一.什么是docker容器
docker是容器技术的一个前端工具,容器是内核的一项技术,docker只是把这一项技术的使用得以简化,使之普及而已
docker中的容器:
- lxc --> libcontainer --> runC
二.OCI&OCF
OCI
Open Container-initiative
- 由Linux基金会主导于2015年6月创立
- 旨在围绕容器格式和运行时制定一个开放的工业化标准
- 包含两个规格
- the Runtime Specification(runtime-spec) 运行时的规范
- the Image Specification(image-spec) 镜像的规范
OCF
Open Container Format(开放的容器格式)
runC is a CLI tool for spawning and running containers according to the OCI specification(是一个根据OCI标准来创建和运行容器的命令行工具)
- Containers are started as a child process of runC and can be embedded into various other systems without having to run a daemon(将容器启动为runC的子进程 可以嵌入到其他各种系统中,而无需运行守护进程)
- runC is built on libcontainer, the same container technology powering millions of Docker Engine installations(runC构建在libcontainer之上,以同样的技术支持着很多人使用)
三.docker架构
dock客户端和主机在一台主机上,客户机执行命令,向主机发送请求寻找服务,查找本地有无此服务,有的话就则启动,没有则去镜像中下载后启动
docker-ee 付费
docker--ee 企业版商业化,需要付费
docker--ce 开源版本
四.docker镜像与镜像仓库
为什么镜像仓库名字是Registry而不是repository?在docker中仓库的名字是以应用的名称取名的。
镜像是静态的,而容器是动态的,容器有其生命周期,镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件,而容器则类似于将一个程序运行起来的状态,也即进程。所以容器是可以删除的,容器被删除后其镜像是不会被删除的
五.docker对象
When you use docker, you are creating and using images, containers, networks, volumes, pluginns, and other objects.(当你在使用docker时,你可以去创建和使用镜像、容器、网络、卷、插件和其他对象)
- IMAGES(镜像)
- An image is a read-only template with instructions for creating a docker container.(镜像是一个只读的模板,用来创建docker容器的模板)
- Often, an image is based on another image, with some additional customization.(通常来说,镜像是基于另一个镜像,并带有一些额外的定制)
- You might create your own images or you might only use those created by others and published in a registry.(您可以创建自己所拥有镜像,也可以只使用其他人创建并且发布在仓库中的镜像)
- CONTAINERS(容器)
- A conntainer is a runnable instance of an image.(容器是一个运行中的镜像)
- You can create, run, stop, move, or delete a container using the docker API or CLI.(你可以去创建、运行、停止、移动或者删除一个容器,用docker的API或CLI)
- You can connect a container to one or more networks, attach storage to it, or even create a new image based on its current state(您可以将一个容器连接到一个或多个网络,并且附加存储到容器中,并且基于你当前的状态创造一个镜像)
六.安装及使用docker
1.docker安装
[root@localhost yum.repos.d]# yum -y install wget vim //安装wget和vim
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel.repo epel-testing.repo
epel-modular.repo epel-testing-modular.repo redhat.repo
[root@localhost yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo //下载docker源
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel.repo redhat.repo
docker-ce.repo epel-testing-modular.repo
epel-modular.repo epel-testing.repo
[root@localhost ~]# dnf makecache //建立缓存
[root@localhost ~]# dnf -y install docker-ce //安装docker-ce2.docker加速
[root@localhost ~]# ls /etc/docker //查看配置文件
ls: 无法访问'/etc/docker': 没有那个文件或目录
[root@localhost ~]# systemctl enable --now docker //开启docker,并且加入开机自启
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@localhost ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vend>
Active: active (running) since Sun 2022-04-24 20:26:50 CST
[root@localhost ~]# ls /etc/docker //再次查看,则已经有了配置文件
key.json
[root@localhost ~]# cd /etc/docker/
[root@localhost docker]# ls
key.json
[root@localhost docker]# vim daemon.json
[root@localhost docker]# cat daemon.json
{
"registry-mirrors": ["https://onmth88j.mirror.aliyuncs.com"]
}
[root@localhost docker]# systemctl daemon-reload
[root@localhost docker]# systemctl restart docker
[root@localhost docker]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.14
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
runc version: v1.0.3-0-gf46b6ba
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 4.18.0-193.el8.x86_64
Operating System: Red Hat Enterprise Linux 8.2 (Ootpa)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.757GiB
