Table of contents
- Getting to know Docker
- Basic operation of Docker
- Dockerfile custom image
- Docker-Compose
- Docker image service
Initial Doctor
- What is Docker
- Difference between Docker and virtual machine
- Docker architecture
- Install Docker
Getting to know Docker-what is docker
Problems with project deployment
There are many components in large-scale projects, and the operating environment is also relatively complex. Some problems will be encountered during deployment:
- Dependencies are complex and prone to compatibility issues
- Development, testing, and production environments are different
Doc
How does Docker solve dependency compatibility issues?
- Package the application's Libs (function library), Deps (dependency), configuration and application together
- Run each application in an isolated container to avoid mutual interference
Different environments have different operating systems, how does Docker solve it? Let's first understand the operating system structure
The kernel interacts with the hardware and provides instructions to operate the hardware
The system application encapsulates kernel instructions as functions, which is convenient for programmers to call
Kernel----linux system application----eg: Ubuntu, Centos user program-eg: MySQL, node
Both Ubuntu and CentOS are based on the Linux kernel, but the system applications are different and the function libraries provided are different.
How does Docker solve the problems of different system environments?
- Docker packages the user program with the system (such as Ubuntu) function library that needs to be called
- When Docker runs to different operating systems, it is directly based on the packaged library functions and runs with the help of the Linux kernel of the operating system
How does Docker solve the compatibility problems of complex dependencies and dependencies of different components in large-scale projects?
- Docker allows applications, dependencies, function libraries , and configurations to be packaged together during development to form a portable image
- Docker applications run 3 in containers, using the sandbox mechanism to isolate each other
How does Docker solve the problem of differences in development, testing, and production environments
- The Docker image contains a complete operating environment, including system function libraries, and only depends on the Linux kernel of the system, so it can run on any Linux operating system
summary
Docker is a technology for quickly delivering applications and running applications:
1. The program, its dependencies, and the operating environment can be packaged together into a mirror image, which can be migrated to any Linux operating system
2. The sandbox mechanism is used to form an isolation container during operation, and each application does not interfere with each other
3. Both startup and removal can be completed with one line of commands, which is convenient and quick
Difference between initial docker-Docker and virtual machine
Docker and virtual machines
A virtual machine (virtual machine) simulates a hardware device in the operating system, and then runs another operating system, such as running the Ubutu system in the WIndows system, so that any Ubuntu application can be run.
| characteristic | Docker | virtual machine |
|---|---|---|
| performance | close to native | poor performance |
| hard disk usage | Usually MB | Generally GB |
| start up | second level | minute level |
summary:
Differences between Docker and virtual machines:
- docker is a system process; a virtual machine is an operating system within an operating system
- docker is small in size, fast in startup speed and good in performance; the virtual machine is large in size, slow in startup speed and average in performance
Initial Docker-Docker Architecture
Images and Containers
Image: Docker packages applications and their required dependencies, function libraries, environments, configurations, and other files together, called images.
Container: The process formed after the application in the image runs is a container, but Docker will isolate the container and make it invisible to the outside world.
Docker and DockerHub
- DockerHub: DockerHub is a hosting platform for Docker images. Such a platform is called Docker Register.
- There are also public services similar to DockerHub in China, such as NetEase Cloud Mirror Service, Alibaba Cloud Mirror Library, etc.
docker architecture
Docker is a program of CS architecture, which consists of two parts:
- Server (server): Docker daemon process, responsible for processing Docker instructions, managing images, containers, etc.
- Client (client): Send instructions to the Docker server through commands or RestAPI. Specifications can be sent locally or remotely to the server.
summary:
mirror image:
- Package the application together with its dependencies, environment, and configuration
container:
- When a mirror runs, it is considered a container, and one mirror can run multiple containers
Docker structure:
- Server: accept commands or remote requests, operate images or containers
- Client: Send commands or requests to the Docker server
DockerHub:
- A mirror hosting server, similar to the Alibaba Cloud mirror service, collectively referred to as DockerRegistry
Getting to know Docker-Docker installation
Install Docker
Enterprise deployments generally use the Linux operating system, among which the CentOS distribution accounts for the largest proportion, so Docker is installed under CentOS.
