目录搜索
ComposeAbout versions and upgrading (Compose)ASP.NET Core + SQL Server on Linux (Compose)CLI environment variables (Compose)Command-line completion (Compose)Compose(组成)Compose command-line reference(组合命令行参考)Control startup order (Compose)Django and PostgreSQL (Compose)Docker stacks and distributed application bundles (Compose)docker-compose build(docker-compose构建)docker-compose bundledocker-compose configdocker-compose createdocker-compose downdocker-compose eventsdocker-compose execdocker-compose helpdocker-compose imagesdocker-compose killdocker-compose logsdocker-compose pausedocker-compose portdocker-compose psdocker-compose pulldocker-compose pushdocker-compose restartdocker-compose rmdocker-compose rundocker-compose scaledocker-compose startdocker-compose stopdocker-compose topdocker-compose unpausedocker-compose upEnvironment file (Compose)Environment variables in ComposeExtend services in ComposeFrequently asked questions (Compose)Getting started (Compose)Install ComposeLink environment variables (deprecated) (Compose)Networking in ComposeOverview of Docker ComposeOverview of docker-compose CLIQuickstart: Compose and WordPressRails and PostgreSQL (Compose)Sample apps with ComposeUsing Compose in productionUsing Compose with SwarmEngine.NET Core application (Engine)About images, containers, and storage drivers (Engine)Add nodes to the swarm (Engine)Apply custom metadata (Engine)Apply rolling updates (Engine)apt-cacher-ngBest practices for writing Dockerfiles (Engine)Binaries (Engine)Bind container ports to the host (Engine)Breaking changes (Engine)Build your own bridge (Engine)Configure container DNS (Engine)Configure container DNS in user-defined networks (Engine)CouchDB (Engine)Create a base image (Engine)Create a swarm (Engine)Customize the docker0 bridge (Engine)Debian (Engine)Default bridge networkDelete the service (Engine)Deploy a service (Engine)Deploy services to a swarm (Engine)Deprecated Engine featuresDocker container networking (Engine)Docker overview (Engine)Docker run reference (Engine)Dockerfile reference (Engine)Dockerize an applicationDrain a node (Engine)EngineFAQ (Engine)Fedora (Engine)Get started (Engine)Get started with macvlan network driver (Engine)Get started with multi-host networking (Engine)How nodes work (Engine)How services work (Engine)Image management (Engine)Inspect the service (Engine)Install Docker (Engine)IPv6 with Docker (Engine)Join nodes to a swarm (Engine)Legacy container links (Engine)Lock your swarm (Engine)Manage nodes in a swarm (Engine)Manage sensitive data with Docker secrets (Engine)Manage swarm security with PKI (Engine)Manage swarm service networks (Engine)Migrate to Engine 1.10Optional Linux post-installation steps (Engine)Overview (Engine)PostgreSQL (Engine)Raft consensus in swarm mode (Engine)Riak (Engine)Run Docker Engine in swarm modeScale the service (Engine)SDKs (Engine)Select a storage driver (Engine)Set up for the tutorial (Engine)SSHd (Engine)Storage driver overview (Engine)Store service configuration data (Engine)Swarm administration guide (Engine)Swarm mode key concepts (Engine)Swarm mode overlay network security model (Engine)Swarm mode overview (Engine)Understand container communication (Engine)Use multi-stage builds (Engine)Use swarm mode routing mesh (Engine)Use the AUFS storage driver (Engine)Use the Btrfs storage driver (Engine)Use the Device mapper storage driver (Engine)Use the OverlayFS storage driver (Engine)Use the VFS storage driver (Engine)Use the ZFS storage driver (Engine)Engine: Admin GuideAmazon CloudWatch logs logging driver (Engine)Bind mounts (Engine)Collect Docker metrics with Prometheus (Engine)Configuring and running Docker (Engine)Configuring logging drivers (Engine)Control and configure Docker with systemd (Engine)ETW logging driver (Engine)Fluentd logging driver (Engine)Format command and log output (Engine)Google Cloud logging driver (Engine)Graylog Extended Format (GELF) logging driver (Engine)Journald logging driver (Engine)JSON File logging driver (Engine)Keep containers alive during daemon downtime (Engine)Limit a container's resources (Engine)Link via an ambassador container (Engine)Log tags for logging driver (Engine)Logentries logging driver (Engine)PowerShell DSC usage (Engine)Prune unused Docker objects (Engine)Run multiple services in a container (Engine)Runtime metrics (Engine)Splunk logging driver (Engine)Start containers automatically (Engine)Storage overview (Engine)Syslog logging driver (Engine)tmpfs mountsTroubleshoot volume problems (Engine)Use a logging driver plugin (Engine)Using Ansible (Engine)Using Chef (Engine)Using Puppet (Engine)View a container's logs (Engine)Volumes (Engine)Engine: CLIDaemon CLI reference (dockerd) (Engine)dockerdocker attachdocker builddocker checkpointdocker checkpoint createdocker checkpoint lsdocker checkpoint rmdocker commitdocker configdocker config createdocker config