Docker Command Details and Mirror Management

Docker Command and Mirror Management:

Docker images contain the file system and content needed to start the container, so they are mainly used to create and start the docker container.

The Docker image contains a layer of file system called Union FS, which can mount several layers of directories together to form a virtual file system. The directory structure of the virtual file system is just like that of ordinary linux. Docker adds the host computer through these files. The kernel provides a virtual environment for linux. Each layer of file system is called a layer. The federated file system can set three permissions for each layer of file system: read only, read write and whiteout-able. But every layer of file system in the docker image is read-only. When building an image, starting from a basic operating system, each build operation is equivalent to making a layer of modification, adding a layer of file system, one layer to the top, the upper modification will cover the visibility of the bottom location, which is easy to understand, just like the upper layer hides the bottom, when using the mirror. When we see a complete whole, we don't know how many layers are inside or how many layers are inside. The structure is as follows:

A typical Linux file system consists of bootfs and rootfs. Bootfs (boot file system) mainly includes bootloader and kernel. Bootloader is mainly used to boot and load kernel.

When the kernel is loaded into memory, bootfs will be umount off. rootfs (root file system) contains standard directories and files such as / dev, / proc, / bin, / etc. in typical Linux systems. The following figure is the most basic two-tier structure of docker image. Different Linux distributions (such as ubuntu and entOS) are in the The rootfs layer will be different. But for docker images, they are usually relatively small. Officially provided CentOS basic images are around 200 MB. Some other versions of the images are even only a few MB. The docker images directly call the host's kernel. Only rootfs are provided in the images, that is to say, only the most basic commands, tools and libraries are needed. Well, alpine mirrors, for example, are around 5M.

Here are two different mirrors that implement different rootfs on a host kernel.

Container, mirror parent image:

Examples of common docker commands

  1. Search for official images
# With the specified version number
docker search centos:7.2.1511 
# Default latest without version number
docker search centos 
  1. Download mirroring
docker pull warehouse server: port / project name / mirror name: version number
  1. View local mirrors
docker images

REPOSITORY #The name of the warehouse to which the mirror belongs
TAG #Mirror version number (identifier), default to latest
IMAGE ID #Mirror Unique ID Marking
CREATED #Mirror creation time
VIRTUAL SIZE #The size of the mirror

  1. Mirror export: You can export the image from local to a compressed file and copy it to other servers for import and use.
# Method 1
docker save centos -o /opt/centos.tar.gz
# Method 2
docker save centos > /opt/centos-1.tar.gz
  1. View Mirror Content: Contains the relevant configuration, configuration files, layers of the image
tar xvf centos.tar.gz
cat manifest.json
  1. Mirror Import: Import Mirror into docker
docker load < /opt/centos.tar.gz
  1. delete mirror
docker rmi centos
  1. Delete containers (- f mandatory)
docker rm container ID/container name

The docker command:

  1. Command format
  1. Common COMMAND
attach      This way the operation of entering the container is displayed synchronously and exit The rear container will be closed
build       from Dockerfile Building a Mirror
commit      Create a new image from container changes
cp          Copy files between containers and local file systems/Folder
create      Create a new container
diff        Check changes to files or directories on container file systems
events      Getting Real-time Events from the Server
exec        Run commands in running containers
export      Export the container's file system to tar package
history     History of Displaying Mirrors
images      List mirroring
import      from tarball Import content to create a file system image
info        Display the information of the whole system
inspect     Return Docker The underlying information of an object
kill        Stop one or more running containers
load        from tar Packet or standard output load image
login       Log in to a Docker registry
logout      Log out from a Docker registry
logs        Get the container log
pause       Pause all processes in one or more containers
port        List port or specific mappings for containers
ps          List running containers
pull        Download mirroring
push        Upload mirroring
rename      Recommand a container
restart     Restart container
rm          Remove one or more containers
rmi         Remove one or more mirrors
run         Run commands in new containers
save        Save one or more images to tar Archive file(By default flow to STDOUT)
search      stay Docker Search Mirror in Warehouse
start       Start one or more containers in a stop state
stats       Real-time flow displaying container resource usage statistics
stop        Stop one or more running containers
tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
top         Display the running process of the container
unpause     Unpause all processes within one or more containers
update      Update configuration of one or more containers
version     View version
wait        Block until one or more containers stop and print their exit codes

Subcommand help

docker COMMAND --help

Exit container not logged out: Ctrl + P + Q


Run commands in new containers

  • Command format
docker run [option] mirror name [shell command] [parameter...]
  • Common options
- p list specifies the port of the container to be published to the host
 - P Publishes all open ports to random ports
 - name string assigns a name to the container
 - d Runs the container in the background and prints the container ID
 - it creates and enters the container
 - rm automatically deletes the container when it exits
  • Example:
  1. The startup container exits after executing the shel l command
#docker run [mirror name] [shell command]
docker run centos /bin/echo 'hello wold' 
  1. Start a container from the mirror: it goes directly into the container and randomly generates the container ID and name
docker run -it bash
  1. Random Mapping Port:
    Front Start and Random Map Local Port to Container 80
docker run -P 

The session window initiated by the front desk can not perform other operations unless it exits, but the container will also exit the random port mapping after exiting. In fact, the default is to start at 32768.

