1. What problems does container technology solve?
Solved the communication between developers and operation personnel
- Container images are lightweight, executable, stand-alone packages that contain everything you need to run your software: code, runtime environment, system tools, system libraries, and Settings.
- Containerized software is suitable for Linux – and Windows-based applications and runs consistently in any environment.
- Containers help reduce conflicts between teams running different software on the same infrastructure by giving software independence from external environmental differences (for example, differences in development and rehearsal environments).
Containers in a word: Containers are packages of software into standardized units for development, delivery, and deployment.
2. What technologies are used at the bottom of Docker?
- Namespace: do isolation PID, NET, IPC, MNT, UTS
- Control groups: sets resource limits
- Union File Systems: Layering containers and images
3. What is the difference between containers and virtual machines?
- Container is isolation at the APP level, virtualization is isolation at the physical level.
- Containers take up less space (container images are usually only a few tens of megabytes in size) and can be started instantaneously.
- Each VM contains a complete set of operating systems, one or more applications, the necessary binaries, and library resources, and therefore takes up a lot of space. VM startup is also relatively slow.
What is DevOps?
DevOps is a culture, movement, or practice that values communication and cooperation between “software Development” and “IT Operations.” Build, test, and release software quickly, frequently, and reliably by automating the process of software delivery and architecture change. Specifically, it aims to improve the efficiency of communication and collaboration during software delivery and deployment, with the aim of delivering higher quality products faster and more reliably.
5. What is the difference between image and Container?
image
- A collection of files and meta data
- Each layer can add changes to delete files to become a new Image
- Different images can share the same layer
- This object is read-only
container
- Create from image
- Create a Container Layer on top of the Image Layer (read-write)
Image stores and distributes the app, and Container runs the app
How do I stop all running containers?
docker rm `docker ps -aq`
Copy the code
7. How to delete all stopped containers?
# delete all stopped containers
docker rm $(docker ps -a -f"status=exited" -q)
# or
docker ststem prune
Copy the code
8, Dockerfile COPY and ADD difference?
The format and nature of the ADD instruction and COPY are basically the same. But there are some features added to COPY, which can automatically unzip files.
Also note that the ADD directive invalidates the image build cache, which can make image builds slow.
Therefore, when choosing between COPY and ADD directives, you can follow the principle that COPY is used for all file copies and ADD is used only when automatic decompression is required.
9. How do container ports map to host?
All container connections to the external network, the source address will be NAT to the local system IP address. This is done using iptables source address forwarding.
Ubuntu16.04 to do the experiment, the reference is as follows:
Create a nginx service with Docker:
docker run -p 9999:80 -d nginx
Copy the code
The nginx container is running:
To view the current firewall using iptables, run:
iptables -t nat -nL
Copy the code
172.17.0.5:80 in the Chain DOCKER is forwarded to port 9999 on the host
10. Why can two containers ping each other?
With the ability of network bridge, VETH.
The Docker service creates a docker0 bridge by default, and all containers are linked to this bridge by default via veth.
Feel good can starThe repoWatch for more.