Microservice Learning - Docker

Getting to know Docker

Problems with project deployment

There are many large-scale project components, and the operating environment is also relatively complex. Some problems will be encountered during deployment:

• Dependencies are complex and prone to compatibility issues
• Development, testing, and production environments are different

Docker

How does Docker solve dependency compatibility issues?

• Package the application's Libs (function library), Deps (dependency), configuration and application together
• Run each application in an isolated container to avoid mutual interference

Different environments have different operating systems, how does Docker solve it? Let’s first understand the operating system structure

• Docker packages the user program with the system (such as Ubuntu) function library that needs to be called

• When Docker runs to different operating systems, it is directly based on the packaged library functions and runs with the help of the Linux kernel of the operating system

How does Docker solve the compatibility problems of complex dependencies of large-scale projects and dependencies of different components?

• Docker allows applications, dependencies, function libraries, and configurations to be packaged together during development to form a portable image
• Docker applications run in containers and use the sandbox mechanism to isolate them from each other

How does Docker solve the problem of differences in development, testing, and production environments

• The Docker image contains a complete operating environment, including system function libraries, and only depends on the Linux kernel of the system, so it can run on any Linux operating system

Docker and virtual machines

A virtual machine (virtual machine) simulates a hardware device in an operating system, and then runs another operating system, such as running an Ubuntu system in a Windows system, so that any Ubuntu application can be run.

characteristic	Docker	virtual machine
performance	close to native	poor performance
hard disk usage	Usually MB	Generally GB
start up	second level	minute level

Differences between Docker and virtual machines:

• docker is a system process; a virtual machine is an operating system within an operating system
• docker is small in size, fast in startup speed and good in performance; the virtual machine is large in size,
  slow in startup speed and average in performance

Images and Containers

Docker packages applications and their required dependencies, function libraries, environments, configurations, and other files together, called images.

Image : Docker packages applications and their required dependencies, function libraries, environments, configurations, and other files together, called images.
Container : The process formed after the application in the image runs is a container , but Docker will isolate the container and make it invisible to the outside world.

Docker and DockerHub

• DockerHub: DockerHub is a hosting platform for Docker images. Such a platform is called a Docker Registry.

• There are also public services similar to DockerHub in China, such as NetEase Cloud Mirror Service, Alibaba Cloud Mirror Library, etc.

docker architecture

Docker is a program of CS architecture, which consists of two parts:

• Server (server): Docker daemon process, responsible for processing Docker instructions, managing images, containers, etc.
• Client (client): Send instructions to the Docker server through commands or RestAPI. Commands can be sent to the server locally or remotely.

Install Docker

Enterprise deployments generally use the Linux operating system, and among them, the CentOS distribution accounts for the largest proportion, so we install Docker under CentOS.

1. uninstall

If you have installed an old version of Docker before, you can use the following command to uninstall it:

yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-selinux \
                  docker-engine-selinux \
                  docker-engine \
                  docker-ce

2. Install

Install the yum tool

yum install -y yum-utils \
           device-mapper-persistent-data \
           lvm2 --skip-broken

Update the local mirror source:

# 设置docker镜像源
yum-config-manager \
    --add-repo \
    https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    
sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo

yum makecache fast

Then enter the command:

yum install -y docker-ce

docker-ce is a free version for the community. Wait for a while, docker will be installed successfully.

3. start docker

Docker applications need to use various ports, and modify the firewall settings one by one. It is very troublesome, so it is recommended that you close the firewall directly!

# 关闭
systemctl stop firewalld
# 禁止开机启动防火墙
systemctl disable firewalld

Start docker by command:

systemctl start docker  # 启动docker服务

systemctl stop docker  # 停止docker服务

systemctl restart docker  # 重启docker服务

Then enter the command to view the docker version:

docker -v

4. Configuring Mirroring Acceleration

The network speed of docker's official mirror warehouse is poor, so we need to set up a domestic mirror service:

Refer to Alibaba Cloud's mirror acceleration document: https://cr.console.aliyun.com/cn-hangzhou/instances/mirrors

Basic operation of Docker

Mirror related commands

• The image name generally consists of two parts: [repository]:[tag].

• When no tag is specified, the default is latest, representing the latest version of the image

Container related commands

Create and run an Nginx container

Step 1: Go to the docker hub to view the Nginx container running command

docker run --name 容器名称 -p 80:80 -d nginx

Command Interpretation:

• docker run : create and run a container

• –name: Give the container a name, such as myNginx

• -p: Map the host port to the container port, the left side of the colon is the host port, and the right side is the container port

• -d: run the container in the background

What are the common parameters of the docker run command?