  1. Specify port mapping:

Mode 1: Local port 81 maps to container port 80:

docker run -p 81:80 --name "nginx-test" nginx

Mode 2: Local IP: Local Port: Container Port

docker run -p --name "nginx-test"

Mode 3: Local IP: Local Random Port: Container Port

docker run -p --name "nginx-test"

Mode 4: Local ip: Local port: Container port / protocol, default to tcp protocol

docker run -p --name "nginx-test"

Mode 5: Mapping multiple ports + protocols at one time:

docker run -p 86:80/tcp -p 443:443/tcp -p 53:53/udp --name "nginx-test"
  1. Background Start Container
docker run -d -P --name "nginx-test"
  1. Automatic deletion of containers after exit
docker run -it --rm --name nginx-test
  1. Specify container DNS:
    dns service, default host dns address
    One is to configure the dns address on the host
    The second is to configure the parameters in the docker startup script - dns=
docker run -it --rm --dns centos bash

The rm container will be deleted after it exits


List running containers

  • Command format
docker ps [OPTIONS]
  • Common options
- a Displays all containers (default display is running)
- f Filters the output according to the conditions provided
 - n int displays the last n containers created (including all states) (default value - 1)
- l Displays newly created containers (including all states)
- no-trunc uncut output
 - q Displays only digital id
 - s Displays Total File Size
  • Example:
  1. Displays the running container:
docker ps
  1. Display all containers
docker ps -a


Remove one or more containers

  • Command format
  • Common options
- f Forces removal of running containers (using SIGKILL)
- Delete the specified link
 - v Deletes volumes associated with containers
  • Example:
  1. Delete running containers: Even if the containers are in operation, they will be forcibly deleted
docker rm -f 11445b3a84d3

11445b3a84d3 is CONTAINER ID, queried by docker ps

  1. Batch Delete Exit Containers
docker rm -f `docker ps -aq -f status=exited`
  1. Delete all containers in batches
docker rm -f $(docker ps -a -q)


Get the container log

  • Command format
  • Common options
-- Details show additional details provided to the log
 - f trace log output
 - since string displays logs starting with timestamps (e.g. 42m for 42 minutes)
- The number of rows tail string displays at the end of the log (default is "all")
- t Display Time Stamp
 -- until string displays the log before the timestamp (e.g. 42m for 42 minutes)
  • Example:
  1. View the Nginx container access log
docker logs nginx-test-port3 #One view
docker logs -f nginx-test-port3 #Continuous view


Loading mirrors from tar archives or STDIN

  • Command format
docker load [OPTIONS]
  • Common options
- i string is read from tar archive file, not from STDIN
 - q not output
  • Example:
  1. Import mirroring
docker load -i nginx.tar.gz


List port or specific mappings for containers

  • Command format
  • Example:
  1. View ports mapped by containers
docker port nginx-test


Stop one or more running containers

  • Command format
  • Common options
- t int waits for stop for a few seconds before killing it (default is 10)
  • Example:
  1. Closing of containers
docker stop f821d0cd5a99
  1. Batch closure of running containers
docker stop $(docker ps -a -q) 


Kill one or more running containers

  • Command format
  • Common options
- Signal sent by s string to container (default is "KILL")
  • Example:
  1. Forced closure of running containers in batches
docker kill $(docker ps -a -q)


Start one or more stopped containers

  • Command format
  • Common options
- a Additional STDOUT/STDERR and Forwarding Signal
 -- detach-keys string covers the key sequence used to separate containers
 - i Will Container STDIN
  • Example:
  1. Start-up of Container
docker start f821d0cd5a99


This way the operation of entering the container is displayed synchronously and the container will be closed after exit.

  • Command format
docker attach [OPTIONS] CONTAINER
  • Common options
-- detach-keys string covers the key sequence used to separate containers
 no-stdin does not add STDIN
 sig-proxy proxy proxy proxy for all received process signals (default is true)
  • Example:
docker attach 63fbc2d5a3ec


Executing a single command and entering a container is not recommended, although exit exits out of the container are still running

  • Command format
  • Common options
- d Separation Mode: Running commands in the background
 -- detach-keys string covers the key sequence used to separate containers
 - e list sets environment variables
 - i Keep STDIN open, even if there is no connection
 privileged grants extended privileges to the command
 - t Allocates a pseudo-TTY
 - U string username or UID (format: < name | UID > [: < group | GID >])
- Work directory in W string container
  • Example:
  1. Container entry
docker exec -it centos-test /bin/bash


Returns the underlying information of the Docker object

  • Command format
docker inspect [OPTIONS] NAME|ID ...
  • Common options
- f string formats output using a given Go template
  • Example:
  1. The PID of the container is available
# docker inspect -f "{{.State.Pid}}" centos-test3


Create a new image from container changes

  • Command format
  • Common options
- a string author
 - C list applies Dockerfile instructions to the created image
 - M string submission message
 - p Suspend containers during submission (default is true)
  • Example:
  1. Submit to mirror on the host based on container ID
docker commit -a "chen" -m "nginx_yum_v1" --change="EXPOSE_80_443" f5f8c13d0f9f centos-nginx:v1
  1. Mark tag number when submitting:

Tag number, which is commonly used in production, can be used to create different versions of images and different versions of containers according to tag tag.

docker commit -m "nginx image" f5f8c13d0f9f jack/centos-nginx:v1

Tags: Docker Nginx CentOS DNS

Posted on Wed, 11 Sep 2019 03:08:53 -0700 by sprinkles