highlight: github
Docker 安装
卸载旧版本
在尝试安装新版本之前,卸载任何此类旧版本以及相关的依赖项:
# yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
如果yum报告未安装任何这些软件包,则无所谓。
卸载docker时,存储在/var/lib/docker/中的图像、容器、数据卷和网络不会自动删除。
安装基础环境
在新主机上首次安装Docker Engine之前,需要设置Docker存储库。之后,您可以从存储库安装和更新Docker。
安装yum utils包(它提供了yum config manager实用程序)并设置存储库。
# yum install -y yum-utils
# yum-config-manager \
--add-repo https://download.docker.com/linux/centos/docker-ce.repo
安装社区版
# yum install docker-ce
设置开机自启
# systemctl enable docker
启动
# systemctl start docker
查看版本信息
# docker version
Client: Docker Engine - Community
Version: 23.0.1
API version: 1.42
Go version: go1.19.5
Git commit: a5ee5b1
Built: Thu Feb 9 19:51:00 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 23.0.1
API version: 1.42 (minimum version 1.12)
Go version: go1.19.5
Git commit: bc3805a
Built: Thu Feb 9 19:48:42 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.16
GitCommit: 31aa4358a36870b21a992d3ad2bef29e1d693bec
runc:
Version: 1.1.4
GitCommit: v1.1.4-0-g5fd4c4d
docker-init:
Version: 0.19.0
GitCommit: de40ad0
该命令展示 Docker 客户端和服务端的版本信息,如出现以上信息,则代表Docker安装成功。
配置国内镜像
# vim /etc/docker/daemon.json
向daemon.json内写入Docker中国区官方镜像。
{
"registry-mirrors": [
"https://registry.docker-cn.com"
]
}
常用命令
概要信息
# docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.10.2
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.16.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
scan: Docker Scan (Docker Inc.)
Version: v0.23.0
Path: /usr/libexec/docker/cli-plugins/docker-scan
Server:
Containers: 0 # 容器的数量
Running: 0 # 运行中的容器数量
Paused: 0 # 暂停的容器数量
Stopped: 0 # 停止的容器数量
Images: 0 # 镜像数量
Server Version: 23.0.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 31aa4358a36870b21a992d3ad2bef29e1d693bec
runc version: v1.1.4-0-g5fd4c4d
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 3.10.0-1160.71.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.608GiB
Name: VM-12-6-centos
ID: 02eff05d-c909-4507-901a-f9341ceaea0b
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
镜像
搜索镜像
在 Docker Hub 中搜索镜像
用法:
docker search [OPTIONS] TERM
Search Docker Hub for images
Options:
--format string 使用模板格式化显示输出
--limit int 限制搜索输出个数,默认25个
--no-trunc 禁止截断输出,使对镜像的描述不中断
实例:
# docker search mysql
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
mysql MySQL is a widely used, open-source relation… 13786 [OK]
mariadb MariaDB Server is a high performing open sou… 5264 [OK]
percona Percona Server is a fork of the MySQL relati… 599 [OK]
phpmyadmin phpMyAdmin - A web interface for MySQL and M… 734 [OK]
circleci/mysql MySQL is a widely used, open-source relation… 28
bitnami/mysql Bitnami MySQL Docker Image 80 [OK]
bitnami/mysqld-exporter 4
ubuntu/mysql MySQL open source fast, stable, multi-thread… 41
cimg/mysql 0
rapidfort/mysql RapidFort optimized, hardened image for MySQL 14
google/mysql MySQL server for Google Compute Engine 23 [OK]
ibmcom/mysql-s390x Docker image for mysql-s390x 2
rapidfort/mysql8-ib RapidFort optimized, hardened image for MySQ… 0
hashicorp/mysql-portworx-demo 0
newrelic/mysql-plugin New Relic Plugin for monitoring MySQL databa… 1 [OK]
rapidfort/mysql-official RapidFort optimized, hardened image for MySQ… 0
databack/mysql-backup Back up mysql databases to... anywhere! 81
linuxserver/mysql A Mysql container, brought to you by LinuxSe… 38
mirantis/mysql 0
docksal/mysql MySQL service images for Docksal - https://d… 0
vitess/mysqlctld vitess/mysqlctld 1 [OK]
linuxserver/mysql-workbench 48
eclipse/mysql Mysql 5.7, curl, rsync 0 [OK]
drud/mysql 0
silintl/mysql-backup-restore Simple docker image to perform mysql backups… 0 [OK]
说明:
- NAME: 镜像名称,其中部分镜像名称由两部分组成,
/前面为上传镜像的用户,/后面为镜像的真正名称,而不带/的镜像则代表由 docker 官方提供和维护 - DESCRIPTION: 镜像描述
- STARS: 表示点赞、喜欢的星数
- OFFICIAL: 是否 docker 官方发布
- AUTOMATED: 是否自动构建
下载镜像
从镜像仓库中拉取镜像
用法:
docker pull [OPTIONS] NAME[:TAG|@DIGEST]
Download an image from a registry
Aliases:
docker image pull, docker pull
Options:
-a, --all-tags 下载所有标签镜像
--disable-content-trust 跳过验证,默认值true
--platform string 如果服务器支持多平台,则设置平台
-q, --quiet 静默输出
实例:
# docker pull mysql
Using default tag: latest
latest: Pulling from library/mysql
197c1adcd755: Pull complete
45f2e353f7d2: Pull complete
68ec6ece42ef: Pull complete
cfa4d9a7b88e: Pull complete
