一、Docker介绍
1.1、什么是docker
Docker是一个开源的应用容器引擎,使用Go语言开发,基于Linux内核的cgroup,namespace,Union FS等技术,对应用进程进行封装隔离,并且独立于宿主机与其他进程,这种运行时封装的状态称为容器。
Docker早期版本实现是基于LXC,并进一步对其封装,包括文件系统、网络互联、镜像管理等方面,极大简化了容器管理。从0.7版本以后开始去除LXC,转为自省研发的libcontainer,从1.11版本开始,进一步为使用runC和containerd。
Docker理念是将应用及依赖包打包到一个可移植的容器中,可发布到任意Linux发行版Docker引擎上。使用沙箱机制运行程序,程序之间相互隔离。
1.2、docker结构体系
Containerd:是一个简单的守护进程,使用runC管理容器。向Docker Engine提供接口。
Shim:只负责管理一个容器。
runC:是一个轻量级的工具,只用来运行容器。
- Docker Client:客户端
- Docker Daemon:守护进程
- Docker Images:镜像
- Docker Container:容器
- Docker Registry:镜像仓库
1.3、docker内部组件
Namespaces
命名空间,Linux内核提供的一种对进程资源隔离的机制,例如进程、网络、挂载点等资源。
CGroup
控制组,Linux内核提供的一种限制进程资源的机制;例如CPU、内存等资源。
UnionFS
联合文件系统,支持将不同位置的目录挂载到同一虚拟文件系统,形成一种分层的模型。
1.4、什么是容器
- 对软件和其依赖的标准化打包
- 应用之间相互隔离
- 共享同一个OS Kernel
- 可以运行在很多主流操作系统上
1.5、容器和虚拟机的区别
以KVM为例与Docker对比
启动时间
Docker妙级启动,KVM分钟级启动。
轻量级
容器镜像带下通常以M为单位,虚拟机以G为单位。 容器资源占用小,要比虚拟机部署更快捷。
性能
容器共享宿主机内核,系统级虚拟化,占用资源少,没有Hypervisor层开销,容器性能基本接近物理机; 虚拟机需要Hypervisior层支持,虚拟化一些设备,具备完整的GuestOS,虚拟化开销大,因而降低性能,没有容器性能好。
安全性
由于共享宿主机内核,只是进程级隔离,因此隔离性和稳定性不如虚拟机,容器具有一定权限访问宿主机内核,存在一定安全隐患。
使用要求
KVM基于硬件的完全虚拟化、需要赢家CPU虚拟化技术支持; 容器共享所主机内核,可运行在主流的Linux发行版,不用考虑CPU是否支持虚拟化技术。
1.6、docker应用场景
•应用程序打包和发布
•应用程序隔离
•持续集成
•微服务部署
•快速搭建测试环境
•提供PaaS产品(平台即服务)
二、docker安装
2.1、关闭防火墙
systemctl stop firewalld systemctl disable firewalld
2.2、关闭selinux
vim /etc/selinux/config SELINUX=disabled #设置为disabled reboot #重启服务器 # 查看selinux状态 [root@server04 ~]# getenforce Disabled
2.3、安装所需要的包
yum install -y yum-utils device-mapper-persistent-data lvm2
2.4、配置yum源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
2.5、安装docker-ce
yum install docker-ce -y
2.6、启动
systemctl start docker # 加入开机启动 systemctl enable docker
2.7、运行hello-world
docker run hello-world
2.8、查看docker版本
[root@server04 ~]# docker info
Client: Docker Engine - Community
Version: 24.0.6
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.21.0
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 2
Server Version: 24.0.6
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 61f9fd88f79f081d64d6fa3bb1a0dc71ec870523
runc version: v1.1.9-0-gccaecfc
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 3.10.0-1160.90.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 3.682GiB
Name: server04
ID: be595f37-af7c-486d-aca2-76c3590143f7
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
https://registry.docker-cn.com/
Live Restore Enabled: false
2.9、查看运行了哪些docker
docker run -it nginx <<== -it前台运行、再打开一个终端用于查看 [root@server04 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5e17bb7f5848 nginx "/docker-entrypoint.…" 35 seconds ago Up 33 seconds 80/tcp modest_wescoff
2.10、查看容器信息
[root@server04 ~]# docker inspect 5e17bb7f5848
[
{
"Id": "5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c",
"Created": "2023-09-25T16:11:02.449798245Z",
"Path": "/docker-entrypoint.sh",
"Args": [
"nginx",
"-g",
"daemon off;"
],
"State": {
"Status": "running",
"Running": true,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 2566,
"ExitCode": 0,
"Error": "",
"StartedAt": "2023-09-25T16:11:03.170447828Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:61395b4c586da2b9b3b7ca903ea6a448e6783dfdd7f768ff2c1a0f3360aaba99",
"ResolvConfPath": "/var/lib/docker/containers/5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c/hostname",
"HostsPath": "/var/lib/docker/containers/5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c/hosts",
"LogPath": "/var/lib/docker/containers/5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c/5e17bb7f58482e8921b45559f2ffddb45f3ad192644e5fe50aaac8f2f055cc2c-json.log",
