docker introduction and deployment

Keywords: Linux Operation & Maintenance Docker

;

What is docker?

Is a lightweight virtual machine, is an engine
It is an open source tool for running applications in linux container.
docker is a lightweight virtualization solution based on container technology. docker is a container engine that perfectly encapsulates and abstracts the underlying container technologies such as cgroup and namespace of linux, and provides users with convenient interfaces (Cli, api, etc.) from creating and managing containers

What is the difference between docker and virtual machine?

Higher resource utilization docker, virtualization consumes resources
There is no need for mirroring, just encapsulating a proposed operating system

Do you need container technology for society?

With the development of technology, the overhead of virtualization technology is too large. Running a script still needs to install a system. docker does not need virtual hardware resources and uses the container engine directly, which is fast.

What is the core purpose of docker?

Isolation application: in fact, it is the isolation of resources
Only by implementing namespace isolation in the following 6 can it be regarded as a truly fully isolated application.
Mount file system mount point - a specified directory cannot be mounted repeatedly within a file system
User the user and user group of the operation process
pid process label
uts host name and host domain
ipc semaphore, message queue and shared memory (different applications call different semaphores, message queue and shared memory)
net network equipment, network protocol stack, port, etc

docker three elements

① Mirror image: template; Group resource collection, including application software packages, application related dependent packages, and the basic environment required to run applications (generally refers to the operating system environment), which can be understood as the template of the container
② docker container: a runtime state based on image
③ docker reqistry: store image image templates;
Warehouse classification: docker hub
Private warehouse

advantage

Docker engine unified infrastructure environment: docker environment - > Image - > encapsulate a simple operating system (3.0+G)
Docker engine unifies the packaging application (packing / packaging - similar to container): docker image - > image
The docker engine unifies the runtime environment: docker container - > based on image - > run as a container (runnable environment), realizing one-time construction, multiple times and multiple uses

install

// 
[root@localhost ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 114.114.114.114

[root@localhost ~]# yum install -y yum-utils device-mapper=persistent-data lvm2

Set alicloud image source

//
[root@localhost etc]# cd yum.repos.d
[root@localhost yum.repos.d]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
 Plug in loaded: fastestmirror, langpacks
adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo

Install docker CE Community Edition

// 
[root@localhost yum.repos.d]# yum install -y docker-ce
[root@localhost yum.repos.d]# systemctl start docker
[root@localhost yum.repos.d]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost yum.repos.d]# 

Set mirror acceleration

Enter alicloud's official search image accelerator to display the independently assigned accelerator address
Use the accelerator by modifying the daemon configuration file / etc/docker/daemon.json

// 
[root@localhost yum.repos.d]# mkdir -p /etc/docker
[root@localhost yum.repos.d]# tee /etc/docker/daemon.json <<-'EOF'
> {
>   "registry-mirrors": ["https://m1aaxlq9.mirror.aliyuncs.com"]
> }
> EOF
{
  "registry-mirrors": ["https://m1aaxlq9.mirror.aliyuncs.com"]
}
[root@localhost yum.repos.d]# systemctl daemon-reload
[root@localhost yum.repos.d]# systemctl restart docker

network optimization

//
 [root@localhost yum.repos.d]# vim /etc/sysctl.conf
 net.ipv4.ip_forward=1
 [root@localhost yum.repos.d]# systemctl restart network
[root@localhost yum.repos.d]# systemctl restart docker
[root@localhost yum.repos.d]# docker images #View mirror mode 1
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE
[root@localhost yum.repos.d]# docker image ls #View mirror mode 2

View related commands

View docker version

// 
[root@localhost yum.repos.d]# docker version
Client: Docker Engine - Community  #client
 Version:           20.10.8 #engine
 API version:       1.41 #Engine version
 Go version:        go1.16.6 #go language version
 Git commit:        3967b7d #git tool
 Built:             Fri Jul 30 19:55:49 2021 #Creation time
 OS/Arch:           linux/amd64 #operating system
 Context:           default
 Experimental:      true

