Docker1-容器内核-CSDN博客
前两章节见Docker1
3、容器的应用工具
3.1 docker (重点内容 命令)
docker架构及部署
docker容器应用在任何场景
生态架构
docker最核心的额三大组件 镜像、仓库和容器
前期k8s需要更新api且滞后swarm(docker公司)一个版本
containerd开源后 直接对接containerd
1.24版本不再支持docker
1.24不支持后 仍然想使用docker 需要cri-docker中间件
docker host
用于安装Docker daemon的主机,即为Docker Host,并且该主机中可基于容器镜像运行容器。
docker daemon
用于管理Docker Host中运行的容器、容器镜像、容器网络等,管理由Containerd.io提供的容器,
Registry 仓库
容器镜像仓库,用于存储已生成容器运行模板的仓库,用户使用时,可直接从容器镜像仓库中下载容器
镜像,即容器运行模板,就可以运行容器镜像中包含的应用了。例如:Docker Hub,也可以使用Harbor实
现企业私有的容器镜像仓库。docker client
Docker Daemon客户端工具,用于同Docker Daemon进行通信,执行用户指令,可部署在Docker
Host上,也可以部署在其它主机,能够连接到Docker Daemon即可操作。
image 镜像
把应用运行环境及计算资源打包方式生成可再用于启动容器的不可变的基础设施的模板文件,主要用于
基于其启动一个容器。
container 容器
由容器镜像生成,用于应用程序运行的环境,,包含容器镜像中所有文件及用户后添加的文件,属于基
于容器镜像生成的可读写层,这也是应用程序活跃的空间,
docker dashboard
仅限于MAC与Windows操作系统上安装使用。
Docker Dashboard 提供了一个简单的界面,使您能够直接从机器管理容器、应用程序和镜像,而无需
使用 CLI来执行核心操作。
docker部署
1:前置环境包安装
yum-utils
YUM 扩展工具,提供软件源管理、清理旧包等功能。
device-mapper-persistent-data
存储设备映射工具,用于管理磁盘分区和快照的元数据。
lvm2
逻辑卷管理器,支持动态调整磁盘分区大小。
bash
[root@centen7-10-hehe ~ 12:03:30]$ yum install -y yum-utils device-mapper-persistent-data lvm22:设置阿里云镜像源
bash
设置阿里云镜像源
[root@centen7-10-hehe ~ 14:51:11]$ yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
已加载插件:fastestmirror, langpacks
adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo3:安装docker-ce
bash
[root@centen7-10-hehe ~ 12:03:30]$ yum install -y docker-ce
验证 /etc下面有docker文件 但是目前为空
[root@centen7-10-hehe ~ 14:56:08]$ cd /etc/docker/
网卡也无docker网卡
[root@centen7-10-hehe docker 14:57:23]$ ll
总用量 0
[root@centen7-10-hehe docker 14:57:24]$ ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.8.10 netmask 255.255.255.0 broadcast 10.1.8.255
inet6 fe80::5b71:f571:b35:78a8 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:3f:a3:aa txqueuelen 1000 (Ethernet)
RX packets 97009 bytes 128697804 (122.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 41722 bytes 3144999 (2.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:46:6e:e1 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
启动docker
[root@centen7-10-hehe docker 14:58:22]$ systemctl enable --now docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
网卡验证 有docker0网桥
[root@centen7-10-hehe docker 14:59:35]$ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:14:bd:e2:6f txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.8.10 netmask 255.255.255.0 broadcast 10.1.8.255
......网桥作用 使容器通过网桥连接到外网 需要docker0连接nat网
4:镜像加速 (国内镜像源)
bash
[root@centen7-10-hehe docker 14:59:39]$ vim /etc/docker/daemon.json
{
"registry-mirrors": [
"https://do.nark.eu.org",
"https://dc.j8.work",
"https://docker.m.daocloud.io",
"https://dockerproxy.com",
"https://docker.mirrors.ustc.edu.cn",
"https://docker.nju.edu.cn",
"https://registry.docker-cn.com",
"https://hub-mirror.c.163.com",
"https://hub.uuuadc.top",
"https://docker.anyhub.us.kg",
"https://dockerhub.jobcher.com",
"https://dockerhub.icu",
"https://docker.ckyl.me",
"https://docker.awsl9527.cn",
"https://mirror.baidubce.com",
"https://docker.1panel.live"
]
}
重启服务
[root@centen7-10-hehe docker 15:04:54]$ systemctl restart docker5:启用数据包转发功能
bash
[root@centen7-10-hehe docker 15:05:15]$ vim /etc/sysctl.conf
net.ipv4.ip_forward=16:启动docker服务 (已启动忽略)
bash
systemctl enable docker --now
拉去nginx测试
[root@centen7-10-hehe docker 15:06:43]$ docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
3da95a905ed5: Pull complete
037111f539a0: Pull complete
