Docker 安装
1.卸载老版本docker
yum remove docker \
docker-common \
docker-selinux \
docker-engine
2.设置yum仓库
yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
3.安装Docker-ce
使用命令yum list docker-ce –showduplicates | sort -r来查看目前可供安装的docker版本
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
yum list docker-ce --showduplicates | sort -r * updates: mirrors.aliyun.com Loading mirror speeds from cached hostfile Loaded plugins: fastestmirror Installed Packages * extras: mirrors.aliyun.com * epel: fedora.cs.nctu.edu.tw docker-ce.x86_64 3:18.09.0-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.06.1.ce-3.el7 @docker-ce-stable docker-ce.x86_64 18.06.0.ce-3.el7 docker-ce-stable docker-ce.x86_64 18.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 18.03.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.12.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.09.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.06.0.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.3.ce-1.el7 docker-ce-stable docker-ce.x86_64 17.03.2.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.1.ce-1.el7.centos docker-ce-stable docker-ce.x86_64 17.03.0.ce-1.el7.centos docker-ce-stable * base: mirrors.aliyun.com Available Packages 以下安装选其一即可 指定安装18.06.1.ce版本 yum install -y docker-ce-18.06.1.ce 安装最新稳定版本 yum install docker-ce -y |
4.修改pull images时的加速文件
|
1 2 3 4 5 |
[root@docker-node1 /]# mkdir /etc/docker #/etc/docker在docker未启动的时候是不存在的 [root@docker-node1 /]# vim /etc/docker/daemon.json #创建该json加速文件,在此使用的是163的加速代理 { "registry-mirrors": ["http://hub-mirror.c.163.com"] } |
Docker 基础命令
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
[root@docker-node1 /]# systemctl start docker [root@docker-node1 /]# systemctl enable docker [root@docker-node1 /]# docker version #查看Docker版本信息 Client: #Docker Client版本信息 Version: 18.06.1-ce #Docker版本为18.06.1-ce为社区版 API version: 1.38 #API远程管理版本为1.38 Go version: go1.10.3 #Go版本为1.10.3 Git commit: e68fc7a Built: Tue Aug 21 17:23:03 2018 #该版本发布时间 OS/Arch: linux/amd64 #系统信息 Experimental: false Server: #Docker Server版本信息 Engine: Version: 18.06.1-ce API version: 1.38 (minimum version 1.12) Go version: go1.10.3 Git commit: e68fc7a Built: Tue Aug 21 17:25:29 2018 OS/Arch: linux/amd64 Experimental: false |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
[root@docker-node1 /]# docker info #查看docker系统的详细信息 Containers: 0 #容器数量 Running: 0 #正在运行的容器数 Paused: 0 #暂停的容器数量 Stopped: 0 #停止的容器数量 Images: 0 #镜像数量 Server Version: 18.06.1-ce #Docker Server版本信息 Storage Driver: overlay2 #docker文件系统 Backing Filesystem: xfs #docker文件系统是建立在本地文件系统之上,xfs为本地文件系统 Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs #Cgroups控制硬件资源系统 Plugins: #插件 Volume: local #存储卷插件 Network: bridge host macvlan null overlay #网络插件 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog #日志插件 Swarm: inactive #Docker Swarm管理工具状态 Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e runc version: 69663f0bd4b60df09991c08812a60108003fa340 init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 3.10.0-862.el7.x86_64 #系统内核版本 Operating System: CentOS Linux 7 (Core) #系统版本 OSType: linux #系统类型 Architecture: x86_64 #系统结构 CPUs: 1 #CPU数量 Total Memory: 974.6MiB #内存大小 Name: docker-node1.cn #主机名称 ID: C5EI:6LOP:PZZB:H3OU:5JRP:QWXK:3XD6:ZOLZ:KYP3:45TH:H64X:3O5T Docker Root Dir: /var/lib/docker #Docker根目录 Debug Mode (client): false #Docker Clinet的Debug模块状态 Debug Mode (server): false #Docker Server的Debug模块状态 Registry: https://index.docker.io/v1/ #Docker仓库API地址 Labels: #最新版本 Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: #Docker仓库镜像加速地址 http://hub-mirror.c.163.com/ Live Restore Enabled: false |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
