Shulou(Shulou.com)06/03 Report--

Overview of Docker

Docker is an open platform for developing, delivering and running applications.

Faster delivery and deployment of Docker benefits

For developers-Build Once, Run Anywhere

Containers mean environmental isolation and repeatability. Developers only need to create a running environment for the application once, then package it into a container and run it on other machines. In addition, the container environment is isolated from the Host environment, just like a virtual machine, but faster and easier.

For operators-Configure Once, Run Anything

As long as the standard runtime environment is configured, the server can run any container. This makes the work of operators more efficient, consistent and repeatable. Containers eliminate inconsistencies in development, testing, and production environments.

More efficient virtualization

The operation of the Docker container does not require additional hypervisor support, it is kernel-level virtualization, so higher performance and efficiency can be achieved.

Easier migration and expansion

Docker containers can run on almost any platform, including physical machines, virtual machines, public clouds, private clouds, personal computers, servers, and so on. This compatibility allows users to migrate an application directly from one platform to another.

Easier management

With Docker, you can replace a lot of previous update work with only a small change. All changes are distributed and updated incrementally, resulting in automated and efficient management.

Docker EngineDocker Engine is a client-server application with the following main components:

A server is a long-running program called a daemon process (dockerd command).

REST API, which specifies the interface that the program can use to communicate with the daemon and instruct it to operate.

Command line interface (CLI) client (docker command).

CLI uses Docker REST API to control the Docker daemon or interact with the Docker daemon through scripts or direct CLI commands.

Many other Docker applications use basic API and CLI.

Docker architecture

Docker uses the architecture of the Docker S (client / server) architecture, the Docker client communicates with the Docker daemon, and the Docker daemon is responsible for building, running, and distributing the Docker container. The Docker client and daemon can run on the same system, or you can connect the Docker client to the remote Docker daemon. Docker clients and daemons use REST API to communicate over UNIX sockets or network interfaces.

Docker Damon:dockerd, which is used to listen for Docker API requests and manage Docker objects such as mirrors, containers, networks, and Volume.

Docker Client:docker client is the main way for us to interact with Docker. For example, we can run a container through the docker run command, and then our client will send the command to the Dockerd above and let him do the real thing.

Three basic Concepts of Docker

Docker Registry: a repository for storing Docker images. Docker Hub is a public repository provided by Docker, and Docker also looks for images from Docker Hub by default. Of course, you can easily run a private repository. When we use the docker pull or docker run command, we pull images from our configured Docker image repository, and when we use the docker push command, we push the constructed images to the corresponding image repository.

Images: the image is a read-only template with instructions for creating a Docker container. Generally speaking, the image is based on some other basic image with some additional customization features. For example, you can build a Centos-based image, and then install a Nginx server on top of the basic image, so that you can form our own image.

Containers: a container is a runnable instance of a mirror. You can use Docker REST API or CLI to manipulate the container. The container is essentially a process, but unlike the process executed directly on the host, the container process runs in its own independent namespace. So the container can have its own root file system, its own network configuration, its own process space, and even its own user ID space. Processes in the container run in an isolated environment and are used as if they were operating on a system independent of the host. This feature makes container-encapsulated applications more secure than running directly in the host.

Underlying technical support:

Docker is written in Go, Namespaces (isolation), CGroups (resource restriction), UnionFS (layering of images and containers) the-underlying-technology Docker underlying architecture analysis

Installation

Go directly to the official documentation and select the appropriate platform to install. For example, if we want to install Docker on the centos system, go to the address https://docs.docker.com/install/linux/docker-ce/centos/ and follow the prompts to install it.

Install the required software packages

Sudo yum install-y yum-utils\ device-mapper-persistent-data\ lvm2

To add a software repository, we use the stable version of Docker here and execute the following command to add the address of the yum repository:

Sudo yum-config-manager\-- add-repo\ https://download.docker.com/linux/centos/docker-ce.repo install Docker CEyum install docker-ce launch Docker CE$ sudo systemctl enable docker$ sudo systemctl start docker to view version number [root@localhost ~] # docker versionClient: Docker Engine-Community Version: 19.03.4 API version: 1.40 Go version: go1.12.10 Git commit: 9013bf583a Built: Fri Oct 18 15:52:22 2019 OS/Arch: linux/amd64 Experimental: falseServer: Docker Engine-Community Engine: Version: 19.03.4 API version: 1.40 (minimum version 1.12) Go version: go1.12.10 Git commit: 9013bf583a Built: Fri Oct 18 15:50:54 2019 OS/Arch: linux/amd64 Experimental: false Containerd: Version: 1.2.10 GitCommit: b34a5c8af56e510852c35414db4c1f4fa6172339 runc: Version: 1.0.0-rc8+dev GitCommit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657 docker-init: Version: 0.18.0 GitCommit: fec3683 [root@localhost ~] # run the first container

When the environment is ready, run the first container immediately and execute the command:

Docker run-d-p 80:80 the first time httpd needs to download an image may be slow, so it needs to be a mirror acceleration mirror accelerator.