Name: localhost.localdomain
ID: 3QCD:ZJMJ:VE6H:US3E:CUR4:Y5LC:OBH5:J5SS:VA2Y:7MKF:Y5UJ:OO3N
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://onmth88j.mirror.aliyuncs.com/ //有此行则代表加速器配置成功
Live Restore Enabled: false3.docker的常用操作
docker search ——从docker hub 查找镜像
[root@localhost ~]# docker search httpd //查找带有httpd的镜像
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 3976 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 44
centos/httpd 35 [OK]
hypoport/httpd-cgi httpd-cgi
2 [OK]docker pull ——从镜像仓库中拉取镜像
[root@localhost ~]# docker pull httpd //拉取httpd镜像,可以在拉取的镜像后加:和版本号,如果不接则自动拉取最新版本
Using default tag: latest
latest: Pulling from library/httpd
a2abf6c4d29d: Pull complete
dcc4698797c8: Pull complete
41c22baa66ec: Pull complete
67283bbdd4a0: Pull complete
d982c879c57e: Pull complete
Digest: sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latestdocker images——列出所有镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 4 months ago 144MBdocker create——创造一个新的容器
[root@localhost ~]# docker create --name web -p 80:80 httpd //创造一个名字为web的容器,指定端口号为80端口
ae628538767484d218b382b01b90ea0f091ddfa724a3e677dc21518dd6635f7edocker ps ——列出容器
[root@localhost ~]# docker ps //列出正在运行的容器
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker ps -a //参数 -a 列出所有容器,包括未开启的
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae6285387674 httpd "httpd-foreground" About a minute ago Created webdocker start ——启动容器
[root@localhost ~]# docker start web //启动web容器,使用name启动,也可以使用id号启动
web
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae6285387674 httpd "httpd-foreground" 8 minutes ago Up 2 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp webdocker stop ——关闭容器
[root@localhost ~]# docker stop ae6285387674 //关闭web容器,可使用id关闭也可以使用name
ae6285387674
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae6285387674 httpd "httpd-foreground" 9 minutes ago Exited (0) 4 seconds ago webdocker restart——重启容器
[root@localhost ~]# docker restart web
web
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae6285387674 httpd "httpd-foreground" 12 minutes ago Up 2 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp webdocker kill——杀死运行中的容器
stop正常关闭 kill强制关闭
[root@localhost ~]# docker kill web
web
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae6285387674 httpd "httpd-foreground" 14 minutes ago Exited (137) 4 seconds agodocker logs——查看日志
[root@localhost ~]# docker logs webdocker rm ——删除一个或者多个容器,运行时可以不删除
在容器运行时,rm无法删除容器,但是加上参数-f 即可强制删除
但镜像依然存在
[root@localhost ~]# docker rm -f web
web
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 4 months ago 144MBdocker run ——创建一个新的容器并且运行一个命令
[root@localhost ~]# docker run -it --name test busybox /bin/sh
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
5cc84ad355aa: Pull complete
Digest: sha256:5acba83a746c7608ed544dc1533b87c737a0b0fb730301639a0179f9344b1678
Status: Downloaded newer image for busybox:latest
/ #
/ # exit //退出会直接关闭容器
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
45832a741a6c busybox "/bin/sh" About a minute ago Exited (0) 2 seconds ago testdocker attach ——连接到正在运行的容器
[root@localhost ~]# docker start test
test
[root@localhost ~]# docker attach test
/ # exit
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
45832a741a6c busybox "/bin/sh" 4 minutes ago Exited (0) 2 seconds ago testdocker exec ——在运行的容器中执行命令
[root@localhost ~]# docker start test
test
[root@localhost ~]# docker exec -it test /bin/sh
/ # exit
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
45832a741a6c busybox "/bin/sh" 7 minutes ago Up 2 minutes test本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