[root@docker-node1 /]# systemctl status docker [root@docker-node1 /]# ps -ef|grep docker [root@docker-node1 /]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:23:99:3d brd ff:ff:ff:ff:ff:ff inet 192.168.56.5/24 brd 192.168.56.255 scope global noprefixroute dynamic eth0 valid_lft 1745sec preferred_lft 1745sec inet6 fd15:4ba5:5a2b:1008:f851:f8bb:7c36:f1d2/64 scope global noprefixroute dynamic valid_lft 86371sec preferred_lft 14371sec inet6 fe80::e086:4982:4713:11c1/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:b0:20:51:2b brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 #Docker启动会自动创建一个网卡与物理地址是联通的,该网卡被称为 nat桥 valid_lft forever preferred_lft forever |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
[root@docker-node1 /]# du -sh /var/lib/docker/* #Docker的镜像及一些数据都在此目录下 16K /var/lib/docker/builder 56K /var/lib/docker/buildkit 24K /var/lib/docker/containerd 0 /var/lib/docker/containers 4.0K /var/lib/docker/image 32K /var/lib/docker/network 0 /var/lib/docker/overlay2 0 /var/lib/docker/plugins 0 /var/lib/docker/runtimes 0 /var/lib/docker/swarm 0 /var/lib/docker/tmp 0 /var/lib/docker/trust 24K /var/lib/docker/volumes |
Docker 命令汇总
Docker版本信息
|
1 2 |
1. docker info:查看Docker详细信息 2. docker version:查看Docker版本信息 |
Docker本地镜像管理命令
|
1 2 3 4 5 6 7 8 9 |
1. docker images ls:查看本地镜像 2. docker save -o nginx.tar nginx:把nginx镜像导出为nginx.tar,导出的镜像必须以 .tar结尾 3. 镜像导入的三种方法 1) docker load --input nginx.tar 2) docker load < nginx.tar 3) docker import nginx.tar nginx 4. docker rmi nginx:删除本地镜像,有时候可能会报错是因为该镜像被容器使用,所以要删除关联的容器 5. docker history nginx:查看Nginx镜像的创建历史 6. docker tag nginx nginx:v3:给nginx镜像加上标签,以便分类 |
Docker镜像仓库
|
1 2 3 4 5 |
1. docker search <COMMAND>:搜索镜像 2. docker pull <COMMAND>:下载镜像 3. docker login -u user -p passwd:登录到镜像仓库地址,如果未指定,默认登录到 Docker Hub 4. docker logout:登出该仓库 5. docker push <自己镜像仓库名> nginx:上传本地镜像nginx到镜像仓库中 |
Docker容器操作命令
|
1 2 3 4 5 6 7 8 |
docker ps [OPTIONS]:不加选项只显示正在运行的容器 OPTIONS说明: * -a:显示所有容器,包括未运行的 * -f:根据条件过滤显示内容 * -l:显示最近创建的容器 * -n:列出最近创建的N个容器 * -q:静默模式,只显示容器编号 * -s:显示总的文件大小 |
|
1 2 3 4 5 6 |
docker inspect [OPTIONS] nginx:获取容器|镜像的元数据 OPTION说明: * -f:指定返回值的模版文件 * -s:显示总文件的大小 * --type:为指定类型返回JSON docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' centos #获取正在运行容器centos的IP地址 |
|
1 |
docker top centos:查看容器centos的进程信息 |
|
1 2 3 4 5 6 7 |
docker logs [OPTIONS] [容器名|容器ID]:查看容器日志信息 OPTIONS说明: * -f:跟踪日志输出 * -t:显示时间戳 * --since:显示某个开始时间的所有日志 * --tail:仅列出最新N条容器日志 docker logs -f centos #跟踪容器centos的日志输出 |
|
1 2 3 4 |
1. docker wait centos:阻塞容器运行直到容器停止,然后打印出它的退出代码! 2. docker export -o centos-`date +%Y-%m-%d`.tar centos:导出centos镜像 3. docker port [OPTIONS] [容器名]:列出指定容器的端口映射 4. docker port nginx:查看容器nginx的端口影响情 |
Docker生命周期管理命令
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
