1.docker命令
Usage: docker [OPTIONS] COMMAND A self-sufficient runtime for containers Options: --config string Location of client config files (default "/root/.docker") -c, --context string Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use") -D, --debug Enable debug mode -H, --host list Daemon socket(s) to connect to -l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info") --tls Use TLS; implied by --tlsverify --tlscacert string Trust certs signed only by this CA (default "/root/.docker/ca.pem") --tlscert string Path to TLS certificate file (default "/root/.docker/cert.pem") --tlskey string Path to TLS key file (default "/root/.docker/key.pem") --tlsverify Use TLS and verify the remote -v, --version Print version information and quit Management Commands: builder Manage builds config Manage Docker configs container Manage containers context Manage contexts engine Manage the docker engine image Manage images network Manage networks node Manage Swarm nodes plugin Manage plugins secret Manage Docker secrets service Manage services stack Manage Docker stacks swarm Manage Swarm system Manage Docker trust Manage trust on Docker images volume Manage volumes Commands: attach Attach local standard input, output, and error streams to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container diff Inspect changes to files or directories on a container's filesystem events Get real time events from the server exec Run a command in a running container export Export a container's filesystem as a tar archive history Show the history of an image images List images import Import the contents from a tarball to create a filesystem image info Display system-wide information inspect Return low-level information on Docker objects kill Kill one or more running containers load Load an image from a tar archive or STDIN login Log in to a Docker registry logout Log out from a Docker registry logs Fetch the logs of a container pause Pause all processes within one or more containers port List port mappings or a specific mapping for the container ps List containers pull Pull an image or a repository from a registry push Push an image or a repository to a registry rename Rename a container restart Restart one or more containers rm Remove one or more containers rmi Remove one or more images run Run a command in a new container save Save one or more images to a tar archive (streamed to STDOUT by default) search Search the Docker Hub for images start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop one or more running containers tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE top Display the running processes of a container unpause Unpause all processes within one or more containers update Update configuration of one or more containers version Show the Docker version information wait Block until one or more containers stop, then print their exit codes Run 'docker COMMAND --help' for more information on a command.
1.1.容器管理
1.1.1.创建并启动容器
[root@itbkz.com ~]#docker run --name nginx -it \ --hostname nginx \ --restart=always \ -v /etc/localtime:/etc/localtime \ -p 80:80 \ -d nginx:1.16 269fff280db30afbbba2ad7343c343b3ffe7f36205a8fafbaa125caf6a71f245
docker run
:运行容器
--name nginx
:自定义容器名称为nginx,注意:需唯一不可与现有的名称冲突。
-i
:交互式
-t
:伪终端
--hostname nginx
:主机名称
--restart=always
:总是自启动
-v /etc/localtime:/etc/localtime
:指定映射目录(可指定多个目录),宿主路径:容器路径。映射本地时间文件到容器以同步时间
-u root
:指定启动的用户
-p 80:80
