镜像加速器

国内从 Docker Hub 拉取镜像有时会遇到困难,此时可以配置镜像加速器。国内很多云服务商都提供了国内加速器服务,例如

国内各大云服务商均提供了 Docker 镜像加速服务,建议根据运行 Docker 的云平台选择对应的镜像加速服务,具体请参考官方文档。

在CentOS7系统,请在 /etc/docker/daemon.json 中写入如下内容(如果文件不存在请新建该文件)

[root@docker01 ~]# vim /etc/docker/daemon.json{  "registry-mirrors": [    "https://hub-mirror.c.163.com"  ]}

注意,一定要保证该文件符合 json 规范,否则 Docker 将不能启动。

之后重新启动服务。

systemctl daemon-reloadsystemctl restart docker

检查加速器是否生效

执行如下命令,如果从结果中看到了如下内容,说明配置成功。

[root@docker01 ~]# docker info  # 显示整个系统的信息………………Registry Mirrors: https://hub-mirror.c.163.com/Live Restore Enabled: falseWARNING: bridge-nf-call-iptables is disabledWARNING: bridge-nf-call-ip6tables is disabled

Docker镜像操作

说明:Docker 运行容器前需要本地存在对应的镜像,如果本地不存在该镜像,Docker 会从镜像仓库下载该镜像。

search搜索镜像

[root@docker01 ~]# docker search centosNAME                     DESCRIPTION                                     STARS  OFFICIAL   AUTOMATEDcentos                   The official build of CentOS.                   5934   [OK]       ansible/centos7-ansible  Ansible on Centos7                              128               [OK]jdeathe/centos-ssh       OpenSSH / Supervisor / EPEL/IUS/SCL Repos - …  114               [OK]consol/centos-xfce-vnc   Centos container with "headless" VNC session…  114               [OK]centos/mysql-57-centos7  MySQL 5.7 SQL database server                   74                …………

docker容器的镜像保存 docker把容器保存为镜像_3c

pull从镜像中心下载镜像

# 格式:docker pull : ,如果没有tag,默认为 latest[root@docker01 ~]# docker pull centos:latestlatest: Pulling from library/centos8a29a15cefae: Pull complete Digest: sha256:fe8d824220415eed5477b63addf40fb06c3b049404242b31982106ac204f6700Status: Downloaded newer image for centos:latest

push推送镜像到镜像中心

格式:docker push :[root@docker01 ~]# docker push registry.cn-beijing.aliyuncs.com/google_registry/centos:latest

说明:如果有疑问可先忽略,后面搭建私有仓库文章会再次说明的。

images列出镜像

[root@docker01 ~]# docker images  # 或者 docker image lsREPOSITORY          TAG                 IMAGE ID            CREATED             SIZEcentos              latest              470671670cac        2 months ago        237MB

save镜像保存到本地

# 格式:docker save -o   |[root@docker01 docker_test]# docker save -o centos_docker_20200413.tar centos:latest [root@docker01 docker_test]# ll -htotal 234M-rw------- 1 root root 234M Apr 13 16:21 centos_docker_20200413.tar

rmi删除镜像

# 格式:docker rmi |[root@docker01 docker_test]# docker imagesREPOSITORY          TAG                 IMAGE ID            CREATED             SIZEcentos              latest              470671670cac        2 months ago        237MB[root@docker01 docker_test]# docker rmi 470671670cac  # 删除镜像 [root@docker01 docker_test]# docker imagesREPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

load导入镜像

# 格式:docker load -i [root@docker01 docker_test]# docker load -i centos_docker_20200413.tar[root@docker01 docker_test]# docker images REPOSITORY          TAG                 IMAGE ID            CREATED             SIZEcentos              latest              470671670cac        2 months ago        237MB

tag标签

# 格式:docker tag SOURCE_IMAGE[:TAG] TARGET_IMAGE[:TAG][root@docker01 docker_test]# docker images REPOSITORY          TAG                 IMAGE ID            CREATED             SIZEcentos              latest              470671670cac        2 months ago        237MB [root@docker01 docker_test]# docker tag centos:latest centos:20200413[root@docker01 docker_test]# docker images REPOSITORY          TAG                 IMAGE ID            CREATED             SIZEcentos              20200413            470671670cac        2 months ago        237MBcentos              latest              470671670cac        2 months ago        237MB

