Home | 簡體中文 | 繁體中文 | 雜文 | 知乎專欄 | Github | OSChina 博客 | 雲社區 | 雲棲社區 | Facebook | Linkedin | 視頻教程 | 打賞(Donations) | About
知乎專欄多維度架構 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者”

1.4. 容器

1.4.1. 查看容器

		
iMac:netkiller neo$ docker container ls		
		
		

1.4.2. 啟動與終止容器

			
$ sudo docker run ubuntu:14.10 /bin/echo 'Hello world'
Hello world			
			
		

進入BASH

			
$ sudo docker run -t -i ubuntu:14.10 /bin/bash
root@f8c7b2afff14:/# 			
			
		

start / stop / restart

			
sudo docker start silly_bohr
silly_bohr

$ sudo docker stop silly_bohr
silly_bohr

$ sudo docker restart silly_bohr
silly_bohr
			
		
		
[root@localhost ~]# docker container start registry
registry

[root@localhost ~]# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
f1e57592f82a        registry:latest     "/entrypoint.sh /etc…"   8 days ago          Up 6 seconds        0.0.0.0:5000->5000/tcp   registry		

[root@localhost ~]# curl http://192.168.3.6:5000/v2/_catalog
{"repositories":[]}
		
		

守護進程運行

			
$ sudo docker run -d ubuntu:14.10 /bin/sh -c "while true; do echo hello world; sleep 1; done"
4cdbb75eeabf3f1ea87bec91accdf5211639d0895e94ab94ffa1d55fb7f62e2a
			
		

通過 docker ps 命令來查看容器信息

			
$ sudo docker ps
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS              PORTS               NAMES
4cdbb75eeabf        ubuntu:14.10        "/bin/sh -c 'while t   30 seconds ago      Up 28 seconds                           drunk_rosalind 
			
		

要獲取容器的輸出信息,可以通過 docker logs 命令。

			
$ sudo docker logs insane_babbage			
			
		

注意:守護進程在後台運行,所以無輸出,只能通過docker logs 命令查看

1.4.3. 進入容器

			
$ sudo docker run -idt ubuntu:14.10
793f9805620d7e10564e0778c388640cb73b6a1aec663bf468904d72a4f219f2

$ sudo docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
793f9805620d        ubuntu:14.10        "/bin/bash"         5 seconds ago       Up 4 seconds                            mad_elion           

$ sudo docker attach mad_elion 
root@793f9805620d:/# ls
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
			
		

1.4.4. 運行容器內的命令

		
neo@MacBook-Pro-Neo ~ % docker exec prometheus id         
uid=65534(nobody) gid=65534(nogroup)		
		
		

1.4.5. 導出和導入容器

1.4.5.1. Ubuntu

			
$ sudo docker export 7691a814370e > ubuntu.tar
			
			

			
			<![CDATA[
$ cat ubuntu.tar | sudo docker import - test/ubuntu:v1.0
			
			

指定 URL 或者某個目錄來導入,例如

			
$sudo docker import http://example.com/exampleimage.tgz example/imagerepo			
			
			

1.4.5.2. Mac 導出與導入

導出

		
iMac:tmp neo$ docker export registry -o registry.tar		
		
			

導入

		
iMac:tmp neo$ docker import registry.tar 
sha256:1678c838115696f9540f168fe117ea81715b6b676497307e65d15d1ac10d9a11
		
			

指定 [REPOSITORY[:TAG]]

		
iMac:tmp neo$ docker import registry.tar registry:latest
sha256:7b76bd807a47dcc60e41bf2f8268ecf69906bb14c2ebaa348c4c15aac716b878

iMac:tmp neo$ docker images registry
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
registry            latest              7b76bd807a47        11 seconds ago      26.2MB		
		
			

1.4.6. 停止所有容器

殺死所有正在運行的容器

			
docker kill $(docker ps -a -q)			
			
		

1.4.6.1. 信號處理

--signal, -s 向容器發送信號

發送一個SIGHUP信號

			
$ docker kill -s=SIGHUP my_container
			
			

你可以通過名字或數字指定自定義信號,SIG首碼是可選的,例如下面的命令是等價的:

			
$ docker kill -s=SIGHUP my_container
$ docker kill -s=HUP my_container
$ docker kill -s=1 my_container
			
			

1.4.7. 刪除容器

使用 docker rm 來刪除一個處于終止狀態的容器。

			
$ sudo docker ps -a
CONTAINER ID        IMAGE               COMMAND                CREATED             STATUS                      PORTS               NAMES
f8c7b2afff14        ubuntu:14.10        "/bin/bash"            14 minutes ago      Exited (0) 2 minutes ago                        agitated_fermat     
0abd2e5fc251        ubuntu:14.10        "/bin/echo 'Hello wo   15 minutes ago      Exited (0) 15 minutes ago                       clever_kowalevski 

$ sudo docker rm clever_kowalevski
clever_kowalevski

$ sudo docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
f8c7b2afff14        ubuntu:14.10        "/bin/bash"         16 minutes ago      Exited (0) 5 minutes ago                       agitated_fermat     			
			
		

			
$ docker rm 719f98391ecf1d6f1f153ffea1bbd84cd2dc9cf6d31d5a4f348c60d98392814c
			
		

刪除所有已經停止的容器

			
docker rm $(docker ps -a -q)			
			
		

1.4.8. log-driver

日誌發送到 fluentd

		
docker run --log-driver=fluentd --log-opt fluentd-address=192.168.2.5:24220 ubuntu echo "Hello world"		
		
		

