docker使用续

让容器像daemon即后台服务一样运行，不用加&后台运行，不用加nohup解绑终端。这些都不需要，只需要加上一个选项 -d 即可。

[root@ecs-d589 docker]# docker run -d -i -p 1234:1234 --name daemon ubuntu:14.04 nc -l 1234
Unable to find image 'ubuntu:14.04' locally
14.04: Pulling from library/ubuntu  //本地没有就从网上拉

2e6e20c8e2e6: Pull complete
0551a797c01d: Pull complete
512123a864da: Pull complete
Digest: sha256:96a36dd3bcd8f149fa9874c4e28c35c01f715b3e5f8f1a8e06b45887619bf43b
Status: Downloaded newer image for ubuntu:14.04
6a7f60110ae112659e705a61bea28b2ea27d4f08ea07727dfe48899f777f6585
[root@ecs-d589 docker]# docker ps
CONTAINER ID   IMAGE          COMMAND        CREATED          STATUS          PORTS                                       NAMES
6a7f60110ae1   ubuntu:14.04   "nc -l 1234"   12 seconds ago   Up 11 seconds   0.0.0.0:1234->1234/tcp, :::1234->1234/tcp   daemon

作为客户端，往容器的服务端口发送一些信息

[root@ecs-d589 ~]# telnet localhost 1234
Trying ::1...
Connected to localhost.
Escape character is '^]'.
asdf

确实容器收到了请求，然后它啥也不做

[root@ecs-d589 docker]# docker logs daemon
asdf

当容器以daemon的方式运行起来后，不管什么原因导致服务被停止，然后后续的处理，如果手工处理的话，会是比较繁琐的。因此docker的重启策略周到的考虑到了这些情况：

帮助理解docker客户端、服务端之间的架构和协议，可以使用socat来帮忙。socat做为代理，还可以用来对外开放TCP端口(TCP-LISTEN:2375)，连接到docker 的unix套接字上，而socat充当代理和审计的功能，这个技巧挺有意思的。

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device (serial line etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an SSL socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU line editor (readline), a program, or a combination of two of these.

先把代理socat配置并启动起来
[root@ecs-d589 ~]# socat -v UNIX-LISTEN:/tmp/dockerapi.sock,fork UNIX-CONNECT:/var/run/docker.sock &

然后运行一条docker命令，要使用代理展示出来的那个sock哦，运行成功，
[root@ecs-d589 ~]# docker -H unix:///tmp/dockerapi.sock ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8ecc383fb92b ubuntu:14.04 “nc -l 1234” About an hour ago Exited (0) About an hour ago daemon3
d34f7eaf6b75 ubuntu:14.04 “/bin/bash” About an hour ago Exited (137) About an hour ago daemon2
6a7f60110ae1 ubuntu:14.04 “nc -l 1234” 2 days ago Exited (0) 47 hours ago daemon
3a265ddcb7e4 todoapp “docker-entrypoint.s…” 2 days ago Exited (1) 2 days ago example1

看一下代理作为中间人，它掌握了双方的信息，就像房产中介一样。
[root@ecs-d589 ~]#
> 2022/06/27 16:13:39.522508 length=82 from=0 to=81
HEAD /_ping HTTP/1.1\r
Host: docker\r
User-Agent: Docker-Client/20.10.17 (linux)\r
\r
< 2022/06/27 16:13:39.523014 length=281 from=0 to=280
HTTP/1.1 200 OK\r
Api-Version: 1.41\r
Cache-Control: no-cache, no-store, must-revalidate\r
Content-Length: 0\r
Content-Type: text/plain; charset=utf-8\r
Docker-Experimental: false\r
Ostype: linux\r
Pragma: no-cache\r
Server: Docker/20.10.17 (linux)\r
Date: Mon, 27 Jun 2022 08:13:39 GMT\r
\r
> 2022/06/27 16:13:39.523420 length=103 from=82 to=184
GET /v1.41/containers/json?all=1 HTTP/1.1\r
Host: docker\r
User-Agent: Docker-Client/20.10.17 (linux)\r
\r
< 2022/06/27 16:13:39.524582 length=3069 from=281 to=3349
HTTP/1.1 200 OK\r
Api-Version: 1.41\r
Content-Type: application/json\r
Docker-Experimental: false\r
Ostype: linux\r
Server: Docker/20.10.17 (linux)\r
Date: Mon, 27 Jun 2022 08:13:39 GMT\r
Transfer-Encoding: chunked\r
\r
b1e\r
[{“Id”:“8ecc383fb92bd185edeabddc1d36ba17e458e8f41195117e73f78fd53364a51e”,“Names”:["/daemon3"],“Image”:“ubuntu:14.04”,“ImageID”:“sha256:13b66b487594a1f2b75396013bc05d29d9f527852d96c5577cc4f187559875d0”,“Command”:“nc -l 1234”,“Created”:1656312825,“Ports”:[],“Labels”:{},“State”:“exited”,“Status”:“Exited (0) About an hour ago”,“HostConfig”:{“NetworkMode”:“default”},“NetworkSettings”:{“Networks”:{“bridge”:{“IPAMConfig”:null,“Links”:null,“Aliases”:null,“NetworkID”:“77aca8a10049eaaada56def7d5fcfdab440c1e63a0d0e9cff031493750935492”,“EndpointID”:"",“Gateway”:"",“IPAddress”:"",“IPPrefixLen”:0,“IPv6Gateway”:"",“GlobalIPv6Address”:"",“GlobalIPv6PrefixLen”:0,“MacAddress”:"",“DriverOpts”:null}}},“Mounts”:[]},{“Id”:“d34f7eaf6b75a117347111553acf5a064b33ba6d88b80674ef3ee58258679e26”,“Names”:["/daemon2"],“Image”:“ubuntu:14.04”,“ImageID”:“sha256:13b66b487594a1f2b75396013bc05d29d9f527852d96c5577cc4f187559875d0”,“Command”:"/bin/bash",“Created”:1656312716,“Ports”:[],“Labels”:{},“State”:“exited”,“Status”:“Exited (137) About an hour ago”,“HostConfig”:{“NetworkMode”:“default”},“NetworkSettings”:{“Networks”:{“bridge”:{“IPAMConfig”:null,“Links”:null,“Aliases”:null,“NetworkID”:“77aca8a10049eaaada56def7d5fcfdab440c1e63a0d0e9cff031493750935492”,“EndpointID”:"",“Gateway”:"",“IPAddress”:"",“IPPrefixLen”:0,“IPv6Gateway”:"",“GlobalIPv6Address”:"",“GlobalIPv6PrefixLen”:0,“MacAddress”:"",“DriverOpts”:null}}},“Mounts”:[]},{“Id”:“6a7f60110ae112659e705a61bea28b2ea27d4f08ea07727dfe48899f777f6585”,“Names”:["/daemon"],“Image”:“ubuntu:14.04”,“ImageID”:“sha256:13b66b487594a1f2b75396013bc05d29d9f527852d96c5577cc4f187559875d0”,“Command”:“nc -l 1234”,“Created”:1656145813,“Ports”:[],“Labels”:{},“State”:“exited”,“Status”:“Exited (0) 47 hours ago”,“HostConfig”:{“NetworkMode”:“default”},“NetworkSettings”:{“Networks”:{“bridge”:{“IPAMConfig”:null,“Links”:null,“Aliases”:null,“NetworkID”:“77aca8a10049eaaada56def7d5fcfdab440c1e63a0d0e9cff031493750935492”,“EndpointID”:"",“Gateway”:"",“IPAddress”:"",“IPPrefixLen”:0,“IPv6Gateway”:"",“GlobalIPv6Address”:"",“GlobalIPv6PrefixLen”:0,“MacAddress”:"",“DriverOpts”:null}}},“Mounts”:[]},{“Id”:“3a265ddcb7e4ee956a08c7cc407708ac4e4d13bd8bc891716611e749ba23ac67”,“Names”:["/example1"],“Image”:“todoapp”,“ImageID”:“sha256:98fd87257843cea062d647fccc0a1dc587169c4d810918360d2211ab7cf82de2”,“Command”:“docker-entrypoint.sh npm start”,“Created”:1656139427,“Ports”:[],“Labels”:{“maintainer":"xx@yy.com”},“State”:“exited”,“Status”:“Exited (1) 2 days ago”,“HostConfig”:{“NetworkMode”:“default”},“NetworkSettings”:{“Networks”:{“bridge”:{“IPAMConfig”:null,“Links”:null,“Aliases”:null,“NetworkID”:“77aca8a10049eaaada56def7d5fcfdab440c1e63a0d0e9cff031493750935492”,“EndpointID”:"",“Gateway”:"",“IPAddress”:"",“IPPrefixLen”:0,“IPv6Gateway”:"",“GlobalIPv6Address”:"",“GlobalIPv6PrefixLen”:0,“MacAddress”:"",“DriverOpts”:null}}},“Mounts”:[]}]
\r
0\r
\r