Welcome to visit netease Cloud Community to learn more about Netease’s technical product operation experience.
virtualization
It is a resource management technology that abstracts and transforms all kinds of computer resources to present them, breaking the uncut barriers between entity structures, and enabling users to use these resources in a better way than originally possible.
Hypervisor
-
An intermediate software layer that runs between the underlying physical server and the operating system, allowing multiple operating systems and applications to share hardware.
-
The Hypervisor captures CPU instructions and acts as an intermediary for instructions to access hardware controllers and peripherals.
Two kinds of model
-
Local virtualization hypervisors run directly on hardware, and on hypervisors are virtual machines
-
Requires hardware support
-
The virtual machine monitor acts as the primary operating system
-
High operating efficiency
-
The characteristics of
-
Host virtualization hypervisors run on top of operating systems
-
The VMM runs as an application on the main operating system
-
The operating efficiency is generally lower than that of local virtualization
-
The characteristics of
Several kinds of classification
-
Hardware emulation
Convert services from one OS (Host) to another OS (Guest) -
Analog commands are required and very slow
-
The Guest OS does not need to be modified to validate its own actual code without waiting until the hardware is actually available
-
advantages
-
disadvantages
-
Full virtualization
Virtual machine-sensitive instructions are captured and processed between the hardware and the Guest OS, enabling the Guest operating system to run without modification
+ Advantages + Guest OS does not need to be modified, both speed and functionality are very good + Disadvantages + Performance of the all-virtual product based on Hosted mode is not particularly goodCopy the code
-
paravirtualization
The Guest OS running on the Hypervisor has integrated paravirtual-related code, including drivers needed to shorten the hardware access process. This way, it does not need to recompile and capture privileged instructions. Performance similar to physical machine
+ Advantages + Compared to full virtualization, the architecture is more streamlined and the processing overhead can be minimized by modifying the Guest OS. + Disadvantages + The Guest OS needs to be modifiedCopy the code
-
Hardware-assisted virtualization Intel/AMD hardware manufacturers integrate optimized hypervisor instruction sets to improve performance (Intel VT, AMD AMD-V)
-
By introducing hardware technology, virtualization technology is closer to physical machines
-
advantages
-
Operating system-level Virtualization Operating systems provide a group of Spaces that are isolated from each other, and applications are restricted to each user space
+ advantage + has almost no overhead, because only OS and host are shared and not through virtual machines + disadvantage + lack of flexibility, cannot be implemented on any OS, users sharing host and OS need to pay attention to versionCopy the code
Virtualization vs. container differences
Benefits of Virtualization
-
Higher resource utilization
-
Reduce administrative costs
-
Increased flexibility
The advantage of the Docker
-
Lightweight, fast start speed in seconds
-
Simple, easy-to-use, active community
-
Standard unified package, deployment, operation scheme
-
Images support incremental distribution and are easy to deploy
-
Performance, especially memory and IO overhead
Overview of virtualization products
Docker container combat
Build, Ship, and Run Any App, Anywhere
The installation
Docker Toolbox
Toolbox uses Machine and VirtualBox to create an engine in the virtual Machine to run the container
Docker For MAC
-
Hypervisor Framework
-
OSX 10.10.3 and above
-
Mac 2010 and later (requires CPU support for EPT)
-
Lightweight OS X virtualization solution
-
Provides C apis for virtualizing technology interactions on the client side
-
Support version
-
Bhyve FreeBSD virtual technology
-
xhyve
-
Based on hypervisor. framework, fully run in user mode
-
Small 230K, independent of other software and libraries