docker run [OPTIONS] IMAGE [容器名称] OPTIONS说明: * -a stdin:指定标准输入输出内容类型,可选STDIN|STDOUT|STDERR三项 * -d:后台运行容器,并返回容器ID * -P:将容器内的某端口映射到宿主机的任意端口 * -p:将容器内的某端口指定映射到宿主机的某端口 * -v:将宿主机的某目录指定映射到容器的某目录 * -i:以交互式运行容器,通常与-t同时使用 * -t:为该容器分配一个伪终端,通常与-i同时使用 * --name nginx:为容器指定一个名称为nginx * --dns 8.8.8.8:指定容器使用的DNS服务器,默认不指定和宿主机一致 * --dns-search example.com:指定容器DNS搜索域名,默认和宿主机一致 * -h "localhost":指定容器的hostname * -e username=“ritchie”:设置环境变量 * --env-file[]:从指令读入环境变量 * --cpuset="0-2" or --cpuset="0,1,2":绑定容器到指定CPU运行 * -m:设置容器使用的内存最大值 * --net="bridge":指定容器的网络连接类型,支持bridge/host/none/container,四种类型 * --link=[]:添加链接到另一容器 * --expose=[]:开放一个端口或一组端口 |
实例:
|
1 2 3 4 5 |
[root@docker-node1 /]# docker run --name mycentos -d centos:latest #后台启动容器并起名为mycentos [root@docker-node1 /]# docker run -P -d centos:latest #使用镜像centos启动容器并将该容器的80端口随机映射到宿主机的任意端口 [root@docker-node1 /]# docker run -p 80:80 -v /data:/data -d centos:latest #使用镜像centos启动容器并将容器的80端口映射到宿主机的80端口,主机目录的/data映射到容器的/data [root@docker-node1 /]# docker run -p 127.0.0.1:80:8080/tcp centos bash #使用镜像centos启动容器并将容器的8080端口绑定到本地主机的80端口 [root@docker-node1 /]# docker run -it centos:latest /bin/bash #使用镜像centos以交互式启动容器 |
Docker启动|关闭|重启命令
|
1 2 3 |
1. docker start centos 2. docker stop centos 3. docker restart centos |
Docker kill命令
|
1 2 3 4 |
1. docker kill [OPTIONS] [容器] OPTIONS说明: * -s:向容器发送一个信号 2. docker kill -s KILL d96a8184c192 |
Docker rm 命令
|
1 2 3 4 5 6 |
1. docker rm [OPTIONS] [容器] OPTIONS说明: * -f:通过SLGKILL信号强制删除一个运行中的容器 * -l:移除容器间的网络连接,而非容器本身 * -v:删除与容器无关的卷 2. docker rm -f centos |
Docker pause/unpause命令
|
1 2 |
docker pause centos #暂停centos容器中的所有进程 docker unpause centos #恢复centos容器中的所有进程 |
Docker create 命令
docker create --name mycentos centos:latest #创建一个新的容器但不启动它
Docker exec 命令
|
1 2 3 4 5 6 7 |
1. docker exec [OPTIONS] [容器] [命令] * OPTIONS说明: * -d:分离模式,在后台运行 * -i:即使没有附加也保持STDIN打开 * -t:分配一个伪终端 2. docker exec -it mycentos /bin/sh /root/xuwl.sh #在容器mycentos交互模式中运行容器中/root/xuwl.sh脚本 3. docker exec -it mycentos /bin/bash #在容器的mycentos中开启一个交互模式的伪终端 |
Docker 镜像管理
搜索镜像
语法:docker search [image]
docker search centos
下载镜像
语法:docker pull [image_NAME]
|
1 2 3 4 5 6 7 |
[root@code-01 ~]# docker pull centos Using default tag: latest Trying to pull repository docker.io/library/centos ... latest: Pulling from docker.io/library/centos 7dc0dca2b151: Pull complete Digest: sha256:b67d21dfe609ddacf404589e04631d90a342921e81c40aeaf3391f6717fa5322 Status: Downloaded newer image for docker.io/centos:latest |
|
1 2 3 4 5 6 7 8 9 |
[root@code-01 ~]# docker pull nginx Using default tag: latest Trying to pull repository docker.io/library/nginx ... latest: Pulling from docker.io/library/nginx be8881be8156: Pull complete 32d9726baeef: Pull complete 87e5e6f71297: Pull complete Digest: sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424 Status: Downloaded newer image for docker.io/nginx:latest |
|
1 2 3 4 |
[root@code-01 ~]# docker images #列出本地所有镜像 REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/nginx latest c82521676580 3 days ago 109 MB docker.io/centos latest 49f7960eb7e4 7 weeks ago 200 MB |
镜像导出
语法:docker save -o [image].tar [image]
-o:指定导出名称,必须以 .tar结尾
image:指定需导出的镜像名称
|
1 2 3 |
[root@code-01 ~]# docker save -o centos.tar centos [root@code-01 ~]# ls anaconda-ks.cfg centos.tar |
删除本地镜像
语法:docker rmi [REPOSITORY|IMAGE ID]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
