Docker: Difference between revisions
(→image) |
|||
(17 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
Docker 에는 크게 두가지 버전이 있다. CE(Community Edition) 과 EE(Enterprise Edition)이다. CE 는 개인/개발용 무료버전, EE 는 기업/상품용 유료 제품이다. | Docker 에는 크게 두가지 버전이 있다. CE(Community Edition) 과 EE(Enterprise Edition)이다. CE 는 개인/개발용 무료버전, EE 는 기업/상품용 유료 제품이다. | ||
== Installation == | === Installation === | ||
* https://docs.docker.com/engine/installation/ | * https://docs.docker.com/engine/installation/ | ||
=== Dockerfile === | |||
docker 이미지를 생성하는 파일. | |||
== Commands == | == Commands == | ||
Line 26: | Line 29: | ||
</pre> | </pre> | ||
Ctrl+P, Ctrl+Q 를 차례대로 입력하면 컨테이너를 정지하지 않고, 빠져나올 수 있다. | Ctrl+P, Ctrl+Q 를 차례대로 입력하면 컨테이너를 정지하지 않고, 빠져나올 수 있다. | ||
=== build === | |||
Dockerfile 을 이용해서 docker 이미지를 생성한다. | |||
<pre> | |||
$ docker build --help | |||
Usage: docker build [OPTIONS] PATH | URL | - | |||
Build an image from a Dockerfile | |||
Options: | |||
--add-host list Add a custom host-to-IP mapping (host:ip) | |||
--build-arg list Set build-time variables | |||
--cache-from stringSlice Images to consider as cache sources | |||
--cgroup-parent string Optional parent cgroup for the container | |||
--compress Compress the build context using gzip | |||
--cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period | |||
--cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota | |||
-c, --cpu-shares int CPU shares (relative weight) | |||
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) | |||
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1) | |||
--disable-content-trust Skip image verification (default true) | |||
-f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile') | |||
--force-rm Always remove intermediate containers | |||
--help Print usage | |||
--iidfile string Write the image ID to the file | |||
--isolation string Container isolation technology | |||
--label list Set metadata for an image | |||
-m, --memory bytes Memory limit | |||
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap | |||
--network string Set the networking mode for the RUN instructions during build (default "default") | |||
--no-cache Do not use cache when building the image | |||
--pull Always attempt to pull a newer version of the image | |||
-q, --quiet Suppress the build output and print image ID on success | |||
--rm Remove intermediate containers after a successful build (default true) | |||
--security-opt stringSlice Security options | |||
--shm-size bytes Size of /dev/shm | |||
-t, --tag list Name and optionally a tag in the 'name:tag' format | |||
--target string Set the target build stage to build. | |||
--ulimit ulimit Ulimit options (default []) | |||
</pre> | |||
==== Example ==== | |||
<pre> | |||
$ docker build -t asterisk-15 . | |||
Sending build context to Docker daemon 2.56kB | |||
Step 1/7 : FROM debian:8 | |||
8: Pulling from library/debian | |||
85b1f47fba49: Already exists | |||
Digest: sha256:287a20c5f73087ab406e6b364833e3fb7b3ae63ca0eb3486555dc27ed32c6e60 | |||
... | |||
</pre> | |||
=== commit === | |||
새로운 컨테이너 이미지를 생성한다. | |||
<pre> | |||
$ docker commit --help | |||
Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] | |||
Create a new image from a container's changes | |||
Options: | |||
-a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>") | |||
-c, --change list Apply Dockerfile instruction to the created image | |||
--help Print usage | |||
-m, --message string Commit message | |||
-p, --pause Pause container during commit (default true) | |||
</pre> | |||
==== Example ==== | |||
<pre> | |||
$ docker commit asterisk01 pchero/asterisk-14.0.2 | |||
sha256:613a9a3c8ae0cea34dd55c0cb1a5c5de9390673dad6f6958ab9543fba906cffd | |||
$ docker images | |||
REPOSITORY TAG IMAGE ID CREATED SIZE | |||
pchero/asterisk-14.0.2 latest 613a9a3c8ae0 6 seconds ago 903MB | |||
... | |||
</pre> | |||
=== exec === | === exec === | ||
Line 47: | Line 131: | ||
</pre> | </pre> | ||
컨테이너 이름 대신 컨테이너 ID 를 사용해도 된다. 하지만 컨테이너가 running 상태인 경우에만 사용할 수 있으며, stop 상태에서는 사용할 수 없다. | 컨테이너 이름 대신 컨테이너 ID 를 사용해도 된다. 하지만 컨테이너가 running 상태인 경우에만 사용할 수 있으며, stop 상태에서는 사용할 수 없다. | ||