It is sometimes difficult to pull an image from Docker Hub in China. You can configure an image accelerator at this time.

For systems using systemd, write the following in / etc/docker/daemon.json (create a new file if it does not exist) {"registry-mirrors": ["https://dockerhub.azk8s.cn"," https://reg-mirror.qiniu.com"]} Note, make sure that the file conforms to the json specification, otherwise Docker will not start. Then restart the service to check whether the accelerator is in effect [root@localhost docker] # docker info | grep Registry-A 10 Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0 Labels 8 Registry Mirrors: https://dockerhub.azk8s.cn/ https://reg-mirror.qiniu.com/ Live Restore Enabled: false start a container: [root@muyudembp ~] # docker run ubuntu:16.04 / bin/echo 'Hello world'Unable to find image' ubuntu:16.04' locally16.04: Pulling from library/ubuntue80174c8b43b: Pull completed1072db285cc: Pull complete858453671e67: Pull complete3d07b1124f98: Pull completeDigest: sha256:bb5b48c7750a6a8775c74bcb601f7e5399135d0a06de004d000e05fd25c1a71cStatus: Downloaded newer image for ubuntu:16.04Hello world [root@muyudembp ~] # docker run ubuntu:16.04 / bin/echo 'Hello world'Hello world commands for viewing the history of images [root@muyudembp ~] # docker history ubuntu:16.04IMAGE CREATED CREATED BY SIZE COMMENT5f2bf26e3524 Less than a second ago / bin/sh-c # (nop) CMD ["/ bin/bash"] 0B Less than a second ago / bin/sh-c mkdir-p / run/systemd & & echo'do … 7B Less than a second ago / bin/sh-c set-xe & & echo'#! / bin/sh' > / … 745B Less than a second ago / bin/sh-c rm-rf / var/lib/apt/lists/* 0B Less than a second ago / bin/sh-c # (nop) ADD file:9511990749b593a6f... 123MB enters container [root@muyudembp ~] # docker run-it ubuntu:16.04 / bin/bashroot@247c977ce6dc:/# lsbin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr varroot@247c977ce6dc:/# starts and closes container [root@muyudembp ~] # docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES247c977ce6dc ubuntu:16. 04 "/ bin/bash" 7 minutes ago Up 7 minutes youthful_hamilton6fe5c402d589 httpd "httpd-foreground" 5 hours ago Up 5 hours 0.0.0.0 minutes youthful_hamilton6fe5c402d589 httpd 80-> 80/tcp sad_ Dijkstrap [root @ muyudembp ~] # docker stop 6fe5c402d5896fe5c402d589 [root@muyudembp ~] # docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES247c977ce6dc ubuntu:16.04 "/ bin/bash" 7 minutes ago Up 7 minutes youthful_ Hamilton [root @ muyudembp ~] # docker start 6fe5c402d5896fe5c402d589 [root@muyudembp ~] # docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES247c977ce6dc ubuntu:16.04 "/ bin/bash" 7 minutes ago Up 7 minutes youthful_hamilton6fe5c402d589 httpd "httpd-foreground" 5 hours ago Up 1 second 0.0.0.0 minutes youthful_hamilton6fe5c402d589 httpd 80-> 80/tcp sad_dijkstra [root@muyudembp ~] # docker rm 247c977ce6dcError response from daemon: You cannot remove a running container 247c977ce6dcc47e043b4d9ef02c95b4d7d21e32009bff425314724315e4bea4. Stop the container before attempting removal or force remove forcibly closes the running container [root@muyudembp ~] # docker rm-f 247c977ce6dc247c977ce6dc [root@muyudembp ~] # docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES6fe5c402d589 httpd "httpd-foreground" 5 hours ago Up 2 minutes 0.0.0.0: 80-> 80/tcp sad_dijkstra image related operations [root@muyudembp ~] # docker rmi-f 5f2bf26e3524Untagged: ubuntu:16.04Untagged: ubuntu@sha256:bb5b48c7750a6a8775c74bcb601f7e5399135d0a06de004d000e05fd25c1a71cDeleted: sha256:5f2bf26e35249d8b47f002045c57b2ea9d8ba68704f45f3c209182a7a2a9ece5 [root@muyudembp ~] # docker image lsREPOSITORY TAG IMAGE ID CREATED SIZEhttpd latest d3017f59d5e2 17 hours ago 165MBdocker commit custom image

The image is the basis of the container. Each time docker run is executed, which image is specified as the basis for the container to run. In the previous example, we used images from Docker Hub. Using these images directly can meet certain needs, and when these images can not directly meet the needs, we need to customize these images.

