Subscribe to "Cloud Native Core Technology" column
〖Docker Guide・Ⓓ¹・Quick Start〗
1. Docker talk
Docker是一个解决了运行环境和配置问题,并且方便做持续集成以及有助于整体发布的容器虚拟化技术。
Here is a cute little picture for everyone to enjoy.
1.1 What is docker?
Docker was born in early 2013 and is an open source cloud project based on the Go language. Produced by dotCloud (later renamed Docker Inc).
Docker is an open source application container engine that allows developers to package their applications and dependencies into a portable image, which can then be distributed to any popular Linux or Windows operating system machine, and can also be virtualized.
Containers are completely sandboxed and do not have any interface with each other.
1.2 Why does it appear?
A product goes from development to launch, from operating system, to operating environment, to application configuration. As a collaboration between development + operation and maintenance, we need to care about a lot of things. This is also a problem that many Internet companies have to face, especially after the iteration of various versions, the compatibility of different version environments is a test for operation and maintenance personnel. .
The reason Docker has grown so fast is also because it has a standardized solution for it.
The environment configuration is so troublesome, and it is time-consuming and laborious to change a machine. Many people think, can the problem be solved fundamentally, the software can be installed with the environment? That is to say, when installing, copy the original environment exactly the same. Developers can take advantage of Docker to eliminate the "just works on my machine" problem of collaborative coding.
It is traditionally believed that after the software coding development/testing is completed, the output is a program or binary bytecode that can be compiled and executed (java is an example). In order for these programs to be executed smoothly, the development team must also prepare complete deployment files so that the operation and maintenance team can deploy the application. The development needs to clearly tell the operation and maintenance deployment team, all configuration files + all software environments to be used. However, even so, deployment failures often occur.
The design of Docker images allows Docker to break the concept of "programs as applications" in the past. Through the image (images), the core of the operating system is excluded, and the system environment required to run the application is packaged from the bottom to the top to achieve the seamless operation of the application across platforms.
1.3 docker concept
The main goal of Docker is "Build, Ship and Run Any App, Anywhere", that is, through the management of the life cycle of application components such as packaging, distribution, deployment, and operation, the user's APP (which can be a WEB application or a database application) etc.) and its runtime environment can do "build once, run anywhere".
The emergence of Linux container technology solves such a problem, and Docker is developed on the basis of it. Run the application on the Docker container, and the Docker container is consistent on any operating system, which realizes cross-platform and cross-server. You only need to configure the environment once, and switch to another machine to deploy with one click, which greatly simplifies the operation.
1.4 Virtual Machine Technology
It can run one operating system inside another operating system, such as running a Linux system inside a Windows system. The application has no awareness of this, because the virtual machine looks exactly the same as the real system, and to the underlying system, the virtual machine is a normal file, which can be deleted when it is not needed, and has no effect on other parts. This kind of virtual machine runs another system perfectly, which can keep the logic between the application, the operating system and the hardware unchanged.
Disadvantages of virtual machines:
- Too many resources
- Many redundant steps
- slow start
1.5 Container Virtualization Technology
Due to these shortcomings of the previous virtual machines, Linux has developed another virtualization technology: Linux Containers (Linux Containers, abbreviated as LXC).
Linux 容器不是模拟一个完整的操作系统
, but isolates the process. With containers, all the resources needed for software to run can be packaged into an isolated container. Unlike virtual machines, containers do not need to be bundled with a complete operating system 只需要软件工作所需的库资源和设置
. The system thus becomes efficient and lightweight and guarantees that software deployed in any environment will run consistently.
Docker has changed the way of virtualization, allowing developers to put their work directly into Docker for management. Convenience is already the biggest advantage of Docker. In the past, tasks that took days or even weeks can be completed in seconds under the processing of Docker containers.
With the advent of the cloud computing era, developers do not have to configure expensive hardware in pursuit of results, and Docker has changed the mindset that high performance must be expensive. The combination of Docker and the cloud makes the cloud space more fully utilized. It not only solves the problem of hardware management, but also changes the way of virtualization.
1.6 docker and vm
Each container is isolated from each other, and each container has its own file system. Processes between containers will not affect each other and can distinguish computing resources.
-
启动速度快
Starting a virtual machine requires starting the operating system of the virtual machine first, and then starting the application, which is a very slow process;
starting Docker is equivalent to starting a process on the host operating system. -
占用资源(占用磁盘空间)少
A virtual machine is a complete operating system that takes up a lot of disk, memory, and CPU resources. A machine can only open dozens of virtual machines. Docker is just a process, it only needs to package the application and related components, and it takes up very few resources at runtime. One machine can open thousands of Dockers. -
更容易迁移
Provide a consistent operating environment. Packaged applications can be migrated on different machines without worrying about the environment changing and causing them to fail. -
更容易维护
Using layering techniques and mirroring makes it easier for applications to reuse repetitive parts. The higher the degree of reuse, the easier the maintenance work. -
更容易扩展
The base image can be further extended to get new images, and the official and open source communities have provided a large number of images. By extending these images, it is very easy to get the images we want.
