标签:space 指令 exit 情况 net 影响 远程 bsp 输入
3.1 新建容器并启动
所需要的命令主要为docker run
[root@localhost ~]# docker run centos /bin/echo "syavingc" syavingc
3.2 交互式启动容器
[root@localhost ~]# docker run --name syavingc -it centos /bin/bash ##启动一个bash终端,允许用户进行交互。 [root@fe233ef7ae00 /]# pwd / [root@fe233ef7ae00 /]# ls anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
--name:给容器定义一个名称
-i:则让容器的标准输入保持打开。
-t:让Docker分配一个伪终端,并绑定到容器的标准输入上
/bin/bash:执行一个命令
当利用docker run来创建容器时,Docker在后台运行的标准操作包括:
检查本地是否存在指定的镜像,不存在就从公有仓库下载
利用镜像创建并启动一个容器
分配一个文件系统,并在只读的镜像层外面挂在一层可读写层
从宿主主机配置的网桥接口中桥接一个虚拟接口到容器中去
从地址池配置一个ip地址给容器
执行用户指定的应用程序
执行完毕后容器被终止
[root@fe233ef7ae00 /]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.1 11756 1892 ? Ss 16:17 0:00 /bin/bash root 17 0.0 0.0 47452 1672 ? R+ 16:19 0:00 ps aux
注意!
容器不是一个虚拟机,因为他就是一个进程,如果我们退出,这个进程就退出了。
如果我们执行创建容器的时候,里面没有我们指定的镜像,那么他会从dockerhub上进行下载然后在启动
3.3 查看容器启动情况
[root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 3 minutes ago Exited (127) 16 seconds ago syavingc cd5c192a27f1 centos "/bin/echo syavingc" 4 minutes ago Exited (0) 4 minutes ago berserk_swartz 0fd3287c3a0a centos "/bin/echo hahha" 5 minutes ago Exited (0) 5 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 41 minutes ago Exited (0) 41 minutes ago jolly_mccarthy
3.4 容器的启动与停止
[root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 6 minutes ago Exited (127) 3 minutes ago syavingc 0fd3287c3a0a centos "/bin/echo hahha" 9 minutes ago Exited (0) 9 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 45 minutes ago Exited (0) 45 minutes ago jolly_mccarthy [root@localhost ~]# docker start fe233ef7ae00 ##容器启动 fe233ef7ae00 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 7 minutes ago Up 1 seconds syavingc 0fd3287c3a0a centos "/bin/echo hahha" 9 minutes ago Exited (0) 9 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 45 minutes ago Exited (0) 45 minutes ago jolly_mccarthy [root@localhost ~]# docker stop fe233ef7ae00 ##容器停止 fe233ef7ae00 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 7 minutes ago Exited (137) 1 seconds ago syavingc 0fd3287c3a0a centos "/bin/echo hahha" 9 minutes ago Exited (0) 9 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 45 minutes ago Exited (0) 45 minutes ago jolly_mccarthy
3.5 删除容器
[root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 4 minutes ago Exited (127) About a minute ago syavingc cd5c192a27f1 centos "/bin/echo syavingc" 5 minutes ago Exited (0) 5 minutes ago berserk_swartz 0fd3287c3a0a centos "/bin/echo hahha" 7 minutes ago Exited (0) 7 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 43 minutes ago Exited (0) 43 minutes ago jolly_mccarthy [root@localhost ~]# docker rm cd5c192a27f1 ##注意,容器必须停止后才能删除 cd5c192a27f1 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 5 minutes ago Exited (127) 2 minutes ago syavingc 0fd3287c3a0a centos "/bin/echo hahha" 8 minutes ago Exited (0) 8 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 43 minutes ago Exited (0) 43 minutes ago jolly_mccarthy
3.6 进入容器
[root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 11 minutes ago Up 3 seconds syavingc 0fd3287c3a0a centos "/bin/echo hahha" 13 minutes ago Exited (0) 13 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 49 minutes ago Exited (0) 49 minutes ago jolly_mccarthy [root@localhost ~]# docker attach fe233ef7ae00 [root@fe233ef7ae00 /]# pwd / [root@fe233ef7ae00 /]# hostname fe233ef7ae00
##这样进入容器的缺点就是如果在开一个窗口就会同步操作,类似于单用户模式(windows远程桌面)
提示:生产场景是不使用docker attach的,需要我们使用nsenter这个工具,这个工具包含在util-linux软件包里面
[root@localhost ~]# yum install util-linux -y
Centos7默认最小化已经安装
我们通过nsenter就可以进入容器,但是nsenter是通过pid进入容器里,所以我们需要知道容器的pid。我们可以通过docker inspect来获取到pid
