文章来源于网络收集而来,版权归原创者所有,如有侵权请及时联系!
4.2 docker 命令组
图 3 docker_commands
备注:镜像标签 tag=$name:$version
docker 命令组可分为几大块:容器、镜像、运行
容器命令
| Command | Description |
|---|---|
| docker container attach | Attach local standard input, output, and error streams to a running container |
| docker container commit | Create a new image from a container’s changes |
| docker container cp | Copy files/folders between a container and the local filesystem |
| docker container create | Create a new container |
| docker container diff | Inspect changes to files or directories on a container’s filesystem |
| docker container exec | Run a command in a running container |
| docker container export | Export a container’s filesystem as a tar archive |
| docker container inspect | Display detailed information on one or more containers 显示容器详细信息 |
| docker container kill | Kill one or more running containers |
| docker container logs | Fetch the logs of a container |
| docker container ls | List containers |
| docker container pause | Pause all processes within one or more containers |
| docker container port | List port mappings or a specific mapping for the container |
| docker container prune | Remove all stopped containers 移除所有停止容器 |
| docker container rename | Rename a container |
| docker container restart | Restart one or more containers |
| docker container rm | Remove one or more containers |
| docker container run | Run a command in a new container |
| docker container start | Start one or more stopped containers |
| docker container stats | Display a live stream of container(s) resource usage statistics |
| docker container stop | Stop one or more running containers |
| docker container top | Display the running processes of a container |
| docker container unpause | Unpause all processes within one or more containers |
| docker container update | Update configuration of one or more containers |
| docker container wait | Block until one or more containers stop, then print their exit codes |
镜像命令
| Command | Description |
|---|---|
| docker image build | Build an image from a Dockerfile |
| docker image history | Show the history of an image |
| docker image import | Import the contents from a tarball to create a filesystem image |
| docker image inspect | Display detailed information on one or more images |
| docker image load | Load an image from a tar archive or STDIN |
| docker image ls | List images |
| docker image prune | Remove unused images |
| docker image pull | Pull an image or a repository from a registry |
| docker image push | Push an image or a repository to a registry |
| docker image rm | Remove one or more images |
| docker image save | Save one or more images to a tar archive (streamed to STDOUT by default) |
| docker image tag | Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE |
docker cli 基本命令: docker
$ docker
Usage: docker [OPTIONS] COMMAND
A self-sufficient runtime for containers
Options:
--config string Location of client config files (default "/root/.docker")
-c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
-D, --debug Enable debug mode
-H, --host list Daemon socket(s) to connect to
-l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
--tls Use TLS; implied by --tlsverify
--tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem")
--tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem")
--tlskey string Path to TLS key file (default "/root/.docker/key.pem")
--tlsverify Use TLS and verify the remote
-v, --version Print version information and quit
Management Commands:
builder Manage builds
config Manage Docker configs
container Manage containers
context Manage contexts
engine Manage the docker engine
image Manage images
network Manage networks
node Manage Swarm nodes
plugin Manage plugins
secret Manage Docker secrets
service Manage services
stack Manage Docker stacks
swarm Manage Swarm
system Manage Docker 如查看占用空间 df,清理空间 prune
trust Manage trust on Docker images
volume Manage volumes
Commands:
attach Attach to a running container
build Build an image from a Dockerfile
commit Create a new image from a container's changes
cp Copy files/folders from a container's filesystem to the host path
create Create a new container
diff Inspect changes on a container's filesystem
events Get real time events from the server
exec Run a command in a running container
export Stream the contents of a container as a tar archive
history Show the history of an image
images List images
import Create a new filesystem image from the contents of a tarball
info Display system-wide information
inspect Return low-level information on a container or image
kill Kill a running container
load Load an image from a tar archive
login Register or log in to a Docker registry server
logout Log out from a Docker registry server
logs Fetch the logs of a container #查看运行镜像实例的日志
port Lookup the public-facing port that is NAT-ed to PRIVATE_PORT
pause Pause all processes within a container
ps List containers #查看正在运行镜像实例
pull Pull an image or a repository from a Docker registry server #拉取镜像
push Push an image or a repository to a Docker registry server #上传镜像
rename Rename an existing container
restart Restart a running container
rm Remove one or more containers
rmi Remove one or more images
run Run a command in a new container #启动容器
save Save an image to a tar archive
search Search for an image on the Docker Hub
start Start a stopped container
stats Display a stream of a containers' resource usage statistics
stop Stop a running container
tag Tag an image into a repository
top Lookup the running processes of a container
unpause Unpause a paused container
version Show the Docker version information
wait Block until a container stops, then print its exit code
Run 'docker COMMAND --help' for more information on a command.
