官方命令帮助文档：https://docs.docker.com/reference/

Docker辅助命令

显示docker的版本信息
1
docker -version

显示docker的系统信息，包括镜像和容器的数量
1
docker info

帮助命令

查看所有的docker帮助文档

[root@localhost ~]# docker --help

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

Options:
      --config string      Location of client config files (default "/root/.docker")
  -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit

Management Commands:
  app*        Docker App (Docker Inc., v0.9.1-beta3)
  builder     Manage builds
  buildx*     Build with BuildKit (Docker Inc., v0.5.0-docker)
  config      Manage Docker configs
  container   Manage containers
  context     Manage contexts
  image       Manage images
  manifest    Manage Docker image manifests and manifest lists
  network     Manage networks
  node        Manage Swarm nodes
  plugin      Manage plugins
  secret      Manage Docker secrets
  service     Manage services
  stack       Manage Docker stacks
  swarm       Manage Swarm
  system      Manage Docker
  trust       Manage trust on Docker images
  volume      Manage volumes

Commands:
  attach      Attach local standard input, output, and error streams to a running container
  build       Build an image from a Dockerfile
  commit      Create a new image from a container's changes
  cp          Copy files/folders between a container and the local filesystem
  create      Create a new container
  diff        Inspect changes to files or directories on a container's filesystem
  events      Get real time events from the server
  exec        Run a command in a running container
  export      Export a container's filesystem as a tar archive
  history     Show the history of an image
  images      List images
  import      Import the contents from a tarball to create a filesystem image
  info        Display system-wide information
  inspect     Return low-level information on Docker objects
  kill        Kill one or more running containers
  load        Load an image from a tar archive or STDIN
  login       Log in to a Docker registry
  logout      Log out from a Docker registry
  logs        Fetch the logs of a container
  pause       Pause all processes within one or more containers
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image or a repository from a registry
  push        Push an image or a repository to a registry
  rename      Rename a container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Remove one or more images
  run         Run a command in a new container
  save        Save one or more images to a tar archive (streamed to STDOUT by default)
  search      Search the Docker Hub for images
  start       Start one or more stopped containers
  stats       Display a live stream of container(s) resource usage statistics
  stop        Stop one or more running containers
  tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
  top         Display the running processes of a container
  unpause     Unpause all processes within one or more containers
  update      Update configuration of one or more containers
  version     Show the Docker version information
  wait        Block until one or more containers stop, then print their exit codes

Run 'docker COMMAND --help' for more information on a command.

To get more help with docker, check out our guides at https://docs.docker.com/go/guides/

查看docker指定命令的帮助文件
1
docker 命令 --help

Docker Images 镜像命令

查看images命令帮助文档

[root@localhost ~]# docker images --help

Usage:  docker images [OPTIONS] [REPOSITORY[:TAG]]

List images

Options:
  -a, --all             Show all images (default hides intermediate images)
      --digests         Show digests
  -f, --filter filter   Filter output based on conditions provided
      --format string   Pretty-print images using a Go template
      --no-trunc        Don't truncate output
  -q, --quiet           Only show image IDs

参数说明：

-a：列出所有镜像
-f：
- --filter：根据条件过滤
- --format：模板格式化输出
- --no-trunc：不截断输出
-q：只显示镜像的id

查看本地中所有镜像
1
2
3
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-world latest bf756fb1ae65 12 months ago 13.3kB
显示项说明：
- REPOSITORY：表示镜像的仓库源
- TAG：镜像的标签
- IMAGE ID：镜像ID
- CREATED：镜像创建时间
- SIZE：镜像大小

搜索镜像

[root@localhost ~]# docker search mysql
NAME                              DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
mysql                             MySQL is a widely used, open-source relation…   10468     [OK]
mariadb                           MariaDB is a community-developed fork of MyS…   3893      [OK]
mysql/mysql-server                Optimized MySQL Server Docker images. Create…   768                  [OK]                        Percona Server is a fork of the MySQL relati…   518       [OK]
……

显示项说明：

NAME: 镜像仓库源的名称

DESCRIPTION: 镜像的描述

STARS: 类似 Github 里面的 star，表示点赞、喜欢的意思

OFFICIAL: 是否 docker 官方发布

AUTOMATED: 自动构建

[root@localhost ~]# docker search mysql --filter=STARS=3000
NAME      DESCRIPTION                                     STARS     OFFICIAL   AUTOMATED
mysql     MySQL is a widely used, open-source relation…   10468     [OK]
mariadb   MariaDB is a community-developed fork of MyS…   3893      [OK]

