1, docker overview
1. What is docker?
docker is a lightweight "virtual machine", an open source tool for running applications in Linux containers
Docker is an open platform for developing, delivering and running applications. Docker enables you to separate your applications from your infrastructure, allowing you to deliver software quickly.
2. The difference between docker and virtual machine:
docker: less resource consumption, short startup time, shared host kernel, relatively unsafe, a container generally only runs one service
Virtual machine: it occupies a lot of resources, takes a long time to start (a few minutes), and the system is logically isolated and safe, running multiple services
3. Usage scenario of Docker
- Simple deployment of packaged applications
- It can be migrated arbitrarily away from the underlying hardware (realizing the isolation of applications, splitting and decoupling applications), such as the migration of servers from Tencent cloud to Alibaba cloud
- Continuous integration and continuous delivery (CI/CD): development to test release
- Deploy microservices
- Providing PAAS products (platform as a service) {the virtual machine of OpenStack is similar to Alibaba cloud ECS, belonging to IAAS, and Docker (K8S) belongs to PAAS}
4. Core concept and installation of Docker
Remember the three important concepts of docker: image, container and warehouse
Image: a read-only template for docker container engine
Container: run example created from mirror
Warehouse: the place where images are stored centrally
- centos installation Docker
yum -y install yum-utils device-mapper-persistent-data lvm2 ##Dependent package ##Set alicloud image source yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum -y install docker-ce ##Install docker CE systemctl stop firewall iptables -t nat -F setenfroce 0 systemctl start docker systemctl enable docker ##Image acceleration - the speed of image installation will be faster (for this acceleration address, go to aliyun official website to register an account, and each will have an acceleration address. For detailed operations, please refer to my other blogs) tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://cu06xt8l.mirror.aliyuncs.com"] } EOF systemctl daemon-reload ##network optimization vim /etc/sysctl.conf net.ipv4.ip_forward=1 sysctl -p systemctl restart network systemctl restart docker
After completion, you can see that docker has been opened
[root@localhost ~]# netstat -anpt | grep docker tcp6 0 0 :::5000 :::* LISTEN 11261/docker-proxy
Note: the / etc/docker / configuration file cannot be accessed when the docker service is not enabled
2, Image and container management
1. Mirror operation
docker -v or docker version ## view the version information of the container
[root@localhost ~]# docker -v Docker version 19.03.13, build 4484c46d9d [root@localhost ~]# docker version Client: Docker Engine - Community Version: 19.03.13 API version: 1.40 Go version: go1.13.15 Git commit: 4484c46d9d Built: Wed Sep 16 17:03:45 2020 OS/Arch: linux/amd64 Experimental: false ......
docker search mysql ## followed by image name to search for image information
[root@localhost ~]# docker search httpd NAME DESCRIPTION STARS OFFICIAL AUTOMATED httpd The Apache HTTP Server Project 3179 [OK] centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui... 36 centos/httpd 32 [OK] arm32v7/httpd The Apache HTTP Server Project 9 ......
docker pull mysql ## followed by the image name. Download an image
docker push mysql ## upload image
Note: the downloaded image is stored in / var / lib / docker / image / overlay / repositories JSON file
docker images ## view the downloaded image information
[root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat new d90cb5b99f86 3 hours ago 964MB centos 7 7e6257c9f8d8 5 weeks ago 203MB
docker inspect Nginx:latest/id ## view the details of a downloaded image
docker tag nginx:latest nginx:web ## can add a new web tag
You can check with grep
[root@localhost ~]# docker images | grep centos centos 7 7e6257c9f8d8 5 weeks ago 203MB
Two ways to delete a mirror
docker save -o /opt/nginx nginx:latest ## export the image file and store it under opt. The file name is nginx
ls -lh nginx ## view exported Nginx files
Docker load < Nginx ## import Nginx image
2. Container operation
Create container:
[root@localhost ~]# docker create -it centos:7 /bin/bash 8f1de6e31d2787051213495abce7139e448b6347e5acb447745eeb2a62f6728a -i:Keep the standard input of the container open,-t:Give Way docker Assign a pseudo terminal)
View container:
Open container:
Enter container:
Exit exit container
Delete container:
Import and export of containers:
docker export 6c9aabe7b1e5 > nginx_c ## export container named nginx_c
cat nginx_c | docker import - nginx:latest ## container import (image will be generated and container will not be created)
3, docker basic management
1. Creation of docker image
- Create based on an existing image
Package the program and running environment running in the container to generate a new image
docker commit [options] container ID / name warehouse Name: [label]
Create a new image based on the container
//Create container [root@localhost ~]# docker create -it centos:7 /bin/bash f3c66622cb02fdc71376cd3b9aaedbcfe8a601a3eaead689934c6241becbc137 [root@localhost ~]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f3c66622cb02 centos:7 "/bin/bash" 4 seconds ago Created flamboyant_thompson 6a5611fa7576 tomcat:new "/usr/local/tomcat/b..." 3 hours ago Exited (255) 25 minutes ago 0.0.0.0:1217->8080/tcp tomcat01 [root@localhost ~]# docker commit -m "test" -a "daoke" f3c66622cb02 daoke:test sha256:593de737214d0b8bc723f4733ec2eab20f34d8a2a3659b100d1000cb950f924c [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE daoke test 593de737214d 31 seconds ago 203MB tomcat new d90cb5b99f86 3 hours ago 964MB centos 7 7e6257c9f8d8 5 weeks ago 203MB
- Create based on local template
Generate a new image by importing the operating system template file
Use the wget command to import the local image
wget http://download.openvz.org/template/preceated/debian-7.0-x86-minimal.tar.gz After successful import, you can view the local image information docker images | grep new cat debian-7.0-x86-minimal.tar.gz | docker import - daoke:new docker images
- Create based on dockerfile
Dockerfile is a file composed of a set of instructions, which is composed of basic image information, maintenance information, image operation instructions and execution instructions when the container is started.
