【4】Docker run 详解

一般形式

docker run [OPTIONS] IMAGE [:TAG|@DIGEST] [COMMAND] [ARG...]

Operator exclusive options

Detached vs foreground
Detached (-d)
Foreground
Container identification
Name (--name)
PID equivalent
IPC settings (--ipc)
Network settings
Restart policies (--restart)
Clean up (--rm)
Runtime constraints on resource
Runtime privileges, Linux capabilities, and LXC configuration

Detached vs foreground

Detached (-d)

--rm 和 -d 不能同时存在
不能使用service x start

docker run -d 80:80 my_image service nginx start

正确的启动方式

docker run -d 80:80 my_image nginx -g 'daemon off;'

Foreground

进入交互模式 -it

Container identification

Name (--name)

区分容器的三种方式
UUID 长标识符
UUID 短标识符
Name （若未指定，则随机生成）

PID

--cidfile="": Write the container ID to the file

Image[:tag]

docker run ubuntu:14.04

Image[@digest]

PID settings (--pid)

docker run --pid=host rhel7 strace -p 1234

UTS settings (--uts)

IPC settings (--ipc)

Network settings

Restart policies (--restart)

docker run --restart=always redis
docker run --restart=on-failure:10 redis

Clean up (--rm)

Automatically remove the container when it exists (incompatible with -d)

Security configuration

docker run --security-opt label:level:s0:c100,c200 -i -t fedora bash

Specifying custom cgroups

Runtime constraints on resources

User memory constraints

docker run -ti ubuntu:14.04 /bin/bash
docker run -ti -m 300M --memory-swap -1 ubuntu:14.04 /bin/bash
docker run -ti -m 300M ubuntu:14.04 /bin/bash
docker run -ti -m 300M --memory-swap 1G ubuntu:14.04 /bin/bash
docker run -ti -m 500M --memory-reservation 200M ubuntu:14.04 /bin/bash
docker run -ti --memory-reservation 1G ubuntu:14.04 /bin/bash

Kernel memory constraints

Swappiness constraint

docker run -ti --memory-swappiness=0 ubuntu:14.04 /bin/bash

CPU share constraint

CPU period constraint

docker run -ti --cpu-period=50000 --cpu-quota=25000 ubuntu:14.04 /bin/bash

CPUset constraint

docker run -ti --cpuset-cpus="1,3" ubuntu:14.04 /bin/bash
docker run -ti --cpuset-cpus="0-2" ubuntu:14.04 /bin/bash
docker run -ti --cpuset-mems="1,3" ubuntu:14.04 /bin/bash
docker run -ti --cpuset-mems="0-2" ubuntu:14.04 /bin/bash

CPU quota constraint

Block IO bandwidth (Blkio) constraint

docker run -ti --name c1 --blkio-weight 300 ubuntu:14.04 /bin/bash
docker run -ti --name c2 --blkio-weight 600 ubunut:14.04 /bin/bash

Additional groups

Runtime privileges, Linux capabilities, and LXC configuration

docker run --device=/dev/sda:/dev/xvdc --rm -it ubuntu fdisk /dev/xvdc
docker run --device=/dev/sda:/dev/xvdc:r --rm -it ubuntu fdisk /dev/xvdc
docker run --device=/dev/sda:/dev/xvdc:w --rm -it ubuntu fdisk /dev/xvdc
docker run --device=/dev/sda:/dev/xvdc:m --rm -it ubuntu fdisk /dev/xvdc

【4】Docker run 详解.md

【4】Docker run 详解

一般形式

Operator exclusive options

Detached vs foreground

Detached (-d)

Foreground

Container identification

Name (--name)

PID

Image[:tag]

Image[@digest]

PID settings (--pid)

UTS settings (--uts)

IPC settings (--ipc)

Network settings

Restart policies (--restart)

Clean up (--rm)

Security configuration

Specifying custom cgroups

Runtime constraints on resources

User memory constraints

Kernel memory constraints

Swappiness constraint

CPU share constraint

CPU period constraint

CPUset constraint

CPU quota constraint

Block IO bandwidth (Blkio) constraint

Additional groups

Runtime privileges, Linux capabilities, and LXC configuration

Logging drivers (--log-driver)

Overriding Dockerfile image defaults

CMD (default command or options)

ENTRYPOINT (default command to execute at runtime)

EXPOSE (incoming ports)

ENV (environment variables)

VOLUME (shared filesystems)

USER

WORKDIR