一.配置软件仓库并安装docker-ce
bash
#利用阿里云部署软件仓库
[root@docker-node1 ~]# cat > /etc/yum.repos.d/docker.repo << EOF
[docker]
name = docker
baseurl = https://mirrors.aliyun.com/docker-ce/linux/rhel/9.6/x86_64/stable/
gpgcheck = 0
EOF
[root@docker-node1 ~]# dnf makecache
正在更新 Subscription Management 软件仓库。
无法读取客户身份
本系统尚未在权利服务器中注册。可使用 "rhc" 或 "subscription-manager" 进行注册。
docker 7.3 kB/s | 46 kB 00:06
AppStream 3.1 MB/s | 3.2 kB 00:00
BaseOS 2.7 MB/s | 2.7 kB 00:00
元数据缓存已建立。
[root@docker-node1 ~]# dnf search docker
正在更新 Subscription Management 软件仓库。
无法读取客户身份
本系统尚未在权利服务器中注册。可使用 "rhc" 或 "subscription-manager" 进行注册。
上次元数据过期检查:0:00:13 前,执行于 2026年03月14日 星期六 14时55分07秒。
==================================== 名称 和 概况 匹配:docker =====================================
docker-buildx-plugin.x86_64 : Docker Buildx plugin for the Docker CLI
docker-ce-rootless-extras.x86_64 : Rootless support for Docker
docker-compose-plugin.x86_64 : Docker Compose plugin for the Docker CLI
docker-model-plugin.x86_64 : Docker Model Runner plugin for the Docker CLI
pcp-pmda-docker.x86_64 : Performance Co-Pilot (PCP) metrics from the Docker daemon
podman-docker.noarch : Emulate Docker CLI using podman
======================================== 名称 匹配:docker =========================================
docker-ce.x86_64 : The open-source application container engine
docker-ce-cli.x86_64 : The open-source application container engine
[root@docker-node1 ~]# dnf install docker-ce -y
[root@docker-node1 ~]# vim /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --iptables=true
[root@docker-node1 ~]# echo br_netfilter > /etc/modules-load.d/docker_mod.conf
[root@docker-node1 ~]# modprobe -a br_netfilter
[root@docker-node1 ~]# sysctl -a | grep iptables
#激活
[root@docker-node1 ~]# modprobe -a br_netfilter
[root@docker-node1 ~]# sysctl -a | grep iptables
net.bridge.bridge-nf-call-iptables = 1
[root@docker-node1 ~]# cat > /etc/sysctl.d/docker.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
[root@docker-node1 ~]# sysctl --system
[root@docker-node1 ~]# systemctl enable --now docker
[root@docker-node1 ~]# docker info
[root@docker-node1 ~]# ifconfig
[root@docker-node1 ~]# docker images
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA二、配置docker加速器
bash
[root@docker-node1 ~]# cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://docker.1ms.run"]
}
EOF
[root@docker-node1 ~]# systemctl restart docker
[root@docker-node1 ~]# docker info
Registry Mirrors:
https://docker.1ms.run/
三、docker常用命令
bash
#镜像查看
[root@docker-node1 ~]# docker images IMAGE ID DISK USAGE CONTENT SIZE EXTRA
#搜索镜像
[root@docker-node1 ~]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL
nginx Official build of Nginx. 21206
#下载镜像
[root@docker-node1 ~]# docker pull nginx
[root@docker-node1 ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
61dfb50712f5: Pull complete
96cfb76e59bd: Download complete
Digest: sha256:b3255e7dfbcd10cb367af0d409747d511aeb66dfac98cf30e97e87e4207dd76f
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
#查看镜像提交历史
[root@docker-node1 ~]# docker history busybox:latest
IMAGE CREATED CREATED BY SIZE COMMENT
b3255e7dfbcd 17 months ago BusyBox 1.37.0 (glibc), Debian 13 4.49MB
[root@docker-node1 ~]# docker image i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
busybox:latest b3255e7dfbcd 6.7MB 2.22MB
nginx:1.26 41b194461e4b 279MB 75.2MB
[root@docker-node1 ~]# docker pull timinglee/mario
[root@docker-node1 ~]# docker pull timinglee/game2048
#导出镜像
[root@docker-node1 ~]# docker save -o mario-latest.tar timinglee/mario:latest
[root@docker-node1 ~]# docker save -o game2048-latest.tar timinglee/game2048:latest
#删除镜像