4.2.1 常用命令
- docker version 获取 docker 服务端和客户端版本
- docker info 获取服务器信息
- docker inspect [containd_id|image_id] 会自动识别 ID 属于容器还是镜像,显示一或多个容器|镜像的详细信息
- docker update --restart=always [contained_id] 开机时自动启动容器
- docker network 容器网络
- docker ps 查看进程
- docker service 查看服务
- docker stats 实时统计服务使用的资源情况
docker version : 获取 docker 服务端和客户端版本
# docker-1.13.1: 2017.2 前发布,centos7 的 yum 缺省版本。
$ docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-108.git4ef4b30.1.al7.x86_64
Go version: go1.13.3
Git commit: 4ef4b30/1.13.1
Built: Fri Jan 31 15:01:11 2020
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-108.git4ef4b30.1.al7.x86_64
Go version: go1.13.3
Git commit: 4ef4b30/1.13.1
Built: Fri Jan 31 15:01:11 2020
OS/Arch: linux/amd64
Experimental: false
# docker-ce-20.10.8:2021 发布。
# docker-ce 拆分成了 4 块,分别是 ce, contained, docker-init, runc
docker version
Client: Docker Engine - Community
Version: 20.10.8
API version: 1.41
Go version: go1.16.6
Git commit: 3967b7d
Built: Fri Jul 30 19:53:39 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.8
API version: 1.41 (minimum version 1.12)
Go version: go1.16.6
Git commit: 75249d8
Built: Fri Jul 30 19:52:00 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.9
GitCommit: e25210fe30a0a703442421b0f60afac609f950a3
runc:
Version: 1.0.1
GitCommit: v1.0.1-0-g4144b63
docker-init:
Version: 0.19.0
GitCommit: de40ad0
docker info 命令
服务器信息:包括容器/镜像、存储引擎、执行驱动/日志驱动、硬件情况(OS/CPU/MEM)
# windows
$ docker info
Containers: 10
Images: 19
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 75
Dirperm1 Supported: true
Execution Driver: <not supported>
Logging Driver: json-file
Kernel Version: 4.9.89-boot2docker
Operating System: Boot2Docker 18.03.0-ce (TCL 8.2.1); HEAD : 404ee40 - Thu Mar 22 17:12:23 UTC 2018
CPUs: 1
Total Memory: 995.6 MiB
Name: default
ID: NCA4:CCKW:YBLC:PFLP:OTOQ:UJVG:EJGR:FE2K:HRJJ:NWMT:TS3J:NVA2
Username: keefewu
Registry: https://index.docker.io/v1/
Labels:
provider=virtualbox
# linux
$ sudo docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.13.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: false
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc docker-runc
Default Runtime: docker-runc
Init Binary: /usr/libexec/docker/docker-init-current
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: e45dd70447fb72ee4e1f6989173aa6c5dd492d87 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
WARNING: You're not using the default seccomp profile
Profile: /etc/docker/seccomp.json
Kernel Version: 4.19.91-23.al7.x86_64
Operating System: Alibaba Cloud Linux (Aliyun Linux) 2.1903 LTS (Hunting Beagle)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 1
Total Memory: 1.915 GiB
Name: iZ2zebj7eoe7terrup37y4Z
ID: ZWKR:MR6J:AH3S:DMOA:ZKRN:NGBK:VOVB:2VWX:ISWC:4V67:MGQX:TYCR
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Registries: docker.io (secure)
获取某个容器的 IP
docker inspect --format '{{ .NetworkSettings.IPAddress }}' <CONTAINER ID or NAME>给容器指定一个固定 IP 地址,而不是容器每次启动时 IP 地址变化
