Table of contents
Two, the composition of Docker
3. The difference between Docker container and virtual machine
Fourth, the core concept of Docker
6. Docker image management commands
7. Summary of mirror management commands
1. Introduction to Docker
Docker is implemented based on the Linux kernel. Docker first adopted LXC technology. LXC is a container technology natively supported by Linux and can provide lightweight virtualization. Based on the development of LXC, Docker provides advanced packaging of LXC and standard configuration methods. On the basis of LXC, Docker provides a series of more powerful functions. And virtualization technology, such as KVM, is implemented based on modules. Later, Docker changed to its own developed and open source runc technology to run containers.
Compared with virtual machines, Docker has faster delivery speed and lower resource consumption. Docker adopts client/server architecture and uses remote API to manage and create containers. It can easily create a lightweight, portable, self-sufficient Self-sufficient container. The three concepts of Docker are build, ship, and run. Docker provides container resource isolation and security through namespace and cgroup, so Docker containers do not require additional resource overhead similar to virtual machines when they are running, so Resource utilization can be greatly improved.
Two, the composition of Docker
Docker host (host): a physical machine or a virtual machine, used to run the Docker service process or container
Docker server (server): the Docker daemon, running the docker container
Docker client (client): the client uses Docker commands or other tools Call the docker API
Docker warehouse (registry): a warehouse for storing mirror images, similar to version control systems such as git or SVN
Docker container (container): a container is a service or a group of services that are generated from mirror images and provide external services
3. The difference between Docker container and virtual machine
The container runs natively on Linux and shares the host's kernel with other containers. It runs an independent process and does not occupy the memory of any other executable files. It is very lightweight.
The virtual machine runs a complete operating system, each virtual machine uses an independent kernel, and performs virtual access to host resources through a virtual machine management program, which requires more resources in comparison.
| use type | Function | KVM virtual machine | Docker container | Boosting of Docker Containers |
| CPU utilization | Low and uneven utilization | High utilization rate and uniform | Improved CPU utilization | |
| Hard Disk Space Occupation | 20G ~ 200G | 150M ~ 300M | Greatly reduces the occupation of hard disk space and avoids space waste | |
| memory usage | Share 2G ~ 32G memory | memory usage by service | Avoid out of memory problems | |
| Number of servers supported | about 20 | 1000+ | cut costs | |
| startup speed | Measured in minutes, it is slow, mainly because the operating system startup is time-consuming | Measured in seconds, its startup speed is the time to start a process | If you encounter problems, you can quickly restart or roll back | |
| project extension | Expansion project | Need to redeploy the virtual machine, the process is complicated | Expansion through the cloud platform is more convenient | Easy and fast expansion |
| New online project | Development, testing, and production environments are difficult to synchronize and prone to problems | Ability to achieve unified standards for all environments, no longer dependent on operating systems and software libraries | Efficiency increased significantly |
| characteristic | Docker container | virtual machine |
| Kernel usage | shared kernel | independent kernel |
| startup speed | Second level (equivalent to starting a process) | Minute level (starting the operating system) |
| Computing Power Loss | almost none | About 50% loss |
| performance | close to native | weaker than |
| System support (stand-alone) | Thousands | tens of |
| isolation | Resource isolation/limitation | Completely isolated (because it is a separate operating system) |
| operating system | Mainly supports Linux | Almost everything (KVM) |
| Encapsulation degree | Only package the project code and dependencies, share the host kernel | Complete operating system, isolated from the host |
- Docker is equivalent to a process of the host machine, so the loss is minimal
- Between the virtual machine and the operating system is the hypervisor, the virtualization management program, which virtualizes various hardware resources, and there will be resource loss in the middle
Fourth, the core concept of Docker
1) mirror image
- Docker images are the basis for creating containers , similar to virtual machine snapshots, and can be understood as a read-only template for the Docker container engine.
- Start a container with an image, an executable package that includes everything needed to run an application including code, runtime, libraries, environment variables, and configuration files.
2) container
- A Docker container is a running instance created from an image , which can be started, stopped, and deleted. Each container created is isolated and invisible to each other to ensure the security of the platform.
- The container can be regarded as a simple version of the Linux environment (including root user rights, mirror space, user space and network space, etc.) and the applications running in it.
3) Warehouse
- The Docker warehouse is used to centrally store images . After creating your own image, you can use the push command to upload it to a public warehouse (Public) or a private warehouse (Private). The next time you want to use this image on another machine, just get it from the repository.
- Docker images, containers, logs, etc. are all stored in the /var/lib/docker directory by default.
