docker [OPTIONS] command
Usage: docker [OPTIONS] COMMAND [arg...]
docker daemon [ --help | ... ]
docker [ -h | --help | -v | --version ]
A self-sufficient runtime for containers.
Options:
--config=~/.docker Location of client config files
-D,--debug=false Enable debug mode
-H,--host=[] Daemonsocket(s) to connect to
-h,--help=false Print usage
-l,--log-level=info Set the logginglevel
--tls=false Use TLS; implied by--tlsverify
--tlscacert=~/.docker/ca.pem Trust certs signed only by this CA
--tlscert=~/.docker/cert.pem Path to TLS certificate file
--tlskey=~/.docker/key.pem Path to TLS key file
--tlsverify=false Use TLS and verify the remote
-v, --version=false Print version information and quit
network
Usage: docker network [OPTIONS] COMMAND [OPTIONS] Commands: create Create a network connect Connect container to a network disconnect Disconnect container from a network inspect Display detailed network information ls List all networks rm Remove a network |
创建网络
Usage: docker network create [OPTIONS] NETWORK-NAME Creates a new network with a name specified by the user --aux-address=map[] auxiliary ipv4 or ipv6 addresses used by Network driver -d, --driver=bridge Driver to manage the Network --gateway=[] ipv4 or ipv6 Gateway for the master subnet --help=false Print usage --ip-range=[] allocate container ip from a sub-range --ipam-driver=default IP Address Management Driver -o, --opt=map[] set driver specific options --subnet=[] subnet in CIDR format that represents a network segment |
自定义网络,可指定网段、网关等参数。
创建一个my_network的网络,--ip-range:指定子网段,--subnet:指定一个网段
# docker network create -d bridge--ip-range=192.168.1.0/24 --subnet=192.168.1.0/24 my_network
查看网络
Usage: docker network inspect [OPTIONS] NETWORK [NETWORK...] Displays detailed information on a network |
# docker network inspect my_network
[ { "Name": "my_network", "Id": "414e1dd5d71ea709be885be5c283ed8080c8ca22e9baad0dc242865dd39164fd", "Scope": "local", "Driver": "bridge", "IPAM": { "Driver": "default", "Config": [ { "Subnet": "192.168.1.0/24", "IPRange": "192.168.1.0/24" } ] }, "Containers": {}, "Options": {} } ] |
列出网络
Usage: docker network ls [OPTIONS] Lists networks --no-trunc=false Do not truncate the output -q, --quiet=false Only display numeric IDs |
# docker network ls
NETWORK ID NAME DRIVER 90b8ebd11e4f bridge bridge 77dd4f913ba1 none null 65dfd6ebddab host host 414e1dd5d71e my_network bridge |
bridge为默认的网络,172.17.0.0/16网段
my_network 为自定义的网格
删除网络
Usage: docker network rm [OPTIONS] NETWORK Deletes a network |
# docker network rm my_network1
连接网络
Usage: docker network connect [OPTIONS] NETWORK CONTAINER Connects a container to a network |
将指定的网络连接到容器。
- 创建一个容器,不指定网络,默认会用bridge网络。
#docker run -it --name=web ubuntu:14.04/bin/bash
会看到默认有eth0:172.17.0.0/16段
[email protected]:/# ifconfig eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:02 inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:418 (418.0 B) TX bytes:508 (508.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) |
2. 将该容器连接到my_network网络
连接到的容器必须是running状态。
# docker network connect my_network web
3. 查看容器网络状态
会看到多出一个eth1:192.168.1.0/24网段
[email protected]:/# ifconfig eth0 Link encap:Ethernet HWaddr 02:42:ac:11:00:02 inet addr:172.17.0.2 Bcast:0.0.0.0 Mask:255.255.0.0 inet6 addr: fe80::42:acff:fe11:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:648 (648.0 B) TX bytes:648 (648.0 B) eth1 Link encap:Ethernet HWaddr 02:42:c0:a8:01:02 inet addr:192.168.1.2 Bcast:0.0.0.0 Mask:255.255.255.0 inet6 addr: fe80::42:c0ff:fea8:102/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:648 (648.0 B) TX bytes:648 (648.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) |
断开网络
Usage: docker network disconnect [OPTIONS] NETWORK CONTAINER Disconnects container from a network |
将容器与一个网络断开
# docker network disconnect my_network web
断开后该容器不在拥有该网络的地址。
pause
Usage: docker pause [OPTIONS] CONTAINER [CONTAINER...] Pause all processes within a container --help=false Print usage |
暂停容器内的所有进程。
此时,通过docker stats可以观察到此时的资源使用情况是固定不变的,通过docker logs -f也观察不到日志的进一步输出。
# docker pause 87cb69be18bb
容器的状态变为:Up About an hour (Paused)
docker unpause 重新启动一个容器。
port
Usage: docker port [OPTIONS] CONTAINER [PRIVATE_PORT[/PROTO]] List port mappings or a specific mapping for the CONTAINER |
输出容器端口与宿主机端口的映射情况
# docker port blog
80/tcp -> 0.0.0.0:80
容器blog的内部端口80映射到宿主机的80端口,这样可通过宿主机的80端口查看容器blog提供的服务
ps
Usage: docker ps [OPTIONS] List containers -a, --all=false Show all containers (default shows just running) --before= Show only container created before Id or Name -f, --filter=[] Filter output based on conditions provided --format= Pretty-print containers using a Go template --help=false Print usage -l, --latest=false Show the latest created container, include non-running -n=-1 Show n last created containers, include non-running --no-trunc=false Don‘t truncate output -q, --quiet=false Only display numeric IDs -s, --size=false Display total file sizes --since= Show created since Id or Name, include non-running |
列出所有容器,其中docker ps用于查看正在运行的容器,ps -a则用于查看所有容器。
pull
Usage: docker pull [OPTIONS] NAME[:TAG|@DIGEST] Pull an image or a repository from a registry -a, --all-tags=false Download all tagged images in the repository --disable-content-trust=true Skip image verification --help=false Print usage |
从registry中拉取镜像。
push
Usage: docker push [OPTIONS] NAME[:TAG] Push an image or a repository to a registry --disable-content-trust=true Skip image signing --help=false Print usage |
本地的镜像上传到registry中
rename
Usage: docker rename [OPTIONS] OLD_NAME NEW_NAME Rename a container --help=false Print usage |
更改容器的名字。
将容器tender_lichterman更名为web1.
# docker rename tender_lichterman web1
restart
Usage: docker restart [OPTIONS] CONTAINER [CONTAINER...] Restart a container --help=false Print usage -t, --time=10 Seconds to wait for stop before killing the container |
重启一个容器。