docker的基本命令操作
一 帮助命令
1.docker version 查看docker的版本信息 2.docker info #显示更详细的信息 3.docker 命令 –help #万能命令 二 帮助文档的地址,我们可以通过查看帮助文档 https://docs.docker.com/engine/reference/commandline/docker/英文版 https://hub.docker.com
二 镜像的命令:
docker images 查看所有本地的主机上的镜像 REPOSITORY 镜像的仓库源 TAG 镜像的标签 IMAGE ID 镜像id SIZE 镜像的大小 docker images -a 显示镜像的全部信息 docker images -q 只显示镜像的id
三 镜像的搜索
docker search docker search mysql 可选项通过搜索来过滤 –filter=STARS(收藏的数量)=3000 那么它搜索出来的镜像就大于3000
命令docker search mysql –filter=STARS=3000
docker pull 【tag】下载
docker pull –help
Options: -a, –all-tags Download all tagged images in the repository –disable-content-trust Skip image verification (default true) –platform string Set platform if server is multi-platform capable -q, –quiet Suppress verbose output
默认下载最新版本
root@kali:~# docker pull mysql Using default tag: latest #如果不写tag 默认就latest
a076a628af6f: Pull complete #分层下载 docker image 的核心 联合文件系统 f6c208f3f991: Pull complete 88a9455a9165: Pull complete 406c9b8427c6: Pull complete 7c88599c0b25: Pull complete 25b5c6debdaf: Pull complete 43a5816f1617: Pull complete 1a8c919e89bf: Pull complete 9f3cf4bd1a07: Downloading [================> ] 36.74MB/113.1MB 80539cea118d: Download complete 201b3cad54ce: Download complete 944ba37e1c06: Download complete
Digest: sha256:feada149cb8ff54eade1336da7c1d080c4a1c7ed82b5e320efb5beebed85ae8c #签名 Status: Downloaded newer image for mysql:latest docker.io/library/mysql:latest #下载地址
#等价于
docker pull mysql ==> docker pull docker.io/library/mysql:latest
指定版本下载
docker pull mysql:5.7 #指定版本必须是存在的
root@kali:~# docker pull mysql:5.7 5.7: Pulling from library/mysql a076a628af6f: Already exists (联合文件系统,上面我们已经下载了,所以我们就没有必要再次下载) f6c208f3f991: Already exists 88a9455a9165: Already exists 406c9b8427c6: Already exists 7c88599c0b25: Already exists 25b5c6debdaf: Already exists 43a5816f1617: Already exists 1831ac1245f4: Pull complete 37677b8c1f79: Pull complete 27e4ac3b0f6e: Pull complete 7227baa8c445: Pull complete Digest: sha256:b3d1eff023f698cd433695c9506171f0d08a8f92a0c8063c1a4d9db9a55808df Status: Downloaded newer image for mysql:5.7 docker.io/library/mysql:5.7
docker rmi 删除镜像
rm在linux系统中删除的意思
i –> images
1.docker rmi -f (image id)或者(repository)
2.docker rmi -f $(docker images -aq) 递归删除
3.docker rmi -f 容器id 容器id 容器id #指的是删除多个容器
容器命令
先要具备容器命令先下在相应的镜像
docker pull centos下载
新建容器完毕后
运行:
docker run [可选参数] image
#参数说明
–name=”name” 容器的名字,我们自己取的名字
-d 后台方式运行
-it 使用交互方式运行
-p 指定容器的端口 -p 8080
-p 主机端口:容器端口 (常用端口)
-p 容器端口
-P 随机指定端口
测试:
root@kali:~# docker run -it centos /bin/bash # [root@fd5cbd165ead /]# ls bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr #启动并进入容器
exit #此时可以退出
docker ps 查看当正在运行的容器
docker ps -a 查看曾经运行过的容器随带显示历史运行的容器
docker ps -n=? 显示容器运行的个数
-q #只显示容器的编号
docker ps -aq
退出容器
exit #直接退出容器并停止
ctrl+p+q 退出容器但不停止
删除容器
docker rm 容器id #删除指定的容器【不能删除正在运行的容器】
docker rm -f $(docker ps -aq) #删除所有的容器
启动和停止容器的操作
docker start 容器id #启动容器
decker restart 容器id #重新启动容器
docker stop 容器id #停止正在运行的容器
docker skill 容器id #强制停止当前容器
常见的其他命令
后台启动
#命令
docker run -d centos[镜像名]
root@kali:~# docker run -d centos
835dc4140d0f4c115b53206b788450183a4555c9a2ea48dd2c2bb6635485854e
#docker ps 发现的centos 停止了
#常见的坑:docker 容器使用后台运行,就必须有一个前台进程 docker 发现没有应用就会自动停止
#nginx, 容器启动后,发现自己没有提供服务就会立刻停止
查看日志
docker logs
Options:
--details Show extra details provided to logs
-f, --follow Follow log output
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
-n, --tail string Number of lines to show from the end of the logs (default "all")
-t, --timestamps Show timestamps
--until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37Z) or relative (e.g. 42m for 42 minutes)
docker logs -f -t –tail 容器的id
#此情况就说明我们的容器并没有运行
docker logs -f -t --tail f6d433e633c9
"docker logs" requires exactly 1 argument.