[root@code-01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/nginx latest c82521676580 3 days ago 109 MB docker.io/centos latest 49f7960eb7e4 7 weeks ago 200 MB [root@code-01 ~]# docker rmi 49f7960eb7e4 Untagged: docker.io/centos:latest Deleted: sha256:49f7960eb7e4cb46f1a02c1f8174c6fac07ebf1eb6d8deffbcb5c695f1c9edd5 Deleted: sha256:bcc97fbfc9e1a709f0eb78c1da59caeb65f43dc32cd5deeb12b8c1784e5b8237 [root@code-01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/nginx latest c82521676580 3 days ago 109 MB [root@code-01 ~]# docker rmi nginx Untagged: nginx:latest Untagged: docker.io/nginx@sha256:d85914d547a6c92faa39ce7058bd7529baacab7e0cd4255442b04577c4d1f424 Deleted: sha256:c82521676580c4850bb8f0d72e47390a50d60c8ffe44d623ce57be521bca9869 Deleted: sha256:2c1f65d17acf8759019a5eb86cc20fb8f8a7e84d2b541b795c1579c4f202a458 Deleted: sha256:8f222b457ca67d7e68c3a8101d6509ab89d1aad6d399bf5b3c93494bbf876407 Deleted: sha256:cdb3f9544e4c61d45da1ea44f7d92386639a052c620d1550376f22f5b46981af [root@code-01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE |
镜像导入
1.语法:docker load –input [image].tar
|
1 2 3 |
[root@code-01 ~]# docker load --input centos.tar bcc97fbfc9e1: Loading layer [==================================================>] 208.2 MB/208.2 MB Loaded image: docker.io/centos:latest |
2.语法:docker load < [image].tar
|
1 2 3 4 5 |
[root@code-01 ~]# docker load < nginx.tar cdb3f9544e4c: Loading layer [==================================================>] 58.44 MB/58.44 MB a8c4aeeaa045: Loading layer [==================================================>] 54.24 MB/54.24 MB 08d25fa0442e: Loading layer [==================================================>] 3.584 kB/3.584 kB Loaded image: docker.io/nginx:latest |
Docker 容器管理
创建容器
语法:docker run –name [CONTAINER NAME] -t -i -d [image]
|
1 2 3 4 5 6 7 8 9 10 11 |
[root@code-01 ~]# docker run --name dockerc -t -i -d centos /bin/bash e968c0137775150c72299b8b6370a83db1cb0b4e62533f2f2447205c6a1c810d [root@code-01 ~]# docker run --name dockerd -t -i -d centos /bin/bash 11f3e96045013c5e9e96a1e7b58772275b2446cc18c9c52207e96a5b1f7ada15 [root@code-01 ~]# docker run --name nginx -t -i -d nginx /bin/bash 398defba777bba256f856f50de7e2e64a6eda915180c062bc51130b4a36f2372 [root@code-01 ~]# docker ps -a #查看所有容器(包含沉睡/退出状态的容器) CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 3 seconds ago Up 3 seconds 80/tcp nginx 11f3e9604501 centos "/bin/bash" 18 seconds ago Up 17 seconds dockerd e968c0137775 centos "/bin/bash" About a minute ago Up About a minute dockerc |
启动关闭容器
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
[root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 3 seconds ago Up 3 seconds 80/tcp nginx 11f3e9604501 centos "/bin/bash" 18 seconds ago Up 17 seconds dockerd e968c0137775 centos "/bin/bash" About a minute ago Up About a minute dockerc [root@code-01 ~]# docker restart dockerc dockerc [root@code-01 ~]# docker stop dockerd dockerd [root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 10 minutes ago Up 10 minutes 80/tcp nginx 11f3e9604501 centos "/bin/bash" 10 minutes ago Exited (137) 2 seconds ago dockerd e968c0137775 centos "/bin/bash" 11 minutes ago Up 22 seconds dockerc [root@code-01 ~]# docker start dockerd dockerd [root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 10 minutes ago Up 10 minutes 80/tcp nginx 11f3e9604501 centos "/bin/bash" 11 minutes ago Up 4 seconds dockerd e968c0137775 centos "/bin/bash" 11 minutes ago Up 41 seconds dockerc |