이미 실행된 컨테이너에 apt-get, apt, yum 명령으로 패키지를 설치하거나 각종 데몬의 실행/재실행 할 때 유용하다. | |||
==== Example ==== | |||
<pre> | |||
$ docker exec hello echo "Hello world!" | |||
Hello world! | |||
$ docker exec -it asterisk01 asterisk01 -rvvvvv | |||
Asterisk 14.0.2, Copyright (C) 1999 - 2016, Digium, Inc. and others. | |||
... | |||
</pre> | |||
=== help === | === help === | ||
Line 154: | Line 250: | ||
Run 'docker image COMMAND --help' for more information on a command. | Run 'docker image COMMAND --help' for more information on a command. | ||
</pre> | |||
=== logs === | |||
지정한 컨테이너의 로그를 표시한다. | |||
<pre> | |||
$ docker help logs | |||
Usage: docker logs [OPTIONS] CONTAINER | |||
Fetch the logs of a container | |||
Options: | |||
--details Show extra details provided to logs | |||
-f, --follow Follow log output | |||
--help Print usage | |||
--since string Show logs since timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes) | |||
--tail string Number of lines to show from the end of the logs (default "all") | |||
-t, --timestamps Show timestamps | |||
</pre> | </pre> | ||
Line 176: | Line 290: | ||
-q, --quiet Only display numeric IDs | -q, --quiet Only display numeric IDs | ||
-s, --size Display total file sizes | -s, --size Display total file sizes | ||
</pre> | |||
=== push === | |||
지정한 image/repository 를 https://hub.docker.com/ 로 업로드 한다. | |||
<pre> | |||
$ docker push --help | |||
Usage: docker push [OPTIONS] NAME[:TAG] | |||
Push an image or a repository to a registry | |||
Options: | |||
--disable-content-trust Skip image signing (default true) | |||
--help Print usage | |||
</pre> | |||
==== Example ==== | |||
<pre> | |||
$ docker push pchero/asterisk-14.0.2:latest | |||
The push refers to a repository [docker.io/pchero/asterisk-14.0.2] | |||
1de9415971f6: Pushed | |||
c9f9bbc27788: Mounted from respoke/asterisk | |||
42266a27feba: Mounted from respoke/asterisk | |||
df5871f53cf3: Mounted from respoke/asterisk | |||
ed149fd3ab95: Mounted from respoke/asterisk | |||
bbc5aea4a29f: Mounted from respoke/asterisk | |||
c01c63c6823d: Mounted from respoke/asterisk | |||
latest: digest: sha256:08898d7f00889c79f467c5a15f888f304a93586e531d233781ac046dd4479582 size: 1790 | |||
</pre> | |||
=== rm === | |||
하나 혹은 그 이상의 컨테이너를 삭제한다. | |||
<pre> | |||
$ docker rm --help | |||
Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...] | |||
Remove one or more containers | |||
Options: | |||
-f, --force Force the removal of a running container (uses SIGKILL) | |||
--help Print usage | |||
-l, --link Remove the specified link | |||
-v, --volumes Remove the volumes associated with the container | |||
</pre> | |||
컨테이너 이름 대신 컨테이너 ID 를 사용해도 된다. | |||
==== Example ==== | |||
<pre> | |||
$ docker rm hello | |||
</pre> | |||
=== rmi === | |||
하나 혹은 그 이상의 이미지를 삭제한다. | |||
<pre> | |||
$ docker rmi --help | |||
Usage: docker rmi [OPTIONS] IMAGE [IMAGE...] | |||
Remove one or more images | |||
Options: | |||
-f, --force Force removal of the image | |||
--help Print usage | |||
--no-prune Do not delete untagged parents | |||
</pre> | |||
이미지 이름 대신 이미지 ID 를 사용해도 된다. | |||
별도의 태그 이름을 지정하지 않으면, 지정된 이름을 가진 모든 이미지가 삭제된다. | |||
==== Example ==== | |||
<pre> | |||
$ docker rmi ubuntu:latest | |||
Untagged: ubuntu:latest | |||
Untagged: ubuntu@sha256:506e2d5852de1d7c90d538c5332bd3cc33b9cbd26f6ca653875899c505c82687 | |||
Deleted: sha256:747cb2d60bbecbda48aff14a8be5c8b913ca69318a6067e57c697f8a78dda06e | |||
Deleted: sha256:ec1fd849ff0a8f0aa2fd1acc29ad5dabbc79b89f63b74a4f54e31a7b0a100aa1 | |||
Deleted: sha256:e3f6dffa20cf36460d23bfb22e17be6e5339891f8537f32db79887caf832048b | |||
Deleted: sha256:c213ffdc9f7032702de5a8e9045fcce2353b7221ef6bf4509e02005cfc858f58 | |||
Deleted: sha256:3fddf55a451aa43707518f2d8788c12ee5eb1f1e3075433f5bcf4d445d5c275d | |||
Deleted: sha256:0f5ff0cf6a1c53f94b15f03536c490040f233bc455f1232f54cc8eb344a3a368 | |||
</pre> | |||
=== run === | |||
지정된 docker container 를 동작시킨다. | |||
<pre> | |||
$ docker run --help | |||
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] | |||
Run a command in a new container | |||
Options: | |||
--add-host list Add a custom host-to-IP mapping (host:ip) | |||
