Docker
Basic composition of Docker
Docker installation
uname -r view system kernel
Cat / etc / OS release to view the system configuration
[root@palmer docker]# cat /etc/os-release NAME="CentOS Linux" VERSION="7 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="7" PRETTY_NAME="CentOS Linux 7 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:7" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-7" CENTOS_MANTISBT_PROJECT_VERSION="7" REDHAT_SUPPORT_PRODUCT="centos"
Docker installation steps
(1) Uninstall old version
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
(2) Install Docker
yum install docker
(3) Start docker and keep it on
systemctl start docker systemctl enable docker
(4) View docker version information
# View the version information of docker docker version # View docker information, including container and image status docker info
(5) Download the Hello world image for testing
[root@palmer docker]# docker run hello-world Unable to find image 'hello-world:latest' locally Trying to pull repository docker.io/library/hello-world ... latest: Pulling from docker.io/library/hello-world b8dfde127a29: Pull complete Digest: sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a5d2165a9898cd2dc0a1 Status: Downloaded newer image for docker.io/hello-world:latest Hello from Docker!
[root@palmer ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/hello-world latest d1165f221234 6 months ago 13.3 kB
(5) Set domestic image
| Name of domestic Docker image warehouse | link |
|---|---|
| Docker official China | https://registry.docker-cn.com |
| Netease | http://hub-mirror.c.163.com |
| University of science and technology of China | https://docker.mirrors.ustc.edu.cn |
| Alibaba cloud | HTTPS: / / < your ID > .mirror.aliyuncs.com |
-
#Modify docker image warehouse configuration vim /etc/docker/daemon.json
The modified content is
{ "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"] } -
Validate profile
systemctl daemon-reload
-
Restart docker
systemctl start docker
-
Test whether the configuration is successful. Registry mirrors appears at the end: https://docker.mirrors.ustc.edu.cn The configuration is successful
[root@palmer docker]# docker info Containers: 14 Running: 0 Paused: 0 Stopped: 14 Images: 1 Server Version: 1.13.1 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Logging Driver: journald Cgroup Driver: systemd Plugins: Volume: local Network: bridge host macvlan null overlay Swarm: inactive Runtimes: docker-runc runc Default Runtime: docker-runc Init Binary: /usr/libexec/docker/docker-init-current containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1) runc version: 66aedde759f33c190954815fb765eedc1d782dd9 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f) init version: fec3683b971d9c3ef73f284f176672c44b448662 (expected: 949e6facb77383876aeff8a6944dde66b3089574) Security Options: seccomp WARNING: You're not using the default seccomp profile Profile: /etc/docker/seccomp.json Kernel Version: 3.10.0-1160.36.2.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 Number of Docker Hooks: 3 CPUs: 1 Total Memory: 1.795 GiB Name: palmer ID: QMVT:JV4A:UI27:MJIM:F2DS:26H6:YMAW:OOO4:PHJQ:XJLA:B3RQ:CIEL Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://docker.mirrors.ustc.edu.cn Live Restore Enabled: false Registries: docker.io (secure)
Docker container running process
Underlying principle
Why is Docker faster than VM Ware?
1. Docker has fewer abstraction layers than virtual machines
2. docker uses the kernel of the host, and the VM needs the Guest OS
When Docker creates a new container, it does not need to reload an operating system kernel like a virtual machine, but directly use the operating system of the host, while the virtual machine needs to load the Guest OS. The comparison between Docker and VM is as follows:
Common commands
Basic command
docker version #View version information docker info #View the system information of docker, including the number of images and containers docker command --help #View command usage
Mirror command
[docker images](# docker images): view all images of the local host
[docker search](# docker search): search for images
[docker pull image name [: tag] Download Image] (# docker pull)
[docker rmi delete image] (# docker rmi delete image)
Container command
docker pull centos # pull a centos container
docker run [optional parameter] image # run container
docker run [Optional parameters] image #Parameter description --name="name" Specify container name -d Run in background mode -it Run interactively,Enter the container to view the contents -p Specifies the port of the container ( -p ip:Host port:Container port configuration host ports are mapped to container ports -p Host port:Container port -p Container port ) -P Randomly assigned port(Capitalized P)
Run and enter the container
[root@palmer docker]# docker run -it centos /bin/bash
[root@6d539ddb408b /]# ls
bin dev etc home lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var
Only enter the container
# After entering the container, open a new terminal, which can be operated inside [root@palmer docker]# docker exec -it 87ddc23e0b46 /bin/bash [root@87ddc23e0b46 /]# # Entering the terminal where the container is executing will not start a new process [root@palmer ~]# docker attach e2688fd8536e [root@e2688fd8536e /]#
Exit container
#Stop and exit the container # The exit command stops the current container [root@6d539ddb408b /]# exit exit # Ctrl+P+Q do not stop container exit
View run container
#Viewing running containers docker ps -a # List the operation records of all containers -n=? # Displays the n recently created containers -q # Displays only the number of the container
Start and stop containers
docker start container id # start container
docker restart container id # restart container
docker stop container id # stops the currently running container
docker kill container id # forces the current container to stop
Other common commands
docker logs container id #View logs of running containers docker top container id #View process information in container docker inspect container id #Viewing container metadata docker stats #View resource usage
Copy container files to host
[root@palmer home]# ls lighthouse palmer [root@palmer home]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e2688fd8536e centos "/bin/bash" 25 minutes ago Up 25 minutes angry_leavitt [root@palmer home]# docker cp e2688fd8536e:/home/test.java /home [root@palmer home]# ls lighthouse palmer test.java [root@palmer home]#
Command Atlas
Explain in detail
docker images
[root@palmer docker]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/hello-world latest d1165f221234 6 months ago 13.3 kB docker.io/centos latest 300e315adb2f 9 months ago 209 MB explain: REPOSITORY:Mirror warehouse source TAG: Mirrored label IMAGE ID: mirrored id CREATED: Creation time of the image SIZE:Mirror size Optional parameters: -a, --all Show all images # Show all mirrors -q, --quiet Only show numeric IDs # Only the image id is displayed
docker search
[root@palmer docker]# docker search mysql INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/mysql MySQL is a widely used, open-source relati... 11399 [OK] docker.io docker.io/mariadb MariaDB Server is a high performing open s... 4329 [OK] docker.io docker.io/mysql/mysql-server Optimized MySQL Server Docker images. Crea... 847 [OK] [OK] # Search for images with collections greater than 3000 [root@palmer docker]# docker search mysql --filter=STARS=3000 INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/mysql MySQL is a widely used, open-source relati... 11399 [OK] docker.io docker.io/mariadb MariaDB Server is a high performing open s... 4329 [OK]
docker pull
docker pull image name [: tag] Download Image
[root@palmer docker]# docker pull mysql Using default tag: latest # If you do not write tag, the default is latest Trying to pull repository docker.io/library/mysql ... latest: Pulling from docker.io/library/mysql a330b6cecb98: Pull complete #Layered download, the core of docker image - federated file system 9c8f656c32b8: Pull complete 88e473c3f553: Pull complete 062463ea5d2f: Pull complete daf7e3bdf4b6: Pull complete 1839c0b7aac9: Pull complete cf0a0cfee6d0: Pull complete 1b42041bb11e: Pull complete 10459d86c7e6: Pull complete b7199599d5f9: Pull complete 1d6f51e17d45: Pull complete 50e0789bacad: Pull complete Digest: sha256:99e0989e7e3797cfbdb8d51a19d32c8d286dd8862794d01a547651a896bcf00c #autograph Status: Downloaded newer image for docker.io/mysql:latest #The real address of the download source #docker pull mysql is equivalent to docker pull docker.io/mysql:latest #Specified version download [root@palmer docker]# docker pull mysql:5.7
docker rmi delete image
# Deletes the specified mirror [root@palmer docker]# docker rmi -f image id # Delete multiple mirrors [root@palmer docker]# docker rmi -f image id image id Delete all mirrors [root@palmer docker]# docker rmi -f $(docker images -aq)
Docker image
Image is a lightweight and executable independent software package, which is used to package the software running environment and the software developed based on the running environment. It contains all the contents required to run a software, including code, runtime (the dependency of a program running or being executed), library, environment variables and configuration files.
The Docker image is actually composed of a layer by layer file system, which is the UnionFS federated file system.
