Docker container Practice IV: Introduction

After deploying Docker, we begin to learn how to use the product.

Docker management is mainly carried out through the command line, and there are perfect command tools for use on the client. For the application of these commands, readers are not recommended to memorize by rote. A better way is to learn in use. When we need to understand these commands, just enter docker on the console and press enter to see all commands and related parameters supported by the client.

$ docker

Usage:  docker [OPTIONS] COMMAND

A self-sufficient runtime for containers

      --config string      Location of client config files (default "/root/.docker")
  -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context
  -D, --debug              Enable debug mode
  -H, --host list          Daemon socket(s) to connect to
  -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
      --tls                Use TLS; implied by --tlsverify
      --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
      --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
      --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
      --tlsverify          Use TLS and verify the remote
  -v, --version            Print version information and quit


The format of the command line is "Docker + [management command] + first level command + parameter". In the early days, Docker had only one-level command, but it was easy to cause some confusion to users in the process of use. For example, docker inspect was used to view image and container information.

In order to better distinguish, Docker officially added management commands in version 1.13. Management commands can make the use of commands more standardized. For example, when viewing image information, use the docker image inspect command, while when viewing container information, execute docker container inspect.

Because some management commands are not mandatory, this tutorial will use "[]" to express them during explanation. If you don't know the relevant parameters, you can execute "docker + Command + -- help" to view the help information. At this time, all the parameters and descriptions supported by the command will be listed.

For example:

$ docker container  start --help

Usage:  docker container start [OPTIONS] CONTAINER [CONTAINER...]

Start one or more stopped containers

  -a, --attach               Attach STDOUT/STDERR and forward signals
      --detach-keys string   Override the key sequence for detaching a container
  -i, --interactive          Attach container's STDIN

In addition, users can install bash completion tool for automatic command completion to obtain a better experience.

$ sudo yum install -y bash-completion

After the installation is completed, exit and log in to the system again to take effect. When using, pressing Tab will automatically complete the command.

Container example:

Now, let's take the image of Nginx as an example to demonstrate the enabling of containers. The process of enabling a container is very simple and requires only two steps:

1. Download the image;

2. Create the container through the image and start it.

First, we use the docker [image] pull command to pull the nginx image

$ docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
a2abf6c4d29d: Pull complete 
a9edb18cadd1: Pull complete 
589b7251471a: Pull complete 
186b1aaa4aa6: Pull complete 
b4df32aa5a72: Pull complete 
a0bcbecc962e: Pull complete 
Digest: sha256:0d17b565c37bcbd895e9d92315a05c1c3c9a29f762b011a10c54a66cd53c9b31
Status: Downloaded newer image for nginx:latest

Due to some special reasons of the domestic network, it is occasionally difficult to pull the image on the dockerhub website. At this time, you can configure the image accelerator for acceleration. At present, major cloud providers in China have provided acceleration services in this regard.

Take Alibaba cloud as an example. After registering an Alibaba cloud account, log in and select "container image service", and you can see the acceleration address provided by Alibaba cloud. Simply configure the local Docker according to the operation and use it after restarting the service. For specific operations, please refer to the instructions of the cloud service provider, which will not be described in detail here.

Run the docker images or docker image ls command to view the image list of this machine. You can see that the image has been downloaded successfully.

$ docker imagesREPOSITORY   TAG       IMAGE ID       CREATED        SIZEnginx        latest    605c77e624dd   3 months ago   141MB

Execute the docker [container] run command to start a container through image. When the container starts normally, the console will output the complete ID number of the container.

$ docker run --name nginx -d -p 80:80 nginx

Note: docker [container] run is used to create a container and start it. If there is a local image, create the container directly. Otherwise, the command will download the image to the local before creating the container-- Name specifies the name of the generated container- d is used to configure the container to run in the background to avoid exiting the container due to the disconnection of the current terminal- p is used to map the container port to the server. The format is < local port >: < container port >; nginx is the image name;

Run the docker ps or docker container ls command to check the startup STATUS of the container and display that it has been started normally in the STATUS.

$ docker ps
CONTAINER ID   IMAGE     COMMAND                  CREATED              STATUS              PORTS                               NAMES
11e7ee9aed3f   nginx     "/docker-entrypoint...."   About a minute ago   Up About a minute>80/tcp, :::80->80/tcp   nginx

Open the browser and access the host IP. You can see that the Nginx service has been running, which proves that the container has been started successfully.

OK, now that we have started a container and made it provide services, this article can also end here.

But as a thinking technician, maybe you don't want to be satisfied with this. At this time, we don't know how the inside of the container works, just like a black box.

In order to understand better, we can try to look inside the container. Use the docker [container] exec command to interact with the running container. The command needs to specify the ID number or name of the container and add the command to be executed at the end. As follows:

$ docker exec -it nginx bashroot@11e7ee9aed3f:/#

After the command is executed, the bash terminal of a container will be opened. When you see that the shell prompt has changed to "@ container ID", it indicates that the terminal has been started normally. At this time, it can be regarded as entering the system in the container.

Since the nginx image does not have the process viewing tool installed, let's use apt to install the relevant tools first. ​​​​​​​

root@11e7ee9aed3f:/# apt-get updateroot@11e7ee9aed3f:/# apt-get install procps

After the installation is completed, run the ps aux command to view the process. At this time, you can see that except for the bash process and ps process of the terminal, only the nginx process is running inside the container.

root@11e7ee9aed3f:/# ps aux 
root          1  0.0  0.1   8840  3484 ?        Ss   01:55   0:00 nginx: master process nginx -g daemon off;
nginx        31  0.0  0.0   9228  1528 ?        S    01:55   0:00 nginx: worker process
nginx        32  0.0  0.0   9228  1528 ?        S    01:55   0:00 nginx: worker process
root         33  0.0  0.1   4600  2716 pts/0    Ss   02:07   0:00 bash
root       1664  0.0  0.0   6684  1504 pts/0    R+   03:24   0:00 ps aux

Note the PID number. The main process number of nginx is 1, indicating that this process is the first process of the system in the container. Here you can see the isolation capability of the container. The process is also the starting process of the container. When the process exits, the container will also exit.


This article mainly gives a preliminary introduction to the application of containers. In this process, we can see that the use of containers is very simple and convenient. When we want to use a software, we don't need to install the product and related dependent components. We just need to download the image of the software and generate a container.

This is the benefit of Docker and the gospel of O & M and developers!

Focus on Devops operation and maintenance technology sharing, pay attention to official account and get more exciting content.

Tags: Docker Container DevOps

Posted by jsucupira on Sun, 17 Apr 2022 20:10:39 +0930