docker 容器
Docker容器类似于一个轻量级的沙箱,Docker利用容器来运行和隔离应用
容器是从镜像创建的应用运行实例。它可以启动,开始,停止,删除,而这些容器都是彼此相互隔离,互不可见的。同时,可以把容器看作一个简易版的linux系统环境(包括root用户权限,进程空间,用户空间,网络空间等)以及运行在其中的应用程序打包而成的盒子。
创建容器常用命令选项
docker 创建容器
创建容器: root@S1:~# docker create alpine e3ddcf97b360624cd6f38b6edf846fac2029c8009c6ca78f5411b52986d55e7e root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e3ddcf97b360 alpine "/bin/sh" 13 seconds ago Created sad_jang 启动容器 root@S1:~# docker start e3ddcf97b360 e3ddcf97b360 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e3ddcf97b360 alpine "/bin/sh" About a minute ago Exited (0) 1 second ago sad_jang 创建并启动容器,一条docker run container 命令的时候,docker后台运行的标准操作: 1.检查本地是否存在指定的镜像,不存在就从公有仓库下载 2.利用镜像创建一个容器,并启动该容器 3.分配一个文件系统给容器,并在只读的镜像层外面挂载一层可读写层 4.从宿主主机配置的网桥接口中桥接一个虚拟接口到容器中去 5.从网桥的地址池配置一个IP地址给容器 6.给执行用户指定的应用程序 7.执行完毕后容器被自动终止 eg: root@S1:~# docker run alpine root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 55c626545c72 alpine "/bin/sh" 2 seconds ago Exited (0) 2 seconds ago stoic_ritchie e3ddcf97b360 alpine "/bin/sh" About a minute ago Exited (0) 32 seconds ago sad_jang 利用docker run alpine 创建交互式bash终端
-i: 以交互模式运行容器,通常与 -t 同时使用;
-t: 为容器重新分配一个伪输入终端,通常与 -i 同时使用
root@S1:~# docker run -it alpine /bin/bash root@S1:~# docker run -it alpine /bin/sh / # ps -ef PID USER TIME COMMAND 1 root 0:00 /bin/sh 6 root 0:00 ps -ef 注意事项:错误代码 125:docker daemon 执行出错,例如指定了不支持的docker 参数 126:所有指令无法执行,例如权限出错 127:容器内命令无法找到 后台启动docker容器 root@S1:~# docker run -it -d alpine /bin/sh 5b1a3e413a68487aa7963274f1438c8c63ecf1fb821994ed3e2959e241ca08c9 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5b1a3e413a68 alpine "/bin/sh" 3 seconds ago Up 2 seconds pensive_heyrovsky
docker创建容器常用参数命令
-h 指定容器 hostname root@S1:~# docker run -it -h web01 alpine /bin/sh / # hostname web01 --name 指定容器名称 root@S1:~# docker run -it -d -h nginx-web --name nginx-web alpine /bin/sh 0eb95f85ec984a8872ee5a2b12f1b02d7eff34801e217fac1d82b3991d0b6226 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 0eb95f85ec98 alpine "/bin/sh" 2 seconds ago Up 2 seconds nginx-web -p ip:port : port root@S1:~# docker run -it -d -h mysql01 -p 127.0.0.1:3306:3306 --name mysql01 mysql /bin/sh 263b7ed4038d6d9f41e6a88560c72322a3dd5db5b7a56d67a11122adef731f56 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 263b7ed4038d mysql "docker-entrypoint.s…" 3 seconds ago Up 2 seconds 127.0.0.1:3306->3306/tcp, 33060/tcp mysql01 0eb95f85ec98 alpine "/bin/sh" 4 minutes ago Up 4 minutes nginx-web root@S1:~# netstat -tnlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 8121/docker-proxy tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 846/sshd -P 随机映射端口主机 root@S1:~# docker run -it -d -h mysql02 -P --name mysql02 mysql /bin/sh c8170d5fbb1825d0412155388a4defecaf6ca45b6f48d50681be584f5cb438cd root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c8170d5fbb18 mysql "docker-entrypoint.s…" 3 seconds ago Up 2 seconds 0.0.0.0:32769->3306/tcp, 0.0.0.0:32768->33060/tcp mysql02 root@S1:~# netstat -tnlp Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp6 0 0 :::32768 :::* LISTEN 8386/docker-proxy tcp6 0 0 :::32769 :::* LISTEN 8398/docker-proxy 如果在执行run命令时没有指定-a,那么docker默认会挂载所有标准数据流,包括输入输出和错误。你可以特别指定挂载哪个标准流。 