1, Install docker
Environment: YUM source for rhel7.3
[root@18 docker]# yum install docker-engine-17.03.1.ce-1.el7.centos.x86_64.rpm -y
[root@18 docker]# yum install docker-engine-selinux-17.03.1.ce-1.el7.centos.noarch.rpm -y[root@18 docker]# systemctl start docker.service
##View docker version
[root@18 docker]# docker version
Client:
Version: 17.03.1-ce
API version: 1.27
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Server:
Version: 17.03.1-ce
API version: 1.27 (minimum version 1.12)
Go version: go1.7.5
Git commit: c6d412e
Built: Fri Mar 24 00:36:45 2017
OS/Arch: linux/amd64
Experimental: false2, Add image source
To register an account with alicloud, use the image accelerator: 
[root@18 ~]# sudo mkdir -p /etc/docker
[root@18 ~]# tee /etc/docker/daemon.json <<-'EOF' ##Mirror acceleration
> {
> "registry-mirrors": ["https://afvtk9f6.mirror.aliyuncs.com"]
> }
> EOF
{
"registry-mirrors": ["https://afvtk9f6.mirror.aliyuncs.com"]
}
##Search for images on the Internet
[root@foundation10 docker]# docker search nginx
##From Alibaba cloud source nginx image
[root@18 docker]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
d660b1f15b9b: Downloading 8.4 MB/54.25 MB
aa1c79a2fa37: Download complete
f5f6514c0aff: Download complete
...3, Using docker
Import mirroring
[root@18 pub]# docker load < game2048.tar
011b303988d2: Loading layer 5.05 MB/5.05 MB
36e9226e74f8: Loading layer 51.46 MB/51.46 MB
192e9fad2abc: Loading layer 3.584 kB/3.584 kB
6d7504772167: Loading layer 4.608 kB/4.608 kB
88fca8ae768a: Loading layer 629.8 kB/629.8 kB
Loaded image: game2048:latest##docker run -- create a new container and run load image
-i: Run the container in interactive mode, usually with -t Simultaneous use;
-p: Port mapping, format: host(Host)port:Container port
-d: Run the container in the background and return to the containerID;
--name="nginx-lb": Specify a name for the container;
-h "mars": Of the specified container hostname;
-a stdin: Specify standard input / output content type, optional STDIN/STDOUT/STDERR Three items;
[root@18 pub]# docker run -d --name vm1 game2048
1e7edf48084a0e5f7d8fd446139bb7628db408c29aac037867f55e350c17037cVisit IP: 172.17.0.2 in the browser to enter the 2048 game just imported. 
##docker ps -- lists all running container information.
-a :Displays all containers, including those that are not running.
-l :Show recently created containers.
-n :List recently created n A container.
-q :In silent mode, only the container number is displayed.
-s :Displays the total file size.
[root@18 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1e7edf48084a game2048 "/bin/sh -c 'sed -..." 4 minutes ago Up 4 minutes 80/tcp, 443/tcp vm1[root@18 docker]# ip addr
##View to create a new virtual bridge docker0: ip on the host (172.17.0.1 / 16)
9: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP
link/ether 02:42:d8:d0:7f:2a brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:d8ff:fed0:7f2a/64 scope link
valid_lft forever preferred_lft forever##docker images -- List local images.
-a :List all local images (including the intermediate image layer, which is filtered out by default);
-q :Show only mirrorsID.
[root@18 docker]# docker images game2048
REPOSITORY TAG IMAGE ID CREATED SIZE
game2048 latest 19299002fdbe 20 months ago 55.5 MB##Docker inspection -- get the metadata of the container / image.
[root@18 docker]# docker inspect vm1
...
