docker的基础应用

什么是docker

docker中的容器：

• lxc --> libcontainer --> runC

OCI&OCF

OCI

Open Container-initiative

• 由Linux基金会主导于2015年6月创立
• 旨在围绕容器格式和运行时制定一个开放的工业化标准
• contains two specifications
  • the Runtime Specification（runtime-spec）
  • the Image Specification（image-spec）

OCF

OCF

开源的容器格式（Open Container Format）

runC 是一个命令行工具，运行容器记录的一个标准

• 容器是以runC为子进程的方式启动，并且可以被其他的系统引用，不需要启动为守护模式进程
• runC 可以构建我们的容器，并且可以被数以百万的存储引擎使用

docker提供了一个专门容纳容器镜像的站点：https://hub.docker.com

docker架构

• 此图片中的三个大框从左到右为“客户端”“dockers主机”“仓库”（仓库位置可以是本地的，也可以是官方的）
• 客户端：任意一台有docker命令的主机都为客户端
• docker主机：安装了docker服务的主机
• 客户端和docker主机可以在一台主机里运行，仓库可以在另外一台主机运行
• 客户端里的docker命令交给docker主机的守护进程/服务进行镜像交互
• lmages镜像里如果有本地镜像不用执行docker pull命令，如果没有就执行docker pull命令从仓库里的镜像拉到本地里来，再用docker run命令在本地启动成Containers容器
• 每一个container容器都是运行在docker server（宿主机）上的，每一个container容器都是隔离的、独立的
• 每一个container容器相当于一个Linux操作系统，每一个container容器都有自己的ip地址，所以可以在不同的container上设置相同的端口号

docker镜像与镜像仓库

为什么镜像仓库名字是Registry而不是repository？在docker中仓库的名字是以应用的名称取名的。

镜像是静态的，而容器是动态的，容器有其生命周期，镜像与容器的关系类似于程序与进程的关系。镜像类似于文件系统中的程序文件，而容器则类似于将一个程序运行起来的状态，也即进程。所以容器是可以删除的，容器被删除后其镜像是不会被删除的。

Docker对象

当您使用docker时，您可以创建和使用镜像、容器、网络、存储卷、插件和其他对象。

• 镜像
  • 一个镜像是只读的模板，是用来创建docker容器的
  • 经常情况, 一个镜像是基于另外一个镜像生成的，加上一些特定的内同
  • 您可以创建您自己的镜像，也可以使用别人在网站上传的镜像
• 容器
  • 容器是一个用镜像运行的实例
  • 您可以使用命令行模式或者API进行创建，运行，停止，移动，删除容器
  • 您可以将容器连接到一个或多个网络，将存储连接到容器，甚至可以基于其当前状态创建新映像。

安装及使用docker

Docker安装

进入目录

[root@Raygussie ~]# cd /etc/yum.repos.d/

下载

[root@Raygussie yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1919  100  1919    0     0   1048      0  0:00:01  0:00:01 --:--:--  1048
[root@Raygussie yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo
[root@Raygussie yum.repos.d]# ls
docker-ce.repo  redhat.repo
[root@Raygussie yum.repos.d]# 

清理缓存

[root@Raygussie ~]# yum clean all
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
0 files removed

搜索

[root@Raygussie ~]# yum list all|grep docker
containerd.io.x86_64                          1.4.3-3.1.el8                     ocker-ce-stable
docker-ce.x86_64                              3:20.10.3-3.el8                   ocker-ce-stable
docker-ce-cli.x86_64                          1:20.10.3-3.el8                   ocker-ce-stable
docker-ce-rootless-extras.x86_64              20.10.3-3.el8                     ocker-ce-stable

安装docker-ce

[root@Raygussie yum.repos.d]# yum -y install docker-ce
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Docker CE Stable - x86_64                         2.1 kB/s | 3.5 kB     00:01    
Dependencies resolved.
==================================================================================
 Package            Arch   Version                         Repository        Size
==================================================================================
Installing:
 docker-ce          x86_64 3:20.10.3-3.el8                 docker-ce-stable  27 M
Upgrading:
 audit              x86_64 3.0-0.17.20191104git1c2f876.el8 base             254 k
。。。。。。
Enabling module streams:
 container-tools           rhel8                                                 