1e537b66692c: Pull complete
d3618cedc15e: Pull complete
63b1ad245775: Pull complete
40c013bb3d47: Pull complete
ec5daaed1d0a: Pull complete
Digest: sha256:f5c017fb33c6db484545793ffb67db51cdd7daebee472104612f73a85063f889
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@centen7-10-hehe docker 15:07:05]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 22bd15417453 6 days ago 192MB7:查看docker版本
bash
[root@centen7-10-hehe ~ 14:55:08]$ docker version
Client: Docker Engine - Community
Version: 26.1.4
API version: 1.45
Go version: go1.21.11
Git commit: 5650f9b
Built: Wed Jun 5 11:32:04 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 26.1.4
API version: 1.45 (minimum version 1.24)
Go version: go1.21.11
Git commit: de5c9cf
Built: Wed Jun 5 11:31:02 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.33
GitCommit: d2d58213f83a351ca8f528a95fbd145f5654e957
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.08:系统安全功能配置
清空防火墙规则
bash
[root@centen7-10-hehe docker 15:10:35]$ iptables -F && iptables -t nat -F禁用selinux
bash
[root@centen7-10-hehe docker 15:11:55]$ vim /etc/selinux/config
修改如下内容
SELINUX=disabled
[root@centen7-10-hehe docker 15:12:29]$ setenforce 03.2应用管理
1、使用docker run 命令运行nginx应用
bash
查看本地镜像列表
[root@centen7-10-hehe docker 15:12:44]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 22bd15417453 6 days ago 192MB
[root@centen7-10-hehe docker 15:43:09]$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 22bd15417453 6 days ago 192MB
运行镜像
[root@centen7-10-hehe docker 15:43:12]$ docker run -d nginx:latest
413056cbd5ccaab168cb723704cfe744c4cbed667cc31732c6f9d10ad76f3d71
查看容器列表 状态up
[root@centen7-10-hehe docker 15:44:14]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
413056cbd5cc nginx:latest "/docker-entrypoint...." 8 seconds ago Up 7 seconds 80/tcp suspicious_snyder
指定名称 --name
[root@centen7-10-hehe docker 15:44:22]$ docker run -d --name nginx_01 nginx:latest
af2941abcda223ee93680494a2819d8b2226372d0cdf8ef090c9f0daf54d1ccd
[root@centen7-10-hehe docker 15:48:00]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
af2941abcda2 nginx:latest "/docker-entrypoint...." 3 seconds ago Up 2 seconds 80/tcp nginx_01
413056cbd5cc nginx:latest "/docker-entrypoint...." 3 minutes ago Up 3 minutes 80/tcp suspicious_snyder2、删除 容器-- rm 删除镜像-- rmi
容器启动机箱中无法删除镜像 只有容器删除之后才能删除镜像
删除容器必须先停止 否则无法删除
使用-f可强制删除容器
bash
无法删除
[root@centen7-10-hehe docker 15:52:02]$ docker rmi 22bd15417453
Error response from daemon: conflict: unable to delete 22bd15417453 (cannot be forced) - image is being used by running container 413056cbd5cc
停止容器
[root@centen7-10-hehe docker 15:52:02]$ docker rmi 22bd15417453
Error response from daemon: conflict: unable to delete 22bd15417453 (cannot be forced) - image is being used by running container 413056cbd5cc
查看启动容器
[root@centen7-10-hehe docker 15:52:12]$ docker stop 413056cbd5cc
413056cbd5cc
[root@centen7-10-hehe docker 15:53:02]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
af2941abcda2 nginx:latest "/docker-entrypoint...." 5 minutes ago Up 5 minutes 80/tcp nginx_01
查看全部容器
[root@centen7-10-hehe docker 15:53:12]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
af2941abcda2 nginx:latest "/docker-entrypoint...." 5 minutes ago Up 5 minutes 80/tcp nginx_01
413056cbd5cc nginx:latest "/docker-entrypoint...." 9 minutes ago Exited (0) 12 seconds ago suspicious_snyder
停止全部容器
[root@centen7-10-hehe docker 15:54:06]$ docker stop nginx_01