64cab5858b1d: Pull complete
92fcd248d982: Pull complete
88635e83312d: Pull complete
43f0427259d9: Pull complete
79828698a290: Pull complete
a8854781893e: Pull complete
6c8bdf3091d9: Pull complete
Digest: sha256:8653a170e0b0df19ea95055267def2615fc53c62df529e3750817c1a886485f0
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest
说明:
没有提供镜像标签时,Docker 会默认使用 latest 这个标签,下载最新版。
目前如果想要看仓库镜像的tag,貌似只能去仓库的网站
镜像列表
输出本地的镜像列表
用法:
docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
docker image ls, docker image list, docker images
Options:
-a, --all 显示所有镜像 (默认情况下,会过滤掉中间映像层)
--digests 显示 DIGEST 列
-f, --filter filter 根据提供的条件过滤输出
--format string 使用自定义模板设置输出格式:
'table': 以带有列标题的表格格式打印输出(默认)
'table TEMPLATE': 使用给定的Go模板以表格格式打印输出
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
--no-trunc 禁止截断输出,显示完整的镜像信息
-q, --quiet 只显示镜像ID
实例:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 57da161f45ac 4 days ago 517MB
circleci/mysql latest 9e8d77206977 11 months ago 519MB
说明:
- REPOSITORY: 镜像来源及名称,
/前面为上传镜像的用户,/后面为镜像的真正名称,而不带/的镜像则代表由 docker 官方提供和维护 - TAG: 镜像的标签信息,latest标识最新的版本
- IMAGE ID: 镜像的ID
- CREATED: 镜像的创建或更新时间
- SIZE: 镜像大小
镜像详情
输出本地镜像或容器详情
用法:
docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string 使用自定义模板设置输出格式:
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
-s, --size 如果类型为容器,则显示总文件大小
--type string 返回指定类型的JSON
实例:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 57da161f45ac 4 days ago 517MB
circleci/mysql latest 9e8d77206977 11 months ago 519MB
# docker inspect mysql
[
{
"Id": "sha256:57da161f45ac3835bc872dcb50f0cde87f65661ba8f50a5a0835dee7e262703f",
"RepoTags": [
"mysql:latest"
],
"RepoDigests": [
"mysql@sha256:8653a170e0b0df19ea95055267def2615fc53c62df529e3750817c1a886485f0"
],
"Parent": "",
"Comment": "",
"Created": "2023-02-08T20:01:39.525196514Z",
"Container": "3fc861c410a6e77d7f4152c7affc7230a44833db02b925709b86333c1e081544",
"ContainerConfig": {
"Hostname": "3fc861c410a6",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.16",
"MYSQL_MAJOR=8.0",
"MYSQL_VERSION=8.0.32-1.el8",
"MYSQL_SHELL_VERSION=8.0.32-1.el8"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD ["mysqld"]"
],
"Image": "sha256:a66401127c3a33f43fbe76f054fff64fdaa6e2eea779f7ed47ff7d4ad719ee90",
"Volumes": {
"/var/lib/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"DockerVersion": "20.10.12",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.16",
"MYSQL_MAJOR=8.0",
"MYSQL_VERSION=8.0.32-1.el8",
"MYSQL_SHELL_VERSION=8.0.32-1.el8"
],
"Cmd": [
"mysqld"
],
"Image": "sha256:a66401127c3a33f43fbe76f054fff64fdaa6e2eea779f7ed47ff7d4ad719ee90",
"Volumes": {
"/var/lib/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 517465864,
"VirtualSize": 517465864,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/b3113484ad626432897f4907d9506a9cc17fb6c74c98646fd37dbde6f1c46256/diff:/var/lib/docker/overlay2/6c09777edda9df90c5ae726f31ae86d8d5d05e3fdba47b13737f0faa9f240288/diff:/var/lib/docker/overlay2/a8b9d5fb52c3758e069c5fa9fac10c9fa21c6030ff0203756fc0d786d76475f6/diff:/var/lib/docker/overlay2/497d197a7d280f8440acc4580e58f19590481426b9bf285de99cc132dd7ff0cf/diff:/var/lib/docker/overlay2/380189d7b6bf504b396a9effc55da879b586db395896e045f3775d0ea38357c5/diff:/var/lib/docker/overlay2/17094362ff36d02f78bac3105128cd7ce096127edf866239f4fb02dbc27aff8f/diff:/var/lib/docker/overlay2/b753bc7060fb95ea89fbd2aedfe73c1fd08dd41215500a3fadafa5cf5cbb7970/diff:/var/lib/docker/overlay2/98b9c12c483f7bb53f4234a3cb6f73a1b3546bdf2a05edd5ebb48e8dda310905/diff:/var/lib/docker/overlay2/7d1f075746db05dd13a5c79f1b5de978726719a28679e0589a20ffddfe5e9e0e/diff:/var/lib/docker/overlay2/22744c471f5cce0f17c43d9a39030c1c2204dcc03d148d3fe797ffed37e1373c/diff",
"MergedDir": "/var/lib/docker/overlay2/80f0788ca40d677640047ee6b2c1ec87ff096975af1aec67e9a8260f473c52af/merged",
"UpperDir": "/var/lib/docker/overlay2/80f0788ca40d677640047ee6b2c1ec87ff096975af1aec67e9a8260f473c52af/diff",
"WorkDir": "/var/lib/docker/overlay2/80f0788ca40d677640047ee6b2c1ec87ff096975af1aec67e9a8260f473c52af/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:9cd9df9ffc972e9abc946d855162ef0c40dff9a89f10c962b7920154a3d943d8",
"sha256:824505732bf475e99d3d9f2d2a1bbcb2f822005a5eb42ed3bd6c90d896601cf6",
