{{.Server.Version}}'
# 输出内容
19.03.8
$ docker version --format '{{json .}}'
# 输出内容
{"Client":{"Platform":{"Name":"Docker Engine - Community"},"Version":"19.03.8","ApiVersion":"1.40","DefaultAPIVersion":"1.40","GitCommit":"afacb8b","GoVersion":"go1.12.17","Os":"darwin","Arch":"amd64","BuildTime":"Wed Mar 11 01:21:11 2020","Experimental":true},"Server":{"Platform":{"Name":"Docker Engine - Community"},"Components":[{"Name":"Engine","Version":"19.03.8","Details":{"ApiVersion":"1.40","Arch":"amd64","BuildTime":"Wed Mar 11 01:29:16 2020","Experimental":"true","GitCommit":"afacb8b","GoVersion":"go1.12.17","KernelVersion":"4.19.76-linuxkit","MinAPIVersion":"1.12","Os":"linux"}},{"Name":"containerd","Version":"v1.2.13","Details":{"GitCommit":"7ad184331fa3e55e52b890ea95e65ba581ae3429"}},{"Name":"runc","Version":"1.0.0-rc10","Details":{"GitCommit":"dc9208a3303feef5b3839f4323d9beb36df0a9dd"}},{"Name":"docker-init","Version":"0.18.0","Details":{"GitCommit":"fec3683"}}],"Version":"19.03.8","ApiVersion":"1.40","MinAPIVersion":"1.12","GitCommit":"afacb8b","GoVersion":"go1.12.17","Os":"linux","Arch":"amd64","KernelVersion":"4.19.76-linuxkit","Experimental":true,"BuildTime":"2020-03-11T01:29:16.000000000+00:00"}}
$ docker version --format='{{.Client.Context}}'
# 输出内容
default
docker info [OPTIONS]
- 说明:输出 docker 系统信息
- OPTIONS
- 使用
docker --debug info:输出调试信息docker info --format '{{json .}}':输出 docker 的系统信息在一行对象的 JSON 文本
$ docker info
# 输出内容
Client:
Context: default
Debug Mode: false
Server:
Containers: 14
Running: 3
Paused: 1
Stopped: 10
Images: 52
Server Version: 1.10.3
Storage Driver: devicemapper
Pool Name: docker-202:2-25583803-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 1.68 GB
Data Space Total: 107.4 GB
Data Space Available: 7.548 GB
Metadata Space Used: 2.322 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.145 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-12-01)
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: null host bridge
Kernel Version: 3.10.0-327.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.2 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 991.7 MiB
Name: ip-172-30-0-91.ec2.internal
ID: I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S
Docker Root Dir: /var/lib/docker
Debug Mode: false
Username: gordontheturtle
Registry: https://index.docker.io/v1/
Insecure registries:
myinsecurehost:5000
127.0.0.0/8
$ docker --debug info
# 输出内容
Client:
Context: default
Debug Mode: true
Server:
Containers: 14
Running: 3
Paused: 1
Stopped: 10
Images: 52
Server Version: 1.13.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: active
NodeID: rdjq45w1op418waxlairloqbm
Is Manager: true
ClusterID: te8kdyw33n36fqiz74bfjeixd
Managers: 1
Nodes: 2
Orchestration:
Task History Retention Limit: 5
Raft:
Snapshot Interval: 10000
Number of Old Snapshots to Retain: 0
Heartbeat Tick: 1
Election Tick: 3
Dispatcher:
Heartbeat Period: 5 seconds
CA Configuration:
Expiry Duration: 3 months
Root Rotation In Progress: false
Node Address: 172.16.66.128 172.16.66.129
Manager Addresses:
172.16.66.128:2477
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 8517738ba4b82aff5662c97ca4627e7e4d03b531
runc version: ac031b5bf1cc92239461125f4c1ffb760522bbf2
init version: N/A (expected: v0.13.0)
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-31-generic
Operating System: Ubuntu 16.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.937 GiB
Name: ubuntu
ID: H52R:7ZR6:EIIA:76JG:ORIY:BVKF:GSFU:HNPG:B5MK:APSC:SZ3Q:N326