-a, --attach list Attach to STDIN, STDOUT or STDERR | |||
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) | |||
--blkio-weight-device list Block IO weight (relative device weight) (default []) | |||
--cap-add list Add Linux capabilities | |||
--cap-drop list Drop Linux capabilities | |||
--cgroup-parent string Optional parent cgroup for the container | |||
--cidfile string Write the container ID to the file | |||
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period | |||
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota | |||
--cpu-rt-period int Limit CPU real-time period in microseconds | |||
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds | |||
-c, --cpu-shares int CPU shares (relative weight) | |||
--cpus decimal Number of CPUs | |||
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) | |||
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1) | |||
-d, --detach Run container in background and print container ID | |||
--detach-keys string Override the key sequence for detaching a container | |||
--device list Add a host device to the container | |||
--device-cgroup-rule list Add a rule to the cgroup allowed devices list | |||
--device-read-bps list Limit read rate (bytes per second) from a device (default []) | |||
--device-read-iops list Limit read rate (IO per second) from a device (default []) | |||
--device-write-bps list Limit write rate (bytes per second) to a device (default []) | |||
--device-write-iops list Limit write rate (IO per second) to a device (default []) | |||
--disable-content-trust Skip image verification (default true) | |||
--dns list Set custom DNS servers | |||
--dns-option list Set DNS options | |||
--dns-search list Set custom DNS search domains | |||
--entrypoint string Overwrite the default ENTRYPOINT of the image | |||
-e, --env list Set environment variables | |||
--env-file list Read in a file of environment variables | |||
--expose list Expose a port or a range of ports | |||
--group-add list Add additional groups to join | |||
--health-cmd string Command to run to check health | |||
--health-interval duration Time between running the check (ms|s|m|h) (default 0s) | |||
--health-retries int Consecutive failures needed to report unhealthy | |||
--health-start-period duration Start period for the container to initialize before starting health-retries countdown | |||
(ms|s|m|h) (default 0s) | |||
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) | |||
--help Print usage | |||
-h, --hostname string Container host name | |||
--init Run an init inside the container that forwards signals and reaps processes | |||
-i, --interactive Keep STDIN open even if not attached | |||
--ip string IPv4 address (e.g., 172.30.100.104) | |||
--ip6 string IPv6 address (e.g., 2001:db8::33) | |||
--ipc string IPC mode to use | |||
--isolation string Container isolation technology | |||
--kernel-memory bytes Kernel memory limit | |||
-l, --label list Set meta data on a container | |||
--label-file list Read in a line delimited file of labels | |||
--link list Add link to another container | |||
--link-local-ip list Container IPv4/IPv6 link-local addresses | |||
--log-driver string Logging driver for the container | |||
--log-opt list Log driver options | |||
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) | |||
-m, --memory bytes Memory limit | |||
--memory-reservation bytes Memory soft limit | |||
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap | |||
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) | |||
--mount mount Attach a filesystem mount to the container | |||
--name string Assign a name to the container | |||
--network string Connect a container to a network (default "default") | |||
--network-alias list Add network-scoped alias for the container | |||
--no-healthcheck Disable any container-specified HEALTHCHECK | |||
--oom-kill-disable Disable OOM Killer | |||
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000) | |||
--pid string PID namespace to use | |||
--pids-limit int Tune container pids limit (set -1 for unlimited) | |||
--privileged Give extended privileges to this container | |||
