【docker】documentation[continuously added…]


Full-stack technology sharing, dynamic update of API documents, simple and easy-to-understand technical points, quick start
If it is helpful, please like it. If you are interested, follow and add bookmarks to get more documents, which are convenient for reference at any time. If you have any questions, please leave a message to discuss


A resource management technology, hardware resources are inseparable, using virtualization technology can maximize the use of hardware resources, that is, one hardware and multiple software deployments


concept and essence

Developed in Go language, a virtual machine containerized application software based on the Linux kernel

Encapsulation and isolation of processes is a virtualization technology at the operating system level

Client-server (C/S) architecture program: docker, dockerd - docker deamon

The difference from the virtual machine: virtualization is realized at the operating system level, and the operating system of the local host is directly reused, while the virtual machine is realized at the hardware level

Advantages of docker compared with traditional virtualization

1. More efficient use of system resources
2. Faster boot time
    Run directly on the host kernel without booting a full operating system
3. Consistent operating environment
4. Continuous delivery and deployment
5. Easier Migration
6. Easier maintenance and expansion


components illustrate
docker server docker daemon
docker client docker commands, such as docker run …
image Mirror image, that is, unix system image (easy to understand) + environment required for app operation (arranged through Dockerfile) + app source code
container Container, that is, unix system instance + app instance
Registry Warehouse, a mirrored warehouse, similar to maven’s nexus private server
Online Warehouse: docker hub
Private server warehouse: registry

work process

graph TB
A[app code + Dockerfile]-->A1[docker build Dockerfile]
B-->B1[docker run image]

classDef C1 fill:blue,fill-opacity:0.3
class A,B,C C1
class A1,B1 C2


Linux environment (choose Ubuntu here)

official tutorial

Encountered problems refer to the following problems and solutions

Windows11 environment

official tutorial

download docker desktop

docker + wsl2 official tutorial

docker desktop initialization configuration
general: Check wsl, which is usually checked by default
resources:wsl integration: 
    enable integration with my default wsl distro
    enbale ubuntu-22.04 (these two options are important)

docker engine: add image configuration:
  "registry-mirrors": [

ps: Alibaba Cloud mirroring has to configure its own address

Possible problems and solutions:

1. Without Hyper-v, execute the script as an administrator:
pushd "%~dp0"
dir /b %SystemRoot%\servicing\Packages\*Hyper-V*.mum >hyper-v.txt
for /f %%i in ('findstr /i . hyper-v.txt 2^>nul') do dism /online /norestart /add-package:"%SystemRoot%\servicing\Packages\%%i"
del hyper-v.txt

Dism /online /enable-feature /featurename:Microsoft-Hyper-V-All /LimitAccess /ALL
2. wsl environment problem:
win11 + wsl2 + Ubuntu22: wslg is relatively stable, and systemd is supported, and ubuntu-desktop gnome can be installed without systemd:
    vim /etc/wsl.conf

win10 + wsl2 + Ubuntu20: support script to enable systemd, support installation of ubuntu-desktop gnome without enabling systemd
But gnome >=3.34 version is completely based on systemd, there are compatibility issues, you need to install a lower version of gnome
    Open systemd script: https://github.com/nullpo-head/wsl-distrod
    systemd environment:
    git clone https://github.com/DamionGans/ubuntu-wsl2-system-script.git
    cd ubuntu-wsl2-system-script/
    bash ubuntu-wsl2-system-script.sh

win10 + distrod: The ubuntu-22.04 wsl system with systemd does not support the installation of ubuntu-desktop gnome

Distrod download address

distrod reference tutorial

3. Modify the directory of the mounted c drive (not recommended, because there will be problems with the current directory after modification)
Create a new /etc/wsl.conf file input:

root = /
options = "metadata,umask=22,fmask=11"

Close all terminals and open cmd or powershell as an administrator
net stop LxssManager
net start LxssManager
4. Error reporting when installing docker-ce
Error message 1: Sub-process /usr/bin/dpkg returned an error code (1)

Due to the dpkg directory, backup and rebuild
sudo mv /var/lib/dpkg/info/ /var/lib/dpkg/bak/  
sudo mkdir /var/lib/dpkg/info/

Finally execute sudo apt-get update
Error message 2: Failed to start docker, prompted to view the log:
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.