root@S1:~# docker run -a stdin -a stdout -it ubuntu /bin/sh 只挂载了标准输入和标准输出 一般这个选项不经常用 -e 指定参数(环境变量) root@S1:~# docker run -d --name web -e test=test01 -p 88:80 -h web nginx 4faf1e7d69b4d751eaca37d1992991cddc07b948631dc31d1e70ab891b2f1e40 root@S1:~# root@S1:~# docker ps -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4faf1e7d69b4 nginx "nginx -g 'daemon of…" 14 seconds ago Up 13 seconds 0.0.0.0:88->80/tcp web root@S1:~# docker exec -it web /bin/bash root@web:/# echo $test test01 --link 容器之间的连接地址 root@S1:~# docker run -it -d --name test01 ubuntu /bin/bash 239115eedf1f899532387fa5536cc337684a7cd7c19ceea5d44d67023e8c581e root@S1:~# docker run -it -d --name test02 --link test01 ubuntu /bin/bash a1485616496fe8530e373f1cb992a3a407d5cf37e2ea353b9b51f9a8ccdf47ec root@S1:~# docker exec -it test02 /bin/bash root@a1485616496f:/# ping test01 PING test01 (172.17.0.2): 56 data bytes 64 bytes from 172.17.0.2: icmp_seq=0 ttl=64 time=0.116 ms 64 bytes from 172.17.0.2: icmp_seq=1 ttl=64 time=0.088 ms ^C--- test01 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.088/0.102/0.116/0.000 ms root@a1485616496f:/#
管理容器常用命令
列出所有容器 root@S1:~# docker container ls CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a1485616496f ubuntu "/bin/bash" 6 minutes ago Up 6 minutes test02 239115eedf1f ubuntu "/bin/bash" 6 minutes ago Up 6 minutes test01 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a1485616496f ubuntu "/bin/bash" 6 minutes ago Up 6 minutes test02 239115eedf1f ubuntu "/bin/bash" 6 minutes ago Up 6 minutes test01 进入正在运行的容器 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3845f0c67437 ubuntu "/bin/bash" 2 seconds ago Up 1 second test02 21466d64e370 ubuntu "/bin/bash" 6 seconds ago Up 5 seconds test01 root@S1:~# docker attach test01 root@21466d64e370:/# exit exit root@S1:~# docker exec -it test02 /bin/bash root@3845f0c67437:/# exit exit root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3845f0c67437 ubuntu "/bin/bash" 24 seconds ago Up 24 seconds test02 21466d64e370 ubuntu "/bin/bash" 28 seconds ago Exited (0) 16 seconds ago test01 root@S1:~# 观察以上两种进入容器的方式: attach :进入容器 退出后 容器后退出,并且如果多个终端使用attach 进入容器,界面上会同时输出相同的内容,所以我们工作过程中一般都是用exec的方式进入终端
docker commit
root@S1:~# docker commit --help Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] Create a new image from a container's changes Options: -a, --author string 提交者的镜像作者 -c, --change list 使用Dockerfile指令来创建镜像 -m, --message string 提交时的说明文字 -p, --pause 在commit时,将容器暂停 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3845f0c67437 ubuntu "/bin/bash" 21 minutes ago Up 17 minutes test02 21466d64e370 ubuntu "/bin/bash" 21 minutes ago Up 17 minutes test01 root@S1:~# docker commit -p -a zzl -m "add file" 21466d64e370 ubuntu_file sha256:a48bd97b8d36091395e839cd2971f3b642ffc21668d8dda029ed5b1e777367c0 root@S1:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE ubuntu_file latest a48bd97b8d36 10 seconds ago 88.9MB
docker cp:
docker cp命令类似于UNIX中的cp -a命令,递归复制目录下的所有子目录和文件
-表示通过标准输入/输出设备以流的方式读取或写入tar文件
本地文件系统中的路径可以是绝对路径,也可以是相对路径,相对于当前命令执行的路径
容器中的路径都是相对容器的/根路径
被操作的容器可以是在运行状态,也可以是停止状态
不能复制/proc, /sys, /dev, tmpfs和容器中mount的路径下的文件
-表示通过标准输入/输出设备以流的方式读取或写入tar文件
本地文件系统中的路径可以是绝对路径,也可以是相对路径,相对于当前命令执行的路径
容器中的路径都是相对容器的/根路径
被操作的容器可以是在运行状态,也可以是停止状态
不能复制/proc, /sys, /dev, tmpfs和容器中mount的路径下的文件
