'docker'에 해당되는 글 33건

  1. 2016.07.24 docker 공부
  2. 2016.07.22 [docker] docker 설치
  3. 2016.07.21 [docker] docker 이미지 삭제

docker 공부

docker 2016.07.24 05:50

* docker는 Go 로 만들어져 있다 .

* 컨테이너 명령어는 아래 github에 있다.


run 커맨드는 create 커맨드와 run 커맨드를 하나로 합쳐 준 기능이다.

* 도커 이미지/컨테이너

도커 이미지는 파일, 

도커 컨테이너는 프로세스

* docker 프로세스 목록 보기

$ docker ps -a

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                     PORTS                    NAMES

66825389a870        hello-world         "/hello"                 40 hours ago        Exited (0) 40 hours ago                             hungry_chandrasekhar

9fb0fc1311ee        054c4599963c        "/bin/sh -c 'mkdir -p"   5 days ago          Exited (0) 5 days ago                               gigantic_jang

f7dd0d66158a        380da3b4d062        "/bin/sh -c 'yum grou"   5 days ago          Exited (0) 5 days ago                               infallible_bose

5ccaea4b7cb9        kite-dns            "sh /app/start"          22 months ago       Exited (0) 11 months ago>53/udp   kite-dns

e194ffa881eb        dockerfile/ghost    "/bin/bash"              23 months ago       Exited (0) 23 months ago                            prickly_archimedes

123a8a34e793        dockerfile/ghost    "bash /ghost-start"      23 months ago       Exited (0) 22 months ago>2368/tcp   cranky_pasteur

e7dff68d8231        dockerfile/ghost    "bash /ghost-start"      23 months ago       Exited (0) 23 months ago                            hungry_sinoussi

41088b37ad02        dockerfile/ghost    "bash /ghost-start"      23 months ago       Exited (0) 23 months ago                            stoic_almeida

36f61ab4f3ae        dockerfile/ghost    "bash /ghost-start"      23 months ago       Exited (0) 23 months ago                            angry_curie

exited 와 up으로 대충 구분할 수 있다. exited는 종료된 것, up은 실행 중임을 의미한다.

docker ps 는 실행 중인 도커 프로세스의 목록을 출력한다.

$ docker ps

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                  NAMES

76d768dbe13c        wordpress           "/entrypoint.sh apach"   About an hour ago   Up About an hour>80/tcp   wordpress

a54634841ccd        mysql:5.7           "docker-entrypoint.sh"   About an hour ago   Up About an hour    3306/tcp               wordpressdb

* 도커 컨테이너를 시작하려면 docker start를 실행한다.

$ docker start wordexpress

* 도커 컨테이너를 종료하려면 docker stop를 실행한다.

$ docker stop wordexpress

* 도커 컨테이너를 삭제하려면 docker rm을 실행한다.

$ docker ps -a  | grep hello

5f615fc3de99        hello-world         "bash"                   About an hour ago   Created                                                 furious_wozniak

686db8babcdb        hello-world         "/hello"                 About an hour ago   Exited (0) About an hour ago                            evil_bohr

66825389a870        hello-world         "/hello"                 2 days ago          Exited (0) 2 days ago                                   hungry_chandrasekhar

~$ docker rm 5f615fc3de99  686db8babcdb  66825389a870




~$ docker ps -a  | grep hello

// 없음

* 도커 컨테이너에 접근하려면 docker exec container_id /bin/bash를 실행한다.

* 도커 컨네이버 검색하려면 docker search 커맨드를 사용한다.

$docker search express

$docker search node

$docker search centos

* 도커 허브 로그인

$ docker login

Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.


* docker 명령어 잘 보기

docker 커맨드에 --help 잘 살펴보기

$ docker  --help

Usage: docker [OPTIONS] COMMAND [arg...]

       docker [ --help | -v | --version ]

A self-sufficient runtime for containers.


