Container Management
Overall Description
Subcommands supported by Docker are classified into the following groups by function:
Returns the changes made by the container compared with rootfs in the image. | |||
Creates an image using the content in the .tar package as the file system. | |||
Some subcommands have some parameters, such as docker run. You can run the dockercommand--help command to view the help information of the command. For details about the command parameters, see the preceding command parameter description. The following sections describe how to use each command.
attach
Syntax: docker attach [options] container
Function: Attaches an option to a running container.
Parameter description:
--no-stdin=false: Does not attach any STDIN.
--sig-proxy=true: Proxies all signals of the container, except SIGCHLD, SIGKILL, and SIGSTOP.
Example:
$ sudo docker attach attach_test
root@2988b8658669:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
commit
Syntax: docker commit [options]container[repository[:tag]]
Function: creates an image from a container.
Parameter description:
-a, --author="": specifies an author.
-m, --message="": specifies the submitted information.
-p, --pause=true: pauses the container during submission.
Example:
Run the following command to start a container and submit the container as a new image:
$ sudo docker commit test busybox:test
sha256:be4672959e8bd8a4291fbdd9e99be932912fe80b062fba3c9b16ee83720c33e1
$ sudo docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest e02e811dd08f 2 years ago 1.09MB
cp
Syntax: docker cp [options]container:src_path dest_path|-
docker cp [options] src_path|- container:dest_path
Function: Copies a file or folder from a path in a container to a path on the host or copies a file or folder from the host to the container:
Precautions: The docker cp command does not support the copy of files in virtual file systems such as /proc, /sys, /dev, and /tmp in the container and files in the file systems mounted by users in the container.
Parameter description:
-a, --archive: Sets the owner of the file copied to the container to the container user (--user).
-L, --follow-link: Parses and traces the symbolic link of a file.
Example:
Run the following command to copy the /test directory in the registry container to the /home/aaa directory on the host:
sudo docker cp registry:/test /home/aaa
create
Syntax: docker create [options] image [command] [arg...]
Function: Creates a container using an image file and return the ID of the container. After the container is created, run the docker start command to start the container. options are used to configure the container during container creation. Some parameters will overwrite the container configuration in the image file. command indicates the command to be executed during container startup.
Parameter description:
Table 1 Parameter description
Example:
Run the following command to create a container named busybox and run the docker start command to start the container.
sudo docker create -ti --name=busybox busybox /bin/bash
diff
Syntax: docker diff container
Function: Checks the differences between containers and determines the changes have been made compared with the container creation.
Parameter description: none.
Example:
$ sudo docker diff registry
C /root
A /root/.bash_history
A /test
exec
Syntax: docker exec [options] container command [arg...]
Function: Runs a command in the container.
Parameter description:
-d and --detach=false: Run in the background.
-i and --interactive=false: Keep the STDIN of the container enabled.
-t and --tty=false: Allocate a virtual terminal.
--privileged: Executes commands in privilege mode.
-u and --user: Specifies the user name or UID.
Example:
$ sudo docker exec -ti exec_test ls
bin etc lib media opt root sbin sys tmp var
dev home lib64 mnt proc run srv test usr
export
Syntax: docker export container
Function: Exports the file system content of a container to STDOUT in .tar format.
Parameter description: none.
Example:
Run the following commands to export the contents of the container named busybox to the busybox.tar package:
$ sudo docker export busybox > busybox.tar
$ ls
busybox.tar
inspect
Syntax: docker inspect [options]container|image[container|image...]
Function: Returns the underlying information about a container or image.
Parameter description:
-f and --format="": Output information in a specified format.
-s and --size: Display the total file size of the container when the query type is container.
--type: Returns the JSON format of the specified type.
-t and --time=120: Timeout interval, in seconds. If the docker inspect command fails to be executed within the timeout interval, the system stops waiting and immediately reports an error. The default value is 120.
Example:
Run the following command to return information about a container:
$ sudo docker inspect busybox_test [ { "Id": "9fbb8649d5a8b6ae106bb0ac7686c40b3cbd67ec2fd1ab03e0c419a70d755577", "Created": "2019-08-28T07:43:51.27745746Z", "Path": "bash", "Args": [], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 64177, "ExitCode": 0, "Error": "", "StartedAt": "2019-08-28T07:43:53.021226383Z", "FinishedAt": "0001-01-01T00:00:00Z" }, ......
Run the following command to return the specified information of a container in a specified format. The following uses the IP address of the busybox_test container as an example.
$ sudo docker inspect -f {{.NetworkSettings.IPAddress}} busybox_test 172.17.0.91
logs
Syntax: docker logs [options] container
Function: Captures logs in a container that is in the running or stopped state.
Parameter description:
-f and --follow=false: Print logs in real time.
-t and --timestamps=false: Display the log timestamp.
--since: Displays logs generated after the specified time.
