Docker Contrast VM
Docker's Network Model
Dokcer provides communication between containers by using Linux bridges. Docker has four network modes
They are the following four modes
- Host mode, specified using -- net=host.
- Container mode, specified using -- net=container:NAMEorID.
- None mode, specified using -- net=none.
- Bridge mode, specified with -- net=bridge, default configuration
host mode
If the container uses host mode, the container will not get a separate Network Namespace, but share a Network Namespace with the host. Containers will not virtualize their own network cards and configure IP, etc., but use the host's IP and ports. It's the same as running directly in the host. But the container's file system, process list, etc. are still isolated from the host.
container mode
This pattern specifies that the newly created container and an existing container share a Network Namespace rather than the host. The newly created container does not create its own network card and configure IP, but shares IP, port range, etc. with a specified container. Similarly, the two containers are still isolated except for the network.
none mode
This pattern is different from the first two. The Docker container has its own Network Namespace, but the Docker container has no network configuration. Instead, we need to manually add network cards, configure IP, etc. to the Docker container.
bridge mode
This mode is the default network setting for Docker, which assigns Network Namespace to each container and connects a Docker container on a host to a virtual bridge.
Running container
[root@centos7 ~]# docker run -d -P nginx #- d Start to Background 6135db66a7d7c1237901a79974f88f1079b3d467c14ce83fc46bc6b4eb8b3240 [root@centos7 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6135db66a7d7 nginx "nginx -g 'daemon off" 33 seconds ago Up 31 seconds 0.0.0.0:32769->80/tcp, 0.0.0.0:32768->443/tcp gigantic_meitner
Random one port to automatically map 80
Parameter description
- Docker-P random port mapping
- Docker-p Specified Port Mapping
- -p hostport:containerport
- -p ip:hostport:containerport
Example illustrate
[root@centos7 ~]# docker run -d -p 81:80 nginx 3ca9f847bebec3684952b0f2c081d31f84b9489de50b635246d9a592cc06d46c [root@centos7 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3ca9f847bebe nginx "nginx -g 'daemon off" 8 seconds ago Up 6 seconds 443/tcp, 0.0.0
Start container services can be accessed through specified ports
Docker Data Storage
docker manages data in two ways:
- Data volume
- Data Volume Container
Data volume
A data volume is a directory or containers specifically designated to bypass Union File System to provide some useful functionality for persistence or data sharing:
- Data volumes can be shared and reused between containers
- Data volume data changes are directly modified
- Volume data changes will not be included in the container
- Data volumes are persistent until no container uses them
Parameter description
- - v/data mounts the data directory directly into the container/data directory
- - v src:dst mounts physical machine directory to container directory
Example operation
[root@centos7 ~]# docker run -it --name test-001 -v /data centos [root@4578675314b9 /]# ls -l /data/ total 0 [root@centos7 ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4578675314b9 centos "/bin/bash" 2 minutes ago Up 2 minutes test-001 [root@centos7 ~]# docker inspect 4578675314b9 "Mounts": [ { "Name": "ab2f85f900a68813c4fdbf3b0fe88242247e7e8320bb75035b1367ab82804115", "Source": "/var/lib/docker/volumes/ab2f85f900a68813c4fdbf3b0fe88242247e7e8320bb75035b1367ab82804115/_data", "Destination": "/data", ##You can see that the storage directory in the container is mounted to / data "Driver": "local", "Mode": "", "RW": true, "Propagation": "" } ], [root@centos7 ~]# cd /var/lib/docker/volumes/ab2f85f900a68813c4fdbf3b0fe88242247e7e8320bb75035b1367ab82804115/_data ###This is the catalogue of physical machines. [root@centos7 _data]# ll total 0 [root@centos7 _data]# mkdir test
View data in containers
[root@4578675314b9 /]# cd /data/ ###This is the catalogue in the container. [root@4578675314b9 data]# ll total 0 drwxr-xr-x 2 root root 6 Apr 10 08:54 test
You can see that there is also a test directory just created by the physical machine under the container's data directory.
You can also mount it using the following methods
docker run -it -v /data1:/mnt centos
The former is the physical machine directory (which is automatically created on the physical machine after mounting) and the latter is the container directory.
[root@centos7 ~]# docker run -it -v /data1:/mnt centos [root@425569ce9eef /]# cd /mnt/ [root@425569ce9eef mnt]# ll total 0 [root@centos7 ~]# cd /data1/ [root@centos7 data1]# echo "hello">test.txt [root@centos7 data1]# ll total 4 -rw-r--r-- 1 root root 6 Apr 10 17:09 test.txt [root@centos7 data1]# cat test.txt hello
Check whether the container directory has files and contents
[root@425569ce9eef mnt]# ll total 4 -rw-r--r-- 1 root root 6 Apr 10 09:09 test.txt [root@425569ce9eef mnt]# cat test.txt hello [root@425569ce9eef mnt]# pwd /mnt [root@425569ce9eef mnt]# hostname 425569ce9eef
This method is suitable for developing code management. The code directory is mounted directly into the container and can be accessed by modifying the WEB site directory.
docker run -it -v /data2:/opt:ro centos #Specify read-only permissions for mounting docker run -it -v /data2:/opt:rw centos #Specify read and write permissions to mount docker run -it -v /root/file1:file1 centos #Mount a single file to the container directory
The Way of Container Volume
--volumes-from # directory for using other containers
[root@centos7 ~]# docker run -d --name mydocker -v /data centos 4f243ada709ee87d8f1e50bf13ab225c8dfd6b38f7dad97fa84ab0cb3d7d517b [root@centos7 ~]# docker run -it --name mynfs --volumes-from mydocker centos [root@82a489adb07a /]# ll /data/ total 0
At this point, enter the mydocker container / data directory to write data for testing
[root@centos7~]# cd /var/lib/docker/volumes/8421a48b58337a30ac4750c06748e01a3f328bdc2fa3b945d7f9737d9bc1b002/_data [root@centos7 _data]# ls [root@centos7 _data]# echo "welcome to here">file [root@centos7 _data]# ll total 4 -rw-r--r-- 1 root root 16 Apr 10 17:34 file
Check to see if there is any data in the container just now.
[root@82a489adb07a /]# hostname 82a489adb07a [root@82a489adb07a /]# cd /data/ [root@82a489adb07a data]# ll total 4 -rw-r--r-- 1 root root 16 Apr 10 09:34 file [root@82a489adb07a data]# cat file welcome to here