docker基础造作

docker基础

  • 运行busybox
docker run -d busybox ping baidu.com
  • 查看进程层级关系
[root@master docker]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED              STATUS              PORTS               NAMES
5ce05336bf64        busybox             "ping baidu.com"    About a minute ago   Up About a minute                       compassionate_hawking
[root@master docker]# ps -ef|grep docker
root      1002     1  0 08:33 ?        00:00:45 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --exec-opt native.cgroupdriver=cgroupfs --userland-proxy-path=/usr/libexec/docker/docker-proxy-current --init-path=/usr/libexec/docker/docker-init-current --seccomp-profile=/etc/docker/seccomp.json --selinux-enabled --log-driver=journald --signature-verification=false --storage-driver overlay2
root      1031  1002  0 08:33 ?        00:00:13 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start-timeout 2m --state-dir /var/run/docker/libcontainerd/containerd --shim docker-containerd-shim --runtime docker-runc
root     13555  1031  0 15:02 ?        00:00:00 /usr/bin/docker-containerd-shim-current 5ce05336bf647c5e804587fb28a8533e5d30ce3c8923a64b4eac2d3ec1e79e21 /var/run/docker/libcontainerd/5ce05336bf647c5e804587fb28a8533e5d30ce3c8923a64b4eac2d3ec1e79e21 /usr/libexec/docker/docker-runc-current
root     13740  3697  0 15:03 pts/1    00:00:00 grep --color=auto docker
[root@master docker]# ps -axjf -p 1002
 PPID   PID  PGID   SID TTY      TPGID STAT   UID   TIME COMMAND
    0     2     0     0 ?           -1 S        0   0:00 [kthreadd]
    2     3     0     0 ?           -1 S        0   0:00  \_ [ksoftirqd/0]
    2     6     0     0 ?           -1 S        0   0:00  \_ [kworker/u2:0]
    2     7     0     0 ?           -1 S        0   0:00  \_ [migration/0]
    2     8     0     0 ?           -1 S        0   0:00  \_ [rcu_bh]
    2     9     0     0 ?           -1 R        0   0:00  \_ [rcu_sched]
    2    10     0     0 ?           -1 S        0   0:00  \_ [watchdog/0]
    2    12     0     0 ?           -1 S<       0   0:00  \_ [khelper]
    2    13     0     0 ?           -1 S        0   0:00  \_ [kdevtmpfs]
    2    14     0     0 ?           -1 S<       0   0:00  \_ [netns]
    2    15     0     0 ?           -1 S        0   0:00  \_ [khungtaskd]
    2    16     0     0 ?           -1 S<       0   0:00  \_ [writeback]
    2    17     0     0 ?           -1 S<       0   0:00  \_ [kintegrityd]
    2    18     0     0 ?           -1 S<       0   0:00  \_ [bioset]
    2    19     0     0 ?           -1 S<       0   0:00  \_ [kblockd]
    2    20     0     0 ?           -1 S<       0   0:00  \_ [md]
    2    21     0     0 ?           -1 S        0   0:02  \_ [kworker/0:1]
    2    26     0     0 ?           -1 S        0   0:00  \_ [kswapd0]
    2    27     0     0 ?           -1 SN       0   0:00  \_ [ksmd]
    2    28     0     0 ?           -1 SN       0   0:00  \_ [khugepaged]
    2    29     0     0 ?           -1 S        0   0:00  \_ [fsnotify_mark]
    2    30     0     0 ?           -1 S<       0   0:00  \_ [crypto]
    2    38     0     0 ?           -1 S<       0   0:00  \_ [kthrotld]
    2    40     0     0 ?           -1 S<       0   0:00  \_ [kmpath_rdacd]
    2    41     0     0 ?           -1 S<       0   0:00  \_ [kpsmoused]
    2    42     0     0 ?           -1 S<       0   0:00  \_ [ipv6_addrconf]
    2    62     0     0 ?           -1 S<       0   0:00  \_ [deferwq]