使用:根据需要给docker镜像打一个新标签。

info显示整个系统的信息

[root@docker01 ~]# docker info Containers: 0 Running: 0 Paused: 0 Stopped: 0Images: 1Server Version: 18.06.3-ceStorage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: trueLogging Driver: json-fileCgroup Driver: cgroupfsPlugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslogSwarm: inactiveRuntimes: runcDefault Runtime: runcInit Binary: docker-initcontainerd version: 468a545b9edcd5932818eb9de8e72413e616e86erunc version: a592beb5bc4c4092b1b1bac971afed27687340c5init version: fec3683Security Options: seccomp  Profile: defaultKernel Version: 3.10.0-1062.el7.x86_64Operating System: CentOS Linux 7 (Core)OSType: linuxArchitecture: x86_64CPUs: 2Total Memory: 1.777GiBName: docker01ID: XIHU:XNWU:II7A:YXUH:BOZ3:JSGG:J3P2:CU2Z:5QHA:5Y64:PZ4V:62DIDocker Root Dir: /var/lib/dockerDebug Mode (client): falseDebug Mode (server): falseRegistry: https://index.docker.io/v1/Labels:Experimental: falseInsecure Registries: 127.0.0.0/8Registry Mirrors: https://hub-mirror.c.163.com/Live Restore Enabled: falseWARNING: bridge-nf-call-iptables is disabledWARNING: bridge-nf-call-ip6tables is disabled

system镜像体积查看

另外一个需要注意的问题是,docker image ls 列表中的镜像体积总和并非是所有镜像实际硬盘消耗。由于 Docker 镜像是多层存储结构,并且可以继承、复用,因此不同镜像可能会因为使用相同的基础镜像,从而拥有共同的层。由于 Docker 使用 Union FS,相同的层只需要保存一份即可,因此实际镜像硬盘占用空间很可能要比这个列表镜像大小的总和要小的多。

可以通过以下命令来便捷的查看镜像、容器、数据卷所占用的空间。

[root@docker01 docker_test]# docker system dfTYPE                TOTAL               ACTIVE              SIZE                RECLAIMABLEImages              2                   0                   440.1MB             440.1MB (100%)Containers          0                   0                   0B                  0BLocal Volumes       0                   0                   0B                  0BBuild Cache         0                   0                   0B                  0B

inspect显示镜像或容器的详情

# 格式:docker inspect |||[root@docker01 ~]# docker inspect centos:latest  # 显示镜像详情[root@docker01 ~]# docker inspect 67ba647b0151   # 显示容器详情

Docker容器操作

run创建容器

# 格式:docker run [OPTIONS] IMAGE [COMMAND] [ARG...][root@docker01 ~]# docker run -i -t --name centos01 centos:latest /bin/bash[root@f7c4da3cecad /]#       # 此时已进入docker容器[root@f7c4da3cecad /]# exit  # 退出容器,此时容器会停止【正常情况】[root@docker01 ~]#

参数说明:

-i  交互式操作-t  分配一个终端--name  运行的容器名称最后的/bin/bash  要执行的命令

ps查看容器

[root@docker01 ~]# docker ps  # 查看正在运行的容器CONTAINER ID   IMAGE           COMMAND        CREATED        STATUS                    PORTS    NAMES[root@docker01 ~]# [root@docker01 ~]# docker ps -a  # 查看所有容器,包括运行和停止的CONTAINER ID   IMAGE           COMMAND        CREATED        STATUS                    PORTS    NAMESf7c4da3cecad   centos:latest   "/bin/bash"    4 minutes ago  Exited (0) 36 seconds ago          centos01

start启动容器

# 格式:docker start |[root@docker01 ~]# docker ps -aCONTAINER ID        IMAGE               COMMAND      CREATED         STATUS                     PORTS   NAMESf7c4da3cecad        centos:latest       "/bin/bash"  10 minutes ago  Exited (0) 3 seconds ago           centos01[root@docker01 ~]# docker start f7c4da3cecad  # 启动容器f7c4da3cecad[root@docker01 ~]# docker ps CONTAINER ID        IMAGE               COMMAND      CREATED         STATUS        PORTS   NAMESf7c4da3cecad        centos:latest       "/bin/bash"  10 minutes ago  Up 3 seconds          centos01