# 创建一个桥接网络,示例中网关掩码为 172.25.0.0/16, IP 为 172.15.3.3 $ docker network create -d bridge --subnet 172.25.0.0/16 my-net $ docker run --network=my-net --ip=172.25.3.3 -itd --name=my-container busybox查看服务资源占用情况
# —no-stream 可以不实时展示 $ docker stats --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}" NAME CPU % MEM USAGE / LIMIT sretest_extract_admin_html.1.rd0hmftqmkmkj6l72er8rme0a 0.00% 5.301MiB / 15.51GiB sretest_retest.1.zbf6or7l08u7a8f99xcmw3g03 0.10% 137.7MiB / 15.51GiB sretest_mysql.1.8scutj0ecm7wvxb1zbuklyd6d 3.73% 872.4MiB / 15.51GiB prtainer-test 0.00% 19.46MiB / 15.51GiB # 查看磁盘使用情况, Docker 1.13 引入,RECLAMABLE 指可回收的磁盘(镜像/容器未使用) # RECLAIMABLE 不为 0 时,可用 docker system prune 清理回收磁盘空间。 $ docker system df TYPE TOTAL ACTIVE SIZE RECLAIMABLE Images 49 15 20.99GB 19.29GB (91%) Containers 34 25 172kB 16B (0%) Local Volumes 3 1 200.1MB 199.3MB (99%) Build Cache 2 0 725B 725B
4.2.3 容器运行 run
docker run 命令
denny@denny-ubuntu:~/downloads$ docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
-a, --attach=[] Attach to STDIN, STDOUT or STDERR
--add-host=[] Add a custom host-to-IP mapping (host:ip)
-c, --cpu-shares=0 CPU shares (relative weight)
--cap-add=[] Add Linux capabilities
--cap-drop=[] Drop Linux capabilities
--cgroup-parent= Optional parent cgroup for the container
--cidfile= Write the container ID to the file
--cpuset-cpus= CPUs in which to allow execution (0-3, 0,1)
-d, --detach=false Run container in background and print container ID
--device=[] Add a host device to the container
--dns=[] Set custom DNS servers
--dns-search=[] Set custom DNS search domains
-e, --env=[] Set environment variables #环境变量,优先级最高
--entrypoint= Overwrite the default ENTRYPOINT of the image
--env-file=[] Read in a file of environment variables
--expose=[] Expose a port or a range of ports
-h, --hostname= Container host name
--help=false Print usage
-i, --interactive=false Keep STDIN open even if not attached #交互式启动
--ipc= IPC namespace to use
-l, --label=[] Set meta data on a container
--label-file=[] Read in a line delimited file of labels
--link=[] Add link to another container #容器链接 <contain_name>:<alias>
--log-driver= Logging driver for container
--lxc-conf=[] Add custom lxc options
-m, --memory= Memory limit
--mac-address= Container MAC address (e.g. 92:d0:c6:0a:29:33)
--memory-swap= Total memory (memory + swap), '-1' to disable swap
--name= Assign a name to the container #容器别名
--net=bridge Set the Network mode for the container #设置网络模式
-P, --publish-all=false Publish all exposed ports to random ports
-p, --publish=[] Publish a container's port(s) to the host #端口映射 <宿主>:<容器>
--pid= PID namespace to use
--privileged=false Give extended privileges to this container
--read-only=false Mount the container's root filesystem as read only
--restart=no Restart policy to apply when a container exits
--rm=false Automatically remove the container when it exits
--security-opt=[] Security Options
--sig-proxy=true Proxy received signals to the process
-t, --tty=false Allocate a pseudo-TTY TTY 终端启动
-u, --user= Username or UID (format: <name|uid>[:<group|gid>])
--ulimit=[] Ulimit options
-v, --volume=[] Bind mount a volume 挂载目录
--volumes-from=[] Mount volumes from the specified container(s)
-w, --workdir= Working directory inside the container
说明:1. -v [宿主机数据卷]:[容器数据卷] 数据持久化,可以用来将容器数据卷映射到宿主机,便于管理数据,不会因容器移除导致数据丢失。
--link <contain_name>:<alias>用于同宿主机的容器 A 访问另一个容器 B 服务。contain_name 为 B 容器启动的名称(--name),alias 是可以在 A 容器中使用的 B 容器的 HOST。详见下文 docker 网络- --net=bridge 设置容器网络模式
4.2.3 进入容器 attach/exec
法 1:
docker attach <docker_id>
使用该命令有一个问题。当多个窗口同时使用该命令进入该容器时,所有的窗口都会同步显示。如果有一个窗口阻塞了,那么其他窗口也无法再进行操作。另外退出窗口时,可能也会导出容器退出。法 2(推荐):
docker exec -it <docker_id> /bin/bash# 以 root 身份登陆 docker 容器 -u root $ docker exec -it -u root [docker_id] /bin/bash法 3:SSH
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论