"sha256:0b175674497447465ef1a69f9aa74eaad5fc89875eceb9257b1f51723a676b22",
"sha256:824c2933e60c068e80f2aeed3156289d52e173302c9591307186a1901d511747",
"sha256:4645c1089915b7a96108959a038bbabd1a9301561c04884ee25217fbd8529cbd",
"sha256:2dddefc501cc94ee7378f11117eb7537f18e42dff066fd0b0e352579fa201e47",
"sha256:3e8acfe4342fadf5703bc0e57f029aa8645f5bdad6071289b98f33e1b207f522",
"sha256:5f038062397273abd71d4393adf7dbf3b5517e0f2c660054d1bedb1d629e3dd9",
"sha256:16f4176c5cad94a63121b2f4f77a2027f15c8b88559d423daf345a51d41251eb",
"sha256:394c5cd5b4baf7e17088e44077a8b14ecbd9ba5d460629f1efb8ea3a90380a08",
"sha256:e2eaf447bf15d59b9e8f4e7c00c63cf35bf9096403563eed770cd758d27eb557"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]
删除镜像
删除本地镜像
用法:
docker rmi [OPTIONS] IMAGE [IMAGE...]
Remove one or more images
Aliases:
docker image rm, docker image remove, docker rmi
Options:
-f, --force 强制删除镜像
--no-prune 不删除该镜像的过程镜像,默认移除
实例:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 57da161f45ac 4 days ago 517MB
circleci/mysql latest 9e8d77206977 11 months ago 519MB
# docker rmi circleci/mysql
Untagged: circleci/mysql:latest
Untagged: circleci/mysql@sha256:b8aabed03a3c72f4aa1501a565c7a0d87dd3e53ab84dca8da41c78cb0ca8eb78
Deleted: sha256:9e8d772069776d016a447ac629a34271e2d4e8b4c87fbe94e3ba5610d2560403
Deleted: sha256:36aec3689394b4c4257e3283e9baaab67124ea31be8d74dfdebf3d9ba8be1971
Deleted: sha256:10bf39a24625d39d92249386510885f15b705a5da74945f98256fd0817fe7eb5
Deleted: sha256:1667cf286d930e8ffb90f90db8b2a059a02bafd3c6f70e8e565d69c3e4abe34e
Deleted: sha256:8f3d1a0a2d4178c0fede3eaa19f33d320209f46ef7268d97cebb590a8985264d
Deleted: sha256:cc08389d540a702be5110a2147430d0b4c935119e53a737e1d8a1d2f43bba038
Deleted: sha256:f9987717a989ba21aee0a3ef5b1189a507eb393aa0e88de58435357b3ec6dd92
Deleted: sha256:c5a578662a7c39216cc7832bb64b81ada6bc73c639effa8117f223672ea9aba0
Deleted: sha256:156aa1a11e93325c2fc2303736d7902a0be9ad4b29d30561ab6b12050ad12f46
Deleted: sha256:6a4d005549c580ebf87f192fdcfb1c9dfd91f4ff6b934d284c9cb49f2af13fd5
Deleted: sha256:59fc12d50d81beac733e8069de09b0d8f05f518783076d0a11082fff76535355
Deleted: sha256:a85e24ac4d077fd96f02199a49127739f0e9ad1299bea356e33e96e7a59327d3
Deleted: sha256:c463c437c67d8fe9ae10b80b84128e5673032a2f0f5951956b2da99160623533
Deleted: sha256:f18b02b14138b6f9808f9843cc645e2edd64b02ca1c87e671355f56d1b4b5ec6
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 57da161f45ac 4 days ago 517MB
容器
创建容器
根据本地镜像创建容器
用法:
docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
Create a new container
Aliases:
docker container create, docker create
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use (host|private)
'host': Run the container in the Docker host's cgroup namespace
'private': Run the container in its own private cgroup namespace
'': Use the cgroup namespace as configured by the
default-cgroupns-mode option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU份额(相对权重)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list 设置环境变量
--env-file list 读入环境变量文件
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string 容器主机名
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive 以交互模式运行容器
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list 在容器上设置元数据
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes 内存限制
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string 为容器指定名称
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list 指定端口映射,格式为:主机(宿主)端口:容器端口
-P, --publish-all 随机端口映射,容器内部端口随机映射到主机的端口
--pull string Pull image before creating ("always", "|missing", "never") (default "missing")
-q, --quiet Suppress the pull output
--read-only Mount the container's root filesystem as read only
--restart string 当容器退出时重新启动的策略(默认为“no”)
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--stop-signal string Signal to stop the container
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list 文件系统挂载
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
实例:
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest 57da161f45ac 4 days ago 517MB
# docker create --name mysql -p 3306:3306 -v /my/own/datadir:/var/lib/mysql --restart always -e MYSQL_ROOT_PASSWORD=123456 mysql
b446365d5041c22bbaf755189a160756320939284f01edbf545bbcbb70473094