Install Docker
Docker is divided into two versions: CE and EE. CE stands for Community Edition (free of charge, with 7 support cycles), EE stands for Enterprise Edition, which emphasizes security and is paid for, with a support cycle of 24 months.
Docker CE is divided into three update channels: stable test and nightly.
There are installation guides in various environments on the official website. Here we mainly introduce the installation of Docker CE on CentOS.
Install Docker on CentOS
Docker CE supports the 64-bit version of CentOS 7, and requires a kernel version not lower than 3.10. CentOS 7 meets the minimum kernel requirements, so we install Docker on CentOS 7.
1.1 Uninstall (optional)
If you have installed an old version of Docker before, you can use the following command to uninstall it:
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engline-selinux \
docker-engine \
docker-ce \
1.2 Install docker
First you need the virtual machine Internet, install the yum tool
yum install -y yum-utils \
device-mapper-persistent-data \
lvm2 --skip-broken
Then update the local mirror source:
# 设置docker镜像源
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.reposed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
Then enter the command:
yum install -y docker-ce
docker-ce bit community free version. Wait for a while, diocker will be installed successfully.
1.3 start docker
Docker applications need to use various ports, and modify the firewall settings one by one. It is very troublesome, so it is recommended to close the firewall directly!
Before starting docker, be sure to close the firewall! !
Before starting docker, be sure to close the firewall! !
Before starting docker, be sure to close the firewall! !
# 关闭
systemctl stop filewalld
# 禁止开机启动防火墙
systemctl disable firewalld
Then enter the command to view the docker version:
docker -v
1.4 Configuring Mirroring
The network speed of docker's official mirror warehouse is poor, so we need to set up a domestic mirror:
Refer to Alibaba Cloud's mirror acceleration document:
http://cr.console.aliyun.com/cn-hangzhou/instances/mirrors
For users whose Docker client version is greater than 1.10.0, they
can use the accelerator by modifying the daemon configuration file /etc/docker/daemon.json
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registery-mirrors": ["http://n0dwemtq.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
Basic operation of Docker
- Mirror operation
- container operations
- Data volumes (container data management)
Use the docker-mirror command
Mirror related commands
- The image name generally consists of two parts: [respository]:[tag]. eg: msql:5.7
Mirror operation command
docker build 构建镜像
docker push 推送镜像到服务
Docker Register 镜像服务器
docker pull 从服务拉取镜像
docker images 查看镜像
docker rmi 删除镜像
docker pull 从服务拉取镜像
docker save 保存镜像为一个压缩包
docker load 加载压缩包为镜像
View command: docker --help
View the role of the docker images command: docker images --help
Case: Pull an nginx image from DockerHub and view it
1. First go to the mirror warehouse to search for nginx images, such as DockerHub:
2. According to the viewed image name, pull the image you need, and use the command: docker pull nginx
3. Use the command: docker images to view the pulled image
Case: Use docker save to export the nginx image to disk, and then load it back through load
Step 1: Use the docker xx --help command to view the syntax of docker save and docker load
Step 2: Create a mirror image mynginx1.0 using the docker tag
docker save -o mynginx1.0.tar nginx.latest
Step 3: Use docker save to export the image to disk
docker rmi nginx:latest
docker load -i mynginx1.0.tar
summary
What are mirroring operations?
