Shulou(Shulou.com)06/02 Report--

I. data management of docker

In docker, in order to easily view the data generated in the container or share the data among multiple containers, the data management operation of the container is involved. There are two main ways to manage the data in the docker container: data volume and data volume container.

1. Data volume

The data volume is a special directory for the container, which is located in the container. You can mount the host directory to the data volume, and the modification operation to the data volume is immediately visible, and updating the data will not affect the image, thus realizing the data migration between the host and the container. The use of the data volume is similar to the mount mount operation to the directory under Linux (Note: the host local directory is mounted to the container. For example: if the host local / data directory mounts / dev/sdb1, then the file system used in the specified directory in the container is also / dev/sdb1 when / data is used for data volume mapping. I don't know if you can understand how it works.

Mount the host directory as an example of a data volume:

Use the-v option to create a data volume (just create a directory when you run the container). When creating a data volume, mount the host's directory to the data volume to achieve data migration between the host and the container.

It should be noted that the path to the local directory of the host must be an absolute path. If the path does not exist, Docker will automatically create the corresponding path.

[root@localhost ~] # docker run-d-p 5000 5000-v / data/registry/:/tmp/registry docker.io/registry# this is a container running a private repository, where-p is the option for port mapping, which is not explained here. #-v is the directory mapping, mapping the local / data/registry/ directory to the / tmp/registry directory in the container. # then the content under the / tmp/registry directory in the container is the same as the / data/registry/ content of the host. [root@localhost ~] # df-hT / data/registry/ # first check the local / data/registry/ mounted file system type capacity available available mount point node4:dis-stripe fuse.glusterfs 80g 130m 80g 1% / data/registry [root@localhost ~] # docker exec-it a6bf726c612b / bin/sh # into the container of the private warehouse, the container does not have / bin/bash So / bin/sh is used. / # df-hT / tmp/registry/ # check and find that the file system mounted in this directory is the same as that mounted on the host, which means there is no problem. Filesystem Type Size Used Available Use% Mounted onnode4:dis-stripe fuse.glusterfs 80.0G 129.4M 79.8G 0% / tmp/registry

2. Data volume container

If you need to share some data between containers, the easiest way is to use a data volume container. A data volume container is an ordinary container that provides data volumes for mounting use by other containers. How to use it as follows: first, you need to create a container as a data volume container, and then use-- volumes-from to mount the data volumes in the data volume container when other containers are created.

Examples of creating and using container volumes:

[root@localhost ~] # docker run-itd-- name datasrv-v / data1-v / data2 docker.io/sameersbn/bind / bin/bash# create and run a container named datasrv, and create two data volumes: data1 and data2. D9e578db8355da35637d2cf9b0a3406a647fe8e70b2df6172ab41818474aab08 [root@localhost ~] # docker exec-it datasrv / bin/bash# enters the created container root@d9e578db8355:/# ls | grep data # check to see if there is a corresponding data volume data1data2 [root@localhost ~] # docker run-itd-- volumes-from datasrv-- name ftpsrv docker.io/fauria/vsftpd / bin/bash# runs a container called ftpsrv, and uses-- volumes-from to mount the data volume in the datasrv container to the new ftpsvr container. Eb84fa6e85a51779b652e0058844987c5974cf2a66d1772bdc05bde30f8a254f [root@localhost ~] # docker exec-it ftpsrv / bin/bash # enter the newly created container [root@eb84fa6e85a5 /] # ls | grep data # check whether the new container can see the data volume provided by datasrv data1data2 [root@eb84fa6e85a5 /] # echo "data volumes test" > / data1/test.txt # write a file to the data1 directory in the ftpsrv container for testing [root@eb84fa6e85a5 /] # exit # exit the container exit [root@localhost ~] # docker exec-it datasrv / bin/bash # enter the datasrv container providing data volumes root@d9e578db8355:/# cat / data1/test.txt # you can see the file just created in the ftpsrv container OK . Data volumes test

Note that the most important thing in the production environment is the reliability of storage and the dynamic scalability of storage. You must take this into account when making data volumes. What is more outstanding in this respect is the GFS file system. I just made a simple configuration above. If you are in a production environment, you must consider it carefully. For example, if you do the mirror volume container above, you can mount the GFS file system locally on the host. Then, when creating a mirror volume container, map the directory where the GFS is mounted to the mirror volume in the container, so that it is a qualified mirror volume container.

II. Docker network communication

1. Port mapping

Docker provides a mechanism for mapping container ports to hosts and container interconnection to provide network services for containers.

When starting the container, if you do not specify the corresponding port, the services in the container cannot be accessed through the network outside the container. Docker provides a port mapping mechanism to provide services in the container to external network access, which essentially maps the port of the host to the container, so that the port of the host can access the services in the container.