inspectdocker config lsdocker config rmdocker containerdocker container attachdocker container commitdocker container cpdocker container createdocker container diffdocker container execdocker container exportdocker container inspectdocker container killdocker container logsdocker container lsdocker container pausedocker container portdocker container prunedocker container renamedocker container restartdocker container rmdocker container rundocker container startdocker container statsdocker container stopdocker container topdocker container unpausedocker container updatedocker container waitdocker cpdocker createdocker deploydocker diffdocker eventsdocker execdocker exportdocker historydocker imagedocker image builddocker image historydocker image importdocker image inspectdocker image loaddocker image lsdocker image prunedocker image pulldocker image pushdocker image rmdocker image savedocker image tagdocker imagesdocker importdocker infodocker inspectdocker killdocker loaddocker logindocker logoutdocker logsdocker networkdocker network connectdocker network createdocker network disconnectdocker network inspectdocker network lsdocker network prunedocker network rmdocker nodedocker node demotedocker node inspectdocker node lsdocker node promotedocker node psdocker node rmdocker node updatedocker pausedocker plugindocker plugin createdocker plugin disabledocker plugin enabledocker plugin inspectdocker plugin installdocker plugin lsdocker plugin pushdocker plugin rmdocker plugin setdocker plugin upgradedocker portdocker psdocker pulldocker pushdocker renamedocker restartdocker rmdocker rmidocker rundocker savedocker searchdocker secretdocker secret createdocker secret inspectdocker secret lsdocker secret rmdocker servicedocker service createdocker service inspectdocker service logsdocker service lsdocker service psdocker service rmdocker service scaledocker service updatedocker stackdocker stack deploydocker stack lsdocker stack psdocker stack rmdocker stack servicesdocker startdocker statsdocker stopdocker swarmdocker swarm cadocker swarm initdocker swarm joindocker swarm join-tokendocker swarm leavedocker swarm unlockdocker swarm unlock-keydocker swarm updatedocker systemdocker system dfdocker system eventsdocker system infodocker system prunedocker tagdocker topdocker unpausedocker updatedocker versiondocker volumedocker volume createdocker volume inspectdocker volume lsdocker volume prunedocker volume rmdocker waitUse the Docker command line (Engine)Engine: ExtendAccess authorization plugin (Engine)Docker log driver pluginsDocker network driver plugins (Engine)Extending Engine with pluginsManaged plugin system (Engine)Plugin configuration (Engine)Plugins API (Engine)Volume plugins (Engine)Engine: SecurityAppArmor security profiles for Docker (Engine)Automation with content trust (Engine)Content trust in Docker (Engine)Delegations for content trust (Engine)Deploying Notary (Engine)Docker security (Engine)Docker security non-events (Engine)Isolate containers with a user namespace (Engine)Manage keys for content trust (Engine)Play in a content trust sandbox (Engine)Protect the Docker daemon socket (Engine)Seccomp security profiles for Docker (Engine)Secure EngineUse trusted imagesUsing certificates for repository client verification (Engine)Engine: TutorialsEngine tutorialsNetwork containers (Engine)Get StartedPart 1: OrientationPart 2: ContainersPart 3: ServicesPart 4: SwarmsPart 5: StacksPart 6: Deploy your appMachineAmazon Web Services (Machine)Digital Ocean (Machine)docker-machine activedocker-machine configdocker-machine createdocker-machine envdocker-machine helpdocker-machine inspectdocker-machine ipdocker-machine killdocker-machine lsdocker-machine provisiondocker-machine regenerate-certsdocker-machine restartdocker-machine rmdocker-machine scpdocker-machine sshdocker-machine startdocker-machine statusdocker-machine stopdocker-machine upgradedocker-machine urlDriver options and operating system defaults (Machine)Drivers overview (Machine)Exoscale (Machine)Generic (Machine)Get started with a local VM (Machine)Google Compute Engine (Machine)IBM Softlayer (Machine)Install MachineMachineMachine CLI overviewMachine command-line completionMachine concepts and helpMachine overviewMicrosoft Azure (Machine)Microsoft Hyper-V (Machine)Migrate from Boot2Docker to MachineOpenStack (Machine)Oracle VirtualBox (Machine)Provision AWS EC2 instances (Machine)Provision Digital Ocean Droplets (Machine)Provision hosts in the cloud (Machine)Rackspace (Machine)VMware Fusion (Machine)VMware vCloud Air (Machine)VMware vSphere (Machine)NotaryClient configuration (Notary)Common Server and signer configurations (Notary)Getting started with NotaryNotary changelogNotary configuration filesRunning a Notary serviceServer configuration (Notary)Signer configuration (Notary)Understand the service architecture (Notary)Use the Notary client
文字