-p, --publish list Publish a container's port(s) to the host | |||
-P, --publish-all Publish all exposed ports to random ports | |||
--read-only Mount the container's root filesystem as read only | |||
--restart string Restart policy to apply when a container exits (default "no") | |||
--rm Automatically remove the container when it exits | |||
--runtime string Runtime to use for this container | |||
--security-opt list Security Options | |||
--shm-size bytes Size of /dev/shm | |||
--sig-proxy Proxy received signals to the process (default true) | |||
--stop-signal string Signal to stop a container (default "SIGTERM") | |||
--stop-timeout int Timeout (in seconds) to stop a container | |||
--storage-opt list Storage driver options for the container | |||
--sysctl map Sysctl options (default map[]) | |||
--tmpfs list Mount a tmpfs directory | |||
-t, --tty Allocate a pseudo-TTY | |||
--ulimit ulimit Ulimit options (default []) | |||
-u, --user string Username or UID (format: <name|uid>[:<group|gid>]) | |||
--userns string User namespace to use | |||
--uts string UTS namespace to use | |||
-v, --volume list Bind mount a volume | |||
--volume-driver string Optional volume driver for the container | |||
--volumes-from list Mount volumes from the specified container(s) | |||
-w, --workdir string Working directory inside the container | |||
</pre> | |||
==== Example ==== | |||
<pre> | |||
$ docker run --name hello-nginx -d -p 80:80 -v /root/data:/data hello:0.1 | |||
55dc8f3a5bb0bc14cd6e1c98e266e3f05b7450badbef33d8a97c2e31912b1e3f | |||
$ docker run --restart=always --privileged --name asterisk_01 -d -p 5060:5060/udp -p 10000-10500:10000-10500/udp pchero/asterisk-14.0.2 | |||
0a0fd0dfebb72f1a9d2e0aac817292a8c0409704cf7eb51df4595b6b406f21a8 | |||
$ docker run -it --entrypoint /bin/sh call-manager | |||
</pre> | |||
=== service === | |||
Docker service is used mostly when the user configured the master node with Docker swarm so that docket containers will run in a distributed environment and it can be easily managed. | |||
Docker service will be the image for a microservice within the context of some larger application. Examples of services might include an HTTP server, a database, or any other type of executable program that you wish to run in a distributed environment. | |||
Kubernetes 의 deployment 와 비슷한 역할을 한다. service 에 등록된 container 들의 상태를 살피고 만약 컨테이너에 문제가 있다면 다시 재실행을 하는 등의 역할을 한다. | |||
<pre> | |||
$ docker service --help | |||
Usage: docker service COMMAND | |||
Manage services | |||
Commands: | |||
create Create a new service | |||
inspect Display detailed information on one or more services | |||
logs Fetch the logs of a service or task | |||
ls List services | |||
ps List the tasks of one or more services | |||
rm Remove one or more services | |||
rollback Revert changes to a service's configuration | |||
scale Scale one or multiple replicated services | |||
update Update a service | |||
Run 'docker service COMMAND --help' for more information on a command. | |||
</pre> | |||
* https://docs.docker.com/engine/swarm/how-swarm-mode-works/services/#services-tasks-and-containers | |||
=== start === | |||
하나 혹은 그 이상의 정지중인 컨테이너를 다시 실행시킨다. | |||
<pre> | |||
$ docker start --help | |||
Usage: docker start [OPTIONS] CONTAINER [CONTAINER...] | |||
Start one or more stopped containers | |||
Options: | |||
-a, --attach Attach STDOUT/STDERR and forward signals | |||
--detach-keys string Override the key sequence for detaching a container | |||
--help Print usage | |||
-i, --interactive Attach container's STDIN | |||
</pre> | |||
=== stop === | |||
실행중인 컨테이너를 정지한다. | |||
<pre> | |||
$ sudo docker stop -h | |||
Flag shorthand -h has been deprecated, please use --help | |||
Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...] | |||
Stop one or more running containers | |||
Options: | |||
--help Print usage | |||
-t, --time int Seconds to wait for stop before killing it (default 10) | |||
</pre> | </pre> | ||
Latest revision as of 00:27, 31 March 2020
Overview
Docker 사용법 정리
Basic
Docker 에는 크게 두가지 버전이 있다. CE(Community Edition) 과 EE(Enterprise Edition)이다. CE 는 개인/개발용 무료버전, EE 는 기업/상품용 유료 제품이다.
