Docker --help
Docket основные команды
https://habr.com/ru/company/flant/blog/336654/
https://github.com/wsargent/docker-cheat-sheet <--------------------
https://docs.docker.com/config/containers/start-containers-automatically/ <-------Docker автозагрузка
Реестры и репозитории Docker
Вход в реестр:
docker login
docker login localhost:8080
Выход из реестра:
docker logout
docker logout localhost:8080
Образы
Поиск образа:
docker search debian
Pull (выгрузка из реестра) образа:
docker pull nginx
docker pull eon01/nginx localhost:5000/myadmin/nginx
Создание
Создание контейнера:
docker create -t -i eon01/infinite --name infinite
Запуск контейнера:
docker run -it --name infinite -d eon01/infinit
Переименование контейнера:
docker rename infinite infinity
Удаление контейнера:
docker rm infinite
Обновление контейнера:
docker update --cpu-shares 512 -m 300M infinite
Запуск и остановка контейнеров
Запуск остановленного контейнера:
docker start nginx
Остановка:
docker stop nginx
Перезагрузка:
docker restart nginx
Пауза (приостановка всех процессов контейнера):
docker pause nginx
Снятие паузы:
docker unpause nginx
Блокировка (до остановки контейнера):
docker wait nginx
Отправка SIGKILL (завершающего сигнала):
docker kill nginx
Отправка другого сигнала:
docker kill -s HUP nginx
Подключение к существующему контейнеру:
docker attach nginx
Работающие контейнеры:
docker ps
docker container ls
docker ps -a <---- все контейнеры
Логи контейнера:
docker logs infinite
Информация о контейнере:
docker inspect infinite
docker inspect --format '{{ .NetworkSettings.IPAddress }}' $(docker ps -q)
События контейнера:
docker events infinite
Публичные порты:
docker port infinite
Выполняющиеся процессы:
docker top infinite
Использование ресурсов:
docker stats infinite
Изменения в файлах или директориях файловой системы контейнера:
docker diff infinite
Сеть
https://docs.dкocker.com/config/containers/container-networking/ <----------------
https://www.tune-it.ru/web/adpashnin/blog/-/blogs/docker-network
https://linux-notes.org/rabota-s-setju-networking-v-docker/
https:/docker-engine/learn-by-example/network-containers/ <-----------------
https://docs.docker.com/network/network-tutorial-standalone/ <----------------
Сеть bridge - сеть по умолчанию. Docker всегда запускает все новые контейнеры в этой сети. Например:
docker run -itd --name=Debian1 debian <----- Создать контеинер с именем "Debian1" в сети "bridge"
docker inspect Debian1 | grep "IPAddress"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3", "IPAddress": "172.17.0.3",
docker network ls <------- список сетей
docker network inspect bridge (host..) <----------- конфигурация сети
Вверху отображается информация о сети, включая IP-адрес шлюза между хостом Docker и bridge(в случае bridge) сетью ( 172.17.0.1).
Под Containers ключом перечислен каждый подключенный контейнер, а также информация о его IP-адресе.
PS: Отсоединять-присоединять контейнеры в сеть удобно в "Portainer", как и создать сеть:
Network--> Add network
Containers--> Connected network--> Join a netwok/Leave network
Создать сеть;
docker network create [options] NETWORK
--subnet - позволяет задать необходимую нам подсеть.
--ip-range - позволяет задать диапазон динамических адресов, выдаваемых контейнерам при подключении
В итоге создание сети с маской 172.10.0.0/16 и диапазоном динамических адресов 172.10.240.0/20 :
docker network create --subnet 172.10.0.0/16 --ip-range 172.10.240.0/20 my-net
Добавить контейнер в сеть;
docker network connect --alias host1 --ip 172.10.241.2 my-net container1
Команда добавит контейнер с именем container1 в сеть my-net и присвоит ему адрес 172.10.241.2
docker inspect Debian1 | grep "IPAddress"
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.3",
"IPAddress": "172.17.0.3",
$ docker search <..что?>
Образы можно закачивать через "Portainer", предварительно выяснив имя образа и если надо авторизацию на "Docker Hab":
Или локально:
$ docker search ubuntu
$ docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
Digest: sha256:703218c0465075f4425e58fac086e09e1de5c340b12976ab9eb8ad26615c3715
Status: Image is up to date for ubuntu:latest
docker.io/library/ubuntu:latest
docker run
$ docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host value Add a custom host-to-IP mapping (host:ip) (default [])
-a, --attach value Attach to STDIN, STDOUT or STDERR (default [])
Подключает определяемый поток (STDOUT и т.п.) к вашему терминалу. Если не определен, подключаются и stdout, и stderr. В случае когда параметр не задан и контейнер запускается в интерактивном режиме (-i), также подключается stdin. Несовместим с -d.