:指定映射的端口(可指定多个端口),-p
:代表将容器上的端口(后)映射到本机的80(前)上,成功之后即可使用 http://IP:80 访问
-d
:后台运行
nginx:1.16
:镜像名称:标签(tag
)
这样创建容器之后默认在
bridge
网络中,如果要指定网络可以加参数:--net=host
;如果要指定用户可以加参数:-u root
1.1.2.看正在运行的容器
[root@itbkz.com ~]#docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 269fff280db3 nginx:1.16 "nginx -g 'daemon of…" 28 minutes ago Up 28 minutes 0.0.0.0:80->80/tcp nginx
1.1.3.显示容器完整信息
[root@docker ~]#docker ps --no-trunc CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 269fff280db30afbbba2ad7343c343b3ffe7f36205a8fafbaa125caf6a71f245 nginx:1.16 "nginx -g 'daemon off;'" 4 weeks ago Up 26 seconds 0.0.0.0:80->80/tcp nginx
1.1.4.显示所有容器
[root@itbkz.com ~]#docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8119b763c939 nginx:1.16 "nginx -g 'daemon of…" 13 seconds ago Exited (0) 6 seconds ago nginx1 269fff280db3 nginx:1.16 "nginx -g 'daemon of…" 26 minutes ago Up 26 minutes 0.0.0.0:80->80/tcp nginx
显示所有的容器包括没有运行的,
nginx1
容器即为未运行的容器1.1.5.看容器映射的端口
[root@docker ~]#docker port nginx 80/tcp -> 0.0.0.0:80
1.1.6.容器打包成镜像
[root@itbkz.com ~]#docker commit -a "dnnltf" -m "my nginx" nginx nginx:v1 sha256:b2651d53e586b90611bcb77519774a50f804c8616b47324c21087ad08911642e [root@itbkz.com ~]#docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx v1 b2651d53e586 13 seconds ago 127MB nginx 1.16 dfcfd8e9a5d3 3 weeks ago 127MB
-a
:提交的镜像作者
-c
:使用Dockerfile
指令来创建镜像
-m
:提交时的说明文字
-p
:在commit
时,将容器暂停
1.1.7.主机文件到容器
docker cp simkai.ttf zabbix-web-nginx-mysql:/usr/share/zabbix/assets/fonts
1.1.8.容器文件到主机
docker cp nginx:/etc/nginx/mime.types /tmp/
1.1.9.容器外查看容器IP
docker exec -it zabbix-web-nginx-mysql ip addr
1.1.10.进入容器
docker exec -it 6bcafc0beba4 bash
进入容器 CONTAINER ID 号为(6bcafc0beba4)的容器,使用 bash 命令;如果要使用指定用户的身份进入到容器可以加
--user root
或-u 0
CONTAINER ID 可以使用命令
docker ps
查看。可以使用命令:exit
或是按键 Ctrl+c 退出。1.1.11.容器详细信息
docker inspect 6bcafc0beba4
查看 CONTAINER ID 号为(6bcafc0beba4)的容器的详细信息
1.1.12.查看容器对应文件
[root@itbkz.com docker]#docker inspect nginx |grep -i dir "LowerDir": "/var/lib/docker/overlay2/a2d12b45e571f3ba04b3c3ee47ac1740eb34f3a63a3ccec07dc3c6bf372e7c72-init/diff:/var/lib/docker/overlay2/33a007a9d63a0e81bb4b1e0fd71c72b7b8eed87d02dec9a73c4167b4b5135269/diff:/var/lib/docker/overlay2/b555a2c1cfed0f38e2ef0dc51237adebd4acc562fa0cd09726b8274ba5a2a686/diff:/var/lib/docker/overlay2/43f9ca99f8bab29d917332441a2fc1cce0f3b7309a01d4a13189bce1286536f3/diff", "MergedDir": "/var/lib/docker/overlay2/a2d12b45e571f3ba04b3c3ee47ac1740eb34f3a63a3ccec07dc3c6bf372e7c72/merged", "UpperDir": "/var/lib/docker/overlay2/a2d12b45e571f3ba04b3c3ee47ac1740eb34f3a63a3ccec07dc3c6bf372e7c72/diff", "WorkDir": "/var/lib/docker/overlay2/a2d12b45e571f3ba04b3c3ee47ac1740eb34f3a63a3ccec07dc3c6bf372e7c72/work" "WorkingDir": "",
例如如果要修改“
nginx.conf
”配置文件,可以过滤“UpperDir
”来查看配置文件所对应的路径进行修改,“MergedDir
”路径为容器运行时生成的路径,如果容器当前未运行将会提示“没有那个文件或目录”。1.1.13.删除容器
docker rm 6bcafc0beba4
-f, --force
:强制移除正在运行的容器(使用SIGKILL)
-l, --link
:删除指定的链接
-v, --volumes
:删除与容器关联的匿名卷
删除 CONTAINER ID 为(6bcafc0beba4)容器
1.1.14.删除全部容器
docker rm $(docker ps -aq)
删除全部容器(包括未运行的)
CONTAINER ID 可以使用命令
docker ps –a
查看, 删除前容器必须为停止状态,如果要强制删除正在运行的容器可以使用命令docker rm -f 6bcafc0beba4
删除1.2.镜像管理
1.2.1.显示本地所有镜像
[root@itbkz.com ~]#docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx v1 b2651d53e586 39 minutes ago 127MB nginx 1.16 dfcfd8e9a5d3 3 weeks ago 127MB
1.2.2.搜索镜像
