2. Docker uses templates to create images, container management, warehouse management, data management

1. Docker uses templates to create mirrors

Download a template first


//Download speed is not fast, download a CentOS 6 template centos-6-x86-minimal.tar.gz

[root@fuxi01 ~]# wget http://download.openvz.org/template/precreated/centos-6-x86-minimal.tar.gz

The command to import the image is:

# cat centos-6-x86-minimal.tar.gz|docker import - centos6

#Doker images //View imported images
# docker run -itd centos6 bash
[root@fuxi01 ~]# docker exec -it 79ce4ee1 bash
[root@79ce4ee106cb /]#cat/etc/issue //view its version
CentOS release 6.8 (Final)
Kernel \r on an \m
[root@79ce4ee106cb /]# uname -a
Linux 79ce4ee106cb 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@79ce4ee106cb /]# exit
[root@fuxi01 ~]# uname -a
Linux fuxi01 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Thus, the core of the docker container and the kernel of the Linux machine are the same 3.10.0 kernel, so docker container is based on the Linux kernel.

Export an existing image to a file:

# docker save -o centos7_with_nettool.tar centos_with_net

//save-o followed by the file name and then the mirror name.Save and load are a pair.

[root@fuxi01 ~]# docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
79ce4ee106cb        centos6             "bash"              4 days ago          Up 4 days                               kind_pasteur
b15b83c7c7a2        centos_with_net     "/bin/bash"         5 days ago          Up 5 days                               infallible_lalande
7ae3b5eb6e41        ubuntu              "/bin/bash"         12 days ago         Up 12 days                              admiring_diffie
43aae89a76ae        centos              "/bin/bash"         13 days ago         Up 13 days                              serene_kare
[root@fuxi01 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
centos6             latest              cdce38ce7fb2        4 days ago          512MB
centos_with_net     latest              2803335f23a6        5 days ago          261MB
ubuntu              latest              549b9b86cb8d        3 weeks ago         64.2MB
centos              latest              0f3e07c0138f        3 months ago        220MB
yw_centos           latest              0f3e07c0138f        3 months ago        220MB
[root@fuxi01 ~]# docker rm -f b15b83c7c7a2
[root@fuxi01 ~]# docker rmi 2803335f23a6
Untagged: centos_with_net:latest
Deleted: sha256:2803335f23a68731a68ffbc860d6e72c15feb2e922cc8aefb1e013fd174b604e
Deleted: sha256:c7d34cfde22ae64c7556234eed73668e4a7b4b2803e51bde4cbbdbd25bb5a2cb

You can also use this file to restore the local image:

#docker load--input centos7_with_nettool.tar or
# docker load < centos7_with_nettool.tar
# docker push image_name

docker push //You can upload your own image to the official dockerhub website, but only if you need to register a user before you can research it later.

2. Container Management

# docker create -it centos6 bash

//This creates a container, but the container is not started, docker creation is like creating a virtual machine.The same usage as docker run.Once created, you need docker PS-A to see that the state is Created.

# docker start container_id

//After starting the container, you can use docker ps to see that if there is a start, there is stop, and restart.

The docker run we used before is equivalent to creating before start ing

# docker run -it centos bash

This enters a virtual terminal and we can run some commands to exit the bash with the command exit or ctrl d and the container will stop when it exits.Execute docker PS-A to see that its state is Exited.

# docker run-d allows containers to run in the background

For example: docker run-d CentOS bash-c "while:; do echo" 123 "; sleep 2; done"

# docker run --name centos6_1 - itd centos6 bash /- name Customizes the name of the container. If not defined, the rightmost NAMES at docker ps is a random string.
# docker exec-it centos6_1 bash // Enter the container to write the defined name directly, without writing its ID.

# docker run --rm-it centos bash-c "sleep 30" /--rm allows containers to be deleted directly after they exit, where commands execute and containers exit.-c, execute the command in the container.