  --config=~/.docker              Location of client config files

  -D, --debug                     Enable debug mode

  -H, --host=[]                   Daemon socket(s) to connect to

  -h, --help                      Print usage

  -l, --log-level=info            Set the logging level

  --tls                           Use TLS; implied by --tlsverify

  --tlscacert=~/.docker/ca.pem    Trust certs signed only by this CA

  --tlscert=~/.docker/cert.pem    Path to TLS certificate file

  --tlskey=~/.docker/key.pem      Path to TLS key file

  --tlsverify                     Use TLS and verify the remote

  -v, --version                   Print version information and quit


    attach    Attach to a running container

    build     Build an image from a Dockerfile

    commit    Create a new image from a container's changes

    cp        Copy files/folders between a container and the local filesystem

    create    Create a new container

    deploy    Create and update a stack from a Distributed Application Bundle (DAB)

    diff      Inspect changes on a container's filesystem

    events    Get real time events from the server

    exec      Run a command in a running container

    export    Export a container's filesystem as a tar archive

    history   Show the history of an image

    images    List images

    import    Import the contents from a tarball to create a filesystem image

    info      Display system-wide information

    inspect   Return low-level information on a container, image or task

    kill      Kill one or more running container

    load      Load an image from a tar archive or STDIN

    login     Log in to a Docker registry.

    logout    Log out from a Docker registry.

    logs      Fetch the logs of a container

    network   Manage Docker networks

    node      Manage Docker Swarm nodes

    pause     Pause all processes within one or more containers

    plugin    Manage Docker plugins

    port      List port mappings or a specific mapping for the container

    ps        List containers

    pull      Pull an image or a repository from a registry

    push      Push an image or a repository to a registry

    rename    Rename a container

    restart   Restart a container

    rm        Remove one or more containers

    rmi       Remove one or more images

    run       Run a command in a new container

    save      Save one or more images to a tar archive (streamed to STDOUT by default)

    search    Search the Docker Hu

$ docker login --help

Usage: docker login [OPTIONS] [SERVER]

Log in to a Docker registry.

If no server is specified, the default is defined by the daemon.


      --help              Print usage

  -p, --password string   Password

  -u, --username string   Username

$ docker run --help

Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

Run a command in a new container


      --add-host value              Add a custom host-to-IP mapping (host:ip) (default [])

  -a, --attach value                Attach to STDIN, STDOUT or STDERR (default [])

      --blkio-weight value          Block IO (relative weight), between 10 and 1000

      --blkio-weight-device value   Block IO weight (relative device weight) (default [])

      --cap-add value               Add Linux capabilities (default [])

      --cap-drop value              Drop Linux capabilities (default [])

      --cgroup-parent string        Optional parent cgroup for the container

      --cidfile string              Write the container ID to the file

      --cpu-percent int             CPU percent (Windows only)

      --cpu-period int              Limit CPU CFS (Completely Fair Scheduler) period

      --cpu-quota int               Limit CPU CFS (Completely Fair Scheduler) quota

  -c, --cpu-shares int              CPU shares (relative weight)

      --cpuset-cpus string          CPUs in which to allow execution (0-3, 0,1)

      --cpuset-mems string          MEMs in which to allow execution (0-3, 0,1)

  -d, --detach                      Run container in background and print container ID

      --detach-keys string          Override the key sequence for detaching a container

      --device value                Add a host device to the container (default [])

      --device-read-bps value       Limit read rate (bytes per second) from a device (default [])

      --device-read-iops value      Limit read rate (IO per second) from a device (default [])

      --device-write-bps value      Limit write rate (bytes per second) to a device (default [])

      --device-write-iops value     Limit write rate (IO per second) to a device (default [])

      --disable-content-trust       Skip image verification (default true)

      --dns value                   Set custom DNS servers (default [])

      --dns-opt value               Set DNS options (default [])

      --dns-search value            Set custom DNS search domains (default [])

      --entrypoint string           Overwrite the default ENTRYPOINT of the image

  -e, --env value                   Set environment variables (default [])

      --env-file value              Read in a file of environment variables (default [])

      --expose value                Expose a port or a range of ports (default [])

      --group-add value             Add additional groups to join (default [])

      --health-cmd string           Command to run to check health

      --health-interval duration    Time between running the check

      --health-retries int          Consecutive failures needed to report unhealthy

      --health-timeout duration     Maximum time to allow one check to run

      --help                        Print usage

  -h, --hostname string             Container host name

  -i, --interactive                 Keep STDIN open even if not attached

      --io-maxbandwidth string      Maximum IO bandwidth limit for the system drive (Windows only)

      --io-maxiops uint             Maximum IOps limit for the system drive (Windows only)

      --ip string                   Container IPv4 address (e.g.