"Name": "/modest_wescoff",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "",
"ExecIDs": null,
"HostConfig": {
"Binds": null,
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "default",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
30,
96
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba-init/diff:/var/lib/docker/overlay2/4f78ae5f917ca08bbde77f1ad187042791389068f8263be9221aef4f9a3e09aa/diff:/var/lib/docker/overlay2/7bbeb264406af998971a0ec5938723699549c21762aae769666fdb49aa6651bc/diff:/var/lib/docker/overlay2/6017b041b54f72167c4b957c71a974c1d702e3219cc39e2f2f65c4f00204658a/diff:/var/lib/docker/overlay2/87e2982f0891eaac69d78567aa1e9f2a8febb3b839af2bf7998920f440c9907d/diff:/var/lib/docker/overlay2/ce8dddff3e864f83ab6dd2a171a361dad987cdc65ad9571216002ef1d50f3e88/diff:/var/lib/docker/overlay2/09530dcf8710fdbc06635f6e9f4e64acf3d2cd790d844124752e60b226c6a125/diff:/var/lib/docker/overlay2/4eb51cab29daf0a9426941427e54e4b6e9257678e1358238b13a16f88348a447/diff",
"MergedDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/merged",
"UpperDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/diff",
"WorkDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/work"
},
"Name": "overlay2"
},
"Mounts": [],
"Config": {
"Hostname": "5e17bb7f5848",
"Domainname": "",
"User": "",
"AttachStdin": true,
"AttachStdout": true,
"AttachStderr": true,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": true,
"OpenStdin": true,
"StdinOnce": true,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.25.2",
"NJS_VERSION=0.8.0",
"PKG_RELEASE=1~bookworm"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"Image": "nginx",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": [
"/docker-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
},
"StopSignal": "SIGQUIT"
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "f4c582778308d596719d33523236eac2ef77457d181daea2e5fbed907e855eee",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": null
},
"SandboxKey": "/var/run/docker/netns/f4c582778308",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "cb440654ecf1609aeea7fbd6e13c4f0d51280f5d8ee4ff2330f1a320246f7b06",
"Gateway": "172.17.0.1",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"MacAddress": "02:42:ac:11:00:02",
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "3aca20bdb238ca54726173bf0e92d3973b3f5cb95053800b683aa2639e99a9de",
"EndpointID": "cb440654ecf1609aeea7fbd6e13c4f0d51280f5d8ee4ff2330f1a320246f7b06",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02",
"DriverOpts": null
}
}
}
}
]
[root@server04 ~]# curl -I 172.17.0.2 HTTP/1.1 200 OK Server: nginx/1.25.2 Date: Mon, 25 Sep 2023 16:14:01 GMT Content-Type: text/html Content-Length: 615 Last-Modified: Tue, 15 Aug 2023 17:03:04 GMT Connection: keep-alive ETag: "64dbafc8-267" Accept-Ranges: bytes
2.11、进入容器
[root@server04 ~]# docker exec -it 5e17bb7f5848 bash root@5e17bb7f5848:/# ls bin docker-entrypoint.d home lib64 mnt root srv usr boot docker-entrypoint.sh lib libx32 opt run sys var dev etc lib32 media proc sbin tmp root@5e17bb7f5848:/# exit exit
三、镜像管理
3.1、镜像是什么
- 一个分层存储的文件
- 一个软件的环境
- 一个镜像可以创建N个容器
- 一种标准化的交付
- 一个不包含Linux内核而又精简的Linux操作系统
镜像不是一个单一的文件,而是有多层构成。我们可以通过docker history <ID/NAME>查看镜像中各层内容及大小,每层对应着Dockerfile中的一条指令。Docker镜像默认存储在/var/lib/docker/<storage-driver>中。
