一、配置 docker
本地源
[docker-ce-stable]
name=Docker CE Stable
baseurl=http://10.35.186.181/docker-ce-stable/
enabled=1
gpgcheck=0
配置阿里云Docker Yum源yum install -y yum-utils device-mapper-persistent-data lvm2 git
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2、安装完成后启动
bash
启动Docker服务:
#systemctl enable docker
#systemctl start docker
查看Docker版本
[root@localhost ~]# docker -v
Docker version 27.0.3, build 7d4bcd8
[root@localhost ~]# docker version
Client: Docker Engine - Community
Version: 27.0.3
API version: 1.46
Go version: go1.21.11
Git commit: 7d4bcd8
Built: Sat Jun 29 00:04:07 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.0.3
API version: 1.46 (minimum version 1.24)
Go version: go1.21.11
Git commit: 662f78c
Built: Sat Jun 29 00:02:31 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.18
GitCommit: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc:
Version: 1.7.18
GitCommit: v1.1.13-0-g58aa920
docker-init:
Version: 0.19.0
GitCommit: de40ad0
bash
查看docker运行状态
[root@localhost ~]# docker info
Client: Docker Engine - Community
Version: 27.0.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.15.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.28.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 4
Running: 0
Paused: 0
Stopped: 4
Images: 2
Server Version: 27.0.3
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: ae71819c4f5e67bb4d5ae76a6b735f29cc25774e
runc version: v1.1.13-0-g58aa920
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 5.14.0-427.13.1.el9_4.x86_64
Operating System: Rocky Linux 9.4 (Blue Onyx)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.703GiB
Name: localhost.localdomain
ID: bc83f6a9-af90-4cbf-aaad-f9025ff827e2
Docker Root Dir: /docker-data
Debug Mode: false
Username: fucancan987
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://do.nark.eu.org/
https://dc.j8.work/
https://pilvpemn.mirror.aliyuncs.com/
https://docker.m.daocloud.io/
https://dockerproxy.com/
https://docker.mirrors.ustc.edu.cn/
https://docker.nju.edu.cn/
Live Restore Enabled: false
3、生产 doker 的配置环境(加入多个国内镜像源)
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [
"https://pilvpemn.mirror.aliyuncs.com",
"https://docker.m.daocloud.io",
"https://docker.mirrors.ustc.edu.cn",
],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
#注意:一定注意编码问题,出现错误---查看命令:journalctl -amu docker 即可发现错误
4、登入登出 docker hub
bash
[root@localhost ~]# docker login
Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to er.com/ to create one.
You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is requitions using SSO. Learn more at https://docs.docker.com/go/access-tokens/
Username: fucancan987
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores
Login Succeeded
[root@localhost ~]# docker logout
Removing login credentials for https://index.docker.io/v1/
5、配置数据存放位置
vim /usr/lib/systemd/system/docker.service
[Service]
Type=notify
the default is not to use systemd for cgroups because the delegate issues still
exists and systemd currently does not support the cgroup feature set required
for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --data-root=/docker-data #加入此参数可以设定docker的文件目录位置,如果没有需要创建
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
配置保存完毕后需要初始化
systemctl daemon-reload
二、docker 操作
1、查看当前 docker 镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
rockylinux latest 210996f98b85 2 years ago 205MB
2、运行 docker 镜像
直接运行容器,推出后容器就会关闭
bash
[root@localhost ~]# docker run -it rockylinux:latest /bin/bash
[root@5228639101f2 /]# ping www.baidu.com
PING www.a.shifen.com (183.2.172.185) 56(84) bytes of data.
