Docker
When we started to understand linux operation and maintenance, we heard about docker, which is very popular and is used by almost most companies, but we don't know what docker is and what it does.
Docker literally means container. It is an open source container engine that can quickly deploy the environment and release code, allowing developers to package applications and dependent libraries, and then publish them to any popular Linux distribution, which is very convenient for porting.
Developed by go language and released based on apache2.0 protocol, official website: www.docker.com, GitHub: https://github.com/docker/docker.github.io . The version is divided into community version ce and enterprise version ee. Based on the timeline of year and month, the latest stable version is 18.06.
Version introduction reference link:
https://blog.csdn.net/chenhaifeng2016/article/details/68062414
The advantages of docker over traditional virtualization:
\1. Start-up is very fast, realized in seconds;
\2. High resource utilization, a high-configuration server can run thousands of docker containers;
\3. Faster deployment and delivery, once created and configured, it can be run anywhere;
\4. Kernel-level virtualization does not require additional hypevisor support, and will have higher performance and efficiency;
\5. Easy to migrate, low platform dependency.
Docker concept:
Mirror is a read-only template, similar to the iso file used when installing the system. We use mirroring to complete the deployment of various applications.
The container, the image is similar to the operating system, and the container is similar to the virtual machine itself, it can be started, shut down, deleted, etc., each container is isolated from each other.
A warehouse is a place for storing images. The warehouse is divided into a public warehouse and a private warehouse. The largest public warehouse is the Docker hub (hub.docker.com).
Docker installation
Install docker:
Aliyuan docker http://mirrors.aliyun.com/docker-ce/linux/centos/ ** docker-ce.repo**
cd /etc/yum.repos.d/
wget
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce
Start docker:
Start the docker service: systemctl start docker
Check whether the docker service is started: ps aux |grep docker
Firewall rules will be automatically generated after startup. The rules will clearly affect docker, so it is recommended to save the rules
View firewall rules: iptables -nvL
File for saving firewall rules: cat /etc/sysconfig/iptables-config
Save rules: service iptables save (the command needs to install the iptables service) iptables rules will be automatically generated every time docker is started, and it is not recommended to restart the docker service during work
Image management
Download the mirror:
docker pull centos
Configure docker accelerator:
The above image download is very slow, so we can configure a docker accelerator.
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://v9wd8gth.mirror.aliyuncs.com"]
}
Note: The URL is the accelerator address, you can go to Alibaba Cloud to apply for your own accelerator address
After the configuration, restart docker, and then download the image will be much faster than before.
Restart the docker service: systemctl restart docker
Test and download the Ubuntu docker image: docker pull ubuntu
View local mirror: docker images
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
Search mirror: ** docker search jumpserver**
Tag the image: ** docker tag centos jin_centos**
[root@localhost yum.repos.d]# docker tag centos jin_centos
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jin_centos latest 300e315adb2f 12 days ago 209MB
centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9M
After tagging, another image will be generated again, but the IMAGE ID will not change, which shows that the two images are actually the same.
In addition, you can also mark like this, change the TAG: docker tag centos test: 123
[root@localhost yum.repos.d]# docker tag centos test:123
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
test 123 300e315adb2f 12 days ago 209MB
centos latest 300e315adb2f 12 days ago 209MB
jin_centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
Start the image as a container: docker run -itd centos
-i means to open the standard input of the container; -t means to allocate a pseudo terminal; -d means to start in the background, and the parameter needs to be placed in front of the image name
[root@localhost yum.repos.d]# docker run -itd centos
37be85e9b9bc80ed50589ac8f7d77cf0939067dddd599594f48f8444f1a6a2f8
View the startup status of the container: docker ps
docker ps -a -a** View all containers, including start and stop status**
[root@localhost yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37be85e9b9bc centos "/bin/bash" 36 seconds ago Up 34 seconds objective_kapitsa
[root@localhost yum.repos.d]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37be85e9b9bc centos "/bin/bash" 2 minutes ago Up 2 minutes objective_kapitsa
Delete the mirror:
docker rmi image name: TAG tag
First check the existing mirrors under the current system: docker images
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
jin_centos latest 300e315adb2f 12 days ago 209MB
test 123 300e315adb2f 12 days ago 209MB
centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
Delete the mirror, you must bring the TAG when deleting, otherwise it will not be deleted
docker rmi test:123
[root@localhost yum.repos.d]# docker rmi test:123
Untagged: test:123
After deleting, check the existing mirror again, and the deletion is successful
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 300e315adb2f 12 days ago 209MB
jin_centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
When deleting, the following parameter can be TAG, if it is TAG, the TAG is actually deleted; when the latter parameter is IMAGE ID, the entire image will be deleted, and all tags will be deleted at the same time.