5. Install Docker
1. yum install Docker
Turn off firewall and selinux
Install dependencies
yum install -y yum-utils device-mapper-persistent-data lvm2
Set Alibaba Cloud mirror source
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repoInstall Docker-CE and set it to start automatically at boot
yum install -y docker-ce
systemctl start docker.service
systemctl enable docker.service2. View docker information
View docker version information
docker information view
6. Docker image management commands
search mirror
格式:docker search 关键字(镜像名称或仓库名)
docker search nginx #搜索nginx的镜像
docker search clearlinux #搜索指定仓库clearlinux中的镜像
Get Mirror (Download Mirror)
格式:docker pull 镜像名称[:标签]
#如果下载镜像时不指定标签,则默认会下载仓库中最新版本的镜像,即选择标签为 latest 的镜像。
docker pull nginx #下载nginx镜像
Check what mirrors exist locally
#查看下载到本地的所有镜像
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 3964ce7b8458 32 hours ago 142MB
------------------------------------------------------------------------------------
#注释:
REPOSITORY:镜像属于的仓库;
TAG:镜像的标签信息,标记同一个仓库中的不同镜像;
IMAGE ID:镜像的唯一ID 号,唯一标识一个镜像;
CREATED:镜像创建时间;
VIRTUAL SIZE:镜像大小;
------------------------------------------------------------------------------------
#镜像下载后存放在 /var/lib/docker
#查看下载的镜像文件信息
cat /var/lib/docker/image/overlay2/repositories.json
View image details (get container/image metadata)
格式:docker inspect 镜像ID号/容器ID #根据镜像的唯一标识 ID 号,获取镜像详细信息
docker inspect 3964ce7b8458
Add a new label to the local mirror
After adding tags, the ID number of the image will not change
格式:docker tag 名称:[标签] [仓库名/]名称:[新标签]
示例:
docker tag nginx:latest nginx:web #为nginx镜像添加web标签
docker tag nginx:latest 仓库名/nginx:web #为镜像添加库标识,方便上传到官方仓库,因为上传镜像时必须指定仓库
docker images | grep nginx
delete mirror
If the image has been used by the container, the correct way is to delete all containers that depend on the image before deleting the image
格式:
docker rmi 镜像名:标签 #删除指定标签
docker rmi 镜像ID -f #删除指定镜像
docker rmi nginx:web #删除nginx镜像的web标签
docker rmi ac826143758d #删除镜像,该镜像只有单个标签的情况下
docker rmi 55f4b40fe486 -f #删除镜像,镜像有多个标签时需要加-f
Save image: save the image as a local file
Saving the image as a local file is actually packaging the image into a tar package
格式:docker save -o 存储文件名 存储的镜像
docker save -o mynginx.tar nginx:latest #打包镜像命名为mynginx.tar存在当前目录下
ls -lh
Load image: Import the image file into the image library
格式:
docker load < 存出的文件
或者
docker load -i 存出的文件
#主机A通过scp命令将打包好镜像文件传给主机B,主机B将镜像文件导入到docker本地
scp ~/mynginx.tar 192.168.80.3:/root/
#主机B将镜像文件导入到镜像库中
docker load < mynginx.tar 或者 docker load -i mynginx.tar
Upload image (upload the image to the official warehouse)
By default, it is uploaded to the official public warehouse of docker hub, and an account needs to be registered to use the public warehouse
docker tag nginx:latest ttusuzuka/nginx #添加新的标签,在镜像名称前加上仓库名,ttsuzuka为仓库名称
docker login #登录公共仓库
Username: #账号
password: #密码
docker push ttsuzuka/nginx #上传镜像
docker search ttsuzuka #搜索ttsuzuka仓库中的镜像
docker pull ttsuzuka/nginx #下载ttsuzuka仓库中的镜像
7. Summary of mirror management commands
| Order | effect |
| docker search <warehouse/image name> | search mirror |
| docker pull <warehouse/image name> | download mirror |
| docker images | View all local mirrors |
| docker images -q | Only display the ID numbers of all local mirrors |
| docker inspect <image ID/container ID> | View image details (get image/container metadata) |
| docker tag name: [tag] [warehouse name/] name: [new tag] | Add a new label to the local mirror |
| docker rmi <mirror name:label> | Remove a tag from an image |
| docker rmi <image ID> -f | Delete specified image |
| docker rmi $(docker images -q) | Delete all local mirrors |
| docker save -o image file.tar image name: label | Save image: save the image as a local file |
| docker load -i[or<] image file | Load image: Import the image file into the image library |
| docker login | Log in to the public warehouse docker hub |
| docker push warehouse name/mirror name: label | Upload image (upload the image to the official warehouse) |
| docker logout | Log out of docker hub |