    2    95     0     0 ?           -1 S        0   0:00  \_ [kauditd]
    2   263     0     0 ?           -1 S<       0   0:00  \_ [ata_sff]
    2   284     0     0 ?           -1 S        0   0:00  \_ [scsi_eh_0]
    2   285     0     0 ?           -1 S<       0   0:00  \_ [scsi_tmf_0]
    2   286     0     0 ?           -1 S        0   0:00  \_ [scsi_eh_1]
    2   287     0     0 ?           -1 S        0   0:00  \_ [kworker/u2:2]
    2   288     0     0 ?           -1 S<       0   0:00  \_ [scsi_tmf_1]
    2   289     0     0 ?           -1 S        0   0:00  \_ [scsi_eh_2]
    2   290     0     0 ?           -1 S<       0   0:00  \_ [scsi_tmf_2]
    2   363     0     0 ?           -1 S<       0   0:00  \_ [kdmflush]
    2   364     0     0 ?           -1 S<       0   0:00  \_ [bioset]
    2   375     0     0 ?           -1 S<       0   0:00  \_ [kdmflush]
    2   376     0     0 ?           -1 S<       0   0:00  \_ [bioset]
    2   389     0     0 ?           -1 S<       0   0:00  \_ [xfsalloc]
    2   390     0     0 ?           -1 S<       0   0:00  \_ [xfs_mru_cache]
    2   391     0     0 ?           -1 S<       0   0:00  \_ [xfs-buf/dm-0]
    2   392     0     0 ?           -1 S<       0   0:00  \_ [xfs-data/dm-0]
    2   393     0     0 ?           -1 S<       0   0:00  \_ [xfs-conv/dm-0]
    2   394     0     0 ?           -1 S<       0   0:00  \_ [xfs-cil/dm-0]
    2   395     0     0 ?           -1 S<       0   0:00  \_ [xfs-reclaim/dm-]
    2   396     0     0 ?           -1 S<       0   0:00  \_ [xfs-log/dm-0]
    2   397     0     0 ?           -1 S<       0   0:00  \_ [xfs-eofblocks/d]
    2   398     0     0 ?           -1 S        0   0:06  \_ [xfsaild/dm-0]
    2   487     0     0 ?           -1 S<       0   0:00  \_ [rpciod]
    2   574     0     0 ?           -1 S<       0   0:00  \_ [xfs-buf/sda1]
    2   575     0     0 ?           -1 S<       0   0:00  \_ [xfs-data/sda1]
    2   576     0     0 ?           -1 S<       0   0:00  \_ [xfs-conv/sda1]
    2   577     0     0 ?           -1 S<       0   0:00  \_ [xfs-cil/sda1]
    2   578     0     0 ?           -1 S<       0   0:00  \_ [xfs-reclaim/sda]
    2   579     0     0 ?           -1 S<       0   0:00  \_ [xfs-log/sda1]
    2   580     0     0 ?           -1 S<       0   0:00  \_ [xfs-eofblocks/s]
    2   581     0     0 ?           -1 S        0   0:00  \_ [xfsaild/sda1]
    2  1124     0     0 ?           -1 S<       0   0:00  \_ [nfsd4_callbacks]
    2  1126     0     0 ?           -1 S        0   0:00  \_ [lockd]
    2  1141     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1144     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1148     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1149     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1151     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1154     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1155     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  1157     0     0 ?           -1 S        0   0:00  \_ [nfsd]
    2  2563     0     0 ?           -1 S<       0   0:00  \_ [kworker/0:2H]
    2 14180     0     0 ?           -1 S        0   0:08  \_ [kworker/0:3]
    2 14714     0     0 ?           -1 S        0   0:00  \_ [kworker/0:0]
    2  9579     0     0 ?           -1 S<       0   0:00  \_ [kworker/0:0H]
    2 13467     0     0 ?           -1 S        0   0:00  \_ [kworker/0:2]
    0     1     1     1 ?           -1 Ss       0   0:11 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
    1   468   468   468 ?           -1 Ss       0   0:11 /usr/lib/systemd/systemd-journald
    1   491   491   491 ?           -1 Ss       0   0:00 /usr/sbin/lvmetad -f
    1   497   497   497 ?           -1 Ss       0   0:00 /usr/lib/systemd/systemd-udevd
    1   598   598   598 ?           -1 Ss       0   0:00 /usr/sbin/rpc.idmapd
    1   599   599   599 ?           -1 S<sl     0   0:00 /sbin/auditd
    1   619   619   619 ?           -1 Ss       0   0:00 /usr/lib/systemd/systemd-logind
    1   620   620   620 ?           -1 Ssl    998   0:00 /usr/lib/polkit-1/polkitd --no-debug
    1   622   622   622 ?           -1 Ss      81   0:02 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-ac
    1   624   623   623 ?           -1 S      997   0:00 /usr/sbin/chronyd
    1   626   626   626 ?           -1 Ss      32   0:00 /sbin/rpcbind -w
    1   630   630   630 ?           -1 Ssl      0   0:00 /usr/sbin/NetworkManager --no-daemon
  630 12475 12475   630 ?           -1 S        0   0:00  \_ /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient
    1   662   662   662 ?           -1 Ssl      0   0:00 /usr/sbin/gssproxy -D
    1   682   682   682 ?           -1 Ss       0   0:00 /usr/sbin/crond -n
    1   686   686   686 tty1       686 Ss+      0   0:00 /sbin/agetty --noclear tty1 linux
    1  1000  1000  1000 ?           -1 Ssl      0   0:02 /usr/bin/python -Es /usr/sbin/tuned -l -P
    1  1002  1002  1002 ?           -1 Ssl      0   0:45 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-
 1002  1031  1031  1031 ?           -1 Ssl      0   0:13  \_ /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd
 1031 13555 13555  1031 ?           -1 Sl       0   0:00      \_ /usr/bin/docker-containerd-shim-current 5ce05336bf647c5e804587fb28a853
13555 13566 13566 13566 ?           -1 Ss       0   0:00          \_ ping baidu.com
    1  1003  1003  1003 ?           -1 Ssl      0   0:03 /usr/sbin/rsyslogd -n
    1  1010  1010  1010 ?           -1 Ss      29   0:00 /usr/sbin/rpc.statd
    1  1012  1012  1012 ?           -1 Ss       0   0:00 /usr/sbin/sshd
 1012  2411  2411  2411 ?           -1 Ss       0   0:00  \_ sshd: root@pts/0
 2411  2413  2413  2413 pts/0     3354 Ss       0   0:00  |   \_ -bash
 2413  3354  3354  2413 pts/0     3354 Sl+      0   2:42  |       \_ java -jar jenkins.war --httpPort=8090
 1012  3695  3695  3695 ?           -1 Ss       0   0:00  \_ sshd: root@pts/1
 3695  3697  3697  3697 pts/1    13885 Ss       0   0:00      \_ -bash
 3697 13885 13885  3697 pts/1    13885 R+       0   0:00          \_ ps -axjf -p 1002
    1  1020  1020  1020 ?           -1 Ss       0   0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
 1020  1024  1020  1020 ?           -1 S      995   0:00  \_ nginx: worker process
    1  1026  1026  1026 ?           -1 Ss       0   0:00 /usr/sbin/rpc.mountd
    1  1533  1533  1533 ?           -1 Ss       0   0:00 /usr/libexec/postfix/master -w
 1533  1542  1533  1533 ?           -1 S       89   0:00  \_ qmgr -l -t unix -u
 1533  3949  1533  1533 ?           -1 S       89   0:00  \_ pickup -l -t unix -u
[root@master docker]#
  • Namespaces
    • 命名空间,Linux内核提供的一种对进程资源隔离的机制,例如进程、网络、挂载点等资源。
  • CGroups
    • 控制组,Linux内核提供的一种限制进程资源的机制;例如CPU、内存等资源。
  • UnionFS
    • 联合文件系统,支持将不同位置的目录挂载到同一虚拟文件系统,形成一种分层的模型。

