Docker简介
什么是容器?
一种虚拟化的方案
操作系统级别的虚拟化
只能运行相同或相似内核的操作系统
依赖于Linux内核特性:Namespace和Cgroup(Control Group)
什么是Docker?
将应用程序自动部署到容器的开源引擎
Go语言开源引擎 Github地址: [](https://github.com/docker/docker)
基于Apache 2.0开源授权协议发行
Docker的特点?
提供简单轻量的建模方式
职责的逻辑分离
快速搞笑的开发生命周期
鼓励使用面向服务的架构
Docker的使用场景
1 使用Docker容器开发,测试,部署服务
2 创建隔离的运行环境
3 搭建测试环境
4 构建多用户的平台即服务基础设施
5 提供软件即服务应用程序
6 高性能,多规模的宿主机部署
Docker的基本组成
Docker Client客户端;Daemon守护进程;Image镜像;Container容器;Registry仓库
Docker客户端/守护进程
C/S架构
本地/远程
Docker Image镜像
容器的基石(容器基于镜像启动和运行,镜像就好比容器的的源代码,保存了启动容器的各种条件)
层叠的只读文件系统 bootfs(引导文件系统)当容器启动后将被移到内存中,而引导文件系统将会被卸载;
联合加载(union mount)
容器的基本操作
交互式容器在命令结束后,就停止
启动容器:
$docker run IMAGE [COMMAND][ARG...]
run 在新容器中执行命令
执行单次命令的容器:
ubuntu@ubuntu:~$ docker run ubuntu echo 'Hello world'
Hello world
启动交互式容器:
$docker run -i -t IMAGE /bin/bash
-i --interactive=ture|fasle 默认是false 交互
-t --tty=true|false 默认是false
ubuntu@ubuntu:~$ docker run -i -t ubuntu /bin/bash
root@44d36a84c016:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 03:48 ? 00:00:00 /bin/bash
root 12 1 0 03:49 ? 00:00:00 ps -ef
root@44d36a84c016:/# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
root@44d36a84c016:/# exit
exit
查看容器
$docker ps [-a][-l]
-a 列出所有的容器
-l 列出最新创建的容器
CONTAINEG ID docker的守护进程,当启动时为容器分配的唯一ID
NAMES docker守护进程启动时为容器自动分配的名字
ubuntu@ubuntu:~$ docker ps -l
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
44d36a84c016 ubuntu:latest "/bin/bash" 7 minutes ago Exited (0) 6 minutes ago gloomy_bohr
如何查看刚刚创建的容器
$docker inspect 参数:容器的名字(ID或友好的名字)
ubuntu@ubuntu:~$ docker inspect 44d36a84c016
[{
"AppArmorProfile": "",
"Args": [],
"Config": {
"AttachStderr": true,
"AttachStdin": true,
"AttachStdout": true,
"Cmd": [
"/bin/bash"
],
"CpuShares": 0,
........
自定义容器名
$docker run --name=自定义名 -i -t IMAGE /bin/bash
ubuntu@ubuntu:~$ docker run --name=container01 -i -t ubuntu /bin/bash
root@89fdd67fcc7c:/# exit
exit
ubuntu@ubuntu:~$ docker inspect container01
重新启动停止的容器
$docker start [-i] 容器名
ubuntu@ubuntu:~$ docker start -i container01
root@89fdd67fcc7c:/# exit
exit
删除停止的容器(只能删除停止的容器)
$docker rm 容器名
ubuntu@ubuntu:~$ docker rm a14eae563c17
a14eae563c17
守护式容器
守护式容器,长期运行,没有交互式的会话,适合运行应用程序和服务
以守护形式运行容器
$docker run -i -t IMAGE /bin/bash
Ctrl+P + Ctrl+Q 将一个交互式的容器转到后台
ubuntu@ubuntu:~$ docker run -i -t ubuntu /bin/bash
root@7a5baebf940a:/#
root@7a5baebf940a:/# ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7a5baebf940a ubuntu:latest "/bin/bash" 3 minutes ago Up 3 minutes dreamy_hopper
附加到运行中的容器
$docker attach 容器名
ubuntu@ubuntu:~$ docker attach 7a
root@7a5baebf940a:/# ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7a5baebf940a ubuntu:latest "/bin/bash" 7 minutes ago Up 7 minutes dreamy_hopper
ubuntu@ubuntu:~$ docker attach 7a
root@7a5baebf940a:/# exit
exit
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
启动守护式容器
$docker run 镜像名 [COMMAND] [ARG...]