[root@server04 ~]# docker history nginx IMAGE CREATED CREATED BY SIZE COMMENT 61395b4c586d 5 days ago /bin/sh -c #(nop) CMD ["nginx" "-g" "daemon… 0B <missing> 5 days ago /bin/sh -c #(nop) STOPSIGNAL SIGQUIT 0B <missing> 5 days ago /bin/sh -c #(nop) EXPOSE 80 0B <missing> 5 days ago /bin/sh -c #(nop) ENTRYPOINT ["/docker-entr… 0B <missing> 5 days ago /bin/sh -c #(nop) COPY file:9e3b2b63db9f8fc7… 4.62kB <missing> 5 days ago /bin/sh -c #(nop) COPY file:57846632accc8975… 3.02kB <missing> 5 days ago /bin/sh -c #(nop) COPY file:3b1b9915b7dd898a… 298B <missing> 5 days ago /bin/sh -c #(nop) COPY file:caec368f5a54f70a… 2.12kB <missing> 5 days ago /bin/sh -c #(nop) COPY file:01e75c6dd0ce317d… 1.62kB <missing> 5 days ago /bin/sh -c set -x && groupadd --system -… 112MB <missing> 5 days ago /bin/sh -c #(nop) ENV PKG_RELEASE=1~bookworm 0B <missing> 5 days ago /bin/sh -c #(nop) ENV NJS_VERSION=0.8.0 0B <missing> 5 days ago /bin/sh -c #(nop) ENV NGINX_VERSION=1.25.2 0B <missing> 5 days ago /bin/sh -c #(nop) LABEL maintainer=NGINX Do… 0B <missing> 5 days ago /bin/sh -c #(nop) CMD ["bash"] 0B <missing> 5 days ago /bin/sh -c #(nop) ADD file:a1398394375faab8d… 74.8MB [root@server04 ~]# cd /var/lib/docker [root@server04 /var/lib/docker]# ls buildkit engine-id network plugins swarm volumes containers image overlay2 runtimes tmp [root@server04 /var/lib/docker]# cd overlay2/ [root@server04 /var/lib/docker/overlay2]# ls 09530dcf8710fdbc06635f6e9f4e64acf3d2cd790d844124752e60b226c6a125 12f1fd113a660071b93a2a2fa91ab50fd1be168ef6130ab563fb0cb3dc88bd40 13c917e7c0cf4484a29961b08161654dbc20848becd993cb4d07105d7e8dd7a0 13c917e7c0cf4484a29961b08161654dbc20848becd993cb4d07105d7e8dd7a0-init 2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba 2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba-init 417fab199b09d8d1114518d0ae8e28890221cbb13b7066eeaac09b14bfec6b47 4eb51cab29daf0a9426941427e54e4b6e9257678e1358238b13a16f88348a447 4f78ae5f917ca08bbde77f1ad187042791389068f8263be9221aef4f9a3e09aa 6017b041b54f72167c4b957c71a974c1d702e3219cc39e2f2f65c4f00204658a 7bbeb264406af998971a0ec5938723699549c21762aae769666fdb49aa6651bc 8381dcc4c841c5e9c156e709a55aec14db57fecc48f62bac8dbb76806048f4a2 8381dcc4c841c5e9c156e709a55aec14db57fecc48f62bac8dbb76806048f4a2-init 87e2982f0891eaac69d78567aa1e9f2a8febb3b839af2bf7998920f440c9907d backingFsBlockDev ce8dddff3e864f83ab6dd2a171a361dad987cdc65ad9571216002ef1d50f3e88 l [root@server04 /var/lib/docker/overlay2]#
3.2、镜像从哪里来
Docker Hub是由Docker公司负责维护的公共注册中心,包含大量的容器镜像,Docker工具默认从这个公共镜像库下载镜像。地址:https://hub.docker.com/explore
3.3、配置进镜像加速器
https://www.daocloud.io/mirror curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io systemctl restart docker
3.4、镜像与容器的联系
如图,容器其实是在镜像的最上面加了一层读写层,在运行容器里文件改动时,会先从镜像里面要写的文件复制到容器自己的文件系统中(读写层)。
如果容器删除了,最上面的读写层也就被删除了,改动也就丢失了。所以无论多少个容器共享一个镜像,所做的写操作都是从镜像的文件系统中复制过来操作的,并不会修改镜像的源文件,这种方式提高磁盘利用率。
若想持久化这些改动,可以通过docker commit将容器保存成一新的镜像。
[root@server04 ~]# docker run -itd nginx
4a29bf71d65abab063f697c7101786ad09be2823e4ade796c4c10cc4eaec0bb0
[root@server04 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4a29bf71d65a nginx "/docker-entrypoint.…" 4 seconds ago Up 3 seconds 80/tcp beautiful_lichterman
ac118f15419c nginx "/docker-entrypoint.…" 33 seconds ago Up 32 seconds 80/tcp quizzical_wescoff
5e17bb7f5848 nginx "/docker-entrypoint.…" 13 minutes ago Up 13 minutes 80/tcp modest_wescoff
[root@server04 ~]# docker exec -it 5e17bb7f5848 bash
root@5e17bb7f5848:/# ls
bin dev docker-entrypoint.sh home lib32 libx32 mnt proc run srv tmp var
boot docker-entrypoint.d etc lib lib64 media opt root sbin sys usr
root@5e17bb7f5848:/# touch nginx.txt
root@5e17bb7f5848:/# exit
exit
[root@server04 ~]# docker inspect 5e17bb7f5848
...
