The previous section learned and practiced the foundation and installation of Docker, and this section mainly studies the main concepts and commands of Docker
Docker has three core concepts: Mirroring, container, warehouse one, mirroring
Docker mirroring is a precondition for running a container, and if there is no mirror locally, Docker will attempt to download from the default Mirror warehouse (Docker hub), and users can configure their own private warehouses to download mirrors from a private warehouse, which is important so that enterprise applications can use their own warehouses, Solve the security risks.
1. Get Mirror
The command to get the mirror is: Docker pull Ubuntu
Executing this command will take the last version of Ubuntu (Docker) from the official library, both: Pull Registry.hub.docker.com/ubuntu:latest
If you want to get a specific version of tag, the command is: Docker pull ubuntu:14.04
If you want to get from a private library, the command is: Docker pull 192.168.136.177:5000/ubuntu here 192.168.136.177:5000 is its own private warehouse
After downloading, you can perform the run command such as: Docker run-t-I Ubuntu/bin/bash
2. View mirror Information
Using commands: Docker images can view mirrored information in the current Docker environment
[root@dev-177 ~]# Docker images REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.136.177:5000/appname ubuntu 710477b8876f hours ago 560MB appname Ubuntu 710477b8876f hours ago 560MB ssh Dockerfile 319c7aa50a7f 2 days ago 206MB Ubuntu latest 0458A4468CBC 4 days ago 112MB Registry Latest d1fd7d86a825 2 weeks ago 33 3MB Hello-world latest f2a91732366c 2 months ago 1.85kB Sameersbn/redis Latest d8f7b0e07097 6 months ago 203MB Sameersbn/gitlab 8.4.4 9d1069e2b30c months ago 720MB sameersbn/redmine 3.2.0-4 7eb43870e9c7 2 years ago 636MB Sameersbn/postgresql 9.4-12 a100f2a18ec3 2 years ago 231MB [root@dev-177 ~]#
Here is the name, the most important of the several fields:
REPOSITORY explains what warehouse the mirrors are from
Tag mirror tag, used to differentiate versions
Unique identification of image_id mirrors
There are two mirrors: 192.168.136.177:5000/appname and appname mirroring, their IDs are the same, the same mirror, the IP address is generated by the Docker tag command, pointing to the same mirror
After this is specified, you can push into your own private warehouse 192.168.136.177:5000.
To view more detailed information, you can use the command: Docker inspect image_id to view a specific mirror information
3, Find, delete
Find command: Docker search keyword
Delete by mirror name: Docker RMI Mirror Name
Delete by Mirror ID: Docker RMI Mirror ID deletes all mirror name references to this ID
If mirroring is used by a container, it cannot be deleted unless the-f parameter is used to Docker rmi-f Mirror ID
To view the mirrors currently used by the container: Docker ps-a
In principle: First remove the container that uses the mirror, and then remove the mirror
4. Create Mirror:
There are 2 ways to create a mirror: Commit or use a Dockerfile file
When we are in the running container, after modifying some content, we can use the commit command to create
Docker commit-m Modify Content-a author container ID mirror name
Using the Dockerfile file, the following commands are involved:
1) from
Must be the first instruction indicating which base version the mirror inherits from
2) Maintainer
Maintenance information, which is the maintenance of this image
3) RUN
You can use the shell terminal or Exec method to perform
4) CMD
After the container starts, execute the command, each dockerfile can only have a cmd command
5) Expose
Exposed port number
6) ENV
environment variable, used by subsequent run instructions
7) ADD
Copy command, ADD src dest, src can be dockfile directory as a relative path to the root directory, can be a URL, or compressed files
8) COPY
Copy copy src dest, src is a directory
9) entrypoint
Entry point of container
The other slightly, below shows an example of a dockfile file