--blkio-weight value Block IO (relative weight), between 10 and 1000
--blkio-weight-device value Block IO weight (relative device weight) (default [])
--cap-add value Add Linux capabilities (default [])
--cap-drop value Drop Linux capabilities (default [])
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-percent int CPU percent (Windows only)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
Выполняет контейнер в "отключённом режиме". Команда будет выполнять контейнер в фоновом режиме и вернёт идентификатор контейнера.
--detach-keys string Override the key sequence for detaching a container
--device value Add a host device to the container (default [])
--device-read-bps value Limit read rate (bytes per second) from a device (default [])
--device-read-iops value Limit read rate (IO per second) from a device (default [])
--device-write-bps value Limit write rate (bytes per second) to a device (default [])
--device-write-iops value Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns value Set custom DNS servers (default [])
--dns-opt value Set DNS options (default [])
--dns-search value Set custom DNS search domains (default [])
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env value Set environment variables (default [])
--env-file value Read in a file of environment variables (default [])
--expose value Expose a port or a range of ports (default [])
--group-add value Add additional groups to join (default [])
--health-cmd string Command to run to check health
--health-interval duration Time between running the check
--health-retries int Consecutive failures needed to report unhealthy
--health-timeout duration Maximum time to allow one check to run
--help Print usage
-h, --hostname string Container host name
-i, --interactive Keep STDIN open even if not attached
Оставляет открытым stdin (даже когда он не подключен). Обычно используется совместно с -t для запуска интерактивного сеанса контейнера.
--io-maxbandwidth string Maximum IO bandwidth limit for the system drive (Windows only)
--io-maxiops uint Maximum IOps limit for the system drive (Windows only)
--ip string Container IPv4 address (e.g. 172.30.100.104)
--ip6 string Container IPv6 address (e.g. 2001:db8::33)
--ipc string IPC namespace to use
--isolation string Container isolation technology
--kernel-memory string Kernel memory limit
-l, --label value Set meta data on a container (default [])
--label-file value Read in a line delimited file of labels (default [])
--link value Add link to another container (default [])
--link-local-ip value Container IPv4/IPv6 link-local addresses (default [])
--log-driver string Logging driver for the container
--log-opt value Log driver options (default [])
--mac-address string Container MAC address (e.g. 92:d0:c6:0a:29:33)
-m, --memory string Memory limit
--memory-reservation string Memory soft limit
--memory-swap string Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--name string Assign a name to the container
--network string Connect a container to a network (default "default")
--network-alias value Add network-scoped alias for the container (default [])
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish value Publish a container's port(s) to the host (default [])
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt value Security Options (default [])
--shm-size string Size of /dev/shm, default value is 64MB
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container, SIGTERM by default (default "SIGTERM")
--storage-opt value Storage driver options for the container (default [])
--sysctl value Sysctl options (default map[])
--tmpfs value Mount a tmpfs directory (default [])
-t, --tty Allocate a pseudo-TTY
--ulimit value Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume value Bind mount a volume (default [])
--volume-driver string Optional volume driver for the container
--volumes-from value Mount volumes from the specified container(s) (default [])
-w, --workdir string Working directory inside the container
$
docker create
$ docker create --help
Usage: docker create [OPTIONS] IMAGE [COMMAND] [ARG...]