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba-init/diff:/var/lib/docker/overlay2/4f78ae5f917ca08bbde77f1ad187042791389068f8263be9221aef4f9a3e09aa/diff:/var/lib/docker/overlay2/7bbeb264406af998971a0ec5938723699549c21762aae769666fdb49aa6651bc/diff:/var/lib/docker/overlay2/6017b041b54f72167c4b957c71a974c1d702e3219cc39e2f2f65c4f00204658a/diff:/var/lib/docker/overlay2/87e2982f0891eaac69d78567aa1e9f2a8febb3b839af2bf7998920f440c9907d/diff:/var/lib/docker/overlay2/ce8dddff3e864f83ab6dd2a171a361dad987cdc65ad9571216002ef1d50f3e88/diff:/var/lib/docker/overlay2/09530dcf8710fdbc06635f6e9f4e64acf3d2cd790d844124752e60b226c6a125/diff:/var/lib/docker/overlay2/4eb51cab29daf0a9426941427e54e4b6e9257678e1358238b13a16f88348a447/diff",
"MergedDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/merged",
"UpperDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/diff",
"WorkDir": "/var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba/work"
},
"Name": "overlay2"
...
[root@server04 ~]# cd /var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba
[root@server04 /var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba]# ls
diff link lower merged work
[root@server04 /var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba]# ls diff <<==与镜像差异
etc nginx.txt root run var
[root@server04 /var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba]# ls merged/ <<==Nginx工作的数据驱动存储
bin dev docker-entrypoint.sh home lib32 libx32 mnt opt root sbin sys usr
boot docker-entrypoint.d etc lib lib64 media nginx.txt proc run srv tmp var
[root@server04 /var/lib/docker/overlay2/2f69c7685d3203344082158551d1b6a5800836b31e5170747ba904178939daba]# ls work
work
3.5、管理镜像常用命令
docker image --help
下载镜像
docker pull nginx //下载镜像
docker pull nginx:v1.4.14
运行镜像
docker run -it nginx //运行镜像
docker run -it --rm ubuntu:18.04 bash // 运行镜像并进入shell 退出后删除镜像
docker run --name webserver -d -p 80:80 nginx // 运行镜像,--name 给镜像取一个名字 -d 后台运行模式 -p 镜像端口映射
镜像帮助信息
docker image --help // 获取镜像操作的命令帮助
搜索镜像
docker search nginx // 搜索nginx镜像
查看镜像历史信息
docker image history nginx // 查看镜像历史
查看镜像详细信息
docker image inspect nginx //查看镜像详细信息
列出镜像
docker images //列出镜像
docker image ls //列出镜像
docker image ls -a //docker image ls 命令列表中只显示顶层镜像。-a 参数可以显示包括中间层在内的所有镜像
docker image ls nginx //根据仓库名列出镜像
docker image ls nginx:v2 //根据某个特定标签列出镜像
docker image ls -f since=mongo:3.2 //mongo:3.2 之后建立的镜像 before 之前
docker image ls -f label=dev //列出标签是dev的镜像
docker images -q -f reference='eshop/*:dev' // 根据名称和标签匹配并只显示id
docker image ls --format "{{.ID}}: {{.Repository}}" // 模板语法
查看镜像、容器、数据卷大小
docker system df //查看镜像、容器、数据卷所占的空间大小
删除镜像
docker image rm centos:v7 // 按照标签tag删除镜像,也可以根据image id删除
//删除镜像的前提是该镜像没有运行成容器;docker image rm 等同docker rmi命令;如果需要强行删除已经运行为容器的镜像,可以使用-f选项来指定;
docker image rm af34 //根据ID删除镜像,一般取前3个字符或以上就可以了
docker image rm $(docker image ls -q nginx) //过滤删除命令。删除所有仓库名为 nginx 的镜像
docker image rm $(docker image ls -q -f before=nginx:v2)
docker image rm $(docker images -q -f reference='eshop/*:dev') //-f
docker image prune //删除虚悬镜像
给镜像打tag
docker tag centos centos:v6.7 //给镜像打标签 tag
四、容器管理
4.1、创建容器常用选项
docker container run --help
4.2、容器资源限制
示例:
内存限额