Create image through container
The image can be downloaded through docker pull, or you can create a custom image yourself.
Enter the container: docker exec -it CONTAINER ID bash
[root@localhost yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37be85e9b9bc centos "/bin/bash" 14 minutes ago Up 14 minutes objective_kapitsa
Enter the container interface, the container ID can be abbreviated: docker exec -it 37be85 bash
37be85e9b9bc is the container id, this id can be viewed with docker ps, the last bash is the command we want to execute after entering the container, so that we can open a terminal
[root@localhost yum.repos.d]# docker exec -it 37be85 bash
[root@37be85e9b9bc /]# ls
bin etc lib lost+found mnt proc run srv tmp var
dev home lib64 media opt root sbin sys usr
[root@37be85e9b9bc /]# ifconfig
bash: ifconfig: command not found
[root@3790ac27cf7e /]# yum install -y net-tools
The number of commands that can be used in the container is limited
[root@37be85e9b9bc /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 4552 bytes 9578737 (9.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2847 bytes 158904 (155.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@3790ac27cf7e /]# exit
exit
[root@localhost yum.repos.d]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:95ff:fe4c:e893 prefixlen 64 scopeid 0x20<link>
ether 02:42:95:4c:e8:93 txqueuelen 0 (Ethernet)
RX packets 2847 bytes 119046 (116.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4544 bytes 9578081 (9.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2790df0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::1cee:35ff:fe63:378c prefixlen 64 scopeid 0x20<link>
ether 1e:ee:35:63:37:8c txqueuelen 0 (Ethernet)
RX packets 2847 bytes 158904 (155.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4552 bytes 9578737 (9.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
One more docker0: network card and one veth2790df0: virtual network card, each additional container virtual network card will add one
Generate a mirror:
-m specifies change information; -a specifies author-related information; 37be85 is the container id, followed by the name of the new image
docker commit -m "install net-tools" -a "jin" 37be85 centos_with_net
[root@localhost yum.repos.d]# docker commit -m "install net-tools" -a "jin" 37be85 centos_with_net
sha256: 6e13b801d98f6bf568d8df0fb5334320c11122387c18ca4460b26b44807d1282
[root@localhost yum.repos.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_with_net latest 6e13b801d98f 36 seconds ago 242MB //One more mirror
centos latest 300e315adb2f 12 days ago 209MB
jin_centos latest 300e315adb2f 12 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
Start the new image as a container and use the net-tools tool directly.