root@S1:~# docker cp --help Usage: docker cp [OPTIONS] CONTAINER:SRC_PATH DEST_PATH|- 从容器中复制文件或目录到执行命令所在机器的指定路径 docker cp [OPTIONS] SRC_PATH|- CONTAINER:DEST_PATH 从执行命令所在的机器复制文件或目录到容器内部的指定路径 Copy files/folders between a container and the local filesystem 在容器和本地文件系统之间复制文件/文件夹 Options: -a, --archive Archive mode (copy all uid/gid information) 归档模式(复制所有UID / GID信息) -L, --follow-link Always follow symbol link in SRC_PATH 总是跟在源地址符号链接 root@S1:~# docker cp /data/ 21466d64e370:/home root@S1:~# docker exec -it 21466d64e370 /bin/bash root@21466d64e370:/# ls /home/ data root@21466d64e370:/# ls /home/data/ 02 test01 root@21466d64e370:/# ls /home/data/test01/ 01 02 root@21466d64e370:/# exit exit root@S1:~# docker cp 21466d64e370:/home/data/test01 /home root@S1:~# tree /home/ /home/ └── test01 ├── 01 └── 02 1 directory, 2 files
查看容器日志: docker logs
root@S1:~# docker logs --help Usage: docker logs [OPTIONS] CONTAINER Fetch the logs of a container Options: --details 显示更多的详细信息 -f, --follow 跟踪实时日志,相当于查看文件的tail -f 命令 --since string Show logs since timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes) 显示自某个timestamp之后的日志,或相对时间,如42m(即42分钟) --tail string Number of lines to show from the end of the logs (default "all") 从日志末尾显示多少行日志, 默认是all -t, --timestamps Show timestamps 显示时间戳 --until string Show logs before a timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes) 显示自某个timestamp之前的日志,或相对时间,如42m(即42分钟) 指定时间后的日志,只显示2行: root@S1:~# docker logs -f -t --since="2019-04-08" --tail=2 041f78444522 2019-04-09T11:09:22.934492726Z 222.129.12.90 - - [09/Apr/2019:11:09:22 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" "-" 2019-04-09T11:09:24.627818454Z 222.129.12.90 - - [09/Apr/2019:11:09:24 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" "-" 查看最近多久的日志: root@S1:~# docker logs --since 1m 041f78444522 root@S1:~# root@S1:~# docker logs --since 4m 041f78444522 222.129.12.90 - - [09/Apr/2019:11:09:22 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" "-" 222.129.12.90 - - [09/Apr/2019:11:09:24 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" "-" 查看某一个时间以后的日志: docker logs -t --since="2019-04-09T19:08:00" 041f78444522 查看某一个时间段的日志: docker logs -t --since="2019-04-09T19:08:00" --until "2019-04-09T19:16:00" 041f78444522
查看容器:docker top ,docker stat,docker inspect
docker top:这个命令类似于linux系统中的top命令,会打印出容器内的进程信息,包括PID,用户,时间,命令等
root@S1:~# docker top web02 UID PID PPID C STIME TTY TIME CMD root 4682 4663 0 19:00 ? 00:00:00 nginx: master process nginx -g daemon off; systemd+ 4718 4682 0 19:00 ? 00:00:00 nginx: worker process
docker stats:会显示cpu,内存,存储,网络等使用情况的统计信息
root@S1:~# docker stats --help Usage: docker stats [OPTIONS] [CONTAINER...] Display a live stream of container(s) resource usage statistics Options: -a, --all 展示所有的容器统计信息,默认仅展示运行中的。 --format string 格式化输出信息 --no-stream 不持续输出结果,默认会自动更新持续刷新结果 --no-trunc 不截断输出信息, root@S1:~# docker stats --all --no-stream --format "table {{.Container}} {{.CPUPerc}} {{.MemUsage}}" web02 CONTAINER CPU % MEM USAGE / LIMIT web02 0.00% 1.379MiB / 7.796GiB root@S1:~# docker stats --all --no-stream --no-trunc web02 CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd web02 0.00% 1.379MiB / 7.796GiB 0.02% 23.1kB / 16.9kB 0B / 0B 2
docker inspect :查看容器的具体信息,会以json格式返回包括容器id,创建时间,路径,状态,镜像,配置等在内的各项信息。
root@S1:~# docker inspect web02 [ { "Id": "041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd", "Created": "2019-04-09T11:00:48.284799764Z", "Path": "nginx", "Args": [ "-g", "daemon off;" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 4682, "ExitCode": 