See 'docker logs --help'.
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
#docker run -i centos /bin/bash
显示日志
docker logs -tf --tail 10 容器名
--tail number #要显示的条数
#查看容器中的进程信息
docker top 容器id
root@kali:~# docker top 17f9e568c07f
UID PID PPID C STIME TTY TIME CMD
root 4550 4529 0 02:28 pts/0 00:00:00 /bin/bash
查看镜像的元数据
docker inspect id
我们会发现我们其后看见的id只是它的缩写
#测试
{
"Id": "17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126",
"Created": "2021-01-22T07:28:02.308266389Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 4550,
"ExitCode": 0,
"Error": "",
"StartedAt": "2021-01-22T07:28:03.064648229Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:300e315adb2f96afe5f0b2780b87f28ae95231fe3bdd1e16b9ba606307728f55",
"ResolvConfPath": "/var/lib/docker/containers/17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126/hostname",
"HostsPath": "/var/lib/docker/containers/17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126/hosts",
"LogPath": "/var/lib/docker/containers/17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126/17f9e568c07f63db979af9c0bf19863fc99adfee59cad161fd23b61dab363126-json.log",
"Name": "/zealous_noyce",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/4338cf9173f2fa8e70eec3c567802684af5345f9facfa0a7562a9d725448f711-init/diff:/var/lib/docker/overlay2/0fe88ea5ac6ba759c187dbb1f989a5873f135250237138780edd4af372fc653d/diff",
"MergedDir": "/var/lib/docker/overlay2/4338cf9173f2fa8e70eec3c567802684af5345f9facfa0a7562a9d725448f711/merged",
"UpperDir": "/var/lib/docker/overlay2/4338cf9173f2fa8e70eec3c567802684af5345f9facfa0a7562a9d725448f711/diff",
"WorkDir": "/var/lib/docker/overlay2/4338cf9173f2fa8e70eec3c567802684af5345f9facfa0a7562a9d725448f711/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "17f9e568c07f",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "centos",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.label-schema.build-date": "20201204",
"org.label-schema.license": "GPLv2",
"org.label-schema.name": "CentOS Base Image",
"org.label-schema.schema-version": "1.0",
"org.label-schema.vendor": "CentOS"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "1b8d815a11225074fe7be110558842784e9f72254eaf0d768dc2978e4970b855",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/1b8d815a1122",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "85515ccae324b8aab837c56b0309655c14890460efdec364b04c60fce9b2b4f6",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "9cb676c2e1ffc4de52e71981dd290cbe6b8068134dfc85c6abb506a032122ace",
"EndpointID": "85515ccae324b8aab837c56b0309655c14890460efdec364b04c60fce9b2b4f6",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
进入当前正在运行的容器
#我们通常容器都是使用后台方式运行的,需要进入容器,修改-配置
#命令
docker exec -it 容器的id /bin/bash
进入容器
#命令docker exec -it 17f9e568c07f /bin/bash
root@kali:~# docker exec -it 17f9e568c07f /bin/bash
[root@17f9e568c07f /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
方式er
#docker attach 容器id
显示正在执行的代码
#docker attach 进入容器正在执行的终端,不会启动新的终端
#docker exec it 进入容器后打开一个新的终端,可以在容器内操作
从容器内拷贝文件到主机上
docker cp 容器id:容器内路径 目的的主机路径
#命令 docker cp 17f9e568c07f:/home/test.java /home
root@kali:~# docker cp 17f9e568c07f:/home/test.java /home
root@kali:~# cd /home
root@kali:/home# ls
test.java
root@kali:/home#
练习一
装搭一个nginx环境
#1.搜索镜像(去docker 上搜索会更好)
docker search nginx
#2.下载镜像
docker pull nginx
