1. Why do we need a container?
The figure below is a more traditional software architecture: 
students who have done java may have a better understanding of the architecture of the above figure. We usually generate a war package from an application, put it in a tomcat container and put it in a virtual machine ( VM), and then configure the load balancing strategy of nginx to forward requests from users to a tomcat application. This kind of host-based or virtual machine-based application will have the following problems:
Transportability difference
You need to install the operating environment required by the application in advance, such as jdk or jre required by the java application. If you need to redeploy an application, you need to re-initialize the environment and then install the application. The process is cumbersome; in addition, if an application requires another jdk7 operating environment The application requires jdk8, which is difficult to meet on a host;
Poor maintainability
If there is a problem with the tomcat application itself or the virtual machine operating system where it is located, manual intervention is required, such as configuring nginx forwarding rules, performing restart operations, etc.;
Poor scalability
The application load is high or low, and not stable enough. When the current application load is large, we need to increase the number of applications. When the application load decreases, we need to reduce the number of applications;
Unable to isolate resources
If a virtual machine deploys multiple applications, different applications or processes will affect each other;
…
Let’s take a look at how we solve these problems step by step.
The first is containerization. The solution we chose is Docker.
Docker packages the application and the dependencies of the program into a container image, and running this file will generate a virtual container. The program runs in this virtual container, as if it is running on a real physical machine, and the resources between each container are isolated from each other and have their own file system, so that the processes between the containers will not affect each other. You can use the following figure to proceed. Compare the difference between virtual machine-based and container-based deployment applications:
2. Introduction to Docker
2.1 Docker architecture
Docker is an application of client-server architecture, mainly composed of the following parts:
The server is a daemon called dockerd, which is used to monitor REST API requests and manage Docker objects, such as images, containers, storage volumes, and networks.
The command line client (CLI), which is the docker command line we usually enter in the console, controls or integrates with the Docker daemon by calling the REST API.
Docker Registries, which is used to store Docker images.
The following is a schematic diagram of Docker's architecture:
2.2 Docker objects
IMAGES
Mirrors are generally read-only files created by instructions to generate containers. Generally, a mirror is created based on another mirror and added some additional instructions. You can generate a mirror through a file named Dockerfile, and each line of instructions in the Dockerfile will generate a layer. When there are changes to the Dockerfile and the image needs to be regenerated, only the changed layers need to be regenerated, which can make the image file more lightweight and faster to build.
CONTAINERS
A container is a running instance generated by an image file. You can create, start, stop, move or delete a container through REST API or docker client.
SERVICE
Used to manage and expand multiple containers, need to work with docker swarm
2.3 The underlying technology
Docker is written in go language, and uses several features in the Linux kernel to achieve its functions, mainly as follows:
Namespaces
Docker provides an isolated workspace (Workspace) through Namespaces. When you run a container, Docker creates several different types of Namespaces for the container, mainly as follows:
pid namespace: Provide process isolation function
net namespace: management network interface
ipc namespace: Internal resource access control (IPC: Inter Process Communication)
mnt namespace: manage file system mounting
uts namespace: kernel isolation and version identification (UTS: Unix Timesharing System)
CGroups(Control Groups)
Docker uses CGroup to limit the container to only use specific resources. For example, Docker can limit how many cpu and memory resources a container can only use.
UnionFS(Union File System)
A type of file system that can run on other file systems, creating different layers to make the container file system lighter and faster. There are several other similar file systems, including AUFS, btrfs, vfs, and DeviceMapper.
3. Docker installation and deployment
The following commands are commands on Centos7, there will be some differences in other operating systems
yum install docker: download docker-related dependencies through yum
systemctl enable docker: boot and run systemctl
start docker: start the docker service to
perform the above operations, the docker service is already running, you can execute the docker version and docker info commands to check the docker version and Related information.
4. Use of Docker
4.1 Dockerfile file
We mentioned earlier that Docker can package the application into an image, so how to generate the image file? This requires the use of Dockerfile files. It is a text file used to configure the image, and Docker generates a binary image file based on the file. The following is an example of a Dockerfile:
# 该镜像文件继承官方的nginx镜像,冒号表示标签,这里标签是latest,表示最新的版本
FROM nginx:latest
# 将_book目录下的文件copy至镜像文件的/var/www/public目录
COPY _book /var/www/public/
COPY nginx_app.conf/etc/nginx/conf.d/ nginx_app.conf
# 将容器的8080端口暴露出来,允许外部连接这个端口
EXPOSE 8080
# 容器启动后执行 nginx -g daemon off 命令
CMD ["nginx", "-g", "daemon off;"]
4.2 Create Mirror File Once you
have the Dockerfile file, you can use the docker build command to create the mirror file.
docker build -t zcloud-document:0.0.1.
docker image ls
If the operation is successful, you can see the newly generated image file zcloud-document.
4.3 Generate container
# 生成容器 docker
run -p 8080:8080 -it zcloud-document:0.0.1
docker ps
# 重新生成一个新的镜像标签,并指向原来的镜像
docker tag zcloud-document:0.0.1 10.0.0.183:5000/zcloud/zcloud-document:0.0.1
# 推送到私有镜像仓库
docker push 10.0.0.183:5000/zcloud/zcloud-document:0.0.1
Regarding some other operating commands of Docker, you can
refer to it yourself. There are also many articles introduced on the Internet. Linux, C/C++ technical exchange group: [960994558] I have compiled some good learning books, interview questions from major manufacturers, and popular Technical teaching video materials are shared inside (including C/C++, Linux, Nginx, ZeroMQ, MySQL, Redis, fastdfs, MongoDB, ZK, streaming media, CDN, P2P, K8S, Docker, TCP/IP, coroutine, DPDK, etc. .), you can add it yourself if you need it! ~