      --ip6 string                  Container IPv6 address (e.g. 2001:db8::33)

      --ipc string                  IPC namespace to use

      --isolation string            Container isolation technology

      --kernel-memory string        Kernel memory limit

  -l, --label value                 Set meta data on a container (default [])

      --label-file value            Read in a line delimited file of labels (default [])

      --link value                  Add link to another container (default [])

      --link-local-ip value         Container IPv4/IPv6 link-local addresses (default [])

      --log-driver string           Logging driver for container

      --log-opt value               Log driver options (default [])

      --mac-address string          Container MAC address (e.g. 92:d0:c6:0a:29:33)

  -m, --memory string               Memory limit

      --memory-reservation string   Memory soft limit

      --memory-swap string          Swap limit equal to memory plus swap: '-1' to enable unlimited swap

      --memory-swappiness int       Tune container memory swappiness (0 to 100) (default -1)

      --name string                 Assign a name to the container

      --network string              Connect a container to a network (default "default")

      --network-alias value         Add network-scoped alias for the container (default [])

      --no-healthcheck              Disable any container-specified HEALTHCHECK

      --oom-kill-disable            Disable OOM Killer

      --oom-score-adj int           Tune host's OOM preferences (-1000 to 1000)

      --pid string                  PID namespace to use

      --pids-limit int              Tune container pids limit (set -1 for unlimited)

      --privileged                  Give extended privileges to this container

  -p, --publish value               Publish a container's port(s) to the host (default [])

  -P, --publish-all                 Publish all exposed ports to random ports

      --read-only                   Mount the container's root filesystem as read only

      --restart string              Restart policy to apply when a container exits (default "no")

      --rm                          Automatically remove the container when it exits

      --runtime string              Runtime to use for this container

      --security-opt value          Security Options (default [])

      --shm-size string             Size of /dev/shm, default value is 64MB

      --sig-proxy                   Proxy received signals to the process (default true)

      --stop-signal string          Signal to stop a container, SIGTERM by default (default "SIGTERM")

      --storage-opt value           Set storage driver options per container (default [])

      --sysctl value                Sysctl options (default map[])

      --tmpfs value                 Mount a tmpfs directory (default [])

  -t, --tty                         Allocate a pseudo-TTY

      --ulimit value                Ulimit options (default [])

  -u, --user string                 Username or UID (format: <name|uid>[:<group|gid>])

      --userns string               User namespace to use

      --uts string                  UTS namespace to use

  -v, --volume value                Bind mount a volume (default [])

      --volume-driver string        Optional volume driver for the container

      --volumes-from value          Mount volumes from the specified container(s) (default [])

  -w, --workdir string              Working directory inside the container

* 이미지를 도커 허브에 올릴 수 있다.

참고,  $ man Dockerfile

Posted by 김용환 '김용환'

[docker] docker 설치

docker 2016.07.22 18:22

docker는 linux 와 맥을 포함한 다양한 운영 체제에서 동작할 수 있다. 


맥에서는 쉽게 설치할 수 있다.



순서대로 진행한다.

~$ docker --version

Docker version 1.12.0-rc4, build e4a0dbc, experimental

제대로 동작되는지 확인하기 위해 다음을 실행한다.

~$ docker run hello-world

Unable to find image 'hello-world:latest' locally

latest: Pulling from library/hello-world

c04b14da8d14: Pull complete

Digest: sha256:0256e8a36e2070f7bf2d0b0763dbabdd67798512411de4cdcf9431a1feb60fd9

Status: Downloaded newer image for hello-world:latest

Hello from Docker!