[root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 16 minutes ago Exited (0) 52 seconds ago syavingc 0fd3287c3a0a centos "/bin/echo hahha" 18 minutes ago Exited (0) 18 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 54 minutes ago Exited (0) 54 minutes ago jolly_mccarthy [root@localhost ~]# docker start fe233ef7ae00 fe233ef7ae00 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 16 minutes ago Up 1 seconds syavingc 0fd3287c3a0a centos "/bin/echo hahha" 19 minutes ago Exited (0) 19 minutes ago determined_roentgen e068dff5ee86 hello-world "/hello" 54 minutes ago Exited (0) 54 minutes ago jolly_mccarthy [root@localhost ~]# docker inspect -f "{{ .State.Pid }}" fe233ef7ae00 16178 [root@localhost ~]# nsenter -t 16178 -m -u -i -n -p [root@fe233ef7ae00 /]# hostname fe233ef7ae00
docker inspect -f {{.State.Pid}}容器名或者容器id
#每一个容器都有.State.Pid,所以这个命令除了容器的id需要我们根据docker ps -a去查找,其他的全部为固定的格式
nsenter --target上面查到的进程id --mount --uts --ipc --net --pid #输入该命令便进入到容器中
解释nsenter指令中进程id之后的参数的含义:
* –mount参数是进去到mount namespace中
* –uts参数是进入到uts namespace中
* –ipc参数是进入到System V IPC namaspace中
* –net参数是进入到network namespace中
* –pid参数是进入到pid namespace中
* –user参数是进入到user namespace中
以下是以nsenter启动的进程
[root@fe233ef7ae00 /]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11780 1684 ? Ss+ 16:34 0:00 /bin/bash root 14 0.0 0.1 15212 2000 ? S 16:34 0:00 -bash root 28 0.0 0.0 50884 1804 ? R+ 16:36 0:00 ps aux
/bin/bash是我们运行容器产生的进程
-bash 是我们使用nsenter产生的,这样如果我们退出容器,容器就不会退出,因为-bash还在运行
[root@fe233ef7ae00 /]# exit logout [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 20 minutes ago Up 3 minutes syavingc
因为每次进入容器都需要输入那两条命令,所以我们可以写一个脚本来获取。
脚本内容如下:
[root@localhost ~]# cat docker_in.sh #!/bin/bash # Use nsenter to access docker docker_in(){ NAME_ID=$1 PID=$(docker inspect -f "{{ .State.Pid }}" $NAME_ID) nsenter -t $PID -m -u -i -n -p } docker_in $1
执行结果如下:
[root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 22 minutes ago Up 5 minutes syavingc [root@localhost ~]# ./docker_in.sh syavingc [root@fe233ef7ae00 /]# hostname fe233ef7ae00 [root@fe233ef7ae00 /]# ps aux USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 11780 1684 ? Ss+ 16:34 0:00 /bin/bash root 29 0.0 0.1 15212 2000 ? S 16:40 0:00 -bash root 43 0.0 0.0 50884 1800 ? R+ 16:40 0:00 ps aux [root@fe233ef7ae00 /]# exit logout [root@localhost ~]# docker ps ##退出容器后,进程还在 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES fe233ef7ae00 centos "/bin/bash" 22 minutes ago Up 6 minutes syavingc [root@localhost ~]#
我们也可以不进入容器进行查看
[root@localhost ~]# docker exec syavingc ps -ef UID PID PPID C STIME TTY TIME CMD root 1 0 0 16:34 ? 00:00:00 /bin/bash root 44 0 0 16:42 ? 00:00:00 ps -ef [root@localhost ~]# docker exec syavingc ls / anaconda-post.log bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
提示:可以使用exec参数,不进入容器查看内容
我们还可以使用exec进入docker容器中
[root@localhost ~]# docker exec -it syavingc /bin/bash [root@fe233ef7ae00 /]# hostname fe233ef7ae00
但是最好还是少使用exec,有可能会对容器造成一些意外的影响
3.7 查看日志
[root@localhost ~]# docker run -d -p 80:80 --name web nginx 879aee833d293856dbe6c35947fca84afe214096fa34975723dd90003b551213 [root@localhost ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 879aee833d29 nginx "nginx -g ‘daemon off" 5 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp web fe233ef7ae00 centos "/bin/bash" 52 minutes ago Up 35 minutes syavingc [root@localhost ~]# docker logs 879aee833d29 10.0.0.1 - - [24/Oct/2017:17:10:30 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" "-" 10.0.0.1 - - [24/Oct/2017:17:10:30 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://10.0.0.30/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" "-" 2017/10/24 17:10:30 [error] 7#7: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.0.0.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "10.0.0.30", referrer: "http://10.0.0.30/"
标签:space 指令 exit 情况 net 影响 远程 bsp 输入
原文地址:http://www.cnblogs.com/syaving/p/7976643.html
