The Perfect Companion of Microservice Architecture: In-depth Analysis of Engineering Docker Practice

I. Introduction

With the development of cloud computing and big data, software systems are becoming more and more complex and large, and the traditional monolithic architecture has been difficult to meet business needs and technical challenges. This has also prompted the change and evolution of the software system architecture from the monolithic architecture to the SOA architecture to the microservice architecture. At this stage, in order to improve the flexibility, scalability, reliability and user experience of the system, more and more enterprises and developers have adopted a large number of microservice architectures, splitting a large application into multiple small, Autonomous services, each service can be deployed, upgraded and scaled independently.

However, the microservice architecture also brings some new problems and challenges. How to quickly develop, test, deploy and operate multiple services? How to ensure coordination and communication between services? How to ensure the performance and security of the service? How to manage dependencies between services? How to monitor and debug the service?

In order to solve these problems and challenges, we need a tool or platform that allows us to create, run and manage multiple services more conveniently. This is the role of Docker and K8S. Docker is an open source application container engine that allows developers to package their applications and dependencies into a lightweight, portable container, and then publish it to any popular Linux machine, and can also implement virtualization. Docker can improve development efficiency and predictability, simplify deployment and operation and maintenance, and improve system performance and security.

This article will introduce how to use Docker under the microservice architecture to realize engineering development, testing, deployment and operation and maintenance of multiple services.

2. Docker concept and principle

Docker is an open source engine that makes it easy to create a lightweight, portable, self-sufficient container for any application. Containers compiled and tested by developers on laptops can be deployed in batches in production environments, including VMs (virtual machines), bare metal, OpenStack clusters, and other basic application platforms.

1. Docker core concept

• Image: An image is a read-only template that contains all the files required by an application and its dependent environment. Images can be built with a Dockerfile, or downloaded from Docker Hub or other repositories. Images can be reused and shared, and can also be layered and cached to improve efficiency and save space.
• Container: A container is a runtime instance that is a readable and writable copy of an image. Containers can be created through images, or configured through commands or files. Containers can be started, stopped, deleted, paused, resumed, etc. Containers can communicate and share data through networks or data volumes.
• Repository: A repository is a place to store and distribute images, which can be public or private. A warehouse can consist of multiple tags (Tag), which is a version or alias of an image. Warehouses can pull or push images from Docker Hub or other registries.
• Network: A network is a way of connecting containers or between containers and external networks. Docker supports multiple network modes, such as Bridge, Host, None, Overlay, etc. Docker also supports custom networking and network plugins to meet different needs and scenarios.
• Data volume (Volume): A data volume is a way to share data between containers or between a container and a host. Data volumes can be mounted to containers when they are created or run, and can also be referenced or copied by other containers. Data volumes can ensure data persistence and consistency, and can also improve data access speed.
• Service (Service): A service is a way to abstract a logical unit among multiple containers. Services can define properties such as the number, scale, update strategy, and load balancing of containers. Services can be orchestrated and managed through tools such as Docker Compose or Docker Swarm.

2. Docker application scenarios

• Automatic packaging and publishing of web applications;
• Automated testing and continuous integration, release;
• Deploy and tune database or other backend applications in a service environment;
• Compile from scratch or extend the existing OpenShift or Cloud Foundry platform to build your own PaaS environment.

3. The main advantages of Docker

• Lightweight: Docker containers do not need to run a complete operating system, but only need to share the host's kernel, thus saving resources and improving performance.
• Portability: Docker containers can run on any Linux machine that supports Docker, whether it is a physical machine, a virtual machine, a cloud service or other platforms, and can guarantee a consistent operating environment.
• Isolation: Docker containers are isolated from each other. Each container has its own file system, network, process space, etc., and will not interfere with each other.
• Scalability: Docker containers can be quickly created, destroyed, started, stopped, migrated and expanded according to business needs and load conditions.
• Manageability: Docker containers can implement unified management, monitoring, logging, security and other functions for containers through some tools and platforms.

3. Docker installation and configuration

There are many installation options for Docker. We recommend that you install it under Ubuntu, because docker is developed under Ubuntu, and the installation package is fully tested to ensure the availability of the package. Mac, windows and some other linux distributions cannot natively run Docker, you can use virtual software to create an ubuntu virtual machine and run docker inside.

The following is the installation manual for the Docker Chinese Community Station:

https://www.docker.org.cn/book/install/install-docker-under-ubuntu-precise-20.html

4. Basic operation of Docker

The following are the basic operations of Docker:

1. Check the Docker version:

docker --version

1. Pull the image:

docker pull image_name[:tag]

1. List local mirrors:

docker images

1. Run the container:

docker run [options] image_name[:tag] [command]

1. Display a list of containers:

#正在运行的容器
docker ps
#列出所有容器（包括已停止的）
docker ps -a

1. Stop the container:

docker stop container_id/container_name

1. Start a stopped container:

docker start container_id/container_name

1. Delete container:

docker rm container_id/container_name

1. View container logs:

docker logs container_id/container_name

1. Enter the terminal inside the container:

docker exec -it container_id/container_name bash

5. Docker network management

Docker's network management is very important, which allows containers to communicate with each other and interact with external networks. Docker provides several network modes, and you can choose different network configurations according to your needs. The following is Docker's network management related content:

1. Bridge Network: By default, Docker containers use bridge network mode. In a bridged network, the Docker daemon creates a virtual bridge called "docker0" to which each container is connected and assigned an IP address. Containers can communicate directly through IP addresses. If no network is specified, Docker will automatically connect the container to the default bridged network.
2. Host Network: In the host network mode, the container and the host share the network stack, that is, the container and the host use the same network interface and IP address. In this way, the network performance of the container is higher, but it lacks isolation. The port of the container is consistent with the port of the host, so port conflicts may occur.
3. Container Network: The container network allows multiple containers to share the same network stack, so that these containers can communicate directly through localhost. This network mode is suitable for application scenarios that require a shared network namespace.