Server: Docker Engine - Community #Server
 Engine:
  Version:          20.10.8
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.6
  Git commit:       75249d8
  Built:            Fri Jul 30 19:54:13 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd: 
  Version:          1.4.9 #Container version
  GitCommit:        e25210fe30a0a703442421b0f60afac609f950a3
 runc:
  Version:          1.0.1
  GitCommit:        v1.0.1-0-g4144b63
 docker-init:
  Version:          0.19.0 #initialization
  GitCommit:        de40ad0

Used to display docker system level information

// 
[root@localhost yum.repos.d]# docker info
Client:#client
 Context:    default #Connection mode
 Debug Mode: false #Debug module
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.6.1-docker)
  scan: Docker Scan (Docker Inc., v0.8.0)

Server:
 Containers: 0 #capacity
  Running: 0 #Number of runs
  Paused: 0 #Base container
  Stopped: 0 Stop number
 Images: 0 #Number of mirrors
 Server Version: 20.10.8 #edition
 Storage Driver: overlay2 #Storage engine
  Backing Filesystem: xfs #file system
  Supports d_type: true #Supported types
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local #Local volume
  Network: bridge host ipvlan macvlan null overlay #Supported file types
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive #Support Manager
 Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
 Default Runtime: runc #Default runtime environment: runtime container
 Init Binary: docker-init #Data corresponding to the basic image
 containerd version: e25210fe30a0a703442421b0f60afac609f950a3
 runc version: v1.0.1-0-g4144b63 #Runtime container environment
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-957.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 3.683GiB
 Name: localhost.localdomain
 ID: CYBX:CGEA:7JQB:I7UB:LPNJ:KXDT:PCXU:DH3Z:LRB4:LAB5:NNDI:CNDW
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8 #Private address network segment
 Registry Mirrors:
  https://m1aaxlq9.mirror.aliyuncs.com / # image warehouse address
 Live Restore Enabled: false

WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

Docker image related operations

Run mirror

// 
[root@localhost ~]# docker run hello-world
Unable to find image 'hello-world:latest' locally ##There is no such image
latest: Pulling from library/hello-world #Automatic download
b8dfde127a29: Pull complete  #Mirror id
Digest: sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a5d2165a9898cd2dc0a1 #Hash encryption
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

delete mirror

You need to delete the container before deleting the mirror

//
[root@localhost ~]# docker ps -a  #View container
CONTAINER ID   IMAGE         COMMAND    CREATED         STATUS                     PORTS     NAMES
b7d6f31dae52   hello-world   "/hello"   5 minutes ago   Exited (0) 5 minutes ago             happy_hodgkin
[root@localhost ~]# docker rm b7d6f31dae52 #Delete container
b7d6f31dae52
[root@localhost ~]# docker ps -a
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost ~]# docker images
REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
hello-world   latest    d1165f221234   6 months ago   13.3kB

[root@localhost ~]# docker rmi d1165f221234 #delete mirror
[root@localhost ~]# docker rmi  `docker images -q`  #-q lists the image ID and deletes multiple images
Untagged: hello-world:latest
Untagged: hello-world@sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a5d2165a9898cd2dc0a1
Deleted: sha256:d1165f2212346b2bab48cb01c1e39ee8ad1be46b87873d9ca7a4e434980a7726
Deleted: sha256:f22b99068db93900abe17f7f5e09ec775c2826ecfe9db961fea68293744144bd

search for images

// 
[root@localhost ~]# docker search nginx
[root@localhost ~]# docker search centos:7

pull for downloading images

//
[root@localhost ~]# docker pull nginx #The default is from docker hub
Using default tag: latest #latest edition
latest: Pulling from library/nginx
a330b6cecb98: Pull complete 
5ef80e6f29b5: Pull complete 
f699b0db74e3: Pull complete 
0f701a34c55e: Pull complete 
3229dce7b89c: Pull complete 
ddb78cb2d047: Pull complete 
Digest: sha256:a05b0cdd4fc1be3b224ba9662ebdf98fe44c09c0c9215b45f84344c12867002e
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest

Get image information

Details of encapsulating images

// 
[root@localhost ~]# docker inspect 822b7ec2aaf2

Add mirror label

// 
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED        SIZE
nginx        latest    822b7ec2aaf2   32 hours ago   133MB
[root@localhost ~]# docker tag nginx:latest nginx:lamp
[root@localhost ~]# docker images
REPOSITORY   TAG       IMAGE ID       CREATED        SIZE
nginx        lamp      822b7ec2aaf2   32 hours ago   133MB
nginx        latest    822b7ec2aaf2   32 hours ago   133MB

Mirror export

// 
docker save -o  File name image name
docker save -o centos_7 centos:7
scp centos_7 192.168.142.142:/opt

Mirror import

//
docker load < nginx

Summary:
[root@docker docker]# docker ps -a
[ root@docker ~]#Docker PS -aq# only filters out container ID S
16d885305462
[ root@docker ~]#Docker RM docker PS -aq# batch delete
CONTAINER ID: CONTAINER ID
IMAGE: IMAGE version
Critical: time of creation
STATUS: running time
PORTS: exposed PORTS
NAMES: name (definable)

docker command - container operation

Create container

//
[root@localhost ~]# docker create -it nginx:latest /bin/bash
e3047d0fa01866777b503d9b62e0360803a93c923432077ce3a611e0906672e2
-i Leave the standard input of the container open
-t Assign a pseudo terminal
-d Run as a background daemon

Start container start

// 
[root@localhost ~]# docker start e3047d0fa018  #Container id
docker run centos:7 /usr/bin/bash -c ls /
// 
[root@localhost ~]# docker ps -a
CONTAINER ID   IMAGE          COMMAND                  CREATED              STATUS    PORTS     NAMES
e3047d0fa018   nginx:latest   "/docker-entrypoint...."   About a minute ago   Created             stupefied_golick
[root@localhost ~]# docker start e3047d0fa018  #Container id
e3047d0fa018
[root@localhost ~]# docker ps -a
CONTAINER ID   IMAGE          COMMAND                  CREATED         STATUS          PORTS     NAMES
e3047d0fa018   nginx:latest   "/docker-entrypoint...."   2 minutes ago   Up 18 seconds   80/tcp    stupefied_golick

Stop container

// 
docker stop  container ID
// 
[root@localhost ~]# docker stop e3047d0fa018
e3047d0fa018

The container continues to run in the background

// 
[root@docker ~]# docker run -d centos:7 /usr/bin/bash -c "while true;do echo hello;done"
[root@docker ~]# watch -n 2 docker ps -a
[root@docker ~]# docker rm `docker ps -aq` #Running will not be deleted

Enter container

// 
use run
docker run -it nginx:latest /bin/bash         #One time, exit and close
//
exec(The container must be open)
docker exec -it  container ID /bin/bash
//
PS:
docker run -it The foreground process will be created, but it will be entered exit Terminate the process after.
docker attach  Will connect via stdin,Connect to the input / output stream in the container, and exit Terminate process after.
docker exec -it Will be connected to the container, which can be like SSH Enter the container and operate through exit Exit the container without affecting the operation of the container.

docker network mode

HOST mode

container mode

None mode

Bridge mode (default)


Characteristics of docker's four network modes

//
host pattern        -net=host                  Container and host sharing Network namespaceo
container pattern   -net=container:NAME_or_ID  Multiple containers share one Network namespace.
none pattern        -net=none Containers have independent Network,namespace,However, there is no network setting, such as distribution veth pair And bridge connection, configuration IP Wait.
bridge pattern      -net=bridge               ((default is this mode)
No manual configuration is required for the above,What really needs to be configured is a custom network

Posted by edkuan on Sun, 05 Sep 2021 00:30:11 -0700