nginx_01
[root@centen7-10-hehe docker 15:54:18]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
af2941abcda2 nginx:latest "/docker-entrypoint...." 6 minutes ago Exited (0) 3 seconds ago nginx_01
413056cbd5cc nginx:latest "/docker-entrypoint...." 10 minutes ago Exited (0) About a minute ago suspicious_snyder
依旧无法删除
[root@centen7-10-hehe docker 15:54:21]$ docker rmi 22bd15417453
Error response from daemon: conflict: unable to delete 22bd15417453 (must be forced) - image is being used by stopped container 413056cbd5cc
删除容器必须先停止 否则无法删除
批量化删除容器
[root@centen7-10-hehe docker 15:58:28]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
af2941abcda2 nginx:latest "/docker-entrypoint...." 10 minutes ago Exited (0) 4 minutes ago nginx_01
413056cbd5cc nginx:latest "/docker-entrypoint...." 14 minutes ago Exited (0) 5 minutes ago suspicious_snyder
[root@centen7-10-hehe docker 15:58:46]$ docker ps -a | awk '{print "docker rm " $1}'|bash
Error response from daemon: No such container: CONTAINER
af2941abcda2
413056cbd5cc
删除容器后删除镜像 不能删除打标签的镜像 因为打标签的镜像id一致,可以使用名字删除
[root@centen7-10-hehe docker 15:58:51]$ docker rmi nginx:latest
或者使用
[root@centen7-10-hehe docker 16:00:05]$ docker rmi 22bd15417453
Untagged: nginx:latest
Untagged: nginx@sha256:f5c017fb33c6db484545793ffb67db51cdd7daebee472104612f73a85063f889
Deleted: sha256:22bd1541745359072c06a72a23f4f6c52dbb685424e0d5b29008ae4eb2683698
Deleted: sha256:0a7841a283ece9e7e95603090fa7059e7850e1014b9c893d78a876ce1236efc8
Deleted: sha256:bac9c7cf98543a3f0091df2dbca2cdf87a1cb80d6d4c623d6c059b658562937e
Deleted: sha256:32aca3b86eb2d4e257a2a132c0cbb9958aeba1cd85d25ee6a393fd08f6c2288f
Deleted: sha256:4ef9cda1abb71e48d04cc35b0aeec61e7409e2dcb71326373e07623dc8a9f07f
Deleted: sha256:7de008c056b4fc3bdd6011aaaf2c82c0f5e96faa9b5a038e9329662b4444dd5b
Deleted: sha256:c48247a077eb9c2db74e784dce13198fac9ea62484b6073f1a553ab43feeb39b
Deleted: sha256:1bb35e8b4de116e84b2ccf614cce4e309b6043bf2cd35543d8394edeaeb587e3
本地没有镜像使用run命令会先拉取镜像再运行
[root@centen7-10-hehe docker 16:00:27]$ docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@centen7-10-hehe docker 16:01:20]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@centen7-10-hehe docker 16:01:25]$ docker run -d --name nginx_01 nginx:latest
Unable to find image 'nginx:latest' locally
latest: Pulling from library/nginx
3da95a905ed5: Pull complete
037111f539a0: Pull complete
1e537b66692c: Pull complete
d3618cedc15e: Pull complete
63b1ad245775: Pull complete
40c013bb3d47: Pull complete
ec5daaed1d0a: Pull complete
Digest: sha256:f5c017fb33c6db484545793ffb67db51cdd7daebee472104612f73a85063f889
Status: Downloaded newer image for nginx:latest
3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787
[root@centen7-10-hehe docker 16:02:24]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 22bd15417453 6 days ago 192MB
[root@centen7-10-hehe docker 16:02:31]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3f5e4a5aa308 nginx:latest "/docker-entrypoint...." 13 seconds ago Up 11 seconds 80/tcp nginx_013、查看容器详细信息 docker inspect 容器id
bash
[root@centen7-10-hehe docker 16:02:31]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3f5e4a5aa308 nginx:latest "/docker-entrypoint...." 13 seconds ago Up 11 seconds 80/tcp nginx_01
[root@centen7-10-hehe docker 16:02:36]$ docker inspect 3f5e4a5aa308
[
{
"Id": "3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787",