When we download images, we can see that they are downloaded layer by layer. Each layer has a unique layer id. through UnionFS, only one base image can exist in memory. When creating a container, based on this image, we put new operations on the new layer
[root@palmer ~]# docker pull rabbitmq Using default tag: latest Trying to pull repository docker.io/library/rabbitmq ... latest: Pulling from docker.io/library/rabbitmq 35807b77a593: Extracting [> ] 294.9 kB/28.57 MB 4230493d8a07: Download complete 49a6c2211cf8: Downloading [=========> ] 9.63 MB/50.68 MB 1628bc6ff161: Download complete c6fed162cd0d: Downloading [=======================================> ] 13.27 MB/16.75 MB c438f9c4cd8a: Waiting 8692ace5dd4b: Waiting 6778adea8d5f: Waiting 6818e3c609f6: Waiting
View image information
[root@palmer ~]# docker image inspect 0716d6ebcc1a
# The results have this information, corresponding to stratification
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:d000633a56813933cb0ac5ee3246cf7a4c0205db6290018a169d7cb096581046",
"sha256:731f7c21360385893ff752e1200bf901f7936f973801eb6f10dc81f249920994",
"sha256:b2830993d63aac4a4c4c3cdea0ccae39c14d53e69d82d4a6541b35670431f244",
"sha256:97a2a3481f0d61f26f855842ffb8170680a68659ab724042b3a000941a5a0a4e",
"sha256:35e94dafc854af4a22dd101bc5f6b0b453c91d50ef9893228ae9b41d5fd99226",
"sha256:2eaac5532d4479e5e821f724c854b8bc38527708ff484397b841561e21a8fc9a",
"sha256:89638afc97cdd7709e24a927a87520751464fbb3af9b564e591f0a783b6276fc",
"sha256:cf0cecb7358f93f27a0e1c25b7d4ffbf8a503a027730341a01a6f052816e6846",
"sha256:16c71bbd693d487b5e68a4afcc10536dbb6e8e38311d9a3df6d17a4e2ba00ccb",
"sha256:46bb27bfe16570fffa8627e1d21bf315f0c999239b2f72bd7a05594c73eb72ff",
"sha256:2ecd2889304a49cfb06d3c36698b4bcb67845e9aac671192a4636c2891ab1e06",
"sha256:bc3da4909d7537e8cf0bb1e408d752ee66ff62a2e0eb4f876bcef12c398cf477"
]
}
Layered l understanding:
Why does docker use this hierarchical structure?
The biggest advantage is resource sharing. When multiple images are built from the same base image, the host only needs to keep one base image on the disk. When running the container, only one base image needs to be loaded in memory, so that it can serve all containers
Create and commit images
Because there are no files under the webapps of tomcat pulled in centos, the started tomcat cannot be accessed. Therefore, modify the pulled image and use the command cp -r webapps.dist/* webapps to copy the contents under webapps.dist to webapps to access tomcat
[root@palmer ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE [root@palmer ~]# clear [root@palmer ~]# docker pull tomcat Using default tag: latest Trying to pull repository docker.io/library/tomcat ... latest: Pulling from docker.io/library/tomcat 955615a668ce: Pull complete 2756ef5f69a5: Pull complete 911ea9f2bd51: Pull complete 27b0a22ee906: Pull complete 785dffb36c6c: Pull complete 3fccb14f0369: Pull complete 4a0c30fedd9c: Pull complete 54a2fe1e7768: Pull complete 6fa4e6871c2e: Pull complete 6d7763893bf9: Pull complete Digest: sha256:479374af92bb0f8492dd4bd4520b62f68227028215848c590bd86811b5abc808 Status: Downloaded newer image for docker.io/tomcat:latest [root@palmer ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/tomcat latest ab1f0e1bb1a1 9 days ago 680 MB [root@palmer ~]# docker run -d -p 8080:8080 --name tomcat01 tomcat 071ce61498b2af139445eebef2b26e250476ec6053339c2ef476d941d3c78f5f [root@palmer ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 071ce61498b2 tomcat "catalina.sh run" 4 seconds ago Up 3 seconds 0.0.0.0:8080->8080/tcp