基础概念

• image: an environment schema 可以理解为一个模板
• container: an instance of an image 模板的一个实例

查看状态

docker ps -a                # Lists containers (and tells you which images they are spun from)

docker images               # Lists images 

docker rm <container_id>    # Removes a stopped container

docker rm -f <container_id> # Forces the removal of a running container (uses SIGKILL)

docker rmi <image_id>       # Removes an image 
                            # Will fail if there is a running instance of that image i.e. container

docker rmi -f <image_id>    # Forces removal of image even if it is referenced in multiple repositories, 
                            # i.e. same image id given multiple names/tags 
                            # Will still fail if there is a docker container referencing image

构建简单的image

sudo docker pull ubuntu:18.04
sudo docker run -i -t ubuntu:18.04 

构建image

https://www.runoob.com/docker/docker-dockerfile.html
https://yeasy.gitbook.io/docker_practice/image/dockerfile/copy

mkdir ~/dockerfile
cd ~/dockerfile
# do not misspelling Dockerfile, it serves as makefile
vim Dockerfile 

# Content of Dockerfile
FROM ubuntu
RUN apt-get update && yes | apt-get install clang && yes | apt-get install git 
VOLUME /home/katsura
WORKDIR /home/katsura
COPY file1 ./
COPY file2 ./
COPY dir1 ./
CMD xxx.sh


# Brief introduction (Details can be found in the link above)
# FROM: specify base image
# RUN: specify the command used when starting a container, typically some environment installation operation. 
# VOLUME: 

从image构建容器

# will create a new container
docker run <image name>
# create a new container and enter a bash CLI. 
docker run -it <image name>:<image tag> bash
# with memory  limit & gdb enabled
docker run -it -m 61440M --memory-swap -1 --cap-add sys_ptrace --security-opt seccomp=unconfined --name exe ubuntu:18.04 /bin/bash
# kill the daemon container
docker container kill <container ID>
#

构建完后的常用指令

yes | apt-get install curl
yes | apt-get install zsh
yes | apt-get install git
yes | apt-get install gdb
yes | apt-get install sudo
yes | apt-get install clang
yes | apt-get install htop
yes | apt-get install cmake
yes | apt-get install ctags
yes | apt-get install vim
yes | apt-get install g++-8
yes | apt-get install locales
yes | apt-get install flex 
yes | apt-get install bison 
yes | apt-get install zlib1g-dev 
yes | apt-get install libreadline6-dev 
yes | apt-get install libboost-all-dev 
yes | apt-get install libncurses5-dev

echo en_US.UTF-8 UTF-8 > /etc/locale.gen
locale-gen en_US.UTF-8

useradd -m lirui
passwd lirui
usermod -a -G sudo lirui
su lirui
chsh # change default shell 
# and then input /usr/bin/zsh
sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"

# copy these file to image 
~/.zshrc
~/.vimrc
~/.vim.tar
/usr/local/bin/clean_cache.sh

# Installation of pg... 
# git checkout repo
git checkout -b <local branch name> origin/<remote branch name>

mkdir -p /home/lirui/debugpsql
mkdir -p /home/lirui/.local/var/postgres
initdb -D /home/lirui/.local/var/postgres

# copy these files to imagge 
~/.local/var/postgres/postgresql.conf

# set sudo timeout
vim /etc/sudoers
Defaults env_reset, timestamp_timeout=0

保存容器到image

sudo docker commit [CONTAINER_ID] [new_image_name]

从宿主往container copy文件

docker cp <host file path> <container id>:<container file path>

从容器中访问宿主机（通过ip地址访问）

https://www.cnblogs.com/xuanmanstein/p/10559269.html

ip addr show docker0

从宿主机访问容器（通过ip地址访问）

https://stackoverflow.com/questions/17157721/how-to-get-a-docker-containers-ip-address-from-the-host

docker inspect <container id> | grep 'IPAddress"
# or use 
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container id>

容器的开启关闭与连接

docker start <container id>
docker stop <container id>
# attach to the started container and enter the cli
# when exit the cli, the container will not be stopped
docker exec -it <container id> bash

容器的硬件限额

https://blog.csdn.net/fuck487/article/details/86096134

docker update --memory 1200m --memory-swap -1 

设置容器的权限

docker run --memory 51200m --memory-swap -1 --cap-add=SYS_TIME --cap-add=SYS_PTRACE  -it <image name>:<image tag> bash

常见错误

1. permission not allowed

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/dd1/json": dial unix /var/run/docker.sock: connect: permission denied

• Methods

sudo chmod 666 /var/run/docker.sock