Docker (1) Install Docker and basic image container operations

1. Introduction to Docker

Docker is an open source application container engine , developed based on the go language and open sourced in accordance with the apache2.0 protocol

is an open source tool for running applications in Linux containers

is a lightweight "virtual machine"

Docker's container technology makes it easy to create a lightweight, portable, self-sufficient container for any application on a single host.

Second, the difference between Docker and a virtual machine

characteristic	Docker	virtual machine
startup speed	seconds	minute level
Loss of computing power	almost five	Loss about 50%
performance	close to native	weaker than
system support	thousands	tens of
isolation	Resource isolation/limitation	completely isolated

Three, container core technology

Docker is essentially a process of the host. Docker implements resource isolation through namespace (namespace), resource limitation through cgroup, and efficient file operations (similar to virtual machine) through copy-on-write technology. For example, allocating 500g of disk does not actually occupy 500g of physical disk).

Fourth, the core concept of Docker

●Mirroring
Docker's image is the basis for creating a container, similar to a snapshot of a virtual machine, and can be understood as a read-only template for the Docker container engine.
Starting a container with an image, an image is an executable package that includes everything needed to run the application including code, runtime, libraries, environment variables, and configuration files.
A Docker image is also a compressed package, but this compressed package is not only an executable file, an environment deployment script, but also a complete operating system. Because most images are built based on a certain operating system, it is easy to build the same environment as local and remote, which is the essence of Docker images.

● Containers
Docker containers are running instances created from an image, which can be started, stopped, and deleted. Each container created is isolated and invisible from each other to ensure the security of the platform.
A container can be regarded as a simple Linux environment (including root user rights, image space, user space and network space, etc.) and the applications running in it.

●Warehouse
The Docker warehouse is a place to centrally save images. After creating your own image, you can use the push command to upload it to a public repository (Public) or a private repository (Private). The next time you want to use this image on another machine, just get it from the repository.
Docker's images, containers, logs, etc. are all stored in /var/lib/docker by default

---

Five, install Docker

1. Turn off the firewall and file protection

[root@zqh ~]# systemctl stop firewalld
[root@zqh ~]# setenforce 0

2. Install dependency packages

[root@zqh ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

yum-utils:提供了yum-config-manager 工具。device mapper:
是Linux内核中支持逻辑卷管理的通用设备映射机制，它为实现用于存储资源管理的块设备驱动提供了一个高度模块化的内核架构。device mapper存储驱动程序需要 device-mapper-persistent-data和 lvm2。

Set Alibaba Cloud Mirror Source

[root@zqh ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

Install Docker-CE and set it to start automatically on boot

[root@zqh ~]# yum install -y docker-ce docker-ce docker-ce-cli containerd.io
[root@zqh ~]# systemctl start docker.service
[root@zqh ~]# systemctl enable docker.service

####
安装好的Docker系统有两个程序，Docker服务端和ocker客户端。其中Docker服务端是一个服务进程，负责管理所有容器。
Docker客户端则扮演着Docker服务端的远程控制器，可以用来控制Docker的服务端进程。大部分情况下Docker服务端和客户端运行在一台机器上。

View docker information

View docker status, quantity information, container information, image information

Six, Docker image operation

1. Search for mirrors

Format:

docker search 关键字

2. Get a mirror

Format:

docker pull 仓库名称[:标签]

##如果下载镜像时不指定标签，则默认会下载仓库中最新版本的镜像，即选择标签为latest标签

3. View the mirror

docker imager

View mirror details

docker inspect 镜像id或名称

4. Mirror acceleration

Log in to Alibaba Cloud website

5. View image information

6. Modify the image name and label

Format:

docker tag 旧名:旧标签 新名:新标签

7. Delete the mirror

the first method:

docker rmi 库名:标签

The second method is to force delete by id number

docker rmi 镜像id号 -f

##注意，如果这个镜像在被容器使用，那么用-f就会把容器也会删掉

8. Mirror export and import to local

(1) Export the image first

docker save -o 自定义文件名.tar 库名:标签

[root@zqh ~]# docker save -o nginx-1.14.tar nginx:1.14

(2) Import the image again

9. Export the image to the official website's own library

First log in to the official website to register an account

return to server

[root@zqh ~]# docker login

[root@zqh ~]# docker tag nginx:1.14 zqhh/nginx:1.14  
##将发布的镜像改到自己账户名下

[root@zqh ~]# docker push zqhh/nginx:1.14 

Switch to the web interface to view

---

Seven, Docker container operation

1. Container creation

The newly created container is in the stopped state by default and does not run any programs. It is necessary to initiate a process in it to start the container.