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b446365d5041 mysql "docker-entrypoint.s…" 12 minutes ago Created mysql
说明:
--name mysql指定容器名称为mysql,-p 3306:3306指定主机3306端口映射到容器3306端口,-v /my/own/datadir:/var/lib/mysql为Bind Mount方式文件系统挂载,--restart always为重启策略,在容器退出时总是重启容器,-e MYSQL_ROOT_PASSWORD=123456是镜像定义的环境变量,指定登录密码为123456。
文件系统挂载方式:
- Bind Mount:将宿主机的目录和文件挂载到容器内,在容器内外对文件的读写,互相可见,命令格式为
-v <host-path>:<container-path>,为避免混淆,<host-path>和<container-path>必须使用绝对路径,不能使用相对路径,如果需要只读的方式挂载,只需在挂载选项-v后再接上:ro - Volume :使用数据卷,仅指定容器内的目录,宿主机挂载的目录由 Docker 进行管理,命令格式为
-v <name>:<container-path>,<name>为数据卷名称,可不填写,此时命令格式为-v <container-path> - Tmpfs Mount:挂载临时文件目录,命令格式为
--tmpfs <container-path>
启动容器
启动一个或多个停止的容器
用法:
docker start [OPTIONS] CONTAINER [CONTAINER...]
Start one or more stopped containers
Aliases:
docker container start, docker start
Options:
-a, --attach Attach STDOUT/STDERR and forward signals
--detach-keys string Override the key sequence for detaching a container
-i, --interactive Attach container's STDIN
实例:
# docker start mysql
mysql
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b446365d5041 mysql "docker-entrypoint.s…" 14 minutes ago Up 6 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
说明:
Mysql启动完成。
创建并启动
用法:
docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Create and run a new container from an image
Aliases:
docker container run, docker run
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cgroupns string Cgroup namespace to use (host|private)
'host': Run the container in the Docker host's cgroup namespace
'private': Run the container in its own private cgroup namespace
'': Use the cgroup namespace as configured by the
default-cgroupns-mode option on the daemon (default)
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU份额(相对权重)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach 在后台运行容器并打印容器ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list 设置环境变量
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string 容器主机名
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive 以交互模式运行容器
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list 在容器上设置元数据
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes 内存限制
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--platform string Set platform if server is multi-platform capable
--privileged Give extended privileges to this container
-p, --publish list 指定端口映射,格式为:主机(宿主)端口:容器端口
-P, --publish-all 随机端口映射,容器内部端口随机映射到主机的端口
--pull string Pull image before running ("always", "missing", "never") (default "missing")
-q, --quiet Suppress the pull output
--read-only Mount the container's root filesystem as read only
--restart string 当容器退出时重新启动的策略(默认为“no”)
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop the container
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list 文件系统挂载
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
实例:
# docker run -d --name mysql -p 3306:3306 --restart always -e MYSQL_ROOT_PASSWORD=1234556 mysql
ee00dc927aebacdaeac4667fc6f3b0417ec9954703836c256f2f793b97468656
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee00dc927aeb mysql "docker-entrypoint.s…" 31 seconds ago Up 30 seconds 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
说明:
-d为后台运行。
容器列表
展示容器列表
用法:
docker ps [OPTIONS]
List containers
Aliases:
docker container ls, docker container list, docker container ps, docker ps
Options:
-a, --all 显示所有容器(默认仅显示运行中的容器)
-f, --filter filter 根据提供的条件过滤输出
--format string 使用自定义模板设置输出格式:
'table': 以带有列标题的表格格式打印输出(默认)
'table TEMPLATE': 使用给定的Go模板以表格格式打印输出
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
-n, --last int 显示n个上次创建的容器(包括所有状态)(默认值-1)
-l, --latest 显示最新创建的容器(包括所有状态)
--no-trunc 不截断输出
-q, --quiet 仅显示容器ID
-s, --size 显示总文件大小
实例:
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee00dc927aeb mysql "docker-entrypoint.s…" 10 hours ago Up 10 hours 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
说明:
- CONTAINER ID: 容器 ID
- IMAGE: 使用的镜像
- COMMAND: 启动容器时运行的命令
- CREATED: 容器的创建时间
- STATUS: 容器状态
-
- Created:已创建,相关资源已经准备就绪,但未运行
-
- Running:运行中,容器中的应用正在运行
-
- Paused:已暂停,容器中的所有程序都处于暂停状态
-
- Stopped:已停止,但占用的资源和沙盒环境都依然存在
-
- Deleted:已删除,相关占用的资源及存储也已释放和移除。
- PORTS: 容器的端口信息和使用的连接类型(
TCP/UDP) - NAMES: 容器名称
容器详情
输出本地镜像或容器详情
用法:
docker inspect [OPTIONS] NAME|ID [NAME|ID...]