6. Docker data management

Docker's data management is very important, it involves operations such as persistence, backup and recovery of data inside the container. Docker provides several ways to manage data inside containers to ensure data security and persistence. The following is the data management related content of Docker:

1. Data volume (Volume): Data volume is one of the most commonly used data management methods in Docker, which allows mapping directories or files on the host to a specified path in the container. In this way, the data in the container can be persistently saved on the host machine, even if the container is deleted or restarted, the data will not be lost. Create a data volume and mount it in the container:

docker volume create my_data_volume
docker run -d --name my_container -v my_data_volume:/path/to/container/data image_name

1. Bind mount (Bind Mount): Bind mount is to directly mount the directory or file on the host to the specified path in the container. Unlike the data volume, the bind mount has no additional management functions, but it is more Flexible, you can directly use the files on the host machine. Run a container and use bind mounts:

7. Docker service orchestration

Docker's service orchestration refers to managing the deployment and operation of multiple Docker containers through a series of defined configurations to achieve high availability, elastic scaling, and load balancing of applications. Docker provides a variety of tools and mechanisms for service orchestration, the most commonly used of which are Docker Compose and Docker Swarm.

1. Docker Compose: Docker Compose is a tool officially provided by Docker for defining and managing multiple containers. By writing a YAML file, you can define multiple services, networks, volumes, etc. to describe the structure and configuration of the entire application. Docker Compose can help you quickly create and manage complex multi-container applications, and start, stop, and view container logs through a single command.
2. Docker Swarm: Docker Swarm is Docker's built-in native container orchestration and cluster management tool. It allows multiple Docker hosts to form a Swarm cluster, enabling containers to be deployed and run across multiple hosts. Docker Swarm provides functions such as high availability, load balancing, and container elastic scaling. It can organize multiple containers into a unified service and automatically expand or shrink as needed.

Eight, the status quo and comparison of containers

At present, container technology is widely used in the field of cloud computing and application development, and there are several main container technologies, such as Docker, Podman, Containerd, etc.

The following is a comparison of Github data for several projects

The reason why the source code warehouse of the Docker project is  https://github.com/moby/moby is because the product name of the Docker company was Docker in the past, so the source code warehouse of the project is also called Docker. However, later the Docker company handed over its core technology to the open source community. During this process, because the name Docker was registered as a trademark, it can no longer be used as the name of an open source project.
To avoid trademark conflicts, the Docker project migrated its source code repository to GitHub in 2017 and changed the repository name to "moby". The name was inspired by Herman Melville's novel "Moby-Dick", in which the white whale "Moby Dick" is known for its size and complexity. The name also symbolizes the openness, complexity and diversity of the Docker project.

1、Docker

• Status: Docker is the earliest and most popular container technology with huge user and community support. It provides an easy-to-use command-line tool and a graphical interface, making the creation, management and deployment of containers very simple.
• Advantages: Docker provides a complete ecosystem, with a large number of image warehouses (such as Docker Hub) for users to share and download public images. It is cross-platform and supports running containers on a variety of operating systems.
• Disadvantages: The design of Docker Daemon is relatively large and sometimes takes up more system resources. Additionally, Docker uses root privileges to run containers, which can lead to security issues.

2、Podman

• Status: Podman is a container technology similar to Docker. It does not require a background daemon (Docker Daemon), so it is more lightweight and can avoid some Docker security issues. It is compatible with Docker CLI and can be used directly instead of Docker.
• Pros: Podman provides the same user experience as Docker, but with better security and resource consumption. It can run on different container runtimes such as containerd or runc for greater flexibility.
• Disadvantages: Compared with Docker, Podman's ecosystem is not rich enough. Although Docker Hub images can be used, compatibility issues may be encountered in some specific scenarios.

3、Containerd

• Status: Containerd is a production-ready container runtime and one of the core components of Docker. It provides the basic functionality of containers, but often needs to be combined with other tools such as Docker or Kubernetes.
• Pros: Containerd was designed with stability and performance in mind, making it suitable for large-scale production environments. It supports the OCI (Open Container Initiative) standard and is compatible with multiple container management tools.
• Disadvantages: Containerd only provides the most basic container runtime functions, and lacks a user interface for directly manipulating containers. It usually needs to be used in conjunction with other tools and is not suitable for daily use by developers.

Docker is the most popular and mature container technology with a rich ecosystem and user base. Podman provides a more lightweight and secure alternative, especially when it is necessary to avoid Docker security issues or in scenarios where Docker Daemon is not required. Containerd is a production-oriented container runtime, which is more suitable for integration with other tools at the bottom layer. Choosing the right container technology depends on specific usage scenarios and needs.

---

If the article is helpful to you, welcome to pay attention + like it! ! !