Docker is a process isolation technology based on Cgroup and Namespace of Linux kernel, which is a virtualization technology at the operating system level. Processes are called containers because they are separated into separate Spaces on the host, like a separate container that isolates them from the outside world.

The biggest difference between Docker container and traditional virtualization technology is that the traditional virtualization technology virtualizes a set of hardware on the host machine, runs a complete operating system on it, and then runs user processes on the system, which is a virtualization technology at the hardware level. Docker is a virtualization technology at the operating system level, which does not require virtualization hardware. All containers on the same host machine share the hardware and operating system kernel of the host machine, but isolate the running environment and storage space of the process in the user state. Therefore, for upper users, a container is like an independent host. The figure below is a comparison picture on docker’s official website. The left side describes docker container technology, while the right side describes traditional virtual machine technology.

This difference makes the docker compared with the traditional virtualization technologies are much more lightweight, to start a virtual machine takes up several G to G of disk space, need time is a few minutes to ten minutes, and start a container are usually only a few hundreds of M, M to start the speed can be done in a second class time.

There are three most important concepts in Docker: images, containers, and repositories. Understand these three concepts and use the basic container. First of all, you can think of a container as a Linux host that will start the required processes, such as a Redis container that will start a Redis server. Starting a container requires an image, similar to installing a Linux installation package, which you can imagine being the container’s installation package. Finally, the repository is the place where images are stored. Conveniently, images can be downloaded from this repository with only one command, just like apt-get is convenient for installing software.

Using a mirror

You need images to build containers, so let’s look at images first.

Download the image — Docker Pull

To download the image, use the docker pull command. The command format is as follows:

docker pull [OPTIONS] NAME[:TAG|@DIGEST]
Copy the code
  • You can use docker pull –help to query help information
  • In OPTIONS, the -a option indicates that the image of all labels is pulled, and the -q option indicates that the output information is not printed to the screen
  • The NAME ofWarehouse name/Mirror name: label nameThe format consists of the warehouse name, which is not from the default warehouselibraryPull, that is, the official image, the image name must have, the label name does not have the default pulllatestMirror image of the label. An image with the same image name can have multiple labels. Generally, one label is added with each version update.latestThe tag is the latest mirror image.

For example, you can download an Ubuntu image labeled 18.04 like this:

$docker pull Ubuntu :18.04 18.04: Pulling from library/ Ubuntu BF5d46315322: Pull complete 9f13e0AC480c: Pull complete e8988b5b3097: Pull complete 40af181810e7: Pull complete e6f7c7e5c03e: Pull complete Digest: sha256:147913621d9cdea08853f6ba9116c2e27a3ceffecf3b492983ae97c3d643fbbe Status: Downloaded newer imageforUbuntu: 18.04Copy the code

List images — Docker image ls

The docker image ls command lists all images that have been downloaded. Many commands in Docker are similar to those in Linux, so it can be used by analogy. There are commands such as rm, ls and ps in Docker. You can also use docker image –help to view the help information for the commands you will learn more about.

$Docker Image ls REPOSITORY TAG Image ID CREATED SIZE Zookeeper latest e41846a619F5 17 hours ago 224MB Ubuntu 18.04 Cf0f3ca922e0 3 days ago 64.2MB Ubuntu latest CF0f3CA922e0 3 days ago 64.2MB redis latest F7302e4AB3a8 2 months ago 98.2MB Hello - World latest FCE289e99eb9 9 months ago 1.84kBCopy the code

The list contains the warehouse name, label, image ID, creation time, and image size. The docker image ls command displays the size of a complete image. However, since images are stored in layers, if different images use the same layer, this layer will only store one copy of data, and all images are shared, so the actual space occupied by the image is smaller than the displayed space.

Delete image — docker image rm

The docker image rm command can delete an image. This command is used together with the docker image ls command. The docker image rm command is used in the following format:

docker image rm [OPTIONS] IMAGE [IMAGE...]
Copy the code
  • usedocker image rm --helpYou can view the help information
  • OPTIONS: –force/-f Forcible deletion
  • The image can be the image name, the image name with a label, or the image ID

For example, you can delete an Ubuntu image labeled “Latest” like this:

$docker image rm Ubuntu :latest Untagged: Ubuntu :18.04 Untagged: ubuntu@sha256:a7b8b7b33e44b123d7f997bd4d3d0a59fafc63e203d17efedf09ff3f6f516152 Deleted: sha256:cf0f3ca922e08045795f67138b394c7287fbc0f4842ee39244a1a1aaca8c5e1c Deleted: sha256:c808877c0adcf4ff8dcd2917c5c517dcfc76e9e8a035728fd8f0eae195d11908 Deleted: sha256:cdf75cc6b4d28e72a9931be2a88c6c421ad03cbf984b099916a74f107e6708ff Deleted: sha256:b9997ded97a1c277d55be0d803cf76ee6e7b2e8235d610de0020a7c84c837b93 Deleted: sha256:a090697502b8d19fbc83afb24d8fb59b01e48bf87763a00ca55cfff42423ad36Copy the code

Untagged and Deleted During docker image RM execution, two cases, Untagged and Deleted, occur. A mirror (not only with the same name but also with the same meaning) can have multiple labels. When the rm command is executed, the specified label is removed first. The mirror is deleted only when the removed label is the last one. In addition, because the image is stored hierarchically, the image to be deleted may be the base layer of another image, and deleting this image may also cause problems for the dependent party. Therefore, if another image depends on this image, this image will not be deleted. Also, if other containers depend on the image, you cannot delete it, because deleting the image will inevitably cause the container to fail.

