Docker命令介绍
使用容器运行Nginx
使用docker run命令运行Nginx应用
# 本地没有镜像则会从远程镜像仓库下载,本地有的话会优先使用本地镜像
docker run -d nginx:latest
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
52d2b7f179e3: Pull complete
fd9f026c6310: Pull complete
055fa98b4363: Pull complete
96576293dd29: Pull complete
a7c4092be904: Pull complete
e3b6889c8954: Pull complete
da761d9a302b: Pull complete
...
# 停止容器,stop后面跟的是容器id前缀
docker stop 3592a93de2b3
# 再次运行nginx容器,这次没有下载镜像的过程
docker run -d nginx:latest
4e605cf86e1a731fdbb795e9111430aa48f0c533514a97df6019b585f096fa72
命令解释 docker run 启动一个容器,-d 把容器镜像中需要执行的命令以daemon(守护进程)的方式运行,nginx 应用容器镜像的名称,通常表示该镜像为某一个软件,latest 表示上述容器镜像的版本,表示最新版本,用户可自定义其标识,例如v1或v2等
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e605cf86e1a nginx:latest "/docker-entrypoint.…" 3 minutes ago Up 3 minutes 80/tcp trusting_shamir
命令解释 docker ps 类似于Linux系统的ps命令,查看正在运行的容器,如果想查看没有运行的容器,需要在此命令后使用--all或-a
访问容器中运行的Nginx服务
# 查看容器结构信息
docker inspect 4e605cf86e1a
...
"NetworkSettings": {
"Bridge": "",
"SandboxID": "3b76eae5d93295c89f7ce59525f98fca82c344c522f0b59bb324a1e631b78186",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/3b76eae5d932",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "343b1a0b5dba2f54944fc000b295bac239a2176d455e9d4009b3bc0d44786ab6",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "c5ff124c82361ac7f2806fdc02efdcce2a8574a9f05174a6a7340bac600671f4",
"EndpointID": "343b1a0b5dba2f54944fc000b295bac239a2176d455e9d4009b3bc0d44786ab6",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
...
# 确认容器IP地址,实际工作中不需要此步操作
# 上面信息中的 IPAddress 表示的是容器的ip地址
容器网络说明
ip a s
...
70: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:18:5f:b4:92 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:18ff:fe5f:b492/64 scope link
valid_lft forever preferred_lft forever
74: vethed56b40@if73: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 4a:bc:0d:98:dd:18 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::48bc:dff:fe98:dd18/64 scope link
valid_lft forever preferred_lft forever
# docker0网桥,用于为容器提供桥接,转发到主机之外的网络
# vethed56b40与容器中的虚拟网络设备在同一个命名空间中,用于把容器中的网络连接到主机
# 返回结果,表示访问成功!
curl http://172.17.0.2
Docker命令
Docker命令获取帮助
docker --help
# 用法
Usage: docker [OPTIONS] COMMAND
# 功能介绍
A self-sufficient runtime for containers
Common Commands:
run Create and run a new container from an image
exec Execute a command in a running container
ps List containers
build Build an image from a Dockerfile
pull Download an image from a registry
push Upload an image to a registry
images List images
login Log in to a registry
logout Log out from a registry
search Search Docker Hub for images
version Show the Docker version information
info Display system-wide information
# 管理类命令
Management Commands:
builder Manage builds
buildx* Docker Buildx (Docker Inc., v0.11.2)
compose* Docker Compose (Docker Inc., v2.21.0)
container Manage containers
context Manage contexts
image Manage images
manifest Manage Docker image manifests and manifest lists
network Manage networks
plugin Manage plugins
system Manage Docker
trust Manage trust on Docker images
volume Manage volumes
Swarm Commands:
swarm Manage Swarm
# 未分组命令
Commands:
attach Attach local standard input, output, and error streams to a running container
commit Create a new image from a container's changes
cp Copy files/folders between a container and the local filesystem
create Create a new container
diff Inspect changes to files or directories on a container's filesystem
events Get real time events from the server
export Export a container's filesystem as a tar archive
history Show the history of an image
import Import the contents from a tarball to create a filesystem image
inspect Return low-level information on Docker objects
kill Kill one or more running containers
load Load an image from a tar archive or STDIN
logs Fetch the logs of a container
pause Pause all processes within one or more containers
port List port mappings or a specific mapping for the container
rename Rename a container
restart Restart one or more containers
rm Remove one or more containers
rmi Remove one or more images
save Save one or more images to a tar archive (streamed to STDOUT by default)
start Start one or more stopped containers
stats Display a live stream of container(s) resource usage statistics
stop Stop one or more running containers
tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top Display the running processes of a container
unpause Unpause all processes within one or more containers
update Update configuration of one or more containers
wait Block until one or more containers stop, then print their exit codes
# 选项
Global Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST
env var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket to connect to
-l, --log-level string Set the logging level ("debug", "info", "warn", "error", "fatal") (default
"info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Run 'docker COMMAND --help' for more information on a command.