--filter=STARS=3000: 搜索出来的镜像是STARS大于3000的

从仓库下载镜像

docker pull 镜像名[:tag] tag版本号

[root@localhost ~]# docker pull mysql
Using default tag: latest # 如果不写tag，默认是latest
latest: Pulling from library/mysql
6ec7b7d162b2: Pull complete # 分层下载，docker image的核心，联合文件系统
fedd960d3481: Pull complete
7ab947313861: Pull complete
64f92f19e638: Pull complete
3e80b17bff96: Pull complete
014e976799f9: Pull complete
59ae84fee1b3: Pull complete
ffe10de703ea: Pull complete
657af6d90c83: Pull complete
98bfb480322c: Pull complete
6aa3859c4789: Pull complete
1ed875d851ef: Pull complete
Digest: sha256:78800e6d3f1b230e35275145e657b82c3fb02a27b2d8e76aac2f5e90c1c30873 # 签名
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest # 真实地址

docker pull mysql 等价于docker pull docker.io/library/mysql:latest

# 指定版本下载
[root@localhost ~]# docker pull mysql:5.7
5.7: Pulling from library/mysql
6ec7b7d162b2: Already exists
fedd960d3481: Already exists
7ab947313861: Already exists
64f92f19e638: Already exists
3e80b17bff96: Already exists
014e976799f9: Already exists
59ae84fee1b3: Already exists
7d1da2a18e2e: Pull complete
301a28b700b9: Pull complete
529dc8dbeaf3: Pull complete
bc9d021dc13f: Pull complete
Digest: sha256:c3a567d3e3ad8b05dfce401ed08f0f6bf3f3b64cc17694979d5f2e5d78e10173
Status: Downloaded newer image for mysql:5.7
docker.io/library/mysql:5.7

删除镜像

docker rmi 镜像ID / docker rmi -f 镜像ID

docker rmi 镜像镜像名:tag / docker rmi -f 镜像镜像名:tag

# 删除镜像的帮助文档
[root@localhost ~]# docker rmi --help

Usage:  docker rmi [OPTIONS] IMAGE [IMAGE...]

Remove one or more images

Options:
  -f, --force      Force removal of the image
      --no-prune   Do not delete untagged parents

-f：强制删除镜像

# 强制删除指定的docker镜像
[root@localhost ~]# docker rmi -f f07dfa83b528
Untagged: mysql:5.7
Untagged: mysql@sha256:c3a567d3e3ad8b05dfce401ed08f0f6bf3f3b64cc17694979d5f2e5d78e10173
Deleted: sha256:f07dfa83b5283f486f1fa1628cb8b4a18a4d071a486708acc5c06243ca7f592a
Deleted: sha256:1137660d239dd339c83697d1d5cc93542333aaf35c1fd90418f9c0d166c23487
Deleted: sha256:20c29fc0161bc3cc0addc48ab1aeb70f605a5529590fd32d01502d58d1c6dc10
Deleted: sha256:8615ae1ee613441540ee54a2c517eb0600a6c83667a79f7ca74acc9ffec4c9a4
Deleted: sha256:252efab3ecb7891820c5a340645044850d6edc7815c6588450d74b0a743424f4

1 2	# 强制删除所有的docker镜像 [root@localhost ~]# docker rmi -f $(docker images -aq)

docker images -aq：查询当前所有镜像的镜像ID

镜像导入导出（不规范），备份

1 2	# 将本地的镜像导出 docker save -o 导出的路径镜像id

加载本地的镜像文件
1
docker load -i 镜像文件

修改镜像名称

1	docker tag 镜像ID 新镜像名称:版本

查看镜像创建历史
1
docker history 镜像ID

Docker Contrainer 容器命令

说明：有了镜像才可以创建容器

运行容器

1 2	# 查看run帮助文件 [root@localhost ~]# docker run --help

docker run [可选参数] image:tag|image ID

常用参数说明
- --name="Name" 容器名字 tomcat01 tomcat02 用来区分容器
- -d 后台方式运行
- -it 使用交互方式运行，进入容器查看内容
- -p 是容器内部端口绑定到指定的主机端口
  - -p ip:主机端口:容器端口
  - -p 主机端口:容器端口（常用）
  - -p 容器端口
  - 容器端口
- -P 是容器内部端口随机映射到主机的高端口