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 30
Goroutines: 123
System Time: 2016-11-12T17:24:37.955404361-08:00
EventsListeners: 0
Http Proxy: http://test:test@proxy.example.com:8080
Https Proxy: https://test:test@proxy.example.com:8080
No Proxy: localhost,127.0.0.1,docker-registry.somecorporation.com
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
Labels:
storage=ssd
staging=true
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
http://192.168.1.2/
http://registry-mirror.example.com:5000/
Live Restore Enabled: false
$ docker info --format '{{json .}}'
# 输出内容
{"ID":"I54V:OLXT:HVMM:TPKO:JPHQ:CQCD:JNLC:O3BZ:4ZVJ:43XJ:PFHZ:6N2S","Containers":14, ...}
镜像命令
docker images [OPTIONS] [REPOSITORY[:TAG]]
- 说明:输出本地下载的顶层镜像。默认不列出中间层的镜像
- OPTIONS
- –all , -a:输出本地下载的全部镜像
- –digests:输出镜像签名
- –filter , -f:过滤输出内容
- –format:格式化输出内容
- –no-trunc:完整输出镜像信息,例如完整输出镜像的 ID
- –quiet , -q:只输出镜像的 ID
- REPOSITORY[:TAG]:指定输出的镜像仓库源,可选镜像的 TAG
- 使用
docker images java:获取本地下载的所有 TAG 的 java 镜像仓库源的镜像信息docker images java:8:获取本地下载的 TAG:8 的 java 镜像仓库源的镜像信息
REPOSITORY:镜像仓库源
TAG:镜像标签,例如版本号等等
IMAGE ID:镜像 ID
CREATED:镜像创建时间
SIZE:镜像大小
$ docker images java
# 输出内容
REPOSITORY TAG IMAGE ID CREATED SIZE
java 8 308e519aac60 6 days ago 824.5 MB
java 7 493d82594c15 3 months ago 656.3 MB
java latest 2711b1d6f3aa 5 months ago 603.9 MB
$ docker images java:8
# 输出信息
REPOSITORY TAG IMAGE ID CREATED SIZE
java 8 308e519aac60 6 days ago 824.5 MB
docker search [OPTIONS] TERM
- 说明:输出从 Docker Hub 搜索的镜像信息
- OPTIONS
- –filter , -f:过滤输出内容
- –format:格式化输出内容
- –limit:限制最多的输出的镜像数目,默认值为 25
- –no-trunc:完整输出镜像信息
- 使用
docker search busybox:输出从 Docker Hub 搜索的镜像源(镜像名称)包含 busybox 关键字的镜像列表信息docker search --filter=stars=3 --no-trunc busybox:输出从 Docker Hub 搜索的镜像源(镜像名称)包含 busybox 关键字而且最少 stars 数为 3 的镜像列表完整信息
$ docker search busybox
# 输出内容
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
busybox Busybox base image. 316 [OK]
progrium/busybox 50 [OK]
radial/busyboxplus Full-chain, Internet enabled, busybox made... 8 [OK]
odise/busybox-python 2 [OK]
azukiapp/busybox This image is meant to be used as the base... 2 [OK]
ofayau/busybox-jvm Prepare busybox to install a 32 bits JVM. 1 [OK]
shingonoide/archlinux-busybox Arch Linux, a lightweight and flexible Lin... 1 [OK]
odise/busybox-curl 1 [OK]
ofayau/busybox-libc32 Busybox with 32 bits (and 64 bits) libs 1 [OK]
peelsky/zulu-openjdk-busybox 1 [OK]
skomma/busybox-data Docker image suitable for data volume cont... 1 [OK]
elektritter/busybox-teamspeak Lightweight teamspeak3 container based on... 1 [OK]
socketplane/busybox 1 [OK]
oveits/docker-nginx-busybox This is a tiny NginX docker image based on... 0 [OK]
ggtools/busybox-ubuntu Busybox ubuntu version with extra goodies 0 [OK]
nikfoundas/busybox-confd Minimal busybox based distribution of confd 0 [OK]
openshift/busybox-http-app 0 [OK]
jllopis/busybox 0 [OK]
swyckoff/busybox 0 [OK]
powellquiring/busybox 0 [OK]
williamyeh/busybox-sh Docker image for BusyBox's sh 0 [OK]
simplexsys/busybox-cli-powered Docker busybox images, with a few often us... 0 [OK]
fhisamoto/busybox-java Busybox java 0 [OK]
scottabernethy/busybox 0 [OK]
marclop/busybox-solr
$ docker search --filter=stars=3 --no-trunc busybox
# 输出内容
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
busybox Busybox base image. 325 [OK]
progrium/busybox 50 [OK]
radial/busyboxplus Full-chain, Internet enabled, busybox made from scratch. Comes in git and cURL flavors. 8 [OK]