"Created": "2025-07-21T08:02:23.803401265Z",
"Path": "/docker-entrypoint.sh",
"Args": [
"nginx",
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 9362,
"ExitCode": 0,
"Error": "",
"StartedAt": "2025-07-21T08:02:24.216210463Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:22bd1541745359072c06a72a23f4f6c52dbb685424e0d5b29008ae4eb2683698",
"ResolvConfPath": "/var/lib/docker/containers/3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787/hostname",
"HostsPath": "/var/lib/docker/containers/3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787/hosts",
"LogPath": "/var/lib/docker/containers/3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787/3f5e4a5aa308e4e58deb1187a6812fe247eb8324cebf13a7dbee3318d6cc6787-json.log",
"Name": "/nginx_01",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "bridge",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
35,
106
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": [],
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware",
"/sys/devices/virtual/powercap"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/85f7d29ddb919f60085ab7e104908593f2badb4ed5c4a5d3b7322891481c0982-init/diff:/var/lib/docker/overlay2/d9005e610f6ed2de414ddc4265beaf39295d05515c05221dd31a8abffe437627/diff:/var/lib/docker/overlay2/70a753dc48c32dcadf68717696f1d613ba3dca295812a0425004064147d081a1/diff:/var/lib/docker/overlay2/ad02db6cac45a15fddc5cef5219e7c32490e69e8f486bb0ab3732601f3918b7d/diff:/var/lib/docker/overlay2/0a640f2716b0688e01cfc0e394722c9f10ce532a14dbf8456bdb5c9d6d199f8f/diff:/var/lib/docker/overlay2/b6f4804f8bdf8be7cb10852c0d69c8c7bb9f95af6bfdcc0dda641273febfae13/diff:/var/lib/docker/overlay2/7edba14a9c84c1fe468f2d6756e54d854f9f29e475d3be39b546c3e6b27cdb1b/diff:/var/lib/docker/overlay2/cda809fd2369aae7c56517e4b60aae0360211978e5b03faffe2ca9e520e7c492/diff",
"MergedDir": "/var/lib/docker/overlay2/85f7d29ddb919f60085ab7e104908593f2badb4ed5c4a5d3b7322891481c0982/merged",
"UpperDir": "/var/lib/docker/overlay2/85f7d29ddb919f60085ab7e104908593f2badb4ed5c4a5d3b7322891481c0982/diff",
"WorkDir": "/var/lib/docker/overlay2/85f7d29ddb919f60085ab7e104908593f2badb4ed5c4a5d3b7322891481c0982/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "3f5e4a5aa308",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.29.0",
"NJS_VERSION=0.9.0",
"NJS_RELEASE=1~bookworm",
"PKG_RELEASE=1~bookworm",
"DYNPKG_RELEASE=1~bookworm"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx:latest",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "809c9f6d8448488fa6b162cf46922eb82c8ffeee3f3a36a2c0010d7eed01fb7d",
"SandboxKey": "/var/run/docker/netns/809c9f6d8448",
"Ports": {
"80/tcp": null
},
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "d7b9d8b754499429837cbaafc3fc2fa35b5f53c56472137f665a9d1f44cf44e2",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"MacAddress": "02:42:ac:11:00:02",
"NetworkID": "7737d30e28ed0a98a8286a62a79f65b2d3c0c3522f7c3298f12cd8ab749d7d49",
"EndpointID": "d7b9d8b754499429837cbaafc3fc2fa35b5f53c56472137f665a9d1f44cf44e2",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"DriverOpts": null,
"DNSNames": null
}
}
}
}
]层级 存储层 work层 网关 IP地址 子网掩码长度等信息
可以进行过滤
bash
[root@centen7-10-hehe docker 16:05:54]$ docker inspect 3f5e4a5aa308 |grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",4、查看网卡
容器创建的网卡 偶数在外(物理机) 基数在内(容器内)
新创建网卡14
查看容器内的ip docker inspect 容器ID(可以短写) |grep IPAddress
bash