• –name: specify the container name
• -p: specify port mapping
• -d: Let the container run in the background

Command to view container logs:

• docker logs
  • Add the -f parameter to continuously view the log

View container status:

• docker ps

Enter the container to modify the content of the Nginx home page

Step 1: Enter the container. The command to enter the nginx container we just created is:

docker exec -it myNginx bash

Command Interpretation:

• docker exec: enter the container and execute a command

• it: Create a standard input and output terminal for the currently entered container, allowing us to interact with the container

• myNginx : the name of the container to enter

• bash: the command executed after entering the container, bash is a linux terminal interactive command

Step 2: Enter the directory where the HTML of nginx is located /usr/share/nginx/html

cd /usr/share/nginx/html

Step 3: Modify the content of index.html

sed -i 's#Welcome to nginx#你好这是标题#g' index.html
sed -i 's#<head>#<head><meta charset="utf-8">#g' index.html

View container status:

• docker ps

Add the -a parameter to view all status containers Delete containers:

• docker rm
• A running container cannot be deleted unless the -f parameter is added

into the container:

• the order isdocker exec -it [容器名][要执行的命令]
• The exec command can enter the container to modify the file, but it is not recommended to modify the file in the container

data volume

The problem of container and data coupling

• Not easy to modify
  When we want to modify the html content of Nginx, we need to enter the container to modify it, which is very inconvenient.

• Data cannot be reused.
  Modifications inside the container are not visible to the outside world. All modifications are not reusable for newly created containers.

• Difficult to upgrade and maintain.
  The data is in the container. If you want to upgrade the container, you must delete the old container, and all the data will be deleted.

A data volume (volume) is a virtual directory that points to a directory in the host file system.

Operation data volume

The basic syntax for data volume operations is as follows:

docker volume [COMMAND]

The docker volume command is a data volume operation, and the next step is determined according to the command following the command:

• createCreate
  a volume

• inspect
  displays information about one or more volumes

• ls
  lists all volumes

• prune
  removes unused volumes

• rm
  deletes one or more specified volumes

Create a data volume and view the directory location of the data volume on the host

1. Create data volume

   docker volume create html
   

2. view all data

   docker volume ls
   

3. View data volume details volume

   docker volume inspect html
   

   poweroff

mount data volume

When we create a container, we can use the -v parameter to mount a data volume to a container directory

docker run \
--name mn \
-v html:/root/html \
-p 8080:80
nginx \

• docker run :
  is to create and run the container
• – name mn:
  Give the container a name called mn
• -v html:/root/htm :
  Mount the html data volume to the /root/html directory in the container
• -p 8080:80:
  Map port 8080 of the host to port 80 in the container
• nginx:
  mirror name

If the volume does not exist when the container is created, it will be created automatically

You can also mount directories and files directly:

• -v [host directory]:[container directory]
• -v [host file]:[file in container]

Comparison of data volume mounting methods

1. In the command of docker run, the file or directory is mounted into the container through the -v parameter:
   • -v volume name: directory inside the container
   • -v host file: file in the container
   • -v host directory: container directory
2. Data volume mount and directory mount directly
   • The coupling degree of data volume mounting is low, and the directory is managed by docker, but the directory is deep and hard to find
   • The coupling degree of directory mounting is high, we need to manage the directory ourselves, but the directory is easy to find and view

Dockerfile custom image

mirror structure

Mirroring is a layered structure, each layer is called a Layer

• Baseimage layer: contains basic system function library, environment variables, file system
• Entrypoint: entry, which is the command to start the application in the image
• 
  Others: Add dependencies, install programs, and complete the installation and configuration of the entire application on the basis of Baseimage

What is a Dockerfile

Dockerfile is a text file, which contains instructions (Instructions) one by one, using instructions to explain what operations to perform to build the image. Each command forms a Layer.

instruction	illustrate	example
FROM	Specify the base image	FROM centos:6
ENV	Set environment variables, which can be used in subsequent instructions	ENV key value
COPY	Copy the local file to the specified directory of the mirror	COPY ./mysql-5.7.rpm /tmp
RUN	Execute the Linux shell command, generally the command of the installation process	RUN yum install gcc
EXPOSE	Specify the port that the container listens to when running, which is for the image user to see	EXPOSE 8080
ENTRYPOINT	The startup command applied in the image, called when the container is running	ENTRYPOINT java -jar xx.jar

To update the detailed syntax description, please refer to the official website documentation: Dockerfile reference | Docker Documentation

---

the case

Build a new image based on the Ubuntu image and run a java project

• Step 1: Create a new empty folder docker-demo

• Step 2: Copy the docker-demo.jar file to the docker-demo directory

• Step 3: Copy the jdk8.tar.gz file to the docker-demo directory

• Step 4: Copy the Dockerfile to the docker-demo directory

  # 指定基础镜像
  FROM ubuntu:16.04
  # 配置环境变量，JDK的安装目录
  ENV JAVA_DIR=/usr/local
  
  # 拷贝jdk和java项目的包
  COPY ./jdk8.tar.gz $JAVA_DIR/
  COPY ./docker-demo.jar /tmp/app.jar
  
  # 安装JDK
  RUN cd $JAVA_DIR \
   && tar -xf ./jdk8.tar.gz \
   && mv ./jdk1.8.0_144 ./java8
  
  # 配置环境变量
  ENV JAVA_HOME=$JAVA_DIR/java8
  ENV PATH=$PATH:$JAVA_HOME/bin
  
  # 暴露端口
  EXPOSE 8090
  # 入口，java项目的启动命令
  ENTRYPOINT java -jar /tmp/app.jar
  

• Step 5: Enter docker-demo

• Step 6: Run the command:

