docker命令總結

用 docker pull 拉取鏡像

root@lishichao-virtual-machine:~# docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
d1725b59e92d: Pull complete 
Digest: sha256:1a6fd470b9ce10849be79e99529a88371dff60c60aab424c077007f6979b4812
Status: Downloaded newer image for hello-world:latest

 

 用 docker images 命令查看鏡像的信息。

root@lishichao-virtual-machine:~# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
httpd               latest              c5a621af54e4        6 hours ago         178MB
hello-world         latest              4ab4c602aa5e        5 weeks ago         1.84kB

 

經過 docker run 運行。      docker run --help 查看幫助

root@lishichao-virtual-machine:~# docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

root@lishichao-virtual-machine:~# 

 

-it 參數的做用是以交互模式進入容器，並打開終端。5d1eb9e31f58 是容器的內部 ID。

root@lishichao-virtual-machine:~# docker run -it centos
[root@5d1eb9e31f58 /]# 

 

docker ps 查看運行中的容器

root@lishichao-virtual-machine:~# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
4d85f20b58c6        centos              "/bin/bash"         50 seconds ago      Up 49 seconds                           brave_jennings

 

 

鏡像命令操做

docker search 到鏡像倉庫搜索鏡像

docker search centos

 

docker images 查看本地已有的鏡像

[root@dns-server ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
centos-vim-dockerfile           latest              f39351a5d35c        30 hours ago        355MB
mysql                           5.7                 1b30b36ae96a        3 days ago          372MB
mysql                           latest              ee1e8adfcefb        3 days ago          484MB
nginx                           latest              dbfc48660aeb        3 days ago          109MB

 

docker save 導出鏡像

[root@dns-server ~]# docker save -o nginx.tar nginx
[root@dns-server ~]# ls
anaconda-ks.cfg  docker_login.sh    nginx.tar
[root@dns-server ~]# 

 

docker load --input 導入鏡像

[root@dns-server ~]# docker load --input nginx.tar 
Loaded image: nginx:latest

 

docker rmi 刪除鏡像

[root@dns-server ~]# docker rmi f39351a5d35c
Untagged: centos-vim-dockerfile:latest
Deleted: sha256:f39351a5d35ca9e00dc101c43464c3f55e9e08a240daaafc4eded43692f745fb
Deleted: sha256:f1b1df6c5b8314f3a0b3a1d5a6a96d7f20501f770b042ac1ad18b6f84164cabc

 

docker commit

docker commit 命令是建立新鏡像最直觀的方法，其過程包含三個步驟：

1. 運行容器
2. 修改容器
3. 將容器保存爲新的鏡像

 

舉個例子：在 Centos base 鏡像中安裝 vim 並保存爲新鏡像。

第一步， 運行容器 

root@lishichao-virtual-machine:~# docker run -it centos
[root@4d85f20b58c6 /]# 

-it 參數的做用是以交互模式進入容器，並打開終端。4d85f20b58c6 是容器的內部 ID。

 

第二步，安裝 vim

確認vim沒有安裝
[root@4d85f20b58c6 /]# vim
bash: vim: command not found
安裝vim
[root@4d85f20b58c6 /]# yum install vim

 

第三步，保存爲新鏡像

a.在新窗口中查看當前運行的容器。

root@lishichao-virtual-machine:~# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
4d85f20b58c6        centos              "/bin/bash"         50 seconds ago      Up 49 seconds                           brave_jennings

brave_jennings 是 Docker 爲咱們的容器隨機分配的名字。

b. 執行 docker commit 命令將容器保存爲鏡像。 

root@lishichao-virtual-machine:~# docker commit brave_jennings centos-with-vim
sha256:a55c595ffacac70fdd2995d898bab31dd932f6ddeeed59fdfcd52a0f695a0c82

新鏡像命名爲 ubuntu-with-vi。

 

c. 查看新鏡像的屬性。

root@lishichao-virtual-machine:~# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos-with-vim     latest              a55c595ffaca        4 seconds ago       355MB
httpd               latest              c5a621af54e4        6 hours ago         178MB
centos              latest              75835a67d134        6 days ago          200MB
hello-world         latest              4ab4c602aa5e        5 weeks ago         1.84kB
ubuntu              latest              cd6d8154f1e1        5 weeks ago         84.1MB

從 size 上看到鏡像由於安裝了軟件而變大了。

 

d. 重新鏡像啓動容器，驗證 vi 已經可使用。

root@lishichao-virtual-machine:~# docker -it centos-with-vim
[root@c2b086c59d36 /]# which vim
/usr/bin/vim

 

以上演示瞭如何用 docker commit 建立新鏡像。然而，Docker 並不建議用戶經過這種方式構建鏡像。緣由以下：

一、這是一種手工建立鏡像的方式，容易出錯，效率低且可重複性弱。好比要在 debian base 鏡像中也加入 vi，還得重複前面的全部步驟。

二、更重要的：使用者並不知道鏡像是如何建立出來的，裏面是否有惡意程序。也就是說沒法對鏡像進行審計，存在安全隱患。

     既然 docker commit 不是推薦的方法，咱們幹嗎還要花時間學習呢？

緣由是：即使是用 Dockerfile（推薦方法）構建鏡像，底層也 docker commit 一層一層構建新鏡像的。學習 docker commit 可以幫助咱們更加深刻地理解構建過程和鏡像的分層結構。