- docker images
- docker rmi
- docker pull
- docker push
- docker save
- docker load
Practice with Docker-mirror commands
Exercise: Go to DockerHub to search and pull a Redis image
1. Go to DockerHub to search for the Redis image
2. Check the name and version of the Redis image
3. Use the docker pull command to pull the image
docker pull redis
4. Use the docker save command to package redis:latest into a redis.tar package
docker save -o redis.tar redis:latest
5. Use docker rmi to delete the local redis:latest
docker rmi redis:latest
6. Use docker load to reload the redis.tar file
docker load -i redis.jar
Introduction to using Docker-container commands
docker exec 进入容器执行命令
docker logs 查看容器运行日志
docker ps 查看所有运行的容器及状态
docker pause 暂停
docker unpause
docker start 启动
docker stop 停止
Use Docker-container command case 1
Case: Create and run an Nginx container
Step 1: Go to the docker hub to view the Nginx container running command
docker run --name containerName -p 80:80 -d nginx
Command interpretation:
- docker run: create and run a container
- –name: Give the container a name, such as mn
- -p: Map the host port to the container port, the host port on the left side of the colon, and the container port on the right
- -d: run the container in the background
- nginx: mirror name, such as nginx
For example, there is an Nginx container on the host: 192.168.150.101, port: 80, because the container is isolated and the user cannot directly access it, so you can map the port on the host, such as port 80 of the host, to port 80 of the nginx container, then the user You can reach the Nginx container when you visit http://192.168.150.101:80
Actual operation command:
docker run --name mn -p 80:80 -d nginx
docker ps
docker logs mn
Then visit the address on the browser: http://host:80
If the home page of nginx appears, it means success
#实时日志命令
docker logs -f mn
summary:
What are the common parameters of the docker run command?
- –name: specify the container name
- -p: specify port mapping
- -d: Let the container run in the background
Command to view container logs:
- docker logs
- Add the -f parameter to continuously view the log
View container status:
- docker ps
Use Docker-container command case 2
Case: Enter Nginx, modify the content of the HTML file, and add "Today is Friday!"
Step 1: Enter the container. The command to enter the nginx container we just created is:
docker exec -it mn bash
Command interpretation:
- docker exec: enter the container and execute a command
- - it: Create a standard input and output terminal for the currently entered container, allowing us to interact with the container
- mn: the name of the container to enter
- bash: the command executed after entering the container, bash is a linux terminal interactive command
Step 2: Enter the directory where the HTML of nginx is located /usr/share/nginx/html
cd /usr/share/nginx/html
Step 3: Modify the content of index.html
sed is to replace the command with Today is Friday! Replace Welcome to nginx
sed -i 's#Welcome to nginx#今天是周五!#g' index.html
sed -i 's#<head>#<head><meta charset="utf-8">#g' index.html
Actual operation command:
docker exec -it mn bash
cd /usr/share/nginx/html
# vi index.html 会出错,docker没有这个命令
sed -i 's#Welcome to nginx#今天是周五!#g' index.html
sed -i 's#<head>#<head><meta charset="utf-8">#g' index.html
exit
docker ps
docker stop mn
docter ps # 此时看不到mn 因为docker ps默认是所有运行的容器
docter ps -a # 此时能看到mn是挂的状态 因为docker ps -a能看到所有容器
docker start mn
docker rm mn # 会失败 不能删运行中的容器
docker rm -f mn # 强制删除,命令能执行成功
docter ps -a # 此时看不到mn了 因为真的被删除了
summary:
View container status:
- docker ps
- Add the -a parameter to view all status containers
Delete container:
- docker rm
- A running container cannot be deleted unless the -f parameter is added
into the container:
- The command is docker exec -it [container name] [command to execute]
- The exec command can enter the container to modify the file, but it is not recommended to modify the file in the container
Practice with Docker-container commands
Exercise: create and run a redis container, and support data persistence
Step 1: Go to DockerHub to search for the Redis image
Step 2: View the help information in the Redis mirror document
Step 3: Use the docker run command to run a Redis container
Actual operation command:
# 创建并运行myredis容器
docker run --name myredis -p 6379:6379 -d redis redis-server --appendonly yes
Exercise: Enter the redis container, and execute the redis-cli client command, save num=666
#进入容器
docker exec -it myredis bash
redis-cli
keys *
set num 666
get num
# 退出redis客户端
exit
#退出myredis容器
exit
Use the docker-data-volume command
data volume
The problem of container and data coupling
Not easy to modify
- When we want to modify the html content of Nginx, we need to enter the content to modify it, which is very inconvenient.
Data cannot be reused
- Modifications inside the container are not visible to the outside world. All modifications are not reusable for newly created containers.
