發表於 程式分享

Docker指令複習(以ubuntu為例)

發表於Grace撰寫

練習docker指令的網站 https://labs.play-with-docker.com/

1.安裝docker

su (以root user執行)
apt-get update => 若執行出現憑證問題,請改此指令試看看 sudo apt-get update –allow-unauthenticated –allow-insecure-repositories

apt-get -y install apt-transport-https ca-certificates curl gnupg lsb-release

curl -fsSL https://download.docker.com/linux/ubuntu/gpg| gpg –dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg –dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null

curl -fsSL https://download.docker.com/linux/ubuntu/gpg| gpg –dearmor -o /etc/apt/trusted.gpg.d/docker-ce-archive-keyring.gpg

echo “deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
echo “deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
=> 若上述指令執行仍有問題,建議在deb […]加上trusted=yes allow-insecure=yes allow-weak=yes allow-downgrade-to-insecure=yes check-valid-until=no試看看

apt-get update && apt-get install docker-ce docker-ce-cli containerd.io
exit

sudo usermod -aG docker $USER (非root使用者使用docker不用sudo指令)

docker –version (查看docker版本)

2.相關指令整理-image相關

  • 搜尋github上有那些images: docker search httpd (搜尋github上image為httpd者)
  • 列出本機的image檔: docker images
  • 取得image(由github拉到本機): docker pull httpd:alpine
  • 移除local image: docker rmi httpd:alpine
  • 更改image名稱: docker tag alpine:1 myrepo/alpine:3.4
  • 登入registry: docker login my.registry.com:8080
  • 將image上傳至registry: docker push myrepo/myapp:01
  • 打包多個image為tar檔: docker save -o images.tar nginx:latest gitlab:latest 或 docker save nginx:latest gitlab:latest > images.tar
  • 載入tar檔為image檔: docker load -i images.tar 或 docker image import images.tar alpine-new
  • 將container存成image檔: docker export -o images.tar gitlab(container名稱) 或 docker container export gitlab > images.tar
  • 查看image歷史記錄: docker image history alpine-c1

3.相關指令整理- container相關

  • 列出執行中的container: docker ps或docker container ls -a
  • 列出執行中+停用的container: docker ps -a
  • 執行container: docker run –rm hello-world (執行hello world container)
  • 執行container並做port mapping: docker run -d -p 8080:80 httpd1 httpd:alpine (於host server用8080連線至container內的80 port)
  • 查看container詳細內容: docker inspect nginx
  • 停止container: docker stop nginx
  • 啟動container: docker start nginx
  • 刪除一個正在執行的container: docker kill nginx
  • 刪除已停止的container: docker rm 'docker ps -a -q --filter status=exited'
  • 刪除運行中的所有container: docker rm -f 'docker ps '
  • 刪除運所有的container: docker rm -f 'docker ps -aq'
  • 進入container執行指令:

docker exec -it httpd2 bash
進入httpd2 container後執行
ps -ef
ip a
exit

4.相關指令整理- volume相關

  • mount volume

echo “Hello, I’m Grace!" > index.html
docker run -d –name httpd2 -v $PWD/index.html:/usr/local/apache2/htdocs/index.html -p 81:80 httpd:alpine

docker exec httpd2 df -h (查看volume設定)
docker ps

5.查看container logs

  • docker logs [container name]
  • docker logs -f [container name]

6.由Dockerfile建立image

1) Dockerfile內容

FROM nginx:alpine
LABEL maintainer="Docker Maintainers huang.yahui.grace@gmail.com"

ENV IMAGE_VERSION 1.0.0
ENV RELEASE 1
RUN set -x \
apk add vim
COPY index.html /usr/share/nginx/html/index.html

2) 建置image: docker build . -t myhttpd:v1

7.網路相關

  • 建立一個overlay網路及subnet: docker network create –subnet 10.1.0.0/24 –gateway 10.1.0.1 -d overlay mynet
  • 使用host網路(效能比預設的docker bridge好): docker run -d –name web1 –network host tomcat

註1: 另一種安裝指令
sudo apt-get install docker.io
service docker status
sudo usermod -aG docker gtwang
docker version

註2: 安裝docker-compose
sudo apt install docker-compose
git config –global http.sslverify “false" (遇到下載時憑證問題可使用此指令)

註3: docker-compose出現未認證的解法-匯入網站憑證檔至系統
1) 取得憑證檔
openssl s_client -showcerts -connect [registry_address]:[registry_port] < /dev/null | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > ca.crt
2) 複製憑證檔至 /usr/local/share/ca-certificates/
sudo cp ca.crt /usr/local/share/ca-certificates/
3) 執行update-ca-certificates
sudo update-ca-certificates
4) 重啟docker服務
sudo service docker restart

參考來源: https://stackoverflow.com/questions/50768317/docker-pull-certificate-signed-by-unknown-authority

未知 的大頭貼

作者:

發表留言