描述

创建一个新容器

使用

docker create [OPTIONS] IMAGE [COMMAND] [ARG...]

备选方案

名字,简写

默认

描述

--add-host


添加自定义的主机到IP映射(主机:IP)

--attach, -a


附加到STDIN,STDOUT或STDERR

--blkio-weight

0

阻止IO(相对权重),介于10和1000之间,或0禁用(默认值为0)

--blkio-weight-device


块IO重量(相对设备重量)

--cap-add


添加Linux功能

--cap-drop


删除Linux功能

--cgroup-parent


容器的可选父cgroup

--cidfile


将容器ID写入文件

--cpu-count

0

CPU数量(仅限Windows)

--cpu-percent

0

CPU百分比(仅限Windows)

--cpu-period

0

限制CPU CFS(完全公平调度程序)期间

--cpu-quota

0

限制CPU CFS(完全公平调度程序)配额

--cpu-rt-period

0

限制CPU实时周期(以微秒为单位)

--cpu-rt-runtime

0

以微秒为单位限制CPU实时运行时间

--cpu-shares,-c

0

CPU份额(相对重量)

--cpus


CPU数量

--cpuset-cpus


允许执行的CPU(0-3,0,1)

--cpuset-MEMS


允许执行的MEM(0-3,0,1)

--device


将主机设备添加到容器

--device-cgroup-rule


将规则添加到cgroup允许的设备列表

--device-read-bps


限制设备的读取速率(每秒字节数)

--device-read-iops


限制设备的读取速率(每秒IO)

--device-write-bps


限制写入速率(每秒字节数)到设备

--device-write-iops


限制写入速率(每秒IO)到设备

--disable-content-trust

真正

跳过图像验证

--dns


设置自定义DNS服务器

--dns-OPT


设置DNS选项

--dns-option


设置DNS选项

--dns-search


设置自定义DNS搜索域

--entrypoint


覆盖图像的默认入口点

--env,-e


设置环境变量

--env-file


读入环境变量文件

--expose


公开一个端口或一系列端口

--group-add


添加其他群组加入

--health-cmd


运行以检查运行状况的命令

--health-interval

0

运行检查之间的时间(ms | s | m | h)(默认为0)

--health-retries

0

需要报告不健康的连续失败

--health-start-period

0

启动健康重试倒数前,容器初始化的开始时间段(ms | s | m | h)(默认为0)

--health-timeout

0

允许一次检查运行的最长时间(ms | s | m | h)(默认值为0)

--help

打印用法

--hostname,-h


容器主机名称

--init

在容器中运行一个转发信号并收集进程的init

--interactive, -i

即使没有连接,也要保持STDIN打开

--io-MaxBandwidth

0

系统驱动器的最大IO带宽限制(仅限Windows)

--io-maxiops

0

系统驱动器的最大IOps限制(仅限Windows)

--ip


IPv4地址(例如172.30.100.104)

--ip6


IPv6地址(例如,2001:db8 :: 33)

--ipc


IPC命名空间使用

--isolation


容器隔离技术

--kernel-memory

0

内核内存限制

--label, -l


在容器上设置元数据

--label-file


阅读标签的行分隔文件

--link


将链接添加到其他容器

--link-local-ip


Container IPv4 / IPv6链路本地地址

--log-driver


记录容器的驱动程序

--log-OPT


日志驱动选项

--mac-address


容器MAC地址(例如,92:d0:c6:0a:29:33)

--memory, -m

0

内存限制

--memory-reservation

0

内存软限制

--memory-swap

0

交换限制等于内存加交换:'-1'以启用无限交换

--memory-swappiness

-1

调整容器内存swappiness(0到100)

--mount


将文件系统挂载附加到容器

--name


为容器分配一个名称

--net

默认

将容器连接到网络

--net-alias


为容器添加网络范围的别名

--network

默认

将容器连接到网络

--network-alias


为容器添加网络范围的别名

--no-healthcheck

禁用任何容器指定的HEALTHCHECK

--oom-kill-disable

禁用OOM杀手

--oom-score-adj

0

调整主机的OOM首选项(从-1000到1000)

--pid


要使用的PID名称空间

--pids-limit

0

调整容器匹配限制(无限制地设置-1)

--privileged

给这个容器赋予扩展权限

--publish,-p


将容器的端口发布到主机

--publish-all,-P

将所有暴露的端口发布到随机端口

--read-only

将容器的根文件系统挂载为只读

--restart

没有

重新启动策略以在容器退出时应用

--rm

当容器退出时自动移除容器

--runtime


运行时用于此容器

--security-opt


安全选项

--shm-size

0

/ dev / shm的大小

--stop-signal

SIGTERM

停止容器的信号

--stop-timeout

0

超时(以秒为单位)停止容器

--storage-opt


容器的存储驱动程序选项

--sysctl

地图[]

Sysctl选项

--tmpfs


挂载一个tmpfs目录

--tty, -t

分配一个伪TTY

--ulimit


Ulimit选项

--user,-u


用户名或UID(格式:<名称| uid>:<组| gid>)

--userns


要使用的用户名称空间

--uts


UTS命名空间使用

--volume, -v


绑定安装一个卷

--volume-driver


容器的可选卷驱动程序

--volumes-from


从指定容器装载卷

--workdir,-w


容器内的工作目录

父命令

命令

描述

docker

Docker CLI的基本命令。

扩展描述

docker create命令在指定的映像上创建一个可写容器层,并为运行指定的命令做好准备。然后将容器ID打印到STDOUT。这与docker run -d容器永远不会启动的情况类似。然后您可以使用该docker start <container_id>命令随时启动容器。

