04 use docker container

Keywords: Linux Docker Ubuntu Python snapshot

Docker container

docker container is another core concept. Container is a running instance of image. The difference is that the image is a static read-only file, the container has a writable layer required by the runtime, and the application process in the container is running.
Virtual machine is to simulate a whole set of operating system. docker only runs one application and its running environment.

Create container

  1. New container, docker [container] create command new container is in stop state
    [root@docker01 ~]# docker create -it ubuntu:18.04
    [root@docker01 ~]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                    PORTS               NAMES
    550c14d7db29        ubuntu:18.04        "/bin/bash"         34 seconds ago      Created                                       kind_rosalind
  2. Start the container. The docker [container] start command starts a container that has been created
    [root@docker01 ~]# docker start 55
    [root@docker01 ~]# docker ps
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
    550c14d7db29        ubuntu:18.04        "/bin/bash"         2 minutes ago       Up 5 seconds                            kind_rosalind
  3. Create and start a container. In addition to creating a container and starting it with the start command, you can also create and start it directly. docker [container] run
    [root@docker01 ~]# docker run ubuntu:18.04 /bin/echo 'hello'

    When / bin/echo 'hello' is executed, the container will automatically terminate.
    When using docker run to create a startup container, it includes:
    1. Check whether there is a specified image in the local area. If there is no image in the public warehouse;
    2. Create an easy to use image and start;
    3. Allocate a file system to the container, and attach a read-write layer to the read-only image;
    4. Bridge a virtual machine port to the container from the bridge interface of the host;
    5. The bridge address pool assigns an ip address to the container;
    6. Execute user application;
    7. Container auto terminate
    Start a bash terminal to allow users to interact

    [root@docker01 ~]# docker run -it ubuntu:18.04 /bin/bash
    root@4d99166324fb:/# pwd
    root@4d99166324fb:/# ls
    bin   dev  home  lib64  mnt  proc  run   srv  tmp  var
    boot  etc  lib   media  opt  root  sbin  sys  usr

    -t: Assign a pseudo TTY to the docker and bind it to the container's standard input
    -i: Keep container standard input open

  4. Run in the background. More often, you need to allow the docker container to run in the form of Daemonized in the background
    [root@docker01 ~]# docker run -d ubuntu:18.04 /bin/bash -c "while true;do echo 'hello';sleep 1;done"
    [root@docker01 ~]# docker ps
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
    a5d805944192        ubuntu:18.04        "/bin/sh -c 'while t..."   4 seconds ago       Up 3 seconds                            frosty_joliot
  5. View container output, docker [container] logs
    [root@docker01 ~]# docker logs a5d805944192

    Stop container

  6. Pause container, docker [container] pause CONTAINER [CONTAINER...]
    Execute at one terminal
    [root@docker01 ~]# docker run --name test --rm -it ubuntu bash

    Another terminal execution, pause

    [root@docker01 ~]# docker pause test
    [root@docker01 ~]# docker ps
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                  PORTS               NAMES
    98eedc501dec        ubuntu              "bash"                   2 minutes ago       Up 2 minutes (Paused)                       test


    [root@docker01 ~]# docker unpause test
  7. Terminating container
    [root@docker01 ~]# docker stop test
  8. Restarting container
    [root@docker01 ~]# docker restart test

    Container entry

    If you need to enter the container for operation, it is recommended to use the official attach or exec command.
    The command format for attach is:
    docker attach [--detach-key[=[]]] [--no-stdin] [--sig-proxy[=true]] CONTAINER
    -Detach key [= []] (specifies the shortcut key to exit the attach mode, which is Ctrl + P Ctrl + Q by default;
    --No stdin = true | false ා close standard input or not. It is kept on by default;
    --SIG proxy = treu| false ා whether to proxy the received system signal to the application, which is on by default;

    [root@docker01 ~]# docker run -itd ubuntu:18.04
    [root@docker01 ~]# docker ps
    CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
    b82dba0090bc        ubuntu:18.04        "/bin/bash"         52 seconds ago      Up 50 seconds                           fervent_maxwell
    [root@docker01 ~]# docker attach fervent_maxwell

    exec is a more convenient tool after 1.3.0 docker, which can directly execute any command in the running container.
    docker exec [-d|--detach] [--detach-keys[=[]]] [-i|--interactive] [--privileged] [-t|--tty] [-u|--user[=USER]] CONAINER COMMAND [ARG...]
    -d ා executing commands in the background in the container
    --Detach keys = "" specifies the key for the container to switch back to the background
    -e ා specify environment variable list
    -i ා open standard input to accept user input command, default to false
    --privileged=treu|false ා whether to give the highest permission to execute the command, false by default
    -t ා assign pseudo terminal, default false
    -u ා user name or ID of the command executed

    [root@docker01 ~]# docker exec -it f2554976971b /bin/bash
    root@f2554976971b:/# w
    08:02:18 up 2 days, 18:58,  0 users,  load average: 0.03, 0.03, 0.05
    USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
    root@f2554976971b:/# ps -ef
    UID        PID  PPID  C STIME TTY          TIME CMD
    root         1     0  0 08:01 pts/0    00:00:00 /bin/bash
    root        10     0  0 08:02 pts/1    00:00:00 /bin/bash
    root        20    10  0 08:02 pts/1    00:00:00 ps -ef

    At this time, a new bash terminal will be opened, and the user will interact with the container without affecting other applications in the container.

    Delete container

    However, use the docker [container] RM command to delete a container in the terminated or exited state. docker [container] rm [-f|--force] [-l|--link] [-v|--volumes] CONTIAINER
    -f ා force termination and deletion of a running container
    -l ා delete the container's link, but keep the container
    -v ා delete the data volume attached to the container
    View containers in stopped state and delete

    [root@docker01 ~]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                      PORTS               NAMES
    f2554976971b        ubuntu:18.04        "/bin/bash"              46 hours ago        Up 46 hours                                     focused_joliot
    b82dba0090bc        ubuntu:18.04        "/bin/bash"              47 hours ago        Exited (0) 46 hours ago                         fervent_maxwell
    [root@docker01 ~]# docker rm b82dba0090bc

    Export container

    It is used to migrate containers from one system to another. At this time, you can use the import and export functions of docker.
    1. Export container means to export a created container to a file, regardless of whether the container is running at this time. docker [container] export [-o|--output[=""]] CONTAINER
    -o ා specify the name of the exported tar file, which can also be directly realized by retargeting

    [root@docker01 docker]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                    PORTS               NAMES
    f2554976971b        ubuntu:18.04        "/bin/bash"              47 hours ago        Up 47 hours                                   focused_joliot
    a5d805944192        ubuntu:18.04        "/bin/sh -c 'while t..."   2 days ago          Exited (137) 2 days ago                       frosty_joliot
    [root@docker01 docker]# docker export  a5d805944192 > test_ubuntu2.tar
    [root@docker01 docker]# docker export -o test_ubuntu.tar a5d805944192
    [root@docker01 docker]# ls
    test_ubuntu2.tar  test_ubuntu.tar

    Import container

    The exported file can be imported into a mirror by using the docker [container] import command. docker import [-c|--change[=[]]] [-m|--message[=MESSAGE]] file|URL| -[REPOSITORY[:TAG]]
    -c ා the Dockerfile command to modify the container is executed at the same time of re pouring

    [root@docker01 docker]# docker import test_ubuntu.tar  test111/ubuntu:v1.0
    [root@docker01 docker]# docker images
    REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
    test111/ubuntu      v1.0                6c5cd99408ca        13 seconds ago      64.2M

    Note: the difference between docker load and docker import is that the docker import discards all historical records and metadata information, and only saves the snapshot status of the container at that time. The docker load file will save the complete record, which is larger.

    View container

    1. To view container details, docker container inspect [OPTIONS] ONTAINER

    [root@docker01 docker]# docker ps -a
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                    PORTS               NAMES
    f2554976971b        ubuntu:18.04        "/bin/bash"              47 hours ago        Up 47 hours                                   focused_joliot
    [root@docker01 docker]# docker container inspect frosty_joliot
        "Id": "a5d8059441922d3157d2af1d0ab0a724acf13fbe8bb60ddb92fa2536620c2f84",
        "Created": "2020-03-05T05:50:37.692124654Z",
        "Path": "/bin/sh",
        "Args": [
            "while true;do echo hello;sleep 1;done"
        "State": {
            "Status": "exited",

    Viewing the specific information of a container will return various information including ID, creation time, path, status, image, configuration, etc. in json format.
    2. Check the process in the container, docker [container] top [OPTIONS] CONTAINER, similar to the top command of linux, including PID, user, time, command, etc. Must be a running container to view

    [root@docker01 docker]# docker top focused_joliot
    UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
    root                12365               12348               0                   Mar05               pts/0               00:00:00            /bin/bash
    root                12431               12348               0                   Mar05               pts/1               00:00:00            /bin/bash

    3. To view statistics, docker [container] status [OPTIONS] [CONTAINER] displays statistics of CPU, memory, storage, network and other usage.
    -a. -- all ා output all container statistics, only in operation by default
    -format string ා format output information
    -No stream does not output continuously, and the continuous real-time results will be updated automatically by default
    -No TRUNC - no truncation of output information

[root@docker01 docker]# docker stats focused_joliot

CONTAINER ID        NAME                CPU %               MEM USAGE / LIMIT   MEM %               NET I/O             BLOCK I/O           PIDS
f2554976971b        focused_joliot      0.00%               824KiB / 15.51GiB   0.01%               648B / 0B           0B / 0B             2

Other container commands

1. Copy file
container cp supports copying files between container and host. Docker [container] CP [options] container: SRC ﹣ path dest ﹣ path|-
-a. - Archive ා packaging mode, the copied file will have the original UID/GID information
-50. - follow link ා follow the soft link. When the original path is a soft link, only the link information is copied by default. Using this option, the target content of the link will be copied.
Copy the native directory oglab/python to the container's / tmp path

[root@docker01 oglab]# docker cp Python-3.8.2 focused_joliot:/tmp

2. View changes

[root@docker01 oglab]# docker container diff focused_joliot
A /tmp/Python-3.8.2/Lib/test/test_asyncio/test_streams.py
A /tmp/Python-3.8.2/Lib/test/test_asyncio/test_transports.py
A /tmp/Python-3.8.2/Lib/test/test_asyncio/__init__.py
A /tmp/Python-3.8.2/Lib/test/test_asyncio/echo.py
A /tmp/Python-3.8.2/Lib/test/test_asyncio/test_queues.py
A /tmp/Python-3.8.2/Lib/test/test_distutils.py
A /tmp/Python-3.8.2/Lib/test/test_posixpath.py
A /tmp/Python-3.8.2/Lib/test/test_subclassinit.py
A /tmp/Python-3.8.2/Lib/test/xmltestdata

3. To view the port mapping, the container port command can view the port mapping of the container. docker container port CONTAINER [PRIVATE_PORT[/PROTO]]

[root@docker01 oglab]# docker container port focused_joliot

4. Update configuration. The container update command can update some runtime configurations of the container, mainly some resource limit shares. docker [container] update [OPTIONS] CONTAINER
Limit total quota to 1 second, container time to 10%, unit delicate

[root@docker01 oglab]# docker update --cpu-quota 1000000 f2554976971b
[root@docker01 oglab]# docker update --cpu-period 1000000 f2554976971b

Posted by plutoplanet on Sat, 07 Mar 2020 00:32:51 -0800