Return low-level information on Docker objects
Options:
-f, --format string 使用自定义模板设置输出格式:
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
-s, --size 如果类型为容器,则显示总文件大小
--type string 返回指定类型的JSON
实例:
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d7b25c0f2b4 mysql "docker-entrypoint.s…" 10 hours ago Up 10 hours 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
# docker inspect 5d7b25c0f2b4
[
{
"Id": "5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9",
"Created": "2023-02-14T02:51:53.028962985Z",
"Path": "docker-entrypoint.sh",
"Args": [
"mysqld"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 3056,
"ExitCode": 0,
"Error": "",
"StartedAt": "2023-02-14T02:51:53.377747741Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:57da161f45ac3835bc872dcb50f0cde87f65661ba8f50a5a0835dee7e262703f",
"ResolvConfPath": "/var/lib/docker/containers/5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9/hostname",
"HostsPath": "/var/lib/docker/containers/5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9/hosts",
"LogPath": "/var/lib/docker/containers/5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9/5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9-json.log",
"Name": "/mysql",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {
"3306/tcp": [
{
"HostIp": "",
"HostPort": "3306"
}
]
},
"RestartPolicy": {
"Name": "always",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
34,
143
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/16ecf1a27620855cae51742881c615c142596cc4aadf876fa1945bf9a7bf24ff-init/diff:/var/lib/docker/overlay2/80f0788ca40d677640047ee6b2c1ec87ff096975af1aec67e9a8260f473c52af/diff:/var/lib/docker/overlay2/b3113484ad626432897f4907d9506a9cc17fb6c74c98646fd37dbde6f1c46256/diff:/var/lib/docker/overlay2/6c09777edda9df90c5ae726f31ae86d8d5d05e3fdba47b13737f0faa9f240288/diff:/var/lib/docker/overlay2/a8b9d5fb52c3758e069c5fa9fac10c9fa21c6030ff0203756fc0d786d76475f6/diff:/var/lib/docker/overlay2/497d197a7d280f8440acc4580e58f19590481426b9bf285de99cc132dd7ff0cf/diff:/var/lib/docker/overlay2/380189d7b6bf504b396a9effc55da879b586db395896e045f3775d0ea38357c5/diff:/var/lib/docker/overlay2/17094362ff36d02f78bac3105128cd7ce096127edf866239f4fb02dbc27aff8f/diff:/var/lib/docker/overlay2/b753bc7060fb95ea89fbd2aedfe73c1fd08dd41215500a3fadafa5cf5cbb7970/diff:/var/lib/docker/overlay2/98b9c12c483f7bb53f4234a3cb6f73a1b3546bdf2a05edd5ebb48e8dda310905/diff:/var/lib/docker/overlay2/7d1f075746db05dd13a5c79f1b5de978726719a28679e0589a20ffddfe5e9e0e/diff:/var/lib/docker/overlay2/22744c471f5cce0f17c43d9a39030c1c2204dcc03d148d3fe797ffed37e1373c/diff",
"MergedDir": "/var/lib/docker/overlay2/16ecf1a27620855cae51742881c615c142596cc4aadf876fa1945bf9a7bf24ff/merged",
"UpperDir": "/var/lib/docker/overlay2/16ecf1a27620855cae51742881c615c142596cc4aadf876fa1945bf9a7bf24ff/diff",
"WorkDir": "/var/lib/docker/overlay2/16ecf1a27620855cae51742881c615c142596cc4aadf876fa1945bf9a7bf24ff/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "volume",
"Name": "be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4",
"Source": "/var/lib/docker/volumes/be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4/_data",
"Destination": "/var/lib/mysql",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
],
"Config": {
"Hostname": "5d7b25c0f2b4",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"3306/tcp": {},
"33060/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"MYSQL_ROOT_PASSWORD=123456",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"GOSU_VERSION=1.16",
"MYSQL_MAJOR=8.0",
"MYSQL_VERSION=8.0.32-1.el8",
"MYSQL_SHELL_VERSION=8.0.32-1.el8"
],
"Cmd": [
"mysqld"
],
"Image": "mysql",
"Volumes": {
"/var/lib/mysql": {}
},
"WorkingDir": "",
"Entrypoint": [
"docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "bc8699aa55f62914562df39ee5e402c68ff2a35765aefc38637445f48ff2f47a",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"3306/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "3306"
},
{
"HostIp": "::",
"HostPort": "3306"
}
],
"33060/tcp": null
},
"SandboxKey": "/var/run/docker/netns/bc8699aa55f6",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "0ef197ce5712afb2b1a4168bafde7ce1aba7e1fe3f36f55bc0216a2a333eecf0",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "074427b8ed2efda2b95526f7c28af69197246cb2fa20be006d9813c616df6d7f",
"EndpointID": "0ef197ce5712afb2b1a4168bafde7ce1aba7e1fe3f36f55bc0216a2a333eecf0",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
暂停容器
暂停一个或多个容器中的所有进程
用法:
docker pause CONTAINER [CONTAINER...]
