docker基础用法

docker 架构：

docker 安装前期准备：

安装centos7 ,不要在centos6 

[root@node01 yum.repos.d]# uname -a 
Linux node01 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@node01 yum.repos.d]# cat /etc/redhat-release 
CentOS Linux release 7.5.1804 (Core) 

下载docker-repo:

[root@node01 yum.repos.d]# pwd
/etc/yum.repos.d
[root@node01 yum.repos.d]# wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
[root@node01 yum.repos.d]# ls
CentOS-Base.repo  CentOS-Debuginfo.repo  CentOS-Media.repo    CentOS-Vault.repo
CentOS-CR.repo    CentOS-fasttrack.repo  CentOS-Sources.repo  docker-ce.repo
通过vi docker-ce.repo 发现，里面的源并不是国内的，所以需要改下（全局替换）：
:%s@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@

最终结果如下：

[root@node01 yum.repos.d]# cat docker-ce.repo 
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-edge]
name=Docker CE Edge - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-edge-debuginfo]
name=Docker CE Edge - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-edge-source]
name=Docker CE Edge - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/edge
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-test]
name=Docker CE Test - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-nightly]
name=Docker CE Nightly - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/debug-$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg

[root@node01 ~]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.163.com
 * extras: mirrors.163.com
 * updates: mirrors.163.com
docker-ce-stable                                                                                  | 3.5 kB  00:00:00     
(1/2): docker-ce-stable/x86_64/updateinfo                                                         |   55 B  00:00:00     
(2/2): docker-ce-stable/x86_64/primary_db                                                         |  20 kB  00:00:00     
repo id                                                 repo name                                                  status
base/7/x86_64                                           CentOS-7 - Base                                            10,019
docker-ce-stable/x86_64                                 Docker CE Stable - x86_64                                      28
extras/7/x86_64                                         CentOS-7 - Extras                                             321
updates/7/x86_64                                        CentOS-7 - Updates                                            647
repolist: 11,015

安装docker：

[root@node01 ~]# yum install -y docker-ce

=========================================================================================================================
 Package                            Arch              Version                          Repository                   Size
=========================================================================================================================
Installing:
 docker-ce                          x86_64            3:18.09.1-3.el7                  docker-ce-stable             19 M
Installing for dependencies:
 audit-libs-python                  x86_64            2.8.4-4.el7                      base                         76 k
 checkpolicy                        x86_64            2.5-8.el7                        base                        295 k
 container-selinux                  noarch            2:2.74-1.el7                     extras                       38 k
 containerd.io                      x86_64            1.2.2-3.el7                      docker-ce-stable             22 M
 docker-ce-cli                      x86_64            1:18.09.1-3.el7                  docker-ce-stable             14 M
 libcgroup                          x86_64            0.41-20.el7                      base                         66 k
 libsemanage-python                 x86_64            2.5-14.el7                       base                        113 k
 libtool-ltdl                       x86_64            2.4.2-22.el7_3                   base                         49 k
 policycoreutils-python             x86_64            2.5-29.el7                       base                        456 k
 python-IPy                         noarch            0.75-6.el7                       base                         32 k
 setools-libs                       x86_64            3.3.8-4.el7                      base                        620 k
Updating for dependencies:
 audit                              x86_64            2.8.4-4.el7                      base                        250 k
 audit-libs                         x86_64            2.8.4-4.el7                      base                        100 k
 libselinux                         x86_64            2.5-14.1.el7                     base                        162 k
 libselinux-python                  x86_64            2.5-14.1.el7                     base                        235 k
 libselinux-utils                   x86_64            2.5-14.1.el7                     base                        151 k
 libsemanage                        x86_64            2.5-14.el7                       base                        151 k
 libsepol                           x86_64            2.5-10.el7                       base                        297 k
 policycoreutils                    x86_64            2.5-29.el7                       base                        916 k
 selinux-policy                     noarch            3.13.1-229.el7_6.6               updates                     483 k
 selinux-policy-targeted            noarch            3.13.1-229.el7_6.6               updates                     6.9 M