The content of the normal view log is incomplete, use other commands:
journalctl -fu docker

Found the cause:... unable to add return rule in DOCKER-ISOLATION-STAGE-1 chain:  (iptables failed: iptables ...

Since the new ubuntu system uses iptables-nft, but WSL2 does not support it, modify it:

sudo update-alternatives --config iptables
Choose non-nft options

Just restart docker
5. install gnome

reference tutorial

The mirror source is best to choose Tsinghua source
1. Install software-properties-common
Error /usr/.../dpkg error code
Reason: There is a problem with the package under /var/lib/dpkg/info, back up the directory, delete and reinstall the package

mv /var/lib/dpkg/info /var/lib/dpkg/info.bak
mkdir /var/lib/dpkg/info
apt-get -f install software-properties-common
apt-get update
sudo apt update && sudo apt upgrade -y
#Multithreaded download tool
sudo apt install axel
#Speed ​​up tool
sudo add-apt-repository ppa:apt-fast/stable
sudo apt -y install apt-fast
Select: 1.apt 2.5 3.yes
#Configure the apt-fast mirror source, open the commented first mirror (there are two lines)
sudo vim /etc/apt-fast.conf
#download desktop
sudo apt-fast install ubuntu-desktop gnome

#Here is to modify the ip configuration of the gnome-session connection window
Add at the end of vim ~/.bashrc
export DISPLAY=$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'):0

systemd environment:
git clone https://github.com/DamionGans/ubuntu-wsl2-system-script.git
cd ubuntu-wsl2-system-script/
bash ubuntu-wsl2-system-script.sh
restart wsl --shutdown

# micro store install vcxsrv
The firewall configuration allows vcxsrv to pass through
1. Select one large window and display num=0
2. Next step
3. Check the display...
4. Save the configuration

Enter gnome-session in the ubuntu terminal to wait for the connection to start the GUI
# Remote connection via xrdp:
sudo apt-get install xrdp
sudo sed -i 's/3389/3390/g' /etc/xrdp/xrdp.ini
echo "gnome-session" > ~/.xsession
sudo systemctl restart xrdp
sudo systemctl status xrdp

Win+r input mstsc
Just connect to localhost:3390


ps: Configure the user to enter the docker user group, so that the user can execute docker commands without sudo
usermod -G docker xxx

official document

1. docker

<font size=”5″>docker build</font>
effect build image
Format docker build [OPTIONS] PATH | URL | –
example Enter the directory where the Dockerfile is located and execute docker build.
option -f Specify the compiled file name, the default is ‘PATH/Dockerfile’
<font size=”5″>docker run</font>
effect Generate image container
Format docker run [OPTIONS] IMAGE [COMMAND] [ARG…]
example docker run –name nginx \

-v /nginx/conf/nginx.conf:/etc/nginx/nginx.conf \

-v /nginx/conf/conf.d/:/etc/nginx/conf.d \

-v /nginx/html/:/usr/share/nginx/html \

-v /nginx/log/:/var/log/nginx:ro \

-p 80:80 –privileged=true -d nginx
option -v <docker_dir>:<container_dir>[:ro] mount directory
Bind container volume with docker server volume
ro is read-only
Pay attention to give the highest authority 777 to prevent synchronization problems
-d Background process
-p <d_socket>:<c_port>[/proto] Bind docker service port and container port
–name container name
–rm Automatically delete the container when exiting the container
–restart<=always|no> Restart after exiting the container
-w<DIR> The current directory when entering the container
–privileged Grant container expansion privileges
-i Keep typing commands, -it: means to enter the terminal in the container
-t Open the container terminal
–expose Expose the container port
<font size=”5″>docker cp</font>
effect Copy from or into a container
example docker cp CONTAINER:/var/logs/ /tmp/app_logs