以tomcat为例，运行tomcat容器

# 启动容器，并进入容器
[root@localhost ~]# docker run -it tomcat /bin/bash
# 映射宿主机端口与容器端口进行映射
[root@localhost ~]# docker run -it --name tomcat01 -p 8888:8080 tomcat
# 启动容器，容器内部端口随机映射到主机的高端口，并且后台启动
[root@localhost ~]# docker run -d --name tomcat02 -P tomcat

进入容器后，操作

1 2	exit # 进入容器，容器直接停止并退出 ctrl/control + p + q # 进入容器，容器不停止退出

查看运行的容器
1
2
# 列出所有正在运行的容器
[root@localhost ~]# docker ps
参数：
- -a：查看所有容器，运行和非运行的
- -q：静默模式，只显示容器编号
- -aq：返回所有容器id（运行和非运行）
示例说明
1
2
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b292f22392ba tomcat "catalina.sh run" 58 seconds ago Up 2 seconds 8080/tcp upbeat_taussig
显示项说明：
- CONTAINER ID：容器id
- IMAGE ：基于镜像
- COMMAND：容器内执行命令
- CREATED：创建时间
- STATUS：当前状态
- PORTS：容器服务监听的端口
- NAMES：容器名称
停止|关闭|重启容器
- docker start 容器id：启动容器
- docker restart 容器id：重启容器
- docker stop 容器id：停止当前正在运行的容器
- docker kill 容器id：强制停止当前容器
删除容器
- docker rm 容器id：删除指定的容器，不能删除正在运行的容器，如果要删除则需要强制删除 rm -f
- docker rm -f $(docker ps -aq) ：删除所有的容器（强制删除）
- docker ps -a -q | xargs docker rm ：删除所有的容器

查看容器内进程

docker top 容器id|容器名：查看容器内的进程

1
2
3

[root@localhost ~]# docker top 3d71840c3a5c
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                4754                4733                0                   17:20               ?                   00:00:07            /usr/local/openjdk-11/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat -Dcatalina.home=/usr/local/tomcat -Djava.io.tmpdir=/usr/local/tomcat/temp org.apache.catalina.startup.Bootstrap start

查看查看容器内部细节
- docker inspect 容器id|容器名：查看容器内部细节

查看容器的运行日志

docker logs [OPTIONS] 容器id|容器名：查看容器日志
参数：
- -t：加入时间戳
- -f：跟随最新的日志打印
- --tail ：数字显示最后多少条

示例

# 查看实时日志
[root@localhost ~]# docker logs -f 3d71840c3a5c
# 查看实时日志带有时间戳
[root@localhost ~]# docker logs -tf 3d71840c3a5c
# 查看实时日志的最新10条
[root@localhost ~]# docker logs -tf --tail 10 3d71840c3a5c

进入容器内部
- docker exec [options] 容器id 容器内命令 ：进入容器执行命令
- 参数
  - -i：以交互模式运行容器，通常与-t一起使用
  - -t：分配一个伪终端 shell窗口 bash
- 示例
1
2
[root@localhost ~]# docker exec -it 3d71840c3a5c bash
root@3d71840c3a5c:/usr/local/tomcat#
bash：进入容器，并与容器内命令终端进行交互
- 退出容器：exit

容器和宿主机之间复制文件

docker cp 文件|目录容器的唯一标识(id、name):容器路径：从容器复制文件到操作系统
docker cp 容器的唯一标识(id、name):容器内资源路径宿主机目录路径：从容器复制文件到操作系统
示例

# 将宿主机中的aa.txt文件复制到容器中/usr/local/tomcat路径下
[root@localhost ~]# docker cp aa.txt 3d71840c3a5c:/usr/local/tomcat
# 将tomcat容器中的RUNNING.txt文件，复制到宿主机的当前目录中
[root@localhost ~]# docker cp 3d71840c3a5c:/usr/local/tomcat/RUNNING.txt ./RUNNING.txt

数据卷(volum)实现与宿主机共享目录

docker run -v 宿主机的路径|任意别名:/容器内的路径镜像名
docker run -v 宿主机的路径|任意别名:/容器内的路径:ro 镜像名 ro代表容器内部的目录只读
作用：实现宿主机系统与容器之间的文件共享

注意:

如果是宿主机路径必须是绝对路径,宿主机目录会覆盖容器内目录内容
如果是别名则会在docker运行容器时自动在宿主机中创建一个目录,并将容器目录文件复制到宿主机中

示例

# 自定义数据卷目录
[root@localhost ~]# docker run -d -p 8081:8080 --name tomcat2 -v ${PWD}/apps/:/usr/local/tomcat/webapps tomcat:latest
# 自动数据卷目录
[root@localhost ~]# docker run -d -p 8081:8080 --name tomcat2 -v aa/apps/:/usr/local/tomcat/webapps tomcat:latest

aa代表一个数据卷名字，名称可以随便写，docker会在不存在数据卷时，自动创建这个数据卷同时自动映射宿主机中某个目录
同时在启动容器时会将aa对应容器目录中全部内容复制到aa映射目录中

容器打包成新的镜像
- docker commit -m "描述信息" -a "作者信息" (容器id或者名称) 打包的镜像名称:标签

查看容器内文件结构

docker diff 容器id|容器名
示例

[root@localhost ~]# docker diff 3d71840c3a5c
C /usr
C /usr/local
C /usr/local/tomcat
C /usr/local/tomcat/conf
A /usr/local/tomcat/conf/Catalina
A /usr/local/tomcat/conf/Catalina/localhost
A /usr/local/tomcat/aa.txt
C /usr/local/tomcat/logs
A /usr/local/tomcat/logs/localhost_access_log.2021-02-10.txt
A /usr/local/tomcat/logs/manager.2021-02-10.log
A /usr/local/tomcat/logs/catalina.2021-02-10.log
A /usr/local/tomcat/logs/host-manager.2021-02-10.log
A /usr/local/tomcat/logs/localhost.2021-02-10.log
C /tmp
C /tmp/hsperfdata_root
A /tmp/hsperfdata_root/1

小结

images

命令	英文说明	中文说明
attach	Attach to a running container	当前shell下attach连接指定运行镜像
build	Build an image a Dockerfile	通过Dockerfile定制镜像
commit	Create a new image from a container change	提交当前容器为新的镜像
cp	Copy files/folders from the containers filesystem to the host path	从容器中拷贝指定的文件或者目录到宿主机中
create	Create a new container	创建一个新的容器，同run，但不启动容器
diff	Inspect changes on a container’s filesystem	查看docker容器变化
events	Get real time events from the server	从Dokcer服务获取容器实时事件
exec	Run a command in an existing container	在已存在的容器上运行命令
export	Stream the contents fo container as a tar archive	导出容器的内容流作为一个tar归档文件[对应import]
history	Show the history of an image	展示一个镜像形成历史
images	List images	列出系统当前镜像
import	Create a new filesystem image from the contents of a tarball	从tar包中的内容创建一个新的文件系统镜像[对应export]
info	Display system-wide information	显示系统相关信息
inspect	Return low-level information on a container	查看容器详情信息
kill	Kill a running container	kill指定正在运行docker容器
load	Load an image from a tar archive	从一个tar包中加载一个镜像[对应save]
login	Register or Login to the docker registry server	注册或者登陆一个docker源服务
logout	Log out from a Docker registry server	从当前Docker registry退出
logs	Fetch the logs of a container	输出当前容器日志
port	Lookup the pulibc-facting port which is NAT-ed to PRIVATE_PORT	查看映射端口对应的容器内部源端口
pause	Pause all processes within a container	暂停容器
ps	List container	列出容器列表
pull	Pull an image or a repository from the docker registry server	从docker镜像源服务器拉去指定镜像或者库镜像
push	Push an image or a repository to the docker registry server	推送指定镜像或者库镜像至docker源服务
restart	Restart a running container	重启运行的容器
rm	Remove one or more containers	移除一个或者多个容器
rmi	Remove one or more images	移除一个或多个镜像[无容器使用该镜像才可删除，否则需删除相关内容才可继续或-f强制删除]
run	Run a command in a new container	创建一个新的容器并运行一个命令
save	Save ab image to a tar archive	保存一个镜像为一个tar包[对应load]
search	Search for an image on the Docker Hub	在docker hub中搜索镜像
start	Start a stopped containers	启动容器
stop	Stop a running containers	停止容器
tag	Tag an image into a repository	给源中镜像打标签
top	Lookup the running processes of a container	查看容器中运行的进程信息
unpause	Unpause a paused container	取消暂停容器
version	Show the docker version information	查看docker版本号
wait	Block until a container stops, then print its exit code	截取容器停止时的退出状态值

Docker相关操作

Docker辅助命令

Docker Images 镜像命令

Docker Contrainer 容器命令

小结