restart重启容器

# 格式:docker restart |[root@docker01 ~]# docker ps CONTAINER ID        IMAGE               COMMAND       CREATED          STATUS         PORTS    NAMESf7c4da3cecad        centos:latest       "/bin/bash"   15 minutes ago   Up 4 minutes            centos01[root@docker01 ~]# docker restart f7c4da3cecad  # 重启容器f7c4da3cecad[root@docker01 ~]# docker ps CONTAINER ID        IMAGE               COMMAND       CREATED          STATUS         PORTS    NAMESf7c4da3cecad        centos:latest       "/bin/bash"   15 minutes ago   Up 1 second             centos01

stop停止容器

# 格式:docker stop |[root@docker01 ~]# docker ps CONTAINER ID        IMAGE           COMMAND       CREATED       STATUS         PORTS     NAMESf7c4da3cecad        centos:latest   "/bin/bash"   3 hours ago   Up 4 minutes             centos01[root@docker01 ~]# docker stop f7c4da3cecad  # 停止容器f7c4da3cecad[root@docker01 ~]# docker ps -aCONTAINER ID        IMAGE             COMMAND       CREATED       STATUS                      PORTS    NAMESf7c4da3cecad        centos:latest   "/bin/bash"   3 hours ago   Exited (0) 10 seconds ago            centos01

rm删除容器

# 格式:docker rm |[root@docker01 ~]# docker ps -aCONTAINER ID        IMAGE             COMMAND       CREATED       STATUS                      PORTS    NAMESf7c4da3cecad        centos:latest   "/bin/bash"   3 hours ago   Exited (0) 10 seconds ago            centos01[root@docker01 ~]# docker rm f7c4da3cecad   # 删除已停止的容器f7c4da3cecad

说明:如果要强制删除正在运行的容器,使用 docker rm -f 。不过生产环境不建议强制删除容器,防止误删除。

rename容器重命名

# 格式:docker rename CONTAINER NEW_NAME[root@docker01 ~]# docker ps CONTAINER ID        IMAGE          COMMAND       CREATED              STATUS              PORTS    NAMES67ba647b0151        centos:latest  "/bin/bash"   About a minute ago   Up About a minute            centos01[root@docker01 ~]# docker rename 67ba647b0151 centos001   # 容器重命名[root@docker01 ~]# docker ps CONTAINER ID        IMAGE          COMMAND       CREATED             STATUS              PORTS    NAMES67ba647b0151        centos:latest  "/bin/bash"   2 minutes ago       Up About a minute            centos001

exec进入容器或在运行容器中执行命令

进入容器

[root@docker01 ~]# docker exec -it f7c4da3cecad bash[root@f7c4da3cecad /]#

说明:不建议通过 docker attach 方式进入容器。

在容器外让指定容器执行命令

# 不要有 -t 选项,因为不需要分配 tty 终端[root@docker01 ~]# docker exec -i f7c4da3cecad bash -c "ps -ef"UID         PID   PPID  C STIME TTY          TIME CMDroot          1      0  0 10:12 pts/0    00:00:00 /bin/bashroot         78      0  0 10:19 ?        00:00:00 ps -ef

cp复制文件或目录

将宿主机文件或目录,拷贝到docker容器中

[root@docker01 ~]# docker exec -i 67ba647b0151 bash -c "ls -l /root"total 12-rw------- 1 root root 2366 Jan 13 21:49 anaconda-ks.cfg-rw-r--r-- 1 root root  435 Jan 13 21:49 anaconda-post.log-rw------- 1 root root 2026 Jan 13 21:49 original-ks.cfg[root@docker01 ~]# [root@docker01 ~]# docker cp /usr/bin/telnet 67ba647b0151:/root/     # 拷贝文件[root@docker01 ~]# docker cp /root/basedOptimi 67ba647b0151:/root/   # 拷贝目录[root@docker01 ~]# docker exec -i 67ba647b0151 bash -c "ls -l /root"total 112-rw------- 1 root root   2366 Jan 13 21:49 anaconda-ks.cfg-rw-r--r-- 1 root root    435 Jan 13 21:49 anaconda-post.logdrwxr-xr-x 2 root root     30 Mar  8 19:59 basedOptimi-rw------- 1 root root   2026 Jan 13 21:49 original-ks.cfg-rwxr-xr-x 1 root root 101776 Aug  3  2017 telnet

