Docker
How is docker different from ordinary virtual machines?
We know that the general linux system, namely the GNU/Linux system, consists of two parts,linux system kernel+A large number of free software provided by GNU, and centos is one of many GNU/Linux systems.
The virtual machine virtualizes a complete operating system on the host machine and is completely isolated from the host machine. It is a heavyweight system, and doker uses the namespace and other features of the linux systemUse the host's kernel+ Its own GNU shell virtualizes a lightweight linux system, which can also achieve isolation from the host machine. Therefore, we use the operating system pulled by docker, such as centos, to pull only the GNU shell and not the linux kernel, so the volume is very small.
layered mirroring
One of the great benefits of image layering is sharing resources. For example, if multiple images come from the same base image, then a base image needs to be stored in the docker host value. Only one host needs to be loaded in the memory to serve multiple containers. Even if multiple containers share a base image, when a container modifies the base image, such as modifying the configuration file under /etc/, other containers will not be affected. This is the copy-on-write mechanism of the container .
When the container starts, aThe new writable layer container layer is loaded on top of the island image,, all modifications to the container will only occur at the container layer , only the container layer is writable, and the rest of the image layers are read-only.
| file operation | illustrate |
|---|---|
| add files | When a file is created in a container, the new file is added to the container layer |
| read file | When reading a file in the container, Docker will search for the file in each image from top to bottom, and once found, copy it to the container layer immediately |
| modify file | When modifying an existing file in the container, Docker will search for the file in each image layer from top to bottom, and once found, it will copy it to the container layer and then modify it. |
| Delete Files | When deleting a file in the container, Docker also searches for the file in the image layer from top to bottom. After finding it, it will be in the container layerlog this action |
basic concept
- image: The image file packaged by the container
- container: container running instance
- docker registry: the remote repository for image submission
- xxx.tar: the local file exported by the mirror
- dockerfile: build image command line file (similar to shell script)
life cycle
basic operation
dockerfile
main component:
- Basic image information FROM centos
- Make a mirror operation command RUN yum install openssh-server -y
- Execute the command CMD /bin/bash when the container starts
Basic command:
- FROM base image
- MAINTAINER maintainer information
- RUN command to execute when building the container
- ADD copies the file from the host to the container, and it will be automatically decompressed
- COPY has the same function as ADD, without automatic decompression
- WORKDIR sets the current working directory of the shell window
- VOLUME mounts some file directories of the container on the directory location of the host (ensure that the files in this directory are stored on the host instead of the container)
- EXPOSE The port exposed to the outside world
- What to do after the CMD container starts
- ENTRYPOINT is similar to CMD, but unlike CMD, the parameters behind the docker run container can be appended to ENTRPOINT, and if CMD is used, it will completely cover CMD. Therefore, ENTRYPOINT is generally used to set fixed commands, and in Add variable parameters to the docker run command
container
use
docker run ${image}
To run the container, the container is in the foreground running state, but if nothing is done in the container, it will automatically exit.
like:
daitian@DaiT-Home:~$ docker run centos
daitian@DaiT-Home:~$ docker ps -a | grep centos
b62dde459b45 centos "/bin/bash" 4 minutes ago Exited (0) 4 minutes ago objective_darwin
14193bbb3f25 centos "/bin/bash" 7 hours ago Exited (127) 7 hours ago friendly_euler
It can be seen that the container exited directly.
But like nginx, it will directly run the service in the foreground
daitian@DaiT-Home:~$ docker run nginx
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/05/14 10:53:00 [notice] 1#1: using the "epoll" event method
2023/05/14 10:53:00 [notice] 1#1: nginx/1.23.4
2023/05/14 10:53:00 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
2023/05/14 10:53:00 [notice] 1#1: OS: Linux 5.15.79.1-microsoft-standard-WSL2
2023/05/14 10:53:00 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2023/05/14 10:53:00 [notice] 1#1: start worker processes
2023/05/14 10:53:00 [notice] 1#1: start worker process 29
2023/05/14 10:53:00 [notice] 1#1: start worker process 30
2023/05/14 10:53:00 [notice] 1#1: start worker process 31
2023/05/14 10:53:00 [notice] 1#1: start worker process 32
2023/05/14 10:53:00 [notice] 1#1: start worker process 33
2023/05/14 10:53:00 [notice] 1#1: start worker process 34
2023/05/14 10:53:00 [notice] 1#1: start worker process 35
2023/05/14 10:53:00 [notice] 1#1: start worker process 36
2023/05/14 10:53:00 [notice] 1#1: start worker process 37
2023/05/14 10:53:00 [notice] 1#1: start worker process 38
2023/05/14 10:53:00 [notice] 1#1: start worker process 39
2023/05/14 10:53:00 [notice] 1#1: start worker process 40
2023/05/14 10:53:00 [notice] 1#1: start worker process 41
2023/05/14 10:53:00 [notice] 1#1: start worker process 42
2023/05/14 10:53:00 [notice] 1#1: start worker process 43
2023/05/14 10:53:00 [notice] 1#1: start worker process 44
2023/05/14 10:53:00 [notice] 1#1: start worker process 45
2023/05/14 10:53:00 [notice] 1#1: start worker process 46
2023/05/14 10:53:00 [notice] 1#1: start worker process 47
2023/05/14 10:53:00 [notice] 1#1: start worker process 48
Use exec to enter a running container
docker exec ${容器名称} command(ex:bash)
tips:直接用root用户进入容器
docker exec -ti --user root {
容器名} /bin/bash
K8s
In the era of containerization, large-scale deployment of containers makes it difficult to maintain, so k8s appears
- Container-based application release management, update, upgrade, downgrade
- load balancing, service discovery
- Cross-machine, cross-region network mode
- Automatic scaling function
- For running components of stateless services such as nginx, running components of stateful services such as mysql
- Support rich plug-ins
Reference Video: Add Link Description