docker

Docker学习

安装

这里使用树莓派

# Usage
# ==============================================================================
#
# To install the latest stable versions of Docker CLI, Docker Engine, and their
# dependencies:
#
# 1. download the script
#
#   $ curl -fsSL https://get.docker.com -o install-docker.sh
#
# 2. verify the script's content
#
#   $ cat install-docker.sh
#
# 3. run the script with --dry-run to verify the steps it executes
#
#   $ sh install-docker.sh --dry-run
#
# 4. run the script either as root, or using sudo to perform the installation.
#
#   $ sudo sh install-docker.sh

把第一条和第四条执行以下，下载不了的话就挂梯子

命令

docker pull

此命令用来从仓库下载镜像

docker images

此命令用户列出所有下载过的docker镜像

docker rmi

此命令用户删除一个docker镜像，docker remove image

1	docker rmi <ID/REPOSITORY>

docker run

此命令用于创建并运行一个容器

1	docker run -d

detached mode，可以不阻塞当前窗口，在后台运行

运行docker run 命令时，如果镜像不存在，那么会自动拉取

-p 80:80

-v 挂载目录

在我的宿主机上有一个apache服务器，docker里面又启动了一个nginx服务器，我要nginx也是用apache的服务器内容，就可以这样挂载，宿主机和容器对文件的修改都会影响宿主机原本的文件内容。

docker ps

查看已下载的镜像

docker inspect

查看容器信息

[
    {
        "Id": "bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84",
        "Created": "2025-10-09T11:26:53.091560762Z",
        "Path": "/docker-entrypoint.sh",
        "Args": [
            "nginx",
            "-g",
            "daemon off;"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 1041051,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2025-10-09T11:47:32.182875692Z",
            "FinishedAt": "2025-10-09T11:39:32.692162936Z"
        },
        "Image": "sha256:e35ad067421ccda484ee30e4ccc8a38fa13f9a21dd8d356e495c2d3a1f0766e9",
        "ResolvConfPath": "/var/lib/docker/containers/bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84/resolv.conf",
        "HostnamePath": "/var/lib/docker/containers/bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84/hostname",
        "HostsPath": "/var/lib/docker/containers/bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84/hosts",
        "LogPath": "/var/lib/docker/containers/bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84/bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84-json.log",
        "Name": "/vigilant_borg",
        "RestartCount": 0,
        "Driver": "overlay2",
        "Platform": "linux",
        "MountLabel": "",
        "ProcessLabel": "",
        "AppArmorProfile": "",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": [
                "/var/www/html:/usr/share/nginx/html"
            ],
            "ContainerIDFile": "",
            "LogConfig": {
                "Type": "json-file",
                "Config": {}
            },
            "NetworkMode": "bridge",
            "PortBindings": {
                "80/tcp": [
                    {
                        "HostIp": "",
                        "HostPort": "8808"
                    }
                ]
            },
            "RestartPolicy": {
                "Name": "no",
                "MaximumRetryCount": 0
            },
            "AutoRemove": false,
            "VolumeDriver": "",
            "VolumesFrom": null,
            "ConsoleSize": [
                58,
                181
            ],
            "CapAdd": null,
            "CapDrop": null,
            "CgroupnsMode": "private",
            "Dns": [],
            "DnsOptions": [],
            "DnsSearch": [],
            "ExtraHosts": null,
            "GroupAdd": null,
            "IpcMode": "private",
            "Cgroup": "",
            "Links": null,
            "OomScoreAdj": 0,
            "PidMode": "",
            "Privileged": false,
            "PublishAllPorts": false,
            "ReadonlyRootfs": false,
            "SecurityOpt": null,
            "UTSMode": "",
            "UsernsMode": "",
            "ShmSize": 67108864,
            "Runtime": "runc",
            "Isolation": "",
            "CpuShares": 0,
            "Memory": 0,
            "NanoCpus": 0,
            "CgroupParent": "",
            "BlkioWeight": 0,
            "BlkioWeightDevice": [],
            "BlkioDeviceReadBps": [],
            "BlkioDeviceWriteBps": [],
            "BlkioDeviceReadIOps": [],
            "BlkioDeviceWriteIOps": [],
            "CpuPeriod": 0,
            "CpuQuota": 0,
            "CpuRealtimePeriod": 0,
            "CpuRealtimeRuntime": 0,
            "CpusetCpus": "",
            "CpusetMems": "",
            "Devices": [],
            "DeviceCgroupRules": null,
            "DeviceRequests": null,
            "MemoryReservation": 0,
            "MemorySwap": 0,
            "MemorySwappiness": null,
            "OomKillDisable": null,
            "PidsLimit": null,
            "Ulimits": [],
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "MaskedPaths": [
                "/proc/asound",
                "/proc/acpi",
                "/proc/interrupts",
                "/proc/kcore",
                "/proc/keys",
                "/proc/latency_stats",
                "/proc/timer_list",
                "/proc/timer_stats",
                "/proc/sched_debug",
                "/proc/scsi",
                "/sys/firmware",
                "/sys/devices/virtual/powercap"
            ],
            "ReadonlyPaths": [
                "/proc/bus",
                "/proc/fs",
                "/proc/irq",
                "/proc/sys",
                "/proc/sysrq-trigger"
            ]
        },
        "GraphDriver": {
            "Data": {
                "ID": "bb0ed63e5343b2909ade17a4d7b32f57e64fb9cb3a62d8f09ae5194fb6e2ec84",
                "LowerDir": "/var/lib/docker/overlay2/07123433d3bfec54ce8040ac5c2d199fb869565625feddac5f55fa88febb88c5-init/diff:/var/lib/docker/overlay2/a841d7cc6dbd360ec86c65719cd553de3162c63f953e360b98a93ca960a809f2/diff:/var/lib/docker/overlay2/507b47b365b164b1aed7b0ab3e1da800ab8667b092dc76248f4eed98668e63ed/diff:/var/lib/docker/overlay2/3eae315eea97056adfa325f8b9b9960342f2364fa187dcc8c3aa7ceb3aa82283/diff:/var/lib/docker/overlay2/598206e548e877607b956cbf850b2468ac21a3c581ba7da21f10d238637342d6/diff:/var/lib/docker/overlay2/a4cd7986d0dfd2c0ce129bf6d7b82bae911b68055e40b85487525a6a14fbc03c/diff:/var/lib/docker/overlay2/7629fc3bcabfa1a617d52d57efb158bed7843c7df6a5fc5e96ce0d479d5f9fe3/diff:/var/lib/docker/overlay2/3b7137bcd7b4a21bb55d80bdcfad703f6e1fcbf3c45a1e6181bcda5407caaec7/diff",
                "MergedDir": "/var/lib/docker/overlay2/07123433d3bfec54ce8040ac5c2d199fb869565625feddac5f55fa88febb88c5/merged",
                "UpperDir": "/var/lib/docker/overlay2/07123433d3bfec54ce8040ac5c2d199fb869565625feddac5f55fa88febb88c5/diff",
                "WorkDir": "/var/lib/docker/overlay2/07123433d3bfec54ce8040ac5c2d199fb869565625feddac5f55fa88febb88c5/work"
            },
            "Name": "overlay2"
        },
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/var/www/html",
                "Destination": "/usr/share/nginx/html",
                "Mode": "",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        "Config": {
            "Hostname": "bb0ed63e5343",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.29.2",
                "NJS_VERSION=0.9.3",
                "NJS_RELEASE=1~trixie",
                "PKG_RELEASE=1~trixie",
                "DYNPKG_RELEASE=1~trixie"
            ],
            "Cmd": [
                "nginx",
                "-g",
                "daemon off;"
            ],
            "Image": "nginx",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": [
                "/docker-entrypoint.sh"
            ],
            "OnBuild": null,
            "Labels": {
                "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>"
            },
            "StopSignal": "SIGQUIT"
        },
        "NetworkSettings": {
            "Bridge": "",
            "SandboxID": "8a0d9187a47cd105f6c5c35ba9506f0d2173399c6dac16b6a9ac2a59839b8974",
            "SandboxKey": "/var/run/docker/netns/8a0d9187a47c",
            "Ports": {
                "80/tcp": [
                    {
                        "HostIp": "0.0.0.0",
                        "HostPort": "8808"
                    },
                    {
                        "HostIp": "::",
                        "HostPort": "8808"
                    }
                ]
            },
            "HairpinMode": false,
            "LinkLocalIPv6Address": "",
            "LinkLocalIPv6PrefixLen": 0,
            "SecondaryIPAddresses": null,
            "SecondaryIPv6Addresses": null,
            "EndpointID": "493a0f10dd4b30e9523175860148528075582b9346d4580d162dd055ab1a6feb",
            "Gateway": "172.17.0.1",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "172.17.0.2",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "MacAddress": "ce:9f:06:10:38:a2",
            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "MacAddress": "ce:9f:06:10:38:a2",
                    "DriverOpts": null,
                    "GwPriority": 0,
                    "NetworkID": "c52144245f92e7306bd6ed8172b3f6a52c2175bf23448794418d0ae3a9bb1981",
                    "EndpointID": "493a0f10dd4b30e9523175860148528075582b9346d4580d162dd055ab1a6feb",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "DNSNames": null
                }
            }
        }
    }
]

