Docker使用

发表于 分类于 阅读次数:

基本操作

1.使用镜像执行动作

1
$ docker run ubuntu:15.10 /bin/echo 'hello docer'
1
2
3
4
5
6
7
8
9
10
结果:
Unable to find image 'ubuntu:15.10' locally
15.10: Pulling from library/ubuntu
7dcf5a444392: Pull complete 
759aa75f3cee: Pull complete 
3fa871dc8a2b: Pull complete 
224c42ae46e7: Pull complete 
Digest: sha256:02521a2d079595241c6793b2044f02eecf294034f31d6e235ac4b2b54ffc41f3
Status: Downloaded newer image for ubuntu:15.10
hello world

2.交互式运行

1
2
$ docker run -i -t ubuntu:15.10 /bin/bash
$ docker run --interactive --tty ubuntu /bin/bash   #(不指定版本,默认latest)

3.守护进程运行

1
$ docker run -d ubuntu:15.10 /bin/sh -c "while true; do echo hello world; sleep 1; done"
1
2
3
结果
2e3b96095dd69911032f02d44cb483b1d5cc824f15a3296a9ddbd1070b054b9e
2e3b96095dd6

4.查看当前守护进程运行的docker

1
$ docker ps
1
2
3
结果
CONTAINER ID | IMAGE        | COMMAND     | CREATED       |STATUS      |PORTS      |NAMES
9e3c78addf64 | ubuntu:15.10 | "/bin/bash" | 13 minutes ago|Up 13 minutes|    |loving_shaw

5.退出当前docker

1
$ exit

6.查看指定容器执行日志

1
$ docker logs 9e3c78addf64

7.停止容器运行

1
$ docker stop [9e3c78addf64/loving_shaw]

8.操作已运行容器

1
$ docker exec -it 8dfd51f8b37c /bin/bash

9.删除未使用中容器

1
$ docker rm [容器ID]

镜像操作

1.列出本机镜像

1
$ docker images
1
2
3
4
结果
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
hello-world         latest              bf756fb1ae65        9 months ago        13.3kB
ubuntu              15.10               9b9cb95443b5        4 years ago         137MB

2.查找镜像

1
$ docker search httpd
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
httpd The Apache HTTP Server Project 3219 [OK]
centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui… 36
centos/httpd 32 [OK]

或者 Docker Hub

3.手动拉取镜像

1
$ docker pull ubuntu:13.10

4.删除镜像

1
$ docker rmi hello-world
1
2
3
4
$ docker rmi --force hello-world:latest 
Untagged: hello-world:latest
Untagged: hello-world@sha256:8c5aeeb6a5f3ba4883347d3747a7249f491766ca1caa47e5da5dfcf6b9b717c0
Deleted: sha256:bf756fb1ae65adf866bd8c456593cd24beb6a0a061dedf42b26a993176745f6b

5.更新镜像

1
$ docker commit -m='done some things' -a='ni9ne' cc7adb4b2145 ni9ne/ubuntu:V1
1
2
3
4
5
6
7
8
9
10
11
12
13
sha256:3de2fb0fa6533c64256e085959e358030544bbd819154a4ccb04ab902ffae6e0
$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ni9ne/ubuntu        v1                  3de2fb0fa653        12 seconds ago      137MB
httpd               latest              3dd970e6b110        10 days ago         138MB
ubuntu              latest              9140108b62dc        3 weeks ago         72.9MB
ubuntu              15.10               9b9cb95443b5        4 years ago         137MB
ubuntu              13.10               7f020f7bf345        6 years ago         185MB
$ docker run -ti ni9ne/ubuntu
ni9ne/ubuntu     ni9ne/ubuntu:v1 
$ docker run -ti ni9ne/ubuntu:v1 /bin/bash
root@f8cab436a299:/#

6.创建镜像

1
$ docker build -t ni9ne/centos6.7 docker/

指定以docker文件夹下的Dockerfile创建名为ni9ne/centos6.7的镜像

1
$ vi docker/Dockerfile
1
2
3
4
5
6
7
8
9
10
 1 FROM centos:6.7
 2 MAINTAINER Ni9ne "ni9ne@outlook.com" 
 3 
 4 RUN /bin/echo 'root:123456' | chpasswd
 5 RUN useradd ni9ne
 6 RUN /bin/echo 'ni9ne:ni9ne' | chpasswd
 7 RUN /bin/echo -e "LANG=\"en_US.UTF-8\"" > /etc/default/local
 8 EXPOSE 22
 9 EXPOSE 80
10 CMD /usr/sbin/sshd -D

查看创建镜像

1
2
3
4
ubuntu@ubuntu:~$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ni9ne/centos6.7     latest              95cc1d4ddbfe        11 minutes ago      191MB
 ...