#3.查看是否有nginx镜像,我们可以去看看是否存在
docker images
#4.运行
#-d 后台运行
#--name 给容器命名
#-p 容器主机端口:容器内部端口
docker run -d --name nginx01 -p 3344:80 nginx
#5.查看本机访问本机
curl localhost:3344
#进入运行的Nginx
docker exec -it nginx01 /bin/bash
在192.168.126.129:3344
可以访问nginx
练习二tomcat
tomcat
#官方使用
docker run -it --rm tomcat:9.0
#我们之前之前的启动都是后台,停止了容器之后,容器还是可以查到 docker run -it -rm 一般指的是用完就立刻删除
新手使用
#docker pull tomcat:9.0
启动
root@kali:~# docker run -d -p 3355:8080 --name tomcat01 tomcat
b00848a04e0d31d10e728ed8ec32d2ca8e3cc7c147768080cf30c16634be9dd0
#docker exec -it tomcat01 /bin/bash 进入容器
发现问题:
1.linux命令少了,2.没有webapps,阿里云镜像的原因,默认是最小的镜像,
#保证最小可运行的环境
当我们发现我们的网站目录下webapps下没有信息而信息都在webapps.dist
使用该命令cp -r webapps.dist/* webapps
练习三 部署es+kibana
#es 暴露的端口很多,十分耗内存
es的数据一定要放置在安全目录
#启动elasticsearch
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
--net somenetwork(docker的网络配置)
#使用命令 docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
root@kali:~# docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" elasticsearch:7.6.2
Unable to find image 'elasticsearch:7.6.2' locally
7.6.2: Pulling from library/elasticsearch
ab5ef0e58194: Pull complete
c4d1ca5c8a25: Pull complete
941a3cc8e7b8: Pull complete
43ec483d9618: Pull complete
c486fd200684: Pull complete
1b960df074b2: Pull complete
1719d48d6823: Pull complete
Digest: sha256:1b09dbd93085a1e7bca34830e77d2981521a7210e11f11eda997add1c12711fa
Status: Downloaded newer image for elasticsearch:7.6.2
9668a2d3cad47301d80ed16116a697fdbf0618ed988017a912821f4df4e840dc
root@kali:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9668a2d3cad4 elasticsearch:7.6.2 "/usr/local/bin/dock…" 44 seconds ago Up 39 seconds 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp elasticsearch
##启动完之后会发现非常卡,使用docker stats查看cpu状态
#es是非常消耗内存
#测试一下es是否成功了 curl 127.0.0.1:9200
#赶紧关闭,增加内存的限制
#赶紧关闭后,增加内存的限制,修改配置文件 -e 环境配置修改
docker run -d --name elasticsearch -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA-COTS="-xms64m --xmx512m" elasticsearch:7.6.2
因为我们刚刚的这个名字用过所以我们必须得改一个名字
docker run -d --name elasticsearch03 -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" -e ES_JAVA_OPTS="-Xms256m -Xms256m" elasticsearch:7.6.2
#docker stats
root@kali:~# curl localhost:9200
{
"name" : "b6e9a3e4fc3b",
"cluster_name" : "docker-cluster",
"cluster_uuid" : "HH-glWQ3QjqgoKTfp4nfow",
"version" : {
"number" : "7.6.2",
"build_flavor" : "default",
"build_type" : "docker",
"build_hash" : "ef48eb35cf30adf4db14086e8aabd07ef6fb113f",
"build_date" : "2020-03-26T06:34:37.794943Z",
"build_snapshot" : false,
"lucene_version" : "8.4.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
使用kibana连接我们的elasticsearch
可视化管理portainer
*portainer()
什么是portainer
docker 的图形化界面管理工具,提供一个后台面板
#下载安装
docker run -d -p 8088:9000 \
--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer
访问测试:外网地址为 127.0.0.1:8088
加载出来之后就得到了一个登录界面
设置完密码之后
镜像原理之联合文件系统
#如何得到镜像
1.从远程仓库中下载
2.朋友拷贝
3.自己制作一个镜像
如何做一个自己的镜像
commit镜像
docker commit 提交一个容器成为一个新的副本
#命令和git原理类似
docker commit -m="提交的描述信息" -a="作者" 容器id 目标镜像名: [TAG]
实战测试
#启动一个默认的tomcat
#发现这个默认的tomcat 是没有webapps应用,官方的镜像默认webapps下面没有文件所以我们必须将webapps.dist下的文件拷贝回来
#将我们操作的通过commit提交为一个镜像,那么以后我们可以直接使用我们修改过的镜像
docker commit -m=”tomcat011″ -a=”ccc” f8885a27a93a tomcat02:1.0
此时会看见我们从新调整的镜像在里面,那么我们之后就可以直接启动tomcat02的环境,我们也就不需要去调整
来源:freebuf.com 2021-03-05 18:55:56 by: hack信仰
请登录后发表评论
注册