Installation
Dockerfile
docker 이미지를 생성하는 파일.
Commands
attach
현재 동작중인 container 에 접속한다.
$ sudo docker attach --help Usage: docker attach [OPTIONS] CONTAINER Attach local standard input, output, and error streams to a running container Options: --detach-keys string Override the key sequence for detaching a container --help Print usage --no-stdin Do not attach STDIN --sig-proxy Proxy all received signals to the process (default true)
Ctrl+P, Ctrl+Q 를 차례대로 입력하면 컨테이너를 정지하지 않고, 빠져나올 수 있다.
build
Dockerfile 을 이용해서 docker 이미지를 생성한다.
$ docker build --help Usage: docker build [OPTIONS] PATH | URL | - Build an image from a Dockerfile Options: --add-host list Add a custom host-to-IP mapping (host:ip) --build-arg list Set build-time variables --cache-from stringSlice Images to consider as cache sources --cgroup-parent string Optional parent cgroup for the container --compress Compress the build context using gzip --cpu-period int Limit the CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit the CPU CFS (Completely Fair Scheduler) quota -c, --cpu-shares int CPU shares (relative weight) --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) --disable-content-trust Skip image verification (default true) -f, --file string Name of the Dockerfile (Default is 'PATH/Dockerfile') --force-rm Always remove intermediate containers --help Print usage --iidfile string Write the image ID to the file --isolation string Container isolation technology --label list Set metadata for an image -m, --memory bytes Memory limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --network string Set the networking mode for the RUN instructions during build (default "default") --no-cache Do not use cache when building the image --pull Always attempt to pull a newer version of the image -q, --quiet Suppress the build output and print image ID on success --rm Remove intermediate containers after a successful build (default true) --security-opt stringSlice Security options --shm-size bytes Size of /dev/shm -t, --tag list Name and optionally a tag in the 'name:tag' format --target string Set the target build stage to build. --ulimit ulimit Ulimit options (default [])
Example
$ docker build -t asterisk-15 . Sending build context to Docker daemon 2.56kB Step 1/7 : FROM debian:8 8: Pulling from library/debian 85b1f47fba49: Already exists Digest: sha256:287a20c5f73087ab406e6b364833e3fb7b3ae63ca0eb3486555dc27ed32c6e60 ...
commit
새로운 컨테이너 이미지를 생성한다.
$ docker commit --help Usage: docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] Create a new image from a container's changes Options: -a, --author string Author (e.g., "John Hannibal Smith <hannibal@a-team.com>") -c, --change list Apply Dockerfile instruction to the created image --help Print usage -m, --message string Commit message -p, --pause Pause container during commit (default true)
Example
$ docker commit asterisk01 pchero/asterisk-14.0.2 sha256:613a9a3c8ae0cea34dd55c0cb1a5c5de9390673dad6f6958ab9543fba906cffd $ docker images REPOSITORY TAG IMAGE ID CREATED SIZE pchero/asterisk-14.0.2 latest 613a9a3c8ae0 6 seconds ago 903MB ...
exec
외부에서 현재 running 중인 container 안의 명령을 실행한다.
$ sudo docker exec --help Usage: docker exec [OPTIONS] CONTAINER COMMAND [ARG...] Run a command in a running container Options: -d, --detach Detached mode: run command in the background --detach-keys string Override the key sequence for detaching a container -e, --env list Set environment variables --help Print usage -i, --interactive Keep STDIN open even if not attached --privileged Give extended privileges to the command -t, --tty Allocate a pseudo-TTY -u, --user string Username or UID (format: <name|uid>[:<group|gid>])
컨테이너 이름 대신 컨테이너 ID 를 사용해도 된다. 하지만 컨테이너가 running 상태인 경우에만 사용할 수 있으며, stop 상태에서는 사용할 수 없다.
이미 실행된 컨테이너에 apt-get, apt, yum 명령으로 패키지를 설치하거나 각종 데몬의 실행/재실행 할 때 유용하다.