Now let's use the httpd image as an example.

Docker run-- name webserver-d-p 80:80 httpd

This command starts a container with a httpd image, named webserver, and maps port 80 so that we can use a browser to access the web server.

[root@muyudembp ~] # curl localhostIt works! [root@muyudembp ~] # docker exec-it 543f2ad89f8e / bin/bashroot@543f2ad89f8e:/usr/local/apache2# echo "Hello, Docker!" > / usr/local/apache2/htdocs exit container [root@muyudembp ~] # curl localhostHello, Docker! We can save the container as an image with the following command: [root@muyudembp ~] # docker commit\ >-- author "muyu"\ >-- message "modified the default home page"\ > webserver\ > httpd:v2sha256:229d8c3a7577be285e858f80c1e97dad5ddfb604fbcd5b4f1b3ad4fa40935712 [root@muyudembp ~] # docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEhttpd v2 229d8c3a7577 11 seconds ago 165MBhttpd latest d3017f59d5e2 17 hours ago 165MB [root@muyudembp ~] # docker history 229d8c3a7577IMAGE CREATED CREATED BY SIZE COMMENT229d8c3a7577 About a minute ago httpd-foreground 31B Modified the default home page d3017f59d5e2 17 hours ago / bin/sh-c # (nop) CMD ["httpd-foreground"] 0B 17 hours ago / bin/sh-c # (nop) EXPOSE 800B 17 hours ago / bin/sh-c # (nop) COPY file:c432ff61c4993ecd... 138B 17 hours ago / bin/sh-c # (nop) STOPSIGNAL WINCH 0B 17 hours ago / bin/sh-c set-eux; savedAptMark= "$(apt-m …" 60.7MB 2 weeks ago / bin/sh-c # (nop) ENV HTTPD_PATCHES= 0B 2 weeks ago / bin/sh-c # (nop) ENV HTTPD_SHA256=133d4829 … 0B 2 weeks ago / bin/sh-c # (nop) ENV HTTPD_VERSION=2.4.41 0B 2 weeks ago / bin/sh-c set-eux; apt-get update; apt-g … 35.4MB 2 weeks ago / bin/sh-c # (nop) WORKDIR / usr/local/apache2 0B 2 weeks ago / bin/sh-c mkdir-p "$HTTPD_PREFIX" & & chow … 0B 2 weeks ago / bin/sh-c # (nop) ENV PATH=/usr/local/apach … 0B 2 weeks ago / bin/sh-c # (nop) ENV HTTPD_PREFIX=/usr/loc … 0B 2 weeks ago / bin/sh-c # (nop) CMD ["bash"] 0B 2 weeks ago / bin/sh-c # (nop) ADD file:74b2987cacab5a6b0 … 69.2MB [root@muyudembp] # docker run-- name webserver2-d-p 81:80 httpd:v2693745577ac0d47dc88680dff44afa3749ac88c39ad55deea1802c191bcb9542 [root@muyudembp] # curl localhost:81Hello, Docker!

At this point, we have completed the customized image for the first time, using the docker commit command. The manual operation adds a new layer to the old image to form a new image, which should have a more intuitive feeling for multi-tier storage of the image.

But custom images are not recommended. Custom images should be done using Dockerfile.

Command collation:

Container operation:

Docker create # create a container but not start it docker run # create and start a container docker stop # stop the container running, send a signal SIGTERMdocker start # start a stopped container docker restart # restart a container docker rm # delete a container docker kill # send a signal to the container, by default SIGKILLdocker attach # connect (enter) to a running container docker wait # block a container until the container stops running

Get container information:

Docker ps # displays containers with Up status docker ps-a # shows all containers Including running (Up) and Exited (Exited) docker inspect # go deep inside the container to get all the information of the container docker logs # View the container's stdout/stderr docker events # get the real-time event docker port # display the container's port mapping docker top # display the container's process information docker diff # display the container's forward and backward changes in the file system docker system df # view the space occupied by images, containers and data volumes.

Export the container:

Docker cp # copy files or directories out of the container docker export # export the entire file system of the container as a tar package without layers, tag, etc.

Execute:

Docker exec # executes a command in the container and executes bash to enter the interaction

Mirror operation:

Docker images # displays a list of all local images docker import # creates an image from a tar package, often in conjunction with export using docker build # to create an image using Dockerfile (recommended) docker commit # to create an image from the container docker load # to create an image from a tar package, and to use docker save # with save to save an image as a tar package Docker history # display the history command to generate a mirror with layers and tag information docker tag # give the mirror an alias

Image Repository (registry) operation:

Docker login # Log in to a registrydocker search # search for images from the registry repository docker pull # download images from the repository to the local docker push # put an image push into the registry repository

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.