///Dockerfile operation instruction FROM Image: Specifies the image on which the new image is based. The first instruction must be FROM instructions MAINTAINER Name: describes the maintainer information of the new image RUN Command: Execute the command on the image based on and commit to the new image CMD ["Program to run","Parameter 1","Parameter 2"...] : Specify only one command or script to run when starting the container CMD command EXPOSE Port number: Specifies where the new image is loaded Docker Port to open when (internal port) ENV Environment variable value: setting the value of an environment variable will be RUN use ADD source file/Directory target file/Directory: copy the files in the virtual machine to the image (you can also decompress the compressed package) COPY source file/Directory target file/Directories: copying in a mirror VOLUME ["catalogue"] : Create a mount point in the container USER user name/UID : Specifies the user who runs the container WORKDIR route: For subsequent RUN,CMD,ENTRYPOINT assign work directory ONBUILD Command: Specifies the command to run when the generated image is used as a base image HEALTHCHECK : health examination
Example: create an apache image
mkdir apache cd apache vim Dockerfile ##Create a Dockerfile with fixed format FROM centos:7 MAINTAINER this is apache web RUN yum -y update RUN yum -y install httpd EXPOSE 80 ADD index.html /var/www/html/index.html ADD run.sh /run.sh RUN chmod 755 /run.sh CMD ["/run.sh"] vim run.sh rm -rf /run/httpd/* exec /usr/sbin/apachectl -D FOREGROUND echo "<h1>this is test web</h1>" > index.html docker build -t httpd:centos . ##Generate image docker run -d -p 80:80 httpd:centos ##New mirror run container
2. Data management of docker
- Data volume: data sharing between container and virtual machine
##Generate container based on centos image and enter web1 container docker run -d -v /var/www:/data1 --name web1 -it centos /bin/bash
The / var/www / directory of the host is shared with / data1 of the container
- Data volume container: data sharing between containers
##Create a container named web100 and connect / data1 and / data2 directories docker run --name web100 -v /data1 -v /data2 -it centos /bin/bash ##The newly created container named db1 is associated with two directories of web100 docker run -it --volumes-from web100 --name db1 -it centos /bin/bash
3. Establishment of private warehouse
Mirror port 5000
docker pull registry ##Dependent image vim /etc/docker/daemon.json { "insecure-registries": ["192.168.130.20:5000"], ##Provide space as private warehouse ""registry-mirrors": ["https://cu06xt8l.mirror.aliyuncs.com"]" } systemctl restart docker docker create -it registry /bin/bash ##Load the registry image as a container docker ps -a docker start 231d40e811cd ##open ##The / data/registry of the host automatically creates / tmp/registry in the mount container docker run -d -p 5000:5000 -v /data/registry:/tmp/registry registry ##Change the tag to 192.168.130.20:5000/httpd docker tag httpd:latest 192.168.130.20:5000/httpd docker push 192.168.130.20:5000/httpd ##Upload image ##Get private warehouse list curl -XGET http://192.168.130.20:5000/v2/_catalog ##Download Image from private warehouse docker pull 192.168.130.20:5000/httpd ##Test private warehouse Download Image
4. Port mapping
docker run -d -P httpd:centos ##-P randomly maps an external port number docker run -d -p 49280:80 httpd: centos ##Fixed mapping an external port number
5. Container interconnection
Interconnection between containers
docker run -itd -P --name web1 centos /bin/bash ####Create and run the container named web1, and the port number is automatically mapped ##Create and run a container named web2, connect to web1 and communicate with it docker run -itd -P --name web2 --link web1:web1 centos /bin/bash enter web2 container ping web1