[root@itbkz.com ~]#docker search nginx NAME DESCRIPTION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 13194 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 1805 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 774 [OK] linuxserver/nginx An Nginx container, brought to you by LinuxS… 112
1.2.3.拉取镜像
[root@itbkz.com ~]# docker pull nginx:1.16 1.16: Pulling from library/nginx 54fec2fa59d0: Pull complete 5546cfc92772: Pull complete 50f62e3cdaf7: Pull complete Digest: sha256:d20aa6d1cae56fd17cd458f4807e0de462caf2336f0b70b5eeb69fcaaf30dd9c Status: Downloaded newer image for nginx:1.16 docker.io/library/nginx:1.16
如果
nginx
后面不指定标签,则默认拉取nginx:latest
镜像1.2.4.删除本地镜像
docker rmi 1d71f79b8e46
删除 IMAGE ID 为(1d71f79b8e46)镜像
IMAGE ID 可以使用命令
docker images
查看,删除镜像前必须先删除先前创建的容器1.2.5.镜像导出
docker save -o nginx.tar nginx:latest
镜像导出会在当前目录生成 nginx.tar 文件,然后导出此文件即可
1.2.6.镜像导入
docker load -i nginx.tar
1.2.7.镜像重命名
docker tag 36a4fcd3d962 me-nginx:1.0
会以 36a4fcd3d962 创建一个版本为 1.0 的 me-nginx 镜像
1.3.数据卷管理
1.3.1.查看所有数据卷
[root@itbkz.com ~]#docker volume ls DRIVER VOLUME NAME
1.3.2.创建数据卷
[root@itbkz.com ~]#docker volume create data data [root@itbkz.com ~]#docker volume ls DRIVER VOLUME NAME local data
1.3.3.删除数据卷
[root@itbkz.com ~]#docker volume rm data data [root@itbkz.com ~]#docker volume ls DRIVER VOLUME NAME
1.3.4.删除未使用的卷
[root@itbkz.com ~]#docker volume prune WARNING! This will remove all local volumes not used by at least one container. Are you sure you want to continue? [y/N] y Deleted Volumes: data Total reclaimed space: 0B
1.4.网络管理
1.4.1.查看现有网络
[root@itbkz.com ~]#docker network ls NETWORK ID NAME DRIVER SCOPE 82a974dbbe60 bridge bridge local 5c3bcd390b89 host host local 4fe46e1b4c1e none null local
1.4.2.创建网络
[root@itbkz.com ~]#docker network create localnetwork 1cc7012f86239b5a6d6d1d29c0f6175ecc47025ca1790f247273bdec576fa4c8 [root@itbkz.com ~]#docker network ls NETWORK ID NAME DRIVER SCOPE 82a974dbbe60 bridge bridge local 5c3bcd390b89 host host local 1cc7012f8623 localnetwork bridge local 4fe46e1b4c1e none null local
1.4.3.删除网络
[root@itbkz.com ~]#docker network rm localnetwork localnetwork [root@itbkz.com ~]#docker network ls NETWORK ID NAME DRIVER SCOPE 82a974dbbe60 bridge bridge local 5c3bcd390b89 host host local 4fe46e1b4c1e none null local
1.4.4.删除未使用网络
[root@itbkz.com ~]#docker network prune WARNING! This will remove all networks not used by at least one container. Are you sure you want to continue? [y/N] y Deleted Networks: localnetwork [root@itbkz.com ~]#docker network ls NETWORK ID NAME DRIVER SCOPE 82a974dbbe60 bridge bridge local 5c3bcd390b89 host host local 4fe46e1b4c1e none null local
1.5.启动命令或配置更新
[root@itbkz.com ~]#systemctl stop docker 编辑/var/lib/docker/containers/容器完整ID/hostconfig.json和/var/lib/docker/containers/容器完整ID/config.v2.json [root@itbkz.com ~]#systemctl start docker
以上两个配置文件内容不一样,根据需求修改,另外在修改之前请暂时停止docker服务,然后修改配置文件,再启动docker服务即可生效,否则修改无效,如果要更新容器自启或是cpu、内存的配置,请使用
docker update
命令,如docker update --restart=always id/name
,更多帮助信息请使用docker update --help
查看1.6.其它命令
1.6.1.查看版本
方法1: [root@itbkz.com ~]#docker -v Docker version 19.03.8, build afacb8b 方法2: [root@itbkz.com ~]#docker version Client: Docker Engine - Community Version: 19.03.8 API version: 1.40 Go version: go1.12.17 Git commit: afacb8b Built: Wed Mar 11 01:27:04 2020 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 19.03.5 API version: 1.40 (minimum version 1.12) Go version: go1.12.12 Git commit: 633a0ea Built: Wed Nov 13 07:24:18 2019 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.2.13 GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc: Version: 1.0.0-rc10 GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd docker-init: Version: 0.18.0 GitCommit: fec3683