--tail="all": Sets the number of lines to be displayed. By default, all lines are displayed.
Example:
Run the following command to check the logs of the jaegertracing container where a jaegertracing service runs:
$ sudo docker logs jaegertracing {"level":"info","ts":1566979103.3696961,"caller":"healthcheck/handler.go:99","msg":"Health Check server started","http-port":14269,"status":"unavailable"} {"level":"info","ts":1566979103.3820567,"caller":"memory/factory.go:55","msg":"Memory storage configuration","configuration":{"MaxTraces":0}} {"level":"info","ts":1566979103.390773,"caller":"tchannel/builder.go:94","msg":"Enabling service discovery","service":"jaeger-collector"} {"level":"info","ts":1566979103.3908608,"caller":"peerlistmgr/peer_list_mgr.go:111","msg":"Registering active peer","peer":"127.0.0.1:14267"} {"level":"info","ts":1566979103.3922884,"caller":"all-in-one/main.go:186","msg":"Starting agent"} {"level":"info","ts":1566979103.4047635,"caller":"all-in-one/main.go:226","msg":"Starting jaeger-collector TChannel server","port":14267} {"level":"info","ts":1566979103.404901,"caller":"all-in-one/main.go:236","msg":"Starting jaeger-collector HTTP server","http-port":14268} {"level":"info","ts":1566979103.4577134,"caller":"all-in-one/main.go:256","msg":"Listening for Zipkin HTTP traffic","zipkin.http-port":9411}
Add -f to the command to output the logs of the jaegertracing container in real time.
$ sudo docker logs -f jaegertracing {"level":"info","ts":1566979103.3696961,"caller":"healthcheck/handler.go:99","msg":"Health Check server started","http-port":14269,"status":"unavailable"} {"level":"info","ts":1566979103.3820567,"caller":"memory/factory.go:55","msg":"Memory storage configuration","configuration":{"MaxTraces":0}} {"level":"info","ts":1566979103.390773,"caller":"tchannel/builder.go:94","msg":"Enabling service discovery","service":"jaeger-collector"} {"level":"info","ts":1566979103.3908608,"caller":"peerlistmgr/peer_list_mgr.go:111","msg":"Registering active peer","peer":"127.0.0.1:14267"} {"level":"info","ts":1566979103.3922884,"caller":"all-in-one/main.go:186","msg":"Starting agent"}
pause/unpause
Syntax: docker pause container
docker unpause container
Function: The two commands are used in pairs. The docker pause command suspends all processes in a container, and the docker unpause command resumes the suspended processes.
Parameter description: none.
Example:
The following uses a container where the docker registry service runs as an example. After the docker pause command is executed to pause the process of the container, access of the registry service by running the curl command is blocked. You can run the docker unpause command to resume the suspended registry service. The registry service can be accessed by running the curl command.
Run the following command to start a registry container:
sudo docker run -d --name pause_test -p 5000:5000 registry
Run the curl command to access the service. Check whether the status code 200 OK is returned.
sudo curl -v 127.0.0.1:5000
Run the following command to stop the processes in the container:
sudo docker pause pause_test
Run the curl command to access the service to check whether it is blocked and wait until the service starts.
Run the following command to resume the processes in the container:
sudo docker unpause pause_test
The cURL access in step 2 is restored and the request status code 200 OK is returned.
port
Syntax: docker portcontainer [private_port[/proto]]
Function: Lists the port mapping of a container or queries the host port where a specified port resides.
Parameter description: none.
Example:
Run the following command to list all port mappings of a container:
$ sudo docker port registry 5000/tcp -> 0.0.0.0.:5000
Run the following command to query the mapping of a specified container port:
$ sudo docker port registry 5000 0.0.0.0.:5000
ps
Syntax: docker ps [options]
Function: Lists containers in different states based on different parameters. If no parameter is added, all running containers are listed.
Parameter description:
-a and --all=false: Display the container.
-f and --filter=[]: Filter values. The available options are: exited=int (exit code of the container) status=restarting|running|paused|exited (status code of the container), for example, -f status=running: lists the running containers.
-l and --latest=false: List the latest created container.
-n=-1: Lists the latest created n containers.
--no-trunc=false: Displays all 64-bit container IDs. By default, 12-bit container IDs are displayed.
-q and --quiet=false: Display the container ID.
-s and --size=false: Display the container size.
Example:
Run the following command to lists running containers:
sudo docker ps
Run the following command to display all containers:
sudo docker ps -a
rename
Syntax: docker rename OLD_NAME NEW_NAME
Function: Renames a container.
Example:
Run the docker run command to create and start a container, run the docker rename command to rename the container, and check whether the container name is changed.
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b15976967abb busybox:latest "bash" 3 seconds ago Up 2 seconds festive_morse
$ sudo docker rename pedantic_euler new_name
$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b15976967abb busybox:latest "bash" 34 seconds ago Up 33 seconds new_name
restart
Syntax: docker restart [options] container [container...]
