上一节中我们使用Docker run 命令启用了容器
- 我们在前台进行了容器交互
- 在后台进程运行容器
在这个过程中我们了解了几个Docker 命令:
- docker ps 列出容器
- docker logs 显示容器标准输出
- docker stop 停止正在运行的容器
提示:我们有另外一种方法来学习docker命令,与用户交互
docker客户端非常简单,你可使用docker的每一个标示和参数组合来进行你的操作。
# Usage: [sudo] docker [flags] [command] [arguments] ..
# Example:
$ docker run -i -t ubuntu /bin/bash
这时候我们使用docker version命令来返回安装的docker客户端和进程信息
Client version: 0.8.0 客户端版本信息Go version (client): go1.2 Go版本信息Git commit (client): cc3a8c8 Server version: 0.8.0Git commit (server): cc3a8c8Go version (server): go1.2Last stable version: 0.8.0
让我们使用Docker --help命令来看看docker详细的参数
[root@docker ~]# docker --help
Usage: docker [OPTIONS] COMMAND [arg...]
A self-sufficient runtime for linux containers.
Options:
--api-cors-header= Set CORS headers in the remote API
-b, --bridge= Attach containers to a network bridge
--bip= Specify network bridge IP
-D, --debug=false Enable debug mode
-d, --daemon=false Enable daemon mode
--default-ulimit=[] Set default ulimits for containers
--dns=[] DNS server to use
--dns-search=[] DNS search domains to use
-e, --exec-driver=native Exec driver to use
--fixed-cidr= IPv4 subnet for fixed IPs
--fixed-cidr-v6= IPv6 subnet for fixed IPs
-G, --group=docker Group for the unix socket
-g, --graph=/var/lib/docker Root of the Docker runtime
-H, --host=[] Daemon socket(s) to connect to
-h, --help=false Print usage
--icc=true Enable inter-container communication
--insecure-registry=[] Enable insecure registry communication
--ip=0.0.0.0 Default IP when binding container ports
--ip-forward=true Enable net.ipv4.ip_forward
--ip-masq=true Enable IP masquerading
--iptables=true Enable addition of iptables rules
--ipv6=false Enable IPv6 networking
-l, --log-level=info Set the logging level
--label=[] Set key=value labels to the daemon
--log-driver=json-file Containers logging driver
--mtu=0 Set the containers network MTU
-p, --pidfile=/var/run/docker.pid Path to use for daemon PID file
--registry-mirror=[] Preferred Docker registry mirror
-s, --storage-driver= Storage driver to use
--selinux-enabled=false Enable selinux support
--storage-opt=[] Set storage driver options
--tls=false Use TLS; implied by --tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify=false Use TLS and verify the remote
-v, --version=false Print version information and quit
Commands:
attach Attach to a running container
build Build an p_w_picpath from a Dockerfile
commit Create a new p_w_picpath from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an p_w_picpath
p_w_picpaths List p_w_picpaths
import Create a new filesystem p_w_picpath from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or p_w_picpath
kill Kill a running container
load Load an p_w_picpath from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
pause Pause all processes within a container
ps List containers
pull Pull an p_w_picpath or a repository from a Docker registry server
push Push an p_w_picpath or a repository to a Docker registry server
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more p_w_picpaths
run Run a command in a new container
save Save an p_w_picpath to a tar archive
search Search for an p_w_picpath on the Docker Hub
start Start a stopped container
stats Display a stream of a containers' resource usage statistics
stop Stop a running container
tag Tag an p_w_picpath into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
更加详细的请使用docker 参数 --help
例如:
[root@docker ~]# docker logs --help
Usage: docker logs [OPTIONS] CONTAINER
Fetch the logs of a container
-f, --follow=false Follow log output
--help=false Print usage
-t, --timestamps=false Show timestamps
--tail=all Number of lines to show from the end of the logs
[root@docker ~]# docker attach --help
Usage: docker attach [OPTIONS] CONTAINER
Attach to a running container
--help=false Print usage
--no-stdin=false Do not attach STDIN
--sig-proxy=true Proxy all received signals to the process
或者你可以再docker命令中使用--help标示
$ sudo docker p_w_picpaths --help
这将显示所有的文本信息和可用的标示:
Usage: docker attach [OPTIONS] CONTAINER
Attach to a running container
--no-stdin=false: Do not attach stdin
--sig-proxy=true: Proxify all received signal to the process (even in non-tty mode)
注意:你可以看到一个完整的docker命令列表。
在Docker中运行一个web应用
现在我们已经学习了更多的docker命令,我们需要学习在容器中运行更多重要的事情。到目前为止我们已经运行的容器没有什么特别用处。让我们通过在docker运行一个web应用程序实例来了解。