Transaction Summary
=========================================================================================================================
Install  1 Package  (+11 Dependent packages)
Upgrade             ( 10 Dependent packages)

Docker安装方法：
docker双发行版：
docker-ee
docker-ce
moby
1、CentOS Extras Repo
2、Docker-CE
下载：https://download.docker.com/
仓库配置文件：https://download.docker.com/linux/centos/docker-ce.repo
Docker组件：
docker程序环境：
　　环境配置文件：
　　　　/etc/sysconfig/docker-network
　　　　/etc/sysconfig/docker-storage
　　　　/etc/sysconfig/docker
　　Unit File：
　　　　/usr/lib/systemd/system/docker.service
　　Docker Registry配置文件：
　　　　/etc/containers/registries.conf
　　docker-ce:
　　　　配置文件：/etc/docker/daemon.json
Docker镜像加速：
　　docker cn
　　阿里云加速器
　　中国科技大学
　　{
　　　　"registry-mirrors": ["https://registry.docker-cn.com"]
　　}
注册阿里云账号,专用加速器地址获得路径：
https://cr.console.aliyun.com/#/accelerator

创建加速docker 镜像加速：

[root@node01 ~]# mkdir /etc/docker
[root@node01 ~]# vi /etc/docker/daemon.json
{
 "registry-mirrors": ["https://registry.docker-cn.com"]
}

启动docker:

[root@node01 ~]# systemctl start docker.service

docker 相关命令：

[root@node01 ~]# docker 

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  builder     Manage builds
  config      Manage Docker configs
  container   Manage containers
  engine      Manage the docker engine
  image       Manage images
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

 docker 拉取镜像文件：

[root@node01 ~]# docker image pull nginx:1.14-alpine
1.14-alpine: Pulling from library/nginx
cd784148e348: Pull complete 
12b08f7ef616: Pull complete 
65071a4e699c: Pull complete 
9936647427be: Pull complete 
Digest: sha256:e3f77f7f4a6bb5e7820e013fa60b96602b34f5704e796cfd94b561ae73adcf96
Status: Downloaded newer image for nginx:1.14-alpine

[root@node01 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx 1.14-alpine c5b6f731fbc0 4 weeks ago 17.7MB

[root@node01 ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
57c14dd66db0: Pull complete
Digest: sha256:7964ad52e396a6e045c39b5a44438424ac52e12e4d5a25d94895f2058cb863a0
Status: Downloaded newer image for busybox:latest

[root@node01 ~]# docker image ls
REPOSITORY  TAG           IMAGE ID            CREATED     SIZE
busybox    latest      3a093384ac30         3 weeks ago   1.2MB
nginx     1.14-alpine  5b6f731fbc0          4 weeks ago   17.7MB

插曲：

centos7 没有ifconfig 命令

[root@node01 ~]# ifconfig 
-bash: ifconfig: command not found
[root@node01 ~]# yum install net-tools -y

[root@node01 ~]# docker network ls
NETWORK ID     NAME   DRIVER   SCOPE
25aa40638951  bridge   bridge  local
f718fe64d2fd  host     host    local
182da0334b8f  none     null    local

[root@node01 ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:53:39:c8:4b txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.55.200 netmask 255.255.255.0 broadcast 192.168.55.255
inet6 fe80::722c:874c:4b62:a09d prefixlen 64 scopeid 0x20<link>
inet6 fe80::db9:8d5c:fdea:9747 prefixlen 64 scopeid 0x20<link>
inet6 fe80::a5eb:cbbe:b661:9e8a prefixlen 64 scopeid 0x20<link>
ether 00:50:56:98:6e:f4 txqueuelen 1000 (Ethernet)
RX packets 46808 bytes 83382354 (79.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 25718 bytes 1963999 (1.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 32 bytes 2592 (2.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32 bytes 2592 (2.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

运行docker：

[root@node01 ~]# docker run --name b1 -it busybox     ###-it 表示交互式，busybox 是镜像名字，b1是容器名字