#继承于镜像ubuntu from Ubuntu #维护人员 maintainer Chen weiqun<cwqsolo@163.com> #更新源 run apt-get update #安装ssh run AP T-get install-y openssh-server #安装vim run apt-get install-y vim #创建sshd service run mkdir-p/var/run/sshd run mkdir-p /root/.ssh #取消pam登录限制 run Sed-ri ' s/^permitrootlogin\s+.*/permitrootlogin yes/'/etc/ssh/sshd_config run Sed-ri ' s/ Usepam yes/#UsePAM yes/g '/etc/ssh/sshd_config #添加认证文件和启动脚本 add authorized_keys/root/.ssh/authorized_keys Add run.sh /root/run.sh #修改确保run. SH Execute permissions run chmod u+x/root/run.sh #暴露端口 expose # #install JDK and TOMCAT run Mkdir-p/US R/java RUN mkdir-p/work ADD jdk-7u80-linux-x64.gz/usr/java/add tomcat/work/#设置环境变量 ENV java_home=/usr/java/jdk1.7 .0_80 classpath= $JAVA _home/lib/dt.jar: $JAVA _home/lib/tools.jar path= $PATH: $JAVA _home/bin RUN Echo java_home=/usr/ Java/jdk1.7.0_80\ncalsspath= $JAVA _home/lib/dt.jar: $JAVA _home/lib/tools.jar\npath= $PATH: $JAVA _home/bin ">> /etc/profile #暴露tomcat端口 expose 8080 EXPOSE 8009 expose 8443 #修改tomcat目录中执行的权限 RUN chmod u+x/work/app-tomcat/bin/*.sh #设置默认启动的命令 CMD ["/root/run.sh"]
5. Import and export of mirrors
Export to tar file: Docker save-o mirror image. Tar Mirror name: TAG
Import: Docker load--input mirror. Tar
6, Upload image
Docker Push Name[:tag]
Docker push [library]name[:tag]
second, the container
A container is a running instance of a mirror, and a mirror can run multiple containers. Each container is self-contained, containing one or a set of applications for mirroring and the required operating environment.
1) Create a container
Command: Docker create it mirror name: TAG
You can create a mirror, but it doesn't work.
2) Run
Command: Docker start container ID
Start a container
3 can be created and run together
Command: Docker run Ubuntu/bin/echo "Hello"
This command creates a container based on the Ubuntu image and runs the echo command
4) Terminate and delete containers
Terminate command: Docker stop container ID
Delete Container: Docker RM container ID
5 Import and export of containers
Export: Docker export container ID > export file. tar
Import: Cat export file. Tar | Docker Import-Library/Mirror name: TAG
Import of a container differs from the import of a mirror: the import of a container, which is only the current container mirror, does not contain historical information and metadata. After importing, you can see a mirror that just imported in the mirror.
third, the warehouse
1. Official Warehouse
Docker provides the official warehouse, after installing the Docker environment, using the Pull command is to download the mirror from the official warehouse. Because the enterprise application considers the security problem, will request the Enterprise Library and the network storehouse to have the isolation, therefore the following key point next private storehouse
2. Private Warehouse
1) Download and start the private warehouse
A private warehouse consists of a private warehouse stored in a warehouse management container. Docker provides a registry container to manage the warehouse,
Using commands: Docker run-d-P 5000:5000-v/opt/data/registry:/tmp/registry Registry
This command, is in the local 5000 port, create a private library, storage location: The/opt/data/registry of the machine. Registry is the name of the warehouse management container that the website downloads
When it starts, the warehouse starts to work.
2 use of private warehouses
Docker tag Image[:tag] [Registryhost/][username/]name[:tag]
Downloading mirrors from a private library
such as: Docker pull 192.168.136.177:5000/appname:ubuntu
View mirrors of a private library
[root@work-199 ~]# curl-xget http://192.168.136.177:5000/v2/_catalog
{"repositories": ["AppName"]}
Iv. Other
1, Docker download the image of how to store
[root@dev-177 docker]# pwd
/var/lib/docker
[root@dev-177 docker]# ls- l
total dosage
drwx------. 2 root root 24 December 15:34 builder
drwx------. 4 root 150 January 19:55 containers
drwx------. 3 root 21 December 15:34 image
drwxr-x---. 3 root 19 December 15:34 network
drwx------. 19:55 overlay
drwx------.
4 root root 32 December 15:34 plugins
drwx------. 2 root root 6 December 15:34 swarm
drwx------. 2 root 6 January 19:52 tmp
drwx------. 2 root 6 December 15:34 Trust
drwx------. root 4096 January 17:17 volumes