Abstract: This article is a basic introduction to Docker. Docker understand the concept and composition, can build a better system in order to learn, you can also digest previous knowledge.
Knowledge Point: Docker use composition principle, Docker container Introduction
Getting introduce a .Docker
What Docker that?
In simple terms, docker is a more convenient than the virtual machine virtualized environment. How convenient? For example, previously thought in a Windows environment running LAMP server, you need to download and install VMWare a kind of virtual machine management tool, then install linux virtual machine, install LAMP environment; now just create a container needs through customized mirror docker ie can.
Container is an important concept of docker. It is similar to a virtual machine, it is a virtualization solution. Is different from the virtual machine, the container directly on top of the operating system kernel running, operating system level virtualization (virtual machine needs through the intermediate layer), and therefore depends on the particular operating system. Docker containers will depend on the Linux system.
Vessel operating efficiency is higher than the number of virtual machines, which means that you can run a lot of container in one machine (VM will not do, it is to simulate hardware, a lot of memory and CPU consumption).
Container itself is complex and difficult to manage and automate the installation, so not widely used before Docker appears. Docker engine and provides a deployment application program, the program may be the developer of a lightweight, quickly and automatically deployed into the vessel, greatly simplifies operations.
Docker's a lot of benefits: low coupling, ease of deployment and shorten the development cycle ... will not repeat them here.
Docker's constitution
· Docker Client (client)
Introduced with the next daemon.
· Docker Daemon (Daemon)
Docker is C / S architecture, the client and server Mysql similar module, may be in a local or remote Server.
Specifically, the client will be sent to your command daemon (Server), executing the daemon returns the results to the client.
· Docker Image (Mirror)
Mirroring is "DNA" container "source code", "class", and the container is relatively "expressed protein", "generated code", "object."
A little bit in terms of depth, Docker's Image is a read-only file system stack, stacked from top to bottom relationship is this:
- Union mount (joint load) - once loading multiple file systems, are read-only. On the outside you can only see a file system, the file system because it is loaded into the layers together.
- rootfs (root file system) - e.g. Ubuntu, CentOS. Traditionally, it is loaded as read-only, read-write mode changes only after verification; Docker and it can only read-only mode.
- bootfs (boot file system) - it allows the program is loaded into memory, then it they have been unloaded. Users will not deal with this layer.
· Docker Container (container)
By mirroring the container starts, it is a mirror image execution unit. A container can only be created by a mirror, but users can execute multiple processes. Mirroring is built and packaged Docker stage of the life cycle, and the container is to start the implementation phase.
Start-up and implementation process:
Docker on the basis of the mirror layer plus a writable layer, on the implementation of our program at this level. At first writable layer is blank, if we want to modify the file read-only layer, it would like persistent data structure (or to be exact, git) as storing your changes. This is the Docker's Copy on Write (copy-on-write) technology.
· Docker Registry (warehouse)
Docker warehouse is divided into public and private.
- Public: DockerHub (extremely slow), mirroring and domestic sources. Mirroring is recommended to use domestic sources, modify tutorial Baidu "Docker domestic use mirroring."
- Private: Docker can build their own warehouses, will be introduced later.
Some miscellaneous
How to install?
Many online tutorials. Recommend a https://www.runoob.com/docker/ubuntu-docker-install.html
Windows installation is too much trouble, you need WSL, you may want to search for tutorial to install or open Hyper-V services. This process also may need to search the Windows 10 Home modifications for the Enterprise Edition tutorial. Please study based on the above items Baidu. In addition, the author of Windows installed Docker failed ... the problem is in the WSL and modify the Windows registry is not compatible with the way Enterprise Edition. So it is not recommended to force Windows to install on a Docker, Linux or Mac are all good choices.
Modify the mirror source?
See online tutorials, this simple than installing more. Be sure to modify the mirror source! Otherwise, speed ...
Two .Docker container related technologies
Container-dependent Linux kernel features what?
· Namespace (namespace)
Namespace is encapsulated thinking. Linux use it to isolate system resources, to achieve lightweight virtualization services. Process two different namespaces, logically separated. Docker provides five namespace:
- PID (Process ID) process isolation
- NET (Network) network management interfaces
- IPC (InterProcess Communication) inter-process communication access management
- MNT (Mount) mount points
- UTS (Unix Timesharing System) isolation and kernel version identification
How to isolate these resources to manage it? It is necessary to use:
· Control Groups (cgroups, control group)
It can be said for the control group born vessel. It has a resource limit [] [] [priority setting resource metering] [resource] and other control functions designed to manage the resources.
These features give the ability which Docker containers?
- File system isolation: Each container can have its own root file system
- Process isolation: Each container run in its own process environment
- Network isolation: between container virtual network interfaces and IP addresses are separated
- The packet resource isolation: CPU and memory resources are allocated to the respective independent Docker containers.