133 lines
3.3 KiB
Markdown
133 lines
3.3 KiB
Markdown
# docker cmd
|
||
|
||
## bash
|
||
|
||
`docker exec -it <container> bash`
|
||
|
||
[Docker image的导入导出 - 简书](https://www.jianshu.com/p/69b6c4c556ad)
|
||
|
||
## 导出image 导出镜像
|
||
|
||
[docker load | Docker Documentation](https://docs.docker.com/engine/reference/commandline/load/)
|
||
|
||
```bash
|
||
docker save -o /home/user/images/ubuntu_14.04.tar ubuntu:14.04
|
||
```
|
||
|
||
## 导入image 导入镜像
|
||
|
||
```bash
|
||
docker load --input ubuntu_14.04.tar
|
||
```
|
||
|
||
## 导入导出压缩
|
||
|
||
```bash
|
||
docker save mp_info | gzip > /home/userapp/xiewei/mp_info/mp_info.tar.gz
|
||
|
||
|
||
# gunzip -c /home/userapp/xiewei/mp_info/mp_info.tar.gz | docker load
|
||
|
||
|
||
docker save gcr.io/cadvisor/cadvisor:latest | gzip > cadvisor.tar.gz
|
||
|
||
|
||
docker load -i cadvisor.tar.gz
|
||
|
||
|
||
|
||
# Load an image or repository from a tar archive (even if compressed with gzip, bzip2, or xz) from a file or STDIN. It restores both images and tags.
|
||
# 直接读取,不解压也可以
|
||
docker load -i /home/userapp/xiewei/mp_info/mp_info.tar.gz
|
||
```
|
||
|
||
## docker run
|
||
|
||
最后面的 `server /data` 是指定需要在容器内执行的命令。
|
||
|
||
```sh
|
||
docker run -p 9000:9000 --name myminio \
|
||
-e "MINIO_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE" \
|
||
-e "MINIO_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY" \
|
||
-v /mnt/data:/data \
|
||
-v /mnt/config:/root/.minio \
|
||
minio/minio server /data
|
||
```
|
||
|
||
```yml
|
||
version: '3'
|
||
services:
|
||
minio:
|
||
image: minio/minio:latest
|
||
container_name: myminio
|
||
ports:
|
||
- 9000:9000
|
||
volumes:
|
||
- /var/minio/data:/data
|
||
- /var/minio/config:/root/.minio
|
||
environment:
|
||
MINIO_ACCESS_KEY: "root"
|
||
MINIO_SECRET_KEY: "password"
|
||
command: server /data
|
||
restart: always
|
||
```
|
||
|
||
## docker stack
|
||
|
||
单机模式下,我们可以使用 Docker Compose 来编排多个服务,而 Docker Swarm 只能实现对单个服务的简单部署。本文的主角 Docker Stack ,通过 Docker Stack 我们只需对已有的 docker-compose.yml 配置文件稍加改造就可以完成 Docker 集群环境下的多服务编排
|
||
|
||
## docker cp
|
||
|
||
```bash
|
||
# Docker容器向宿主机传送文件
|
||
docker cp container_id:<docker容器内的路径> <本地保存文件的路径>
|
||
# ---
|
||
# 宿主机向Docker容器传送文件
|
||
docker cp 本地文件的路径 container_id:<docker容器内的路径>
|
||
```
|
||
|
||
|
||
## docker stats
|
||
资源监控
|
||
|
||
```shell
|
||
docker top xxx
|
||
docker stats
|
||
```
|
||
|
||
|
||
## docker 进入未启动的容器 `How To Run Commands In Stopped Docker Containers`
|
||
|
||
[How To Run Commands In Stopped Docker Containers · Thorsten Hans](https://www.thorsten-hans.com/how-to-run-commands-in-stopped-docker-containers/)
|
||
|
||
```bash
|
||
# Commit the stopped image
|
||
docker commit 0dfd54557799 xxx
|
||
|
||
# now we have a new image
|
||
docker images list
|
||
REPOSITORY TAG IMAGE ID CREATED SIZE
|
||
debug/ubuntu <none> cc9db32dcc2d 2 seconds ago 64.3MB
|
||
|
||
|
||
# create a new container from the "broken" image
|
||
docker run -it --rm --entrypoint sh xxxx
|
||
# inside of the container we can inspect - for example, the file system
|
||
$ ls /app
|
||
App.dll
|
||
App.pdb
|
||
App.deps.json
|
||
# CTRL+D to exit the container
|
||
|
||
# delete the container and the image
|
||
docker image rm xxx
|
||
```
|
||
|
||
>端口映射 实际上就是 SNAT+DNAT
|
||
都是NAT
|
||
SNAT(源地址转换)和DNAT(目的地址转换)
|
||
这个是 容器不能访问其他容器的情况
|
||
```bash
|
||
iptables -I INPUT -i docker0 -j ACCEPT
|
||
iptables -t nat -L -n -v
|
||
``` |