当您希望提前设置容器配置以便在需要时启动它时,这非常有用。新容器的初始状态是created

请看运行命令部分和码头运行参考更多细节。

实例

创建并启动容器

$ docker create -t -i fedora bash

6d8af538ec541dd581ebc2a24153a28329acb5268abe5ef868c1f1a261221752

$ docker start -a -i 6d8af538ec5

bash-4.2#

初始化volume

从v1.4.0开始,容器卷在该docker create阶段被初始化(即,docker run也是)。例如,这可以让你createdata体积的容器中,然后用它从另一个容器:

$ docker create -v /data --name data ubuntu

240633dfbb98128fa77473d3d9018f6123b99c454b3251427ae190a7d951ad57

$ docker run --rm --volumes-from data ubuntu ls -la /data

total 8drwxr-xr-x  2 root root 4096 Dec  5 04:10 .drwxr-xr-x 48 root root 4096 Dec  5 04:11 ..

同样,create主机目录绑定安装的卷容器,然后可以从后续容器中使用该容器:

$ docker create -v /home/docker:/docker --name docker ubuntu

9aa88c08f319cd1e4515c3c46b0de7cc9aa75e878357b1e96f91e2c773029f03

$ docker run --rm --volumes-from docker ubuntu ls -la /docker

total 20drwxr-sr-x  5 1000 staff  180 Dec  5 04:00 .drwxr-xr-x 48 root root  4096 Dec  5 04:13 ..-rw-rw-r--  1 1000 staff 3833 Dec  5 04:01 .ash_history-rw-r--r--  1 1000 staff  446 Nov 28 11:51 .ashrc-rw-r--r--  1 1000 staff   25 Dec  5 04:00 .gitconfig
drwxr-sr-x  3 1000 staff   60 Dec  1 03:28 .local-rw-r--r--  1 1000 staff  920 Nov 28 11:51 .profile
drwx--S---  2 1000 staff  460 Dec  5 00:51 .ssh
drwxr-xr-x 32 1000 staff 1140 Dec  5 04:01 docker

设置每个容器的存储驱动程序选项。

$ docker create -it --storage-opt size=120G fedora /bin/bash

这个(大小)将允许在创建时将容器rootfs大小设置为120G。此选项仅适用于devicemapperbtrfsoverlay2windowsfilterzfs图形驱动程序。对于devicemapperbtrfswindowsfilterzfs图形驱动程序,用户无法通过的尺寸小于默认尺寸BaseFS。对于overlay2存储驱动程序,大小选项仅在支持fs为xfs并使用pquota安装选项安装时可用。在这些条件下,用户可以通过任何小于支持fs大小的大小。

指定容器的隔离技术(隔离)

在Windows上运行Docker容器的情况下,此选项很有用。该--isolation=<value>选项设置容器的隔离技术。在Linux上,唯一支持的是default使用Linux命名空间的选项。在Microsoft Windows上,您可以指定这些值:

描述

默认

使用Docker守护进程的--exec-opt指定的值。如果守护进程未指定隔离技术,则Microsoft将使用进程作为其默认值

守护进程在Windows服务器上运行,如果在Windows客户端上运行,则守护进程运行在hyperv上。


process

仅命名空间隔离。

Hyper-V

基于Hyper-V管理程序分区的隔离。

指定--isolation没有值的标志与设置--isolation="default"相同。

处理动态创建的设备(-device-cgroup-rule)

在创建时分配可用于容器的设备。分配的设备都将被添加到cgroup.allow文件,并在运行后创建到容器中。当需要将新设备添加到正在运行的容器时,这会造成问题。

解决方案之一是向容器添加更宽松的规则,以允许访问更广泛的设备。例如,假设我们的容器需要访问具有主要42和任意次数的字符设备(添加为新设备出现),则会添加以下规则:

docker create --device-cgroup-rule='c 42:* rmw' -name my-container my-image

然后,用户可能会要求udev执行脚本,docker exec my-container mknod newDevX c 42 <minor>以便在添加所需设备时使用该脚本。

注意:最初存在的设备仍然需要明确地添加到 create / run 命令中

上一篇:下一篇: