PS: Welcome everyone to pay attention to my public account: aCloudDeveloper, focus on technology sharing, and strive to build a dry goods sharing platform. The QR code can be scanned at the end of the article. Thank you.
Speaking of ecology, I can't help but think of Jia Yueting's LeTV. I think I was shocked by its ecological layout many times. I once believed that it would surpass Baidu and sit on the throne of the three major Internet countries. The news brought it to the forefront, and it is embarrassing to think about it now, but in any case, I wish it well, after all, this spirit of daring to think and do is still worthy of admiration.
Going back to the field of technology, I have to say that the speed of technology update and iteration is too fast. As far as the field of container technology is concerned, in the short 2-3 years since the launch of Docker, a variety of related technology framework, thus forming a small ecosystem.
When it comes to containers, everyone thinks of Docker, and this article mainly talks about the container ecosystem from the perspective of Docker.
Container Basic Technology
The essence of Docker is to use the namespace and cgroups mechanism of the Linux kernel to build an isolated process (container process). Therefore, the basic technology of containers mainly involves the namespace and cgroups technology of the Linux kernel.
Container core technology
The container core technology ensures that the container can run on the host, including container specification, container runtime, container management tool, container definition tool, registry and container OS.
The container specification aims to integrate a variety of containers (such as OpenVZ, rkt, Docker, etc.) to solve various compatibility problems. For this purpose, an organization called OCI (Open Container Initiative) has been established to formulate relevant container specifications. .
The container runtime is where the container actually runs. It generally depends on the kernel, and it also runs on a specially formulated container OS. The container OS will be introduced below. lxc, runc and rkt are the three mainstream runtimes.
lxc is an old container runtime on Linux. Docker also initially used lxc as the runtime. runc is a container runtime developed by Docker itself, which conforms to the oci specification and is the default runtime of Docker now. rkt is a container runtime developed by CoreOS and conforms to the oci specification, so it can run Docker containers.
The container management tool is a CLI interface provided to users externally, which is convenient for users to manage containers and interact with runtime internally. Corresponding to different runtimes, there are three different management tools: lxd, docker engine and rkt cli.
The container definition tool allows users to define the content and properties of the container, such as what image the container needs, what application to load, etc. There are three commonly used tools: docker image, Dockerfile and ACL (App Container Image).
The docker image is a container image, and the runtime creates the container based on the docker image. A dockerfile is a text file containing several commands that can be used to create a docker image. ACI is similar to docker image, except that it is the image format of the rkt container developed by CoreOS.
Registry is a repository for storing container images, including Docker Registry, Docker Hub and Quay.io, as well as domestic DaoCloud.io. Enterprises can build private registries with Docker Registry.
Different from runtime, container OS is an operating system specially designed to run containers. Compared with conventional OS, container OS is usually smaller and starts faster. Because they are custom OSes for containers, they are usually more efficient at running containers. There are already many container OSs, CoreOS, atomic and ubuntu core are outstanding representatives.
Container Platform Technology
With the increase in container deployment, containers are gradually transitioning to container cloud. The container platform technology is to allow containers to run as clusters in a distributed environment, including container orchestration engines, container management platforms, and container-based PaaS.
The container orchestration engine manages and schedules containers to run in the cluster to ensure the rational use of resources. The three famous orchestration engines are docker swarm, kubernetes and mesos. Among them, kubernetes has stood out in the past two years and become the leader among them.
The container management platform is a more general platform on top of the orchestration engine. It abstracts the underlying implementation details of the orchestration engine, supports multiple orchestration engines, and provides users with friendly interfaces, which greatly facilitates management. Rancher and ContainerShip are typical representatives of container management platforms.
Container-based PaaS Container-based PaaS provides microservice application developers and companies with a platform to develop, deploy, and manage applications, allowing users to focus on application development without having to care about the underlying infrastructure. Deis, Flynn, and Dokku are all examples of open source container PaaS.
Container Support Technology
The emergence of containers has revived some ancient technologies, such as monitoring, network, data management, logging and other technologies. Due to the differences in container technologies, it is necessary to formulate corresponding technical frameworks that comply with container specifications, and thus have container support. Technology to support the infrastructure that containers provide richer capabilities.
These include container networking, service discovery, monitoring, data management, log management, and security.
The container network is mainly used to solve the connectivity and isolation between containers and other entities. Including Docker's native network solution docker network, as well as third-party network solutions such as flannel, weave and calico.
Service discovery ensures the awareness of dynamic resource changes during container use. For example, when the load increases, the cluster will automatically create new containers; when the load decreases, redundant containers will be destroyed. The container will also be migrated between different hosts according to the resource usage of the host, and the IP and port of the container will also change accordingly. In such a dynamic environment, there needs to be a mechanism to sense this change, and service discovery does just that. etcd, consul and zookeeper are typical solutions for service discovery.
The monitoring room ensures the healthy operation of containers and allows users to know the application running status in real time. In addition to Docker's native monitoring tool docker ps/top/stats, there are also third-party monitoring solutions, such as sysdig, cAdvisor/Heapster and Weave Scope.
Data management ensures dynamic migration of data when containers are migrated between different hosts. A well-known solution is Flocker.
Log management provides an important basis for troubleshooting and incident management. docker logs is Docker's native logging tool. And logspout provides a routing function for logs, which can collect logs from different containers and forward them to other tools for post-processing.
Container security ensures the security of containers from being attacked. OpenSCAP can scan container images to find potential vulnerabilities.
PS: This article draws on the blog post of well-known cloud computing blogger CloudMan :
http://www.cnblogs.com/CloudMan6/p/6706546.html, thanks CloudMan for presenting such good content.
PS: Friends who are interested in cloud computing can follow my WeChat public account: aCloudDeveloper, focus on the field of cloud computing, and insist on sharing dry goods.