Difficult to upgrade and maintain
- The data is in the container. If the container is upgraded, the old container must be deleted, and all data will be deleted.
The data volume is a virtual directory pointing to a directory in the host file system
Operation data volume
The basic syntax for data source operations is as follows:
docker volume[COMMAND]
The docker volume command is a data volume operation, and the next step is determined according to the command following the command:
- create create a volume
- inspect displays information about one or more volumes
- ls lists all volumes
- prune removes unused volumes
- rm deletes one or more specified volumes
Case: Create a data volume and view the directory location of the data volume on the host
1. Create a data volume
docker volume create html
2. View all data
docker volume ls
3. View the detailed information volume of the data volume
docker volume inspect html
Actual operation command:
docker volume create html
docker volume ls
docker volume inspect html
docker volumn prune
docker volume ls
docker volume create html
docker volumn rm html
summary:
The role of the data volume:
- Separate and decouple the container from the data, facilitate the operation of the data in the container, and ensure data security
Data volume operations:
- docker volume create
- docker volume ls
- dcoker volume inspect
- docker volume rm
- docker volume prune
Use Docker-data volume mount case 1
mount data volume
When we create a container, we can use the -v parameter to mount a data volume to a container directory
for example:
docker run --name mn -v html:/root/html -p 8080:80 nginx
docker run:就是创建并与运行容器
--name mn:给容器起个名字叫mn
-v html:/root/html:把html数据卷挂载到容器内的/root/html则会目录中
-p 8080:80:把宿主机的8080端口映射到容器内的80端口
nginx:镜像名称
Case: Create an nginx container and modify the index.html content in the html directory in the container
Requirement description: In the previous case, we entered the nginx container and already knew the location of the nginx html directory /usr/share/nginx/html, we need to mount this directory to the html data volume to facilitate the operation of its contents .
Tip: Use the -v parameter to mount the data volume when running the container
Steps:
1. Create a container and mount the data volume to the HTML directory in the container
docker run --name mn -p 80:80 -v html:/usr/share/nginx/html -d
2. Enter the location of the html data volume and modify the HTML content
# 查看html数据卷的位置
docker volume inspect html
# 进入该目录
cd /var/lib/docker/volumes/html/_data
# 修改文件
vi index.html
Actual operation command:
docker run --name mn -p 80:80 -v html:/usr/share/nginx/html -d nginx
docker inspect html命令的结果:
{
”CreatAt:“:".....",
"Driver:":"......"
"Mountpoint":"/var/lib/docker/volumes/html/_data",
......
}
cd /var/lib/docker/volumes/html/_data
ll的命令结果:
index.html
然后就可以修改index.html中的内容了
summary:
Data volume mount method:
- -v volumeName:/targetContainerPath
- If the volume does not exist when the container is running, it will be created automatically
Case: Create and run a MySQL container, mount the host directory directly to the container
Tip: The syntax of directory mount and data volume mount is similar
- -v [ host directory ]: [ container directory ]
- -v [ host file ]: [ container file ]
The implementation idea is as follows:
1. Upload the mysql.tar file to the virtual machine and load it as an image through the load command
2. Create the directory /temp/mysql/data
3. Create the directory /temp/mysql/conf and upload the hmy.cnf file to /tmp/mysql /conf
4. Go to DockerHub to check the information, create and run the MySQL container, requirements:
- Mount /tmp/mysql/data to the data storage directory in the mysql container
- Mount /tmp/mysq/conf/hmy.cnf to the configuration file of the mysql container
- Set MySQL password
Actual operation command:
cd /temp/
然后把mysql.tar拖到/temp/目录吓
#导入
docker load -i mysql.tar
#查看镜像名称
docker images
#创建目录 -p表示多级创建
mkdir -p mysql/data
mkdir -p mysql/conf
docker run --name mysql -e MYSQL_ROOT_PASSWOED=123 -p 3306:3306 -v /tmp/mysql/conf/hmy.cnf:/etc/mysql/conf.d/hmy.cnf -d mysql:5.7.25
docker ps
summary:
1. In the docker run command, mount the file or directory into the container through the -v parameter:
- -v volume name: directory inside the container
- -v host file: file in the container
- -v quality and directory: directory in the container
2. The data volume is changed to be directly mounted with the directory
- The coupling degree of data volume mounting is low, and the directory is managed by docker, but the directory is deep and hard to find
- The coupling degree of directory mounting is high, we need to manage the directory ourselves, but the directory container is searched and viewed
Custom Mirror - Mirror Structure
mirror structure
Mirroring is a package of applications and their required system function libraries, environments, configurations, and dependencies.
