安装命令


# 公网通用
curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -

# 阿里云专用
curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/intranet | sh -

安装完成后的结束信息:

root@ubuntu:~# curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -
......
......
+ sh -c docker version
Client:
 Version:      17.04.0-ce
 API version:  1.28
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Mon Apr  3 18:07:42 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.04.0-ce
 API version:  1.28 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   4845c56
 Built:        Mon Apr  3 18:07:42 2017
 OS/Arch:      linux/amd64
 Experimental: false

If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:

  sudo usermod -aG docker your-user

Remember that you will have to log out and back in for this to take effect!

重点注意: sudo usermod -aG docker your-user

在 Ubuntu 系统中, 使用普通用户登录的情况很多, 如果普通用户需要直接有权限控制 docker 所有的操作的话, 需要将该普通用户加入到 docker 组中.

Docker 是 C/S 架构, 一般情况下, C 和 S 是在安装在一台主机上的, 本地的 C 控制本地的 S, 后期控制大规模 Docker 的时候, 需要开放Docker API 来远程控制 Docker Server 端

检查 Docker 运行状态

root@ubuntu:~# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2017-04-07 20:43:48 PDT; 9min ago
     Docs: https://docs.docker.com
 Main PID: 4082 (dockerd)
   CGroup: /system.slice/docker.service
           ├─4082 /usr/bin/dockerd -H fd://
           └─4095 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metri

Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.175051418-07:00" level=warning msg="Your k
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.175185511-07:00" level=warning msg="Your k
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.175683715-07:00" level=info msg="Loading c
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.228757745-07:00" level=info msg="Firewalld
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.327388388-07:00" level=info msg="Default b
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.383792709-07:00" level=info msg="Loading c
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.420530516-07:00" level=info msg="Daemon ha
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.420807227-07:00" level=info msg="Docker da
Apr 07 20:43:48 ubuntu systemd[1]: Started Docker Application Container Engine.
Apr 07 20:43:48 ubuntu dockerd[4082]: time="2017-04-07T20:43:48.434958396-07:00" level=info msg="API liste
lines 1-19/19 (END)

操作 Docker 进程

关闭 Docker 服务 systemctl stop docker
重启 Docker 服务 systemctl restart docker
开启 Docker 服务 systemctl start docker
开机启动 Docker systemctl enable docker

检查 Docker 服务

Docker 服务运行正常的回显

root@ubuntu:~# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 17.04.0-ce
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 0
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: 
containerd version: 422e31ce907fd9c3833a38d7b8fdd023e5a76e73
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-21-generic
Operating System: Ubuntu 16.04 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 975.1MiB
Name: ubuntu
ID: VK2Y:PFFS:OEDA:7RIL:PLF5:SA4F:RJNS:7VEF:ODLG:LX6M:OVY4:BECX
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

Docker 服务运行异常的回显(普通用户如果没有加入到 docker 组中, 执行 docker 命令也会出现以下的报错)

1 2	root@ubuntu:~# docker info Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