-d 告诉run命令在启动容器时使用后台的方式来执行命令
ubuntu@ubuntu:~$ docker run --name dc3 -d ubuntu /bin/sh -c "while true;do echo hello world;sleep 1;done"
29de71a93dfaf67cb27b6fa5d953ecd6ca924e6b1923a31d6f41995af268af24
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
29de71a93dfa ubuntu:latest "/bin/sh -c 'while t 4 seconds ago Up 3 seconds dc3
查看容器日志
$docker logs [-f][-t][--tail] 容器名
-f --follows=true|false 默认为false 会一直跟踪日志变化,并返回结果
-t --timestamps=true|false 默认为false
--tail="all" 返回结尾处多少数量的日志
ubuntu@ubuntu:~$ docker logs -t -f --tail 10 dc3
2016-11-13T04:52:46.493926964Z hello world
2016-11-13T04:52:47.495737431Z hello world
2016-11-13T04:52:48.497870319Z hello world
2016-11-13T04:52:49.499945897Z hello world
2016-11-13T04:52:50.501718368Z hello world
2016-11-13T04:52:51.503647625Z hello world .....
查看容器内进程
$docker top 容器名
Cubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
29de71a93dfa ubuntu:latest "/bin/sh -c 'while t 4 minutes ago Up 4 minutes dc3
ubuntu@ubuntu:~$ docker top dc3
UID PID PPID C STIME TTY TIME CMD
root 69209 66638 0 20:51 ? 00:00:00 /bin/sh -c while true;do echo hello world;sleep 1;done
root 69613 69209 0 20:56 ? 00:00:00 sleep 1
为运行中的容器启动新进程(对运行中的容器维护监控或执行一些管理任务)
$docker exec [-d][-i][-t] 容器名 [COMMAND][ARG..]
ubuntu@ubuntu:~$ docker exec -i -t dc3 /bin/bash
root@29de71a93dfa:/# ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker top dc3
UID PID PPID C STIME TTY TIME CMD
root 69209 66638 0 20:51 ? 00:00:00 /bin/sh -c while true;do echo hello world;sleep 1;done
root 69914 66638 0 21:01 pts/1 00:00:00 /bin/bash
root 69963 69209 0 21:01 ? 00:00:00 sleep 1
如何停止运行中的容器:
$docker stop 容器名 发送一个信号给容器,并等待容器的停止
$docker kill 容器名 会立刻停止容器
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
29de71a93dfa ubuntu:latest "/bin/sh -c 'while t 14 minutes ago Up 14 minutes dc3
ubuntu@ubuntu:~$ docker stop dc3
dc3
使用Docker帮助文件
man docker-run
man docker-logs
man docker-top
man docker-exec
...