0, "Error": "", "StartedAt": "2019-04-09T11:00:48.686519835Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:2bcb04bdb83f7c5dc30f0edaca1609a716bda1c7d2244d4f5fbbdfef33da366c", "ResolvConfPath": "/var/lib/docker/containers/041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd/resolv.conf", "HostnamePath": "/var/lib/docker/containers/041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd/hostname", "HostsPath": "/var/lib/docker/containers/041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd/hosts", "LogPath": "/var/lib/docker/containers/041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd/041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd-json.log", "Name": "/web02", "RestartCount": 0, "Driver": "overlay2", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "docker-default", "ExecIDs": null, "HostConfig": { "Binds": null, "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "default", "PortBindings": { "80/tcp": [ { "HostIp": "", "HostPort": "8000" } ] }, "RestartPolicy": { "Name": "no", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "shareable", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": [], "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DiskQuota": 0, "KernelMemory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": 0, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": [ "/proc/asound", "/proc/acpi", "/proc/kcore", "/proc/keys", "/proc/latency_stats", "/proc/timer_list", "/proc/timer_stats", "/proc/sched_debug", "/proc/scsi", "/sys/firmware" ], "ReadonlyPaths": [ "/proc/bus", "/proc/fs", "/proc/irq", "/proc/sys", "/proc/sysrq-trigger" ] }, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/4c7f2ac8bf897e6332a8c6a3047f445404927bd09e83a7b27a04f1cc05344681-init/diff:/var/lib/docker/overlay2/9ca2d931df59289149c6b44a79f56f8062b13a7b25e59ef7beb536e0549d4903/diff:/var/lib/docker/overlay2/2ef3c325706f26099a8587acfc86ed12f1fa1caf2f2d80f47cda4376352c7208/diff:/var/lib/docker/overlay2/395f2e0d9649aafaf32df2a7bae0789b52998e1b1c5244a100e4a05ef7ca1645/diff", "MergedDir": "/var/lib/docker/overlay2/4c7f2ac8bf897e6332a8c6a3047f445404927bd09e83a7b27a04f1cc05344681/merged", "UpperDir": "/var/lib/docker/overlay2/4c7f2ac8bf897e6332a8c6a3047f445404927bd09e83a7b27a04f1cc05344681/diff", "WorkDir": "/var/lib/docker/overlay2/4c7f2ac8bf897e6332a8c6a3047f445404927bd09e83a7b27a04f1cc05344681/work" }, "Name": "overlay2" }, "Mounts": [], "Config": { "Hostname": "web02", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "80/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.15.10-1~stretch", "NJS_VERSION=1.15.10.0.3.0-1~stretch" ], "Cmd": [ "nginx", "-g", "daemon off;" ], "ArgsEscaped": true, "Image": "nginx", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>" }, "StopSignal": "SIGTERM" }, "NetworkSettings": { "Bridge": "", "SandboxID": "f4e4797bec40962423f65407c89766d857fea447d52a7ade8cfe5aaf20858061", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": { "80/tcp": [ { "HostIp": "0.0.0.0", "HostPort": "8000" } ] }, "SandboxKey": "/var/run/docker/netns/f4e4797bec40", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "f77a0b8bb56d8015db589406b5dfd0b3ba0fa80909534f557bc1e7add35f3897", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.3", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "02:42:ac:11:00:03", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "23bf65ad51ee330fd8c1b980da68b6cc2cd72ebb95a3c4b0782227fae94fc8f6", "EndpointID": "f77a0b8bb56d8015db589406b5dfd0b3ba0fa80909534f557bc1e7add35f3897", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.3", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:03", "DriverOpts": null } } } } ]