Entry (Entrypoint): The entry point for mirroring, usually the script and parameters of the program startup
Layer: Add installation packages, dependencies, configurations, etc. on the basis of BaseImage, and each operation forms a new layer
Base image (BaseImage): application-dependent system function library, environment, configuration, files, etc.
summary
Mirroring is a layered structure, each layer is called a Layer
- BaseImage layer: contains the basic system function library, environment variables, file system
- Entrypoint: entry, which is the command to start the application in the image
- Others: Add dependencies, install programs, and complete the installation and configuration of the entire application on the basis of BaseImage
Custom image-dockerfile
What is a Dockerfile
Dockerfile is a text file, which contains instructions (Instructions) one by one, using instructions to explain what operations to perform to build the image. Each command forms a Layer.
| instruction | illustrate | example |
|---|---|---|
| FROM | Specify the base image | FROM centos:6 |
| ENV | Set environment variables, which can be used in subsequent instructions | ENV key value |
| COPY | Copy the local file to the specified directory of the mirror | COPY ./mysql-5.7.rpm/tmp |
| RUN | Execute the Linux shell command, generally the command of the installation process | RUN yum instal gcc |
| EXPOSE | Specify the port that the container listens to when running, which is for the image user to see | EXPOSE 8080 |
| ENTRYPOINT | The startup command applied in the image, called when the container is running | ENTRYPOINT java -jar xx.jar |
Case: Build a new image based on the Ubuntu image and run a java project
Step 1: Create an empty folder docker-demo
Step 2: Copy dicker-demo.jar in the data to the docker-demo directory
Step 3: Copy jdk8.tar in the data to the dicker-demo directory
Step 4: Copy the dicker-demo.jar in the data Dockerfile to dicker-demo directory
Step 5: Enter docker-demo
Step 6: Run the command:
docker build -t javaweb:1.0 .
Contents in Dockerfile:
# 指定基础镜像
FROM ubuntu:16.04
# 配置环境变量,JDK的安装目录
ENV JAVA_DIR=/usr/local
# 拷贝jdk和java项目的包
COPY ./jdk8.tar.gz $JAVA_DIR/
COPY ./docker-demo.jar /tmp/app.jar
# 安装JDK
RUN cd $JAVA_DIR/
&& tar -xf ./jdk8.tar.gz \
&& mv ./jdk1.8.0_144 ./java8
#配置环境变量
ENV JAVA_HOME=$JAVA_DIR/java8
ENV PATH=$PATH:$JAVA_HOME/bin
#暴露端口
EXPOSE 8090
# 入口,java项目的启动命令
ENTRYPOINT java -jar /tmp/app.jar
Actual operation command:
ll命令的结果:
docker-demo.jar
Dockerfile
jdk8.tar.gz
#这个. 代表当前目录 我们当前就在Dcokerfile所在目录
docker build -t javaweb:1.0 .
docker images的结果:
REPOSITORY TAG ......
javaweb 1.0
docker run --name web -p 8090:8090 -d javaweb:1.0
docker ps的结果能看到web已经成功启动
Case: Build a Java project as a mirror based on the java:8-alpine mirror
The implementation idea is as follows:
1. Create an empty directory, and then create a new file in the directory, named Dockerfile
2. Copy the data provided is docker.demo.jar to this directory
3. Write the Dockerfile file:
- Based on java:8-alpine as the base image
- Copy app.jar into the image
- exposed port
- Write entry ENTRYOINT
4. Use the docker build command to build an image
5. Use docker run to create a container and run it
Contents in Dockerfile:
# 指定基础镜像
FROM java:8-alpine
# 拷贝java项目的包
COPY ./docker-demo.jar /tmp/app.jar
#暴露端口
EXPOSE 8090
# 入口,java项目的启动命令
ENTRYPOINT java -jar /tmp/app.jar
Actual operation command:
docker build -t javaweb:2.0 .