1.6.2.命令帮助
docker xx --help
显示
docker xx
命令的帮助信息,xx
:表示不同的命令如pull
、run
等,可以查看该命令的帮助及参数。1.6.3.卸载
yum remove -y docker-engine
2.docker-compose命令
Define and run multi-container applications with Docker. Usage: docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...] docker-compose -h|--help Options: -f, --file FILE Specify an alternate compose file (default: docker-compose.yml) -p, --project-name NAME Specify an alternate project name (default: directory name) -c, --context NAME Specify a context name --verbose Show more output --log-level LEVEL Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL) --no-ansi Do not print ANSI control characters -v, --version Print version and exit -H, --host HOST Daemon socket to connect to --tls Use TLS; implied by --tlsverify --tlscacert CA_PATH Trust certs signed only by this CA --tlscert CLIENT_CERT_PATH Path to TLS certificate file --tlskey TLS_KEY_PATH Path to TLS key file --tlsverify Use TLS and verify the remote --skip-hostname-check Don't check the daemon's hostname against the name specified in the client certificate --project-directory PATH Specify an alternate working directory (default: the path of the Compose file) --compatibility If set, Compose will attempt to convert keys in v3 files to their non-Swarm equivalent --env-file PATH Specify an alternate environment file Commands: build 生成或重建服务 config 验证并查看撰写文件 create 创建服务 down 停止并删除容器、网络、映像和卷 events 从容器接收实时事件 exec 在正在运行的容器中执行命令 help 获取命令帮助 images 列出镜像 kill 杀死容器 logs 查看容器的输出 pause 暂停服务 port 打印端口绑定的公共端口 ps 列出容器 pull 拉取服务镜像 push 推送服务镜像 restart 重启服务 rm 移除停止的容器 run 运行一次性命令 scale 设置服务的容器数 start 启动服务 stop 停止服务 top 显示正在运行的容器的进程 unpause 继续运行服务 up 创建并启动容器 version 显示Docker Compose版本信息
2.1.compose容器管理
2.1.1.调试yaml文件
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml config services: Nginx: container_name: nginx environment: TZ: Asia/Shanghai hostname: nginx image: nginx:1.16 ports: - 80:80/tcp restart: always tty: true volumes: - /etc/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - /usr/share/nginx/html:/usr/share/nginx/html:rw version: '3.0'
如果有变量将会显示变量的值
2.1.2.启动容器
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml up -d Creating network "root_default" with the default driver Creating nginx ... done
不指定文件名称将使用默认的
docker-compose.yml
, docker-compose.yaml
文件,如果没有将启动失败;或是使用docker-compose -f docker-compose.yml up -d
来启动2.1.3.查看容器进程
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml top nginx UID PID PPID C STIME TTY TIME CMD --------------------------------------------------------------------------------------------- root 16790 16771 1 13:43 pts/0 00:00:00 nginx: master process nginx -g daemon off; 101 16847 16790 0 13:43 pts/0 00:00:00 nginx: worker process
2.1.4.重启容器
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml restart Restarting nginx ... done
2.1.5.跟踪容器日志
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml logs -f Attaching to nginx nginx | 172.20.3.63 - - [08/Jul/2020:13:46:01 +0800] "GET / HTTP/1.1" 200 10 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Safari/537.36" "-"
1.1.13.删除容器
[root@itbkz.com ~]#docker-compose -f nginx-docker-compose.yaml down Stopping nginx ... done Removing nginx ... done Removing network root_default