[root@centen7-10-hehe docker 16:10:57]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
94e991b1598a nginx:latest "/docker-entrypoint...." About a minute ago Up About a minute 80/tcp nginx02
3f5e4a5aa308 nginx:latest "/docker-entrypoint...." 9 minutes ago Up 9 minutes 80/tcp nginx_01
[root@centen7-10-hehe docker 16:12:02]$ docker inspect 94e99 |grep IPAddr
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
[root@centen7-10-hehe docker 16:12:24]$ docker inspect 3f5e4a |grep IPAddr
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
测试地址
[root@centen7-10-hehe docker 16:12:59]$ curl http://172.17.0.3
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>3.3 docker命令
docker run
bash
[root@centen7-10-hehe ~ 11:10:14]$ docker run -i -t --name c1 centos:7 bash
Unable to find image 'centos:7' locally
7: Pulling from library/centos
2d473b07cdd5: Pull complete
Digest: sha256:be65f488b7764ad3638f236b7b515b3678369a5124c47b8d32916d6487418ea4
Status: Downloaded newer image for centos:7
#进入容器内部
[root@7b0b2a01b08d /]# ls
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
#退出之后容器停止 因为run命令是在bash环境执行
[root@7b0b2a01b08d /]# exit
exit
[root@centen7-10-hehe ~ 11:10:59]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7b0b2a01b08d centos:7 "bash" 13 seconds ago Exited (0) 6 seconds ago c1挂载数据包
删除原有容器 将iso挂载宿主机/mnt下 在启动容器并进行数据卷挂载
bash
挂载
[root@centen7-10-hehe ~ 11:18:52]$ ls /mnt/
[root@centen7-10-hehe ~ 11:19:56]$ mount /dev/sr0 /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@centen7-10-hehe ~ 11:20:09]$ ls /mnt/
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
[root@centen7-10-hehe ~ 11:20:14]$ ls /mnt/Packages/
删除并启动
[root@centen7-10-hehe ~ 11:21:11]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8b9014a28a21 centos:7 "bash" 2 minutes ago Exited (0) 7 seconds ago c1
[root@centen7-10-hehe ~ 11:21:18]$ docker rm 8b90
8b90
[root@centen7-10-hehe ~ 11:21:28]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@centen7-10-hehe ~ 11:21:32]$ docker run -itd --name c1 -v /mnt:/opt centos:7 /bin/bash
2add39150a774cd2ad2b4b692c42966aaa863a510cb8bf83b5f55220fda9cea4
进入容器查看
[root@centen7-10-hehe ~ 11:23:51]$ docker attach 2add39
[root@2add39150a77 /]# ls /opt/
CentOS_BuildTag EULA LiveOS RPM-GPG-KEY-CentOS-7 TRANS.TBL isolinux
EFI GPL Packages RPM-GPG-KEY-CentOS-Testing-7 images repodata
容器内部绑定仓库
[root@2add39150a77 /]# cd /etc/yum.repos.d/
[root@2add39150a77 yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Sources.repo CentOS-fasttrack.repo
CentOS-CR.repo CentOS-Media.repo CentOS-Vault.repo CentOS-x86_64-kernel.repo
[root@2add39150a77 yum.repos.d]# mkdir back
[root@2add39150a77 yum.repos.d]# mv *.repo back/
[root@2add39150a77 yum.repos.d]# ls
back
[root@2add39150a77 yum.repos.d]# vi abc.repo
[abc]
name=test
baseurl=file:///opt
gpgcheck=0
enabled=1
[root@2add39150a77 yum.repos.d]# yum clean all
Loaded plugins: fastestmirror, ovl
Cleaning repos: abc
[root@2add39150a77 yum.repos.d]# yum makecache
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
abc | 3.6 kB 00:00:00
(1/4): abc/group_gz | 156 kB 00:00:00
(2/4): abc/primary_db | 3.1 MB 00:00:00
(3/4): abc/filelists_db | 3.1 MB 00:00:00
(4/4): abc/other_db | 1.2 MB 00:00:00
Metadata Cache Created
[root@2add39150a77 yum.repos.d]#
下载测试
[root@2add39150a77 yum.repos.d]# yum install -y net-tools
Loaded plugins: fastestmirror, ovl
......
net-tools.x86_64 0:2.0-0.22.20131004git.el7
Complete!