Format:

docker create [选项] 镜像

常用选项：
-i:让容器开启标准输入
-t:让Docker分配一个伪终端tty
-it:合起来实现和容器交互的作用，运行一个交互式会话shell

[root@zqh ~]# docker create -it nginx:latest /bin/bash

2. View all containers and their status

docker ps -a

3. Start the container

docker start 容器id

4. Stop the container

docker stop 容器id

或

docker kill 容器id

两者区别是  docker stop 想当于给程序发送一个指令，等程序处理完进程后 关闭程序
而 docker kill 是不管三七二十一，直接强制删除

5. Create and start the container

You can directly execute the docker run command, which is equivalent to executing the docker create command first and then the docker start command.
Note: A
container is a terminal that coexists with the shell commands running in it, the command runs the container runs, and the command ends the container exits.
By default, the docker container will use the first process in the container, that is, the program with pid=1 as the basis for whether the docker container is running. If the process with pid=1 in the docker container hangs, the docker container will exit directly, that is It is said that there must be a foreground process in the Docker container, otherwise the container is considered to have died.

When using docker run to create a container, the standard running process of Docker in the background is:

(1）检查本地是否存在指定的镜像。当镜像不存在时，会从公有仓库下载;

(2)利用镜像创建并启动一个容器;

(3）分配一个文件系统给容器，在只读的镜像层外面挂载一层可读写层;

(4）从宿主主机配置的网桥接口中桥接一个虚拟机接口到容器中;

(5)分配一个地址池中的IP地址给容器;

(6）执行用户指定的应用程序，执行完毕后容器被终止运行。

(1) Continuously run the container created by docker run in the background

[root@zqh ~]# docker run -d centos:7 /bin/bash -c "while true; do echo helloworld; done"

6. Modify the container name

(1) Stop a container first

[root@zqh ~]# docker stop 4c9f41540e7f 

(2) Modify the container name

[root@zqh ~]# docker run -itd --name zqh1 centos:7 /bin/bash

7. Enter the container

[root@zqh ~]# docker exec -it zqh1 bash

(1) How to create a container and directly enter the container (one command to get it)

[root@zqh ~]# docker run -it centos:7 bash

8. Implement file transfer before container and host

宿主机导入文件到容器

docker cp 文件 容器id号:/容器目录/

容器导出文件到宿主机并改名

docker cp 容器id号:/容器目录/文件   宿主机目录/新文件名

9. Export and import of containers

node1：192.168.100.142

node2：192.168.100.140

Users can migrate any Docker container from one machine to another. During the migration process, you can use the docker export
command to export the created container as a file, regardless of whether the container is running or stopped. Export files can be transferred to other machines, and containers can be migrated through corresponding import commands.

export format

docker export 容器id/名称 > 文件名

import format

cat 文件名 | docker import - 镜像名称:标签
##导入后会生成镜像，但不会创建容器

Requirement: Now you need to migrate the zqhh1 container in node1 to the node2 host

The operation is as follows:

Operation on node1

[root@zqh ~]# docker export c4b00385104e > zqh.tar
[root@zqh ~]# scp zqh.tar 192.168.100.140:/opt

Operation on node2

[root@bogon opt]# cat zqh.tar | docker import - zqh:aa
[root@bogon opt]# docker run -itd zqh:aa bash
[root@bogon opt]# docker exec -it 8e5d07246112  bash
[root@8e5d07246112 /]# cd /opt/
[root@8e5d07246112 opt]# ls
aa.txt  passwd.txt

10. Delete the container

docker rm 容器id

删除正在运行的容器，需要先停止容器 或者加-f 强制删除

How to delete all containers at once

[root@zqh ~]# docker ps -a | awk 'NR>=2 {print $1}' | xargs docker rm -f