Container operation

Run the container — Docker Run

There are two ways to run a container, either by creating a new container and starting it, or by starting a terminated container.

The docker run command is used to create a new container and start it.

docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Copy the code

For example, the following command creates and runs a container from an Ubuntu image, and then executes the /bin/bash command.

$ docker run -it ubuntu /bin/bash
Copy the code

Common command options are as follows:

  • The -i option turns container standard input on to accept keyboard input
  • The -t option causes Docker to assign a dummy terminal, bound to standard input. This pseudo-terminal allows you to manipulate the container as if it were a Linux machine.
  • The –name < container name > option specifies a name for the container
  • -d allows the container to run in the background. What is background running
  • The -rm option allows the container to be destroyed automatically upon termination

After starting a container with this command, you can operate the container as if it were a normal Ubuntu machine. You can try executing some Linux commands in this container.

root@e7cd5bc73508:/# ps
  PID TTY          TIME CMD
    1 pts/0    00:00:00 bash
   10 pts/0    00:00:00 ps

root@e7cd5bc73508:/# ls
bin  boot  dev  etc  home  lib  lib64  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
Copy the code

Note that for a container that starts in interactive mode, when the interaction terminates, the container exits.

Docker container start starts a terminated container in the following format:

docker container start [OPTIONS] CONTAINER [CONTAINER...]
Copy the code

To start a container, you need to know the container ID as an argument to Docker Container start. Here’s how to view the container.

Query container status — docker container ls

Docker Container ls lists all running containers

Docker container ls -a lists all containers, including terminated containers

The container information listed includes:

  • CONTAINER ID (CONTAINER ID), which is the unique identifier of a CONTAINER. Commands that operate containers need to carry this identifier
  • Dependent IMAGE name (IMAGE)
  • Commands executed
  • Time CREATED (CREATED)
  • The STATUS of the container, UP is the running state and Exited is the terminated state
  • Exposed PORTS
  • The name of the container. You can specify the name of the container with the –name option when starting the container. If not, a default name is generated

Stop the container — Docker container stop

Using the docker container stop command, you can stop a running container

A terminated container can be started using the Docker container start command. The Docker container restart command terminates the container and then starts it.

Daemon operation

Most of the time you need the container to run in the background without printing the output to the host host. In this case, you can use the -d parameter.

Start the following container without using the -d option as follows:

$ docker run ubuntu /bin/bash -c "while true; do echo hello world; sleep 1; done"
hello world
hello world
hello world
hello world
hello world
Copy the code

Starting the container with the -d option looks like this:

$ docker run -d ubuntu /bin/bash -c "while true; do echo hello world; sleep 1; done"
574ee145e9ca501639a233601efe9574a356a8d7bdef461d240b2212b6aeaf77
Copy the code

Only the container ID is printed on the host terminal. To view the output of the container, use the docker container logs command. The last container ID parameter is omitted in this article. The method to query the container ID is described in the previous section. To continuously obtain the output of the container, use the docker container logs -f command.

Into the container

After the -d parameter is used to start the container, the container runs in the background. If you need to enter the container, you can use the Docker attach command or the Docker exec command. The Docker exec command is recommended for the reasons explained below.

docker attach

$ docker run -it -dubuntu 2b10efdeaa9f0f24f0060bf636cc8f1bae9598f5e0176b498447a7b63ea10d06 $ docker container ls CONTAINER ID IMAGE COMMAND  CREATED STATUS PORTS NAMES 2b10efdeaa9f ubuntu"/bin/bash"   13 seconds ago      Up 11 seconds                      cocky_golick

$ docker attach 2b10efdeaa9f
root@2b10efdeaa9f:/# 
Copy the code

Using the attach command, if you exit from the terminal, the container will also terminate, which is why using the attach command is not recommended.

docker exec

$ docker run -it -dubuntu 61299a9b910b029f9a8667131a45aff92fbc35633e4f86c8fcfb72e6362c5115 $ docker container ls CONTAINER ID IMAGE COMMAND  CREATED STATUS PORTS NAMES 61299a9b910b ubuntu"/bin/bash"     6 seconds ago       Up 5 seconds                    friendly_hawking

$ docker exec -it 61299a9b910b /bin/bash
Copy the code

Using the exec command, new pseudo-terminals can be generated to interact with the container, so exiting does not cause the container to exit.

Remove the container

The docker container rm command is used to delete a container. To delete a running container, run the docker container rm -f command.

To clear all terminated containers, use the docker container prune command.

Access to the warehouse

  • docker loginLog in to the Docker Hub repository
  • docker logoutLog out
  • Docker search < keyword >Search the mirror
  • docker pullDownload the image from the repository
  • docker pushPush the local repository to the remote repository

Here’s an example of how to use these commands:

$ docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username: xxx Password: xxx WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded $ docker pull Hello-world # Generate a new tag for the mirror hello-world, $docker tag hello-world:latest oscarwin/hello-world:3.0 $docker push oscarwin/hello-world $docker push oscarwin/hello-worldCopy the code