启动一个容器并且进到里面,退出后,容器结束 [root@bogon ~]# docker run --name mynginx -it nginx 启动一个容器,退出后自动删除 [root@bogon stress]# docker run -it --rm stress --cpu 1 后台启动一个容器,启动后,退出容器,容器仍然是up状态 [root@bogon ~]# docker run -d --name mynginx nginx [root@lab3 ~]# docker run -d -p 8085:8081 --restart=always --name nexus3 sonatype/nexus3 #注意8081是服务真实的端口 过滤某个容器 [root@bogon ~]# docker ps -a | grep mynginx 启动已有的容器: [root@bogon ~]# docker start 3ec6e022d3ec 只看最后一个容器 [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 66cb3c773f86 nginx "nginx -g 'daemon ..." 16 seconds ago Up 15 seconds 0.0.0.0:91->80/tcp mynginx2 进入容器: #进入后再退到linux环境中,容器仍然运行,生产中提倡 [root@bogon yum.bak]# yum install util-linux -y [root@bogon ~]# docker start 3ec6e022d3ec 3ec6e022d3ec [root@bogon ~]# docker inspect --format "{{.State.Pid}}" mynginx2 #上面启动后要速度,否则 docker 又exited 32850 [root@bogon ~]# nsenter --target 32850 --mount --uts --ipc --net --pid [root@3ec6e022d3ec /]# exit logout [root@bogon ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 78a40f56544c nginx "/bin/bash" About an hour ago Exited (0) About an hour ago mydockre1 3ec6e022d3ec nginx "/bin/bash" About an hour ago Up 2 minutes nginx 863c93fc46fb nginx "echo 'hello word'" About an hour ago Exited (0) About an hour ago unruffled_varahamihira 脚本进入容器: [root@bogon ~]# cat c.sh #!/bin/bash CNAME=$1 CPID=$(docker inspect --format "{{.State.Pid}}" $CNAME) nsenter --target $CPID --mount --uts --ipc --net --pid [root@bogon ~]# docker start nginx nginx [root@bogon ~]# ./c.sh mynginx [root@3ec6e022d3ec /]# 停止容器: [root@bogon ~]# docker stop 3ec6e022d3ec 3ec6e022d3ec 删除容器: [root@bogon ~]# docker stop acdde4415e79 [root@bogon ~]# docker rm acdde4415e79 强制删除容器 docker rmi fc7a05ff1928 -f 网络访问; [root@bogon ~]# yum install -y bridge-utils [root@bogon ~]# brctl show bridge name bridge id STP enabled interfaces docker0 8000.02427c67ad94 no veth67067d2 vethc4fa94d [root@bogon ~]# iptables -t nat -l -n iptables v1.4.21: unknown option "-l" Try `iptables -h' or 'iptables --help' for more information. [root@bogon ~]# iptables -t nat -L -n target prot opt source destination MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 随机映射端口: [root@bogon ~]# docker run -d -P --name mynginx1 nginx [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 60ffbffe8f27 nginx "nginx -g 'daemon ..." About a minute ago Up About a minute 0.0.0.0:32768->80/tcp mynginx1 访问nginx http://192.168.43.71:32768/ Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx. 指定映射端口: [root@bogon ~]# docker run -d -p 91:80 --name mynginx2 nginx 66cb3c773f8610563fb382cf5045792478225affbb126258802b7a193a964e12 [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 66cb3c773f86 nginx "nginx -g 'daemon ..." 16 seconds ago Up 15 seconds 0.0.0.0:91->80/tcp mynginx2 访问nginx http://192.168.43.71:91/ Welcome to nginx! If you see this page, the nginx web server is successfully installed and working. Further configuration is required. For online documentation and support please refer to nginx.org. Commercial support is available at nginx.com. Thank you for using nginx. 数据管理: 1、数据卷: [root@bogon ~]# docker run -it --name volume-test1 -h nginx -v /data nginx [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b7f26eddfe04 nginx "nginx -g 'daemon ..." About a minute ago Exited (0) 12 seconds ago volume-test1 [root@bogon ~]# docker rm b7f26eddfe04 b7f26eddfe04 [root@bogon ~]# docker run -it --name volume-test1 -h centos -v /data centos #-h 指定版本 [root@centos /]# [root@centos /]#exit [root@bogon ~]# docker inspect -f {{.Volumes}} volume-test1 Template parsing error: template: :1:2: executing "" at <.Volumes>: map has no entry for key "Volumes" [root@bogon ~]# docker inspect volume-test1 | grep Mounts "Mounts": [ [root@bogon ~]# docker inspect volume-test1 | grep Mounts -A 10 "Mounts": [ { "Type": "volume", "Name": "92abd271864afe570792711fda8a5755fff219dfeabb6a59f58f02c7802c903c", "Source": "/var/lib/docker/volumes/92abd271864afe570792711fda8a5755fff219dfeabb6a59f58f02c7802c903c/_data", "Destination": "/data", "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } [root@bogon ~]# cd /var/lib/docker/volumes/92abd271864afe570792711fda8a5755fff219dfeabb6a59f58f02c7802c903c/_data [root@bogon _data]# mkdir hello [root@bogon _data]# ls hello [root@bogon _data]# docker attach fd4d63501e40 [root@centos /]# ls /data/ hello [root@centos /]# cd /data/ [root@centos data]# mkdir shanghai [root@centos data]# ls hello shanghai 指定目录: [root@bogon ~]# docker run -it --name volume-test2 -h centos -v /opt:/opt centos #本地opt:容器opt [root@centos /]# ls /opt/ centos.yum.bak 2、数据库容器:容器之间共享 [root@bogon ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES becd2c381f3e centos "/bin/bash" 10 minutes ago Up 10 minutes volume-test2 fd4d63501e40 centos "/bin/bash" 42 minutes ago Exited (127) 8 minutes ago volume-test1 66cb3c773f86 nginx "nginx -g 'daemon ..." 2 hours ago Up 2 hours 0.0.0.0:91->80/tcp mynginx2 60ffbffe8f27 nginx "nginx -g 'daemon ..." 2 hours ago Up 2 hours 0.0.0.0:32768->80/tcp mynginx1 4351a4435e22 nginx "nginx -g 'daemon ..." 3 hours ago Up 3 hours 80/tcp nginx 78a40f56544c centos "/bin/bash" 4 hours ago Exited (0) 4 hours ago mydockre1 3ec6e022d3ec centos "/bin/bash" 4 hours ago Up 3 hours mydocker 863c93fc46fb centos "echo 'hello word'" 4 hours ago Exited (0) 4 hours ago unruffled_varahamihira [root@bogon ~]# docker run -it --name volume-test4 -h centos --volumes-from volume-test1 centos [root@centos /]# ls /data/ hello shanghai 手动构建docker镜像 [root@bogon ~]# docker run --name centos-man -it centos [root@c10e6c649a66 /]# [root@c10e6c649a66 /]# yum install -y wget gcc gcc-c++ make openssl-devel [root@c10e6c649a66 /]# wget http://nginx.org/download/nginx-1.9.9.tar.gz [root@c10e6c649a66 /]# wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.42.tar.gz [root@c10e6c649a66 /]# useradd -s /sbin/nologin -M www [root@c10e6c649a66 nginx-1.9.9]# mkdir /usr/local/nginx [root@c10e6c649a66 nginx-1.9.9]# ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-pcre=../pcre-8.42 [root@c10e6c649a66 nginx-1.9.9]# make [root@c10e6c649a66 nginx-1.9.9]# make install [root@c10e6c649a66 nginx-1.9.9]# vi /etc/rc.local #!/bin/bash # THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES # # It is highly advisable to create own systemd services or udev rules # to run scripts during boot instead of using this file. # # In contrast to previous versions due to parallel execution during boot # this script will NOT be run after all other services. # # Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure # that this script will be executed during boot. touch /var/lock/subsys/local #/usr/local/nginx/sbin/nginx #这句话不要添加,否则容器启动后就会退出 [root@c10e6c649a66 nginx-1.9.9]# vi /usr/local/nginx/conf/nginx.conf daemon off; #需要添加这句话,在前台运行 #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; [root@c10e6c649a66 nginx-1.9.9]# exit logout [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c10e6c649a66 centos "/bin/bash" 13 hours ago Up About an hour centos-man [root@bogon ~]# docker commit -m "my nginx" c10e6c649a66 zhuzihao/my-nginx:v1 sha256:dcefc0f1811797422d5d69745e2b92d72c5052026208f3dc658ec951e157eab1 [root@bogon ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE zhuzihao/my-nginx v1 dcefc0f18117 20 seconds ago 393MB nginx latest 5699ececb21c 4 days ago 109MB centos latest 49f7960eb7e4 3 weeks ago 200MB [root@bogon ~]# docker run -d -p 95:80 zhuzihao/my-nginx:v1 /usr/local/nginx/sbin/nginx ced0276ad948614b4ff5866e7abf5e25185d0b8bbd8c45465df93c0045966d4c [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ced0276ad948 zhuzihao/my-nginx:v1 "/usr/local/nginx/..." 