[root@node01 ~]# docker ps
CONTAINER ID  IMAGE   COMMAND    CREATED        STATUS           PORTS    NAMES
01d04a908b5e  busybox   "sh"    2 minutes ago  Up 2 minutes                 b1

b1 这个容器的ip地址是多少呢？
[root@node01 ~]# docker inspect b1

"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "25aa40638951e65ebb9b86babb7ceb423d3ba7be79aa6066b1730444cfde0f8e",
"EndpointID": "9d78d9f2e22274b296722ccfe8f5d32538759ce84c5fa2a8162439f600a0d244",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}

PID USER TIME COMMAND
1 root 0:00 sh
9 root 0:00 ps
/ # exit
[root@node01 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@node01 ~]# docker ps -a
CONTAINER ID    IMAGE   COMMAND   CREATED        STATUS      ORTS                  NAMES
01d04a908b5e busybox       "sh" 9 minutes ago    Exited (0) 9 seconds ago           b1

[root@node01 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@node01 ~]# docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 11 minutes ago Exited (0) About a minute ago

再次启动容器：

[root@node01 ~]# docker container start --help

Usage: docker container start [OPTIONS] CONTAINER [CONTAINER...]

Start one or more stopped containers

Options:
-a, --attach Attach STDOUT/STDERR and forward signals
--detach-keys string Override the key sequence for detaching a container
-i, --interactive Attach container's STDIN
[root@node01 ~]# docker container start -ai b1
/ # ls
bin dev etc home proc root sys tmp usr var

查看：

[root@node01 ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
01d04a908b5e busybox "sh" 15 minutes ago Up About a minute b1

容器的停止，查看，删除，再查看

[root@node01 ~]# docker container ls 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
01d04a908b5e        busybox             "sh"                19 minutes ago      Up 5 minutes                            b1
[root@node01 ~]# docker container stop b1
b1
[root@node01 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                       PORTS               NAMES
01d04a908b5e        busybox             "sh"                20 minutes ago      Exited (137) 4 seconds ago                       b1
[root@node01 ~]# docker container rm b1
b1
[root@node01 ~]# docker container ls -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@node01 ~]# 

[root@node01 ~]# docker run --name web1 -d nginx:1.14-alpine
4b236dea9d4771e5424e2970fc9bdfbd99e527b3e38e200fb08d541977288afa

假设现在想跑一个redis:

[root@node01 ~]# docker run --name kvstor1 -d redis:4-alpine    ###https://hub.docker.com/
Unable to find image 'redis:4-alpine' locally
4-alpine: Pulling from library/redis
4fe2ade4980c: Pull complete 
fb758dc2e038: Pull complete 
989f7b0c858b: Pull complete 
50b36025d3df: Pull complete 
8d0bfcf36ab8: Pull complete 
5c1333fecc92: Pull complete 
Digest: sha256:83a686210acbcd4d3cb965773ae7a005564796b6281c39d309ef2ceb889e19f9
Status: Downloaded newer image for redis:4-alpine
334be3db178d91515ac245c8d45e18d7ded14ea19e19162bebe5a9294b9d7113

[root@node01 ~]# docker container exec -it kvstor1 /bin/sh
/data # ps
PID USER TIME COMMAND
1 redis 0:00 redis-server
12 root 0:00 /bin/sh
17 root 0:00 ps
/data # netstat -ntl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN
tcp 0 0 :::6379 :::* LISTEN

/data # redis-cli

 查看每个容器的日志：

[root@node01 ~]# docker container logs web1
[root@node01 ~]# docker container logs kvstor1

1:C 22 Jan 15:27:14.116 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 22 Jan 15:27:14.116 # Redis version=4.0.12, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 22 Jan 15:27:14.116 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 22 Jan 15:27:14.117 * Running mode=standalone, port=6379.
1:M 22 Jan 15:27:14.117 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 22 Jan 15:27:14.117 # Server initialized
1:M 22 Jan 15:27:14.117 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 22 Jan 15:27:14.117 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 22 Jan 15:27:14.117 * Ready to accept connections