[root@docker-node1 ~]# docker rmi timinglee/mario:latest
#导入镜像
[root@docker-node1 ~]# docker load -i mario-latest.tar
[root@docker-node1 ~]# docker load -i game2048-latest.tar
#运行镜像
[root@docker-node1 ~]# docker run busybox:latest
[root@docker-node1 ~]# docker run -d --name web nginx:1.26
f3e369725fab95d48779eaa556941b735aae841efe09bb1d28bca89923c44ee4
#查看运行容器
[root@docker-node1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f3e369725fab nginx:1.26 "/docker-entrypoint...." 2 seconds ago Up 2 seconds 80/tcp web
[root@docker-node1 ~]#docker run --name test busybox.latest
[root@docker-node1 ~]#docker rm test
#查看所有容器
[root@docker-node1 ~]# docker ps -a
#交互模式运行容器
[root@docker-node1 ~]# docker run -it --name busybox busybox:latest
#交互运行容器默认退出后会停止
[root@docker-node1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1b27167a247 busybox:latest "sh" 50 seconds ago Exited (0) 19 seconds ago busybox
#运行停止的容器
[root@docker-node1 ~]# docker start busybox
root@docker-node1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1b27167a247 busybox:latest "sh" 2 minutes ago Up 1 second busybox
#退出交互容器不对其停止
[root@docker-node1 ~]# docker attach busybox
/ # [ctrl]+[p]+[q] #按键
[root@docker-node1 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d1b27167a247 busybox:latest "sh" 3 minutes ago Up About a minute busybox
#查看容器信息
[root@docker-node1 ~]# docker inspect busybox
#容器控制
[root@Docker-node1 ~]# docker stop busybox #停止容器
[root@Docker-node1 ~]# docker kill busybox #杀死容器,可以使用信号
[root@Docker-node1 ~]# docker start busybox #开启停止的容器
#在已经运行的容器中执行指定命令
[root@docker-node1 ~]# docker exec busybox touch /root/haha #非交互
[root@docker-node1 ~]# docker exec busybox ls /root
file1
file2
haha
[root@docker-node1 ~]# docker exec -it web /bin/bash #交互的
root@f3e369725fab:/#
#容器删除
[root@docker-node1 ~]# docker rm -f busybox
busybox
[root@docker-node1 ~]# docker stop web
web
[root@docker-node1 ~]# docker rm web
web
#内容提交
[root@docker-node1 ~]# docker run -it --name test busybox:latest
/ # touch /root/file
/ # ls /root/
file
ctrl+qp 退出当前环境并继续运行容器
[root@docker-node1 ~]# docker commit -m "add file" test busybox-file:latest
sha256:31a32089d241d025a5a54f144f15319cc6fb55be1b41d049f8905a472d5a028e
[root@docker-node1 ~]# docker images
i Info → U In Use
IMAGE ID DISK USAGE CONTENT SIZE EXTRA
busybox-file:latest 31a32089d241 6.71MB 2.21MB
[root@docker-node1 ~]# docker run -it --name test busybox-file:latest
#文件在镜像中的复制
[root@docker-node1 ~]# docker run -it --name test busybox-file:latest
root@docker-node1 ~]# docker cp test:/root/file /mnt
Successfully copied 1.54kB to /mnt
[root@docker-node1 ~]# ls /mnt/
file hgfs
[root@docker-node1 ~]# docker cp /etc/passwd test:/root/
Successfully copied 3.07kB to test:/root/
[root@docker-node1 ~]# docker exec test ls /root
file
passwd四、容器外部网络访问
bash
[root@docker-node1 ~]# docker run -d --name nginx-test -p 8080:80 nginx:1.26
74bc99190432253d4f0efc899f0d5b8be27062a04ec3d54b34378ccd84d144cf
[root@docker-node1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@docker-node1 ~]# curl localhost:8080
[root@docker-node1 ~]# docker run -d --name mario -p 80:8080 timinglee/mario:latest
16c1bbc5dc81997a3420f9d9abb1dc5a4f5fea380310001c587fd32f3a4ceaa1
#在浏览器上搜172.25.254.10
五、熟悉镜像构建是用到的参数
bash
#建立构建目录
[root@docker-node1 ~]# mkdir docker
[root@docker-node1 ~]# cd docker/
#编写构建规则文件
[root@docker-node1 docker]# vim Dockerfile
#FROM
FROM busybox:latest
#COPY
[root@docker-node1 docker]# echo timinglee > timinglee
[root@docker-node1 docker]# cat timinglee
timinglee
[root@docker-node1 docker]# vim Dockerfile
FROM busybox:latest
#构建命令
[root@docker-node1 docker]# docker build -t timinglee:v1 .
