Docker-核心技术-容器管理
简介
生产环境使用Docker的过程中,往往需要对数据进行持久化保存,或者需要更多容器之间进行数据共享,需要使用:数据卷(Data Volumes)和数据卷容器(Data Volume Containers)
1.数据卷
1.数据卷简介
就是将宿主机的某个目录,映射到容器中,作为数据存储的目录,从而实现在宿主机对数据进行存储
数据卷(Data Volumes):容器内数据直接映射到本地主机环境
2.数据卷特性
- 数据卷可以在容器之间共享和重用,本地与容器间传递数据更高效;
- 对数据卷的修改会立马有效,容器内部与本地目录均可;
- 对数据卷的更新,不会影响镜像,对数据与应用进行了解耦操作;
- 卷会一直存在,直到没有容器使用。
3.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
挂载一个数据卷
-v, --volume list Bind mount a volume
挂载一个数据卷,默认为空
可以使用命令 docker run 用来创建容器,在使用docker run 命令时添加 -v 参数,就可以创建并挂载一个到多个数据卷到当前运行的容器中。
-v 参数的作用是将宿主机的一个目录作为容器的数据卷挂载到docker容器中,使宿主机和容器之间可以共享一个目录,如果本地路径不存在,Docker自动创建。
https://docs.docker.com/engine/reference/commandline/run/
或
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html#run
4.命令格式
1.目录
与文件的区别为:-v [宿主机目录]:[容器目录][镜像名称]
docker run -v [宿主机目录]:[容器目录][镜像名称]
1.创建测试文件
mkdir -p /home/wyf/tmp/ && echo "数据卷测试-目录" > /home/wyf/tmp/file.txt && cat /home/wyf/tmp/file.txt
2.启动一个容器并挂载数据卷
宿主机目录需要绝对路径
docker run -itd --name ubuntu-wyf-v2.0 -v /home/wyf/tmp/:/ubuntu-wyf-v2.0/ ubuntu
3.查看容器
docker ps
4.进入容器
docker exec -it 70b0f1d8a109 /bin/bash
5.测试
cat /ubuntu-wyf-v2.0/file.txt
2.文件【不推荐】
与目录的区别为:-v [宿主机文件]:[容器文件][镜像名称]
docker run -v [宿主机文件]:[容器文件][镜像名称]
1.创建测试文件
mkdir -p /home/wyf/tmp/ && echo "数据卷测试-文件" > /home/wyf/tmp/file.log && cat /home/wyf/tmp/file.log
2.启动一个容器并挂载数据卷
宿主机文件需要绝对路径
docker run -itd --name ubuntu-wyf-v3.0 -v /home/wyf/tmp/file.log:/test/file.log ubuntu
3.查看容器
docker ps
4.进入容器
docker exec -it dde9d75353be /bin/bash
5.测试
cat /test/file.log
3.注意
- Docker挂载数据卷的默认读写权限(rw),用户可以通过ro设置为只读 格式:
[宿主机文件]:[容器文件]:ro
- 如果直接挂载一个文件到容器,使用文件工具进行编辑,可能会造成文件的改变,从Docker1.1.0起,这会导致报错误信息。所以推荐的方式是直接挂在文件所在的目录。
2.数据卷容器
1.数据卷容器简介
需要在多个容器之间共享一些持续更新的数据,最简单的方式是使用数据卷容器。数据卷容器也是一个容器,但是它的目的是专门用来提供数据卷供其他容器挂载。
数据卷容器(Data Volume Containers):使用特定容器维护数据卷,数据卷容器就是为其他容器提供数据交互存储的容器
2.数据卷容器操作
如果使用数据卷容器,在多个容器间共享数据,并永久保存这些数据,需要有一个规范的流程:
1. 创建数据卷容器
2. 其他容器挂载数据卷容器
数据卷容器自身并不需要启动,但是启动的时候依然可以进行数据卷容器的工作。
3.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
从指定的容器挂载卷
-v, --volumes-from list Mount volumes from the specified container(s)
#从指定的容器挂载卷,默认为空
https://docs.docker.com/engine/reference/commandline/run/
或
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html#run
4.命令格式
数据卷容器实践包括两部分:创建数据卷容器和使用数据卷容器
1.创建数据卷容器
docker create -v [容器数据卷目录] --name [容器名字][镜像名称] [命令(可选)]
例:
容器数据卷目录为:/data
docker create -v /data --name ubunt-data-wyf ubuntu
docker ps -a
2.其他容器挂载数据卷容器
docker run --volumes-from [数据卷容器id/name] -tid --name [容器名字][镜像名称] [命令(可选)]
例:
#创建 vf-ubunt-1 容器:
docker run --volumes-from b9c499443cf9 -tid --name vf-ubunt-1 ubuntu /bin/bash
#创建 vf-ubunt-2 容器:
docker run --volumes-from b9c499443cf9 -tid --name vf-ubunt-2 ubuntu /bin/bash
docker ps
3.确认卷容器共享
1.进入vf-ubunt-1
docker exec -it vf-ubunt-1 /bin/bash
2.进入数据卷目录/data/,操作数据卷容器:
ls /data/
echo 'vf-ubunt-1 data' > /data/vf-ubunt-1.txt
ls /data/
exit
3.进入vf-ubunt-2
docker exec -it vf-ubunt-2 /bin/bash