在容器中部署静态网站
设置容器的端口映射
设置容器的端口映射
run [-P][-p]
-P,--publish-all=ture|false默认为false
将为容器暴露的所有端口进行映射
docker run -P -i -t ubuntu /bin/bash
-p,--publish=[]
containerPort 只指定容器的端口,宿主机端口随机映射
docker run -p 80 -i -t ubuntu /bin/bash
hostPort:containerPort 同时指定宿主机端口和容器端口
docker run -p 8080:80 -i -t ubuntu /bin/bash
ip::containerPort 指定ip和容器的端口
docker run -p 0.0.0.0:80 -i -t ubuntu /bin/bash
ip:hostPort:containerPort 同时指定ip,宿主机和容器的端口
docker run -p 0.0.0.0:8080:80 -i -t ubuntu /bin/bash
Nginx部署流程
- 创建映射80端口的交互式容器
- 安装Nginx
- 安装文本编辑器vim
- 创建静态页面
- 修改Nginx配置文件
- 运行Nginx
- 验证网站访问
-
ubuntu@ubuntu:~$ docker run -p 80 --name web -i -t ubuntu /bin/bash
root@3fdfe785153a:/# apt-get update
root@3fdfe785153a:/# apt-get install -y nginx
root@3fdfe785153a:/# apt-get install -y
root@3fdfe785153a:/# mkdir -p /var/www/html
root@3fdfe785153a:/# cd /var/www/html
root@3fdfe785153a:/var/www/html# vim index.html
<html>
<head>
<title>Nginx in Docker</title>
</head>
<body>
<h1>Hello,I'm website in Docker!</h1>
</body>
</html>
root@3fdfe785153a:/var/www/html# whereis nginx
nginx: /usr/sbin/nginx /etc/nginx /usr/share/nginx
root@3fdfe785153a:/var/www/html# ls
index.html index.nginx-debian.html
root@3fdfe785153a:/var/www/html# ls /etc/nginx
conf.d fastcgi_params koi-win nginx.conf scgi_params sites-enabled uwsgi_params
fastcgi.conf koi-utf mime.types proxy_params sites-available snippets win-utf
root@3fdfe785153a:/var/www/html# ls /etc/nginx/sites-enabled
default
root@3fdfe785153a:/var/www/html# vim /etc/nginx/sites-enabled/default
root@3fdfe785153a:/var/www/html# cd /
root@3fdfe785153a:/# nginx
root@3fdfe785153a:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 05:36 ? 00:00:00 /bin/bash
root 816 1 0 06:12 ? 00:00:00 nginx: master process nginx
www-data 817 816 0 06:12 ? 00:00:00 nginx: worker process
www-data 818 816 0 06:12 ? 00:00:00 nginx: worker process
www-data 819 816 0 06:12 ? 00:00:00 nginx: worker process
www-data 820 816 0 06:12 ? 00:00:00 nginx: worker process
root 821 1 0 06:12 ? 00:00:00 ps -ef
root@3fdfe785153a:/# ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3fdfe785153a ubuntu:latest "/bin/bash" 37 minutes ago Up 37 minutes 0.0.0.0:32768->80/tcp web
ubuntu@ubuntu:~$ docker port web
80/tcp -> 0.0.0.0:32768
ubuntu@ubuntu:~$ docker top web
UID PID PPID C STIME TTY TIME CMD
root 70403 66638 0 21:36 pts/1 00:00:00 /bin/bash
root 71341 70403 0 22:12 ? 00:00:00 nginx: master process nginx
www-data 71342 71341 0 22:12 ? 00:00:00 nginx: worker process
www-data 71343 71341 0 22:12 ? 00:00:00 nginx: worker process
www-data 71344 71341 0 22:12 ? 00:00:00 nginx: worker process
www-data 71345 71341 0 22:12 ? 00:00:00 nginx: worker process
ubuntu@ubuntu:~$ curl http://127.0.0.1:32768
<html>
<head>
<title>Nginx in Docker</title>
</head>
<body>
<h1>Hello,I'm website in Docker!</h1>
</body>
</html>
上面使用的是宿主主机地址,现在使用容器的地址
ubuntu@ubuntu:~$ docker inspect web
"Gateway": "172.17.42.1"
ubuntu@ubuntu:~$ curl http://172.17.0.10
<html>
<head>
<title>Nginx in Docker</title>
</head>
<body>
<h1>Hello,I'm website in Docker!</h1>
</body>
</html>
stop后重新启动访问
ubuntu@ubuntu:~$ docker stop web
web
ubuntu@ubuntu:~$ docker start -i web
root@3fdfe785153a:/# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 06:25 ? 00:00:00 /bin/bash
root 11 1 0 06:27 ? 00:00:00 ps -ef
root@3fdfe785153a:/# ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker exec web nginx
ubuntu@ubuntu:~$ docker top web
UID PID PPID C STIME TTY TIME CMD
root 71751 66638 0 22:25 pts/1 00:00:00 /bin/bash
root 71809 71751 0 22:28 ? 00:00:00 nginx: master process nginx
www-data 71810 71809 0 22:28 ? 00:00:00 nginx: worker process
www-data 71811 71809 0 22:28 ? 00:00:00 nginx: worker process
www-data 71812 71809 0 22:28 ? 00:00:00 nginx: worker process
www-data 71813 71809 0 22:28 ? 00:00:00 nginx: worker process
当停止一个容器并且重新访问时,原来容器的ip地址和端口都将会发生变化
ubuntu@ubuntu:~$ curl http://172.17.0.10
curl: (7) Failed to connect to 172.17.0.10 port 80: No route to host
ubuntu@ubuntu:~$ docker inspect web
.....