docker cp ./some_file CONTAINER:/work
option -a Mode permissions for copying files
-L copy soft link
<font size=”5″>docker inspect</font>
effect List image or container details
Format docker inspect [OPTIONS] NAME|ID [NAME|ID…]
example docker inspect –format=”{{.Mounts}}” CONTAINER
option –format|-f Format display, such as –format=”{{.Mounts}}”
1.1 docker image
<font size=”5″>docker images | docker image ls</font>
effect list mirrors
Format docker image ls [OPTIONS] [REPOSITORY[:TAG]]
example docker image ls -a
option -a Show all images (intermediate images are not included by default)
–digests Display summary, digest:sha256:…, is the id in inspect
–no-trunc Display the complete image information, that is, display the complete Image ID (digest)
-q only display id
-f|–filter filter
dangling=(true|false): mark an image as empty
label=<key> or label=<key> =<value> : filter by label
since=(<image-name>[:tag]|<image-id>|<[email protected]>): A mirror built after a mirror is built
before=(<image-name>[:tag]|<image-id>|<[email protected]>): A mirror built before a mirror was built
reference=<pattern> : Display by positive matching result, such as:
–format “{{Placeholder}}…” Display in specified format

.Repository mirror warehouse
.Tag image tag
.Digest image summary
.CreatedSince Time elapsed since the image was created
.CreateAt Time to create the image
.Size image size
<font size=”5″>docker rmi | docker image rm</font>
effect delete mirror
Format docker rmi [OPTIONS] IMAGE [IMAGE…]
example docker rmi xxx
option -f Forcibly delete the image
1.2 docker container
<font size=”5″>docker ps | docker container ls</font>
effect list containers
Format docker ps [OPTIONS]
example docker ps -a
option -a List all running containers
–digests Display summary, digest:sha256:…, is the id in inspect
–no-trunc Display the complete image information, that is, display the complete Image ID (digest)
-q only display id
-f|–filter filter,
id container id
name container name
label label,<key> or<key> =<value>
exited the exited container
status Status: created, restarting, running, removing, paused, exited, dead
ancestor prototype:<image-name> [:<tag> ],<image id> , or[email protected]>

before<id> Before the container is created
since<id> After the container is created
volume A container that has mounted the given volume or bind mount
network The container connected to the network
publish Published containers:<port> [/<proto> ] or<startport-endport> /[<proto> ]
The container exposed by expose:<port> [/<proto> ] or<startport-endport> /[<proto> ]
health Health status: starting, healthy, unhealthy , none.
isolation Filtering for window system: default, process, or hyperv
is-task is not a task service container
–format “{{Placeholder}}…” Display in specified format

.ID Container ID

.Image Image ID

.Command reference command
.CreatedAt The time when the container was created
.RunningFor The running time after the container starts
.Ports exposed ports
.State Container state (eg, “created”, “running”, “exited”)
.Status Container status with duration and health status details
.Size container disk size
.Names container name
.Labels all labels assigned to the container
.Label the value of a specific label for this container: ‘{{.Label “com.docker.swarm.cpu”}}’
.Mounts Names of volumes mounted in this container
.Networks the name of the network attached to this container
<font size=”5″>docker rm | docker container rm</font>
effect delete container
example docker rm -v CONTAINER
option -f force delete
-v Delete the anonymous volume associated with the container
1.3 docker volume
<font size=”5″>docker volume ls</font>
effect list volumes
Format docker volume ls [OPTIONS]
example docker volume ls -q
option -q show volume name only
-f filter, such as ‘dangling=true’
–format format display
<font size=”5″>docker volume rm</font>
effect delete volume
Format docker volume rm [OPTIONS] VOLUME [VOLUME…]
example docker volume rm VOLUME
option -f force delete
Common Container Deployment