4.确认vf-ubunt-2共享vf-ubunt-1的数据
ls /data/
5.vf-ubunt-2创建数据并退出
echo 'vf-ubunt-2 data' > /data/vf-ubunt-2.txt
ls /data/
exit
6.回到vf-ubunt-1进行验证
docker exec -it vf-ubunt-1 /bin/bash
ls /data/
exit
双向确认共享。
3.数据备份
1.原理
2.方案
- 创建一个挂载数据卷容器的容器;
- 挂载宿主机本地目录作为备份数据卷;
- 将数据卷容器的内容备份到宿主机本地目录挂载的数据卷中;
- 完成备份操作后销毁刚创建的容器;
3.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
从指定的容器挂载卷
-v, --volumes-from list Mount volumes from the specified container(s)
#从指定的容器挂载卷,默认为空
https://docs.docker.com/engine/reference/commandline/run/
或
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html#run
4.命令格式
docker run --rm --volumes-from [数据卷容器id/name] -v [宿主机目录]:[容器目录][镜像名称] [备份命令]
数据卷容器信息
docker ps -a
之前创建的数据卷容器信息:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b9c499443cf9 ubuntu "/bin/bash" 35 minutes ago Created ubunt-data-wyf
1.创建备份目录
mkdir -p /home/wyf/backup/
2.创建挂载数据卷容器【b9c499443cf9】的容器【创建备份的容器】
docker run --volumes-from b9c499443cf9 -v ubuntu
3.挂载到宿主机目录
-v /home/wyf/backup/:/backup/
4.备份命令
tar zcPf /backup/data.tar.gz /data
注意:
>-P:使用原文件的原来属性(属性不会依据使用者而变),恢复字段到它们的原始方式,忽略现有的用户权限屏蔽位(umask)。 加了-p之后,tar进行解压后,生成的文件的权限,是直接取自tar包里面文件的权限(不会再使用该用户的umask值进行运算),那么不加-p参数,将还要再减去umask的值(位运算的减),但是如果使用root用户进行操作,加不加-p参数都一样。
5.销毁备份容器
docker rm
完整的备份执行命令
mkdir -p /home/wyf/backup/ && docker run --rm --volumes-from b9c499443cf9 -v /home/wyf/backup/:/backup/ ubuntu tar zcPf /backup/data.tar.gz /data
验证:
docker ps -a
ls /home/wyf/backup
zcat /home/wyf/backup/data.tar.gz
4.数据还原
1.原理
2.方案
- 创建一个新的数据卷容器(或删除原数据卷容器的内容);
- 创建一个新容器,挂载数据卷容器,同时挂载本地的备份目录作为数据卷;
- 将要还原的数据解压到容器中;
- 完成还原操作后销毁刚创建的容器。
3.获取帮助
docker run --help
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
Options:
--add-host list Add a custom host-to-IP mapping (host:ip)
-a, --attach list Attach to STDIN, STDOUT or STDERR
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000, or 0 to disable (default 0)
--blkio-weight-device list Block IO weight (relative device weight) (default [])
--cap-add list Add Linux capabilities
--cap-drop list Drop Linux capabilities
--cgroup-parent string Optional parent cgroup for the container
--cidfile string Write the container ID to the file
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit CPU real-time period in microseconds
--cpu-rt-runtime int Limit CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
-d, --detach Run container in background and print container ID
--detach-keys string Override the key sequence for detaching a container
--device list Add a host device to the container
--device-cgroup-rule list Add a rule to the cgroup allowed devices list
--device-read-bps list Limit read rate (bytes per second) from a device (default [])
--device-read-iops list Limit read rate (IO per second) from a device (default [])
--device-write-bps list Limit write rate (bytes per second) to a device (default [])
--device-write-iops list Limit write rate (IO per second) to a device (default [])