Pause all processes within one or more containers
Aliases:
docker container pause, docker pause
实例:
# docker pause mysql
mysql
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee00dc927aeb mysql "docker-entrypoint.s…" 10 hours ago Up 10 hours (Paused) 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
取消暂停
取消一个或多个容器中所有进程的暂停
用法:
docker unpause CONTAINER [CONTAINER...]
Unpause all processes within one or more containers
Aliases:
docker container unpause, docker unpause
实例:
# docker unpause mysql
mysql
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee00dc927aeb mysql "docker-entrypoint.s…" 10 hours ago Up 10 hours 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
停止容器
停止一个或多个正在运行的容器
用法:
docker stop [OPTIONS] CONTAINER [CONTAINER...]
Stop one or more running containers
Aliases:
docker container stop, docker stop
Options:
-s, --signal string Signal to send to the container
-t, --time int 停止容器前等待的秒数
实例:
# docker stop mysql
mysql
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ee00dc927aeb mysql "docker-entrypoint.s…" 10 hours ago Exited (0) 2 seconds ago mysql
删除容器
删除一个或多个容器
用法:
docker rm [OPTIONS] CONTAINER [CONTAINER...]
Remove one or more containers
Aliases:
docker container rm, docker container remove, docker rm
Options:
-f, --force 强制删除正在运行的容器(使用SIGKILL)
-l, --link 移除容器间的网络连接,而非容器本身
-v, --volumes 删除与容器关联的卷
实例:
# docker rm mysql
mysql
# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
说明:
删除容器前需要先停止容器,否则会报错。
进入容器
在正在运行的容器中运行新命令
用法:
docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Execute a command in a running container
Aliases:
docker container exec, docker exec
Options:
-d, --detach 分离模式:在后台运行命令
--detach-keys string 覆盖容器后台运行的一些参数信息
-e, --env list 设置环境变量
--env-file list Read in a file of environment variables
-i, --interactive 保持STDIN打开,即使未连接
--privileged 授予命令扩展权限
-t, --tty 分配伪TTY
-u, --user string Username or UID (format: "<name|uid>[:<group|gid>]")
-w, --workdir string 指定容器内的目录
实例:
# docker exec -it mysql /bin/bash
bash-4.4# ls -l
total 56
lrwxrwxrwx 1 root root 7 Oct 9 2021 bin -> usr/bin
dr-xr-xr-x 2 root root 4096 Oct 9 2021 boot
drwxr-xr-x 5 root root 340 Feb 14 02:51 dev
drwxr-xr-x 2 root root 4096 Feb 8 20:00 docker-entrypoint-initdb.d
lrwxrwxrwx 1 root root 34 Feb 8 20:01 entrypoint.sh -> usr/local/bin/docker-entrypoint.sh
drwxr-xr-x 1 root root 4096 Feb 14 02:51 etc
drwxr-xr-x 2 root root 4096 Oct 9 2021 home
lrwxrwxrwx 1 root root 7 Oct 9 2021 lib -> usr/lib
lrwxrwxrwx 1 root root 9 Oct 9 2021 lib64 -> usr/lib64
drwxr-xr-x 2 root root 4096 Oct 9 2021 media
drwxr-xr-x 2 root root 4096 Oct 9 2021 mnt
drwxr-xr-x 2 root root 4096 Oct 9 2021 opt
dr-xr-xr-x 107 root root 0 Feb 14 02:51 proc
dr-xr-x--- 1 root root 4096 Feb 14 03:43 root
drwxr-xr-x 1 root root 4096 Feb 8 20:00 run
lrwxrwxrwx 1 root root 8 Oct 9 2021 sbin -> usr/sbin
drwxr-xr-x 2 root root 4096 Oct 9 2021 srv
dr-xr-xr-x 13 root root 0 Feb 14 03:43 sys
drwxrwxrwt 1 root root 4096 Feb 14 02:52 tmp
drwxr-xr-x 1 root root 4096 Feb 7 22:59 usr
drwxr-xr-x 1 root root 4096 Feb 7 22:59 var
bash-4.4# exit
exit
说明:
使用docker exec启动的命令仅在容器的主进程(PID 1)运行时运行,如果容器重新启动,则不会重新启动。
如果在Dockerfile中指定了工作目录,则会进入Dokcerfile指定的目录,如果命令中指定了工作目录-w则会进入该目录。
网络
网络列表
展示网络列表
用法:
docker network ls [OPTIONS]
List networks
Aliases:
docker network ls, docker network list
Options:
-f, --filter filter 提供过滤器值(例如“driver=bridge”)
--format string 使用自定义模板设置输出格式:
'table': 以带有列标题的表格格式打印输出(默认)
'table TEMPLATE': 使用给定的Go模板以表格格式打印输出
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
--no-trunc 不截断输出
-q, --quiet 仅显示网络ID
实例:
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
e116ac4ef902 none null local
网络详情
显示一个或多个网络的详细信息
用法:
docker network inspect [OPTIONS] NETWORK [NETWORK...]