1.7 The meaning of docker
一次构建、到处运行
-
Faster application delivery and deployment
After the traditional application development is completed, a bunch of installation programs and configuration documentation need to be provided. After Dockerization, only a small number of container image files need to be delivered, and the image can be loaded and run in the official production environment. The application installation configuration is already built in the image, which greatly saves deployment configuration and testing and verification time. -
More convenient upgrade and expansion
With the development of microservice architecture and Docker, a large number of applications will be structured through microservices, and application development and construction will become like Lego blocks, and each Docker container will become a "building block" ”, the application upgrade will become very easy. When the existing container is not enough to support business processing, you can run a new container through the image for rapid expansion, so that the expansion of the application system can be changed from the original day level to the minute level or even the second level. -
Simpler system operation and maintenance
After the application is containerized, the application running in the production environment can be highly consistent with the application in the development and test environments. The container will completely encapsulate the application-related environment and state, and will not be affected by the underlying infrastructure and operations. The inconsistency of the system affects the application and generates new bugs. When a program exception occurs, it can also be quickly located and repaired through the same container of the test environment. -
More efficient use of computing resources
Docker is a kernel-level virtualization, which does not require additional hypervisor support like traditional virtualization technologies, so many container instances can run on one physical machine, which can greatly improve the CPU and memory of the physical server. utilization rate.
2. Docker installation
2.1 Installation Instructions
Currently, CentOS only supports Docker in the kernel in the release version.
Docker runs on CentOS 7 and requires a 64-bit system and a system kernel version of 3.10 or above.
Docker runs on CentOS-6.5 or higher, and requires a 64-bit system and a system kernel version of 2.6.32-431 or higher.
Check out your own kernel:uname -r
2.2 The basic composition of Docker
镜像(image)
A Docker image is a read-only template. Images can be used to create Docker containers, and one image can create many containers.容器(container)
Docker uses a container (Container) to run an application or a group of applications independently. A container is a running instance created from an image. It can be started, started, stopped, deleted. Each container is an isolated, secure platform. You can think of a container as a simple Linux environment (including root user privileges, process space, user space, and network space, etc.) and the applications running in it. The definition of a container is almost the same as that of an image, and it is also a unified perspective of a stack of layers. The only difference is that the top layer of the container is readable and writable.仓库(repository)
Repository is a place where image files are stored centrally.
There is a difference between a repository (Repository) and a repository registry server (Registry). There are often multiple warehouses stored on the warehouse registration server, and each warehouse contains multiple mirrors, and each mirror has a different tag. Repositories are divided into two forms: public repositories (Public) and private repositories (Private). The largest public repository is Docker Hub (https://hub.docker.com/), which stores a large number of images for users to download. Domestic public warehouses include Alibaba Cloud, NetEase Cloud, etc.
Docker itself is a container running vehicle or management engine.
We package the application and configuration dependencies to form a deliverable runtime environment. This packaged runtime environment is like an image image file. Only through this image file can a Docker container be generated.
The image file can be regarded as the template of the container. Docker generates an instance of the container according to the image file. The same image file can generate multiple container instances running at the same time.
- The container instance generated by the image file is itself a file, called an image file.
- A container runs a service. When we need it, we can create a corresponding running instance through the docker client, which is our container.
- As for the warehouse, it is a place where a bunch of mirrors are placed. We can publish the mirrors to the warehouse and pull them from the warehouse when needed.
2.3 Docker Architecture Diagram
2.4 Installation steps
我这里用的linux系统为centos7
Official website installation entrance
-
Determine if it is centos7 and above:
cat /etc/redhat-release
-
yum install gcc related
yum -y install gcc
yum -y install gcc-c++
-
uninstall old version
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
-
Install the required packages
yum install -y yum-utils
-
Set up stable mirror repository
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
-
Update yum package index
yum makecache fast
-
Install DOCKER CE
yum install docker-ce docker-ce-cli containerd.io
-
start docker
systemctl start docker
-
Version
docker version
-
test
docker run hello-world
-
stop docker
systemctl stop docker
-
uninstall
yum remove docker-ce docker-ce-cli containerd.io
rm -rf /var/lib/docker
rm -rf /var/lib/containerd
3. Alibaba Cloud Image Acceleration
- Log in to Alibaba Cloud—> Console—> Elastic Computing—> Container Service—> Container Image Service
- Do the following to get the accelerator address
- The accelerator can be configured according to the following instructions (must be done step by step)
4. hello-world
⚠️ 注意
:这里可能会涉及到一些其他命令,笔者会在后面的章节对docker命令进行更加详细的讲解,大家只需要按部就班的做就可以,体验一下docker带来的便捷。
4.1 Start docker
4.2 Search for the hello-world image
4.3 Pull the image
4.4 View local mirror
4.5 Running a local image
5. What did run do?
Six, docker working mechanism
Docker is a system with Client-Server structure. The Docker daemon runs on the host, and then accesses from the client through Socket. The DockerServer (daemon) receives the command from the DockerClient (client) and executes the command.
The daemon manages the containers running on the host.
A container is a runtime environment, which is the container we mentioned earlier.
Seven, why docker is faster than VM
-
docker有着比虚拟机更少的抽象层
. Since docker does not require a hypervisor to virtualize hardware resources, the programs running on the docker container directly use the hardware resources of the actual physical machine. Therefore, docker will have obvious advantages in efficiency in terms of CPU and memory utilization. -
docker利用的是宿主机的内核,而不需要Guest OS
. Therefore, when a new container is created, Docker does not need to reload an operating system kernel like a virtual machine. However, to avoid the process of searching and loading the operating system kernel, which is a time-consuming and resource-intensive process, when creating a virtual machine, the virtual machine software needs to load the Guest OS, and the new process is minute-level. Since docker directly utilizes the operating system of the host machine, this process is omitted, so it only takes a few seconds to create a docker container.
The bottom layer of Docker shares the actual resources of the physical machine, and the virtual machine needs to simulate the operating system resources of the physical machine, so Docker loads faster, while the virtual machine is slower.