--disable-content-trust Skip image verification (default true)
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
--domainname string Container NIS domain name
--entrypoint string Overwrite the default ENTRYPOINT of the image
-e, --env list Set environment variables
--env-file list Read in a file of environment variables
--expose list Expose a port or a range of ports
--gpus gpu-request GPU devices to add to the container ('all' to pass all GPUs)
--group-add list Add additional groups to join
--health-cmd string Command to run to check health
--health-interval duration Time between running the check (ms|s|m|h) (default 0s)
--health-retries int Consecutive failures needed to report unhealthy
--health-start-period duration Start period for the container to initialize before starting health-retries countdown (ms|s|m|h) (default 0s)
--health-timeout duration Maximum time to allow one check to run (ms|s|m|h) (default 0s)
--help Print usage
-h, --hostname string Container host name
--init Run an init inside the container that forwards signals and reaps processes
-i, --interactive Keep STDIN open even if not attached
--ip string IPv4 address (e.g., 172.30.100.104)
--ip6 string IPv6 address (e.g., 2001:db8::33)
--ipc string IPC mode to use
--isolation string Container isolation technology
--kernel-memory bytes Kernel memory limit
-l, --label list Set meta data on a container
--label-file list Read in a line delimited file of labels
--link list Add link to another container
--link-local-ip list Container IPv4/IPv6 link-local addresses
--log-driver string Logging driver for the container
--log-opt list Log driver options
--mac-address string Container MAC address (e.g., 92:d0:c6:0a:29:33)
-m, --memory bytes Memory limit
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to enable unlimited swap
--memory-swappiness int Tune container memory swappiness (0 to 100) (default -1)
--mount mount Attach a filesystem mount to the container
--name string Assign a name to the container
--network network Connect a container to a network
--network-alias list Add network-scoped alias for the container
--no-healthcheck Disable any container-specified HEALTHCHECK
--oom-kill-disable Disable OOM Killer
--oom-score-adj int Tune host's OOM preferences (-1000 to 1000)
--pid string PID namespace to use
--pids-limit int Tune container pids limit (set -1 for unlimited)
--privileged Give extended privileges to this container
-p, --publish list Publish a container's port(s) to the host
-P, --publish-all Publish all exposed ports to random ports
--read-only Mount the container's root filesystem as read only
--restart string Restart policy to apply when a container exits (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container
--security-opt list Security Options
--shm-size bytes Size of /dev/shm
--sig-proxy Proxy received signals to the process (default true)