杀死容器
语法:docker kill [ NAMES | CONTAINER ID ]
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
[root@code-01 ~]# docker kill nginx nginx [root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 14 minutes ago Exited (137) 2 seconds ago nginx 11f3e9604501 centos "/bin/bash" 14 minutes ago Up 3 minutes dockerd e968c0137775 centos "/bin/bash" 15 minutes ago Up 4 minutes dockerc [root@code-01 ~]# docker kill 11f3e9604501 11f3e9604501 [root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 398defba777b nginx "/bin/bash" 14 minutes ago Exited (137) 16 seconds ago nginx 11f3e9604501 centos "/bin/bash" 14 minutes ago Exited (137) 3 seconds ago dockerd e968c0137775 centos "/bin/bash" 15 minutes ago Up 4 minutes dockerc |
删除容器
语法:docker rm [ NAMES | CONTAINER ID ]
语法:docker rm -f [ NAMES | CONTAINER ID ]
|
1 2 3 4 5 6 7 8 9 |
[root@code-01 ~]# docker rm nginx # rm可以删除未在运行的容器 nginx [root@code-01 ~]# docker rm dockerc # 使用rm删除正在运行的容器时,报错如下 Error response from daemon: You cannot remove a running container e968c0137775150c72299b8b6370a83db1cb0b4e62533f2f2447205c6a1c810d. Stop the container before attempting removal or use -f [root@code-01 ~]# docker rm -f dockerc #使用 rm -f来强制删除此容器 dockerc [root@code-01 ~]# docker ps -a #查看所有容器只剩下了一个 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 19 minutes ago Exited (137) 4 minutes ago dockerd |
进入容器
三种方式如下:
语法:docker attach [image]
语法:docker exec -it [ NAMES | CONTAINER ID ] /bin/bash
语法:nsenter工具
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
[root@code-01 ~]# docker ps -a #查看容器dockerd,结果并未在运行 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 44 minutes ago Exited (137) 29 minutes ago dockerd [root@code-01 ~]# docker start dockerd #开启容器dockerd dockerd [root@code-01 ~]# docker ps -a #已开启 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 44 minutes ago Up 13 seconds dockerd [root@code-01 ~]# docker attach dockerd #使用attach命令进入此容器 [root@11f3e9604501 /]# ps aux #已登录到该容器,并查看该容器进程 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.1 0.1 11820 1876 ? Ss 11:16 0:00 /bin/bash root 13 0.0 0.1 51708 1712 ? R+ 11:16 0:00 ps aux [root@11f3e9604501 /]# exit #退出dockerd容器 exit [root@code-01 ~]# docker ps -a #dockerd容器跟随着attach命令的退出而停止运行 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 44 minutes ago Exited (0) 1 second ago dockerd |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
[root@code-01 ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 44 minutes ago Exited (0) 1 second ago dockerd [root@code-01 ~]# docker exec -it dockerd /bin/bash #进入该容器因为未启动而报一下错误 Error response from daemon: Container 11f3e96045013c5e9e96a1e7b58772275b2446cc18c9c52207e96a5b1f7ada15 is not running [root@code-01 ~]# docker start dockerd dockerd [root@code-01 ~]# docker exec -it dockerd /bin/bash #进入该容器 [root@11f3e9604501 /]# ps -aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.1 0.1 11820 1676 ? Ss+ 11:22 0:00 /bin/bash root 13 0.2 0.1 11820 1896 ? Ss 11:22 0:00 /bin/bash root 25 0.0 0.1 51708 1712 ? R+ 11:22 0:00 ps -aux [root@11f3e9604501 /]# exit exit [root@code-01 ~]# docker ps -a #dockerd容器并没有因为终端退出而关闭自身 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 50 minutes ago Up 16 seconds dockerd [root@code-01 ~]# docker exec dockerd ps -aux #还可以在容器外操作命令来查看容器内 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 11820 1676 ? Ss+ 11:22 0:00 /bin/bash root 30 0.0 0.1 51708 1708 ? Rs 11:25 0:00 ps -aux |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