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
- 说明:从指定仓库中拉取镜像到本地,默认从 Docker Hub 仓库拉取镜像。
- OPTIONS
- –all-tags , -a:拉取仓库中的所有镜像到本地
- –disable-content-trust:跳过验证,默认值为 true
- –platform:拉取指定平台的镜像到本地
- –quiet , -q:输出简短信息
- NAME[:TAG|@DIGEST]
- 说明:镜像源,即镜像名称
- TAG:镜像标签,默认为 latest
- DIGEST:镜像签名
- 使用
docker pull debian:从 Docker Hub 仓库拉取 TAG 为 latest 的 debian 镜像docker pull debian:jessie:从 Docker Hub 仓库拉取 TAG 为 jessie 的 debian 镜像docker pull ubuntu:20.04:从 Docker Hub 仓库拉取 TAG 为 20.04 的 ubuntu 镜像docker pull ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3:从 Docker Hub 仓库拉取签名信息为 sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 的 ubuntu 镜像docker pull myregistry.local:5000/testing/test-image:从指定仓库 myregistry.local:5000/testing/ 拉取 test-image 镜像
$ docker pull debian
# 输出内容
Using default tag: latest
latest: Pulling from library/debian
fdd5d7827f33: Pull complete
a3ed95caeb02: Pull complete
Digest: sha256:e7d38b3517548a1c71e41bffe9c8ae6d6d29546ce46bf62159837aad072c90aa
Status: Downloaded newer image for debian:latest
$ docker pull debian:jessie
# 输出信息
jessie: Pulling from library/debian
fdd5d7827f33: Already exists
a3ed95caeb02: Already exists
Digest: sha256:a9c958be96d7d40df920e7041608f2f017af81800ca5ad23e327bc402626b58e
Status: Downloaded newer image for debian:jessie
$ docker pull ubuntu:20.04
# 输出内容
20.04: Pulling from library/ubuntu
16ec32c2132b: Pull complete # 分层下载
Digest: sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3 # 签名信息
Status: Downloaded newer image for ubuntu:20.04
docker.io/library/ubuntu:20.04 # 真实地址
$ docker pull ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3
# 输出内容
docker.io/library/ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3: Pulling from library/ubuntu
Digest: sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3
Status: Image is up to date for ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3
docker.io/library/ubuntu@sha256:82becede498899ec668628e7cb0ad87b6e1c371cb8a1e597d83a47fac21d6af3
$ docker pull myregistry.local:5000/testing/test-image
docker rmi [OPTIONS] IMAGE [IMAGE...]
- 说明:卸载一个或者多个镜像
- OPTIONS
- –force, -f:强制卸载存在正在运行的容器的镜像
- –no-prune:不卸载不存在 TAG 的父镜像
- IMAGE:镜像源(镜像名称)
- 使用
docker rmi test1:latest:卸载本地的 TAG 为 latest 的镜像 test1docker rmi test2:latest:卸载本地的 TAG 为 latest 的镜像 test2docker rmi test:latest:卸载本地的 TAG 为 latest 的镜像 testdocker rmi localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf:卸载指定仓库 localhost:5000/test/ 的 签名信息为 sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdb 镜像 busyboxdocker rmi $(docker images -aq):卸载本地所有镜像
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test1 latest fd484f19954f 23 seconds ago 7 B (virtual 4.964 MB)
test latest fd484f19954f 23 seconds ago 7 B (virtual 4.964 MB)
test2 latest fd484f19954f 23 seconds ago 7 B (virtual 4.964 MB)
$ docker rmi fd484f19954f
Error: Conflict, cannot delete image fd484f19954f because it is tagged in multiple repositories, use -f to force
2013/12/11 05:47:16 Error: failed to remove one or more images
$ docker rmi test1:latest
Untagged: test1:latest
$ docker rmi test2:latest
Untagged: test2:latest
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test latest fd484f19954f 23 seconds ago 7 B (virtual 4.964 MB)
$ docker rmi test:latest
Untagged: test:latest
Deleted: fd484f19954f4920da7ff372b5067f5b7ddb2fd3830cecd17b96ea9e286ba5b8
$ docker rmi localhost:5000/test/busybox@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
$ docker rmi $(docker images -aq)
参考
应用
概况
场景
实践
示例
|