停止容器 :docker pause/unpause ,stop,start, restart,prune
root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 41 minutes ago Up 41 minutes 0.0.0.0:8000->80/tcp web02 #暂停运行着的容器 root@S1:~# docker pause web02 web02 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 41 minutes ago Up 41 minutes (Paused) 0.0.0.0:8000->80/tcp web02 #恢复暂停时的容器为运行状态 root@S1:~# docker unpause web02 web02 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 41 minutes ago Up 41 minutes 0.0.0.0:8000->80/tcp web02 关闭正在运行的状态,该命令首先向容器放送一个SIGTERM信号,等待一段时间后(默认是10秒),在发送SIGKILL信号,来终止运行 root@S1:~# docker stop web02 web02 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 41 minutes ago Exited (0) 2 seconds ago web02 启动已经停止的容器 root@S1:~# docker start web02 web02 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 42 minutes ago Up 2 seconds 0.0.0.0:8000->80/tcp web02 也可以重启 root@S1:~# docker restart web02 web02 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 041f78444522 nginx "nginx -g 'daemon of…" 43 minutes ago Up 2 seconds 0.0.0.0:8000->80/tcp web02 该命令会擦除所有停止的容器 root@S1:~# docker container prune WARNING! This will remove all stopped containers. Are you sure you want to continue? [y/N] y Deleted Containers: 041f78444522e966db1799939d6f4d3214211e175169c467f9fd2a274e5a3dfd Total reclaimed space: 0B root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES root@S1:~#
删除容器:docker rm
root@S1:~# docker rm --help Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...] Remove one or more containers Options: -f, --force 强制终止并删除一个正在运行中的容器,也就是docker直接发送SIGKILL信号 -l, --link 删除容器的连接,但是保留容器 -v, --volumes 删除容器挂载的数据卷 root@S1:~# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ae42c0f6014c nginx "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 0.0.0.0:8000->80/tcp web02 root@S1:~# docker rm ae Error response from daemon: You cannot remove a running container ae42c0f6014c80efa723938238a33e1c0f15197f04e442daff01d4c45edad5de. Stop the container before attempting removal or force remove root@S1:~# docker rm -f ae ae
像以上这种命令还有很多,附上官网连接地址:https://docs.docker.com/engine/reference/run/
容器资源限制
内存限定示例:
--memory 限制容器使用内存为512m 可使用交换分区为612-512=100m 禁用oom-kill root@S1:~# docker run -d --name web01 --memory="512m" --memory-swap="612m" --oom-kill-disable nginx 81cb2576b8591a20b42a276bd8cef76d62836c5ee8df701e4cd223ec396348ba 可使用交换分区为0M root@S1:~# docker run -d --name web02 --memory="512m" --memory-swap="512m" --oom-kill-disable nginx 2763ef83db8ef343e73dc34a8067cb703887728b955bb14af63ae029258c701e 不设置交换分区 是指可以使用交换分区为限定内存的2倍 root@S1:~# docker run -d --name web03 --memory="512m" --oom-kill-disable nginx 5a99b7a49796ce4db884ad66f13b3665c950336180dea616cc39788e05afbc01 不限制使用内存 root@S1:~# docker run -d --name web04 nginx 952cc1ee0a2f199b2bab2a188eecbfcafd65bcaac728ddd6393ac21fd412c433 root@S1:~# docker stats --no-stream CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS 952cc1ee0a2f web04 0.00% 1.352MiB / 7.796GiB 0.02% 0B / 0B 0B / 0B 2 5a99b7a49796 web03 0.00% 2.359MiB / 512MiB 0.46% 0B / 0B 0B / 0B 2 2763ef83db8e web02 0.00% 2.156MiB / 512MiB 0.42% 0B / 0B 0B / 0B 2 81cb2576b859 web01 0.00% 2.273MiB / 512MiB 0.44% 0B / 0B 0B / 0B 2
cpu限定示例:
限定容器最多使用一个半的cpu root@S1:~# docker run -d --name web05 --cpus="1.5" nginx a2dbd9b0cdf75d3aa9eedda45e16fd7a0eb47567302aa612fe6481eb9696257c 限定容器最多使用百分之50的cpu root@S1:~# docker run -d --name web06 --cpus=".5" nginx 7cd4a8f72f8dc77998f6b190c7ecc8f0df6fd86d59c096d1c00e9eedf6fe12ab