Docker initial

What is Docker

Docker open source project background

Docker container is based on open source projects Go language of which was born in early 2013, the company originally initiator is dotCloud Docker since the open source widespread industry attention and participation, there are more than 80 open-source-related group
member projects (including Containerd Moby Swarm, etc.), gradually forming a complete ecosystem surrounding Docker containers; dotCloud has also rapidly developed and expanded, and was directly renamed Docker Inc at the end of 2013, and focused on the development of Docker related technologies and products, which has now become a global The largest Docker container service provider, the
Docker project, has added the Linux Foundation and follows the Apache protocol. All open source code is maintained at https: // github com / docker project warehouse. The Linux Foundation ’s most recent "most popular open source project" "In the survey, Docker was second only to the Open Stack project launched in 2010, and it is still in an upward trend. In 2014, the number of Docker image downloads reached one million, directly exceeded one billion in 2015, and even more in 2017. Amazing tens of billions of times

Linux kiln to Doker

On the basis of LXC, Docker has optimized the container experience and let it enter the home of ordinary people. First, Docker provides various container management tools (such as distribution, version, porting, etc.), so that users do not need to pay attention to the underlying operations, more Simple and clear management and use of containers; Secondly, Docker reduces the difficulty of migration through the construction of an attractive layered file system and an efficient mirroring mechanism, which greatly improves the user experience. Operating a Docker container is as simple as operating the application itself.
The early Docker code implementation was directly based on LXC 0.9 version. Docker developed the li bcotai er project as a broader container-driven implementation, thus replacing the LXC implementation. At present, Docker is also actively promoting the establishment of the rune standard project, which is well contributed to The Open Container Alliance attempts to make container support no longer limited to the Linu operating system, but more secure, more open, and more gender-extensive.

Why use Docker

For developers and operators (DevOps), the most coveted effect may be to create or configure at a time, and then to run the application in any place and at any time, and Docker is just the "Swiss army knife" that can achieve this ultimate goal. "Specifically, during development and operation and maintenance, Docker has the following advantages:

• Faster delivery and deployment using Docker, developers can use images to quickly build a standard development environment; after development is complete, test and operation and maintenance personnel can use the exact same environment to deploy code as long as it is developed and tested code , You can ensure that running Docker seamlessly in the production environment can quickly create and delete containers, achieve rapid iteration, save a lot of time in development, testing, and deployment. The entire process is visible throughout, making it easier for the team to understand the application creation and work process.

• More efficient resource utilization Running Docker containers does not require the support of additional virtualization management programs (Virtual Machine Manager, VMM, and Hypervisor). Docker is a kernel-level virtualization that can achieve higher performance and additional resources. The demand is very low. Compared with the traditional virtual machine mode, the performance of Docker should be improved by 1-2 orders of magnitude.

• Easier migration and expansion of Docker containers can run on almost any platform, including physical machines, virtual machines, public clouds, private cloud personal computer servers, etc., while supporting mainstream operating system release versions of this compatibility allows users to Easily migrate applications between different platforms.

• The simpler update management uses Dockerfile, which only needs a small configuration modification, which can replace a large amount of update work in the past. All modifications are distributed and updated in an incremental manner, thereby achieving automated and efficient container management.

Docker and virtualization

characteristic	Docker	virtual machine
Running form	Run directly on the host's kernel, different containers share the same Linux kernel	Run on Hypervisior
Concurrency	One host can start hundreds of containers	Up to dozens of virtual machines
performance	Local process close to host	Inferior to the host
Resource utilization	high	low
Isolation	Safe isolation	Completely isolated

Docker core concepts

• Image

• Container

• Repository (Reposit)
  only understand these three core concepts in order to successfully understand the entire life cycle of Docker containers

• Docker image
  Docker image is similar to a virtual machine image, it can be understood as a read-only template.
  For example, an image can contain a basic operating system environment in which only Apache applications (or other software required by the user) are installed. It can be called an Apache image.
  Images are the basis for creating Docker containers

• Docker containers
  Docker containers are similar to a light-weight sandbox. Docker uses containers to run and isolate application
  containers. Application containers are created from image running instances of the application. It can be started, started, and deleted. These containers are isolated from each other. It can be seen that the container can be regarded as a simple version of the Linux system environment (including root user permissions, process space, user space and network space, etc.) and the box in which the applications running in it are packaged.

• Docker warehouse
  A place to store images. The warehouse is divided into public warehouse and private warehouse. The largest public warehouse is Docker hub (hub.docker.com), the domestic public warehouse (dockerpool.com)

Docker architecture

Docker uses a client-server (C / S) architecture pattern and uses remote APIs to manage and create Docker containers.
Docker containers are created from Docker images.

Architecture One

• distribution is responsible for interacting with the docker registry, uploading bath image and source data related to v2 registry

• The registry is responsible for interactive operations related to identity authentication, mirror search, mirror verification, and management registry mirror related to the docker registry

• image is responsible for storage and search related to the mirror source data, mirror layer index, search, and import and export operations related to the mirror tar package

• The reference is responsible for storing the repository and tag names of all local mirrors, and maintaining the mapping relationship with the mirror id

• The layer module is responsible for the addition, deletion and modification of the image layer and container layer source data, and is responsible for mapping the addition, deletion and modification of the image layer to the graphdriver module that actually stores the image layer file

• graghdriver is the executor of all operations related to container mirroring

Architecture 2

This architecture diagram makes the architecture clearer

• docker daemon is the server side of the docker daemon, which can be remote or local. Isn't this a C / S architecture? The client Docker client communicates through the rest api

• docker cli is used to manage containers and images. The client provides a read-only image, and then multiple containers can be created through the image. These containers can be just an RFS (Root file system root file system), or an application containing user applications. RFS, the container is just for the process in the docker client, the two processes are not visible to each other

• The user cannot directly interact with the server, but can interact through the bridge with the container. Because it is an operating system-level virtual technology, the intermediate loss can be almost unskilled

Docker installation

surroundings

• Centos7 Going Out

Configure NIC forwarding

## 配置网卡转发,看值是否为1
$ sysctl -a |grep -w net.ipv4.ip_forward
net.ipv4.ip_forward = 1

## 若未配置，需要执行如下
$ cat <<EOF >  /etc/sysctl.d/docker.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward=1
EOF
$ sysctl -p /etc/sysctl.d/docker.conf

Yum install docker

## 下载阿里源repo文件
curl -o /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

## yum安装
yum install -y docker-ce
## 查看源中可用版本
yum list docker-ce --showduplicates | sort -r
## 安装指定版本
yum install -y docker-ce-18.09.9

## 配置源加速
mkdir -p /etc/docker
vi /etc/docker/daemon.json
{
  "registry-mirrors" : [
    "https://dockerhub.azk8s.cn",
    "https://reg-mirror.qiniu.com",
    "https://registry.docker-cn.com",
    "https://ot2k4d59.mirror.aliyuncs.com/"
  ]
}

## 设置开机自启
systemctl enable docker  
systemctl daemon-reload

## 启动docker
systemctl start docker 

## 查看docker信息
docker info