Transaction Summary
=========================================
Install  17 Packages
Upgrade  10 Packages
。。。。。。
(24/27): selinux-policy-3.14.3-54.el8_3.2.noarch. 729 kB/s | 622 kB     00:00    
(25/27): selinux-policy-targeted-3.14.3-54.el8_3. 888 kB/s |  15 MB     00:17    
(26/27): docker-ce-20.10.3-3.el8.x86_64.rpm       145 kB/s |  27 MB     03:07    
(27/27): docker-ce-cli-20.10.3-3.el8.x86_64.rpm   175 kB/s |  33 MB     03:14    
-------------------------------------------------------------------------
Total                                             630 kB/s | 119 MB     03:14     
warning: /var/cache/dnf/docker-ce-stable-fa9dc42ab4cec2f4/packages/containerd.io-1.4.3-3.1.el8.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Docker CE Stable - x86_64                         1.1 kB/s | 1.6 kB     00:01    
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35
 From       : https://download.docker.com/linux/centos/gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                          1/1 
  Running scriptlet: libsepol-2.9-1.el8.x86_64                                1/1 
。。。。。。
python3-setools-4.3.0-2.el8.x86_64                                              
  containerd.io-1.4.3-3.1.el8.x86_64                                              
  docker-ce-cli-1:20.10.3-3.el8.x86_64                                            
  docker-ce-rootless-extras-20.10.3-3.el8.x86_64                                  

Complete!
[root@Raygussie yum.repos.d]# 

启动docker

[root@Raygussie ~]# systemctl enable  --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.

查看docker状态

[root@Raygussie ~]# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset>
   Active: active (running) since Fri 2021-02-26 03:58:26 CST; 2min 3s ago
     Docs: https://docs.docker.com
 Main PID: 13865 (dockerd)
    Tasks: 11
   Memory: 47.5M
   CGroup: /system.slice/docker.service
           └─13865 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/contain>

Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784359660+08:>
Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784464350+08:>
Feb 26 03:58:19 Raygussie dockerd[13865]: time="2021-02-26T03:58:19.784715063+08:>
Feb 26 03:58:25 Raygussie dockerd[13865]: time="2021-02-26T03:58:25.060643063+08:>
Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.201491271+08:>
Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.489748836+08:>
Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.530920550+08:>
Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.531179856+08:>
Feb 26 03:58:26 Raygussie systemd[1]: Started Docker Application Container Engine.
Feb 26 03:58:26 Raygussie dockerd[13865]: time="2021-02-26T03:58:26.571104822+08:>
lines 1-20/20 (END)

docker加速

docker-ce的配置文件是/etc/docker/daemon.json，此文件默认不存在，需要我们手动创建并进行配置，而docker的加速就是通过配置此文件来实现的。

docker的加速有多种方式：

• docker cn
• 中国科技大学加速器
• 阿里云加速器（需要通过阿里云开发者平台注册帐号，免费使用个人私有的加速器）

设置加速器

编辑
[root@Raygussie ~]# vi /etc/docker/daemon.json

{
            "registry-mirrors": ["https://zyva0762.mirror.aliyuncs.com"]
}

重启rocker
[root@Raygussie ~]# systemctl daemon-reload
[root@Raygussie ~]# systemctl restart docker

查看docker状态

[root@Raygussie ~]# docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 20.10.3
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc version: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.18.0-80.el8.x86_64
 Operating System: Red Hat Enterprise Linux 8.0 (Ootpa)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 3.827GiB
 Name: Raygussie
 ID: 22AQ:HFL6:ZLSE:4CW5:ARD2:Z6RN:4SQV:GKOD:HVPN:PJDP:NIJK:XQGJ
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://zyva0762.mirror.aliyuncs.com/
 Live Restore Enabled: false

WARNING: No blkio weight support
WARNING: No blkio weight_device support

docker常用操作

命令	功能
docker search	在官网上搜索镜像
docker pull	下载官网的镜像，不加版本号默认下载最新版本
docker images	查看已有镜像
docker create	创建一个容器
docker start	启动容器
docker run	运行容器
docker attach	进入容器
docker ps	查看正在运行的容器
docker logs	查看容器日志
docker restart	重启容器
docker stop	停止容器运行
docker kill	强制终止容器（不推荐）
docker rm	删除容器
docker exec	进入容器
docker info	查看docker整个的信息
docker inspect	查看容器的各种信息

演示：

• docker search

[root@Raygussie ~]# docker search httpd
NAME                                    DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
httpd                                   The Apache HTTP Server Project                  3371      [OK]       
centos/httpd-24-centos7                 Platform for running Apache httpd 2.4 or bui…   36                   
centos/httpd                                                                            33                   [OK]
polinux/httpd-php                       Apache with PHP in Docker (Supervisor, CentO…   4                    [OK]
salim1983hoop/httpd24                   Dockerfile running apache config                2                    [OK]
lead4good/httpd-fpm                     httpd server which connects via fcgi proxy h…   1                    [OK]
solsson/httpd-openidc                   mod_auth_openidc on official httpd image, ve…   1                    [OK]
。。。。。。

• docker pull

[root@Raygussie ~]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
a076a628af6f: Pull complete 
e444656f7792: Pull complete 
0ec35e191b09: Pull complete 
4aad5d8db1a6: Pull complete 
eb1da3ea630f: Pull complete 
Digest: sha256:2fab99fb3b1c7ddfa99d7dc55de8dad0a62dbe3e7c605d78ecbdf2c6c49fd636
Status: Downloaded newer image for httpd:latest
docker.io/library/httpd:latest

