What is a Docker?
The advantage of the Docker
- Docker starts fast in seconds. Virtual machines usually take a few minutes to start.
- Docker requires fewer resources. Docker is virtualized at the operating system level. Docker container interacts with the kernel with almost no performance loss, which is better than virtualization through the Hypervisor layer and the kernel layer.
- Docker is lighter. Docker’s architecture can share a single kernel and shared application libraries with minimal memory. In the same hardware environment, the number of images Docker runs is far more than the number of virtual machines, and the utilization rate of the system is very high.
- Docker is less isolated than virtual machines. Docker is isolation between processes, and virtual machines can achieve system-level isolation.
- Security. Docker’s security is also weaker. The tenant Root of Docker is equal to the host Root. Once the user in the container is promoted from the ordinary user to Root, it will directly have the Root permission of the host, and then it can conduct unlimited operations.
- The Root vm rights of the vm tenant are separated from the Root VM rights of the host, and VMS use Hardware isolation technologies such as Intel VT-D and VT-X Ring-1.
- This isolation technique prevents virtual machines from breaking through and interacting with each other, whereas containers do not yet have any form of hardware isolation, making them vulnerable to attack.
- Manageability. Docker’s centralized management tools are still immature. All virtualization technologies have mature management tools. For example, VMware vCenter provides comprehensive VM management capabilities.
- High availability and recoverability. Docker’s high availability support for business is achieved through rapid redeployment.
- Virtualization has mature guarantee mechanism such as load balancing, high availability, fault tolerance, migration and data protection that has been tested in production practice. VMware can guarantee 99.999% high availability of virtual machines to ensure business continuity.
- Quick creation and deletion. Virtualization creation is at the level of minutes, while Docker container creation is at the level of seconds. Docker’s rapid iteration determines that a lot of time can be saved in development, testing and deployment
- Delivery, deployment. VMS can use images to achieve consistency in environment delivery, but image distribution cannot be systematic. Docker records the container construction process in Dockerfile, which can achieve rapid distribution and rapid deployment in the cluster.
The three basic concepts of Docker
- Image (Image)
- Container (Container)
- Repository
Image (Image)
Container (Container)
Repository
- Public (Public repository)
- Private (Private warehouse)
Docker installation and use
docs.docker.com/install/
raw.githubusercontent. … ig.sh
- MacOS:docs.docker.com/docker-for-…
- Windows:docs.docker.com/docker… …
- Ubuntu:docs.docker.com/instal… …
- Debian:docs.docker.com/instal… …
- CentOS:docs.docker.com/instal… …
- Fedora:docs.docker.com/instal… …
- Other Linux distributions: docs.docker.com/instal… …
- Ali Cloud server (1 core 2G, 1M bandwidth)
- CentOS 7.4 64
$ sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engineCopy the code
$ sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2Copy the code
Install the Docker
$ sudo yum install dockerCopy the code
curl -fsSL get.docker.com -o get-docker.sh
sh get-docker.shCopy the code
Github.com/docker/dock…
docker versionordocker infoCopy the code
$ sudo systemctl enable docker$ sudo systemctl start dockerCopy the code
Docker simple use of Hello World
docker pull library/hello-worldCopy the code
docker imagesCopy the code
docker run hello-worldCopy the code
Docker architecture
- Docker Client
- Docker Daemon
- Docker Image
- Docker Registry
- Docker Container
Docker Client
Docker Daemon
- Docker Server
- Engine
- Job
- Obtain the image from Docker Registry.
- Localization of container images is performed via GraphDriver.
- Configure the container network environment using NetworkDriver.
- Perform execution work that runs inside the container through ExecDriver.
Docker --daemon = trueDocker -d docker -d = trueCopy the code
systemctl daemon-reload
systemctl restart docker.serviceCopy the code
Docker-h Specifies the server IP address infoCopy the code
Docker Image
- Create a mirror from scratch
- Download and use an off-the-shelf image that someone else has created
- Creates a new image on top of an existing image
Docker Registry
Docker Container
How do Docker components collaborate to run containers
- The Docker client runs the Docker run command.
- The Docker Daemon found no local hello-world mirror.
- Daemon downloads images from Docker Hub.
- After downloading, the image hello-world is saved locally.
- Docker Daemon starts the container.
- The Docker client runs the Docker run command.
- Docker Daemon found that there was no local image we needed.
- Daemon downloads images from Docker Hub.
- After the download is complete, the image is saved to the local PC.
- Docker Daemon starts the container.
Common Docker commands
docker pull image_nameCopy the code
docker pull centos:latestCopy the code
docker imagesCopy the code
docker ps -aCopy the code
docker start container_name/container_id
docker restart container_name/container_id
docker stop container_name/container_idCopy the code
docker attach container_name/container_idCopy the code
docker run -t -i container_name/container_id /bin/bashCopy the code
docker ps
docker stop container_name/container_idCopy the code
docker rm container_name/container_idCopy the code
docker rmi image_nameCopy the code
What is Dockerfile
- Base mirror (parent mirror) information instruction FROM.
- MAINTAINER message command.
- Mirror operation instructions RUN, EVN, ADD and WORKDIR, etc.
- Container start commands CMD, ENTRYPOINT, USER, etc.
FROM python:2.7MAINTAINER Angel_Kitty <[email protected]>COPY . /app
WORKDIR /app
RUN pip install -r requirements.txt
EXPOSE 5000ENTRYPOINT ["python"]CMD ["app.py"]Copy the code
- Pull base image of Python 2.7 from Docker Hub.
- Displays information about the maintainer.
- Copy the current directory to the /App directory in the container and Copy the localhost < SRC > (the relative path of the Dockerfile directory) into the container
.
- Specify the working path as /App.
- Install dependency packages.
- Port 5000 is exposed.
- Start the App.
Common directives for Dockerfile
FROM
The FROM python: 2.7Copy the code
MAINTAINER
MAINTAINER Angel_Kitty <[email protected]>Copy the code
COPY
COPY . /appCopy the code
WORKDIR
WORKDIR /appCopy the code
RUN
RUN pip install -r requirements.txtCopy the code
EXPOSE
EXPOSE 5000Copy the code
ENTRYPOINT
- ENTRYPOINT [“executable”, “param1”, “param2”] : Exec form recommended.
- ENTRYPOINT Command param1 Param2: indicates the Shell format.
ENTRYPOINT ["python"]Copy the code
CMD
- CMD [“executable”,”param1″,”param2″] : exec form recommended.
- CMD [“param1″,”param2”] : No executable program form.
- CMD command param1 param2: is in Shell format.
CMD ["app.py"]Copy the code
Build Dockerfile
mkdir static_web
cd static_web
touch DockerfileCopy the code
FROM nginx MAINTAINER Angel_Kitty <[email protected]> RUN echo '<h1>Hello, Docker! </h1>' > /usr/share/nginx/html/index.htmlCopy the code
docker build -t angelkitty/nginx_web:v1 .Copy the code
- -t sets the repository and name for the new image
- Angelkitty is the name of the warehouse
- Nginx_web is the image name
- : v1 is the label (not added as latest by default)
docker run --name nginx_web -d -p 8080:80 angelkitty/nginx_web:v1Copy the code
http://localhost:8080/
www.cnblogs.com/ECJTUA … …