使用命令测试
[root@2add39150a77 yum.repos.d]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 8 bytes 648 (648.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@2add39150a77 yum.repos.d]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologindocker ps
bash
[root@centen7-10-hehe ~ 11:36:31]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 25 seconds ago Up 25 seconds c2
可以查看所有服务(包括停止)
[root@centen7-10-hehe ~ 11:36:44]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 29 seconds ago Up 29 seconds c2
2add39150a77 centos:7 "/bin/bash" 12 minutes ago Exited (0) 39 seconds ago c1docker exec
使用exec 进入容器后退出 不会影响容器的状态
attach 进入容器退出后容器会关闭
bash
[root@centen7-10-hehe ~ 11:36:48]$ docker exec -it c2 ls /root
anaconda-ks.cfg
使用exec进入容器内部
[root@centen7-10-hehe ~ 11:37:55]$ docker exec -it c2 /bin/bash
[root@fe6e0b67572f /]# ls
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
[root@fe6e0b67572f /]# exit
exit
[root@centen7-10-hehe ~ 11:39:40]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 3 minutes ago Up 3 minutes c2docker attach
ctrl + p + q 退出 可以保持容器继续运行
bash
退出保持运行状态
[root@centen7-10-hehe ~ 11:39:40]$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 3 minutes ago Up 3 minutes c2
[root@centen7-10-hehe ~ 11:39:44]$ docker attach c2
[root@fe6e0b67572f /]# read escape sequence
[root@centen7-10-hehe ~ 11:42:21]$ docker attach c2
[root@fe6e0b67572f /]# read escape sequence
[root@centen7-10-hehe ~ 11:42:26]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 6 minutes ago Up 6 minutes c2
2add39150a77 centos:7 "/bin/bash" 18 minutes ago Exited (0) 6 minutes ago c1docker stop 停止容器
bash
[root@centen7-10-hehe ~ 11:42:26]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 6 minutes ago Up 6 minutes c2
2add39150a77 centos:7 "/bin/bash" 18 minutes ago Exited (0) 6 minutes ago c1
[root@centen7-10-hehe ~ 11:42:31]$ docker stop c2
c2
[root@centen7-10-hehe ~ 11:46:03]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 9 minutes ago Exited (137) 2 seconds ago c2
2add39150a77 centos:7 "/bin/bash" 22 minutes ago Exited (0) 9 minutes ago c1
可以多个容器一起停止
docker stop c1 c2docker start
可以多个容器一起启动
bash
[root@centen7-10-hehe ~ 11:46:05]$ docker start c1 c2
c1
c2
[root@centen7-10-hehe ~ 11:46:14]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fe6e0b67572f centos:7 "/bin/bash" 9 minutes ago Up 1 second c2
2add39150a77 centos:7 "/bin/bash" 22 minutes ago Up 2 seconds c1docker top
查看容器中运行的进程信息(确保容器处于运行状态)
bash
[root@centen7-10-hehe ~ 11:46:16]$ docker top c2
UID PID PPID C STIME TTY TIME CMD
root 3695 3676 0 11:46 pts/0 00:00:00 /bin/bash
使用容器进程的ppid 在宿主机查询进程即可看到进程信息
[root@centen7-10-hehe ~ 11:50:14]$ ps aux |grep 3676
root 3676 0.0 0.5 1236448 10052 ? Sl 11:46 0:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id fe6e0b67572f69cb6e228fc0bd2a099cf09ad0460053a326d95ed789b7b7d32c -address /run/containerd/containerd.sock
root 3804 0.0 0.0 112676 984 pts/0 R+ 11:50 0:00 grep --color=auto 3676
[root@centen7-10-hehe ~ 11:50:52]$ docker exec -it c2 ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 03:46 pts/0 00:00:00 /bin/bash
root 15 0 0 03:53 pts/1 00:00:00 ps -ef
[root@centen7-10-hehe ~ 11:53:09]$ ps aux |grep 3695
root 3695 0.0 0.0 11828 1732 pts/0 Ss+ 11:46 0:00 /bin/bash
root 3852 0.0 0.0 112680 984 pts/0 R+ 11:53 0:00 grep --color=auto 3695docker rm
bash
[root@centen7-10-hehe ~ 11:54:50]$ docker stop c1 c2
c1
c2
[root@centen7-10-hehe ~ 11:55:04]$ docker rm c1 c2
c1
c2
[root@centen7-10-hehe ~ 11:55:14]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES