In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)05/31 Report--
This article mainly explains "how to understand the internal logic of docker". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let Xiaobian take you to learn "how to understand docker's internal logic"!
Image-A special file system
Docker image is a special file system. In addition to providing programs, libraries, resources, configuration files, etc. required by the container runtime, it also contains some configuration parameters prepared for runtime (such as anonymous volumes, environment variables, users, etc.)
Container--Entity at runtime for mirroring
Containers are entities that mirror the runtime. Containers can be created, started, stopped, deleted, paused, etc.
Repository-A centralized repository of mirrored files
After the image is built, it can easily run on the current host, but if we need to use this image on other servers, we need a centralized storage and distribution service for the image. Docker Registry is such a service.
Docker uses C/S architecture. The client and server can run on the same machine or communicate via sockets or RESTful APIs.
Docker Daemon: Generally runs in the background of the host, waiting to receive messages from the client
Docker Client: provides a series of executable commands for customers to use to interact with docker daemon
The user uses Docker Client to establish communication with Docker Daemon and send requests to the latter.
Engine performs a series of jobs inside Docker, each of which exists in the form of a Job.
3. During the running process of Job, when a container image is needed, download the image from Docker Registry and store the downloaded image in the form of Graph through image management driver graphdriver; when a network environment needs to be created for Docker, create and configure Docker container network environment through network management driver networkdriver; when operations such as restricting Docker container running resources or executing user instructions need to be completed through execudriver. Libcontainer is an independent container management package, networkdriver and execdriver are implemented through libcontainer to implement specific operations on containers.
1. Comparison of containers and virtual machines
2. Docker's advantages
Docker's Disadvantages
4. Docker application scenarios
1. Docker installation
2. Understand mirrors and containers
3. Mirror container management
What is a mirror image?
Mirrors are multi-tiered federated read-only file systems.
What is a container?
Container is based on mirror plus read-write layer. Containers are processes.
The process of building mirrors?
Mirror-> Mirror + writable layer + execute command->commit for new mirror (new layer)-> Mirror + writable layer + execute command->commit for new mirror (new layer)->…
Typical file system startup:
A typical Linux file system consists of bootfs and rootfs,
bootfs(boot file system)
It mainly contains bootloader and kernel. bootloader is mainly used to boot and load kernel. bootfs will be counted off after kernel is loaded into memory.
rootfs (root file system)
/dev,/proc,/bin,/etc are standard directories and files in typical Linux systems.
Loading process:
bootfs sets rootfs to read-only, and then changes rootfs from read-only to read-write after the system self-test
Docker file system startup:
Docker does not change rootfs read-only to read-write after bootfs self-test, but uses union mount (a mounting mechanism of UnionFS) to load other layers in image onto the previous read-only rootfs layer. Each layer is rootfs structure and read-only. So, we can't modify a layer inside an existing mirror! Only when we create a container, instantiating Docker images, will the system allocate an empty layer of read-write rootfs to hold our changes
Layer information for base mirror
docker pull centos
tree -L 2 /var/lib/docker/overlay2/
Layer information mirrored after build
cd layer_dockerfile/
docker build -t centos:test -f ./ Dockerfile .
tree -L 2 /var/lib/docker/overlay2/
Each layer contains "files unique to that layer" and "connections to data shared at lower layers." In versions before Docker 1.10, the directory name is the same as the UUID of the image, while Docker 1.10 uses a new storage method. You can see that the directory name is not the same as the UUID of the download image.
Diff
The specific file content of the mount point
Link
Name of link source corresponding to l directory
Lower
The root has no lower, and the other lower points to the parent layer link
L:
The "l" directory contains symbolic links as shortened layer identifiers. These shortened identifiers are used to avoid mounting beyond page size limits
Commit: container committed as mirror
docker run -idt --name test centos
Touch liwei
docker commit 6de test2
Create: Create container but don't start
docker create --name nginx-con -p80:80 nginx:latest
Start: Start container
docker start nginx-con
Stop: Stop container
docker stop nginx-con
Kill: Kill containers, and stop compared to unfriendly
docker kill nginx-con
Pause: Pause container
docker pause nginx-con
Unpause: Resume paused containers
docker unpause nginx-con
Run: Create and start container
docker run -idt --restart=always --name nginx_con -v /tmp/:/mnt -p 88:80 -e arg1=arg1 nginx
Docker attach nginx_con
Ctrl+^p+^q
CP: copy files between host and container
docker cp docker_install.sh nginx_con:/opt
docker exec nginx_con ls /opt
docker cp nginx_con:/opt/docker_install.sh ./ 1.sh
Exec: Executes commands, can also be attached to containers
docker exec nginx_con ls /opt
Attach: Attach to container
docker attach nginx_con
docker exec -it nginx_con /bin/bash
Logs: View container logs
docker logs -f nginx_con
Inspect: View metadata, mirror and container
docker inspect nginx_con
Port: View container port mapping
docker port nginx_con
Top: View processes running in containers
docker top nginx_con
Ps: View containers
docker ps
docker ps -a
docker ps -aq
View running containers, plus-a View all containers (including stopped and paused containers)
Rm: Delete container
docker rm nginx_con Remove container
docker rm -f nginx_con Forcibly delete containers
Export: Export container
docker pull busybox
docker run -itd busybox
docker export 983989307eef>busybox.tar
Import: importing containers
docker import busybox.tar busybox:1.3
Save: Export Mirror
docker save busybox:1.3>busybox1.3.tar
Load: Import Mirror
docker load -i busybox1.3.tar
Tag: mirror tag
docker tag busybox:1.3 192.168.199.160/test/busybox:latest
Build: Build an image from dockerfile
FROM centos
ENV TZ "Asia/Shanghai"
ADD echo.sh /opt/echo.sh
RUN chmod +x /opt/echo.sh
CMD ["/opt/echo.sh"]
docker build -t centos:test -f Dockerfile .
Pull: Pull images from registry
docker pull nginx pulled from dockerhub
docker pull 192.168.199.160/test/nginx:latest Pull from harbor on intranet
Push: Push the image to the repository [password is required for the first time, no longer required]
docker login 192.168.199.160
admin
Harbor12345
docker push 192.168.199.160/test/busybox:latest
Info、version、events
docker info View docker related information
Docker version View docker version information
Docker events View docker events
[Note]
1. Do not move the firewall after creating the container
2, cmd will be overwritten problem, need to pay attention, may cause/bin/bash to start the command overwritten, can not start the problem, for example
docker run -idt --restart=always --name nginx_con -v /tmp/:/mnt -p 88:80 -e arg1=arg1 nginx /bin/bash
3, cmd commands will be suspended after the execution.
At this point, I believe everyone has a deeper understanding of "how to understand docker's internal logic". Let's do it in practice! Here is the website, more related content can enter the relevant channels for inquiry, pay attention to us, continue to learn!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.