This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:

 1. The Docker client contacted the Docker daemon.

 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.

 3. The Docker daemon created a new container from that image which runs the

    executable that produces the output you are currently reading.

 4. The Docker daemon streamed that output to the Docker client, which sent it

    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:

 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:


For more examples and ideas, visit:


용량을 확인하려면 docker images 명령을 실행한다. 

~$ docker images | grep hello

hello-world         latest              c54a2cc56cbb        2 weeks ago         1.848 kB

Centos 7.1에서는 다음과 같이 작업한다.

$ sudo yum update

$ curl -sSL https://get.docker.com/  | sh

$ sudo usermod -aG docker 계정명

$  sudo systemctl start docker

(데몬 실행이 필요하다)

데몬을 실행하지 않으면 docker daemon을 못 찾는 다는 에러가 발생한다.

$ docker run hello-world

docker: Cannot connect to the Docker daemon. Is the docker daemon running on this host?.

See 'docker run --help'.

$ docker ps

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

이럴 때는 sudo systemctl start docker를 제대로 실행 안된 경우일수도 있고 chmod 권한 문제일 수도 있다.

안되면, sudo를 써본다.

$ sudo docker run hello-world

이전 결과와 동일

실행되는 것을 확인할 수 있다.

그리고, docker 데몬이 부팅 후에 자동으로 실행될 수 있도록 다음을 실행하는 것이 좋다.

$ sudo systemctl enable docker

만약 Hello from Docker! 메시지가 발생하지 않으면, 아래 커맨드를 이용해서 443 포트로 ssh 연결이 되는지를 확인해야 한다. proxy 이슈나 컴파일 이슈일 수 있다.

$ openssl s_client -connect index.docker.io:443

참고로 맥에서 vagrant 를 사용하여 centos 7를 설치할 수 있고, 해당 centos 7에서 docker를 설치할 수 있고, docker를 테스트해볼 수 있다.

* 맥 OS x에서 아래와 같은 에러가 발생한다면 제대로 실행이 안된 것이다. 

[~/temp] docker images

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

docker앱을 설치한 후 docker를 실행한다. 그래서 데몬으로 떠 있어야 한다. 아래와 비슷하게 나오면 성공이다.

$ docker images

REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

sandbox       latest              b1c4b0a4a954        9 months ago        3.76 GB

centos              6.7                 fb5054b394b7        10 months ago       191 MB

Posted by 김용환 '김용환'

도커 이미지를 삭제하는 방법은 두 가지이다. 컨테이너 삭제와 이미지 삭제이다.

참조 : https://docs.docker.com/engine/reference/commandline/rm/

* docker rmi : 이미지 삭제

* docker rm : 이미지를 포함한 이미지를 삭제

-f을 주면 강제 삭제한다.

정지된 모든 컨테이너를 삭제하려면, 다음을 실행한다.

$ docker rm $(docker ps -a -q)

도커의 특정 이미지를 삭제하려 할 때, 멈춰진 컨테이너 때문에 삭제가 안될 때가 있다. 이때 컨테이너를 삭제할 때 도움을 받을 수 있다.

$docker rmi 1ce28876c3cc

Error response from daemon: conflict: unable to delete 1ce28876c3cc (must be forced) - image is being used by stopped container 5ccaea4b7cb9

$ docker rm 5ccaea4b7cb9


$docker rmi 1ce28876c3cc

Untagged: hello-world:latest

Deleted: sha256:b77358fac48bc0d0b5e547b7b999c5e70a5fde9de9c086b47775568c8b88326d

Deleted: sha256:32ada9ef4cd3ccd536337fbcd8cdb6e026237f59db80498f83f3175176561ffb

Deleted: sha256:3d3313518f8e8d9723adfb09ea58b7a6d46e565979fda05a2073ecb30ca1e3a1

Deleted: sha256:b652ec3a27e758f30de4742156b5d096bb19c82f2dc836e96e430323ba166ffe

목록을 보면 삭제되었다. 

$ docker images


모두 삭제하기

$ docker system prune -a 

Posted by 김용환 '김용환'