dockerdocker容器可在一次构建后多次运行dcoker和虚拟机的对比:通常我们是硬件上跑linux系统,在系统上做linux虚拟化,在虚拟主机中跑各种应用,而此各个虚拟机是完全隔离,而docker则是在硬件层次上跑linux系统,在系统上做docker engine,在docker engine上直接跑各种应用,在底层是容器。目前docker只能在64位操作系统运行,在windows是无法运行,只能在windowns虚拟机下运行。docker上c/s结构,分客户端和服务端,,在docker组件中,镜像通常是一个完整的操作系统,并且镜像上只读的,应用通常运行在容器中,在可写的情况下才能运行。docker仓库是集中存放镜像 1,docker安装和简单命令使用
tee /etc/yum.repos.d/docker.repo <<-'EOF'
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/7/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
EOF
2,yum安装
[root@zabbix-3 ~]# yum install docker-engine util-linux
[root@zabbix-3 ~]# systemctl start docker
[root@zabbix-3 ~]# docker search centos 搜索镜像
[root@zabbix-3 ~]# docker pull centos 获取镜像
Using default tag: latest
latest: Pulling from library/centos
a3ed95caeb02: Pull complete
da71393503ec: Pull complete
Digest: sha256:1a62cd7c773dd5c6cf08e2e28596f6fcc99bd97e38c9b324163e0da90ed27562
Status: Downloaded newer image for centos:latest
查看镜像
[root@zabbix-3 ~]# docker images 查看镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 904d6c400333 3 weeks ago 196.7 MB
删除镜像[root@zabbix-3 ~]# docker rmi 删除镜像尝试运行:
[root@zabbix-3 ~]# docker run centos /bin/echo 'hello world'
hello world
[root@zabbix-3 ~]# docker run centos /bin/ls /etc/ |wc -l
117
[root@zabbix-3 ~]#
ps -a可查看详细的操作信息
[root@zabbix-3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
aacbb56b34f0 centos "/bin/ls /etc/" 51 seconds ago Exited (0) 50 seconds ago big_khorana
0aaac85decee centos "/bin/ls /etc/" About a minute ago Exited (0) 59 seconds ago compassionate_fermi
971692c3b076 centos "/bin/echo 'hello wor" About a minute ago Exited (0) About a minute ago sharp_wozniak
进入docker,--name 名称 -it 镜像名 /bin/bash-i:保持终端打开-t:开启tty绑定到此标准输入如果不存在此镜像,则会自动pull
[root@zabbix-3 ~]# docker run --name mydocker -it centos /bin/bash
[root@de5276472785 /]#
退出容器则服务器中断,重新连接如下:找到需要重新连接的id
[root@zabbix-3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
de5276472785 centos "/bin/bash" 3 hours ago Exited (0) 33 minutes ago mydocker
aacbb56b34f0 centos "/bin/ls /etc/" 3 hours ago Exited (0) 3 hours ago big_khorana
0aaac85decee centos "/bin/ls /etc/" 3 hours ago Exited (0) 3 hours ago compassionate_fermi
971692c3b076 centos "/bin/echo 'hello wor" 3 hours ago Exited (0) 3 hours ago sharp_wozniak
start 此id
[root@zabbix-3 ~]# docker start de5276472785
de5276472785
[root@zabbix-3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
de5276472785 centos "/bin/bash" 3 hours ago Up 16 seconds mydocker
aacbb56b34f0 centos "/bin/ls /etc/" 3 hours ago Exited (0) 3 hours ago big_khorana
0aaac85decee centos "/bin/ls /etc/" 3 hours ago Exited (0) 3 hours ago compassionate_fermi
971692c3b076 centos "/bin/echo 'hello wor" 3 hours ago Exited (0) 3 hours ago sharp_wozniak
[root@zabbix-3 ~]#
后台运行-d,当在后台运行时会返回一个id
[root@zabbix-3 ~]# docker run -d --name mark centos bash
3b51dff90eb1e76a21a54def1f6e813505951cad1bb5a644abff7e27561be94d
[root@zabbix-3 ~]#
docker删除容器先停止
[root@zabbix-3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3b51dff90eb1 centos "bash" 4 hours ago Exited (0) 4 hours ago mark
删除
[root@zabbix-3 ~]# docker rm 3b51dff90eb1
3b51dff90eb1
[root@zabbix-3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@zabbix-3 ~]#
yum install util-linux进入后台容器,先将nginx pull下来
[root@zabbix-3 ~]# docker run -d --name mynginx nginx
attach:在某些场景下使用attach可能会导致容器退出我们安装另外一个工具nsenter,这个工具可以访问容器空间安装此工具:yum install util-linux我们先获取此容器的pid
[root@zabbix-3 ~]# docker inspect --format "{{.State.Pid}}" mynginx
8085
而后挂载,接挂载参数进入此容器
[root@zabbix-3 ~]# nsenter --target 8085 --mount --uts --ipc --net --pid
root@5643fa5e6925:/# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 31680 2872 ? Ss 17:28 0:00 nginx: master process nginx -g daemon off;
nginx 6 0.0 0.0 32072 1700 ? S 17:28 0:00 nginx: worker process
root 7 0.0 0.0 20256 1912 ? S 17:50 0:00 -bash
root 11 0.0 0.0 17492 1160 ? R+ 17:50 0:00 ps aux
root@5643fa5e6925:/#
root@5643fa5e6925:/etc/nginx# ls /etc/nginx/nginx.conf
/etc/nginx/nginx.conf
root@5643fa5e6925:/etc/nginx# ls /etc/nginx/conf.d/default.conf
/etc/nginx/conf.d/default.conf
root@5643fa5e6925:/etc/nginx#
但是官方的镜像非常简单,很多常用命令都没有,进入docker的脚本如下
[root@zabbix-3 ~]# cat in.sh
#!/bin/bash
CNAME=$1
CPID=$(docker inspect --format "{{.State.Pid}}" $CNAME)
nsenter --target "$CPID" --mount --uts --ipc --net --pid
[root@zabbix-3 ~]#
[root@zabbix-3 ~]# chmod +x in.sh
[root@zabbix-3 ~]# ./in.sh mynginx
root@5643fa5e6925:/# ps aux|grep nginx
root 1 0.0 0.0 31680 2872 ? Ss 17:28 0:00 nginx: master process nginx -g daemon off;
nginx 6 0.0 0.0 32072 1700 ? S 17:28 0:00 nginx: worker process
root 29 0.0 0.0 10988 452 ? R+ 18:00 0:00 grep nginx
root@5643fa5e6925:/#
在创建好容器后,iptables会添加一段nat表规则