summary
1. The essence of Dockerfile is a file, which describes the construction process of the image through instructions.
2. The first line of Dockerfile must be FROM, which is built from a base image.
3. The base image can be a basic operating system, such as Ubuntu. It can also be an image made by others, for example: java:8-alpine
DockerCompose - Initial Compose
What is Docker Compose
Docker Compose can help us quickly deploy distributed applications based on Conpose files without manually creating and running containers one by one!
A Compose file is a text file that defines how each container in the cluster runs through instructions.
version: "3.8"
services:
mysql:
image: mysql:5.7.25
enviroment:
MYSQL_ROOT_PASSWOED: 123
volumes:
- /tmp/mysql/data:/var/lib/mysql
- /tmp/mysql/conf/hmy.cnf:/etc/mysql/conf.d/hmy.cnf
web:
build: .
ports:
- 8090: 8090
Installation of DockerCompose (step omitted...)
summary
What does DockeCompose do?
- Help us quickly deploy distributed applications, without the need to build images and deploy microservices one by one
Docker mirror warehouse
Common mirror warehouse services
There are two forms of mirror warehouses: public and private:
- Public warehouses: For example, Docker’s official Docker Hub, and some domestic cloud service providers provide public services similar to Docker Hub, such as Netease Cloud Mirroring Service, DaoCloud Mirroring Service, Alibaba Cloud Mirroring Service, etc.
- In addition to using public warehouses, users can also build private Docker Registries locally. The enterprise's own image is best implemented with a private Docker Registry.
Docker mirror warehouse
Building a mirror warehouse can be realized based on the Docker Registry officially provided by Docker
Official website address: https://hub.docker.com//registry
Simplified version of mirror warehouse
Docker's official Docker Registry is a basic version of the Docker image warehouse, which has complete functions of warehouse management, but has no graphical interface.
The construction method is relatively simple, the command is as follows:
docker run -d \
--restart=always \
--name registry \
-p 5000:5000 \
-v registry-data:/var/lib/registry \
registry
The command mounts a data volume registry-data to the /var/lib/registry directory in the container, which is the directory where the private mirror library stores data.
Visit http://YourIp:5000/v2/ vatalog to view the images contained in the current private image service
version with GUI
Use DcokerCompose to deploy DockerRegistry with a graphical interface, the command is as follows:
version: '3.0'
services:
registry:
images: registry
volumes:
- ./registry-data:/var/lib/registry
ui:
image: joxit/docker-registry-ui:static
ports:
- 8080:80
enviroment:
- REGISTRY_TITLE=路西法98的私有仓库
- REGISTRY_URL=http://registry:5000
depends_on:
- registry
Configure Docker trust address
Our private server uses the http protocol, which is not trusted by Dcoker by default, so we need to make a configuration:
# 打开要修改的文件
vi /etc/docker/daemon.json
# 添加内容:
"insecure-registries":["http://192.168.150.101:8080"]
# 重加载
systemctl daemon-reload
Push or pull images from a private mirror repository
To push an image to a private image service, you must first tag it. The steps are as follows:
1. Re-tag the local mirror, the name prefix is the address of the private warehouse, 192.168.150.101:8080/
docker tag nginx:latest 192.168.150.101:8080/nginx:1.0
2. Push image
docker push 192.168.150.101:8080/nginx:1.0
3. Pull the image
docker pull 192.168.150.101:8080/nginx:1.0
summary
1. Before pushing the local image to the warehouse, you must rename (docker tag) the image, prefixed with the mirror warehouse address
2. Before the mirror warehouse is pushed, the warehouse address needs to be configured in the daemon.json file of the docker service, which is trusted by docker
3. Push using the docker.push command
4. Pull using the docker pull command