To achieve port mapping, you need to use the-P (uppercase) option when running the docker run command to achieve random mapping. Docker will generally randomly map to a port to access the open network port inside the container, but it is not absolute, and there are exceptions that will not be mapped to this range; you can also use the-p (lowercase) option to specify the port to be mapped when running the docker run command (commonly used this method).

Example of port mapping:

[root@localhost ~] # docker run-d-P docker.io/sameersbn/bind # Random Mapping Port 9b4b7c464900df3b766cbc9227b21a3cad7d2816452c180b08eac4f473f88835 [root@localhost ~] # docker run-itd-p 68:67 docker.io/networkboot/dhcpd / bin/bash# maps port 67 in the container to port 68 6f9f8125bcb22335dcdb768bbf378634752b5766504e0138333a6ef5c57b7047 of the host [root@localhost ~] # docker ps-a # check and find no problem CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES6f9f8125bcb2 docker.io/networkboot/dhcpd "/ entrypoint.sh / b..." 2 seconds ago Up 1 second 0.0.0.068-> 67/tcp Keen_brattain9b4b7c464900 docker.io/sameersbn/bind "/ sbin/entrypoint...." 4 minutes ago Up 4 minutes 0.0.0.0 minutes ago Up 32768-> 53/udp 0.0.0.0 32769-> 53/tcp, 0.0.0.0VR 32768-> 10000/tcp coc_gates# at this time Accessing port 68 of the host is equivalent to accessing port 67 of the first container. Accessing port 32768 of the host is equivalent to accessing port 53 of the container.

2. Container interconnection

Container interconnection is realized by establishing a special network communication tunnel between containers through the name of containers. To put it simply, a tunnel is established between the source container and the receiving container, and the receiving container can see the information specified by the source container.

When running the docker run command, use the-- link option to achieve interconnected communication between containers in the following format:

-- link name: alias # where name is the name of the container to which you want to connect and alias is the alias for this connection.

Container interconnection is performed through the name of the container. The-- name option creates a friendly name for the container, which is unique. If you have already named a container with the same name, you need to use the docker rm command to delete the previously created container with the same name when you want to use this name again.

Examples of container interconnection:

[root@localhost ~] # docker run-tid-P-- name web1 docker.io/httpd / bin/bash# run container web1c88f7340f0c12b9f5228ec38793e24a6900084e58ea4690e8a847da2cdfe0b [[root@localhost ~] # docker run-tid-P-name web2-- link web1:web1 docker.io/httpd / bin/bash# run container web2 And associate the web1 container c7debd7809257c6375412d54fe45893241d2973b7af1da75ba9f7eebcfd4d652 [root@localhost ~] # docker exec-it web2 / bin/bash # into the web2 container root@c7debd780925:/usr/local/apache2# cdroot@c7debd780925:~# ping web1 # to ping test web1 bash: ping: command not found # sorry, prompting that there is no ping command Download a croot @ c7debd780925:~#apt-get update # update root@c7debd780925:~#apt install iputils-ping # install ping command root@c7debd780925:~#apt install net-tools # this is to install the ifconfig command, you can not install I'm just taking a note here root@c7debd780925:~# ping web1 # and then ping testing web1 PING web1 (172.17.0.2) 56 (84) bytes of data.64 bytes from web1 (172.17.0.2): icmp_seq=1 ttl=64 time=0.079 ms64 bytes from web1 (172.17.0.2): icmp_seq=2 ttl=64 time=0.114 ms. # omitting part # ping is working So it can be said that the two containers must be interconnected. # if the new container web3 is created, you need to interconnect with web1 and web2 at the same time, the command is as follows: [root@localhost ~] # docker run-dit-P-name web3-- link web1:web1-- link web2:web2 docker.io/httpd / bin/bash# when running the container, associate web1 and web2. # the following is to enter web3 [root @ localhost ~] # docker exec-it web3 / bin/bashroot@433d5be6232c:/usr/local/apache2# cd#. The following is to install the ping command root@433d5be6232c:~# apt-get updateroot@433d5be6232c:~# apt install iputils-ping#. The following is to web1 respectively. Web2 for ping testing root@433d5be6232c:~# ping web1PING web1 (172.17.0.2) 56 (84) bytes of data.64 bytes from web1 (172.17.0.2): icmp_seq=1 ttl=64 time=0.102 ms64 bytes from web1 (172.17.0.2): icmp_seq=2 ttl=64 time=0.112 ms. # omit part of the content root@433d5be6232c:~# ping web2PING web2 (172.17.0.3) ) 56 (84) bytes of data.64 bytes from web2 (172.17.0.3): icmp_seq=1 ttl=64 time=0.165 ms64 bytes from web2 (172.17.0.3): icmp_seq=2 ttl=64 time=0.115 ms. # omit part of the content

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.