64 bytes from 183.2.172.185 (183.2.172.185): icmp_seq=1 ttl=127 time=42.1 ms
64 bytes from 183.2.172.185 (183.2.172.185): icmp_seq=2 ttl=127 time=74.3 ms
^C
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 42.088/58.207/74.326/16.119 ms
[root@5228639101f2 /]# exit
exit
-d 后台运行容器
bash
[root@localhost ~]# docker run -itd rockylinux:latest /bin/bash
93d642bf9d8d28206ffdf0f8ae3a8febc415d7428b28a89743c5804521327086
[root@localhost ~]# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93d642bf9d8d rockylinux:latest "/bin/bash" 59 seconds ago Up 58 seconds sharp_hertz
[root@localhost ~]# docker attach sharp_hertz
[root@93d642bf9d8d /]# exit
exit
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 12 minutes ago Up 12 minutes wizardly_ganguly
[root@localhost ~]# docker exec -it b46abdcb5d30 /bin/bash
3、停止 、删除 docker 镜像 stop rm
bash
[root@localhost docker-data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 42 minutes ago Up 42 minutes wizardly_ganguly
[root@localhost docker-data]# docker stop b46abdcb5d30
b46abdcb5d30
[root@localhost docker-data]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker-data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46abdcb5d30 rockylinux:latest "/bin/bash" 43 minutes ago Exited (0) 13 seconds ago wizardly_ganguly
93d642bf9d8d rockylinux:latest "/bin/bash" 47 minutes ago Exited (0) 43 minutes ago sharp_hertz
5228639101f2 rockylinux:latest "/bin/bash" 48 minutes ago Exited (0) 47 minutes ago agitated_wu
f888743a2d22 rockylinux "/bin/bash" 5 hours ago Exited (127) 5 hours ago admiring_goldstine
2ea9b1b927ad nginx "/docker-entrypoint...." 5 hours ago Exited (0) 5 hours ago some-nginx
04c1365e723c nginx:latest "/docker-entrypoint...." 5 hours ago Exited (127) 5 hours ago confident_lamarr
a3cc60263ed6 nginx:latest "/docker-entrypoint...." 5 hours ago Exited (0) 5 hours ago cranky_lamport
[root@localhost docker-data]# docker rm b46abdcb5d30
b46abdcb5d30
[root@localhost docker-data]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
93d642bf9d8d rockylinux:latest "/bin/bash" 47 minutes ago Exited (0) 44 minutes ago sharp_hertz
5228639101f2 rockylinux:latest "/bin/bash" 48 minutes ago Exited (0) 48 minutes ago agitated_wu
f888743a2d22 rockylinux "/bin/bash" 5 hours ago Exited (127) 5 hours ago admiring_goldstine
2ea9b1b927ad nginx "/docker-entrypoint...." 5 hours ago Exited (0) 5 hours ago some-nginx
04c1365e723c nginx:latest "/docker-entrypoint...." 5 hours ago Exited (127) 5 hours ago confident_lamarr
a3cc60263ed6 nginx:latest "/docker-entrypoint...." 5 hours ago Exited (0) 5 hours ago cranky_lamport
[root@localhost docker-data]#
3、将 docker 镜像打包到本地 docker save
[root@localhost ~]# docker save rockylinux:latest > rockylinux_93.tar.gz
[root@localhost ~]# ls
rockylinux_93.tar.gz
4 、导入本地 docker 包
[root@localhost ~]# docker load -i rockylinux_93.tar.gz
65dbea0a4b39: Loading layer [==================================================>] 211.3MB/211.3MB
Loaded image: rockylinux:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rockylinux latest 210996f98b85 2 years ago 205MB
三、上传镜像
1、dockerhub 创建账户,创建一个镜像仓库
1.1 创建 tag 名
docker tag REPOSITORY:TAG your REPOSITORY:new tag
打一个 tag,告诉是你自己创建的镜像空间下的
[root@localhost docker-data]# docker tag rockylinux:9.3 fucancan987/practice:9.3
[root@localhost docker-data]# docker login
Log in with your Docker ID or email address to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com/ to create one.
You can log in with your password or a Personal Access Token (PAT). Using a limited-scope PAT grants better security and is required for organizations using SSO. Learn more at https://docs.docker.com/go/access-tokens/
Username: fucancan987
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores
Login Succeeded
[root@localhost docker-data]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
practice 9.3 da8f2a99cf39 2 weeks ago 583MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
rockylinux latest 210996f98b85 2 years ago 205MB
推送到自己的镜像仓库
[root@localhost docker-data]# docker push practice:9.3
The push refers to repository [docker.io/library/practice]
44343de3ea1d: Preparing
denied: requested access to the resource is denied
第一次默认推送推送失败,因为推送的命名空间是library,lirary是公共的、命名空间,没有推送的权限
[root@localhost docker-data]# docker push fucancan987/practice:9.3
The push refers to repository [docker.io/fucancan987/practice]
docker tag [IMAGE] 镜像仓库名/命名空间/REPOSITORY:【镜像版本号,可自定义】 ##打 tag
docker push 镜像仓库名/命名空间/REPOSITORY:【镜像版本号,可自定义】 ##上传
docker pull REPOSITORY:【镜像版本号,可自定义】 ##拉取
四、镜像管理
1、查找镜像 docker search image_name 【-f stars=number】
bash
[root@localhost ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL
centos DEPRECATED; The official build of CentOS. 7744 [OK]
kasmweb/centos-7-desktop CentOS 7 desktop for Kasm Workspaces 45
rancher/os-centosconsole 0
bellsoft/liberica-openjdk-centos Liberica is a 100% open-source Java implemen... 4
bellsoft/liberica-openjre-centos Liberica is a 100% open-source Java implemen... 3
bitnami/centos-base-buildpack Centos base compilation image 0
kasmweb/core-centos-7 CentOS 7 base image for Kasm Workspaces 6
rancher/vm-centos 0
dokken/centos-7 CentOS 7 image for kitchen-dokken 10
spack/centos7 CentOS 7 with Spack preinstalled 2
dokken/centos-8 CentOS 8 image for use with Test Kitchen's k... 6
dokken/centos-6 EOL: CentOS 6 image for kitchen-dokken 0
dokken/centos-stream-8 EOL: CentOS Stream 8 image for use with Test... 5
ustclug/centos Official CentOS Image with USTC Mirror 0
dokken/centos-stream-9 CentOS Stream 9 image for use with Test Kitc... 10
atlas/centos7-atlasos ATLAS CentOS 7 Software Development OS 3
codecentric/springboot-maven3-centos STI builder image for building and running m... 13
spack/centos6 CentOS 6 with Spack preinstalled 1
apache/couchdbci-centos Apache CouchDB CI CentOS 0
vespaengine/vespa-build-centos7 Docker image for building Vespa on CentOS 7. 0
eclipse/centos_jdk8 CentOS, JDK8, Maven 3, git, curl, nmap, mc, ... 5
corpusops/centos centos corpusops baseimage 0
corpusops/centos-bare https://github.com/corpusops/docker-images/ 0
cincproject/omnibus-centos CentOS Omnibus builder 0
starlingx/stx-centos StarlingX is an open source distributed clou... 0
##过滤点赞数大于100的镜像源
[root@localhost ~]# docker search centos -f stars=100
NAME DESCRIPTION STARS OFFICIAL
centos DEPRECATED; The official build of CentOS. 7744 [OK]
2、查看当前服务器镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
bash
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
bash
[root@localhost ~]# docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 8.4 da8f2a99cf39 2 weeks ago 583MB
mysqltest 8.4 da8f2a99cf39 2 weeks ago 583MB
mysql 8.0.38 6c54cbcf775a 2 weeks ago 572MB
test latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice nginx fffffc90d343 3 weeks ago 188MB
nginx latest fffffc90d343 3 weeks ago 188MB
fucancan987/practice 9.3 9cc24f05f309 7 months ago 176MB
practice 9.3 9cc24f05f309 7 months ago 176MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
rockylinux latest 210996f98b85 2 years ago 205MB
3、拉取镜像信息 docker pull image_name:tagname
4、查看镜像详细信息 docker inspect image_name:tagname
5、删除镜像 docker rmi REPOSITORY:tagnam
有容器还在使用镜像会出现无法删除,此时需要强制删除镜像,删除过后,镜像释放自动清空
docker rmi -f REPOSITORY:tagname
6、删除所有镜像 docker rmi $(docker images -q)
bash
显示所有的镜像id
[root@localhost ~]# docker images -q
da8f2a99cf39
da8f2a99cf39
6c54cbcf775a
fffffc90d343
fffffc90d343
fffffc90d343
9cc24f05f309
9cc24f05f309
9cc24f05f309
210996f98b85