  docker build -t javaweb:1.0 . # .表示dockerfile所在目录
  

It can also be directly based on java:8-alpine, which directly integrates java8

1. The essence of Dockerfile is a file that describes the construction process of the image through instructions
2. The first line of the Dockerfile must be FROM to build from a base image
3. The base image can be a base operating system such as Ubuntu. It can also be an image made by others, for example: java:8-alpine

DockerCompose

What is Docker Compose

• Docker Compose can help us quickly deploy distributed applications based on Compose files without manually creating and running containers one by one!
• A Compose file is a text file that defines how each container in the cluster runs with instructions.

version: "3.8"

services:
  mysql:
    image: mysql:5.7.25
    environment:
      MYSQL_ROOT_PASSWORD: 123
    volumes:
      - /tmp/mysql/data:/var/lib/mysql
      - /tmp/mysql/conf/hmy.cnf:/etc/mysql/conf.d/hmy.cnf
  web:
    build: .
    ports:
      - 8090:8090

• DockerCompose detailed syntax reference official website: Overview | Docker Documentation

Deploy microservices

Deploy the previously learned cloud-demo microservice cluster using DockerCompose

The implementation idea is as follows:

The ip address of the corresponding service will be found through the service name between internal services of DockerCompose

Docker mirror warehouse

Common mirror warehouse services

Mirror warehouse (Docker Registry) has two forms: public and private:

• Public warehouses: For example, Docker’s official Docker Hub, and some domestic cloud service providers provide public services similar to Docker Hub, such as Netease Cloud Mirroring Service, DaoCloud Mirroring Service, Alibaba Cloud Mirroring Service, etc.
• In addition to using public warehouses, users can also build private Docker Registries locally. The enterprise's own image is best implemented using a private Docker Registry.

Building a mirror warehouse can be implemented based on the DockerRegistry officially provided by Docker.

Official website address: https://hub.docker.com/_/registry

Simplified version of mirror warehouse

Docker's official Docker Registry is a basic version of the Docker image warehouse, which has complete functions of warehouse management, but has no graphical interface.

The construction method is relatively simple, the command is as follows:

docker run -d \
    --restart=always \
    --name registry	\
    -p 5000:5000 \
    -v registry-data:/var/lib/registry \
    registry

The command mounts a data volume registry-data to the /var/lib/registry directory in the container, which is the directory where the private mirror library stores data.

Visit http://YourIp:5000/v2/_catalog to view the images contained in the current private image service

version with GUI

Use DockerCompose to deploy DockerRegistry with a graphical interface, the command is as follows:

version: '3.0'
services:
  registry:
    image: registry
    volumes:
      - ./registry-data:/var/lib/registry
  ui:
    image: joxit/docker-registry-ui:static
    ports:
      - 8080:80
    environment:
      - REGISTRY_TITLE=自定义的仓库名称
      - REGISTRY_URL=http://registry:5000
    depends_on:
      - registry

Configure Docker trust address

Our private server uses the http protocol, which is not trusted by Docker by default, so we need to make a configuration:

# 打开要修改的文件
vi /etc/docker/daemon.json
# 添加内容：
"insecure-registries":["http://192.168.150.101:8080"]
# 重加载
systemctl daemon-reload
# 重启docker
systemctl restart docker

Push or pull images from a private mirror repository

To push an image to a private image service, you must first tag it. The steps are as follows:

1. Re-tag the local mirror, the name prefix is ​​the address of the private warehouse: 192.168.150.101:8080/

   docker tag nginx:latest 192.168.150.101:8080/nginx:1.0
   

2. push image

   docker push 192.168.150.101:8080/nginx:1.0
   

3. pull image

   docker pull 192.168.150.101:8080/nginx:1.0
   

The server uses the http protocol, which is not trusted by Docker by default, so a configuration is required:

# 打开要修改的文件
vi /etc/docker/daemon.json
# 添加内容：
"insecure-registries":["http://192.168.150.101:8080"]
# 重加载
systemctl daemon-reload
# 重启docker
systemctl restart docker

Push or pull images from a private mirror repository

To push an image to a private image service, you must first tag it. The steps are as follows:

1. Re-tag the local mirror, the name prefix is ​​the address of the private warehouse: 192.168.150.101:8080/

   docker tag nginx:latest 192.168.150.101:8080/nginx:1.0
   

2. push image

   docker push 192.168.150.101:8080/nginx:1.0
   

3. pull image

   docker pull 192.168.150.101:8080/nginx:1.0