[+] Building 0.2s (7/7) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 78B 0.0s
=> [internal] load metadata for docker.io/library/busybox:latest 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 46B 0.0s
=> [1/2] FROM docker.io/library/busybox:latest@sha256:b3255e7dfbcd10cb367af0d409747d511aeb66dfac9 0.0s
=> => resolve docker.io/library/busybox:latest@sha256:b3255e7dfbcd10cb367af0d409747d511aeb66dfac9 0.0s
=> [2/2] COPY timinglee /root 0.0s
=> exporting to image 0.1s
=> => exporting layers 0.0s
=> => exporting manifest sha256:3e240075ea92a386ccc7b8249faf4fbc049465ac3e490ddb9c0b6c759a35a2be 0.0s
=> => exporting config sha256:16a6f0015605d0df6a11f1c609afba2c28bdf3d984305922b440e52cd76f9dc2 0.0s
=> => exporting attestation manifest sha256:74b85b3b7cbdaa72964271d4d7c0fc371c7e267bbf6070df2628f 0.0s
=> => exporting manifest list sha256:0a7e32bc130bf9dbfc457442d8bc653987c1a642f86858f6bc233dc120d6 0.0s
=> => naming to docker.io/library/timinglee:v1 0.0s
=> => unpacking to docker.io/library/timinglee:v1
[root@docker-node1 docker]# docker images
[root@docker-node1 docker]# docker rm -f busybox
[root@docker-node1 docker]# docker history timinglee:v1
bash
#LABEL KEY=VALUES
LABEL creater=lee
#ADD
[root@docker-node1 docker]# echo lee > lee
[root@docker-node1 docker]# vim Dockerfile
FROM busybox:latest
LABEL Creater=lee
COPY timinglee /root
ADD lee /root
#add可以解压缩COPY不能
FROM busybox:latest
LABEL Creater=lee
COPY bin.tar.gz /root
ADD bin.tar.gz /mnt
#ENV
ENV NAME=timinglee
RUN ["/bin/sh","-c", "touch /root/$NAME" ]
#EXPOSE
EXPOSE 8080
[root@docker-node1 docker]# docker history lee:v5
IMAGE CREATED CREATED BY SIZE COMMENT
1391576721c7 2 minutes ago RUN /bin/sh -c touch /root/$NAME # buildkit 0B buildkit.dockerfile.v0
<missing> 2 minutes ago EXPOSE [8080/tcp] 0B buildkit.dockerfile.v0
<missing> 2 minutes ago ENV NAME=timinglee 0B buildkit.dockerfile.v0
<missing> 2 minutes ago LABEL Creater=lee 0B buildkit.dockerfile.v0
<missing> 17 months ago BusyBox 1.37.0 (glibc), Debian 13
#VOLUEM
FROM busybox:latest
LABEL Creater=lee
ENV NAME=timinglee
EXPOSE 8080
VOLUME "/mnt"
RUN ["/bin/sh","-c", "touch /root/$NAME" ]
#测试
[root@docker-node1 docker]# docker run -it --name test --rm lee:v6
[root@docker-node1 ~]# docker inspect test | grep -i mounts -A10
"Mounts": [
{
"Type": "volume",
"Name": "951e0ad881eda84a037614657b89cae88adac7c600ac03cd9505c067cee04741",
"Source": "/var/lib/docker/volumes/951e0ad881eda84a037614657b89cae88adac7c600ac03cd9505c067cee04741/_data",
"Destination": "/mnt",
"Driver": "local",
"Mode": "",
"RW": true,
"Propagation": ""
}
[root@docker-node1 ~]# cd "/var/lib/docker/volumes/951e0ad881eda84a037614657b89cae88adac7c600ac03cd9505c067cee04741/_data"
[root@docker-node1 _data]# touch lee{1..5}
#在容器中
/ # ls /mnt/
lee1 lee2 lee3 lee4 lee5
#WORKDIR
FROM busybox:latest
LABEL Creater=lee
ENV NAME=timinglee
EXPOSE 8080
VOLUME "/mnt"
RUN ["/bin/sh","-c", "touch /root/$NAME" ]
WORKDIR "/mnt"
[root@docker-node1 docker]# docker run -it --name test --rm lee:v7
/mnt #
#CMD
#ENV CMD
FROM busybox
MAINTAINER lee@timinglee.org
ENV NAME lee
#CMD echo $NAME
#CMD ["/bin/echo", "$NAME"]
CMD ["/bin/sh", "-c", "/bin/echo $NAME"]
[root@Docker-node1 docker]# docker run -it --rm --name test example:v3
lee
]# docker run -it --name test --rm lee:v8 echo haha
haha
#ENTRYPOINT
FROM busybox
MAINTAINER lee@timinglee.org
ENV NAME lee
ENTRYPOINT echo $NAME
[root@Docker-node1 docker]# docker run -it --rm --name test example:v3 sh
lee
[root@docker-node1 docker]# docker run -it --name test --rm lee:v8
timinglee
[root@docker-node1 docker]# docker run -it --name test --rm lee:v8 echo haha
timinglee