还有一种情况, 可能由于某些原因导致终端阻塞, 大多数情况下, 即使使用 systemctl 关闭 Docker 服务也无法正常关闭, 只能重启服务器宿主机

Docker 信息解读

root@ubuntu:~# docker info
Containers: 0   # 总容器数量
 Running: 0     # 运行中的容器数量
 Paused: 0      # 暂停的容器数量
 Stopped: 0     # 停止的容器数量
Images: 0       # 总镜像数量
Server Version: 17.04.0-ce      # Docker Server 版本
Storage Driver: aufs            # 存储引擎
 Root Dir: /var/lib/docker/aufs # 存储引擎根目录
 Backing Filesystem: extfs      # 后端文件系统类型
 Dirs: 0                        # aufs 的属性
 Dirperm1 Supported: true       # aufs 的属性
Logging Driver: json-file       # 日志引擎
Cgroup Driver: cgroupfs         # Cgroup 引擎
Plugins:        # 插件信息
 Volume: local  # 数据卷插件
 Network: bridge host macvlan null overlay # 网络插件
Swarm: inactive # swarmkit 模式状态
Runtimes: runc  # 容器执行引擎
Default Runtime: runc           # 默认容器执行引擎
Init Binary: 
containerd version: 422e31ce907fd9c3833a38d7b8fdd023e5a76e73
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:       # 安全项
 apparmor       # Linux内核中的强制访问控制系统
 seccomp        # Linux kernel(2.6.23版本之后)所支持的一种简洁的沙箱机制
  Profile: default
Kernel Version: 4.4.0-21-generic    # 宿主机内核版本
Operating System: Ubuntu 16.04 LTS  # 宿主机系统发行版
OSType: linux           # 宿主机系统类型
Architecture: x86_64    # 宿主机 CPU 架构
CPUs: 1                 # 宿主机总 CPU 容量
Total Memory: 975.1MiB  # 宿主机总内存容量
Name: ubuntu            # 宿主机系统名称
ID: VK2Y:PFFS:OEDA:7RIL:PLF5:SA4F:RJNS:7VEF:ODLG:LX6M:OVY4:BECX
Docker Root Dir: /var/lib/docker    # Docker 家目录
Debug Mode (client): false          # 客户端是否开启 debug 模式
Debug Mode (server): false          # 服务端是否开启 debug 模式
Registry: https://index.docker.io/v1/   # 默认仓库地址
Experimental: false     # 是否是体验版 Docker(edge)
Insecure Registries:    # 不安全的仓库
 127.0.0.0/8
Live Restore Enabled: false  # 在线恢复/热恢复

WARNING: No swap limit support  # cgroups中的swap account没有开启

注意: 生产环境中, 依据自己的需要, 可以适当调整swap limit support的支持情况.

宁宕勿慢, 宁慢勿宕, 两个考量系统健壮性的思路, 没有最好的方案, 各有利弊, 需要综合自己的实际情况考量

Edit the /etc/default/grub file.
Set the GRUB_CMDLINE_LINUX value as follows:

GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
Save and close the file.

Update GRUB.

$ sudo update-grub
Reboot your system.

运行 hello word容器

添加代理仓库-daocloud

root@ubuntu:~# curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://172d594a.m.daocloud.io
docker version >= 1.12
{"registry-mirrors": ["http://172d594a.m.daocloud.io"]}
Success.
You need to restart docker to take effect: sudo systemctl restart docker.service
root@ubuntu:~# systemctl restart docker

查看代理信息

root@ubuntu:~# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 17.04.0-ce
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 0
 Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins: 
 Volume: local
 Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: 
containerd version: 422e31ce907fd9c3833a38d7b8fdd023e5a76e73
runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.4.0-21-generic
Operating System: Ubuntu 16.04 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 975.1MiB
Name: ubuntu
ID: VK2Y:PFFS:OEDA:7RIL:PLF5:SA4F:RJNS:7VEF:ODLG:LX6M:OVY4:BECX
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
 127.0.0.0/8
Registry Mirrors:       # 镜像代理
 http://172d594a.m.daocloud.io/
Live Restore Enabled: false

运行 hello-world 容器

root@ubuntu:~# docker run hello-world
Unable to find image 'hello-world:latest' locally   # 在本地没有找到该镜像
latest: Pulling from library/hello-world        # 在远程仓库中查找镜像
78445dd45222: Pull complete         # 拉取镜像
Digest: sha256:c5515758d4c5e1e838e9cd307f6c6a0d620b5e07e6f927b07d05f6d12a1ac8d7
Status: Downloaded newer image for hello-world:latest # 镜像拉取完毕
#  ------以下内容是运行容器时打印到屏幕的内容------
Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

查看容器状态

查看运行状态的容器


root@ubuntu:~# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
root@ubuntu:~#

查看所有状态的容器

root@ubuntu:~# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
9c6fd12bef22        hello-world         "/hello"            4 minutes ago       Exited (0) 4 minutes ago                       wizardly_mccarthy
root@ubuntu:~#

更改容器名称

root@ubuntu:~# docker run --name "sayHi" hello-world
root@ubuntu:~# docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
a74123af6f47        hello-world         "/hello"            5 seconds ago       Exited (0) 4 seconds ago                       sayHi
9c6fd12bef22        hello-world         "/hello"            7 minutes ago       Exited (0) 7 minutes ago                       wizardly_mccarthy

Polar Snow Documentation

快速安装Docker