[root@localhost yum.repos.d]# docker run -itd centos_with_net bash
dd6d95022f70fb11d58fd856a18a22245ef52e5d728700a06d36a1191adc8d7a
[root@localhost yum.repos.d]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dd6d95022f70 centos_with_net "bash" 6 seconds ago Up 5 seconds tender_black
37be85e9b9bc centos "/bin/bash" 34 minutes ago Up 34 minutes objective_kapitsa
[root@localhost yum.repos.d]# ifconfig
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:95ff:fe4c:e893 prefixlen 64 scopeid 0x20<link>
ether 02:42:95:4c:e8:93 txqueuelen 0 (Ethernet)
RX packets 2847 bytes 119046 (116.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4544 bytes 9578081 (9.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth8853224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::474:92ff:febe:df3c prefixlen 64 scopeid 0x20<link>
ether 06:74:92:be:df:3c txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 656 (656.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth2790df0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::1cee:35ff:fe63:378c prefixlen 64 scopeid 0x20<link>
ether 1e:ee:35:63:37:8c txqueuelen 0 (Ethernet)
RX packets 2847 bytes 158904 (155.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4552 bytes 9578737 (9.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
A new container is added, and a virtual network card veth8853224 is added:
Create a mirror from a template
Download template image:
[root@localhost yum.repos.d]# cd /usr/local/src/
[root@localhost src]# wget https://download.openvz.org/template/precreated/centos-7-x86_64-minimal.tar.gz
[root@jinkai01 src]# du -sh centos-7-x86_64-minimal.tar.gz
139M centos-7-x86_64-minimal.tar.gz
Import template image command:
[root@jinkai01 src]# cat centos-7-x86_64-minimal.tar.gz|docker import - centos7
sha256: cb41c2fef0dbb447b75cdb1819a090a2b30ce2697e1d7d7c5cbcc3c86c2953e8
Check whether the local mirror has the mirror just imported:
docker images
Start the newly imported image as a container:
docker run -itd centos7 bash
Enter the container interface:
docker exec -it c4aa63 bash
View system version
[root@c994852e45b9 /]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
Export the image as a file :
The file name is preceded by the name of the image
[root@jinkai01 src]# docker save -o centos7.tar centos7
[root@jinkai01 src]# ls
centos7.tar
centos-7-x86_64-minimal.tar.gz
Restore the local mirror with files:
[root@jinkai01 src]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7 latest cb41c2fef0db 6 minutes ago 435MB
centos_with_net latest 6d14edea5ae3 15 minutes ago 242MB
centos latest 300e315adb2f 13 days ago 209MB
jin_centos latest 300e315adb2f 13 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
[root@jinkai01 src]# docker rmi cb41c2
Error response from daemon: conflict: unable to delete cb41c2fef0db (cannot be forced) - image is being used by running container c994852e45b9
Delete the error, prompting that the image is being run by the container
[root@jinkai01 src]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c994852e45b9 centos7 "bash" 6 minutes ago Up 6 minutes friendly_beaver
2a58b225aaf3 centos_with_net "bash" 12 minutes ago Up 12 minutes recursing_sammet
27e8bb49f2bb centos_with_net "/bin/bash" 14 minutes ago Up 14 minutes strange_kilby
6afa18952e17 centos "/bin/bash" 23 minutes ago Up 23 minutes sharp_moser
Forcibly delete the container:
[root@jinkai01 src]# docker rm -f c994852e45b9
c994852e45b9
Delete the mirror again:
[root@jinkai01 src]# docker rmi cb41c2
Untagged: centos7:latest
Deleted: sha256:cb41c2fef0dbb447b75cdb1819a090a2b30ce2697e1d7d7c5cbcc3c86c2953e8
Deleted: sha256:788edba9eaa8ade63d8ba9d5747281c5da2b34b12a6c80f4dffd8ad9e05f68c1
View the local mirror:
[root@jinkai01 src]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos_with_net latest 6d14edea5ae3 17 minutes ago 242MB
centos latest 300e315adb2f 13 days ago 209MB
jin_centos latest 300e315adb2f 13 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
Import the image using a file, or use docker load <centos7.tar to import the image
docker load --input centos7.tar
[root@jinkai01 src]# docker load --input centos7.tar
788edba9eaa8: Loading layer 446.1MB/446.1MB
Loaded image: centos7:latest
[root@jinkai01 src]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos7 latest cb41c2fef0db 23 minutes ago 435MB
centos_with_net latest 6d14edea5ae3 32 minutes ago 242MB
centos latest 300e315adb2f 13 days ago 209MB
jin_centos latest 300e315adb2f 13 days ago 209MB
ubuntu latest f643c72bc252 3 weeks ago 72.9MB
[root@jinkai01 src]# docker push image_name
Upload personal mirror:
docker push image_name
You can upload your personal image to the dockerhub official website, but the premise is that you need to register first
Extension link:
Detailed and complete introduction to docker
https://www.cnblogs.com/zhangxingeng/p/11236968.html
How to build an image using Dockerfile
https://blog.csdn.net/qinyushuang/article/details/43342553
Summary of notes: https://blog.csdn.net/xiaochendefendoushi/article/details/8097990