Create a new container
Options:
--add-host value Add a custom host-to-IP mapping (host:ip) (default [])
-a, --attach value Attach to STDIN, STDOUT or STDERR (default [])
--blkio-weight value Block IO (relative weight), between 10 and 1000
--blkio-weight-device value Block IO weight (relative device weight) (default [])
--cap-add value Add Linux capabilities (default [])
--cap-drop value Drop Linux capabilities (default [])
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-percent int CPU percent (Windows only)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
-c, --cpu-shares int CPU shares (relative weight)
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--device value Add a host device to the container (default [])
--device-read-bps value Limit read rate (bytes per second) from a device (default [])
--device-read-iops value Limit read rate (IO per second) from a device (default [])
--device-write-bps value Limit write rate (bytes per second) to a device (default [])
--device-write-iops value Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns value Set custom DNS servers (default [])
--dns-opt value Set DNS options (default [])
--dns-search value Set custom DNS search domains (default [])
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env value Set environment variables (default [])
--env-file value Read in a file of environment variables (default [])
--expose value Expose a port or a range of ports (default [])
--group-add value Add additional groups to join (default [])
--health-cmd string Command to run to check health
--health-interval duration Time between running the check
--health-retries int Consecutive failures needed to report unhealthy
--health-timeout duration Maximum time to allow one check to run
--help Print usage
-h, --hostname string Container host name
-i, --interactive Keep STDIN open even if not attached
--io-maxbandwidth string Maximum IO bandwidth limit for the system drive (Windows only)
--io-maxiops uint Maximum IOps limit for the system drive (Windows only)
--ip string Container IPv4 address (e.g. 172.30.100.104)
--ip6 string Container IPv6 address (e.g. 2001:db8::33)
--ipc string IPC namespace to use
--isolation string Container isolation technology
--kernel-memory string Kernel memory limit
-l, --label value Set meta data on a container (default [])
--label-file value Read in a line delimited file of labels (default [])
--link value Add link to another container (default [])
--link-local-ip value Container IPv4/IPv6 link-local addresses (default [])
--log-driver string Logging driver for the container
--log-opt value Log driver options (default [])
--mac-address string Container MAC address (e.g. 92:d0:c6:0a:29:33)
-m, --memory string Memory limit
--memory-reservation string Memory soft limit
--memory-swap string Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--name string Assign a name to the container
--network string Connect a container to a network (default "default")
--network-alias value Add network-scoped alias for the container (default [])
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish value Publish a container's port(s) to the host (default [])
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--runtime string Runtime to use for this container
--security-opt value Security Options (default [])
--shm-size string Size of /dev/shm, default value is 64MB
--stop-signal string Signal to stop a container, SIGTERM by default (default "SIGTERM")
--storage-opt value Storage driver options for the container (default [])
--sysctl value Sysctl options (default map[])
--tmpfs value Mount a tmpfs directory (default [])
-t, --tty Allocate a pseudo-TTY
--ulimit value Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume value Bind mount a volume (default [])
--volume-driver string Optional volume driver for the container
--volumes-from value Mount volumes from the specified container(s) (default [])
-w, --workdir string Working directory inside the container
$
docker ps
$ docker ps --help
Usage: docker ps [OPTIONS]
List containers
Options:
-a, --all Show all containers (default shows just running)
-f, --filter value Filter output based on conditions provided (default [])
--format string Pretty-print containers using a Go template
--help Print usage
-n, --last int Show n last created containers (includes all states) (default -1)
-l, --latest Show the latest created container (includes all states)
--no-trunc Don't truncate output
-q, --quiet Only display numeric IDs
-s, --size Display total file sizes
$
docker attach
$ docker attach --help
Usage: docker attach [OPTIONS] CONTAINER
Attach to a running container
Options:
--detach-keys string Override the key sequence for detaching a container
--help Print usage
--no-stdin Do not attach STDIN
--sig-proxy Proxy all received signals to the process (default true)
$
docker exec
$ docker exec --help
Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...]
Run a command in a running container
-d, --detach Detached mode: run command in the background
--detach-keys Override the key sequence for detaching a container
--help Print usage
-i, --interactive Keep STDIN open even if not attached
--privileged Give extended privileges to the command
-t, --tty Allocate a pseudo-TTY
-u, --user Username or UID (format: <name|uid>[:<group|gid>])
$
x11vnc/desktop:latest
С sshd в автозагрузке !!!!!
https://losst.ru/nastrojka-x11vnc-na-ubuntu
https://forum.ubuntu.ru/index.php?topic=246946.0
$ x11vnc
$ vncviewer 172.17.0.3:5900