Display detailed information on one or more networks
Options:
-f, --format string 使用自定义模板设置输出格式:
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
-v, --verbose 诊断的详细输出
实例:
# docker network inspect bridge
[
{
"Name": "bridge",
"Id": "074427b8ed2efda2b95526f7c28af69197246cb2fa20be006d9813c616df6d7f",
"Created": "2023-02-14T00:01:56.729658995+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"5d7b25c0f2b4370132e62c44375926763b05fe8b266221e224e514c0e7593ed9": {
"Name": "mysql",
"EndpointID": "0ef197ce5712afb2b1a4168bafde7ce1aba7e1fe3f36f55bc0216a2a333eecf0",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
创建网络
创建网络
用法:
docker network create [OPTIONS] NETWORK
Create a network
Options:
--attachable 启用手动容器安装
--aux-address map Auxiliary IPv4 or IPv6 addresses used by Network driver (default map[])
--config-from string The network from which to copy the configuration
--config-only Create a configuration only network
-d, --driver string 管理网络的驱动程序(默认“bridge”)
--gateway strings IPv4 or IPv6 Gateway for the master subnet
--ingress Create swarm routing-mesh network
--internal 限制对网络的外部访问
--ip-range strings Allocate container ip from a sub-range
--ipam-driver string IP Address Management Driver (default "default")
--ipam-opt map Set IPAM driver specific options (default map[])
--ipv6 Enable IPv6 networking
--label list Set metadata on a network
-o, --opt map Set driver specific options (default map[])
--scope string Control the network's scope
--subnet strings Subnet in CIDR format that represents a network segment
实例:
# docker network create mynetwork
670c5dc3a1a97426f5195eb2f318189d3ff0d658678a1cd716b0b4b77d425266
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
670c5dc3a1a9 mynetwork bridge local
e116ac4ef902 none null local
说明:
单机网络驱动:
- bridge: 桥接网络模式,默认网络驱动,此模式会为每一个容器分配、设置IP等,只有宿主机可以访问,外部主机不可见
- host: 容器将不会虚拟出自己的网卡,配置自己的IP 等,而是使用宿主机的IP和端
- none: 禁用网络设置
连接容器
将容器连接到网络
用法:
docker network connect [OPTIONS] NETWORK CONTAINER
Connect a container to a network
Options:
--alias strings 为容器添加网络范围的别名
--driver-opt strings 指定IP地址
--ip string 指定IPv6地址 (例如, "172.30.100.104")
--ip6 string 指定IPv6地址 (例如, "2001:db8::33")
--link list 向另一个容器添加链接
--link-local-ip strings 为容器添加链接本地地址
实例:
# docker network connect mynetwork mysql
# docker inspect mysql
[
"Networks": {
......
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "074427b8ed2efda2b95526f7c28af69197246cb2fa20be006d9813c616df6d7f",
"EndpointID": "0ef197ce5712afb2b1a4168bafde7ce1aba7e1fe3f36f55bc0216a2a333eecf0",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
},
"mynetwork": {
"IPAMConfig": {},
"Links": null,
"Aliases": [
"5d7b25c0f2b4"
],
"NetworkID": "29d58403c6fe5c22746078475ed8b57eacb5fad8dd4942b387871ccd8ed44d29",
"EndpointID": "3661b359a7bb2923d90c953cecf7d5ee8dfc736a208b400272eb71d831949714",
"Gateway": "172.19.0.1",
"IPAddress": "172.19.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:13:00:02",
"DriverOpts": {}
}
}
}
}
]
取消连接
断开容器与网络的连接
用法:
docker network disconnect [OPTIONS] NETWORK CONTAINER
Disconnect a container from a network
Options:
-f, --force 强制容器断开与网络的连接
实例:
# docker network disconnect mynetwork mysql
# docker inspect mysql
[
......