tomcat01 [root@palmer ~]# docker exec -it 071ce61498b2 /bin/bash root@071ce61498b2:/usr/local/tomcat# ls BUILDING.txt LICENSE README.md RUNNING.txt conf logs temp webapps.dist CONTRIBUTING.md NOTICE RELEASE-NOTES bin lib native-jni-lib webapps work root@071ce61498b2:/usr/local/tomcat# cd webapps root@071ce61498b2:/usr/local/tomcat/webapps# ls root@071ce61498b2:/usr/local/tomcat/webapps# cd ../webapps.dist/ root@071ce61498b2:/usr/local/tomcat/webapps.dist# ls ROOT docs examples host-manager manager root@071ce61498b2:/usr/local/tomcat/webapps.dist# cd ../ root@071ce61498b2:/usr/local/tomcat# cp -r webapps.dist/* webapps root@071ce61498b2:/usr/local/tomcat# [root@palmer ~]# ^C [root@palmer ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 071ce61498b2 tomcat "catalina.sh run" About a minute ago Up About a minute 0.0.0.0:8080->8080/tcp tomcat01 [root@palmer ~]# docker commit -m "add webapps" -a "palmer" 071ce61498b2 mytomcat:1.0 sha256:65fa0953323d1274cb6371ca998bd115b1c23596b29c9fd6ec61304c6c89e2fc [root@palmer ~]# docker rm 071ce61498b2 Error response from daemon: You cannot remove a running container 071ce61498b2af139445eebef2b26e250476ec6053339c2ef476d941d3c78f5f. Stop the container before attempting removal or use -f [root@palmer ~]# docker rm -f 071ce61498b2 071ce61498b2 [root@palmer ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@palmer ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE mytomcat 1.0 65fa0953323d 37 seconds ago 684 MB docker.io/tomcat latest ab1f0e1bb1a1 9 days ago 680 MB [root@palmer ~]# docker run -d -p 8081:8080 mytomcat:1.0 88f7e7cfef348544bcd2621afd527633bea4c968fea9c1258b16294ee8eb385c [root@palmer ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 88f7e7cfef34 mytomcat:1.0 "catalina.sh run" 3 seconds ago Up 3 seconds 0.0.0.0:8081->8080/tcp lucid_wright [root@palmer ~]# # Now you can directly access your tomcat
Common container deployment
Deploy nginx
Configuration file path: / etc/nginx
[root@palmer ~]# docker pull nginx Using default tag: latest Trying to pull repository docker.io/library/nginx ... a330b6cecb98: Pull complete e0ad2c0621bc: Pull complete 9e56c3e0e6b7: Pull complete 09f31c94adc6: Pull complete 32b26e9cdb83: Pull complete 20ab512bbb07: Pull complete Digest: sha256:853b221d3341add7aaadf5f81dd088ea943ab9c918766e295321294b035f3f3e Status: Downloaded newer image for docker.io/nginx:latest [root@palmer ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE mytomcat 1.0 65fa0953323d 8 hours ago 684 MB docker.io/nginx latest ad4c705f24d3 4 days ago 133 MB docker.io/tomcat latest ab1f0e1bb1a1 9 days ago 680 MB [root@palmer ~]# docker run -d -p 80:80 --name nginx01 nginx 2e0b8cdb3672fa4064de0bcefd9af247e7099f1d7ad59923dc55ce256c4dc749 #View profile [root@palmer ~]# docker exec -it nginx01 /bin/bash root@2e0b8cdb3672:/# ls bin dev docker-entrypoint.sh home lib64 mnt proc run srv tmp var boot docker-entrypoint.d etc lib media opt root sbin sys usr root@2e0b8cdb3672:/# cd /etc/nginx/ root@2e0b8cdb3672:/etc/nginx# ls conf.d fastcgi_params mime.types modules nginx.conf scgi_params uwsgi_params
Test access: the following indicates that it is enabled successfully
root@2e0b8cdb3672:/etc/nginx# curl localhost:80
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
root@2e0b8cdb3672:/etc/nginx#
ElasticSearch deployment
Note: Add '- e es when running es_ JAVA_ Opts = "- xms128m - xmx512m"'configure the memory size occupied by the ElasticSearch virtual machine, otherwise it may cause jamming due to too much memory occupied by ElasticSearch
docker stat