Example
$ docker exec hello echo "Hello world!" Hello world! $ docker exec -it asterisk01 asterisk01 -rvvvvv Asterisk 14.0.2, Copyright (C) 1999 - 2016, Digium, Inc. and others. ...
help
$ sudo docker help Usage: docker COMMAND A self-sufficient runtime for containers Options: --config string Location of client config files (default "/home/pchero/.docker") -D, --debug Enable debug mode --help Print usage -H, --host list Daemon socket(s) to connect to -l, --log-level string Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info") --tls Use TLS; implied by --tlsverify --tlscacert string Trust certs signed only by this CA (default "/home/pchero/.docker/ca.pem") --tlscert string Path to TLS certificate file (default "/home/pchero/.docker/cert.pem") --tlskey string Path to TLS key file (default "/home/pchero/.docker/key.pem") --tlsverify Use TLS and verify the remote -v, --version Print version information and quit Management Commands: config Manage Docker configs container Manage containers image Manage images network Manage networks node Manage Swarm nodes plugin Manage plugins secret Manage Docker secrets service Manage services stack Manage Docker stacks swarm Manage Swarm system Manage Docker volume Manage volumes Commands: attach Attach local standard input, output, and error streams to a running container build Build an image from a Dockerfile commit Create a new image from a container's changes cp Copy files/folders between a container and the local filesystem create Create a new container diff Inspect changes to files or directories on a container's filesystem events Get real time events from the server exec Run a command in a running container export Export a container's filesystem as a tar archive history Show the history of an image images List images import Import the contents from a tarball to create a filesystem image inspect Return low-level information on Docker objects kill Kill one or more running containers load Load an image from a tar archive or STDIN login Log in to a Docker registry logout Log out from a Docker registry logs Fetch the logs of a container pause Pause all processes within one or more containers port List port mappings or a specific mapping for the container ps List containers pull Pull an image or a repository from a registry push Push an image or a repository to a registry rename Rename a container restart Restart one or more containers rm Remove one or more containers rmi Remove one or more images run Run a command in a new container save Save one or more images to a tar archive (streamed to STDOUT by default) search Search the Docker Hub for images start Start one or more stopped containers stats Display a live stream of container(s) resource usage statistics stop Stop one or more running containers tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE top Display the running processes of a container unpause Unpause all processes within one or more containers update Update configuration of one or more containers version Show the Docker version information wait Block until one or more containers stop, then print their exit codes Run 'docker COMMAND --help' for more information on a command.
image
현재 docker 에 저장된 image 들을 관리한다.
$ sudo docker image help Usage: docker image COMMAND Manage images Options: --help Print usage Commands: build Build an image from a Dockerfile history Show the history of an image import Import the contents from a tarball to create a filesystem image inspect Display detailed information on one or more images load Load an image from a tar archive or STDIN ls List images prune Remove unused images pull Pull an image or a repository from a registry push Push an image or a repository to a registry rm Remove one or more images save Save one or more images to a tar archive (streamed to STDOUT by default) tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE Run 'docker image COMMAND --help' for more information on a command.
logs
지정한 컨테이너의 로그를 표시한다.
$ docker help logs Usage: docker logs [OPTIONS] CONTAINER Fetch the logs of a container Options: --details Show extra details provided to logs -f, --follow Follow log output --help Print usage --since string Show logs since timestamp (e.g. 2013-01-02T13:23:37) or relative (e.g. 42m for 42 minutes) --tail string Number of lines to show from the end of the logs (default "all") -t, --timestamps Show timestamps
ps
컨테이너 리스트를 보여준다.
$ sudo docker ps -h Flag shorthand -h has been deprecated, please use --help Usage: docker ps [OPTIONS] List containers Options: -a, --all Show all containers (default shows just running) -f, --filter filter Filter output based on conditions provided --format string Pretty-print containers using a Go template --help Print usage -n, --last int Show n last created containers (includes all states) (default -1) -l, --latest Show the latest created container (includes all states) --no-trunc Don't truncate output -q, --quiet Only display numeric IDs -s, --size Display total file sizes
push
지정한 image/repository 를 https://hub.docker.com/ 로 업로드 한다.
$ docker push --help Usage: docker push [OPTIONS] NAME[:TAG] Push an image or a repository to a registry Options: --disable-content-trust Skip image signing (default true) --help Print usage
Example
$ docker push pchero/asterisk-14.0.2:latest The push refers to a repository [docker.io/pchero/asterisk-14.0.2] 1de9415971f6: Pushed c9f9bbc27788: Mounted from respoke/asterisk 42266a27feba: Mounted from respoke/asterisk df5871f53cf3: Mounted from respoke/asterisk ed149fd3ab95: Mounted from respoke/asterisk bbc5aea4a29f: Mounted from respoke/asterisk c01c63c6823d: Mounted from respoke/asterisk latest: digest: sha256:08898d7f00889c79f467c5a15f888f304a93586e531d233781ac046dd4479582 size: 1790
rm
하나 혹은 그 이상의 컨테이너를 삭제한다.