For more help on how to use Docker, head to https://docs.docker.com/go/guides/
Docker官网提供的命令说明
网址链接:docs.docker.com/reference/
在左侧"Command-line reference"这个菜单中
常见命令介绍
docker run
docker run -i -t --name c1 centos:latest bash
docker run 运行一个命令在容器中,命令是主体,没有命令容器就会消亡,-i 交互式,-t 提供终端,--name c1 把将运行的容器命名为c1,centos:latest 使用centos最新版本容器镜像,bash 在容器中执行的命令
# 执行命令之后会进入容器,并显示主机名
docker run -i -t --name c1 centos:latest bash
[root@a26bbf647fce /]#
# 下面的命令在容器中执行
# 查看网络
ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
75: eth0@if76: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
# 查看进程
ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 12036 2180 pts/0 Ss 05:54 0:00 bash
root 23 0.0 0.0 44652 1764 pts/0 R+ 05:58 0:00 ps aux
# 查看用户
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
systemd-coredump:x:999:997:systemd Core Dumper:/:/sbin/nologin
systemd-resolve:x:193:193:systemd Resolver:/:/sbin/nologin
# 查看目录
pwd
/
ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
# 退出容器,这里容器中没有运行任何程序,退出容器之后,容器也会自动停止运行
exit
docker ps
查看正在运行的容器
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e605cf86e1a nginx:latest "/docker-entrypoint.…" 3 hours ago Up 3 hours 80/tcp trusting_shamir
# 可以查看正在运行的和停止运行的容器
docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a26bbf647fce centos:latest "bash" 10 minutes ago Exited (130) 2 minutes ago c1
4e605cf86e1a nginx:latest "/docker-entrypoint.…" 3 hours ago Up 3 hours 80/tcp trusting_shamir
3592a93de2b3 nginx:latest "/docker-entrypoint.…" 3 hours ago Exited (0) 3 hours ago nostalgic_kilby
docker inspect
查看容器详细信息
docker run -it --name c2 centos:latest bash
# 在上述提示符处按住ctrl键,再按p键与q键,可以退出交互式的容器,容器会处于运行状态
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0b49a7f4450 centos:latest "bash" 37 seconds ago Up 37 seconds c2
...
# 查看容器处于运行状态
docker inspect c2
...
"NetworkSettings": {
"Bridge": "",
"SandboxID": "062033bd9ca3f53b8e2189449affa9195b79159df2fadc69ff2e32e9b87bc13e",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/062033bd9ca3",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "b2daa9de43bb8ae5904ef4b72e1e840c9d9c621b6f54c3e4179c82707f22be0c",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:03",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "c5ff124c82361ac7f2806fdc02efdcce2a8574a9f05174a6a7340bac600671f4",
"EndpointID": "b2daa9de43bb8ae5904ef4b72e1e840c9d9c621b6f54c3e4179c82707f22be0c",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
}
}
...
docker exec
docker exec -it c2 ls /root
anaconda-ks.cfg anaconda-post.log original-ks.cfg
# 下面命令与上面命令执行效果一致
docker exec c2 ls /root
anaconda-ks.cfg
anaconda-post.log
original-ks.cfg
docker exec 在容器外实现与容器交互执行某命令,-it 交互式,c2 正在运行的容器名称,ls /root 在正在运行的容器中运行相关的命令
docker attach
# 进入容器c2
docker attach c2
[root@d0b49a7f4450 /]#
docker attach 类似于ssh命令,可以进入到容器中,c2 正在运行的容器名称
退出容器时,如不需要容器再运行,可直接使用exit退出,如果容器中有命令在运行,也不会导致容器停止;如需要容器继续运行,可使用ctrl+p+q。
docker stop
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0b49a7f4450 centos:latest "bash" 18 minutes ago Up 18 minutes c2
# 停止容器
docker stop d0b49a7f4450
docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0b49a7f4450 centos:latest "bash" 20 minutes ago Exited (130) 46 seconds ago c2
docker start
docker start d0b49a7f4450
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0b49a7f4450 centos:latest "bash" 22 minutes ago Up 3 seconds c2
docker top
在Docker Host查看容器中运行的进程信息
docker top c2
UID PID PPID C STIME TTY TIME CMD
root 147031 147010 0 14:30 pts/0 00:00:00 bash
输出说明 UID 容器中运行的命令用户ID,PID 容器中运行的命令PID,PPID 容器中运行的命令父PID,由于PPID是一个容器,此可指为容器在Docker Host中进程ID,C 占用CPU百分比,STIME 启动时间,TTY 运行所在的终端,TIME 运行时间,CMD 执行的命令
命令解释 docker top 查看container内进程信息,指在docker host上查看,与docker exec -it c2 ps -ef不同。
docker rm
如果容器已停止,使用此命令可以直接删除;如果容器处于运行状态,则需要提前关闭容器后,再删除容器。下面演示容器正在运行关闭后删除的方法。
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0b49a7f4450 centos:latest "bash" 32 minutes ago Up 10 minutes c2
# 下面两个命令都可以用来停止容器
docker stop c2
docker stop d0b49a7f4450
# 下面两个命令都可以用来删除容器
docker rm c2
docker rm d0b49a7f4450
批量删除容器
docker ps --all
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a26bbf647fce centos:latest "bash" 50 minutes ago Exited (130) 42 minutes ago c1
4e605cf86e1a nginx:latest "/docker-entrypoint.…" 3 hours ago Exited (0) 3 seconds ago trusting_shamir
3592a93de2b3 nginx:latest "/docker-entrypoint.…" 3 hours ago Exited (0) 3 hours ago nostalgic_kilby
# 下面两个命令都可以用来删除所有的容器
docker ps --all | awk '{if (NR>=2){print $1}}' | xargs docker rm
docker rm $(docker ps -a -q)