镜像

  • 导入、导出docker镜像
[root@master docker]# docker image  save prom/prometheus:v1.0.1 >  prometheusv1.0.1.tar
[root@master docker]# ls
prometheusv1.0.1.tar
[root@master docker]# docker load < prometheusv1.0.1.tar
Loaded image: prom/prometheus:v1.0.1
  • 导出容器
[root@master docker]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
5ce05336bf64        busybox             "ping baidu.com"    29 minutes ago      Up 29 minutes                           compassionate_hawking
[root@master docker]# docker export 5ce05336bf64 >  busybox.tar
[root@master docker]# ls
busybox.tar  prometheusv1.0.1.tar
  • 导入镜像
[root@master docker]# docker image import busybox.tar
sha256:adf4cc49c966f75a1231a8339bbdc466717210ecbbb4e337953a8c0b4a74efeb
  • 导入并自定义名称和tag
[root@master docker]# docker image import busybox.tar busybox:import
sha256:698d271e727f80212f8aff73b58fc5f10d771890e9c90c0df8df3c708dc5f16c

docker常用命令

  • 常用命令
  • 常用选项

  • --restart
  • 通过–restart选项,可以设置容器的重启策略,以决定在容器退出时Docker守护进程是否重启刚刚退出的容器
  • –restart选项通常只用于detached模式的容器
docker run -d --restart=always busybox
docker run -d --restart=on-failure:10 busybox
  • 查看容器重启信息
# inspect 查看详情
docker inspect 80d4c449db93
# 查看容器重启次数
[root@master docker]# docker inspect -f "{{ .RestartCount }}" 80d4c449db93
0

查看容器最后一次的启动时间
[root@master docker]# docker inspect -f "{{ .State.StartedAt }}" 80d4c449db93
2018-06-17T19:49:31.702103453Z
  • -f 是将docker inspect 容器id查看到的详情format后显示出来

  • --add-host

  • 一个container再启动时,在/etc/hosts文件里面将会存在包括localhost在内的一些hostname信息。我们也可以使用–add-host这个参数来动态添加/etc/hosts里面的数据

[root@master docker]# docker run -ti --add-host gitlab.local.in:192.168.57.40  busybox cat /etc/hosts
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
192.168.57.40	gitlab.local.in
172.17.0.2	a408d1b4d501

挂载

  • -v 挂载目录
[root@master docker]# docker run -it -v /root/docker/test:/data busybox ls  /
bin   data  dev   etc   home  proc  root  run   sys   tmp   usr   var
[root@master docker]# docker run -it -v /root/docker/test:/vol-mount busybox ls  /
bin        etc        proc       run        tmp        var
dev        home       root       sys        usr        vol-mount
  • /root/docker/test本地目录
  • /vol-mount容器目录
# 查看目录挂载
 docker inspect -f {{.Mounts}} df84745f2523
  • -volumes-from授权一个容器访问另一个容器的Volume
# 启动一个容器后台运行 并挂载目录
[root@master docker]# docker run -itd --name vol2 -v /root/docker/test:/data-vol busybox
6c43ee0d968f595f1d0d09f613dc0772ff89eaa94f9f592a0412194834d3f31d
[root@master docker]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
6c43ee0d968f        busybox             "sh"                2 seconds ago       Up 2 seconds                            vol2

# 往挂载目录写入点东西, 写入的是本地目录,已挂载容器一`vol2`
[root@master docker]# echo 333 > test/3.txt
[root@master docker]# cat test/3.txt
333

# 再启动一个容器制定挂载来源容器
[root@master docker]# docker run -it --name vol5 --volumes-from vol2 busybox cat /data-vol/3.txt
333
[root@master docker]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
6c43ee0d968f        busybox             "sh"                3 minutes ago       Up 3 minutes                            vol2
df84745f2523        busybox             "sh"                18 minutes ago      Up 18 minutes                           dreamy_payne

数据卷

  • 创建数据卷
[root@localhost ~]# docker volume create vol1
vol1
[root@localhost ~]# docker volume ls
DRIVER              VOLUME NAME
local               vol1
  • 启动容器制定使用卷
[root@localhost ~]# docker run -itd --name=box1 --mount src=vol1,dst=/vol-1 busybox
Unable to find image 'busybox:latest' locally
latest: Pulling from library/busybox
07a152489297: Pull complete
Digest: sha256:141c253bc4c3fd0a201d32dc1f493bcf3fff003b6df416dea4f41046e0f37d47
Status: Downloaded newer image for busybox:latest
8265e17234d670ca955f495c711b03b1dd72ddfaa52391c574cadeec2d4a27bc
  • 删除卷
[root@localhost ~]# docker container stop box1
box1
[root@localhost ~]# docker container rm box1
box1
[root@localhost ~]# docker volume rm vol1
vol1
  • 如果没有指定卷,自动创建
  • 建议使用—mount,更通用
  • 如果源文件/目录没有存在,不会自动创建,会抛出一个错误。
  • 如果挂载目标在容器中非空目录,则该目录现有内容将被隐藏。

资源销毁

# 停止运行容器
docker stop $(docker ps -aq)
# 删除运行容器
docker rm $(docker ps -aq)
# 清理镜像
docker rmi $(docker ps -aq)