1.4.9. 操作系統

1.4.9.1. 設置環境變數

		
iMac:welcome neo$ docker run 127.0.0.1:5000/netkiller/welcome -e JAVA_OPTS="-server -Xms512m -Xmx4096m"		
		
			

1.4.9.2. /etc/hosts 配置

		
# docker run --add-host=docker:10.180.0.1 --rm -it debian
		
			

向 /etc/hosts 檔案內添加主機名

		
docker run -it --add-host=db.netkiller.cn:172.16.18.80 ubuntu cat /etc/hosts		
		
			

1.4.9.3. sysctl

		
$ docker run --sysctl net.ipv4.ip_forward=1 someimage		
		
			
			
docker run -itd --restart=always --net=host \
--name=centos01 --hostname=centos01 \
--sysctl kernel.msgmnb=13107200 \
--sysctl kernel.msgmni=256 \
--sysctl kernel.msgmax=65536 \
--sysctl kernel.shmmax=69719476736 \
--sysctl kernel.sem='500 256000 250 1024' \
-v /mnt/ssd:/var/lib/www \
centos:latest /bin/bash

docker exec centos01 sysctl -a |grep -E \
'kernel.msgmnb|kernel.msgmni|kernel.msgmax|kernel.shmmax|kernel.sem'			
			
			

1.4.9.4. ulimits

查看 ulimit 設置

		
$ docker run --ulimit nofile=1024:1024 --rm debian sh -c "ulimit -n"
		
			
		
$ docker run -it --ulimit as=1024 fedora /bin/bash
$ docker run -d -u daemon --ulimit nproc=3 busybox top
		
			
		
docker run -d --ulimit nofile=20480:40960 nproc=1024:2048 nginx		
		
			

1.4.10. 查看容器內運行的進程

		
neo@MacBook-Pro-Neo ~ % docker ps
CONTAINER ID        IMAGE                                                 COMMAND                  CREATED             STATUS              PORTS                              NAMES
a6e33697e4bb        docker.elastic.co/elasticsearch/elasticsearch:7.9.2   "/tini -- /usr/local…"   2 minutes ago       Up 2 minutes        9200/tcp, 9300/tcp                 es02
598a6e61d4fc        docker.elastic.co/kibana/kibana:7.9.2                 "/usr/local/bin/dumb…"   2 minutes ago       Up 2 minutes        0.0.0.0:5601->5601/tcp             kibana
bc125a658981        docker.elastic.co/elasticsearch/elasticsearch:7.9.2   "/tini -- /usr/local…"   2 minutes ago       Up 2 minutes        9200/tcp, 9300/tcp                 es03
d027503bee4b        docker.elastic.co/elasticsearch/elasticsearch:7.9.2   "/tini -- /usr/local…"   2 minutes ago       Up 2 minutes        0.0.0.0:9200->9200/tcp, 9300/tcp   elasticsearch

neo@MacBook-Pro-Neo ~ % docker top 598a6e61d4fc
PID                 USER                TIME                COMMAND
3077                1000                0:00                /usr/local/bin/dumb-init -- /usr/local/bin/kibana-docker
3285                1000                1:58                /usr/share/kibana/bin/../node/bin/node /usr/share/kibana/bin/../src/cli --cpu.cgroup.path.override=/ --cpuacct.cgroup.path.override=/		
		
		

1.4.11. 更新容器資源配置

		
neo@MacBook-Pro-Neo ~ % docker update kibana --cpus 1
kibana		
		
		

1.4.12. 查看容器的退出狀態

		
neo@MacBook-Pro-Neo ~ % docker wait a6e33697e4bb
0
		
		

1.4.13. 暫停與恢復容器

暫停容器運行

		
docker pause a6e33697e4bb		
		
		

恢復容器運行

		
docker unpause a6e33697e4bb
		
		

1.4.14. 對比容器的變化

查看容器啟動後,修改了鏡像中哪些問題

		
neo@MacBook-Pro-Neo ~ % docker diff a6e33697e4bb
C /tmp
A /tmp/elasticsearch-14495251404334864644
A /tmp/hsperfdata_elasticsearch
A /tmp/hsperfdata_elasticsearch/6
C /usr
C /usr/share
C /usr/share/elasticsearch
C /usr/share/elasticsearch/config
A /usr/share/elasticsearch/config/elasticsearch.keystore
A /usr/share/elasticsearch/.cache
A /usr/share/elasticsearch/.cache/JNA
A /usr/share/elasticsearch/.cache/JNA/temp
C /usr/share/elasticsearch/logs
A /usr/share/elasticsearch/logs/gc.log
A /usr/share/elasticsearch/logs/gc.log.00		
		
		

1.4.15. 查看容器狀態

		
neo@MacBook-Pro-Neo ~ % docker stats
CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT     MEM %               NET I/O             BLOCK I/O           PIDS
a6e33697e4bb        es02                0.68%               894.2MiB / 3.848GiB   22.69%              13.9MB / 6.95MB     98.9MB / 3.88MB     77
598a6e61d4fc        kibana              0.95%               462.8MiB / 3.848GiB   11.74%              718kB / 13MB        409MB / 4.1kB       12
bc125a658981        es03                2.67%               889.9MiB / 3.848GiB   22.58%              1.76MB / 5.79MB     48.5MB / 3.09MB     71
d027503bee4b        elasticsearch       2.75%               928.4MiB / 3.848GiB   23.56%              24MB / 14.7MB       139MB / 8.57MB      75		
		
		

1.4.16. 重啟容器

--time, -t 10 停止容器之前需要等待的時間(秒)

		
$ docker restart [options] container [container...]