-
It’s an OS X port for Bhyve, giving you an option to play Linux on the Mac
-
HyperKit is based on Xhyve/Bhyve, built on hypervisor. framework, a lightweight virtualization toolkit running on OSX, which is the core component of Docker For MAC
Operation demo
Viewing Environment Information
-
docker info
-
docker version
Life cycle management
-
docker create
-
docker run
-
docker start
-
docker stop
-
docker restart
-
docker pause
-
docker unpause
-
docker rm
-
docker kill
-
docker exec
Mirror Warehouse command
-
docker login
-
docker logout
-
docker pull
-
docker push
-
docker search
Image management
-
docker images
-
docker rmi
-
docker commit
-
docker build
-
docker tag
Operational command
-
docker attach
-
docker inspect
-
docker port
-
docker rename
-
docker stats
-
docker top
Resource management
-
docker volume
docker run -itd -v /volumedata:/volume --name busybox-volume busyboxdocker volume create --name hellodocker run -it -v hello:/world --name busybox-volume-hello busyboxCopy the code
-
docker network
The system log
-
docker history
-
docker logs
docker-machine
Deploying common Systems
-
The deployment of advisor monitoring (http://192.168.64.4:8080/containers/)
docker run \ --volume=/:/rootfs:ro \ --volume=/var/run:/var/run:rw \ --volume=/sys:/sys:ro \ --volume=/var/lib/docker/:/var/lib/docker:ro \ --publish=8080:8080 \ --detach=true \ --name=cadvisor \ google/cadvisor:latestCopy the code
-
Deploying private warehouse (http://192.168.64.4:8080/containers/)
docker run -d -p 50001:5000 \ --restart=always \ -v ~/dockermapping/registry:/var/lib/registry \ --name registry registryCopy the code
-
Deploy jinkins (mydocker.com: 8089 /)
docker run -d --restart=always \ -p 8089:8080 \ -u root \ -v ~/dockermapping/jenkins:/var/jenkins_home \ --name jenkins jenkinsCopy the code
-
Set up the trusted repository and mirror repository
/etc/default/docker/var/lib/boot2docker/etc/sysconfig/dockerCopy the code
Dockerfile build
Dockerfile is a script that describes the image creation process
Example 1: Build a JDK8 image FROM centos:latest MAINTAINER CZL ADD JDK-8U131-linux-x64.tar. gz /opt RUN ln-s/opt/jdk1.8.0_131/ /opt/ JDK ENV JAVA_HOME /opt/ JDK ENV PATH$JAVA_HOME/bin;$PATHCMD /opt/ JDK /bin/ Java -version Build an nginx image with Consul template FROM nginx:1.13.1MAINTAINER CZL RUN apt-get update RUN apt-get-qqy install wget unzip vim iputils-ping curl RUN wget https://releases.hashicorp.com/consul-template/0.18.3/consul-template_0.18.3_linux_amd64.zipRUN unzip Consul-template_0.18.3_linux_amd64. zip RUN mv consul-template /usr/local/bin/ADD ./start.sh /usr/local/bin/start.sh
RUN chmod +x /usr/local/bin/start.sh
CMD [ "/usr/local/bin/start.sh" ]Copy the code
Maven plugin build
< plugin > < groupId > com. The company < / groupId > < artifactId > docker maven - plugin < / artifactId > < version > 0.4.13 < / version > <executions> <execution> <id>build-image</id> <phase>package</phase> <goals> <goal>build</goal> </goals> </execution> </executions> <configuration> <imageName>${docker.registry}/${project.artifactId}:${project.version}</imageName>
<dockerDirectory>${project.build.outputDirectory}</dockerDirectory> <! - < dockerHost > https://192.168.99.100:2376 < / dockerHost > -- > <! --<dockerCertPath>${basedir}/certs</dockerCertPath>-->
<resources>
<resource>
<directory>${project.build.directory}</directory>
<include>${project.build.finalName}.jar</include>
</resource>
</resources>
</configuration></plugin>Copy the code
Docker Compose choreography
version: '2'services:
consul-server: hostname: consul-server image: consul mem_limit: 640m ports:
- "8400:8400"
- "8500:8500"
- "8600:53/udp"
nginx-server: hostname: nginx-server image: mydocker.com:50001/nginx-consul-template ports:
- "81:80" volumes:
- ~/xuexibao/czllearnworkspace/document/docker-compose/nginx-consul-template/mapping/:/data command: [sh,"/data/start.sh"]networks: default: external: name: eureka-networkCopy the code
Docker container Principles and Practices (part 2)
This article comes from netease practitioner community, authorized by the author Chen Zhiliang.
React Server Rendering — isomorphic rendering of netease Aesthetics main site