9 seconds ago Up 9 seconds 0.0.0.0:95->80/tcp clever_beaver Dockerfile构建dicker镜像 [root@bogon ~]# mkdir /opt/docker-file [root@bogon ~]# cd /opt/docker-file/ [root@bogon docker-file]# mkdir nginx [root@bogon docker-file]# cd nginx/ [root@bogon nginx]# wget http://nginx.org/download/nginx-1.9.9.tar.gz [root@bogon nginx]# wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.42.tar.gz [root@bogon nginx]# vi Dockerfile #必须大写 #this is my dockerfile #verion 1.0 #auther zi hao #Base imags FROM centos :默认从本地 #MAINTAINER MAINTAINER zi hao #ADD ADD pcre-8.42.tar.gz /usr/local/src ADD nginx-1.9.9.tar.gz /usr/local/src #RUN RUN yum install -y wget gcc gcc-c++ make openssl-devel RUN useradd -s /sbin/nologin -M www #WORKDIR WORKDIR /usr/local/src/nginx-1.9.9 RUN ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-pcre=/usr/local/src/pcre-8.42 && make && make install RUN echo "daemon off;" >> /usr/local/nginx/nginx.conf ENV PATH /usr/local/ngix/sbin:$PATH EXPOSE 80 CMD ["nginx"] [root@bogon nginx]# docker build -t nginx-file:v1 /opt/docker-file/nginx/ #只写docker文件的路径,不用带上dockerfile [root@bogon nginx]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx-file v1 5def32732043 5 minutes ago 390MB zhuzihao/my-nginx v1 a743f6bd0741 About an hour ago 393MB nginx latest 5699ececb21c 4 days ago 109MB centos latest 49f7960eb7e4 3 weeks ago 200MB Docker核心原理-资源隔离和限制 [root@bogon ~]# cd /opt/docker-file/ [root@bogon docker-file]# ls nginx [root@bogon docker-file]# mkdir stress [root@bogon docker-file]# cd stress/ [root@bogon stress]# wget http://mirrors.aliyun.com/repo/epel-7.repo [root@bogon stress]# vi Dockerfile FROM centos ADD epel-7.repo /etc/yum.repos.d/ RUN yum install stress && yum clean all ENTRYPOINT ["stress"] [root@bogon stress]# docker build -t stress . [root@bogon stress]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE stress latest 244ae61acc08 7 minutes ago 340MB nginx-file v1 5def32732043 9 hours ago 390MB zhuzihao/my-nginx v1 a743f6bd0741 10 hours ago 393MB nginx latest 5699ececb21c 4 days ago 109MB centos latest 49f7960eb7e4 3 weeks ago 200MB registry latest d1fd7d86a825 5 months ago 33.3MB [root@bogon stress]# docker run -it --rm stress --cpu 1 [root@bogon ~]# top [root@bogon ~]# docker run -it --rm -m 256m stress --vm 1 --vm-bytes 200m --vm-hang 0 [root@bogon stress]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8932a850dd60 stress "stress --vm 1 --v..." 2 minutes ago Up 2 minutes festive_jennings [root@bogon stress]# docker exec 8932a850dd60 docker网络和registry [root@bogon ~]# docker pull registry [root@bogon ~]# brctl show bridge name bridge id STP enabled interfaces docker0 8000.0242f82b6209 no veth62318cf vethdbb7907 [root@bogon ~]# iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DOCKER all -- 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 172.17.0.0/16 0.0.0.0/0 Chain DOCKER (2 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 [root@bogon ~]# vi /usr/lib/systemd/system/docker.service 在12行后面增加 --insecure-registry ip:5000 [root@bogon ~]# systemctl daemon-reload [root@bogon ~]# systemctl restart docker [root@bogon ~]# docker run -d -p 5000:5000 registry 426f87a37407473caf505c8817903515b86d1032bedc48367a8769a4f11e5355 [root@bogon ~]# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 426f87a37407 registry "/entrypoint.sh /e..." 7 seconds ago Up 5 seconds 5000/tcp heuristic_swirles [root@bogon ~]# docker tag nginx 192.168.43.71:5000/test/ng:v1 [root@bogon ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE stress latest 244ae61acc08 About an hour ago 340MB nginx-file v1 5def32732043 10 hours ago 390MB zhuzihao/my-nginx v1 a743f6bd0741 11 hours ago 393MB 192.168.43.71:5000/test/ng v1 5699ececb21c 4 days ago 109MB nginx latest 5699ececb21c 4 days ago 109MB centos latest 49f7960eb7e4 3 weeks ago 200MB registry latest d1fd7d86a825 5 months ago 33.3MB [root@bogon ~]# docker push 192.168.43.71:5000/test/ng:v1 从另一台机子上pull镜像 [root@bogon ~]# docker pull 192.168.43.71:5000/test/ng