Mirror warehouse address

All mounted directories are uniformly granted permissions to prevent strange problems from happening
chmod -R 777 /xxx/xxx
docker run --name nginx \
-v /usr/local/software/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \
-v /usr/local/software/nginx/conf/conf.d/:/etc/nginx/conf.d \
-v /usr/local/software/nginx/html/:/usr/share/nginx/html \
-v /usr/local/software/nginx/log/:/var/log/nginx \
-p 80:80 --privileged=true -d nginx   
Delete images and containers
Can be deleted according to the ID, name, and tag of the image or container
graph LR
A[stop container]-->B[rm container and volume]
B-->C[rmi image]
Completely delete the dependent none image
stop container
docker images -a | grep none | awk '{print " -f ancestor="$3}' | xargs docker ps -aq | xargs docker stop

Delete containers and volumes
docker images -a | grep none | awk '{print " -f ancestor="$3}' | xargs docker ps -aq | xargs docker rm -v
Delete container reserve volume
docker images -a | grep none | awk '{print " -f ancestor="$3}' | xargs docker ps -aq | xargs docker rm

delete mirror
docker images -a | grep none | awk '{print " -f since="$3}' | xargs docker images -aq | xargs docker rmi

2. Dockerfile

FROM localhost:5000/openjdk:8
ENV LANG=C.UTF-8 LC_ALL=C.UTF-8 APP_HOME=/opt/hello-app
RUN mkdir -p $APP_HOME
ADD target/hello-docker-0.0.1-SNAPSHOT.jar hello-app.jar
ADD target/classes/application.yml conf/application.yml
ENTRYPOINT java -jar hello-app.jar --spring.config.location=conf/application.yml
<font size=”5″>FROM</font>
effect pull dependent images
Format FROM [–platform=<platform>] <image> [AS <name>]

Learn more about the “FROM” Dockerfile command.
[–platform=<platform>] <image>[:<tag>] [AS <name>]

Learn more about the “FROM” Dockerfile command.
[–platform=<platform>] <image>[@<digest>] [AS <name>]
example FROM localhost:5000/openjdk:8
<font size=”5″>MAINTAINER(deprecated)</font>
effect author
Format MAINTAINER <name>
example MAINTAINER evef
<font size=”5″>ENV</font>
effect environment variable
Format ENV <key>=<value> …
example ENV LANG=C.UTF-8 LC_ALL=C.UTF-8 APP_HOME=/opt/hello-app
<font size=”5″>VOLUME</font>
effect Create a mount point to mount the external volume
Format VOLUME [“/data”]
example VOLUME /tmp
It is to mount the /tmp directory in the container and bind the volume randomly created by the external docker server
<font size=”5″>RUN</font>
effect Execute commands inside the container
Format RUN <command>
example RUN mkdir -p $APP_HOME
<font size=”5″>WORKDIR</font>
effect Specify the location to enter the container, that is, the current directory
If the specified directory does not exist, it will not be created immediately. It is best to create the directory in advance
Format WORKDIR /path/to/workdir
<font size=”5″>ADD</font>
effect Copy the resources at the location of the Dockerfile into the container, and support remote copying
Format ADD [–chown=<user>:<group>] <src>… <dest>

ADD [–chown=<user>:<group>] [“<src>”,… “<dest>”]
example ADD target/hello-docker-0.0.1-SNAPSHOT.jar hello-app.jar
<font size=”5″>COPY</font>
effect Copy the resources at the location of the Dockerfile into the container, only the host can be copied
Format COPY [–chown=<user>:<group>] <src>… <dest>

COPY [–chown=<user>:<group>] [“<src>”,… “<dest>”]
example COPY target/hello-docker-0.0.1-SNAPSHOT.jar hello-app.jar
<font size=”5″>ENTRYPOINT</font>
effect execute shell command
Format ENTRYPOINT [“executable”, “param1”, “param2”]

ENTRYPOINT command param1 param2
example ENTRYPOINT java -jar hello-app.jar –spring.config.location=conf/application.yml
<font size=”5″>EXPOSE</font>
effect exposed port
Format EXPOSE <port> [<port>/<protocol>…]
example EXPOSE 8082

3.docker compose

  #Service Name
    # container name
    container_name: hello-compose
      context: ./
      #Specify the compilation file
      dockerfile: Dockerfile
    # bind port -p
      - 8082:8082