Skip to main content

Docker相关操作

安装

卸载旧的版本

for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done

设置docker的apt仓库

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

安装Docker engine

sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

把当前用户添加到Docker组,否则会报无权限访问:

$ docker ps -a
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json?all=1": dial unix /var/run/docker.sock: connect: permission denied
# 把当前用户添加到Docker组
sudo usermod -aG docker $USER

# 重启Docker服务
sudo systemctl restart docker

# 当前用户退出登录
exit

# 当前用户重新登录,操作docker
$ docker ps -a
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

常用基本命令

# 启动docker
sudo systemctl start docker
# 停止dokcer
sudo systemctl stop docker
# 查看docker状态
sudo systemctl status docker 
# 重启docker
sudo systemctl restart docker
# 设置docker 开机自启
sudo systemctl enable docker
# 查看docker 版本
docker version
# 查看docker 镜像
docker images
# 删除镜像
docker rmi 镜像ID
# 查看镜像构建history
docker history 镜像ID
# 查看docker 运行列表
docker ps 
# 查看docker (运行、停止)
docker ps -aq
# 删除容器
docker rm -vf 容器ID/容器名称(CONTAINER ID/NAMES)
#  删除多个容器(空格隔开)
docker rm -vf 容器ID/容器名称 容器ID/容器名称 ...
# 删除全部容器
docker rm -vf $(docker ps -aq)

镜像构建

# -f即--file指定Dockerfile路径,不指定就是在'.'当前目录下
docker build [-f /path/to/Dockerfile] -t img_name:img_tag .

Push镜像到Docker hub

登录

docker login

为镜像打tag

docker tag local_image_name:tag docker_hub_username/repository_name:tag

push到Docker hub

docker push docker_hub_username/repository_name:tag

退出登录

docker logout

镜像压缩 docker-squash

docker-squash是一个用于合并和压缩 Docker 镜像的层,以减小镜像的大小的第三方工具。它并不是 Docker 官方工具,但可以帮助减小已有镜像的大小。

安装docker-squash

pip install docker-squash

运行 "docker-squash" 命令,指定要压缩的镜像和合并的层

docker-squash 原始镜像名:原始标签 -t 新镜像名:新标签

如:

docker-squash riscv-gnu-toolchain:riscv6432_elf_gcc_qemu_20231018_nightly_ubuntu2204_arm64_no_source \
-t riscv-gnu-toolchain:riscv6432_elf_gcc_qemu_20231018_nightly_ubuntu2204_arm64_squashed
$ docker images
REPOSITORY                   TAG                                                                  IMAGE ID       CREATED             SIZE
riscv-gnu-toolchain          riscv6432_elf_gcc_qemu_20231018_nightly_ubuntu2204_arm64_squashed    8d530001bd56   About an hour ago   2.35GB
riscv-gnu-toolchain          riscv6432_elf_gcc_qemu_20231018_nightly_ubuntu2204_arm64_no_source   0de803fb1465   About an hour ago   22.1GB

22.1GB--->2.35GB,这里面是有原因的,下面是镜像的Layer,一共15个,其中最占空间的是9.42GB(clone一个项目)和12.1GB(对项目进行编译),而在编译完成之后构建镜像的最后一步RUN /bin/sh -c rm -rf /opt/source把项目目录给删除了,所以在做Layer合并之后镜像中已经没有了拉取的项目,所以才会变这么小,如过没有删除操作,docker-squash执行之后,镜像大小几乎没有发生任何个变化,即如果镜像在构建过程中产生的中间数据在镜像构建完成之后删除,可以考虑使用docker-squash来减小镜像体积

$ docker history riscv-gnu-toolchain:riscv6432_elf_gcc_qemu_20231018_nightly_ubuntu2204_arm64_no_source
IMAGE          CREATED             CREATED BY                                      SIZE      COMMENT
0de803fb1465   About an hour ago   CMD ["bash"]                                    0B        buildkit.dockerfile.v0
<missing>      About an hour ago   RUN /bin/sh -c rm -rf /opt/source # buildkit    0B        buildkit.dockerfile.v0
<missing>      9 hours ago         WORKDIR /                                       0B        buildkit.dockerfile.v0
<missing>      9 hours ago         RUN /bin/sh -c echo 'export RISCV=/opt/riscv…   3.79kB    buildkit.dockerfile.v0
<missing>      9 hours ago         RUN /bin/sh -c cd riscv-gnu-toolchain &&12.1GB    buildkit.dockerfile.v0
<missing>      15 hours ago        RUN /bin/sh -c curl https://mirror.iscas.ac.…   9.42GB    buildkit.dockerfile.v0
<missing>      17 hours ago        RUN /bin/sh -c apt-get update &&     apt-get…   528MB     buildkit.dockerfile.v0
<missing>      17 hours ago        WORKDIR /opt/source                             0B        buildkit.dockerfile.v0
<missing>      17 hours ago        LABEL maintainer=qymlyl                         0B        buildkit.dockerfile.v0
<missing>      3 weeks ago         /bin/sh -c #(nop)  CMD ["/bin/bash"]            0B        
<missing>      3 weeks ago         /bin/sh -c #(nop) ADD file:f8594e26831508c31…   69.2MB    
<missing>      3 weeks ago         /bin/sh -c #(nop)  LABEL org.opencontainers.…   0B        
<missing>      3 weeks ago         /bin/sh -c #(nop)  LABEL org.opencontainers.…   0B        
<missing>      3 weeks ago         /bin/sh -c #(nop)  ARG LAUNCHPAD_BUILD_ARCH     0B        
<missing>      3 weeks ago         /bin/sh -c #(nop)  ARG RELEASE                  0B

SSH连接Docker容器中的Ubuntu

运行镜像

# 对22端口进行映射
docker run --name ubuntu -it -d -p 10022:22 ubuntu:22.04

进入容器并进行配置

docker exec -it ubuntu /bin/bash

更新包管理器,安装ssh服务

apt-get update && \
apt-get upgrade -y && \
apt-get install -y openssh-server openssh-client vim

启动ssh服务

/etc/init.d/ssh start

查看进程

ps -ef | grep sshd

编辑 sshd_config文件,打开 PermitRootLogin yes ,保存退出

vim /etc/ssh/sshd_config

如:

# Authentication:
PermitRootLogin yes
#LoginGraceTime 2m
#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

重启ssh服务

service ssh restart

为root设置密码(容器中默认是root用户)

passwd root

ssh远程登录

ssh root@IP:10022