在我们的web应用中,我们将运行一个python应用。让我们先从docker run命令开始。
$ [root@docker ~]# docker run -d -P training/webapp python app.py
Unable to find p_w_picpath 'training/webapp:latest' locally
latest: Pulling from training/webapp
e9e06b06e14c: Pull complete
e9e06b06e14c: Download complete
a82efea989f9: Download complete
37bea4ee0c81: Download complete
07f8e8c5e660: Download complete
23f0158a1fbe: Download complete
0a4852b23749: Download complete
7d0ff9745632: Download complete
99b0d955e85d: Download complete
33e109f2ff13: Download complete
cc06fd877d54: Download complete
b1ae241d644a: Download complete
b37deb56df95: Download complete
02a8815912ca: Download complete
Status: Downloaded newer p_w_picpath for training/webapp:latest
4f3a49e846c8ee5d898967bf04505c07aec9b00c4ea062946dbf9b8aa04fe4da
让我们来回顾一下我们的命令。我们指定了-d和-P两个标示。我们已经知道的是-d标示是让docker容器在后台运行。新的-P标示通知Docker所需的网络端口映射从主机映射到我们的容器内。现在让我们看看我们的wen应用程序。
我们指定了training/web镜像。这个预先建立好的镜像被我们创建后就已经包含了简单的python应用程序环境。
最好,我们指定一个容器来运行:python
注意:你可以在命令参考和Docker run参考看到更多docker run命令的细节
查看web应用容器
现在我们使用docker ps查看我们正在运行的容器。
[root@docker ~]# docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4f3a49e846c8 training/webapp:latest "python app.py" About a minute ago Up About a minute 0.0.0.0:32768->5000/tcp
在这种情况下,docker开放了5000端口(默认Phtyon端口)映射到主机端口49155上。
Docker可以配置绑定网络端口。在最后一个例子中-P标示,是-p 5000的快捷方式,-p 5000可以使端口5000映射到外部的端口(49000到49900端口)。我们也可以指定-p标示来指定端口。举例:
$docker run -d -p 5000:5000 training/webapp python app.py
他将端口5000映射到我们本地主机端口5000.现在你可能会问:为什么我们只使用1对1端口映射到Docker容器而不是映射到高端口?1:1映射端口只能到你本地主机的端口。假设你想要测试两个Python应用程序,两个容器内绑定到端口5000,没有足够的docker的端口映射你只能访问一次。
所以,现在我们打开浏览器访问端口5000端口
最后网页上面出现“hello world”
网络端口快捷方式
使用docker ps命令会返回映射端口,就是有点笨手笨脚的。所以,docker有一种快捷方式可以使用docker port.使用docker port可以指定容器ID或者名字映射到主机端的端口号。
[root@docker ~]# docker port hungry_goldstine 5000
0.0.0.0:5000
[root@docker ~]# docker port hungry_goldstine
5000/tcp -> 0.0.0.0:5000
在这种情况下,我们看到端口5000映射到容器外的主机端口。
查看WEB应用程序日志
[root@docker ~]# docker logs -f hungry_goldstine
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
172.17.42.1 - - [03/Aug/2015 08:35:27] "GET / HTTP/1.1" 200 -
172.17.42.1 - - [03/Aug/2015 08:35:27] "GET /favicon.ico HTTP/1.1" 404 -
172.17.42.1 - - [03/Aug/2015 08:36:46] "GET / HTTP/1.1" 200 -
172.17.42.1 - - [03/Aug/2015 08:36:47] "GET /favicon.ico HTTP/1.1" 404 -
172.17.42.1 - - [03/Aug/2015 08:45:54] "GET / HTTP/1.1" 200 -
这次我们添加了一个标示-f。这将使docker log命令中使用tail -f来查看容器标准输出。这里我们从应用程序日志的5000端口的访问日志条目
查看我们WEB应用程序容器的过程
我们除了可以查看容器日志,我们还可以使用docker top来查看容器进程:
[root@docker ~]# docker top hungry_goldstine
UID PID PPID C STIME TTY TIME CMD
root 7167 7069 0 02:47 ? 00:00:00 python app.py
这里我们可以看到python app.py在容器里唯一进程。
检查我们的WEB应用程序
[root@docker ~]# docker inspect hungry_goldstine
[{
"AppArmorProfile": "",
"Args": [
"app.py"
],
"Config": {
"AttachStderr": false,
"AttachStdin": false,
"AttachStdout": false,
"Cmd": [
"python",
"app.py"
..............................
针对想要的信息缩小显示,例:返回容器的IP地址
[root@docker ~]# docker inspect -f '{{ .NetworkSettings.IPAddress }}' hungry_goldstine
172.17.0.1
通过docker stop停止容器
[root@docker ~]# docker start reverent_mclean
reverent_mclean
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
通过docker start 启动容器
[root@docker ~]# docker start reverent_mclean
reverent_mclean
[root@docker ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2c78432ea7f6 training/webapp:latest "python app.py" 25 hours ago Up 2 hours 0.0.0.0:5000->5000/tcp hungry_goldstine
d162d83800cf centos:latest "/bin/bash" 4 days ago Up 8 seconds reverent_mclean
通过docker restart 启动容器
[root@docker ~]# docker restart reverent_mclean
reverent_mclean
[root@docker ~]#
不能删除正在运行的容器
[root@docker ~]# docker rm reverent_mclean
Error response from daemon: Conflict, You cannot remove a running container. Stop the container before attempting removal or use -f
FATA[0000] Error: failed to remove one or more containers
那么我现在要删除一个容器
[root@docker ~]# docker rm reverent_mclean
Error response from daemon: Conflict, You cannot remove a running container. Stop the container before attempting removal or use -f
FATA[0000] Error: failed to remove one or more containers
[root@docker ~]# docker stop reverent_mclean
reverent_mclean
现在我们容器停止和删除。
注意:删除容器是最后一步
转载于:https://blog.51cto.com/tanxm/1681197