[root@code-01 ~]# yum install util-linux -y #nsenter工具是依赖在util-linux软件包内 Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * epel: mirrors.ustc.edu.cn Package util-linux-2.23.2-52.el7.x86_64 already installed and latest version Nothing to do [root@code-01 ~]# docker inspect -f "{{ .State.Pid}}" dockerd #dockerd是容器名字,每一个容器都有.State.Pid 14835 [root@code-01 ~]# nsenter -t 14835 -m -u -i -n -p 解释nsenter指令中进程id之后的参数的含义: * –t:target参数是指定进程ID * –m:mount参数是进去到mount namespace中 * –u:uts参数是进入到uts namespace中 * –i:ipc参数是进入到System V IPC namaspace中 * –n:net参数是进入到network namespace中 * –p:pid参数是进入到pid namespace中 * –u:user参数是进入到user namespace中 [root@11f3e9604501 /]# ps aux # -bash是nsenter所产生的进程,就算是我退出容器,因为 -bash还在运行,容器也不会自行退出 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 11820 1676 ? Ss+ 11:22 0:00 /bin/bash root 34 0.2 0.1 15252 1980 ? S 11:28 0:00 -bash root 47 0.0 0.1 55140 1856 ? R+ 11:28 0:00 ps aux [root@11f3e9604501 /]# exit logout [root@code-01 ~]# docker ps -a #容器运行正常 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 11f3e9604501 centos "/bin/bash" 56 minutes ago Up 6 minutes dockerd |
编写进入容器脚本
|
1 2 3 4 5 6 7 8 9 |
[root@code-01 ~]# cat docker.sh #!/bin/bash # Use nsenter to access docker docker_in(){ NAME_ID=$1 PID=$(docker inspect -f "{{ .State.Pid }}" $NAME_ID) nsenter -t $PID -m -u -i -n -p } docker_in $1 |
容器日志查看
语法:docker logs [ NAMES | CONTAINER ID ]
|
1 2 3 4 5 6 7 |
[root@code-01 ~]# docker logs dockerd [root@11f3e9604501 /]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.1 0.1 11820 1876 ? Ss 11:16 0:00 /bin/bash root 13 0.0 0.1 51708 1712 ? R+ 11:16 0:00 ps aux [root@11f3e9604501 /]# exit exit |
Docker 文件日志
Docker的日志文件默认写入到/var/log/messages内
Docker的配置文件(CentOS7)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 |
[root@code-01 ~]# cat /usr/lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com After=network.target rhel-push-plugin.socket registries.service Wants=docker-storage-setup.service Requires=docker-cleanup.timer [Service] Type=notify NotifyAccess=all EnvironmentFile=-/run/containers/registries.conf EnvironmentFile=-/etc/sysconfig/docker EnvironmentFile=-/etc/sysconfig/docker-storage EnvironmentFile=-/etc/sysconfig/docker-network Environment=GOTRACEBACK=crash Environment=DOCKER_HTTP_HOST_COMPAT=1 Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin ExecStart=/usr/bin/dockerd-current \ --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \ --default-runtime=docker-runc \ --exec-opt native.cgroupdriver=systemd \ --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \ --init-path=/usr/libexec/docker/docker-init-current \ --seccomp-profile=/etc/docker/seccomp.json \ $OPTIONS \ $DOCKER_STORAGE_OPTIONS \ $DOCKER_NETWORK_OPTIONS \ $ADD_REGISTRY \ $BLOCK_REGISTRY \ $INSECURE_REGISTRY \ $REGISTRIES ExecReload=/bin/kill -s HUP $MAINPID LimitNOFILE=1048576 LimitNPROC=1048576 LimitCORE=infinity TimeoutStartSec=0 Restart=on-abnormal KillMode=process [Install] WantedBy=multi-user.target |