docker exec

使用docker exec -it NAME /bin/sh可以进入一个容器，在容器里面执行linux命令

由于docker为了尽量压缩容器大小，所以很多工具都是没有的，先cat /etc/os-release看一下这个docker容器是什么发行版的

看到是Debian，所以下载工具是apt，先apt update更新一下索引

普通用户直接运行docker

听听claude怎么说：

Halo@raspberrypi:/mnt/ssd/docker $ claude

  ▐▛███▜▌   Claude Code v2.0.10
 ▝▜█████▛▘  Sonnet 4.5 · API Usage Billing
   ▘▘ ▝▝    /mnt/ssd/docker

> 在我的电脑上docker只能sudo启动，怎么让普通用户也可以直接使用docker而不会permission deny 

● 要让普通用户不用 sudo 就能使用 Docker，需要将用户添加到 docker 用户组。以下是步骤：

  1. 将当前用户添加到 docker 组：
  sudo usermod -aG docker $USER

  2. 重新登录或刷新组权限：
  newgrp docker
  或者注销后重新登录系统。

  3. 验证是否成功：
  docker ps

  如果 docker 组不存在，可以先创建：
  sudo groupadd docker

  注意： 将用户添加到 docker 组相当于授予了 root 级别的权限，因为 Docker 守护进程以 root 身份运行。请确保只将可信用户添加到此组。

Total cost:            $0.0206
Total duration (API):  17.6s
Total duration (wall): 1m 2s
Total code changes:    0 lines added, 0 lines removed
Usage by model:
    claude-3-5-haiku:  1.1k input, 47 output, 0 cache read, 0 cache write ($0.0011)
       claude-sonnet:  3 input, 236 output, 11.5k cache read, 3.3k cache write ($0.0195)
       
> 测试：      
Halo@raspberrypi:/mnt/ssd/docker $ sudo usermod -aG docker $USER
Halo@raspberrypi:/mnt/ssd/docker $ newgrp docker
Halo@raspberrypi:/mnt/ssd/docker $ docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
> 测试成功！