"MountLabel": "",
"Name": "/web",
"NetworkSettings": {
"Bridge": "docker0",
"Gateway": "172.17.42.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.11",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"LinkLocalIPv6Address": "fe80::42:acff:fe11:b",
"LinkLocalIPv6PrefixLen": 64,
"MacAddress": "02:42:ac:11:00:0b",
"PortMapping": null,
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "32769"
}
....
ubuntu@ubuntu:~$ curl http://172.17.0.11
<html>
<head>
<title>Nginx in Docker</title>
</head>
<body>
<h1>Hello,I'm website in Docker!</h1>
</body>
</html>
查看和删除镜像
镜像的存储地址
- /var/lib/docker
-
ubuntu@ubuntu:~$ docker info
Containers: 11
Images: 94
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 116
Dirperm1 Supported: true
Execution Driver: native-0.2
Kernel Version: 4.2.0-16-generic
Operating System: Ubuntu 15.10
CPUs: 4
Total Memory: 1.533 GiB
Name: ubuntu
ID: AL2G:N2BW:2DGD:DBKV:GV77:ESDE:5BIG:BOYM:25H2:MHLX:KJK3:VNBF
WARNING: No swap limit support
ubuntu@ubuntu:~$ ls -l /var/lib/docker/aufs
ls: cannot access /var/lib/docker/aufs: Permission denied
ubuntu@ubuntu:~$ sudo ls -l /var/lib/docker/aufs
[sudo] password for ubuntu:
total 48
drwxr-xr-x 118 root root 16384 Nov 12 21:36 diff
drwxr-xr-x 2 root root 16384 Nov 12 21:36 layers
drwxr-xr-x 118 root root 16384 Nov 12 21:36 mnt
列出镜像
$docker images [OPTSIUNS][REPOSITORY]
-a,--all=false
-f,--filter=[] 显示时的过滤条件
--no-trunc=false 指定不使用截断的方式
-q,--quiet=false
查看镜像
$docker inspect [OPTIONS]CONTAINER|IMAGE[CONTAINER|IMAGE...]
-f,--format=""
ubuntu@ubuntu:~$ docker inspect ubuntu:latest
删除镜像
$docker rmi [OPTIONS]IMAGE[IMAGE...]