7.为镜像添加tag

1
$ docker tag 95cc1d4ddbfe ni9nee/centos6.7:dev
1
2
3
4
5
ubuntu@ubuntu:~$ docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
ni9nee/centos6.7    dev.1               95cc1d4ddbfe        13 minutes ago      191MB
ni9ne/centos6.7     latest              95cc1d4ddbfe        13 minutes ago      191MB
 ...

生成相同 IMAGE ID 的不同镜像

8.发布镜像到docker_hub

1
2
3
$ docker login  / docker login -u [USER_NAME]         	# 登录docker_hub
$ docker tag [IMAGE_NAME] [USER_NAME]/[IMAGE_NAME]		# 给镜像打标签,重命名
$ docker push [USER_NAME]/[IMAGE_NAME]					# 推送

容器连接

1.端口开放

1
$ docker run -d -P training/webapp python app.py
1
2
3
4
-d --detach 			守护进程运行并打印出容器id
-P --publish-all list 	将容器端口随机映射到主机高端口
-p --publish list 		将容器端口映射到指定主机端口
--name 					重命名为指定容器名
1
$ docker run -d -p 127.0.0.1:5000:5000/udp training/webapp python app.py

2.查看容器端口开放状态

1
$ docker port d1f753a28378
1
5000/tcp -> 0.0.0.0:32768

3.容器命名

除系统随机命名外, 还可用选项 --name 指定该容器的名称

1
$ docker run -d -P --name test_name ubuntu /bin/bash
1
e086aa4536def6b30efe6302e43d2dc457013cc3b4ddc32f0d8dc6b86e7af3dd

4.新建网络

1
$ docker network create -d bridge test-net
1
c01cbf143f2ab43100d55b93910d0082980a99bbfb7a739f03fcd73625aec4f2
1
2
-d, --driver string        Driver to manage the Network (default "bridge")
						   指定 Docker 网络类型,有 bridge、overlay。

docker network COMMAND

参数 功能
connect Connect a container to a network
create Create a network
disconnect Disconnect a container from a network
inspect Display detailed information on one or more networks
ls List networks
prune Remove all unused networks
rm Remove one or more networks

5.连接容器到网络

1
$ docker run -itd --name test1 --network test-net ubuntu /bin/bash
1
$ docker run -itd --name test2 --network test-net ubuntu /bin/bash

6.测试

1
2
3
apt-get update
apt install iputils-ping
ping test1

7.配置DNS

1.配置全局DNS

  • 宿主机配置
1
$ sudo vim etc/docker/daemon.json
1
2
3
4
5
6
{
  "dns" : [
    "114.114.114.114",
    "8.8.8.8"
  ]
}
  • 重启docker
1
$ sudo service docker restart
  • 查看是否生效
1
$ docker run -it --rm ubuntu cat etc/resolv.conf

2.单容器配置DNS

启动时配置

1
$ docker run -it --rm -h host_ubuntu --dns=114.114.114.114 --dns-search=test.com ubuntu
1
2
3
4
5
6
7
8
--rm  					Automatically remove the container when it exits 
						容器退出时自动清理容器内部的文件系统。
-h, --hostname string 	Container host name
						设定容器的主机名,它会被写到容器内的 /etc/hostname 和 /etc/hosts
--dns=IP_ADDRESS       Set custom DNS servers
添加 DNS 服务器到容器的 /etc/resolv.conf 中,让容器用这个服务器来解析所有不在 /etc/hosts 中的主机名
--dns-search=DOMAIN    Set custom DNS search domains
 设定容器的搜索域,当设定搜索域为 .example.com 时,在搜索一个名为 host 的主机时,DNS 不仅搜索 host,还会搜索 host.example.com。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
ubuntu@ubuntu:~$ docker run -it --rm -h host_ubuntu --dns=114.114.114.114 --dns-search=test.com ubuntu
root@host_ubuntu:/# cat /etc/hostname 
host_ubuntu
root@host_ubuntu:/# cat /etc/hosts    
127.0.0.1	localhost
::1	localhost ip6-localhost ip6-loopback
fe00::0	ip6-localnet
ff00::0	ip6-mcastprefix
ff02::1	ip6-allnodes
ff02::2	ip6-allrouters
172.17.0.2	host_ubuntu
root@host_ubuntu:/# cat /etc/resolv.conf 
search test.com
nameserver 114.114.114.114

https://httpd.apache.org/security/vulnerabilities_24.html