Introduction to Docker foundation of kubernetes

Keywords: Operation & Maintenance Docker Redis yum CentOS

Getting started with Docker

Definition of container

  • Stand alone processes running in user space
  • Isolated from other user space programs
  • A container runs in a separate user space
  • At the bottom is a separate kernel space

History of development

  • FreeBSD jail, 2000
  • Linux VServer ,2001
    • CGroups
    • NameSpace
    • LXC
  • Docker ,2010
    • libcontainer
    • runC

docker container arrangement three swordsmen

  • docker-mechine
  • docker-swarm
  • docker-compose

Linux NameSpace

  • It is used to encapsulate a global level of system resources that can be segmented on an abstraction layer, mainly including the following seven levels of system resources
NameSpaces Constant Isolates
Cgroup CLONE_NEWCGROUP Cgroup root directory, dispatch the underlying cpu, memory and IO resources to the container
IPC CLONE_NEIPC System V IPC,POSIX message queues
NETWORK COLNE_NENET NetWork devices,stacks,ports,etc
Mount ClONE_NEWNS MountPoints
Users COLNE_USER User and Group IDs
UTS CLONE_NEW_UTS Hostname and NIS domain name

Version of docker

  • docker-ee
  • docker-ce

Docker architecture

Installation of docker

  • System: centos7+
  • Initialization: configure host name & IP bypass
[root@centos7-node1 ~]# systemctl stop firewalld && systemctl disable firewalld
[root@centos7-node1 ~]# sed -i "s/SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config && reboot -f
[root@centos7-node1 ~]# yum install chrony wget curl git -y && systemctl enable chronyd && systemctl start chronyd && timedatectl set-timezone Asia/Shanghai && timedatectl set-ntp yes    #time synchronization 
[root@centos7-node1 ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo
[root@centos7-node1 ~]# yum -y install epel-release
[root@centos7-node1 ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf  &&  sysctl -p
  • Installation and configuration of docker
# step 1: install some necessary system tools
 yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: add software source information
yum-config-manager --add-repo
# Step 3: update and install docker CE
yum makecache fast
yum -y install docker-ce

# New profile
 mkdir -p /etc/docker
 tee /etc/docker/daemon.json <<-'EOF'
  "registry-mirrors": [""],
  "storage-driver": "overlay2",
  "storage-opts": [
# Overloaded service
sudo systemctl daemon-reload
sudo systemctl restart docker

docker environment related commands

docker info     #View docker information
docker version   #View version information

Mirror related commands

[root@centos7-node1 ~]# docker image -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker image COMMAND
Manage images
  build Build an image from a Dockerfile
  history Show the history of an image
  import Import the contents from a tarball to create a filesystem image
  inspect Display detailed information on one or more images
  load Load an image from a tar archive or STDIN
  ls List images
  prune Remove unused images
  pull Pull an image or a repository from a registry
  push Push an image or a repository to a registry
  rm Remove one or more images
  save Save one or more images to a tar archive (streamed to STDOUT by default)
  tag Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE

Container related commands

[root@centos7-node1 ~]# docker container -h
Flag shorthand -h has been deprecated, please use --help
Usage: docker container COMMAND
Manage containers
  attach Attach local standard input, output, and error streams to a running container
  commit Create a new image from a container's changes
  cp Copy files/folders between a container and the local filesystem
  create Create a new container
  diff Inspect changes to files or directories on a container's filesystem
  exec Run a command in a running container
  export Export a container's filesystem as a tar archive
  inspect Display detailed information on one or more containers
  kill Kill one or more running containers
  logs Fetch the logs of a container
  ls List containers
  pause Pause all processes within one or more containers
  port List port mappings or a specific mapping for the container
  prune Remove all stopped containers
  rename Rename a container
  restart Restart one or more containers
  rm Remove one or more containers
  run Run a command in a new container
  start Start one or more stopped containers
  stats Display a live stream of container(s) resource usage statistics
  stop Stop one or more running containers
  top Display the running processes of a container
  unpause Unpause all processes within one or more containers
  update Update configuration of one or more containers
  wait Block until one or more containers stop, then print their exit codes


Mirror practice

[root@centos7-node1 ~]# docker search redis    #Find redis image
[root@centos7-node1 ~]# docker pull redis:4-alpine    #Drag image
[root@centos7-node1 ~]# docker images    #View all mirrors
[root@centos7-node1 ~]# docker inspect redis:4-alpine     #View image details
[root@centos7-node1 ~]# docker rmi redis:4-alpine           #delete mirror
[root@centos7-node1 ~]# docker image save redis:4-alpine -o redis.tar     #Export image
[root@centos7-node1 ~]# docker image load -i redis.tar         #Import image

Log in to Alibaba cloud container image console, create a namespace, and then create a redis local image warehouse

The next step is to upload images to Alibaba cloud redis image warehouse

[root@centos7-node1 ~]# docker login --username=valiente0822   #Log in to my alicloud docker image warehouse
[root@centos7-node1 ~]# docker image tag redis:4-alpine   #Copy and modify tag
[root@centos7-node1 ~]# docker push    #Upload image
[root@centos7-node1 ~]# docker pull      #Download Image

matters needing attention:

  • If you create a private Alibaba cloud warehouse, you need docker login to pull the image

Container practice

[root@centos7-node1 ~]# docker image pull centos:7   #Pull image
[root@centos7-node1 ~]# docker container run -it --name c1 centos:7 /bin/bash    #Interactive run container
[root@centos7-node1 ~]# iptables -t nat -vnL    #New terminal found nat iptables rule
[root@centos7-node1 ~]# docker ps -a             #View containers in run or stop state
[root@centos7-node1 ~]# docker start c1          #Start container
[root@centos7-node1 ~]# docker ps                  #Container for viewing the running state

Posted by fqservers on Mon, 01 Jun 2020 07:30:11 -0700