-f,--force=false
--no-prune=false Do not delete untagged parents
ubuntu:~$ docker rmi wordpress:4.6.1
获取和推送镜像
查找镜像
- Docker Hub
$docker search [OPTIONS]TERM
--automated=false Only show automated builds 自动化选项 --no-trunc=false Don't truncate output -s,--stars=0 Only displays with at least x start 星级 最多返回25个结果 ubuntu@ubuntu:~$ docker search -s 3 ubuntu NAME DESCRIPTION STARS OFFICIAL AUTOMATED ubuntu Ubuntu is a Debian-based Linux operating s... 5033 [OK] ubuntu-upstart Upstart is an event-based replacement for ... 68 [OK] rastasheep/ubuntu-sshd Dockerized SSH service, built on top of of... 49 [OK] consol/ubuntu-xfce-vnc Ubuntu container with "headless" VNC sessi... 29 [OK] ubuntu-debootstrap debootstrap --variant=minbase --components... 27 [OK] torusware/speedus-ubuntu Always updated official Ubuntu docker imag... 27 [OK] ioft/armhf-ubuntu [ABR] Ubuntu Docker images for the ARMv7(a... 19 [OK] nuagebec/ubuntu Simple always updated Ubuntu docker images... 10 [OK] nickistre/ubuntu-lamp LAMP server on Ubuntu 10 [OK] nickistre/ubuntu-lamp-wordpress LAMP on Ubuntu with wp-cli installed 7 [OK] nimmis/ubuntu This is a docker images different LTS vers... 5 [OK]拉取镜像(需要下载到本地)
$docker pull [options] name [:tag]
-a,–all-tags=false
ubuntu@ubuntu:~$ docker pull ubuntu:14.0414.04: Pulling from ubuntu
e7176b79954f: Pull complete
e359a53f3a8b: Pull complete
4655efdd3550: Already exists
4d0b81bdf94e: Already exists
82b16b694f1b: Already exists
879409173f70: Already exists
Digest: sha256:bae6d9e8c91f31a11d324495efb3859fce873de1e9db990a62d16e4f263f5a2e
Status: Downloaded newer image for ubuntu:14.04
拉取镜像(加速访问)
使用--registry-mirror 选项
1.修改 : /etc/default/docker
2.添加:DOCKER_OPTS = "--registry-mirror=http://MIRROR-ADDR"
推送镜像
$docker push NAME:[:TAG]
构建docker镜像
- 1.保存对容器的修改,并再次使用;
- 2.自定义镜像的能力;
3.以软件的形式打包并分发服务及其运行环境
构建镜像
$docker commit 通过容器构建
$docker commit [OPTION] CONTAINEG [REPOSITORY[:TAG]]-a,--author="" 作者 -m,--message="" Commit message 构建信息 -p,--pause=true Pause container during commit 指示不暂停正在运行的容器ubuntu@ubuntu:~$ docker commit -a “jdrops520” -m ‘nginx’ web jdrops520/commit_web1
bc4ef9f3e881bd1034dc2dbca62f053044f5ac77696d3bc67e69e749fa1331e7
ubuntu@ubuntu:~$
ubuntu@ubuntu:~$ docker images
REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
jdrops520/commit_web1 latest bc4ef9f3e881 37 seconds ago 275.8 MB
7a32cf0408fa 3 weeks ago 160.5 MB
ubuntu latest 56465e1e45d2 4 weeks ago 127.2 MB
ubuntu 14.04 e359a53f3a8b 4 weeks ago 187.9 MB
04b555fcaf13 9 weeks ago 341.8 MB
07a3e6032afb 3 months ago 188 MB
hello-world latest f0cb9bdcaa69 4 months ago 1.848 kB
ubuntu 12.10 c5881f11ded9 2.406760 years ago 172.1 MB
ubuntu@ubuntu:~$ docker run -d –name nginx_web1 jdrops520/commit_web1 nginx -g “daemon off;”
35423f6554dc8cddc95dd88f924e9ab091ae330094e9aa7ba159c1d11e68019a
ubuntu@ubuntu:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
35423f6554dc jdrops520/commit_web1:latest “nginx -g ‘daemon of 17 seconds ago Up 16 seconds 80/tcp nginx_web1
3fdfe785153a ubuntu:latest “/bin/bash” 3 hours ago Up 2 hours 0.0.0.0:32769->80/tcp web
ubuntu@ubuntu:~$ curl http://127.0.0.1:32769
<title>Nginx in Docker</title>
<h1>Hello,I'm website in Docker!</h1>
使用Dockerfile创建镜像
创建第一个Dockerfile$docker build 通过Dockerfile文件构建
$docker build [OPTIONS]PATH |URL|---force-rm=false --no-cache=false --pull=false -q,--quiet=false --rm=ture -t,--tag="" 指定构建出的镜像的名字