Doker logs can obtain operational history information for containers as follows:

docker logs  container_id  

[root@fuxi01 ~]# docker run -itd centos bash -c "echo 12345"
[root@fuxi01 ~]# docker logs 7c2e09

docker attach can enter a container that runs in the background, such as

# docker attach  container_id    
//But the attach command is not useful, for example, if we want to exit the terminal, we have to exit, so the container exits the stop, and there is another way:
# docker exec -it container_id  bash  
//A virtual terminal can be temporarily opened and the container is still running after exit.
# docker rm container_id  
//The container_id is viewed when docker ps-a, so that the container can be deleted. If the container is running, rm-f is required.
# docker  export container_id  > file.tar  
//Export containers, which can be migrated to other machines, need to be imported. The import is docker load --input.
# cat file.tar |docker import - aming_test   
//This will produce a mirror of aming_test

3. Warehouse Management

# docker pull registry

//Download the registry image, which is an official image of the docker that we can use to create a local docker private repository.Pulling registry is slow without an accelerator.Accelerator: /etc/docker/daemon.json

All containers stop after restarting the docker. To start all containers automatically in batch,

Execution: systemctl restart docker & & docker start $(docker ps-a-q)

Start all container commands in docker

# docker start $(docker ps -a | awk '{ print $1}' | tail -n +2)

Close all container commands in docker

# docker stop $(docker ps -a | awk '{ print $1}' | tail -n +2)

# docker run -d -p 5000:5000 registry

//Start the container in a registry image, -p maps the port of the container to the host, -left for host listening port, and-right for container listening port.You can also write other ports to customize.

//To access port 80 in a container, you need to make a port mapping.For example, the IP in the centos container is, which is internal, but the host's is external, and the host-to-container port 80 is pingable.


Nothing. We need to transfer the mirror to the warehouse to see it.

Next, upload one of the mirrors to the private repository

# docker tag CentOS // tag, first of all host IP, must have ip:port with private repository
 # docker push // Push a mirror of the marker to a private repository

It will not succeed at this time, Get http: server gave HTTP response to HTTPS client error, use HTTPS here.


Change profile:

#vi/etc/docker/daemon.json//Change to this content, previous accelerators need to be deleted or push will not succeed.Use HTTP instead of HTTPS.
 { "insecure-registries":[""] }
# systemctl restart docker 
#docker ps-a //view container is closed and needs to be started
#docker start_id//where ID is registry container ID

push again

# docker push
 # curl //Can see the image on the push
//centos here is the string at the end of the push.

# docker tag Ubuntu*//label, push, and view in private warehouses.
# docker push
# curl

New machines pull mirrors from private warehouses:
Install the docker, define the warehouse address vi/etc/docker/daemon.json, start the docker, and pull:
# docker pull
 //Plus IP:port is either downloaded in the private repository or officially.

4. Data Management

Containers are started by mirroring, and new data generated in the container is eliminated when the container stops or deletes, which means there is a risk to the data.So think of a way to mount the host's directory into a container so that even if the container is stopped or deleted, the data remains in the host's directory.

1. Mount the local directory into the container

# docker run -tid -v /data/:/data centos bash
[root@fuxi01 ~]# ls /data
change.log  ftp  gitroot  mariadb  mysql  tomcat-instance  user_passwd  wwwroot
[root@fuxi01 ~]# docker exec -it 266bc8c bash
[root@266bc8cd6fe8 /]# ls /data
change.log  ftp  gitroot  mariadb  mysql  tomcat-instance  user_passwd	wwwroot
[root@266bc8cd6fe8 /]# 
//In this way, the data directory in the container and the host's data directory are synchronized, and changes are synchronized.

//-v is used to specify the mount directory, / data / is the host local directory, and / data / is the container directory, which is automatically created in the container.

2. Mount the data volume (--volumes-from)

In fact, when we mount a directory, we can use --name to specify the container name, otherwise we can define it randomly.For example, if it is not specified above, it generates a name called heuristic_almeida, which can be used to look at the rightmost column using the command docker ps.

# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
266bc8cd6fe8        centos              "bash"                   23 hours ago        Up 23 hours                                  heuristic_almeida
# docker run -itd --volumes-from heuristic_almeida centos6 bash

In this way, we create a new container using the centos6 image and use the heuristic_almeida container as the data volume. When you enter this centos6 container, you can see that ls/data has the same contents as centos. What is the data directory of the centos6 container like, what is centos6 here, and what is related.

3. Define data volume containers

Sometimes, we need multiple containers to share data with each other, similar to NFS in linux, so we can set up a dedicated data volume container and mount the volume directly from the other containers.

First set up the data volume container

# docker run -itd -v /data/ --name testvol centos  bash

//Note that/data/here is a container/data directory, not a local/data/directory.The host directory is not required for mapping.Share this directory as a public directory.

Then let other containers mount the volume

# docker run -itd  --volumes-from testvol centos6 bash

Tags: Linux Docker CentOS Ubuntu

Posted on Tue, 11 Feb 2020 19:24:12 -0800 by simon71