docker初学常用指令集合
- 拉一个centos镜像
root@ubuntu:~/yu# docker pull centos
Using default tag: latest
latest: Pulling from library/centos
3c72a8ed6814: Pull complete
Digest: sha256:76d24f3ba3317fa945743bb3746fbaf3a0b752f10b10376960de01da70685fbd
Status: Downloaded newer image for centos:latest
docker.io/library/centos:latest
- 新建容器并进入
root@ubuntu:~/yu# docker run -it centos /bin/bash
[root@8c5279c1270f /]#
[root@8c5279c1270f /]#
- 查看当前容器
root@ubuntu:~/yu# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b46a7a5fcf05 ubuntu:16.04 "/bin/bash" 31 seconds ago Exited (0) 27 seconds ago yu_test
83f3f98e495b ubuntu "/bin/bash" 6 days ago Up 6 days ubuntu
f2e6f3ee2e21 hello-world "/hello" 6 days ago Exited (0) 6 days ago stupefied_lalande
- 重新命名容器
root@ubuntu:~/yu# docker rename b46a7a5fcf05 yu_test
- 重新启动容器
root@ubuntu:~/yu# docker restart yu_test
yu_test
root@ubuntu:~/yu#
- 进入特定容器
root@ubuntu:~/yu# docker exec -it yu_test /bin/bash
root@b46a7a5fcf05:/#
- 复制文件到容器
docker cp + 文件名 +容器名:路径
root@ubuntu:~/yu# docker cp linux-terminal.deb yu_test:home
- 删除容器
root@ubuntu:~# docker rm -f yu_test2
yu_test2
- 创建容器以host网络模式
不指定的话默认创建的是网桥模式
root@ubuntu:~# docker run -it --name yu_test2 --network host ubuntu:16.04
root@ubuntu:/#
- 配置网桥网络
创建网桥模式的容器默认容器会产生一个虚拟接口连接主机的docker0网卡,网段分配为172.17.0.0/16,并创建一个虚拟接口对
主机
14: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:73:11:81:65 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:73ff:fe11:8165/64 scope link
valid_lft forever preferred_lft forever
30: veth5735f17@if29: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 32:6c:98:d4:82:d7 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::306c:98ff:fed4:82d7/64 scope link
valid_lft forever preferred_lft forever
容器
29: eth0@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:11:00:03 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.17.0.3/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
要使容器之间互相通信或者想要新配容器网络连接主机外部网络,可以新建网桥桥接
在主机网络新建一个网桥
创建网桥并命名conn1
root@ubuntu:~# brctl addbr conn1
配置ip
root@ubuntu:~# ip link set dev conn1 up
root@ubuntu:~# ip add add 160.9.1.1/16 dev conn1
root@ubuntu:~# ip add show conn1
36: conn1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 5a:a4:68:59:85:21 brd ff:ff:ff:ff:ff:ff
inet 160.9.1.1/16 scope global conn1
valid_lft forever preferred_lft forever
inet6 fe80::58a4:68ff:fe59:8521/64 scope link
valid_lft forever preferred_lft forever
安装pipework
root@ubuntu:~/yu# git clone https://github.com/jpetazzo/pipework
Cloning into 'pipework'...
remote: Enumerating objects: 8, done.
remote: Counting objects: 100% (8/8), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 518 (delta 2), reused 5 (delta 2), pack-reused 510
Receiving objects: 100% (518/518), 182.72 KiB | 297.00 KiB/s, done.
Resolving deltas: 100% (272/272), done.
Checking connectivity... done.
root@ubuntu:~/yu# cp pipework/pipework /usr/local/bin/
root@ubuntu:~/yu# pipework
Syntax:
pipework <hostinterface> [-i containerinterface] [-l localinterfacename] [-a addressfamily] <guest> <ipaddr>/<subnet>[@default_gateway] [macaddr][@vlan]
pipework <hostinterface> [-i containerinterface] [-l localinterfacename] <guest> dhcp [macaddr][@vlan]
pipework mac:<hostinterface_macaddress> [-i containerinterface] [-l localinterfacename] [-a addressfamily] <guest> <ipaddr>/<subnet>[@default_gateway] [macaddr][@vlan]
pipework mac:<hostinterface_macaddress> [-i containerinterface] [-l localinterfacename] <guest> dhcp [macaddr][@vlan]
pipework route <guest> <route_command>
pipework rule <guest> <rule_command>
pipework tc <guest> <tc_command>
pipework --wait [-i containerinterface]
配置容器网桥ip
root@ubuntu:~/yu# pipework conn1 yu_test 160.9.1.2/16@160.9.1.1
主机
36: conn1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 8a:d1:0f:40:46:f9 brd ff:ff:ff:ff:ff:ff
inet 160.9.1.1/16 scope global conn1
valid_lft forever preferred_lft forever
inet6 fe80::58a4:68ff:fe59:8521/64 scope link
valid_lft forever preferred_lft forever
40: veth1pl37761@if39: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master conn1 state UP group default qlen 1000
link/ether 8a:d1:0f:40:46:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::88d1:fff:fe40:46f9/64 scope link
valid_lft forever preferred_lft forever
容器,默认路由改为新建网桥
39: eth1@if40: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 5e:8d:bf:1f:d6:dd brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 160.9.1.2/16 scope global eth1
valid_lft forever preferred_lft forever
root@b46a7a5fcf05:/#
root@b46a7a5fcf05:/# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 160.9.1.1 0.0.0.0 UG 0 0 0 eth1
160.9.0.0 * 255.255.0.0 U 0 0 0 eth1
172.17.0.0 * 255.255.0.0 U 0 0 0 eth0
- 查看镜像
root@ubuntu:~/yu# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test-ubuntu 16.04 fb4f67f6c03d 39 seconds ago 622MB
ubuntu 16.04 dfeff22e96ae 4 weeks ago 131MB
ubuntu latest d70eaf7277ea 4 weeks ago 72.9MB
ubuntu 18.04 56def654ec22 2 months ago 63.2MB
centos latest 0d120b6ccaa8 3 months ago 215MB
hello-world latest bf756fb1ae65 10 months ago 13.3kB
- 删除镜像
docker rmi +IMAGE ID
root@ubuntu:~/yu# docker rmi fa0ac4305efa
Deleted: sha256:fa0ac4305efa2e8622be0d80188ea2715fbaaad5657d27a5257e7aadfac10a79
Deleted: sha256:65c4bf50e85280fdb5714629d6e56ee4244f04dd10543d4678a0c5ae050d746a
Deleted: sha256:83d6aac8ddf04ffc1de0eb083d31782cb181ec09c22678ee155b998c26ac245c
Deleted: sha256:595fe94ee3cee3d85d1b9a672863a09f41e4ddd7cde5d786495fd3982dc1d19f
Deleted: sha256:97354d7bd80ff9a169863da68b5ab863985ecc7a7c8c825f568b9bf62cd4a97a
- 根据dockerfile创建镜像
dockerfile路径最好只有一个dockerfile
docker build -t 创建镜像名字:TAG dockerfile路径
root@ubuntu:~/yu#docker build -t test-ubuntu:16.04 /root/yu
dockerfile在当前路径下则用.代替
docker build -t test-ubuntu:16.04 .
- 强制删除容器
如果不加-f则只能删除不正在运行的容器,正在运行的容器需要stop后才能删除
root@ubuntu:~/yu# docker rm -f yu_test1
yu_test1