- 启动容器
[email protected] ~ $ docker run
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
-a, --attach=[] Attach to STDIN, STDOUT or STDERR.
-c, --cpu-shares=0 CPU shares (relative weight)
--cap-add=[] Add Linux capabilities
--cap-drop=[] Drop Linux capabilities
--cidfile="" Write the container ID to the file
--cpuset="" CPUs in which to allow execution (0-3, 0,1)
-d, --detach=false Detached mode: run container in the background and print new container ID
--device=[] Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc)
--dns=[] Set custom DNS servers
--dns-search=[] Set custom DNS search domains
-e, --env=[] Set environment variables
--entrypoint="" Overwrite the default ENTRYPOINT of the image
--env-file=[] Read in a line delimited file of environment variables
--expose=[] Expose a port from the container without publishing it to your host
-h, --hostname="" Container host name
-i, --interactive=false Keep STDIN open even if not attached
--link=[] Add link to another container in the form of name:alias
--lxc-conf=[] (lxc exec-driver only) Add custom lxc options --lxc-conf="lxc.cgroup.cpuset.cpus = 0,1"
-m, --memory="" Memory limit (format: <number><optional unit>, where unit = b, k, m or g)
--name="" Assign a name to the container
--net="bridge" Set the Network mode for the container
‘bridge‘: creates a new network stack for the container on the docker bridge
‘none‘: no networking for this container
‘container:<name|id>‘: reuses another container network stack
‘host‘: use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.
-P, --publish-all=false Publish all exposed ports to the host interfaces
-p, --publish=[] Publish a container‘s port to the host
format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort
(use ‘docker port‘ to see the actual mapping)
--privileged=false Give extended privileges to this container
--restart="" Restart policy to apply when a container exits (no, on-failure, always)
--rm=false Automatically remove the container when it exits (incompatible with -d)
--sig-proxy=true Proxy received signals to the process (even in non-TTY mode). SIGCHLD, SIGSTOP, and SIGKILL are not proxied.
-t, --tty=false Allocate a pseudo-TTY
-u, --user="" Username or UID
-v, --volume=[] Bind mount a volume (e.g., from the host: -v /host:/container, from Docker: -v /container)
--volumes-from=[] Mount volumes from the specified container(s)
-w, --workdir="" Working directory inside the container
- 进入容器
当容器以后台模式运行时,经常还需要再次返回到虚拟机中,返回虚拟机主要包括下面三种方式
- attach
- exec
- nsenter
- 停止容器
[email protected] ~ $ docker stop
Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...]
Stop a running container by sending SIGTERM and then SIGKILL after a grace period
-t, --time=10 Number of seconds to wait for the container to stop before killing it.
Default is 10 seconds.
还可以设定在强制杀死容器进程之前等待多少秒来等待容器停止,一般使用默认值即可
也可以使用容器的名称来停止,停止多个容器在每个容器之间加空格即可
- 删除容器
[email protected] ~ $ docker rm
Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...]
Remove one or more containers
-f, --force=false Force the removal of a running container (uses SIGKILL)
#使用 SIGKILL 强制删除一个正在运行的容器
-l, --link=false Remove the specified link and not the underlying container
#删除容器的连接,而非容器
-v, --volumes=false Remove the volumes associated with the container
#删除容器相关的数据卷
- 导出容器
[email protected] ~ $ docker export
Usage: docker export CONTAINER
Export the contents of a filesystem as a tar archive to STDOUT
例子:
[email protected] ~ $ docker export 588 >>base/163.tar