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout int Timeout (in seconds) to stop a container
--storage-opt list Storage driver options for the container
--sysctl map Sysctl options (default map[])
--tmpfs list Mount a tmpfs directory
-t, --tty Allocate a pseudo-TTY
--ulimit ulimit Ulimit options (default [])
-u, --user string Username or UID (format: <name|uid>[:<group|gid>])
--userns string User namespace to use
--uts string UTS namespace to use
-v, --volume list Bind mount a volume
--volume-driver string Optional volume driver for the container
--volumes-from list Mount volumes from the specified container(s)
-w, --workdir string Working directory inside the container
4.命令格式
docker run --rm -itd --volumes-from [数据要到还原的容器] -v [宿主机备份目录]:[容器备份目录][镜像名称] [解压命令]
1.还原到原数据卷容器
原数据卷容器为:ubunt-data-wyf
挂载数据卷容器ubunt-data-wyf的两个数据卷容器是:vf-ubunt-1 和 vf-ubunt-2
1.查询数据卷容器
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
afcaf1e8f6c5 ubuntu "/bin/bash" 19 hours ago Exited (0) 17 hours ago vf-ubunt-2
3d392914e276 ubuntu "/bin/bash" 19 hours ago Exited (137) 8 seconds ago vf-ubunt-1
b9c499443cf9 ubuntu "/bin/bash" 19 hours ago Exited (0) 5 minutes ago ubunt-data-wyf
a55685b27457 ubuntu "/bin/bash" 19 hours ago Created ubunt-data
dde9d75353be ubuntu "/bin/bash" 20 hours ago Exited (0) 17 hours ago ubuntu-wyf-v3.0
70b0f1d8a109 ubuntu "/bin/bash" 20 hours ago Exited (0) 17 hours ago ubuntu-wyf-v2.0
1374a8d99483 docker-ubuntu-wyf:v1.0 "/bin/bash" 23 hours ago Exited (0) 17 hours ago docker-ubuntu-wyf-v1.0
599066028fb2 ubuntu "/bin/bash" 23 hours ago Exited (0) 17 hours ago ubuntu-wyf
2.启动挂载数据卷容器的容器vf-ubunt-1
docker start 3d392914e276 && docker ps -a
3.进入vf-ubunt-1并删除数据卷容器内容
docker exec -it vf-ubunt-1 /bin/bash
rm -rf /data/*
ls /data/
4.退出
exit
5.还原数据
docker run --rm --volumes-from ubunt-data-wyf -v /home/wyf/backup/:/backup/ ubuntu tar xPf /backup/data.tar.gz --strip-components 1 -C /data
# --strip-components 1 去除解压的第一层【data】目录,只要data目录下的内容
6.验证
进入vf-ubunt-1进行验证
docker exec -it vf-ubunt-1 /bin/bash
ls /data/
2.还原到新数据卷容器中
原数据卷容器为:ubunt-data-wyf
原挂载数据卷容器ubunt-data-wyf的两个数据卷容器是:vf-ubunt-1 和 vf-ubunt-2
新建数据卷容器:ubuntu-data-wyf-new
新的挂载数据卷容器ubuntu-data-wyf-new的容器为vf-ubunt-3
1.新建数据卷容器ubuntu-data-wyf-new
ubuntu-data-wyf-new
docker create -v /newdata --name ubuntu-data-wyf-new ubuntu && docker ps -a
2.创建新的挂载数据卷容器ubuntu-data-wyf-new的容器vf-ubunt-3
docker run --volumes-from 9da7ccb040c0 -itd --name vf-ubunt-3 ubuntu /bin/bash && docker ps -a
3.还原数据到新的数据卷容器ubuntu-data-wyf-new中
docker run --rm --volumes-from ubuntu-data-wyf-new -v /home/wyf/backup/:/backup/ ubuntu tar xPf /backup/data.tar.gz --strip-components 1 -C /newdata
# --strip-components 1 去除解压的第一层【data】目录,只要data目录下的内容
6.验证
进入vf-ubunt-3进行验证
docker exec -it vf-ubunt-3 /bin/bash
ls /newdata/
更多请参考:
https://docs.docker.com/engine/reference/commandline/docker/
或:
https://docker-doc.readthedocs.io/zh_CN/latest/reference/commandline/cli.html