Editor's note "in Docker, run should be the most user-used command, a lot of reader feedback is not very clear about the use of the Run command, and the relevant books, Chinese materials in the description of the Run command is not very complete, so dockerone organization translated the official Docker documents, Readers Note that this article is based on the latest Docker 1.4 document translation.
Docker runs the process in an isolated container. When you run the Docker Run command, Docker starts a process and assigns it its exclusive file system, network resources, and process groups that are the root process for this process. When the container starts, the image may have defined the binaries to run, the exposed network ports, and so on, but the user can be redefined with the Docker Run command (Translator Note: Docker run can control the behavior of a container runtime, which can overwrite the Docker build Some of the default configurations when building the image), which is why the Run command has so many parameters compared to other commands.
command FormatThe most basic Docker Run command is in the following format:
$ sudo docker run [OPTIONS] image[:tag] [COMMAND] [ARG ...]
If you need to see the detailed usage instructions for [options], refer to the Docker section on options. Only the parameters used by run are briefly described here. The options are divided into two categories:
Set Run mode: Determine how the container runs, foreground execution or background execution, set Containerid, set network parameters, set CPU and memory parameters for the container, set permissions and LXC parameters, set default resources for mirroring, This means that the user can use this command to override some of the default configurations when mirroring is built.
The Docker run [OPTIONS] gives the user full control over the lifecycle of the container and allows the user to override the parameters set when the Docker build is executed, or even to modify the kernel-level parameters itself controlled by Docker.
Operator Exclusive OptionsThe following parameters can be set when performing Docker run:
Detached vs Foreground Detached (-D)-Foreground Container identification Name (--name)-PID equivalent IPC Setting networ K Settings Clean Up (--RM) runtime Constraints on CPU and Memory Runtime Privilege, Linux capabilities, and LXC Configurat Ion
We'll go through this in turn.
Detached vs Foreground
When we start a container, we first need to determine whether the container is running in the foreground or running in the background.
-d=false:detached Mode:run container in the background, print new container ID
Detached (-D)
If you append-d=true or-D after the Docker run, the container will run in background mode. At this point, all I/O data can only be interacted over network resources or shared volume groups. Because the container no longer listens to this Terminal command-line window that you perform Docker run. But you can re-attach to the container's reply by executing the Docker attach. It is important to note that the--RM option is not available when the container is running in background mode.
Foregroud
In foreground mode (which does not specify the-D parameter), Docker initiates the process in the container while attaching the current command-line window to the container's standard input, standard output, and standard error. This means that all the output in the container can be seen in the current window. Even it can be virtual out of a TTY window to perform signal interrupts. All of this is configurable:
-a=[]: Attach to ' STDIN ', ' STDOUT ' and/or ' STDERR '
-t=false:allocate a pseudo-tty
--si G-proxy=true:proxify all received signal to the process (Non-tty mode only)
-i=false:keep STDIN Open Ev En if not attached
If you do not specify the-a parameter when you execute the Run command, Docker mounts all standard data streams by default, including input and output and errors, and you can specify which standard stream to mount separately.
$ sudo docker run-a stdin-a stdout-i-T Ubuntu/bin/bash
If you want to do interactive operations (such as shell scripts), then we must use the-I-T parameter to interact with the container for data. However, when interacting with a container through a pipeline, you do not need to use the-t parameter, such as the following command:
echo Test | Docker Run-i BusyBox Cat
Container identification
Name (--name)
You can name the container in three ways:
1. Use the UUID name ("f78375b1c487e03c9438c729345e54db9d20cfa2ac1fc3494b6eb60872e74778")
2. Use the UUID Short command ("f78375b1c487")
3. Use name ("Evil_ptolemy")
This UUID indicator is generated by Docker Deamon. If you do not specify--name when you execute Docker run, Deamon will automatically generate a random string uuid. But having a name for a container can be very handy when you need to connect to other containers or if you need to distinguish between other containers, using the container name simplifies the operation. This name is valid regardless of whether the container is running in the foreground or in the background.
PID equivalent
If you have automated requirements when using Docker, you can output Containerid to the specified file (pidfile), similar to some applications that output their own ID to a file for easy follow-up script operations.
--cidfile= "": Write the container ID to the file
Image[:tag]
When the name of an image is not enough to tell the meaning of the image, you can add the version information to the Run command by tag to perform a specific version of the image. Example: Docker run ubuntu:14.04
IPC Settings
By default, all containers have the IPC namespace turned on.
--ipc= "": Set the IPC mode for the container,
' container:<name|id> ': reuses another container ' s IPC NA Mespace
' host ': Use the host ' s IPC namespace inside the container
The IPC (POSIX/SYSV IPC) namespace provides mutually isolated named shared memory, semaphore variables, and message queues.