$ docker rm --help Usage: docker rm [OPTIONS] CONTAINER [CONTAINER...] Remove one or more containers Options: -f, --force Force the removal of a running container (uses SIGKILL) --help Print usage -l, --link Remove the specified link -v, --volumes Remove the volumes associated with the container
컨테이너 이름 대신 컨테이너 ID 를 사용해도 된다.
Example
$ docker rm hello
rmi
하나 혹은 그 이상의 이미지를 삭제한다.
$ docker rmi --help Usage: docker rmi [OPTIONS] IMAGE [IMAGE...] Remove one or more images Options: -f, --force Force removal of the image --help Print usage --no-prune Do not delete untagged parents
이미지 이름 대신 이미지 ID 를 사용해도 된다.
별도의 태그 이름을 지정하지 않으면, 지정된 이름을 가진 모든 이미지가 삭제된다.
Example
$ docker rmi ubuntu:latest Untagged: ubuntu:latest Untagged: ubuntu@sha256:506e2d5852de1d7c90d538c5332bd3cc33b9cbd26f6ca653875899c505c82687 Deleted: sha256:747cb2d60bbecbda48aff14a8be5c8b913ca69318a6067e57c697f8a78dda06e Deleted: sha256:ec1fd849ff0a8f0aa2fd1acc29ad5dabbc79b89f63b74a4f54e31a7b0a100aa1 Deleted: sha256:e3f6dffa20cf36460d23bfb22e17be6e5339891f8537f32db79887caf832048b Deleted: sha256:c213ffdc9f7032702de5a8e9045fcce2353b7221ef6bf4509e02005cfc858f58 Deleted: sha256:3fddf55a451aa43707518f2d8788c12ee5eb1f1e3075433f5bcf4d445d5c275d Deleted: sha256:0f5ff0cf6a1c53f94b15f03536c490040f233bc455f1232f54cc8eb344a3a368
run
지정된 docker container 를 동작시킨다.
$ docker run --help Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] Run a command in a new container Options: --add-host list Add a custom host-to-IP mapping (host:ip) -a, --attach list Attach to STDIN, STDOUT or STDERR --blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0) --blkio-weight-device list Block IO weight (relative device weight) (default []) --cap-add list Add Linux capabilities --cap-drop list Drop Linux capabilities --cgroup-parent string Optional parent cgroup for the container --cidfile string Write the container ID to the file --cpu-period int Limit CPU CFS (Completely Fair Scheduler) period --cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota --cpu-rt-period int Limit CPU real-time period in microseconds --cpu-rt-runtime int Limit CPU real-time runtime in microseconds -c, --cpu-shares int CPU shares (relative weight) --cpus decimal Number of CPUs --cpuset-cpus string CPUs in which to allow execution (0-3, 0,1) --cpuset-mems string MEMs in which to allow execution (0-3, 0,1) -d, --detach Run container in background and print container ID --detach-keys string Override the key sequence for detaching a container --device list Add a host device to the container --device-cgroup-rule list Add a rule to the cgroup allowed devices list --device-read-bps list Limit read rate (bytes per second) from a device (default []) --device-read-iops list Limit read rate (IO per second) from a device (default []) --device-write-bps list Limit write rate (bytes per second) to a device (default []) --device-write-iops list Limit write rate (IO per second) to a device (default []) --disable-content-trust Skip image verification (default true) --dns list Set custom DNS servers --dns-option list Set DNS options --dns-search list Set custom DNS search domains --entrypoint string Overwrite the default ENTRYPOINT of the image -e, --env list Set environment variables --env-file list Read in a file of environment variables --expose list Expose a port or a range of ports --group-add list Add additional groups to join --health-cmd string Command to run to check health --health-interval duration Time between running the check (ms|s|m|h) (default 0s) --health-retries int Consecutive failures needed to report unhealthy --health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s) --health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s) --help Print usage -h, --hostname string Container host name --init Run an init inside the container that forwards signals and reaps processes -i, --interactive Keep STDIN open even if not attached --ip string IPv4 address (e.g., 172.30.100.104) --ip6 string IPv6 address (e.g., 2001:db8::33) --ipc string IPC mode to use --isolation string Container isolation technology --kernel-memory bytes Kernel memory limit -l, --label list Set meta data on a container --label-file list Read in a line delimited file of labels --link list Add link to another container --link-local-ip list Container IPv4/IPv6 link-local addresses --log-driver string Logging driver for the container --log-opt list Log driver options --mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33) -m, --memory bytes Memory limit --memory-reservation bytes Memory soft limit --memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap --memory-swappiness int Tune container memory swappiness (0 to 100) (default -1) --mount mount Attach a filesystem mount to the container --name string Assign a name to the container --network string Connect a container to a network (default "default") --network-alias list Add network-scoped alias for the container --no-healthcheck Disable any container-specified HEALTHCHECK --oom-kill-disable Disable OOM Killer --oom-score-adj int Tune host's OOM preferences (-1000 to 1000) --pid string PID namespace to use --pids-limit int Tune container pids limit (set -1 for unlimited) --privileged Give extended privileges to this container -p, --publish list Publish a container's port(s) to the host -P, --publish-all Publish all exposed ports to random ports --read-only Mount the container's root filesystem as read only --restart string Restart policy to apply when a container exits (default "no") --rm Automatically remove the container when it exits --runtime string Runtime to use for this container --security-opt list Security Options --shm-size bytes Size of /dev/shm --sig-proxy Proxy received signals to the process (default true) --stop-signal string Signal to stop a container (default "SIGTERM") --stop-timeout int Timeout (in seconds) to stop a container --storage-opt list Storage driver options for the container --sysctl map Sysctl options (default map[]) --tmpfs list Mount a tmpfs directory -t, --tty Allocate a pseudo-TTY --ulimit ulimit Ulimit options (default []) -u, --user string Username or UID (format: <name|uid>[:<group|gid>]) --userns string User namespace to use --uts string UTS namespace to use -v, --volume list Bind mount a volume --volume-driver string Optional volume driver for the container --volumes-from list Mount volumes from the specified container(s) -w, --workdir string Working directory inside the container
Example
$ docker run --name hello-nginx -d -p 80:80 -v /root/data:/data hello:0.1 55dc8f3a5bb0bc14cd6e1c98e266e3f05b7450badbef33d8a97c2e31912b1e3f $ docker run --restart=always --privileged --name asterisk_01 -d -p 5060:5060/udp -p 10000-10500:10000-10500/udp pchero/asterisk-14.0.2 0a0fd0dfebb72f1a9d2e0aac817292a8c0409704cf7eb51df4595b6b406f21a8 $ docker run -it --entrypoint /bin/sh call-manager
service
Docker service is used mostly when the user configured the master node with Docker swarm so that docket containers will run in a distributed environment and it can be easily managed.
Docker service will be the image for a microservice within the context of some larger application. Examples of services might include an HTTP server, a database, or any other type of executable program that you wish to run in a distributed environment.
Kubernetes 의 deployment 와 비슷한 역할을 한다. service 에 등록된 container 들의 상태를 살피고 만약 컨테이너에 문제가 있다면 다시 재실행을 하는 등의 역할을 한다.
$ docker service --help Usage: docker service COMMAND Manage services Commands: create Create a new service inspect Display detailed information on one or more services logs Fetch the logs of a service or task ls List services ps List the tasks of one or more services rm Remove one or more services rollback Revert changes to a service's configuration scale Scale one or multiple replicated services update Update a service Run 'docker service COMMAND --help' for more information on a command.
start
하나 혹은 그 이상의 정지중인 컨테이너를 다시 실행시킨다.
$ docker start --help Usage: docker start [OPTIONS] CONTAINER [CONTAINER...] Start one or more stopped containers Options: -a, --attach Attach STDOUT/STDERR and forward signals --detach-keys string Override the key sequence for detaching a container --help Print usage -i, --interactive Attach container's STDIN
stop
실행중인 컨테이너를 정지한다.
$ sudo docker stop -h Flag shorthand -h has been deprecated, please use --help Usage: docker stop [OPTIONS] CONTAINER [CONTAINER...] Stop one or more running containers Options: --help Print usage -t, --time int Seconds to wait for stop before killing it (default 10)
See also
- http://www.slideshare.net/pyrasis/docker-fordummies-44424016 - 도커 무작정 따라하기: 도커가 처음인 사람도 60분이면 웹 서버를 올릴 수 있습니다!
- http://pyrasis.com/Docker/Docker-HOWTO - Docker 기본 사용법
References
<references />