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "074427b8ed2efda2b95526f7c28af69197246cb2fa20be006d9813c616df6d7f",
"EndpointID": "0ef197ce5712afb2b1a4168bafde7ce1aba7e1fe3f36f55bc0216a2a333eecf0",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
删除网络
删除一个或多个容器网络
用法:
docker network rm NETWORK [NETWORK...]
Remove one or more networks
Aliases:
docker network rm, docker network remove
Options:
-f, --force 网络不存在,也不输出错误
实例:
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
670c5dc3a1a9 mynetwork bridge local
e116ac4ef902 none null local
# docker network rm mynetwork
mynetwork
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
e116ac4ef902 none null local
清空未使用
删除所有未使用的网络
用法:
docker network prune [OPTIONS]
Remove all unused networks
Options:
--filter filter 提供过滤器值 (例如 "until=<timestamp>")
-f, --force 不要提示确认
实例:
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
2ee82f9d2738 mynetwork bridge local
e116ac4ef902 none null local
# docker network prune -f
Deleted Networks:
mynetwork
# docker network ls
NETWORK ID NAME DRIVER SCOPE
074427b8ed2e bridge bridge local
f87eab9439c2 host host local
e116ac4ef902 none null local
数据卷
数据卷列表
数据卷列表
用法:
docker volume ls [OPTIONS]
List volumes
Aliases:
docker volume ls, docker volume list
Options:
-f, --filter filter 提供过滤器值 (例如 "dangling=true")
--format string 使用自定义模板设置输出格式:
'table': 以带有列标题的表格格式打印输出(默认)
'table TEMPLATE': 使用给定的Go模板以表格格式打印输出
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
-q, --quiet 仅显示卷名称
实例:
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
数据卷详情
数据卷详情
用法:
docker volume inspect [OPTIONS] VOLUME [VOLUME...]
Display detailed information on one or more volumes
Options:
-f, --format string 使用自定义模板设置输出格式:
'json': 以JSON格式打印
'TEMPLATE': 使用给定的Go模板打印输出。
有关使用模板格式化输出的详细信息可参考 https://docs.docker.com/go/formatting/
实例:
# docker volume inspect 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
[
{
"CreatedAt": "2023-02-13T21:18:50+08:00",
"Driver": "local",
"Labels": null,
"Mountpoint": "/var/lib/docker/volumes/2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81/_data",
"Name": "2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81",
"Options": null,
"Scope": "local"
}
]
创建数据卷
创建数据卷
用法:
docker volume create [OPTIONS] [VOLUME]
Create a volume
Options:
-d, --driver string 指定卷驱动程序名称 (默认 "local")
--label list 设置卷的元数据
-o, --opt map 设置驱动程序特定选项 (default map[])
实例:
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
# docker volume create myvolume
myvolume
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
local myvolume
删除数据卷
删除一个或多个卷。无法删除容器正在使用的卷。
用法:
docker volume rm [OPTIONS] VOLUME [VOLUME...]
Remove one or more volumes. You cannot remove a volume that is in use by a container.
Aliases:
docker volume rm, docker volume remove
Examples:
$ docker volume rm hello
hello
Options:
-f, --force 强制删除一个或多个卷
实例:
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
local myvolume
# docker volume rm myvolume
myvolume
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
清空未使用
删除所有未使用的本地卷
用法:
docker volume prune [OPTIONS]
Remove all unused local volumes
Options:
--filter filter 提供过滤器值 (例如 "label=<label>")
-f, --force 不提示确认
实例:
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
local myvolume
# docker volume prune -f
myvolume
# docker volume ls
DRIVER VOLUME NAME
local 2ccfcac08d9dc387b4e015db3f9b250c4c072f0b16aaadf54cf88d147887cc81
local 3a85ab8091f7aba73a00c3dc241e5093543922e739fcb8cf6fd049c8bd59c470
local 3e1feef136cedbc252fb512418a981e05a920aac76ebb70af844487e7c0953ab
local 4cdd96211eb97533571ba475dd0c7487777febe96467373cafd2ecb66bbba48a
local 8eb47e03a2f58c5c7cd473da3b64fad22afb29b608507b90a71da55bca49c615
local 9f425b5967b5216ae85b0d8536901849afa1cd3110921a364dbfca0afc4c8551
local 98a50f3fc509baf28bd08cf8946c980ea77a89f4e3dd6d3dba0fd8eca7cf9bc4
local a7b59c27547d2209ebe9e4ba1d1483371a2406c08fcc83f355a573d9765c5cf8
local a096a932bb0ab60dcef010de19708584431e09071970b7243d356b08e131b861
local be9615fcc00528f106b7620b44755d8a3329dfc5883d349340e01fcbcdedffb4
local e075c52275f92e4aa3a38ba02f31d63d33bcb203d80d4290b26e763857d46348