• docker images

[root@Raygussie ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED       SIZE
httpd        latest    683a7aad17d3   6 weeks ago   138MB

• docker create

[root@Raygussie ~]# docker create httpd:2.4-alpine
e92a84c778e7768db0194a224283beed3ae778db85ae5114c8da752537af1baf

• docker start

[root@Raygussie ~]# docker start e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker ps
CONTAINER ID   IMAGE              COMMAND              CREATED         STATUS         PORTS     NAMES
e92a84c778e7   httpd:2.4-alpine   "httpd-foreground"   6 minutes ago   Up 6 seconds   80/tcp    heuristic_mahavira

• docker run

[root@Raygussie ~]# docker run httpd:latest
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Thu Feb 25 20:45:29.243123 2021] [mpm_event:notice] [pid 1:tid 140395745399936] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations
[Thu Feb 25 20:45:29.243445 2021] [core:notice] [pid 1:tid 140395745399936] AH00094: Command line: 'httpd -D FOREGROUND'

• docker attach

[root@Raygussie ~]# docker attach f59f43d50ef8
172.17.0.1 - - [25/Feb/2021:21:01:49 +0000] "GET / HTTP/1.1" 200 45
172.17.0.1 - - [25/Feb/2021:21:01:51 +0000] "GET / HTTP/1.1" 200 45
172.17.0.1 - - [25/Feb/2021:21:01:52 +0000] "GET / HTTP/1.1" 200 45
172.17.0.1 - - [25/Feb/2021:21:01:52 +0000] "GET / HTTP/1.1" 200 45

• docker ps

[root@Raygussie ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@Raygussie ~]# docker ps -a
CONTAINER ID   IMAGE              COMMAND              CREATED         STATUS    PORTS     NAMES
e92a84c778e7   httpd:2.4-alpine   "httpd-foreground"   5 minutes ago   Created             heuristic_mahavira

• docker logs

[root@Raygussie ~]# docker logs e9c0d6e23563 
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Thu Feb 25 20:46:47.589331 2021] [mpm_event:notice] [pid 1:tid 139711880459392] AH00489: Apache/2.4.46 (Unix) configured -- resuming normal operations
[Thu Feb 25 20:46:47.589499 2021] [core:notice] [pid 1:tid 139711880459392] AH00094: Command line: 'httpd -D FOREGROUND'
[Thu Feb 25 20:47:18.936443 2021] [mpm_event:notice] [pid 1:tid 139711880459392] AH00491: caught SIGTERM, shutting down

• docker restar

[root@Raygussie ~]# docker start e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker restart e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker ps -a
CONTAINER ID   IMAGE              COMMAND              CREATED         STATUS         PORTS     NAMES
e92a84c778e7   httpd:2.4-alpine   "httpd-foreground"   9 minutes ago   Up 8 seconds   80/tcp    heuristic_mahavira

• docker stop

[root@Raygussie ~]# docker stop e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

• docker kill

[root@Raygussie ~]# docker kill e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

• docker rm

[root@Raygussie ~]# docker rm e92a84c778e7
e92a84c778e7
[root@Raygussie ~]# docker ps 
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@Raygussie ~]# docker ps -a
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

 [root@Raygussie ~]# docker rm -f e606ff8a6905
 e606ff8a6905
 [root@Raygussie ~]# docker ps -a
 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

• docker exec

[root@Raygussie ~]# docker exec -it 2f51f41d2b26 /bin/bash
root@2f51f41d2b26:/usr/local/apache2# ls
bin  build  cgi-bin  conf  error  htdocs  icons  include  logs    modules
root@2f51f41d2b26:/usr/local/apache2# cd bin/
root@2f51f41d2b26:/usr/local/apache2/bin# ls
ab       checkgid   envvars-std   htdbm     httpd      rotatelogs
apachectl  dbmmanage  fcgistarter   htdigest  httxt2dbm   suexec
apxs       envvars    htcacheclean  htpasswd  logresolve
root@2f51f41d2b26:/usr/local/apache2/bin# exit
exit
[root@Raygussie ~]# docker ps
CONTAINER ID   IMAGE     COMMAND              CREATED              STATUS              PORTS     NAMES
2f51f41d2b26   httpd     "httpd-foreground"   About a minute ago   Up About a minute   80/tcp    unruffled_lewin

• docker info

[root@Raygussie ~]# docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)

Server:
 Containers: 3
  Running: 0
  Paused: 0
  Stopped: 3
 Images: 2
 Server Version: 20.10.3
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
。。。。。。

• docker inspect

[root@Raygussie ~]# docker inspect a8974fc34766
[
    {
        "Id": "a8974fc347662586624c959a93d8c639767387d92d93fa65659e88d236d38e8a",
        "Created": "2021-02-25T20:44:19.761464715Z",
        "Path": "httpd-foreground",
        "Args": [],
        "State": {
            "Status": "created",
            "Running": false,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 0,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "0001-01-01T00:00:00Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
。。。。。。