Function: Restarts a running container.
Parameter description:
-t and --time=10: Number of seconds to wait for the container to stop before the container is killed. If the container has stopped, restart the container. The default value is 10.
Example:
sudo docker restart busybox
NOTE: During the container restart, if a process in the D or Z state exists in the container, the container may fail to be restarted. In this case, you need to analyze the cause of the D or Z state of the process in the container. Restart the container after the D or Z state of the process in the container is released.
rm
Syntax: docker rm [options]container [container...]
Function: Deletes one or more containers.
Parameter description:
-f and --force=false: Forcibly delete a running container.
-l and --link=false: Remove the specified link and do not remove the underlying container.
-v and --volumes=false: Remove the volumes associated with the container.
Example:
Run the following command to delete a stopped container:
sudo docker rm test
Run the following command to delete a running container:
sudo docker rm -f rm_test
run
Syntax: docker run [options]image [command] [arg...]
Function: Creates a container from a specified image (if the specified image does not exist, an image is downloaded from the official image registry), starts the container, and runs the specified command in the container. This command integrates the docker create, docker start, and docker exec commands.
Parameter description: (The parameters of this command are the same as those of the docker create command. For details, see the parameter description of the docker create command. Only the following two parameters are different.)
--rm=false: Specifies the container to be automatically deleted when it exits.
-v: Mounts a local directory or an anonymous volume to the container. Note: When a local directory is mounted to a container with a SELinux security label, do not add or delete the local directory at the same time. Otherwise, the security label may not take effect.
--sig-proxy=true: Receives proxy of the process signal. SIGCHLD, SIGSTOP, and SIGKILL do not use the proxy.
Example:
Run the busybox image to start a container and run the /bin/sh command after the container is started:
sudo docker run -ti busybox /bin/sh
start
Syntax: docker start [options] container [container...]
Function: Starts one or more containers that are not running.
Parameter description:
-a and --attach=false: Attach the standard output and error output of a container to STDOUT and STDERR of the host.
-i and --interactive=false: Attach the standard input of the container to the STDIN of the host.
Example:
Run the following command to start a container named busybox and add the -i -a to the command to add standard input and output. After the container is started, directly enter the container. You can exist the container by entering exit.
If -i -a is not added to the command when the container is started, the container is started in the background.
sudo docker start -i -a busybox
stats
Syntax: docker stats [options] [container...]
Function: Continuously monitors and displays the resource usage of a specified container. (If no container is specified, the resource usage of all containers is displayed by default.)
Parameter description:
-a, and --all: Display information about all containers. By default, only running containers are displayed.
--no-stream: Displays only the first result and does not continuously monitor the result.
Example:
Run the docker run command to start and create a container, and run the docker stats command to display the resource usage of the container:
$ sudo docker stats
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
2e242bcdd682 jaeger 0.00% 77.08MiB / 125.8GiB 0.06% 42B / 1.23kB 97.9MB / 0B 38
02a06be42b2c relaxed_chandrasekhar 0.01% 8.609MiB / 125.8GiB 0.01% 0B / 0B 0B / 0B 10
deb9e49fdef1 hardcore_montalcini 0.01% 12.79MiB / 125.8GiB 0.01% 0B / 0B 0B / 0B 9
stop
Syntax: docker stop [options] container [container...]
Function: Sends a SIGTERM signal to a container and then sends a SIGKILL signal to stop the container after a certain period.
Parameter description:
-t and --time=10: Number of seconds that the system waits for the container to exit before the container is killed. The default value is 10.
Example:
sudo docker stop -t=15 busybox
top
Syntax: docker top container [ps options]
Function: Displays the processes running in a container.
Parameter description: none.
Example:
Run the top_test container and run the top command in the container.
$ sudo docker top top_test
UID PID PPID C STIME TTY TIME CMD
root 70045 70028 0 15:52 pts/0 00:00:00 bash
The value of PID is the PID of the process in the container on the host.
update
Syntax: docker update [options] container [container...]
Function: Hot changes one or more container configurations.
Parameter description:
Table 1 Parameter description
Example:
Run the following command to change the CPU and memory configurations of the container named busybox, including changing the relative weight of the host CPU obtained by the container to 512, the CPU cores that can be run by processes in the container to 0,1,2,3, and the memory limit for running the container to 512 m.
sudo docker update --cpu-shares 512 --cpuset-cpus=0,3 --memory 512m ubuntu
wait
Syntax: docker wait container [container...]
Function: Waits for a container to stop and print the exit code of the container:
Parameter description: none.
Example:
Run the following command to start a container named busybox:
sudo docker start -i -a busybox
Run the docker wait command:
$ sudo docker wait busybox
0
Wait until the busybox container exits. After the busybox container exits, the exit code 0 is displayed.