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:02"[root@18 pub]# iptables -t nat -L
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
RETURN all -- 192.168.122.0/24 224.0.0.0/24
Container management command
#docker attach vm1 connection container #docker top vm1 view the process information running in the container #docker logs vm1 view container instruction output - f parameter can be viewed in real time #docker stats vm1 view container resource usage #docker diff vm1 view container modification #docker run -d --name vm1 ubuntu bash -c "while true; do echo westos; sleep 1; done" execute the command when running the container #docker stop vm1 stop container #docker start vm1 start container #docker kill vm1 forces container to be killed #docker restart vm1 restart container #docker pause/unpause vm1 pause / resume container #docker rm vm1 delete container #Docker export Vm1 > vm1.tar export container #docker import vm1.tar image import container as image #docker container prune delete all stopped containers #docker load -i rhel7.tar import image
docker uses nginx
[root@18 docker]# docker load < nginx.tar[root@18 ~]# docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest af4b3d7d5401 2 years ago 190 MB[root@18 docker1]# docker cp index.html vm2:/usr/share/nginx/html/[root@18 ~]# docker run -d --name vm2 -p 8080:80 nginx
7c115522c0f66a10625c2d30af2a206dd4dc8d694503067d6221571810023515To access tests on a browser: 
5, Mount file system
Mount nginx configuration file directory
[root@79 KINGSTON]# mkdir /tmp/docker
[root@79 KINGSTON]# cd /tmp/docker/
[root@79 docker]# mkdir web
[root@79 docker]# cd web/
[root@79 web]# vim index.html
[root@79 web]# docker run -d --name vm3 -v /tmp/docker/web:/usr/share/nginx/html nginx
4fd1f5371b4a301498f7309438feef10d8a647b0c990b42954e309d0b7696972
ctrl pq exits without stopping CTRL D close container
[root@18 docker1]# docker images centos
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5182e96772bf 12 days ago 200 MB
centos 6 d0a31e3494fe 2 years ago 229 MB
##Run MIA with image ID
[root@18 docker1]# docker run -it 5182e96772bf /bin/bash
[root@b94b108bd5c5 /]# [root@18 web]# docker run -it --name vm1 -v /tmp/data1:/data1 -v /tmp/data2:/data2:ro -v /etc/yum.repos.d/rhel-dvd.repo:/etc/yum.repos.d/rhel-dvd.repo:ro rhel7 bash
bash-4.2# df
bash-4.2# ls data*
data1:
data2:
bash-4.2# ls /etc/yum.repos.d/
rhel-dvd.repo rhel7.repo
bash-4.2# yum repolist
bash-4.2# cd /data2
bash-4.2# touch file
touch: cannot touch 'file': Read-only file system
bash-4.2# cd /data1/
bash-4.2# touch file1
##Document mount test
[root@79 data1]# ls /tmp/data1/
file1Get file volume from specified container
[root@18 web]# docker rm -f vm1
[root@18 web]# docker create --name datavol -v /tmp/data1:/data1 -v /tmp/data2:/data2:ro -v /etc/yum.repos.d/rhel-dvd.repo:/etc/yum.repos.d/rhel-dvd.repo:ro rhel7 bash
[root@18 web]# docker run -it --name vm1 --volumes-from datavol rhel7 bash##Backup container
[root@18 docker]# docker load -i ubuntu.tar
[root@18 docker]# docker run --rm -v /tmp/backup:/backup ubuntu tar cf /backup/etc.tar /etc
[root@18 docker]# cd /tmp/backup/
[root@18 backup]# ls
etc.tar[root@18 test]# docker run -it --name vm1 ubuntu
[root@18 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e63ae37b7d6b ubuntu "/bin/bash" 15 seconds ago Up 14 seconds
[root@18 docker]# docker inspect vm1 | grep Pid
"Pid": 31145,
"PidMode": "",
"PidsLimit": 0,
```
```
[root@18 backup]# ps ax
31145 pts/8 Ss+ 0:00 /bin/bash
[root@18 backup]# cd /proc/13505/ns[root@18 ns]# ll
total 0
lrwxrwxrwx 1 root root 0 Aug 19 14:57 ipc -> ipc:[4026532408]
lrwxrwxrwx 1 root root 0 Aug 19 14:57 mnt -> mnt:[4026532406]
lrwxrwxrwx 1 root root 0 Aug 19 14:56 net -> net:[4026532411]
lrwxrwxrwx 1 root root 0 Aug 19 14:57 pid -> pid:[4026532409]
lrwxrwxrwx 1 root root 0 Aug 19 14:57 user -> user:[4026531837]
lrwxrwxrwx 1 root root 0 Aug 19 14:57 uts -> uts:[4026532407]