将docker容器中的文件或目录,拷贝到宿主机中

[root@docker01 ~]# docker cp 67ba647b0151:/root/original-ks.cfg /root/   # 拷贝文件[root@docker01 ~]# docker cp 67ba647b0151:/etc /root/                    # 拷贝目录

docker容器的镜像保存 docker把容器保存为镜像_docker容器的镜像保存_02

logs查看容器日志

[root@docker01 ~]# docker ps CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMESf7c4da3cecad        centos:latest       "/bin/bash"         3 hours ago         Up 1 second                             centos01# 获取容器日志[root@docker01 ~]# docker logs -f --tail 500 f7c4da3cecad…………

参数说明:

-f  持续打印输出--tail 500  打印日志最后的500行

stats容器使用资源统计

可用于监控

[root@docker01 ~]# docker stats |   # 持续监控[root@docker01 ~]# docker stats --no-stream |  # 不是持续监控,只显示第一次返回的结果

docker容器的镜像保存 docker把容器保存为镜像_docker 容器保存为镜像_03

top容器中运行的进程

[root@docker01 ~]# docker ps CONTAINER ID   IMAGE           COMMAND       CREATED       STATUS       PORTS   NAMES67ba647b0151   centos:latest   "/bin/bash"   2 hours ago   Up 2 hours           centos001 # 查看容器中运行的进程信息[root@docker01 ~]# docker top 67ba647b0151UID    PID    PPID  C  STIME  TTY    TIME      CMDroot   3302   3285  0  21:13  pts/0  00:00:00  /bin/bash

port容器映射特定端口

容器映射端口有:随机端口映射、指定单个端口映射、指定多个端口映射

获取镜像

[root@docker01 ~]# docker pull registry.cn-beijing.aliyuncs.com/google_registry/nginx:1.17[root@docker01 ~]# docker tag ed21b7a8aee9 nginx:1.17[root@docker01 ~]# docker images | grep 'nginx'nginx                                                    1.17   ed21b7a8aee9   2 weeks ago   127MBregistry.cn-beijing.aliyuncs.com/google_registry/nginx   1.17   ed21b7a8aee9   2 weeks ago   127MB

映射随机端口

[root@docker01 ~]# docker run -d -P --name nginx01 nginx:1.17e90c9faaf8e3387920dd9763bf5c7df9dd17856673868bb512cec78741ff71dc[root@docker01 ~]# docker ps CONTAINER ID    IMAGE        COMMAND                  CREATED         STATUS         PORTS                  NAMESe90c9faaf8e3    nginx:1.17   "nginx -g 'daemon of…"   3 seconds ago   Up 2 seconds   0.0.0.0:1025->80/tcp   nginx01

说明:

0.0.0.0:1025->80/tcp  前面为宿主机端口,后面为容器端口

容器日志:

[root@docker01 ~]# docker logs -f --tail 500 nginx01

docker容器的镜像保存 docker把容器保存为镜像_docker_04

浏览器访问:

docker容器的镜像保存 docker把容器保存为镜像_docker 容器保存为镜像_05

映射单个指定端口

[root@docker01 ~]# docker run -d -p 81:80 --name nginx02 nginx:1.1704478222f0dc981883f25504164be3af7da49248886cee7386ccc89b80cc57a1[root@docker01 ~]# docker ps | grep 'nginx02'04478222f0dc   nginx:1.17   "nginx -g 'daemon of…"   29 seconds ago   Up 28 seconds   0.0.0.0:81->80/tcp   nginx02

浏览器访问:

docker容器的镜像保存 docker把容器保存为镜像_3c_06

映射多个指定端口

[root@docker01 ~]# docker run -d -p 85:80 -p 445:443 --name nginx03 nginx:1.175886e52ff8e934bc827c8d7753a532b9062bd045799d0658a008e371e6ecd09c[root@docker01 ~]# docker ps | grep 'nginx03'5886e52ff8e9   nginx:1.17   "nginx -g 'daemon of…"   12 seconds ago   Up 11 seconds   0.0.0.0:85->80/tcp, 0.0.0.0:445->443/tcp   nginx03